@robelest/convex-auth 0.0.4-preview.25 → 0.0.4-preview.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (666) hide show
  1. package/README.md +43 -36
  2. package/dist/bin.js +5765 -4880
  3. package/dist/browser/index.d.ts +30 -0
  4. package/dist/browser/index.js +93 -0
  5. package/dist/browser/locks.js +11 -0
  6. package/dist/browser/navigation.js +14 -0
  7. package/dist/{factors → browser}/passkey.js +23 -32
  8. package/dist/browser/runtime.js +92 -0
  9. package/dist/client/core/types.d.ts +452 -5
  10. package/dist/client/core/types.js +17 -0
  11. package/dist/client/errors.js +19 -0
  12. package/dist/client/factors/device.js +94 -0
  13. package/dist/{factors → client/factors}/totp.js +12 -4
  14. package/dist/client/index.d.ts +47 -1
  15. package/dist/client/index.js +269 -232
  16. package/dist/client/runtime/mutex.js +24 -0
  17. package/dist/client/runtime/proxy.js +30 -0
  18. package/dist/client/runtime/storage.js +45 -0
  19. package/dist/client/services/adapters.js +7 -0
  20. package/dist/client/services/http.js +6 -0
  21. package/dist/client/services/resolve.js +13 -0
  22. package/dist/client/services/runtime.js +6 -0
  23. package/dist/component/_generated/component.d.ts +1355 -1399
  24. package/dist/component/convex.config.d.ts +2 -2
  25. package/dist/component/index.d.ts +4 -26
  26. package/dist/component/index.js +1 -1
  27. package/dist/component/model.d.ts +26 -112
  28. package/dist/component/model.js +76 -54
  29. package/dist/component/modules.js +38 -0
  30. package/dist/component/public/factors/devices.js +1 -1
  31. package/dist/component/public/factors/passkeys.js +1 -1
  32. package/dist/component/public/factors/totp.js +1 -1
  33. package/dist/component/public/groups/core.js +2 -2
  34. package/dist/component/public/groups/invites.js +1 -1
  35. package/dist/component/public/groups/members.js +1 -1
  36. package/dist/component/public/identity/accounts.js +1 -1
  37. package/dist/component/public/identity/codes.js +1 -1
  38. package/dist/component/public/identity/sessions.js +39 -2
  39. package/dist/component/public/identity/tokens.js +82 -4
  40. package/dist/component/public/identity/users.js +1 -1
  41. package/dist/component/public/identity/verifiers.js +10 -4
  42. package/dist/component/public/security/keys.js +1 -1
  43. package/dist/component/public/security/limits.js +1 -1
  44. package/dist/component/public/{enterprise → sso}/audit.js +26 -26
  45. package/dist/component/public/sso/core.js +263 -0
  46. package/dist/component/public/sso/domains.js +280 -0
  47. package/dist/component/public/{enterprise → sso}/scim.js +87 -87
  48. package/dist/component/public/sso/secrets.js +125 -0
  49. package/dist/component/public/{enterprise → sso}/webhooks.js +59 -59
  50. package/dist/component/public.js +9 -9
  51. package/dist/component/schema.d.ts +472 -393
  52. package/dist/component/schema.js +36 -35
  53. package/dist/core/index.d.ts +380 -0
  54. package/dist/core/index.js +83 -0
  55. package/dist/otel.d.ts +69 -0
  56. package/dist/otel.js +82 -0
  57. package/dist/providers/anonymous.d.ts +15 -34
  58. package/dist/providers/anonymous.js +27 -35
  59. package/dist/providers/apple.d.ts +59 -0
  60. package/dist/providers/apple.js +58 -0
  61. package/dist/providers/credentials.d.ts +18 -34
  62. package/dist/providers/credentials.js +16 -27
  63. package/dist/providers/custom.d.ts +94 -0
  64. package/dist/providers/custom.js +119 -0
  65. package/dist/providers/device.d.ts +15 -49
  66. package/dist/providers/device.js +17 -34
  67. package/dist/providers/email.d.ts +21 -38
  68. package/dist/providers/email.js +36 -55
  69. package/dist/providers/github.d.ts +54 -0
  70. package/dist/providers/github.js +75 -0
  71. package/dist/providers/google.d.ts +54 -0
  72. package/dist/providers/google.js +61 -0
  73. package/dist/providers/index.d.ts +16 -12
  74. package/dist/providers/index.js +15 -11
  75. package/dist/providers/microsoft.d.ts +57 -0
  76. package/dist/providers/microsoft.js +101 -0
  77. package/dist/providers/passkey.d.ts +19 -35
  78. package/dist/providers/passkey.js +20 -30
  79. package/dist/providers/password.d.ts +17 -18
  80. package/dist/providers/password.js +121 -143
  81. package/dist/providers/phone.d.ts +13 -28
  82. package/dist/providers/phone.js +21 -46
  83. package/dist/providers/sso.d.ts +16 -36
  84. package/dist/providers/sso.js +21 -22
  85. package/dist/providers/totp.d.ts +13 -29
  86. package/dist/providers/totp.js +17 -27
  87. package/dist/server/auth-context.d.ts +204 -0
  88. package/dist/server/auth-context.js +76 -0
  89. package/dist/server/auth.d.ts +99 -244
  90. package/dist/server/auth.js +56 -152
  91. package/dist/server/componentContext.d.ts +12 -0
  92. package/dist/server/componentContext.js +1 -0
  93. package/dist/server/config.js +6 -67
  94. package/dist/server/constants.js +6 -0
  95. package/dist/server/contract.d.ts +105 -0
  96. package/dist/server/contract.js +43 -0
  97. package/dist/server/cookies.js +3 -2
  98. package/dist/server/core.js +31 -36
  99. package/dist/server/crypto.js +34 -44
  100. package/dist/server/db.js +6 -1
  101. package/dist/server/device.js +96 -130
  102. package/dist/server/env.js +48 -0
  103. package/dist/server/errors.js +20 -0
  104. package/dist/server/http.d.ts +15 -59
  105. package/dist/server/http.js +136 -120
  106. package/dist/server/identity.js +2 -2
  107. package/dist/server/index.d.ts +5 -4
  108. package/dist/server/index.js +3 -3
  109. package/dist/server/keys.js +10 -1
  110. package/dist/server/limits.js +26 -26
  111. package/dist/server/log.js +28 -0
  112. package/dist/server/mounts.d.ts +1107 -296
  113. package/dist/server/mounts.js +315 -196
  114. package/dist/server/mutations/account.js +11 -14
  115. package/dist/server/mutations/code.js +6 -5
  116. package/dist/server/mutations/invalidate.js +9 -11
  117. package/dist/server/mutations/oauth.js +112 -73
  118. package/dist/server/mutations/refresh.js +47 -97
  119. package/dist/server/mutations/register.js +37 -35
  120. package/dist/server/mutations/retrieve.js +16 -16
  121. package/dist/server/mutations/signature.js +15 -18
  122. package/dist/server/mutations/signin.js +10 -5
  123. package/dist/server/mutations/signout.js +11 -14
  124. package/dist/server/mutations/store.js +25 -18
  125. package/dist/server/mutations/verifier.js +11 -8
  126. package/dist/server/mutations/verify.js +53 -41
  127. package/dist/server/oauth/factory.js +44 -0
  128. package/dist/server/oauth/index.js +12 -0
  129. package/dist/server/oauth/runtime.js +248 -0
  130. package/dist/server/passkey.js +331 -365
  131. package/dist/server/payloads.d.ts +16 -0
  132. package/dist/server/payloads.js +30 -0
  133. package/dist/server/{ssr.d.ts → prefetch.d.ts} +2 -2
  134. package/dist/server/prefetch.js +635 -0
  135. package/dist/server/random.js +19 -0
  136. package/dist/server/redirects.js +10 -5
  137. package/dist/server/refresh.js +14 -86
  138. package/dist/server/runtime.d.ts +531 -31
  139. package/dist/server/runtime.js +106 -267
  140. package/dist/server/secret.js +44 -0
  141. package/dist/server/services/config.js +10 -0
  142. package/dist/server/services/group.js +211 -0
  143. package/dist/server/services/logger.js +8 -0
  144. package/dist/server/services/providers.js +22 -0
  145. package/dist/server/services/refresh.js +8 -0
  146. package/dist/server/services/resolve.js +27 -0
  147. package/dist/server/services/signin.js +8 -0
  148. package/dist/server/sessions.js +35 -34
