@robelest/convex-auth 0.0.4-preview.28 → 0.0.4-preview.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bin.js +4 -1
- package/dist/component/_generated/component.d.ts +344 -0
- package/dist/component/convex.config.d.ts +2 -2
- package/dist/component/model.d.ts +25 -25
- package/dist/component/model.js +1 -0
- package/dist/component/public/factors/totp.js +12 -0
- package/dist/component/public/groups/core.js +89 -1
- package/dist/component/public/groups/members.js +39 -1
- package/dist/component/public/identity/accounts.js +22 -3
- package/dist/component/public/identity/users.js +79 -5
- package/dist/component/public/sso/audit.js +5 -2
- package/dist/component/public/sso/core.js +3 -3
- package/dist/component/public/sso/domains.js +7 -3
- package/dist/component/public/sso/scim.js +36 -1
- package/dist/component/public.js +5 -5
- package/dist/component/schema.d.ts +293 -289
- package/dist/component/schema.js +2 -1
- package/dist/core/index.d.ts +63 -27
- package/dist/core/index.js +1 -0
- package/dist/providers/credentials.d.ts +12 -0
- package/dist/providers/password.js +28 -7
- package/dist/server/auth-context.d.ts +17 -0
- package/dist/server/auth-context.js +1 -1
- package/dist/server/auth.d.ts +18 -6
- package/dist/server/auth.js +1 -0
- package/dist/server/context.js +11 -5
- package/dist/server/contract.js +44 -12
- package/dist/server/core.js +146 -149
- package/dist/server/ctxCache.js +94 -0
- package/dist/server/limits.js +39 -9
- package/dist/server/mounts.d.ts +85 -85
- package/dist/server/mutations/credentialsSignIn.js +114 -0
- package/dist/server/mutations/index.js +2 -1
- package/dist/server/mutations/refresh.js +25 -12
- package/dist/server/mutations/retrieve.js +2 -1
- package/dist/server/mutations/signin.js +27 -9
- package/dist/server/mutations/store.js +5 -0
- package/dist/server/mutations/verify.js +32 -8
- package/dist/server/runtime.d.ts +81 -47
- package/dist/server/services/group.js +23 -16
- package/dist/server/sessions.d.ts +21 -0
- package/dist/server/sessions.js +37 -27
- package/dist/server/signin.js +32 -9
- package/dist/server/sso/domain.js +1 -2
- package/dist/server/sso/oidc.js +1 -1
- package/dist/server/tokens.js +19 -3
- package/dist/server/users.js +3 -2
- package/dist/server/utils/span.js +18 -0
- package/package.json +1 -1
- package/README.md +0 -161
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import * as
|
|
2
|
-
import * as
|
|
1
|
+
import * as convex_values89 from "convex/values";
|
|
2
|
+
import * as convex_server83 from "convex/server";
|
|
3
3
|
|
|
4
4
|
//#region src/component/schema.d.ts
|
|
5
5
|
/**
|
|
@@ -9,30 +9,32 @@ import * as convex_server81 from "convex/server";
|
|
|
9
9
|
* verification codes, PKCE verifiers, rate limits) and hierarchical group
|
|
10
10
|
* management (groups, members, invites).
|
|
11
11
|
*/
|
|
12
|
-
declare const _default:
|
|
12
|
+
declare const _default: convex_server83.SchemaDefinition<{
|
|
13
13
|
/**
|
|
14
14
|
* Authenticated users. A user may have multiple linked accounts
|
|
15
15
|
* and multiple concurrent sessions.
|
|
16
16
|
*/
|
|
17
|
-
User:
|
|
18
|
-
email?: string | undefined;
|
|
17
|
+
User: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
19
18
|
name?: string | undefined;
|
|
20
|
-
|
|
19
|
+
email?: string | undefined;
|
|
21
20
|
phone?: string | undefined;
|
|
22
21
|
extend?: any;
|
|
22
|
+
image?: string | undefined;
|
|
23
23
|
emailVerificationTime?: number | undefined;
|
|
24
24
|
phoneVerificationTime?: number | undefined;
|
|
25
25
|
isAnonymous?: boolean | undefined;
|
|
26
|
+
hasTotp?: boolean | undefined;
|
|
26
27
|
}, {
|
|
27
|
-
name:
|
|
28
|
-
image:
|
|
29
|
-
email:
|
|
30
|
-
emailVerificationTime:
|
|
31
|
-
phone:
|
|
32
|
-
phoneVerificationTime:
|
|
33
|
-
isAnonymous:
|
|
34
|
-
|
|
35
|
-
|
|
28
|
+
name: convex_values89.VString<string | undefined, "optional">;
|
|
29
|
+
image: convex_values89.VString<string | undefined, "optional">;
|
|
30
|
+
email: convex_values89.VString<string | undefined, "optional">;
|
|
31
|
+
emailVerificationTime: convex_values89.VFloat64<number | undefined, "optional">;
|
|
32
|
+
phone: convex_values89.VString<string | undefined, "optional">;
|
|
33
|
+
phoneVerificationTime: convex_values89.VFloat64<number | undefined, "optional">;
|
|
34
|
+
isAnonymous: convex_values89.VBoolean<boolean | undefined, "optional">;
|
|
35
|
+
hasTotp: convex_values89.VBoolean<boolean | undefined, "optional">;
|
|
36
|
+
extend: convex_values89.VAny<any, "optional", string>;
|
|
37
|
+
}, "required", "name" | "email" | "phone" | "extend" | "image" | "emailVerificationTime" | "phoneVerificationTime" | "isAnonymous" | "hasTotp" | `extend.${string}`>, {
|
|
36
38
|
email: ["email", "_creationTime"];
|
|
37
39
|
email_verified: ["email", "emailVerificationTime", "_creationTime"];
|
|
38
40
|
phone: ["phone", "_creationTime"];
|
|
@@ -43,12 +45,12 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
43
45
|
* across different devices or browsers. Sessions expire after a
|
|
44
46
|
* configurable duration.
|
|
45
47
|
*/
|
|
46
|
-
Session:
|
|
47
|
-
userId:
|
|
48
|
+
Session: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
49
|
+
userId: convex_values89.GenericId<"User">;
|
|
48
50
|
expirationTime: number;
|
|
49
51
|
}, {
|
|
50
|
-
userId:
|
|
51
|
-
expirationTime:
|
|
52
|
+
userId: convex_values89.VId<convex_values89.GenericId<"User">, "required">;
|
|
53
|
+
expirationTime: convex_values89.VFloat64<number, "required">;
|
|
52
54
|
}, "required", "userId" | "expirationTime">, {
|
|
53
55
|
user_id: ["userId", "_creationTime"];
|
|
54
56
|
}, {}, {}>;
|
|
@@ -57,23 +59,23 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
57
59
|
* authentication provider (e.g. Google OAuth, email/password).
|
|
58
60
|
* A user can have multiple accounts linked.
|
|
59
61
|
*/
|
|
60
|
-
Account:
|
|
61
|
-
emailVerified?: string | undefined;
|
|
62
|
+
Account: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
62
63
|
extend?: any;
|
|
63
64
|
secret?: string | undefined;
|
|
65
|
+
emailVerified?: string | undefined;
|
|
64
66
|
phoneVerified?: string | undefined;
|
|
65
|
-
userId:
|
|
67
|
+
userId: convex_values89.GenericId<"User">;
|
|
66
68
|
provider: string;
|
|
67
69
|
providerAccountId: string;
|
|
68
70
|
}, {
|
|
69
|
-
userId:
|
|
70
|
-
provider:
|
|
71
|
-
providerAccountId:
|
|
72
|
-
secret:
|
|
73
|
-
emailVerified:
|
|
74
|
-
phoneVerified:
|
|
75
|
-
extend:
|
|
76
|
-
}, "required", "
|
|
71
|
+
userId: convex_values89.VId<convex_values89.GenericId<"User">, "required">;
|
|
72
|
+
provider: convex_values89.VString<string, "required">;
|
|
73
|
+
providerAccountId: convex_values89.VString<string, "required">;
|
|
74
|
+
secret: convex_values89.VString<string | undefined, "optional">;
|
|
75
|
+
emailVerified: convex_values89.VString<string | undefined, "optional">;
|
|
76
|
+
phoneVerified: convex_values89.VString<string | undefined, "optional">;
|
|
77
|
+
extend: convex_values89.VAny<any, "optional", string>;
|
|
78
|
+
}, "required", "userId" | "extend" | `extend.${string}` | "provider" | "providerAccountId" | "secret" | "emailVerified" | "phoneVerified">, {
|
|
77
79
|
user_id_provider: ["userId", "provider", "_creationTime"];
|
|
78
80
|
provider_account_id: ["provider", "providerAccountId", "_creationTime"];
|
|
79
81
|
}, {}, {}>;
|
|
@@ -85,16 +87,16 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
85
87
|
* been used yet. A 10-second reuse window allows for concurrent requests.
|
|
86
88
|
* Any invalid use of a token invalidates the entire chain.
