@logto/schemas 1.18.0 → 1.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (229) hide show
  1. package/alterations/1.19.0-1720253939-add-organization-branding.ts +18 -0
  2. package/alterations/1.19.0-1720345784-add-color-to-app-sie.ts +18 -0
  3. package/alterations/1.19.0-1720505152-update-custom-ui-assets.ts +20 -0
  4. package/alterations/1.19.0-1721483240-multiple-app-secrets.ts +77 -0
  5. package/alterations/1.19.0-1721645392-add-application-custom-data-column.ts +18 -0
  6. package/alterations/1.19.0-1722926389-argon2d-argon2id.ts +35 -0
  7. package/alterations-js/1.19.0-1720253939-add-organization-branding.js +14 -0
  8. package/alterations-js/1.19.0-1720345784-add-color-to-app-sie.js +14 -0
  9. package/alterations-js/1.19.0-1720505152-update-custom-ui-assets.js +16 -0
  10. package/alterations-js/1.19.0-1721483240-multiple-app-secrets.js +72 -0
  11. package/alterations-js/1.19.0-1721645392-add-application-custom-data-column.js +14 -0
  12. package/alterations-js/1.19.0-1722926389-argon2d-argon2id.js +30 -0
  13. package/lib/consts/oidc.d.ts +15 -2
  14. package/lib/consts/oidc.js +6 -0
  15. package/lib/consts/system.d.ts +2 -0
  16. package/lib/consts/system.js +2 -0
  17. package/lib/db-entries/application-secret.d.ts +28 -0
  18. package/lib/db-entries/application-secret.js +41 -0
  19. package/lib/db-entries/application-sign-in-experience.d.ts +4 -2
  20. package/lib/db-entries/application-sign-in-experience.js +5 -1
  21. package/lib/db-entries/application.d.ts +6 -2
  22. package/lib/db-entries/application.js +5 -1
  23. package/lib/db-entries/custom-types.d.ts +2 -0
  24. package/lib/db-entries/custom-types.js +2 -0
  25. package/lib/db-entries/index.d.ts +1 -0
  26. package/lib/db-entries/index.js +1 -0
  27. package/lib/db-entries/organization.d.ts +6 -2
  28. package/lib/db-entries/organization.js +5 -1
  29. package/lib/db-entries/sign-in-experience.d.ts +4 -4
  30. package/lib/db-entries/sign-in-experience.js +5 -5
  31. package/lib/foundations/jsonb-types/sign-in-experience.d.ts +33 -0
  32. package/lib/foundations/jsonb-types/sign-in-experience.js +18 -4
  33. package/lib/foundations/jsonb-types/users.d.ts +6 -6
  34. package/lib/foundations/jsonb-types/users.js +2 -2
  35. package/lib/seeds/application.js +1 -0
  36. package/lib/seeds/cloud-api.d.ts +1 -1
  37. package/lib/seeds/sign-in-experience.d.ts +1 -0
  38. package/lib/seeds/sign-in-experience.js +2 -2
  39. package/lib/types/application.d.ts +80 -122
  40. package/lib/types/connector.d.ts +26 -28
  41. package/lib/types/consent.d.ts +180 -33
  42. package/lib/types/cookie.d.ts +7 -1
  43. package/lib/types/cookie.js +3 -1
  44. package/lib/types/domain.d.ts +2 -10
  45. package/lib/types/hook.d.ts +14 -21
  46. package/lib/types/index.d.ts +1 -0
  47. package/lib/types/index.js +1 -0
  48. package/lib/types/interactions.d.ts +206 -57
  49. package/lib/types/interactions.js +42 -13
  50. package/lib/types/log/interaction.d.ts +4 -3
  51. package/lib/types/log/interaction.js +1 -0
  52. package/lib/types/logto-config/index.d.ts +267 -242
  53. package/lib/types/logto-config/jwt-customizer.d.ts +500 -371
  54. package/lib/types/logto-config/jwt-customizer.js +11 -1
  55. package/lib/types/logto-config/oidc-provider.d.ts +6 -6
  56. package/lib/types/mfa.d.ts +16 -16
  57. package/lib/types/scope.d.ts +7 -6
  58. package/lib/types/sign-in-experience.d.ts +51 -118
  59. package/lib/types/sign-in-experience.js +1 -1
  60. package/lib/types/sso-connector.d.ts +14 -19
  61. package/lib/types/ssr.d.ts +25 -0
  62. package/lib/types/ssr.js +9 -0
  63. package/lib/types/system.d.ts +7 -3
  64. package/lib/types/system.js +4 -0
  65. package/lib/types/user-assets.d.ts +25 -5
  66. package/lib/types/user-assets.js +20 -1
  67. package/lib/types/user.d.ts +84 -120
  68. package/lib/utils/application.d.ts +3 -0
  69. package/lib/utils/application.js +7 -0
  70. package/lib/utils/index.d.ts +1 -0
  71. package/lib/utils/index.js +1 -0
  72. package/package.json +7 -7
  73. package/tables/application_secrets.sql +17 -0
  74. package/tables/application_sign_in_experiences.sql +1 -1
  75. package/tables/applications.sql +7 -2
  76. package/tables/organizations.sql +2 -0
  77. package/tables/sign_in_experiences.sql +1 -1
  78. package/tables/users.sql +1 -1
  79. package/alterations-js/1.0.0-1677208902-update-admin-console-config.d.ts +0 -3
  80. package/alterations-js/1.0.0-1677765137-seed-for-admin-tenant.d.ts +0 -3
  81. package/alterations-js/1.0.0-1677907982-allow-admin-create-multiple-tenants.d.ts +0 -3
  82. package/alterations-js/1.0.0-1678157950-privacy-policy-url.d.ts +0 -3
  83. package/alterations-js/1.0.0-1678199795-add-verification-status-table.d.ts +0 -3
  84. package/alterations-js/1.0.0-1678259693-remove-branding-style-config.d.ts +0 -3
  85. package/alterations-js/1.0.0-1678269972-use-restrictive-policies.d.ts +0 -3
  86. package/alterations-js/1.0.0-1678284778-restrict-internal-roles.d.ts +0 -3
  87. package/alterations-js/1.0.0-1678425761-m2m-app-for-tenants.d.ts +0 -3
  88. package/alterations-js/1.0.0-1678450233-support-custom-content.d.ts +0 -3
  89. package/alterations-js/1.0.0-1678716747-service-logs.d.ts +0 -3
  90. package/alterations-js/1.0.0-1678928481-remove-deprecated-logto-config-item.d.ts +0 -3
  91. package/alterations-js/1.0.0-1678953179-update-get-started-task-config.d.ts +0 -3
  92. package/alterations-js/1.0.0-1679209413-drop-connector-database-storage.d.ts +0 -3
  93. package/alterations-js/1.0.0_beta.10-1-logto-config.d.ts +0 -3
  94. package/alterations-js/1.0.0_beta.10-1663923211-machine-to-machine-app.d.ts +0 -3
  95. package/alterations-js/1.0.0_beta.10-1664265197-custom-phrases.d.ts +0 -3
  96. package/alterations-js/1.0.0_beta.11-1664347703-rename-language-key-to-tag.d.ts +0 -3
  97. package/alterations-js/1.0.0_beta.11-1664356000-add-created-at-column-to-users.d.ts +0 -3
  98. package/alterations-js/1.0.0_beta.11-1664462389-correct-user-created-at-column-by-user-logs.d.ts +0 -3
  99. package/alterations-js/1.0.0_beta.14-1665300135-sign-in-sign-up.d.ts +0 -3
  100. package/alterations-js/1.0.0_beta.14-1667283640-remove-forgot-password.d.ts +0 -3
  101. package/alterations-js/1.0.0_beta.14-1667292082-remove-sign-in-method.d.ts +0 -3
  102. package/alterations-js/1.0.0_beta.14-1667374974-user-suspend.d.ts +0 -3
  103. package/alterations-js/1.0.0_beta.14-1667900481-add-passcode-type-continue.d.ts +0 -3
  104. package/alterations-js/1.0.0_beta.18-1668666590-support-multiple-connector-instances.d.ts +0 -3
  105. package/alterations-js/1.0.0_beta.18-1668666600-remove-connector-enabled.d.ts +0 -3
  106. package/alterations-js/1.0.0_beta.18-1669091623-roles-and-scopes.d.ts +0 -3
  107. package/alterations-js/1.0.0_beta.18-1669702299-sign-up.d.ts +0 -3
  108. package/alterations-js/1.0.0_beta.18-1671039448-add-user-name-index.d.ts +0 -3
  109. package/alterations-js/1.0.0_beta.18-1671080370-terms-of-use.d.ts +0 -3
  110. package/alterations-js/1.0.0_beta.18-1671336831-refactor-log-types.d.ts +0 -3
  111. package/alterations-js/1.0.0_beta.18-1671509870-hooks.d.ts +0 -3
  112. package/alterations-js/1.0.0_beta.18-1672119200-align-passcode-type-with-message-type.d.ts +0 -3
  113. package/alterations-js/1.0.0_rc.0-1672815959-user-roles.d.ts +0 -3
  114. package/alterations-js/1.0.0_rc.0-1672820345-scope-resource-id.d.ts +0 -3
  115. package/alterations-js/1.0.0_rc.0-1672901841-roles-and-scopes-not-null.d.ts +0 -3
  116. package/alterations-js/1.0.0_rc.0-1673001922-support-generic-passcode.d.ts +0 -3
  117. package/alterations-js/1.0.0_rc.0-1673165463-scope-name-index.d.ts +0 -3
  118. package/alterations-js/1.0.0_rc.0-1673349501-sms-sign-in-identifier-to-phone.d.ts +0 -3
  119. package/alterations-js/1.0.0_rc.0-1673465463-ac-scope-name.d.ts +0 -3
  120. package/alterations-js/1.0.0_rc.0-1673853579-ac-default-scope.d.ts +0 -3
  121. package/alterations-js/1.0.0_rc.0-1673863835-ac-scope-role.d.ts +0 -3
  122. package/alterations-js/1.0.0_rc.0-1673882867-fix-alteration-issues.d.ts +0 -3
  123. package/alterations-js/1.0.0_rc.0-1673940577-scope-description-not-null.d.ts +0 -3
  124. package/alterations-js/1.0.0_rc.0-1673941897-application-roles.d.ts +0 -3
  125. package/alterations-js/1.0.0_rc.0-1674032095.1-dedup-resources-constraint.d.ts +0 -4
  126. package/alterations-js/1.0.0_rc.0-1674032095.2-oidc-model-pkey.d.ts +0 -3
  127. package/alterations-js/1.0.0_rc.0-1674032095.3-tenant-table.d.ts +0 -3
  128. package/alterations-js/1.0.0_rc.0-1674032095.4-add-id-column.d.ts +0 -3
  129. package/alterations-js/1.0.0_rc.0-1674032095.5-multi-tenancy.d.ts +0 -3
  130. package/alterations-js/1.0.0_rc.0-1674032095.6-add-tenant-id-trigger.d.ts +0 -3
  131. package/alterations-js/1.0.0_rc.0-1674987042-drop-settings-and-create-systems.d.ts +0 -3
  132. package/alterations-js/1.0.0_rc.0-1675316731-update-seed-data.d.ts +0 -3
  133. package/alterations-js/1.0.0_rc.1-1675788753-multi-tenancy-rls.d.ts +0 -3
  134. package/alterations-js/1.0.0_rc.1-1676115897-add-admin-tenant.d.ts +0 -3
  135. package/alterations-js/1.0.0_rc.1-1676185899-fix-logs-index.d.ts +0 -3
  136. package/alterations-js/1.0.0_rc.1-1676190092-migrate-admin-data.d.ts +0 -3
  137. package/alterations-js/1.0.0_rc.1-1676823841-update-sie-primary-key.d.ts +0 -3
  138. package/alterations-js/1.0.0_rc.1-1676874936-support-custom-css.d.ts +0 -3
  139. package/alterations-js/1.0.0_rc.1-1676886855-connector-database-read-write.d.ts +0 -3
  140. package/alterations-js/1.0.0_rc.1-1676906977-remove-demo-app.d.ts +0 -3
  141. package/alterations-js/1.0.0_rc.1-1676956206-move-console-sie-to-database.d.ts +0 -3
  142. package/alterations-js/1.0.0_rc.1-1677059985-move-console-application-to-database.d.ts +0 -3
  143. package/alterations-js/1.10.1-1695647183-update-private-key-type.d.ts +0 -3
  144. package/alterations-js/1.10.1-1696657546-organization-tables.d.ts +0 -3
