@go-mondo/identity-sdk 0.0.2-beta.7 → 0.0.2-beta.71

package/dist/esm/authorization/roles/schema.test.js

@@ -0,0 +1,227 @@
+import { describe, expect, test } from 'vitest';
+import { generateAppId } from '../../app/utils.js';
+import { generateUserId } from '../../customer/schema.js';
+import { generatePermissionId, generateRoleId } from '../schema.js';
+import { InsertRolePayloadSchema, RoleAssociationReferenceSchema, RoleAssociationsSchema, RoleIdPropertySchema, RoleSchema, RoleStatus, UpdateRolePayloadSchema, } from './schema.js';
+describe('Authorization Roles - Schema', () => {
+    describe('RoleStatus constants', () => {
+        test('should have correct status values', () => {
+            expect(RoleStatus.ENABLED).toBe('enabled');
+            expect(RoleStatus.DISABLED).toBe('disabled');
+        });
+    });
+    describe('RoleIdPropertySchema', () => {
+        test('should accept valid id property', () => {
+            const payload = { id: generateRoleId() };
+            const result = RoleIdPropertySchema.safeParse(payload);
+            // Parse succeeds for valid data
+            expect(result.data).toEqual({ id: payload.id });
+        });
+        test('should reject missing id', () => {
+            const result = RoleIdPropertySchema.safeParse({});
+            expect(result.success).toBe(false);
+        });
+    });
+    describe('RoleAssociationsSchema', () => {
+        test('should accept valid associations', () => {
+            const payload = {
+                apps: [generateAppId(), generateAppId()],
+                permissions: [generatePermissionId(), generatePermissionId()],
+                users: [generateUserId(), generateUserId()],
+            };
+            const result = RoleAssociationsSchema.safeParse(payload);
+            // Parse succeeds for valid data
+            expect(result.data).toEqual({
+                apps: payload.apps,
+                permissions: payload.permissions,
+                users: payload.users,
+            });
+        });
+        test('should accept optional associations', () => {
+            const result = RoleAssociationsSchema.safeParse({});
+            // Parse succeeds for valid data
+            expect(result.data).toEqual({});
+        });
+        test('should accept partial associations', () => {
+            const result = RoleAssociationsSchema.safeParse({
+                permissions: [generatePermissionId()],
+                users: undefined,
+            });
+            // Parse succeeds for valid data
+        });
+        test('should reject non-array associations', () => {
+            const result = RoleAssociationsSchema.safeParse({
+                apps: 'not-an-array',
+            });
+            expect(result.success).toBe(false);
+        });
+    });
+    describe('RoleSchema', () => {
+        test('should accept complete role object', () => {
+            const role = {
+                id: generateRoleId(),
+                name: 'admin',
+                status: 'enabled',
+                description: 'Administrator role',
+                apps: { ids: [generateAppId()], count: 1 },
+                users: { ids: [generateUserId()], count: 1 },
+                permissions: { ids: [generatePermissionId()], count: 1 },
+                createdAt: new Date(),
+                updatedAt: new Date(),
+                metadata: { key: 'value' },
+            };
+            const result = RoleSchema.safeParse(role);
+            // Parse succeeds for valid data
+        });
+        test('should accept minimal role object', () => {
+            const role = {
+                id: generateRoleId(),
+                name: 'user',
+                status: 'enabled',
+                createdAt: new Date(),
+                updatedAt: new Date(),
+                metadata: {},
+            };
+            const result = RoleSchema.safeParse(role);
+            // Parse succeeds for valid data
+        });
+        test('should accept role with optional dates', () => {
+            const role = {
+                id: generateRoleId(),
+                name: 'user',
+                status: 'disabled',
+                createdAt: new Date(),
+                updatedAt: new Date(),
+                deletedAt: new Date(),
+                deactivatedAt: new Date(),
+                metadata: {},
+            };
+            const result = RoleSchema.safeParse(role);
+            // Parse succeeds for valid data
+        });
+        test('should reject invalid status', () => {
+            const role = {
+                id: generateRoleId(),
+                name: 'admin',
+                status: 'invalid',
+                createdAt: new Date(),
+                updatedAt: new Date(),
+                metadata: {},
+            };
+            const result = RoleSchema.safeParse(role);
