@logto/schemas 1.29.0 → 1.30.1

package/lib/types/custom-profile-fields.js

@@ -1,12 +1,15 @@
 import { z } from 'zod';
 import { Users } from '../db-entries/user.js';
-import { CustomProfileFieldType, customProfileFieldTypeGuard, userProfileAddressKeys, userProfileGuard, } from '../foundations/index.js';
+import { CustomProfileFieldType, customProfileFieldTypeGuard, fieldPartGuard, userProfileAddressKeys, userProfileGuard, } from '../foundations/index.js';
+import { userOnboardingDataKey } from './onboarding.js';
+import { defaultTenantIdKey } from './tenant.js';
+import { consoleUserPreferenceKey, guideRequestsKey } from './user.js';
 const baseProfileFieldGuard = z.object({
     name: z.string(),
     type: customProfileFieldTypeGuard,
     label: z.string(),
     description: z.string().optional(),
-    required: z.boolean().optional(),
+    required: z.boolean(),
 });
 export const textProfileFieldGuard = baseProfileFieldGuard.extend({
     type: z.literal(CustomProfileFieldType.Text),
@@ -34,6 +37,7 @@ export const dateProfileFieldGuard = baseProfileFieldGuard.extend({
         .object({
         placeholder: z.string().optional(),
         format: z.string(),
+        customFormat: z.string().optional(),
     })
         .optional(),
 });
@@ -68,13 +72,12 @@ export const regexProfileFieldGuard = baseProfileFieldGuard.extend({
 export const addressProfileFieldGuard = baseProfileFieldGuard.extend({
     type: z.literal(CustomProfileFieldType.Address),
     config: z.object({
-        parts: z.array(z.object({
-            key: z.enum(userProfileAddressKeys),
-            enabled: z.boolean(),
+        parts: z.array(fieldPartGuard.omit({ name: true }).extend({
+            name: z.enum(userProfileAddressKeys),
         })),
     }),
 });
-const fullnameKeys = userProfileGuard
+export const fullnameKeys = userProfileGuard
     .pick({
     givenName: true,
     middleName: true,
@@ -84,7 +87,9 @@ const fullnameKeys = userProfileGuard
 export const fullnameProfileFieldGuard = baseProfileFieldGuard.extend({
     type: z.literal(CustomProfileFieldType.Fullname),
     config: z.object({
-        parts: z.array(z.object({ key: z.enum(fullnameKeys), enabled: z.boolean() })),
+        parts: z.array(fieldPartGuard.omit({ name: true }).extend({
+            name: z.enum(fullnameKeys),
+        })),
     }),
 });
 export const customProfileFieldUnionGuard = z.discriminatedUnion('type', [
@@ -98,14 +103,14 @@ export const customProfileFieldUnionGuard = z.discriminatedUnion('type', [
     addressProfileFieldGuard,
     fullnameProfileFieldGuard,
 ]);
-export const builtInCustomProfileFieldKeys = Object.freeze(userProfileGuard
-    .merge(Users.createGuard.pick({
-    name: true,
-    primaryEmail: true,
-    primaryPhone: true,
-    avatar: true,
-}))
-    .keyof().options);
+export const nameAndAvatarGuard = z
+    .object({
+    name: z.string(),
+    avatar: z.string().url().or(z.literal('')),
+})
+    .partial();
+export const builtInProfileGuard = nameAndAvatarGuard.merge(z.object({ profile: userProfileGuard }));
+export const builtInCustomProfileFieldKeys = Object.freeze(builtInProfileGuard.merge(userProfileGuard).keyof().options);
 export const updateCustomProfileFieldDataGuard = z.discriminatedUnion('type', [
     textProfileFieldGuard.omit({ name: true }),
     numberProfileFieldGuard.omit({ name: true }),
@@ -121,3 +126,34 @@ export const updateCustomProfileFieldSieOrderGuard = z.object({
     name: z.string(),
     sieOrder: z.number(),
 });
+export const signInIdentifierKeyGuard = Users.createGuard
+    .pick({
+    username: true,
+    primaryEmail: true,
+    primaryPhone: true,
+})
+    .extend({
+    email: z.string().nullable().optional(),
+    phone: z.string().nullable().optional(),
+});
+export const reservedCustomDataKeyGuard = z
+    .object({
+    [userOnboardingDataKey]: z.string(),
+    [guideRequestsKey]: z.string(),
+    [consoleUserPreferenceKey]: z.string(),
+    [defaultTenantIdKey]: z.string(),
+})
+    .partial();
+export const reservedCustomDataKeys = Object.freeze(reservedCustomDataKeyGuard.keyof().options);
+/**
+ * Disallow sign-in identifiers related field keys in custom profile fields, as this is conflicting
+ * with the built-in sign-in/sign-up experience flows.
+ */
+export const reservedSignInIdentifierKeys = Object.freeze(signInIdentifierKeyGuard.keyof().options);
+export var supportedDateFormat;
+(function (supportedDateFormat) {
+    supportedDateFormat["US"] = "MM/dd/yyyy";
+    supportedDateFormat["UK"] = "dd/MM/yyyy";
+    supportedDateFormat["ISO"] = "yyyy-MM-dd";
+    supportedDateFormat["Custom"] = "custom";
+})(supportedDateFormat || (supportedDateFormat = {}));

