alepha 0.21.2 → 0.23.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (519) hide show
  1. package/README.md +0 -1
  2. package/dist/api/audits/index.browser.js.map +1 -1
  3. package/dist/api/audits/index.d.ts +393 -403
  4. package/dist/api/audits/index.d.ts.map +1 -1
  5. package/dist/api/audits/index.js +25 -56
  6. package/dist/api/audits/index.js.map +1 -1
  7. package/dist/api/files/index.browser.js +31 -1
  8. package/dist/api/files/index.browser.js.map +1 -1
  9. package/dist/api/files/index.d.ts +313 -208
  10. package/dist/api/files/index.d.ts.map +1 -1
  11. package/dist/api/files/index.js +152 -42
  12. package/dist/api/files/index.js.map +1 -1
  13. package/dist/api/jobs/index.browser.js +2 -2
  14. package/dist/api/jobs/index.browser.js.map +1 -1
  15. package/dist/api/jobs/index.d.ts +282 -285
  16. package/dist/api/jobs/index.d.ts.map +1 -1
  17. package/dist/api/jobs/index.js +39 -33
  18. package/dist/api/jobs/index.js.map +1 -1
  19. package/dist/api/keys/index.d.ts +217 -222
  20. package/dist/api/keys/index.d.ts.map +1 -1
  21. package/dist/api/keys/index.js.map +1 -1
  22. package/dist/api/notifications/index.browser.js.map +1 -1
  23. package/dist/api/notifications/index.d.ts +188 -195
  24. package/dist/api/notifications/index.d.ts.map +1 -1
  25. package/dist/api/notifications/index.js.map +1 -1
  26. package/dist/api/oauth/index.d.ts +71 -76
  27. package/dist/api/oauth/index.d.ts.map +1 -1
  28. package/dist/api/oauth/index.js.map +1 -1
  29. package/dist/api/organizations/index.browser.js.map +1 -1
  30. package/dist/api/organizations/index.d.ts +104 -109
  31. package/dist/api/organizations/index.d.ts.map +1 -1
  32. package/dist/api/organizations/index.js.map +1 -1
  33. package/dist/api/parameters/index.browser.js +43 -16
  34. package/dist/api/parameters/index.browser.js.map +1 -1
  35. package/dist/api/parameters/index.d.ts +488 -344
  36. package/dist/api/parameters/index.d.ts.map +1 -1
  37. package/dist/api/parameters/index.js +175 -35
  38. package/dist/api/parameters/index.js.map +1 -1
  39. package/dist/api/payments/index.d.ts +396 -402
  40. package/dist/api/payments/index.d.ts.map +1 -1
  41. package/dist/api/payments/index.js.map +1 -1
  42. package/dist/api/subscriptions/index.d.ts +644 -652
  43. package/dist/api/subscriptions/index.d.ts.map +1 -1
  44. package/dist/api/subscriptions/index.js +1 -1
  45. package/dist/api/subscriptions/index.js.map +1 -1
  46. package/dist/api/users/index.browser.js +7 -0
  47. package/dist/api/users/index.browser.js.map +1 -1
  48. package/dist/api/users/index.d.ts +1106 -1005
  49. package/dist/api/users/index.d.ts.map +1 -1
  50. package/dist/api/users/index.js +307 -64
  51. package/dist/api/users/index.js.map +1 -1
  52. package/dist/api/verifications/index.browser.js.map +1 -1
  53. package/dist/api/verifications/index.d.ts +137 -143
  54. package/dist/api/verifications/index.d.ts.map +1 -1
  55. package/dist/api/verifications/index.js.map +1 -1
  56. package/dist/background/index.d.ts +95 -0
  57. package/dist/background/index.d.ts.map +1 -0
  58. package/dist/background/index.js +121 -0
  59. package/dist/background/index.js.map +1 -0
  60. package/dist/background/index.workerd.js +110 -0
  61. package/dist/background/index.workerd.js.map +1 -0
  62. package/dist/batch/index.d.ts +5 -7
  63. package/dist/batch/index.d.ts.map +1 -1
  64. package/dist/batch/index.js.map +1 -1
  65. package/dist/bin/index.js.map +1 -1
  66. package/dist/bucket/index.d.ts +76 -54
  67. package/dist/bucket/index.d.ts.map +1 -1
  68. package/dist/bucket/index.js +58 -11
  69. package/dist/bucket/index.js.map +1 -1
  70. package/dist/bucket/index.workerd.js +200 -5
  71. package/dist/bucket/index.workerd.js.map +1 -1
  72. package/dist/cache/core/index.d.ts +7 -10
  73. package/dist/cache/core/index.d.ts.map +1 -1
  74. package/dist/cache/core/index.js.map +1 -1
  75. package/dist/cache/core/index.workerd.js.map +1 -1
  76. package/dist/cache/database/index.d.ts +22 -26
  77. package/dist/cache/database/index.d.ts.map +1 -1
  78. package/dist/cache/database/index.js.map +1 -1
  79. package/dist/cache/redis/index.d.ts +4 -7
  80. package/dist/cache/redis/index.d.ts.map +1 -1
  81. package/dist/cache/redis/index.js.map +1 -1
  82. package/dist/captcha/index.d.ts +3 -6
  83. package/dist/captcha/index.d.ts.map +1 -1
  84. package/dist/captcha/index.js.map +1 -1
  85. package/dist/cli/config/index.d.ts.map +1 -1
  86. package/dist/cli/config/index.js.map +1 -1
  87. package/dist/cli/core/index.d.ts +458 -249
  88. package/dist/cli/core/index.d.ts.map +1 -1
  89. package/dist/cli/core/index.js +372 -660
  90. package/dist/cli/core/index.js.map +1 -1
  91. package/dist/cli/devtools/index.d.ts +3 -5
  92. package/dist/cli/devtools/index.d.ts.map +1 -1
  93. package/dist/cli/devtools/index.js.map +1 -1
  94. package/dist/cli/i18n/index.d.ts +20 -17
  95. package/dist/cli/i18n/index.d.ts.map +1 -1
  96. package/dist/cli/i18n/index.js +45 -11
  97. package/dist/cli/i18n/index.js.map +1 -1
  98. package/dist/cli/platform/index.d.ts +126 -1342
  99. package/dist/cli/platform/index.d.ts.map +1 -1
  100. package/dist/cli/platform/index.js +136 -2374
  101. package/dist/cli/platform/index.js.map +1 -1
  102. package/dist/cli/platform-lib/index.d.ts +1472 -0
  103. package/dist/cli/platform-lib/index.d.ts.map +1 -0
  104. package/dist/cli/platform-lib/index.js +2660 -0
  105. package/dist/cli/platform-lib/index.js.map +1 -0
  106. package/dist/cli/vendor/index.d.ts +17 -21
  107. package/dist/cli/vendor/index.d.ts.map +1 -1
  108. package/dist/cli/vendor/index.js.map +1 -1
  109. package/dist/command/index.d.ts +20 -19
  110. package/dist/command/index.d.ts.map +1 -1
  111. package/dist/command/index.js +39 -10
  112. package/dist/command/index.js.map +1 -1
  113. package/dist/{containers → container}/core/index.d.ts +13 -15
  114. package/dist/container/core/index.d.ts.map +1 -0
  115. package/dist/{containers → container}/core/index.js +23 -14
  116. package/dist/container/core/index.js.map +1 -0
  117. package/dist/{containers → container}/core/index.workerd.js +37 -22
  118. package/dist/container/core/index.workerd.js.map +1 -0
  119. package/dist/core/index.browser.js +27 -1
  120. package/dist/core/index.browser.js.map +1 -1
  121. package/dist/core/index.d.ts +48 -24
  122. package/dist/core/index.d.ts.map +1 -1
  123. package/dist/core/index.js +27 -1
  124. package/dist/core/index.js.map +1 -1
  125. package/dist/core/index.native.js +27 -1
  126. package/dist/core/index.native.js.map +1 -1
  127. package/dist/core/index.workerd.js +27 -1
  128. package/dist/core/index.workerd.js.map +1 -1
  129. package/dist/crypto/index.browser.js.map +1 -1
  130. package/dist/crypto/index.d.ts +5 -8
  131. package/dist/crypto/index.d.ts.map +1 -1
  132. package/dist/crypto/index.js.map +1 -1
  133. package/dist/datetime/index.d.ts +3 -4
  134. package/dist/datetime/index.d.ts.map +1 -1
  135. package/dist/datetime/index.js.map +1 -1
  136. package/dist/email/brevo/index.d.ts +2 -4
  137. package/dist/email/brevo/index.d.ts.map +1 -1
  138. package/dist/email/brevo/index.js.map +1 -1
  139. package/dist/email/cloudflare/index.d.ts +20 -7
  140. package/dist/email/cloudflare/index.d.ts.map +1 -1
  141. package/dist/email/cloudflare/index.js +46 -9
  142. package/dist/email/cloudflare/index.js.map +1 -1
  143. package/dist/email/core/index.d.ts +6 -9
  144. package/dist/email/core/index.d.ts.map +1 -1
  145. package/dist/email/core/index.js.map +1 -1
  146. package/dist/email/core/index.workerd.js.map +1 -1
  147. package/dist/email/smtp/index.d.ts +10 -13
  148. package/dist/email/smtp/index.d.ts.map +1 -1
  149. package/dist/email/smtp/index.js +107 -32
  150. package/dist/email/smtp/index.js.map +1 -1
  151. package/dist/fake/index.d.ts +1 -2
  152. package/dist/fake/index.d.ts.map +1 -1
  153. package/dist/fake/index.js.map +1 -1
  154. package/dist/lock/core/index.d.ts +9 -14
  155. package/dist/lock/core/index.d.ts.map +1 -1
  156. package/dist/lock/core/index.js.map +1 -1
  157. package/dist/lock/redis/index.d.ts +2 -4
  158. package/dist/lock/redis/index.d.ts.map +1 -1
  159. package/dist/lock/redis/index.js.map +1 -1
  160. package/dist/logger/index.d.ts +105 -76
  161. package/dist/logger/index.d.ts.map +1 -1
  162. package/dist/logger/index.js +196 -174
  163. package/dist/logger/index.js.map +1 -1
  164. package/dist/mcp/index.d.ts +25 -20
  165. package/dist/mcp/index.d.ts.map +1 -1
  166. package/dist/mcp/index.js +23 -0
  167. package/dist/mcp/index.js.map +1 -1
  168. package/dist/orm/core/index.browser.js.map +1 -1