  145. package/alterations-js/1.10.1-1697683802-add-sso-connectors-table.d.ts +0 -3
  146. package/alterations-js/1.10.1-1698646271-add-organization-created-flag.d.ts +0 -3
  147. package/alterations-js/1.10.1-1698820410-add-user-sso-identities-table.d.ts +0 -4
  148. package/alterations-js/1.10.1-1698910485-user-logto-data.d.ts +0 -3
  149. package/alterations-js/1.11.0-1699422979-add-sso-connector-id-col-to-user-sso-identities-table.d.ts +0 -3
  150. package/alterations-js/1.11.0-1699598903-remove-sso-only-column-in-sso-connectors-table.d.ts +0 -3
  151. package/alterations-js/1.12.0-1700031616-update-org-role-foreign-keys.d.ts +0 -3
  152. package/alterations-js/1.12.0-1701054133-add-unique-constraint-to-the-sso-connector-name.d.ts +0 -3
  153. package/alterations-js/1.12.0-1701245520-add-single-sign-on-enabled-flag-to-sie.d.ts +0 -3
  154. package/alterations-js/1.13.0-1702274830-add-new-third-party-column-to-applications-table.d.ts +0 -3
  155. package/alterations-js/1.13.0-1702372401-add-application-permissions-tables.d.ts +0 -3
  156. package/alterations-js/1.13.0-1702544178-sync-tenant-orgs.d.ts +0 -18
  157. package/alterations-js/1.13.0-1702871078-protected-application-type.d.ts +0 -3
  158. package/alterations-js/1.13.0-1702877515-protected-app-configs.d.ts +0 -3
  159. package/alterations-js/1.13.0-1702978120-application-sign-in-experience-table.d.ts +0 -3
  160. package/alterations-js/1.13.0-1703229996-daily-token-usage.d.ts +0 -3
  161. package/alterations-js/1.13.0-1703230000-update-tenant-roles.d.ts +0 -11
  162. package/alterations-js/1.13.0-1704692973-remove-legacy-resources.d.ts +0 -3
  163. package/alterations-js/1.13.0-1704934999-add-magic-links-table.d.ts +0 -3
  164. package/alterations-js/1.13.0-1704935001-add-organization-invitation-tables.d.ts +0 -3
  165. package/alterations-js/1.13.0-1705288654-add-application-user-consent-organizations-table.d.ts +0 -3
  166. package/alterations-js/1.13.0-1705991158-update-invitation-indices.d.ts +0 -7
  167. package/alterations-js/1.13.0-1706449174-update-organization-invitation-column.d.ts +0 -3
  168. package/alterations-js/1.13.0-1706510290-protected-app-host-index.d.ts +0 -3
  169. package/alterations-js/1.13.0-1706512952-restore-get-started-page.d.ts +0 -3
  170. package/alterations-js/1.13.0-1706528755-remove-magic-links.d.ts +0 -3
  171. package/alterations-js/1.13.0-1706585206-protected-app-custom-domain-unique.d.ts +0 -3
  172. package/alterations-js/1.13.1-1707360939-grant-is-suspended-read-permission.d.ts +0 -6
  173. package/alterations-js/1.14.0-1708916601-remove-management-api-scopes-assigned-to-user-role.d.ts +0 -3
  174. package/alterations-js/1.14.0-1709190131-enhance-dau-data-accuracy.d.ts +0 -3
  175. package/alterations-js/1.15.0-1709521416-user-password-encrypt-method.d.ts +0 -3
  176. package/alterations-js/1.15.0-1709528944-regenerate-dau-data.d.ts +0 -3
  177. package/alterations-js/1.15.0-1710223946-add-fetch-custom-jwt-cloud-scope.d.ts +0 -3
  178. package/alterations-js/1.15.0-1710408335-make-resource-scopes-description-nullable.d.ts +0 -3
  179. package/alterations-js/1.15.0-1710859622-add-oidc-standard-claim-properties.d.ts +0 -3
  180. package/alterations-js/1.15.0-1711607772-remove-invite-member-scope-from-tenant-member-role.d.ts +0 -3
  181. package/alterations-js/1.15.0-1711624564-add-read-member-scope-to-tenant-roles.d.ts +0 -3
  182. package/alterations-js/1.15.0-1711955211-organization-resource-scope.d.ts +0 -3
  183. package/alterations-js/1.15.0-1712041436-rename-organization-member-role-to-collaborator.d.ts +0 -3
  184. package/alterations-js/1.15.0-1712545011-fix-organization-resource-scope.d.ts +0 -8
  185. package/alterations-js/1.15.0-1712559358-fix-down-organization-resource-scope.d.ts +0 -8
  186. package/alterations-js/1.16.0-1712912361-delete-jwt-customier-with-empty-script.d.ts +0 -3
  187. package/alterations-js/1.16.0-1713942039-add-organization-custom-data.d.ts +0 -4
  188. package/alterations-js/1.16.0-1714270244-application-org-resource-scope.d.ts +0 -3
  189. package/alterations-js/1.17.0-1715826336-add-default-user-role-config.d.ts +0 -3
  190. package/alterations-js/1.17.0-1715829731-rename-data-hook-schema-update-event.d.ts +0 -3
  191. package/alterations-js/1.17.0-1716278409-remove-internal-role-database-policies.d.ts +0 -3
  192. package/alterations-js/1.17.0-1716291265-create-pre-configured-m-api-role.d.ts +0 -7
  193. package/alterations-js/1.17.0-1717148078-remove-service-log-reference.d.ts +0 -3
  194. package/alterations-js/1.18.0-1717567857-social-sign-in-linking.d.ts +0 -3
  195. package/alterations-js/1.18.0-1717597875-add-organization-email-domains-table.d.ts +0 -3
  196. package/alterations-js/1.18.0-1717818597-organization-mfa-requirement.d.ts +0 -3
  197. package/alterations-js/1.18.0-1718340884-rename-org-email-domains-and-add-jit-roles-table.d.ts +0 -3
  198. package/alterations-js/1.18.0-1718594164-add-agree-to-terms-policy.d.ts +0 -3
  199. package/alterations-js/1.18.0-1718785576-organization-application-relations.d.ts +0 -3
  200. package/alterations-js/1.18.0-1718786576-organization-jit-sso-connectors.d.ts +0 -3
  201. package/alterations-js/1.18.0-1718807616-organization-role-application-relations.d.ts +0 -3
  202. package/alterations-js/1.18.0-1718865814-add-subject-tokens.d.ts +0 -3
  203. package/alterations-js/1.18.0-1719014832-organization-role-types.d.ts +0 -3
  204. package/alterations-js/1.18.0-1719221205-fix-functions.d.ts +0 -7
  205. package/alterations-js/1.18.0-1719312694-custom-ui-assets.d.ts +0 -3
  206. package/alterations-js/1.2.0-1681267285-fix-get-started-passwordless-status.d.ts +0 -3
  207. package/alterations-js/1.3.0-1683292832-update-hooks.d.ts +0 -3
  208. package/alterations-js/1.5.0-1684382842-add-name-tag-created-at-for-tenants-table.d.ts +0 -3
  209. package/alterations-js/1.5.0-1684739802-create-hook-id-index-for-logs.d.ts +0 -3
  210. package/alterations-js/1.5.0-1684822341-init-domains.d.ts +0 -3
  211. package/alterations-js/1.5.0-1684837981-add-manage-tenant-self-scope-to-user-role.d.ts +0 -3
  212. package/alterations-js/1.5.0-1685285719-support-default-resource.d.ts +0 -3
  213. package/alterations-js/1.6.0-1685691718-domain-unique.d.ts +0 -3
  214. package/alterations-js/1.7.0-1688375200-sync-cloud-m2m-to-logto-config.d.ts +0 -3
  215. package/alterations-js/1.7.0-1688613459-remove-m2m-credentials-from-existing-logto-email-connector-config.d.ts +0 -3
  216. package/alterations-js/1.7.0-1688627407-daily-active-users.d.ts +0 -3
  217. package/alterations-js/1.8.0-1692088012-add-is-suspend-column-to-tenants-table.d.ts +0 -3
  218. package/alterations-js/1.8.0-1692194751-add-affiliate-scopes.d.ts +0 -3
  219. package/alterations-js/1.9.0-1693554904-add-possword-policy.d.ts +0 -4
  220. package/alterations-js/1.9.0-1694399696-add-type-col-to-roles-table.d.ts +0 -3
  221. package/alterations-js/1.9.0-1694418765-specify-check-role-type-function-to-be-public-schema.d.ts +0 -9
  222. package/alterations-js/1.9.0-1694484927-remove-deprecated-challenge-flag.d.ts +0 -3
  223. package/alterations-js/1.9.0-1694487524-sie-mfa.d.ts +0 -3
  224. package/alterations-js/1.9.0-1694509714-keep-existing-password-policy.d.ts +0 -3
  225. package/alterations-js/1.9.0-1694746763-user-verifications.d.ts +0 -3
  226. package/alterations-js/1.9.2-1694854226-init-sentinel.d.ts +0 -3
  227. package/alterations-js/1.9.2-1695198741-remove-m2m-app-admin-access-switch.d.ts +0 -3
  228. package/alterations-js/utils/1704934999-tables.d.ts +0 -11
  229. package/alterations-js/utils/1716643968-id-generation.d.ts +0 -19
package/lib/types/logto-config/jwt-customizer.d.ts CHANGED
@@ -1,6 +1,7 @@
1
1
  import { type ZodType, z } from 'zod';
2
2
  import { type Organization, type Role, type UserSsoIdentity } from '../../db-entries/index.js';
3
3
  import { type MfaFactors } from '../../foundations/index.js';
4
+ import { GrantType } from '../oidc-config.js';
4
5
  import { type ScopeResponse } from '../scope.js';
5
6
  import { type UserInfo } from '../user.js';
6
7
  export declare const jwtCustomizerGuard: z.ZodObject<{
@@ -34,11 +35,16 @@ export type JwtCustomizerUserContext = UserInfo & {
34
35
  roleName: string;
35
36
  }>;
36
37
  };
37
- export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
38
- name: ZodType<string | null, z.ZodTypeDef, string | null>;
38
+ export declare const jwtCustomizerUserContextGuard: z.ZodObject<z.objectUtil.extendShape<Pick<{
39
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
39
40
  id: ZodType<string, z.ZodTypeDef, string>;
40
- applicationId: ZodType<string | null, z.ZodTypeDef, string | null>;
41
41
  username: ZodType<string | null, z.ZodTypeDef, string | null>;
42
+ primaryEmail: ZodType<string | null, z.ZodTypeDef, string | null>;
43
+ primaryPhone: ZodType<string | null, z.ZodTypeDef, string | null>;
44
+ passwordEncrypted: ZodType<string | null, z.ZodTypeDef, string | null>;
45
+ passwordEncryptionMethod: ZodType<import("../../db-entries/custom-types.js").UsersPasswordEncryptionMethod | null, z.ZodTypeDef, import("../../db-entries/custom-types.js").UsersPasswordEncryptionMethod | null>;
46
+ name: ZodType<string | null, z.ZodTypeDef, string | null>;
47
+ avatar: ZodType<string | null, z.ZodTypeDef, string | null>;
42
48
  profile: ZodType<Partial<{
43
49
  familyName: string;
44
50
  givenName: string;
@@ -80,12 +86,7 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
80
86
  country: string;
81
87
  }>;
82
88
  }>>;
83
- createdAt: ZodType<number, z.ZodTypeDef, number>;
84
- updatedAt: ZodType<number, z.ZodTypeDef, number>;
85
- customData: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
86
- primaryEmail: ZodType<string | null, z.ZodTypeDef, string | null>;
87
- primaryPhone: ZodType<string | null, z.ZodTypeDef, string | null>;
88
