@logto/schemas 1.30.1 → 1.32.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/alterations/1.31.0-1753689065-add-forgot-password-methods-to-sie-table.ts +20 -0
- package/alterations/1.32.0-1756370721-align-app-and-org-sign-in-exp-configs.ts +28 -0
- package/alterations/1.32.0-1756954492-add-default-to-forgot-password-methods.ts +35 -0
- package/alterations/1.32.0-1759041888-add-tenant-date-index-to-daily-active-users-table.ts +18 -0
- package/alterations-js/1.31.0-1753689065-add-forgot-password-methods-to-sie-table.js +16 -0
- package/alterations-js/1.32.0-1756370721-align-app-and-org-sign-in-exp-configs.js +24 -0
- package/alterations-js/1.32.0-1756954492-add-default-to-forgot-password-methods.js +29 -0
- package/alterations-js/1.32.0-1759041888-add-tenant-date-index-to-daily-active-users-table.js +15 -0
- package/lib/consts/oidc.d.ts +11 -0
- package/lib/consts/oidc.js +8 -0
- package/lib/consts/subscriptions.d.ts +8 -2
- package/lib/consts/subscriptions.js +7 -1
- package/lib/db-entries/application-sign-in-experience.d.ts +3 -1
- package/lib/db-entries/application-sign-in-experience.js +4 -0
- package/lib/db-entries/organization.d.ts +10 -2
- package/lib/db-entries/organization.js +9 -1
- package/lib/db-entries/sign-in-experience.d.ts +4 -2
- package/lib/db-entries/sign-in-experience.js +5 -1
- package/lib/foundations/jsonb-types/custom-profile-fields.d.ts +73 -50
- package/lib/foundations/jsonb-types/custom-profile-fields.js +3 -2
- package/lib/foundations/jsonb-types/sign-in-experience.d.ts +6 -0
- package/lib/foundations/jsonb-types/sign-in-experience.js +6 -0
- package/lib/foundations/jsonb-types/users.d.ts +9 -94
- package/lib/foundations/jsonb-types/users.js +1 -11
- package/lib/types/application.d.ts +3 -0
- package/lib/types/consent.d.ts +25 -40
- package/lib/types/cookie.d.ts +4 -0
- package/lib/types/cookie.js +1 -1
- package/lib/types/custom-profile-fields.d.ts +391 -376
- package/lib/types/custom-profile-fields.js +42 -23
- package/lib/types/interactions.d.ts +6 -120
- package/lib/types/interactions.js +1 -31
- package/lib/types/logto-config/index.d.ts +64 -40
- package/lib/types/logto-config/jwt-customizer.d.ts +134 -90
- package/lib/types/mfa.d.ts +2 -2
- package/lib/types/sign-in-experience.d.ts +9 -8
- package/lib/types/sign-in-experience.js +4 -3
- package/lib/types/ssr.d.ts +1 -0
- package/lib/types/user.d.ts +6 -60
- package/lib/types/verification-records/code-verification.d.ts +73 -1
- package/lib/types/verification-records/code-verification.js +14 -0
- package/lib/types/verification-records/verification-type.d.ts +2 -0
- package/lib/types/verification-records/verification-type.js +2 -0
- package/lib/types/verification-records/web-authn-verification.d.ts +16 -2
- package/lib/types/verification-records/web-authn-verification.js +2 -0
- package/package.json +6 -6
- package/tables/application_sign_in_experiences.sql +1 -0
- package/tables/daily_active_users.sql +3 -0
- package/tables/organizations.sql +4 -0
- package/tables/sign_in_experiences.sql +1 -0
|
@@ -12,7 +12,7 @@ type ForgotPassword = {
|
|
|
12
12
|
* the need to load the full connector metadata that is not needed for rendering.
|
|
13
13
|
*/
|
|
14
14
|
export type ExperienceSocialConnector = Omit<ConnectorMetadata, 'description' | 'configTemplate' | 'formItems' | 'readme' | 'customData'>;
|
|
15
|
-
export type FullSignInExperience = SignInExperience & {
|
|
15
|
+
export type FullSignInExperience = Omit<SignInExperience, 'forgotPasswordMethods'> & {
|
|
16
16
|
socialConnectors: ExperienceSocialConnector[];
|
|
17
17
|
ssoConnectors: SsoConnectorMetadata[];
|
|
18
18
|
forgotPassword: ForgotPassword;
|
|
@@ -35,7 +35,7 @@ export type FullSignInExperience = SignInExperience & {
|
|
|
35
35
|
};
|
|
36
36
|
customProfileFields?: Readonly<CustomProfileField[]>;
|
|
37
37
|
};
|
|
38
|
-
export declare const fullSignInExperienceGuard: z.ZodObject<{
|
|
38
|
+
export declare const fullSignInExperienceGuard: z.ZodObject<Omit<{
|
|
39
39
|
tenantId: z.ZodType<string, z.ZodTypeDef, string>;
|
|
40
40
|
id: z.ZodType<string, z.ZodTypeDef, string>;
|
|
41
41
|
color: z.ZodType<{
|
|
@@ -137,7 +137,8 @@ export declare const fullSignInExperienceGuard: z.ZodObject<{
|
|
|
137
137
|
}>;
|
|
138
138
|
sentinelPolicy: z.ZodType<import("../foundations/jsonb-types/sign-in-experience.js").SentinelPolicy, z.ZodTypeDef, import("../foundations/jsonb-types/sign-in-experience.js").SentinelPolicy>;
|
|
139
139
|
emailBlocklistPolicy: z.ZodType<import("../foundations/jsonb-types/sign-in-experience.js").EmailBlocklistPolicy, z.ZodTypeDef, import("../foundations/jsonb-types/sign-in-experience.js").EmailBlocklistPolicy>;
|
|
140
|
-
|
|
140
|
+
forgotPasswordMethods: z.ZodType<import("../foundations/jsonb-types/sign-in-experience.js").ForgotPasswordMethod[] | null, z.ZodTypeDef, import("../foundations/jsonb-types/sign-in-experience.js").ForgotPasswordMethod[] | null>;
|
|
141
|
+
}, "forgotPasswordMethods"> & {
|
|
141
142
|
socialConnectors: z.ZodArray<z.ZodObject<Omit<{
|
|
142
143
|
id: z.ZodString;
|
|
143
144
|
target: z.ZodString;
|
|
@@ -679,13 +680,14 @@ export declare const fullSignInExperienceGuard: z.ZodObject<{
|
|
|
679
680
|
type: CaptchaType;
|
|
680
681
|
siteKey: string;
|
|
681
682
|
}>>;
|
|
682
|
-
customProfileFields: z.
