@enterprisestandard/react 0.0.5-beta.20260115.2 → 0.0.5-beta.20260115.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (77) hide show
  1. package/dist/index.d.ts +2573 -41
  2. package/dist/index.js +3732 -144
  3. package/dist/index.js.map +1 -0
  4. package/package.json +3 -1
  5. package/dist/group-store.d.ts +0 -164
  6. package/dist/group-store.d.ts.map +0 -1
  7. package/dist/group-store.js +0 -127
  8. package/dist/iam.d.ts +0 -206
  9. package/dist/iam.d.ts.map +0 -1
  10. package/dist/iam.js +0 -680
  11. package/dist/index.d.ts.map +0 -1
  12. package/dist/session-store.d.ts +0 -179
  13. package/dist/session-store.d.ts.map +0 -1
  14. package/dist/session-store.js +0 -105
  15. package/dist/sso-server.d.ts +0 -13
  16. package/dist/sso-server.d.ts.map +0 -1
  17. package/dist/sso-server.js +0 -46
  18. package/dist/sso.d.ts +0 -104
  19. package/dist/sso.d.ts.map +0 -1
  20. package/dist/sso.js +0 -820
  21. package/dist/tenant-server.d.ts +0 -8
  22. package/dist/tenant-server.d.ts.map +0 -1
  23. package/dist/tenant-server.js +0 -6
  24. package/dist/tenant.d.ts +0 -280
  25. package/dist/tenant.d.ts.map +0 -1
  26. package/dist/tenant.js +0 -324
  27. package/dist/types/base-user.d.ts +0 -27
  28. package/dist/types/base-user.d.ts.map +0 -1
  29. package/dist/types/base-user.js +0 -1
  30. package/dist/types/enterprise-user.d.ts +0 -158
  31. package/dist/types/enterprise-user.d.ts.map +0 -1
  32. package/dist/types/enterprise-user.js +0 -1
  33. package/dist/types/oidc-schema.d.ts +0 -86
  34. package/dist/types/oidc-schema.d.ts.map +0 -1
  35. package/dist/types/oidc-schema.js +0 -328
  36. package/dist/types/scim-schema.d.ts +0 -419
  37. package/dist/types/scim-schema.d.ts.map +0 -1
  38. package/dist/types/scim-schema.js +0 -519
  39. package/dist/types/standard-schema.d.ts +0 -56
  40. package/dist/types/standard-schema.d.ts.map +0 -1
  41. package/dist/types/standard-schema.js +0 -1
  42. package/dist/types/user.d.ts +0 -41
  43. package/dist/types/user.d.ts.map +0 -1
  44. package/dist/types/user.js +0 -1
  45. package/dist/types/workload-schema.d.ts +0 -106
  46. package/dist/types/workload-schema.d.ts.map +0 -1
  47. package/dist/types/workload-schema.js +0 -208
  48. package/dist/ui/sign-in-loading.d.ts +0 -5
  49. package/dist/ui/sign-in-loading.d.ts.map +0 -1
  50. package/dist/ui/sign-in-loading.js +0 -8
  51. package/dist/ui/signed-in.d.ts +0 -3
  52. package/dist/ui/signed-in.d.ts.map +0 -1
  53. package/dist/ui/signed-in.js +0 -8
  54. package/dist/ui/signed-out.d.ts +0 -3
  55. package/dist/ui/signed-out.d.ts.map +0 -1
  56. package/dist/ui/signed-out.js +0 -8
  57. package/dist/ui/sso-provider.d.ts +0 -35
  58. package/dist/ui/sso-provider.d.ts.map +0 -1
  59. package/dist/ui/sso-provider.js +0 -275
  60. package/dist/user-store.d.ts +0 -161
  61. package/dist/user-store.d.ts.map +0 -1
  62. package/dist/user-store.js +0 -114
  63. package/dist/utils.d.ts +0 -9
  64. package/dist/utils.d.ts.map +0 -1
  65. package/dist/utils.js +0 -23
  66. package/dist/vault.d.ts +0 -18
  67. package/dist/vault.d.ts.map +0 -1
  68. package/dist/vault.js +0 -22
  69. package/dist/workload-server.d.ts +0 -127
  70. package/dist/workload-server.d.ts.map +0 -1
  71. package/dist/workload-server.js +0 -167
  72. package/dist/workload-token-store.d.ts +0 -187
  73. package/dist/workload-token-store.d.ts.map +0 -1
  74. package/dist/workload-token-store.js +0 -95
  75. package/dist/workload.d.ts +0 -227
  76. package/dist/workload.d.ts.map +0 -1
  77. package/dist/workload.js +0 -691
package/dist/types/enterprise-user.d.ts DELETED
@@ -1,158 +0,0 @@
1
- import type { BaseUser } from './base-user';
2
- import type { Address, Email, Group, Name, PhoneNumber, Role } from './scim-schema';
3
- /**
4
- * Enterprise user with SCIM attributes.
