npm - @robelest/convex-auth - Versions diffs - 0.0.4-preview.2 → 0.0.4-preview.21 - Mend

@robelest/convex-auth 0.0.4-preview.2 → 0.0.4-preview.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (798) hide show

package/README.md +67 -26
package/dist/authorization/index.d.ts +63 -0
package/dist/authorization/index.d.ts.map +1 -0
package/dist/authorization/index.js +63 -0
package/dist/authorization/index.js.map +1 -0
package/dist/bin.js +6185 -0
package/dist/client/core/types.d.ts +20 -0
package/dist/client/core/types.d.ts.map +1 -0
package/dist/client/index.d.ts +2 -299
package/dist/client/index.d.ts.map +1 -1
package/dist/client/index.js +407 -534
package/dist/client/index.js.map +1 -1
package/dist/component/_generated/api.d.ts +42 -0
package/dist/component/_generated/api.d.ts.map +1 -1
package/dist/component/_generated/api.js.map +1 -1
package/dist/component/_generated/component.d.ts +2546 -90
package/dist/component/_generated/component.d.ts.map +1 -1
package/dist/component/client/core/types.d.ts +2 -0
package/dist/component/client/index.d.ts +2 -0
package/dist/component/convex.config.d.ts +2 -2
package/dist/component/functions.d.ts +11 -9
package/dist/component/functions.d.ts.map +1 -1
package/dist/component/functions.js.map +1 -1
package/dist/component/index.d.ts +7 -11
package/dist/component/index.js +2 -3
package/dist/component/model.d.ts +153 -0
package/dist/component/model.d.ts.map +1 -0
package/dist/component/model.js +349 -0
package/dist/component/model.js.map +1 -0
package/dist/component/providers/anonymous.d.ts +54 -0
package/dist/component/providers/anonymous.d.ts.map +1 -0
package/dist/component/providers/credentials.d.ts +5 -5
package/dist/component/providers/credentials.d.ts.map +1 -1
package/dist/component/providers/device.d.ts +67 -0
package/dist/component/providers/device.d.ts.map +1 -0
package/dist/component/providers/email.d.ts +62 -0
package/dist/component/providers/email.d.ts.map +1 -0
package/dist/component/providers/oauth.d.ts.map +1 -1
package/dist/component/providers/oauth.js.map +1 -1
package/dist/component/providers/passkey.d.ts +57 -0
package/dist/component/providers/passkey.d.ts.map +1 -0
package/dist/component/providers/password.d.ts +88 -0
package/dist/component/providers/password.d.ts.map +1 -0
package/dist/component/providers/phone.d.ts +48 -0
package/dist/component/providers/phone.d.ts.map +1 -0
package/dist/component/providers/sso.d.ts +50 -0
package/dist/component/providers/sso.d.ts.map +1 -0
package/dist/component/providers/totp.d.ts +45 -0
package/dist/component/providers/totp.d.ts.map +1 -0
package/dist/component/public/enterprise/audit.d.ts +73 -0
package/dist/component/public/enterprise/audit.d.ts.map +1 -0
package/dist/component/public/enterprise/audit.js +108 -0
package/dist/component/public/enterprise/audit.js.map +1 -0
package/dist/component/public/enterprise/core.d.ts +176 -0
package/dist/component/public/enterprise/core.d.ts.map +1 -0
package/dist/component/public/enterprise/core.js +292 -0
package/dist/component/public/enterprise/core.js.map +1 -0
package/dist/component/public/enterprise/domains.d.ts +174 -0
package/dist/component/public/enterprise/domains.d.ts.map +1 -0
package/dist/component/public/enterprise/domains.js +271 -0
package/dist/component/public/enterprise/domains.js.map +1 -0
package/dist/component/public/enterprise/scim.d.ts +245 -0
package/dist/component/public/enterprise/scim.d.ts.map +1 -0
package/dist/component/public/enterprise/scim.js +344 -0
package/dist/component/public/enterprise/scim.js.map +1 -0
package/dist/component/public/enterprise/secrets.d.ts +78 -0
package/dist/component/public/enterprise/secrets.d.ts.map +1 -0
package/dist/component/public/enterprise/secrets.js +118 -0
package/dist/component/public/enterprise/secrets.js.map +1 -0
package/dist/component/public/enterprise/webhooks.d.ts +211 -0
package/dist/component/public/enterprise/webhooks.d.ts.map +1 -0
package/dist/component/public/enterprise/webhooks.js +300 -0
package/dist/component/public/enterprise/webhooks.js.map +1 -0
package/dist/component/public/factors/devices.d.ts +157 -0
package/dist/component/public/factors/devices.d.ts.map +1 -0
package/dist/component/public/factors/devices.js +216 -0
package/dist/component/public/factors/devices.js.map +1 -0
package/dist/component/public/factors/passkeys.d.ts +175 -0
package/dist/component/public/factors/passkeys.d.ts.map +1 -0
package/dist/component/public/factors/passkeys.js +238 -0
package/dist/component/public/factors/passkeys.js.map +1 -0
package/dist/component/public/factors/totp.d.ts +189 -0
package/dist/component/public/factors/totp.d.ts.map +1 -0
package/dist/component/public/factors/totp.js +254 -0
package/dist/component/public/factors/totp.js.map +1 -0
package/dist/component/public/groups/core.d.ts +137 -0
package/dist/component/public/groups/core.d.ts.map +1 -0
package/dist/component/public/groups/core.js +321 -0
package/dist/component/public/groups/core.js.map +1 -0
package/dist/component/public/groups/invites.d.ts +217 -0
package/dist/component/public/groups/invites.d.ts.map +1 -0
package/dist/component/public/groups/invites.js +457 -0
package/dist/component/public/groups/invites.js.map +1 -0
package/dist/component/public/groups/members.d.ts +204 -0
package/dist/component/public/groups/members.d.ts.map +1 -0
package/dist/component/public/groups/members.js +355 -0
package/dist/component/public/groups/members.js.map +1 -0
package/dist/component/public/identity/accounts.d.ts +147 -0
package/dist/component/public/identity/accounts.d.ts.map +1 -0
package/dist/component/public/identity/accounts.js +200 -0
package/dist/component/public/identity/accounts.js.map +1 -0
package/dist/component/public/identity/codes.d.ts +104 -0
package/dist/component/public/identity/codes.d.ts.map +1 -0
package/dist/component/public/identity/codes.js +140 -0
package/dist/component/public/identity/codes.js.map +1 -0
package/dist/component/public/identity/sessions.d.ts +128 -0
package/dist/component/public/identity/sessions.d.ts.map +1 -0
package/dist/component/public/identity/sessions.js +192 -0
package/dist/component/public/identity/sessions.js.map +1 -0
package/dist/component/public/identity/tokens.d.ts +169 -0
package/dist/component/public/identity/tokens.d.ts.map +1 -0
package/dist/component/public/identity/tokens.js +227 -0
package/dist/component/public/identity/tokens.js.map +1 -0
package/dist/component/public/identity/users.d.ts +212 -0
package/dist/component/public/identity/users.d.ts.map +1 -0
package/dist/component/public/identity/users.js +311 -0
package/dist/component/public/identity/users.js.map +1 -0
package/dist/component/public/identity/verifiers.d.ts +116 -0
package/dist/component/public/identity/verifiers.d.ts.map +1 -0
package/dist/component/public/identity/verifiers.js +154 -0
package/dist/component/public/identity/verifiers.js.map +1 -0
package/dist/component/public/security/keys.d.ts +209 -0
package/dist/component/public/security/keys.d.ts.map +1 -0
package/dist/component/public/security/keys.js +319 -0
package/dist/component/public/security/keys.js.map +1 -0
package/dist/component/public/security/limits.d.ts +114 -0
package/dist/component/public/security/limits.d.ts.map +1 -0
package/dist/component/public/security/limits.js +169 -0
package/dist/component/public/security/limits.js.map +1 -0
package/dist/component/public.d.ts +24 -271
package/dist/component/public.d.ts.map +1 -1
package/dist/component/public.js +21 -1229
package/dist/component/schema.d.ts +473 -110
package/dist/component/schema.js +162 -73
package/dist/component/schema.js.map +1 -1
package/dist/component/server/auth.d.ts +318 -373
package/dist/component/server/auth.d.ts.map +1 -1
package/dist/component/server/auth.js +204 -123
package/dist/component/server/auth.js.map +1 -1
package/dist/component/server/authError.js +34 -0
package/dist/component/server/authError.js.map +1 -0
package/dist/component/server/{providers.js → config.js} +43 -12
package/dist/component/server/config.js.map +1 -0
package/dist/component/server/cookies.js +3 -0
package/dist/component/server/cookies.js.map +1 -1
package/dist/component/server/core.js +713 -0
package/dist/component/server/core.js.map +1 -0
package/dist/component/server/crypto.js +38 -0
package/dist/component/server/crypto.js.map +1 -0
package/dist/component/server/{implementation/db.js → db.js} +2 -1
package/dist/component/server/db.js.map +1 -0
package/dist/component/server/device.js +109 -0