+            expect(result.success).toBe(false);
+        });
+        test('should reject missing required fields', () => {
+            const role = {
+                id: generateRoleId(),
+                name: 'admin',
+            };
+            const result = RoleSchema.safeParse(role);
+            expect(result.success).toBe(false);
+        });
+    });
+    describe('InsertRolePayloadSchema', () => {
+        test('should accept complete insert payload', () => {
+            const payload = {
+                id: generateRoleId(),
+                name: 'admin',
+                status: 'enabled',
+                description: 'Administrator role',
+                apps: [generateAppId()],
+                permissions: [generatePermissionId()],
+                users: [generateUserId()],
+                metadata: { key: 'value' },
+            };
+            const result = InsertRolePayloadSchema.safeParse(payload);
+            // Parse succeeds for valid data
+        });
+        test('should accept minimal insert payload', () => {
+            const payload = {
+                name: 'user',
+            };
+            const result = InsertRolePayloadSchema.safeParse(payload);
+            // Parse succeeds for valid data
+            expect(result.data?.status).toBe('enabled'); // default value
+        });
+        test('should reject missing name', () => {
+            const result = InsertRolePayloadSchema.safeParse({});
+            expect(result.success).toBe(false);
+        });
+        test('should accept associations in insert payload', () => {
+            const payload = {
+                name: 'moderator',
+                apps: [generateAppId(), generateAppId()],
+                permissions: [generatePermissionId(), generatePermissionId()],
+                users: [generateUserId()],
+            };
+            const result = InsertRolePayloadSchema.safeParse(payload);
+            // Parse succeeds for valid data
+        });
+    });
+    describe('UpdateRolePayloadSchema', () => {
+        test('should accept all optional fields', () => {
+            const payload = {
+                name: 'updated-role',
+                status: 'disabled',
+                description: 'Updated description',
+                metadata: { updated: true },
+            };
+            const result = UpdateRolePayloadSchema.safeParse(payload);
+            // Parse succeeds for valid data
+            expect(result.data).toEqual(payload);
+        });
+        test('should accept empty update payload', () => {
+            const result = UpdateRolePayloadSchema.safeParse({});
+            // Parse succeeds for valid data
+            expect(result.data).toEqual({});
+        });
+        test('should accept partial updates', () => {
+            const payload = { name: 'new-name' };
+            const result = UpdateRolePayloadSchema.safeParse(payload);
+            // Parse succeeds for valid data
+            expect(result.data).toEqual(payload);
+        });
+        test('should reject invalid status', () => {
+            const payload = { status: 'invalid-status' };
+            const result = UpdateRolePayloadSchema.safeParse(payload);
+            expect(result.success).toBe(false);
+        });
+    });
+    describe('RoleAssociationReferenceSchema', () => {
+        test('should accept complete association reference', () => {
+            const reference = {
+                id: generateRoleId(),
+                name: 'admin',
+                status: 'enabled',
+                model: 'Role',
+            };
+            const result = RoleAssociationReferenceSchema.safeParse(reference);
+            // Parse succeeds for valid data
+            expect(result.data).toEqual(reference);
+        });
+        test('should use default status when not provided', () => {
+            const reference = {
+                id: generateRoleId(),
+                name: 'admin',
+                model: 'Role',
+            };
+            const result = RoleAssociationReferenceSchema.safeParse(reference);
+            // Parse succeeds for valid data
+            expect(result.data?.status).toBe('disabled'); // default value
+        });
+        test('should reject missing required fields', () => {
+            const reference = { id: generateRoleId() };
+            const result = RoleAssociationReferenceSchema.safeParse(reference);
+            expect(result.success).toBe(false);
+        });
+        test('should reject invalid model value', () => {
+            const reference = {
+                id: generateRoleId(),
+                name: 'admin',
+                model: 'InvalidModel',
+            };
+            const result = RoleAssociationReferenceSchema.safeParse(reference);
+            expect(result.success).toBe(false);
+        });
+    });
+});

