vaspera 2.5.0

package/dist/enterprise/auth/oidc.d.ts

@@ -0,0 +1,231 @@
+/**
+ * OIDC Single Sign-On
+ *
+ * Supports enterprise SSO with Okta, Auth0, Azure AD, and generic OIDC providers.
+ * Handles user authentication, role mapping, and SCIM provisioning.
+ *
+ * @module enterprise/auth/oidc
+ */
+/**
+ * Supported OIDC providers
+ */
+export type OIDCProvider = "okta" | "auth0" | "azure-ad" | "google" | "custom";
+/**
+ * OIDC configuration
+ */
+export interface OIDCConfig {
+    /** Provider type */
+    provider: OIDCProvider;
+    /** Client ID */
+    clientId: string;
+    /** Client Secret */
+    clientSecret: string;
+    /** Issuer URL (e.g., https://company.okta.com) */
+    issuerUrl: string;
+    /** Redirect URI after authentication */
+    redirectUri: string;
+    /** Requested scopes */
+    scopes?: string[];
+    /** Custom endpoints (for custom providers) */
+    endpoints?: {
+        authorization?: string;
+        token?: string;
+        userinfo?: string;
+        jwks?: string;
+    };
+    /** Role mapping from OIDC claims to Vaspera roles */
+    roleMapping?: RoleMapping;
+}
+/**
+ * Role mapping configuration
+ */
+export interface RoleMapping {
+    /** Claim to use for roles (default: "groups" or "roles") */
+    rolesClaim: string;
+    /** Map from OIDC group/role to Vaspera role */
+    mappings: Record<string, VasperaRole>;
+    /** Default role if no mapping matches */
+    defaultRole: VasperaRole;
+}
+/**
+ * Vaspera roles
+ */
+export type VasperaRole = "viewer" | "auditor" | "certifier" | "admin";
+/**
+ * OIDC user information
+ */
+export interface OIDCUser {
+    /** User ID (sub claim) */
+    id: string;
+    /** Email address */
+    email: string;
+    /** Display name */
+    name?: string;
+    /** Given/first name */
+    givenName?: string;
+    /** Family/last name */
+    familyName?: string;
+    /** Profile picture URL */
+    picture?: string;
+    /** Mapped Vaspera role */
+    role: VasperaRole;
+    /** Raw OIDC claims */
+    claims: Record<string, unknown>;
+    /** Provider this user came from */
+    provider: OIDCProvider;
+    /** When the session expires */
+    expiresAt: string;
+}
+/**
+ * OIDC tokens
+ */
+export interface OIDCTokens {
+    /** Access token */
+    accessToken: string;
+    /** ID token (JWT) */
+    idToken: string;
+    /** Refresh token */
+    refreshToken?: string;
+    /** Token type (usually "Bearer") */
+    tokenType: string;
+    /** Expiration time in seconds */
+    expiresIn: number;
+    /** Scope granted */
+    scope?: string;
+}
+/**
+ * Authorization state
+ */
+export interface AuthState {
+    /** PKCE code verifier */
+    codeVerifier: string;
+    /** State parameter */
+    state: string;
+    /** Nonce for ID token validation */
+    nonce: string;
+    /** Original redirect URL */
+    redirectUri: string;
+    /** When this state expires */
+    expiresAt: number;
+}
+/**
+ * OIDC Client for enterprise authentication
+ */
+export declare class OIDCClient {
+    private config;
+    private discoveryCache;
+    private pendingStates;
+    constructor(config: OIDCConfig);
+    /**
+     * Discover OIDC endpoints from issuer
+     */
+    discover(): Promise<Record<string, unknown>>;
+    /**
+     * Get authorization URL
+     */
+    getAuthorizationUrl(): Promise<{
+        url: string;
+        state: AuthState;
+    }>;
+    /**
