authhero 5.19.0 → 5.21.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/assets/u/widget/index.esm.js +1 -1
- package/dist/authhero.cjs +2701 -107
- package/dist/authhero.d.ts +310 -77
- package/dist/authhero.mjs +7366 -7036
- package/dist/stats.html +1 -1
- package/dist/tsconfig.types.tsbuildinfo +1 -1
- package/dist/types/authentication-flows/common.d.ts +8 -0
- package/dist/types/authentication-flows/passwordless.d.ts +12 -3
- package/dist/types/authentication-flows/token-exchange.d.ts +19 -0
- package/dist/types/emails/defaults/BlockedAccount.d.ts +1 -0
- package/dist/types/emails/defaults/ChangePassword.d.ts +6 -0
- package/dist/types/emails/defaults/EnrollmentEmail.d.ts +1 -0
- package/dist/types/emails/defaults/MfaOobCode.d.ts +1 -0
- package/dist/types/emails/defaults/PasswordReset.d.ts +5 -0
- package/dist/types/emails/defaults/StolenCredentials.d.ts +1 -0
- package/dist/types/emails/index.d.ts +21 -1
- package/dist/types/helpers/client.d.ts +20 -0
- package/dist/types/helpers/dcr/metadata-mapping.d.ts +2 -2
- package/dist/types/helpers/scopes-permissions.d.ts +1 -1
- package/dist/types/index.d.ts +243 -74
- package/dist/types/provisioning/index.d.ts +2 -0
- package/dist/types/provisioning/noop-provisioner.d.ts +11 -0
- package/dist/types/provisioning/provisioner.d.ts +25 -0
- package/dist/types/routes/auth-api/index.d.ts +129 -19
- package/dist/types/routes/auth-api/passwordless.d.ts +10 -10
- package/dist/types/routes/auth-api/register/index.d.ts +2 -2
- package/dist/types/routes/auth-api/revoke.d.ts +6 -6
- package/dist/types/routes/auth-api/token.d.ts +110 -0
- package/dist/types/routes/auth-api/well-known.d.ts +1 -1
- package/dist/types/routes/management-api/action-executions.d.ts +1 -1
- package/dist/types/routes/management-api/actions.d.ts +1 -1
- package/dist/types/routes/management-api/authentication-methods.d.ts +1 -1
- package/dist/types/routes/management-api/client-grants.d.ts +8 -8
- package/dist/types/routes/management-api/clients.d.ts +7 -7
- package/dist/types/routes/management-api/custom-domains.d.ts +7 -7
- package/dist/types/routes/management-api/email-templates.d.ts +58 -1
- package/dist/types/routes/management-api/failed-events.d.ts +1 -1
- package/dist/types/routes/management-api/guardian.d.ts +5 -5
- package/dist/types/routes/management-api/hook-code.d.ts +2 -2
- package/dist/types/routes/management-api/index.d.ts +106 -49
- package/dist/types/routes/management-api/logs.d.ts +3 -3
- package/dist/types/routes/management-api/migration-sources.d.ts +6 -6
- package/dist/types/routes/management-api/prompts.d.ts +4 -4
- package/dist/types/routes/management-api/tenants.d.ts +27 -0
- package/dist/types/routes/management-api/users.d.ts +2 -2
- package/dist/types/routes/universal-login/common.d.ts +38 -2
- package/dist/types/routes/universal-login/u2-index.d.ts +6 -6
- package/dist/types/routes/universal-login/u2-routes.d.ts +6 -6
- package/dist/types/types/AuthHeroConfig.d.ts +12 -0
- package/dist/types/types/GrantFlowResult.d.ts +8 -0
- package/dist/types/utils/jwks.d.ts +2 -2
- package/dist/types/utils/jwt.d.ts +4 -0
- package/package.json +5 -5
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import type { Tenant } from "@authhero/adapter-interfaces";
|
|
2
|
+
import type { TenantProvisioner, TenantProvisionerContext } from "./provisioner";
|
|
3
|
+
/**
|
|
4
|
+
* Default provisioner. Flips `provisioning_state` to `"ready"` and clears any
|
|
5
|
+
* prior error, doing nothing else. Correct for `deployment_type: "shared"`
|
|
6
|
+
* tenants (the historical default) and useful as a stand-in until the
|
|
7
|
+
* Cloudflare WFP provisioner is wired in.
