@stackframe/stack 2.6.27 → 2.6.29

package/dist/index.d.mts

@@ -2,7 +2,7 @@ export { default as StackProvider } from './providers/stack-provider.mjs';
 export { useStackApp, useUser } from './lib/hooks.mjs';
 export { default as StackHandler } from './components-page/stack-handler.mjs';
 export { StackTheme } from './providers/theme-provider.mjs';
-export { AdminDomainConfig, AdminEmailConfig, AdminOAuthProviderConfig, AdminOwnedProject, AdminProject, AdminProjectConfig, AdminProjectConfigUpdateOptions, AdminProjectCreateOptions, AdminProjectUpdateOptions, AdminTeamPermission, AdminTeamPermissionDefinition, AdminTeamPermissionDefinitionCreateOptions, AdminTeamPermissionDefinitionUpdateOptions, ApiKey, ApiKeyBase, ApiKeyBaseCrudRead, ApiKeyCreateOptions, ApiKeyFirstView, Connection, CurrentInternalServerUser, CurrentInternalUser, CurrentServerUser, CurrentUser, EditableTeamMemberProfile, GetUserOptions, HandlerUrls, OAuthConnection, OAuthProviderConfig, OAuthScopesOnSignIn, Project, ProjectConfig, ServerListUsersOptions, ServerTeam, ServerTeamCreateOptions, ServerTeamMemberProfile, ServerTeamUpdateOptions, ServerTeamUser, ServerUser, StackAdminApp, StackAdminAppConstructorOptions, StackClientApp, StackClientAppConstructorOptions, StackClientAppJson, StackServerApp, StackServerAppConstructorOptions, Team, TeamCreateOptions, TeamMemberProfile, TeamPermission, TeamUpdateOptions, TeamUser, TokenStoreInit, User, serverTeamPermissionDefinitionCreateOptionsToCrud, serverTeamPermissionDefinitionUpdateOptionsToCrud, stackAppInternalsSymbol } from './lib/stack-app.mjs';
+export { AdminDomainConfig, AdminEmailConfig, AdminOAuthProviderConfig, AdminOwnedProject, AdminProject, AdminProjectConfig, AdminProjectConfigUpdateOptions, AdminProjectCreateOptions, AdminProjectUpdateOptions, AdminTeamPermission, AdminTeamPermissionDefinition, AdminTeamPermissionDefinitionCreateOptions, AdminTeamPermissionDefinitionUpdateOptions, ApiKey, ApiKeyBase, ApiKeyBaseCrudRead, ApiKeyCreateOptions, ApiKeyFirstView, Connection, CurrentInternalServerUser, CurrentInternalUser, CurrentServerUser, CurrentUser, EditableTeamMemberProfile, GetUserOptions, HandlerUrls, OAuthConnection, OAuthProviderConfig, OAuthScopesOnSignIn, Project, ProjectConfig, ServerListUsersOptions, ServerTeam, ServerTeamCreateOptions, ServerTeamMemberProfile, ServerTeamUpdateOptions, ServerTeamUser, ServerUser, StackAdminApp, StackAdminAppConstructorOptions, StackClientApp, StackClientAppConstructorOptions, StackClientAppJson, StackServerApp, StackServerAppConstructorOptions, Team, TeamCreateOptions, TeamInvitation, TeamMemberProfile, TeamPermission, TeamUpdateOptions, TeamUser, TokenStoreInit, User, serverTeamPermissionDefinitionCreateOptionsToCrud, serverTeamPermissionDefinitionUpdateOptionsToCrud, stackAppInternalsSymbol } from './lib/stack-app.mjs';
 export { SignIn } from './components-page/sign-in.mjs';
 export { SignUp } from './components-page/sign-up.mjs';
 export { EmailVerification } from './components-page/email-verification.mjs';

