@logto/schemas 1.21.0 → 1.23.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (72) hide show
  1. package/alterations/1.22.0-1730689363-add-account-center.ts +31 -0
  2. package/alterations/1.22.0-1731054001-init-account-center.ts +43 -0
  3. package/alterations/1.22.0-1731304920-add-support-email-and-website-to-sie-table.ts +22 -0
  4. package/alterations/1.22.0-1731377260-add-unknown-session-redirect-url-to-sie.ts +20 -0
  5. package/alterations/1.22.0-1731900596-add-saml-application-type.ts +50 -0
  6. package/alterations/1.22.0-1731900631-add-saml-app-third-party-consistency-check.ts +20 -0
  7. package/alterations/1.22.0-1731901231-add-saml-application-secrets-table.ts +40 -0
  8. package/alterations/1.22.0-1731904029-add-saml-application-configs-table.ts +33 -0
  9. package/alterations/1.23.0-1732851150-rename-saml-application-constraints.ts +34 -0
  10. package/alterations/1.23.0-1733212543-add-saml-application-type-to-idp-initiated-sso-application-allow-list.ts +30 -0
  11. package/alterations/1.23.0-1735012422-add-saml-application-sessions-table.ts +37 -0
  12. package/alterations-js/1.22.0-1730689363-add-account-center.js +26 -0
  13. package/alterations-js/1.22.0-1731054001-init-account-center.js +35 -0
  14. package/alterations-js/1.22.0-1731304920-add-support-email-and-website-to-sie-table.js +18 -0
  15. package/alterations-js/1.22.0-1731377260-add-unknown-session-redirect-url-to-sie.js +16 -0
  16. package/alterations-js/1.22.0-1731900596-add-saml-application-type.js +46 -0
  17. package/alterations-js/1.22.0-1731900631-add-saml-app-third-party-consistency-check.js +16 -0
  18. package/alterations-js/1.22.0-1731901231-add-saml-application-secrets-table.js +35 -0
  19. package/alterations-js/1.22.0-1731904029-add-saml-application-configs-table.js +28 -0
  20. package/alterations-js/1.23.0-1732851150-rename-saml-application-constraints.js +28 -0
  21. package/alterations-js/1.23.0-1733212543-add-saml-application-type-to-idp-initiated-sso-application-allow-list.js +24 -0
  22. package/alterations-js/1.23.0-1735012422-add-saml-application-sessions-table.js +32 -0
  23. package/lib/consts/subscriptions.d.ts +16 -15
  24. package/lib/consts/subscriptions.js +16 -14
  25. package/lib/db-entries/account-center.d.ts +24 -0
  26. package/lib/db-entries/account-center.js +34 -0
  27. package/lib/db-entries/custom-types.d.ts +2 -1
  28. package/lib/db-entries/custom-types.js +1 -0
  29. package/lib/db-entries/index.d.ts +4 -0
  30. package/lib/db-entries/index.js +4 -0
  31. package/lib/db-entries/saml-application-config.d.ts +24 -0
  32. package/lib/db-entries/saml-application-config.js +38 -0
  33. package/lib/db-entries/saml-application-secret.d.ts +28 -0
  34. package/lib/db-entries/saml-application-secret.js +49 -0
  35. package/lib/db-entries/saml-application-session.d.ts +40 -0
  36. package/lib/db-entries/saml-application-session.js +53 -0
  37. package/lib/db-entries/sign-in-experience.d.ts +7 -1
  38. package/lib/db-entries/sign-in-experience.js +12 -0
  39. package/lib/foundations/jsonb-types/account-centers.d.ts +43 -0
  40. package/lib/foundations/jsonb-types/account-centers.js +25 -0
  41. package/lib/foundations/jsonb-types/index.d.ts +3 -0
  42. package/lib/foundations/jsonb-types/index.js +3 -0
  43. package/lib/foundations/jsonb-types/saml-application-configs.d.ts +21 -0
  44. package/lib/foundations/jsonb-types/saml-application-configs.js +11 -0
  45. package/lib/foundations/jsonb-types/saml-application-sessions.d.ts +45 -0
  46. package/lib/foundations/jsonb-types/saml-application-sessions.js +10 -0
  47. package/lib/foundations/jsonb-types/sign-in-experience.d.ts +9 -1
  48. package/lib/foundations/jsonb-types/sign-in-experience.js +8 -0
  49. package/lib/seeds/account-center.d.ts +2 -0
  50. package/lib/seeds/account-center.js +6 -0
  51. package/lib/seeds/index.d.ts +1 -0
