@robelest/convex-auth 0.0.4-preview.34 → 0.0.4-preview.36
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/component/_generated/component.d.ts +6 -0
- package/dist/component/convex.config.js +2 -0
- package/dist/component/migrations.js +36 -0
- package/dist/component/model.d.ts +179 -177
- package/dist/component/model.js +1 -0
- package/dist/component/modules.js +1 -0
- package/dist/component/schema.d.ts +363 -361
- package/dist/component/schema.js +1 -0
- package/dist/core/index.d.ts +25 -25
- package/dist/core/index.js +4 -2
- package/dist/model.js +1 -0
- package/dist/server/auth.d.ts +4 -3
- package/dist/server/auth.js +2 -2
- package/dist/server/mounts.d.ts +32 -32
- package/dist/server/runtime.d.ts +11 -11
- package/dist/server/sso/domain.d.ts +1 -1
- package/dist/server/validators.d.ts +379 -371
- package/package.json +2 -1
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import * as
|
|
1
|
+
import * as convex_values1279 from "convex/values";
|
|
2
2
|
import * as convex_server93 from "convex/server";
|
|
3
3
|
|
|
4
4
|
//#region src/component/schema.d.ts
|
|
@@ -14,27 +14,29 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
14
14
|
* Authenticated users. A user may have multiple linked accounts
|
|
15
15
|
* and multiple concurrent sessions.
|
|
16
16
|
*/
|
|
17
|
-
User: convex_server93.TableDefinition<
|
|
18
|
-
email?: string | undefined;
|
|
17
|
+
User: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
19
18
|
name?: string | undefined;
|
|
19
|
+
email?: string | undefined;
|
|
20
|
+
phone?: string | undefined;
|
|
20
21
|
image?: string | undefined;
|
|
21
|
-
extend?: any;
|
|
22
22
|
emailVerificationTime?: number | undefined;
|
|
23
|
-
phone?: string | undefined;
|
|
24
23
|
phoneVerificationTime?: number | undefined;
|
|
25
24
|
isAnonymous?: boolean | undefined;
|
|
26
|
-
lastActiveGroup?:
|
|
25
|
+
lastActiveGroup?: convex_values1279.GenericId<"Group"> | undefined;
|
|
26
|
+
hasTotp?: boolean | undefined;
|
|
27
|
+
extend?: any;
|
|
27
28
|
}, {
|
|
28
|
-
name:
|
|
29
|
-
image:
|
|
30
|
-
email:
|
|
31
|
-
emailVerificationTime:
|
|
32
|
-
phone:
|
|
33
|
-
phoneVerificationTime:
|
|
34
|
-
isAnonymous:
|
|
35
|
-
lastActiveGroup:
|
|
36
|
-
|
|
37
|
-
|
|
29
|
+
name: convex_values1279.VString<string | undefined, "optional">;
|
|
30
|
+
image: convex_values1279.VString<string | undefined, "optional">;
|
|
31
|
+
email: convex_values1279.VString<string | undefined, "optional">;
|
|
32
|
+
emailVerificationTime: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
33
|
+
phone: convex_values1279.VString<string | undefined, "optional">;
|
|
34
|
+
phoneVerificationTime: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
35
|
+
isAnonymous: convex_values1279.VBoolean<boolean | undefined, "optional">;
|
|
36
|
+
lastActiveGroup: convex_values1279.VId<convex_values1279.GenericId<"Group"> | undefined, "optional">;
|
|
37
|
+
hasTotp: convex_values1279.VBoolean<boolean | undefined, "optional">;
|
|
38
|
+
extend: convex_values1279.VAny<any, "optional", string>;
|
|
39
|
+
}, "required", "name" | "email" | "phone" | "image" | "emailVerificationTime" | "phoneVerificationTime" | "isAnonymous" | "lastActiveGroup" | "hasTotp" | "extend" | `extend.${string}`>, {
|
|
38
40
|
email: ["email", "_creationTime"];
|
|
39
41
|
email_verified: ["email", "emailVerificationTime", "_creationTime"];
|
|
40
42
|
phone: ["phone", "_creationTime"];
|
|
@@ -51,25 +53,25 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
51
53
|
* email-based account linking for SSO must stay scoped to the same
|
|
52
54
|
* `connectionId` (see server/users.ts) to avoid cross-IdP takeover.
|
|
53
55
|
*/
|
|
54
|
-
UserEmail: convex_server93.TableDefinition<
|
|
55
|
-
provider?: string | undefined;
|
|
56
|
-
connectionId?: convex_values1267.GenericId<"GroupConnection"> | undefined;
|
|
56
|
+
UserEmail: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
57
57
|
verificationTime?: number | undefined;
|
|
58
|
-
accountId?:
|
|
58
|
+
accountId?: convex_values1279.GenericId<"Account"> | undefined;
|
|
59
|
+
provider?: string | undefined;
|
|
60
|
+
connectionId?: convex_values1279.GenericId<"GroupConnection"> | undefined;
|
|
59
61
|
email: string;
|
|
60
|
-
|
|
61
|
-
userId: convex_values1267.GenericId<"User">;
|
|
62
|
+
userId: convex_values1279.GenericId<"User">;
|
|
62
63
|
isPrimary: boolean;
|
|
64
|
+
source: "password" | "oauth" | "oidc" | "saml" | "scim";
|
|
63
65
|
}, {
|
|
64
|
-
userId:
|
|
65
|
-
email:
|
|
66
|
-
verificationTime:
|
|
67
|
-
isPrimary:
|
|
68
|
-
source:
|
|
69
|
-
accountId:
|
|
70
|
-
provider:
|
|
71
|
-
connectionId:
|
|
72
|
-
}, "required", "email" | "
|
|
66
|
+
userId: convex_values1279.VId<convex_values1279.GenericId<"User">, "required">;
|
|
67
|
+
email: convex_values1279.VString<string, "required">;
|
|
68
|
+
verificationTime: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
69
|
+
isPrimary: convex_values1279.VBoolean<boolean, "required">;
|
|
70
|
+
source: convex_values1279.VUnion<"password" | "oauth" | "oidc" | "saml" | "scim", [convex_values1279.VLiteral<"password", "required">, convex_values1279.VLiteral<"oauth", "required">, convex_values1279.VLiteral<"oidc", "required">, convex_values1279.VLiteral<"saml", "required">, convex_values1279.VLiteral<"scim", "required">], "required", never>;
|
|
71
|
+
accountId: convex_values1279.VId<convex_values1279.GenericId<"Account"> | undefined, "optional">;
|
|
72
|
+
provider: convex_values1279.VString<string | undefined, "optional">;
|
|
73
|
+
connectionId: convex_values1279.VId<convex_values1279.GenericId<"GroupConnection"> | undefined, "optional">;
|
|
74
|
+
}, "required", "email" | "userId" | "verificationTime" | "isPrimary" | "source" | "accountId" | "provider" | "connectionId">, {
|
|
73
75
|
email: ["email", "_creationTime"];
|
|
74
76
|
email_verified: ["email", "verificationTime", "_creationTime"];
|
|
75
77
|
user_id: ["userId", "_creationTime"];
|
|
@@ -81,12 +83,12 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
81
83
|
* across different devices or browsers. Sessions expire after a
|
|
82
84
|
* configurable duration.
|
|
83
85
|
*/
|
|
84
|
-
Session: convex_server93.TableDefinition<
|
|
85
|
-
userId:
|
|
86
|
+
Session: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
87
|
+
userId: convex_values1279.GenericId<"User">;
|
|
86
88
|
expirationTime: number;
|
|
87
89
|
}, {
|
|
88
|
-
userId:
|
|
89
|
-
expirationTime:
|
|
90
|
+
userId: convex_values1279.VId<convex_values1279.GenericId<"User">, "required">;
|
|
91
|
+
expirationTime: convex_values1279.VFloat64<number, "required">;
|
|
90
92
|
}, "required", "userId" | "expirationTime">, {
|
|
91
93
|
user_id: ["userId", "_creationTime"];
|
|
92
94
|
}, {}, {}>;
|
|
@@ -95,23 +97,23 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
95
97
|
* authentication provider (e.g. Google OAuth, email/password).
|
|
96
98
|
* A user can have multiple accounts linked.
|
|
97
99
|
*/
|
|
98
|
-
Account: convex_server93.TableDefinition<
|
|
99
|
-
emailVerified?: string | undefined;
|
|
100
|
+
Account: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
100
101
|
extend?: any;
|
|
101
102
|
secret?: string | undefined;
|
|
103
|
+
emailVerified?: string | undefined;
|
|
102
104
|
phoneVerified?: string | undefined;
|
|
105
|
+
userId: convex_values1279.GenericId<"User">;
|
|
103
106
|
provider: string;
|
|
104
107
|
providerAccountId: string;
|
|
105
|
-
userId: convex_values1267.GenericId<"User">;
|
|
106
108
|
}, {
|
|
107
|
-
userId:
|
|
108
|
-
provider:
|
|
109
|
-
providerAccountId:
|
|
110
|
-
secret:
|
|
111
|
-
emailVerified:
|
|
112
|
-
phoneVerified:
|
|
113
|
-
extend:
|
|
114
|
-
}, "required", "
|
|
109
|
+
userId: convex_values1279.VId<convex_values1279.GenericId<"User">, "required">;
|
|
110
|
+
provider: convex_values1279.VString<string, "required">;
|
|
111
|
+
providerAccountId: convex_values1279.VString<string, "required">;
|
|
112
|
+
secret: convex_values1279.VString<string | undefined, "optional">;
|
|
113
|
+
emailVerified: convex_values1279.VString<string | undefined, "optional">;
|
|
114
|
+
phoneVerified: convex_values1279.VString<string | undefined, "optional">;
|
|
115
|
+
extend: convex_values1279.VAny<any, "optional", string>;
|
|
116
|
+
}, "required", "extend" | `extend.${string}` | "userId" | "provider" | "providerAccountId" | "secret" | "emailVerified" | "phoneVerified">, {
|
|
115
117
|
user_id_provider: ["userId", "provider", "_creationTime"];
|
|
116
118
|
provider_account_id: ["provider", "providerAccountId", "_creationTime"];
|
|
117
119
|
}, {}, {}>;
|
|
@@ -123,16 +125,16 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
123
125
|
* been used yet. A 10-second reuse window allows for concurrent requests.
|
|
124
126
|
* Any invalid use of a token invalidates the entire chain.
