npm - @robelest/convex-auth - Versions diffs - 0.0.4-preview.25 → 0.0.4-preview.28 - Mend

@robelest/convex-auth 0.0.4-preview.25 → 0.0.4-preview.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (666) hide show

package/README.md +43 -36
package/dist/bin.js +5765 -4880
package/dist/browser/index.d.ts +30 -0
package/dist/browser/index.js +93 -0
package/dist/browser/locks.js +11 -0
package/dist/browser/navigation.js +14 -0
package/dist/{factors → browser}/passkey.js +23 -32
package/dist/browser/runtime.js +92 -0
package/dist/client/core/types.d.ts +452 -5
package/dist/client/core/types.js +17 -0
package/dist/client/errors.js +19 -0
package/dist/client/factors/device.js +94 -0
package/dist/{factors → client/factors}/totp.js +12 -4
package/dist/client/index.d.ts +47 -1
package/dist/client/index.js +269 -232
package/dist/client/runtime/mutex.js +24 -0
package/dist/client/runtime/proxy.js +30 -0
package/dist/client/runtime/storage.js +45 -0
package/dist/client/services/adapters.js +7 -0
package/dist/client/services/http.js +6 -0
package/dist/client/services/resolve.js +13 -0
package/dist/client/services/runtime.js +6 -0
package/dist/component/_generated/component.d.ts +1355 -1399
package/dist/component/convex.config.d.ts +2 -2
package/dist/component/index.d.ts +4 -26
package/dist/component/index.js +1 -1
package/dist/component/model.d.ts +26 -112
package/dist/component/model.js +76 -54
package/dist/component/modules.js +38 -0
package/dist/component/public/factors/devices.js +1 -1
package/dist/component/public/factors/passkeys.js +1 -1
package/dist/component/public/factors/totp.js +1 -1
package/dist/component/public/groups/core.js +2 -2
package/dist/component/public/groups/invites.js +1 -1
package/dist/component/public/groups/members.js +1 -1
package/dist/component/public/identity/accounts.js +1 -1
package/dist/component/public/identity/codes.js +1 -1
package/dist/component/public/identity/sessions.js +39 -2
package/dist/component/public/identity/tokens.js +82 -4
package/dist/component/public/identity/users.js +1 -1
package/dist/component/public/identity/verifiers.js +10 -4
package/dist/component/public/security/keys.js +1 -1
package/dist/component/public/security/limits.js +1 -1
package/dist/component/public/{enterprise → sso}/audit.js +26 -26
package/dist/component/public/sso/core.js +263 -0
package/dist/component/public/sso/domains.js +280 -0
package/dist/component/public/{enterprise → sso}/scim.js +87 -87
package/dist/component/public/sso/secrets.js +125 -0
package/dist/component/public/{enterprise → sso}/webhooks.js +59 -59
package/dist/component/public.js +9 -9
package/dist/component/schema.d.ts +472 -393
package/dist/component/schema.js +36 -35
package/dist/core/index.d.ts +380 -0
package/dist/core/index.js +83 -0
package/dist/otel.d.ts +69 -0
package/dist/otel.js +82 -0
package/dist/providers/anonymous.d.ts +15 -34
package/dist/providers/anonymous.js +27 -35
package/dist/providers/apple.d.ts +59 -0
package/dist/providers/apple.js +58 -0
package/dist/providers/credentials.d.ts +18 -34
package/dist/providers/credentials.js +16 -27
package/dist/providers/custom.d.ts +94 -0
package/dist/providers/custom.js +119 -0
package/dist/providers/device.d.ts +15 -49
package/dist/providers/device.js +17 -34
package/dist/providers/email.d.ts +21 -38
package/dist/providers/email.js +36 -55
package/dist/providers/github.d.ts +54 -0
package/dist/providers/github.js +75 -0
package/dist/providers/google.d.ts +54 -0
package/dist/providers/google.js +61 -0
package/dist/providers/index.d.ts +16 -12
package/dist/providers/index.js +15 -11
package/dist/providers/microsoft.d.ts +57 -0
package/dist/providers/microsoft.js +101 -0
package/dist/providers/passkey.d.ts +19 -35
package/dist/providers/passkey.js +20 -30
package/dist/providers/password.d.ts +17 -18
package/dist/providers/password.js +121 -143
package/dist/providers/phone.d.ts +13 -28
package/dist/providers/phone.js +21 -46
package/dist/providers/sso.d.ts +16 -36
package/dist/providers/sso.js +21 -22
package/dist/providers/totp.d.ts +13 -29
package/dist/providers/totp.js +17 -27
package/dist/server/auth-context.d.ts +204 -0
package/dist/server/auth-context.js +76 -0
package/dist/server/auth.d.ts +99 -244
package/dist/server/auth.js +56 -152
package/dist/server/componentContext.d.ts +12 -0
package/dist/server/componentContext.js +1 -0
package/dist/server/config.js +6 -67
package/dist/server/constants.js +6 -0
package/dist/server/contract.d.ts +105 -0
package/dist/server/contract.js +43 -0
package/dist/server/cookies.js +3 -2
package/dist/server/core.js +31 -36
package/dist/server/crypto.js +34 -44
package/dist/server/db.js +6 -1
package/dist/server/device.js +96 -130
package/dist/server/env.js +48 -0
package/dist/server/errors.js +20 -0
package/dist/server/http.d.ts +15 -59
package/dist/server/http.js +136 -120
package/dist/server/identity.js +2 -2
package/dist/server/index.d.ts +5 -4
package/dist/server/index.js +3 -3
package/dist/server/keys.js +10 -1
package/dist/server/limits.js +26 -26
package/dist/server/log.js +28 -0
package/dist/server/mounts.d.ts +1107 -296
package/dist/server/mounts.js +315 -196
package/dist/server/mutations/account.js +11 -14
package/dist/server/mutations/code.js +6 -5
package/dist/server/mutations/invalidate.js +9 -11
package/dist/server/mutations/oauth.js +112 -73
package/dist/server/mutations/refresh.js +47 -97
package/dist/server/mutations/register.js +37 -35
package/dist/server/mutations/retrieve.js +16 -16
package/dist/server/mutations/signature.js +15 -18
package/dist/server/mutations/signin.js +10 -5
package/dist/server/mutations/signout.js +11 -14
package/dist/server/mutations/store.js +25 -18
package/dist/server/mutations/verifier.js +11 -8
package/dist/server/mutations/verify.js +53 -41
package/dist/server/oauth/factory.js +44 -0
package/dist/server/oauth/index.js +12 -0
package/dist/server/oauth/runtime.js +248 -0
package/dist/server/passkey.js +331 -365
package/dist/server/payloads.d.ts +16 -0
package/dist/server/payloads.js +30 -0
package/dist/server/{ssr.d.ts → prefetch.d.ts} +2 -2
package/dist/server/prefetch.js +635 -0
package/dist/server/random.js +19 -0
package/dist/server/redirects.js +10 -5
package/dist/server/refresh.js +14 -86
package/dist/server/runtime.d.ts +531 -31
package/dist/server/runtime.js +106 -267
package/dist/server/secret.js +44 -0
package/dist/server/services/config.js +10 -0
package/dist/server/services/group.js +211 -0
package/dist/server/services/logger.js +8 -0
package/dist/server/services/providers.js +22 -0
package/dist/server/services/refresh.js +8 -0
package/dist/server/services/resolve.js +27 -0
package/dist/server/services/signin.js +8 -0
package/dist/server/sessions.js +35 -34
package/dist/server/signin.js +229 -140
package/dist/server/{enterprise → sso}/config.js +10 -3
package/dist/server/sso/domain.d.ts +614 -0
package/dist/server/sso/domain.js +1175 -0
package/dist/server/sso/http.js +1060 -0
package/dist/server/sso/oidc.js +324 -0
package/dist/server/sso/policies.js +59 -0
package/dist/server/sso/policy.js +139 -0
package/dist/server/sso/profile.js +22 -0
package/dist/server/sso/provision.js +179 -0
package/dist/{component/server/enterprise → server/sso}/saml.js +142 -56
package/dist/{component/server/enterprise → server/sso}/scim.js +13 -7
package/dist/server/sso/shared.js +74 -0
package/dist/server/sso/validators.js +88 -0
package/dist/server/sso/webhook.js +94 -0
package/dist/server/tokens.js +16 -4
package/dist/server/totp.js +155 -164
package/dist/server/types.d.ts +306 -296
package/dist/server/types.js +1 -30
package/dist/server/url.js +32 -0
package/dist/server/users.js +74 -40
package/dist/server/utils/cache.js +51 -0
package/dist/server/utils/dispatch.js +36 -0
package/dist/server/utils/retry.js +24 -0
package/dist/server/utils/span.js +32 -0
package/dist/shared/errors.js +19 -0
package/dist/shared/log.js +45 -0
package/{src/test.ts → dist/test.d.ts} +21 -22
package/dist/test.js +51 -0