  149. package/dist/server/signin.js +229 -140
  150. package/dist/server/{enterprise → sso}/config.js +10 -3
  151. package/dist/server/sso/domain.d.ts +614 -0
  152. package/dist/server/sso/domain.js +1175 -0
  153. package/dist/server/sso/http.js +1060 -0
  154. package/dist/server/sso/oidc.js +324 -0
  155. package/dist/server/sso/policies.js +59 -0
  156. package/dist/server/sso/policy.js +139 -0
  157. package/dist/server/sso/profile.js +22 -0
  158. package/dist/server/sso/provision.js +179 -0
  159. package/dist/{component/server/enterprise → server/sso}/saml.js +142 -56
  160. package/dist/{component/server/enterprise → server/sso}/scim.js +13 -7
  161. package/dist/server/sso/shared.js +74 -0
  162. package/dist/server/sso/validators.js +88 -0
  163. package/dist/server/sso/webhook.js +94 -0
  164. package/dist/server/tokens.js +16 -4
  165. package/dist/server/totp.js +155 -164
  166. package/dist/server/types.d.ts +306 -296
  167. package/dist/server/types.js +1 -30
  168. package/dist/server/url.js +32 -0
  169. package/dist/server/users.js +74 -40
  170. package/dist/server/utils/cache.js +51 -0
  171. package/dist/server/utils/dispatch.js +36 -0
  172. package/dist/server/utils/retry.js +24 -0
  173. package/dist/server/utils/span.js +32 -0
  174. package/dist/shared/errors.js +19 -0
  175. package/dist/shared/log.js +45 -0
  176. package/{src/test.ts → dist/test.d.ts} +21 -22
  177. package/dist/test.js +51 -0
  178. package/package.json +70 -42
  179. package/dist/authorization/index.d.ts.map +0 -1
  180. package/dist/authorization/index.js.map +0 -1
  181. package/dist/client/core/types.d.ts.map +0 -1
  182. package/dist/client/index.d.ts.map +0 -1
  183. package/dist/client/index.js.map +0 -1
  184. package/dist/component/_generated/api.d.ts +0 -75
  185. package/dist/component/_generated/api.d.ts.map +0 -1
  186. package/dist/component/_generated/api.js.map +0 -1
  187. package/dist/component/_generated/component.d.ts.map +0 -1
  188. package/dist/component/_generated/dataModel.d.ts +0 -42
  189. package/dist/component/_generated/dataModel.d.ts.map +0 -1
  190. package/dist/component/_generated/server.d.ts +0 -117
  191. package/dist/component/_generated/server.d.ts.map +0 -1
  192. package/dist/component/_generated/server.js.map +0 -1
  193. package/dist/component/_virtual/rolldown_runtime.js +0 -18
  194. package/dist/component/client/core/types.d.ts +0 -2
  195. package/dist/component/client/index.d.ts +0 -1
  196. package/dist/component/convex.config.d.ts.map +0 -1
  197. package/dist/component/convex.config.js.map +0 -1
  198. package/dist/component/functions.d.ts +0 -25
  199. package/dist/component/functions.d.ts.map +0 -1
  200. package/dist/component/functions.js.map +0 -1
  201. package/dist/component/index.d.ts.map +0 -1
  202. package/dist/component/model.d.ts.map +0 -1
  203. package/dist/component/model.js.map +0 -1
  204. package/dist/component/providers/anonymous.d.ts +0 -54
  205. package/dist/component/providers/anonymous.d.ts.map +0 -1
  206. package/dist/component/providers/credentials.d.ts +0 -38
  207. package/dist/component/providers/credentials.d.ts.map +0 -1
  208. package/dist/component/providers/device.d.ts +0 -67
  209. package/dist/component/providers/device.d.ts.map +0 -1
  210. package/dist/component/providers/email.d.ts +0 -62
  211. package/dist/component/providers/email.d.ts.map +0 -1
  212. package/dist/component/providers/oauth.d.ts +0 -25
  213. package/dist/component/providers/oauth.d.ts.map +0 -1
  214. package/dist/component/providers/oauth.js +0 -13
  215. package/dist/component/providers/oauth.js.map +0 -1
  216. package/dist/component/providers/passkey.d.ts +0 -57
  217. package/dist/component/providers/passkey.d.ts.map +0 -1
  218. package/dist/component/providers/password.d.ts +0 -88
  219. package/dist/component/providers/password.d.ts.map +0 -1
  220. package/dist/component/providers/phone.d.ts +0 -48
  221. package/dist/component/providers/phone.d.ts.map +0 -1
  222. package/dist/component/providers/sso.d.ts +0 -50
  223. package/dist/component/providers/sso.d.ts.map +0 -1
  224. package/dist/component/providers/totp.d.ts +0 -45
  225. package/dist/component/providers/totp.d.ts.map +0 -1
  226. package/dist/component/public/enterprise/audit.d.ts +0 -73
  227. package/dist/component/public/enterprise/audit.d.ts.map +0 -1
  228. package/dist/component/public/enterprise/audit.js.map +0 -1
  229. package/dist/component/public/enterprise/core.d.ts +0 -176
  230. package/dist/component/public/enterprise/core.d.ts.map +0 -1
  231. package/dist/component/public/enterprise/core.js +0 -292
  232. package/dist/component/public/enterprise/core.js.map +0 -1
  233. package/dist/component/public/enterprise/domains.d.ts +0 -174
  234. package/dist/component/public/enterprise/domains.d.ts.map +0 -1
  235. package/dist/component/public/enterprise/domains.js +0 -271
  236. package/dist/component/public/enterprise/domains.js.map +0 -1
  237. package/dist/component/public/enterprise/scim.d.ts +0 -245
  238. package/dist/component/public/enterprise/scim.d.ts.map +0 -1
  239. package/dist/component/public/enterprise/scim.js.map +0 -1
  240. package/dist/component/public/enterprise/secrets.d.ts +0 -78
  241. package/dist/component/public/enterprise/secrets.d.ts.map +0 -1
  242. package/dist/component/public/enterprise/secrets.js +0 -118
  243. package/dist/component/public/enterprise/secrets.js.map +0 -1
  244. package/dist/component/public/enterprise/webhooks.d.ts +0 -211
  245. package/dist/component/public/enterprise/webhooks.d.ts.map +0 -1
  246. package/dist/component/public/enterprise/webhooks.js.map +0 -1
  247. package/dist/component/public/factors/devices.d.ts +0 -157
  248. package/dist/component/public/factors/devices.d.ts.map +0 -1
  249. package/dist/component/public/factors/devices.js.map +0 -1
  250. package/dist/component/public/factors/passkeys.d.ts +0 -175
  251. package/dist/component/public/factors/passkeys.d.ts.map +0 -1
  252. package/dist/component/public/factors/passkeys.js.map +0 -1
  253. package/dist/component/public/factors/totp.d.ts +0 -189
  254. package/dist/component/public/factors/totp.d.ts.map +0 -1
  255. package/dist/component/public/factors/totp.js.map +0 -1
  256. package/dist/component/public/groups/core.d.ts +0 -137
  257. package/dist/component/public/groups/core.d.ts.map +0 -1
  258. package/dist/component/public/groups/core.js.map +0 -1
  259. package/dist/component/public/groups/invites.d.ts +0 -217
  260. package/dist/component/public/groups/invites.d.ts.map +0 -1
  261. package/dist/component/public/groups/invites.js.map +0 -1
  262. package/dist/component/public/groups/members.d.ts +0 -204
  263. package/dist/component/public/groups/members.d.ts.map +0 -1
  264. package/dist/component/public/groups/members.js.map +0 -1
  265. package/dist/component/public/identity/accounts.d.ts +0 -147
  266. package/dist/component/public/identity/accounts.d.ts.map +0 -1
  267. package/dist/component/public/identity/accounts.js.map +0 -1
  268. package/dist/component/public/identity/codes.d.ts +0 -104
  269. package/dist/component/public/identity/codes.d.ts.map +0 -1
  270. package/dist/component/public/identity/codes.js.map +0 -1
  271. package/dist/component/public/identity/sessions.d.ts +0 -128
  272. package/dist/component/public/identity/sessions.d.ts.map +0 -1
  273. package/dist/component/public/identity/sessions.js.map +0 -1
  274. package/dist/component/public/identity/tokens.d.ts +0 -169
