@stackframe/js 2.8.1 → 2.8.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. package/CHANGELOG.md +20 -0
  2. package/dist/esm/lib/auth.js +6 -6
  3. package/dist/esm/lib/auth.js.map +1 -1
  4. package/dist/esm/lib/stack-app/api-keys/index.js +14 -6
  5. package/dist/esm/lib/stack-app/api-keys/index.js.map +1 -1
  6. package/dist/esm/lib/stack-app/apps/implementations/admin-app-impl.js +23 -20
  7. package/dist/esm/lib/stack-app/apps/implementations/admin-app-impl.js.map +1 -1
  8. package/dist/esm/lib/stack-app/apps/implementations/client-app-impl.js +98 -19
  9. package/dist/esm/lib/stack-app/apps/implementations/client-app-impl.js.map +1 -1
  10. package/dist/esm/lib/stack-app/apps/implementations/common.js +1 -1
  11. package/dist/esm/lib/stack-app/apps/implementations/common.js.map +1 -1
  12. package/dist/esm/lib/stack-app/apps/implementations/server-app-impl.js +108 -11
  13. package/dist/esm/lib/stack-app/apps/implementations/server-app-impl.js.map +1 -1
  14. package/dist/esm/lib/stack-app/apps/interfaces/admin-app.js.map +1 -1
  15. package/dist/esm/lib/stack-app/apps/interfaces/server-app.js.map +1 -1
  16. package/dist/esm/lib/stack-app/index.js.map +1 -1
  17. package/dist/esm/lib/stack-app/internal-api-keys/index.js +14 -0
  18. package/dist/esm/lib/stack-app/internal-api-keys/index.js.map +1 -0
  19. package/dist/esm/lib/stack-app/projects/index.js +3 -1
  20. package/dist/esm/lib/stack-app/projects/index.js.map +1 -1
  21. package/dist/esm/lib/stack-app/teams/index.js.map +1 -1
  22. package/dist/esm/lib/stack-app/users/index.js.map +1 -1
  23. package/dist/esm/utils/url.js +2 -2
  24. package/dist/esm/utils/url.js.map +1 -1
  25. package/dist/index.d.mts +91 -34
  26. package/dist/index.d.ts +91 -34
  27. package/dist/lib/auth.js +6 -6
  28. package/dist/lib/auth.js.map +1 -1
  29. package/dist/lib/stack-app/api-keys/index.js +16 -7
  30. package/dist/lib/stack-app/api-keys/index.js.map +1 -1
  31. package/dist/lib/stack-app/apps/implementations/admin-app-impl.js +22 -19
  32. package/dist/lib/stack-app/apps/implementations/admin-app-impl.js.map +1 -1
  33. package/dist/lib/stack-app/apps/implementations/client-app-impl.js +98 -19
  34. package/dist/lib/stack-app/apps/implementations/client-app-impl.js.map +1 -1
  35. package/dist/lib/stack-app/apps/implementations/common.js +1 -1
  36. package/dist/lib/stack-app/apps/implementations/common.js.map +1 -1
  37. package/dist/lib/stack-app/apps/implementations/server-app-impl.js +108 -11
  38. package/dist/lib/stack-app/apps/implementations/server-app-impl.js.map +1 -1
  39. package/dist/lib/stack-app/apps/interfaces/admin-app.js.map +1 -1
  40. package/dist/lib/stack-app/apps/interfaces/server-app.js.map +1 -1
  41. package/dist/lib/stack-app/index.js.map +1 -1
  42. package/dist/lib/stack-app/internal-api-keys/index.js +39 -0
  43. package/dist/lib/stack-app/internal-api-keys/index.js.map +1 -0
  44. package/dist/lib/stack-app/project-configs/index.js.map +1 -1
  45. package/dist/lib/stack-app/projects/index.js +3 -1
  46. package/dist/lib/stack-app/projects/index.js.map +1 -1
  47. package/dist/lib/stack-app/teams/index.js.map +1 -1
  48. package/dist/lib/stack-app/users/index.js.map +1 -1
  49. package/dist/utils/url.js +2 -2
  50. package/dist/utils/url.js.map +1 -1
  51. package/package.json +3 -2
package/CHANGELOG.md CHANGED
@@ -1,5 +1,25 @@
1
1
  # @stackframe/stack
2
2
 
3
+ ## 2.8.3
4
+
5
+ ### Patch Changes
6
+
7
+ - Various changes
8
+ - Updated dependencies
9
+ - @stackframe/stack-shared@2.8.3
10
+ - @stackframe/stack-ui@2.8.3
11
+ - @stackframe/stack-sc@2.8.3
12
+
13
+ ## 2.8.2
14
+
15
+ ### Patch Changes
16
+
17
+ - Various changes
18
+ - Updated dependencies
19
+ - @stackframe/stack-shared@2.8.2
20
+ - @stackframe/stack-ui@2.8.2
21
+ - @stackframe/stack-sc@2.8.2
22
+
3
23
  ## 2.8.1
4
24
 
5
25
  ### Patch Changes
package/dist/esm/lib/auth.js CHANGED
@@ -10,8 +10,8 @@ async function signInWithOAuth(iface, options) {
10
10
  const { codeChallenge, state } = await saveVerifierAndState();
11
11
  const location = await iface.getOAuthUrl({
12
12
  provider: options.provider,
13
- redirectUrl: constructRedirectUrl(options.redirectUrl),
14
- errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl),
13
+ redirectUrl: constructRedirectUrl(options.redirectUrl, "redirectUrl"),
14
+ errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, "errorRedirectUrl"),
15
15
  codeChallenge,
16
16
  state,
17
17
  type: "authenticate",
@@ -24,9 +24,9 @@ async function addNewOAuthProviderOrScope(iface, options, session) {
24
24
  const { codeChallenge, state } = await saveVerifierAndState();
25
25
  const location = await iface.getOAuthUrl({
26
26
  provider: options.provider,
27
- redirectUrl: constructRedirectUrl(options.redirectUrl),
28
- errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl),
29
- afterCallbackRedirectUrl: constructRedirectUrl(window.location.href),
27
+ redirectUrl: constructRedirectUrl(options.redirectUrl, "redirectUrl"),
28
+ errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, "errorRedirectUrl"),
29
+ afterCallbackRedirectUrl: constructRedirectUrl(window.location.href, "afterCallbackRedirectUrl"),
30
30
  codeChallenge,
31
31
  state,
32
32
  type: "link",
@@ -79,7 +79,7 @@ async function callOAuthCallback(iface, redirectUrl) {
79
79
  try {
80
80
  return Result.ok(await iface.callOAuthCallback({
81
81
  oauthParams: consumed.originalUrl.searchParams,
82
- redirectUri: constructRedirectUrl(redirectUrl),
82
+ redirectUri: constructRedirectUrl(redirectUrl, "redirectUri"),
83
83
  codeVerifier: consumed.codeVerifier,
84
84
  state: consumed.state
85
85
  }));
package/dist/esm/lib/auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/lib/auth.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { KnownError, StackClientInterface } from \"@stackframe/stack-shared\";\nimport { InternalSession } from \"@stackframe/stack-shared/dist/sessions\";\nimport { StackAssertionError, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { neverResolve } from \"@stackframe/stack-shared/dist/utils/promises\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { deindent } from \"@stackframe/stack-shared/dist/utils/strings\";\nimport { constructRedirectUrl } from \"../utils/url\";\nimport { consumeVerifierAndStateCookie, saveVerifierAndState } from \"./cookie\";\n\nexport async function signInWithOAuth(\n iface: StackClientInterface,\n options: {\n provider: string,\n redirectUrl: string,\n errorRedirectUrl: string,\n providerScope?: string,\n }\n) {\n const { codeChallenge, state } = await saveVerifierAndState();\n const location = await iface.getOAuthUrl({\n provider: options.provider,\n redirectUrl: constructRedirectUrl(options.redirectUrl),\n errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl),\n codeChallenge,\n state,\n type: \"authenticate\",\n providerScope: options.providerScope,\n });\n window.location.assign(location);\n await neverResolve();\n}\n\nexport async function addNewOAuthProviderOrScope(\n iface: StackClientInterface,\n options: {\n provider: string,\n redirectUrl: string,\n errorRedirectUrl: string,\n providerScope?: string,\n },\n session: InternalSession,\n) {\n const { codeChallenge, state } = await saveVerifierAndState();\n const location = await iface.getOAuthUrl({\n provider: options.provider,\n redirectUrl: constructRedirectUrl(options.redirectUrl),\n errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl),\n afterCallbackRedirectUrl: constructRedirectUrl(window.location.href),\n codeChallenge,\n state,\n type: \"link\",\n session,\n providerScope: options.providerScope,\n });\n window.location.assign(location);\n await neverResolve();\n}\n\n/**\n * Checks if the current URL has the query parameters for an OAuth callback, and if so, removes them.\n *\n * Must be synchronous for the logic in callOAuthCallback to work without race conditions.\n */\nfunction consumeOAuthCallbackQueryParams() {\n const requiredParams = [\"code\", \"state\"];\n const originalUrl = new URL(window.location.href);\n for (const param of requiredParams) {\n if (!originalUrl.searchParams.has(param)) {\n console.warn(new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));\n return null;\n }\n }\n\n const expectedState = originalUrl.searchParams.get(\"state\") ?? throwErr(\"This should never happen; isn't state required above?\");\n const cookieResult = consumeVerifierAndStateCookie(expectedState);\n\n if (!cookieResult) {\n // If the state can't be found in the cookies, then the callback wasn't meant for us.\n // Maybe the website uses another OAuth library?\n console.warn(deindent`\n Stack found an outer OAuth callback state in the query parameters, but not in cookies.\n \n This could have multiple reasons:\n - The cookie expired, because the OAuth flow took too long.\n - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.\n - The cookie was already consumed by this page, and the user already logged in.\n - You are using another OAuth client library with the same callback URL as Stack.\n - The user opened the OAuth callback page from their history.\n\n Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.\n `);\n return null;\n }\n\n\n const newUrl = new URL(originalUrl);\n for (const param of requiredParams) {\n newUrl.searchParams.delete(param);\n }\n\n // let's get rid of the authorization code in the history as we\n // don't redirect to `redirectUrl` if there's a validation error\n // (as the redirectUrl might be malicious!).\n //\n // We use history.replaceState instead of location.assign(...) to\n // prevent an unnecessary reload\n window.history.replaceState({}, \"\", newUrl.toString());\n\n return {\n originalUrl,\n codeVerifier: cookieResult.codeVerifier,\n state: expectedState,\n };\n}\n\nexport async function callOAuthCallback(\n iface: StackClientInterface,\n redirectUrl: string,\n) {\n // note: this part of the function (until the return) needs\n // to be synchronous, to prevent race conditions when\n // callOAuthCallback is called multiple times in parallel\n const consumed = consumeOAuthCallbackQueryParams();\n if (!consumed) return Result.ok(undefined);\n\n // the rest can be asynchronous (we now know that we are the\n // intended recipient of the callback, and the only instance\n // of callOAuthCallback that's running)\n try {\n return Result.ok(await iface.callOAuthCallback({\n oauthParams: consumed.originalUrl.searchParams,\n redirectUri: constructRedirectUrl(redirectUrl),\n codeVerifier: consumed.codeVerifier,\n state: consumed.state,\n }));\n } catch (e) {\n if (e instanceof KnownError) {\n throw e;\n }\n throw new StackAssertionError(\"Error signing in during OAuth callback. Please try again.\", { cause: e });\n }\n}\n"],"mappings":";AAIA,SAAS,kBAAwC;AAEjD,SAAS,qBAAqB,gBAAgB;AAC9C,SAAS,oBAAoB;AAC7B,SAAS,cAAc;AACvB,SAAS,gBAAgB;AACzB,SAAS,4BAA4B;AACrC,SAAS,+BAA+B,4BAA4B;AAEpE,eAAsB,gBACpB,OACA,SAMA;AACA,QAAM,EAAE,eAAe,MAAM,IAAI,MAAM,qBAAqB;AAC5D,QAAM,WAAW,MAAM,MAAM,YAAY;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,aAAa,qBAAqB,QAAQ,WAAW;AAAA,IACrD,kBAAkB,qBAAqB,QAAQ,gBAAgB;AAAA,IAC/D;AAAA,IACA;AAAA,IACA,MAAM;AAAA,IACN,eAAe,QAAQ;AAAA,EACzB,CAAC;AACD,SAAO,SAAS,OAAO,QAAQ;AAC/B,QAAM,aAAa;AACrB;AAEA,eAAsB,2BACpB,OACA,SAMA,SACA;AACA,QAAM,EAAE,eAAe,MAAM,IAAI,MAAM,qBAAqB;AAC5D,QAAM,WAAW,MAAM,MAAM,YAAY;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,aAAa,qBAAqB,QAAQ,WAAW;AAAA,IACrD,kBAAkB,qBAAqB,QAAQ,gBAAgB;AAAA,IAC/D,0BAA0B,qBAAqB,OAAO,SAAS,IAAI;AAAA,IACnE;AAAA,IACA;AAAA,IACA,MAAM;AAAA,IACN;AAAA,IACA,eAAe,QAAQ;AAAA,EACzB,CAAC;AACD,SAAO,SAAS,OAAO,QAAQ;AAC/B,QAAM,aAAa;AACrB;AAOA,SAAS,kCAAkC;AACzC,QAAM,iBAAiB,CAAC,QAAQ,OAAO;AACvC,QAAM,cAAc,IAAI,IAAI,OAAO,SAAS,IAAI;AAChD,aAAW,SAAS,gBAAgB;AAClC,QAAI,CAAC,YAAY,aAAa,IAAI,KAAK,GAAG;AACxC,cAAQ,KAAK,IAAI,MAAM,uDAAuD,KAAK,2EAA2E,CAAC;AAC/J,aAAO;AAAA,IACT;AAAA,EACF;AAEA,QAAM,gBAAgB,YAAY,aAAa,IAAI,OAAO,KAAK,SAAS,uDAAuD;AAC/H,QAAM,eAAe,8BAA8B,aAAa;AAEhE,MAAI,CAAC,cAAc;AAGjB,YAAQ,KAAK;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KAWZ;AACD,WAAO;AAAA,EACT;AAGA,QAAM,SAAS,IAAI,IAAI,WAAW;AAClC,aAAW,SAAS,gBAAgB;AAClC,WAAO,aAAa,OAAO,KAAK;AAAA,EAClC;AAQA,SAAO,QAAQ,aAAa,CAAC,GAAG,IAAI,OAAO,SAAS,CAAC;AAErD,SAAO;AAAA,IACL;AAAA,IACA,cAAc,aAAa;AAAA,IAC3B,OAAO;AAAA,EACT;AACF;AAEA,eAAsB,kBACpB,OACA,aACA;AAIA,QAAM,WAAW,gCAAgC;AACjD,MAAI,CAAC,SAAU,QAAO,OAAO,GAAG,MAAS;AAKzC,MAAI;AACF,WAAO,OAAO,GAAG,MAAM,MAAM,kBAAkB;AAAA,MAC7C,aAAa,SAAS,YAAY;AAAA,MAClC,aAAa,qBAAqB,WAAW;AAAA,MAC7C,cAAc,SAAS;AAAA,MACvB,OAAO,SAAS;AAAA,IAClB,CAAC,CAAC;AAAA,EACJ,SAAS,GAAG;AACV,QAAI,aAAa,YAAY;AAC3B,YAAM;AAAA,IACR;AACA,UAAM,IAAI,oBAAoB,6DAA6D,EAAE,OAAO,EAAE,CAAC;AAAA,EACzG;AACF;","names":[]}
