@go-mondo/identity-sdk 0.0.2-beta.74 → 0.0.2-beta.76

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (56) hide show
  1. package/.release-please-manifest.json +1 -1
  2. package/.tsbuildinfo/cjs.json +1 -1
  3. package/.tsbuildinfo/esm.json +1 -1
  4. package/CHANGELOG.md +14 -0
  5. package/dist/cjs/app/authorization/schema.d.ts +14 -23
  6. package/dist/cjs/app/authorization/schema.d.ts.map +1 -1
  7. package/dist/cjs/app/authorization/schema.js +5 -3
  8. package/dist/cjs/app/authorization/schema.test.js +26 -0
  9. package/dist/cjs/common/schema/jwt.d.ts +0 -6
  10. package/dist/cjs/common/schema/jwt.d.ts.map +1 -1
  11. package/dist/cjs/common/schema/jwt.js +0 -3
  12. package/dist/cjs/common/schema/jwt.test.js +0 -8
  13. package/dist/cjs/workspace/authorization/schema.d.ts +0 -9
  14. package/dist/cjs/workspace/authorization/schema.d.ts.map +1 -1
  15. package/dist/esm/app/authorization/schema.d.ts +14 -23
  16. package/dist/esm/app/authorization/schema.d.ts.map +1 -1
  17. package/dist/esm/app/authorization/schema.js +5 -3
  18. package/dist/esm/app/authorization/schema.test.js +26 -0
  19. package/dist/esm/common/schema/jwt.d.ts +0 -6
  20. package/dist/esm/common/schema/jwt.d.ts.map +1 -1
  21. package/dist/esm/common/schema/jwt.js +0 -3
  22. package/dist/esm/common/schema/jwt.test.js +0 -8
  23. package/dist/esm/workspace/authorization/schema.d.ts +0 -9
  24. package/dist/esm/workspace/authorization/schema.d.ts.map +1 -1
  25. package/package.json +1 -1
  26. package/src/action/schema/operations/sign-up-verification.test.ts.bak +0 -163
  27. package/src/action/schema/operations/sign-up.test.ts.bak +0 -203
  28. package/src/action/schema/operations/user-attribute-verification.test.ts.bak +0 -148
  29. package/src/activity/schema/base.test.ts.bak +0 -291
  30. package/src/activity/schema/schema.test.ts.bak +0 -392
  31. package/src/activity/schema/types/authentication.test.ts.bak +0 -337
  32. package/src/activity/schema/types/authorization.test.ts.bak +0 -379
  33. package/src/activity/schema/types/note.test.ts.bak +0 -367
  34. package/src/activity/schema/types/operation.test.ts.bak +0 -379
  35. package/src/activity/schema/types/unknown.test.ts.bak +0 -304
  36. package/src/app/authorization/schema.test.ts.bak +0 -412
  37. package/src/app/oidc/schema.test.ts.bak +0 -117
  38. package/src/app/registration/schema.test.ts.bak +0 -308
  39. package/src/app/schema.test.ts.bak +0 -221
  40. package/src/association/schema.test.ts.bak +0 -148
  41. package/src/authentication/factors/schema.test.ts.bak +0 -174
  42. package/src/authentication/settings/schema.test.ts.bak +0 -91
  43. package/src/authorization/permissions/schema.test.ts.bak +0 -267
  44. package/src/authorization/roles/schema.test.ts.bak +0 -283
  45. package/src/common/schema/aggregate.test.ts.bak +0 -89
  46. package/src/common/schema/collection.test.ts.bak +0 -116
  47. package/src/common/schema/dates.test.ts.bak +0 -49
  48. package/src/common/schema/id.test.ts.bak +0 -149
  49. package/src/common/schema/jwt.test.ts.bak +0 -61
  50. package/src/common/schema/metadata.test.ts.bak +0 -141
  51. package/src/common/schema/pagination.test.ts.bak +0 -80
  52. package/src/common/schema/schema.test.ts.bak +0 -41
  53. package/src/customer/users/schema.test.ts.bak +0 -138
  54. package/src/identity/schema.test.ts.bak +0 -48