|
|
87
89
|
*/
|
|
88
|
-
RefreshToken:
|
|
90
|
+
RefreshToken: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
89
91
|
firstUsedTime?: number | undefined;
|
|
90
|
-
parentRefreshTokenId?:
|
|
92
|
+
parentRefreshTokenId?: convex_values89.GenericId<"RefreshToken"> | undefined;
|
|
91
93
|
expirationTime: number;
|
|
92
|
-
sessionId:
|
|
94
|
+
sessionId: convex_values89.GenericId<"Session">;
|
|
93
95
|
}, {
|
|
94
|
-
sessionId:
|
|
95
|
-
expirationTime:
|
|
96
|
-
firstUsedTime:
|
|
97
|
-
parentRefreshTokenId:
|
|
96
|
+
sessionId: convex_values89.VId<convex_values89.GenericId<"Session">, "required">;
|
|
97
|
+
expirationTime: convex_values89.VFloat64<number, "required">;
|
|
98
|
+
firstUsedTime: convex_values89.VFloat64<number | undefined, "optional">;
|
|
99
|
+
parentRefreshTokenId: convex_values89.VId<convex_values89.GenericId<"RefreshToken"> | undefined, "optional">;
|
|
98
100
|
}, "required", "expirationTime" | "sessionId" | "firstUsedTime" | "parentRefreshTokenId">, {
|
|
99
101
|
session_id: ["sessionId", "_creationTime"];
|
|
100
102
|
session_id_first_used: ["sessionId", "firstUsedTime", "_creationTime"];
|
|
@@ -103,23 +105,23 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
103
105
|
/**
|
|
104
106
|
* Verification codes for OTP tokens, magic link tokens, and OAuth codes.
|
|
105
107
|
*/
|
|
106
|
-
VerificationCode:
|
|
108
|
+
VerificationCode: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
107
109
|
emailVerified?: string | undefined;
|
|
108
110
|
phoneVerified?: string | undefined;
|
|
109
111
|
verifier?: string | undefined;
|
|
110
112
|
expirationTime: number;
|
|
111
113
|
provider: string;
|
|
112
|
-
accountId:
|
|
114
|
+
accountId: convex_values89.GenericId<"Account">;
|
|
113
115
|
code: string;
|
|
114
116
|
}, {
|
|
115
|
-
accountId:
|
|
116
|
-
provider:
|
|
117
|
-
code:
|
|
118
|
-
expirationTime:
|
|
119
|
-
verifier:
|
|
120
|
-
emailVerified:
|
|
121
|
-
phoneVerified:
|
|
122
|
-
}, "required", "
|
|
117
|
+
accountId: convex_values89.VId<convex_values89.GenericId<"Account">, "required">;
|
|
118
|
+
provider: convex_values89.VString<string, "required">;
|
|
119
|
+
code: convex_values89.VString<string, "required">;
|
|
120
|
+
expirationTime: convex_values89.VFloat64<number, "required">;
|
|
121
|
+
verifier: convex_values89.VString<string | undefined, "optional">;
|
|
122
|
+
emailVerified: convex_values89.VString<string | undefined, "optional">;
|
|
123
|
+
phoneVerified: convex_values89.VString<string | undefined, "optional">;
|
|
124
|
+
}, "required", "expirationTime" | "provider" | "emailVerified" | "phoneVerified" | "accountId" | "code" | "verifier">, {
|
|
123
125
|
account_id: ["accountId", "_creationTime"];
|
|
124
126
|
code: ["code", "_creationTime"];
|
|
125
127
|
}, {}, {}>;
|
|
@@ -127,12 +129,12 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
127
129
|
* PKCE verifiers for OAuth flows. Stores the cryptographic verifier
|
|
128
130
|
* used to prove the authorization request originated from this client.
|
|
129
131
|
*/
|
|
130
|
-
AuthVerifier:
|
|
131
|
-
sessionId?:
|
|
132
|
+
AuthVerifier: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
133
|
+
sessionId?: convex_values89.GenericId<"Session"> | undefined;
|
|
132
134
|
signature?: string | undefined;
|
|
133
135
|
}, {
|
|
134
|
-
sessionId:
|
|
135
|
-
signature:
|
|
136
|
+
sessionId: convex_values89.VId<convex_values89.GenericId<"Session"> | undefined, "optional">;
|
|
137
|
+
signature: convex_values89.VString<string | undefined, "optional">;
|
|
136
138
|
}, "required", "sessionId" | "signature">, {
|
|
137
139
|
signature: ["signature", "_creationTime"];
|
|
138
140
|
}, {}, {}>;
|
|
@@ -141,11 +143,11 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
141
143
|
* registered authenticator (Touch ID, Face ID, security key, etc.).
|
|
142
144
|
* A user can have multiple passkeys across different devices.
|
|
143
145
|
*/
|
|
144
|
-
Passkey:
|
|
146
|
+
Passkey: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
145
147
|
name?: string | undefined;
|
|
146
148
|
lastUsedAt?: number | undefined;
|
|
147
149
|
transports?: string[] | undefined;
|
|
148
|
-
userId:
|
|
150
|
+
userId: convex_values89.GenericId<"User">;
|
|
149
151
|
createdAt: number;
|
|
150
152
|
credentialId: string;
|
|
151
153
|
publicKey: ArrayBuffer;
|
|
@@ -154,17 +156,17 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
154
156
|
deviceType: string;
|
|
155
157
|
backedUp: boolean;
|
|
156
158
|
}, {
|
|
157
|
-
userId:
|
|
158
|
-
credentialId:
|
|
159
|
-
publicKey:
|
|
160
|
-
algorithm:
|
|
161
|
-
counter:
|
|
162
|
-
transports:
|
|
163
|
-
deviceType:
|
|
164
|
-
backedUp:
|
|
165
|
-
name:
|
|
166
|
-
createdAt:
|
|
167
|
-
lastUsedAt:
|
|
159
|
+
userId: convex_values89.VId<convex_values89.GenericId<"User">, "required">; /** Base64url-encoded credential ID from the authenticator. */
|
|
160
|
+
credentialId: convex_values89.VString<string, "required">; /** Public key bytes (SEC1 uncompressed for EC, SPKI for RSA). */
|
|
161
|
+
publicKey: convex_values89.VBytes<ArrayBuffer, "required">; /** COSE algorithm identifier (-7 for ES256, -257 for RS256, -8 for EdDSA). */
|
|
162
|
+
algorithm: convex_values89.VFloat64<number, "required">; /** Signature counter for clone detection. Many authenticators return 0. */
|
|
163
|
+
counter: convex_values89.VFloat64<number, "required">; /** Authenticator transport hints (e.g. "internal", "hybrid", "usb", "ble", "nfc"). */
|
|
164
|
+
transports: convex_values89.VArray<string[] | undefined, convex_values89.VString<string, "required">, "optional">; /** Whether this is a single-device or multi-device (synced) credential. */
|
|
165
|
+
deviceType: convex_values89.VString<string, "required">; /** Whether the credential is backed up (synced passkey). */
|
|
166
|
+
backedUp: convex_values89.VBoolean<boolean, "required">; /** User-assigned friendly name (e.g. "MacBook Touch ID"). */
|
|
167
|
+
name: convex_values89.VString<string | undefined, "optional">;
|
|
168
|
+
createdAt: convex_values89.VFloat64<number, "required">;
|
|
169
|
+
lastUsedAt: convex_values89.VFloat64<number | undefined, "optional">;
|
|
168
170
|
}, "required", "name" | "lastUsedAt" | "userId" | "createdAt" | "credentialId" | "publicKey" | "algorithm" | "counter" | "transports" | "deviceType" | "backedUp">, {
|
|
169
171
|
user_id: ["userId", "_creationTime"];
|
|
170
172
|
credential_id: ["credentialId", "_creationTime"];
|
|
@@ -178,24 +180,24 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
178
180
|
* by successfully entering a code from their authenticator app.
|
|
179
181
|
* Unverified enrollments are in-progress setup that can be discarded.
|
|
180
182
|
*/
|
|
181
|
-
TotpFactor:
|
|
183
|
+
TotpFactor: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
182
184
|
name?: string | undefined;
|
|
183
185
|
lastUsedAt?: number | undefined;
|
|
184
|
-
userId:
|
|
186
|
+
userId: convex_values89.GenericId<"User">;
|
|
185
187
|
createdAt: number;
|
|
186
188
|
secret: ArrayBuffer;
|
|
187
189
|
digits: number;
|
|
188
190
|
period: number;
|
|
189
191
|
verified: boolean;
|
|
190
192
|
}, {
|
|
191
|
-
userId:
|
|
192
|
-
secret:
|
|
193
|
-
digits:
|
|
194
|
-
period:
|
|
195
|
-
verified:
|
|
196
|
-
name:
|
|
197
|
-
createdAt:
|
|
198
|
-
lastUsedAt:
|
|
193
|
+
userId: convex_values89.VId<convex_values89.GenericId<"User">, "required">; /** Raw TOTP secret key bytes. */
|
|
194
|
+
secret: convex_values89.VBytes<ArrayBuffer, "required">; /** Number of digits in each code (typically 6). */
|
|
195
|
+
digits: convex_values89.VFloat64<number, "required">; /** Time period in seconds for code rotation (typically 30). */
|
|
196
|
+
period: convex_values89.VFloat64<number, "required">; /** Whether setup has been confirmed with a valid code. */
|
|
197
|
+
verified: convex_values89.VBoolean<boolean, "required">; /** User-assigned friendly name (e.g. "Google Authenticator"). */
|
|
198
|
+
name: convex_values89.VString<string | undefined, "optional">;
|
|
199
|
+
createdAt: convex_values89.VFloat64<number, "required">;
|
|
200
|
+
lastUsedAt: convex_values89.VFloat64<number | undefined, "optional">;
|
|
199
201
|
}, "required", "name" | "lastUsedAt" | "userId" | "createdAt" | "secret" | "digits" | "period" | "verified">, {
|
|
200
202
|
user_id: ["userId", "_creationTime"];
|
|
201
203
|
user_id_verified: ["userId", "verified", "_creationTime"];
|
|
@@ -205,9 +207,9 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
205
207
|
* device auth session — the device polls with `deviceCode` while the
|
|
206
208
|
* user authorizes via `userCode` on a secondary device.
