@logto/schemas 1.9.2 → 1.10.1

package/lib/foundations/jsonb-types/users.d.ts

@@ -0,0 +1,285 @@
+import { z } from 'zod';
+import { MfaFactor } from './sign-in-experience.js';
+export declare const roleNamesGuard: z.ZodArray<z.ZodString, "many">;
+declare const identityGuard: z.ZodObject<{
+    userId: z.ZodString;
+    details: z.ZodOptional<z.ZodObject<{}, "strip", z.ZodTypeAny, {}, {}>>;
+}, "strip", z.ZodTypeAny, {
+    userId: string;
+    details?: {} | undefined;
+}, {
+    userId: string;
+    details?: {} | undefined;
+}>;
+export declare const identitiesGuard: z.ZodRecord<z.ZodString, z.ZodObject<{
+    userId: z.ZodString;
+    details: z.ZodOptional<z.ZodObject<{}, "strip", z.ZodTypeAny, {}, {}>>;
+}, "strip", z.ZodTypeAny, {
+    userId: string;
+    details?: {} | undefined;
+}, {
+    userId: string;
+    details?: {} | undefined;
+}>>;
+export type Identity = z.infer<typeof identityGuard>;
+export type Identities = z.infer<typeof identitiesGuard>;
+export declare const baseMfaVerification: {
+    id: z.ZodString;
+    createdAt: z.ZodString;
+    lastUsedAt: z.ZodOptional<z.ZodString>;
+};
+export declare const mfaVerificationTotp: z.ZodObject<{
+    key: z.ZodString;
+    id: z.ZodString;
+    createdAt: z.ZodString;
+    lastUsedAt: z.ZodOptional<z.ZodString>;
+    type: z.ZodLiteral<MfaFactor.TOTP>;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.TOTP;
+    id: string;
+    key: string;
+    createdAt: string;
+    lastUsedAt?: string | undefined;
+}, {
+    type: MfaFactor.TOTP;
+    id: string;
+    key: string;
+    createdAt: string;
+    lastUsedAt?: string | undefined;
+}>;
+export type MfaVerificationTotp = z.infer<typeof mfaVerificationTotp>;
+export declare const webAuthnTransportGuard: z.ZodEnum<["usb", "nfc", "ble", "internal", "cable", "hybrid", "smart-card"]>;
+export declare const mfaVerificationWebAuthn: z.ZodObject<{
+    credentialId: z.ZodString;
+    publicKey: z.ZodString;
+    transports: z.ZodOptional<z.ZodArray<z.ZodEnum<["usb", "nfc", "ble", "internal", "cable", "hybrid", "smart-card"]>, "many">>;
+    counter: z.ZodNumber;
+    agent: z.ZodString;
+    id: z.ZodString;
+    createdAt: z.ZodString;
+    lastUsedAt: z.ZodOptional<z.ZodString>;
+    type: z.ZodLiteral<MfaFactor.WebAuthn>;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.WebAuthn;
+    id: string;
+    createdAt: string;
+    credentialId: string;
+    publicKey: string;
+    counter: number;
+    agent: string;
+    transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    lastUsedAt?: string | undefined;
+}, {
+    type: MfaFactor.WebAuthn;
+    id: string;
+    createdAt: string;
+    credentialId: string;
+    publicKey: string;
+    counter: number;
+    agent: string;
+    transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    lastUsedAt?: string | undefined;
+}>;
+export type MfaVerificationWebAuthn = z.infer<typeof mfaVerificationWebAuthn>;
+export declare const mfaVerificationBackupCode: z.ZodObject<{
+    codes: z.ZodArray<z.ZodObject<{
+        code: z.ZodString;
+        usedAt: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        code: string;
+        usedAt?: string | undefined;
+    }, {
+        code: string;
+        usedAt?: string | undefined;
+    }>, "many">;
+    id: z.ZodString;
+    createdAt: z.ZodString;
+    lastUsedAt: z.ZodOptional<z.ZodString>;
+    type: z.ZodLiteral<MfaFactor.BackupCode>;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.BackupCode;
+    id: string;
+    createdAt: string;
+    codes: {
+        code: string;
+        usedAt?: string | undefined;
+    }[];
+    lastUsedAt?: string | undefined;
+}, {
+    type: MfaFactor.BackupCode;
+    id: string;
+    createdAt: string;
+    codes: {
+        code: string;
+        usedAt?: string | undefined;
+    }[];
+    lastUsedAt?: string | undefined;
+}>;
+export type MfaVerificationBackupCode = z.infer<typeof mfaVerificationBackupCode>;
+export declare const mfaVerificationGuard: z.ZodDiscriminatedUnion<"type", [z.ZodObject<{
+    key: z.ZodString;
+    id: z.ZodString;
+    createdAt: z.ZodString;
+    lastUsedAt: z.ZodOptional<z.ZodString>;
+    type: z.ZodLiteral<MfaFactor.TOTP>;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.TOTP;
+    id: string;
+    key: string;
+    createdAt: string;
+    lastUsedAt?: string | undefined;
+}, {
+    type: MfaFactor.TOTP;
+    id: string;
+    key: string;
+    createdAt: string;
