@logto/core-kit 2.4.0 → 2.5.0

package/lib/custom-jwt/error-handling.d.ts

@@ -0,0 +1,7 @@
+export declare const buildErrorResponse: (error: unknown) => {
+    message: string;
+    stack: string | undefined;
+} | {
+    message: string;
+    stack?: undefined;
+};

package/lib/custom-jwt/error-handling.js

@@ -0,0 +1,9 @@
+import { types } from 'node:util';
+export const buildErrorResponse = (error) => 
+/**
+ * Use `isNativeError` to check if the error is an instance of `Error`.
+ * If the error comes from `node:vm` module, then it will not be an instance of `Error` but can be captured by `isNativeError`.
+ */
+types.isNativeError(error)
+    ? { message: error.message, stack: error.stack }
+    : { message: String(error) };

package/lib/custom-jwt/index.d.ts

@@ -0,0 +1,2 @@
+export * from './script-execution.js';
+export * from './error-handling.js';

package/lib/custom-jwt/index.js

@@ -0,0 +1,2 @@
+export * from './script-execution.js';
+export * from './error-handling.js';

package/lib/custom-jwt/script-execution.d.ts

@@ -0,0 +1,10 @@
+/**
+ * This function is used to execute a named function in a customized code script in a local
+ * virtual machine with the given payload as input.
+ *
+ * @param script Custom code snippet.
+ * @param functionName The name of the function to be executed.
+ * @param payload The input payload for the function.
+ * @returns The result of the function execution.
+ */
+export declare const runScriptFunctionInLocalVm: (script: string, functionName: string, payload: unknown) => Promise<unknown>;

package/lib/custom-jwt/script-execution.js

@@ -0,0 +1,30 @@
+import { runInNewContext } from 'node:vm';
+/**
+ * This function is used to execute a named function in a customized code script in a local
+ * virtual machine with the given payload as input.
+ *
+ * @param script Custom code snippet.
+ * @param functionName The name of the function to be executed.
+ * @param payload The input payload for the function.
+ * @returns The result of the function execution.
+ */
+export const runScriptFunctionInLocalVm = async (script, functionName, payload) => {
+    const globalContext = Object.freeze({
+        fetch: async (...args) => fetch(...args),
+    });
+    const customFunction = runInNewContext(script + `;${functionName};`, globalContext);
+    if (typeof customFunction !== 'function') {
+        throw new TypeError(`The script does not have a function named \`${functionName}\``);
+    }
+    /**
+     * We can not use top-level await in `vm`, use the following implementation instead.
+     *
+     * Ref:
+     * 1. https://github.com/nodejs/node/issues/40898
+     * 2. https://github.com/n-riesco/ijavascript/issues/173#issuecomment-693924098
+     */
+    const result = await runInNewContext('(async () => customFunction(payload))();', Object.freeze({ customFunction, payload }), 
+    // Limit the execution time to 3 seconds, throws error if the script takes too long to execute.
+    { timeout: 3000 });
+    return result;
+};

package/lib/models/tenant.d.ts

@@ -1,7 +1,7 @@
-export type TenantMetadata = {
+export type TenantDatabaseMetadata = {
     id: string;
     parentRole: string;
     role: string;
     password: string;
 };
-export declare const createTenantMetadata: (databaseName: string, tenantId?: string) => TenantMetadata;
+export declare const createTenantDatabaseMetadata: (databaseName: string, tenantId?: string) => TenantDatabaseMetadata;

package/lib/models/tenant.js

@@ -1,7 +1,7 @@
 import { generateStandardId } from '@logto/shared/universal';
 // Use lowercase letters for tenant IDs to improve compatibility
 const generateTenantId = () => generateStandardId(6);
-export const createTenantMetadata = (databaseName, tenantId = generateTenantId()) => {
+export const createTenantDatabaseMetadata = (databaseName, tenantId = generateTenantId()) => {
     const parentRole = `logto_tenant_${databaseName}`;
     const role = `logto_tenant_${databaseName}_${tenantId}`;
     const password = generateStandardId(32);

