npm - @go-mondo/identity-sdk - Versions diffs - 0.0.2-beta.76 → 0.0.2-beta.77 - Mend

@go-mondo/identity-sdk 0.0.2-beta.76 → 0.0.2-beta.77

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/.release-please-manifest.json +1 -1
package/.tsbuildinfo/cjs.json +1 -1
package/.tsbuildinfo/esm.json +1 -1
package/CHANGELOG.md +7 -0
package/dist/cjs/app/authorization/schema.d.ts +10 -10
package/dist/cjs/app/authorization/schema.d.ts.map +1 -1
package/dist/cjs/app/authorization/schema.js +10 -10
package/dist/cjs/app/authorization/schema.test.js +34 -4
package/dist/esm/app/authorization/schema.d.ts +10 -10
package/dist/esm/app/authorization/schema.d.ts.map +1 -1
package/dist/esm/app/authorization/schema.js +6 -6
package/dist/esm/app/authorization/schema.test.js +34 -4
package/package.json +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,12 @@
 # Changelog
+## [0.0.2-beta.77](https://github.com/go-mondo/identity-node-sdk/compare/identity-sdk-v0.0.2-beta.76...identity-sdk-v0.0.2-beta.77) (2026-05-06)
+### Bug Fixes
+* authorization result schema ([549f07b](https://github.com/go-mondo/identity-node-sdk/commit/549f07b9b971cbd9a4e156b8baa8f86ed5c57963))
 ## [0.0.2-beta.76](https://github.com/go-mondo/identity-node-sdk/compare/identity-sdk-v0.0.2-beta.75...identity-sdk-v0.0.2-beta.76) (2026-05-06)

