@robelest/convex-auth 0.0.4-preview.25 → 0.0.4-preview.28
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +43 -36
- package/dist/bin.js +5765 -4880
- package/dist/browser/index.d.ts +30 -0
- package/dist/browser/index.js +93 -0
- package/dist/browser/locks.js +11 -0
- package/dist/browser/navigation.js +14 -0
- package/dist/{factors → browser}/passkey.js +23 -32
- package/dist/browser/runtime.js +92 -0
- package/dist/client/core/types.d.ts +452 -5
- package/dist/client/core/types.js +17 -0
- package/dist/client/errors.js +19 -0
- package/dist/client/factors/device.js +94 -0
- package/dist/{factors → client/factors}/totp.js +12 -4
- package/dist/client/index.d.ts +47 -1
- package/dist/client/index.js +269 -232
- package/dist/client/runtime/mutex.js +24 -0
- package/dist/client/runtime/proxy.js +30 -0
- package/dist/client/runtime/storage.js +45 -0
- package/dist/client/services/adapters.js +7 -0
- package/dist/client/services/http.js +6 -0
- package/dist/client/services/resolve.js +13 -0
- package/dist/client/services/runtime.js +6 -0
- package/dist/component/_generated/component.d.ts +1355 -1399
- package/dist/component/convex.config.d.ts +2 -2
- package/dist/component/index.d.ts +4 -26
- package/dist/component/index.js +1 -1
- package/dist/component/model.d.ts +26 -112
- package/dist/component/model.js +76 -54
- package/dist/component/modules.js +38 -0
- package/dist/component/public/factors/devices.js +1 -1
- package/dist/component/public/factors/passkeys.js +1 -1
- package/dist/component/public/factors/totp.js +1 -1
- package/dist/component/public/groups/core.js +2 -2
- package/dist/component/public/groups/invites.js +1 -1
- package/dist/component/public/groups/members.js +1 -1
- package/dist/component/public/identity/accounts.js +1 -1
- package/dist/component/public/identity/codes.js +1 -1
- package/dist/component/public/identity/sessions.js +39 -2
- package/dist/component/public/identity/tokens.js +82 -4
- package/dist/component/public/identity/users.js +1 -1
- package/dist/component/public/identity/verifiers.js +10 -4
- package/dist/component/public/security/keys.js +1 -1
- package/dist/component/public/security/limits.js +1 -1
- package/dist/component/public/{enterprise → sso}/audit.js +26 -26
- package/dist/component/public/sso/core.js +263 -0
- package/dist/component/public/sso/domains.js +280 -0
- package/dist/component/public/{enterprise → sso}/scim.js +87 -87
- package/dist/component/public/sso/secrets.js +125 -0
- package/dist/component/public/{enterprise → sso}/webhooks.js +59 -59
- package/dist/component/public.js +9 -9
- package/dist/component/schema.d.ts +472 -393
- package/dist/component/schema.js +36 -35
- package/dist/core/index.d.ts +380 -0
- package/dist/core/index.js +83 -0
- package/dist/otel.d.ts +69 -0
- package/dist/otel.js +82 -0
- package/dist/providers/anonymous.d.ts +15 -34
- package/dist/providers/anonymous.js +27 -35
- package/dist/providers/apple.d.ts +59 -0
- package/dist/providers/apple.js +58 -0
- package/dist/providers/credentials.d.ts +18 -34
- package/dist/providers/credentials.js +16 -27
- package/dist/providers/custom.d.ts +94 -0
- package/dist/providers/custom.js +119 -0
- package/dist/providers/device.d.ts +15 -49
- package/dist/providers/device.js +17 -34
- package/dist/providers/email.d.ts +21 -38
- package/dist/providers/email.js +36 -55
- package/dist/providers/github.d.ts +54 -0
- package/dist/providers/github.js +75 -0
- package/dist/providers/google.d.ts +54 -0
- package/dist/providers/google.js +61 -0
- package/dist/providers/index.d.ts +16 -12
- package/dist/providers/index.js +15 -11
- package/dist/providers/microsoft.d.ts +57 -0
- package/dist/providers/microsoft.js +101 -0
- package/dist/providers/passkey.d.ts +19 -35
- package/dist/providers/passkey.js +20 -30
- package/dist/providers/password.d.ts +17 -18
- package/dist/providers/password.js +121 -143
- package/dist/providers/phone.d.ts +13 -28
- package/dist/providers/phone.js +21 -46
- package/dist/providers/sso.d.ts +16 -36
- package/dist/providers/sso.js +21 -22
- package/dist/providers/totp.d.ts +13 -29
- package/dist/providers/totp.js +17 -27
- package/dist/server/auth-context.d.ts +204 -0
- package/dist/server/auth-context.js +76 -0
- package/dist/server/auth.d.ts +99 -244
- package/dist/server/auth.js +56 -152
- package/dist/server/componentContext.d.ts +12 -0
- package/dist/server/componentContext.js +1 -0
- package/dist/server/config.js +6 -67
- package/dist/server/constants.js +6 -0
- package/dist/server/contract.d.ts +105 -0
- package/dist/server/contract.js +43 -0
- package/dist/server/cookies.js +3 -2
- package/dist/server/core.js +31 -36
- package/dist/server/crypto.js +34 -44
- package/dist/server/db.js +6 -1
- package/dist/server/device.js +96 -130
- package/dist/server/env.js +48 -0
- package/dist/server/errors.js +20 -0
- package/dist/server/http.d.ts +15 -59
- package/dist/server/http.js +136 -120
- package/dist/server/identity.js +2 -2
- package/dist/server/index.d.ts +5 -4
- package/dist/server/index.js +3 -3
- package/dist/server/keys.js +10 -1
- package/dist/server/limits.js +26 -26
- package/dist/server/log.js +28 -0
- package/dist/server/mounts.d.ts +1107 -296
- package/dist/server/mounts.js +315 -196
- package/dist/server/mutations/account.js +11 -14
- package/dist/server/mutations/code.js +6 -5
- package/dist/server/mutations/invalidate.js +9 -11
- package/dist/server/mutations/oauth.js +112 -73
- package/dist/server/mutations/refresh.js +47 -97
- package/dist/server/mutations/register.js +37 -35
- package/dist/server/mutations/retrieve.js +16 -16
- package/dist/server/mutations/signature.js +15 -18
- package/dist/server/mutations/signin.js +10 -5
- package/dist/server/mutations/signout.js +11 -14
- package/dist/server/mutations/store.js +25 -18
- package/dist/server/mutations/verifier.js +11 -8
- package/dist/server/mutations/verify.js +53 -41
- package/dist/server/oauth/factory.js +44 -0
- package/dist/server/oauth/index.js +12 -0
- package/dist/server/oauth/runtime.js +248 -0
- package/dist/server/passkey.js +331 -365
- package/dist/server/payloads.d.ts +16 -0
- package/dist/server/payloads.js +30 -0
- package/dist/server/{ssr.d.ts → prefetch.d.ts} +2 -2
- package/dist/server/prefetch.js +635 -0
- package/dist/server/random.js +19 -0
- package/dist/server/redirects.js +10 -5
- package/dist/server/refresh.js +14 -86
- package/dist/server/runtime.d.ts +531 -31
- package/dist/server/runtime.js +106 -267
- package/dist/server/secret.js +44 -0
- package/dist/server/services/config.js +10 -0
- package/dist/server/services/group.js +211 -0
- package/dist/server/services/logger.js +8 -0
- package/dist/server/services/providers.js +22 -0
- package/dist/server/services/refresh.js +8 -0
- package/dist/server/services/resolve.js +27 -0
- package/dist/server/services/signin.js +8 -0
- package/dist/server/sessions.js +35 -34
- package/dist/server/signin.js +229 -140
- package/dist/server/{enterprise → sso}/config.js +10 -3
- package/dist/server/sso/domain.d.ts +614 -0
- package/dist/server/sso/domain.js +1175 -0
- package/dist/server/sso/http.js +1060 -0
- package/dist/server/sso/oidc.js +324 -0
- package/dist/server/sso/policies.js +59 -0
- package/dist/server/sso/policy.js +139 -0
- package/dist/server/sso/profile.js +22 -0
- package/dist/server/sso/provision.js +179 -0
- package/dist/{component/server/enterprise → server/sso}/saml.js +142 -56
- package/dist/{component/server/enterprise → server/sso}/scim.js +13 -7
- package/dist/server/sso/shared.js +74 -0
- package/dist/server/sso/validators.js +88 -0
- package/dist/server/sso/webhook.js +94 -0
- package/dist/server/tokens.js +16 -4
- package/dist/server/totp.js +155 -164
- package/dist/server/types.d.ts +306 -296
- package/dist/server/types.js +1 -30
- package/dist/server/url.js +32 -0
- package/dist/server/users.js +74 -40
- package/dist/server/utils/cache.js +51 -0
- package/dist/server/utils/dispatch.js +36 -0
- package/dist/server/utils/retry.js +24 -0
- package/dist/server/utils/span.js +32 -0
- package/dist/shared/errors.js +19 -0
- package/dist/shared/log.js +45 -0
- package/{src/test.ts → dist/test.d.ts} +21 -22
- package/dist/test.js +51 -0
- package/package.json +70 -42
- package/dist/authorization/index.d.ts.map +0 -1
- package/dist/authorization/index.js.map +0 -1
- package/dist/client/core/types.d.ts.map +0 -1
- package/dist/client/index.d.ts.map +0 -1