|
|
8
|
+
*/
|
|
9
|
+
export declare class NoopTenantProvisioner implements TenantProvisioner {
|
|
10
|
+
provision(tenant: Tenant, ctx: TenantProvisionerContext): Promise<void>;
|
|
11
|
+
}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
import type { Tenant, TenantsDataAdapter } from "@authhero/adapter-interfaces";
|
|
2
|
+
export interface TenantProvisionerContext {
|
|
3
|
+
tenants: TenantsDataAdapter;
|
|
4
|
+
}
|
|
5
|
+
/**
|
|
6
|
+
* Drives a tenant from `provisioning_state: "pending"` to `"ready"` or
|
|
7
|
+
* `"failed"`. Owns whatever side effects are required to make the tenant
|
|
8
|
+
* actually serve traffic — creating a D1, uploading a worker to a dispatch
|
|
9
|
+
* namespace, wiring secrets, etc. — and writes the resulting state back via
|
|
10
|
+
* `ctx.tenants.update(...)`.
|
|
11
|
+
*
|
|
12
|
+
* Contract:
|
|
13
|
+
* - Implementations MUST be idempotent. The same tenant may be passed in
|
|
14
|
+
* twice if a previous run crashed mid-flight, the API is retried, or an
|
|
15
|
+
* operator manually re-triggers provisioning.
|
|
16
|
+
* - `provision()` MUST resolve (not reject) even on failure. Errors should
|
|
17
|
+
* be captured into `provisioning_error` and the state set to `"failed"`
|
|
18
|
+
* so the admin UI can render a useful message.
|
|
19
|
+
* - `provision()` should be safe to schedule via `ctx.executionCtx.waitUntil`
|
|
20
|
+
* on Cloudflare Workers — it must not depend on the originating request
|
|
21
|
+
* surviving.
|
|
22
|
+
*/
|
|
23
|
+
export interface TenantProvisioner {
|
|
24
|
+
provision(tenant: Tenant, ctx: TenantProvisionerContext): Promise<void>;
|
|
25
|
+
}
|
|
@@ -288,7 +288,7 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
288
288
|
scope?: string | undefined;
|
|
289
289
|
grant_types?: string[] | undefined;
|
|
290
290
|
response_types?: string[] | undefined;
|
|
291
|
-
token_endpoint_auth_method?: "
|
|
291
|
+
token_endpoint_auth_method?: "client_secret_post" | "client_secret_basic" | "none" | "client_secret_jwt" | "private_key_jwt" | undefined;
|
|
292
292
|
jwks_uri?: string | undefined;
|
|
293
293
|
jwks?: Record<string, unknown> | undefined;
|
|
294
294
|
software_id?: string | undefined;
|
|
@@ -377,7 +377,7 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
377
377
|
scope?: string | undefined;
|
|
378
378
|
grant_types?: string[] | undefined;
|
|
379
379
|
response_types?: string[] | undefined;
|
|
380
|
-
token_endpoint_auth_method?: "
|
|
380
|
+
token_endpoint_auth_method?: "client_secret_post" | "client_secret_basic" | "none" | "client_secret_jwt" | "private_key_jwt" | undefined;
|
|
381
381
|
jwks_uri?: string | undefined;
|
|
382
382
|
jwks?: Record<string, unknown> | undefined;
|
|
383
383
|
software_id?: string | undefined;
|
|
@@ -723,20 +723,20 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
723
723
|
email: string;
|
|
724
724
|
send: "code" | "link";
|
|
725
725
|
authParams: {
|
|
726
|
-
username?: string | undefined;
|
|
727
|
-
state?: string | undefined;
|
|
728
726
|
audience?: string | undefined;
|
|
729
727
|
response_type?: import("@authhero/adapter-interfaces").AuthorizationResponseType | undefined;
|
|
730
728
|
response_mode?: import("@authhero/adapter-interfaces").AuthorizationResponseMode | undefined;
|
|
731
729
|
scope?: string | undefined;
|
|
730
|
+
username?: string | undefined;
|
|
731
|
+
state?: string | undefined;
|
|
732
|
+
prompt?: string | undefined;
|
|
733
|
+
ui_locales?: string | undefined;
|
|
732
734
|
organization?: string | undefined;
|
|
733
|
-
nonce?: string | undefined;
|
|
734
735
|
redirect_uri?: string | undefined;
|
|
735
736
|
act_as?: string | undefined;
|
|
736
|
-
|
|
737
|
+
nonce?: string | undefined;
|
|
737
738
|
code_challenge_method?: import("@authhero/adapter-interfaces").CodeChallengeMethod | undefined;
|
|
738
739
|
code_challenge?: string | undefined;
|
|
739
|
-
ui_locales?: string | undefined;
|
|
740
740
|
max_age?: number | undefined;
|
|
741
741
|
acr_values?: string | undefined;
