@logto/schemas 1.28.0 → 1.30.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/alterations/1.29.0-1748832174-add-webauthn-related-origins.ts +20 -0
- package/alterations/1.29.0-1749005587-user-sso-identities-table-add-updated-at-column.ts +31 -0
- package/alterations/1.29.0-1749026308-add-oidc-session-extension-table.ts +41 -0
- package/alterations/1.29.0-1749523818-add-custom-profile-fields.ts +58 -0
- package/alterations/1.29.0-1749724664-drop-sie-order-constraint-from-custom-profile-fields.ts +20 -0
- package/alterations/1.29.0-1750663091-change-user-password-encrypted-length.ts +18 -0
- package/alterations/1.29.0-1750744518-add-secrets-table.ts +50 -0
- package/alterations/1.29.0-1750744539-add-secret-connector-relations-table.ts +109 -0
- package/alterations/1.30.0-1750744685-add-triggers-to-delete-secrets-on-social-identities-deletion.ts +81 -0
- package/alterations/1.30.0-1750748516-add-enable-token-storage-column-to-connectors-table.ts +20 -0
- package/alterations/1.30.0-1751255436-split-secret-connector-relatioins-table.ts +359 -0
- package/alterations/1.30.0-1751337183-add-require-mfa-on-sign-in-to-users.ts +20 -0
- package/alterations/1.30.0-1751400000-move-require-mfa-on-sign-in-to-logto-config.ts +21 -0
- package/alterations/1.30.0-1751529530-add-enable-token-storage-column-to-sso-connectors-table.ts +20 -0
- package/alterations/1.30.0-1752630302-alterate-enable-column-default-value-in-account-centers-table.ts +20 -0
- package/alterations/1.30.0-1753669579-add-organization-user-relations-foreign-key.ts +46 -0
- package/alterations-js/1.29.0-1748832174-add-webauthn-related-origins.js +16 -0
- package/alterations-js/1.29.0-1749005587-user-sso-identities-table-add-updated-at-column.js +25 -0
- package/alterations-js/1.29.0-1749026308-add-oidc-session-extension-table.js +33 -0
- package/alterations-js/1.29.0-1749523818-add-custom-profile-fields.js +52 -0
- package/alterations-js/1.29.0-1749724664-drop-sie-order-constraint-from-custom-profile-fields.js +16 -0
- package/alterations-js/1.29.0-1750663091-change-user-password-encrypted-length.js +14 -0
- package/alterations-js/1.29.0-1750744518-add-secrets-table.js +42 -0
- package/alterations-js/1.29.0-1750744539-add-secret-connector-relations-table.js +99 -0
- package/alterations-js/1.30.0-1750744685-add-triggers-to-delete-secrets-on-social-identities-deletion.js +76 -0
- package/alterations-js/1.30.0-1750748516-add-enable-token-storage-column-to-connectors-table.js +16 -0
- package/alterations-js/1.30.0-1751255436-split-secret-connector-relatioins-table.js +338 -0
- package/alterations-js/1.30.0-1751337183-add-require-mfa-on-sign-in-to-users.js +16 -0
- package/alterations-js/1.30.0-1751400000-move-require-mfa-on-sign-in-to-logto-config.js +17 -0
- package/alterations-js/1.30.0-1751529530-add-enable-token-storage-column-to-sso-connectors-table.js +16 -0
- package/alterations-js/1.30.0-1752630302-alterate-enable-column-default-value-in-account-centers-table.js +16 -0
- package/alterations-js/1.30.0-1753669579-add-organization-user-relations-foreign-key.js +38 -0
- package/lib/consts/oidc.d.ts +9 -1
- package/lib/consts/oidc.js +5 -0
- package/lib/db-entries/account-center.d.ts +4 -2
- package/lib/db-entries/account-center.js +5 -1
- package/lib/db-entries/connector.d.ts +5 -1
- package/lib/db-entries/connector.js +4 -0
- package/lib/db-entries/custom-profile-field.d.ts +32 -0
- package/lib/db-entries/custom-profile-field.js +58 -0
- package/lib/db-entries/index.d.ts +5 -0
- package/lib/db-entries/index.js +5 -0
- package/lib/db-entries/oidc-session-extension.d.ts +24 -0
- package/lib/db-entries/oidc-session-extension.js +42 -0
- package/lib/db-entries/secret-enterprise-sso-connector-relation.d.ts +28 -0
- package/lib/db-entries/secret-enterprise-sso-connector-relation.js +37 -0
- package/lib/db-entries/secret-social-connector-relation.d.ts +28 -0
- package/lib/db-entries/secret-social-connector-relation.js +37 -0
- package/lib/db-entries/secret.d.ts +44 -0
- package/lib/db-entries/secret.js +62 -0
- package/lib/db-entries/sso-connector.d.ts +5 -1
- package/lib/db-entries/sso-connector.js +4 -0
- package/lib/db-entries/user-sso-identity.d.ts +5 -1
- package/lib/db-entries/user-sso-identity.js +4 -0
- package/lib/db-entries/user.js +2 -2
- package/lib/foundations/jsonb-types/account-centers.d.ts +5 -0
- package/lib/foundations/jsonb-types/account-centers.js +2 -0
- package/lib/foundations/jsonb-types/custom-profile-fields.d.ts +441 -0
- package/lib/foundations/jsonb-types/custom-profile-fields.js +44 -0
- package/lib/foundations/jsonb-types/index.d.ts +2 -1
- package/lib/foundations/jsonb-types/index.js +2 -1
- package/lib/foundations/jsonb-types/secrets.d.ts +11 -0
- package/lib/foundations/jsonb-types/secrets.js +15 -0