package/dist/esm/authorization/schema.d.ts

@@ -0,0 +1,18 @@
+import * as z from 'zod/v4';
+export declare const Model: {
+    readonly Permission: {
+        readonly UIDPrefix: "per";
+    };
+    readonly Role: {
+        readonly UIDPrefix: "rol";
+    };
+};
+export declare function generatePermissionId(): string;
+export declare function generateRoleId(): string;
+export declare const RoleIdSchema: z.ZodString;
+export type RoleId = z.output<typeof RoleIdSchema>;
+export declare const RoleIdAssociationsSchema: z.ZodUnion<readonly [z.ZodUndefined, z.ZodArray<z.ZodString>]>;
+export declare const PermissionIdSchema: z.ZodString;
+export type PermissionId = z.output<typeof PermissionIdSchema>;
+export declare const PermissionIdAssociationsSchema: z.ZodUnion<readonly [z.ZodUndefined, z.ZodArray<z.ZodString>]>;
+//# sourceMappingURL=schema.d.ts.map

package/dist/esm/authorization/schema.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../src/authorization/schema.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAG5B,eAAO,MAAM,KAAK;;;;;;;CAOR,CAAC;AAEX,wBAAgB,oBAAoB,WAEnC;AAED,wBAAgB,cAAc,WAE7B;AAED,eAAO,MAAM,YAAY,aAAoC,CAAC;AAC9D,MAAM,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,YAAY,CAAC,CAAC;AAEnD,eAAO,MAAM,wBAAwB,gEAGnC,CAAC;AAEH,eAAO,MAAM,kBAAkB,aAA0C,CAAC;AAC1E,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAE/D,eAAO,MAAM,8BAA8B,gEAGzC,CAAC"}

package/dist/esm/authorization/schema.js

@@ -0,0 +1,27 @@
+import KSUID from 'ksuid';
+import * as z from 'zod/v4';
+import { KSUIDSchema } from '../common/schema/id.js';
+export const Model = {
+    Permission: {
+        UIDPrefix: 'per',
+    },
+    Role: {
+        UIDPrefix: 'rol',
+    },
+};
+export function generatePermissionId() {
+    return `${Model.Permission.UIDPrefix}_${KSUID.randomSync().string}`;
+}
+export function generateRoleId() {
+    return `${Model.Role.UIDPrefix}_${KSUID.randomSync().string}`;
+}
+export const RoleIdSchema = KSUIDSchema(Model.Role.UIDPrefix);
+export const RoleIdAssociationsSchema = z.union([
+    z.undefined(),
+    z.array(RoleIdSchema),
+]);
+export const PermissionIdSchema = KSUIDSchema(Model.Permission.UIDPrefix);
+export const PermissionIdAssociationsSchema = z.union([
+    z.undefined(),
+    z.array(PermissionIdSchema),
+]);

package/dist/esm/authorization/schema.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=schema.test.d.ts.map

package/dist/esm/authorization/schema.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"schema.test.d.ts","sourceRoot":"","sources":["../../../src/authorization/schema.test.ts"],"names":[],"mappings":""}

