@logto/schemas 1.28.0 → 1.30.0

package/lib/consts/oidc.d.ts

@@ -53,7 +53,11 @@ export declare enum ExtraParamsKey {
     /**
      * The one-time token used as a proof for the user's identity. Example use case: Magic link.
      */
-    OneTimeToken = "one_time_token"
+    OneTimeToken = "one_time_token",
+    /**
+     * The Google One Tap credential JWT token for external website integration.
+     */
+    GoogleOneTapCredential = "google_one_tap_credential"
 }
 /** @deprecated Use {@link FirstScreen} instead. */
 export declare enum InteractionMode {
@@ -78,6 +82,7 @@ export declare const extraParamsObjectGuard: z.ZodObject<{
     login_hint: z.ZodOptional<z.ZodString>;
     identifier: z.ZodOptional<z.ZodString>;
     one_time_token: z.ZodOptional<z.ZodString>;
+    google_one_tap_credential: z.ZodOptional<z.ZodString>;
 }, "strip", z.ZodTypeAny, {
     interaction_mode?: InteractionMode | undefined;
     first_screen?: FirstScreen | undefined;
@@ -86,6 +91,7 @@ export declare const extraParamsObjectGuard: z.ZodObject<{
     login_hint?: string | undefined;
     identifier?: string | undefined;
     one_time_token?: string | undefined;
+    google_one_tap_credential?: string | undefined;
 }, {
     interaction_mode?: InteractionMode | undefined;
     first_screen?: FirstScreen | undefined;
@@ -94,6 +100,7 @@ export declare const extraParamsObjectGuard: z.ZodObject<{
     login_hint?: string | undefined;
     identifier?: string | undefined;
     one_time_token?: string | undefined;
+    google_one_tap_credential?: string | undefined;
 }>;
 export type ExtraParamsObject = Partial<{
     [ExtraParamsKey.InteractionMode]: InteractionMode;
@@ -103,4 +110,5 @@ export type ExtraParamsObject = Partial<{
     [ExtraParamsKey.LoginHint]: string;
     [ExtraParamsKey.Identifier]: string;
     [ExtraParamsKey.OneTimeToken]: string;
+    [ExtraParamsKey.GoogleOneTapCredential]: string;
 }>;

package/lib/consts/oidc.js

@@ -56,6 +56,10 @@ export var ExtraParamsKey;
      * The one-time token used as a proof for the user's identity. Example use case: Magic link.
      */
     ExtraParamsKey["OneTimeToken"] = "one_time_token";
+    /**
+     * The Google One Tap credential JWT token for external website integration.
+     */
+    ExtraParamsKey["GoogleOneTapCredential"] = "google_one_tap_credential";
 })(ExtraParamsKey || (ExtraParamsKey = {}));
 /** @deprecated Use {@link FirstScreen} instead. */
 export var InteractionMode;
@@ -83,5 +87,6 @@ export const extraParamsObjectGuard = z
     [ExtraParamsKey.LoginHint]: z.string(),
     [ExtraParamsKey.Identifier]: z.string(),
     [ExtraParamsKey.OneTimeToken]: z.string(),
+    [ExtraParamsKey.GoogleOneTapCredential]: z.string(),
 })
     .partial();

package/lib/db-entries/account-center.d.ts

@@ -1,4 +1,4 @@
-import { AccountCenterFieldControl, GeneratedSchema } from './../foundations/index.js';
+import { AccountCenterFieldControl, WebauthnRelatedOrigins, GeneratedSchema } from './../foundations/index.js';
 /**
  *
  * @remarks This is a type for database creation.
@@ -11,6 +11,7 @@ export type CreateAccountCenter = {
     enabled?: boolean;
     /** Control each fields */
     fields?: AccountCenterFieldControl;
+    webauthnRelatedOrigins?: WebauthnRelatedOrigins;
 };
 export type AccountCenter = {
     tenantId: string;
@@ -19,6 +20,7 @@ export type AccountCenter = {
     enabled: boolean;
     /** Control each fields */
     fields: AccountCenterFieldControl;
+    webauthnRelatedOrigins: WebauthnRelatedOrigins;
 };
-export type AccountCenterKeys = 'tenantId' | 'id' | 'enabled' | 'fields';
+export type AccountCenterKeys = 'tenantId' | 'id' | 'enabled' | 'fields' | 'webauthnRelatedOrigins';
 export declare const AccountCenters: GeneratedSchema<AccountCenterKeys, CreateAccountCenter, AccountCenter, 'account_centers', 'account_center'>;