package/dist/component/server/device.js.map +1 -0
package/dist/component/server/enterprise/config.js +46 -0
package/dist/component/server/enterprise/config.js.map +1 -0
package/dist/component/server/enterprise/domain.js +885 -0
package/dist/component/server/enterprise/domain.js.map +1 -0
package/dist/component/server/enterprise/http.js +766 -0
package/dist/component/server/enterprise/http.js.map +1 -0
package/dist/component/server/enterprise/oidc.js +248 -0
package/dist/component/server/enterprise/oidc.js.map +1 -0
package/dist/component/server/enterprise/policy.js +85 -0
package/dist/component/server/enterprise/policy.js.map +1 -0
package/dist/component/server/enterprise/saml.js +338 -0
package/dist/component/server/enterprise/saml.js.map +1 -0
package/dist/component/server/enterprise/scim.js +97 -0
package/dist/component/server/enterprise/scim.js.map +1 -0
package/dist/component/server/enterprise/shared.js +51 -0
package/dist/component/server/enterprise/shared.js.map +1 -0
package/dist/component/server/errors.d.ts +1 -0
package/dist/component/server/errors.js +24 -16
package/dist/component/server/errors.js.map +1 -1
package/dist/component/server/http.js +288 -0
package/dist/component/server/http.js.map +1 -0
package/dist/component/server/identity.js +13 -0
package/dist/component/server/identity.js.map +1 -0
package/dist/{server/implementation → component/server}/keys.js +9 -31
package/dist/component/server/keys.js.map +1 -0
package/dist/component/server/limits.js +61 -0
package/dist/component/server/limits.js.map +1 -0
package/dist/component/server/mutations/account.js +44 -0
package/dist/component/server/mutations/account.js.map +1 -0
package/dist/component/server/{implementation/mutations → mutations}/code.js +7 -4
package/dist/component/server/mutations/code.js.map +1 -0
package/dist/component/server/mutations/invalidate.js +32 -0
package/dist/component/server/mutations/invalidate.js.map +1 -0
package/dist/component/server/mutations/oauth.js +110 -0
package/dist/component/server/mutations/oauth.js.map +1 -0
package/dist/component/server/mutations/refresh.js +119 -0
package/dist/component/server/mutations/refresh.js.map +1 -0
package/dist/component/server/mutations/register.js +83 -0
package/dist/component/server/mutations/register.js.map +1 -0
package/dist/component/server/mutations/retrieve.js +65 -0
package/dist/component/server/mutations/retrieve.js.map +1 -0
package/dist/component/server/mutations/signature.js +32 -0
package/dist/component/server/mutations/signature.js.map +1 -0
package/dist/component/server/{implementation/mutations → mutations}/signin.js +2 -2
package/dist/component/server/mutations/signin.js.map +1 -0
package/dist/component/server/mutations/signout.js +27 -0
package/dist/component/server/mutations/signout.js.map +1 -0
package/dist/component/server/mutations/store/refs.js +15 -0
package/dist/component/server/mutations/store/refs.js.map +1 -0
package/dist/component/server/mutations/store.js +85 -0
package/dist/component/server/mutations/store.js.map +1 -0
package/dist/component/server/mutations/verifier.js +18 -0
package/dist/component/server/mutations/verifier.js.map +1 -0
package/dist/component/server/mutations/verify.js +98 -0
package/dist/component/server/mutations/verify.js.map +1 -0
package/dist/component/server/oauth.js +106 -60
package/dist/component/server/oauth.js.map +1 -1
package/dist/component/server/passkey.js +328 -0
package/dist/component/server/passkey.js.map +1 -0
package/dist/{server/implementation → component/server}/redirects.js +13 -11
package/dist/component/server/redirects.js.map +1 -0
package/dist/component/server/refresh.js +96 -0
package/dist/component/server/refresh.js.map +1 -0
package/dist/component/server/runtime.d.ts +136 -0
package/dist/component/server/runtime.d.ts.map +1 -0
package/dist/component/server/runtime.js +413 -0
package/dist/component/server/runtime.js.map +1 -0
package/dist/{server/implementation → component/server}/sessions.js +14 -8
package/dist/component/server/sessions.js.map +1 -0
package/dist/component/server/signin.js +201 -0
package/dist/component/server/signin.js.map +1 -0
package/dist/component/server/tokens.js +17 -0
package/dist/component/server/tokens.js.map +1 -0
package/dist/component/server/totp.js +148 -0
package/dist/component/server/totp.js.map +1 -0
package/dist/component/server/types.d.ts +387 -298
package/dist/component/server/types.d.ts.map +1 -1
package/dist/component/server/{implementation/types.js → types.js} +1 -1
package/dist/component/server/types.js.map +1 -0
package/dist/component/server/{implementation/users.js → users.js} +54 -35
package/dist/component/server/users.js.map +1 -0
package/dist/component/server/utils.js +110 -4
package/dist/component/server/utils.js.map +1 -1
package/dist/core/types.d.ts +369 -0
package/dist/core/types.d.ts.map +1 -0
package/dist/factors/device.js +105 -0
package/dist/factors/device.js.map +1 -0
package/dist/factors/passkey.js +181 -0
package/dist/factors/passkey.js.map +1 -0
package/dist/factors/totp.js +122 -0
package/dist/factors/totp.js.map +1 -0
package/dist/providers/anonymous.d.ts +3 -9
package/dist/providers/anonymous.d.ts.map +1 -1
package/dist/providers/anonymous.js +1 -18
package/dist/providers/anonymous.js.map +1 -1
package/dist/providers/credentials.d.ts +8 -10
package/dist/providers/credentials.d.ts.map +1 -1
package/dist/providers/credentials.js +3 -5
package/dist/providers/credentials.js.map +1 -1
package/dist/providers/device.d.ts +18 -10
package/dist/providers/device.d.ts.map +1 -1
package/dist/providers/device.js +4 -8
package/dist/providers/device.js.map +1 -1
package/dist/providers/email.d.ts +50 -23
package/dist/providers/email.d.ts.map +1 -1
package/dist/providers/email.js +58 -34
package/dist/providers/email.js.map +1 -1
package/dist/providers/index.d.ts +7 -3
package/dist/providers/index.js +4 -1
package/dist/providers/oauth.d.ts.map +1 -1
package/dist/providers/oauth.js.map +1 -1
package/dist/providers/passkey.d.ts +12 -9
package/dist/providers/passkey.d.ts.map +1 -1
package/dist/providers/passkey.js +1 -7
package/dist/providers/passkey.js.map +1 -1
package/dist/providers/password.d.ts +6 -12
package/dist/providers/password.d.ts.map +1 -1
package/dist/providers/password.js +189 -89
package/dist/providers/password.js.map +1 -1
package/dist/providers/phone.d.ts +40 -11
package/dist/providers/phone.d.ts.map +1 -1
package/dist/providers/phone.js +52 -21
package/dist/providers/phone.js.map +1 -1
package/dist/providers/sso.d.ts +50 -0
package/dist/providers/sso.d.ts.map +1 -0
package/dist/providers/sso.js +34 -0
package/dist/providers/sso.js.map +1 -0
package/dist/providers/totp.d.ts +12 -9
package/dist/providers/totp.d.ts.map +1 -1
package/dist/providers/totp.js +1 -7
package/dist/providers/totp.js.map +1 -1
package/dist/runtime/browser.js +68 -0
package/dist/runtime/browser.js.map +1 -0
package/dist/runtime/invite.js +51 -0
package/dist/runtime/invite.js.map +1 -0
package/dist/runtime/proxy.js +70 -0
package/dist/runtime/proxy.js.map +1 -0
package/dist/runtime/storage.js +37 -0
package/dist/runtime/storage.js.map +1 -0
package/dist/server/auth.d.ts +335 -370
package/dist/server/auth.d.ts.map +1 -1
package/dist/server/auth.js +204 -123
package/dist/server/auth.js.map +1 -1
package/dist/server/authError.d.ts +46 -0
package/dist/server/authError.d.ts.map +1 -0
package/dist/server/authError.js +34 -0
package/dist/server/authError.js.map +1 -0
package/dist/server/config.d.ts +1 -0
package/dist/server/{providers.js → config.js} +43 -12
package/dist/server/config.js.map +1 -0
package/dist/server/cookies.d.ts +1 -38
package/dist/server/cookies.js +3 -0
package/dist/server/cookies.js.map +1 -1
package/dist/server/core.d.ts +1436 -0
package/dist/server/core.d.ts.map +1 -0
package/dist/server/core.js +713 -0
package/dist/server/core.js.map +1 -0
package/dist/server/crypto.d.ts +8 -0
package/dist/server/crypto.d.ts.map +1 -0
package/dist/server/crypto.js +38 -0
package/dist/server/crypto.js.map +1 -0
package/dist/server/db.d.ts +1 -0
package/dist/server/{implementation/db.js → db.js} +2 -1
package/dist/server/db.js.map +1 -0
package/dist/server/device.d.ts +1 -0
package/dist/server/device.js +109 -0
package/dist/server/device.js.map +1 -0
package/dist/server/enterprise/config.d.ts +1 -0
package/dist/server/enterprise/config.js +46 -0
package/dist/server/enterprise/config.js.map +1 -0