|
|
125
127
|
*/
|
|
126
|
-
RefreshToken: convex_server93.TableDefinition<
|
|
128
|
+
RefreshToken: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
127
129
|
firstUsedTime?: number | undefined;
|
|
128
|
-
parentRefreshTokenId?:
|
|
130
|
+
parentRefreshTokenId?: convex_values1279.GenericId<"RefreshToken"> | undefined;
|
|
129
131
|
expirationTime: number;
|
|
130
|
-
sessionId:
|
|
132
|
+
sessionId: convex_values1279.GenericId<"Session">;
|
|
131
133
|
}, {
|
|
132
|
-
sessionId:
|
|
133
|
-
expirationTime:
|
|
134
|
-
firstUsedTime:
|
|
135
|
-
parentRefreshTokenId:
|
|
134
|
+
sessionId: convex_values1279.VId<convex_values1279.GenericId<"Session">, "required">;
|
|
135
|
+
expirationTime: convex_values1279.VFloat64<number, "required">;
|
|
136
|
+
firstUsedTime: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
137
|
+
parentRefreshTokenId: convex_values1279.VId<convex_values1279.GenericId<"RefreshToken"> | undefined, "optional">;
|
|
136
138
|
}, "required", "expirationTime" | "sessionId" | "firstUsedTime" | "parentRefreshTokenId">, {
|
|
137
139
|
session_id: ["sessionId", "_creationTime"];
|
|
138
140
|
session_id_first_used: ["sessionId", "firstUsedTime", "_creationTime"];
|
|
@@ -141,23 +143,23 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
141
143
|
/**
|
|
142
144
|
* Verification codes for OTP tokens, magic link tokens, and OAuth codes.
|
|
143
145
|
*/
|
|
144
|
-
VerificationCode: convex_server93.TableDefinition<
|
|
146
|
+
VerificationCode: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
145
147
|
emailVerified?: string | undefined;
|
|
146
148
|
phoneVerified?: string | undefined;
|
|
147
149
|
verifier?: string | undefined;
|
|
150
|
+
accountId: convex_values1279.GenericId<"Account">;
|
|
148
151
|
provider: string;
|
|
149
|
-
accountId: convex_values1267.GenericId<"Account">;
|
|
150
152
|
expirationTime: number;
|
|
151
153
|
code: string;
|
|
152
154
|
}, {
|
|
153
|
-
accountId:
|
|
154
|
-
provider:
|
|
155
|
-
code:
|
|
156
|
-
expirationTime:
|
|
157
|
-
verifier:
|
|
158
|
-
emailVerified:
|
|
159
|
-
phoneVerified:
|
|
160
|
-
}, "required", "
|
|
155
|
+
accountId: convex_values1279.VId<convex_values1279.GenericId<"Account">, "required">;
|
|
156
|
+
provider: convex_values1279.VString<string, "required">;
|
|
157
|
+
code: convex_values1279.VString<string, "required">;
|
|
158
|
+
expirationTime: convex_values1279.VFloat64<number, "required">;
|
|
159
|
+
verifier: convex_values1279.VString<string | undefined, "optional">;
|
|
160
|
+
emailVerified: convex_values1279.VString<string | undefined, "optional">;
|
|
161
|
+
phoneVerified: convex_values1279.VString<string | undefined, "optional">;
|
|
162
|
+
}, "required", "accountId" | "provider" | "expirationTime" | "emailVerified" | "phoneVerified" | "code" | "verifier">, {
|
|
161
163
|
account_id: ["accountId", "_creationTime"];
|
|
162
164
|
code: ["code", "_creationTime"];
|
|
163
165
|
}, {}, {}>;
|
|
@@ -165,14 +167,14 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
165
167
|
* PKCE verifiers for OAuth flows. Stores the cryptographic verifier
|
|
166
168
|
* used to prove the authorization request originated from this client.
|
|
167
169
|
*/
|
|
168
|
-
AuthVerifier: convex_server93.TableDefinition<
|
|
170
|
+
AuthVerifier: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
169
171
|
expirationTime?: number | undefined;
|
|
170
|
-
sessionId?:
|
|
172
|
+
sessionId?: convex_values1279.GenericId<"Session"> | undefined;
|
|
171
173
|
signature?: string | undefined;
|
|
172
174
|
}, {
|
|
173
|
-
sessionId:
|
|
174
|
-
signature:
|
|
175
|
-
expirationTime:
|
|
175
|
+
sessionId: convex_values1279.VId<convex_values1279.GenericId<"Session"> | undefined, "optional">;
|
|
176
|
+
signature: convex_values1279.VString<string | undefined, "optional">;
|
|
177
|
+
expirationTime: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
176
178
|
}, "required", "expirationTime" | "sessionId" | "signature">, {
|
|
177
179
|
signature: ["signature", "_creationTime"];
|
|
178
180
|
}, {}, {}>;
|
|
@@ -181,11 +183,11 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
181
183
|
* registered authenticator (Touch ID, Face ID, security key, etc.).
|
|
182
184
|
* A user can have multiple passkeys across different devices.
|
|
183
185
|
*/
|
|
184
|
-
Passkey: convex_server93.TableDefinition<
|
|
186
|
+
Passkey: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
185
187
|
name?: string | undefined;
|
|
186
188
|
transports?: string[] | undefined;
|
|
187
189
|
lastUsedAt?: number | undefined;
|
|
188
|
-
userId:
|
|
190
|
+
userId: convex_values1279.GenericId<"User">;
|
|
189
191
|
credentialId: string;
|
|
190
192
|
publicKey: ArrayBuffer;
|
|
191
193
|
algorithm: number;
|
|
@@ -194,17 +196,17 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
194
196
|
backedUp: boolean;
|
|
195
197
|
createdAt: number;
|
|
196
198
|
}, {
|
|
197
|
-
userId:
|
|
198
|
-
credentialId:
|
|
199
|
-
publicKey:
|
|
200
|
-
algorithm:
|
|
201
|
-
counter:
|
|
202
|
-
transports:
|
|
203
|
-
deviceType:
|
|
204
|
-
backedUp:
|
|
205
|
-
name:
|
|
206
|
-
createdAt:
|
|
207
|
-
lastUsedAt:
|
|
199
|
+
userId: convex_values1279.VId<convex_values1279.GenericId<"User">, "required">; /** Base64url-encoded credential ID from the authenticator. */
|
|
200
|
+
credentialId: convex_values1279.VString<string, "required">; /** Public key bytes (SEC1 uncompressed for EC, SPKI for RSA). */
|
|
201
|
+
publicKey: convex_values1279.VBytes<ArrayBuffer, "required">; /** COSE algorithm identifier (-7 for ES256, -257 for RS256, -8 for EdDSA). */
|
|
202
|
+
algorithm: convex_values1279.VFloat64<number, "required">; /** Signature counter for clone detection. Many authenticators return 0. */
|
|
203
|
+
counter: convex_values1279.VFloat64<number, "required">; /** Authenticator transport hints (e.g. "internal", "hybrid", "usb", "ble", "nfc"). */
|
|
204
|
+
transports: convex_values1279.VArray<string[] | undefined, convex_values1279.VString<string, "required">, "optional">; /** Whether this is a single-device or multi-device (synced) credential. */
|
|
205
|
+
deviceType: convex_values1279.VString<string, "required">; /** Whether the credential is backed up (synced passkey). */
|
|
206
|
+
backedUp: convex_values1279.VBoolean<boolean, "required">; /** User-assigned friendly name (e.g. "MacBook Touch ID"). */
|
|
207
|
+
name: convex_values1279.VString<string | undefined, "optional">;
|
|
208
|
+
createdAt: convex_values1279.VFloat64<number, "required">;
|
|
209
|
+
lastUsedAt: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
208
210
|
}, "required", "name" | "userId" | "credentialId" | "publicKey" | "algorithm" | "counter" | "transports" | "deviceType" | "backedUp" | "createdAt" | "lastUsedAt">, {
|
|
209
211
|
user_id: ["userId", "_creationTime"];
|
|
210
212
|
credential_id: ["credentialId", "_creationTime"];
|
|
@@ -218,25 +220,25 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
218
220
|
* by successfully entering a code from their authenticator app.
|
|
219
221
|
* Unverified enrollments are in-progress setup that can be discarded.
|
|
220
222
|
*/
|
|
221
|
-
TotpFactor: convex_server93.TableDefinition<
|
|
223
|
+
TotpFactor: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
222
224
|
name?: string | undefined;
|
|
223
225
|
lastUsedAt?: number | undefined;
|
|
224
|
-
userId:
|
|
225
|
-
verified: boolean;
|
|
226
|
+
userId: convex_values1279.GenericId<"User">;
|
|
226
227
|
secret: ArrayBuffer;
|
|
227
228
|
createdAt: number;
|
|
228
229
|
digits: number;
|
|
229
230
|
period: number;
|
|
231
|
+
verified: boolean;
|
|
230
232
|
}, {
|
|
231
|
-
userId:
|
|
232
|
-
secret:
|
|
233
|
-
digits:
|
|
234
|
-
period:
|
|
235
|
-
verified:
|
|
236
|
-
name:
|
|
237
|
-
createdAt:
|
|
238
|
-
lastUsedAt:
|
|
239
|
-
}, "required", "name" | "userId" | "
|
|
233
|
+
userId: convex_values1279.VId<convex_values1279.GenericId<"User">, "required">; /** Raw TOTP secret key bytes. */
|
|
234
|
+
secret: convex_values1279.VBytes<ArrayBuffer, "required">; /** Number of digits in each code (typically 6). */
|
|
235
|
+
digits: convex_values1279.VFloat64<number, "required">; /** Time period in seconds for code rotation (typically 30). */
|
|
236
|
+
period: convex_values1279.VFloat64<number, "required">; /** Whether setup has been confirmed with a valid code. */
|
|
237
|
+
verified: convex_values1279.VBoolean<boolean, "required">; /** User-assigned friendly name (e.g. "Google Authenticator"). */
|
|
238
|
+
name: convex_values1279.VString<string | undefined, "optional">;
|
|
239
|
+
createdAt: convex_values1279.VFloat64<number, "required">;
|
|
240
|
+
lastUsedAt: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
241
|
+
}, "required", "name" | "userId" | "secret" | "createdAt" | "lastUsedAt" | "digits" | "period" | "verified">, {
|
|
240
242
|
user_id: ["userId", "_creationTime"];
|
|
241
243
|
user_id_verified: ["userId", "verified", "_creationTime"];
|
|
242
244
|
}, {}, {}>;
|
|
@@ -245,39 +247,39 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
245
247
|
* device auth session — the device polls with `deviceCode` while the
|
|
246
248
|
* user authorizes via `userCode` on a secondary device.
