@stigmer/react 0.0.71 → 0.0.73

package/identity-provider/presets.js

@@ -0,0 +1,200 @@
+/**
+ * Provider presets for well-known OIDC identity providers.
+ *
+ * Each preset defines URL templates and required user variables for a
+ * specific provider. The {@link ProviderPreset.buildConfig} function
+ * constructs the full OIDC configuration from the user's input without
+ * any network calls — URL patterns are deterministic for known providers.
+ *
+ * The "custom" preset is a special case: it collects an issuer URL and
+ * delegates to OIDC Discovery for auto-population.
+ */
+// ---------------------------------------------------------------------------
+// Auth0
+// ---------------------------------------------------------------------------
+const auth0Preset = {
+    id: "auth0",
+    label: "Auth0",
+    description: "Auth0 by Okta — universal login and identity platform",
+    variables: [
+        {
+            key: "tenant",
+            label: "Tenant name",
+            placeholder: "acme-prod",
+            hint: "The subdomain from your Auth0 tenant URL",
+            type: "text",
+        },
+        {
+            key: "region",
+            label: "Region",
+            placeholder: "us",
+            type: "select",
+            options: [
+                { value: "us", label: "US" },
+                { value: "eu", label: "EU" },
+                { value: "au", label: "AU" },
+                { value: "jp", label: "JP" },
+            ],
+        },
+    ],
+    buildConfig(vars) {
+        const { tenant, region } = vars;
+        if (!tenant || !region)
+            return null;
+        const domain = `${tenant}.${region}.auth0.com`;
+        const issuer = `https://${domain}/`;
+        return {
+            issuer,
+            jwksUri: `https://${domain}/.well-known/jwks.json`,
+            allowedIssuers: [issuer],
+            userinfoEndpoint: `https://${domain}/userinfo`,
+        };
+    },
+};
+// ---------------------------------------------------------------------------
+// Okta
+// ---------------------------------------------------------------------------
+const oktaPreset = {
+    id: "okta",
+    label: "Okta",
+    description: "Okta — enterprise identity and access management",
+    variables: [
+        {
+            key: "domain",
+            label: "Okta domain",
+            placeholder: "acme.okta.com",
+            hint: "Your Okta organization domain (e.g., acme.okta.com)",
+            type: "text",
+        },
+    ],
+    buildConfig(vars) {
+        const { domain } = vars;
+        if (!domain)
+            return null;
+        const base = `https://${domain}/oauth2/default`;
+        return {
+            issuer: base,
+            jwksUri: `${base}/v1/keys`,
+            allowedIssuers: [base],
+            userinfoEndpoint: `${base}/v1/userinfo`,
+        };
+    },
+};
+// ---------------------------------------------------------------------------
+// Google
+// ---------------------------------------------------------------------------
+const googlePreset = {
+    id: "google",
+    label: "Google",
+    description: "Google Identity — Workspace and consumer accounts",
+    variables: [],
+    buildConfig() {
+        return {
+            issuer: "https://accounts.google.com",
+            jwksUri: "https://www.googleapis.com/oauth2/v3/certs",
+            allowedIssuers: ["https://accounts.google.com"],
+            userinfoEndpoint: "https://openidconnect.googleapis.com/v1/userinfo",
+        };
+    },
+};
+// ---------------------------------------------------------------------------
+// Microsoft Entra ID (Azure AD)
+// ---------------------------------------------------------------------------
+const azureAdPreset = {
+    id: "azure-ad",
+    label: "Microsoft Entra ID",
+    description: "Microsoft Entra ID (formerly Azure AD) — enterprise identity",
+    variables: [
+        {
+            key: "tenantId",
+            label: "Tenant ID",
+            placeholder: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
+            hint: "Your Entra ID / Azure AD tenant identifier (GUID)",
+            type: "text",
+        },
+    ],
+    buildConfig(vars) {
+        const { tenantId } = vars;
+        if (!tenantId)
+            return null;
+        const issuer = `https://login.microsoftonline.com/${tenantId}/v2.0`;
+        return {
+            issuer,
+            jwksUri: `https://login.microsoftonline.com/${tenantId}/discovery/v2.0/keys`,
+            allowedIssuers: [issuer],
+            userinfoEndpoint: "https://graph.microsoft.com/oidc/userinfo",
+        };
+    },
+};
+// ---------------------------------------------------------------------------
+// AWS Cognito
+// ---------------------------------------------------------------------------
+const cognitoPreset = {
+    id: "aws-cognito",
+    label: "AWS Cognito",
+    description: "Amazon Cognito — user pools for AWS applications",
+    variables: [
+        {
+            key: "region",
+            label: "AWS region",
+            placeholder: "us-east-1",
+            hint: "The AWS region of your Cognito user pool",
+            type: "text",
+        },
+        {
+            key: "userPoolId",
+            label: "User Pool ID",
+            placeholder: "us-east-1_aBcDeFgHi",
+            hint: "Your Cognito user pool identifier",
+            type: "text",
+        },
+    ],
+    buildConfig(vars) {
+        const { region, userPoolId } = vars;
+        if (!region || !userPoolId)
+            return null;
+        const base = `https://cognito-idp.${region}.amazonaws.com/${userPoolId}`;
+        return {
+            issuer: base,
+            jwksUri: `${base}/.well-known/jwks.json`,
+            allowedIssuers: [base],
+        };
+    },
+};
+// ---------------------------------------------------------------------------
+// Custom OIDC
+// ---------------------------------------------------------------------------
+const customPreset = {
+    id: "custom",
+    label: "Custom OIDC",
+    description: "Any OpenID Connect compliant identity provider",
+    variables: [
+        {
+            key: "issuerUrl",
+            label: "Issuer URL",
+            placeholder: "https://idp.example.com",
+            hint: "The OIDC issuer URL — configuration will be auto-discovered",
+            type: "text",
+        },
+    ],
+    buildConfig() {
+        return null;
+    },
+};
+// ---------------------------------------------------------------------------
+// Public API
+// ---------------------------------------------------------------------------
+/** All available provider presets in display order. */
+export const PROVIDER_PRESETS = [
+    auth0Preset,
+    oktaPreset,
+    googlePreset,
+    azureAdPreset,
+    cognitoPreset,
+    customPreset,
+];
+/** Look up a preset by ID. Returns `undefined` if not found. */
+export function getPreset(id) {
+    return PROVIDER_PRESETS.find((p) => p.id === id);
+}
+//# sourceMappingURL=presets.js.map