+    lastUsedAt?: string | undefined;
+}>, z.ZodObject<{
+    credentialId: z.ZodString;
+    publicKey: z.ZodString;
+    transports: z.ZodOptional<z.ZodArray<z.ZodEnum<["usb", "nfc", "ble", "internal", "cable", "hybrid", "smart-card"]>, "many">>;
+    counter: z.ZodNumber;
+    agent: z.ZodString;
+    id: z.ZodString;
+    createdAt: z.ZodString;
+    lastUsedAt: z.ZodOptional<z.ZodString>;
+    type: z.ZodLiteral<MfaFactor.WebAuthn>;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.WebAuthn;
+    id: string;
+    createdAt: string;
+    credentialId: string;
+    publicKey: string;
+    counter: number;
+    agent: string;
+    transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    lastUsedAt?: string | undefined;
+}, {
+    type: MfaFactor.WebAuthn;
+    id: string;
+    createdAt: string;
+    credentialId: string;
+    publicKey: string;
+    counter: number;
+    agent: string;
+    transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    lastUsedAt?: string | undefined;
+}>, z.ZodObject<{
+    codes: z.ZodArray<z.ZodObject<{
+        code: z.ZodString;
+        usedAt: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        code: string;
+        usedAt?: string | undefined;
+    }, {
+        code: string;
+        usedAt?: string | undefined;
+    }>, "many">;
+    id: z.ZodString;
+    createdAt: z.ZodString;
+    lastUsedAt: z.ZodOptional<z.ZodString>;
+    type: z.ZodLiteral<MfaFactor.BackupCode>;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.BackupCode;
+    id: string;
+    createdAt: string;
+    codes: {
+        code: string;
+        usedAt?: string | undefined;
+    }[];
+    lastUsedAt?: string | undefined;
+}, {
+    type: MfaFactor.BackupCode;
+    id: string;
+    createdAt: string;
+    codes: {
+        code: string;
+        usedAt?: string | undefined;
+    }[];
+    lastUsedAt?: string | undefined;
+}>]>;
+export type MfaVerification = z.infer<typeof mfaVerificationGuard>;
+export declare const mfaVerificationsGuard: z.ZodArray<z.ZodDiscriminatedUnion<"type", [z.ZodObject<{
+    key: z.ZodString;
+    id: z.ZodString;
+    createdAt: z.ZodString;
+    lastUsedAt: z.ZodOptional<z.ZodString>;
+    type: z.ZodLiteral<MfaFactor.TOTP>;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.TOTP;
+    id: string;
+    key: string;
+    createdAt: string;
+    lastUsedAt?: string | undefined;
+}, {
+    type: MfaFactor.TOTP;
+    id: string;
+    key: string;
+    createdAt: string;
+    lastUsedAt?: string | undefined;
+}>, z.ZodObject<{
+    credentialId: z.ZodString;
+    publicKey: z.ZodString;
+    transports: z.ZodOptional<z.ZodArray<z.ZodEnum<["usb", "nfc", "ble", "internal", "cable", "hybrid", "smart-card"]>, "many">>;
+    counter: z.ZodNumber;
+    agent: z.ZodString;
+    id: z.ZodString;
+    createdAt: z.ZodString;
+    lastUsedAt: z.ZodOptional<z.ZodString>;
+    type: z.ZodLiteral<MfaFactor.WebAuthn>;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.WebAuthn;
+    id: string;
+    createdAt: string;
+    credentialId: string;
+    publicKey: string;
+    counter: number;
+    agent: string;
+    transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    lastUsedAt?: string | undefined;
+}, {
+    type: MfaFactor.WebAuthn;
+    id: string;
+    createdAt: string;
+    credentialId: string;
+    publicKey: string;
+    counter: number;
+    agent: string;
+    transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] | undefined;
+    lastUsedAt?: string | undefined;
+}>, z.ZodObject<{
+    codes: z.ZodArray<z.ZodObject<{
+        code: z.ZodString;
+        usedAt: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        code: string;
+        usedAt?: string | undefined;
+    }, {
+        code: string;
+        usedAt?: string | undefined;
+    }>, "many">;
+    id: z.ZodString;
+    createdAt: z.ZodString;
+    lastUsedAt: z.ZodOptional<z.ZodString>;
+    type: z.ZodLiteral<MfaFactor.BackupCode>;
+}, "strip", z.ZodTypeAny, {
+    type: MfaFactor.BackupCode;
+    id: string;
+    createdAt: string;
+    codes: {
+        code: string;
+        usedAt?: string | undefined;
+    }[];
+    lastUsedAt?: string | undefined;
+}, {
+    type: MfaFactor.BackupCode;
+    id: string;
+    createdAt: string;
+    codes: {
+        code: string;
+        usedAt?: string | undefined;
+    }[];
+    lastUsedAt?: string | undefined;
+}>]>, "many">;
+export type MfaVerifications = z.infer<typeof mfaVerificationsGuard>;
+export {};

