@robelest/convex-auth 0.0.4-preview.25 → 0.0.4-preview.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (666) hide show
  1. package/README.md +43 -36
  2. package/dist/bin.js +5765 -4880
  3. package/dist/browser/index.d.ts +30 -0
  4. package/dist/browser/index.js +93 -0
  5. package/dist/browser/locks.js +11 -0
  6. package/dist/browser/navigation.js +14 -0
  7. package/dist/{factors → browser}/passkey.js +23 -32
  8. package/dist/browser/runtime.js +92 -0
  9. package/dist/client/core/types.d.ts +452 -5
  10. package/dist/client/core/types.js +17 -0
  11. package/dist/client/errors.js +19 -0
  12. package/dist/client/factors/device.js +94 -0
  13. package/dist/{factors → client/factors}/totp.js +12 -4
  14. package/dist/client/index.d.ts +47 -1
  15. package/dist/client/index.js +269 -232
  16. package/dist/client/runtime/mutex.js +24 -0
  17. package/dist/client/runtime/proxy.js +30 -0
  18. package/dist/client/runtime/storage.js +45 -0
  19. package/dist/client/services/adapters.js +7 -0
  20. package/dist/client/services/http.js +6 -0
  21. package/dist/client/services/resolve.js +13 -0
  22. package/dist/client/services/runtime.js +6 -0
  23. package/dist/component/_generated/component.d.ts +1355 -1399
  24. package/dist/component/convex.config.d.ts +2 -2
  25. package/dist/component/index.d.ts +4 -26
  26. package/dist/component/index.js +1 -1
  27. package/dist/component/model.d.ts +26 -112
  28. package/dist/component/model.js +76 -54
  29. package/dist/component/modules.js +38 -0
  30. package/dist/component/public/factors/devices.js +1 -1
  31. package/dist/component/public/factors/passkeys.js +1 -1
  32. package/dist/component/public/factors/totp.js +1 -1
  33. package/dist/component/public/groups/core.js +2 -2
  34. package/dist/component/public/groups/invites.js +1 -1
  35. package/dist/component/public/groups/members.js +1 -1
  36. package/dist/component/public/identity/accounts.js +1 -1
  37. package/dist/component/public/identity/codes.js +1 -1
  38. package/dist/component/public/identity/sessions.js +39 -2
  39. package/dist/component/public/identity/tokens.js +82 -4
  40. package/dist/component/public/identity/users.js +1 -1
  41. package/dist/component/public/identity/verifiers.js +10 -4
  42. package/dist/component/public/security/keys.js +1 -1
  43. package/dist/component/public/security/limits.js +1 -1
  44. package/dist/component/public/{enterprise → sso}/audit.js +26 -26
  45. package/dist/component/public/sso/core.js +263 -0
  46. package/dist/component/public/sso/domains.js +280 -0
  47. package/dist/component/public/{enterprise → sso}/scim.js +87 -87
  48. package/dist/component/public/sso/secrets.js +125 -0
  49. package/dist/component/public/{enterprise → sso}/webhooks.js +59 -59
  50. package/dist/component/public.js +9 -9
  51. package/dist/component/schema.d.ts +472 -393
  52. package/dist/component/schema.js +36 -35
  53. package/dist/core/index.d.ts +380 -0
  54. package/dist/core/index.js +83 -0
  55. package/dist/otel.d.ts +69 -0
  56. package/dist/otel.js +82 -0
  57. package/dist/providers/anonymous.d.ts +15 -34
  58. package/dist/providers/anonymous.js +27 -35
  59. package/dist/providers/apple.d.ts +59 -0
  60. package/dist/providers/apple.js +58 -0
  61. package/dist/providers/credentials.d.ts +18 -34
  62. package/dist/providers/credentials.js +16 -27
  63. package/dist/providers/custom.d.ts +94 -0
  64. package/dist/providers/custom.js +119 -0
  65. package/dist/providers/device.d.ts +15 -49
  66. package/dist/providers/device.js +17 -34
  67. package/dist/providers/email.d.ts +21 -38
  68. package/dist/providers/email.js +36 -55
  69. package/dist/providers/github.d.ts +54 -0
  70. package/dist/providers/github.js +75 -0
  71. package/dist/providers/google.d.ts +54 -0
  72. package/dist/providers/google.js +61 -0
  73. package/dist/providers/index.d.ts +16 -12
  74. package/dist/providers/index.js +15 -11
  75. package/dist/providers/microsoft.d.ts +57 -0
  76. package/dist/providers/microsoft.js +101 -0
  77. package/dist/providers/passkey.d.ts +19 -35
  78. package/dist/providers/passkey.js +20 -30
  79. package/dist/providers/password.d.ts +17 -18
  80. package/dist/providers/password.js +121 -143
  81. package/dist/providers/phone.d.ts +13 -28
  82. package/dist/providers/phone.js +21 -46
  83. package/dist/providers/sso.d.ts +16 -36
  84. package/dist/providers/sso.js +21 -22
  85. package/dist/providers/totp.d.ts +13 -29
  86. package/dist/providers/totp.js +17 -27
  87. package/dist/server/auth-context.d.ts +204 -0
  88. package/dist/server/auth-context.js +76 -0
  89. package/dist/server/auth.d.ts +99 -244
  90. package/dist/server/auth.js +56 -152
  91. package/dist/server/componentContext.d.ts +12 -0
  92. package/dist/server/componentContext.js +1 -0
  93. package/dist/server/config.js +6 -67
  94. package/dist/server/constants.js +6 -0
  95. package/dist/server/contract.d.ts +105 -0
  96. package/dist/server/contract.js +43 -0
  97. package/dist/server/cookies.js +3 -2
  98. package/dist/server/core.js +31 -36
  99. package/dist/server/crypto.js +34 -44
  100. package/dist/server/db.js +6 -1
  101. package/dist/server/device.js +96 -130
  102. package/dist/server/env.js +48 -0
  103. package/dist/server/errors.js +20 -0
  104. package/dist/server/http.d.ts +15 -59
  105. package/dist/server/http.js +136 -120
  106. package/dist/server/identity.js +2 -2
  107. package/dist/server/index.d.ts +5 -4
  108. package/dist/server/index.js +3 -3
  109. package/dist/server/keys.js +10 -1
  110. package/dist/server/limits.js +26 -26
  111. package/dist/server/log.js +28 -0
  112. package/dist/server/mounts.d.ts +1107 -296
  113. package/dist/server/mounts.js +315 -196
  114. package/dist/server/mutations/account.js +11 -14
  115. package/dist/server/mutations/code.js +6 -5
  116. package/dist/server/mutations/invalidate.js +9 -11
  117. package/dist/server/mutations/oauth.js +112 -73
  118. package/dist/server/mutations/refresh.js +47 -97
  119. package/dist/server/mutations/register.js +37 -35
  120. package/dist/server/mutations/retrieve.js +16 -16
  121. package/dist/server/mutations/signature.js +15 -18
  122. package/dist/server/mutations/signin.js +10 -5
  123. package/dist/server/mutations/signout.js +11 -14
  124. package/dist/server/mutations/store.js +25 -18
  125. package/dist/server/mutations/verifier.js +11 -8
  126. package/dist/server/mutations/verify.js +53 -41
  127. package/dist/server/oauth/factory.js +44 -0
  128. package/dist/server/oauth/index.js +12 -0
  129. package/dist/server/oauth/runtime.js +248 -0
  130. package/dist/server/passkey.js +331 -365
  131. package/dist/server/payloads.d.ts +16 -0
  132. package/dist/server/payloads.js +30 -0
  133. package/dist/server/{ssr.d.ts → prefetch.d.ts} +2 -2
  134. package/dist/server/prefetch.js +635 -0
  135. package/dist/server/random.js +19 -0
  136. package/dist/server/redirects.js +10 -5
  137. package/dist/server/refresh.js +14 -86
  138. package/dist/server/runtime.d.ts +531 -31
  139. package/dist/server/runtime.js +106 -267
  140. package/dist/server/secret.js +44 -0
  141. package/dist/server/services/config.js +10 -0
  142. package/dist/server/services/group.js +211 -0
  143. package/dist/server/services/logger.js +8 -0
  144. package/dist/server/services/providers.js +22 -0
  145. package/dist/server/services/refresh.js +8 -0
  146. package/dist/server/services/resolve.js +27 -0
  147. package/dist/server/services/signin.js +8 -0
