@logto/schemas 1.17.0 → 1.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (282) hide show
  1. package/alterations/1.18.0-1717567857-social-sign-in-linking.ts +18 -0
  2. package/alterations/1.18.0-1717597875-add-organization-email-domains-table.ts +31 -0
  3. package/alterations/1.18.0-1717818597-organization-mfa-requirement.ts +18 -0
  4. package/alterations/1.18.0-1718340884-rename-org-email-domains-and-add-jit-roles-table.ts +56 -0
  5. package/alterations/1.18.0-1718594164-add-agree-to-terms-policy.ts +40 -0
  6. package/alterations/1.18.0-1718785576-organization-application-relations.ts +37 -0
  7. package/alterations/1.18.0-1718786576-organization-jit-sso-connectors.ts +31 -0
  8. package/alterations/1.18.0-1718807616-organization-role-application-relations.ts +34 -0
  9. package/alterations/1.18.0-1718865814-add-subject-tokens.ts +36 -0
  10. package/alterations/1.18.0-1719014832-organization-role-types.ts +35 -0
  11. package/alterations/1.18.0-1719221205-fix-functions.ts +25 -0
  12. package/alterations/1.18.0-1719312694-custom-ui-assets.ts +18 -0
  13. package/alterations/1.19.0-1720253939-add-organization-branding.ts +18 -0
  14. package/alterations/1.19.0-1720345784-add-color-to-app-sie.ts +18 -0
  15. package/alterations/1.19.0-1720505152-update-custom-ui-assets.ts +20 -0
  16. package/alterations/1.19.0-1721483240-multiple-app-secrets.ts +77 -0
  17. package/alterations/1.19.0-1721645392-add-application-custom-data-column.ts +18 -0
  18. package/alterations/1.19.0-1722926389-argon2d-argon2id.ts +35 -0
  19. package/alterations-js/1.18.0-1717567857-social-sign-in-linking.js +14 -0
  20. package/alterations-js/1.18.0-1717597875-add-organization-email-domains-table.js +26 -0
  21. package/alterations-js/1.18.0-1717818597-organization-mfa-requirement.js +14 -0
  22. package/alterations-js/1.18.0-1718340884-rename-org-email-domains-and-add-jit-roles-table.js +51 -0
  23. package/alterations-js/1.18.0-1718594164-add-agree-to-terms-policy.js +34 -0
  24. package/alterations-js/1.18.0-1718785576-organization-application-relations.js +32 -0
  25. package/alterations-js/1.18.0-1718786576-organization-jit-sso-connectors.js +26 -0
  26. package/alterations-js/1.18.0-1718807616-organization-role-application-relations.js +29 -0
  27. package/alterations-js/1.18.0-1718865814-add-subject-tokens.js +31 -0
  28. package/alterations-js/1.18.0-1719014832-organization-role-types.js +31 -0
  29. package/alterations-js/1.18.0-1719221205-fix-functions.js +20 -0
  30. package/alterations-js/1.18.0-1719312694-custom-ui-assets.js +14 -0
  31. package/alterations-js/1.19.0-1720253939-add-organization-branding.js +14 -0
  32. package/alterations-js/1.19.0-1720345784-add-color-to-app-sie.js +14 -0
  33. package/alterations-js/1.19.0-1720505152-update-custom-ui-assets.js +16 -0
  34. package/alterations-js/1.19.0-1721483240-multiple-app-secrets.js +72 -0
  35. package/alterations-js/1.19.0-1721645392-add-application-custom-data-column.js +14 -0
  36. package/alterations-js/1.19.0-1722926389-argon2d-argon2id.js +30 -0
  37. package/lib/consts/oidc.d.ts +15 -2
  38. package/lib/consts/oidc.js +6 -0
  39. package/lib/consts/subscriptions.d.ts +9 -6
  40. package/lib/consts/subscriptions.js +8 -5
  41. package/lib/consts/system.d.ts +2 -0
  42. package/lib/consts/system.js +2 -0
  43. package/lib/db-entries/application-secret.d.ts +28 -0
  44. package/lib/db-entries/application-secret.js +41 -0
  45. package/lib/db-entries/application-sign-in-experience.d.ts +4 -2
  46. package/lib/db-entries/application-sign-in-experience.js +5 -1
  47. package/lib/db-entries/application.d.ts +6 -2
  48. package/lib/db-entries/application.js +5 -1
  49. package/lib/db-entries/custom-types.d.ts +7 -0
  50. package/lib/db-entries/custom-types.js +8 -0
  51. package/lib/db-entries/index.d.ts +7 -0
  52. package/lib/db-entries/index.js +7 -0
  53. package/lib/db-entries/organization-application-relation.d.ts +20 -0
  54. package/lib/db-entries/organization-application-relation.js +29 -0
  55. package/lib/db-entries/organization-jit-email-domain.d.ts +24 -0
  56. package/lib/db-entries/organization-jit-email-domain.js +29 -0
  57. package/lib/db-entries/organization-jit-role.d.ts +24 -0
  58. package/lib/db-entries/organization-jit-role.js +29 -0
  59. package/lib/db-entries/organization-jit-sso-connector.d.ts +22 -0
  60. package/lib/db-entries/organization-jit-sso-connector.js +29 -0
  61. package/lib/db-entries/organization-role-application-relation.d.ts +22 -0
  62. package/lib/db-entries/organization-role-application-relation.js +33 -0
  63. package/lib/db-entries/organization-role.d.ts +6 -1
  64. package/lib/db-entries/organization-role.js +5 -0
  65. package/lib/db-entries/organization.d.ts +10 -2
  66. package/lib/db-entries/organization.js +9 -1
  67. package/lib/db-entries/sign-in-experience.d.ts +11 -3
  68. package/lib/db-entries/sign-in-experience.js +14 -2
  69. package/lib/db-entries/subject-token.d.ts +28 -0
  70. package/lib/db-entries/subject-token.js +50 -0
  71. package/lib/foundations/jsonb-types/hooks.d.ts +0 -4
  72. package/lib/foundations/jsonb-types/hooks.js +1 -4
  73. package/lib/foundations/jsonb-types/oidc-module.d.ts +33 -1
  74. package/lib/foundations/jsonb-types/oidc-module.js +2 -0
  75. package/lib/foundations/jsonb-types/sign-in-experience.d.ts +47 -0
  76. package/lib/foundations/jsonb-types/sign-in-experience.js +21 -4
  77. package/lib/foundations/jsonb-types/users.d.ts +6 -6
  78. package/lib/foundations/jsonb-types/users.js +2 -2
  79. package/lib/seeds/application.js +1 -0
  80. package/lib/seeds/cloud-api.d.ts +1 -1
  81. package/lib/seeds/sign-in-experience.d.ts +1 -0
  82. package/lib/seeds/sign-in-experience.js +2 -1
  83. package/lib/types/application.d.ts +85 -167
  84. package/lib/types/connector.d.ts +723 -191
  85. package/lib/types/consent.d.ts +181 -42
  86. package/lib/types/cookie.d.ts +7 -1
  87. package/lib/types/cookie.js +3 -1
  88. package/lib/types/domain.d.ts +2 -10
  89. package/lib/types/hook.d.ts +14 -21
  90. package/lib/types/index.d.ts +3 -0
  91. package/lib/types/index.js +3 -0
  92. package/lib/types/interactions.d.ts +313 -29
  93. package/lib/types/interactions.js +92 -9
  94. package/lib/types/log/interaction.d.ts +4 -3
  95. package/lib/types/log/interaction.js +1 -0
  96. package/lib/types/log/token.d.ts +2 -1
  97. package/lib/types/log/token.js +1 -0
  98. package/lib/types/logto-config/index.d.ts +277 -242
  99. package/lib/types/logto-config/jwt-customizer.d.ts +642 -476
  100. package/lib/types/logto-config/jwt-customizer.js +13 -2
  101. package/lib/types/logto-config/oidc-provider.d.ts +6 -6
  102. package/lib/types/mfa.d.ts +16 -16
  103. package/lib/types/oidc-config.d.ts +2 -1
  104. package/lib/types/oidc-config.js +1 -0
  105. package/lib/types/organization.d.ts +12 -3
  106. package/lib/types/organization.js +4 -1
  107. package/lib/types/role.d.ts +6 -1
  108. package/lib/types/role.js +6 -1
  109. package/lib/types/scope.d.ts +7 -6
  110. package/lib/types/sign-in-experience.d.ts +997 -0
  111. package/lib/types/sign-in-experience.js +21 -0
  112. package/lib/types/sso-connector.d.ts +14 -19
  113. package/lib/types/ssr.d.ts +25 -0
  114. package/lib/types/ssr.js +9 -0
  115. package/lib/types/subject-token.d.ts +12 -0
  116. package/lib/types/subject-token.js +5 -0
  117. package/lib/types/system.d.ts +11 -7
  118. package/lib/types/system.js +4 -0
  119. package/lib/types/tenant-organization.d.ts +1 -0
  120. package/lib/types/tenant-organization.js +3 -0
  121. package/lib/types/user-assets.d.ts +25 -5
  122. package/lib/types/user-assets.js +20 -1
  123. package/lib/types/user.d.ts +84 -120
  124. package/lib/utils/application.d.ts +3 -0
  125. package/lib/utils/application.js +7 -0
  126. package/lib/utils/index.d.ts +1 -0
  127. package/lib/utils/index.js +1 -0
  128. package/lib/utils/zod.d.ts +1 -1
  129. package/package.json +9 -9
  130. package/tables/application_secrets.sql +17 -0
  131. package/tables/application_sign_in_experiences.sql +1 -1
  132. package/tables/applications.sql +10 -0
  133. package/tables/organization_application_relations.sql +14 -0
  134. package/tables/organization_jit_email_domains.sql +13 -0
  135. package/tables/organization_jit_roles.sql +14 -0
  136. package/tables/organization_jit_sso_connectors.sql +13 -0
  137. package/tables/organization_role_application_relations.sql +18 -0
  138. package/tables/organization_role_user_relations.sql +3 -1
  139. package/tables/organization_roles.sql +8 -1
  140. package/tables/organizations.sql +4 -0
  141. package/tables/sign_in_experiences.sql +5 -0
  142. package/tables/subject_tokens.sql +16 -0
  143. package/tables/users.sql +1 -1
  144. package/alterations-js/1.0.0-1677208902-update-admin-console-config.d.ts +0 -3
  145. package/alterations-js/1.0.0-1677765137-seed-for-admin-tenant.d.ts +0 -3
  146. package/alterations-js/1.0.0-1677907982-allow-admin-create-multiple-tenants.d.ts +0 -3
  147. package/alterations-js/1.0.0-1678157950-privacy-policy-url.d.ts +0 -3
  148. package/alterations-js/1.0.0-1678199795-add-verification-status-table.d.ts +0 -3
  149. package/alterations-js/1.0.0-1678259693-remove-branding-style-config.d.ts +0 -3
  150. package/alterations-js/1.0.0-1678269972-use-restrictive-policies.d.ts +0 -3
  151. package/alterations-js/1.0.0-1678284778-restrict-internal-roles.d.ts +0 -3
  152. package/alterations-js/1.0.0-1678425761-m2m-app-for-tenants.d.ts +0 -3
  153. package/alterations-js/1.0.0-1678450233-support-custom-content.d.ts +0 -3
  154. package/alterations-js/1.0.0-1678716747-service-logs.d.ts +0 -3
  155. package/alterations-js/1.0.0-1678928481-remove-deprecated-logto-config-item.d.ts +0 -3
  156. package/alterations-js/1.0.0-1678953179-update-get-started-task-config.d.ts +0 -3
  157. package/alterations-js/1.0.0-1679209413-drop-connector-database-storage.d.ts +0 -3
  158. package/alterations-js/1.0.0_beta.10-1-logto-config.d.ts +0 -3
  159. package/alterations-js/1.0.0_beta.10-1663923211-machine-to-machine-app.d.ts +0 -3
  160. package/alterations-js/1.0.0_beta.10-1664265197-custom-phrases.d.ts +0 -3
  161. package/alterations-js/1.0.0_beta.11-1664347703-rename-language-key-to-tag.d.ts +0 -3
  162. package/alterations-js/1.0.0_beta.11-1664356000-add-created-at-column-to-users.d.ts +0 -3
  163. package/alterations-js/1.0.0_beta.11-1664462389-correct-user-created-at-column-by-user-logs.d.ts +0 -3
  164. package/alterations-js/1.0.0_beta.14-1665300135-sign-in-sign-up.d.ts +0 -3
  165. package/alterations-js/1.0.0_beta.14-1667283640-remove-forgot-password.d.ts +0 -3
  166. package/alterations-js/1.0.0_beta.14-1667292082-remove-sign-in-method.d.ts +0 -3
  167. package/alterations-js/1.0.0_beta.14-1667374974-user-suspend.d.ts +0 -3
  168. package/alterations-js/1.0.0_beta.14-1667900481-add-passcode-type-continue.d.ts +0 -3
  169. package/alterations-js/1.0.0_beta.18-1668666590-support-multiple-connector-instances.d.ts +0 -3
  170. package/alterations-js/1.0.0_beta.18-1668666600-remove-connector-enabled.d.ts +0 -3
  171. package/alterations-js/1.0.0_beta.18-1669091623-roles-and-scopes.d.ts +0 -3
  172. package/alterations-js/1.0.0_beta.18-1669702299-sign-up.d.ts +0 -3
  173. package/alterations-js/1.0.0_beta.18-1671039448-add-user-name-index.d.ts +0 -3
  174. package/alterations-js/1.0.0_beta.18-1671080370-terms-of-use.d.ts +0 -3
  175. package/alterations-js/1.0.0_beta.18-1671336831-refactor-log-types.d.ts +0 -3
  176. package/alterations-js/1.0.0_beta.18-1671509870-hooks.d.ts +0 -3
  177. package/alterations-js/1.0.0_beta.18-1672119200-align-passcode-type-with-message-type.d.ts +0 -3
  178. package/alterations-js/1.0.0_rc.0-1672815959-user-roles.d.ts +0 -3
  179. package/alterations-js/1.0.0_rc.0-1672820345-scope-resource-id.d.ts +0 -3
  180. package/alterations-js/1.0.0_rc.0-1672901841-roles-and-scopes-not-null.d.ts +0 -3
  181. package/alterations-js/1.0.0_rc.0-1673001922-support-generic-passcode.d.ts +0 -3
  182. package/alterations-js/1.0.0_rc.0-1673165463-scope-name-index.d.ts +0 -3
