authhero 5.14.0 → 5.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (42) hide show
  1. package/dist/assets/u/widget/index.esm.js +1 -1
  2. package/dist/authhero.cjs +107 -107
  3. package/dist/authhero.d.ts +239 -218
  4. package/dist/authhero.mjs +8465 -8305
  5. package/dist/stats.html +1 -1
  6. package/dist/tsconfig.types.tsbuildinfo +1 -1
  7. package/dist/types/adapters/createEncryptedDataAdapter.d.ts +4 -0
  8. package/dist/types/authentication-flows/password.d.ts +1 -1
  9. package/dist/types/authentication-flows/passwordless.d.ts +4 -3
  10. package/dist/types/emails/index.d.ts +1 -1
  11. package/dist/types/helpers/client.d.ts +1 -0
  12. package/dist/types/helpers/dcr/metadata-mapping.d.ts +1 -1
  13. package/dist/types/index.d.ts +234 -218
  14. package/dist/types/routes/auth-api/index.d.ts +23 -23
  15. package/dist/types/routes/auth-api/passwordless.d.ts +10 -10
  16. package/dist/types/routes/auth-api/register/index.d.ts +2 -2
  17. package/dist/types/routes/auth-api/token.d.ts +10 -10
  18. package/dist/types/routes/auth-api/well-known.d.ts +1 -1
  19. package/dist/types/routes/management-api/action-executions.d.ts +1 -1
  20. package/dist/types/routes/management-api/authentication-methods.d.ts +1 -1
  21. package/dist/types/routes/management-api/clients.d.ts +7 -7
  22. package/dist/types/routes/management-api/connections.d.ts +1 -1
  23. package/dist/types/routes/management-api/custom-domains.d.ts +6 -6
  24. package/dist/types/routes/management-api/email-templates.d.ts +14 -14
  25. package/dist/types/routes/management-api/forms.d.ts +119 -119
  26. package/dist/types/routes/management-api/guardian.d.ts +5 -5
  27. package/dist/types/routes/management-api/hooks.d.ts +24 -24
  28. package/dist/types/routes/management-api/index.d.ts +189 -189
  29. package/dist/types/routes/management-api/logs.d.ts +3 -3
  30. package/dist/types/routes/management-api/organizations.d.ts +2 -2
  31. package/dist/types/routes/management-api/prompts.d.ts +4 -4
  32. package/dist/types/routes/management-api/tenants.d.ts +3 -0
  33. package/dist/types/routes/management-api/users.d.ts +2 -2
  34. package/dist/types/routes/universal-login/common.d.ts +6 -2
  35. package/dist/types/routes/universal-login/error-page.d.ts +2 -1
  36. package/dist/types/routes/universal-login/flow-api.d.ts +8 -8
  37. package/dist/types/routes/universal-login/u2-index.d.ts +22 -6
  38. package/dist/types/routes/universal-login/u2-routes.d.ts +22 -6
  39. package/dist/types/state-machines/login-session.d.ts +1 -1
  40. package/dist/types/utils/jwks.d.ts +2 -2
  41. package/dist/types/variables.d.ts +1 -1
  42. package/package.json +5 -5
package/dist/types/adapters/createEncryptedDataAdapter.d.ts CHANGED
@@ -9,6 +9,10 @@ import { DataAdapters } from "@authhero/adapter-interfaces";
9
9
  * email_providers.credentials, authentication_methods.totp_secret,
10
10
  * migration_sources.credentials.client_secret.
11
11
  *
12
+ * clientConnections.listByClient is also wrapped so its returned Connection
13
+ * objects are decrypted — getEnrichedClient uses this path to load connections
14
+ * for the OAuth strategies.
15
+ *
12
16
  * Private keys (keys.pkcs7, dkim_private_key) are intentionally NOT covered.
