@robelest/convex-auth 0.0.4-preview.22 → 0.0.4-preview.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (306) hide show
  1. package/dist/authorization/index.d.ts +1 -1
  2. package/dist/authorization/index.js +1 -1
  3. package/dist/authorization/index.js.map +1 -1
  4. package/dist/client/index.d.ts +1 -2
  5. package/dist/client/index.d.ts.map +1 -1
  6. package/dist/client/index.js +36 -39
  7. package/dist/client/index.js.map +1 -1
  8. package/dist/component/client/index.d.ts +1 -2
  9. package/dist/component/model.d.ts +9 -9
  10. package/dist/component/model.d.ts.map +1 -1
  11. package/dist/component/public/enterprise/audit.d.ts.map +1 -1
  12. package/dist/component/public/enterprise/audit.js.map +1 -1
  13. package/dist/component/public/enterprise/core.d.ts.map +1 -1
  14. package/dist/component/public/enterprise/core.js.map +1 -1
  15. package/dist/component/public/enterprise/domains.d.ts.map +1 -1
  16. package/dist/component/public/enterprise/domains.js.map +1 -1
  17. package/dist/component/public/enterprise/scim.d.ts.map +1 -1
  18. package/dist/component/public/enterprise/scim.js.map +1 -1
  19. package/dist/component/public/enterprise/secrets.d.ts.map +1 -1
  20. package/dist/component/public/enterprise/secrets.js.map +1 -1
  21. package/dist/component/public/enterprise/webhooks.d.ts.map +1 -1
  22. package/dist/component/public/enterprise/webhooks.js.map +1 -1
  23. package/dist/component/public/factors/devices.d.ts.map +1 -1
  24. package/dist/component/public/factors/devices.js.map +1 -1
  25. package/dist/component/public/factors/passkeys.d.ts.map +1 -1
  26. package/dist/component/public/factors/passkeys.js.map +1 -1
  27. package/dist/component/public/factors/totp.d.ts.map +1 -1
  28. package/dist/component/public/factors/totp.js.map +1 -1
  29. package/dist/component/public/groups/core.js.map +1 -1
  30. package/dist/component/public/groups/invites.d.ts.map +1 -1
  31. package/dist/component/public/groups/invites.js.map +1 -1
  32. package/dist/component/public/groups/members.d.ts.map +1 -1
  33. package/dist/component/public/groups/members.js.map +1 -1
  34. package/dist/component/public/identity/accounts.d.ts.map +1 -1
  35. package/dist/component/public/identity/accounts.js.map +1 -1
  36. package/dist/component/public/identity/codes.d.ts.map +1 -1
  37. package/dist/component/public/identity/codes.js.map +1 -1
  38. package/dist/component/public/identity/sessions.d.ts.map +1 -1
  39. package/dist/component/public/identity/sessions.js.map +1 -1
  40. package/dist/component/public/identity/tokens.d.ts.map +1 -1
  41. package/dist/component/public/identity/tokens.js.map +1 -1
  42. package/dist/component/public/identity/users.d.ts.map +1 -1
  43. package/dist/component/public/identity/users.js.map +1 -1
  44. package/dist/component/public/identity/verifiers.d.ts.map +1 -1
  45. package/dist/component/public/identity/verifiers.js.map +1 -1
  46. package/dist/component/public/security/keys.d.ts.map +1 -1
  47. package/dist/component/public/security/keys.js.map +1 -1
  48. package/dist/component/public/security/limits.d.ts.map +1 -1
  49. package/dist/component/public/security/limits.js.map +1 -1
  50. package/dist/component/schema.d.ts +42 -42
  51. package/dist/component/server/auth.d.ts +37 -40
  52. package/dist/component/server/auth.d.ts.map +1 -1
  53. package/dist/component/server/auth.js +57 -23
  54. package/dist/component/server/auth.js.map +1 -1
  55. package/dist/component/server/core.js +116 -235
  56. package/dist/component/server/core.js.map +1 -1
  57. package/dist/component/server/crypto.js +25 -7
  58. package/dist/component/server/crypto.js.map +1 -1
  59. package/dist/component/server/device.js +58 -15
  60. package/dist/component/server/device.js.map +1 -1
  61. package/dist/component/server/enterprise/domain.js +148 -59
  62. package/dist/component/server/enterprise/domain.js.map +1 -1
  63. package/dist/component/server/enterprise/http.js +36 -15
  64. package/dist/component/server/enterprise/http.js.map +1 -1
  65. package/dist/component/server/enterprise/oidc.js +1 -1
  66. package/dist/component/server/http.js +26 -21
  67. package/dist/component/server/http.js.map +1 -1
  68. package/dist/component/server/identity.js +5 -2
  69. package/dist/component/server/identity.js.map +1 -1
  70. package/dist/component/server/limits.js +21 -30
  71. package/dist/component/server/limits.js.map +1 -1
  72. package/dist/component/server/mutations/account.js +12 -10
  73. package/dist/component/server/mutations/account.js.map +1 -1
  74. package/dist/component/server/mutations/code.js +5 -2
  75. package/dist/component/server/mutations/code.js.map +1 -1
  76. package/dist/component/server/mutations/invalidate.js +1 -1
  77. package/dist/component/server/mutations/invalidate.js.map +1 -1
  78. package/dist/component/server/mutations/oauth.js +10 -4
  79. package/dist/component/server/mutations/oauth.js.map +1 -1
  80. package/dist/component/server/mutations/refresh.js +2 -2
  81. package/dist/component/server/mutations/refresh.js.map +1 -1
  82. package/dist/component/server/mutations/register.js +46 -42
  83. package/dist/component/server/mutations/register.js.map +1 -1
  84. package/dist/component/server/mutations/retrieve.js +21 -25
  85. package/dist/component/server/mutations/retrieve.js.map +1 -1
  86. package/dist/component/server/mutations/signature.js +10 -4
  87. package/dist/component/server/mutations/signature.js.map +1 -1
  88. package/dist/component/server/mutations/signout.js.map +1 -1
  89. package/dist/component/server/mutations/store.js +9 -24
  90. package/dist/component/server/mutations/store.js.map +1 -1
  91. package/dist/component/server/mutations/verifier.js.map +1 -1
  92. package/dist/component/server/mutations/verify.js +1 -1
  93. package/dist/component/server/mutations/verify.js.map +1 -1
  94. package/dist/component/server/oauth.js +53 -16
  95. package/dist/component/server/oauth.js.map +1 -1
  96. package/dist/component/server/passkey.js +115 -31
  97. package/dist/component/server/passkey.js.map +1 -1
  98. package/dist/component/server/redirects.js +9 -3
  99. package/dist/component/server/redirects.js.map +1 -1
  100. package/dist/component/server/refresh.js +10 -7
  101. package/dist/component/server/refresh.js.map +1 -1
  102. package/dist/component/server/runtime.d.ts +1 -1
  103. package/dist/component/server/runtime.d.ts.map +1 -1
  104. package/dist/component/server/runtime.js +62 -20
  105. package/dist/component/server/runtime.js.map +1 -1
  106. package/dist/component/server/signin.js +34 -10
  107. package/dist/component/server/signin.js.map +1 -1
  108. package/dist/component/server/totp.js +79 -19
  109. package/dist/component/server/totp.js.map +1 -1
  110. package/dist/component/server/types.d.ts +12 -20
  111. package/dist/component/server/types.d.ts.map +1 -1
  112. package/dist/component/server/types.js.map +1 -1
  113. package/dist/component/server/users.js +6 -3
  114. package/dist/component/server/users.js.map +1 -1
  115. package/dist/component/server/utils.js +10 -4
  116. package/dist/component/server/utils.js.map +1 -1
  117. package/dist/core/types.d.ts +14 -22
  118. package/dist/core/types.d.ts.map +1 -1
  119. package/dist/factors/device.js +8 -9
  120. package/dist/factors/device.js.map +1 -1
  121. package/dist/factors/passkey.js +18 -21
  122. package/dist/factors/passkey.js.map +1 -1
  123. package/dist/providers/password.js +66 -81
  124. package/dist/providers/password.js.map +1 -1
  125. package/dist/runtime/invite.js +2 -8
  126. package/dist/runtime/invite.js.map +1 -1
  127. package/dist/server/auth.d.ts +37 -40
  128. package/dist/server/auth.d.ts.map +1 -1
  129. package/dist/server/auth.js +57 -23
  130. package/dist/server/auth.js.map +1 -1
  131. package/dist/server/core.d.ts +71 -159
  132. package/dist/server/core.d.ts.map +1 -1
  133. package/dist/server/core.js +116 -235
  134. package/dist/server/core.js.map +1 -1
  135. package/dist/server/crypto.d.ts.map +1 -1
  136. package/dist/server/crypto.js +25 -7
  137. package/dist/server/crypto.js.map +1 -1
  138. package/dist/server/device.js +58 -15
  139. package/dist/server/device.js.map +1 -1
  140. package/dist/server/enterprise/domain.d.ts +0 -8
  141. package/dist/server/enterprise/domain.d.ts.map +1 -1
  142. package/dist/server/enterprise/domain.js +148 -59
  143. package/dist/server/enterprise/domain.js.map +1 -1
  144. package/dist/server/enterprise/http.d.ts.map +1 -1
  145. package/dist/server/enterprise/http.js +35 -14
  146. package/dist/server/enterprise/http.js.map +1 -1
  147. package/dist/server/http.d.ts +2 -2
  148. package/dist/server/http.d.ts.map +1 -1
  149. package/dist/server/http.js +25 -20
  150. package/dist/server/http.js.map +1 -1
  151. package/dist/server/identity.js +5 -2
  152. package/dist/server/identity.js.map +1 -1
  153. package/dist/server/index.d.ts +2 -2
  154. package/dist/server/limits.js +21 -30
  155. package/dist/server/limits.js.map +1 -1
  156. package/dist/server/mounts.d.ts +24 -62
  157. package/dist/server/mounts.d.ts.map +1 -1
  158. package/dist/server/mounts.js +45 -106
  159. package/dist/server/mounts.js.map +1 -1
  160. package/dist/server/mutations/account.d.ts +8 -9
  161. package/dist/server/mutations/account.d.ts.map +1 -1
  162. package/dist/server/mutations/account.js +11 -9
  163. package/dist/server/mutations/account.js.map +1 -1
  164. package/dist/server/mutations/code.d.ts +12 -12
  165. package/dist/server/mutations/code.d.ts.map +1 -1
  166. package/dist/server/mutations/code.js +5 -2
  167. package/dist/server/mutations/code.js.map +1 -1
  168. package/dist/server/mutations/invalidate.d.ts +4 -4
  169. package/dist/server/mutations/invalidate.d.ts.map +1 -1