|
|
742
742
|
claims?: {
|
|
@@ -759,20 +759,20 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
759
759
|
phone_number: string;
|
|
760
760
|
send: "code" | "link";
|
|
761
761
|
authParams: {
|
|
762
|
-
username?: string | undefined;
|
|
763
|
-
state?: string | undefined;
|
|
764
762
|
audience?: string | undefined;
|
|
765
763
|
response_type?: import("@authhero/adapter-interfaces").AuthorizationResponseType | undefined;
|
|
766
764
|
response_mode?: import("@authhero/adapter-interfaces").AuthorizationResponseMode | undefined;
|
|
767
765
|
scope?: string | undefined;
|
|
766
|
+
username?: string | undefined;
|
|
767
|
+
state?: string | undefined;
|
|
768
|
+
prompt?: string | undefined;
|
|
769
|
+
ui_locales?: string | undefined;
|
|
768
770
|
organization?: string | undefined;
|
|
769
|
-
nonce?: string | undefined;
|
|
770
771
|
redirect_uri?: string | undefined;
|
|
771
772
|
act_as?: string | undefined;
|
|
772
|
-
|
|
773
|
+
nonce?: string | undefined;
|
|
773
774
|
code_challenge_method?: import("@authhero/adapter-interfaces").CodeChallengeMethod | undefined;
|
|
774
775
|
code_challenge?: string | undefined;
|
|
775
|
-
ui_locales?: string | undefined;
|
|
776
776
|
max_age?: number | undefined;
|
|
777
777
|
acr_values?: string | undefined;
|
|
778
778
|
claims?: {
|
|
@@ -903,14 +903,14 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
903
903
|
input: {
|
|
904
904
|
form: {
|
|
905
905
|
token: string;
|
|
906
|
-
token_type_hint?: "
|
|
906
|
+
token_type_hint?: "access_token" | "refresh_token" | undefined;
|
|
907
907
|
client_id?: string | undefined;
|
|
908
908
|
client_secret?: string | undefined;
|
|
909
909
|
};
|
|
910
910
|
} & {
|
|
911
911
|
json: {
|
|
912
912
|
token: string;
|
|
913
|
-
token_type_hint?: "
|
|
913
|
+
token_type_hint?: "access_token" | "refresh_token" | undefined;
|
|
914
914
|
client_id?: string | undefined;
|
|
915
915
|
client_secret?: string | undefined;
|
|
916
916
|
};
|
|
@@ -922,14 +922,14 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
922
922
|
input: {
|
|
923
923
|
form: {
|
|
924
924
|
token: string;
|
|
925
|
-
token_type_hint?: "
|
|
925
|
+
token_type_hint?: "access_token" | "refresh_token" | undefined;
|
|
926
926
|
client_id?: string | undefined;
|
|
927
927
|
client_secret?: string | undefined;
|
|
928
928
|
};
|
|
929
929
|
} & {
|
|
930
930
|
json: {
|
|
931
931
|
token: string;
|
|
932
|
-
token_type_hint?: "
|
|
932
|
+
token_type_hint?: "access_token" | "refresh_token" | undefined;
|
|
933
933
|
client_id?: string | undefined;
|
|
934
934
|
client_secret?: string | undefined;
|
|
935
935
|
};
|
|
@@ -944,14 +944,14 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
944
944
|
input: {
|
|
945
945
|
form: {
|
|
946
946
|
token: string;
|
|
947
|
-
token_type_hint?: "
|
|
947
|
+
token_type_hint?: "access_token" | "refresh_token" | undefined;
|
|
948
948
|
client_id?: string | undefined;
|
|
949
949
|
client_secret?: string | undefined;
|
|
950
950
|
};
|
|
951
951
|
} & {
|
|
952
952
|
json: {
|
|
953
953
|
token: string;
|
|
954
|
-
token_type_hint?: "
|
|
954
|
+
token_type_hint?: "access_token" | "refresh_token" | undefined;
|
|
955
955
|
client_id?: string | undefined;
|
|
956
956
|
client_secret?: string | undefined;
|
|
957
957
|
};
|
|
@@ -1002,6 +1002,17 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
1002
1002
|
username: string;
|
|
1003
1003
|
otp: string;
|
|
1004
1004
|
realm: "sms" | "email";
|
|
1005
|
+
} | {
|
|
1006
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
1007
|
+
subject_token: string;
|
|
1008
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
1009
|
+
organization: string;
|
|
1010
|
+
audience?: string | undefined;
|
|
1011
|
+
scope?: string | undefined;
|
|
1012
|
+
client_id?: string | undefined;
|
|
1013
|
+
client_secret?: string | undefined;
|
|
1014
|
+
client_assertion?: string | undefined;
|
|
1015
|
+
client_assertion_type?: string | undefined;
|
|
1005
1016
|
};
|
|
1006
1017
|
} & {
|
|
1007
1018