|
|
247
249
|
*/
|
|
248
|
-
DeviceCode: convex_server93.TableDefinition<
|
|
249
|
-
userId?:
|
|
250
|
-
sessionId?:
|
|
250
|
+
DeviceCode: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
251
|
+
userId?: convex_values1279.GenericId<"User"> | undefined;
|
|
252
|
+
sessionId?: convex_values1279.GenericId<"Session"> | undefined;
|
|
251
253
|
lastPolledAt?: number | undefined;
|
|
252
254
|
status: "pending" | "authorized" | "denied";
|
|
253
|
-
expiresAt: number;
|
|
254
255
|
deviceCodeHash: string;
|
|
255
256
|
userCode: string;
|
|
257
|
+
expiresAt: number;
|
|
256
258
|
interval: number;
|
|
257
259
|
}, {
|
|
258
|
-
/** High-entropy code used by the device for polling. Stored as SHA-256 hash. */deviceCodeHash:
|
|
259
|
-
userCode:
|
|
260
|
-
expiresAt:
|
|
261
|
-
interval:
|
|
262
|
-
status:
|
|
263
|
-
userId:
|
|
264
|
-
sessionId:
|
|
265
|
-
lastPolledAt:
|
|
266
|
-
}, "required", "userId" | "
|
|
260
|
+
/** High-entropy code used by the device for polling. Stored as SHA-256 hash. */deviceCodeHash: convex_values1279.VString<string, "required">; /** Short human-readable code the user enters (e.g. "WDJB-MJHT"). */
|
|
261
|
+
userCode: convex_values1279.VString<string, "required">; /** Expiration timestamp (ms since epoch). */
|
|
262
|
+
expiresAt: convex_values1279.VFloat64<number, "required">; /** Minimum polling interval in seconds. */
|
|
263
|
+
interval: convex_values1279.VFloat64<number, "required">; /** Current status of this device authorization session. */
|
|
264
|
+
status: convex_values1279.VUnion<"pending" | "authorized" | "denied", [convex_values1279.VLiteral<"pending", "required">, convex_values1279.VLiteral<"authorized", "required">, convex_values1279.VLiteral<"denied", "required">], "required", never>; /** Set when the user authorizes — links to the authorizing user. */
|
|
265
|
+
userId: convex_values1279.VId<convex_values1279.GenericId<"User"> | undefined, "optional">; /** Set when the user authorizes — the session created for the device. */
|
|
266
|
+
sessionId: convex_values1279.VId<convex_values1279.GenericId<"Session"> | undefined, "optional">; /** Timestamp of the last poll request (for slow_down enforcement). */
|
|
267
|
+
lastPolledAt: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
268
|
+
}, "required", "userId" | "sessionId" | "status" | "deviceCodeHash" | "userCode" | "expiresAt" | "interval" | "lastPolledAt">, {
|
|
267
269
|
device_code_hash: ["deviceCodeHash", "_creationTime"];
|
|
268
270
|
user_code_status: ["userCode", "status", "_creationTime"];
|
|
269
271
|
}, {}, {}>;
|
|
270
272
|
/**
|
|
271
273
|
* Rate limit tracking for OTP and password sign-in attempts.
|
|
272
274
|
*/
|
|
273
|
-
RateLimit: convex_server93.TableDefinition<
|
|
275
|
+
RateLimit: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
274
276
|
identifier: string;
|
|
275
277
|
last_attempt_time: number;
|
|
276
278
|
attempts_left: number;
|
|
277
279
|
}, {
|
|
278
|
-
identifier:
|
|
279
|
-
last_attempt_time:
|
|
280
|
-
attempts_left:
|
|
280
|
+
identifier: convex_values1279.VString<string, "required">;
|
|
281
|
+
last_attempt_time: convex_values1279.VFloat64<number, "required">;
|
|
282
|
+
attempts_left: convex_values1279.VFloat64<number, "required">;
|
|
281
283
|
}, "required", "identifier" | "last_attempt_time" | "attempts_left">, {
|
|
282
284
|
by_identifier: ["identifier", "_creationTime"];
|
|
283
285
|
}, {}, {}>;
|
|
@@ -286,32 +288,32 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
286
288
|
* Groups can nest arbitrarily deep via `parentGroupId` for modeling
|
|
287
289
|
* organizations, teams, departments, or any tree structure.
|
|
288
290
|
*/
|
|
289
|
-
Group: convex_server93.TableDefinition<
|
|
290
|
-
type?: string | undefined;
|
|
291
|
+
Group: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
291
292
|
extend?: any;
|
|
293
|
+
type?: string | undefined;
|
|
292
294
|
slug?: string | undefined;
|
|
293
|
-
parentGroupId?:
|
|
294
|
-
rootGroupId?:
|
|
295
|
+
parentGroupId?: convex_values1279.GenericId<"Group"> | undefined;
|
|
296
|
+
rootGroupId?: convex_values1279.GenericId<"Group"> | undefined;
|
|
295
297
|
isRoot?: boolean | undefined;
|
|
296
298
|
tags?: {
|
|
297
|
-
value: string;
|
|
298
299
|
key: string;
|
|
300
|
+
value: string;
|
|
299
301
|
}[] | undefined;
|
|
300
302
|
policy?: {
|
|
301
303
|
extend?: any;
|
|
304
|
+
version: 1;
|
|
302
305
|
identity: {
|
|
303
306
|
accountLinking: {
|
|
304
|
-
saml: "verifiedEmail" | "none" | "sameConnection";
|
|
305
307
|
oidc: "verifiedEmail" | "none" | "sameConnection";
|
|
308
|
+
saml: "verifiedEmail" | "none" | "sameConnection";
|
|
306
309
|
};
|
|
307
310
|
};
|
|
308
|
-
version: 1;
|
|
309
311
|
provisioning: {
|
|
310
312
|
user: {
|
|
311
313
|
createOnSignIn: boolean;
|
|
312
314
|
updateProfileOnLogin: "never" | "missing" | "always";
|
|
313
315
|
updateProfileFromScim: "never" | "missing" | "always";
|
|
314
|
-
authority: "
|
|
316
|
+
authority: "scim" | "app" | "sso";
|
|
315
317
|
};
|
|
316
318
|
scimReuse: {
|
|
317
319
|
user: "none" | "externalId";
|
|
@@ -326,49 +328,49 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
326
328
|
};
|
|
327
329
|
groups: {
|
|
328
330
|
mapping?: Record<string, string[]> | undefined;
|
|
329
|
-
mode: "ignore" | "sync";
|
|
330
331
|
source: "protocol";
|
|
332
|
+
mode: "ignore" | "sync";
|
|
331
333
|
};
|
|
332
334
|
roles: {
|
|
333
335
|
mapping?: Record<string, string[]> | undefined;
|
|
334
|
-
mode: "map" | "ignore";
|
|
335
336
|
source: "protocol";
|
|
337
|
+
mode: "map" | "ignore";
|
|
336
338
|
};
|
|
337
339
|
};
|
|
338
340
|
} | undefined;
|
|
339
341
|
name: string;
|
|
340
342
|
}, {
|
|
341
|
-
name:
|
|
342
|
-
slug:
|
|
343
|
-
type:
|
|
344
|
-
parentGroupId:
|
|
345
|
-
rootGroupId:
|
|
346
|
-
isRoot:
|
|
347
|
-
tags:
|
|
348
|
-
value: string;
|
|
343
|
+
name: convex_values1279.VString<string, "required">;
|
|
344
|
+
slug: convex_values1279.VString<string | undefined, "optional">;
|
|
345
|
+
type: convex_values1279.VString<string | undefined, "optional">;
|
|
346
|
+
parentGroupId: convex_values1279.VId<convex_values1279.GenericId<"Group"> | undefined, "optional">; /** Denormalized root group ID. Self-referencing for root groups. */
|
|
347
|
+
rootGroupId: convex_values1279.VId<convex_values1279.GenericId<"Group"> | undefined, "optional">; /** Denormalized flag: `true` when `parentGroupId` is absent. */
|
|
348
|
+
isRoot: convex_values1279.VBoolean<boolean | undefined, "optional">; /** Faceted classification tags. Normalized at write time (trimmed, lowercased). */
|
|
349
|
+
tags: convex_values1279.VArray<{
|
|
349
350
|
key: string;
|
|
350
|
-
}[] | undefined, convex_values1267.VObject<{
|
|
351
351
|
value: string;
|
|
352
|
+
}[] | undefined, convex_values1279.VObject<{
|
|
352
353
|
key: string;
|
|
354
|
+
value: string;
|
|
353
355
|
}, {
|
|
354
|
-
key:
|
|
355
|
-
value:
|
|
356
|
-
}, "required", "
|
|
357
|
-
policy:
|
|
356
|
+
key: convex_values1279.VString<string, "required">;
|
|
357
|
+
value: convex_values1279.VString<string, "required">;
|
|
358
|
+
}, "required", "key" | "value">, "optional">;
|
|
359
|
+
policy: convex_values1279.VObject<{
|
|
358
360
|
extend?: any;
|
|
361
|
+
version: 1;
|
|
359
362
|
identity: {
|
|
360
363
|
accountLinking: {
|
|
361
|
-
saml: "verifiedEmail" | "none" | "sameConnection";
|
|
362
364
|
oidc: "verifiedEmail" | "none" | "sameConnection";
|
|
365
|
+
saml: "verifiedEmail" | "none" | "sameConnection";
|
|
363
366
|
};
|
|
364
367
|
};
|
|
365
|
-
version: 1;
|
|
366
368
|
provisioning: {
|
|
367
369
|
user: {
|
|
368
370
|
createOnSignIn: boolean;
|
|
369
371
|
updateProfileOnLogin: "never" | "missing" | "always";
|
|
370
372
|
updateProfileFromScim: "never" | "missing" | "always";
|
|
371
|
-
authority: "
|
|
373
|
+
authority: "scim" | "app" | "sso";
|
|
372
374
|
};
|
|
373
375
|
scimReuse: {
|
|
374
376
|
user: "none" | "externalId";
|
|
@@ -383,37 +385,37 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
383
385
|
};
|
|
384
386
|
groups: {
|
|
385
387
|
mapping?: Record<string, string[]> | undefined;
|
|
386
|
-
mode: "ignore" | "sync";
|
|
387
388
|
source: "protocol";
|
|
389
|
+
mode: "ignore" | "sync";
|
|
388
390
|
};
|
|
389
391
|
roles: {
|
|
390
392
|
mapping?: Record<string, string[]> | undefined;
|
|
391
|
-
mode: "map" | "ignore";
|
|
392
393
|
source: "protocol";
|
|
394
|
+
mode: "map" | "ignore";
|
|
393
395
|
};
|
|
394
396
|
};
|
|
395
397
|
} | undefined, {
|
|
396
|
-
version:
|
|
397
|
-
identity:
|
|
398
|
+
version: convex_values1279.VLiteral<1, "required">;
|
|
399
|
+
identity: convex_values1279.VObject<{
|
|
398
400
|
accountLinking: {
|
|
399
|
-
saml: "verifiedEmail" | "none" | "sameConnection";
|
|
400
401
|
oidc: "verifiedEmail" | "none" | "sameConnection";
|
|
402
|
+
saml: "verifiedEmail" | "none" | "sameConnection";
|
|
401
403
|
};
|
|
402
404
|
}, {
|
|
403
|
-
accountLinking:
|
|
404
|
-
saml: "verifiedEmail" | "none" | "sameConnection";
|
|
405
|
+
accountLinking: convex_values1279.VObject<{
|
|
405
406
|
oidc: "verifiedEmail" | "none" | "sameConnection";
|
|
407
|
+
saml: "verifiedEmail" | "none" | "sameConnection";
|
|
406
408
|
}, {
|
|
407
|
-
oidc:
|
|
408
|
-
saml:
|
|
409
|
-
}, "required", "
|
|
410
|
-
}, "required", "accountLinking" | "accountLinking.