package/dist/cjs/app/authorization/schema.d.ts CHANGED Viewed

@@ -4,7 +4,6 @@ export declare const AuthorizationSchema: z.ZodObject<{
     metadata: z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodNull, z.ZodCustom<Map<string, string | number | boolean>, Map<string, string | number | boolean>>, z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodNumber, z.ZodBoolean]>>]>, z.ZodTransform<Map<string, string | number | boolean>, Record<string, string | number | boolean> | Map<string, string | number | boolean> | null | undefined>>;
     deactivatedAt: z.ZodOptional<z.ZodUnion<readonly [z.ZodDate, z.ZodPipe<z.ZodString, z.ZodTransform<Date, string>>]>>;
     deletedAt: z.ZodOptional<z.ZodUnion<readonly [z.ZodDate, z.ZodPipe<z.ZodString, z.ZodTransform<Date, string>>]>>;
-    loginUri: z.ZodOptional<z.ZodUnion<readonly [z.ZodUnion<[z.ZodPipe<z.ZodURL, z.ZodTransform<URL, string>>, z.ZodCustom<URL, URL>]>, z.ZodUndefined]>>;
     callbackUrls: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodPipe<z.ZodArray<z.ZodUnion<[z.ZodPipe<z.ZodURL, z.ZodTransform<URL, string>>, z.ZodCustom<URL, URL>]>>, z.ZodTransform<URL[], URL[]>>, z.ZodCustom<Set<URL>, Set<URL>>]>, z.ZodTransform<Set<URL> | undefined, Set<URL> | URL[] | undefined>>>;
     availableAudiences: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodPipe<z.ZodArray<z.ZodString>, z.ZodTransform<string[], string[]>>, z.ZodSet<z.ZodString>]>, z.ZodTransform<Set<string> | undefined, Set<string> | string[] | undefined>>>;
     availableGrants: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodArray<z.ZodEnum<{
@@ -15,9 +14,9 @@ export declare const AuthorizationSchema: z.ZodObject<{
     }>>, z.ZodCustom<Set<AnyGrantType>, Set<AnyGrantType>>]>, z.ZodTransform<Set<AnyGrantType> | undefined, Set<AnyGrantType> | ("client_credentials" | "authorization_code" | "implicit" | "refresh_token")[] | undefined>>>;
     defaultAudience: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodUndefined]>>;
     updatedAt: z.ZodOptional<z.ZodUnion<readonly [z.ZodDate, z.ZodPipe<z.ZodString, z.ZodTransform<Date, string>>]>>;
-    refreshTokenDuration: z.ZodOptional<z.ZodNumber>;
-    accessTokenDuration: z.ZodOptional<z.ZodNumber>;
-    accessTokenSignatureAlgorithm: z.ZodOptional<z.ZodEnum<{
+    refreshTokenDuration: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodNumber, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<number | undefined, number | null | undefined>>>;
+    accessTokenDuration: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodNumber, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<number | undefined, number | null | undefined>>>;
+    accessTokenSignatureAlgorithm: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodEnum<{
         RS256: "RS256";
         RS384: "RS384";
         RS512: "RS512";
@@ -27,7 +26,8 @@ export declare const AuthorizationSchema: z.ZodObject<{
         PS256: "PS256";
         PS384: "PS384";
         PS512: "PS512";
-    }>>;
+    }>, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<NonNullable<"RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512"> | undefined, "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512" | null | undefined>>>;
+    loginUri: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUnion<[z.ZodPipe<z.ZodCustom<URL, URL>, z.ZodTransform<string, URL>>, z.ZodURL]>, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<string | undefined, string | null | undefined>>>;
 }, z.core.$strip>;
 export type AuthorizationProperties = z.input<typeof AuthorizationSchema>;
 export type Authorization = z.output<typeof AuthorizationSchema>;
@@ -35,7 +35,6 @@ export declare const AuthorizationPayloadSchema: z.ZodObject<{
     metadata: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodNull, z.ZodCustom<Map<string, string | number | boolean>, Map<string, string | number | boolean>>, z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodNumber, z.ZodBoolean]>>]>, z.ZodTransform<Record<string, string | number | boolean> | undefined, Record<string, string | number | boolean> | Map<string, string | number | boolean> | null | undefined>>>;
     deactivatedAt: z.ZodOptional<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodDate, z.ZodPipe<z.ZodString, z.ZodTransform<Date, string>>]>>, z.ZodTransform<string | undefined, Date | undefined>>>;
     deletedAt: z.ZodOptional<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodDate, z.ZodPipe<z.ZodString, z.ZodTransform<Date, string>>]>>, z.ZodTransform<string | undefined, Date | undefined>>>;
-    loginUri: z.ZodOptional<z.ZodUnion<readonly [z.ZodUnion<[z.ZodPipe<z.ZodCustom<URL, URL>, z.ZodTransform<string, URL>>, z.ZodURL]>, z.ZodUndefined]>>;
     callbackUrls: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodPipe<z.ZodArray<z.ZodUnion<[z.ZodPipe<z.ZodURL, z.ZodTransform<URL, string>>, z.ZodCustom<URL, URL>]>>, z.ZodTransform<URL[], URL[]>>, z.ZodCustom<Set<URL>, Set<URL>>]>, z.ZodTransform<string[] | undefined, Set<URL> | URL[] | undefined>>>;
     availableAudiences: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodPipe<z.ZodArray<z.ZodString>, z.ZodTransform<string[], string[]>>, z.ZodSet<z.ZodString>]>, z.ZodTransform<string[] | undefined, Set<string> | string[] | undefined>>>;
     availableGrants: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodArray<z.ZodEnum<{
@@ -46,9 +45,9 @@ export declare const AuthorizationPayloadSchema: z.ZodObject<{
     }>>, z.ZodCustom<Set<AnyGrantType>, Set<AnyGrantType>>]>, z.ZodTransform<("client_credentials" | "authorization_code" | "implicit" | "refresh_token")[] | undefined, Set<AnyGrantType> | ("client_credentials" | "authorization_code" | "implicit" | "refresh_token")[] | undefined>>>;
     defaultAudience: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodUndefined]>>;
     updatedAt: z.ZodOptional<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodDate, z.ZodPipe<z.ZodString, z.ZodTransform<Date, string>>]>>, z.ZodTransform<string | undefined, Date | undefined>>>;
-    refreshTokenDuration: z.ZodOptional<z.ZodNumber>;
-    accessTokenDuration: z.ZodOptional<z.ZodNumber>;
-    accessTokenSignatureAlgorithm: z.ZodOptional<z.ZodEnum<{
+    refreshTokenDuration: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodNumber, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<number | undefined, number | null | undefined>>>;
+    accessTokenDuration: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodNumber, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<number | undefined, number | null | undefined>>>;
+    accessTokenSignatureAlgorithm: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodEnum<{
         RS256: "RS256";
         RS384: "RS384";
         RS512: "RS512";
@@ -58,7 +57,8 @@ export declare const AuthorizationPayloadSchema: z.ZodObject<{
         PS256: "PS256";
         PS384: "PS384";
         PS512: "PS512";
-    }>>;
+    }>, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<NonNullable<"RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512"> | undefined, "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512" | null | undefined>>>;
+    loginUri: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUnion<[z.ZodPipe<z.ZodCustom<URL, URL>, z.ZodTransform<string, URL>>, z.ZodURL]>, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<string | undefined, string | null | undefined>>>;
 }, z.core.$strip>;
 export type AuthorizationPayload = z.output<typeof AuthorizationPayloadSchema>;
 export declare const UpsertAuthorizationPayloadSchema: z.ZodObject<{

