@stackframe/stack-shared 2.5.3 → 2.5.5

package/dist/interface/crud-deprecated/users.js

@@ -0,0 +1,75 @@
+import { createCrud } from "../../crud";
+import * as fieldSchema from "../../schema-fields";
+export const usersCrudServerUpdateSchema = fieldSchema.yupObject({
+    display_name: fieldSchema.userDisplayNameSchema.optional(),
+    profile_image_url: fieldSchema.profileImageUrlSchema.optional(),
+    client_metadata: fieldSchema.userClientMetadataSchema.optional(),
+    server_metadata: fieldSchema.userServerMetadataSchema.optional(),
+    primary_email: fieldSchema.primaryEmailSchema.nullable().optional(),
+    primary_email_verified: fieldSchema.primaryEmailVerifiedSchema.optional(),
+    primary_email_auth_enabled: fieldSchema.yupBoolean().optional().meta({ openapiField: { description: "Whether the primary email can be used to sign into this user's account", exampleValue: true } }),
+    password: fieldSchema.yupString().nullable().meta({ openapiField: { description: 'A new password for the user, overwriting the old one (if it exists).', exampleValue: 'password' } }),
+    selected_team_id: fieldSchema.selectedTeamIdSchema.nullable().optional(),
+}).required();
+export const usersCrudServerReadSchema = fieldSchema.yupObject({
+    project_id: fieldSchema.projectIdSchema.required(),
+    id: fieldSchema.userIdSchema.required(),
+    primary_email: fieldSchema.primaryEmailSchema.nullable().defined(),
+    primary_email_verified: fieldSchema.primaryEmailVerifiedSchema.required(),
+    display_name: fieldSchema.userDisplayNameSchema.nullable().defined(),
+    // TODO give this one the type of an actual team
+    selected_team: fieldSchema.yupMixed().nullable().defined(),
+    selected_team_id: fieldSchema.selectedTeamIdSchema.nullable().defined(),
+    profile_image_url: fieldSchema.profileImageUrlSchema.nullable().defined(),
+    signed_up_at_millis: fieldSchema.signedUpAtMillisSchema.required(),
+    has_password: fieldSchema.yupBoolean().required().meta({ openapiField: { description: 'Whether the user has a password associated with their account', exampleValue: true } }),
+    auth_with_email: fieldSchema.yupBoolean().required().meta({ openapiField: { description: 'Whether the user can authenticate with their primary e-mail. If set to true, the user can log-in with credentials and/or magic link, if enabled in the project settings.', exampleValue: true } }),
+    oauth_providers: fieldSchema.yupArray(fieldSchema.yupObject({
+        provider_id: fieldSchema.yupString().required(),
+        account_id: fieldSchema.yupString().required(),
+        email: fieldSchema.yupString().nullable(),
+    }).required()).required().meta({ openapiField: { description: 'A list of OAuth providers connected to this account', exampleValue: ['google', 'github'] } }),
+    client_metadata: fieldSchema.userClientMetadataSchema,
+    server_metadata: fieldSchema.userServerMetadataSchema,
+}).required();
+export const usersCrudServerCreateSchema = usersCrudServerUpdateSchema.concat(fieldSchema.yupObject({
+    oauth_providers: fieldSchema.yupArray(fieldSchema.yupObject({
+        provider_id: fieldSchema.yupString().required(),
+        account_id: fieldSchema.yupString().required(),
+        email: fieldSchema.yupString().nullable().defined().default(null),
+    }).required()).optional(),
+}).required());
+export const usersCrudServerDeleteSchema = fieldSchema.yupMixed();
+export const usersCrud = createCrud({
+    serverReadSchema: usersCrudServerReadSchema,
+    serverUpdateSchema: usersCrudServerUpdateSchema,
+    serverCreateSchema: usersCrudServerCreateSchema,
+    serverDeleteSchema: usersCrudServerDeleteSchema,
+    docs: {
+        serverCreate: {
+            tags: ["Users"],
+            summary: 'Create user',
+            description: 'Creates a new user. E-mail authentication is always enabled, and no password is set, meaning the only way to authenticate the newly created user is through magic link.',
+        },
+        serverRead: {
+            tags: ["Users"],
+            summary: 'Get user',
+            description: 'Gets a user by user ID.',
+        },
+        serverUpdate: {
+            tags: ["Users"],
+            summary: 'Update user',
+            description: 'Updates a user. Only the values provided will be updated.',
+        },
