authlete_ruby_test 0.0.1.beta

data/lib/authlete/models/components/token_type.rb

@@ -0,0 +1,32 @@
+# Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+
+# typed: true
+# frozen_string_literal: true
+
+
+module Authlete
+  module Models
+    module Components
+    
+      # TokenType - The token type identifier used in OAuth 2.0 Token Exchange (RFC 8693).
+      # The API returns short codes (enum constant names) in response fields.
+      # 
+      class TokenType < T::Enum
+
+
+        enums do
+          JWT = new('JWT')
+          ACCESS_TOKEN = new('ACCESS_TOKEN')
+          REFRESH_TOKEN = new('REFRESH_TOKEN')
+          ID_TOKEN = new('ID_TOKEN')
+          SAML1 = new('SAML1')
+          SAML2 = new('SAML2')
+          DEVICE_SECRET = new('DEVICE_SECRET')
+          DEVICE_CODE = new('DEVICE_CODE')
+          TOKEN_EXCHANGE = new('TOKEN_EXCHANGE')
+          JWT_BEARER = new('JWT_BEARER')
+        end
+      end
+    end
+  end
+end

data/lib/authlete/models/components/token_type.rbi

@@ -0,0 +1,11 @@
+# typed: true
+# frozen_string_literal: true
+
+
+class Authlete::Models::Components::TokenType
+  extend ::Crystalline::MetadataFields::ClassMethods
+end
+
+
+class Authlete::Models::Components::TokenType
+end