1
+ {"version":3,"sources":["../../../src/lib/auth.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { KnownError, StackClientInterface } from \"@stackframe/stack-shared\";\nimport { InternalSession } from \"@stackframe/stack-shared/dist/sessions\";\nimport { StackAssertionError, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { neverResolve } from \"@stackframe/stack-shared/dist/utils/promises\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { deindent } from \"@stackframe/stack-shared/dist/utils/strings\";\nimport { constructRedirectUrl } from \"../utils/url\";\nimport { consumeVerifierAndStateCookie, saveVerifierAndState } from \"./cookie\";\n\nexport async function signInWithOAuth(\n iface: StackClientInterface,\n options: {\n provider: string,\n redirectUrl: string,\n errorRedirectUrl: string,\n providerScope?: string,\n }\n) {\n const { codeChallenge, state } = await saveVerifierAndState();\n const location = await iface.getOAuthUrl({\n provider: options.provider,\n redirectUrl: constructRedirectUrl(options.redirectUrl, \"redirectUrl\"),\n errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, \"errorRedirectUrl\"),\n codeChallenge,\n state,\n type: \"authenticate\",\n providerScope: options.providerScope,\n });\n window.location.assign(location);\n await neverResolve();\n}\n\nexport async function addNewOAuthProviderOrScope(\n iface: StackClientInterface,\n options: {\n provider: string,\n redirectUrl: string,\n errorRedirectUrl: string,\n providerScope?: string,\n },\n session: InternalSession,\n) {\n const { codeChallenge, state } = await saveVerifierAndState();\n const location = await iface.getOAuthUrl({\n provider: options.provider,\n redirectUrl: constructRedirectUrl(options.redirectUrl, \"redirectUrl\"),\n errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, \"errorRedirectUrl\"),\n afterCallbackRedirectUrl: constructRedirectUrl(window.location.href, \"afterCallbackRedirectUrl\"),\n codeChallenge,\n state,\n type: \"link\",\n session,\n providerScope: options.providerScope,\n });\n window.location.assign(location);\n await neverResolve();\n}\n\n/**\n * Checks if the current URL has the query parameters for an OAuth callback, and if so, removes them.\n *\n * Must be synchronous for the logic in callOAuthCallback to work without race conditions.\n */\nfunction consumeOAuthCallbackQueryParams() {\n const requiredParams = [\"code\", \"state\"];\n const originalUrl = new URL(window.location.href);\n for (const param of requiredParams) {\n if (!originalUrl.searchParams.has(param)) {\n console.warn(new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));\n return null;\n }\n }\n\n const expectedState = originalUrl.searchParams.get(\"state\") ?? throwErr(\"This should never happen; isn't state required above?\");\n const cookieResult = consumeVerifierAndStateCookie(expectedState);\n\n if (!cookieResult) {\n // If the state can't be found in the cookies, then the callback wasn't meant for us.\n // Maybe the website uses another OAuth library?\n console.warn(deindent`\n Stack found an outer OAuth callback state in the query parameters, but not in cookies.\n \n This could have multiple reasons:\n - The cookie expired, because the OAuth flow took too long.\n - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.\n - The cookie was already consumed by this page, and the user already logged in.\n - You are using another OAuth client library with the same callback URL as Stack.\n - The user opened the OAuth callback page from their history.\n\n Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.\n `);\n return null;\n }\n\n\n const newUrl = new URL(originalUrl);\n for (const param of requiredParams) {\n newUrl.searchParams.delete(param);\n }\n\n // let's get rid of the authorization code in the history as we\n // don't redirect to `redirectUrl` if there's a validation error\n // (as the redirectUrl might be malicious!).\n //\n // We use history.replaceState instead of location.assign(...) to\n // prevent an unnecessary reload\n window.history.replaceState({}, \"\", newUrl.toString());\n\n return {\n originalUrl,\n codeVerifier: cookieResult.codeVerifier,\n state: expectedState,\n };\n}\n\nexport async function callOAuthCallback(\n iface: StackClientInterface,\n redirectUrl: string,\n) {\n // note: this part of the function (until the return) needs\n // to be synchronous, to prevent race conditions when\n // callOAuthCallback is called multiple times in parallel\n const consumed = consumeOAuthCallbackQueryParams();\n if (!consumed) return Result.ok(undefined);\n\n // the rest can be asynchronous (we now know that we are the\n // intended recipient of the callback, and the only instance\n // of callOAuthCallback that's running)\n try {\n return Result.ok(await iface.callOAuthCallback({\n oauthParams: consumed.originalUrl.searchParams,\n redirectUri: constructRedirectUrl(redirectUrl, \"redirectUri\"),\n codeVerifier: consumed.codeVerifier,\n state: consumed.state,\n }));\n } catch (e) {\n if (e instanceof KnownError) {\n throw e;\n }\n throw new StackAssertionError(\"Error signing in during OAuth callback. Please try again.\", { cause: e });\n }\n}\n"],"mappings":";AAIA,SAAS,kBAAwC;AAEjD,SAAS,qBAAqB,gBAAgB;AAC9C,SAAS,oBAAoB;AAC7B,SAAS,cAAc;AACvB,SAAS,gBAAgB;AACzB,SAAS,4BAA4B;AACrC,SAAS,+BAA+B,4BAA4B;AAEpE,eAAsB,gBACpB,OACA,SAMA;AACA,QAAM,EAAE,eAAe,MAAM,IAAI,MAAM,qBAAqB;AAC5D,QAAM,WAAW,MAAM,MAAM,YAAY;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,aAAa,qBAAqB,QAAQ,aAAa,aAAa;AAAA,IACpE,kBAAkB,qBAAqB,QAAQ,kBAAkB,kBAAkB;AAAA,IACnF;AAAA,IACA;AAAA,IACA,MAAM;AAAA,IACN,eAAe,QAAQ;AAAA,EACzB,CAAC;AACD,SAAO,SAAS,OAAO,QAAQ;AAC/B,QAAM,aAAa;AACrB;AAEA,eAAsB,2BACpB,OACA,SAMA,SACA;AACA,QAAM,EAAE,eAAe,MAAM,IAAI,MAAM,qBAAqB;AAC5D,QAAM,WAAW,MAAM,MAAM,YAAY;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,aAAa,qBAAqB,QAAQ,aAAa,aAAa;AAAA,IACpE,kBAAkB,qBAAqB,QAAQ,kBAAkB,kBAAkB;AAAA,IACnF,0BAA0B,qBAAqB,OAAO,SAAS,MAAM,0BAA0B;AAAA,IAC/F;AAAA,IACA;AAAA,IACA,MAAM;AAAA,IACN;AAAA,IACA,eAAe,QAAQ;AAAA,EACzB,CAAC;AACD,SAAO,SAAS,OAAO,QAAQ;AAC/B,QAAM,aAAa;AACrB;AAOA,SAAS,kCAAkC;AACzC,QAAM,iBAAiB,CAAC,QAAQ,OAAO;AACvC,QAAM,cAAc,IAAI,IAAI,OAAO,SAAS,IAAI;AAChD,aAAW,SAAS,gBAAgB;AAClC,QAAI,CAAC,YAAY,aAAa,IAAI,KAAK,GAAG;AACxC,cAAQ,KAAK,IAAI,MAAM,uDAAuD,KAAK,2EAA2E,CAAC;AAC/J,aAAO;AAAA,IACT;AAAA,EACF;AAEA,QAAM,gBAAgB,YAAY,aAAa,IAAI,OAAO,KAAK,SAAS,uDAAuD;AAC/H,QAAM,eAAe,8BAA8B,aAAa;AAEhE,MAAI,CAAC,cAAc;AAGjB,YAAQ,KAAK;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KAWZ;AACD,WAAO;AAAA,EACT;AAGA,QAAM,SAAS,IAAI,IAAI,WAAW;AAClC,aAAW,SAAS,gBAAgB;AAClC,WAAO,aAAa,OAAO,KAAK;AAAA,EAClC;AAQA,SAAO,QAAQ,aAAa,CAAC,GAAG,IAAI,OAAO,SAAS,CAAC;AAErD,SAAO;AAAA,IACL;AAAA,IACA,cAAc,aAAa;AAAA,IAC3B,OAAO;AAAA,EACT;AACF;AAEA,eAAsB,kBACpB,OACA,aACA;AAIA,QAAM,WAAW,gCAAgC;AACjD,MAAI,CAAC,SAAU,QAAO,OAAO,GAAG,MAAS;AAKzC,MAAI;AACF,WAAO,OAAO,GAAG,MAAM,MAAM,kBAAkB;AAAA,MAC7C,aAAa,SAAS,YAAY;AAAA,MAClC,aAAa,qBAAqB,aAAa,aAAa;AAAA,MAC5D,cAAc,SAAS;AAAA,MACvB,OAAO,SAAS;AAAA,IAClB,CAAC,CAAC;AAAA,EACJ,SAAS,GAAG;AACV,QAAI,aAAa,YAAY;AAC3B,YAAM;AAAA,IACR;AACA,UAAM,IAAI,oBAAoB,6DAA6D,EAAE,OAAO,EAAE,CAAC;AAAA,EACzG;AACF;","names":[]}
package/dist/esm/lib/stack-app/api-keys/index.js CHANGED
@@ -1,14 +1,22 @@
1
1
  // src/lib/stack-app/api-keys/index.ts
2
- function apiKeyCreateOptionsToCrud(options) {
2
+ import { filterUndefined } from "@stackframe/stack-shared/dist/utils/objects";
3
+ async function apiKeyCreationOptionsToCrud(type, userIdOrTeamId, options) {
3
4
  return {
4
5
  description: options.description,
5
- expires_at_millis: options.expiresAt.getTime(),
6
- has_publishable_client_key: options.hasPublishableClientKey,
7
- has_secret_server_key: options.hasSecretServerKey,
8
- has_super_secret_admin_key: options.hasSuperSecretAdminKey
6
+ expires_at_millis: options.expiresAt == null ? options.expiresAt : options.expiresAt.getTime(),
7
+ is_public: options.isPublic,
8
+ ...type === "user" ? { user_id: userIdOrTeamId } : { team_id: userIdOrTeamId }
9
9
  };
10
10
  }
11
+ async function apiKeyUpdateOptionsToCrud(type, options) {
12
+ return filterUndefined({
13
+ description: options.description,
14
+ expires_at_millis: options.expiresAt == null ? options.expiresAt : options.expiresAt.getTime(),
15
+ revoked: options.revoked
16
+ });
17
+ }
11
18
  export {
12
- apiKeyCreateOptionsToCrud
19
+ apiKeyCreationOptionsToCrud,
20
+ apiKeyUpdateOptionsToCrud
13
21
  };
14
22
  //# sourceMappingURL=index.js.map
package/dist/esm/lib/stack-app/api-keys/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../../src/lib/stack-app/api-keys/index.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { ApiKeyCreateCrudRequest } from \"@stackframe/stack-shared/dist/interface/adminInterface\";\nimport { ApiKeysCrud } from \"@stackframe/stack-shared/dist/interface/crud/api-keys\";\n\n\nexport type ApiKeyBase = {\n id: string,\n description: string,\n expiresAt: Date,\n manuallyRevokedAt: Date | null,\n createdAt: Date,\n isValid(): boolean,\n whyInvalid(): \"expired\" | \"manually-revoked\" | null,\n revoke(): Promise<void>,\n};\n\nexport type ApiKeyBaseCrudRead = Pick<ApiKeysCrud[\"Admin\"][\"Read\"], \"id\" | \"created_at_millis\" | \"description\" | \"expires_at_millis\" | \"manually_revoked_at_millis\">;\n\nexport type ApiKeyFirstView = {\n publishableClientKey?: string,\n secretServerKey?: string,\n superSecretAdminKey?: string,\n} & ApiKeyBase;\n\nexport type ApiKey = {\n publishableClientKey: null | {\n lastFour: string,\n },\n secretServerKey: null | {\n lastFour: string,\n },\n superSecretAdminKey: null | {\n lastFour: string,\n },\n} & ApiKeyBase;\n\nexport type ApiKeyCreateOptions = {\n description: string,\n expiresAt: Date,\n hasPublishableClientKey: boolean,\n hasSecretServerKey: boolean,\n hasSuperSecretAdminKey: boolean,\n};\nexport function apiKeyCreateOptionsToCrud(options: ApiKeyCreateOptions): ApiKeyCreateCrudRequest {\n return {\n description: options.description,\n expires_at_millis: options.expiresAt.getTime(),\n has_publishable_client_key: options.hasPublishableClientKey,\n has_secret_server_key: options.hasSecretServerKey,\n has_super_secret_admin_key: options.hasSuperSecretAdminKey,\n };\n}\n"],"mappings":";AA8CO,SAAS,0BAA0B,SAAuD;AAC/F,SAAO;AAAA,IACL,aAAa,QAAQ;AAAA,IACrB,mBAAmB,QAAQ,UAAU,QAAQ;AAAA,IAC7C,4BAA4B,QAAQ;AAAA,IACpC,uBAAuB,QAAQ;AAAA,IAC/B,4BAA4B,QAAQ;AAAA,EACtC;AACF;","names":[]}