  183. package/alterations-js/1.0.0_rc.0-1673349501-sms-sign-in-identifier-to-phone.d.ts +0 -3
  184. package/alterations-js/1.0.0_rc.0-1673465463-ac-scope-name.d.ts +0 -3
  185. package/alterations-js/1.0.0_rc.0-1673853579-ac-default-scope.d.ts +0 -3
  186. package/alterations-js/1.0.0_rc.0-1673863835-ac-scope-role.d.ts +0 -3
  187. package/alterations-js/1.0.0_rc.0-1673882867-fix-alteration-issues.d.ts +0 -3
  188. package/alterations-js/1.0.0_rc.0-1673940577-scope-description-not-null.d.ts +0 -3
  189. package/alterations-js/1.0.0_rc.0-1673941897-application-roles.d.ts +0 -3
  190. package/alterations-js/1.0.0_rc.0-1674032095.1-dedup-resources-constraint.d.ts +0 -4
  191. package/alterations-js/1.0.0_rc.0-1674032095.2-oidc-model-pkey.d.ts +0 -3
  192. package/alterations-js/1.0.0_rc.0-1674032095.3-tenant-table.d.ts +0 -3
  193. package/alterations-js/1.0.0_rc.0-1674032095.4-add-id-column.d.ts +0 -3
  194. package/alterations-js/1.0.0_rc.0-1674032095.5-multi-tenancy.d.ts +0 -3
  195. package/alterations-js/1.0.0_rc.0-1674032095.6-add-tenant-id-trigger.d.ts +0 -3
  196. package/alterations-js/1.0.0_rc.0-1674987042-drop-settings-and-create-systems.d.ts +0 -3
  197. package/alterations-js/1.0.0_rc.0-1675316731-update-seed-data.d.ts +0 -3
  198. package/alterations-js/1.0.0_rc.1-1675788753-multi-tenancy-rls.d.ts +0 -3
  199. package/alterations-js/1.0.0_rc.1-1676115897-add-admin-tenant.d.ts +0 -3
  200. package/alterations-js/1.0.0_rc.1-1676185899-fix-logs-index.d.ts +0 -3
  201. package/alterations-js/1.0.0_rc.1-1676190092-migrate-admin-data.d.ts +0 -3
  202. package/alterations-js/1.0.0_rc.1-1676823841-update-sie-primary-key.d.ts +0 -3
  203. package/alterations-js/1.0.0_rc.1-1676874936-support-custom-css.d.ts +0 -3
  204. package/alterations-js/1.0.0_rc.1-1676886855-connector-database-read-write.d.ts +0 -3
  205. package/alterations-js/1.0.0_rc.1-1676906977-remove-demo-app.d.ts +0 -3
  206. package/alterations-js/1.0.0_rc.1-1676956206-move-console-sie-to-database.d.ts +0 -3
  207. package/alterations-js/1.0.0_rc.1-1677059985-move-console-application-to-database.d.ts +0 -3
  208. package/alterations-js/1.10.1-1695647183-update-private-key-type.d.ts +0 -3
  209. package/alterations-js/1.10.1-1696657546-organization-tables.d.ts +0 -3
  210. package/alterations-js/1.10.1-1697683802-add-sso-connectors-table.d.ts +0 -3
  211. package/alterations-js/1.10.1-1698646271-add-organization-created-flag.d.ts +0 -3
  212. package/alterations-js/1.10.1-1698820410-add-user-sso-identities-table.d.ts +0 -4
  213. package/alterations-js/1.10.1-1698910485-user-logto-data.d.ts +0 -3
  214. package/alterations-js/1.11.0-1699422979-add-sso-connector-id-col-to-user-sso-identities-table.d.ts +0 -3
  215. package/alterations-js/1.11.0-1699598903-remove-sso-only-column-in-sso-connectors-table.d.ts +0 -3
  216. package/alterations-js/1.12.0-1700031616-update-org-role-foreign-keys.d.ts +0 -3
  217. package/alterations-js/1.12.0-1701054133-add-unique-constraint-to-the-sso-connector-name.d.ts +0 -3
  218. package/alterations-js/1.12.0-1701245520-add-single-sign-on-enabled-flag-to-sie.d.ts +0 -3
  219. package/alterations-js/1.13.0-1702274830-add-new-third-party-column-to-applications-table.d.ts +0 -3
  220. package/alterations-js/1.13.0-1702372401-add-application-permissions-tables.d.ts +0 -3
  221. package/alterations-js/1.13.0-1702544178-sync-tenant-orgs.d.ts +0 -18
  222. package/alterations-js/1.13.0-1702871078-protected-application-type.d.ts +0 -3
  223. package/alterations-js/1.13.0-1702877515-protected-app-configs.d.ts +0 -3
  224. package/alterations-js/1.13.0-1702978120-application-sign-in-experience-table.d.ts +0 -3
  225. package/alterations-js/1.13.0-1703229996-daily-token-usage.d.ts +0 -3
  226. package/alterations-js/1.13.0-1703230000-update-tenant-roles.d.ts +0 -11
  227. package/alterations-js/1.13.0-1704692973-remove-legacy-resources.d.ts +0 -3
  228. package/alterations-js/1.13.0-1704934999-add-magic-links-table.d.ts +0 -3
  229. package/alterations-js/1.13.0-1704935001-add-organization-invitation-tables.d.ts +0 -3
  230. package/alterations-js/1.13.0-1705288654-add-application-user-consent-organizations-table.d.ts +0 -3
  231. package/alterations-js/1.13.0-1705991158-update-invitation-indices.d.ts +0 -7
  232. package/alterations-js/1.13.0-1706449174-update-organization-invitation-column.d.ts +0 -3
  233. package/alterations-js/1.13.0-1706510290-protected-app-host-index.d.ts +0 -3
  234. package/alterations-js/1.13.0-1706512952-restore-get-started-page.d.ts +0 -3
  235. package/alterations-js/1.13.0-1706528755-remove-magic-links.d.ts +0 -3
  236. package/alterations-js/1.13.0-1706585206-protected-app-custom-domain-unique.d.ts +0 -3
  237. package/alterations-js/1.13.1-1707360939-grant-is-suspended-read-permission.d.ts +0 -6
  238. package/alterations-js/1.14.0-1708916601-remove-management-api-scopes-assigned-to-user-role.d.ts +0 -3
  239. package/alterations-js/1.14.0-1709190131-enhance-dau-data-accuracy.d.ts +0 -3
  240. package/alterations-js/1.15.0-1709521416-user-password-encrypt-method.d.ts +0 -3
  241. package/alterations-js/1.15.0-1709528944-regenerate-dau-data.d.ts +0 -3
  242. package/alterations-js/1.15.0-1710223946-add-fetch-custom-jwt-cloud-scope.d.ts +0 -3
  243. package/alterations-js/1.15.0-1710408335-make-resource-scopes-description-nullable.d.ts +0 -3
  244. package/alterations-js/1.15.0-1710859622-add-oidc-standard-claim-properties.d.ts +0 -3
  245. package/alterations-js/1.15.0-1711607772-remove-invite-member-scope-from-tenant-member-role.d.ts +0 -3
  246. package/alterations-js/1.15.0-1711624564-add-read-member-scope-to-tenant-roles.d.ts +0 -3
  247. package/alterations-js/1.15.0-1711955211-organization-resource-scope.d.ts +0 -3
  248. package/alterations-js/1.15.0-1712041436-rename-organization-member-role-to-collaborator.d.ts +0 -3
  249. package/alterations-js/1.15.0-1712545011-fix-organization-resource-scope.d.ts +0 -8
  250. package/alterations-js/1.15.0-1712559358-fix-down-organization-resource-scope.d.ts +0 -8
  251. package/alterations-js/1.16.0-1712912361-delete-jwt-customier-with-empty-script.d.ts +0 -3
  252. package/alterations-js/1.16.0-1713942039-add-organization-custom-data.d.ts +0 -4
  253. package/alterations-js/1.16.0-1714270244-application-org-resource-scope.d.ts +0 -3
  254. package/alterations-js/1.17.0-1715826336-add-default-user-role-config.d.ts +0 -3
  255. package/alterations-js/1.17.0-1715829731-rename-data-hook-schema-update-event.d.ts +0 -3
  256. package/alterations-js/1.17.0-1716278409-remove-internal-role-database-policies.d.ts +0 -3
  257. package/alterations-js/1.17.0-1716291265-create-pre-configured-m-api-role.d.ts +0 -7
  258. package/alterations-js/1.17.0-1717148078-remove-service-log-reference.d.ts +0 -3
  259. package/alterations-js/1.2.0-1681267285-fix-get-started-passwordless-status.d.ts +0 -3
  260. package/alterations-js/1.3.0-1683292832-update-hooks.d.ts +0 -3
  261. package/alterations-js/1.5.0-1684382842-add-name-tag-created-at-for-tenants-table.d.ts +0 -3
  262. package/alterations-js/1.5.0-1684739802-create-hook-id-index-for-logs.d.ts +0 -3
  263. package/alterations-js/1.5.0-1684822341-init-domains.d.ts +0 -3
  264. package/alterations-js/1.5.0-1684837981-add-manage-tenant-self-scope-to-user-role.d.ts +0 -3
  265. package/alterations-js/1.5.0-1685285719-support-default-resource.d.ts +0 -3
  266. package/alterations-js/1.6.0-1685691718-domain-unique.d.ts +0 -3
  267. package/alterations-js/1.7.0-1688375200-sync-cloud-m2m-to-logto-config.d.ts +0 -3
  268. package/alterations-js/1.7.0-1688613459-remove-m2m-credentials-from-existing-logto-email-connector-config.d.ts +0 -3
  269. package/alterations-js/1.7.0-1688627407-daily-active-users.d.ts +0 -3
  270. package/alterations-js/1.8.0-1692088012-add-is-suspend-column-to-tenants-table.d.ts +0 -3
  271. package/alterations-js/1.8.0-1692194751-add-affiliate-scopes.d.ts +0 -3
  272. package/alterations-js/1.9.0-1693554904-add-possword-policy.d.ts +0 -4
  273. package/alterations-js/1.9.0-1694399696-add-type-col-to-roles-table.d.ts +0 -3
  274. package/alterations-js/1.9.0-1694418765-specify-check-role-type-function-to-be-public-schema.d.ts +0 -9
  275. package/alterations-js/1.9.0-1694484927-remove-deprecated-challenge-flag.d.ts +0 -3
  276. package/alterations-js/1.9.0-1694487524-sie-mfa.d.ts +0 -3
  277. package/alterations-js/1.9.0-1694509714-keep-existing-password-policy.d.ts +0 -3
  278. package/alterations-js/1.9.0-1694746763-user-verifications.d.ts +0 -3
  279. package/alterations-js/1.9.2-1694854226-init-sentinel.d.ts +0 -3
  280. package/alterations-js/1.9.2-1695198741-remove-m2m-app-admin-access-switch.d.ts +0 -3
  281. package/alterations-js/utils/1704934999-tables.d.ts +0 -11
  282. package/alterations-js/utils/1716643968-id-generation.d.ts +0 -19
package/lib/types/logto-config/jwt-customizer.d.ts CHANGED
@@ -1,8 +1,13 @@
1
- import { z } from 'zod';
1
+ import { type ZodType, z } from 'zod';
2
+ import { type Organization, type Role, type UserSsoIdentity } from '../../db-entries/index.js';
3
+ import { type MfaFactors } from '../../foundations/index.js';
4
+ import { GrantType } from '../oidc-config.js';
5
+ import { type ScopeResponse } from '../scope.js';
6
+ import { type UserInfo } from '../user.js';
2
7
  export declare const jwtCustomizerGuard: z.ZodObject<{
3
8
  script: z.ZodString;
4
9
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
5
- contextSample: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>>;
10
+ contextSample: z.ZodOptional<z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>>;
6
11
  }, "strip", z.ZodTypeAny, {
7
12
  script: string;
8
13
  environmentVariables?: Record<string, string> | undefined;
@@ -16,12 +21,31 @@ export declare enum LogtoJwtTokenKeyType {
16
21
  AccessToken = "access-token",
17
22
  ClientCredentials = "client-credentials"
18
23
  }
19
- export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
20
- name: z.ZodType<string | null, z.ZodTypeDef, string | null>;
21
- id: z.ZodType<string, z.ZodTypeDef, string>;
22
- applicationId: z.ZodType<string | null, z.ZodTypeDef, string | null>;
23
- username: z.ZodType<string | null, z.ZodTypeDef, string | null>;
24
- profile: z.ZodType<Partial<{
24
+ export type JwtCustomizerUserContext = UserInfo & {
25
+ hasPassword: boolean;
26
+ ssoIdentities: Array<Pick<UserSsoIdentity, 'issuer' | 'identityId' | 'detail'>>;
27
+ mfaVerificationFactors: MfaFactors;
28
+ roles: Array<Pick<Role, 'id' | 'name' | 'description'> & {
29
+ scopes: Array<Pick<ScopeResponse, 'id' | 'name' | 'description' | 'resourceId' | 'resource'>>;
30
+ }>;
31
+ organizations: Array<Pick<Organization, 'id' | 'name' | 'description'>>;
32
+ organizationRoles: Array<{
33
+ organizationId: string;
34
+ roleId: string;
35
+ roleName: string;
36
+ }>;
37
+ };
38
+ export declare const jwtCustomizerUserContextGuard: z.ZodObject<z.objectUtil.extendShape<Pick<{
39
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
40
+ id: ZodType<string, z.ZodTypeDef, string>;
41
+ username: ZodType<string | null, z.ZodTypeDef, string | null>;
42
+ primaryEmail: ZodType<string | null, z.ZodTypeDef, string | null>;
43
+ primaryPhone: ZodType<string | null, z.ZodTypeDef, string | null>;
44
+ passwordEncrypted: ZodType<string | null, z.ZodTypeDef, string | null>;
45
+ passwordEncryptionMethod: ZodType<import("../../db-entries/custom-types.js").UsersPasswordEncryptionMethod | null, z.ZodTypeDef, import("../../db-entries/custom-types.js").UsersPasswordEncryptionMethod | null>;
46
+ name: ZodType<string | null, z.ZodTypeDef, string | null>;
47
+ avatar: ZodType<string | null, z.ZodTypeDef, string | null>;
48
+ profile: ZodType<Partial<{
25
49
  familyName: string;
26
50
  givenName: string;
27
51
  middleName: string;
@@ -62,30 +86,82 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
62
86
  country: string;
63
87
  }>;
64
88
  }>>;
65
- createdAt: z.ZodType<number, z.ZodTypeDef, number>;
66
- updatedAt: z.ZodType<number, z.ZodTypeDef, number>;