  170. package/dist/server/mutations/invalidate.js.map +1 -1
  171. package/dist/server/mutations/oauth.d.ts +14 -12
  172. package/dist/server/mutations/oauth.d.ts.map +1 -1
  173. package/dist/server/mutations/oauth.js +9 -3
  174. package/dist/server/mutations/oauth.js.map +1 -1
  175. package/dist/server/mutations/refresh.d.ts +3 -3
  176. package/dist/server/mutations/refresh.d.ts.map +1 -1
  177. package/dist/server/mutations/refresh.js +1 -1
  178. package/dist/server/mutations/refresh.js.map +1 -1
  179. package/dist/server/mutations/register.d.ts +11 -11
  180. package/dist/server/mutations/register.d.ts.map +1 -1
  181. package/dist/server/mutations/register.js +45 -41
  182. package/dist/server/mutations/register.js.map +1 -1
  183. package/dist/server/mutations/retrieve.d.ts +6 -6
  184. package/dist/server/mutations/retrieve.d.ts.map +1 -1
  185. package/dist/server/mutations/retrieve.js +20 -24
  186. package/dist/server/mutations/retrieve.js.map +1 -1
  187. package/dist/server/mutations/signature.d.ts +6 -7
  188. package/dist/server/mutations/signature.d.ts.map +1 -1
  189. package/dist/server/mutations/signature.js +9 -3
  190. package/dist/server/mutations/signature.js.map +1 -1
  191. package/dist/server/mutations/signin.d.ts +5 -5
  192. package/dist/server/mutations/signin.d.ts.map +1 -1
  193. package/dist/server/mutations/signout.js.map +1 -1
  194. package/dist/server/mutations/store.d.ts +83 -83
  195. package/dist/server/mutations/store.js +8 -23
  196. package/dist/server/mutations/store.js.map +1 -1
  197. package/dist/server/mutations/verifier.js.map +1 -1
  198. package/dist/server/mutations/verify.d.ts +7 -7
  199. package/dist/server/mutations/verify.d.ts.map +1 -1
  200. package/dist/server/mutations/verify.js.map +1 -1
  201. package/dist/server/oauth.js +53 -16
  202. package/dist/server/oauth.js.map +1 -1
  203. package/dist/server/passkey.d.ts +2 -2
  204. package/dist/server/passkey.d.ts.map +1 -1
  205. package/dist/server/passkey.js +114 -30
  206. package/dist/server/passkey.js.map +1 -1
  207. package/dist/server/redirects.js +9 -3
  208. package/dist/server/redirects.js.map +1 -1
  209. package/dist/server/refresh.js +10 -7
  210. package/dist/server/refresh.js.map +1 -1
  211. package/dist/server/runtime.d.ts +7 -7
  212. package/dist/server/runtime.d.ts.map +1 -1
  213. package/dist/server/runtime.js +61 -19
  214. package/dist/server/runtime.js.map +1 -1
  215. package/dist/server/signin.js +34 -10
  216. package/dist/server/signin.js.map +1 -1
  217. package/dist/server/ssr.d.ts.map +1 -1
  218. package/dist/server/ssr.js +175 -184
  219. package/dist/server/ssr.js.map +1 -1
  220. package/dist/server/totp.js +78 -18
  221. package/dist/server/totp.js.map +1 -1
  222. package/dist/server/types.d.ts +13 -21
  223. package/dist/server/types.d.ts.map +1 -1
  224. package/dist/server/types.js.map +1 -1
  225. package/dist/server/users.js +6 -3
  226. package/dist/server/users.js.map +1 -1
  227. package/dist/server/utils.js +10 -4
  228. package/dist/server/utils.js.map +1 -1
  229. package/package.json +1 -5
  230. package/src/authorization/index.ts +1 -1
  231. package/src/client/core/types.ts +14 -14
  232. package/src/client/factors/device.ts +10 -12
  233. package/src/client/factors/passkey.ts +23 -26
  234. package/src/client/index.ts +54 -64
  235. package/src/client/runtime/invite.ts +5 -7
  236. package/src/component/index.ts +1 -1
  237. package/src/component/public/enterprise/audit.ts +6 -1
  238. package/src/component/public/enterprise/core.ts +1 -0
  239. package/src/component/public/enterprise/domains.ts +5 -1
  240. package/src/component/public/enterprise/scim.ts +1 -0
  241. package/src/component/public/enterprise/secrets.ts +1 -0
  242. package/src/component/public/enterprise/webhooks.ts +1 -0
  243. package/src/component/public/factors/devices.ts +1 -0
  244. package/src/component/public/factors/passkeys.ts +1 -0
  245. package/src/component/public/factors/totp.ts +1 -0
  246. package/src/component/public/groups/core.ts +1 -1
  247. package/src/component/public/groups/invites.ts +7 -1
  248. package/src/component/public/groups/members.ts +1 -0
  249. package/src/component/public/identity/accounts.ts +1 -0
  250. package/src/component/public/identity/codes.ts +1 -0
  251. package/src/component/public/identity/sessions.ts +1 -0
  252. package/src/component/public/identity/tokens.ts +1 -0
  253. package/src/component/public/identity/users.ts +1 -0
  254. package/src/component/public/identity/verifiers.ts +1 -0
  255. package/src/component/public/security/keys.ts +1 -0
  256. package/src/component/public/security/limits.ts +1 -0
  257. package/src/providers/password.ts +89 -110
  258. package/src/server/auth.ts +92 -70
  259. package/src/server/core.ts +197 -233
  260. package/src/server/crypto.ts +31 -29
  261. package/src/server/device.ts +65 -32
  262. package/src/server/enterprise/domain.ts +158 -170
  263. package/src/server/enterprise/http.ts +46 -39
  264. package/src/server/http.ts +36 -30
  265. package/src/server/identity.ts +5 -5
  266. package/src/server/index.ts +1 -1
  267. package/src/server/limits.ts +53 -80
  268. package/src/server/mounts.ts +47 -74
  269. package/src/server/mutations/account.ts +22 -36
  270. package/src/server/mutations/code.ts +6 -6
  271. package/src/server/mutations/invalidate.ts +1 -1
  272. package/src/server/mutations/oauth.ts +14 -8
  273. package/src/server/mutations/refresh.ts +5 -4
  274. package/src/server/mutations/register.ts +87 -132
  275. package/src/server/mutations/retrieve.ts +44 -44
  276. package/src/server/mutations/signature.ts +13 -6
  277. package/src/server/mutations/signout.ts +1 -1
  278. package/src/server/mutations/store.ts +16 -31
  279. package/src/server/mutations/verifier.ts +1 -1
  280. package/src/server/mutations/verify.ts +3 -5
  281. package/src/server/oauth.ts +60 -69
  282. package/src/server/passkey.ts +567 -517
  283. package/src/server/redirects.ts +10 -6
  284. package/src/server/refresh.ts +14 -18
  285. package/src/server/runtime.ts +70 -55
  286. package/src/server/signin.ts +44 -37
  287. package/src/server/ssr.ts +390 -407
  288. package/src/server/totp.ts +85 -35
  289. package/src/server/types.ts +19 -22
  290. package/src/server/users.ts +7 -6
  291. package/src/server/utils.ts +10 -12
  292. package/dist/component/server/authError.js +0 -34
  293. package/dist/component/server/authError.js.map +0 -1
  294. package/dist/component/server/errors.d.ts +0 -1
  295. package/dist/component/server/errors.js +0 -137
  296. package/dist/component/server/errors.js.map +0 -1
  297. package/dist/server/authError.d.ts +0 -46
  298. package/dist/server/authError.d.ts.map +0 -1
  299. package/dist/server/authError.js +0 -34
  300. package/dist/server/authError.js.map +0 -1
  301. package/dist/server/errors.d.ts +0 -177
  302. package/dist/server/errors.d.ts.map +0 -1
  303. package/dist/server/errors.js +0 -212
  304. package/dist/server/errors.js.map +0 -1
  305. package/src/server/authError.ts +0 -44
  306. package/src/server/errors.ts +0 -290
@@ -16,9 +16,9 @@ declare const _default: convex_server66.SchemaDefinition<{
16
16
  */
17
17
  User: convex_server66.TableDefinition<convex_values121.VObject<{
18
18
  phone?: string | undefined;
19
- email?: string | undefined;
20
- name?: string | undefined;
21
19
  extend?: any;
20
+ name?: string | undefined;
21
+ email?: string | undefined;
22
22
  image?: string | undefined;
23
23
  emailVerificationTime?: number | undefined;
24
24
  phoneVerificationTime?: number | undefined;
@@ -32,7 +32,7 @@ declare const _default: convex_server66.SchemaDefinition<{
32
32
  phoneVerificationTime: convex_values121.VFloat64<number | undefined, "optional">;
33
33
  isAnonymous: convex_values121.VBoolean<boolean | undefined, "optional">;
34
34
  extend: convex_values121.VAny<any, "optional", string>;
35
- }, "required", "phone" | "email" | "name" | "extend" | "image" | "emailVerificationTime" | "phoneVerificationTime" | "isAnonymous" | `extend.${string}`>, {
35
+ }, "required", "phone" | "extend" | "name" | "email" | "image" | "emailVerificationTime" | "phoneVerificationTime" | "isAnonymous" | `extend.${string}`>, {
36
36
  email: ["email", "_creationTime"];
37
37
  email_verified: ["email", "emailVerificationTime", "_creationTime"];
38
38
  phone: ["phone", "_creationTime"];
@@ -107,9 +107,9 @@ declare const _default: convex_server66.SchemaDefinition<{
107
107
  verifier?: string | undefined;
108
108
  emailVerified?: string | undefined;
109
109
  phoneVerified?: string | undefined;
110
- code: string;
111
110
  provider: string;
112
111
  accountId: convex_values121.GenericId<"Account">;
112
+ code: string;
113
113
  expirationTime: number;
114
114
  }, {
115
115
  accountId: convex_values121.VId<convex_values121.GenericId<"Account">, "required">;
@@ -119,7 +119,7 @@ declare const _default: convex_server66.SchemaDefinition<{
119
119
  verifier: convex_values121.VString<string | undefined, "optional">;
120
120
  emailVerified: convex_values121.VString<string | undefined, "optional">;
121
121
  phoneVerified: convex_values121.VString<string | undefined, "optional">;
122
- }, "required", "code" | "provider" | "verifier" | "accountId" | "expirationTime" | "emailVerified" | "phoneVerified">, {
122
+ }, "required", "provider" | "verifier" | "accountId" | "code" | "expirationTime" | "emailVerified" | "phoneVerified">, {
123
123
  account_id: ["accountId", "_creationTime"];
124
124
  code: ["code", "_creationTime"];
125
125
  }, {}, {}>;
@@ -247,9 +247,9 @@ declare const _default: convex_server66.SchemaDefinition<{
247
247
  * organizations, teams, departments, or any tree structure.