1
+ {"version":3,"sources":["../../../../../src/lib/stack-app/api-keys/index.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { TeamApiKeysCrud, UserApiKeysCrud, teamApiKeysCreateInputSchema, userApiKeysCreateInputSchema } from \"@stackframe/stack-shared/dist/interface/crud/project-api-keys\";\nimport { filterUndefined } from \"@stackframe/stack-shared/dist/utils/objects\";\nimport { IfAndOnlyIf, PrettifyType } from \"@stackframe/stack-shared/dist/utils/types\";\nimport type * as yup from \"yup\";\n\nexport type ApiKeyType = \"user\" | \"team\";\n\nexport type ApiKey<Type extends ApiKeyType = ApiKeyType, IsFirstView extends boolean = false> =\n & {\n id: string,\n description: string,\n expiresAt?: Date,\n manuallyRevokedAt?: Date | null,\n createdAt: Date,\n value: IfAndOnlyIf<IsFirstView, true, string, { lastFour: string }>,\n update(options: ApiKeyUpdateOptions<Type>): Promise<void>,\n revoke: () => Promise<void>,\n isValid: () => boolean,\n whyInvalid: () => \"manually-revoked\" | \"expired\" | null,\n }\n & (\n | (\"user\" extends Type ? { type: \"user\", userId: string } : never)\n | (\"team\" extends Type ? { type: \"team\", teamId: string } : never)\n );\n\nexport type UserApiKeyFirstView = PrettifyType<ApiKey<\"user\", true>>;\nexport type UserApiKey = PrettifyType<ApiKey<\"user\", false>>;\n\nexport type TeamApiKeyFirstView = PrettifyType<ApiKey<\"team\", true>>;\nexport type TeamApiKey = PrettifyType<ApiKey<\"team\", false>>;\n\nexport type ApiKeyCreationOptions<Type extends ApiKeyType = ApiKeyType> =\n & {\n description: string,\n expiresAt: Date | null,\n /**\n * Whether the API key should be considered public. A public API key will not be detected by the secret scanner, which\n * automatically revokes API keys when it detects that they may have been exposed to the public.\n */\n isPublic?: boolean,\n };\nexport function apiKeyCreationOptionsToCrud(type: \"user\", userId: string, options: ApiKeyCreationOptions<\"user\">): Promise<yup.InferType<typeof userApiKeysCreateInputSchema>>;\nexport function apiKeyCreationOptionsToCrud(type: \"team\", teamId: string, options: ApiKeyCreationOptions<\"team\">): Promise<yup.InferType<typeof teamApiKeysCreateInputSchema>>;\nexport function apiKeyCreationOptionsToCrud(type: ApiKeyType, userIdOrTeamId: string, options: ApiKeyCreationOptions): Promise<yup.InferType<typeof userApiKeysCreateInputSchema> | yup.InferType<typeof teamApiKeysCreateInputSchema>>;\nexport async function apiKeyCreationOptionsToCrud(type: ApiKeyType, userIdOrTeamId: string, options: ApiKeyCreationOptions): Promise<yup.InferType<typeof userApiKeysCreateInputSchema> | yup.InferType<typeof teamApiKeysCreateInputSchema>> {\n return {\n description: options.description,\n expires_at_millis: options.expiresAt == null ? options.expiresAt : options.expiresAt.getTime(),\n is_public: options.isPublic,\n ...(type === \"user\" ? { user_id: userIdOrTeamId } : { team_id: userIdOrTeamId }),\n };\n}\n\n\nexport type ApiKeyUpdateOptions<Type extends ApiKeyType = ApiKeyType> = {\n description?: string,\n expiresAt?: Date | null,\n revoked?: boolean,\n};\nexport function apiKeyUpdateOptionsToCrud(type: \"user\", options: ApiKeyUpdateOptions<\"user\">): Promise<UserApiKeysCrud[\"Client\"][\"Update\"]>;\nexport function apiKeyUpdateOptionsToCrud(type: \"team\", options: ApiKeyUpdateOptions<\"team\">): Promise<TeamApiKeysCrud[\"Client\"][\"Update\"]>;\nexport function apiKeyUpdateOptionsToCrud(type: ApiKeyType, options: ApiKeyUpdateOptions): Promise<UserApiKeysCrud[\"Client\"][\"Update\"] | TeamApiKeysCrud[\"Client\"][\"Update\"]>;\nexport async function apiKeyUpdateOptionsToCrud(type: ApiKeyType, options: ApiKeyUpdateOptions): Promise<UserApiKeysCrud[\"Client\"][\"Update\"] | TeamApiKeysCrud[\"Client\"][\"Update\"]> {\n return filterUndefined({\n description: options.description,\n expires_at_millis: options.expiresAt == null ? options.expiresAt : options.expiresAt.getTime(),\n revoked: options.revoked,\n });\n}\n"],"mappings":";AAKA,SAAS,uBAAuB;AA2ChC,eAAsB,4BAA4B,MAAkB,gBAAwB,SAAkJ;AAC5O,SAAO;AAAA,IACL,aAAa,QAAQ;AAAA,IACrB,mBAAmB,QAAQ,aAAa,OAAO,QAAQ,YAAY,QAAQ,UAAU,QAAQ;AAAA,IAC7F,WAAW,QAAQ;AAAA,IACnB,GAAI,SAAS,SAAS,EAAE,SAAS,eAAe,IAAI,EAAE,SAAS,eAAe;AAAA,EAChF;AACF;AAWA,eAAsB,0BAA0B,MAAkB,SAAkH;AAClL,SAAO,gBAAgB;AAAA,IACrB,aAAa,QAAQ;AAAA,IACrB,mBAAmB,QAAQ,aAAa,OAAO,QAAQ,YAAY,QAAQ,UAAU,QAAQ;AAAA,IAC7F,SAAS,QAAQ;AAAA,EACnB,CAAC;AACH;","names":[]}
package/dist/esm/lib/stack-app/apps/implementations/admin-app-impl.js CHANGED
@@ -4,10 +4,10 @@ import { getProductionModeErrors } from "@stackframe/stack-shared/dist/helpers/p
4
4
  import { StackAssertionError, throwErr } from "@stackframe/stack-shared/dist/utils/errors";
5
5
  import { pick } from "@stackframe/stack-shared/dist/utils/objects";
6
6
  import { Result } from "@stackframe/stack-shared/dist/utils/results";
7
- import { apiKeyCreateOptionsToCrud } from "../../api-keys";
8
7
  import { stackAppInternalsSymbol } from "../../common";
9
8
  import { adminEmailTemplateUpdateOptionsToCrud } from "../../email-templates";
10
- import { adminTeamPermissionDefinitionCreateOptionsToCrud, adminTeamPermissionDefinitionUpdateOptionsToCrud, adminProjectPermissionDefinitionCreateOptionsToCrud, adminProjectPermissionDefinitionUpdateOptionsToCrud } from "../../permissions";
9
+ import { internalApiKeyCreateOptionsToCrud } from "../../internal-api-keys";
10
+ import { adminProjectPermissionDefinitionCreateOptionsToCrud, adminProjectPermissionDefinitionUpdateOptionsToCrud, adminTeamPermissionDefinitionCreateOptionsToCrud, adminTeamPermissionDefinitionUpdateOptionsToCrud } from "../../permissions";
11
11
  import { adminProjectUpdateOptionsToCrud } from "../../projects";
12
12
  import { clientVersion, createCache, getBaseUrl, getDefaultProjectId, getDefaultPublishableClientKey, getDefaultSecretServerKey, getDefaultSuperSecretAdminKey } from "./common";
13
13
  import { _StackServerAppImplIncomplete } from "./server-app-impl";
@@ -38,8 +38,9 @@ var _StackAdminAppImplIncomplete = class extends _StackServerAppImplIncomplete {
38
38
  this._adminProjectCache = createCache(async () => {
39
39
  return await this._interface.getProject();
40
40
  });
41
- this._apiKeysCache = createCache(async () => {
42
- return await this._interface.listApiKeys();
41
+ this._internalApiKeysCache = createCache(async () => {
42
+ const res = await this._interface.listInternalApiKeys();
43
+ return res;
43
44
  });
44
45
  this._adminEmailTemplatesCache = createCache(async () => {
45
46
  return await this._interface.listEmailTemplates();
@@ -89,6 +90,8 @@ var _StackAdminAppImplIncomplete = class extends _StackServerAppImplIncomplete {
89
90
  clientUserDeletionEnabled: data.config.client_user_deletion_enabled,
90
91
  allowLocalhost: data.config.allow_localhost,
91
92
  oauthAccountMergeStrategy: data.config.oauth_account_merge_strategy,
93
+ allowUserApiKeys: data.config.allow_user_api_keys,
94
+ allowTeamApiKeys: data.config.allow_team_api_keys,
92
95
  oauthProviders: data.config.oauth_providers.map((p) => p.type === "shared" ? {
93
96
  id: p.id,
94
97
  enabled: p.enabled,
@@ -151,7 +154,7 @@ var _StackAdminAppImplIncomplete = class extends _StackServerAppImplIncomplete {
151
154
  () => this._refreshProject()
152
155
  );
153
156
  }
154
- _createApiKeyBaseFromCrud(data) {
157
+ _createInternalApiKeyBaseFromCrud(data) {
155
158
  const app = this;
156
159
  return {
157
160
  id: data.id,
@@ -168,36 +171,36 @@ var _StackAdminAppImplIncomplete = class extends _StackServerAppImplIncomplete {
168
171
  return null;
169
172
  },
170
173
  async revoke() {
171
- const res = await app._interface.revokeApiKeyById(data.id);
172
- await app._refreshApiKeys();
174
+ const res = await app._interface.revokeInternalApiKeyById(data.id);
175
+ await app._refreshInternalApiKeys();
173
176
  return res;
174
177
  }
175
178
  };
176
179
  }
177
- _createApiKeyFromCrud(data) {
180
+ _createInternalApiKeyFromCrud(data) {
178
181
  return {
179
- ...this._createApiKeyBaseFromCrud(data),
182
+ ...this._createInternalApiKeyBaseFromCrud(data),
180
183
  publishableClientKey: data.publishable_client_key ? { lastFour: data.publishable_client_key.last_four } : null,
181
184
  secretServerKey: data.secret_server_key ? { lastFour: data.secret_server_key.last_four } : null,
182
185
  superSecretAdminKey: data.super_secret_admin_key ? { lastFour: data.super_secret_admin_key.last_four } : null
183
186
  };
184
187
  }
185
- _createApiKeyFirstViewFromCrud(data) {
188
+ _createInternalApiKeyFirstViewFromCrud(data) {
186
189
  return {
187
- ...this._createApiKeyBaseFromCrud(data),
190
+ ...this._createInternalApiKeyBaseFromCrud(data),
188
191
  publishableClientKey: data.publishable_client_key,
189
192
  secretServerKey: data.secret_server_key,
190
193
  superSecretAdminKey: data.super_secret_admin_key
191
194
  };
192
195
  }
193
- async listApiKeys() {
194
- const crud = Result.orThrow(await this._apiKeysCache.getOrWait([], "write-only"));
195
- return crud.map((j) => this._createApiKeyFromCrud(j));
196
+ async listInternalApiKeys() {
197
+ const crud = Result.orThrow(await this._internalApiKeysCache.getOrWait([], "write-only"));
198
+ return crud.map((j) => this._createInternalApiKeyFromCrud(j));
196
199
  }
197
- async createApiKey(options) {
198
- const crud = await this._interface.createApiKey(apiKeyCreateOptionsToCrud(options));
199
- await this._refreshApiKeys();
200
- return this._createApiKeyFirstViewFromCrud(crud);
200
+ async createInternalApiKey(options) {
201
+ const crud = await this._interface.createInternalApiKey(internalApiKeyCreateOptionsToCrud(options));
202
+ await this._refreshInternalApiKeys();
203
+ return this._createInternalApiKeyFirstViewFromCrud(crud);
201
204
  }
202
205
  async listEmailTemplates() {
203
206
  const crud = Result.orThrow(await this._adminEmailTemplatesCache.getOrWait([], "write-only"));
@@ -251,8 +254,8 @@ var _StackAdminAppImplIncomplete = class extends _StackServerAppImplIncomplete {
251
254
  this._adminProjectCache.refresh([])
252
255
  ]);
253
256
  }
254
- async _refreshApiKeys() {
255
- await this._apiKeysCache.refresh([]);
257
+ async _refreshInternalApiKeys() {
258
+ await this._internalApiKeysCache.refresh([]);
256
259
  }
257
260
  get [stackAppInternalsSymbol]() {
258
261
  return {
