@logto/schemas 1.17.0 → 1.19.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/alterations/1.18.0-1717567857-social-sign-in-linking.ts +18 -0
- package/alterations/1.18.0-1717597875-add-organization-email-domains-table.ts +31 -0
- package/alterations/1.18.0-1717818597-organization-mfa-requirement.ts +18 -0
- package/alterations/1.18.0-1718340884-rename-org-email-domains-and-add-jit-roles-table.ts +56 -0
- package/alterations/1.18.0-1718594164-add-agree-to-terms-policy.ts +40 -0
- package/alterations/1.18.0-1718785576-organization-application-relations.ts +37 -0
- package/alterations/1.18.0-1718786576-organization-jit-sso-connectors.ts +31 -0
- package/alterations/1.18.0-1718807616-organization-role-application-relations.ts +34 -0
- package/alterations/1.18.0-1718865814-add-subject-tokens.ts +36 -0
- package/alterations/1.18.0-1719014832-organization-role-types.ts +35 -0
- package/alterations/1.18.0-1719221205-fix-functions.ts +25 -0
- package/alterations/1.18.0-1719312694-custom-ui-assets.ts +18 -0
- package/alterations/1.19.0-1720253939-add-organization-branding.ts +18 -0
- package/alterations/1.19.0-1720345784-add-color-to-app-sie.ts +18 -0
- package/alterations/1.19.0-1720505152-update-custom-ui-assets.ts +20 -0
- package/alterations/1.19.0-1721483240-multiple-app-secrets.ts +77 -0
- package/alterations/1.19.0-1721645392-add-application-custom-data-column.ts +18 -0
- package/alterations/1.19.0-1722926389-argon2d-argon2id.ts +35 -0
- package/alterations-js/1.18.0-1717567857-social-sign-in-linking.js +14 -0
- package/alterations-js/1.18.0-1717597875-add-organization-email-domains-table.js +26 -0
- package/alterations-js/1.18.0-1717818597-organization-mfa-requirement.js +14 -0
- package/alterations-js/1.18.0-1718340884-rename-org-email-domains-and-add-jit-roles-table.js +51 -0
- package/alterations-js/1.18.0-1718594164-add-agree-to-terms-policy.js +34 -0
- package/alterations-js/1.18.0-1718785576-organization-application-relations.js +32 -0
- package/alterations-js/1.18.0-1718786576-organization-jit-sso-connectors.js +26 -0
- package/alterations-js/1.18.0-1718807616-organization-role-application-relations.js +29 -0
- package/alterations-js/1.18.0-1718865814-add-subject-tokens.js +31 -0
- package/alterations-js/1.18.0-1719014832-organization-role-types.js +31 -0
- package/alterations-js/1.18.0-1719221205-fix-functions.js +20 -0
- package/alterations-js/1.18.0-1719312694-custom-ui-assets.js +14 -0
- package/alterations-js/1.19.0-1720253939-add-organization-branding.js +14 -0
- package/alterations-js/1.19.0-1720345784-add-color-to-app-sie.js +14 -0
- package/alterations-js/1.19.0-1720505152-update-custom-ui-assets.js +16 -0
- package/alterations-js/1.19.0-1721483240-multiple-app-secrets.js +72 -0
- package/alterations-js/1.19.0-1721645392-add-application-custom-data-column.js +14 -0
- package/alterations-js/1.19.0-1722926389-argon2d-argon2id.js +30 -0
- package/lib/consts/oidc.d.ts +15 -2
- package/lib/consts/oidc.js +6 -0
- package/lib/consts/subscriptions.d.ts +9 -6
- package/lib/consts/subscriptions.js +8 -5
- package/lib/consts/system.d.ts +2 -0
- package/lib/consts/system.js +2 -0
- package/lib/db-entries/application-secret.d.ts +28 -0
- package/lib/db-entries/application-secret.js +41 -0
- package/lib/db-entries/application-sign-in-experience.d.ts +4 -2
- package/lib/db-entries/application-sign-in-experience.js +5 -1
- package/lib/db-entries/application.d.ts +6 -2
- package/lib/db-entries/application.js +5 -1
- package/lib/db-entries/custom-types.d.ts +7 -0
- package/lib/db-entries/custom-types.js +8 -0
- package/lib/db-entries/index.d.ts +7 -0
- package/lib/db-entries/index.js +7 -0
- package/lib/db-entries/organization-application-relation.d.ts +20 -0
- package/lib/db-entries/organization-application-relation.js +29 -0
- package/lib/db-entries/organization-jit-email-domain.d.ts +24 -0
- package/lib/db-entries/organization-jit-email-domain.js +29 -0
- package/lib/db-entries/organization-jit-role.d.ts +24 -0
- package/lib/db-entries/organization-jit-role.js +29 -0
- package/lib/db-entries/organization-jit-sso-connector.d.ts +22 -0
- package/lib/db-entries/organization-jit-sso-connector.js +29 -0
- package/lib/db-entries/organization-role-application-relation.d.ts +22 -0