  275. package/dist/component/public/identity/tokens.d.ts.map +0 -1
  276. package/dist/component/public/identity/tokens.js.map +0 -1
  277. package/dist/component/public/identity/users.d.ts +0 -212
  278. package/dist/component/public/identity/users.d.ts.map +0 -1
  279. package/dist/component/public/identity/users.js.map +0 -1
  280. package/dist/component/public/identity/verifiers.d.ts +0 -116
  281. package/dist/component/public/identity/verifiers.d.ts.map +0 -1
  282. package/dist/component/public/identity/verifiers.js.map +0 -1
  283. package/dist/component/public/security/keys.d.ts +0 -209
  284. package/dist/component/public/security/keys.d.ts.map +0 -1
  285. package/dist/component/public/security/keys.js.map +0 -1
  286. package/dist/component/public/security/limits.d.ts +0 -114
  287. package/dist/component/public/security/limits.d.ts.map +0 -1
  288. package/dist/component/public/security/limits.js.map +0 -1
  289. package/dist/component/public.d.ts +0 -28
  290. package/dist/component/public.d.ts.map +0 -1
  291. package/dist/component/schema.d.ts.map +0 -1
  292. package/dist/component/schema.js.map +0 -1
  293. package/dist/component/server/auth.d.ts +0 -447
  294. package/dist/component/server/auth.d.ts.map +0 -1
  295. package/dist/component/server/auth.js +0 -254
  296. package/dist/component/server/auth.js.map +0 -1
  297. package/dist/component/server/config.js +0 -121
  298. package/dist/component/server/config.js.map +0 -1
  299. package/dist/component/server/context.js +0 -53
  300. package/dist/component/server/context.js.map +0 -1
  301. package/dist/component/server/cookies.js +0 -47
  302. package/dist/component/server/cookies.js.map +0 -1
  303. package/dist/component/server/core.js +0 -576
  304. package/dist/component/server/core.js.map +0 -1
  305. package/dist/component/server/crypto.js +0 -56
  306. package/dist/component/server/crypto.js.map +0 -1
  307. package/dist/component/server/db.js +0 -87
  308. package/dist/component/server/db.js.map +0 -1
  309. package/dist/component/server/device.js +0 -152
  310. package/dist/component/server/device.js.map +0 -1
  311. package/dist/component/server/enterprise/config.js +0 -46
  312. package/dist/component/server/enterprise/config.js.map +0 -1
  313. package/dist/component/server/enterprise/domain.js +0 -974
  314. package/dist/component/server/enterprise/domain.js.map +0 -1
  315. package/dist/component/server/enterprise/http.js +0 -787
  316. package/dist/component/server/enterprise/http.js.map +0 -1
  317. package/dist/component/server/enterprise/oidc.js +0 -248
  318. package/dist/component/server/enterprise/oidc.js.map +0 -1
  319. package/dist/component/server/enterprise/policy.js +0 -85
  320. package/dist/component/server/enterprise/policy.js.map +0 -1
  321. package/dist/component/server/enterprise/saml.js.map +0 -1
  322. package/dist/component/server/enterprise/scim.js.map +0 -1
  323. package/dist/component/server/enterprise/shared.js +0 -51
  324. package/dist/component/server/enterprise/shared.js.map +0 -1
  325. package/dist/component/server/http.d.ts +0 -85
  326. package/dist/component/server/http.d.ts.map +0 -1
  327. package/dist/component/server/http.js +0 -351
  328. package/dist/component/server/http.js.map +0 -1
  329. package/dist/component/server/identity.js +0 -16
  330. package/dist/component/server/identity.js.map +0 -1
  331. package/dist/component/server/keys.js +0 -96
  332. package/dist/component/server/keys.js.map +0 -1
  333. package/dist/component/server/limits.js +0 -52
  334. package/dist/component/server/limits.js.map +0 -1
  335. package/dist/component/server/mutations/account.js +0 -46
  336. package/dist/component/server/mutations/account.js.map +0 -1
  337. package/dist/component/server/mutations/code.js +0 -68
  338. package/dist/component/server/mutations/code.js.map +0 -1
  339. package/dist/component/server/mutations/invalidate.js +0 -32
  340. package/dist/component/server/mutations/invalidate.js.map +0 -1
  341. package/dist/component/server/mutations/oauth.js +0 -116
  342. package/dist/component/server/mutations/oauth.js.map +0 -1
  343. package/dist/component/server/mutations/refresh.js +0 -119
  344. package/dist/component/server/mutations/refresh.js.map +0 -1
  345. package/dist/component/server/mutations/register.js +0 -87
  346. package/dist/component/server/mutations/register.js.map +0 -1
  347. package/dist/component/server/mutations/retrieve.js +0 -61
  348. package/dist/component/server/mutations/retrieve.js.map +0 -1
  349. package/dist/component/server/mutations/signature.js +0 -38
  350. package/dist/component/server/mutations/signature.js.map +0 -1
  351. package/dist/component/server/mutations/signin.js +0 -27
  352. package/dist/component/server/mutations/signin.js.map +0 -1
  353. package/dist/component/server/mutations/signout.js +0 -27
  354. package/dist/component/server/mutations/signout.js.map +0 -1
  355. package/dist/component/server/mutations/store/refs.js +0 -15
  356. package/dist/component/server/mutations/store/refs.js.map +0 -1
  357. package/dist/component/server/mutations/store.js +0 -70
  358. package/dist/component/server/mutations/store.js.map +0 -1
  359. package/dist/component/server/mutations/verifier.js +0 -18
  360. package/dist/component/server/mutations/verifier.js.map +0 -1
  361. package/dist/component/server/mutations/verify.js +0 -98
  362. package/dist/component/server/mutations/verify.js.map +0 -1
  363. package/dist/component/server/oauth.js +0 -242
  364. package/dist/component/server/oauth.js.map +0 -1
  365. package/dist/component/server/passkey.js +0 -415
  366. package/dist/component/server/passkey.js.map +0 -1
  367. package/dist/component/server/redirects.js +0 -40
  368. package/dist/component/server/redirects.js.map +0 -1
  369. package/dist/component/server/refresh.js +0 -99
  370. package/dist/component/server/refresh.js.map +0 -1
  371. package/dist/component/server/runtime.d.ts +0 -136
  372. package/dist/component/server/runtime.d.ts.map +0 -1
  373. package/dist/component/server/runtime.js +0 -456
  374. package/dist/component/server/runtime.js.map +0 -1
  375. package/dist/component/server/sessions.js +0 -71
  376. package/dist/component/server/sessions.js.map +0 -1
  377. package/dist/component/server/signin.js +0 -225
  378. package/dist/component/server/signin.js.map +0 -1
  379. package/dist/component/server/tokens.js +0 -17
  380. package/dist/component/server/tokens.js.map +0 -1
  381. package/dist/component/server/totp.js +0 -208
  382. package/dist/component/server/totp.js.map +0 -1
  383. package/dist/component/server/types.d.ts +0 -949
  384. package/dist/component/server/types.d.ts.map +0 -1
  385. package/dist/component/server/types.js +0 -79
  386. package/dist/component/server/types.js.map +0 -1
  387. package/dist/component/server/users.js +0 -123
  388. package/dist/component/server/users.js.map +0 -1
  389. package/dist/component/server/utils.js +0 -140
  390. package/dist/component/server/utils.js.map +0 -1
  391. package/dist/core/types.d.ts +0 -361
  392. package/dist/core/types.d.ts.map +0 -1
  393. package/dist/factors/device.js +0 -104
  394. package/dist/factors/device.js.map +0 -1
  395. package/dist/factors/passkey.js.map +0 -1
  396. package/dist/factors/totp.js.map +0 -1
  397. package/dist/providers/anonymous.d.ts.map +0 -1
  398. package/dist/providers/anonymous.js.map +0 -1
  399. package/dist/providers/credentials.d.ts.map +0 -1
  400. package/dist/providers/credentials.js.map +0 -1