package/dist/esm/lib/stack-app/apps/implementations/admin-app-impl.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../../../src/lib/stack-app/apps/implementations/admin-app-impl.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { StackAdminInterface } from \"@stackframe/stack-shared\";\nimport { getProductionModeErrors } from \"@stackframe/stack-shared/dist/helpers/production-mode\";\nimport { ApiKeyCreateCrudResponse } from \"@stackframe/stack-shared/dist/interface/adminInterface\";\nimport { ApiKeysCrud } from \"@stackframe/stack-shared/dist/interface/crud/api-keys\";\nimport { EmailTemplateCrud, EmailTemplateType } from \"@stackframe/stack-shared/dist/interface/crud/email-templates\";\nimport { InternalProjectsCrud } from \"@stackframe/stack-shared/dist/interface/crud/projects\";\nimport { StackAssertionError, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { pick } from \"@stackframe/stack-shared/dist/utils/objects\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { AdminSentEmail } from \"../..\";\nimport { ApiKey, ApiKeyBase, ApiKeyBaseCrudRead, ApiKeyCreateOptions, ApiKeyFirstView, apiKeyCreateOptionsToCrud } from \"../../api-keys\";\nimport { EmailConfig, stackAppInternalsSymbol } from \"../../common\";\nimport { AdminEmailTemplate, AdminEmailTemplateUpdateOptions, adminEmailTemplateUpdateOptionsToCrud } from \"../../email-templates\";\nimport { AdminTeamPermission, AdminTeamPermissionDefinition, AdminTeamPermissionDefinitionCreateOptions, AdminTeamPermissionDefinitionUpdateOptions, AdminProjectPermission, AdminProjectPermissionDefinition, AdminProjectPermissionDefinitionCreateOptions, AdminProjectPermissionDefinitionUpdateOptions, adminTeamPermissionDefinitionCreateOptionsToCrud, adminTeamPermissionDefinitionUpdateOptionsToCrud, adminProjectPermissionDefinitionCreateOptionsToCrud, adminProjectPermissionDefinitionUpdateOptionsToCrud } from \"../../permissions\";\nimport { AdminOwnedProject, AdminProject, AdminProjectUpdateOptions, adminProjectUpdateOptionsToCrud } from \"../../projects\";\nimport { StackAdminApp, StackAdminAppConstructorOptions } from \"../interfaces/admin-app\";\nimport { clientVersion, createCache, getBaseUrl, getDefaultProjectId, getDefaultPublishableClientKey, getDefaultSecretServerKey, getDefaultSuperSecretAdminKey } from \"./common\";\nimport { _StackServerAppImplIncomplete } from \"./server-app-impl\";\n\n\nexport class _StackAdminAppImplIncomplete<HasTokenStore extends boolean, ProjectId extends string> extends _StackServerAppImplIncomplete<HasTokenStore, ProjectId> implements StackAdminApp<HasTokenStore, ProjectId>\n{\n declare protected _interface: StackAdminInterface;\n\n private readonly _adminProjectCache = createCache(async () => {\n return await this._interface.getProject();\n });\n private readonly _apiKeysCache = createCache(async () => {\n return await this._interface.listApiKeys();\n });\n private readonly _adminEmailTemplatesCache = createCache(async () => {\n return await this._interface.listEmailTemplates();\n });\n private readonly _adminTeamPermissionDefinitionsCache = createCache(async () => {\n return await this._interface.listTeamPermissionDefinitions();\n });\n private readonly _adminProjectPermissionDefinitionsCache = createCache(async () => {\n return await this._interface.listProjectPermissionDefinitions();\n });\n private readonly _svixTokenCache = createCache(async () => {\n return await this._interface.getSvixToken();\n });\n private readonly _metricsCache = createCache(async () => {\n return await this._interface.getMetrics();\n });\n\n constructor(options: StackAdminAppConstructorOptions<HasTokenStore, ProjectId>) {\n super({\n interface: new StackAdminInterface({\n getBaseUrl: () => getBaseUrl(options.baseUrl),\n projectId: options.projectId ?? getDefaultProjectId(),\n extraRequestHeaders: options.extraRequestHeaders ?? {},\n clientVersion,\n ...\"projectOwnerSession\" in options ? {\n projectOwnerSession: options.projectOwnerSession,\n } : {\n publishableClientKey: options.publishableClientKey ?? getDefaultPublishableClientKey(),\n secretServerKey: options.secretServerKey ?? getDefaultSecretServerKey(),\n superSecretAdminKey: options.superSecretAdminKey ?? getDefaultSuperSecretAdminKey(),\n },\n }),\n baseUrl: options.baseUrl,\n extraRequestHeaders: options.extraRequestHeaders,\n projectId: options.projectId,\n tokenStore: options.tokenStore,\n urls: options.urls,\n oauthScopesOnSignIn: options.oauthScopesOnSignIn,\n redirectMethod: options.redirectMethod,\n });\n }\n\n _adminOwnedProjectFromCrud(data: InternalProjectsCrud['Admin']['Read'], onRefresh: () => Promise<void>): AdminOwnedProject {\n if (this._tokenStoreInit !== null) {\n throw new StackAssertionError(\"Owned apps must always have tokenStore === null — did you not create this project with app._createOwnedApp()?\");;\n }\n return {\n ...this._adminProjectFromCrud(data, onRefresh),\n app: this as StackAdminApp<false>,\n };\n }\n\n _adminProjectFromCrud(data: InternalProjectsCrud['Admin']['Read'], onRefresh: () => Promise<void>): AdminProject {\n if (data.id !== this.projectId) {\n throw new StackAssertionError(`The project ID of the provided project JSON (${data.id}) does not match the project ID of the app (${this.projectId})!`);\n }\n\n const app = this;\n return {\n id: data.id,\n displayName: data.display_name,\n description: data.description,\n createdAt: new Date(data.created_at_millis),\n userCount: data.user_count,\n isProductionMode: data.is_production_mode,\n config: {\n id: data.config.id,\n signUpEnabled: data.config.sign_up_enabled,\n credentialEnabled: data.config.credential_enabled,\n magicLinkEnabled: data.config.magic_link_enabled,\n passkeyEnabled: data.config.passkey_enabled,\n clientTeamCreationEnabled: data.config.client_team_creation_enabled,\n clientUserDeletionEnabled: data.config.client_user_deletion_enabled,\n allowLocalhost: data.config.allow_localhost,\n oauthAccountMergeStrategy: data.config.oauth_account_merge_strategy,\n oauthProviders: data.config.oauth_providers.map((p) => ((p.type === 'shared' ? {\n id: p.id,\n enabled: p.enabled,\n type: 'shared',\n } as const : {\n id: p.id,\n enabled: p.enabled,\n type: 'standard',\n clientId: p.client_id ?? throwErr(\"Client ID is missing\"),\n clientSecret: p.client_secret ?? throwErr(\"Client secret is missing\"),\n facebookConfigId: p.facebook_config_id,\n microsoftTenantId: p.microsoft_tenant_id,\n } as const))),\n emailConfig: data.config.email_config.type === 'shared' ? {\n type: 'shared'\n } : {\n type: 'standard',\n host: data.config.email_config.host ?? throwErr(\"Email host is missing\"),\n port: data.config.email_config.port ?? throwErr(\"Email port is missing\"),\n username: data.config.email_config.username ?? throwErr(\"Email username is missing\"),\n password: data.config.email_config.password ?? throwErr(\"Email password is missing\"),\n senderName: data.config.email_config.sender_name ?? throwErr(\"Email sender name is missing\"),\n senderEmail: data.config.email_config.sender_email ?? throwErr(\"Email sender email is missing\"),\n },\n domains: data.config.domains.map((d) => ({\n domain: d.domain,\n handlerPath: d.handler_path,\n })),\n createTeamOnSignUp: data.config.create_team_on_sign_up,\n teamCreatorDefaultPermissions: data.config.team_creator_default_permissions,\n teamMemberDefaultPermissions: data.config.team_member_default_permissions,\n userDefaultPermissions: data.config.user_default_permissions,\n },\n\n async update(update: AdminProjectUpdateOptions) {\n await app._interface.updateProject(adminProjectUpdateOptionsToCrud(update));\n await onRefresh();\n },\n async delete() {\n await app._interface.deleteProject();\n },\n async getProductionModeErrors() {\n return getProductionModeErrors(data);\n },\n useProductionModeErrors() {\n return getProductionModeErrors(data);\n },\n };\n }\n\n _adminEmailTemplateFromCrud(data: EmailTemplateCrud['Admin']['Read']): AdminEmailTemplate {\n return {\n type: data.type,\n subject: data.subject,\n content: data.content,\n isDefault: data.is_default,\n };\n }\n\n override async getProject(): Promise<AdminProject> {\n return this._adminProjectFromCrud(\n Result.orThrow(await this._adminProjectCache.getOrWait([], \"write-only\")),\n () => this._refreshProject()\n );\n }\n\n\n protected _createApiKeyBaseFromCrud(data: ApiKeyBaseCrudRead): ApiKeyBase {\n const app = this;\n return {\n id: data.id,\n description: data.description,\n expiresAt: new Date(data.expires_at_millis),\n manuallyRevokedAt: data.manually_revoked_at_millis ? new Date(data.manually_revoked_at_millis) : null,\n createdAt: new Date(data.created_at_millis),\n isValid() {\n return this.whyInvalid() === null;\n },\n whyInvalid() {\n if (this.expiresAt.getTime() < Date.now()) return \"expired\";\n if (this.manuallyRevokedAt) return \"manually-revoked\";\n return null;\n },\n async revoke() {\n const res = await app._interface.revokeApiKeyById(data.id);\n await app._refreshApiKeys();\n return res;\n }\n };\n }\n\n protected _createApiKeyFromCrud(data: ApiKeysCrud[\"Admin\"][\"Read\"]): ApiKey {\n return {\n ...this._createApiKeyBaseFromCrud(data),\n publishableClientKey: data.publishable_client_key ? { lastFour: data.publishable_client_key.last_four } : null,\n secretServerKey: data.secret_server_key ? { lastFour: data.secret_server_key.last_four } : null,\n superSecretAdminKey: data.super_secret_admin_key ? { lastFour: data.super_secret_admin_key.last_four } : null,\n };\n }\n\n protected _createApiKeyFirstViewFromCrud(data: ApiKeyCreateCrudResponse): ApiKeyFirstView {\n return {\n ...this._createApiKeyBaseFromCrud(data),\n publishableClientKey: data.publishable_client_key,\n secretServerKey: data.secret_server_key,\n superSecretAdminKey: data.super_secret_admin_key,\n };\n }\n\n async listApiKeys(): Promise<ApiKey[]> {\n const crud = Result.orThrow(await this._apiKeysCache.getOrWait([], \"write-only\"));\n return crud.map((j) => this._createApiKeyFromCrud(j));\n }\n\n\n async createApiKey(options: ApiKeyCreateOptions): Promise<ApiKeyFirstView> {\n const crud = await this._interface.createApiKey(apiKeyCreateOptionsToCrud(options));\n await this._refreshApiKeys();\n return this._createApiKeyFirstViewFromCrud(crud);\n }\n\n async listEmailTemplates(): Promise<AdminEmailTemplate[]> {\n const crud = Result.orThrow(await this._adminEmailTemplatesCache.getOrWait([], \"write-only\"));\n return crud.map((j) => this._adminEmailTemplateFromCrud(j));\n }\n\n async updateEmailTemplate(type: EmailTemplateType, data: AdminEmailTemplateUpdateOptions): Promise<void> {\n await this._interface.updateEmailTemplate(type, adminEmailTemplateUpdateOptionsToCrud(data));\n await this._adminEmailTemplatesCache.refresh([]);\n }\n\n async resetEmailTemplate(type: EmailTemplateType) {\n await this._interface.resetEmailTemplate(type);\n await this._adminEmailTemplatesCache.refresh([]);\n }\n\n async createTeamPermissionDefinition(data: AdminTeamPermissionDefinitionCreateOptions): Promise<AdminTeamPermission>{\n const crud = await this._interface.createTeamPermissionDefinition(adminTeamPermissionDefinitionCreateOptionsToCrud(data));\n await this._adminTeamPermissionDefinitionsCache.refresh([]);\n return this._serverTeamPermissionDefinitionFromCrud(crud);\n }\n\n async