@logto/cloud 0.2.5-6c090b2 → 0.2.5-711f812

package/lib/routes/index.d.ts

@@ -37,7 +37,17 @@ declare enum OrganizationInvitationStatus {
 	Expired = "Expired",
 	Revoked = "Revoked"
 }
-declare enum LogtoJwtTokenPath {
+/** The scopes (permissions) defined by the organization template. */
+export type OrganizationScope = {
+	tenantId: string;
+	/** The globally unique identifier of the organization scope. */
+	id: string;
+	/** The organization scope's name, unique within the organization template. */
+	name: string;
+	/** A brief description of the organization scope. */
+	description: string | null;
+};
+declare enum LogtoJwtTokenKeyType {
 	AccessToken = "access-token",
 	ClientCredentials = "client-credentials"
 }
@@ -59,6 +69,36 @@ declare enum TenantRole {
 	/** Collaborator of the tenant, who has permissions to operate the tenant data, but not the tenant settings. */
 	Collaborator = "collaborator"
 }
+declare enum ReservedPlanId {
+	Free = "free",
+	/**
+	 * @deprecated
+	 * In recent refactoring, the `hobby` plan is now treated as the `pro` plan.
+	 * Only use this plan ID to check if a plan is a `pro` plan or not.
+	 * This plan ID will be renamed to `pro` after legacy Stripe data is migrated by @darcyYe
+	 *
+	 * Todo @darcyYe:
+	 * - LOG-7846: Rename `hobby` to `pro` and `pro` to `legacy-pro`
+	 * - LOG-8339: Migrate legacy Stripe data
+	 */
+	Hobby = "hobby",
+	Pro = "pro",
+	/**
+	 * @deprecated
+	 * Should not use this plan ID, we only use this tag as a record for the legacy `pro` plan since we will rename the `hobby` plan to be `pro`.
+	 */
+	GrandfatheredPro = "grandfathered-pro",
+	Development = "dev",
+	/**
+	 * This plan ID is reserved for Admin tenant.
+	 * In our new pricing model, we plan to add a special plan for Admin tenant, previously, admin tenant is using the `pro` plan, which is not suitable.
+	 */
+	Admin = "admin"
+}
+declare enum LogtoSkuType {
+	Basic = "Basic",
+	AddOn = "AddOn"
+}
 declare const AffiliateProperties: import("@withtyped/server/lib/model/index.js").default<"affiliate_properties", {
 	createdAt: Date;
 	affiliateId: string;
@@ -72,11 +112,16 @@ declare const Affiliates: import("@withtyped/server/lib/model/index.js").default
 	id: string;
 }, "id" | "createdAt", "id" | "createdAt">;
 export type Affiliate = InferModelType<typeof Affiliates>;
+declare enum RegionName {
+	EU = "EU",
+	US = "US"
+}
 export type AffiliateData = Affiliate & {
 	properties: Array<Pick<AffiliateProperty, "type" | "value">>;
 };
 declare const router: import("@withtyped/server").Router<RequestContext, WithAuthContext<Omit<import("@withtyped/server").BaseContext & {
 	request: {
+		id?: string | undefined;
 		method?: import("@withtyped/server").RequestMethod | undefined;
 		headers: import("http").IncomingHttpHeaders;
 		url: URL;
@@ -84,6 +129,7 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 	};
 }, "request"> & {
 	request: Record<string, unknown> & {
+		id?: string | undefined;
 		method?: import("@withtyped/server").RequestMethod | undefined;
 		headers: import("http").IncomingHttpHeaders;
 		url: URL;
@@ -92,13 +138,14 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 		body?: Json | undefined;
 		bodyRaw?: Buffer | undefined;
 	};
-}>, import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").BaseRoutes, import("@withtyped/server").RoutesWithPrefix<{