data/lib/authlete/models/components/token_update_request.rb

@@ -0,0 +1,133 @@
+# Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+
+# typed: true
+# frozen_string_literal: true
+
+
+module Authlete
+  module Models
+    module Components
+    
+
+      class TokenUpdateRequest
+        extend T::Sig
+        include Crystalline::MetadataFields
+
+        # An access token.
+        # 
+        field :access_token, ::String, { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('accessToken'), required: true }, 'form': { 'field_name': 'accessToken' } }
+        # A new date at which the access token will expire in milliseconds since the Unix epoch (1970-01-01).
+        # If the `accessTokenExpiresAt` request parameter is not included in a request or its value is 0
+        # (or negative), the expiration date of the access token is not changed.
+        # 
+        field :access_token_expires_at, Crystalline::Nilable.new(::Integer), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('accessTokenExpiresAt') }, 'form': { 'field_name': 'accessTokenExpiresAt' } }
+        # A new set of scopes assigned to the access token. Scopes that are not supported by the service
+        # and those that the client application associated with the access token is not allowed to request
+        # are ignored on the server side. If the `scopes` request parameter is not included in a request or
+        # its value is `null`, the scopes of the access token are not changed. Note that `properties` parameter
+        # is accepted only when `Content-Type` of the request is `application/json`, so don't use `application/x-www-form-urlencoded`
+        # if you want to specify `properties`.
+        # 
+        field :scopes, Crystalline::Nilable.new(Crystalline::Array.new(::String)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('scopes') }, 'form': { 'field_name': 'scopes' } }
+        # A new set of properties assigned to the access token. If the `properties` request parameter is
+        # not included in a request or its value is null, the properties of the access token are not changed.
+        # 
+        field :properties, Crystalline::Nilable.new(Crystalline::Array.new(Models::Components::Property)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('properties') }, 'form': { 'field_name': 'properties', 'json': true } }
+        # A boolean request parameter which indicates whether the API attempts to update the expiration
+        # date of the access token when the scopes linked to the access token are changed by this request.
+        # 
+        field :access_token_expires_at_updated_on_scope_update, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('accessTokenExpiresAtUpdatedOnScopeUpdate') }, 'form': { 'field_name': 'accessTokenExpiresAtUpdatedOnScopeUpdate' } }
+        # The hash of the access token value. Used when the hash of the token is known (perhaps from lookup)
+        # but the value of the token itself is not. The value of the `accessToken` parameter takes precedence.
+        # 
+        field :access_token_hash, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('accessTokenHash') }, 'form': { 'field_name': 'accessTokenHash' } }
+        # A boolean request parameter which indicates whether to update the value of the access token in
+        # the data store. If this parameter is set to `true` then a new access token value is generated
+        # by the server and returned in the response.
+        # 
+        field :access_token_value_updated, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('accessTokenValueUpdated') }, 'form': { 'field_name': 'accessTokenValueUpdated' } }
+        # The flag which indicates whether the access token expires or not. By default, all access tokens
+        # expire after a period of time determined by their service. If this request parameter is `true`
+        # then the access token will not automatically expire and must be revoked or deleted manually at
+        # the service.
+        # 
+        # If this request parameter is `true`, the `accessTokenExpiresAt` request parameter is ignored.
+        # If this request parameter is `false`, the `accessTokenExpiresAt` request parameter is processed
+        # normally.
+        # 
+        field :access_token_persistent, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('accessTokenPersistent') }, 'form': { 'field_name': 'accessTokenPersistent' } }
+        # The thumbprint of the MTLS certificate bound to this token. If this property is set, a certificate
+        # with the corresponding value MUST be presented with the access token when it is used by a client.
+        # The value of this property must be a SHA256 certificate thumbprint, base64url encoded.
+        # 
+        field :certificate_thumbprint, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('certificateThumbprint') }, 'form': { 'field_name': 'certificateThumbprint' } }
+        # The thumbprint of the public key used for DPoP presentation of this token. If this property is
+        # set, a DPoP proof signed with the corresponding private key MUST be presented with the access
+        # token when it is used by a client. Additionally, the token's `token_type` will be set to 'DPoP'.
+        # 
+        field :dpop_key_thumbprint, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('dpopKeyThumbprint') }, 'form': { 'field_name': 'dpopKeyThumbprint' } }
+        # The authorization details. This represents the value of the `authorization_details`
+        # request parameter in the preceding device authorization request which is defined in
+        # "OAuth 2.0 Rich Authorization Requests".
+        # 
+        field :authorization_details, Crystalline::Nilable.new(Models::Components::AuthzDetails), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('authorizationDetails') }, 'form': { 'field_name': 'authorizationDetails', 'json': true } }
+        # the flag which indicates whether the access token is for an external
+        # attachment.
+        # 
+        field :for_external_attachment, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('forExternalAttachment') }, 'form': { 'field_name': 'forExternalAttachment' } }
+        # A new date at which the access token will expire in milliseconds since the Unix epoch (1970-01-01).
+        # If the `refreshTokenExpiresAt` request parameter is not included in a request or its value is 0
+        # (or negative), the expiration date of the refresh token is not changed.
+        # 
+        field :refresh_token_expires_at, Crystalline::Nilable.new(::Integer), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('refreshTokenExpiresAt') }, 'form': { 'field_name': 'refreshTokenExpiresAt' } }
+        # A boolean request parameter which indicates whether the API attempts to update the expiration
+        # date of the refresh token when the scopes linked to the refresh token are changed by this request.
+        # 
+        field :refresh_token_expires_at_updated_on_scope_update, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('refreshTokenExpiresAtUpdatedOnScopeUpdate') }, 'form': { 'field_name': 'refreshTokenExpiresAtUpdatedOnScopeUpdate' } }
+        # The token identifier.
+        # 
+        field :token_id, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('tokenId') }, 'form': { 'field_name': 'tokenId' } }
+
+        sig { params(access_token: ::String, access_token_expires_at: T.nilable(::Integer), scopes: T.nilable(T::Array[::String]), properties: T.nilable(T::Array[Models::Components::Property]), access_token_expires_at_updated_on_scope_update: T.nilable(T::Boolean), access_token_hash: T.nilable(::String), access_token_value_updated: T.nilable(T::Boolean), access_token_persistent: T.nilable(T::Boolean), certificate_thumbprint: T.nilable(::String), dpop_key_thumbprint: T.nilable(::String), authorization_details: T.nilable(Models::Components::AuthzDetails), for_external_attachment: T.nilable(T::Boolean), refresh_token_expires_at: T.nilable(::Integer), refresh_token_expires_at_updated_on_scope_update: T.nilable(T::Boolean), token_id: T.nilable(::String)).void }
+        def initialize(access_token:, access_token_expires_at: nil, scopes: nil, properties: nil, access_token_expires_at_updated_on_scope_update: nil, access_token_hash: nil, access_token_value_updated: nil, access_token_persistent: nil, certificate_thumbprint: nil, dpop_key_thumbprint: nil, authorization_details: nil, for_external_attachment: nil, refresh_token_expires_at: nil, refresh_token_expires_at_updated_on_scope_update: nil, token_id: nil)
+          @access_token = access_token
+          @access_token_expires_at = access_token_expires_at
+          @scopes = scopes
+          @properties = properties
+          @access_token_expires_at_updated_on_scope_update = access_token_expires_at_updated_on_scope_update
+          @access_token_hash = access_token_hash
+          @access_token_value_updated = access_token_value_updated
+          @access_token_persistent = access_token_persistent
+          @certificate_thumbprint = certificate_thumbprint
+          @dpop_key_thumbprint = dpop_key_thumbprint
+          @authorization_details = authorization_details
+          @for_external_attachment = for_external_attachment
+          @refresh_token_expires_at = refresh_token_expires_at
+          @refresh_token_expires_at_updated_on_scope_update = refresh_token_expires_at_updated_on_scope_update
+          @token_id = token_id
+        end
+
+        sig { params(other: T.untyped).returns(T::Boolean) }
+        def ==(other)
+          return false unless other.is_a? self.class
+          return false unless @access_token == other.access_token
+          return false unless @access_token_expires_at == other.access_token_expires_at
+          return false unless @scopes == other.scopes
+          return false unless @properties == other.properties
+          return false unless @access_token_expires_at_updated_on_scope_update == other.access_token_expires_at_updated_on_scope_update
+          return false unless @access_token_hash == other.access_token_hash
+          return false unless @access_token_value_updated == other.access_token_value_updated
+          return false unless @access_token_persistent == other.access_token_persistent
+          return false unless @certificate_thumbprint == other.certificate_thumbprint
+          return false unless @dpop_key_thumbprint == other.dpop_key_thumbprint
+          return false unless @authorization_details == other.authorization_details
+          return false unless @for_external_attachment == other.for_external_attachment
+          return false unless @refresh_token_expires_at == other.refresh_token_expires_at
+          return false unless @refresh_token_expires_at_updated_on_scope_update == other.refresh_token_expires_at_updated_on_scope_update
+          return false unless @token_id == other.token_id
+          true
+        end
+      end
+    end
+  end
+end

