feat: add organisation sso portal (#1946)

Allow organisations to manage an SSO OIDC compliant portal. This method
is intended to streamline the onboarding process and paves the way to
allow organisations to manage their members in a more strict way.

packages/auth/client/index.ts

@@ -7,6 +7,7 @@ import { AppError } from '@documenso/lib/errors/app-error';
 
 import type { AuthAppType } from '../server';
 import type { SessionValidationResult } from '../server/lib/session/session';
+import type { PartialAccount } from '../server/lib/utils/get-accounts';
 import type { ActiveSession } from '../server/lib/utils/get-session';
 import { handleSignInRedirect } from '../server/lib/utils/redirect';
 import type {
@@ -96,6 +97,25 @@ export class AuthClient {
     }
   }
 
+  public account = {
+    getMany: async () => {
+      const response = await this.client['accounts'].$get();
+
+      await this.handleError(response);
+
+      const result = await response.json();
+
+      return superjson.deserialize<{ accounts: PartialAccount[] }>(result);
+    },
+    delete: async (accountId: string) => {
+      const response = await this.client['account'][':accountId'].$delete({
+        param: { accountId },
+      });
+
+      await this.handleError(response);
+    },
+  };
+
   public emailPassword = {
     signIn: async (data: Omit<TEmailPasswordSignin, 'csrfToken'> & { csrfToken?: string }) => {
       let csrfToken = data.csrfToken;
@@ -214,6 +234,22 @@ export class AuthClient {
         window.location.href = data.redirectUrl;
       }
     },
+    org: {
+      signIn: async ({ orgUrl }: { orgUrl: string }) => {
+        const response = await this.client['oauth'].authorize.oidc.org[':orgUrl'].$post({
+          param: { orgUrl },
+        });
+
+        await this.handleError(response);
+
+        const data = await response.json();
+
+        // Redirect to external OIDC provider URL.
+        if (data.redirectUrl) {
+          window.location.href = data.redirectUrl;
+        }
+      },
+    },
   };
 }