@logto/schemas 1.25.0 → 1.26.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (46) hide show
  1. package/alterations/1.26.0-1740982044-add-one-time-tokens-table.ts +36 -0
  2. package/alterations/1.26.0-1741240284-add-captcha-policy.ts +20 -0
  3. package/alterations/1.26.0-1741318144-add-one-time-token-unique-index.ts +18 -0
  4. package/alterations/1.26.0-1741572426-add-captcha-providers.ts +34 -0
  5. package/alterations-js/1.26.0-1740982044-add-one-time-tokens-table.js +30 -0
  6. package/alterations-js/1.26.0-1741240284-add-captcha-policy.js +16 -0
  7. package/alterations-js/1.26.0-1741318144-add-one-time-token-unique-index.js +14 -0
  8. package/alterations-js/1.26.0-1741572426-add-captcha-providers.js +29 -0
  9. package/lib/consts/experience.d.ts +2 -0
  10. package/lib/consts/experience.js +2 -0
  11. package/lib/consts/oidc.d.ts +9 -1
  12. package/lib/consts/oidc.js +5 -0
  13. package/lib/db-entries/captcha-provider.d.ts +22 -0
  14. package/lib/db-entries/captcha-provider.js +38 -0
  15. package/lib/db-entries/index.d.ts +2 -0
  16. package/lib/db-entries/index.js +2 -0
  17. package/lib/db-entries/one-time-token.d.ts +28 -0
  18. package/lib/db-entries/one-time-token.js +50 -0
  19. package/lib/db-entries/sign-in-experience.d.ts +4 -2
  20. package/lib/db-entries/sign-in-experience.js +5 -1
  21. package/lib/foundations/jsonb-types/captcha.d.ts +63 -0
  22. package/lib/foundations/jsonb-types/captcha.js +21 -0
  23. package/lib/foundations/jsonb-types/index.d.ts +2 -0
  24. package/lib/foundations/jsonb-types/index.js +2 -0
  25. package/lib/foundations/jsonb-types/one-time-tokens.d.ts +18 -0
  26. package/lib/foundations/jsonb-types/one-time-tokens.js +14 -0
  27. package/lib/foundations/jsonb-types/saml-application-configs.d.ts +1 -1
  28. package/lib/foundations/jsonb-types/sentinel.d.ts +8 -1
  29. package/lib/foundations/jsonb-types/sentinel.js +7 -0
  30. package/lib/foundations/jsonb-types/sign-in-experience.d.ts +122 -5
  31. package/lib/foundations/jsonb-types/sign-in-experience.js +22 -0
  32. package/lib/foundations/jsonb-types/verification-records.d.ts +2 -1
  33. package/lib/foundations/jsonb-types/verification-records.js +1 -0
  34. package/lib/types/connector.d.ts +35 -3
  35. package/lib/types/interactions.d.ts +56 -3
  36. package/lib/types/interactions.js +10 -0
  37. package/lib/types/logto-config/jwt-customizer.d.ts +23 -23
  38. package/lib/types/saml-application.d.ts +9 -9
  39. package/lib/types/sign-in-experience.d.ts +75 -43
  40. package/lib/types/sign-in-experience.js +7 -0
  41. package/lib/types/sso-connector.d.ts +2 -2
  42. package/lib/types/system.d.ts +2 -2
  43. package/package.json +2 -2
  44. package/tables/captcha_providers.sql +13 -0
  45. package/tables/one_time_tokens.sql +18 -0
  46. package/tables/sign_in_experiences.sql +1 -0
package/lib/types/interactions.d.ts CHANGED
@@ -74,7 +74,12 @@ export declare const socialAuthorizationUrlPayloadGuard: z.ZodObject<{
74
74
  export type SocialVerificationCallbackPayload = {
75
75
  /** The callback data from the social connector. */
76
76
  connectorData: Record<string, unknown>;
77
- /** The verification ID returned from the authorization URI. Optional for Google one tap callback */
77
+ /**
78
+ * Verification ID is used to retrieve the verification record.
79
+ * Throws an error if the verification record is not found.
80
+ *
81
+ * Optional for Google one tap callback as it does not have a pre-created verification record.