248
248
  */
249
249
  Group: convex_server66.TableDefinition<convex_values121.VObject<{
250
- slug?: string | undefined;
251
250
  type?: string | undefined;
252
251
  extend?: any;
252
+ slug?: string | undefined;
253
253
  parentGroupId?: convex_values121.GenericId<"Group"> | undefined;
254
254
  rootGroupId?: convex_values121.GenericId<"Group"> | undefined;
255
255
  isRoot?: boolean | undefined;
@@ -276,7 +276,7 @@ declare const _default: convex_server66.SchemaDefinition<{
276
276
  value: convex_values121.VString<string, "required">;
277
277
  }, "required", "value" | "key">, "optional">;
278
278
  extend: convex_values121.VAny<any, "optional", string>;
279
- }, "required", "name" | "slug" | "type" | "extend" | `extend.${string}` | "parentGroupId" | "rootGroupId" | "isRoot" | "tags">, {
279
+ }, "required", "type" | "extend" | "name" | "slug" | `extend.${string}` | "parentGroupId" | "rootGroupId" | "isRoot" | "tags">, {
280
280
  slug: ["slug", "_creationTime"];
281
281
  parent_group_id: ["parentGroupId", "_creationTime"];
282
282
  root_group_id: ["rootGroupId", "_creationTime"];
@@ -308,8 +308,8 @@ declare const _default: convex_server66.SchemaDefinition<{
308
308
  * member of multiple groups with different roles in each.
309
309
  */
310
310
  GroupMember: convex_server66.TableDefinition<convex_values121.VObject<{
311
- status?: string | undefined;
312
311
  extend?: any;
312
+ status?: string | undefined;
313
313
  role?: string | undefined;
314
314
  roleIds?: string[] | undefined;
315
315
  groupId: convex_values121.GenericId<"Group">;
@@ -321,7 +321,7 @@ declare const _default: convex_server66.SchemaDefinition<{
321
321
  roleIds: convex_values121.VArray<string[] | undefined, convex_values121.VString<string, "required">, "optional">;
322
322
  status: convex_values121.VString<string | undefined, "optional">;
323
323
  extend: convex_values121.VAny<any, "optional", string>;
324
- }, "required", "status" | "groupId" | "extend" | "userId" | `extend.${string}` | "role" | "roleIds">, {
324
+ }, "required", "groupId" | "extend" | "status" | "userId" | `extend.${string}` | "role" | "roleIds">, {
325
325
  group_id: ["groupId", "_creationTime"];
326
326
  group_id_user_id: ["groupId", "userId", "_creationTime"];
327
327
  group_id_status: ["groupId", "status", "_creationTime"];
@@ -336,9 +336,9 @@ declare const _default: convex_server66.SchemaDefinition<{
336
336
  * invite links where neither is known upfront.
337
337
  */
338
338
  GroupInvite: convex_server66.TableDefinition<convex_values121.VObject<{
339
- email?: string | undefined;
340
339
  groupId?: convex_values121.GenericId<"Group"> | undefined;
341
340
  extend?: any;
341
+ email?: string | undefined;
342
342
  role?: string | undefined;
343
343
  roleIds?: string[] | undefined;
344
344
  invitedByUserId?: convex_values121.GenericId<"User"> | undefined;
@@ -359,7 +359,7 @@ declare const _default: convex_server66.SchemaDefinition<{
359
359
  acceptedByUserId: convex_values121.VId<convex_values121.GenericId<"User"> | undefined, "optional">;
360
360
  acceptedTime: convex_values121.VFloat64<number | undefined, "optional">;
361
361
  extend: convex_values121.VAny<any, "optional", string>;
362
- }, "required", "email" | "status" | "groupId" | "tokenHash" | "extend" | `extend.${string}` | "role" | "roleIds" | "invitedByUserId" | "expiresTime" | "acceptedByUserId" | "acceptedTime">, {
362
+ }, "required", "groupId" | "extend" | "status" | "email" | `extend.${string}` | "role" | "roleIds" | "invitedByUserId" | "tokenHash" | "expiresTime" | "acceptedByUserId" | "acceptedTime">, {
363
363
  token_hash: ["tokenHash", "_creationTime"];
364
364
  status: ["status", "_creationTime"];
365
365
  email_status: ["email", "status", "_creationTime"];
@@ -375,6 +375,7 @@ declare const _default: convex_server66.SchemaDefinition<{
375
375
  * field addition.
376
376
  */
377
377
  Enterprise: convex_server66.TableDefinition<convex_values121.VObject<{
378
+ extend?: any;
378
379
  name?: string | undefined;
379
380
  slug?: string | undefined;
380
381
  policy?: {
@@ -382,8 +383,8 @@ declare const _default: convex_server66.SchemaDefinition<{
382
383
  version: 1;
383
384
  identity: {
384
385
  accountLinking: {
385
- saml: "verifiedEmail" | "none";
386
386
  oidc: "verifiedEmail" | "none";
387
+ saml: "verifiedEmail" | "none";
387
388
  };
388
389
  };
389
390
  provisioning: {
@@ -400,10 +401,9 @@ declare const _default: convex_server66.SchemaDefinition<{
400
401
  };
401
402
  };
402
403
  } | undefined;
403
- extend?: any;
404
404
  config?: any;
405
- status: "draft" | "active" | "disabled";
406
405
  groupId: convex_values121.GenericId<"Group">;
406
+ status: "draft" | "active" | "disabled";
407
407
  }, {
408
408
  groupId: convex_values121.VId<convex_values121.GenericId<"Group">, "required">;
409
409
  slug: convex_values121.VString<string | undefined, "optional">;
@@ -414,8 +414,8 @@ declare const _default: convex_server66.SchemaDefinition<{
414
414
  version: 1;
415
415
  identity: {
416
416
  accountLinking: {
417
- saml: "verifiedEmail" | "none";
418
417
  oidc: "verifiedEmail" | "none";
418
+ saml: "verifiedEmail" | "none";
419
419
  };
420
420
  };
421
421
  provisioning: {
@@ -435,18 +435,18 @@ declare const _default: convex_server66.SchemaDefinition<{
435
435
  version: convex_values121.VLiteral<1, "required">;
436
436
  identity: convex_values121.VObject<{
437
437
  accountLinking: {
438
- saml: "verifiedEmail" | "none";
439
438
  oidc: "verifiedEmail" | "none";
439
+ saml: "verifiedEmail" | "none";
440
440
  };
441
441
  }, {
442
442
  accountLinking: convex_values121.VObject<{
443
- saml: "verifiedEmail" | "none";
444
443
  oidc: "verifiedEmail" | "none";
444
+ saml: "verifiedEmail" | "none";
445
445
  }, {
446
446
  oidc: convex_values121.VUnion<"verifiedEmail" | "none", [convex_values121.VLiteral<"verifiedEmail", "required">, convex_values121.VLiteral<"none", "required">], "required", never>;
447
447
  saml: convex_values121.VUnion<"verifiedEmail" | "none", [convex_values121.VLiteral<"verifiedEmail", "required">, convex_values121.VLiteral<"none", "required">], "required", never>;
448
- }, "required", "saml" | "oidc">;
449
- }, "required", "accountLinking" | "accountLinking.saml" | "accountLinking.oidc">;
448
+ }, "required", "oidc" | "saml">;
449
+ }, "required", "accountLinking" | "accountLinking.oidc" | "accountLinking.saml">;
450
450
  provisioning: convex_values121.VObject<{
451
451
  scimReuse: {
452
452
  user: "none" | "externalId";
@@ -481,10 +481,10 @@ declare const _default: convex_server66.SchemaDefinition<{
481
481
  }, "required", "mode">;
482
482
  }, "required", "scimReuse" | "jit" | "deprovision" | "scimReuse.user" | "jit.mode" | "jit.defaultRole" | "jit.defaultRoleIds" | "deprovision.mode">;
483
483
  extend: convex_values121.VAny<any, "optional", string>;
484
- }, "optional", "extend" | `extend.${string}` | "version" | "identity" | "provisioning" | "identity.accountLinking" | "identity.accountLinking.saml" | "identity.accountLinking.oidc" | "provisioning.scimReuse" | "provisioning.jit" | "provisioning.deprovision" | "provisioning.scimReuse.user" | "provisioning.jit.mode" | "provisioning.jit.defaultRole" | "provisioning.jit.defaultRoleIds" | "provisioning.deprovision.mode">;
484
+ }, "optional", "extend" | `extend.${string}` | "version" | "identity" | "provisioning" | "identity.accountLinking" | "identity.accountLinking.oidc" | "identity.accountLinking.saml" | "provisioning.scimReuse" | "provisioning.jit" | "provisioning.deprovision" | "provisioning.scimReuse.user" | "provisioning.jit.mode" | "provisioning.jit.defaultRole" | "provisioning.jit.defaultRoleIds" | "provisioning.deprovision.mode">;
485
485
  config: convex_values121.VAny<any, "optional", string>;
486
486
  extend: convex_values121.VAny<any, "optional", string>;
487
