@robelest/convex-auth 0.0.4-preview.25 → 0.0.4-preview.28
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +43 -36
- package/dist/bin.js +5765 -4880
- package/dist/browser/index.d.ts +30 -0
- package/dist/browser/index.js +93 -0
- package/dist/browser/locks.js +11 -0
- package/dist/browser/navigation.js +14 -0
- package/dist/{factors → browser}/passkey.js +23 -32
- package/dist/browser/runtime.js +92 -0
- package/dist/client/core/types.d.ts +452 -5
- package/dist/client/core/types.js +17 -0
- package/dist/client/errors.js +19 -0
- package/dist/client/factors/device.js +94 -0
- package/dist/{factors → client/factors}/totp.js +12 -4
- package/dist/client/index.d.ts +47 -1
- package/dist/client/index.js +269 -232
- package/dist/client/runtime/mutex.js +24 -0
- package/dist/client/runtime/proxy.js +30 -0
- package/dist/client/runtime/storage.js +45 -0
- package/dist/client/services/adapters.js +7 -0
- package/dist/client/services/http.js +6 -0
- package/dist/client/services/resolve.js +13 -0
- package/dist/client/services/runtime.js +6 -0
- package/dist/component/_generated/component.d.ts +1355 -1399
- package/dist/component/convex.config.d.ts +2 -2
- package/dist/component/index.d.ts +4 -26
- package/dist/component/index.js +1 -1
- package/dist/component/model.d.ts +26 -112
- package/dist/component/model.js +76 -54
- package/dist/component/modules.js +38 -0
- package/dist/component/public/factors/devices.js +1 -1
- package/dist/component/public/factors/passkeys.js +1 -1
- package/dist/component/public/factors/totp.js +1 -1
- package/dist/component/public/groups/core.js +2 -2
- package/dist/component/public/groups/invites.js +1 -1
- package/dist/component/public/groups/members.js +1 -1
- package/dist/component/public/identity/accounts.js +1 -1
- package/dist/component/public/identity/codes.js +1 -1
- package/dist/component/public/identity/sessions.js +39 -2
- package/dist/component/public/identity/tokens.js +82 -4
- package/dist/component/public/identity/users.js +1 -1
- package/dist/component/public/identity/verifiers.js +10 -4
- package/dist/component/public/security/keys.js +1 -1
- package/dist/component/public/security/limits.js +1 -1
- package/dist/component/public/{enterprise → sso}/audit.js +26 -26
- package/dist/component/public/sso/core.js +263 -0
- package/dist/component/public/sso/domains.js +280 -0
- package/dist/component/public/{enterprise → sso}/scim.js +87 -87
- package/dist/component/public/sso/secrets.js +125 -0
- package/dist/component/public/{enterprise → sso}/webhooks.js +59 -59
- package/dist/component/public.js +9 -9
- package/dist/component/schema.d.ts +472 -393
- package/dist/component/schema.js +36 -35
- package/dist/core/index.d.ts +380 -0
- package/dist/core/index.js +83 -0
- package/dist/otel.d.ts +69 -0
- package/dist/otel.js +82 -0
- package/dist/providers/anonymous.d.ts +15 -34
- package/dist/providers/anonymous.js +27 -35
- package/dist/providers/apple.d.ts +59 -0
- package/dist/providers/apple.js +58 -0
- package/dist/providers/credentials.d.ts +18 -34
- package/dist/providers/credentials.js +16 -27
- package/dist/providers/custom.d.ts +94 -0
- package/dist/providers/custom.js +119 -0
- package/dist/providers/device.d.ts +15 -49
- package/dist/providers/device.js +17 -34
- package/dist/providers/email.d.ts +21 -38
- package/dist/providers/email.js +36 -55
- package/dist/providers/github.d.ts +54 -0
- package/dist/providers/github.js +75 -0
- package/dist/providers/google.d.ts +54 -0
- package/dist/providers/google.js +61 -0
- package/dist/providers/index.d.ts +16 -12
- package/dist/providers/index.js +15 -11
- package/dist/providers/microsoft.d.ts +57 -0
- package/dist/providers/microsoft.js +101 -0
- package/dist/providers/passkey.d.ts +19 -35
- package/dist/providers/passkey.js +20 -30
- package/dist/providers/password.d.ts +17 -18
- package/dist/providers/password.js +121 -143
- package/dist/providers/phone.d.ts +13 -28
- package/dist/providers/phone.js +21 -46
- package/dist/providers/sso.d.ts +16 -36
- package/dist/providers/sso.js +21 -22
- package/dist/providers/totp.d.ts +13 -29
- package/dist/providers/totp.js +17 -27
- package/dist/server/auth-context.d.ts +204 -0
- package/dist/server/auth-context.js +76 -0
- package/dist/server/auth.d.ts +99 -244
- package/dist/server/auth.js +56 -152
- package/dist/server/componentContext.d.ts +12 -0
- package/dist/server/componentContext.js +1 -0
- package/dist/server/config.js +6 -67
- package/dist/server/constants.js +6 -0
- package/dist/server/contract.d.ts +105 -0
- package/dist/server/contract.js +43 -0
- package/dist/server/cookies.js +3 -2
- package/dist/server/core.js +31 -36
- package/dist/server/crypto.js +34 -44
- package/dist/server/db.js +6 -1
- package/dist/server/device.js +96 -130
- package/dist/server/env.js +48 -0
- package/dist/server/errors.js +20 -0
- package/dist/server/http.d.ts +15 -59
- package/dist/server/http.js +136 -120
- package/dist/server/identity.js +2 -2
- package/dist/server/index.d.ts +5 -4
- package/dist/server/index.js +3 -3
- package/dist/server/keys.js +10 -1
- package/dist/server/limits.js +26 -26
- package/dist/server/log.js +28 -0
- package/dist/server/mounts.d.ts +1107 -296
- package/dist/server/mounts.js +315 -196
- package/dist/server/mutations/account.js +11 -14
- package/dist/server/mutations/code.js +6 -5
- package/dist/server/mutations/invalidate.js +9 -11
- package/dist/server/mutations/oauth.js +112 -73
- package/dist/server/mutations/refresh.js +47 -97
- package/dist/server/mutations/register.js +37 -35
- package/dist/server/mutations/retrieve.js +16 -16
- package/dist/server/mutations/signature.js +15 -18
- package/dist/server/mutations/signin.js +10 -5
- package/dist/server/mutations/signout.js +11 -14
- package/dist/server/mutations/store.js +25 -18
- package/dist/server/mutations/verifier.js +11 -8
- package/dist/server/mutations/verify.js +53 -41
- package/dist/server/oauth/factory.js +44 -0
- package/dist/server/oauth/index.js +12 -0
- package/dist/server/oauth/runtime.js +248 -0
- package/dist/server/passkey.js +331 -365
- package/dist/server/payloads.d.ts +16 -0
- package/dist/server/payloads.js +30 -0
- package/dist/server/{ssr.d.ts → prefetch.d.ts} +2 -2
- package/dist/server/prefetch.js +635 -0
- package/dist/server/random.js +19 -0
- package/dist/server/redirects.js +10 -5
- package/dist/server/refresh.js +14 -86
- package/dist/server/runtime.d.ts +531 -31
- package/dist/server/runtime.js +106 -267
- package/dist/server/secret.js +44 -0
- package/dist/server/services/config.js +10 -0
- package/dist/server/services/group.js +211 -0
- package/dist/server/services/logger.js +8 -0
- package/dist/server/services/providers.js +22 -0
- package/dist/server/services/refresh.js +8 -0
- package/dist/server/services/resolve.js +27 -0
- package/dist/server/services/signin.js +8 -0
- package/dist/server/sessions.js +35 -34
- package/dist/server/signin.js +229 -140
- package/dist/server/{enterprise → sso}/config.js +10 -3
- package/dist/server/sso/domain.d.ts +614 -0
- package/dist/server/sso/domain.js +1175 -0
- package/dist/server/sso/http.js +1060 -0
- package/dist/server/sso/oidc.js +324 -0
- package/dist/server/sso/policies.js +59 -0
- package/dist/server/sso/policy.js +139 -0
- package/dist/server/sso/profile.js +22 -0
- package/dist/server/sso/provision.js +179 -0
- package/dist/{component/server/enterprise → server/sso}/saml.js +142 -56
- package/dist/{component/server/enterprise → server/sso}/scim.js +13 -7
- package/dist/server/sso/shared.js +74 -0
- package/dist/server/sso/validators.js +88 -0