|
|
411
|
-
provisioning:
|
|
409
|
+
oidc: convex_values1279.VUnion<"verifiedEmail" | "none" | "sameConnection", [convex_values1279.VLiteral<"verifiedEmail", "required">, convex_values1279.VLiteral<"none", "required">, convex_values1279.VLiteral<"sameConnection", "required">], "required", never>;
|
|
410
|
+
saml: convex_values1279.VUnion<"verifiedEmail" | "none" | "sameConnection", [convex_values1279.VLiteral<"verifiedEmail", "required">, convex_values1279.VLiteral<"none", "required">, convex_values1279.VLiteral<"sameConnection", "required">], "required", never>;
|
|
411
|
+
}, "required", "oidc" | "saml">;
|
|
412
|
+
}, "required", "accountLinking" | "accountLinking.oidc" | "accountLinking.saml">;
|
|
413
|
+
provisioning: convex_values1279.VObject<{
|
|
412
414
|
user: {
|
|
413
415
|
createOnSignIn: boolean;
|
|
414
416
|
updateProfileOnLogin: "never" | "missing" | "always";
|
|
415
417
|
updateProfileFromScim: "never" | "missing" | "always";
|
|
416
|
-
authority: "
|
|
418
|
+
authority: "scim" | "app" | "sso";
|
|
417
419
|
};
|
|
418
420
|
scimReuse: {
|
|
419
421
|
user: "none" | "externalId";
|
|
@@ -428,68 +430,68 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
428
430
|
};
|
|
429
431
|
groups: {
|
|
430
432
|
mapping?: Record<string, string[]> | undefined;
|
|
431
|
-
mode: "ignore" | "sync";
|
|
432
433
|
source: "protocol";
|
|
434
|
+
mode: "ignore" | "sync";
|
|
433
435
|
};
|
|
434
436
|
roles: {
|
|
435
437
|
mapping?: Record<string, string[]> | undefined;
|
|
436
|
-
mode: "map" | "ignore";
|
|
437
438
|
source: "protocol";
|
|
439
|
+
mode: "map" | "ignore";
|
|
438
440
|
};
|
|
439
441
|
}, {
|
|
440
|
-
user:
|
|
442
|
+
user: convex_values1279.VObject<{
|
|
441
443
|
createOnSignIn: boolean;
|
|
442
444
|
updateProfileOnLogin: "never" | "missing" | "always";
|
|
443
445
|
updateProfileFromScim: "never" | "missing" | "always";
|
|
444
|
-
authority: "
|
|
446
|
+
authority: "scim" | "app" | "sso";
|
|
445
447
|
}, {
|
|
446
|
-
createOnSignIn:
|
|
447
|
-
updateProfileOnLogin:
|
|
448
|
-
updateProfileFromScim:
|
|
449
|
-
authority:
|
|
448
|
+
createOnSignIn: convex_values1279.VBoolean<boolean, "required">;
|
|
449
|
+
updateProfileOnLogin: convex_values1279.VUnion<"never" | "missing" | "always", [convex_values1279.VLiteral<"never", "required">, convex_values1279.VLiteral<"missing", "required">, convex_values1279.VLiteral<"always", "required">], "required", never>;
|
|
450
|
+
updateProfileFromScim: convex_values1279.VUnion<"never" | "missing" | "always", [convex_values1279.VLiteral<"never", "required">, convex_values1279.VLiteral<"missing", "required">, convex_values1279.VLiteral<"always", "required">], "required", never>;
|
|
451
|
+
authority: convex_values1279.VUnion<"scim" | "app" | "sso", [convex_values1279.VLiteral<"app", "required">, convex_values1279.VLiteral<"sso", "required">, convex_values1279.VLiteral<"scim", "required">], "required", never>;
|
|
450
452
|
}, "required", "createOnSignIn" | "updateProfileOnLogin" | "updateProfileFromScim" | "authority">;
|
|
451
|
-
scimReuse:
|
|
453
|
+
scimReuse: convex_values1279.VObject<{
|
|
452
454
|
user: "none" | "externalId";
|
|
453
455
|
}, {
|
|
454
|
-
user:
|
|
456
|
+
user: convex_values1279.VUnion<"none" | "externalId", [convex_values1279.VLiteral<"externalId", "required">, convex_values1279.VLiteral<"none", "required">], "required", never>;
|
|
455
457
|
}, "required", "user">;
|
|
456
|
-
jit:
|
|
458
|
+
jit: convex_values1279.VObject<{
|
|
457
459
|
defaultRole?: string | undefined;
|
|
458
460
|
defaultRoleIds?: string[] | undefined;
|
|
459
461
|
mode: "off" | "createUser" | "createUserAndMembership";
|
|
460
462
|
}, {
|
|
461
|
-
mode:
|
|
462
|
-
defaultRole:
|
|
463
|
-
defaultRoleIds:
|
|
463
|
+
mode: convex_values1279.VUnion<"off" | "createUser" | "createUserAndMembership", [convex_values1279.VLiteral<"off", "required">, convex_values1279.VLiteral<"createUser", "required">, convex_values1279.VLiteral<"createUserAndMembership", "required">], "required", never>;
|
|
464
|
+
defaultRole: convex_values1279.VString<string | undefined, "optional">;
|
|
465
|
+
defaultRoleIds: convex_values1279.VArray<string[] | undefined, convex_values1279.VString<string, "required">, "optional">;
|
|
464
466
|
}, "required", "mode" | "defaultRole" | "defaultRoleIds">;
|
|
465
|
-
deprovision:
|
|
467
|
+
deprovision: convex_values1279.VObject<{
|
|
466
468
|
mode: "soft" | "hard";
|
|
467
469
|
}, {
|
|
468
|
-
mode:
|
|
470
|
+
mode: convex_values1279.VUnion<"soft" | "hard", [convex_values1279.VLiteral<"soft", "required">, convex_values1279.VLiteral<"hard", "required">], "required", never>;
|
|
469
471
|
}, "required", "mode">;
|
|
470
|
-
groups:
|
|
472
|
+
groups: convex_values1279.VObject<{
|
|
471
473
|
mapping?: Record<string, string[]> | undefined;
|
|
472
|
-
mode: "ignore" | "sync";
|
|
473
474
|
source: "protocol";
|
|
475
|
+
mode: "ignore" | "sync";
|
|
474
476
|
}, {
|
|
475
|
-
mode:
|
|
476
|
-
source:
|
|
477
|
-
mapping:
|
|
478
|
-
}, "required", "
|
|
479
|
-
roles:
|
|
477
|
+
mode: convex_values1279.VUnion<"ignore" | "sync", [convex_values1279.VLiteral<"ignore", "required">, convex_values1279.VLiteral<"sync", "required">], "required", never>;
|
|
478
|
+
source: convex_values1279.VLiteral<"protocol", "required">;
|
|
479
|
+
mapping: convex_values1279.VRecord<Record<string, string[]> | undefined, convex_values1279.VString<string, "required">, convex_values1279.VArray<string[], convex_values1279.VString<string, "required">, "required">, "optional", string>;
|
|
480
|
+
}, "required", "source" | "mode" | "mapping" | `mapping.${string}`>;
|
|
481
|
+
roles: convex_values1279.VObject<{
|
|
480
482
|
mapping?: Record<string, string[]> | undefined;
|
|
481
|
-
mode: "map" | "ignore";
|
|
482
483
|
source: "protocol";
|
|
484
|
+
mode: "map" | "ignore";
|
|
483
485
|
}, {
|
|
484
|
-
mode:
|
|
485
|
-
source:
|
|
486
|
-
mapping:
|
|
487
|
-
}, "required", "
|
|
488
|
-
}, "required", "user" | "scimReuse" | "jit" | "deprovision" | "groups" | "roles" | "user.createOnSignIn" | "user.updateProfileOnLogin" | "user.updateProfileFromScim" | "user.authority" | "scimReuse.user" | "jit.mode" | "jit.defaultRole" | "jit.defaultRoleIds" | "deprovision.mode" | "groups.