  401. package/dist/providers/device.d.ts.map +0 -1
  402. package/dist/providers/device.js.map +0 -1
  403. package/dist/providers/email.d.ts.map +0 -1
  404. package/dist/providers/email.js.map +0 -1
  405. package/dist/providers/oauth.d.ts +0 -69
  406. package/dist/providers/oauth.d.ts.map +0 -1
  407. package/dist/providers/oauth.js +0 -43
  408. package/dist/providers/oauth.js.map +0 -1
  409. package/dist/providers/passkey.d.ts.map +0 -1
  410. package/dist/providers/passkey.js.map +0 -1
  411. package/dist/providers/password.d.ts.map +0 -1
  412. package/dist/providers/password.js.map +0 -1
  413. package/dist/providers/phone.d.ts.map +0 -1
  414. package/dist/providers/phone.js.map +0 -1
  415. package/dist/providers/sso.d.ts.map +0 -1
  416. package/dist/providers/sso.js.map +0 -1
  417. package/dist/providers/totp.d.ts.map +0 -1
  418. package/dist/providers/totp.js.map +0 -1
  419. package/dist/runtime/browser.js +0 -68
  420. package/dist/runtime/browser.js.map +0 -1
  421. package/dist/runtime/invite.js.map +0 -1
  422. package/dist/runtime/proxy.js +0 -70
  423. package/dist/runtime/proxy.js.map +0 -1
  424. package/dist/runtime/storage.js +0 -37
  425. package/dist/runtime/storage.js.map +0 -1
  426. package/dist/server/auth.d.ts.map +0 -1
  427. package/dist/server/auth.js.map +0 -1
  428. package/dist/server/config.d.ts +0 -1
  429. package/dist/server/config.js.map +0 -1
  430. package/dist/server/context.d.ts +0 -1
  431. package/dist/server/context.js.map +0 -1
  432. package/dist/server/cookies.d.ts +0 -1
  433. package/dist/server/cookies.js.map +0 -1
  434. package/dist/server/core.d.ts +0 -1315
  435. package/dist/server/core.d.ts.map +0 -1
  436. package/dist/server/core.js.map +0 -1
  437. package/dist/server/crypto.d.ts +0 -8
  438. package/dist/server/crypto.d.ts.map +0 -1
  439. package/dist/server/crypto.js.map +0 -1
  440. package/dist/server/db.d.ts +0 -1
  441. package/dist/server/db.js.map +0 -1
  442. package/dist/server/device.d.ts +0 -1
  443. package/dist/server/device.js.map +0 -1
  444. package/dist/server/enterprise/config.d.ts +0 -1
  445. package/dist/server/enterprise/config.js.map +0 -1
  446. package/dist/server/enterprise/domain.d.ts +0 -401
  447. package/dist/server/enterprise/domain.d.ts.map +0 -1
  448. package/dist/server/enterprise/domain.js +0 -974
  449. package/dist/server/enterprise/domain.js.map +0 -1
  450. package/dist/server/enterprise/http.d.ts +0 -26
  451. package/dist/server/enterprise/http.d.ts.map +0 -1
  452. package/dist/server/enterprise/http.js +0 -787
  453. package/dist/server/enterprise/http.js.map +0 -1
  454. package/dist/server/enterprise/oidc.d.ts +0 -1
  455. package/dist/server/enterprise/oidc.js +0 -248
  456. package/dist/server/enterprise/oidc.js.map +0 -1
  457. package/dist/server/enterprise/policy.d.ts +0 -1
  458. package/dist/server/enterprise/policy.js +0 -85
  459. package/dist/server/enterprise/policy.js.map +0 -1
  460. package/dist/server/enterprise/saml.d.ts +0 -1
  461. package/dist/server/enterprise/saml.js +0 -338
  462. package/dist/server/enterprise/saml.js.map +0 -1
  463. package/dist/server/enterprise/scim.d.ts +0 -1
  464. package/dist/server/enterprise/scim.js +0 -97
  465. package/dist/server/enterprise/scim.js.map +0 -1
  466. package/dist/server/enterprise/shared.d.ts +0 -5
  467. package/dist/server/enterprise/shared.d.ts.map +0 -1
  468. package/dist/server/enterprise/shared.js +0 -51
  469. package/dist/server/enterprise/shared.js.map +0 -1
  470. package/dist/server/enterprise/validators.d.ts +0 -1
  471. package/dist/server/enterprise/validators.js +0 -60
  472. package/dist/server/enterprise/validators.js.map +0 -1
  473. package/dist/server/http.d.ts.map +0 -1
  474. package/dist/server/http.js.map +0 -1
  475. package/dist/server/identity.d.ts +0 -1
  476. package/dist/server/identity.js.map +0 -1
  477. package/dist/server/keys.d.ts +0 -1
  478. package/dist/server/keys.js.map +0 -1
  479. package/dist/server/limits.d.ts +0 -1
  480. package/dist/server/limits.js.map +0 -1
  481. package/dist/server/mounts.d.ts.map +0 -1
  482. package/dist/server/mounts.js.map +0 -1
  483. package/dist/server/mutations/account.d.ts +0 -29
  484. package/dist/server/mutations/account.d.ts.map +0 -1
  485. package/dist/server/mutations/account.js.map +0 -1
  486. package/dist/server/mutations/code.d.ts +0 -30
  487. package/dist/server/mutations/code.d.ts.map +0 -1
  488. package/dist/server/mutations/code.js.map +0 -1
  489. package/dist/server/mutations/index.d.ts +0 -14
  490. package/dist/server/mutations/invalidate.d.ts +0 -20
  491. package/dist/server/mutations/invalidate.d.ts.map +0 -1
  492. package/dist/server/mutations/invalidate.js.map +0 -1
  493. package/dist/server/mutations/oauth.d.ts +0 -30
  494. package/dist/server/mutations/oauth.d.ts.map +0 -1
  495. package/dist/server/mutations/oauth.js.map +0 -1
  496. package/dist/server/mutations/refresh.d.ts +0 -21
  497. package/dist/server/mutations/refresh.d.ts.map +0 -1
  498. package/dist/server/mutations/refresh.js.map +0 -1
  499. package/dist/server/mutations/register.d.ts +0 -38
  500. package/dist/server/mutations/register.d.ts.map +0 -1
  501. package/dist/server/mutations/register.js.map +0 -1
  502. package/dist/server/mutations/retrieve.d.ts +0 -33
  503. package/dist/server/mutations/retrieve.d.ts.map +0 -1
  504. package/dist/server/mutations/retrieve.js.map +0 -1
  505. package/dist/server/mutations/signature.d.ts +0 -21
  506. package/dist/server/mutations/signature.d.ts.map +0 -1
  507. package/dist/server/mutations/signature.js.map +0 -1
  508. package/dist/server/mutations/signin.d.ts +0 -22
  509. package/dist/server/mutations/signin.d.ts.map +0 -1
  510. package/dist/server/mutations/signin.js.map +0 -1
  511. package/dist/server/mutations/signout.d.ts +0 -16
  512. package/dist/server/mutations/signout.d.ts.map +0 -1
  513. package/dist/server/mutations/signout.js.map +0 -1
  514. package/dist/server/mutations/store/refs.d.ts +0 -12
  515. package/dist/server/mutations/store/refs.d.ts.map +0 -1
  516. package/dist/server/mutations/store/refs.js.map +0 -1
  517. package/dist/server/mutations/store.d.ts +0 -306
  518. package/dist/server/mutations/store.d.ts.map +0 -1
  519. package/dist/server/mutations/store.js.map +0 -1
  520. package/dist/server/mutations/verifier.d.ts +0 -13
  521. package/dist/server/mutations/verifier.d.ts.map +0 -1
  522. package/dist/server/mutations/verifier.js.map +0 -1
  523. package/dist/server/mutations/verify.d.ts +0 -26
  524. package/dist/server/mutations/verify.d.ts.map +0 -1
  525. package/dist/server/mutations/verify.js.map +0 -1
  526. package/dist/server/oauth.d.ts +0 -1
  527. package/dist/server/oauth.js +0 -242
  528. package/dist/server/oauth.js.map +0 -1
  529. package/dist/server/passkey.d.ts +0 -27
  530. package/dist/server/passkey.d.ts.map +0 -1
  531. package/dist/server/passkey.js.map +0 -1
  532. package/dist/server/redirects.d.ts +0 -1
  533. package/dist/server/redirects.js.map +0 -1
  534. package/dist/server/refresh.d.ts +0 -1
  535. package/dist/server/refresh.js.map +0 -1
  536. package/dist/server/runtime.d.ts.map +0 -1
  537. package/dist/server/runtime.js.map +0 -1
  538. package/dist/server/sessions.d.ts +0 -1
  539. package/dist/server/sessions.js.map +0 -1
  540. package/dist/server/signin.d.ts +0 -1
  541. package/dist/server/signin.js.map +0 -1
  542. package/dist/server/ssr.d.ts.map +0 -1
  543. package/dist/server/ssr.js +0 -777
  544. package/dist/server/ssr.js.map +0 -1