- package/dist/server/sso/webhook.js +94 -0
- package/dist/server/tokens.js +16 -4
- package/dist/server/totp.js +155 -164
- package/dist/server/types.d.ts +306 -296
- package/dist/server/types.js +1 -30
- package/dist/server/url.js +32 -0
- package/dist/server/users.js +74 -40
- package/dist/server/utils/cache.js +51 -0
- package/dist/server/utils/dispatch.js +36 -0
- package/dist/server/utils/retry.js +24 -0
- package/dist/server/utils/span.js +32 -0
- package/dist/shared/errors.js +19 -0
- package/dist/shared/log.js +45 -0
- package/{src/test.ts → dist/test.d.ts} +21 -22
- package/dist/test.js +51 -0
- package/package.json +70 -42
- package/dist/authorization/index.d.ts.map +0 -1
- package/dist/authorization/index.js.map +0 -1
- package/dist/client/core/types.d.ts.map +0 -1
- package/dist/client/index.d.ts.map +0 -1
- package/dist/client/index.js.map +0 -1
- package/dist/component/_generated/api.d.ts +0 -75
- package/dist/component/_generated/api.d.ts.map +0 -1
- package/dist/component/_generated/api.js.map +0 -1
- package/dist/component/_generated/component.d.ts.map +0 -1
- package/dist/component/_generated/dataModel.d.ts +0 -42
- package/dist/component/_generated/dataModel.d.ts.map +0 -1
- package/dist/component/_generated/server.d.ts +0 -117
- package/dist/component/_generated/server.d.ts.map +0 -1
- package/dist/component/_generated/server.js.map +0 -1
- package/dist/component/_virtual/rolldown_runtime.js +0 -18
- package/dist/component/client/core/types.d.ts +0 -2
- package/dist/component/client/index.d.ts +0 -1
- package/dist/component/convex.config.d.ts.map +0 -1
- package/dist/component/convex.config.js.map +0 -1
- package/dist/component/functions.d.ts +0 -25
- package/dist/component/functions.d.ts.map +0 -1
- package/dist/component/functions.js.map +0 -1
- package/dist/component/index.d.ts.map +0 -1
- package/dist/component/model.d.ts.map +0 -1
- package/dist/component/model.js.map +0 -1
- package/dist/component/providers/anonymous.d.ts +0 -54
- package/dist/component/providers/anonymous.d.ts.map +0 -1
- package/dist/component/providers/credentials.d.ts +0 -38
- package/dist/component/providers/credentials.d.ts.map +0 -1
- package/dist/component/providers/device.d.ts +0 -67
- package/dist/component/providers/device.d.ts.map +0 -1
- package/dist/component/providers/email.d.ts +0 -62
- package/dist/component/providers/email.d.ts.map +0 -1
- package/dist/component/providers/oauth.d.ts +0 -25
- package/dist/component/providers/oauth.d.ts.map +0 -1
- package/dist/component/providers/oauth.js +0 -13
- package/dist/component/providers/oauth.js.map +0 -1
- package/dist/component/providers/passkey.d.ts +0 -57
- package/dist/component/providers/passkey.d.ts.map +0 -1
- package/dist/component/providers/password.d.ts +0 -88
- package/dist/component/providers/password.d.ts.map +0 -1
- package/dist/component/providers/phone.d.ts +0 -48
- package/dist/component/providers/phone.d.ts.map +0 -1
- package/dist/component/providers/sso.d.ts +0 -50
- package/dist/component/providers/sso.d.ts.map +0 -1
- package/dist/component/providers/totp.d.ts +0 -45
- package/dist/component/providers/totp.d.ts.map +0 -1
- package/dist/component/public/enterprise/audit.d.ts +0 -73
- package/dist/component/public/enterprise/audit.d.ts.map +0 -1
- package/dist/component/public/enterprise/audit.js.map +0 -1
- package/dist/component/public/enterprise/core.d.ts +0 -176
- package/dist/component/public/enterprise/core.d.ts.map +0 -1
- package/dist/component/public/enterprise/core.js +0 -292
- package/dist/component/public/enterprise/core.js.map +0 -1
- package/dist/component/public/enterprise/domains.d.ts +0 -174
- package/dist/component/public/enterprise/domains.d.ts.map +0 -1
- package/dist/component/public/enterprise/domains.js +0 -271
- package/dist/component/public/enterprise/domains.js.map +0 -1
- package/dist/component/public/enterprise/scim.d.ts +0 -245
- package/dist/component/public/enterprise/scim.d.ts.map +0 -1
- package/dist/component/public/enterprise/scim.js.map +0 -1
- package/dist/component/public/enterprise/secrets.d.ts +0 -78
- package/dist/component/public/enterprise/secrets.d.ts.map +0 -1
- package/dist/component/public/enterprise/secrets.js +0 -118
- package/dist/component/public/enterprise/secrets.js.map +0 -1
- package/dist/component/public/enterprise/webhooks.d.ts +0 -211
- package/dist/component/public/enterprise/webhooks.d.ts.map +0 -1
- package/dist/component/public/enterprise/webhooks.js.map +0 -1
- package/dist/component/public/factors/devices.d.ts +0 -157
- package/dist/component/public/factors/devices.d.ts.map +0 -1
- package/dist/component/public/factors/devices.js.map +0 -1
- package/dist/component/public/factors/passkeys.d.ts +0 -175
- package/dist/component/public/factors/passkeys.d.ts.map +0 -1
- package/dist/component/public/factors/passkeys.js.map +0 -1
- package/dist/component/public/factors/totp.d.ts +0 -189
- package/dist/component/public/factors/totp.d.ts.map +0 -1
- package/dist/component/public/factors/totp.js.map +0 -1
- package/dist/component/public/groups/core.d.ts +0 -137
- package/dist/component/public/groups/core.d.ts.map +0 -1
- package/dist/component/public/groups/core.js.map +0 -1
- package/dist/component/public/groups/invites.d.ts +0 -217
- package/dist/component/public/groups/invites.d.ts.map +0 -1
- package/dist/component/public/groups/invites.js.map +0 -1
- package/dist/component/public/groups/members.d.ts +0 -204
- package/dist/component/public/groups/members.d.ts.map +0 -1
- package/dist/component/public/groups/members.js.map +0 -1
- package/dist/component/public/identity/accounts.d.ts +0 -147
- package/dist/component/public/identity/accounts.d.ts.map +0 -1
- package/dist/component/public/identity/accounts.js.map +0 -1
- package/dist/component/public/identity/codes.d.ts +0 -104
- package/dist/component/public/identity/codes.d.ts.map +0 -1
- package/dist/component/public/identity/codes.js.map +0 -1
- package/dist/component/public/identity/sessions.d.ts +0 -128
- package/dist/component/public/identity/sessions.d.ts.map +0 -1
- package/dist/component/public/identity/sessions.js.map +0 -1
- package/dist/component/public/identity/tokens.d.ts +0 -169
- package/dist/component/public/identity/tokens.d.ts.map +0 -1
- package/dist/component/public/identity/tokens.js.map +0 -1
- package/dist/component/public/identity/users.d.ts +0 -212
- package/dist/component/public/identity/users.d.ts.map +0 -1
- package/dist/component/public/identity/users.js.map +0 -1
- package/dist/component/public/identity/verifiers.d.ts +0 -116
- package/dist/component/public/identity/verifiers.d.ts.map +0 -1
- package/dist/component/public/identity/verifiers.js.map +0 -1
- package/dist/component/public/security/keys.d.ts +0 -209
- package/dist/component/public/security/keys.d.ts.map +0 -1
- package/dist/component/public/security/keys.js.map +0 -1
- package/dist/component/public/security/limits.d.ts +0 -114
- package/dist/component/public/security/limits.d.ts.map +0 -1
- package/dist/component/public/security/limits.js.map +0 -1
- package/dist/component/public.d.ts +0 -28
- package/dist/component/public.d.ts.map +0 -1
- package/dist/component/schema.d.ts.map +0 -1
- package/dist/component/schema.js.map +0 -1
- package/dist/component/server/auth.d.ts +0 -447
- package/dist/component/server/auth.d.ts.map +0 -1
- package/dist/component/server/auth.js +0 -254
- package/dist/component/server/auth.js.map +0 -1
- package/dist/component/server/config.js +0 -121
- package/dist/component/server/config.js.map +0 -1
