npm - @logto/schemas - Versions diffs - 1.11.0 → 1.13.0 - Mend

@logto/schemas 1.11.0 → 1.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (158) hide show

package/lib/foundations/jsonb-types/custom-domain.js CHANGED Viewed

@@ -7,25 +7,20 @@ export const domainDnsRecordGuard = z.object({
 export const domainDnsRecordsGuard = domainDnsRecordGuard.array();
 // https://developers.cloudflare.com/api/operations/custom-hostname-for-a-zone-list-custom-hostnames#Responses
 // Predefine the "useful" fields
-export const cloudflareDataGuard = z
-    .object({
+export const cloudflareDataGuard = z.object({
     id: z.string(),
     status: z.string(),
-    ssl: z
-        .object({
+    ssl: z.object({
         status: z.string(),
         validation_errors: z
             .object({
             message: z.string(),
         })
-            .catchall(z.unknown())
             .array()
             .optional(),
-    })
-        .catchall(z.unknown()),
+    }),
     verification_errors: z.string().array().optional(),
-})
-    .catchall(z.unknown());
+});
 export var DomainStatus;
 (function (DomainStatus) {
     DomainStatus["PendingVerification"] = "PendingVerification";

package/lib/foundations/jsonb-types/index.d.ts CHANGED Viewed

@@ -9,6 +9,7 @@ export * from './sign-in-experience.js';
 export * from './sentinel.js';
 export * from './users.js';
 export * from './sso-connector.js';
+export * from './applications.js';
 export { configurableConnectorMetadataGuard, type ConfigurableConnectorMetadata, } from '@logto/connector-kit';
 export type { Json, JsonObject } from '@withtyped/server';
 export declare const jsonGuard: z.ZodType<Json>;

package/lib/foundations/jsonb-types/index.js CHANGED Viewed

@@ -8,6 +8,7 @@ export * from './sign-in-experience.js';
 export * from './sentinel.js';
 export * from './users.js';
 export * from './sso-connector.js';
+export * from './applications.js';
 export { configurableConnectorMetadataGuard, } from '@logto/connector-kit';
 /* === Commonly Used === */
 // Copied from https://github.com/colinhacks/zod#json-type

package/lib/foundations/jsonb-types/sso-connector.d.ts CHANGED Viewed

@@ -2,12 +2,15 @@ import { z } from 'zod';
 export declare const ssoDomainsGuard: z.ZodArray<z.ZodString, "many">;
 export type SsoDomains = z.infer<typeof ssoDomainsGuard>;
 export declare const ssoBrandingGuard: z.ZodObject<{
+    displayName: z.ZodOptional<z.ZodString>;
     logo: z.ZodOptional<z.ZodString>;
     darkLogo: z.ZodOptional<z.ZodString>;
 }, "strip", z.ZodTypeAny, {
+    displayName?: string | undefined;
     logo?: string | undefined;
     darkLogo?: string | undefined;
 }, {
+    displayName?: string | undefined;
     logo?: string | undefined;
     darkLogo?: string | undefined;
 }>;

package/lib/foundations/jsonb-types/sso-connector.js CHANGED Viewed

@@ -1,6 +1,7 @@
 import { z } from 'zod';
 export const ssoDomainsGuard = z.array(z.string());
 export const ssoBrandingGuard = z.object({
+    displayName: z.string().optional(),
     logo: z.string().optional(),
     darkLogo: z.string().optional(),
 });

package/lib/models/tenants.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import type { InferModelType } from '@withtyped/server/model';
 import { z } from 'zod';
 import { TenantTag } from '../types/tenant.js';
-export declare const Tenants: import("@withtyped/server/model").default<"tenants", {
+export declare const Tenants: import("@withtyped/server/lib/model/index.js").default<"tenants", {
     id: string;
     dbUser: string | null;
     dbUserPassword: string | null;

package/lib/seeds/application.d.ts CHANGED Viewed

@@ -9,5 +9,5 @@ export declare const demoAppApplicationId = "demo-app";
 export declare const buildDemoAppDataForTenant: (tenantId: string) => Application;
 export declare const createDefaultAdminConsoleApplication: () => Readonly<CreateApplication>;
 export declare const createTenantMachineToMachineApplication: (tenantId: string) => Readonly<CreateApplication>;
-/** Create role for "tenant application (M2M)" in admin tenant */
+/** Create an entry to assign a role to an application in the admin tenant. */
 export declare const createAdminTenantApplicationRole: (applicationId: string, roleId: string) => Readonly<CreateApplicationsRole>;

