npm - @robelest/convex-auth - Versions diffs - 0.0.4-preview.25 → 0.0.4-preview.28 - Mend

@robelest/convex-auth 0.0.4-preview.25 → 0.0.4-preview.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (666) hide show

package/README.md +43 -36
package/dist/bin.js +5765 -4880
package/dist/browser/index.d.ts +30 -0
package/dist/browser/index.js +93 -0
package/dist/browser/locks.js +11 -0
package/dist/browser/navigation.js +14 -0
package/dist/{factors → browser}/passkey.js +23 -32
package/dist/browser/runtime.js +92 -0
package/dist/client/core/types.d.ts +452 -5
package/dist/client/core/types.js +17 -0
package/dist/client/errors.js +19 -0
package/dist/client/factors/device.js +94 -0
package/dist/{factors → client/factors}/totp.js +12 -4
package/dist/client/index.d.ts +47 -1
package/dist/client/index.js +269 -232
package/dist/client/runtime/mutex.js +24 -0
package/dist/client/runtime/proxy.js +30 -0
package/dist/client/runtime/storage.js +45 -0
package/dist/client/services/adapters.js +7 -0
package/dist/client/services/http.js +6 -0
package/dist/client/services/resolve.js +13 -0
package/dist/client/services/runtime.js +6 -0
package/dist/component/_generated/component.d.ts +1355 -1399
package/dist/component/convex.config.d.ts +2 -2
package/dist/component/index.d.ts +4 -26
package/dist/component/index.js +1 -1
package/dist/component/model.d.ts +26 -112
package/dist/component/model.js +76 -54
package/dist/component/modules.js +38 -0
package/dist/component/public/factors/devices.js +1 -1
package/dist/component/public/factors/passkeys.js +1 -1
package/dist/component/public/factors/totp.js +1 -1
package/dist/component/public/groups/core.js +2 -2
package/dist/component/public/groups/invites.js +1 -1
package/dist/component/public/groups/members.js +1 -1
package/dist/component/public/identity/accounts.js +1 -1
package/dist/component/public/identity/codes.js +1 -1
package/dist/component/public/identity/sessions.js +39 -2
package/dist/component/public/identity/tokens.js +82 -4
package/dist/component/public/identity/users.js +1 -1
package/dist/component/public/identity/verifiers.js +10 -4
package/dist/component/public/security/keys.js +1 -1
package/dist/component/public/security/limits.js +1 -1
package/dist/component/public/{enterprise → sso}/audit.js +26 -26
package/dist/component/public/sso/core.js +263 -0
package/dist/component/public/sso/domains.js +280 -0
package/dist/component/public/{enterprise → sso}/scim.js +87 -87
package/dist/component/public/sso/secrets.js +125 -0
package/dist/component/public/{enterprise → sso}/webhooks.js +59 -59
package/dist/component/public.js +9 -9
package/dist/component/schema.d.ts +472 -393
package/dist/component/schema.js +36 -35
package/dist/core/index.d.ts +380 -0
package/dist/core/index.js +83 -0
package/dist/otel.d.ts +69 -0
package/dist/otel.js +82 -0
package/dist/providers/anonymous.d.ts +15 -34
package/dist/providers/anonymous.js +27 -35
package/dist/providers/apple.d.ts +59 -0
package/dist/providers/apple.js +58 -0
package/dist/providers/credentials.d.ts +18 -34
package/dist/providers/credentials.js +16 -27
package/dist/providers/custom.d.ts +94 -0
package/dist/providers/custom.js +119 -0
package/dist/providers/device.d.ts +15 -49
package/dist/providers/device.js +17 -34
package/dist/providers/email.d.ts +21 -38
package/dist/providers/email.js +36 -55
package/dist/providers/github.d.ts +54 -0
package/dist/providers/github.js +75 -0
package/dist/providers/google.d.ts +54 -0
package/dist/providers/google.js +61 -0
package/dist/providers/index.d.ts +16 -12
package/dist/providers/index.js +15 -11
package/dist/providers/microsoft.d.ts +57 -0
package/dist/providers/microsoft.js +101 -0
package/dist/providers/passkey.d.ts +19 -35
package/dist/providers/passkey.js +20 -30
package/dist/providers/password.d.ts +17 -18
package/dist/providers/password.js +121 -143
package/dist/providers/phone.d.ts +13 -28
package/dist/providers/phone.js +21 -46
package/dist/providers/sso.d.ts +16 -36
package/dist/providers/sso.js +21 -22
package/dist/providers/totp.d.ts +13 -29
package/dist/providers/totp.js +17 -27
package/dist/server/auth-context.d.ts +204 -0
package/dist/server/auth-context.js +76 -0
package/dist/server/auth.d.ts +99 -244
package/dist/server/auth.js +56 -152
package/dist/server/componentContext.d.ts +12 -0
package/dist/server/componentContext.js +1 -0
package/dist/server/config.js +6 -67
package/dist/server/constants.js +6 -0
package/dist/server/contract.d.ts +105 -0
package/dist/server/contract.js +43 -0
package/dist/server/cookies.js +3 -2
package/dist/server/core.js +31 -36
package/dist/server/crypto.js +34 -44
package/dist/server/db.js +6 -1
package/dist/server/device.js +96 -130
package/dist/server/env.js +48 -0
package/dist/server/errors.js +20 -0
package/dist/server/http.d.ts +15 -59
package/dist/server/http.js +136 -120
package/dist/server/identity.js +2 -2
package/dist/server/index.d.ts +5 -4
package/dist/server/index.js +3 -3
package/dist/server/keys.js +10 -1
package/dist/server/limits.js +26 -26
package/dist/server/log.js +28 -0
package/dist/server/mounts.d.ts +1107 -296
package/dist/server/mounts.js +315 -196
package/dist/server/mutations/account.js +11 -14
package/dist/server/mutations/code.js +6 -5
package/dist/server/mutations/invalidate.js +9 -11
package/dist/server/mutations/oauth.js +112 -73
package/dist/server/mutations/refresh.js +47 -97
package/dist/server/mutations/register.js +37 -35
package/dist/server/mutations/retrieve.js +16 -16
package/dist/server/mutations/signature.js +15 -18
package/dist/server/mutations/signin.js +10 -5
package/dist/server/mutations/signout.js +11 -14
package/dist/server/mutations/store.js +25 -18
package/dist/server/mutations/verifier.js +11 -8
package/dist/server/mutations/verify.js +53 -41
package/dist/server/oauth/factory.js +44 -0
package/dist/server/oauth/index.js +12 -0
package/dist/server/oauth/runtime.js +248 -0
package/dist/server/passkey.js +331 -365
package/dist/server/payloads.d.ts +16 -0
package/dist/server/payloads.js +30 -0
package/dist/server/{ssr.d.ts → prefetch.d.ts} +2 -2
package/dist/server/prefetch.js +635 -0
package/dist/server/random.js +19 -0
package/dist/server/redirects.js +10 -5
package/dist/server/refresh.js +14 -86
package/dist/server/runtime.d.ts +531 -31
package/dist/server/runtime.js +106 -267
package/dist/server/secret.js +44 -0
package/dist/server/services/config.js +10 -0
package/dist/server/services/group.js +211 -0