- avatar: ZodType<string | null, z.ZodTypeDef, string | null>;
89
+ applicationId: ZodType<string | null, z.ZodTypeDef, string | null>;
89
90
  identities: ZodType<Record<string, {
90
91
  userId: string;
91
92
  details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
@@ -93,8 +94,64 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
93
94
  userId: string;
94
95
  details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
95
96
  }>>;
97
+ customData: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
98
+ logtoConfig: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
99
+ mfaVerifications: ZodType<({
100
+ type: import("../../foundations/index.js").MfaFactor.TOTP;
101
+ id: string;
102
+ key: string;
103
+ createdAt: string;
104
+ lastUsedAt?: string | undefined;
105
+ } | {
106
+ type: import("../../foundations/index.js").MfaFactor.WebAuthn;
107
+ id: string;
108
+ createdAt: string;
109
+ credentialId: string;
110
+ publicKey: string;
111
+ counter: number;
112
+ agent: string;
113
+ lastUsedAt?: string | undefined;
114
+ transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
115
+ } | {
116
+ type: import("../../foundations/index.js").MfaFactor.BackupCode;
117
+ id: string;
118
+ createdAt: string;
119
+ codes: {
120
+ code: string;
121
+ usedAt?: string | undefined;
122
+ }[];
123
+ lastUsedAt?: string | undefined;
124
+ })[], z.ZodTypeDef, ({
125
+ type: import("../../foundations/index.js").MfaFactor.TOTP;
126
+ id: string;
127
+ key: string;
128
+ createdAt: string;
129
+ lastUsedAt?: string | undefined;
130
+ } | {
131
+ type: import("../../foundations/index.js").MfaFactor.WebAuthn;
132
+ id: string;
133
+ createdAt: string;
134
+ credentialId: string;
135
+ publicKey: string;
136
+ counter: number;
137
+ agent: string;
138
+ lastUsedAt?: string | undefined;
139
+ transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
140
+ } | {
141
+ type: import("../../foundations/index.js").MfaFactor.BackupCode;
142
+ id: string;
143
+ createdAt: string;
144
+ codes: {
145
+ code: string;
146
+ usedAt?: string | undefined;
147
+ }[];
148
+ lastUsedAt?: string | undefined;
149
+ })[]>;
96
150
  isSuspended: ZodType<boolean, z.ZodTypeDef, boolean>;
97
151
  lastSignInAt: ZodType<number | null, z.ZodTypeDef, number | null>;
152
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
153
+ updatedAt: ZodType<number, z.ZodTypeDef, number>;
154
+ }, "name" | "id" | "applicationId" | "username" | "createdAt" | "profile" | "customData" | "updatedAt" | "primaryEmail" | "primaryPhone" | "avatar" | "identities" | "isSuspended" | "lastSignInAt">, {
98
155
  hasPassword: z.ZodBoolean;
99
156
  ssoIdentities: z.ZodArray<z.ZodObject<Pick<{
100
157
  tenantId: ZodType<string, z.ZodTypeDef, string>;
@@ -115,19 +172,24 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
115
172
  detail: import("@withtyped/server/lib/types.js").JsonObject;
116
173
  }>, "many">;
117
174
  mfaVerificationFactors: z.ZodArray<z.ZodNativeEnum<typeof import("../../foundations/index.js").MfaFactor>, "many">;
118
- roles: z.ZodArray<z.ZodObject<{
119
- name: ZodType<string, z.ZodTypeDef, string>;
175
+ roles: z.ZodArray<z.ZodObject<z.objectUtil.extendShape<Pick<{
176
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
120
177
  id: ZodType<string, z.ZodTypeDef, string>;
178
+ name: ZodType<string, z.ZodTypeDef, string>;
121
179
  description: ZodType<string, z.ZodTypeDef, string>;
122
- scopes: z.ZodArray<z.ZodObject<Pick<{
123
- name: ZodType<string, z.ZodTypeDef, string>;
124
- id: ZodType<string, z.ZodTypeDef, string>;
180
+ type: ZodType<import("../../db-entries/custom-types.js").RoleType, z.ZodTypeDef, import("../../db-entries/custom-types.js").RoleType>;
181
+ isDefault: ZodType<boolean, z.ZodTypeDef, boolean>;
182
+ }, "name" | "id" | "description">, {
183
+ scopes: z.ZodArray<z.ZodObject<Pick<z.objectUtil.extendShape<{
125
184
  tenantId: ZodType<string, z.ZodTypeDef, string>;
126
- createdAt: ZodType<number, z.ZodTypeDef, number>;
127
- description: ZodType<string | null, z.ZodTypeDef, string | null>;
185
+ id: ZodType<string, z.ZodTypeDef, string>;
128
186
  resourceId: ZodType<string, z.ZodTypeDef, string>;
187
+ name: ZodType<string, z.ZodTypeDef, string>;
188
+ description: ZodType<string | null, z.ZodTypeDef, string | null>;
189
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
190
+ }, {
129
191
  resource: import("../../foundations/schemas.js").Guard<import("../../db-entries/resource.js").Resource>;
130
- }, "name" | "id" | "description" | "resource" | "resourceId">, "strip", z.ZodTypeAny, {
192
+ }>, "name" | "id" | "description" | "resource" | "resourceId">, "strip", z.ZodTypeAny, {
131
193
  name: string;
132
194
  id: string;
133
195
  description: string | null;
@@ -140,7 +202,7 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
140
202
  resource: import("../../db-entries/resource.js").Resource;
141
203
  resourceId: string;
142
204
  }>, "many">;
143
- }, "strip", z.ZodTypeAny, {
205
+ }>, "strip", z.ZodTypeAny, {
144
206
  name: string;
145
207
  id: string;
146
208
  description: string;
@@ -170,6 +232,17 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
170
232
  description: ZodType<string | null, z.ZodTypeDef, string | null>;
171
233
  customData: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
172
234
  isMfaRequired: ZodType<boolean, z.ZodTypeDef, boolean>;
235
+ branding: ZodType<{
236
+ logoUrl?: string | undefined;
237
+ darkLogoUrl?: string | undefined;
238
+ favicon?: string | undefined;
239
+ darkFavicon?: string | undefined;
240
+ }, z.ZodTypeDef, {
241
+ logoUrl?: string | undefined;
242
+ darkLogoUrl?: string | undefined;
243
+ favicon?: string | undefined;
244
+ darkFavicon?: string | undefined;
245
+ }>;
173
246
  createdAt: ZodType<number, z.ZodTypeDef, number>;
174
247
  }, "name" | "id" | "description">, "strip", z.ZodTypeAny, {
175
248
  name: string;
@@ -193,35 +266,15 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
193
266
  roleId: string;
194
267
  roleName: string;
195
268
  }>, "many">;
196
- }, "strip", z.ZodTypeAny, {
269
+ }>, "strip", z.ZodTypeAny, {
197
270
  name: string | null;
198
271
  id: string;
199
272
  applicationId: string | null;
200
273
  username: string | null;
201
- profile: Partial<{
202
- familyName: string;
203
- givenName: string;
204
- middleName: string;
205
- nickname: string;
206
- preferredUsername: string;
207
- profile: string;
208
- website: string;
209
- gender: string;
210
- birthdate: string;
211
- zoneinfo: string;
212
- locale: string;
213
- address: Partial<{
214
- formatted: string;
215
- streetAddress: string;
216
- locality: string;
217
- region: string;
218
- postalCode: string;
219
- country: string;
220
- }>;
221
- }>;
222
274
  createdAt: number;
223
- updatedAt: number;
275
+ profile: import("../../foundations/index.js").UserProfile;
224
276
  customData: import("@withtyped/server/lib/types.js").JsonObject;
277
+ updatedAt: number;
225
278
  organizations: {
226
279
  name: string;
227
280
  id: string;
@@ -242,10 +295,7 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
242
295
  primaryEmail: string | null;
243
296
  primaryPhone: string | null;
244
297
  avatar: string | null;
245
- identities: Record<string, {
246
- userId: string;
247
- details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
248
- }>;
298
+ identities: import("../../foundations/index.js").Identities;
249
299
  isSuspended: boolean;
250
300
  lastSignInAt: number | null;
251
301
  hasPassword: boolean;
@@ -265,30 +315,10 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
265
315
  id: string;
266
316
  applicationId: string | null;
267
317
  username: string | null;
268
- profile: Partial<{
269
- familyName: string;
270
- givenName: string;
271
- middleName: string;
272
- nickname: string;
273
- preferredUsername: string;
274
- profile: string;
275
- website: string;
276
- gender: string;
277
- birthdate: string;
278
- zoneinfo: string;
279
- locale: string;
280
- address: Partial<{
281
- formatted: string;
282
- streetAddress: string;
283
- locality: string;
284
- region: string;
285
- postalCode: string;
286
- country: string;
287
- }>;
288
- }>;
289
318
  createdAt: number;
290
- updatedAt: number;
319
+ profile: import("../../foundations/index.js").UserProfile;
291
320
  customData: import("@withtyped/server/lib/types.js").JsonObject;
321
+ updatedAt: number;
292
322
  organizations: {
293
323
  name: string;
294
324
  id: string;
@@ -309,10 +339,7 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
309
339
  primaryEmail: string | null;
310
340
  primaryPhone: string | null;
311
341
  avatar: string | null;
312
- identities: Record<string, {
313
- userId: string;
314
- details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
315
- }>;
342
+ identities: import("../../foundations/index.js").Identities;
316
343
  isSuspended: boolean;
317
344
  lastSignInAt: number | null;
318
345
  hasPassword: boolean;
@@ -328,9 +355,22 @@ export declare const jwtCustomizerUserContextGuard: z.ZodObject<{
328
355
  roleName: string;
329
356
  }[];
330
357
  }>;
331
- export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
358
+ export declare const jwtCustomizerGrantContextGuard: z.ZodObject<{
359
+ type: z.ZodLiteral<GrantType.TokenExchange>;
360
+ subjectTokenContext: z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>;
361
+ }, "strip", z.ZodTypeAny, {
362
+ type: GrantType.TokenExchange;
363
+ subjectTokenContext: Record<string, import("@withtyped/server/lib/types.js").Json>;
364
+ }, {
365
+ type: GrantType.TokenExchange;
366
+ subjectTokenContext: Record<string, import("@withtyped/server/lib/types.js").Json>;
367
+ }>;
368
+ export type JwtCustomizerGrantContext = z.infer<typeof jwtCustomizerGrantContextGuard>;
369
+ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<z.objectUtil.extendShape<{