- }, "required", "name" | "slug" | "status" | "groupId" | "policy" | "extend" | `extend.${string}` | "config" | "policy.extend" | `policy.extend.${string}` | "policy.version" | "policy.identity" | "policy.provisioning" | "policy.identity.accountLinking" | "policy.identity.accountLinking.saml" | "policy.identity.accountLinking.oidc" | "policy.provisioning.scimReuse" | "policy.provisioning.jit" | "policy.provisioning.deprovision" | "policy.provisioning.scimReuse.user" | "policy.provisioning.jit.mode" | "policy.provisioning.jit.defaultRole" | "policy.provisioning.jit.defaultRoleIds" | "policy.provisioning.deprovision.mode" | `config.${string}`>, {
487
+ }, "required", "groupId" | "extend" | "name" | "slug" | "status" | `extend.${string}` | "policy" | "config" | "policy.extend" | `policy.extend.${string}` | "policy.version" | "policy.identity" | "policy.provisioning" | "policy.identity.accountLinking" | "policy.identity.accountLinking.oidc" | "policy.identity.accountLinking.saml" | "policy.provisioning.scimReuse" | "policy.provisioning.jit" | "policy.provisioning.deprovision" | "policy.provisioning.scimReuse.user" | "policy.provisioning.jit.mode" | "policy.provisioning.jit.defaultRole" | "policy.provisioning.jit.defaultRoleIds" | "policy.provisioning.deprovision.mode" | `config.${string}`>, {
488
488
  group_id: ["groupId", "_creationTime"];
489
489
  slug: ["slug", "_creationTime"];
490
490
  status: ["status", "_creationTime"];
@@ -494,9 +494,9 @@ declare const _default: convex_server66.SchemaDefinition<{
494
494
  */
495
495
  EnterpriseDomain: convex_server66.TableDefinition<convex_values121.VObject<{
496
496
  verifiedAt?: number | undefined;
497
- enterpriseId: convex_values121.GenericId<"Enterprise">;
498
497
  groupId: convex_values121.GenericId<"Group">;
499
498
  domain: string;
499
+ enterpriseId: convex_values121.GenericId<"Enterprise">;
500
500
  isPrimary: boolean;
501
501
  }, {
502
502
  enterpriseId: convex_values121.VId<convex_values121.GenericId<"Enterprise">, "required">;
@@ -504,7 +504,7 @@ declare const _default: convex_server66.SchemaDefinition<{
504
504
  domain: convex_values121.VString<string, "required">;
505
505
  isPrimary: convex_values121.VBoolean<boolean, "required">;
506
506
  verifiedAt: convex_values121.VFloat64<number | undefined, "optional">;
507
- }, "required", "enterpriseId" | "groupId" | "domain" | "verifiedAt" | "isPrimary">, {
507
+ }, "required", "groupId" | "domain" | "enterpriseId" | "isPrimary" | "verifiedAt">, {
508
508
  enterprise_id: ["enterpriseId", "_creationTime"];
509
509
  group_id: ["groupId", "_creationTime"];
510
510
  domain: ["domain", "_creationTime"];
@@ -513,11 +513,11 @@ declare const _default: convex_server66.SchemaDefinition<{
513
513
  * Pending DNS TXT verification challenges for enterprise domains.
514
514
  */
515
515
  EnterpriseDomainVerification: convex_server66.TableDefinition<convex_values121.VObject<{
516
- enterpriseId: convex_values121.GenericId<"Enterprise">;
517
516
  groupId: convex_values121.GenericId<"Group">;
518
517
  domain: string;
519
- tokenHash: string;
520
518
  expiresAt: number;
519
+ tokenHash: string;
520
+ enterpriseId: convex_values121.GenericId<"Enterprise">;
521
521
  domainId: convex_values121.GenericId<"EnterpriseDomain">;
522
522
  recordName: string;
523
523
  token: string;
@@ -532,7 +532,7 @@ declare const _default: convex_server66.SchemaDefinition<{
532
532
  tokenHash: convex_values121.VString<string, "required">;
533
533
  requestedAt: convex_values121.VFloat64<number, "required">;
534
534
  expiresAt: convex_values121.VFloat64<number, "required">;
535
- }, "required", "enterpriseId" | "groupId" | "domain" | "tokenHash" | "expiresAt" | "domainId" | "recordName" | "token" | "requestedAt">, {
535
+ }, "required", "groupId" | "domain" | "expiresAt" | "tokenHash" | "enterpriseId" | "domainId" | "recordName" | "token" | "requestedAt">, {
536
536
  enterprise_id: ["enterpriseId", "_creationTime"];
537
537
  domain_id: ["domainId", "_creationTime"];
538
538
  token_hash: ["tokenHash", "_creationTime"];
@@ -541,9 +541,9 @@ declare const _default: convex_server66.SchemaDefinition<{
541
541
  * Encrypted enterprise secrets stored separately from protocol config.
542
542
  */
543
543
  EnterpriseSecret: convex_server66.TableDefinition<convex_values121.VObject<{
544
- enterpriseId: convex_values121.GenericId<"Enterprise">;
545
544
  groupId: convex_values121.GenericId<"Group">;
546
545
  kind: "oidc_client_secret";
546
+ enterpriseId: convex_values121.GenericId<"Enterprise">;
547
547
  ciphertext: string;
548
548
  updatedAt: number;
549
549
  }, {
@@ -552,7 +552,7 @@ declare const _default: convex_server66.SchemaDefinition<{
552
552
  kind: convex_values121.VUnion<"oidc_client_secret", [convex_values121.VLiteral<"oidc_client_secret", "required">], "required", never>;
553
553
  ciphertext: convex_values121.VString<string, "required">;
554
554
  updatedAt: convex_values121.VFloat64<number, "required">;
555
- }, "required", "enterpriseId" | "groupId" | "kind" | "ciphertext" | "updatedAt">, {
555
+ }, "required", "groupId" | "kind" | "enterpriseId" | "ciphertext" | "updatedAt">, {
556
556
  enterprise_id: ["enterpriseId", "_creationTime"];
557
557
  enterprise_id_kind: ["enterpriseId", "kind", "_creationTime"];
558
558
  group_id: ["groupId", "_creationTime"];
@@ -563,10 +563,10 @@ declare const _default: convex_server66.SchemaDefinition<{
563
563
  EnterpriseScimConfig: convex_server66.TableDefinition<convex_values121.VObject<{
564
564
  extend?: any;
565
565
  lastRotatedAt?: number | undefined;
566
- status: "draft" | "active" | "disabled";
567
- enterpriseId: convex_values121.GenericId<"Enterprise">;
568
566
  groupId: convex_values121.GenericId<"Group">;
567
+ status: "draft" | "active" | "disabled";
569
568
  tokenHash: string;
569
+ enterpriseId: convex_values121.GenericId<"Enterprise">;
570
570
  basePath: string;
571
571
  }, {
572
572
  enterpriseId: convex_values121.VId<convex_values121.GenericId<"Enterprise">, "required">;
@@ -576,7 +576,7 @@ declare const _default: convex_server66.SchemaDefinition<{
576
576
  tokenHash: convex_values121.VString<string, "required">;
577
577
  lastRotatedAt: convex_values121.VFloat64<number | undefined, "optional">;
578
578
  extend: convex_values121.VAny<any, "optional", string>;
579
- }, "required", "status" | "enterpriseId" | "groupId" | "tokenHash" | "basePath" | "extend" | `extend.${string}` | "lastRotatedAt">, {
579
+ }, "required", "groupId" | "extend" | "status" | `extend.${string}` | "tokenHash" | "enterpriseId" | "basePath" | "lastRotatedAt">, {
580
580
  enterprise_id: ["enterpriseId", "_creationTime"];
581
581
  group_id: ["groupId", "_creationTime"];
582
582
  token_hash: ["tokenHash", "_creationTime"];
@@ -587,25 +587,25 @@ declare const _default: convex_server66.SchemaDefinition<{
587
587
  */
588
588
  EnterpriseScimIdentity: convex_server66.TableDefinition<convex_values121.VObject<{
589
589
  active?: boolean | undefined;
590
- lastProvisionedAt?: number | undefined;
591
590
  userId?: convex_values121.GenericId<"User"> | undefined;
592
591
  mappedGroupId?: convex_values121.GenericId<"Group"> | undefined;
592
+ lastProvisionedAt?: number | undefined;
593
593
  raw?: any;
594
- enterpriseId: convex_values121.GenericId<"Enterprise">;
595
594
  groupId: convex_values121.GenericId<"Group">;
596
595
  externalId: string;
597
- resourceType: "user" | "group";
596
+ enterpriseId: convex_values121.GenericId<"Enterprise">;
597
+ resourceType: "group" | "user";
598
598
  }, {
599
599
  enterpriseId: convex_values121.VId<convex_values121.GenericId<"Enterprise">, "required">;
600
600
  groupId: convex_values121.VId<convex_values121.GenericId<"Group">, "required">;
601
- resourceType: convex_values121.VUnion<"user" | "group", [convex_values121.VLiteral<"user", "required">, convex_values121.VLiteral<"group", "required">], "required", never>;
601
+ resourceType: convex_values121.VUnion<"group" | "user", [convex_values121.VLiteral<"user", "required">, convex_values121.VLiteral<"group", "required">], "required", never>;
602
602
  externalId: convex_values121.VString<string, "required">;
603
603
  userId: convex_values121.VId<convex_values121.GenericId<"User"> | undefined, "optional">;
604
604
  mappedGroupId: convex_values121.VId<convex_values121.GenericId<"Group"> | undefined, "optional">;
605
605
  lastProvisionedAt: convex_values121.VFloat64<number | undefined, "optional">;
