authhero 4.101.1 → 4.103.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/README.md +24 -25
  2. package/dist/authhero.cjs +87 -87
  3. package/dist/authhero.d.ts +127 -34
  4. package/dist/authhero.mjs +9217 -9071
  5. package/dist/stats.html +1 -1
  6. package/package.json +4 -4
package/README.md CHANGED
@@ -110,49 +110,48 @@ const dataAdapter = {
110
110
  const { app } = init({ dataAdapter });
111
111
  ```
112
112
 
113
- ## Outbox: draining from a cron / scheduled handler
113
+ ## Outbox relay in cron
114
114
 
115
115
  Authhero uses a transactional outbox to deliver audit events and webhook
116
116
  dispatches. Events are delivered per-request by default, but you should also
117
- run `drainOutbox` on a schedule as a safety net for events that failed
117
+ sweep the outbox on a schedule as a safety net for events that failed
118
118
  in-request delivery (e.g. a transient webhook 5xx).
119
119
 
120
- Use `createDefaultDestinations` to get the exact same set of destinations the
121
- in-request middleware uses that way the cron drain and the per-request
122
- dispatcher stay in lock-step (hook.\* filtering, retry semantics, the
123
- `registration_completed_at` finalizer, etc.):
120
+ Use `runOutboxRelay` as the entire body of your scheduled handler — it
121
+ builds the same destination array the inline dispatcher uses, mints
122
+ per-tenant `auth-service` tokens via the same in-process path, runs
123
+ `drainOutbox`, and then `cleanupOutbox`:
124
124
 
125
125
  ```ts
126
- import {
127
- createDefaultDestinations,
128
- drainOutbox,
129
- cleanupOutbox,
130
- } from "authhero";
126
+ import { runOutboxRelay } from "authhero";
131
127
 
132
128
  // Cloudflare Workers scheduled handler (one per cron trigger)
133
129
  export default {
134
130
  async scheduled(_event, env) {
135
- const destinations = createDefaultDestinations({
131
+ await runOutboxRelay({
136
132
  dataAdapter,
137
- // Called per tenant when draining hook.* events. Return a Bearer
138
- // access token that your webhook endpoints will accept.
139
- getServiceToken: async (tenantId) =>
140
- (await mintServiceToken(tenantId, "webhook")).access_token,
133
+ issuer: env.ISSUER,
134
+ webhookInvoker, // same function passed to init()
135
+ retentionDays: 7,
141
136
  });
142
-
143
- await drainOutbox(dataAdapter.outbox, destinations);
144
- await cleanupOutbox(dataAdapter.outbox, { retentionDays: 7 });
145
137
  },
146
138
  };
147
139
  ```
148
140
 
149
- `getServiceToken` is optional: omit it if your cron only needs to sweep up
150
- log events. When omitted, `hook.*` events are left in the outbox for a later
151
- run that does provide a token.
141
+ Passing the same `webhookInvoker` you pass to `init()` is important: without
142
+ it, cron-drained `hook.*` events would bypass any custom payload shaping,
143
+ auth headers, or non-HTTP transports your invoker implements, and diverge
144
+ silently from per-request deliveries.
145
+
146
+ ### Lower-level escape hatches
152
147
 
153
- If you need something custom, the underlying classes are also exported:
154
- `LogsDestination`, `WebhookDestination`, `RegistrationFinalizerDestination`,
155
- and the `EventDestination` interface.
148
+ If you need something custom, `drainOutbox`, `cleanupOutbox`, and
149
+ `createDefaultDestinations` are also exported. `createDefaultDestinations`
150
+ accepts the same optional `webhookInvoker` so you can wire up invoker
151
+ parity without the full one-call wrapper. The underlying destination
152
+ classes (`LogsDestination`, `WebhookDestination`,
153
+ `RegistrationFinalizerDestination`) and the `EventDestination` interface
154
+ are also public.
156
155
 
157
156
  ## Contributing
158
157