package/lib/db-entries/account-center.js

@@ -1,17 +1,19 @@
 // THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
 import { z } from 'zod';
-import { accountCenterFieldControlGuard } from './../foundations/index.js';
+import { accountCenterFieldControlGuard, webauthnRelatedOriginsGuard } from './../foundations/index.js';
 const createGuard = z.object({
     tenantId: z.string().max(21).optional(),
     id: z.string().min(1).max(21),
     enabled: z.boolean().optional(),
     fields: accountCenterFieldControlGuard.optional(),
+    webauthnRelatedOrigins: webauthnRelatedOriginsGuard.optional(),
 });
 const guard = z.object({
     tenantId: z.string().max(21),
     id: z.string().min(1).max(21),
     enabled: z.boolean(),
     fields: accountCenterFieldControlGuard,
+    webauthnRelatedOrigins: webauthnRelatedOriginsGuard,
 });
 export const AccountCenters = Object.freeze({
     table: 'account_centers',
@@ -21,12 +23,14 @@ export const AccountCenters = Object.freeze({
         id: 'id',
         enabled: 'enabled',
         fields: 'fields',
+        webauthnRelatedOrigins: 'webauthn_related_origins',
     },
     fieldKeys: [
         'tenantId',
         'id',
         'enabled',
         'fields',
+        'webauthnRelatedOrigins',
     ],
     createGuard,
     guard,

package/lib/db-entries/connector.d.ts

@@ -8,6 +8,8 @@ export type CreateConnector = {
     tenantId?: string;
     id: string;
     syncProfile?: boolean;
+    /** Whether the token storage is enabled for this connector. Only applied for OAuth2/OIDC social connectors. */
+    enableTokenStorage?: boolean;
     connectorId: string;
     config?: JsonObject;
     metadata?: ConfigurableConnectorMetadata;
@@ -17,10 +19,12 @@ export type Connector = {
     tenantId: string;
     id: string;
     syncProfile: boolean;
+    /** Whether the token storage is enabled for this connector. Only applied for OAuth2/OIDC social connectors. */
+    enableTokenStorage: boolean;
     connectorId: string;
     config: JsonObject;
     metadata: ConfigurableConnectorMetadata;
     createdAt: number;
 };
-export type ConnectorKeys = 'tenantId' | 'id' | 'syncProfile' | 'connectorId' | 'config' | 'metadata' | 'createdAt';
+export type ConnectorKeys = 'tenantId' | 'id' | 'syncProfile' | 'enableTokenStorage' | 'connectorId' | 'config' | 'metadata' | 'createdAt';
 export declare const Connectors: GeneratedSchema<ConnectorKeys, CreateConnector, Connector, 'connectors', 'connector'>;

package/lib/db-entries/connector.js

@@ -5,6 +5,7 @@ const createGuard = z.object({
     tenantId: z.string().max(21).optional(),
     id: z.string().min(1).max(128),
     syncProfile: z.boolean().optional(),
+    enableTokenStorage: z.boolean().optional(),
     connectorId: z.string().min(1).max(128),
     config: jsonObjectGuard.optional(),
     metadata: configurableConnectorMetadataGuard.optional(),
@@ -14,6 +15,7 @@ const guard = z.object({
     tenantId: z.string().max(21),
     id: z.string().min(1).max(128),
     syncProfile: z.boolean(),
+    enableTokenStorage: z.boolean(),
     connectorId: z.string().min(1).max(128),
     config: jsonObjectGuard,
     metadata: configurableConnectorMetadataGuard,
@@ -26,6 +28,7 @@ export const Connectors = Object.freeze({
         tenantId: 'tenant_id',
         id: 'id',
         syncProfile: 'sync_profile',
+        enableTokenStorage: 'enable_token_storage',
         connectorId: 'connector_id',
         config: 'config',
         metadata: 'metadata',
@@ -35,6 +38,7 @@ export const Connectors = Object.freeze({
         'tenantId',
         'id',
         'syncProfile',
+        'enableTokenStorage',
         'connectorId',
         'config',
         'metadata',