|
json: {
|
|
@@ -1038,6 +1049,17 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
1038
1049
|
username: string;
|
|
1039
1050
|
otp: string;
|
|
1040
1051
|
realm: "sms" | "email";
|
|
1052
|
+
} | {
|
|
1053
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
1054
|
+
subject_token: string;
|
|
1055
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
1056
|
+
organization: string;
|
|
1057
|
+
audience?: string | undefined;
|
|
1058
|
+
scope?: string | undefined;
|
|
1059
|
+
client_id?: string | undefined;
|
|
1060
|
+
client_secret?: string | undefined;
|
|
1061
|
+
client_assertion?: string | undefined;
|
|
1062
|
+
client_assertion_type?: string | undefined;
|
|
1041
1063
|
};
|
|
1042
1064
|
};
|
|
1043
1065
|
output: {};
|
|
@@ -1079,6 +1101,17 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
1079
1101
|
username: string;
|
|
1080
1102
|
otp: string;
|
|
1081
1103
|
realm: "sms" | "email";
|
|
1104
|
+
} | {
|
|
1105
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
1106
|
+
subject_token: string;
|
|
1107
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
1108
|
+
organization: string;
|
|
1109
|
+
audience?: string | undefined;
|
|
1110
|
+
scope?: string | undefined;
|
|
1111
|
+
client_id?: string | undefined;
|
|
1112
|
+
client_secret?: string | undefined;
|
|
1113
|
+
client_assertion?: string | undefined;
|
|
1114
|
+
client_assertion_type?: string | undefined;
|
|
1082
1115
|
};
|
|
1083
1116
|
} & {
|
|
1084
1117
|
json: {
|
|
@@ -1115,6 +1148,17 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
1115
1148
|
username: string;
|
|
1116
1149
|
otp: string;
|
|
1117
1150
|
realm: "sms" | "email";
|
|
1151
|
+
} | {
|
|
1152
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
1153
|
+
subject_token: string;
|
|
1154
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
1155
|
+
organization: string;
|
|
1156
|
+
audience?: string | undefined;
|
|
1157
|
+
scope?: string | undefined;
|
|
1158
|
+
client_id?: string | undefined;
|
|
1159
|
+
client_secret?: string | undefined;
|
|
1160
|
+
client_assertion?: string | undefined;
|
|
1161
|
+
client_assertion_type?: string | undefined;
|
|
1118
1162
|
};
|
|
1119
1163
|
};
|
|
1120
1164
|
output: {
|
|
@@ -1164,6 +1208,17 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
1164
1208
|
username: string;
|
|
1165
1209
|
otp: string;
|
|
1166
1210
|
realm: "sms" | "email";
|
|
1211
|
+
} | {
|
|
1212
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
1213
|
+
subject_token: string;
|
|
1214
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
1215
|
+
organization: string;
|
|
1216
|
+
audience?: string | undefined;
|
|
1217
|
+
scope?: string | undefined;
|
|
1218
|
+
client_id?: string | undefined;
|
|
1219
|
+
client_secret?: string | undefined;
|
|
1220
|
+
client_assertion?: string | undefined;
|
|
1221
|
+
client_assertion_type?: string | undefined;
|
|
1167
1222
|
};
|
|
1168
1223
|
} & {
|
|
1169
1224
|
json: {
|
|
@@ -1200,6 +1255,17 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
1200
1255
|
username: string;
|
|
1201
1256
|
otp: string;
|
|
1202
1257
|
realm: "sms" | "email";
|
|
1258
|
+
} | {
|
|
1259
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
1260
|
+
subject_token: string;
|
|
1261
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
1262
|
+
organization: string;
|
|
1263
|
+
audience?: string | undefined;
|
|
1264
|
+
scope?: string | undefined;
|
|
1265
|
+
client_id?: string | undefined;
|
|
1266
|
+
client_secret?: string | undefined;
|
|
1267
|
+
client_assertion?: string | undefined;
|
|
1268
|
+
client_assertion_type?: string | undefined;
|
|
1203
1269
|
};
|
|
1204
1270
|
};
|
|
1205
1271
|
output: {
|
|
@@ -1244,6 +1310,17 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
1244
1310
|
username: string;
|
|
1245
1311
|
otp: string;
|
|
1246
1312
|
realm: "sms" | "email";
|
|
1313
|
+
} | {
|
|
1314
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
1315
|
+
subject_token: string;
|
|
1316
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