  148. package/dist/server/sessions.js +35 -34
  149. package/dist/server/signin.js +229 -140
  150. package/dist/server/{enterprise → sso}/config.js +10 -3
  151. package/dist/server/sso/domain.d.ts +614 -0
  152. package/dist/server/sso/domain.js +1175 -0
  153. package/dist/server/sso/http.js +1060 -0
  154. package/dist/server/sso/oidc.js +324 -0
  155. package/dist/server/sso/policies.js +59 -0
  156. package/dist/server/sso/policy.js +139 -0
  157. package/dist/server/sso/profile.js +22 -0
  158. package/dist/server/sso/provision.js +179 -0
  159. package/dist/{component/server/enterprise → server/sso}/saml.js +142 -56
  160. package/dist/{component/server/enterprise → server/sso}/scim.js +13 -7
  161. package/dist/server/sso/shared.js +74 -0
  162. package/dist/server/sso/validators.js +88 -0
  163. package/dist/server/sso/webhook.js +94 -0
  164. package/dist/server/tokens.js +16 -4
  165. package/dist/server/totp.js +155 -164
  166. package/dist/server/types.d.ts +306 -296
  167. package/dist/server/types.js +1 -30
  168. package/dist/server/url.js +32 -0
  169. package/dist/server/users.js +74 -40
  170. package/dist/server/utils/cache.js +51 -0
  171. package/dist/server/utils/dispatch.js +36 -0
  172. package/dist/server/utils/retry.js +24 -0
  173. package/dist/server/utils/span.js +32 -0
  174. package/dist/shared/errors.js +19 -0
  175. package/dist/shared/log.js +45 -0
  176. package/{src/test.ts → dist/test.d.ts} +21 -22
  177. package/dist/test.js +51 -0
  178. package/package.json +70 -42
  179. package/dist/authorization/index.d.ts.map +0 -1
  180. package/dist/authorization/index.js.map +0 -1
  181. package/dist/client/core/types.d.ts.map +0 -1
  182. package/dist/client/index.d.ts.map +0 -1
  183. package/dist/client/index.js.map +0 -1
  184. package/dist/component/_generated/api.d.ts +0 -75
  185. package/dist/component/_generated/api.d.ts.map +0 -1
  186. package/dist/component/_generated/api.js.map +0 -1
  187. package/dist/component/_generated/component.d.ts.map +0 -1
  188. package/dist/component/_generated/dataModel.d.ts +0 -42
  189. package/dist/component/_generated/dataModel.d.ts.map +0 -1
  190. package/dist/component/_generated/server.d.ts +0 -117
  191. package/dist/component/_generated/server.d.ts.map +0 -1
  192. package/dist/component/_generated/server.js.map +0 -1
  193. package/dist/component/_virtual/rolldown_runtime.js +0 -18
  194. package/dist/component/client/core/types.d.ts +0 -2
  195. package/dist/component/client/index.d.ts +0 -1
  196. package/dist/component/convex.config.d.ts.map +0 -1
  197. package/dist/component/convex.config.js.map +0 -1
  198. package/dist/component/functions.d.ts +0 -25
  199. package/dist/component/functions.d.ts.map +0 -1
  200. package/dist/component/functions.js.map +0 -1
  201. package/dist/component/index.d.ts.map +0 -1
  202. package/dist/component/model.d.ts.map +0 -1
  203. package/dist/component/model.js.map +0 -1
  204. package/dist/component/providers/anonymous.d.ts +0 -54
  205. package/dist/component/providers/anonymous.d.ts.map +0 -1
  206. package/dist/component/providers/credentials.d.ts +0 -38
  207. package/dist/component/providers/credentials.d.ts.map +0 -1
  208. package/dist/component/providers/device.d.ts +0 -67
  209. package/dist/component/providers/device.d.ts.map +0 -1
  210. package/dist/component/providers/email.d.ts +0 -62
  211. package/dist/component/providers/email.d.ts.map +0 -1
  212. package/dist/component/providers/oauth.d.ts +0 -25
  213. package/dist/component/providers/oauth.d.ts.map +0 -1
  214. package/dist/component/providers/oauth.js +0 -13
  215. package/dist/component/providers/oauth.js.map +0 -1
  216. package/dist/component/providers/passkey.d.ts +0 -57
  217. package/dist/component/providers/passkey.d.ts.map +0 -1
  218. package/dist/component/providers/password.d.ts +0 -88
  219. package/dist/component/providers/password.d.ts.map +0 -1
  220. package/dist/component/providers/phone.d.ts +0 -48
  221. package/dist/component/providers/phone.d.ts.map +0 -1
  222. package/dist/component/providers/sso.d.ts +0 -50
  223. package/dist/component/providers/sso.d.ts.map +0 -1
  224. package/dist/component/providers/totp.d.ts +0 -45
  225. package/dist/component/providers/totp.d.ts.map +0 -1
  226. package/dist/component/public/enterprise/audit.d.ts +0 -73
  227. package/dist/component/public/enterprise/audit.d.ts.map +0 -1
  228. package/dist/component/public/enterprise/audit.js.map +0 -1
  229. package/dist/component/public/enterprise/core.d.ts +0 -176
  230. package/dist/component/public/enterprise/core.d.ts.map +0 -1
  231. package/dist/component/public/enterprise/core.js +0 -292
  232. package/dist/component/public/enterprise/core.js.map +0 -1
  233. package/dist/component/public/enterprise/domains.d.ts +0 -174
  234. package/dist/component/public/enterprise/domains.d.ts.map +0 -1
  235. package/dist/component/public/enterprise/domains.js +0 -271
  236. package/dist/component/public/enterprise/domains.js.map +0 -1
  237. package/dist/component/public/enterprise/scim.d.ts +0 -245
  238. package/dist/component/public/enterprise/scim.d.ts.map +0 -1
  239. package/dist/component/public/enterprise/scim.js.map +0 -1
  240. package/dist/component/public/enterprise/secrets.d.ts +0 -78
  241. package/dist/component/public/enterprise/secrets.d.ts.map +0 -1
  242. package/dist/component/public/enterprise/secrets.js +0 -118
  243. package/dist/component/public/enterprise/secrets.js.map +0 -1
  244. package/dist/component/public/enterprise/webhooks.d.ts +0 -211
  245. package/dist/component/public/enterprise/webhooks.d.ts.map +0 -1
  246. package/dist/component/public/enterprise/webhooks.js.map +0 -1
  247. package/dist/component/public/factors/devices.d.ts +0 -157
  248. package/dist/component/public/factors/devices.d.ts.map +0 -1
  249. package/dist/component/public/factors/devices.js.map +0 -1
  250. package/dist/component/public/factors/passkeys.d.ts +0 -175
  251. package/dist/component/public/factors/passkeys.d.ts.map +0 -1
  252. package/dist/component/public/factors/passkeys.js.map +0 -1
  253. package/dist/component/public/factors/totp.d.ts +0 -189
  254. package/dist/component/public/factors/totp.d.ts.map +0 -1
  255. package/dist/component/public/factors/totp.js.map +0 -1
  256. package/dist/component/public/groups/core.d.ts +0 -137
  257. package/dist/component/public/groups/core.d.ts.map +0 -1
  258. package/dist/component/public/groups/core.js.map +0 -1
  259. package/dist/component/public/groups/invites.d.ts +0 -217
  260. package/dist/component/public/groups/invites.d.ts.map +0 -1
  261. package/dist/component/public/groups/invites.js.map +0 -1
  262. package/dist/component/public/groups/members.d.ts +0 -204
  263. package/dist/component/public/groups/members.d.ts.map +0 -1
  264. package/dist/component/public/groups/members.js.map +0 -1
  265. package/dist/component/public/identity/accounts.d.ts +0 -147
  266. package/dist/component/public/identity/accounts.d.ts.map +0 -1
  267. package/dist/component/public/identity/accounts.js.map +0 -1
  268. package/dist/component/public/identity/codes.d.ts +0 -104
  269. package/dist/component/public/identity/codes.d.ts.map +0 -1
  270. package/dist/component/public/identity/codes.js.map +0 -1
  271. package/dist/component/public/identity/sessions.d.ts +0 -128
  272. package/dist/component/public/identity/sessions.d.ts.map +0 -1