606
606
  active: convex_values121.VBoolean<boolean | undefined, "optional">;
607
607
  raw: convex_values121.VAny<any, "optional", string>;
608
- }, "required", "active" | "enterpriseId" | "groupId" | "lastProvisionedAt" | "userId" | "externalId" | "resourceType" | "mappedGroupId" | "raw" | `raw.${string}`>, {
608
+ }, "required", "groupId" | "active" | "userId" | "externalId" | "enterpriseId" | "resourceType" | "mappedGroupId" | "lastProvisionedAt" | "raw" | `raw.${string}`>, {
609
609
  enterprise_id: ["enterpriseId", "_creationTime"];
610
610
  group_id: ["groupId", "_creationTime"];
611
611
  enterprise_id_resource_type_external_id: ["enterpriseId", "resourceType", "externalId", "_creationTime"];
@@ -622,9 +622,9 @@ declare const _default: convex_server66.SchemaDefinition<{
622
622
  requestId?: string | undefined;
623
623
  ip?: string | undefined;
624
624
  metadata?: any;
625
+ groupId: convex_values121.GenericId<"Group">;
625
626
  status: "success" | "failure";
626
627
  enterpriseId: convex_values121.GenericId<"Enterprise">;
627
- groupId: convex_values121.GenericId<"Group">;
628
628
  actorType: "user" | "system" | "scim" | "api_key" | "webhook";
629
629
  eventType: string;
630
630
  subjectType: string;
@@ -642,7 +642,7 @@ declare const _default: convex_server66.SchemaDefinition<{
642
642
  requestId: convex_values121.VString<string | undefined, "optional">;
643
643
  ip: convex_values121.VString<string | undefined, "optional">;
644
644
  metadata: convex_values121.VAny<any, "optional", string>;
645
- }, "required", "status" | "enterpriseId" | "groupId" | "actorType" | "eventType" | "actorId" | "subjectType" | "subjectId" | "occurredAt" | "requestId" | "ip" | "metadata" | `metadata.${string}`>, {
645
+ }, "required", "groupId" | "status" | "enterpriseId" | "actorType" | "eventType" | "actorId" | "subjectType" | "subjectId" | "occurredAt" | "requestId" | "ip" | "metadata" | `metadata.${string}`>, {
646
646
  enterprise_id_occurred_at: ["enterpriseId", "occurredAt", "_creationTime"];
647
647
  group_id_occurred_at: ["groupId", "occurredAt", "_creationTime"];
648
648
  event_type_occurred_at: ["eventType", "occurredAt", "_creationTime"];
@@ -655,9 +655,9 @@ declare const _default: convex_server66.SchemaDefinition<{
655
655
  createdByUserId?: convex_values121.GenericId<"User"> | undefined;
656
656
  lastSuccessAt?: number | undefined;
657
657
  lastFailureAt?: number | undefined;
658
+ groupId: convex_values121.GenericId<"Group">;
658
659
  status: "active" | "disabled";
659
660
  enterpriseId: convex_values121.GenericId<"Enterprise">;
660
- groupId: convex_values121.GenericId<"Group">;
661
661
  url: string;
662
662
  secretHash: string;
663
663
  subscriptions: string[];
@@ -674,7 +674,7 @@ declare const _default: convex_server66.SchemaDefinition<{
674
674
  lastFailureAt: convex_values121.VFloat64<number | undefined, "optional">;
675
675
  failureCount: convex_values121.VFloat64<number, "required">;
676
676
  extend: convex_values121.VAny<any, "optional", string>;
677
- }, "required", "status" | "enterpriseId" | "groupId" | "extend" | `extend.${string}` | "url" | "secretHash" | "subscriptions" | "createdByUserId" | "lastSuccessAt" | "lastFailureAt" | "failureCount">, {
677
+ }, "required", "groupId" | "extend" | "status" | `extend.${string}` | "enterpriseId" | "url" | "secretHash" | "subscriptions" | "createdByUserId" | "lastSuccessAt" | "lastFailureAt" | "failureCount">, {
678
678
  enterprise_id: ["enterpriseId", "_creationTime"];
679
679
  group_id: ["groupId", "_creationTime"];
680
680
  status: ["status", "_creationTime"];
@@ -689,8 +689,8 @@ declare const _default: convex_server66.SchemaDefinition<{
689
689
  lastError?: string | undefined;
690
690
  status: "pending" | "processing" | "delivered" | "failed";
691
691
  enterpriseId: convex_values121.GenericId<"Enterprise">;
692
- endpointId: convex_values121.GenericId<"EnterpriseWebhookEndpoint">;
693
692
  eventType: string;
693
+ endpointId: convex_values121.GenericId<"EnterpriseWebhookEndpoint">;
694
694
  attemptCount: number;
695
695
  nextAttemptAt: number;
696
696
  payload: any;
@@ -706,7 +706,7 @@ declare const _default: convex_server66.SchemaDefinition<{
706
706
  lastResponseStatus: convex_values121.VFloat64<number | undefined, "optional">;
707
707
  lastError: convex_values121.VString<string | undefined, "optional">;
708
708
  payload: convex_values121.VAny<any, "required", string>;
709
- }, "required", "status" | "enterpriseId" | "endpointId" | "eventType" | "auditEventId" | "attemptCount" | "nextAttemptAt" | "lastAttemptAt" | "lastResponseStatus" | "lastError" | "payload" | `payload.${string}`>, {
709
+ }, "required", "status" | "enterpriseId" | "eventType" | "endpointId" | "auditEventId" | "attemptCount" | "nextAttemptAt" | "lastAttemptAt" | "lastResponseStatus" | "lastError" | "payload" | `payload.${string}`>, {
710
710
  enterprise_id: ["enterpriseId", "_creationTime"];
711
711
  status_next_attempt_at: ["status", "nextAttemptAt", "_creationTime"];
712
712
  endpoint_id_status: ["endpointId", "status", "_creationTime"];
@@ -12,7 +12,7 @@ import { GenericId } from "convex/values";
12
12
  type AuthConfig = Omit<ConvexAuthConfig, "component">;
13
13
  /** Canonical user document type exposed by Convex Auth. */
14
14
  type UserDoc = Doc<"User">;
15
- type MemberApiWithAuthorization<TAuthorization extends AuthAuthorizationConfig | undefined> = Omit<ReturnType<typeof Auth>["auth"]["member"], "create" | "list" | "update" | "resolve"> & {
15
+ type MemberApiWithAuthorization<TAuthorization extends AuthAuthorizationConfig | undefined> = Omit<ReturnType<typeof Auth>["auth"]["member"], "create" | "list" | "update" | "inspect" | "require"> & {
16
16
  create: (ctx: Parameters<ReturnType<typeof Auth>["auth"]["member"]["create"]>[0], data: {
17
17
  groupId: string;
18
18
  userId: string;
@@ -20,7 +20,6 @@ type MemberApiWithAuthorization<TAuthorization extends AuthAuthorizationConfig |
20
20
  status?: string;
21
21
  extend?: Record<string, unknown>;
22
22
  }) => Promise<{
23
- ok: true;
24
23
  memberId: string;
25
24
  }>;
26
25
  list: (ctx: Parameters<ReturnType<typeof Auth>["auth"]["member"]["list"]>[0], opts?: {
@@ -38,17 +37,22 @@ type MemberApiWithAuthorization<TAuthorization extends AuthAuthorizationConfig |
38
37
  update: (ctx: Parameters<ReturnType<typeof Auth>["auth"]["member"]["update"]>[0], memberId: string, data: Record<string, unknown> & {
39
38
  roleIds?: AuthRoleId<TAuthorization>[];
40
39
  }) => Promise<{
41
- ok: true;
42
40
  memberId: string;
43
41
  }>;
44
- resolve: (ctx: Parameters<ReturnType<typeof Auth>["auth"]["member"]["resolve"]>[0], opts: {
42
+ inspect: (ctx: Parameters<ReturnType<typeof Auth>["auth"]["member"]["inspect"]>[0], opts: {
43
+ userId: string;
44
+ groupId: string;
45
+ ancestry?: boolean;
46
+ maxDepth?: number;
47
+ }) => ReturnType<ReturnType<typeof Auth>["auth"]["member"]["inspect"]>;
48
+ require: (ctx: Parameters<ReturnType<typeof Auth>["auth"]["member"]["require"]>[0], opts: {
45
49
  userId: string;
46
50
  groupId: string;
47
51
  ancestry?: boolean;
48
52
  roleIds?: AuthRoleId<TAuthorization>[];
49
53
  grants?: AuthGrant<TAuthorization>[];
50
54
  maxDepth?: number;
51
- }) => ReturnType<ReturnType<typeof Auth>["auth"]["member"]["resolve"]>;
55
+ }) => ReturnType<ReturnType<typeof Auth>["auth"]["member"]["require"]>;
52
56
  };
53
57
  /**
54
58
  * The base auth API surface returned by {@link createAuth}.
@@ -79,30 +83,29 @@ type AuthApiBase<TAuthorization extends AuthAuthorizationConfig | undefined = un
79
83
  key: ReturnType<typeof Auth>["auth"]["key"];
80
84
  http: ReturnType<typeof Auth>["auth"]["http"];
81
85
  /**
82
- * Resolve the current user's auth context. Framework-agnostic — use
86
+ * Resolve the current request's auth context. Framework-agnostic — use
83
87
  * this in fluent-convex middleware, custom wrappers, or anywhere you
84
- * need the resolved `{ userId, user, groupId, role, grants }` object.
88
+ * need the current `{ userId, user, groupId, role, grants }` object.
85
89
  *
86
- * Returns `null` when unauthenticated. Does not throw.
