# GraphQL schema example
#
# https://gqlgen.com/getting-started/
scalar Int64
scalar Map
scalar Any

type Pagination {
	limit: Int64!
	page: Int64!
	offset: Int64!
	total: Int64!
}

type Meta {
	version: String!
	client_id: String!
	is_google_login_enabled: Boolean!
	is_facebook_login_enabled: Boolean!
	is_github_login_enabled: Boolean!
	is_email_verification_enabled: Boolean!
	is_basic_authentication_enabled: Boolean!
	is_magic_link_login_enabled: Boolean!
	is_sign_up_enabled: Boolean!
}

type User {
	id: ID!
	email: String!
	email_verified: Boolean!
	signup_methods: String!
	given_name: String
	family_name: String
	middle_name: String
	nickname: String
	# defaults to email
	preferred_username: String
	gender: String
	birthdate: String
	phone_number: String
	phone_number_verified: Boolean
	picture: String
	roles: [String!]!
	created_at: Int64
	updated_at: Int64
	revoked_timestamp: Int64
}

type Users {
	pagination: Pagination!
	users: [User!]!
}

type VerificationRequest {
	id: ID!
	identifier: String
	token: String
	email: String
	expires: Int64
	created_at: Int64
	updated_at: Int64
	nonce: String
	redirect_uri: String
}

type VerificationRequests {
	pagination: Pagination!
	verification_requests: [VerificationRequest!]!
}

type Error {
	message: String!
	reason: String!
}

type AuthResponse {
	message: String!
	access_token: String
	id_token: String
	refresh_token: String
	expires_in: Int64
	user: User
}

type Response {
	message: String!
}

type Env {
	ACCESS_TOKEN_EXPIRY_TIME: String
	ADMIN_SECRET: String
	DATABASE_NAME: String!
	DATABASE_URL: String!
	DATABASE_TYPE: String!
	DATABASE_USERNAME: String!
	DATABASE_PASSWORD: String!
	DATABASE_HOST: String!
	DATABASE_PORT: String!
	CLIENT_ID: String!
	CLIENT_SECRET: String!
	CUSTOM_ACCESS_TOKEN_SCRIPT: String
	SMTP_HOST: String
	SMTP_PORT: String
	SMTP_USERNAME: String
	SMTP_PASSWORD: String
	SENDER_EMAIL: String
	JWT_TYPE: String
	JWT_SECRET: String
	JWT_PRIVATE_KEY: String
	JWT_PUBLIC_KEY: String
	ALLOWED_ORIGINS: [String!]
	APP_URL: String
	REDIS_URL: String
	COOKIE_NAME: String
	RESET_PASSWORD_URL: String
	DISABLE_EMAIL_VERIFICATION: Boolean
	DISABLE_BASIC_AUTHENTICATION: Boolean
	DISABLE_MAGIC_LINK_LOGIN: Boolean
	DISABLE_LOGIN_PAGE: Boolean
	DISABLE_SIGN_UP: Boolean
	ROLES: [String!]
	PROTECTED_ROLES: [String!]
	DEFAULT_ROLES: [String!]
	JWT_ROLE_CLAIM: String
	GOOGLE_CLIENT_ID: String
	GOOGLE_CLIENT_SECRET: String
	GITHUB_CLIENT_ID: String
	GITHUB_CLIENT_SECRET: String
	FACEBOOK_CLIENT_ID: String
	FACEBOOK_CLIENT_SECRET: String
	ORGANIZATION_NAME: String
	ORGANIZATION_LOGO: String
}

type ValidateJWTTokenResponse {
	is_valid: Boolean!
}

type GenerateJWTKeysResponse {
	secret: String
	public_key: String
	private_key: String
}

input UpdateEnvInput {
	ACCESS_TOKEN_EXPIRY_TIME: String
	ADMIN_SECRET: String
	CUSTOM_ACCESS_TOKEN_SCRIPT: String
	OLD_ADMIN_SECRET: String
	SMTP_HOST: String
	SMTP_PORT: String
	SMTP_USERNAME: String
	SMTP_PASSWORD: String
	SENDER_EMAIL: String
	JWT_TYPE: String
	JWT_SECRET: String
	JWT_PRIVATE_KEY: String
	JWT_PUBLIC_KEY: String
	ALLOWED_ORIGINS: [String!]
	APP_URL: String
	REDIS_URL: String
	COOKIE_NAME: String
	RESET_PASSWORD_URL: String
	DISABLE_EMAIL_VERIFICATION: Boolean
	DISABLE_BASIC_AUTHENTICATION: Boolean
	DISABLE_MAGIC_LINK_LOGIN: Boolean
	DISABLE_LOGIN_PAGE: Boolean
	DISABLE_SIGN_UP: Boolean
	ROLES: [String!]
	PROTECTED_ROLES: [String!]
	DEFAULT_ROLES: [String!]
	JWT_ROLE_CLAIM: String
	GOOGLE_CLIENT_ID: String
	GOOGLE_CLIENT_SECRET: String
	GITHUB_CLIENT_ID: String
	GITHUB_CLIENT_SECRET: String
	FACEBOOK_CLIENT_ID: String
	FACEBOOK_CLIENT_SECRET: String
	ORGANIZATION_NAME: String
	ORGANIZATION_LOGO: String
}