package/dist/esm/authorization/schema.test.js

@@ -0,0 +1,40 @@
+import { describe, expect, test } from 'vitest';
+import { Model, generatePermissionId, generateRoleId } from './schema.js';
+describe('Authorization - Utils', () => {
+    describe('Model constants', () => {
+        test('should have correct UID prefixes', () => {
+            expect(Model.Permission.UIDPrefix).toBe('per');
+            expect(Model.Role.UIDPrefix).toBe('rol');
+        });
+    });
+    describe('generatePermissionId', () => {
+        test('should generate ID with correct prefix', () => {
+            const id = generatePermissionId();
+            expect(id).toMatch(/^per_[A-Za-z0-9]+$/);
+        });
+        test('should generate unique IDs', () => {
+            const id1 = generatePermissionId();
+            const id2 = generatePermissionId();
+            expect(id1).not.toBe(id2);
+        });
+        test('should generate IDs with correct length', () => {
+            const id = generatePermissionId();
+            expect(id.length).toBeGreaterThan(4); // prefix + underscore + KSUID
+        });
+    });
+    describe('generateRoleId', () => {
+        test('should generate ID with correct prefix', () => {
+            const id = generateRoleId();
+            expect(id).toMatch(/^rol_[A-Za-z0-9]+$/);
+        });
+        test('should generate unique IDs', () => {
+            const id1 = generateRoleId();
+            const id2 = generateRoleId();
+            expect(id1).not.toBe(id2);
+        });
+        test('should generate IDs with correct length', () => {
+            const id = generateRoleId();
+            expect(id.length).toBeGreaterThan(4); // prefix + underscore + KSUID
+        });
+    });
+});

package/dist/esm/common/errors/http.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=http.test.d.ts.map

package/dist/esm/common/errors/http.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"http.test.d.ts","sourceRoot":"","sources":["../../../../src/common/errors/http.test.ts"],"names":[],"mappings":""}

package/dist/esm/common/errors/http.test.js

@@ -0,0 +1,69 @@
+import { describe, expect, test } from 'vitest';
+import { HttpError } from './http.js';
+describe('Common Errors - HTTP', () => {
+    describe('HttpError', () => {
+        test('should create error with default message and status', () => {
+            const error = new HttpError();
+            expect(error.message).toBe('An unknown error occurred. Please try the operation again.');
+            expect(error.statusCode).toBe(500);
+            expect(error.type).toBe('Unknown');
+            expect(error.trace).toBeUndefined();
+            expect(error.body).toBeUndefined();
+        });
+        test('should create error with custom message', () => {
+            const error = new HttpError('Custom error message');
+            expect(error.message).toBe('Custom error message');
+            expect(error.statusCode).toBe(500);
+            expect(error.type).toBe('Unknown');
+        });
+        test('should create error with custom options', () => {
+            const options = {
+                statusCode: 404,
+                type: 'NotFound',
+                trace: 'trace-123',
+                body: { resource: 'user' },
+            };
+            const error = new HttpError('Resource not found', options);
+            expect(error.message).toBe('Resource not found');
+            expect(error.statusCode).toBe(404);
+            expect(error.type).toBe('NotFound');
+            expect(error.trace).toBeUndefined(); // trace is not assigned in constructor
+            expect(error.body).toBeUndefined(); // body is not assigned in constructor
+        });
+        test('should handle partial options', () => {
+            const error = new HttpError('Test error', { statusCode: 400 });
+            expect(error.message).toBe('Test error');
+            expect(error.statusCode).toBe(400);
+            expect(error.type).toBe('Unknown');
+            expect(error.trace).toBeUndefined();
+            expect(error.body).toBeUndefined();
+        });
+        test('should be instance of Error', () => {
+            const error = new HttpError();
+            expect(error).toBeInstanceOf(Error);
+            expect(error).toBeInstanceOf(HttpError);
+        });
+        describe('isAuthorizationError', () => {
+            test('should return true for 401 status', () => {
+                const error = new HttpError('Unauthorized', { statusCode: 401 });
+                expect(error.isAuthorizationError).toBe(true);
+            });
+            test('should return true for 403 status', () => {
+                const error = new HttpError('Forbidden', { statusCode: 403 });
+                expect(error.isAuthorizationError).toBe(true);
+            });
+            test('should return false for other status codes', () => {
+                const error400 = new HttpError('Bad Request', { statusCode: 400 });
+                const error404 = new HttpError('Not Found', { statusCode: 404 });
+                const error500 = new HttpError('Internal Error', { statusCode: 500 });
+                expect(error400.isAuthorizationError).toBe(false);
+                expect(error404.isAuthorizationError).toBe(false);
+                expect(error500.isAuthorizationError).toBe(false);
+            });
+            test('should return false for default status code', () => {
+                const error = new HttpError();
+                expect(error.isAuthorizationError).toBe(false);
+            });
+        });
+    });
+});