package/dist/cjs/app/authorization/schema.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../../src/app/authorization/schema.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAyB5B,OAAO,EAAE,KAAK,YAAY,EAAa,MAAM,8BAA8B,CAAC;~~AA4B5E~~,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;~~iBAW9B~~,CAAC;AACH,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAC1E,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEjE,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;~~iBAWrC~~,CAAC;AACH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAE/E,eAAO,MAAM,gCAAgC;;;;;;;;;;;;;;;;;;;;;;;;;iBAU3C,CAAC;AACH,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAC5C,OAAO,gCAAgC,CACxC,CAAC;AACF,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,MAAM,CAC/C,OAAO,gCAAgC,CACxC,CAAC"}
1	+ {"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../../src/app/authorization/schema.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAyB5B,OAAO,EAAE,KAAK,YAAY,EAAa,MAAM,8BAA8B,CAAC;AA6B5E,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAU9B,CAAC;AACH,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAC1E,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEjE,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAUrC,CAAC;AACH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAE/E,eAAO,MAAM,gCAAgC;;;;;;;;;;;;;;;;;;;;;;;;;iBAU3C,CAAC;AACH,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAC5C,OAAO,gCAAgC,CACxC,CAAC;AACF,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,MAAM,CAC/C,OAAO,gCAAgC,CACxC,CAAC"}

package/dist/cjs/app/authorization/schema.js CHANGED Viewed

@@ -38,17 +38,18 @@ const z = __importStar(require("zod/v4"));
 const dates_js_1 = require("../../common/schema/dates.js");
 const jwt_js_1 = require("../../common/schema/jwt.js");
 const metadata_js_1 = require("../../common/schema/metadata.js");
+const schema_js_1 = require("../../common/schema/schema.js");
 const sets_js_1 = require("../../common/schema/sets.js");
 const url_js_1 = require("../../common/schema/url.js");
-const schema_js_1 = require("../../oauth/common/schema.js");
+const schema_js_2 = require("../../oauth/common/schema.js");
 const AudienceArraySchema = sets_js_1.UniqueStringArraySchema;
 const AudienceSetSchema = sets_js_1.UniqueStringSetSchema;
 const GrantSetSchema = z.instanceof((Set));
 const GrantArraySchema = z.array(z.enum([
-    schema_js_1.GrantType.AUTHORIZATION_CODE,
-    schema_js_1.GrantType.CLIENT_CREDENTIALS,
-    schema_js_1.GrantType.IMPLICIT,
-    schema_js_1.GrantType.REFRESH_TOKEN,
+    schema_js_2.GrantType.AUTHORIZATION_CODE,
+    schema_js_2.GrantType.CLIENT_CREDENTIALS,
+    schema_js_2.GrantType.IMPLICIT,
+    schema_js_2.GrantType.REFRESH_TOKEN,
 ]));
 const AvailableGrantSetSchema = z
     .union([z.undefined(), GrantArraySchema, GrantSetSchema])
@@ -57,13 +58,13 @@ const AvailableGrantArraySchema = z
     .union([z.undefined(), GrantArraySchema, GrantSetSchema])
     .pipe(z.transform((v) => (v instanceof Set ? Array.from(v.values()) : v)));
 const BaseAuthorization = z.object({
-    refreshTokenDuration: z.number().optional(),
-    accessTokenDuration: z.number().optional(),
-    accessTokenSignatureAlgorithm: jwt_js_1.AlgorithmSchema.optional(),
+    refreshTokenDuration: (0, schema_js_1.optionallyNullishToUndefined)(z.number()),
+    accessTokenDuration: (0, schema_js_1.optionallyNullishToUndefined)(z.number()),
+    accessTokenSignatureAlgorithm: (0, schema_js_1.optionallyNullishToUndefined)(jwt_js_1.AlgorithmSchema),
+    loginUri: (0, schema_js_1.optionallyNullishToUndefined)(url_js_1.WebUrlStringSchema),
 });
 exports.AuthorizationSchema = z.object({
     ...BaseAuthorization.shape,
-    loginUri: z.union([url_js_1.WebUrlObjectSchema, z.undefined()]).optional(),
     callbackUrls: url_js_1.UniqueWebUrlObjectSetSchema.optional(),
     availableAudiences: AudienceSetSchema.optional(),
     availableGrants: AvailableGrantSetSchema.optional(),
@@ -75,7 +76,6 @@ exports.AuthorizationSchema = z.object({
 });
 exports.AuthorizationPayloadSchema = z.object({
     ...BaseAuthorization.shape,
-    loginUri: z.union([url_js_1.WebUrlStringSchema, z.undefined()]).optional(),
     callbackUrls: url_js_1.UniqueWebUrlStringArraySchema.optional(),
     availableAudiences: AudienceArraySchema.optional(),
     availableGrants: AvailableGrantArraySchema.optional(),