332
370
  script: z.ZodString;
333
371
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
372
+ contextSample: z.ZodOptional<z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>>;
373
+ }, {
334
374
  tokenSample: z.ZodOptional<z.ZodObject<{
335
375
  accountId: z.ZodOptional<z.ZodString>;
336
376
  expiresWithSession: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
@@ -344,28 +384,28 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
344
384
  scope: z.ZodOptional<z.ZodOptional<z.ZodString>>;
345
385
  clientId: z.ZodOptional<z.ZodOptional<z.ZodString>>;
346
386
  }, "strict", z.ZodTypeAny, {
387
+ grantId?: string | undefined;
388
+ scope?: string | undefined;
347
389
  accountId?: string | undefined;
348
390
  expiresWithSession?: boolean | undefined;
349
- grantId?: string | undefined;
350
391
  gty?: string | undefined;
351
392
  sessionUid?: string | undefined;
352
393
  sid?: string | undefined;
353
394
  kind?: "AccessToken" | undefined;
354
395
  jti?: string | undefined;
355
396
  aud?: string | string[] | undefined;
356
- scope?: string | undefined;
357
397
  clientId?: string | undefined;
358
398
  }, {
399
+ grantId?: string | undefined;
400
+ scope?: string | undefined;
359
401
  accountId?: string | undefined;
360
402
  expiresWithSession?: boolean | undefined;
361
- grantId?: string | undefined;
362
403
  gty?: string | undefined;
363
404
  sessionUid?: string | undefined;
364
405
  sid?: string | undefined;
365
406
  kind?: "AccessToken" | undefined;
366
407
  jti?: string | undefined;
367
408
  aud?: string | string[] | undefined;
368
- scope?: string | undefined;
369
409
  clientId?: string | undefined;
370
410
  }>>;
371
411
  contextSample: z.ZodOptional<z.ZodObject<{
@@ -374,6 +414,7 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
374
414
  id: z.ZodOptional<ZodType<string, z.ZodTypeDef, string>>;
375
415
  applicationId: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
376
416
  username: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
417
+ createdAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
377
418
  profile: z.ZodOptional<ZodType<Partial<{
378
419
  familyName: string;
379
420
  givenName: string;
@@ -415,9 +456,8 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
415
456
  country: string;
416
457
  }>;
417
458
  }>>>;
418
- createdAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
419
- updatedAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
420
459
  customData: z.ZodOptional<ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>>;
460
+ updatedAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
421
461
  primaryEmail: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
422
462
  primaryPhone: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
423
463
  avatar: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
@@ -450,19 +490,24 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
450
490
  detail: import("@withtyped/server/lib/types.js").JsonObject;
451
491
  }>, "many">>;
452
492
  mfaVerificationFactors: z.ZodOptional<z.ZodArray<z.ZodNativeEnum<typeof import("../../foundations/index.js").MfaFactor>, "many">>;
453
- roles: z.ZodOptional<z.ZodArray<z.ZodObject<{
454
- name: ZodType<string, z.ZodTypeDef, string>;
493
+ roles: z.ZodOptional<z.ZodArray<z.ZodObject<z.objectUtil.extendShape<Pick<{
494
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
455
495
  id: ZodType<string, z.ZodTypeDef, string>;
496
+ name: ZodType<string, z.ZodTypeDef, string>;
456
497
  description: ZodType<string, z.ZodTypeDef, string>;
457
- scopes: z.ZodArray<z.ZodObject<Pick<{
458
- name: ZodType<string, z.ZodTypeDef, string>;
459
- id: ZodType<string, z.ZodTypeDef, string>;
498
+ type: ZodType<import("../../db-entries/custom-types.js").RoleType, z.ZodTypeDef, import("../../db-entries/custom-types.js").RoleType>;
499
+ isDefault: ZodType<boolean, z.ZodTypeDef, boolean>;
500
+ }, "name" | "id" | "description">, {
501
+ scopes: z.ZodArray<z.ZodObject<Pick<z.objectUtil.extendShape<{
460
502
  tenantId: ZodType<string, z.ZodTypeDef, string>;
461
- createdAt: ZodType<number, z.ZodTypeDef, number>;
462
- description: ZodType<string | null, z.ZodTypeDef, string | null>;
503
+ id: ZodType<string, z.ZodTypeDef, string>;
463
504
  resourceId: ZodType<string, z.ZodTypeDef, string>;
505
+ name: ZodType<string, z.ZodTypeDef, string>;
506
+ description: ZodType<string | null, z.ZodTypeDef, string | null>;
507
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
508
+ }, {
464
509
  resource: import("../../foundations/schemas.js").Guard<import("../../db-entries/resource.js").Resource>;
465
- }, "name" | "id" | "description" | "resource" | "resourceId">, "strip", z.ZodTypeAny, {
510
+ }>, "name" | "id" | "description" | "resource" | "resourceId">, "strip", z.ZodTypeAny, {
466
511
  name: string;
467
512
  id: string;
468
513
  description: string | null;
@@ -475,7 +520,7 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
475
520
  resource: import("../../db-entries/resource.js").Resource;
476
521
  resourceId: string;
477
522
  }>, "many">;
478
- }, "strip", z.ZodTypeAny, {
523
+ }>, "strip", z.ZodTypeAny, {
479
524
  name: string;
480
525
  id: string;
481
526
  description: string;
@@ -505,6 +550,17 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
505
550
  description: ZodType<string | null, z.ZodTypeDef, string | null>;
506
551
  customData: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
507
552
  isMfaRequired: ZodType<boolean, z.ZodTypeDef, boolean>;
553
+ branding: ZodType<{
554
+ logoUrl?: string | undefined;
555
+ darkLogoUrl?: string | undefined;
556
+ favicon?: string | undefined;
557
+ darkFavicon?: string | undefined;
558
+ }, z.ZodTypeDef, {
559
+ logoUrl?: string | undefined;
560
+ darkLogoUrl?: string | undefined;
561
+ favicon?: string | undefined;
562
+ darkFavicon?: string | undefined;
563
+ }>;
508
564
  createdAt: ZodType<number, z.ZodTypeDef, number>;
509
565
  }, "name" | "id" | "description">, "strip", z.ZodTypeAny, {
510
566
  name: string;
@@ -533,6 +589,7 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
533
589
  id?: string | undefined;
534
590
  applicationId?: string | null | undefined;
535
591
  username?: string | null | undefined;
592
+ createdAt?: number | undefined;
536
593
  profile?: Partial<{
537
594
  familyName: string;
538
595
  givenName: string;
@@ -554,9 +611,25 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
554
611
  country: string;
555
612
  }>;
556
613
  }> | undefined;
557
- createdAt?: number | undefined;
558
- updatedAt?: number | undefined;
559
614
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
615
+ updatedAt?: number | undefined;
616
+ organizations?: {
617
+ name: string;
618
+ id: string;
619
+ description: string | null;
620
+ }[] | undefined;
621
+ roles?: {
622
+ name: string;
623
+ id: string;
624
+ description: string;
625
+ scopes: {
626
+ name: string;
627
+ id: string;
628
+ description: string | null;
629
+ resource: import("../../db-entries/resource.js").Resource;
630
+ resourceId: string;
631
+ }[];
632
+ }[] | undefined;
560
633
  primaryEmail?: string | null | undefined;
561
634
  primaryPhone?: string | null | undefined;
562
635
  avatar?: string | null | undefined;
@@ -573,23 +646,6 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
573
646
  detail: import("@withtyped/server/lib/types.js").JsonObject;
574
647
  }[] | undefined;
575
648
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
576
- roles?: {
577
- name: string;
578
- id: string;
579
- description: string;
580
- scopes: {
581
- name: string;
582
- id: string;
583
- description: string | null;
584
- resource: import("../../db-entries/resource.js").Resource;
585
- resourceId: string;
586
- }[];
587
- }[] | undefined;
588
- organizations?: {
589
- name: string;
590
- id: string;
591
- description: string | null;
592
- }[] | undefined;
593
649
  organizationRoles?: {
594
650
  organizationId: string;
595
651
  roleId: string;
@@ -600,6 +656,7 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
600
656
  id?: string | undefined;
601
657
  applicationId?: string | null | undefined;
602
658
  username?: string | null | undefined;
659
+ createdAt?: number | undefined;
603
660
  profile?: Partial<{
604
661
  familyName: string;
605
662
  givenName: string;
@@ -621,9 +678,25 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
621
678
  country: string;
622
679
  }>;
623
680
  }> | undefined;
624
- createdAt?: number | undefined;
625
- updatedAt?: number | undefined;
626
681
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
682
+ updatedAt?: number | undefined;
683
+ organizations?: {
684
+ name: string;
685
+ id: string;
686
+ description: string | null;
687
+ }[] | undefined;
688
+ roles?: {
689
+ name: string;
690
+ id: string;
691
+ description: string;
692
+ scopes: {
693
+ name: string;
694
+ id: string;
695
+ description: string | null;
696
+ resource: import("../../db-entries/resource.js").Resource;
697
+ resourceId: string;
698
+ }[];
699
+ }[] | undefined;
627
700
  primaryEmail?: string | null | undefined;
628
701
  primaryPhone?: string | null | undefined;
629
702
  avatar?: string | null | undefined;
@@ -640,35 +713,29 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
640
713
  detail: import("@withtyped/server/lib/types.js").JsonObject;
641
714
  }[] | undefined;
642
715
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
643
- roles?: {
644
- name: string;
645
- id: string;
646
- description: string;
647
- scopes: {
648
- name: string;
649
- id: string;
650
- description: string | null;
651
- resource: import("../../db-entries/resource.js").Resource;
652
- resourceId: string;
653
- }[];
654
- }[] | undefined;
655
- organizations?: {
656
- name: string;
657
- id: string;
658
- description: string | null;
659
- }[] | undefined;
660