package/identity-provider/presets.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"presets.js","sourceRoot":"","sources":["../../src/identity-provider/presets.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAsDH,8EAA8E;AAC9E,QAAQ;AACR,8EAA8E;AAE9E,MAAM,WAAW,GAAmB;IAClC,EAAE,EAAE,OAAO;IACX,KAAK,EAAE,OAAO;IACd,WAAW,EAAE,uDAAuD;IACpE,SAAS,EAAE;QACT;YACE,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,aAAa;YACpB,WAAW,EAAE,WAAW;YACxB,IAAI,EAAE,0CAA0C;YAChD,IAAI,EAAE,MAAM;SACb;QACD;YACE,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,QAAQ;YACf,WAAW,EAAE,IAAI;YACjB,IAAI,EAAE,QAAQ;YACd,OAAO,EAAE;gBACP,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE;gBAC5B,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE;gBAC5B,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE;gBAC5B,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE;aAC7B;SACF;KACF;IACD,WAAW,CAAC,IAAI;QACd,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QAChC,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QACpC,MAAM,MAAM,GAAG,GAAG,MAAM,IAAI,MAAM,YAAY,CAAC;QAC/C,MAAM,MAAM,GAAG,WAAW,MAAM,GAAG,CAAC;QACpC,OAAO;YACL,MAAM;YACN,OAAO,EAAE,WAAW,MAAM,wBAAwB;YAClD,cAAc,EAAE,CAAC,MAAM,CAAC;YACxB,gBAAgB,EAAE,WAAW,MAAM,WAAW;SAC/C,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,8EAA8E;AAC9E,OAAO;AACP,8EAA8E;AAE9E,MAAM,UAAU,GAAmB;IACjC,EAAE,EAAE,MAAM;IACV,KAAK,EAAE,MAAM;IACb,WAAW,EAAE,kDAAkD;IAC/D,SAAS,EAAE;QACT;YACE,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,aAAa;YACpB,WAAW,EAAE,eAAe;YAC5B,IAAI,EAAE,qDAAqD;YAC3D,IAAI,EAAE,MAAM;SACb;KACF;IACD,WAAW,CAAC,IAAI;QACd,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QACxB,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QACzB,MAAM,IAAI,GAAG,WAAW,MAAM,iBAAiB,CAAC;QAChD,OAAO;YACL,MAAM,EAAE,IAAI;YACZ,OAAO,EAAE,GAAG,IAAI,UAAU;YAC1B,cAAc,EAAE,CAAC,IAAI,CAAC;YACtB,gBAAgB,EAAE,GAAG,IAAI,cAAc;SACxC,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,8EAA8E;AAC9E,SAAS;AACT,8EAA8E;AAE9E,MAAM,YAAY,GAAmB;IACnC,EAAE,EAAE,QAAQ;IACZ,KAAK,EAAE,QAAQ;IACf,WAAW,EAAE,mDAAmD;IAChE,SAAS,EAAE,EAAE;IACb,WAAW;QACT,OAAO;YACL,MAAM,EAAE,6BAA6B;YACrC,OAAO,EAAE,4CAA4C;YACrD,cAAc,EAAE,CAAC,6BAA6B,CAAC;YAC/C,gBAAgB,EAAE,kDAAkD;SACrE,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,8EAA8E;AAC9E,gCAAgC;AAChC,8EAA8E;AAE9E,MAAM,aAAa,GAAmB;IACpC,EAAE,EAAE,UAAU;IACd,KAAK,EAAE,oBAAoB;IAC3B,WAAW,EAAE,8DAA8D;IAC3E,SAAS,EAAE;QACT;YACE,GAAG,EAAE,UAAU;YACf,KAAK,EAAE,WAAW;YAClB,WAAW,EAAE,sCAAsC;YACnD,IAAI,EAAE,mDAAmD;YACzD,IAAI,EAAE,MAAM;SACb;KACF;IACD,WAAW,CAAC,IAAI;QACd,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC1B,IAAI,CAAC,QAAQ;YAAE,OAAO,IAAI,CAAC;QAC3B,MAAM,MAAM,GAAG,qCAAqC,QAAQ,OAAO,CAAC;QACpE,OAAO;YACL,MAAM;YACN,OAAO,EAAE,qCAAqC,QAAQ,sBAAsB;YAC5E,cAAc,EAAE,CAAC,MAAM,CAAC;YACxB,gBAAgB,EAAE,2CAA2C;SAC9D,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,8EAA8E;AAC9E,cAAc;AACd,8EAA8E;AAE9E,MAAM,aAAa,GAAmB;IACpC,EAAE,EAAE,aAAa;IACjB,KAAK,EAAE,aAAa;IACpB,WAAW,EAAE,kDAAkD;IAC/D,SAAS,EAAE;QACT;YACE,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,YAAY;YACnB,WAAW,EAAE,WAAW;YACxB,IAAI,EAAE,0CAA0C;YAChD,IAAI,EAAE,MAAM;SACb;QACD;YACE,GAAG,EAAE,YAAY;YACjB,KAAK,EAAE,cAAc;YACrB,WAAW,EAAE,qBAAqB;YAClC,IAAI,EAAE,mCAAmC;YACzC,IAAI,EAAE,MAAM;SACb;KACF;IACD,WAAW,CAAC,IAAI;QACd,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;QACpC,IAAI,CAAC,MAAM,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAC;QACxC,MAAM,IAAI,GAAG,uBAAuB,MAAM,kBAAkB,UAAU,EAAE,CAAC;QACzE,OAAO;YACL,MAAM,EAAE,IAAI;YACZ,OAAO,EAAE,GAAG,IAAI,wBAAwB;YACxC,cAAc,EAAE,CAAC,IAAI,CAAC;SACvB,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,8EAA8E;AAC9E,cAAc;AACd,8EAA8E;AAE9E,MAAM,YAAY,GAAmB;IACnC,EAAE,EAAE,QAAQ;IACZ,KAAK,EAAE,aAAa;IACpB,WAAW,EAAE,gDAAgD;IAC7D,SAAS,EAAE;QACT;YACE,GAAG,EAAE,WAAW;YAChB,KAAK,EAAE,YAAY;YACnB,WAAW,EAAE,yBAAyB;YACtC,IAAI,EAAE,6DAA6D;YACnE,IAAI,EAAE,MAAM;SACb;KACF;IACD,WAAW;QACT,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAC;AAEF,8EAA8E;AAC9E,aAAa;AACb,8EAA8E;AAE9E,uDAAuD;AACvD,MAAM,CAAC,MAAM,gBAAgB,GAA8B;IACzD,WAAW;IACX,UAAU;IACV,YAAY;IACZ,aAAa;IACb,aAAa;IACb,YAAY;CACb,CAAC;AAEF,gEAAgE;AAChE,MAAM,UAAU,SAAS,CAAC,EAAU;IAClC,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AACnD,CAAC"}