input AdminLoginInput {
	admin_secret: String!
}

input AdminSignupInput {
	admin_secret: String!
}

input SignUpInput {
	email: String!
	given_name: String
	family_name: String
	middle_name: String
	nickname: String
	gender: String
	birthdate: String
	phone_number: String
	picture: String
	password: String!
	confirm_password: String!
	roles: [String!]
	scope: [String!]
	redirect_uri: String
}

input LoginInput {
	email: String!
	password: String!
	roles: [String!]
	scope: [String!]
}

input VerifyEmailInput {
	token: String!
}

input ResendVerifyEmailInput {
	email: String!
	identifier: String!
}

input UpdateProfileInput {
	old_password: String
	new_password: String
	confirm_new_password: String
	email: String
	given_name: String
	family_name: String
	middle_name: String
	nickname: String
	gender: String
	birthdate: String
	phone_number: String
	picture: String
}

input UpdateUserInput {
	id: ID!
	email: String
	email_verified: Boolean
	given_name: String
	family_name: String
	middle_name: String
	nickname: String
	gender: String
	birthdate: String
	phone_number: String
	picture: String
	roles: [String]
}

input ForgotPasswordInput {
	email: String!
	state: String
	redirect_uri: String
}

input ResetPasswordInput {
	token: String!
	password: String!
	confirm_password: String!
}

input DeleteUserInput {
	email: String!
}

input MagicLinkLoginInput {
	email: String!
	roles: [String!]
	scope: [String!]
	state: String
	redirect_uri: String
}

input SessionQueryInput {
	roles: [String!]
	scope: [String!]
}

input PaginationInput {
	limit: Int64
	page: Int64
}

input PaginatedInput {
	pagination: PaginationInput
}

input OAuthRevokeInput {
	refresh_token: String!
}

input InviteMemberInput {
	emails: [String!]!
	redirect_uri: String
}

input UpdateAccessInput {
	user_id: String!
}

input ValidateJWTTokenInput {
	token_type: String!
	token: String!
	roles: [String!]
}

input GenerateJWTKeysInput {
	type: String!
}

type Mutation {
	signup(params: SignUpInput!): AuthResponse!
	login(params: LoginInput!): AuthResponse!
	magic_link_login(params: MagicLinkLoginInput!): Response!
	logout: Response!
	update_profile(params: UpdateProfileInput!): Response!
	verify_email(params: VerifyEmailInput!): AuthResponse!
	resend_verify_email(params: ResendVerifyEmailInput!): Response!
	forgot_password(params: ForgotPasswordInput!): Response!
	reset_password(params: ResetPasswordInput!): Response!
	revoke(params: OAuthRevokeInput!): Response!
	# admin only apis
	_delete_user(params: DeleteUserInput!): Response!
	_update_user(params: UpdateUserInput!): User!
	_admin_signup(params: AdminSignupInput!): Response!
	_admin_login(params: AdminLoginInput!): Response!
	_admin_logout: Response!
	_update_env(params: UpdateEnvInput!): Response!
	_invite_members(params: InviteMemberInput!): Response!
	_revoke_access(param: UpdateAccessInput!): Response!
	_enable_access(param: UpdateAccessInput!): Response!
	_generate_jwt_keys(params: GenerateJWTKeysInput!): GenerateJWTKeysResponse!
}

type Query {
	meta: Meta!
	session(params: SessionQueryInput): AuthResponse!
	profile: User!
	validate_jwt_token(params: ValidateJWTTokenInput!): ValidateJWTTokenResponse!
	# admin only apis
	_users(params: PaginatedInput): Users!
	_verification_requests(params: PaginatedInput): VerificationRequests!
	_admin_session: Response!
	_env: Env!
}