|
|
683
|
+
customProfileFields: z.ZodArray<import("../index.js").Guard<CustomProfileField>, "many">;
|
|
683
684
|
}, "strip", z.ZodTypeAny, {
|
|
684
685
|
id: string;
|
|
685
686
|
tenantId: string;
|
|
686
687
|
mfa: import("../foundations/jsonb-types/sign-in-experience.js").Mfa;
|
|
687
688
|
color: import("../foundations/jsonb-types/sign-in-experience.js").Color;
|
|
688
689
|
branding: import("../foundations/jsonb-types/sign-in-experience.js").Branding;
|
|
690
|
+
customCss: string | null;
|
|
689
691
|
termsOfUseUrl: string | null;
|
|
690
692
|
privacyPolicyUrl: string | null;
|
|
691
693
|
languageInfo: import("../foundations/jsonb-types/sign-in-experience.js").LanguageInfo;
|
|
@@ -695,7 +697,6 @@ export declare const fullSignInExperienceGuard: z.ZodObject<{
|
|
|
695
697
|
socialSignIn: import("../foundations/jsonb-types/sign-in-experience.js").SocialSignIn;
|
|
696
698
|
socialSignInConnectorTargets: import("../foundations/jsonb-types/sign-in-experience.js").ConnectorTargets;
|
|
697
699
|
signInMode: import("../db-entries/custom-types.js").SignInMode;
|
|
698
|
-
customCss: string | null;
|
|
699
700
|
customContent: import("../foundations/jsonb-types/sign-in-experience.js").CustomContent;
|
|
700
701
|
customUiAssets: import("../foundations/jsonb-types/sign-in-experience.js").CustomUiAssets | null;
|
|
701
702
|
passwordPolicy: import("../foundations/jsonb-types/logs.js").PartialPasswordPolicy;
|
|
@@ -858,6 +859,7 @@ export declare const fullSignInExperienceGuard: z.ZodObject<{
|
|
|
858
859
|
phone: boolean;
|
|
859
860
|
};
|
|
860
861
|
isDevelopmentTenant: boolean;
|
|
862
|
+
customProfileFields: CustomProfileField[];
|
|
861
863
|
googleOneTap?: {
|
|
862
864
|
connectorId: string;
|
|
863
865
|
clientId: string;
|
|
@@ -870,13 +872,13 @@ export declare const fullSignInExperienceGuard: z.ZodObject<{
|
|
|
870
872
|
type: CaptchaType;
|
|
871
873
|
siteKey: string;
|
|
872
874
|
} | undefined;
|
|
873
|
-
customProfileFields?: CustomProfileField[] | undefined;
|
|
874
875
|
}, {
|
|
875
876
|
id: string;
|
|
876
877
|
tenantId: string;
|
|
877
878
|
mfa: import("../foundations/jsonb-types/sign-in-experience.js").Mfa;
|
|
878
879
|
color: import("../foundations/jsonb-types/sign-in-experience.js").Color;
|
|
879
880
|
branding: import("../foundations/jsonb-types/sign-in-experience.js").Branding;
|
|
881
|
+
customCss: string | null;
|
|
880
882
|
termsOfUseUrl: string | null;
|
|
881
883
|
privacyPolicyUrl: string | null;
|
|
882
884
|
languageInfo: import("../foundations/jsonb-types/sign-in-experience.js").LanguageInfo;
|
|
@@ -886,7 +888,6 @@ export declare const fullSignInExperienceGuard: z.ZodObject<{
|
|
|
886
888
|
socialSignIn: import("../foundations/jsonb-types/sign-in-experience.js").SocialSignIn;
|
|
887
889
|
socialSignInConnectorTargets: import("../foundations/jsonb-types/sign-in-experience.js").ConnectorTargets;
|
|
888
890
|
signInMode: import("../db-entries/custom-types.js").SignInMode;
|
|
889
|
-
customCss: string | null;
|
|
890
891
|
customContent: import("../foundations/jsonb-types/sign-in-experience.js").CustomContent;
|
|
891
892
|
customUiAssets: import("../foundations/jsonb-types/sign-in-experience.js").CustomUiAssets | null;
|
|
892
893
|
passwordPolicy: import("../foundations/jsonb-types/logs.js").PartialPasswordPolicy;
|
|
@@ -1049,6 +1050,7 @@ export declare const fullSignInExperienceGuard: z.ZodObject<{
|
|
|
1049
1050
|
phone: boolean;
|
|
1050
1051
|
};
|
|
1051
1052
|
isDevelopmentTenant: boolean;
|
|
1053
|
+
customProfileFields: CustomProfileField[];
|
|
1052
1054
|
googleOneTap?: {
|
|
1053
1055
|
connectorId: string;
|
|
1054
1056
|
clientId: string;
|
|
@@ -1061,6 +1063,5 @@ export declare const fullSignInExperienceGuard: z.ZodObject<{