data/lib/authlete/models/components/token_update_request.rbi

@@ -0,0 +1,41 @@
+# typed: true
+# frozen_string_literal: true
+
+
+class Authlete::Models::Components::TokenUpdateRequest
+  extend ::Crystalline::MetadataFields::ClassMethods
+end
+
+
+class Authlete::Models::Components::TokenUpdateRequest
+  def access_token(); end
+  def access_token=(str_); end
+  def access_token_expires_at(); end
+  def access_token_expires_at=(str_); end
+  def scopes(); end
+  def scopes=(str_); end
+  def properties(); end
+  def properties=(str_); end
+  def access_token_expires_at_updated_on_scope_update(); end
+  def access_token_expires_at_updated_on_scope_update=(str_); end
+  def access_token_hash(); end
+  def access_token_hash=(str_); end
+  def access_token_value_updated(); end
+  def access_token_value_updated=(str_); end
+  def access_token_persistent(); end
+  def access_token_persistent=(str_); end
+  def certificate_thumbprint(); end
+  def certificate_thumbprint=(str_); end
+  def dpop_key_thumbprint(); end
+  def dpop_key_thumbprint=(str_); end
+  def authorization_details(); end
+  def authorization_details=(str_); end
+  def for_external_attachment(); end
+  def for_external_attachment=(str_); end
+  def refresh_token_expires_at(); end
+  def refresh_token_expires_at=(str_); end
+  def refresh_token_expires_at_updated_on_scope_update(); end
+  def refresh_token_expires_at_updated_on_scope_update=(str_); end
+  def token_id(); end
+  def token_id=(str_); end
+end