82
+ **/
78
83
  verificationId?: string;
79
84
  };
80
85
  export declare const socialVerificationCallbackPayloadGuard: z.ZodObject<{
@@ -120,6 +125,13 @@ export declare const passwordVerificationPayloadGuard: z.ZodObject<{
120
125
  /** Payload type for `POST /api/experience/verification/totp/verify`. */
121
126
  export type TotpVerificationVerifyPayload = {
122
127
  code: string;
128
+ /**
129
+ * Required for verifying the newly created TOTP secret verification record in the session.
130
+ * (For new TOTP setup use only)
131
+ *
132
+ * If not provided, a new TOTP verification will be generated and validated against the user's existing TOTP secret in their profile.
133
+ * (For existing TOTP verification use only)
134
+ */
123
135
  verificationId?: string;
124
136
  };
125
137
  export declare const totpVerificationVerifyPayloadGuard: z.ZodObject<{
@@ -143,11 +155,48 @@ export declare const backupCodeVerificationVerifyPayloadGuard: z.ZodObject<{
143
155
  }, {
144
156
  code: string;
145
157
  }>;
158
+ /** Payload type for `POST /api/experience/verification/one-time-token/verify` */
159
+ export type OneTimeTokenVerificationVerifyPayload = {
160
+ /**
161
+ * The email address that the one-time token was sent to. Currently only email identifier is supported.
162
+ */
163
+ identifier: InteractionIdentifier<SignInIdentifier.Email>;
164
+ token: string;
165
+ };
166
+ export declare const oneTimeTokenVerificationVerifyPayloadGuard: z.ZodObject<{
167
+ identifier: z.ZodObject<{
168
+ type: z.ZodLiteral<SignInIdentifier.Email>;
169
+ value: z.ZodString;
170
+ }, "strip", z.ZodTypeAny, {
171
+ type: SignInIdentifier.Email;
172
+ value: string;
173
+ }, {
174
+ type: SignInIdentifier.Email;
175
+ value: string;
176
+ }>;
177
+ token: z.ZodString;
178
+ }, "strip", z.ZodTypeAny, {
179
+ identifier: {
180
+ type: SignInIdentifier.Email;
181
+ value: string;
182
+ };
183
+ token: string;
184
+ }, {
185
+ identifier: {
186
+ type: SignInIdentifier.Email;
187
+ value: string;
188
+ };
189
+ token: string;
190
+ }>;
146
191
  /** Payload type for `POST /api/experience/identification`. */
147
192
  export type IdentificationApiPayload = {
148
193
  /**
149
- * The ID of the verification record that is used to identify the user.
150
- * Optional for the register interaction event
194
+ * SignIn and ForgotPassword interaction events:
195
+ * Required to retrieve the verification record to validate the user's identity.
196
+ *
197
+ * Register interaction event:
198
+ * - If provided, new user profiles will be appended to the registration session using the verified information from the verification record.
199
+ * - If not provided, the user creation process will be triggered directly using the existing profile information in the current registration session.