|
|
|
1061
1063
|
type: CaptchaType;
|
|
1062
1064
|
siteKey: string;
|
|
1063
1065
|
} | undefined;
|
|
1064
|
-
customProfileFields?: CustomProfileField[] | undefined;
|
|
1065
1066
|
}>;
|
|
1066
1067
|
export {};
|
|
@@ -3,7 +3,9 @@ import { z } from 'zod';
|
|
|
3
3
|
import { CustomProfileFields, SignInExperiences, } from '../db-entries/index.js';
|
|
4
4
|
import { CaptchaType } from '../foundations/jsonb-types/index.js';
|
|
5
5
|
import { ssoConnectorMetadataGuard } from './sso-connector.js';
|
|
6
|
-
export const fullSignInExperienceGuard = SignInExperiences.guard
|
|
6
|
+
export const fullSignInExperienceGuard = SignInExperiences.guard
|
|
7
|
+
.omit({ forgotPasswordMethods: true })
|
|
8
|
+
.extend({
|
|
7
9
|
socialConnectors: connectorMetadataGuard
|
|
8
10
|
.omit({
|
|
9
11
|
description: true,
|
|
@@ -25,6 +27,5 @@ export const fullSignInExperienceGuard = SignInExperiences.guard.extend({
|
|
|
25
27
|
siteKey: z.string(),
|
|
26
28
|
})
|
|
27
29
|
.optional(),
|
|
28
|
-
|
|
29
|
-
customProfileFields: CustomProfileFields.guard.array().optional(),
|
|
30
|
+
customProfileFields: CustomProfileFields.guard.array(),
|
|
30
31
|
});
|
package/lib/types/ssr.d.ts
CHANGED
package/lib/types/user.d.ts
CHANGED
|
@@ -79,6 +79,7 @@ export declare const userInfoGuard: z.ZodObject<Pick<{
|
|
|
79
79
|
agent: string;
|
|
80
80
|
name?: string | undefined;
|
|
81
81
|
lastUsedAt?: string | undefined;
|
|
82
|
+
rpId?: string | undefined;
|
|
82
83
|
transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
|
|
83
84
|
} | {
|
|
84
85
|
type: MfaFactor.BackupCode;
|
|
@@ -89,16 +90,6 @@ export declare const userInfoGuard: z.ZodObject<Pick<{
|
|
|
89
90
|
usedAt?: string | undefined;
|
|
90
91
|
}[];
|
|
91
92
|
lastUsedAt?: string | undefined;
|
|
92
|
-
} | {
|
|
93
|
-
type: MfaFactor.EmailVerificationCode;
|
|
94
|
-
id: string;
|
|
95
|
-
createdAt: string;
|
|
96
|
-
lastUsedAt?: string | undefined;
|
|
97
|
-
} | {
|
|
98
|
-
type: MfaFactor.PhoneVerificationCode;
|
|
99
|
-
id: string;
|
|
100
|
-
createdAt: string;
|
|
101
|
-
lastUsedAt?: string | undefined;
|
|
102
93
|
})[], z.ZodTypeDef, ({
|
|
103
94
|
type: MfaFactor.TOTP;
|
|
104
95
|
id: string;
|
|
@@ -115,6 +106,7 @@ export declare const userInfoGuard: z.ZodObject<Pick<{
|
|
|
115
106
|
agent: string;
|
|
116
107
|
name?: string | undefined;
|
|
117
108
|
lastUsedAt?: string | undefined;
|
|
109
|
+
rpId?: string | undefined;
|
|
118
110
|
transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
|
|
119
111
|
} | {
|
|
120
112
|
type: MfaFactor.BackupCode;
|
|
@@ -125,16 +117,6 @@ export declare const userInfoGuard: z.ZodObject<Pick<{
|
|
|
125
117
|
usedAt?: string | undefined;
|
|
126
118
|
}[];
|
|
127
119
|
lastUsedAt?: string | undefined;
|
|
128
|
-
} | {
|
|
129
|
-
type: MfaFactor.EmailVerificationCode;
|
|
130
|
-
id: string;
|
|
131
|
-
createdAt: string;
|
|
132
|
-
lastUsedAt?: string | undefined;
|
|
133
|
-
} | {
|
|
134
|
-
type: MfaFactor.PhoneVerificationCode;
|
|
135
|
-
id: string;
|
|
136
|
-
createdAt: string;
|
|
137
|
-
lastUsedAt?: string | undefined;
|
|
138
120
|
})[]>;
|
|
139
121
|
isSuspended: z.ZodType<boolean, z.ZodTypeDef, boolean>;
|
|
140
122
|
lastSignInAt: z.ZodType<number | null, z.ZodTypeDef, number | null>;
|
|
@@ -249,6 +231,7 @@ export declare const userProfileResponseGuard: z.ZodObject<Pick<{
|
|
|
249
231
|
agent: string;
|
|
250
232
|
name?: string | undefined;
|
|
251
233
|
lastUsedAt?: string | undefined;
|
|
234
|
+
rpId?: string | undefined;
|
|
252
235
|
transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
|
|
253
236
|
} | {
|
|
254
237
|
type: MfaFactor.BackupCode;
|
|
@@ -259,16 +242,6 @@ export declare const userProfileResponseGuard: z.ZodObject<Pick<{