data/lib/authlete/models/components/token_update_response.rb

@@ -0,0 +1,89 @@
+# Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+
+# typed: true
+# frozen_string_literal: true
+
+
+module Authlete
+  module Models
+    module Components
+    
+
+      class TokenUpdateResponse
+        extend T::Sig
+        include Crystalline::MetadataFields
+
+        # The code which represents the result of the API call.
+        field :result_code, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('resultCode') } }
+        # A short message which explains the result of the API call.
+        field :result_message, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('resultMessage') } }
+        # The next action that the authorization server implementation should take.
+        field :action, Crystalline::Nilable.new(Models::Components::TokenUpdateResponseAction), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('action'), 'decoder': Utils.enum_from_string(Models::Components::TokenUpdateResponseAction, true) } }
+        # The access token which has been specified by the request.
+        field :access_token, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('accessToken') } }
+        # The date at which the access token will expire.
+        # 
+        field :access_token_expires_at, Crystalline::Nilable.new(::Integer), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('accessTokenExpiresAt') } }
+        # The extra properties associated with the access token.
+        # 
+        field :properties, Crystalline::Nilable.new(Crystalline::Array.new(Models::Components::Property)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('properties') } }
+        # The scopes associated with the access token.
+        # 
+        field :scopes, Crystalline::Nilable.new(Crystalline::Array.new(::String)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('scopes') } }
+        # The authorization details. This represents the value of the `authorization_details`
+        # request parameter in the preceding device authorization request which is defined in
+        # "OAuth 2.0 Rich Authorization Requests".
+        # 
+        field :authorization_details, Crystalline::Nilable.new(Models::Components::AuthzDetails), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('authorizationDetails') } }
+        # The token type associated with the access token.
+        # 
+        field :token_type, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('tokenType') } }
+        # the flag which indicates whether the access token is for an external
+        # attachment.
+        # 
+        field :for_external_attachment, Crystalline::Nilable.new(Crystalline::Boolean.new), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('forExternalAttachment') } }
+        # Set the unique token identifier.
+        # 
+        field :token_id, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('tokenId') } }
+        # The datetime at which the newly issued refresh token will expire.
+        # The value is represented in milliseconds since the Unix epoch (1970-01-01).
+        # 
+        field :refresh_token_expires_at, Crystalline::Nilable.new(::Integer), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('refreshTokenExpiresAt') } }
+
+        sig { params(result_code: T.nilable(::String), result_message: T.nilable(::String), action: T.nilable(Models::Components::TokenUpdateResponseAction), access_token: T.nilable(::String), access_token_expires_at: T.nilable(::Integer), properties: T.nilable(T::Array[Models::Components::Property]), scopes: T.nilable(T::Array[::String]), authorization_details: T.nilable(Models::Components::AuthzDetails), token_type: T.nilable(::String), for_external_attachment: T.nilable(T::Boolean), token_id: T.nilable(::String), refresh_token_expires_at: T.nilable(::Integer)).void }
+        def initialize(result_code: nil, result_message: nil, action: nil, access_token: nil, access_token_expires_at: nil, properties: nil, scopes: nil, authorization_details: nil, token_type: nil, for_external_attachment: nil, token_id: nil, refresh_token_expires_at: nil)
+          @result_code = result_code
+          @result_message = result_message
+          @action = action
+          @access_token = access_token
+          @access_token_expires_at = access_token_expires_at
+          @properties = properties
+          @scopes = scopes
+          @authorization_details = authorization_details
+          @token_type = token_type
+          @for_external_attachment = for_external_attachment
+          @token_id = token_id
+          @refresh_token_expires_at = refresh_token_expires_at
+        end
+
+        sig { params(other: T.untyped).returns(T::Boolean) }
+        def ==(other)
+          return false unless other.is_a? self.class
+          return false unless @result_code == other.result_code
+          return false unless @result_message == other.result_message
+          return false unless @action == other.action
+          return false unless @access_token == other.access_token
+          return false unless @access_token_expires_at == other.access_token_expires_at
+          return false unless @properties == other.properties
+          return false unless @scopes == other.scopes
+          return false unless @authorization_details == other.authorization_details
+          return false unless @token_type == other.token_type
+          return false unless @for_external_attachment == other.for_external_attachment
+          return false unless @token_id == other.token_id
+          return false unless @refresh_token_expires_at == other.refresh_token_expires_at
+          true
+        end
+      end
+    end
+  end
+end