package/package.json +70 -42
package/dist/authorization/index.d.ts.map +0 -1
package/dist/authorization/index.js.map +0 -1
package/dist/client/core/types.d.ts.map +0 -1
package/dist/client/index.d.ts.map +0 -1
package/dist/client/index.js.map +0 -1
package/dist/component/_generated/api.d.ts +0 -75
package/dist/component/_generated/api.d.ts.map +0 -1
package/dist/component/_generated/api.js.map +0 -1
package/dist/component/_generated/component.d.ts.map +0 -1
package/dist/component/_generated/dataModel.d.ts +0 -42
package/dist/component/_generated/dataModel.d.ts.map +0 -1
package/dist/component/_generated/server.d.ts +0 -117
package/dist/component/_generated/server.d.ts.map +0 -1
package/dist/component/_generated/server.js.map +0 -1
package/dist/component/_virtual/rolldown_runtime.js +0 -18
package/dist/component/client/core/types.d.ts +0 -2
package/dist/component/client/index.d.ts +0 -1
package/dist/component/convex.config.d.ts.map +0 -1
package/dist/component/convex.config.js.map +0 -1
package/dist/component/functions.d.ts +0 -25
package/dist/component/functions.d.ts.map +0 -1
package/dist/component/functions.js.map +0 -1
package/dist/component/index.d.ts.map +0 -1
package/dist/component/model.d.ts.map +0 -1
package/dist/component/model.js.map +0 -1
package/dist/component/providers/anonymous.d.ts +0 -54
package/dist/component/providers/anonymous.d.ts.map +0 -1
package/dist/component/providers/credentials.d.ts +0 -38
package/dist/component/providers/credentials.d.ts.map +0 -1
package/dist/component/providers/device.d.ts +0 -67
package/dist/component/providers/device.d.ts.map +0 -1
package/dist/component/providers/email.d.ts +0 -62
package/dist/component/providers/email.d.ts.map +0 -1
package/dist/component/providers/oauth.d.ts +0 -25
package/dist/component/providers/oauth.d.ts.map +0 -1
package/dist/component/providers/oauth.js +0 -13
package/dist/component/providers/oauth.js.map +0 -1
package/dist/component/providers/passkey.d.ts +0 -57
package/dist/component/providers/passkey.d.ts.map +0 -1
package/dist/component/providers/password.d.ts +0 -88
package/dist/component/providers/password.d.ts.map +0 -1
package/dist/component/providers/phone.d.ts +0 -48
package/dist/component/providers/phone.d.ts.map +0 -1
package/dist/component/providers/sso.d.ts +0 -50
package/dist/component/providers/sso.d.ts.map +0 -1
package/dist/component/providers/totp.d.ts +0 -45
package/dist/component/providers/totp.d.ts.map +0 -1
package/dist/component/public/enterprise/audit.d.ts +0 -73
package/dist/component/public/enterprise/audit.d.ts.map +0 -1
package/dist/component/public/enterprise/audit.js.map +0 -1
package/dist/component/public/enterprise/core.d.ts +0 -176
package/dist/component/public/enterprise/core.d.ts.map +0 -1
package/dist/component/public/enterprise/core.js +0 -292
package/dist/component/public/enterprise/core.js.map +0 -1
package/dist/component/public/enterprise/domains.d.ts +0 -174
package/dist/component/public/enterprise/domains.d.ts.map +0 -1
package/dist/component/public/enterprise/domains.js +0 -271
package/dist/component/public/enterprise/domains.js.map +0 -1
package/dist/component/public/enterprise/scim.d.ts +0 -245
package/dist/component/public/enterprise/scim.d.ts.map +0 -1
package/dist/component/public/enterprise/scim.js.map +0 -1
package/dist/component/public/enterprise/secrets.d.ts +0 -78
package/dist/component/public/enterprise/secrets.d.ts.map +0 -1
package/dist/component/public/enterprise/secrets.js +0 -118
package/dist/component/public/enterprise/secrets.js.map +0 -1
package/dist/component/public/enterprise/webhooks.d.ts +0 -211
package/dist/component/public/enterprise/webhooks.d.ts.map +0 -1
package/dist/component/public/enterprise/webhooks.js.map +0 -1
package/dist/component/public/factors/devices.d.ts +0 -157
package/dist/component/public/factors/devices.d.ts.map +0 -1
package/dist/component/public/factors/devices.js.map +0 -1
package/dist/component/public/factors/passkeys.d.ts +0 -175
package/dist/component/public/factors/passkeys.d.ts.map +0 -1
package/dist/component/public/factors/passkeys.js.map +0 -1
package/dist/component/public/factors/totp.d.ts +0 -189
package/dist/component/public/factors/totp.d.ts.map +0 -1
package/dist/component/public/factors/totp.js.map +0 -1
package/dist/component/public/groups/core.d.ts +0 -137
package/dist/component/public/groups/core.d.ts.map +0 -1
package/dist/component/public/groups/core.js.map +0 -1
package/dist/component/public/groups/invites.d.ts +0 -217
package/dist/component/public/groups/invites.d.ts.map +0 -1
package/dist/component/public/groups/invites.js.map +0 -1
package/dist/component/public/groups/members.d.ts +0 -204
package/dist/component/public/groups/members.d.ts.map +0 -1
package/dist/component/public/groups/members.js.map +0 -1
package/dist/component/public/identity/accounts.d.ts +0 -147
package/dist/component/public/identity/accounts.d.ts.map +0 -1
package/dist/component/public/identity/accounts.js.map +0 -1
package/dist/component/public/identity/codes.d.ts +0 -104
package/dist/component/public/identity/codes.d.ts.map +0 -1
package/dist/component/public/identity/codes.js.map +0 -1
package/dist/component/public/identity/sessions.d.ts +0 -128
package/dist/component/public/identity/sessions.d.ts.map +0 -1
package/dist/component/public/identity/sessions.js.map +0 -1
package/dist/component/public/identity/tokens.d.ts +0 -169
package/dist/component/public/identity/tokens.d.ts.map +0 -1
package/dist/component/public/identity/tokens.js.map +0 -1
package/dist/component/public/identity/users.d.ts +0 -212
package/dist/component/public/identity/users.d.ts.map +0 -1
package/dist/component/public/identity/users.js.map +0 -1
package/dist/component/public/identity/verifiers.d.ts +0 -116
package/dist/component/public/identity/verifiers.d.ts.map +0 -1
package/dist/component/public/identity/verifiers.js.map +0 -1
package/dist/component/public/security/keys.d.ts +0 -209
package/dist/component/public/security/keys.d.ts.map +0 -1
package/dist/component/public/security/keys.js.map +0 -1
package/dist/component/public/security/limits.d.ts +0 -114
package/dist/component/public/security/limits.d.ts.map +0 -1
package/dist/component/public/security/limits.js.map +0 -1
package/dist/component/public.d.ts +0 -28
package/dist/component/public.d.ts.map +0 -1
package/dist/component/schema.d.ts.map +0 -1
package/dist/component/schema.js.map +0 -1
package/dist/component/server/auth.d.ts +0 -447
package/dist/component/server/auth.d.ts.map +0 -1
package/dist/component/server/auth.js +0 -254
package/dist/component/server/auth.js.map +0 -1
package/dist/component/server/config.js +0 -121
package/dist/component/server/config.js.map +0 -1
package/dist/component/server/context.js +0 -53
package/dist/component/server/context.js.map +0 -1
package/dist/component/server/cookies.js +0 -47
package/dist/component/server/cookies.js.map +0 -1
package/dist/component/server/core.js +0 -576
package/dist/component/server/core.js.map +0 -1
package/dist/component/server/crypto.js +0 -56
package/dist/component/server/crypto.js.map +0 -1
package/dist/component/server/db.js +0 -87
package/dist/component/server/db.js.map +0 -1
package/dist/component/server/device.js +0 -152
package/dist/component/server/device.js.map +0 -1
package/dist/component/server/enterprise/config.js +0 -46
package/dist/component/server/enterprise/config.js.map +0 -1
package/dist/component/server/enterprise/domain.js +0 -974
package/dist/component/server/enterprise/domain.js.map +0 -1
package/dist/component/server/enterprise/http.js +0 -787
package/dist/component/server/enterprise/http.js.map +0 -1
package/dist/component/server/enterprise/oidc.js +0 -248
package/dist/component/server/enterprise/oidc.js.map +0 -1
package/dist/component/server/enterprise/policy.js +0 -85
package/dist/component/server/enterprise/policy.js.map +0 -1
package/dist/component/server/enterprise/saml.js.map +0 -1
package/dist/component/server/enterprise/scim.js.map +0 -1