- package/dist/client/index.js.map +0 -1
- package/dist/component/_generated/api.d.ts +0 -75
- package/dist/component/_generated/api.d.ts.map +0 -1
- package/dist/component/_generated/api.js.map +0 -1
- package/dist/component/_generated/component.d.ts.map +0 -1
- package/dist/component/_generated/dataModel.d.ts +0 -42
- package/dist/component/_generated/dataModel.d.ts.map +0 -1
- package/dist/component/_generated/server.d.ts +0 -117
- package/dist/component/_generated/server.d.ts.map +0 -1
- package/dist/component/_generated/server.js.map +0 -1
- package/dist/component/_virtual/rolldown_runtime.js +0 -18
- package/dist/component/client/core/types.d.ts +0 -2
- package/dist/component/client/index.d.ts +0 -1
- package/dist/component/convex.config.d.ts.map +0 -1
- package/dist/component/convex.config.js.map +0 -1
- package/dist/component/functions.d.ts +0 -25
- package/dist/component/functions.d.ts.map +0 -1
- package/dist/component/functions.js.map +0 -1
- package/dist/component/index.d.ts.map +0 -1
- package/dist/component/model.d.ts.map +0 -1
- package/dist/component/model.js.map +0 -1
- package/dist/component/providers/anonymous.d.ts +0 -54
- package/dist/component/providers/anonymous.d.ts.map +0 -1
- package/dist/component/providers/credentials.d.ts +0 -38
- package/dist/component/providers/credentials.d.ts.map +0 -1
- package/dist/component/providers/device.d.ts +0 -67
- package/dist/component/providers/device.d.ts.map +0 -1
- package/dist/component/providers/email.d.ts +0 -62
- package/dist/component/providers/email.d.ts.map +0 -1
- package/dist/component/providers/oauth.d.ts +0 -25
- package/dist/component/providers/oauth.d.ts.map +0 -1
- package/dist/component/providers/oauth.js +0 -13
- package/dist/component/providers/oauth.js.map +0 -1
- package/dist/component/providers/passkey.d.ts +0 -57
- package/dist/component/providers/passkey.d.ts.map +0 -1
- package/dist/component/providers/password.d.ts +0 -88
- package/dist/component/providers/password.d.ts.map +0 -1
- package/dist/component/providers/phone.d.ts +0 -48
- package/dist/component/providers/phone.d.ts.map +0 -1
- package/dist/component/providers/sso.d.ts +0 -50
- package/dist/component/providers/sso.d.ts.map +0 -1
- package/dist/component/providers/totp.d.ts +0 -45
- package/dist/component/providers/totp.d.ts.map +0 -1
- package/dist/component/public/enterprise/audit.d.ts +0 -73
- package/dist/component/public/enterprise/audit.d.ts.map +0 -1
- package/dist/component/public/enterprise/audit.js.map +0 -1
- package/dist/component/public/enterprise/core.d.ts +0 -176
- package/dist/component/public/enterprise/core.d.ts.map +0 -1
- package/dist/component/public/enterprise/core.js +0 -292
- package/dist/component/public/enterprise/core.js.map +0 -1
- package/dist/component/public/enterprise/domains.d.ts +0 -174
- package/dist/component/public/enterprise/domains.d.ts.map +0 -1
- package/dist/component/public/enterprise/domains.js +0 -271
- package/dist/component/public/enterprise/domains.js.map +0 -1
- package/dist/component/public/enterprise/scim.d.ts +0 -245
- package/dist/component/public/enterprise/scim.d.ts.map +0 -1
- package/dist/component/public/enterprise/scim.js.map +0 -1
- package/dist/component/public/enterprise/secrets.d.ts +0 -78
- package/dist/component/public/enterprise/secrets.d.ts.map +0 -1
- package/dist/component/public/enterprise/secrets.js +0 -118
- package/dist/component/public/enterprise/secrets.js.map +0 -1
- package/dist/component/public/enterprise/webhooks.d.ts +0 -211
- package/dist/component/public/enterprise/webhooks.d.ts.map +0 -1
- package/dist/component/public/enterprise/webhooks.js.map +0 -1
- package/dist/component/public/factors/devices.d.ts +0 -157
- package/dist/component/public/factors/devices.d.ts.map +0 -1
- package/dist/component/public/factors/devices.js.map +0 -1
- package/dist/component/public/factors/passkeys.d.ts +0 -175
- package/dist/component/public/factors/passkeys.d.ts.map +0 -1
- package/dist/component/public/factors/passkeys.js.map +0 -1
- package/dist/component/public/factors/totp.d.ts +0 -189
- package/dist/component/public/factors/totp.d.ts.map +0 -1
- package/dist/component/public/factors/totp.js.map +0 -1
- package/dist/component/public/groups/core.d.ts +0 -137
- package/dist/component/public/groups/core.d.ts.map +0 -1
- package/dist/component/public/groups/core.js.map +0 -1
- package/dist/component/public/groups/invites.d.ts +0 -217
- package/dist/component/public/groups/invites.d.ts.map +0 -1
- package/dist/component/public/groups/invites.js.map +0 -1
- package/dist/component/public/groups/members.d.ts +0 -204
- package/dist/component/public/groups/members.d.ts.map +0 -1
- package/dist/component/public/groups/members.js.map +0 -1
- package/dist/component/public/identity/accounts.d.ts +0 -147
- package/dist/component/public/identity/accounts.d.ts.map +0 -1
- package/dist/component/public/identity/accounts.js.map +0 -1
- package/dist/component/public/identity/codes.d.ts +0 -104
- package/dist/component/public/identity/codes.d.ts.map +0 -1
- package/dist/component/public/identity/codes.js.map +0 -1
- package/dist/component/public/identity/sessions.d.ts +0 -128
- package/dist/component/public/identity/sessions.d.ts.map +0 -1
- package/dist/component/public/identity/sessions.js.map +0 -1
- package/dist/component/public/identity/tokens.d.ts +0 -169
- package/dist/component/public/identity/tokens.d.ts.map +0 -1
- package/dist/component/public/identity/tokens.js.map +0 -1
- package/dist/component/public/identity/users.d.ts +0 -212
- package/dist/component/public/identity/users.d.ts.map +0 -1
- package/dist/component/public/identity/users.js.map +0 -1
- package/dist/component/public/identity/verifiers.d.ts +0 -116
- package/dist/component/public/identity/verifiers.d.ts.map +0 -1
- package/dist/component/public/identity/verifiers.js.map +0 -1
- package/dist/component/public/security/keys.d.ts +0 -209
- package/dist/component/public/security/keys.d.ts.map +0 -1
- package/dist/component/public/security/keys.js.map +0 -1
- package/dist/component/public/security/limits.d.ts +0 -114
- package/dist/component/public/security/limits.d.ts.map +0 -1
- package/dist/component/public/security/limits.js.map +0 -1
- package/dist/component/public.d.ts +0 -28
- package/dist/component/public.d.ts.map +0 -1
- package/dist/component/schema.d.ts.map +0 -1
- package/dist/component/schema.js.map +0 -1
- package/dist/component/server/auth.d.ts +0 -447
- package/dist/component/server/auth.d.ts.map +0 -1
- package/dist/component/server/auth.js +0 -254
- package/dist/component/server/auth.js.map +0 -1
- package/dist/component/server/config.js +0 -121
- package/dist/component/server/config.js.map +0 -1
- package/dist/component/server/context.js +0 -53
- package/dist/component/server/context.js.map +0 -1
- package/dist/component/server/cookies.js +0 -47
- package/dist/component/server/cookies.js.map +0 -1
- package/dist/component/server/core.js +0 -576
- package/dist/component/server/core.js.map +0 -1
- package/dist/component/server/crypto.js +0 -56
- package/dist/component/server/crypto.js.map +0 -1
- package/dist/component/server/db.js +0 -87
- package/dist/component/server/db.js.map +0 -1
- package/dist/component/server/device.js +0 -152
- package/dist/component/server/device.js.map +0 -1
- package/dist/component/server/enterprise/config.js +0 -46
- package/dist/component/server/enterprise/config.js.map +0 -1
- package/dist/component/server/enterprise/domain.js +0 -974
- package/dist/component/server/enterprise/domain.js.map +0 -1
- package/dist/component/server/enterprise/http.js +0 -787
- package/dist/component/server/enterprise/http.js.map +0 -1
- package/dist/component/server/enterprise/oidc.js +0 -248
- package/dist/component/server/enterprise/oidc.js.map +0 -1
- package/dist/component/server/enterprise/policy.js +0 -85
- package/dist/component/server/enterprise/policy.js.map +0 -1
- package/dist/component/server/enterprise/saml.js.map +0 -1
- package/dist/component/server/enterprise/scim.js.map +0 -1
- package/dist/component/server/enterprise/shared.js +0 -51
- package/dist/component/server/enterprise/shared.js.map +0 -1
- package/dist/component/server/http.d.ts +0 -85
- package/dist/component/server/http.d.ts.map +0 -1
- package/dist/component/server/http.js +0 -351
- package/dist/component/server/http.js.map +0 -1
- package/dist/component/server/identity.js +0 -16