- package/lib/foundations/jsonb-types/sign-in-experience.d.ts +3 -1
- package/lib/foundations/jsonb-types/sign-in-experience.js +2 -0
- package/lib/foundations/jsonb-types/users.d.ts +126 -0
- package/lib/foundations/jsonb-types/users.js +22 -10
- package/lib/types/connector.d.ts +39 -0
- package/lib/types/connector.js +1 -0
- package/lib/types/consent.d.ts +44 -0
- package/lib/types/custom-profile-fields.d.ts +2587 -0
- package/lib/types/custom-profile-fields.js +159 -0
- package/lib/types/index.d.ts +4 -0
- package/lib/types/index.js +4 -0
- package/lib/types/interactions.d.ts +181 -1
- package/lib/types/interactions.js +49 -1
- package/lib/types/log/interaction.d.ts +2 -1
- package/lib/types/logto-config/index.d.ts +1139 -18
- package/lib/types/logto-config/jwt-customizer.d.ts +2529 -32
- package/lib/types/logto-config/jwt-customizer.js +55 -1
- package/lib/types/logto-config/oidc-provider.d.ts +6 -6
- package/lib/types/mfa.d.ts +10 -10
- package/lib/types/secrets.d.ts +436 -0
- package/lib/types/secrets.js +73 -0
- package/lib/types/sign-in-experience.d.ts +21 -3
- package/lib/types/sign-in-experience.js +3 -1
- package/lib/types/sso-connector.d.ts +28 -2
- package/lib/types/sso-connector.js +3 -0
- package/lib/types/tenant.d.ts +1 -0
- package/lib/types/tenant.js +1 -0
- package/lib/types/user-logto-config.d.ts +45 -0
- package/lib/types/user-logto-config.js +18 -0
- package/lib/types/user.d.ts +626 -0
- package/lib/types/user.js +17 -1
- package/lib/types/verification-records/backup-code-verification.d.ts +47 -0
- package/lib/types/verification-records/backup-code-verification.js +12 -0
- package/lib/types/verification-records/code-verification.d.ts +89 -0
- package/lib/types/verification-records/code-verification.js +22 -0
- package/lib/types/verification-records/enterprise-sso-verification.d.ts +213 -0
- package/lib/types/verification-records/enterprise-sso-verification.js +15 -0
- package/lib/types/verification-records/index.d.ts +16 -0
- package/lib/types/verification-records/index.js +16 -0
- package/lib/types/verification-records/new-password-identity-verification.d.ts +85 -0
- package/lib/types/verification-records/new-password-identity-verification.js +20 -0
- package/lib/types/verification-records/one-time-token-verification.d.ts +55 -0
- package/lib/types/verification-records/one-time-token-verification.js +13 -0
- package/lib/types/verification-records/password-verification.d.ts +40 -0
- package/lib/types/verification-records/password-verification.js +9 -0
- package/lib/types/verification-records/social-verification.d.ts +270 -0
- package/lib/types/verification-records/social-verification.js +16 -0
- package/lib/types/verification-records/totp-verification.d.ts +47 -0
- package/lib/types/verification-records/totp-verification.js +12 -0
- package/lib/types/verification-records/web-authn-verification.d.ts +124 -0
- package/lib/types/verification-records/web-authn-verification.js +17 -0
- package/package.json +6 -6
- package/tables/account_centers.sql +2 -1
- package/tables/connectors.sql +4 -0
- package/tables/custom_profile_fields.sql +31 -0
- package/tables/oidc_model_instances.sql +2 -0
- package/tables/oidc_session_extensions.sql +18 -0
- package/tables/organization_user_relations.sql +4 -1
- package/tables/secret_enterprise_sso_connector_relations.sql +60 -0
- package/tables/secret_social_connector_relations.sql +75 -0
- package/tables/secrets.sql +26 -0
- package/tables/sso_connectors.sql +2 -0
- package/tables/user_sso_identities.sql +8 -0
- package/tables/users.sql +3 -2
- /package/lib/{foundations/jsonb-types/verification-records.d.ts → types/verification-records/verification-type.d.ts} +0 -0
- /package/lib/{foundations/jsonb-types/verification-records.js → types/verification-records/verification-type.js} +0 -0
package/lib/types/user.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { z } from 'zod';
|
|
2
2
|
import { Users, UserSsoIdentities } from '../db-entries/index.js';
|
|
3
|
-
import { MfaFactor } from '../foundations/index.js';
|
|
3
|
+
import { identityGuard, MfaFactor } from '../foundations/index.js';
|
|
4
|
+
import { desensitizedEnterpriseSsoTokenSetSecretGuard, desensitizedSocialTokenSetSecretGuard, } from './secrets.js';
|
|
4
5
|
export const userInfoSelectFields = Object.freeze([
|
|
5
6
|
'id',
|
|
6
7
|
'username',
|
|
@@ -30,6 +31,7 @@ export const userMfaVerificationResponseGuard = z
|
|
|
30
31
|
createdAt: z.string(),
|
|
31
32
|
type: z.nativeEnum(MfaFactor),
|
|
32
33
|
agent: z.string().optional(),
|
|
34
|
+
name: z.string().optional(),
|
|
33
35
|
remainCodes: z.number().optional(),
|
|
34
36
|
})
|
|
35
37
|
.array();
|
|
@@ -64,3 +66,17 @@ export const featuredUserGuard = Users.guard.pick({