|
|
207
209
|
*/
|
|
208
|
-
DeviceCode:
|
|
209
|
-
userId?:
|
|
210
|
-
sessionId?:
|
|
210
|
+
DeviceCode: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
211
|
+
userId?: convex_values89.GenericId<"User"> | undefined;
|
|
212
|
+
sessionId?: convex_values89.GenericId<"Session"> | undefined;
|
|
211
213
|
lastPolledAt?: number | undefined;
|
|
212
214
|
status: "pending" | "authorized" | "denied";
|
|
213
215
|
expiresAt: number;
|
|
@@ -215,14 +217,14 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
215
217
|
userCode: string;
|
|
216
218
|
interval: number;
|
|
217
219
|
}, {
|
|
218
|
-
/** High-entropy code used by the device for polling. Stored as SHA-256 hash. */deviceCodeHash:
|
|
219
|
-
userCode:
|
|
220
|
-
expiresAt:
|
|
221
|
-
interval:
|
|
222
|
-
status:
|
|
223
|
-
userId:
|
|
224
|
-
sessionId:
|
|
225
|
-
lastPolledAt:
|
|
220
|
+
/** High-entropy code used by the device for polling. Stored as SHA-256 hash. */deviceCodeHash: convex_values89.VString<string, "required">; /** Short human-readable code the user enters (e.g. "WDJB-MJHT"). */
|
|
221
|
+
userCode: convex_values89.VString<string, "required">; /** Expiration timestamp (ms since epoch). */
|
|
222
|
+
expiresAt: convex_values89.VFloat64<number, "required">; /** Minimum polling interval in seconds. */
|
|
223
|
+
interval: convex_values89.VFloat64<number, "required">; /** Current status of this device authorization session. */
|
|
224
|
+
status: convex_values89.VUnion<"pending" | "authorized" | "denied", [convex_values89.VLiteral<"pending", "required">, convex_values89.VLiteral<"authorized", "required">, convex_values89.VLiteral<"denied", "required">], "required", never>; /** Set when the user authorizes — links to the authorizing user. */
|
|
225
|
+
userId: convex_values89.VId<convex_values89.GenericId<"User"> | undefined, "optional">; /** Set when the user authorizes — the session created for the device. */
|
|
226
|
+
sessionId: convex_values89.VId<convex_values89.GenericId<"Session"> | undefined, "optional">; /** Timestamp of the last poll request (for slow_down enforcement). */
|
|
227
|
+
lastPolledAt: convex_values89.VFloat64<number | undefined, "optional">;
|
|
226
228
|
}, "required", "status" | "expiresAt" | "userId" | "sessionId" | "deviceCodeHash" | "userCode" | "interval" | "lastPolledAt">, {
|
|
227
229
|
device_code_hash: ["deviceCodeHash", "_creationTime"];
|
|
228
230
|
user_code_status: ["userCode", "status", "_creationTime"];
|
|
@@ -230,14 +232,14 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
230
232
|
/**
|
|
231
233
|
* Rate limit tracking for OTP and password sign-in attempts.
|
|
232
234
|
*/
|
|
233
|
-
RateLimit:
|
|
235
|
+
RateLimit: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
234
236
|
identifier: string;
|
|
235
237
|
last_attempt_time: number;
|
|
236
238
|
attempts_left: number;
|
|
237
239
|
}, {
|
|
238
|
-
identifier:
|
|
239
|
-
last_attempt_time:
|
|
240
|
-
attempts_left:
|
|
240
|
+
identifier: convex_values89.VString<string, "required">;
|
|
241
|
+
last_attempt_time: convex_values89.VFloat64<number, "required">;
|
|
242
|
+
attempts_left: convex_values89.VFloat64<number, "required">;
|
|
241
243
|
}, "required", "identifier" | "last_attempt_time" | "attempts_left">, {
|
|
242
244
|
by_identifier: ["identifier", "_creationTime"];
|
|
243
245
|
}, {}, {}>;
|
|
@@ -246,12 +248,12 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
246
248
|
* Groups can nest arbitrarily deep via `parentGroupId` for modeling
|
|
247
249
|
* organizations, teams, departments, or any tree structure.
|
|
248
250
|
*/
|
|
249
|
-
Group:
|
|
251
|
+
Group: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
250
252
|
slug?: string | undefined;
|
|
251
253
|
type?: string | undefined;
|
|
252
254
|
extend?: any;
|
|
253
|
-
parentGroupId?:
|
|
254
|
-
rootGroupId?:
|
|
255
|
+
parentGroupId?: convex_values89.GenericId<"Group"> | undefined;
|
|
256
|
+
rootGroupId?: convex_values89.GenericId<"Group"> | undefined;
|
|
255
257
|
isRoot?: boolean | undefined;
|
|
256
258
|
tags?: {
|
|
257
259
|
key: string;
|
|
@@ -298,23 +300,23 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
298
300
|
} | undefined;
|
|
299
301
|
name: string;
|
|
300
302
|
}, {
|
|
301
|
-
name:
|
|
302
|
-
slug:
|
|
303
|
-
type:
|
|
304
|
-
parentGroupId:
|
|
305
|
-
rootGroupId:
|
|
306
|
-
isRoot:
|
|
307
|
-
tags:
|
|
303
|
+
name: convex_values89.VString<string, "required">;
|
|
304
|
+
slug: convex_values89.VString<string | undefined, "optional">;
|
|
305
|
+
type: convex_values89.VString<string | undefined, "optional">;
|
|
306
|
+
parentGroupId: convex_values89.VId<convex_values89.GenericId<"Group"> | undefined, "optional">; /** Denormalized root group ID. Self-referencing for root groups. */
|
|
307
|
+
rootGroupId: convex_values89.VId<convex_values89.GenericId<"Group"> | undefined, "optional">; /** Denormalized flag: `true` when `parentGroupId` is absent. */
|
|
308
|
+
isRoot: convex_values89.VBoolean<boolean | undefined, "optional">; /** Faceted classification tags. Normalized at write time (trimmed, lowercased). */
|
|
309
|
+
tags: convex_values89.VArray<{
|
|
308
310
|
key: string;
|
|
309
311
|
value: string;
|
|
310
|
-
}[] | undefined,
|
|
312
|
+
}[] | undefined, convex_values89.VObject<{
|
|
311
313
|
key: string;
|
|
312
314
|
value: string;
|
|
313
315
|
}, {
|
|
314
|
-
key:
|
|
315
|
-
value:
|
|
316
|
+
key: convex_values89.VString<string, "required">;
|
|
317
|
+
value: convex_values89.VString<string, "required">;
|
|
316
318
|
}, "required", "key" | "value">, "optional">;
|
|
317
|
-
policy:
|
|
319
|
+
policy: convex_values89.VObject<{
|
|
318
320
|
extend?: any;
|
|
319
321
|
version: 1;
|
|
320
322
|
identity: {
|
|
@@ -353,22 +355,22 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
353
355
|
};
|
|
354
356
|
};
|
|
355
357
|
} | undefined, {
|
|
356
|
-
version:
|
|
357
|
-
identity:
|
|
358
|
+
version: convex_values89.VLiteral<1, "required">;
|
|
359
|
+
identity: convex_values89.VObject<{
|
|
358
360
|
accountLinking: {
|
|
359
361
|
oidc: "verifiedEmail" | "none";
|
|
360
362
|
saml: "verifiedEmail" | "none";
|
|
361
363
|
};
|
|
362
364
|
}, {
|
|
363
|
-
accountLinking:
|
|
365
|
+
accountLinking: convex_values89.VObject<{
|
|
364
366
|
oidc: "verifiedEmail" | "none";
|
|
365
367
|
saml: "verifiedEmail" | "none";
|
|
366
368
|
}, {
|
|
367
|
-
oidc:
|
|
368
|
-
saml:
|
|
369
|
+
oidc: convex_values89.VUnion<"verifiedEmail" | "none", [convex_values89.VLiteral<"verifiedEmail", "required">, convex_values89.VLiteral<"none", "required">], "required", never>;
|
|
370
|
+
saml: convex_values89.VUnion<"verifiedEmail" | "none", [convex_values89.VLiteral<"verifiedEmail", "required">, convex_values89.VLiteral<"none", "required">], "required", never>;
|
|
369
371
|
}, "required", "oidc" | "saml">;
|
|
370
372
|
}, "required", "accountLinking" | "accountLinking.oidc" | "accountLinking.saml">;
|
|
371
|
-
provisioning:
|
|
373
|
+
provisioning: convex_values89.VObject<{
|
|
372
374
|
user: {
|
|
373
375
|
createOnSignIn: boolean;
|
|
374
376
|
updateProfileOnLogin: "never" | "missing" | "always";
|
|
@@ -397,58 +399,58 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
397
399
|
source: "protocol";
|
|
398
400
|
};
|
|
399
401
|
}, {
|
|
400
|
-
user:
|
|
402
|
+
user: convex_values89.VObject<{
|
|
401
403
|
createOnSignIn: boolean;
|
|
402
404
|
updateProfileOnLogin: "never" | "missing" | "always";
|
|
403
405
|
updateProfileFromScim: "never" | "missing" | "always";
|
|
404
406
|