+     * Exchange authorization code for tokens
+     */
+    exchangeCode(code: string, state: string): Promise<{
+        tokens: OIDCTokens;
+        user: OIDCUser;
+    }>;
+    /**
+     * Get user information from tokens
+     */
+    getUserInfo(tokens: OIDCTokens, expectedNonce?: string): Promise<OIDCUser>;
+    /**
+     * Refresh tokens
+     */
+    refreshTokens(refreshToken: string): Promise<OIDCTokens>;
+    /**
+     * Map OIDC claims to Vaspera role
+     */
+    private mapRole;
+    /**
+     * Validate ID token
+     */
+    validateIdToken(idToken: string): Promise<boolean>;
+}
+/**
+ * SCIM user representation
+ */
+export interface SCIMUser {
+    schemas: string[];
+    id: string;
+    userName: string;
+    name?: {
+        givenName?: string;
+        familyName?: string;
+    };
+    emails?: Array<{
+        value: string;
+        primary?: boolean;
+    }>;
+    active: boolean;
+    groups?: Array<{
+        value: string;
+        display: string;
+    }>;
+}
+/**
+ * SCIM group representation
+ */
+export interface SCIMGroup {
+    schemas: string[];
+    id: string;
+    displayName: string;
+    members?: Array<{
+        value: string;
+        display: string;
+    }>;
+}
+/**
+ * SCIM client for user provisioning
+ */
+export declare class SCIMClient {
+    private baseUrl;
+    private bearerToken;
+    constructor(baseUrl: string, bearerToken: string);
+    /**
+     * Get all users
+     */
+    getUsers(): Promise<SCIMUser[]>;
+    /**
+     * Get user by ID
+     */
+    getUser(id: string): Promise<SCIMUser | null>;
+    /**
+     * Create user
+     */
+    createUser(user: Omit<SCIMUser, "id">): Promise<SCIMUser>;
+    /**
+     * Update user
+     */
+    updateUser(id: string, user: Partial<SCIMUser>): Promise<SCIMUser>;
+    /**
+     * Delete user
+     */
+    deleteUser(id: string): Promise<void>;
+    /**
+     * Get all groups
+     */
+    getGroups(): Promise<SCIMGroup[]>;
+    /**
+     * Make SCIM request
+     */
+    private request;
+}
+/**
+ * Create OIDC client for a provider
+ */
+export declare function createOIDCClient(config: OIDCConfig): OIDCClient;
+/**
+ * Create SCIM client
+ */
+export declare function createSCIMClient(baseUrl: string, bearerToken: string): SCIMClient;
+//# sourceMappingURL=oidc.d.ts.map

package/dist/enterprise/auth/oidc.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../../../src/enterprise/auth/oidc.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAQH;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,OAAO,GAAG,UAAU,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAE/E;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,oBAAoB;IACpB,QAAQ,EAAE,YAAY,CAAC;IAEvB,gBAAgB;IAChB,QAAQ,EAAE,MAAM,CAAC;IAEjB,oBAAoB;IACpB,YAAY,EAAE,MAAM,CAAC;IAErB,kDAAkD;IAClD,SAAS,EAAE,MAAM,CAAC;IAElB,wCAAwC;IACxC,WAAW,EAAE,MAAM,CAAC;IAEpB,uBAAuB;IACvB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAElB,8CAA8C;IAC9C,SAAS,CAAC,EAAE;QACV,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,IAAI,CAAC,EAAE,MAAM,CAAC;KACf,CAAC;IAEF,qDAAqD;IACrD,WAAW,CAAC,EAAE,WAAW,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,4DAA4D;IAC5D,UAAU,EAAE,MAAM,CAAC;IAEnB,+CAA+C;IAC/C,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAEtC,yCAAyC;IACzC,WAAW,EAAE,WAAW,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG,QAAQ,GAAG,SAAS,GAAG,WAAW,GAAG,OAAO,CAAC;AAEvE;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