@robelest/convex-auth 0.0.4-preview.25 → 0.0.4-preview.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (666) hide show
  1. package/README.md +43 -36
  2. package/dist/bin.js +5765 -4880
  3. package/dist/browser/index.d.ts +30 -0
  4. package/dist/browser/index.js +93 -0
  5. package/dist/browser/locks.js +11 -0
  6. package/dist/browser/navigation.js +14 -0
  7. package/dist/{factors → browser}/passkey.js +23 -32
  8. package/dist/browser/runtime.js +92 -0
  9. package/dist/client/core/types.d.ts +452 -5
  10. package/dist/client/core/types.js +17 -0
  11. package/dist/client/errors.js +19 -0
  12. package/dist/client/factors/device.js +94 -0
  13. package/dist/{factors → client/factors}/totp.js +12 -4
  14. package/dist/client/index.d.ts +47 -1
  15. package/dist/client/index.js +269 -232
  16. package/dist/client/runtime/mutex.js +24 -0
  17. package/dist/client/runtime/proxy.js +30 -0
  18. package/dist/client/runtime/storage.js +45 -0
  19. package/dist/client/services/adapters.js +7 -0
  20. package/dist/client/services/http.js +6 -0
  21. package/dist/client/services/resolve.js +13 -0
  22. package/dist/client/services/runtime.js +6 -0
  23. package/dist/component/_generated/component.d.ts +1355 -1399
  24. package/dist/component/convex.config.d.ts +2 -2
  25. package/dist/component/index.d.ts +4 -26
  26. package/dist/component/index.js +1 -1
  27. package/dist/component/model.d.ts +26 -112
  28. package/dist/component/model.js +76 -54
  29. package/dist/component/modules.js +38 -0
  30. package/dist/component/public/factors/devices.js +1 -1
  31. package/dist/component/public/factors/passkeys.js +1 -1
  32. package/dist/component/public/factors/totp.js +1 -1
  33. package/dist/component/public/groups/core.js +2 -2
  34. package/dist/component/public/groups/invites.js +1 -1
  35. package/dist/component/public/groups/members.js +1 -1
  36. package/dist/component/public/identity/accounts.js +1 -1
  37. package/dist/component/public/identity/codes.js +1 -1
  38. package/dist/component/public/identity/sessions.js +39 -2
  39. package/dist/component/public/identity/tokens.js +82 -4
  40. package/dist/component/public/identity/users.js +1 -1
  41. package/dist/component/public/identity/verifiers.js +10 -4
  42. package/dist/component/public/security/keys.js +1 -1
  43. package/dist/component/public/security/limits.js +1 -1
  44. package/dist/component/public/{enterprise → sso}/audit.js +26 -26
  45. package/dist/component/public/sso/core.js +263 -0
  46. package/dist/component/public/sso/domains.js +280 -0
  47. package/dist/component/public/{enterprise → sso}/scim.js +87 -87
  48. package/dist/component/public/sso/secrets.js +125 -0
  49. package/dist/component/public/{enterprise → sso}/webhooks.js +59 -59
  50. package/dist/component/public.js +9 -9
  51. package/dist/component/schema.d.ts +472 -393
  52. package/dist/component/schema.js +36 -35
  53. package/dist/core/index.d.ts +380 -0
  54. package/dist/core/index.js +83 -0
  55. package/dist/otel.d.ts +69 -0
  56. package/dist/otel.js +82 -0
  57. package/dist/providers/anonymous.d.ts +15 -34
  58. package/dist/providers/anonymous.js +27 -35
  59. package/dist/providers/apple.d.ts +59 -0
  60. package/dist/providers/apple.js +58 -0
  61. package/dist/providers/credentials.d.ts +18 -34
  62. package/dist/providers/credentials.js +16 -27
  63. package/dist/providers/custom.d.ts +94 -0
  64. package/dist/providers/custom.js +119 -0
  65. package/dist/providers/device.d.ts +15 -49
  66. package/dist/providers/device.js +17 -34
  67. package/dist/providers/email.d.ts +21 -38
  68. package/dist/providers/email.js +36 -55
  69. package/dist/providers/github.d.ts +54 -0
  70. package/dist/providers/github.js +75 -0
  71. package/dist/providers/google.d.ts +54 -0
  72. package/dist/providers/google.js +61 -0
  73. package/dist/providers/index.d.ts +16 -12
  74. package/dist/providers/index.js +15 -11
  75. package/dist/providers/microsoft.d.ts +57 -0
  76. package/dist/providers/microsoft.js +101 -0
  77. package/dist/providers/passkey.d.ts +19 -35
  78. package/dist/providers/passkey.js +20 -30
  79. package/dist/providers/password.d.ts +17 -18
  80. package/dist/providers/password.js +121 -143
  81. package/dist/providers/phone.d.ts +13 -28
  82. package/dist/providers/phone.js +21 -46
  83. package/dist/providers/sso.d.ts +16 -36
  84. package/dist/providers/sso.js +21 -22
  85. package/dist/providers/totp.d.ts +13 -29
  86. package/dist/providers/totp.js +17 -27
  87. package/dist/server/auth-context.d.ts +204 -0
  88. package/dist/server/auth-context.js +76 -0
  89. package/dist/server/auth.d.ts +99 -244
  90. package/dist/server/auth.js +56 -152
  91. package/dist/server/componentContext.d.ts +12 -0
  92. package/dist/server/componentContext.js +1 -0
  93. package/dist/server/config.js +6 -67
  94. package/dist/server/constants.js +6 -0
  95. package/dist/server/contract.d.ts +105 -0
  96. package/dist/server/contract.js +43 -0
  97. package/dist/server/cookies.js +3 -2
  98. package/dist/server/core.js +31 -36
  99. package/dist/server/crypto.js +34 -44
  100. package/dist/server/db.js +6 -1
  101. package/dist/server/device.js +96 -130
  102. package/dist/server/env.js +48 -0
  103. package/dist/server/errors.js +20 -0
  104. package/dist/server/http.d.ts +15 -59
  105. package/dist/server/http.js +136 -120
  106. package/dist/server/identity.js +2 -2
  107. package/dist/server/index.d.ts +5 -4
  108. package/dist/server/index.js +3 -3
  109. package/dist/server/keys.js +10 -1
  110. package/dist/server/limits.js +26 -26
  111. package/dist/server/log.js +28 -0
  112. package/dist/server/mounts.d.ts +1107 -296
  113. package/dist/server/mounts.js +315 -196
  114. package/dist/server/mutations/account.js +11 -14
  115. package/dist/server/mutations/code.js +6 -5
  116. package/dist/server/mutations/invalidate.js +9 -11
  117. package/dist/server/mutations/oauth.js +112 -73
  118. package/dist/server/mutations/refresh.js +47 -97
  119. package/dist/server/mutations/register.js +37 -35
  120. package/dist/server/mutations/retrieve.js +16 -16
  121. package/dist/server/mutations/signature.js +15 -18
  122. package/dist/server/mutations/signin.js +10 -5
  123. package/dist/server/mutations/signout.js +11 -14
  124. package/dist/server/mutations/store.js +25 -18
  125. package/dist/server/mutations/verifier.js +11 -8
  126. package/dist/server/mutations/verify.js +53 -41
  127. package/dist/server/oauth/factory.js +44 -0
  128. package/dist/server/oauth/index.js +12 -0
  129. package/dist/server/oauth/runtime.js +248 -0
  130. package/dist/server/passkey.js +331 -365
  131. package/dist/server/payloads.d.ts +16 -0
  132. package/dist/server/payloads.js +30 -0
  133. package/dist/server/{ssr.d.ts → prefetch.d.ts} +2 -2
  134. package/dist/server/prefetch.js +635 -0
  135. package/dist/server/random.js +19 -0
  136. package/dist/server/redirects.js +10 -5
  137. package/dist/server/refresh.js +14 -86
  138. package/dist/server/runtime.d.ts +531 -31
  139. package/dist/server/runtime.js +106 -267
  140. package/dist/server/secret.js +44 -0
  141. package/dist/server/services/config.js +10 -0
  142. package/dist/server/services/group.js +211 -0
  143. package/dist/server/services/logger.js +8 -0
  144. package/dist/server/services/providers.js +22 -0