- package/dist/component/server/context.js +0 -53
- package/dist/component/server/context.js.map +0 -1
- package/dist/component/server/cookies.js +0 -47
- package/dist/component/server/cookies.js.map +0 -1
- package/dist/component/server/core.js +0 -576
- package/dist/component/server/core.js.map +0 -1
- package/dist/component/server/crypto.js +0 -56
- package/dist/component/server/crypto.js.map +0 -1
- package/dist/component/server/db.js +0 -87
- package/dist/component/server/db.js.map +0 -1
- package/dist/component/server/device.js +0 -152
- package/dist/component/server/device.js.map +0 -1
- package/dist/component/server/enterprise/config.js +0 -46
- package/dist/component/server/enterprise/config.js.map +0 -1
- package/dist/component/server/enterprise/domain.js +0 -974
- package/dist/component/server/enterprise/domain.js.map +0 -1
- package/dist/component/server/enterprise/http.js +0 -787
- package/dist/component/server/enterprise/http.js.map +0 -1
- package/dist/component/server/enterprise/oidc.js +0 -248
- package/dist/component/server/enterprise/oidc.js.map +0 -1
- package/dist/component/server/enterprise/policy.js +0 -85
- package/dist/component/server/enterprise/policy.js.map +0 -1
- package/dist/component/server/enterprise/saml.js.map +0 -1
- package/dist/component/server/enterprise/scim.js.map +0 -1
- package/dist/component/server/enterprise/shared.js +0 -51
- package/dist/component/server/enterprise/shared.js.map +0 -1
- package/dist/component/server/http.d.ts +0 -85
- package/dist/component/server/http.d.ts.map +0 -1
- package/dist/component/server/http.js +0 -351
- package/dist/component/server/http.js.map +0 -1
- package/dist/component/server/identity.js +0 -16
- package/dist/component/server/identity.js.map +0 -1
- package/dist/component/server/keys.js +0 -96
- package/dist/component/server/keys.js.map +0 -1
- package/dist/component/server/limits.js +0 -52
- package/dist/component/server/limits.js.map +0 -1
- package/dist/component/server/mutations/account.js +0 -46
- package/dist/component/server/mutations/account.js.map +0 -1
- package/dist/component/server/mutations/code.js +0 -68
- package/dist/component/server/mutations/code.js.map +0 -1
- package/dist/component/server/mutations/invalidate.js +0 -32
- package/dist/component/server/mutations/invalidate.js.map +0 -1
- package/dist/component/server/mutations/oauth.js +0 -116
- package/dist/component/server/mutations/oauth.js.map +0 -1
- package/dist/component/server/mutations/refresh.js +0 -119
- package/dist/component/server/mutations/refresh.js.map +0 -1
- package/dist/component/server/mutations/register.js +0 -87
- package/dist/component/server/mutations/register.js.map +0 -1
- package/dist/component/server/mutations/retrieve.js +0 -61
- package/dist/component/server/mutations/retrieve.js.map +0 -1
- package/dist/component/server/mutations/signature.js +0 -38
- package/dist/component/server/mutations/signature.js.map +0 -1
- package/dist/component/server/mutations/signin.js +0 -27
- package/dist/component/server/mutations/signin.js.map +0 -1
- package/dist/component/server/mutations/signout.js +0 -27
- package/dist/component/server/mutations/signout.js.map +0 -1
- package/dist/component/server/mutations/store/refs.js +0 -15
- package/dist/component/server/mutations/store/refs.js.map +0 -1
- package/dist/component/server/mutations/store.js +0 -70
- package/dist/component/server/mutations/store.js.map +0 -1
- package/dist/component/server/mutations/verifier.js +0 -18
- package/dist/component/server/mutations/verifier.js.map +0 -1
- package/dist/component/server/mutations/verify.js +0 -98
- package/dist/component/server/mutations/verify.js.map +0 -1
- package/dist/component/server/oauth.js +0 -242
- package/dist/component/server/oauth.js.map +0 -1
- package/dist/component/server/passkey.js +0 -415
- package/dist/component/server/passkey.js.map +0 -1
- package/dist/component/server/redirects.js +0 -40
- package/dist/component/server/redirects.js.map +0 -1
- package/dist/component/server/refresh.js +0 -99
- package/dist/component/server/refresh.js.map +0 -1
- package/dist/component/server/runtime.d.ts +0 -136
- package/dist/component/server/runtime.d.ts.map +0 -1
- package/dist/component/server/runtime.js +0 -456
- package/dist/component/server/runtime.js.map +0 -1
- package/dist/component/server/sessions.js +0 -71
- package/dist/component/server/sessions.js.map +0 -1
- package/dist/component/server/signin.js +0 -225
- package/dist/component/server/signin.js.map +0 -1
- package/dist/component/server/tokens.js +0 -17
- package/dist/component/server/tokens.js.map +0 -1
- package/dist/component/server/totp.js +0 -208
- package/dist/component/server/totp.js.map +0 -1
- package/dist/component/server/types.d.ts +0 -949
- package/dist/component/server/types.d.ts.map +0 -1
- package/dist/component/server/types.js +0 -79
- package/dist/component/server/types.js.map +0 -1
- package/dist/component/server/users.js +0 -123
- package/dist/component/server/users.js.map +0 -1
- package/dist/component/server/utils.js +0 -140
- package/dist/component/server/utils.js.map +0 -1
- package/dist/core/types.d.ts +0 -361
- package/dist/core/types.d.ts.map +0 -1
- package/dist/factors/device.js +0 -104
- package/dist/factors/device.js.map +0 -1
- package/dist/factors/passkey.js.map +0 -1
- package/dist/factors/totp.js.map +0 -1
- package/dist/providers/anonymous.d.ts.map +0 -1
- package/dist/providers/anonymous.js.map +0 -1
- package/dist/providers/credentials.d.ts.map +0 -1
- package/dist/providers/credentials.js.map +0 -1
- package/dist/providers/device.d.ts.map +0 -1
- package/dist/providers/device.js.map +0 -1
- package/dist/providers/email.d.ts.map +0 -1
- package/dist/providers/email.js.map +0 -1
- package/dist/providers/oauth.d.ts +0 -69
- package/dist/providers/oauth.d.ts.map +0 -1
- package/dist/providers/oauth.js +0 -43
- package/dist/providers/oauth.js.map +0 -1
- package/dist/providers/passkey.d.ts.map +0 -1
- package/dist/providers/passkey.js.map +0 -1
- package/dist/providers/password.d.ts.map +0 -1
- package/dist/providers/password.js.map +0 -1
- package/dist/providers/phone.d.ts.map +0 -1
- package/dist/providers/phone.js.map +0 -1
- package/dist/providers/sso.d.ts.map +0 -1
- package/dist/providers/sso.js.map +0 -1
- package/dist/providers/totp.d.ts.map +0 -1
- package/dist/providers/totp.js.map +0 -1
- package/dist/runtime/browser.js +0 -68
- package/dist/runtime/browser.js.map +0 -1
- package/dist/runtime/invite.js.map +0 -1
- package/dist/runtime/proxy.js +0 -70
- package/dist/runtime/proxy.js.map +0 -1
- package/dist/runtime/storage.js +0 -37
- package/dist/runtime/storage.js.map +0 -1
- package/dist/server/auth.d.ts.map +0 -1
- package/dist/server/auth.js.map +0 -1
- package/dist/server/config.d.ts +0 -1
- package/dist/server/config.js.map +0 -1
- package/dist/server/context.d.ts +0 -1
- package/dist/server/context.js.map +0 -1
- package/dist/server/cookies.d.ts +0 -1
- package/dist/server/cookies.js.map +0 -1
- package/dist/server/core.d.ts +0 -1315
- package/dist/server/core.d.ts.map +0 -1
- package/dist/server/core.js.map +0 -1
- package/dist/server/crypto.d.ts +0 -8
- package/dist/server/crypto.d.ts.map +0 -1
- package/dist/server/crypto.js.map +0 -1
- package/dist/server/db.d.ts +0 -1
- package/dist/server/db.js.map +0 -1
- package/dist/server/device.d.ts +0 -1
- package/dist/server/device.js.map +0 -1
- package/dist/server/enterprise/config.d.ts +0 -1
- package/dist/server/enterprise/config.js.map +0 -1
- package/dist/server/enterprise/domain.d.ts +0 -401
- package/dist/server/enterprise/domain.d.ts.map +0 -1