package/dist/component/server/enterprise/shared.js +0 -51
package/dist/component/server/enterprise/shared.js.map +0 -1
package/dist/component/server/http.d.ts +0 -85
package/dist/component/server/http.d.ts.map +0 -1
package/dist/component/server/http.js +0 -351
package/dist/component/server/http.js.map +0 -1
package/dist/component/server/identity.js +0 -16
package/dist/component/server/identity.js.map +0 -1
package/dist/component/server/keys.js +0 -96
package/dist/component/server/keys.js.map +0 -1
package/dist/component/server/limits.js +0 -52
package/dist/component/server/limits.js.map +0 -1
package/dist/component/server/mutations/account.js +0 -46
package/dist/component/server/mutations/account.js.map +0 -1
package/dist/component/server/mutations/code.js +0 -68
package/dist/component/server/mutations/code.js.map +0 -1
package/dist/component/server/mutations/invalidate.js +0 -32
package/dist/component/server/mutations/invalidate.js.map +0 -1
package/dist/component/server/mutations/oauth.js +0 -116
package/dist/component/server/mutations/oauth.js.map +0 -1
package/dist/component/server/mutations/refresh.js +0 -119
package/dist/component/server/mutations/refresh.js.map +0 -1
package/dist/component/server/mutations/register.js +0 -87
package/dist/component/server/mutations/register.js.map +0 -1
package/dist/component/server/mutations/retrieve.js +0 -61
package/dist/component/server/mutations/retrieve.js.map +0 -1
package/dist/component/server/mutations/signature.js +0 -38
package/dist/component/server/mutations/signature.js.map +0 -1
package/dist/component/server/mutations/signin.js +0 -27
package/dist/component/server/mutations/signin.js.map +0 -1
package/dist/component/server/mutations/signout.js +0 -27
package/dist/component/server/mutations/signout.js.map +0 -1
package/dist/component/server/mutations/store/refs.js +0 -15
package/dist/component/server/mutations/store/refs.js.map +0 -1
package/dist/component/server/mutations/store.js +0 -70
package/dist/component/server/mutations/store.js.map +0 -1
package/dist/component/server/mutations/verifier.js +0 -18
package/dist/component/server/mutations/verifier.js.map +0 -1
package/dist/component/server/mutations/verify.js +0 -98
package/dist/component/server/mutations/verify.js.map +0 -1
package/dist/component/server/oauth.js +0 -242
package/dist/component/server/oauth.js.map +0 -1
package/dist/component/server/passkey.js +0 -415
package/dist/component/server/passkey.js.map +0 -1
package/dist/component/server/redirects.js +0 -40
package/dist/component/server/redirects.js.map +0 -1
package/dist/component/server/refresh.js +0 -99
package/dist/component/server/refresh.js.map +0 -1
package/dist/component/server/runtime.d.ts +0 -136
package/dist/component/server/runtime.d.ts.map +0 -1
package/dist/component/server/runtime.js +0 -456
package/dist/component/server/runtime.js.map +0 -1
package/dist/component/server/sessions.js +0 -71
package/dist/component/server/sessions.js.map +0 -1
package/dist/component/server/signin.js +0 -225
package/dist/component/server/signin.js.map +0 -1
package/dist/component/server/tokens.js +0 -17
package/dist/component/server/tokens.js.map +0 -1
package/dist/component/server/totp.js +0 -208
package/dist/component/server/totp.js.map +0 -1
package/dist/component/server/types.d.ts +0 -949
package/dist/component/server/types.d.ts.map +0 -1
package/dist/component/server/types.js +0 -79
package/dist/component/server/types.js.map +0 -1
package/dist/component/server/users.js +0 -123
package/dist/component/server/users.js.map +0 -1
package/dist/component/server/utils.js +0 -140
package/dist/component/server/utils.js.map +0 -1
package/dist/core/types.d.ts +0 -361
package/dist/core/types.d.ts.map +0 -1
package/dist/factors/device.js +0 -104
package/dist/factors/device.js.map +0 -1
package/dist/factors/passkey.js.map +0 -1
package/dist/factors/totp.js.map +0 -1
package/dist/providers/anonymous.d.ts.map +0 -1
package/dist/providers/anonymous.js.map +0 -1
package/dist/providers/credentials.d.ts.map +0 -1
package/dist/providers/credentials.js.map +0 -1
package/dist/providers/device.d.ts.map +0 -1
package/dist/providers/device.js.map +0 -1
package/dist/providers/email.d.ts.map +0 -1
package/dist/providers/email.js.map +0 -1
package/dist/providers/oauth.d.ts +0 -69
package/dist/providers/oauth.d.ts.map +0 -1
package/dist/providers/oauth.js +0 -43
package/dist/providers/oauth.js.map +0 -1
package/dist/providers/passkey.d.ts.map +0 -1
package/dist/providers/passkey.js.map +0 -1
package/dist/providers/password.d.ts.map +0 -1
package/dist/providers/password.js.map +0 -1
package/dist/providers/phone.d.ts.map +0 -1
package/dist/providers/phone.js.map +0 -1
package/dist/providers/sso.d.ts.map +0 -1
package/dist/providers/sso.js.map +0 -1
package/dist/providers/totp.d.ts.map +0 -1
package/dist/providers/totp.js.map +0 -1
package/dist/runtime/browser.js +0 -68
package/dist/runtime/browser.js.map +0 -1
package/dist/runtime/invite.js.map +0 -1
package/dist/runtime/proxy.js +0 -70
package/dist/runtime/proxy.js.map +0 -1
package/dist/runtime/storage.js +0 -37
package/dist/runtime/storage.js.map +0 -1
package/dist/server/auth.d.ts.map +0 -1
package/dist/server/auth.js.map +0 -1
package/dist/server/config.d.ts +0 -1
package/dist/server/config.js.map +0 -1
package/dist/server/context.d.ts +0 -1
package/dist/server/context.js.map +0 -1
package/dist/server/cookies.d.ts +0 -1
package/dist/server/cookies.js.map +0 -1
package/dist/server/core.d.ts +0 -1315
package/dist/server/core.d.ts.map +0 -1
package/dist/server/core.js.map +0 -1
package/dist/server/crypto.d.ts +0 -8
package/dist/server/crypto.d.ts.map +0 -1
package/dist/server/crypto.js.map +0 -1
package/dist/server/db.d.ts +0 -1
package/dist/server/db.js.map +0 -1
package/dist/server/device.d.ts +0 -1
package/dist/server/device.js.map +0 -1
package/dist/server/enterprise/config.d.ts +0 -1
package/dist/server/enterprise/config.js.map +0 -1
package/dist/server/enterprise/domain.d.ts +0 -401
package/dist/server/enterprise/domain.d.ts.map +0 -1
package/dist/server/enterprise/domain.js +0 -974
package/dist/server/enterprise/domain.js.map +0 -1
package/dist/server/enterprise/http.d.ts +0 -26
package/dist/server/enterprise/http.d.ts.map +0 -1
package/dist/server/enterprise/http.js +0 -787
package/dist/server/enterprise/http.js.map +0 -1
package/dist/server/enterprise/oidc.d.ts +0 -1
package/dist/server/enterprise/oidc.js +0 -248
package/dist/server/enterprise/oidc.js.map +0 -1
package/dist/server/enterprise/policy.d.ts +0 -1
package/dist/server/enterprise/policy.js +0 -85
package/dist/server/enterprise/policy.js.map +0 -1
package/dist/server/enterprise/saml.d.ts +0 -1
package/dist/server/enterprise/saml.js +0 -338
package/dist/server/enterprise/saml.js.map +0 -1
package/dist/server/enterprise/scim.d.ts +0 -1
package/dist/server/enterprise/scim.js +0 -97
package/dist/server/enterprise/scim.js.map +0 -1
package/dist/server/enterprise/shared.d.ts +0 -5
package/dist/server/enterprise/shared.d.ts.map +0 -1
package/dist/server/enterprise/shared.js +0 -51
package/dist/server/enterprise/shared.js.map +0 -1
package/dist/server/enterprise/validators.d.ts +0 -1
package/dist/server/enterprise/validators.js +0 -60
package/dist/server/enterprise/validators.js.map +0 -1
package/dist/server/http.d.ts.map +0 -1
package/dist/server/http.js.map +0 -1
package/dist/server/identity.d.ts +0 -1
package/dist/server/identity.js.map +0 -1
package/dist/server/keys.d.ts +0 -1
package/dist/server/keys.js.map +0 -1
package/dist/server/limits.d.ts +0 -1
package/dist/server/limits.js.map +0 -1
package/dist/server/mounts.d.ts.map +0 -1
package/dist/server/mounts.js.map +0 -1
package/dist/server/mutations/account.d.ts +0 -29
package/dist/server/mutations/account.d.ts.map +0 -1
package/dist/server/mutations/account.js.map +0 -1
package/dist/server/mutations/code.d.ts +0 -30
package/dist/server/mutations/code.d.ts.map +0 -1
package/dist/server/mutations/code.js.map +0 -1
package/dist/server/mutations/index.d.ts +0 -14