package/dist/server/services/logger.js +8 -0
package/dist/server/services/providers.js +22 -0
package/dist/server/services/refresh.js +8 -0
package/dist/server/services/resolve.js +27 -0
package/dist/server/services/signin.js +8 -0
package/dist/server/sessions.js +35 -34
package/dist/server/signin.js +229 -140
package/dist/server/{enterprise → sso}/config.js +10 -3
package/dist/server/sso/domain.d.ts +614 -0
package/dist/server/sso/domain.js +1175 -0
package/dist/server/sso/http.js +1060 -0
package/dist/server/sso/oidc.js +324 -0
package/dist/server/sso/policies.js +59 -0
package/dist/server/sso/policy.js +139 -0
package/dist/server/sso/profile.js +22 -0
package/dist/server/sso/provision.js +179 -0
package/dist/{component/server/enterprise → server/sso}/saml.js +142 -56
package/dist/{component/server/enterprise → server/sso}/scim.js +13 -7
package/dist/server/sso/shared.js +74 -0
package/dist/server/sso/validators.js +88 -0
package/dist/server/sso/webhook.js +94 -0
package/dist/server/tokens.js +16 -4
package/dist/server/totp.js +155 -164
package/dist/server/types.d.ts +306 -296
package/dist/server/types.js +1 -30
package/dist/server/url.js +32 -0
package/dist/server/users.js +74 -40
package/dist/server/utils/cache.js +51 -0
package/dist/server/utils/dispatch.js +36 -0
package/dist/server/utils/retry.js +24 -0
package/dist/server/utils/span.js +32 -0
package/dist/shared/errors.js +19 -0
package/dist/shared/log.js +45 -0
package/{src/test.ts → dist/test.d.ts} +21 -22
package/dist/test.js +51 -0
package/package.json +70 -42
package/dist/authorization/index.d.ts.map +0 -1
package/dist/authorization/index.js.map +0 -1
package/dist/client/core/types.d.ts.map +0 -1
package/dist/client/index.d.ts.map +0 -1
package/dist/client/index.js.map +0 -1
package/dist/component/_generated/api.d.ts +0 -75
package/dist/component/_generated/api.d.ts.map +0 -1
package/dist/component/_generated/api.js.map +0 -1
package/dist/component/_generated/component.d.ts.map +0 -1
package/dist/component/_generated/dataModel.d.ts +0 -42
package/dist/component/_generated/dataModel.d.ts.map +0 -1
package/dist/component/_generated/server.d.ts +0 -117
package/dist/component/_generated/server.d.ts.map +0 -1
package/dist/component/_generated/server.js.map +0 -1
package/dist/component/_virtual/rolldown_runtime.js +0 -18
package/dist/component/client/core/types.d.ts +0 -2
package/dist/component/client/index.d.ts +0 -1
package/dist/component/convex.config.d.ts.map +0 -1
package/dist/component/convex.config.js.map +0 -1
package/dist/component/functions.d.ts +0 -25
package/dist/component/functions.d.ts.map +0 -1
package/dist/component/functions.js.map +0 -1
package/dist/component/index.d.ts.map +0 -1
package/dist/component/model.d.ts.map +0 -1
package/dist/component/model.js.map +0 -1
package/dist/component/providers/anonymous.d.ts +0 -54
package/dist/component/providers/anonymous.d.ts.map +0 -1
package/dist/component/providers/credentials.d.ts +0 -38
package/dist/component/providers/credentials.d.ts.map +0 -1
package/dist/component/providers/device.d.ts +0 -67
package/dist/component/providers/device.d.ts.map +0 -1
package/dist/component/providers/email.d.ts +0 -62
package/dist/component/providers/email.d.ts.map +0 -1
package/dist/component/providers/oauth.d.ts +0 -25
package/dist/component/providers/oauth.d.ts.map +0 -1
package/dist/component/providers/oauth.js +0 -13
package/dist/component/providers/oauth.js.map +0 -1
package/dist/component/providers/passkey.d.ts +0 -57
package/dist/component/providers/passkey.d.ts.map +0 -1
package/dist/component/providers/password.d.ts +0 -88
package/dist/component/providers/password.d.ts.map +0 -1
package/dist/component/providers/phone.d.ts +0 -48
package/dist/component/providers/phone.d.ts.map +0 -1
package/dist/component/providers/sso.d.ts +0 -50
package/dist/component/providers/sso.d.ts.map +0 -1
package/dist/component/providers/totp.d.ts +0 -45
package/dist/component/providers/totp.d.ts.map +0 -1
package/dist/component/public/enterprise/audit.d.ts +0 -73
package/dist/component/public/enterprise/audit.d.ts.map +0 -1
package/dist/component/public/enterprise/audit.js.map +0 -1
package/dist/component/public/enterprise/core.d.ts +0 -176
package/dist/component/public/enterprise/core.d.ts.map +0 -1
package/dist/component/public/enterprise/core.js +0 -292
package/dist/component/public/enterprise/core.js.map +0 -1
package/dist/component/public/enterprise/domains.d.ts +0 -174
package/dist/component/public/enterprise/domains.d.ts.map +0 -1
package/dist/component/public/enterprise/domains.js +0 -271
package/dist/component/public/enterprise/domains.js.map +0 -1
package/dist/component/public/enterprise/scim.d.ts +0 -245
package/dist/component/public/enterprise/scim.d.ts.map +0 -1
package/dist/component/public/enterprise/scim.js.map +0 -1
package/dist/component/public/enterprise/secrets.d.ts +0 -78
package/dist/component/public/enterprise/secrets.d.ts.map +0 -1
package/dist/component/public/enterprise/secrets.js +0 -118
package/dist/component/public/enterprise/secrets.js.map +0 -1
package/dist/component/public/enterprise/webhooks.d.ts +0 -211
package/dist/component/public/enterprise/webhooks.d.ts.map +0 -1
package/dist/component/public/enterprise/webhooks.js.map +0 -1
package/dist/component/public/factors/devices.d.ts +0 -157
package/dist/component/public/factors/devices.d.ts.map +0 -1
package/dist/component/public/factors/devices.js.map +0 -1
package/dist/component/public/factors/passkeys.d.ts +0 -175
package/dist/component/public/factors/passkeys.d.ts.map +0 -1
package/dist/component/public/factors/passkeys.js.map +0 -1
package/dist/component/public/factors/totp.d.ts +0 -189
package/dist/component/public/factors/totp.d.ts.map +0 -1
package/dist/component/public/factors/totp.js.map +0 -1
package/dist/component/public/groups/core.d.ts +0 -137
package/dist/component/public/groups/core.d.ts.map +0 -1
package/dist/component/public/groups/core.js.map +0 -1
package/dist/component/public/groups/invites.d.ts +0 -217
package/dist/component/public/groups/invites.d.ts.map +0 -1
package/dist/component/public/groups/invites.js.map +0 -1
package/dist/component/public/groups/members.d.ts +0 -204
package/dist/component/public/groups/members.d.ts.map +0 -1
package/dist/component/public/groups/members.js.map +0 -1
package/dist/component/public/identity/accounts.d.ts +0 -147
package/dist/component/public/identity/accounts.d.ts.map +0 -1
package/dist/component/public/identity/accounts.js.map +0 -1