package/dist/cjs/app/authorization/schema.test.js CHANGED Viewed

@@ -8,7 +8,7 @@ const schema_js_1 = require("./schema.js");
             const authorization = {
                 refreshTokenDuration: 3600,
                 accessTokenDuration: 900,
-                accessTokenSignatureAlgorithm: 'HS256',
+                accessTokenSignatureAlgorithm: 'RS256',
                 loginUri: 'https://app.example.com/login',
                 callbackUrls: [
                     'https://app.example.com/callback',
@@ -145,12 +145,25 @@ const schema_js_1 = require("./schema.js");
             const result = schema_js_1.AuthorizationSchema.safeParse(authorization);
             (0, vitest_1.expect)(result.success).toBe(false);
         });
-        (0, vitest_1.test)('should reject null values for removable fields', () => {
+        (0, vitest_1.test)('should transform null removable fields to undefined', () => {
             const authorization = {
                 loginUri: null,
                 refreshTokenDuration: null,
                 accessTokenDuration: null,
                 accessTokenSignatureAlgorithm: null,
+                metadata: {},
+            };
+            const result = schema_js_1.AuthorizationSchema.safeParse(authorization);
+            (0, vitest_1.expect)(result.success).toBe(true);
+            if (result.success) {
+                (0, vitest_1.expect)(result.data.loginUri).toBeUndefined();
+                (0, vitest_1.expect)(result.data.refreshTokenDuration).toBeUndefined();
+                (0, vitest_1.expect)(result.data.accessTokenDuration).toBeUndefined();
+                (0, vitest_1.expect)(result.data.accessTokenSignatureAlgorithm).toBeUndefined();
+            }
+        });
+        (0, vitest_1.test)('should reject null values for non-removable fields', () => {
+            const authorization = {
                 defaultAudience: null,
                 metadata: {},
             };
@@ -163,7 +176,7 @@ const schema_js_1 = require("./schema.js");
             const payload = {
                 refreshTokenDuration: 3600,
                 accessTokenDuration: 900,
-                accessTokenSignatureAlgorithm: 'HS256',
+                accessTokenSignatureAlgorithm: 'RS256',
                 loginUri: 'https://app.example.com/login',
                 callbackUrls: ['https://app.example.com/callback'],
                 availableAudiences: ['api.example.com'],
@@ -278,13 +291,30 @@ const schema_js_1 = require("./schema.js");
             const result = schema_js_1.AuthorizationPayloadSchema.safeParse(payload);
             (0, vitest_1.expect)(result.success).toBe(false);
         });
+        (0, vitest_1.test)('should transform null removable fields to undefined', () => {
+            const payload = {
+                loginUri: null,
+                refreshTokenDuration: null,
+                accessTokenDuration: null,
+                accessTokenSignatureAlgorithm: null,
+                metadata: {},
+            };
+            const result = schema_js_1.AuthorizationPayloadSchema.safeParse(payload);
+            (0, vitest_1.expect)(result.success).toBe(true);
+            if (result.success) {
+                (0, vitest_1.expect)(result.data.loginUri).toBeUndefined();
+                (0, vitest_1.expect)(result.data.refreshTokenDuration).toBeUndefined();
+                (0, vitest_1.expect)(result.data.accessTokenDuration).toBeUndefined();
+                (0, vitest_1.expect)(result.data.accessTokenSignatureAlgorithm).toBeUndefined();
+            }
+        });
     });
     (0, vitest_1.describe)('UpsertAuthorizationPayloadSchema', () => {
         (0, vitest_1.test)('should accept upsert with all fields', () => {
             const payload = {
                 refreshTokenDuration: 3600,
                 accessTokenDuration: 900,
-                accessTokenSignatureAlgorithm: 'HS256',
+                accessTokenSignatureAlgorithm: 'RS256',
                 loginUri: 'https://updated.example.com/login',
                 callbackUrls: ['https://updated.example.com/callback'],
                 availableAudiences: ['updated-api.example.com'],