151
200
  */
152
201
  verificationId?: string;
153
202
  /**
@@ -169,13 +218,17 @@ export declare const identificationApiPayloadGuard: z.ZodObject<{
169
218
  /** Payload type for `POST /api/experience`. */
170
219
  export type CreateExperienceApiPayload = {
171
220
  interactionEvent: InteractionEvent;
221
+ captchaToken?: string;
172
222
  };
173
223
  export declare const CreateExperienceApiPayloadGuard: z.ZodObject<{
174
224
  interactionEvent: z.ZodNativeEnum<typeof InteractionEvent>;
225
+ captchaToken: z.ZodOptional<z.ZodString>;
175
226
  }, "strip", z.ZodTypeAny, {
176
227
  interactionEvent: InteractionEvent;
228
+ captchaToken?: string | undefined;
177
229
  }, {
178
230
  interactionEvent: InteractionEvent;
231
+ captchaToken?: string | undefined;
179
232
  }>;
180
233
  /** Payload type for `POST /api/experience/profile */
181
234
  export declare const updateProfileApiPayloadGuard: z.ZodDiscriminatedUnion<"type", [z.ZodObject<{
package/lib/types/interactions.js CHANGED
@@ -1,3 +1,4 @@
1
+ /* eslint-disable max-lines */
1
2
  import { emailRegEx, phoneRegEx, usernameRegEx } from '@logto/core-kit';
2
3
  import { z } from 'zod';
3
4
  import { AdditionalIdentifier, MfaFactor, SignInIdentifier, jsonObjectGuard, webAuthnTransportGuard, } from '../foundations/index.js';
@@ -43,12 +44,20 @@ export const totpVerificationVerifyPayloadGuard = z.object({
43
44
  export const backupCodeVerificationVerifyPayloadGuard = z.object({
44
45
  code: z.string().min(1),
45
46
  });
47
+ export const oneTimeTokenVerificationVerifyPayloadGuard = z.object({
48
+ identifier: z.object({
49
+ type: z.literal(SignInIdentifier.Email),
50
+ value: z.string().regex(emailRegEx),
51
+ }),
52
+ token: z.string().min(1),
53
+ });
46
54
  export const identificationApiPayloadGuard = z.object({
47
55
  verificationId: z.string().optional(),
48
56
  linkSocialIdentity: z.boolean().optional(),
49
57
  });
50
58
  export const CreateExperienceApiPayloadGuard = z.object({
51
59
  interactionEvent: z.nativeEnum(InteractionEvent),
60
+ captchaToken: z.string().optional(),
52
61
  });
53
62
  /** Payload type for `POST /api/experience/profile */
54
63
  export const updateProfileApiPayloadGuard = z.discriminatedUnion('type', [
@@ -237,3 +246,4 @@ export const verifyMfaResultGuard = z.object({
237
246
  type: z.nativeEnum(MfaFactor),
238
247
  id: z.string(),
239
248
  });
249
+ /* eslint-enable max-lines */
package/lib/types/logto-config/jwt-customizer.d.ts CHANGED
@@ -1623,6 +1623,19 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1623
1623
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
1624
1624
  tokenType: z.ZodLiteral<LogtoJwtTokenKeyType.AccessToken>;
1625
1625
  }, "strip", z.ZodTypeAny, {
1626
+ token: {
1627
+ grantId?: string | undefined;
1628
+ scope?: string | undefined;
1629
+ accountId?: string | undefined;
1630
+ expiresWithSession?: boolean | undefined;
1631
+ gty?: string | undefined;
1632
+ sessionUid?: string | undefined;
1633
+ sid?: string | undefined;
1634
+ kind?: "AccessToken" | undefined;
1635
+ jti?: string | undefined;
1636
+ aud?: string | string[] | undefined;
1637
+ clientId?: string | undefined;
1638
+ };
1626
1639
  context: {
1627
1640
  user: {
1628
1641
  name?: string | null | undefined;
@@ -1699,6 +1712,8 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1699
1712
  };
1700
1713
  script: string;
1701
1714
  tokenType: LogtoJwtTokenKeyType.AccessToken;
1715
+ environmentVariables?: Record<string, string> | undefined;
1716
+ }, {
1702
1717
  token: {
1703
1718
  grantId?: string | undefined;
1704
1719
  scope?: string | undefined;
@@ -1712,8 +1727,6 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1712
1727
  aud?: string | string[] | undefined;
1713
1728
  clientId?: string | undefined;
1714
1729
  };
1715
- environmentVariables?: Record<string, string> | undefined;
1716
- }, {
1717
1730
  context: {
1718
1731
  user: {
1719
1732
  name?: string | null | undefined;
@@ -1790,19 +1803,6 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1790
