@stackframe/stack-shared 2.5.37 → 2.6.0

package/CHANGELOG.md

@@ -1,5 +1,16 @@
 # @stackframe/stack-shared
 
+## 2.6.0
+
+### Minor Changes
+
+- OTP login, more providers, and styling improvements
+
+### Patch Changes
+
+- Updated dependencies
+  - @stackframe/stack-sc@2.6.0
+
 ## 2.5.37
 
 ### Patch Changes

package/dist/interface/clientInterface.d.ts

@@ -51,22 +51,24 @@ export declare class StackClientInterface {
     checkFeatureSupport(options: {
         featureName?: string;
     } & ReadonlyJson): Promise<never>;
-    sendForgotPasswordEmail(email: string, callbackUrl: string): Promise<KnownErrors["UserNotFound"] | undefined>;
+    sendForgotPasswordEmail(email: string, callbackUrl: string): Promise<Result<undefined, KnownErrors["UserNotFound"]>>;
     sendVerificationEmail(email: string, callbackUrl: string, session: InternalSession): Promise<KnownErrors["EmailAlreadyVerified"] | undefined>;
-    sendMagicLinkEmail(email: string, callbackUrl: string): Promise<KnownErrors["RedirectUrlNotWhitelisted"] | undefined>;
+    sendMagicLinkEmail(email: string, callbackUrl: string): Promise<Result<{
+        nonce: string;
+    }, KnownErrors["RedirectUrlNotWhitelisted"]>>;
     resetPassword(options: {
         code: string;
     } & ({
         password: string;
     } | {
         onlyVerifyCode: true;
-    })): Promise<KnownErrors["VerificationCodeError"] | undefined>;
+    })): Promise<Result<undefined, KnownErrors["VerificationCodeError"]>>;
     updatePassword(options: {
         oldPassword: string;
         newPassword: string;
     }, session: InternalSession): Promise<KnownErrors["PasswordConfirmationMismatch"] | KnownErrors["PasswordRequirementsNotMet"] | undefined>;
-    verifyPasswordResetCode(code: string): Promise<KnownErrors["VerificationCodeError"] | undefined>;
-    verifyEmail(code: string): Promise<KnownErrors["VerificationCodeError"] | undefined>;
+    verifyPasswordResetCode(code: string): Promise<Result<undefined, KnownErrors["VerificationCodeError"]>>;
+    verifyEmail(code: string): Promise<Result<undefined, KnownErrors["VerificationCodeError"]>>;
     sendTeamInvitation(options: {
         email: string;
         teamId: string;
@@ -85,19 +87,19 @@ export declare class StackClientInterface {
         refreshToken: any;
         newUser: any;
     }>;
-    signInWithCredential(email: string, password: string, session: InternalSession): Promise<KnownErrors["EmailPasswordMismatch"] | {
+    signInWithCredential(email: string, password: string, session: InternalSession): Promise<Result<{
         accessToken: string;
         refreshToken: string;
-    }>;
-    signUpWithCredential(email: string, password: string, emailVerificationRedirectUrl: string, session: InternalSession): Promise<KnownErrors["UserEmailAlreadyExists"] | KnownErrors["PasswordRequirementsNotMet"] | {
+    }, KnownErrors["EmailPasswordMismatch"]>>;
+    signUpWithCredential(email: string, password: string, emailVerificationRedirectUrl: string, session: InternalSession): Promise<Result<{
         accessToken: string;
         refreshToken: string;
-    }>;
-    signInWithMagicLink(code: string): Promise<KnownErrors["VerificationCodeError"] | {
+    }, KnownErrors["UserEmailAlreadyExists"] | KnownErrors["PasswordRequirementsNotMet"]>>;
+    signInWithMagicLink(code: string): Promise<Result<{
         newUser: boolean;
         accessToken: string;
         refreshToken: string;
-    }>;
+    }, KnownErrors["VerificationCodeError"]>>;
     getOAuthUrl(options: {
         provider: string;
         redirectUrl: string;