|
|
489
|
-
extend:
|
|
490
|
-
}, "optional", "
|
|
491
|
-
extend:
|
|
492
|
-
}, "required", "name" | "
|
|
486
|
+
mode: convex_values1279.VUnion<"map" | "ignore", [convex_values1279.VLiteral<"ignore", "required">, convex_values1279.VLiteral<"map", "required">], "required", never>;
|
|
487
|
+
source: convex_values1279.VLiteral<"protocol", "required">;
|
|
488
|
+
mapping: convex_values1279.VRecord<Record<string, string[]> | undefined, convex_values1279.VString<string, "required">, convex_values1279.VArray<string[], convex_values1279.VString<string, "required">, "required">, "optional", string>;
|
|
489
|
+
}, "required", "source" | "mode" | "mapping" | `mapping.${string}`>;
|
|
490
|
+
}, "required", "user" | "scimReuse" | "jit" | "deprovision" | "groups" | "roles" | "user.createOnSignIn" | "user.updateProfileOnLogin" | "user.updateProfileFromScim" | "user.authority" | "scimReuse.user" | "jit.mode" | "jit.defaultRole" | "jit.defaultRoleIds" | "deprovision.mode" | "groups.source" | "groups.mode" | "groups.mapping" | `groups.mapping.${string}` | "roles.source" | "roles.mode" | "roles.mapping" | `roles.mapping.${string}`>;
|
|
491
|
+
extend: convex_values1279.VAny<any, "optional", string>;
|
|
492
|
+
}, "optional", "extend" | `extend.${string}` | "version" | "identity" | "provisioning" | "identity.accountLinking" | "identity.accountLinking.oidc" | "identity.accountLinking.saml" | "provisioning.user" | "provisioning.scimReuse" | "provisioning.jit" | "provisioning.deprovision" | "provisioning.groups" | "provisioning.roles" | "provisioning.user.createOnSignIn" | "provisioning.user.updateProfileOnLogin" | "provisioning.user.updateProfileFromScim" | "provisioning.user.authority" | "provisioning.scimReuse.user" | "provisioning.jit.mode" | "provisioning.jit.defaultRole" | "provisioning.jit.defaultRoleIds" | "provisioning.deprovision.mode" | "provisioning.groups.source" | "provisioning.groups.mode" | "provisioning.groups.mapping" | `provisioning.groups.mapping.${string}` | "provisioning.roles.source" | "provisioning.roles.mode" | "provisioning.roles.mapping" | `provisioning.roles.mapping.${string}`>;
|
|
493
|
+
extend: convex_values1279.VAny<any, "optional", string>;
|
|
494
|
+
}, "required", "name" | "extend" | "type" | `extend.${string}` | "slug" | "parentGroupId" | "rootGroupId" | "isRoot" | "tags" | "policy" | "policy.extend" | `policy.extend.${string}` | "policy.version" | "policy.identity" | "policy.provisioning" | "policy.identity.accountLinking" | "policy.identity.accountLinking.oidc" | "policy.identity.accountLinking.saml" | "policy.provisioning.user" | "policy.provisioning.scimReuse" | "policy.provisioning.jit" | "policy.provisioning.deprovision" | "policy.provisioning.groups" | "policy.provisioning.roles" | "policy.provisioning.user.createOnSignIn" | "policy.provisioning.user.updateProfileOnLogin" | "policy.provisioning.user.updateProfileFromScim" | "policy.provisioning.user.authority" | "policy.provisioning.scimReuse.user" | "policy.provisioning.jit.mode" | "policy.provisioning.jit.defaultRole" | "policy.provisioning.jit.defaultRoleIds" | "policy.provisioning.deprovision.mode" | "policy.provisioning.groups.source" | "policy.provisioning.groups.mode" | "policy.provisioning.groups.mapping" | `policy.provisioning.groups.mapping.${string}` | "policy.provisioning.roles.source" | "policy.provisioning.roles.mode" | "policy.provisioning.roles.mapping" | `policy.provisioning.roles.mapping.${string}`>, {
|
|
493
495
|
slug: ["slug", "_creationTime"];
|
|
494
496
|
parent_group_id: ["parentGroupId", "_creationTime"];
|
|
495
497
|
root_group_id: ["rootGroupId", "_creationTime"];
|
|
@@ -502,15 +504,15 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
502
504
|
* Each row maps one `(key, value)` pair to a group. Kept in sync by
|
|
503
505
|
* `groupCreate`, `groupUpdate`, and `groupDelete`.
|
|
504
506
|
*/
|
|
505
|
-
GroupTag: convex_server93.TableDefinition<
|
|
506
|
-
value: string;
|
|
507
|
+
GroupTag: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
507
508
|
key: string;
|
|
508
|
-
|
|
509
|
+
value: string;
|
|
510
|
+
group_id: convex_values1279.GenericId<"Group">;
|
|
509
511
|
}, {
|
|
510
|
-
group_id:
|
|
511
|
-
key:
|
|
512
|
-
value:
|
|
513
|
-
}, "required", "
|
|
512
|
+
group_id: convex_values1279.VId<convex_values1279.GenericId<"Group">, "required">;
|
|
513
|
+
key: convex_values1279.VString<string, "required">;
|
|
514
|
+
value: convex_values1279.VString<string, "required">;
|
|
515
|
+
}, "required", "key" | "value" | "group_id">, {
|
|
514
516
|
by_group: ["group_id", "_creationTime"];
|
|
515
517
|
by_key_value: ["key", "value", "_creationTime"];
|
|
516
518
|
by_key: ["key", "_creationTime"];
|
|
@@ -520,21 +522,21 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
520
522
|
* role (e.g. "owner", "admin", "member", "viewer"). A user can be a
|
|
521
523
|
* member of multiple groups with different roles in each.
|
|
522
524
|
*/
|
|
523
|
-
GroupMember: convex_server93.TableDefinition<
|
|
525
|
+
GroupMember: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
524
526
|
extend?: any;
|
|
527
|
+
status?: string | undefined;
|
|
525
528
|
role?: string | undefined;
|
|
526
529
|
roleIds?: string[] | undefined;
|
|
527
|
-
|
|
528
|
-
groupId:
|
|
529
|
-
userId: convex_values1267.GenericId<"User">;
|
|
530
|
+
userId: convex_values1279.GenericId<"User">;
|
|
531
|
+
groupId: convex_values1279.GenericId<"Group">;
|
|
530
532
|
}, {
|
|
531
|
-
groupId:
|
|
532
|
-
userId:
|
|
533
|
-
role:
|
|
534
|
-
roleIds:
|
|
535
|
-
status:
|
|
536
|
-
extend:
|
|
537
|
-
}, "required", "extend" | `extend.${string}` | "
|
|
533
|
+
groupId: convex_values1279.VId<convex_values1279.GenericId<"Group">, "required">;
|
|
534
|
+
userId: convex_values1279.VId<convex_values1279.GenericId<"User">, "required">;
|
|
535
|
+
role: convex_values1279.VString<string | undefined, "optional">;
|
|
536
|
+
roleIds: convex_values1279.VArray<string[] | undefined, convex_values1279.VString<string, "required">, "optional">;
|
|
537
|
+
status: convex_values1279.VString<string | undefined, "optional">;
|
|
538
|
+
extend: convex_values1279.VAny<any, "optional", string>;
|
|
539
|
+
}, "required", "extend" | `extend.${string}` | "userId" | "status" | "groupId" | "role" | "roleIds">, {
|
|
538
540
|
group_id: ["groupId", "_creationTime"];
|
|
539
541
|
group_id_user_id: ["groupId", "userId", "_creationTime"];
|
|
540
542
|
group_id_status: ["groupId", "status", "_creationTime"];
|
|
@@ -548,31 +550,31 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
548
550
|
* `email` and `invitedByUserId` are optional to support CLI-generated
|
|
549
551
|
* invite links where neither is known upfront.
|
|
550
552
|
*/
|
|
551
|
-
GroupInvite: convex_server93.TableDefinition<
|
|
553
|
+
GroupInvite: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
552
554
|
email?: string | undefined;
|
|
553
555
|
extend?: any;
|
|
554
|
-
groupId?:
|
|
556
|
+
groupId?: convex_values1279.GenericId<"Group"> | undefined;
|
|
555
557
|
role?: string | undefined;
|
|
556
558
|
roleIds?: string[] | undefined;
|
|
557
|
-
invitedByUserId?:
|
|
559
|
+
invitedByUserId?: convex_values1279.GenericId<"User"> | undefined;
|
|
558
560
|
expiresTime?: number | undefined;
|
|
559
|
-
acceptedByUserId?:
|
|
561
|
+
acceptedByUserId?: convex_values1279.GenericId<"User"> | undefined;
|
|
560
562
|
acceptedTime?: number | undefined;
|
|
561
563
|
status: "pending" | "accepted" | "revoked" | "expired";
|
|
562
564
|
tokenHash: string;
|
|
563
565
|
}, {
|
|
564
|
-
groupId:
|
|
565
|
-
invitedByUserId:
|
|
566
|
-
email:
|
|
567
|
-
tokenHash:
|
|
568
|
-
role:
|
|
569
|
-
roleIds:
|
|
570
|
-
status:
|
|
571
|
-
expiresTime:
|
|
572
|
-
acceptedByUserId:
|
|
573
|
-
acceptedTime:
|
|
574
|
-
extend:
|
|
575
|
-
}, "required", "email" | "extend" | `extend.${string}` | "
|
|
566
|
+
groupId: convex_values1279.VId<convex_values1279.GenericId<"Group"> | undefined, "optional">;
|
|
567
|
+
invitedByUserId: convex_values1279.VId<convex_values1279.GenericId<"User"> | undefined, "optional">;
|
|
568
|
+
email: convex_values1279.VString<string | undefined, "optional">;
|
|
569
|
+
tokenHash: convex_values1279.VString<string, "required">;
|
|
570
|
+
role: convex_values1279.VString<string | undefined, "optional">;
|
|
571
|
+
roleIds: convex_values1279.VArray<string[] | undefined, convex_values1279.VString<string, "required">, "optional">;
|
|
572
|
+
status: convex_values1279.VUnion<"pending" | "accepted" | "revoked" | "expired", [convex_values1279.VLiteral<"pending", "required">, convex_values1279.VLiteral<"accepted", "required">, convex_values1279.VLiteral<"revoked", "required">, convex_values1279.VLiteral<"expired", "required">], "required", never>;
|
|
573
|
+
expiresTime: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
574
|
+
acceptedByUserId: convex_values1279.VId<convex_values1279.GenericId<"User"> | undefined, "optional">;
|
|
575
|
+
acceptedTime: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
576
|
+
extend: convex_values1279.VAny<any, "optional", string>;
|
|
577
|
+
}, "required", "email" | "extend" | `extend.${string}` | "status" | "groupId" | "role" | "roleIds" | "invitedByUserId" | "tokenHash" | "expiresTime" | "acceptedByUserId" | "acceptedTime">, {
|
|
576
578
|
token_hash: ["tokenHash", "_creationTime"];
|
|
577
579
|
status: ["status", "_creationTime"];
|
|
578
580
|
email_status: ["email", "status", "_creationTime"];
|
|
@@ -587,23 +589,23 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
587
589
|
* SDK can evolve without forcing schema churn for every protocol-specific
|
|
588
590
|
* field addition.