- package/lib/db-entries/organization-role-application-relation.js +33 -0
- package/lib/db-entries/organization-role.d.ts +6 -1
- package/lib/db-entries/organization-role.js +5 -0
- package/lib/db-entries/organization.d.ts +10 -2
- package/lib/db-entries/organization.js +9 -1
- package/lib/db-entries/sign-in-experience.d.ts +11 -3
- package/lib/db-entries/sign-in-experience.js +14 -2
- package/lib/db-entries/subject-token.d.ts +28 -0
- package/lib/db-entries/subject-token.js +50 -0
- package/lib/foundations/jsonb-types/hooks.d.ts +0 -4
- package/lib/foundations/jsonb-types/hooks.js +1 -4
- package/lib/foundations/jsonb-types/oidc-module.d.ts +33 -1
- package/lib/foundations/jsonb-types/oidc-module.js +2 -0
- package/lib/foundations/jsonb-types/sign-in-experience.d.ts +47 -0
- package/lib/foundations/jsonb-types/sign-in-experience.js +21 -4
- package/lib/foundations/jsonb-types/users.d.ts +6 -6
- package/lib/foundations/jsonb-types/users.js +2 -2
- package/lib/seeds/application.js +1 -0
- package/lib/seeds/cloud-api.d.ts +1 -1
- package/lib/seeds/sign-in-experience.d.ts +1 -0
- package/lib/seeds/sign-in-experience.js +2 -1
- package/lib/types/application.d.ts +85 -167
- package/lib/types/connector.d.ts +723 -191
- package/lib/types/consent.d.ts +181 -42
- package/lib/types/cookie.d.ts +7 -1
- package/lib/types/cookie.js +3 -1
- package/lib/types/domain.d.ts +2 -10
- package/lib/types/hook.d.ts +14 -21
- package/lib/types/index.d.ts +3 -0
- package/lib/types/index.js +3 -0
- package/lib/types/interactions.d.ts +313 -29
- package/lib/types/interactions.js +92 -9
- package/lib/types/log/interaction.d.ts +4 -3
- package/lib/types/log/interaction.js +1 -0
- package/lib/types/log/token.d.ts +2 -1
- package/lib/types/log/token.js +1 -0
- package/lib/types/logto-config/index.d.ts +277 -242
- package/lib/types/logto-config/jwt-customizer.d.ts +642 -476
- package/lib/types/logto-config/jwt-customizer.js +13 -2
- package/lib/types/logto-config/oidc-provider.d.ts +6 -6
- package/lib/types/mfa.d.ts +16 -16
- package/lib/types/oidc-config.d.ts +2 -1
- package/lib/types/oidc-config.js +1 -0
- package/lib/types/organization.d.ts +12 -3
- package/lib/types/organization.js +4 -1
- package/lib/types/role.d.ts +6 -1
- package/lib/types/role.js +6 -1
- package/lib/types/scope.d.ts +7 -6
- package/lib/types/sign-in-experience.d.ts +997 -0
- package/lib/types/sign-in-experience.js +21 -0
- package/lib/types/sso-connector.d.ts +14 -19
- package/lib/types/ssr.d.ts +25 -0
- package/lib/types/ssr.js +9 -0
- package/lib/types/subject-token.d.ts +12 -0
- package/lib/types/subject-token.js +5 -0
- package/lib/types/system.d.ts +11 -7
- package/lib/types/system.js +4 -0
- package/lib/types/tenant-organization.d.ts +1 -0
- package/lib/types/tenant-organization.js +3 -0
- package/lib/types/user-assets.d.ts +25 -5
- package/lib/types/user-assets.js +20 -1
- package/lib/types/user.d.ts +84 -120
- package/lib/utils/application.d.ts +3 -0
- package/lib/utils/application.js +7 -0
- package/lib/utils/index.d.ts +1 -0
- package/lib/utils/index.js +1 -0
- package/lib/utils/zod.d.ts +1 -1
- package/package.json +9 -9
- package/tables/application_secrets.sql +17 -0
- package/tables/application_sign_in_experiences.sql +1 -1
- package/tables/applications.sql +10 -0
- package/tables/organization_application_relations.sql +14 -0
- package/tables/organization_jit_email_domains.sql +13 -0
- package/tables/organization_jit_roles.sql +14 -0
- package/tables/organization_jit_sso_connectors.sql +13 -0
- package/tables/organization_role_application_relations.sql +18 -0
- package/tables/organization_role_user_relations.sql +3 -1
- package/tables/organization_roles.sql +8 -1
- package/tables/organizations.sql +4 -0
- package/tables/sign_in_experiences.sql +5 -0
- package/tables/subject_tokens.sql +16 -0
- package/tables/users.sql +1 -1
- package/alterations-js/1.0.0-1677208902-update-admin-console-config.d.ts +0 -3
- package/alterations-js/1.0.0-1677765137-seed-for-admin-tenant.d.ts +0 -3
- package/alterations-js/1.0.0-1677907982-allow-admin-create-multiple-tenants.d.ts +0 -3
- package/alterations-js/1.0.0-1678157950-privacy-policy-url.d.ts +0 -3
- package/alterations-js/1.0.0-1678199795-add-verification-status-table.d.ts +0 -3
- package/alterations-js/1.0.0-1678259693-remove-branding-style-config.d.ts +0 -3