- package/dist/component/server/identity.js.map +0 -1
- package/dist/component/server/keys.js +0 -96
- package/dist/component/server/keys.js.map +0 -1
- package/dist/component/server/limits.js +0 -52
- package/dist/component/server/limits.js.map +0 -1
- package/dist/component/server/mutations/account.js +0 -46
- package/dist/component/server/mutations/account.js.map +0 -1
- package/dist/component/server/mutations/code.js +0 -68
- package/dist/component/server/mutations/code.js.map +0 -1
- package/dist/component/server/mutations/invalidate.js +0 -32
- package/dist/component/server/mutations/invalidate.js.map +0 -1
- package/dist/component/server/mutations/oauth.js +0 -116
- package/dist/component/server/mutations/oauth.js.map +0 -1
- package/dist/component/server/mutations/refresh.js +0 -119
- package/dist/component/server/mutations/refresh.js.map +0 -1
- package/dist/component/server/mutations/register.js +0 -87
- package/dist/component/server/mutations/register.js.map +0 -1
- package/dist/component/server/mutations/retrieve.js +0 -61
- package/dist/component/server/mutations/retrieve.js.map +0 -1
- package/dist/component/server/mutations/signature.js +0 -38
- package/dist/component/server/mutations/signature.js.map +0 -1
- package/dist/component/server/mutations/signin.js +0 -27
- package/dist/component/server/mutations/signin.js.map +0 -1
- package/dist/component/server/mutations/signout.js +0 -27
- package/dist/component/server/mutations/signout.js.map +0 -1
- package/dist/component/server/mutations/store/refs.js +0 -15
- package/dist/component/server/mutations/store/refs.js.map +0 -1
- package/dist/component/server/mutations/store.js +0 -70
- package/dist/component/server/mutations/store.js.map +0 -1
- package/dist/component/server/mutations/verifier.js +0 -18
- package/dist/component/server/mutations/verifier.js.map +0 -1
- package/dist/component/server/mutations/verify.js +0 -98
- package/dist/component/server/mutations/verify.js.map +0 -1
- package/dist/component/server/oauth.js +0 -242
- package/dist/component/server/oauth.js.map +0 -1
- package/dist/component/server/passkey.js +0 -415
- package/dist/component/server/passkey.js.map +0 -1
- package/dist/component/server/redirects.js +0 -40
- package/dist/component/server/redirects.js.map +0 -1
- package/dist/component/server/refresh.js +0 -99
- package/dist/component/server/refresh.js.map +0 -1
- package/dist/component/server/runtime.d.ts +0 -136
- package/dist/component/server/runtime.d.ts.map +0 -1
- package/dist/component/server/runtime.js +0 -456
- package/dist/component/server/runtime.js.map +0 -1
- package/dist/component/server/sessions.js +0 -71
- package/dist/component/server/sessions.js.map +0 -1
- package/dist/component/server/signin.js +0 -225
- package/dist/component/server/signin.js.map +0 -1
- package/dist/component/server/tokens.js +0 -17
- package/dist/component/server/tokens.js.map +0 -1
- package/dist/component/server/totp.js +0 -208
- package/dist/component/server/totp.js.map +0 -1
- package/dist/component/server/types.d.ts +0 -949
- package/dist/component/server/types.d.ts.map +0 -1
- package/dist/component/server/types.js +0 -79
- package/dist/component/server/types.js.map +0 -1
- package/dist/component/server/users.js +0 -123
- package/dist/component/server/users.js.map +0 -1
- package/dist/component/server/utils.js +0 -140
- package/dist/component/server/utils.js.map +0 -1
- package/dist/core/types.d.ts +0 -361
- package/dist/core/types.d.ts.map +0 -1
- package/dist/factors/device.js +0 -104
- package/dist/factors/device.js.map +0 -1
- package/dist/factors/passkey.js.map +0 -1
- package/dist/factors/totp.js.map +0 -1
- package/dist/providers/anonymous.d.ts.map +0 -1
- package/dist/providers/anonymous.js.map +0 -1
- package/dist/providers/credentials.d.ts.map +0 -1
- package/dist/providers/credentials.js.map +0 -1
- package/dist/providers/device.d.ts.map +0 -1
- package/dist/providers/device.js.map +0 -1
- package/dist/providers/email.d.ts.map +0 -1
- package/dist/providers/email.js.map +0 -1
- package/dist/providers/oauth.d.ts +0 -69
- package/dist/providers/oauth.d.ts.map +0 -1
- package/dist/providers/oauth.js +0 -43
- package/dist/providers/oauth.js.map +0 -1
- package/dist/providers/passkey.d.ts.map +0 -1
- package/dist/providers/passkey.js.map +0 -1
- package/dist/providers/password.d.ts.map +0 -1
- package/dist/providers/password.js.map +0 -1
- package/dist/providers/phone.d.ts.map +0 -1
- package/dist/providers/phone.js.map +0 -1
- package/dist/providers/sso.d.ts.map +0 -1
- package/dist/providers/sso.js.map +0 -1
- package/dist/providers/totp.d.ts.map +0 -1
- package/dist/providers/totp.js.map +0 -1
- package/dist/runtime/browser.js +0 -68
- package/dist/runtime/browser.js.map +0 -1
- package/dist/runtime/invite.js.map +0 -1
- package/dist/runtime/proxy.js +0 -70
- package/dist/runtime/proxy.js.map +0 -1
- package/dist/runtime/storage.js +0 -37
- package/dist/runtime/storage.js.map +0 -1
- package/dist/server/auth.d.ts.map +0 -1
- package/dist/server/auth.js.map +0 -1
- package/dist/server/config.d.ts +0 -1
- package/dist/server/config.js.map +0 -1
- package/dist/server/context.d.ts +0 -1
- package/dist/server/context.js.map +0 -1
- package/dist/server/cookies.d.ts +0 -1
- package/dist/server/cookies.js.map +0 -1
- package/dist/server/core.d.ts +0 -1315
- package/dist/server/core.d.ts.map +0 -1
- package/dist/server/core.js.map +0 -1
- package/dist/server/crypto.d.ts +0 -8
- package/dist/server/crypto.d.ts.map +0 -1
- package/dist/server/crypto.js.map +0 -1
- package/dist/server/db.d.ts +0 -1
- package/dist/server/db.js.map +0 -1
- package/dist/server/device.d.ts +0 -1
- package/dist/server/device.js.map +0 -1
- package/dist/server/enterprise/config.d.ts +0 -1
- package/dist/server/enterprise/config.js.map +0 -1
- package/dist/server/enterprise/domain.d.ts +0 -401
- package/dist/server/enterprise/domain.d.ts.map +0 -1
- package/dist/server/enterprise/domain.js +0 -974
- package/dist/server/enterprise/domain.js.map +0 -1
- package/dist/server/enterprise/http.d.ts +0 -26
- package/dist/server/enterprise/http.d.ts.map +0 -1
- package/dist/server/enterprise/http.js +0 -787
- package/dist/server/enterprise/http.js.map +0 -1
- package/dist/server/enterprise/oidc.d.ts +0 -1
- package/dist/server/enterprise/oidc.js +0 -248
- package/dist/server/enterprise/oidc.js.map +0 -1
- package/dist/server/enterprise/policy.d.ts +0 -1
- package/dist/server/enterprise/policy.js +0 -85
- package/dist/server/enterprise/policy.js.map +0 -1
- package/dist/server/enterprise/saml.d.ts +0 -1
- package/dist/server/enterprise/saml.js +0 -338
- package/dist/server/enterprise/saml.js.map +0 -1
- package/dist/server/enterprise/scim.d.ts +0 -1
- package/dist/server/enterprise/scim.js +0 -97
- package/dist/server/enterprise/scim.js.map +0 -1
- package/dist/server/enterprise/shared.d.ts +0 -5
- package/dist/server/enterprise/shared.d.ts.map +0 -1
- package/dist/server/enterprise/shared.js +0 -51
- package/dist/server/enterprise/shared.js.map +0 -1
- package/dist/server/enterprise/validators.d.ts +0 -1
- package/dist/server/enterprise/validators.js +0 -60
- package/dist/server/enterprise/validators.js.map +0 -1
- package/dist/server/http.d.ts.map +0 -1
- package/dist/server/http.js.map +0 -1
- package/dist/server/identity.d.ts +0 -1
- package/dist/server/identity.js.map +0 -1
- package/dist/server/keys.d.ts +0 -1
- package/dist/server/keys.js.map +0 -1
- package/dist/server/limits.d.ts +0 -1
- package/dist/server/limits.js.map +0 -1
- package/dist/server/mounts.d.ts.map +0 -1
- package/dist/server/mounts.js.map +0 -1
- package/dist/server/mutations/account.d.ts +0 -29
- package/dist/server/mutations/account.d.ts.map +0 -1
- package/dist/server/mutations/account.js.map +0 -1
- package/dist/server/mutations/code.d.ts +0 -30
- package/dist/server/mutations/code.d.ts.map +0 -1
- package/dist/server/mutations/code.js.map +0 -1
- package/dist/server/mutations/index.d.ts +0 -14
- package/dist/server/mutations/invalidate.d.ts +0 -20
- package/dist/server/mutations/invalidate.d.ts.map +0 -1
- package/dist/server/mutations/invalidate.js.map +0 -1
- package/dist/server/mutations/oauth.d.ts +0 -30
- package/dist/server/mutations/oauth.d.ts.map +0 -1
- package/dist/server/mutations/oauth.js.map +0 -1
- package/dist/server/mutations/refresh.d.ts +0 -21
- package/dist/server/mutations/refresh.d.ts.map +0 -1
- package/dist/server/mutations/refresh.js.map +0 -1