  545. package/dist/server/templates.d.ts +0 -1
  546. package/dist/server/templates.js.map +0 -1
  547. package/dist/server/tokens.d.ts +0 -1
  548. package/dist/server/tokens.js.map +0 -1
  549. package/dist/server/totp.d.ts +0 -1
  550. package/dist/server/totp.js.map +0 -1
  551. package/dist/server/types.d.ts.map +0 -1
  552. package/dist/server/types.js.map +0 -1
  553. package/dist/server/users.d.ts +0 -1
  554. package/dist/server/users.js.map +0 -1
  555. package/dist/server/utils.d.ts +0 -1
  556. package/dist/server/utils.js +0 -140
  557. package/dist/server/utils.js.map +0 -1
  558. package/src/authorization/index.ts +0 -83
  559. package/src/cli/bin.ts +0 -5
  560. package/src/cli/command.ts +0 -70
  561. package/src/cli/index.ts +0 -1112
  562. package/src/cli/keys.ts +0 -23
  563. package/src/client/core/types.ts +0 -437
  564. package/src/client/factors/device.ts +0 -158
  565. package/src/client/factors/passkey.ts +0 -279
  566. package/src/client/factors/totp.ts +0 -150
  567. package/src/client/index.ts +0 -1124
  568. package/src/client/runtime/browser.ts +0 -112
  569. package/src/client/runtime/invite.ts +0 -63
  570. package/src/client/runtime/proxy.ts +0 -111
  571. package/src/client/runtime/storage.ts +0 -79
  572. package/src/component/_generated/api.ts +0 -96
  573. package/src/component/_generated/component.ts +0 -3774
  574. package/src/component/_generated/dataModel.ts +0 -60
  575. package/src/component/_generated/server.ts +0 -156
  576. package/src/component/convex.config.ts +0 -5
  577. package/src/component/functions.ts +0 -104
  578. package/src/component/index.ts +0 -42
  579. package/src/component/model.ts +0 -449
  580. package/src/component/public/enterprise/audit.ts +0 -125
  581. package/src/component/public/enterprise/core.ts +0 -355
  582. package/src/component/public/enterprise/domains.ts +0 -327
  583. package/src/component/public/enterprise/scim.ts +0 -397
  584. package/src/component/public/enterprise/secrets.ts +0 -133
  585. package/src/component/public/enterprise/webhooks.ts +0 -307
  586. package/src/component/public/factors/devices.ts +0 -224
  587. package/src/component/public/factors/passkeys.ts +0 -243
  588. package/src/component/public/factors/totp.ts +0 -259
  589. package/src/component/public/groups/core.ts +0 -481
  590. package/src/component/public/groups/invites.ts +0 -608
  591. package/src/component/public/groups/members.ts +0 -410
  592. package/src/component/public/identity/accounts.ts +0 -207
  593. package/src/component/public/identity/codes.ts +0 -149
  594. package/src/component/public/identity/sessions.ts +0 -210
  595. package/src/component/public/identity/tokens.ts +0 -251
  596. package/src/component/public/identity/users.ts +0 -355
  597. package/src/component/public/identity/verifiers.ts +0 -158
  598. package/src/component/public/security/keys.ts +0 -366
  599. package/src/component/public/security/limits.ts +0 -174
  600. package/src/component/public.ts +0 -27
  601. package/src/component/schema.ts +0 -505
  602. package/src/providers/anonymous.ts +0 -99
  603. package/src/providers/credentials.ts +0 -102
  604. package/src/providers/device.ts +0 -87
  605. package/src/providers/email.ts +0 -99
  606. package/src/providers/index.ts +0 -31
  607. package/src/providers/oauth.ts +0 -117
  608. package/src/providers/passkey.ts +0 -77
  609. package/src/providers/password.ts +0 -441
  610. package/src/providers/phone.ts +0 -93
  611. package/src/providers/sso.ts +0 -54
  612. package/src/providers/totp.ts +0 -62
  613. package/src/samlify.d.ts +0 -53
  614. package/src/server/auth.ts +0 -949
  615. package/src/server/config.ts +0 -200
  616. package/src/server/context.ts +0 -90
  617. package/src/server/cookies.ts +0 -49
  618. package/src/server/core.ts +0 -2004
  619. package/src/server/crypto.ts +0 -90
  620. package/src/server/db.ts +0 -203
  621. package/src/server/device.ts +0 -254
  622. package/src/server/enterprise/config.ts +0 -51
  623. package/src/server/enterprise/domain.ts +0 -1739
  624. package/src/server/enterprise/http.ts +0 -1331
  625. package/src/server/enterprise/oidc.ts +0 -500
  626. package/src/server/enterprise/policy.ts +0 -128
  627. package/src/server/enterprise/saml.ts +0 -578
  628. package/src/server/enterprise/scim.ts +0 -135
  629. package/src/server/enterprise/shared.ts +0 -134
  630. package/src/server/enterprise/validators.ts +0 -93
  631. package/src/server/http.ts +0 -790
  632. package/src/server/identity.ts +0 -18
  633. package/src/server/index.ts +0 -40
  634. package/src/server/keys.ts +0 -158
  635. package/src/server/limits.ts +0 -107
  636. package/src/server/mounts.ts +0 -924
  637. package/src/server/mutations/account.ts +0 -62
  638. package/src/server/mutations/code.ts +0 -119
  639. package/src/server/mutations/index.ts +0 -13
  640. package/src/server/mutations/invalidate.ts +0 -50
  641. package/src/server/mutations/oauth.ts +0 -243
  642. package/src/server/mutations/refresh.ts +0 -299
  643. package/src/server/mutations/register.ts +0 -155
  644. package/src/server/mutations/retrieve.ts +0 -109
  645. package/src/server/mutations/signature.ts +0 -57
  646. package/src/server/mutations/signin.ts +0 -54
  647. package/src/server/mutations/signout.ts +0 -43
  648. package/src/server/mutations/store/refs.ts +0 -10
  649. package/src/server/mutations/store.ts +0 -123
  650. package/src/server/mutations/verifier.ts +0 -34
  651. package/src/server/mutations/verify.ts +0 -200
  652. package/src/server/oauth.ts +0 -418
  653. package/src/server/passkey.ts +0 -838
  654. package/src/server/redirects.ts +0 -59
  655. package/src/server/refresh.ts +0 -218
  656. package/src/server/runtime.ts +0 -918
  657. package/src/server/sessions.ts +0 -132
  658. package/src/server/signin.ts +0 -445
  659. package/src/server/ssr.ts +0 -1747
  660. package/src/server/templates.ts +0 -82
  661. package/src/server/tokens.ts +0 -35
  662. package/src/server/totp.ts +0 -399
  663. package/src/server/types.ts +0 -1942
  664. package/src/server/users.ts +0 -291
  665. package/src/server/utils.ts +0 -220
  666. /package/dist/{runtime → client/runtime}/invite.js +0 -0
@@ -1,355 +0,0 @@
1
- import { ConvexError, v } from "convex/values";
2
-
3
- import { mutation, query } from "../../functions";
4
- import {
5
- vEnterpriseDoc,
6
- vEnterpriseDomainDoc,
7
- vEnterprisePolicy,
8
- vEnterpriseStatus,
9
- vPaginated,
10
- } from "../../model";
11
-
12
- /**
13
- * Create a new enterprise record attached to a root group.
14
- *
15
- * Each group may only have one enterprise record. If an enterprise already
16
- * exists for the given group, a `ENTERPRISE_ALREADY_EXISTS` error is thrown.
17
- * The enterprise status defaults to `"draft"` when not explicitly provided.
18
- *
19
- * @param args.groupId - The ID of the root group that owns this enterprise.
20
- * @param args.slug - An optional URL-friendly identifier for the enterprise.
21
- * @param args.name - An optional human-readable display name for the enterprise.
22
- * @param args.status - The lifecycle status (`"draft"`, `"active"`, or `"disabled"`). Defaults to `"draft"`.
23
- * @param args.policy - An optional enterprise policy object controlling identity linking, provisioning, and deprovisioning behavior.
24
- * @param args.config - An optional arbitrary configuration blob for enterprise-specific settings.
25
- * @param args.extend - An optional arbitrary extension object for custom fields.
26
- * @returns The ID of the newly created `Enterprise` document.
