@logto/schemas 1.10.0 → 1.11.0

package/lib/types/log/interaction.d.ts

@@ -1,4 +1,4 @@
-import { type MfaFactor } from '../../foundations/jsonb-types.js';
+import { type MfaFactor } from '../../foundations/index.js';
 import type { InteractionEvent } from '../interactions.js';
 export type Prefix = 'Interaction';
 export declare const prefix: Prefix;
@@ -14,7 +14,8 @@ export declare enum Field {
 export declare enum Method {
     Password = "Password",
     VerificationCode = "VerificationCode",
-    Social = "Social"
+    Social = "Social",
+    SingleSignOn = "SingleSignOn"
 }
 export declare enum Action {
     /** Create a new entity. (E.g. create an interaction, create a verification code) */
@@ -65,4 +66,4 @@ export declare enum Action {
  *   - When {@link Method} is `VerificationCode`, {@link Action} can be `Create` (generate and send a code) or `Submit` (verify and submit to the identifiers);
  *   - Otherwise, {@link Action} is fixed to `Submit` (other methods can be verified on submitting).
  */
-export type LogKey = `${Prefix}.${Action.Create | Action.End}` | `${Prefix}.${InteractionEvent}.${Action.Update | Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.Profile}.${Action.Update | Action.Create | Action.Delete}` | `${Prefix}.${InteractionEvent}.${Field.Identifier}.${Method.VerificationCode | Method.Social}.${Action.Create | Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.Identifier}.${Exclude<Method, Method.VerificationCode | Method.Social>}.${Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.BindMfa}.${MfaFactor}.${Action.Submit | Action.Create}` | `${Prefix}.${InteractionEvent.SignIn}.${Field.Mfa}.${MfaFactor}.${Action.Submit | Action.Create}`;
+export type LogKey = `${Prefix}.${Action.Create | Action.End}` | `${Prefix}.${InteractionEvent}.${Action.Update | Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.Profile}.${Action.Update | Action.Create | Action.Delete}` | `${Prefix}.${Exclude<InteractionEvent, InteractionEvent.ForgotPassword>}.${Field.Identifier}.${Exclude<Method, Method.Password>}.${Action.Create | Action.Submit}` | `${Prefix}.${Exclude<InteractionEvent, InteractionEvent.ForgotPassword>}.${Field.Identifier}.${Method.Password}.${Action.Submit}` | `${Prefix}.${InteractionEvent.ForgotPassword}.${Field.Identifier}.${Method.VerificationCode}.${Action.Create | Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.BindMfa}.${MfaFactor}.${Action.Submit | Action.Create}` | `${Prefix}.${InteractionEvent.SignIn}.${Field.Mfa}.${MfaFactor}.${Action.Submit | Action.Create}`;

package/lib/types/log/interaction.js

@@ -14,6 +14,7 @@ export var Method;
     Method["Password"] = "Password";
     Method["VerificationCode"] = "VerificationCode";
     Method["Social"] = "Social";
+    Method["SingleSignOn"] = "SingleSignOn";
 })(Method || (Method = {}));
 export var Action;
 (function (Action) {