package/dist/interface/clientInterface.js

@@ -303,7 +303,10 @@ export class StackClientInterface {
             }),
         }, null, [KnownErrors.UserNotFound]);
         if (res.status === "error") {
-            return res.error;
+            return Result.error(res.error);
+        }
+        else {
+            return Result.ok(undefined);
         }
     }
     async sendVerificationEmail(email, callbackUrl, session) {
@@ -333,7 +336,10 @@ export class StackClientInterface {
             }),
         }, null, [KnownErrors.RedirectUrlNotWhitelisted]);
         if (res.status === "error") {
-            return res.error;
+            return Result.error(res.error);
+        }
+        else {
+            return Result.ok(await res.data.json());
         }
     }
     async resetPassword(options) {
@@ -348,7 +354,10 @@ export class StackClientInterface {
             }),
         }, null, [KnownErrors.VerificationCodeError]);
         if (res.status === "error") {
-            return res.error;
+            return Result.error(res.error);
+        }
+        else {
+            return Result.ok(undefined);
         }
     }
     async updatePassword(options, session) {
@@ -368,10 +377,12 @@ export class StackClientInterface {
     }
     async verifyPasswordResetCode(code) {
         const res = await this.resetPassword({ code, onlyVerifyCode: true });
-        if (res && !(res instanceof KnownErrors.VerificationCodeError)) {
-            throw res;
+        if (res.status === "error") {
+            return Result.error(res.error);
+        }
+        else {
+            return Result.ok(undefined);
         }
-        return res;
     }
     async verifyEmail(code) {
         const res = await this.sendClientRequestAndCatchKnownError("/contact-channels/verify", {
@@ -384,7 +395,10 @@ export class StackClientInterface {
             }),
         }, null, [KnownErrors.VerificationCodeError]);
         if (res.status === "error") {
-            return res.error;
+            return Result.error(res.error);
+        }
+        else {
+            return Result.ok(undefined);
         }
     }
     async sendTeamInvitation(options) {
@@ -458,13 +472,13 @@ export class StackClientInterface {
             }),
         }, session, [KnownErrors.EmailPasswordMismatch]);
         if (res.status === "error") {
-            return res.error;
+            return Result.error(res.error);
         }
         const result = await res.data.json();
-        return {
+        return Result.ok({
             accessToken: result.access_token,
             refreshToken: result.refresh_token,
-        };
+        });
     }
     async signUpWithCredential(email, password, emailVerificationRedirectUrl, session) {
         const res = await this.sendClientRequestAndCatchKnownError("/auth/password/sign-up", {
@@ -479,13 +493,13 @@ export class StackClientInterface {
             }),
         }, session, [KnownErrors.UserEmailAlreadyExists, KnownErrors.PasswordRequirementsNotMet]);
         if (res.status === "error") {
-            return res.error;
+            return Result.error(res.error);
         }
         const result = await res.data.json();
-        return {
+        return Result.ok({
             accessToken: result.access_token,
             refreshToken: result.refresh_token,
-        };
+        });
     }
     async signInWithMagicLink(code) {
         const res = await this.sendClientRequestAndCatchKnownError("/auth/otp/sign-in", {
@@ -498,14 +512,14 @@ export class StackClientInterface {
             }),
         }, null, [KnownErrors.VerificationCodeError]);
         if (res.status === "error") {
-            return res.error;
+            return Result.error(res.error);
         }
         const result = await res.data.json();
-        return {
+        return Result.ok({
             accessToken: result.access_token,
             refreshToken: result.refresh_token,
             newUser: result.is_new_user,
-        };
+        });
     }
     async getOAuthUrl(options) {
         const updatedRedirectUrl = new URL(options.redirectUrl);

package/dist/interface/crud/current-user.d.ts

@@ -1,6 +1,7 @@
 import { CrudTypeOf } from "../../crud";
 export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions<{
     clientReadSchema: import("yup").ObjectSchema<({
+        primary_email: string | null;
         id: string;
         display_name: string | null;
         oauth_providers: {
@@ -8,7 +9,6 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
             id: string;
             account_id: string;
         }[];
-        primary_email: string | null;
         profile_image_url: string | null;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
@@ -30,7 +30,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         } | {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };
@@ -38,7 +38,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         connected_accounts: {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };
@@ -114,7 +114,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         } | {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };
@@ -122,7 +122,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         connected_accounts: {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };

package/dist/interface/crud/projects.d.ts

@@ -20,11 +20,11 @@ export declare const projectsCrudAdminReadSchema: import("yup").ObjectSchema<{
             facebook_config_id?: string | undefined;
             microsoft_tenant_id?: string | undefined;
             type: NonNullable<"shared" | "standard" | undefined>;
-            id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+            id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
             enabled: NonNullable<boolean | undefined>;
         }[];
         enabled_oauth_providers: {
-            id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+            id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
         }[];
         domains: {
             domain: string;
@@ -89,7 +89,7 @@ export declare const projectsCrudClientReadSchema: import("yup").ObjectSchema<{
         client_team_creation_enabled: NonNullable<boolean | undefined>;
         client_user_deletion_enabled: NonNullable<boolean | undefined>;
         enabled_oauth_providers: {
-            id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+            id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
         }[];
     };
 }, import("yup").AnyObject, {
@@ -121,7 +121,7 @@ export declare const projectsCrudAdminUpdateSchema: import("yup").ObjectSchema<{
             facebook_config_id?: string | undefined;
             microsoft_tenant_id?: string | undefined;
             type: NonNullable<"shared" | "standard" | undefined>;
-            id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+            id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
             enabled: NonNullable<boolean | undefined>;
         }[] | undefined;
         domains?: {
@@ -168,7 +168,7 @@ export declare const projectsCrudAdminCreateSchema: import("yup").ObjectSchema<{
             facebook_config_id?: string | undefined;
             microsoft_tenant_id?: string | undefined;
             type: NonNullable<"shared" | "standard" | undefined>;
-            id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+            id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
             enabled: NonNullable<boolean | undefined>;
         }[] | undefined;
         domains?: {
@@ -212,7 +212,7 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
             client_team_creation_enabled: NonNullable<boolean | undefined>;
             client_user_deletion_enabled: NonNullable<boolean | undefined>;
             enabled_oauth_providers: {
-                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
             }[];
         };
     }, import("yup").AnyObject, {
@@ -248,11 +248,11 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
                 facebook_config_id?: string | undefined;
                 microsoft_tenant_id?: string | undefined;
                 type: NonNullable<"shared" | "standard" | undefined>;
-                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 enabled: NonNullable<boolean | undefined>;
             }[];
             enabled_oauth_providers: {
-                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
             }[];
             domains: {
                 domain: string;
@@ -324,7 +324,7 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
                 facebook_config_id?: string | undefined;
                 microsoft_tenant_id?: string | undefined;
                 type: NonNullable<"shared" | "standard" | undefined>;
-                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 enabled: NonNullable<boolean | undefined>;
             }[] | undefined;
             domains?: {
@@ -401,11 +401,11 @@ export declare const internalProjectsCrud: import("../../crud").CrudSchemaFromOp
                 facebook_config_id?: string | undefined;
                 microsoft_tenant_id?: string | undefined;
                 type: NonNullable<"shared" | "standard" | undefined>;
-                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 enabled: NonNullable<boolean | undefined>;
             }[];
             enabled_oauth_providers: {
-                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
             }[];
             domains: {
                 domain: string;
@@ -477,7 +477,7 @@ export declare const internalProjectsCrud: import("../../crud").CrudSchemaFromOp
                 facebook_config_id?: string | undefined;
                 microsoft_tenant_id?: string | undefined;
                 type: NonNullable<"shared" | "standard" | undefined>;
-                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                id: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 enabled: NonNullable<boolean | undefined>;
             }[] | undefined;
             domains?: {