,0BAA0B;IAC1B,EAAE,EAAE,MAAM,CAAC;IAEX,oBAAoB;IACpB,KAAK,EAAE,MAAM,CAAC;IAEd,mBAAmB;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;IAEd,uBAAuB;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,uBAAuB;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,0BAA0B;IAC1B,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,0BAA0B;IAC1B,IAAI,EAAE,WAAW,CAAC;IAElB,sBAAsB;IACtB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEhC,mCAAmC;IACnC,QAAQ,EAAE,YAAY,CAAC;IAEvB,+BAA+B;IAC/B,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,mBAAmB;IACnB,WAAW,EAAE,MAAM,CAAC;IAEpB,qBAAqB;IACrB,OAAO,EAAE,MAAM,CAAC;IAEhB,oBAAoB;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,oCAAoC;IACpC,SAAS,EAAE,MAAM,CAAC;IAElB,iCAAiC;IACjC,SAAS,EAAE,MAAM,CAAC;IAElB,oBAAoB;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,yBAAyB;IACzB,YAAY,EAAE,MAAM,CAAC;IAErB,sBAAsB;IACtB,KAAK,EAAE,MAAM,CAAC;IAEd,oCAAoC;IACpC,KAAK,EAAE,MAAM,CAAC;IAEd,4BAA4B;IAC5B,WAAW,EAAE,MAAM,CAAC;IAEpB,8BAA8B;IAC9B,SAAS,EAAE,MAAM,CAAC;CACnB;AAuCD;;GAEG;AACH,qBAAa,UAAU;IACrB,OAAO,CAAC,MAAM,CAAa;IAC3B,OAAO,CAAC,cAAc,CAAwC;IAC9D,OAAO,CAAC,aAAa,CAAgC;gBAEzC,MAAM,EAAE,UAAU;IAQ9B;;OAEG;IACG,QAAQ,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAgBlD;;OAEG;IACG,mBAAmB,IAAI,OAAO,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,SAAS,CAAA;KAAE,CAAC;IA4CvE;;OAEG;IACG,YAAY,CAChB,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC;QAAE,MAAM,EAAE,UAAU,CAAC;QAAC,IAAI,EAAE,QAAQ,CAAA;KAAE,CAAC;IAgElD;;OAEG;IACG,WAAW,CAAC,MAAM,EAAE,UAAU,EAAE,aAAa,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IA0BhF;;OAEG;IACG,aAAa,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAyC9D;;OAEG;IACH,OAAO,CAAC,OAAO;IA2Bf;;OAEG;IACG,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAsBzD;AAMD;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE;QACL,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,UAAU,CAAC,EAAE,MAAM,CAAC;KACrB,CAAC;IACF,MAAM,CAAC,EAAE,KAAK,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,CAAC,EAAE,OAAO,CAAC;KACnB,CAAC,CAAC;IACH,MAAM,EAAE,OAAO,CAAC;IAChB,MAAM,CAAC,EAAE,KAAK,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC,CAAC;CACJ;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,EAAE,EAAE,MAAM,CAAC;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,KAAK,CAAC;QACd,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC,CAAC;CACJ;AAED;;GAEG;AACH,qBAAa,UAAU;IACrB,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,WAAW,CAAS;gBAEhB,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM;IAKhD;;OAEG;IACG,QAAQ,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;IAMrC;;OAEG;IACG,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC;IASnD;;OAEG;IACG,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,GAAG,OAAO,CAAC,QAAQ,CAAC;IAK/D;;OAEG;IACG,UAAU,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,QAAQ,CAAC;IAKxE;;OAEG;IACG,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI3C;;OAEG;IACG,SAAS,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;IAMvC;;OAEG;YACW,OAAO;CAqBtB;AA+BD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,UAAU,GAAG,UAAU,CAE/D;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,UAAU,CAEjF"}

package/dist/enterprise/auth/oidc.js

@@ -0,0 +1,372 @@
+/**
+ * OIDC Single Sign-On
+ *
+ * Supports enterprise SSO with Okta, Auth0, Azure AD, and generic OIDC providers.
+ * Handles user authentication, role mapping, and SCIM provisioning.