package/lib/foundations/jsonb-types/users.js

@@ -0,0 +1,47 @@
+import { z } from 'zod';
+import { MfaFactor } from './sign-in-experience.js';
+export const roleNamesGuard = z.string().array();
+const identityGuard = z.object({
+    userId: z.string(),
+    details: z.object({}).optional(), // Connector's userinfo details, schemaless
+});
+export const identitiesGuard = z.record(identityGuard);
+export const baseMfaVerification = {
+    id: z.string(),
+    createdAt: z.string(),
+    lastUsedAt: z.string().optional(),
+};
+export const mfaVerificationTotp = z.object({
+    type: z.literal(MfaFactor.TOTP),
+    ...baseMfaVerification,
+    key: z.string(),
+});
+export const webAuthnTransportGuard = z.enum([
+    'usb',
+    'nfc',
+    'ble',
+    'internal',
+    'cable',
+    'hybrid',
+    'smart-card',
+]);
+export const mfaVerificationWebAuthn = z.object({
+    type: z.literal(MfaFactor.WebAuthn),
+    ...baseMfaVerification,
+    credentialId: z.string(),
+    publicKey: z.string(),
+    transports: webAuthnTransportGuard.array().optional(),
+    counter: z.number(),
+    agent: z.string(),
+});
+export const mfaVerificationBackupCode = z.object({
+    type: z.literal(MfaFactor.BackupCode),
+    ...baseMfaVerification,
+    codes: z.object({ code: z.string(), usedAt: z.string().optional() }).array(),
+});
+export const mfaVerificationGuard = z.discriminatedUnion('type', [
+    mfaVerificationTotp,
+    mfaVerificationWebAuthn,
+    mfaVerificationBackupCode,
+]);
+export const mfaVerificationsGuard = mfaVerificationGuard.array();

package/lib/foundations/schemas.d.ts

@@ -1,20 +1,18 @@
 import { type SchemaLike } from '@logto/shared/universal';
-import type { ZodObject, ZodType, ZodOptional } from 'zod';
+import type { ZodObject, ZodType, ZodOptional, ZodTypeAny } from 'zod';
 export type { SchemaLike, SchemaValue, SchemaValuePrimitive } from '@logto/shared/universal';
 type ParseOptional<K> = undefined extends K ? ZodOptional<ZodType<Exclude<K, undefined>>> : ZodType<K>;
-export type CreateGuard<T extends Record<string, unknown>> = ZodObject<{
+export type Guard<T extends SchemaLike<string>> = ZodObject<{
     [key in keyof T]-?: ParseOptional<T[key]>;
-}>;
-export type Guard<T extends Record<string, unknown>> = ZodObject<{
-    [key in keyof T]: ZodType<T[key]>;
-}>;
-export type GeneratedSchema<CreateSchema extends SchemaLike, Schema extends CreateSchema> = keyof Schema extends string ? Readonly<{
-    table: string;
-    tableSingular: string;
+}, 'strip', ZodTypeAny, T, T>;
+export type GeneratedSchema<Key extends string, CreateSchema extends Partial<SchemaLike<Key>>, Schema extends SchemaLike<Key>, Table extends string = string, TableSingular extends string = string> = Readonly<{
+    table: Table;
+    tableSingular: TableSingular;
     fields: {
-        [key in keyof Required<Schema>]: string;
+        [key in Key]: string;
     };
-    fieldKeys: ReadonlyArray<keyof Schema>;
-    createGuard: CreateGuard<CreateSchema>;
+    fieldKeys: readonly Key[];
+    createGuard: Guard<CreateSchema>;
     guard: Guard<Schema>;
-}> : never;
+    updateGuard: Guard<Partial<Schema>>;
+}>;

