@go-mondo/identity-sdk 0.0.2-beta.73 → 0.0.2-beta.75
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.release-please-manifest.json +1 -1
- package/.tsbuildinfo/cjs.json +1 -1
- package/.tsbuildinfo/esm.json +1 -1
- package/CHANGELOG.md +14 -0
- package/dist/cjs/app/authorization/schema.d.ts +0 -9
- package/dist/cjs/app/authorization/schema.d.ts.map +1 -1
- package/dist/cjs/common/schema/jwt.d.ts +0 -6
- package/dist/cjs/common/schema/jwt.d.ts.map +1 -1
- package/dist/cjs/common/schema/jwt.js +0 -3
- package/dist/cjs/common/schema/jwt.test.js +0 -8
- package/dist/cjs/customer/users/schema.d.ts +4 -4
- package/dist/cjs/customer/users/schema.d.ts.map +1 -1
- package/dist/cjs/customer/users/schema.js +8 -4
- package/dist/cjs/customer/users/schema.test.js +4 -4
- package/dist/cjs/workspace/authorization/schema.d.ts +0 -9
- package/dist/cjs/workspace/authorization/schema.d.ts.map +1 -1
- package/dist/esm/app/authorization/schema.d.ts +0 -9
- package/dist/esm/app/authorization/schema.d.ts.map +1 -1
- package/dist/esm/common/schema/jwt.d.ts +0 -6
- package/dist/esm/common/schema/jwt.d.ts.map +1 -1
- package/dist/esm/common/schema/jwt.js +0 -3
- package/dist/esm/common/schema/jwt.test.js +0 -8
- package/dist/esm/customer/users/schema.d.ts +4 -4
- package/dist/esm/customer/users/schema.d.ts.map +1 -1
- package/dist/esm/customer/users/schema.js +8 -4
- package/dist/esm/customer/users/schema.test.js +4 -4
- package/dist/esm/workspace/authorization/schema.d.ts +0 -9
- package/dist/esm/workspace/authorization/schema.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/action/schema/operations/sign-up-verification.test.ts.bak +0 -163
- package/src/action/schema/operations/sign-up.test.ts.bak +0 -203
- package/src/action/schema/operations/user-attribute-verification.test.ts.bak +0 -148
- package/src/activity/schema/base.test.ts.bak +0 -291
- package/src/activity/schema/schema.test.ts.bak +0 -392
- package/src/activity/schema/types/authentication.test.ts.bak +0 -337
- package/src/activity/schema/types/authorization.test.ts.bak +0 -379
- package/src/activity/schema/types/note.test.ts.bak +0 -367
- package/src/activity/schema/types/operation.test.ts.bak +0 -379
- package/src/activity/schema/types/unknown.test.ts.bak +0 -304
- package/src/app/authorization/schema.test.ts.bak +0 -412
- package/src/app/oidc/schema.test.ts.bak +0 -117
- package/src/app/registration/schema.test.ts.bak +0 -308
- package/src/app/schema.test.ts.bak +0 -221
- package/src/association/schema.test.ts.bak +0 -148
- package/src/authentication/factors/schema.test.ts.bak +0 -174
- package/src/authentication/settings/schema.test.ts.bak +0 -91
- package/src/authorization/permissions/schema.test.ts.bak +0 -267
- package/src/authorization/roles/schema.test.ts.bak +0 -283
- package/src/common/schema/aggregate.test.ts.bak +0 -89
- package/src/common/schema/collection.test.ts.bak +0 -116
- package/src/common/schema/dates.test.ts.bak +0 -49