+ *
+ * @module enterprise/auth/oidc
+ */
+import { createHash, randomBytes } from "crypto";
+// ============================================================================
+// Provider Configuration
+// ============================================================================
+/**
+ * Well-known OIDC discovery URL suffix
+ */
+const OIDC_DISCOVERY_PATH = "/.well-known/openid-configuration";
+/**
+ * Default scopes
+ */
+const DEFAULT_SCOPES = ["openid", "profile", "email"];
+/**
+ * Provider-specific configurations
+ */
+const PROVIDER_CONFIGS = {
+    okta: {
+        scopes: [...DEFAULT_SCOPES, "groups"],
+    },
+    auth0: {
+        scopes: [...DEFAULT_SCOPES],
+    },
+    "azure-ad": {
+        scopes: [...DEFAULT_SCOPES, "offline_access"],
+    },
+    google: {
+        scopes: [...DEFAULT_SCOPES],
+    },
+    custom: {},
+};
+// ============================================================================
+// OIDC Client
+// ============================================================================
+/**
+ * OIDC Client for enterprise authentication
+ */
+export class OIDCClient {
+    config;
+    discoveryCache = null;
+    pendingStates = new Map();
+    constructor(config) {
+        this.config = {
+            ...PROVIDER_CONFIGS[config.provider],
+            ...config,
+            scopes: config.scopes || PROVIDER_CONFIGS[config.provider].scopes || DEFAULT_SCOPES,
+        };
+    }
+    /**
+     * Discover OIDC endpoints from issuer
+     */
+    async discover() {
+        if (this.discoveryCache) {
+            return this.discoveryCache;
+        }
+        const discoveryUrl = new URL(OIDC_DISCOVERY_PATH, this.config.issuerUrl);
+        const response = await fetch(discoveryUrl.toString());
+        if (!response.ok) {
+            throw new Error(`OIDC discovery failed: ${response.status} ${response.statusText}`);
+        }
+        this.discoveryCache = (await response.json());
+        return this.discoveryCache;
+    }
+    /**
+     * Get authorization URL
+     */
+    async getAuthorizationUrl() {
+        const discovery = await this.discover();
+        const authEndpoint = this.config.endpoints?.authorization ||
+            discovery.authorization_endpoint;
+        // Generate PKCE code verifier and challenge
+        const codeVerifier = base64URLEncode(randomBytes(32));
+        const codeChallenge = base64URLEncode(createHash("sha256").update(codeVerifier).digest());
+        // Generate state and nonce
+        const state = base64URLEncode(randomBytes(16));
+        const nonce = base64URLEncode(randomBytes(16));
+        // Build authorization URL
+        const params = new URLSearchParams({
+            response_type: "code",
+            client_id: this.config.clientId,
+            redirect_uri: this.config.redirectUri,
+            scope: this.config.scopes.join(" "),
+            state,
+            nonce,
+            code_challenge: codeChallenge,
+            code_challenge_method: "S256",
+        });
+        const url = `${authEndpoint}?${params.toString()}`;
+        // Store state
+        const authState = {
+            codeVerifier,
+            state,
+            nonce,
+            redirectUri: this.config.redirectUri,
+            expiresAt: Date.now() + 10 * 60 * 1000, // 10 minutes
+        };
+        this.pendingStates.set(state, authState);
+        return { url, state: authState };
+    }
+    /**
+     * Exchange authorization code for tokens
+     */
+    async exchangeCode(code, state) {
+        // Validate state
+        const authState = this.pendingStates.get(state);
+        if (!authState) {
+            throw new Error("Invalid or expired authorization state");
+        }
+        if (Date.now() > authState.expiresAt) {
+            this.pendingStates.delete(state);
+            throw new Error("Authorization state expired");
+        }
+        const discovery = await this.discover();
+        const tokenEndpoint = this.config.endpoints?.token || discovery.token_endpoint;
+        // Exchange code for tokens
+        const response = await fetch(tokenEndpoint, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/x-www-form-urlencoded",
+            },
+            body: new URLSearchParams({
+                grant_type: "authorization_code",
+                code,