+        serverDelete: {
+            tags: ["Users"],
+            summary: 'Delete user',
+            description: 'Deletes a user. Use this with caution.',
+        },
+        serverList: {
+            tags: ["Users"],
+            summary: 'List users',
+            description: 'Lists all the users in the project.',
+        },
+    },
+});

package/dist/interface/serverInterface.d.ts

@@ -1,87 +1,60 @@
-import { ClientInterfaceOptions, UserJson, StackClientInterface, OrglikeJson, UserUpdateJson, PermissionDefinitionJson, PermissionDefinitionScopeJson as PermissionDefinitionScopeJson, TeamMemberJson } from "./clientInterface";
+import { KnownErrors } from "../known-errors";
+import { AccessToken, InternalSession, RefreshToken } from "../sessions";
 import { Result } from "../utils/results";
-import { ReadonlyJson } from "../utils/json";
-import { EmailTemplateCrud, ListEmailTemplatesCrud } from "./crud/email-templates";
-import { InternalSession } from "../sessions";
-export type ServerUserJson = UserJson & {
-    serverMetadata: ReadonlyJson;
-};
-export type ServerUserUpdateJson = UserUpdateJson & {
-    serverMetadata?: ReadonlyJson;
-    primaryEmail?: string | null;
-    primaryEmailVerified?: boolean;
-};
-export type ServerOrglikeCustomizableJson = Pick<ServerOrglikeJson, "displayName" | "profileImageUrl">;
-export type ServerOrglikeJson = OrglikeJson & {};
-export type ServerTeamCustomizableJson = ServerOrglikeCustomizableJson;
-export type ServerTeamJson = ServerOrglikeJson;
-export type ServerTeamMemberJson = TeamMemberJson & {
-    user: ServerUserJson;
-};
-export type ServerPermissionDefinitionCustomizableJson = {
-    readonly id: string;
-    readonly description?: string;
-    readonly scope: PermissionDefinitionScopeJson;
-    readonly containPermissionIds: string[];
-};
-export type ServerPermissionDefinitionJson = PermissionDefinitionJson & ServerPermissionDefinitionCustomizableJson & {
-    readonly __databaseUniqueId: string;
-    readonly scope: PermissionDefinitionScopeJson;
-};
+import { ClientInterfaceOptions, StackClientInterface } from "./clientInterface";
+import { CurrentUserCrud } from "./crud/current-user";
+import { TeamMembershipsCrud } from "./crud/team-memberships";
+import { TeamPermissionsCrud } from "./crud/team-permissions";
+import { TeamsCrud } from "./crud/teams";
+import { UsersCrud } from "./crud/users";
 export type ServerAuthApplicationOptions = (ClientInterfaceOptions & ({
     readonly secretServerKey: string;
 } | {
     readonly projectOwnerSession: InternalSession;
 }));
-export declare const emailTemplateTypes: readonly ["EMAIL_VERIFICATION", "PASSWORD_RESET", "MAGIC_LINK"];
-export type EmailTemplateType = typeof emailTemplateTypes[number];
 export declare class StackServerInterface extends StackClientInterface {
     options: ServerAuthApplicationOptions;
     constructor(options: ServerAuthApplicationOptions);
     protected sendServerRequest(path: string, options: RequestInit, session: InternalSession | null, requestType?: "server" | "admin"): Promise<Response & {
         usedTokens: {
-            accessToken: import("../sessions").AccessToken;
-            refreshToken: import("../sessions").RefreshToken | null;
+            accessToken: AccessToken;
+            refreshToken: RefreshToken | null;
         } | null;
     }>;
-    getServerUserByToken(session: InternalSession): Promise<Result<ServerUserJson>>;
-    getServerUserById(userId: string): Promise<Result<ServerUserJson>>;
-    listServerUserTeamPermissions(options: {
+    protected sendServerRequestAndCatchKnownError<E extends typeof KnownErrors[keyof KnownErrors]>(path: string, requestOptions: RequestInit, tokenStoreOrNull: InternalSession | null, errorsToCatch: readonly E[]): Promise<Result<Response & {
+        usedTokens: {
+            accessToken: AccessToken;
+            refreshToken: RefreshToken | null;
+        } | null;
+    }, InstanceType<E>>>;
+    getServerUserByToken(session: InternalSession): Promise<CurrentUserCrud['Server']['Read'] | null>;
+    getServerUserById(userId: string): Promise<Result<UsersCrud['Server']['Read']>>;
+    listServerCurrentUserTeamPermissions(options: {
         teamId: string;
-        type: 'global' | 'team';
-        direct: boolean;
-    }, session: InternalSession): Promise<ServerPermissionDefinitionJson[]>;
