@go-mondo/identity-sdk 0.0.2-beta.80 → 0.0.2-beta.82

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,5 +1,19 @@
1
1
  # Changelog
2
2
 
3
+ ## [0.0.2-beta.82](https://github.com/go-mondo/identity-node-sdk/compare/identity-sdk-v0.0.2-beta.81...identity-sdk-v0.0.2-beta.82) (2026-05-07)
4
+
5
+
6
+ ### Bug Fixes
7
+
8
+ * export url from common ([54bcb7e](https://github.com/go-mondo/identity-node-sdk/commit/54bcb7e1a672f77c5c03173ce71acf78f2e781e6))
9
+
10
+ ## [0.0.2-beta.81](https://github.com/go-mondo/identity-node-sdk/compare/identity-sdk-v0.0.2-beta.80...identity-sdk-v0.0.2-beta.81) (2026-05-07)
11
+
12
+
13
+ ### Bug Fixes
14
+
15
+ * export redirect path schema ([f8f7f67](https://github.com/go-mondo/identity-node-sdk/commit/f8f7f67cb1ae1ac63d7511a5f2511ca18fe1b35d))
16
+
3
17
  ## [0.0.2-beta.80](https://github.com/go-mondo/identity-node-sdk/compare/identity-sdk-v0.0.2-beta.79...identity-sdk-v0.0.2-beta.80) (2026-05-07)
4
18
 
5
19
 
@@ -1 +1 @@
1
- {"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../../src/authentication/sessions/schema.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAyB5B,eAAO,MAAM,aAAa;;;;CAIhB,CAAC;AAEX,MAAM,MAAM,gBAAgB,GAC1B,CAAC,OAAO,aAAa,CAAC,CAAC,MAAM,OAAO,aAAa,CAAC,CAAC;AAErD,eAAO,MAAM,eAAe,aAAuC,CAAC;AACpE,MAAM,MAAM,SAAS,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,eAAe,CAAC,CAAC;AAEzD,eAAO,MAAM,uBAAuB;;iBAElC,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,uBAAuB,CAAC,CAAC;AAEzE,eAAO,MAAM,mBAAmB;;;;EAIrB,CAAC;AAEZ,eAAO,MAAM,iCAAiC;;;;;;;;iBAK5C,CAAC;AACH,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,MAAM,CAChD,OAAO,iCAAiC,CACzC,CAAC;AAiDF,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAUxB,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC;AAC9D,MAAM,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,aAAa,CAAC,CAAC;AAErD,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAS/B,CAAC;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAEnE,eAAO,MAAM,iCAAiC;;;;;;;;;;;;;iBAW5C,CAAC;AACH,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,MAAM,CAChD,OAAO,iCAAiC,CACzC,CAAC"}
1
+ {"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../../src/authentication/sessions/schema.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AA0B5B,eAAO,MAAM,aAAa;;;;CAIhB,CAAC;AAEX,MAAM,MAAM,gBAAgB,GAC1B,CAAC,OAAO,aAAa,CAAC,CAAC,MAAM,OAAO,aAAa,CAAC,CAAC;AAErD,eAAO,MAAM,eAAe,aAAuC,CAAC;AACpE,MAAM,MAAM,SAAS,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,eAAe,CAAC,CAAC;AAEzD,eAAO,MAAM,uBAAuB;;iBAElC,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,uBAAuB,CAAC,CAAC;AAEzE,eAAO,MAAM,mBAAmB;;;;EAIrB,CAAC;AAEZ,eAAO,MAAM,iCAAiC;;;;;;;;iBAK5C,CAAC;AACH,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,MAAM,CAChD,OAAO,iCAAiC,CACzC,CAAC;AA0CF,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAUxB,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC;AAC9D,MAAM,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,aAAa,CAAC,CAAC;AAErD,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAS/B,CAAC;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAEnE,eAAO,MAAM,iCAAiC;;;;;;;;;;;;;iBAW5C,CAAC;AACH,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,MAAM,CAChD,OAAO,iCAAiC,CACzC,CAAC"}
@@ -38,6 +38,7 @@ const z = __importStar(require("zod/v4"));
38
38
  const dates_js_1 = require("../../common/schema/dates.js");
39
39
  const id_js_1 = require("../../common/schema/id.js");
40
40
  const metadata_js_1 = require("../../common/schema/metadata.js");
41
+ const url_js_1 = require("../../common/schema/url.js");
41
42
  const schema_js_1 = require("../../customer/schema.js");
42
43
