@logto/schemas 1.10.0 → 1.10.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (144) hide show
  1. package/alterations/1.10.1-1695647183-update-private-key-type.ts +108 -0
  2. package/alterations/1.10.1-1696657546-organization-tables.ts +150 -0
  3. package/alterations/1.10.1-1697683802-add-sso-connectors-table.ts +66 -0
  4. package/alterations/1.10.1-1698646271-add-organization-created-flag.ts +75 -0
  5. package/alterations/1.10.1-1698820410-add-user-sso-identities-table.ts +61 -0
  6. package/alterations/1.10.1-1698910485-user-logto-data.ts +20 -0
  7. package/alterations-js/1.10.1-1695647183-update-private-key-type.d.ts +3 -0
  8. package/alterations-js/1.10.1-1695647183-update-private-key-type.js +50 -0
  9. package/alterations-js/1.10.1-1696657546-organization-tables.d.ts +3 -0
  10. package/alterations-js/1.10.1-1696657546-organization-tables.js +136 -0
  11. package/alterations-js/1.10.1-1697683802-add-sso-connectors-table.d.ts +3 -0
  12. package/alterations-js/1.10.1-1697683802-add-sso-connectors-table.js +58 -0
  13. package/alterations-js/1.10.1-1698646271-add-organization-created-flag.d.ts +3 -0
  14. package/alterations-js/1.10.1-1698646271-add-organization-created-flag.js +26 -0
  15. package/alterations-js/1.10.1-1698820410-add-user-sso-identities-table.d.ts +4 -0
  16. package/alterations-js/1.10.1-1698820410-add-user-sso-identities-table.js +53 -0
  17. package/alterations-js/1.10.1-1698910485-user-logto-data.d.ts +3 -0
  18. package/alterations-js/1.10.1-1698910485-user-logto-data.js +16 -0
  19. package/lib/db-entries/application.d.ts +7 -1
  20. package/lib/db-entries/application.js +1 -0
  21. package/lib/db-entries/applications-role.d.ts +7 -1
  22. package/lib/db-entries/applications-role.js +1 -0
  23. package/lib/db-entries/connector.d.ts +7 -1
  24. package/lib/db-entries/connector.js +1 -0
  25. package/lib/db-entries/custom-phrase.d.ts +7 -1
  26. package/lib/db-entries/custom-phrase.js +1 -0
  27. package/lib/db-entries/daily-active-user.d.ts +7 -1
  28. package/lib/db-entries/daily-active-user.js +1 -0
  29. package/lib/db-entries/domain.d.ts +7 -1
  30. package/lib/db-entries/domain.js +1 -0
  31. package/lib/db-entries/hook.d.ts +7 -1
  32. package/lib/db-entries/hook.js +1 -0
  33. package/lib/db-entries/index.d.ts +8 -0
  34. package/lib/db-entries/index.js +8 -0
  35. package/lib/db-entries/log.d.ts +7 -1
  36. package/lib/db-entries/log.js +1 -0
  37. package/lib/db-entries/logto-config.d.ts +10 -4
  38. package/lib/db-entries/logto-config.js +4 -3
  39. package/lib/db-entries/oidc-model-instance.d.ts +7 -1
  40. package/lib/db-entries/oidc-model-instance.js +1 -0
  41. package/lib/db-entries/organization-role-scope-relation.d.ts +20 -0
  42. package/lib/db-entries/organization-role-scope-relation.js +29 -0
  43. package/lib/db-entries/organization-role-user-relation.d.ts +22 -0
  44. package/lib/db-entries/organization-role-user-relation.js +33 -0
  45. package/lib/db-entries/organization-role.d.ts +28 -0
  46. package/lib/db-entries/organization-role.js +33 -0
  47. package/lib/db-entries/organization-scope.d.ts +28 -0
  48. package/lib/db-entries/organization-scope.js +33 -0
  49. package/lib/db-entries/organization-user-relation.d.ts +20 -0
  50. package/lib/db-entries/organization-user-relation.js +29 -0
  51. package/lib/db-entries/organization.d.ts +32 -0
  52. package/lib/db-entries/organization.js +37 -0
  53. package/lib/db-entries/passcode.d.ts +7 -1
  54. package/lib/db-entries/passcode.js +1 -0
  55. package/lib/db-entries/resource.d.ts +7 -1
  56. package/lib/db-entries/resource.js +1 -0
  57. package/lib/db-entries/role.d.ts +7 -1