  169. package/dist/orm/core/index.bun.js +19 -1
  170. package/dist/orm/core/index.bun.js.map +1 -1
  171. package/dist/orm/core/index.d.ts +76 -62
  172. package/dist/orm/core/index.d.ts.map +1 -1
  173. package/dist/orm/core/index.js +20 -2
  174. package/dist/orm/core/index.js.map +1 -1
  175. package/dist/orm/postgres/index.bun.js.map +1 -1
  176. package/dist/orm/postgres/index.d.ts +28 -20
  177. package/dist/orm/postgres/index.d.ts.map +1 -1
  178. package/dist/orm/postgres/index.js.map +1 -1
  179. package/dist/queue/core/index.d.ts +12 -15
  180. package/dist/queue/core/index.d.ts.map +1 -1
  181. package/dist/queue/core/index.js.map +1 -1
  182. package/dist/queue/core/index.workerd.js.map +1 -1
  183. package/dist/queue/redis/index.d.ts +3 -5
  184. package/dist/queue/redis/index.d.ts.map +1 -1
  185. package/dist/queue/redis/index.js.map +1 -1
  186. package/dist/react/auth/index.browser.js +9 -2
  187. package/dist/react/auth/index.browser.js.map +1 -1
  188. package/dist/react/auth/index.d.ts +14 -9
  189. package/dist/react/auth/index.d.ts.map +1 -1
  190. package/dist/react/auth/index.js +9 -2
  191. package/dist/react/auth/index.js.map +1 -1
  192. package/dist/react/core/index.d.ts +7 -8
  193. package/dist/react/core/index.d.ts.map +1 -1
  194. package/dist/react/core/index.js +6 -3
  195. package/dist/react/core/index.js.map +1 -1
  196. package/dist/react/form/index.d.ts +2 -5
  197. package/dist/react/form/index.d.ts.map +1 -1
  198. package/dist/react/form/index.js +16 -15
  199. package/dist/react/form/index.js.map +1 -1
  200. package/dist/react/head/index.browser.js.map +1 -1
  201. package/dist/react/head/index.d.ts +2 -4
  202. package/dist/react/head/index.d.ts.map +1 -1
  203. package/dist/react/head/index.js.map +1 -1
  204. package/dist/react/i18n/index.d.ts +90 -11
  205. package/dist/react/i18n/index.d.ts.map +1 -1
  206. package/dist/react/i18n/index.js +147 -11
  207. package/dist/react/i18n/index.js.map +1 -1
  208. package/dist/react/intro/index.d.ts +1 -2
  209. package/dist/react/intro/index.d.ts.map +1 -1
  210. package/dist/react/intro/index.js +2 -2
  211. package/dist/react/intro/index.js.map +1 -1
  212. package/dist/react/router/index.browser.js +193 -24
  213. package/dist/react/router/index.browser.js.map +1 -1
  214. package/dist/react/router/index.d.ts +434 -222
  215. package/dist/react/router/index.d.ts.map +1 -1
  216. package/dist/react/router/index.js +249 -35
  217. package/dist/react/router/index.js.map +1 -1
  218. package/dist/react/sitemap/index.browser.js +35 -0
  219. package/dist/react/sitemap/index.browser.js.map +1 -0
  220. package/dist/react/sitemap/index.d.ts +92 -0
  221. package/dist/react/sitemap/index.d.ts.map +1 -0
  222. package/dist/react/sitemap/index.js +131 -0
  223. package/dist/react/sitemap/index.js.map +1 -0
  224. package/dist/react/testing/index.d.ts +1 -2
  225. package/dist/react/testing/index.d.ts.map +1 -1
  226. package/dist/react/testing/index.js +16 -17
  227. package/dist/react/testing/index.js.map +1 -1
  228. package/dist/react/ui/index.d.ts +20 -25
  229. package/dist/react/ui/index.d.ts.map +1 -1
  230. package/dist/react/ui/index.js.map +1 -1
  231. package/dist/redis/index.bun.js.map +1 -1
  232. package/dist/redis/index.d.ts +17 -19
  233. package/dist/redis/index.d.ts.map +1 -1
  234. package/dist/redis/index.js.map +1 -1
  235. package/dist/retry/index.d.ts +2 -4
  236. package/dist/retry/index.d.ts.map +1 -1
  237. package/dist/retry/index.js.map +1 -1
  238. package/dist/router/index.d.ts.map +1 -1
  239. package/dist/router/index.js.map +1 -1
  240. package/dist/scheduler/index.d.ts +10 -13
  241. package/dist/scheduler/index.d.ts.map +1 -1
  242. package/dist/scheduler/index.js.map +1 -1
  243. package/dist/scheduler/index.workerd.js.map +1 -1
  244. package/dist/security/index.browser.js.map +1 -1
  245. package/dist/security/index.d.ts +45 -48
  246. package/dist/security/index.d.ts.map +1 -1
  247. package/dist/security/index.js.map +1 -1
  248. package/dist/server/auth/index.browser.js.map +1 -1
  249. package/dist/server/auth/index.d.ts +272 -173
  250. package/dist/server/auth/index.d.ts.map +1 -1
  251. package/dist/server/auth/index.js +1608 -15
  252. package/dist/server/auth/index.js.map +1 -1
  253. package/dist/server/cookies/index.browser.js.map +1 -1
  254. package/dist/server/cookies/index.d.ts +20 -7
  255. package/dist/server/cookies/index.d.ts.map +1 -1
  256. package/dist/server/cookies/index.js +22 -3
  257. package/dist/server/cookies/index.js.map +1 -1
  258. package/dist/server/core/index.browser.js.map +1 -1
  259. package/dist/server/core/index.d.ts +106 -73
  260. package/dist/server/core/index.d.ts.map +1 -1
  261. package/dist/server/core/index.js +44 -0
  262. package/dist/server/core/index.js.map +1 -1
  263. package/dist/server/cors/index.d.ts +11 -14
  264. package/dist/server/cors/index.d.ts.map +1 -1
  265. package/dist/server/cors/index.js.map +1 -1
  266. package/dist/server/etag/index.d.ts +6 -9
  267. package/dist/server/etag/index.d.ts.map +1 -1
  268. package/dist/server/etag/index.js.map +1 -1
  269. package/dist/server/health/index.d.ts +18 -21
  270. package/dist/server/health/index.d.ts.map +1 -1
  271. package/dist/server/health/index.js.map +1 -1
  272. package/dist/server/links/index.browser.js +2 -0
  273. package/dist/server/links/index.browser.js.map +1 -1
  274. package/dist/server/links/index.d.ts +63 -67
  275. package/dist/server/links/index.d.ts.map +1 -1
  276. package/dist/server/links/index.js +2 -0
  277. package/dist/server/links/index.js.map +1 -1
  278. package/dist/server/metrics/index.d.ts +5 -7
  279. package/dist/server/metrics/index.d.ts.map +1 -1
  280. package/dist/server/metrics/index.js.map +1 -1
  281. package/dist/server/proxy/index.d.ts +3 -5
  282. package/dist/server/proxy/index.d.ts.map +1 -1
  283. package/dist/server/proxy/index.js.map +1 -1
  284. package/dist/server/rate-limit/index.d.ts +10 -13
  285. package/dist/server/rate-limit/index.d.ts.map +1 -1
  286. package/dist/server/rate-limit/index.js.map +1 -1
  287. package/dist/server/static/index.d.ts +3 -5
  288. package/dist/server/static/index.d.ts.map +1 -1
  289. package/dist/server/static/index.js.map +1 -1
  290. package/dist/server/swagger/index.d.ts +5 -8
  291. package/dist/server/swagger/index.d.ts.map +1 -1
  292. package/dist/server/swagger/index.js.map +1 -1
  293. package/dist/sms/index.d.ts +3 -5
  294. package/dist/sms/index.d.ts.map +1 -1
  295. package/dist/sms/index.js.map +1 -1
  296. package/dist/system/index.browser.js.map +1 -1
  297. package/dist/system/index.d.ts +2 -4
  298. package/dist/system/index.d.ts.map +1 -1
  299. package/dist/system/index.js.map +1 -1
  300. package/dist/system/index.workerd.js.map +1 -1
  301. package/dist/topic/core/index.d.ts +4 -6
  302. package/dist/topic/core/index.d.ts.map +1 -1
  303. package/dist/topic/core/index.js.map +1 -1
  304. package/dist/topic/redis/index.d.ts +5 -8
  305. package/dist/topic/redis/index.d.ts.map +1 -1
  306. package/dist/topic/redis/index.js.map +1 -1
  307. package/package.json +59 -23
  308. package/src/api/audits/__tests__/AuditService.spec.ts +18 -110
  309. package/src/api/audits/controllers/AdminAuditController.ts +14 -0
  310. package/src/api/audits/services/AuditService.ts +21 -88
  311. package/src/api/files/__tests__/FileService.spec.ts +207 -2
  312. package/src/api/files/index.ts +3 -0
  313. package/src/api/files/schemas/fileCreatorSummarySchema.ts +22 -0
  314. package/src/api/files/schemas/fileResourceSchema.ts +10 -1
  315. package/src/api/files/services/FileService.ts +170 -72
  316. package/src/api/jobs/__tests__/$job.spec.ts +24 -1
  317. package/src/api/jobs/index.ts +4 -3
  318. package/src/api/jobs/primitives/$job.ts +7 -3
  319. package/src/api/jobs/providers/DirectJobDispatcher.ts +17 -36
  320. package/src/api/jobs/providers/JobProvider.ts +53 -24
  321. package/src/api/jobs/schemas/jobConfigAtom.ts +1 -1
  322. package/src/api/jobs/schemas/jobExecutionResourceSchema.ts +4 -1
  323. package/src/api/keys/schemas/adminApiKeyResourceSchema.ts +3 -1
  324. package/src/api/parameters/__tests__/$parameter.spec.ts +19 -2
  325. package/src/api/parameters/audits/ParameterAudits.ts +17 -0
  326. package/src/api/parameters/controllers/AdminParameterController.ts +95 -19
  327. package/src/api/parameters/index.ts +3 -0
  328. package/src/api/parameters/schemas/activateParameterBodySchema.ts +3 -3
  329. package/src/api/parameters/schemas/createParameterVersionBodySchema.ts +3 -2
  330. package/src/api/parameters/schemas/parameterCreatorSummarySchema.ts +25 -0