package/dist/interface/crud/team-member-profiles.d.ts

@@ -17,6 +17,7 @@ export declare const teamMemberProfilesCrudServerReadSchema: import("yup").Objec
     profile_image_url: string | null;
 } & {
     user: {
+        primary_email: string | null;
         id: string;
         display_name: string | null;
         oauth_providers: {
@@ -24,7 +25,6 @@ export declare const teamMemberProfilesCrudServerReadSchema: import("yup").Objec
             id: string;
             account_id: string;
         }[];
-        primary_email: string | null;
         profile_image_url: string | null;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
@@ -56,7 +56,7 @@ export declare const teamMemberProfilesCrudServerReadSchema: import("yup").Objec
         } | {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };
@@ -64,7 +64,7 @@ export declare const teamMemberProfilesCrudServerReadSchema: import("yup").Objec
         connected_accounts: {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };
@@ -131,6 +131,7 @@ export declare const teamMemberProfilesCrud: import("../../crud").CrudSchemaFrom
         profile_image_url: string | null;
     } & {
         user: {
+            primary_email: string | null;
             id: string;
             display_name: string | null;
             oauth_providers: {
@@ -138,7 +139,6 @@ export declare const teamMemberProfilesCrud: import("../../crud").CrudSchemaFrom
                 id: string;
                 account_id: string;
             }[];
-            primary_email: string | null;
             profile_image_url: string | null;
             client_metadata: {} | null;
             client_read_only_metadata: {} | null;
@@ -170,7 +170,7 @@ export declare const teamMemberProfilesCrud: import("../../crud").CrudSchemaFrom
             } | {
                 type: "oauth";
                 provider: {
-                    type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                    type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                     id: string;
                     provider_user_id: string;
                 };
@@ -178,7 +178,7 @@ export declare const teamMemberProfilesCrud: import("../../crud").CrudSchemaFrom
             connected_accounts: {
                 type: "oauth";
                 provider: {
-                    type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                    type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                     id: string;
                     provider_user_id: string;
                 };

package/dist/interface/crud/users.d.ts

@@ -61,7 +61,7 @@ export declare const usersCrudServerReadSchema: import("yup").ObjectSchema<{
     } | {
         type: "oauth";
         provider: {
-            type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+            type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
             id: string;
             provider_user_id: string;
         };
@@ -69,7 +69,7 @@ export declare const usersCrudServerReadSchema: import("yup").ObjectSchema<{
     connected_accounts: {
         type: "oauth";
         provider: {
-            type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+            type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
             id: string;
             provider_user_id: string;
         };
@@ -107,9 +107,9 @@ export declare const usersCrudServerReadSchema: import("yup").ObjectSchema<{
     last_active_at_millis: undefined;
 }, "">;
 export declare const usersCrudServerCreateSchema: import("yup").ObjectSchema<{
+    primary_email: string | null | undefined;
     password: string | null | undefined;
     display_name: string | null | undefined;
-    primary_email: string | null | undefined;
     profile_image_url: string | null | undefined;
     client_metadata: {} | null | undefined;
     client_read_only_metadata: {} | null | undefined;
@@ -119,8 +119,8 @@ export declare const usersCrudServerCreateSchema: import("yup").ObjectSchema<{
     totp_secret_base64: string | null | undefined;
 } & {
     oauth_providers: {
-        id: string;
         email: string | null;
+        id: string;
         account_id: string;
     }[] | undefined;
 }, import("yup").AnyObject, {
@@ -176,7 +176,7 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         } | {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };
@@ -184,7 +184,7 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         connected_accounts: {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };
@@ -247,9 +247,9 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         selected_team_id: undefined;
     }, "">;
     serverCreateSchema: import("yup").ObjectSchema<{
+        primary_email: string | null | undefined;
         password: string | null | undefined;
         display_name: string | null | undefined;
-        primary_email: string | null | undefined;
         profile_image_url: string | null | undefined;
         client_metadata: {} | null | undefined;
         client_read_only_metadata: {} | null | undefined;
@@ -259,8 +259,8 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         totp_secret_base64: string | null | undefined;
     } & {
         oauth_providers: {
-            id: string;
             email: string | null;
+            id: string;
             account_id: string;
         }[] | undefined;
     }, import("yup").AnyObject, {
@@ -346,7 +346,7 @@ export declare const userCreatedWebhookEvent: {
         } | {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };
@@ -354,7 +354,7 @@ export declare const userCreatedWebhookEvent: {
         connected_accounts: {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };
@@ -436,7 +436,7 @@ export declare const userUpdatedWebhookEvent: {
         } | {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };
@@ -444,7 +444,7 @@ export declare const userUpdatedWebhookEvent: {
         connected_accounts: {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };

package/dist/interface/webhooks.d.ts

@@ -47,7 +47,7 @@ export declare const webhookEvents: readonly [{
         } | {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };
@@ -55,7 +55,7 @@ export declare const webhookEvents: readonly [{
         connected_accounts: {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };
@@ -136,7 +136,7 @@ export declare const webhookEvents: readonly [{
         } | {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };
@@ -144,7 +144,7 @@ export declare const webhookEvents: readonly [{
         connected_accounts: {
             type: "oauth";
             provider: {
-                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+                type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
                 id: string;
                 provider_user_id: string;
             };