package/dist/server/mutations/invalidate.d.ts +0 -20
package/dist/server/mutations/invalidate.d.ts.map +0 -1
package/dist/server/mutations/invalidate.js.map +0 -1
package/dist/server/mutations/oauth.d.ts +0 -30
package/dist/server/mutations/oauth.d.ts.map +0 -1
package/dist/server/mutations/oauth.js.map +0 -1
package/dist/server/mutations/refresh.d.ts +0 -21
package/dist/server/mutations/refresh.d.ts.map +0 -1
package/dist/server/mutations/refresh.js.map +0 -1
package/dist/server/mutations/register.d.ts +0 -38
package/dist/server/mutations/register.d.ts.map +0 -1
package/dist/server/mutations/register.js.map +0 -1
package/dist/server/mutations/retrieve.d.ts +0 -33
package/dist/server/mutations/retrieve.d.ts.map +0 -1
package/dist/server/mutations/retrieve.js.map +0 -1
package/dist/server/mutations/signature.d.ts +0 -21
package/dist/server/mutations/signature.d.ts.map +0 -1
package/dist/server/mutations/signature.js.map +0 -1
package/dist/server/mutations/signin.d.ts +0 -22
package/dist/server/mutations/signin.d.ts.map +0 -1
package/dist/server/mutations/signin.js.map +0 -1
package/dist/server/mutations/signout.d.ts +0 -16
package/dist/server/mutations/signout.d.ts.map +0 -1
package/dist/server/mutations/signout.js.map +0 -1
package/dist/server/mutations/store/refs.d.ts +0 -12
package/dist/server/mutations/store/refs.d.ts.map +0 -1
package/dist/server/mutations/store/refs.js.map +0 -1
package/dist/server/mutations/store.d.ts +0 -306
package/dist/server/mutations/store.d.ts.map +0 -1
package/dist/server/mutations/store.js.map +0 -1
package/dist/server/mutations/verifier.d.ts +0 -13
package/dist/server/mutations/verifier.d.ts.map +0 -1
package/dist/server/mutations/verifier.js.map +0 -1
package/dist/server/mutations/verify.d.ts +0 -26
package/dist/server/mutations/verify.d.ts.map +0 -1
package/dist/server/mutations/verify.js.map +0 -1
package/dist/server/oauth.d.ts +0 -1
package/dist/server/oauth.js +0 -242
package/dist/server/oauth.js.map +0 -1
package/dist/server/passkey.d.ts +0 -27
package/dist/server/passkey.d.ts.map +0 -1
package/dist/server/passkey.js.map +0 -1
package/dist/server/redirects.d.ts +0 -1
package/dist/server/redirects.js.map +0 -1
package/dist/server/refresh.d.ts +0 -1
package/dist/server/refresh.js.map +0 -1
package/dist/server/runtime.d.ts.map +0 -1
package/dist/server/runtime.js.map +0 -1
package/dist/server/sessions.d.ts +0 -1
package/dist/server/sessions.js.map +0 -1
package/dist/server/signin.d.ts +0 -1
package/dist/server/signin.js.map +0 -1
package/dist/server/ssr.d.ts.map +0 -1
package/dist/server/ssr.js +0 -777
package/dist/server/ssr.js.map +0 -1
package/dist/server/templates.d.ts +0 -1
package/dist/server/templates.js.map +0 -1
package/dist/server/tokens.d.ts +0 -1
package/dist/server/tokens.js.map +0 -1
package/dist/server/totp.d.ts +0 -1
package/dist/server/totp.js.map +0 -1
package/dist/server/types.d.ts.map +0 -1
package/dist/server/types.js.map +0 -1
package/dist/server/users.d.ts +0 -1
package/dist/server/users.js.map +0 -1
package/dist/server/utils.d.ts +0 -1
package/dist/server/utils.js +0 -140
package/dist/server/utils.js.map +0 -1
package/src/authorization/index.ts +0 -83
package/src/cli/bin.ts +0 -5
package/src/cli/command.ts +0 -70
package/src/cli/index.ts +0 -1112
package/src/cli/keys.ts +0 -23
package/src/client/core/types.ts +0 -437
package/src/client/factors/device.ts +0 -158
package/src/client/factors/passkey.ts +0 -279
package/src/client/factors/totp.ts +0 -150
package/src/client/index.ts +0 -1124
package/src/client/runtime/browser.ts +0 -112
package/src/client/runtime/invite.ts +0 -63
package/src/client/runtime/proxy.ts +0 -111
package/src/client/runtime/storage.ts +0 -79
package/src/component/_generated/api.ts +0 -96
package/src/component/_generated/component.ts +0 -3774
package/src/component/_generated/dataModel.ts +0 -60
package/src/component/_generated/server.ts +0 -156
package/src/component/convex.config.ts +0 -5
package/src/component/functions.ts +0 -104
package/src/component/index.ts +0 -42
package/src/component/model.ts +0 -449
package/src/component/public/enterprise/audit.ts +0 -125
package/src/component/public/enterprise/core.ts +0 -355
package/src/component/public/enterprise/domains.ts +0 -327
package/src/component/public/enterprise/scim.ts +0 -397
package/src/component/public/enterprise/secrets.ts +0 -133
package/src/component/public/enterprise/webhooks.ts +0 -307
package/src/component/public/factors/devices.ts +0 -224
package/src/component/public/factors/passkeys.ts +0 -243
package/src/component/public/factors/totp.ts +0 -259
package/src/component/public/groups/core.ts +0 -481
package/src/component/public/groups/invites.ts +0 -608
package/src/component/public/groups/members.ts +0 -410
package/src/component/public/identity/accounts.ts +0 -207
package/src/component/public/identity/codes.ts +0 -149
package/src/component/public/identity/sessions.ts +0 -210
package/src/component/public/identity/tokens.ts +0 -251
package/src/component/public/identity/users.ts +0 -355
package/src/component/public/identity/verifiers.ts +0 -158
package/src/component/public/security/keys.ts +0 -366
package/src/component/public/security/limits.ts +0 -174
package/src/component/public.ts +0 -27
package/src/component/schema.ts +0 -505
package/src/providers/anonymous.ts +0 -99
package/src/providers/credentials.ts +0 -102
package/src/providers/device.ts +0 -87
package/src/providers/email.ts +0 -99
package/src/providers/index.ts +0 -31
package/src/providers/oauth.ts +0 -117
package/src/providers/passkey.ts +0 -77
package/src/providers/password.ts +0 -441
package/src/providers/phone.ts +0 -93
package/src/providers/sso.ts +0 -54
package/src/providers/totp.ts +0 -62
package/src/samlify.d.ts +0 -53
package/src/server/auth.ts +0 -949
package/src/server/config.ts +0 -200
package/src/server/context.ts +0 -90
package/src/server/cookies.ts +0 -49
package/src/server/core.ts +0 -2004
package/src/server/crypto.ts +0 -90
package/src/server/db.ts +0 -203
package/src/server/device.ts +0 -254
package/src/server/enterprise/config.ts +0 -51
package/src/server/enterprise/domain.ts +0 -1739
package/src/server/enterprise/http.ts +0 -1331
package/src/server/enterprise/oidc.ts +0 -500
package/src/server/enterprise/policy.ts +0 -128
package/src/server/enterprise/saml.ts +0 -578
package/src/server/enterprise/scim.ts +0 -135
package/src/server/enterprise/shared.ts +0 -134
package/src/server/enterprise/validators.ts +0 -93
package/src/server/http.ts +0 -790
package/src/server/identity.ts +0 -18
package/src/server/index.ts +0 -40
package/src/server/keys.ts +0 -158
package/src/server/limits.ts +0 -107
package/src/server/mounts.ts +0 -924
package/src/server/mutations/account.ts +0 -62
package/src/server/mutations/code.ts +0 -119
package/src/server/mutations/index.ts +0 -13
package/src/server/mutations/invalidate.ts +0 -50
package/src/server/mutations/oauth.ts +0 -243
package/src/server/mutations/refresh.ts +0 -299
package/src/server/mutations/register.ts +0 -155
package/src/server/mutations/retrieve.ts +0 -109
package/src/server/mutations/signature.ts +0 -57
package/src/server/mutations/signin.ts +0 -54
package/src/server/mutations/signout.ts +0 -43
package/src/server/mutations/store/refs.ts +0 -10
package/src/server/mutations/store.ts +0 -123
package/src/server/mutations/verifier.ts +0 -34
package/src/server/mutations/verify.ts +0 -200
package/src/server/oauth.ts +0 -418
package/src/server/passkey.ts +0 -838
package/src/server/redirects.ts +0 -59
package/src/server/refresh.ts +0 -218
package/src/server/runtime.ts +0 -918
package/src/server/sessions.ts +0 -132
package/src/server/signin.ts +0 -445
package/src/server/ssr.ts +0 -1747
package/src/server/templates.ts +0 -82
package/src/server/tokens.ts +0 -35
package/src/server/totp.ts +0 -399
package/src/server/types.ts +0 -1942
package/src/server/users.ts +0 -291
package/src/server/utils.ts +0 -220
/package/dist/{runtime → client/runtime}/invite.js +0 -0