|
|
|
259
242
|
usedAt?: string | undefined;
|
|
260
243
|
}[];
|
|
261
244
|
lastUsedAt?: string | undefined;
|
|
262
|
-
} | {
|
|
263
|
-
type: MfaFactor.EmailVerificationCode;
|
|
264
|
-
id: string;
|
|
265
|
-
createdAt: string;
|
|
266
|
-
lastUsedAt?: string | undefined;
|
|
267
|
-
} | {
|
|
268
|
-
type: MfaFactor.PhoneVerificationCode;
|
|
269
|
-
id: string;
|
|
270
|
-
createdAt: string;
|
|
271
|
-
lastUsedAt?: string | undefined;
|
|
272
245
|
})[], z.ZodTypeDef, ({
|
|
273
246
|
type: MfaFactor.TOTP;
|
|
274
247
|
id: string;
|
|
@@ -285,6 +258,7 @@ export declare const userProfileResponseGuard: z.ZodObject<Pick<{
|
|
|
285
258
|
agent: string;
|
|
286
259
|
name?: string | undefined;
|
|
287
260
|
lastUsedAt?: string | undefined;
|
|
261
|
+
rpId?: string | undefined;
|
|
288
262
|
transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
|
|
289
263
|
} | {
|
|
290
264
|
type: MfaFactor.BackupCode;
|
|
@@ -295,16 +269,6 @@ export declare const userProfileResponseGuard: z.ZodObject<Pick<{
|
|
|
295
269
|
usedAt?: string | undefined;
|
|
296
270
|
}[];
|
|
297
271
|
lastUsedAt?: string | undefined;
|
|
298
|
-
} | {
|
|
299
|
-
type: MfaFactor.EmailVerificationCode;
|
|
300
|
-
id: string;
|
|
301
|
-
createdAt: string;
|
|
302
|
-
lastUsedAt?: string | undefined;
|
|
303
|
-
} | {
|
|
304
|
-
type: MfaFactor.PhoneVerificationCode;
|
|
305
|
-
id: string;
|
|
306
|
-
createdAt: string;
|
|
307
|
-
lastUsedAt?: string | undefined;
|
|
308
272
|
})[]>;
|
|
309
273
|
isSuspended: z.ZodType<boolean, z.ZodTypeDef, boolean>;
|
|
310
274
|
lastSignInAt: z.ZodType<number | null, z.ZodTypeDef, number | null>;
|
|
@@ -477,6 +441,7 @@ export declare const featuredUserGuard: z.ZodObject<Pick<{
|
|
|
477
441
|
agent: string;
|
|
478
442
|
name?: string | undefined;
|
|
479
443
|
lastUsedAt?: string | undefined;
|
|
444
|
+
rpId?: string | undefined;
|
|
480
445
|
transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
|
|
481
446
|
} | {
|
|
482
447
|
type: MfaFactor.BackupCode;
|
|
@@ -487,16 +452,6 @@ export declare const featuredUserGuard: z.ZodObject<Pick<{
|
|
|
487
452
|
usedAt?: string | undefined;
|
|
488
453
|
}[];
|
|
489
454
|
lastUsedAt?: string | undefined;
|
|
490
|
-
} | {
|
|
491
|
-
type: MfaFactor.EmailVerificationCode;
|
|
492
|
-
id: string;
|
|
493
|
-
createdAt: string;
|
|
494
|
-
lastUsedAt?: string | undefined;
|
|
495
|
-
} | {
|
|
496
|
-
type: MfaFactor.PhoneVerificationCode;
|
|
497
|
-
id: string;
|
|
498
|
-
createdAt: string;
|
|
499
|
-
lastUsedAt?: string | undefined;
|
|
500
455
|
})[], z.ZodTypeDef, ({
|
|
501
456
|
type: MfaFactor.TOTP;
|
|
502
457
|
id: string;
|
|
@@ -513,6 +468,7 @@ export declare const featuredUserGuard: z.ZodObject<Pick<{
|
|
|
513
468
|
agent: string;
|
|
514
469
|
name?: string | undefined;
|
|
515
470
|
lastUsedAt?: string | undefined;
|
|
471
|
+
rpId?: string | undefined;
|
|
516
472
|
transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
|
|
517
473
|
} | {
|
|
518
474
|
type: MfaFactor.BackupCode;
|
|
@@ -523,16 +479,6 @@ export declare const featuredUserGuard: z.ZodObject<Pick<{
|
|
|
523
479
|
usedAt?: string | undefined;
|
|
524
480
|
}[];
|
|
525
481
|
lastUsedAt?: string | undefined;
|
|
526
|
-
} | {
|
|
527
|
-
type: MfaFactor.EmailVerificationCode;
|
|
528
|
-
id: string;
|
|
529
|
-
createdAt: string;
|
|
530
|
-
lastUsedAt?: string | undefined;
|
|
531
|
-
} | {
|
|
532
|
-
type: MfaFactor.PhoneVerificationCode;
|
|
533
|
-
id: string;
|
|
534
|
-
createdAt: string;
|
|
535
|
-
lastUsedAt?: string | undefined;
|
|
536
482
|
})[]>;
|
|
537
483
|
isSuspended: z.ZodType<boolean, z.ZodTypeDef, boolean>;
|
|
538
484
|
lastSignInAt: z.ZodType<number | null, z.ZodTypeDef, number | null>;
|
|
