@robelest/convex-auth 0.0.4-preview.25 → 0.0.4-preview.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (666) hide show
  1. package/README.md +43 -36
  2. package/dist/bin.js +5765 -4880
  3. package/dist/browser/index.d.ts +30 -0
  4. package/dist/browser/index.js +93 -0
  5. package/dist/browser/locks.js +11 -0
  6. package/dist/browser/navigation.js +14 -0
  7. package/dist/{factors → browser}/passkey.js +23 -32
  8. package/dist/browser/runtime.js +92 -0
  9. package/dist/client/core/types.d.ts +452 -5
  10. package/dist/client/core/types.js +17 -0
  11. package/dist/client/errors.js +19 -0
  12. package/dist/client/factors/device.js +94 -0
  13. package/dist/{factors → client/factors}/totp.js +12 -4
  14. package/dist/client/index.d.ts +47 -1
  15. package/dist/client/index.js +269 -232
  16. package/dist/client/runtime/mutex.js +24 -0
  17. package/dist/client/runtime/proxy.js +30 -0
  18. package/dist/client/runtime/storage.js +45 -0
  19. package/dist/client/services/adapters.js +7 -0
  20. package/dist/client/services/http.js +6 -0
  21. package/dist/client/services/resolve.js +13 -0
  22. package/dist/client/services/runtime.js +6 -0
  23. package/dist/component/_generated/component.d.ts +1355 -1399
  24. package/dist/component/convex.config.d.ts +2 -2
  25. package/dist/component/index.d.ts +4 -26
  26. package/dist/component/index.js +1 -1
  27. package/dist/component/model.d.ts +26 -112
  28. package/dist/component/model.js +76 -54
  29. package/dist/component/modules.js +38 -0
  30. package/dist/component/public/factors/devices.js +1 -1
  31. package/dist/component/public/factors/passkeys.js +1 -1
  32. package/dist/component/public/factors/totp.js +1 -1
  33. package/dist/component/public/groups/core.js +2 -2
  34. package/dist/component/public/groups/invites.js +1 -1
  35. package/dist/component/public/groups/members.js +1 -1
  36. package/dist/component/public/identity/accounts.js +1 -1
  37. package/dist/component/public/identity/codes.js +1 -1
  38. package/dist/component/public/identity/sessions.js +39 -2
  39. package/dist/component/public/identity/tokens.js +82 -4
  40. package/dist/component/public/identity/users.js +1 -1
  41. package/dist/component/public/identity/verifiers.js +10 -4
  42. package/dist/component/public/security/keys.js +1 -1
  43. package/dist/component/public/security/limits.js +1 -1
  44. package/dist/component/public/{enterprise → sso}/audit.js +26 -26
  45. package/dist/component/public/sso/core.js +263 -0
  46. package/dist/component/public/sso/domains.js +280 -0
  47. package/dist/component/public/{enterprise → sso}/scim.js +87 -87
  48. package/dist/component/public/sso/secrets.js +125 -0
  49. package/dist/component/public/{enterprise → sso}/webhooks.js +59 -59
  50. package/dist/component/public.js +9 -9
  51. package/dist/component/schema.d.ts +472 -393
  52. package/dist/component/schema.js +36 -35
  53. package/dist/core/index.d.ts +380 -0
  54. package/dist/core/index.js +83 -0
  55. package/dist/otel.d.ts +69 -0
  56. package/dist/otel.js +82 -0
  57. package/dist/providers/anonymous.d.ts +15 -34
  58. package/dist/providers/anonymous.js +27 -35
  59. package/dist/providers/apple.d.ts +59 -0
  60. package/dist/providers/apple.js +58 -0
  61. package/dist/providers/credentials.d.ts +18 -34
  62. package/dist/providers/credentials.js +16 -27
  63. package/dist/providers/custom.d.ts +94 -0
  64. package/dist/providers/custom.js +119 -0
  65. package/dist/providers/device.d.ts +15 -49
  66. package/dist/providers/device.js +17 -34
  67. package/dist/providers/email.d.ts +21 -38
  68. package/dist/providers/email.js +36 -55
  69. package/dist/providers/github.d.ts +54 -0
  70. package/dist/providers/github.js +75 -0
  71. package/dist/providers/google.d.ts +54 -0
  72. package/dist/providers/google.js +61 -0
  73. package/dist/providers/index.d.ts +16 -12
  74. package/dist/providers/index.js +15 -11
  75. package/dist/providers/microsoft.d.ts +57 -0
  76. package/dist/providers/microsoft.js +101 -0
  77. package/dist/providers/passkey.d.ts +19 -35
  78. package/dist/providers/passkey.js +20 -30
  79. package/dist/providers/password.d.ts +17 -18
  80. package/dist/providers/password.js +121 -143
  81. package/dist/providers/phone.d.ts +13 -28
  82. package/dist/providers/phone.js +21 -46
  83. package/dist/providers/sso.d.ts +16 -36
  84. package/dist/providers/sso.js +21 -22
  85. package/dist/providers/totp.d.ts +13 -29
  86. package/dist/providers/totp.js +17 -27
  87. package/dist/server/auth-context.d.ts +204 -0
  88. package/dist/server/auth-context.js +76 -0
  89. package/dist/server/auth.d.ts +99 -244
  90. package/dist/server/auth.js +56 -152
  91. package/dist/server/componentContext.d.ts +12 -0
  92. package/dist/server/componentContext.js +1 -0
  93. package/dist/server/config.js +6 -67
  94. package/dist/server/constants.js +6 -0
  95. package/dist/server/contract.d.ts +105 -0
  96. package/dist/server/contract.js +43 -0
  97. package/dist/server/cookies.js +3 -2
  98. package/dist/server/core.js +31 -36
  99. package/dist/server/crypto.js +34 -44
  100. package/dist/server/db.js +6 -1
  101. package/dist/server/device.js +96 -130
  102. package/dist/server/env.js +48 -0
  103. package/dist/server/errors.js +20 -0
  104. package/dist/server/http.d.ts +15 -59
  105. package/dist/server/http.js +136 -120
  106. package/dist/server/identity.js +2 -2
  107. package/dist/server/index.d.ts +5 -4
  108. package/dist/server/index.js +3 -3
  109. package/dist/server/keys.js +10 -1
  110. package/dist/server/limits.js +26 -26
  111. package/dist/server/log.js +28 -0
  112. package/dist/server/mounts.d.ts +1107 -296
  113. package/dist/server/mounts.js +315 -196
  114. package/dist/server/mutations/account.js +11 -14
  115. package/dist/server/mutations/code.js +6 -5
  116. package/dist/server/mutations/invalidate.js +9 -11
  117. package/dist/server/mutations/oauth.js +112 -73
  118. package/dist/server/mutations/refresh.js +47 -97
  119. package/dist/server/mutations/register.js +37 -35
  120. package/dist/server/mutations/retrieve.js +16 -16
  121. package/dist/server/mutations/signature.js +15 -18
  122. package/dist/server/mutations/signin.js +10 -5
  123. package/dist/server/mutations/signout.js +11 -14
  124. package/dist/server/mutations/store.js +25 -18
  125. package/dist/server/mutations/verifier.js +11 -8
  126. package/dist/server/mutations/verify.js +53 -41
  127. package/dist/server/oauth/factory.js +44 -0
  128. package/dist/server/oauth/index.js +12 -0
  129. package/dist/server/oauth/runtime.js +248 -0
  130. package/dist/server/passkey.js +331 -365
  131. package/dist/server/payloads.d.ts +16 -0
  132. package/dist/server/payloads.js +30 -0
  133. package/dist/server/{ssr.d.ts → prefetch.d.ts} +2 -2
  134. package/dist/server/prefetch.js +635 -0
  135. package/dist/server/random.js +19 -0
  136. package/dist/server/redirects.js +10 -5
  137. package/dist/server/refresh.js +14 -86
  138. package/dist/server/runtime.d.ts +531 -31
  139. package/dist/server/runtime.js +106 -267
  140. package/dist/server/secret.js +44 -0
  141. package/dist/server/services/config.js +10 -0
  142. package/dist/server/services/group.js +211 -0
  143. package/dist/server/services/logger.js +8 -0
  144. package/dist/server/services/providers.js +22 -0
  145. package/dist/server/services/refresh.js +8 -0
  146. package/dist/server/services/resolve.js +27 -0