- package/dist/server/mutations/register.d.ts +0 -38
- package/dist/server/mutations/register.d.ts.map +0 -1
- package/dist/server/mutations/register.js.map +0 -1
- package/dist/server/mutations/retrieve.d.ts +0 -33
- package/dist/server/mutations/retrieve.d.ts.map +0 -1
- package/dist/server/mutations/retrieve.js.map +0 -1
- package/dist/server/mutations/signature.d.ts +0 -21
- package/dist/server/mutations/signature.d.ts.map +0 -1
- package/dist/server/mutations/signature.js.map +0 -1
- package/dist/server/mutations/signin.d.ts +0 -22
- package/dist/server/mutations/signin.d.ts.map +0 -1
- package/dist/server/mutations/signin.js.map +0 -1
- package/dist/server/mutations/signout.d.ts +0 -16
- package/dist/server/mutations/signout.d.ts.map +0 -1
- package/dist/server/mutations/signout.js.map +0 -1
- package/dist/server/mutations/store/refs.d.ts +0 -12
- package/dist/server/mutations/store/refs.d.ts.map +0 -1
- package/dist/server/mutations/store/refs.js.map +0 -1
- package/dist/server/mutations/store.d.ts +0 -306
- package/dist/server/mutations/store.d.ts.map +0 -1
- package/dist/server/mutations/store.js.map +0 -1
- package/dist/server/mutations/verifier.d.ts +0 -13
- package/dist/server/mutations/verifier.d.ts.map +0 -1
- package/dist/server/mutations/verifier.js.map +0 -1
- package/dist/server/mutations/verify.d.ts +0 -26
- package/dist/server/mutations/verify.d.ts.map +0 -1
- package/dist/server/mutations/verify.js.map +0 -1
- package/dist/server/oauth.d.ts +0 -1
- package/dist/server/oauth.js +0 -242
- package/dist/server/oauth.js.map +0 -1
- package/dist/server/passkey.d.ts +0 -27
- package/dist/server/passkey.d.ts.map +0 -1
- package/dist/server/passkey.js.map +0 -1
- package/dist/server/redirects.d.ts +0 -1
- package/dist/server/redirects.js.map +0 -1
- package/dist/server/refresh.d.ts +0 -1
- package/dist/server/refresh.js.map +0 -1
- package/dist/server/runtime.d.ts.map +0 -1
- package/dist/server/runtime.js.map +0 -1
- package/dist/server/sessions.d.ts +0 -1
- package/dist/server/sessions.js.map +0 -1
- package/dist/server/signin.d.ts +0 -1
- package/dist/server/signin.js.map +0 -1
- package/dist/server/ssr.d.ts.map +0 -1
- package/dist/server/ssr.js +0 -777
- package/dist/server/ssr.js.map +0 -1
- package/dist/server/templates.d.ts +0 -1
- package/dist/server/templates.js.map +0 -1
- package/dist/server/tokens.d.ts +0 -1
- package/dist/server/tokens.js.map +0 -1
- package/dist/server/totp.d.ts +0 -1
- package/dist/server/totp.js.map +0 -1
- package/dist/server/types.d.ts.map +0 -1
- package/dist/server/types.js.map +0 -1
- package/dist/server/users.d.ts +0 -1
- package/dist/server/users.js.map +0 -1
- package/dist/server/utils.d.ts +0 -1
- package/dist/server/utils.js +0 -140
- package/dist/server/utils.js.map +0 -1
- package/src/authorization/index.ts +0 -83
- package/src/cli/bin.ts +0 -5
- package/src/cli/command.ts +0 -70
- package/src/cli/index.ts +0 -1112
- package/src/cli/keys.ts +0 -23
- package/src/client/core/types.ts +0 -437
- package/src/client/factors/device.ts +0 -158
- package/src/client/factors/passkey.ts +0 -279
- package/src/client/factors/totp.ts +0 -150
- package/src/client/index.ts +0 -1124
- package/src/client/runtime/browser.ts +0 -112
- package/src/client/runtime/invite.ts +0 -63
- package/src/client/runtime/proxy.ts +0 -111
- package/src/client/runtime/storage.ts +0 -79
- package/src/component/_generated/api.ts +0 -96
- package/src/component/_generated/component.ts +0 -3774
- package/src/component/_generated/dataModel.ts +0 -60
- package/src/component/_generated/server.ts +0 -156
- package/src/component/convex.config.ts +0 -5
- package/src/component/functions.ts +0 -104
- package/src/component/index.ts +0 -42
- package/src/component/model.ts +0 -449
- package/src/component/public/enterprise/audit.ts +0 -125
- package/src/component/public/enterprise/core.ts +0 -355
- package/src/component/public/enterprise/domains.ts +0 -327
- package/src/component/public/enterprise/scim.ts +0 -397
- package/src/component/public/enterprise/secrets.ts +0 -133
- package/src/component/public/enterprise/webhooks.ts +0 -307
- package/src/component/public/factors/devices.ts +0 -224
- package/src/component/public/factors/passkeys.ts +0 -243
- package/src/component/public/factors/totp.ts +0 -259
- package/src/component/public/groups/core.ts +0 -481
- package/src/component/public/groups/invites.ts +0 -608
- package/src/component/public/groups/members.ts +0 -410
- package/src/component/public/identity/accounts.ts +0 -207
- package/src/component/public/identity/codes.ts +0 -149
- package/src/component/public/identity/sessions.ts +0 -210
- package/src/component/public/identity/tokens.ts +0 -251
- package/src/component/public/identity/users.ts +0 -355
- package/src/component/public/identity/verifiers.ts +0 -158
- package/src/component/public/security/keys.ts +0 -366
- package/src/component/public/security/limits.ts +0 -174
- package/src/component/public.ts +0 -27
- package/src/component/schema.ts +0 -505
- package/src/providers/anonymous.ts +0 -99
- package/src/providers/credentials.ts +0 -102
- package/src/providers/device.ts +0 -87
- package/src/providers/email.ts +0 -99
- package/src/providers/index.ts +0 -31
- package/src/providers/oauth.ts +0 -117
- package/src/providers/passkey.ts +0 -77
- package/src/providers/password.ts +0 -441
- package/src/providers/phone.ts +0 -93
- package/src/providers/sso.ts +0 -54
- package/src/providers/totp.ts +0 -62
- package/src/samlify.d.ts +0 -53
- package/src/server/auth.ts +0 -949
- package/src/server/config.ts +0 -200
- package/src/server/context.ts +0 -90
- package/src/server/cookies.ts +0 -49
- package/src/server/core.ts +0 -2004
- package/src/server/crypto.ts +0 -90
- package/src/server/db.ts +0 -203
- package/src/server/device.ts +0 -254
- package/src/server/enterprise/config.ts +0 -51
- package/src/server/enterprise/domain.ts +0 -1739
- package/src/server/enterprise/http.ts +0 -1331
- package/src/server/enterprise/oidc.ts +0 -500
- package/src/server/enterprise/policy.ts +0 -128
- package/src/server/enterprise/saml.ts +0 -578
- package/src/server/enterprise/scim.ts +0 -135
- package/src/server/enterprise/shared.ts +0 -134
- package/src/server/enterprise/validators.ts +0 -93
- package/src/server/http.ts +0 -790
- package/src/server/identity.ts +0 -18
- package/src/server/index.ts +0 -40
- package/src/server/keys.ts +0 -158
- package/src/server/limits.ts +0 -107
- package/src/server/mounts.ts +0 -924
- package/src/server/mutations/account.ts +0 -62
- package/src/server/mutations/code.ts +0 -119
- package/src/server/mutations/index.ts +0 -13
- package/src/server/mutations/invalidate.ts +0 -50
- package/src/server/mutations/oauth.ts +0 -243
- package/src/server/mutations/refresh.ts +0 -299
- package/src/server/mutations/register.ts +0 -155
- package/src/server/mutations/retrieve.ts +0 -109
- package/src/server/mutations/signature.ts +0 -57
- package/src/server/mutations/signin.ts +0 -54
- package/src/server/mutations/signout.ts +0 -43
- package/src/server/mutations/store/refs.ts +0 -10
- package/src/server/mutations/store.ts +0 -123
- package/src/server/mutations/verifier.ts +0 -34
- package/src/server/mutations/verify.ts +0 -200
- package/src/server/oauth.ts +0 -418
- package/src/server/passkey.ts +0 -838
- package/src/server/redirects.ts +0 -59
- package/src/server/refresh.ts +0 -218
- package/src/server/runtime.ts +0 -918
- package/src/server/sessions.ts +0 -132
- package/src/server/signin.ts +0 -445
- package/src/server/ssr.ts +0 -1747
- package/src/server/templates.ts +0 -82
- package/src/server/tokens.ts +0 -35
- package/src/server/totp.ts +0 -399
- package/src/server/types.ts +0 -1942
- package/src/server/users.ts +0 -291
- package/src/server/utils.ts +0 -220
- /package/dist/{runtime → client/runtime}/invite.js +0 -0
|
@@ -1,447 +0,0 @@
|
|
|
1
|
-
import "../client/index.js";
|
|
2
|
-
import { AuthAuthorizationConfig, AuthGrant, AuthProviderConfig, AuthRoleId, ConvexAuthConfig, Doc, HasSSO } from "./types.js";
|
|
3
|
-
import { Auth } from "./runtime.js";
|
|
4
|
-
import { UserIdentity } from "convex/server";
|
|
5
|
-
import { GenericId } from "convex/values";
|
|
6
|
-
|
|
7
|
-
//#region src/server/auth.d.ts
|
|
8
|
-
/**
|
|
9
|
-
* Config for auth setup. Extends the standard auth config
|
|
10
|
-
* minus `component` (which is passed as the first constructor argument).