716
  organizationRoles?: {
661
717
  organizationId: string;
662
718
  roleId: string;
663
719
  roleName: string;
664
720
  }[] | undefined;
665
721
  }>;
722
+ grant: z.ZodOptional<z.ZodObject<{
723
+ type: z.ZodOptional<z.ZodLiteral<GrantType.TokenExchange>>;
724
+ subjectTokenContext: z.ZodOptional<z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>>;
725
+ }, "strip", z.ZodTypeAny, {
726
+ type?: GrantType.TokenExchange | undefined;
727
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
728
+ }, {
729
+ type?: GrantType.TokenExchange | undefined;
730
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
731
+ }>>;
666
732
  }, "strip", z.ZodTypeAny, {
667
733
  user: {
668
734
  name?: string | null | undefined;
669
735
  id?: string | undefined;
670
736
  applicationId?: string | null | undefined;
671
737
  username?: string | null | undefined;
738
+ createdAt?: number | undefined;
672
739
  profile?: Partial<{
673
740
  familyName: string;
674
741
  givenName: string;
@@ -690,9 +757,25 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
690
757
  country: string;
691
758
  }>;
692
759
  }> | undefined;
693
- createdAt?: number | undefined;
694
- updatedAt?: number | undefined;
695
760
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
761
+ updatedAt?: number | undefined;
762
+ organizations?: {
763
+ name: string;
764
+ id: string;
765
+ description: string | null;
766
+ }[] | undefined;
767
+ roles?: {
768
+ name: string;
769
+ id: string;
770
+ description: string;
771
+ scopes: {
772
+ name: string;
773
+ id: string;
774
+ description: string | null;
775
+ resource: import("../../db-entries/resource.js").Resource;
776
+ resourceId: string;
777
+ }[];
778
+ }[] | undefined;
696
779
  primaryEmail?: string | null | undefined;
697
780
  primaryPhone?: string | null | undefined;
698
781
  avatar?: string | null | undefined;
@@ -709,35 +792,23 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
709
792
  detail: import("@withtyped/server/lib/types.js").JsonObject;
710
793
  }[] | undefined;
711
794
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
712
- roles?: {
713
- name: string;
714
- id: string;
715
- description: string;
716
- scopes: {
717
- name: string;
718
- id: string;
719
- description: string | null;
720
- resource: import("../../db-entries/resource.js").Resource;
721
- resourceId: string;
722
- }[];
723
- }[] | undefined;
724
- organizations?: {
725
- name: string;
726
- id: string;
727
- description: string | null;
728
- }[] | undefined;
729
795
  organizationRoles?: {
730
796
  organizationId: string;
731
797
  roleId: string;
732
798
  roleName: string;
733
799
  }[] | undefined;
734
800
  };
801
+ grant?: {
802
+ type?: GrantType.TokenExchange | undefined;
803
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
804
+ } | undefined;
735
805
  }, {
736
806
  user: {
737
807
  name?: string | null | undefined;
738
808
  id?: string | undefined;
739
809
  applicationId?: string | null | undefined;
740
810
  username?: string | null | undefined;
811
+ createdAt?: number | undefined;
741
812
  profile?: Partial<{
742
813
  familyName: string;
743
814
  givenName: string;
@@ -759,26 +830,14 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
759
830
  country: string;
760
831
  }>;
761
832
  }> | undefined;
762
- createdAt?: number | undefined;
763
- updatedAt?: number | undefined;
764
833
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
765
- primaryEmail?: string | null | undefined;
766
- primaryPhone?: string | null | undefined;
767
- avatar?: string | null | undefined;
768
- identities?: Record<string, {
769
- userId: string;
770
- details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
771
- }> | undefined;
772
- isSuspended?: boolean | undefined;
773
- lastSignInAt?: number | null | undefined;
774
- hasPassword?: boolean | undefined;
775
- ssoIdentities?: {
776
- issuer: string;
777
- identityId: string;
778
- detail: import("@withtyped/server/lib/types.js").JsonObject;
779
- }[] | undefined;
780
- mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
781
- roles?: {
834
+ updatedAt?: number | undefined;
835
+ organizations?: {
836
+ name: string;
837
+ id: string;
838
+ description: string | null;
839
+ }[] | undefined;
840
+ roles?: {
782
841
  name: string;
783
842
  id: string;
784
843
  description: string;
@@ -790,40 +849,43 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
790
849
  resourceId: string;
791
850
  }[];
792
851
  }[] | undefined;
793
- organizations?: {
794
- name: string;
795
- id: string;
796
- description: string | null;
852
+ primaryEmail?: string | null | undefined;
853
+ primaryPhone?: string | null | undefined;
854
+ avatar?: string | null | undefined;
855
+ identities?: Record<string, {
856
+ userId: string;
857
+ details?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
858
+ }> | undefined;
859
+ isSuspended?: boolean | undefined;
860
+ lastSignInAt?: number | null | undefined;
861
+ hasPassword?: boolean | undefined;
862
+ ssoIdentities?: {
863
+ issuer: string;
864
+ identityId: string;
865
+ detail: import("@withtyped/server/lib/types.js").JsonObject;
797
866
  }[] | undefined;
867
+ mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
798
868
  organizationRoles?: {
799
869
  organizationId: string;
800
870
  roleId: string;
801
871
  roleName: string;
802
872
  }[] | undefined;
803
873
  };
874
+ grant?: {
875
+ type?: GrantType.TokenExchange | undefined;
876
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
877
+ } | undefined;
804
878
  }>>;
805
- }, "strict", z.ZodTypeAny, {
879
+ }>, "strict", z.ZodTypeAny, {
806
880
  script: string;
807
881
  environmentVariables?: Record<string, string> | undefined;
808
- tokenSample?: {
809
- accountId?: string | undefined;
810
- expiresWithSession?: boolean | undefined;
811
- grantId?: string | undefined;
812
- gty?: string | undefined;
813
- sessionUid?: string | undefined;
814
- sid?: string | undefined;
815
- kind?: "AccessToken" | undefined;
816
- jti?: string | undefined;
817
- aud?: string | string[] | undefined;
818
- scope?: string | undefined;
819
- clientId?: string | undefined;
820
- } | undefined;
821
882
  contextSample?: {
822
883
  user: {
823
884
  name?: string | null | undefined;
824
885
  id?: string | undefined;
825
886
  applicationId?: string | null | undefined;
826
887
  username?: string | null | undefined;
888
+ createdAt?: number | undefined;
827
889
  profile?: Partial<{
828
890
  familyName: string;
829
891
  givenName: string;
@@ -845,9 +907,25 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
845
907
  country: string;
846
908
  }>;
847
909
  }> | undefined;
848
- createdAt?: number | undefined;
849
- updatedAt?: number | undefined;
850
910
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
911
+ updatedAt?: number | undefined;
912
+ organizations?: {
913
+ name: string;
914
+ id: string;
915
+ description: string | null;
916
+ }[] | undefined;
917
+ roles?: {
918
+ name: string;
919
+ id: string;
920
+ description: string;
921
+ scopes: {
922
+ name: string;
923
+ id: string;
924
+ description: string | null;
925
+ resource: import("../../db-entries/resource.js").Resource;
926
+ resourceId: string;
927
+ }[];
928
+ }[] | undefined;
851
929
  primaryEmail?: string | null | undefined;
852
930
  primaryPhone?: string | null | undefined;
853
931
  avatar?: string | null | undefined;
@@ -864,52 +942,40 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
864
942
  detail: import("@withtyped/server/lib/types.js").JsonObject;
865
943
  }[] | undefined;
866
944
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
867
- roles?: {
868
- name: string;
869
- id: string;
870
- description: string;
871
- scopes: {
872
- name: string;
873
- id: string;
874
- description: string | null;
875
- resource: import("../../db-entries/resource.js").Resource;
876
- resourceId: string;
877
- }[];
878
- }[] | undefined;
879
- organizations?: {
880
- name: string;
881
- id: string;
882
- description: string | null;
883
- }[] | undefined;
884
945
  organizationRoles?: {
885
946
  organizationId: string;
886
947
  roleId: string;
887
948
  roleName: string;
888
949
  }[] | undefined;
889
950
  };
951
+ grant?: {
952
+ type?: GrantType.TokenExchange | undefined;
953
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
954
+ } | undefined;
890
955
  } | undefined;
891
- }, {
892
- script: string;
893
- environmentVariables?: Record<string, string> | undefined;
894
956
  tokenSample?: {
957
+ grantId?: string | undefined;
958
+ scope?: string | undefined;
895
959
  accountId?: string | undefined;
896
960
  expiresWithSession?: boolean | undefined;
897
- grantId?: string | undefined;
898
961
  gty?: string | undefined;
899
962
  sessionUid?: string | undefined;
900
963
  sid?: string | undefined;
901
964
  kind?: "AccessToken" | undefined;
902
965
  jti?: string | undefined;
903
966
  aud?: string | string[] | undefined;
904
- scope?: string | undefined;
905
967
  clientId?: string | undefined;
906
968
  } | undefined;
969
+ }, {
970
+ script: string;
971
+ environmentVariables?: Record<string, string> | undefined;
907
972
  contextSample?: {
908
973
  user: {
909
974
  name?: string | null | undefined;
910
975
  id?: string | undefined;
911
976
  applicationId?: string | null | undefined;
912
977
  username?: string | null | undefined;
978
+ createdAt?: number | undefined;
913
979
  profile?: Partial<{
914
980
  familyName: string;
915
981
  givenName: string;
@@ -931,9 +997,25 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
931
997
  country: string;
932
998
  }>;
933
999
  }> | undefined;
934
- createdAt?: number | undefined;
935
- updatedAt?: number | undefined;
936
1000
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1001
+ updatedAt?: number | undefined;
1002
+ organizations?: {
1003
+ name: string;