  331. package/src/api/parameters/schemas/parameterResponseSchema.ts +5 -0
  332. package/src/api/parameters/schemas/rollbackParameterBodySchema.ts +4 -2
  333. package/src/api/parameters/services/ParameterProvider.ts +69 -6
  334. package/src/api/subscriptions/jobs/SubscriptionJobs.ts +1 -1
  335. package/src/api/users/__tests__/AdminSessionController.spec.ts +37 -0
  336. package/src/api/users/audits/SessionAudits.ts +33 -0
  337. package/src/api/users/audits/UserAudits.ts +19 -43
  338. package/src/api/users/controllers/AdminUserController.ts +66 -1
  339. package/src/api/users/controllers/RealmController.ts +1 -0
  340. package/src/api/users/entities/sessions.ts +6 -0
  341. package/src/api/users/entities/users.ts +2 -0
  342. package/src/api/users/index.ts +9 -1
  343. package/src/api/users/primitives/$realm.ts +29 -0
  344. package/src/api/users/providers/RealmProvider.ts +15 -0
  345. package/src/api/users/schemas/realmConfigSchema.ts +14 -0
  346. package/src/api/users/schemas/sessionResourceSchema.ts +16 -0
  347. package/src/api/users/schemas/updateUserSchema.ts +1 -8
  348. package/src/api/users/schemas/userQuerySchema.ts +7 -0
  349. package/src/api/users/services/CredentialService.ts +15 -6
  350. package/src/api/users/services/IdentityService.ts +2 -1
  351. package/src/api/users/services/RegistrationService.ts +2 -1
  352. package/src/api/users/services/SessionCrudService.ts +19 -2
  353. package/src/api/users/services/SessionService.ts +39 -19
  354. package/src/api/users/services/UserService.ts +106 -8
  355. package/src/background/__tests__/BackgroundTaskProvider.spec.ts +96 -0
  356. package/src/background/index.ts +37 -0
  357. package/src/background/index.workerd.ts +28 -0
  358. package/src/background/providers/BackgroundTaskProvider.ts +70 -0
  359. package/src/background/providers/WorkerdBackgroundTaskProvider.ts +43 -0
  360. package/src/bucket/__tests__/$bucket.spec.ts +18 -0
  361. package/src/bucket/__tests__/LocalFileStorageProvider.spec.ts +5 -0
  362. package/src/bucket/__tests__/MemoryFileStorageProvider.spec.ts +5 -0
  363. package/src/bucket/__tests__/NodeS3BucketProvider.spec.ts +23 -4
  364. package/src/bucket/__tests__/shared.ts +30 -0
  365. package/src/bucket/index.ts +5 -5
  366. package/src/bucket/index.workerd.ts +11 -4
  367. package/src/bucket/primitives/$bucket.ts +27 -0
  368. package/src/bucket/providers/FileStorageProvider.ts +13 -0
  369. package/src/bucket/providers/LocalFileStorageProvider.ts +17 -1
  370. package/src/bucket/providers/MemoryFileStorageProvider.ts +7 -0
  371. package/src/bucket/providers/{CloudflareR2Provider.ts → R2FileStorageProvider.ts} +10 -1
  372. package/src/bucket/providers/{NodeS3BucketProvider.ts → S3FileStorageProvider.ts} +27 -5
  373. package/src/cli/core/__tests__/BuildDockerTask.spec.ts +25 -1
  374. package/src/cli/core/__tests__/init.spec.ts +0 -219
  375. package/src/cli/core/atoms/buildOptions.ts +0 -12
  376. package/src/cli/core/commands/__tests__/BuildCommand.spec.ts +43 -0
  377. package/src/cli/core/commands/build.ts +105 -37
  378. package/src/cli/core/commands/init.ts +0 -12
  379. package/src/cli/core/commands/pack.ts +133 -0
  380. package/src/cli/core/index.ts +3 -3
  381. package/src/cli/core/providers/ViteDevServerProvider.ts +40 -16
  382. package/src/cli/core/services/PackageManagerUtils.ts +0 -16
  383. package/src/cli/core/services/ProjectScaffolder.ts +29 -291
  384. package/src/cli/core/tasks/BuildCloudflareTask.ts +382 -56
  385. package/src/cli/core/tasks/BuildDockerTask.ts +33 -3
  386. package/src/cli/core/tasks/BuildPrerenderTask.ts +44 -7
  387. package/src/cli/core/tasks/BuildTask.ts +34 -0
  388. package/src/cli/core/templates/apiIndexTs.ts +1 -22
  389. package/src/cli/core/templates/mainCss.ts +0 -1
  390. package/src/cli/core/templates/webAppRouterTs.ts +0 -99
  391. package/src/cli/core/templates/webIndexTs.ts +1 -22
  392. package/src/cli/i18n/__tests__/I18nCheckService.spec.ts +48 -0
  393. package/src/cli/i18n/services/I18nCheckService.ts +65 -11
  394. package/src/cli/platform/__tests__/SecretsCommand.spec.ts +5 -3
  395. package/src/cli/platform/commands/SecretsCommand.ts +8 -6
  396. package/src/cli/platform/commands/platform.ts +192 -46
  397. package/src/cli/platform/index.ts +12 -52
  398. package/src/cli/{platform → platform-lib}/__tests__/CloudflareAdapter.spec.ts +426 -169
  399. package/src/cli/{platform → platform-lib}/__tests__/NamingService.spec.ts +91 -4
  400. package/src/cli/{platform → platform-lib}/__tests__/VercelAdapter.spec.ts +56 -85
  401. package/src/cli/{platform → platform-lib}/adapters/CloudflareAdapter.ts +519 -190
  402. package/src/cli/{platform → platform-lib}/adapters/PlatformAdapter.ts +62 -35
  403. package/src/cli/{platform → platform-lib}/adapters/VercelAdapter.ts +6 -10
  404. package/src/cli/{platform → platform-lib}/atoms/platformOptions.ts +34 -1
  405. package/src/cli/platform-lib/index.ts +67 -0
  406. package/src/cli/platform-lib/services/NamingService.ts +136 -0
  407. package/src/cli/{platform → platform-lib}/services/PlatformInspector.ts +60 -13
  408. package/src/cli/{platform → platform-lib}/services/PlatformOrchestrator.ts +54 -43
  409. package/src/cli/{platform → platform-lib}/services/WranglerApi.ts +4 -2
  410. package/src/command/__tests__/Runner.spec.ts +20 -0
  411. package/src/command/helpers/EnvUtils.ts +19 -3
  412. package/src/command/helpers/Runner.ts +12 -2
  413. package/src/command/providers/CliProvider.ts +34 -1
  414. package/src/{containers → container}/core/__tests__/$container.spec.ts +5 -5
  415. package/src/{containers → container}/core/index.ts +4 -4
  416. package/src/{containers → container}/core/index.workerd.ts +19 -3
  417. package/src/{containers → container}/core/primitives/$container.ts +1 -1
  418. package/src/{containers → container}/core/providers/CloudflareContainerProvider.ts +17 -19
  419. package/src/{containers → container}/core/providers/ContainerProvider.ts +16 -2
  420. package/src/{containers → container}/core/providers/MockContainerProvider.ts +1 -1
  421. package/src/core/Alepha.ts +49 -1
  422. package/src/core/__tests__/$env.spec.ts +42 -0
  423. package/src/core/__tests__/dump.spec.ts +47 -0
  424. package/src/email/cloudflare/__tests__/CloudflareEmailProvider.spec.ts +42 -10
  425. package/src/email/cloudflare/index.ts +14 -5
  426. package/src/email/cloudflare/providers/CloudflareEmailProvider.ts +54 -9
  427. package/src/logger/__tests__/Logger.spec.ts +55 -0
  428. package/src/logger/index.ts +13 -0
  429. package/src/logger/services/Logger.ts +31 -1
  430. package/src/mcp/__tests__/McpServerProvider.spec.ts +71 -0
  431. package/src/mcp/providers/McpServerProvider.ts +55 -0
  432. package/src/orm/__tests__/orm-showcase-tests.ts +27 -0
  433. package/src/orm/__tests__/orm-showcase.spec.ts +12 -0
  434. package/src/orm/core/interfaces/PgQuery.ts +4 -1
  435. package/src/orm/core/services/Repository.ts +27 -11
  436. package/src/react/auth/hooks/useAuth.ts +10 -5
  437. package/src/react/core/__tests__/useQuery.browser.spec.tsx +25 -0
  438. package/src/react/core/hooks/useAction.ts +14 -3
  439. package/src/react/core/hooks/useQuery.ts +24 -4
  440. package/src/react/form/__tests__/FormModel-submit-loading.spec.ts +71 -0
  441. package/src/react/form/__tests__/form-submitting-reactive.browser.spec.tsx +96 -0
  442. package/src/react/form/services/FormModel.ts +57 -39
  443. package/src/react/i18n/__tests__/I18nProvider.spec.ts +89 -0
  444. package/src/react/i18n/__tests__/locale-routing.spec.ts +107 -0
  445. package/src/react/i18n/components/Translate.tsx +47 -0
  446. package/src/react/i18n/index.ts +2 -0
  447. package/src/react/i18n/providers/I18nProvider.ts +171 -12
  448. package/src/react/intro/components/GettingStartedAdminSlide.tsx +2 -2
  449. package/src/react/router/__tests__/$page.spec.tsx +3 -2
  450. package/src/react/router/__tests__/RouterLocaleProvider.spec.ts +127 -0
  451. package/src/react/router/__tests__/page-can.spec.ts +18 -13
  452. package/src/react/router/hooks/useQueryParams.ts +114 -14
  453. package/src/react/router/index.browser.ts +4 -0
  454. package/src/react/router/index.shared.ts +1 -0
  455. package/src/react/router/index.ts +9 -0
  456. package/src/react/router/primitives/$page.ts +85 -4
  457. package/src/react/router/providers/ReactBrowserRouterProvider.ts +18 -8
  458. package/src/react/router/providers/ReactPageProvider.ts +12 -1
  459. package/src/react/router/providers/ReactServerProvider.ts +96 -14
  460. package/src/react/router/providers/RootComponentsProvider.ts +13 -0
  461. package/src/react/router/providers/RouterLocaleProvider.ts +125 -0