1317
|
+
organization: string;
|
|
1318
|
+
audience?: string | undefined;
|
|
1319
|
+
scope?: string | undefined;
|
|
1320
|
+
client_id?: string | undefined;
|
|
1321
|
+
client_secret?: string | undefined;
|
|
1322
|
+
client_assertion?: string | undefined;
|
|
1323
|
+
client_assertion_type?: string | undefined;
|
|
1247
1324
|
};
|
|
1248
1325
|
} & {
|
|
1249
1326
|
json: {
|
|
@@ -1280,6 +1357,17 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
1280
1357
|
username: string;
|
|
1281
1358
|
otp: string;
|
|
1282
1359
|
realm: "sms" | "email";
|
|
1360
|
+
} | {
|
|
1361
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
1362
|
+
subject_token: string;
|
|
1363
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
1364
|
+
organization: string;
|
|
1365
|
+
audience?: string | undefined;
|
|
1366
|
+
scope?: string | undefined;
|
|
1367
|
+
client_id?: string | undefined;
|
|
1368
|
+
client_secret?: string | undefined;
|
|
1369
|
+
client_assertion?: string | undefined;
|
|
1370
|
+
client_assertion_type?: string | undefined;
|
|
1283
1371
|
};
|
|
1284
1372
|
};
|
|
1285
1373
|
output: {
|
|
@@ -1324,6 +1412,17 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
1324
1412
|
username: string;
|
|
1325
1413
|
otp: string;
|
|
1326
1414
|
realm: "sms" | "email";
|
|
1415
|
+
} | {
|
|
1416
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
1417
|
+
subject_token: string;
|
|
1418
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
1419
|
+
organization: string;
|
|
1420
|
+
audience?: string | undefined;
|
|
1421
|
+
scope?: string | undefined;
|
|
1422
|
+
client_id?: string | undefined;
|
|
1423
|
+
client_secret?: string | undefined;
|
|
1424
|
+
client_assertion?: string | undefined;
|
|
1425
|
+
client_assertion_type?: string | undefined;
|
|
1327
1426
|
};
|
|
1328
1427
|
} & {
|
|
1329
1428
|
json: {
|
|
@@ -1360,6 +1459,17 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
1360
1459
|
username: string;
|
|
1361
1460
|
otp: string;
|
|
1362
1461
|
realm: "sms" | "email";
|
|
1462
|
+
} | {
|
|
1463
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
1464
|
+
subject_token: string;
|
|
1465
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
1466
|
+
organization: string;
|
|
1467
|
+
audience?: string | undefined;
|
|
1468
|
+
scope?: string | undefined;
|
|
1469
|
+
client_id?: string | undefined;
|
|
1470
|
+
client_secret?: string | undefined;
|
|
1471
|
+
client_assertion?: string | undefined;
|
|
1472
|
+
client_assertion_type?: string | undefined;
|
|
1363
1473
|
};
|
|
1364
1474
|
};
|
|
1365
1475
|
output: {
|
|
@@ -1377,8 +1487,8 @@ export default function create(config: AuthHeroConfig): OpenAPIHono<{
|
|
|
1377
1487
|
output: {
|
|
1378
1488
|
keys: {
|
|
1379
1489
|
alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
|
|
1380
|
-
kid: string;
|
|
1381
1490
|
kty: "EC" | "RSA" | "oct";
|
|
1491
|
+
kid?: string | undefined;
|
|
1382
1492
|
use?: "sig" | "enc" | undefined;
|
|
1383
1493
|
n?: string | undefined;
|
|
1384
1494
|
e?: string | undefined;
|
|
@@ -14,20 +14,20 @@ export declare const passwordlessRoutes: OpenAPIHono<{
|
|
|
14
14
|
email: string;
|
|
15
15
|
send: "code" | "link";
|
|
16
16
|
authParams: {
|
|
17
|
-
username?: string | undefined;
|
|
18
|
-
state?: string | undefined;
|
|
19
17
|
audience?: string | undefined;
|
|
20
18
|
response_type?: AuthorizationResponseType | undefined;
|
|
21
19
|
response_mode?: import("@authhero/adapter-interfaces").AuthorizationResponseMode | undefined;
|
|
22
20
|
scope?: string | undefined;
|
|
21
|
+
username?: string | undefined;
|
|
22
|
+
state?: string | undefined;
|
|
23
|
+
prompt?: string | undefined;
|
|
24
|
+
ui_locales?: string | undefined;
|
|
23
25
|
organization?: string | undefined;
|
|
24
|
-
nonce?: string | undefined;
|
|
25
26
|
redirect_uri?: string | undefined;
|
|
26
27
|
act_as?: string | undefined;
|
|
27
|
-
|
|
28
|
+
nonce?: string | undefined;
|
|
28
29
|