  147. package/dist/server/services/signin.js +8 -0
  148. package/dist/server/sessions.js +35 -34
  149. package/dist/server/signin.js +229 -140
  150. package/dist/server/{enterprise → sso}/config.js +10 -3
  151. package/dist/server/sso/domain.d.ts +614 -0
  152. package/dist/server/sso/domain.js +1175 -0
  153. package/dist/server/sso/http.js +1060 -0
  154. package/dist/server/sso/oidc.js +324 -0
  155. package/dist/server/sso/policies.js +59 -0
  156. package/dist/server/sso/policy.js +139 -0
  157. package/dist/server/sso/profile.js +22 -0
  158. package/dist/server/sso/provision.js +179 -0
  159. package/dist/{component/server/enterprise → server/sso}/saml.js +142 -56
  160. package/dist/{component/server/enterprise → server/sso}/scim.js +13 -7
  161. package/dist/server/sso/shared.js +74 -0
  162. package/dist/server/sso/validators.js +88 -0
  163. package/dist/server/sso/webhook.js +94 -0
  164. package/dist/server/tokens.js +16 -4
  165. package/dist/server/totp.js +155 -164
  166. package/dist/server/types.d.ts +306 -296
  167. package/dist/server/types.js +1 -30
  168. package/dist/server/url.js +32 -0
  169. package/dist/server/users.js +74 -40
  170. package/dist/server/utils/cache.js +51 -0
  171. package/dist/server/utils/dispatch.js +36 -0
  172. package/dist/server/utils/retry.js +24 -0
  173. package/dist/server/utils/span.js +32 -0
  174. package/dist/shared/errors.js +19 -0
  175. package/dist/shared/log.js +45 -0
  176. package/{src/test.ts → dist/test.d.ts} +21 -22
  177. package/dist/test.js +51 -0
  178. package/package.json +70 -42
  179. package/dist/authorization/index.d.ts.map +0 -1
  180. package/dist/authorization/index.js.map +0 -1
  181. package/dist/client/core/types.d.ts.map +0 -1
  182. package/dist/client/index.d.ts.map +0 -1
  183. package/dist/client/index.js.map +0 -1
  184. package/dist/component/_generated/api.d.ts +0 -75
  185. package/dist/component/_generated/api.d.ts.map +0 -1
  186. package/dist/component/_generated/api.js.map +0 -1
  187. package/dist/component/_generated/component.d.ts.map +0 -1
  188. package/dist/component/_generated/dataModel.d.ts +0 -42
  189. package/dist/component/_generated/dataModel.d.ts.map +0 -1
  190. package/dist/component/_generated/server.d.ts +0 -117
  191. package/dist/component/_generated/server.d.ts.map +0 -1
  192. package/dist/component/_generated/server.js.map +0 -1
  193. package/dist/component/_virtual/rolldown_runtime.js +0 -18
  194. package/dist/component/client/core/types.d.ts +0 -2
  195. package/dist/component/client/index.d.ts +0 -1
  196. package/dist/component/convex.config.d.ts.map +0 -1
  197. package/dist/component/convex.config.js.map +0 -1
  198. package/dist/component/functions.d.ts +0 -25
  199. package/dist/component/functions.d.ts.map +0 -1
  200. package/dist/component/functions.js.map +0 -1
  201. package/dist/component/index.d.ts.map +0 -1
  202. package/dist/component/model.d.ts.map +0 -1
  203. package/dist/component/model.js.map +0 -1
  204. package/dist/component/providers/anonymous.d.ts +0 -54
  205. package/dist/component/providers/anonymous.d.ts.map +0 -1
  206. package/dist/component/providers/credentials.d.ts +0 -38
  207. package/dist/component/providers/credentials.d.ts.map +0 -1
  208. package/dist/component/providers/device.d.ts +0 -67
  209. package/dist/component/providers/device.d.ts.map +0 -1
  210. package/dist/component/providers/email.d.ts +0 -62
  211. package/dist/component/providers/email.d.ts.map +0 -1
  212. package/dist/component/providers/oauth.d.ts +0 -25
  213. package/dist/component/providers/oauth.d.ts.map +0 -1
  214. package/dist/component/providers/oauth.js +0 -13
  215. package/dist/component/providers/oauth.js.map +0 -1
  216. package/dist/component/providers/passkey.d.ts +0 -57
  217. package/dist/component/providers/passkey.d.ts.map +0 -1
  218. package/dist/component/providers/password.d.ts +0 -88
  219. package/dist/component/providers/password.d.ts.map +0 -1
  220. package/dist/component/providers/phone.d.ts +0 -48
  221. package/dist/component/providers/phone.d.ts.map +0 -1
  222. package/dist/component/providers/sso.d.ts +0 -50
  223. package/dist/component/providers/sso.d.ts.map +0 -1
  224. package/dist/component/providers/totp.d.ts +0 -45
  225. package/dist/component/providers/totp.d.ts.map +0 -1
  226. package/dist/component/public/enterprise/audit.d.ts +0 -73
  227. package/dist/component/public/enterprise/audit.d.ts.map +0 -1
  228. package/dist/component/public/enterprise/audit.js.map +0 -1
  229. package/dist/component/public/enterprise/core.d.ts +0 -176
  230. package/dist/component/public/enterprise/core.d.ts.map +0 -1
  231. package/dist/component/public/enterprise/core.js +0 -292
  232. package/dist/component/public/enterprise/core.js.map +0 -1
  233. package/dist/component/public/enterprise/domains.d.ts +0 -174
  234. package/dist/component/public/enterprise/domains.d.ts.map +0 -1
  235. package/dist/component/public/enterprise/domains.js +0 -271
  236. package/dist/component/public/enterprise/domains.js.map +0 -1
  237. package/dist/component/public/enterprise/scim.d.ts +0 -245
  238. package/dist/component/public/enterprise/scim.d.ts.map +0 -1
  239. package/dist/component/public/enterprise/scim.js.map +0 -1
  240. package/dist/component/public/enterprise/secrets.d.ts +0 -78
  241. package/dist/component/public/enterprise/secrets.d.ts.map +0 -1
  242. package/dist/component/public/enterprise/secrets.js +0 -118
  243. package/dist/component/public/enterprise/secrets.js.map +0 -1
  244. package/dist/component/public/enterprise/webhooks.d.ts +0 -211
  245. package/dist/component/public/enterprise/webhooks.d.ts.map +0 -1
  246. package/dist/component/public/enterprise/webhooks.js.map +0 -1
  247. package/dist/component/public/factors/devices.d.ts +0 -157
  248. package/dist/component/public/factors/devices.d.ts.map +0 -1
  249. package/dist/component/public/factors/devices.js.map +0 -1
  250. package/dist/component/public/factors/passkeys.d.ts +0 -175
  251. package/dist/component/public/factors/passkeys.d.ts.map +0 -1
  252. package/dist/component/public/factors/passkeys.js.map +0 -1
  253. package/dist/component/public/factors/totp.d.ts +0 -189
  254. package/dist/component/public/factors/totp.d.ts.map +0 -1
  255. package/dist/component/public/factors/totp.js.map +0 -1
  256. package/dist/component/public/groups/core.d.ts +0 -137
  257. package/dist/component/public/groups/core.d.ts.map +0 -1
  258. package/dist/component/public/groups/core.js.map +0 -1
  259. package/dist/component/public/groups/invites.d.ts +0 -217
  260. package/dist/component/public/groups/invites.d.ts.map +0 -1
  261. package/dist/component/public/groups/invites.js.map +0 -1
  262. package/dist/component/public/groups/members.d.ts +0 -204
  263. package/dist/component/public/groups/members.d.ts.map +0 -1
  264. package/dist/component/public/groups/members.js.map +0 -1
  265. package/dist/component/public/identity/accounts.d.ts +0 -147
  266. package/dist/component/public/identity/accounts.d.ts.map +0 -1
  267. package/dist/component/public/identity/accounts.js.map +0 -1
  268. package/dist/component/public/identity/codes.d.ts +0 -104
  269. package/dist/component/public/identity/codes.d.ts.map +0 -1
  270. package/dist/component/public/identity/codes.js.map +0 -1
  271. package/dist/component/public/identity/sessions.d.ts +0 -128
  272. package/dist/component/public/identity/sessions.d.ts.map +0 -1