90
+ * Throws a structured `ConvexError` when unauthenticated.
87
91
  *
88
92
  * @param ctx - Convex query, mutation, or action context.
89
- * @returns The resolved auth context, or `null`.
93
+ * @returns The current auth context.
90
94
  *
91
95
  * @example fluent-convex middleware
92
96
  * ```ts
93
97
  * const withAuth = convex.createMiddleware(async (ctx, next) => {
94
- * return next({ ...ctx, auth: await auth.resolve(ctx) });
98
+ * return next({ ...ctx, auth: await auth.context(ctx) });
95
99
  * });
96
100
  * ```
97
101
  *
98
102
  * @example Direct usage in a handler
99
103
  * ```ts
100
- * const resolved = await auth.resolve(ctx);
101
- * if (!resolved) return { ok: false, code: "NOT_SIGNED_IN" };
102
- * const { userId, grants } = resolved;
104
+ * const authContext = await auth.context(ctx);
105
+ * const { userId, grants } = authContext;
103
106
  * ```
104
107
  */
105
- resolve: (ctx: any) => Promise<AuthResolvedContext | null>;
108
+ context: (ctx: any) => Promise<AuthContext>;
106
109
  /**
107
110
  * Context enrichment for convex-helpers `customQuery` / `customMutation` /
108
111
  * `customAction`.
@@ -111,9 +114,9 @@ type AuthApiBase<TAuthorization extends AuthAuthorizationConfig | undefined = un
111
114
  * and grants, then attaches them to `ctx.auth`. Returns a `Customization`
112
115
  * object compatible with convex-helpers' custom function builders.
113
116
  *
114
- * `ctx.auth` is `{ userId, user, groupId, role, grants }` when
115
- * authenticated, `null` when unauthenticated. No throwing your
116
- * handler decides how to respond.
117
+ * `ctx.auth` is the current request auth context.
118
+ * By default this throws when unauthenticated so handlers can assume
119
+ * `ctx.auth.userId` and `ctx.auth.user` exist.
117
120
  *
118
121
  * @returns A convex-helpers `Customization` object.
119
122
  *
@@ -135,7 +138,6 @@ type AuthApiBase<TAuthorization extends AuthAuthorizationConfig | undefined = un
135
138
  * export const list = authQuery({
136
139
  * args: { workspaceId: v.string() },
137
140
  * handler: async (ctx, args) => {
138
- * if (!ctx.auth) return [];
139
141
  * const { userId, groupId, grants } = ctx.auth;
140
142
  * // business logic
141
143
  * },
@@ -146,26 +148,27 @@ type AuthApiBase<TAuthorization extends AuthAuthorizationConfig | undefined = un
146
148
  args: Record<string, never>;
147
149
  input: (ctx: any) => Promise<{
148
150
  ctx: {
149
- auth: AuthResolvedContext | null;
151
+ auth: AuthContext;
150
152
  };
151
153
  args: Record<string, never>;
152
154
  }>;
153
155
  };
154
156
  };
155
157
  /**
156
- * Resolved auth context injected into `ctx.auth` by `auth.ctx()` and
157
- * {@link AuthCtx}. Also the expected return shape for custom
158
- * {@link AuthCtxConfig.authResolve | authResolve} hooks.
158
+ * Current request auth context injected into `ctx.auth` by `auth.ctx()` and
159
+ * {@link AuthCtx}. This is the authenticated auth shape returned by
160
+ * {@link createAuth().context}. Optional context builders may still surface
161
+ * nullable fields when `optional: true` is used.
159
162
  *
160
- * - `null` when unauthenticated.
161
163
  * - `groupId` is `null` when the user has no active group set.
162
- * - `role` / `grants` are `null` / `[]` when no active group or no membership.
164
+ * - `role` is `null` when no active group or no membership is resolved.
165
+ * - `grants` is `[]` when no active group or no membership is resolved.
163
166
  *
164
167
  * @example
165
168
  * ```ts
166
- * import type { AuthResolvedContext } from "@robelest/convex-auth/server";
169
+ * import type { AuthContext } from "@robelest/convex-auth/server";
167
170
  *
168
- * const mockAuth: AuthResolvedContext = {
171
+ * const mockAuth: AuthContext = {
169
172
  * userId: "user123" as Id<"User">,
170
173
  * user: { _id: "user123", email: "test@example.com" },
171
174
  * groupId: "group456",
@@ -174,7 +177,7 @@ type AuthApiBase<TAuthorization extends AuthAuthorizationConfig | undefined = un
174
177
  * };
175
178
  * ```
176
179
  */
177
- type AuthResolvedContext = {
180
+ type AuthContext = {
178
181
  /** The authenticated user's document ID. */userId: GenericId<"User">; /** The authenticated user's full document. */
179
182
  user: UserDoc; /** The user's active group ID, or `null` if none set. */
180
183
  groupId: string | null; /** The user's primary role in the active group, or `null`. */
@@ -184,7 +187,7 @@ type AuthResolvedContext = {
184
187
  type AuthCtxBase = {
185
188
  getUserIdentity: () => Promise<UserIdentity | null>;
186
189
  };
187
- type RequiredAuthCtxState = AuthCtxBase & AuthResolvedContext;
190
+ type RequiredAuthCtxState = AuthCtxBase & AuthContext;
188
191
  type OptionalAuthCtxState = AuthCtxBase & {
189
192
  userId: GenericId<"User"> | null;
190
193
  user: UserDoc | null;
@@ -202,7 +205,6 @@ type PublicSsoAdminApi = {
202
205
  domain: string;
203
206
  isPrimary?: boolean;
204
207
  }>) => Promise<{
205
- ok: true;
206
208
  enterpriseId: string;
207
209
  domains: Array<{
208
210
  domainId: string;
@@ -217,7 +219,6 @@ type PublicSsoAdminApi = {
217
219
  enterpriseId: string;
218
220
  domain: string;
219
221
  }) => Promise<{
220
- ok: true;
221
222
  enterpriseId: string;
222
223
  domain: string;
223
224
  requestedAt: number;
@@ -232,7 +233,6 @@ type PublicSsoAdminApi = {
232
233
  enterpriseId: string;
233
234
  domain: string;
234
235
  }) => Promise<{
235
- ok: boolean;
236
236
  enterpriseId: string;
237
237
  domain: string;
238
238
  verifiedAt?: number;
@@ -320,13 +320,13 @@ type AuthCtxConfig<TResolve extends Record<string, unknown> = Record<string, nev
320
320
  * Attach additional derived fields to the auth context after the base auth
321
321
  * context is resolved.
322
322
  */
323
- resolve?: (ctx: any, user: UserDoc, auth: AuthResolvedContext) => Promise<TResolve> | TResolve;
323
+ resolve?: (ctx: any, user: UserDoc, auth: AuthContext) => Promise<TResolve> | TResolve;
324
324
  /**
325
325
  * Override or wrap the base auth resolution used by {@link AuthCtx}.
326
326
  *
327
327
  * Return `undefined` to fall back to the built-in resolver,
328
328
  * `null` for an explicit unauthenticated state, or an
329
- * {@link AuthResolvedContext} object to provide a pre-resolved auth state.
329
+ * {@link AuthContext} object to provide a pre-resolved auth state.
330
330
  * This is useful for tests, proxy auth, impersonation flows, or any
331
331
  * environment that needs to inject auth without depending on the standard
332
332
  * Convex auth tables.
@@ -345,7 +345,7 @@ type AuthCtxConfig<TResolve extends Record<string, unknown> = Record<string, nev
345
345
  * });
346
346
  * ```
347
347
  */
348
- authResolve?: (ctx: any, fallback: () => Promise<AuthResolvedContext | null>) => Promise<AuthResolvedContext | null | undefined> | AuthResolvedContext | null | undefined;
348
+ authResolve?: (ctx: any, fallback: () => Promise<AuthContext | null>) => Promise<AuthContext | null | undefined> | AuthContext | null | undefined;
349
349
  };
350
350
  /**
351
351
  * Create a context enrichment for `customQuery` / `customMutation` — optional auth.
@@ -384,11 +384,8 @@ declare function AuthCtx<TResolve extends Record<string, unknown> = Record<strin
384
384
  /**
385
385
  * Create a context enrichment for `customQuery` / `customMutation` — required auth (default).
386
386
  *
387
- * When `optional` is omitted or `false`, the inferred type is the authenticated
388
- * auth shape. At runtime this helper still resolves instead of throwing, so if
389
- * no user is signed in the returned `ctx.auth.userId` / `ctx.auth.user` are
390
- * `null`, `ctx.auth.groupId` / `ctx.auth.role` are `null`, and
391
- * `ctx.auth.grants` is `[]`.
387
+ * When `optional` is omitted or `false`, unauthenticated requests throw a
388
+ * structured `ConvexError` before your handler runs.
392
389
  *
393
390
  * @param auth - The auth API object returned by {@link createAuth}.