package/dist/known-errors.d.ts

@@ -291,6 +291,11 @@ export declare const KnownErrors: {
     } & KnownErrorBrand<"VERIFICATION_CODE_ALREADY_USED">, []> & {
         errorCode: "VERIFICATION_CODE_ALREADY_USED";
     };
+    VerificationCodeMaxAttemptsReached: KnownErrorConstructor<KnownError & KnownErrorBrand<"VERIFICATION_ERROR"> & {
+        constructorArgs: [statusCode: number, humanReadableMessage: string, details?: Json | undefined];
+    } & KnownErrorBrand<"VERIFICATION_CODE_MAX_ATTEMPTS_REACHED">, []> & {
+        errorCode: "VERIFICATION_CODE_MAX_ATTEMPTS_REACHED";
+    };
     PasswordConfirmationMismatch: KnownErrorConstructor<KnownError & KnownErrorBrand<"PASSWORD_CONFIRMATION_MISMATCH">, []> & {
         errorCode: "PASSWORD_CONFIRMATION_MISMATCH";
     };
@@ -375,5 +380,8 @@ export declare const KnownErrors: {
     TeamPermissionNotFound: KnownErrorConstructor<KnownError & KnownErrorBrand<"TEAM_PERMISSION_NOT_FOUND">, [any, any, any]> & {
         errorCode: "TEAM_PERMISSION_NOT_FOUND";
     };
+    OAuthProviderAccessDenied: KnownErrorConstructor<KnownError & KnownErrorBrand<"OAUTH_PROVIDER_ACCESS_DENIED">, []> & {
+        errorCode: "OAUTH_PROVIDER_ACCESS_DENIED";
+    };
 };
 export {};

package/dist/known-errors.js

@@ -372,6 +372,10 @@ const VerificationCodeAlreadyUsed = createKnownErrorConstructor(VerificationCode
     400,
     "The verification link has already been used.",
 ], () => []);
+const VerificationCodeMaxAttemptsReached = createKnownErrorConstructor(VerificationCodeError, "VERIFICATION_CODE_MAX_ATTEMPTS_REACHED", () => [
+    400,
+    "The verification code nonce has reached the maximum number of attempts. This code is not valid anymore.",
+], () => []);
 const PasswordConfirmationMismatch = createKnownErrorConstructor(KnownError, "PASSWORD_CONFIRMATION_MISMATCH", () => [
     400,
     "Passwords do not match.",
@@ -530,6 +534,10 @@ const InvalidAuthorizationCode = createKnownErrorConstructor(KnownError, "INVALI
     400,
     "The given authorization code is invalid.",
 ], () => []);
+const OAuthProviderAccessDenied = createKnownErrorConstructor(KnownError, "OAUTH_PROVIDER_ACCESS_DENIED", () => [
+    400,
+    "The OAuth provider denied access to the user.",
+], () => []);
 export const KnownErrors = {
     UnsupportedError,
     BodyParsingError,
@@ -588,6 +596,7 @@ export const KnownErrors = {
     VerificationCodeNotFound,
     VerificationCodeExpired,
     VerificationCodeAlreadyUsed,
+    VerificationCodeMaxAttemptsReached,
     PasswordConfirmationMismatch,
     EmailAlreadyVerified,
     EmailNotAssociatedWithUser,
@@ -616,6 +625,7 @@ export const KnownErrors = {
     InvalidStandardOAuthProviderId,
     InvalidAuthorizationCode,
     TeamPermissionNotFound,
+    OAuthProviderAccessDenied,
 };
 // ensure that all known error codes are unique
 const knownErrorCodes = new Set();