  273. package/dist/component/public/identity/sessions.js.map +0 -1
  274. package/dist/component/public/identity/tokens.d.ts +0 -169
  275. package/dist/component/public/identity/tokens.d.ts.map +0 -1
  276. package/dist/component/public/identity/tokens.js.map +0 -1
  277. package/dist/component/public/identity/users.d.ts +0 -212
  278. package/dist/component/public/identity/users.d.ts.map +0 -1
  279. package/dist/component/public/identity/users.js.map +0 -1
  280. package/dist/component/public/identity/verifiers.d.ts +0 -116
  281. package/dist/component/public/identity/verifiers.d.ts.map +0 -1
  282. package/dist/component/public/identity/verifiers.js.map +0 -1
  283. package/dist/component/public/security/keys.d.ts +0 -209
  284. package/dist/component/public/security/keys.d.ts.map +0 -1
  285. package/dist/component/public/security/keys.js.map +0 -1
  286. package/dist/component/public/security/limits.d.ts +0 -114
  287. package/dist/component/public/security/limits.d.ts.map +0 -1
  288. package/dist/component/public/security/limits.js.map +0 -1
  289. package/dist/component/public.d.ts +0 -28
  290. package/dist/component/public.d.ts.map +0 -1
  291. package/dist/component/schema.d.ts.map +0 -1
  292. package/dist/component/schema.js.map +0 -1
  293. package/dist/component/server/auth.d.ts +0 -447
  294. package/dist/component/server/auth.d.ts.map +0 -1
  295. package/dist/component/server/auth.js +0 -254
  296. package/dist/component/server/auth.js.map +0 -1
  297. package/dist/component/server/config.js +0 -121
  298. package/dist/component/server/config.js.map +0 -1
  299. package/dist/component/server/context.js +0 -53
  300. package/dist/component/server/context.js.map +0 -1
  301. package/dist/component/server/cookies.js +0 -47
  302. package/dist/component/server/cookies.js.map +0 -1
  303. package/dist/component/server/core.js +0 -576
  304. package/dist/component/server/core.js.map +0 -1
  305. package/dist/component/server/crypto.js +0 -56
  306. package/dist/component/server/crypto.js.map +0 -1
  307. package/dist/component/server/db.js +0 -87
  308. package/dist/component/server/db.js.map +0 -1
  309. package/dist/component/server/device.js +0 -152
  310. package/dist/component/server/device.js.map +0 -1
  311. package/dist/component/server/enterprise/config.js +0 -46
  312. package/dist/component/server/enterprise/config.js.map +0 -1
  313. package/dist/component/server/enterprise/domain.js +0 -974
  314. package/dist/component/server/enterprise/domain.js.map +0 -1
  315. package/dist/component/server/enterprise/http.js +0 -787
  316. package/dist/component/server/enterprise/http.js.map +0 -1
  317. package/dist/component/server/enterprise/oidc.js +0 -248
  318. package/dist/component/server/enterprise/oidc.js.map +0 -1
  319. package/dist/component/server/enterprise/policy.js +0 -85
  320. package/dist/component/server/enterprise/policy.js.map +0 -1
  321. package/dist/component/server/enterprise/saml.js.map +0 -1
  322. package/dist/component/server/enterprise/scim.js.map +0 -1
  323. package/dist/component/server/enterprise/shared.js +0 -51
  324. package/dist/component/server/enterprise/shared.js.map +0 -1
  325. package/dist/component/server/http.d.ts +0 -85
  326. package/dist/component/server/http.d.ts.map +0 -1
  327. package/dist/component/server/http.js +0 -351
  328. package/dist/component/server/http.js.map +0 -1
  329. package/dist/component/server/identity.js +0 -16
  330. package/dist/component/server/identity.js.map +0 -1
  331. package/dist/component/server/keys.js +0 -96
  332. package/dist/component/server/keys.js.map +0 -1
  333. package/dist/component/server/limits.js +0 -52
  334. package/dist/component/server/limits.js.map +0 -1
  335. package/dist/component/server/mutations/account.js +0 -46
  336. package/dist/component/server/mutations/account.js.map +0 -1
  337. package/dist/component/server/mutations/code.js +0 -68
  338. package/dist/component/server/mutations/code.js.map +0 -1
  339. package/dist/component/server/mutations/invalidate.js +0 -32
  340. package/dist/component/server/mutations/invalidate.js.map +0 -1
  341. package/dist/component/server/mutations/oauth.js +0 -116
  342. package/dist/component/server/mutations/oauth.js.map +0 -1
  343. package/dist/component/server/mutations/refresh.js +0 -119
  344. package/dist/component/server/mutations/refresh.js.map +0 -1
  345. package/dist/component/server/mutations/register.js +0 -87
  346. package/dist/component/server/mutations/register.js.map +0 -1
  347. package/dist/component/server/mutations/retrieve.js +0 -61
  348. package/dist/component/server/mutations/retrieve.js.map +0 -1
  349. package/dist/component/server/mutations/signature.js +0 -38
  350. package/dist/component/server/mutations/signature.js.map +0 -1
  351. package/dist/component/server/mutations/signin.js +0 -27
  352. package/dist/component/server/mutations/signin.js.map +0 -1
  353. package/dist/component/server/mutations/signout.js +0 -27
  354. package/dist/component/server/mutations/signout.js.map +0 -1
  355. package/dist/component/server/mutations/store/refs.js +0 -15
  356. package/dist/component/server/mutations/store/refs.js.map +0 -1
  357. package/dist/component/server/mutations/store.js +0 -70
  358. package/dist/component/server/mutations/store.js.map +0 -1
  359. package/dist/component/server/mutations/verifier.js +0 -18
  360. package/dist/component/server/mutations/verifier.js.map +0 -1
  361. package/dist/component/server/mutations/verify.js +0 -98
  362. package/dist/component/server/mutations/verify.js.map +0 -1
  363. package/dist/component/server/oauth.js +0 -242
  364. package/dist/component/server/oauth.js.map +0 -1
  365. package/dist/component/server/passkey.js +0 -415
  366. package/dist/component/server/passkey.js.map +0 -1
  367. package/dist/component/server/redirects.js +0 -40
  368. package/dist/component/server/redirects.js.map +0 -1
  369. package/dist/component/server/refresh.js +0 -99
  370. package/dist/component/server/refresh.js.map +0 -1
  371. package/dist/component/server/runtime.d.ts +0 -136
  372. package/dist/component/server/runtime.d.ts.map +0 -1
  373. package/dist/component/server/runtime.js +0 -456
  374. package/dist/component/server/runtime.js.map +0 -1
  375. package/dist/component/server/sessions.js +0 -71
  376. package/dist/component/server/sessions.js.map +0 -1
  377. package/dist/component/server/signin.js +0 -225
  378. package/dist/component/server/signin.js.map +0 -1
  379. package/dist/component/server/tokens.js +0 -17
  380. package/dist/component/server/tokens.js.map +0 -1
  381. package/dist/component/server/totp.js +0 -208
  382. package/dist/component/server/totp.js.map +0 -1
  383. package/dist/component/server/types.d.ts +0 -949
  384. package/dist/component/server/types.d.ts.map +0 -1
  385. package/dist/component/server/types.js +0 -79
  386. package/dist/component/server/types.js.map +0 -1
  387. package/dist/component/server/users.js +0 -123
  388. package/dist/component/server/users.js.map +0 -1
  389. package/dist/component/server/utils.js +0 -140
  390. package/dist/component/server/utils.js.map +0 -1
  391. package/dist/core/types.d.ts +0 -361
  392. package/dist/core/types.d.ts.map +0 -1
  393. package/dist/factors/device.js +0 -104
  394. package/dist/factors/device.js.map +0 -1
  395. package/dist/factors/passkey.js.map +0 -1
  396. package/dist/factors/totp.js.map +0 -1