package/dist/server/enterprise/domain.d.ts +409 -0
package/dist/server/enterprise/domain.d.ts.map +1 -0
package/dist/server/enterprise/domain.js +885 -0
package/dist/server/enterprise/domain.js.map +1 -0
package/dist/server/enterprise/http.d.ts +26 -0
package/dist/server/enterprise/http.d.ts.map +1 -0
package/dist/server/enterprise/http.js +766 -0
package/dist/server/enterprise/http.js.map +1 -0
package/dist/server/enterprise/oidc.d.ts +1 -0
package/dist/server/enterprise/oidc.js +248 -0
package/dist/server/enterprise/oidc.js.map +1 -0
package/dist/server/enterprise/policy.d.ts +1 -0
package/dist/server/enterprise/policy.js +85 -0
package/dist/server/enterprise/policy.js.map +1 -0
package/dist/server/enterprise/saml.d.ts +1 -0
package/dist/server/enterprise/saml.js +338 -0
package/dist/server/enterprise/saml.js.map +1 -0
package/dist/server/enterprise/scim.d.ts +1 -0
package/dist/server/enterprise/scim.js +97 -0
package/dist/server/enterprise/scim.js.map +1 -0
package/dist/server/enterprise/shared.d.ts +5 -0
package/dist/server/enterprise/shared.d.ts.map +1 -0
package/dist/server/enterprise/shared.js +51 -0
package/dist/server/enterprise/shared.js.map +1 -0
package/dist/server/enterprise/validators.d.ts +1 -0
package/dist/server/enterprise/validators.js +60 -0
package/dist/server/enterprise/validators.js.map +1 -0
package/dist/server/errors.d.ts +33 -1
package/dist/server/errors.d.ts.map +1 -1
package/dist/server/errors.js +44 -1
package/dist/server/errors.js.map +1 -1
package/dist/server/http.d.ts +59 -0
package/dist/server/http.d.ts.map +1 -0
package/dist/server/http.js +288 -0
package/dist/server/http.js.map +1 -0
package/dist/server/identity.d.ts +1 -0
package/dist/server/identity.js +13 -0
package/dist/server/identity.js.map +1 -0
package/dist/server/index.d.ts +4 -182
package/dist/server/index.js +4 -376
package/dist/server/keys.d.ts +1 -0
package/dist/{component/server/implementation → server}/keys.js +9 -31
package/dist/server/keys.js.map +1 -0
package/dist/server/limits.d.ts +1 -0
package/dist/server/limits.js +61 -0
package/dist/server/limits.js.map +1 -0
package/dist/server/mounts.d.ts +647 -0
package/dist/server/mounts.d.ts.map +1 -0
package/dist/server/mounts.js +643 -0
package/dist/server/mounts.js.map +1 -0
package/dist/server/mutations/account.d.ts +30 -0
package/dist/server/mutations/account.d.ts.map +1 -0
package/dist/server/mutations/account.js +44 -0
package/dist/server/mutations/account.js.map +1 -0
package/dist/server/mutations/code.d.ts +30 -0
package/dist/server/mutations/code.d.ts.map +1 -0
package/dist/server/{implementation/mutations → mutations}/code.js +7 -4
package/dist/server/mutations/code.js.map +1 -0
package/dist/server/mutations/index.d.ts +14 -0
package/dist/server/mutations/index.js +15 -0
package/dist/server/mutations/invalidate.d.ts +20 -0
package/dist/server/mutations/invalidate.d.ts.map +1 -0
package/dist/server/mutations/invalidate.js +32 -0
package/dist/server/mutations/invalidate.js.map +1 -0
package/dist/server/mutations/oauth.d.ts +28 -0
package/dist/server/mutations/oauth.d.ts.map +1 -0
package/dist/server/mutations/oauth.js +110 -0
package/dist/server/mutations/oauth.js.map +1 -0
package/dist/server/mutations/refresh.d.ts +21 -0
package/dist/server/mutations/refresh.d.ts.map +1 -0
package/dist/server/mutations/refresh.js +119 -0
package/dist/server/mutations/refresh.js.map +1 -0
package/dist/server/mutations/register.d.ts +38 -0
package/dist/server/mutations/register.d.ts.map +1 -0
package/dist/server/mutations/register.js +83 -0
package/dist/server/mutations/register.js.map +1 -0
package/dist/server/mutations/retrieve.d.ts +33 -0
package/dist/server/mutations/retrieve.d.ts.map +1 -0
package/dist/server/mutations/retrieve.js +65 -0
package/dist/server/mutations/retrieve.js.map +1 -0
package/dist/server/mutations/signature.d.ts +22 -0
package/dist/server/mutations/signature.d.ts.map +1 -0
package/dist/server/mutations/signature.js +32 -0
package/dist/server/mutations/signature.js.map +1 -0
package/dist/server/mutations/signin.d.ts +22 -0
package/dist/server/mutations/signin.d.ts.map +1 -0
package/dist/server/{implementation/mutations → mutations}/signin.js +2 -2
package/dist/server/mutations/signin.js.map +1 -0
package/dist/server/mutations/signout.d.ts +16 -0
package/dist/server/mutations/signout.d.ts.map +1 -0
package/dist/server/mutations/signout.js +27 -0
package/dist/server/mutations/signout.js.map +1 -0
package/dist/server/mutations/store/refs.d.ts +12 -0
package/dist/server/mutations/store/refs.d.ts.map +1 -0
package/dist/server/mutations/store/refs.js +15 -0
package/dist/server/mutations/store/refs.js.map +1 -0
package/dist/server/mutations/store.d.ts +306 -0
package/dist/server/mutations/store.d.ts.map +1 -0
package/dist/server/mutations/store.js +85 -0
package/dist/server/mutations/store.js.map +1 -0
package/dist/server/mutations/verifier.d.ts +13 -0
package/dist/server/mutations/verifier.d.ts.map +1 -0
package/dist/server/mutations/verifier.js +18 -0
package/dist/server/mutations/verifier.js.map +1 -0
package/dist/server/mutations/verify.d.ts +26 -0
package/dist/server/mutations/verify.d.ts.map +1 -0
package/dist/server/mutations/verify.js +98 -0
package/dist/server/mutations/verify.js.map +1 -0
package/dist/server/oauth.d.ts +1 -48
package/dist/server/oauth.js +107 -64
package/dist/server/oauth.js.map +1 -1
package/dist/server/passkey.d.ts +27 -0
package/dist/server/passkey.d.ts.map +1 -0
package/dist/server/passkey.js +328 -0
package/dist/server/passkey.js.map +1 -0
package/dist/server/redirects.d.ts +1 -0
package/dist/{component/server/implementation → server}/redirects.js +13 -11
package/dist/server/redirects.js.map +1 -0
package/dist/server/refresh.d.ts +1 -0
package/dist/server/refresh.js +96 -0
package/dist/server/refresh.js.map +1 -0
package/dist/server/runtime.d.ts +136 -0
package/dist/server/runtime.d.ts.map +1 -0
package/dist/server/runtime.js +413 -0
package/dist/server/runtime.js.map +1 -0
package/dist/server/sessions.d.ts +1 -0
package/dist/{component/server/implementation → server}/sessions.js +14 -8
package/dist/server/sessions.js.map +1 -0
package/dist/server/signin.d.ts +1 -0
package/dist/server/signin.js +201 -0
package/dist/server/signin.js.map +1 -0
package/dist/server/ssr.d.ts +226 -0
package/dist/server/ssr.d.ts.map +1 -0
package/dist/server/ssr.js +786 -0
package/dist/server/ssr.js.map +1 -0
package/dist/server/templates.d.ts +1 -21
package/dist/server/templates.js +2 -1
package/dist/server/templates.js.map +1 -1
package/dist/server/tokens.d.ts +1 -0
package/dist/server/tokens.js +17 -0
package/dist/server/tokens.js.map +1 -0
package/dist/server/totp.d.ts +1 -0
package/dist/server/totp.js +148 -0
package/dist/server/totp.js.map +1 -0
package/dist/server/types.d.ts +498 -306
package/dist/server/types.d.ts.map +1 -1
package/dist/server/types.js +108 -1
package/dist/server/types.js.map +1 -0
package/dist/server/users.d.ts +1 -0
package/dist/server/{implementation/users.js → users.js} +54 -35
package/dist/server/users.js.map +1 -0
package/dist/server/utils.d.ts +1 -6
package/dist/server/utils.js +110 -4
package/dist/server/utils.js.map +1 -1
package/package.json +49 -46
package/src/authorization/index.ts +83 -0
package/src/cli/bin.ts +5 -0
package/src/cli/command.ts +6 -5
package/src/cli/index.ts +456 -248
package/src/cli/keys.ts +3 -0
package/src/client/core/types.ts +437 -0
package/src/client/factors/device.ts +160 -0
package/src/client/factors/passkey.ts +282 -0
package/src/client/factors/totp.ts +150 -0
package/src/client/index.ts +745 -989
package/src/client/runtime/browser.ts +112 -0
package/src/client/runtime/invite.ts +65 -0
package/src/client/runtime/proxy.ts +111 -0
package/src/client/runtime/storage.ts +79 -0
package/src/component/_generated/api.ts +42 -0
package/src/component/_generated/component.ts +3123 -102
package/src/component/functions.ts +38 -22
package/src/component/index.ts +10 -20
package/src/component/model.ts +449 -0
package/src/component/public/enterprise/audit.ts +120 -0
package/src/component/public/enterprise/core.ts +354 -0
package/src/component/public/enterprise/domains.ts +323 -0
package/src/component/public/enterprise/scim.ts +396 -0
package/src/component/public/enterprise/secrets.ts +132 -0
package/src/component/public/enterprise/webhooks.ts +306 -0
package/src/component/public/factors/devices.ts +223 -0
package/src/component/public/factors/passkeys.ts +242 -0