  const base_js_1 = require("../strategies/schema/base.js");
43
44
  const utils_js_1 = require("../utils.js");
@@ -76,12 +77,6 @@ const SessionAuthenticationFactorHistorySetSchema = SessionAuthenticationFactorH
76
77
  // type SessionAuthenticationFactorSetHistory = z.output<
77
78
  // typeof SessionAuthenticationFactorHistorySetSchema
78
79
  // >;
79
- const RedirectPathSchema = z
80
- .string()
81
- .regex(/^\/[a-zA-Z0-9\-\._~%!$&'()*+,;=:@\/?]*$/, {
82
- message: 'Must be a valid relative path starting with /',
83
- })
84
- .default('/');
85
80
  const BaseSchema = z.object({
86
81
  ...exports.SessionIdPropertySchema.shape,
87
82
  status: exports.SessionStatusSchema,
@@ -99,7 +94,7 @@ exports.SessionSchema = z.object({
99
94
  ...dates_js_1.CreatedAtPropertySchema.shape,
100
95
  ...dates_js_1.UpdatedAtPropertySchema.shape,
101
96
  factorHistory: SessionAuthenticationFactorHistorySetSchema,
102
- redirectPath: RedirectPathSchema,
97
+ redirectPath: url_js_1.RelativeUrlPathSchema.default('/'),
103
98
  ...dates_js_1.DeletedAtPropertySchema.shape,
104
99
  ...dates_js_1.DeactivatedAtPropertySchema.shape,
105
100
  ...metadata_js_1.MetadataMapPropertySchema.shape,
@@ -109,7 +104,7 @@ exports.SessionPayloadSchema = z.object({
109
104
  expiresAt: dates_js_1.RequiredDatePayloadSchema,
110
105
  ...dates_js_1.CreatedAtPropertyPayloadSchema.shape,
111
106
  ...dates_js_1.UpdatedAtPropertyPayloadSchema.shape,
112
- redirectPath: RedirectPathSchema,
107
+ redirectPath: url_js_1.RelativeUrlPathSchema.default('/'),
113
108
  ...dates_js_1.DeletedAtPropertyPayloadSchema.shape,
114
109
  ...dates_js_1.DeactivatedAtPropertyPayloadSchema.shape,
115
110
  ...metadata_js_1.MetadataPayloadPropertySchema.shape,
@@ -47,6 +47,13 @@ const schema_js_1 = require("./schema.js");
47
47
  });
48
48
  (0, vitest_1.expect)(result.success).toBe(false);
49
49
  });
50
+ (0, vitest_1.test)('should reject paths that start with a double slash', () => {
51
+ const result = schema_js_1.SessionSchema.safeParse({
52
+ ...baseSession,
53
+ redirectPath: '//example.com/oauth/authorize?client_id=123',
54
+ });
55
+ (0, vitest_1.expect)(result.success).toBe(false);
56
+ });
50
57
  (0, vitest_1.test)('should reject paths that do not start with slash', () => {
51
58
  const result = schema_js_1.SessionSchema.safeParse({
52
59
  ...baseSession,
@@ -1,5 +1,7 @@
1
1
  import * as z from 'zod/v4';
2
2
  export declare function appendSearchParams(path: string, params: Map<string, string | undefined | null> | URLSearchParams): string;
3
+ export declare const RelativeUrlPathSchema: z.ZodString;
4
+ export type RelativeUrlPath = z.output<typeof RelativeUrlPathSchema>;
3
5
  export declare const WebUrlObjectSchema: z.ZodUnion<[z.ZodPipe<z.ZodURL, z.ZodTransform<URL, string>>, z.ZodCustom<URL, URL>]>;
4
6
  export type WebUrlObjectInput = z.input<typeof WebUrlObjectSchema>;
5
7
  export type WebUrlObject = z.output<typeof WebUrlObjectSchema>;
@@ -1 +1 @@
1
- {"version":3,"file":"url.d.ts","sourceRoot":"","sources":["../../../../src/common/schema/url.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAE5B,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,CAAC,GAAG,eAAe,GAC/D,MAAM,CAUR;AAUD,eAAO,MAAM,kBAAkB,uFAEb,CAAC;AACnB,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AACnE,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAE/D,eAAO,MAAM,kBAAkB,uFAEb,CAAC;AACnB,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AACnE,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAO/D,eAAO,MAAM,6BAA6B,gSAMoB,CAAC;AAC/D,MAAM,MAAM,4BAA4B,GAAG,CAAC,CAAC,KAAK,CAChD,OAAO,6BAA6B,CACrC,CAAC;AACF,