5
- * Extends BaseUser (simple fields) with optional complex SCIM fields.
6
- * For IAM/provisioning and enterprise directory integration.
7
- */
8
- export interface EnterpriseUser extends BaseUser {
9
- /**
10
- * External identifier from the provisioning system
11
- */
12
- externalId?: string;
13
- /**
14
- * Resource metadata
15
- */
16
- meta?: {
17
- resourceType?: string;
18
- created?: string;
19
- lastModified?: string;
20
- version?: string;
21
- location?: string;
22
- };
23
- /**
24
- * SCIM schemas supported by this user
25
- */
26
- schemas?: string[];
27
- /**
28
- * Structured name with family/given names, prefixes, suffixes.
29
- * Use alongside the simple `name` string from BaseUser.
30
- */
31
- fullName?: Name;
32
- /**
33
- * Multiple email addresses with types (work, home, etc.).
34
- * Use alongside the simple `email` string from BaseUser.
35
- */
36
- emails?: Email[];
37
- /**
38
- * Name for display purposes
39
- */
40
- displayName?: string;
41
- /**
42
- * Casual name to address the user
43
- */
44
- nickName?: string;
45
- /**
46
- * URL to user's online profile
47
- */
48
- profileUrl?: string;
49
- /**
50
- * Job title
51
- */
52
- title?: string;
53
- /**
54
- * User type (e.g., "Employee", "Contractor")
55
- */
56
- userType?: string;
57
- /**
58
- * Preferred language (e.g., "en-US")
59
- */
60
- preferredLanguage?: string;
61
- /**
62
- * Locale for localization (e.g., "en-US")
63
- */
64
- locale?: string;
65
- /**
66
- * Timezone (e.g., "America/New_York")
67
- */
68
- timezone?: string;
69
- /**
70
- * Whether the user account is active
71
- */
72
- active?: boolean;
73
- /**
74
- * Password (for provisioning only, should not be returned)
75
- */
76
- password?: string;
77
- /**
78
- * Phone numbers
79
- */
80
- phoneNumbers?: PhoneNumber[];
81
- /**
82
- * Instant messaging addresses
83
- */
84
- ims?: Array<{
85
- value: string;
86
- display?: string;
87
- type?: string;
88
- primary?: boolean;
89
- }>;
90
- /**
91
- * Photo URLs
92
- */
93
- photos?: Array<{
94
- value: string;
95
- display?: string;
96
- type?: string;
97
- primary?: boolean;
98
- }>;
99
- /**
100
- * Physical mailing addresses
101
- */
102
- addresses?: Address[];
103
- /**
104
- * Groups the user belongs to
105
- */
106
- groups?: Group[];
107
- /**
108
- * Entitlements
109
- */
110
- entitlements?: Array<{
111
- value: string;
112
- display?: string;
113
- type?: string;
114
- primary?: boolean;
115
- }>;
116
- /**
117
- * Roles assigned to the user
118
- */
119
- roles?: Role[];
120
- /**
121
- * X.509 certificates
122
- */
123
- x509Certificates?: Array<{
124
- value: string;
125
- display?: string;
126
- type?: string;
127
- primary?: boolean;
128
- }>;
129
- /**
130
- * Employee number
131
- */
132
- employeeNumber?: string;
133
- /**
134
- * Cost center
135
- */
136
- costCenter?: string;
137
- /**
138
- * Organization name
139
- */
140
- organization?: string;
141
- /**
142
- * Division name
143
- */
144
- division?: string;
145
- /**