27
- *
28
- * @example
29
- * ```ts
30
- * const enterpriseId = await ctx.runMutation(
31
- * components.auth.enterprise.enterpriseCreate,
32
- * {
33
- * groupId: orgGroupId,
34
- * slug: "acme-corp",
35
- * name: "Acme Corporation",
36
- * status: "active",
37
- * },
38
- * );
39
- * ```
40
- */
41
- export const enterpriseCreate = mutation({
42
- args: {
43
- groupId: v.id("Group"),
44
- slug: v.optional(v.string()),
45
- name: v.optional(v.string()),
46
- status: v.optional(vEnterpriseStatus),
47
- policy: v.optional(vEnterprisePolicy),
48
- config: v.optional(v.any()),
49
- extend: v.optional(v.any()),
50
- },
51
- returns: v.id("Enterprise"),
52
- handler: async (ctx, args) => {
53
- const existing = await ctx.db
54
- .query("Enterprise")
55
- .withIndex("group_id", (idx) => idx.eq("groupId", args.groupId))
56
- .first();
57
- if (existing) {
58
- throw new ConvexError({
59
- code: "ENTERPRISE_ALREADY_EXISTS",
60
- message: "An enterprise record already exists for this group.",
61
- });
62
- }
63
- return await ctx.db.insert("Enterprise", {
64
- ...args,
65
- status: args.status ?? "draft",
66
- });
67
- },
68
- });
69
-
70
- /**
71
- * Retrieve a single enterprise record by its document ID.
72
- *
73
- * Returns the full enterprise document if it exists, or `null` if no
74
- * enterprise is found with the given ID.
75
- *
76
- * @param args.enterpriseId - The document ID of the enterprise to retrieve.
77
- * @returns The enterprise document, or `null` if not found.
78
- *
79
- * @example
80
- * ```ts
81
- * const enterprise = await ctx.runQuery(
82
- * components.auth.enterprise.enterpriseGet,
83
- * { enterpriseId },
84
- * );
85
- * if (enterprise) {
86
- * console.log(enterprise.name, enterprise.status);
87
- * }
88
- * ```
89
- */
90
- export const enterpriseGet = query({
91
- args: { enterpriseId: v.id("Enterprise") },
92
- returns: v.union(vEnterpriseDoc, v.null()),
93
- handler: async (ctx, { enterpriseId }) => {
94
- return await ctx.db.get("Enterprise", enterpriseId);
95
- },
96
- });
97
-
98
- /**
99
- * Retrieve an enterprise record by the ID of its owning group.
100
- *
101
- * Looks up the enterprise that is linked to the specified group using the
102
- * `group_id` index. Returns `null` if no enterprise is associated with the group.
103
- *
104
- * @param args.groupId - The ID of the root group whose enterprise record to look up.
105
- * @returns The enterprise document, or `null` if the group has no enterprise.
106
- *
107
- * @example
108
- * ```ts
109
- * const enterprise = await ctx.runQuery(
110
- * components.auth.enterprise.enterpriseGetByGroup,
111
- * { groupId: orgGroupId },
112
- * );
113
- * ```
114
- */
115
- export const enterpriseGetByGroup = query({
116
- args: { groupId: v.id("Group") },
117
- returns: v.union(vEnterpriseDoc, v.null()),
118
- handler: async (ctx, { groupId }) => {
119
- return await ctx.db
120
- .query("Enterprise")
121
- .withIndex("group_id", (idx) => idx.eq("groupId", groupId))
122
- .first();
123
- },
124
- });
125
-
126
- /**
127
- * Retrieve an enterprise record by one of its linked domain names.
128
- *
129
- * Looks up an `EnterpriseDomain` row matching the given domain string, then
130
- * resolves the parent enterprise. Returns both the enterprise and the matched
131
- * domain document, or `null` if the domain is not registered or its enterprise
132
- * no longer exists.
133
- *
134
- * @param args.domain - The domain name to search for (e.g. `"acme.com"`).
135
- * @returns An object containing the `enterprise` and `domain` documents, or `null` if not found.
136
- *
137
- * @example
138
- * ```ts
139
- * const result = await ctx.runQuery(
140
- * components.auth.enterprise.enterpriseGetByDomain,
141
- * { domain: "acme.com" },
142
- * );
143
- * if (result) {
144
- * console.log(result.enterprise.name, result.domain.verifiedAt);
145
- * }
146
- * ```
147
- */
148
- export const enterpriseGetByDomain = query({
149
- args: { domain: v.string() },
150
- returns: v.union(
151
- v.object({
152
- enterprise: vEnterpriseDoc,
153
- domain: vEnterpriseDomainDoc,
154
- }),
155
- v.null(),
156
- ),
157
- handler: async (ctx, { domain }) => {
158
- const domainRow = await ctx.db
159
- .query("EnterpriseDomain")
160
- .withIndex("domain", (idx) => idx.eq("domain", domain))
161
- .first();
162
- if (!domainRow) {
163
- return null;
164
- }
165
- const enterprise = await ctx.db.get("Enterprise", domainRow.enterpriseId);
166
- if (!enterprise) {
167
- return null;
168
- }
169
- return { enterprise, domain: domainRow };
170
- },
171
- });
172
-
173
- /**
174
- * List enterprise records with optional filtering and cursor-based pagination.
175
- *
176
- * Supports filtering by `groupId`, `slug`, and/or `status`. The query selects
177
- * the most specific index available for the primary filter, then applies
178
- * remaining predicates as post-filters. Results are ordered by creation time
179
- * (or the specified field) and paginated using an opaque cursor.
180
- *
181
- * @param args.where - Optional filter criteria: `groupId`, `slug`, and/or `status`.
182
- * @param args.limit - Maximum number of items per page (clamped between 1 and 100, defaults to 50).
183
- * @param args.cursor - An opaque cursor string returned from a previous call to fetch the next page, or `null` / omitted for the first page.
184
- * @param args.orderBy - The field to sort results by: `"_creationTime"`, `"name"`, `"slug"`, or `"status"`.
185
- * @param args.order - Sort direction: `"asc"` or `"desc"` (defaults to `"desc"`).
186
- * @returns A paginated result containing `items` (array of enterprise documents) and `nextCursor` (`string | null`).
187
- *
188
- * @example
189
- * ```ts
190
- * const page = await ctx.runQuery(
191
- * components.auth.enterprise.enterpriseList,
192
- * {
193
- * where: { status: "active" },
194
- * limit: 25,
195
- * order: "asc",
196
- * },
197
- * );
198
- * for (const ent of page.items) {
199
- * console.log(ent.name);
200
- * }
201
- * // Fetch next page:
202
- * const nextPage = await ctx.runQuery(
203
- * components.auth.enterprise.enterpriseList,
204
- * { where: { status: "active" }, cursor: page.nextCursor },
205
- * );
206
- * ```
207
- */
208
- export const enterpriseList = query({
209
- args: {
210
- where: v.optional(
211
- v.object({
212
- groupId: v.optional(v.id("Group")),
213
- slug: v.optional(v.string()),
214
- status: v.optional(vEnterpriseStatus),
215
- }),
216
- ),
217
- limit: v.optional(v.number()),
218
- cursor: v.optional(v.union(v.string(), v.null())),
219
- orderBy: v.optional(
220
- v.union(
221
- v.literal("_creationTime"),
222
- v.literal("name"),
223
- v.literal("slug"),
224
- v.literal("status"),
225
- ),
226
- ),
227
- order: v.optional(v.union(v.literal("asc"), v.literal("desc"))),
228
- },
229
- returns: vPaginated(vEnterpriseDoc),
230
- handler: async (ctx, args) => {
231
- const where = args.where ?? {};
232
- const limit = Math.min(Math.max(args.limit ?? 50, 1), 100);
233
- const order = args.order ?? "desc";
234
-
235
- let q;
236
- if (where.groupId !== undefined) {
237
- q = ctx.db
238
- .query("Enterprise")
239
- .withIndex("group_id", (idx) => idx.eq("groupId", where.groupId!));
240
- } else if (where.slug !== undefined) {
241
- q = ctx.db
242
- .query("Enterprise")
243
- .withIndex("slug", (idx) => idx.eq("slug", where.slug!));
244
- } else if (where.status !== undefined) {
245
- q = ctx.db
246
- .query("Enterprise")
247
- .withIndex("status", (idx) => idx.eq("status", where.status!));
248
- } else {
249
- q = ctx.db.query("Enterprise");
250
- }
251
-
252
- if (where.groupId !== undefined && where.slug !== undefined) {
253
- q = q.filter((f) => f.eq(f.field("slug"), where.slug!));
254
- }
255
- if (where.status !== undefined && where.groupId === undefined) {
256
- // already handled by index in the dedicated branch
257
- } else if (where.status !== undefined) {
258
- q = q.filter((f) => f.eq(f.field("status"), where.status!));
259
- }
260
-
261
- q = q.order(order);
262
- const all = await q.collect();
263
- let startIdx = 0;
264
- if (args.cursor) {
265
- const cursorIdx = all.findIndex((doc) => doc._id === args.cursor);
266
- if (cursorIdx !== -1) {
267
- startIdx = cursorIdx + 1;
268
- }
269
- }
270
- const page = all.slice(startIdx, startIdx + limit + 1);
271
- const hasMore = page.length > limit;
272
- const items = hasMore ? page.slice(0, limit) : page;
273
- const nextCursor = hasMore ? items[items.length - 1]._id : null;
274
- return { items, nextCursor };
275
- },
276
- });
277
-
278
- /**
279
- * Partially update (patch) an existing enterprise record.