authority: "app" | "sso" | "scim";
|
|
405
407
|
}, {
|
|
406
|
-
createOnSignIn:
|
|
407
|
-
updateProfileOnLogin:
|
|
408
|
-
updateProfileFromScim:
|
|
409
|
-
authority:
|
|
408
|
+
createOnSignIn: convex_values89.VBoolean<boolean, "required">;
|
|
409
|
+
updateProfileOnLogin: convex_values89.VUnion<"never" | "missing" | "always", [convex_values89.VLiteral<"never", "required">, convex_values89.VLiteral<"missing", "required">, convex_values89.VLiteral<"always", "required">], "required", never>;
|
|
410
|
+
updateProfileFromScim: convex_values89.VUnion<"never" | "missing" | "always", [convex_values89.VLiteral<"never", "required">, convex_values89.VLiteral<"missing", "required">, convex_values89.VLiteral<"always", "required">], "required", never>;
|
|
411
|
+
authority: convex_values89.VUnion<"app" | "sso" | "scim", [convex_values89.VLiteral<"app", "required">, convex_values89.VLiteral<"sso", "required">, convex_values89.VLiteral<"scim", "required">], "required", never>;
|
|
410
412
|
}, "required", "createOnSignIn" | "updateProfileOnLogin" | "updateProfileFromScim" | "authority">;
|
|
411
|
-
scimReuse:
|
|
413
|
+
scimReuse: convex_values89.VObject<{
|
|
412
414
|
user: "none" | "externalId";
|
|
413
415
|
}, {
|
|
414
|
-
user:
|
|
416
|
+
user: convex_values89.VUnion<"none" | "externalId", [convex_values89.VLiteral<"externalId", "required">, convex_values89.VLiteral<"none", "required">], "required", never>;
|
|
415
417
|
}, "required", "user">;
|
|
416
|
-
jit:
|
|
418
|
+
jit: convex_values89.VObject<{
|
|
417
419
|
defaultRole?: string | undefined;
|
|
418
420
|
defaultRoleIds?: string[] | undefined;
|
|
419
421
|
mode: "off" | "createUser" | "createUserAndMembership";
|
|
420
422
|
}, {
|
|
421
|
-
mode:
|
|
422
|
-
defaultRole:
|
|
423
|
-
defaultRoleIds:
|
|
423
|
+
mode: convex_values89.VUnion<"off" | "createUser" | "createUserAndMembership", [convex_values89.VLiteral<"off", "required">, convex_values89.VLiteral<"createUser", "required">, convex_values89.VLiteral<"createUserAndMembership", "required">], "required", never>;
|
|
424
|
+
defaultRole: convex_values89.VString<string | undefined, "optional">;
|
|
425
|
+
defaultRoleIds: convex_values89.VArray<string[] | undefined, convex_values89.VString<string, "required">, "optional">;
|
|
424
426
|
}, "required", "mode" | "defaultRole" | "defaultRoleIds">;
|
|
425
|
-
deprovision:
|
|
427
|
+
deprovision: convex_values89.VObject<{
|
|
426
428
|
mode: "soft" | "hard";
|
|
427
429
|
}, {
|
|
428
|
-
mode:
|
|
430
|
+
mode: convex_values89.VUnion<"soft" | "hard", [convex_values89.VLiteral<"soft", "required">, convex_values89.VLiteral<"hard", "required">], "required", never>;
|
|
429
431
|
}, "required", "mode">;
|
|
430
|
-
groups:
|
|
432
|
+
groups: convex_values89.VObject<{
|
|
431
433
|
mapping?: Record<string, string[]> | undefined;
|
|
432
434
|
mode: "ignore" | "sync";
|
|
433
435
|
source: "protocol";
|
|
434
436
|
}, {
|
|
435
|
-
mode:
|
|
436
|
-
source:
|
|
437
|
-
mapping:
|
|
437
|
+
mode: convex_values89.VUnion<"ignore" | "sync", [convex_values89.VLiteral<"ignore", "required">, convex_values89.VLiteral<"sync", "required">], "required", never>;
|
|
438
|
+
source: convex_values89.VLiteral<"protocol", "required">;
|
|
439
|
+
mapping: convex_values89.VRecord<Record<string, string[]> | undefined, convex_values89.VString<string, "required">, convex_values89.VArray<string[], convex_values89.VString<string, "required">, "required">, "optional", string>;
|
|
438
440
|
}, "required", "mode" | "source" | "mapping" | `mapping.${string}`>;
|
|
439
|
-
roles:
|
|
441
|
+
roles: convex_values89.VObject<{
|
|
440
442
|
mapping?: Record<string, string[]> | undefined;
|
|
441
443
|
mode: "map" | "ignore";
|
|
442
444
|
source: "protocol";
|
|
443
445
|
}, {
|
|
444
|
-
mode:
|
|
445
|
-
source:
|
|
446
|
-
mapping:
|
|
446
|
+
mode: convex_values89.VUnion<"map" | "ignore", [convex_values89.VLiteral<"ignore", "required">, convex_values89.VLiteral<"map", "required">], "required", never>;
|
|
447
|
+
source: convex_values89.VLiteral<"protocol", "required">;
|
|
448
|
+
mapping: convex_values89.VRecord<Record<string, string[]> | undefined, convex_values89.VString<string, "required">, convex_values89.VArray<string[], convex_values89.VString<string, "required">, "required">, "optional", string>;
|
|
447
449
|
}, "required", "mode" | "source" | "mapping" | `mapping.${string}`>;
|
|
448
450
|
}, "required", "user" | "scimReuse" | "jit" | "deprovision" | "groups" | "roles" | "user.createOnSignIn" | "user.updateProfileOnLogin" | "user.updateProfileFromScim" | "user.authority" | "scimReuse.user" | "jit.mode" | "jit.defaultRole" | "jit.defaultRoleIds" | "deprovision.mode" | "groups.mode" | "groups.source" | "groups.mapping" | `groups.mapping.${string}` | "roles.mode" | "roles.source" | "roles.mapping" | `roles.mapping.${string}`>;
|
|
449
|
-
extend:
|
|
451
|
+
extend: convex_values89.VAny<any, "optional", string>;
|
|
450
452
|
}, "optional", "extend" | `extend.${string}` | "version" | "identity" | "provisioning" | "identity.accountLinking" | "identity.accountLinking.oidc" | "identity.accountLinking.saml" | "provisioning.user" | "provisioning.scimReuse" | "provisioning.jit" | "provisioning.deprovision" | "provisioning.groups" | "provisioning.roles" | "provisioning.user.createOnSignIn" | "provisioning.user.updateProfileOnLogin" | "provisioning.user.updateProfileFromScim" | "provisioning.user.authority" | "provisioning.scimReuse.user" | "provisioning.jit.mode" | "provisioning.jit.defaultRole" | "provisioning.jit.defaultRoleIds" | "provisioning.deprovision.mode" | "provisioning.groups.mode" | "provisioning.groups.source" | "provisioning.groups.mapping" | `provisioning.groups.mapping.${string}` | "provisioning.roles.mode" | "provisioning.roles.source" | "provisioning.roles.mapping" | `provisioning.roles.mapping.${string}`>;
|
|
451
|
-
extend:
|
|
453
|
+
extend: convex_values89.VAny<any, "optional", string>;
|
|
452
454
|
}, "required", "name" | "slug" | "type" | "extend" | `extend.${string}` | "parentGroupId" | "rootGroupId" | "isRoot" | "tags" | "policy" | "policy.extend" | `policy.extend.${string}` | "policy.version" | "policy.identity" | "policy.provisioning" | "policy.identity.accountLinking" | "policy.identity.accountLinking.oidc" | "policy.identity.accountLinking.saml" | "policy.provisioning.user" | "policy.provisioning.scimReuse" | "policy.provisioning.jit" | "policy.provisioning.deprovision" | "policy.provisioning.groups" | "policy.provisioning.roles" | "policy.provisioning.user.createOnSignIn" | "policy.provisioning.user.updateProfileOnLogin" | "policy.provisioning.user.updateProfileFromScim" | "policy.provisioning.user.authority" | "policy.provisioning.scimReuse.user" | "policy.provisioning.jit.mode" | "policy.provisioning.jit.defaultRole" | "policy.provisioning.jit.defaultRoleIds" | "policy.provisioning.deprovision.mode" | "policy.provisioning.groups.mode" | "policy.provisioning.groups.source" | "policy.provisioning.groups.mapping" | `policy.provisioning.groups.mapping.${string}` | "policy.provisioning.roles.mode" | "policy.provisioning.roles.source" | "policy.provisioning.roles.mapping" | `policy.provisioning.roles.mapping.${string}`>, {
|
|
453
455
|
slug: ["slug", "_creationTime"];
|
|
454
456
|
parent_group_id: ["parentGroupId", "_creationTime"];
|
|
@@ -462,14 +464,14 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
462
464
|
* Each row maps one `(key, value)` pair to a group. Kept in sync by
|
|
463
465
|
* `groupCreate`, `groupUpdate`, and `groupDelete`.