data/lib/authlete/models/components/token_update_response.rbi

@@ -0,0 +1,35 @@
+# typed: true
+# frozen_string_literal: true
+
+
+class Authlete::Models::Components::TokenUpdateResponse
+  extend ::Crystalline::MetadataFields::ClassMethods
+end
+
+
+class Authlete::Models::Components::TokenUpdateResponse
+  def result_code(); end
+  def result_code=(str_); end
+  def result_message(); end
+  def result_message=(str_); end
+  def action(); end
+  def action=(str_); end
+  def access_token(); end
+  def access_token=(str_); end
+  def access_token_expires_at(); end
+  def access_token_expires_at=(str_); end
+  def properties(); end
+  def properties=(str_); end
+  def scopes(); end
+  def scopes=(str_); end
+  def authorization_details(); end
+  def authorization_details=(str_); end
+  def token_type(); end
+  def token_type=(str_); end
+  def for_external_attachment(); end
+  def for_external_attachment=(str_); end
+  def token_id(); end
+  def token_id=(str_); end
+  def refresh_token_expires_at(); end
+  def refresh_token_expires_at=(str_); end
+end

data/lib/authlete/models/components/token_update_response_action.rb

@@ -0,0 +1,25 @@
+# Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+
+# typed: true
+# frozen_string_literal: true
+
+
+module Authlete
+  module Models
+    module Components
+    
+      # TokenUpdateResponseAction - The next action that the authorization server implementation should take.
+      class TokenUpdateResponseAction < T::Enum
+
+
+        enums do
+          INTERNAL_SERVER_ERROR = new('INTERNAL_SERVER_ERROR')
+          BAD_REQUEST = new('BAD_REQUEST')
+          FORBIDDEN = new('FORBIDDEN')
+          NOT_FOUND = new('NOT_FOUND')
+          OK = new('OK')
+        end
+      end
+    end
+  end
+end

data/lib/authlete/models/components/token_update_response_action.rbi

@@ -0,0 +1,11 @@
+# typed: true
+# frozen_string_literal: true
+
+
+class Authlete::Models::Components::TokenUpdateResponseAction
+  extend ::Crystalline::MetadataFields::ClassMethods
+end
+
+
+class Authlete::Models::Components::TokenUpdateResponseAction
+end

data/lib/authlete/models/components/trust_anchor.rb

@@ -0,0 +1,39 @@
+# Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+
+# typed: true
+# frozen_string_literal: true
+
+
+module Authlete
+  module Models
+    module Components
+    
+
+      class TrustAnchor
+        extend T::Sig
+        include Crystalline::MetadataFields
+
+        # the entity ID of the trust anchor
+        # 
+        field :entity_id, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('entityId') } }
+        # the JWK Set document containing public keys of the trust anchor
+        # 
+        field :jwks, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('jwks') } }
+
+        sig { params(entity_id: T.nilable(::String), jwks: T.nilable(::String)).void }
+        def initialize(entity_id: nil, jwks: nil)
+          @entity_id = entity_id
+          @jwks = jwks
+        end
+
+        sig { params(other: T.untyped).returns(T::Boolean) }
+        def ==(other)
+          return false unless other.is_a? self.class
+          return false unless @entity_id == other.entity_id
+          return false unless @jwks == other.jwks
+          true
+        end
+      end
+    end
+  end
+end