|
|
589
591
|
*/
|
|
590
|
-
GroupConnection: convex_server93.TableDefinition<
|
|
592
|
+
GroupConnection: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
591
593
|
name?: string | undefined;
|
|
592
594
|
extend?: any;
|
|
593
595
|
slug?: string | undefined;
|
|
594
596
|
config?: any;
|
|
595
|
-
protocol: "saml" | "oidc";
|
|
596
|
-
groupId: convex_values1267.GenericId<"Group">;
|
|
597
597
|
status: "draft" | "active" | "disabled";
|
|
598
|
+
protocol: "oidc" | "saml";
|
|
599
|
+
groupId: convex_values1279.GenericId<"Group">;
|
|
598
600
|
}, {
|
|
599
|
-
groupId:
|
|
600
|
-
slug:
|
|
601
|
-
name:
|
|
602
|
-
protocol:
|
|
603
|
-
status:
|
|
604
|
-
config:
|
|
605
|
-
extend:
|
|
606
|
-
}, "required", "name" | "extend" |
|
|
601
|
+
groupId: convex_values1279.VId<convex_values1279.GenericId<"Group">, "required">;
|
|
602
|
+
slug: convex_values1279.VString<string | undefined, "optional">;
|
|
603
|
+
name: convex_values1279.VString<string | undefined, "optional">;
|
|
604
|
+
protocol: convex_values1279.VUnion<"oidc" | "saml", [convex_values1279.VLiteral<"oidc", "required">, convex_values1279.VLiteral<"saml", "required">], "required", never>;
|
|
605
|
+
status: convex_values1279.VUnion<"draft" | "active" | "disabled", [convex_values1279.VLiteral<"draft", "required">, convex_values1279.VLiteral<"active", "required">, convex_values1279.VLiteral<"disabled", "required">], "required", never>;
|
|
606
|
+
config: convex_values1279.VAny<any, "optional", string>;
|
|
607
|
+
extend: convex_values1279.VAny<any, "optional", string>;
|
|
608
|
+
}, "required", "name" | "extend" | `extend.${string}` | "status" | "slug" | "protocol" | "groupId" | "config" | `config.${string}`>, {
|
|
607
609
|
group_id: ["groupId", "_creationTime"];
|
|
608
610
|
slug: ["slug", "_creationTime"];
|
|
609
611
|
status: ["status", "_creationTime"];
|
|
@@ -613,19 +615,19 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
613
615
|
/**
|
|
614
616
|
* Verified or pending domains linked to an group connection record.
|
|
615
617
|
*/
|
|
616
|
-
GroupConnectionDomain: convex_server93.TableDefinition<
|
|
618
|
+
GroupConnectionDomain: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
617
619
|
verifiedAt?: number | undefined;
|
|
618
|
-
connectionId: convex_values1267.GenericId<"GroupConnection">;
|
|
619
|
-
groupId: convex_values1267.GenericId<"Group">;
|
|
620
620
|
isPrimary: boolean;
|
|
621
|
+
connectionId: convex_values1279.GenericId<"GroupConnection">;
|
|
622
|
+
groupId: convex_values1279.GenericId<"Group">;
|
|
621
623
|
domain: string;
|
|
622
624
|
}, {
|
|
623
|
-
connectionId:
|
|
624
|
-
groupId:
|
|
625
|
-
domain:
|
|
626
|
-
isPrimary:
|
|
627
|
-
verifiedAt:
|
|
628
|
-
}, "required", "
|
|
625
|
+
connectionId: convex_values1279.VId<convex_values1279.GenericId<"GroupConnection">, "required">;
|
|
626
|
+
groupId: convex_values1279.VId<convex_values1279.GenericId<"Group">, "required">;
|
|
627
|
+
domain: convex_values1279.VString<string, "required">;
|
|
628
|
+
isPrimary: convex_values1279.VBoolean<boolean, "required">;
|
|
629
|
+
verifiedAt: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
630
|
+
}, "required", "isPrimary" | "connectionId" | "groupId" | "domain" | "verifiedAt">, {
|
|
629
631
|
connection_id: ["connectionId", "_creationTime"];
|
|
630
632
|
group_id: ["groupId", "_creationTime"];
|
|
631
633
|
domain: ["domain", "_creationTime"];
|
|
@@ -633,27 +635,27 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
633
635
|
/**
|
|
634
636
|
* Pending DNS TXT verification challenges for group connection domains.
|
|
635
637
|
*/
|
|
636
|
-
GroupConnectionDomainVerification: convex_server93.TableDefinition<
|
|
637
|
-
connectionId:
|
|
638
|
-
groupId: convex_values1267.GenericId<"Group">;
|
|
639
|
-
tokenHash: string;
|
|
638
|
+
GroupConnectionDomainVerification: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
639
|
+
connectionId: convex_values1279.GenericId<"GroupConnection">;
|
|
640
640
|
expiresAt: number;
|
|
641
|
+
groupId: convex_values1279.GenericId<"Group">;
|
|
642
|
+
tokenHash: string;
|
|
641
643
|
domain: string;
|
|
642
|
-
domainId:
|
|
644
|
+
domainId: convex_values1279.GenericId<"GroupConnectionDomain">;
|
|
643
645
|
recordName: string;
|
|
644
646
|
token: string;
|
|
645
647
|
requestedAt: number;
|
|
646
648
|
}, {
|
|
647
|
-
connectionId:
|
|
648
|
-
groupId:
|
|
649
|
-
domainId:
|
|
650
|
-
domain:
|
|
651
|
-
recordName:
|
|
652
|
-
token:
|
|
653
|
-
tokenHash:
|
|
654
|
-
requestedAt:
|
|
655
|
-
expiresAt:
|
|
656
|
-
}, "required", "connectionId" | "
|
|
649
|
+
connectionId: convex_values1279.VId<convex_values1279.GenericId<"GroupConnection">, "required">;
|
|
650
|
+
groupId: convex_values1279.VId<convex_values1279.GenericId<"Group">, "required">;
|
|
651
|
+
domainId: convex_values1279.VId<convex_values1279.GenericId<"GroupConnectionDomain">, "required">;
|
|
652
|
+
domain: convex_values1279.VString<string, "required">;
|
|
653
|
+
recordName: convex_values1279.VString<string, "required">;
|
|
654
|
+
token: convex_values1279.VString<string, "required">;
|
|
655
|
+
tokenHash: convex_values1279.VString<string, "required">;
|
|
656
|
+
requestedAt: convex_values1279.VFloat64<number, "required">;
|
|
657
|
+
expiresAt: convex_values1279.VFloat64<number, "required">;
|
|
658
|
+
}, "required", "connectionId" | "expiresAt" | "groupId" | "tokenHash" | "domain" | "domainId" | "recordName" | "token" | "requestedAt">, {
|
|
657
659
|
connection_id: ["connectionId", "_creationTime"];
|
|
658
660
|
domain_id: ["domainId", "_creationTime"];
|
|
659
661
|
token_hash: ["tokenHash", "_creationTime"];
|
|
@@ -661,19 +663,19 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
661
663
|
/**
|
|
662
664
|
* Encrypted group connection secrets stored separately from protocol config.
|
|
663
665
|
*/
|
|
664
|
-
GroupConnectionSecret: convex_server93.TableDefinition<
|
|
665
|
-
connectionId:
|
|
666
|
-
|
|
667
|
-
groupId: convex_values1267.GenericId<"Group">;
|
|
666
|
+
GroupConnectionSecret: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
667
|
+
connectionId: convex_values1279.GenericId<"GroupConnection">;
|
|
668
|
+
groupId: convex_values1279.GenericId<"Group">;
|
|
668
669
|
ciphertext: string;
|
|
669
670
|
updatedAt: number;
|
|
671
|
+
kind: "oidc_client_secret";
|
|
670
672
|
}, {
|
|
671
|
-
connectionId:
|
|
672
|
-
groupId:
|
|
673
|
-
kind:
|
|
674
|
-
ciphertext:
|
|
675
|
-
updatedAt:
|
|
676
|
-
}, "required", "connectionId" | "
|
|
673
|
+
connectionId: convex_values1279.VId<convex_values1279.GenericId<"GroupConnection">, "required">;
|
|
674
|
+
groupId: convex_values1279.VId<convex_values1279.GenericId<"Group">, "required">;
|
|
675
|
+
kind: convex_values1279.VUnion<"oidc_client_secret", [convex_values1279.VLiteral<"oidc_client_secret", "required">], "required", never>;
|
|
676
|
+
ciphertext: convex_values1279.VString<string, "required">;
|
|
677
|
+
updatedAt: convex_values1279.VFloat64<number, "required">;
|
|
678
|
+
}, "required", "connectionId" | "groupId" | "ciphertext" | "updatedAt" | "kind">, {
|
|
677
679
|
connection_id: ["connectionId", "_creationTime"];
|
|
678
680
|
connection_id_kind: ["connectionId", "kind", "_creationTime"];
|
|
679
681
|
group_id: ["groupId", "_creationTime"];
|
|
@@ -681,23 +683,23 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
681
683
|
/**
|
|
682
684
|
* SCIM configuration for an group connection tenant.