+                client_id: this.config.clientId,
+                client_secret: this.config.clientSecret,
+                redirect_uri: authState.redirectUri,
+                code_verifier: authState.codeVerifier,
+            }),
+        });
+        if (!response.ok) {
+            const error = await response.text();
+            throw new Error(`Token exchange failed: ${error}`);
+        }
+        const tokenData = (await response.json());
+        const tokens = {
+            accessToken: tokenData.access_token,
+            idToken: tokenData.id_token,
+            refreshToken: tokenData.refresh_token,
+            tokenType: tokenData.token_type,
+            expiresIn: tokenData.expires_in,
+            scope: tokenData.scope,
+        };
+        // Parse ID token and get user info
+        const user = await this.getUserInfo(tokens, authState.nonce);
+        // Cleanup state
+        this.pendingStates.delete(state);
+        return { tokens, user };
+    }
+    /**
+     * Get user information from tokens
+     */
+    async getUserInfo(tokens, expectedNonce) {
+        // Parse ID token claims
+        const claims = parseJWT(tokens.idToken);
+        // Validate nonce if provided
+        if (expectedNonce && claims.nonce !== expectedNonce) {
+            throw new Error("ID token nonce mismatch");
+        }
+        // Map role
+        const role = this.mapRole(claims);
+        return {
+            id: claims.sub,
+            email: claims.email,
+            name: claims.name,
+            givenName: claims.given_name,
+            familyName: claims.family_name,
+            picture: claims.picture,
+            role,
+            claims,
+            provider: this.config.provider,
+            expiresAt: new Date(Date.now() + tokens.expiresIn * 1000).toISOString(),
+        };
+    }
+    /**
+     * Refresh tokens
+     */
+    async refreshTokens(refreshToken) {
+        const discovery = await this.discover();
+        const tokenEndpoint = this.config.endpoints?.token || discovery.token_endpoint;
+        const response = await fetch(tokenEndpoint, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/x-www-form-urlencoded",
+            },
+            body: new URLSearchParams({
+                grant_type: "refresh_token",
+                refresh_token: refreshToken,
+                client_id: this.config.clientId,
+                client_secret: this.config.clientSecret,
+            }),
+        });
+        if (!response.ok) {
+            throw new Error("Token refresh failed");
+        }
+        const tokenData = (await response.json());
+        return {
+            accessToken: tokenData.access_token,
+            idToken: tokenData.id_token,
+            refreshToken: tokenData.refresh_token,
+            tokenType: tokenData.token_type,
+            expiresIn: tokenData.expires_in,
+            scope: tokenData.scope,
+        };
+    }
+    /**
+     * Map OIDC claims to Vaspera role
+     */
+    mapRole(claims) {
+        if (!this.config.roleMapping) {
+            return "viewer"; // Default role
+        }
+        const { rolesClaim, mappings, defaultRole } = this.config.roleMapping;
+        // Get roles/groups from claims
+        const roleValues = claims[rolesClaim];
+        if (!roleValues) {
+            return defaultRole;
+        }
+        // Handle both string and array
+        const roles = Array.isArray(roleValues) ? roleValues : [roleValues];
+        // Find first matching mapping
+        for (const role of roles) {
+            const mappedRole = mappings[role];
+            if (mappedRole) {
+                return mappedRole;
+            }
+        }
+        return defaultRole;
+    }
+    /**
+     * Validate ID token
+     */
+    async validateIdToken(idToken) {
+        const claims = parseJWT(idToken);
+        // Check issuer
+        if (claims.iss !== this.config.issuerUrl) {
+            return false;
+        }
+        // Check audience
+        if (claims.aud !== this.config.clientId) {
+            return false;
+        }
+        // Check expiration
+        const exp = claims.exp;
+        if (Date.now() / 1000 > exp) {
+            return false;
+        }
+        // Note: For production, would also verify signature using JWKS