package/dist/index.d.ts

@@ -2,7 +2,7 @@ export { default as StackProvider } from './providers/stack-provider.js';
 export { useStackApp, useUser } from './lib/hooks.js';
 export { default as StackHandler } from './components-page/stack-handler.js';
 export { StackTheme } from './providers/theme-provider.js';
-export { AdminDomainConfig, AdminEmailConfig, AdminOAuthProviderConfig, AdminOwnedProject, AdminProject, AdminProjectConfig, AdminProjectConfigUpdateOptions, AdminProjectCreateOptions, AdminProjectUpdateOptions, AdminTeamPermission, AdminTeamPermissionDefinition, AdminTeamPermissionDefinitionCreateOptions, AdminTeamPermissionDefinitionUpdateOptions, ApiKey, ApiKeyBase, ApiKeyBaseCrudRead, ApiKeyCreateOptions, ApiKeyFirstView, Connection, CurrentInternalServerUser, CurrentInternalUser, CurrentServerUser, CurrentUser, EditableTeamMemberProfile, GetUserOptions, HandlerUrls, OAuthConnection, OAuthProviderConfig, OAuthScopesOnSignIn, Project, ProjectConfig, ServerListUsersOptions, ServerTeam, ServerTeamCreateOptions, ServerTeamMemberProfile, ServerTeamUpdateOptions, ServerTeamUser, ServerUser, StackAdminApp, StackAdminAppConstructorOptions, StackClientApp, StackClientAppConstructorOptions, StackClientAppJson, StackServerApp, StackServerAppConstructorOptions, Team, TeamCreateOptions, TeamMemberProfile, TeamPermission, TeamUpdateOptions, TeamUser, TokenStoreInit, User, serverTeamPermissionDefinitionCreateOptionsToCrud, serverTeamPermissionDefinitionUpdateOptionsToCrud, stackAppInternalsSymbol } from './lib/stack-app.js';
+export { AdminDomainConfig, AdminEmailConfig, AdminOAuthProviderConfig, AdminOwnedProject, AdminProject, AdminProjectConfig, AdminProjectConfigUpdateOptions, AdminProjectCreateOptions, AdminProjectUpdateOptions, AdminTeamPermission, AdminTeamPermissionDefinition, AdminTeamPermissionDefinitionCreateOptions, AdminTeamPermissionDefinitionUpdateOptions, ApiKey, ApiKeyBase, ApiKeyBaseCrudRead, ApiKeyCreateOptions, ApiKeyFirstView, Connection, CurrentInternalServerUser, CurrentInternalUser, CurrentServerUser, CurrentUser, EditableTeamMemberProfile, GetUserOptions, HandlerUrls, OAuthConnection, OAuthProviderConfig, OAuthScopesOnSignIn, Project, ProjectConfig, ServerListUsersOptions, ServerTeam, ServerTeamCreateOptions, ServerTeamMemberProfile, ServerTeamUpdateOptions, ServerTeamUser, ServerUser, StackAdminApp, StackAdminAppConstructorOptions, StackClientApp, StackClientAppConstructorOptions, StackClientAppJson, StackServerApp, StackServerAppConstructorOptions, Team, TeamCreateOptions, TeamInvitation, TeamMemberProfile, TeamPermission, TeamUpdateOptions, TeamUser, TokenStoreInit, User, serverTeamPermissionDefinitionCreateOptionsToCrud, serverTeamPermissionDefinitionUpdateOptionsToCrud, stackAppInternalsSymbol } from './lib/stack-app.js';
 export { SignIn } from './components-page/sign-in.js';
 export { SignUp } from './components-page/sign-up.js';
 export { EmailVerification } from './components-page/email-verification.js';

package/dist/lib/auth.js

@@ -67,7 +67,7 @@ function consumeOAuthCallbackQueryParams() {
   const originalUrl = new URL(window.location.href);
   for (const param of requiredParams) {
     if (!originalUrl.searchParams.has(param)) {
-      (0, import_errors.captureError)("consumeOAuthCallbackQueryParams", new Error(`Missing required query parameter on OAuth callback: ${param}`));
+      console.warn(new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));
       return null;
     }
   }