  462. package/src/react/router/providers/__tests__/RootComponentsProvider.spec.ts +15 -0
  463. package/src/react/router/providers/__tests__/rootComponents.ssr.browser.spec.tsx +67 -0
  464. package/src/react/sitemap/__tests__/$sitemap.spec.ts +131 -0
  465. package/src/react/sitemap/index.browser.ts +21 -0
  466. package/src/react/sitemap/index.ts +25 -0
  467. package/src/react/sitemap/primitives/$sitemap.browser.ts +26 -0
  468. package/src/react/sitemap/primitives/$sitemap.ts +196 -0
  469. package/src/react/ui/services/SchemaControl.ts +3 -4
  470. package/src/server/auth/__tests__/appleClientSecret.spec.ts +34 -0
  471. package/src/server/auth/__tests__/authFederationClient.spec.ts +40 -0
  472. package/src/server/auth/__tests__/federationAssertion.spec.ts +146 -0
  473. package/src/server/auth/__tests__/federationRedirectReplay.spec.ts +44 -0
  474. package/src/server/auth/helpers/appleClientSecret.ts +24 -0
  475. package/src/server/auth/helpers/federationAssertion.ts +74 -0
  476. package/src/server/auth/helpers/jtiReplayGuard.ts +41 -0
  477. package/src/server/auth/helpers/safeRedirectPath.ts +19 -0
  478. package/src/server/auth/index.ts +4 -0
  479. package/src/server/auth/primitives/$authFederationBroker.ts +273 -0
  480. package/src/server/auth/primitives/$authFederationClient.ts +89 -0
  481. package/src/server/auth/providers/ServerAuthProvider.ts +18 -4
  482. package/src/server/cookies/__tests__/ServerCookiesProvider.spec.ts +70 -0
  483. package/src/server/cookies/providers/ServerCookiesProvider.ts +23 -3
  484. package/src/server/core/interfaces/ServerRequest.ts +8 -0
  485. package/src/server/core/primitives/$route.ts +27 -0
  486. package/src/server/core/providers/ServerMultipartProvider.ts +19 -0
  487. package/src/server/links/providers/LinkProvider.ts +10 -0
  488. package/dist/containers/core/index.d.ts.map +0 -1
  489. package/dist/containers/core/index.js.map +0 -1
  490. package/dist/containers/core/index.workerd.js.map +0 -1
  491. package/src/cli/core/tasks/BuildSitemapTask.ts +0 -130
  492. package/src/cli/core/templates/componentsJsonTs.ts +0 -39
  493. package/src/cli/core/templates/saasAdminLayoutTsx.ts +0 -77
  494. package/src/cli/core/templates/saasAdminPagesTsx.ts +0 -26
  495. package/src/cli/core/templates/saasAuthLayoutTsx.ts +0 -22
  496. package/src/cli/core/templates/saasAuthPagesTsx.ts +0 -62
  497. package/src/cli/core/templates/saasRealmProviderTs.ts +0 -52
  498. package/src/cli/platform/services/NamingService.ts +0 -54
  499. /package/dist/orm/core/{chunk-o8xxKEmq.js → chunk-B4FMCO8f.js} +0 -0
  500. /package/dist/react/testing/{chunk-6Ep1yQYe.js → chunk-BpyX8vjI.js} +0 -0
  501. /package/src/cli/{platform → platform-lib}/__tests__/GitHubSecretStore.spec.ts +0 -0
  502. /package/src/cli/{platform → platform-lib}/__tests__/PlatformCacheProvider.spec.ts +0 -0
  503. /package/src/cli/{platform → platform-lib}/__tests__/PlatformInspector.spec.ts +0 -0
  504. /package/src/cli/{platform → platform-lib}/__tests__/PlatformOrchestrator.spec.ts +0 -0
  505. /package/src/cli/{platform → platform-lib}/__tests__/SecretFilterService.spec.ts +0 -0
  506. /package/src/cli/{platform → platform-lib}/__tests__/detectResources.spec.ts +0 -0
  507. /package/src/cli/{platform → platform-lib}/providers/GitHubSecretStore.ts +0 -0
  508. /package/src/cli/{platform → platform-lib}/providers/MemorySecretStore.ts +0 -0
  509. /package/src/cli/{platform → platform-lib}/providers/PlatformCacheProvider.ts +0 -0
  510. /package/src/cli/{platform → platform-lib}/providers/SecretStoreProvider.ts +0 -0
  511. /package/src/cli/{platform → platform-lib}/schemas/cloudflare.ts +0 -0
  512. /package/src/cli/{platform → platform-lib}/schemas/platform.ts +0 -0
  513. /package/src/cli/{platform → platform-lib}/schemas/vercel.ts +0 -0
  514. /package/src/cli/{platform → platform-lib}/services/CloudflareApi.ts +0 -0
  515. /package/src/cli/{platform → platform-lib}/services/SecretFilterService.ts +0 -0
  516. /package/src/cli/{platform → platform-lib}/services/VercelApi.ts +0 -0
  517. /package/src/cli/{platform → platform-lib}/services/VercelCli.ts +0 -0
  518. /package/src/{containers → container}/core/interfaces/ContainerOptions.ts +0 -0
  519. /package/src/{containers → container}/core/providers/NodeContainerProvider.ts +0 -0
@@ -1 +1 @@
1
- {"version":3,"file":"index.browser.js","names":[],"sources":["../../../src/server/auth/constants/routes.ts","../../../src/server/auth/schemas/authenticationProviderSchema.ts","../../../src/server/auth/schemas/tokensSchema.ts","../../../src/server/auth/schemas/tokenResponseSchema.ts","../../../src/server/auth/schemas/userinfoResponseSchema.ts","../../../src/server/auth/index.browser.ts"],"sourcesContent":["export const alephaServerAuthRoutes = {\n login: \"/oauth/login\",\n callback: \"/oauth/callback\",\n logout: \"/oauth/logout\",\n token: \"/_auth/token\",\n refresh: \"/_auth/refresh\",\n userinfo: \"/_auth/userinfo\",\n};\n","import { type Static, t } from \"alepha\";\n\nexport const authenticationProviderSchema = t.object(\n {\n name: t.text({\n description: \"Name of the authentication provider.\",\n }),\n type: t.enum([\"OAUTH2\", \"OIDC\", \"CREDENTIALS\"], {\n description: \"Type of the authentication provider.\",\n }),\n },\n {\n title: \"AuthenticationProvider\",\n },\n);\n\nexport type AuthenticationProvider = Static<\n typeof authenticationProviderSchema\n>;\n","import type { Static } from \"alepha\";\nimport { t } from \"alepha\";\n\nexport const tokensSchema = t.object({\n provider: t.text(),\n access_token: t.text({ size: \"rich\" }),\n issued_at: t.number(),\n expires_in: t.optional(t.number()),\n refresh_token: t.optional(t.text({ size: \"rich\" })),\n refresh_token_expires_in: t.optional(t.number()),\n refresh_expires_in: t.optional(\n t.number({\n description:\n \"Alias of `refresh_token_expires_in` for compatibility with some providers.\",\n }),\n ),\n id_token: t.optional(t.text({ size: \"rich\" })),\n scope: t.optional(t.text()),\n});\n\nexport type Tokens = Static<typeof tokensSchema>;\n","import { type Static, t } from \"alepha\";\nimport { userAccountInfoSchema } from \"alepha/security\";\nimport { apiRegistryResponseSchema } from \"alepha/server/links\";\nimport { tokensSchema } from \"./tokensSchema.ts\";\n\nexport const tokenResponseSchema = t.extend(tokensSchema, {\n user: userAccountInfoSchema,\n api: apiRegistryResponseSchema,\n});\n\nexport type TokenResponse = Static<typeof tokenResponseSchema>;\n","import { type Static, t } from \"alepha\";\nimport { userAccountInfoSchema } from \"alepha/security\";\nimport { apiRegistryResponseSchema } from \"alepha/server/links\";\n\nexport const userinfoResponseSchema = t.object({\n user: t.optional(userAccountInfoSchema),\n api: apiRegistryResponseSchema,\n});\n\nexport type UserinfoResponse = Static<typeof userinfoResponseSchema>;\n","import { $module } from \"alepha\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./index.shared.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport const AlephaServerAuth = $module({\n name: \"alepha.server.auth\",\n primitives: [],\n services: [],\n});\n"],"mappings":";;;;AAAA,MAAa,yBAAyB;CACpC,OAAO;CACP,UAAU;CACV,QAAQ;CACR,OAAO;CACP,SAAS;CACT,UAAU;CACX;;;ACLD,MAAa,+BAA+B,EAAE,OAC5C;CACE,MAAM,EAAE,KAAK,EACX,aAAa,wCACd,CAAC;CACF,MAAM,EAAE,KAAK;EAAC;EAAU;EAAQ;EAAc,EAAE,EAC9C,aAAa,wCACd,CAAC;CACH,EACD,EACE,OAAO,0BACR,CACF;;;ACXD,MAAa,eAAe,EAAE,OAAO;CACnC,UAAU,EAAE,MAAM;CAClB,cAAc,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;CACtC,WAAW,EAAE,QAAQ;CACrB,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;CAClC,eAAe,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC,CAAC;CACnD,0BAA0B,EAAE,SAAS,EAAE,QAAQ,CAAC;CAChD,oBAAoB,EAAE,SACpB,EAAE,OAAO,EACP,aACE,8EACH,CAAC,CACH;CACD,UAAU,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC,CAAC;CAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,CAAC;CAC5B,CAAC;;;ACbF,MAAa,sBAAsB,EAAE,OAAO,cAAc;CACxD,MAAM;CACN,KAAK;CACN,CAAC;;;ACJF,MAAa,yBAAyB,EAAE,OAAO;CAC7C,MAAM,EAAE,SAAS,sBAAsB;CACvC,KAAK;CACN,CAAC;;;ACCF,MAAa,mBAAmB,QAAQ;CACtC,MAAM;CACN,YAAY,EAAE;CACd,UAAU,EAAE;CACb,CAAC"}
1
