authlete_ruby_test 0.0.1.beta

data/lib/authlete/models/components/introspection_response.rb

@@ -0,0 +1,253 @@
+# Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+
+# typed: true
+# frozen_string_literal: true
+
+
+module Authlete
+  module Models
+    module Components
+    
+
+      class IntrospectionResponse
+        extend T::Sig
+        include Crystalline::MetadataFields
+
+        # The code which represents the result of the API call.
+        field :result_code, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('resultCode') } }
+        # A short message which explains the result of the API call.
+        field :result_message, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('resultMessage') } }
+        # The next action that the authorization server implementation should take.
+        field :action, Crystalline::Nilable.new(Models::Components::IntrospectionResponseAction), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('action'), 'decoder': Utils.enum_from_string(Models::Components::IntrospectionResponseAction, true) } }
+        # The content that the authorization server implementation can use as the value of `WWW-Authenticate` header on errors.
+        # 
+        field :response_content, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('responseContent') } }
+        # The client ID.
+        field :client_id, Crystalline::Nilable.new(::Integer), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('clientId') } }
+        # The client ID alias when the token request was made. If the client did not have an alias, this parameter is `null`.
+        # Also, if the token request was invalid and it failed to identify a client, this parameter is `null`.
+        # 
+        field :client_id_alias, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('clientIdAlias') } }
+        # The flag which indicates whether the client ID alias was used when the token request was made.
+        # `true` if the client ID alias was used when the token request was made.
+        # 
+        field :client_id_alias_used, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('clientIdAliasUsed') } }
+        # The time at which the access token expires.
+        # The value is represented in milliseconds since the Unix epoch (1970-01-01).
+        # 
+        field :expires_at, Crystalline::Nilable.new(::Integer), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('expiresAt') } }
+        # The subject who is associated with the access token.
+        # The value of this property is `null` if the access token was issued using the flow of [Client Credentials Grant](tools.ietf.org/html/rfc6749#section-4.4).
+        # 
+        field :subject, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('subject') } }
+        # The scopes covered by the access token.
+        # 
+        field :scopes, Crystalline::Nilable.new(Crystalline::Array.new(::String)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('scopes') } }
+        # `true` if the access token exists.
+        # 
+        field :existent, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('existent') } }
+        # true` if the access token is usable (= exists and has not expired).
+        # 
+        field :usable, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('usable') } }
+        # `true` if the access token exists.
+        # 
+        field :sufficient, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('sufficient') } }
+        # `true` if the access token can be refreshed using the associated refresh token which had been issued
+        # along with the access token. `false` if the refresh token for the access token has expired or the access
+        # token has no associated refresh token.
+        # 
+        field :refreshable, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('refreshable') } }
+        # The extra properties associated with the access token.
+        field :properties, Crystalline::Nilable.new(Crystalline::Array.new(Models::Components::Property)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('properties') } }
+        # The client certificate thumbprint used to validate the access token.
+        # 
+        field :certificate_thumbprint, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('certificateThumbprint') } }
+        # The target resources. This represents the resources specified by the `resource` request parameters
+        # or by the `resource` property in the request object.
+        # 
+        # See "Resource Indicators for OAuth 2.0" for details.
+        # 
+        field :resources, Crystalline::Nilable.new(Crystalline::Array.new(::String)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('resources') } }
+        # The target resources this proeprty holds may be the same as or different from the ones `resource` property holds.
+        # 
+        # In some flows, the initial request and the subsequent token request are sent to different endpoints.
+        # Example flows are the Authorization Code Flow, the Refresh Token Flow, the CIBA Ping Mode, the CIBA Poll Mode and the Device Flow.
+        # In these flows, not only the initial request but also the subsequent token request can include the `resource` request parameters.
+        # The purpose of the `resource` request parameters in the token request is to narrow the range of the target resources from the original
+        # set of target resources requested by the preceding initial request. If narrowing down is performed, the target resources holded by the
+        # `resource` proeprty and the ones holded by this property are different. This property holds the narrowed set of target resources.
+        # 
+        # See "Resource Indicators for OAuth 2.0" for details.
+        # 
+        field :access_token_resources, Crystalline::Nilable.new(Crystalline::Array.new(::String)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('accessTokenResources') } }
+        # The authorization details. This represents the value of the `authorization_details`
+        # request parameter in the preceding device authorization request which is defined in
+        # "OAuth 2.0 Rich Authorization Requests".
+        # 
+        field :authorization_details, Crystalline::Nilable.new(Models::Components::AuthzDetails), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('authorizationDetails') } }
+        # The attributes of this service that the client application belongs to.