146
- * Department name
147
- */
148
- department?: string;
149
- /**
150
- * User's manager
151
- */
152
- manager?: {
153
- value: string;
154
- $ref?: string;
155
- displayName?: string;
156
- };
157
- }
158
- //# sourceMappingURL=enterprise-user.d.ts.map
package/dist/types/enterprise-user.d.ts.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"enterprise-user.d.ts","sourceRoot":"","sources":["../../src/types/enterprise-user.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAEpF;;;;GAIG;AACH,MAAM,WAAW,cAAe,SAAQ,QAAQ;IAE9C;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,IAAI,CAAC,EAAE;QACL,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,CAAC;IAEF;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IAGnB;;;OAGG;IACH,QAAQ,CAAC,EAAE,IAAI,CAAC;IAEhB;;;OAGG;IACH,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC;IAGjB;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IAEjB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAGlB;;OAEG;IACH,YAAY,CAAC,EAAE,WAAW,EAAE,CAAC;IAE7B;;OAEG;IACH,GAAG,CAAC,EAAE,KAAK,CAAC;QACV,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,OAAO,CAAC,EAAE,OAAO,CAAC;KACnB,CAAC,CAAC;IAEH;;OAEG;IACH,MAAM,CAAC,EAAE,KAAK,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,OAAO,CAAC,EAAE,OAAO,CAAC;KACnB,CAAC,CAAC;IAEH;;OAEG;IACH,SAAS,CAAC,EAAE,OAAO,EAAE,CAAC;IAEtB;;OAEG;IACH,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC;IAEjB;;OAEG;IACH,YAAY,CAAC,EAAE,KAAK,CAAC;QACnB,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,OAAO,CAAC,EAAE,OAAO,CAAC;KACnB,CAAC,CAAC;IAEH;;OAEG;IACH,KAAK,CAAC,EAAE,IAAI,EAAE,CAAC;IAEf;;OAEG;IACH,gBAAgB,CAAC,EAAE,KAAK,CAAC;QACvB,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,OAAO,CAAC,EAAE,OAAO,CAAC;KACnB,CAAC,CAAC;IAGH;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,OAAO,CAAC,EAAE;QACR,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;CACH"}
package/dist/types/enterprise-user.js DELETED
@@ -1 +0,0 @@
1
- export {};
package/dist/types/oidc-schema.d.ts DELETED
@@ -1,86 +0,0 @@
1
- import type { StandardSchemaV1 } from './standard-schema';
2
- /**
3
- * OIDC Code Flow Callback URL Parameters
4
- * @see https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth
5
- */
6
- export interface OidcCallbackParams {
7
- /**
8
- * REQUIRED. The authorization code returned from the authorization server.
9
- */
10
- code: string;
11
- /**
12
- * REQUIRED if the "state" parameter was present in the client authorization request.
13
- * The exact value received from the client.
14
- */
15
- state?: string;
16
- /**
17
- * RECOMMENDED. The session state value. Clients should use this to verify the session state.
18
- */
19
- session_state?: string;
20
- /**
21
- * OAuth 2.0 error code if the authorization request failed.
22
- */
23
- error?: string;
24
- /**
25
- * Human-readable ASCII text providing additional information for the error.
26
- */
27
- error_description?: string;
28
- /**
29
- * A URI identifying a human-readable web page with information about the error.