+ {"version":3,"file":"index.browser.js","names":[],"sources":["../../../src/server/auth/constants/routes.ts","../../../src/server/auth/schemas/authenticationProviderSchema.ts","../../../src/server/auth/schemas/tokensSchema.ts","../../../src/server/auth/schemas/tokenResponseSchema.ts","../../../src/server/auth/schemas/userinfoResponseSchema.ts","../../../src/server/auth/index.browser.ts"],"sourcesContent":["export const alephaServerAuthRoutes = {\n login: \"/oauth/login\",\n callback: \"/oauth/callback\",\n logout: \"/oauth/logout\",\n token: \"/_auth/token\",\n refresh: \"/_auth/refresh\",\n userinfo: \"/_auth/userinfo\",\n};\n","import { type Static, t } from \"alepha\";\n\nexport const authenticationProviderSchema = t.object(\n {\n name: t.text({\n description: \"Name of the authentication provider.\",\n }),\n type: t.enum([\"OAUTH2\", \"OIDC\", \"CREDENTIALS\"], {\n description: \"Type of the authentication provider.\",\n }),\n },\n {\n title: \"AuthenticationProvider\",\n },\n);\n\nexport type AuthenticationProvider = Static<\n typeof authenticationProviderSchema\n>;\n","import type { Static } from \"alepha\";\nimport { t } from \"alepha\";\n\nexport const tokensSchema = t.object({\n provider: t.text(),\n access_token: t.text({ size: \"rich\" }),\n issued_at: t.number(),\n expires_in: t.optional(t.number()),\n refresh_token: t.optional(t.text({ size: \"rich\" })),\n refresh_token_expires_in: t.optional(t.number()),\n refresh_expires_in: t.optional(\n t.number({\n description:\n \"Alias of `refresh_token_expires_in` for compatibility with some providers.\",\n }),\n ),\n id_token: t.optional(t.text({ size: \"rich\" })),\n scope: t.optional(t.text()),\n});\n\nexport type Tokens = Static<typeof tokensSchema>;\n","import { type Static, t } from \"alepha\";\nimport { userAccountInfoSchema } from \"alepha/security\";\nimport { apiRegistryResponseSchema } from \"alepha/server/links\";\nimport { tokensSchema } from \"./tokensSchema.ts\";\n\nexport const tokenResponseSchema = t.extend(tokensSchema, {\n user: userAccountInfoSchema,\n api: apiRegistryResponseSchema,\n});\n\nexport type TokenResponse = Static<typeof tokenResponseSchema>;\n","import { type Static, t } from \"alepha\";\nimport { userAccountInfoSchema } from \"alepha/security\";\nimport { apiRegistryResponseSchema } from \"alepha/server/links\";\n\nexport const userinfoResponseSchema = t.object({\n user: t.optional(userAccountInfoSchema),\n api: apiRegistryResponseSchema,\n});\n\nexport type UserinfoResponse = Static<typeof userinfoResponseSchema>;\n","import { $module } from \"alepha\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./index.shared.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport const AlephaServerAuth = $module({\n name: \"alepha.server.auth\",\n primitives: [],\n services: [],\n});\n"],"mappings":";;;;AAAA,MAAa,yBAAyB;CACpC,OAAO;CACP,UAAU;CACV,QAAQ;CACR,OAAO;CACP,SAAS;CACT,UAAU;AACZ;;;ACLA,MAAa,+BAA+B,EAAE,OAC5C;CACE,MAAM,EAAE,KAAK,EACX,aAAa,uCACf,CAAC;CACD,MAAM,EAAE,KAAK;EAAC;EAAU;EAAQ;CAAa,GAAG,EAC9C,aAAa,uCACf,CAAC;AACH,GACA,EACE,OAAO,yBACT,CACF;;;ACXA,MAAa,eAAe,EAAE,OAAO;CACnC,UAAU,EAAE,KAAK;CACjB,cAAc,EAAE,KAAK,EAAE,MAAM,OAAO,CAAC;CACrC,WAAW,EAAE,OAAO;CACpB,YAAY,EAAE,SAAS,EAAE,OAAO,CAAC;CACjC,eAAe,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,OAAO,CAAC,CAAC;CAClD,0BAA0B,EAAE,SAAS,EAAE,OAAO,CAAC;CAC/C,oBAAoB,EAAE,SACpB,EAAE,OAAO,EACP,aACE,6EACJ,CAAC,CACH;CACA,UAAU,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,OAAO,CAAC,CAAC;CAC7C,OAAO,EAAE,SAAS,EAAE,KAAK,CAAC;AAC5B,CAAC;;;ACbD,MAAa,sBAAsB,EAAE,OAAO,cAAc;CACxD,MAAM;CACN,KAAK;AACP,CAAC;;;ACJD,MAAa,yBAAyB,EAAE,OAAO;CAC7C,MAAM,EAAE,SAAS,qBAAqB;CACtC,KAAK;AACP,CAAC;;;ACCD,MAAa,mBAAmB,QAAQ;CACtC,MAAM;CACN,YAAY,CAAC;CACb,UAAU,CAAC;AACb,CAAC"}
@@ -1,15 +1,52 @@
1
- import * as _$alepha from "alepha";
2
1
  import { Alepha, Async, KIND, Primitive, Static } from "alepha";
3
- import * as _$alepha_server_cookies0 from "alepha/server/cookies";
4
2
  import { Cookies, ServerCookiesProvider } from "alepha/server/cookies";
5
3
  import { DateTimeProvider } from "alepha/datetime";
6
4
  import { AccessTokenResponse, IssuerPrimitive, SecurityProvider, UserAccount } from "alepha/security";
7
- import * as _$alepha_logger0 from "alepha/logger";
8
- import * as _$alepha_server0 from "alepha/server";
9
5
  import { ServerRawRequest, ServerReply } from "alepha/server";
10
6
  import { ServerLinksProvider } from "alepha/server/links";
11
- import * as _$typebox from "typebox";
12
7
 
8
+ //#region ../../src/server/auth/helpers/appleClientSecret.d.ts
9
+ interface AppleClientSecretOptions {
10
+ privateKeyPem: string;
11
+ teamId: string;
12
+ serviceId: string;
13
+ keyId: string;
14
+ ttlSeconds?: number;
15
+ }
16
+ /** Signs Apple's short-lived ES256 client_secret JWT on demand (no rotation job). */
17
+ declare function signAppleClientSecret(opts: AppleClientSecretOptions): Promise<string>;
18
+ //#endregion
19
+ //#region ../../src/server/auth/helpers/federationAssertion.d.ts
20
+ interface FederationProfile {
21
+ provider: "google" | "apple";
22
+ sub: string;
23
+ email?: string;
24
+ email_verified?: boolean;
25
+ name?: string;
26
+ given_name?: string;
27
+ family_name?: string;
28
+ picture?: string;
29
+ is_private_email?: boolean;
30
+ }
31
+ interface SignAssertionOptions {
32
+ privateKeyPem: string;
33
+ issuer: string;
34
+ audience: string;
35
+ ttlSeconds?: number;
36
+ jti?: string;
37
+ }
38
+ interface VerifyAssertionOptions {
39
+ publicKeyPem: string;
40
+ issuer: string;
41
+ audience: string;
42
+ }
43
+ interface VerifiedAssertion {
44
+ profile: FederationProfile;
45
+ jti: string;
46
+ }
47
+ declare function signFederationAssertion(profile: FederationProfile, opts: SignAssertionOptions): Promise<string>;
48
+ declare function verifyFederationAssertion(token: string, opts: VerifyAssertionOptions): Promise<VerifiedAssertion>;
49
+ //#endregion
13
50
  //#region ../../src/server/auth/constants/routes.d.ts
14
51
  declare const alephaServerAuthRoutes: {
15
52
  login: string;
@@ -21,85 +58,85 @@ declare const alephaServerAuthRoutes: {
21
58
  };
22
59
  //#endregion
23
60
  //#region ../../src/server/auth/schemas/authenticationProviderSchema.d.ts
24
- declare const authenticationProviderSchema: _$typebox.TObject<{
25
- name: _$typebox.TString;
26
- type: _$typebox.TUnsafe<"OAUTH2" | "OIDC" | "CREDENTIALS">;
61
+ declare const authenticationProviderSchema: import("typebox").TObject<{
62
+ name: import("typebox").TString;
63
+ type: import("typebox").TUnsafe<"OAUTH2" | "OIDC" | "CREDENTIALS">;
27
64
  }>;
28
65
  type AuthenticationProvider = Static<typeof authenticationProviderSchema>;
29
66
  //#endregion
30
67
  //#region ../../src/server/auth/schemas/tokenResponseSchema.d.ts
31
- declare const tokenResponseSchema: _$typebox.TObject<{
32
- provider: _$typebox.TString;
33
- access_token: _$typebox.TString;
34
- issued_at: _$typebox.TNumber;
35
- expires_in: _$typebox.TOptional<_$typebox.TNumber>;
36
- refresh_token: _$typebox.TOptional<_$typebox.TString>;
37
- refresh_token_expires_in: _$typebox.TOptional<_$typebox.TNumber>;
38
- refresh_expires_in: _$typebox.TOptional<_$typebox.TNumber>;
39
- id_token: _$typebox.TOptional<_$typebox.TString>;
40
- scope: _$typebox.TOptional<_$typebox.TString>;
41
- user: _$typebox.TObject<{
42
- id: _$typebox.TString;
43
- name: _$typebox.TOptional<_$typebox.TString>;
44
- email: _$typebox.TOptional<_$typebox.TString>;
45
- username: _$typebox.TOptional<_$typebox.TString>;
46
- picture: _$typebox.TOptional<_$typebox.TString>;
47
- sessionId: _$typebox.TOptional<_$typebox.TString>;
48
- organization: _$typebox.TOptional<_$typebox.TString>;
49
- roles: _$typebox.TOptional<_$typebox.TArray<_$typebox.TString>>;
50
- realm: _$typebox.TOptional<_$typebox.TString>;
68
+ declare const tokenResponseSchema: import("typebox").TObject<{
69
+ provider: import("typebox").TString;
70
+ access_token: import("typebox").TString;
71
+ issued_at: import("typebox").TNumber;
72
+ expires_in: import("typebox").TOptional<import("typebox").TNumber>;
73
+ refresh_token: import("typebox").TOptional<import("typebox").TString>;
74
+ refresh_token_expires_in: import("typebox").TOptional<import("typebox").TNumber>;
75
+ refresh_expires_in: import("typebox").TOptional<import("typebox").TNumber>;
76
+ id_token: import("typebox").TOptional<import("typebox").TString>;
77
+ scope: import("typebox").TOptional<import("typebox").TString>;
78
+ user: import("typebox").TObject<{
79
+ id: import("typebox").TString;
80
+ name: import("typebox").TOptional<import("typebox").TString>;
81
+ email: import("typebox").TOptional<import("typebox").TString>;
82
+ username: import("typebox").TOptional<import("typebox").TString>;
83
+ picture: import("typebox").TOptional<import("typebox").TString>;
84
+ sessionId: import("typebox").TOptional<import("typebox").TString>;
85
+ organization: import("typebox").TOptional<import("typebox").TString>;
86
+ roles: import("typebox").TOptional<import("typebox").TArray<import("typebox").TString>>;
87
+ realm: import("typebox").TOptional<import("typebox").TString>;