code_challenge_method?: import("@authhero/adapter-interfaces").CodeChallengeMethod | undefined;
|
|
29
30
|
code_challenge?: string | undefined;
|
|
30
|
-
ui_locales?: string | undefined;
|
|
31
31
|
max_age?: number | undefined;
|
|
32
32
|
acr_values?: string | undefined;
|
|
33
33
|
claims?: {
|
|
@@ -50,20 +50,20 @@ export declare const passwordlessRoutes: OpenAPIHono<{
|
|
|
50
50
|
phone_number: string;
|
|
51
51
|
send: "code" | "link";
|
|
52
52
|
authParams: {
|
|
53
|
-
username?: string | undefined;
|
|
54
|
-
state?: string | undefined;
|
|
55
53
|
audience?: string | undefined;
|
|
56
54
|
response_type?: AuthorizationResponseType | undefined;
|
|
57
55
|
response_mode?: import("@authhero/adapter-interfaces").AuthorizationResponseMode | undefined;
|
|
58
56
|
scope?: string | undefined;
|
|
57
|
+
username?: string | undefined;
|
|
58
|
+
state?: string | undefined;
|
|
59
|
+
prompt?: string | undefined;
|
|
60
|
+
ui_locales?: string | undefined;
|
|
59
61
|
organization?: string | undefined;
|
|
60
|
-
nonce?: string | undefined;
|
|
61
62
|
redirect_uri?: string | undefined;
|
|
62
63
|
act_as?: string | undefined;
|
|
63
|
-
|
|
64
|
+
nonce?: string | undefined;
|
|
64
65
|
code_challenge_method?: import("@authhero/adapter-interfaces").CodeChallengeMethod | undefined;
|
|
65
66
|
code_challenge?: string | undefined;
|
|
66
|
-
ui_locales?: string | undefined;
|
|
67
67
|
max_age?: number | undefined;
|
|
68
68
|
acr_values?: string | undefined;
|
|
69
69
|
claims?: {
|
|
@@ -18,7 +18,7 @@ export declare const registerRoutes: OpenAPIHono<{
|
|
|
18
18
|
scope?: string | undefined;
|
|
19
19
|
grant_types?: string[] | undefined;
|
|
20
20
|
response_types?: string[] | undefined;
|
|
21
|
-
token_endpoint_auth_method?: "
|
|
21
|
+
token_endpoint_auth_method?: "client_secret_post" | "client_secret_basic" | "none" | "client_secret_jwt" | "private_key_jwt" | undefined;
|
|
22
22
|
jwks_uri?: string | undefined;
|
|
23
23
|
jwks?: Record<string, unknown> | undefined;
|
|
24
24
|
software_id?: string | undefined;
|
|
@@ -107,7 +107,7 @@ export declare const registerRoutes: OpenAPIHono<{
|
|
|
107
107
|
scope?: string | undefined;
|
|
108
108
|
grant_types?: string[] | undefined;
|
|
109
109
|
response_types?: string[] | undefined;
|
|
110
|
-
token_endpoint_auth_method?: "
|
|
110
|
+
token_endpoint_auth_method?: "client_secret_post" | "client_secret_basic" | "none" | "client_secret_jwt" | "private_key_jwt" | undefined;
|
|
111
111
|
jwks_uri?: string | undefined;
|
|
112
112
|
jwks?: Record<string, unknown> | undefined;
|
|
113
113
|
software_id?: string | undefined;
|
|
@@ -9,14 +9,14 @@ export declare const revokeRoutes: OpenAPIHono<{
|
|
|
9
9
|
input: {
|
|
10
10
|
form: {
|
|
11
11
|
token: string;
|
|
12
|
-
token_type_hint?: "
|
|
12
|
+
token_type_hint?: "access_token" | "refresh_token" | undefined;
|
|
13
13
|
client_id?: string | undefined;
|
|
14
14
|
client_secret?: string | undefined;
|
|
15
15
|
};
|
|
16
16
|
} & {
|
|
17
17
|
json: {
|
|
18
18
|
token: string;
|
|
19
|
-
token_type_hint?: "
|
|
19
|
+
token_type_hint?: "access_token" | "refresh_token" | undefined;
|
|
20
20
|
client_id?: string | undefined;
|
|
21
21
|
client_secret?: string | undefined;
|
|
22
22
|
};
|
|
@@ -28,14 +28,14 @@ export declare const revokeRoutes: OpenAPIHono<{
|
|
|
28
28
|
input: {
|
|
29
29
|
form: {
|
|
30
30
|
token: string;
|
|
31
|
-
token_type_hint?: "
|
|
31
|
+
token_type_hint?: "access_token" | "refresh_token" | undefined;
|
|
32
32
|
client_id?: string | undefined;
|
|
33
33
|
client_secret?: string | undefined;
|
|
34
34
|
};
|
|
35
35
|
} & {
|
|
36
36
|
json: {
|
|
37
37
|
token: string;
|
|
38
|
-
token_type_hint?: "
|
|
38
|
+
token_type_hint?: "access_token" | "refresh_token" | undefined;
|
|
39
39
|
client_id?: string | undefined;
|
|
40
40
|
client_secret?: string | undefined;
|
|
41
41
|
};
|
|
@@ -50,14 +50,14 @@ export declare const revokeRoutes: OpenAPIHono<{
|
|
|
50
50
|
input: {
|
|
51
51
|
form: {
|
|
52
52
|
token: string;
|
|
53
|
-
token_type_hint?: "