|
|
|
64
66
|
avatar: true,
|
|
65
67
|
name: true,
|
|
66
68
|
});
|
|
69
|
+
export const consoleUserPreferenceKey = 'adminConsolePreferences';
|
|
70
|
+
export const guideRequestsKey = 'guideRequests';
|
|
71
|
+
export const getUserSocialIdentityResponseGuard = z.object({
|
|
72
|
+
identity: identityGuard,
|
|
73
|
+
tokenSecret: desensitizedSocialTokenSetSecretGuard.optional(),
|
|
74
|
+
});
|
|
75
|
+
export const getUserSsoIdentityResponseGuard = z.object({
|
|
76
|
+
ssoIdentity: UserSsoIdentities.guard,
|
|
77
|
+
tokenSecret: desensitizedEnterpriseSsoTokenSetSecretGuard.optional(),
|
|
78
|
+
});
|
|
79
|
+
export const getUserAllIdentitiesResponseGuard = z.object({
|
|
80
|
+
socialIdentities: getUserSocialIdentityResponseGuard.extend({ target: z.string() }).array(),
|
|
81
|
+
ssoIdentities: getUserSsoIdentityResponseGuard.extend({ ssoConnectorId: z.string() }).array(),
|
|
82
|
+
});
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
import { VerificationType } from './verification-type.js';
|
|
3
|
+
export type BackupCodeVerificationRecordData = {
|
|
4
|
+
id: string;
|
|
5
|
+
type: VerificationType.BackupCode;
|
|
6
|
+
/** UserId is required for backup code verification */
|
|
7
|
+
userId: string;
|
|
8
|
+
code?: string;
|
|
9
|
+
backupCodes?: string[];
|
|
10
|
+
};
|
|
11
|
+
export declare const backupCodeVerificationRecordDataGuard: z.ZodObject<{
|
|
12
|
+
id: z.ZodString;
|
|
13
|
+
type: z.ZodLiteral<VerificationType.BackupCode>;
|
|
14
|
+
userId: z.ZodString;
|
|
15
|
+
code: z.ZodOptional<z.ZodString>;
|
|
16
|
+
backupCodes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
17
|
+
}, "strip", z.ZodTypeAny, {
|
|
18
|
+
type: VerificationType.BackupCode;
|
|
19
|
+
id: string;
|
|
20
|
+
userId: string;
|
|
21
|
+
code?: string | undefined;
|
|
22
|
+
backupCodes?: string[] | undefined;
|
|
23
|
+
}, {
|
|
24
|
+
type: VerificationType.BackupCode;
|
|
25
|
+
id: string;
|
|
26
|
+
userId: string;
|
|
27
|
+
code?: string | undefined;
|
|
28
|
+
backupCodes?: string[] | undefined;
|
|
29
|
+
}>;
|
|
30
|
+
export type SanitizedBackupCodeVerificationRecordData = Omit<BackupCodeVerificationRecordData, 'backupCodes'>;
|
|
31
|
+
export declare const sanitizedBackupCodeVerificationRecordDataGuard: z.ZodObject<Omit<{
|
|
32
|
+
id: z.ZodString;
|
|
33
|
+
type: z.ZodLiteral<VerificationType.BackupCode>;
|
|
34
|
+
userId: z.ZodString;
|
|
35
|
+
code: z.ZodOptional<z.ZodString>;
|
|
36
|
+
backupCodes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
37
|
+
}, "backupCodes">, "strip", z.ZodTypeAny, {
|
|
38
|
+
type: VerificationType.BackupCode;
|
|
39
|
+
id: string;
|
|
40
|
+
userId: string;
|
|
41
|
+
code?: string | undefined;
|
|
42
|
+
}, {
|
|
43
|
+
type: VerificationType.BackupCode;
|
|
44
|
+
id: string;
|
|
45
|
+
userId: string;
|
|
46
|
+
code?: string | undefined;
|
|
47
|
+
}>;
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
import { VerificationType } from './verification-type.js';
|
|
3
|
+
export const backupCodeVerificationRecordDataGuard = z.object({
|
|
4
|
+
id: z.string(),
|
|
5
|
+
type: z.literal(VerificationType.BackupCode),
|
|
6
|
+
userId: z.string(),
|
|
7
|
+
code: z.string().optional(),
|
|
8
|
+
backupCodes: z.string().array().optional(),
|
|
9
|
+
});
|
|
10
|
+
export const sanitizedBackupCodeVerificationRecordDataGuard = backupCodeVerificationRecordDataGuard.omit({
|
|
11
|
+
backupCodes: true,
|
|
12
|
+
});
|
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
import { SignInIdentifier, TemplateType } from '../../foundations/index.js';
|
|
3
|
+
import { type VerificationCodeIdentifier } from '../interactions.js';
|
|
4
|
+
import { VerificationType } from './verification-type.js';
|
|
5
|
+
export type CodeVerificationType = VerificationType.EmailVerificationCode | VerificationType.PhoneVerificationCode;
|
|
6
|
+
type SignInIdentifierTypeOf = {
|
|
7
|
+
[VerificationType.EmailVerificationCode]: SignInIdentifier.Email;
|
|
8
|
+
[VerificationType.PhoneVerificationCode]: SignInIdentifier.Phone;
|
|
9
|
+
};
|
|
10
|
+
export type VerificationCodeIdentifierOf<T extends CodeVerificationType> = VerificationCodeIdentifier<SignInIdentifierTypeOf[T]>;
|
|
11
|
+
/** The JSON data type for the `CodeVerification` record */
|
|
12
|
+
export type CodeVerificationRecordData<T extends CodeVerificationType = CodeVerificationType> = {
|
|
13
|
+
id: string;
|
|
14
|
+
type: T;
|
|
15
|
+
identifier: VerificationCodeIdentifierOf<T>;
|
|
16
|
+
templateType: TemplateType;
|
|
17
|
+
verified: boolean;
|
|
18
|
+
};
|
|
19
|
+
export declare const emailCodeVerificationRecordDataGuard: z.ZodObject<{
|
|
20
|
+
id: z.ZodString;
|
|
21
|
+