51
88
  }>;
52
- api: _$typebox.TObject<{
53
- prefix: _$typebox.TOptional<_$typebox.TString>;
54
- actions: _$typebox.TRecord<"^.*$", _$typebox.TObject<{
55
- path: _$typebox.TString;
56
- method: _$typebox.TOptional<_$typebox.TString>;
57
- contentType: _$typebox.TOptional<_$typebox.TString>;
58
- kind: _$typebox.TOptional<_$typebox.TString>;
59
- service: _$typebox.TOptional<_$typebox.TString>;
89
+ api: import("typebox").TObject<{
90
+ prefix: import("typebox").TOptional<import("typebox").TString>;
91
+ actions: import("typebox").TRecord<"^.*$", import("typebox").TObject<{
92
+ path: import("typebox").TString;
93
+ method: import("typebox").TOptional<import("typebox").TString>;
94
+ contentType: import("typebox").TOptional<import("typebox").TString>;
95
+ kind: import("typebox").TOptional<import("typebox").TString>;
96
+ service: import("typebox").TOptional<import("typebox").TString>;
60
97
  }>>;
61
- permissions: _$typebox.TOptional<_$typebox.TArray<_$typebox.TString>>;
98
+ permissions: import("typebox").TOptional<import("typebox").TArray<import("typebox").TString>>;
62
99
  }>;
63
100
  }>;
64
101
  type TokenResponse = Static<typeof tokenResponseSchema>;
65
102
  //#endregion
66
103
  //#region ../../src/server/auth/schemas/tokensSchema.d.ts
67
- declare const tokensSchema: _$typebox.TObject<{
68
- provider: _$typebox.TString;
69
- access_token: _$typebox.TString;
70
- issued_at: _$typebox.TNumber;
71
- expires_in: _$typebox.TOptional<_$typebox.TNumber>;
72
- refresh_token: _$typebox.TOptional<_$typebox.TString>;
73
- refresh_token_expires_in: _$typebox.TOptional<_$typebox.TNumber>;
74
- refresh_expires_in: _$typebox.TOptional<_$typebox.TNumber>;
75
- id_token: _$typebox.TOptional<_$typebox.TString>;
76
- scope: _$typebox.TOptional<_$typebox.TString>;
104
+ declare const tokensSchema: import("typebox").TObject<{
105
+ provider: import("typebox").TString;
106
+ access_token: import("typebox").TString;
107
+ issued_at: import("typebox").TNumber;
108
+ expires_in: import("typebox").TOptional<import("typebox").TNumber>;
109
+ refresh_token: import("typebox").TOptional<import("typebox").TString>;
110
+ refresh_token_expires_in: import("typebox").TOptional<import("typebox").TNumber>;
111
+ refresh_expires_in: import("typebox").TOptional<import("typebox").TNumber>;
112
+ id_token: import("typebox").TOptional<import("typebox").TString>;
113
+ scope: import("typebox").TOptional<import("typebox").TString>;
77
114
  }>;
78
115
  type Tokens = Static<typeof tokensSchema>;
79
116
  //#endregion
80
117
  //#region ../../src/server/auth/schemas/userinfoResponseSchema.d.ts
81
- declare const userinfoResponseSchema: _$typebox.TObject<{
82
- user: _$typebox.TOptional<_$typebox.TObject<{
83
- id: _$typebox.TString;
84
- name: _$typebox.TOptional<_$typebox.TString>;
85
- email: _$typebox.TOptional<_$typebox.TString>;
86
- username: _$typebox.TOptional<_$typebox.TString>;
87
- picture: _$typebox.TOptional<_$typebox.TString>;
88
- sessionId: _$typebox.TOptional<_$typebox.TString>;
89
- organization: _$typebox.TOptional<_$typebox.TString>;
90
- roles: _$typebox.TOptional<_$typebox.TArray<_$typebox.TString>>;
91
- realm: _$typebox.TOptional<_$typebox.TString>;
118
+ declare const userinfoResponseSchema: import("typebox").TObject<{
119
+ user: import("typebox").TOptional<import("typebox").TObject<{
120
+ id: import("typebox").TString;
121
+ name: import("typebox").TOptional<import("typebox").TString>;
122
+ email: import("typebox").TOptional<import("typebox").TString>;
123
+ username: import("typebox").TOptional<import("typebox").TString>;
124
+ picture: import("typebox").TOptional<import("typebox").TString>;
125
+ sessionId: import("typebox").TOptional<import("typebox").TString>;
126
+ organization: import("typebox").TOptional<import("typebox").TString>;
127
+ roles: import("typebox").TOptional<import("typebox").TArray<import("typebox").TString>>;
128
+ realm: import("typebox").TOptional<import("typebox").TString>;
92
129
  }>>;
93
- api: _$typebox.TObject<{
94
- prefix: _$typebox.TOptional<_$typebox.TString>;
95
- actions: _$typebox.TRecord<"^.*$", _$typebox.TObject<{
96
- path: _$typebox.TString;
97
- method: _$typebox.TOptional<_$typebox.TString>;
98
- contentType: _$typebox.TOptional<_$typebox.TString>;
99
- kind: _$typebox.TOptional<_$typebox.TString>;
100
- service: _$typebox.TOptional<_$typebox.TString>;
130
+ api: import("typebox").TObject<{
131
+ prefix: import("typebox").TOptional<import("typebox").TString>;
132
+ actions: import("typebox").TRecord<"^.*$", import("typebox").TObject<{
133
+ path: import("typebox").TString;
134
+ method: import("typebox").TOptional<import("typebox").TString>;
135
+ contentType: import("typebox").TOptional<import("typebox").TString>;
136
+ kind: import("typebox").TOptional<import("typebox").TString>;
137
+ service: import("typebox").TOptional<import("typebox").TString>;
101
138
  }>>;
102
- permissions: _$typebox.TOptional<_$typebox.TArray<_$typebox.TString>>;
139
+ permissions: import("typebox").TOptional<import("typebox").TArray<import("typebox").TString>>;
103
140
  }>;
104
141
  }>;
105
142
  type UserinfoResponse = Static<typeof userinfoResponseSchema>;
@@ -1160,7 +1197,7 @@ declare class Configuration implements ConfigurationMethods, ConfigurationProper
1160
1197
  //#endregion
1161
1198
  //#region ../../src/server/auth/providers/ServerAuthProvider.d.ts
1162
1199
  declare class ServerAuthProvider {
1163
- protected readonly log: _$alepha_logger0.Logger;
1200
+ protected readonly log: import("alepha/logger").Logger;
1164
1201
  protected readonly alepha: Alepha;
1165
1202
  protected readonly serverCookiesProvider: ServerCookiesProvider;
1166
1203
  protected readonly dateTimeProvider: DateTimeProvider;
@@ -1175,137 +1212,137 @@ declare class ServerAuthProvider {
1175
1212
  */
1176
1213
  protected validateRedirectUri(uri: string): string;
1177
1214
  get identities(): Array<AuthPrimitive>;
1178
- protected readonly authorizationCode: _$alepha_server_cookies0.AbstractCookiePrimitive<_$typebox.TObject<{
1179
- provider: _$typebox.TString;
1180
- realm: _$typebox.TOptional<_$typebox.TString>;
1181
- codeVerifier: _$typebox.TOptional<_$typebox.TString>;
1182
- redirectUri: _$typebox.TOptional<_$typebox.TString>;
1183
- loginUri: _$typebox.TOptional<_$typebox.TString>;
1184
- state: _$typebox.TOptional<_$typebox.TString>;
1185
- nonce: _$typebox.TOptional<_$typebox.TString>;
1215
+ protected readonly authorizationCode: import("alepha/server/cookies").AbstractCookiePrimitive<import("typebox").TObject<{
1216
+ provider: import("typebox").TString;
1217
+ realm: import("typebox").TOptional<import("typebox").TString>;
1218
+ codeVerifier: import("typebox").TOptional<import("typebox").TString>;
1219
+ redirectUri: import("typebox").TOptional<import("typebox").TString>;
1220
+ loginUri: import("typebox").TOptional<import("typebox").TString>;
1221
+ state: import("typebox").TOptional<import("typebox").TString>;
1222
+ nonce: import("typebox").TOptional<import("typebox").TString>;
1186
1223
  }>>;
1187
- readonly tokens: _$alepha_server_cookies0.AbstractCookiePrimitive<_$typebox.TObject<{
1188
- provider: _$typebox.TString;
1189
- access_token: _$typebox.TString;
1190
- issued_at: _$typebox.TNumber;
1191
- expires_in: _$typebox.TOptional<_$typebox.TNumber>;
1192
- refresh_token: _$typebox.TOptional<_$typebox.TString>;
1193
- refresh_token_expires_in: _$typebox.TOptional<_$typebox.TNumber>;
1194
- refresh_expires_in: _$typebox.TOptional<_$typebox.TNumber>;
1195
- id_token: _$typebox.TOptional<_$typebox.TString>;
1196
- scope: _$typebox.TOptional<_$typebox.TString>;
1224
+ readonly tokens: import("alepha/server/cookies").AbstractCookiePrimitive<import("typebox").TObject<{
1225
+ provider: import("typebox").TString;
1226
+ access_token: import("typebox").TString;
1227
+ issued_at: import("typebox").TNumber;
1228
+ expires_in: import("typebox").TOptional<import("typebox").TNumber>;
1229
+ refresh_token: import("typebox").TOptional<import("typebox").TString>;
1230
+ refresh_token_expires_in: import("typebox").TOptional<import("typebox").TNumber>;
1231
+ refresh_expires_in: import("typebox").TOptional<import("typebox").TNumber>;
1232
+ id_token: import("typebox").TOptional<import("typebox").TString>;
1233
+ scope: import("typebox").TOptional<import("typebox").TString>;
1197
1234
  }>>;
1198
- protected readonly configure: _$alepha.HookPrimitive<"configure">;
1235
+ protected readonly configure: import("alepha").HookPrimitive<"configure">;
1199
1236
  /**
1200
1237
  * Fill request headers with access token from cookies or fallback to provider's fallback function.