  58. package/lib/db-entries/role.js +1 -0
  59. package/lib/db-entries/roles-scope.d.ts +7 -1
  60. package/lib/db-entries/roles-scope.js +1 -0
  61. package/lib/db-entries/scope.d.ts +7 -1
  62. package/lib/db-entries/scope.js +1 -0
  63. package/lib/db-entries/sentinel-activity.d.ts +7 -1
  64. package/lib/db-entries/sentinel-activity.js +1 -0
  65. package/lib/db-entries/service-log.d.ts +7 -1
  66. package/lib/db-entries/service-log.js +1 -0
  67. package/lib/db-entries/sign-in-experience.d.ts +7 -1
  68. package/lib/db-entries/sign-in-experience.js +1 -0
  69. package/lib/db-entries/sso-connector.d.ts +50 -0
  70. package/lib/db-entries/sso-connector.js +58 -0
  71. package/lib/db-entries/system.d.ts +7 -1
  72. package/lib/db-entries/system.js +1 -0
  73. package/lib/db-entries/user-sso-identity.d.ts +30 -0
  74. package/lib/db-entries/user-sso-identity.js +46 -0
  75. package/lib/db-entries/user.d.ts +9 -1
  76. package/lib/db-entries/user.js +5 -0
  77. package/lib/db-entries/users-role.d.ts +7 -1
  78. package/lib/db-entries/users-role.js +1 -0
  79. package/lib/db-entries/verification-status.d.ts +7 -1
  80. package/lib/db-entries/verification-status.js +1 -0
  81. package/lib/foundations/index.d.ts +1 -1
  82. package/lib/foundations/index.js +1 -1
  83. package/lib/foundations/jsonb-types/custom-domain.d.ts +134 -0
  84. package/lib/foundations/jsonb-types/custom-domain.js +36 -0
  85. package/lib/foundations/jsonb-types/hooks.d.ts +32 -0
  86. package/lib/foundations/jsonb-types/hooks.js +24 -0
  87. package/lib/foundations/jsonb-types/index.d.ts +15 -0
  88. package/lib/foundations/jsonb-types/index.js +16 -0
  89. package/lib/foundations/jsonb-types/logs.d.ts +106 -0
  90. package/lib/foundations/jsonb-types/logs.js +20 -0
  91. package/lib/foundations/jsonb-types/oidc-module.d.ts +80 -0
  92. package/lib/foundations/jsonb-types/oidc-module.js +54 -0
  93. package/lib/foundations/jsonb-types/phrases.d.ts +5 -0
  94. package/lib/foundations/jsonb-types/phrases.js +2 -0
  95. package/lib/foundations/jsonb-types/sentinel.d.ts +27 -0
  96. package/lib/foundations/jsonb-types/sentinel.js +28 -0
  97. package/lib/foundations/jsonb-types/sign-in-experience.d.ts +118 -0
  98. package/lib/foundations/jsonb-types/sign-in-experience.js +56 -0
  99. package/lib/foundations/jsonb-types/sso-connector.d.ts +14 -0
  100. package/lib/foundations/jsonb-types/sso-connector.js +6 -0
  101. package/lib/foundations/jsonb-types/users.d.ts +285 -0
  102. package/lib/foundations/jsonb-types/users.js +47 -0
  103. package/lib/foundations/schemas.d.ts +11 -13
  104. package/lib/models/tenants.d.ts +7 -11
  105. package/lib/seeds/logto-config.js +1 -0
  106. package/lib/types/application.d.ts +51 -1
  107. package/lib/types/application.js +7 -1
  108. package/lib/types/connector.d.ts +516 -2360
  109. package/lib/types/domain.d.ts +65 -27
  110. package/lib/types/hook.d.ts +15 -16
  111. package/lib/types/index.d.ts +3 -0
  112. package/lib/types/index.js +3 -0
  113. package/lib/types/interactions.d.ts +502 -10
  114. package/lib/types/interactions.js +83 -5
  115. package/lib/types/log/interaction.d.ts +4 -3
  116. package/lib/types/log/interaction.js +1 -0
  117. package/lib/types/logto-config.d.ts +50 -2
  118. package/lib/types/logto-config.js +30 -3
  119. package/lib/types/mfa.d.ts +211 -0
  120. package/lib/types/mfa.js +62 -0
  121. package/lib/types/organization.d.ts +44 -0
  122. package/lib/types/organization.js +20 -0
  123. package/lib/types/role.d.ts +5 -3
  124. package/lib/types/scope.d.ts +12 -27
  125. package/lib/types/sso-connector.d.ts +21 -0