  145. package/dist/server/services/refresh.js +8 -0
  146. package/dist/server/services/resolve.js +27 -0
  147. package/dist/server/services/signin.js +8 -0
  148. package/dist/server/sessions.js +35 -34
  149. package/dist/server/signin.js +229 -140
  150. package/dist/server/{enterprise → sso}/config.js +10 -3
  151. package/dist/server/sso/domain.d.ts +614 -0
  152. package/dist/server/sso/domain.js +1175 -0
  153. package/dist/server/sso/http.js +1060 -0
  154. package/dist/server/sso/oidc.js +324 -0
  155. package/dist/server/sso/policies.js +59 -0
  156. package/dist/server/sso/policy.js +139 -0
  157. package/dist/server/sso/profile.js +22 -0
  158. package/dist/server/sso/provision.js +179 -0
  159. package/dist/{component/server/enterprise → server/sso}/saml.js +142 -56
  160. package/dist/{component/server/enterprise → server/sso}/scim.js +13 -7
  161. package/dist/server/sso/shared.js +74 -0
  162. package/dist/server/sso/validators.js +88 -0
  163. package/dist/server/sso/webhook.js +94 -0
  164. package/dist/server/tokens.js +16 -4
  165. package/dist/server/totp.js +155 -164
  166. package/dist/server/types.d.ts +306 -296
  167. package/dist/server/types.js +1 -30
  168. package/dist/server/url.js +32 -0
  169. package/dist/server/users.js +74 -40
  170. package/dist/server/utils/cache.js +51 -0
  171. package/dist/server/utils/dispatch.js +36 -0
  172. package/dist/server/utils/retry.js +24 -0
  173. package/dist/server/utils/span.js +32 -0
  174. package/dist/shared/errors.js +19 -0
  175. package/dist/shared/log.js +45 -0
  176. package/{src/test.ts → dist/test.d.ts} +21 -22
  177. package/dist/test.js +51 -0
  178. package/package.json +70 -42
  179. package/dist/authorization/index.d.ts.map +0 -1
  180. package/dist/authorization/index.js.map +0 -1
  181. package/dist/client/core/types.d.ts.map +0 -1
  182. package/dist/client/index.d.ts.map +0 -1
  183. package/dist/client/index.js.map +0 -1
  184. package/dist/component/_generated/api.d.ts +0 -75
  185. package/dist/component/_generated/api.d.ts.map +0 -1
  186. package/dist/component/_generated/api.js.map +0 -1
  187. package/dist/component/_generated/component.d.ts.map +0 -1
  188. package/dist/component/_generated/dataModel.d.ts +0 -42
  189. package/dist/component/_generated/dataModel.d.ts.map +0 -1
  190. package/dist/component/_generated/server.d.ts +0 -117
  191. package/dist/component/_generated/server.d.ts.map +0 -1
  192. package/dist/component/_generated/server.js.map +0 -1
  193. package/dist/component/_virtual/rolldown_runtime.js +0 -18
  194. package/dist/component/client/core/types.d.ts +0 -2
  195. package/dist/component/client/index.d.ts +0 -1
  196. package/dist/component/convex.config.d.ts.map +0 -1
  197. package/dist/component/convex.config.js.map +0 -1
  198. package/dist/component/functions.d.ts +0 -25
  199. package/dist/component/functions.d.ts.map +0 -1
  200. package/dist/component/functions.js.map +0 -1
  201. package/dist/component/index.d.ts.map +0 -1
  202. package/dist/component/model.d.ts.map +0 -1
  203. package/dist/component/model.js.map +0 -1
  204. package/dist/component/providers/anonymous.d.ts +0 -54
  205. package/dist/component/providers/anonymous.d.ts.map +0 -1
  206. package/dist/component/providers/credentials.d.ts +0 -38
  207. package/dist/component/providers/credentials.d.ts.map +0 -1
  208. package/dist/component/providers/device.d.ts +0 -67
  209. package/dist/component/providers/device.d.ts.map +0 -1
  210. package/dist/component/providers/email.d.ts +0 -62
  211. package/dist/component/providers/email.d.ts.map +0 -1
  212. package/dist/component/providers/oauth.d.ts +0 -25
  213. package/dist/component/providers/oauth.d.ts.map +0 -1
  214. package/dist/component/providers/oauth.js +0 -13
  215. package/dist/component/providers/oauth.js.map +0 -1
  216. package/dist/component/providers/passkey.d.ts +0 -57
  217. package/dist/component/providers/passkey.d.ts.map +0 -1
  218. package/dist/component/providers/password.d.ts +0 -88
  219. package/dist/component/providers/password.d.ts.map +0 -1
  220. package/dist/component/providers/phone.d.ts +0 -48
  221. package/dist/component/providers/phone.d.ts.map +0 -1
  222. package/dist/component/providers/sso.d.ts +0 -50
  223. package/dist/component/providers/sso.d.ts.map +0 -1
  224. package/dist/component/providers/totp.d.ts +0 -45
  225. package/dist/component/providers/totp.d.ts.map +0 -1
  226. package/dist/component/public/enterprise/audit.d.ts +0 -73
  227. package/dist/component/public/enterprise/audit.d.ts.map +0 -1
  228. package/dist/component/public/enterprise/audit.js.map +0 -1
  229. package/dist/component/public/enterprise/core.d.ts +0 -176
  230. package/dist/component/public/enterprise/core.d.ts.map +0 -1
  231. package/dist/component/public/enterprise/core.js +0 -292
  232. package/dist/component/public/enterprise/core.js.map +0 -1
  233. package/dist/component/public/enterprise/domains.d.ts +0 -174
  234. package/dist/component/public/enterprise/domains.d.ts.map +0 -1
  235. package/dist/component/public/enterprise/domains.js +0 -271
  236. package/dist/component/public/enterprise/domains.js.map +0 -1
  237. package/dist/component/public/enterprise/scim.d.ts +0 -245
  238. package/dist/component/public/enterprise/scim.d.ts.map +0 -1
  239. package/dist/component/public/enterprise/scim.js.map +0 -1
  240. package/dist/component/public/enterprise/secrets.d.ts +0 -78
  241. package/dist/component/public/enterprise/secrets.d.ts.map +0 -1
  242. package/dist/component/public/enterprise/secrets.js +0 -118
  243. package/dist/component/public/enterprise/secrets.js.map +0 -1
  244. package/dist/component/public/enterprise/webhooks.d.ts +0 -211
  245. package/dist/component/public/enterprise/webhooks.d.ts.map +0 -1
  246. package/dist/component/public/enterprise/webhooks.js.map +0 -1
  247. package/dist/component/public/factors/devices.d.ts +0 -157
  248. package/dist/component/public/factors/devices.d.ts.map +0 -1
  249. package/dist/component/public/factors/devices.js.map +0 -1
  250. package/dist/component/public/factors/passkeys.d.ts +0 -175
  251. package/dist/component/public/factors/passkeys.d.ts.map +0 -1
  252. package/dist/component/public/factors/passkeys.js.map +0 -1
  253. package/dist/component/public/factors/totp.d.ts +0 -189
  254. package/dist/component/public/factors/totp.d.ts.map +0 -1
  255. package/dist/component/public/factors/totp.js.map +0 -1
  256. package/dist/component/public/groups/core.d.ts +0 -137
  257. package/dist/component/public/groups/core.d.ts.map +0 -1
  258. package/dist/component/public/groups/core.js.map +0 -1
  259. package/dist/component/public/groups/invites.d.ts +0 -217
  260. package/dist/component/public/groups/invites.d.ts.map +0 -1
  261. package/dist/component/public/groups/invites.js.map +0 -1
  262. package/dist/component/public/groups/members.d.ts +0 -204
  263. package/dist/component/public/groups/members.d.ts.map +0 -1
  264. package/dist/component/public/groups/members.js.map +0 -1
  265. package/dist/component/public/identity/accounts.d.ts +0 -147
  266. package/dist/component/public/identity/accounts.d.ts.map +0 -1
  267. package/dist/component/public/identity/accounts.js.map +0 -1
  268. package/dist/component/public/identity/codes.d.ts +0 -104