  55. package/src/oauth/token/schema/schema.test.ts.bak +0 -142
  56. package/src/workspace/settings/schema.test.ts.bak +0 -88
@@ -1,412 +0,0 @@
1
- import { type } from 'arktype';
2
- import { describe, expect, test } from 'vitest';
3
- import {
4
- type Authorization,
5
- AuthorizationPayloadSchema,
6
- AuthorizationSchema,
7
- UpsertAuthorizationPayloadSchema,
8
- } from './schema.js';
9
-
10
- describe('App Authorization - Schema', () => {
11
- describe('AuthorizationSchema', () => {
12
- test('should accept complete authorization object', () => {
13
- const authorization = {
14
- refreshTokenDuration: 3600,
15
- accessTokenDuration: 900,
16
- accessTokenSignatureAlgorithm: 'HS256' as const,
17
- loginUri: 'https://app.example.com/login',
18
- callbackUrls: [
19
- 'https://app.example.com/callback',
20
- 'https://app.example.com/oauth/callback',
21
- ],
22
- availableAudiences: ['api.example.com', 'admin.example.com'],
23
- availableGrants: new Set([
24
- 'authorization_code',
25
- 'refresh_token',
26
- ] as const),
27
- defaultAudience: 'api.example.com',
28
- updatedAt: new Date(),
29
- deletedAt: new Date(),
30
- deactivatedAt: new Date(),
31
- metadata: {
32
- oauth_version: '2.0',
33
- pkce_required: true,
34
- state_parameter_required: true,
35
- },
36
- };
37
-
38
- const result = AuthorizationSchema(authorization);
39
- expect(result).not.toBeInstanceOf(type.errors);
40
- expect((result as Authorization).availableGrants).toBeInstanceOf(Set);
41
- });
42
-
43
- test('should accept minimal authorization object', () => {
44
- const authorization = {
45
- metadata: {},
46
- };
47
-
48
- const result = AuthorizationSchema(authorization);
49
- expect(result).not.toBeInstanceOf(type.errors);
50
- });
51
-
52
- test('should accept authorization with grant array and convert to Set', () => {
53
- const authorization = {
54
- refreshTokenDuration: 7200,
55
- accessTokenDuration: 1800,
56
- availableGrants: ['authorization_code', 'client_credentials'] as const,
57
- metadata: {
58
- client_type: 'confidential',
59
- },
60
- };
61
-
62
- const result = AuthorizationSchema(authorization);
63
- expect(result).not.toBeInstanceOf(type.errors);
64
- expect((result as Authorization).availableGrants).toBeInstanceOf(Set);
65
- expect(
66
- (result as Authorization).availableGrants?.has('authorization_code')
67
- ).toBe(true);
68
- expect(
69
- (result as Authorization).availableGrants?.has('client_credentials')
70
- ).toBe(true);
71
- });
72
-
73
- test('should accept authorization with Set of grants', () => {
74
- const authorization = {
75
- accessTokenDuration: 600,
76
- availableGrants: new Set(['implicit', 'authorization_code'] as const),
77
- callbackUrls: ['https://spa.example.com/callback'],
78
- metadata: {
79
- client_type: 'public',
80
- application_type: 'spa',
81
- },
82
- };
83
-
84
- const result = AuthorizationSchema(authorization);
85
- expect(result).not.toBeInstanceOf(type.errors);
86
- expect((result as Authorization).availableGrants).toBeInstanceOf(Set);
87
- });
88
-
89
- test('should accept authorization with callback URLs as Set', () => {
90
- const authorization = {
91
- callbackUrls: new Set([
92
- 'https://app.example.com/auth',
93
- 'https://app.example.com/oauth',
94
- ]),
95
- availableAudiences: new Set(['api1.example.com', 'api2.example.com']),
96
- metadata: {
97
- multi_tenant: true,
98
- },
99
- };