  397. package/dist/providers/anonymous.d.ts.map +0 -1
  398. package/dist/providers/anonymous.js.map +0 -1
  399. package/dist/providers/credentials.d.ts.map +0 -1
  400. package/dist/providers/credentials.js.map +0 -1
  401. package/dist/providers/device.d.ts.map +0 -1
  402. package/dist/providers/device.js.map +0 -1
  403. package/dist/providers/email.d.ts.map +0 -1
  404. package/dist/providers/email.js.map +0 -1
  405. package/dist/providers/oauth.d.ts +0 -69
  406. package/dist/providers/oauth.d.ts.map +0 -1
  407. package/dist/providers/oauth.js +0 -43
  408. package/dist/providers/oauth.js.map +0 -1
  409. package/dist/providers/passkey.d.ts.map +0 -1
  410. package/dist/providers/passkey.js.map +0 -1
  411. package/dist/providers/password.d.ts.map +0 -1
  412. package/dist/providers/password.js.map +0 -1
  413. package/dist/providers/phone.d.ts.map +0 -1
  414. package/dist/providers/phone.js.map +0 -1
  415. package/dist/providers/sso.d.ts.map +0 -1
  416. package/dist/providers/sso.js.map +0 -1
  417. package/dist/providers/totp.d.ts.map +0 -1
  418. package/dist/providers/totp.js.map +0 -1
  419. package/dist/runtime/browser.js +0 -68
  420. package/dist/runtime/browser.js.map +0 -1
  421. package/dist/runtime/invite.js.map +0 -1
  422. package/dist/runtime/proxy.js +0 -70
  423. package/dist/runtime/proxy.js.map +0 -1
  424. package/dist/runtime/storage.js +0 -37
  425. package/dist/runtime/storage.js.map +0 -1
  426. package/dist/server/auth.d.ts.map +0 -1
  427. package/dist/server/auth.js.map +0 -1
  428. package/dist/server/config.d.ts +0 -1
  429. package/dist/server/config.js.map +0 -1
  430. package/dist/server/context.d.ts +0 -1
  431. package/dist/server/context.js.map +0 -1
  432. package/dist/server/cookies.d.ts +0 -1
  433. package/dist/server/cookies.js.map +0 -1
  434. package/dist/server/core.d.ts +0 -1315
  435. package/dist/server/core.d.ts.map +0 -1
  436. package/dist/server/core.js.map +0 -1
  437. package/dist/server/crypto.d.ts +0 -8
  438. package/dist/server/crypto.d.ts.map +0 -1
  439. package/dist/server/crypto.js.map +0 -1
  440. package/dist/server/db.d.ts +0 -1
  441. package/dist/server/db.js.map +0 -1
  442. package/dist/server/device.d.ts +0 -1
  443. package/dist/server/device.js.map +0 -1
  444. package/dist/server/enterprise/config.d.ts +0 -1
  445. package/dist/server/enterprise/config.js.map +0 -1
  446. package/dist/server/enterprise/domain.d.ts +0 -401
  447. package/dist/server/enterprise/domain.d.ts.map +0 -1
  448. package/dist/server/enterprise/domain.js +0 -974
  449. package/dist/server/enterprise/domain.js.map +0 -1
  450. package/dist/server/enterprise/http.d.ts +0 -26
  451. package/dist/server/enterprise/http.d.ts.map +0 -1
  452. package/dist/server/enterprise/http.js +0 -787
  453. package/dist/server/enterprise/http.js.map +0 -1
  454. package/dist/server/enterprise/oidc.d.ts +0 -1
  455. package/dist/server/enterprise/oidc.js +0 -248
  456. package/dist/server/enterprise/oidc.js.map +0 -1
  457. package/dist/server/enterprise/policy.d.ts +0 -1
  458. package/dist/server/enterprise/policy.js +0 -85
  459. package/dist/server/enterprise/policy.js.map +0 -1
  460. package/dist/server/enterprise/saml.d.ts +0 -1
  461. package/dist/server/enterprise/saml.js +0 -338
  462. package/dist/server/enterprise/saml.js.map +0 -1
  463. package/dist/server/enterprise/scim.d.ts +0 -1
  464. package/dist/server/enterprise/scim.js +0 -97
  465. package/dist/server/enterprise/scim.js.map +0 -1
  466. package/dist/server/enterprise/shared.d.ts +0 -5
  467. package/dist/server/enterprise/shared.d.ts.map +0 -1
  468. package/dist/server/enterprise/shared.js +0 -51
  469. package/dist/server/enterprise/shared.js.map +0 -1
  470. package/dist/server/enterprise/validators.d.ts +0 -1
  471. package/dist/server/enterprise/validators.js +0 -60
  472. package/dist/server/enterprise/validators.js.map +0 -1
  473. package/dist/server/http.d.ts.map +0 -1
  474. package/dist/server/http.js.map +0 -1
  475. package/dist/server/identity.d.ts +0 -1
  476. package/dist/server/identity.js.map +0 -1
  477. package/dist/server/keys.d.ts +0 -1
  478. package/dist/server/keys.js.map +0 -1
  479. package/dist/server/limits.d.ts +0 -1
  480. package/dist/server/limits.js.map +0 -1
  481. package/dist/server/mounts.d.ts.map +0 -1
  482. package/dist/server/mounts.js.map +0 -1
  483. package/dist/server/mutations/account.d.ts +0 -29
  484. package/dist/server/mutations/account.d.ts.map +0 -1
  485. package/dist/server/mutations/account.js.map +0 -1
  486. package/dist/server/mutations/code.d.ts +0 -30
  487. package/dist/server/mutations/code.d.ts.map +0 -1
  488. package/dist/server/mutations/code.js.map +0 -1
  489. package/dist/server/mutations/index.d.ts +0 -14
  490. package/dist/server/mutations/invalidate.d.ts +0 -20
  491. package/dist/server/mutations/invalidate.d.ts.map +0 -1
  492. package/dist/server/mutations/invalidate.js.map +0 -1
  493. package/dist/server/mutations/oauth.d.ts +0 -30
  494. package/dist/server/mutations/oauth.d.ts.map +0 -1
  495. package/dist/server/mutations/oauth.js.map +0 -1
  496. package/dist/server/mutations/refresh.d.ts +0 -21
  497. package/dist/server/mutations/refresh.d.ts.map +0 -1
  498. package/dist/server/mutations/refresh.js.map +0 -1
  499. package/dist/server/mutations/register.d.ts +0 -38
  500. package/dist/server/mutations/register.d.ts.map +0 -1
  501. package/dist/server/mutations/register.js.map +0 -1
  502. package/dist/server/mutations/retrieve.d.ts +0 -33
  503. package/dist/server/mutations/retrieve.d.ts.map +0 -1
  504. package/dist/server/mutations/retrieve.js.map +0 -1
  505. package/dist/server/mutations/signature.d.ts +0 -21
  506. package/dist/server/mutations/signature.d.ts.map +0 -1
  507. package/dist/server/mutations/signature.js.map +0 -1
  508. package/dist/server/mutations/signin.d.ts +0 -22
  509. package/dist/server/mutations/signin.d.ts.map +0 -1
  510. package/dist/server/mutations/signin.js.map +0 -1
  511. package/dist/server/mutations/signout.d.ts +0 -16
  512. package/dist/server/mutations/signout.d.ts.map +0 -1
  513. package/dist/server/mutations/signout.js.map +0 -1
  514. package/dist/server/mutations/store/refs.d.ts +0 -12
  515. package/dist/server/mutations/store/refs.d.ts.map +0 -1
  516. package/dist/server/mutations/store/refs.js.map +0 -1
  517. package/dist/server/mutations/store.d.ts +0 -306
  518. package/dist/server/mutations/store.d.ts.map +0 -1
  519. package/dist/server/mutations/store.js.map +0 -1
  520. package/dist/server/mutations/verifier.d.ts +0 -13
  521. package/dist/server/mutations/verifier.d.ts.map +0 -1
  522. package/dist/server/mutations/verifier.js.map +0 -1
  523. package/dist/server/mutations/verify.d.ts +0 -26
  524. package/dist/server/mutations/verify.d.ts.map +0 -1
  525. package/dist/server/mutations/verify.js.map +0 -1
  526. package/dist/server/oauth.d.ts +0 -1
  527. package/dist/server/oauth.js +0 -242
  528. package/dist/server/oauth.js.map +0 -1
  529. package/dist/server/passkey.d.ts +0 -27
  530. package/dist/server/passkey.d.ts.map +0 -1
  531. package/dist/server/passkey.js.map +0 -1
  532. package/dist/server/redirects.d.ts +0 -1
  533. package/dist/server/redirects.js.map +0 -1
  534. package/dist/server/refresh.d.ts +0 -1
  535. package/dist/server/refresh.js.map +0 -1
  536. package/dist/server/runtime.d.ts.map +0 -1
  537. package/dist/server/runtime.js.map +0 -1