1803
  };
1791
1804
  script: string;
1792
1805
  tokenType: LogtoJwtTokenKeyType.AccessToken;
1793
- token: {
1794
- grantId?: string | undefined;
1795
- scope?: string | undefined;
1796
- accountId?: string | undefined;
1797
- expiresWithSession?: boolean | undefined;
1798
- gty?: string | undefined;
1799
- sessionUid?: string | undefined;
1800
- sid?: string | undefined;
1801
- kind?: "AccessToken" | undefined;
1802
- jti?: string | undefined;
1803
- aud?: string | string[] | undefined;
1804
- clientId?: string | undefined;
1805
- };
1806
1806
  environmentVariables?: Record<string, string> | undefined;
1807
1807
  }>, z.ZodObject<{
1808
1808
  token: z.ZodObject<{
@@ -1828,8 +1828,6 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1828
1828
  environmentVariables: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
1829
1829
  tokenType: z.ZodLiteral<LogtoJwtTokenKeyType.ClientCredentials>;
1830
1830
  }, "strip", z.ZodTypeAny, {
1831
- script: string;
1832
- tokenType: LogtoJwtTokenKeyType.ClientCredentials;
1833
1831
  token: {
1834
1832
  scope?: string | undefined;
1835
1833
  kind?: "ClientCredentials" | undefined;
@@ -1837,10 +1835,10 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1837
1835
  aud?: string | string[] | undefined;
1838
1836
  clientId?: string | undefined;
1839
1837
  };
1840
- environmentVariables?: Record<string, string> | undefined;
1841
- }, {
1842
1838
  script: string;
1843
1839
  tokenType: LogtoJwtTokenKeyType.ClientCredentials;
1840
+ environmentVariables?: Record<string, string> | undefined;
1841
+ }, {
1844
1842
  token: {
1845
1843
  scope?: string | undefined;
1846
1844
  kind?: "ClientCredentials" | undefined;
@@ -1848,6 +1846,8 @@ export declare const jwtCustomizerTestRequestBodyGuard: z.ZodDiscriminatedUnion<
1848
1846
  aud?: string | string[] | undefined;
1849
1847
  clientId?: string | undefined;
1850
1848
  };
1849
+ script: string;
1850
+ tokenType: LogtoJwtTokenKeyType.ClientCredentials;
1851
1851
  environmentVariables?: Record<string, string> | undefined;
1852
1852
  }>]>;
1853
1853
  export type JwtCustomizerTestRequestBody = z.infer<typeof jwtCustomizerTestRequestBodyGuard>;
@@ -1860,16 +1860,16 @@ export declare const customJwtFetcherGuard: z.ZodDiscriminatedUnion<"tokenType",
1860
1860
  tokenType: z.ZodLiteral<LogtoJwtTokenKeyType.AccessToken>;
1861
1861
  context: z.ZodRecord<z.ZodString, ZodType<import("@withtyped/server/lib/types.js").Json, z.ZodTypeDef, import("@withtyped/server/lib/types.js").Json>>;
1862
1862
  }>, "strip", z.ZodTypeAny, {
1863
+ token: Record<string, import("@withtyped/server/lib/types.js").Json>;
1863
1864
  context: Record<string, import("@withtyped/server/lib/types.js").Json>;
1864
1865
  script: string;
1865
1866
  tokenType: LogtoJwtTokenKeyType.AccessToken;
1866
- token: Record<string, import("@withtyped/server/lib/types.js").Json>;
1867
1867
  environmentVariables?: Record<string, string> | undefined;
1868
1868
  }, {
1869
+ token: Record<string, import("@withtyped/server/lib/types.js").Json>;
1869
1870
  context: Record<string, import("@withtyped/server/lib/types.js").Json>;
1870
1871
  script: string;
1871
1872
  tokenType: LogtoJwtTokenKeyType.AccessToken;
1872
- token: Record<string, import("@withtyped/server/lib/types.js").Json>;
1873
1873
  environmentVariables?: Record<string, string> | undefined;
1874
1874
  }>, z.ZodObject<z.objectUtil.extendShape<z.objectUtil.extendShape<{
1875
1875
  script: z.ZodString;
@@ -1879,14 +1879,14 @@ export declare const customJwtFetcherGuard: z.ZodDiscriminatedUnion<"tokenType",
1879
1879
  }>, {
1880
1880
  tokenType: z.ZodLiteral<LogtoJwtTokenKeyType.ClientCredentials>;
1881
1881
  }>, "strip", z.ZodTypeAny, {
1882
+ token: Record<string, import("@withtyped/server/lib/types.js").Json>;
1882
1883
  script: string;
1883
1884
  tokenType: LogtoJwtTokenKeyType.ClientCredentials;
1884
- token: Record<string, import("@withtyped/server/lib/types.js").Json>;
1885
1885
  environmentVariables?: Record<string, string> | undefined;