package/lib/types/logto-config.d.ts

@@ -1,22 +1,80 @@
 import type { ZodType } from 'zod';
 import { z } from 'zod';
+import { TenantTag } from './tenant.js';
+/**
+ * Logto OIDC signing key types, used mainly in REST API routes.
+ */
+export declare enum LogtoOidcConfigKeyType {
+    PrivateKeys = "private-keys",
+    CookieKeys = "cookie-keys"
+}
+/**
+ * Value maps to config key names in `logto_configs` table. Used mainly in DB SQL related scenarios.
+ */
 export declare enum LogtoOidcConfigKey {
     PrivateKeys = "oidc.privateKeys",
     CookieKeys = "oidc.cookieKeys"
 }
+/**
+ * Logto supported signing key algorithms for OIDC private keys that sign JWT tokens.
+ */
+export declare enum SupportedSigningKeyAlgorithm {
+    RSA = "RSA",
+    EC = "EC"
+}
+export declare const oidcConfigKeyGuard: z.ZodObject<{
+    id: z.ZodString;
+    value: z.ZodString;
+    createdAt: z.ZodNumber;
+}, "strip", z.ZodTypeAny, {
+    value: string;
+    id: string;
+    createdAt: number;
+}, {
+    value: string;
+    id: string;
+    createdAt: number;
+}>;
+export type OidcConfigKey = z.infer<typeof oidcConfigKeyGuard>;
 export type LogtoOidcConfigType = {
-    [LogtoOidcConfigKey.PrivateKeys]: string[];
-    [LogtoOidcConfigKey.CookieKeys]: string[];
+    [LogtoOidcConfigKey.PrivateKeys]: OidcConfigKey[];
+    [LogtoOidcConfigKey.CookieKeys]: OidcConfigKey[];
 };
 export declare const logtoOidcConfigGuard: Readonly<{
     [key in LogtoOidcConfigKey]: ZodType<LogtoOidcConfigType[key]>;
 }>;
 export declare const adminConsoleDataGuard: z.ZodObject<{
     signInExperienceCustomized: z.ZodBoolean;
+    organizationCreated: z.ZodBoolean;
+    developmentTenantMigrationNotification: z.ZodOptional<z.ZodObject<{
+        isPaidTenant: z.ZodBoolean;
+        tag: z.ZodNativeEnum<typeof TenantTag>;
+        readAt: z.ZodOptional<z.ZodNumber>;
+    }, "strip", z.ZodTypeAny, {
+        isPaidTenant: boolean;
+        tag: TenantTag;
+        readAt?: number | undefined;
+    }, {
+        isPaidTenant: boolean;
+        tag: TenantTag;
+        readAt?: number | undefined;
+    }>>;
 }, "strip", z.ZodTypeAny, {
     signInExperienceCustomized: boolean;
+    organizationCreated: boolean;
+    developmentTenantMigrationNotification?: {
+        isPaidTenant: boolean;
+        tag: TenantTag;
+        readAt?: number | undefined;
+    } | undefined;
 }, {
     signInExperienceCustomized: boolean;
+    organizationCreated: boolean;
+    developmentTenantMigrationNotification?: {
+        isPaidTenant: boolean;
+        tag: TenantTag;
+        readAt?: number | undefined;
+    } | undefined;
 }>;
 export type AdminConsoleData = z.infer<typeof adminConsoleDataGuard>;
 export declare const cloudConnectionDataGuard: z.ZodObject<{
@@ -54,3 +112,17 @@ export type LogtoConfigType = LogtoOidcConfigType | LogtoTenantConfigType;
 export type LogtoConfigGuard = typeof logtoOidcConfigGuard & typeof logtoTenantConfigGuard;
 export declare const logtoConfigKeys: readonly LogtoConfigKey[];
 export declare const logtoConfigGuards: LogtoConfigGuard;
+export declare const oidcConfigKeysResponseGuard: z.ZodObject<{
+    id: z.ZodString;
+    createdAt: z.ZodNumber;
+    signingKeyAlgorithm: z.ZodOptional<z.ZodNativeEnum<typeof SupportedSigningKeyAlgorithm>>;
+}, "strip", z.ZodTypeAny, {
+    id: string;
+    createdAt: number;
+    signingKeyAlgorithm?: SupportedSigningKeyAlgorithm | undefined;
+}, {
+    id: string;
+    createdAt: number;
+    signingKeyAlgorithm?: SupportedSigningKeyAlgorithm | undefined;
+}>;
+export type OidcConfigKeysResponse = z.infer<typeof oidcConfigKeysResponseGuard>;