package/dist/esm/app/authorization/schema.d.ts CHANGED Viewed

@@ -4,7 +4,6 @@ export declare const AuthorizationSchema: z.ZodObject<{
     metadata: z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodNull, z.ZodCustom<Map<string, string | number | boolean>, Map<string, string | number | boolean>>, z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodNumber, z.ZodBoolean]>>]>, z.ZodTransform<Map<string, string | number | boolean>, Record<string, string | number | boolean> | Map<string, string | number | boolean> | null | undefined>>;
     deactivatedAt: z.ZodOptional<z.ZodUnion<readonly [z.ZodDate, z.ZodPipe<z.ZodString, z.ZodTransform<Date, string>>]>>;
     deletedAt: z.ZodOptional<z.ZodUnion<readonly [z.ZodDate, z.ZodPipe<z.ZodString, z.ZodTransform<Date, string>>]>>;
-    loginUri: z.ZodOptional<z.ZodUnion<readonly [z.ZodUnion<[z.ZodPipe<z.ZodURL, z.ZodTransform<URL, string>>, z.ZodCustom<URL, URL>]>, z.ZodUndefined]>>;
     callbackUrls: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodPipe<z.ZodArray<z.ZodUnion<[z.ZodPipe<z.ZodURL, z.ZodTransform<URL, string>>, z.ZodCustom<URL, URL>]>>, z.ZodTransform<URL[], URL[]>>, z.ZodCustom<Set<URL>, Set<URL>>]>, z.ZodTransform<Set<URL> | undefined, Set<URL> | URL[] | undefined>>>;
     availableAudiences: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodPipe<z.ZodArray<z.ZodString>, z.ZodTransform<string[], string[]>>, z.ZodSet<z.ZodString>]>, z.ZodTransform<Set<string> | undefined, Set<string> | string[] | undefined>>>;
     availableGrants: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodArray<z.ZodEnum<{
@@ -15,9 +14,9 @@ export declare const AuthorizationSchema: z.ZodObject<{
     }>>, z.ZodCustom<Set<AnyGrantType>, Set<AnyGrantType>>]>, z.ZodTransform<Set<AnyGrantType> | undefined, Set<AnyGrantType> | ("client_credentials" | "authorization_code" | "implicit" | "refresh_token")[] | undefined>>>;
     defaultAudience: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodUndefined]>>;
     updatedAt: z.ZodOptional<z.ZodUnion<readonly [z.ZodDate, z.ZodPipe<z.ZodString, z.ZodTransform<Date, string>>]>>;
-    refreshTokenDuration: z.ZodOptional<z.ZodNumber>;
-    accessTokenDuration: z.ZodOptional<z.ZodNumber>;
-    accessTokenSignatureAlgorithm: z.ZodOptional<z.ZodEnum<{
+    refreshTokenDuration: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodNumber, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<number | undefined, number | null | undefined>>>;
+    accessTokenDuration: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodNumber, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<number | undefined, number | null | undefined>>>;
+    accessTokenSignatureAlgorithm: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodEnum<{
         RS256: "RS256";
         RS384: "RS384";
         RS512: "RS512";
@@ -27,7 +26,8 @@ export declare const AuthorizationSchema: z.ZodObject<{
         PS256: "PS256";
         PS384: "PS384";
         PS512: "PS512";
-    }>>;
+    }>, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<NonNullable<"RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512"> | undefined, "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512" | null | undefined>>>;
+    loginUri: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUnion<[z.ZodPipe<z.ZodCustom<URL, URL>, z.ZodTransform<string, URL>>, z.ZodURL]>, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<string | undefined, string | null | undefined>>>;
 }, z.core.$strip>;
 export type AuthorizationProperties = z.input<typeof AuthorizationSchema>;
 export type Authorization = z.output<typeof AuthorizationSchema>;
@@ -35,7 +35,6 @@ export declare const AuthorizationPayloadSchema: z.ZodObject<{