package/lib/models/tenants.d.ts

@@ -13,27 +13,23 @@ export declare const Tenants: import("@withtyped/server/model").default<"tenants
     tag: TenantTag;
     createdAt: Date;
     isSuspended: boolean;
-}, "createdAt" | "name" | "isSuspended" | "tag", "createdAt">;
+}, "name" | "createdAt" | "isSuspended" | "tag", "createdAt">;
 export type TenantModel = InferModelType<typeof Tenants>;
-export declare const tenantInfoGuard: z.ZodObject<z.extendShape<Pick<{
-    id: z.ZodType<string, z.ZodTypeDef, string>;
-    dbUser: z.ZodType<string | null, z.ZodTypeDef, string | null>;
-    dbUserPassword: z.ZodType<string | null, z.ZodTypeDef, string | null>;
+export declare const tenantInfoGuard: z.ZodObject<{
     name: z.ZodType<string, z.ZodTypeDef, string>;
-    tag: z.ZodType<TenantTag, z.ZodTypeDef, TenantTag>;
-    createdAt: z.ZodType<Date, z.ZodTypeDef, Date>;
+    id: z.ZodType<string, z.ZodTypeDef, string>;
     isSuspended: z.ZodType<boolean, z.ZodTypeDef, boolean>;
-}, "id" | "name" | "isSuspended" | "tag">, {
+    tag: z.ZodType<TenantTag, z.ZodTypeDef, TenantTag>;
     indicator: z.ZodString;
-}>, "strip", z.ZodTypeAny, {
-    id: string;
+}, z.UnknownKeysParam, z.ZodTypeAny, {
     name: string;
+    id: string;
     indicator: string;
     isSuspended: boolean;
     tag: TenantTag;
 }, {
-    id: string;
     name: string;
+    id: string;
     indicator: string;
     isSuspended: boolean;
     tag: TenantTag;

package/lib/seeds/logto-config.js

@@ -5,6 +5,7 @@ export const createDefaultAdminConsoleConfig = (forTenantId) => Object.freeze({
     key: LogtoTenantConfigKey.AdminConsole,
     value: {
         signInExperienceCustomized: false,
+        organizationCreated: false,
     },
 });
 export const createCloudConnectionConfig = (forTenantId, appId, appSecret) => Object.freeze({

package/lib/types/application.d.ts

@@ -1,4 +1,54 @@
-import type { Application } from '../db-entries/index.js';
+import { type z } from 'zod';
+import { type Application } from '../db-entries/index.js';
 export type ApplicationResponse = Application & {
     isAdmin: boolean;
 };
+/**
+ * An application that is featured for display. Usually used in a list of resources that are
+ * related to a group of applications.
+ */
+export type FeaturedApplication = Pick<Application, 'id' | 'name' | 'type'>;
+/** The guard for {@link FeaturedApplication}. */
+export declare const featuredApplicationGuard: z.ZodObject<Pick<{
+    tenantId: z.ZodType<string, z.ZodTypeDef, string>;
+    id: z.ZodType<string, z.ZodTypeDef, string>;
+    name: z.ZodType<string, z.ZodTypeDef, string>;
+    secret: z.ZodType<string, z.ZodTypeDef, string>;
+    description: z.ZodType<string | null, z.ZodTypeDef, string | null>;
+    type: z.ZodType<import("../db-entries/custom-types.js").ApplicationType, z.ZodTypeDef, import("../db-entries/custom-types.js").ApplicationType>;
+    oidcClientMetadata: z.ZodType<{
+        redirectUris: string[];
+        postLogoutRedirectUris: string[];
+        logoUri?: string | undefined;
+    }, z.ZodTypeDef, {
+        redirectUris: string[];
+        postLogoutRedirectUris: string[];
+        logoUri?: string | undefined;
+    }>;
+    customClientMetadata: z.ZodType<{
+        corsAllowedOrigins?: string[] | undefined;
+        idTokenTtl?: number | undefined;
+        refreshTokenTtl?: number | undefined;
+        refreshTokenTtlInDays?: number | undefined;
+        tenantId?: string | undefined;
+        alwaysIssueRefreshToken?: boolean | undefined;
+        rotateRefreshToken?: boolean | undefined;
+    }, z.ZodTypeDef, {
+        corsAllowedOrigins?: string[] | undefined;
+        idTokenTtl?: number | undefined;
+        refreshTokenTtl?: number | undefined;
+        refreshTokenTtlInDays?: number | undefined;
+        tenantId?: string | undefined;
+        alwaysIssueRefreshToken?: boolean | undefined;
+        rotateRefreshToken?: boolean | undefined;
+    }>;
+    createdAt: z.ZodType<number, z.ZodTypeDef, number>;
+}, "type" | "name" | "id">, "strip", z.ZodTypeAny, {
+    type: import("../db-entries/custom-types.js").ApplicationType;
+    name: string;
+    id: string;
+}, {
+    type: import("../db-entries/custom-types.js").ApplicationType;
+    name: string;
+    id: string;
+}>;

package/lib/types/application.js

@@ -1 +1,7 @@
-export {};
+import { Applications } from '../db-entries/index.js';
+/** The guard for {@link FeaturedApplication}. */
+export const featuredApplicationGuard = Applications.guard.pick({
+    id: true,
+    name: true,
+    type: true,
+});