data/lib/authlete/models/components/trust_anchor.rbi

@@ -0,0 +1,15 @@
+# typed: true
+# frozen_string_literal: true
+
+
+class Authlete::Models::Components::TrustAnchor
+  extend ::Crystalline::MetadataFields::ClassMethods
+end
+
+
+class Authlete::Models::Components::TrustAnchor
+  def entity_id(); end
+  def entity_id=(str_); end
+  def jwks(); end
+  def jwks=(str_); end
+end

data/lib/authlete/models/components/user_code_charset.rb

@@ -0,0 +1,23 @@
+# Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+
+# typed: true
+# frozen_string_literal: true
+
+
+module Authlete
+  module Models
+    module Components
+    
+      # UserCodeCharset - The character set for end-user verification codes (`user_code`) for Device Flow.
+      # 
+      class UserCodeCharset < T::Enum
+
+
+        enums do
+          BASE20 = new('BASE20')
+          NUMERIC = new('NUMERIC')
+        end
+      end
+    end
+  end
+end

data/lib/authlete/models/components/user_code_charset.rbi

@@ -0,0 +1,11 @@
+# typed: true
+# frozen_string_literal: true
+
+
+class Authlete::Models::Components::UserCodeCharset
+  extend ::Crystalline::MetadataFields::ClassMethods
+end
+
+
+class Authlete::Models::Components::UserCodeCharset
+end