package/identity-provider/useCreateIdentityProvider.d.ts

@@ -0,0 +1,37 @@
+import type { IdentityProviderInput } from "@stigmer/sdk";
+import type { IdentityProvider } from "@stigmer/protos/ai/stigmer/iam/identityprovider/v1/api_pb";
+/** Return value of {@link useCreateIdentityProvider}. */
+export interface UseCreateIdentityProviderReturn {
+    /** Submit an {@link IdentityProviderInput} to create a new identity provider. Resolves with the server-created resource. */
+    readonly create: (input: IdentityProviderInput) => Promise<IdentityProvider>;
+    /** `true` while the create request is in flight. */
+    readonly isCreating: boolean;
+    /** Error from the last failed create, or `null` when healthy. */
+    readonly error: Error | null;
+    /** Reset `error` to `null`. */
+    readonly clearError: () => void;
+}
+/**
+ * Mutation hook that wraps `identityProvider.create()` with loading
+ * and error state.
+ *
+ * Creates an identity provider resource within an organization. The
+ * caller provides an {@link IdentityProviderInput} with the required
+ * metadata (name, org) and spec fields (JWKS URI, allowed issuers,
+ * expected audience).
+ *
+ * @example
+ * ```tsx
+ * const { create, isCreating, error } = useCreateIdentityProvider();
+ *
+ * const idp = await create({
+ *   name: "Acme Corp SSO",
+ *   org: "acme",
+ *   jwksUri: "https://acme.us.auth0.com/.well-known/jwks.json",
+ *   allowedIssuers: ["https://acme.us.auth0.com/"],
+ *   expectedAudience: "stigmer-api",
+ * });
+ * ```
+ */
+export declare function useCreateIdentityProvider(): UseCreateIdentityProviderReturn;
+//# sourceMappingURL=useCreateIdentityProvider.d.ts.map

package/identity-provider/useCreateIdentityProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useCreateIdentityProvider.d.ts","sourceRoot":"","sources":["../../src/identity-provider/useCreateIdentityProvider.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAC1D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,2DAA2D,CAAC;AAIlG,yDAAyD;AACzD,MAAM,WAAW,+BAA+B;IAC9C,4HAA4H;IAC5H,QAAQ,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,qBAAqB,KAAK,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAC7E,oDAAoD;IACpD,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC;IAC7B,iEAAiE;IACjE,QAAQ,CAAC,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IAC7B,+BAA+B;IAC/B,QAAQ,CAAC,UAAU,EAAE,MAAM,IAAI,CAAC;CACjC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAgB,yBAAyB,IAAI,+BAA+B,CAyB3E"}

package/identity-provider/useCreateIdentityProvider.js

@@ -0,0 +1,48 @@
+"use client";
+import { useCallback, useState } from "react";
+import { useStigmer } from "../hooks";
+import { toError } from "../internal/toError";
+/**
+ * Mutation hook that wraps `identityProvider.create()` with loading
+ * and error state.
+ *
+ * Creates an identity provider resource within an organization. The
+ * caller provides an {@link IdentityProviderInput} with the required
+ * metadata (name, org) and spec fields (JWKS URI, allowed issuers,
+ * expected audience).
+ *
+ * @example
+ * ```tsx
+ * const { create, isCreating, error } = useCreateIdentityProvider();
+ *
+ * const idp = await create({
+ *   name: "Acme Corp SSO",
+ *   org: "acme",
+ *   jwksUri: "https://acme.us.auth0.com/.well-known/jwks.json",
+ *   allowedIssuers: ["https://acme.us.auth0.com/"],
+ *   expectedAudience: "stigmer-api",
+ * });
+ * ```
+ */
+export function useCreateIdentityProvider() {
+    const stigmer = useStigmer();
+    const [isCreating, setIsCreating] = useState(false);
+    const [error, setError] = useState(null);
+    const clearError = useCallback(() => setError(null), []);
+    const create = useCallback(async (input) => {
+        setIsCreating(true);
+        setError(null);
+        try {
+            return await stigmer.identityProvider.create(input);
+        }
+        catch (err) {
+            setError(toError(err));
+            throw err;
+        }
+        finally {
+            setIsCreating(false);
+        }
+    }, [stigmer]);
+    return { create, isCreating, error, clearError };
+}
+//# sourceMappingURL=useCreateIdentityProvider.js.map

package/identity-provider/useCreateIdentityProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useCreateIdentityProvider.js","sourceRoot":"","sources":["../../src/identity-provider/useCreateIdentityProvider.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAG9C,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAc9C;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,UAAU,yBAAyB;IACvC,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,CAAC,UAAU,EAAE,aAAa,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IACpD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IAEvD,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;IAEzD,MAAM,MAAM,GAAG,WAAW,CACxB,KAAK,EAAE,KAA4B,EAA6B,EAAE;QAChE,aAAa,CAAC,IAAI,CAAC,CAAC;QACpB,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEf,IAAI,CAAC;YACH,OAAO,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACtD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,GAAG,CAAC;QACZ,CAAC;gBAAS,CAAC;YACT,aAAa,CAAC,KAAK,CAAC,CAAC;QACvB,CAAC;IACH,CAAC,EACD,CAAC,OAAO,CAAC,CACV,CAAC;IAEF,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;AACnD,CAAC"}