1886
1886
  }, {
1887
+ token: Record<string, import("@withtyped/server/lib/types.js").Json>;
1887
1888
  script: string;
1888
1889
  tokenType: LogtoJwtTokenKeyType.ClientCredentials;
1889
- token: Record<string, import("@withtyped/server/lib/types.js").Json>;
1890
1890
  environmentVariables?: Record<string, string> | undefined;
1891
1891
  }>]>;
1892
1892
  export type CustomJwtFetcher = z.infer<typeof customJwtFetcherGuard>;
package/lib/types/saml-application.d.ts CHANGED
@@ -167,7 +167,7 @@ export declare const samlApplicationCreateGuard: z.ZodObject<z.objectUtil.extend
167
167
  isThirdParty: z.ZodOptional<z.ZodType<boolean, z.ZodTypeDef, boolean>>;
168
168
  createdAt: z.ZodOptional<z.ZodType<number, z.ZodTypeDef, number>>;
169
169
  }, "type" | "name">>, "name" | "customData" | "description">, {
170
- attributeMapping: z.ZodOptional<z.ZodType<Partial<Record<"name" | "username" | "email" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at" | "sub", string>>, z.ZodTypeDef, Partial<Record<"name" | "username" | "email" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at" | "sub", string>>>>;
170
+ attributeMapping: z.ZodOptional<z.ZodType<Partial<Record<"name" | "username" | "email" | "sub" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at", string>>, z.ZodTypeDef, Partial<Record<"name" | "username" | "email" | "sub" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at", string>>>>;
171
171
  entityId: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
172
172
  acsUrl: z.ZodOptional<z.ZodType<import("../foundations/index.js").SamlAcsUrl | null, z.ZodTypeDef, import("../foundations/index.js").SamlAcsUrl | null>>;
173
173
  encryption: z.ZodOptional<z.ZodType<{
@@ -187,7 +187,7 @@ export declare const samlApplicationCreateGuard: z.ZodObject<z.objectUtil.extend
187
187
  nameIdFormat: NameIdFormat;
188
188
  customData?: import("@withtyped/server/lib/types.js").JsonObject;
189
189
  description?: string | null;
190
- attributeMapping?: Partial<Record<"name" | "username" | "email" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at" | "sub", string>> | undefined;
190
+ attributeMapping?: Partial<Record<"name" | "username" | "email" | "sub" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at", string>> | undefined;
191
191
  entityId?: string | null | undefined;
192
192
  acsUrl?: import("../foundations/index.js").SamlAcsUrl | null | undefined;
193
193
  encryption?: {
@@ -199,7 +199,7 @@ export declare const samlApplicationCreateGuard: z.ZodObject<z.objectUtil.extend
199
199
  name: string;
200
200
  customData?: import("@withtyped/server/lib/types.js").JsonObject;
201
201
  description?: string | null;
202
- attributeMapping?: Partial<Record<"name" | "username" | "email" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at" | "sub", string>> | undefined;
202
+ attributeMapping?: Partial<Record<"name" | "username" | "email" | "sub" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at", string>> | undefined;
203
203
  entityId?: string | null | undefined;
204
204
  acsUrl?: import("../foundations/index.js").SamlAcsUrl | null | undefined;
205
205
  encryption?: {
@@ -292,7 +292,7 @@ export declare const samlApplicationPatchGuard: z.ZodObject<z.objectUtil.extendS
292
292
  type: z.ZodOptional<z.ZodType<import("../index.js").ApplicationType, z.ZodTypeDef, import("../index.js").ApplicationType>>;
293
293
  name: z.ZodOptional<z.ZodType<string, z.ZodTypeDef, string>>;
294
294
  }, "type" | "isThirdParty">, "name" | "customData" | "description">, {
295
- attributeMapping: z.ZodOptional<z.ZodType<Partial<Record<"name" | "username" | "email" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at" | "sub", string>>, z.ZodTypeDef, Partial<Record<"name" | "username" | "email" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at" | "sub", string>>>>;
295
+ attributeMapping: z.ZodOptional<z.ZodType<Partial<Record<"name" | "username" | "email" | "sub" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at", string>>, z.ZodTypeDef, Partial<Record<"name" | "username" | "email" | "sub" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at", string>>>>;