100
-
101
- const result = AuthorizationSchema(authorization);
102
- expect(result).not.toBeInstanceOf(type.errors);
103
- expect((result as Authorization).callbackUrls).toBeInstanceOf(Set);
104
- expect((result as Authorization).availableAudiences).toBeInstanceOf(Set);
105
- });
106
-
107
- test('should accept authorization with optional fields', () => {
108
- const authorization = {
109
- refreshTokenDuration: 86400,
110
- accessTokenDuration: 3600,
111
- accessTokenSignatureAlgorithm: 'RS256' as const,
112
- loginUri: 'https://auth.example.com/login',
113
- defaultAudience: 'https://api.example.com',
114
- updatedAt: new Date(),
115
- metadata: {
116
- jwt_configuration: {
117
- algorithm: 'RS256',
118
- public_key: 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA...',
119
- },
120
- scopes: ['read:users', 'write:users', 'admin:all'],
121
- },
122
- };
123
-
124
- const result = AuthorizationSchema(authorization);
125
- expect(result).not.toBeInstanceOf(type.errors);
126
- });
127
-
128
- test('should filter empty strings from URLs and audiences', () => {
129
- const authorization = {
130
- callbackUrls: new Set([
131
- 'https://valid.example.com/callback',
132
- 'https://another.example.com/auth',
133
- ]),
134
- availableAudiences: ['api.example.com', 'admin.example.com'],
135
- metadata: {},
136
- };
137
-
138
- const result = AuthorizationSchema(authorization);
139
- expect(result).not.toBeInstanceOf(type.errors);
140
- expect((result as Authorization).callbackUrls).toEqual(
141
- new Set([
142
- 'https://valid.example.com/callback',
143
- 'https://another.example.com/auth',
144
- ])
145
- );
146
- expect((result as Authorization).availableAudiences).toEqual(
147
- new Set(['api.example.com', 'admin.example.com'])
148
- );
149
- });
150
-
151
- test('should reject invalid grant types', () => {
152
- const authorization = {
153
- availableGrants: ['invalid_grant_type'],
154
- metadata: {},
155
- };
156
-
157
- const result = AuthorizationSchema(authorization);
158
- expect(result).toBeInstanceOf(type.errors);
159
- });
160
-
161
- test('should reject invalid URL formats', () => {
162
- const authorization = {
163
- loginUri: 'not-a-valid-url',
164
- metadata: {},
165
- };
166
-
167
- const result = AuthorizationSchema(authorization);
168
- expect(result).toBeInstanceOf(type.errors);
169
- });
170
- });
171
-
172
- describe('AuthorizationPayloadSchema', () => {
173
- test('should accept complete authorization payload', () => {
174
- const payload = {
175
- refreshTokenDuration: 3600,
176
- accessTokenDuration: 900,
177
- accessTokenSignatureAlgorithm: 'HS256' as const,
178
- loginUri: 'https://app.example.com/login',
179
- callbackUrls: ['https://app.example.com/callback'],
180
- availableAudiences: ['api.example.com'],
181
- availableGrants: ['authorization_code', 'refresh_token'] as const,
182
- defaultAudience: 'api.example.com',
183
- updatedAt: new Date().toISOString(),
184
- deletedAt: new Date().toISOString(),
185
- deactivatedAt: new Date().toISOString(),
186
- metadata: {
187
- client_id: 'oauth_client_123',
188
- client_secret_set: true,
189
- token_endpoint_auth_method: 'client_secret_basic',
190
- },
191
- };
192
-
193
- const result = AuthorizationPayloadSchema(payload);
194
- expect(result).not.toBeInstanceOf(type.errors);
195
- expect(result).toEqual(payload);
196
- });
197
-
198