package/lib/seeds/application.js CHANGED Viewed

@@ -17,6 +17,8 @@ export const buildDemoAppDataForTenant = (tenantId) => ({
     type: ApplicationType.SPA,
     oidcClientMetadata: { redirectUris: [], postLogoutRedirectUris: [] },
     customClientMetadata: {},
+    protectedAppMetadata: null,
+    isThirdParty: false,
     createdAt: 0,
 });
 export const createDefaultAdminConsoleApplication = () => Object.freeze({
@@ -43,7 +45,7 @@ export const createTenantMachineToMachineApplication = (tenantId) => Object.free
         tenantId,
     },
 });
-/** Create role for "tenant application (M2M)" in admin tenant */
+/** Create an entry to assign a role to an application in the admin tenant. */
 export const createAdminTenantApplicationRole = (applicationId, roleId) => Object.freeze({
     id: generateStandardId(),
     tenantId: adminTenantId,

package/lib/seeds/cloud-api.d.ts CHANGED Viewed

@@ -5,8 +5,6 @@ export declare const cloudApiIndicator = "https://cloud.logto.io/api";
 export declare enum CloudScope {
     /** The user can create a user tenant. */
     CreateTenant = "create:tenant",
-    /** The user can perform arbitrary operations on any tenant. */
-    ManageTenant = "manage:tenant",
     /** The user can update or delete its own tenants. */
     ManageTenantSelf = "manage:tenant:self",
     SendSms = "send:sms",

package/lib/seeds/cloud-api.js CHANGED Viewed

@@ -8,8 +8,6 @@ export var CloudScope;
 (function (CloudScope) {
     /** The user can create a user tenant. */
     CloudScope["CreateTenant"] = "create:tenant";
-    /** The user can perform arbitrary operations on any tenant. */
-    CloudScope["ManageTenant"] = "manage:tenant";
     /** The user can update or delete its own tenants. */
     CloudScope["ManageTenantSelf"] = "manage:tenant:self";
     CloudScope["SendSms"] = "send:sms";
@@ -45,7 +43,6 @@ export const createCloudApi = () => {
                 name: AdminTenantRole.User,
             },
         },
-        buildScope(CloudScope.ManageTenant, 'Allow managing existing tenants, including create without limitation, update, and delete.'),
         buildScope(CloudScope.SendEmail, 'Allow sending emails. This scope is only available to M2M application.'),
         buildScope(CloudScope.SendSms, 'Allow sending SMS. This scope is only available to M2M application.'),
         buildScope(CloudScope.CreateAffiliate, 'Allow creating new affiliates and logs.'),

package/lib/seeds/management-api.d.ts CHANGED Viewed

@@ -1,5 +1,9 @@
 import { RoleType, type CreateResource, type CreateRole, type CreateScope } from '../db-entries/index.js';
-import { PredefinedScope, InternalRole } from '../types/index.js';
+import { PredefinedScope, InternalRole, AdminTenantRole } from '../types/index.js';
+/**
+ * The Management API data for a tenant. Usually used for creating a new tenant in the admin
+ * tenant.
+ */
 export type AdminData = {
     resource: CreateResource;
     scopes: CreateScope[];
@@ -32,6 +36,10 @@ export declare const defaultManagementApi: Readonly<{
         /** @deprecated You should not rely on this constant. Change to something else. */
         resourceId: string;
     }[];
+    /**
+     * An internal user role for Management API of the `default` tenant.
+     * @deprecated This role will be removed soon.
+     */
     role: {
         tenantId: string;
         /** @deprecated You should not rely on this constant. Change to something else. */
@@ -43,9 +51,72 @@ export declare const defaultManagementApi: Readonly<{
 }>;
 export declare function getManagementApiResourceIndicator<TenantId extends string>(tenantId: TenantId): `https://${TenantId}.logto.app/api`;
 export declare function getManagementApiResourceIndicator<TenantId extends string, Path extends string>(tenantId: TenantId, path: Path): `https://${TenantId}.logto.app/${Path}`;
-export declare const getManagementApiAdminName: <TenantId extends string>(tenantId: TenantId) => `${TenantId}:admin`;
+/**
+ * The fixed Management API user role for `default` tenant in the admin tenant. It is used for
+ * OSS only.
+ */
+export declare const defaultManagementApiAdminName: "default:admin";
 /** Create a set of admin data for Management API of the given tenant ID. */
-export declare const createAdminData: (tenantId: string) => AdminData;
-/** Create a set of admin data for Management API of the given tenant ID for `admin` tenant. */
-export declare const createAdminDataInAdminTenant: (tenantId: string) => AdminData;
-export declare const createMeApiInAdminTenant: () => AdminData;
+export declare const createAdminData: (tenantId: string) => Readonly<{
+    resource: {
+        tenantId: string;
+        id: string;
+        indicator: `https://${string}.logto.app/api`;
+        name: string;
+    };
+    scopes: {
+        tenantId: string;
+        id: string;
+        name: PredefinedScope;
+        description: string;
+        resourceId: string;
+    }[];
+    /** @deprecated This role will be removed soon. */
+    role: {
+        tenantId: string;
+        id: string;
+        name: InternalRole;
+        description: string;
+        type: RoleType.MachineToMachine;
+    };
+}>;
+/** Create a set of admin data for Management API of the given tenant ID for the admin tenant. */
+export declare const createAdminDataInAdminTenant: (tenantId: string) => Readonly<{
+    resource: {
+        tenantId: string;
+        id: string;
+        indicator: `https://${string}.logto.app/api`;
+        name: string;
+    };
+    scopes: {
+        tenantId: string;
+        id: string;
+        name: PredefinedScope;
+        description: string;
+        resourceId: string;
+    }[];
+    /** The machine-to-machine role for the Management API proxy of the given tenant ID. */
+    role: Readonly<import("../db-entries/role.js").Role>;
+}>;
+export declare const createMeApiInAdminTenant: () => Readonly<{
+    resource: {
+        tenantId: string;
+        id: string;
+        indicator: "https://admin.logto.app/me";
+        name: string;
+    };
+    scopes: {
+        tenantId: string;
+        id: string;
+        name: PredefinedScope;
+        description: string;
+        resourceId: string;
+    }[];
+    role: {
+        tenantId: string;
+        id: string;
+        name: AdminTenantRole;
+        description: string;
+        type: RoleType.User;
+    };
+}>;