+}>, import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").MergeRoutes<import("@withtyped/server").BaseRoutes, import("@withtyped/server").RoutesWithPrefix<{
 	patch: {
 		"/tenants/:tenantId": import("@withtyped/server").PathGuard<"/:tenantId", unknown, {
 			name?: string | undefined;
 		}, {
 			id: string;
 			name: string;
+			createdAt: Date;
 			usage: {
 				activeUsers: number;
 				cost: number;
@@ -112,7 +159,10 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 				planId: string;
 				currentPeriodStart: Date;
 				currentPeriodEnd: Date;
+				id?: string | undefined;
 			};
+			regionName: RegionName;
+			tag: TenantTag;
 			openInvoices: {
 				status: "void" | "open" | "draft" | "paid" | "uncollectible" | null;
 				id: string;
@@ -128,7 +178,6 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 				hostedInvoiceUrl: string | null;
 				invoicePdf: string | null;
 			}[];
-			tag: TenantTag;
 		}>;
 	};
 	options: {};
@@ -136,6 +185,7 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 		"/tenants": import("@withtyped/server").PathGuard<"/", unknown, unknown, {
 			id: string;
 			name: string;
+			createdAt: Date;
 			usage: {
 				activeUsers: number;
 				cost: number;
@@ -149,7 +199,10 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 				planId: string;
 				currentPeriodStart: Date;
 				currentPeriodEnd: Date;
+				id?: string | undefined;
 			};
+			regionName: RegionName;
+			tag: TenantTag;
 			openInvoices: {
 				status: "void" | "open" | "draft" | "paid" | "uncollectible" | null;
 				id: string;
@@ -165,16 +218,17 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 				hostedInvoiceUrl: string | null;
 				invoicePdf: string | null;
 			}[];
-			tag: TenantTag;
 		}[]>;
 	};
 	post: {
 		"/tenants": import("@withtyped/server").PathGuard<"/", unknown, {
 			name?: string | undefined;
 			tag?: TenantTag | undefined;
+			regionName?: RegionName | undefined;
 		}, {
 			id: string;
 			name: string;
+			createdAt: Date;
 			usage: {
 				activeUsers: number;
 				cost: number;
@@ -188,7 +242,10 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 				planId: string;
 				currentPeriodStart: Date;
 				currentPeriodEnd: Date;
+				id?: string | undefined;
 			};
+			regionName: RegionName;
+			tag: TenantTag;
 			openInvoices: {
 				status: "void" | "open" | "draft" | "paid" | "uncollectible" | null;
 				id: string;
@@ -204,7 +261,6 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 				hostedInvoiceUrl: string | null;
 				invoicePdf: string | null;
 			}[];
-			tag: TenantTag;
 		}>;
 	};
 	put: {};
@@ -222,6 +278,50 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 			planId: string;
 			currentPeriodStart: Date;
 			currentPeriodEnd: Date;
+			id?: string | undefined;
+		}>;
+	} & {
+		"/tenants/my/subscription/quota": import("@withtyped/server").PathGuard<"/my/subscription/quota", unknown, unknown, {
+			mauLimit: number | null;
+			tokenLimit: number | null;
+			applicationsLimit: number | null;
+			machineToMachineLimit: number | null;
+			resourcesLimit: number | null;
+			scopesPerResourceLimit: number | null;
+			socialConnectorsLimit: number | null;
+			machineToMachineRolesLimit: number | null;
+			scopesPerRoleLimit: number | null;
+			hooksLimit: number | null;
+			auditLogsRetentionDays: number | null;
+			mfaEnabled: boolean;
+			organizationsEnabled: boolean;
+			thirdPartyApplicationsLimit: number | null;