package/lib/types/logto-config.js

@@ -1,17 +1,49 @@
 import { z } from 'zod';
-/* --- Logto OIDC configs --- */
+import { TenantTag } from './tenant.js';
+/**
+ * Logto OIDC signing key types, used mainly in REST API routes.
+ */
+export var LogtoOidcConfigKeyType;
+(function (LogtoOidcConfigKeyType) {
+    LogtoOidcConfigKeyType["PrivateKeys"] = "private-keys";
+    LogtoOidcConfigKeyType["CookieKeys"] = "cookie-keys";
+})(LogtoOidcConfigKeyType || (LogtoOidcConfigKeyType = {}));
+/**
+ * Value maps to config key names in `logto_configs` table. Used mainly in DB SQL related scenarios.
+ */
 export var LogtoOidcConfigKey;
 (function (LogtoOidcConfigKey) {
     LogtoOidcConfigKey["PrivateKeys"] = "oidc.privateKeys";
     LogtoOidcConfigKey["CookieKeys"] = "oidc.cookieKeys";
 })(LogtoOidcConfigKey || (LogtoOidcConfigKey = {}));
+/**
+ * Logto supported signing key algorithms for OIDC private keys that sign JWT tokens.
+ */
+export var SupportedSigningKeyAlgorithm;
+(function (SupportedSigningKeyAlgorithm) {
+    SupportedSigningKeyAlgorithm["RSA"] = "RSA";
+    SupportedSigningKeyAlgorithm["EC"] = "EC";
+})(SupportedSigningKeyAlgorithm || (SupportedSigningKeyAlgorithm = {}));
+export const oidcConfigKeyGuard = z.object({
+    id: z.string(),
+    value: z.string(),
+    createdAt: z.number(),
+});
 export const logtoOidcConfigGuard = Object.freeze({
-    [LogtoOidcConfigKey.PrivateKeys]: z.string().array(),
-    [LogtoOidcConfigKey.CookieKeys]: z.string().array(),
+    [LogtoOidcConfigKey.PrivateKeys]: oidcConfigKeyGuard.array(),
+    [LogtoOidcConfigKey.CookieKeys]: oidcConfigKeyGuard.array(),
 });
 /* --- Logto tenant configs --- */
 export const adminConsoleDataGuard = z.object({
     signInExperienceCustomized: z.boolean(),
+    organizationCreated: z.boolean(),
+    developmentTenantMigrationNotification: z
+        .object({
+        isPaidTenant: z.boolean(),
+        tag: z.nativeEnum(TenantTag),
+        readAt: z.number().optional(),
+    })
+        .optional(),
 });
 /* --- Logto tenant cloud connection config --- */
 export const cloudConnectionDataGuard = z.object({
@@ -39,3 +71,6 @@ export const logtoConfigGuards = Object.freeze({
     ...logtoOidcConfigGuard,
     ...logtoTenantConfigGuard,
 });
+export const oidcConfigKeysResponseGuard = oidcConfigKeyGuard
+    .omit({ value: true })
+    .merge(z.object({ signingKeyAlgorithm: z.nativeEnum(SupportedSigningKeyAlgorithm).optional() }));