  269. package/dist/component/public/identity/codes.d.ts.map +0 -1
  270. package/dist/component/public/identity/codes.js.map +0 -1
  271. package/dist/component/public/identity/sessions.d.ts +0 -128
  272. package/dist/component/public/identity/sessions.d.ts.map +0 -1
  273. package/dist/component/public/identity/sessions.js.map +0 -1
  274. package/dist/component/public/identity/tokens.d.ts +0 -169
  275. package/dist/component/public/identity/tokens.d.ts.map +0 -1
  276. package/dist/component/public/identity/tokens.js.map +0 -1
  277. package/dist/component/public/identity/users.d.ts +0 -212
  278. package/dist/component/public/identity/users.d.ts.map +0 -1
  279. package/dist/component/public/identity/users.js.map +0 -1
  280. package/dist/component/public/identity/verifiers.d.ts +0 -116
  281. package/dist/component/public/identity/verifiers.d.ts.map +0 -1
  282. package/dist/component/public/identity/verifiers.js.map +0 -1
  283. package/dist/component/public/security/keys.d.ts +0 -209
  284. package/dist/component/public/security/keys.d.ts.map +0 -1
  285. package/dist/component/public/security/keys.js.map +0 -1
  286. package/dist/component/public/security/limits.d.ts +0 -114
  287. package/dist/component/public/security/limits.d.ts.map +0 -1
  288. package/dist/component/public/security/limits.js.map +0 -1
  289. package/dist/component/public.d.ts +0 -28
  290. package/dist/component/public.d.ts.map +0 -1
  291. package/dist/component/schema.d.ts.map +0 -1
  292. package/dist/component/schema.js.map +0 -1
  293. package/dist/component/server/auth.d.ts +0 -447
  294. package/dist/component/server/auth.d.ts.map +0 -1
  295. package/dist/component/server/auth.js +0 -254
  296. package/dist/component/server/auth.js.map +0 -1
  297. package/dist/component/server/config.js +0 -121
  298. package/dist/component/server/config.js.map +0 -1
  299. package/dist/component/server/context.js +0 -53
  300. package/dist/component/server/context.js.map +0 -1
  301. package/dist/component/server/cookies.js +0 -47
  302. package/dist/component/server/cookies.js.map +0 -1
  303. package/dist/component/server/core.js +0 -576
  304. package/dist/component/server/core.js.map +0 -1
  305. package/dist/component/server/crypto.js +0 -56
  306. package/dist/component/server/crypto.js.map +0 -1
  307. package/dist/component/server/db.js +0 -87
  308. package/dist/component/server/db.js.map +0 -1
  309. package/dist/component/server/device.js +0 -152
  310. package/dist/component/server/device.js.map +0 -1
  311. package/dist/component/server/enterprise/config.js +0 -46
  312. package/dist/component/server/enterprise/config.js.map +0 -1
  313. package/dist/component/server/enterprise/domain.js +0 -974
  314. package/dist/component/server/enterprise/domain.js.map +0 -1
  315. package/dist/component/server/enterprise/http.js +0 -787
  316. package/dist/component/server/enterprise/http.js.map +0 -1
  317. package/dist/component/server/enterprise/oidc.js +0 -248
  318. package/dist/component/server/enterprise/oidc.js.map +0 -1
  319. package/dist/component/server/enterprise/policy.js +0 -85
  320. package/dist/component/server/enterprise/policy.js.map +0 -1
  321. package/dist/component/server/enterprise/saml.js.map +0 -1
  322. package/dist/component/server/enterprise/scim.js.map +0 -1
  323. package/dist/component/server/enterprise/shared.js +0 -51
  324. package/dist/component/server/enterprise/shared.js.map +0 -1
  325. package/dist/component/server/http.d.ts +0 -85
  326. package/dist/component/server/http.d.ts.map +0 -1
  327. package/dist/component/server/http.js +0 -351
  328. package/dist/component/server/http.js.map +0 -1
  329. package/dist/component/server/identity.js +0 -16
  330. package/dist/component/server/identity.js.map +0 -1
  331. package/dist/component/server/keys.js +0 -96
  332. package/dist/component/server/keys.js.map +0 -1
  333. package/dist/component/server/limits.js +0 -52
  334. package/dist/component/server/limits.js.map +0 -1
  335. package/dist/component/server/mutations/account.js +0 -46
  336. package/dist/component/server/mutations/account.js.map +0 -1
  337. package/dist/component/server/mutations/code.js +0 -68
  338. package/dist/component/server/mutations/code.js.map +0 -1
  339. package/dist/component/server/mutations/invalidate.js +0 -32
  340. package/dist/component/server/mutations/invalidate.js.map +0 -1
  341. package/dist/component/server/mutations/oauth.js +0 -116
  342. package/dist/component/server/mutations/oauth.js.map +0 -1
  343. package/dist/component/server/mutations/refresh.js +0 -119
  344. package/dist/component/server/mutations/refresh.js.map +0 -1
  345. package/dist/component/server/mutations/register.js +0 -87
  346. package/dist/component/server/mutations/register.js.map +0 -1
  347. package/dist/component/server/mutations/retrieve.js +0 -61
  348. package/dist/component/server/mutations/retrieve.js.map +0 -1
  349. package/dist/component/server/mutations/signature.js +0 -38
  350. package/dist/component/server/mutations/signature.js.map +0 -1
  351. package/dist/component/server/mutations/signin.js +0 -27
  352. package/dist/component/server/mutations/signin.js.map +0 -1
  353. package/dist/component/server/mutations/signout.js +0 -27
  354. package/dist/component/server/mutations/signout.js.map +0 -1
  355. package/dist/component/server/mutations/store/refs.js +0 -15
  356. package/dist/component/server/mutations/store/refs.js.map +0 -1
  357. package/dist/component/server/mutations/store.js +0 -70
  358. package/dist/component/server/mutations/store.js.map +0 -1
  359. package/dist/component/server/mutations/verifier.js +0 -18
  360. package/dist/component/server/mutations/verifier.js.map +0 -1
  361. package/dist/component/server/mutations/verify.js +0 -98
  362. package/dist/component/server/mutations/verify.js.map +0 -1
  363. package/dist/component/server/oauth.js +0 -242
  364. package/dist/component/server/oauth.js.map +0 -1
  365. package/dist/component/server/passkey.js +0 -415
  366. package/dist/component/server/passkey.js.map +0 -1
  367. package/dist/component/server/redirects.js +0 -40
  368. package/dist/component/server/redirects.js.map +0 -1
  369. package/dist/component/server/refresh.js +0 -99
  370. package/dist/component/server/refresh.js.map +0 -1
  371. package/dist/component/server/runtime.d.ts +0 -136
  372. package/dist/component/server/runtime.d.ts.map +0 -1
  373. package/dist/component/server/runtime.js +0 -456
  374. package/dist/component/server/runtime.js.map +0 -1
  375. package/dist/component/server/sessions.js +0 -71
  376. package/dist/component/server/sessions.js.map +0 -1
  377. package/dist/component/server/signin.js +0 -225
  378. package/dist/component/server/signin.js.map +0 -1
  379. package/dist/component/server/tokens.js +0 -17
  380. package/dist/component/server/tokens.js.map +0 -1
  381. package/dist/component/server/totp.js +0 -208
  382. package/dist/component/server/totp.js.map +0 -1
  383. package/dist/component/server/types.d.ts +0 -949
  384. package/dist/component/server/types.d.ts.map +0 -1
  385. package/dist/component/server/types.js +0 -79
  386. package/dist/component/server/types.js.map +0 -1
  387. package/dist/component/server/users.js +0 -123
  388. package/dist/component/server/users.js.map +0 -1