package/dist/lib/auth.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/lib/auth.ts"],"sourcesContent":["import { KnownError, StackClientInterface } from \"@stackframe/stack-shared\";\nimport { InternalSession } from \"@stackframe/stack-shared/dist/sessions\";\nimport { StackAssertionError, captureError, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { neverResolve } from \"@stackframe/stack-shared/dist/utils/promises\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { deindent } from \"@stackframe/stack-shared/dist/utils/strings\";\nimport { constructRedirectUrl } from \"../utils/url\";\nimport { consumeVerifierAndStateCookie, saveVerifierAndState } from \"./cookie\";\n\nexport async function signInWithOAuth(\n  iface: StackClientInterface,\n  options: {\n    provider: string,\n    redirectUrl: string,\n    errorRedirectUrl: string,\n    providerScope?: string,\n  }\n) {\n  const { codeChallenge, state } = await saveVerifierAndState();\n  const location = await iface.getOAuthUrl({\n    provider: options.provider,\n    redirectUrl: constructRedirectUrl(options.redirectUrl),\n    errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl),\n    codeChallenge,\n    state,\n    type: \"authenticate\",\n    providerScope: options.providerScope,\n  });\n  window.location.assign(location);\n  await neverResolve();\n}\n\nexport async function addNewOAuthProviderOrScope(\n  iface: StackClientInterface,\n  options: {\n    provider: string,\n    redirectUrl: string,\n    errorRedirectUrl: string,\n    providerScope?: string,\n  },\n  session: InternalSession,\n) {\n  const { codeChallenge, state } = await saveVerifierAndState();\n  const location = await iface.getOAuthUrl({\n    provider: options.provider,\n    redirectUrl: constructRedirectUrl(options.redirectUrl),\n    errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl),\n    afterCallbackRedirectUrl: constructRedirectUrl(window.location.href),\n    codeChallenge,\n    state,\n    type: \"link\",\n    session,\n    providerScope: options.providerScope,\n  });\n  window.location.assign(location);\n  await neverResolve();\n}\n\n/**\n * Checks if the current URL has the query parameters for an OAuth callback, and if so, removes them.\n *\n * Must be synchronous for the logic in callOAuthCallback to work without race conditions.\n */\nfunction consumeOAuthCallbackQueryParams() {\n  const requiredParams = [\"code\", \"state\"];\n  const originalUrl = new URL(window.location.href);\n  for (const param of requiredParams) {\n    if (!originalUrl.searchParams.has(param)) {\n      captureError(\"consumeOAuthCallbackQueryParams\", new Error(`Missing required query parameter on OAuth callback: ${param}`));\n      return null;\n    }\n  }\n\n  const expectedState = originalUrl.searchParams.get(\"state\") ?? throwErr(\"This should never happen; isn't state required above?\");\n  const cookieResult = consumeVerifierAndStateCookie(expectedState);\n\n  if (!cookieResult) {\n    // If the state can't be found in the cookies, then the callback wasn't meant for us.\n    // Maybe the website uses another OAuth library?\n    console.warn(deindent`\n      Stack found an outer OAuth callback state in the query parameters, but not in cookies.\n      \n      This could have multiple reasons:\n        - The cookie expired, because the OAuth flow took too long.\n        - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.\n        - The cookie was already consumed by this page, and the user already logged in.\n        - You are using another OAuth client library with the same callback URL as Stack.\n        - The user opened the OAuth callback page from their history.\n\n      Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.\n    `);\n    return null;\n  }\n\n\n  const newUrl = new URL(originalUrl);\n  for (const param of requiredParams) {\n    newUrl.searchParams.delete(param);\n  }\n\n  // let's get rid of the authorization code in the history as we\n  // don't redirect to `redirectUrl` if there's a validation error\n  // (as the redirectUrl might be malicious!).\n  //\n  // We use history.replaceState instead of location.assign(...) to\n  // prevent an unnecessary reload\n  window.history.replaceState({}, \"\", newUrl.toString());\n\n  return {\n    originalUrl,\n    codeVerifier: cookieResult.codeVerifier,\n    state: expectedState,\n  };\n}\n\nexport async function callOAuthCallback(\n  iface: StackClientInterface,\n  redirectUrl: string,\n) {\n  // note: this part of the function (until the return) needs\n  // to be synchronous, to prevent race conditions when\n  // callOAuthCallback is called multiple times in parallel\n  const consumed = consumeOAuthCallbackQueryParams();\n  if (!consumed) return Result.ok(undefined);\n\n  // the rest can be asynchronous (we now know that we are the\n  // intended recipient of the callback, and the only instance\n  // of callOAuthCallback that's running)\n  try {\n    return Result.ok(await iface.callOAuthCallback({\n      oauthParams: consumed.originalUrl.searchParams,\n      redirectUri: constructRedirectUrl(redirectUrl),\n      codeVerifier: consumed.codeVerifier,\n      state: consumed.state,\n    }));\n  } catch (e) {\n    if (e instanceof KnownError) {\n      throw e;\n    }\n    throw new StackAssertionError(\"Error signing in during OAuth callback. Please try again.