templateType: z.ZodNativeEnum<typeof TemplateType>;
|
|
22
|
+
verified: z.ZodBoolean;
|
|
23
|
+
} & {
|
|
24
|
+
type: z.ZodLiteral<VerificationType.EmailVerificationCode>;
|
|
25
|
+
identifier: z.ZodObject<{
|
|
26
|
+
type: z.ZodLiteral<SignInIdentifier.Email>;
|
|
27
|
+
value: z.ZodString;
|
|
28
|
+
}, "strip", z.ZodTypeAny, {
|
|
29
|
+
value: string;
|
|
30
|
+
type: SignInIdentifier.Email;
|
|
31
|
+
}, {
|
|
32
|
+
value: string;
|
|
33
|
+
type: SignInIdentifier.Email;
|
|
34
|
+
}>;
|
|
35
|
+
}, "strip", z.ZodTypeAny, {
|
|
36
|
+
type: VerificationType.EmailVerificationCode;
|
|
37
|
+
id: string;
|
|
38
|
+
identifier: {
|
|
39
|
+
value: string;
|
|
40
|
+
type: SignInIdentifier.Email;
|
|
41
|
+
};
|
|
42
|
+
templateType: TemplateType;
|
|
43
|
+
verified: boolean;
|
|
44
|
+
}, {
|
|
45
|
+
type: VerificationType.EmailVerificationCode;
|
|
46
|
+
id: string;
|
|
47
|
+
identifier: {
|
|
48
|
+
value: string;
|
|
49
|
+
type: SignInIdentifier.Email;
|
|
50
|
+
};
|
|
51
|
+
templateType: TemplateType;
|
|
52
|
+
verified: boolean;
|
|
53
|
+
}>;
|
|
54
|
+
export declare const phoneCodeVerificationRecordDataGuard: z.ZodObject<{
|
|
55
|
+
id: z.ZodString;
|
|
56
|
+
templateType: z.ZodNativeEnum<typeof TemplateType>;
|
|
57
|
+
verified: z.ZodBoolean;
|
|
58
|
+
} & {
|
|
59
|
+
type: z.ZodLiteral<VerificationType.PhoneVerificationCode>;
|
|
60
|
+
identifier: z.ZodObject<{
|
|
61
|
+
type: z.ZodLiteral<SignInIdentifier.Phone>;
|
|
62
|
+
value: z.ZodString;
|
|
63
|
+
}, "strip", z.ZodTypeAny, {
|
|
64
|
+
value: string;
|
|
65
|
+
type: SignInIdentifier.Phone;
|
|
66
|
+
}, {
|
|
67
|
+
value: string;
|
|
68
|
+
type: SignInIdentifier.Phone;
|
|
69
|
+
}>;
|
|
70
|
+
}, "strip", z.ZodTypeAny, {
|
|
71
|
+
type: VerificationType.PhoneVerificationCode;
|
|
72
|
+
id: string;
|
|
73
|
+
identifier: {
|
|
74
|
+
value: string;
|
|
75
|
+
type: SignInIdentifier.Phone;
|
|
76
|
+
};
|
|
77
|
+
templateType: TemplateType;
|
|
78
|
+
verified: boolean;
|
|
79
|
+
}, {
|
|
80
|
+
type: VerificationType.PhoneVerificationCode;
|
|
81
|
+
id: string;
|
|
82
|
+
identifier: {
|
|
83
|
+
value: string;
|
|
84
|
+
type: SignInIdentifier.Phone;
|
|
85
|
+
};
|
|
86
|
+
templateType: TemplateType;
|
|
87
|
+
verified: boolean;
|
|
88
|
+
}>;
|
|
89
|
+
export {};
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
import { SignInIdentifier, TemplateType } from '../../foundations/index.js';
|
|
3
|
+
import { VerificationType } from './verification-type.js';
|
|
4
|
+
const basicCodeVerificationRecordDataGuard = z.object({
|
|
5
|
+
id: z.string(),
|
|
6
|
+
templateType: z.nativeEnum(TemplateType),
|
|
7
|
+
verified: z.boolean(),
|
|
8
|
+
});
|
|
9
|
+
export const emailCodeVerificationRecordDataGuard = basicCodeVerificationRecordDataGuard.extend({
|
|
10
|
+
type: z.literal(VerificationType.EmailVerificationCode),
|
|
11
|
+
identifier: z.object({
|
|
12
|
+
type: z.literal(SignInIdentifier.Email),
|
|
13
|
+
value: z.string(),
|
|
14
|
+
}),
|
|
15
|
+
});
|
|
16
|
+
export const phoneCodeVerificationRecordDataGuard = basicCodeVerificationRecordDataGuard.extend({
|
|
17
|
+
type: z.literal(VerificationType.PhoneVerificationCode),
|
|
18
|
+
identifier: z.object({
|
|
19
|
+
type: z.literal(SignInIdentifier.Phone),
|
|
20
|
+
value: z.string(),
|
|
21
|
+
}),
|
|
22
|
+
});
|
|
@@ -0,0 +1,213 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
import { type EncryptedTokenSet } from '../secrets.js';
|
|
3
|
+
import { type ExtendedSocialUserInfo } from '../sso-connector.js';
|
|
4
|
+
import { VerificationType } from './verification-type.js';
|
|
5
|
+
/** The JSON data type for the EnterpriseSsoVerification record stored in the interaction storage */
|
|
6
|
+
export type EnterpriseSsoVerificationRecordData = {
|
|
7
|
+
id: string;
|
|
8
|
+
connectorId: string;
|
|
9
|
+
type: VerificationType.EnterpriseSso;
|
|
10
|
+
/**
|
|
11
|
+
* The enterprise SSO identity returned by the connector.
|
|
12
|
+
*/
|
|
13
|
+
enterpriseSsoUserInfo?: ExtendedSocialUserInfo;
|
|
14
|
+
encryptedTokenSet?: EncryptedTokenSet;
|
|
15
|
+
issuer?: string;
|
|
16
|
+
};
|
|
17
|
+
export declare const enterpriseSsoVerificationRecordDataGuard: z.ZodObject<{
|
|
18
|
+
id: z.ZodString;
|
|
19
|
+
connectorId: z.ZodString;
|
|
20
|
+
type: z.ZodLiteral<VerificationType.EnterpriseSso>;
|
|
21
|
+
enterpriseSsoUserInfo: z.ZodOptional<z.ZodObject<{
|
|
22
|
+
id: z.ZodString;
|
|
23
|
+
email: z.ZodOptional<z.ZodString>;
|
|
24
|
+
phone: z.ZodOptional<z.ZodString>;
|
|
25
|
+
name: z.ZodOptional<z.ZodString>;
|
|
26
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
27
|
+
rawData: z.ZodOptional<z.ZodType<import("@withtyped/server").Json, z.ZodTypeDef, import("@withtyped/server").Json>>;