package/dist/server/types.js CHANGED Viewed

@@ -48,35 +48,6 @@ async function mutatePasskeyUpdateCounter(ctx, passkeyId, counter, lastUsedAt) {
 		lastUsedAt
 	});
 }
-async function mutateKeyInsert(ctx, args) {
-	return await ctx.runMutation(ctx.auth.config.component.public.keyInsert, args);
-}
-async function queryKeysByUserId(ctx, userId) {
-	const items = [];
-	let cursor = null;
-	do {
-		const page = await ctx.runQuery(ctx.auth.config.component.public.keyList, {
-			where: { userId },
-			limit: 100,
-			cursor
-		});
-		items.push(...page.items);
-		cursor = page.nextCursor;
-	} while (cursor !== null);
-	return items;
-}
-async function queryKeyById(ctx, keyId) {
-	return await ctx.runQuery(ctx.auth.config.component.public.keyGetById, { keyId });
-}
-async function mutateKeyPatch(ctx, keyId, data) {
-	await ctx.runMutation(ctx.auth.config.component.public.keyPatch, {
-		keyId,
-		data
-	});
-}
-async function mutateKeyDelete(ctx, keyId) {
-	await ctx.runMutation(ctx.auth.config.component.public.keyDelete, { keyId });
-}
 async function mutateDeviceInsert(ctx, args) {
 	return await ctx.runMutation(ctx.auth.config.component.public.deviceInsert, args);
 }
@@ -104,5 +75,5 @@ async function mutateDeviceDelete(ctx, deviceId) {
 }
 //#endregion
-export { mutateDeviceAuthorize, mutateDeviceDelete, mutateDeviceInsert, mutateDeviceUpdateLastPolled, mutateKeyDelete, mutateKeyInsert, mutateKeyPatch, mutatePasskeyInsert, mutatePasskeyUpdateCounter, mutateTotpInsert, mutateTotpMarkVerified, mutateTotpUpdateLastUsed, mutateVerifierDelete, queryDeviceByCodeHash, queryDeviceByUserCode, queryKeyById, queryKeysByUserId, queryPasskeyByCredentialId, queryPasskeysByUserId, queryTotpById, queryTotpVerifiedByUserId, queryUserById, queryUserByVerifiedEmail, queryVerifierById };
+export { mutateDeviceAuthorize, mutateDeviceDelete, mutateDeviceInsert, mutateDeviceUpdateLastPolled, mutatePasskeyInsert, mutatePasskeyUpdateCounter, mutateTotpInsert, mutateTotpMarkVerified, mutateTotpUpdateLastUsed, mutateVerifierDelete, queryDeviceByCodeHash, queryDeviceByUserCode, queryPasskeyByCredentialId, queryPasskeysByUserId, queryTotpById, queryTotpVerifiedByUserId, queryUserById, queryUserByVerifiedEmail, queryVerifierById };
 //# sourceMappingURL=types.js.map