package/lib/db-entries/custom-profile-field.d.ts

@@ -0,0 +1,32 @@
+import { CustomProfileFieldType, CustomProfileFieldConfig, GeneratedSchema } from './../foundations/index.js';
+/**
+ *
+ * @remarks This is a type for database creation.
+ * @see {@link CustomProfileField} for the original type.
+ */
+export type CreateCustomProfileField = {
+    tenantId?: string;
+    id: string;
+    name: string;
+    type: CustomProfileFieldType;
+    label?: string;
+    description?: string | null;
+    required?: boolean;
+    config?: CustomProfileFieldConfig;
+    createdAt?: number;
+    sieOrder?: number;
+};
+export type CustomProfileField = {
+    tenantId: string;
+    id: string;
+    name: string;
+    type: CustomProfileFieldType;
+    label: string;
+    description: string | null;
+    required: boolean;
+    config: CustomProfileFieldConfig;
+    createdAt: number;
+    sieOrder: number;
+};
+export type CustomProfileFieldKeys = 'tenantId' | 'id' | 'name' | 'type' | 'label' | 'description' | 'required' | 'config' | 'createdAt' | 'sieOrder';
+export declare const CustomProfileFields: GeneratedSchema<CustomProfileFieldKeys, CreateCustomProfileField, CustomProfileField, 'custom_profile_fields', 'custom_profile_field'>;

package/lib/db-entries/custom-profile-field.js

@@ -0,0 +1,58 @@
+// THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+import { z } from 'zod';
+import { customProfileFieldTypeGuard, customProfileFieldConfigGuard } from './../foundations/index.js';
+const createGuard = z.object({
+    tenantId: z.string().max(21).optional(),
+    id: z.string().min(1).max(21),
+    name: z.string().min(1).max(128),
+    type: customProfileFieldTypeGuard,
+    label: z.string().min(1).max(128).optional(),
+    description: z.string().max(256).nullable().optional(),
+    required: z.boolean().optional(),
+    config: customProfileFieldConfigGuard.optional(),
+    createdAt: z.number().optional(),
+    sieOrder: z.number().optional(),
+});
+const guard = z.object({
+    tenantId: z.string().max(21),
+    id: z.string().min(1).max(21),
+    name: z.string().min(1).max(128),
+    type: customProfileFieldTypeGuard,
+    label: z.string().max(128),
+    description: z.string().max(256).nullable(),
+    required: z.boolean(),
+    config: customProfileFieldConfigGuard,
+    createdAt: z.number(),
+    sieOrder: z.number(),
+});
+export const CustomProfileFields = Object.freeze({
+    table: 'custom_profile_fields',
+    tableSingular: 'custom_profile_field',
+    fields: {
+        tenantId: 'tenant_id',
+        id: 'id',
+        name: 'name',
+        type: 'type',
+        label: 'label',
+        description: 'description',
+        required: 'required',
+        config: 'config',
+        createdAt: 'created_at',
+        sieOrder: 'sie_order',
+    },
+    fieldKeys: [
+        'tenantId',
+        'id',
+        'name',
+        'type',
+        'label',
+        'description',
+        'required',
+        'config',
+        'createdAt',
+        'sieOrder',
+    ],
+    createGuard,
+    guard,
+    updateGuard: guard.partial(),
+});