- package/src/common/schema/id.test.ts.bak +0 -149
- package/src/common/schema/jwt.test.ts.bak +0 -61
- package/src/common/schema/metadata.test.ts.bak +0 -141
- package/src/common/schema/pagination.test.ts.bak +0 -80
- package/src/common/schema/schema.test.ts.bak +0 -41
- package/src/customer/users/schema.test.ts.bak +0 -138
- package/src/identity/schema.test.ts.bak +0 -48
- package/src/oauth/token/schema/schema.test.ts.bak +0 -142
- package/src/workspace/settings/schema.test.ts.bak +0 -88
|
@@ -1,379 +0,0 @@
|
|
|
1
|
-
import { type } from 'arktype';
|
|
2
|
-
import { describe, expect, test } from 'vitest';
|
|
3
|
-
import { generateUserId } from '../../../customer/schema.js';
|
|
4
|
-
import { generateActivityId } from '../utils.js';
|
|
5
|
-
import {
|
|
6
|
-
AuthorizationActivityPayloadSchema,
|
|
7
|
-
AuthorizationActivitySchema,
|
|
8
|
-
AuthorizationStatus,
|
|
9
|
-
AuthorizationStatusSchema,
|
|
10
|
-
} from './authorization.js';
|
|
11
|
-
|
|
12
|
-
describe('Activity Schema - Authorization', () => {
|
|
13
|
-
describe('AuthorizationStatus', () => {
|
|
14
|
-
test('should contain expected status values', () => {
|
|
15
|
-
expect(AuthorizationStatus.SUCESS).toBe('success');
|
|
16
|
-
expect(AuthorizationStatus.FAIL).toBe('fail');
|
|
17
|
-
});
|
|
18
|
-
});
|
|
19
|
-
|
|
20
|
-
describe('AuthorizationStatusSchema', () => {
|
|
21
|
-
test('should accept success status', () => {
|
|
22
|
-
const result = AuthorizationStatusSchema('success');
|
|
23
|
-
expect(result).not.toBeInstanceOf(type.errors);
|
|
24
|
-
expect(result).toBe('success');
|
|
25
|
-
});
|
|
26
|
-
|
|
27
|
-
test('should accept fail status', () => {
|
|
28
|
-
const result = AuthorizationStatusSchema('fail');
|
|
29
|
-
expect(result).not.toBeInstanceOf(type.errors);
|
|
30
|
-
expect(result).toBe('fail');
|
|
31
|
-
});
|
|
32
|
-
|
|
33
|
-
test('should reject invalid status', () => {
|
|
34
|
-
const result = AuthorizationStatusSchema('invalid_status');
|
|
35
|
-
expect(result).toBeInstanceOf(type.errors);
|
|
36
|
-
});
|
|
37
|
-
|
|
38
|
-
test('should reject non-string status', () => {
|
|
39
|
-
const result = AuthorizationStatusSchema(123);
|
|
40
|
-
expect(result).toBeInstanceOf(type.errors);
|
|
41
|
-
});
|
|
42
|
-
});
|
|
43
|
-
|
|
44
|
-
describe('AuthorizationActivitySchema', () => {
|
|
45
|
-
test('should accept complete authorization activity with success', () => {
|
|
46
|
-
const activity = {
|
|
47
|
-
id: generateActivityId(),
|
|
48
|
-
type: 'authorization' as const,
|
|
49
|
-
status: 'success' as const,
|
|
50
|
-
identity: generateUserId(),
|
|
51
|
-
message: 'User authorized to access resource',
|
|
52
|
-
performedBy: {
|
|
53
|
-
type: 'system' as const,
|
|
54
|
-
identifier: 'rbac-service',
|
|
55
|
-
},
|
|
56
|
-
source: 'permission-check',
|
|
57
|
-
isMutateable: false,
|
|
58
|
-
createdAt: new Date(),
|
|
59
|
-
updatedAt: new Date(),
|
|
60
|
-
metadata: { resource: 'users', action: 'read' },