package/lib/openid.d.ts

@@ -12,7 +12,7 @@ export declare enum ReservedResource {
      */
     Organization = "urn:logto:resource:organizations"
 }
-export type UserClaim = 'name' | 'given_name' | 'family_name' | 'middle_name' | 'nickname' | 'preferred_username' | 'profile' | 'picture' | 'website' | 'email' | 'email_verified' | 'gender' | 'birthdate' | 'zoneinfo' | 'locale' | 'phone_number' | 'phone_number_verified' | 'address' | 'updated_at' | 'username' | 'roles' | 'organizations' | 'organization_data' | 'organization_roles' | 'custom_data' | 'identities' | 'created_at';
+export type UserClaim = 'name' | 'given_name' | 'family_name' | 'middle_name' | 'nickname' | 'preferred_username' | 'profile' | 'picture' | 'website' | 'email' | 'email_verified' | 'gender' | 'birthdate' | 'zoneinfo' | 'locale' | 'phone_number' | 'phone_number_verified' | 'address' | 'updated_at' | 'username' | 'roles' | 'organizations' | 'organization_data' | 'organization_roles' | 'custom_data' | 'identities' | 'sso_identities' | 'created_at';
 /**
  * Scopes for ID Token and Userinfo Endpoint.
  */
@@ -48,7 +48,7 @@ export declare enum UserScope {
      */
     CustomData = "custom_data",
     /**
-     * Scope for user's social identity details.
+     * Scope for user's social and SSO identity details.
      *
      * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
      */

package/lib/openid.js

@@ -50,7 +50,7 @@ export var UserScope;
      */
     UserScope["CustomData"] = "custom_data";
     /**
-     * Scope for user's social identity details.
+     * Scope for user's social and SSO identity details.
      *
      * See {@link idTokenClaims} for mapped claims in ID Token and {@link userinfoClaims} for additional claims in Userinfo Endpoint.
      */
@@ -121,7 +121,7 @@ export const userinfoClaims = Object.freeze({
     [UserScope.Organizations]: ['organization_data'],
     [UserScope.OrganizationRoles]: [],
     [UserScope.CustomData]: ['custom_data'],
-    [UserScope.Identities]: ['identities'],
+    [UserScope.Identities]: ['identities', 'sso_identities'],
 });
 export const userClaims = Object.freeze(
 // Hard to infer type directly, use `as` for a workaround.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/core-kit",
-  "version": "2.4.0",
+  "version": "2.5.0",
   "author": "Silverhand Inc. <contact@silverhand.io>",
   "homepage": "https://github.com/logto-io/toolkit#readme",
   "repository": {
@@ -17,7 +17,11 @@
       "import": "./lib/index.js"
     },
     "./declaration": "./declaration/index.ts",
-    "./scss/*": "./scss/*.scss"
+    "./scss/*": "./scss/*.scss",
+    "./custom-jwt": {
+      "node": "./lib/custom-jwt/index.js",
+      "types": "./lib/custom-jwt/index.d.ts"
+    }
   },
   "types": "./lib/index.d.ts",
   "files": [
@@ -31,21 +35,22 @@
   "dependencies": {
     "@logto/language-kit": "^1.1.0",
     "@logto/shared": "^3.1.0",
-    "@silverhand/essentials": "^2.9.0",
+    "@silverhand/essentials": "^2.9.1",
     "color": "^4.2.3"
   },
   "optionalDependencies": {
     "zod": "^3.22.4"
   },
   "devDependencies": {
-    "@silverhand/eslint-config": "5.0.0",
-    "@silverhand/ts-config": "5.0.0",
-    "@silverhand/ts-config-react": "5.0.0",
+    "@silverhand/eslint-config": "6.0.1",
+    "@silverhand/eslint-config-react": "6.0.2",
+    "@silverhand/ts-config": "6.0.0",
+    "@silverhand/ts-config-react": "6.0.0",
     "@types/color": "^3.0.3",
     "@types/node": "^20.9.5",
     "@types/react": "^18.0.31",
     "@vitest/coverage-v8": "^1.4.0",
-    "eslint": "^8.44.0",
+    "eslint": "^8.56.0",
     "lint-staged": "^15.0.0",
     "postcss": "^8.4.31",
     "prettier": "^3.0.0",