  273. package/dist/component/public/identity/sessions.js.map +0 -1
  274. package/dist/component/public/identity/tokens.d.ts +0 -169
  275. package/dist/component/public/identity/tokens.d.ts.map +0 -1
  276. package/dist/component/public/identity/tokens.js.map +0 -1
  277. package/dist/component/public/identity/users.d.ts +0 -212
  278. package/dist/component/public/identity/users.d.ts.map +0 -1
  279. package/dist/component/public/identity/users.js.map +0 -1
  280. package/dist/component/public/identity/verifiers.d.ts +0 -116
  281. package/dist/component/public/identity/verifiers.d.ts.map +0 -1
  282. package/dist/component/public/identity/verifiers.js.map +0 -1
  283. package/dist/component/public/security/keys.d.ts +0 -209
  284. package/dist/component/public/security/keys.d.ts.map +0 -1
  285. package/dist/component/public/security/keys.js.map +0 -1
  286. package/dist/component/public/security/limits.d.ts +0 -114
  287. package/dist/component/public/security/limits.d.ts.map +0 -1
  288. package/dist/component/public/security/limits.js.map +0 -1
  289. package/dist/component/public.d.ts +0 -28
  290. package/dist/component/public.d.ts.map +0 -1
  291. package/dist/component/schema.d.ts.map +0 -1
  292. package/dist/component/schema.js.map +0 -1
  293. package/dist/component/server/auth.d.ts +0 -447
  294. package/dist/component/server/auth.d.ts.map +0 -1
  295. package/dist/component/server/auth.js +0 -254
  296. package/dist/component/server/auth.js.map +0 -1
  297. package/dist/component/server/config.js +0 -121
  298. package/dist/component/server/config.js.map +0 -1
  299. package/dist/component/server/context.js +0 -53
  300. package/dist/component/server/context.js.map +0 -1
  301. package/dist/component/server/cookies.js +0 -47
  302. package/dist/component/server/cookies.js.map +0 -1
  303. package/dist/component/server/core.js +0 -576
  304. package/dist/component/server/core.js.map +0 -1
  305. package/dist/component/server/crypto.js +0 -56
  306. package/dist/component/server/crypto.js.map +0 -1
  307. package/dist/component/server/db.js +0 -87
  308. package/dist/component/server/db.js.map +0 -1
  309. package/dist/component/server/device.js +0 -152
  310. package/dist/component/server/device.js.map +0 -1
  311. package/dist/component/server/enterprise/config.js +0 -46
  312. package/dist/component/server/enterprise/config.js.map +0 -1
  313. package/dist/component/server/enterprise/domain.js +0 -974
  314. package/dist/component/server/enterprise/domain.js.map +0 -1
  315. package/dist/component/server/enterprise/http.js +0 -787
  316. package/dist/component/server/enterprise/http.js.map +0 -1
  317. package/dist/component/server/enterprise/oidc.js +0 -248
  318. package/dist/component/server/enterprise/oidc.js.map +0 -1
  319. package/dist/component/server/enterprise/policy.js +0 -85
  320. package/dist/component/server/enterprise/policy.js.map +0 -1
  321. package/dist/component/server/enterprise/saml.js.map +0 -1
  322. package/dist/component/server/enterprise/scim.js.map +0 -1
  323. package/dist/component/server/enterprise/shared.js +0 -51
  324. package/dist/component/server/enterprise/shared.js.map +0 -1
  325. package/dist/component/server/http.d.ts +0 -85
  326. package/dist/component/server/http.d.ts.map +0 -1
  327. package/dist/component/server/http.js +0 -351
  328. package/dist/component/server/http.js.map +0 -1
  329. package/dist/component/server/identity.js +0 -16
  330. package/dist/component/server/identity.js.map +0 -1
  331. package/dist/component/server/keys.js +0 -96
  332. package/dist/component/server/keys.js.map +0 -1
  333. package/dist/component/server/limits.js +0 -52
  334. package/dist/component/server/limits.js.map +0 -1
  335. package/dist/component/server/mutations/account.js +0 -46
  336. package/dist/component/server/mutations/account.js.map +0 -1
  337. package/dist/component/server/mutations/code.js +0 -68
  338. package/dist/component/server/mutations/code.js.map +0 -1
  339. package/dist/component/server/mutations/invalidate.js +0 -32
  340. package/dist/component/server/mutations/invalidate.js.map +0 -1
  341. package/dist/component/server/mutations/oauth.js +0 -116
  342. package/dist/component/server/mutations/oauth.js.map +0 -1
  343. package/dist/component/server/mutations/refresh.js +0 -119
  344. package/dist/component/server/mutations/refresh.js.map +0 -1
  345. package/dist/component/server/mutations/register.js +0 -87
  346. package/dist/component/server/mutations/register.js.map +0 -1
  347. package/dist/component/server/mutations/retrieve.js +0 -61
  348. package/dist/component/server/mutations/retrieve.js.map +0 -1
  349. package/dist/component/server/mutations/signature.js +0 -38
  350. package/dist/component/server/mutations/signature.js.map +0 -1
  351. package/dist/component/server/mutations/signin.js +0 -27
  352. package/dist/component/server/mutations/signin.js.map +0 -1
  353. package/dist/component/server/mutations/signout.js +0 -27
  354. package/dist/component/server/mutations/signout.js.map +0 -1
  355. package/dist/component/server/mutations/store/refs.js +0 -15
  356. package/dist/component/server/mutations/store/refs.js.map +0 -1
  357. package/dist/component/server/mutations/store.js +0 -70
  358. package/dist/component/server/mutations/store.js.map +0 -1
  359. package/dist/component/server/mutations/verifier.js +0 -18
  360. package/dist/component/server/mutations/verifier.js.map +0 -1
  361. package/dist/component/server/mutations/verify.js +0 -98
  362. package/dist/component/server/mutations/verify.js.map +0 -1
  363. package/dist/component/server/oauth.js +0 -242
  364. package/dist/component/server/oauth.js.map +0 -1
  365. package/dist/component/server/passkey.js +0 -415
  366. package/dist/component/server/passkey.js.map +0 -1
  367. package/dist/component/server/redirects.js +0 -40
  368. package/dist/component/server/redirects.js.map +0 -1
  369. package/dist/component/server/refresh.js +0 -99
  370. package/dist/component/server/refresh.js.map +0 -1
  371. package/dist/component/server/runtime.d.ts +0 -136
  372. package/dist/component/server/runtime.d.ts.map +0 -1
  373. package/dist/component/server/runtime.js +0 -456
  374. package/dist/component/server/runtime.js.map +0 -1
  375. package/dist/component/server/sessions.js +0 -71
  376. package/dist/component/server/sessions.js.map +0 -1
  377. package/dist/component/server/signin.js +0 -225
  378. package/dist/component/server/signin.js.map +0 -1
  379. package/dist/component/server/tokens.js +0 -17
  380. package/dist/component/server/tokens.js.map +0 -1
  381. package/dist/component/server/totp.js +0 -208
  382. package/dist/component/server/totp.js.map +0 -1
  383. package/dist/component/server/types.d.ts +0 -949
  384. package/dist/component/server/types.d.ts.map +0 -1
  385. package/dist/component/server/types.js +0 -79
  386. package/dist/component/server/types.js.map +0 -1
  387. package/dist/component/server/users.js +0 -123
  388. package/dist/component/server/users.js.map +0 -1
  389. package/dist/component/server/utils.js +0 -140
  390. package/dist/component/server/utils.js.map +0 -1
  391. package/dist/core/types.d.ts +0 -361
  392. package/dist/core/types.d.ts.map +0 -1
  393. package/dist/factors/device.js +0 -104
  394. package/dist/factors/device.js.map +0 -1
  395. package/dist/factors/passkey.js.map +0 -1
  396. package/dist/factors/totp.js.map +0 -1
  397. package/dist/providers/anonymous.d.ts.map +0 -1