1201
1238
  */
1202
- protected readonly onRequest: _$alepha.HookPrimitive<"server:onRequest">;
1239
+ protected readonly onRequest: import("alepha").HookPrimitive<"server:onRequest">;
1203
1240
  /**
1204
1241
  * Get user information.
1205
1242
  */
1206
- readonly userinfo: _$alepha_server0.RoutePrimitive<{
1207
- response: _$typebox.TObject<{
1208
- user: _$typebox.TOptional<_$typebox.TObject<{
1209
- id: _$typebox.TString;
1210
- name: _$typebox.TOptional<_$typebox.TString>;
1211
- email: _$typebox.TOptional<_$typebox.TString>;
1212
- username: _$typebox.TOptional<_$typebox.TString>;
1213
- picture: _$typebox.TOptional<_$typebox.TString>;
1214
- sessionId: _$typebox.TOptional<_$typebox.TString>;
1215
- organization: _$typebox.TOptional<_$typebox.TString>;
1216
- roles: _$typebox.TOptional<_$typebox.TArray<_$typebox.TString>>;
1217
- realm: _$typebox.TOptional<_$typebox.TString>;
1243
+ readonly userinfo: import("alepha/server").RoutePrimitive<{
1244
+ response: import("typebox").TObject<{
1245
+ user: import("typebox").TOptional<import("typebox").TObject<{
1246
+ id: import("typebox").TString;
1247
+ name: import("typebox").TOptional<import("typebox").TString>;
1248
+ email: import("typebox").TOptional<import("typebox").TString>;
1249
+ username: import("typebox").TOptional<import("typebox").TString>;
1250
+ picture: import("typebox").TOptional<import("typebox").TString>;
1251
+ sessionId: import("typebox").TOptional<import("typebox").TString>;
1252
+ organization: import("typebox").TOptional<import("typebox").TString>;
1253
+ roles: import("typebox").TOptional<import("typebox").TArray<import("typebox").TString>>;
1254
+ realm: import("typebox").TOptional<import("typebox").TString>;
1218
1255
  }>>;
1219
- api: _$typebox.TObject<{
1220
- prefix: _$typebox.TOptional<_$typebox.TString>;
1221
- actions: _$typebox.TRecord<"^.*$", _$typebox.TObject<{
1222
- path: _$typebox.TString;
1223
- method: _$typebox.TOptional<_$typebox.TString>;
1224
- contentType: _$typebox.TOptional<_$typebox.TString>;
1225
- kind: _$typebox.TOptional<_$typebox.TString>;
1226
- service: _$typebox.TOptional<_$typebox.TString>;
1256
+ api: import("typebox").TObject<{
1257
+ prefix: import("typebox").TOptional<import("typebox").TString>;
1258
+ actions: import("typebox").TRecord<"^.*$", import("typebox").TObject<{
1259
+ path: import("typebox").TString;
1260
+ method: import("typebox").TOptional<import("typebox").TString>;
1261
+ contentType: import("typebox").TOptional<import("typebox").TString>;
1262
+ kind: import("typebox").TOptional<import("typebox").TString>;
1263
+ service: import("typebox").TOptional<import("typebox").TString>;
1227
1264
  }>>;
1228
- permissions: _$typebox.TOptional<_$typebox.TArray<_$typebox.TString>>;
1265
+ permissions: import("typebox").TOptional<import("typebox").TArray<import("typebox").TString>>;
1229
1266
  }>;
1230
1267
  }>;
1231
1268
  }>;
1232
1269
  /**
1233
1270
  * Refresh a token for internal providers.
1234
1271
  */
1235
- readonly refresh: _$alepha_server0.RoutePrimitive<{
1236
- query: _$typebox.TObject<{
1237
- provider: _$typebox.TString;
1272
+ readonly refresh: import("alepha/server").RoutePrimitive<{
1273
+ query: import("typebox").TObject<{
1274
+ provider: import("typebox").TString;
1238
1275
  }>;
1239
- body: _$typebox.TObject<{
1240
- refresh_token: _$typebox.TString;
1241
- access_token: _$typebox.TOptional<_$typebox.TString>;
1276
+ body: import("typebox").TObject<{
1277
+ refresh_token: import("typebox").TString;
1278
+ access_token: import("typebox").TOptional<import("typebox").TString>;
1242
1279
  }>;
1243
- response: _$typebox.TObject<{
1244
- provider: _$typebox.TString;
1245
- access_token: _$typebox.TString;
1246
- issued_at: _$typebox.TNumber;
1247
- expires_in: _$typebox.TOptional<_$typebox.TNumber>;
1248
- refresh_token: _$typebox.TOptional<_$typebox.TString>;
1249
- refresh_token_expires_in: _$typebox.TOptional<_$typebox.TNumber>;
1250
- refresh_expires_in: _$typebox.TOptional<_$typebox.TNumber>;
1251
- id_token: _$typebox.TOptional<_$typebox.TString>;
1252
- scope: _$typebox.TOptional<_$typebox.TString>;
1280
+ response: import("typebox").TObject<{
1281
+ provider: import("typebox").TString;
1282
+ access_token: import("typebox").TString;
1283
+ issued_at: import("typebox").TNumber;
1284
+ expires_in: import("typebox").TOptional<import("typebox").TNumber>;
1285
+ refresh_token: import("typebox").TOptional<import("typebox").TString>;
1286
+ refresh_token_expires_in: import("typebox").TOptional<import("typebox").TNumber>;
1287
+ refresh_expires_in: import("typebox").TOptional<import("typebox").TNumber>;
1288
+ id_token: import("typebox").TOptional<import("typebox").TString>;
1289
+ scope: import("typebox").TOptional<import("typebox").TString>;
1253
1290
  }>;
1254
1291
  }>;
1255
1292
  /**
1256
1293
  * Login for local password-based authentication.
1257
1294
  */
1258
- readonly token: _$alepha_server0.RoutePrimitive<{
1259
- query: _$typebox.TObject<{
1260
- provider: _$typebox.TString;
1261
- realm: _$typebox.TOptional<_$typebox.TString>;
1295
+ readonly token: import("alepha/server").RoutePrimitive<{
1296
+ query: import("typebox").TObject<{
1297
+ provider: import("typebox").TString;
1298
+ realm: import("typebox").TOptional<import("typebox").TString>;
1262
1299
  }>;
1263
- body: _$typebox.TObject<{
1264
- username: _$typebox.TString;
1265
- password: _$typebox.TString;
1300
+ body: import("typebox").TObject<{
1301
+ username: import("typebox").TString;
1302
+ password: import("typebox").TString;
1266
1303
  }>;
1267
- response: _$typebox.TObject<{
1268
- provider: _$typebox.TString;
1269
- access_token: _$typebox.TString;
1270
- issued_at: _$typebox.TNumber;
1271
- expires_in: _$typebox.TOptional<_$typebox.TNumber>;
1272
- refresh_token: _$typebox.TOptional<_$typebox.TString>;
1273
- refresh_token_expires_in: _$typebox.TOptional<_$typebox.TNumber>;
1274
- refresh_expires_in: _$typebox.TOptional<_$typebox.TNumber>;
1275
- id_token: _$typebox.TOptional<_$typebox.TString>;
1276
- scope: _$typebox.TOptional<_$typebox.TString>;
1277
- user: _$typebox.TObject<{
1278
- id: _$typebox.TString;
1279
- name: _$typebox.TOptional<_$typebox.TString>;
1280
- email: _$typebox.TOptional<_$typebox.TString>;
1281
- username: _$typebox.TOptional<_$typebox.TString>;
1282
- picture: _$typebox.TOptional<_$typebox.TString>;
1283
- sessionId: _$typebox.TOptional<_$typebox.TString>;
1284
- organization: _$typebox.TOptional<_$typebox.TString>;
1285
- roles: _$typebox.TOptional<_$typebox.TArray<_$typebox.TString>>;
1286
- realm: _$typebox.TOptional<_$typebox.TString>;
1304
+ response: import("typebox").TObject<{
1305
+ provider: import("typebox").TString;
1306
+ access_token: import("typebox").TString;
1307
+ issued_at: import("typebox").TNumber;
1308
+ expires_in: import("typebox").TOptional<import("typebox").TNumber>;
1309
+ refresh_token: import("typebox").TOptional<import("typebox").TString>;
1310
+ refresh_token_expires_in: import("typebox").TOptional<import("typebox").TNumber>;
1311
+ refresh_expires_in: import("typebox").TOptional<import("typebox").TNumber>;
1312
+ id_token: import("typebox").TOptional<import("typebox").TString>;
1313
+ scope: import("typebox").TOptional<import("typebox").TString>;
1314
+ user: import("typebox").TObject<{
1315
+ id: import("typebox").TString;
1316
+ name: import("typebox").TOptional<import("typebox").TString>;
1317
+ email: import("typebox").TOptional<import("typebox").TString>;
1318
+ username: import("typebox").TOptional<import("typebox").TString>;
1319
+ picture: import("typebox").TOptional<import("typebox").TString>;
1320
+ sessionId: import("typebox").TOptional<import("typebox").TString>;
1321
+ organization: import("typebox").TOptional<import("typebox").TString>;
1322
+ roles: import("typebox").TOptional<import("typebox").TArray<import("typebox").TString>>;
1323
+ realm: import("typebox").TOptional<import("typebox").TString>;
1287
1324
  }>;
1288
- api: _$typebox.TObject<{
1289
- prefix: _$typebox.TOptional<_$typebox.TString>;
1290
- actions: _$typebox.TRecord<"^.*$", _$typebox.TObject<{
1291
- path: _$typebox.TString;
1292
- method: _$typebox.TOptional<_$typebox.TString>;
1293
- contentType: _$typebox.TOptional<_$typebox.TString>;
1294
- kind: _$typebox.TOptional<_$typebox.TString>;
1295
- service: _$typebox.TOptional<_$typebox.TString>;
1325
+ api: import("typebox").TObject<{
1326
+ prefix: import("typebox").TOptional<import("typebox").TString>;
1327
+ actions: import("typebox").TRecord<"^.*$", import("typebox").TObject<{
1328
+ path: import("typebox").TString;
1329
+ method: import("typebox").TOptional<import("typebox").TString>;
1330
+ contentType: import("typebox").TOptional<import("typebox").TString>;
1331
+ kind: import("typebox").TOptional<import("typebox").TString>;
1332
+ service: import("typebox").TOptional<import("typebox").TString>;
1296
1333
  }>>;
1297
- permissions: _$typebox.TOptional<_$typebox.TArray<_$typebox.TString>>;
1334
+ permissions: import("typebox").TOptional<import("typebox").TArray<import("typebox").TString>>;
1298
1335
  }>;
1299
1336
  }>;
1300
1337
  }>;
1301
1338
  /**
1302
1339
  * Oauth2/OIDC login route.