|
|
28
|
+
}, "strip", z.ZodUnknown, z.objectOutputType<{
|
|
29
|
+
id: z.ZodString;
|
|
30
|
+
email: z.ZodOptional<z.ZodString>;
|
|
31
|
+
phone: z.ZodOptional<z.ZodString>;
|
|
32
|
+
name: z.ZodOptional<z.ZodString>;
|
|
33
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
34
|
+
rawData: z.ZodOptional<z.ZodType<import("@withtyped/server").Json, z.ZodTypeDef, import("@withtyped/server").Json>>;
|
|
35
|
+
}, z.ZodUnknown, "strip">, z.objectInputType<{
|
|
36
|
+
id: z.ZodString;
|
|
37
|
+
email: z.ZodOptional<z.ZodString>;
|
|
38
|
+
phone: z.ZodOptional<z.ZodString>;
|
|
39
|
+
name: z.ZodOptional<z.ZodString>;
|
|
40
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
41
|
+
rawData: z.ZodOptional<z.ZodType<import("@withtyped/server").Json, z.ZodTypeDef, import("@withtyped/server").Json>>;
|
|
42
|
+
}, z.ZodUnknown, "strip">>>;
|
|
43
|
+
encryptedTokenSet: z.ZodOptional<z.ZodObject<{
|
|
44
|
+
encryptedTokenSetBase64: z.ZodString;
|
|
45
|
+
metadata: z.ZodObject<{
|
|
46
|
+
scope: z.ZodOptional<z.ZodString>;
|
|
47
|
+
expiresAt: z.ZodOptional<z.ZodNumber>;
|
|
48
|
+
tokenType: z.ZodOptional<z.ZodString>;
|
|
49
|
+
hasRefreshToken: z.ZodBoolean;
|
|
50
|
+
}, "strip", z.ZodTypeAny, {
|
|
51
|
+
hasRefreshToken: boolean;
|
|
52
|
+
scope?: string | undefined;
|
|
53
|
+
expiresAt?: number | undefined;
|
|
54
|
+
tokenType?: string | undefined;
|
|
55
|
+
}, {
|
|
56
|
+
hasRefreshToken: boolean;
|
|
57
|
+
scope?: string | undefined;
|
|
58
|
+
expiresAt?: number | undefined;
|
|
59
|
+
tokenType?: string | undefined;
|
|
60
|
+
}>;
|
|
61
|
+
}, "strip", z.ZodTypeAny, {
|
|
62
|
+
metadata: {
|
|
63
|
+
hasRefreshToken: boolean;
|
|
64
|
+
scope?: string | undefined;
|
|
65
|
+
expiresAt?: number | undefined;
|
|
66
|
+
tokenType?: string | undefined;
|
|
67
|
+
};
|
|
68
|
+
encryptedTokenSetBase64: string;
|
|
69
|
+
}, {
|
|
70
|
+
metadata: {
|
|
71
|
+
hasRefreshToken: boolean;
|
|
72
|
+
scope?: string | undefined;
|
|
73
|
+
expiresAt?: number | undefined;
|
|
74
|
+
tokenType?: string | undefined;
|
|
75
|
+
};
|
|
76
|
+
encryptedTokenSetBase64: string;
|
|
77
|
+
}>>;
|
|
78
|
+
issuer: z.ZodOptional<z.ZodString>;
|
|
79
|
+
}, "strip", z.ZodTypeAny, {
|
|
80
|
+
type: VerificationType.EnterpriseSso;
|
|
81
|
+
id: string;
|
|
82
|
+
connectorId: string;
|
|
83
|
+
issuer?: string | undefined;
|
|
84
|
+
enterpriseSsoUserInfo?: z.objectOutputType<{
|
|
85
|
+
id: z.ZodString;
|
|
86
|
+
email: z.ZodOptional<z.ZodString>;
|
|
87
|
+
phone: z.ZodOptional<z.ZodString>;
|
|
88
|
+
name: z.ZodOptional<z.ZodString>;
|
|
89
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
90
|
+
rawData: z.ZodOptional<z.ZodType<import("@withtyped/server").Json, z.ZodTypeDef, import("@withtyped/server").Json>>;
|
|
91
|
+
}, z.ZodUnknown, "strip"> | undefined;
|
|
92
|
+
encryptedTokenSet?: {
|
|
93
|
+
metadata: {
|
|
94
|
+
hasRefreshToken: boolean;
|
|
95
|
+
scope?: string | undefined;
|
|
96
|
+
expiresAt?: number | undefined;
|
|
97
|
+
tokenType?: string | undefined;
|
|
98
|
+
};
|
|
99
|
+
encryptedTokenSetBase64: string;
|
|
100
|
+
} | undefined;
|
|
101
|
+
}, {
|
|
102
|
+
type: VerificationType.EnterpriseSso;
|
|
103
|
+
id: string;
|
|
104
|
+
connectorId: string;
|
|
105
|
+
issuer?: string | undefined;
|
|
106
|
+
enterpriseSsoUserInfo?: z.objectInputType<{
|
|
107
|
+
id: z.ZodString;
|
|
108
|
+
email: z.ZodOptional<z.ZodString>;
|
|
109
|
+
phone: z.ZodOptional<z.ZodString>;
|
|
110
|
+
name: z.ZodOptional<z.ZodString>;
|
|
111
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
112
|
+
rawData: z.ZodOptional<z.ZodType<import("@withtyped/server").Json, z.ZodTypeDef, import("@withtyped/server").Json>>;
|
|
113
|
+
}, z.ZodUnknown, "strip"> | undefined;
|
|
114
|
+
encryptedTokenSet?: {
|
|
115
|
+
metadata: {
|
|
116
|
+
hasRefreshToken: boolean;
|
|
117
|
+
scope?: string | undefined;
|
|
118
|
+
expiresAt?: number | undefined;
|
|
119
|
+
tokenType?: string | undefined;
|
|
120
|
+
};
|
|
121
|
+
encryptedTokenSetBase64: string;
|
|
122
|
+
} | undefined;
|
|
123
|
+
}>;
|
|
124
|
+
export type SanitizedEnterpriseSsoVerificationRecordData = Omit<EnterpriseSsoVerificationRecordData, 'encryptedTokenSet'>;
|
|
125
|
+
export declare const sanitizedEnterpriseSsoVerificationRecordDataGuard: z.ZodObject<Omit<{
|
|
126
|
+
id: z.ZodString;
|
|
127
|
+
connectorId: z.ZodString;
|
|
128
|
+
type: z.ZodLiteral<VerificationType.EnterpriseSso>;
|
|
129
|
+
enterpriseSsoUserInfo: z.ZodOptional<z.ZodObject<{
|
|
130
|
+
id: z.ZodString;
|
|
131
|
+
email: z.ZodOptional<z.ZodString>;
|
|
132
|
+
phone: z.ZodOptional<z.ZodString>;
|
|
133
|
+
name: z.ZodOptional<z.ZodString>;
|
|
134
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