package/lib/db-entries/index.d.ts

@@ -16,6 +16,7 @@ export * from './applications-role.js';
 export * from './captcha-provider.js';
 export * from './connector.js';
 export * from './custom-phrase.js';
+export * from './custom-profile-field.js';
 export * from './daily-active-user.js';
 export * from './daily-token-usage.js';
 export * from './domain.js';
@@ -25,6 +26,7 @@ export * from './idp-initiated-saml-sso-session.js';
 export * from './log.js';
 export * from './logto-config.js';
 export * from './oidc-model-instance.js';
+export * from './oidc-session-extension.js';
 export * from './one-time-token.js';
 export * from './organization-application-relation.js';
 export * from './organization-invitation-role-relation.js';
@@ -49,6 +51,9 @@ export * from './saml-application-config.js';
 export * from './saml-application-secret.js';
 export * from './saml-application-session.js';
 export * from './scope.js';
+export * from './secret-enterprise-sso-connector-relation.js';
+export * from './secret-social-connector-relation.js';
+export * from './secret.js';
 export * from './sentinel-activity.js';
 export * from './service-log.js';
 export * from './sign-in-experience.js';

package/lib/db-entries/index.js

@@ -17,6 +17,7 @@ export * from './applications-role.js';
 export * from './captcha-provider.js';
 export * from './connector.js';
 export * from './custom-phrase.js';
+export * from './custom-profile-field.js';
 export * from './daily-active-user.js';
 export * from './daily-token-usage.js';
 export * from './domain.js';
@@ -26,6 +27,7 @@ export * from './idp-initiated-saml-sso-session.js';
 export * from './log.js';
 export * from './logto-config.js';
 export * from './oidc-model-instance.js';
+export * from './oidc-session-extension.js';
 export * from './one-time-token.js';
 export * from './organization-application-relation.js';
 export * from './organization-invitation-role-relation.js';
@@ -50,6 +52,9 @@ export * from './saml-application-config.js';
 export * from './saml-application-secret.js';
 export * from './saml-application-session.js';
 export * from './scope.js';
+export * from './secret-enterprise-sso-connector-relation.js';
+export * from './secret-social-connector-relation.js';
+export * from './secret.js';
 export * from './sentinel-activity.js';
 export * from './service-log.js';
 export * from './sign-in-experience.js';

package/lib/db-entries/oidc-session-extension.d.ts

@@ -0,0 +1,24 @@
+import { JsonObject, GeneratedSchema } from './../foundations/index.js';
+/**
+ *
+ * @remarks This is a type for database creation.
+ * @see {@link OidcSessionExtension} for the original type.
+ */
+export type CreateOidcSessionExtension = {
+    tenantId?: string;
+    sessionUid: string;
+    accountId: string;
+    lastSubmission?: JsonObject;
+    createdAt?: number;
+    updatedAt?: number;
+};
+export type OidcSessionExtension = {
+    tenantId: string;
+    sessionUid: string;
+    accountId: string;
+    lastSubmission: JsonObject;
+    createdAt: number;
+    updatedAt: number;
+};
+export type OidcSessionExtensionKeys = 'tenantId' | 'sessionUid' | 'accountId' | 'lastSubmission' | 'createdAt' | 'updatedAt';
+export declare const OidcSessionExtensions: GeneratedSchema<OidcSessionExtensionKeys, CreateOidcSessionExtension, OidcSessionExtension, 'oidc_session_extensions', 'oidc_session_extension'>;

package/lib/db-entries/oidc-session-extension.js

@@ -0,0 +1,42 @@
+// THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+import { z } from 'zod';
+import { jsonObjectGuard } from './../foundations/index.js';
+const createGuard = z.object({
+    tenantId: z.string().max(21).optional(),
+    sessionUid: z.string().min(1).max(128),
+    accountId: z.string().min(1).max(12),
+    lastSubmission: jsonObjectGuard.optional(),
+    createdAt: z.number().optional(),
+    updatedAt: z.number().optional(),
+});
+const guard = z.object({
+    tenantId: z.string().max(21),
+    sessionUid: z.string().min(1).max(128),
+    accountId: z.string().min(1).max(12),
+    lastSubmission: jsonObjectGuard,
+    createdAt: z.number(),
+    updatedAt: z.number(),
+});
+export const OidcSessionExtensions = Object.freeze({
+    table: 'oidc_session_extensions',
+    tableSingular: 'oidc_session_extension',
+    fields: {
+        tenantId: 'tenant_id',
+        sessionUid: 'session_uid',
+        accountId: 'account_id',
+        lastSubmission: 'last_submission',
+        createdAt: 'created_at',
+        updatedAt: 'updated_at',
+    },
+    fieldKeys: [
+        'tenantId',
+        'sessionUid',
+        'accountId',
+        'lastSubmission',
+        'createdAt',
+        'updatedAt',
+    ],
+    createGuard,
+    guard,
+    updateGuard: guard.partial(),
+});