  398. package/dist/providers/anonymous.js.map +0 -1
  399. package/dist/providers/credentials.d.ts.map +0 -1
  400. package/dist/providers/credentials.js.map +0 -1
  401. package/dist/providers/device.d.ts.map +0 -1
  402. package/dist/providers/device.js.map +0 -1
  403. package/dist/providers/email.d.ts.map +0 -1
  404. package/dist/providers/email.js.map +0 -1
  405. package/dist/providers/oauth.d.ts +0 -69
  406. package/dist/providers/oauth.d.ts.map +0 -1
  407. package/dist/providers/oauth.js +0 -43
  408. package/dist/providers/oauth.js.map +0 -1
  409. package/dist/providers/passkey.d.ts.map +0 -1
  410. package/dist/providers/passkey.js.map +0 -1
  411. package/dist/providers/password.d.ts.map +0 -1
  412. package/dist/providers/password.js.map +0 -1
  413. package/dist/providers/phone.d.ts.map +0 -1
  414. package/dist/providers/phone.js.map +0 -1
  415. package/dist/providers/sso.d.ts.map +0 -1
  416. package/dist/providers/sso.js.map +0 -1
  417. package/dist/providers/totp.d.ts.map +0 -1
  418. package/dist/providers/totp.js.map +0 -1
  419. package/dist/runtime/browser.js +0 -68
  420. package/dist/runtime/browser.js.map +0 -1
  421. package/dist/runtime/invite.js.map +0 -1
  422. package/dist/runtime/proxy.js +0 -70
  423. package/dist/runtime/proxy.js.map +0 -1
  424. package/dist/runtime/storage.js +0 -37
  425. package/dist/runtime/storage.js.map +0 -1
  426. package/dist/server/auth.d.ts.map +0 -1
  427. package/dist/server/auth.js.map +0 -1
  428. package/dist/server/config.d.ts +0 -1
  429. package/dist/server/config.js.map +0 -1
  430. package/dist/server/context.d.ts +0 -1
  431. package/dist/server/context.js.map +0 -1
  432. package/dist/server/cookies.d.ts +0 -1
  433. package/dist/server/cookies.js.map +0 -1
  434. package/dist/server/core.d.ts +0 -1315
  435. package/dist/server/core.d.ts.map +0 -1
  436. package/dist/server/core.js.map +0 -1
  437. package/dist/server/crypto.d.ts +0 -8
  438. package/dist/server/crypto.d.ts.map +0 -1
  439. package/dist/server/crypto.js.map +0 -1
  440. package/dist/server/db.d.ts +0 -1
  441. package/dist/server/db.js.map +0 -1
  442. package/dist/server/device.d.ts +0 -1
  443. package/dist/server/device.js.map +0 -1
  444. package/dist/server/enterprise/config.d.ts +0 -1
  445. package/dist/server/enterprise/config.js.map +0 -1
  446. package/dist/server/enterprise/domain.d.ts +0 -401
  447. package/dist/server/enterprise/domain.d.ts.map +0 -1
  448. package/dist/server/enterprise/domain.js +0 -974
  449. package/dist/server/enterprise/domain.js.map +0 -1
  450. package/dist/server/enterprise/http.d.ts +0 -26
  451. package/dist/server/enterprise/http.d.ts.map +0 -1
  452. package/dist/server/enterprise/http.js +0 -787
  453. package/dist/server/enterprise/http.js.map +0 -1
  454. package/dist/server/enterprise/oidc.d.ts +0 -1
  455. package/dist/server/enterprise/oidc.js +0 -248
  456. package/dist/server/enterprise/oidc.js.map +0 -1
  457. package/dist/server/enterprise/policy.d.ts +0 -1
  458. package/dist/server/enterprise/policy.js +0 -85
  459. package/dist/server/enterprise/policy.js.map +0 -1
  460. package/dist/server/enterprise/saml.d.ts +0 -1
  461. package/dist/server/enterprise/saml.js +0 -338
  462. package/dist/server/enterprise/saml.js.map +0 -1
  463. package/dist/server/enterprise/scim.d.ts +0 -1
  464. package/dist/server/enterprise/scim.js +0 -97
  465. package/dist/server/enterprise/scim.js.map +0 -1
  466. package/dist/server/enterprise/shared.d.ts +0 -5
  467. package/dist/server/enterprise/shared.d.ts.map +0 -1
  468. package/dist/server/enterprise/shared.js +0 -51
  469. package/dist/server/enterprise/shared.js.map +0 -1
  470. package/dist/server/enterprise/validators.d.ts +0 -1
  471. package/dist/server/enterprise/validators.js +0 -60
  472. package/dist/server/enterprise/validators.js.map +0 -1
  473. package/dist/server/http.d.ts.map +0 -1
  474. package/dist/server/http.js.map +0 -1
  475. package/dist/server/identity.d.ts +0 -1
  476. package/dist/server/identity.js.map +0 -1
  477. package/dist/server/keys.d.ts +0 -1
  478. package/dist/server/keys.js.map +0 -1
  479. package/dist/server/limits.d.ts +0 -1
  480. package/dist/server/limits.js.map +0 -1
  481. package/dist/server/mounts.d.ts.map +0 -1
  482. package/dist/server/mounts.js.map +0 -1
  483. package/dist/server/mutations/account.d.ts +0 -29
  484. package/dist/server/mutations/account.d.ts.map +0 -1
  485. package/dist/server/mutations/account.js.map +0 -1
  486. package/dist/server/mutations/code.d.ts +0 -30
  487. package/dist/server/mutations/code.d.ts.map +0 -1
  488. package/dist/server/mutations/code.js.map +0 -1
  489. package/dist/server/mutations/index.d.ts +0 -14
  490. package/dist/server/mutations/invalidate.d.ts +0 -20
  491. package/dist/server/mutations/invalidate.d.ts.map +0 -1
  492. package/dist/server/mutations/invalidate.js.map +0 -1
  493. package/dist/server/mutations/oauth.d.ts +0 -30
  494. package/dist/server/mutations/oauth.d.ts.map +0 -1
  495. package/dist/server/mutations/oauth.js.map +0 -1
  496. package/dist/server/mutations/refresh.d.ts +0 -21
  497. package/dist/server/mutations/refresh.d.ts.map +0 -1
  498. package/dist/server/mutations/refresh.js.map +0 -1
  499. package/dist/server/mutations/register.d.ts +0 -38
  500. package/dist/server/mutations/register.d.ts.map +0 -1
  501. package/dist/server/mutations/register.js.map +0 -1
  502. package/dist/server/mutations/retrieve.d.ts +0 -33
  503. package/dist/server/mutations/retrieve.d.ts.map +0 -1
  504. package/dist/server/mutations/retrieve.js.map +0 -1
  505. package/dist/server/mutations/signature.d.ts +0 -21
  506. package/dist/server/mutations/signature.d.ts.map +0 -1
  507. package/dist/server/mutations/signature.js.map +0 -1
  508. package/dist/server/mutations/signin.d.ts +0 -22
  509. package/dist/server/mutations/signin.d.ts.map +0 -1
  510. package/dist/server/mutations/signin.js.map +0 -1
  511. package/dist/server/mutations/signout.d.ts +0 -16
  512. package/dist/server/mutations/signout.d.ts.map +0 -1
  513. package/dist/server/mutations/signout.js.map +0 -1
  514. package/dist/server/mutations/store/refs.d.ts +0 -12
  515. package/dist/server/mutations/store/refs.d.ts.map +0 -1
  516. package/dist/server/mutations/store/refs.js.map +0 -1
  517. package/dist/server/mutations/store.d.ts +0 -306
  518. package/dist/server/mutations/store.d.ts.map +0 -1
  519. package/dist/server/mutations/store.js.map +0 -1
  520. package/dist/server/mutations/verifier.d.ts +0 -13
  521. package/dist/server/mutations/verifier.d.ts.map +0 -1
  522. package/dist/server/mutations/verifier.js.map +0 -1
  523. package/dist/server/mutations/verify.d.ts +0 -26
  524. package/dist/server/mutations/verify.d.ts.map +0 -1
  525. package/dist/server/mutations/verify.js.map +0 -1
  526. package/dist/server/oauth.d.ts +0 -1
  527. package/dist/server/oauth.js +0 -242
  528. package/dist/server/oauth.js.map +0 -1
  529. package/dist/server/passkey.d.ts +0 -27
  530. package/dist/server/passkey.d.ts.map +0 -1
  531. package/dist/server/passkey.js.map +0 -1
  532. package/dist/server/redirects.d.ts +0 -1
  533. package/dist/server/redirects.js.map +0 -1
  534. package/dist/server/refresh.d.ts +0 -1
  535. package/dist/server/refresh.js.map +0 -1
  536. package/dist/server/runtime.d.ts.map +0 -1
  537. package/dist/server/runtime.js.map +0 -1
  538. package/dist/server/sessions.d.ts +0 -1