package/dist/esm/common/errors/validation.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=validation.test.d.ts.map

package/dist/esm/common/errors/validation.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validation.test.d.ts","sourceRoot":"","sources":["../../../../src/common/errors/validation.test.ts"],"names":[],"mappings":""}

package/dist/esm/common/errors/validation.test.js

@@ -0,0 +1,90 @@
+import { describe, expect, test } from 'vitest';
+import { HttpError } from './http.js';
+import { ValidationError } from './validation.js';
+describe('Common Errors - Validation', () => {
+    describe('ValidationError', () => {
+        test('should create validation error with fields', () => {
+            const fields = {
+                email: 'Invalid email format',
+                name: 'Name is required',
+            };
+            const options = {
+                statusCode: 400,
+                type: 'ValidationError',
+                fields,
+            };
+            const error = new ValidationError('Validation failed', options);
+            expect(error.message).toBe('Validation failed');
+            expect(error.statusCode).toBe(400);
+            expect(error.type).toBe('ValidationError');
+            expect(error.fields).toEqual(fields);
+        });
+        test('should inherit from HttpError', () => {
+            const fields = { field: 'error' };
+            const error = new ValidationError('Test', { fields });
+            expect(error).toBeInstanceOf(Error);
+            expect(error).toBeInstanceOf(HttpError);
+            expect(error).toBeInstanceOf(ValidationError);
+        });
+        test('should use default HTTP error properties when not specified', () => {
+            const fields = { field: 'error' };
+            const error = new ValidationError('Test validation error', { fields });
+            expect(error.message).toBe('Test validation error');
+            expect(error.statusCode).toBe(500); // HttpError default
+            expect(error.type).toBe('Unknown'); // HttpError default
+            expect(error.fields).toEqual(fields);
+        });
+        test('should handle all HttpError options plus fields', () => {
+            const options = {
+                statusCode: 422,
+                type: 'UnprocessableEntity',
+                trace: 'validation-trace-456',
+                body: { request: 'data' },
+                fields: { username: 'Username already exists' },
+            };
+            const error = new ValidationError('Unprocessable entity', options);
+            expect(error.message).toBe('Unprocessable entity');
+            expect(error.statusCode).toBe(422);
+            expect(error.type).toBe('UnprocessableEntity');
+            expect(error.trace).toBeUndefined(); // trace is not assigned in HttpError constructor
+            expect(error.body).toBeUndefined(); // body is not assigned in HttpError constructor
+            expect(error.fields).toEqual({ username: 'Username already exists' });
+        });
+        test('should inherit isAuthorizationError from HttpError', () => {
+            const fields = { field: 'error' };
+            const error401 = new ValidationError('Unauthorized', {
+                statusCode: 401,
+                fields,
+            });
+            const error403 = new ValidationError('Forbidden', {
+                statusCode: 403,
+                fields,
+            });
+            const error400 = new ValidationError('Bad Request', {
+                statusCode: 400,
+                fields,
+            });
+            expect(error401.isAuthorizationError).toBe(true);
+            expect(error403.isAuthorizationError).toBe(true);
+            expect(error400.isAuthorizationError).toBe(false);
+        });
+        test('should handle empty fields object', () => {
+            const error = new ValidationError('No field errors', { fields: {} });
+            expect(error.fields).toEqual({});
+            expect(error.message).toBe('No field errors');
+        });
+        test('should handle multiple field errors', () => {
+            const fields = {
+                email: 'Email is invalid',
+                password: 'Password too short',
+                confirmPassword: 'Passwords do not match',
+                age: 'Must be 18 or older',
+            };
+            const error = new ValidationError('Multiple validation errors', {
+                fields,
+            });
+            expect(error.fields).toEqual(fields);
+            expect(Object.keys(error.fields)).toHaveLength(4);
+        });
+    });
+});