  538. package/dist/server/sessions.d.ts +0 -1
  539. package/dist/server/sessions.js.map +0 -1
  540. package/dist/server/signin.d.ts +0 -1
  541. package/dist/server/signin.js.map +0 -1
  542. package/dist/server/ssr.d.ts.map +0 -1
  543. package/dist/server/ssr.js +0 -777
  544. package/dist/server/ssr.js.map +0 -1
  545. package/dist/server/templates.d.ts +0 -1
  546. package/dist/server/templates.js.map +0 -1
  547. package/dist/server/tokens.d.ts +0 -1
  548. package/dist/server/tokens.js.map +0 -1
  549. package/dist/server/totp.d.ts +0 -1
  550. package/dist/server/totp.js.map +0 -1
  551. package/dist/server/types.d.ts.map +0 -1
  552. package/dist/server/types.js.map +0 -1
  553. package/dist/server/users.d.ts +0 -1
  554. package/dist/server/users.js.map +0 -1
  555. package/dist/server/utils.d.ts +0 -1
  556. package/dist/server/utils.js +0 -140
  557. package/dist/server/utils.js.map +0 -1
  558. package/src/authorization/index.ts +0 -83
  559. package/src/cli/bin.ts +0 -5
  560. package/src/cli/command.ts +0 -70
  561. package/src/cli/index.ts +0 -1112
  562. package/src/cli/keys.ts +0 -23
  563. package/src/client/core/types.ts +0 -437
  564. package/src/client/factors/device.ts +0 -158
  565. package/src/client/factors/passkey.ts +0 -279
  566. package/src/client/factors/totp.ts +0 -150
  567. package/src/client/index.ts +0 -1124
  568. package/src/client/runtime/browser.ts +0 -112
  569. package/src/client/runtime/invite.ts +0 -63
  570. package/src/client/runtime/proxy.ts +0 -111
  571. package/src/client/runtime/storage.ts +0 -79
  572. package/src/component/_generated/api.ts +0 -96
  573. package/src/component/_generated/component.ts +0 -3774
  574. package/src/component/_generated/dataModel.ts +0 -60
  575. package/src/component/_generated/server.ts +0 -156
  576. package/src/component/convex.config.ts +0 -5
  577. package/src/component/functions.ts +0 -104
  578. package/src/component/index.ts +0 -42
  579. package/src/component/model.ts +0 -449
  580. package/src/component/public/enterprise/audit.ts +0 -125
  581. package/src/component/public/enterprise/core.ts +0 -355
  582. package/src/component/public/enterprise/domains.ts +0 -327
  583. package/src/component/public/enterprise/scim.ts +0 -397
  584. package/src/component/public/enterprise/secrets.ts +0 -133
  585. package/src/component/public/enterprise/webhooks.ts +0 -307
  586. package/src/component/public/factors/devices.ts +0 -224
  587. package/src/component/public/factors/passkeys.ts +0 -243
  588. package/src/component/public/factors/totp.ts +0 -259
  589. package/src/component/public/groups/core.ts +0 -481
  590. package/src/component/public/groups/invites.ts +0 -608
  591. package/src/component/public/groups/members.ts +0 -410
  592. package/src/component/public/identity/accounts.ts +0 -207
  593. package/src/component/public/identity/codes.ts +0 -149
  594. package/src/component/public/identity/sessions.ts +0 -210
  595. package/src/component/public/identity/tokens.ts +0 -251
  596. package/src/component/public/identity/users.ts +0 -355
  597. package/src/component/public/identity/verifiers.ts +0 -158
  598. package/src/component/public/security/keys.ts +0 -366
  599. package/src/component/public/security/limits.ts +0 -174
  600. package/src/component/public.ts +0 -27
  601. package/src/component/schema.ts +0 -505
  602. package/src/providers/anonymous.ts +0 -99
  603. package/src/providers/credentials.ts +0 -102
  604. package/src/providers/device.ts +0 -87
  605. package/src/providers/email.ts +0 -99
  606. package/src/providers/index.ts +0 -31
  607. package/src/providers/oauth.ts +0 -117
  608. package/src/providers/passkey.ts +0 -77
  609. package/src/providers/password.ts +0 -441
  610. package/src/providers/phone.ts +0 -93
  611. package/src/providers/sso.ts +0 -54
  612. package/src/providers/totp.ts +0 -62
  613. package/src/samlify.d.ts +0 -53
  614. package/src/server/auth.ts +0 -949
  615. package/src/server/config.ts +0 -200
  616. package/src/server/context.ts +0 -90
  617. package/src/server/cookies.ts +0 -49
  618. package/src/server/core.ts +0 -2004
  619. package/src/server/crypto.ts +0 -90
  620. package/src/server/db.ts +0 -203
  621. package/src/server/device.ts +0 -254
  622. package/src/server/enterprise/config.ts +0 -51
  623. package/src/server/enterprise/domain.ts +0 -1739
  624. package/src/server/enterprise/http.ts +0 -1331
  625. package/src/server/enterprise/oidc.ts +0 -500
  626. package/src/server/enterprise/policy.ts +0 -128
  627. package/src/server/enterprise/saml.ts +0 -578
  628. package/src/server/enterprise/scim.ts +0 -135
  629. package/src/server/enterprise/shared.ts +0 -134
  630. package/src/server/enterprise/validators.ts +0 -93
  631. package/src/server/http.ts +0 -790
  632. package/src/server/identity.ts +0 -18
  633. package/src/server/index.ts +0 -40
  634. package/src/server/keys.ts +0 -158
  635. package/src/server/limits.ts +0 -107
  636. package/src/server/mounts.ts +0 -924
  637. package/src/server/mutations/account.ts +0 -62
  638. package/src/server/mutations/code.ts +0 -119
  639. package/src/server/mutations/index.ts +0 -13
  640. package/src/server/mutations/invalidate.ts +0 -50
  641. package/src/server/mutations/oauth.ts +0 -243
  642. package/src/server/mutations/refresh.ts +0 -299
  643. package/src/server/mutations/register.ts +0 -155
  644. package/src/server/mutations/retrieve.ts +0 -109
  645. package/src/server/mutations/signature.ts +0 -57
  646. package/src/server/mutations/signin.ts +0 -54
  647. package/src/server/mutations/signout.ts +0 -43
  648. package/src/server/mutations/store/refs.ts +0 -10
  649. package/src/server/mutations/store.ts +0 -123
  650. package/src/server/mutations/verifier.ts +0 -34
  651. package/src/server/mutations/verify.ts +0 -200
  652. package/src/server/oauth.ts +0 -418
  653. package/src/server/passkey.ts +0 -838
  654. package/src/server/redirects.ts +0 -59
  655. package/src/server/refresh.ts +0 -218
  656. package/src/server/runtime.ts +0 -918
  657. package/src/server/sessions.ts +0 -132
  658. package/src/server/signin.ts +0 -445
  659. package/src/server/ssr.ts +0 -1747
  660. package/src/server/templates.ts +0 -82
  661. package/src/server/tokens.ts +0 -35
  662. package/src/server/totp.ts +0 -399
  663. package/src/server/types.ts +0 -1942
  664. package/src/server/users.ts +0 -291
  665. package/src/server/utils.ts +0 -220
  666. /package/dist/{runtime → client/runtime}/invite.js +0 -0
package/dist/otel.js ADDED
@@ -0,0 +1,82 @@
1
+ import { resourceFromAttributes } from "@opentelemetry/resources";
2
+ import { NodeTracerProvider } from "@opentelemetry/sdk-trace-node";
3
+ import { WebTracerProvider } from "@opentelemetry/sdk-trace-web";
4
+ import { ATTR_SERVICE_NAME, ATTR_SERVICE_VERSION } from "@opentelemetry/semantic-conventions";
5
+
6
+ //#region src/otel.ts
7
+ function resolveProcessors(input) {
8
+ if (input === void 0) return [];
9
+ if (Array.isArray(input)) return [...input];
10
+ return [input];
11
+ }
12
+ /**
13
+ * Build a Node.js OpenTelemetry tracer provider for an app using Convex Auth.
14
+ *
15
+ * Convex Auth does not install this provider automatically. Provide it from your
16
+ * application runtime when you want server-side spans, metrics, or logs to be
17
+ * exported.
18
+ *
19
+ * @param config - Telemetry configuration supplied by the host application.
20
+ * @returns A registered {@link NodeTracerProvider}.