package/dist/schema-fields.d.ts

@@ -1,4 +1,7 @@
 import * as yup from "yup";
+export declare function yupValidate<S extends yup.ISchema<any>>(schema: S, obj: unknown, options?: yup.ValidateOptions & {
+    currentUserId?: string | null;
+}): Promise<yup.InferType<S>>;
 declare const StackAdaptSentinel: unique symbol;
 export type StackAdaptSentinel = typeof StackAdaptSentinel;
 export declare function yupString<A extends string, B extends yup.Maybe<yup.AnyObject> = yup.AnyObject>(...args: Parameters<typeof yup.string<A, B>>): yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
@@ -40,7 +43,7 @@ export declare const projectClientTeamCreationEnabledSchema: yup.BooleanSchema<b
 export declare const projectClientUserDeletionEnabledSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare const projectSignUpEnabledSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare const projectCredentialEnabledSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
-export declare const oauthIdSchema: yup.StringSchema<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined, yup.AnyObject, undefined, "">;
+export declare const oauthIdSchema: yup.StringSchema<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined, yup.AnyObject, undefined, "">;
 export declare const oauthEnabledSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare const oauthTypeSchema: yup.StringSchema<"shared" | "standard" | undefined, yup.AnyObject, undefined, "">;
 export declare const oauthClientIdSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
@@ -71,7 +74,7 @@ export declare const userClientReadOnlyMetadataSchema: yup.MixedSchema<{} | null
 export declare const userServerMetadataSchema: yup.MixedSchema<{} | null, yup.AnyObject, undefined, "">;
 export declare const userOAuthProviderSchema: yup.ObjectSchema<{
     id: string;
-    type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | undefined>;
+    type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
     provider_user_id: string;
 }, yup.AnyObject, {
     id: undefined;