package/lib/types/index.d.ts

@@ -33,3 +33,5 @@ export * from './ssr.js';
 export * from './saml-application.js';
 export * from './verification-records/index.js';
 export * from './custom-profile-fields.js';
+export * from './secrets.js';
+export * from './user-logto-config.js';

package/lib/types/index.js

@@ -33,3 +33,5 @@ export * from './ssr.js';
 export * from './saml-application.js';
 export * from './verification-records/index.js';
 export * from './custom-profile-fields.js';
+export * from './secrets.js';
+export * from './user-logto-config.js';

package/lib/types/interactions.d.ts

@@ -59,16 +59,20 @@ export declare const verificationCodeIdentifierGuard: z.ZodObject<{
 export type SocialAuthorizationUrlPayload = {
     state: string;
     redirectUri: string;
+    scope?: string;
 };
 export declare const socialAuthorizationUrlPayloadGuard: z.ZodObject<{
     state: z.ZodString;
     redirectUri: z.ZodString;
+    scope: z.ZodOptional<z.ZodString>;
 }, "strip", z.ZodTypeAny, {
     redirectUri: string;
     state: string;
+    scope?: string | undefined;
 }, {
     redirectUri: string;
     state: string;
+    scope?: string | undefined;
 }>;
 /** Payload type for `POST /api/experience/verification/{social|sso}/:connectorId/verify`. */
 export type SocialVerificationCallbackPayload = {
@@ -276,6 +280,15 @@ export declare const updateProfileApiPayloadGuard: z.ZodDiscriminatedUnion<"type
 }, {
     type: "social";
     verificationId: string;
+}>, z.ZodObject<{
+    type: z.ZodLiteral<"extraProfile">;
+    values: z.ZodRecord<z.ZodString, z.ZodUnknown>;
+}, "strip", z.ZodTypeAny, {
+    type: "extraProfile";
+    values: Record<string, unknown>;
+}, {
+    type: "extraProfile";
+    values: Record<string, unknown>;
 }>]>;
 export type UpdateProfileApiPayload = z.infer<typeof updateProfileApiPayloadGuard>;
 /**
@@ -455,7 +468,8 @@ export declare enum MissingProfile {
     email = "email",
     phone = "phone",
     password = "password",
-    emailOrPhone = "emailOrPhone"
+    emailOrPhone = "emailOrPhone",
+    extraProfile = "extraProfile"
 }
 export declare const bindTotpPayloadGuard: z.ZodObject<{
     type: z.ZodLiteral<MfaFactor.TOTP>;
@@ -573,6 +587,22 @@ export declare const bindBackupCodePayloadGuard: z.ZodObject<{
     type: MfaFactor.BackupCode;
 }>;
 export type BindBackupCodePayload = z.infer<typeof bindBackupCodePayloadGuard>;
+export declare const bindEmailVerificationCodePayloadGuard: z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.EmailVerificationCode>;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.EmailVerificationCode;
+}, {
+    type: MfaFactor.EmailVerificationCode;
+}>;
+export type BindEmailVerificationCodePayload = z.infer<typeof bindEmailVerificationCodePayloadGuard>;
+export declare const bindPhoneVerificationCodePayloadGuard: z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.PhoneVerificationCode>;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.PhoneVerificationCode;
+}, {
+    type: MfaFactor.PhoneVerificationCode;
+}>;
+export type BindPhoneVerificationCodePayload = z.infer<typeof bindPhoneVerificationCodePayloadGuard>;
 export declare const bindMfaPayloadGuard: z.ZodDiscriminatedUnion<"type", [z.ZodObject<{
     type: z.ZodLiteral<MfaFactor.TOTP>;
     code: z.ZodString;
@@ -683,6 +713,18 @@ export declare const bindMfaPayloadGuard: z.ZodDiscriminatedUnion<"type", [z.Zod
     type: MfaFactor.BackupCode;
 }, {