updateTeamPermissionDefinition(permissionId: string, data: AdminTeamPermissionDefinitionUpdateOptions) {\n await this._interface.updateTeamPermissionDefinition(permissionId, adminTeamPermissionDefinitionUpdateOptionsToCrud(data));\n await this._adminTeamPermissionDefinitionsCache.refresh([]);\n }\n\n async deleteTeamPermissionDefinition(permissionId: string): Promise<void> {\n await this._interface.deleteTeamPermissionDefinition(permissionId);\n await this._adminTeamPermissionDefinitionsCache.refresh([]);\n }\n\n async listTeamPermissionDefinitions(): Promise<AdminTeamPermissionDefinition[]> {\n const crud = Result.orThrow(await this._adminTeamPermissionDefinitionsCache.getOrWait([], \"write-only\"));\n return crud.map((p) => this._serverTeamPermissionDefinitionFromCrud(p));\n }\n\n\n async createProjectPermissionDefinition(data: AdminProjectPermissionDefinitionCreateOptions): Promise<AdminProjectPermission> {\n const crud = await this._interface.createProjectPermissionDefinition(adminProjectPermissionDefinitionCreateOptionsToCrud(data));\n await this._adminProjectPermissionDefinitionsCache.refresh([]);\n return this._serverProjectPermissionDefinitionFromCrud(crud);\n }\n\n async updateProjectPermissionDefinition(permissionId: string, data: AdminProjectPermissionDefinitionUpdateOptions) {\n await this._interface.updateProjectPermissionDefinition(permissionId, adminProjectPermissionDefinitionUpdateOptionsToCrud(data));\n await this._adminProjectPermissionDefinitionsCache.refresh([]);\n }\n\n async deleteProjectPermissionDefinition(permissionId: string): Promise<void> {\n await this._interface.deleteProjectPermissionDefinition(permissionId);\n await this._adminProjectPermissionDefinitionsCache.refresh([]);\n }\n\n async listProjectPermissionDefinitions(): Promise<AdminProjectPermissionDefinition[]> {\n const crud = Result.orThrow(await this._adminProjectPermissionDefinitionsCache.getOrWait([], \"write-only\"));\n return crud.map((p) => this._serverProjectPermissionDefinitionFromCrud(p));\n }\n\n\n protected override async _refreshProject() {\n await Promise.all([\n super._refreshProject(),\n this._adminProjectCache.refresh([]),\n ]);\n }\n\n protected async _refreshApiKeys() {\n await this._apiKeysCache.refresh([]);\n }\n\n get [stackAppInternalsSymbol]() {\n return {\n ...super[stackAppInternalsSymbol],\n };\n }\n\n async sendTestEmail(options: {\n recipientEmail: string,\n emailConfig: EmailConfig,\n }): Promise<Result<undefined, { errorMessage: string }>> {\n const response = await this._interface.sendTestEmail({\n recipient_email: options.recipientEmail,\n email_config: {\n ...(pick(options.emailConfig, ['host', 'port', 'username', 'password'])),\n sender_email: options.emailConfig.senderEmail,\n sender_name: options.emailConfig.senderName,\n },\n });\n\n if (response.success) {\n return Result.ok(undefined);\n } else {\n return Result.error({ errorMessage: response.error_message ?? throwErr(\"Email test error not specified\") });\n }\n }\n\n async listSentEmails(): Promise<AdminSentEmail[]> {\n const response = await this._interface.listSentEmails();\n return response.items.map((email) => ({\n id: email.id,\n to: email.to ?? [],\n subject: email.subject,\n recipient: email.to?.[0] ?? \"\",\n sentAt: new Date(email.sent_at_millis),\n error: email.error,\n }));\n }\n}\n"],"mappings":";AAIA,SAAS,2BAA2B;AACpC,SAAS,+BAA+B;AAKxC,SAAS,qBAAqB,gBAAgB;AAC9C,SAAS,YAAY;AACrB,SAAS,cAAc;AAEvB,SAAuF,iCAAiC;AACxH,SAAsB,+BAA+B;AACrD,SAA8D,6CAA6C;AAC3G,SAA6S,kDAAkD,kDAAkD,qDAAqD,2DAA2D;AACjgB,SAAqE,uCAAuC;AAE5G,SAAS,eAAe,aAAa,YAAY,qBAAqB,gCAAgC,2BAA2B,qCAAqC;AACtK,SAAS,qCAAqC;AAGvC,IAAM,+BAAN,cAAoG,8BAC3G;AAAA,EAyBE,YAAY,SAAoE;AAC9E,UAAM;AAAA,MACJ,WAAW,IAAI,oBAAoB;AAAA,QACjC,YAAY,MAAM,WAAW,QAAQ,OAAO;AAAA,QAC5C,WAAW,QAAQ,aAAa,oBAAoB;AAAA,QACpD,qBAAqB,QAAQ,uBAAuB,CAAC;AAAA,QACrD;AAAA,QACA,GAAG,yBAAyB,UAAU;AAAA,UACpC,qBAAqB,QAAQ;AAAA,QAC/B,IAAI;AAAA,UACF,sBAAsB,QAAQ,wBAAwB,+BAA+B;AAAA,UACrF,iBAAiB,QAAQ,mBAAmB,0BAA0B;AAAA,UACtE,qBAAqB,QAAQ,uBAAuB,8BAA8B;AAAA,QACpF;AAAA,MACF,CAAC;AAAA,MACD,SAAS,QAAQ;AAAA,MACjB,qBAAqB,QAAQ;AAAA,MAC7B,WAAW,QAAQ;AAAA,MACnB,YAAY,QAAQ;AAAA,MACpB,MAAM,QAAQ;AAAA,MACd,qBAAqB,QAAQ;AAAA,MAC7B,gBAAgB,QAAQ;AAAA,IAC1B,CAAC;AA5CH,SAAiB,qBAAqB,YAAY,YAAY;AAC5D,aAAO,MAAM,KAAK,WAAW,WAAW;AAAA,IAC1C,CAAC;AACD,SAAiB,gBAAgB,YAAY,YAAY;AACvD,aAAO,MAAM,KAAK,WAAW,YAAY;AAAA,IAC3C,CAAC;AACD,SAAiB,4BAA4B,YAAY,YAAY;AACnE,aAAO,MAAM,KAAK,WAAW,mBAAmB;AAAA,IAClD,CAAC;AACD,SAAiB,uCAAuC,YAAY,YAAY;AAC9E,aAAO,MAAM,KAAK,WAAW,8BAA8B;AAAA,IAC7D,CAAC;AACD,SAAiB,0CAA0C,YAAY,YAAY;AACjF,aAAO,MAAM,KAAK,WAAW,iCAAiC;AAAA,IAChE,CAAC;AACD,SAAiB,kBAAkB,YAAY,YAAY;AACzD,aAAO,MAAM,KAAK,WAAW,aAAa;AAAA,IAC5C,CAAC;AACD,SAAiB,gBAAgB,YAAY,YAAY;AACvD,aAAO,MAAM,KAAK,WAAW,WAAW;AAAA,IAC1C,CAAC;AAAA,EAyBD;AAAA,EAEA,2BAA2B,MAA6C,WAAmD;AACzH,QAAI,KAAK,oBAAoB,MAAM;AACjC,YAAM,IAAI,oBAAoB,oHAA+G;AAAE;AAAA,IACjJ;AACA,WAAO;AAAA,MACL,GAAG,KAAK,sBAAsB,MAAM,SAAS;AAAA,MAC7C,KAAK;AAAA,IACP;AAAA,EACF;AAAA,EAEA,sBAAsB,MAA6C,WAA8C;AAC/G,QAAI,KAAK,OAAO,KAAK,WAAW;AAC9B,YAAM,IAAI,oBAAoB,gDAAgD,KAAK,EAAE,+CAA+C,KAAK,SAAS,IAAI;AAAA,IACxJ;AAEA,UAAM,MAAM;AACZ,WAAO;AAAA,MACL,IAAI,KAAK;AAAA,MACT,aAAa,KAAK;AAAA,MAClB,aAAa,KAAK;AAAA,MAClB,WAAW,IAAI,KAAK,KAAK,iBAAiB;AAAA,MAC1C,WAAW,KAAK;AAAA,MAChB,kBAAkB,KAAK;AAAA,MACvB,QAAQ;AAAA,QACN,IAAI,KAAK,OAAO;AAAA,QAChB,eAAe,KAAK,OAAO;AAAA,QAC3B,mBAAmB,KAAK,OAAO;AAAA,QAC/B,kBAAkB,KAAK,OAAO;AAAA,QAC9B,gBAAgB,KAAK,OAAO;AAAA,QAC5B,2BAA2B,KAAK,OAAO;AAAA,QACvC,2BAA2B,KAAK,OAAO;AAAA,QACvC,gBAAgB,KAAK,OAAO;AAAA,QAC5B,2BAA2B,KAAK,OAAO;AAAA,QACvC,gBAAgB,KAAK,OAAO,gBAAgB,IAAI,CAAC,MAAQ,EAAE,SAAS,WAAW;AAAA,UAC7E,IAAI,EAAE;AAAA,UACN,SAAS,EAAE;AAAA,UACX,MAAM;AAAA,QACR,IAAa;AAAA,UACX,IAAI,EAAE;AAAA,UACN,SAAS,EAAE;AAAA,UACX,MAAM;AAAA,UACN,UAAU,EAAE,aAAa,SAAS,sBAAsB;AAAA,UACxD,cAAc,EAAE,iBAAiB,SAAS,0BAA0B;AAAA,UACpE,kBAAkB,EAAE;AAAA,UACpB,mBAAmB,EAAE;AAAA,QACvB,CAAY;AAAA,QACZ,aAAa,KAAK,OAAO,aAAa,SAAS,WAAW;AAAA,UACxD,MAAM;AAAA,QACR,IAAI;AAAA,UACF,MAAM;AAAA,UACN,MAAM,KAAK,OAAO,aAAa,QAAQ,SAAS,uBAAuB;AAAA,UACvE,MAAM,KAAK,OAAO,aAAa,QAAQ,SAAS,uBAAuB;AAAA,UACvE,UAAU,KAAK,OAAO,aAAa,YAAY,SAAS,2BAA2B;AAAA,UACnF,UAAU,KAAK,OAAO,aAAa,YAAY,SAAS,2BAA2B;AAAA,UACnF,YAAY,KAAK,OAAO,aAAa,eAAe,SAAS,8BAA8B;AAAA,UAC3F,aAAa,KAAK,OAAO,aAAa,gBAAgB,SAAS,+BAA+B;AAAA,QAChG;AAAA,QACA,SAAS,KAAK,OAAO,QAAQ,IAAI,CAAC,OAAO;AAAA,UACvC,QAAQ,EAAE;AAAA,UACV,aAAa,EAAE;AAAA,QACjB,EAAE;AAAA,QACF,oBAAoB,KAAK,OAAO;AAAA,QAChC,+BAA+B,KAAK,OAAO;AAAA,QAC3C,8BAA8B,KAAK,OAAO;AAAA,QAC1C,wBAAwB,KAAK,OAAO;AAAA,MACtC;AAAA,MAEA,MAAM,OAAO,QAAmC;AAC9C,cAAM,IAAI,WAAW,cAAc,gCAAgC,MAAM,CAAC;AAC1E,cAAM,UAAU;AAAA,MAClB;AAAA,MACA,MAAM,SAAS;AACb,cAAM,IAAI,WAAW,cAAc;AAAA,MACrC;AAAA,MACA,MAAM,0BAA0B;AAC9B,eAAO,wBAAwB,IAAI;AAAA,MACrC;AAAA,MACA,0BAA0B;AACxB,eAAO,wBAAwB,IAAI;AAAA,MACrC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,4BAA4B,MAA8D;AACxF,WAAO;AAAA,MACL,MAAM,KAAK;AAAA,MACX,SAAS,KAAK;AAAA,MACd,SAAS,KAAK;AAAA,MACd,WAAW,KAAK;AAAA,IAClB;AAAA,EACF;AAAA,EAEA,MAAe,aAAoC;AACjD,WAAO,KAAK;AAAA,MACV,OAAO,QAAQ,MAAM,KAAK,mBAAmB,UAAU,CAAC,GAAG,YAAY,CAAC;AAAA,MACxE,MAAM,KAAK,gBAAgB;AAAA,IAC7B;AAAA,EACF;AAAA,EAGU,0BAA0B,MAAsC;AACxE,UAAM,MAAM;AACZ,WAAO;AAAA,MACL,IAAI,KAAK;AAAA,MACT,aAAa,KAAK;AAAA,MAClB,WAAW,IAAI,KAAK,KAAK,iBAAiB;AAAA,MAC1C,mBAAmB,KAAK,6BAA6B,IAAI,KAAK,KAAK,0BAA0B,IAAI;AAAA,MACjG,WAAW,IAAI,KAAK,KAAK,iBAAiB;AAAA,MAC1C,UAAU;AACR,eAAO,KAAK,WAAW,MAAM;AAAA,MAC/B;AAAA,MACA,aAAa;AACX,YAAI,KAAK,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AAClD,YAAI,KAAK,kBAAmB,QAAO;AACnC,eAAO;AAAA,MACT;AAAA,MACA,MAAM,SAAS;AACb,cAAM,MAAM,MAAM,IAAI,WAAW,iBAAiB,KAAK,EAAE;AACzD,cAAM,IAAI,gBAAgB;AAC1B,eAAO;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAAA,EAEU,sBAAsB,MAA4C;AAC1E,WAAO;AAAA,MACL,GAAG,KAAK,0BAA0B,IAAI;AAAA,MACtC,sBAAsB,KAAK,yBAAyB,EAAE,UAAU,KAAK,uBAAuB,UAAU,IAAI;AAAA,MAC1G,iBAAiB,KAAK,oBAAoB,EAAE,UAAU,KAAK,kBAAkB,UAAU,IAAI;AAAA,MAC3F,qBAAqB,KAAK,yBAAyB,EAAE,UAAU,KAAK,uBAAuB,UAAU,IAAI;AAAA,IAC3G;AAAA,EACF;AAAA,EAEU,+BAA+B,MAAiD;AACxF,WAAO;AAAA,MACL,GAAG,KAAK,0BAA0B,IAAI;AAAA,MACtC,sBAAsB,KAAK;AAAA,MAC3B,iBAAiB,KAAK;AAAA,MACtB,qBAAqB,KAAK;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,MAAM,cAAiC;AACrC,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,cAAc,UAAU,CAAC,GAAG,YAAY,CAAC;AAChF,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,sBAAsB,CAAC,CAAC;AAAA,EACtD;AAAA,EAGA,MAAM,aAAa,SAAwD;AACzE,UAAM,OAAO,MAAM,KAAK,WAAW,aAAa,0BAA0B,OAAO,CAAC;AAClF,UAAM,KAAK,gBAAgB;AAC3B,WAAO,KAAK,+BAA+B,IAAI;AAAA,EACjD;AAAA,EAEA,MAAM,qBAAoD;AACxD,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,0BAA0B,UAAU,CAAC,GAAG,YAAY,CAAC;AAC5F,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,4BAA4B,CAAC,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,oBAAoB,MAAyB,MAAsD;AACvG,UAAM,KAAK,WAAW,oBAAoB,MAAM,sCAAsC,IAAI,CAAC;AAC3F,UAAM,KAAK,0BAA0B,QAAQ,CAAC,CAAC;AAAA,EACjD;AAAA,EAEA,MAAM,mBAAmB,MAAyB;AAChD,UAAM,KAAK,WAAW,mBAAmB,IAAI;AAC7C,UAAM,KAAK,0BAA0B,QAAQ,CAAC,CAAC;AAAA,EACjD;AAAA,EAEA,MAAM,+BAA+B,MAA+E;AAClH,UAAM,OAAO,MAAM,KAAK,WAAW,+BAA+B,iDAAiD,IAAI,CAAC;AACxH,UAAM,KAAK,qCAAqC,QAAQ,CAAC,CAAC;AAC1D,WAAO,KAAK,wCAAwC,IAAI;AAAA,EAC1D;AAAA,EAEA,MAAM,+BAA+B,cAAsB,MAAkD;AAC3G,UAAM,KAAK,WAAW,+BAA+B,cAAc,iDAAiD,IAAI,CAAC;AACzH,UAAM,KAAK,qCAAqC,QAAQ,CAAC,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,+BAA+B,cAAqC;AACxE,UAAM,KAAK,WAAW,+BAA+B,YAAY;AACjE,UAAM,KAAK,qCAAqC,QAAQ,CAAC,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,gCAA0E;AAC9E,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,qCAAqC,UAAU,CAAC,GAAG,YAAY,CAAC;AACvG,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,wCAAwC,CAAC,CAAC;AAAA,EACxE;AAAA,EAGA,MAAM,kCAAkC,MAAsF;AAC5H,UAAM,OAAO,MAAM,KAAK,WAAW,kCAAkC,oDAAoD,IAAI,CAAC;AAC9H,UAAM,KAAK,wCAAwC,QAAQ,CAAC,CAAC;AAC7D,WAAO,KAAK,2CAA2C,IAAI;AAAA,EAC7D;AAAA,EAEA,MAAM,kCAAkC,cAAsB,MAAqD;AACjH,UAAM,KAAK,WAAW,kCAAkC,cAAc,oDAAoD,IAAI,CAAC;AAC/H,UAAM,KAAK,wCAAwC,QAAQ,CAAC,CAAC;AAAA,EAC/D;AAAA,EAEA,MAAM,kCAAkC,cAAqC;AAC3E,UAAM,KAAK,WAAW,kCAAkC,YAAY;AACpE,UAAM,KAAK,wCAAwC,QAAQ,CAAC,CAAC;AAAA,EAC/D;AAAA,EAEA,MAAM,mCAAgF;AACpF,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,wCAAwC,UAAU,CAAC,GAAG,YAAY,CAAC;AAC1G,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,2CAA2C,CAAC,CAAC;AAAA,EAC3E;AAAA,EAGA,MAAyB,kBAAkB;AACzC,UAAM,QAAQ,IAAI;AAAA,MAChB,MAAM,gBAAgB;AAAA,MACtB,KAAK,mBAAmB,QAAQ,CAAC,CAAC;AAAA,IACpC,CAAC;AAAA,EACH;AAAA,EAEA,MAAgB,kBAAkB;AAChC,UAAM,KAAK,cAAc,QAAQ,CAAC,CAAC;AAAA,EACrC;AAAA,EAEA,KAAK,uBAAuB,IAAI;AAC9B,WAAO;AAAA,MACL,GAAG,MAAM,uBAAuB;AAAA,IAClC;AAAA,EACF;AAAA,EAEA,MAAM,cAAc,SAGqC;AACvD,UAAM,WAAW,MAAM,KAAK,WAAW,cAAc;AAAA,MACnD,iBAAiB,QAAQ;AAAA,MACzB,cAAc;AAAA,QACZ,GAAI,KAAK,QAAQ,aAAa,CAAC,QAAQ,QAAQ,YAAY,UAAU,CAAC;AAAA,QACtE,cAAc,QAAQ,YAAY;AAAA,QAClC,aAAa,QAAQ,YAAY;AAAA,MACnC;AAAA,IACF,CAAC;AAED,QAAI,SAAS,SAAS;AACpB,aAAO,OAAO,GAAG,MAAS;AAAA,IAC5B,OAAO;AACL,aAAO,OAAO,MAAM,EAAE,cAAc,SAAS,iBAAiB,SAAS,gCAAgC,EAAE,CAAC;AAAA,IAC5G;AAAA,EACF;AAAA,EAEA,MAAM,iBAA4C;AAChD,UAAM,WAAW,MAAM,KAAK,WAAW,eAAe;AACtD,WAAO,SAAS,MAAM,IAAI,CAAC,WAAW;AAAA,MACpC,IAAI,MAAM;AAAA,MACV,IAAI,MAAM,MAAM,CAAC;AAAA,MACjB,SAAS,MAAM;AAAA,MACf,WAAW,MAAM,KAAK,CAAC,KAAK;AAAA,MAC5B,QAAQ,IAAI,KAAK,MAAM,cAAc;AAAA,MACrC,OAAO,MAAM;AAAA,IACf,EAAE;AAAA,EACJ;AACF;","names":[]}
1