- package/dist/server/enterprise/domain.js +0 -974
- package/dist/server/enterprise/domain.js.map +0 -1
- package/dist/server/enterprise/http.d.ts +0 -26
- package/dist/server/enterprise/http.d.ts.map +0 -1
- package/dist/server/enterprise/http.js +0 -787
- package/dist/server/enterprise/http.js.map +0 -1
- package/dist/server/enterprise/oidc.d.ts +0 -1
- package/dist/server/enterprise/oidc.js +0 -248
- package/dist/server/enterprise/oidc.js.map +0 -1
- package/dist/server/enterprise/policy.d.ts +0 -1
- package/dist/server/enterprise/policy.js +0 -85
- package/dist/server/enterprise/policy.js.map +0 -1
- package/dist/server/enterprise/saml.d.ts +0 -1
- package/dist/server/enterprise/saml.js +0 -338
- package/dist/server/enterprise/saml.js.map +0 -1
- package/dist/server/enterprise/scim.d.ts +0 -1
- package/dist/server/enterprise/scim.js +0 -97
- package/dist/server/enterprise/scim.js.map +0 -1
- package/dist/server/enterprise/shared.d.ts +0 -5
- package/dist/server/enterprise/shared.d.ts.map +0 -1
- package/dist/server/enterprise/shared.js +0 -51
- package/dist/server/enterprise/shared.js.map +0 -1
- package/dist/server/enterprise/validators.d.ts +0 -1
- package/dist/server/enterprise/validators.js +0 -60
- package/dist/server/enterprise/validators.js.map +0 -1
- package/dist/server/http.d.ts.map +0 -1
- package/dist/server/http.js.map +0 -1
- package/dist/server/identity.d.ts +0 -1
- package/dist/server/identity.js.map +0 -1
- package/dist/server/keys.d.ts +0 -1
- package/dist/server/keys.js.map +0 -1
- package/dist/server/limits.d.ts +0 -1
- package/dist/server/limits.js.map +0 -1
- package/dist/server/mounts.d.ts.map +0 -1
- package/dist/server/mounts.js.map +0 -1
- package/dist/server/mutations/account.d.ts +0 -29
- package/dist/server/mutations/account.d.ts.map +0 -1
- package/dist/server/mutations/account.js.map +0 -1
- package/dist/server/mutations/code.d.ts +0 -30
- package/dist/server/mutations/code.d.ts.map +0 -1
- package/dist/server/mutations/code.js.map +0 -1
- package/dist/server/mutations/index.d.ts +0 -14
- package/dist/server/mutations/invalidate.d.ts +0 -20
- package/dist/server/mutations/invalidate.d.ts.map +0 -1
- package/dist/server/mutations/invalidate.js.map +0 -1
- package/dist/server/mutations/oauth.d.ts +0 -30
- package/dist/server/mutations/oauth.d.ts.map +0 -1
- package/dist/server/mutations/oauth.js.map +0 -1
- package/dist/server/mutations/refresh.d.ts +0 -21
- package/dist/server/mutations/refresh.d.ts.map +0 -1
- package/dist/server/mutations/refresh.js.map +0 -1
- package/dist/server/mutations/register.d.ts +0 -38
- package/dist/server/mutations/register.d.ts.map +0 -1
- package/dist/server/mutations/register.js.map +0 -1
- package/dist/server/mutations/retrieve.d.ts +0 -33
- package/dist/server/mutations/retrieve.d.ts.map +0 -1
- package/dist/server/mutations/retrieve.js.map +0 -1
- package/dist/server/mutations/signature.d.ts +0 -21
- package/dist/server/mutations/signature.d.ts.map +0 -1
- package/dist/server/mutations/signature.js.map +0 -1
- package/dist/server/mutations/signin.d.ts +0 -22
- package/dist/server/mutations/signin.d.ts.map +0 -1
- package/dist/server/mutations/signin.js.map +0 -1
- package/dist/server/mutations/signout.d.ts +0 -16
- package/dist/server/mutations/signout.d.ts.map +0 -1
- package/dist/server/mutations/signout.js.map +0 -1
- package/dist/server/mutations/store/refs.d.ts +0 -12
- package/dist/server/mutations/store/refs.d.ts.map +0 -1
- package/dist/server/mutations/store/refs.js.map +0 -1
- package/dist/server/mutations/store.d.ts +0 -306
- package/dist/server/mutations/store.d.ts.map +0 -1
- package/dist/server/mutations/store.js.map +0 -1
- package/dist/server/mutations/verifier.d.ts +0 -13
- package/dist/server/mutations/verifier.d.ts.map +0 -1
- package/dist/server/mutations/verifier.js.map +0 -1
- package/dist/server/mutations/verify.d.ts +0 -26
- package/dist/server/mutations/verify.d.ts.map +0 -1
- package/dist/server/mutations/verify.js.map +0 -1
- package/dist/server/oauth.d.ts +0 -1
- package/dist/server/oauth.js +0 -242
- package/dist/server/oauth.js.map +0 -1
- package/dist/server/passkey.d.ts +0 -27
- package/dist/server/passkey.d.ts.map +0 -1
- package/dist/server/passkey.js.map +0 -1
- package/dist/server/redirects.d.ts +0 -1
- package/dist/server/redirects.js.map +0 -1
- package/dist/server/refresh.d.ts +0 -1
- package/dist/server/refresh.js.map +0 -1
- package/dist/server/runtime.d.ts.map +0 -1
- package/dist/server/runtime.js.map +0 -1
- package/dist/server/sessions.d.ts +0 -1
- package/dist/server/sessions.js.map +0 -1
- package/dist/server/signin.d.ts +0 -1
- package/dist/server/signin.js.map +0 -1
- package/dist/server/ssr.d.ts.map +0 -1
- package/dist/server/ssr.js +0 -777
- package/dist/server/ssr.js.map +0 -1
- package/dist/server/templates.d.ts +0 -1
- package/dist/server/templates.js.map +0 -1
- package/dist/server/tokens.d.ts +0 -1
- package/dist/server/tokens.js.map +0 -1
- package/dist/server/totp.d.ts +0 -1
- package/dist/server/totp.js.map +0 -1
- package/dist/server/types.d.ts.map +0 -1
- package/dist/server/types.js.map +0 -1
- package/dist/server/users.d.ts +0 -1
- package/dist/server/users.js.map +0 -1
- package/dist/server/utils.d.ts +0 -1
- package/dist/server/utils.js +0 -140
- package/dist/server/utils.js.map +0 -1
- package/src/authorization/index.ts +0 -83
- package/src/cli/bin.ts +0 -5
- package/src/cli/command.ts +0 -70
- package/src/cli/index.ts +0 -1112
- package/src/cli/keys.ts +0 -23
- package/src/client/core/types.ts +0 -437
- package/src/client/factors/device.ts +0 -158
- package/src/client/factors/passkey.ts +0 -279
- package/src/client/factors/totp.ts +0 -150
- package/src/client/index.ts +0 -1124
- package/src/client/runtime/browser.ts +0 -112
- package/src/client/runtime/invite.ts +0 -63
- package/src/client/runtime/proxy.ts +0 -111
- package/src/client/runtime/storage.ts +0 -79
- package/src/component/_generated/api.ts +0 -96
- package/src/component/_generated/component.ts +0 -3774
- package/src/component/_generated/dataModel.ts +0 -60
- package/src/component/_generated/server.ts +0 -156
- package/src/component/convex.config.ts +0 -5
- package/src/component/functions.ts +0 -104
- package/src/component/index.ts +0 -42
- package/src/component/model.ts +0 -449
- package/src/component/public/enterprise/audit.ts +0 -125
- package/src/component/public/enterprise/core.ts +0 -355
- package/src/component/public/enterprise/domains.ts +0 -327
- package/src/component/public/enterprise/scim.ts +0 -397
- package/src/component/public/enterprise/secrets.ts +0 -133
- package/src/component/public/enterprise/webhooks.ts +0 -307
- package/src/component/public/factors/devices.ts +0 -224
- package/src/component/public/factors/passkeys.ts +0 -243
- package/src/component/public/factors/totp.ts +0 -259
- package/src/component/public/groups/core.ts +0 -481
- package/src/component/public/groups/invites.ts +0 -608
- package/src/component/public/groups/members.ts +0 -410
- package/src/component/public/identity/accounts.ts +0 -207
- package/src/component/public/identity/codes.ts +0 -149
- package/src/component/public/identity/sessions.ts +0 -210
- package/src/component/public/identity/tokens.ts +0 -251
- package/src/component/public/identity/users.ts +0 -355
- package/src/component/public/identity/verifiers.ts +0 -158
- package/src/component/public/security/keys.ts +0 -366
- package/src/component/public/security/limits.ts +0 -174
- package/src/component/public.ts +0 -27
- package/src/component/schema.ts +0 -505