     type: MfaFactor.BackupCode;
+}>, z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.EmailVerificationCode>;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.EmailVerificationCode;
+}, {
+    type: MfaFactor.EmailVerificationCode;
+}>, z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.PhoneVerificationCode>;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.PhoneVerificationCode;
+}, {
+    type: MfaFactor.PhoneVerificationCode;
 }>]>;
 export type BindMfaPayload = z.infer<typeof bindMfaPayloadGuard>;
 /** @deprecated  Legacy interaction API use only */
@@ -819,6 +861,34 @@ export declare const backupCodeVerificationPayloadGuard: z.ZodObject<{
     type: MfaFactor.BackupCode;
 }>;
 export type BackupCodeVerificationPayload = z.infer<typeof backupCodeVerificationPayloadGuard>;
+export declare const emailVerificationCodeVerificationPayloadGuard: z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.EmailVerificationCode>;
+    email: z.ZodString;
+    code: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    code: string;
+    type: MfaFactor.EmailVerificationCode;
+    email: string;
+}, {
+    code: string;
+    type: MfaFactor.EmailVerificationCode;
+    email: string;
+}>;
+export type EmailVerificationCodeVerificationPayload = z.infer<typeof emailVerificationCodeVerificationPayloadGuard>;
+export declare const phoneVerificationCodeVerificationPayloadGuard: z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.PhoneVerificationCode>;
+    phone: z.ZodString;
+    code: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    code: string;
+    type: MfaFactor.PhoneVerificationCode;
+    phone: string;
+}, {
+    code: string;
+    type: MfaFactor.PhoneVerificationCode;
+    phone: string;
+}>;
+export type PhoneVerificationCodeVerificationPayload = z.infer<typeof phoneVerificationCodeVerificationPayloadGuard>;
 export declare const verifyMfaPayloadGuard: z.ZodDiscriminatedUnion<"type", [z.ZodObject<{
     type: z.ZodLiteral<MfaFactor.TOTP>;
     code: z.ZodString;
@@ -945,6 +1015,30 @@ export declare const verifyMfaPayloadGuard: z.ZodDiscriminatedUnion<"type", [z.Z
 }, {
     code: string;
     type: MfaFactor.BackupCode;
+}>, z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.EmailVerificationCode>;
+    email: z.ZodString;
+    code: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    code: string;
+    type: MfaFactor.EmailVerificationCode;
+    email: string;
+}, {
+    code: string;
+    type: MfaFactor.EmailVerificationCode;
+    email: string;
+}>, z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.PhoneVerificationCode>;
+    phone: z.ZodString;
+    code: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    code: string;
+    type: MfaFactor.PhoneVerificationCode;
+    phone: string;
+}, {
+    code: string;
+    type: MfaFactor.PhoneVerificationCode;
+    phone: string;
 }>]>;
 export type VerifyMfaPayload = z.infer<typeof verifyMfaPayloadGuard>;
 export declare const pendingTotpGuard: z.ZodObject<{
@@ -980,6 +1074,28 @@ export declare const pendingBackupCodeGuard: z.ZodObject<{
     codes: string[];
 }>;
 export type PendingBackupCode = z.infer<typeof pendingBackupCodeGuard>;
+export declare const pendingEmailVerificationCodeGuard: z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.EmailVerificationCode>;
+    email: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.EmailVerificationCode;
+    email: string;
+}, {
+    type: MfaFactor.EmailVerificationCode;