     metadata: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodNull, z.ZodCustom<Map<string, string | number | boolean>, Map<string, string | number | boolean>>, z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodNumber, z.ZodBoolean]>>]>, z.ZodTransform<Record<string, string | number | boolean> | undefined, Record<string, string | number | boolean> | Map<string, string | number | boolean> | null | undefined>>>;
     deactivatedAt: z.ZodOptional<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodDate, z.ZodPipe<z.ZodString, z.ZodTransform<Date, string>>]>>, z.ZodTransform<string | undefined, Date | undefined>>>;
     deletedAt: z.ZodOptional<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodDate, z.ZodPipe<z.ZodString, z.ZodTransform<Date, string>>]>>, z.ZodTransform<string | undefined, Date | undefined>>>;
-    loginUri: z.ZodOptional<z.ZodUnion<readonly [z.ZodUnion<[z.ZodPipe<z.ZodCustom<URL, URL>, z.ZodTransform<string, URL>>, z.ZodURL]>, z.ZodUndefined]>>;
     callbackUrls: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodPipe<z.ZodArray<z.ZodUnion<[z.ZodPipe<z.ZodURL, z.ZodTransform<URL, string>>, z.ZodCustom<URL, URL>]>>, z.ZodTransform<URL[], URL[]>>, z.ZodCustom<Set<URL>, Set<URL>>]>, z.ZodTransform<string[] | undefined, Set<URL> | URL[] | undefined>>>;
     availableAudiences: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodPipe<z.ZodArray<z.ZodString>, z.ZodTransform<string[], string[]>>, z.ZodSet<z.ZodString>]>, z.ZodTransform<string[] | undefined, Set<string> | string[] | undefined>>>;
     availableGrants: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUndefined, z.ZodArray<z.ZodEnum<{
@@ -46,9 +45,9 @@ export declare const AuthorizationPayloadSchema: z.ZodObject<{
     }>>, z.ZodCustom<Set<AnyGrantType>, Set<AnyGrantType>>]>, z.ZodTransform<("client_credentials" | "authorization_code" | "implicit" | "refresh_token")[] | undefined, Set<AnyGrantType> | ("client_credentials" | "authorization_code" | "implicit" | "refresh_token")[] | undefined>>>;
     defaultAudience: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodUndefined]>>;
     updatedAt: z.ZodOptional<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodDate, z.ZodPipe<z.ZodString, z.ZodTransform<Date, string>>]>>, z.ZodTransform<string | undefined, Date | undefined>>>;
-    refreshTokenDuration: z.ZodOptional<z.ZodNumber>;
-    accessTokenDuration: z.ZodOptional<z.ZodNumber>;
-    accessTokenSignatureAlgorithm: z.ZodOptional<z.ZodEnum<{
+    refreshTokenDuration: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodNumber, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<number | undefined, number | null | undefined>>>;
+    accessTokenDuration: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodNumber, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<number | undefined, number | null | undefined>>>;
+    accessTokenSignatureAlgorithm: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodEnum<{
         RS256: "RS256";
         RS384: "RS384";
         RS512: "RS512";
@@ -58,7 +57,8 @@ export declare const AuthorizationPayloadSchema: z.ZodObject<{
         PS256: "PS256";
         PS384: "PS384";
         PS512: "PS512";
-    }>>;
+    }>, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<NonNullable<"RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512"> | undefined, "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512" | null | undefined>>>;
+    loginUri: z.ZodOptional<z.ZodPipe<z.ZodUnion<readonly [z.ZodUnion<[z.ZodPipe<z.ZodCustom<URL, URL>, z.ZodTransform<string, URL>>, z.ZodURL]>, z.ZodNull, z.ZodUndefined]>, z.ZodTransform<string | undefined, string | null | undefined>>>;
 }, z.core.$strip>;
 export type AuthorizationPayload = z.output<typeof AuthorizationPayloadSchema>;
 export declare const UpsertAuthorizationPayloadSchema: z.ZodObject<{