@@ -2,10 +2,12 @@ import { z } from 'zod';
|
|
|
2
2
|
import { SignInIdentifier, TemplateType } from '../../foundations/index.js';
|
|
3
3
|
import { type VerificationCodeIdentifier } from '../interactions.js';
|
|
4
4
|
import { VerificationType } from './verification-type.js';
|
|
5
|
-
export type CodeVerificationType = VerificationType.EmailVerificationCode | VerificationType.PhoneVerificationCode;
|
|
5
|
+
export type CodeVerificationType = VerificationType.EmailVerificationCode | VerificationType.PhoneVerificationCode | VerificationType.MfaEmailVerificationCode | VerificationType.MfaPhoneVerificationCode;
|
|
6
6
|
type SignInIdentifierTypeOf = {
|
|
7
7
|
[VerificationType.EmailVerificationCode]: SignInIdentifier.Email;
|
|
8
8
|
[VerificationType.PhoneVerificationCode]: SignInIdentifier.Phone;
|
|
9
|
+
[VerificationType.MfaEmailVerificationCode]: SignInIdentifier.Email;
|
|
10
|
+
[VerificationType.MfaPhoneVerificationCode]: SignInIdentifier.Phone;
|
|
9
11
|
};
|
|
10
12
|
export type VerificationCodeIdentifierOf<T extends CodeVerificationType> = VerificationCodeIdentifier<SignInIdentifierTypeOf[T]>;
|
|
11
13
|
/** The JSON data type for the `CodeVerification` record */
|
|
@@ -86,4 +88,74 @@ export declare const phoneCodeVerificationRecordDataGuard: z.ZodObject<{
|
|
|
86
88
|
templateType: TemplateType;
|
|
87
89
|
verified: boolean;
|
|
88
90
|
}>;
|
|
91
|
+
export declare const mfaEmailCodeVerificationRecordDataGuard: z.ZodObject<{
|
|
92
|
+
id: z.ZodString;
|
|
93
|
+
templateType: z.ZodNativeEnum<typeof TemplateType>;
|
|
94
|
+
verified: z.ZodBoolean;
|
|
95
|
+
} & {
|
|
96
|
+
type: z.ZodLiteral<VerificationType.MfaEmailVerificationCode>;
|
|
97
|
+
identifier: z.ZodObject<{
|
|
98
|
+
type: z.ZodLiteral<SignInIdentifier.Email>;
|
|
99
|
+
value: z.ZodString;
|
|
100
|
+
}, "strip", z.ZodTypeAny, {
|
|
101
|
+
value: string;
|
|
102
|
+
type: SignInIdentifier.Email;
|
|
103
|
+
}, {
|
|
104
|
+
value: string;
|
|
105
|
+
type: SignInIdentifier.Email;
|
|
106
|
+
}>;
|
|
107
|
+
}, "strip", z.ZodTypeAny, {
|
|
108
|
+
type: VerificationType.MfaEmailVerificationCode;
|
|
109
|
+
id: string;
|
|
110
|
+
identifier: {
|
|
111
|
+
value: string;
|
|
112
|
+
type: SignInIdentifier.Email;
|
|
113
|
+
};
|
|
114
|
+
templateType: TemplateType;
|
|
115
|
+
verified: boolean;
|
|
116
|
+
}, {
|
|
117
|
+
type: VerificationType.MfaEmailVerificationCode;
|
|
118
|
+
id: string;
|
|
119
|
+
identifier: {
|
|
120
|
+
value: string;
|
|
121
|
+
type: SignInIdentifier.Email;
|
|
122
|
+
};
|
|
123
|
+
templateType: TemplateType;
|
|
124
|
+
verified: boolean;
|
|
125
|
+
}>;
|
|
126
|
+
export declare const mfaPhoneCodeVerificationRecordDataGuard: z.ZodObject<{
|
|
127
|
+
id: z.ZodString;
|
|
128
|
+
templateType: z.ZodNativeEnum<typeof TemplateType>;
|
|
129
|
+
verified: z.ZodBoolean;
|
|
130
|
+
} & {
|
|
131
|
+
type: z.ZodLiteral<VerificationType.MfaPhoneVerificationCode>;
|
|
132
|
+
identifier: z.ZodObject<{
|
|
133
|
+
type: z.ZodLiteral<SignInIdentifier.Phone>;
|
|
134
|
+
value: z.ZodString;
|
|
135
|
+
}, "strip", z.ZodTypeAny, {
|
|
136
|
+
value: string;
|
|
137
|
+
type: SignInIdentifier.Phone;
|
|
138
|
+
}, {
|
|
139
|
+
value: string;
|
|
140
|
+
type: SignInIdentifier.Phone;
|
|
141
|
+
}>;
|
|
142
|
+
}, "strip", z.ZodTypeAny, {
|
|
143
|
+
type: VerificationType.MfaPhoneVerificationCode;
|
|
144
|
+
id: string;
|
|
145
|
+
identifier: {
|
|
146
|
+
value: string;
|
|
147
|
+
type: SignInIdentifier.Phone;
|
|
148
|
+
};
|
|
149
|
+
templateType: TemplateType;
|
|
150
|
+
verified: boolean;
|
|
151
|
+
}, {
|
|
152
|
+
type: VerificationType.MfaPhoneVerificationCode;
|
|
153
|
+
id: string;
|
|
154
|
+
identifier: {
|
|
155
|
+
value: string;
|
|
156
|
+
type: SignInIdentifier.Phone;