+			tenantMembersLimit: number | null;
+			customJwtEnabled: boolean;
+			subjectTokenEnabled: boolean;
+			userRolesLimit: number | null;
+			enterpriseSsoLimit: number | null;
+		}>;
+	} & {
+		"/tenants/my/subscription/usage": import("@withtyped/server").PathGuard<"/my/subscription/usage", unknown, unknown, {
+			mauLimit: number;
+			tokenLimit: number;
+			applicationsLimit: number;
+			machineToMachineLimit: number;
+			resourcesLimit: number;
+			scopesPerResourceLimit: number;
+			socialConnectorsLimit: number;
+			machineToMachineRolesLimit: number;
+			scopesPerRoleLimit: number;
+			hooksLimit: number;
+			mfaEnabled: boolean;
+			organizationsEnabled: boolean;
+			thirdPartyApplicationsLimit: number;
+			tenantMembersLimit: number;
+			customJwtEnabled: boolean;
+			subjectTokenEnabled: boolean;
+			userRolesLimit: number;
+			enterpriseSsoLimit: number;
 		}>;
 	} & {
 		"/tenants/:tenantId/subscription": import("@withtyped/server").PathGuard<"/:tenantId/subscription", unknown, unknown, {
@@ -229,6 +329,50 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 			planId: string;
 			currentPeriodStart: Date;
 			currentPeriodEnd: Date;
+			id?: string | undefined;
+		}>;
+	} & {
+		"/tenants/:tenantId/subscription/quota": import("@withtyped/server").PathGuard<"/:tenantId/subscription/quota", unknown, unknown, {
+			mauLimit: number | null;
+			tokenLimit: number | null;
+			applicationsLimit: number | null;
+			machineToMachineLimit: number | null;
+			resourcesLimit: number | null;
+			scopesPerResourceLimit: number | null;
+			socialConnectorsLimit: number | null;
+			machineToMachineRolesLimit: number | null;
+			scopesPerRoleLimit: number | null;
+			hooksLimit: number | null;
+			auditLogsRetentionDays: number | null;
+			mfaEnabled: boolean;
+			organizationsEnabled: boolean;
+			thirdPartyApplicationsLimit: number | null;
+			tenantMembersLimit: number | null;
+			customJwtEnabled: boolean;
+			subjectTokenEnabled: boolean;
+			userRolesLimit: number | null;
+			enterpriseSsoLimit: number | null;
+		}>;
+	} & {
+		"/tenants/:tenantId/subscription/usage": import("@withtyped/server").PathGuard<"/:tenantId/subscription/usage", unknown, unknown, {
+			mauLimit: number;
+			tokenLimit: number;
+			applicationsLimit: number;
+			machineToMachineLimit: number;
+			resourcesLimit: number;
+			scopesPerResourceLimit: number;
+			socialConnectorsLimit: number;
+			machineToMachineRolesLimit: number;
+			scopesPerRoleLimit: number;
+			hooksLimit: number;
+			mfaEnabled: boolean;
+			organizationsEnabled: boolean;
+			thirdPartyApplicationsLimit: number;
+			tenantMembersLimit: number;
+			customJwtEnabled: boolean;
+			subjectTokenEnabled: boolean;
+			userRolesLimit: number;
+			enterpriseSsoLimit: number;
 		}>;
 	} & {
 		"/tenants/:tenantId/invoices": import("@withtyped/server").PathGuard<"/:tenantId/invoices", unknown, unknown, {
@@ -310,21 +454,36 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 			};
 		}, unknown>;
 	} & {
-		"/services/custom-jwt": import("@withtyped/server").PathGuard<"/custom-jwt", unknown, {
+		"/services/custom-jwt": import("@withtyped/server").PathGuard<"/custom-jwt", {
+			isTest?: string | undefined;
+		}, {
+			context: Record<string, Json>;
 			script: string;
-			tokenType: LogtoJwtTokenPath.AccessToken;
+			tokenType: LogtoJwtTokenKeyType.AccessToken;
 			token: Record<string, Json>;