\", { cause: e });\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,0BAAiD;AAEjD,oBAA4D;AAC5D,sBAA6B;AAC7B,qBAAuB;AACvB,qBAAyB;AACzB,iBAAqC;AACrC,oBAAoE;AAEpE,eAAsB,gBACpB,OACA,SAMA;AACA,QAAM,EAAE,eAAe,MAAM,IAAI,UAAM,oCAAqB;AAC5D,QAAM,WAAW,MAAM,MAAM,YAAY;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,iBAAa,iCAAqB,QAAQ,WAAW;AAAA,IACrD,sBAAkB,iCAAqB,QAAQ,gBAAgB;AAAA,IAC/D;AAAA,IACA;AAAA,IACA,MAAM;AAAA,IACN,eAAe,QAAQ;AAAA,EACzB,CAAC;AACD,SAAO,SAAS,OAAO,QAAQ;AAC/B,YAAM,8BAAa;AACrB;AAEA,eAAsB,2BACpB,OACA,SAMA,SACA;AACA,QAAM,EAAE,eAAe,MAAM,IAAI,UAAM,oCAAqB;AAC5D,QAAM,WAAW,MAAM,MAAM,YAAY;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,iBAAa,iCAAqB,QAAQ,WAAW;AAAA,IACrD,sBAAkB,iCAAqB,QAAQ,gBAAgB;AAAA,IAC/D,8BAA0B,iCAAqB,OAAO,SAAS,IAAI;AAAA,IACnE;AAAA,IACA;AAAA,IACA,MAAM;AAAA,IACN;AAAA,IACA,eAAe,QAAQ;AAAA,EACzB,CAAC;AACD,SAAO,SAAS,OAAO,QAAQ;AAC/B,YAAM,8BAAa;AACrB;AAOA,SAAS,kCAAkC;AACzC,QAAM,iBAAiB,CAAC,QAAQ,OAAO;AACvC,QAAM,cAAc,IAAI,IAAI,OAAO,SAAS,IAAI;AAChD,aAAW,SAAS,gBAAgB;AAClC,QAAI,CAAC,YAAY,aAAa,IAAI,KAAK,GAAG;AACxC,sCAAa,mCAAmC,IAAI,MAAM,uDAAuD,KAAK,EAAE,CAAC;AACzH,aAAO;AAAA,IACT;AAAA,EACF;AAEA,QAAM,gBAAgB,YAAY,aAAa,IAAI,OAAO,SAAK,wBAAS,uDAAuD;AAC/H,QAAM,mBAAe,6CAA8B,aAAa;AAEhE,MAAI,CAAC,cAAc;AAGjB,YAAQ,KAAK;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KAWZ;AACD,WAAO;AAAA,EACT;AAGA,QAAM,SAAS,IAAI,IAAI,WAAW;AAClC,aAAW,SAAS,gBAAgB;AAClC,WAAO,aAAa,OAAO,KAAK;AAAA,EAClC;AAQA,SAAO,QAAQ,aAAa,CAAC,GAAG,IAAI,OAAO,SAAS,CAAC;AAErD,SAAO;AAAA,IACL;AAAA,IACA,cAAc,aAAa;AAAA,IAC3B,OAAO;AAAA,EACT;AACF;AAEA,eAAsB,kBACpB,OACA,aACA;AAIA,QAAM,WAAW,gCAAgC;AACjD,MAAI,CAAC,SAAU,QAAO,sBAAO,GAAG,MAAS;AAKzC,MAAI;AACF,WAAO,sBAAO,GAAG,MAAM,MAAM,kBAAkB;AAAA,MAC7C,aAAa,SAAS,YAAY;AAAA,MAClC,iBAAa,iCAAqB,WAAW;AAAA,MAC7C,cAAc,SAAS;AAAA,MACvB,OAAO,SAAS;AAAA,IAClB,CAAC,CAAC;AAAA,EACJ,SAAS,GAAG;AACV,QAAI,aAAa,gCAAY;AAC3B,YAAM;AAAA,IACR;AACA,UAAM,IAAI,kCAAoB,6DAA6D,EAAE,OAAO,EAAE,CAAC;AAAA,EACzG;AACF;","names":[]}
+{"version":3,"sources":["../../src/lib/auth.ts"],"sourcesContent":["import { KnownError, StackClientInterface } from \"@stackframe/stack-shared\";\nimport { InternalSession } from \"@stackframe/stack-shared/dist/sessions\";\nimport { StackAssertionError, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { neverResolve } from \"@stackframe/stack-shared/dist/utils/promises\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { deindent } from \"@stackframe/stack-shared/dist/utils/strings\";\nimport { constructRedirectUrl } from \"../utils/url\";\nimport { consumeVerifierAndStateCookie, saveVerifierAndState } from \"./cookie\";\n\nexport async function signInWithOAuth(\n  iface: StackClientInterface,\n  options: {\n    provider: string,\n    redirectUrl: string,\n    errorRedirectUrl: string,\n    providerScope?: string,\n  }\n) {\n  const { codeChallenge, state } = await saveVerifierAndState();\n  const location = await iface.getOAuthUrl({\n    provider: options.provider,\n    redirectUrl: constructRedirectUrl(options.redirectUrl),\n    errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl),\n    codeChallenge,\n    state,\n    type: \"authenticate\",\n    providerScope: options.providerScope,\n  });\n  window.location.assign(location);\n  await neverResolve();\n}\n\nexport async function addNewOAuthProviderOrScope(\n  iface: StackClientInterface,\n  options: {\n    provider: string,\n    redirectUrl: string,\n    errorRedirectUrl: string,\n    providerScope?: string,\n  },\n  session: InternalSession,\n) {\n  const { codeChallenge, state } = await saveVerifierAndState();\n  const location = await iface.getOAuthUrl({\n    provider: options.provider,\n    redirectUrl: constructRedirectUrl(options.redirectUrl),\n    errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl),\n    afterCallbackRedirectUrl: constructRedirectUrl(window.location.href),\n    codeChallenge,\n    state,\n    type: \"link\",\n    session,\n    providerScope: options.providerScope,\n  });\n  window.location.assign(location);\n  await neverResolve();\n}\n\n/**\n * Checks if the current URL has the query parameters for an OAuth callback, and if so, removes them.\n *\n * Must be synchronous for the logic in callOAuthCallback to work without race conditions.