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAC5C,OAAO,6BAA6B,CACrC,CAAC;AAEF,eAAO,MAAM,6BAA6B,mSAUvC,CAAC;AACJ,MAAM,MAAM,4BAA4B,GAAG,CAAC,CAAC,KAAK,CAChD,OAAO,6BAA6B,CACrC,CAAC;AACF,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAC5C,OAAO,6BAA6B,CACrC,CAAC;AAEF,eAAO,MAAM,2BAA2B,mSAMU,CAAC;AAEnD,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAC9C,OAAO,2BAA2B,CACnC,CAAC;AACF,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAC1C,OAAO,2BAA2B,CACnC,CAAC;AAEF,eAAO,MAAM,2BAA2B,sSAUrC,CAAC;AAEJ,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAC9C,OAAO,2BAA2B,CACnC,CAAC;AACF,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAC1C,OAAO,2BAA2B,CACnC,CAAC"}
1
+ {"version":3,"file":"url.d.ts","sourceRoot":"","sources":["../../../../src/common/schema/url.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAE5B,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,CAAC,GAAG,eAAe,GAC/D,MAAM,CAUR;AAED,eAAO,MAAM,qBAAqB,aAI9B,CAAC;AACL,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAUrE,eAAO,MAAM,kBAAkB,uFAEb,CAAC;AACnB,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AACnE,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAE/D,eAAO,MAAM,kBAAkB,uFAEb,CAAC;AACnB,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AACnE,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAO/D,eAAO,MAAM,6BAA6B,gSAMoB,CAAC;AAC/D,MAAM,MAAM,4BAA4B,GAAG,CAAC,CAAC,KAAK,CAChD,OAAO,6BAA6B,CACrC,CAAC;AACF,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAC5C,OAAO,6BAA6B,CACrC,CAAC;AAEF,eAAO,MAAM,6BAA6B,mSAUvC,CAAC;AACJ,MAAM,MAAM,4BAA4B,GAAG,CAAC,CAAC,KAAK,CAChD,OAAO,6BAA6B,CACrC,CAAC;AACF,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAC5C,OAAO,6BAA6B,CACrC,CAAC;AAEF,eAAO,MAAM,2BAA2B,mSAMU,CAAC;AAEnD,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAC9C,OAAO,2BAA2B,CACnC,CAAC;AACF,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAC1C,OAAO,2BAA2B,CACnC,CAAC;AAEF,eAAO,MAAM,2BAA2B,sSAUrC,CAAC;AAEJ,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAC9C,OAAO,2BAA2B,CACnC,CAAC;AACF,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAC1C,OAAO,2BAA2B,CACnC,CAAC"}
@@ -33,7 +33,7 @@ var __importStar = (this && this.__importStar) || (function () {
33
33
  };
34
34
  })();
35
35
  Object.defineProperty(exports, "__esModule", { value: true });
36
- exports.UniqueWebUrlStringSetSchema = exports.UniqueWebUrlObjectSetSchema = exports.UniqueWebUrlStringArraySchema = exports.UniqueWebUrlObjectArraySchema = exports.WebUrlStringSchema = exports.WebUrlObjectSchema = void 0;
36
+ exports.UniqueWebUrlStringSetSchema = exports.UniqueWebUrlObjectSetSchema = exports.UniqueWebUrlStringArraySchema = exports.UniqueWebUrlObjectArraySchema = exports.WebUrlStringSchema = exports.WebUrlObjectSchema = exports.RelativeUrlPathSchema = void 0;
37
37
  exports.appendSearchParams = appendSearchParams;
38
38
  const z = __importStar(require("zod/v4"));
39
39
  function appendSearchParams(path, params) {
@@ -45,6 +45,11 @@ function appendSearchParams(path, params) {
45
45
  }, []);
46
46
  return [path, vals.filter(Boolean).join('&')].filter(Boolean).join('?');
47
47
  }
48
+ exports.RelativeUrlPathSchema = z
49
+ .string()
50
+ .regex(/^\/(?!\/)[a-zA-Z0-9\-\._~%!$&'()*+,;=:@\/?]*$/, {
51
+ message: 'Must be a valid relative path starting with /',
52
+ });
48
53
  const WebUrlString = z.url({
49
54
  protocol: /^https?$/,
50
55
  hostname: /^([a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,}|localhost$/,
@@ -3,6 +3,16 @@ Object.defineProperty(exports, "__esModule", { value: true });
3
3
  const vitest_1 = require("vitest");
4
4
  const url_js_1 = require("./url.js");
5
5
