@logto/schemas 1.37.0 → 1.38.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/alterations/1.38.0-1772615848-add-oidc-model-instances-grant-id-partial-index.ts +26 -0
- package/alterations/1.38.0-1772619963-tune-oidc-model-instances-autovacuum.ts +28 -0
- package/alterations/1.38.0-1772621060-add-oidc-model-instances-grant-account-id-index.ts +26 -0
- package/alterations-js/1.38.0-1772615848-add-oidc-model-instances-grant-id-partial-index.js +22 -0
- package/alterations-js/1.38.0-1772619963-tune-oidc-model-instances-autovacuum.js +24 -0
- package/alterations-js/1.38.0-1772621060-add-oidc-model-instances-grant-account-id-index.js +22 -0
- package/lib/consts/cookie.d.ts +1 -0
- package/lib/consts/cookie.js +1 -0
- package/lib/consts/experience.d.ts +1 -0
- package/lib/consts/experience.js +1 -0
- package/lib/consts/oidc.d.ts +3 -0
- package/lib/consts/oidc.js +3 -0
- package/lib/consts/system.d.ts +4 -0
- package/lib/consts/system.js +4 -0
- package/lib/foundations/jsonb-types/oidc-module.d.ts +26 -7
- package/lib/foundations/jsonb-types/oidc-module.js +16 -1
- package/lib/foundations/jsonb-types/sign-in-experience.d.ts +10 -6
- package/lib/foundations/jsonb-types/sign-in-experience.js +6 -2
- package/lib/seeds/application.d.ts +3 -1
- package/lib/seeds/application.js +26 -1
- package/lib/types/application.d.ts +12 -0
- package/lib/types/connector.d.ts +8 -0
- package/lib/types/consent.d.ts +11 -3
- package/lib/types/consent.js +2 -1
- package/lib/types/log/interaction.d.ts +4 -2
- package/lib/types/log/interaction.js +2 -0
- package/lib/types/log/token.d.ts +5 -3
- package/lib/types/log/token.js +2 -0
- package/lib/types/logto-config/index.d.ts +276 -13
- package/lib/types/logto-config/index.js +6 -0
- package/lib/types/logto-config/jwt-customizer.d.ts +778 -253
- package/lib/types/logto-config/jwt-customizer.js +7 -3
- package/lib/types/oidc-config.d.ts +2 -1
- package/lib/types/oidc-config.js +1 -0
- package/lib/types/sign-in-experience.d.ts +6 -2
- package/lib/types/user-logto-config.d.ts +38 -0
- package/lib/types/user-logto-config.js +13 -0
- package/lib/types/user-sessions.d.ts +712 -112
- package/lib/types/user-sessions.js +33 -2
- package/lib/types/verification-records/verification-type.d.ts +1 -1
- package/lib/types/verification-records/verification-type.js +1 -1
- package/lib/types/verification-records/web-authn-verification.d.ts +11 -11
- package/lib/types/verification-records/web-authn-verification.js +3 -3
- package/package.json +9 -8
- package/tables/oidc_model_instances.sql +16 -0
package/lib/types/consent.d.ts
CHANGED
|
@@ -158,6 +158,8 @@ export declare const publicApplicationGuard: z.ZodObject<Pick<{
|
|
|
158
158
|
alwaysIssueRefreshToken?: boolean | undefined;
|
|
159
159
|
rotateRefreshToken?: boolean | undefined;
|
|
160
160
|
allowTokenExchange?: boolean | undefined;
|
|
161
|
+
isDeviceFlow?: boolean | undefined;
|
|
162
|
+
maxAllowedGrants?: number | undefined;
|
|
161
163
|
}, z.ZodTypeDef, {
|
|
162
164
|
corsAllowedOrigins?: string[] | undefined;
|
|
163
165
|
idTokenTtl?: number | undefined;
|
|
@@ -167,6 +169,8 @@ export declare const publicApplicationGuard: z.ZodObject<Pick<{
|
|
|
167
169
|
alwaysIssueRefreshToken?: boolean | undefined;
|
|
168
170
|
rotateRefreshToken?: boolean | undefined;
|
|
169
171
|
allowTokenExchange?: boolean | undefined;
|
|
172
|
+
isDeviceFlow?: boolean | undefined;
|
|
173
|
+
maxAllowedGrants?: number | undefined;
|
|
170
174
|
}>;
|
|
171
175
|
protectedAppMetadata: z.ZodType<{
|
|
172
176
|
host: string;
|
|
@@ -477,6 +481,8 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
|
|
|
477
481
|
alwaysIssueRefreshToken?: boolean | undefined;
|
|
478
482
|