package/dist/component/public/identity/codes.d.ts +0 -104
package/dist/component/public/identity/codes.d.ts.map +0 -1
package/dist/component/public/identity/codes.js.map +0 -1
package/dist/component/public/identity/sessions.d.ts +0 -128
package/dist/component/public/identity/sessions.d.ts.map +0 -1
package/dist/component/public/identity/sessions.js.map +0 -1
package/dist/component/public/identity/tokens.d.ts +0 -169
package/dist/component/public/identity/tokens.d.ts.map +0 -1
package/dist/component/public/identity/tokens.js.map +0 -1
package/dist/component/public/identity/users.d.ts +0 -212
package/dist/component/public/identity/users.d.ts.map +0 -1
package/dist/component/public/identity/users.js.map +0 -1
package/dist/component/public/identity/verifiers.d.ts +0 -116
package/dist/component/public/identity/verifiers.d.ts.map +0 -1
package/dist/component/public/identity/verifiers.js.map +0 -1
package/dist/component/public/security/keys.d.ts +0 -209
package/dist/component/public/security/keys.d.ts.map +0 -1
package/dist/component/public/security/keys.js.map +0 -1
package/dist/component/public/security/limits.d.ts +0 -114
package/dist/component/public/security/limits.d.ts.map +0 -1
package/dist/component/public/security/limits.js.map +0 -1
package/dist/component/public.d.ts +0 -28
package/dist/component/public.d.ts.map +0 -1
package/dist/component/schema.d.ts.map +0 -1
package/dist/component/schema.js.map +0 -1
package/dist/component/server/auth.d.ts +0 -447
package/dist/component/server/auth.d.ts.map +0 -1
package/dist/component/server/auth.js +0 -254
package/dist/component/server/auth.js.map +0 -1
package/dist/component/server/config.js +0 -121
package/dist/component/server/config.js.map +0 -1
package/dist/component/server/context.js +0 -53
package/dist/component/server/context.js.map +0 -1
package/dist/component/server/cookies.js +0 -47
package/dist/component/server/cookies.js.map +0 -1
package/dist/component/server/core.js +0 -576
package/dist/component/server/core.js.map +0 -1
package/dist/component/server/crypto.js +0 -56
package/dist/component/server/crypto.js.map +0 -1
package/dist/component/server/db.js +0 -87
package/dist/component/server/db.js.map +0 -1
package/dist/component/server/device.js +0 -152
package/dist/component/server/device.js.map +0 -1
package/dist/component/server/enterprise/config.js +0 -46
package/dist/component/server/enterprise/config.js.map +0 -1
package/dist/component/server/enterprise/domain.js +0 -974
package/dist/component/server/enterprise/domain.js.map +0 -1
package/dist/component/server/enterprise/http.js +0 -787
package/dist/component/server/enterprise/http.js.map +0 -1
package/dist/component/server/enterprise/oidc.js +0 -248
package/dist/component/server/enterprise/oidc.js.map +0 -1
package/dist/component/server/enterprise/policy.js +0 -85
package/dist/component/server/enterprise/policy.js.map +0 -1
package/dist/component/server/enterprise/saml.js.map +0 -1
package/dist/component/server/enterprise/scim.js.map +0 -1
package/dist/component/server/enterprise/shared.js +0 -51
package/dist/component/server/enterprise/shared.js.map +0 -1
package/dist/component/server/http.d.ts +0 -85
package/dist/component/server/http.d.ts.map +0 -1
package/dist/component/server/http.js +0 -351
package/dist/component/server/http.js.map +0 -1
package/dist/component/server/identity.js +0 -16
package/dist/component/server/identity.js.map +0 -1
package/dist/component/server/keys.js +0 -96
package/dist/component/server/keys.js.map +0 -1
package/dist/component/server/limits.js +0 -52
package/dist/component/server/limits.js.map +0 -1
package/dist/component/server/mutations/account.js +0 -46
package/dist/component/server/mutations/account.js.map +0 -1
package/dist/component/server/mutations/code.js +0 -68
package/dist/component/server/mutations/code.js.map +0 -1
package/dist/component/server/mutations/invalidate.js +0 -32
package/dist/component/server/mutations/invalidate.js.map +0 -1
package/dist/component/server/mutations/oauth.js +0 -116
package/dist/component/server/mutations/oauth.js.map +0 -1
package/dist/component/server/mutations/refresh.js +0 -119
package/dist/component/server/mutations/refresh.js.map +0 -1
package/dist/component/server/mutations/register.js +0 -87
package/dist/component/server/mutations/register.js.map +0 -1
package/dist/component/server/mutations/retrieve.js +0 -61
package/dist/component/server/mutations/retrieve.js.map +0 -1
package/dist/component/server/mutations/signature.js +0 -38
package/dist/component/server/mutations/signature.js.map +0 -1
package/dist/component/server/mutations/signin.js +0 -27
package/dist/component/server/mutations/signin.js.map +0 -1
package/dist/component/server/mutations/signout.js +0 -27
package/dist/component/server/mutations/signout.js.map +0 -1
package/dist/component/server/mutations/store/refs.js +0 -15
package/dist/component/server/mutations/store/refs.js.map +0 -1
package/dist/component/server/mutations/store.js +0 -70
package/dist/component/server/mutations/store.js.map +0 -1
package/dist/component/server/mutations/verifier.js +0 -18
package/dist/component/server/mutations/verifier.js.map +0 -1
package/dist/component/server/mutations/verify.js +0 -98
package/dist/component/server/mutations/verify.js.map +0 -1
package/dist/component/server/oauth.js +0 -242
package/dist/component/server/oauth.js.map +0 -1
package/dist/component/server/passkey.js +0 -415
package/dist/component/server/passkey.js.map +0 -1
package/dist/component/server/redirects.js +0 -40
package/dist/component/server/redirects.js.map +0 -1
package/dist/component/server/refresh.js +0 -99
package/dist/component/server/refresh.js.map +0 -1
package/dist/component/server/runtime.d.ts +0 -136
package/dist/component/server/runtime.d.ts.map +0 -1
package/dist/component/server/runtime.js +0 -456
package/dist/component/server/runtime.js.map +0 -1
package/dist/component/server/sessions.js +0 -71
package/dist/component/server/sessions.js.map +0 -1
package/dist/component/server/signin.js +0 -225
package/dist/component/server/signin.js.map +0 -1
package/dist/component/server/tokens.js +0 -17
package/dist/component/server/tokens.js.map +0 -1
package/dist/component/server/totp.js +0 -208
package/dist/component/server/totp.js.map +0 -1
package/dist/component/server/types.d.ts +0 -949
package/dist/component/server/types.d.ts.map +0 -1
package/dist/component/server/types.js +0 -79
package/dist/component/server/types.js.map +0 -1