- package/src/providers/anonymous.ts +0 -99
- package/src/providers/credentials.ts +0 -102
- package/src/providers/device.ts +0 -87
- package/src/providers/email.ts +0 -99
- package/src/providers/index.ts +0 -31
- package/src/providers/oauth.ts +0 -117
- package/src/providers/passkey.ts +0 -77
- package/src/providers/password.ts +0 -441
- package/src/providers/phone.ts +0 -93
- package/src/providers/sso.ts +0 -54
- package/src/providers/totp.ts +0 -62
- package/src/samlify.d.ts +0 -53
- package/src/server/auth.ts +0 -949
- package/src/server/config.ts +0 -200
- package/src/server/context.ts +0 -90
- package/src/server/cookies.ts +0 -49
- package/src/server/core.ts +0 -2004
- package/src/server/crypto.ts +0 -90
- package/src/server/db.ts +0 -203
- package/src/server/device.ts +0 -254
- package/src/server/enterprise/config.ts +0 -51
- package/src/server/enterprise/domain.ts +0 -1739
- package/src/server/enterprise/http.ts +0 -1331
- package/src/server/enterprise/oidc.ts +0 -500
- package/src/server/enterprise/policy.ts +0 -128
- package/src/server/enterprise/saml.ts +0 -578
- package/src/server/enterprise/scim.ts +0 -135
- package/src/server/enterprise/shared.ts +0 -134
- package/src/server/enterprise/validators.ts +0 -93
- package/src/server/http.ts +0 -790
- package/src/server/identity.ts +0 -18
- package/src/server/index.ts +0 -40
- package/src/server/keys.ts +0 -158
- package/src/server/limits.ts +0 -107
- package/src/server/mounts.ts +0 -924
- package/src/server/mutations/account.ts +0 -62
- package/src/server/mutations/code.ts +0 -119
- package/src/server/mutations/index.ts +0 -13
- package/src/server/mutations/invalidate.ts +0 -50
- package/src/server/mutations/oauth.ts +0 -243
- package/src/server/mutations/refresh.ts +0 -299
- package/src/server/mutations/register.ts +0 -155
- package/src/server/mutations/retrieve.ts +0 -109
- package/src/server/mutations/signature.ts +0 -57
- package/src/server/mutations/signin.ts +0 -54
- package/src/server/mutations/signout.ts +0 -43
- package/src/server/mutations/store/refs.ts +0 -10
- package/src/server/mutations/store.ts +0 -123
- package/src/server/mutations/verifier.ts +0 -34
- package/src/server/mutations/verify.ts +0 -200
- package/src/server/oauth.ts +0 -418
- package/src/server/passkey.ts +0 -838
- package/src/server/redirects.ts +0 -59
- package/src/server/refresh.ts +0 -218
- package/src/server/runtime.ts +0 -918
- package/src/server/sessions.ts +0 -132
- package/src/server/signin.ts +0 -445
- package/src/server/ssr.ts +0 -1747
- package/src/server/templates.ts +0 -82
- package/src/server/tokens.ts +0 -35
- package/src/server/totp.ts +0 -399
- package/src/server/types.ts +0 -1942
- package/src/server/users.ts +0 -291
- package/src/server/utils.ts +0 -220
- /package/dist/{runtime → client/runtime}/invite.js +0 -0
package/dist/otel.js
ADDED
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
import { resourceFromAttributes } from "@opentelemetry/resources";
|
|
2
|
+
import { NodeTracerProvider } from "@opentelemetry/sdk-trace-node";
|
|
3
|
+
import { WebTracerProvider } from "@opentelemetry/sdk-trace-web";
|
|
4
|
+
import { ATTR_SERVICE_NAME, ATTR_SERVICE_VERSION } from "@opentelemetry/semantic-conventions";
|
|
5
|
+
|
|
6
|
+
//#region src/otel.ts
|
|
7
|
+
function resolveProcessors(input) {
|
|
8
|
+
if (input === void 0) return [];
|
|
9
|
+
if (Array.isArray(input)) return [...input];
|
|
10
|
+
return [input];
|
|
11
|
+
}
|
|
12
|
+
/**
|
|
13
|
+
* Build a Node.js OpenTelemetry tracer provider for an app using Convex Auth.
|
|
14
|
+
*
|
|
15
|
+
* Convex Auth does not install this provider automatically. Provide it from your
|
|
16
|
+
* application runtime when you want server-side spans, metrics, or logs to be
|
|
17
|
+
* exported.
|
|
18
|
+
*
|
|
19
|
+
* @param config - Telemetry configuration supplied by the host application.
|
|
20
|
+
* @returns A registered {@link NodeTracerProvider}.
|
|
21
|
+
*
|
|
22
|
+
* @example
|
|
23
|
+
* ```ts
|
|
24
|
+
* import { BatchSpanProcessor } from "@opentelemetry/sdk-trace-base";
|
|
25
|
+
* import { OTLPTraceExporter } from "@opentelemetry/exporter-trace-otlp-http";
|
|
26
|
+
* import { nodeTelemetry } from "@robelest/convex-auth/otel";
|
|
27
|
+
*
|
|
28
|
+
* const provider = nodeTelemetry({
|
|
29
|
+
* serviceName: "my-app",
|
|
30
|
+
* spanProcessor: new BatchSpanProcessor(new OTLPTraceExporter()),
|
|
31
|
+
* });
|
|
32
|
+
* ```
|
|
33
|
+
*/
|
|
34
|
+
function nodeTelemetry(config) {
|
|
35
|
+
const provider = new NodeTracerProvider({
|
|
36
|
+
resource: resourceFromAttributes({
|
|
37
|
+
[ATTR_SERVICE_NAME]: config.serviceName,
|
|
38
|
+
...config.serviceVersion ? { [ATTR_SERVICE_VERSION]: config.serviceVersion } : {},
|
|
39
|
+
...config.attributes
|
|
40
|
+
}),
|
|
41
|
+
spanProcessors: resolveProcessors(config.spanProcessor),
|
|
42
|
+
...config.tracerConfig
|
|
43
|
+
});
|
|
44
|
+
provider.register();
|
|
45
|
+
return provider;
|
|
46
|
+
}
|
|
47
|
+
/**
|
|
48
|
+
* Build a browser OpenTelemetry tracer provider for an app using Convex Auth.
|
|
49
|
+
*
|
|
50
|
+
* Convex Auth does not install this provider automatically. Provide it from your
|
|
51
|
+
* browser runtime when you want client-side Convex Auth spans to be exported.
|
|
52
|
+
*
|
|
53
|
+
* @param config - Telemetry configuration supplied by the host application.
|
|
54
|
+
* @returns A registered {@link WebTracerProvider}.
|
|
55
|
+
*
|
|
56
|
+
* @example
|
|
57
|
+
* ```ts
|
|
58
|
+
* import { browserTelemetry } from "@robelest/convex-auth/otel";
|
|
59
|
+
*
|
|
60
|
+
* const provider = browserTelemetry({
|
|
61
|
+
* serviceName: "my-web-app",
|
|
62
|
+
* attributes: { deployment: "production" },
|
|
63
|
+
* });
|
|
64
|
+
* ```
|
|
65
|
+
*/
|
|
66
|
+
function browserTelemetry(config) {
|
|
67
|
+
const provider = new WebTracerProvider({
|
|
68
|
+
resource: resourceFromAttributes({
|
|
69
|
+
[ATTR_SERVICE_NAME]: config.serviceName,
|
|
70
|
+
...config.serviceVersion ? { [ATTR_SERVICE_VERSION]: config.serviceVersion } : {},
|
|
71
|
+
...config.attributes
|
|
72
|
+
}),
|
|
73
|
+
spanProcessors: resolveProcessors(config.spanProcessor),
|
|
74
|
+
...config.tracerConfig
|
|
75
|
+
});
|
|
76
|
+
provider.register();
|
|
77
|
+
return provider;
|
|
78
|
+
}
|
|
79
|
+
|
|
80
|
+
//#endregion
|
|
81
|
+
export { browserTelemetry, nodeTelemetry };
|
|
82
|
+
//# sourceMappingURL=otel.js.map
|
|
@@ -1,54 +1,35 @@
|
|
|
1
|
-
import { GenericActionCtxWithAuthConfig } from "../server/types.js";
|
|
2
|
-
import { DocumentByName, GenericDataModel, WithoutSystemFields } from "convex/server";
|
|
1
|
+
import { ConvexCredentialsConfig, GenericActionCtxWithAuthConfig } from "../server/types.js";
|
|
3
2
|
import { Value } from "convex/values";
|
|
3
|
+
import { DocumentByName, GenericDataModel, WithoutSystemFields } from "convex/server";
|
|
4
4
|
|
|
5
5
|
//#region src/providers/anonymous.d.ts
|
|
6
|
-
/**
|
|
7
|
-
* The available options to an {@link Anonymous} provider for Convex Auth.
|
|
8
|
-
*/
|
|
6
|
+
/** Configuration for the {@link anonymous} provider. */
|
|
9
7
|
interface AnonymousConfig<DataModel extends GenericDataModel> {
|
|
10
|
-
/**
|
|
11
|
-
* Uniquely identifies the provider, allowing to use
|
|
12
|
-
* multiple different {@link Anonymous} providers.
|
|
13
|
-
*/
|
|
8
|
+
/** Stable provider identifier used in `signIn("<id>")`. */
|
|
14
9
|
id?: string;
|
|
15
10
|
/**
|
|
16
|
-
*
|
|
17
|
-
*
|
|
11
|
+
* Optional profile factory used when creating the anonymous user document.