- package/alterations-js/1.0.0-1678269972-use-restrictive-policies.d.ts +0 -3
- package/alterations-js/1.0.0-1678284778-restrict-internal-roles.d.ts +0 -3
- package/alterations-js/1.0.0-1678425761-m2m-app-for-tenants.d.ts +0 -3
- package/alterations-js/1.0.0-1678450233-support-custom-content.d.ts +0 -3
- package/alterations-js/1.0.0-1678716747-service-logs.d.ts +0 -3
- package/alterations-js/1.0.0-1678928481-remove-deprecated-logto-config-item.d.ts +0 -3
- package/alterations-js/1.0.0-1678953179-update-get-started-task-config.d.ts +0 -3
- package/alterations-js/1.0.0-1679209413-drop-connector-database-storage.d.ts +0 -3
- package/alterations-js/1.0.0_beta.10-1-logto-config.d.ts +0 -3
- package/alterations-js/1.0.0_beta.10-1663923211-machine-to-machine-app.d.ts +0 -3
- package/alterations-js/1.0.0_beta.10-1664265197-custom-phrases.d.ts +0 -3
- package/alterations-js/1.0.0_beta.11-1664347703-rename-language-key-to-tag.d.ts +0 -3
- package/alterations-js/1.0.0_beta.11-1664356000-add-created-at-column-to-users.d.ts +0 -3
- package/alterations-js/1.0.0_beta.11-1664462389-correct-user-created-at-column-by-user-logs.d.ts +0 -3
- package/alterations-js/1.0.0_beta.14-1665300135-sign-in-sign-up.d.ts +0 -3
- package/alterations-js/1.0.0_beta.14-1667283640-remove-forgot-password.d.ts +0 -3
- package/alterations-js/1.0.0_beta.14-1667292082-remove-sign-in-method.d.ts +0 -3
- package/alterations-js/1.0.0_beta.14-1667374974-user-suspend.d.ts +0 -3
- package/alterations-js/1.0.0_beta.14-1667900481-add-passcode-type-continue.d.ts +0 -3
- package/alterations-js/1.0.0_beta.18-1668666590-support-multiple-connector-instances.d.ts +0 -3
- package/alterations-js/1.0.0_beta.18-1668666600-remove-connector-enabled.d.ts +0 -3
- package/alterations-js/1.0.0_beta.18-1669091623-roles-and-scopes.d.ts +0 -3
- package/alterations-js/1.0.0_beta.18-1669702299-sign-up.d.ts +0 -3
- package/alterations-js/1.0.0_beta.18-1671039448-add-user-name-index.d.ts +0 -3
- package/alterations-js/1.0.0_beta.18-1671080370-terms-of-use.d.ts +0 -3
- package/alterations-js/1.0.0_beta.18-1671336831-refactor-log-types.d.ts +0 -3
- package/alterations-js/1.0.0_beta.18-1671509870-hooks.d.ts +0 -3
- package/alterations-js/1.0.0_beta.18-1672119200-align-passcode-type-with-message-type.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1672815959-user-roles.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1672820345-scope-resource-id.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1672901841-roles-and-scopes-not-null.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1673001922-support-generic-passcode.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1673165463-scope-name-index.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1673349501-sms-sign-in-identifier-to-phone.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1673465463-ac-scope-name.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1673853579-ac-default-scope.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1673863835-ac-scope-role.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1673882867-fix-alteration-issues.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1673940577-scope-description-not-null.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1673941897-application-roles.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1674032095.1-dedup-resources-constraint.d.ts +0 -4
- package/alterations-js/1.0.0_rc.0-1674032095.2-oidc-model-pkey.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1674032095.3-tenant-table.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1674032095.4-add-id-column.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1674032095.5-multi-tenancy.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1674032095.6-add-tenant-id-trigger.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1674987042-drop-settings-and-create-systems.d.ts +0 -3
- package/alterations-js/1.0.0_rc.0-1675316731-update-seed-data.d.ts +0 -3
- package/alterations-js/1.0.0_rc.1-1675788753-multi-tenancy-rls.d.ts +0 -3
- package/alterations-js/1.0.0_rc.1-1676115897-add-admin-tenant.d.ts +0 -3
- package/alterations-js/1.0.0_rc.1-1676185899-fix-logs-index.d.ts +0 -3
- package/alterations-js/1.0.0_rc.1-1676190092-migrate-admin-data.d.ts +0 -3