|
|
11
|
-
*/
|
|
12
|
-
type AuthConfig = Omit<ConvexAuthConfig, "component">;
|
|
13
|
-
/** Canonical user document type exposed by Convex Auth. */
|
|
14
|
-
type UserDoc = Doc<"User">;
|
|
15
|
-
type MemberApiWithAuthorization<TAuthorization extends AuthAuthorizationConfig | undefined> = Omit<ReturnType<typeof Auth>["auth"]["member"], "create" | "list" | "update" | "inspect" | "require"> & {
|
|
16
|
-
create: (ctx: Parameters<ReturnType<typeof Auth>["auth"]["member"]["create"]>[0], data: {
|
|
17
|
-
groupId: string;
|
|
18
|
-
userId: string;
|
|
19
|
-
roleIds?: AuthRoleId<TAuthorization>[];
|
|
20
|
-
status?: string;
|
|
21
|
-
extend?: Record<string, unknown>;
|
|
22
|
-
}) => Promise<{
|
|
23
|
-
memberId: string;
|
|
24
|
-
}>;
|
|
25
|
-
list: (ctx: Parameters<ReturnType<typeof Auth>["auth"]["member"]["list"]>[0], opts?: {
|
|
26
|
-
where?: {
|
|
27
|
-
groupId?: string;
|
|
28
|
-
userId?: string;
|
|
29
|
-
roleId?: AuthRoleId<TAuthorization>;
|
|
30
|
-
status?: string;
|
|
31
|
-
};
|
|
32
|
-
limit?: number;
|
|
33
|
-
cursor?: string | null;
|
|
34
|
-
orderBy?: "_creationTime" | "status";
|
|
35
|
-
order?: "asc" | "desc";
|
|
36
|
-
}) => ReturnType<ReturnType<typeof Auth>["auth"]["member"]["list"]>;
|
|
37
|
-
update: (ctx: Parameters<ReturnType<typeof Auth>["auth"]["member"]["update"]>[0], memberId: string, data: Record<string, unknown> & {
|
|
38
|
-
roleIds?: AuthRoleId<TAuthorization>[];
|
|
39
|
-
}) => Promise<{
|
|
40
|
-
memberId: string;
|
|
41
|
-
}>;
|
|
42
|
-
inspect: (ctx: Parameters<ReturnType<typeof Auth>["auth"]["member"]["inspect"]>[0], opts: {
|
|
43
|
-
userId: string;
|
|
44
|
-
groupId: string;
|
|
45
|
-
ancestry?: boolean;
|
|
46
|
-
maxDepth?: number;
|
|
47
|
-
}) => ReturnType<ReturnType<typeof Auth>["auth"]["member"]["inspect"]>;
|
|
48
|
-
require: (ctx: Parameters<ReturnType<typeof Auth>["auth"]["member"]["require"]>[0], opts: {
|
|
49
|
-
userId: string;
|
|
50
|
-
groupId: string;
|
|
51
|
-
ancestry?: boolean;
|
|
52
|
-
roleIds?: AuthRoleId<TAuthorization>[];
|
|
53
|
-
grants?: AuthGrant<TAuthorization>[];
|
|
54
|
-
maxDepth?: number;
|
|
55
|
-
}) => ReturnType<ReturnType<typeof Auth>["auth"]["member"]["require"]>;
|
|
56
|
-
};
|
|
57
|
-
/**
|
|
58
|
-
* The base auth API surface returned by {@link createAuth}.
|
|
59
|
-
*
|
|
60
|
-
* Provides core namespaces — `signIn`, `signOut`, `user`, `session`,
|
|
61
|
-
* `member`, `invite`, `group`, `key`, and `http` — that are
|
|
62
|
-
* always available regardless of which providers are configured.
|
|
63
|
-
* Enterprise namespaces (`sso`, `scim`) are added conditionally by
|
|
64
|
-
* {@link AuthApi} when an SSO provider is present.
|
|
65
|
-
*
|
|
66
|
-
* Use this type when you want to describe code that only depends on the
|
|
67
|
-
* standard auth surface and should not assume enterprise features exist.
|
|
68
|
-
*
|
|
69
|
-
* @typeParam TAuthorization - The authorization config, used to narrow
|
|
70
|
-
* role IDs and grant strings on the `member` API.
|
|
71
|
-
*/
|
|
72
|
-
type AuthApiBase<TAuthorization extends AuthAuthorizationConfig | undefined = undefined> = {
|
|
73
|
-
signIn: ReturnType<typeof Auth>["signIn"];
|
|
74
|
-
signOut: ReturnType<typeof Auth>["signOut"];
|
|
75
|
-
store: ReturnType<typeof Auth>["store"];
|
|
76
|
-
user: ReturnType<typeof Auth>["auth"]["user"];
|
|
77
|
-
session: ReturnType<typeof Auth>["auth"]["session"];
|
|
78
|
-
provider: ReturnType<typeof Auth>["auth"]["provider"];
|
|
79
|
-
account: ReturnType<typeof Auth>["auth"]["account"];
|
|
80
|
-
group: ReturnType<typeof Auth>["auth"]["group"];
|
|
81
|
-
member: MemberApiWithAuthorization<TAuthorization>;
|
|
82
|
-
invite: ReturnType<typeof Auth>["auth"]["invite"];
|
|
83
|
-
key: ReturnType<typeof Auth>["auth"]["key"];
|
|
84
|
-
http: ReturnType<typeof Auth>["auth"]["http"];
|
|
85
|
-
/**
|
|
86
|
-
* Resolve the current request's auth context. Framework-agnostic — use
|
|
87
|
-
* this in fluent-convex middleware, custom wrappers, or anywhere you
|
|
88
|
-
* need the current `{ userId, user, groupId, role, grants }` object.
|
|
89
|
-
*
|
|
90
|
-
* Throws a structured `ConvexError` when unauthenticated by default.
|
|
91
|
-
* Pass `{ optional: true }` to get a null-shaped auth object instead.
|
|
92
|
-
*
|
|
93
|
-
* @param ctx - Convex query, mutation, or action context.
|
|
94
|
-
* @param config - Optional auth resolution config. Supports `optional`,
|
|
95
|
-
* `resolve`, and `authResolve`.
|
|
96
|
-
* @returns The current auth context.
|
|
97
|
-
*
|
|
98
|
-
* @example fluent-convex middleware
|
|
99
|
-
* ```ts
|
|
100
|
-
* const withAuth = convex.createMiddleware(async (ctx, next) => {
|
|
101
|
-
* return next({ ...ctx, auth: await auth.context(ctx) });
|
|
102
|
-
* });
|
|
103
|
-
* ```
|
|
104
|
-
*
|
|
105
|
-
* @example Direct usage in a handler
|
|
106
|
-
* ```ts
|
|
107
|
-
* const authContext = await auth.context(ctx);
|
|
108
|
-
* const { userId, grants } = authContext;
|
|
109
|
-
* ```
|
|
110
|
-
*
|
|
111
|
-
* @example Optional usage
|
|
112
|
-
* ```ts
|
|
113
|
-
* const authContext = await auth.context(ctx, { optional: true });
|
|
114
|
-
* if (authContext.userId === null) {
|
|
115
|
-
* return null;
|
|
116
|
-
* }
|
|
117
|
-
* ```
|
|
118
|
-
*/
|
|
119
|
-
context: AuthContextResolver;
|
|
120
|
-
/**
|
|
121
|
-
* Context enrichment for convex-helpers `customQuery` / `customMutation` /
|
|
122
|
-
* `customAction`.
|
|
123
|
-
*
|
|
124
|
-
* Resolves the current user's identity, active group, membership role,
|
|
125
|
-
* and grants, then attaches them to `ctx.auth`. Returns a `Customization`
|
|
126
|
-
* object compatible with convex-helpers' custom function builders.
|
|
127
|
-
*
|
|
128
|
-
* `ctx.auth` is the current request auth context.
|
|
129
|
-
* By default this throws when unauthenticated so handlers can assume
|
|
130
|
-
* `ctx.auth.userId` and `ctx.auth.user` exist.
|
|
131
|
-
*
|
|
132
|
-
* @returns A convex-helpers `Customization` object.
|
|
133
|
-
*
|
|
134
|
-
* @example One-time setup in `convex/functions.ts`
|
|
135
|
-
* ```ts
|
|
136
|
-
* import { query, mutation, action } from "./_generated/server";
|
|
137
|
-
* import { customQuery, customMutation, customAction } from "convex-helpers/server/customFunctions";
|
|
138
|
-
* import { auth } from "./auth";
|
|
139
|
-
*
|
|
140
|
-
* export const authQuery = customQuery(query, auth.ctx());
|
|
141
|
-
* export const authMutation = customMutation(mutation, auth.ctx());
|
|
142
|
-
* export const authAction = customAction(action, auth.ctx());
|
|
143
|
-
* ```
|
|
144
|
-
*
|
|
145
|
-
* @example Per-function usage
|
|
146
|
-
* ```ts
|
|
147
|
-
* import { authQuery } from "./functions";
|
|
148
|
-
*
|
|
149
|
-
* export const list = authQuery({
|
|
150
|
-
* args: { workspaceId: v.string() },
|
|
151
|
-
* handler: async (ctx, args) => {
|
|
152
|
-
* const { userId, groupId, grants } = ctx.auth;
|
|
153
|
-
* // business logic
|
|
154
|
-
* },
|
|
155
|
-
* });
|
|
156
|
-
* ```
|
|
157
|
-
*/
|
|
158
|
-
ctx: AuthContextFactory;
|
|
159
|
-
};
|
|
160
|
-
/**
|
|
161
|
-
* Current request auth context injected into `ctx.auth` by `auth.ctx()`. This
|
|
162
|
-
* is the authenticated auth shape returned by {@link createAuth().context}.