67
- customData: z.ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
68
- primaryEmail: z.ZodType<string | null, z.ZodTypeDef, string | null>;
69
- primaryPhone: z.ZodType<string | null, z.ZodTypeDef, string | null>;
70
- avatar: z.ZodType<string | null, z.ZodTypeDef, string | null>;
71
- identities: z.ZodType<Record<string, {
89
+ applicationId: ZodType<string | null, z.ZodTypeDef, string | null>;
90
+ identities: ZodType<Record<string, {
72
91
  userId: string;
73
92
  details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
74
93
  }>, z.ZodTypeDef, Record<string, {
75
94
  userId: string;
76
95
  details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
77
96
  }>>;
78
- isSuspended: z.ZodType<boolean, z.ZodTypeDef, boolean>;
79
- lastSignInAt: z.ZodType<number | null, z.ZodTypeDef, number | null>;
97
+ customData: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
98
+ logtoConfig: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
99
+ mfaVerifications: ZodType<({
100
+ type: import("../../foundations/index.js").MfaFactor.TOTP;
101
+ id: string;
102
+ key: string;
103
+ createdAt: string;
104
+ lastUsedAt?: string | undefined;
105
+ } | {
106
+ type: import("../../foundations/index.js").MfaFactor.WebAuthn;
107
+ id: string;
108
+ createdAt: string;
109
+ credentialId: string;
110
+ publicKey: string;
111
+ counter: number;
112
+ agent: string;
113
+ lastUsedAt?: string | undefined;
114
+ transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
115
+ } | {
116
+ type: import("../../foundations/index.js").MfaFactor.BackupCode;
117
+ id: string;
118
+ createdAt: string;
119
+ codes: {
120
+ code: string;
121
+ usedAt?: string | undefined;
122
+ }[];
123
+ lastUsedAt?: string | undefined;
124
+ })[], z.ZodTypeDef, ({
125
+ type: import("../../foundations/index.js").MfaFactor.TOTP;
126
+ id: string;
127
+ key: string;
128
+ createdAt: string;
129
+ lastUsedAt?: string | undefined;
130
+ } | {
131
+ type: import("../../foundations/index.js").MfaFactor.WebAuthn;
132
+ id: string;
133
+ createdAt: string;
134
+ credentialId: string;
135
+ publicKey: string;
136
+ counter: number;
137
+ agent: string;
138
+ lastUsedAt?: string | undefined;
139
+ transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
140
+ } | {
141
+ type: import("../../foundations/index.js").MfaFactor.BackupCode;
142
+ id: string;
143
+ createdAt: string;
144
+ codes: {
145
+ code: string;
146
+ usedAt?: string | undefined;
147
+ }[];
148
+ lastUsedAt?: string | undefined;
149
+ })[]>;
150
+ isSuspended: ZodType<boolean, z.ZodTypeDef, boolean>;
151
+ lastSignInAt: ZodType<number | null, z.ZodTypeDef, number | null>;
152
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
153
+ updatedAt: ZodType<number, z.ZodTypeDef, number>;
154
+ }, "name" | "id" | "applicationId" | "username" | "createdAt" | "profile" | "customData" | "updatedAt" | "primaryEmail" | "primaryPhone" | "avatar" | "identities" | "isSuspended" | "lastSignInAt">, {
155
+ hasPassword: z.ZodBoolean;
80
156
  ssoIdentities: z.ZodArray<z.ZodObject<Pick<{
81
- tenantId: z.ZodType<string, z.ZodTypeDef, string>;
82
- id: z.ZodType<string, z.ZodTypeDef, string>;
83
- userId: z.ZodType<string, z.ZodTypeDef, string>;
84
- issuer: z.ZodType<string, z.ZodTypeDef, string>;
85
- identityId: z.ZodType<string, z.ZodTypeDef, string>;
86
- detail: z.ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
87
- createdAt: z.ZodType<number, z.ZodTypeDef, number>;
88
- ssoConnectorId: z.ZodType<string, z.ZodTypeDef, string>;
157
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
158
+ id: ZodType<string, z.ZodTypeDef, string>;
159
+ userId: ZodType<string, z.ZodTypeDef, string>;
160
+ issuer: ZodType<string, z.ZodTypeDef, string>;
161
+ identityId: ZodType<string, z.ZodTypeDef, string>;
162
+ detail: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
163
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
164
+ ssoConnectorId: ZodType<string, z.ZodTypeDef, string>;
89
165
  }, "issuer" | "identityId" | "detail">, "strip", z.ZodTypeAny, {
90
166
  issuer: string;
91
167
  identityId: string;
@@ -96,19 +172,24 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
96
172
  detail: import("@withtyped/server/lib/types.js").JsonObject;
97
173
  }>, "many">;
98
174
  mfaVerificationFactors: z.ZodArray<z.ZodNativeEnum<typeof import("../../foundations/index.js").MfaFactor>, "many">;
99
- roles: z.ZodArray<z.ZodObject<{
100
- name: z.ZodType<string, z.ZodTypeDef, string>;
101
- id: z.ZodType<string, z.ZodTypeDef, string>;
102
- description: z.ZodType<string, z.ZodTypeDef, string>;
103
- scopes: z.ZodArray<z.ZodObject<Pick<{
104
- name: z.ZodType<string, z.ZodTypeDef, string>;
105
- id: z.ZodType<string, z.ZodTypeDef, string>;
106
- tenantId: z.ZodType<string, z.ZodTypeDef, string>;
107
- createdAt: z.ZodType<number, z.ZodTypeDef, number>;
108
- description: z.ZodType<string | null, z.ZodTypeDef, string | null>;
109
- resourceId: z.ZodType<string, z.ZodTypeDef, string>;
175
+ roles: z.ZodArray<z.ZodObject<z.objectUtil.extendShape<Pick<{
176
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
177
+ id: ZodType<string, z.ZodTypeDef, string>;
178
+ name: ZodType<string, z.ZodTypeDef, string>;
179
+ description: ZodType<string, z.ZodTypeDef, string>;
180
+ type: ZodType<import("../../db-entries/custom-types.js").RoleType, z.ZodTypeDef, import("../../db-entries/custom-types.js").RoleType>;
181
+ isDefault: ZodType<boolean, z.ZodTypeDef, boolean>;
182
+ }, "name" | "id" | "description">, {
183
+ scopes: z.ZodArray<z.ZodObject<Pick<z.objectUtil.extendShape<{
184
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
185
+ id: ZodType<string, z.ZodTypeDef, string>;
186
+ resourceId: ZodType<string, z.ZodTypeDef, string>;
187
+ name: ZodType<string, z.ZodTypeDef, string>;
188
+ description: ZodType<string | null, z.ZodTypeDef, string | null>;
189
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
190
+ }, {
110
191
  resource: import("../../foundations/schemas.js").Guard<import("../../db-entries/resource.js").Resource>;
111
- }, "name" | "id" | "description" | "resource" | "resourceId">, "strip", z.ZodTypeAny, {
192
+ }>, "name" | "id" | "description" | "resource" | "resourceId">, "strip", z.ZodTypeAny, {
112
193
  name: string;
113
194
  id: string;
114
195
  description: string | null;
@@ -121,7 +202,7 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
121
202
  resource: import("../../db-entries/resource.js").Resource;
122
203
  resourceId: string;
123
204
  }>, "many">;
124
- }, "strip", z.ZodTypeAny, {
205
+ }>, "strip", z.ZodTypeAny, {
125
206
  name: string;
126
207
  id: string;
127
208
  description: string;
@@ -145,12 +226,24 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
145
226
  }[];
146
227
  }>, "many">;
147
228
  organizations: z.ZodArray<z.ZodObject<Pick<{
148
- tenantId: z.ZodType<string, z.ZodTypeDef, string>;
149
- id: z.ZodType<string, z.ZodTypeDef, string>;
150
- name: z.ZodType<string, z.ZodTypeDef, string>;
151
- description: z.ZodType<string | null, z.ZodTypeDef, string | null>;
152
- customData: z.ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
153
- createdAt: z.ZodType<number, z.ZodTypeDef, number>;
229
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
230
+ id: ZodType<string, z.ZodTypeDef, string>;
231
+ name: ZodType<string, z.ZodTypeDef, string>;
232
+ description: ZodType<string | null, z.ZodTypeDef, string | null>;
233
+ customData: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
234
+ isMfaRequired: ZodType<boolean, z.ZodTypeDef, boolean>;
235
+ branding: ZodType<{
236
+ logoUrl?: string | undefined;
237
+ darkLogoUrl?: string | undefined;
238
+ favicon?: string | undefined;
239
+ darkFavicon?: string | undefined;
240
+ }, z.ZodTypeDef, {
241
+ logoUrl?: string | undefined;
242
+ darkLogoUrl?: string | undefined;
243
+ favicon?: string | undefined;
244
+ darkFavicon?: string | undefined;
245
+ }>;
246
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
154
247
  }, "name" | "id" | "description">, "strip", z.ZodTypeAny, {
155
248
  name: string;
156
249
  id: string;
@@ -173,35 +266,15 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
173
266
  roleId: string;
174
267
  roleName: string;
175
268
  }>, "many">;
176
- }, "strip", z.ZodTypeAny, {
269
+ }>, "strip", z.ZodTypeAny, {
177
270
  name: string | null;
178
271
  id: string;
179
272
  applicationId: string | null;
180
273
  username: string | null;
181
- profile: Partial<{
182
- familyName: string;
183
- givenName: string;
184
- middleName: string;
185
- nickname: string;
186
- preferredUsername: string;
187
- profile: string;
188
- website: string;
189
- gender: string;
190
- birthdate: string;
191
- zoneinfo: string;
192
- locale: string;
193
- address: Partial<{
194
- formatted: string;
195
- streetAddress: string;
196
- locality: string;
197
- region: string;
198
- postalCode: string;
199
- country: string;
200
- }>;
201
- }>;
202
274
  createdAt: number;
203
- updatedAt: number;
275
+ profile: import("../../foundations/index.js").UserProfile;
204
276
  customData: import("@withtyped/server/lib/types.js").JsonObject;
277
+ updatedAt: number;
205
278
  organizations: {
206
279
  name: string;
207
280
  id: string;
@@ -222,12 +295,10 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
222
295
  primaryEmail: string | null;
223
296
  primaryPhone: string | null;
224
297
  avatar: string | null;
225
- identities: Record<string, {
226
- userId: string;
227
- details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
228
- }>;
298
+ identities: import("../../foundations/index.js").Identities;
229
299
  isSuspended: boolean;
230
300
  lastSignInAt: number | null;
301
+ hasPassword: boolean;
231
302
  ssoIdentities: {
232
303
  issuer: string;
233
304
  identityId: string;
@@ -244,30 +315,10 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
244
315
  id: string;
245
316
  applicationId: string | null;
246
317
  username: string | null;
247
- profile: Partial<{
248
- familyName: string;
249
- givenName: string;
250
- middleName: string;
251
- nickname: string;
252
- preferredUsername: string;
253
- profile: string;
254
- website: string;
255
- gender: string;
256
- birthdate: string;
257
- zoneinfo: string;
258
- locale: string;
259
- address: Partial<{
260
- formatted: string;
261
- streetAddress: string;
262
- locality: string;
263
- region: string;
264
- postalCode: string;
265
- country: string;
266
- }>;
267
- }>;
268
318
  createdAt: number;
269
- updatedAt: number;
319
+ profile: import("../../foundations/index.js").UserProfile;
270
320
  customData: import("@withtyped/server/lib/types.js").JsonObject;
321
+ updatedAt: number;
271
322
  organizations: {
272
323
  name: string;
273
324
  id: string;
@@ -288,12 +339,10 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
288
339
  primaryEmail: string | null;
289
340
  primaryPhone: string | null;
290
341
  avatar: string | null;
291
- identities: Record<string, {
292
- userId: string;
293
- details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
294
- }>;
342
+ identities: import("../../foundations/index.js").Identities;
295
343
  isSuspended: boolean;
296
344
  lastSignInAt: number | null;
345
+ hasPassword: boolean;
297
346
  ssoIdentities: {
298
347
  issuer: string;
299
348
  identityId: string;
@@ -306,10 +355,22 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
306
355
  roleName: string;
307
356
  }[];
308
357
  }>;
309
- export type JwtCustomizerUserContext = z.infer<typeof jwtCustomizerUserContextGuard>;
310
- export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
358
+ export declare const jwtCustomizerGrantContextGuard: z.ZodObject<{
359
+ type: z.ZodLiteral<GrantType.TokenExchange>;
360
+ subjectTokenContext: z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>;
361
+ }, "strip", z.ZodTypeAny, {
362
+ type: GrantType.TokenExchange;
363
+ subjectTokenContext: Record<string, import("@withtyped/server/lib/types.js").Json>;
364
+ }, {
365
+ type: GrantType.TokenExchange;
366