1004
+ id: string;
1005
+ description: string | null;
1006
+ }[] | undefined;
1007
+ roles?: {
1008
+ name: string;
1009
+ id: string;
1010
+ description: string;
1011
+ scopes: {
1012
+ name: string;
1013
+ id: string;
1014
+ description: string | null;
1015
+ resource: import("../../db-entries/resource.js").Resource;
1016
+ resourceId: string;
1017
+ }[];
1018
+ }[] | undefined;
937
1019
  primaryEmail?: string | null | undefined;
938
1020
  primaryPhone?: string | null | undefined;
939
1021
  avatar?: string | null | undefined;
@@ -950,36 +1032,37 @@ export declare const accessTokenJwtCustomizerGuard: z.ZodObject<{
950
1032
  detail: import("@withtyped/server/lib/types.js").JsonObject;
951
1033
  }[] | undefined;
952
1034
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
953
- roles?: {
954
- name: string;
955
- id: string;
956
- description: string;
957
- scopes: {
958
- name: string;
959
- id: string;
960
- description: string | null;
961
- resource: import("../../db-entries/resource.js").Resource;
962
- resourceId: string;
963
- }[];
964
- }[] | undefined;
965
- organizations?: {
966
- name: string;
967
- id: string;
968
- description: string | null;
969
- }[] | undefined;
970
1035
  organizationRoles?: {
971
1036
  organizationId: string;
972
1037
  roleId: string;
973
1038
  roleName: string;
974
1039
  }[] | undefined;
975
1040
  };
1041
+ grant?: {
1042
+ type?: GrantType.TokenExchange | undefined;
1043
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1044
+ } | undefined;
1045
+ } | undefined;
1046
+ tokenSample?: {
1047
+ grantId?: string | undefined;
1048
+ scope?: string | undefined;
1049
+ accountId?: string | undefined;
1050
+ expiresWithSession?: boolean | undefined;
1051
+ gty?: string | undefined;
1052
+ sessionUid?: string | undefined;
1053
+ sid?: string | undefined;
1054
+ kind?: "AccessToken" | undefined;
1055
+ jti?: string | undefined;
1056
+ aud?: string | string[] | undefined;
1057
+ clientId?: string | undefined;
976
1058
  } | undefined;
977
1059
  }>;
978
1060
  export type AccessTokenJwtCustomizer = z.infer<typeof accessTokenJwtCustomizerGuard>;
979
- export declare const clientCredentialsJwtCustomizerGuard: z.ZodObject<{
1061
+ export declare const clientCredentialsJwtCustomizerGuard: z.ZodObject<z.objectUtil.extendShape<{
980
1062
  script: z.ZodString;
981
1063
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
982
1064
  contextSample: z.ZodOptional<z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>>;
1065
+ }, {
983
1066
  tokenSample: z.ZodOptional<z.ZodObject<{
984
1067
  kind: z.ZodOptional<z.ZodLiteral<"ClientCredentials">>;
985
1068
  jti: z.ZodOptional<z.ZodString>;
@@ -987,27 +1070,27 @@ export declare const clientCredentialsJwtCustomizerGuard: z.ZodObject<{
987
1070
  scope: z.ZodOptional<z.ZodOptional<z.ZodString>>;
988
1071
  clientId: z.ZodOptional<z.ZodOptional<z.ZodString>>;
989
1072
  }, "strict", z.ZodTypeAny, {
1073
+ scope?: string | undefined;
990
1074
  kind?: "ClientCredentials" | undefined;
991
1075
  jti?: string | undefined;
992
1076
  aud?: string | string[] | undefined;
993
- scope?: string | undefined;
994
1077
  clientId?: string | undefined;
995
1078
  }, {
1079
+ scope?: string | undefined;
996
1080
  kind?: "ClientCredentials" | undefined;
997
1081
  jti?: string | undefined;
998
1082
  aud?: string | string[] | undefined;
999
- scope?: string | undefined;
1000
1083
  clientId?: string | undefined;
1001
1084
  }>>;
1002
- }, "strict", z.ZodTypeAny, {
1085
+ }>, "strict", z.ZodTypeAny, {
1003
1086
  script: string;
1004
1087
  environmentVariables?: Record<string, string> | undefined;
1005
1088
  contextSample?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1006
1089
  tokenSample?: {
1090
+ scope?: string | undefined;
1007
1091
  kind?: "ClientCredentials" | undefined;
1008
1092
  jti?: string | undefined;
1009
1093
  aud?: string | string[] | undefined;
1010
- scope?: string | undefined;
1011
1094
  clientId?: string | undefined;
1012
1095
  } | undefined;
1013
1096
  }, {
@@ -1015,10 +1098,10 @@ export declare const clientCredentialsJwtCustomizerGuard: z.ZodObject<{
1015
1098
  environmentVariables?: Record<string, string> | undefined;
1016
1099
  contextSample?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1017
1100
  tokenSample?: {
1101
+ scope?: string | undefined;
1018
1102
  kind?: "ClientCredentials" | undefined;
1019
1103
  jti?: string | undefined;
1020
1104
  aud?: string | string[] | undefined;
1021
- scope?: string | undefined;
1022
1105
  clientId?: string | undefined;
1023
1106
  } | undefined;
1024
1107
  }>;
@@ -1044,28 +1127,28 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1044
1127
  scope: z.ZodOptional<z.ZodOptional<z.ZodString>>;
1045
1128
  clientId: z.ZodOptional<z.ZodOptional<z.ZodString>>;
1046
1129
  }, "strict", z.ZodTypeAny, {
1130
+ grantId?: string | undefined;
1131
+ scope?: string | undefined;
1047
1132
  accountId?: string | undefined;
1048
1133
  expiresWithSession?: boolean | undefined;
1049
- grantId?: string | undefined;
1050
1134
  gty?: string | undefined;
1051
1135
  sessionUid?: string | undefined;
1052
1136
  sid?: string | undefined;
1053
1137
  kind?: "AccessToken" | undefined;
1054
1138
  jti?: string | undefined;
1055
1139
  aud?: string | string[] | undefined;
1056
- scope?: string | undefined;
1057
1140
  clientId?: string | undefined;
1058
1141
  }, {
1142
+ grantId?: string | undefined;
1143
+ scope?: string | undefined;
1059
1144
  accountId?: string | undefined;
1060
1145
  expiresWithSession?: boolean | undefined;
1061
- grantId?: string | undefined;
1062
1146
  gty?: string | undefined;
1063
1147
  sessionUid?: string | undefined;
1064
1148
  sid?: string | undefined;
1065
1149
  kind?: "AccessToken" | undefined;
1066
1150
  jti?: string | undefined;
1067
1151
  aud?: string | string[] | undefined;
1068
- scope?: string | undefined;
1069
1152
  clientId?: string | undefined;
1070
1153
  }>;
1071
1154
  context: z.ZodObject<{
@@ -1074,6 +1157,7 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1074
1157
  id: z.ZodOptional<ZodType<string, z.ZodTypeDef, string>>;
1075
1158
  applicationId: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
1076
1159
  username: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
1160
+ createdAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
1077
1161
  profile: z.ZodOptional<ZodType<Partial<{
1078
1162
  familyName: string;
1079
1163
  givenName: string;
@@ -1115,9 +1199,8 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1115
1199
  country: string;
1116
1200
  }>;
1117
1201
  }>>>;
1118
- createdAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
1119
- updatedAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
1120
1202
  customData: z.ZodOptional<ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>>;
1203
+ updatedAt: z.ZodOptional<ZodType<number, z.ZodTypeDef, number>>;
1121
1204
  primaryEmail: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
1122
1205
  primaryPhone: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
1123
1206
  avatar: z.ZodOptional<ZodType<string | null, z.ZodTypeDef, string | null>>;
@@ -1150,19 +1233,24 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1150
1233
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1151
1234
  }>, "many">>;
1152
1235
  mfaVerificationFactors: z.ZodOptional<z.ZodArray<z.ZodNativeEnum<typeof import("../../foundations/index.js").MfaFactor>, "many">>;
1153
- roles: z.ZodOptional<z.ZodArray<z.ZodObject<{
1154
- name: ZodType<string, z.ZodTypeDef, string>;
1236
+ roles: z.ZodOptional<z.ZodArray<z.ZodObject<z.objectUtil.extendShape<Pick<{
1237
+ tenantId: ZodType<string, z.ZodTypeDef, string>;
1155
1238
  id: ZodType<string, z.ZodTypeDef, string>;
1239
+ name: ZodType<string, z.ZodTypeDef, string>;
1156
1240
  description: ZodType<string, z.ZodTypeDef, string>;
1157
- scopes: z.ZodArray<z.ZodObject<Pick<{
1158
- name: ZodType<string, z.ZodTypeDef, string>;
1159
- id: ZodType<string, z.ZodTypeDef, string>;
1241
+ type: ZodType<import("../../db-entries/custom-types.js").RoleType, z.ZodTypeDef, import("../../db-entries/custom-types.js").RoleType>;
1242
+ isDefault: ZodType<boolean, z.ZodTypeDef, boolean>;
1243
+ }, "name" | "id" | "description">, {
1244
+ scopes: z.ZodArray<z.ZodObject<Pick<z.objectUtil.extendShape<{
1160
1245
  tenantId: ZodType<string, z.ZodTypeDef, string>;
1161
- createdAt: ZodType<number, z.ZodTypeDef, number>;
1162
- description: ZodType<string | null, z.ZodTypeDef, string | null>;
1246
+ id: ZodType<string, z.ZodTypeDef, string>;
1163
1247
  resourceId: ZodType<string, z.ZodTypeDef, string>;
1248
+ name: ZodType<string, z.ZodTypeDef, string>;
1249
+ description: ZodType<string | null, z.ZodTypeDef, string | null>;
1250
+ createdAt: ZodType<number, z.ZodTypeDef, number>;
1251
+ }, {
1164
1252
  resource: import("../../foundations/schemas.js").Guard<import("../../db-entries/resource.js").Resource>;
1165
- }, "name" | "id" | "description" | "resource" | "resourceId">, "strip", z.ZodTypeAny, {
1253
+ }>, "name" | "id" | "description" | "resource" | "resourceId">, "strip", z.ZodTypeAny, {
1166
1254
  name: string;
1167
1255
  id: string;
1168
1256
  description: string | null;
@@ -1175,7 +1263,7 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1175
1263
  resource: import("../../db-entries/resource.js").Resource;
1176
1264
  resourceId: string;
1177
1265
  }>, "many">;
1178
- }, "strip", z.ZodTypeAny, {
1266
+ }>, "strip", z.ZodTypeAny, {
1179
1267
  name: string;
1180
1268
  id: string;
1181
1269
  description: string;
@@ -1205,6 +1293,17 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1205
1293
  description: ZodType<string | null, z.ZodTypeDef, string | null>;
1206
1294
  customData: ZodType<import("@withtyped/server/lib/types.js").JsonObject, z.ZodTypeDef, import("@withtyped/server/lib/types.js").JsonObject>;