package/lib/types/mfa.d.ts

@@ -0,0 +1,211 @@
+import { z } from 'zod';
+export declare const webAuthnRegistrationOptionsGuard: z.ZodObject<{
+    rp: z.ZodObject<{
+        name: z.ZodString;
+        id: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        name: string;
+        id?: string | undefined;
+    }, {
+        name: string;
+        id?: string | undefined;
+    }>;
+    user: z.ZodObject<{
+        id: z.ZodString;
+        name: z.ZodString;
+        displayName: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        name: string;
+        id: string;
+        displayName: string;
+    }, {
+        name: string;
+        id: string;
+        displayName: string;
+    }>;
+    challenge: z.ZodString;
+    pubKeyCredParams: z.ZodArray<z.ZodObject<{
+        type: z.ZodLiteral<"public-key">;
+        alg: z.ZodNumber;
+    }, "strip", z.ZodTypeAny, {
+        type: "public-key";
+        alg: number;
+    }, {
+        type: "public-key";
+        alg: number;
+    }>, "many">;
+    timeout: z.ZodOptional<z.ZodNumber>;
+    excludeCredentials: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        type: z.ZodLiteral<"public-key">;
+        id: z.ZodString;
+        transports: z.ZodOptional<z.ZodArray<z.ZodEnum<["usb", "nfc", "ble", "internal", "cable", "hybrid", "smart-card"]>, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        type: "public-key";
+        id: string;
+        transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    }, {
+        type: "public-key";
+        id: string;
+        transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    }>, "many">>;
+    authenticatorSelection: z.ZodOptional<z.ZodObject<{
+        authenticatorAttachment: z.ZodOptional<z.ZodEnum<["platform", "cross-platform"]>>;
+        requireResidentKey: z.ZodOptional<z.ZodBoolean>;
+        residentKey: z.ZodOptional<z.ZodEnum<["discouraged", "preferred", "required"]>>;
+        userVerification: z.ZodOptional<z.ZodEnum<["required", "preferred", "discouraged"]>>;
+    }, "strip", z.ZodTypeAny, {
+        authenticatorAttachment?: "platform" | "cross-platform" | undefined;
+        requireResidentKey?: boolean | undefined;
+        residentKey?: "discouraged" | "preferred" | "required" | undefined;
+        userVerification?: "discouraged" | "preferred" | "required" | undefined;
+    }, {
+        authenticatorAttachment?: "platform" | "cross-platform" | undefined;
+        requireResidentKey?: boolean | undefined;
+        residentKey?: "discouraged" | "preferred" | "required" | undefined;
+        userVerification?: "discouraged" | "preferred" | "required" | undefined;
+    }>>;
+    attestation: z.ZodOptional<z.ZodEnum<["none", "indirect", "direct", "enterprise"]>>;
+    extensions: z.ZodOptional<z.ZodObject<{
+        appid: z.ZodOptional<z.ZodString>;
+        credProps: z.ZodOptional<z.ZodBoolean>;
+        hmacCreateSecret: z.ZodOptional<z.ZodBoolean>;
+    }, "strip", z.ZodTypeAny, {
+        appid?: string | undefined;
+        credProps?: boolean | undefined;
+        hmacCreateSecret?: boolean | undefined;
+    }, {
+        appid?: string | undefined;
+        credProps?: boolean | undefined;
+        hmacCreateSecret?: boolean | undefined;
+    }>>;
+}, "strip", z.ZodTypeAny, {
+    user: {
+        name: string;
+        id: string;
+        displayName: string;
+    };
+    challenge: string;
+    rp: {
+        name: string;
+        id?: string | undefined;
+    };
+    pubKeyCredParams: {
+        type: "public-key";
+        alg: number;
+    }[];
+    timeout?: number | undefined;
+    excludeCredentials?: {
+        type: "public-key";
+        id: string;
+        transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    }[] | undefined;
+    authenticatorSelection?: {
+        authenticatorAttachment?: "platform" | "cross-platform" | undefined;
+        requireResidentKey?: boolean | undefined;
+        residentKey?: "discouraged" | "preferred" | "required" | undefined;
+        userVerification?: "discouraged" | "preferred" | "required" | undefined;
+    } | undefined;
+    attestation?: "none" | "indirect" | "direct" | "enterprise" | undefined;
+    extensions?: {
+        appid?: string | undefined;
+        credProps?: boolean | undefined;
+        hmacCreateSecret?: boolean | undefined;
+    } | undefined;
+}, {
+    user: {
+        name: string;
+        id: string;
+        displayName: string;
+    };
+    challenge: string;
+    rp: {
+        name: string;
+        id?: string | undefined;
+    };
+    pubKeyCredParams: {
+        type: "public-key";
+        alg: number;
+    }[];
+    timeout?: number | undefined;
+    excludeCredentials?: {
+        type: "public-key";
+        id: string;
+        transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    }[] | undefined;
+    authenticatorSelection?: {
+        authenticatorAttachment?: "platform" | "cross-platform" | undefined;
+        requireResidentKey?: boolean | undefined;
+        residentKey?: "discouraged" | "preferred" | "required" | undefined;
+        userVerification?: "discouraged" | "preferred" | "required" | undefined;
+    } | undefined;
+    attestation?: "none" | "indirect" | "direct" | "enterprise" | undefined;
+    extensions?: {
+        appid?: string | undefined;
+        credProps?: boolean | undefined;
+        hmacCreateSecret?: boolean | undefined;
+    } | undefined;
+}>;
+export type WebAuthnRegistrationOptions = z.infer<typeof webAuthnRegistrationOptionsGuard>;
+export declare const webAuthnAuthenticationOptionsGuard: z.ZodObject<{
+    challenge: z.ZodString;
+    timeout: z.ZodOptional<z.ZodNumber>;
+    rpId: z.ZodOptional<z.ZodString>;
+    allowCredentials: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        type: z.ZodLiteral<"public-key">;
+        id: z.ZodString;
+        transports: z.ZodOptional<z.ZodArray<z.ZodEnum<["usb", "nfc", "ble", "internal", "cable", "hybrid", "smart-card"]>, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        type: "public-key";
+        id: string;
+        transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    }, {
+        type: "public-key";
+        id: string;
+        transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    }>, "many">>;
+    userVerification: z.ZodOptional<z.ZodEnum<["required", "preferred", "discouraged"]>>;
+    extensions: z.ZodOptional<z.ZodObject<{
+        appid: z.ZodOptional<z.ZodString>;
+        credProps: z.ZodOptional<z.ZodBoolean>;
+        hmacCreateSecret: z.ZodOptional<z.ZodBoolean>;
+    }, "strip", z.ZodTypeAny, {
+        appid?: string | undefined;
+        credProps?: boolean | undefined;
+        hmacCreateSecret?: boolean | undefined;
+    }, {
+        appid?: string | undefined;
+        credProps?: boolean | undefined;
+        hmacCreateSecret?: boolean | undefined;
+    }>>;
+}, "strip", z.ZodTypeAny, {
+    challenge: string;
+    timeout?: number | undefined;
+    rpId?: string | undefined;
+    allowCredentials?: {
+        type: "public-key";
+        id: string;
+        transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    }[] | undefined;
+    userVerification?: "discouraged" | "preferred" | "required" | undefined;
+    extensions?: {
+        appid?: string | undefined;
+        credProps?: boolean | undefined;
+        hmacCreateSecret?: boolean | undefined;
+    } | undefined;
+}, {
+    challenge: string;
+    timeout?: number | undefined;
+    rpId?: string | undefined;
+    allowCredentials?: {
+        type: "public-key";
+        id: string;
+        transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    }[] | undefined;
+    userVerification?: "discouraged" | "preferred" | "required" | undefined;
+    extensions?: {
+        appid?: string | undefined;
+        credProps?: boolean | undefined;
+        hmacCreateSecret?: boolean | undefined;
+    } | undefined;
+}>;
+export type WebAuthnAuthenticationOptions = z.infer<typeof webAuthnAuthenticationOptionsGuard>;