  389. package/dist/component/server/utils.js +0 -140
  390. package/dist/component/server/utils.js.map +0 -1
  391. package/dist/core/types.d.ts +0 -361
  392. package/dist/core/types.d.ts.map +0 -1
  393. package/dist/factors/device.js +0 -104
  394. package/dist/factors/device.js.map +0 -1
  395. package/dist/factors/passkey.js.map +0 -1
  396. package/dist/factors/totp.js.map +0 -1
  397. package/dist/providers/anonymous.d.ts.map +0 -1
  398. package/dist/providers/anonymous.js.map +0 -1
  399. package/dist/providers/credentials.d.ts.map +0 -1
  400. package/dist/providers/credentials.js.map +0 -1
  401. package/dist/providers/device.d.ts.map +0 -1
  402. package/dist/providers/device.js.map +0 -1
  403. package/dist/providers/email.d.ts.map +0 -1
  404. package/dist/providers/email.js.map +0 -1
  405. package/dist/providers/oauth.d.ts +0 -69
  406. package/dist/providers/oauth.d.ts.map +0 -1
  407. package/dist/providers/oauth.js +0 -43
  408. package/dist/providers/oauth.js.map +0 -1
  409. package/dist/providers/passkey.d.ts.map +0 -1
  410. package/dist/providers/passkey.js.map +0 -1
  411. package/dist/providers/password.d.ts.map +0 -1
  412. package/dist/providers/password.js.map +0 -1
  413. package/dist/providers/phone.d.ts.map +0 -1
  414. package/dist/providers/phone.js.map +0 -1
  415. package/dist/providers/sso.d.ts.map +0 -1
  416. package/dist/providers/sso.js.map +0 -1
  417. package/dist/providers/totp.d.ts.map +0 -1
  418. package/dist/providers/totp.js.map +0 -1
  419. package/dist/runtime/browser.js +0 -68
  420. package/dist/runtime/browser.js.map +0 -1
  421. package/dist/runtime/invite.js.map +0 -1
  422. package/dist/runtime/proxy.js +0 -70
  423. package/dist/runtime/proxy.js.map +0 -1
  424. package/dist/runtime/storage.js +0 -37
  425. package/dist/runtime/storage.js.map +0 -1
  426. package/dist/server/auth.d.ts.map +0 -1
  427. package/dist/server/auth.js.map +0 -1
  428. package/dist/server/config.d.ts +0 -1
  429. package/dist/server/config.js.map +0 -1
  430. package/dist/server/context.d.ts +0 -1
  431. package/dist/server/context.js.map +0 -1
  432. package/dist/server/cookies.d.ts +0 -1
  433. package/dist/server/cookies.js.map +0 -1
  434. package/dist/server/core.d.ts +0 -1315
  435. package/dist/server/core.d.ts.map +0 -1
  436. package/dist/server/core.js.map +0 -1
  437. package/dist/server/crypto.d.ts +0 -8
  438. package/dist/server/crypto.d.ts.map +0 -1
  439. package/dist/server/crypto.js.map +0 -1
  440. package/dist/server/db.d.ts +0 -1
  441. package/dist/server/db.js.map +0 -1
  442. package/dist/server/device.d.ts +0 -1
  443. package/dist/server/device.js.map +0 -1
  444. package/dist/server/enterprise/config.d.ts +0 -1
  445. package/dist/server/enterprise/config.js.map +0 -1
  446. package/dist/server/enterprise/domain.d.ts +0 -401
  447. package/dist/server/enterprise/domain.d.ts.map +0 -1
  448. package/dist/server/enterprise/domain.js +0 -974
  449. package/dist/server/enterprise/domain.js.map +0 -1
  450. package/dist/server/enterprise/http.d.ts +0 -26
  451. package/dist/server/enterprise/http.d.ts.map +0 -1
  452. package/dist/server/enterprise/http.js +0 -787
  453. package/dist/server/enterprise/http.js.map +0 -1
  454. package/dist/server/enterprise/oidc.d.ts +0 -1
  455. package/dist/server/enterprise/oidc.js +0 -248
  456. package/dist/server/enterprise/oidc.js.map +0 -1
  457. package/dist/server/enterprise/policy.d.ts +0 -1
  458. package/dist/server/enterprise/policy.js +0 -85
  459. package/dist/server/enterprise/policy.js.map +0 -1
  460. package/dist/server/enterprise/saml.d.ts +0 -1
  461. package/dist/server/enterprise/saml.js +0 -338
  462. package/dist/server/enterprise/saml.js.map +0 -1
  463. package/dist/server/enterprise/scim.d.ts +0 -1
  464. package/dist/server/enterprise/scim.js +0 -97
  465. package/dist/server/enterprise/scim.js.map +0 -1
  466. package/dist/server/enterprise/shared.d.ts +0 -5
  467. package/dist/server/enterprise/shared.d.ts.map +0 -1
  468. package/dist/server/enterprise/shared.js +0 -51
  469. package/dist/server/enterprise/shared.js.map +0 -1
  470. package/dist/server/enterprise/validators.d.ts +0 -1
  471. package/dist/server/enterprise/validators.js +0 -60
  472. package/dist/server/enterprise/validators.js.map +0 -1
  473. package/dist/server/http.d.ts.map +0 -1
  474. package/dist/server/http.js.map +0 -1
  475. package/dist/server/identity.d.ts +0 -1
  476. package/dist/server/identity.js.map +0 -1
  477. package/dist/server/keys.d.ts +0 -1
  478. package/dist/server/keys.js.map +0 -1
  479. package/dist/server/limits.d.ts +0 -1
  480. package/dist/server/limits.js.map +0 -1
  481. package/dist/server/mounts.d.ts.map +0 -1
  482. package/dist/server/mounts.js.map +0 -1
  483. package/dist/server/mutations/account.d.ts +0 -29
  484. package/dist/server/mutations/account.d.ts.map +0 -1
  485. package/dist/server/mutations/account.js.map +0 -1
  486. package/dist/server/mutations/code.d.ts +0 -30
  487. package/dist/server/mutations/code.d.ts.map +0 -1
  488. package/dist/server/mutations/code.js.map +0 -1
  489. package/dist/server/mutations/index.d.ts +0 -14
  490. package/dist/server/mutations/invalidate.d.ts +0 -20
  491. package/dist/server/mutations/invalidate.d.ts.map +0 -1
  492. package/dist/server/mutations/invalidate.js.map +0 -1
  493. package/dist/server/mutations/oauth.d.ts +0 -30
  494. package/dist/server/mutations/oauth.d.ts.map +0 -1
  495. package/dist/server/mutations/oauth.js.map +0 -1
  496. package/dist/server/mutations/refresh.d.ts +0 -21
  497. package/dist/server/mutations/refresh.d.ts.map +0 -1
  498. package/dist/server/mutations/refresh.js.map +0 -1
  499. package/dist/server/mutations/register.d.ts +0 -38
  500. package/dist/server/mutations/register.d.ts.map +0 -1
  501. package/dist/server/mutations/register.js.map +0 -1
  502. package/dist/server/mutations/retrieve.d.ts +0 -33
  503. package/dist/server/mutations/retrieve.d.ts.map +0 -1
  504. package/dist/server/mutations/retrieve.js.map +0 -1
  505. package/dist/server/mutations/signature.d.ts +0 -21
  506. package/dist/server/mutations/signature.d.ts.map +0 -1
  507. package/dist/server/mutations/signature.js.map +0 -1
  508. package/dist/server/mutations/signin.d.ts +0 -22
  509. package/dist/server/mutations/signin.d.ts.map +0 -1
  510. package/dist/server/mutations/signin.js.map +0 -1
  511. package/dist/server/mutations/signout.d.ts +0 -16
  512. package/dist/server/mutations/signout.d.ts.map +0 -1
  513. package/dist/server/mutations/signout.js.map +0 -1
  514. package/dist/server/mutations/store/refs.d.ts +0 -12
  515. package/dist/server/mutations/store/refs.d.ts.map +0 -1
  516. package/dist/server/mutations/store/refs.js.map +0 -1
  517. package/dist/server/mutations/store.d.ts +0 -306
  518. package/dist/server/mutations/store.d.ts.map +0 -1
  519. package/dist/server/mutations/store.js.map +0 -1
  520. package/dist/server/mutations/verifier.d.ts +0 -13
  521. package/dist/server/mutations/verifier.d.ts.map +0 -1
  522. package/dist/server/mutations/verifier.js.map +0 -1
  523. package/dist/server/mutations/verify.d.ts +0 -26
  524. package/dist/server/mutations/verify.d.ts.map +0 -1
  525. package/dist/server/mutations/verify.js.map +0 -1
  526. package/dist/server/oauth.d.ts +0 -1