1207
1295
  isMfaRequired: ZodType<boolean, z.ZodTypeDef, boolean>;
1296
+ branding: ZodType<{
1297
+ logoUrl?: string | undefined;
1298
+ darkLogoUrl?: string | undefined;
1299
+ favicon?: string | undefined;
1300
+ darkFavicon?: string | undefined;
1301
+ }, z.ZodTypeDef, {
1302
+ logoUrl?: string | undefined;
1303
+ darkLogoUrl?: string | undefined;
1304
+ favicon?: string | undefined;
1305
+ darkFavicon?: string | undefined;
1306
+ }>;
1208
1307
  createdAt: ZodType<number, z.ZodTypeDef, number>;
1209
1308
  }, "name" | "id" | "description">, "strip", z.ZodTypeAny, {
1210
1309
  name: string;
@@ -1233,6 +1332,7 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1233
1332
  id?: string | undefined;
1234
1333
  applicationId?: string | null | undefined;
1235
1334
  username?: string | null | undefined;
1335
+ createdAt?: number | undefined;
1236
1336
  profile?: Partial<{
1237
1337
  familyName: string;
1238
1338
  givenName: string;
@@ -1254,9 +1354,25 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1254
1354
  country: string;
1255
1355
  }>;
1256
1356
  }> | undefined;
1257
- createdAt?: number | undefined;
1258
- updatedAt?: number | undefined;
1259
1357
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1358
+ updatedAt?: number | undefined;
1359
+ organizations?: {
1360
+ name: string;
1361
+ id: string;
1362
+ description: string | null;
1363
+ }[] | undefined;
1364
+ roles?: {
1365
+ name: string;
1366
+ id: string;
1367
+ description: string;
1368
+ scopes: {
1369
+ name: string;
1370
+ id: string;
1371
+ description: string | null;
1372
+ resource: import("../../db-entries/resource.js").Resource;
1373
+ resourceId: string;
1374
+ }[];
1375
+ }[] | undefined;
1260
1376
  primaryEmail?: string | null | undefined;
1261
1377
  primaryPhone?: string | null | undefined;
1262
1378
  avatar?: string | null | undefined;
@@ -1273,23 +1389,6 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1273
1389
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1274
1390
  }[] | undefined;
1275
1391
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
1276
- roles?: {
1277
- name: string;
1278
- id: string;
1279
- description: string;
1280
- scopes: {
1281
- name: string;
1282
- id: string;
1283
- description: string | null;
1284
- resource: import("../../db-entries/resource.js").Resource;
1285
- resourceId: string;
1286
- }[];
1287
- }[] | undefined;
1288
- organizations?: {
1289
- name: string;
1290
- id: string;
1291
- description: string | null;
1292
- }[] | undefined;
1293
1392
  organizationRoles?: {
1294
1393
  organizationId: string;
1295
1394
  roleId: string;
@@ -1300,6 +1399,7 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1300
1399
  id?: string | undefined;
1301
1400
  applicationId?: string | null | undefined;
1302
1401
  username?: string | null | undefined;
1402
+ createdAt?: number | undefined;
1303
1403
  profile?: Partial<{
1304
1404
  familyName: string;
1305
1405
  givenName: string;
@@ -1321,9 +1421,25 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1321
1421
  country: string;
1322
1422
  }>;
1323
1423
  }> | undefined;
1324
- createdAt?: number | undefined;
1325
- updatedAt?: number | undefined;
1326
1424
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1425
+ updatedAt?: number | undefined;
1426
+ organizations?: {
1427
+ name: string;
1428
+ id: string;
1429
+ description: string | null;
1430
+ }[] | undefined;
1431
+ roles?: {
1432
+ name: string;
1433
+ id: string;
1434
+ description: string;
1435
+ scopes: {
1436
+ name: string;
1437
+ id: string;
1438
+ description: string | null;
1439
+ resource: import("../../db-entries/resource.js").Resource;
1440
+ resourceId: string;
1441
+ }[];
1442
+ }[] | undefined;
1327
1443
  primaryEmail?: string | null | undefined;
1328
1444
  primaryPhone?: string | null | undefined;
1329
1445
  avatar?: string | null | undefined;
@@ -1340,35 +1456,29 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1340
1456
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1341
1457
  }[] | undefined;
1342
1458
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
1343
- roles?: {
1344
- name: string;
1345
- id: string;
1346
- description: string;
1347
- scopes: {
1348
- name: string;
1349
- id: string;
1350
- description: string | null;
1351
- resource: import("../../db-entries/resource.js").Resource;
1352
- resourceId: string;
1353
- }[];
1354
- }[] | undefined;
1355
- organizations?: {
1356
- name: string;
1357
- id: string;
1358
- description: string | null;
1359
- }[] | undefined;
1360
1459
  organizationRoles?: {
1361
1460
  organizationId: string;
1362
1461
  roleId: string;
1363
1462
  roleName: string;
1364
1463
  }[] | undefined;
1365
1464
  }>;
1465
+ grant: z.ZodOptional<z.ZodObject<{
1466
+ type: z.ZodOptional<z.ZodLiteral<GrantType.TokenExchange>>;
1467
+ subjectTokenContext: z.ZodOptional<z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>>;
1468
+ }, "strip", z.ZodTypeAny, {
1469
+ type?: GrantType.TokenExchange | undefined;
1470
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1471
+ }, {
1472
+ type?: GrantType.TokenExchange | undefined;
1473
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1474
+ }>>;
1366
1475
  }, "strip", z.ZodTypeAny, {
1367
1476
  user: {
1368
1477
  name?: string | null | undefined;
1369
1478
  id?: string | undefined;
1370
1479
  applicationId?: string | null | undefined;
1371
1480
  username?: string | null | undefined;
1481
+ createdAt?: number | undefined;
1372
1482
  profile?: Partial<{
1373
1483
  familyName: string;
1374
1484
  givenName: string;
@@ -1390,9 +1500,25 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1390
1500
  country: string;
1391
1501
  }>;
1392
1502
  }> | undefined;
1393
- createdAt?: number | undefined;
1394
- updatedAt?: number | undefined;
1395
1503
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1504
+ updatedAt?: number | undefined;
1505
+ organizations?: {
1506
+ name: string;
1507
+ id: string;
1508
+ description: string | null;
1509
+ }[] | undefined;
1510
+ roles?: {
1511
+ name: string;
1512
+ id: string;
1513
+ description: string;
1514
+ scopes: {
1515
+ name: string;
1516
+ id: string;
1517
+ description: string | null;
1518
+ resource: import("../../db-entries/resource.js").Resource;
1519
+ resourceId: string;
1520
+ }[];
1521
+ }[] | undefined;
1396
1522
  primaryEmail?: string | null | undefined;
1397
1523
  primaryPhone?: string | null | undefined;
1398
1524
  avatar?: string | null | undefined;
@@ -1409,35 +1535,23 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1409
1535
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1410
1536
  }[] | undefined;
1411
1537
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
1412
- roles?: {
1413
- name: string;
1414
- id: string;
1415
- description: string;
1416
- scopes: {
1417
- name: string;
1418
- id: string;
1419
- description: string | null;
1420
- resource: import("../../db-entries/resource.js").Resource;
1421
- resourceId: string;
1422
- }[];
1423
- }[] | undefined;
1424
- organizations?: {
1425
- name: string;
1426
- id: string;
1427
- description: string | null;
1428
- }[] | undefined;
1429
1538
  organizationRoles?: {
1430
1539
  organizationId: string;
1431
1540
  roleId: string;
1432
1541
  roleName: string;
1433
1542
  }[] | undefined;
1434
1543
  };
1544
+ grant?: {
1545
+ type?: GrantType.TokenExchange | undefined;
1546
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1547
+ } | undefined;
1435
1548
  }, {
1436
1549
  user: {
1437
1550
  name?: string | null | undefined;
1438
1551
  id?: string | undefined;
1439
1552
  applicationId?: string | null | undefined;
1440
1553
  username?: string | null | undefined;
1554
+ createdAt?: number | undefined;
1441
1555
  profile?: Partial<{
1442
1556
  familyName: string;
1443
1557
  givenName: string;
@@ -1459,9 +1573,25 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1459
1573
  country: string;
1460
1574
  }>;
1461
1575
  }> | undefined;
1462
- createdAt?: number | undefined;
1463
- updatedAt?: number | undefined;
1464
1576
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1577
+ updatedAt?: number | undefined;
1578
+ organizations?: {
1579
+ name: string;
1580
+ id: string;
1581
+ description: string | null;
1582
+ }[] | undefined;
1583
+ roles?: {
1584
+ name: string;
1585
+ id: string;
1586
+ description: string;
1587
+ scopes: {
1588
+ name: string;
1589
+ id: string;
1590
+ description: string | null;
1591
+ resource: import("../../db-entries/resource.js").Resource;
1592
+ resourceId: string;
1593
+ }[];
1594
+ }[] | undefined;
1465
1595
  primaryEmail?: string | null | undefined;
1466
1596
  primaryPhone?: string | null | undefined;
1467
1597
  avatar?: string | null | undefined;
@@ -1478,29 +1608,16 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1478
1608
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1479
1609
  }[] | undefined;
1480
1610
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
1481
- roles?: {
1482
- name: string;
1483
- id: string;
1484
- description: string;
1485
- scopes: {
1486
- name: string;
1487
- id: string;
1488
- description: string | null;
1489
- resource: import("../../db-entries/resource.js").Resource;
1490
- resourceId: string;
1491
- }[];
1492
- }[] | undefined;
1493
- organizations?: {
1494
- name: string;
1495
- id: string;
1496
- description: string | null;
1497
- }[] | undefined;
1498
1611
  organizationRoles?: {
1499
1612
  organizationId: string;
1500
1613
  roleId: string;
1501
1614
  roleName: string;
1502
1615
  }[] | undefined;
1503
1616
  };
1617
+ grant?: {
1618
+ type?: GrantType.TokenExchange | undefined;
1619
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1620
+ } | undefined;
1504
1621
  }>;
1505
1622
  script: z.ZodString;
1506
1623
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