+        # 
+        field :service_attributes, Crystalline::Nilable.new(Crystalline::Array.new(Models::Components::Pair)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('serviceAttributes') } }
+        # The attributes of the client.
+        # 
+        field :client_attributes, Crystalline::Nilable.new(Crystalline::Array.new(Models::Components::Pair)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('clientAttributes') } }
+        # The scopes property of this class is a list of scope names. The property does not hold information
+        # about scope attributes. This scopeDetails property was newly created to convey information about
+        # scope attributes.
+        # 
+        field :scope_details, Crystalline::Nilable.new(Crystalline::Array.new(Models::Components::Scope)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('scopeDetails') } }
+        # The value of the `grant_id` request parameter of the device authorization request.
+        # 
+        # The `grant_id` request parameter is defined in
+        # [Grant Management for OAuth 2.0](https://openid.net/specs/fapi-grant-management.html)
+        # , which is supported by Authlete 2.3 and newer versions.
+        # 
+        field :grant_id, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('grantId') } }
+
+        field :grant, Crystalline::Nilable.new(Models::Components::Grant), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('grant') } }
+        # the flag which indicates whether the access token is for an external
+        # attachment.
+        # 
+        field :for_external_attachment, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('forExternalAttachment') } }
+        # the claims that the user has consented for the client application
+        # to know.
+        # 
+        field :consented_claims, Crystalline::Nilable.new(Crystalline::Array.new(::String)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('consentedClaims') } }
+        # The grant type of the access token when the access token was created.
+        # 
+        field :grant_type, Crystalline::Nilable.new(Models::Components::GrantType), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('grantType'), 'decoder': Utils.enum_from_string(Models::Components::GrantType, true) } }
+        # The Authentication Context Class Reference of the user authentication that the authorization server performed
+        # during the course of issuing the access token.
+        # 
+        field :acr, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('acr') } }
+        # The time when the user authentication was performed during the course of issuing the access token.
+        # 
+        field :auth_time, Crystalline::Nilable.new(::Integer), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('authTime') } }
+        # The entity ID of the client.
+        # 
+        field :client_entity_id, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('clientEntityId') } }
+        # Flag which indicates whether the entity ID of the client was used when the request for the access token was made.
+        # 
+        field :client_entity_id_used, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('clientEntityIdUsed') } }
+        # The flag indicating whether the token is for credential issuance.
+        field :for_credential_issuance, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('forCredentialIssuance') } }
+        # The c_nonce
+        field :cnonce, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('cnonce') } }
+        # The time at which the `c_nonce` expires.
+        field :cnonce_expires_at, Crystalline::Nilable.new(::Integer), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('cnonceExpiresAt') } }
+        # The credentials that can be obtained by presenting the access token.
+        field :issuable_credentials, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('issuableCredentials') } }
+        # The expected nonce value for DPoP proof JWT, which should be used
+        # as the value of the `DPoP-Nonce` HTTP header.
+        # 
+        field :dpop_nonce, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('dpopNonce') } }
+        # The flag indicating whether the HTTP response from the protected resource endpoint must include
+        # an HTTP message signature ([RFC 9421 HTTP Message Signatures](https://www.rfc-editor.org/rfc/rfc9421.html))
+        # in compliance with [FAPI 2.0 Message Signing](https://openid.bitbucket.io/fapi/fapi-2_0-message-signing.html).
+        # 
+        # When this response parameter is `true`, the HTTP response from the protected resource endpoint
+        # must include the `Signature` and `Signature-Input` HTTP fields.
+        # 
+        field :response_signing_required, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('responseSigningRequired') } }
+        # The location of the client's metadata document that was used to resolve client metadata.
+        # 
+        # This property is set when client metadata was retrieved via the [OAuth Client ID Metadata Document](https://datatracker.ietf.org/doc/draft-ietf-oauth-client-id-metadata-document/) (CIMD) mechanism.
+        # 
+        field :metadata_document_location, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('metadataDocumentLocation') } }
+        # Flag indicating whether a metadata document was used to resolve client metadata for this request.
+        # 
+        # When `true`, the client metadata was retrieved via the CIMD mechanism rather than from the Authlete database.
+        # 
+        field :metadata_document_used, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('metadataDocumentUsed') } }
+