rotateRefreshToken?: boolean | undefined;
|
|
479
483
|
allowTokenExchange?: boolean | undefined;
|
|
484
|
+
isDeviceFlow?: boolean | undefined;
|
|
485
|
+
maxAllowedGrants?: number | undefined;
|
|
480
486
|
}, z.ZodTypeDef, {
|
|
481
487
|
corsAllowedOrigins?: string[] | undefined;
|
|
482
488
|
idTokenTtl?: number | undefined;
|
|
@@ -486,6 +492,8 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
|
|
|
486
492
|
alwaysIssueRefreshToken?: boolean | undefined;
|
|
487
493
|
rotateRefreshToken?: boolean | undefined;
|
|
488
494
|
allowTokenExchange?: boolean | undefined;
|
|
495
|
+
isDeviceFlow?: boolean | undefined;
|
|
496
|
+
maxAllowedGrants?: number | undefined;
|
|
489
497
|
}>;
|
|
490
498
|
protectedAppMetadata: z.ZodType<{
|
|
491
499
|
host: string;
|
|
@@ -900,7 +908,7 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
|
|
|
900
908
|
description: string | null;
|
|
901
909
|
}[];
|
|
902
910
|
}>, "many">>;
|
|
903
|
-
redirectUri: z.ZodString
|
|
911
|
+
redirectUri: z.ZodOptional<z.ZodString>;
|
|
904
912
|
}, "strip", z.ZodTypeAny, {
|
|
905
913
|
application: {
|
|
906
914
|
name: string;
|
|
@@ -915,7 +923,6 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
|
|
|
915
923
|
termsOfUseUrl?: string | null | undefined;
|
|
916
924
|
privacyPolicyUrl?: string | null | undefined;
|
|
917
925
|
};
|
|
918
|
-
redirectUri: string;
|
|
919
926
|
user: {
|
|
920
927
|
name: string | null;
|
|
921
928
|
id: string;
|
|
@@ -940,6 +947,7 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
|
|
|
940
947
|
}[];
|
|
941
948
|
}[] | undefined;
|
|
942
949
|
}[] | undefined;
|
|
950
|
+
redirectUri?: string | undefined;
|
|
943
951
|
missingResourceScopes?: {
|
|
944
952
|
resource: {
|
|
945
953
|
name: string;
|
|
@@ -967,7 +975,6 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
|
|
|
967
975
|
termsOfUseUrl?: string | null | undefined;
|
|
968
976
|
privacyPolicyUrl?: string | null | undefined;
|
|
969
977
|
};
|
|
970
|
-
redirectUri: string;
|
|
971
978
|
user: {
|
|
972
979
|
name: string | null;
|
|
973
980
|
id: string;
|
|
@@ -992,6 +999,7 @@ export declare const consentInfoResponseGuard: z.ZodObject<{
|
|
|
992
999
|
}[];
|
|
993
1000
|
}[] | undefined;
|
|
994
1001
|
}[] | undefined;
|
|
1002
|
+
redirectUri?: string | undefined;
|
|
995
1003
|
missingResourceScopes?: {
|
|
996
1004
|
resource: {
|
|
997
1005
|
name: string;
|
package/lib/types/consent.js
CHANGED
|
@@ -47,5 +47,6 @@ export const consentInfoResponseGuard = z.object({
|
|
|
47
47
|
organizations: publicOrganizationGuard.array().optional(),
|
|
48
48
|
missingOIDCScope: z.string().array().optional(),
|
|
49
49
|
missingResourceScopes: missingResourceScopesGuard.array().optional(),
|
|
50
|
-
|
|
50
|
+
// Device flow consent does not require a redirect_uri.
|
|
51
|
+
redirectUri: z.string().optional(),
|
|
51
52
|
});
|
|
@@ -9,9 +9,11 @@ export declare enum Field {
|
|
|
9
9
|
Identifier = "Identifier",
|
|
10
10
|
Profile = "Profile",
|
|
11
11
|
BindMfa = "BindMfa",
|
|
12
|
+
/** @deprecated */
|
|
12
13
|
Mfa = "Mfa",
|
|
13
14
|
Verification = "Verification",
|
|
14
|
-
Captcha = "Captcha"
|
|
15
|
+
Captcha = "Captcha",
|
|
16
|
+
SignInPasskey = "SignInPasskey"
|
|
15
17
|
}
|
|
16
18
|
/** Method to verify the identifier */
|
|
17
19
|
export declare enum Method {
|
|
@@ -73,4 +75,4 @@ export type DeprecatedInteractionLogKey = `${Prefix}.${InteractionEvent}.${Field
|
|
|
73
75
|
* - When {@link Method} is `VerificationCode`, {@link Action} can be `Create` (generate and send a code) or `Submit` (verify and submit to the identifiers);
|
|
74
76
|
* - Otherwise, {@link Action} is fixed to `Submit` (other methods can be verified on submitting).