  539. package/dist/server/sessions.js.map +0 -1
  540. package/dist/server/signin.d.ts +0 -1
  541. package/dist/server/signin.js.map +0 -1
  542. package/dist/server/ssr.d.ts.map +0 -1
  543. package/dist/server/ssr.js +0 -777
  544. package/dist/server/ssr.js.map +0 -1
  545. package/dist/server/templates.d.ts +0 -1
  546. package/dist/server/templates.js.map +0 -1
  547. package/dist/server/tokens.d.ts +0 -1
  548. package/dist/server/tokens.js.map +0 -1
  549. package/dist/server/totp.d.ts +0 -1
  550. package/dist/server/totp.js.map +0 -1
  551. package/dist/server/types.d.ts.map +0 -1
  552. package/dist/server/types.js.map +0 -1
  553. package/dist/server/users.d.ts +0 -1
  554. package/dist/server/users.js.map +0 -1
  555. package/dist/server/utils.d.ts +0 -1
  556. package/dist/server/utils.js +0 -140
  557. package/dist/server/utils.js.map +0 -1
  558. package/src/authorization/index.ts +0 -83
  559. package/src/cli/bin.ts +0 -5
  560. package/src/cli/command.ts +0 -70
  561. package/src/cli/index.ts +0 -1112
  562. package/src/cli/keys.ts +0 -23
  563. package/src/client/core/types.ts +0 -437
  564. package/src/client/factors/device.ts +0 -158
  565. package/src/client/factors/passkey.ts +0 -279
  566. package/src/client/factors/totp.ts +0 -150
  567. package/src/client/index.ts +0 -1124
  568. package/src/client/runtime/browser.ts +0 -112
  569. package/src/client/runtime/invite.ts +0 -63
  570. package/src/client/runtime/proxy.ts +0 -111
  571. package/src/client/runtime/storage.ts +0 -79
  572. package/src/component/_generated/api.ts +0 -96
  573. package/src/component/_generated/component.ts +0 -3774
  574. package/src/component/_generated/dataModel.ts +0 -60
  575. package/src/component/_generated/server.ts +0 -156
  576. package/src/component/convex.config.ts +0 -5
  577. package/src/component/functions.ts +0 -104
  578. package/src/component/index.ts +0 -42
  579. package/src/component/model.ts +0 -449
  580. package/src/component/public/enterprise/audit.ts +0 -125
  581. package/src/component/public/enterprise/core.ts +0 -355
  582. package/src/component/public/enterprise/domains.ts +0 -327
  583. package/src/component/public/enterprise/scim.ts +0 -397
  584. package/src/component/public/enterprise/secrets.ts +0 -133
  585. package/src/component/public/enterprise/webhooks.ts +0 -307
  586. package/src/component/public/factors/devices.ts +0 -224
  587. package/src/component/public/factors/passkeys.ts +0 -243
  588. package/src/component/public/factors/totp.ts +0 -259
  589. package/src/component/public/groups/core.ts +0 -481
  590. package/src/component/public/groups/invites.ts +0 -608
  591. package/src/component/public/groups/members.ts +0 -410
  592. package/src/component/public/identity/accounts.ts +0 -207
  593. package/src/component/public/identity/codes.ts +0 -149
  594. package/src/component/public/identity/sessions.ts +0 -210
  595. package/src/component/public/identity/tokens.ts +0 -251
  596. package/src/component/public/identity/users.ts +0 -355
  597. package/src/component/public/identity/verifiers.ts +0 -158
  598. package/src/component/public/security/keys.ts +0 -366
  599. package/src/component/public/security/limits.ts +0 -174
  600. package/src/component/public.ts +0 -27
  601. package/src/component/schema.ts +0 -505
  602. package/src/providers/anonymous.ts +0 -99
  603. package/src/providers/credentials.ts +0 -102
  604. package/src/providers/device.ts +0 -87
  605. package/src/providers/email.ts +0 -99
  606. package/src/providers/index.ts +0 -31
  607. package/src/providers/oauth.ts +0 -117
  608. package/src/providers/passkey.ts +0 -77
  609. package/src/providers/password.ts +0 -441
  610. package/src/providers/phone.ts +0 -93
  611. package/src/providers/sso.ts +0 -54
  612. package/src/providers/totp.ts +0 -62
  613. package/src/samlify.d.ts +0 -53
  614. package/src/server/auth.ts +0 -949
  615. package/src/server/config.ts +0 -200
  616. package/src/server/context.ts +0 -90
  617. package/src/server/cookies.ts +0 -49
  618. package/src/server/core.ts +0 -2004
  619. package/src/server/crypto.ts +0 -90
  620. package/src/server/db.ts +0 -203
  621. package/src/server/device.ts +0 -254
  622. package/src/server/enterprise/config.ts +0 -51
  623. package/src/server/enterprise/domain.ts +0 -1739
  624. package/src/server/enterprise/http.ts +0 -1331
  625. package/src/server/enterprise/oidc.ts +0 -500
  626. package/src/server/enterprise/policy.ts +0 -128
  627. package/src/server/enterprise/saml.ts +0 -578
  628. package/src/server/enterprise/scim.ts +0 -135
  629. package/src/server/enterprise/shared.ts +0 -134
  630. package/src/server/enterprise/validators.ts +0 -93
  631. package/src/server/http.ts +0 -790
  632. package/src/server/identity.ts +0 -18
  633. package/src/server/index.ts +0 -40
  634. package/src/server/keys.ts +0 -158
  635. package/src/server/limits.ts +0 -107
  636. package/src/server/mounts.ts +0 -924
  637. package/src/server/mutations/account.ts +0 -62
  638. package/src/server/mutations/code.ts +0 -119
  639. package/src/server/mutations/index.ts +0 -13
  640. package/src/server/mutations/invalidate.ts +0 -50
  641. package/src/server/mutations/oauth.ts +0 -243
  642. package/src/server/mutations/refresh.ts +0 -299
  643. package/src/server/mutations/register.ts +0 -155
  644. package/src/server/mutations/retrieve.ts +0 -109
  645. package/src/server/mutations/signature.ts +0 -57
  646. package/src/server/mutations/signin.ts +0 -54
  647. package/src/server/mutations/signout.ts +0 -43
  648. package/src/server/mutations/store/refs.ts +0 -10
  649. package/src/server/mutations/store.ts +0 -123
  650. package/src/server/mutations/verifier.ts +0 -34
  651. package/src/server/mutations/verify.ts +0 -200
  652. package/src/server/oauth.ts +0 -418
  653. package/src/server/passkey.ts +0 -838
  654. package/src/server/redirects.ts +0 -59
  655. package/src/server/refresh.ts +0 -218
  656. package/src/server/runtime.ts +0 -918
  657. package/src/server/sessions.ts +0 -132
  658. package/src/server/signin.ts +0 -445
  659. package/src/server/ssr.ts +0 -1747
  660. package/src/server/templates.ts +0 -82
  661. package/src/server/tokens.ts +0 -35
  662. package/src/server/totp.ts +0 -399
  663. package/src/server/types.ts +0 -1942
  664. package/src/server/users.ts +0 -291
  665. package/src/server/utils.ts +0 -220
  666. /package/dist/{runtime → client/runtime}/invite.js +0 -0
@@ -1,6 +1,11 @@
1
- import { ConvexAuthConfig, Doc, SessionInfo } from "./types.js";
2
- import * as convex_server0 from "convex/server";
3
- import * as convex_values0 from "convex/values";
1
+ import { ComponentCtx, ComponentReadCtx } from "./componentContext.js";
2
+ import { AuthProviderConfig, ConvexAuthConfig, CorsConfig, HttpKeyContext, KeyDoc, KeyScope, ScopeChecker, UserOrderBy, UserWhere } from "./types.js";
3
+ import { AuthProfile, SignInParams } from "./payloads.js";
4
+ import { HttpAuthContext, HttpAuthContextConfig, OptionalHttpAuthContext } from "./http.js";
5
+ import { createGroupConnectionDomain } from "./sso/domain.js";
6
+ import * as convex_values1133 from "convex/values";
7
+ import * as convex_server106 from "convex/server";
8
+ import { GenericActionCtx, GenericDataModel, HttpRouter } from "convex/server";
4
9
 
5
10
  //#region src/server/runtime.d.ts
6
11
  /**
@@ -25,28 +30,520 @@ declare function Auth(config_: ConvexAuthConfig): {
25
30
  /**
26
31
  * Helper for configuring HTTP actions.