+        sig { params(result_code: T.nilable(::String), result_message: T.nilable(::String), action: T.nilable(Models::Components::IntrospectionResponseAction), response_content: T.nilable(::String), client_id: T.nilable(::Integer), client_id_alias: T.nilable(::String), client_id_alias_used: T.nilable(T::Boolean), expires_at: T.nilable(::Integer), subject: T.nilable(::String), scopes: T.nilable(T::Array[::String]), existent: T.nilable(T::Boolean), usable: T.nilable(T::Boolean), sufficient: T.nilable(T::Boolean), refreshable: T.nilable(T::Boolean), properties: T.nilable(T::Array[Models::Components::Property]), certificate_thumbprint: T.nilable(::String), resources: T.nilable(T::Array[::String]), access_token_resources: T.nilable(T::Array[::String]), authorization_details: T.nilable(Models::Components::AuthzDetails), service_attributes: T.nilable(T::Array[Models::Components::Pair]), client_attributes: T.nilable(T::Array[Models::Components::Pair]), scope_details: T.nilable(T::Array[Models::Components::Scope]), grant_id: T.nilable(::String), grant: T.nilable(Models::Components::Grant), for_external_attachment: T.nilable(T::Boolean), consented_claims: T.nilable(T::Array[::String]), grant_type: T.nilable(Models::Components::GrantType), acr: T.nilable(::String), auth_time: T.nilable(::Integer), client_entity_id: T.nilable(::String), client_entity_id_used: T.nilable(T::Boolean), for_credential_issuance: T.nilable(T::Boolean), cnonce: T.nilable(::String), cnonce_expires_at: T.nilable(::Integer), issuable_credentials: T.nilable(::String), dpop_nonce: T.nilable(::String), response_signing_required: T.nilable(T::Boolean), metadata_document_location: T.nilable(::String), metadata_document_used: T.nilable(T::Boolean)).void }
+        def initialize(result_code: nil, result_message: nil, action: nil, response_content: nil, client_id: nil, client_id_alias: nil, client_id_alias_used: nil, expires_at: nil, subject: nil, scopes: nil, existent: nil, usable: nil, sufficient: nil, refreshable: nil, properties: nil, certificate_thumbprint: nil, resources: nil, access_token_resources: nil, authorization_details: nil, service_attributes: nil, client_attributes: nil, scope_details: nil, grant_id: nil, grant: nil, for_external_attachment: nil, consented_claims: nil, grant_type: nil, acr: nil, auth_time: nil, client_entity_id: nil, client_entity_id_used: nil, for_credential_issuance: nil, cnonce: nil, cnonce_expires_at: nil, issuable_credentials: nil, dpop_nonce: nil, response_signing_required: nil, metadata_document_location: nil, metadata_document_used: nil)
+          @result_code = result_code
+          @result_message = result_message
+          @action = action
+          @response_content = response_content
+          @client_id = client_id
+          @client_id_alias = client_id_alias
+          @client_id_alias_used = client_id_alias_used
+          @expires_at = expires_at
+          @subject = subject
+          @scopes = scopes
+          @existent = existent
+          @usable = usable
+          @sufficient = sufficient
+          @refreshable = refreshable
+          @properties = properties
+          @certificate_thumbprint = certificate_thumbprint
+          @resources = resources
+          @access_token_resources = access_token_resources
+          @authorization_details = authorization_details
+          @service_attributes = service_attributes
+          @client_attributes = client_attributes
+          @scope_details = scope_details
+          @grant_id = grant_id
+          @grant = grant
+          @for_external_attachment = for_external_attachment
+          @consented_claims = consented_claims
+          @grant_type = grant_type
+          @acr = acr
+          @auth_time = auth_time
+          @client_entity_id = client_entity_id
+          @client_entity_id_used = client_entity_id_used
+          @for_credential_issuance = for_credential_issuance
+          @cnonce = cnonce
+          @cnonce_expires_at = cnonce_expires_at
+          @issuable_credentials = issuable_credentials
+          @dpop_nonce = dpop_nonce
+          @response_signing_required = response_signing_required
+          @metadata_document_location = metadata_document_location
+          @metadata_document_used = metadata_document_used
+        end
+
+        sig { params(other: T.untyped).returns(T::Boolean) }
+        def ==(other)
+          return false unless other.is_a? self.class
+          return false unless @result_code == other.result_code
+          return false unless @result_message == other.result_message
+          return false unless @action == other.action
+          return false unless @response_content == other.response_content
+          return false unless @client_id == other.client_id
+          return false unless @client_id_alias == other.client_id_alias
+          return false unless @client_id_alias_used == other.client_id_alias_used
+          return false unless @expires_at == other.expires_at
+          return false unless @subject == other.subject
+          return false unless @scopes == other.scopes
+          return false unless @existent == other.existent
+          return false unless @usable == other.usable
+          return false unless @sufficient == other.sufficient
+          return false unless @refreshable == other.refreshable
+          return false unless @properties == other.properties
+          return false unless @certificate_thumbprint == other.certificate_thumbprint
+          return false unless @resources == other.resources
+          return false unless @access_token_resources == other.access_token_resources
+          return false unless @authorization_details == other.authorization_details
+          return false unless @service_attributes == other.service_attributes
+          return false unless @client_attributes == other.client_attributes
+          return false unless @scope_details == other.scope_details
+          return false unless @grant_id == other.grant_id
+          return false unless @grant == other.grant
+          return false unless @for_external_attachment == other.for_external_attachment
+          return false unless @consented_claims == other.consented_claims
+          return false unless @grant_type == other.grant_type
+          return false unless @acr == other.acr
+          return false unless @auth_time == other.auth_time
+          return false unless @client_entity_id == other.client_entity_id
+          return false unless @client_entity_id_used == other.client_entity_id_used
+          return false unless @for_credential_issuance == other.for_credential_issuance
+          return false unless @cnonce == other.cnonce
+          return false unless @cnonce_expires_at == other.cnonce_expires_at
+          return false unless @issuable_credentials == other.issuable_credentials
+          return false unless @dpop_nonce == other.dpop_nonce
+          return false unless @response_signing_required == other.response_signing_required
+          return false unless @metadata_document_location == other.metadata_document_location
+          return false unless @metadata_document_used == other.metadata_document_used
+          true
+        end
+      end
+    end
+  end
+end