|
|
683
685
|
*/
|
|
684
|
-
GroupConnectionScimConfig: convex_server93.TableDefinition<
|
|
686
|
+
GroupConnectionScimConfig: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
685
687
|
extend?: any;
|
|
686
688
|
lastRotatedAt?: number | undefined;
|
|
687
|
-
connectionId:
|
|
688
|
-
groupId: convex_values1267.GenericId<"Group">;
|
|
689
|
+
connectionId: convex_values1279.GenericId<"GroupConnection">;
|
|
689
690
|
status: "draft" | "active" | "disabled";
|
|
691
|
+
groupId: convex_values1279.GenericId<"Group">;
|
|
690
692
|
tokenHash: string;
|
|
691
693
|
basePath: string;
|
|
692
694
|
}, {
|
|
693
|
-
connectionId:
|
|
694
|
-
groupId:
|
|
695
|
-
status:
|
|
696
|
-
basePath:
|
|
697
|
-
tokenHash:
|
|
698
|
-
lastRotatedAt:
|
|
699
|
-
extend:
|
|
700
|
-
}, "required", "extend" |
|
|
695
|
+
connectionId: convex_values1279.VId<convex_values1279.GenericId<"GroupConnection">, "required">;
|
|
696
|
+
groupId: convex_values1279.VId<convex_values1279.GenericId<"Group">, "required">;
|
|
697
|
+
status: convex_values1279.VUnion<"draft" | "active" | "disabled", [convex_values1279.VLiteral<"draft", "required">, convex_values1279.VLiteral<"active", "required">, convex_values1279.VLiteral<"disabled", "required">], "required", never>;
|
|
698
|
+
basePath: convex_values1279.VString<string, "required">;
|
|
699
|
+
tokenHash: convex_values1279.VString<string, "required">;
|
|
700
|
+
lastRotatedAt: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
701
|
+
extend: convex_values1279.VAny<any, "optional", string>;
|
|
702
|
+
}, "required", "extend" | `extend.${string}` | "connectionId" | "status" | "groupId" | "tokenHash" | "basePath" | "lastRotatedAt">, {
|
|
701
703
|
group_connection_id: ["connectionId", "_creationTime"];
|
|
702
704
|
group_id: ["groupId", "_creationTime"];
|
|
703
705
|
token_hash: ["tokenHash", "_creationTime"];
|
|
@@ -706,27 +708,27 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
706
708
|
/**
|
|
707
709
|
* External SCIM identities mapped into local users/groups.
|
|
708
710
|
*/
|
|
709
|
-
GroupConnectionScimIdentity: convex_server93.TableDefinition<
|
|
710
|
-
userId?:
|
|
711
|
+
GroupConnectionScimIdentity: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
712
|
+
userId?: convex_values1279.GenericId<"User"> | undefined;
|
|
711
713
|
active?: boolean | undefined;
|
|
712
|
-
mappedGroupId?:
|
|
714
|
+
mappedGroupId?: convex_values1279.GenericId<"Group"> | undefined;
|
|
713
715
|
lastProvisionedAt?: number | undefined;
|
|
714
716
|
raw?: any;
|
|
715
|
-
connectionId:
|
|
717
|
+
connectionId: convex_values1279.GenericId<"GroupConnection">;
|
|
716
718
|
externalId: string;
|
|
717
|
-
groupId:
|
|
719
|
+
groupId: convex_values1279.GenericId<"Group">;
|
|
718
720
|
resourceType: "user" | "group";
|
|
719
721
|
}, {
|
|
720
|
-
connectionId:
|
|
721
|
-
groupId:
|
|
722
|
-
resourceType:
|
|
723
|
-
externalId:
|
|
724
|
-
userId:
|
|
725
|
-
mappedGroupId:
|
|
726
|
-
lastProvisionedAt:
|
|
727
|
-
active:
|
|
728
|
-
raw:
|
|
729
|
-
}, "required", "
|
|
722
|
+
connectionId: convex_values1279.VId<convex_values1279.GenericId<"GroupConnection">, "required">;
|
|
723
|
+
groupId: convex_values1279.VId<convex_values1279.GenericId<"Group">, "required">;
|
|
724
|
+
resourceType: convex_values1279.VUnion<"user" | "group", [convex_values1279.VLiteral<"user", "required">, convex_values1279.VLiteral<"group", "required">], "required", never>;
|
|
725
|
+
externalId: convex_values1279.VString<string, "required">;
|
|
726
|
+
userId: convex_values1279.VId<convex_values1279.GenericId<"User"> | undefined, "optional">;
|
|
727
|
+
mappedGroupId: convex_values1279.VId<convex_values1279.GenericId<"Group"> | undefined, "optional">;
|
|
728
|
+
lastProvisionedAt: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
729
|
+
active: convex_values1279.VBoolean<boolean | undefined, "optional">;
|
|
730
|
+
raw: convex_values1279.VAny<any, "optional", string>;
|
|
731
|
+
}, "required", "userId" | "connectionId" | "externalId" | "groupId" | "active" | "resourceType" | "mappedGroupId" | "lastProvisionedAt" | "raw" | `raw.${string}`>, {
|
|
730
732
|
group_connection_id: ["connectionId", "_creationTime"];
|
|
731
733
|
group_id: ["groupId", "_creationTime"];
|
|
732
734
|
group_connection_id_resource_type_external_id: ["connectionId", "resourceType", "externalId", "_creationTime"];
|
|
@@ -737,33 +739,33 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
737
739
|
/**
|
|
738
740
|
* Immutable audit trail for group connection operations.
|
|
739
741
|
*/
|
|
740
|
-
GroupAuditEvent: convex_server93.TableDefinition<
|
|
741
|
-
connectionId?:
|
|
742
|
-
metadata?: any;
|
|
742
|
+
GroupAuditEvent: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
743
|
+
connectionId?: convex_values1279.GenericId<"GroupConnection"> | undefined;
|
|
743
744
|
actorId?: string | undefined;
|
|
744
745
|
subjectId?: string | undefined;
|
|
745
746
|
requestId?: string | undefined;
|
|
746
747
|
ip?: string | undefined;
|
|
747
|
-
|
|
748
|
+
metadata?: any;
|
|
748
749
|
status: "success" | "failure";
|
|
750
|
+
groupId: convex_values1279.GenericId<"Group">;
|
|
751
|
+
actorType: "scim" | "user" | "system" | "api_key" | "webhook";
|
|
749
752
|
eventType: string;
|
|
750
|
-
actorType: "user" | "scim" | "system" | "api_key" | "webhook";
|
|
751
753
|
subjectType: string;
|
|
752
754
|
occurredAt: number;
|
|
753
755
|
}, {
|
|
754
|
-
connectionId:
|
|
755
|
-
groupId:
|
|
756
|
-
eventType:
|
|
757
|
-
actorType:
|
|
758
|
-
actorId:
|
|
759
|
-
subjectType:
|
|
760
|
-
subjectId:
|
|
761
|
-
status:
|
|
762
|
-
occurredAt:
|
|
763
|
-
requestId:
|
|
764
|
-
ip:
|
|
765
|
-
metadata:
|
|
766
|
-
}, "required", "connectionId" | "
|
|
756
|
+
connectionId: convex_values1279.VId<convex_values1279.GenericId<"GroupConnection"> | undefined, "optional">;
|
|
757
|
+
groupId: convex_values1279.VId<convex_values1279.GenericId<"Group">, "required">;
|
|
758
|
+
eventType: convex_values1279.VString<string, "required">;
|
|
759
|
+
actorType: convex_values1279.VUnion<"scim" | "user" | "system" | "api_key" | "webhook", [convex_values1279.VLiteral<"user", "required">, convex_values1279.VLiteral<"system", "required">, convex_values1279.VLiteral<"scim", "required">, convex_values1279.VLiteral<"api_key", "required">, convex_values1279.VLiteral<"webhook", "required">], "required", never>;
|
|
760
|
+
actorId: convex_values1279.VString<string | undefined, "optional">;
|
|
761
|
+
subjectType: convex_values1279.VString<string, "required">;
|
|
762
|
+
subjectId: convex_values1279.VString<string | undefined, "optional">;
|
|
763
|
+
status: convex_values1279.VUnion<"success" | "failure", [convex_values1279.VLiteral<"success", "required">, convex_values1279.VLiteral<"failure", "required">], "required", never>;
|
|
764
|
+
occurredAt: convex_values1279.VFloat64<number, "required">;
|
|
765
|
+
requestId: convex_values1279.VString<string | undefined, "optional">;
|
|
766
|
+
ip: convex_values1279.VString<string | undefined, "optional">;
|
|
767
|
+
metadata: convex_values1279.VAny<any, "optional", string>;
|
|
768
|
+
}, "required", "connectionId" | "status" | "groupId" | "actorType" | "eventType" | "actorId" | "subjectType" | "subjectId" | "occurredAt" | "requestId" | "ip" | "metadata" | `metadata.${string}`>, {
|
|
767
769
|
group_connection_id_occurred_at: ["connectionId", "occurredAt", "_creationTime"];
|
|
768
770
|
group_id_occurred_at: ["groupId", "occurredAt", "_creationTime"];
|
|
769
771
|
event_type_occurred_at: ["eventType", "occurredAt", "_creationTime"];
|
|
@@ -771,31 +773,31 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
771
773
|
/**
|
|
772
774
|
* Webhook endpoints subscribed to group audit and lifecycle events.
|
|
773
775
|
*/
|
|
774
|
-
GroupWebhookEndpoint: convex_server93.TableDefinition<
|
|
776
|
+
GroupWebhookEndpoint: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
775
777
|
extend?: any;
|
|
776
|
-
createdByUserId?:
|
|
778
|
+
createdByUserId?: convex_values1279.GenericId<"User"> | undefined;
|
|
777
779
|
lastSuccessAt?: number | undefined;
|
|
778
780
|
lastFailureAt?: number | undefined;
|
|
779
|
-
connectionId:
|
|
780
|
-
groupId: convex_values1267.GenericId<"Group">;
|
|
781
|
+
connectionId: convex_values1279.GenericId<"GroupConnection">;
|
|
781
782
|
status: "active" | "disabled";
|
|
783
|
+
groupId: convex_values1279.GenericId<"Group">;
|
|
782
784
|
url: string;
|
|
783
785
|
secretHash: string;
|
|
784
786
|
subscriptions: string[];
|
|
785
787
|
failureCount: number;
|
|
786
788
|
}, {
|
|
787
|
-
connectionId:
|
|
788
|
-
groupId:
|
|
789
|
-
url:
|
|
790
|
-
status:
|
|
791
|
-
secretHash:
|
|
792
|
-
subscriptions:
|
|
793
|
-
createdByUserId:
|
|
794
|
-
lastSuccessAt:
|
|
795
|
-
lastFailureAt:
|
|
796
|
-
failureCount:
|
|
797
|
-
extend:
|
|
798
|
-
}, "required", "extend" |
|
|
789
|
+
connectionId: convex_values1279.VId<convex_values1279.GenericId<"GroupConnection">, "required">;
|
|
790
|
+
groupId: convex_values1279.VId<convex_values1279.GenericId<"Group">, "required">;
|
|
791
|
+
url: convex_values1279.VString<string, "required">;
|
|
792
|
+
status: convex_values1279.VUnion<"active" | "disabled", [convex_values1279.VLiteral<"active", "required">, convex_values1279.VLiteral<"disabled", "required">], "required", never>;
|
|
793
|
+
secretHash: convex_values1279.VString<string, "required">;
|
|
794
|
+
subscriptions: convex_values1279.VArray<string[], convex_values1279.VString<string, "required">, "required">;
|
|
795
|
+
createdByUserId: convex_values1279.VId<convex_values1279.GenericId<"User"> | undefined, "optional">;
|
|
796
|
+
lastSuccessAt: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
797
|
+
lastFailureAt: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
798
|
+
failureCount: convex_values1279.VFloat64<number, "required">;
|
|
799
|
+
extend: convex_values1279.VAny<any, "optional", string>;
|
|
800
|
+
}, "required", "extend" | `extend.${string}` | "connectionId" | "status" | "groupId" | "url" | "secretHash" | "subscriptions" | "createdByUserId" | "lastSuccessAt" | "lastFailureAt" | "failureCount">, {
|
|
799
801
|
group_connection_id: ["connectionId", "_creationTime"];
|
|
800
802
|
group_id: ["groupId", "_creationTime"];
|
|
801
803
|
status: ["status", "_creationTime"];
|
|
@@ -803,30 +805,30 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
803
805
|
/**
|
|
804
806
|
* Delivery queue for outbound group webhooks.