package/identity-provider/useDeleteIdentityProvider.d.ts

@@ -0,0 +1,34 @@
+import type { DeleteResourceInput } from "@stigmer/sdk";
+import type { IdentityProvider } from "@stigmer/protos/ai/stigmer/iam/identityprovider/v1/api_pb";
+/** Return value of {@link useDeleteIdentityProvider}. */
+export interface UseDeleteIdentityProviderReturn {
+    /** Delete an identity provider. Resolves with the deleted resource for confirmation display. */
+    readonly deleteProvider: (input: DeleteResourceInput) => Promise<IdentityProvider>;
+    /** `true` while the delete request is in flight. */
+    readonly isDeleting: boolean;
+    /** Error from the last failed delete, or `null` when healthy. */
+    readonly error: Error | null;
+    /** Reset `error` to `null`. */
+    readonly clearError: () => void;
+}
+/**
+ * Mutation hook that wraps `identityProvider.delete()` with loading
+ * and error state.
+ *
+ * Deletes an identity provider by its resource ID. Returns the deleted
+ * {@link IdentityProvider} on success so callers can confirm which
+ * provider was removed.
+ *
+ * Deletion is blocked by the backend if any platform-managed
+ * organizations still reference this identity provider.
+ *
+ * @example
+ * ```tsx
+ * const { deleteProvider, isDeleting, error } = useDeleteIdentityProvider();
+ *
+ * await deleteProvider({ resourceId: "idp-abc123" });
+ * refetch(); // refresh the list after deletion
+ * ```
+ */
+export declare function useDeleteIdentityProvider(): UseDeleteIdentityProviderReturn;
+//# sourceMappingURL=useDeleteIdentityProvider.d.ts.map

package/identity-provider/useDeleteIdentityProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useDeleteIdentityProvider.d.ts","sourceRoot":"","sources":["../../src/identity-provider/useDeleteIdentityProvider.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AACxD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,2DAA2D,CAAC;AAIlG,yDAAyD;AACzD,MAAM,WAAW,+BAA+B;IAC9C,gGAAgG;IAChG,QAAQ,CAAC,cAAc,EAAE,CAAC,KAAK,EAAE,mBAAmB,KAAK,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACnF,oDAAoD;IACpD,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC;IAC7B,iEAAiE;IACjE,QAAQ,CAAC,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IAC7B,+BAA+B;IAC/B,QAAQ,CAAC,UAAU,EAAE,MAAM,IAAI,CAAC;CACjC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,yBAAyB,IAAI,+BAA+B,CAyB3E"}

package/identity-provider/useDeleteIdentityProvider.js

@@ -0,0 +1,45 @@
+"use client";
+import { useCallback, useState } from "react";
+import { useStigmer } from "../hooks";
+import { toError } from "../internal/toError";
+/**
+ * Mutation hook that wraps `identityProvider.delete()` with loading
+ * and error state.
+ *
+ * Deletes an identity provider by its resource ID. Returns the deleted
+ * {@link IdentityProvider} on success so callers can confirm which
+ * provider was removed.
+ *
+ * Deletion is blocked by the backend if any platform-managed
+ * organizations still reference this identity provider.
+ *
+ * @example
+ * ```tsx
+ * const { deleteProvider, isDeleting, error } = useDeleteIdentityProvider();
+ *
+ * await deleteProvider({ resourceId: "idp-abc123" });
+ * refetch(); // refresh the list after deletion
+ * ```
+ */
+export function useDeleteIdentityProvider() {
+    const stigmer = useStigmer();
+    const [isDeleting, setIsDeleting] = useState(false);
+    const [error, setError] = useState(null);
+    const clearError = useCallback(() => setError(null), []);
+    const deleteProvider = useCallback(async (input) => {
+        setIsDeleting(true);
+        setError(null);
+        try {
+            return await stigmer.identityProvider.delete(input);
+        }
+        catch (err) {
+            setError(toError(err));
+            throw err;
+        }
+        finally {
+            setIsDeleting(false);
+        }
+    }, [stigmer]);
+    return { deleteProvider, isDeleting, error, clearError };
+}
+//# sourceMappingURL=useDeleteIdentityProvider.js.map

package/identity-provider/useDeleteIdentityProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useDeleteIdentityProvider.js","sourceRoot":"","sources":["../../src/identity-provider/useDeleteIdentityProvider.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAG9C,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAc9C;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,UAAU,yBAAyB;IACvC,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,CAAC,UAAU,EAAE,aAAa,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IACpD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IAEvD,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;IAEzD,MAAM,cAAc,GAAG,WAAW,CAChC,KAAK,EAAE,KAA0B,EAA6B,EAAE;QAC9D,aAAa,CAAC,IAAI,CAAC,CAAC;QACpB,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEf,IAAI,CAAC;YACH,OAAO,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACtD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,MAAM,GAAG,CAAC;QACZ,CAAC;gBAAS,CAAC;YACT,aAAa,CAAC,KAAK,CAAC,CAAC;QACvB,CAAC;IACH,CAAC,EACD,CAAC,OAAO,CAAC,CACV,CAAC;IAEF,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;AAC3D,CAAC"}