package/lib/types/mfa.js

@@ -0,0 +1,62 @@
+import { z } from 'zod';
+import { webAuthnTransportGuard } from '../foundations/jsonb-types/index.js';
+export const webAuthnRegistrationOptionsGuard = z.object({
+    rp: z.object({
+        name: z.string(),
+        id: z.string().optional(),
+    }),
+    user: z.object({
+        id: z.string(),
+        name: z.string(),
+        displayName: z.string(),
+    }),
+    challenge: z.string(),
+    pubKeyCredParams: z.array(z.object({
+        type: z.literal('public-key'),
+        alg: z.number(),
+    })),
+    timeout: z.number().optional(),
+    excludeCredentials: z
+        .array(z.object({
+        type: z.literal('public-key'),
+        id: z.string(),
+        transports: webAuthnTransportGuard.array().optional(),
+    }))
+        .optional(),
+    authenticatorSelection: z
+        .object({
+        authenticatorAttachment: z.enum(['platform', 'cross-platform']).optional(),
+        requireResidentKey: z.boolean().optional(),
+        residentKey: z.enum(['discouraged', 'preferred', 'required']).optional(),
+        userVerification: z.enum(['required', 'preferred', 'discouraged']).optional(),
+    })
+        .optional(),
+    attestation: z.enum(['none', 'indirect', 'direct', 'enterprise']).optional(),
+    extensions: z
+        .object({
+        appid: z.string().optional(),
+        credProps: z.boolean().optional(),
+        hmacCreateSecret: z.boolean().optional(),
+    })
+        .optional(),
+});
+export const webAuthnAuthenticationOptionsGuard = z.object({
+    challenge: z.string(),
+    timeout: z.number().optional(),
+    rpId: z.string().optional(),
+    allowCredentials: z
+        .array(z.object({
+        type: z.literal('public-key'),
+        id: z.string(),
+        transports: webAuthnTransportGuard.array().optional(),
+    }))
+        .optional(),
+    userVerification: z.enum(['required', 'preferred', 'discouraged']).optional(),
+    extensions: z
+        .object({
+        appid: z.string().optional(),
+        credProps: z.boolean().optional(),
+        hmacCreateSecret: z.boolean().optional(),
+    })
+        .optional(),
+});

package/lib/types/organization.d.ts

@@ -0,0 +1,48 @@
+import { z } from 'zod';
+import { type OrganizationRole, type Organization } from '../db-entries/index.js';
+import { type UserInfo, type FeaturedUser } from './user.js';
+/**
+ * The simplified organization scope entity that is returned for some endpoints.
+ */
+export type OrganizationScopeEntity = {
+    id: string;
+    name: string;
+};
+export type OrganizationRoleWithScopes = OrganizationRole & {
+    scopes: OrganizationScopeEntity[];
+};
+export declare const organizationRoleWithScopesGuard: z.ZodType<OrganizationRoleWithScopes>;
+/**
+ * The simplified organization role entity that is returned in the `roles` field
+ * of the organization.
+ */
+export type OrganizationRoleEntity = {
+    id: string;
+    name: string;
+};
+/**
+ * The organization entity with the `organizationRoles` field that contains the
+ * roles of the current member of the organization.
+ */
+export type OrganizationWithRoles = Organization & {
+    /** The roles of the current member of the organization. */
+    organizationRoles: OrganizationRoleEntity[];
+};
+export declare const organizationWithOrganizationRolesGuard: z.ZodType<OrganizationWithRoles>;
+/**
+ * The user entity with the `organizationRoles` field that contains the roles of
+ * the user in a specific organization.
+ */
+export type UserWithOrganizationRoles = UserInfo & {
+    /** The roles of the user in a specific organization. */
+    organizationRoles: OrganizationRoleEntity[];
+};
+export declare const userWithOrganizationRolesGuard: z.ZodType<UserWithOrganizationRoles>;
+/**
+ * The organization entity with optional `usersCount` and `featuredUsers` fields.
+ * They are useful for displaying the organization list in the frontend.
+ */
+export type OrganizationWithFeatured = Organization & {
+    usersCount?: number;
+    featuredUsers?: FeaturedUser[];
+};