394
391
  * @param config - Optional configuration with a `resolve` callback
@@ -446,5 +443,5 @@ type InferAuth<T extends {
446
443
  }>;
447
444
  }> = Awaited<ReturnType<T["input"]>>["ctx"]["auth"];
448
445
  //#endregion
449
- export { AuthApi, AuthConfig, AuthCtx, AuthCtxConfig, AuthResolvedContext, InferAuth, UserDoc, createAuth };
446
+ export { AuthApi, AuthConfig, AuthContext, AuthCtx, AuthCtxConfig, InferAuth, UserDoc, createAuth };
450
447
  //# sourceMappingURL=auth.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"auth.d.ts","names":[],"sources":["../../../src/server/auth.ts"],"mappings":";;;;;;;;AAqCA;;;KAHY,UAAA,GAAa,IAAA,CAAK,gBAAA;;KAGlB,OAAA,GAAU,GAAA;AAAA,KAEjB,0BAAA,wBACoB,uBAAA,gBACrB,IAAA,CACF,UAAA,QAAkB,IAAA;EAGlB,MAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,mCAEpB,IAAA;IACE,OAAA;IACA,MAAA;IACA,OAAA,GAAU,UAAA,CAAW,cAAA;IACrB,MAAA;IACA,MAAA,GAAS,MAAA;EAAA,MAER,OAAA;IAAU,EAAA;IAAU,QAAA;EAAA;EACzB,IAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,iCAEpB,IAAA;IACE,KAAA;MACE,OAAA;MACA,MAAA;MACA,MAAA,GAAS,UAAA,CAAW,cAAA;MACpB,MAAA;IAAA;IAEF,KAAA;IACA,MAAA;IACA,OAAA;IACA,KAAA;EAAA,MAEC,UAAA,CAAW,UAAA,QAAkB,IAAA;EAClC,MAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,mCAEpB,QAAA,UACA,IAAA,EAAM,MAAA;IAA4B,OAAA,GAAU,UAAA,CAAW,cAAA;EAAA,MACpD,OAAA;IAAU,EAAA;IAAU,QAAA;EAAA;EACzB,OAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,oCAEpB,IAAA;IACE,MAAA;IACA,OAAA;IACA,QAAA;IACA,OAAA,GAAU,UAAA,CAAW,cAAA;IACrB,MAAA,GAAS,SAAA,CAAU,cAAA;IACnB,QAAA;EAAA,MAEC,UAAA,CAAW,UAAA,QAAkB,IAAA;AAAA;;;;;;;;;;;;;;;;KAmBxB,WAAA,wBACa,uBAAA;EAEvB,MAAA,EAAQ,UAAA,QAAkB,IAAA;EAC1B,OAAA,EAAS,UAAA,QAAkB,IAAA;EAC3B,KAAA,EAAO,UAAA,QAAkB,IAAA;EACzB,IAAA,EAAM,UAAA,QAAkB,IAAA;EACxB,OAAA,EAAS,UAAA,QAAkB,IAAA;EAC3B,QAAA,EAAU,UAAA,QAAkB,IAAA;EAC5B,OAAA,EAAS,UAAA,QAAkB,IAAA;EAC3B,KAAA,EAAO,UAAA,QAAkB,IAAA;EACzB,MAAA,EAAQ,0BAAA,CAA2B,cAAA;EACnC,MAAA,EAAQ,UAAA,QAAkB,IAAA;EAC1B,GAAA,EAAK,UAAA,QAAkB,IAAA;EACvB,IAAA,EAAM,UAAA,QAAkB,IAAA;EApEtB;;;;;;;;;;;;;;;;;;;;;;;;EA6FF,OAAA,GAAU,GAAA,UAAa,OAAA,CAAQ,mBAAA;EAxE0B;;;;;;;;;;;;;;;;;;;;;;;;;;AAiC3D;;;;;;;;;;;;;EA+EE,GAAA;IACE,IAAA,EAAM,MAAA;IACN,KAAA,GAAQ,GAAA,UAAa,OAAA;MACnB,GAAA;QAAO,IAAA,EAAM,mBAAA;MAAA;MACb,IAAA,EAAM,MAAA;IAAA;EAAA;AAAA;;;;;;;;;;;;;;;;;;;;;;;KA2BA,mBAAA;EAzGe,4CA2GzB,MAAA,EAAQ,SAAA,UA1GF;EA4GN,IAAA,EAAM,OAAA,EA3GN;EA6GA,OAAA,iBA7G2B;EA+G3B,IAAA,iBA9GU;EAgHV,MAAA;AAAA;AAAA,KAGG,WAAA;EACH,eAAA,QAAuB,OAAA,CAAQ,YAAA;AAAA;AAAA,KAG5B,oBAAA,GAAuB,WAAA,GAAc,mBAAA;AAAA,KAErC,oBAAA,GAAuB,WAAA;EAC1B,MAAA,EAAQ,SAAA;EACR,IAAA,EAAM,OAAA;EACN,OAAA;EACA,IAAA;EACA,MAAA;AAAA;AAAA,KAGG,cAAA,GAAiB,UAAA,QAAkB,IAAA;AAAA,KAEnC,iBAAA;EACH,UAAA,EAAY,cAAA;IACV,MAAA;MACE,IAAA,EAAM,cAAA;MACN,QAAA,EAAU,cAAA;MACV,GAAA,GACE,GAAA,EAAK,UAAA,CAAW,cAAA,8BAChB,YAAA,UACA,OAAA,EAAS,KAAA;QACP,MAAA;QACA,SAAA;MAAA,OAEC,OAAA;QACH,EAAA;QACA,YAAA;QACA,OAAA,EAAS,KAAA;UACP,QAAA;UACA,MAAA;UACA,SAAA;UACA,QAAA;UACA,UAAA;QAAA;MAAA;MAGJ,YAAA;QACE,OAAA,GACE,GAAA,EAAK,UAAA,CAAW,cAAA,8BAChB,IAAA;UAAQ,YAAA;UAAsB,MAAA;QAAA,MAC3B,OAAA;UACH,EAAA;UACA,YAAA;UACA,MAAA;UACA,WAAA;UACA,SAAA;UACA,SAAA;YACE,UAAA;YACA,UAAA;YACA,WAAA;UAAA;QAAA;QAGJ,OAAA,GACE,GAAA,EAAK,UAAA,CAAW,cAAA,8BAChB,IAAA;UAAQ,YAAA;UAAsB,MAAA;QAAA,MAC3B,OAAA;UACH,EAAA;UACA,YAAA;UACA,MAAA;UACA,UAAA;UACA,MAAA,EAAQ,KAAA;YAAQ,IAAA;YAAc,EAAA;YAAa,OAAA;UAAA;QAAA;MAAA;IAAA;EAAA;EAKnD,IAAA,EAAM,IAAA,CAAK,cAAA;EACX,IAAA,EAAM,IAAA,CAAK,cAAA;EACX,MAAA,EAAQ,cAAA;EACR,KAAA;IACE,IAAA,EAAM,cAAA;EAAA;EAER,OAAA;IACE,QAAA,EAAU,cAAA;IACV,QAAA;MACE,IAAA,EAAM,cAAA;IAAA;EAAA;AAAA;AAAA,KAKP,kBAAA;EACH,MAAA,EAAQ,cAAA;EACR,QAAA,EAAU,cAAA;AAAA;AAAA,KAGP,YAAA;EACH,KAAA,EAAO,iBAAA;EACP,MAAA,EAAQ,kBAAA;AAAA;AAAA,KAGL,aAAA;EACH,KAAA,EAAO,IAAA,CAAK,cAAA;AAAA;;;;;;;;;;;;;;;;KAkBF,OAAA,wBACa,uBAAA,4BACrB,WAAA,CAAY,cAAA;EACd,GAAA,EAAK,YAAA;EACL,IAAA,EAAM,aAAA;AAAA;;;;;;;;;;;;;;;;KAkBI,gBAAA,WACA,kBAAA,2BACa,uBAAA,4BAEvB,MAAA,CAAO,CAAA,iBACH,OAAA,CAAQ,cAAA,IACR,WAAA,CAAY,cAAA;AAAA,iBA6FF,UAAA,WACJ,kBAAA,2BACa,uBAAA,yBAAA,CAEvB,SAAA,EAAW,gBAAA,eACX,MAAA,EAAQ,IAAA,CAAK,UAAA;EACX,SAAA,EAAW,CAAA;EACX,aAAA,GAAgB,cAAA;AAAA,IAEjB,gBAAA,CAAiB,CAAA,EAAG,cAAA;;;;;;;KAgNX,aAAA,kBACO,MAAA,oBAA0B,MAAA;EAjZnC,8EAoZR,QAAA;EAlZU;;;;EAuZV,OAAA,IACE,GAAA,OACA,IAAA,EAAM,OAAA,EACN,IAAA,EAAM,mBAAA,KACH,OAAA,CAAQ,QAAA,IAAY,QAAA;EAtZjB;;;;;;;;;;;;;;;;;;;;;;;;EA+aR,WAAA,IACE,GAAA,OACA,QAAA,QAAgB,OAAA,CAAQ,mBAAA,aAEtB,OAAA,CAAQ,mBAAA,uBACR,mBAAA;AAAA;;;;;;;;AA/ZoB;;;;;;;;;;AAOA;;;;;;iBAobV,OAAA,kBACG,MAAA,oBAA0B,MAAA,gBAAA,CAE3C,IAAA,EAAM,QAAA,EACN,MAAA,EAAQ,aAAA,CAAc,QAAA;EAAc,QAAA;AAAA;EAEpC,IAAA;EACA,KAAA,GACE,GAAA,OACA,KAAA,OACA,MAAA,WACG,OAAA;IACH,GAAA;MACE,IAAA,EAAM,oBAAA,GAAuB,QAAA;IAAA;IAE/B,IAAA;EAAA;AAAA;;;AAxaJ;;;;;;;;;;;;;;;;;;;;AAsBA;;iBA6agB,OAAA,kBACG,MAAA,oBAA0B,MAAA,gBAAA,CAE3C,IAAA,EAAM,QAAA,EACN,MAAA,GAAS,aAAA,CAAc,QAAA;EAEvB,IAAA;EACA,KAAA,GACE,GAAA,OACA,KAAA,OACA,MAAA,WACG,OAAA;IACH,GAAA;MACE,IAAA,EAAM,oBAAA,GAAuB,QAAA;IAAA;IAE/B,IAAA;EAAA;AAAA;;;;;;;;;;;;;;;AAzVJ;;;;;;;;;;KAqaY,SAAA;EACE,KAAA,MAAW,IAAA,YAAgB,OAAA;IAAU,GAAA;MAAO,IAAA;IAAA;EAAA;AAAA,KACtD,OAAA,CAAQ,UAAA,CAAW,CAAA"}