package/identity-provider/useIdentityProvider.d.ts

@@ -0,0 +1,37 @@
+import type { IdentityProvider } from "@stigmer/protos/ai/stigmer/iam/identityprovider/v1/api_pb";
+/** Return value of {@link useIdentityProvider}. */
+export interface UseIdentityProviderReturn {
+    /** The fetched IdentityProvider, or `null` while loading or on error. */
+    readonly identityProvider: IdentityProvider | null;
+    /** `true` while the initial fetch or a refetch is in flight. */
+    readonly isLoading: boolean;
+    /** Error from the last failed request, or `null` when healthy. */
+    readonly error: Error | null;
+    /** Discard cached data and re-fetch from the server. */
+    readonly refetch: () => void;
+}
+/**
+ * Data hook that fetches a single IdentityProvider by ID.
+ *
+ * Pass `null` to skip fetching (stable no-op). When the `id` changes,
+ * the previous in-flight request is discarded and a fresh fetch begins.
+ *
+ * Returns the full proto {@link IdentityProvider} resource so consumers
+ * have access to metadata, spec (JWKS URI, issuers, SSO config), and
+ * status without additional calls.
+ *
+ * @example
+ * ```tsx
+ * function IdpDetail({ idpId }: { idpId: string }) {
+ *   const { identityProvider, isLoading, error } = useIdentityProvider(idpId);
+ *
+ *   if (isLoading) return <Skeleton />;
+ *   if (error) return <ErrorMessage error={error} />;
+ *   if (!identityProvider) return <NotFound />;
+ *
+ *   return <h1>{identityProvider.spec?.displayName}</h1>;
+ * }
+ * ```
+ */
+export declare function useIdentityProvider(id: string | null): UseIdentityProviderReturn;
+//# sourceMappingURL=useIdentityProvider.d.ts.map

package/identity-provider/useIdentityProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useIdentityProvider.d.ts","sourceRoot":"","sources":["../../src/identity-provider/useIdentityProvider.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,2DAA2D,CAAC;AAIlG,mDAAmD;AACnD,MAAM,WAAW,yBAAyB;IACxC,yEAAyE;IACzE,QAAQ,CAAC,gBAAgB,EAAE,gBAAgB,GAAG,IAAI,CAAC;IACnD,gEAAgE;IAChE,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC;IAC5B,kEAAkE;IAClE,QAAQ,CAAC,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IAC7B,wDAAwD;IACxD,QAAQ,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC;CAC9B;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,wBAAgB,mBAAmB,CACjC,EAAE,EAAE,MAAM,GAAG,IAAI,GAChB,yBAAyB,CAyC3B"}

package/identity-provider/useIdentityProvider.js

@@ -0,0 +1,62 @@
+"use client";
+import { useCallback, useEffect, useState } from "react";
+import { useStigmer } from "../hooks";
+import { toError } from "../internal/toError";
+/**
+ * Data hook that fetches a single IdentityProvider by ID.
+ *
+ * Pass `null` to skip fetching (stable no-op). When the `id` changes,
+ * the previous in-flight request is discarded and a fresh fetch begins.
+ *
+ * Returns the full proto {@link IdentityProvider} resource so consumers
+ * have access to metadata, spec (JWKS URI, issuers, SSO config), and
+ * status without additional calls.
+ *
+ * @example
+ * ```tsx
+ * function IdpDetail({ idpId }: { idpId: string }) {
+ *   const { identityProvider, isLoading, error } = useIdentityProvider(idpId);
+ *
+ *   if (isLoading) return <Skeleton />;
+ *   if (error) return <ErrorMessage error={error} />;
+ *   if (!identityProvider) return <NotFound />;
+ *
+ *   return <h1>{identityProvider.spec?.displayName}</h1>;
+ * }
+ * ```
+ */
+export function useIdentityProvider(id) {
+    const stigmer = useStigmer();
+    const [identityProvider, setIdentityProvider] = useState(null);
+    const [isLoading, setIsLoading] = useState(false);
+    const [error, setError] = useState(null);
+    const [fetchKey, setFetchKey] = useState(0);
+    const refetch = useCallback(() => setFetchKey((k) => k + 1), []);
+    useEffect(() => {
+        if (!id) {
+            setIdentityProvider(null);
+            setIsLoading(false);
+            setError(null);
+            return;
+        }
+        const cancelled = { current: false };
+        setIsLoading(true);
+        setError(null);
+        stigmer.identityProvider.get(id).then((result) => {
+            if (cancelled.current)
+                return;
+            setIdentityProvider(result);
+            setIsLoading(false);
+        }, (err) => {
+            if (cancelled.current)
+                return;
+            setError(toError(err));
+            setIsLoading(false);
+        });
+        return () => {
+            cancelled.current = true;
+        };
+    }, [id, stigmer, fetchKey]);
+    return { identityProvider, isLoading, error, refetch };
+}
+//# sourceMappingURL=useIdentityProvider.js.map