  527. package/dist/server/oauth.js +0 -242
  528. package/dist/server/oauth.js.map +0 -1
  529. package/dist/server/passkey.d.ts +0 -27
  530. package/dist/server/passkey.d.ts.map +0 -1
  531. package/dist/server/passkey.js.map +0 -1
  532. package/dist/server/redirects.d.ts +0 -1
  533. package/dist/server/redirects.js.map +0 -1
  534. package/dist/server/refresh.d.ts +0 -1
  535. package/dist/server/refresh.js.map +0 -1
  536. package/dist/server/runtime.d.ts.map +0 -1
  537. package/dist/server/runtime.js.map +0 -1
  538. package/dist/server/sessions.d.ts +0 -1
  539. package/dist/server/sessions.js.map +0 -1
  540. package/dist/server/signin.d.ts +0 -1
  541. package/dist/server/signin.js.map +0 -1
  542. package/dist/server/ssr.d.ts.map +0 -1
  543. package/dist/server/ssr.js +0 -777
  544. package/dist/server/ssr.js.map +0 -1
  545. package/dist/server/templates.d.ts +0 -1
  546. package/dist/server/templates.js.map +0 -1
  547. package/dist/server/tokens.d.ts +0 -1
  548. package/dist/server/tokens.js.map +0 -1
  549. package/dist/server/totp.d.ts +0 -1
  550. package/dist/server/totp.js.map +0 -1
  551. package/dist/server/types.d.ts.map +0 -1
  552. package/dist/server/types.js.map +0 -1
  553. package/dist/server/users.d.ts +0 -1
  554. package/dist/server/users.js.map +0 -1
  555. package/dist/server/utils.d.ts +0 -1
  556. package/dist/server/utils.js +0 -140
  557. package/dist/server/utils.js.map +0 -1
  558. package/src/authorization/index.ts +0 -83
  559. package/src/cli/bin.ts +0 -5
  560. package/src/cli/command.ts +0 -70
  561. package/src/cli/index.ts +0 -1112
  562. package/src/cli/keys.ts +0 -23
  563. package/src/client/core/types.ts +0 -437
  564. package/src/client/factors/device.ts +0 -158
  565. package/src/client/factors/passkey.ts +0 -279
  566. package/src/client/factors/totp.ts +0 -150
  567. package/src/client/index.ts +0 -1124
  568. package/src/client/runtime/browser.ts +0 -112
  569. package/src/client/runtime/invite.ts +0 -63
  570. package/src/client/runtime/proxy.ts +0 -111
  571. package/src/client/runtime/storage.ts +0 -79
  572. package/src/component/_generated/api.ts +0 -96
  573. package/src/component/_generated/component.ts +0 -3774
  574. package/src/component/_generated/dataModel.ts +0 -60
  575. package/src/component/_generated/server.ts +0 -156
  576. package/src/component/convex.config.ts +0 -5
  577. package/src/component/functions.ts +0 -104
  578. package/src/component/index.ts +0 -42
  579. package/src/component/model.ts +0 -449
  580. package/src/component/public/enterprise/audit.ts +0 -125
  581. package/src/component/public/enterprise/core.ts +0 -355
  582. package/src/component/public/enterprise/domains.ts +0 -327
  583. package/src/component/public/enterprise/scim.ts +0 -397
  584. package/src/component/public/enterprise/secrets.ts +0 -133
  585. package/src/component/public/enterprise/webhooks.ts +0 -307
  586. package/src/component/public/factors/devices.ts +0 -224
  587. package/src/component/public/factors/passkeys.ts +0 -243
  588. package/src/component/public/factors/totp.ts +0 -259
  589. package/src/component/public/groups/core.ts +0 -481
  590. package/src/component/public/groups/invites.ts +0 -608
  591. package/src/component/public/groups/members.ts +0 -410
  592. package/src/component/public/identity/accounts.ts +0 -207
  593. package/src/component/public/identity/codes.ts +0 -149
  594. package/src/component/public/identity/sessions.ts +0 -210
  595. package/src/component/public/identity/tokens.ts +0 -251
  596. package/src/component/public/identity/users.ts +0 -355
  597. package/src/component/public/identity/verifiers.ts +0 -158
  598. package/src/component/public/security/keys.ts +0 -366
  599. package/src/component/public/security/limits.ts +0 -174
  600. package/src/component/public.ts +0 -27
  601. package/src/component/schema.ts +0 -505
  602. package/src/providers/anonymous.ts +0 -99
  603. package/src/providers/credentials.ts +0 -102
  604. package/src/providers/device.ts +0 -87
  605. package/src/providers/email.ts +0 -99
  606. package/src/providers/index.ts +0 -31
  607. package/src/providers/oauth.ts +0 -117
  608. package/src/providers/passkey.ts +0 -77
  609. package/src/providers/password.ts +0 -441
  610. package/src/providers/phone.ts +0 -93
  611. package/src/providers/sso.ts +0 -54
  612. package/src/providers/totp.ts +0 -62
  613. package/src/samlify.d.ts +0 -53
  614. package/src/server/auth.ts +0 -949
  615. package/src/server/config.ts +0 -200
  616. package/src/server/context.ts +0 -90
  617. package/src/server/cookies.ts +0 -49
  618. package/src/server/core.ts +0 -2004
  619. package/src/server/crypto.ts +0 -90
  620. package/src/server/db.ts +0 -203
  621. package/src/server/device.ts +0 -254
  622. package/src/server/enterprise/config.ts +0 -51
  623. package/src/server/enterprise/domain.ts +0 -1739
  624. package/src/server/enterprise/http.ts +0 -1331
  625. package/src/server/enterprise/oidc.ts +0 -500
  626. package/src/server/enterprise/policy.ts +0 -128
  627. package/src/server/enterprise/saml.ts +0 -578
  628. package/src/server/enterprise/scim.ts +0 -135
  629. package/src/server/enterprise/shared.ts +0 -134
  630. package/src/server/enterprise/validators.ts +0 -93
  631. package/src/server/http.ts +0 -790
  632. package/src/server/identity.ts +0 -18
  633. package/src/server/index.ts +0 -40
  634. package/src/server/keys.ts +0 -158
  635. package/src/server/limits.ts +0 -107
  636. package/src/server/mounts.ts +0 -924
  637. package/src/server/mutations/account.ts +0 -62
  638. package/src/server/mutations/code.ts +0 -119
  639. package/src/server/mutations/index.ts +0 -13
  640. package/src/server/mutations/invalidate.ts +0 -50
  641. package/src/server/mutations/oauth.ts +0 -243
  642. package/src/server/mutations/refresh.ts +0 -299
  643. package/src/server/mutations/register.ts +0 -155
  644. package/src/server/mutations/retrieve.ts +0 -109
  645. package/src/server/mutations/signature.ts +0 -57
  646. package/src/server/mutations/signin.ts +0 -54
  647. package/src/server/mutations/signout.ts +0 -43
  648. package/src/server/mutations/store/refs.ts +0 -10
  649. package/src/server/mutations/store.ts +0 -123
  650. package/src/server/mutations/verifier.ts +0 -34
  651. package/src/server/mutations/verify.ts +0 -200
  652. package/src/server/oauth.ts +0 -418
  653. package/src/server/passkey.ts +0 -838
  654. package/src/server/redirects.ts +0 -59
  655. package/src/server/refresh.ts +0 -218
  656. package/src/server/runtime.ts +0 -918
  657. package/src/server/sessions.ts +0 -132
  658. package/src/server/signin.ts +0 -445
  659. package/src/server/ssr.ts +0 -1747
  660. package/src/server/templates.ts +0 -82
  661. package/src/server/tokens.ts +0 -35
  662. package/src/server/totp.ts +0 -399
  663. package/src/server/types.ts +0 -1942
  664. package/src/server/users.ts +0 -291
  665. package/src/server/utils.ts +0 -220
  666. /package/dist/{runtime → client/runtime}/invite.js +0 -0
@@ -1,307 +0,0 @@
1
- import { v } from "convex/values";
2
-
3
- import { mutation, query } from "../../functions";
4
- import {
5
- vEnterpriseWebhookDeliveryDoc,
6
- vEnterpriseWebhookEndpointDoc,
7
- vWebhookEndpointStatus,
8
- } from "../../model";
9
-
10
- /**
11
- * Register a new webhook endpoint for an enterprise.