package/lib/db-entries/secret-enterprise-sso-connector-relation.d.ts

@@ -0,0 +1,28 @@
+import { GeneratedSchema } from './../foundations/index.js';
+/**
+ *
+ * @remarks This is a type for database creation.
+ * @see {@link SecretEnterpriseSsoConnectorRelation} for the original type.
+ */
+export type CreateSecretEnterpriseSsoConnectorRelation = {
+    tenantId?: string;
+    secretId: string;
+    /** SSO connector ID foreign reference. Only present for secrets that store SSO connector tokens. Note: avoid directly cascading deletes here, need to delete the secrets first. */
+    ssoConnectorId: string;
+    /** User SSO connector issuer. Only present for secrets that store SSO connector tokens. */
+    issuer: string;
+    /** User SSO identity ID. Only present for secrets that store SSO identity tokens. */
+    identityId: string;
+};
+export type SecretEnterpriseSsoConnectorRelation = {
+    tenantId: string;
+    secretId: string;
+    /** SSO connector ID foreign reference. Only present for secrets that store SSO connector tokens. Note: avoid directly cascading deletes here, need to delete the secrets first. */
+    ssoConnectorId: string;
+    /** User SSO connector issuer. Only present for secrets that store SSO connector tokens. */
+    issuer: string;
+    /** User SSO identity ID. Only present for secrets that store SSO identity tokens. */
+    identityId: string;
+};
+export type SecretEnterpriseSsoConnectorRelationKeys = 'tenantId' | 'secretId' | 'ssoConnectorId' | 'issuer' | 'identityId';
+export declare const SecretEnterpriseSsoConnectorRelations: GeneratedSchema<SecretEnterpriseSsoConnectorRelationKeys, CreateSecretEnterpriseSsoConnectorRelation, SecretEnterpriseSsoConnectorRelation, 'secret_enterprise_sso_connector_relations', 'secret_enterprise_sso_connector_relation'>;

package/lib/db-entries/secret-enterprise-sso-connector-relation.js

@@ -0,0 +1,37 @@
+// THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+import { z } from 'zod';
+const createGuard = z.object({
+    tenantId: z.string().max(21).optional(),
+    secretId: z.string().min(1).max(21),
+    ssoConnectorId: z.string().min(1).max(128),
+    issuer: z.string().min(1).max(256),
+    identityId: z.string().min(1).max(128),
+});
+const guard = z.object({
+    tenantId: z.string().max(21),
+    secretId: z.string().min(1).max(21),
+    ssoConnectorId: z.string().min(1).max(128),
+    issuer: z.string().min(1).max(256),
+    identityId: z.string().min(1).max(128),
+});
+export const SecretEnterpriseSsoConnectorRelations = Object.freeze({
+    table: 'secret_enterprise_sso_connector_relations',
+    tableSingular: 'secret_enterprise_sso_connector_relation',
+    fields: {
+        tenantId: 'tenant_id',
+        secretId: 'secret_id',
+        ssoConnectorId: 'sso_connector_id',
+        issuer: 'issuer',
+        identityId: 'identity_id',
+    },
+    fieldKeys: [
+        'tenantId',
+        'secretId',
+        'ssoConnectorId',
+        'issuer',
+        'identityId',
+    ],
+    createGuard,
+    guard,
+    updateGuard: guard.partial(),
+});