package/dist/component/server/users.js +0 -123
package/dist/component/server/users.js.map +0 -1
package/dist/component/server/utils.js +0 -140
package/dist/component/server/utils.js.map +0 -1
package/dist/core/types.d.ts +0 -361
package/dist/core/types.d.ts.map +0 -1
package/dist/factors/device.js +0 -104
package/dist/factors/device.js.map +0 -1
package/dist/factors/passkey.js.map +0 -1
package/dist/factors/totp.js.map +0 -1
package/dist/providers/anonymous.d.ts.map +0 -1
package/dist/providers/anonymous.js.map +0 -1
package/dist/providers/credentials.d.ts.map +0 -1
package/dist/providers/credentials.js.map +0 -1
package/dist/providers/device.d.ts.map +0 -1
package/dist/providers/device.js.map +0 -1
package/dist/providers/email.d.ts.map +0 -1
package/dist/providers/email.js.map +0 -1
package/dist/providers/oauth.d.ts +0 -69
package/dist/providers/oauth.d.ts.map +0 -1
package/dist/providers/oauth.js +0 -43
package/dist/providers/oauth.js.map +0 -1
package/dist/providers/passkey.d.ts.map +0 -1
package/dist/providers/passkey.js.map +0 -1
package/dist/providers/password.d.ts.map +0 -1
package/dist/providers/password.js.map +0 -1
package/dist/providers/phone.d.ts.map +0 -1
package/dist/providers/phone.js.map +0 -1
package/dist/providers/sso.d.ts.map +0 -1
package/dist/providers/sso.js.map +0 -1
package/dist/providers/totp.d.ts.map +0 -1
package/dist/providers/totp.js.map +0 -1
package/dist/runtime/browser.js +0 -68
package/dist/runtime/browser.js.map +0 -1
package/dist/runtime/invite.js.map +0 -1
package/dist/runtime/proxy.js +0 -70
package/dist/runtime/proxy.js.map +0 -1
package/dist/runtime/storage.js +0 -37
package/dist/runtime/storage.js.map +0 -1
package/dist/server/auth.d.ts.map +0 -1
package/dist/server/auth.js.map +0 -1
package/dist/server/config.d.ts +0 -1
package/dist/server/config.js.map +0 -1
package/dist/server/context.d.ts +0 -1
package/dist/server/context.js.map +0 -1
package/dist/server/cookies.d.ts +0 -1
package/dist/server/cookies.js.map +0 -1
package/dist/server/core.d.ts +0 -1315
package/dist/server/core.d.ts.map +0 -1
package/dist/server/core.js.map +0 -1
package/dist/server/crypto.d.ts +0 -8
package/dist/server/crypto.d.ts.map +0 -1
package/dist/server/crypto.js.map +0 -1
package/dist/server/db.d.ts +0 -1
package/dist/server/db.js.map +0 -1
package/dist/server/device.d.ts +0 -1
package/dist/server/device.js.map +0 -1
package/dist/server/enterprise/config.d.ts +0 -1
package/dist/server/enterprise/config.js.map +0 -1
package/dist/server/enterprise/domain.d.ts +0 -401
package/dist/server/enterprise/domain.d.ts.map +0 -1
package/dist/server/enterprise/domain.js +0 -974
package/dist/server/enterprise/domain.js.map +0 -1
package/dist/server/enterprise/http.d.ts +0 -26
package/dist/server/enterprise/http.d.ts.map +0 -1
package/dist/server/enterprise/http.js +0 -787
package/dist/server/enterprise/http.js.map +0 -1
package/dist/server/enterprise/oidc.d.ts +0 -1
package/dist/server/enterprise/oidc.js +0 -248
package/dist/server/enterprise/oidc.js.map +0 -1
package/dist/server/enterprise/policy.d.ts +0 -1
package/dist/server/enterprise/policy.js +0 -85
package/dist/server/enterprise/policy.js.map +0 -1
package/dist/server/enterprise/saml.d.ts +0 -1
package/dist/server/enterprise/saml.js +0 -338
package/dist/server/enterprise/saml.js.map +0 -1
package/dist/server/enterprise/scim.d.ts +0 -1
package/dist/server/enterprise/scim.js +0 -97
package/dist/server/enterprise/scim.js.map +0 -1
package/dist/server/enterprise/shared.d.ts +0 -5
package/dist/server/enterprise/shared.d.ts.map +0 -1
package/dist/server/enterprise/shared.js +0 -51
package/dist/server/enterprise/shared.js.map +0 -1
package/dist/server/enterprise/validators.d.ts +0 -1
package/dist/server/enterprise/validators.js +0 -60
package/dist/server/enterprise/validators.js.map +0 -1
package/dist/server/http.d.ts.map +0 -1
package/dist/server/http.js.map +0 -1
package/dist/server/identity.d.ts +0 -1
package/dist/server/identity.js.map +0 -1
package/dist/server/keys.d.ts +0 -1
package/dist/server/keys.js.map +0 -1
package/dist/server/limits.d.ts +0 -1
package/dist/server/limits.js.map +0 -1
package/dist/server/mounts.d.ts.map +0 -1
package/dist/server/mounts.js.map +0 -1
package/dist/server/mutations/account.d.ts +0 -29
package/dist/server/mutations/account.d.ts.map +0 -1
package/dist/server/mutations/account.js.map +0 -1
package/dist/server/mutations/code.d.ts +0 -30
package/dist/server/mutations/code.d.ts.map +0 -1
package/dist/server/mutations/code.js.map +0 -1
package/dist/server/mutations/index.d.ts +0 -14
package/dist/server/mutations/invalidate.d.ts +0 -20
package/dist/server/mutations/invalidate.d.ts.map +0 -1
package/dist/server/mutations/invalidate.js.map +0 -1
package/dist/server/mutations/oauth.d.ts +0 -30
package/dist/server/mutations/oauth.d.ts.map +0 -1
package/dist/server/mutations/oauth.js.map +0 -1
package/dist/server/mutations/refresh.d.ts +0 -21
package/dist/server/mutations/refresh.d.ts.map +0 -1
package/dist/server/mutations/refresh.js.map +0 -1
package/dist/server/mutations/register.d.ts +0 -38
package/dist/server/mutations/register.d.ts.map +0 -1
package/dist/server/mutations/register.js.map +0 -1
package/dist/server/mutations/retrieve.d.ts +0 -33
package/dist/server/mutations/retrieve.d.ts.map +0 -1
package/dist/server/mutations/retrieve.js.map +0 -1
package/dist/server/mutations/signature.d.ts +0 -21
package/dist/server/mutations/signature.d.ts.map +0 -1
package/dist/server/mutations/signature.js.map +0 -1
package/dist/server/mutations/signin.d.ts +0 -22
package/dist/server/mutations/signin.d.ts.map +0 -1
package/dist/server/mutations/signin.js.map +0 -1
package/dist/server/mutations/signout.d.ts +0 -16
package/dist/server/mutations/signout.d.ts.map +0 -1
package/dist/server/mutations/signout.js.map +0 -1
package/dist/server/mutations/store/refs.d.ts +0 -12
package/dist/server/mutations/store/refs.d.ts.map +0 -1
package/dist/server/mutations/store/refs.js.map +0 -1
package/dist/server/mutations/store.d.ts +0 -306
package/dist/server/mutations/store.d.ts.map +0 -1
package/dist/server/mutations/store.js.map +0 -1
package/dist/server/mutations/verifier.d.ts +0 -13
package/dist/server/mutations/verifier.d.ts.map +0 -1
package/dist/server/mutations/verifier.js.map +0 -1
package/dist/server/mutations/verify.d.ts +0 -26
package/dist/server/mutations/verify.d.ts.map +0 -1
package/dist/server/mutations/verify.js.map +0 -1
package/dist/server/oauth.d.ts +0 -1