12
- *
13
- * Creates an `EnterpriseWebhookEndpoint` document with an initial failure
14
- * count of `0`. The endpoint status defaults to `"active"` when not
15
- * explicitly provided. Each endpoint subscribes to a set of event types
16
- * that determine which deliveries are sent to it.
17
- *
18
- * @param args.enterpriseId - The ID of the enterprise this endpoint belongs to.
19
- * @param args.groupId - The ID of the root group that owns the enterprise.
20
- * @param args.url - The HTTPS URL where webhook payloads will be delivered.
21
- * @param args.status - An optional lifecycle status (`"active"`, `"paused"`, or `"disabled"`). Defaults to `"active"`.
22
- * @param args.secretHash - A hash of the signing secret used to verify delivery payloads.
23
- * @param args.subscriptions - An array of event type strings this endpoint subscribes to (e.g. `["user.login", "scim.provision"]`).
24
- * @param args.createdByUserId - An optional ID of the user who created this endpoint.
25
- * @param args.extend - An optional arbitrary extension object for custom endpoint metadata.
26
- * @returns The ID of the newly created `EnterpriseWebhookEndpoint` document.
27
- *
28
- * @example
29
- * ```ts
30
- * const endpointId = await ctx.runMutation(
31
- * components.auth.enterprise.enterpriseWebhookEndpointCreate,
32
- * {
33
- * enterpriseId,
34
- * groupId: orgGroupId,
35
- * url: "https://acme.com/webhooks/auth",
36
- * secretHash: "sha256:whsec_...",
37
- * subscriptions: ["user.login", "user.created", "scim.provision"],
38
- * },
39
- * );
40
- * ```
41
- */
42
- export const enterpriseWebhookEndpointCreate = mutation({
43
- args: {
44
- enterpriseId: v.id("Enterprise"),
45
- groupId: v.id("Group"),
46
- url: v.string(),
47
- status: v.optional(vWebhookEndpointStatus),
48
- secretHash: v.string(),
49
- subscriptions: v.array(v.string()),
50
- createdByUserId: v.optional(v.id("User")),
51
- extend: v.optional(v.any()),
52
- },
53
- returns: v.id("EnterpriseWebhookEndpoint"),
54
- handler: async (ctx, args) => {
55
- return await ctx.db.insert("EnterpriseWebhookEndpoint", {
56
- ...args,
57
- status: args.status ?? "active",
58
- failureCount: 0,
59
- });
60
- },
61
- });
62
-
63
- /**
64
- * List all webhook endpoints registered for an enterprise.
65
- *
66
- * Returns all `EnterpriseWebhookEndpoint` documents associated with the
67
- * given enterprise, regardless of status.
68
- *
69
- * @param args.enterpriseId - The ID of the enterprise whose webhook endpoints to list.
70
- * @returns An array of webhook endpoint documents.
71
- *
72
- * @example
73
- * ```ts
74
- * const endpoints = await ctx.runQuery(
75
- * components.auth.enterprise.enterpriseWebhookEndpointList,
76
- * { enterpriseId },
77
- * );
78
- * for (const ep of endpoints) {
79
- * console.log(ep.url, ep.status, ep.subscriptions);
80
- * }
81
- * ```
82
- */
83
- export const enterpriseWebhookEndpointList = query({
84
- args: { enterpriseId: v.id("Enterprise") },
85
- returns: v.array(vEnterpriseWebhookEndpointDoc),
86
- handler: async (ctx, { enterpriseId }) => {
87
- return await ctx.db
88
- .query("EnterpriseWebhookEndpoint")
89
- .withIndex("enterprise_id", (idx) => idx.eq("enterpriseId", enterpriseId))
90
- .collect();
91
- },
92
- });
93
-
94
- /**
95
- * Retrieve a single webhook endpoint by its document ID.
96
- *
97
- * Returns the full endpoint document if it exists, or `null` if no
98
- * endpoint is found with the given ID.
99
- *
100
- * @param args.endpointId - The document ID of the webhook endpoint to retrieve.
101
- * @returns The webhook endpoint document, or `null` if not found.
102
- *
103
- * @example
104
- * ```ts
105
- * const endpoint = await ctx.runQuery(
106
- * components.auth.enterprise.enterpriseWebhookEndpointGet,
107
- * { endpointId },
108
- * );
109
- * if (endpoint) {
110
- * console.log(endpoint.url, endpoint.failureCount);
111
- * }
112
- * ```
113
- */
114
- export const enterpriseWebhookEndpointGet = query({
115
- args: { endpointId: v.id("EnterpriseWebhookEndpoint") },
116
- returns: v.union(vEnterpriseWebhookEndpointDoc, v.null()),
117
- handler: async (ctx, { endpointId }) => {
118
- return await ctx.db.get(endpointId);
119
- },
120
- });
121
-
122
- /**
123
- * Partially update (patch) an existing webhook endpoint.
124
- *
125
- * Merges the provided `data` fields into the endpoint document. Only the
126
- * fields present in `data` are changed; all other fields are preserved.
127
- * Common updates include changing the URL, rotating the secret, updating
128
- * subscriptions, or changing the status.
129
- *
130
- * @param args.endpointId - The document ID of the webhook endpoint to update.
131
- * @param args.data - An object containing the fields to update (e.g. `{ url, status, subscriptions }`).
132
- * @returns `null` on success.
