zudoku 0.74.0 → 0.74.2

package/dist/cli/cli.js

@@ -3193,7 +3193,6 @@ var init_ZudokuConfig = __esm({
             "apple",
             "yahoo",
             "password",
-            "phone",
             "emailLink"
           ])
         ).optional(),
@@ -3319,6 +3318,7 @@ var init_ZudokuConfig = __esm({
       dir: z7.enum(["ltr", "rtl"]).optional(),
       logo: LogoSchema,
       showPoweredBy: z7.boolean().optional(),
+      notFoundPage: z7.custom(),
       banner: z7.object({
         message: z7.custom(),
         color: z7.custom(
@@ -3813,7 +3813,7 @@ import {
 // package.json
 var package_default = {
   name: "zudoku",
-  version: "0.73.1",
+  version: "0.74.1",
   type: "module",
   sideEffects: [
     "**/*.css",
@@ -3893,7 +3893,7 @@ var package_default = {
     "@apidevtools/json-schema-ref-parser": "15.3.1",
     "@envelop/core": "5.5.1",
     "@graphql-typed-document-node/core": "3.2.0",
-    "@hono/node-server": "1.19.11",
+    "@hono/node-server": "1.19.13",
     "@lekoarts/rehype-meta-as-attributes": "3.0.3",
     "@mdx-js/react": "3.1.1",
     "@mdx-js/rollup": "3.1.1",
@@ -3930,8 +3930,8 @@ var package_default = {
     "@shikijs/transformers": "3.23.0",
     "@tailwindcss/typography": "0.5.19",
     "@tailwindcss/vite": "4.2.1",
-    "@tanem/react-nprogress": "6.0.2",
-    "@tanstack/react-query": "5.90.21",
+    "@tanem/react-nprogress": "6.0.3",
+    "@tanstack/react-query": "5.97.0",
     "@types/react": "catalog:",
     "@types/react-dom": "catalog:",
     "@vitejs/plugin-react": "5.1.4",
@@ -3958,7 +3958,7 @@ var package_default = {
     "hast-util-heading-rank": "3.0.0",
     "hast-util-to-jsx-runtime": "2.3.6",
     "hast-util-to-string": "3.0.1",
-    hono: "4.12.5",
+    hono: "4.12.12",
     "http-terminator": "3.2.0",
     "javascript-stringify": "2.1.0",
     "json-schema-to-typescript-lite": "15.0.0",
@@ -4003,14 +4003,14 @@ var package_default = {
     "unist-util-visit": "5.1.0",
     vaul: "1.1.2",
     vfile: "6.0.3",
-    vite: "7.3.1",
+    vite: "7.3.2",
     yaml: "2.8.3",
     yargs: "18.0.0",
     zod: "4.3.6",
     zustand: "5.0.12"
   },
   devDependencies: {
-    "@clerk/clerk-js": "^5.125.3",
+    "@clerk/clerk-js": "^6.0.0",
     "@graphql-codegen/cli": "6.1.2",
     "@inkeep/cxkit-types": "0.5.116",
     "@testing-library/dom": "catalog:",
@@ -4034,7 +4034,7 @@ var package_default = {
     react: "catalog:",
     "react-dom": "catalog:",
     tsx: "4.21.0",
-    typescript: "5.9.3"
+    typescript: "catalog:"
   },
   peerDependencies: {
     "@azure/msal-browser": "^4.13.0",
@@ -4918,6 +4918,131 @@ var WebhookItem = builder.objectRef("WebhookItem").implement({
     operationId: t.exposeString("operationId", { nullable: true })
   })
 });
+var SecuritySchemeTypeEnum = builder.enumType("SecuritySchemeType", {
+  values: ["apiKey", "http", "oauth2", "openIdConnect", "mutualTLS"]
+});
+var SecuritySchemeInEnum = builder.enumType("SecuritySchemeIn", {
+  values: ["header", "query", "cookie"]
+});
+var OAuthScopeItem = builder.objectRef("OAuthScopeItem").implement({
+  fields: (t) => ({
+    name: t.exposeString("name"),
+    description: t.exposeString("description")
+  })
+});
+var OAuthFlowItem = builder.objectRef("OAuthFlowItem").implement({
+  fields: (t) => ({
+    authorizationUrl: t.exposeString("authorizationUrl", { nullable: true }),
+    tokenUrl: t.exposeString("tokenUrl", { nullable: true }),
+    refreshUrl: t.exposeString("refreshUrl", { nullable: true }),
+    scopes: t.field({
+      type: [OAuthScopeItem],
+      resolve: (parent) => Object.entries(parent.scopes ?? {}).map(([name, description]) => ({