+        return true;
+    }
+}
+/**
+ * SCIM client for user provisioning
+ */
+export class SCIMClient {
+    baseUrl;
+    bearerToken;
+    constructor(baseUrl, bearerToken) {
+        this.baseUrl = baseUrl.replace(/\/$/, "");
+        this.bearerToken = bearerToken;
+    }
+    /**
+     * Get all users
+     */
+    async getUsers() {
+        const response = await this.request("GET", "/Users");
+        const data = (await response.json());
+        return data.Resources || [];
+    }
+    /**
+     * Get user by ID
+     */
+    async getUser(id) {
+        try {
+            const response = await this.request("GET", `/Users/${id}`);
+            return (await response.json());
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Create user
+     */
+    async createUser(user) {
+        const response = await this.request("POST", "/Users", user);
+        return (await response.json());
+    }
+    /**
+     * Update user
+     */
+    async updateUser(id, user) {
+        const response = await this.request("PATCH", `/Users/${id}`, user);
+        return (await response.json());
+    }
+    /**
+     * Delete user
+     */
+    async deleteUser(id) {
+        await this.request("DELETE", `/Users/${id}`);
+    }
+    /**
+     * Get all groups
+     */
+    async getGroups() {
+        const response = await this.request("GET", "/Groups");
+        const data = (await response.json());
+        return data.Resources || [];
+    }
+    /**
+     * Make SCIM request
+     */
+    async request(method, path, body) {
+        const response = await fetch(`${this.baseUrl}${path}`, {
+            method,
+            headers: {
+                Authorization: `Bearer ${this.bearerToken}`,
+                "Content-Type": "application/scim+json",
+                Accept: "application/scim+json",
+            },
+            body: body ? JSON.stringify(body) : undefined,
+        });
+        if (!response.ok) {
+            throw new Error(`SCIM request failed: ${response.status}`);
+        }
+        return response;
+    }
+}
+// ============================================================================
+// Helpers
+// ============================================================================
+/**
+ * Base64 URL encode
+ */
+function base64URLEncode(buffer) {
+    return buffer
+        .toString("base64")
+        .replace(/\+/g, "-")
+        .replace(/\//g, "_")
+        .replace(/=/g, "");
+}
+/**
+ * Parse JWT without verification
+ */
+function parseJWT(token) {
+    const parts = token.split(".");
+    if (parts.length !== 3) {
+        throw new Error("Invalid JWT format");
+    }
+    const payload = parts[1];
+    const decoded = Buffer.from(payload, "base64url").toString("utf-8");
+    return JSON.parse(decoded);
+}
+/**
+ * Create OIDC client for a provider
+ */
+export function createOIDCClient(config) {
+    return new OIDCClient(config);
+}
+/**
+ * Create SCIM client
+ */
+export function createSCIMClient(baseUrl, bearerToken) {
+    return new SCIMClient(baseUrl, bearerToken);
+}
+//# sourceMappingURL=oidc.js.map

package/dist/enterprise/auth/oidc.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oidc.js","sourceRoot":"","sources":["../../../src/enterprise/auth/oidc.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AA8IjD,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E;;GAEG;AACH,MAAM,mBAAmB,GAAG,mCAAmC,CAAC;AAEhE;;GAEG;AACH,MAAM,cAAc,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;AAEtD;;GAEG;AACH,MAAM,gBAAgB,GAA8C;IAClE,IAAI,EAAE;QACJ,MAAM,EAAE,CAAC,GAAG,cAAc,EAAE,QAAQ,CAAC;KACtC;IACD,KAAK,EAAE;QACL,MAAM,EAAE,CAAC,GAAG,cAAc,CAAC;KAC5B;IACD,UAAU,EAAE;QACV,MAAM,EAAE,CAAC,GAAG,cAAc,EAAE,gBAAgB,CAAC;KAC9C;IACD,MAAM,EAAE;QACN,MAAM,EAAE,CAAC,GAAG,cAAc,CAAC;KAC5B;IACD,MAAM,EAAE,EAAE;CACX,CAAC;AAEF,+EAA+E;AAC/E,cAAc;AACd,+EAA+E;AAE/E;;GAEG;AACH,MAAM,OAAO,UAAU;IACb,MAAM,CAAa;IACnB,cAAc,GAAmC,IAAI,CAAC;IACtD,aAAa,GAAG,IAAI,GAAG,EAAqB,CAAC;IAErD,YAAY,MAAkB;QAC5B,IAAI,CAAC,MAAM,GAAG;YACZ,GAAG,gBAAgB,CAAC,MAAM,CAAC,QAAQ,CAAC;YACpC,GAAG,MAAM;YACT,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,gBAAgB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,IAAI,cAAc;SACpF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ;QACZ,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC,cAAc,CAAC;QAC7B,