- package/alterations-js/1.0.0_rc.1-1676823841-update-sie-primary-key.d.ts +0 -3
- package/alterations-js/1.0.0_rc.1-1676874936-support-custom-css.d.ts +0 -3
- package/alterations-js/1.0.0_rc.1-1676886855-connector-database-read-write.d.ts +0 -3
- package/alterations-js/1.0.0_rc.1-1676906977-remove-demo-app.d.ts +0 -3
- package/alterations-js/1.0.0_rc.1-1676956206-move-console-sie-to-database.d.ts +0 -3
- package/alterations-js/1.0.0_rc.1-1677059985-move-console-application-to-database.d.ts +0 -3
- package/alterations-js/1.10.1-1695647183-update-private-key-type.d.ts +0 -3
- package/alterations-js/1.10.1-1696657546-organization-tables.d.ts +0 -3
- package/alterations-js/1.10.1-1697683802-add-sso-connectors-table.d.ts +0 -3
- package/alterations-js/1.10.1-1698646271-add-organization-created-flag.d.ts +0 -3
- package/alterations-js/1.10.1-1698820410-add-user-sso-identities-table.d.ts +0 -4
- package/alterations-js/1.10.1-1698910485-user-logto-data.d.ts +0 -3
- package/alterations-js/1.11.0-1699422979-add-sso-connector-id-col-to-user-sso-identities-table.d.ts +0 -3
- package/alterations-js/1.11.0-1699598903-remove-sso-only-column-in-sso-connectors-table.d.ts +0 -3
- package/alterations-js/1.12.0-1700031616-update-org-role-foreign-keys.d.ts +0 -3
- package/alterations-js/1.12.0-1701054133-add-unique-constraint-to-the-sso-connector-name.d.ts +0 -3
- package/alterations-js/1.12.0-1701245520-add-single-sign-on-enabled-flag-to-sie.d.ts +0 -3
- package/alterations-js/1.13.0-1702274830-add-new-third-party-column-to-applications-table.d.ts +0 -3
- package/alterations-js/1.13.0-1702372401-add-application-permissions-tables.d.ts +0 -3
- package/alterations-js/1.13.0-1702544178-sync-tenant-orgs.d.ts +0 -18
- package/alterations-js/1.13.0-1702871078-protected-application-type.d.ts +0 -3
- package/alterations-js/1.13.0-1702877515-protected-app-configs.d.ts +0 -3
- package/alterations-js/1.13.0-1702978120-application-sign-in-experience-table.d.ts +0 -3
- package/alterations-js/1.13.0-1703229996-daily-token-usage.d.ts +0 -3
- package/alterations-js/1.13.0-1703230000-update-tenant-roles.d.ts +0 -11
- package/alterations-js/1.13.0-1704692973-remove-legacy-resources.d.ts +0 -3
- package/alterations-js/1.13.0-1704934999-add-magic-links-table.d.ts +0 -3
- package/alterations-js/1.13.0-1704935001-add-organization-invitation-tables.d.ts +0 -3
- package/alterations-js/1.13.0-1705288654-add-application-user-consent-organizations-table.d.ts +0 -3
- package/alterations-js/1.13.0-1705991158-update-invitation-indices.d.ts +0 -7
- package/alterations-js/1.13.0-1706449174-update-organization-invitation-column.d.ts +0 -3
- package/alterations-js/1.13.0-1706510290-protected-app-host-index.d.ts +0 -3
- package/alterations-js/1.13.0-1706512952-restore-get-started-page.d.ts +0 -3
- package/alterations-js/1.13.0-1706528755-remove-magic-links.d.ts +0 -3
- package/alterations-js/1.13.0-1706585206-protected-app-custom-domain-unique.d.ts +0 -3
- package/alterations-js/1.13.1-1707360939-grant-is-suspended-read-permission.d.ts +0 -6
- package/alterations-js/1.14.0-1708916601-remove-management-api-scopes-assigned-to-user-role.d.ts +0 -3
- package/alterations-js/1.14.0-1709190131-enhance-dau-data-accuracy.d.ts +0 -3
- package/alterations-js/1.15.0-1709521416-user-password-encrypt-method.d.ts +0 -3
- package/alterations-js/1.15.0-1709528944-regenerate-dau-data.d.ts +0 -3
- package/alterations-js/1.15.0-1710223946-add-fetch-custom-jwt-cloud-scope.d.ts +0 -3
- package/alterations-js/1.15.0-1710408335-make-resource-scopes-description-nullable.d.ts +0 -3
- package/alterations-js/1.15.0-1710859622-add-oidc-standard-claim-properties.d.ts +0 -3
- package/alterations-js/1.15.0-1711607772-remove-invite-member-scope-from-tenant-member-role.d.ts +0 -3
- package/alterations-js/1.15.0-1711624564-add-read-member-scope-to-tenant-roles.d.ts +0 -3
- package/alterations-js/1.15.0-1711955211-organization-resource-scope.d.ts +0 -3
- package/alterations-js/1.15.0-1712041436-rename-organization-member-role-to-collaborator.d.ts +0 -3
- package/alterations-js/1.15.0-1712545011-fix-organization-resource-scope.d.ts +0 -8
- package/alterations-js/1.15.0-1712559358-fix-down-organization-resource-scope.d.ts +0 -8
- package/alterations-js/1.16.0-1712912361-delete-jwt-customier-with-empty-script.d.ts +0 -3