|
|
464
466
|
*/
|
|
465
|
-
GroupTag:
|
|
467
|
+
GroupTag: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
466
468
|
key: string;
|
|
467
469
|
value: string;
|
|
468
|
-
group_id:
|
|
470
|
+
group_id: convex_values89.GenericId<"Group">;
|
|
469
471
|
}, {
|
|
470
|
-
group_id:
|
|
471
|
-
key:
|
|
472
|
-
value:
|
|
472
|
+
group_id: convex_values89.VId<convex_values89.GenericId<"Group">, "required">;
|
|
473
|
+
key: convex_values89.VString<string, "required">;
|
|
474
|
+
value: convex_values89.VString<string, "required">;
|
|
473
475
|
}, "required", "key" | "value" | "group_id">, {
|
|
474
476
|
by_group: ["group_id", "_creationTime"];
|
|
475
477
|
by_key_value: ["key", "value", "_creationTime"];
|
|
@@ -480,20 +482,20 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
480
482
|
* role (e.g. "owner", "admin", "member", "viewer"). A user can be a
|
|
481
483
|
* member of multiple groups with different roles in each.
|
|
482
484
|
*/
|
|
483
|
-
GroupMember:
|
|
485
|
+
GroupMember: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
484
486
|
status?: string | undefined;
|
|
485
487
|
extend?: any;
|
|
486
488
|
role?: string | undefined;
|
|
487
489
|
roleIds?: string[] | undefined;
|
|
488
|
-
userId:
|
|
489
|
-
groupId:
|
|
490
|
+
userId: convex_values89.GenericId<"User">;
|
|
491
|
+
groupId: convex_values89.GenericId<"Group">;
|
|
490
492
|
}, {
|
|
491
|
-
groupId:
|
|
492
|
-
userId:
|
|
493
|
-
role:
|
|
494
|
-
roleIds:
|
|
495
|
-
status:
|
|
496
|
-
extend:
|
|
493
|
+
groupId: convex_values89.VId<convex_values89.GenericId<"Group">, "required">;
|
|
494
|
+
userId: convex_values89.VId<convex_values89.GenericId<"User">, "required">;
|
|
495
|
+
role: convex_values89.VString<string | undefined, "optional">;
|
|
496
|
+
roleIds: convex_values89.VArray<string[] | undefined, convex_values89.VString<string, "required">, "optional">;
|
|
497
|
+
status: convex_values89.VString<string | undefined, "optional">;
|
|
498
|
+
extend: convex_values89.VAny<any, "optional", string>;
|
|
497
499
|
}, "required", "status" | "userId" | "extend" | `extend.${string}` | "groupId" | "role" | "roleIds">, {
|
|
498
500
|
group_id: ["groupId", "_creationTime"];
|
|
499
501
|
group_id_user_id: ["groupId", "userId", "_creationTime"];
|
|
@@ -508,30 +510,30 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
508
510
|
* `email` and `invitedByUserId` are optional to support CLI-generated
|
|
509
511
|
* invite links where neither is known upfront.
|
|
510
512
|
*/
|
|
511
|
-
GroupInvite:
|
|
513
|
+
GroupInvite: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
512
514
|
email?: string | undefined;
|
|
513
515
|
expiresTime?: number | undefined;
|
|
514
516
|
acceptedTime?: number | undefined;
|
|
515
517
|
extend?: any;
|
|
516
|
-
groupId?:
|
|
518
|
+
groupId?: convex_values89.GenericId<"Group"> | undefined;
|
|
517
519
|
role?: string | undefined;
|
|
518
520
|
roleIds?: string[] | undefined;
|
|
519
|
-
invitedByUserId?:
|
|
520
|
-
acceptedByUserId?:
|
|
521
|
+
invitedByUserId?: convex_values89.GenericId<"User"> | undefined;
|
|
522
|
+
acceptedByUserId?: convex_values89.GenericId<"User"> | undefined;
|
|
521
523
|
status: "pending" | "accepted" | "revoked" | "expired";
|
|
522
524
|
tokenHash: string;
|
|
523
525
|
}, {
|
|
524
|
-
groupId:
|
|
525
|
-
invitedByUserId:
|
|
526
|
-
email:
|
|
527
|
-
tokenHash:
|
|
528
|
-
role:
|
|
529
|
-
roleIds:
|
|
530
|
-
status:
|
|
531
|
-
expiresTime:
|
|
532
|
-
acceptedByUserId:
|
|
533
|
-
acceptedTime:
|
|
534
|
-
extend:
|
|
526
|
+
groupId: convex_values89.VId<convex_values89.GenericId<"Group"> | undefined, "optional">;
|
|
527
|
+
invitedByUserId: convex_values89.VId<convex_values89.GenericId<"User"> | undefined, "optional">;
|
|
528
|
+
email: convex_values89.VString<string | undefined, "optional">;
|
|
529
|
+
tokenHash: convex_values89.VString<string, "required">;
|
|
530
|
+
role: convex_values89.VString<string | undefined, "optional">;
|
|
531
|
+
roleIds: convex_values89.VArray<string[] | undefined, convex_values89.VString<string, "required">, "optional">;
|
|
532
|
+
status: convex_values89.VUnion<"pending" | "accepted" | "revoked" | "expired", [convex_values89.VLiteral<"pending", "required">, convex_values89.VLiteral<"accepted", "required">, convex_values89.VLiteral<"revoked", "required">, convex_values89.VLiteral<"expired", "required">], "required", never>;
|
|
533
|
+
expiresTime: convex_values89.VFloat64<number | undefined, "optional">;
|
|
534
|
+
acceptedByUserId: convex_values89.VId<convex_values89.GenericId<"User"> | undefined, "optional">;
|
|
535
|
+
acceptedTime: convex_values89.VFloat64<number | undefined, "optional">;
|
|
536
|
+
extend: convex_values89.VAny<any, "optional", string>;
|
|
535
537
|
}, "required", "email" | "status" | "expiresTime" | "acceptedTime" | "extend" | `extend.${string}` | "groupId" | "role" | "roleIds" | "invitedByUserId" | "tokenHash" | "acceptedByUserId">, {
|
|
536
538
|
token_hash: ["tokenHash", "_creationTime"];
|
|
537
539
|
status: ["status", "_creationTime"];
|
|
@@ -547,42 +549,44 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
547
549
|
* SDK can evolve without forcing schema churn for every protocol-specific
|
|
548
550
|
* field addition.
|
|
549
551
|
*/
|
|
550
|
-
GroupConnection:
|
|
552
|
+
GroupConnection: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
551
553
|
name?: string | undefined;
|
|
552
554
|
slug?: string | undefined;
|
|
553
555
|
extend?: any;
|
|
554
556
|
config?: any;
|
|
555
557
|
status: "draft" | "active" | "disabled";
|
|
556
558
|
protocol: "oidc" | "saml";
|
|
557
|
-
groupId:
|
|
559
|
+
groupId: convex_values89.GenericId<"Group">;
|
|
558
560
|
}, {
|
|
559
|
-
groupId:
|
|
560
|
-
slug:
|
|
561
|
-
name:
|
|
562
|
-
protocol:
|
|
563
|
-
status:
|
|
564
|
-
config:
|
|
565
|
-
extend:
|
|
561
|
+
groupId: convex_values89.VId<convex_values89.GenericId<"Group">, "required">;
|
|
562
|
+
slug: convex_values89.VString<string | undefined, "optional">;
|
|
563
|
+
name: convex_values89.VString<string | undefined, "optional">;
|
|
564
|
+
protocol: convex_values89.VUnion<"oidc" | "saml", [convex_values89.VLiteral<"oidc", "required">, convex_values89.VLiteral<"saml", "required">], "required", never>;
|
|
565
|
+
status: convex_values89.VUnion<"draft" | "active" | "disabled", [convex_values89.VLiteral<"draft", "required">, convex_values89.VLiteral<"active", "required">, convex_values89.VLiteral<"disabled", "required">], "required", never>;
|
|
566
|
+
config: convex_values89.VAny<any, "optional", string>;
|
|
567
|
+
extend: convex_values89.VAny<any, "optional", string>;
|
|
566
568
|
}, "required", "name" | "slug" | "status" | "extend" | `extend.${string}` | "protocol" | "groupId" | "config" | `config.${string}`>, {
|
|
567
569
|
group_id: ["groupId", "_creationTime"];
|
|
568
570
|
slug: ["slug", "_creationTime"];
|
|
569
571
|
status: ["status", "_creationTime"];
|
|
572
|
+
group_id_status: ["groupId", "status", "_creationTime"];
|
|
573
|
+
group_id_slug: ["groupId", "slug", "_creationTime"];
|
|
570
574
|
}, {}, {}>;
|
|
571
575
|
/**
|
|
572
576
|
* Verified or pending domains linked to an group connection record.
