UNPKG

convex

Version:

Client for the Convex Cloud

convex.dev

get-convex/convex-js

167 lines (143 loc) 3.61 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
import { JSONValue } from "../values/index.js"; /** * Information about an authenticated user, derived from a * [JWT](https://datatracker.ietf.org/doc/html/rfc7519). * * The only fields guaranteed to be present are * {@link UserIdentity.tokenIdentifier} and {@link UserIdentity.issuer}. All * remaining fields may or may not be present depending on the information given * by the identity provider. * * The explicitly listed fields are derived from the OpenID Connect (OIDC) standard fields, * see the [OIDC specification](https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims) * for more information on these fields. * * Any additional fields are custom claims that may be present in the JWT, * and their type depends on your identity provider configuration. If you * know the type of the field, you can assert it in TypeScript like this * (for example as a `string`): * * ```typescript * const identity = await ctx.auth.getUserIdentity(); * if (identity === null) { * return null; * } * const customClaim = identity.custom_claim as string; * ``` * * @public */ export interface UserIdentity { /** * A stable and globally unique string for this identity (i.e. no other * user, even from a different identity provider, will have the same string.) * * JWT claims: `sub` + `iss` */ readonly tokenIdentifier: string; /** * Identifier for the end-user from the identity provider, not necessarily * unique across different providers. * * JWT claim: `sub` */ readonly subject: string; /** * The hostname of the identity provider used to authenticate this user. * * JWT claim: `iss` */ readonly issuer: string; /** * JWT claim: `name` */ readonly name?: string; /** * JWT claim: `given_name` */ readonly givenName?: string; /** * JWT claim: `family_name` */ readonly familyName?: string; /** * JWT claim: `nickname` */ readonly nickname?: string; /** * JWT claim: `preferred_username` */ readonly preferredUsername?: string; /** * JWT claim: `profile` */ readonly profileUrl?: string; /** * JWT claim: `picture` */ readonly pictureUrl?: string; /** * JWT claim: `email` */ readonly email?: string; /** * JWT claim: `email_verified` */ readonly emailVerified?: boolean; /** * JWT claim: `gender` */ readonly gender?: string; /** * JWT claim: `birthdate` */ readonly birthday?: string; /** * JWT claim: `zoneinfo` */ readonly timezone?: string; /** * JWT claim: `locale` */ readonly language?: string; /** * JWT claim: `phone_number` */ readonly phoneNumber?: string; /** * JWT claim: `phone_number_verified` */ readonly phoneNumberVerified?: boolean; /** * JWT claim: `address` */ readonly address?: string; /** * JWT claim: `updated_at` */ readonly updatedAt?: string; /** * Any custom claims. */ [key: string]: JSONValue | undefined; } export type UserIdentityAttributes = Omit< UserIdentity, // tokenIdentifier is always generated by us "tokenIdentifier" >; /** * An interface to access information about the currently authenticated user * within Convex query and mutation functions. * * @public */ export interface Auth { /** * Get details about the currently authenticated user. * * @returns A promise that resolves to a {@link UserIdentity} if the Convex * client was configured with a valid ID token and `null` otherwise. */ getUserIdentity(): Promise<UserIdentity | null>; }