@@ -1512,6 +1629,7 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1512
1629
  id?: string | undefined;
1513
1630
  applicationId?: string | null | undefined;
1514
1631
  username?: string | null | undefined;
1632
+ createdAt?: number | undefined;
1515
1633
  profile?: Partial<{
1516
1634
  familyName: string;
1517
1635
  givenName: string;
@@ -1533,9 +1651,25 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1533
1651
  country: string;
1534
1652
  }>;
1535
1653
  }> | undefined;
1536
- createdAt?: number | undefined;
1537
- updatedAt?: number | undefined;
1538
1654
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1655
+ updatedAt?: number | undefined;
1656
+ organizations?: {
1657
+ name: string;
1658
+ id: string;
1659
+ description: string | null;
1660
+ }[] | undefined;
1661
+ roles?: {
1662
+ name: string;
1663
+ id: string;
1664
+ description: string;
1665
+ scopes: {
1666
+ name: string;
1667
+ id: string;
1668
+ description: string | null;
1669
+ resource: import("../../db-entries/resource.js").Resource;
1670
+ resourceId: string;
1671
+ }[];
1672
+ }[] | undefined;
1539
1673
  primaryEmail?: string | null | undefined;
1540
1674
  primaryPhone?: string | null | undefined;
1541
1675
  avatar?: string | null | undefined;
@@ -1552,43 +1686,30 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1552
1686
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1553
1687
  }[] | undefined;
1554
1688
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
1555
- roles?: {
1556
- name: string;
1557
- id: string;
1558
- description: string;
1559
- scopes: {
1560
- name: string;
1561
- id: string;
1562
- description: string | null;
1563
- resource: import("../../db-entries/resource.js").Resource;
1564
- resourceId: string;
1565
- }[];
1566
- }[] | undefined;
1567
- organizations?: {
1568
- name: string;
1569
- id: string;
1570
- description: string | null;
1571
- }[] | undefined;
1572
1689
  organizationRoles?: {
1573
1690
  organizationId: string;
1574
1691
  roleId: string;
1575
1692
  roleName: string;
1576
1693
  }[] | undefined;
1577
1694
  };
1695
+ grant?: {
1696
+ type?: GrantType.TokenExchange | undefined;
1697
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1698
+ } | undefined;
1578
1699
  };
1579
1700
  script: string;
1580
1701
  tokenType: LogtoJwtTokenKeyType.AccessToken;
1581
1702
  token: {
1703
+ grantId?: string | undefined;
1704
+ scope?: string | undefined;
1582
1705
  accountId?: string | undefined;
1583
1706
  expiresWithSession?: boolean | undefined;
1584
- grantId?: string | undefined;
1585
1707
  gty?: string | undefined;
1586
1708
  sessionUid?: string | undefined;
1587
1709
  sid?: string | undefined;
1588
1710
  kind?: "AccessToken" | undefined;
1589
1711
  jti?: string | undefined;
1590
1712
  aud?: string | string[] | undefined;
1591
- scope?: string | undefined;
1592
1713
  clientId?: string | undefined;
1593
1714
  };
1594
1715
  environmentVariables?: Record<string, string> | undefined;
@@ -1599,6 +1720,7 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1599
1720
  id?: string | undefined;
1600
1721
  applicationId?: string | null | undefined;
1601
1722
  username?: string | null | undefined;
1723
+ createdAt?: number | undefined;
1602
1724
  profile?: Partial<{
1603
1725
  familyName: string;
1604
1726
  givenName: string;
@@ -1620,9 +1742,25 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1620
1742
  country: string;
1621
1743
  }>;
1622
1744
  }> | undefined;
1623
- createdAt?: number | undefined;
1624
- updatedAt?: number | undefined;
1625
1745
  customData?: import("@withtyped/server/lib/types.js").JsonObject | undefined;
1746
+ updatedAt?: number | undefined;
1747
+ organizations?: {
1748
+ name: string;
1749
+ id: string;
1750
+ description: string | null;
1751
+ }[] | undefined;
1752
+ roles?: {
1753
+ name: string;
1754
+ id: string;
1755
+ description: string;
1756
+ scopes: {
1757
+ name: string;
1758
+ id: string;
1759
+ description: string | null;
1760
+ resource: import("../../db-entries/resource.js").Resource;
1761
+ resourceId: string;
1762
+ }[];
1763
+ }[] | undefined;
1626
1764
  primaryEmail?: string | null | undefined;
1627
1765
  primaryPhone?: string | null | undefined;
1628
1766
  avatar?: string | null | undefined;
@@ -1639,43 +1777,30 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1639
1777
  detail: import("@withtyped/server/lib/types.js").JsonObject;
1640
1778
  }[] | undefined;
1641
1779
  mfaVerificationFactors?: import("../../foundations/index.js").MfaFactor[] | undefined;
1642
- roles?: {
1643
- name: string;
1644
- id: string;
1645
- description: string;
1646
- scopes: {
1647
- name: string;
1648
- id: string;
1649
- description: string | null;
1650
- resource: import("../../db-entries/resource.js").Resource;
1651
- resourceId: string;
1652
- }[];
1653
- }[] | undefined;
1654
- organizations?: {
1655
- name: string;
1656
- id: string;
1657
- description: string | null;
1658
- }[] | undefined;
1659
1780
  organizationRoles?: {
1660
1781
  organizationId: string;
1661
1782
  roleId: string;
1662
1783
  roleName: string;
1663
1784
  }[] | undefined;
1664
1785
  };
1786
+ grant?: {
1787
+ type?: GrantType.TokenExchange | undefined;
1788
+ subjectTokenContext?: Record<string, import("@withtyped/server/lib/types.js").Json> | undefined;
1789
+ } | undefined;
1665
1790
  };
1666
1791
  script: string;
1667
1792
  tokenType: LogtoJwtTokenKeyType.AccessToken;
1668
1793
  token: {
1794
+ grantId?: string | undefined;
1795
+ scope?: string | undefined;
1669
1796
  accountId?: string | undefined;
1670
1797
  expiresWithSession?: boolean | undefined;
1671
- grantId?: string | undefined;
1672
1798
  gty?: string | undefined;
1673
1799
  sessionUid?: string | undefined;
1674
1800
  sid?: string | undefined;
1675
1801
  kind?: "AccessToken" | undefined;
1676
1802
  jti?: string | undefined;
1677
1803
  aud?: string | string[] | undefined;
1678
- scope?: string | undefined;
1679
1804
  clientId?: string | undefined;
1680
1805
  };
1681
1806
  environmentVariables?: Record<string, string> | undefined;
@@ -1687,16 +1812,16 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1687
1812
  scope: z.ZodOptional<z.ZodOptional<z.ZodString>>;
1688
1813
  clientId: z.ZodOptional<z.ZodOptional<z.ZodString>>;
1689
1814
  }, "strict", z.ZodTypeAny, {
1815
+ scope?: string | undefined;
1690
1816
  kind?: "ClientCredentials" | undefined;
1691
1817
  jti?: string | undefined;
1692
1818
  aud?: string | string[] | undefined;
1693
- scope?: string | undefined;
1694
1819
  clientId?: string | undefined;
1695
1820
  }, {
1821
+ scope?: string | undefined;
1696
1822
  kind?: "ClientCredentials" | undefined;
1697
1823
  jti?: string | undefined;
1698
1824
  aud?: string | string[] | undefined;
1699
- scope?: string | undefined;
1700
1825
  clientId?: string | undefined;
1701
1826
  }>;
1702
1827
  script: z.ZodString;
@@ -1706,10 +1831,10 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1706
1831
  script: string;
1707
1832
  tokenType: LogtoJwtTokenKeyType.ClientCredentials;
1708
1833
  token: {
1834
+ scope?: string | undefined;
1709
1835
  kind?: "ClientCredentials" | undefined;
1710
1836
  jti?: string | undefined;
1711
1837
  aud?: string | string[] | undefined;
1712
- scope?: string | undefined;
1713
1838
  clientId?: string | undefined;
1714
1839
  };
1715
1840
  environmentVariables?: Record<string, string> | undefined;
@@ -1717,22 +1842,24 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1717
1842
  script: string;
1718
1843
  tokenType: LogtoJwtTokenKeyType.ClientCredentials;
1719
1844
  token: {
1845
+ scope?: string | undefined;
1720
1846
  kind?: "ClientCredentials" | undefined;
1721
1847
  jti?: string | undefined;
1722
1848
  aud?: string | string[] | undefined;
1723
- scope?: string | undefined;
1724
1849
  clientId?: string | undefined;
1725
1850
  };
1726
1851
  environmentVariables?: Record<string, string> | undefined;
1727
1852
  }>]>;
1728
1853
  export type JwtCustomizerTestRequestBody = z.infer<typeof jwtCustomizerTestRequestBodyGuard>;
1729
- export declare const customJwtFetcherGuard: z.ZodDiscriminatedUnion<"tokenType", [z.ZodObject<{
1854
+ export declare const customJwtFetcherGuard: z.ZodDiscriminatedUnion<"tokenType", [z.ZodObject<z.objectUtil.extendShape<z.objectUtil.extendShape<{
1730
1855
  script: z.ZodString;
1731
1856
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
1857
+ }, {
1732
1858
  token: z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>;
1859
+ }>, {
1733
1860
  tokenType: z.ZodLiteral<LogtoJwtTokenKeyType.AccessToken>;
1734
1861
  context: z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>;
1735
- }, "strip", z.ZodTypeAny, {
1862
+ }>, "strip", z.ZodTypeAny, {
1736
1863
  context: Record<string, import("@withtyped/server/lib/types.js").Json>;
1737
1864
  script: string;
1738
1865
  tokenType: LogtoJwtTokenKeyType.AccessToken;
@@ -1744,12 +1871,14 @@ export declare const customJwtFetcherGuard: z.ZodDiscriminatedUnion<"tokenType",
1744
1871
  tokenType: LogtoJwtTokenKeyType.AccessToken;
1745
1872
  token: Record<string, import("@withtyped/server/lib/types.js").Json>;
1746
1873
  environmentVariables?: Record<string, string> | undefined;
1747
- }>, z.ZodObject<{
1874
+ }>, z.ZodObject<z.objectUtil.extendShape<z.objectUtil.extendShape<{
1748
1875
  script: z.ZodString;
1749
1876
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
1877
+ }, {
1750
1878
  token: z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>;
1879
+ }>, {
1751
1880
  tokenType: z.ZodLiteral<LogtoJwtTokenKeyType.ClientCredentials>;
1752
- }, "strip", z.ZodTypeAny, {
1881
+ }>, "strip", z.ZodTypeAny, {
1753
1882
  script: string;
1754
1883
  tokenType: LogtoJwtTokenKeyType.ClientCredentials;
1755
1884
  token: Record<string, import("@withtyped/server/lib/types.js").Json>;