|
|
163
|
-
* Optional context builders may still surface nullable fields when
|
|
164
|
-
* `optional: true` is used.
|
|
165
|
-
*
|
|
166
|
-
* - `groupId` is `null` when the user has no active group set.
|
|
167
|
-
* - `role` is `null` when no active group or no membership is resolved.
|
|
168
|
-
* - `grants` is `[]` when no active group or no membership is resolved.
|
|
169
|
-
*
|
|
170
|
-
* @example
|
|
171
|
-
* ```ts
|
|
172
|
-
* import type { AuthContext } from "@robelest/convex-auth/server";
|
|
173
|
-
*
|
|
174
|
-
* const mockAuth: AuthContext = {
|
|
175
|
-
* userId: "user123" as Id<"User">,
|
|
176
|
-
* user: { _id: "user123", email: "test@example.com" },
|
|
177
|
-
* groupId: "group456",
|
|
178
|
-
* role: "admin",
|
|
179
|
-
* grants: ["read", "write"],
|
|
180
|
-
* };
|
|
181
|
-
* ```
|
|
182
|
-
*/
|
|
183
|
-
type AuthContext = {
|
|
184
|
-
/** The authenticated user's document ID. */userId: GenericId<"User">; /** The authenticated user's full document. */
|
|
185
|
-
user: UserDoc; /** The user's active group ID, or `null` if none set. */
|
|
186
|
-
groupId: string | null; /** The user's primary role in the active group, or `null`. */
|
|
187
|
-
role: string | null; /** Resolved grant strings from the user's role definitions. */
|
|
188
|
-
grants: string[];
|
|
189
|
-
};
|
|
190
|
-
/**
|
|
191
|
-
* Nullable auth context returned by `auth.context(ctx, { optional: true })`
|
|
192
|
-
* and injected by `auth.ctx({ optional: true })`.
|
|
193
|
-
*
|
|
194
|
-
* Use this when callers may be unauthenticated but you still want a stable
|
|
195
|
-
* auth-shaped object.
|
|
196
|
-
*
|
|
197
|
-
* - `userId` and `user` are `null` when unauthenticated.
|
|
198
|
-
* - `groupId` and `role` are `null` when no active group is resolved.
|
|
199
|
-
* - `grants` is `[]` when no membership is resolved.
|
|
200
|
-
*
|
|
201
|
-
* @example
|
|
202
|
-
* ```ts
|
|
203
|
-
* const authContext = await auth.context(ctx, { optional: true });
|
|
204
|
-
* if (authContext.userId === null) {
|
|
205
|
-
* return null;
|
|
206
|
-
* }
|
|
207
|
-
* ```
|
|
208
|
-
*/
|
|
209
|
-
type OptionalAuthContext = {
|
|
210
|
-
/** The authenticated user's document ID, or `null` when unauthenticated. */userId: GenericId<"User"> | null; /** The authenticated user's full document, or `null` when unauthenticated. */
|
|
211
|
-
user: UserDoc | null; /** The user's active group ID, or `null` if none is set. */
|
|
212
|
-
groupId: string | null; /** The user's primary role in the active group, or `null`. */
|
|
213
|
-
role: string | null; /** Resolved grant strings for the active membership, or `[]`. */
|
|
214
|
-
grants: string[];
|
|
215
|
-
};
|
|
216
|
-
type AuthContextBase = {
|
|
217
|
-
getUserIdentity: () => Promise<UserIdentity | null>;
|
|
218
|
-
};
|
|
219
|
-
type RequiredAuthContextState = AuthContextBase & AuthContext;
|
|
220
|
-
type OptionalAuthContextState = AuthContextBase & OptionalAuthContext;
|
|
221
|
-
type ResolvedAuthContext<TResolve> = AuthContext & TResolve;
|
|
222
|
-
type ResolvedOptionalAuthContext<TResolve> = OptionalAuthContext & TResolve;
|
|
223
|
-
type AuthContextResolver = {
|
|
224
|
-
<TResolve extends Record<string, unknown> = Record<string, never>>(ctx: any, config: AuthContextConfig<TResolve> & {
|
|
225
|
-
optional: true;
|
|
226
|
-
}): Promise<ResolvedOptionalAuthContext<TResolve>>;
|
|
227
|
-
<TResolve extends Record<string, unknown> = Record<string, never>>(ctx: any, config?: AuthContextConfig<TResolve>): Promise<ResolvedAuthContext<TResolve>>;
|
|
228
|
-
};
|
|
229
|
-
type AuthContextCustomization<TAuth> = {
|
|
230
|
-
args: {};
|
|
231
|
-
input: (ctx: any, _args: any, _extra?: any) => Promise<{
|
|
232
|
-
ctx: {
|
|
233
|
-
auth: TAuth;
|
|
234
|
-
};
|
|
235
|
-
args: {};
|
|
236
|
-
}>;
|
|
237
|
-
};
|
|
238
|
-
type AuthContextFactory = {
|
|
239
|
-
<TResolve extends Record<string, unknown> = Record<string, never>>(config: AuthContextConfig<TResolve> & {
|
|
240
|
-
optional: true;
|
|
241
|
-
}): AuthContextCustomization<OptionalAuthContextState & TResolve>;
|
|
242
|
-
<TResolve extends Record<string, unknown> = Record<string, never>>(config?: AuthContextConfig<TResolve>): AuthContextCustomization<RequiredAuthContextState & TResolve>;
|
|
243
|
-
};
|
|
244
|
-
type InternalSsoApi = ReturnType<typeof Auth>["auth"]["sso"];
|
|
245
|
-
type PublicSsoAdminApi = {
|
|
246
|
-
connection: InternalSsoApi["connection"] & {
|
|
247
|
-
domain: {
|
|
248
|
-
list: InternalSsoApi["domain"]["list"];
|
|
249
|
-
validate: InternalSsoApi["domain"]["validate"];
|
|
250
|
-
set: (ctx: Parameters<InternalSsoApi["connection"]["create"]>[0], enterpriseId: string, domains: Array<{
|
|
251
|
-
domain: string;
|
|
252
|
-
isPrimary?: boolean;
|
|
253
|
-
}>) => Promise<{
|
|
254
|
-
enterpriseId: string;
|
|
255
|
-
domains: Array<{
|
|
256
|
-
domainId: string;
|
|
257
|
-
domain: string;
|
|
258
|
-
isPrimary: boolean;
|
|
259
|
-
verified: boolean;
|
|
260
|
-
verifiedAt: number | null;
|
|
261
|
-
}>;
|
|
262
|
-
}>;
|
|
263
|
-
verification: {
|
|
264
|
-
request: (ctx: Parameters<InternalSsoApi["connection"]["create"]>[0], args: {
|
|
265
|
-
enterpriseId: string;
|
|
266
|
-
domain: string;
|
|
267
|
-
}) => Promise<{
|
|
268
|
-
enterpriseId: string;
|
|
269
|
-
domain: string;
|
|
270
|
-
requestedAt: number;
|
|
271
|
-
expiresAt: number;
|
|
272
|
-
challenge: {
|
|
273
|
-
recordType: "TXT";
|
|
274
|
-
recordName: string;
|
|
275
|
-
recordValue: string;
|
|
276
|
-
};
|
|
277
|
-
}>;
|
|
278
|
-
confirm: (ctx: Parameters<InternalSsoApi["connection"]["create"]>[0], args: {
|
|
279
|
-
enterpriseId: string;
|
|
280
|
-
domain: string;
|
|
281
|
-
}) => Promise<{
|
|
282
|
-
enterpriseId: string;
|
|
283
|
-
domain: string;
|
|
284
|
-
verifiedAt?: number;
|
|
285
|
-
checks: Array<{
|
|
286
|
-
name: string;
|
|
287
|
-
ok: boolean;
|
|
288
|
-
message?: string;
|
|
289
|
-
}>;
|
|
290
|
-
}>;
|
|
291
|
-
};
|
|
292
|
-
};
|
|
293
|
-
};
|
|
294
|
-
oidc: Omit<InternalSsoApi["oidc"], "signIn">;
|
|
295
|
-
saml: Omit<InternalSsoApi["saml"], "metadata">;
|
|
296
|
-
policy: InternalSsoApi["policy"];
|
|
297
|
-
audit: {
|
|
298
|
-
list: InternalSsoApi["audit"]["list"];
|
|
299
|
-
};
|
|
300
|
-
webhook: {
|
|
301
|
-
endpoint: InternalSsoApi["webhook"]["endpoint"];
|
|
302
|
-
delivery: {
|
|
303
|
-
list: InternalSsoApi["webhook"]["delivery"]["list"];
|
|
304
|
-
};
|
|
305
|
-
};
|
|
306
|
-
};
|
|
307
|
-
type PublicSsoClientApi = {
|
|
308
|
-
signIn: InternalSsoApi["oidc"]["signIn"];
|
|
309
|
-
metadata: InternalSsoApi["saml"]["metadata"];
|
|
310
|
-
};
|
|
311
|
-
type PublicSsoApi = {
|
|
312
|
-
admin: PublicSsoAdminApi;
|
|
313
|
-
client: PublicSsoClientApi;
|
|
314
|
-
};
|
|
315
|
-
type PublicScimApi = {
|
|
316
|
-
admin: Omit<InternalSsoApi["scim"], "getConfigByToken" | "identity">;
|
|
317
|
-
};
|
|
318
|
-
/**
|
|
319
|
-
* Extended auth API that includes enterprise SSO and SCIM namespaces.