13
17
  */
14
18
  export declare function createEncryptedDataAdapter(data: DataAdapters, key: CryptoKey): DataAdapters;
package/dist/types/authentication-flows/password.d.ts CHANGED
@@ -21,4 +21,4 @@ export declare function changePassword(ctx: Context<{
21
21
  export declare function requestPasswordReset(ctx: Context<{
22
22
  Bindings: Bindings;
23
23
  Variables: Variables;
24
- }>, client: EnrichedClient, email: string, state: string, verification_method?: "link" | "code"): Promise<void>;
24
+ }>, client: EnrichedClient, email: string, state: string, verification_method?: "link" | "code", routePrefix?: string): Promise<void>;
package/dist/types/authentication-flows/passwordless.d.ts CHANGED
@@ -192,6 +192,7 @@ export declare function passwordlessGrantUser(ctx: Context<{
192
192
  trust_azure_adfs_email_verified_connection_property?: boolean | undefined;
193
193
  use_scope_descriptions_for_consent?: boolean | undefined;
194
194
  inherit_global_permissions_in_organizations?: boolean | undefined;
195
+ restrict_undefined_scopes?: boolean | undefined;
195
196
  } | undefined;
196
197
  sandbox_version?: string | undefined;
197
198
  legacy_sandbox_version?: string | undefined;
@@ -447,7 +448,7 @@ export declare function passwordlessGrantUser(ctx: Context<{
447
448
  custom_login_page_preview?: string | undefined;
448
449
  form_template?: string | undefined;
449
450
  addons?: Record<string, any> | undefined;
450
- token_endpoint_auth_method?: "none" | "private_key_jwt" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | undefined;
451
+ token_endpoint_auth_method?: "none" | "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt" | undefined;
451
452
  client_metadata?: Record<string, string> | undefined;
452
453
  hide_sign_up_disabled_error?: boolean | undefined;
453
454
  mobile?: Record<string, any> | undefined;
@@ -530,8 +531,8 @@ export declare function passwordlessGrantUser(ctx: Context<{
530
531
  } | undefined;
531
532
  authenticated_at?: string | undefined;
532
533
  };
533
- connectionType: "sms" | "email" | "username";
534
- authConnection: "sms" | "email" | "username";
534
+ connectionType: "username" | "email" | "sms";
535
+ authConnection: "username" | "email" | "sms";
535
536
  session_id: string | undefined;
536
537
  authParams: {
537
538
  client_id: string;
package/dist/types/emails/index.d.ts CHANGED
@@ -27,7 +27,7 @@ export declare function sendSms(ctx: Context<{
27
27
  export declare function sendResetPassword(ctx: Context<{
28
28
  Bindings: Bindings;
29
29
  Variables: Variables;
30
- }>, to: string, code: string, state?: string, language?: string): Promise<void>;
30
+ }>, to: string, code: string, state?: string, language?: string, routePrefix?: string): Promise<void>;
31
31
  export declare function sendResetPasswordCode(ctx: Context<{
32
32
  Bindings: Bindings;
33
33
  Variables: Variables;
package/dist/types/helpers/client.d.ts CHANGED
@@ -198,6 +198,7 @@ export declare const enrichedClientSchema: z.ZodObject<{
198
198
  trust_azure_adfs_email_verified_connection_property: z.ZodOptional<z.ZodBoolean>;
199
199
  use_scope_descriptions_for_consent: z.ZodOptional<z.ZodBoolean>;
200
200
  inherit_global_permissions_in_organizations: z.ZodOptional<z.ZodBoolean>;
201
+ restrict_undefined_scopes: z.ZodOptional<z.ZodBoolean>;
201
202
  }, z.core.$strip>>;
202
203
  sandbox_version: z.ZodOptional<z.ZodString>;
203
204
  legacy_sandbox_version: z.ZodOptional<z.ZodString>;
package/dist/types/helpers/dcr/metadata-mapping.d.ts CHANGED
@@ -24,10 +24,10 @@ export declare const dcrRequestSchema: z.ZodObject<{
24
24
  response_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
25
25
  token_endpoint_auth_method: z.ZodOptional<z.ZodEnum<{
26
26
  none: "none";
27
- private_key_jwt: "private_key_jwt";
28
27
  client_secret_post: "client_secret_post";
29
28
  client_secret_basic: "client_secret_basic";
30
29
  client_secret_jwt: "client_secret_jwt";
30
+ private_key_jwt: "private_key_jwt";
31
31
  }>>;
32
32
  jwks_uri: z.ZodOptional<z.ZodString>;
33
33
  jwks: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;