133
- *
134
- * @example
135
- * ```ts
136
- * await ctx.runMutation(
137
- * components.auth.enterprise.enterpriseWebhookEndpointUpdate,
138
- * {
139
- * endpointId,
140
- * data: {
141
- * status: "paused",
142
- * subscriptions: ["user.login"],
143
- * },
144
- * },
145
- * );
146
- * ```
147
- */
148
- export const enterpriseWebhookEndpointUpdate = mutation({
149
- args: { endpointId: v.id("EnterpriseWebhookEndpoint"), data: v.any() },
150
- returns: v.null(),
151
- handler: async (ctx, { endpointId, data }) => {
152
- await ctx.db.patch(endpointId, data);
153
- return null;
154
- },
155
- });
156
-
157
- /**
158
- * Enqueue a webhook delivery for a specific endpoint.
159
- *
160
- * Creates a new `EnterpriseWebhookDelivery` document with an initial status
161
- * of `"pending"` and an attempt count of `0`. The delivery will be picked up
162
- * by the delivery worker once `nextAttemptAt` is reached.
163
- *
164
- * @param args.enterpriseId - The ID of the enterprise the delivery belongs to.
165
- * @param args.endpointId - The ID of the webhook endpoint this delivery targets.
166
- * @param args.auditEventId - An optional ID of the audit event that triggered this delivery.
167
- * @param args.eventType - The event type string describing the payload (e.g. `"user.created"`).
168
- * @param args.payload - The arbitrary JSON payload to deliver to the endpoint.
169
- * @param args.nextAttemptAt - Epoch timestamp (ms) when the delivery should first be attempted.
170
- * @returns The ID of the newly created `EnterpriseWebhookDelivery` document.
171
- *
172
- * @example
173
- * ```ts
174
- * const deliveryId = await ctx.runMutation(
175
- * components.auth.enterprise.enterpriseWebhookDeliveryEnqueue,
176
- * {
177
- * enterpriseId,
178
- * endpointId,
179
- * auditEventId,
180
- * eventType: "user.created",
181
- * payload: { userId, email: "jane@acme.com" },
182
- * nextAttemptAt: Date.now(),
183
- * },
184
- * );
185
- * ```
186
- */
187
- export const enterpriseWebhookDeliveryEnqueue = mutation({
188
- args: {
189
- enterpriseId: v.id("Enterprise"),
190
- endpointId: v.id("EnterpriseWebhookEndpoint"),
191
- auditEventId: v.optional(v.id("EnterpriseAuditEvent")),
192
- eventType: v.string(),
193
- payload: v.any(),
194
- nextAttemptAt: v.number(),
195
- },
196
- returns: v.id("EnterpriseWebhookDelivery"),
197
- handler: async (ctx, args) => {
198
- return await ctx.db.insert("EnterpriseWebhookDelivery", {
199
- ...args,
200
- status: "pending",
201
- attemptCount: 0,
202
- });
203
- },
204
- });
205
-
206
- /**
207
- * List pending webhook deliveries that are ready to be attempted.
208
- *
209
- * Queries the `status_next_attempt_at` index for deliveries with status
210
- * `"pending"` whose `nextAttemptAt` is at or before the provided timestamp.
211
- * This is used by the delivery worker to find deliveries due for processing.
212
- *
213
- * @param args.now - The current epoch timestamp (ms) used as the cutoff for `nextAttemptAt`.
214
- * @param args.limit - Maximum number of deliveries to return (clamped between 1 and 100, defaults to 50).
215
- * @returns An array of webhook delivery documents ready for dispatch.
216
- *
217
- * @example
218
- * ```ts
219
- * const ready = await ctx.runQuery(
220
- * components.auth.enterprise.enterpriseWebhookDeliveryListReady,
221
- * { now: Date.now(), limit: 10 },
222
- * );
223
- * for (const delivery of ready) {
224
- * await dispatchWebhook(delivery);
225
- * }
226
- * ```
227
- */
228
- export const enterpriseWebhookDeliveryListReady = query({
229
- args: { now: v.number(), limit: v.optional(v.number()) },
230
- returns: v.array(vEnterpriseWebhookDeliveryDoc),
231
- handler: async (ctx, { now, limit }) => {
232
- return await ctx.db
233
- .query("EnterpriseWebhookDelivery")
234
- .withIndex("status_next_attempt_at", (idx) =>
235
- idx.eq("status", "pending").lte("nextAttemptAt", now),
236
- )
237
- .take(Math.min(Math.max(limit ?? 50, 1), 100));
238
- },
239
- });
240
-
241
- /**
242
- * List webhook deliveries for a specific enterprise, ordered by most recent first.
243
- *
244
- * Returns deliveries in reverse chronological order, useful for displaying
245
- * delivery history in an admin dashboard. Includes deliveries of all statuses.
246
- *
247
- * @param args.enterpriseId - The ID of the enterprise whose deliveries to list.
248
- * @param args.limit - Maximum number of deliveries to return (clamped between 1 and 100, defaults to 50).
249
- * @returns An array of webhook delivery documents, most recent first.
250
- *
251
- * @example
252
- * ```ts
253
- * const deliveries = await ctx.runQuery(
254
- * components.auth.enterprise.enterpriseWebhookDeliveryList,
255
- * { enterpriseId, limit: 25 },
256
- * );
257
- * for (const d of deliveries) {
258
- * console.log(d.eventType, d.status, d.attemptCount);
259
- * }
260
- * ```
261
- */
262
- export const enterpriseWebhookDeliveryList = query({
263
- args: { enterpriseId: v.id("Enterprise"), limit: v.optional(v.number()) },
264
- returns: v.array(vEnterpriseWebhookDeliveryDoc),
265
- handler: async (ctx, { enterpriseId, limit }) => {
266
- return await ctx.db
267
- .query("EnterpriseWebhookDelivery")
268
- .withIndex("enterprise_id", (idx) => idx.eq("enterpriseId", enterpriseId))
269
- .order("desc")
270
- .take(Math.min(Math.max(limit ?? 50, 1), 100));
271
- },
272
- });
273
-
274
- /**
275
- * Partially update (patch) an existing webhook delivery record.
276
- *
277
- * Merges the provided `data` fields into the delivery document. This is
278
- * typically used by the delivery worker to update the delivery status,
279
- * increment the attempt count, record response codes, or schedule retry
280
- * timestamps after a delivery attempt.
281
- *
282
- * @param args.deliveryId - The document ID of the webhook delivery to update.
283
- * @param args.data - An object containing the fields to update (e.g. `{ status, attemptCount, nextAttemptAt }`).
284
- * @returns `null` on success.
285
- *
286
- * @example
287
- * ```ts
288
- * await ctx.runMutation(
289
- * components.auth.enterprise.enterpriseWebhookDeliveryPatch,
290
- * {
291
- * deliveryId,
292
- * data: {
293
- * status: "delivered",
294
- * attemptCount: 1,
295
- * },
296
- * },
297
- * );
298
- * ```
299
- */
300
- export const enterpriseWebhookDeliveryPatch = mutation({
301
- args: { deliveryId: v.id("EnterpriseWebhookDelivery"), data: v.any() },
302
- returns: v.null(),
303
- handler: async (ctx, { deliveryId, data }) => {
304
- await ctx.db.patch(deliveryId, data);
305
- return null;
306
- },
307
- });
@@ -1,224 +0,0 @@
1
- import { v } from "convex/values";
2
-
3
- import { mutation, query } from "../../functions";
4
- import { vDeviceCodeDoc, vDeviceStatus } from "../../model";
5
-
6
- /**
7
- * Insert a new device authorization record into the `DeviceCode` table.
8
- *
9
- * Creates a pending device authorization entry as part of the OAuth 2.0
10
- * Device Authorization Grant (RFC 8628). The record tracks the hashed device
11
- * code, the human-readable user code, expiry, and polling interval.
12
- *
13
- * @param deviceCodeHash - SHA-256 hash of the device code issued to the client.