21
+ *
22
+ * @example
23
+ * ```ts
24
+ * import { BatchSpanProcessor } from "@opentelemetry/sdk-trace-base";
25
+ * import { OTLPTraceExporter } from "@opentelemetry/exporter-trace-otlp-http";
26
+ * import { nodeTelemetry } from "@robelest/convex-auth/otel";
27
+ *
28
+ * const provider = nodeTelemetry({
29
+ * serviceName: "my-app",
30
+ * spanProcessor: new BatchSpanProcessor(new OTLPTraceExporter()),
31
+ * });
32
+ * ```
33
+ */
34
+ function nodeTelemetry(config) {
35
+ const provider = new NodeTracerProvider({
36
+ resource: resourceFromAttributes({
37
+ [ATTR_SERVICE_NAME]: config.serviceName,
38
+ ...config.serviceVersion ? { [ATTR_SERVICE_VERSION]: config.serviceVersion } : {},
39
+ ...config.attributes
40
+ }),
41
+ spanProcessors: resolveProcessors(config.spanProcessor),
42
+ ...config.tracerConfig
43
+ });
44
+ provider.register();
45
+ return provider;
46
+ }
47
+ /**
48
+ * Build a browser OpenTelemetry tracer provider for an app using Convex Auth.
49
+ *
50
+ * Convex Auth does not install this provider automatically. Provide it from your
51
+ * browser runtime when you want client-side Convex Auth spans to be exported.
52
+ *
53
+ * @param config - Telemetry configuration supplied by the host application.
54
+ * @returns A registered {@link WebTracerProvider}.
55
+ *
56
+ * @example
57
+ * ```ts
58
+ * import { browserTelemetry } from "@robelest/convex-auth/otel";
59
+ *
60
+ * const provider = browserTelemetry({
61
+ * serviceName: "my-web-app",
62
+ * attributes: { deployment: "production" },
63
+ * });
64
+ * ```
65
+ */
66
+ function browserTelemetry(config) {
67
+ const provider = new WebTracerProvider({
68
+ resource: resourceFromAttributes({
69
+ [ATTR_SERVICE_NAME]: config.serviceName,
70
+ ...config.serviceVersion ? { [ATTR_SERVICE_VERSION]: config.serviceVersion } : {},
71
+ ...config.attributes
72
+ }),
73
+ spanProcessors: resolveProcessors(config.spanProcessor),
74
+ ...config.tracerConfig
75
+ });
76
+ provider.register();
77
+ return provider;
78
+ }
79
+
80
+ //#endregion
81
+ export { browserTelemetry, nodeTelemetry };
82
+ //# sourceMappingURL=otel.js.map
@@ -1,54 +1,35 @@
1
- import { GenericActionCtxWithAuthConfig } from "../server/types.js";
2
- import { DocumentByName, GenericDataModel, WithoutSystemFields } from "convex/server";
1
+ import { ConvexCredentialsConfig, GenericActionCtxWithAuthConfig } from "../server/types.js";
3
2
  import { Value } from "convex/values";
3
+ import { DocumentByName, GenericDataModel, WithoutSystemFields } from "convex/server";
4
4
 
5
5
  //#region src/providers/anonymous.d.ts
6
- /**
7
- * The available options to an {@link Anonymous} provider for Convex Auth.
8
- */
6
+ /** Configuration for the {@link anonymous} provider. */
9
7
  interface AnonymousConfig<DataModel extends GenericDataModel> {
10
- /**
11
- * Uniquely identifies the provider, allowing to use
12
- * multiple different {@link Anonymous} providers.
13
- */
8
+ /** Stable provider identifier used in `signIn("<id>")`. */
14
9
  id?: string;
15
10
  /**
16
- * Perform checks on provided params and customize the user
17
- * information stored after sign in.
11
+ * Optional profile factory used when creating the anonymous user document.
12
+ * Must return a profile that includes `isAnonymous: true`.
18
13
  */
19
- profile?: (
20
- /**
21
- * The values passed to the `signIn` function.
22
- */
23
- params: Record<string, Value | undefined>,
24
- /**
25
- * Convex ActionCtx in case you want to read from or write to
26
- * the database.
27
- */
28
- ctx: GenericActionCtxWithAuthConfig<DataModel>) => WithoutSystemFields<DocumentByName<DataModel, "User">> & {
14
+ profile?: (params: Record<string, Value | undefined>, ctx: GenericActionCtxWithAuthConfig<DataModel>) => WithoutSystemFields<DocumentByName<DataModel, "User">> & {
29
15
  isAnonymous: true;
30
16
  };
31
17
  }
32
18
  /**
33
- * Anonymous authentication provider.
19
+ * Create an anonymous sign-in provider.
34
20
  *
35
- * Creates a new anonymous user account without requiring any
36
- * user-provided information. Useful for guest access or
37
- * progressive profiling.
21
+ * @typeParam DataModel - The Convex data model used by the auth context.
22
+ * @param config - Optional provider id and profile customization.
23
+ * @returns A configured anonymous provider for `createAuth`.
38
24
  *
39
25
  * @example
40
26
  * ```ts
41
- * import { Anonymous } from "@robelest/convex-auth/providers";
27
+ * import { anonymous } from "@robelest/convex-auth/providers";
42
28
  *
43
- * new Anonymous()
29
+ * anonymous()
44
30
  * ```
45
31
  */
46
- declare class Anonymous<DataModel extends GenericDataModel = GenericDataModel> {
47
- readonly id: string;
48
- readonly type: "credentials";
49
- readonly config: AnonymousConfig<DataModel>;
50
- constructor(config?: AnonymousConfig<DataModel>);
51
- }
32
+ declare function anonymous<DataModel extends GenericDataModel = GenericDataModel>(config?: AnonymousConfig<DataModel>): ConvexCredentialsConfig;
52
33
  //#endregion
53
- export { Anonymous, AnonymousConfig };
34
+ export { AnonymousConfig, anonymous };
54
35
  //# sourceMappingURL=anonymous.d.ts.map
@@ -1,48 +1,40 @@
1
- import { Credentials } from "./credentials.js";
1
+ import { credentials } from "./credentials.js";
2
2
 
3
3
  //#region src/providers/anonymous.ts
4
+ function defaultAnonymousProfile() {
5
+ return { isAnonymous: true };
6
+ }
4
7
  /**
5
- * Anonymous authentication provider.
8
+ * Create an anonymous sign-in provider.
6
9
  *
7
- * Creates a new anonymous user account without requiring any
8
- * user-provided information. Useful for guest access or
9
- * progressive profiling.
10
+ * @typeParam DataModel - The Convex data model used by the auth context.
11
+ * @param config - Optional provider id and profile customization.
12
+ * @returns A configured anonymous provider for `createAuth`.
10
13
  *
11
14
  * @example
12
15
  * ```ts
13
- * import { Anonymous } from "@robelest/convex-auth/providers";
16
+ * import { anonymous } from "@robelest/convex-auth/providers";
14
17
  *
15
- * new Anonymous()
18
+ * anonymous()
16
19
  * ```
17
20
  */
18
- var Anonymous = class {
19
- id;
20
- type = "credentials";
21
- config;
22
- constructor(config = {}) {
23
- this.id = config.id ?? "anonymous";
24
- this.config = config;
25
- }
26
- /** @internal Convert to the internal materialized config shape. */
27
- _toMaterialized() {
28
- const config = this.config;
29
- const provider = this.id;
30
- return new Credentials({
31
- id: "anonymous",
32
- authorize: async (params, ctx) => {
33
- const profile = config.profile?.(params, ctx) ?? { isAnonymous: true };
34
- const { user } = await ctx.auth.account.create(ctx, {
35
- provider,
36
- account: { id: crypto.randomUUID() },
37
- profile
38
- });
39
- return { userId: user._id };
40
- },
41
- ...config
42
- })._toMaterialized();
43
- }
44
- };
21
+ function anonymous(config = {}) {
22
+ const provider = config.id ?? "anonymous";
23
+ return credentials({
24
+ id: provider,
25
+ authorize: async (params, ctx) => {
26
+ const profile = config.profile?.(params, ctx) ?? defaultAnonymousProfile();
27
+ const { user } = await ctx.auth.account.create(ctx, {
28
+ provider,
29
+ account: { id: crypto.randomUUID() },
30
+ profile
31
+ });
32
+ return { userId: user._id };
33
+ },
34
+ ...config
35
+ });
36
+ }
45
37
 
46
38
  //#endregion
47
- export { Anonymous };
39
+ export { anonymous };
48
40
  //# sourceMappingURL=anonymous.js.map
@@ -0,0 +1,59 @@
1
+ import { OAuthMaterializedConfig } from "../server/types.js";
2
+
3
+ //#region src/providers/apple.d.ts
4
+ /**
5
+ * Apple OAuth provider.