280
- *
281
- * Merges the provided `data` fields into the existing enterprise document.
282
- * Only the fields present in `data` are changed; all other fields are preserved.
283
- *
284
- * @param args.enterpriseId - The document ID of the enterprise to update.
285
- * @param args.data - An object containing the fields to update (e.g. `{ name, status, policy }`).
286
- * @returns `null` on success.
287
- *
288
- * @example
289
- * ```ts
290
- * await ctx.runMutation(
291
- * components.auth.enterprise.enterpriseUpdate,
292
- * {
293
- * enterpriseId,
294
- * data: { status: "active", name: "Acme Corp (Renamed)" },
295
- * },
296
- * );
297
- * ```
298
- */
299
- export const enterpriseUpdate = mutation({
300
- args: { enterpriseId: v.id("Enterprise"), data: v.any() },
301
- returns: v.null(),
302
- handler: async (ctx, { enterpriseId, data }) => {
303
- await ctx.db.patch(enterpriseId, data);
304
- return null;
305
- },
306
- });
307
-
308
- /**
309
- * Delete an enterprise record and all of its associated child data.
310
- *
311
- * This cascading delete removes the enterprise document along with all linked
312
- * domain records, domain verification records, and enterprise secrets. Callers
313
- * should ensure that higher-level cleanup (e.g. SCIM identities, webhook
314
- * endpoints) is handled separately if needed.
315
- *
316
- * @param args.enterpriseId - The document ID of the enterprise to delete.
317
- * @returns `null` on success.
318
- *
319
- * @example
320
- * ```ts
321
- * await ctx.runMutation(
322
- * components.auth.enterprise.enterpriseDelete,
323
- * { enterpriseId },
324
- * );
325
- * ```
326
- */
327
- export const enterpriseDelete = mutation({
328
- args: { enterpriseId: v.id("Enterprise") },
329
- returns: v.null(),
330
- handler: async (ctx, { enterpriseId }) => {
331
- const domains = await ctx.db
332
- .query("EnterpriseDomain")
333
- .withIndex("enterprise_id", (idx) => idx.eq("enterpriseId", enterpriseId))
334
- .collect();
335
- for (const domain of domains) {
336
- const verification = await ctx.db
337
- .query("EnterpriseDomainVerification")
338
- .withIndex("domain_id", (idx) => idx.eq("domainId", domain._id))
339
- .first();
340
- if (verification) {
341
- await ctx.db.delete(verification._id);
342
- }
343
- await ctx.db.delete(domain._id);
344
- }
345
- const secrets = await ctx.db
346
- .query("EnterpriseSecret")
347
- .withIndex("enterprise_id", (idx) => idx.eq("enterpriseId", enterpriseId))
348
- .collect();
349
- for (const secret of secrets) {
350
- await ctx.db.delete(secret._id);
351
- }
352
- await ctx.db.delete(enterpriseId);
353
- return null;
354
- },
355
- });
@@ -1,327 +0,0 @@
1
- import { ConvexError, v } from "convex/values";
2
-
3
- import { mutation, query } from "../../functions";
4
- import {
5
- vEnterpriseDomainDoc,
6
- vEnterpriseDomainVerificationDoc,
7
- } from "../../model";
8
-
9
- /**
10
- * Link a domain to an enterprise record, or update an existing link.
11
- *
12
- * If the domain is already attached to a different enterprise, an
13
- * `ENTERPRISE_DOMAIN_TAKEN` error is thrown. If the domain already exists for
14
- * this enterprise, it is updated in place (e.g. toggling `isPrimary`). When
15
- * `isPrimary` is `true`, any previously primary domain on the same enterprise
16
- * is demoted. The first domain added to an enterprise becomes primary by default.
17
- *
18
- * @param args.enterpriseId - The ID of the enterprise to attach the domain to.
19
- * @param args.groupId - The ID of the root group that owns the enterprise.
20
- * @param args.domain - The domain name to link (e.g. `"acme.com"`).
21
- * @param args.isPrimary - Whether this domain should be set as the primary domain for the enterprise. Defaults to `true` for the first domain.
22
- * @returns The ID of the created or updated `EnterpriseDomain` document.
23
- *
24
- * @example
25
- * ```ts
26
- * const domainId = await ctx.runMutation(
27
- * components.auth.enterprise.enterpriseDomainAdd,
28
- * {
29
- * enterpriseId,
30
- * groupId: orgGroupId,
31
- * domain: "acme.com",
32
- * isPrimary: true,
33
- * },
34
- * );
35
- * ```
36
- */
37
- export const enterpriseDomainAdd = mutation({
38
- args: {
39
- enterpriseId: v.id("Enterprise"),
40
- groupId: v.id("Group"),
41
- domain: v.string(),
42
- isPrimary: v.optional(v.boolean()),
43
- },
44
- returns: v.id("EnterpriseDomain"),
45
- handler: async (ctx, args) => {
46
- const existingByDomain = await ctx.db
47
- .query("EnterpriseDomain")
48
- .withIndex("domain", (idx) => idx.eq("domain", args.domain))
49
- .first();
50
- if (
51
- existingByDomain &&
52
- existingByDomain.enterpriseId !== args.enterpriseId
53
- ) {
54
- throw new ConvexError({
55
- code: "ENTERPRISE_DOMAIN_TAKEN",
56
- message: "That domain is already attached to another enterprise.",
57
- });
58
- }
59
-
60
- const existingForEnterprise = await ctx.db
61
- .query("EnterpriseDomain")
62
- .withIndex("enterprise_id", (idx) =>
63
- idx.eq("enterpriseId", args.enterpriseId),
64
- )
65
- .collect();
66
-
67
- for (const row of existingForEnterprise) {
68
- if (row.domain === args.domain) {
69
- await ctx.db.patch(row._id, {
70
- isPrimary: args.isPrimary ?? row.isPrimary,
71
- });
72
- return row._id;
73
- }
74
- }
75
-
76
- if (args.isPrimary === true) {
77
- for (const row of existingForEnterprise) {
78
- if (row.isPrimary) {
79
- await ctx.db.patch(row._id, { isPrimary: false });
80
- }
81
- }
82
- }
83
-
84
- return await ctx.db.insert("EnterpriseDomain", {
85
- ...args,
86
- isPrimary: args.isPrimary ?? existingForEnterprise.length === 0,
87
- });
88
- },
89
- });
90
-
91
- /**
92
- * List all domains linked to a specific enterprise.
93
- *
94
- * Returns all `EnterpriseDomain` documents associated with the given enterprise,
95
- * queried via the `enterprise_id` index. The result includes both verified and
96
- * unverified domains.
97
- *
98
- * @param args.enterpriseId - The ID of the enterprise whose domains to list.
99
- * @returns An array of enterprise domain documents.
100
- *
101
- * @example
102
- * ```ts
103
- * const domains = await ctx.runQuery(
104
- * components.auth.enterprise.enterpriseDomainList,
105
- * { enterpriseId },
106
- * );
107
- * for (const d of domains) {
108
- * console.log(d.domain, d.isPrimary, d.verifiedAt);
109
- * }
110
- * ```
111
- */
112
- export const enterpriseDomainList = query({
113
- args: { enterpriseId: v.id("Enterprise") },
114
- returns: v.array(vEnterpriseDomainDoc),
115
- handler: async (ctx, { enterpriseId }) => {
116
- return await ctx.db
117
- .query("EnterpriseDomain")
118
- .withIndex("enterprise_id", (idx) => idx.eq("enterpriseId", enterpriseId))
119
- .collect();
120
- },
121
- });
122
-
123
- /**
124
- * Remove a linked enterprise domain and its associated verification record.