1303
1340
  */
1304
- readonly login: _$alepha_server0.RoutePrimitive<{
1305
- query: _$typebox.TObject<{
1306
- provider: _$typebox.TString;
1307
- realm: _$typebox.TOptional<_$typebox.TString>;
1308
- redirect_uri: _$typebox.TOptional<_$typebox.TString>;
1341
+ readonly login: import("alepha/server").RoutePrimitive<{
1342
+ query: import("typebox").TObject<{
1343
+ provider: import("typebox").TString;
1344
+ realm: import("typebox").TOptional<import("typebox").TString>;
1345
+ redirect_uri: import("typebox").TOptional<import("typebox").TString>;
1309
1346
  }>;
1310
1347
  }>;
1311
1348
  /**
@@ -1321,22 +1358,28 @@ declare class ServerAuthProvider {
1321
1358
  * is passed so openid-client can read the authorization code from the POST body.
1322
1359
  */
1323
1360
  protected handleCallback(url: URL, reply: ServerReply, cookies: Cookies, raw?: ServerRawRequest): Promise<void>;
1361
+ /**
1362
+ * Establish a local session for an already-resolved user: mint realm tokens
1363
+ * and write the `tokens` cookie. Used by the OAuth callback and by federated
1364
+ * (broker) login. `issuer` is the realm issuer (provider.issuer / realm).
1365
+ */
1366
+ establishSession(user: UserAccount, issuer: IssuerPrimitive, providerName: string, cookies: Cookies): Promise<void>;
1324
1367
  /**
1325
1368
  * Callback for OAuth2/OIDC providers.
1326
1369
  * It handles the authorization code flow and retrieves the access token.
1327
1370
  */
1328
- readonly callback: _$alepha_server0.RoutePrimitive<_$alepha_server0.RequestConfigSchema>;
1371
+ readonly callback: import("alepha/server").RoutePrimitive<import("alepha/server").RequestConfigSchema>;
1329
1372
  /**
1330
1373
  * POST callback for OAuth2/OIDC providers using form_post response mode.
1331
1374
  * Apple Sign In sends the authorization code via POST body instead of URL query parameters.
1332
1375
  */
1333
- readonly callbackPost: _$alepha_server0.RoutePrimitive<_$alepha_server0.RequestConfigSchema>;
1376
+ readonly callbackPost: import("alepha/server").RoutePrimitive<import("alepha/server").RequestConfigSchema>;
1334
1377
  /**
1335
1378
  * Logout route for OAuth2/OIDC providers.
1336
1379
  */
1337
- readonly logout: _$alepha_server0.RoutePrimitive<{
1338
- query: _$typebox.TObject<{
1339
- post_logout_redirect_uri: _$typebox.TOptional<_$typebox.TString>;
1380
+ readonly logout: import("alepha/server").RoutePrimitive<{
1381
+ query: import("typebox").TObject<{
1382
+ post_logout_redirect_uri: import("typebox").TOptional<import("typebox").TString>;
1340
1383
  }>;
1341
1384
  }>;
1342
1385
  getAuthenticationProviders(filters?: {
@@ -1692,6 +1735,62 @@ declare const $authCredentials: (realm: IssuerPrimitive & WithLoginFn, options?:
1692
1735
  */
1693
1736
  declare const $authFacebook: (realm: IssuerPrimitive & WithLinkFn, options?: Partial<OidcOptions>) => AuthPrimitive;
1694
1737
  //#endregion
1738
+ //#region ../../src/server/auth/primitives/$authFederationBroker.d.ts
1739
+ interface FederationBrokerProviders {
1740
+ google?: {
1741
+ clientId: string;
1742
+ clientSecret: string;
1743
+ };
1744
+ apple?: {
1745
+ serviceId: string;
1746
+ teamId: string;
1747
+ keyId: string;
1748
+ privateKeyPem: string;
1749
+ };
1750
+ }
1751
+ interface FederationBrokerOptions {
1752
+ /** Broker public origin, e.g. https://alepha.club — becomes the assertion `iss`. */
1753
+ issuer: string;
1754
+ /** EdDSA PKCS#8 PEM — signs assertions. */
1755
+ signingKeyPem: string;
1756
+ providers: FederationBrokerProviders;
1757
+ /** Validate the requested tenant and return its exact origin (or null to reject). */
1758
+ resolveTenant: (tenant: string) => Promise<string | null>;
1759
+ assertionTtlSeconds?: number;
1760
+ }
1761
+ declare const $authFederationBroker: (options: FederationBrokerOptions) => {
1762
+ start: import("alepha/server").RoutePrimitive<{
1763
+ query: import("typebox").TObject<{
1764
+ provider: import("typebox").TString;
1765
+ tenant: import("typebox").TString;
1766
+ redirect: import("typebox").TOptional<import("typebox").TString>;
1767
+ }>;
1768
+ }>;
1769
+ callback: import("alepha/server").RoutePrimitive<import("alepha/server").RequestConfigSchema>;
1770
+ callbackPost: import("alepha/server").RoutePrimitive<import("alepha/server").RequestConfigSchema>;
1771
+ };
1772
+ //#endregion
1773
+ //#region ../../src/server/auth/primitives/$authFederationClient.d.ts
1774
+ declare function assertionToProfile(token: string, opts: VerifyAssertionOptions): Promise<{
1775
+ provider: string;
1776
+ jti: string;
1777
+ link: LinkAccountOptions;
1778
+ }>;
1779
+ interface FederationClientOptions {
1780
+ realm: IssuerPrimitive & WithLinkFn;
1781
+ brokerUrl: string;
1782
+ publicKeyPem: string;
1783
+ selfOrigin?: string;
1784
+ }
1785
+ declare const $authFederationClient: (options: FederationClientOptions) => {
1786
+ callback: import("alepha/server").RoutePrimitive<{
1787
+ query: import("typebox").TObject<{
1788
+ token: import("typebox").TString;
1789
+ redirect: import("typebox").TOptional<import("typebox").TString>;
1790
+ }>;
1791
+ }>;
1792
+ };
1793
+ //#endregion
1695
1794
  //#region ../../src/server/auth/primitives/$authFranceConnect.d.ts
1696
1795
  /**
1697
1796
  * Creates an authentication provider primitive for France Connect.
@@ -1791,7 +1890,7 @@ declare const $authMicrosoft: (realm: IssuerPrimitive & WithLinkFn, options?: Pa
1791
1890
  *
1792
1891
  * @module alepha.server.auth
1793
1892
  */
1794
- declare const AlephaServerAuth: _$alepha.Service<_$alepha.Module>;
1893
+ declare const AlephaServerAuth: import("alepha").Service<import("alepha").Module>;
1795
1894
  //#endregion
1796
- export { $auth, $authApple, $authCredentials, $authFacebook, $authFranceConnect, $authGithub, $authGoogle, $authMicrosoft, AccessToken, AlephaServerAuth, AuthExternal, AuthInternal, AuthPrimitive, AuthPrimitiveOptions, AuthenticationProvider, Credentials, CredentialsFn, CredentialsOptions, LinkAccountFn, LinkAccountOptions, OAuth2Options, OAuth2Profile, OidcOptions, ServerAuthProvider, TokenResponse, Tokens, UserinfoResponse, WithLinkFn, WithLoginFn, alephaServerAuthRoutes, authenticationProviderSchema, tokenResponseSchema, tokensSchema, userinfoResponseSchema };
1895
+ export { $auth, $authApple, $authCredentials, $authFacebook, $authFederationBroker, $authFederationClient, $authFranceConnect, $authGithub, $authGoogle, $authMicrosoft, AccessToken, AlephaServerAuth, AppleClientSecretOptions, AuthExternal, AuthInternal, AuthPrimitive, AuthPrimitiveOptions, AuthenticationProvider, Credentials, CredentialsFn, CredentialsOptions, FederationBrokerOptions, FederationBrokerProviders, FederationClientOptions, FederationProfile, LinkAccountFn, LinkAccountOptions, OAuth2Options, OAuth2Profile, OidcOptions, ServerAuthProvider, SignAssertionOptions, TokenResponse, Tokens, UserinfoResponse, VerifiedAssertion, VerifyAssertionOptions, WithLinkFn, WithLoginFn, alephaServerAuthRoutes, assertionToProfile, authenticationProviderSchema, signAppleClientSecret, signFederationAssertion, tokenResponseSchema, tokensSchema, userinfoResponseSchema, verifyFederationAssertion };
1797
1896
  //# sourceMappingURL=index.d.ts.map