+ {"version":3,"sources":["../../../../../../src/lib/stack-app/apps/implementations/admin-app-impl.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { StackAdminInterface } from \"@stackframe/stack-shared\";\nimport { getProductionModeErrors } from \"@stackframe/stack-shared/dist/helpers/production-mode\";\nimport { InternalApiKeyCreateCrudResponse } from \"@stackframe/stack-shared/dist/interface/adminInterface\";\nimport { EmailTemplateCrud, EmailTemplateType } from \"@stackframe/stack-shared/dist/interface/crud/email-templates\";\nimport { InternalApiKeysCrud } from \"@stackframe/stack-shared/dist/interface/crud/internal-api-keys\";\nimport { InternalProjectsCrud } from \"@stackframe/stack-shared/dist/interface/crud/projects\";\nimport { StackAssertionError, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { pick } from \"@stackframe/stack-shared/dist/utils/objects\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { AdminSentEmail } from \"../..\";\nimport { EmailConfig, stackAppInternalsSymbol } from \"../../common\";\nimport { AdminEmailTemplate, AdminEmailTemplateUpdateOptions, adminEmailTemplateUpdateOptionsToCrud } from \"../../email-templates\";\nimport { InternalApiKey, InternalApiKeyBase, InternalApiKeyBaseCrudRead, InternalApiKeyCreateOptions, InternalApiKeyFirstView, internalApiKeyCreateOptionsToCrud } from \"../../internal-api-keys\";\nimport { AdminProjectPermission, AdminProjectPermissionDefinition, AdminProjectPermissionDefinitionCreateOptions, AdminProjectPermissionDefinitionUpdateOptions, AdminTeamPermission, AdminTeamPermissionDefinition, AdminTeamPermissionDefinitionCreateOptions, AdminTeamPermissionDefinitionUpdateOptions, adminProjectPermissionDefinitionCreateOptionsToCrud, adminProjectPermissionDefinitionUpdateOptionsToCrud, adminTeamPermissionDefinitionCreateOptionsToCrud, adminTeamPermissionDefinitionUpdateOptionsToCrud } from \"../../permissions\";\nimport { AdminOwnedProject, AdminProject, AdminProjectUpdateOptions, adminProjectUpdateOptionsToCrud } from \"../../projects\";\nimport { StackAdminApp, StackAdminAppConstructorOptions } from \"../interfaces/admin-app\";\nimport { clientVersion, createCache, getBaseUrl, getDefaultProjectId, getDefaultPublishableClientKey, getDefaultSecretServerKey, getDefaultSuperSecretAdminKey } from \"./common\";\nimport { _StackServerAppImplIncomplete } from \"./server-app-impl\";\n\n\nexport class _StackAdminAppImplIncomplete<HasTokenStore extends boolean, ProjectId extends string> extends _StackServerAppImplIncomplete<HasTokenStore, ProjectId> implements StackAdminApp<HasTokenStore, ProjectId>\n{\n declare protected _interface: StackAdminInterface;\n\n private readonly _adminProjectCache = createCache(async () => {\n return await this._interface.getProject();\n });\n private readonly _internalApiKeysCache = createCache(async () => {\n const res = await this._interface.listInternalApiKeys();\n return res;\n });\n private readonly _adminEmailTemplatesCache = createCache(async () => {\n return await this._interface.listEmailTemplates();\n });\n private readonly _adminTeamPermissionDefinitionsCache = createCache(async () => {\n return await this._interface.listTeamPermissionDefinitions();\n });\n private readonly _adminProjectPermissionDefinitionsCache = createCache(async () => {\n return await this._interface.listProjectPermissionDefinitions();\n });\n private readonly _svixTokenCache = createCache(async () => {\n return await this._interface.getSvixToken();\n });\n private readonly _metricsCache = createCache(async () => {\n return await this._interface.getMetrics();\n });\n\n constructor(options: StackAdminAppConstructorOptions<HasTokenStore, ProjectId>) {\n super({\n interface: new StackAdminInterface({\n getBaseUrl: () => getBaseUrl(options.baseUrl),\n projectId: options.projectId ?? getDefaultProjectId(),\n extraRequestHeaders: options.extraRequestHeaders ?? {},\n clientVersion,\n ...\"projectOwnerSession\" in options ? {\n projectOwnerSession: options.projectOwnerSession,\n } : {\n publishableClientKey: options.publishableClientKey ?? getDefaultPublishableClientKey(),\n secretServerKey: options.secretServerKey ?? getDefaultSecretServerKey(),\n superSecretAdminKey: options.superSecretAdminKey ?? getDefaultSuperSecretAdminKey(),\n },\n }),\n baseUrl: options.baseUrl,\n extraRequestHeaders: options.extraRequestHeaders,\n projectId: options.projectId,\n tokenStore: options.tokenStore,\n urls: options.urls,\n oauthScopesOnSignIn: options.oauthScopesOnSignIn,\n redirectMethod: options.redirectMethod,\n });\n }\n\n _adminOwnedProjectFromCrud(data: InternalProjectsCrud['Admin']['Read'], onRefresh: () => Promise<void>): AdminOwnedProject {\n if (this._tokenStoreInit !== null) {\n throw new StackAssertionError(\"Owned apps must always have tokenStore === null — did you not create this project with app._createOwnedApp()?\");;\n }\n return {\n ...this._adminProjectFromCrud(data, onRefresh),\n app: this as StackAdminApp<false>,\n };\n }\n\n _adminProjectFromCrud(data: InternalProjectsCrud['Admin']['Read'], onRefresh: () => Promise<void>): AdminProject {\n if (data.id !== this.projectId) {\n throw new StackAssertionError(`The project ID of the provided project JSON (${data.id}) does not match the project ID of the app (${this.projectId})!`);\n }\n\n const app = this;\n return {\n id: data.id,\n displayName: data.display_name,\n description: data.description,\n createdAt: new Date(data.created_at_millis),\n userCount: data.user_count,\n isProductionMode: data.is_production_mode,\n config: {\n id: data.config.id,\n signUpEnabled: data.config.sign_up_enabled,\n credentialEnabled: data.config.credential_enabled,\n magicLinkEnabled: data.config.magic_link_enabled,\n passkeyEnabled: data.config.passkey_enabled,\n clientTeamCreationEnabled: data.config.client_team_creation_enabled,\n clientUserDeletionEnabled: data.config.client_user_deletion_enabled,\n allowLocalhost: data.config.allow_localhost,\n oauthAccountMergeStrategy: data.config.oauth_account_merge_strategy,\n allowUserApiKeys: data.config.allow_user_api_keys,\n allowTeamApiKeys: data.config.allow_team_api_keys,\n oauthProviders: data.config.oauth_providers.map((p) => ((p.type === 'shared' ? {\n id: p.id,\n enabled: p.enabled,\n type: 'shared',\n } as const : {\n id: p.id,\n enabled: p.enabled,\n type: 'standard',\n clientId: p.client_id ?? throwErr(\"Client ID is missing\"),\n clientSecret: p.client_secret ?? throwErr(\"Client secret is missing\"),\n facebookConfigId: p.facebook_config_id,\n microsoftTenantId: p.microsoft_tenant_id,\n } as const))),\n emailConfig: data.config.email_config.type === 'shared' ? {\n type: 'shared'\n } : {\n type: 'standard',\n host: data.config.email_config.host ?? throwErr(\"Email host is missing\"),\n port: data.config.email_config.port ?? throwErr(\"Email port is missing\"),\n username: data.config.email_config.username ?? throwErr(\"Email username is missing\"),\n password: data.config.email_config.password ?? throwErr(\"Email password is missing\"),\n senderName: data.config.email_config.sender_name ?? throwErr(\"Email sender name is missing\"),\n senderEmail: data.config.email_config.sender_email ?? throwErr(\"Email sender email is missing\"),\n },\n domains: data.config.domains.map((d) => ({\n domain: d.domain,\n handlerPath: d.handler_path,\n })),\n createTeamOnSignUp: data.config.create_team_on_sign_up,\n teamCreatorDefaultPermissions: data.config.team_creator_default_permissions,\n teamMemberDefaultPermissions: data.config.team_member_default_permissions,\n userDefaultPermissions: data.config.user_default_permissions,\n },\n\n async update(update: AdminProjectUpdateOptions) {\n await app._interface.updateProject(adminProjectUpdateOptionsToCrud(update));\n await onRefresh();\n },\n async delete() {\n await app._interface.deleteProject();\n },\n async getProductionModeErrors() {\n return getProductionModeErrors(data);\n },\n useProductionModeErrors() {\n return getProductionModeErrors(data);\n },\n };\n }\n\n _adminEmailTemplateFromCrud(data: EmailTemplateCrud['Admin']['Read']): AdminEmailTemplate {\n return {\n type: data.type,\n subject: data.subject,\n content: data.content,\n isDefault: data.is_default,\n };\n }\n\n override async getProject(): Promise<AdminProject> {\n return this._adminProjectFromCrud(\n Result.orThrow(await this._adminProjectCache.getOrWait([], \"write-only\")),\n () => this._refreshProject()\n );\n }\n\n\n protected _createInternalApiKeyBaseFromCrud(data: InternalApiKeyBaseCrudRead): InternalApiKeyBase {\n const app = this;\n return {\n id: data.id,\n description: data.description,\n expiresAt: new Date(data.expires_at_millis),\n manuallyRevokedAt: data.manually_revoked_at_millis ? new Date(data.manually_revoked_at_millis) : null,\n createdAt: new Date(data.created_at_millis),\n isValid() {\n return this.whyInvalid() === null;\n },\n whyInvalid() {\n if (this.expiresAt.getTime() < Date.now()) return \"expired\";\n if (this.manuallyRevokedAt) return \"manually-revoked\";\n return null;\n },\n async revoke() {\n const res = await app._interface.revokeInternalApiKeyById(data.id);\n await app._refreshInternalApiKeys();\n return res;\n }\n };\n }\n\n protected _createInternalApiKeyFromCrud(data: InternalApiKeysCrud[\"Admin\"][\"Read\"]): InternalApiKey {\n return {\n ...this._createInternalApiKeyBaseFromCrud(data),\n publishableClientKey: data.publishable_client_key ? { lastFour: data.publishable_client_key.last_four } : null,\n secretServerKey: data.secret_server_key ? { lastFour: data.secret_server_key.last_four } : null,\n superSecretAdminKey: data.super_secret_admin_key ? { lastFour: data.super_secret_admin_key.last_four } : null,\n };\n }\n\n protected _createInternalApiKeyFirstViewFromCrud(data: InternalApiKeyCreateCrudResponse): InternalApiKeyFirstView {\n return {\n ...this._createInternalApiKeyBaseFromCrud(data),\n publishableClientKey: data.publishable_client_key,\n secretServerKey: data.secret_server_key,\n superSecretAdminKey: data.super_secret_admin_key,\n };\n }\n\n async listInternalApiKeys(): Promise<InternalApiKey[]> {\n const crud = Result.orThrow(await this._internalApiKeysCache.getOrWait([], \"write-only\"));\n return crud.map((j) => this._createInternalApiKeyFromCrud(j));\n }\n\n\n async createInternalApiKey(options: InternalApiKeyCreateOptions): Promise<InternalApiKeyFirstView> {\n const crud = await this._interface.createInternalApiKey(internalApiKeyCreateOptionsToCrud(options));\n await this._refreshInternalApiKeys();\n return this._createInternalApiKeyFirstViewFromCrud(crud);\n }\n\n async listEmailTemplates(): Promise<AdminEmailTemplate[]> {\n const crud = Result.orThrow(await this._adminEmailTemplatesCache.getOrWait([], \"write-only\"));\n return crud.map((j) => this._adminEmailTemplateFromCrud(j));\n }\n\n async updateEmailTemplate(type: EmailTemplateType, data: AdminEmailTemplateUpdateOptions): Promise<void> {\n await this._interface.updateEmailTemplate(type, adminEmailTemplateUpdateOptionsToCrud(data));\n await this._adminEmailTemplatesCache.refresh([]);\n }\n\n async resetEmailTemplate(type: EmailTemplateType) {\n await this._interface.resetEmailTemplate(type);\n await this._adminEmailTemplatesCache.refresh([]);\n }\n\n async createTeamPermissionDefinition(data: AdminTeamPermissionDefinitionCreateOptions): Promise<AdminTeamPermission>{\n const crud = await this._interface.createTeamPermissionDefinition(adminTeamPermissionDefinitionCreateOptionsToCrud(data));\n await this._adminTeamPermissionDefinitionsCache.refresh([]);\n return this._serverTeamPermissionDefinitionFromCrud(crud);\n }\n\n async updateTeamPermissionDefinition(permissionId: string, data: AdminTeamPermissionDefinitionUpdateOptions) {\n await this._interface.updateTeamPermissionDefinition(permissionId, adminTeamPermissionDefinitionUpdateOptionsToCrud(data));\n await this._adminTeamPermissionDefinitionsCache.refresh([]);\n }\n\n async deleteTeamPermissionDefinition(permissionId: string): Promise<void> {\n await this._interface.deleteTeamPermissionDefinition(permissionId);\n await this._adminTeamPermissionDefinitionsCache.refresh([]);\n }\n\n async listTeamPermissionDefinitions(): Promise<AdminTeamPermissionDefinition[]> {\n const crud = Result.orThrow(await this._adminTeamPermissionDefinitionsCache.getOrWait([], \"write-only\"));\n return crud.map((p) => this._serverTeamPermissionDefinitionFromCrud(p));\n }\n\n\n async createProjectPermissionDefinition(data: AdminProjectPermissionDefinitionCreateOptions): Promise<AdminProjectPermission> {\n const crud = await this._interface.createProjectPermissionDefinition(adminProjectPermissionDefinitionCreateOptionsToCrud(data));\n await this._adminProjectPermissionDefinitionsCache.refresh([]);\n return this._serverProjectPermissionDefinitionFromCrud(crud);\n }\n\n async updateProjectPermissionDefinition(permissionId: string, data: AdminProjectPermissionDefinitionUpdateOptions) {\n await this._interface.updateProjectPermissionDefinition(permissionId, adminProjectPermissionDefinitionUpdateOptionsToCrud(data));\n await this._adminProjectPermissionDefinitionsCache.refresh([]);\n }\n\n async deleteProjectPermissionDefinition(permissionId: string): Promise<void> {\n await this._interface.deleteProjectPermissionDefinition(permissionId);\n await this._adminProjectPermissionDefinitionsCache.refresh([]);\n }\n\n async listProjectPermissionDefinitions(): Promise<AdminProjectPermissionDefinition[]> {\n const crud = Result.orThrow(await this._adminProjectPermissionDefinitionsCache.getOrWait([], \"write-only\"));\n return crud.map((p) => this._serverProjectPermissionDefinitionFromCrud(p));\n }\n\n\n protected override async _refreshProject() {\n await Promise.all([\n super._refreshProject(),\n this._adminProjectCache.refresh([]),\n ]);\n }\n\n protected async _refreshInternalApiKeys() {\n await this._internalApiKeysCache.refresh([]);\n }\n\n get [stackAppInternalsSymbol]() {\n return {\n ...super[stackAppInternalsSymbol],\n };\n }\n\n async sendTestEmail(options: {\n recipientEmail: string,\n emailConfig: EmailConfig,\n }): Promise<Result<undefined, { errorMessage: string }>> {\n const response = await this._interface.sendTestEmail({\n recipient_email: options.recipientEmail,\n email_config: {\n ...(pick(options.emailConfig, ['host', 'port', 'username', 'password'])),\n sender_email: options.emailConfig.senderEmail,\n sender_name: options.emailConfig.senderName,\n },\n });\n\n if (response.success) {\n return Result.ok(undefined);\n } else {\n return Result.error({ errorMessage: response.error_message ?? throwErr(\"Email test error not specified\") });\n }\n }\n\n async listSentEmails(): Promise<AdminSentEmail[]> {\n const response = await this._interface.listSentEmails();\n return response.items.map((email) => ({\n id: email.id,\n to: email.to ?? [],\n subject: email.subject,\n recipient: email.to?.[0] ?? \"\",\n sentAt: new Date(email.sent_at_millis),\n error: email.error,\n }));\n }\n}\n"],"mappings":";AAIA,SAAS,2BAA2B;AACpC,SAAS,+BAA+B;AAKxC,SAAS,qBAAqB,gBAAgB;AAC9C,SAAS,YAAY;AACrB,SAAS,cAAc;AAEvB,SAAsB,+BAA+B;AACrD,SAA8D,6CAA6C;AAC3G,SAA+H,yCAAyC;AACxK,SAA6S,qDAAqD,qDAAqD,kDAAkD,wDAAwD;AACjgB,SAAqE,uCAAuC;AAE5G,SAAS,eAAe,aAAa,YAAY,qBAAqB,gCAAgC,2BAA2B,qCAAqC;AACtK,SAAS,qCAAqC;AAGvC,IAAM,+BAAN,cAAoG,8BAC3G;AAAA,EA0BE,YAAY,SAAoE;AAC9E,UAAM;AAAA,MACJ,WAAW,IAAI,oBAAoB;AAAA,QACjC,YAAY,MAAM,WAAW,QAAQ,OAAO;AAAA,QAC5C,WAAW,QAAQ,aAAa,oBAAoB;AAAA,QACpD,qBAAqB,QAAQ,uBAAuB,CAAC;AAAA,QACrD;AAAA,QACA,GAAG,yBAAyB,UAAU;AAAA,UACpC,qBAAqB,QAAQ;AAAA,QAC/B,IAAI;AAAA,UACF,sBAAsB,QAAQ,wBAAwB,+BAA+B;AAAA,UACrF,iBAAiB,QAAQ,mBAAmB,0BAA0B;AAAA,UACtE,qBAAqB,QAAQ,uBAAuB,8BAA8B;AAAA,QACpF;AAAA,MACF,CAAC;AAAA,MACD,SAAS,QAAQ;AAAA,MACjB,qBAAqB,QAAQ;AAAA,MAC7B,WAAW,QAAQ;AAAA,MACnB,YAAY,QAAQ;AAAA,MACpB,MAAM,QAAQ;AAAA,MACd,qBAAqB,QAAQ;AAAA,MAC7B,gBAAgB,QAAQ;AAAA,IAC1B,CAAC;AA7CH,SAAiB,qBAAqB,YAAY,YAAY;AAC5D,aAAO,MAAM,KAAK,WAAW,WAAW;AAAA,IAC1C,CAAC;AACD,SAAiB,wBAAwB,YAAY,YAAY;AAC/D,YAAM,MAAM,MAAM,KAAK,WAAW,oBAAoB;AACtD,aAAO;AAAA,IACT,CAAC;AACD,SAAiB,4BAA4B,YAAY,YAAY;AACnE,aAAO,MAAM,KAAK,WAAW,mBAAmB;AAAA,IAClD,CAAC;AACD,SAAiB,uCAAuC,YAAY,YAAY;AAC9E,aAAO,MAAM,KAAK,WAAW,8BAA8B;AAAA,IAC7D,CAAC;AACD,SAAiB,0CAA0C,YAAY,YAAY;AACjF,aAAO,MAAM,KAAK,WAAW,iCAAiC;AAAA,IAChE,CAAC;AACD,SAAiB,kBAAkB,YAAY,YAAY;AACzD,aAAO,MAAM,KAAK,WAAW,aAAa;AAAA,IAC5C,CAAC;AACD,SAAiB,gBAAgB,YAAY,YAAY;AACvD,aAAO,MAAM,KAAK,WAAW,WAAW;AAAA,IAC1C,CAAC;AAAA,EAyBD;AAAA,EAEA,2BAA2B,MAA6C,WAAmD;AACzH,QAAI,KAAK,oBAAoB,MAAM;AACjC,YAAM,IAAI,oBAAoB,oHAA+G;AAAE;AAAA,IACjJ;AACA,WAAO;AAAA,MACL,GAAG,KAAK,sBAAsB,MAAM,SAAS;AAAA,MAC7C,KAAK;AAAA,IACP;AAAA,EACF;AAAA,EAEA,sBAAsB,MAA6C,WAA8C;AAC/G,QAAI,KAAK,OAAO,KAAK,WAAW;AAC9B,YAAM,IAAI,oBAAoB,gDAAgD,KAAK,EAAE,+CAA+C,KAAK,SAAS,IAAI;AAAA,IACxJ;AAEA,UAAM,MAAM;AACZ,WAAO;AAAA,MACL,IAAI,KAAK;AAAA,MACT,aAAa,KAAK;AAAA,MAClB,aAAa,KAAK;AAAA,MAClB,WAAW,IAAI,KAAK,KAAK,iBAAiB;AAAA,MAC1C,WAAW,KAAK;AAAA,MAChB,kBAAkB,KAAK;AAAA,MACvB,QAAQ;AAAA,QACN,IAAI,KAAK,OAAO;AAAA,QAChB,eAAe,KAAK,OAAO;AAAA,QAC3B,mBAAmB,KAAK,OAAO;AAAA,QAC/B,kBAAkB,KAAK,OAAO;AAAA,QAC9B,gBAAgB,KAAK,OAAO;AAAA,QAC5B,2BAA2B,KAAK,OAAO;AAAA,QACvC,2BAA2B,KAAK,OAAO;AAAA,QACvC,gBAAgB,KAAK,OAAO;AAAA,QAC5B,2BAA2B,KAAK,OAAO;AAAA,QACvC,kBAAkB,KAAK,OAAO;AAAA,QAC9B,kBAAkB,KAAK,OAAO;AAAA,QAC9B,gBAAgB,KAAK,OAAO,gBAAgB,IAAI,CAAC,MAAQ,EAAE,SAAS,WAAW;AAAA,UAC7E,IAAI,EAAE;AAAA,UACN,SAAS,EAAE;AAAA,UACX,MAAM;AAAA,QACR,IAAa;AAAA,UACX,IAAI,EAAE;AAAA,UACN,SAAS,EAAE;AAAA,UACX,MAAM;AAAA,UACN,UAAU,EAAE,aAAa,SAAS,sBAAsB;AAAA,UACxD,cAAc,EAAE,iBAAiB,SAAS,0BAA0B;AAAA,UACpE,kBAAkB,EAAE;AAAA,UACpB,mBAAmB,EAAE;AAAA,QACvB,CAAY;AAAA,QACZ,aAAa,KAAK,OAAO,aAAa,SAAS,WAAW;AAAA,UACxD,MAAM;AAAA,QACR,IAAI;AAAA,UACF,MAAM;AAAA,UACN,MAAM,KAAK,OAAO,aAAa,QAAQ,SAAS,uBAAuB;AAAA,UACvE,MAAM,KAAK,OAAO,aAAa,QAAQ,SAAS,uBAAuB;AAAA,UACvE,UAAU,KAAK,OAAO,aAAa,YAAY,SAAS,2BAA2B;AAAA,UACnF,UAAU,KAAK,OAAO,aAAa,YAAY,SAAS,2BAA2B;AAAA,UACnF,YAAY,KAAK,OAAO,aAAa,eAAe,SAAS,8BAA8B;AAAA,UAC3F,aAAa,KAAK,OAAO,aAAa,gBAAgB,SAAS,+BAA+B;AAAA,QAChG;AAAA,QACA,SAAS,KAAK,OAAO,QAAQ,IAAI,CAAC,OAAO;AAAA,UACvC,QAAQ,EAAE;AAAA,UACV,aAAa,EAAE;AAAA,QACjB,EAAE;AAAA,QACF,oBAAoB,KAAK,OAAO;AAAA,QAChC,+BAA+B,KAAK,OAAO;AAAA,QAC3C,8BAA8B,KAAK,OAAO;AAAA,QAC1C,wBAAwB,KAAK,OAAO;AAAA,MACtC;AAAA,MAEA,MAAM,OAAO,QAAmC;AAC9C,cAAM,IAAI,WAAW,cAAc,gCAAgC,MAAM,CAAC;AAC1E,cAAM,UAAU;AAAA,MAClB;AAAA,MACA,MAAM,SAAS;AACb,cAAM,IAAI,WAAW,cAAc;AAAA,MACrC;AAAA,MACA,MAAM,0BAA0B;AAC9B,eAAO,wBAAwB,IAAI;AAAA,MACrC;AAAA,MACA,0BAA0B;AACxB,eAAO,wBAAwB,IAAI;AAAA,MACrC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,4BAA4B,MAA8D;AACxF,WAAO;AAAA,MACL,MAAM,KAAK;AAAA,MACX,SAAS,KAAK;AAAA,MACd,SAAS,KAAK;AAAA,MACd,WAAW,KAAK;AAAA,IAClB;AAAA,EACF;AAAA,EAEA,MAAe,aAAoC;AACjD,WAAO,KAAK;AAAA,MACV,OAAO,QAAQ,MAAM,KAAK,mBAAmB,UAAU,CAAC,GAAG,YAAY,CAAC;AAAA,MACxE,MAAM,KAAK,gBAAgB;AAAA,IAC7B;AAAA,EACF;AAAA,EAGU,kCAAkC,MAAsD;AAChG,UAAM,MAAM;AACZ,WAAO;AAAA,MACL,IAAI,KAAK;AAAA,MACT,aAAa,KAAK;AAAA,MAClB,WAAW,IAAI,KAAK,KAAK,iBAAiB;AAAA,MAC1C,mBAAmB,KAAK,6BAA6B,IAAI,KAAK,KAAK,0BAA0B,IAAI;AAAA,MACjG,WAAW,IAAI,KAAK,KAAK,iBAAiB;AAAA,MAC1C,UAAU;AACR,eAAO,KAAK,WAAW,MAAM;AAAA,MAC/B;AAAA,MACA,aAAa;AACX,YAAI,KAAK,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AAClD,YAAI,KAAK,kBAAmB,QAAO;AACnC,eAAO;AAAA,MACT;AAAA,MACA,MAAM,SAAS;AACb,cAAM,MAAM,MAAM,IAAI,WAAW,yBAAyB,KAAK,EAAE;AACjE,cAAM,IAAI,wBAAwB;AAClC,eAAO;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAAA,EAEU,8BAA8B,MAA4D;AAClG,WAAO;AAAA,MACL,GAAG,KAAK,kCAAkC,IAAI;AAAA,MAC9C,sBAAsB,KAAK,yBAAyB,EAAE,UAAU,KAAK,uBAAuB,UAAU,IAAI;AAAA,MAC1G,iBAAiB,KAAK,oBAAoB,EAAE,UAAU,KAAK,kBAAkB,UAAU,IAAI;AAAA,MAC3F,qBAAqB,KAAK,yBAAyB,EAAE,UAAU,KAAK,uBAAuB,UAAU,IAAI;AAAA,IAC3G;AAAA,EACF;AAAA,EAEU,uCAAuC,MAAiE;AAChH,WAAO;AAAA,MACL,GAAG,KAAK,kCAAkC,IAAI;AAAA,MAC9C,sBAAsB,KAAK;AAAA,MAC3B,iBAAiB,KAAK;AAAA,MACtB,qBAAqB,KAAK;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,MAAM,sBAAiD;AACrD,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,sBAAsB,UAAU,CAAC,GAAG,YAAY,CAAC;AACxF,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,8BAA8B,CAAC,CAAC;AAAA,EAC9D;AAAA,EAGA,MAAM,qBAAqB,SAAwE;AACjG,UAAM,OAAO,MAAM,KAAK,WAAW,qBAAqB,kCAAkC,OAAO,CAAC;AAClG,UAAM,KAAK,wBAAwB;AACnC,WAAO,KAAK,uCAAuC,IAAI;AAAA,EACzD;AAAA,EAEA,MAAM,qBAAoD;AACxD,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,0BAA0B,UAAU,CAAC,GAAG,YAAY,CAAC;AAC5F,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,4BAA4B,CAAC,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,oBAAoB,MAAyB,MAAsD;AACvG,UAAM,KAAK,WAAW,oBAAoB,MAAM,sCAAsC,IAAI,CAAC;AAC3F,UAAM,KAAK,0BAA0B,QAAQ,CAAC,CAAC;AAAA,EACjD;AAAA,EAEA,MAAM,mBAAmB,MAAyB;AAChD,UAAM,KAAK,WAAW,mBAAmB,IAAI;AAC7C,UAAM,KAAK,0BAA0B,QAAQ,CAAC,CAAC;AAAA,EACjD;AAAA,EAEA,MAAM,+BAA+B,MAA+E;AAClH,UAAM,OAAO,MAAM,KAAK,WAAW,+BAA+B,iDAAiD,IAAI,CAAC;AACxH,UAAM,KAAK,qCAAqC,QAAQ,CAAC,CAAC;AAC1D,WAAO,KAAK,wCAAwC,IAAI;AAAA,EAC1D;AAAA,EAEA,MAAM,+BAA+B,cAAsB,MAAkD;AAC3G,UAAM,KAAK,WAAW,+BAA+B,cAAc,iDAAiD,IAAI,CAAC;AACzH,UAAM,KAAK,qCAAqC,QAAQ,CAAC,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,+BAA+B,cAAqC;AACxE,UAAM,KAAK,WAAW,+BAA+B,YAAY;AACjE,UAAM,KAAK,qCAAqC,QAAQ,CAAC,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,gCAA0E;AAC9E,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,qCAAqC,UAAU,CAAC,GAAG,YAAY,CAAC;AACvG,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,wCAAwC,CAAC,CAAC;AAAA,EACxE;AAAA,EAGA,MAAM,kCAAkC,MAAsF;AAC5H,UAAM,OAAO,MAAM,KAAK,WAAW,kCAAkC,oDAAoD,IAAI,CAAC;AAC9H,UAAM,KAAK,wCAAwC,QAAQ,CAAC,CAAC;AAC7D,WAAO,KAAK,2CAA2C,IAAI;AAAA,EAC7D;AAAA,EAEA,MAAM,kCAAkC,cAAsB,MAAqD;AACjH,UAAM,KAAK,WAAW,kCAAkC,cAAc,oDAAoD,IAAI,CAAC;AAC/H,UAAM,KAAK,wCAAwC,QAAQ,CAAC,CAAC;AAAA,EAC/D;AAAA,EAEA,MAAM,kCAAkC,cAAqC;AAC3E,UAAM,KAAK,WAAW,kCAAkC,YAAY;AACpE,UAAM,KAAK,wCAAwC,QAAQ,CAAC,CAAC;AAAA,EAC/D;AAAA,EAEA,MAAM,mCAAgF;AACpF,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,wCAAwC,UAAU,CAAC,GAAG,YAAY,CAAC;AAC1G,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,2CAA2C,CAAC,CAAC;AAAA,EAC3E;AAAA,EAGA,MAAyB,kBAAkB;AACzC,UAAM,QAAQ,IAAI;AAAA,MAChB,MAAM,gBAAgB;AAAA,MACtB,KAAK,mBAAmB,QAAQ,CAAC,CAAC;AAAA,IACpC,CAAC;AAAA,EACH;AAAA,EAEA,MAAgB,0BAA0B;AACxC,UAAM,KAAK,sBAAsB,QAAQ,CAAC,CAAC;AAAA,EAC7C;AAAA,EAEA,KAAK,uBAAuB,IAAI;AAC9B,WAAO;AAAA,MACL,GAAG,MAAM,uBAAuB;AAAA,IAClC;AAAA,EACF;AAAA,EAEA,MAAM,cAAc,SAGqC;AACvD,UAAM,WAAW,MAAM,KAAK,WAAW,cAAc;AAAA,MACnD,iBAAiB,QAAQ;AAAA,MACzB,cAAc;AAAA,QACZ,GAAI,KAAK,QAAQ,aAAa,CAAC,QAAQ,QAAQ,YAAY,UAAU,CAAC;AAAA,QACtE,cAAc,QAAQ,YAAY;AAAA,QAClC,aAAa,QAAQ,YAAY;AAAA,MACnC;AAAA,IACF,CAAC;AAED,QAAI,SAAS,SAAS;AACpB,aAAO,OAAO,GAAG,MAAS;AAAA,IAC5B,OAAO;AACL,aAAO,OAAO,MAAM,EAAE,cAAc,SAAS,iBAAiB,SAAS,gCAAgC,EAAE,CAAC;AAAA,IAC5G;AAAA,EACF;AAAA,EAEA,MAAM,iBAA4C;AAChD,UAAM,WAAW,MAAM,KAAK,WAAW,eAAe;AACtD,WAAO,SAAS,MAAM,IAAI,CAAC,WAAW;AAAA,MACpC,IAAI,MAAM;AAAA,MACV,IAAI,MAAM,MAAM,CAAC;AAAA,MACjB,SAAS,MAAM;AAAA,MACf,WAAW,MAAM,KAAK,CAAC,KAAK;AAAA,MAC5B,QAAQ,IAAI,KAAK,MAAM,cAAc;AAAA,MACrC,OAAO,MAAM;AAAA,IACf,EAAE;AAAA,EACJ;AACF;","names":[]}