  (0, vitest_1.describe)('Common Schema - URL', () => {
6
+ (0, vitest_1.describe)('RelativeUrlPathSchema', () => {
7
+ (0, vitest_1.test)('should accept a relative path with query parameters', () => {
8
+ const result = url_js_1.RelativeUrlPathSchema.safeParse('/oauth/authorize?client_id=123');
9
+ (0, vitest_1.expect)(result.success).toBe(true);
10
+ });
11
+ (0, vitest_1.test)('should reject paths that start with a double slash', () => {
12
+ const result = url_js_1.RelativeUrlPathSchema.safeParse('//example.com/oauth/authorize?client_id=123');
13
+ (0, vitest_1.expect)(result.success).toBe(false);
14
+ });
15
+ });
6
16
  (0, vitest_1.describe)('appendSearchParams', () => {
7
17
  (0, vitest_1.test)('should append search params from Map to path', () => {
8
18
  const params = new Map([
@@ -1 +1 @@
1
- {"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../../src/authentication/sessions/schema.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAyB5B,eAAO,MAAM,aAAa;;;;CAIhB,CAAC;AAEX,MAAM,MAAM,gBAAgB,GAC1B,CAAC,OAAO,aAAa,CAAC,CAAC,MAAM,OAAO,aAAa,CAAC,CAAC;AAErD,eAAO,MAAM,eAAe,aAAuC,CAAC;AACpE,MAAM,MAAM,SAAS,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,eAAe,CAAC,CAAC;AAEzD,eAAO,MAAM,uBAAuB;;iBAElC,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,uBAAuB,CAAC,CAAC;AAEzE,eAAO,MAAM,mBAAmB;;;;EAIrB,CAAC;AAEZ,eAAO,MAAM,iCAAiC;;;;;;;;iBAK5C,CAAC;AACH,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,MAAM,CAChD,OAAO,iCAAiC,CACzC,CAAC;AAiDF,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAUxB,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC;AAC9D,MAAM,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,aAAa,CAAC,CAAC;AAErD,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAS/B,CAAC;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAEnE,eAAO,MAAM,iCAAiC;;;;;;;;;;;;;iBAW5C,CAAC;AACH,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,MAAM,CAChD,OAAO,iCAAiC,CACzC,CAAC"}
1
+ {"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../../src/authentication/sessions/schema.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AA0B5B,eAAO,MAAM,aAAa;;;;CAIhB,CAAC;AAEX,MAAM,MAAM,gBAAgB,GAC1B,CAAC,OAAO,aAAa,CAAC,CAAC,MAAM,OAAO,aAAa,CAAC,CAAC;AAErD,eAAO,MAAM,eAAe,aAAuC,CAAC;AACpE,MAAM,MAAM,SAAS,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,eAAe,CAAC,CAAC;AAEzD,eAAO,MAAM,uBAAuB;;iBAElC,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,uBAAuB,CAAC,CAAC;AAEzE,eAAO,MAAM,mBAAmB;;;;EAIrB,CAAC;AAEZ,eAAO,MAAM,iCAAiC;;;;;;;;iBAK5C,CAAC;AACH,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,MAAM,CAChD,OAAO,iCAAiC,CACzC,CAAC;AA0CF,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAUxB,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC;AAC9D,MAAM,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,aAAa,CAAC,CAAC;AAErD,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAS/B,CAAC;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAEnE,eAAO,MAAM,iCAAiC;;;;;;;;;;;;;iBAW5C,CAAC;AACH,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,MAAM,CAChD,OAAO,iCAAiC,CACzC,CAAC"}
@@ -2,6 +2,7 @@ import * as z from 'zod/v4';
2
2
  import { CreatedAtPropertyPayloadSchema, CreatedAtPropertySchema, DeactivatedAtPropertyPayloadSchema, DeactivatedAtPropertySchema, DeletedAtPropertyPayloadSchema, DeletedAtPropertySchema, RequiredDatePayloadSchema, RequiredDateSchema, UpdatedAtPropertyPayloadSchema, UpdatedAtPropertySchema, } from '../../common/schema/dates.js';
3
3
  import { KSUIDSchema } from '../../common/schema/id.js';
4
4
  import { MetadataMapPropertySchema, MetadataPayloadPropertySchema, } from '../../common/schema/metadata.js';
5