package/lib/types/organization.js

@@ -0,0 +1,21 @@
+import { z } from 'zod';
+import { OrganizationRoles, Organizations, } from '../db-entries/index.js';
+import { userInfoGuard } from './user.js';
+export const organizationRoleWithScopesGuard = OrganizationRoles.guard.extend({
+    scopes: z
+        .object({
+        id: z.string(),
+        name: z.string(),
+    })
+        .array(),
+});
+const organizationRoleEntityGuard = z.object({
+    id: z.string(),
+    name: z.string(),
+});
+export const organizationWithOrganizationRolesGuard = Organizations.guard.extend({
+    organizationRoles: organizationRoleEntityGuard.array(),
+});
+export const userWithOrganizationRolesGuard = userInfoGuard.extend({
+    organizationRoles: organizationRoleEntityGuard.array(),
+});

package/lib/types/role.d.ts

@@ -1,7 +1,9 @@
-import type { Application, Role, User } from '../db-entries/index.js';
+import type { Role } from '../db-entries/index.js';
+import { type FeaturedApplication } from './application.js';
+import { type FeaturedUser } from './user.js';
 export type RoleResponse = Role & {
     usersCount: number;
-    featuredUsers: Array<Pick<User, 'avatar' | 'id' | 'name' | 'username' | 'primaryEmail'>>;
+    featuredUsers: FeaturedUser[];
     applicationsCount: number;
-    featuredApplications: Array<Pick<Application, 'id' | 'name'>>;
+    featuredApplications: FeaturedApplication[];
 };

package/lib/types/scope.d.ts

@@ -1,42 +1,27 @@
 import { type z } from 'zod';
-export declare const scopeResponseGuard: z.ZodObject<z.extendShape<{
-    tenantId: z.ZodType<string, z.ZodTypeDef, string>;
-    id: z.ZodType<string, z.ZodTypeDef, string>;
-    resourceId: z.ZodType<string, z.ZodTypeDef, string>;
+export declare const scopeResponseGuard: z.ZodObject<{
     name: z.ZodType<string, z.ZodTypeDef, string>;
-    description: z.ZodType<string, z.ZodTypeDef, string>;
+    id: z.ZodType<string, z.ZodTypeDef, string>;
+    tenantId: z.ZodType<string, z.ZodTypeDef, string>;
     createdAt: z.ZodType<number, z.ZodTypeDef, number>;
-}, {
+    description: z.ZodType<string, z.ZodTypeDef, string>;
+    resourceId: z.ZodType<string, z.ZodTypeDef, string>;
     resource: import("../index.js").Guard<import("../db-entries/resource.js").Resource>;
-}>, "strip", z.ZodTypeAny, {
-    tenantId: string;
+}, "strip", z.ZodTypeAny, {
+    name: string;
     id: string;
+    tenantId: string;
     createdAt: number;
-    name: string;
     description: string;
-    resource: {
-        tenantId: string;
-        id: string;
-        name: string;
-        indicator: string;
-        isDefault: boolean;
-        accessTokenTtl: number;
-    };
+    resource: import("../db-entries/resource.js").Resource;
     resourceId: string;
 }, {
-    tenantId: string;
+    name: string;
     id: string;
+    tenantId: string;
     createdAt: number;
-    name: string;
     description: string;
-    resource: {
-        tenantId: string;
-        id: string;
-        name: string;
-        indicator: string;
-        isDefault: boolean;
-        accessTokenTtl: number;
-    };
+    resource: import("../db-entries/resource.js").Resource;
     resourceId: string;
 }>;
 export type ScopeResponse = z.infer<typeof scopeResponseGuard>;