package/dist/server/oauth.js +0 -242
package/dist/server/oauth.js.map +0 -1
package/dist/server/passkey.d.ts +0 -27
package/dist/server/passkey.d.ts.map +0 -1
package/dist/server/passkey.js.map +0 -1
package/dist/server/redirects.d.ts +0 -1
package/dist/server/redirects.js.map +0 -1
package/dist/server/refresh.d.ts +0 -1
package/dist/server/refresh.js.map +0 -1
package/dist/server/runtime.d.ts.map +0 -1
package/dist/server/runtime.js.map +0 -1
package/dist/server/sessions.d.ts +0 -1
package/dist/server/sessions.js.map +0 -1
package/dist/server/signin.d.ts +0 -1
package/dist/server/signin.js.map +0 -1
package/dist/server/ssr.d.ts.map +0 -1
package/dist/server/ssr.js +0 -777
package/dist/server/ssr.js.map +0 -1
package/dist/server/templates.d.ts +0 -1
package/dist/server/templates.js.map +0 -1
package/dist/server/tokens.d.ts +0 -1
package/dist/server/tokens.js.map +0 -1
package/dist/server/totp.d.ts +0 -1
package/dist/server/totp.js.map +0 -1
package/dist/server/types.d.ts.map +0 -1
package/dist/server/types.js.map +0 -1
package/dist/server/users.d.ts +0 -1
package/dist/server/users.js.map +0 -1
package/dist/server/utils.d.ts +0 -1
package/dist/server/utils.js +0 -140
package/dist/server/utils.js.map +0 -1
package/src/authorization/index.ts +0 -83
package/src/cli/bin.ts +0 -5
package/src/cli/command.ts +0 -70
package/src/cli/index.ts +0 -1112
package/src/cli/keys.ts +0 -23
package/src/client/core/types.ts +0 -437
package/src/client/factors/device.ts +0 -158
package/src/client/factors/passkey.ts +0 -279
package/src/client/factors/totp.ts +0 -150
package/src/client/index.ts +0 -1124
package/src/client/runtime/browser.ts +0 -112
package/src/client/runtime/invite.ts +0 -63
package/src/client/runtime/proxy.ts +0 -111
package/src/client/runtime/storage.ts +0 -79
package/src/component/_generated/api.ts +0 -96
package/src/component/_generated/component.ts +0 -3774
package/src/component/_generated/dataModel.ts +0 -60
package/src/component/_generated/server.ts +0 -156
package/src/component/convex.config.ts +0 -5
package/src/component/functions.ts +0 -104
package/src/component/index.ts +0 -42
package/src/component/model.ts +0 -449
package/src/component/public/enterprise/audit.ts +0 -125
package/src/component/public/enterprise/core.ts +0 -355
package/src/component/public/enterprise/domains.ts +0 -327
package/src/component/public/enterprise/scim.ts +0 -397
package/src/component/public/enterprise/secrets.ts +0 -133
package/src/component/public/enterprise/webhooks.ts +0 -307
package/src/component/public/factors/devices.ts +0 -224
package/src/component/public/factors/passkeys.ts +0 -243
package/src/component/public/factors/totp.ts +0 -259
package/src/component/public/groups/core.ts +0 -481
package/src/component/public/groups/invites.ts +0 -608
package/src/component/public/groups/members.ts +0 -410
package/src/component/public/identity/accounts.ts +0 -207
package/src/component/public/identity/codes.ts +0 -149
package/src/component/public/identity/sessions.ts +0 -210
package/src/component/public/identity/tokens.ts +0 -251
package/src/component/public/identity/users.ts +0 -355
package/src/component/public/identity/verifiers.ts +0 -158
package/src/component/public/security/keys.ts +0 -366
package/src/component/public/security/limits.ts +0 -174
package/src/component/public.ts +0 -27
package/src/component/schema.ts +0 -505
package/src/providers/anonymous.ts +0 -99
package/src/providers/credentials.ts +0 -102
package/src/providers/device.ts +0 -87
package/src/providers/email.ts +0 -99
package/src/providers/index.ts +0 -31
package/src/providers/oauth.ts +0 -117
package/src/providers/passkey.ts +0 -77
package/src/providers/password.ts +0 -441
package/src/providers/phone.ts +0 -93
package/src/providers/sso.ts +0 -54
package/src/providers/totp.ts +0 -62
package/src/samlify.d.ts +0 -53
package/src/server/auth.ts +0 -949
package/src/server/config.ts +0 -200
package/src/server/context.ts +0 -90
package/src/server/cookies.ts +0 -49
package/src/server/core.ts +0 -2004
package/src/server/crypto.ts +0 -90
package/src/server/db.ts +0 -203
package/src/server/device.ts +0 -254
package/src/server/enterprise/config.ts +0 -51
package/src/server/enterprise/domain.ts +0 -1739
package/src/server/enterprise/http.ts +0 -1331
package/src/server/enterprise/oidc.ts +0 -500
package/src/server/enterprise/policy.ts +0 -128
package/src/server/enterprise/saml.ts +0 -578
package/src/server/enterprise/scim.ts +0 -135
package/src/server/enterprise/shared.ts +0 -134
package/src/server/enterprise/validators.ts +0 -93
package/src/server/http.ts +0 -790
package/src/server/identity.ts +0 -18
package/src/server/index.ts +0 -40
package/src/server/keys.ts +0 -158
package/src/server/limits.ts +0 -107
package/src/server/mounts.ts +0 -924
package/src/server/mutations/account.ts +0 -62
package/src/server/mutations/code.ts +0 -119
package/src/server/mutations/index.ts +0 -13
package/src/server/mutations/invalidate.ts +0 -50
package/src/server/mutations/oauth.ts +0 -243
package/src/server/mutations/refresh.ts +0 -299
package/src/server/mutations/register.ts +0 -155
package/src/server/mutations/retrieve.ts +0 -109
package/src/server/mutations/signature.ts +0 -57
package/src/server/mutations/signin.ts +0 -54
package/src/server/mutations/signout.ts +0 -43
package/src/server/mutations/store/refs.ts +0 -10
package/src/server/mutations/store.ts +0 -123
package/src/server/mutations/verifier.ts +0 -34
package/src/server/mutations/verify.ts +0 -200
package/src/server/oauth.ts +0 -418
package/src/server/passkey.ts +0 -838
package/src/server/redirects.ts +0 -59
package/src/server/refresh.ts +0 -218
package/src/server/runtime.ts +0 -918
package/src/server/sessions.ts +0 -132
package/src/server/signin.ts +0 -445
package/src/server/ssr.ts +0 -1747
package/src/server/templates.ts +0 -82
package/src/server/tokens.ts +0 -35
package/src/server/totp.ts +0 -399
package/src/server/types.ts +0 -1942
package/src/server/users.ts +0 -291
package/src/server/utils.ts +0 -220
/package/dist/{runtime → client/runtime}/invite.js +0 -0

package/src/server/crypto.ts DELETED Viewed

@@ -1,90 +0,0 @@
-import { Fx } from "@robelest/fx";
-import { Cv } from "@robelest/fx/convex";
-import { ConvexError } from "convex/values";
-import { AuthProviderMaterializedConfig } from "./types";
-import { ConvexAuthMaterializedConfig } from "./types";
-import { errorMessage } from "./utils";
-/**
- * Hash a secret using the provider's `crypto.hashSecret` function.