135
|
+
rawData: z.ZodOptional<z.ZodType<import("@withtyped/server").Json, z.ZodTypeDef, import("@withtyped/server").Json>>;
|
|
136
|
+
}, "strip", z.ZodUnknown, z.objectOutputType<{
|
|
137
|
+
id: z.ZodString;
|
|
138
|
+
email: z.ZodOptional<z.ZodString>;
|
|
139
|
+
phone: z.ZodOptional<z.ZodString>;
|
|
140
|
+
name: z.ZodOptional<z.ZodString>;
|
|
141
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
142
|
+
rawData: z.ZodOptional<z.ZodType<import("@withtyped/server").Json, z.ZodTypeDef, import("@withtyped/server").Json>>;
|
|
143
|
+
}, z.ZodUnknown, "strip">, z.objectInputType<{
|
|
144
|
+
id: z.ZodString;
|
|
145
|
+
email: z.ZodOptional<z.ZodString>;
|
|
146
|
+
phone: z.ZodOptional<z.ZodString>;
|
|
147
|
+
name: z.ZodOptional<z.ZodString>;
|
|
148
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
149
|
+
rawData: z.ZodOptional<z.ZodType<import("@withtyped/server").Json, z.ZodTypeDef, import("@withtyped/server").Json>>;
|
|
150
|
+
}, z.ZodUnknown, "strip">>>;
|
|
151
|
+
encryptedTokenSet: z.ZodOptional<z.ZodObject<{
|
|
152
|
+
encryptedTokenSetBase64: z.ZodString;
|
|
153
|
+
metadata: z.ZodObject<{
|
|
154
|
+
scope: z.ZodOptional<z.ZodString>;
|
|
155
|
+
expiresAt: z.ZodOptional<z.ZodNumber>;
|
|
156
|
+
tokenType: z.ZodOptional<z.ZodString>;
|
|
157
|
+
hasRefreshToken: z.ZodBoolean;
|
|
158
|
+
}, "strip", z.ZodTypeAny, {
|
|
159
|
+
hasRefreshToken: boolean;
|
|
160
|
+
scope?: string | undefined;
|
|
161
|
+
expiresAt?: number | undefined;
|
|
162
|
+
tokenType?: string | undefined;
|
|
163
|
+
}, {
|
|
164
|
+
hasRefreshToken: boolean;
|
|
165
|
+
scope?: string | undefined;
|
|
166
|
+
expiresAt?: number | undefined;
|
|
167
|
+
tokenType?: string | undefined;
|
|
168
|
+
}>;
|
|
169
|
+
}, "strip", z.ZodTypeAny, {
|
|
170
|
+
metadata: {
|
|
171
|
+
hasRefreshToken: boolean;
|
|
172
|
+
scope?: string | undefined;
|
|
173
|
+
expiresAt?: number | undefined;
|
|
174
|
+
tokenType?: string | undefined;
|
|
175
|
+
};
|
|
176
|
+
encryptedTokenSetBase64: string;
|
|
177
|
+
}, {
|
|
178
|
+
metadata: {
|
|
179
|
+
hasRefreshToken: boolean;
|
|
180
|
+
scope?: string | undefined;
|
|
181
|
+
expiresAt?: number | undefined;
|
|
182
|
+
tokenType?: string | undefined;
|
|
183
|
+
};
|
|
184
|
+
encryptedTokenSetBase64: string;
|
|
185
|
+
}>>;
|
|
186
|
+
issuer: z.ZodOptional<z.ZodString>;
|
|
187
|
+
}, "encryptedTokenSet">, "strip", z.ZodTypeAny, {
|
|
188
|
+
type: VerificationType.EnterpriseSso;
|
|
189
|
+
id: string;
|
|
190
|
+
connectorId: string;
|
|
191
|
+
issuer?: string | undefined;
|
|
192
|
+
enterpriseSsoUserInfo?: z.objectOutputType<{
|
|
193
|
+
id: z.ZodString;
|
|
194
|
+
email: z.ZodOptional<z.ZodString>;
|
|
195
|
+
phone: z.ZodOptional<z.ZodString>;
|
|
196
|
+
name: z.ZodOptional<z.ZodString>;
|
|
197
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
198
|
+
rawData: z.ZodOptional<z.ZodType<import("@withtyped/server").Json, z.ZodTypeDef, import("@withtyped/server").Json>>;
|
|
199
|
+
}, z.ZodUnknown, "strip"> | undefined;
|
|
200
|
+
}, {
|
|
201
|
+
type: VerificationType.EnterpriseSso;
|
|
202
|
+
id: string;
|
|
203
|
+
connectorId: string;
|
|
204
|
+
issuer?: string | undefined;
|
|
205
|
+
enterpriseSsoUserInfo?: z.objectInputType<{
|
|
206
|
+
id: z.ZodString;
|
|
207
|
+
email: z.ZodOptional<z.ZodString>;
|
|
208
|
+
phone: z.ZodOptional<z.ZodString>;
|
|
209
|
+
name: z.ZodOptional<z.ZodString>;
|
|
210
|
+
avatar: z.ZodOptional<z.ZodString>;
|
|
211
|
+
rawData: z.ZodOptional<z.ZodType<import("@withtyped/server").Json, z.ZodTypeDef, import("@withtyped/server").Json>>;
|
|
212
|
+
}, z.ZodUnknown, "strip"> | undefined;
|
|
213
|
+
}>;
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
import { encryptedTokenSetGuard } from '../secrets.js';
|
|
3
|
+
import { extendedSocialUserInfoGuard } from '../sso-connector.js';
|
|
4
|
+
import { VerificationType } from './verification-type.js';
|
|
5
|
+
export const enterpriseSsoVerificationRecordDataGuard = z.object({
|
|
6
|
+
id: z.string(),
|
|
7
|
+
connectorId: z.string(),
|
|
8
|
+
type: z.literal(VerificationType.EnterpriseSso),
|
|
9
|
+
enterpriseSsoUserInfo: extendedSocialUserInfoGuard.optional(),
|
|
10
|
+
encryptedTokenSet: encryptedTokenSetGuard.optional(),
|
|
11
|
+
issuer: z.string().optional(),
|
|
12
|
+
});
|
|
13
|
+
export const sanitizedEnterpriseSsoVerificationRecordDataGuard = enterpriseSsoVerificationRecordDataGuard.omit({
|
|
14
|
+
encryptedTokenSet: true,
|
|
15
|
+
});
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* This file defines the data types and guards for verification records in Logto.
|
|
3
|
+
* We keep these definitions in @logto/schemas to ensure it can be shared accross different packages.