-			context: Record<string, Json>;
-			envVars?: Record<string, string> | undefined;
+			environmentVariables?: Record<string, string> | undefined;
 		} | {
 			script: string;
-			tokenType: LogtoJwtTokenPath.ClientCredentials;
+			tokenType: LogtoJwtTokenKeyType.ClientCredentials;
 			token: Record<string, Json>;
-			envVars?: Record<string, string> | undefined;
+			environmentVariables?: Record<string, string> | undefined;
 		}, Record<string, unknown>>;
 	};
-	put: {};
-	delete: {};
+	put: {
+		"/services/custom-jwt/worker": import("@withtyped/server").PathGuard<"/custom-jwt/worker", unknown, {
+			"jwt.accessToken"?: {
+				production?: string | undefined;
+				test?: string | undefined;
+			} | undefined;
+			"jwt.clientCredentials"?: {
+				production?: string | undefined;
+				test?: string | undefined;
+			} | undefined;
+		}, unknown>;
+	};
+	delete: {
+		"/services/custom-jwt/worker": import("@withtyped/server").PathGuard<"/custom-jwt/worker", unknown, unknown, unknown>;
+	};
 	copy: {};
 	head: {};
 }, "/api">>, import("@withtyped/server").RoutesWithPrefix<{
@@ -336,18 +495,6 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 			createdAt: Date;
 			name: string;
 			updatedAt: Date;
-			stripeProducts: {
-				type: "flat" | "tier1" | "tier2" | "tier3";
-				id: string;
-				name: string;
-				price: {
-					id: string;
-					unitAmountDecimal: string;
-					quantity?: 1 | undefined;
-					unitAmount?: number | null | undefined;
-				};
-				description?: string | undefined;
-			}[];
 			quota: {
 				mauLimit: number | null;
 				tokenLimit: number | null;
@@ -369,6 +516,60 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 				organizationsEnabled: boolean;
 				ssoEnabled: boolean;
 				thirdPartyApplicationsLimit: number | null;
+				tenantMembersLimit: number | null;
+				customJwtEnabled: boolean;
+				subjectTokenEnabled: boolean;
+			};
+			stripeProducts: {
+				type: "flat" | "tier1" | "tier2" | "tier3";
+				id: string;
+				name: string;
+				price: {
+					id: string;
+					unitAmountDecimal: string;
+					quantity?: 1 | undefined;
+					unitAmount?: number | null | undefined;
+				};
+				description?: string | undefined;
+			}[];
+		}[]>;
+	};
+	post: {};
+	put: {};
+	delete: {};
+	copy: {};
+	head: {};
+}, "/api">>, import("@withtyped/server").RoutesWithPrefix<{
+	patch: {};
+	options: {};
+	get: {
+		"/skus": import("@withtyped/server").PathGuard<"/", {
+			isBasicSkuOnly?: string | undefined;
+		}, unknown, {
+			id: string;
+			createdAt: Date;
+			type: LogtoSkuType;
+			updatedAt: Date;
+			quota: {
+				mauLimit?: number | null | undefined;
+				applicationsLimit?: number | null | undefined;
+				thirdPartyApplicationsLimit?: number | null | undefined;
+				scopesPerResourceLimit?: number | null | undefined;
+				socialConnectorsLimit?: number | null | undefined;
+				userRolesLimit?: number | null | undefined;
+				machineToMachineRolesLimit?: number | null | undefined;
+				scopesPerRoleLimit?: number | null | undefined;
+				hooksLimit?: number | null | undefined;
+				auditLogsRetentionDays?: number | null | undefined;
+				customJwtEnabled?: boolean | undefined;
+				subjectTokenEnabled?: boolean | undefined;
+				tokenLimit?: number | null | undefined;
+				machineToMachineLimit?: number | null | undefined;
+				resourcesLimit?: number | null | undefined;