package/dist/esm/app/authorization/schema.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../../src/app/authorization/schema.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAyB5B,OAAO,EAAE,KAAK,YAAY,EAAa,MAAM,8BAA8B,CAAC;~~AA4B5E~~,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;~~iBAW9B~~,CAAC;AACH,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAC1E,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEjE,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;~~iBAWrC~~,CAAC;AACH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAE/E,eAAO,MAAM,gCAAgC;;;;;;;;;;;;;;;;;;;;;;;;;iBAU3C,CAAC;AACH,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAC5C,OAAO,gCAAgC,CACxC,CAAC;AACF,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,MAAM,CAC/C,OAAO,gCAAgC,CACxC,CAAC"}
1	+ {"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../../src/app/authorization/schema.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAyB5B,OAAO,EAAE,KAAK,YAAY,EAAa,MAAM,8BAA8B,CAAC;AA6B5E,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAU9B,CAAC;AACH,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAC1E,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEjE,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAUrC,CAAC;AACH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAE/E,eAAO,MAAM,gCAAgC;;;;;;;;;;;;;;;;;;;;;;;;;iBAU3C,CAAC;AACH,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAC5C,OAAO,gCAAgC,CACxC,CAAC;AACF,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,MAAM,CAC/C,OAAO,gCAAgC,CACxC,CAAC"}

package/dist/esm/app/authorization/schema.js CHANGED Viewed

@@ -2,8 +2,9 @@ import * as z from 'zod/v4';
 import { DeactivatedAtPropertyPayloadSchema, DeactivatedAtPropertySchema, DeletedAtPropertyPayloadSchema, DeletedAtPropertySchema, OptionalDatePayloadSchema, OptionalDateSchema, } from '../../common/schema/dates.js';
 import { AlgorithmSchema } from '../../common/schema/jwt.js';
 import { MetadataMapPropertySchema, MetadataPayloadPropertySchema, UpsertMetadataPropertyPayloadSchema, } from '../../common/schema/metadata.js';
+import { optionallyNullishToUndefined } from '../../common/schema/schema.js';
 import { UniqueStringArraySchema, UniqueStringSetSchema, } from '../../common/schema/sets.js';
-import { UniqueWebUrlObjectSetSchema, UniqueWebUrlStringArraySchema, WebUrlObjectSchema, WebUrlStringSchema, } from '../../common/schema/url.js';
+import { UniqueWebUrlObjectSetSchema, UniqueWebUrlStringArraySchema, WebUrlStringSchema, } from '../../common/schema/url.js';
 import { GrantType } from '../../oauth/common/schema.js';
 const AudienceArraySchema = UniqueStringArraySchema;
 const AudienceSetSchema = UniqueStringSetSchema;
@@ -21,13 +22,13 @@ const AvailableGrantArraySchema = z
     .union([z.undefined(), GrantArraySchema, GrantSetSchema])
     .pipe(z.transform((v) => (v instanceof Set ? Array.from(v.values()) : v)));
 const BaseAuthorization = z.object({
-    refreshTokenDuration: z.number().optional(),
-    accessTokenDuration: z.number().optional(),
-    accessTokenSignatureAlgorithm: AlgorithmSchema.optional(),
+    refreshTokenDuration: optionallyNullishToUndefined(z.number()),
+    accessTokenDuration: optionallyNullishToUndefined(z.number()),
+    accessTokenSignatureAlgorithm: optionallyNullishToUndefined(AlgorithmSchema),
+    loginUri: optionallyNullishToUndefined(WebUrlStringSchema),
 });
 export const AuthorizationSchema = z.object({
     ...BaseAuthorization.shape,
-    loginUri: z.union([WebUrlObjectSchema, z.undefined()]).optional(),
     callbackUrls: UniqueWebUrlObjectSetSchema.optional(),
     availableAudiences: AudienceSetSchema.optional(),
     availableGrants: AvailableGrantSetSchema.optional(),
@@ -39,7 +40,6 @@ export const AuthorizationSchema = z.object({
 });
 export const AuthorizationPayloadSchema = z.object({
     ...BaseAuthorization.shape,
-    loginUri: z.union([WebUrlStringSchema, z.undefined()]).optional(),
     callbackUrls: UniqueWebUrlStringArraySchema.optional(),
     availableAudiences: AudienceArraySchema.optional(),
     availableGrants: AvailableGrantArraySchema.optional(),