30
- */
31
- error_uri?: string;
32
- /**
33
- * The "iss" (issuer) parameter identifies the principal that issued the response.
34
- * This is typically used in the implicit flow.
35
- */
36
- iss?: string;
37
- }
38
- /**
39
- * Creates a StandardSchemaV1 for validating OIDC callback URL parameters.
40
- * @param vendor - The name of the vendor creating this schema
41
- * @returns A StandardSchemaV1 instance for OIDC callback parameters
42
- */
43
- export declare function oidcCallbackSchema(vendor: string): StandardSchemaV1<Record<string, unknown>, OidcCallbackParams>;
44
- /**
45
- * Token Response from IdP
46
- */
47
- export interface TokenResponse {
48
- access_token: string;
49
- id_token: string;
50
- refresh_token?: string;
51
- token_type: string;
52
- expires_in?: number;
53
- scope?: string;
54
- refresh_expires_in?: number;
55
- session_state?: string;
56
- expires?: string;
57
- }
58
- /**
59
- * Creates a StandardSchemaV1 for validating OIDC Token Responses.
60
- * @param vendor - The name of the vendor creating this schema
61
- * @returns A StandardSchemaV1 instance for Token Response validation
62
- */
63
- export declare function tokenResponseSchema(vendor: string): StandardSchemaV1<Record<string, unknown>, TokenResponse>;
64
- /**
65
- * ID Token Claims
66
- */
67
- export interface IdTokenClaims {
68
- iss?: string;
69
- aud?: string;
70
- exp?: number;
71
- iat?: number;
72
- sub?: string;
73
- sid?: string;
74
- name?: string;
75
- email?: string;
76
- preferred_username?: string;
77
- picture?: string;
78
- [key: string]: unknown;
79
- }
80
- /**
81
- * Creates a StandardSchemaV1 for validating ID Token Claims.
82
- * @param vendor - The name of the vendor creating this schema
83
- * @returns A StandardSchemaV1 instance for ID Token Claims validation
84
- */
85
- export declare function idTokenClaimsSchema(vendor: string): StandardSchemaV1<Record<string, unknown>, IdTokenClaims>;
86
- //# sourceMappingURL=oidc-schema.d.ts.map
package/dist/types/oidc-schema.d.ts.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"oidc-schema.d.ts","sourceRoot":"","sources":["../../src/types/oidc-schema.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAE1D;;;GAGG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,IAAI,EAAE,MAAM,CAAC;IAEb;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,kBAAkB,CAAC,CAoHhH;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,aAAa,CAAC,CAmJ5G;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,aAAa,CAAC,CAsD5G"}
package/dist/types/oidc-schema.js DELETED
@@ -1,328 +0,0 @@
1
- /**
2
- * Creates a StandardSchemaV1 for validating OIDC callback URL parameters.
3
- * @param vendor - The name of the vendor creating this schema
4
- * @returns A StandardSchemaV1 instance for OIDC callback parameters
5
- */
6
- export function oidcCallbackSchema(vendor) {
7
- return {
8
- '~standard': {
9
- version: 1,
10
- vendor,
11
- validate: (value) => {
12
- if (typeof value !== 'object' || value === null) {
13
- return {
14
- issues: [
15
- {
16
- message: 'Expected an object',
17
- },
18
- ],
19
- };
20
- }
21
- const params = value;
22
- const issues = [];
23
- const result = {};
24
- // Check required 'code' parameter
25
- if ('code' in params) {
26
- if (typeof params.code === 'string') {
27
- result.code = params.code;
28
- }
29
- else {
30
- issues.push({
31
- message: 'code must be a string',
32
- path: ['code'],
33
- });
34
- }
35
- }
36
- else if (!('error' in params)) {
37
- // 'code' is required unless there's an error
38
- issues.push({
39
- message: 'code is required',
40
- path: ['code'],
41
- });
42
- }
43
- // Validate state if present
44
- if ('state' in params) {
45
- if (typeof params.state === 'string' || params.state === undefined) {