+ subjectTokenContext: Record<string, import("@withtyped/server/lib/types.js").Json>;
367
+ }>;
368
+ export type JwtCustomizerGrantContext = z.infer<typeof jwtCustomizerGrantContextGuard>;
369
+ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<z.objectUtil.extendShape<{
311
370
  script: z.ZodString;
312
371
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
372
+ contextSample: z.ZodOptional<z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>>;
373
+ }, {
313
374
  tokenSample: z.ZodOptional<z.ZodObject<{
314
375
  accountId: z.ZodOptional<z.ZodString>;
315
376
  expiresWithSession: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
@@ -323,37 +384,38 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
323
384
  scope: z.ZodOptional<z.ZodOptional<z.ZodString>>;
324
385
  clientId: z.ZodOptional<z.ZodOptional<z.ZodString>>;
325
386
  }, "strict", z.ZodTypeAny, {
387
+ grantId?: string | undefined;
388
+ scope?: string | undefined;
326
389
  accountId?: string | undefined;
327
390
  expiresWithSession?: boolean | undefined;
328
- grantId?: string | undefined;
329
391
  gty?: string | undefined;
330
392
  sessionUid?: string | undefined;
331
393
  sid?: string | undefined;
332
394
  kind?: "AccessToken" | undefined;
333
395
  jti?: string | undefined;
334
396
  aud?: string | string[] | undefined;
335
- scope?: string | undefined;
336
397
  clientId?: string | undefined;
337
398
  }, {
399
+ grantId?: string | undefined;
400
+ scope?: string | undefined;
338
401
  accountId?: string | undefined;
339
402
  expiresWithSession?: boolean | undefined;
340
- grantId?: string | undefined;
341
403
  gty?: string | undefined;
342
404
  sessionUid?: string | undefined;
343
405
  sid?: string | undefined;
344
406
  kind?: "AccessToken" | undefined;
345
407
  jti?: string | undefined;
346
408
  aud?: string | string[] | undefined;
347
- scope?: string | undefined;
348
409
  clientId?: string | undefined;
349
410
  }>>;
350
411
  contextSample: z.ZodOptional<z.ZodObject<{
351
412
  user: z.ZodObject<{
352
- name: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
353
- id: z.ZodOptional<z.ZodType<string, z.ZodTypeDef, string>>;
354
- applicationId: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
355
- username: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
356
- profile: z.ZodOptional<z.ZodType<Partial<{
413
+ name: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
414
+ id: z.ZodOptional<ZodType<string, z.ZodTypeDef, string>>;
415
+ applicationId: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
416
+ username: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
417
+ createdAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
418
+ profile: z.ZodOptional<ZodType<Partial<{
357
419
  familyName: string;
358
420
  givenName: string;
359
421
  middleName: string;
@@ -394,30 +456,30 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
394
456
  country: string;
395
457
  }>;
396
458
  }>>>;
397
- createdAt: z.ZodOptional<z.ZodType<number, z.ZodTypeDef, number>>;
398
- updatedAt: z.ZodOptional<z.ZodType<number, z.ZodTypeDef, number>>;
399
- customData: z.ZodOptional<z.ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>>;
400
- primaryEmail: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
401
- primaryPhone: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
402
- avatar: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
403
- identities: z.ZodOptional<z.ZodType<Record<string, {
459
+ customData: z.ZodOptional<ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>>;
460
+ updatedAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
461
+ primaryEmail: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
462
+ primaryPhone: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
463
+ avatar: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
464
+ identities: z.ZodOptional<ZodType<Record<string, {
404
465
  userId: string;
405
466
  details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
406
467
  }>, z.ZodTypeDef, Record<string, {
407
468
  userId: string;
408
469
  details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
409
470
  }>>>;
410
- isSuspended: z.ZodOptional<z.ZodType<boolean, z.ZodTypeDef, boolean>>;
411
- lastSignInAt: z.ZodOptional<z.ZodType<number | null, z.ZodTypeDef, number | null>>;
471
+ isSuspended: z.ZodOptional<ZodType<boolean, z.ZodTypeDef, boolean>>;
472
+ lastSignInAt: z.ZodOptional<ZodType<number | null, z.ZodTypeDef, number | null>>;
473
+ hasPassword: z.ZodOptional<z.ZodBoolean>;
412
474
  ssoIdentities: z.ZodOptional<z.ZodArray<z.ZodObject<Pick<{
413
- tenantId: z.ZodType<string, z.ZodTypeDef, string>;
414
- id: z.ZodType<string, z.ZodTypeDef, string>;
415
- userId: z.ZodType<string, z.ZodTypeDef, string>;
416
- issuer: z.ZodType<string, z.ZodTypeDef, string>;
417
- identityId: z.ZodType<string, z.ZodTypeDef, string>;
418
- detail: z.ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
419
- createdAt: z.ZodType<number, z.ZodTypeDef, number>;
420
- ssoConnectorId: z.ZodType<string, z.ZodTypeDef, string>;
475
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
476
+ id: ZodType<string, z.ZodTypeDef, string>;
477
+ userId: ZodType<string, z.ZodTypeDef, string>;
478
+ issuer: ZodType<string, z.ZodTypeDef, string>;
479
+ identityId: ZodType<string, z.ZodTypeDef, string>;
480
+ detail: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
481
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
482
+ ssoConnectorId: ZodType<string, z.ZodTypeDef, string>;
421
483
  }, "issuer" | "identityId" | "detail">, "strip", z.ZodTypeAny, {
422
484
  issuer: string;
423
485
  identityId: string;
@@ -428,19 +490,24 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
428
490
  detail: import("@withtyped/server/lib/types.js").JsonObject;
429
491
  }>, "many">>;
430
492
  mfaVerificationFactors: z.ZodOptional<z.ZodArray<z.ZodNativeEnum<typeof import("../../foundations/index.js").MfaFactor>, "many">>;
431
- roles: z.ZodOptional<z.ZodArray<z.ZodObject<{
432
- name: z.ZodType<string, z.ZodTypeDef, string>;
433
- id: z.ZodType<string, z.ZodTypeDef, string>;
434
- description: z.ZodType<string, z.ZodTypeDef, string>;
435
- scopes: z.ZodArray<z.ZodObject<Pick<{
436
- name: z.ZodType<string, z.ZodTypeDef, string>;
437
- id: z.ZodType<string, z.ZodTypeDef, string>;
438
- tenantId: z.ZodType<string, z.ZodTypeDef, string>;
439
- createdAt: z.ZodType<number, z.ZodTypeDef, number>;
440
- description: z.ZodType<string | null, z.ZodTypeDef, string | null>;
441
- resourceId: z.ZodType<string, z.ZodTypeDef, string>;
493
+ roles: z.ZodOptional<z.ZodArray<z.ZodObject<z.objectUtil.extendShape<Pick<{
494
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
495
+ id: ZodType<string, z.ZodTypeDef, string>;
496
+ name: ZodType<string, z.ZodTypeDef, string>;
497
+ description: ZodType<string, z.ZodTypeDef, string>;
498
+ type: ZodType<import("../../db-entries/custom-types.js").RoleType, z.ZodTypeDef, import("../../db-entries/custom-types.js").RoleType>;
499
+ isDefault: ZodType<boolean, z.ZodTypeDef, boolean>;
500
+ }, "name" | "id" | "description">, {
501
+ scopes: z.ZodArray<z.ZodObject<Pick<z.objectUtil.extendShape<{
502
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
503
+ id: ZodType<string, z.ZodTypeDef, string>;
504
+ resourceId: ZodType<string, z.ZodTypeDef, string>;
505
+ name: ZodType<string, z.ZodTypeDef, string>;
506
+ description: ZodType<string | null, z.ZodTypeDef, string | null>;
507
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
508
+ }, {
442
509
  resource: import("../../foundations/schemas.js").Guard<import("../../db-entries/resource.js").Resource>;
443
- }, "name" | "id" | "description" | "resource" | "resourceId">, "strip", z.ZodTypeAny, {
510
+ }>, "name" | "id" | "description" | "resource" | "resourceId">, "strip", z.ZodTypeAny, {
444
511
  name: string;
445
512
  id: string;
446
513
  description: string | null;
@@ -453,7 +520,7 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
453
520
  resource: import("../../db-entries/resource.js").Resource;
454
521
  resourceId: string;
455
522
  }>, "many">;
456
- }, "strip", z.ZodTypeAny, {
523
+ }>, "strip", z.ZodTypeAny, {
457
524
  name: string;
458
525
  id: string;
459
526
  description: string;
@@ -477,12 +544,24 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
477
544
  }[];
478
545
  }>, "many">>;
479
546
  organizations: z.ZodOptional<z.ZodArray<z.ZodObject<Pick<{
480
- tenantId: z.ZodType<string, z.ZodTypeDef, string>;
481
- id: z.ZodType<string, z.ZodTypeDef, string>;
482
- name: z.ZodType<string, z.ZodTypeDef, string>;
483
- description: z.ZodType<string | null, z.ZodTypeDef, string | null>;
484
- customData: z.ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
485
- createdAt: z.ZodType<number, z.ZodTypeDef, number>;
547
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
548
+ id: ZodType<string, z.ZodTypeDef, string>;
549
+ name: ZodType<string, z.ZodTypeDef, string>;
550
+ description: ZodType<string | null, z.ZodTypeDef, string | null>;
551
+ customData: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
552
+ isMfaRequired: ZodType<boolean, z.ZodTypeDef, boolean>;
553
+ branding: ZodType<{
554
+ logoUrl?: string | undefined;
555
+ darkLogoUrl?: string | undefined;
556
+ favicon?: string | undefined;
557
+ darkFavicon?: string | undefined;
558
+ }, z.ZodTypeDef, {
559
+ logoUrl?: string | undefined;
560
+ darkLogoUrl?: string | undefined;
561
+ favicon?: string | undefined;
562
+ darkFavicon?: string | undefined;
563
+ }>;
564
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
486
565
  }, "name" | "id" | "description">, "strip", z.ZodTypeAny, {
487
566
  name: string;
488
567
  id: string;
@@ -510,6 +589,7 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
510
589
  id?: string | undefined;
511
590
  applicationId?: string | null | undefined;
512
591
  username?: string | null | undefined;
592
+ createdAt?: number | undefined;
513
593
  profile?: Partial<{
514
594
  familyName: string;
515
595
  givenName: string;
@@ -531,9 +611,25 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
531
611
  country: string;
532
612
  }>;
533
613
  }> | undefined;
534
- createdAt?: number | undefined;
535
- updatedAt?: number | undefined;
536
614
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
615
+ updatedAt?: number | undefined;
616
+ organizations?: {
617
+ name: string;
618
+ id: string;
619
+ description: string | null;
620
+ }[] | undefined;
621
+ roles?: {
622
+ name: string;
623
+ id: string;
624
+ description: string;
625
+ scopes: {
626
+ name: string;
627
+ id: string;
628
+ description: string | null;
629
+ resource: import("../../db-entries/resource.js").Resource;
630
+ resourceId: string;
631
+ }[];
632
+ }[] | undefined;
537
633
  primaryEmail?: string | null | undefined;
538
634
  primaryPhone?: string | null | undefined;
539
635
  avatar?: string | null | undefined;
@@ -543,29 +639,13 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
543
639
  }> | undefined;
544
640
  isSuspended?: boolean | undefined;
545
641
  lastSignInAt?: number | null | undefined;
642
+ hasPassword?: boolean | undefined;
546
643
  ssoIdentities?: {
547
644
  issuer: string;
548
645
  identityId: string;
549
646
  detail: import("@withtyped/server/lib/types.js").JsonObject;
550
647
  }[] | undefined;
551
648
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
552
- roles?: {
553
- name: string;
554
- id: string;
555
- description: string;
556
- scopes: {
557
- name: string;
558
- id: string;
559
- description: string | null;
560
- resource: import("../../db-entries/resource.js").Resource;
561
- resourceId: string;
562
- }[];
563
- }[] | undefined;
564
- organizations?: {
565
- name: string;
566
- id: string;
567
- description: string | null;
568
- }[] | undefined;
569
649
  organizationRoles?: {
570
650
  organizationId: string;
571
651
  roleId: string;
@@ -576,6 +656,7 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
576
656
  id?: string | undefined;
577
657