6
+ *
7
+ * ```ts
8
+ * import { apple } from "@robelest/convex-auth/providers/apple";
9
+ *
10
+ * apple({
11
+ * clientId: process.env.AUTH_APPLE_ID!,
12
+ * teamId: process.env.AUTH_APPLE_TEAM_ID!,
13
+ * keyId: process.env.AUTH_APPLE_KEY_ID!,
14
+ * privateKey: process.env.AUTH_APPLE_PRIVATE_KEY!,
15
+ * })
16
+ * ```
17
+ *
18
+ * @module
19
+ */
20
+ /** Configuration for the {@link apple} provider. */
21
+ interface AppleConfig {
22
+ /** Services ID or app bundle identifier registered with Sign in with Apple. */
23
+ clientId: string;
24
+ /** Apple Developer team identifier used to sign client secrets. */
25
+ teamId: string;
26
+ /** Apple private key identifier. */
27
+ keyId: string;
28
+ /** Apple private key PEM contents or bytes. */
29
+ privateKey: string | Uint8Array;
30
+ /** Optional callback URL override. Defaults to `CUSTOM_AUTH_SITE_URL` or `CONVEX_SITE_URL` plus `/api/auth/callback/apple`. */
31
+ redirectUri?: string;
32
+ /** Optional OAuth scopes. Defaults to `name email`. */
33
+ scopes?: string[];
34
+ /** Account-linking strategy for existing users with matching email addresses. */
35
+ accountLinking?: "verifiedEmail" | "none";
36
+ }
37
+ /**
38
+ * Create an Apple OAuth provider.
39
+ *
40
+ * @param config - Apple Sign In client settings and signing key material.
41
+ * @returns A configured Apple OAuth provider for `createAuth`.
42
+ * @throws {Error} When no callback URL can be derived and `redirectUri` is omitted.
43
+ *
44
+ * @example
45
+ * ```ts
46
+ * import { apple } from "@robelest/convex-auth/providers/apple";
47
+ *
48
+ * apple({
49
+ * clientId: process.env.AUTH_APPLE_ID!,
50
+ * teamId: process.env.AUTH_APPLE_TEAM_ID!,
51
+ * keyId: process.env.AUTH_APPLE_KEY_ID!,
52
+ * privateKey: process.env.AUTH_APPLE_PRIVATE_KEY!,
53
+ * })
54
+ * ```
55
+ */
56
+ declare function apple(config: AppleConfig): OAuthMaterializedConfig;
57
+ //#endregion
58
+ export { AppleConfig, apple };
59
+ //# sourceMappingURL=apple.d.ts.map
@@ -0,0 +1,58 @@
1
+ import { envOptionalString, readConfigSync } from "../server/env.js";
2
+ import { createArcticOAuthClient, createOAuthProvider } from "../server/oauth/factory.js";
3
+ import { Apple } from "arctic";
4
+
5
+ //#region src/providers/apple.ts
6
+ /**
7
+ * Apple OAuth provider.
8
+ *
9
+ * ```ts
10
+ * import { apple } from "@robelest/convex-auth/providers/apple";
11
+ *
12
+ * apple({
13
+ * clientId: process.env.AUTH_APPLE_ID!,
14
+ * teamId: process.env.AUTH_APPLE_TEAM_ID!,
15
+ * keyId: process.env.AUTH_APPLE_KEY_ID!,
16
+ * privateKey: process.env.AUTH_APPLE_PRIVATE_KEY!,
17
+ * })
18
+ * ```
19
+ *
20
+ * @module
21
+ */
22
+ const DEFAULT_SCOPES = ["name", "email"];
23
+ /**
24
+ * Create an Apple OAuth provider.
25
+ *
26
+ * @param config - Apple Sign In client settings and signing key material.
27
+ * @returns A configured Apple OAuth provider for `createAuth`.
28
+ * @throws {Error} When no callback URL can be derived and `redirectUri` is omitted.
29
+ *
30
+ * @example
31
+ * ```ts
32
+ * import { apple } from "@robelest/convex-auth/providers/apple";
33
+ *
34
+ * apple({
35
+ * clientId: process.env.AUTH_APPLE_ID!,
36
+ * teamId: process.env.AUTH_APPLE_TEAM_ID!,
37
+ * keyId: process.env.AUTH_APPLE_KEY_ID!,
38
+ * privateKey: process.env.AUTH_APPLE_PRIVATE_KEY!,
39
+ * })
40
+ * ```
41
+ */
42
+ function apple(config) {
43
+ return createOAuthProvider({
44
+ id: "apple",
45
+ provider: createArcticOAuthClient(new Apple(config.clientId, config.teamId, config.keyId, typeof config.privateKey === "string" ? new TextEncoder().encode(config.privateKey) : config.privateKey, config.redirectUri ?? defaultRedirectUri("apple")), { pkce: "never" }),
46
+ scopes: config.scopes ?? DEFAULT_SCOPES,
47
+ accountLinking: config.accountLinking
48
+ });
49
+ }
50
+ function defaultRedirectUri(providerId) {
51
+ const rootUrl = readConfigSync(envOptionalString("CUSTOM_AUTH_SITE_URL")) ?? readConfigSync(envOptionalString("CONVEX_SITE_URL"));
52
+ if (!rootUrl) throw new Error(`Missing CONVEX_SITE_URL while configuring ${providerId} OAuth provider. Set CONVEX_SITE_URL or pass redirectUri explicitly.`);
53
+ return `${rootUrl}/api/auth/callback/${providerId}`;
54
+ }
55
+
56
+ //#endregion
57
+ export { apple };
58
+ //# sourceMappingURL=apple.js.map
@@ -1,64 +1,48 @@
1
- import { AuthProviderConfig, GenericActionCtxWithAuthConfig } from "../server/types.js";
2
- import { GenericDataModel } from "convex/server";
1
+ import { AuthProviderConfig, ConvexCredentialsConfig, GenericActionCtxWithAuthConfig } from "../server/types.js";
3
2
  import { GenericId, Value } from "convex/values";
3
+ import { GenericDataModel } from "convex/server";
4
4
 
5
5
  //#region src/providers/credentials.d.ts
6
- /**
7
- * Configuration for the Credentials provider.
8
- *
9
- * @typeParam DataModel - The Convex data model.
10
- */
6
+ /** Configuration for the {@link credentials} provider. */
11
7
  interface CredentialsConfig<DataModel extends GenericDataModel = GenericDataModel> {
12
- /** Uniquely identifies the provider. Defaults to `"credentials"`. */
8
+ /** Stable provider identifier used in `signIn("<id>")`. */
13
9
  id?: string;
14
10
  /**
15
- * Handle credentials received from the client-side `signIn` call.
16
- *
17
- * @returns A user ID for successful login, or `null` to reject.
11
+ * Validate the submitted credentials and return the authenticated user.
12
+ * Return `null` to reject the sign-in attempt.
18
13
  */
19
14
  authorize: (credentials: Partial<Record<string, Value | undefined>>, ctx: GenericActionCtxWithAuthConfig<DataModel>) => Promise<{
20
15
  userId: GenericId<"User">;
21
16
  sessionId?: GenericId<"Session">;
22
17
  } | null>;
23
- /**
24
- * Provide hashing and verification functions for account secrets.
25
- */
18
+ /** Optional hashing helpers for password-style credential verification. */
26
19
  crypto?: {
27
20
  hashSecret: (secret: string) => Promise<string>;
28
21
  verifySecret: (secret: string, hash: string) => Promise<boolean>;
29
22
  };
30
- /**
31
- * Extra providers used internally (e.g. email verification in password flow).
32
- * Not exposed to clients.
33
- */
23
+ /** Additional providers to register alongside this credentials provider. */
34
24
  extraProviders?: (AuthProviderConfig | undefined)[];
35
25
  }
36
26
  /**
37
- * Credentials provider for custom authentication flows.
27
+ * Create a credentials provider for custom sign-in logic.