|
|
157
|
+
};
|
|
158
|
+
templateType: TemplateType;
|
|
159
|
+
verified: boolean;
|
|
160
|
+
}>;
|
|
89
161
|
export {};
|
|
@@ -20,3 +20,17 @@ export const phoneCodeVerificationRecordDataGuard = basicCodeVerificationRecordD
|
|
|
20
20
|
value: z.string(),
|
|
21
21
|
}),
|
|
22
22
|
});
|
|
23
|
+
export const mfaEmailCodeVerificationRecordDataGuard = basicCodeVerificationRecordDataGuard.extend({
|
|
24
|
+
type: z.literal(VerificationType.MfaEmailVerificationCode),
|
|
25
|
+
identifier: z.object({
|
|
26
|
+
type: z.literal(SignInIdentifier.Email),
|
|
27
|
+
value: z.string(),
|
|
28
|
+
}),
|
|
29
|
+
});
|
|
30
|
+
export const mfaPhoneCodeVerificationRecordDataGuard = basicCodeVerificationRecordDataGuard.extend({
|
|
31
|
+
type: z.literal(VerificationType.MfaPhoneVerificationCode),
|
|
32
|
+
identifier: z.object({
|
|
33
|
+
type: z.literal(SignInIdentifier.Phone),
|
|
34
|
+
value: z.string(),
|
|
35
|
+
}),
|
|
36
|
+
});
|
|
@@ -3,6 +3,8 @@ export declare enum VerificationType {
|
|
|
3
3
|
Password = "Password",
|
|
4
4
|
EmailVerificationCode = "EmailVerificationCode",
|
|
5
5
|
PhoneVerificationCode = "PhoneVerificationCode",
|
|
6
|
+
MfaEmailVerificationCode = "MfaEmailVerificationCode",
|
|
7
|
+
MfaPhoneVerificationCode = "MfaPhoneVerificationCode",
|
|
6
8
|
Social = "Social",
|
|
7
9
|
EnterpriseSso = "EnterpriseSso",
|
|
8
10
|
TOTP = "Totp",
|
|
@@ -4,6 +4,8 @@ export var VerificationType;
|
|
|
4
4
|
VerificationType["Password"] = "Password";
|
|
5
5
|
VerificationType["EmailVerificationCode"] = "EmailVerificationCode";
|
|
6
6
|
VerificationType["PhoneVerificationCode"] = "PhoneVerificationCode";
|
|
7
|
+
VerificationType["MfaEmailVerificationCode"] = "MfaEmailVerificationCode";
|
|
8
|
+
VerificationType["MfaPhoneVerificationCode"] = "MfaPhoneVerificationCode";
|
|
7
9
|
VerificationType["Social"] = "Social";
|
|
8
10
|
VerificationType["EnterpriseSso"] = "EnterpriseSso";
|
|
9
11
|
VerificationType["TOTP"] = "Totp";
|
|
@@ -9,6 +9,8 @@ export type WebAuthnVerificationRecordData = {
|
|
|
9
9
|
verified: boolean;
|
|
10
10
|
/** The challenge generated for the WebAuthn registration */
|
|
11
11
|
registrationChallenge?: string;
|
|
12
|
+
/** The rpId used when generating the registration options */
|
|
13
|
+
registrationRpId?: string;
|
|
12
14
|
/** The challenge generated for the WebAuthn authentication */
|
|
13
15
|
authenticationChallenge?: string;
|
|
14
16
|
registrationInfo?: BindWebAuthn;
|
|
@@ -19,9 +21,11 @@ export declare const webAuthnVerificationRecordDataGuard: z.ZodObject<{
|
|
|
19
21
|
userId: z.ZodString;
|
|
20
22
|
verified: z.ZodBoolean;
|
|
21
23
|
registrationChallenge: z.ZodOptional<z.ZodString>;
|
|
24
|
+
registrationRpId: z.ZodOptional<z.ZodString>;
|
|
22
25
|
authenticationChallenge: z.ZodOptional<z.ZodString>;
|
|
23
26
|
registrationInfo: z.ZodOptional<z.ZodObject<{
|
|
24
27
|
type: z.ZodLiteral<import("../../index.js").MfaFactor.WebAuthn>;
|
|
28
|
+
rpId: z.ZodString;
|
|
25
29
|
credentialId: z.ZodString;
|
|
26
30
|
publicKey: z.ZodString;
|
|
27
31
|
transports: z.ZodArray<z.ZodEnum<["usb", "nfc", "ble", "internal", "cable", "hybrid", "smart-card"]>, "many">;
|
|
@@ -30,6 +34,7 @@ export declare const webAuthnVerificationRecordDataGuard: z.ZodObject<{
|
|
|
30
34
|
name: z.ZodOptional<z.ZodString>;
|
|
31
35
|
}, "strip", z.ZodTypeAny, {
|
|
32
36
|
type: import("../../index.js").MfaFactor.WebAuthn;
|
|
37
|
+
rpId: string;
|
|
33
38
|
credentialId: string;
|
|
34
39
|
publicKey: string;
|
|
35
40
|
transports: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[];
|
|
@@ -38,6 +43,7 @@ export declare const webAuthnVerificationRecordDataGuard: z.ZodObject<{
|
|
|
38
43
|
name?: string | undefined;
|
|
39
44
|
}, {