package/dist/esm/app/authorization/schema.test.js CHANGED Viewed

@@ -6,7 +6,7 @@ describe('App Authorization - Schema', () => {
             const authorization = {
                 refreshTokenDuration: 3600,
                 accessTokenDuration: 900,
-                accessTokenSignatureAlgorithm: 'HS256',
+                accessTokenSignatureAlgorithm: 'RS256',
                 loginUri: 'https://app.example.com/login',
                 callbackUrls: [
                     'https://app.example.com/callback',
@@ -143,12 +143,25 @@ describe('App Authorization - Schema', () => {
             const result = AuthorizationSchema.safeParse(authorization);
             expect(result.success).toBe(false);
         });
-        test('should reject null values for removable fields', () => {
+        test('should transform null removable fields to undefined', () => {
             const authorization = {
                 loginUri: null,
                 refreshTokenDuration: null,
                 accessTokenDuration: null,
                 accessTokenSignatureAlgorithm: null,
+                metadata: {},
+            };
+            const result = AuthorizationSchema.safeParse(authorization);
+            expect(result.success).toBe(true);
+            if (result.success) {
+                expect(result.data.loginUri).toBeUndefined();
+                expect(result.data.refreshTokenDuration).toBeUndefined();
+                expect(result.data.accessTokenDuration).toBeUndefined();
+                expect(result.data.accessTokenSignatureAlgorithm).toBeUndefined();
+            }
+        });
+        test('should reject null values for non-removable fields', () => {
+            const authorization = {
                 defaultAudience: null,
                 metadata: {},
             };
@@ -161,7 +174,7 @@ describe('App Authorization - Schema', () => {
             const payload = {
                 refreshTokenDuration: 3600,
                 accessTokenDuration: 900,
-                accessTokenSignatureAlgorithm: 'HS256',
+                accessTokenSignatureAlgorithm: 'RS256',
                 loginUri: 'https://app.example.com/login',
                 callbackUrls: ['https://app.example.com/callback'],
                 availableAudiences: ['api.example.com'],
@@ -276,13 +289,30 @@ describe('App Authorization - Schema', () => {
             const result = AuthorizationPayloadSchema.safeParse(payload);
             expect(result.success).toBe(false);
         });
+        test('should transform null removable fields to undefined', () => {
+            const payload = {
+                loginUri: null,
+                refreshTokenDuration: null,
+                accessTokenDuration: null,
+                accessTokenSignatureAlgorithm: null,
+                metadata: {},
+            };
+            const result = AuthorizationPayloadSchema.safeParse(payload);
+            expect(result.success).toBe(true);
+            if (result.success) {
+                expect(result.data.loginUri).toBeUndefined();
+                expect(result.data.refreshTokenDuration).toBeUndefined();
+                expect(result.data.accessTokenDuration).toBeUndefined();
+                expect(result.data.accessTokenSignatureAlgorithm).toBeUndefined();
+            }
+        });
     });
     describe('UpsertAuthorizationPayloadSchema', () => {
         test('should accept upsert with all fields', () => {
             const payload = {
                 refreshTokenDuration: 3600,
                 accessTokenDuration: 900,
-                accessTokenSignatureAlgorithm: 'HS256',
+                accessTokenSignatureAlgorithm: 'RS256',
                 loginUri: 'https://updated.example.com/login',
                 callbackUrls: ['https://updated.example.com/callback'],
                 availableAudiences: ['updated-api.example.com'],

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@go-mondo/identity-sdk",
-  "version": "0.0.2-beta.76",
+  "version": "0.0.2-beta.77",
   "type": "module",
   "description": "A node SDK for Mondo Identity",
   "license": "MIT",