authhero 4.97.0 → 4.99.0

package/dist/authhero.d.ts

@@ -103,6 +103,84 @@ export declare const actionInsertSchema: z.ZodObject<{
 	}[] | undefined;
 }>;
 export type ActionInsert = z.infer<typeof actionInsertSchema>;
+export declare const actionUpdateSchema: z.ZodObject<{
+	name: z.ZodOptional<z.ZodString>;
+	code: z.ZodOptional<z.ZodString>;
+	supported_triggers: z.ZodOptional<z.ZodOptional<z.ZodArray<z.ZodObject<{
+		id: z.ZodString;
+		version: z.ZodOptional<z.ZodString>;
+	}, "strip", z.ZodTypeAny, {
+		id: string;
+		version?: string | undefined;
+	}, {
+		id: string;
+		version?: string | undefined;
+	}>, "many">>>;
+	runtime: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+	dependencies: z.ZodOptional<z.ZodOptional<z.ZodArray<z.ZodObject<{
+		name: z.ZodString;
+		version: z.ZodString;
+	}, "strip", z.ZodTypeAny, {
+		version: string;
+		name: string;
+	}, {
+		version: string;
+		name: string;
+	}>, "many">>>;
+	secrets: z.ZodOptional<z.ZodOptional<z.ZodArray<z.ZodObject<{
+		name: z.ZodString;
+		value: z.ZodString;
+	}, "strip", z.ZodTypeAny, {
+		value: string;
+		name: string;
+	}, {
+		value: string;
+		name: string;
+	}>, "many">>>;
+} & {
+	status: z.ZodOptional<z.ZodEnum<[
+		"draft",
+		"built"
+	]>>;
+	deployed_at: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+	code?: string | undefined;
+	status?: "draft" | "built" | undefined;
+	name?: string | undefined;
+	supported_triggers?: {
+		id: string;
+		version?: string | undefined;
+	}[] | undefined;
+	runtime?: string | undefined;
+	dependencies?: {
+		version: string;
+		name: string;
+	}[] | undefined;
+	secrets?: {
+		value: string;
+		name: string;
+	}[] | undefined;
+	deployed_at?: string | undefined;
+}, {
+	code?: string | undefined;
+	status?: "draft" | "built" | undefined;
+	name?: string | undefined;
+	supported_triggers?: {
+		id: string;
+		version?: string | undefined;
+	}[] | undefined;
+	runtime?: string | undefined;
+	dependencies?: {
+		version: string;
+		name: string;
+	}[] | undefined;
+	secrets?: {
+		value: string;
+		name: string;
+	}[] | undefined;
+	deployed_at?: string | undefined;
+}>;
+export type ActionUpdate = z.infer<typeof actionUpdateSchema>;
 export declare const actionSchema: z.ZodObject<{
 	name: z.ZodString;
 	code: z.ZodString;
@@ -2477,7 +2555,7 @@ export declare const userSchema: z.ZodObject<{
 	}[] | undefined;
 }>;
 export type User = z.infer<typeof userSchema>;
-export declare const auth0UserResponseSchema: z.ZodObject<{
+export declare const auth0UserResponseSchema: z.ZodObject<Omit<{
 	user_id: z.ZodString;
 	provider: z.ZodString;
 	is_social: z.ZodBoolean;
@@ -2621,7 +2699,7 @@ export declare const auth0UserResponseSchema: z.ZodObject<{
 	last_ip: z.ZodOptional<z.ZodString>;
 	last_login: z.ZodOptional<z.ZodString>;
 	registration_completed_at: z.ZodOptional<z.ZodString>;
-}, "strip", z.ZodTypeAny, {
+}, "registration_completed_at">, "strip", z.ZodTypeAny, {
 	created_at: string;
 	updated_at: string;
 	connection: string;
@@ -2662,7 +2740,6 @@ export declare const auth0UserResponseSchema: z.ZodObject<{
 	verify_email?: boolean | undefined;
 	last_ip?: string | undefined;
 	last_login?: string | undefined;
-	registration_completed_at?: string | undefined;
 	identities?: {
 		connection: string;
 		user_id: string;
@@ -2727,7 +2804,6 @@ export declare const auth0UserResponseSchema: z.ZodObject<{
 	verify_email?: boolean | undefined;
 	last_ip?: string | undefined;
 	last_login?: string | undefined;
-	registration_completed_at?: string | undefined;
 	login_count?: number | undefined;
 	identities?: {
 		connection: string;
@@ -48610,7 +48686,7 @@ export interface ListActionsResponse extends Totals {
 export interface ActionsAdapter {
 	create: (tenant_id: string, action: ActionInsert) => Promise<Action>;
 	get: (tenant_id: string, action_id: string) => Promise<Action | null>;
-	update: (tenant_id: string, action_id: string, action: Partial<ActionInsert>) => Promise<boolean>;
+	update: (tenant_id: string, action_id: string, action: ActionUpdate) => Promise<boolean>;
 	remove: (tenant_id: string, action_id: string) => Promise<boolean>;
 	list: (tenant_id: string, params?: ListParams) => Promise<ListActionsResponse>;
 }
@@ -52370,31 +52446,58 @@ export declare function createInMemoryCache(config?: InMemoryCacheConfig): Cache
  * that occasionally lose tail work if the process exits.