- test('should accept minimal authorization payload', () => {
199
- const payload = {
200
- metadata: {},
201
- };
202
-
203
- const result = AuthorizationPayloadSchema(payload);
204
- expect(result).not.toBeInstanceOf(type.errors);
205
- expect(result).toHaveProperty('accessTokenDuration');
206
- expect(result).toHaveProperty('accessTokenSignatureAlgorithm');
207
- expect(result).toHaveProperty('refreshTokenDuration');
208
- });
209
-
210
- test('should accept payload with grant arrays', () => {
211
- const payload = {
212
- refreshTokenDuration: 7200,
213
- accessTokenDuration: 1800,
214
- availableGrants: ['authorization_code', 'client_credentials'] as const,
215
- callbackUrls: ['https://server.example.com/oauth/callback'],
216
- metadata: {
217
- client_type: 'confidential',
218
- requires_client_secret: true,
219
- },
220
- };
221
-
222
- const result = AuthorizationPayloadSchema(payload);
223
- expect(result).not.toBeInstanceOf(type.errors);
224
- });
225
-
226
- test('should accept payload with Set of grants', () => {
227
- const payload = {
228
- accessTokenDuration: 600,
229
- availableGrants: new Set(['implicit'] as const),
230
- defaultAudience: 'https://spa-api.example.com',
231
- metadata: {
232
- client_type: 'public',
233
- application_type: 'single_page_app',
234
- },
235
- };
236
-
237
- const result = AuthorizationPayloadSchema(payload);
238
- expect(result).not.toBeInstanceOf(type.errors);
239
- });
240
-
241
- test('should accept payload with comprehensive OAuth configuration', () => {
242
- const payload = {
243
- refreshTokenDuration: 2592000, // 30 days
244
- accessTokenDuration: 3600, // 1 hour
245
- accessTokenSignatureAlgorithm: 'RS256' as const,
246
- loginUri: 'https://auth.corporate.com/oauth/authorize',
247
- callbackUrls: [
248
- 'https://app.corporate.com/auth/callback',
249
- 'https://mobile.corporate.com/oauth/callback',
250
- 'https://admin.corporate.com/auth/return',
251
- ],
252
- availableAudiences: [
253
- 'https://api.corporate.com',
254
- 'https://admin-api.corporate.com',
255
- 'https://analytics.corporate.com',
256
- ],
257
- availableGrants: [
258
- 'authorization_code',
259
- 'refresh_token',
260
- 'client_credentials',
261
- ] as const,
262
- defaultAudience: 'https://api.corporate.com',
263
- updatedAt: new Date().toISOString(),
264
- metadata: {
265
- client_name: 'Corporate Application',
266
- client_uri: 'https://corporate.com',
267
- logo_uri: 'https://corporate.com/logo.png',
268
- tos_uri: 'https://corporate.com/terms',
269
- policy_uri: 'https://corporate.com/privacy',
270
- },
271
- };
272
-
273
- const result = AuthorizationPayloadSchema(payload);
274
- expect(result).not.toBeInstanceOf(type.errors);
275
- });
276
-
277
- test('should reject invalid date format', () => {
278
- const payload = {
279
- updatedAt: 'invalid-date',
280
- metadata: {},
281
- };
282
-
283
- const result = AuthorizationPayloadSchema(payload);
284
- expect(result).toBeInstanceOf(type.errors);
285
- });
286
-
287
- test('should reject invalid signature algorithm', () => {
288
- const payload = {
289
- accessTokenSignatureAlgorithm: 'INVALID_ALG',
290
- metadata: {},
291
- };
292
-
293
- const result = AuthorizationPayloadSchema(payload);
294
- expect(result).toBeInstanceOf(type.errors);
295
- });
296
- });
297
-
298
- describe('UpsertAuthorizationPayloadSchema', () => {
299