1
+ {"version":3,"file":"auth.d.ts","names":[],"sources":["../../../src/server/auth.ts"],"mappings":";;;;;;;;AAqCA;;;KAHY,UAAA,GAAa,IAAA,CAAK,gBAAA;;KAGlB,OAAA,GAAU,GAAA;AAAA,KAEjB,0BAAA,wBACoB,uBAAA,gBACrB,IAAA,CACF,UAAA,QAAkB,IAAA;EAGlB,MAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,mCAEpB,IAAA;IACE,OAAA;IACA,MAAA;IACA,OAAA,GAAU,UAAA,CAAW,cAAA;IACrB,MAAA;IACA,MAAA,GAAS,MAAA;EAAA,MAER,OAAA;IAAU,QAAA;EAAA;EACf,IAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,iCAEpB,IAAA;IACE,KAAA;MACE,OAAA;MACA,MAAA;MACA,MAAA,GAAS,UAAA,CAAW,cAAA;MACpB,MAAA;IAAA;IAEF,KAAA;IACA,MAAA;IACA,OAAA;IACA,KAAA;EAAA,MAEC,UAAA,CAAW,UAAA,QAAkB,IAAA;EAClC,MAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,mCAEpB,QAAA,UACA,IAAA,EAAM,MAAA;IAA4B,OAAA,GAAU,UAAA,CAAW,cAAA;EAAA,MACpD,OAAA;IAAU,QAAA;EAAA;EACf,OAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,oCAEpB,IAAA;IACE,MAAA;IACA,OAAA;IACA,QAAA;IACA,QAAA;EAAA,MAEC,UAAA,CAAW,UAAA,QAAkB,IAAA;EAClC,OAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,oCAEpB,IAAA;IACE,MAAA;IACA,OAAA;IACA,QAAA;IACA,OAAA,GAAU,UAAA,CAAW,cAAA;IACrB,MAAA,GAAS,SAAA,CAAU,cAAA;IACnB,QAAA;EAAA,MAEC,UAAA,CAAW,UAAA,QAAkB,IAAA;AAAA;;;;;;;;;;;;;;;;KAkBxB,WAAA,wBACa,uBAAA;EAEvB,MAAA,EAAQ,UAAA,QAAkB,IAAA;EAC1B,OAAA,EAAS,UAAA,QAAkB,IAAA;EAC3B,KAAA,EAAO,UAAA,QAAkB,IAAA;EACzB,IAAA,EAAM,UAAA,QAAkB,IAAA;EACxB,OAAA,EAAS,UAAA,QAAkB,IAAA;EAC3B,QAAA,EAAU,UAAA,QAAkB,IAAA;EAC5B,OAAA,EAAS,UAAA,QAAkB,IAAA;EAC3B,KAAA,EAAO,UAAA,QAAkB,IAAA;EACzB,MAAA,EAAQ,0BAAA,CAA2B,cAAA;EACnC,MAAA,EAAQ,UAAA,QAAkB,IAAA;EAC1B,GAAA,EAAK,UAAA,QAAkB,IAAA;EACvB,IAAA,EAAM,UAAA,QAAkB,IAAA;EA7EF;;;;;;;;;;;;;;;;;;;;;;;EAqGtB,OAAA,GAAU,GAAA,UAAa,OAAA,CAAQ,WAAA;EAjFK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAwHpC,GAAA;IACE,IAAA,EAAM,MAAA;IACN,KAAA,GAAQ,GAAA,UAAa,OAAA;MACnB,GAAA;QAAO,IAAA,EAAM,WAAA;MAAA;MACb,IAAA,EAAM,MAAA;IAAA;EAAA;AAAA;;;;;;;;;;;;;;;;;;;;;;;;KA4BA,WAAA;EA5BA,4CA8BV,MAAA,EAAQ,SAAA,UAhCsB;EAkC9B,IAAA,EAAM,OAAA,EAhHN;EAkHA,OAAA,iBAhHA;EAkHA,IAAA,iBAlH0B;EAoH1B,MAAA;AAAA;AAAA,KAGG,WAAA;EACH,eAAA,QAAuB,OAAA,CAAQ,YAAA;AAAA;AAAA,KAG5B,oBAAA,GAAuB,WAAA,GAAc,WAAA;AAAA,KAErC,oBAAA,GAAuB,WAAA;EAC1B,MAAA,EAAQ,SAAA;EACR,IAAA,EAAM,OAAA;EACN,OAAA;EACA,IAAA;EACA,MAAA;AAAA;AAAA,KAGG,cAAA,GAAiB,UAAA,QAAkB,IAAA;AAAA,KAEnC,iBAAA;EACH,UAAA,EAAY,cAAA;IACV,MAAA;MACE,IAAA,EAAM,cAAA;MACN,QAAA,EAAU,cAAA;MACV,GAAA,GACE,GAAA,EAAK,UAAA,CAAW,cAAA,8BAChB,YAAA,UACA,OAAA,EAAS,KAAA;QACP,MAAA;QACA,SAAA;MAAA,OAEC,OAAA;QACH,YAAA;QACA,OAAA,EAAS,KAAA;UACP,QAAA;UACA,MAAA;UACA,SAAA;UACA,QAAA;UACA,UAAA;QAAA;MAAA;MAGJ,YAAA;QACE,OAAA,GACE,GAAA,EAAK,UAAA,CAAW,cAAA,8BAChB,IAAA;UAAQ,YAAA;UAAsB,MAAA;QAAA,MAC3B,OAAA;UACH,YAAA;UACA,MAAA;UACA,WAAA;UACA,SAAA;UACA,SAAA;YACE,UAAA;YACA,UAAA;YACA,WAAA;UAAA;QAAA;QAGJ,OAAA,GACE,GAAA,EAAK,UAAA,CAAW,cAAA,8BAChB,IAAA;UAAQ,YAAA;UAAsB,MAAA;QAAA,MAC3B,OAAA;UACH,YAAA;UACA,MAAA;UACA,UAAA;UACA,MAAA,EAAQ,KAAA;YAAQ,IAAA;YAAc,EAAA;YAAa,OAAA;UAAA;QAAA;MAAA;IAAA;EAAA;EAKnD,IAAA,EAAM,IAAA,CAAK,cAAA;EACX,IAAA,EAAM,IAAA,CAAK,cAAA;EACX,MAAA,EAAQ,cAAA;EACR,KAAA;IACE,IAAA,EAAM,cAAA;EAAA;EAER,OAAA;IACE,QAAA,EAAU,cAAA;IACV,QAAA;MACE,IAAA,EAAM,cAAA;IAAA;EAAA;AAAA;AAAA,KAKP,kBAAA;EACH,MAAA,EAAQ,cAAA;EACR,QAAA,EAAU,cAAA;AAAA;AAAA,KAGP,YAAA;EACH,KAAA,EAAO,iBAAA;EACP,MAAA,EAAQ,kBAAA;AAAA;AAAA,KAGL,aAAA;EACH,KAAA,EAAO,IAAA,CAAK,cAAA;AAAA;;;;;;;;;AA/EN;;;;;AAG2C;;KA8FvC,OAAA,wBACa,uBAAA,4BACrB,WAAA,CAAY,cAAA;EACd,GAAA,EAAK,YAAA;EACL,IAAA,EAAM,aAAA;AAAA;;;;;;;;;;;;;;;;KAkBI,gBAAA,WACA,kBAAA,2BACa,uBAAA,4BAEvB,MAAA,CAAO,CAAA,iBACH,OAAA,CAAQ,cAAA,IACR,WAAA,CAAY,cAAA;AAAA,iBAgGF,UAAA,WACJ,kBAAA,2BACa,uBAAA,yBAAA,CAEvB,SAAA,EAAW,gBAAA,eACX,MAAA,EAAQ,IAAA,CAAK,UAAA;EACX,SAAA,EAAW,CAAA;EACX,aAAA,GAAgB,cAAA;AAAA,IAEjB,gBAAA,CAAiB,CAAA,EAAG,cAAA;;;;;;;KA8NX,aAAA,kBACO,MAAA,oBAA0B,MAAA;EA9anC,8EAibR,QAAA;EA7aI;;;;EAkbJ,OAAA,IACE,GAAA,OACA,IAAA,EAAM,OAAA,EACN,IAAA,EAAM,WAAA,KACH,OAAA,CAAQ,QAAA,IAAY,QAAA;EAnbT;;;;;;;;;;;;;;;;;;;;;;;;EA4chB,WAAA,IACE,GAAA,OACA,QAAA,QAAgB,OAAA,CAAQ,WAAA,aACrB,OAAA,CAAQ,WAAA,uBAAkC,WAAA;AAAA;;;;;;;;;;;;;;;;;;;;;;AA9avB;;iBAwcV,OAAA,kBACG,MAAA,oBAA0B,MAAA,gBAAA,CAE3C,IAAA,EAAM,QAAA,EACN,MAAA,EAAQ,aAAA,CAAc,QAAA;EAAc,QAAA;AAAA;EAEpC,IAAA;EACA,KAAA,GACE,GAAA,OACA,KAAA,OACA,MAAA,WACG,OAAA;IACH,GAAA;MACE,IAAA,EAAM,oBAAA,GAAuB,QAAA;IAAA;IAE/B,IAAA;EAAA;AAAA;;;;;;;;AA3cwB;;;;;;;;;AAsB5B;;;;;iBA6cgB,OAAA,kBACG,MAAA,oBAA0B,MAAA,gBAAA,CAE3C,IAAA,EAAM,QAAA,EACN,MAAA,GAAS,aAAA,CAAc,QAAA;EAEvB,IAAA;EACA,KAAA,GACE,GAAA,OACA,KAAA,OACA,MAAA,WACG,OAAA;IACH,GAAA;MACE,IAAA,EAAM,oBAAA,GAAuB,QAAA;IAAA;IAE/B,IAAA;EAAA;AAAA;;;;;;;AAtcJ;;;;;;;;;;;;;;;;;;KAwhBY,SAAA;EACE,KAAA,MAAW,IAAA,YAAgB,OAAA;IAAU,GAAA;MAAO,IAAA;IAAA;EAAA;AAAA,KACtD,OAAA,CAAQ,UAAA,CAAW,CAAA"}