CREATE TABLE sso_configs (
    id          TEXT PRIMARY KEY,
    tenant      TEXT NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
    name        TEXT NOT NULL,
    client_id   TEXT NOT NULL,
    client_secret  TEXT NOT NULL,

    -- TODO enabled boolean

    issuer_url       TEXT NOT NULL,
    jwks_url         TEXT NOT NULL,
    auth_url         TEXT NOT NULL,
    device_auth_url  TEXT NOT NULL,
    token_url        TEXT NOT NULL
);

CREATE INDEX idx_sso_configs_tenant ON sso_configs(tenant);

CREATE TABLE sso_domain_owners (
    tenant      TEXT NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
    domain      TEXT NOT NULL REFERENCES domains(id) ON DELETE CASCADE,
    config      TEXT NOT NULL REFERENCES sso_configs(id) ON DELETE CASCADE
);

CREATE UNIQUE INDEX uniq_idx_sso_domain_owners ON sso_domain_owners(tenant, domain);