- test('should accept upsert with all fields', () => {
300
- const payload = {
301
- refreshTokenDuration: 3600,
302
- accessTokenDuration: 900,
303
- accessTokenSignatureAlgorithm: 'HS256' as const,
304
- loginUri: 'https://updated.example.com/login',
305
- callbackUrls: ['https://updated.example.com/callback'],
306
- availableAudiences: ['updated-api.example.com'],
307
- availableGrants: ['authorization_code'] as const,
308
- defaultAudience: 'updated-api.example.com',
309
- metadata: {
310
- update_reason: 'security_enhancement',
311
- updated_by: 'admin@example.com',
312
- },
313
- };
314
-
315
- const result = UpsertAuthorizationPayloadSchema(payload);
316
- expect(result).not.toBeInstanceOf(type.errors);
317
- expect(result).toEqual(payload);
318
- });
319
-
320
- test('should accept partial upsert payload', () => {
321
- const payload = {
322
- accessTokenDuration: 1800,
323
- callbackUrls: ['https://new-callback.example.com'],
324
- metadata: {
325
- fields_updated: 'accessTokenDuration',
326
- },
327
- };
328
-
329
- const result = UpsertAuthorizationPayloadSchema(payload);
330
- expect(result).not.toBeInstanceOf(type.errors);
331
- });
332
-
333
- test('should accept upsert with undefined values', () => {
334
- const payload = {
335
- loginUri: undefined,
336
- defaultAudience: undefined,
337
- metadata: {
338
- reset_fields: 'loginUri',
339
- },
340
- };
341
-
342
- const result = UpsertAuthorizationPayloadSchema(payload);
343
- expect(result).not.toBeInstanceOf(type.errors);
344
- });
345
-
346
- test('should accept empty metadata upsert', () => {
347
- const payload = {
348
- refreshTokenDuration: 7200,
349
- metadata: {},
350
- };
351
-
352
- const result = UpsertAuthorizationPayloadSchema(payload);
353
- expect(result).not.toBeInstanceOf(type.errors);
354
- });
355
-
356
- test('should accept upsert with grant types modification', () => {
357
- const payload = {
358
- availableGrants: [
359
- 'authorization_code',
360
- 'refresh_token',
361
- 'client_credentials',
362
- ] as const,
363
- metadata: {
364
- added_grants: 'client_credentials',
365
- },
366
- };
367
-
368
- const result = UpsertAuthorizationPayloadSchema(payload);
369
- expect(result).not.toBeInstanceOf(type.errors);
370
- });
371
-
372
- test('should accept upsert with complex callback URL updates', () => {
373
- const payload = {
374
- callbackUrls: [
375
- 'https://prod.example.com/oauth/callback',
376
- 'https://staging.example.com/oauth/callback',
377
- 'https://dev.example.com/oauth/callback',
378
- ],
379
- availableAudiences: [
380
- 'https://api.example.com',
381
- 'https://staging-api.example.com',
382
- ],
383
- metadata: {
384
- environment: 'production',
385
- },
386
- };
387
-
388
- const result = UpsertAuthorizationPayloadSchema(payload);
389
- expect(result).not.toBeInstanceOf(type.errors);
390
- });
391
-
392
- test('should reject invalid grant types in upsert', () => {
393
- const payload = {
394
- availableGrants: ['invalid_grant'],
395
- metadata: {},
396
- };
397
-
398
- const result = UpsertAuthorizationPayloadSchema(payload);
399
- expect(result).toBeInstanceOf(type.errors);
400
- });
401
-
402
- test('should reject invalid URL in upsert', () => {
403
- const payload = {
404
- loginUri: 'not-a-valid-url',
405
- metadata: {},
406
- };
407
-
408
- const result = UpsertAuthorizationPayloadSchema(payload);
409