+				enterpriseSsoLimit?: number | null | undefined;
+				tenantMembersLimit?: number | null | undefined;
+				mfaEnabled?: boolean | undefined;
+				organizationsEnabled?: boolean | undefined;
 			};
 		}[]>;
 	};
@@ -393,12 +594,13 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 	};
 	post: {
 		"/checkout-session": import("@withtyped/server").PathGuard<"/", unknown, {
-			planId: string;
+			planId: ReservedPlanId;
 			successCallbackUrl: string;
 			tenantId?: string | undefined;
 			cancelCallbackUrl?: string | undefined;
 			tenantTag?: TenantTag | undefined;
 			tenantName?: string | undefined;
+			tenantRegionName?: RegionName | undefined;
 		}, {
 			sessionId: string;
 			redirectUri?: string | null | undefined;
@@ -482,15 +684,15 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 			status: OrganizationInvitationStatus;
 			tenantId: string;
 			updatedAt: number;
-			organizationId: string;
 			inviterId: string | null;
 			invitee: string;
-			expiresAt: number;
 			acceptedUserId: string | null;
+			organizationId: string;
+			expiresAt: number;
 			organizationRoles: OrganizationRoleEntity[];
 		} & {
-			tenantTag: TenantTag;
 			tenantName: string;
+			tenantTag: TenantTag;
 		})[]>;
 	} & {
 		"/invitations/:invitationId": import("@withtyped/server").PathGuard<"/:invitationId", unknown, unknown, {
@@ -499,11 +701,11 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 			status: OrganizationInvitationStatus;
 			tenantId: string;
 			updatedAt: number;
-			organizationId: string;
 			inviterId: string | null;
 			invitee: string;
-			expiresAt: number;
 			acceptedUserId: string | null;
+			organizationId: string;
+			expiresAt: number;
 			organizationRoles: OrganizationRoleEntity[];
 		}>;
 	};
@@ -512,9 +714,21 @@ declare const router: import("@withtyped/server").Router<RequestContext, WithAut
 	delete: {};
 	copy: {};
 	head: {};
+}, "/api">>, import("@withtyped/server").RoutesWithPrefix<{
+	patch: {};
+	options: {};
+	get: {};
+	post: {};
+	put: {};
+	delete: {
+		"/me": import("@withtyped/server").PathGuard<"/", unknown, unknown, unknown>;
+	};
+	copy: {};
+	head: {};
 }, "/api">>, "/api">;
 export declare const tenantAuthRouter: import("@withtyped/server").Router<RequestContext, import("@withtyped/server").WithBodyContext<import("@withtyped/server").BaseContext & {
 	request: {
+		id?: string | undefined;
 		method?: import("@withtyped/server").RequestMethod | undefined;
 		headers: import("http").IncomingHttpHeaders;
 		url: URL;
@@ -530,11 +744,11 @@ export declare const tenantAuthRouter: import("@withtyped/server").Router<Reques
 			status: OrganizationInvitationStatus;
 			tenantId: string;
 			updatedAt: number;
-			organizationId: string;
 			inviterId: string | null;
 			invitee: string;
-			expiresAt: number;
 			acceptedUserId: string | null;
+			organizationId: string;
+			expiresAt: number;
 			organizationRoles: OrganizationRoleEntity[];
 		}>;
 	};
@@ -549,6 +763,8 @@ export declare const tenantAuthRouter: import("@withtyped/server").Router<Reques
 			avatar: string | null;
 			organizationRoles: OrganizationRoleEntity[];
 		}[]>;
+	} & {
+		"/:tenantId/members/:userId/scopes": import("@withtyped/server").PathGuard<"/:tenantId/members/:userId/scopes", unknown, unknown, OrganizationScope[]>;
 	} & {
 		"/:tenantId/invitations": import("@withtyped/server").PathGuard<"/:tenantId/invitations", unknown, unknown, ({