package/src/component/public/factors/totp.ts +258 -0
package/src/component/public/groups/core.ts +481 -0
package/src/component/public/groups/invites.ts +602 -0
package/src/component/public/groups/members.ts +409 -0
package/src/component/public/identity/accounts.ts +206 -0
package/src/component/public/identity/codes.ts +148 -0
package/src/component/public/identity/sessions.ts +209 -0
package/src/component/public/identity/tokens.ts +250 -0
package/src/component/public/identity/users.ts +354 -0
package/src/component/public/identity/verifiers.ts +157 -0
package/src/component/public/security/keys.ts +365 -0
package/src/component/public/security/limits.ts +173 -0
package/src/component/public.ts +26 -1766
package/src/component/schema.ts +273 -100
package/src/providers/anonymous.ts +10 -20
package/src/providers/credentials.ts +14 -22
package/src/providers/device.ts +3 -14
package/src/providers/email.ts +83 -47
package/src/providers/index.ts +7 -0
package/src/providers/oauth.ts +5 -3
package/src/providers/passkey.ts +0 -13
package/src/providers/password.ts +307 -130
package/src/providers/phone.ts +81 -37
package/src/providers/sso.ts +54 -0
package/src/providers/totp.ts +0 -13
package/src/samlify.d.ts +53 -0
package/src/server/auth.ts +701 -247
package/src/server/authError.ts +44 -0
package/src/server/{providers.ts → config.ts} +84 -15
package/src/server/cookies.ts +8 -1
package/src/server/core.ts +2095 -0
package/src/server/crypto.ts +88 -0
package/src/server/{implementation/db.ts → db.ts} +90 -15
package/src/server/device.ts +221 -0
package/src/server/enterprise/config.ts +51 -0
package/src/server/enterprise/domain.ts +1751 -0
package/src/server/enterprise/http.ts +1324 -0
package/src/server/enterprise/oidc.ts +500 -0
package/src/server/enterprise/policy.ts +128 -0
package/src/server/enterprise/saml.ts +578 -0
package/src/server/enterprise/scim.ts +135 -0
package/src/server/enterprise/shared.ts +134 -0
package/src/server/enterprise/validators.ts +93 -0
package/src/server/errors.ts +130 -119
package/src/server/http.ts +531 -0
package/src/server/identity.ts +18 -0
package/src/server/index.ts +32 -650
package/src/server/{implementation/keys.ts → keys.ts} +16 -44
package/src/server/limits.ts +134 -0
package/src/server/mounts.ts +948 -0
package/src/server/mutations/account.ts +76 -0
package/src/server/{implementation/mutations → mutations}/code.ts +22 -11
package/src/server/mutations/index.ts +13 -0
package/src/server/mutations/invalidate.ts +50 -0
package/src/server/mutations/oauth.ts +237 -0
package/src/server/mutations/refresh.ts +298 -0
package/src/server/mutations/register.ts +200 -0
package/src/server/mutations/retrieve.ts +109 -0
package/src/server/mutations/signature.ts +50 -0
package/src/server/{implementation/mutations → mutations}/signin.ts +9 -7
package/src/server/mutations/signout.ts +43 -0
package/src/server/mutations/store/refs.ts +10 -0
package/src/server/mutations/store.ts +138 -0
package/src/server/mutations/verifier.ts +34 -0
package/src/server/mutations/verify.ts +202 -0
package/src/server/oauth.ts +243 -131
package/src/server/passkey.ts +784 -0
package/src/server/{implementation/redirects.ts → redirects.ts} +21 -16
package/src/server/refresh.ts +222 -0
package/src/server/runtime.ts +880 -0
package/src/server/{implementation/sessions.ts → sessions.ts} +33 -25
package/src/server/signin.ts +438 -0
package/src/server/ssr.ts +1764 -0
package/src/server/templates.ts +8 -3
package/src/server/{implementation/tokens.ts → tokens.ts} +11 -5
package/src/server/totp.ts +349 -0
package/src/server/types.ts +972 -207
package/src/server/{implementation/users.ts → users.ts} +129 -75
package/src/server/utils.ts +192 -5
package/src/test.ts +28 -4
package/dist/bin.cjs +0 -27757
package/dist/component/providers/email.js +0 -47
package/dist/component/providers/email.js.map +0 -1
package/dist/component/public.js.map +0 -1
package/dist/component/server/implementation/db.js.map +0 -1
package/dist/component/server/implementation/device.js +0 -135
package/dist/component/server/implementation/device.js.map +0 -1
package/dist/component/server/implementation/index.d.ts +0 -870
package/dist/component/server/implementation/index.d.ts.map +0 -1
package/dist/component/server/implementation/index.js +0 -610
package/dist/component/server/implementation/index.js.map +0 -1
package/dist/component/server/implementation/keys.js.map +0 -1
package/dist/component/server/implementation/mutations/account.js +0 -39
package/dist/component/server/implementation/mutations/account.js.map +0 -1
package/dist/component/server/implementation/mutations/code.js.map +0 -1
package/dist/component/server/implementation/mutations/index.js +0 -70
package/dist/component/server/implementation/mutations/index.js.map +0 -1
package/dist/component/server/implementation/mutations/invalidate.js +0 -29
package/dist/component/server/implementation/mutations/invalidate.js.map +0 -1
package/dist/component/server/implementation/mutations/oauth.js +0 -51
package/dist/component/server/implementation/mutations/oauth.js.map +0 -1
package/dist/component/server/implementation/mutations/refresh.js +0 -85
package/dist/component/server/implementation/mutations/refresh.js.map +0 -1
package/dist/component/server/implementation/mutations/register.js +0 -65
package/dist/component/server/implementation/mutations/register.js.map +0 -1
package/dist/component/server/implementation/mutations/retrieve.js +0 -50
package/dist/component/server/implementation/mutations/retrieve.js.map +0 -1
package/dist/component/server/implementation/mutations/signature.js +0 -27
package/dist/component/server/implementation/mutations/signature.js.map +0 -1
package/dist/component/server/implementation/mutations/signin.js.map +0 -1
package/dist/component/server/implementation/mutations/signout.js +0 -27
package/dist/component/server/implementation/mutations/signout.js.map +0 -1
package/dist/component/server/implementation/mutations/store.js +0 -12
package/dist/component/server/implementation/mutations/store.js.map +0 -1
package/dist/component/server/implementation/mutations/verifier.js +0 -16
package/dist/component/server/implementation/mutations/verifier.js.map +0 -1
package/dist/component/server/implementation/mutations/verify.js +0 -105
package/dist/component/server/implementation/mutations/verify.js.map +0 -1
package/dist/component/server/implementation/passkey.js +0 -307
package/dist/component/server/implementation/passkey.js.map +0 -1
package/dist/component/server/implementation/provider.js +0 -19
package/dist/component/server/implementation/provider.js.map +0 -1
package/dist/component/server/implementation/ratelimit.js +0 -48
package/dist/component/server/implementation/ratelimit.js.map +0 -1
package/dist/component/server/implementation/redirects.js.map +0 -1
package/dist/component/server/implementation/refresh.js +0 -109
package/dist/component/server/implementation/refresh.js.map +0 -1
package/dist/component/server/implementation/sessions.js.map +0 -1
package/dist/component/server/implementation/signin.js +0 -148
package/dist/component/server/implementation/signin.js.map +0 -1
package/dist/component/server/implementation/tokens.js +0 -15
package/dist/component/server/implementation/tokens.js.map +0 -1
package/dist/component/server/implementation/totp.js +0 -142
package/dist/component/server/implementation/totp.js.map +0 -1
package/dist/component/server/implementation/types.d.ts +0 -42
package/dist/component/server/implementation/types.d.ts.map +0 -1
package/dist/component/server/implementation/types.js.map +0 -1
package/dist/component/server/implementation/users.js.map +0 -1
package/dist/component/server/implementation/utils.js +0 -56
package/dist/component/server/implementation/utils.js.map +0 -1
package/dist/component/server/providers.js.map +0 -1
package/dist/component/server/templates.js +0 -84
package/dist/component/server/templates.js.map +0 -1
package/dist/server/cookies.d.ts.map +0 -1
package/dist/server/implementation/db.d.ts +0 -86
package/dist/server/implementation/db.d.ts.map +0 -1
package/dist/server/implementation/db.js.map +0 -1
package/dist/server/implementation/device.d.ts +0 -30
package/dist/server/implementation/device.d.ts.map +0 -1
package/dist/server/implementation/device.js +0 -135
package/dist/server/implementation/device.js.map +0 -1
package/dist/server/implementation/index.d.ts +0 -870
package/dist/server/implementation/index.d.ts.map +0 -1