-    listServerUserTeams(session: InternalSession): Promise<ServerTeamJson[]>;
-    listPermissionDefinitions(): Promise<ServerPermissionDefinitionJson[]>;
-    createPermissionDefinition(data: ServerPermissionDefinitionCustomizableJson): Promise<ServerPermissionDefinitionJson>;
-    updatePermissionDefinition(permissionId: string, data: Partial<ServerPermissionDefinitionCustomizableJson>): Promise<void>;
-    deletePermissionDefinition(permissionId: string): Promise<void>;
-    listServerUsers(): Promise<ServerUserJson[]>;
-    listServerTeams(): Promise<ServerTeamJson[]>;
-    listServerTeamMembers(teamId: string): Promise<ServerTeamMemberJson[]>;
-    createServerTeam(data: ServerTeamCustomizableJson): Promise<ServerTeamJson>;
-    updateServerTeam(teamId: string, data: Partial<ServerTeamCustomizableJson>): Promise<void>;
+        recursive: boolean;
+    }, session: InternalSession): Promise<TeamPermissionsCrud['Server']['Read'][]>;
+    listServerCurrentUserTeams(session: InternalSession): Promise<TeamsCrud['Server']['Read'][]>;
+    listServerUsers(): Promise<UsersCrud['Server']['Read'][]>;
+    listServerTeams(): Promise<TeamsCrud['Server']['Read'][]>;
+    listServerTeamUsers(teamId: string): Promise<UsersCrud['Server']['Read'][]>;
+    createServerTeam(data: TeamsCrud['Server']['Create'], session?: InternalSession): Promise<TeamsCrud['Server']['Read']>;
+    updateServerTeam(teamId: string, data: TeamsCrud['Server']['Update']): Promise<TeamsCrud['Server']['Read']>;
     deleteServerTeam(teamId: string): Promise<void>;
     addServerUserToTeam(options: {
         userId: string;
         teamId: string;
-    }): Promise<void>;
+    }): Promise<TeamMembershipsCrud['Server']['Read']>;
     removeServerUserFromTeam(options: {
         userId: string;
         teamId: string;
     }): Promise<void>;
-    setServerUserCustomizableData(userId: string, update: ServerUserUpdateJson): Promise<void>;
+    updateServerUser(userId: string, update: UsersCrud['Server']['Update']): Promise<UsersCrud['Server']['Read']>;
     listServerTeamMemberPermissions(options: {
         teamId: string;
         userId: string;
-        type: 'global' | 'team';
-        direct: boolean;
-    }): Promise<ServerPermissionDefinitionJson[]>;
-    grantServerTeamUserPermission(teamId: string, userId: string, permissionId: string, type: 'global' | 'team'): Promise<void>;
-    revokeServerTeamUserPermission(teamId: string, userId: string, permissionId: string, type: 'global' | 'team'): Promise<void>;
+        recursive: boolean;
+    }): Promise<TeamPermissionsCrud['Server']['Read'][]>;
+    grantServerTeamUserPermission(teamId: string, userId: string, permissionId: string): Promise<void>;
+    revokeServerTeamUserPermission(teamId: string, userId: string, permissionId: string): Promise<void>;
     deleteServerServerUser(userId: string): Promise<void>;
-    listEmailTemplates(): Promise<ListEmailTemplatesCrud['Server']['Read']>;
-    updateEmailTemplate(type: EmailTemplateType, data: EmailTemplateCrud['Server']['Update']): Promise<void>;
-    resetEmailTemplate(type: EmailTemplateType): Promise<void>;
-    createServerTeamForUser(userId: string, data: ServerTeamCustomizableJson, session: InternalSession): Promise<ServerTeamJson>;
 }

package/dist/interface/serverInterface.js

@@ -1,6 +1,7 @@
-import { StackClientInterface, } from "./clientInterface";
+import { KnownErrors } from "../known-errors";
+import { StackAssertionError } from "../utils/errors";
 import { Result } from "../utils/results";
-export const emailTemplateTypes = ['EMAIL_VERIFICATION', 'PASSWORD_RESET', 'MAGIC_LINK'];
+import { StackClientInterface } from "./clientInterface";
 export class StackServerInterface extends StackClientInterface {
     constructor(options) {
         super(options);
@@ -15,107 +16,103 @@ export class StackServerInterface extends StackClientInterface {
             },
         }, session, requestType);
     }
+    async sendServerRequestAndCatchKnownError(path, requestOptions, tokenStoreOrNull, errorsToCatch) {
+        try {
+            return Result.ok(await this.sendServerRequest(path, requestOptions, tokenStoreOrNull));
+        }
+        catch (e) {
+            for (const errorType of errorsToCatch) {
+                if (e instanceof errorType) {