  126. package/lib/types/sso-connector.js +10 -0
  127. package/lib/types/system.d.ts +26 -7
  128. package/lib/types/system.js +8 -0
  129. package/lib/types/user-assets.d.ts +2 -2
  130. package/lib/types/user.d.ts +209 -66
  131. package/lib/types/user.js +8 -2
  132. package/package.json +6 -6
  133. package/tables/logto_configs.sql +1 -1
  134. package/tables/organization_role_scope_relations.sql +12 -0
  135. package/tables/organization_role_user_relations.sql +14 -0
  136. package/tables/organization_roles.sql +19 -0
  137. package/tables/organization_scopes.sql +19 -0
  138. package/tables/organization_user_relations.sql +12 -0
  139. package/tables/organizations.sql +19 -0
  140. package/tables/sso_connectors.sql +29 -0
  141. package/tables/user_sso_identities.sql +17 -0
  142. package/tables/users.sql +1 -0
  143. package/lib/foundations/jsonb-types.d.ts +0 -673
  144. package/lib/foundations/jsonb-types.js +0 -260
package/lib/foundations/jsonb-types.js DELETED
@@ -1,260 +0,0 @@
1
- import { hexColorRegEx, passwordPolicyGuard, validateRedirectUrl, } from '@logto/core-kit';
2
- import { languageTagGuard } from '@logto/language-kit';
3
- import { z } from 'zod';
4
- export { configurableConnectorMetadataGuard, } from '@logto/connector-kit';
5
- /* === Commonly Used === */
6
- // Copied from https://github.com/colinhacks/zod#json-type
7
- const literalSchema = z.union([z.string(), z.number(), z.boolean(), z.null()]);
8
- export const jsonGuard = z.lazy(() => z.union([literalSchema, z.array(jsonGuard), z.record(jsonGuard)]));
9
- export const jsonObjectGuard = z.record(jsonGuard);
10
- /* === OIDC Model Instances === */
11
- export const oidcModelInstancePayloadGuard = z
12
- .object({
13
- userCode: z.string().optional(),
14
- uid: z.string().optional(),
15
- grantId: z.string().optional(),
16
- })
17
- /**
18
- * Try to use `.passthrough()` if type has been fixed.
19
- * https://github.com/colinhacks/zod/issues/452
20
- */
21
- .catchall(z.unknown());
22
- export const oidcClientMetadataGuard = z.object({
23
- redirectUris: z
24
- .string()
25
- .refine((url) => validateRedirectUrl(url, 'web'))
26
- .or(z.string().refine((url) => validateRedirectUrl(url, 'mobile')))
27
- .array(),
28
- postLogoutRedirectUris: z.string().url().array(),
29
- logoUri: z.string().optional(),
30
- });
31
- export var CustomClientMetadataKey;
32
- (function (CustomClientMetadataKey) {
33
- CustomClientMetadataKey["CorsAllowedOrigins"] = "corsAllowedOrigins";
34
- CustomClientMetadataKey["IdTokenTtl"] = "idTokenTtl";
35
- /** @deprecated Use {@link RefreshTokenTtlInDays} instead. */
36
- CustomClientMetadataKey["RefreshTokenTtl"] = "refreshTokenTtl";
37
- CustomClientMetadataKey["RefreshTokenTtlInDays"] = "refreshTokenTtlInDays";
38
- CustomClientMetadataKey["TenantId"] = "tenantId";
39
- /**
40
- * Enabling this configuration will allow Logto to always issue Refresh Tokens, regardless of whether `prompt=consent` is presented in the authentication request.
41
- *
42
- * It only works for web applications when the client allowed grant types includes `refresh_token`.
43
- *
44
- * This config is for the third-party integrations that do not strictly follow OpenID Connect standards due to some reasons (e.g. they only know OAuth, but requires a Refresh Token to be returned anyway).
45
- */
46
- CustomClientMetadataKey["AlwaysIssueRefreshToken"] = "alwaysIssueRefreshToken";
47
- /**
48
- * When enabled (default), Logto will issue a new Refresh Token for token requests when 70% of the original Time to Live (TTL) has passed.
49
- *
50
- * It can be turned off for only traditional web apps for enhanced security.