package/dist/esm/lib/stack-app/apps/implementations/client-app-impl.js CHANGED
@@ -16,6 +16,7 @@ import * as cookie from "cookie";
16
16
  import { constructRedirectUrl } from "../../../../utils/url";
17
17
  import { addNewOAuthProviderOrScope, callOAuthCallback, signInWithOAuth } from "../../../auth";
18
18
  import { createCookieHelper, createPlaceholderCookieHelper, deleteCookieClient, getCookieClient, setOrDeleteCookie, setOrDeleteCookieClient } from "../../../cookie";
19
+ import { apiKeyCreationOptionsToCrud } from "../../api-keys";
19
20
  import { stackAppInternalsSymbol } from "../../common";
20
21
  import { contactChannelCreateOptionsToCrud, contactChannelUpdateOptionsToCrud } from "../../contact-channels";
21
22
  import { adminProjectCreateOptionsToCrud } from "../../projects";
@@ -100,6 +101,18 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
100
101
  return await this._interface.listClientContactChannels(session);
101
102
  }
102
103
  );
104
+ this._userApiKeysCache = createCacheBySession(
105
+ async (session) => {
106
+ const results = await this._interface.listProjectApiKeys({ user_id: "me" }, session, "client");
107
+ return results;
108
+ }
109
+ );
110
+ this._teamApiKeysCache = createCacheBySession(
111
+ async (session, [teamId]) => {
112
+ const results = await this._interface.listProjectApiKeys({ team_id: teamId }, session, "client");
113
+ return results;
114
+ }
115
+ );
103
116
  this._anonymousSignUpInProgress = null;
104
117
  this._memoryTokenStore = createEmptyTokenStore();
105
118
  this._nextServerCookiesTokenStores = /* @__PURE__ */ new WeakMap();
@@ -410,6 +423,8 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
410
423
  passkeyEnabled: crud.config.passkey_enabled,
411
424
  clientTeamCreationEnabled: crud.config.client_team_creation_enabled,
412
425
  clientUserDeletionEnabled: crud.config.client_user_deletion_enabled,
426
+ allowTeamApiKeys: crud.config.allow_team_api_keys,
427
+ allowUserApiKeys: crud.config.allow_user_api_keys,
413
428
  oauthProviders: crud.config.enabled_oauth_providers.map((p) => ({
414
429
  id: p.id
415
430
  }))
@@ -441,6 +456,47 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
441
456
  }
442
457
  };
443
458
  }
459
+ _baseApiKeyFromCrud(crud) {
460
+ return {
461
+ id: crud.id,
462
+ description: crud.description,
463
+ expiresAt: crud.expires_at_millis ? new Date(crud.expires_at_millis) : void 0,
464
+ manuallyRevokedAt: crud.manually_revoked_at_millis ? new Date(crud.manually_revoked_at_millis) : null,
465
+ createdAt: new Date(crud.created_at_millis),
466
+ ...crud.type === "team" ? { type: "team", teamId: crud.team_id } : { type: "user", userId: crud.user_id },
467
+ value: typeof crud.value === "string" ? crud.value : {
468
+ lastFour: crud.value.last_four
469
+ },
470
+ isValid: function() {
471
+ return this.whyInvalid() === null;
472
+ },
473
+ whyInvalid: function() {
474
+ if (this.manuallyRevokedAt) {
475
+ return "manually-revoked";
476
+ }
477
+ if (this.expiresAt && this.expiresAt < /* @__PURE__ */ new Date()) {
478
+ return "expired";
479
+ }
480
+ return null;
481
+ }
482
+ };
483
+ }
484
+ _clientApiKeyFromCrud(session, crud) {
485
+ return {
486
+ ...this._baseApiKeyFromCrud(crud),
487
+ async revoke() {
488
+ await this.update({ revoked: true });
489
+ },
490
+ update: async (options) => {
491
+ await this._interface.updateProjectApiKey(crud.type === "team" ? { team_id: crud.team_id } : { user_id: crud.user_id }, crud.id, options, session, "client");
492
+ if (crud.type === "team") {
493
+ await this._teamApiKeysCache.refresh([session, crud.team_id]);
494
+ } else {
495
+ await this._userApiKeysCache.refresh([session]);
496
+ }
497
+ }
498
+ };
499
+ }
444
500
  _clientTeamFromCrud(crud, session) {
445
501
  const app = this;
446
502
  return {
@@ -450,14 +506,11 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
450
506
  clientMetadata: crud.client_metadata,
451
507
  clientReadOnlyMetadata: crud.client_read_only_metadata,
452
508
  async inviteUser(options) {
453
- if (!options.callbackUrl && !await app._getCurrentUrl()) {
454
- throw new Error("Cannot invite user without a callback URL from the server or without a redirect method. Make sure you pass the `callbackUrl` option: `inviteUser({ email, callbackUrl: ... })`");
455
- }
456
509
  await app._interface.sendTeamInvitation({
457
510
  teamId: crud.id,
458
511
  email: options.email,
459
512
  session,
460
- callbackUrl: options.callbackUrl ?? constructRedirectUrl(app.urls.teamInvitation)
513
+ callbackUrl: options.callbackUrl ?? constructRedirectUrl(app.urls.teamInvitation, "callbackUrl")
461
514
  });
462
515
  await app._teamInvitationsCache.refresh([session, crud.id]);
463
516
  },
@@ -476,6 +529,19 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
476
529
  async delete() {
477
530
  await app._interface.deleteTeam(crud.id, session);
478
531
  await app._currentUserTeamsCache.refresh([session]);
532
+ },
533
+ async listApiKeys() {
534
+ const results = Result.orThrow(await app._teamApiKeysCache.getOrWait([session, crud.id], "write-only"));
535
+ return results.map((crud2) => app._clientApiKeyFromCrud(session, crud2));
536
+ },
537
+ async createApiKey(options) {
538
+ const result = await app._interface.createProjectApiKey(
539
+ await apiKeyCreationOptionsToCrud("team", crud.id, options),
540
+ session,
541
+ "client"
542
+ );
543
+ await app._teamApiKeysCache.refresh([session, crud.id]);
544
+ return app._clientApiKeyFromCrud(session, result);
479
545
  }
480
546
  };
481
547
  }
@@ -488,8 +554,12 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
488
554
  isVerified: crud.is_verified,
489
555
  isPrimary: crud.is_primary,
490
556
  usedForAuth: crud.used_for_auth,
491
- async sendVerificationEmail() {
492
- await app._interface.sendCurrentUserContactChannelVerificationEmail(crud.id, constructRedirectUrl(app.urls.emailVerification), session);
557
+ async sendVerificationEmail(options) {
558
+ await app._interface.sendCurrentUserContactChannelVerificationEmail(
559
+ crud.id,
560
+ options?.callbackUrl || constructRedirectUrl(app.urls.emailVerification, "callbackUrl"),
561
+ session
562
+ );
493
563
  },
494
564
  async update(data) {
495
565
  await app._interface.updateClientContactChannel(crud.id, contactChannelUpdateOptionsToCrud(data), session);
@@ -591,6 +661,7 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
591
661
  oauthProviders: crud.oauth_providers,
592
662
  passkeyAuthEnabled: crud.passkey_auth_enabled,
593
663
  isMultiFactorRequired: crud.requires_totp_mfa,
664
+ isAnonymous: crud.is_anonymous,
594
665
  toClientJson() {
595
666
  return crud;
596
667
  }
@@ -677,10 +748,11 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
677
748
  if (!crud.primary_email) {
678
749
  throw new StackAssertionError("User does not have a primary email");
679
750
  }
680
- if (!options?.callbackUrl && !await app._getCurrentUrl()) {
681
- throw new Error("Cannot send verification email without a callback URL from the server or without a redirect method. Make sure you pass the `callbackUrl` option: `sendVerificationEmail({ callbackUrl: ... })`");
682
- }
683
- return await app._interface.sendVerificationEmail(crud.primary_email, options?.callbackUrl ?? constructRedirectUrl(app.urls.emailVerification), session);
751
+ return await app._interface.sendVerificationEmail(
752
+ crud.primary_email,
753
+ options?.callbackUrl ?? constructRedirectUrl(app.urls.emailVerification, "callbackUrl"),
754
+ session
755
+ );
684
756
  },
685
757
  async updatePassword(options) {
686
758
  const result = await app._interface.updatePassword(options, session);
@@ -709,6 +781,19 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
709
781
  const crud2 = await app._interface.createClientContactChannel(contactChannelCreateOptionsToCrud("me", data), session);
710
782
  await app._clientContactChannelsCache.refresh([session]);
711
783
  return app._clientContactChannelFromCrud(crud2, session);
784
+ },
785
+ async listApiKeys() {
786
+ const results = await app._interface.listProjectApiKeys({ user_id: "me" }, session, "client");
787
+ return results.map((crud2) => app._clientApiKeyFromCrud(session, crud2));
788
+ },
789
+ async createApiKey(options) {
790
+ const result = await app._interface.createProjectApiKey(
791
+ await apiKeyCreationOptionsToCrud("user", "me", options),
792
+ session,
793
+ "client"
794
+ );
795
+ await app._userApiKeysCache.refresh([session]);
796
+ return app._clientApiKeyFromCrud(session, result);
712
797
  }
713
798
  };
714
799
  }
@@ -874,16 +959,10 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
874
959
  return await this._redirectToHandler("teamInvitation", options);
875
960
  }
876
961
  async sendForgotPasswordEmail(email, options) {
877
- if (!options?.callbackUrl && !await this._getCurrentUrl()) {
878
- throw new Error("Cannot send forgot password email without a callback URL from the server or without a redirect method. Make sure you pass the `callbackUrl` option: `sendForgotPasswordEmail({ email, callbackUrl: ... })`");
879
- }
880
- return await this._interface.sendForgotPasswordEmail(email, options?.callbackUrl ?? constructRedirectUrl(this.urls.passwordReset));
962
+ return await this._interface.sendForgotPasswordEmail(email, options?.callbackUrl ?? constructRedirectUrl(this.urls.passwordReset, "callbackUrl"));
881
963
  }
882
964
  async sendMagicLinkEmail(email, options) {
883
- if (!options?.callbackUrl && !await this._getCurrentUrl()) {
884
- throw new Error("Cannot send magic link email without a callback URL from the server or without a redirect method. Make sure you pass the `callbackUrl` option: `sendMagicLinkEmail({ email, callbackUrl: ... })`");
885
- }
886
- return await this._interface.sendMagicLinkEmail(email, options?.callbackUrl ?? constructRedirectUrl(this.urls.magicLinkCallback));
965
+ return await this._interface.sendMagicLinkEmail(email, options?.callbackUrl ?? constructRedirectUrl(this.urls.magicLinkCallback, "callbackUrl"));
887
966
  }
888
967
  async resetPassword(options) {
889
968
  return await this._interface.resetPassword(options);
@@ -1033,7 +1112,7 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
1033
1112
  async signUpWithCredential(options) {
1034
1113
  this._ensurePersistentTokenStore();
1035
1114
  const session = await this._getSession();
1036
- const emailVerificationRedirectUrl = options.verificationCallbackUrl ?? constructRedirectUrl(this.urls.emailVerification);
1115
+ const emailVerificationRedirectUrl = options.verificationCallbackUrl ?? constructRedirectUrl(this.urls.emailVerification, "verificationCallbackUrl");
1037
1116
  const result = await this._interface.signUpWithCredential(
1038
1117
  options.email,
1039
1118
  options.password,