- package/alterations-js/1.16.0-1713942039-add-organization-custom-data.d.ts +0 -4
- package/alterations-js/1.16.0-1714270244-application-org-resource-scope.d.ts +0 -3
- package/alterations-js/1.17.0-1715826336-add-default-user-role-config.d.ts +0 -3
- package/alterations-js/1.17.0-1715829731-rename-data-hook-schema-update-event.d.ts +0 -3
- package/alterations-js/1.17.0-1716278409-remove-internal-role-database-policies.d.ts +0 -3
- package/alterations-js/1.17.0-1716291265-create-pre-configured-m-api-role.d.ts +0 -7
- package/alterations-js/1.17.0-1717148078-remove-service-log-reference.d.ts +0 -3
- package/alterations-js/1.2.0-1681267285-fix-get-started-passwordless-status.d.ts +0 -3
- package/alterations-js/1.3.0-1683292832-update-hooks.d.ts +0 -3
- package/alterations-js/1.5.0-1684382842-add-name-tag-created-at-for-tenants-table.d.ts +0 -3
- package/alterations-js/1.5.0-1684739802-create-hook-id-index-for-logs.d.ts +0 -3
- package/alterations-js/1.5.0-1684822341-init-domains.d.ts +0 -3
- package/alterations-js/1.5.0-1684837981-add-manage-tenant-self-scope-to-user-role.d.ts +0 -3
- package/alterations-js/1.5.0-1685285719-support-default-resource.d.ts +0 -3
- package/alterations-js/1.6.0-1685691718-domain-unique.d.ts +0 -3
- package/alterations-js/1.7.0-1688375200-sync-cloud-m2m-to-logto-config.d.ts +0 -3
- package/alterations-js/1.7.0-1688613459-remove-m2m-credentials-from-existing-logto-email-connector-config.d.ts +0 -3
- package/alterations-js/1.7.0-1688627407-daily-active-users.d.ts +0 -3
- package/alterations-js/1.8.0-1692088012-add-is-suspend-column-to-tenants-table.d.ts +0 -3
- package/alterations-js/1.8.0-1692194751-add-affiliate-scopes.d.ts +0 -3
- package/alterations-js/1.9.0-1693554904-add-possword-policy.d.ts +0 -4
- package/alterations-js/1.9.0-1694399696-add-type-col-to-roles-table.d.ts +0 -3
- package/alterations-js/1.9.0-1694418765-specify-check-role-type-function-to-be-public-schema.d.ts +0 -9
- package/alterations-js/1.9.0-1694484927-remove-deprecated-challenge-flag.d.ts +0 -3
- package/alterations-js/1.9.0-1694487524-sie-mfa.d.ts +0 -3
- package/alterations-js/1.9.0-1694509714-keep-existing-password-policy.d.ts +0 -3
- package/alterations-js/1.9.0-1694746763-user-verifications.d.ts +0 -3
- package/alterations-js/1.9.2-1694854226-init-sentinel.d.ts +0 -3
- package/alterations-js/1.9.2-1695198741-remove-m2m-app-admin-access-switch.d.ts +0 -3
- package/alterations-js/utils/1704934999-tables.d.ts +0 -11
- package/alterations-js/utils/1716643968-id-generation.d.ts +0 -19
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
import { jsonObjectGuard } from '@logto/connector-kit';
|
|
2
2
|
import { z } from 'zod';
|
|
3
|
-
import { Organizations, Roles, UserSsoIdentities } from '../../db-entries/index.js';
|
|
3
|
+
import { Organizations, Roles, UserSsoIdentities, } from '../../db-entries/index.js';
|
|
4
4
|
import { mfaFactorsGuard } from '../../foundations/index.js';
|
|
5
|
+
import { GrantType } from '../oidc-config.js';
|
|
5
6
|
import { scopeResponseGuard } from '../scope.js';
|
|
6
7
|
import { userInfoGuard } from '../user.js';
|
|
7
8
|
import { accessTokenPayloadGuard, clientCredentialsPayloadGuard } from './oidc-provider.js';
|
|
@@ -16,6 +17,7 @@ export var LogtoJwtTokenKeyType;
|
|
|
16
17
|
LogtoJwtTokenKeyType["ClientCredentials"] = "client-credentials";
|
|
17
18
|
})(LogtoJwtTokenKeyType || (LogtoJwtTokenKeyType = {}));
|
|
18
19
|
export const jwtCustomizerUserContextGuard = userInfoGuard.extend({
|
|
20
|
+
hasPassword: z.boolean(),
|
|
19
21
|
ssoIdentities: UserSsoIdentities.guard
|
|
20
22
|
.pick({ issuer: true, identityId: true, detail: true })
|
|
21
23
|
.array(),
|
|
@@ -37,11 +39,20 @@ export const jwtCustomizerUserContextGuard = userInfoGuard.extend({
|
|
|
37
39
|
})
|
|
38
40
|
.array(),
|
|
39
41
|
});
|
|
42
|
+
export const jwtCustomizerGrantContextGuard = z.object({
|
|
43
|
+
type: z.literal(GrantType.TokenExchange), // Only support token exchange for now
|
|
44
|
+
subjectTokenContext: jsonObjectGuard,
|
|
45
|
+
});
|
|
40
46
|
export const accessTokenJwtCustomizerGuard = jwtCustomizerGuard
|
|
41
47
|
.extend({
|
|
42
48
|
// Use partial token guard since users customization may not rely on all fields.