package/identity-provider/useIdentityProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useIdentityProvider.js","sourceRoot":"","sources":["../../src/identity-provider/useIdentityProvider.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAEzD,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAc9C;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,UAAU,mBAAmB,CACjC,EAAiB;IAEjB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,GAC3C,QAAQ,CAA0B,IAAI,CAAC,CAAC;IAC1C,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAClD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IACvD,MAAM,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IAE5C,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEjE,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAC1B,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,QAAQ,CAAC,IAAI,CAAC,CAAC;YACf,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACrC,YAAY,CAAC,IAAI,CAAC,CAAC;QACnB,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEf,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CACnC,CAAC,MAAM,EAAE,EAAE;YACT,IAAI,SAAS,CAAC,OAAO;gBAAE,OAAO;YAC9B,mBAAmB,CAAC,MAAM,CAAC,CAAC;YAC5B,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC,EACD,CAAC,GAAG,EAAE,EAAE;YACN,IAAI,SAAS,CAAC,OAAO;gBAAE,OAAO;YAC9B,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC,CACF,CAAC;QAEF,OAAO,GAAG,EAAE;YACV,SAAS,CAAC,OAAO,GAAG,IAAI,CAAC;QAC3B,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,EAAE,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;IAE5B,OAAO,EAAE,gBAAgB,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;AACzD,CAAC"}

package/identity-provider/useIdentityProviderList.d.ts

@@ -0,0 +1,48 @@
+import type { IdentityProvider } from "@stigmer/protos/ai/stigmer/iam/identityprovider/v1/api_pb";
+/** Return value of {@link useIdentityProviderList}. */
+export interface UseIdentityProviderListReturn {
+    /** All identity providers for the organization. Empty while loading or on error. */
+    readonly identityProviders: readonly IdentityProvider[];
+    /** `true` while the initial fetch or a refetch is in flight. */
+    readonly isLoading: boolean;
+    /** Error from the last failed request, or `null` when healthy. */
+    readonly error: Error | null;
+    /** Discard cached data and re-fetch from the server. */
+    readonly refetch: () => void;
+}
+/**
+ * Data hook that fetches all identity providers for an organization.
+ *
+ * Identity providers are admin-level resources with small cardinality
+ * (typically 1–3 per org), so results are returned as a flat list
+ * without pagination.
+ *
+ * Pass `null` to skip fetching (stable no-op). Call `refetch()` to
+ * re-query after mutations (create / update / delete).
+ *
+ * @example
+ * ```tsx
+ * function IdpSettings({ orgId }: { orgId: string }) {
+ *   const { identityProviders, isLoading, error } = useIdentityProviderList(orgId);
+ *
+ *   if (isLoading) return <Skeleton />;
+ *   if (error) return <ErrorMessage error={error} />;
+ *
+ *   return (
+ *     <ul>
+ *       {identityProviders.map((idp) => (
+ *         <li key={idp.metadata?.id}>{idp.metadata?.name}</li>
+ *       ))}
+ *     </ul>
+ *   );
+ * }
+ * ```
+ *
+ * @example
+ * ```tsx
+ * // Skip fetching until org is known
+ * const { identityProviders } = useIdentityProviderList(org ?? null);
+ * ```
+ */
+export declare function useIdentityProviderList(org: string | null): UseIdentityProviderListReturn;
+//# sourceMappingURL=useIdentityProviderList.d.ts.map

package/identity-provider/useIdentityProviderList.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"useIdentityProviderList.d.ts","sourceRoot":"","sources":["../../src/identity-provider/useIdentityProviderList.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,2DAA2D,CAAC;AAKlG,uDAAuD;AACvD,MAAM,WAAW,6BAA6B;IAC5C,oFAAoF;IACpF,QAAQ,CAAC,iBAAiB,EAAE,SAAS,gBAAgB,EAAE,CAAC;IACxD,gEAAgE;IAChE,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC;IAC5B,kEAAkE;IAClE,QAAQ,CAAC,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IAC7B,wDAAwD;IACxD,QAAQ,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC;CAC9B;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACH,wBAAgB,uBAAuB,CACrC,GAAG,EAAE,MAAM,GAAG,IAAI,GACjB,6BAA6B,CA0C/B"}

