// Persistent third-party app auth credentials, keyed per profile by
// (application_id, prop_name). `application_id` is `applications_v2.id`
// (= appVersion.applicationId), NOT a version id. See mira-api ADR 0001.

// GET — server returns a flat { prop_name: credential_value } map; empty is
// `{}` (200, not 404), so the domain type is also a record.
export type GetOAuthCredentialsRequest = undefined;
export type OAuthCredentialsResponse = Record<string, string>;
export type OAuthCredentials = Record<string, string>;

// POST — create-only. prop_name is in the body (not the URL), so this creates
// into the application's credential collection; it never replaces an existing
// row. Returns the created credential in the same flat
// { prop_name: credential_value } representation as GET (a single-entry map), so
// the response type is OAuthCredentialsResponse. created-vs-skipped is carried by
// the HTTP status (201 vs 200) for server-side observability; no client consumer
// needs it. See mira-api ADR 0001.
export type CreateOAuthCredentialParams = {
  propName: string;
  credentialValue: string;
};
export type CreateOAuthCredentialRequest = {
  prop_name: string;
  credential_value: string;
};

// DELETE — prop_name is a query param; success body is `{}`.
export type DeleteOAuthCredentialRequest = undefined;
export type DeleteOAuthCredentialResponse = Record<string, never>;