|
|
4
|
+
*
|
|
5
|
+
* Check {@link @logto/core/src/routes/experience/classes/verifications} for the implementation of verification records.
|
|
6
|
+
*/
|
|
7
|
+
export * from './verification-type.js';
|
|
8
|
+
export * from './backup-code-verification.js';
|
|
9
|
+
export * from './code-verification.js';
|
|
10
|
+
export * from './enterprise-sso-verification.js';
|
|
11
|
+
export * from './new-password-identity-verification.js';
|
|
12
|
+
export * from './one-time-token-verification.js';
|
|
13
|
+
export * from './password-verification.js';
|
|
14
|
+
export * from './social-verification.js';
|
|
15
|
+
export * from './totp-verification.js';
|
|
16
|
+
export * from './web-authn-verification.js';
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* This file defines the data types and guards for verification records in Logto.
|
|
3
|
+
* We keep these definitions in @logto/schemas to ensure it can be shared accross different packages.
|
|
4
|
+
*
|
|
5
|
+
* Check {@link @logto/core/src/routes/experience/classes/verifications} for the implementation of verification records.
|
|
6
|
+
*/
|
|
7
|
+
export * from './verification-type.js';
|
|
8
|
+
export * from './backup-code-verification.js';
|
|
9
|
+
export * from './code-verification.js';
|
|
10
|
+
export * from './enterprise-sso-verification.js';
|
|
11
|
+
export * from './new-password-identity-verification.js';
|
|
12
|
+
export * from './one-time-token-verification.js';
|
|
13
|
+
export * from './password-verification.js';
|
|
14
|
+
export * from './social-verification.js';
|
|
15
|
+
export * from './totp-verification.js';
|
|
16
|
+
export * from './web-authn-verification.js';
|
|
@@ -0,0 +1,85 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @deprecated
|
|
3
|
+
* This verification record type is deprecated.
|
|
4
|
+
* DO NOT use this verification record type in new code.
|
|
5
|
+
*/
|
|
6
|
+
import { z } from 'zod';
|
|
7
|
+
import { UsersPasswordEncryptionMethod } from '../../db-entries/custom-types.js';
|
|
8
|
+
import { type InteractionIdentifier } from '../interactions.js';
|
|
9
|
+
import { VerificationType } from './verification-type.js';
|
|
10
|
+
export type NewPasswordIdentityVerificationRecordData = {
|
|
11
|
+
id: string;
|
|
12
|
+
type: VerificationType.NewPasswordIdentity;
|
|
13
|
+
/**
|
|
14
|
+
* For now we only support username identifier for new password identity registration.
|
|
15
|
+
* For email and phone new identity registration, a `CodeVerification` record is required.
|
|
16
|
+
*/
|
|
17
|
+
identifier: InteractionIdentifier;
|
|
18
|
+
passwordEncrypted?: string;
|
|
19
|
+
passwordEncryptionMethod?: UsersPasswordEncryptionMethod.Argon2i;
|
|
20
|
+
};
|
|
21
|
+
export declare const newPasswordIdentityVerificationRecordDataGuard: z.ZodObject<{
|
|
22
|
+
id: z.ZodString;
|
|
23
|
+
type: z.ZodLiteral<VerificationType.NewPasswordIdentity>;
|
|
24
|
+
identifier: z.ZodObject<{
|
|
25
|
+
type: z.ZodNativeEnum<typeof import("../../index.js").SignInIdentifier>;
|
|
26
|
+
value: z.ZodString;
|
|
27
|
+
}, "strip", z.ZodTypeAny, {
|
|
28
|
+
value: string;
|
|
29
|
+
type: import("../../index.js").SignInIdentifier;
|
|
30
|
+
}, {
|
|
31
|
+
value: string;
|
|
32
|
+
type: import("../../index.js").SignInIdentifier;
|
|
33
|
+
}>;
|
|
34
|
+
passwordEncrypted: z.ZodOptional<z.ZodString>;
|
|
35
|
+
passwordEncryptionMethod: z.ZodOptional<z.ZodLiteral<UsersPasswordEncryptionMethod.Argon2i>>;
|
|
36
|
+
}, "strip", z.ZodTypeAny, {
|
|
37
|
+
type: VerificationType.NewPasswordIdentity;
|
|
38
|
+
id: string;
|
|
39
|
+
identifier: {
|
|
40
|
+
value: string;
|
|
41
|
+
type: import("../../index.js").SignInIdentifier;
|
|
42
|
+
};
|
|
43
|
+
passwordEncrypted?: string | undefined;
|
|
44
|
+
passwordEncryptionMethod?: UsersPasswordEncryptionMethod.Argon2i | undefined;
|
|
45
|
+
}, {
|
|
46
|
+
type: VerificationType.NewPasswordIdentity;
|
|
47
|
+
id: string;
|
|
48
|
+
identifier: {
|
|
49
|
+
value: string;
|
|
50
|
+
type: import("../../index.js").SignInIdentifier;
|
|
51
|
+
};
|
|
52
|
+
passwordEncrypted?: string | undefined;
|
|
53
|
+
passwordEncryptionMethod?: UsersPasswordEncryptionMethod.Argon2i | undefined;
|
|
54
|
+
}>;
|
|
55
|
+
export type SanitizedNewPasswordIdentityVerificationRecordData = Omit<NewPasswordIdentityVerificationRecordData, 'passwordEncrypted' | 'passwordEncryptionMethod'>;
|
|
56
|
+
export declare const sanitizedNewPasswordIdentityVerificationRecordDataGuard: z.ZodObject<Omit<{
|
|
57
|
+
id: z.ZodString;
|
|
58
|
+
type: z.ZodLiteral<VerificationType.NewPasswordIdentity>;
|
|
59
|
+
identifier: z.ZodObject<{
|
|
60
|
+
type: z.ZodNativeEnum<typeof import("../../index.js").SignInIdentifier>;
|
|
61
|
+
value: z.ZodString;
|
|
62
|
+
}, "strip", z.ZodTypeAny, {
|
|
63
|
+
value: string;
|
|
64
|
+
type: import("../../index.js").SignInIdentifier;
|
|
65
|
+
}, {
|
|
66
|
+
value: string;
|
|
67
|
+
type: import("../../index.js").SignInIdentifier;
|
|
68
|
+
}>;
|
|
69
|
+
passwordEncrypted: z.ZodOptional<z.ZodString>;
|
|
70
|
+
passwordEncryptionMethod: z.ZodOptional<z.ZodLiteral<UsersPasswordEncryptionMethod.Argon2i>>;
|
|
71
|
+
}, "passwordEncrypted" | "passwordEncryptionMethod">, "strip", z.ZodTypeAny, {
|
|
72
|
+
type: VerificationType.NewPasswordIdentity;
|
|
73
|
+
id: string;
|
|
74
|
+
identifier: {
|
|
75
|
+
value: string;
|
|
76
|
+
type: import("../../index.js").SignInIdentifier;
|
|
77
|
+
};
|
|
78
|
+
}, {
|
|
79
|
+
type: VerificationType.NewPasswordIdentity;
|
|
80
|
+
id: string;
|
|
81
|
+
identifier: {
|
|
82
|
+
value: string;
|
|
83
|
+
type: import("../../index.js").SignInIdentifier;
|
|
84
|
+
};
|
|
85
|
+
}>;
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @deprecated
|
|
3
|
+
* This verification record type is deprecated.