+                    return Result.error(e);
+                }
+            }
+            throw e;
+        }
+    }
     async getServerUserByToken(session) {
-        const response = await this.sendServerRequest("/current-user?server=true", {}, session);
+        const responseOrError = await this.sendServerRequestAndCatchKnownError("/users/me", {}, session, [KnownErrors.CannotGetOwnUserWithoutUser]);
+        if (responseOrError.status === "error") {
+            if (responseOrError.error instanceof KnownErrors.CannotGetOwnUserWithoutUser) {
+                return null;
+            }
+            else {
+                throw new StackAssertionError("Unexpected uncaught error", { cause: responseOrError.error });
+            }
+        }
+        const response = responseOrError.data;
         const user = await response.json();
         if (!user)
-            return Result.error(new Error("Failed to get user"));
-        return Result.ok(user);
+            throw new StackAssertionError("User endpoint returned null; this should never happen");
+        return user;
     }
     async getServerUserById(userId) {
-        const response = await this.sendServerRequest(`/users/${userId}?server=true`, {}, null);
+        const response = await this.sendServerRequest(`/users/${userId}`, {}, null);
         const user = await response.json();
         if (!user)
             return Result.error(new Error("Failed to get user"));
         return Result.ok(user);
     }
-    async listServerUserTeamPermissions(options, session) {
-        const response = await this.sendServerRequest(`/current-user/teams/${options.teamId}/permissions?type=${options.type}&direct=${options.direct}&server=true`, {}, session);
-        const permissions = await response.json();
-        return permissions;
-    }
-    async listServerUserTeams(session) {
-        const response = await this.sendServerRequest("/current-user/teams?server=true", {}, session);
-        const teams = await response.json();
-        return teams;
-    }
-    async listPermissionDefinitions() {
-        const response = await this.sendServerRequest(`/permission-definitions?server=true`, {}, null);
-        return await response.json();
-    }
-    async createPermissionDefinition(data) {
-        const response = await this.sendServerRequest("/permission-definitions?server=true", {
-            method: "POST",
-            headers: {
-                "content-type": "application/json",
-            },
-            body: JSON.stringify({
-                ...data,
-                scope: {
-                    type: "any-team",
-                }
-            }),
-        }, null);
-        return await response.json();
-    }
-    async updatePermissionDefinition(permissionId, data) {
-        await this.sendServerRequest(`/permission-definitions/${permissionId}?server=true`, {
-            method: "PUT",
-            headers: {
-                "content-type": "application/json",
-            },
-            body: JSON.stringify(data),
-        }, null);
+    async listServerCurrentUserTeamPermissions(options, session) {
+        const response = await this.sendServerRequest(`/team-permissions?team_id=${options.teamId}&user_id=me&recursive=${options.recursive}`, {}, session);
+        const result = await response.json();
+        return result.items;
     }
-    async deletePermissionDefinition(permissionId) {
-        await this.sendServerRequest(`/permission-definitions/${permissionId}?server=true`, { method: "DELETE" }, null);
+    async listServerCurrentUserTeams(session) {
+        const response = await this.sendServerRequest("/teams?user_id=me", {}, session);
+        const result = await response.json();
+        return result.items;
     }
     async listServerUsers() {
-        const response = await this.sendServerRequest("/users?server=true", {}, null);
-        return await response.json();
+        const response = await this.sendServerRequest("/users", {}, null);
+        const result = await response.json();
+        return result.items;
     }
     async listServerTeams() {
-        const response = await this.sendServerRequest("/teams?server=true", {}, null);
-        const json = await response.json();
-        return json;
-    }
-    async listServerTeamMembers(teamId) {