  */
 export declare function waitUntil(ctx: Context, promise: Promise<unknown>): void;
-/**
- * Parameters for cleaning up expired sessions for a specific user
- */
 export interface UserSessionCleanupParams {
-	tenantId: string;
+	tenantId?: string;
 	userId?: string;
 }
 /**
- * Cleanup expired login_sessions, sessions, and refresh_tokens.
- * Can be scoped to a specific user.
- * This is designed to be called with waitUntil after creating a new login session.
- *
- * Usage:
- * ```typescript
- * import { waitUntil } from "./wait-until";
- * import { cleanupUserSessions } from "./user-session-cleanup";
- *
- * // After creating a login session
- * waitUntil(ctx, cleanupUserSessions(ctx, { tenantId, userId }));
- * ```
+ * Context-free session cleanup for use in scheduled handlers / cron jobs.
+ * Deletes expired login_sessions, sessions, and refresh_tokens, optionally
+ * scoped to a tenant and/or user.
+ */
+export declare function cleanupSessions(data: DataAdapters, params?: UserSessionCleanupParams): Promise<void>;
+/**
+ * Per-request wrapper around cleanupSessions. Designed to be called with
+ * waitUntil after creating a new login session.
  */
 export declare function cleanupUserSessions(ctx: Context<{
 	Bindings: Bindings;
 	Variables: Variables;
 }>, params: UserSessionCleanupParams): Promise<void>;
+/**
+ * Interface for outbox event destinations.
+ * Each destination transforms audit events into its own format and delivers them.
+ *
+ * Destinations may implement `accepts(event)` to filter which events they
+ * handle (e.g. the logs destination only accepts log-shaped events, while a
+ * webhook destination only accepts `hook.*` events). If `accepts` is absent,
+ * the destination receives every event.
+ */
+export interface EventDestination {
+	name: string;
+	accepts?(event: AuditEvent): boolean;
+	transform(event: AuditEvent): unknown;
+	deliver(events: unknown[]): Promise<void>;
+}
+/**
+ * Drain unprocessed events from the outbox and deliver to all destinations.
+ * Intended for cron/scheduled use to sweep up events that failed per-request processing.
+ * Uses claim mechanism for safe multi-worker execution.
+ */
+export declare function drainOutbox(outbox: OutboxAdapter, destinations: EventDestination[], options?: {
+	batchSize?: number;
+	maxRetries?: number;
+	retentionDays?: number;
+}): Promise<void>;
+export interface OutboxCleanupParams {
+	/** Days to keep processed (and dead-lettered) events. Defaults to 7. */
+	retentionDays?: number;
+}
+/**
+ * Delete processed outbox events older than the retention window.
+ * Intended for use in a scheduled handler / cron job.
+ */
+export declare function cleanupOutbox(outbox: OutboxAdapter, params?: OutboxCleanupParams): Promise<number>;
 /**
  * Options for the entity hooks wrapper
  */
@@ -52660,6 +52763,53 @@ export declare class LocalCodeExecutor implements CodeExecutor {
 		timeoutMs?: number;
 	}): Promise<CodeExecutionResult>;
 }
+/**
+ * Worker Loader binding type (Cloudflare Dynamic Workers).