27
32
  */
28
- auth: any;
33
+ auth: {
34
+ user: {
35
+ get: (ctx: ComponentReadCtx, userId: string) => Promise<any>;
36
+ list: (ctx: ComponentReadCtx, opts?: {
37
+ where?: UserWhere;
38
+ limit?: number;
39
+ cursor?: string | null;
40
+ orderBy?: UserOrderBy;
41
+ order?: "asc" | "desc";
42
+ }) => Promise<any>;
43
+ viewer: (ctx: ComponentReadCtx & {
44
+ auth: convex_server106.Auth;
45
+ }) => Promise<any>;
46
+ update: (ctx: ComponentCtx, userId: string, data: Record<string, unknown>) => Promise<{
47
+ userId: string;
48
+ }>;
49
+ setActiveGroup: (ctx: ComponentCtx, opts: {
50
+ userId: string;
51
+ groupId: string | null;
52
+ }) => Promise<{
53
+ userId: string;
54
+ groupId: null;
55
+ } | {
56
+ userId: string;
57
+ groupId: string;
58
+ }>;
59
+ getActiveGroup: (ctx: ComponentReadCtx, opts: {
60
+ userId: string;
61
+ }) => Promise<string | null>;
62
+ delete: (ctx: ComponentCtx, userId: string, opts?: {
63
+ cascade?: boolean;
64
+ }) => Promise<{
65
+ userId: string;
66
+ }>;
67
+ };
68
+ session: {
69
+ current: (ctx: {
70
+ auth: convex_server106.Auth;
71
+ }) => Promise<convex_values1133.GenericId<"Session"> | null>;
72
+ invalidate: <DataModel extends GenericDataModel>(ctx: GenericActionCtx<DataModel>, args: {
73
+ userId: convex_values1133.GenericId<"User">;
74
+ except?: convex_values1133.GenericId<"Session">[];
75
+ }) => Promise<{
76
+ userId: convex_values1133.GenericId<"User">;
77
+ except: convex_values1133.GenericId<"Session">[];
78
+ }>;
79
+ get: (ctx: ComponentReadCtx, sessionId: string) => Promise<any>;
80
+ list: (ctx: ComponentReadCtx, opts: {
81
+ userId: string;
82
+ }) => Promise<any>;
83
+ };
84
+ account: {
85
+ create: <DataModel extends GenericDataModel>(ctx: GenericActionCtx<DataModel>, args: {
86
+ provider: string;
87
+ account: {
88
+ id: string;
89
+ secret?: string;
90
+ };
91
+ profile: AuthProfile;
92
+ shouldLinkViaEmail?: boolean;
93
+ shouldLinkViaPhone?: boolean;
94
+ }) => Promise<{
95
+ account: {
96
+ _id: string;
97
+ userId: string;
98
+ secret?: string | null;
99
+ };
100
+ user: Record<string, unknown>;
101
+ }>;
102
+ get: <DataModel extends GenericDataModel>(ctx: GenericActionCtx<DataModel>, args: {
103
+ provider: string;
104
+ account: {
105
+ id: string;
106
+ secret?: string;
107
+ };
108
+ }) => Promise<{
109
+ account: {
110
+ _id: string;
111
+ userId: string;
112
+ secret?: string | null;
113
+ };
114
+ user: Record<string, unknown>;
115
+ } | null>;
116
+ update: <DataModel extends GenericDataModel>(ctx: GenericActionCtx<DataModel>, args: {
117
+ provider: string;
118
+ account: {
119
+ id: string;
120
+ secret: string;
121
+ };
122
+ }) => Promise<{
123
+ accountId: string;
124
+ }>;
125
+ delete: (ctx: ComponentCtx, accountId: string) => Promise<{
126
+ accountId: string;
127
+ }>;
128
+ listPasskeys: (ctx: ComponentReadCtx, opts: {
129
+ userId: string;
130
+ }) => Promise<any>;
131
+ renamePasskey: (ctx: ComponentCtx, passkeyId: string, name: string) => Promise<{
132
+ passkeyId: string;
133
+ }>;
134
+ deletePasskey: (ctx: ComponentCtx, passkeyId: string) => Promise<{
135
+ passkeyId: string;
136
+ }>;
137
+ listTotps: (ctx: ComponentReadCtx, opts: {
138
+ userId: string;
139
+ }) => Promise<any>;
140
+ deleteTotp: (ctx: ComponentCtx, totpId: string) => Promise<{
141
+ totpId: string;
142
+ }>;
143
+ };
144
+ provider: {
145
+ signIn: (<DataModel extends GenericDataModel>(ctx: GenericActionCtx<DataModel>, providerConfig: AuthProviderConfig, args: {
146
+ accountId?: convex_values1133.GenericId<"Account">;
147
+ params?: SignInParams;
148
+ }) => Promise<{
149
+ userId: string;
150
+ sessionId: string;
151
+ } | null>) | undefined;
152
+ };
153
+ group: {
154
+ create: (ctx: ComponentCtx, data: {
155
+ name: string;
156
+ slug?: string;
157
+ type?: string;
158
+ parentGroupId?: string;
159
+ tags?: Array<{
160
+ key: string;
161
+ value: string;
162
+ }>;
163
+ extend?: Record<string, unknown>;
164
+ }) => Promise<{
165
+ groupId: string;
166
+ }>;
167
+ get: (ctx: ComponentReadCtx, groupId: string) => Promise<any>;
168
+ list: (ctx: ComponentReadCtx, opts?: {
169
+ where?: {
170
+ slug?: string;
171
+ type?: string;
172
+ parentGroupId?: string;
173
+ name?: string;
174
+ isRoot?: boolean;
175
+ tagsAll?: Array<{
176
+ key: string;
177
+ value: string;
178
+ }>;
179
+ tagsAny?: Array<{
180
+ key: string;
181
+ value: string;
182
+ }>;
183
+ };
184
+ limit?: number;
185
+ cursor?: string | null;
186
+ orderBy?: "_creationTime" | "name" | "slug" | "type";
187
+ order?: "asc" | "desc";
188
+ }) => Promise<any>;
189
+ update: (ctx: ComponentCtx, groupId: string, data: Record<string, unknown>) => Promise<{
190
+ groupId: string;
191
+ }>;
192
+ delete: (ctx: ComponentCtx, groupId: string) => Promise<{
193
+ groupId: string;
194
+ }>;
195
+ ancestors: (ctx: ComponentReadCtx, opts: {
196
+ groupId: string;
197
+ maxDepth?: number;
198
+ includeSelf?: boolean;
199
+ }) => Promise<{
200
+ ancestors: Record<string, unknown>[];
201
+ cycleDetected: boolean;
202
+ maxDepthReached: boolean;
203
+ }>;
204
+ };
205
+ member: {
206
+ create: (ctx: ComponentCtx, data: {
207
+ groupId: string;
208
+ userId: string;
209
+ roleIds?: string[];
210
+ status?: string;
211
+ extend?: Record<string, unknown>;
212
+ }) => Promise<{
213
+ memberId: string;
214
+ }>;
215
+ get: (ctx: ComponentReadCtx, memberId: string) => Promise<any>;
216
+ list: (ctx: ComponentReadCtx, opts?: {
217
+ where?: {
218
+ groupId?: string;
219
+ userId?: string;
220
+ roleId?: string;
221
+ status?: string;
222
+ };
223
+ limit?: number;
224
+ cursor?: string | null;
225
+ orderBy?: "_creationTime" | "status";
226
+ order?: "asc" | "desc";
227
+ }) => Promise<any>;
228
+ delete: (ctx: ComponentCtx, memberId: string) => Promise<{
229
+ memberId: string;
230
+ }>;
231
+ update: (ctx: ComponentCtx, memberId: string, data: Record<string, unknown>) => Promise<{
232
+ memberId: string;
233
+ }>;
234
+ inspect: (ctx: ComponentReadCtx, opts: {
235
+ userId: string;
236
+ groupId: string;
237
+ ancestry?: boolean;
238
+ maxDepth?: number;
239
+ }) => Promise<{
240
+ membership: null;
241
+ roleIds: string[];
242
+ grants: string[];
243
+ } | {
244
+ membership: {
245
+ _id: string;
246
+ _creationTime: number;
247