package/lib/seeds/management-api.js CHANGED Viewed

@@ -1,6 +1,6 @@
 import { generateStandardId } from '@logto/shared/universal';
 import { RoleType, } from '../db-entries/index.js';
-import { PredefinedScope, InternalRole, AdminTenantRole } from '../types/index.js';
+import { PredefinedScope, InternalRole, AdminTenantRole, getMapiProxyRole, } from '../types/index.js';
 import { adminTenantId, defaultTenantId } from './tenant.js';
 // Consider remove the dependency of IDs
 const defaultResourceId = 'management-api';
@@ -31,6 +31,10 @@ export const defaultManagementApi = Object.freeze({
             resourceId: defaultResourceId,
         },
     ],
+    /**
+     * An internal user role for Management API of the `default` tenant.
+     * @deprecated This role will be removed soon.
+     */
     role: {
         tenantId: defaultTenantId,
         /** @deprecated You should not rely on this constant. Change to something else. */
@@ -43,7 +47,11 @@ export const defaultManagementApi = Object.freeze({
 export function getManagementApiResourceIndicator(tenantId, path = 'api') {
     return `https://${tenantId}.logto.app/${path}`;
 }
-export const getManagementApiAdminName = (tenantId) => `${tenantId}:${AdminTenantRole.Admin}`;
+/**
+ * The fixed Management API user role for `default` tenant in the admin tenant. It is used for
+ * OSS only.
+ */
+export const defaultManagementApiAdminName = `${defaultTenantId}:admin`;
 /** Create a set of admin data for Management API of the given tenant ID. */
 export const createAdminData = (tenantId) => {
     const resourceId = generateStandardId();
@@ -63,6 +71,7 @@ export const createAdminData = (tenantId) => {
                 resourceId,
             },
         ],
+        /** @deprecated This role will be removed soon. */
         role: {
             tenantId,
             id: generateStandardId(),
@@ -72,7 +81,7 @@ export const createAdminData = (tenantId) => {
         },
     });
 };
-/** Create a set of admin data for Management API of the given tenant ID for `admin` tenant. */
+/** Create a set of admin data for Management API of the given tenant ID for the admin tenant. */
 export const createAdminDataInAdminTenant = (tenantId) => {
     const resourceId = generateStandardId();
     return Object.freeze({
@@ -91,13 +100,8 @@ export const createAdminDataInAdminTenant = (tenantId) => {
                 resourceId,
             },
         ],
-        role: {
-            tenantId: adminTenantId,
-            id: generateStandardId(),
-            name: getManagementApiAdminName(tenantId),
-            description: `Admin tenant admin role for Logto tenant ${tenantId}.`,
-            type: RoleType.User,
-        },
+        /** The machine-to-machine role for the Management API proxy of the given tenant ID. */
+        role: getMapiProxyRole(tenantId),
     });
 };
 export const createMeApiInAdminTenant = () => {