- *
- * Validates that the provider is a credentials provider and has the
- * required crypto function, returning typed errors through the Fx channel.
- */
-/** @internal */
-export const hash = (
-  provider: any,
-  secret: string,
-): Fx<string, ConvexError<any>> =>
-  Fx.gen(function* () {
-    if (provider.type !== "credentials") {
-      return yield* Cv.fail({
-        code: "INVALID_CREDENTIALS_PROVIDER",
-        message: `Provider ${provider.id} is not a credentials provider`,
-      });
-    }
-    const hashSecretFn = provider.crypto?.hashSecret as
-      | ((s: string) => Promise<string>)
-      | undefined;
-    if (!hashSecretFn) {
-      return yield* Cv.fail({
-        code: "MISSING_CRYPTO_FUNCTION",
-        message: `Provider ${provider.id} does not have a \`crypto.hashSecret\` function`,
-      });
-    }
-    return yield* Fx.from({
-      ok: () => hashSecretFn(secret),
-      err: (e) =>
-        Cv.error({
-          code: "INTERNAL_ERROR",
-          message: `Hash failed: ${errorMessage(e)}`,
-        }),
-    });
-  });
-/**
- * Verify a secret against a hash using the provider's `crypto.verifySecret` function.
- */
-/** @internal */
-export const verify = (
-  provider: AuthProviderMaterializedConfig,
-  secret: string,
-  hashValue: string,
-): Fx<boolean, ConvexError<any>> =>
-  Fx.gen(function* () {
-    if (provider.type !== "credentials") {
-      return yield* Cv.fail({
-        code: "INVALID_CREDENTIALS_PROVIDER",
-        message: `Provider ${provider.id} is not a credentials provider`,
-      });
-    }
-    const verifySecretFn = (provider as any).crypto?.verifySecret as
-      | ((s: string, h: string) => Promise<boolean>)
-      | undefined;
-    if (!verifySecretFn) {
-      return yield* Cv.fail({
-        code: "MISSING_CRYPTO_FUNCTION",
-        message: `Provider ${provider.id} does not have a \`crypto.verifySecret\` function`,
-      });
-    }
-    return yield* Fx.from({
-      ok: () => verifySecretFn(secret, hashValue),
-      err: (e) =>
-        Cv.error({
-          code: "INTERNAL_ERROR",
-          message: `Verify failed: ${errorMessage(e)}`,
-        }),
-    });
-  });
-export type GetProviderOrThrowFunc = (
-  provider: string,
-  allowExtraProviders?: boolean,
-) => AuthProviderMaterializedConfig;
-export type Config = ConvexAuthMaterializedConfig;

package/src/server/db.ts DELETED Viewed

@@ -1,203 +0,0 @@
-import {
-  GenericActionCtx,
-  GenericDataModel,
-  GenericMutationCtx,
-  FunctionReference,
-} from "convex/server";
-type MutationCtxLike = Pick<
-  GenericMutationCtx<GenericDataModel>,
-  "runQuery" | "runMutation"
->;
-type ActionCtxLike = Pick<
-  GenericActionCtx<GenericDataModel>,
-  "runQuery" | "runMutation" | "runAction"
->;
-type CtxLike = MutationCtxLike | ActionCtxLike;
-type AuthComponentApiLike = {
-  public: {
-    userGetById: FunctionReference<"query", "internal">;
-    userFindByVerifiedEmail: FunctionReference<"query", "internal">;
-    userFindByVerifiedPhone: FunctionReference<"query", "internal">;
-    userInsert: FunctionReference<"mutation", "internal">;
-    userPatch: FunctionReference<"mutation", "internal">;
-    userUpsert: FunctionReference<"mutation", "internal">;
-    accountGet: FunctionReference<"query", "internal">;
-    accountGetById: FunctionReference<"query", "internal">;
-    accountInsert: FunctionReference<"mutation", "internal">;
-    accountPatch: FunctionReference<"mutation", "internal">;
-    accountDelete: FunctionReference<"mutation", "internal">;
-    sessionCreate: FunctionReference<"mutation", "internal">;
-    sessionGetById: FunctionReference<"query", "internal">;
-    sessionDelete: FunctionReference<"mutation", "internal">;
-    sessionListByUser: FunctionReference<"query", "internal">;
-    verifierCreate: FunctionReference<"mutation", "internal">;
-    verifierGetById: FunctionReference<"query", "internal">;
-    verifierGetBySignature: FunctionReference<"query", "internal">;
-    verifierPatch: FunctionReference<"mutation", "internal">;
-    verifierDelete: FunctionReference<"mutation", "internal">;
-    verificationCodeGetByAccountId: FunctionReference<"query", "internal">;
-    verificationCodeGetByCode: FunctionReference<"query", "internal">;
-    verificationCodeCreate: FunctionReference<"mutation", "internal">;
-    verificationCodeDelete: FunctionReference<"mutation", "internal">;
-    refreshTokenCreate: FunctionReference<"mutation", "internal">;
-    refreshTokenGetById: FunctionReference<"query", "internal">;
-    refreshTokenPatch: FunctionReference<"mutation", "internal">;
-    refreshTokenGetChildren: FunctionReference<"query", "internal">;
-    refreshTokenListBySession: FunctionReference<"query", "internal">;
-    refreshTokenDeleteAll: FunctionReference<"mutation", "internal">;
-    refreshTokenGetActive: FunctionReference<"query", "internal">;
-    rateLimitGet: FunctionReference<"query", "internal">;
-    rateLimitCreate: FunctionReference<"mutation", "internal">;
-    rateLimitPatch: FunctionReference<"mutation", "internal">;
-    rateLimitDelete: FunctionReference<"mutation", "internal">;
-  };
-};
-/** @internal */
-export type AuthDbConfig = { component: AuthComponentApiLike };
-/** @internal */
-export type AuthDb = ReturnType<typeof authDb>;
-/** @internal */
-export function authDb(ctx: CtxLike, config: AuthDbConfig) {
-  const component = config.component;
-  return {
-    users: {
-      getById: (userId: string) =>
-        ctx.runQuery(component.public.userGetById, { userId }),
-      findByVerifiedEmail: (email: string) =>
-        ctx.runQuery(component.public.userFindByVerifiedEmail, { email }),
-      findByVerifiedPhone: (phone: string) =>
-        ctx.runQuery(component.public.userFindByVerifiedPhone, { phone }),
-      insert: (data: Record<string, unknown>) =>
-        ctx.runMutation(component.public.userInsert, {
-          data,
-        }) as Promise<string>,
-      patch: (userId: string, data: Record<string, unknown>) =>
-        ctx.runMutation(component.public.userPatch, { userId, data }),
-      upsert: (userId: string | undefined, data: Record<string, unknown>) =>
-        ctx.runMutation(component.public.userUpsert, {
-          userId,
-          data,
-        }) as Promise<string>,
-    },
-    accounts: {
-      get: (provider: string, providerAccountId: string) =>
-        ctx.runQuery(component.public.accountGet, {
-          provider,
-          providerAccountId,
-        }),
-      getById: (accountId: string) =>
-        ctx.runQuery(component.public.accountGetById, { accountId }),
-      create: (args: {
-        userId: string;
-        provider: string;
-        providerAccountId: string;
-        secret?: string;
-        extend?: Record<string, unknown>;
-      }) =>
-        ctx.runMutation(
-          component.public.accountInsert,
-          args,
-        ) as Promise<string>,
-      patch: (accountId: string, data: Record<string, unknown>) =>
-        ctx.runMutation(component.public.accountPatch, { accountId, data }),
-      delete: (accountId: string) =>
-        ctx.runMutation(component.public.accountDelete, { accountId }),
-    },
-    sessions: {
-      create: (userId: string, expirationTime: number) =>
-        ctx.runMutation(component.public.sessionCreate, {
-          userId,
-          expirationTime,
-        }) as Promise<string>,
-      getById: (sessionId: string) =>
-        ctx.runQuery(component.public.sessionGetById, { sessionId }),