+ import { RelativeUrlPathSchema } from '../../common/schema/url.js';
5
6
  import { UserIdSchema } from '../../customer/schema.js';
6
7
  import { StrategyIdSchema, StrategyTypeSchema, } from '../strategies/schema/base.js';
7
8
  import { Model } from '../utils.js';
@@ -40,12 +41,6 @@ const SessionAuthenticationFactorHistorySetSchema = SessionAuthenticationFactorH
40
41
  // type SessionAuthenticationFactorSetHistory = z.output<
41
42
  // typeof SessionAuthenticationFactorHistorySetSchema
42
43
  // >;
43
- const RedirectPathSchema = z
44
- .string()
45
- .regex(/^\/[a-zA-Z0-9\-\._~%!$&'()*+,;=:@\/?]*$/, {
46
- message: 'Must be a valid relative path starting with /',
47
- })
48
- .default('/');
49
44
  const BaseSchema = z.object({
50
45
  ...SessionIdPropertySchema.shape,
51
46
  status: SessionStatusSchema,
@@ -63,7 +58,7 @@ export const SessionSchema = z.object({
63
58
  ...CreatedAtPropertySchema.shape,
64
59
  ...UpdatedAtPropertySchema.shape,
65
60
  factorHistory: SessionAuthenticationFactorHistorySetSchema,
66
- redirectPath: RedirectPathSchema,
61
+ redirectPath: RelativeUrlPathSchema.default('/'),
67
62
  ...DeletedAtPropertySchema.shape,
68
63
  ...DeactivatedAtPropertySchema.shape,
69
64
  ...MetadataMapPropertySchema.shape,
@@ -73,7 +68,7 @@ export const SessionPayloadSchema = z.object({
73
68
  expiresAt: RequiredDatePayloadSchema,
74
69
  ...CreatedAtPropertyPayloadSchema.shape,
75
70
  ...UpdatedAtPropertyPayloadSchema.shape,
76
- redirectPath: RedirectPathSchema,
71
+ redirectPath: RelativeUrlPathSchema.default('/'),
77
72
  ...DeletedAtPropertyPayloadSchema.shape,
78
73
  ...DeactivatedAtPropertyPayloadSchema.shape,
79
74
  ...MetadataPayloadPropertySchema.shape,
@@ -45,6 +45,13 @@ describe('Authentication Sessions - Schema', () => {
45
45
  });
46
46
  expect(result.success).toBe(false);
47
47
  });
48
+ test('should reject paths that start with a double slash', () => {
49
+ const result = SessionSchema.safeParse({
50
+ ...baseSession,
51
+ redirectPath: '//example.com/oauth/authorize?client_id=123',
52
+ });
53
+ expect(result.success).toBe(false);
54
+ });
48
55
  test('should reject paths that do not start with slash', () => {
49
56
  const result = SessionSchema.safeParse({
50
57
  ...baseSession,
@@ -1,5 +1,7 @@
1
1
  import * as z from 'zod/v4';
2
2
  export declare function appendSearchParams(path: string, params: Map<string, string | undefined | null> | URLSearchParams): string;
3
+ export declare const RelativeUrlPathSchema: z.ZodString;
4
+ export type RelativeUrlPath = z.output<typeof RelativeUrlPathSchema>;
3
5
  export declare const WebUrlObjectSchema: z.ZodUnion<[z.ZodPipe<z.ZodURL, z.ZodTransform<URL, string>>, z.ZodCustom<URL, URL>]>;
4
6
  export type WebUrlObjectInput = z.input<typeof WebUrlObjectSchema>;
5
7
  export type WebUrlObject = z.output<typeof WebUrlObjectSchema>;
@@ -1 +1 @@
1
- {"version":3,"file":"url.d.ts","sourceRoot":"","sources":["../../../../src/common/schema/url.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAE5B,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,CAAC,GAAG,eAAe,GAC/D,MAAM,CAUR;AAUD,eAAO,MAAM,kBAAkB,uFAEb,CAAC;AACnB,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AACnE,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAE/D,eAAO,MAAM,kBAAkB,uFAEb,CAAC;AACnB,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AACnE,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAO/D,eAAO,MAAM,6BAA6B,gSAMoB,CAAC;AAC/D,MAAM,MAAM,4BAA4B,GAAG,CAAC,CAAC,KAAK,CAChD,OAAO,6BAA6B,CACrC,CAAC;AACF,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAC5C,OAAO,6BAA6B,CACrC,CAAC;AAEF,eAAO,MAAM,6BAA6B,mSAUvC,CAAC;AACJ,MAAM,