data/lib/authlete/models/components/introspection_response.rbi

@@ -0,0 +1,89 @@
+# typed: true
+# frozen_string_literal: true
+
+
+class Authlete::Models::Components::IntrospectionResponse
+  extend ::Crystalline::MetadataFields::ClassMethods
+end
+
+
+class Authlete::Models::Components::IntrospectionResponse
+  def result_code(); end
+  def result_code=(str_); end
+  def result_message(); end
+  def result_message=(str_); end
+  def action(); end
+  def action=(str_); end
+  def response_content(); end
+  def response_content=(str_); end
+  def client_id(); end
+  def client_id=(str_); end
+  def client_id_alias(); end
+  def client_id_alias=(str_); end
+  def client_id_alias_used(); end
+  def client_id_alias_used=(str_); end
+  def expires_at(); end
+  def expires_at=(str_); end
+  def subject(); end
+  def subject=(str_); end
+  def scopes(); end
+  def scopes=(str_); end
+  def existent(); end
+  def existent=(str_); end
+  def usable(); end
+  def usable=(str_); end
+  def sufficient(); end
+  def sufficient=(str_); end
+  def refreshable(); end
+  def refreshable=(str_); end
+  def properties(); end
+  def properties=(str_); end
+  def certificate_thumbprint(); end
+  def certificate_thumbprint=(str_); end
+  def resources(); end
+  def resources=(str_); end
+  def access_token_resources(); end
+  def access_token_resources=(str_); end
+  def authorization_details(); end
+  def authorization_details=(str_); end
+  def service_attributes(); end
+  def service_attributes=(str_); end
+  def client_attributes(); end
+  def client_attributes=(str_); end
+  def scope_details(); end
+  def scope_details=(str_); end
+  def grant_id(); end
+  def grant_id=(str_); end
+  def grant(); end
+  def grant=(str_); end
+  def for_external_attachment(); end
+  def for_external_attachment=(str_); end
+  def consented_claims(); end
+  def consented_claims=(str_); end
+  def grant_type(); end
+  def grant_type=(str_); end
+  def acr(); end
+  def acr=(str_); end
+  def auth_time(); end
+  def auth_time=(str_); end
+  def client_entity_id(); end
+  def client_entity_id=(str_); end
+  def client_entity_id_used(); end
+  def client_entity_id_used=(str_); end
+  def for_credential_issuance(); end
+  def for_credential_issuance=(str_); end
+  def cnonce(); end
+  def cnonce=(str_); end
+  def cnonce_expires_at(); end
+  def cnonce_expires_at=(str_); end
+  def issuable_credentials(); end
+  def issuable_credentials=(str_); end
+  def dpop_nonce(); end
+  def dpop_nonce=(str_); end
+  def response_signing_required(); end
+  def response_signing_required=(str_); end
+  def metadata_document_location(); end
+  def metadata_document_location=(str_); end
+  def metadata_document_used(); end
+  def metadata_document_used=(str_); end
+end