46
- result.state = params.state;
47
- }
48
- else {
49
- issues.push({
50
- message: 'state must be a string',
51
- path: ['state'],
52
- });
53
- }
54
- }
55
- // Validate session_state if present
56
- if ('session_state' in params) {
57
- if (typeof params.session_state === 'string' || params.session_state === undefined) {
58
- result.session_state = params.session_state;
59
- }
60
- else {
61
- issues.push({
62
- message: 'session_state must be a string',
63
- path: ['session_state'],
64
- });
65
- }
66
- }
67
- // Validate error related fields if present
68
- if ('error' in params) {
69
- if (typeof params.error === 'string') {
70
- result.error = params.error;
71
- }
72
- else {
73
- issues.push({
74
- message: 'error must be a string',
75
- path: ['error'],
76
- });
77
- }
78
- if ('error_description' in params) {
79
- if (typeof params.error_description === 'string' || params.error_description === undefined) {
80
- result.error_description = params.error_description;
81
- }
82
- else {
83
- issues.push({
84
- message: 'error_description must be a string',
85
- path: ['error_description'],
86
- });
87
- }
88
- }
89
- if ('error_uri' in params) {
90
- if (typeof params.error_uri === 'string' || params.error_uri === undefined) {
91
- result.error_uri = params.error_uri;
92
- }
93
- else {
94
- issues.push({
95
- message: 'error_uri must be a string',
96
- path: ['error_uri'],
97
- });
98
- }
99
- }
100
- }
101
- // Validate iss if present
102
- if ('iss' in params) {
103
- if (typeof params.iss === 'string' || params.iss === undefined) {
104
- result.iss = params.iss;
105
- }
106
- else {
107
- issues.push({
108
- message: 'iss must be a string',
109
- path: ['iss'],
110
- });
111
- }
112
- }
113
- if (issues.length > 0) {
114
- return { issues };
115
- }
116
- return { value: result };
117
- },
118
- },
119
- };
120
- }
121
- /**
122
- * Creates a StandardSchemaV1 for validating OIDC Token Responses.
123
- * @param vendor - The name of the vendor creating this schema
124
- * @returns A StandardSchemaV1 instance for Token Response validation
125
- */
126
- export function tokenResponseSchema(vendor) {
127
- return {
128
- '~standard': {
129
- version: 1,
130
- vendor,
131
- validate: (value) => {
132
- if (typeof value !== 'object' || value === null) {
133
- return {
134
- issues: [
135
- {
136
- message: 'Expected an object',
137
- },
138
- ],
139
- };
140
- }
141
- const response = value;
142
- const issues = [];
143
- const result = {};
144
- // Check required 'access_token' parameter
145
- if ('access_token' in response) {
146
- if (typeof response.access_token === 'string') {
147
- result.access_token = response.access_token;
148
- }
149
- else {
150
- issues.push({
151
- message: 'access_token must be a string',
152
- path: ['access_token'],
153
- });
154
- }
155
- }
156
- else {
157
- issues.push({
158
- message: 'access_token is required',
159
- path: ['access_token'],
160
- });
161
- }
162
- // Check required 'id_token' parameter
163
- if ('id_token' in response) {
164
- if (typeof response.id_token === 'string') {
165
- result.id_token = response.id_token;
166
- }
167
- else {
168
- issues.push({
169
- message: 'id_token must be a string',
170
- path: ['id_token'],
171
- });
172
- }
173
- }
174
- else {
175
- issues.push({
176
- message: 'id_token is required',
177
- path: ['id_token'],
178
- });
179
- }
180
- // Check required 'token_type' parameter
181
- if ('token_type' in response) {
182
- if (typeof response.token_type === 'string') {
183
- result.token_type = response.token_type;
184
- }
185
- else {
186
- issues.push({
187
- message: 'token_type must be a string',
188
- path: ['token_type'],
189
- });
190
- }
191
- }
192
- else {
193
- issues.push({
194