MAAM,4BAA4B,GAAG,CAAC,CAAC,KAAK,CAChD,OAAO,6BAA6B,CACrC,CAAC;AACF,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAC5C,OAAO,6BAA6B,CACrC,CAAC;AAEF,eAAO,MAAM,2BAA2B,mSAMU,CAAC;AAEnD,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAC9C,OAAO,2BAA2B,CACnC,CAAC;AACF,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAC1C,OAAO,2BAA2B,CACnC,CAAC;AAEF,eAAO,MAAM,2BAA2B,sSAUrC,CAAC;AAEJ,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAC9C,OAAO,2BAA2B,CACnC,CAAC;AACF,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAC1C,OAAO,2BAA2B,CACnC,CAAC"}
1
+ {"version":3,"file":"url.d.ts","sourceRoot":"","sources":["../../../../src/common/schema/url.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAE5B,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,CAAC,GAAG,eAAe,GAC/D,MAAM,CAUR;AAED,eAAO,MAAM,qBAAqB,aAI9B,CAAC;AACL,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAUrE,eAAO,MAAM,kBAAkB,uFAEb,CAAC;AACnB,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AACnE,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAE/D,eAAO,MAAM,kBAAkB,uFAEb,CAAC;AACnB,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AACnE,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAO/D,eAAO,MAAM,6BAA6B,gSAMoB,CAAC;AAC/D,MAAM,MAAM,4BAA4B,GAAG,CAAC,CAAC,KAAK,CAChD,OAAO,6BAA6B,CACrC,CAAC;AACF,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAC5C,OAAO,6BAA6B,CACrC,CAAC;AAEF,eAAO,MAAM,6BAA6B,mSAUvC,CAAC;AACJ,MAAM,MAAM,4BAA4B,GAAG,CAAC,CAAC,KAAK,CAChD,OAAO,6BAA6B,CACrC,CAAC;AACF,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAC5C,OAAO,6BAA6B,CACrC,CAAC;AAEF,eAAO,MAAM,2BAA2B,mSAMU,CAAC;AAEnD,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAC9C,OAAO,2BAA2B,CACnC,CAAC;AACF,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAC1C,OAAO,2BAA2B,CACnC,CAAC;AAEF,eAAO,MAAM,2BAA2B,sSAUrC,CAAC;AAEJ,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAC9C,OAAO,2BAA2B,CACnC,CAAC;AACF,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAC1C,OAAO,2BAA2B,CACnC,CAAC"}
@@ -8,6 +8,11 @@ export function appendSearchParams(path, params) {
8
8
  }, []);
9
9
  return [path, vals.filter(Boolean).join('&')].filter(Boolean).join('?');
10
10
  }
11
+ export const RelativeUrlPathSchema = z
12
+ .string()
13
+ .regex(/^\/(?!\/)[a-zA-Z0-9\-\._~%!$&'()*+,;=:@\/?]*$/, {
14
+ message: 'Must be a valid relative path starting with /',
15
+ });
11
16
  const WebUrlString = z.url({
12
17
  protocol: /^https?$/,
13
18
  hostname: /^([a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,}|localhost$/,
@@ -1,6 +1,16 @@
1
1
  import { describe, expect, test } from 'vitest';
2
- import { appendSearchParams } from './url.js';
2
+ import { RelativeUrlPathSchema, appendSearchParams } from './url.js';
3
3
  describe('Common Schema - URL', () => {
4
+ describe('RelativeUrlPathSchema', () => {
5
+ test('should accept a relative path with query parameters', () => {
6
+ const result = RelativeUrlPathSchema.safeParse('/oauth/authorize?client_id=123');
7
+ expect(result.success).toBe(true);
8
+ });
9
+ test('should reject paths that start with a double slash', () => {
10
+ const result = RelativeUrlPathSchema.safeParse('//example.com/oauth/authorize?client_id=123');
11
+ expect(result.success).toBe(false);
12
+ });
13
+ });
4
14
  describe('appendSearchParams', () => {
5
15
  test('should append search params from Map to path', () => {
6
16
  const params = new Map([
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@go-mondo/identity-sdk",
3
- "version": "0.0.2-beta.80",
3
+ "version": "0.0.2-beta.82",
4
4
  "type": "module",
5
5
  "description": "A node SDK for Mondo Identity",
6
6
  "license": "MIT",