|
|
43
49
|
tokenSample: accessTokenPayloadGuard.partial().optional(),
|
|
44
|
-
contextSample: z
|
|
50
|
+
contextSample: z
|
|
51
|
+
.object({
|
|
52
|
+
user: jwtCustomizerUserContextGuard.partial(),
|
|
53
|
+
grant: jwtCustomizerGrantContextGuard.partial().optional(),
|
|
54
|
+
})
|
|
55
|
+
.optional(),
|
|
45
56
|
})
|
|
46
57
|
.strict();
|
|
47
58
|
export const clientCredentialsJwtCustomizerGuard = jwtCustomizerGuard
|
|
@@ -25,11 +25,11 @@ export declare const accessTokenPayloadGuard: z.ZodObject<{
|
|
|
25
25
|
gty: string;
|
|
26
26
|
kind: "AccessToken";
|
|
27
27
|
jti: string;
|
|
28
|
-
aud:
|
|
28
|
+
aud: string | string[];
|
|
29
|
+
scope?: string | undefined;
|
|
29
30
|
expiresWithSession?: boolean | undefined;
|
|
30
31
|
sessionUid?: string | undefined;
|
|
31
32
|
sid?: string | undefined;
|
|
32
|
-
scope?: string | undefined;
|
|
33
33
|
clientId?: string | undefined;
|
|
34
34
|
}, {
|
|
35
35
|
grantId: string;
|
|
@@ -37,11 +37,11 @@ export declare const accessTokenPayloadGuard: z.ZodObject<{
|
|
|
37
37
|
gty: string;
|
|
38
38
|
kind: "AccessToken";
|
|
39
39
|
jti: string;
|
|
40
|
-
aud:
|
|
40
|
+
aud: string | string[];
|
|
41
|
+
scope?: string | undefined;
|
|
41
42
|
expiresWithSession?: boolean | undefined;
|
|
42
43
|
sessionUid?: string | undefined;
|
|
43
44
|
sid?: string | undefined;
|
|
44
|
-
scope?: string | undefined;
|
|
45
45
|
clientId?: string | undefined;
|
|
46
46
|
}>;
|
|
47
47
|
export type AccessTokenPayload = z.infer<typeof accessTokenPayloadGuard>;
|
|
@@ -54,13 +54,13 @@ export declare const clientCredentialsPayloadGuard: z.ZodObject<{
|
|
|
54
54
|
}, "strict", z.ZodTypeAny, {
|
|
55
55
|
kind: "ClientCredentials";
|
|
56
56
|
jti: string;
|
|
57
|
-
aud:
|
|
57
|
+
aud: string | string[];
|
|
58
58
|
scope?: string | undefined;
|
|
59
59
|
clientId?: string | undefined;
|
|
60
60
|
}, {
|
|
61
61
|
kind: "ClientCredentials";
|
|
62
62
|
jti: string;
|
|
63
|
-
aud:
|
|
63
|
+
aud: string | string[];
|
|
64
64
|
scope?: string | undefined;
|
|
65
65
|
clientId?: string | undefined;
|
|
66
66
|
}>;
|
package/lib/types/mfa.d.ts
CHANGED
|
@@ -71,12 +71,12 @@ export declare const webAuthnRegistrationOptionsGuard: z.ZodObject<{
|
|
|
71
71
|
hmacCreateSecret: z.ZodOptional<z.ZodBoolean>;
|
|
72
72
|
}, "strip", z.ZodTypeAny, {
|
|
73
73
|
appid?: string | undefined;
|
|
74
|
-
credProps?: boolean | undefined;
|
|
75
74
|
hmacCreateSecret?: boolean | undefined;
|
|
75
|
+
credProps?: boolean | undefined;
|
|
76
76
|
}, {
|
|
77
77
|
appid?: string | undefined;
|
|
78
|
-
credProps?: boolean | undefined;
|
|
79
78
|
hmacCreateSecret?: boolean | undefined;
|
|
79
|
+
credProps?: boolean | undefined;
|
|
80
80
|
}>>;
|
|
81
81
|
}, "strip", z.ZodTypeAny, {
|
|
82
82
|
user: {
|
|
@@ -108,8 +108,8 @@ export declare const webAuthnRegistrationOptionsGuard: z.ZodObject<{
|
|
|
108
108
|
attestation?: "none" | "indirect" | "direct" | "enterprise" | undefined;
|
|
109
109
|
extensions?: {
|
|
110
110
|
appid?: string | undefined;
|
|
111
|
-
credProps?: boolean | undefined;
|
|
112
111
|
hmacCreateSecret?: boolean | undefined;
|
|
112
|
+
credProps?: boolean | undefined;
|
|
113
113
|
} | undefined;
|
|
114
114
|
}, {
|
|
115
115
|
user: {
|
|
@@ -141,8 +141,8 @@ export declare const webAuthnRegistrationOptionsGuard: z.ZodObject<{
|
|
|
141
141
|
attestation?: "none" | "indirect" | "direct" | "enterprise" | undefined;
|
|
142
142
|
extensions?: {
|
|
143
143
|
appid?: string | undefined;
|
|
144
|
-
credProps?: boolean | undefined;
|
|
145
144
|
hmacCreateSecret?: boolean | undefined;
|
|
145
|
+
credProps?: boolean | undefined;
|
|
146
146
|
} | undefined;
|
|
147
147
|
}>;
|
|
148
148
|
export type WebAuthnRegistrationOptions = z.infer<typeof webAuthnRegistrationOptionsGuard>;
|
|
@@ -170,42 +170,42 @@ export declare const webAuthnAuthenticationOptionsGuard: z.ZodObject<{
|
|
|
170
170
|