51
- */
52
- CustomClientMetadataKey["RotateRefreshToken"] = "rotateRefreshToken";
53
- })(CustomClientMetadataKey || (CustomClientMetadataKey = {}));
54
- export const customClientMetadataGuard = z.object({
55
- [CustomClientMetadataKey.CorsAllowedOrigins]: z.string().min(1).array().optional(),
56
- [CustomClientMetadataKey.IdTokenTtl]: z.number().optional(),
57
- [CustomClientMetadataKey.RefreshTokenTtl]: z.number().optional(),
58
- [CustomClientMetadataKey.RefreshTokenTtlInDays]: z.number().int().min(1).max(90).optional(),
59
- [CustomClientMetadataKey.TenantId]: z.string().optional(),
60
- [CustomClientMetadataKey.AlwaysIssueRefreshToken]: z.boolean().optional(),
61
- [CustomClientMetadataKey.RotateRefreshToken]: z.boolean().optional(),
62
- });
63
- /* === SignIn Experiences === */
64
- export const colorGuard = z.object({
65
- primaryColor: z.string().regex(hexColorRegEx),
66
- isDarkModeEnabled: z.boolean(),
67
- darkPrimaryColor: z.string().regex(hexColorRegEx),
68
- });
69
- export const brandingGuard = z.object({
70
- logoUrl: z.string().url().optional(),
71
- darkLogoUrl: z.string().url().optional(),
72
- favicon: z.string().url().optional(),
73
- });
74
- export const languageInfoGuard = z.object({
75
- autoDetect: z.boolean(),
76
- fallbackLanguage: languageTagGuard,
77
- });
78
- export var SignInIdentifier;
79
- (function (SignInIdentifier) {
80
- SignInIdentifier["Username"] = "username";
81
- SignInIdentifier["Email"] = "email";
82
- SignInIdentifier["Phone"] = "phone";
83
- })(SignInIdentifier || (SignInIdentifier = {}));
84
- export const signUpGuard = z.object({
85
- identifiers: z.nativeEnum(SignInIdentifier).array(),
86
- password: z.boolean(),
87
- verify: z.boolean(),
88
- });
89
- export const signInGuard = z.object({
90
- methods: z
91
- .object({
92
- identifier: z.nativeEnum(SignInIdentifier),
93
- password: z.boolean(),
94
- verificationCode: z.boolean(),
95
- isPasswordPrimary: z.boolean(),
96
- })
97
- .array(),
98
- });
99
- export const connectorTargetsGuard = z.string().array();
100
- export const customContentGuard = z.record(z.string());
101
- export var MfaFactor;
102
- (function (MfaFactor) {
103
- MfaFactor["TOTP"] = "Totp";
104
- MfaFactor["WebAuthn"] = "WebAuthn";
105
- MfaFactor["BackupCode"] = "BackupCode";
106
- })(MfaFactor || (MfaFactor = {}));
107
- export const mfaFactorsGuard = z.nativeEnum(MfaFactor).array();
108
- export var MfaPolicy;
109
- (function (MfaPolicy) {
110
- MfaPolicy["UserControlled"] = "UserControlled";
111
- MfaPolicy["Mandatory"] = "Mandatory";
112
- })(MfaPolicy || (MfaPolicy = {}));
113
- export const mfaGuard = z.object({
114
- factors: mfaFactorsGuard,
115
- policy: z.nativeEnum(MfaPolicy),
116
- });
117
- /* === Users === */
118
- export const roleNamesGuard = z.string().array();
119
- const identityGuard = z.object({
120
- userId: z.string(),
121
- details: z.object({}).optional(), // Connector's userinfo details, schemaless
122
- });
123
- export const identitiesGuard = z.record(identityGuard);
124
- export const baseMfaVerification = {
125
- id: z.string(),
126
- createdAt: z.string(),
127
- };
128
- export const mfaVerificationTotp = z.object({
129
- type: z.literal(MfaFactor.TOTP),
130
- ...baseMfaVerification,
131
- key: z.string(),
132
- });
133
- export const mfaVerificationWebAuthn = z.object({
134
- type: z.literal(MfaFactor.WebAuthn),
135
- ...baseMfaVerification,
136
- credentialId: z.string(),
137
- publicKey: z.string(),
138
- counter: z.number(),
139
- agent: z.string(),
140
- });
141
- export const mfaVerificationBackupCode = z.object({
142
- type: z.literal(MfaFactor.BackupCode),
143
- ...baseMfaVerification,
144
- code: z.string(),
145
- usedAt: z.string().optional(),
146
- });
147
- export const mfaVerificationGuard = z.discriminatedUnion('type', [
148
- mfaVerificationTotp,
149
- mfaVerificationWebAuthn,
150
- mfaVerificationBackupCode,
151
- ]);
152
- export const mfaVerificationsGuard = mfaVerificationGuard.array();
153
- export const translationGuard = z.lazy(() => z.record(z.string().or(translationGuard)));
154
- /* === Logs === */
155
- export var LogResult;
156
- (function (LogResult) {
157