|
|
61
|
-
};
|
|
62
|
-
|
|
63
|
-
const result = AuthorizationActivitySchema(activity);
|
|
64
|
-
expect(result).not.toBeInstanceOf(type.errors);
|
|
65
|
-
});
|
|
66
|
-
|
|
67
|
-
test('should accept authorization activity with fail status', () => {
|
|
68
|
-
const activity = {
|
|
69
|
-
id: generateActivityId(),
|
|
70
|
-
type: 'authorization' as const,
|
|
71
|
-
status: 'fail' as const,
|
|
72
|
-
identity: generateUserId(),
|
|
73
|
-
message: 'Access denied - insufficient permissions',
|
|
74
|
-
performedBy: {
|
|
75
|
-
type: 'system' as const,
|
|
76
|
-
identifier: 'auth-guard',
|
|
77
|
-
},
|
|
78
|
-
source: 'api-gateway',
|
|
79
|
-
isMutateable: false,
|
|
80
|
-
createdAt: new Date(),
|
|
81
|
-
updatedAt: new Date(),
|
|
82
|
-
metadata: { required_role: 'admin', user_role: 'user' },
|
|
83
|
-
};
|
|
84
|
-
|
|
85
|
-
const result = AuthorizationActivitySchema(activity);
|
|
86
|
-
expect(result).not.toBeInstanceOf(type.errors);
|
|
87
|
-
});
|
|
88
|
-
|
|
89
|
-
test('should accept authorization activity without identity', () => {
|
|
90
|
-
const activity = {
|
|
91
|
-
id: generateActivityId(),
|
|
92
|
-
type: 'authorization' as const,
|
|
93
|
-
status: 'fail' as const,
|
|
94
|
-
message: 'Anonymous access denied',
|
|
95
|
-
performedBy: {
|
|
96
|
-
type: 'guest' as const,
|
|
97
|
-
identifier: 'anonymous-session',
|
|
98
|
-
},
|
|
99
|
-
source: 'public-endpoint',
|
|
100
|
-
isMutateable: false,
|
|
101
|
-
createdAt: new Date(),
|
|
102
|
-
updatedAt: new Date(),
|
|
103
|
-
metadata: { reason: 'authentication_required' },
|
|
104
|
-
};
|
|
105
|
-
|
|
106
|
-
const result = AuthorizationActivitySchema(activity);
|
|
107
|
-
expect(result).not.toBeInstanceOf(type.errors);
|
|
108
|
-
});
|
|
109
|
-
|
|
110
|
-
test('should accept authorization activity with optional fields', () => {
|
|
111
|
-
const activity = {
|
|
112
|
-
id: generateActivityId(),
|
|
113
|
-
type: 'authorization' as const,
|
|
114
|
-
status: 'success' as const,
|
|
115
|
-
identity: generateUserId(),
|
|
116
|
-
message: 'Service-to-service authorization successful',
|
|
117
|
-
performedBy: {
|
|
118
|
-
type: 'integration' as const,
|
|
119
|
-
identifier: 'microservice-auth',
|
|
120
|
-
},
|
|
121
|
-
source: 'service-mesh',
|
|
122
|
-
isMutateable: false,
|
|
123
|
-
createdAt: new Date(),
|
|
124
|
-
updatedAt: new Date(),
|
|
125
|
-
deletedAt: new Date(),
|
|
126
|
-
deactivatedAt: new Date(),
|
|
127
|
-
metadata: { service: 'payment-api', scope: 'read:transactions' },
|
|
128
|
-
};
|
|
129
|
-
|
|
130
|
-
const result = AuthorizationActivitySchema(activity);
|
|
131
|
-
expect(result).not.toBeInstanceOf(type.errors);
|
|
132
|
-
});
|
|
133
|
-
|
|
134
|
-
test('should reject authorization activity with wrong type', () => {
|
|
135
|
-
const activity = {
|
|
136
|
-
id: generateActivityId(),
|
|
137
|
-
type: 'authentication',
|
|
138
|
-
status: 'success' as const,