38
28
  *
39
- * This is the escape hatch for fully custom auth logic. For email/password
40
- * flows, use the `Password` class instead.
41
- *
42
- * @typeParam DataModel - The Convex data model.
29
+ * @typeParam DataModel - The Convex data model used by the auth context.
30
+ * @param config - Custom authorization and hashing hooks.
31
+ * @returns A configured credentials provider for `createAuth`.
43
32
  *
44
33
  * @example
45
34
  * ```ts
46
- * import { Credentials } from "@robelest/convex-auth/providers";
35
+ * import { credentials } from "@robelest/convex-auth/providers";
47
36
  *
48
- * new Credentials({
49
- * authorize: async (credentials, ctx) => {
50
- * const user = await validateUser(credentials);
37
+ * credentials({
38
+ * authorize: async (params, ctx) => {
39
+ * const user = await lookupUser(params.email, params.password, ctx);
51
40
  * return user ? { userId: user._id } : null;
52
41
  * },
53
42
  * })
54
43
  * ```
55
44
  */
56
- declare class Credentials<DataModel extends GenericDataModel = GenericDataModel> {
57
- readonly id: string;
58
- readonly type: "credentials";
59
- readonly config: CredentialsConfig<DataModel>;
60
- constructor(config: CredentialsConfig<DataModel>);
61
- }
45
+ declare function credentials<DataModel extends GenericDataModel = GenericDataModel>(config: CredentialsConfig<DataModel>): ConvexCredentialsConfig<DataModel>;
62
46
  //#endregion
63
- export { Credentials, CredentialsConfig };
47
+ export { CredentialsConfig, credentials };
64
48
  //# sourceMappingURL=credentials.d.ts.map
@@ -1,42 +1,31 @@
1
1
  //#region src/providers/credentials.ts
2
2
  /**
3
- * Credentials provider for custom authentication flows.
3
+ * Create a credentials provider for custom sign-in logic.
4
4
  *
5
- * This is the escape hatch for fully custom auth logic. For email/password
6
- * flows, use the `Password` class instead.
7
- *
8
- * @typeParam DataModel - The Convex data model.
5
+ * @typeParam DataModel - The Convex data model used by the auth context.
6
+ * @param config - Custom authorization and hashing hooks.
7
+ * @returns A configured credentials provider for `createAuth`.
9
8
  *
10
9
  * @example
11
10
  * ```ts
12
- * import { Credentials } from "@robelest/convex-auth/providers";
11
+ * import { credentials } from "@robelest/convex-auth/providers";
13
12
  *
14
- * new Credentials({
15
- * authorize: async (credentials, ctx) => {
16
- * const user = await validateUser(credentials);
13
+ * credentials({
14
+ * authorize: async (params, ctx) => {
15
+ * const user = await lookupUser(params.email, params.password, ctx);
17
16
  * return user ? { userId: user._id } : null;
18
17
  * },
19
18
  * })
20
19
  * ```
21
20
  */
22
- var Credentials = class {
23
- id;
24
- type = "credentials";
25
- config;
26
- constructor(config) {
27
- this.id = config.id ?? "credentials";
28
- this.config = config;
29
- }
30
- /** @internal Convert to the internal materialized config shape. */
31
- _toMaterialized() {
32
- return {
33
- ...this.config,
34
- id: this.id,
35
- type: "credentials"
36
- };
37
- }
38
- };
21
+ function credentials(config) {
22
+ return {
23
+ ...config,
24
+ id: config.id ?? "credentials",
25
+ type: "credentials"
26
+ };
27
+ }
39
28
 
40
29
  //#endregion
41
- export { Credentials };
30
+ export { credentials };
42
31
  //# sourceMappingURL=credentials.js.map
@@ -0,0 +1,94 @@
1
+ import { OAuthMaterializedConfig, OAuthProfile, OAuthTokens } from "../server/types.js";
2
+
3
+ //#region src/providers/custom.d.ts
4
+ type ScopeSeparator = " " | ",";
5
+ type PkceMode = "required" | "optional" | "never";
6
+ type TokenAuthMethod = "basic" | "body" | "none";
7
+ /** Configuration for the custom provider authorization URL. */
8
+ interface CustomOAuthAuthorizationConfig {
9
+ /** Authorization endpoint URL. */
10
+ url: string;
11
+ /** PKCE requirement for this provider's authorization flow. */
12
+ pkce?: PkceMode;
13
+ /** Query parameter name used for the client ID. */
14
+ clientIdParam?: string;
15
+ /** Query parameter name used for scopes. */
16
+ scopeParam?: string;
17
+ /** Separator used when joining multiple scopes. */
18
+ scopeSeparator?: ScopeSeparator;
19
+ /** Additional query parameters appended to the authorization URL. */
20
+ extraParams?: Record<string, string>;
21
+ }
22
+ /** Configuration for the custom provider token exchange request. */
23
+ interface CustomOAuthTokenConfig {
24
+ /** Token endpoint URL. */
25
+ url: string;
26
+ /** How client credentials are sent to the token endpoint. */
27
+ authMethod?: TokenAuthMethod;
28
+ /** Form field name used for the client ID. */
29
+ clientIdParam?: string;
30
+ /** Form field name used for the client secret. */
31
+ clientSecretParam?: string;
32
+ /** Form field name used for the PKCE code verifier. */
33
+ codeVerifierParam?: string;
34
+ /** Form field name used for scopes. */
35
+ scopeParam?: string;
36
+ /** Separator used when joining multiple scopes. */
37
+ scopeSeparator?: ScopeSeparator;
38
+ /** Whether to include the redirect URI in token requests. */
39
+ includeRedirectUri?: boolean;
40
+ /** Whether to include configured scopes in token requests. */
41
+ includeScopes?: boolean;
42
+ /** Additional form parameters appended to token requests. */
43
+ extraParams?: Record<string, string>;
44
+ }
45
+ /** Configuration for the {@link custom} provider. */
46
+ interface CustomOAuthConfig {
47
+ /** Stable provider identifier used in `signIn("<id>")`. */
48
+ id: string;
49
+ /** OAuth client identifier. */
50
+ clientId: string;
51
+ /** Optional OAuth client secret. */
52
+ clientSecret?: string | null;
53
+ /** Optional callback URL override. Defaults to `CUSTOM_AUTH_SITE_URL` or `CONVEX_SITE_URL` plus `/api/auth/callback/<id>`. */
54
+ redirectUri?: string;
55
+ /** Optional default scopes requested during sign-in. */
56
+ scopes?: string[];
57
+ /** Account-linking strategy for existing users with matching email addresses. */
58
+ accountLinking?: "verifiedEmail" | "none";
59
+ /** Whether the provider requires nonce generation and validation. */
60
+ nonce?: boolean;
61
+ /** Authorization endpoint configuration. */
62
+ authorization: CustomOAuthAuthorizationConfig;
63
+ /** Token exchange endpoint configuration. */
64
+ token: CustomOAuthTokenConfig;
65
+ /** Optional profile loader that converts OAuth tokens into a normalized profile. */
66
+ profile?: (tokens: OAuthTokens) => Promise<OAuthProfile>;
67
+ /** Optional token validation hook for provider-specific checks. */
68
+ validateTokens?: (tokens: OAuthTokens, ctx: {
69
+ nonce?: string;
70
+ }) => Promise<void>;
71
+ }
72
+ /**
73
+ * Create a custom OAuth provider.
74
+ *
75
+ * @param config - OAuth endpoints, credentials, and profile callbacks.
76
+ * @returns A configured OAuth provider for `createAuth`.
77
+ *
78
+ * @example
79
+ * ```ts
80
+ * import { custom } from "@robelest/convex-auth/providers";
81
+ *
82
+ * custom({
83
+ * id: "workos",
84
+ * clientId: process.env.WORKOS_CLIENT_ID!,
85
+ * clientSecret: process.env.WORKOS_CLIENT_SECRET!,
86
+ * authorization: { url: "https://api.workos.com/sso/authorize" },
87
+ * token: { url: "https://api.workos.com/sso/token", authMethod: "basic" },
88
+ * })
89
+ * ```
90
+ */
91
+ declare function custom(config: CustomOAuthConfig): OAuthMaterializedConfig;
92
+ //#endregion
93
+ export { CustomOAuthAuthorizationConfig, CustomOAuthConfig, CustomOAuthTokenConfig, custom };
94
+ //# sourceMappingURL=custom.d.ts.map