- expect(result).toBeInstanceOf(type.errors);
410
- });
411
- });
412
- });
@@ -1,117 +0,0 @@
1
- import { type } from 'arktype';
2
- import { describe, expect, test } from 'vitest';
3
- import {
4
- InsertOIDCPayloadSchema,
5
- OIDCPayloadSchema,
6
- OIDCSchema,
7
- UpdateOIDCPayloadSchema,
8
- } from './schema.js';
9
-
10
- describe('App OIDC - Schema', () => {
11
- describe('OIDCSchema', () => {
12
- test('should accept complete OIDC object', () => {
13
- const oidc = {
14
- updatedAt: new Date(),
15
- deletedAt: new Date(),
16
- deactivatedAt: new Date(),
17
- metadata: { provider: 'auth0' },
18
- };
19
-
20
- const result = OIDCSchema(oidc);
21
- expect(result).not.toBeInstanceOf(type.errors);
22
- });
23
-
24
- test('should accept minimal OIDC object', () => {
25
- const oidc = {
26
- metadata: {},
27
- };
28
-
29
- const result = OIDCSchema(oidc);
30
- expect(result).not.toBeInstanceOf(type.errors);
31
- });
32
-
33
- test('should accept OIDC with only some optional dates', () => {
34
- const oidc = {
35
- updatedAt: new Date(),
36
- metadata: { configured: true },
37
- };
38
-
39
- const result = OIDCSchema(oidc);
40
- expect(result).not.toBeInstanceOf(type.errors);
41
- });
42
- });
43
-
44
- describe('OIDCPayloadSchema', () => {
45
- test('should accept complete payload', () => {
46
- const payload = {
47
- updatedAt: new Date().toISOString(),
48
- deletedAt: new Date().toISOString(),
49
- deactivatedAt: new Date().toISOString(),
50
- metadata: { issuer: 'https://auth.example.com' },
51
- };
52
-
53
- const result = OIDCPayloadSchema(payload);
54
- expect(result).not.toBeInstanceOf(type.errors);
55
- expect(result).toEqual(payload);
56
- });
57
-
58
- test('should accept minimal payload', () => {
59
- const payload = {
60
- metadata: {},
61
- };
62
-
63
- const result = OIDCPayloadSchema(payload);
64
- expect(result).not.toBeInstanceOf(type.errors);
65
- expect(result).toEqual(payload);
66
- });
67
-
68
- test('should accept payload with optional dates', () => {
69
- const payload = {
70
- updatedAt: new Date().toISOString(),
71
- metadata: { clientId: 'oidc_client_123' },
72
- };
73
-
74
- const result = OIDCPayloadSchema(payload);
75
- expect(result).not.toBeInstanceOf(type.errors);
76
- });
77
- });
78
-
79
- describe('InsertOIDCPayloadSchema', () => {
80
- test('should accept metadata payload', () => {
81
- const payload = {
82
- metadata: { setup: 'initial' },
83
- };
84
-
85
- const result = InsertOIDCPayloadSchema(payload);
86
- expect(result).not.toBeInstanceOf(type.errors);
87
- expect(result).toEqual(payload);
88
- });
89
-
90
- test('should accept undefined', () => {
91
- const result = InsertOIDCPayloadSchema(undefined);
92
- expect(result).not.toBeInstanceOf(type.errors);
93
- expect(result).toBeUndefined();
94
- });
95
-
96
- test('should accept empty metadata', () => {
97
- const payload = {
98
- metadata: {},
99
- };
100
-
101
- const result = InsertOIDCPayloadSchema(payload);
102
- expect(result).not.toBeInstanceOf(type.errors);
103
- });
104
- });
105
-
106
- describe('UpdateOIDCPayloadSchema', () => {
107
- test('should accept metadata update', () => {
108
- const payload = {
109
- metadata: { version: '2.0' },
110
- };
111
-
112
- const result = UpdateOIDCPayloadSchema(payload);
113
- expect(result).not.toBeInstanceOf(type.errors);
114
- expect(result).toEqual(payload);
115
- });
116
- });
117
- });