\n */\nfunction consumeOAuthCallbackQueryParams() {\n  const requiredParams = [\"code\", \"state\"];\n  const originalUrl = new URL(window.location.href);\n  for (const param of requiredParams) {\n    if (!originalUrl.searchParams.has(param)) {\n      console.warn(new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));\n      return null;\n    }\n  }\n\n  const expectedState = originalUrl.searchParams.get(\"state\") ?? throwErr(\"This should never happen; isn't state required above?\");\n  const cookieResult = consumeVerifierAndStateCookie(expectedState);\n\n  if (!cookieResult) {\n    // If the state can't be found in the cookies, then the callback wasn't meant for us.\n    // Maybe the website uses another OAuth library?\n    console.warn(deindent`\n      Stack found an outer OAuth callback state in the query parameters, but not in cookies.\n      \n      This could have multiple reasons:\n        - The cookie expired, because the OAuth flow took too long.\n        - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.\n        - The cookie was already consumed by this page, and the user already logged in.\n        - You are using another OAuth client library with the same callback URL as Stack.\n        - The user opened the OAuth callback page from their history.\n\n      Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.\n    `);\n    return null;\n  }\n\n\n  const newUrl = new URL(originalUrl);\n  for (const param of requiredParams) {\n    newUrl.searchParams.delete(param);\n  }\n\n  // let's get rid of the authorization code in the history as we\n  // don't redirect to `redirectUrl` if there's a validation error\n  // (as the redirectUrl might be malicious!).\n  //\n  // We use history.replaceState instead of location.assign(...) to\n  // prevent an unnecessary reload\n  window.history.replaceState({}, \"\", newUrl.toString());\n\n  return {\n    originalUrl,\n    codeVerifier: cookieResult.codeVerifier,\n    state: expectedState,\n  };\n}\n\nexport async function callOAuthCallback(\n  iface: StackClientInterface,\n  redirectUrl: string,\n) {\n  // note: this part of the function (until the return) needs\n  // to be synchronous, to prevent race conditions when\n  // callOAuthCallback is called multiple times in parallel\n  const consumed = consumeOAuthCallbackQueryParams();\n  if (!consumed) return Result.ok(undefined);\n\n  // the rest can be asynchronous (we now know that we are the\n  // intended recipient of the callback, and the only instance\n  // of callOAuthCallback that's running)\n  try {\n    return Result.ok(await iface.callOAuthCallback({\n      oauthParams: consumed.originalUrl.searchParams,\n      redirectUri: constructRedirectUrl(redirectUrl),\n      codeVerifier: consumed.codeVerifier,\n      state: consumed.state,\n    }));\n  } catch (e) {\n    if (e instanceof KnownError) {\n      throw e;\n    }\n    throw new StackAssertionError(\"Error signing in during OAuth callback. Please try again.\", { cause: e });\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,0BAAiD;AAEjD,oBAA8C;AAC9C,sBAA6B;AAC7B,qBAAuB;AACvB,qBAAyB;AACzB,iBAAqC;AACrC,oBAAoE;AAEpE,eAAsB,gBACpB,OACA,SAMA;AACA,QAAM,EAAE,eAAe,MAAM,IAAI,UAAM,oCAAqB;AAC5D,QAAM,WAAW,MAAM,MAAM,YAAY;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,iBAAa,iCAAqB,QAAQ,WAAW;AAAA,IACrD,sBAAkB,iCAAqB,QAAQ,gBAAgB;AAAA,IAC/D;AAAA,IACA;AAAA,IACA,MAAM;AAAA,IACN,eAAe,QAAQ;AAAA,EACzB,CAAC;AACD,SAAO,SAAS,OAAO,QAAQ;AAC/B,YAAM,8BAAa;AACrB;AAEA,eAAsB,2BACpB,OACA,SAMA,SACA;AACA,QAAM,EAAE,eAAe,MAAM,IAAI,UAAM,oCAAqB;AAC5D,QAAM,WAAW,MAAM,MAAM,YAAY;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,iBAAa,iCAAqB,QAAQ,WAAW;AAAA,IACrD,sBAAkB,iCAAqB,QAAQ,gBAAgB;AAAA,IAC/D,8BAA0B,iCAAqB,OAAO,SAAS,IAAI;AAAA,IACnE;AAAA,IACA;AAAA,IACA,MAAM;AAAA,IACN;AAAA,IACA,eAAe,QAAQ;AAAA,EACzB,CAAC;AACD,SAAO,SAAS,OAAO,QAAQ;AAC/B,YAAM,8BAAa;AACrB;AAOA,SAAS,kCAAkC;AACzC,QAAM,iBAAiB,CAAC,QAAQ,OAAO;AACvC,QAAM,cAAc,IAAI,IAAI,OAAO,SAAS,IAAI;AAChD,aAAW,SAAS,gBAAgB;AAClC,QAAI,CAAC,YAAY,aAAa,IAAI,KAAK,GAAG;AACxC,cAAQ,KAAK,IAAI,MAAM,uDAAuD,KAAK,2EAA2E,CAAC;AAC/J,aAAO;AAAA,IACT;AAAA,EACF;AAEA,QAAM,gBAAgB,YAAY,aAAa,IAAI,OAAO,SAAK,wBAAS,uDAAuD;AAC/H,QAAM,mBAAe,6CAA8B,aAAa;AAEhE,MAAI,CAAC,cAAc;AAGjB,YAAQ,KAAK;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KAWZ;AACD,WAAO;AAAA,EACT;AAGA,QAAM,SAAS,IAAI,IAAI,WAAW;AAClC,aAAW,SAAS,gBAAgB;AAClC,WAAO,aAAa,OAAO,KAAK;AAAA,EAClC;AAQA,SAAO,QAAQ,aAAa,CAAC,GAAG,IAAI,OAAO,SAAS,CAAC;AAErD,SAAO;AAAA,IACL;AAAA,IACA,cAAc,aAAa;AAAA,IAC3B,OAAO;AAAA,EACT;AACF;AAEA,eAAsB,kBACpB,OACA,aACA;AAIA,QAAM,WAAW,gCAAgC;AACjD,MAAI,CAAC,SAAU,QAAO,sBAAO,GAAG,MAAS;AAKzC,MAAI;AACF,WAAO,sBAAO,GAAG,MAAM,MAAM,kBAAkB;AAAA,MAC7C,aAAa,SAAS,YAAY;AAAA,MAClC,iBAAa,iCAAqB,WAAW;AAAA,MAC7C,cAAc,SAAS;AAAA,MACvB,OAAO,SAAS;AAAA,IAClB,CAAC,CAAC;AAAA,EACJ,SAAS,GAAG;AACV,QAAI,aAAa,gCAAY;AAC3B,YAAM;AAAA,IACR;AACA,UAAM,IAAI,kCAAoB,6DAA6D,EAAE,OAAO,EAAE,CAAC;AAAA,EACzG;AACF;","names":[]}

