authhero 5.13.0 → 5.13.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/dist/authhero.cjs +103 -103
  2. package/dist/authhero.d.ts +205 -205
  3. package/dist/authhero.mjs +9358 -9346
  4. package/dist/stats.html +1 -1
  5. package/dist/tsconfig.types.tsbuildinfo +1 -1
  6. package/dist/types/authentication-flows/passwordless.d.ts +6 -6
  7. package/dist/types/helpers/service-token.d.ts +11 -1
  8. package/dist/types/index.d.ts +205 -205
  9. package/dist/types/routes/auth-api/index.d.ts +14 -14
  10. package/dist/types/routes/auth-api/passwordless.d.ts +12 -12
  11. package/dist/types/routes/management-api/connections.d.ts +16 -16
  12. package/dist/types/routes/management-api/index.d.ts +189 -189
  13. package/dist/types/routes/management-api/organizations.d.ts +1 -1
  14. package/dist/types/routes/universal-login/common.d.ts +8 -8
  15. package/dist/types/routes/universal-login/flow-api.d.ts +8 -8
  16. package/dist/types/routes/universal-login/identifier.d.ts +2 -2
  17. package/dist/types/routes/universal-login/index.d.ts +2 -2
  18. package/package.json +1 -1
package/dist/types/authentication-flows/passwordless.d.ts CHANGED
@@ -355,7 +355,7 @@ export declare function passwordlessGrantUser(ctx: Context<{
355
355
  active?: boolean | undefined;
356
356
  } | undefined;
357
357
  signup?: {
358
- status?: "optional" | "disabled" | "required" | undefined;
358
+ status?: "optional" | "required" | "disabled" | undefined;
359
359
  verification?: {
360
360
  active?: boolean | undefined;
361
361
  } | undefined;
@@ -372,7 +372,7 @@ export declare function passwordlessGrantUser(ctx: Context<{
372
372
  active?: boolean | undefined;
373
373
  } | undefined;
374
374
  signup?: {
375
- status?: "optional" | "disabled" | "required" | undefined;
375
+ status?: "optional" | "required" | "disabled" | undefined;
376
376
  } | undefined;
377
377
  validation?: {
378
378
  max_length?: number | undefined;
@@ -389,7 +389,7 @@ export declare function passwordlessGrantUser(ctx: Context<{
389
389
  active?: boolean | undefined;
390
390
  } | undefined;
391
391
  signup?: {
392
- status?: "optional" | "disabled" | "required" | undefined;
392
+ status?: "optional" | "required" | "disabled" | undefined;
393
393
  } | undefined;
394
394
  } | undefined;
395
395
  } | undefined;
@@ -446,7 +446,7 @@ export declare function passwordlessGrantUser(ctx: Context<{
446
446
  custom_login_page_preview?: string | undefined;
447
447
  form_template?: string | undefined;
448
448
  addons?: Record<string, any> | undefined;
449
- token_endpoint_auth_method?: "client_secret_post" | "client_secret_basic" | "none" | "client_secret_jwt" | "private_key_jwt" | undefined;
449
+ token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined;
450
450
  client_metadata?: Record<string, string> | undefined;
451
451
  hide_sign_up_disabled_error?: boolean | undefined;
452
452
  mobile?: Record<string, any> | undefined;
@@ -529,8 +529,8 @@ export declare function passwordlessGrantUser(ctx: Context<{
529
529
  } | undefined;
530
530
  authenticated_at?: string | undefined;
531
531
  };
532
- connectionType: "email" | "username" | "sms";
533
- authConnection: "email" | "username" | "sms";
532
+ connectionType: "email" | "sms" | "username";
533
+ authConnection: "email" | "sms" | "username";
534
534
  session_id: string | undefined;
535
535
  authParams: {
536
536
  client_id: string;
package/dist/types/helpers/service-token.d.ts CHANGED
@@ -58,6 +58,16 @@ export interface CreateClientServiceTokenParams {
58
58
  expiresInSeconds?: number;
59
59
  customClaims?: Record<string, unknown>;
60
60
  }
61
+ export interface CreateClientServiceTokenOptions {
62
+ /**
63
+ * When the client isn't found in the request tenant, resolve it against the
64
+ * configured control-plane tenant and mint there instead. Off by default so
65
+ * that the hook-facing token API (`createTokenAPI`) cannot reach across the
66
+ * tenant boundary into control-plane clients — only trusted internal callers
67
+ * (e.g. the auth service's own email/SMS senders) opt in.
68
+ */
69
+ allowControlPlaneFallback?: boolean;
70
+ }
61
71
  /**
62
72
  * In-process mint of a grant-bounded access token for a DB-registered M2M
63
73
  * client. The caller is trusted (running inside the Worker) so no client
@@ -71,5 +81,5 @@ export interface CreateClientServiceTokenParams {
71
81
  export declare function createClientServiceToken(ctx: Context<{
72
82
  Bindings: Bindings;
73
83
  Variables: Variables;
74
- }>, tenantId: string, params: CreateClientServiceTokenParams): Promise<ServiceTokenResponse>;
84
+ }>, tenantId: string, params: CreateClientServiceTokenParams, options?: CreateClientServiceTokenOptions): Promise<ServiceTokenResponse>;
75
85
  export { AUTH_SERVICE_CLIENT_ID };