|
|
53
|
+
token_type_hint?: "access_token" | "refresh_token" | undefined;
|
|
54
54
|
client_id?: string | undefined;
|
|
55
55
|
client_secret?: string | undefined;
|
|
56
56
|
};
|
|
57
57
|
} & {
|
|
58
58
|
json: {
|
|
59
59
|
token: string;
|
|
60
|
-
token_type_hint?: "
|
|
60
|
+
token_type_hint?: "access_token" | "refresh_token" | undefined;
|
|
61
61
|
client_id?: string | undefined;
|
|
62
62
|
client_secret?: string | undefined;
|
|
63
63
|
};
|
|
@@ -41,6 +41,17 @@ export declare const tokenRoutes: OpenAPIHono<{
|
|
|
41
41
|
username: string;
|
|
42
42
|
otp: string;
|
|
43
43
|
realm: "sms" | "email";
|
|
44
|
+
} | {
|
|
45
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
46
|
+
subject_token: string;
|
|
47
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
48
|
+
organization: string;
|
|
49
|
+
audience?: string | undefined;
|
|
50
|
+
scope?: string | undefined;
|
|
51
|
+
client_id?: string | undefined;
|
|
52
|
+
client_secret?: string | undefined;
|
|
53
|
+
client_assertion?: string | undefined;
|
|
54
|
+
client_assertion_type?: string | undefined;
|
|
44
55
|
};
|
|
45
56
|
} & {
|
|
46
57
|
json: {
|
|
@@ -77,6 +88,17 @@ export declare const tokenRoutes: OpenAPIHono<{
|
|
|
77
88
|
username: string;
|
|
78
89
|
otp: string;
|
|
79
90
|
realm: "sms" | "email";
|
|
91
|
+
} | {
|
|
92
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
93
|
+
subject_token: string;
|
|
94
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
95
|
+
organization: string;
|
|
96
|
+
audience?: string | undefined;
|
|
97
|
+
scope?: string | undefined;
|
|
98
|
+
client_id?: string | undefined;
|
|
99
|
+
client_secret?: string | undefined;
|
|
100
|
+
client_assertion?: string | undefined;
|
|
101
|
+
client_assertion_type?: string | undefined;
|
|
80
102
|
};
|
|
81
103
|
};
|
|
82
104
|
output: {};
|
|
@@ -118,6 +140,17 @@ export declare const tokenRoutes: OpenAPIHono<{
|
|
|
118
140
|
username: string;
|
|
119
141
|
otp: string;
|
|
120
142
|
realm: "sms" | "email";
|
|
143
|
+
} | {
|
|
144
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
145
|
+
subject_token: string;
|
|
146
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
147
|
+
organization: string;
|
|
148
|
+
audience?: string | undefined;
|
|
149
|
+
scope?: string | undefined;
|
|
150
|
+
client_id?: string | undefined;
|
|
151
|
+
client_secret?: string | undefined;
|
|
152
|
+
client_assertion?: string | undefined;
|
|
153
|
+
client_assertion_type?: string | undefined;
|
|
121
154
|
};
|
|
122
155
|
} & {
|
|
123
156
|
json: {
|
|
@@ -154,6 +187,17 @@ export declare const tokenRoutes: OpenAPIHono<{
|
|
|
154
187
|
username: string;
|
|
155
188
|
otp: string;
|
|
156
189
|
realm: "sms" | "email";
|
|
190
|
+
} | {
|
|
191
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
192
|
+
subject_token: string;
|
|
193
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
194
|
+
organization: string;
|
|
195
|
+
audience?: string | undefined;
|
|
196
|
+
scope?: string | undefined;
|
|
197
|
+
client_id?: string | undefined;
|
|
198
|
+
client_secret?: string | undefined;
|
|
199
|
+
client_assertion?: string | undefined;
|
|
200
|
+
client_assertion_type?: string | undefined;
|
|
157
201
|
};
|
|
158
202
|
};
|
|
159
203
|
output: {
|
|
@@ -203,6 +247,17 @@ export declare const tokenRoutes: OpenAPIHono<{
|
|
|
203
247
|
username: string;
|
|
204
248
|
otp: string;
|
|
205
249
|
realm: "sms" | "email";
|
|
250
|
+
} | {
|
|
251
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
252
|
+
subject_token: string;
|
|
253
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
254
|
+
organization: string;
|
|
255
|
+
audience?: string | undefined;
|
|
256
|
+
scope?: string | undefined;
|
|
257
|
+
client_id?: string | undefined;
|
|
258
|
+
client_secret?: string | undefined;
|
|
259
|
+
client_assertion?: string | undefined;
|
|
260
|
+
client_assertion_type?: string | undefined;
|
|
206
261
|
};
|
|
207
262
|
} & {
|
|
208
263
|
json: {
|
|