hmacCreateSecret: z.ZodOptional<z.ZodBoolean>;
|
|
171
171
|
}, "strip", z.ZodTypeAny, {
|
|
172
172
|
appid?: string | undefined;
|
|
173
|
-
credProps?: boolean | undefined;
|
|
174
173
|
hmacCreateSecret?: boolean | undefined;
|
|
174
|
+
credProps?: boolean | undefined;
|
|
175
175
|
}, {
|
|
176
176
|
appid?: string | undefined;
|
|
177
|
-
credProps?: boolean | undefined;
|
|
178
177
|
hmacCreateSecret?: boolean | undefined;
|
|
178
|
+
credProps?: boolean | undefined;
|
|
179
179
|
}>>;
|
|
180
180
|
}, "strip", z.ZodTypeAny, {
|
|
181
181
|
challenge: string;
|
|
182
182
|
timeout?: number | undefined;
|
|
183
|
+
userVerification?: "discouraged" | "preferred" | "required" | undefined;
|
|
184
|
+
extensions?: {
|
|
185
|
+
appid?: string | undefined;
|
|
186
|
+
hmacCreateSecret?: boolean | undefined;
|
|
187
|
+
credProps?: boolean | undefined;
|
|
188
|
+
} | undefined;
|
|
183
189
|
rpId?: string | undefined;
|
|
184
190
|
allowCredentials?: {
|
|
185
191
|
type: "public-key";
|
|
186
192
|
id: string;
|
|
187
193
|
transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
|
|
188
194
|
}[] | undefined;
|
|
195
|
+
}, {
|
|
196
|
+
challenge: string;
|
|
197
|
+
timeout?: number | undefined;
|
|
189
198
|
userVerification?: "discouraged" | "preferred" | "required" | undefined;
|
|
190
199
|
extensions?: {
|
|
191
200
|
appid?: string | undefined;
|
|
192
|
-
credProps?: boolean | undefined;
|
|
193
201
|
hmacCreateSecret?: boolean | undefined;
|
|
202
|
+
credProps?: boolean | undefined;
|
|
194
203
|
} | undefined;
|
|
195
|
-
}, {
|
|
196
|
-
challenge: string;
|
|
197
|
-
timeout?: number | undefined;
|
|
198
204
|
rpId?: string | undefined;
|
|
199
205
|
allowCredentials?: {
|
|
200
206
|
type: "public-key";
|
|
201
207
|
id: string;
|
|
202
208
|
transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
|
|
203
209
|
}[] | undefined;
|
|
204
|
-
userVerification?: "discouraged" | "preferred" | "required" | undefined;
|
|
205
|
-
extensions?: {
|
|
206
|
-
appid?: string | undefined;
|
|
207
|
-
credProps?: boolean | undefined;
|
|
208
|
-
hmacCreateSecret?: boolean | undefined;
|
|
209
|
-
} | undefined;
|
|
210
210
|
}>;
|
|
211
211
|
export type WebAuthnAuthenticationOptions = z.infer<typeof webAuthnAuthenticationOptionsGuard>;
|
|
@@ -8,5 +8,6 @@ export type OidcConfig = KeysToCamelCase<SnakeCaseOidcConfig>;
|
|
|
8
8
|
export declare enum GrantType {
|
|
9
9
|
AuthorizationCode = "authorization_code",
|
|
10
10
|
RefreshToken = "refresh_token",
|
|
11
|
-
ClientCredentials = "client_credentials"
|
|
11
|
+
ClientCredentials = "client_credentials",
|
|
12
|
+
TokenExchange = "urn:ietf:params:oauth:grant-type:token-exchange"
|
|
12
13
|
}
|
package/lib/types/oidc-config.js
CHANGED
|
@@ -3,4 +3,5 @@ export var GrantType;
|
|
|
3
3
|
GrantType["AuthorizationCode"] = "authorization_code";
|
|
4
4
|
GrantType["RefreshToken"] = "refresh_token";
|
|
5
5
|
GrantType["ClientCredentials"] = "client_credentials";
|
|
6
|
+
GrantType["TokenExchange"] = "urn:ietf:params:oauth:grant-type:token-exchange";
|
|
6
7
|
})(GrantType || (GrantType = {}));
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { type OrganizationRole, type Organization, type OrganizationInvitation } from '../db-entries/index.js';
|
|
1
|
+
import { type OrganizationRole, type Organization, type OrganizationInvitation, type Application } from '../db-entries/index.js';
|
|
2
2
|
import { type ToZodObject } from '../utils/zod.js';
|
|
3
3
|
import { type UserInfo, type FeaturedUser } from './user.js';
|
|
4
4
|
/**
|
|
@@ -43,10 +43,10 @@ export type OrganizationWithRoles = Organization & {
|
|
|
43
43
|
export declare const organizationWithOrganizationRolesGuard: ToZodObject<OrganizationWithRoles>;
|
|
44
44
|
/**
|
|
45
45
|
* The user entity with the `organizationRoles` field that contains the roles of
|
|
46
|
-
* the user in
|
|
46
|
+
* the user in the organization.