|
|
805
807
|
*/
|
|
806
|
-
GroupWebhookDelivery: convex_server93.TableDefinition<
|
|
807
|
-
auditEventId?:
|
|
808
|
+
GroupWebhookDelivery: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
809
|
+
auditEventId?: convex_values1279.GenericId<"GroupAuditEvent"> | undefined;
|
|
808
810
|
lastAttemptAt?: number | undefined;
|
|
809
811
|
lastResponseStatus?: number | undefined;
|
|
810
812
|
lastError?: string | undefined;
|
|
811
|
-
connectionId:
|
|
813
|
+
connectionId: convex_values1279.GenericId<"GroupConnection">;
|
|
812
814
|
status: "pending" | "processing" | "delivered" | "failed";
|
|
813
815
|
eventType: string;
|
|
814
|
-
endpointId:
|
|
816
|
+
endpointId: convex_values1279.GenericId<"GroupWebhookEndpoint">;
|
|
815
817
|
attemptCount: number;
|
|
816
818
|
nextAttemptAt: number;
|
|
817
819
|
payload: any;
|
|
818
820
|
}, {
|
|
819
|
-
connectionId:
|
|
820
|
-
endpointId:
|
|
821
|
-
auditEventId:
|
|
822
|
-
eventType:
|
|
823
|
-
status:
|
|
824
|
-
attemptCount:
|
|
825
|
-
nextAttemptAt:
|
|
826
|
-
lastAttemptAt:
|
|
827
|
-
lastResponseStatus:
|
|
828
|
-
lastError:
|
|
829
|
-
payload:
|
|
821
|
+
connectionId: convex_values1279.VId<convex_values1279.GenericId<"GroupConnection">, "required">;
|
|
822
|
+
endpointId: convex_values1279.VId<convex_values1279.GenericId<"GroupWebhookEndpoint">, "required">;
|
|
823
|
+
auditEventId: convex_values1279.VId<convex_values1279.GenericId<"GroupAuditEvent"> | undefined, "optional">;
|
|
824
|
+
eventType: convex_values1279.VString<string, "required">;
|
|
825
|
+
status: convex_values1279.VUnion<"pending" | "processing" | "delivered" | "failed", [convex_values1279.VLiteral<"pending", "required">, convex_values1279.VLiteral<"processing", "required">, convex_values1279.VLiteral<"delivered", "required">, convex_values1279.VLiteral<"failed", "required">], "required", never>;
|
|
826
|
+
attemptCount: convex_values1279.VFloat64<number, "required">;
|
|
827
|
+
nextAttemptAt: convex_values1279.VFloat64<number, "required">;
|
|
828
|
+
lastAttemptAt: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
829
|
+
lastResponseStatus: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
830
|
+
lastError: convex_values1279.VString<string | undefined, "optional">;
|
|
831
|
+
payload: convex_values1279.VAny<any, "required", string>;
|
|
830
832
|
}, "required", "connectionId" | "status" | "eventType" | "endpointId" | "auditEventId" | "attemptCount" | "nextAttemptAt" | "lastAttemptAt" | "lastResponseStatus" | "lastError" | "payload" | `payload.${string}`>, {
|
|
831
833
|
group_connection_id: ["connectionId", "_creationTime"];
|
|
832
834
|
status_next_attempt_at: ["status", "nextAttemptAt", "_creationTime"];
|
|
@@ -846,8 +848,10 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
846
848
|
* - **Expiration**: optional TTL
|
|
847
849
|
* - **Soft revocation**: `revoked` flag preserves audit trail
|
|
848
850
|
*/
|
|
849
|
-
ApiKey: convex_server93.TableDefinition<
|
|
851
|
+
ApiKey: convex_server93.TableDefinition<convex_values1279.VObject<{
|
|
850
852
|
lastUsedAt?: number | undefined;
|
|
853
|
+
expiresAt?: number | undefined;
|
|
854
|
+
metadata?: any;
|
|
851
855
|
rateLimit?: {
|
|
852
856
|
maxRequests: number;
|
|
853
857
|
windowMs: number;
|
|
@@ -856,12 +860,10 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
856
860
|
attemptsLeft: number;
|
|
857
861
|
lastAttemptTime: number;
|
|
858
862
|
} | undefined;
|
|
859
|
-
expiresAt?: number | undefined;
|
|
860
|
-
metadata?: any;
|
|
861
863
|
name: string;
|
|
862
|
-
userId:
|
|
863
|
-
revoked: boolean;
|
|
864
|
+
userId: convex_values1279.GenericId<"User">;
|
|
864
865
|
createdAt: number;
|
|
866
|
+
revoked: boolean;
|
|
865
867
|
prefix: string;
|
|
866
868
|
hashedKey: string;
|
|
867
869
|
scopes: {
|
|
@@ -869,40 +871,40 @@ declare const _default: convex_server93.SchemaDefinition<{
|
|
|
869
871
|
actions: string[];
|
|
870
872
|
}[];
|
|
871
873
|
}, {
|
|
872
|
-
userId:
|
|
873
|
-
prefix:
|
|
874
|
-
hashedKey:
|
|
875
|
-
name:
|
|
876
|
-
scopes:
|
|
874
|
+
userId: convex_values1279.VId<convex_values1279.GenericId<"User">, "required">; /** First chars of the key for display (e.g. "sk_abc1..."). */
|
|
875
|
+
prefix: convex_values1279.VString<string, "required">; /** SHA-256 hex hash of the full raw key. */
|
|
876
|
+
hashedKey: convex_values1279.VString<string, "required">; /** User-assigned name (e.g. "CI Pipeline", "Production API"). */
|
|
877
|
+
name: convex_values1279.VString<string, "required">; /** Scoped permissions: [{ resource: "users", actions: ["read", "list"] }]. */
|
|
878
|
+
scopes: convex_values1279.VArray<{
|
|
877
879
|
resource: string;
|
|
878
880
|
actions: string[];
|
|
879
|
-
}[],
|
|
881
|
+
}[], convex_values1279.VObject<{
|
|
880
882
|
resource: string;
|
|
881
883
|
actions: string[];
|
|
882
884
|
}, {
|
|
883
|
-
resource:
|
|
884
|
-
actions:
|
|
885
|
+
resource: convex_values1279.VString<string, "required">;
|
|
886
|
+
actions: convex_values1279.VArray<string[], convex_values1279.VString<string, "required">, "required">;
|
|
885
887
|
}, "required", "resource" | "actions">, "required">; /** Optional per-key rate limit configuration. */
|
|
886
|
-
rateLimit:
|
|
888
|
+
rateLimit: convex_values1279.VObject<{
|
|
887
889
|
maxRequests: number;
|
|
888
890
|
windowMs: number;
|
|
889
891
|
} | undefined, {
|
|
890
|
-
maxRequests:
|
|
891
|
-
windowMs:
|
|
892
|
+
maxRequests: convex_values1279.VFloat64<number, "required">;
|
|
893
|
+
windowMs: convex_values1279.VFloat64<number, "required">;
|
|
892
894
|
}, "optional", "maxRequests" | "windowMs">; /** Rate limit state tracking (token-bucket). */
|
|
893
|
-
rateLimitState:
|
|
895
|
+
rateLimitState: convex_values1279.VObject<{
|
|
894
896
|
attemptsLeft: number;
|
|
895
897
|
lastAttemptTime: number;
|
|
896
898
|
} | undefined, {
|
|
897
|
-
attemptsLeft:
|
|
898
|
-
lastAttemptTime:
|
|
899
|
+
attemptsLeft: convex_values1279.VFloat64<number, "required">;
|
|
900
|
+
lastAttemptTime: convex_values1279.VFloat64<number, "required">;
|
|
899
901
|
}, "optional", "attemptsLeft" | "lastAttemptTime">; /** Expiration timestamp. Null/undefined = never expires. */
|
|
900
|
-
expiresAt:
|
|
901
|
-
lastUsedAt:
|
|
902
|
-
createdAt:
|
|
903
|
-
revoked:
|
|
904
|
-
metadata:
|
|
905
|
-
}, "required", "name" | "userId" | "
|
|
902
|
+
expiresAt: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
903
|
+
lastUsedAt: convex_values1279.VFloat64<number | undefined, "optional">;
|
|
904
|
+
createdAt: convex_values1279.VFloat64<number, "required">; /** Soft-revoke flag. Revoked keys are kept for audit trail. */
|
|
905
|
+
revoked: convex_values1279.VBoolean<boolean, "required">; /** Arbitrary app-specific metadata attached to the key. */
|
|
906
|
+
metadata: convex_values1279.VAny<any, "optional", string>;
|
|
907
|
+
}, "required", "name" | "userId" | "createdAt" | "lastUsedAt" | "expiresAt" | "revoked" | "metadata" | `metadata.${string}` | "prefix" | "hashedKey" | "scopes" | "rateLimit" | "rateLimitState" | "rateLimit.maxRequests" | "rateLimit.windowMs" | "rateLimitState.attemptsLeft" | "rateLimitState.lastAttemptTime">, {
|
|
906
908
|
user_id: ["userId", "_creationTime"];
|
|
907
909
|
hashed_key: ["hashedKey", "_creationTime"];
|
|
908
910
|
}, {}, {}>;
|