-        const response = await this.sendServerRequest(`/teams/${teamId}/users?server=true`, {}, null);
-        return await response.json();
-    }
-    async createServerTeam(data) {
-        const response = await this.sendServerRequest("/teams?server=true", {
+        const response = await this.sendServerRequest("/teams", {}, null);
+        const result = await response.json();
+        return result.items;
+    }
+    async listServerTeamUsers(teamId) {
+        const response = await this.sendServerRequest(`/users?team_id=${teamId}`, {}, null);
+        const result = await response.json();
+        return result.items;
+    }
+    /* when passing a session, the user will be added to the team */
+    async createServerTeam(data, session) {
+        const response = await this.sendServerRequest("/teams", {
             method: "POST",
             headers: {
                 "content-type": "application/json",
             },
             body: JSON.stringify(data),
-        }, null);
+        }, session || null);
         return await response.json();
     }
     async updateServerTeam(teamId, data) {
-        await this.sendServerRequest(`/teams/${teamId}?server=true`, {
-            method: "PUT",
+        const response = await this.sendServerRequest(`/teams/${teamId}`, {
+            method: "PATCH",
             headers: {
                 "content-type": "application/json",
             },
             body: JSON.stringify(data),
         }, null);
+        return await response.json();
     }
     async deleteServerTeam(teamId) {
-        await this.sendServerRequest(`/teams/${teamId}?server=true`, { method: "DELETE" }, null);
+        await this.sendServerRequest(`/teams/${teamId}`, { method: "DELETE" }, null);
     }
     async addServerUserToTeam(options) {
-        await this.sendServerRequest(`/teams/${options.teamId}/users/${options.userId}?server=true`, {
+        const response = await this.sendServerRequest(`/team-memberships/${options.teamId}/${options.userId}`, {
             method: "POST",
             headers: {
                 "content-type": "application/json",
             },
             body: JSON.stringify({}),
         }, null);
+        return await response.json();
     }
     async removeServerUserFromTeam(options) {
-        await this.sendServerRequest(`/teams/${options.teamId}/users/${options.userId}?server=true`, {
+        await this.sendServerRequest(`/team-memberships/${options.teamId}/${options.userId}`, {
             method: "DELETE",
             headers: {
                 "content-type": "application/json",
@@ -123,39 +120,41 @@ export class StackServerInterface extends StackClientInterface {
             body: JSON.stringify({}),
         }, null);
     }
-    async setServerUserCustomizableData(userId, update) {
-        await this.sendServerRequest(`/users/${userId}?server=true`, {
-            method: "PUT",
+    async updateServerUser(userId, update) {
+        const response = await this.sendServerRequest(`/users/${userId}`, {
+            method: "PATCH",
             headers: {
                 "content-type": "application/json",
             },
             body: JSON.stringify(update),
         }, null);
+        return await response.json();
     }
     async listServerTeamMemberPermissions(options) {
-        const response = await this.sendServerRequest(`/teams/${options.teamId}/users/${options.userId}/permissions?server=true&type=${options.type}&direct=${options.direct}`, {}, null);
-        return await response.json();
+        const response = await this.sendServerRequest(`/team-permissions?team_id=${options.teamId}&user_id=${options.userId}&recursive=${options.recursive}`, {}, null);
+        const result = await response.json();
+        return result.items;
     }
-    async grantServerTeamUserPermission(teamId, userId, permissionId, type) {
-        await this.sendServerRequest(`/teams/${teamId}/users/${userId}/permissions/${permissionId}?server=true`, {
+    async grantServerTeamUserPermission(teamId, userId, permissionId) {
+        await this.sendServerRequest(`/team-permissions/${teamId}/${userId}/${permissionId}`, {
             method: "POST",
             headers: {
                 "content-type": "application/json",
             },
-            body: JSON.stringify({ type }),