|
|
139
|
-
identity: generateUserId(),
|
|
140
|
-
message: 'Wrong type',
|
|
141
|
-
performedBy: {
|
|
142
|
-
type: 'system' as const,
|
|
143
|
-
identifier: 'auth-service',
|
|
144
|
-
},
|
|
145
|
-
source: 'permission-check',
|
|
146
|
-
isMutateable: false,
|
|
147
|
-
createdAt: new Date(),
|
|
148
|
-
updatedAt: new Date(),
|
|
149
|
-
metadata: {},
|
|
150
|
-
};
|
|
151
|
-
|
|
152
|
-
const result = AuthorizationActivitySchema(activity);
|
|
153
|
-
expect(result).toBeInstanceOf(type.errors);
|
|
154
|
-
});
|
|
155
|
-
|
|
156
|
-
test('should reject authorization activity with invalid status', () => {
|
|
157
|
-
const activity = {
|
|
158
|
-
id: generateActivityId(),
|
|
159
|
-
type: 'authorization' as const,
|
|
160
|
-
status: 'pending',
|
|
161
|
-
identity: generateUserId(),
|
|
162
|
-
message: 'Test message',
|
|
163
|
-
performedBy: {
|
|
164
|
-
type: 'system' as const,
|
|
165
|
-
identifier: 'auth-service',
|
|
166
|
-
},
|
|
167
|
-
source: 'permission-check',
|
|
168
|
-
isMutateable: false,
|
|
169
|
-
createdAt: new Date(),
|
|
170
|
-
updatedAt: new Date(),
|
|
171
|
-
metadata: {},
|
|
172
|
-
};
|
|
173
|
-
|
|
174
|
-
const result = AuthorizationActivitySchema(activity);
|
|
175
|
-
expect(result).toBeInstanceOf(type.errors);
|
|
176
|
-
});
|
|
177
|
-
|
|
178
|
-
test('should reject authorization activity missing required fields', () => {
|
|
179
|
-
const activity = {
|
|
180
|
-
id: generateActivityId(),
|
|
181
|
-
type: 'authorization' as const,
|
|
182
|
-
status: 'success' as const,
|
|
183
|
-
// missing message
|
|
184
|
-
performedBy: {
|
|
185
|
-
type: 'system' as const,
|
|
186
|
-
identifier: 'auth-service',
|
|
187
|
-
},
|
|
188
|
-
source: 'permission-check',
|
|
189
|
-
isMutateable: false,
|
|
190
|
-
createdAt: new Date(),
|
|
191
|
-
updatedAt: new Date(),
|
|
192
|
-
metadata: {},
|
|
193
|
-
};
|
|
194
|
-
|
|
195
|
-
const result = AuthorizationActivitySchema(activity);
|
|
196
|
-
expect(result).toBeInstanceOf(type.errors);
|
|
197
|
-
});
|
|
198
|
-
|
|
199
|
-
test('should reject authorization activity with invalid identity ID', () => {
|
|
200
|
-
const activity = {
|
|
201
|
-
id: generateActivityId(),
|
|
202
|
-
type: 'authorization' as const,
|
|
203
|
-
status: 'success' as const,
|
|
204
|
-
identity: 'invalid_user_id',
|
|
205
|
-
message: 'Test message',
|
|
206
|
-
performedBy: {
|
|
207
|
-
type: 'system' as const,
|
|
208
|
-
identifier: 'auth-service',
|
|
209
|
-
},
|
|
210
|
-
source: 'permission-check',
|
|
211
|
-
isMutateable: false,
|
|
212
|
-
createdAt: new Date(),
|
|
213
|
-
updatedAt: new Date(),
|
|
214
|
-
metadata: {},
|
|
215
|
-
};
|
|
216
|
-
|
|
217
|
-
const result = AuthorizationActivitySchema(activity);
|
|
218
|
-
expect(result).toBeInstanceOf(type.errors);
|
|
219
|
-
});
|
|
220
|
-
});
|
|
221
|
-
|
|
222
|
-
describe('AuthorizationActivityPayloadSchema', () => {
|
|
223
|
-