+ groupId: string;
248
+ userId: string;
249
+ role?: string;
250
+ roleIds?: string[];
251
+ status?: string;
252
+ extend?: Record<string, unknown>;
253
+ };
254
+ roleIds: string[];
255
+ grants: string[];
256
+ }>;
257
+ require: (ctx: ComponentReadCtx, opts: {
258
+ userId: string;
259
+ groupId: string;
260
+ ancestry?: boolean;
261
+ roleIds?: string[];
262
+ grants?: string[];
263
+ maxDepth?: number;
264
+ }) => Promise<{
265
+ membership: {
266
+ _id: string;
267
+ _creationTime: number;
268
+ groupId: string;
269
+ userId: string;
270
+ role?: string;
271
+ roleIds?: string[];
272
+ status?: string;
273
+ extend?: Record<string, unknown>;
274
+ };
275
+ roleIds: string[];
276
+ grants: string[];
277
+ }>;
278
+ };
279
+ invite: {
280
+ create: (ctx: ComponentCtx, data: {
281
+ groupId?: string;
282
+ invitedByUserId?: string;
283
+ email?: string;
284
+ roleIds?: string[];
285
+ expiresTime?: number;
286
+ extend?: Record<string, unknown>;
287
+ }) => Promise<{
288
+ inviteId: string;
289
+ token: string;
290
+ }>;
291
+ get: (ctx: ComponentReadCtx, inviteId: string) => Promise<any>;
292
+ token: {
293
+ get: (ctx: ComponentReadCtx, token: string) => Promise<any>;
294
+ accept: (ctx: ComponentCtx, args: {
295
+ token: string;
296
+ acceptedByUserId: string;
297
+ }) => Promise<any>;
298
+ };
299
+ list: (ctx: ComponentReadCtx, opts?: {
300
+ where?: {
301
+ tokenHash?: string;
302
+ groupId?: string;
303
+ status?: "pending" | "accepted" | "revoked" | "expired";
304
+ email?: string;
305
+ invitedByUserId?: string;
306
+ roleId?: string;
307
+ acceptedByUserId?: string;
308
+ };
309
+ limit?: number;
310
+ cursor?: string | null;
311
+ orderBy?: "_creationTime" | "status" | "email" | "expiresTime" | "acceptedTime";
312
+ order?: "asc" | "desc";
313
+ }) => Promise<any>;
314
+ accept: (ctx: ComponentCtx, inviteId: string, acceptedByUserId?: string) => Promise<{
315
+ inviteId: string;
316
+ acceptedByUserId: string | null;
317
+ }>;
318
+ revoke: (ctx: ComponentCtx, inviteId: string) => Promise<{
319
+ inviteId: string;
320
+ }>;
321
+ };
322
+ key: {
323
+ create: (ctx: ComponentCtx, opts: {
324
+ userId: string;
325
+ name: string;
326
+ scopes: KeyScope[];
327
+ rateLimit?: {
328
+ maxRequests: number;
329
+ windowMs: number;
330
+ };
331
+ expiresAt?: number;
332
+ metadata?: Record<string, unknown>;
333
+ }) => Promise<{
334
+ keyId: string;
335
+ secret: string;
336
+ }>;
337
+ verify: (ctx: ComponentCtx, rawKey: string) => Promise<{
338
+ userId: string;
339
+ keyId: string;
340
+ scopes: ScopeChecker;
341
+ }>;
342
+ list: (ctx: ComponentReadCtx, opts?: {
343
+ where?: {
344
+ userId?: string;
345
+ revoked?: boolean;
346
+ name?: string;
347
+ prefix?: string;
348
+ };
349
+ limit?: number;
350
+ cursor?: string | null;
351
+ orderBy?: "_creationTime" | "name" | "lastUsedAt" | "expiresAt" | "revoked";
352
+ order?: "asc" | "desc";
353
+ }) => Promise<any>;
354
+ get: (ctx: ComponentReadCtx, keyId: string) => Promise<KeyDoc | null>;
355
+ update: (ctx: ComponentCtx, keyId: string, data: {
356
+ name?: string;
357
+ scopes?: KeyScope[];
358
+ rateLimit?: {
359
+ maxRequests: number;
360
+ windowMs: number;
361
+ };
362
+ }) => Promise<{
363
+ keyId: string;
364
+ }>;
365
+ revoke: (ctx: ComponentCtx, keyId: string) => Promise<{
366
+ keyId: string;
367
+ }>;
368
+ delete: (ctx: ComponentCtx, keyId: string) => Promise<{
369
+ keyId: string;
370
+ }>;
371
+ rotate: (ctx: ComponentCtx, keyId: string, opts?: {
372
+ name?: string;
373
+ expiresAt?: number;
374
+ }) => Promise<{
375
+ keyId: string;
376
+ secret: string;
377
+ }>;
378
+ };
379
+ } & {
380
+ sso: ReturnType<typeof createGroupConnectionDomain>;
381
+ } & {
382
+ http: {
383
+ /**
384
+ * Register core HTTP routes for JWT verification and OAuth sign-in.
385
+ *
386
+ * ```ts
387
+ * import { httpRouter } from "convex/server";
388
+ * import { auth } from "./auth";
389
+ *
390
+ * const http = httpRouter();
391
+ *
392
+ * auth.http.add(http);
393
+ *
394
+ * export default http;
395
+ * ```
396
+ *
397
+ * The following routes are handled always:
398
+ *
399
+ * - `/.well-known/openid-configuration`
400
+ * - `/.well-known/jwks.json`
401
+ *
402
+ * The following routes are handled if OAuth is configured:
403
+ *
404
+ * - `/api/auth/signin/*`
405
+ * - `/api/auth/callback/*`
406
+ *
407
+ * @param http your HTTP router
408
+ */
409
+ add: (http: HttpRouter) => void;
410
+ /**
411
+ * Resolve mixed HTTP auth for a raw `httpAction`.
412
+ *
413
+ * Checks session auth first, then falls back to `Authorization: Bearer sk_*`
414
+ * API keys. This is the low-level helper for endpoints that intentionally
415
+ * accept either browser sessions or API keys.
416
+ * Pass `{ optional: true }` to get a null-shaped auth object instead of a
417
+ * `NOT_SIGNED_IN` error.
418
+ *
419
+ * ```ts
420
+ * http.route({
421
+ * path: "/api/data",
422
+ * method: "GET",
423
+ * handler: httpAction(async (ctx, request) => {
424
+ * const authContext = await auth.http.context(ctx, request);
425
+ * return Response.json({
426
+ * userId: authContext.userId,
427
+ * source: authContext.source,
428
+ * });
429
+ * }),
430
+ * });
431
+ * ```
432
+ */
433
+ context: {
434
+ <TResolve extends Record<string, unknown> = Record<string, never>, TCtx extends {
435
+ auth: {
436
+ getUserIdentity: () => Promise<convex_server106.UserIdentity | null>;
437
+ };
438
+ } & ComponentReadCtx = {
439
+ auth: {
440
+ getUserIdentity: () => Promise<convex_server106.UserIdentity | null>;
441
+ };
442
+ } & ComponentReadCtx>(ctx: TCtx, request: Request, config: HttpAuthContextConfig<TResolve, TCtx> & {
443
+ optional: true;
444
+ }): Promise<OptionalHttpAuthContext & TResolve>;
445
+ <TResolve extends Record<string, unknown> = Record<string, never>, TCtx extends {
446
+ auth: {
447
+ getUserIdentity: () => Promise<convex_server106.UserIdentity | null>;
448
+ };
449
+ } & ComponentReadCtx = {
450
+ auth: {
451
+ getUserIdentity: () => Promise<convex_server106.UserIdentity | null>;
452
+ };
453
+ } & ComponentReadCtx>(ctx: TCtx, request: Request, config?: HttpAuthContextConfig<TResolve, TCtx>): Promise<HttpAuthContext & TResolve>;
454
+ };
455
+ /**
456
+ * Wrap an HTTP action handler with Bearer token authentication.