package/dist/lib/stack-app.d.mts

@@ -509,6 +509,12 @@ type TeamUser = {
     id: string;
     teamProfile: TeamMemberProfile;
 };
+type TeamInvitation = {
+    id: string;
+    recipientEmail: string | null;
+    expiresAt: Date;
+    revoke(): Promise<void>;
+};
 type Team = {
     id: string;
     displayName: string;
@@ -521,6 +527,8 @@ type Team = {
     }): Promise<void>;
     listUsers(): Promise<TeamUser[]>;
     useUsers(): TeamUser[];
+    listInvitations(): Promise<TeamInvitation[]>;
+    useInvitations(): TeamInvitation[];
     update(update: TeamUpdateOptions): Promise<void>;
 };
 type TeamUpdateOptions = {
@@ -727,4 +735,4 @@ type AsyncStoreProperty<Name extends string, Args extends any[], Value, IsMultip
     [key in `use${Capitalize<Name>}`]: (...args: Args) => Value;
 };
 
-export { type AdminDomainConfig, type AdminEmailConfig, type AdminOAuthProviderConfig, type AdminOwnedProject, type AdminProject, type AdminProjectConfig, type AdminProjectConfigUpdateOptions, type AdminProjectCreateOptions, type AdminProjectUpdateOptions, type AdminTeamPermission, type AdminTeamPermissionDefinition, type AdminTeamPermissionDefinitionCreateOptions, type AdminTeamPermissionDefinitionUpdateOptions, type ApiKey, type ApiKeyBase, type ApiKeyBaseCrudRead, type ApiKeyCreateOptions, type ApiKeyFirstView, type Connection, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type EditableTeamMemberProfile, type GetUserOptions, type HandlerUrls, type OAuthConnection, type OAuthProviderConfig, type OAuthScopesOnSignIn, type Project, type ProjectConfig, type ServerListUsersOptions, type ServerTeam, type ServerTeamCreateOptions, type ServerTeamMemberProfile, type ServerTeamUpdateOptions, type ServerTeamUser, type ServerUser, StackAdminApp, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructorOptions, type StackClientAppJson, StackServerApp, type StackServerAppConstructorOptions, type Team, type TeamCreateOptions, type TeamMemberProfile, type TeamPermission, type TeamUpdateOptions, type TeamUser, type TokenStoreInit, type User, serverTeamPermissionDefinitionCreateOptionsToCrud, serverTeamPermissionDefinitionUpdateOptionsToCrud, stackAppInternalsSymbol };
+export { type AdminDomainConfig, type AdminEmailConfig, type AdminOAuthProviderConfig, type AdminOwnedProject, type AdminProject, type AdminProjectConfig, type AdminProjectConfigUpdateOptions, type AdminProjectCreateOptions, type AdminProjectUpdateOptions, type AdminTeamPermission, type AdminTeamPermissionDefinition, type AdminTeamPermissionDefinitionCreateOptions, type AdminTeamPermissionDefinitionUpdateOptions, type ApiKey, type ApiKeyBase, type ApiKeyBaseCrudRead, type ApiKeyCreateOptions, type ApiKeyFirstView, type Connection, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type EditableTeamMemberProfile, type GetUserOptions, type HandlerUrls, type OAuthConnection, type OAuthProviderConfig, type OAuthScopesOnSignIn, type Project, type ProjectConfig, type ServerListUsersOptions, type ServerTeam, type ServerTeamCreateOptions, type ServerTeamMemberProfile, type ServerTeamUpdateOptions, type ServerTeamUser, type ServerUser, StackAdminApp, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructorOptions, type StackClientAppJson, StackServerApp, type StackServerAppConstructorOptions, type Team, type TeamCreateOptions, type TeamInvitation, type TeamMemberProfile, type TeamPermission, type TeamUpdateOptions, type TeamUser, type TokenStoreInit, type User, serverTeamPermissionDefinitionCreateOptionsToCrud, serverTeamPermissionDefinitionUpdateOptionsToCrud, stackAppInternalsSymbol };