test('should accept complete authorization payload with success', () => {
|
|
224
|
-
const payload = {
|
|
225
|
-
id: generateActivityId(),
|
|
226
|
-
type: 'authorization' as const,
|
|
227
|
-
status: 'success' as const,
|
|
228
|
-
identity: generateUserId(),
|
|
229
|
-
message: 'Authorization successful',
|
|
230
|
-
performedBy: {
|
|
231
|
-
type: 'system' as const,
|
|
232
|
-
identifier: 'policy-engine',
|
|
233
|
-
},
|
|
234
|
-
source: 'authorization-service',
|
|
235
|
-
isMutateable: false,
|
|
236
|
-
createdAt: new Date().toISOString(),
|
|
237
|
-
updatedAt: new Date().toISOString(),
|
|
238
|
-
metadata: { policy: 'admin-access', resource_id: 'res_123' },
|
|
239
|
-
};
|
|
240
|
-
|
|
241
|
-
const result = AuthorizationActivityPayloadSchema(payload);
|
|
242
|
-
expect(result).not.toBeInstanceOf(type.errors);
|
|
243
|
-
expect(result).toEqual(payload);
|
|
244
|
-
});
|
|
245
|
-
|
|
246
|
-
test('should accept authorization payload with fail status', () => {
|
|
247
|
-
const payload = {
|
|
248
|
-
id: generateActivityId(),
|
|
249
|
-
type: 'authorization' as const,
|
|
250
|
-
status: 'fail' as const,
|
|
251
|
-
identity: generateUserId(),
|
|
252
|
-
message: 'Authorization failed - role mismatch',
|
|
253
|
-
performedBy: {
|
|
254
|
-
type: 'automation' as const,
|
|
255
|
-
identifier: 'access-control',
|
|
256
|
-
},
|
|
257
|
-
source: 'middleware',
|
|
258
|
-
isMutateable: false,
|
|
259
|
-
createdAt: new Date().toISOString(),
|
|
260
|
-
updatedAt: new Date().toISOString(),
|
|
261
|
-
metadata: { expected_role: 'manager', actual_role: 'employee' },
|
|
262
|
-
};
|
|
263
|
-
|
|
264
|
-
const result = AuthorizationActivityPayloadSchema(payload);
|
|
265
|
-
expect(result).not.toBeInstanceOf(type.errors);
|
|
266
|
-
});
|
|
267
|
-
|
|
268
|
-
test('should accept payload without identity', () => {
|
|
269
|
-
const payload = {
|
|
270
|
-
id: generateActivityId(),
|
|
271
|
-
type: 'authorization' as const,
|
|
272
|
-
status: 'fail' as const,
|
|
273
|
-
message: 'Unauthenticated access attempt',
|
|
274
|
-
performedBy: {
|
|
275
|
-
type: 'guest' as const,
|
|
276
|
-
identifier: 'anonymous',
|
|
277
|
-
},
|
|
278
|
-
source: 'public-api',
|
|
279
|
-
isMutateable: false,
|
|
280
|
-
createdAt: new Date().toISOString(),
|
|
281
|
-
updatedAt: new Date().toISOString(),
|
|
282
|
-
metadata: { endpoint: '/admin/users', method: 'GET' },
|
|
283
|
-
};
|
|
284
|
-
|
|
285
|
-
const result = AuthorizationActivityPayloadSchema(payload);
|
|
286
|
-
expect(result).not.toBeInstanceOf(type.errors);
|
|
287
|
-
});
|
|
288
|
-
|
|
289
|
-
test('should accept payload with optional date fields', () => {
|
|
290
|
-
const payload = {
|
|
291
|
-
id: generateActivityId(),
|
|
292
|
-
type: 'authorization' as const,
|
|
293
|
-
status: 'success' as const,
|
|
294
|
-
identity: generateUserId(),
|
|
295
|
-
message: 'Scheduled authorization check',
|
|
296
|
-
performedBy: {
|
|
297