package/dist/server/implementation/index.js +0 -610
package/dist/server/implementation/index.js.map +0 -1
package/dist/server/implementation/keys.d.ts +0 -66
package/dist/server/implementation/keys.d.ts.map +0 -1
package/dist/server/implementation/keys.js.map +0 -1
package/dist/server/implementation/mutations/account.d.ts +0 -27
package/dist/server/implementation/mutations/account.d.ts.map +0 -1
package/dist/server/implementation/mutations/account.js +0 -39
package/dist/server/implementation/mutations/account.js.map +0 -1
package/dist/server/implementation/mutations/code.d.ts +0 -29
package/dist/server/implementation/mutations/code.d.ts.map +0 -1
package/dist/server/implementation/mutations/code.js.map +0 -1
package/dist/server/implementation/mutations/index.d.ts +0 -310
package/dist/server/implementation/mutations/index.d.ts.map +0 -1
package/dist/server/implementation/mutations/index.js +0 -70
package/dist/server/implementation/mutations/index.js.map +0 -1
package/dist/server/implementation/mutations/invalidate.d.ts +0 -18
package/dist/server/implementation/mutations/invalidate.d.ts.map +0 -1
package/dist/server/implementation/mutations/invalidate.js +0 -29
package/dist/server/implementation/mutations/invalidate.js.map +0 -1
package/dist/server/implementation/mutations/oauth.d.ts +0 -23
package/dist/server/implementation/mutations/oauth.d.ts.map +0 -1
package/dist/server/implementation/mutations/oauth.js +0 -51
package/dist/server/implementation/mutations/oauth.js.map +0 -1
package/dist/server/implementation/mutations/refresh.d.ts +0 -20
package/dist/server/implementation/mutations/refresh.d.ts.map +0 -1
package/dist/server/implementation/mutations/refresh.js +0 -85
package/dist/server/implementation/mutations/refresh.js.map +0 -1
package/dist/server/implementation/mutations/register.d.ts +0 -37
package/dist/server/implementation/mutations/register.d.ts.map +0 -1
package/dist/server/implementation/mutations/register.js +0 -65
package/dist/server/implementation/mutations/register.js.map +0 -1
package/dist/server/implementation/mutations/retrieve.d.ts +0 -31
package/dist/server/implementation/mutations/retrieve.d.ts.map +0 -1
package/dist/server/implementation/mutations/retrieve.js +0 -50
package/dist/server/implementation/mutations/retrieve.js.map +0 -1
package/dist/server/implementation/mutations/signature.d.ts +0 -19
package/dist/server/implementation/mutations/signature.d.ts.map +0 -1
package/dist/server/implementation/mutations/signature.js +0 -27
package/dist/server/implementation/mutations/signature.js.map +0 -1
package/dist/server/implementation/mutations/signin.d.ts +0 -21
package/dist/server/implementation/mutations/signin.d.ts.map +0 -1
package/dist/server/implementation/mutations/signin.js.map +0 -1
package/dist/server/implementation/mutations/signout.d.ts +0 -14
package/dist/server/implementation/mutations/signout.d.ts.map +0 -1
package/dist/server/implementation/mutations/signout.js +0 -27
package/dist/server/implementation/mutations/signout.js.map +0 -1
package/dist/server/implementation/mutations/store.d.ts +0 -11
package/dist/server/implementation/mutations/store.d.ts.map +0 -1
package/dist/server/implementation/mutations/store.js +0 -12
package/dist/server/implementation/mutations/store.js.map +0 -1
package/dist/server/implementation/mutations/verifier.d.ts +0 -11
package/dist/server/implementation/mutations/verifier.d.ts.map +0 -1
package/dist/server/implementation/mutations/verifier.js +0 -16
package/dist/server/implementation/mutations/verifier.js.map +0 -1
package/dist/server/implementation/mutations/verify.d.ts +0 -25
package/dist/server/implementation/mutations/verify.d.ts.map +0 -1
package/dist/server/implementation/mutations/verify.js +0 -105
package/dist/server/implementation/mutations/verify.js.map +0 -1
package/dist/server/implementation/passkey.d.ts +0 -24
package/dist/server/implementation/passkey.d.ts.map +0 -1
package/dist/server/implementation/passkey.js +0 -307
package/dist/server/implementation/passkey.js.map +0 -1
package/dist/server/implementation/provider.d.ts +0 -10
package/dist/server/implementation/provider.d.ts.map +0 -1
package/dist/server/implementation/provider.js +0 -19
package/dist/server/implementation/provider.js.map +0 -1
package/dist/server/implementation/ratelimit.d.ts +0 -10
package/dist/server/implementation/ratelimit.d.ts.map +0 -1
package/dist/server/implementation/ratelimit.js +0 -48
package/dist/server/implementation/ratelimit.js.map +0 -1
package/dist/server/implementation/redirects.d.ts +0 -10
package/dist/server/implementation/redirects.d.ts.map +0 -1
package/dist/server/implementation/redirects.js.map +0 -1
package/dist/server/implementation/refresh.d.ts +0 -37
package/dist/server/implementation/refresh.d.ts.map +0 -1
package/dist/server/implementation/refresh.js +0 -109
package/dist/server/implementation/refresh.js.map +0 -1
package/dist/server/implementation/sessions.d.ts +0 -29
package/dist/server/implementation/sessions.d.ts.map +0 -1
package/dist/server/implementation/sessions.js.map +0 -1
package/dist/server/implementation/signin.d.ts +0 -55
package/dist/server/implementation/signin.d.ts.map +0 -1
package/dist/server/implementation/signin.js +0 -148
package/dist/server/implementation/signin.js.map +0 -1
package/dist/server/implementation/tokens.d.ts +0 -11
package/dist/server/implementation/tokens.d.ts.map +0 -1
package/dist/server/implementation/tokens.js +0 -15
package/dist/server/implementation/tokens.js.map +0 -1
package/dist/server/implementation/totp.d.ts +0 -31
package/dist/server/implementation/totp.d.ts.map +0 -1
package/dist/server/implementation/totp.js +0 -142
package/dist/server/implementation/totp.js.map +0 -1
package/dist/server/implementation/types.d.ts +0 -189
package/dist/server/implementation/types.d.ts.map +0 -1
package/dist/server/implementation/types.js +0 -97
package/dist/server/implementation/types.js.map +0 -1
package/dist/server/implementation/users.d.ts +0 -30
package/dist/server/implementation/users.d.ts.map +0 -1
package/dist/server/implementation/users.js.map +0 -1
package/dist/server/implementation/utils.d.ts +0 -19
package/dist/server/implementation/utils.d.ts.map +0 -1
package/dist/server/implementation/utils.js +0 -56
package/dist/server/implementation/utils.js.map +0 -1
package/dist/server/index.d.ts.map +0 -1
package/dist/server/index.js.map +0 -1
package/dist/server/oauth.d.ts.map +0 -1
package/dist/server/providers.d.ts +0 -72
package/dist/server/providers.d.ts.map +0 -1
package/dist/server/providers.js.map +0 -1
package/dist/server/templates.d.ts.map +0 -1
package/dist/server/utils.d.ts.map +0 -1
package/dist/server/version.d.ts +0 -5
package/dist/server/version.d.ts.map +0 -1
package/dist/server/version.js +0 -6
package/dist/server/version.js.map +0 -1
package/src/cli/utils.ts +0 -248
package/src/server/implementation/device.ts +0 -307
package/src/server/implementation/index.ts +0 -1583
package/src/server/implementation/mutations/account.ts +0 -50
package/src/server/implementation/mutations/index.ts +0 -157
package/src/server/implementation/mutations/invalidate.ts +0 -42
package/src/server/implementation/mutations/oauth.ts +0 -73
package/src/server/implementation/mutations/refresh.ts +0 -175
package/src/server/implementation/mutations/register.ts +0 -100
package/src/server/implementation/mutations/retrieve.ts +0 -79
package/src/server/implementation/mutations/signature.ts +0 -39
package/src/server/implementation/mutations/signout.ts +0 -35
package/src/server/implementation/mutations/store.ts +0 -7
package/src/server/implementation/mutations/verifier.ts +0 -24
package/src/server/implementation/mutations/verify.ts +0 -194
package/src/server/implementation/passkey.ts +0 -620
package/src/server/implementation/provider.ts +0 -36
package/src/server/implementation/ratelimit.ts +0 -79
package/src/server/implementation/refresh.ts +0 -172
package/src/server/implementation/signin.ts +0 -296
package/src/server/implementation/totp.ts +0 -342
package/src/server/implementation/types.ts +0 -444
package/src/server/implementation/utils.ts +0 -91
package/src/server/version.ts +0 -2

package/dist/server/mounts.d.ts ADDED Viewed

@@ -0,0 +1,647 @@
+import { AuthAuthorizationConfig, AuthRoleId } from "./types.js";
+import { AuthApi } from "./auth.js";
+import * as convex_server0 from "convex/server";
+//#region src/server/mounts.d.ts
+/**
+ * Permission identifiers used by mounted enterprise admin APIs.