125
- *
126
- * Deletes the `EnterpriseDomain` document and, if one exists, the related
127
- * `EnterpriseDomainVerification` record. This is a permanent deletion.
128
- *
129
- * @param args.domainId - The document ID of the enterprise domain to remove.
130
- * @returns `null` on success.
131
- *
132
- * @example
133
- * ```ts
134
- * await ctx.runMutation(
135
- * components.auth.enterprise.enterpriseDomainDelete,
136
- * { domainId },
137
- * );
138
- * ```
139
- */
140
- export const enterpriseDomainDelete = mutation({
141
- args: { domainId: v.id("EnterpriseDomain") },
142
- returns: v.null(),
143
- handler: async (ctx, { domainId }) => {
144
- const verification = await ctx.db
145
- .query("EnterpriseDomainVerification")
146
- .withIndex("domain_id", (idx) => idx.eq("domainId", domainId))
147
- .first();
148
- if (verification) {
149
- await ctx.db.delete(verification._id);
150
- }
151
- await ctx.db.delete(domainId);
152
- return null;
153
- },
154
- });
155
-
156
- /**
157
- * Retrieve the pending domain verification record for a given enterprise domain.
158
- *
159
- * Returns the `EnterpriseDomainVerification` document associated with the
160
- * specified domain, or `null` if no verification has been initiated.
161
- *
162
- * @param args.domainId - The document ID of the enterprise domain whose verification to retrieve.
163
- * @returns The domain verification document, or `null` if none exists.
164
- *
165
- * @example
166
- * ```ts
167
- * const verification = await ctx.runQuery(
168
- * components.auth.enterprise.enterpriseDomainVerificationGet,
169
- * { domainId },
170
- * );
171
- * if (verification) {
172
- * console.log(verification.recordName, verification.expiresAt);
173
- * }
174
- * ```
175
- */
176
- export const enterpriseDomainVerificationGet = query({
177
- args: { domainId: v.id("EnterpriseDomain") },
178
- returns: v.union(vEnterpriseDomainVerificationDoc, v.null()),
179
- handler: async (ctx, { domainId }) => {
180
- return await ctx.db
181
- .query("EnterpriseDomainVerification")
182
- .withIndex("domain_id", (idx) => idx.eq("domainId", domainId))
183
- .first();
184
- },
185
- });
186
-
187
- /**
188
- * Create or update a domain verification challenge for an enterprise domain.
189
- *
190
- * If a verification record already exists for the domain, all fields are
191
- * updated in place (e.g. to rotate the token). Otherwise a new record is
192
- * created. The caller is responsible for generating the DNS record name,
193
- * token, and token hash.
194
- *
195
- * @param args.enterpriseId - The ID of the enterprise that owns the domain.
196
- * @param args.groupId - The ID of the root group that owns the enterprise.
197
- * @param args.domainId - The document ID of the enterprise domain to verify.
198
- * @param args.domain - The domain name string (e.g. `"acme.com"`).
199
- * @param args.recordName - The DNS TXT record name to be published (e.g. `"_convex-verify.acme.com"`).
200
- * @param args.token - The plaintext verification token value.
201
- * @param args.tokenHash - A hash of the verification token for secure storage.
202
- * @param args.requestedAt - Epoch timestamp (ms) when the verification was requested.
203
- * @param args.expiresAt - Epoch timestamp (ms) after which the challenge expires.
204
- * @returns The ID of the created or updated `EnterpriseDomainVerification` document.
205
- *
206
- * @example
207
- * ```ts
208
- * const verificationId = await ctx.runMutation(
209
- * components.auth.enterprise.enterpriseDomainVerificationUpsert,
210
- * {
211
- * enterpriseId,
212
- * groupId: orgGroupId,
213
- * domainId,
214
- * domain: "acme.com",
215
- * recordName: "_convex-verify.acme.com",
216
- * token: "abc123",
217
- * tokenHash: "sha256:...",
218
- * requestedAt: Date.now(),
219
- * expiresAt: Date.now() + 7 * 24 * 60 * 60 * 1000,
220
- * },
221
- * );
222
- * ```
223
- */
224
- export const enterpriseDomainVerificationUpsert = mutation({
225
- args: {
226
- enterpriseId: v.id("Enterprise"),
227
- groupId: v.id("Group"),
228
- domainId: v.id("EnterpriseDomain"),
229
- domain: v.string(),
230
- recordName: v.string(),
231
- token: v.string(),
232
- tokenHash: v.string(),
233
- requestedAt: v.number(),
234
- expiresAt: v.number(),
235
- },
236
- returns: v.id("EnterpriseDomainVerification"),
237
- handler: async (ctx, args) => {
238
- const existing = await ctx.db
239
- .query("EnterpriseDomainVerification")
240
- .withIndex("domain_id", (idx) => idx.eq("domainId", args.domainId))
241
- .first();
242
- if (existing) {
243
- await ctx.db.patch(existing._id, args);
244
- return existing._id;
245
- }
246
- return await ctx.db.insert("EnterpriseDomainVerification", args);
247
- },
248
- });
249
-
250
- /**
251
- * Delete the pending domain verification record for an enterprise domain.
252
- *
253
- * Removes the `EnterpriseDomainVerification` document associated with the
254
- * given domain, effectively cancelling the verification challenge. If no
255
- * verification record exists, this is a no-op.
256
- *
257
- * @param args.domainId - The document ID of the enterprise domain whose verification to delete.
258
- * @returns `null` on success.
259
- *
260
- * @example
261
- * ```ts
262
- * await ctx.runMutation(
263
- * components.auth.enterprise.enterpriseDomainVerificationDelete,
264
- * { domainId },
265
- * );
266
- * ```
267
- */
268
- export const enterpriseDomainVerificationDelete = mutation({
269
- args: { domainId: v.id("EnterpriseDomain") },
270
- returns: v.null(),
271
- handler: async (ctx, { domainId }) => {
272
- const existing = await ctx.db
273
- .query("EnterpriseDomainVerification")
274
- .withIndex("domain_id", (idx) => idx.eq("domainId", domainId))
275
- .first();
276
- if (existing) {
277
- await ctx.db.delete(existing._id);
278
- }
279
- return null;
280
- },
281
- });
282
-
283
- /**
284
- * Mark an enterprise domain as verified and clean up the verification record.
285
- *
286
- * Sets the `verifiedAt` timestamp on the domain document and deletes the
287
- * associated `EnterpriseDomainVerification` record (if any). Throws an
288
- * `INVALID_PARAMETERS` error if the domain document does not exist.
289
- *
290
- * @param args.domainId - The document ID of the enterprise domain to mark as verified.
291
- * @param args.verifiedAt - Epoch timestamp (ms) at which the domain was verified.
292
- * @returns The updated enterprise domain document with the `verifiedAt` field set.
293
- *
294
- * @example
295
- * ```ts
296
- * const verifiedDomain = await ctx.runMutation(
297
- * components.auth.enterprise.enterpriseDomainVerify,
298
- * { domainId, verifiedAt: Date.now() },
299
- * );
300
- * console.log("Domain verified:", verifiedDomain.domain);
301
- * ```
302
- */
303
- export const enterpriseDomainVerify = mutation({
304
- args: {
305
- domainId: v.id("EnterpriseDomain"),
306
- verifiedAt: v.number(),
307
- },
308
- returns: vEnterpriseDomainDoc,
309
- handler: async (ctx, { domainId, verifiedAt }) => {
310
- await ctx.db.patch(domainId, { verifiedAt });
311
- const domain = await ctx.db.get("EnterpriseDomain", domainId);
312
- if (!domain) {
313
- throw new ConvexError({
314
- code: "INVALID_PARAMETERS",
315
- message: "Enterprise domain not found.",
316
- });
317
- }
318
- const verification = await ctx.db
319
- .query("EnterpriseDomainVerification")
320
- .withIndex("domain_id", (idx) => idx.eq("domainId", domainId))
321
- .first();
322
- if (verification) {
323
- await ctx.db.delete(verification._id);
324
- }
325
- return domain;
326
- },
327
- });