|
-
type: 'automation' as const,
|
|
298
|
-
identifier: 'cron-permissions',
|
|
299
|
-
},
|
|
300
|
-
source: 'background-task',
|
|
301
|
-
isMutateable: false,
|
|
302
|
-
createdAt: new Date().toISOString(),
|
|
303
|
-
updatedAt: new Date().toISOString(),
|
|
304
|
-
deletedAt: new Date().toISOString(),
|
|
305
|
-
deactivatedAt: new Date().toISOString(),
|
|
306
|
-
metadata: { scheduled: true },
|
|
307
|
-
};
|
|
308
|
-
|
|
309
|
-
const result = AuthorizationActivityPayloadSchema(payload);
|
|
310
|
-
expect(result).not.toBeInstanceOf(type.errors);
|
|
311
|
-
});
|
|
312
|
-
|
|
313
|
-
test('should reject payload with invalid date format', () => {
|
|
314
|
-
const payload = {
|
|
315
|
-
id: generateActivityId(),
|
|
316
|
-
type: 'authorization' as const,
|
|
317
|
-
status: 'success' as const,
|
|
318
|
-
identity: generateUserId(),
|
|
319
|
-
message: 'Test authorization',
|
|
320
|
-
performedBy: {
|
|
321
|
-
type: 'system' as const,
|
|
322
|
-
identifier: 'auth-service',
|
|
323
|
-
},
|
|
324
|
-
source: 'api',
|
|
325
|
-
isMutateable: false,
|
|
326
|
-
createdAt: 'invalid-date-format',
|
|
327
|
-
updatedAt: new Date().toISOString(),
|
|
328
|
-
metadata: {},
|
|
329
|
-
};
|
|
330
|
-
|
|
331
|
-
const result = AuthorizationActivityPayloadSchema(payload);
|
|
332
|
-
expect(result).toBeInstanceOf(type.errors);
|
|
333
|
-
});
|
|
334
|
-
|
|
335
|
-
test('should reject payload with wrong type', () => {
|
|
336
|
-
const payload = {
|
|
337
|
-
id: generateActivityId(),
|
|
338
|
-
type: 'operation',
|
|
339
|
-
status: 'success' as const,
|
|
340
|
-
identity: generateUserId(),
|
|
341
|
-
message: 'Wrong type',
|
|
342
|
-
performedBy: {
|
|
343
|
-
type: 'system' as const,
|
|
344
|
-
identifier: 'auth-service',
|
|
345
|
-
},
|
|
346
|
-
source: 'api',
|
|
347
|
-
isMutateable: false,
|
|
348
|
-
createdAt: new Date().toISOString(),
|
|
349
|
-
updatedAt: new Date().toISOString(),
|
|
350
|
-
metadata: {},
|
|
351
|
-
};
|
|
352
|
-
|
|
353
|
-
const result = AuthorizationActivityPayloadSchema(payload);
|
|
354
|
-
expect(result).toBeInstanceOf(type.errors);
|
|
355
|
-
});
|
|
356
|
-
|
|
357
|
-
test('should reject payload with invalid status', () => {
|
|
358
|
-
const payload = {
|
|
359
|
-
id: generateActivityId(),
|
|
360
|
-
type: 'authorization' as const,
|
|
361
|
-
status: 'unknown',
|
|
362
|
-
identity: generateUserId(),
|
|
363
|
-
message: 'Invalid status',
|
|
364
|
-
performedBy: {
|
|
365
|
-
type: 'system' as const,
|
|
366
|
-
identifier: 'auth-service',
|
|
367
|
-
},
|
|
368
|
-
source: 'api',
|
|
369
|
-
isMutateable: false,
|
|
370
|
-
createdAt: new Date().toISOString(),
|
|
371
|
-
updatedAt: new Date().toISOString(),
|
|
372
|
-
metadata: {},
|
|
373
|
-
};
|
|
374
|
-
|
|
375
|
-
const result = AuthorizationActivityPayloadSchema(payload);
|
|
376
|
-
expect(result).toBeInstanceOf(type.errors);
|
|
377
|
-
});
|
|
378
|
-
});
|
|
379
|
-
});
|