+ *
+ * These permission strings are passed to your {@link EnterpriseAuthorizer}
+ * callback so app code can decide whether the current user may perform a
+ * specific SSO or SCIM management operation.
+ *
+ * @example
+ * ```ts
+ * const authorized: EnterpriseAuthorizer = async (ctx, input) => {
+ *   if (input.permission === "sso.connection.create") {
+ *     // Only org admins may create SSO connections
+ *   }
+ * };
+ * ```
+ */
+type EnterpriseAdminPermission = "sso.connection.create" | "sso.connection.read" | "sso.connection.manage" | "sso.domain.manage" | "sso.protocol.manage" | "sso.policy.manage" | "sso.audit.read" | "sso.webhook.manage" | "scim.manage";
+/**
+ * Input passed to an {@link EnterpriseAuthorizer}.
+ *
+ * Contains the acting user, the requested permission, and the resolved
+ * enterprise/group scope for the operation being authorized.
+ */
+type EnterpriseAdminAuthorizationInput = {
+  /** The signed-in user's ID performing the admin action. */userId: string; /** The {@link EnterpriseAdminPermission} being requested. */
+  permission: EnterpriseAdminPermission; /** Enterprise document ID, if the operation targets a specific enterprise. */
+  enterpriseId?: string; /** Group document ID, if explicitly provided by the caller. */
+  groupId?: string; /** Resolved group ID from the enterprise record, or `null` when no enterprise context. */
+  resolvedGroupId: string | null;
+};
+/**
+ * App-defined authorization hook for mounted enterprise admin APIs.
+ *
+ * Return `void` (or resolve) to allow the operation, or `{ ok: false }` to deny it.
+ *
+ * @param ctx - Convex context with `ctx.auth` for identity checks.
+ * @param input - The {@link EnterpriseAdminAuthorizationInput} describing who is doing what.
+ * @returns `void` to allow, `{ ok: false }` to deny.
+ *
+ * @example
+ * ```ts
+ * import { EnterpriseAuthorizer } from "@robelest/convex-auth/server";
+ *
+ * const authorized: EnterpriseAuthorizer = async (ctx, input) => {
+ *   const identity = await ctx.auth.getUserIdentity();
+ *   if (!identity) return { ok: false };
+ *   // Allow all admin ops for the org owner
+ * };
+ * ```
+ */
+type EnterpriseAuthorizer = (ctx: {
+  auth: convex_server0.Auth;
+}, input: EnterpriseAdminAuthorizationInput) => Promise<void | {
+  ok: false;
+}>;
+type RoleRef<TRoleId extends string> = {
+  id: TRoleId;
+};
+type MountedEnterpriseOptions<TRoleId extends string = string> = {
+  admin?: {
+    authorized?: EnterpriseAuthorizer;
+    roles?: Array<TRoleId | RoleRef<TRoleId>>;
+  };
+};
+/**
+ * Configuration for {@link enterprise}, {@link sso}, and {@link scim}
+ * mounted admin APIs.
+ *
+ * @typeParam TRoleId - Role IDs that may be assigned to enterprise creators.
+ *
+ * @example
+ * ```ts
+ * import { enterprise, EnterpriseMountOptions } from "@robelest/convex-auth/server";
+ *
+ * const options: EnterpriseMountOptions = {
+ *   admin: {
+ *     authorized: async (ctx, input) => {
+ *       // Verify the user has permission for `input.permission`
+ *     },
+ *     roles: ["admin", "owner"],
+ *   },
+ * };
+ * ```
+ */
+type EnterpriseMountOptions<TRoleId extends string = string> = {
+  admin: {
+    authorized: EnterpriseAuthorizer;
+    roles?: Array<TRoleId | RoleRef<TRoleId>>;
+  };
+};
+/**
+ * Build optional public SSO management actions that apps can mount under
+ * `convex/auth/sso/**` when they want client-callable enterprise APIs.
+ *
+ * `admin` is for tenant-admin control-plane operations and should be mounted
+ * with an explicit authorization policy. `client` is for end-user sign-in
+ * helpers and does not require tenant-admin authorization.
+ *
+ * @param auth - Auth API subset providing `group`, `member`, `sso`, and `user` namespaces.
+ * @param options - Optional admin authorization config. See {@link EnterpriseMountOptions}.
+ * @typeParam TAuthorization - Optional authorization config for typed role IDs.
+ * @returns An object with `admin` (connection CRUD, OIDC/SAML protocol config, policy,
+ *   audit, webhooks, domain management) and `client` (signIn, metadata) namespaces.
+ *
+ * @example
+ * ```ts
+ * // convex/auth/sso.ts
+ * import { sso } from "@robelest/convex-auth/server";
+ * import { auth } from "../auth";
+ *
+ * const mounted = sso(auth, {
+ *   admin: {
+ *     authorized: async (ctx, input) => { /* check permissions *\/ },
+ *   },
+ * });
+ *
+ * export const createConnection = mounted.admin.connection.create;
+ * export const signIn = mounted.client.signIn;
+ * ```
+ *
+ * @see {@link scim}
+ * @see {@link enterprise}
+ */
+declare function sso<TAuthorization extends AuthAuthorizationConfig | undefined = undefined>(auth: Pick<AuthApi<TAuthorization>, "group" | "member" | "sso" | "user">, options?: MountedEnterpriseOptions<AuthRoleId<TAuthorization>>): {
+  admin: {
+    connection: {
+      create: convex_server0.RegisteredMutation<"public", {
+        status?: "draft" | "active" | "disabled" | undefined;
+        name?: string | undefined;
+        slug?: string | undefined;
+        groupId?: string | undefined;
+        domain?: string | undefined;
+      }, Promise<any>>;
+      get: convex_server0.RegisteredQuery<"public", {
+        enterpriseId: string;
+      }, Promise<any>>;
+      getByGroup: convex_server0.RegisteredQuery<"public", {
+        groupId: string;
+      }, Promise<any>>;
+      getByDomain: convex_server0.RegisteredQuery<"public", {
+        domain: string;
+      }, Promise<any>>;
+      list: convex_server0.RegisteredQuery<"public", {
+        where?: {
+          status?: "draft" | "active" | "disabled" | undefined;
+          slug?: string | undefined;
+          groupId?: string | undefined;
+        } | undefined;
+        limit?: number | undefined;
+        cursor?: string | null | undefined;
+        orderBy?: string | undefined;
+        order?: "asc" | "desc" | undefined;
+      }, Promise<any>>;
+      update: convex_server0.RegisteredMutation<"public", {
+        enterpriseId: string;
+        data: {
+          status?: "draft" | "active" | "disabled" | undefined;
+          name?: string | undefined;
+          slug?: string | undefined;
+        };
+      }, Promise<{
+        ok: false;
+        code: "NOT_SIGNED_IN" | "FORBIDDEN";
+        enterpriseId?: undefined;
+      } | {
+        ok: true;
+        enterpriseId: string;
+        code?: undefined;
+      }>>;
+      delete: convex_server0.RegisteredMutation<"public", {
+        enterpriseId: string;
+      }, Promise<any>>;
+      status: convex_server0.RegisteredQuery<"public", {
+        enterpriseId: string;
+      }, Promise<any>>;
+      domain: {
+        list: convex_server0.RegisteredQuery<"public", {
+          enterpriseId: string;
+        }, Promise<any>>;
+        validate: convex_server0.RegisteredQuery<"public", {
+          enterpriseId: string;
+        }, Promise<any>>;
+        set: convex_server0.RegisteredMutation<"public", {
+          enterpriseId: string;
+          domains: {
+            isPrimary?: boolean | undefined;
+            domain: string;
+          }[];
+        }, Promise<any>>;
+        verification: {
+          request: convex_server0.RegisteredMutation<"public", {
+            enterpriseId: string;
+            domain: string;
+          }, Promise<any>>;
+          confirm: convex_server0.RegisteredAction<"public", {
+            enterpriseId: string;
+            domain: string;
+          }, Promise<any>>;
+        };
+      };
+    };
+    oidc: {