package/lib/db-entries/secret-social-connector-relation.d.ts

@@ -0,0 +1,28 @@
+import { GeneratedSchema } from './../foundations/index.js';
+/**
+ *
+ * @remarks This is a type for database creation.
+ * @see {@link SecretSocialConnectorRelation} for the original type.
+ */
+export type CreateSecretSocialConnectorRelation = {
+    tenantId?: string;
+    secretId: string;
+    /** Social connector ID foreign reference. Only present for secrets that store social connector tokens. Note: avoid directly cascading deletes here, need to delete the secrets first. */
+    connectorId: string;
+    /** The target of the social connector. e.g. 'github', 'google', etc. */
+    target: string;
+    /** User social identity ID foreign reference. Only present for secrets that store social identity tokens. */
+    identityId: string;
+};
+export type SecretSocialConnectorRelation = {
+    tenantId: string;
+    secretId: string;
+    /** Social connector ID foreign reference. Only present for secrets that store social connector tokens. Note: avoid directly cascading deletes here, need to delete the secrets first. */
+    connectorId: string;
+    /** The target of the social connector. e.g. 'github', 'google', etc. */
+    target: string;
+    /** User social identity ID foreign reference. Only present for secrets that store social identity tokens. */
+    identityId: string;
+};
+export type SecretSocialConnectorRelationKeys = 'tenantId' | 'secretId' | 'connectorId' | 'target' | 'identityId';
+export declare const SecretSocialConnectorRelations: GeneratedSchema<SecretSocialConnectorRelationKeys, CreateSecretSocialConnectorRelation, SecretSocialConnectorRelation, 'secret_social_connector_relations', 'secret_social_connector_relation'>;

package/lib/db-entries/secret-social-connector-relation.js

@@ -0,0 +1,37 @@
+// THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+import { z } from 'zod';
+const createGuard = z.object({
+    tenantId: z.string().max(21).optional(),
+    secretId: z.string().min(1).max(21),
+    connectorId: z.string().min(1).max(128),
+    target: z.string().min(1).max(256),
+    identityId: z.string().min(1).max(128),
+});
+const guard = z.object({
+    tenantId: z.string().max(21),
+    secretId: z.string().min(1).max(21),
+    connectorId: z.string().min(1).max(128),
+    target: z.string().min(1).max(256),
+    identityId: z.string().min(1).max(128),
+});
+export const SecretSocialConnectorRelations = Object.freeze({
+    table: 'secret_social_connector_relations',
+    tableSingular: 'secret_social_connector_relation',
+    fields: {
+        tenantId: 'tenant_id',
+        secretId: 'secret_id',
+        connectorId: 'connector_id',
+        target: 'target',
+        identityId: 'identity_id',
+    },
+    fieldKeys: [
+        'tenantId',
+        'secretId',
+        'connectorId',
+        'target',
+        'identityId',
+    ],
+    createGuard,
+    guard,
+    updateGuard: guard.partial(),
+});

package/lib/db-entries/secret.d.ts

@@ -0,0 +1,44 @@
+import { SecretType, BufferLike, JsonObject, GeneratedSchema } from './../foundations/index.js';
+/**
+ *
+ * @remarks This is a type for database creation.
+ * @see {@link Secret} for the original type.
+ */
+export type CreateSecret = {
+    tenantId?: string;
+    id: string;
+    userId: string;
+    type: SecretType;
+    /** Encrypted data encryption key (DEK) for the secret. */
+    encryptedDek: BufferLike;
+    /** Initialization vector for the secret encryption. */
+    iv: BufferLike;
+    /** Authentication tag for the secret encryption. */
+    authTag: BufferLike;
+    /** The encrypted secret data. e.g. { access_token, refresh_token } */
+    ciphertext: BufferLike;
+    /** The metadata associated with the secret. */
+    metadata?: JsonObject;
+    createdAt?: number;
+    updatedAt?: number;
+};
+export type Secret = {
+    tenantId: string;
+    id: string;
+    userId: string;
+    type: SecretType;
+    /** Encrypted data encryption key (DEK) for the secret. */
+    encryptedDek: BufferLike;
+    /** Initialization vector for the secret encryption. */
+    iv: BufferLike;
+    /** Authentication tag for the secret encryption. */
+    authTag: BufferLike;
+    /** The encrypted secret data. e.g. { access_token, refresh_token } */
+    ciphertext: BufferLike;
+    /** The metadata associated with the secret. */
+    metadata: JsonObject;
+    createdAt: number;
+    updatedAt: number;
+};
+export type SecretKeys = 'tenantId' | 'id' | 'userId' | 'type' | 'encryptedDek' | 'iv' | 'authTag' | 'ciphertext' | 'metadata' | 'createdAt' | 'updatedAt';
+export declare const Secrets: GeneratedSchema<SecretKeys, CreateSecret, Secret, 'secrets', 'secret'>;