|
|
4
|
+
* DO NOT use this verification record type in new code.
|
|
5
|
+
*/
|
|
6
|
+
import { z } from 'zod';
|
|
7
|
+
import { UsersPasswordEncryptionMethod } from '../../db-entries/custom-types.js';
|
|
8
|
+
import { interactionIdentifierGuard } from '../interactions.js';
|
|
9
|
+
import { VerificationType } from './verification-type.js';
|
|
10
|
+
export const newPasswordIdentityVerificationRecordDataGuard = z.object({
|
|
11
|
+
id: z.string(),
|
|
12
|
+
type: z.literal(VerificationType.NewPasswordIdentity),
|
|
13
|
+
identifier: interactionIdentifierGuard,
|
|
14
|
+
passwordEncrypted: z.string().optional(),
|
|
15
|
+
passwordEncryptionMethod: z.literal(UsersPasswordEncryptionMethod.Argon2i).optional(),
|
|
16
|
+
});
|
|
17
|
+
export const sanitizedNewPasswordIdentityVerificationRecordDataGuard = newPasswordIdentityVerificationRecordDataGuard.omit({
|
|
18
|
+
passwordEncrypted: true,
|
|
19
|
+
passwordEncryptionMethod: true,
|
|
20
|
+
});
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
import { type OneTimeTokenContext, SignInIdentifier } from '../../foundations/index.js';
|
|
3
|
+
import { type InteractionIdentifier } from '../interactions.js';
|
|
4
|
+
import { VerificationType } from './verification-type.js';
|
|
5
|
+
export type OneTimeTokenVerificationRecordData = {
|
|
6
|
+
id: string;
|
|
7
|
+
type: VerificationType.OneTimeToken;
|
|
8
|
+
identifier: InteractionIdentifier<SignInIdentifier.Email>;
|
|
9
|
+
verified: boolean;
|
|
10
|
+
oneTimeTokenContext?: OneTimeTokenContext;
|
|
11
|
+
};
|
|
12
|
+
export declare const oneTimeTokenVerificationRecordDataGuard: z.ZodObject<{
|
|
13
|
+
id: z.ZodString;
|
|
14
|
+
type: z.ZodLiteral<VerificationType.OneTimeToken>;
|
|
15
|
+
verified: z.ZodBoolean;
|
|
16
|
+
identifier: z.ZodObject<{
|
|
17
|
+
type: z.ZodLiteral<SignInIdentifier.Email>;
|
|
18
|
+
value: z.ZodString;
|
|
19
|
+
}, "strip", z.ZodTypeAny, {
|
|
20
|
+
value: string;
|
|
21
|
+
type: SignInIdentifier.Email;
|
|
22
|
+
}, {
|
|
23
|
+
value: string;
|
|
24
|
+
type: SignInIdentifier.Email;
|
|
25
|
+
}>;
|
|
26
|
+
oneTimeTokenContext: z.ZodOptional<z.ZodObject<{
|
|
27
|
+
jitOrganizationIds: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
28
|
+
}, "strip", z.ZodTypeAny, {
|
|
29
|
+
jitOrganizationIds?: string[] | undefined;
|
|
30
|
+
}, {
|
|
31
|
+
jitOrganizationIds?: string[] | undefined;
|
|
32
|
+
}>>;
|
|
33
|
+
}, "strip", z.ZodTypeAny, {
|
|
34
|
+
type: VerificationType.OneTimeToken;
|
|
35
|
+
id: string;
|
|
36
|
+
identifier: {
|
|
37
|
+
value: string;
|
|
38
|
+
type: SignInIdentifier.Email;
|
|
39
|
+
};
|
|
40
|
+
verified: boolean;
|
|
41
|
+
oneTimeTokenContext?: {
|
|
42
|
+
jitOrganizationIds?: string[] | undefined;
|
|
43
|
+
} | undefined;
|
|
44
|
+
}, {
|
|
45
|
+
type: VerificationType.OneTimeToken;
|
|
46
|
+
id: string;
|
|
47
|
+
identifier: {
|
|
48
|
+
value: string;
|
|
49
|
+
type: SignInIdentifier.Email;
|
|
50
|
+
};
|
|
51
|
+
verified: boolean;
|
|
52
|
+
oneTimeTokenContext?: {
|
|
53
|
+
jitOrganizationIds?: string[] | undefined;
|
|
54
|
+
} | undefined;
|
|
55
|
+
}>;
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
import { oneTimeTokenContextGuard, SignInIdentifier, } from '../../foundations/index.js';
|
|
3
|
+
import { VerificationType } from './verification-type.js';
|
|
4
|
+
export const oneTimeTokenVerificationRecordDataGuard = z.object({
|
|
5
|
+
id: z.string(),
|
|
6
|
+
type: z.literal(VerificationType.OneTimeToken),
|
|
7
|
+
verified: z.boolean(),
|
|
8
|
+
identifier: z.object({
|
|
9
|
+
type: z.literal(SignInIdentifier.Email),
|
|
10
|
+
value: z.string(),
|
|
11
|
+
}),
|
|
12
|
+
oneTimeTokenContext: oneTimeTokenContextGuard.optional(),
|
|
13
|
+
});
|