+      configure: convex_server0.RegisteredMutation<"public", {
+        scopes?: string[] | undefined;
+        issuer?: string | undefined;
+        discoveryUrl?: string | undefined;
+        clientSecret?: string | undefined;
+        authorizationParams?: Record<string, string> | undefined;
+        clockToleranceSeconds?: number | undefined;
+        strictIssuer?: boolean | undefined;
+        extraFields?: Record<string, string> | undefined;
+        enterpriseId: string;
+        clientId: string;
+      }, Promise<any>>;
+      get: convex_server0.RegisteredQuery<"public", {
+        enterpriseId: string;
+      }, Promise<any>>;
+      validate: convex_server0.RegisteredAction<"public", {
+        enterpriseId: string;
+      }, Promise<any>>;
+    };
+    saml: {
+      configure: convex_server0.RegisteredAction<"public", {
+        domains?: string[] | undefined;
+        metadataXml?: string | undefined;
+        metadataUrl?: string | undefined;
+        signAuthnRequests?: boolean | undefined;
+        attributeMapping?: {
+          email?: string | undefined;
+          name?: string | undefined;
+          subject?: string | undefined;
+          firstName?: string | undefined;
+          lastName?: string | undefined;
+        } | undefined;
+        sp?: {
+          entityId?: string | undefined;
+          acsUrl?: string | undefined;
+          sloUrl?: string | undefined;
+          signingCert?: string | string[] | undefined;
+          encryptCert?: string | string[] | undefined;
+          privateKey?: string | undefined;
+          privateKeyPass?: string | undefined;
+          encPrivateKey?: string | undefined;
+          encPrivateKeyPass?: string | undefined;
+        } | undefined;
+        enterpriseId: string;
+      }, Promise<any>>;
+      validate: convex_server0.RegisteredQuery<"public", {
+        enterpriseId: string;
+      }, Promise<any>>;
+    };
+    policy: {
+      get: convex_server0.RegisteredQuery<"public", {
+        enterpriseId: string;
+      }, Promise<any>>;
+      update: convex_server0.RegisteredMutation<"public", {
+        enterpriseId: string;
+        patch: {
+          identity?: {
+            accountLinking?: {
+              oidc?: "verifiedEmail" | "none" | undefined;
+              saml?: "verifiedEmail" | "none" | undefined;
+            } | undefined;
+          } | undefined;
+          provisioning?: {
+            scimReuse?: {
+              user?: "none" | "externalId" | undefined;
+            } | undefined;
+            jit?: {
+              mode?: "off" | "createUser" | "createUserAndMembership" | undefined;
+              defaultRoleIds?: string[] | undefined;
+            } | undefined;
+            deprovision?: {
+              mode?: "soft" | "hard" | undefined;
+            } | undefined;
+          } | undefined;
+        };
+      }, Promise<any>>;
+      validate: convex_server0.RegisteredQuery<"public", {
+        enterpriseId: string;
+      }, Promise<any>>;
+    };
+    audit: {
+      list: convex_server0.RegisteredQuery<"public", {
+        groupId?: string | undefined;
+        enterpriseId?: string | undefined;
+        limit?: number | undefined;
+      }, Promise<any>>;
+    };
+    webhook: {
+      delivery: {
+        list: convex_server0.RegisteredQuery<"public", {
+          limit?: number | undefined;
+          enterpriseId: string;
+        }, Promise<any>>;
+      };
+      endpoint: {
+        create: convex_server0.RegisteredMutation<"public", {
+          createdByUserId?: string | undefined;
+          secret: string;
+          enterpriseId: string;
+          url: string;
+          subscriptions: string[];
+        }, Promise<{
+          ok: false;
+          code: "NOT_SIGNED_IN" | "FORBIDDEN";
+          _id?: undefined;
+          enterpriseId?: undefined;
+          url?: undefined;
+          subscriptions?: undefined;
+          createdByUserId?: undefined;
+          status?: undefined;
+          failureCount?: undefined;
+        } | {
+          _id: any;
+          enterpriseId: string;
+          url: string;
+          subscriptions: string[];
+          createdByUserId: string;
+          status: string;
+          failureCount: number;
+          ok?: undefined;
+          code?: undefined;
+        }>>;
+        list: convex_server0.RegisteredQuery<"public", {
+          enterpriseId: string;
+        }, Promise<any>>;
+        disable: convex_server0.RegisteredMutation<"public", {
+          endpointId: string;
+        }, Promise<any>>;
+      };
+    };
+  };
+  client: {
+    signIn: convex_server0.RegisteredQuery<"public", {
+      email?: string | undefined;
+      enterpriseId?: string | undefined;
+      domain?: string | undefined;
+      redirectTo?: string | undefined;
+    }, Promise<any>>;
+    metadata: convex_server0.RegisteredQuery<"public", {
+      entityId?: string | undefined;
+      acsUrl?: string | undefined;
+      sloUrl?: string | undefined;
+      enterpriseId: string;
+    }, Promise<any>>;
+  };
+};
+/**
+ * Build optional public SCIM management actions that apps can mount under
+ * `convex/auth/scim/**` when they want client-callable enterprise admin APIs.
+ *
+ * @param auth - Auth API subset providing `scim`, `sso`, and `user` namespaces.
+ * @param options - Optional admin authorization config. See {@link EnterpriseMountOptions}.
+ * @typeParam TAuthorization - Optional authorization config for typed role IDs.
+ * @returns An object with `admin.configure`, `admin.get`, and `admin.validate` actions.
+ *
+ * @example
+ * ```ts
+ * // convex/auth/scim.ts
+ * import { scim } from "@robelest/convex-auth/server";
+ * import { auth } from "../auth";
+ *
+ * const mounted = scim(auth, {
+ *   admin: {
+ *     authorized: async (ctx, input) => { /* check permissions *\/ },
+ *   },
+ * });
+ *
+ * export const configure = mounted.admin.configure;
+ * export const get = mounted.admin.get;
+ * export const validate = mounted.admin.validate;
+ * ```
+ *
+ * @see {@link sso}
+ * @see {@link enterprise}
+ */
+declare function scim<TAuthorization extends AuthAuthorizationConfig | undefined = undefined>(auth: Pick<AuthApi<TAuthorization>, "scim" | "sso" | "user">, options?: MountedEnterpriseOptions<AuthRoleId<TAuthorization>>): {
+  admin: {
+    configure: convex_server0.RegisteredMutation<"public", {
+      status?: "draft" | "active" | "disabled" | undefined;
+      basePath?: string | undefined;
+      enterpriseId: string;
+    }, Promise<any>>;
+    get: convex_server0.RegisteredQuery<"public", {
+      enterpriseId: string;
+    }, Promise<any>>;
+    validate: convex_server0.RegisteredQuery<"public", {
+      enterpriseId: string;
+    }, Promise<any>>;
+  };
+};
+/**
+ * Build a flat mounted enterprise API surface for app-owned Convex exports.
+ *
+ * Combines {@link sso} and {@link scim} into a single flat object with
+ * all SSO connection, protocol, policy, audit, webhook, and SCIM
+ * management functions plus end-user sign-in helpers. The `authorized`
+ * callback is required for all admin operations.
+ *
+ * @param auth - Auth API subset providing `group`, `member`, `scim`, `sso`, and `user` namespaces.
+ * @param options - Required {@link EnterpriseMountOptions} with an `admin.authorized` callback.
+ * @typeParam TAuthorization - Optional authorization config for typed role IDs.
+ * @returns A flat object with all enterprise management functions (e.g. `createConnection`,
+ *   `configureOidc`, `configureScim`, `signIn`, etc.).