|
|
320
|
-
*
|
|
321
|
-
* This type is the union of {@link AuthApiBase} plus `sso` (SSO connection
|
|
322
|
-
* management, OIDC/SAML, domain verification, policies, audit, webhooks)
|
|
323
|
-
* and `scim` (SCIM provisioning configuration). It is returned by
|
|
324
|
-
* {@link createAuth} only when `new SSO()` is included in the providers
|
|
325
|
-
* array; otherwise the narrower {@link AuthApiBase} is returned instead.
|
|
326
|
-
* Attempting to access `auth.sso` or `auth.scim` without an SSO provider
|
|
327
|
-
* produces a compile-time error because the return type narrows back to
|
|
328
|
-
* {@link AuthApiBase}.
|
|
329
|
-
*
|
|
330
|
-
* @typeParam TAuthorization - The authorization config, forwarded to
|
|
331
|
-
* {@link AuthApiBase} for typed role IDs and grant strings.
|
|
332
|
-
*/
|
|
333
|
-
type AuthApi<TAuthorization extends AuthAuthorizationConfig | undefined = undefined> = AuthApiBase<TAuthorization> & {
|
|
334
|
-
sso: PublicSsoApi;
|
|
335
|
-
scim: PublicScimApi;
|
|
336
|
-
};
|
|
337
|
-
/**
|
|
338
|
-
* The return type of {@link createAuth}.
|
|
339
|
-
*
|
|
340
|
-
* Resolves to {@link AuthApi} (with `sso` and `scim` namespaces) when
|
|
341
|
-
* `new SSO()` is present in the providers array, or to the narrower
|
|
342
|
-
* {@link AuthApiBase} otherwise. This conditional type ensures that
|
|
343
|
-
* enterprise-only APIs are only accessible when the SSO provider is
|
|
344
|
-
* configured, producing a compile-time error if you try to access
|
|
345
|
-
* `auth.sso` without it.
|
|
346
|
-
* This lets application code keep a single `createAuth()` call while still
|
|
347
|
-
* getting provider-aware typing on the resulting API object.
|
|
348
|
-
*
|
|
349
|
-
* @typeParam P - The tuple of provider configs passed to `createAuth`.
|
|
350
|
-
* @typeParam TAuthorization - Optional authorization config for typed roles/grants.
|
|
351
|
-
*/
|
|
352
|
-
type ConvexAuthResult<P extends AuthProviderConfig[], TAuthorization extends AuthAuthorizationConfig | undefined = undefined> = HasSSO<P> extends true ? AuthApi<TAuthorization> : AuthApiBase<TAuthorization>;
|
|
353
|
-
declare function createAuth<P extends AuthProviderConfig[], TAuthorization extends AuthAuthorizationConfig | undefined = undefined>(component: ConvexAuthConfig["component"], config: Omit<AuthConfig, "providers" | "authorization"> & {
|
|
354
|
-
providers: P;
|
|
355
|
-
authorization?: TAuthorization;
|
|
356
|
-
}): ConvexAuthResult<P, TAuthorization>;
|
|
357
|
-
/**
|
|
358
|
-
* Configuration for {@link createAuth().ctx} context enrichment.
|
|
359
|
-
*
|
|
360
|
-
* The same config shape is also used by {@link createAuth().context}.
|
|
361
|
-
*
|
|
362
|
-
* @typeParam TResolve - Extra fields returned from `resolve()` and merged into
|
|
363
|
-
* the resulting `ctx.auth` object.
|
|
364
|
-
*
|
|
365
|
-
* @example
|
|
366
|
-
* ```ts
|
|
367
|
-
* const authContext = await auth.context(ctx, {
|
|
368
|
-
* resolve: async (_ctx, user, authState) => ({
|
|
369
|
-
* email: user.email,
|
|
370
|
-
* canWrite: authState.grants.includes("posts.write"),
|
|
371
|
-
* }),
|
|
372
|
-
* });
|
|
373
|
-
* ```
|
|
374
|
-
*/
|
|
375
|
-
type AuthContextConfig<TResolve extends Record<string, unknown> = Record<string, never>> = {
|
|
376
|
-
/**
|
|
377
|
-
* Allow unauthenticated callers and return a null-shaped auth object instead
|
|
378
|
-
* of throwing `NOT_SIGNED_IN`.
|
|
379
|
-
*/
|
|
380
|
-
optional?: boolean;
|
|
381
|
-
/**
|
|
382
|
-
* Attach additional derived fields to the auth context after the base auth
|
|
383
|
-
* context is resolved.
|
|
384
|
-
*
|
|
385
|
-
* This callback runs only when a user is authenticated.
|
|
386
|
-
*/
|
|
387
|
-
resolve?: (ctx: any, user: UserDoc, auth: AuthContext) => Promise<TResolve> | TResolve;
|
|
388
|
-
/**
|
|
389
|
-
* Override or wrap the base auth resolution used by {@link createAuth().ctx}.
|
|
390
|
-
*
|
|
391
|
-
* Return `undefined` to fall back to the built-in resolver,
|
|
392
|
-
* `null` for an explicit unauthenticated state, or an
|
|
393
|
-
* {@link AuthContext} object to provide a pre-resolved auth state.
|
|
394
|
-
* This is useful for tests, proxy auth, impersonation flows, or any
|
|
395
|
-
* environment that needs to inject auth without depending on the standard
|
|
396
|
-
* Convex auth tables.
|
|
397
|
-
*
|
|
398
|
-
* @param ctx - The Convex function context.
|
|
399
|
-
* @param fallback - The built-in auth resolver used by {@link createAuth().ctx}.
|
|
400
|
-
* @returns Resolved auth state, `null`, or `undefined` to use the fallback.
|
|
401
|
-
*
|
|
402
|
-
* @example
|
|
403
|
-
* ```ts
|
|
404
|
-
* const authCtx = auth.ctx({
|
|
405
|
-
* authResolve: async (ctx, fallback) => {
|
|
406
|
-
* const injected = getInjectedAuth(ctx);
|
|
407
|
-
* return injected ?? (await fallback());
|
|
408
|
-
* },
|
|
409
|
-
* });
|
|
410
|
-
* ```
|
|
411
|
-
*/
|
|
412
|
-
authResolve?: (ctx: any, fallback: () => Promise<AuthContext | null>) => Promise<AuthContext | null | undefined> | AuthContext | null | undefined;
|
|
413
|
-
};
|
|
414
|
-
/**
|
|
415
|
-
* Extract the resolved `auth` context type from an `auth.ctx()` customization.
|
|
416
|
-
*
|
|
417
|
-
* Use this to type function parameters or variables that receive the
|
|
418
|
-
* enriched auth context produced by `auth.ctx()`. The inferred type includes
|
|
419
|
-
* `userId`, `user`, `groupId`, `role`, `grants`, `getUserIdentity`, and any
|
|
420
|
-
* additional fields added by the `resolve` callback. This is the generic
|
|
421
|
-
* utility for reusing the enriched auth shape without manually duplicating
|
|
422
|
-
* conditional auth types.
|
|
423
|
-
*
|
|
424
|
-
* @typeParam T - An `auth.ctx()` return value (must have an `input` method
|
|
425
|
-
* that returns `{ ctx: { auth: ... } }`).