+        name,
+        description
+      }))
+    })
+  })
+});
+var OAuthFlowsItem = builder.objectRef("OAuthFlowsItem").implement({
+  fields: (t) => ({
+    implicit: t.field({
+      type: OAuthFlowItem,
+      resolve: (parent) => parent.implicit ?? null,
+      nullable: true
+    }),
+    password: t.field({
+      type: OAuthFlowItem,
+      resolve: (parent) => parent.password ?? null,
+      nullable: true
+    }),
+    clientCredentials: t.field({
+      type: OAuthFlowItem,
+      resolve: (parent) => parent.clientCredentials ?? null,
+      nullable: true
+    }),
+    authorizationCode: t.field({
+      type: OAuthFlowItem,
+      resolve: (parent) => parent.authorizationCode ?? null,
+      nullable: true
+    })
+  })
+});
+var SecuritySchemeItem = builder.objectRef("SecuritySchemeItem").implement({
+  fields: (t) => ({
+    name: t.exposeString("name"),
+    type: t.field({
+      type: SecuritySchemeTypeEnum,
+      resolve: (parent) => parent.type
+    }),
+    description: t.exposeString("description", { nullable: true }),
+    in: t.field({
+      type: SecuritySchemeInEnum,
+      resolve: (parent) => parent.in ?? null,
+      nullable: true
+    }),
+    paramName: t.exposeString("paramName", { nullable: true }),
+    scheme: t.exposeString("scheme", { nullable: true }),
+    bearerFormat: t.exposeString("bearerFormat", { nullable: true }),
+    openIdConnectUrl: t.exposeString("openIdConnectUrl", { nullable: true }),
+    flows: t.field({
+      type: OAuthFlowsItem,
+      resolve: (parent) => parent.flows ?? null,
+      nullable: true
+    }),
+    extensions: t.field({
+      type: JSONObjectScalar,
+      resolve: (parent) => parent.extensions ?? null,
+      nullable: true
+    })
+  })
+});
+var SecurityRequirementScheme = builder.objectRef("SecurityRequirementScheme").implement({
+  fields: (t) => ({
+    scheme: t.field({
+      type: SecuritySchemeItem,
+      resolve: (parent) => parent.scheme
+    }),
+    scopes: t.stringList({ resolve: (parent) => parent.scopes })
+  })
+});
+var SecurityRequirementItem = builder.objectRef("SecurityRequirementItem").implement({
+  fields: (t) => ({
+    schemes: t.field({
+      type: [SecurityRequirementScheme],
+      resolve: (parent) => parent.schemes
+    })
+  })
+});
+var resolveSecuritySchemes = (schema2) => {
+  const securitySchemes = schema2.components?.securitySchemes ?? {};
+  return Object.entries(securitySchemes).map(
+    ([name, scheme]) => ({
+      name,
+      type: scheme.type,
+      description: scheme.description,
+      in: scheme.in,
+      paramName: scheme.name,
+      // apiKey's `name` field (parameter name)
+      scheme: scheme.scheme,
+      // http scheme (e.g. "bearer", "basic")
+      bearerFormat: scheme.bearerFormat,
+      openIdConnectUrl: scheme.openIdConnectUrl,
+      flows: scheme.flows,
+      extensions: resolveExtensions(scheme)
+    })
+  );
+};
+var resolveSecurityRequirements = (securityArray, securitySchemes) => {
+  if (!securityArray) return [];
+  return securityArray.map((req) => ({
+    schemes: Object.entries(req).filter(([key]) => !key.startsWith("__")).flatMap(([schemeName, scopes]) => {
+      const scheme = securitySchemes.find((s) => s.name === schemeName);
+      if (!scheme) return [];
+      return [{ scheme, scopes }];
+    })
+  }));
+};
 var resolveWebhooks = (schema2) => {
   const webhooks = schema2.webhooks ?? {};
   return Object.entries(webhooks).flatMap(
@@ -5117,6 +5242,16 @@ var OperationItem = builder.objectRef("OperationItem").implement({
       nullable: true
     }),
