authhero 8.15.0 → 8.17.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (35) hide show
  1. package/dist/assets/u/widget/index.esm.js +1 -1
  2. package/dist/authhero.cjs +109 -109
  3. package/dist/authhero.d.ts +76 -73
  4. package/dist/authhero.mjs +7985 -7913
  5. package/dist/tsconfig.types.tsbuildinfo +1 -1
  6. package/dist/types/authentication-flows/passwordless.d.ts +5 -5
  7. package/dist/types/constants.d.ts +1 -1
  8. package/dist/types/helpers/logging.d.ts +11 -0
  9. package/dist/types/index.d.ts +66 -64
  10. package/dist/types/routes/auth-api/index.d.ts +4 -4
  11. package/dist/types/routes/auth-api/passwordless.d.ts +4 -4
  12. package/dist/types/routes/management-api/action-executions.d.ts +1 -1
  13. package/dist/types/routes/management-api/authentication-methods.d.ts +1 -1
  14. package/dist/types/routes/management-api/branding.d.ts +5 -5
  15. package/dist/types/routes/management-api/clients.d.ts +6 -6
  16. package/dist/types/routes/management-api/connections.d.ts +15 -15
  17. package/dist/types/routes/management-api/failed-events.d.ts +3 -1
  18. package/dist/types/routes/management-api/index.d.ts +55 -53
  19. package/dist/types/routes/management-api/log-streams.d.ts +6 -6
  20. package/dist/types/routes/management-api/logs.d.ts +3 -3
  21. package/dist/types/routes/management-api/migration-sources.d.ts +6 -6
  22. package/dist/types/routes/management-api/organizations.d.ts +3 -3
  23. package/dist/types/routes/management-api/prompts.d.ts +4 -4
  24. package/dist/types/routes/management-api/tenants.d.ts +6 -6
  25. package/dist/types/routes/management-api/themes.d.ts +3 -3
  26. package/dist/types/routes/management-api/users.d.ts +2 -2
  27. package/dist/types/routes/universal-login/common.d.ts +8 -8
  28. package/dist/types/routes/universal-login/flow-api.d.ts +4 -4
  29. package/dist/types/routes/universal-login/identifier.d.ts +2 -2
  30. package/dist/types/routes/universal-login/index.d.ts +2 -2
  31. package/dist/types/routes/universal-login/u2-index.d.ts +5 -5
  32. package/dist/types/routes/universal-login/u2-routes.d.ts +5 -5
  33. package/dist/types/types/AuthHeroConfig.d.ts +9 -8
  34. package/dist/types/utils/username-password-provider.d.ts +11 -6
  35. package/package.json +5 -5
@@ -161,11 +161,11 @@ export type UserLinkingModeOption = UserLinkingMode | UserLinkingModeResolver;
161
161
  /**
162
162
  * Resolver for the per-tenant username/password provider value.
163
163
  *
164
- * The native database provider has historically been written as `"auth2"`.
165
- * Returning `"auth0"` for selected tenants lets you migrate them onto the
166
- * `"auth0"` provider value (matching what the legacy Auth0 import format
167
- * used) one tenant at a time. Reads always accept both values, so existing
168
- * `auth2|*` rows keep resolving during and after the cutover.
164
+ * The native database provider has historically been written as `"auth2"`;
165
+ * new rows now default to `"auth0"`. Returning `"auth2"` for selected
166
+ * tenants pins them on the legacy value during a staged cutover. Reads
167
+ * always accept both values, so existing `auth2|*` rows keep resolving
168
+ * during and after the cutover.
169
169
  *
170
170
  * TRANSITIONAL: this resolver and the dual-read fallback can be removed
171
171
  * once every tenant has been migrated to a single value.
@@ -514,11 +514,12 @@ export interface AuthHeroConfig {
514
514
  userLinkingMode?: UserLinkingModeOption;
515
515
  /**
516
516
  * Per-tenant override for the username/password provider value used on
517
- * NEW user rows. Returning `"auth0"` for a tenant migrates new signups,
518
- * password resets, etc. onto the `auth0|*` user_id format. Existing
517
+ * NEW user rows. Omit to write `"auth0"` for every tenant new signups,
518
+ * password resets, etc. use the `auth0|*` user_id format. Existing
519
519
  * `auth2|*` rows keep working — reads accept either value.
520
520
  *
521
- * Omit to keep the legacy `"auth2"` value for every tenant.