- message: 'token_type is required',
195
- path: ['token_type'],
196
- });
197
- }
198
- // Optional string fields
199
- if ('refresh_token' in response) {
200
- if (typeof response.refresh_token === 'string' || response.refresh_token === undefined) {
201
- result.refresh_token = response.refresh_token;
202
- }
203
- else {
204
- issues.push({
205
- message: 'refresh_token must be a string',
206
- path: ['refresh_token'],
207
- });
208
- }
209
- }
210
- if ('scope' in response) {
211
- if (typeof response.scope === 'string' || response.scope === undefined) {
212
- result.scope = response.scope;
213
- }
214
- else {
215
- issues.push({
216
- message: 'scope must be a string',
217
- path: ['scope'],
218
- });
219
- }
220
- }
221
- if ('session_state' in response) {
222
- if (typeof response.session_state === 'string' || response.session_state === undefined) {
223
- result.session_state = response.session_state;
224
- }
225
- else {
226
- issues.push({
227
- message: 'session_state must be a string',
228
- path: ['session_state'],
229
- });
230
- }
231
- }
232
- if ('expires' in response) {
233
- if (typeof response.expires === 'string' || response.expires === undefined) {
234
- result.expires = response.expires;
235
- }
236
- else {
237
- issues.push({
238
- message: 'expires must be a string',
239
- path: ['expires'],
240
- });
241
- }
242
- }
243
- // Optional number fields
244
- if ('expires_in' in response) {
245
- if (typeof response.expires_in === 'number' || response.expires_in === undefined) {
246
- result.expires_in = response.expires_in;
247
- }
248
- else {
249
- issues.push({
250
- message: 'expires_in must be a number',
251
- path: ['expires_in'],
252
- });
253
- }
254
- }
255
- if ('refresh_expires_in' in response) {
256
- if (typeof response.refresh_expires_in === 'number' || response.refresh_expires_in === undefined) {
257
- result.refresh_expires_in = response.refresh_expires_in;
258
- }
259
- else {
260
- issues.push({
261
- message: 'refresh_expires_in must be a number',
262
- path: ['refresh_expires_in'],
263
- });
264
- }
265
- }
266
- if (issues.length > 0) {
267
- return { issues };
268
- }
269
- return { value: result };
270
- },
271
- },
272
- };
273
- }
274
- /**
275
- * Creates a StandardSchemaV1 for validating ID Token Claims.
276
- * @param vendor - The name of the vendor creating this schema
277
- * @returns A StandardSchemaV1 instance for ID Token Claims validation
278
- */
279
- export function idTokenClaimsSchema(vendor) {
280
- return {
281
- '~standard': {
282
- version: 1,
283
- vendor,
284
- validate: (value) => {
285
- if (typeof value !== 'object' || value === null) {
286
- return {
287
- issues: [
288
- {
289
- message: 'Expected an object',
290
- },
291
- ],
292
- };
293
- }
294
- const claims = value;
295
- const issues = [];
296
- const result = { ...claims };
297
- // Validate optional string fields
298
- const stringFields = ['iss', 'aud', 'sub', 'sid', 'name', 'email', 'preferred_username', 'picture'];
299
- for (const field of stringFields) {
300
- if (field in claims && claims[field] !== undefined) {
301
- if (typeof claims[field] !== 'string') {
302
- issues.push({
303
- message: `${field} must be a string`,
304
- path: [field],
305
- });
306
- }
307
- }
308
- }
309
- // Validate optional number fields
310
- const numberFields = ['exp', 'iat'];
311
- for (const field of numberFields) {
312
- if (field in claims && claims[field] !== undefined) {
313
- if (typeof claims[field] !== 'number') {
314
- issues.push({
315
- message: `${field} must be a number`,
316
- path: [field],
317
- });
318
- }
319
- }
320
- }
321
- if (issues.length > 0) {
322
- return { issues };
323
- }
324
- return { value: result };
325
- },
326
- },
327
- };
328
- }