14
- * Only the hash is stored; the raw code is never persisted.
15
- * @param userCode - Short, human-readable code displayed to the end-user
16
- * so they can authorize the device on a separate screen.
17
- * @param expiresAt - Unix timestamp (in milliseconds) after which the device
18
- * authorization request is no longer valid.
19
- * @param interval - Minimum polling interval in seconds that the device client
20
- * must wait between token requests.
21
- * @param status - Initial status of the device authorization (e.g. `"pending"`).
22
- * @returns The `_id` of the newly created `DeviceCode` document.
23
- *
24
- * @example
25
- * ```ts
26
- * const deviceCodeId = await ctx.runMutation(
27
- * components.auth.factors.devices.deviceInsert,
28
- * {
29
- * deviceCodeHash: "a1b2c3d4e5f6...",
30
- * userCode: "ABCD-1234",
31
- * expiresAt: Date.now() + 10 * 60 * 1000,
32
- * interval: 5,
33
- * status: "pending",
34
- * },
35
- * );
36
- * ```
37
- */
38
- export const deviceInsert = mutation({
39
- args: {
40
- deviceCodeHash: v.string(),
41
- userCode: v.string(),
42
- expiresAt: v.number(),
43
- interval: v.number(),
44
- status: vDeviceStatus,
45
- },
46
- returns: v.id("DeviceCode"),
47
- handler: async (ctx, args) => {
48
- return await ctx.db.insert("DeviceCode", args);
49
- },
50
- });
51
-
52
- /**
53
- * Look up a device authorization record by its hashed device code.
54
- *
55
- * Queries the `DeviceCode` table using the `device_code_hash` index.
56
- * This is the primary lookup used by the token endpoint when a device
57
- * client polls for authorization status.
58
- *
59
- * @param deviceCodeHash - SHA-256 hash of the device code to look up.
60
- * @returns The matching `DeviceCode` document, or `null` if no record
61
- * exists for the given hash.
62
- *
63
- * @example
64
- * ```ts
65
- * const deviceCode = await ctx.runQuery(
66
- * components.auth.factors.devices.deviceGetByCodeHash,
67
- * { deviceCodeHash: "a1b2c3d4e5f6..." },
68
- * );
69
- * if (deviceCode && deviceCode.status === "authorized") {
70
- * // Exchange for tokens
71
- * }
72
- * ```
73
- */
74
- export const deviceGetByCodeHash = query({
75
- args: { deviceCodeHash: v.string() },
76
- returns: v.union(vDeviceCodeDoc, v.null()),
77
- handler: async (ctx, { deviceCodeHash }) => {
78
- return await ctx.db
79
- .query("DeviceCode")
80
- .withIndex("device_code_hash", (q) =>
81
- q.eq("deviceCodeHash", deviceCodeHash),
82
- )
83
- .first();
84
- },
85
- });
86
-
87
- /**
88
- * Look up a pending device authorization by its user-facing code.
89
- *
90
- * Queries the `DeviceCode` table using the `user_code_status` compound index,
91
- * filtering to only `"pending"` records. This is called when an authenticated
92
- * user enters the code shown on the device to approve the authorization.
93
- *
94
- * @param userCode - The short, human-readable code the user typed in
95
- * (e.g. `"ABCD-1234"`).
96
- * @returns The matching pending `DeviceCode` document, or `null` if no
97
- * pending authorization exists for the given user code.
98
- *
99
- * @example
100
- * ```ts
101
- * const pending = await ctx.runQuery(
102
- * components.auth.factors.devices.deviceGetByUserCode,
103
- * { userCode: "ABCD-1234" },
104
- * );
105
- * if (pending === null) {
106
- * throw new Error("Invalid or expired user code");
107
- * }
108
- * ```
109
- */
110
- export const deviceGetByUserCode = query({
111
- args: { userCode: v.string() },
112
- returns: v.union(vDeviceCodeDoc, v.null()),
113
- handler: async (ctx, { userCode }) => {
114
- return await ctx.db
115
- .query("DeviceCode")
116
- .withIndex("user_code_status", (q) =>
117
- q.eq("userCode", userCode).eq("status", "pending"),
118
- )
119
- .first();
120
- },
121
- });
122
-
123
- /**
124
- * Authorize a device code by linking it to a user and session.
125
- *
126
- * Transitions the device authorization status from `"pending"` to
127
- * `"authorized"` and associates it with the approving user and their
128
- * active session. After this mutation, the next poll from the device
129
- * client will succeed and tokens can be issued.
130
- *
131
- * @param deviceId - The `_id` of the `DeviceCode` document to authorize.
132
- * @param userId - The `_id` of the `User` who approved the device request.
133
- * @param sessionId - The `_id` of the `Session` associated with the
134
- * approving user's current login.
135
- * @returns `null` on success.
136
- *
137
- * @example
138
- * ```ts
139
- * await ctx.runMutation(
140
- * components.auth.factors.devices.deviceAuthorize,
141
- * {
142
- * deviceId: pending._id,
143
- * userId: currentUser._id,
144
- * sessionId: currentSession._id,
145
- * },
146
- * );
147
- * ```
148
- */
149
- export const deviceAuthorize = mutation({
150
- args: {
151
- deviceId: v.id("DeviceCode"),
152
- userId: v.id("User"),
153
- sessionId: v.id("Session"),
154
- },
155
- returns: v.null(),
156
- handler: async (ctx, { deviceId, userId, sessionId }) => {
157
- await ctx.db.patch("DeviceCode", deviceId, {
158
- status: "authorized",
159
- userId,
160
- sessionId,
161
- });
162
- return null;
163
- },
164
- });
165
-
166
- /**
167
- * Update the last-polled timestamp on a device authorization record.
168
- *
169
- * Called each time the device client polls the token endpoint. The
170
- * timestamp is used to enforce the minimum polling interval and to
171
- * detect slow-polling violations per RFC 8628.
172
- *
173
- * @param deviceId - The `_id` of the `DeviceCode` document to update.
174
- * @param lastPolledAt - Unix timestamp (in milliseconds) of the most
175
- * recent poll request from the device client.
176
- * @returns `null` on success.
177
- *
178
- * @example
179
- * ```ts
180
- * await ctx.runMutation(
181
- * components.auth.factors.devices.deviceUpdateLastPolled,
182
- * {
183
- * deviceId: deviceCode._id,
184
- * lastPolledAt: Date.now(),
185
- * },
186
- * );
187
- * ```
188
- */
189
- export const deviceUpdateLastPolled = mutation({
190
- args: { deviceId: v.id("DeviceCode"), lastPolledAt: v.number() },
191
- returns: v.null(),
192
- handler: async (ctx, { deviceId, lastPolledAt }) => {
193
- await ctx.db.patch("DeviceCode", deviceId, { lastPolledAt });
194
- return null;
195
- },
196
- });
197
-
198
- /**
199
- * Delete a device authorization record from the `DeviceCode` table.
200
- *
201
- * Permanently removes the device code entry. This should be called after
202
- * the device authorization has been successfully exchanged for tokens, or
203
- * when the authorization has expired and needs to be cleaned up.
204
- *
205
- * @param deviceId - The `_id` of the `DeviceCode` document to delete.
206
- * @returns `null` on success.
207
- *
208
- * @example
209
- * ```ts
210
- * // Clean up after successful token exchange
211
- * await ctx.runMutation(
212
- * components.auth.factors.devices.deviceDelete,
213
- * { deviceId: deviceCode._id },
214
- * );
215
- * ```
216
- */
217
- export const deviceDelete = mutation({
218
- args: { deviceId: v.id("DeviceCode") },
219
- returns: v.null(),
220
- handler: async (ctx, { deviceId }) => {
221
- await ctx.db.delete("DeviceCode", deviceId);
222
- return null;
223
- },
224
- });