457
+ *
458
+ * Extracts the `Authorization: Bearer <key>` header, verifies the
459
+ * API key via `auth.key.verify()`, and injects `ctx.key` with the
460
+ * verified key info. Returns structured JSON error responses for
461
+ * missing/invalid/revoked/expired/rate-limited keys.
462
+ *
463
+ * If the handler returns a plain object, it is auto-wrapped in a
464
+ * `200 JSON` response. If it returns a `Response`, CORS headers
465
+ * are merged and the response is passed through.
466
+ *
467
+ * ```ts
468
+ * const handler = auth.http.action(async (ctx, request) => {
469
+ * const data = await ctx.runQuery(api.data.get, { userId: ctx.key.userId });
470
+ * return { data };
471
+ * });
472
+ * http.route({ path: "/api/data", method: "GET", handler });
473
+ * ```
474
+ *
475
+ * @param handler - Receives enriched `ctx` (with `ctx.key`) and the raw `Request`.
476
+ * @param options.scope - Optional scope check; returns 403 if the key lacks permission.
477
+ * @param options.cors - CORS config; defaults to site URLs from environment.
478
+ */
479
+ action: (handler: (ctx: GenericActionCtx<GenericDataModel> & HttpKeyContext, request: Request) => Promise<Response | Record<string, unknown>>, options?: {
480
+ scope?: {
481
+ resource: string;
482
+ action: string;
483
+ };
484
+ cors?: CorsConfig;
485
+ }) => convex_server106.PublicHttpAction;
486
+ /**
487
+ * Register a Bearer-authenticated route **and** its OPTIONS preflight
488
+ * in a single call.
489
+ *
490
+ * ```ts
491
+ * auth.http.route(http, {
492
+ * path: "/api/messages",
493
+ * method: "POST",
494
+ * handler: async (ctx, request) => {
495
+ * const { body } = await request.json();
496
+ * await ctx.runMutation(internal.messages.sendAsUser, {
497
+ * userId: ctx.key.userId,
498
+ * body,
499
+ * });
500
+ * return { success: true };
501
+ * },
502
+ * });
503
+ * ```
504
+ *
505
+ * @param http - The Convex HTTP router.
506
+ * @param routeConfig.path - The URL path to match.
507
+ * @param routeConfig.method - HTTP method (GET, POST, PUT, PATCH, DELETE).
508
+ * @param routeConfig.handler - Receives enriched `ctx` (with `ctx.key`) and the raw `Request`.
509
+ * @param routeConfig.scope - Optional scope check; returns 403 if the key lacks permission.
510
+ * @param routeConfig.cors - CORS config; defaults to site URLs from environment.
511
+ */
512
+ route: (http: {
513
+ route: (config: unknown) => void;
514
+ }, routeConfig: {
515
+ path: string;
516
+ method: "GET" | "POST" | "PUT" | "PATCH" | "DELETE";
517
+ handler: (ctx: GenericActionCtx<GenericDataModel> & HttpKeyContext, request: Request) => Promise<Response | Record<string, unknown>>;
518
+ scope?: {
519
+ resource: string;
520
+ action: string;
521
+ };
522
+ cors?: CorsConfig;
523
+ }) => void;
524
+ };
525
+ };
29
526
  /**
30
527
  * Action called by the client to sign the user in.
31
528
  *
32
529
  * Also used for refreshing the session.
33
530
  */
34
- signIn: convex_server0.RegisteredAction<"public", {
531
+ signIn: convex_server106.RegisteredAction<"public", {
35
532
  provider?: string | undefined;
36
- params?: any;
37
533
  verifier?: string | undefined;
534
+ params?: Record<string, string | number | boolean | (string | number | boolean | null)[] | Record<string, string | number | boolean | (string | number | boolean | null)[] | null> | null> | undefined;
38
535
  refreshToken?: string | undefined;
39
536
  calledBy?: string | undefined;
40
537
  }, Promise<SignInActionResult>>;
41
538
  /**
42
539
  * Action called by the client to invalidate the current session.
43
540
  */
44
- signOut: convex_server0.RegisteredAction<"public", {}, Promise<void>>;
541
+ signOut: convex_server106.RegisteredAction<"public", {}, Promise<void>>;
45
542
  /**
46
543
  * Internal mutation used by the library to read and write
47
544
  * to the database during signin and signout.
48
545
  */
49
- store: convex_server0.RegisteredMutation<"internal", {
546
+ store: convex_server106.RegisteredMutation<"internal", {
50
547
  args: {
51
548
  sessionId?: string | undefined;
52
549
  type: "signIn";
@@ -61,37 +558,54 @@ declare function Auth(config_: ConvexAuthConfig): {
61
558
  provider?: string | undefined;
62
559
  verifier?: string | undefined;
63
560
  type: "verifyCodeAndSignIn";
64
- params: any;
561
+ params: Record<string, string | number | boolean | (string | number | boolean | null)[] | Record<string, string | number | boolean | (string | number | boolean | null)[] | null> | null>;
65
562
  generateTokens: boolean;
66
563
  allowExtraProviders: boolean;
67
564
  } | {
565
+ signature?: string | undefined;
68
566
  type: "verifier";
69
567
  } | {
70
568
  type: "verifierSignature";
71
569
  verifier: string;
72
570
  signature: string;
73
571
  } | {
74
- accountExtend?: any;
572
+ accountExtend?: {
573
+ identity?: {
574
+ type?: string | undefined;
575
+ provider?: string | undefined;
576
+ providerAccountId?: string | undefined;
577
+ protocol?: string | undefined;
578
+ connectionId?: string | undefined;
579
+ subject?: string | undefined;
580
+ issuer?: string | undefined;
581
+ discoveryUrl?: string | undefined;
582
+ entityId?: string | undefined;
583
+ } | undefined;
584
+ saml?: {
585
+ attributes?: Record<string, string | string[]> | undefined;
586
+ sessionIndex?: string | undefined;
587
+ } | undefined;
588
+ } | undefined;
589
+ profile: Record<string, string | number | boolean | (string | number | boolean | null)[] | Record<string, string | number | boolean | (string | number | boolean | null)[] | null> | null>;
75
590
  type: "userOAuth";
76
591
  provider: string;
77
- signature: string;
78
592
  providerAccountId: string;
79
- profile: any;
593
+ signature: string;
80
594
  } | {
81
- phone?: string | undefined;
82
595
  email?: string | undefined;
596
+ phone?: string | undefined;
83
597
  accountId?: string | undefined;
84
598
  type: "createVerificationCode";
599
+ expirationTime: number;
85
600
  provider: string;
86
- allowExtraProviders: boolean;
87
601
  code: string;
88
- expirationTime: number;
602
+ allowExtraProviders: boolean;
89
603
  } | {
90
604
  shouldLinkViaEmail?: boolean | undefined;
91
605
  shouldLinkViaPhone?: boolean | undefined;
606
+ profile: Record<string, string | number | boolean | (string | number | boolean | null)[] | Record<string, string | number | boolean | (string | number | boolean | null)[] | null> | null>;
92
607
  type: "createAccountFromCredentials";
93
608
  provider: string;
94
- profile: any;
95
609
  account: {
96
610
  secret?: string | undefined;
97
611
  id: string;
@@ -115,21 +629,7 @@ declare function Auth(config_: ConvexAuthConfig): {
115
629
  type: "invalidateSessions";
116
630
  userId: string;
117
631
  };
118
- }, Promise<string | void | SessionInfo | {
119
- userId: convex_values0.GenericId<"User">;
120
- sessionId: convex_values0.GenericId<"Session">;
121
- } | (string & {
122
- __tableName: "AuthVerifier";
123
- }) | {
124
- token: string;
125
- refreshToken: string;
126
- } | {
127
- account: Doc<"Account">;
128
- user: Doc<"User">;
129
- } | {
130
- account: Doc<"Account">;
131
- user: Doc<"User">;
132
- } | null>>;
632
+ }, Promise<unknown>>;
133
633
  };
134
634
  //#endregion
135
635
  export { Auth };