data/lib/authlete/models/components/introspection_response_action.rb

@@ -0,0 +1,25 @@
+# Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+
+# typed: true
+# frozen_string_literal: true
+
+
+module Authlete
+  module Models
+    module Components
+    
+      # IntrospectionResponseAction - The next action that the authorization server implementation should take.
+      class IntrospectionResponseAction < T::Enum
+
+
+        enums do
+          INTERNAL_SERVER_ERROR = new('INTERNAL_SERVER_ERROR')
+          BAD_REQUEST = new('BAD_REQUEST')
+          UNAUTHORIZED = new('UNAUTHORIZED')
+          FORBIDDEN = new('FORBIDDEN')
+          OK = new('OK')
+        end
+      end
+    end
+  end
+end

data/lib/authlete/models/components/introspection_response_action.rbi

@@ -0,0 +1,11 @@
+# typed: true
+# frozen_string_literal: true
+
+
+class Authlete::Models::Components::IntrospectionResponseAction
+  extend ::Crystalline::MetadataFields::ClassMethods
+end
+
+
+class Authlete::Models::Components::IntrospectionResponseAction
+end

data/lib/authlete/models/components/jose_verify_request.rb

@@ -0,0 +1,56 @@
+# Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+
+# typed: true
+# frozen_string_literal: true
+
+
+module Authlete
+  module Models
+    module Components
+    
+
+      class JoseVerifyRequest
+        extend T::Sig
+        include Crystalline::MetadataFields
+
+        # A JOSE object.
+        # 
+        field :jose, ::String, { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('jose'), required: true }, 'form': { 'field_name': 'jose' } }
+        # Mandatory claims that are required to be included in the JOSE object.
+        # 
+        field :mandatory_claims, Crystalline::Nilable.new(Crystalline::Array.new(::String)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('mandatoryClaims') }, 'form': { 'field_name': 'mandatoryClaims' } }
+        # Allowable clock skew in seconds.
+        # 
+        field :clock_skew, Crystalline::Nilable.new(::Integer), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('clockSkew') }, 'form': { 'field_name': 'clockSkew' } }
+        # The identifier of the client application whose keys are required for verification of the JOSE
+        # object.
+        # 
+        field :client_identifier, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('clientIdentifier') }, 'form': { 'field_name': 'clientIdentifier' } }
+        # The flag which indicates whether the signature of the JOSE object has been signed by a client
+        # application with the client's private key or a shared symmetric key.
+        # 
+        field :signed_by_client, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('signedByClient') }, 'form': { 'field_name': 'signedByClient' } }
+
+        sig { params(jose: ::String, mandatory_claims: T.nilable(T::Array[::String]), clock_skew: T.nilable(::Integer), client_identifier: T.nilable(::String), signed_by_client: T.nilable(T::Boolean)).void }
+        def initialize(jose:, mandatory_claims: nil, clock_skew: nil, client_identifier: nil, signed_by_client: nil)
+          @jose = jose
+          @mandatory_claims = mandatory_claims
+          @clock_skew = clock_skew
+          @client_identifier = client_identifier
+          @signed_by_client = signed_by_client
+        end
+
+        sig { params(other: T.untyped).returns(T::Boolean) }
+        def ==(other)
+          return false unless other.is_a? self.class
+          return false unless @jose == other.jose
+          return false unless @mandatory_claims == other.mandatory_claims
+          return false unless @clock_skew == other.clock_skew
+          return false unless @client_identifier == other.client_identifier
+          return false unless @signed_by_client == other.signed_by_client
+          true
+        end
+      end
+    end
+  end
+end