+            body: JSON.stringify({}),
         }, null);
     }
-    async revokeServerTeamUserPermission(teamId, userId, permissionId, type) {
-        await this.sendServerRequest(`/teams/${teamId}/users/${userId}/permissions/${permissionId}?server=true`, {
+    async revokeServerTeamUserPermission(teamId, userId, permissionId) {
+        await this.sendServerRequest(`/team-permissions/${teamId}/${userId}/${permissionId}`, {
             method: "DELETE",
             headers: {
                 "content-type": "application/json",
             },
-            body: JSON.stringify({ type }),
+            body: JSON.stringify({}),
         }, null);
     }
     async deleteServerServerUser(userId) {
-        await this.sendServerRequest(`/users/${userId}?server=true`, {
+        await this.sendServerRequest(`/users/${userId}`, {
             method: "DELETE",
             headers: {
                 "content-type": "application/json",
@@ -163,30 +162,4 @@ export class StackServerInterface extends StackClientInterface {
             body: JSON.stringify({}),
         }, null);
     }
-    async listEmailTemplates() {
-        const response = await this.sendServerRequest(`/email-templates?server=true`, {}, null);
-        return await response.json();
-    }
-    async updateEmailTemplate(type, data) {
-        await this.sendServerRequest(`/email-templates/${type}?server=true`, {
-            method: "PUT",
-            headers: {
-                "content-type": "application/json",
-            },
-            body: JSON.stringify(data),
-        }, null);
-    }
-    async resetEmailTemplate(type) {
-        await this.sendServerRequest(`/email-templates/${type}?server=true`, { method: "DELETE" }, null);
-    }
-    async createServerTeamForUser(userId, data, session) {
-        const response = await this.sendClientRequest(`/users/${userId}/teams?server=true`, {
-            method: "POST",
-            headers: {
-                "content-type": "application/json",
-            },
-            body: JSON.stringify(data),
-        }, session);
-        return await response.json();
-    }
 }

package/dist/known-errors.d.ts

@@ -1,4 +1,3 @@
-import { PermissionDefinitionScopeJson } from "./interface/clientInterface";
 import { StatusError } from "./utils/errors";
 import { Json } from "./utils/json";
 export type KnownErrorJson = {
@@ -24,6 +23,7 @@ export declare abstract class KnownError extends StatusError {
     constructor(statusCode: number, humanReadableMessage: string, details?: Json | undefined);
     getBody(): Uint8Array;
     getHeaders(): Record<string, string[]>;
+    toDescriptiveJson(): Json;
     get errorCode(): string;
     static constructorArgsFromJson(json: KnownErrorJson): ConstructorParameters<typeof KnownError>;
     static fromJson(json: KnownErrorJson): KnownError;
@@ -49,10 +49,10 @@ export declare const KnownErrors: {
     UnsupportedError: KnownErrorConstructor<KnownError & KnownErrorBrand<"UNSUPPORTED_ERROR">, [originalErrorCode: string]> & {
         errorCode: "UNSUPPORTED_ERROR";
     };
-    BodyParsingError: KnownErrorConstructor<KnownError & KnownErrorBrand<"BODY_PARSING_ERROR">, [string]> & {
+    BodyParsingError: KnownErrorConstructor<KnownError & KnownErrorBrand<"BODY_PARSING_ERROR">, [message: string]> & {
         errorCode: "BODY_PARSING_ERROR";
     };
-    SchemaError: KnownErrorConstructor<KnownError & KnownErrorBrand<"SCHEMA_ERROR">, [string]> & {
+    SchemaError: KnownErrorConstructor<KnownError & KnownErrorBrand<"SCHEMA_ERROR">, [message: string]> & {
         errorCode: "SCHEMA_ERROR";
     };
     AllOverloadsFailed: KnownErrorConstructor<KnownError & KnownErrorBrand<"ALL_OVERLOADS_FAILED">, [overloadErrors: Json[]]> & {
@@ -88,12 +88,12 @@ export declare const KnownErrors: {
     };
     InvalidAccessType: KnownErrorConstructor<KnownError & KnownErrorBrand<"PROJECT_AUTHENTICATION_ERROR"> & {
         constructorArgs: [statusCode: number, humanReadableMessage: string, details?: Json | undefined];
-    } & KnownErrorBrand<"INVALID_PROJECT_AUTHENTICATION"> & KnownErrorBrand<"INVALID_ACCESS_TYPE">, [requestType: string]> & {
+    } & KnownErrorBrand<"INVALID_PROJECT_AUTHENTICATION"> & KnownErrorBrand<"INVALID_ACCESS_TYPE">, [accessType: string]> & {
         errorCode: "INVALID_ACCESS_TYPE";
     };