  52. package/lib/seeds/index.js +1 -0
  53. package/lib/types/application.d.ts +6 -6
  54. package/lib/types/consent.d.ts +8 -8
  55. package/lib/types/hook.d.ts +2 -2
  56. package/lib/types/index.d.ts +1 -0
  57. package/lib/types/index.js +1 -0
  58. package/lib/types/logto-config/index.d.ts +9 -9
  59. package/lib/types/logto-config/jwt-customizer.d.ts +17 -17
  60. package/lib/types/saml-application.d.ts +493 -0
  61. package/lib/types/saml-application.js +54 -0
  62. package/lib/types/sign-in-experience.d.ts +10 -1
  63. package/lib/types/user.d.ts +7 -7
  64. package/lib/utils/application.js +2 -0
  65. package/package.json +8 -8
  66. package/tables/account_centers.sql +10 -0
  67. package/tables/applications.sql +5 -2
  68. package/tables/saml_application_configs.sql +15 -0
  69. package/tables/saml_application_secrets.sql +22 -0
  70. package/tables/saml_application_sessions.sql +23 -0
  71. package/tables/sign_in_experiences.sql +3 -0
  72. package/tables/sso_connector_idp_initiated_auth_configs.sql +1 -1
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@logto/schemas",
3
- "version": "1.21.0",
3
+ "version": "1.23.0",
4
4
  "author": "Silverhand Inc. <contact@silverhand.io>",
5
5
  "license": "MPL-2.0",
6
6
  "type": "module",
@@ -31,7 +31,7 @@
31
31
  "@types/inquirer": "^9.0.0",
32
32
  "@types/node": "^20.9.5",
33
33
  "@types/pluralize": "^0.0.33",
34
- "@vitest/coverage-v8": "^2.0.0",
34
+ "@vitest/coverage-v8": "^2.1.8",
35
35
  "camelcase": "^8.0.0",
36
36
  "chalk": "^5.3.0",
37
37
  "eslint": "^8.56.0",
@@ -40,7 +40,7 @@
40
40
  "prettier": "^3.0.0",
41
41
  "roarr": "^7.11.0",
42
42
  "typescript": "^5.5.3",
43
- "vitest": "^2.0.0"
43
+ "vitest": "^2.1.8"
44
44
  },
45
45
  "eslintConfig": {
46
46
  "extends": "@silverhand",
@@ -63,14 +63,14 @@
63
63
  },
64
64
  "prettier": "@silverhand/eslint-config/.prettierrc",
65
65
  "dependencies": {
66
- "@logto/connector-kit": "^4.0.0",
67
- "@logto/core-kit": "^2.5.0",
66
+ "@logto/connector-kit": "^4.1.0",
67
+ "@logto/core-kit": "^2.5.2",
68
68
  "@logto/language-kit": "^1.1.0",
69
- "@logto/phrases": "^1.14.1",
70
- "@logto/phrases-experience": "^1.8.0",
69
+ "@logto/phrases": "^1.16.0",
70
+ "@logto/phrases-experience": "^1.9.0",
71
71
  "@logto/shared": "^3.1.2",
72
72
  "@withtyped/server": "^0.14.0",
73
- "nanoid": "^5.0.1"
73
+ "nanoid": "^5.0.9"
74
74
  },
75
75
  "peerDependencies": {
76
76
  "zod": "^3.23.8"
package/tables/account_centers.sql ADDED
@@ -0,0 +1,10 @@
1
+ create table account_centers (
2
+ tenant_id varchar(21) not null
3
+ references tenants (id) on update cascade on delete cascade,
4
+ id varchar(21) not null,
5
+ /** The whole feature can be disabled */
6
+ enabled boolean not null default false,
7
+ /** Control each fields */
8
+ fields jsonb /* @use AccountCenterFieldControl */ not null default '{}'::jsonb,
9
+ primary key (tenant_id, id)
10
+ );
package/tables/applications.sql CHANGED
@@ -1,6 +1,6 @@
1
1
  /* init_order = 1 */
2
2
 
3
- create type application_type as enum ('Native', 'SPA', 'Traditional', 'MachineToMachine', 'Protected');
3
+ create type application_type as enum ('Native', 'SPA', 'Traditional', 'MachineToMachine', 'Protected', 'SAML');
4
4
 
5
5
  create table applications (
6
6
  tenant_id varchar(21) not null
@@ -17,7 +17,10 @@ create table applications (
17
17
  custom_data jsonb /* @use JsonObject */ not null default '{}'::jsonb,
18
18
  is_third_party boolean not null default false,
19
19
  created_at timestamptz not null default(now()),
20
- primary key (id)
20
+ primary key (id),
21
+ constraint check_saml_app_third_party_consistency check (
22
+ type != 'SAML' OR (type = 'SAML' AND is_third_party = true)
23
+ )
21
24
  );
22
25
 
23
26
  create index applications__id
package/tables/saml_application_configs.sql ADDED
@@ -0,0 +1,15 @@
1
+ /* init_order = 2 */
2
+
3