package/dist/schema-fields.js

@@ -1,8 +1,58 @@
 import * as yup from "yup";
+import { KnownErrors } from ".";
 import { isBase64 } from "./utils/bytes";
 import { StackAssertionError } from "./utils/errors";
 import { allProviders } from "./utils/oauth";
+import { deepPlainClone, omit } from "./utils/objects";
 import { isUuid } from "./utils/uuids";
+export async function yupValidate(schema, obj, options) {
+    try {
+        return await schema.validate(obj, {
+            ...omit(options ?? {}, ['currentUserId']),
+            context: {
+                ...options?.context,
+                stackAllowUserIdMe: options?.currentUserId !== undefined,
+            },
+        });
+    }
+    catch (error) {
+        if (error instanceof ReplaceFieldWithOwnUserId) {
+            const currentUserId = options?.currentUserId;
+            if (!currentUserId)
+                throw new KnownErrors.CannotGetOwnUserWithoutUser();
+            // parse yup path
+            let pathRemaining = error.path;
+            const fieldPath = [];
+            while (pathRemaining.length > 0) {
+                if (pathRemaining.startsWith("[")) {
+                    const index = pathRemaining.indexOf("]");
+                    if (index < 0)
+                        throw new StackAssertionError("Invalid path");
+                    fieldPath.push(JSON.parse(pathRemaining.slice(1, index)));
+                    pathRemaining = pathRemaining.slice(index + 1);
+                }
+                else {
+                    let dotIndex = pathRemaining.indexOf(".");
+                    if (dotIndex === -1)
+                        dotIndex = pathRemaining.length;
+                    fieldPath.push(pathRemaining.slice(0, dotIndex));
+                    pathRemaining = pathRemaining.slice(dotIndex + 1);
+                }
+            }
+            const newObj = deepPlainClone(obj);
+            let it = newObj;
+            for (const field of fieldPath.slice(0, -1)) {
+                if (!Object.prototype.hasOwnProperty.call(it, field)) {
+                    throw new StackAssertionError(`Segment ${field} of path ${error.path} not found in object`);
+                }
+                it = it[field];
+            }
+            it[fieldPath[fieldPath.length - 1]] = currentUserId;
+            return await yupValidate(schema, newObj, options);
+        }
+        throw error;
+    }
+}
 const _idDescription = (identify) => `The unique identifier of this ${identify}`;
 const _displayNameDescription = (identify) => `Human-readable ${identify} display name. This is not a unique identifier.`;
 const _clientMetaDataDescription = (identify) => `Client metadata. Used as a data store, accessible from the client side. Do not store information that should not be exposed to the client.`;
@@ -82,7 +132,10 @@ export function yupUnion(...args) {
                 errors.push(e);
             }
         }
-        throw new AggregateError(errors, 'Invalid value; must be one of the provided schemas');
+        return context.createError({
+            message: `${context.path} is not matched by any of the provided schemas:\n${errors.map((e, i) => '\tSchema ' + i + ": \n\t\t" + e.errors.join('\n\t\t')).join('\n')}`,
+            path: context.path,
+        });
     });
 }
 // Common
@@ -185,6 +238,10 @@ export const userIdOrMeSchema = yupString().uuid().transform(v => {
     else
         return v;
 }).test((v, context) => {
+    if (!("stackAllowUserIdMe" in (context.options.context ?? {})))
+        throw new StackAssertionError('userIdOrMeSchema is not allowed in this context. Make sure you\'re using yupValidate from schema-fields.ts to validate, instead of schema.validate(...).');
+    if (!context.options.context?.stackAllowUserIdMe)
+        throw new StackAssertionError('userIdOrMeSchema is not allowed in this context. Make sure you\'re passing in the currentUserId option in yupValidate.');
     if (v === userIdMeSentinelUuid)
         throw new ReplaceFieldWithOwnUserId(context.path);
     return true;
@@ -207,8 +264,8 @@ export const userOAuthProviderSchema = yupObject({
 export const userLastActiveAtMillisSchema = yupNumber().nullable().meta({ openapiField: { description: _lastActiveAtMillisDescription, exampleValue: 1630000000000 } });
 // Auth
 export const signInEmailSchema = emailSchema.meta({ openapiField: { description: 'The email to sign in with.', exampleValue: 'johndoe@example.com' } });
-export const emailOtpSignInCallbackUrlSchema = urlSchema.meta({ openapiField: { description: 'The base callback URL to construct the magic link from. A query argument `code` with the verification code will be appended to it. The page should then make a request to the `/auth/otp/sign-in` endpoint.', exampleValue: 'https://example.com/handler/magic-link-callback' } });
-export const emailVerificationCallbackUrlSchema = urlSchema.meta({ openapiField: { description: 'The base callback URL to construct a verification link for the verification e-mail. A query argument `code` with the verification code will be appended to it. The page should then make a request to the `/contact-channels/verify` endpoint.', exampleValue: 'https://example.com/handler/email-verification' } });
+export const emailOtpSignInCallbackUrlSchema = urlSchema.meta({ openapiField: { description: 'The base callback URL to construct the magic link from. A query parameter `code` with the verification code will be appended to it. The page should then make a request to the `/auth/otp/sign-in` endpoint.', exampleValue: 'https://example.com/handler/magic-link-callback' } });
+export const emailVerificationCallbackUrlSchema = urlSchema.meta({ openapiField: { description: 'The base callback URL to construct a verification link for the verification e-mail. A query parameter `code` with the verification code will be appended to it. The page should then make a request to the `/contact-channels/verify` endpoint.', exampleValue: 'https://example.com/handler/email-verification' } });
 export const accessTokenResponseSchema = yupString().meta({ openapiField: { description: 'Short-lived access token that can be used to authenticate the user', exampleValue: 'eyJhmMiJB2TO...diI4QT' } });
 export const refreshTokenResponseSchema = yupString().meta({ openapiField: { description: 'Long-lived refresh token that can be used to obtain a new access token', exampleValue: 'i8ns3aq2...14y' } });
 export const signInResponseSchema = yupObject({
@@ -249,8 +306,8 @@ export const teamClientMetadataSchema = jsonSchema.meta({ openapiField: { descri
 export const teamClientReadOnlyMetadataSchema = jsonSchema.meta({ openapiField: { description: _clientReadOnlyMetaDataDescription('team'), exampleValue: { key: 'value' } } });
 export const teamServerMetadataSchema = jsonSchema.meta({ openapiField: { description: _serverMetaDataDescription('team'), exampleValue: { key: 'value' } } });
 export const teamCreatedAtMillisSchema = yupNumber().meta({ openapiField: { description: _createdAtMillisDescription('team'), exampleValue: 1630000000000 } });
-export const teamInvitationEmailSchema = emailSchema.meta({ openapiField: { description: 'The email to sign in with.', exampleValue: 'johndoe@example.com' } });
-export const teamInvitationCallbackUrlSchema = urlSchema.meta({ openapiField: { description: 'The base callback URL to construct a verification link for the verification e-mail. A query argument `code` with the verification code will be appended to it. The page should then make a request to the `/contact-channels/verify` endpoint.', exampleValue: 'https://example.com/handler/email-verification' } });
+export const teamInvitationEmailSchema = emailSchema.meta({ openapiField: { description: 'The email of the user to invite.', exampleValue: 'johndoe@example.com' } });
+export const teamInvitationCallbackUrlSchema = urlSchema.meta({ openapiField: { description: 'The base callback URL to construct an invite link with. A query parameter `code` with the verification code will be appended to it. The page should then make a request to the `/team-invitations/accept` endpoint.', exampleValue: 'https://example.com/handler/team-invitation' } });
 // Team member profiles
 export const teamMemberDisplayNameSchema = yupString().meta({ openapiField: { description: _displayNameDescription('team member') + ' Note that this is separate from the display_name of the user.', exampleValue: 'John Doe' } });
 export const teamMemberProfileImageUrlSchema = urlSchema.max(1000000).meta({ openapiField: { description: _profileImageUrlDescription('team member'), exampleValue: 'https://example.com/image.jpg' } });