package/dist/lib/stack-app.d.ts

@@ -509,6 +509,12 @@ type TeamUser = {
     id: string;
     teamProfile: TeamMemberProfile;
 };
+type TeamInvitation = {
+    id: string;
+    recipientEmail: string | null;
+    expiresAt: Date;
+    revoke(): Promise<void>;
+};
 type Team = {
     id: string;
     displayName: string;
@@ -521,6 +527,8 @@ type Team = {
     }): Promise<void>;
     listUsers(): Promise<TeamUser[]>;
     useUsers(): TeamUser[];
+    listInvitations(): Promise<TeamInvitation[]>;
+    useInvitations(): TeamInvitation[];
     update(update: TeamUpdateOptions): Promise<void>;
 };
 type TeamUpdateOptions = {
@@ -727,4 +735,4 @@ type AsyncStoreProperty<Name extends string, Args extends any[], Value, IsMultip
     [key in `use${Capitalize<Name>}`]: (...args: Args) => Value;
 };
 
-export { type AdminDomainConfig, type AdminEmailConfig, type AdminOAuthProviderConfig, type AdminOwnedProject, type AdminProject, type AdminProjectConfig, type AdminProjectConfigUpdateOptions, type AdminProjectCreateOptions, type AdminProjectUpdateOptions, type AdminTeamPermission, type AdminTeamPermissionDefinition, type AdminTeamPermissionDefinitionCreateOptions, type AdminTeamPermissionDefinitionUpdateOptions, type ApiKey, type ApiKeyBase, type ApiKeyBaseCrudRead, type ApiKeyCreateOptions, type ApiKeyFirstView, type Connection, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type EditableTeamMemberProfile, type GetUserOptions, type HandlerUrls, type OAuthConnection, type OAuthProviderConfig, type OAuthScopesOnSignIn, type Project, type ProjectConfig, type ServerListUsersOptions, type ServerTeam, type ServerTeamCreateOptions, type ServerTeamMemberProfile, type ServerTeamUpdateOptions, type ServerTeamUser, type ServerUser, StackAdminApp, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructorOptions, type StackClientAppJson, StackServerApp, type StackServerAppConstructorOptions, type Team, type TeamCreateOptions, type TeamMemberProfile, type TeamPermission, type TeamUpdateOptions, type TeamUser, type TokenStoreInit, type User, serverTeamPermissionDefinitionCreateOptionsToCrud, serverTeamPermissionDefinitionUpdateOptionsToCrud, stackAppInternalsSymbol };
+export { type AdminDomainConfig, type AdminEmailConfig, type AdminOAuthProviderConfig, type AdminOwnedProject, type AdminProject, type AdminProjectConfig, type AdminProjectConfigUpdateOptions, type AdminProjectCreateOptions, type AdminProjectUpdateOptions, type AdminTeamPermission, type AdminTeamPermissionDefinition, type AdminTeamPermissionDefinitionCreateOptions, type AdminTeamPermissionDefinitionUpdateOptions, type ApiKey, type ApiKeyBase, type ApiKeyBaseCrudRead, type ApiKeyCreateOptions, type ApiKeyFirstView, type Connection, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type EditableTeamMemberProfile, type GetUserOptions, type HandlerUrls, type OAuthConnection, type OAuthProviderConfig, type OAuthScopesOnSignIn, type Project, type ProjectConfig, type ServerListUsersOptions, type ServerTeam, type ServerTeamCreateOptions, type ServerTeamMemberProfile, type ServerTeamUpdateOptions, type ServerTeamUser, type ServerUser, StackAdminApp, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructorOptions, type StackClientAppJson, StackServerApp, type StackServerAppConstructorOptions, type Team, type TeamCreateOptions, type TeamInvitation, type TeamMemberProfile, type TeamPermission, type TeamUpdateOptions, type TeamUser, type TokenStoreInit, type User, serverTeamPermissionDefinitionCreateOptionsToCrud, serverTeamPermissionDefinitionUpdateOptionsToCrud, stackAppInternalsSymbol };