|
|
426
|
-
*
|
|
427
|
-
* @example
|
|
428
|
-
* ```ts
|
|
429
|
-
* const authCtx = auth.ctx({
|
|
430
|
-
* resolve: async (ctx, user) => ({ orgId: user.orgId }),
|
|
431
|
-
* });
|
|
432
|
-
* type Auth = InferAuth<typeof authCtx>;
|
|
433
|
-
* // Auth = { userId: Id<"User">; user: UserDoc; getUserIdentity: ...; orgId: string }
|
|
434
|
-
* ```
|
|
435
|
-
*
|
|
436
|
-
* @see {@link createAuth}
|
|
437
|
-
*/
|
|
438
|
-
type InferAuth<T extends {
|
|
439
|
-
input: (...args: any[]) => Promise<{
|
|
440
|
-
ctx: {
|
|
441
|
-
auth: any;
|
|
442
|
-
};
|
|
443
|
-
}>;
|
|
444
|
-
}> = Awaited<ReturnType<T["input"]>>["ctx"]["auth"];
|
|
445
|
-
//#endregion
|
|
446
|
-
export { AuthApi, AuthConfig, AuthContext, AuthContextConfig, InferAuth, OptionalAuthContext, UserDoc, createAuth };
|
|
447
|
-
//# sourceMappingURL=auth.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","names":[],"sources":["../../../src/server/auth.ts"],"mappings":";;;;;;;;AAyCA;;;KAHY,UAAA,GAAa,IAAA,CAAK,gBAAA;;KAGlB,OAAA,GAAU,GAAA;AAAA,KAEjB,0BAAA,wBACoB,uBAAA,gBACrB,IAAA,CACF,UAAA,QAAkB,IAAA;EAGlB,MAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,mCAEpB,IAAA;IACE,OAAA;IACA,MAAA;IACA,OAAA,GAAU,UAAA,CAAW,cAAA;IACrB,MAAA;IACA,MAAA,GAAS,MAAA;EAAA,MAER,OAAA;IAAU,QAAA;EAAA;EACf,IAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,iCAEpB,IAAA;IACE,KAAA;MACE,OAAA;MACA,MAAA;MACA,MAAA,GAAS,UAAA,CAAW,cAAA;MACpB,MAAA;IAAA;IAEF,KAAA;IACA,MAAA;IACA,OAAA;IACA,KAAA;EAAA,MAEC,UAAA,CAAW,UAAA,QAAkB,IAAA;EAClC,MAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,mCAEpB,QAAA,UACA,IAAA,EAAM,MAAA;IAA4B,OAAA,GAAU,UAAA,CAAW,cAAA;EAAA,MACpD,OAAA;IAAU,QAAA;EAAA;EACf,OAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,oCAEpB,IAAA;IACE,MAAA;IACA,OAAA;IACA,QAAA;IACA,QAAA;EAAA,MAEC,UAAA,CAAW,UAAA,QAAkB,IAAA;EAClC,OAAA,GACE,GAAA,EAAK,UAAA,CACH,UAAA,QAAkB,IAAA,oCAEpB,IAAA;IACE,MAAA;IACA,OAAA;IACA,QAAA;IACA,OAAA,GAAU,UAAA,CAAW,cAAA;IACrB,MAAA,GAAS,SAAA,CAAU,cAAA;IACnB,QAAA;EAAA,MAEC,UAAA,CAAW,UAAA,QAAkB,IAAA;AAAA;;;;;;;;;;;;;;;;KAkBxB,WAAA,wBACa,uBAAA;EAEvB,MAAA,EAAQ,UAAA,QAAkB,IAAA;EAC1B,OAAA,EAAS,UAAA,QAAkB,IAAA;EAC3B,KAAA,EAAO,UAAA,QAAkB,IAAA;EACzB,IAAA,EAAM,UAAA,QAAkB,IAAA;EACxB,OAAA,EAAS,UAAA,QAAkB,IAAA;EAC3B,QAAA,EAAU,UAAA,QAAkB,IAAA;EAC5B,OAAA,EAAS,UAAA,QAAkB,IAAA;EAC3B,KAAA,EAAO,UAAA,QAAkB,IAAA;EACzB,MAAA,EAAQ,0BAAA,CAA2B,cAAA;EACnC,MAAA,EAAQ,UAAA,QAAkB,IAAA;EAC1B,GAAA,EAAK,UAAA,QAAkB,IAAA;EACvB,IAAA,EAAM,UAAA,QAAkB,IAAA;EA7EF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAgHtB,OAAA,EAAS,mBAAA;EArFL;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoCN;;;;;;;;;EAwFE,GAAA,EAAK,kBAAA;AAAA;;;;;;;;;;;;;;;;;;;;;;;;KA0BK,WAAA;EA/GF,4CAiHR,MAAA,EAAQ,SAAA,UAhHR;EAkHA,IAAA,EAAM,OAAA,EAlHqB;EAoH3B,OAAA,iBAnHO;EAqHP,IAAA,iBApHA;EAsHA,MAAA;AAAA;;;;;;;;;;;;;;;;;;;;KAsBU,mBAAA;EArIa,4EAuIvB,MAAA,EAAQ,SAAA,iBAtIF;EAwIN,IAAA,EAAM,OAAA,SArGN;EAuGA,OAAA,iBAhEA;EAkEA,IAAA,iBAlEuB;EAoEvB,MAAA;AAAA;AAAA,KAGG,eAAA;EACH,eAAA,QAAuB,OAAA,CAAQ,YAAA;AAAA;AAAA,KAG5B,wBAAA,GAA2B,eAAA,GAAkB,WAAA;AAAA,KAE7C,wBAAA,GAA2B,eAAA,GAAkB,mBAAA;AAAA,KAE7C,mBAAA,aAAgC,WAAA,GAAc,QAAA;AAAA,KAE9C,2BAAA,aAAwC,mBAAA,GAAsB,QAAA;AAAA,KAE9D,mBAAA;EAAA,kBACe,MAAA,oBAA0B,MAAA,iBAC1C,GAAA,OACA,MAAA,EAAQ,iBAAA,CAAkB,QAAA;IAAc,QAAA;EAAA,IACvC,OAAA,CAAQ,2BAAA,CAA4B,QAAA;EAAA,kBACrB,MAAA,oBAA0B,MAAA,iBAC1C,GAAA,OACA,MAAA,GAAS,iBAAA,CAAkB,QAAA,IAC1B,OAAA,CAAQ,mBAAA,CAAoB,QAAA;AAAA;AAAA,KAG5B,wBAAA;EACH,IAAA;EACA,KAAA,GACE,GAAA,OACA,KAAA,OACA,MAAA,WACG,OAAA;IACH,GAAA;MACE,IAAA,EAAM,KAAA;IAAA;IAER,IAAA;EAAA;AAAA;AAAA,KAIC,kBAAA;EAAA,kBACe,MAAA,oBAA0B,MAAA,iBAC1C,MAAA,EAAQ,iBAAA,CAAkB,QAAA;IAAc,QAAA;EAAA,IACvC,wBAAA,CAAyB,wBAAA,GAA2B,QAAA;EAAA,kBACrC,MAAA,oBAA0B,MAAA,iBAC1C,MAAA,GAAS,iBAAA,CAAkB,QAAA,IAC1B,wBAAA,CAAyB,wBAAA,GAA2B,QAAA;AAAA;AAAA,KAGpD,cAAA,GAAiB,UAAA,QAAkB,IAAA;AAAA,KAEnC,iBAAA;EACH,UAAA,EAAY,cAAA;IACV,MAAA;MACE,IAAA,EAAM,cAAA;MACN,QAAA,EAAU,cAAA;MACV,GAAA,GACE,GAAA,EAAK,UAAA,CAAW,cAAA,8BAChB,YAAA,UACA,OAAA,EAAS,KAAA;QACP,MAAA;QACA,SAAA;MAAA,OAEC,OAAA;QACH,YAAA;QACA,OAAA,EAAS,KAAA;UACP,QAAA;UACA,MAAA;UACA,SAAA;UACA,QAAA;UACA,UAAA;QAAA;MAAA;MAGJ,YAAA;QACE,OAAA,GACE,GAAA,EAAK,UAAA,CAAW,cAAA,8BAChB,IAAA;UAAQ,YAAA;UAAsB,MAAA;QAAA,MAC3B,OAAA;UACH,YAAA;UACA,MAAA;UACA,WAAA;UACA,SAAA;UACA,SAAA;YACE,UAAA;YACA,UAAA;YACA,WAAA;UAAA;QAAA;QAGJ,OAAA,GACE,GAAA,EAAK,UAAA,CAAW,cAAA,8BAChB,IAAA;UAAQ,YAAA;UAAsB,MAAA;QAAA,MAC3B,OAAA;UACH,YAAA;UACA,MAAA;UACA,UAAA;UACA,MAAA,EAAQ,KAAA;YAAQ,IAAA;YAAc,EAAA;YAAa,OAAA;UAAA;QAAA;MAAA;IAAA;EAAA;EAKnD,IAAA,EAAM,IAAA,CAAK,cAAA;EACX,IAAA,EAAM,IAAA,CAAK,cAAA;EACX,MAAA,EAAQ,cAAA;EACR,KAAA;IACE,IAAA,EAAM,cAAA;EAAA;EAER,OAAA;IACE,QAAA,EAAU,cAAA;IACV,QAAA;MACE,IAAA,EAAM,cAAA;IAAA;EAAA;AAAA;AAAA,KAKP,kBAAA;EACH,MAAA,EAAQ,cAAA;EACR,QAAA,EAAU,cAAA;AAAA;AAAA,KAGP,YAAA;EACH,KAAA,EAAO,iBAAA;EACP,MAAA,EAAQ,kBAAA;AAAA;AAAA,KAGL,aAAA;EACH,KAAA,EAAO,IAAA,CAAK,cAAA;AAAA;;;AAtG2B;;;;;;;;;;;;;KAwH7B,OAAA,wBACa,uBAAA,4BACrB,WAAA,CAAY,cAAA;EACd,GAAA,EAAK,YAAA;EACL,IAAA,EAAM,aAAA;AAAA;AA/GA;;;;;;;;;;;;;;;AAAA,KAiII,gBAAA,WACA,kBAAA,2BACa,uBAAA,4BAEvB,MAAA,CAAO,CAAA,iBACH,OAAA,CAAQ,cAAA,IACR,WAAA,CAAY,cAAA;AAAA,iBA6GF,UAAA,WACJ,kBAAA,2BACa,uBAAA,yBAAA,CAEvB,SAAA,EAAW,gBAAA,eACX,MAAA,EAAQ,IAAA,CAAK,UAAA;EACX,SAAA,EAAW,CAAA;EACX,aAAA,GAAgB,cAAA;AAAA,IAEjB,gBAAA,CAAiB,CAAA,EAAG,cAAA;;;AAnP0C;;;;;AAGd;;;;;;;;;;;KAucvC,iBAAA,kBACO,MAAA,oBAA0B,MAAA;EA9a9B;;;;EAobb,QAAA;EApaW;;;;;;EA2aX,OAAA,IACE,GAAA,OACA,IAAA,EAAM,OAAA,EACN,IAAA,EAAM,WAAA,KACH,OAAA,CAAQ,QAAA,IAAY,QAAA;EA/Zb;;;;;;;;;;;;;;;;;;;;;;;;EAwbZ,WAAA,IACE,GAAA,OACA,QAAA,QAAgB,OAAA,CAAQ,WAAA,aACrB,OAAA,CAAQ,WAAA,uBAAkC,WAAA;AAAA;;;;;;;;;;;;;;;;;;;;;;;;;KAkHrC,SAAA;EACE,KAAA,MAAW,IAAA,YAAgB,OAAA;IAAU,GAAA;MAAO,IAAA;IAAA;EAAA;AAAA,KACtD,OAAA,CAAQ,UAAA,CAAW,CAAA"}
|