|
|
573
577
|
*/
|
|
574
|
-
GroupConnectionDomain:
|
|
578
|
+
GroupConnectionDomain: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
575
579
|
verifiedAt?: number | undefined;
|
|
576
|
-
groupId:
|
|
577
|
-
connectionId:
|
|
580
|
+
groupId: convex_values89.GenericId<"Group">;
|
|
581
|
+
connectionId: convex_values89.GenericId<"GroupConnection">;
|
|
578
582
|
domain: string;
|
|
579
583
|
isPrimary: boolean;
|
|
580
584
|
}, {
|
|
581
|
-
connectionId:
|
|
582
|
-
groupId:
|
|
583
|
-
domain:
|
|
584
|
-
isPrimary:
|
|
585
|
-
verifiedAt:
|
|
585
|
+
connectionId: convex_values89.VId<convex_values89.GenericId<"GroupConnection">, "required">;
|
|
586
|
+
groupId: convex_values89.VId<convex_values89.GenericId<"Group">, "required">;
|
|
587
|
+
domain: convex_values89.VString<string, "required">;
|
|
588
|
+
isPrimary: convex_values89.VBoolean<boolean, "required">;
|
|
589
|
+
verifiedAt: convex_values89.VFloat64<number | undefined, "optional">;
|
|
586
590
|
}, "required", "groupId" | "connectionId" | "domain" | "isPrimary" | "verifiedAt">, {
|
|
587
591
|
connection_id: ["connectionId", "_creationTime"];
|
|
588
592
|
group_id: ["groupId", "_creationTime"];
|
|
@@ -591,26 +595,26 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
591
595
|
/**
|
|
592
596
|
* Pending DNS TXT verification challenges for group connection domains.
|
|
593
597
|
*/
|
|
594
|
-
GroupConnectionDomainVerification:
|
|
598
|
+
GroupConnectionDomainVerification: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
595
599
|
expiresAt: number;
|
|
596
|
-
groupId:
|
|
600
|
+
groupId: convex_values89.GenericId<"Group">;
|
|
597
601
|
tokenHash: string;
|
|
598
|
-
connectionId:
|
|
602
|
+
connectionId: convex_values89.GenericId<"GroupConnection">;
|
|
599
603
|
domain: string;
|
|
600
|
-
domainId:
|
|
604
|
+
domainId: convex_values89.GenericId<"GroupConnectionDomain">;
|
|
601
605
|
recordName: string;
|
|
602
606
|
token: string;
|
|
603
607
|
requestedAt: number;
|
|
604
608
|
}, {
|
|
605
|
-
connectionId:
|
|
606
|
-
groupId:
|
|
607
|
-
domainId:
|
|
608
|
-
domain:
|
|
609
|
-
recordName:
|
|
610
|
-
token:
|
|
611
|
-
tokenHash:
|
|
612
|
-
requestedAt:
|
|
613
|
-
expiresAt:
|
|
609
|
+
connectionId: convex_values89.VId<convex_values89.GenericId<"GroupConnection">, "required">;
|
|
610
|
+
groupId: convex_values89.VId<convex_values89.GenericId<"Group">, "required">;
|
|
611
|
+
domainId: convex_values89.VId<convex_values89.GenericId<"GroupConnectionDomain">, "required">;
|
|
612
|
+
domain: convex_values89.VString<string, "required">;
|
|
613
|
+
recordName: convex_values89.VString<string, "required">;
|
|
614
|
+
token: convex_values89.VString<string, "required">;
|
|
615
|
+
tokenHash: convex_values89.VString<string, "required">;
|
|
616
|
+
requestedAt: convex_values89.VFloat64<number, "required">;
|
|
617
|
+
expiresAt: convex_values89.VFloat64<number, "required">;
|
|
614
618
|
}, "required", "expiresAt" | "groupId" | "tokenHash" | "connectionId" | "domain" | "domainId" | "recordName" | "token" | "requestedAt">, {
|
|
615
619
|
connection_id: ["connectionId", "_creationTime"];
|
|
616
620
|
domain_id: ["domainId", "_creationTime"];
|
|
@@ -619,18 +623,18 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
619
623
|
/**
|
|
620
624
|
* Encrypted group connection secrets stored separately from protocol config.
|
|
621
625
|
*/
|
|
622
|
-
GroupConnectionSecret:
|
|
623
|
-
groupId:
|
|
624
|
-
connectionId:
|
|
626
|
+
GroupConnectionSecret: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
627
|
+
groupId: convex_values89.GenericId<"Group">;
|
|
628
|
+
connectionId: convex_values89.GenericId<"GroupConnection">;
|
|
625
629
|
ciphertext: string;
|
|
626
630
|
updatedAt: number;
|
|
627
631
|
kind: "oidc_client_secret";
|
|
628
632
|
}, {
|
|
629
|
-
connectionId:
|
|
630
|
-
groupId:
|
|
631
|
-
kind:
|
|
632
|
-
ciphertext:
|
|
633
|
-
updatedAt:
|
|
633
|
+
connectionId: convex_values89.VId<convex_values89.GenericId<"GroupConnection">, "required">;
|
|
634
|
+
groupId: convex_values89.VId<convex_values89.GenericId<"Group">, "required">;
|
|
635
|
+
kind: convex_values89.VUnion<"oidc_client_secret", [convex_values89.VLiteral<"oidc_client_secret", "required">], "required", never>;
|
|
636
|
+
ciphertext: convex_values89.VString<string, "required">;
|
|
637
|
+
updatedAt: convex_values89.VFloat64<number, "required">;
|
|
634
638
|
}, "required", "groupId" | "connectionId" | "ciphertext" | "updatedAt" | "kind">, {
|
|
635
639
|
connection_id: ["connectionId", "_creationTime"];
|
|
636
640
|
connection_id_kind: ["connectionId", "kind", "_creationTime"];
|
|
@@ -639,22 +643,22 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
639
643
|
/**
|
|
640
644
|
* SCIM configuration for an group connection tenant.
|
|
641
645
|
*/
|
|
642
|
-
GroupConnectionScimConfig:
|
|
646
|
+
GroupConnectionScimConfig: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
643
647
|
extend?: any;
|
|
644
648
|
lastRotatedAt?: number | undefined;
|
|
645
649
|
status: "draft" | "active" | "disabled";
|
|
646
|
-
groupId:
|
|
650
|
+
groupId: convex_values89.GenericId<"Group">;
|
|
647
651
|
tokenHash: string;
|
|
648
|
-
connectionId:
|
|
652
|
+
connectionId: convex_values89.GenericId<"GroupConnection">;
|
|
649
653
|
basePath: string;
|
|
650
654
|
}, {
|
|
651
|
-
connectionId:
|
|
652
|
-
groupId:
|
|
653
|
-
status:
|
|
654
|
-
basePath:
|
|
655
|
-
tokenHash:
|
|
656
|
-
lastRotatedAt:
|
|
657
|
-
extend:
|
|
655
|
+
connectionId: convex_values89.VId<convex_values89.GenericId<"GroupConnection">, "required">;
|
|
656
|
+
groupId: convex_values89.VId<convex_values89.GenericId<"Group">, "required">;
|
|
657
|
+
status: convex_values89.VUnion<"draft" | "active" | "disabled", [convex_values89.VLiteral<"draft", "required">, convex_values89.VLiteral<"active", "required">, convex_values89.VLiteral<"disabled", "required">], "required", never>;
|
|
658
|
+
basePath: convex_values89.VString<string, "required">;
|
|
659
|
+
tokenHash: convex_values89.VString<string, "required">;
|
|
660
|
+
lastRotatedAt: convex_values89.VFloat64<number | undefined, "optional">;
|
|
661
|
+
extend: convex_values89.VAny<any, "optional", string>;
|
|
658
662
|
}, "required", "status" | "extend" | `extend.${string}` | "groupId" | "tokenHash" | "connectionId" | "basePath" | "lastRotatedAt">, {
|
|
659
663
|
group_connection_id: ["connectionId", "_creationTime"];
|
|
660
664
|
group_id: ["groupId", "_creationTime"];
|
|
@@ -664,26 +668,26 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
664
668
|
/**
|
|
665
669
|
* External SCIM identities mapped into local users/groups.