  applicationId?: string | null | undefined;
578
658
  username?: string | null | undefined;
659
+ createdAt?: number | undefined;
579
660
  profile?: Partial<{
580
661
  familyName: string;
581
662
  givenName: string;
@@ -597,9 +678,25 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
597
678
  country: string;
598
679
  }>;
599
680
  }> | undefined;
600
- createdAt?: number | undefined;
601
- updatedAt?: number | undefined;
602
681
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
682
+ updatedAt?: number | undefined;
683
+ organizations?: {
684
+ name: string;
685
+ id: string;
686
+ description: string | null;
687
+ }[] | undefined;
688
+ roles?: {
689
+ name: string;
690
+ id: string;
691
+ description: string;
692
+ scopes: {
693
+ name: string;
694
+ id: string;
695
+ description: string | null;
696
+ resource: import("../../db-entries/resource.js").Resource;
697
+ resourceId: string;
698
+ }[];
699
+ }[] | undefined;
603
700
  primaryEmail?: string | null | undefined;
604
701
  primaryPhone?: string | null | undefined;
605
702
  avatar?: string | null | undefined;
@@ -609,41 +706,36 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
609
706
  }> | undefined;
610
707
  isSuspended?: boolean | undefined;
611
708
  lastSignInAt?: number | null | undefined;
709
+ hasPassword?: boolean | undefined;
612
710
  ssoIdentities?: {
613
711
  issuer: string;
614
712
  identityId: string;
615
713
  detail: import("@withtyped/server/lib/types.js").JsonObject;
616
714
  }[] | undefined;
617
715
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
618
- roles?: {
619
- name: string;
620
- id: string;
621
- description: string;
622
- scopes: {
623
- name: string;
624
- id: string;
625
- description: string | null;
626
- resource: import("../../db-entries/resource.js").Resource;
627
- resourceId: string;
628
- }[];
629
- }[] | undefined;
630
- organizations?: {
631
- name: string;
632
- id: string;
633
- description: string | null;
634
- }[] | undefined;
635
716
  organizationRoles?: {
636
717
  organizationId: string;
637
718
  roleId: string;
638
719
  roleName: string;
639
720
  }[] | undefined;
640
721
  }>;
722
+ grant: z.ZodOptional<z.ZodObject<{
723
+ type: z.ZodOptional<z.ZodLiteral<GrantType.TokenExchange>>;
724
+ subjectTokenContext: z.ZodOptional<z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>>;
725
+ }, "strip", z.ZodTypeAny, {
726
+ type?: GrantType.TokenExchange | undefined;
727
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
728
+ }, {
729
+ type?: GrantType.TokenExchange | undefined;
730
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
731
+ }>>;
641
732
  }, "strip", z.ZodTypeAny, {
642
733
  user: {
643
734
  name?: string | null | undefined;
644
735
  id?: string | undefined;
645
736
  applicationId?: string | null | undefined;
646
737
  username?: string | null | undefined;
738
+ createdAt?: number | undefined;
647
739
  profile?: Partial<{
648
740
  familyName: string;
649
741
  givenName: string;
@@ -665,9 +757,25 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
665
757
  country: string;
666
758
  }>;
667
759
  }> | undefined;
668
- createdAt?: number | undefined;
669
- updatedAt?: number | undefined;
670
760
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
761
+ updatedAt?: number | undefined;
762
+ organizations?: {
763
+ name: string;
764
+ id: string;
765
+ description: string | null;
766
+ }[] | undefined;
767
+ roles?: {
768
+ name: string;
769
+ id: string;
770
+ description: string;
771
+ scopes: {
772
+ name: string;
773
+ id: string;
774
+ description: string | null;
775
+ resource: import("../../db-entries/resource.js").Resource;
776
+ resourceId: string;
777
+ }[];
778
+ }[] | undefined;
671
779
  primaryEmail?: string | null | undefined;
672
780
  primaryPhone?: string | null | undefined;
673
781
  avatar?: string | null | undefined;
@@ -677,41 +785,30 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
677
785
  }> | undefined;
678
786
  isSuspended?: boolean | undefined;
679
787
  lastSignInAt?: number | null | undefined;
788
+ hasPassword?: boolean | undefined;
680
789
  ssoIdentities?: {
681
790
  issuer: string;
682
791
  identityId: string;
683
792
  detail: import("@withtyped/server/lib/types.js").JsonObject;
684
793
  }[] | undefined;
685
794
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
686
- roles?: {
687
- name: string;
688
- id: string;
689
- description: string;
690
- scopes: {
691
- name: string;
692
- id: string;
693
- description: string | null;
694
- resource: import("../../db-entries/resource.js").Resource;
695
- resourceId: string;
696
- }[];
697
- }[] | undefined;
698
- organizations?: {
699
- name: string;
700
- id: string;
701
- description: string | null;
702
- }[] | undefined;
703
795
  organizationRoles?: {
704
796
  organizationId: string;
705
797
  roleId: string;
706
798
  roleName: string;
707
799
  }[] | undefined;
708
800
  };
801
+ grant?: {
802
+ type?: GrantType.TokenExchange | undefined;
803
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
804
+ } | undefined;
709
805
  }, {
710
806
  user: {
711
807
  name?: string | null | undefined;
712
808
  id?: string | undefined;
713
809
  applicationId?: string | null | undefined;
714
810
  username?: string | null | undefined;
811
+ createdAt?: number | undefined;
715
812
  profile?: Partial<{
716
813
  familyName: string;
717
814
  givenName: string;
@@ -733,9 +830,25 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
733
830
  country: string;
734
831
  }>;
735
832
  }> | undefined;
736
- createdAt?: number | undefined;
737
- updatedAt?: number | undefined;
738
833
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
834
+ updatedAt?: number | undefined;
835
+ organizations?: {
836
+ name: string;
837
+ id: string;
838
+ description: string | null;
839
+ }[] | undefined;
840
+ roles?: {
841
+ name: string;
842
+ id: string;
843
+ description: string;
844
+ scopes: {
845
+ name: string;
846
+ id: string;
847
+ description: string | null;
848
+ resource: import("../../db-entries/resource.js").Resource;
849
+ resourceId: string;
850
+ }[];
851
+ }[] | undefined;
739
852
  primaryEmail?: string | null | undefined;
740
853
  primaryPhone?: string | null | undefined;
741
854
  avatar?: string | null | undefined;
@@ -745,58 +858,34 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
745
858
  }> | undefined;
746
859
  isSuspended?: boolean | undefined;
747
860
  lastSignInAt?: number | null | undefined;
861
+ hasPassword?: boolean | undefined;
748
862
  ssoIdentities?: {
749
863
  issuer: string;
750
864
  identityId: string;
751
865
  detail: import("@withtyped/server/lib/types.js").JsonObject;
752
866
  }[] | undefined;
753
867
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
754
- roles?: {
755
- name: string;
756
- id: string;
757
- description: string;
758
- scopes: {
759
- name: string;
760
- id: string;
761
- description: string | null;
762
- resource: import("../../db-entries/resource.js").Resource;
763
- resourceId: string;
764
- }[];
765
- }[] | undefined;
766
- organizations?: {
767
- name: string;
768
- id: string;
769
- description: string | null;
770
- }[] | undefined;
771
868
  organizationRoles?: {
772
869
  organizationId: string;
773
870
  roleId: string;
774
871
  roleName: string;
775
872
  }[] | undefined;
776
873
  };
874
+ grant?: {
875
+ type?: GrantType.TokenExchange | undefined;
876
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
877
+ } | undefined;
777
878
  }>>;
778
- }, "strict", z.ZodTypeAny, {
879
+ }>, "strict", z.ZodTypeAny, {
779
880
  script: string;
780
881
  environmentVariables?: Record<string, string> | undefined;
781
- tokenSample?: {
782
- accountId?: string | undefined;
783
- expiresWithSession?: boolean | undefined;
784
- grantId?: string | undefined;
785
- gty?: string | undefined;
786
- sessionUid?: string | undefined;
787
- sid?: string | undefined;
788
- kind?: "AccessToken" | undefined;
789
- jti?: string | undefined;
790
- aud?: string | string[] | undefined;
791
- scope?: string | undefined;
792
- clientId?: string | undefined;
793
- } | undefined;
794
882
  contextSample?: {
795
883
  user: {
796
884
  name?: string | null | undefined;
797
885
  id?: string | undefined;
798
886
  applicationId?: string | null | undefined;
799
887
  username?: string | null | undefined;
888
+ createdAt?: number | undefined;
800
889
  profile?: Partial<{
801
890
  familyName: string;
802
891
  givenName: string;
@@ -818,24 +907,13 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
818
907
  country: string;
819
908
  }>;
820
909
  }> | undefined;
821
- createdAt?: number | undefined;
822
- updatedAt?: number | undefined;
823
910
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
824
- primaryEmail?: string | null | undefined;
825
- primaryPhone?: string | null | undefined;
826
- avatar?: string | null | undefined;
827
- identities?: Record<string, {
828
- userId: string;
829
- details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
830
- }> | undefined;
831
- isSuspended?: boolean | undefined;
832
- lastSignInAt?: number | null | undefined;
833
- ssoIdentities?: {
834
- issuer: string;
835
- identityId: string;
836
- detail: import("@withtyped/server/lib/types.js").JsonObject;
911
+ updatedAt?: number | undefined;
912
+ organizations?: {
913
+ name: string;
914
+ id: string;
915
+ description: string | null;
837
916
  }[] | undefined;
838
- mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
839
917
  roles?: {
840
918
  name: string;
841
919
  id: string;
@@ -848,40 +926,56 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
848
926
  resourceId: string;
849
927
  }[];
850
928
  }[] | undefined;
851
- organizations?: {
852
- name: string;
853
- id: string;
854
- description: string | null;
929
+ primaryEmail?: string | null | undefined;
930
+ primaryPhone?: string | null | undefined;
931
+ avatar?: string | null | undefined;
932
+ identities?: Record<string, {
933
+ userId: string;
934
+ details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
935
+ }> | undefined;
936
+ isSuspended?: boolean | undefined;
937
+ lastSignInAt?: number | null | undefined;
938
+ hasPassword?: boolean | undefined;
939
+ ssoIdentities?: {
940
+ issuer: string;
941
+ identityId: string;
942
+ detail: import("@withtyped/server/lib/types.js").JsonObject;
855
943
  }[] | undefined;
944
+ mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
856
945
  organizationRoles?: {
857
946
  organizationId: string;
858
947
  roleId: string;
859
948
  roleName: string;
860
949
  }[] | undefined;
861
950
  };
951
+ grant?: {
952
+ type?: GrantType.TokenExchange | undefined;
953
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
954
+ } | undefined;
862
955
  } | undefined;
863
- }, {
864
- script: string;
865
- environmentVariables?: Record<string, string> | undefined;
866
956
  tokenSample?: {
957
+ grantId?: string | undefined;
958
+ scope?: string | undefined;
867
959
  accountId?: string | undefined;
868
960
  expiresWithSession?: boolean | undefined;
869
- grantId?: string | undefined;
870
961
  gty?: string | undefined;
871
962
  sessionUid?: string | undefined;
872
963
  sid?: string | undefined;
873
964
  kind?: "AccessToken" | undefined;
874
965
  jti?: string | undefined;
875
966
  aud?: string | string[] | undefined;
876
- scope?: string | undefined;
877
967
  clientId?: string | undefined;
878
968
  } | undefined;
969
+ }, {
970
+ script: string;
971
+ environmentVariables?: Record<string, string> | undefined;
879
972
  contextSample?: {
880
973
  user: {
881
974
  name?: string | null | undefined;
882
975
  id?: string | undefined;
883
976
  applicationId?: string | null | undefined;
884
977
  username?: string | null | undefined;
978
+ createdAt?: number | undefined;
885
979
  profile?: Partial<{
886
980
  familyName: string;
887
981
  givenName: string;
@@ -903,9 +997,25 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
903
997
  country: string;
904
998
  }>;
905
999
  }> | undefined;
906
- createdAt?: number | undefined;