package/identity-provider/useIdentityProviderList.js

@@ -0,0 +1,75 @@
+"use client";
+import { useCallback, useEffect, useState } from "react";
+import { create } from "@bufbuild/protobuf";
+import { ListIdentityProvidersByOrgInputSchema } from "@stigmer/protos/ai/stigmer/iam/identityprovider/v1/io_pb";
+import { useStigmer } from "../hooks";
+import { toError } from "../internal/toError";
+/**
+ * Data hook that fetches all identity providers for an organization.
+ *
+ * Identity providers are admin-level resources with small cardinality
+ * (typically 1–3 per org), so results are returned as a flat list
+ * without pagination.
+ *
+ * Pass `null` to skip fetching (stable no-op). Call `refetch()` to
+ * re-query after mutations (create / update / delete).
+ *
+ * @example
+ * ```tsx
+ * function IdpSettings({ orgId }: { orgId: string }) {
+ *   const { identityProviders, isLoading, error } = useIdentityProviderList(orgId);
+ *
+ *   if (isLoading) return <Skeleton />;
+ *   if (error) return <ErrorMessage error={error} />;
+ *
+ *   return (
+ *     <ul>
+ *       {identityProviders.map((idp) => (
+ *         <li key={idp.metadata?.id}>{idp.metadata?.name}</li>
+ *       ))}
+ *     </ul>
+ *   );
+ * }
+ * ```
+ *
+ * @example
+ * ```tsx
+ * // Skip fetching until org is known
+ * const { identityProviders } = useIdentityProviderList(org ?? null);
+ * ```
+ */
+export function useIdentityProviderList(org) {
+    const stigmer = useStigmer();
+    const [identityProviders, setIdentityProviders] = useState([]);
+    const [isLoading, setIsLoading] = useState(false);
+    const [error, setError] = useState(null);
+    const [fetchKey, setFetchKey] = useState(0);
+    const refetch = useCallback(() => setFetchKey((k) => k + 1), []);
+    useEffect(() => {
+        if (!org) {
+            setIdentityProviders([]);
+            setIsLoading(false);
+            setError(null);
+            return;
+        }
+        const cancelled = { current: false };
+        setIsLoading(true);
+        setError(null);
+        stigmer.identityProvider.listByOrg(create(ListIdentityProvidersByOrgInputSchema, { org })).then((result) => {
+            if (cancelled.current)
+                return;
+            setIdentityProviders([...result.entries]);
+            setIsLoading(false);
+        }, (err) => {
+            if (cancelled.current)
+                return;
+            setError(toError(err));
+            setIsLoading(false);
+        });
+        return () => {
+            cancelled.current = true;
+        };
+    }, [org, stigmer, fetchKey]);
+    return { identityProviders, isLoading, error, refetch };
+}
+//# sourceMappingURL=useIdentityProviderList.js.map

package/identity-provider/useIdentityProviderList.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useIdentityProviderList.js","sourceRoot":"","sources":["../../src/identity-provider/useIdentityProviderList.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACzD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAE5C,OAAO,EAAE,qCAAqC,EAAE,MAAM,0DAA0D,CAAC;AACjH,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAc9C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACH,MAAM,UAAU,uBAAuB,CACrC,GAAkB;IAElB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,CAAC,iBAAiB,EAAE,oBAAoB,CAAC,GAAG,QAAQ,CAExD,EAAE,CAAC,CAAC;IACN,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAClD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IACvD,MAAM,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IAE5C,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEjE,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,oBAAoB,CAAC,EAAE,CAAC,CAAC;YACzB,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,QAAQ,CAAC,IAAI,CAAC,CAAC;YACf,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACrC,YAAY,CAAC,IAAI,CAAC,CAAC;QACnB,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEf,OAAO,CAAC,gBAAgB,CAAC,SAAS,CAAC,MAAM,CAAC,qCAAqC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAC7F,CAAC,MAAM,EAAE,EAAE;YACT,IAAI,SAAS,CAAC,OAAO;gBAAE,OAAO;YAC9B,oBAAoB,CAAC,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;YAC1C,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC,EACD,CAAC,GAAG,EAAE,EAAE;YACN,IAAI,SAAS,CAAC,OAAO;gBAAE,OAAO;YAC9B,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC,CACF,CAAC;QAEF,OAAO,GAAG,EAAE;YACV,SAAS,CAAC,OAAO,GAAG,IAAI,CAAC;QAC3B,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;IAE7B,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;AAC1D,CAAC"}