package/dist/server/url.js ADDED Viewed

@@ -0,0 +1,32 @@
+import { envOptionalString, readConfigSync, requireEnv } from "./env.js";
+//#region src/server/url.ts
+/** @internal */
+function normalizeUrl(url) {
+	return url.replace(/\/$/, "");
+}
+/** @internal */
+function siteUrlsFromEnv() {
+	const primaryUrl = normalizeUrl(requireEnv("SITE_URL"));
+	const secondaryUrls = readConfigSync(envOptionalString("SECONDARY_URL"))?.split(",").map((url) => url.trim()).filter((url) => url.length > 0).map(normalizeUrl) ?? [];
+	return {
+		primaryUrl,
+		allowedUrls: [...new Set([primaryUrl, ...secondaryUrls])]
+	};
+}
+/** @internal */
+function isLocalHost(host) {
+	if (host === void 0) return false;
+	const raw = host.includes("://") ? host : `http://${host}`;
+	let url;
+	try {
+		url = new URL(raw);
+	} catch {
+		return false;
+	}
+	return url.hostname === "localhost" || url.hostname === "127.0.0.1" || url.hostname === "::1";
+}
+//#endregion
+export { isLocalHost, siteUrlsFromEnv };
+//# sourceMappingURL=url.js.map

package/dist/server/users.js CHANGED Viewed

@@ -1,7 +1,7 @@
-import { LOG_LEVELS, logWithLevel } from "./utils.js";
+import { LOG_LEVELS } from "../shared/log.js";
 import { authDb } from "./db.js";
-import { Fx } from "@robelest/fx";
-import { Cv } from "@robelest/fx/convex";
+import { log } from "./log.js";
+import { ConvexError } from "convex/values";
 //#region src/server/users.ts
 function mergeExtend(existing, incoming) {
@@ -12,16 +12,35 @@ function mergeExtend(existing, incoming) {
 		...incoming
 	} : incoming;
 }
+function effectiveUserUpdateMode(source, policy) {
+	const authority = policy?.authority ?? "app";
+	let mode = source === "login" ? policy?.updateProfileOnLogin ?? "missing" : policy?.updateProfileFromScim ?? "always";
+	if (authority === "app") return mode === "never" ? "never" : "missing";
+	if (authority === "sso" && source === "scim") return mode === "never" ? "never" : "missing";
+	if (authority === "scim" && source === "login") return mode === "never" ? "never" : "missing";
+	return mode;
+}
+function isUserFieldMissing(value) {
+	return value === void 0 || value === null || value === "";
+}
+function buildUserPatchData(args) {
+	if (args.mode === "never") return {};
+	if (args.mode === "always") return args.nextUser;
+	return Object.fromEntries(Object.entries(args.nextUser).filter(([key, value]) => {
+		if (value === void 0) return false;
+		return isUserFieldMissing(args.currentUser[key]);
+	}));
+}
 /** @internal */
 async function upsertUserAndAccount(ctx, sessionId, account, args, config, opts) {
-	const userId = await defaultCreateOrUpdateUser(ctx, sessionId, "existingAccount" in account ? account.existingAccount : null, args, config, opts?.existingUserId ?? null);
+	const userId = await defaultCreateOrUpdateUser(ctx, sessionId, "existingAccount" in account ? account.existingAccount : null, args, config, opts?.existingUserId ?? null, opts?.provisioningUser, opts?.source ?? "login");
 	return {
 		userId,
 		accountId: await createOrUpdateAccount(ctx, userId, account, args, config)
 	};
 }
-async function defaultCreateOrUpdateUser(ctx, existingSessionId, existingAccount, args, config, existingUserIdOverride) {
-	logWithLevel(LOG_LEVELS.DEBUG, "defaultCreateOrUpdateUser args:", {
+async function defaultCreateOrUpdateUser(ctx, existingSessionId, existingAccount, args, config, existingUserIdOverride, provisioningUser, source) {
+	log(LOG_LEVELS.DEBUG, "defaultCreateOrUpdateUser args:", {
 		existingAccountId: existingAccount?._id,
 		existingSessionId,
 		args
@@ -29,7 +48,7 @@ async function defaultCreateOrUpdateUser(ctx, existingSessionId, existingAccount
 	const existingUserId = existingAccount?.userId ?? null;
 	const db = authDb(ctx, config);
 	if (config.callbacks?.createOrUpdateUser !== void 0) {
-		logWithLevel(LOG_LEVELS.DEBUG, "Using custom createOrUpdateUser callback");
+		log(LOG_LEVELS.DEBUG, "Using custom createOrUpdateUser callback");
 		return await config.callbacks.createOrUpdateUser(ctx, {
 			existingUserId,
 			...args
@@ -44,29 +63,27 @@ async function defaultCreateOrUpdateUser(ctx, existingSessionId, existingAccount
 	if (existingUserId === null) {
 		const existingUserWithVerifiedEmailId = typeof profile.email === "string" && shouldLinkViaEmail ? (await uniqueUserWithVerifiedEmail(ctx, profile.email, config))?._id ?? null : null;
 		const existingUserWithVerifiedPhoneId = typeof profile.phone === "string" && shouldLinkViaPhone ? (await uniqueUserWithVerifiedPhone(ctx, profile.phone, config))?._id ?? null : null;
-		const linkDispatch = {
-			tag: existingUserWithVerifiedEmailId !== null && existingUserWithVerifiedPhoneId !== null ? "both" : existingUserWithVerifiedEmailId !== null ? "email" : existingUserWithVerifiedPhoneId !== null ? "phone" : "none",
-			existingUserWithVerifiedEmailId,
-			existingUserWithVerifiedPhoneId
-		};
-		userId = await Fx.run({
-			both: () => Fx.sync(() => {
-				logWithLevel(LOG_LEVELS.DEBUG, `Found existing email and phone verified users, so not linking: email: ${linkDispatch.existingUserWithVerifiedEmailId}, phone: ${linkDispatch.existingUserWithVerifiedPhoneId}`);
-				return null;
-			}),
-			email: () => Fx.sync(() => {
-				logWithLevel(LOG_LEVELS.DEBUG, `Found existing email verified user, linking: ${linkDispatch.existingUserWithVerifiedEmailId}`);
-				return linkDispatch.existingUserWithVerifiedEmailId;
-			}),
-			phone: () => Fx.sync(() => {
-				logWithLevel(LOG_LEVELS.DEBUG, `Found existing phone verified user, linking: ${linkDispatch.existingUserWithVerifiedPhoneId}`);
-				return linkDispatch.existingUserWithVerifiedPhoneId;
-			}),
-			none: () => Fx.sync(() => {
-				logWithLevel(LOG_LEVELS.DEBUG, "No existing verified users found, creating new user");
-				return null;
-			})
-		}[linkDispatch.tag]());
+		if (existingUserWithVerifiedEmailId !== null && existingUserWithVerifiedPhoneId !== null) {
+			log(LOG_LEVELS.DEBUG, `Found existing email and phone verified users, so not linking: email: ${existingUserWithVerifiedEmailId}, phone: ${existingUserWithVerifiedPhoneId}`);
+			userId = null;
+		} else if (existingUserWithVerifiedEmailId !== null) {
+			log(LOG_LEVELS.DEBUG, `Found existing email verified user, linking: ${existingUserWithVerifiedEmailId}`);
+			userId = existingUserWithVerifiedEmailId;
+		} else if (existingUserWithVerifiedPhoneId !== null) {
+			log(LOG_LEVELS.DEBUG, `Found existing phone verified user, linking: ${existingUserWithVerifiedPhoneId}`);
+			userId = existingUserWithVerifiedPhoneId;
+		} else {
+			log(LOG_LEVELS.DEBUG, "No existing verified users found, creating new user");
+			userId = null;
+		}
+		if (userId !== null && config.sso?.hooks?.allowLink !== void 0 && (args.provider.type === "oauth" || args.provider.type === "sso")) {
+			if (await config.sso.hooks.allowLink({
+				protocol: args.provider.type === "oauth" && typeof args.accountExtend?.identity?.protocol === "string" ? args.accountExtend.identity.protocol : "oidc",
+				connectionId: typeof args.accountExtend?.identity?.connectionId === "string" ? args.accountExtend.identity.connectionId : void 0,
+				profile: args.profile,
+				userId
+			}) === false) userId = null;
+		}
 	}
 	const userData = {
 		...emailVerified ? { emailVerificationTime: Date.now() } : null,
@@ -74,23 +91,40 @@ async function defaultCreateOrUpdateUser(ctx, existingSessionId, existingAccount
 		...profile
 	};
 	const existingOrLinkedUserId = userId;
-	if (userId !== null) await Fx.run(Fx.from({
-		ok: () => db.users.patch(userId, userData),
-		err: (error) => Cv.error({
-			code: "USER_UPDATE_FAILED",
-			message: `Could not update user document with ID \`${userId}\`, either the user has been deleted but their account has not, or the profile data doesn't match the \`users\` table schema: ${error.message}`
-		})
-	}).pipe(Fx.recover((e) => Fx.fatal(e))));
-	else userId = await db.users.insert(userData);
+	if (userId !== null) {
+		const currentUserId = userId;
+		const currentUser = await db.users.getById(currentUserId);
+		const mode = effectiveUserUpdateMode(source, provisioningUser);
+		const patchData = buildUserPatchData({
+			currentUser: currentUser ?? {},
+			nextUser: userData,
+			mode
+		});
+		if (Object.keys(patchData).length === 0) return userId;
+		try {
+			await db.users.patch(currentUserId, patchData);
+		} catch (error) {
+			throw new ConvexError({
+				code: "USER_UPDATE_FAILED",
+				message: `Could not update user document with ID \`${currentUserId}\`, either the user has been deleted but their account has not, or the profile data doesn't match the \`users\` table schema: ${error instanceof Error ? error.message : String(error)}`
+			});
+		}
+	} else {
+		if (source === "login" && provisioningUser?.createOnSignIn === false) throw new ConvexError({
+			code: "NOT_AUTHORIZED",
+			message: "This SSO connection does not allow creating users on sign-in."
+		});
+		userId = await db.users.insert(userData);
+	}
 	const afterUserCreatedOrUpdated = config.callbacks?.afterUserCreatedOrUpdated;
 	if (afterUserCreatedOrUpdated !== void 0) {
-		logWithLevel(LOG_LEVELS.DEBUG, "Calling custom afterUserCreatedOrUpdated callback");
+		log(LOG_LEVELS.DEBUG, "Calling custom afterUserCreatedOrUpdated callback");
 		await afterUserCreatedOrUpdated(ctx, {
 			userId,
 			existingUserId: existingOrLinkedUserId,
 			...args
 		});
-	} else logWithLevel(LOG_LEVELS.DEBUG, "No custom afterUserCreatedOrUpdated callback, skipping");
+	} else log(LOG_LEVELS.DEBUG, "No custom afterUserCreatedOrUpdated callback, skipping");
 	return userId;
 }
 async function uniqueUserWithVerifiedEmail(ctx, email, config) {