907
- updatedAt?: number | undefined;
908
1000
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1001
+ updatedAt?: number | undefined;
1002
+ organizations?: {
1003
+ name: string;
1004
+ id: string;
1005
+ description: string | null;
1006
+ }[] | undefined;
1007
+ roles?: {
1008
+ name: string;
1009
+ id: string;
1010
+ description: string;
1011
+ scopes: {
1012
+ name: string;
1013
+ id: string;
1014
+ description: string | null;
1015
+ resource: import("../../db-entries/resource.js").Resource;
1016
+ resourceId: string;
1017
+ }[];
1018
+ }[] | undefined;
909
1019
  primaryEmail?: string | null | undefined;
910
1020
  primaryPhone?: string | null | undefined;
911
1021
  avatar?: string | null | undefined;
@@ -915,42 +1025,44 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
915
1025
  }> | undefined;
916
1026
  isSuspended?: boolean | undefined;
917
1027
  lastSignInAt?: number | null | undefined;
1028
+ hasPassword?: boolean | undefined;
918
1029
  ssoIdentities?: {
919
1030
  issuer: string;
920
1031
  identityId: string;
921
1032
  detail: import("@withtyped/server/lib/types.js").JsonObject;
922
1033
  }[] | undefined;
923
1034
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
924
- roles?: {
925
- name: string;
926
- id: string;
927
- description: string;
928
- scopes: {
929
- name: string;
930
- id: string;
931
- description: string | null;
932
- resource: import("../../db-entries/resource.js").Resource;
933
- resourceId: string;
934
- }[];
935
- }[] | undefined;
936
- organizations?: {
937
- name: string;
938
- id: string;
939
- description: string | null;
940
- }[] | undefined;
941
1035
  organizationRoles?: {
942
1036
  organizationId: string;
943
1037
  roleId: string;
944
1038
  roleName: string;
945
1039
  }[] | undefined;
946
1040
  };
1041
+ grant?: {
1042
+ type?: GrantType.TokenExchange | undefined;
1043
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1044
+ } | undefined;
1045
+ } | undefined;
1046
+ tokenSample?: {
1047
+ grantId?: string | undefined;
1048
+ scope?: string | undefined;
1049
+ accountId?: string | undefined;
1050
+ expiresWithSession?: boolean | undefined;
1051
+ gty?: string | undefined;
1052
+ sessionUid?: string | undefined;
1053
+ sid?: string | undefined;
1054
+ kind?: "AccessToken" | undefined;
1055
+ jti?: string | undefined;
1056
+ aud?: string | string[] | undefined;
1057
+ clientId?: string | undefined;
947
1058
  } | undefined;
948
1059
  }>;
949
1060
  export type AccessTokenJwtCustomizer = z.infer<typeof accessTokenJwtCustomizerGuard>;
950
- export declare const clientCredentialsJwtCustomizerGuard: z.ZodObject<{
1061
+ export declare const clientCredentialsJwtCustomizerGuard: z.ZodObject<z.objectUtil.extendShape<{
951
1062
  script: z.ZodString;
952
1063
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
953
- contextSample: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>>;
1064
+ contextSample: z.ZodOptional<z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>>;
1065
+ }, {
954
1066
  tokenSample: z.ZodOptional<z.ZodObject<{
955
1067
  kind: z.ZodOptional<z.ZodLiteral<"ClientCredentials">>;
956
1068
  jti: z.ZodOptional<z.ZodString>;
@@ -958,27 +1070,27 @@ export declare const clientCredentialsJwtCustomizerGuard: z.ZodObject<{
958
1070
  scope: z.ZodOptional<z.ZodOptional<z.ZodString>>;
959
1071
  clientId: z.ZodOptional<z.ZodOptional<z.ZodString>>;
960
1072
  }, "strict", z.ZodTypeAny, {
1073
+ scope?: string | undefined;
961
1074
  kind?: "ClientCredentials" | undefined;
962
1075
  jti?: string | undefined;
963
1076
  aud?: string | string[] | undefined;
964
- scope?: string | undefined;
965
1077
  clientId?: string | undefined;
966
1078
  }, {
1079
+ scope?: string | undefined;
967
1080
  kind?: "ClientCredentials" | undefined;
968
1081
  jti?: string | undefined;
969
1082
  aud?: string | string[] | undefined;
970
- scope?: string | undefined;
971
1083
  clientId?: string | undefined;
972
1084
  }>>;
973
- }, "strict", z.ZodTypeAny, {
1085
+ }>, "strict", z.ZodTypeAny, {
974
1086
  script: string;
975
1087
  environmentVariables?: Record<string, string> | undefined;
976
1088
  contextSample?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
977
1089
  tokenSample?: {
1090
+ scope?: string | undefined;
978
1091
  kind?: "ClientCredentials" | undefined;
979
1092
  jti?: string | undefined;
980
1093
  aud?: string | string[] | undefined;
981
- scope?: string | undefined;
982
1094
  clientId?: string | undefined;
983
1095
  } | undefined;
984
1096
  }, {
@@ -986,10 +1098,10 @@ export declare const clientCredentialsJwtCustomizerGuard: z.ZodObject<{
986
1098
  environmentVariables?: Record<string, string> | undefined;
987
1099
  contextSample?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
988
1100
  tokenSample?: {
1101
+ scope?: string | undefined;
989
1102
  kind?: "ClientCredentials" | undefined;
990
1103
  jti?: string | undefined;
991
1104
  aud?: string | string[] | undefined;
992
- scope?: string | undefined;
993
1105
  clientId?: string | undefined;
994
1106
  } | undefined;
995
1107
  }>;
@@ -1015,37 +1127,38 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1015
1127
  scope: z.ZodOptional<z.ZodOptional<z.ZodString>>;
1016
1128
  clientId: z.ZodOptional<z.ZodOptional<z.ZodString>>;
1017
1129
  }, "strict", z.ZodTypeAny, {
1130
+ grantId?: string | undefined;
1131
+ scope?: string | undefined;
1018
1132
  accountId?: string | undefined;
1019
1133
  expiresWithSession?: boolean | undefined;
1020
- grantId?: string | undefined;
1021
1134
  gty?: string | undefined;
1022
1135
  sessionUid?: string | undefined;
1023
1136
  sid?: string | undefined;
1024
1137
  kind?: "AccessToken" | undefined;
1025
1138
  jti?: string | undefined;
1026
1139
  aud?: string | string[] | undefined;
1027
- scope?: string | undefined;
1028
1140
  clientId?: string | undefined;
1029
1141
  }, {
1142
+ grantId?: string | undefined;
1143
+ scope?: string | undefined;
1030
1144
  accountId?: string | undefined;
1031
1145
  expiresWithSession?: boolean | undefined;
1032
- grantId?: string | undefined;
1033
1146
  gty?: string | undefined;
1034
1147
  sessionUid?: string | undefined;
1035
1148
  sid?: string | undefined;
1036
1149
  kind?: "AccessToken" | undefined;
1037
1150
  jti?: string | undefined;
1038
1151
  aud?: string | string[] | undefined;
1039
- scope?: string | undefined;
1040
1152
  clientId?: string | undefined;
1041
1153
  }>;
1042
1154
  context: z.ZodObject<{
1043
1155
  user: z.ZodObject<{
1044
- name: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
1045
- id: z.ZodOptional<z.ZodType<string, z.ZodTypeDef, string>>;
1046
- applicationId: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
1047
- username: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
1048
- profile: z.ZodOptional<z.ZodType<Partial<{
1156
+ name: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
1157
+ id: z.ZodOptional<ZodType<string, z.ZodTypeDef, string>>;
1158
+ applicationId: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
1159
+ username: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
1160
+ createdAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
1161
+ profile: z.ZodOptional<ZodType<Partial<{
1049
1162
  familyName: string;
1050
1163
  givenName: string;
1051
1164
  middleName: string;
@@ -1086,30 +1199,30 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1086
1199
  country: string;
1087
1200
  }>;
1088
1201
  }>>>;
1089
- createdAt: z.ZodOptional<z.ZodType<number, z.ZodTypeDef, number>>;
1090
- updatedAt: z.ZodOptional<z.ZodType<number, z.ZodTypeDef, number>>;
1091
- customData: z.ZodOptional<z.ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>>;
1092
- primaryEmail: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
1093
- primaryPhone: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
1094
- avatar: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
1095
- identities: z.ZodOptional<z.ZodType<Record<string, {
1202
+ customData: z.ZodOptional<ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>>;
1203
+ updatedAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
1204
+ primaryEmail: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
1205
+ primaryPhone: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
1206
+ avatar: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
1207
+ identities: z.ZodOptional<ZodType<Record<string, {
1096
1208
  userId: string;
1097
1209
  details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1098
1210
  }>, z.ZodTypeDef, Record<string, {
1099
1211
  userId: string;
1100
1212
  details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1101
1213
  }>>>;
1102
- isSuspended: z.ZodOptional<z.ZodType<boolean, z.ZodTypeDef, boolean>>;
1103
- lastSignInAt: z.ZodOptional<z.ZodType<number | null, z.ZodTypeDef, number | null>>;
1214
+ isSuspended: z.ZodOptional<ZodType<boolean, z.ZodTypeDef, boolean>>;
1215
+ lastSignInAt: z.ZodOptional<ZodType<number | null, z.ZodTypeDef, number | null>>;
1216
+ hasPassword: z.ZodOptional<z.ZodBoolean>;
1104
1217
  ssoIdentities: z.ZodOptional<z.ZodArray<z.ZodObject<Pick<{
1105
- tenantId: z.ZodType<string, z.ZodTypeDef, string>;
1106
- id: z.ZodType<string, z.ZodTypeDef, string>;
1107
- userId: z.ZodType<string, z.ZodTypeDef, string>;
1108
- issuer: z.ZodType<string, z.ZodTypeDef, string>;
1109
- identityId: z.ZodType<string, z.ZodTypeDef, string>;
1110
- detail: z.ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
1111
- createdAt: z.ZodType<number, z.ZodTypeDef, number>;
1112
- ssoConnectorId: z.ZodType<string, z.ZodTypeDef, string>;
1218
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
1219
+ id: ZodType<string, z.ZodTypeDef, string>;
1220
+ userId: ZodType<string, z.ZodTypeDef, string>;
1221
+ issuer: ZodType<string, z.ZodTypeDef, string>;
1222
+ identityId: ZodType<string, z.ZodTypeDef, string>;
1223
+ detail: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
1224
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
1225
+ ssoConnectorId: ZodType<string, z.ZodTypeDef, string>;
1113
1226
  }, "issuer" | "identityId" | "detail">, "strip", z.ZodTypeAny, {
1114
1227
  issuer: string;
1115
1228
  identityId: string;
@@ -1120,19 +1233,24 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1120
1233
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1121
1234
  }>, "many">>;
1122
1235
  mfaVerificationFactors: z.ZodOptional<z.ZodArray<z.ZodNativeEnum<typeof import("../../foundations/index.js").MfaFactor>, "many">>;
1123
- roles: z.ZodOptional<z.ZodArray<z.ZodObject<{
1124
- name: z.ZodType<string, z.ZodTypeDef, string>;
1125
- id: z.ZodType<string, z.ZodTypeDef, string>;
1126
- description: z.ZodType<string, z.ZodTypeDef, string>;
1127
- scopes: z.ZodArray<z.ZodObject<Pick<{
1128
- name: z.ZodType<string, z.ZodTypeDef, string>;
1129
- id: z.ZodType<string, z.ZodTypeDef, string>;
1130
- tenantId: z.ZodType<string, z.ZodTypeDef, string>;
1131
- createdAt: z.ZodType<number, z.ZodTypeDef, number>;
1132
- description: z.ZodType<string | null, z.ZodTypeDef, string | null>;
1133
- resourceId: z.ZodType<string, z.ZodTypeDef, string>;
1236
+ roles: z.ZodOptional<z.ZodArray<z.ZodObject<z.objectUtil.extendShape<Pick<{
1237
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
1238
+ id: ZodType<string, z.ZodTypeDef, string>;
1239
+ name: ZodType<string, z.ZodTypeDef, string>;
1240
+ description: ZodType<string, z.ZodTypeDef, string>;
1241
+ type: ZodType<import("../../db-entries/custom-types.js").RoleType, z.ZodTypeDef, import("../../db-entries/custom-types.js").RoleType>;
1242
+ isDefault: ZodType<boolean, z.ZodTypeDef, boolean>;
1243
+ }, "name" | "id" | "description">, {
1244
+ scopes: z.ZodArray<z.ZodObject<Pick<z.objectUtil.extendShape<{
1245
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
1246
+ id: ZodType<string, z.ZodTypeDef, string>;
1247
+ resourceId: ZodType<string, z.ZodTypeDef, string>;
1248
+ name: ZodType<string, z.ZodTypeDef, string>;
1249
+ description: ZodType<string | null, z.ZodTypeDef, string | null>;
1250