package/dist/lib/stack-app.js

@@ -64,7 +64,7 @@ var import_url = require("../utils/url");
 var import_auth = require("./auth");
 var import_cookie = require("./cookie");
 var NextNavigation = (0, import_compile_time.scrambleDuringCompileTime)(NextNavigationUnscrambled);
-var clientVersion = "js @stackframe/stack@2.6.27";
+var clientVersion = "js @stackframe/stack@2.6.29";
 function getUrls(partial) {
   const handler = partial.handler ?? "/handler";
   const home = partial.home ?? "/";
@@ -230,6 +230,11 @@ var _StackClientAppImpl = class __StackClientAppImpl {
         return await this._interface.listTeamMemberProfiles({ teamId }, session);
       }
     );
+    this._teamInvitationsCache = createCacheBySession(
+      async (session, [teamId]) => {
+        return await this._interface.listTeamInvitations({ teamId }, session);
+      }
+    );
     this._currentUserTeamProfileCache = createCacheBySession(
       async (session, [teamId]) => {
         return await this._interface.getTeamMemberProfile({ teamId, userId: "me" }, session);
@@ -581,6 +586,17 @@ var _StackClientAppImpl = class __StackClientAppImpl {
       }
     };
   }
+  _clientTeamInvitationFromCrud(session, crud) {
+    return {
+      id: crud.id,
+      recipientEmail: crud.recipient_email,
+      expiresAt: new Date(crud.expires_at_millis),
+      revoke: async () => {
+        await this._interface.revokeTeamInvitation(crud.id, crud.team_id, session);
+        await this._teamInvitationsCache.refresh([session, crud.team_id]);
+      }
+    };
+  }
   _clientTeamFromCrud(crud, session) {
     const app = this;
     return {
@@ -599,6 +615,7 @@ var _StackClientAppImpl = class __StackClientAppImpl {
           session,
           callbackUrl: options.callbackUrl ?? (0, import_url.constructRedirectUrl)(app.urls.teamInvitation)
         });
+        await app._teamInvitationsCache.refresh([session, crud.id]);
       },
       async listUsers() {
         const result = import_results.Result.orThrow(await app._teamMemberProfilesCache.getOrWait([session, crud.id], "write-only"));
@@ -608,6 +625,14 @@ var _StackClientAppImpl = class __StackClientAppImpl {
         const result = useAsyncCache(app._teamMemberProfilesCache, [session, crud.id], "team.useUsers()");
         return result.map((crud2) => app._clientTeamUserFromCrud(crud2));
       },
+      async listInvitations() {
+        const result = import_results.Result.orThrow(await app._teamInvitationsCache.getOrWait([session, crud.id], "write-only"));
+        return result.map((crud2) => app._clientTeamInvitationFromCrud(session, crud2));
+      },
+      useInvitations() {
+        const result = useAsyncCache(app._teamInvitationsCache, [session, crud.id], "team.useInvitations()");
+        return result.map((crud2) => app._clientTeamInvitationFromCrud(session, crud2));
+      },
       async update(data) {
         await app._interface.updateTeam({ data: teamUpdateOptionsToCrud(data), teamId: crud.id }, session);
         await app._currentUserTeamsCache.refresh([session]);
@@ -1424,6 +1449,11 @@ var _StackServerAppImpl = class extends _StackClientAppImpl {
         return await this._interface.listServerTeamMemberProfiles({ teamId });
       }
     );
+    this._serverTeamInvitationsCache = createCache(
+      async ([teamId]) => {
+        return await this._interface.listServerTeamInvitations({ teamId });
+      }
+    );
     this._serverUserTeamProfileCache = createCache(
       async ([teamId, userId]) => {
         return await this._interface.getServerTeamMemberProfile({ teamId, userId });
@@ -1636,6 +1666,16 @@ var _StackServerAppImpl = class extends _StackClientAppImpl {
       }
     };
   }
+  _serverTeamInvitationFromCrud(crud) {
+    return {
+      id: crud.id,
+      recipientEmail: crud.recipient_email,
+      expiresAt: new Date(crud.expires_at_millis),
+      revoke: async () => {
+        await this._interface.revokeServerTeamInvitation(crud.id, crud.team_id);
+      }
+    };
+  }
   _currentUserFromCrud(crud, session) {
     const app = this;
     const currentUser = {
@@ -1695,6 +1735,15 @@ var _StackServerAppImpl = class extends _StackClientAppImpl {
           email: options.email,
           callbackUrl: options.callbackUrl ?? (0, import_url.constructRedirectUrl)(app.urls.teamInvitation)
         });
+        await app._serverTeamInvitationsCache.refresh([crud.id]);
+      },
+      async listInvitations() {
+        const result = import_results.Result.orThrow(await app._serverTeamInvitationsCache.getOrWait([crud.id], "write-only"));
+        return result.map((crud2) => app._serverTeamInvitationFromCrud(crud2));
+      },
+      useInvitations() {
+        const result = useAsyncCache(app._serverTeamInvitationsCache, [crud.id], "team.useInvitations()");
+        return (0, import_react2.useMemo)(() => result.map((crud2) => app._serverTeamInvitationFromCrud(crud2)), [result]);
       }
     };
   }