package/dist/server/utils/cache.js ADDED Viewed

@@ -0,0 +1,51 @@
+//#region src/server/utils/cache.ts
+/**
+* Create a synchronous TTL cache.
+*
+* ```ts
+* const jwksCache = createCache({
+*   capacity: 128,
+*   timeToLiveMs: 60 * 60 * 1000,
+*   lookup: (url) => createRemoteJWKSet(new URL(url)),
+* });
+* const jwks = jwksCache.get(url);
+* ```
+*/
+function createCache(opts) {
+	const { capacity, timeToLiveMs, lookup } = opts;
+	const store = /* @__PURE__ */ new Map();
+	function evictExpired() {
+		const now = Date.now();
+		for (const [key, entry] of store) if (entry.expiresAt <= now) store.delete(key);
+	}
+	function evictOldest() {
+		if (store.size < capacity) return;
+		const firstKey = store.keys().next().value;
+		if (firstKey !== void 0) store.delete(firstKey);
+	}
+	return {
+		get(key) {
+			const existing = store.get(key);
+			if (existing && existing.expiresAt > Date.now()) return existing.value;
+			if (existing) store.delete(key);
+			evictExpired();
+			evictOldest();
+			const value = lookup(key);
+			store.set(key, {
+				value,
+				expiresAt: Date.now() + timeToLiveMs
+			});
+			return value;
+		},
+		invalidate(key) {
+			store.delete(key);
+		},
+		clear() {
+			store.clear();
+		}
+	};
+}
+//#endregion
+export { createCache };
+//# sourceMappingURL=cache.js.map

package/dist/server/utils/dispatch.js ADDED Viewed

@@ -0,0 +1,36 @@
+//#region src/server/utils/dispatch.ts
+/**
+* Build a dispatch function from a handler record.
+*
+* ```ts
+* const run = createDispatch({
+*   signIn:  (args) => handleSignIn(args),
+*   signOut: (args) => handleSignOut(args),
+* });
+* return await run("signIn", args);
+* ```
+*/
+function createDispatch(handlers) {
+	const map = new Map(Object.entries(handlers));
+	return ((key, ...args) => {
+		const handler = map.get(key);
+		if (!handler) throw new Error(`Unknown dispatch key: "${key}"`);
+		return handler(...args);
+	});
+}
+/**
+* Compose multiple dispatch tables into one.
+*
+* ```ts
+* const dispatch = composeDispatch(coreHandlers, ssoHandlers);
+* ```
+*/
+function composeDispatch(a, b) {
+	return {
+		...a,
+		...b
+	};
+}
+//#endregion
+export { composeDispatch, createDispatch };