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
1251
+ }, {
1134
1252
  resource: import("../../foundations/schemas.js").Guard<import("../../db-entries/resource.js").Resource>;
1135
- }, "name" | "id" | "description" | "resource" | "resourceId">, "strip", z.ZodTypeAny, {
1253
+ }>, "name" | "id" | "description" | "resource" | "resourceId">, "strip", z.ZodTypeAny, {
1136
1254
  name: string;
1137
1255
  id: string;
1138
1256
  description: string | null;
@@ -1145,7 +1263,7 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1145
1263
  resource: import("../../db-entries/resource.js").Resource;
1146
1264
  resourceId: string;
1147
1265
  }>, "many">;
1148
- }, "strip", z.ZodTypeAny, {
1266
+ }>, "strip", z.ZodTypeAny, {
1149
1267
  name: string;
1150
1268
  id: string;
1151
1269
  description: string;
@@ -1169,12 +1287,24 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1169
1287
  }[];
1170
1288
  }>, "many">>;
1171
1289
  organizations: z.ZodOptional<z.ZodArray<z.ZodObject<Pick<{
1172
- tenantId: z.ZodType<string, z.ZodTypeDef, string>;
1173
- id: z.ZodType<string, z.ZodTypeDef, string>;
1174
- name: z.ZodType<string, z.ZodTypeDef, string>;
1175
- description: z.ZodType<string | null, z.ZodTypeDef, string | null>;
1176
- customData: z.ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
1177
- createdAt: z.ZodType<number, z.ZodTypeDef, number>;
1290
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
1291
+ id: ZodType<string, z.ZodTypeDef, string>;
1292
+ name: ZodType<string, z.ZodTypeDef, string>;
1293
+ description: ZodType<string | null, z.ZodTypeDef, string | null>;
1294
+ customData: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
1295
+ isMfaRequired: ZodType<boolean, z.ZodTypeDef, boolean>;
1296
+ branding: ZodType<{
1297
+ logoUrl?: string | undefined;
1298
+ darkLogoUrl?: string | undefined;
1299
+ favicon?: string | undefined;
1300
+ darkFavicon?: string | undefined;
1301
+ }, z.ZodTypeDef, {
1302
+ logoUrl?: string | undefined;
1303
+ darkLogoUrl?: string | undefined;
1304
+ favicon?: string | undefined;
1305
+ darkFavicon?: string | undefined;
1306
+ }>;
1307
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
1178
1308
  }, "name" | "id" | "description">, "strip", z.ZodTypeAny, {
1179
1309
  name: string;
1180
1310
  id: string;
@@ -1202,6 +1332,7 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1202
1332
  id?: string | undefined;
1203
1333
  applicationId?: string | null | undefined;
1204
1334
  username?: string | null | undefined;
1335
+ createdAt?: number | undefined;
1205
1336
  profile?: Partial<{
1206
1337
  familyName: string;
1207
1338
  givenName: string;
@@ -1223,9 +1354,25 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1223
1354
  country: string;
1224
1355
  }>;
1225
1356
  }> | undefined;
1226
- createdAt?: number | undefined;
1227
- updatedAt?: number | undefined;
1228
1357
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1358
+ updatedAt?: number | undefined;
1359
+ organizations?: {
1360
+ name: string;
1361
+ id: string;
1362
+ description: string | null;
1363
+ }[] | undefined;
1364
+ roles?: {
1365
+ name: string;
1366
+ id: string;
1367
+ description: string;
1368
+ scopes: {
1369
+ name: string;
1370
+ id: string;
1371
+ description: string | null;
1372
+ resource: import("../../db-entries/resource.js").Resource;
1373
+ resourceId: string;
1374
+ }[];
1375
+ }[] | undefined;
1229
1376
  primaryEmail?: string | null | undefined;
1230
1377
  primaryPhone?: string | null | undefined;
1231
1378
  avatar?: string | null | undefined;
@@ -1235,29 +1382,13 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1235
1382
  }> | undefined;
1236
1383
  isSuspended?: boolean | undefined;
1237
1384
  lastSignInAt?: number | null | undefined;
1385
+ hasPassword?: boolean | undefined;
1238
1386
  ssoIdentities?: {
1239
1387
  issuer: string;
1240
1388
  identityId: string;
1241
1389
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1242
1390
  }[] | undefined;
1243
1391
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
1244
- roles?: {
1245
- name: string;
1246
- id: string;
1247
- description: string;
1248
- scopes: {
1249
- name: string;
1250
- id: string;
1251
- description: string | null;
1252
- resource: import("../../db-entries/resource.js").Resource;
1253
- resourceId: string;
1254
- }[];
1255
- }[] | undefined;
1256
- organizations?: {
1257
- name: string;
1258
- id: string;
1259
- description: string | null;
1260
- }[] | undefined;
1261
1392
  organizationRoles?: {
1262
1393
  organizationId: string;
1263
1394
  roleId: string;
@@ -1268,6 +1399,7 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1268
1399
  id?: string | undefined;
1269
1400
  applicationId?: string | null | undefined;
1270
1401
  username?: string | null | undefined;
1402
+ createdAt?: number | undefined;
1271
1403
  profile?: Partial<{
1272
1404
  familyName: string;
1273
1405
  givenName: string;
@@ -1289,9 +1421,25 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1289
1421
  country: string;
1290
1422
  }>;
1291
1423
  }> | undefined;
1292
- createdAt?: number | undefined;
1293
- updatedAt?: number | undefined;
1294
1424
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1425
+ updatedAt?: number | undefined;
1426
+ organizations?: {
1427
+ name: string;
1428
+ id: string;
1429
+ description: string | null;
1430
+ }[] | undefined;
1431
+ roles?: {
1432
+ name: string;
1433
+ id: string;
1434
+ description: string;
1435
+ scopes: {
1436
+ name: string;
1437
+ id: string;
1438
+ description: string | null;
1439
+ resource: import("../../db-entries/resource.js").Resource;
1440
+ resourceId: string;
1441
+ }[];
1442
+ }[] | undefined;
1295
1443
  primaryEmail?: string | null | undefined;
1296
1444
  primaryPhone?: string | null | undefined;
1297
1445
  avatar?: string | null | undefined;
@@ -1301,41 +1449,36 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1301
1449
  }> | undefined;
1302
1450
  isSuspended?: boolean | undefined;
1303
1451
  lastSignInAt?: number | null | undefined;
1452
+ hasPassword?: boolean | undefined;
1304
1453
  ssoIdentities?: {
1305
1454
  issuer: string;
1306
1455
  identityId: string;
1307
1456
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1308
1457
  }[] | undefined;
1309
1458
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
1310
- roles?: {
1311
- name: string;
1312
- id: string;
1313
- description: string;
1314
- scopes: {
1315
- name: string;
1316
- id: string;
1317
- description: string | null;
1318
- resource: import("../../db-entries/resource.js").Resource;
1319
- resourceId: string;
1320
- }[];
1321
- }[] | undefined;
1322
- organizations?: {
1323
- name: string;
1324
- id: string;
1325
- description: string | null;
1326
- }[] | undefined;
1327
1459
  organizationRoles?: {
1328
1460
  organizationId: string;
1329
1461
  roleId: string;
1330
1462
  roleName: string;
1331
1463
  }[] | undefined;
1332
1464
  }>;
1465
+ grant: z.ZodOptional<z.ZodObject<{
1466
+ type: z.ZodOptional<z.ZodLiteral<GrantType.TokenExchange>>;
1467
+ subjectTokenContext: z.ZodOptional<z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>>;
1468
+ }, "strip", z.ZodTypeAny, {
1469
+ type?: GrantType.TokenExchange | undefined;
1470
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1471
+ }, {
1472
+ type?: GrantType.TokenExchange | undefined;
1473
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1474
+ }>>;
1333
1475
  }, "strip", z.ZodTypeAny, {
1334
1476
  user: {
1335
1477
  name?: string | null | undefined;
1336
1478
  id?: string | undefined;
1337
1479
  applicationId?: string | null | undefined;
1338
1480
  username?: string | null | undefined;
1481
+ createdAt?: number | undefined;
1339
1482
  profile?: Partial<{
1340
1483
  familyName: string;
1341
1484
  givenName: string;
@@ -1357,9 +1500,25 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1357
1500
  country: string;
1358
1501
  }>;
1359
1502
  }> | undefined;
1360
- createdAt?: number | undefined;
1361
- updatedAt?: number | undefined;
1362
1503
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1504
+ updatedAt?: number | undefined;
1505
+ organizations?: {
1506
+ name: string;
1507
+ id: string;
1508
+ description: string | null;
1509
+ }[] | undefined;
1510
+ roles?: {
1511
+ name: string;
1512
+ id: string;
1513
+ description: string;
1514
+ scopes: {
1515
+ name: string;
1516
+ id: string;
1517
+ description: string | null;
1518
+ resource: import("../../db-entries/resource.js").Resource;
1519
+ resourceId: string;
1520
+ }[];
1521
+ }[] | undefined;
1363
1522
  primaryEmail?: string | null | undefined;
1364
1523
  primaryPhone?: string | null | undefined;
1365
1524
  avatar?: string | null | undefined;
@@ -1369,41 +1528,30 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1369
1528
  }> | undefined;
1370
1529
  isSuspended?: boolean | undefined;
1371
1530
  lastSignInAt?: number | null | undefined;
1531
+ hasPassword?: boolean | undefined;
1372
1532
  ssoIdentities?: {
1373
1533
  issuer: string;
1374
1534
  identityId: string;
1375
1535
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1376
1536
  }[] | undefined;
1377
1537
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
1378
- roles?: {
1379
- name: string;
1380
- id: string;
1381
- description: string;
1382
- scopes: {
1383
- name: string;
1384
- id: string;
1385
- description: string | null;
1386
- resource: import("../../db-entries/resource.js").Resource;
1387
- resourceId: string;
1388
- }[];
1389
- }[] | undefined;
1390
- organizations?: {
1391
- name: string;
1392
- id: string;
1393
- description: string | null;
1394
- }[] | undefined;
1395
1538
  organizationRoles?: {
1396
1539
  organizationId: string;
1397
1540
  roleId: string;
1398
1541
  roleName: string;
1399
1542
  }[] | undefined;
1400
1543
  };
1544
+ grant?: {
1545
+ type?: GrantType.TokenExchange | undefined;
1546
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1547
+ } | undefined;
1401
1548
  }, {
1402
1549
  user: {
1403
1550
  name?: string | null | undefined;
1404
1551
  id?: string | undefined;
1405
1552
  applicationId?: string | null | undefined;
1406
1553
  username?: string | null | undefined;
1554
+ createdAt?: number | undefined;
1407
1555
  profile?: Partial<{
1408
1556
  familyName: string;
1409
1557
  givenName: string;
@@ -1425,9 +1573,25 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1425
1573
  country: string;
1426
1574
  }>;
1427
1575
  }> | undefined;
1428
- createdAt?: number | undefined;
1429
- updatedAt?: number | undefined;
1430
1576
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1577
+ updatedAt?: number | undefined;
1578
+ organizations?: {
1579
+ name: string;
1580
+ id: string;
1581
+ description: string | null;
1582
+ }[] | undefined;
1583
+ roles?: {
1584
+ name: string;
1585
+ id: string;
1586
+ description: string;
1587
+ scopes: {
1588
+ name: string;
1589
+ id: string;
1590
+ description: string | null;
1591
+ resource: import("../../db-entries/resource.js").Resource;
1592
+ resourceId: string;
1593
+ }[];
1594
+ }[] | undefined;
1431
1595
  primaryEmail?: string | null | undefined;
1432
1596
  primaryPhone?: string | null | undefined;
1433
1597
  avatar?: string | null | undefined;
@@ -1437,61 +1601,35 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1437
1601
  }> | undefined;
1438
1602
  isSuspended?: boolean | undefined;
1439
1603
  lastSignInAt?: number | null | undefined;
1604
+ hasPassword?: boolean | undefined;
1440
1605
  ssoIdentities?: {
1441
1606
  issuer: string;
1442
1607
  identityId: string;
1443
1608
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1444
1609
  }[] | undefined;
1445
1610
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
1446
- roles?: {
1447
- name: string;
1448
- id: string;
1449
- description: string;
1450
- scopes: {
1451
- name: string;
1452
- id: string;
1453
- description: string | null;
1454
- resource: import("../../db-entries/resource.js").Resource;
1455
- resourceId: string;
1456
- }[];
1457
- }[] | undefined;
1458
- organizations?: {