+    email: string;
+}>;
+export type PendingEmailVerificationCode = z.infer<typeof pendingEmailVerificationCodeGuard>;
+export declare const pendingPhoneVerificationCodeGuard: z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.PhoneVerificationCode>;
+    phone: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.PhoneVerificationCode;
+    phone: string;
+}, {
+    type: MfaFactor.PhoneVerificationCode;
+    phone: string;
+}>;
+export type PendingPhoneVerificationCode = z.infer<typeof pendingPhoneVerificationCodeGuard>;
 export declare const pendingMfaGuard: z.ZodDiscriminatedUnion<"type", [z.ZodObject<{
     type: z.ZodLiteral<MfaFactor.TOTP>;
     secret: z.ZodString;
@@ -1007,6 +1123,24 @@ export declare const pendingMfaGuard: z.ZodDiscriminatedUnion<"type", [z.ZodObje
 }, {
     type: MfaFactor.BackupCode;
     codes: string[];
+}>, z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.EmailVerificationCode>;
+    email: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.EmailVerificationCode;
+    email: string;
+}, {
+    type: MfaFactor.EmailVerificationCode;
+    email: string;
+}>, z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.PhoneVerificationCode>;
+    phone: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.PhoneVerificationCode;
+    phone: string;
+}, {
+    type: MfaFactor.PhoneVerificationCode;
+    phone: string;
 }>]>;
 export type PendingMfa = z.infer<typeof pendingMfaGuard>;
 export declare const bindTotpGuard: z.ZodObject<{
@@ -1057,6 +1191,28 @@ export declare const bindBackupCodeGuard: z.ZodObject<{
     codes: string[];
 }>;
 export type BindBackupCode = z.infer<typeof bindBackupCodeGuard>;
+export declare const bindEmailVerificationCodeGuard: z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.EmailVerificationCode>;
+    email: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.EmailVerificationCode;
+    email: string;
+}, {
+    type: MfaFactor.EmailVerificationCode;
+    email: string;
+}>;
+export type BindEmailVerificationCode = z.infer<typeof bindEmailVerificationCodeGuard>;
+export declare const bindPhoneVerificationCodeGuard: z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.PhoneVerificationCode>;
+    phone: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.PhoneVerificationCode;
+    phone: string;
+}, {
+    type: MfaFactor.PhoneVerificationCode;
+    phone: string;
+}>;
+export type BindPhoneVerificationCode = z.infer<typeof bindPhoneVerificationCodeGuard>;
 export declare const bindMfaGuard: z.ZodDiscriminatedUnion<"type", [z.ZodObject<{
     type: z.ZodLiteral<MfaFactor.TOTP>;
     secret: z.ZodString;
@@ -1099,6 +1255,24 @@ export declare const bindMfaGuard: z.ZodDiscriminatedUnion<"type", [z.ZodObject<
 }, {
     type: MfaFactor.BackupCode;
     codes: string[];
+}>, z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.EmailVerificationCode>;
+    email: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.EmailVerificationCode;
+    email: string;
+}, {
+    type: MfaFactor.EmailVerificationCode;
+    email: string;
+}>, z.ZodObject<{
+    type: z.ZodLiteral<MfaFactor.PhoneVerificationCode>;
+    phone: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.PhoneVerificationCode;
+    phone: string;
+}, {
+    type: MfaFactor.PhoneVerificationCode;
+    phone: string;
 }>]>;
 export type BindMfa = z.infer<typeof bindMfaGuard>;
 export declare const verifyMfaResultGuard: z.ZodObject<{

