| 73 | } |
| 74 | |
| 75 | async function deregisterSSOProvider(): Promise<boolean> { |
| 76 | try { |
| 77 | const userEmail = process.env.SSO_USER_EMAIL |
| 78 | if (!userEmail) { |
| 79 | logger.error('❌ SSO_USER_EMAIL environment variable is required') |
| 80 | logger.error('') |
| 81 | logger.error('Example usage:') |
| 82 | logger.error( |
| 83 | ' SSO_USER_EMAIL=admin@company.com bun run packages/db/scripts/deregister-sso-provider.ts' |
| 84 | ) |
| 85 | logger.error('') |
| 86 | logger.error('Optional: SSO_PROVIDER_ID=provider-id (to remove specific provider)') |
| 87 | return false |
| 88 | } |
| 89 | |
| 90 | const targetUser = await getUser(userEmail) |
| 91 | if (!targetUser) { |
| 92 | return false |
| 93 | } |
| 94 | |
| 95 | logger.info(`Found user: ${targetUser.email} (ID: ${targetUser.id})`) |
| 96 | |
| 97 | const providers = await db |
| 98 | .select() |
| 99 | .from(ssoProvider) |
| 100 | .where(eq(ssoProvider.userId, targetUser.id)) |
| 101 | |
| 102 | if (providers.length === 0) { |
| 103 | logger.warn(`No SSO providers found for user: ${targetUser.email}`) |
| 104 | return false |
| 105 | } |
| 106 | |
| 107 | logger.info(`Found ${providers.length} SSO provider(s) for user ${targetUser.email}`) |
| 108 | for (const provider of providers) { |
| 109 | logger.info(` - Provider ID: ${provider.providerId}, Domain: ${provider.domain}`) |
| 110 | } |
| 111 | |
| 112 | const specificProviderId = process.env.SSO_PROVIDER_ID |
| 113 | |
| 114 | if (specificProviderId) { |
| 115 | const providerToDelete = providers.find((p) => p.providerId === specificProviderId) |
| 116 | if (!providerToDelete) { |
| 117 | logger.error(`Provider '${specificProviderId}' not found for user ${targetUser.email}`) |
| 118 | return false |
| 119 | } |
| 120 | |
| 121 | await db |
| 122 | .delete(ssoProvider) |
| 123 | .where( |
| 124 | and(eq(ssoProvider.userId, targetUser.id), eq(ssoProvider.providerId, specificProviderId)) |
| 125 | ) |
| 126 | |
| 127 | logger.info( |
| 128 | `✅ Successfully deleted SSO provider '${specificProviderId}' for user ${targetUser.email}` |
| 129 | ) |
| 130 | } else { |
| 131 | await db.delete(ssoProvider).where(eq(ssoProvider.userId, targetUser.id)) |
| 132 | |