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,mBAAmB,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACzE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC;QAEtD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,0BAA0B,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;QACtF,CAAC;QAED,IAAI,CAAC,cAAc,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;QACzE,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,mBAAmB;QACvB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QACxC,MAAM,YAAY,GAChB,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,aAAa;YACnC,SAAS,CAAC,sBAAiC,CAAC;QAE/C,4CAA4C;QAC5C,MAAM,YAAY,GAAG,eAAe,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;QACtD,MAAM,aAAa,GAAG,eAAe,CACnC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,MAAM,EAAE,CACnD,CAAC;QAEF,2BAA2B;QAC3B,MAAM,KAAK,GAAG,eAAe,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;QAC/C,MAAM,KAAK,GAAG,eAAe,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;QAE/C,0BAA0B;QAC1B,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,aAAa,EAAE,MAAM;YACrB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC/B,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACrC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,MAAO,CAAC,IAAI,CAAC,GAAG,CAAC;YACpC,KAAK;YACL,KAAK;YACL,cAAc,EAAE,aAAa;YAC7B,qBAAqB,EAAE,MAAM;SAC9B,CAAC,CAAC;QAEH,MAAM,GAAG,GAAG,GAAG,YAAY,IAAI,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;QAEnD,cAAc;QACd,MAAM,SAAS,GAAc;YAC3B,YAAY;YACZ,KAAK;YACL,KAAK;YACL,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,aAAa;SACtD,CAAC;QAEF,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;QAEzC,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC;IACnC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAChB,IAAY,EACZ,KAAa;QAEb,iBAAiB;QACjB,MAAM,SAAS,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAChD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QAED,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC;YACrC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QACxC,MAAM,aAAa,GACjB,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,IAAK,SAAS,CAAC,cAAyB,CAAC;QAEvE,2BAA2B;QAC3B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,aAAa,EAAE;YAC1C,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,mCAAmC;aACpD;YACD,IAAI,EAAE,IAAI,eAAe,CAAC;gBACxB,UAAU,EAAE,oBAAoB;gBAChC,IAAI;gBACJ,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;gBAC/B,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;gBACvC,YAAY,EAAE,SAAS,CAAC,WAAW;gBACnC,aAAa,EAAE,SAAS,CAAC,YAAY;aACtC,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,0BAA0B,KAAK,EAAE,CAAC,CAAC;QACrD,CAAC;QAED,MAAM,SAAS,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAOvC,CAAC;QAEF,MAAM,MAAM,GAAe;YACzB,WAAW,EAAE,SAAS,CAAC,YAAY;YACnC,OAAO,EAAE,SAAS,CAAC,QAAQ;YAC3B,YAAY,EAAE,SAAS,CAAC,aAAa;YACrC,SAAS,EAAE,SAAS,CAAC,UAAU;YAC/B,SAAS,EAAE,SAAS,CAAC,UAAU;YAC/B,KAAK,EAAE,SAAS,CAAC,KAAK;SACvB,CAAC;QAEF,mCAAmC;QACnC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;QAE7D,gBAAgB;QAChB,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAEjC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;IAC1B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,MAAkB,EAAE,aAAsB;QAC1D,wBAAwB;QACxB,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAExC,6BAA6B;QAC7B,IAAI,aAAa,IAAI,MAAM,CAAC,KAAK,KAAK,aAAa,EAAE,CAAC;YACpD,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QAED,WAAW;QACX,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElC,OAAO;YACL,EAAE,EAAE,MAAM,CAAC,GAAa;YACxB,KAAK,EAAE,MAAM,CAAC,KAAe;YAC7B,IAAI,EAAE,MAAM,CAAC,IAA0B;YACvC,SAAS,EAAE,MAAM,CAAC,UAAgC;YAClD,UAAU,EAAE,MAAM,CAAC,WAAiC;YACpD,OAAO,EAAE,MAAM,CAAC,OAA6B;YAC7C,IAAI;YACJ,MAAM;YACN,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;SACxE,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,YAAoB;QACtC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QACxC,MAAM,aAAa,GACjB,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,IAAK,SAAS,CAAC,cAAyB,CAAC;QAEvE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,aAAa,EAAE;YAC1C,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,mCAAmC;aACpD;YACD,IAAI,EAAE,IAAI,eAAe,CAAC;gBACxB,UAAU,EAAE,eAAe;gBAC3B,aAAa,EAAE,YAAY;gBAC3B,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;gBAC/B,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;aACxC,