@@ -239,6 +294,17 @@ export declare const tokenRoutes: OpenAPIHono<{
|
|
|
239
294
|
username: string;
|
|
240
295
|
otp: string;
|
|
241
296
|
realm: "sms" | "email";
|
|
297
|
+
} | {
|
|
298
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
299
|
+
subject_token: string;
|
|
300
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
301
|
+
organization: string;
|
|
302
|
+
audience?: string | undefined;
|
|
303
|
+
scope?: string | undefined;
|
|
304
|
+
client_id?: string | undefined;
|
|
305
|
+
client_secret?: string | undefined;
|
|
306
|
+
client_assertion?: string | undefined;
|
|
307
|
+
client_assertion_type?: string | undefined;
|
|
242
308
|
};
|
|
243
309
|
};
|
|
244
310
|
output: {
|
|
@@ -283,6 +349,17 @@ export declare const tokenRoutes: OpenAPIHono<{
|
|
|
283
349
|
username: string;
|
|
284
350
|
otp: string;
|
|
285
351
|
realm: "sms" | "email";
|
|
352
|
+
} | {
|
|
353
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
354
|
+
subject_token: string;
|
|
355
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
356
|
+
organization: string;
|
|
357
|
+
audience?: string | undefined;
|
|
358
|
+
scope?: string | undefined;
|
|
359
|
+
client_id?: string | undefined;
|
|
360
|
+
client_secret?: string | undefined;
|
|
361
|
+
client_assertion?: string | undefined;
|
|
362
|
+
client_assertion_type?: string | undefined;
|
|
286
363
|
};
|
|
287
364
|
} & {
|
|
288
365
|
json: {
|
|
@@ -319,6 +396,17 @@ export declare const tokenRoutes: OpenAPIHono<{
|
|
|
319
396
|
username: string;
|
|
320
397
|
otp: string;
|
|
321
398
|
realm: "sms" | "email";
|
|
399
|
+
} | {
|
|
400
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
401
|
+
subject_token: string;
|
|
402
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
403
|
+
organization: string;
|
|
404
|
+
audience?: string | undefined;
|
|
405
|
+
scope?: string | undefined;
|
|
406
|
+
client_id?: string | undefined;
|
|
407
|
+
client_secret?: string | undefined;
|
|
408
|
+
client_assertion?: string | undefined;
|
|
409
|
+
client_assertion_type?: string | undefined;
|
|
322
410
|
};
|
|
323
411
|
};
|
|
324
412
|
output: {
|
|
@@ -363,6 +451,17 @@ export declare const tokenRoutes: OpenAPIHono<{
|
|
|
363
451
|
username: string;
|
|
364
452
|
otp: string;
|
|
365
453
|
realm: "sms" | "email";
|
|
454
|
+
} | {
|
|
455
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
456
|
+
subject_token: string;
|
|
457
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
458
|
+
organization: string;
|
|
459
|
+
audience?: string | undefined;
|
|
460
|
+
scope?: string | undefined;
|
|
461
|
+
client_id?: string | undefined;
|
|
462
|
+
client_secret?: string | undefined;
|
|
463
|
+
client_assertion?: string | undefined;
|
|
464
|
+
client_assertion_type?: string | undefined;
|
|
366
465
|
};
|
|
367
466
|
} & {
|
|
368
467
|
json: {
|
|
@@ -399,6 +498,17 @@ export declare const tokenRoutes: OpenAPIHono<{
|
|
|
399
498
|
username: string;
|
|
400
499
|
otp: string;
|
|
401
500
|
realm: "sms" | "email";
|
|
501
|
+
} | {
|
|
502
|
+
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
503
|
+
subject_token: string;
|
|
504
|
+
subject_token_type: "urn:ietf:params:oauth:token-type:access_token";
|
|
505
|
+
organization: string;
|
|
506
|
+
audience?: string | undefined;
|
|
507
|
+
scope?: string | undefined;
|
|
508
|
+
client_id?: string | undefined;
|
|
509
|
+
client_secret?: string | undefined;
|
|
510
|
+
client_assertion?: string | undefined;
|
|
511
|
+
client_assertion_type?: string | undefined;
|
|
402
512
|
};
|
|
403
513
|
};
|
|
404
514
|
output: {
|
|
@@ -9,8 +9,8 @@ export declare const wellKnownRoutes: import("hono/hono-base").HonoBase<{
|
|
|
9
9
|
output: {
|
|
10
10
|
keys: {
|
|
11
11
|
alg: "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "HS256" | "HS384" | "HS512";
|
|
12
|
-
kid: string;
|
|
13
12
|
kty: "EC" | "RSA" | "oct";
|
|
13
|
+
kid?: string | undefined;
|
|
14
14
|
use?: "sig" | "enc" | undefined;
|
|
15
15
|
n?: string | undefined;
|
|
16
16
|
e?: string | undefined;
|