|
|
12
|
+
* Must return a profile that includes `isAnonymous: true`.
|
|
18
13
|
*/
|
|
19
|
-
profile?: (
|
|
20
|
-
/**
|
|
21
|
-
* The values passed to the `signIn` function.
|
|
22
|
-
*/
|
|
23
|
-
params: Record<string, Value | undefined>,
|
|
24
|
-
/**
|
|
25
|
-
* Convex ActionCtx in case you want to read from or write to
|
|
26
|
-
* the database.
|
|
27
|
-
*/
|
|
28
|
-
ctx: GenericActionCtxWithAuthConfig<DataModel>) => WithoutSystemFields<DocumentByName<DataModel, "User">> & {
|
|
14
|
+
profile?: (params: Record<string, Value | undefined>, ctx: GenericActionCtxWithAuthConfig<DataModel>) => WithoutSystemFields<DocumentByName<DataModel, "User">> & {
|
|
29
15
|
isAnonymous: true;
|
|
30
16
|
};
|
|
31
17
|
}
|
|
32
18
|
/**
|
|
33
|
-
*
|
|
19
|
+
* Create an anonymous sign-in provider.
|
|
34
20
|
*
|
|
35
|
-
*
|
|
36
|
-
*
|
|
37
|
-
*
|
|
21
|
+
* @typeParam DataModel - The Convex data model used by the auth context.
|
|
22
|
+
* @param config - Optional provider id and profile customization.
|
|
23
|
+
* @returns A configured anonymous provider for `createAuth`.
|
|
38
24
|
*
|
|
39
25
|
* @example
|
|
40
26
|
* ```ts
|
|
41
|
-
* import {
|
|
27
|
+
* import { anonymous } from "@robelest/convex-auth/providers";
|
|
42
28
|
*
|
|
43
|
-
*
|
|
29
|
+
* anonymous()
|
|
44
30
|
* ```
|
|
45
31
|
*/
|
|
46
|
-
declare
|
|
47
|
-
readonly id: string;
|
|
48
|
-
readonly type: "credentials";
|
|
49
|
-
readonly config: AnonymousConfig<DataModel>;
|
|
50
|
-
constructor(config?: AnonymousConfig<DataModel>);
|
|
51
|
-
}
|
|
32
|
+
declare function anonymous<DataModel extends GenericDataModel = GenericDataModel>(config?: AnonymousConfig<DataModel>): ConvexCredentialsConfig;
|
|
52
33
|
//#endregion
|
|
53
|
-
export {
|
|
34
|
+
export { AnonymousConfig, anonymous };
|
|
54
35
|
//# sourceMappingURL=anonymous.d.ts.map
|
|
@@ -1,48 +1,40 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { credentials } from "./credentials.js";
|
|
2
2
|
|
|
3
3
|
//#region src/providers/anonymous.ts
|
|
4
|
+
function defaultAnonymousProfile() {
|
|
5
|
+
return { isAnonymous: true };
|
|
6
|
+
}
|
|
4
7
|
/**
|
|
5
|
-
*
|
|
8
|
+
* Create an anonymous sign-in provider.
|
|
6
9
|
*
|
|
7
|
-
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
10
|
+
* @typeParam DataModel - The Convex data model used by the auth context.
|
|
11
|
+
* @param config - Optional provider id and profile customization.
|
|
12
|
+
* @returns A configured anonymous provider for `createAuth`.
|
|
10
13
|
*
|
|
11
14
|
* @example
|
|
12
15
|
* ```ts
|
|
13
|
-
* import {
|
|
16
|
+
* import { anonymous } from "@robelest/convex-auth/providers";
|
|
14
17
|
*
|
|
15
|
-
*
|
|
18
|
+
* anonymous()
|
|
16
19
|
* ```
|
|
17
20
|
*/
|
|
18
|
-
|
|
19
|
-
id;
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
const { user } = await ctx.auth.account.create(ctx, {
|
|
35
|
-
provider,
|
|
36
|
-
account: { id: crypto.randomUUID() },
|
|
37
|
-
profile
|
|
38
|
-
});
|
|
39
|
-
return { userId: user._id };
|
|
40
|
-
},
|
|
41
|
-
...config
|
|
42
|
-
})._toMaterialized();
|
|
43
|
-
}
|
|
44
|
-
};
|
|
21
|
+
function anonymous(config = {}) {
|
|
22
|
+
const provider = config.id ?? "anonymous";
|
|
23
|
+
return credentials({
|
|
24
|
+
id: provider,
|
|
25
|
+
authorize: async (params, ctx) => {
|
|
26
|
+
const profile = config.profile?.(params, ctx) ?? defaultAnonymousProfile();
|
|
27
|
+
const { user } = await ctx.auth.account.create(ctx, {
|
|
28
|
+
provider,
|
|
29
|
+
account: { id: crypto.randomUUID() },
|
|
30
|
+
profile
|
|
31
|
+
});
|
|
32
|
+
return { userId: user._id };
|
|
33
|
+
},
|
|
34
|
+
...config
|
|
35
|
+
});
|
|
36
|
+
}
|
|
45
37
|
|
|
46
38
|
//#endregion
|
|
47
|
-
export {
|
|
39
|
+
export { anonymous };
|
|
48
40
|
//# sourceMappingURL=anonymous.js.map
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
import { OAuthMaterializedConfig } from "../server/types.js";
|
|
2
|
+
|
|
3
|
+
//#region src/providers/apple.d.ts
|
|
4
|
+
/**
|
|
5
|
+
* Apple OAuth provider.
|
|
6
|
+
*
|
|
7
|
+
* ```ts
|
|
8
|
+
* import { apple } from "@robelest/convex-auth/providers/apple";
|
|
9
|
+
*
|
|
10
|
+
* apple({
|
|
11
|
+
* clientId: process.env.AUTH_APPLE_ID!,
|
|
12
|
+
* teamId: process.env.AUTH_APPLE_TEAM_ID!,
|
|
13
|
+
* keyId: process.env.AUTH_APPLE_KEY_ID!,
|
|
14
|
+
* privateKey: process.env.AUTH_APPLE_PRIVATE_KEY!,
|
|
15
|
+
* })
|
|
16
|
+
* ```
|
|
17
|
+
*
|
|
18
|
+
* @module
|
|
19
|
+
*/
|
|
20
|
+
/** Configuration for the {@link apple} provider. */
|
|
21
|
+
interface AppleConfig {
|
|
22
|
+
/** Services ID or app bundle identifier registered with Sign in with Apple. */
|
|
23
|
+
clientId: string;
|
|
24
|
+
/** Apple Developer team identifier used to sign client secrets. */
|
|
25
|
+
teamId: string;
|
|
26
|
+
/** Apple private key identifier. */
|
|
27
|
+
keyId: string;
|
|
28
|
+
/** Apple private key PEM contents or bytes. */
|
|
29
|
+
privateKey: string | Uint8Array;
|
|
30
|
+
/** Optional callback URL override. Defaults to `CUSTOM_AUTH_SITE_URL` or `CONVEX_SITE_URL` plus `/api/auth/callback/apple`. */
|
|
31
|
+
redirectUri?: string;
|
|
32
|
+
/** Optional OAuth scopes. Defaults to `name email`. */
|
|
33
|
+
scopes?: string[];
|
|
34
|
+
/** Account-linking strategy for existing users with matching email addresses. */
|
|
35
|
+
accountLinking?: "verifiedEmail" | "none";
|
|
36
|
+
}
|
|
37
|
+
/**
|
|
38
|
+
* Create an Apple OAuth provider.
|
|
39
|
+
*
|
|
40
|
+
* @param config - Apple Sign In client settings and signing key material.
|
|
41
|
+
* @returns A configured Apple OAuth provider for `createAuth`.
|
|
42
|
+
* @throws {Error} When no callback URL can be derived and `redirectUri` is omitted.
|
|
43
|
+
*
|
|
44
|
+
* @example
|
|
45
|
+
* ```ts
|
|
46
|
+
* import { apple } from "@robelest/convex-auth/providers/apple";
|
|
47
|
+
*
|
|
48
|
+
* apple({
|
|
49
|
+
* clientId: process.env.AUTH_APPLE_ID!,
|
|
50
|
+
* teamId: process.env.AUTH_APPLE_TEAM_ID!,
|
|
51
|
+
* keyId: process.env.AUTH_APPLE_KEY_ID!,
|
|
52
|
+
* privateKey: process.env.AUTH_APPLE_PRIVATE_KEY!,
|
|
53
|
+
* })
|
|
54
|
+
* ```
|
|
55
|
+
*/
|
|
56
|
+
declare function apple(config: AppleConfig): OAuthMaterializedConfig;
|
|
57
|
+
//#endregion
|
|
58
|
+
export { AppleConfig, apple };
|
|
59
|
+
//# sourceMappingURL=apple.d.ts.map
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
import { envOptionalString, readConfigSync } from "../server/env.js";
|
|
2
|
+
import { createArcticOAuthClient, createOAuthProvider } from "../server/oauth/factory.js";
|
|
3
|
+
import { Apple } from "arctic";
|
|
4
|
+
|
|
5
|
+
//#region src/providers/apple.ts
|
|
6
|
+
/**
|
|
7
|
+
* Apple OAuth provider.