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QAED,MAAM,SAAS,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAOvC,CAAC;QAEF,OAAO;YACL,WAAW,EAAE,SAAS,CAAC,YAAY;YACnC,OAAO,EAAE,SAAS,CAAC,QAAQ;YAC3B,YAAY,EAAE,SAAS,CAAC,aAAa;YACrC,SAAS,EAAE,SAAS,CAAC,UAAU;YAC/B,SAAS,EAAE,SAAS,CAAC,UAAU;YAC/B,KAAK,EAAE,SAAS,CAAC,KAAK;SACvB,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,OAAO,CAAC,MAA+B;QAC7C,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC7B,OAAO,QAAQ,CAAC,CAAC,eAAe;QAClC,CAAC;QAED,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;QAEtE,+BAA+B;QAC/B,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC;QACtC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,+BAA+B;QAC/B,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;QAEpE,8BAA8B;QAC9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAc,CAAC,CAAC;YAC5C,IAAI,UAAU,EAAE,CAAC;gBACf,OAAO,UAAU,CAAC;YACpB,CAAC;QACH,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe,CAAC,OAAe;QACnC,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;QAEjC,eAAe;QACf,IAAI,MAAM,CAAC,GAAG,KAAK,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACzC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,iBAAiB;QACjB,IAAI,MAAM,CAAC,GAAG,KAAK,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACxC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,mBAAmB;QACnB,MAAM,GAAG,GAAG,MAAM,CAAC,GAAa,CAAC;QACjC,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,GAAG,EAAE,CAAC;YAC5B,OAAO,KAAK,CAAC;QACf,CAAC;QAED,+DAA+D;QAC/D,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AAyCD;;GAEG;AACH,MAAM,OAAO,UAAU;IACb,OAAO,CAAS;IAChB,WAAW,CAAS;IAE5B,YAAY,OAAe,EAAE,WAAmB;QAC9C,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAC1C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;IACjC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ;QACZ,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA+B,CAAC;QACnE,OAAO,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,EAAU;QACtB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC;YAC3D,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAa,CAAC;QAC7C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,IAA0B;QACzC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC5D,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAa,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,EAAU,EAAE,IAAuB;QAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAa,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,EAAU;QACzB,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS;QACb,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;QACtD,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAgC,CAAC;QACpE,OAAO,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC;IAC9B,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,OAAO,CACnB,MAAc,EACd,IAAY,EACZ,IAAc;QAEd,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,EAAE,EAAE;YACrD,MAAM;YACN,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,IAAI,CAAC,WAAW,EAAE;gBAC3C,cAAc,EAAE,uBAAuB;gBACvC,MAAM,EAAE,uBAAuB;aAChC;YACD,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;SAC9C,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,wBAAwB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QAC7D,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF;AAED,+EAA+E;AAC/E,UAAU;AACV,+EAA+E;AAE/E;;GAEG;AACH,SAAS,eAAe,CAAC,MAAc;IACrC,OAAO,MAAM;SACV,QAAQ,CAAC,QAAQ,CAAC;SAClB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;AACvB,CAAC;AAED;;GAEG;AACH,SAAS,QAAQ,CAAC,KAAa;IAC7B,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IAED,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACzB,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACpE,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;AAC7B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAkB;IACjD,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAe,EAAE,WAAmB;IACnE,OAAO,IAAI,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;AAC9C,CAAC"}

package/dist/enterprise/auth/oidc.test.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Tests for OIDC Single Sign-On
+ */
+export {};
+//# sourceMappingURL=oidc.test.d.ts.map

package/dist/enterprise/auth/oidc.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oidc.test.d.ts","sourceRoot":"","sources":["../../../src/enterprise/auth/oidc.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}