|
|
40
45
|
type: import("../../index.js").MfaFactor.WebAuthn;
|
|
46
|
+
rpId: string;
|
|
41
47
|
credentialId: string;
|
|
42
48
|
publicKey: string;
|
|
43
49
|
transports: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[];
|
|
@@ -51,9 +57,11 @@ export declare const webAuthnVerificationRecordDataGuard: z.ZodObject<{
|
|
|
51
57
|
userId: string;
|
|
52
58
|
verified: boolean;
|
|
53
59
|
registrationChallenge?: string | undefined;
|
|
60
|
+
registrationRpId?: string | undefined;
|
|
54
61
|
authenticationChallenge?: string | undefined;
|
|
55
62
|
registrationInfo?: {
|
|
56
63
|
type: import("../../index.js").MfaFactor.WebAuthn;
|
|
64
|
+
rpId: string;
|
|
57
65
|
credentialId: string;
|
|
58
66
|
publicKey: string;
|
|
59
67
|
transports: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[];
|
|
@@ -67,9 +75,11 @@ export declare const webAuthnVerificationRecordDataGuard: z.ZodObject<{
|
|
|
67
75
|
userId: string;
|
|
68
76
|
verified: boolean;
|
|
69
77
|
registrationChallenge?: string | undefined;
|
|
78
|
+
registrationRpId?: string | undefined;
|
|
70
79
|
authenticationChallenge?: string | undefined;
|
|
71
80
|
registrationInfo?: {
|
|
72
81
|
type: import("../../index.js").MfaFactor.WebAuthn;
|
|
82
|
+
rpId: string;
|
|
73
83
|
credentialId: string;
|
|
74
84
|
publicKey: string;
|
|
75
85
|
transports: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[];
|
|
@@ -78,16 +88,18 @@ export declare const webAuthnVerificationRecordDataGuard: z.ZodObject<{
|
|
|
78
88
|
name?: string | undefined;
|
|
79
89
|
} | undefined;
|
|
80
90
|
}>;
|
|
81
|
-
export type SanitizedWebAuthnVerificationRecordData = Omit<WebAuthnVerificationRecordData, 'registrationInfo' | 'registrationChallenge' | 'authenticationChallenge'>;
|
|
91
|
+
export type SanitizedWebAuthnVerificationRecordData = Omit<WebAuthnVerificationRecordData, 'registrationInfo' | 'registrationChallenge' | 'registrationRpId' | 'authenticationChallenge'>;
|
|
82
92
|
export declare const sanitizedWebAuthnVerificationRecordDataGuard: z.ZodObject<Omit<{
|
|
83
93
|
id: z.ZodString;
|
|
84
94
|
type: z.ZodLiteral<VerificationType.WebAuthn>;
|
|
85
95
|
userId: z.ZodString;
|
|
86
96
|
verified: z.ZodBoolean;
|
|
87
97
|
registrationChallenge: z.ZodOptional<z.ZodString>;
|
|
98
|
+
registrationRpId: z.ZodOptional<z.ZodString>;
|
|
88
99
|
authenticationChallenge: z.ZodOptional<z.ZodString>;
|
|
89
100
|
registrationInfo: z.ZodOptional<z.ZodObject<{
|
|
90
101
|
type: z.ZodLiteral<import("../../index.js").MfaFactor.WebAuthn>;
|
|
102
|
+
rpId: z.ZodString;
|
|
91
103
|
credentialId: z.ZodString;
|
|
92
104
|
publicKey: z.ZodString;
|
|
93
105
|
transports: z.ZodArray<z.ZodEnum<["usb", "nfc", "ble", "internal", "cable", "hybrid", "smart-card"]>, "many">;
|
|
@@ -96,6 +108,7 @@ export declare const sanitizedWebAuthnVerificationRecordDataGuard: z.ZodObject<O
|
|
|
96
108
|
name: z.ZodOptional<z.ZodString>;
|
|
97
109
|
}, "strip", z.ZodTypeAny, {
|
|
98
110
|
type: import("../../index.js").MfaFactor.WebAuthn;
|
|
111
|
+
rpId: string;
|
|
99
112
|
credentialId: string;
|
|
100
113
|
publicKey: string;
|
|
101
114
|
transports: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[];
|
|
@@ -104,6 +117,7 @@ export declare const sanitizedWebAuthnVerificationRecordDataGuard: z.ZodObject<O
|
|
|
104
117
|
name?: string | undefined;
|
|
105
118
|
}, {
|
|
106
119
|
type: import("../../index.js").MfaFactor.WebAuthn;
|
|
120
|
+
rpId: string;
|
|
107
121
|
credentialId: string;
|
|
108
122
|
publicKey: string;
|
|
109
123
|
transports: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[];
|
|
@@ -111,7 +125,7 @@ export declare const sanitizedWebAuthnVerificationRecordDataGuard: z.ZodObject<O
|
|
|
111
125
|
agent: string;
|
|
112