+ /** The SAML application config and SAML-type application have a one-to-one correspondence: 1. a SAML-type application can only have one SAML application config. (CANNOT use "semicolon" in comments, since it indicates the end of query.) 2. a SAML application config can only configure one SAML-type application. */
4
+ create table saml_application_configs (
5
+ application_id varchar(21) not null
6
+ references applications (id) on update cascade on delete cascade,
7
+ tenant_id varchar(21) not null
8
+ references tenants (id) on update cascade on delete cascade,
9
+ attribute_mapping jsonb /* @use SamlAttributeMapping */ not null default '{}'::jsonb,
10
+ entity_id varchar(128),
11
+ acs_url jsonb /* @use SamlAcsUrl */,
12
+ primary key (tenant_id, application_id),
13
+ constraint saml_application_configs__application_type
14
+ check (check_application_type(application_id, 'SAML'))
15
+ );
package/tables/saml_application_secrets.sql ADDED
@@ -0,0 +1,22 @@
1
+ /* init_order = 2 */
2
+
3
+ create table saml_application_secrets (
4
+ id varchar(21) not null,
5
+ tenant_id varchar(21) not null
6
+ references tenants (id) on update cascade on delete cascade,
7
+ application_id varchar(21) not null
8
+ references applications (id) on update cascade on delete cascade,
9
+ private_key text not null,
10
+ certificate text not null,
11
+ created_at timestamptz not null default now(),
12
+ expires_at timestamptz not null,
13
+ active boolean not null,
14
+ primary key (tenant_id, application_id, id),
15
+ constraint saml_application_secrets__application_type
16
+ check (check_application_type(application_id, 'SAML'))
17
+ );
18
+
19
+ -- Only one active secret per application
20
+ create unique index saml_application_secrets__unique_active_secret
21
+ on saml_application_secrets (tenant_id, application_id, active)
22
+ where active;
package/tables/saml_application_sessions.sql ADDED
@@ -0,0 +1,23 @@
1
+ /* init_order = 2 */
2
+
3
+ create table saml_application_sessions (
4
+ tenant_id varchar(21) not null
5
+ references tenants (id) on update cascade on delete cascade,
6
+ /** The globally unique identifier of the session. */
7
+ id varchar(32) not null,
8
+ application_id varchar(21) not null
9
+ references applications (id) on update cascade on delete cascade,
10
+ /** The identifier of the SAML SSO auth request ID, SAML request ID is pretty long. */
11
+ saml_request_id varchar(128) not null,
12
+ /** The identifier of the OIDC auth request state. */
13
+ oidc_state varchar(32),
14
+ /** The relay state of the SAML auth request. */
15
+ relay_state varchar(256),
16
+ /** The raw request of the SAML auth request. */
17
+ raw_auth_request text not null,
18
+ created_at timestamptz not null default(now()),
19
+ expires_at timestamptz not null,
20
+ primary key (tenant_id, id),
21
+ constraint saml_application_sessions__application_type
22
+ check (check_application_type(application_id, 'SAML'))
23
+ );
package/tables/sign_in_experiences.sql CHANGED
@@ -23,5 +23,8 @@ create table sign_in_experiences (
23
23
  password_policy jsonb /* @use PartialPasswordPolicy */ not null default '{}'::jsonb,
24
24
  mfa jsonb /* @use Mfa */ not null default '{}'::jsonb,
25
25
  single_sign_on_enabled boolean not null default false,
26
+ support_email text,
27
+ support_website_url text,
28
+ unknown_session_redirect_url text,
26
29
  primary key (tenant_id, id)
27
30
  );
package/tables/sso_connector_idp_initiated_auth_configs.sql CHANGED
@@ -20,5 +20,5 @@ create table sso_connector_idp_initiated_auth_configs (
20
20
  primary key (tenant_id, connector_id),
21
21
  /** Insure the application type is Traditional or SPA. */
22
22
  constraint application_type
23
- check (check_application_type(default_application_id, 'Traditional', 'SPA'))
23
+ check (check_application_type(default_application_id, 'Traditional', 'SPA', 'SAML'))
24
24
  );