-      delete: (sessionId: string) =>
-        ctx.runMutation(component.public.sessionDelete, { sessionId }),
-      listByUser: (userId: string) =>
-        ctx.runQuery(component.public.sessionListByUser, { userId }),
-    },
-    verifiers: {
-      create: (sessionId?: string) =>
-        ctx.runMutation(component.public.verifierCreate, {
-          sessionId,
-        }) as Promise<string>,
-      getById: (verifierId: string) =>
-        ctx.runQuery(component.public.verifierGetById, { verifierId }),
-      getBySignature: (signature: string) =>
-        ctx.runQuery(component.public.verifierGetBySignature, { signature }),
-      patch: (verifierId: string, data: Record<string, unknown>) =>
-        ctx.runMutation(component.public.verifierPatch, { verifierId, data }),
-      delete: (verifierId: string) =>
-        ctx.runMutation(component.public.verifierDelete, { verifierId }),
-    },
-    verificationCodes: {
-      getByAccountId: (accountId: string) =>
-        ctx.runQuery(component.public.verificationCodeGetByAccountId, {
-          accountId,
-        }),
-      getByCode: (code: string) =>
-        ctx.runQuery(component.public.verificationCodeGetByCode, { code }),
-      create: (args: {
-        accountId: string;
-        provider: string;
-        code: string;
-        expirationTime: number;
-        verifier?: string;
-        emailVerified?: string;
-        phoneVerified?: string;
-      }) => ctx.runMutation(component.public.verificationCodeCreate, args),
-      delete: (verificationCodeId: string) =>
-        ctx.runMutation(component.public.verificationCodeDelete, {
-          verificationCodeId,
-        }),
-    },
-    refreshTokens: {
-      create: (args: {
-        sessionId: string;
-        expirationTime: number;
-        parentRefreshTokenId?: string;
-      }) =>
-        ctx.runMutation(
-          component.public.refreshTokenCreate,
-          args,
-        ) as Promise<string>,
-      getById: (refreshTokenId: string) =>
-        ctx.runQuery(component.public.refreshTokenGetById, { refreshTokenId }),
-      patch: (refreshTokenId: string, data: Record<string, unknown>) =>
-        ctx.runMutation(component.public.refreshTokenPatch, {
-          refreshTokenId,
-          data,
-        }),
-      getChildren: (sessionId: string, parentRefreshTokenId: string) =>
-        ctx.runQuery(component.public.refreshTokenGetChildren, {
-          sessionId,
-          parentRefreshTokenId,
-        }),
-      listBySession: (sessionId: string) =>
-        ctx.runQuery(component.public.refreshTokenListBySession, { sessionId }),
-      deleteAll: (sessionId: string) =>
-        ctx.runMutation(component.public.refreshTokenDeleteAll, { sessionId }),
-      getActive: (sessionId: string) =>
-        ctx.runQuery(component.public.refreshTokenGetActive, { sessionId }),
-    },
-    rateLimits: {
-      get: (identifier: string) =>
-        ctx.runQuery(component.public.rateLimitGet, { identifier }),
-      create: (args: {
-        identifier: string;
-        attemptsLeft: number;
-        lastAttemptTime: number;
-      }) => ctx.runMutation(component.public.rateLimitCreate, args),
-      patch: (rateLimitId: string, data: Record<string, unknown>) =>
-        ctx.runMutation(component.public.rateLimitPatch, { rateLimitId, data }),
-      delete: (rateLimitId: string) =>
-        ctx.runMutation(component.public.rateLimitDelete, { rateLimitId }),
-    },
-  };
-}

package/src/server/device.ts DELETED Viewed

@@ -1,254 +0,0 @@
-/**
- * Server-side device authorization flow logic (RFC 8628).
- *
- * Handles the three phases of the device flow:
- * 1. (default) — Generate a device code + user code pair
- * 2. poll      — Device checks whether the user has authorized yet
- * 3. verify    — Authenticated user links a user code to their session
- *
- * Uses `@oslojs/crypto/random` for code generation and
- * `@oslojs/crypto/sha2` for hashing device codes before storage.
- */
-import { Fx } from "@robelest/fx";
-import { Cv } from "@robelest/fx/convex";
-import { ConvexError } from "convex/values";
-import { userIdFromIdentitySubject } from "./identity";
-import { callSignIn } from "./mutations/index";
-import { DeviceProviderConfig, GenericActionCtxWithAuthConfig } from "./types";
-import {
-  AuthDataModel,
-  SessionInfo,
-  mutateDeviceInsert,
-  queryDeviceByCodeHash,
-  queryDeviceByUserCode,
-  mutateDeviceAuthorize,
-  mutateDeviceUpdateLastPolled,
-  mutateDeviceDelete,
-} from "./types";
-import { generateRandomString, sha256 } from "./utils";
-import { requireEnv } from "./utils";
-type EnrichedActionCtx = GenericActionCtxWithAuthConfig<AuthDataModel>;
-// ============================================================================
-// Constants
-// ============================================================================
-const DEVICE_CODE_ALPHABET =
-  "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
-const DEVICE_CODE_LENGTH = 40;
-const DEVICE_FLOWS = ["create", "poll", "verify"] as const;
-// ============================================================================
-// Create flow
-// ============================================================================
-// ============================================================================
-// Poll flow — pipeline of validations + status dispatch
-// ============================================================================
-// ============================================================================
-// Main dispatch
-// ============================================================================
-type DeviceResult =
-  | {
-      kind: "deviceCode";
-      deviceCode: string;
-      userCode: string;
-      verificationUri: string;
-      verificationUriComplete: string;
-      expiresIn: number;
-      interval: number;
-    }
-  | { kind: "signedIn"; signedIn: SessionInfo | null };
-/** @internal */
-export const handleDevice = (
-  ctx: EnrichedActionCtx,
-  provider: DeviceProviderConfig,
-  args: { params?: Record<string, any> },
-): Fx<DeviceResult, ConvexError<any>> =>
-  Fx.from({
-    ok: async () => {
-      const params = (args.params ?? {}) as Record<string, unknown>;
-      const flow = (typeof params.flow === "string" ? params.flow : "create") as
-        | "create"
-        | "poll"
-        | "verify";
-      if (!DEVICE_FLOWS.some((candidate) => candidate === flow)) {
-        throw Cv.error({
-          code: "DEVICE_MISSING_FLOW",
-          message:
-            "Missing `flow` parameter. Expected one of: create, poll, verify",
-        });
-      }
-      if (flow === "create") {
-        const deviceCode = generateRandomString(
-          DEVICE_CODE_LENGTH,
-          DEVICE_CODE_ALPHABET,
-        );
-        const deviceCodeHash = await sha256(deviceCode);
-        const rawUserCode = generateRandomString(
-          provider.userCodeLength,
-          provider.charset,
-        );
-        const mid = Math.floor(rawUserCode.length / 2);
-        const userCode =
-          rawUserCode.slice(0, mid) + "-" + rawUserCode.slice(mid);
-        const expiresAt = Date.now() + provider.expiresIn * 1000;
-        await mutateDeviceInsert(ctx, {
-          deviceCodeHash,
-          userCode,
-          expiresAt,
-          interval: provider.interval,
-          status: "pending",
-        });
-        const verificationUri =
-          provider.verificationUri ??