data/lib/authlete/models/components/jose_verify_request.rbi

@@ -0,0 +1,21 @@
+# typed: true
+# frozen_string_literal: true
+
+
+class Authlete::Models::Components::JoseVerifyRequest
+  extend ::Crystalline::MetadataFields::ClassMethods
+end
+
+
+class Authlete::Models::Components::JoseVerifyRequest
+  def jose(); end
+  def jose=(str_); end
+  def mandatory_claims(); end
+  def mandatory_claims=(str_); end
+  def clock_skew(); end
+  def clock_skew=(str_); end
+  def client_identifier(); end
+  def client_identifier=(str_); end
+  def signed_by_client(); end
+  def signed_by_client=(str_); end
+end

data/lib/authlete/models/components/jose_verify_response.rb

@@ -0,0 +1,62 @@
+# Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+
+# typed: true
+# frozen_string_literal: true
+
+
+module Authlete
+  module Models
+    module Components
+    
+
+      class JoseVerifyResponse
+        extend T::Sig
+        include Crystalline::MetadataFields
+
+        # The code which represents the result of the API call.
+        field :result_code, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('resultCode') } }
+        # A short message which explains the result of the API call.
+        field :result_message, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('resultMessage') } }
+        # The result of the verification on the JOSE object.
+        # 
+        field :valid, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('valid') } }
+        # The result of the signature verification.
+        # 
+        field :signature_valid, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('signatureValid') } }
+        # The list of missing claims.
+        # 
+        field :missing_claims, Crystalline::Nilable.new(Crystalline::Array.new(::String)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('missingClaims') } }
+        # The list of invalid claims.
+        # 
+        field :invalid_claims, Crystalline::Nilable.new(Crystalline::Array.new(::String)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('invalidClaims') } }
+        # The list of error messages.
+        # 
+        field :error_descriptions, Crystalline::Nilable.new(Crystalline::Array.new(::String)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('errorDescriptions') } }
+
+        sig { params(result_code: T.nilable(::String), result_message: T.nilable(::String), valid: T.nilable(T::Boolean), signature_valid: T.nilable(T::Boolean), missing_claims: T.nilable(T::Array[::String]), invalid_claims: T.nilable(T::Array[::String]), error_descriptions: T.nilable(T::Array[::String])).void }
+        def initialize(result_code: nil, result_message: nil, valid: nil, signature_valid: nil, missing_claims: nil, invalid_claims: nil, error_descriptions: nil)
+          @result_code = result_code
+          @result_message = result_message
+          @valid = valid
+          @signature_valid = signature_valid
+          @missing_claims = missing_claims
+          @invalid_claims = invalid_claims
+          @error_descriptions = error_descriptions
+        end
+
+        sig { params(other: T.untyped).returns(T::Boolean) }
+        def ==(other)
+          return false unless other.is_a? self.class
+          return false unless @result_code == other.result_code
+          return false unless @result_message == other.result_message
+          return false unless @valid == other.valid
+          return false unless @signature_valid == other.signature_valid
+          return false unless @missing_claims == other.missing_claims
+          return false unless @invalid_claims == other.invalid_claims
+          return false unless @error_descriptions == other.error_descriptions
+          true
+        end
+      end
+    end
+  end
+end

data/lib/authlete/models/components/jose_verify_response.rbi

@@ -0,0 +1,25 @@
+# typed: true
+# frozen_string_literal: true
+
+
+class Authlete::Models::Components::JoseVerifyResponse
+  extend ::Crystalline::MetadataFields::ClassMethods
+end
+
+
+class Authlete::Models::Components::JoseVerifyResponse
+  def result_code(); end
+  def result_code=(str_); end
+  def result_message(); end
+  def result_message=(str_); end
+  def valid(); end
+  def valid=(str_); end
+  def signature_valid(); end
+  def signature_valid=(str_); end
+  def missing_claims(); end
+  def missing_claims=(str_); end
+  def invalid_claims(); end
+  def invalid_claims=(str_); end
+  def error_descriptions(); end
+  def error_descriptions=(str_); end
+end