package/dist/esm/common/resources/init.d.ts

@@ -1,9 +1,10 @@
-declare const ConfigSchema: import("arktype/internal/methods/object.ts").ObjectType<{
-    host: (In: import("arktype/internal/attributes.ts").Default<string, "https://manage-api.mondoidentity.com">) => import("arktype/internal/attributes.ts").To<URL>;
-    accessToken: string;
-}, {}>;
-type ConfigProps = typeof ConfigSchema.inferIn;
-type Config = typeof ConfigSchema.inferOut;
+import * as z from 'zod/v4';
+declare const ConfigSchema: z.ZodObject<{
+    accessToken: z.ZodString;
+    host: z.ZodPipe<z.ZodDefault<z.ZodURL>, z.ZodTransform<URL, string>>;
+}, z.core.$strip>;
+export type ConfigProps = z.input<typeof ConfigSchema>;
+export type Config = z.output<typeof ConfigSchema>;
 export declare class MondoIdentity {
     readonly config: Config;
     constructor(config: ConfigProps);

package/dist/esm/common/resources/init.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../../../src/common/resources/init.ts"],"names":[],"mappings":"AAYA,QAAA,MAAM,YAAY;;;MAA0B,CAAC;AAE7C,KAAK,WAAW,GAAG,OAAO,YAAY,CAAC,OAAO,CAAC;AAC/C,KAAK,MAAM,GAAG,OAAO,YAAY,CAAC,QAAQ,CAAC;AAE3C,qBAAa,aAAa;IACxB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;gBAEL,MAAM,EAAE,WAAW;IAItC;;OAEG;IACH,IAAW,UAAU,IAAI,CAAC,OAAO,EAAE,WAAW,KAAK,WAAW,CAU7D;CAuBF"}
+{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../../../src/common/resources/init.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAc5B,QAAA,MAAM,YAAY;;;iBAA0B,CAAC;AAE7C,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAC;AACvD,MAAM,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,YAAY,CAAC,CAAC;AAEnD,qBAAa,aAAa;IACxB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;gBAEL,MAAM,EAAE,WAAW;IAItC;;OAEG;IACH,IAAW,UAAU,IAAI,CAAC,OAAO,EAAE,WAAW,KAAK,WAAW,CAU7D;CAuBF"}

package/dist/esm/common/resources/init.js

@@ -1,9 +1,13 @@
-import { type } from 'arktype';
-const BaseConfigSchema = type({
-    host: type('string.url.parse').default('https://manage-api.mondoidentity.com'),
+import * as z from 'zod/v4';
+const BaseConfigSchema = z.object({
+    host: z
+        .url()
+        .default('https://manage-api.mondoidentity.com')
+        .pipe(z.transform((v) => new URL(v))),
 });
-const AccessTokenConfigSchema = BaseConfigSchema.and({
-    accessToken: type('string'),
+const AccessTokenConfigSchema = z.object({
+    ...BaseConfigSchema.shape,
+    accessToken: z.string().min(1),
 });
 const ConfigSchema = AccessTokenConfigSchema;
 export class MondoIdentity {
@@ -26,9 +30,13 @@ export class MondoIdentity {
     }
 }
 function initConfig(config) {
-    const out = ConfigSchema(config);
-    if (out instanceof type.errors) {
-        throw new Error(`Invalid configuration: ${out.summary}`);
+    try {
+        return ConfigSchema.parse(config);
+    }
+    catch (error) {
+        if (error instanceof z.ZodError) {
+            throw new Error(`Invalid configuration: ${error.message}`);
+        }
+        throw error;
     }
-    return out;
 }

package/dist/esm/common/resources/init.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=init.test.d.ts.map

package/dist/esm/common/resources/init.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"init.test.d.ts","sourceRoot":"","sources":["../../../../src/common/resources/init.test.ts"],"names":[],"mappings":""}