126
|
name?: string | undefined;
|
|
113
127
|
}>>;
|
|
114
|
-
}, "registrationChallenge" | "authenticationChallenge" | "registrationInfo">, "strip", z.ZodTypeAny, {
|
|
128
|
+
}, "registrationChallenge" | "registrationRpId" | "authenticationChallenge" | "registrationInfo">, "strip", z.ZodTypeAny, {
|
|
115
129
|
type: VerificationType.WebAuthn;
|
|
116
130
|
id: string;
|
|
117
131
|
userId: string;
|
|
@@ -7,11 +7,13 @@ export const webAuthnVerificationRecordDataGuard = z.object({
|
|
|
7
7
|
userId: z.string(),
|
|
8
8
|
verified: z.boolean(),
|
|
9
9
|
registrationChallenge: z.string().optional(),
|
|
10
|
+
registrationRpId: z.string().optional(),
|
|
10
11
|
authenticationChallenge: z.string().optional(),
|
|
11
12
|
registrationInfo: bindWebAuthnGuard.optional(),
|
|
12
13
|
});
|
|
13
14
|
export const sanitizedWebAuthnVerificationRecordDataGuard = webAuthnVerificationRecordDataGuard.omit({
|
|
14
15
|
registrationInfo: true,
|
|
15
16
|
registrationChallenge: true,
|
|
17
|
+
registrationRpId: true,
|
|
16
18
|
authenticationChallenge: true,
|
|
17
19
|
});
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@logto/schemas",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.32.0",
|
|
4
4
|
"author": "Silverhand Inc. <contact@silverhand.io>",
|
|
5
5
|
"license": "MPL-2.0",
|
|
6
6
|
"type": "module",
|
|
@@ -65,12 +65,12 @@
|
|
|
65
65
|
"dependencies": {
|
|
66
66
|
"@withtyped/server": "^0.14.0",
|
|
67
67
|
"nanoid": "^5.0.9",
|
|
68
|
-
"@logto/
|
|
69
|
-
"@logto/
|
|
70
|
-
"@logto/phrases-experience": "^1.
|
|
68
|
+
"@logto/core-kit": "^2.6.1",
|
|
69
|
+
"@logto/connector-kit": "^4.6.0",
|
|
70
|
+
"@logto/phrases-experience": "^1.12.0",
|
|
71
|
+
"@logto/phrases": "^1.21.0",
|
|
71
72
|
"@logto/shared": "^3.3.0",
|
|
72
|
-
"@logto/
|
|
73
|
-
"@logto/core-kit": "^2.6.1"
|
|
73
|
+
"@logto/language-kit": "^1.2.0"
|
|
74
74
|
},
|
|
75
75
|
"peerDependencies": {
|
|
76
76
|
"zod": "3.24.3"
|
|
@@ -8,6 +8,7 @@ create table application_sign_in_experiences (
|
|
|
8
8
|
references applications (id) on update cascade on delete cascade,
|
|
9
9
|
color jsonb /* @use PartialColor */ not null default '{}'::jsonb,
|
|
10
10
|
branding jsonb /* @use Branding */ not null default '{}'::jsonb,
|
|
11
|
+
custom_css text,
|
|
11
12
|
terms_of_use_url varchar(2048),
|
|
12
13
|
privacy_policy_url varchar(2048),
|
|
13
14
|
display_name varchar(256),
|
package/tables/organizations.sql
CHANGED
|
@@ -14,8 +14,12 @@ create table organizations (
|
|
|
14
14
|
custom_data jsonb /* @use JsonObject */ not null default '{}'::jsonb,
|
|
15
15
|
/** Whether multi-factor authentication configuration is required for the members of the organization. */
|
|
16
16
|
is_mfa_required boolean not null default false,
|
|
17
|
+
/** The organization's branding color configuration. */
|
|
18
|
+
color jsonb /* @use PartialColor */ not null default '{}'::jsonb,
|
|
17
19
|
/** The organization's branding configuration. */
|
|
18
20
|
branding jsonb /* @use Branding */ not null default '{}'::jsonb,
|
|
21
|
+
/** The custom CSS of the organization. */
|
|
22
|
+
custom_css text,
|
|
19
23
|
/** When the organization was created. */
|
|
20
24
|
created_at timestamptz not null default(now()),
|
|
21
25
|
primary key (id)
|
|
@@ -29,5 +29,6 @@ create table sign_in_experiences (
|
|
|
29
29
|
captcha_policy jsonb /* @use CaptchaPolicy */ not null default '{}'::jsonb,
|
|
30
30
|
sentinel_policy jsonb /* @use SentinelPolicy */ not null default '{}'::jsonb,
|
|
31
31
|
email_blocklist_policy jsonb /* @use EmailBlocklistPolicy */ not null default '{}'::jsonb,
|
|
32
|
+
forgot_password_methods jsonb /* @use ForgotPasswordMethods */ default '[]'::jsonb,
|
|
32
33
|
primary key (tenant_id, id)
|
|
33
34
|
);
|