296
296
  entityId: z.ZodOptional<z.ZodType<string | null, z.ZodTypeDef, string | null>>;
297
297
  acsUrl: z.ZodOptional<z.ZodType<import("../foundations/index.js").SamlAcsUrl | null, z.ZodTypeDef, import("../foundations/index.js").SamlAcsUrl | null>>;
298
298
  encryption: z.ZodOptional<z.ZodType<{
@@ -311,7 +311,7 @@ export declare const samlApplicationPatchGuard: z.ZodObject<z.objectUtil.extendS
311
311
  name?: string | undefined;
312
312
  customData?: import("@withtyped/server/lib/types.js").JsonObject;
313
313
  description?: string | null;
314
- attributeMapping?: Partial<Record<"name" | "username" | "email" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at" | "sub", string>> | undefined;
314
+ attributeMapping?: Partial<Record<"name" | "username" | "email" | "sub" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at", string>> | undefined;
315
315
  entityId?: string | null | undefined;
316
316
  acsUrl?: import("../foundations/index.js").SamlAcsUrl | null | undefined;
317
317
  encryption?: {
@@ -324,7 +324,7 @@ export declare const samlApplicationPatchGuard: z.ZodObject<z.objectUtil.extendS
324
324
  name?: string | undefined;
325
325
  customData?: import("@withtyped/server/lib/types.js").JsonObject;
326
326
  description?: string | null;
327
- attributeMapping?: Partial<Record<"name" | "username" | "email" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at" | "sub", string>> | undefined;
327
+ attributeMapping?: Partial<Record<"name" | "username" | "email" | "sub" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at", string>> | undefined;
328
328
  entityId?: string | null | undefined;
329
329
  acsUrl?: import("../foundations/index.js").SamlAcsUrl | null | undefined;
330
330
  encryption?: {
@@ -423,7 +423,7 @@ export declare const samlApplicationResponseGuard: z.ZodObject<z.objectUtil.exte
423
423
  }, "secret" | "oidcClientMetadata" | "customClientMetadata" | "protectedAppMetadata">, Pick<{
424
424
  applicationId: z.ZodType<string, z.ZodTypeDef, string>;
425
425
  tenantId: z.ZodType<string, z.ZodTypeDef, string>;
426
- attributeMapping: z.ZodType<Partial<Record<"name" | "username" | "email" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at" | "sub", string>>, z.ZodTypeDef, Partial<Record<"name" | "username" | "email" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at" | "sub", string>>>;
426
+ attributeMapping: z.ZodType<Partial<Record<"name" | "username" | "email" | "sub" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at", string>>, z.ZodTypeDef, Partial<Record<"name" | "username" | "email" | "sub" | "nickname" | "profile" | "website" | "gender" | "birthdate" | "zoneinfo" | "locale" | "address" | "given_name" | "family_name" | "middle_name" | "preferred_username" | "picture" | "email_verified" | "phone_number" | "phone_number_verified" | "updated_at" | "roles" | "organizations" | "organization_data" | "organization_roles" | "custom_data" | "identities" | "sso_identities" | "created_at", string>>>;
427
427
  entityId: z.ZodType<string | null, z.ZodTypeDef, string | null>;
428
428
  acsUrl: z.ZodType<import("../foundations/index.js").SamlAcsUrl | null, z.ZodTypeDef, import("../foundations/index.js").SamlAcsUrl | null>;
429
429
  encryption: z.ZodType<{
@@ -533,8 +533,8 @@ export declare const samlApplicationSecretResponseGuard: z.ZodObject<z.objectUti
533
533
  id: string;
534
534
  createdAt: number;
535
535
  certificate: string;
536
- expiresAt: number;
537
536
  active: boolean;
537
+ expiresAt: number;
538
538
  fingerprints: {
539
539
  sha256: {
540
540
  formatted: string;
@@ -545,8 +545,8 @@ export declare const samlApplicationSecretResponseGuard: z.ZodObject<z.objectUti
545
545
  id: string;
546
546
  createdAt: number;
547
547
  certificate: string;
548
- expiresAt: number;
549
548
  active: boolean;
549
+ expiresAt: number;
550
550
  fingerprints: {
551
551
  sha256: {
552
552
  formatted: string;