package/dist/utils/jwt.d.ts

@@ -15,7 +15,7 @@ export declare function getPublicJwkSet(): Promise<{
         d: string;
         x: string;
         y: string;
-    }, "kty" | "crv" | "x" | "y">[];
+    }, "x" | "kty" | "crv" | "y">[];
 }>;
 export declare function encryptJWE(payload: any, expirationTime?: string): Promise<string>;
 export declare function decryptJWE(jwt: string): Promise<jose.JWTPayload>;

package/dist/utils/jwt.js

@@ -1,8 +1,8 @@
+import elliptic from "elliptic";
 import * as jose from "jose";
+import { encodeBase64 } from "./bytes";
 import { getEnvVariable } from "./env";
-import elliptic from "elliptic";
 import { globalVar } from "./globals";
-import { encodeBase64 } from "./bytes";
 import { pick } from "./objects";
 const STACK_SERVER_SECRET = jose.base64url.decode(getEnvVariable("STACK_SERVER_SECRET"));
 export async function signJWT(issuer, payload, expirationTime = "5m") {

package/dist/utils/oauth.d.ts

@@ -1,6 +1,6 @@
-export declare const standardProviders: readonly ["google", "github", "microsoft", "spotify", "facebook", "discord", "gitlab", "bitbucket", "linkedin", "apple"];
+export declare const standardProviders: readonly ["google", "github", "microsoft", "spotify", "facebook", "discord", "gitlab", "bitbucket", "linkedin", "apple", "x"];
 export declare const sharedProviders: readonly ["google", "github", "microsoft", "spotify"];
-export declare const allProviders: readonly ["google", "github", "microsoft", "spotify", "facebook", "discord", "gitlab", "bitbucket", "linkedin", "apple"];
+export declare const allProviders: readonly ["google", "github", "microsoft", "spotify", "facebook", "discord", "gitlab", "bitbucket", "linkedin", "apple", "x"];
 export type ProviderType = typeof allProviders[number];
 export type StandardProviderType = typeof standardProviders[number];
 export type SharedProviderType = typeof sharedProviders[number];

package/dist/utils/oauth.js

@@ -1,4 +1,4 @@
-export const standardProviders = ["google", "github", "microsoft", "spotify", "facebook", "discord", "gitlab", "bitbucket", "linkedin", "apple"];
+export const standardProviders = ["google", "github", "microsoft", "spotify", "facebook", "discord", "gitlab", "bitbucket", "linkedin", "apple", "x"];
 // No more shared providers should be added except for special cases
 export const sharedProviders = ["google", "github", "microsoft", "spotify"];
 export const allProviders = standardProviders;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stackframe/stack-shared",
-  "version": "2.5.37",
+  "version": "2.6.0",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "files": [
@@ -36,13 +36,15 @@
     "elliptic": "^6.5.7",
     "jose": "^5.2.2",
     "oauth4webapi": "^2.10.3",
+    "semver": "^7.6.3",
     "uuid": "^9.0.1",
-    "@stackframe/stack-sc": "2.5.37"
+    "@stackframe/stack-sc": "2.6.0"
   },
   "devDependencies": {
     "@types/bcrypt": "^5.0.2",
     "@types/elliptic": "^6.4.18",
     "@types/react": "^18.2.66",
+    "@types/semver": "^7.5.8",
     "@types/uuid": "^9.0.8",
     "next": "^14.1.0",
     "react": "^18.2.0",