 			id: string;
@@ -556,11 +772,11 @@ export declare const tenantAuthRouter: import("@withtyped/server").Router<Reques
 			status: OrganizationInvitationStatus;
 			tenantId: string;
 			updatedAt: number;
-			organizationId: string;
 			inviterId: string | null;
 			invitee: string;
-			expiresAt: number;
 			acceptedUserId: string | null;
+			organizationId: string;
+			expiresAt: number;
 			organizationRoles: OrganizationRoleEntity[];
 		} & {
 			inviterName?: string | undefined;
@@ -577,11 +793,11 @@ export declare const tenantAuthRouter: import("@withtyped/server").Router<Reques
 			status: OrganizationInvitationStatus;
 			tenantId: string;
 			updatedAt: number;
-			organizationId: string;
 			inviterId: string | null;
 			invitee: string;
-			expiresAt: number;
 			acceptedUserId: string | null;
+			organizationId: string;
+			expiresAt: number;
 			organizationRoles: OrganizationRoleEntity[];
 		}>;
 	} & {
@@ -600,35 +816,6 @@ export declare const tenantAuthRouter: import("@withtyped/server").Router<Reques
 	copy: {};
 	head: {};
 }, "/api/tenants">>, "/api/tenants">;
-export declare const functionsRouter: import("@withtyped/server").Router<RequestContext, WithAuthContext<Omit<import("@withtyped/server").BaseContext & {
-	request: {
-		method?: import("@withtyped/server").RequestMethod | undefined;
-		headers: import("http").IncomingHttpHeaders;
-		url: URL;
-		body?: unknown;
-	};
-}, "request"> & {
-	request: Record<string, unknown> & {
-		method?: import("@withtyped/server").RequestMethod | undefined;
-		headers: import("http").IncomingHttpHeaders;
-		url: URL;
-		body?: unknown;
-	} & {
-		body?: Json | undefined;
-		bodyRaw?: Buffer | undefined;
-	};
-}>, import("@withtyped/server").MergeRoutes<import("@withtyped/server").BaseRoutes, import("@withtyped/server").RoutesWithPrefix<{
-	patch: {};
-	options: {};
-	get: {};
-	post: {
-		"/database-alteration": import("@withtyped/server").PathGuard<"/database-alteration", unknown, Json, unknown>;
-	};
-	put: {};
-	delete: {};
-	copy: {};
-	head: {};
-}, "/functions">>, "/functions">;
 
 export {
 	router as default,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/cloud",
-  "version": "0.2.5-6c090b2",
+  "version": "0.2.5-711f812",
   "description": "Logto Cloud service.",
   "main": "build/index.js",
   "author": "Silverhand Inc. <contact@silverhand.io>",
@@ -16,21 +16,21 @@
     "#src/*": "./build/*"
   },
   "devDependencies": {
-    "@silverhand/eslint-config": "5.0.0",
-    "@silverhand/ts-config": "5.0.0",
+    "@silverhand/eslint-config": "6.0.1",
+    "@silverhand/ts-config": "6.0.0",
     "@types/accepts": "^1.3.5",
     "@types/http-proxy": "^1.17.9",
     "@types/mime-types": "^2.1.1",
     "@types/node": "^20.0.0",
     "@types/yargs": "^17.0.24",
     "dts-bundle-generator": "^9.3.1",
-    "eslint": "^8.44.0",
+    "eslint": "^8.57.0",
     "lint-staged": "^15.0.0",
     "nodemon": "^3.0.0",
     "prettier": "^3.0.0",
     "typescript": "^5.3.3",
     "vite-tsconfig-paths": "^4.3.1",
-    "vitest": "^1.0.0"
+    "vitest": "^1.5.0"
   },
   "engines": {
     "node": "^20.9.0"
@@ -49,8 +49,8 @@
     "access": "public"
   },
   "dependencies": {
-    "@silverhand/essentials": "^2.9.0",
-    "@withtyped/server": "^0.13.3"
+    "@silverhand/essentials": "^2.9.1",
+    "@withtyped/server": "^0.13.6"
   },
   "scripts": {
     "precommit": "lint-staged",