+ *
+ * @example
+ * ```ts
+ * // convex/auth/enterprise.ts
+ * import { enterprise } from "@robelest/convex-auth/server";
+ * import { auth } from "../auth";
+ *
+ * const api = enterprise(auth, {
+ *   admin: {
+ *     authorized: async (ctx, input) => { /* check permissions *\/ },
+ *     roles: ["admin"],
+ *   },
+ * });
+ *
+ * export const createConnection = api.createConnection;
+ * export const configureOidc = api.configureOidc;
+ * export const signIn = api.signIn;
+ * ```
+ *
+ * @see {@link sso}
+ * @see {@link scim}
+ */
+declare function enterprise<TAuthorization extends AuthAuthorizationConfig | undefined = undefined>(auth: Pick<AuthApi<TAuthorization>, "group" | "member" | "scim" | "sso" | "user">, options: EnterpriseMountOptions<AuthRoleId<TAuthorization>>): {
+  createConnection: convex_server0.RegisteredMutation<"public", {
+    status?: "draft" | "active" | "disabled" | undefined;
+    name?: string | undefined;
+    slug?: string | undefined;
+    groupId?: string | undefined;
+    domain?: string | undefined;
+  }, Promise<any>>;
+  getConnection: convex_server0.RegisteredQuery<"public", {
+    enterpriseId: string;
+  }, Promise<any>>;
+  getConnectionByGroup: convex_server0.RegisteredQuery<"public", {
+    groupId: string;
+  }, Promise<any>>;
+  getConnectionByDomain: convex_server0.RegisteredQuery<"public", {
+    domain: string;
+  }, Promise<any>>;
+  listConnections: convex_server0.RegisteredQuery<"public", {
+    where?: {
+      status?: "draft" | "active" | "disabled" | undefined;
+      slug?: string | undefined;
+      groupId?: string | undefined;
+    } | undefined;
+    limit?: number | undefined;
+    cursor?: string | null | undefined;
+    orderBy?: string | undefined;
+    order?: "asc" | "desc" | undefined;
+  }, Promise<any>>;
+  updateConnection: convex_server0.RegisteredMutation<"public", {
+    enterpriseId: string;
+    data: {
+      status?: "draft" | "active" | "disabled" | undefined;
+      name?: string | undefined;
+      slug?: string | undefined;
+    };
+  }, Promise<{
+    ok: false;
+    code: "NOT_SIGNED_IN" | "FORBIDDEN";
+    enterpriseId?: undefined;
+  } | {
+    ok: true;
+    enterpriseId: string;
+    code?: undefined;
+  }>>;
+  deleteConnection: convex_server0.RegisteredMutation<"public", {
+    enterpriseId: string;
+  }, Promise<any>>;
+  getConnectionStatus: convex_server0.RegisteredQuery<"public", {
+    enterpriseId: string;
+  }, Promise<any>>;
+  listDomains: convex_server0.RegisteredQuery<"public", {
+    enterpriseId: string;
+  }, Promise<any>>;
+  validateDomains: convex_server0.RegisteredQuery<"public", {
+    enterpriseId: string;
+  }, Promise<any>>;
+  setDomains: convex_server0.RegisteredMutation<"public", {
+    enterpriseId: string;
+    domains: {
+      isPrimary?: boolean | undefined;
+      domain: string;
+    }[];
+  }, Promise<any>>;
+  requestDomainVerification: convex_server0.RegisteredMutation<"public", {
+    enterpriseId: string;
+    domain: string;
+  }, Promise<any>>;
+  confirmDomainVerification: convex_server0.RegisteredAction<"public", {
+    enterpriseId: string;
+    domain: string;
+  }, Promise<any>>;
+  configureOidc: convex_server0.RegisteredMutation<"public", {
+    scopes?: string[] | undefined;
+    issuer?: string | undefined;
+    discoveryUrl?: string | undefined;
+    clientSecret?: string | undefined;
+    authorizationParams?: Record<string, string> | undefined;
+    clockToleranceSeconds?: number | undefined;
+    strictIssuer?: boolean | undefined;
+    extraFields?: Record<string, string> | undefined;
+    enterpriseId: string;
+    clientId: string;
+  }, Promise<any>>;
+  getOidc: convex_server0.RegisteredQuery<"public", {
+    enterpriseId: string;
+  }, Promise<any>>;
+  validateOidc: convex_server0.RegisteredAction<"public", {
+    enterpriseId: string;
+  }, Promise<any>>;
+  configureSaml: convex_server0.RegisteredAction<"public", {
+    domains?: string[] | undefined;
+    metadataXml?: string | undefined;
+    metadataUrl?: string | undefined;
+    signAuthnRequests?: boolean | undefined;
+    attributeMapping?: {
+      email?: string | undefined;
+      name?: string | undefined;
+      subject?: string | undefined;
+      firstName?: string | undefined;
+      lastName?: string | undefined;
+    } | undefined;
+    sp?: {
+      entityId?: string | undefined;
+      acsUrl?: string | undefined;
+      sloUrl?: string | undefined;
+      signingCert?: string | string[] | undefined;
+      encryptCert?: string | string[] | undefined;
+      privateKey?: string | undefined;
+      privateKeyPass?: string | undefined;
+      encPrivateKey?: string | undefined;
+      encPrivateKeyPass?: string | undefined;
+    } | undefined;
+    enterpriseId: string;
+  }, Promise<any>>;
+  validateSaml: convex_server0.RegisteredQuery<"public", {
+    enterpriseId: string;
+  }, Promise<any>>;
+  getPolicy: convex_server0.RegisteredQuery<"public", {
+    enterpriseId: string;
+  }, Promise<any>>;
+  updatePolicy: convex_server0.RegisteredMutation<"public", {
+    enterpriseId: string;
+    patch: {
+      identity?: {
+        accountLinking?: {
+          oidc?: "verifiedEmail" | "none" | undefined;
+          saml?: "verifiedEmail" | "none" | undefined;
+        } | undefined;
+      } | undefined;
+      provisioning?: {
+        scimReuse?: {
+          user?: "none" | "externalId" | undefined;
+        } | undefined;
+        jit?: {
+          mode?: "off" | "createUser" | "createUserAndMembership" | undefined;
+          defaultRoleIds?: string[] | undefined;
+        } | undefined;
+        deprovision?: {
+          mode?: "soft" | "hard" | undefined;
+        } | undefined;
+      } | undefined;
+    };
+  }, Promise<any>>;
+  validatePolicy: convex_server0.RegisteredQuery<"public", {
+    enterpriseId: string;
+  }, Promise<any>>;
+  listAudit: convex_server0.RegisteredQuery<"public", {
+    groupId?: string | undefined;
+    enterpriseId?: string | undefined;
+    limit?: number | undefined;
+  }, Promise<any>>;
+  createWebhookEndpoint: convex_server0.RegisteredMutation<"public", {
+    createdByUserId?: string | undefined;
+    secret: string;
+    enterpriseId: string;
+    url: string;
+    subscriptions: string[];
+  }, Promise<{
+    ok: false;
+    code: "NOT_SIGNED_IN" | "FORBIDDEN";
+    _id?: undefined;
+    enterpriseId?: undefined;
+    url?: undefined;
+    subscriptions?: undefined;
+    createdByUserId?: undefined;
+    status?: undefined;
+    failureCount?: undefined;
+  } | {
+    _id: any;
+    enterpriseId: string;
+    url: string;
+    subscriptions: string[];
+    createdByUserId: string;
+    status: string;
+    failureCount: number;
+    ok?: undefined;
+    code?: undefined;
+  }>>;
+  listWebhookEndpoints: convex_server0.RegisteredQuery<"public", {
+    enterpriseId: string;
+  }, Promise<any>>;
+  listWebhookDeliveries: convex_server0.RegisteredQuery<"public", {
+    limit?: number | undefined;
+    enterpriseId: string;
+  }, Promise<any>>;
+  disableWebhookEndpoint: convex_server0.RegisteredMutation<"public", {
+    endpointId: string;
+  }, Promise<any>>;
+  configureScim: convex_server0.RegisteredMutation<"public", {
+    status?: "draft" | "active" | "disabled" | undefined;
+    basePath?: string | undefined;
+    enterpriseId: string;
+  }, Promise<any>>;
+  getScim: convex_server0.RegisteredQuery<"public", {
+    enterpriseId: string;
+  }, Promise<any>>;
+  validateScim: convex_server0.RegisteredQuery<"public", {
+    enterpriseId: string;
+  }, Promise<any>>;
+  signIn: convex_server0.RegisteredQuery<"public", {
+    email?: string | undefined;
+    enterpriseId?: string | undefined;
+    domain?: string | undefined;
+    redirectTo?: string | undefined;
+  }, Promise<any>>;
+  metadata: convex_server0.RegisteredQuery<"public", {
+    entityId?: string | undefined;
+    acsUrl?: string | undefined;
+    sloUrl?: string | undefined;
+    enterpriseId: string;
+  }, Promise<any>>;
+};
+//#endregion
+export { EnterpriseAdminAuthorizationInput, EnterpriseAdminPermission, EnterpriseAuthorizer, EnterpriseMountOptions, enterprise, scim, sso };
+//# sourceMappingURL=mounts.d.ts.map

package/dist/server/mounts.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"mounts.d.ts","names":[],"sources":["../../src/server/mounts.ts"],"mappings":";;;;;;;;AA+BA;;;;;AAiBA;;;;;;;;KAjBY,yBAAA;;;;AAkDZ;;;KAjCY,iCAAA;EAmCH,2DAjCP,MAAA,UAkCU;EAhCV,UAAA,EAAY,yBAAA,EA8BL;EA5BP,YAAA,WA4BA;EA1BA,OAAA,WA2BA;EAzBA,eAAA;AAAA;;;AA0BiC;;;;;;;;;AAEiB;;;;;;;;;KALxC,oBAAA,IACV,GAAA;EAAO,IAAA,EADuB,cAAA,CACO,IAAA;AAAA,GACrC,KAAA,EAAO,iCAAA,KACJ,OAAA;EAAiB,EAAA;AAAA;AAAA,KAEjB,OAAA;EAAoC,EAAA,EAAI,OAAA;AAAA;AAAA,KAExC,wBAAA;EACH,KAAA;IACE,UAAA,GAAa,oBAAA;IACb,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAA,CAAQ,OAAA;EAAA;AAAA;;;;;;;;;;;;;;;;;;;;AA6KpC;KArJY,sBAAA;EACV,KAAA;IACE,UAAA,EAAY,oBAAA;IACZ,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAA,CAAQ,OAAA;EAAA;AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAkJpB,GAAA,wBACS,uBAAA,yBAAA,CAEvB,IAAA,EAAM,IAAA,CAAK,OAAA,CAAQ,cAAA,yCACnB,OAAA,GAAU,wBAAA,CAAyB,UAAA,CAAW,cAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBA8hBhC,IAAA,wBACS,uBAAA,yBAAA,CAEvB,IAAA,EAAM,IAAA,CAAK,OAAA,CAAQ,cAAA,6BACnB,OAAA,GAAU,wBAAA,CAAyB,UAAA,CAAW,cAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAkFhC,UAAA,wBACS,uBAAA,yBAAA,CAEvB,IAAA,EAAM,IAAA,CACJ,OAAA,CAAQ,cAAA,kDAGV,OAAA,EAAS,sBAAA,CAAuB,UAAA,CAAW,cAAA"}