|
|
666
670
|
*/
|
|
667
|
-
GroupConnectionScimIdentity:
|
|
668
|
-
userId?:
|
|
671
|
+
GroupConnectionScimIdentity: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
672
|
+
userId?: convex_values89.GenericId<"User"> | undefined;
|
|
669
673
|
active?: boolean | undefined;
|
|
670
|
-
mappedGroupId?:
|
|
674
|
+
mappedGroupId?: convex_values89.GenericId<"Group"> | undefined;
|
|
671
675
|
lastProvisionedAt?: number | undefined;
|
|
672
676
|
raw?: any;
|
|
673
677
|
externalId: string;
|
|
674
|
-
groupId:
|
|
675
|
-
connectionId:
|
|
678
|
+
groupId: convex_values89.GenericId<"Group">;
|
|
679
|
+
connectionId: convex_values89.GenericId<"GroupConnection">;
|
|
676
680
|
resourceType: "user" | "group";
|
|
677
681
|
}, {
|
|
678
|
-
connectionId:
|
|
679
|
-
groupId:
|
|
680
|
-
resourceType:
|
|
681
|
-
externalId:
|
|
682
|
-
userId:
|
|
683
|
-
mappedGroupId:
|
|
684
|
-
lastProvisionedAt:
|
|
685
|
-
active:
|
|
686
|
-
raw:
|
|
682
|
+
connectionId: convex_values89.VId<convex_values89.GenericId<"GroupConnection">, "required">;
|
|
683
|
+
groupId: convex_values89.VId<convex_values89.GenericId<"Group">, "required">;
|
|
684
|
+
resourceType: convex_values89.VUnion<"user" | "group", [convex_values89.VLiteral<"user", "required">, convex_values89.VLiteral<"group", "required">], "required", never>;
|
|
685
|
+
externalId: convex_values89.VString<string, "required">;
|
|
686
|
+
userId: convex_values89.VId<convex_values89.GenericId<"User"> | undefined, "optional">;
|
|
687
|
+
mappedGroupId: convex_values89.VId<convex_values89.GenericId<"Group"> | undefined, "optional">;
|
|
688
|
+
lastProvisionedAt: convex_values89.VFloat64<number | undefined, "optional">;
|
|
689
|
+
active: convex_values89.VBoolean<boolean | undefined, "optional">;
|
|
690
|
+
raw: convex_values89.VAny<any, "optional", string>;
|
|
687
691
|
}, "required", "userId" | "externalId" | "groupId" | "active" | "connectionId" | "resourceType" | "mappedGroupId" | "lastProvisionedAt" | "raw" | `raw.${string}`>, {
|
|
688
692
|
group_connection_id: ["connectionId", "_creationTime"];
|
|
689
693
|
group_id: ["groupId", "_creationTime"];
|
|
@@ -695,32 +699,32 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
695
699
|
/**
|
|
696
700
|
* Immutable audit trail for group connection operations.
|
|
697
701
|
*/
|
|
698
|
-
GroupAuditEvent:
|
|
702
|
+
GroupAuditEvent: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
699
703
|
metadata?: any;
|
|
700
|
-
connectionId?:
|
|
704
|
+
connectionId?: convex_values89.GenericId<"GroupConnection"> | undefined;
|
|
701
705
|
actorId?: string | undefined;
|
|
702
706
|
subjectId?: string | undefined;
|
|
703
707
|
requestId?: string | undefined;
|
|
704
708
|
ip?: string | undefined;
|
|
705
709
|
status: "success" | "failure";
|
|
706
|
-
groupId:
|
|
710
|
+
groupId: convex_values89.GenericId<"Group">;
|
|
707
711
|
actorType: "user" | "scim" | "system" | "api_key" | "webhook";
|
|
708
712
|
eventType: string;
|
|
709
713
|
subjectType: string;
|
|
710
714
|
occurredAt: number;
|
|
711
715
|
}, {
|
|
712
|
-
connectionId:
|
|
713
|
-
groupId:
|
|
714
|
-
eventType:
|
|
715
|
-
actorType:
|
|
716
|
-
actorId:
|
|
717
|
-
subjectType:
|
|
718
|
-
subjectId:
|
|
719
|
-
status:
|
|
720
|
-
occurredAt:
|
|
721
|
-
requestId:
|
|
722
|
-
ip:
|
|
723
|
-
metadata:
|
|
716
|
+
connectionId: convex_values89.VId<convex_values89.GenericId<"GroupConnection"> | undefined, "optional">;
|
|
717
|
+
groupId: convex_values89.VId<convex_values89.GenericId<"Group">, "required">;
|
|
718
|
+
eventType: convex_values89.VString<string, "required">;
|
|
719
|
+
actorType: convex_values89.VUnion<"user" | "scim" | "system" | "api_key" | "webhook", [convex_values89.VLiteral<"user", "required">, convex_values89.VLiteral<"system", "required">, convex_values89.VLiteral<"scim", "required">, convex_values89.VLiteral<"api_key", "required">, convex_values89.VLiteral<"webhook", "required">], "required", never>;
|
|
720
|
+
actorId: convex_values89.VString<string | undefined, "optional">;
|
|
721
|
+
subjectType: convex_values89.VString<string, "required">;
|
|
722
|
+
subjectId: convex_values89.VString<string | undefined, "optional">;
|
|
723
|
+
status: convex_values89.VUnion<"success" | "failure", [convex_values89.VLiteral<"success", "required">, convex_values89.VLiteral<"failure", "required">], "required", never>;
|
|
724
|
+
occurredAt: convex_values89.VFloat64<number, "required">;
|
|
725
|
+
requestId: convex_values89.VString<string | undefined, "optional">;
|
|
726
|
+
ip: convex_values89.VString<string | undefined, "optional">;
|
|
727
|
+
metadata: convex_values89.VAny<any, "optional", string>;
|
|
724
728
|
}, "required", "status" | "metadata" | `metadata.${string}` | "groupId" | "connectionId" | "actorType" | "eventType" | "actorId" | "subjectType" | "subjectId" | "occurredAt" | "requestId" | "ip">, {
|
|
725
729
|
group_connection_id_occurred_at: ["connectionId", "occurredAt", "_creationTime"];
|
|
726
730
|
group_id_occurred_at: ["groupId", "occurredAt", "_creationTime"];
|
|
@@ -729,30 +733,30 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
729
733
|
/**
|
|
730
734
|
* Webhook endpoints subscribed to group audit and lifecycle events.
|
|
731
735
|
*/
|
|
732
|
-
GroupWebhookEndpoint:
|
|
736
|
+
GroupWebhookEndpoint: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
733
737
|
extend?: any;
|
|
734
|
-
createdByUserId?:
|
|
738
|
+
createdByUserId?: convex_values89.GenericId<"User"> | undefined;
|
|
735
739
|
lastSuccessAt?: number | undefined;
|
|
736
740
|
lastFailureAt?: number | undefined;
|
|
737
741
|
status: "active" | "disabled";
|
|
738
|
-
groupId:
|
|
739
|
-
connectionId:
|
|
742
|
+
groupId: convex_values89.GenericId<"Group">;
|
|
743
|
+
connectionId: convex_values89.GenericId<"GroupConnection">;
|
|
740
744
|
url: string;
|
|
741
745
|
secretHash: string;
|
|
742
746
|
subscriptions: string[];
|
|
743
747
|
failureCount: number;
|
|
744
748
|
}, {
|
|
745
|
-
connectionId:
|
|
746
|
-
groupId:
|
|
747
|
-
url:
|
|
748
|
-
status:
|
|
749
|
-
secretHash:
|
|
750
|
-
subscriptions:
|
|
751
|
-
createdByUserId:
|
|
752
|
-
lastSuccessAt:
|
|
753
|
-
lastFailureAt:
|
|
754
|
-
failureCount:
|
|
755
|
-
extend:
|
|
749
|
+
connectionId: convex_values89.VId<convex_values89.GenericId<"GroupConnection">, "required">;
|
|
750
|
+
groupId: convex_values89.VId<convex_values89.GenericId<"Group">, "required">;
|
|
751
|
+
url: convex_values89.VString<string, "required">;
|
|
752
|
+
status: convex_values89.VUnion<"active" | "disabled", [convex_values89.VLiteral<"active", "required">, convex_values89.VLiteral<"disabled", "required">], "required", never>;
|
|
753
|
+
secretHash: convex_values89.VString<string, "required">;
|
|
754
|
+
subscriptions: convex_values89.VArray<string[], convex_values89.VString<string, "required">, "required">;
|
|
755
|
+
createdByUserId: convex_values89.VId<convex_values89.GenericId<"User"> | undefined, "optional">;
|
|
756
|
+
lastSuccessAt: convex_values89.VFloat64<number | undefined, "optional">;
|
|
757
|
+
lastFailureAt: convex_values89.VFloat64<number | undefined, "optional">;
|
|
758
|
+
failureCount: convex_values89.VFloat64<number, "required">;
|
|
759
|
+
extend: convex_values89.VAny<any, "optional", string>;
|
|
756
760
|
}, "required", "status" | "extend" | `extend.${string}` | "groupId" | "connectionId" | "url" | "secretHash" | "subscriptions" | "createdByUserId" | "lastSuccessAt" | "lastFailureAt" | "failureCount">, {
|
|
757
761
|
group_connection_id: ["connectionId", "_creationTime"];
|
|
758
762
|
group_id: ["groupId", "_creationTime"];
|
|
@@ -761,30 +765,30 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
761
765
|
/**
|
|
762
766
|
* Delivery queue for outbound group webhooks.