     AccessTypeWithoutProjectId: KnownErrorConstructor<KnownError & KnownErrorBrand<"PROJECT_AUTHENTICATION_ERROR"> & {
         constructorArgs: [statusCode: number, humanReadableMessage: string, details?: Json | undefined];
-    } & KnownErrorBrand<"INVALID_PROJECT_AUTHENTICATION"> & KnownErrorBrand<"ACCESS_TYPE_WITHOUT_PROJECT_ID">, [requestType: "client" | "server" | "admin"]> & {
+    } & KnownErrorBrand<"INVALID_PROJECT_AUTHENTICATION"> & KnownErrorBrand<"ACCESS_TYPE_WITHOUT_PROJECT_ID">, [accessType: "client" | "server" | "admin"]> & {
         errorCode: "ACCESS_TYPE_WITHOUT_PROJECT_ID";
     };
     AccessTypeRequired: KnownErrorConstructor<KnownError & KnownErrorBrand<"PROJECT_AUTHENTICATION_ERROR"> & {
@@ -217,28 +217,18 @@ export declare const KnownErrors: {
     } & KnownErrorBrand<"INVALID_SESSION_AUTHENTICATION"> & KnownErrorBrand<"INVALID_ACCESS_TOKEN"> & KnownErrorBrand<"INVALID_PROJECT_FOR_ACCESS_TOKEN">, []> & {
         errorCode: "INVALID_PROJECT_FOR_ACCESS_TOKEN";
     };
-    SessionUserEmailNotVerified: KnownErrorConstructor<KnownError & KnownErrorBrand<"SESSION_AUTHENTICATION_ERROR"> & {
-        constructorArgs: [statusCode: number, humanReadableMessage: string, details?: Json | undefined];
-    } & KnownErrorBrand<"INVALID_SESSION_AUTHENTICATION"> & KnownErrorBrand<"SESSION_USER_EMAIL_NOT_VERIFIED">, []> & {
-        errorCode: "SESSION_USER_EMAIL_NOT_VERIFIED";
-    };
-    SessionAuthenticationRequired: KnownErrorConstructor<KnownError & KnownErrorBrand<"SESSION_AUTHENTICATION_ERROR"> & {
-        constructorArgs: [statusCode: number, humanReadableMessage: string, details?: Json | undefined];
-    } & KnownErrorBrand<"SESSION_AUTHENTICATION_REQUIRED">, []> & {
-        errorCode: "SESSION_AUTHENTICATION_REQUIRED";
-    };
-    RefreshTokenError: KnownErrorConstructor<KnownError & KnownErrorBrand<"INVALID_REFRESH_TOKEN">, [statusCode: number, humanReadableMessage: string, details?: Json | undefined]> & {
-        errorCode: "INVALID_REFRESH_TOKEN";
+    RefreshTokenError: KnownErrorConstructor<KnownError & KnownErrorBrand<"REFRESH_TOKEN_ERROR">, [statusCode: number, humanReadableMessage: string, details?: Json | undefined]> & {
+        errorCode: "REFRESH_TOKEN_ERROR";
     };
-    ProviderRejected: KnownErrorConstructor<KnownError & KnownErrorBrand<"INVALID_REFRESH_TOKEN"> & {
+    ProviderRejected: KnownErrorConstructor<KnownError & KnownErrorBrand<"REFRESH_TOKEN_ERROR"> & {
         constructorArgs: [statusCode: number, humanReadableMessage: string, details?: Json | undefined];
     } & KnownErrorBrand<"PROVIDER_REJECTED">, []> & {
         errorCode: "PROVIDER_REJECTED";
     };
-    InvalidRefreshToken: KnownErrorConstructor<KnownError & KnownErrorBrand<"INVALID_REFRESH_TOKEN"> & {
+    RefreshTokenNotFoundOrExpired: KnownErrorConstructor<KnownError & KnownErrorBrand<"REFRESH_TOKEN_ERROR"> & {
         constructorArgs: [statusCode: number, humanReadableMessage: string, details?: Json | undefined];
-    } & KnownErrorBrand<"REFRESH_TOKEN_EXPIRED">, []> & {
-        errorCode: "REFRESH_TOKEN_EXPIRED";
+    } & KnownErrorBrand<"REFRESH_TOKEN_NOT_FOUND_OR_EXPIRED">, []> & {
+        errorCode: "REFRESH_TOKEN_NOT_FOUND_OR_EXPIRED";
     };
     UserEmailAlreadyExists: KnownErrorConstructor<KnownError & KnownErrorBrand<"USER_EMAIL_ALREADY_EXISTS">, []> & {
         errorCode: "USER_EMAIL_ALREADY_EXISTS";
@@ -249,9 +239,12 @@ export declare const KnownErrors: {
     ApiKeyNotFound: KnownErrorConstructor<KnownError & KnownErrorBrand<"API_KEY_NOT_FOUND">, []> & {
         errorCode: "API_KEY_NOT_FOUND";
     };
-    ProjectNotFound: KnownErrorConstructor<KnownError & KnownErrorBrand<"PROJECT_NOT_FOUND">, []> & {
+    ProjectNotFound: KnownErrorConstructor<KnownError & KnownErrorBrand<"PROJECT_NOT_FOUND">, [projectId: string]> & {
         errorCode: "PROJECT_NOT_FOUND";
     };
+    PasswordAuthenticationNotEnabled: KnownErrorConstructor<KnownError & KnownErrorBrand<"PASSWORD_AUTHENTICATION_NOT_ENABLED">, []> & {
+        errorCode: "PASSWORD_AUTHENTICATION_NOT_ENABLED";
+    };
     EmailPasswordMismatch: KnownErrorConstructor<KnownError & KnownErrorBrand<"EMAIL_PASSWORD_MISMATCH">, []> & {
         errorCode: "EMAIL_PASSWORD_MISMATCH";
     };
@@ -271,6 +264,9 @@ export declare const KnownErrors: {
     } & KnownErrorBrand<"PASSWORD_TOO_LONG">, [maxLength: number]> & {