|
|
47
47
|
*/
|
|
48
48
|
export type UserWithOrganizationRoles = UserInfo & {
|
|
49
|
-
/** The roles of the user in
|
|
49
|
+
/** The roles of the user in the organization. */
|
|
50
50
|
organizationRoles: OrganizationRoleEntity[];
|
|
51
51
|
};
|
|
52
52
|
export declare const userWithOrganizationRolesGuard: ToZodObject<UserWithOrganizationRoles>;
|
|
@@ -58,6 +58,15 @@ export type OrganizationWithFeatured = Organization & {
|
|
|
58
58
|
usersCount?: number;
|
|
59
59
|
featuredUsers?: FeaturedUser[];
|
|
60
60
|
};
|
|
61
|
+
/**
|
|
62
|
+
* The application entity with the `organizationRoles` field that contains the roles
|
|
63
|
+
* of the application in the organization.
|
|
64
|
+
*/
|
|
65
|
+
export type ApplicationWithOrganizationRoles = Application & {
|
|
66
|
+
/** The roles of the application in the organization. */
|
|
67
|
+
organizationRoles: OrganizationRoleEntity[];
|
|
68
|
+
};
|
|
69
|
+
export declare const applicationWithOrganizationRolesGuard: ToZodObject<ApplicationWithOrganizationRoles>;
|
|
61
70
|
/**
|
|
62
71
|
* The organization invitation with additional fields:
|
|
63
72
|
*
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { z } from 'zod';
|
|
2
|
-
import { OrganizationRoles, Organizations, OrganizationInvitations, } from '../db-entries/index.js';
|
|
2
|
+
import { OrganizationRoles, Organizations, OrganizationInvitations, Applications, } from '../db-entries/index.js';
|
|
3
3
|
import { userInfoGuard } from './user.js';
|
|
4
4
|
export const organizationRoleWithScopesGuard = OrganizationRoles.guard.extend({
|
|
5
5
|
scopes: z
|
|
@@ -29,6 +29,9 @@ export const organizationWithOrganizationRolesGuard = Organizations.guard.extend
|
|
|
29
29
|
export const userWithOrganizationRolesGuard = userInfoGuard.extend({
|
|
30
30
|
organizationRoles: organizationRoleEntityGuard.array(),
|
|
31
31
|
});
|
|
32
|
+
export const applicationWithOrganizationRolesGuard = Applications.guard.extend({
|
|
33
|
+
organizationRoles: organizationRoleEntityGuard.array(),
|
|
34
|
+
});
|
|
32
35
|
export const organizationInvitationEntityGuard = OrganizationInvitations.guard.extend({
|
|
33
36
|
organizationRoles: organizationRoleEntityGuard.array(),
|
|
34
37
|
});
|
package/lib/types/role.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type
|
|
1
|
+
import { type Role } from '../db-entries/index.js';
|
|
2
2
|
import { type FeaturedApplication } from './application.js';
|
|
3
3
|
import { type FeaturedUser } from './user.js';
|
|
4
4
|
export type RoleResponse = Role & {
|
|
@@ -7,3 +7,8 @@ export type RoleResponse = Role & {
|
|
|
7
7
|
applicationsCount: number;
|
|
8
8
|
featuredApplications: FeaturedApplication[];
|
|
9
9
|
};
|
|
10
|
+
/** The role type to i18n key mapping. */
|
|
11
|
+
export declare const roleTypeToKey: Readonly<{
|
|
12
|
+
readonly User: "user";
|
|
13
|
+
readonly MachineToMachine: "machine_to_machine";
|
|
14
|
+
}>;
|
package/lib/types/role.js
CHANGED
package/lib/types/scope.d.ts
CHANGED
|
@@ -1,13 +1,14 @@
|
|
|
1
1
|
import { type z } from 'zod';
|
|
2
|
-
export declare const scopeResponseGuard: z.ZodObject<{
|
|
3
|
-
name: z.ZodType<string, z.ZodTypeDef, string>;
|
|
4
|
-
id: z.ZodType<string, z.ZodTypeDef, string>;
|
|
2
|
+
export declare const scopeResponseGuard: z.ZodObject<z.objectUtil.extendShape<{
|
|
5
3
|
tenantId: z.ZodType<string, z.ZodTypeDef, string>;
|
|
6
|
-
|
|
7
|
-
description: z.ZodType<string | null, z.ZodTypeDef, string | null>;
|
|
4
|
+
id: z.ZodType<string, z.ZodTypeDef, string>;
|
|
8
5
|
resourceId: z.ZodType<string, z.ZodTypeDef, string>;
|
|
6
|
+
name: z.ZodType<string, z.ZodTypeDef, string>;
|
|
7
|
+
description: z.ZodType<string | null, z.ZodTypeDef, string | null>;
|
|
8
|
+
createdAt: z.ZodType<number, z.ZodTypeDef, number>;
|
|
9
|
+
}, {
|
|
9
10
|
resource: import("../index.js").Guard<import("../db-entries/resource.js").Resource>;
|
|
10
|
-
}
|
|
11
|
+
}>, "strip", z.ZodTypeAny, {
|
|
11
12
|
name: string;
|
|
12
13
|
id: string;
|
|
13
14
|
tenantId: string;
|