521
+ * Returning `"auth2"` pins a tenant on the legacy value during a staged
522
+ * cutover.
522
523
  *
523
524
  * TRANSITIONAL: this hook and the dual-read fallback in the password
524
525
  * flows can be removed once all tenants have been backfilled.
@@ -6,15 +6,15 @@ import { EnrichedClient } from "../helpers/client";
6
6
  * TRANSITIONAL helpers for the auth2 → auth0 provider migration.
7
7
  *
8
8
  * Historically every native database user has been stored with
9
- * `provider = "auth2"` and `user_id = "auth2|<id>"`. We're moving onto the
10
- * `"auth0"` provider value, one tenant at a time, by setting
11
- * `init({ usernamePasswordProvider })` to return `"auth0"` for the
12
- * migrated tenants.
9
+ * `provider = "auth2"` and `user_id = "auth2|<id>"`. New rows are now
10
+ * written with the `"auth0"` provider value everywhere; the
11
+ * `init({ usernamePasswordProvider })` resolver only exists to pin a
12
+ * tenant back onto `"auth2"` during a staged cutover.
13
13
  *
14
14
  * Two surfaces are exposed:
15
15
  *
16
16
  * - {@link resolveUsernamePasswordProvider} — used at WRITE sites to pick
17
- * the value to stamp on a new row. Defaults to `"auth2"`.
17
+ * the value to stamp on a new row. Defaults to `"auth0"`.
18
18
  * - {@link isUsernamePasswordProvider} / {@link getUsernamePasswordUser} /
19
19
  * {@link getPrimaryUsernamePasswordUser} — used at READ sites to match
20
20
  * existing rows under EITHER value, so a tenant can have a mix of
@@ -25,7 +25,13 @@ import { EnrichedClient } from "../helpers/client";
25
25
  */
26
26
  declare const LEGACY_PROVIDER = "auth2";
27
27
  declare const TARGET_PROVIDER = "auth0";
28
+ export { isDatabaseConnectionStrategy } from "@authhero/adapter-interfaces";
28
29
  export type UsernamePasswordProviderValue = typeof LEGACY_PROVIDER | typeof TARGET_PROVIDER;
30
+ /**
31
+ * Both native database provider values, legacy first — for read sites
32
+ * that need to enumerate rather than predicate-match.
33
+ */
34
+ export declare const USERNAME_PASSWORD_PROVIDERS: readonly UsernamePasswordProviderValue[];
29
35
  export declare function resolveUsernamePasswordProvider(env: Bindings, tenant_id: string): Promise<UsernamePasswordProviderValue>;
30
36
  export declare function isUsernamePasswordProvider(provider: string | undefined | null): boolean;
31
37
  interface DualReadParams {
@@ -64,4 +70,3 @@ export declare function getOrCreateUsernamePasswordUser(ctx: Context<{
64
70
  connection: string;
65
71
  ip?: string;
66
72
  }): Promise<User>;
67
- export {};
package/package.json CHANGED
@@ -11,7 +11,7 @@
11
11
  "type": "git",
12
12
  "url": "https://github.com/markusahlstrand/authhero"
13
13
  },
14
- "version": "8.15.0",
14
+ "version": "8.17.0",
15
15
  "files": [
16
16
  "dist"
17
17
  ],
@@ -63,8 +63,8 @@
63
63
  "vite": "^8.0.14",
64
64
  "vite-plugin-dts": "^4.5.4",
65
65
  "vitest": "^4.1.7",
66
- "@authhero/kysely-adapter": "11.13.0",
67
- "@authhero/widget": "0.34.6"
66
+ "@authhero/kysely-adapter": "11.14.0",
67
+ "@authhero/widget": "0.34.8"
68
68
  },
69
69
  "dependencies": {
70
70
  "@peculiar/x509": "^1.14.0",
@@ -82,8 +82,8 @@
82
82
  "qrcode": "^1.5.4",
83
83
  "sanitize-html": "^2.17.4",
84
84
  "xstate": "^5.31.1",
85
- "@authhero/adapter-interfaces": "3.6.0",
86
- "@authhero/proxy": "0.8.2",
85
+ "@authhero/adapter-interfaces": "3.8.0",
86
+ "@authhero/proxy": "0.8.4",
87
87
  "@authhero/saml": "0.4.2"
88
88
  },
89
89
  "peerDependencies": {