1459
- name: string;
1460
- id: string;
1461
- description: string | null;
1462
- }[] | undefined;
1463
1611
  organizationRoles?: {
1464
1612
  organizationId: string;
1465
1613
  roleId: string;
1466
1614
  roleName: string;
1467
1615
  }[] | undefined;
1468
1616
  };
1617
+ grant?: {
1618
+ type?: GrantType.TokenExchange | undefined;
1619
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1620
+ } | undefined;
1469
1621
  }>;
1470
1622
  script: z.ZodString;
1471
1623
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
1472
1624
  tokenType: z.ZodLiteral<LogtoJwtTokenKeyType.AccessToken>;
1473
1625
  }, "strip", z.ZodTypeAny, {
1474
- script: string;
1475
- tokenType: LogtoJwtTokenKeyType.AccessToken;
1476
- token: {
1477
- accountId?: string | undefined;
1478
- expiresWithSession?: boolean | undefined;
1479
- grantId?: string | undefined;
1480
- gty?: string | undefined;
1481
- sessionUid?: string | undefined;
1482
- sid?: string | undefined;
1483
- kind?: "AccessToken" | undefined;
1484
- jti?: string | undefined;
1485
- aud?: string | string[] | undefined;
1486
- scope?: string | undefined;
1487
- clientId?: string | undefined;
1488
- };
1489
1626
  context: {
1490
1627
  user: {
1491
1628
  name?: string | null | undefined;
1492
1629
  id?: string | undefined;
1493
1630
  applicationId?: string | null | undefined;
1494
1631
  username?: string | null | undefined;
1632
+ createdAt?: number | undefined;
1495
1633
  profile?: Partial<{
1496
1634
  familyName: string;
1497
1635
  givenName: string;
@@ -1513,9 +1651,25 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1513
1651
  country: string;
1514
1652
  }>;
1515
1653
  }> | undefined;
1516
- createdAt?: number | undefined;
1517
- updatedAt?: number | undefined;
1518
1654
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1655
+ updatedAt?: number | undefined;
1656
+ organizations?: {
1657
+ name: string;
1658
+ id: string;
1659
+ description: string | null;
1660
+ }[] | undefined;
1661
+ roles?: {
1662
+ name: string;
1663
+ id: string;
1664
+ description: string;
1665
+ scopes: {
1666
+ name: string;
1667
+ id: string;
1668
+ description: string | null;
1669
+ resource: import("../../db-entries/resource.js").Resource;
1670
+ resourceId: string;
1671
+ }[];
1672
+ }[] | undefined;
1519
1673
  primaryEmail?: string | null | undefined;
1520
1674
  primaryPhone?: string | null | undefined;
1521
1675
  avatar?: string | null | undefined;
@@ -1525,59 +1679,48 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1525
1679
  }> | undefined;
1526
1680
  isSuspended?: boolean | undefined;
1527
1681
  lastSignInAt?: number | null | undefined;
1682
+ hasPassword?: boolean | undefined;
1528
1683
  ssoIdentities?: {
1529
1684
  issuer: string;
1530
1685
  identityId: string;
1531
1686
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1532
1687
  }[] | undefined;
1533
1688
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
1534
- roles?: {
1535
- name: string;
1536
- id: string;
1537
- description: string;
1538
- scopes: {
1539
- name: string;
1540
- id: string;
1541
- description: string | null;
1542
- resource: import("../../db-entries/resource.js").Resource;
1543
- resourceId: string;
1544
- }[];
1545
- }[] | undefined;
1546
- organizations?: {
1547
- name: string;
1548
- id: string;
1549
- description: string | null;
1550
- }[] | undefined;
1551
1689
  organizationRoles?: {
1552
1690
  organizationId: string;
1553
1691
  roleId: string;
1554
1692
  roleName: string;
1555
1693
  }[] | undefined;
1556
1694
  };
1695
+ grant?: {
1696
+ type?: GrantType.TokenExchange | undefined;
1697
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1698
+ } | undefined;
1557
1699
  };
1558
- environmentVariables?: Record<string, string> | undefined;
1559
- }, {
1560
1700
  script: string;
1561
1701
  tokenType: LogtoJwtTokenKeyType.AccessToken;
1562
1702
  token: {
1703
+ grantId?: string | undefined;
1704
+ scope?: string | undefined;
1563
1705
  accountId?: string | undefined;
1564
1706
  expiresWithSession?: boolean | undefined;
1565
- grantId?: string | undefined;
1566
1707
  gty?: string | undefined;
1567
1708
  sessionUid?: string | undefined;
1568
1709
  sid?: string | undefined;
1569
1710
  kind?: "AccessToken" | undefined;
1570
1711
  jti?: string | undefined;
1571
1712
  aud?: string | string[] | undefined;
1572
- scope?: string | undefined;
1573
1713
  clientId?: string | undefined;
1574
1714
  };
1715
+ environmentVariables?: Record<string, string> | undefined;
1716
+ }, {
1575
1717
  context: {
1576
1718
  user: {
1577
1719
  name?: string | null | undefined;
1578
1720
  id?: string | undefined;
1579
1721
  applicationId?: string | null | undefined;
1580
1722
  username?: string | null | undefined;
1723
+ createdAt?: number | undefined;
1581
1724
  profile?: Partial<{
1582
1725
  familyName: string;
1583
1726
  givenName: string;
@@ -1599,9 +1742,25 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1599
1742
  country: string;
1600
1743
  }>;
1601
1744
  }> | undefined;
1602
- createdAt?: number | undefined;
1603
- updatedAt?: number | undefined;
1604
1745
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1746
+ updatedAt?: number | undefined;
1747
+ organizations?: {
1748
+ name: string;
1749
+ id: string;
1750
+ description: string | null;
1751
+ }[] | undefined;
1752
+ roles?: {
1753
+ name: string;
1754
+ id: string;
1755
+ description: string;
1756
+ scopes: {
1757
+ name: string;
1758
+ id: string;
1759
+ description: string | null;
1760
+ resource: import("../../db-entries/resource.js").Resource;
1761
+ resourceId: string;
1762
+ }[];
1763
+ }[] | undefined;
1605
1764
  primaryEmail?: string | null | undefined;
1606
1765
  primaryPhone?: string | null | undefined;
1607
1766
  avatar?: string | null | undefined;
@@ -1611,35 +1770,38 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1611
1770
  }> | undefined;
1612
1771
  isSuspended?: boolean | undefined;
1613
1772
  lastSignInAt?: number | null | undefined;
1773
+ hasPassword?: boolean | undefined;
1614
1774
  ssoIdentities?: {
1615
1775
  issuer: string;
1616
1776
  identityId: string;
1617
1777
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1618
1778
  }[] | undefined;
1619
1779
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
1620
- roles?: {
1621
- name: string;
1622
- id: string;
1623
- description: string;
1624
- scopes: {
1625
- name: string;
1626
- id: string;
1627
- description: string | null;
1628
- resource: import("../../db-entries/resource.js").Resource;
1629
- resourceId: string;
1630
- }[];
1631
- }[] | undefined;
1632
- organizations?: {
1633
- name: string;
1634
- id: string;
1635
- description: string | null;
1636
- }[] | undefined;
1637
1780
  organizationRoles?: {
1638
1781
  organizationId: string;
1639
1782
  roleId: string;
1640
1783
  roleName: string;
1641
1784
  }[] | undefined;
1642
1785
  };
1786
+ grant?: {
1787
+ type?: GrantType.TokenExchange | undefined;
1788
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1789
+ } | undefined;
1790
+ };
1791
+ script: string;
1792
+ tokenType: LogtoJwtTokenKeyType.AccessToken;
1793
+ token: {
1794
+ grantId?: string | undefined;
1795
+ scope?: string | undefined;
1796
+ accountId?: string | undefined;
1797
+ expiresWithSession?: boolean | undefined;
1798
+ gty?: string | undefined;
1799
+ sessionUid?: string | undefined;
1800
+ sid?: string | undefined;
1801
+ kind?: "AccessToken" | undefined;
1802
+ jti?: string | undefined;
1803
+ aud?: string | string[] | undefined;
1804
+ clientId?: string | undefined;
1643
1805
  };
1644
1806
  environmentVariables?: Record<string, string> | undefined;
1645
1807
  }>, z.ZodObject<{
@@ -1650,16 +1812,16 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1650
1812
  scope: z.ZodOptional<z.ZodOptional<z.ZodString>>;
1651
1813
  clientId: z.ZodOptional<z.ZodOptional<z.ZodString>>;
1652
1814
  }, "strict", z.ZodTypeAny, {
1815
+ scope?: string | undefined;
1653
1816
  kind?: "ClientCredentials" | undefined;
1654
1817
  jti?: string | undefined;
1655
1818
  aud?: string | string[] | undefined;
1656
- scope?: string | undefined;
1657
1819
  clientId?: string | undefined;
1658
1820
  }, {
1821
+ scope?: string | undefined;
1659
1822
  kind?: "ClientCredentials" | undefined;
1660
1823
  jti?: string | undefined;
1661
1824
  aud?: string | string[] | undefined;
1662
- scope?: string | undefined;
1663
1825
  clientId?: string | undefined;
1664
1826
  }>;
1665
1827
  script: z.ZodString;
@@ -1669,10 +1831,10 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1669
1831
  script: string;
1670
1832
  tokenType: LogtoJwtTokenKeyType.ClientCredentials;
1671
1833
  token: {
1834
+ scope?: string | undefined;
1672
1835
  kind?: "ClientCredentials" | undefined;
1673
1836
  jti?: string | undefined;
1674
1837
  aud?: string | string[] | undefined;
1675
- scope?: string | undefined;
1676
1838
  clientId?: string | undefined;
1677
1839
  };
1678
1840
  environmentVariables?: Record<string, string> | undefined;
@@ -1680,39 +1842,43 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1680
1842
  script: string;
1681
1843
  tokenType: LogtoJwtTokenKeyType.ClientCredentials;
1682
1844
  token: {
1845
+ scope?: string | undefined;
1683
1846
  kind?: "ClientCredentials" | undefined;
1684
1847
  jti?: string | undefined;
1685
1848
  aud?: string | string[] | undefined;
1686
- scope?: string | undefined;
1687
1849
  clientId?: string | undefined;
1688
1850
  };
1689
1851
  environmentVariables?: Record<string, string> | undefined;
1690
1852
  }>]>;
1691
1853
  export type JwtCustomizerTestRequestBody = z.infer<typeof jwtCustomizerTestRequestBodyGuard>;
1692
- export declare const customJwtFetcherGuard: z.ZodDiscriminatedUnion<"tokenType", [z.ZodObject<{
1854
+ export declare const customJwtFetcherGuard: z.ZodDiscriminatedUnion<"tokenType", [z.ZodObject<z.objectUtil.extendShape<z.objectUtil.extendShape<{
1693
1855
  script: z.ZodString;
1694
1856
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
1695
- token: z.ZodRecord<z.ZodString, z.ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>;
1857
+ }, {
1858
+ token: z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>;
1859
+ }>, {
1696
1860
  tokenType: z.ZodLiteral<LogtoJwtTokenKeyType.AccessToken>;
1697
- context: z.ZodRecord<z.ZodString, z.ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>;
1698
- }, "strip", z.ZodTypeAny, {
1861
+ context: z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>;
1862
+ }>, "strip", z.ZodTypeAny, {
1863
+ context: Record<string, import("@withtyped/server/lib/types.js").Json>;
1699
1864
  script: string;
1700
1865
  tokenType: LogtoJwtTokenKeyType.AccessToken;
1701
1866
  token: Record<string, import("@withtyped/server/lib/types.js").Json>;
1702
- context: Record<string, import("@withtyped/server/lib/types.js").Json>;
1703
1867
  environmentVariables?: Record<string, string> | undefined;
1704
1868
  }, {
1869
+ context: Record<string, import("@withtyped/server/lib/types.js").Json>;
1705
1870
  script: string;
1706
1871
  tokenType: LogtoJwtTokenKeyType.AccessToken;
1707
1872
  token: Record<string, import("@withtyped/server/lib/types.js").Json>;
1708
- context: Record<string, import("@withtyped/server/lib/types.js").Json>;
1709
1873
  environmentVariables?: Record<string, string> | undefined;
1710
- }>, z.ZodObject<{
1874
+ }>, z.ZodObject<z.objectUtil.extendShape<z.objectUtil.extendShape<{
1711
1875
  script: z.ZodString;
1712
1876
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
1713
- token: z.ZodRecord<z.ZodString, z.ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>;
1877
+ }, {
1878
+ token: z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>;
1879
+ }>, {
1714
1880
  tokenType: z.ZodLiteral<LogtoJwtTokenKeyType.ClientCredentials>;
1715
- }, "strip", z.ZodTypeAny, {
1881
+ }>, "strip", z.ZodTypeAny, {
1716
1882
  script: string;
1717
1883
  tokenType: LogtoJwtTokenKeyType.ClientCredentials;
1718
1884
  token: Record<string, import("@withtyped/server/lib/types.js").Json>;