+ * Configure in wrangler.toml:
+ *   [[worker_loaders]]
+ *   binding = "LOADER"
+ */
+export interface WorkerLoader {
+	load(code: WorkerCode): WorkerStub;
+	get(id: string, callback: () => Promise<WorkerCode>): WorkerStub;
+}
+export interface WorkerCode {
+	compatibilityDate: string;
+	mainModule: string;
+	modules: Record<string, string>;
+	globalOutbound?: null;
+}
+export interface WorkerStub {
+	getEntrypoint(): {
+		fetch(request: Request): Promise<Response>;
+	};
+}
+export interface CloudflareCodeExecutorOptions {
+	loader: WorkerLoader;
+	compatibilityDate?: string;
+}
+/**
+ * Cloudflare Dynamic Workers code executor.
+ * Spins up isolated Workers on demand via the Worker Loader binding
+ * to execute user-authored hook code in a sandboxed environment.
+ *
+ * Uses `env.LOADER.get(id, callback)` to cache workers by hookCodeId + code hash,
+ * so the same code stays warm across requests while code updates get a fresh worker.
+ * Network access is blocked via `globalOutbound: null`.
+ */
+export declare class CloudflareCodeExecutor implements CodeExecutor {
+	private loader;
+	private compatibilityDate;
+	constructor(options: CloudflareCodeExecutorOptions);
+	execute(params: {
+		code: string;
+		hookCodeId?: string;
+		triggerId: string;
+		event: Record<string, unknown>;
+		timeoutMs?: number;
+		cpuLimitMs?: number;
+	}): Promise<CodeExecutionResult>;
+}
 export declare function init(config: AuthHeroConfig): {
 	app: OpenAPIHono<{
 		Bindings: Bindings;
@@ -62001,7 +62151,6 @@ export declare function init(config: AuthHeroConfig): {
 					verify_email?: boolean | undefined | undefined;
 					last_ip?: string | undefined | undefined;
 					last_login?: string | undefined | undefined;
-					registration_completed_at?: string | undefined | undefined;
 					identities?: {
 						connection: string;
 						user_id: string;
@@ -62072,7 +62221,6 @@ export declare function init(config: AuthHeroConfig): {
 						verify_email?: boolean | undefined | undefined;
 						last_ip?: string | undefined | undefined;
 						last_login?: string | undefined | undefined;
-						registration_completed_at?: string | undefined | undefined;
 						identities?: {
 							connection: string;
 							user_id: string;
@@ -62158,7 +62306,6 @@ export declare function init(config: AuthHeroConfig): {
 					verify_email?: boolean | undefined | undefined;
 					last_ip?: string | undefined | undefined;
 					last_login?: string | undefined | undefined;
-					registration_completed_at?: string | undefined | undefined;
 					identities?: {
 						connection: string;
 						user_id: string;
@@ -62297,7 +62444,6 @@ export declare function init(config: AuthHeroConfig): {
 					verify_email?: boolean | undefined | undefined;
 					last_ip?: string | undefined | undefined;
 					last_login?: string | undefined | undefined;
-					registration_completed_at?: string | undefined | undefined;
 					identities?: {
 						connection: string;
 						user_id: string;
@@ -62491,7 +62637,6 @@ export declare function init(config: AuthHeroConfig): {
 					verify_email?: boolean | undefined | undefined;
 					last_ip?: string | undefined | undefined;
 					last_login?: string | undefined | undefined;
-					registration_completed_at?: string | undefined | undefined;
 					identities?: {
 						connection: string;
 						user_id: string;
@@ -65089,10 +65234,10 @@ export declare function init(config: AuthHeroConfig): {
 					locale?: string | undefined;
 					profile?: string | undefined;
 					address?: {
+						region?: string | undefined;
 						formatted?: string | undefined;
 						street_address?: string | undefined;
 						locality?: string | undefined;
-						region?: string | undefined;
 						postal_code?: string | undefined;
 						country?: string | undefined;
 					} | undefined;
@@ -65130,10 +65275,10 @@ export declare function init(config: AuthHeroConfig): {
 					locale?: string | undefined;
 					profile?: string | undefined;
 					address?: {
+						region?: string | undefined;
 						formatted?: string | undefined;
 						street_address?: string | undefined;
 						locality?: string | undefined;
-						region?: string | undefined;
 						postal_code?: string | undefined;
 						country?: string | undefined;
 					} | undefined;