-          `${process.env.SITE_URL ?? requireEnv("SITE_URL")}/device`;
-        return {
-          kind: "deviceCode" as const,
-          deviceCode,
-          userCode,
-          verificationUri,
-          verificationUriComplete: `${verificationUri}?user_code=${encodeURIComponent(userCode)}`,
-          expiresIn: provider.expiresIn,
-          interval: provider.interval,
-        };
-      }
-      if (flow === "poll") {
-        if (typeof params.deviceCode !== "string") {
-          throw Cv.error({
-            code: "DEVICE_MISSING_FLOW",
-            message: "Missing `deviceCode` parameter for poll flow.",
-          });
-        }
-        const hash = await sha256(params.deviceCode);
-        const doc = await queryDeviceByCodeHash(ctx, hash);
-        if (doc === null) {
-          throw Cv.error({
-            code: "DEVICE_CODE_EXPIRED",
-            message:
-              "The device code has expired. Please start a new authorization request.",
-          });
-        }
-        if (Date.now() > doc.expiresAt) {
-          await mutateDeviceDelete(ctx, doc._id);
-          throw Cv.error({
-            code: "DEVICE_CODE_EXPIRED",
-            message:
-              "The device code has expired. Please start a new authorization request.",
-          });
-        }
-        if (
-          doc.lastPolledAt !== undefined &&
-          (Date.now() - doc.lastPolledAt) / 1000 < doc.interval
-        ) {
-          throw Cv.error({
-            code: "DEVICE_SLOW_DOWN",
-            message:
-              "Polling too frequently. Increase the interval between requests.",
-          });
-        }
-        await mutateDeviceUpdateLastPolled(ctx, doc._id, Date.now());
-        if (doc.status === "pending") {
-          throw Cv.error({
-            code: "DEVICE_AUTHORIZATION_PENDING",
-            message: "The user has not yet authorized this device.",
-          });
-        }
-        if (doc.status === "denied") {
-          await mutateDeviceDelete(ctx, doc._id);
-          throw Cv.error({
-            code: "DEVICE_CODE_DENIED",
-            message: "The authorization request was denied.",
-          });
-        }
-        if (!doc.userId || !doc.sessionId) {
-          throw Cv.error({
-            code: "INTERNAL_ERROR",
-            message: "Authorized device code missing userId or sessionId",
-          });
-        }
-        await mutateDeviceDelete(ctx, doc._id);
-        const signInResult = await callSignIn(ctx, {
-          userId: doc.userId,
-          sessionId: doc.sessionId,
-          generateTokens: true,
-        });
-        return { kind: "signedIn" as const, signedIn: signInResult };
-      }
-      if (typeof params.userCode !== "string") {
-        throw Cv.error({
-          code: "DEVICE_INVALID_USER_CODE",
-          message: "Missing `userCode` parameter for verify flow.",
-        });
-      }
-      const identity = await ctx.auth.getUserIdentity();
-      if (identity === null) {
-        throw Cv.error({
-          code: "NOT_SIGNED_IN",
-          message: "You must be signed in to authorize a device.",
-        });
-      }
-      const userId = userIdFromIdentitySubject(identity.subject);
-      const doc = await queryDeviceByUserCode(ctx, params.userCode);
-      if (doc === null) {
-        throw Cv.error({
-          code: "DEVICE_INVALID_USER_CODE",
-          message: "Invalid or expired user code.",
-        });
-      }
-      if (Date.now() > doc.expiresAt) {
-        await mutateDeviceDelete(ctx, doc._id);
-        throw Cv.error({
-          code: "DEVICE_CODE_EXPIRED",
-          message:
-            "The device code has expired. Please start a new authorization request.",
-        });
-      }
-      if (doc.status !== "pending") {
-        throw Cv.error({
-          code: "DEVICE_ALREADY_AUTHORIZED",
-          message: "This device code has already been authorized.",
-        });
-      }
-      const signInResult = await callSignIn(ctx, {
-        userId,
-        generateTokens: false,
-      });
-      await mutateDeviceAuthorize(
-        ctx,
-        doc._id,
-        signInResult.userId,
-        signInResult.sessionId,
-      );
-      return { kind: "signedIn" as const, signedIn: null };
-    },
-    err: (e) =>
-      e instanceof ConvexError
-        ? e
-        : Cv.error({
-            code: "INTERNAL_ERROR",
-            message: `Device flow failed: ${String(e)}`,
-          }),
-  });

package/src/server/enterprise/config.ts DELETED Viewed

@@ -1,51 +0,0 @@
-import { asRecord } from "./shared";
-const getProtocolConfig = (config: unknown, protocol: "oidc" | "saml") => {
-  const base = asRecord(config);
-  const direct = base?.[protocol];
-  const viaProtocols = asRecord(base?.protocols)?.[protocol];
-  return asRecord(direct) ?? asRecord(viaProtocols) ?? {};
-};
-/** @internal */
-export function getOidcConfig(config: unknown): Record<string, any> {
-  return getProtocolConfig(config, "oidc");
-}
-/** @internal */
-export function getPublicOidcConfig(config: unknown): Record<string, any> {
-  const oidc = getOidcConfig(config);
-  const { clientSecret: _clientSecret, ...publicOidc } = oidc;
-  return publicOidc;
-}
-/** @internal */
-export function withOidcSecretState(
-  config: Record<string, any>,
-  hasClientSecret: boolean,
-) {
-  return {
-    ...config,
-    hasClientSecret,
-  };
-}
-/** @internal */
-export function getSamlConfig(config: unknown): Record<string, any> {
-  return getProtocolConfig(config, "saml");
-}
-/** @internal */
-export function upsertProtocolConfig(
-  config: unknown,
-  protocol: "oidc" | "saml",
-  protocolConfig: Record<string, unknown>,
-) {
-  const base = asRecord(config) ?? {};
-  const protocols = asRecord(base.protocols) ?? {};
-  protocols[protocol] = {
-    ...asRecord(protocols[protocol]),
-    ...protocolConfig,
-  };
-  return { ...base, protocols };
-}