- LogResult["Success"] = "Success";
158
- LogResult["Error"] = "Error";
159
- })(LogResult || (LogResult = {}));
160
- export const logContextPayloadGuard = z
161
- .object({
162
- key: z.string(),
163
- result: z.nativeEnum(LogResult),
164
- error: z.record(z.string(), z.unknown()).or(z.string()).optional(),
165
- ip: z.string().optional(),
166
- userAgent: z.string().optional(),
167
- userId: z.string().optional(),
168
- applicationId: z.string().optional(),
169
- sessionId: z.string().optional(),
170
- })
171
- .catchall(z.unknown());
172
- export const partialPasswordPolicyGuard = passwordPolicyGuard.deepPartial();
173
- /* === Hooks === */
174
- export var HookEvent;
175
- (function (HookEvent) {
176
- HookEvent["PostRegister"] = "PostRegister";
177
- HookEvent["PostSignIn"] = "PostSignIn";
178
- HookEvent["PostResetPassword"] = "PostResetPassword";
179
- })(HookEvent || (HookEvent = {}));
180
- export const hookEventGuard = z.nativeEnum(HookEvent);
181
- export const hookEventsGuard = hookEventGuard.array();
182
- export const hookConfigGuard = z.object({
183
- /** We don't need `type` since v1 only has web hook */
184
- // type: 'web';
185
- /** Method fixed to `POST` */
186
- url: z.string(),
187
- /** Additional headers that attach to the request */
188
- headers: z.record(z.string()).optional(),
189
- /**
190
- * @deprecated
191
- * Retry times when hook response status >= 500.
192
- * Now the retry times is fixed to 3.
193
- * Keep for backward compatibility.
194
- */
195
- retries: z.number().gte(0).lte(3).optional(),
196
- });
197
- /* === Custom domains and Cloudflare === */
198
- export const domainDnsRecordGuard = z.object({
199
- name: z.string(),
200
- type: z.string(),
201
- value: z.string(),
202
- });
203
- export const domainDnsRecordsGuard = domainDnsRecordGuard.array();
204
- // https://developers.cloudflare.com/api/operations/custom-hostname-for-a-zone-list-custom-hostnames#Responses
205
- // Predefine the "useful" fields
206
- export const cloudflareDataGuard = z
207
- .object({
208
- id: z.string(),
209
- status: z.string(),
210
- ssl: z
211
- .object({
212
- status: z.string(),
213
- validation_errors: z
214
- .object({
215
- message: z.string(),
216
- })
217
- .catchall(z.unknown())
218
- .array()
219
- .optional(),
220
- })
221
- .catchall(z.unknown()),
222
- verification_errors: z.string().array().optional(),
223
- })
224
- .catchall(z.unknown());
225
- export var DomainStatus;
226
- (function (DomainStatus) {
227
- DomainStatus["PendingVerification"] = "PendingVerification";
228
- DomainStatus["PendingSsl"] = "PendingSsl";
229
- DomainStatus["Active"] = "Active";
230
- DomainStatus["Error"] = "Error";
231
- })(DomainStatus || (DomainStatus = {}));
232
- export const domainStatusGuard = z.nativeEnum(DomainStatus);
233
- /* === Sentinel activities === */
234
- /** The action target type of a sentinel activity. */
235
- export var SentinelActivityTargetType;
236
- (function (SentinelActivityTargetType) {
237
- SentinelActivityTargetType["User"] = "User";
238
- SentinelActivityTargetType["App"] = "App";
239
- })(SentinelActivityTargetType || (SentinelActivityTargetType = {}));
240
- export const sentinelActivityTargetTypeGuard = z.nativeEnum(SentinelActivityTargetType);
241
- /** The action type of a sentinel activity. */
242
- export var SentinelActivityAction;
243
- (function (SentinelActivityAction) {
244
- /**
245
- * The subject tries to pass a verification by inputting a password.
246
- *
247
- * For example, a user (subject) who inputted a password (action) to authenticate themselves
248
- * (target).
249
- */
250
- SentinelActivityAction["Password"] = "Password";
251
- /**
252
- * The subject tries to pass a verification by inputting a verification code.
253
- *
254
- * For example, a user (subject) who inputted a verification code (action) to authenticate
255
- * themselves (target).
256
- */
257
- SentinelActivityAction["VerificationCode"] = "VerificationCode";
258
- })(SentinelActivityAction || (SentinelActivityAction = {}));
259
- export const sentinelActivityActionGuard = z.nativeEnum(SentinelActivityAction);
260
- export const sentinelActivityPayloadGuard = z.record(z.unknown());