package/lib/types/interactions.js

@@ -1,5 +1,5 @@
 /* eslint-disable max-lines */
-import { emailRegEx, phoneRegEx, usernameRegEx } from '@logto/core-kit';
+import { emailRegEx, numberAndAlphabetRegEx, phoneRegEx, usernameRegEx } from '@logto/core-kit';
 import { z } from 'zod';
 import { AdditionalIdentifier, MfaFactor, SignInIdentifier, jsonObjectGuard, webAuthnTransportGuard, } from '../foundations/index.js';
 import { emailVerificationCodePayloadGuard, phoneVerificationCodePayloadGuard, } from './verification-code.js';
@@ -28,6 +28,7 @@ export const verificationCodeIdentifierGuard = z.object({
 export const socialAuthorizationUrlPayloadGuard = z.object({
     state: z.string(),
     redirectUri: z.string(),
+    scope: z.string().optional(),
 });
 export const socialVerificationCallbackPayloadGuard = z.object({
     connectorData: jsonObjectGuard,
@@ -81,6 +82,10 @@ export const updateProfileApiPayloadGuard = z.discriminatedUnion('type', [
         type: z.literal('social'),
         verificationId: z.string(),
     }),
+    z.object({
+        type: z.literal('extraProfile'),
+        values: z.record(z.string().regex(numberAndAlphabetRegEx), z.unknown()),
+    }),
 ]);
 // ====== Experience API payload guard and types definitions end ======
 /**
@@ -143,6 +148,7 @@ export var MissingProfile;
     MissingProfile["phone"] = "phone";
     MissingProfile["password"] = "password";
     MissingProfile["emailOrPhone"] = "emailOrPhone";
+    MissingProfile["extraProfile"] = "extraProfile";
 })(MissingProfile || (MissingProfile = {}));
 export const bindTotpPayloadGuard = z.object({
     // Unlike identifier payload which has indicator like "email",
@@ -181,10 +187,19 @@ export const bindWebAuthnPayloadGuard = z.object({
 export const bindBackupCodePayloadGuard = z.object({
     type: z.literal(MfaFactor.BackupCode),
 });
+// TODO @sijie: Implement binding
+export const bindEmailVerificationCodePayloadGuard = z.object({
+    type: z.literal(MfaFactor.EmailVerificationCode),
+});
+export const bindPhoneVerificationCodePayloadGuard = z.object({
+    type: z.literal(MfaFactor.PhoneVerificationCode),
+});
 export const bindMfaPayloadGuard = z.discriminatedUnion('type', [
     bindTotpPayloadGuard,
     bindWebAuthnPayloadGuard,
     bindBackupCodePayloadGuard,
+    bindEmailVerificationCodePayloadGuard,
+    bindPhoneVerificationCodePayloadGuard,
 ]);
 /** @deprecated  Legacy interaction API use only */
 export const totpVerificationPayloadGuard = bindTotpPayloadGuard;
@@ -202,10 +217,22 @@ export const backupCodeVerificationPayloadGuard = z.object({
     type: z.literal(MfaFactor.BackupCode),
     code: z.string(),
 });
+export const emailVerificationCodeVerificationPayloadGuard = z.object({
+    type: z.literal(MfaFactor.EmailVerificationCode),
+    email: z.string(),
+    code: z.string(),
+});
+export const phoneVerificationCodeVerificationPayloadGuard = z.object({
+    type: z.literal(MfaFactor.PhoneVerificationCode),
+    phone: z.string(),
+    code: z.string(),
+});
 export const verifyMfaPayloadGuard = z.discriminatedUnion('type', [
     totpVerificationPayloadGuard,
     webAuthnVerificationPayloadGuard,
     backupCodeVerificationPayloadGuard,
+    emailVerificationCodeVerificationPayloadGuard,
+    phoneVerificationCodeVerificationPayloadGuard,
 ]);
 export const pendingTotpGuard = z.object({
     type: z.literal(MfaFactor.TOTP),
@@ -219,12 +246,22 @@ export const pendingBackupCodeGuard = z.object({
     type: z.literal(MfaFactor.BackupCode),
     codes: z.array(z.string()),
 });
+export const pendingEmailVerificationCodeGuard = z.object({
+    type: z.literal(MfaFactor.EmailVerificationCode),
+    email: z.string(),
+});
+export const pendingPhoneVerificationCodeGuard = z.object({
+    type: z.literal(MfaFactor.PhoneVerificationCode),
+    phone: z.string(),
+});
 // Some information like TOTP secret should be generated in the backend
 // and stored in the interaction temporarily.
 export const pendingMfaGuard = z.discriminatedUnion('type', [
     pendingTotpGuard,
     pendingWebAuthnGuard,
     pendingBackupCodeGuard,
+    pendingEmailVerificationCodeGuard,
+    pendingPhoneVerificationCodeGuard,
 ]);
 export const bindTotpGuard = pendingTotpGuard;
 export const bindWebAuthnGuard = z.object({
@@ -237,11 +274,21 @@ export const bindWebAuthnGuard = z.object({
     name: z.string().optional(),
 });
 export const bindBackupCodeGuard = pendingBackupCodeGuard;
+export const bindEmailVerificationCodeGuard = z.object({
+    type: z.literal(MfaFactor.EmailVerificationCode),
+    email: z.string(),
+});
+export const bindPhoneVerificationCodeGuard = z.object({
+    type: z.literal(MfaFactor.PhoneVerificationCode),
+    phone: z.string(),
+});
 // The type for binding new mfa verification to a user, not always equals to the pending type.
 export const bindMfaGuard = z.discriminatedUnion('type', [
     bindTotpGuard,
     bindWebAuthnGuard,
     bindBackupCodeGuard,
+    bindEmailVerificationCodeGuard,
+    bindPhoneVerificationCodeGuard,
 ]);
 export const verifyMfaResultGuard = z.object({
     type: z.nativeEnum(MfaFactor),