import * as better_call from 'better-call'; import { z } from 'zod'; import { O as OAuth2Tokens } from '../../shared/better-auth.BLX8BItA.js'; import { U as User } from '../../shared/better-auth.6fr3ElRe.js'; import '../../shared/better-auth.Bi8FQwDD.js'; import 'jose'; import 'kysely'; import 'better-sqlite3'; interface SSOOptions { /** * custom function to provision a user when they sign in with an SSO provider. */ provisionUser?: (data: { /** * The user object from the database */ user: User & Record; /** * The user info object from the provider */ userInfo: Record; /** * The OAuth2 tokens from the provider */ token: OAuth2Tokens; /** * The SSO provider */ provider: SSOProvider; }) => Promise; /** * Organization provisioning options */ organizationProvisioning?: { disabled?: boolean; defaultRole?: "member" | "admin"; getRole?: (data: { /** * The user object from the database */ user: User & Record; /** * The user info object from the provider */ userInfo: Record; /** * The OAuth2 tokens from the provider */ token: OAuth2Tokens; /** * The SSO provider */ provider: SSOProvider; }) => Promise<"member" | "admin">; }; /** * Disable implicit sign up for new users. When set to true for the provider, * sign-in need to be calle dwith with requestSignUp as true to create new users. */ disableImplicitSignUp?: boolean; } declare const sso: (options?: SSOOptions) => { id: "sso"; endpoints: { createOIDCProvider: { ; tokenEndpoint: z.ZodOptional; userInfoEndpoint: z.ZodOptional; tokenEndpointAuthentication: z.ZodOptional>; jwksEndpoint: z.ZodOptional; discoveryEndpoint: z.ZodOptional; scopes: z.ZodOptional>; pkce: z.ZodOptional>; mapping: z.ZodOptional; name: z.ZodString; image: z.ZodOptional; extraFields: z.ZodOptional>; }, "strip", z.ZodTypeAny, { id: string; name: string; email: string; image?: string | undefined; emailVerified?: string | undefined; extraFields?: Record | undefined; }, { id: string; name: string; email: string; image?: string | undefined; emailVerified?: string | undefined; extraFields?: Record | undefined; }>>; organizationId: z.ZodOptional; }, "strip", z.ZodTypeAny, { providerId: string; issuer: string; domain: string; clientId: string; clientSecret: string; authorizationEndpoint?: string | undefined; scopes?: string[] | undefined; tokenEndpoint?: string | undefined; organizationId?: string | undefined; pkce?: boolean | undefined; userInfoEndpoint?: string | undefined; tokenEndpointAuthentication?: "client_secret_basic" | "client_secret_post" | undefined; jwksEndpoint?: string | undefined; discoveryEndpoint?: string | undefined; mapping?: { id: string; name: string; email: string; image?: string | undefined; emailVerified?: string | undefined; extraFields?: Record | undefined; } | undefined; }, { providerId: string; issuer: string; domain: string; clientId: string; clientSecret: string; authorizationEndpoint?: string | undefined; scopes?: string[] | undefined; tokenEndpoint?: string | undefined; organizationId?: string | undefined; pkce?: boolean | undefined; userInfoEndpoint?: string | undefined; tokenEndpointAuthentication?: "client_secret_basic" | "client_secret_post" | undefined; jwksEndpoint?: string | undefined; discoveryEndpoint?: string | undefined; mapping?: { id: string; name: string; email: string; image?: string | undefined; emailVerified?: string | undefined; extraFields?: Record | undefined; } | undefined; }>; use: ((inputContext: better_call.MiddlewareInputContext) => Promise<{ session: { session: Record & { id: string; createdAt: Date; updatedAt: Date; userId: string; expiresAt: Date; token: string; ipAddress?: string | null | undefined; userAgent?: string | null | undefined; }; user: Record & { id: string; name: string; email: string; emailVerified: boolean; createdAt: Date; updatedAt: Date; image?: string | null | undefined; }; }; }>)[]; metadata: { openapi: { summary: string; description: string; responses: { "200": { description: string; }; }; }; }; } & { use: any[]; }>]>(...inputCtx: C): Promise; options: { method: "POST"; body: z.ZodObject<{ providerId: z.ZodString; issuer: z.ZodString; domain: z.ZodString; clientId: z.ZodString; clientSecret: z.ZodString; authorizationEndpoint: z.ZodOptional; tokenEndpoint: z.ZodOptional; userInfoEndpoint: z.ZodOptional; tokenEndpointAuthentication: z.ZodOptional>; jwksEndpoint: z.ZodOptional; discoveryEndpoint: z.ZodOptional; scopes: z.ZodOptional>; pkce: z.ZodOptional>; mapping: z.ZodOptional; name: z.ZodString; image: z.ZodOptional; extraFields: z.ZodOptional>; }, "strip", z.ZodTypeAny, { id: string; name: string; email: string; image?: string | undefined; emailVerified?: string | undefined; extraFields?: Record | undefined; }, { id: string; name: string; email: string; image?: string | undefined; emailVerified?: string | undefined; extraFields?: Record | undefined; }>>; organizationId: z.ZodOptional; }, "strip", z.ZodTypeAny, { providerId: string; issuer: string; domain: string; clientId: string; clientSecret: string; authorizationEndpoint?: string | undefined; scopes?: string[] | undefined; tokenEndpoint?: string | undefined; organizationId?: string | undefined; pkce?: boolean | undefined; userInfoEndpoint?: string | undefined; tokenEndpointAuthentication?: "client_secret_basic" | "client_secret_post" | undefined; jwksEndpoint?: string | undefined; discoveryEndpoint?: string | undefined; mapping?: { id: string; name: string; email: string; image?: string | undefined; emailVerified?: string | undefined; extraFields?: Record | undefined; } | undefined; }, { providerId: string; issuer: string; domain: string; clientId: string; clientSecret: string; authorizationEndpoint?: string | undefined; scopes?: string[] | undefined; tokenEndpoint?: string | undefined; organizationId?: string | undefined; pkce?: boolean | undefined; userInfoEndpoint?: string | undefined; tokenEndpointAuthentication?: "client_secret_basic" | "client_secret_post" | undefined; jwksEndpoint?: string | undefined; discoveryEndpoint?: string | undefined; mapping?: { id: string; name: string; email: string; image?: string | undefined; emailVerified?: string | undefined; extraFields?: Record | undefined; } | undefined; }>; use: ((inputContext: better_call.MiddlewareInputContext) => Promise<{ session: { session: Record & { id: string; createdAt: Date; updatedAt: Date; userId: string; expiresAt: Date; token: string; ipAddress?: string | null | undefined; userAgent?: string | null | undefined; }; user: Record & { id: string; name: string; email: string; emailVerified: boolean; createdAt: Date; updatedAt: Date; image?: string | null | undefined; }; }; }>)[]; metadata: { openapi: { summary: string; description: string; responses: { "200": { description: string; }; }; }; }; } & { use: any[]; }; path: "/sso/register"; }; signInSSO: { ; organizationSlug: z.ZodOptional; providerId: z.ZodOptional; domain: z.ZodOptional; callbackURL: z.ZodString; errorCallbackURL: z.ZodOptional; newUserCallbackURL: z.ZodOptional; scopes: z.ZodOptional>; requestSignUp: z.ZodOptional; }, "strip", z.ZodTypeAny, { callbackURL: string; email?: string | undefined; scopes?: string[] | undefined; providerId?: string | undefined; requestSignUp?: boolean | undefined; domain?: string | undefined; errorCallbackURL?: string | undefined; newUserCallbackURL?: string | undefined; organizationSlug?: string | undefined; }, { callbackURL: string; email?: string | undefined; scopes?: string[] | undefined; providerId?: string | undefined; requestSignUp?: boolean | undefined; domain?: string | undefined; errorCallbackURL?: string | undefined; newUserCallbackURL?: string | undefined; organizationSlug?: string | undefined; }>; metadata: { openapi: { summary: string; description: string; requestBody: { content: { "application/json": { schema: { type: "object"; properties: { email: { type: string; description: string; }; issuer: { type: string; description: string; }; providerId: { type: string; description: string; }; callbackURL: { type: string; description: string; }; errorCallbackURL: { type: string; description: string; }; newUserCallbackURL: { type: string; description: string; }; }; required: string[]; }; }; }; }; }; }; } & { use: any[]; }>]>(...inputCtx: C): Promise; options: { method: "POST"; body: z.ZodObject<{ email: z.ZodOptional; organizationSlug: z.ZodOptional; providerId: z.ZodOptional; domain: z.ZodOptional; callbackURL: z.ZodString; errorCallbackURL: z.ZodOptional; newUserCallbackURL: z.ZodOptional; scopes: z.ZodOptional>; requestSignUp: z.ZodOptional; }, "strip", z.ZodTypeAny, { callbackURL: string; email?: string | undefined; scopes?: string[] | undefined; providerId?: string | undefined; requestSignUp?: boolean | undefined; domain?: string | undefined; errorCallbackURL?: string | undefined; newUserCallbackURL?: string | undefined; organizationSlug?: string | undefined; }, { callbackURL: string; email?: string | undefined; scopes?: string[] | undefined; providerId?: string | undefined; requestSignUp?: boolean | undefined; domain?: string | undefined; errorCallbackURL?: string | undefined; newUserCallbackURL?: string | undefined; organizationSlug?: string | undefined; }>; metadata: { openapi: { summary: string; description: string; requestBody: { content: { "application/json": { schema: { type: "object"; properties: { email: { type: string; description: string; }; issuer: { type: string; description: string; }; providerId: { type: string; description: string; }; callbackURL: { type: string; description: string; }; errorCallbackURL: { type: string; description: string; }; newUserCallbackURL: { type: string; description: string; }; }; required: string[]; }; }; }; }; }; }; } & { use: any[]; }; path: "/sign-in/sso"; }; callbackSSO: { ; state: z.ZodString; error: z.ZodOptional; error_description: z.ZodOptional; }, "strip", z.ZodTypeAny, { state: string; code?: string | undefined; error?: string | undefined; error_description?: string | undefined; }, { state: string; code?: string | undefined; error?: string | undefined; error_description?: string | undefined; }>; metadata: { isAction: boolean; openapi: { summary: string; description: string; responses: { "302": { description: string; }; }; }; }; } & { use: any[]; }>]>(...inputCtx: C): Promise; options: { method: "GET"; query: z.ZodObject<{ code: z.ZodOptional; state: z.ZodString; error: z.ZodOptional; error_description: z.ZodOptional; }, "strip", z.ZodTypeAny, { state: string; code?: string | undefined; error?: string | undefined; error_description?: string | undefined; }, { state: string; code?: string | undefined; error?: string | undefined; error_description?: string | undefined; }>; metadata: { isAction: boolean; openapi: { summary: string; description: string; responses: { "302": { description: string; }; }; }; }; } & { use: any[]; }; path: "/sso/callback/:providerId"; }; }; schema: { ssoProvider: { fields: { issuer: { type: "string"; required: true; }; oidcConfig: { type: "string"; required: false; }; samlConfig: { type: "string"; required: false; }; userId: { type: "string"; references: { model: string; field: string; }; }; providerId: { type: "string"; required: true; unique: true; }; organizationId: { type: "string"; required: false; }; domain: { type: "string"; required: true; }; }; }; }; }; interface SSOProvider { issuer: string; oidcConfig: OIDCConfig; userId: string; providerId: string; organizationId?: string; } interface OIDCConfig { issuer: string; pkce: boolean; clientId: string; clientSecret: string; authorizationEndpoint?: string; discoveryEndpoint: string; userInfoEndpoint?: string; scopes?: string[]; tokenEndpoint?: string; tokenEndpointAuthentication?: "client_secret_post" | "client_secret_basic"; jwksEndpoint?: string; mapping?: { id?: string; email?: string; emailVerified?: string; name?: string; image?: string; extraFields?: Record; }; } export { sso };