|
|
75
77
|
*/
|
|
76
|
-
export type LogKey = `${Prefix}.${Action.Create | Action.End}` | `${Prefix}.${Action.Create}.${Field.Captcha}` | `${Prefix}.${InteractionEvent}.${Action.Create | Action.Update | Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.Profile}.${Action.Update}` | `${Prefix}.${InteractionEvent}.${Field.BindMfa}.${MfaFactor}.${Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.Verification}.${VerificationType}.${Action}` | `${Prefix}.${InteractionEvent}.${Field.Identifier}.${Action.Submit}` | `${Prefix}.${InteractionEvent.SignIn}.${Field.Verification}.IdpInitiatedSso.${Action.Create}` | DeprecatedInteractionLogKey;
|
|
78
|
+
export type LogKey = `${Prefix}.${Action.Create | Action.End}` | `${Prefix}.${Action.Create}.${Field.Captcha}` | `${Prefix}.${InteractionEvent}.${Action.Create | Action.Update | Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.Profile}.${Action.Update}` | `${Prefix}.${InteractionEvent}.${Field.BindMfa}.${MfaFactor}.${Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.SignInPasskey}.${Action.Submit}` | `${Prefix}.${InteractionEvent}.${Field.Verification}.${VerificationType}.${Action}` | `${Prefix}.${InteractionEvent}.${Field.Identifier}.${Action.Submit}` | `${Prefix}.${InteractionEvent.SignIn}.${Field.Verification}.IdpInitiatedSso.${Action.Create}` | DeprecatedInteractionLogKey;
|
|
@@ -6,9 +6,11 @@ export var Field;
|
|
|
6
6
|
Field["Identifier"] = "Identifier";
|
|
7
7
|
Field["Profile"] = "Profile";
|
|
8
8
|
Field["BindMfa"] = "BindMfa";
|
|
9
|
+
/** @deprecated */
|
|
9
10
|
Field["Mfa"] = "Mfa";
|
|
10
11
|
Field["Verification"] = "Verification";
|
|
11
12
|
Field["Captcha"] = "Captcha";
|
|
13
|
+
Field["SignInPasskey"] = "SignInPasskey";
|
|
12
14
|
})(Field || (Field = {}));
|
|
13
15
|
/** Method to verify the identifier */
|
|
14
16
|
export var Method;
|
package/lib/types/log/token.d.ts
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
/** The type of a token event. */
|
|
2
2
|
export declare enum Type {
|
|
3
3
|
ExchangeTokenBy = "ExchangeTokenBy",
|
|
4
|
-
RevokeToken = "RevokeToken"
|
|
4
|
+
RevokeToken = "RevokeToken",
|
|
5
|
+
RevokeGrants = "RevokeGrants"
|
|
5
6
|
}
|
|
6
7
|
/** Available grant token types extracted from [oidc-provider](https://github.com/panva/node-oidc-provider/blob/564b1095ee869c89381d63dfdb5875c99f870f5f/lib/helpers/revoke.js#L13). */
|
|
7
8
|
export declare enum TokenType {
|
|
@@ -18,6 +19,7 @@ export declare enum ExchangeByType {
|
|
|
18
19
|
AuthorizationCode = "AuthorizationCode",
|
|
19
20
|
RefreshToken = "RefreshToken",
|
|
20
21
|
ClientCredentials = "ClientCredentials",
|
|
21
|
-
TokenExchange = "TokenExchange"
|
|
22
|
+
TokenExchange = "TokenExchange",
|
|
23
|
+
DeviceCode = "DeviceCode"
|
|
22
24
|
}
|
|
23
|
-
export type LogKey = `${Type.ExchangeTokenBy}.${ExchangeByType}` | `${Type.RevokeToken}`;
|
|
25
|
+
export type LogKey = `${Type.ExchangeTokenBy}.${ExchangeByType}` | `${Type.RevokeToken}` | `${Type.RevokeGrants}`;
|
package/lib/types/log/token.js
CHANGED
|
@@ -3,6 +3,7 @@ export var Type;
|
|
|
3
3
|
(function (Type) {
|
|
4
4
|
Type["ExchangeTokenBy"] = "ExchangeTokenBy";
|
|
5
5
|
Type["RevokeToken"] = "RevokeToken";
|
|
6
|
+
Type["RevokeGrants"] = "RevokeGrants";
|
|
6
7
|
})(Type || (Type = {}));
|
|
7
8
|
/** Available grant token types extracted from [oidc-provider](https://github.com/panva/node-oidc-provider/blob/564b1095ee869c89381d63dfdb5875c99f870f5f/lib/helpers/revoke.js#L13). */
|
|
8
9
|
export var TokenType;
|
|
@@ -22,4 +23,5 @@ export var ExchangeByType;
|
|
|
22
23
|
ExchangeByType["RefreshToken"] = "RefreshToken";
|
|
23
24
|
ExchangeByType["ClientCredentials"] = "ClientCredentials";
|
|
24
25
|
ExchangeByType["TokenExchange"] = "TokenExchange";
|
|
26
|
+
ExchangeByType["DeviceCode"] = "DeviceCode";
|
|
25
27
|
})(ExchangeByType || (ExchangeByType = {}));
|