data/lib/authlete/models/components/userinfo_issue_request.rb

@@ -0,0 +1,127 @@
+# Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+
+# typed: true
+# frozen_string_literal: true
+
+
+module Authlete
+  module Models
+    module Components
+    
+
+      class UserinfoIssueRequest
+        extend T::Sig
+        include Crystalline::MetadataFields
+
+        # The access token that has been passed to the userinfo endpoint by the client application. In other words,
+        # the access token which was contained in the userinfo request.
+        # 
+        field :token, ::String, { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('token'), required: true }, 'form': { 'field_name': 'token' } }
+        # Claims in JSON format. As for the format, see [OpenID Connect Core 1.0, 5.1. Standard Claims](https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims).
+        # 
+        field :claims, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('claims') }, 'form': { 'field_name': 'claims' } }
+        # The value of the `sub` claim. If the value of this request parameter is not empty, it is used as the value of
+        # the `sub` claim. Otherwise, the value of the subject associated with the access token is used.
+        # 
+        field :sub, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('sub') }, 'form': { 'field_name': 'sub' } }
+        # Claim key-value pairs that are used to compute transformed claims.
+        # 
+        field :claims_for_tx, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('claimsForTx') }, 'form': { 'field_name': 'claimsForTx' } }
+        # The Signature header value from the request.
+        # 
+        field :request_signature, Crystalline::Nilable.new(::String), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('requestSignature') }, 'form': { 'field_name': 'requestSignature' } }
+        # HTTP headers to be included in processing the signature. If this is a signed request, this must include the
+        # Signature and Signature-Input headers, as well as any additional headers covered by the signature.
+        # 
+        field :headers, Crystalline::Nilable.new(Crystalline::Array.new(Models::Components::Pair)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('headers') }, 'form': { 'field_name': 'headers', 'json': true } }
+        # Values of verified claims requested indirectly by "transformed claims".
+        # 
+        # A client application may request "transformed claims". Each of transformed claims uses an existing
+        # claim as input. As a result, to compute the value of a transformed claim, the value of the referenced
+        # existing claim is needed. This `verifiedClaimsForTx` request parameter has to be used to provide
+        # values of existing claims for computation of transformed claims.
+        # 
+        # A response from the `/auth/userinfo` API may include the `requestedVerifiedClaimsForTx` response
+        # parameter which is a list of verified claims that are referenced indirectly by transformed claims
+        # (cf. `requestedVerifiedClaimsForTx` in `/auth/userinfo` API response). The authorization server
+        # implementation should prepare values of the verified claims listed in `requestedVerifiedClaimsForTx`
+        # and pass them as the value of this `verifiedClaimsForTx` request parameter.
+        # 
+        # The following is an example of the value of this request parameter.
+        # 
+        # ```
+        # [
+        #   "{\"birthdate\":\"1970-01-23\",\"nationalities\":[\"DEU\",\"USA\"]}"
+        # ]
+        # ```
+        # 
+        # The reason that this `verifiedClaimsForTx` property is an array is that the `"verified_claims"`
+        # property in the claims request parameter of an authorization request can be an array like below.
+        # 
+        # ```
+        # {
+        #   "transformed_claims": {
+        #     "nationality_usa": {
+        #       "claim": "nationalities",
+        #       "fn": [
+        #         [ "eq", "USA" ],
+        #         "any"
+        #       ]
+        #     }
+        #   },
+        #   "userinfo": {
+        #     "verified_claims": [
+        #       {
+        #         "verification": { "trust_framework": { "value": "gold" } },
+        #         "claims": { "::18_or_above": null }
+        #       },
+        #       {
+        #         "verification": { "trust_framework": { "value": "silver" } },
+        #         "claims": { ":nationality_usa": null }
+        #       }
+        #     ]
+        #   }
+        # }
+        # ```
+        # 
+        # For the example above, the value of this `verifiedClaimsForTx` property should be an array of
+        # size 2 and look like below. The first element is JSON including claims which have been verified
+        # under the trust framework `"gold"`, and the second element is JSON including claims which have
+        # been verified under the trust framework `"silver"`.
+        # 
+        # ```
+        # [
+        #   "{\"birthdate\":\"1970-01-23\"}",
+        #   "{\"nationalities\":[\"DEU\",\"USA\"]}"
+        # ]
+        # ```
+        # 
+        field :verified_claims_for_tx, Crystalline::Nilable.new(Crystalline::Array.new(::String)), { 'format_json': { 'letter_case': ::Authlete::Utils.field_name('verifiedClaimsForTx') }, 'form': { 'field_name': 'verifiedClaimsForTx' } }
+
+        sig { params(token: ::String, claims: T.nilable(::String), sub: T.nilable(::String), claims_for_tx: T.nilable(::String), request_signature: T.nilable(::String), headers: T.nilable(T::Array[Models::Components::Pair]), verified_claims_for_tx: T.nilable(T::Array[::String])).void }
+        def initialize(token:, claims: nil, sub: nil, claims_for_tx: nil, request_signature: nil, headers: nil, verified_claims_for_tx: nil)
+          @token = token
+          @claims = claims
+          @sub = sub
+          @claims_for_tx = claims_for_tx
+          @request_signature = request_signature
+          @headers = headers
+          @verified_claims_for_tx = verified_claims_for_tx
+        end
+
+        sig { params(other: T.untyped).returns(T::Boolean) }
+        def ==(other)
+          return false unless other.is_a? self.class
+          return false unless @token == other.token
+          return false unless @claims == other.claims
+          return false unless @sub == other.sub
+          return false unless @claims_for_tx == other.claims_for_tx
+          return false unless @request_signature == other.request_signature
+          return false unless @headers == other.headers
+          return false unless @verified_claims_for_tx == other.verified_claims_for_tx
+          true
+        end
+      end
+    end
+  end
+end

data/lib/authlete/models/components/userinfo_issue_request.rbi

@@ -0,0 +1,25 @@
+# typed: true
+# frozen_string_literal: true
+
+
+class Authlete::Models::Components::UserinfoIssueRequest
+  extend ::Crystalline::MetadataFields::ClassMethods
+end
+
+
+class Authlete::Models::Components::UserinfoIssueRequest
+  def token(); end
+  def token=(str_); end
+  def claims(); end
+  def claims=(str_); end
+  def sub(); end
+  def sub=(str_); end
+  def claims_for_tx(); end
+  def claims_for_tx=(str_); end
+  def request_signature(); end
+  def request_signature=(str_); end
+  def headers(); end
+  def headers=(str_); end
+  def verified_claims_for_tx(); end
+  def verified_claims_for_tx=(str_); end
+end