|
|
8
|
+
*
|
|
9
|
+
* ```ts
|
|
10
|
+
* import { apple } from "@robelest/convex-auth/providers/apple";
|
|
11
|
+
*
|
|
12
|
+
* apple({
|
|
13
|
+
* clientId: process.env.AUTH_APPLE_ID!,
|
|
14
|
+
* teamId: process.env.AUTH_APPLE_TEAM_ID!,
|
|
15
|
+
* keyId: process.env.AUTH_APPLE_KEY_ID!,
|
|
16
|
+
* privateKey: process.env.AUTH_APPLE_PRIVATE_KEY!,
|
|
17
|
+
* })
|
|
18
|
+
* ```
|
|
19
|
+
*
|
|
20
|
+
* @module
|
|
21
|
+
*/
|
|
22
|
+
const DEFAULT_SCOPES = ["name", "email"];
|
|
23
|
+
/**
|
|
24
|
+
* Create an Apple OAuth provider.
|
|
25
|
+
*
|
|
26
|
+
* @param config - Apple Sign In client settings and signing key material.
|
|
27
|
+
* @returns A configured Apple OAuth provider for `createAuth`.
|
|
28
|
+
* @throws {Error} When no callback URL can be derived and `redirectUri` is omitted.
|
|
29
|
+
*
|
|
30
|
+
* @example
|
|
31
|
+
* ```ts
|
|
32
|
+
* import { apple } from "@robelest/convex-auth/providers/apple";
|
|
33
|
+
*
|
|
34
|
+
* apple({
|
|
35
|
+
* clientId: process.env.AUTH_APPLE_ID!,
|
|
36
|
+
* teamId: process.env.AUTH_APPLE_TEAM_ID!,
|
|
37
|
+
* keyId: process.env.AUTH_APPLE_KEY_ID!,
|
|
38
|
+
* privateKey: process.env.AUTH_APPLE_PRIVATE_KEY!,
|
|
39
|
+
* })
|
|
40
|
+
* ```
|
|
41
|
+
*/
|
|
42
|
+
function apple(config) {
|
|
43
|
+
return createOAuthProvider({
|
|
44
|
+
id: "apple",
|
|
45
|
+
provider: createArcticOAuthClient(new Apple(config.clientId, config.teamId, config.keyId, typeof config.privateKey === "string" ? new TextEncoder().encode(config.privateKey) : config.privateKey, config.redirectUri ?? defaultRedirectUri("apple")), { pkce: "never" }),
|
|
46
|
+
scopes: config.scopes ?? DEFAULT_SCOPES,
|
|
47
|
+
accountLinking: config.accountLinking
|
|
48
|
+
});
|
|
49
|
+
}
|
|
50
|
+
function defaultRedirectUri(providerId) {
|
|
51
|
+
const rootUrl = readConfigSync(envOptionalString("CUSTOM_AUTH_SITE_URL")) ?? readConfigSync(envOptionalString("CONVEX_SITE_URL"));
|
|
52
|
+
if (!rootUrl) throw new Error(`Missing CONVEX_SITE_URL while configuring ${providerId} OAuth provider. Set CONVEX_SITE_URL or pass redirectUri explicitly.`);
|
|
53
|
+
return `${rootUrl}/api/auth/callback/${providerId}`;
|
|
54
|
+
}
|
|
55
|
+
|
|
56
|
+
//#endregion
|
|
57
|
+
export { apple };
|
|
58
|
+
//# sourceMappingURL=apple.js.map
|
|
@@ -1,64 +1,48 @@
|
|
|
1
|
-
import { AuthProviderConfig, GenericActionCtxWithAuthConfig } from "../server/types.js";
|
|
2
|
-
import { GenericDataModel } from "convex/server";
|
|
1
|
+
import { AuthProviderConfig, ConvexCredentialsConfig, GenericActionCtxWithAuthConfig } from "../server/types.js";
|
|
3
2
|
import { GenericId, Value } from "convex/values";
|
|
3
|
+
import { GenericDataModel } from "convex/server";
|
|
4
4
|
|
|
5
5
|
//#region src/providers/credentials.d.ts
|
|
6
|
-
/**
|
|
7
|
-
* Configuration for the Credentials provider.
|
|
8
|
-
*
|
|
9
|
-
* @typeParam DataModel - The Convex data model.
|
|
10
|
-
*/
|
|
6
|
+
/** Configuration for the {@link credentials} provider. */
|
|
11
7
|
interface CredentialsConfig<DataModel extends GenericDataModel = GenericDataModel> {
|
|
12
|
-
/**
|
|
8
|
+
/** Stable provider identifier used in `signIn("<id>")`. */
|
|
13
9
|
id?: string;
|
|
14
10
|
/**
|
|
15
|
-
*
|
|
16
|
-
*
|
|
17
|
-
* @returns A user ID for successful login, or `null` to reject.
|
|
11
|
+
* Validate the submitted credentials and return the authenticated user.
|
|
12
|
+
* Return `null` to reject the sign-in attempt.
|
|
18
13
|
*/
|
|
19
14
|
authorize: (credentials: Partial<Record<string, Value | undefined>>, ctx: GenericActionCtxWithAuthConfig<DataModel>) => Promise<{
|
|
20
15
|
userId: GenericId<"User">;
|
|
21
16
|
sessionId?: GenericId<"Session">;
|
|
22
17
|
} | null>;
|
|
23
|
-
/**
|
|
24
|
-
* Provide hashing and verification functions for account secrets.
|
|
25
|
-
*/
|
|
18
|
+
/** Optional hashing helpers for password-style credential verification. */
|
|
26
19
|
crypto?: {
|
|
27
20
|
hashSecret: (secret: string) => Promise<string>;
|
|
28
21
|
verifySecret: (secret: string, hash: string) => Promise<boolean>;
|
|
29
22
|
};
|
|
30
|
-
/**
|
|
31
|
-
* Extra providers used internally (e.g. email verification in password flow).
|
|
32
|
-
* Not exposed to clients.
|
|
33
|
-
*/
|
|
23
|
+
/** Additional providers to register alongside this credentials provider. */
|
|
34
24
|
extraProviders?: (AuthProviderConfig | undefined)[];
|
|
35
25
|
}
|
|
36
26
|
/**
|
|
37
|
-
*
|
|
27
|
+
* Create a credentials provider for custom sign-in logic.
|
|
38
28
|
*
|
|
39
|
-
*
|
|
40
|
-
*
|
|
41
|
-
*
|
|
42
|
-
* @typeParam DataModel - The Convex data model.
|
|
29
|
+
* @typeParam DataModel - The Convex data model used by the auth context.
|
|
30
|
+
* @param config - Custom authorization and hashing hooks.
|
|
31
|
+
* @returns A configured credentials provider for `createAuth`.
|
|
43
32
|
*
|
|
44
33
|
* @example
|
|
45
34
|
* ```ts
|
|
46
|
-
* import {
|
|
35
|
+
* import { credentials } from "@robelest/convex-auth/providers";
|
|
47
36
|
*
|
|
48
|
-
*
|
|
49
|
-
* authorize: async (
|
|
50
|
-
* const user = await
|
|
37
|
+
* credentials({
|
|
38
|
+
* authorize: async (params, ctx) => {
|
|
39
|
+
* const user = await lookupUser(params.email, params.password, ctx);
|
|
51
40
|
* return user ? { userId: user._id } : null;
|
|
52
41
|
* },
|
|
53
42
|
* })
|
|
54
43
|
* ```
|
|
55
44
|
*/
|
|
56
|
-
declare
|
|
57
|
-
readonly id: string;
|
|
58
|
-
readonly type: "credentials";
|
|
59
|
-
readonly config: CredentialsConfig<DataModel>;
|
|
60
|
-
constructor(config: CredentialsConfig<DataModel>);
|
|
61
|
-
}
|
|
45
|
+
declare function credentials<DataModel extends GenericDataModel = GenericDataModel>(config: CredentialsConfig<DataModel>): ConvexCredentialsConfig<DataModel>;
|
|
62
46
|
//#endregion
|
|
63
|
-
export {
|
|
47
|
+
export { CredentialsConfig, credentials };
|
|
64
48
|
//# sourceMappingURL=credentials.d.ts.map
|
|
@@ -1,42 +1,31 @@
|
|
|
1
1
|
//#region src/providers/credentials.ts
|
|
2
2
|
/**
|
|
3
|
-
*
|
|
3
|
+
* Create a credentials provider for custom sign-in logic.
