/** * Collections-based OAuth Storage * * Uses @dotdo/collections for document storage instead of raw SQL. * This eliminates the need for schema migrations - collections handle * all schema management internally with a single _collections table. * * @module storage-collections */ import type { OAuthStorage } from './storage.js'; import type { OAuthUser, OAuthClient, OAuthAuthorizationCode, OAuthAccessToken, OAuthRefreshToken, OAuthGrant, OAuthOrganization } from './types.js'; /** * Collections-based OAuth storage implementation * * Uses document collections for flexible schema-less storage: * - users: User profiles from upstream auth * - clients: OAuth clients (apps) * - authCodes: Short-lived authorization codes * - accessTokens: Access token metadata (for opaque tokens) * - refreshTokens: Refresh tokens for token rotation * - grants: User consent grants * * @example * ```typescript * import { CollectionsOAuthStorage } from '@dotdo/oauth' * * export class OAuthDO extends DurableObject { * private storage: CollectionsOAuthStorage * * constructor(ctx: DurableObjectState, env: Env) { * super(ctx, env) * this.storage = new CollectionsOAuthStorage(ctx.storage.sql) * } * } * ``` */ export declare class CollectionsOAuthStorage implements OAuthStorage { private users; private clients; private authCodes; private accessTokens; private refreshTokens; private grants; private organizations; constructor(sql: SqlStorage); getUser(id: string): Promise; getUserByEmail(email: string): Promise; saveUser(user: OAuthUser): Promise; getUserByProvider(provider: string, providerId: string): Promise; deleteUser(id: string): Promise; listUsers(options?: { limit?: number; offset?: number; }): Promise; getOrganization(id: string): Promise; getOrganizationBySlug(slug: string): Promise; getOrganizationByDomain(domain: string): Promise; saveOrganization(org: OAuthOrganization): Promise; deleteOrganization(id: string): Promise; listOrganizations(options?: { limit?: number; offset?: number; }): Promise; getClient(clientId: string): Promise; saveClient(client: OAuthClient): Promise; deleteClient(clientId: string): Promise; listClients(options?: { limit?: number; offset?: number; }): Promise; saveAuthorizationCode(code: OAuthAuthorizationCode): Promise; consumeAuthorizationCode(code: string): Promise; saveAccessToken(token: OAuthAccessToken): Promise; getAccessToken(token: string): Promise; revokeAccessToken(token: string): Promise; saveRefreshToken(token: OAuthRefreshToken): Promise; getRefreshToken(token: string): Promise; revokeRefreshToken(token: string): Promise; revokeAllUserTokens(userId: string): Promise; revokeAllClientTokens(clientId: string): Promise; getGrant(userId: string, clientId: string): Promise; saveGrant(grant: OAuthGrant): Promise; revokeGrant(userId: string, clientId: string): Promise; listUserGrants(userId: string): Promise; /** * Clean up expired tokens and codes. * Call this periodically (e.g., via cron or alarm) to free storage. */ cleanup(): Promise<{ authCodes: number; accessTokens: number; }>; } //# sourceMappingURL=storage-collections.d.ts.map