package/dist/server/utils/retry.js ADDED Viewed

@@ -0,0 +1,24 @@
+//#region src/server/utils/retry.ts
+/**
+* Retry `fn` with exponential backoff until it succeeds or retries are
+* exhausted. On final failure the last error is re-thrown.
+*/
+async function retryWithBackoff(fn, opts = {}) {
+	const { maxRetries = 2, baseMs = 200, jitter = true } = opts;
+	let lastError;
+	for (let attempt = 0; attempt <= maxRetries; attempt++) try {
+		return await fn();
+	} catch (error) {
+		lastError = error;
+		if (attempt < maxRetries) {
+			const delay = baseMs * 2 ** attempt;
+			const jitterMs = jitter ? Math.random() * delay : 0;
+			await new Promise((resolve) => setTimeout(resolve, delay + jitterMs));
+		}
+	}
+	throw lastError;
+}
+//#endregion
+export { retryWithBackoff };
+//# sourceMappingURL=retry.js.map

package/dist/server/utils/span.js ADDED Viewed

@@ -0,0 +1,32 @@
+import { SpanStatusCode, trace } from "@opentelemetry/api";
+//#region src/server/utils/span.ts
+/**
+* Thin wrapper around `@opentelemetry/api` tracing.
+*
+* @module
+*/
+const tracer = trace.getTracer("convex-auth");
+/**
+* Run `fn` inside an OpenTelemetry span.
+*
+* If `fn` throws, the span is marked as errored and the exception is
+* recorded before re-throwing.
+*/
+async function withSpan(name, attributes, fn) {
+	return tracer.startActiveSpan(name, { attributes }, async (span) => {
+		try {
+			return await fn();
+		} catch (error) {
+			span.setStatus({ code: SpanStatusCode.ERROR });
+			if (error instanceof Error) span.recordException(error);
+			throw error;
+		} finally {
+			span.end();
+		}
+	});
+}
+//#endregion
+export { withSpan };
+//# sourceMappingURL=span.js.map

package/dist/shared/errors.js ADDED Viewed

@@ -0,0 +1,19 @@
+//#region src/shared/errors.ts
+var AuthFlowError = class extends Error {
+	_tag = "AuthFlowError";
+	code;
+	constructor({ code, message }) {
+		super(message);
+		this.code = code;
+		this.name = "AuthFlowError";
+	}
+};
+/** @internal */
+const authFlowError = (code, message) => new AuthFlowError({
+	code,
+	message
+});
+//#endregion
+export { AuthFlowError, authFlowError };
+//# sourceMappingURL=errors.js.map

package/dist/shared/log.js ADDED Viewed

@@ -0,0 +1,45 @@
+//#region src/shared/log.ts
+const LOG_LEVELS = {
+	ERROR: "ERROR",
+	WARN: "WARN",
+	INFO: "INFO",
+	DEBUG: "DEBUG"
+};
+function serialize(value) {
+	if (typeof value === "string") return value;
+	if (value instanceof Error) return `${value.message}${value.stack ? `\n${value.stack}` : ""}`;
+	try {
+		return JSON.stringify(value);
+	} catch {
+		return String(value);
+	}
+}
+function logMessage(module, level, args, configuredLogLevel = "INFO") {
+	const message = args.map(serialize).join(" ");
+	const meta = {
+		module,
+		level
+	};
+	const handler = {
+		ERROR: () => {
+			console.error(`[${meta.module}] [${meta.level}]`, message);
+		},
+		WARN: () => {
+			if (configuredLogLevel === "ERROR") return;
+			console.warn(`[${meta.module}] [${meta.level}]`, message);
+		},
+		INFO: () => {
+			if (configuredLogLevel !== "INFO" && configuredLogLevel !== "DEBUG") return;
+			console.info(`[${meta.module}] [${meta.level}]`, message);
+		},
+		DEBUG: () => {
+			if (configuredLogLevel !== "DEBUG") return;
+			console.debug(`[${meta.module}] [${meta.level}]`, message);
+		}
+	}[level];
+	if (handler) handler();
+}
+//#endregion
+export { LOG_LEVELS, logMessage };
+//# sourceMappingURL=log.js.map

package/{src/test.ts → dist/test.d.ts} RENAMED Viewed

@@ -1,14 +1,7 @@
-import type { TestConvex } from "convex-test";
-import type { GenericSchema, SchemaDefinition } from "convex/server";
-import schema from "./component/schema";
-type ImportMetaWithGlob = ImportMeta & {
-  glob: (pattern: string) => Record<string, () => Promise<unknown>>;
-};
-const modules = (import.meta as ImportMetaWithGlob).glob("./component/**/*.ts");
+import { GenericSchema, SchemaDefinition } from "convex/server";
+import { TestConvex } from "convex-test";
+//#region src/test.d.ts
 /**
  * Register the Convex Auth component in a `convex-test` environment.
  *
@@ -28,21 +21,27 @@ const modules = (import.meta as ImportMetaWithGlob).glob("./component/**/*.ts");
  * register(t);
  * ```
  */
-export function register(
-  t: TestConvex<SchemaDefinition<GenericSchema, boolean>>,
-  name: string = "auth",
-) {
-  t.registerComponent(name, schema, modules);
-}
+declare function register(t: TestConvex<SchemaDefinition<GenericSchema, boolean>>, name?: string): void;
+declare const testHelpers: {
+  register: typeof register;
+  schema: SchemaDefinition<GenericSchema, boolean>;
+  modules: Record<string, () => Promise<unknown>>;
+};
 /**
  * Test helpers bundled for `convex-test` setups.
  *
  * Exposes the auth component `schema`, lazily discovered `modules`, and the
  * `register()` helper as a convenience default export.
+ *
+ * @example
+ * ```ts
+ * import authTest from "@robelest/convex-auth/test";
+ * import { convexTest } from "convex-test";
+ *
+ * const t = convexTest(schema);
+ * authTest.register(t);
+ * ```
  */
-export default {
-  register,
-  schema,
-  modules,
-};
+//#endregion
+export { testHelpers as default, register };
+//# sourceMappingURL=test.d.ts.map

package/dist/test.js ADDED Viewed

@@ -0,0 +1,51 @@
+import modules_default from "./component/modules.js";
+import schema_default from "./component/schema.js";
+//#region src/test.ts
+/**
+* Register the Convex Auth component in a `convex-test` environment.
+*
+* Use this in tests to mount the bundled auth component under a chosen
+* component name before invoking its functions.
+*
+* @param t - The `convex-test` test harness.
+* @param name - Component mount name. Defaults to `"auth"`.
+* @returns Nothing.
+*
+* @example
+* ```ts
+* import { convexTest } from "convex-test";
+* import { register } from "@robelest/convex-auth/test";
+*
+* const t = convexTest(schema);
+* register(t);
+* ```
+*/
+function register(t, name = "auth") {
+	t.registerComponent(name, schema_default, modules_default);
+}
+const testHelpers = {
+	register,
+	schema: schema_default,
+	modules: modules_default
+};
+/**
+* Test helpers bundled for `convex-test` setups.
+*
+* Exposes the auth component `schema`, lazily discovered `modules`, and the
+* `register()` helper as a convenience default export.
+*
+* @example
+* ```ts
+* import authTest from "@robelest/convex-auth/test";
+* import { convexTest } from "convex-test";
+*
+* const t = convexTest(schema);
+* authTest.register(t);
+* ```
+*/
+var test_default = testHelpers;
+//#endregion
+export { test_default as default, register };
+//# sourceMappingURL=test.js.map