|
|
763
767
|
*/
|
|
764
|
-
GroupWebhookDelivery:
|
|
765
|
-
auditEventId?:
|
|
768
|
+
GroupWebhookDelivery: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
769
|
+
auditEventId?: convex_values89.GenericId<"GroupAuditEvent"> | undefined;
|
|
766
770
|
lastAttemptAt?: number | undefined;
|
|
767
771
|
lastResponseStatus?: number | undefined;
|
|
768
772
|
lastError?: string | undefined;
|
|
769
773
|
status: "pending" | "processing" | "delivered" | "failed";
|
|
770
|
-
connectionId:
|
|
774
|
+
connectionId: convex_values89.GenericId<"GroupConnection">;
|
|
771
775
|
eventType: string;
|
|
772
|
-
endpointId:
|
|
776
|
+
endpointId: convex_values89.GenericId<"GroupWebhookEndpoint">;
|
|
773
777
|
attemptCount: number;
|
|
774
778
|
nextAttemptAt: number;
|
|
775
779
|
payload: any;
|
|
776
780
|
}, {
|
|
777
|
-
connectionId:
|
|
778
|
-
endpointId:
|
|
779
|
-
auditEventId:
|
|
780
|
-
eventType:
|
|
781
|
-
status:
|
|
782
|
-
attemptCount:
|
|
783
|
-
nextAttemptAt:
|
|
784
|
-
lastAttemptAt:
|
|
785
|
-
lastResponseStatus:
|
|
786
|
-
lastError:
|
|
787
|
-
payload:
|
|
781
|
+
connectionId: convex_values89.VId<convex_values89.GenericId<"GroupConnection">, "required">;
|
|
782
|
+
endpointId: convex_values89.VId<convex_values89.GenericId<"GroupWebhookEndpoint">, "required">;
|
|
783
|
+
auditEventId: convex_values89.VId<convex_values89.GenericId<"GroupAuditEvent"> | undefined, "optional">;
|
|
784
|
+
eventType: convex_values89.VString<string, "required">;
|
|
785
|
+
status: convex_values89.VUnion<"pending" | "processing" | "delivered" | "failed", [convex_values89.VLiteral<"pending", "required">, convex_values89.VLiteral<"processing", "required">, convex_values89.VLiteral<"delivered", "required">, convex_values89.VLiteral<"failed", "required">], "required", never>;
|
|
786
|
+
attemptCount: convex_values89.VFloat64<number, "required">;
|
|
787
|
+
nextAttemptAt: convex_values89.VFloat64<number, "required">;
|
|
788
|
+
lastAttemptAt: convex_values89.VFloat64<number | undefined, "optional">;
|
|
789
|
+
lastResponseStatus: convex_values89.VFloat64<number | undefined, "optional">;
|
|
790
|
+
lastError: convex_values89.VString<string | undefined, "optional">;
|
|
791
|
+
payload: convex_values89.VAny<any, "required", string>;
|
|
788
792
|
}, "required", "status" | "connectionId" | "eventType" | "endpointId" | "auditEventId" | "attemptCount" | "nextAttemptAt" | "lastAttemptAt" | "lastResponseStatus" | "lastError" | "payload" | `payload.${string}`>, {
|
|
789
793
|
group_connection_id: ["connectionId", "_creationTime"];
|
|
790
794
|
status_next_attempt_at: ["status", "nextAttemptAt", "_creationTime"];
|
|
@@ -804,7 +808,7 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
804
808
|
* - **Expiration**: optional TTL
|
|
805
809
|
* - **Soft revocation**: `revoked` flag preserves audit trail
|
|
806
810
|
*/
|
|
807
|
-
ApiKey:
|
|
811
|
+
ApiKey: convex_server83.TableDefinition<convex_values89.VObject<{
|
|
808
812
|
lastUsedAt?: number | undefined;
|
|
809
813
|
expiresAt?: number | undefined;
|
|
810
814
|
rateLimit?: {
|
|
@@ -818,7 +822,7 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
818
822
|
metadata?: any;
|
|
819
823
|
name: string;
|
|
820
824
|
revoked: boolean;
|
|
821
|
-
userId:
|
|
825
|
+
userId: convex_values89.GenericId<"User">;
|
|
822
826
|
prefix: string;
|
|
823
827
|
hashedKey: string;
|
|
824
828
|
scopes: {
|
|
@@ -827,39 +831,39 @@ declare const _default: convex_server81.SchemaDefinition<{
|
|
|
827
831
|
}[];
|
|
828
832
|
createdAt: number;
|
|
829
833
|
}, {
|
|
830
|
-
userId:
|
|
831
|
-
prefix:
|
|
832
|
-
hashedKey:
|
|
833
|
-
name:
|
|
834
|
-
scopes:
|
|
834
|
+
userId: convex_values89.VId<convex_values89.GenericId<"User">, "required">; /** First chars of the key for display (e.g. "sk_abc1..."). */
|
|
835
|
+
prefix: convex_values89.VString<string, "required">; /** SHA-256 hex hash of the full raw key. */
|
|
836
|
+
hashedKey: convex_values89.VString<string, "required">; /** User-assigned name (e.g. "CI Pipeline", "Production API"). */
|
|
837
|
+
name: convex_values89.VString<string, "required">; /** Scoped permissions: [{ resource: "users", actions: ["read", "list"] }]. */
|
|
838
|
+
scopes: convex_values89.VArray<{
|
|
835
839
|
resource: string;
|
|
836
840
|
actions: string[];
|
|
837
|
-
}[],
|
|
841
|
+
}[], convex_values89.VObject<{
|
|
838
842
|
resource: string;
|
|
839
843
|
actions: string[];
|
|
840
844
|
}, {
|
|
841
|
-
resource:
|
|
842
|
-
actions:
|
|
845
|
+
resource: convex_values89.VString<string, "required">;
|
|
846
|
+
actions: convex_values89.VArray<string[], convex_values89.VString<string, "required">, "required">;
|
|
843
847
|
}, "required", "resource" | "actions">, "required">; /** Optional per-key rate limit configuration. */
|
|
844
|
-
rateLimit:
|
|
848
|
+
rateLimit: convex_values89.VObject<{
|
|
845
849
|
maxRequests: number;
|
|
846
850
|
windowMs: number;
|
|
847
851
|
} | undefined, {
|
|
848
|
-
maxRequests:
|
|
849
|
-
windowMs:
|
|
852
|
+
maxRequests: convex_values89.VFloat64<number, "required">;
|
|
853
|
+
windowMs: convex_values89.VFloat64<number, "required">;
|
|
850
854
|
}, "optional", "maxRequests" | "windowMs">; /** Rate limit state tracking (token-bucket). */
|
|
851
|
-
rateLimitState:
|
|
855
|
+
rateLimitState: convex_values89.VObject<{
|
|
852
856
|
attemptsLeft: number;
|
|
853
857
|
lastAttemptTime: number;
|
|
854
858
|
} | undefined, {
|
|
855
|
-
attemptsLeft:
|
|
856
|
-
lastAttemptTime:
|
|
859
|
+
attemptsLeft: convex_values89.VFloat64<number, "required">;
|
|
860
|
+
lastAttemptTime: convex_values89.VFloat64<number, "required">;
|
|
857
861
|
}, "optional", "attemptsLeft" | "lastAttemptTime">; /** Expiration timestamp. Null/undefined = never expires. */
|
|
858
|
-
expiresAt:
|
|
859
|
-
lastUsedAt:
|
|
860
|
-
createdAt:
|
|
861
|
-
revoked:
|
|
862
|
-
metadata:
|
|
862
|
+
expiresAt: convex_values89.VFloat64<number | undefined, "optional">;
|
|
863
|
+
lastUsedAt: convex_values89.VFloat64<number | undefined, "optional">;
|
|
864
|
+
createdAt: convex_values89.VFloat64<number, "required">; /** Soft-revoke flag. Revoked keys are kept for audit trail. */
|
|
865
|
+
revoked: convex_values89.VBoolean<boolean, "required">; /** Arbitrary app-specific metadata attached to the key. */
|
|
866
|
+
metadata: convex_values89.VAny<any, "optional", string>;
|
|
863
867
|
}, "required", "name" | "revoked" | "lastUsedAt" | "expiresAt" | "userId" | "prefix" | "hashedKey" | "scopes" | "rateLimit" | "rateLimitState" | "createdAt" | "metadata" | "rateLimit.maxRequests" | "rateLimit.windowMs" | "rateLimitState.attemptsLeft" | "rateLimitState.lastAttemptTime" | `metadata.${string}`>, {
|
|
864
868
|
user_id: ["userId", "_creationTime"];
|
|
865
869
|
hashed_key: ["hashedKey", "_creationTime"];
|