         errorCode: "PASSWORD_TOO_LONG";
     };
+    UserDoesNotHavePassword: KnownErrorConstructor<KnownError & KnownErrorBrand<"USER_DOES_NOT_HAVE_PASSWORD">, []> & {
+        errorCode: "USER_DOES_NOT_HAVE_PASSWORD";
+    };
     VerificationCodeError: KnownErrorConstructor<KnownError & KnownErrorBrand<"VERIFICATION_ERROR">, [statusCode: number, humanReadableMessage: string, details?: Json | undefined]> & {
         errorCode: "VERIFICATION_ERROR";
     };
@@ -289,21 +285,30 @@ export declare const KnownErrors: {
     } & KnownErrorBrand<"VERIFICATION_CODE_ALREADY_USED">, []> & {
         errorCode: "VERIFICATION_CODE_ALREADY_USED";
     };
-    PasswordMismatch: KnownErrorConstructor<KnownError & KnownErrorBrand<"PASSWORD_MISMATCH">, []> & {
-        errorCode: "PASSWORD_MISMATCH";
+    PasswordConfirmationMismatch: KnownErrorConstructor<KnownError & KnownErrorBrand<"PASSWORD_CONFIRMATION_MISMATCH">, []> & {
+        errorCode: "PASSWORD_CONFIRMATION_MISMATCH";
     };
     EmailAlreadyVerified: KnownErrorConstructor<KnownError & KnownErrorBrand<"EMAIL_ALREADY_VERIFIED">, []> & {
         errorCode: "EMAIL_ALREADY_VERIFIED";
     };
+    EmailNotAssociatedWithUser: KnownErrorConstructor<KnownError & KnownErrorBrand<"EMAIL_NOT_ASSOCIATED_WITH_USER">, []> & {
+        errorCode: "EMAIL_NOT_ASSOCIATED_WITH_USER";
+    };
+    EmailIsNotPrimaryEmail: KnownErrorConstructor<KnownError & KnownErrorBrand<"EMAIL_IS_NOT_PRIMARY_EMAIL">, [email: string, primaryEmail: string | null]> & {
+        errorCode: "EMAIL_IS_NOT_PRIMARY_EMAIL";
+    };
     PermissionNotFound: KnownErrorConstructor<KnownError & KnownErrorBrand<"PERMISSION_NOT_FOUND">, [permissionId: string]> & {
         errorCode: "PERMISSION_NOT_FOUND";
     };
-    PermissionScopeMismatch: KnownErrorConstructor<KnownError & KnownErrorBrand<"PERMISSION_SCOPE_MISMATCH">, [permissionId: string, permissionScope: PermissionDefinitionScopeJson, testScope: PermissionDefinitionScopeJson]> & {
-        errorCode: "PERMISSION_SCOPE_MISMATCH";
+    ContainedPermissionNotFound: KnownErrorConstructor<KnownError & KnownErrorBrand<"CONTAINED_PERMISSION_NOT_FOUND">, [permissionId: string]> & {
+        errorCode: "CONTAINED_PERMISSION_NOT_FOUND";
     };
     TeamNotFound: KnownErrorConstructor<KnownError & KnownErrorBrand<"TEAM_NOT_FOUND">, [teamId: string]> & {
         errorCode: "TEAM_NOT_FOUND";
     };
+    TeamMembershipNotFound: KnownErrorConstructor<KnownError & KnownErrorBrand<"TEAM_MEMBERSHIP_NOT_FOUND">, [teamId: string, userId: string]> & {
+        errorCode: "TEAM_MEMBERSHIP_NOT_FOUND";
+    };
     EmailTemplateAlreadyExists: KnownErrorConstructor<KnownError & KnownErrorBrand<"EMAIL_TEMPLATE_ALREADY_EXISTS">, []> & {
         errorCode: "EMAIL_TEMPLATE_ALREADY_EXISTS";
     };
@@ -322,11 +327,23 @@ export declare const KnownErrors: {
     OAuthAccessTokenNotAvailableWithSharedOAuthKeys: KnownErrorConstructor<KnownError & KnownErrorBrand<"OAUTH_ACCESS_TOKEN_NOT_AVAILABLE_WITH_SHARED_OAUTH_KEYS">, []> & {
         errorCode: "OAUTH_ACCESS_TOKEN_NOT_AVAILABLE_WITH_SHARED_OAUTH_KEYS";
     };
+    InvalidOAuthClientIdOrSecret: KnownErrorConstructor<KnownError & KnownErrorBrand<"INVALID_OAUTH_CLIENT_ID_OR_SECRET">, [clientId?: string | undefined]> & {
+        errorCode: "INVALID_OAUTH_CLIENT_ID_OR_SECRET";
+    };
+    InvalidScope: KnownErrorConstructor<KnownError & KnownErrorBrand<"INVALID_SCOPE">, [scope: string]> & {
+        errorCode: "INVALID_SCOPE";
+    };
     UserAlreadyConnectedToAnotherOAuthConnection: KnownErrorConstructor<KnownError & KnownErrorBrand<"USER_ALREADY_CONNECTED_TO_ANOTHER_OAUTH_CONNECTION">, []> & {
         errorCode: "USER_ALREADY_CONNECTED_TO_ANOTHER_OAUTH_CONNECTION";
     };
     OuterOAuthTimeout: KnownErrorConstructor<KnownError & KnownErrorBrand<"OUTER_OAUTH_TIMEOUT">, []> & {
         errorCode: "OUTER_OAUTH_TIMEOUT";
     };
+    OAuthProviderNotFoundOrNotEnabled: KnownErrorConstructor<KnownError & KnownErrorBrand<"OAUTH_PROVIDER_NOT_FOUND_OR_NOT_ENABLED">, []> & {
+        errorCode: "OAUTH_PROVIDER_NOT_FOUND_OR_NOT_ENABLED";
+    };
+    UserAuthenticationRequired: KnownErrorConstructor<KnownError & KnownErrorBrand<"USER_AUTHENTICATION_REQUIRED">, []> & {
+        errorCode: "USER_AUTHENTICATION_REQUIRED";
+    };
 };
 export {};