data/lib/authlete/models/components/jwe_alg.rb

@@ -0,0 +1,44 @@
+# Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+
+# typed: true
+# frozen_string_literal: true
+
+
+module Authlete
+  module Models
+    module Components
+    
+      # JweAlg - this is the 'alg' header value for encrypted JWT tokens.
+      # Depending upon the context, this refers to key transport scheme to be used by the client and by the server. For instance:
+      # - as `authorizationEncryptionAlg` value, it refers to the encoding algorithm used by server for transporting they keys on JARM objects
+      # - as `requestEncryptionAlg` value, it refers to the expected key transport encoding algorithm that server expect from client when encrypting a Request Object
+      # - as `idTokenEncryptionAlg` value, it refers to the algorithm used by the server to key transport of id_tokens
+      # 
+      # **Please note that some of the algorithms are more secure than others, some are not supported very well cross platforms and some (like RSA1_5) is known to be weak**.
+      # 
+      class JweAlg < T::Enum
+
+
+        enums do
+          RSA1_5 = new('RSA1_5')
+          RSA_OAEP = new('RSA_OAEP')
+          RSA_OAEP_256 = new('RSA_OAEP_256')
+          A128_KW = new('A128KW')
+          A192_KW = new('A192KW')
+          A256_KW = new('A256KW')
+          DIR = new('DIR')
+          ECDH_ES = new('ECDH_ES')
+          ECDH_ES_A128_KW = new('ECDH_ES_A128KW')
+          ECDH_ES_A192_KW = new('ECDH_ES_A192KW')
+          ECDH_ES_A256_KW = new('ECDH_ES_A256KW')
+          A128_GCMKW = new('A128GCMKW')
+          A192_GCMKW = new('A192GCMKW')
+          A256_GCMKW = new('A256GCMKW')
+          PBES2_HS256_A128_KW = new('PBES2_HS256_A128KW')
+          PBES2_HS384_A192_KW = new('PBES2_HS384_A192KW')
+          PBES2_HS512_A256_KW = new('PBES2_HS512_A256KW')
+        end
+      end
+    end
+  end
+end

data/lib/authlete/models/components/jwe_alg.rbi

@@ -0,0 +1,11 @@
+# typed: true
+# frozen_string_literal: true
+
+
+class Authlete::Models::Components::JweAlg
+  extend ::Crystalline::MetadataFields::ClassMethods
+end
+
+
+class Authlete::Models::Components::JweAlg
+end

data/lib/authlete/models/components/jwe_enc.rb

@@ -0,0 +1,31 @@
+# Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+
+# typed: true
+# frozen_string_literal: true
+
+
+module Authlete
+  module Models
+    module Components
+    
+      # JweEnc - This is the encryption algorithm to be used when encrypting a JWT on client or server side.
+      # Depending upon the context, this refers to encryption done by the client or by the server. For instance:
+      #   - as `authorizationEncryptionEnc` value, it refers to the encryption algorithm used by server when creating a JARM response
+      #   - as `requestEncryptionEnc` value, it refers to the expected encryption algorithm used by the client when encrypting a Request Object
+      #   - as `idTokenEncryptionEnc` value, it refers to the algorithm used by the server to encrypt id_tokens
+      # 
+      class JweEnc < T::Enum
+
+
+        enums do
+          A128_CBC_HS256 = new('A128CBC_HS256')
+          A192_CBC_HS384 = new('A192CBC_HS384')
+          A256_CBC_HS512 = new('A256CBC_HS512')
+          A128_GCM = new('A128GCM')
+          A192_GCM = new('A192GCM')
+          A256_GCM = new('A256GCM')
+        end
+      end
+    end
+  end
+end

data/lib/authlete/models/components/jwe_enc.rbi

@@ -0,0 +1,11 @@
+# typed: true
+# frozen_string_literal: true
+
+
+class Authlete::Models::Components::JweEnc
+  extend ::Crystalline::MetadataFields::ClassMethods
+end
+
+
+class Authlete::Models::Components::JweEnc
+end