package/lib/db-entries/secret.js

@@ -0,0 +1,62 @@
+// THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+import { z } from 'zod';
+import { secretTypeGuard, bufferLikeGuard, jsonObjectGuard } from './../foundations/index.js';
+const createGuard = z.object({
+    tenantId: z.string().max(21).optional(),
+    id: z.string().min(1).max(21),
+    userId: z.string().min(1).max(21),
+    type: secretTypeGuard,
+    encryptedDek: bufferLikeGuard,
+    iv: bufferLikeGuard,
+    authTag: bufferLikeGuard,
+    ciphertext: bufferLikeGuard,
+    metadata: jsonObjectGuard.optional(),
+    createdAt: z.number().optional(),
+    updatedAt: z.number().optional(),
+});
+const guard = z.object({
+    tenantId: z.string().max(21),
+    id: z.string().min(1).max(21),
+    userId: z.string().min(1).max(21),
+    type: secretTypeGuard,
+    encryptedDek: bufferLikeGuard,
+    iv: bufferLikeGuard,
+    authTag: bufferLikeGuard,
+    ciphertext: bufferLikeGuard,
+    metadata: jsonObjectGuard,
+    createdAt: z.number(),
+    updatedAt: z.number(),
+});
+export const Secrets = Object.freeze({
+    table: 'secrets',
+    tableSingular: 'secret',
+    fields: {
+        tenantId: 'tenant_id',
+        id: 'id',
+        userId: 'user_id',
+        type: 'type',
+        encryptedDek: 'encrypted_dek',
+        iv: 'iv',
+        authTag: 'auth_tag',
+        ciphertext: 'ciphertext',
+        metadata: 'metadata',
+        createdAt: 'created_at',
+        updatedAt: 'updated_at',
+    },
+    fieldKeys: [
+        'tenantId',
+        'id',
+        'userId',
+        'type',
+        'encryptedDek',
+        'iv',
+        'authTag',
+        'ciphertext',
+        'metadata',
+        'createdAt',
+        'updatedAt',
+    ],
+    createGuard,
+    guard,
+    updateGuard: guard.partial(),
+});

package/lib/db-entries/sso-connector.d.ts

@@ -20,6 +20,8 @@ export type CreateSsoConnector = {
     branding?: SsoBranding;
     /** Determines whether to synchronize the user's profile on each login. */
     syncProfile?: boolean;
+    /** Whether the token storage is enabled for this connector. Only applied for OAuth2/OIDC SSO connectors. */
+    enableTokenStorage?: boolean;
     /** When the SSO connector was created. */
     createdAt?: number;
 };
@@ -39,8 +41,10 @@ export type SsoConnector = {
     branding: SsoBranding;
     /** Determines whether to synchronize the user's profile on each login. */
     syncProfile: boolean;
+    /** Whether the token storage is enabled for this connector. Only applied for OAuth2/OIDC SSO connectors. */
+    enableTokenStorage: boolean;
     /** When the SSO connector was created. */
     createdAt: number;
 };
-export type SsoConnectorKeys = 'tenantId' | 'id' | 'providerName' | 'connectorName' | 'config' | 'domains' | 'branding' | 'syncProfile' | 'createdAt';
+export type SsoConnectorKeys = 'tenantId' | 'id' | 'providerName' | 'connectorName' | 'config' | 'domains' | 'branding' | 'syncProfile' | 'enableTokenStorage' | 'createdAt';
 export declare const SsoConnectors: GeneratedSchema<SsoConnectorKeys, CreateSsoConnector, SsoConnector, 'sso_connectors', 'sso_connector'>;