|
|
4
4
|
*
|
|
5
|
-
*
|
|
6
|
-
*
|
|
7
|
-
*
|
|
8
|
-
* @typeParam DataModel - The Convex data model.
|
|
5
|
+
* @typeParam DataModel - The Convex data model used by the auth context.
|
|
6
|
+
* @param config - Custom authorization and hashing hooks.
|
|
7
|
+
* @returns A configured credentials provider for `createAuth`.
|
|
9
8
|
*
|
|
10
9
|
* @example
|
|
11
10
|
* ```ts
|
|
12
|
-
* import {
|
|
11
|
+
* import { credentials } from "@robelest/convex-auth/providers";
|
|
13
12
|
*
|
|
14
|
-
*
|
|
15
|
-
* authorize: async (
|
|
16
|
-
* const user = await
|
|
13
|
+
* credentials({
|
|
14
|
+
* authorize: async (params, ctx) => {
|
|
15
|
+
* const user = await lookupUser(params.email, params.password, ctx);
|
|
17
16
|
* return user ? { userId: user._id } : null;
|
|
18
17
|
* },
|
|
19
18
|
* })
|
|
20
19
|
* ```
|
|
21
20
|
*/
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
}
|
|
30
|
-
/** @internal Convert to the internal materialized config shape. */
|
|
31
|
-
_toMaterialized() {
|
|
32
|
-
return {
|
|
33
|
-
...this.config,
|
|
34
|
-
id: this.id,
|
|
35
|
-
type: "credentials"
|
|
36
|
-
};
|
|
37
|
-
}
|
|
38
|
-
};
|
|
21
|
+
function credentials(config) {
|
|
22
|
+
return {
|
|
23
|
+
...config,
|
|
24
|
+
id: config.id ?? "credentials",
|
|
25
|
+
type: "credentials"
|
|
26
|
+
};
|
|
27
|
+
}
|
|
39
28
|
|
|
40
29
|
//#endregion
|
|
41
|
-
export {
|
|
30
|
+
export { credentials };
|
|
42
31
|
//# sourceMappingURL=credentials.js.map
|
|
@@ -0,0 +1,94 @@
|
|
|
1
|
+
import { OAuthMaterializedConfig, OAuthProfile, OAuthTokens } from "../server/types.js";
|
|
2
|
+
|
|
3
|
+
//#region src/providers/custom.d.ts
|
|
4
|
+
type ScopeSeparator = " " | ",";
|
|
5
|
+
type PkceMode = "required" | "optional" | "never";
|
|
6
|
+
type TokenAuthMethod = "basic" | "body" | "none";
|
|
7
|
+
/** Configuration for the custom provider authorization URL. */
|
|
8
|
+
interface CustomOAuthAuthorizationConfig {
|
|
9
|
+
/** Authorization endpoint URL. */
|
|
10
|
+
url: string;
|
|
11
|
+
/** PKCE requirement for this provider's authorization flow. */
|
|
12
|
+
pkce?: PkceMode;
|
|
13
|
+
/** Query parameter name used for the client ID. */
|
|
14
|
+
clientIdParam?: string;
|
|
15
|
+
/** Query parameter name used for scopes. */
|
|
16
|
+
scopeParam?: string;
|
|
17
|
+
/** Separator used when joining multiple scopes. */
|
|
18
|
+
scopeSeparator?: ScopeSeparator;
|
|
19
|
+
/** Additional query parameters appended to the authorization URL. */
|
|
20
|
+
extraParams?: Record<string, string>;
|
|
21
|
+
}
|
|
22
|
+
/** Configuration for the custom provider token exchange request. */
|
|
23
|
+
interface CustomOAuthTokenConfig {
|
|
24
|
+
/** Token endpoint URL. */
|
|
25
|
+
url: string;
|
|
26
|
+
/** How client credentials are sent to the token endpoint. */
|
|
27
|
+
authMethod?: TokenAuthMethod;
|
|
28
|
+
/** Form field name used for the client ID. */
|
|
29
|
+
clientIdParam?: string;
|
|
30
|
+
/** Form field name used for the client secret. */
|
|
31
|
+
clientSecretParam?: string;
|
|
32
|
+
/** Form field name used for the PKCE code verifier. */
|
|
33
|
+
codeVerifierParam?: string;
|
|
34
|
+
/** Form field name used for scopes. */
|
|
35
|
+
scopeParam?: string;
|
|
36
|
+
/** Separator used when joining multiple scopes. */
|
|
37
|
+
scopeSeparator?: ScopeSeparator;
|
|
38
|
+
/** Whether to include the redirect URI in token requests. */
|
|
39
|
+
includeRedirectUri?: boolean;
|
|
40
|
+
/** Whether to include configured scopes in token requests. */
|
|
41
|
+
includeScopes?: boolean;
|
|
42
|
+
/** Additional form parameters appended to token requests. */
|
|
43
|
+
extraParams?: Record<string, string>;
|
|
44
|
+
}
|
|
45
|
+
/** Configuration for the {@link custom} provider. */
|
|
46
|
+
interface CustomOAuthConfig {
|
|
47
|
+
/** Stable provider identifier used in `signIn("<id>")`. */
|
|
48
|
+
id: string;
|
|
49
|
+
/** OAuth client identifier. */
|
|
50
|
+
clientId: string;
|
|
51
|
+
/** Optional OAuth client secret. */
|
|
52
|
+
clientSecret?: string | null;
|
|
53
|
+
/** Optional callback URL override. Defaults to `CUSTOM_AUTH_SITE_URL` or `CONVEX_SITE_URL` plus `/api/auth/callback/<id>`. */
|
|
54
|
+
redirectUri?: string;
|
|
55
|
+
/** Optional default scopes requested during sign-in. */
|
|
56
|
+
scopes?: string[];
|
|
57
|
+
/** Account-linking strategy for existing users with matching email addresses. */
|
|
58
|
+
accountLinking?: "verifiedEmail" | "none";
|
|
59
|
+
/** Whether the provider requires nonce generation and validation. */
|
|
60
|
+
nonce?: boolean;
|
|
61
|
+
/** Authorization endpoint configuration. */
|
|
62
|
+
authorization: CustomOAuthAuthorizationConfig;
|
|
63
|
+
/** Token exchange endpoint configuration. */
|
|
64
|
+
token: CustomOAuthTokenConfig;
|
|
65
|
+
/** Optional profile loader that converts OAuth tokens into a normalized profile. */
|
|
66
|
+
profile?: (tokens: OAuthTokens) => Promise<OAuthProfile>;
|
|
67
|
+
/** Optional token validation hook for provider-specific checks. */
|
|
68
|
+
validateTokens?: (tokens: OAuthTokens, ctx: {
|
|
69
|
+
nonce?: string;
|
|
70
|
+
}) => Promise<void>;
|
|
71
|
+
}
|
|
72
|
+
/**
|
|
73
|
+
* Create a custom OAuth provider.
|
|
74
|
+
*
|
|
75
|
+
* @param config - OAuth endpoints, credentials, and profile callbacks.
|
|
76
|
+
* @returns A configured OAuth provider for `createAuth`.
|
|
77
|
+
*
|
|
78
|
+
* @example
|
|
79
|
+
* ```ts
|
|
80
|
+
* import { custom } from "@robelest/convex-auth/providers";
|
|
81
|
+
*
|
|
82
|
+
* custom({
|
|
83
|
+
* id: "workos",
|
|
84
|
+
* clientId: process.env.WORKOS_CLIENT_ID!,
|
|
85
|
+
* clientSecret: process.env.WORKOS_CLIENT_SECRET!,
|
|
86
|
+
* authorization: { url: "https://api.workos.com/sso/authorize" },
|
|
87
|
+
* token: { url: "https://api.workos.com/sso/token", authMethod: "basic" },
|
|
88
|
+
* })
|
|
89
|
+
* ```
|
|
90
|
+
*/
|
|
91
|
+
declare function custom(config: CustomOAuthConfig): OAuthMaterializedConfig;
|
|
92
|
+
//#endregion
|
|
93
|
+
export { CustomOAuthAuthorizationConfig, CustomOAuthConfig, CustomOAuthTokenConfig, custom };
|
|
94
|
+
//# sourceMappingURL=custom.d.ts.map
|