     deprecated: t.exposeBoolean("deprecated", { nullable: true }),
+    security: t.field({
+      type: [SecurityRequirementItem],
+      nullable: true,
+      resolve: (parent, _, ctx) => {
+        const securitySchemes = resolveSecuritySchemes(ctx.schema);
+        const securityArray = parent.security ?? ctx.schema.security;
+        if (!securityArray) return null;
+        return resolveSecurityRequirements(securityArray, securitySchemes);
+      }
+    }),
     extensions: t.field({
       type: JSONObjectScalar,
       resolve: (parent) => resolveExtensions(parent),
@@ -5147,6 +5282,11 @@ Components.implement({
         }));
       },
       nullable: true
+    }),
+    securitySchemes: t.field({
+      type: [SecuritySchemeItem],
+      resolve: (_parent, _args, ctx) => resolveSecuritySchemes(ctx.schema),
+      nullable: true
     })
   })
 });
@@ -5244,6 +5384,15 @@ var Schema = builder.objectRef("Schema").implement({
       resolve: (root) => root.components,
       nullable: true
     }),
+    security: t.field({
+      type: [SecurityRequirementItem],
+      nullable: true,
+      resolve: (root) => {
+        const securitySchemes = resolveSecuritySchemes(root);
+        if (!root.security) return null;
+        return resolveSecurityRequirements(root.security, securitySchemes);
+      }
+    }),
     extensions: t.field({
       type: JSONObjectScalar,
       resolve: (root) => resolveExtensions(root),
@@ -6125,6 +6274,7 @@ var viteApiPlugin = async () => {
               `    supportedLanguages: config.defaults?.apis?.supportedLanguages,`,
               `    disablePlayground: config.defaults?.apis?.disablePlayground,`,
               `    disableSidecar: config.defaults?.apis?.disableSidecar,`,
+              `    disableSecurity: config.defaults?.apis?.disableSecurity ?? true,`,
               `    showVersionSelect: config.defaults?.apis?.showVersionSelect ?? "if-available",`,
               `    expandAllTags: config.defaults?.apis?.expandAllTags ?? true,`,
               `    showInfoPage: config.defaults?.apis?.showInfoPage ?? true,`,
@@ -6149,6 +6299,7 @@ var viteApiPlugin = async () => {
               `    supportedLanguages: config.defaults?.apis?.supportedLanguages,`,
               `    disablePlayground: config.defaults?.apis?.disablePlayground,`,
               `    disableSidecar: config.defaults?.apis?.disableSidecar,`,
+              `    disableSecurity: config.defaults?.apis?.disableSecurity ?? true,`,
               `    showVersionSelect: config.defaults?.apis?.showVersionSelect ?? "if-available",`,
               `    expandAllTags: config.defaults?.apis?.expandAllTags ?? false,`,
               `    showInfoPage: config.defaults?.apis?.showInfoPage ?? true,`,
@@ -6612,6 +6763,16 @@ var getMarkdownOutputPath = (distDir, routePath) => {
   const segments = routePath === "/" ? ["index"] : routePath.split("/").filter(Boolean);
   return `${path14.join(distDir, ...segments)}.md`;
 };
+var resolveMarkdownRoutePath = (requestUrl, basePath) => {
+  const pathname = requestUrl.split(/[?#]/)[0] ?? requestUrl;
+  const routePath = joinUrl(
+    pathname.slice(basePath.length).replace(/\.mdx?$/, "")
+  );
+  if (routePath === "/index") {
+    return "/";
+  }
+  return routePath;
+};
 var viteMarkdownExportPlugin = () => {
   let markdownFiles = {};
   let markdownFileInfos = [];
@@ -6663,9 +6824,7 @@ var viteMarkdownExportPlugin = () => {
           return next();
         }
         const basePath = joinUrl(config2.basePath);
-        const routePath = joinUrl(
-          req.url.slice(basePath.length).replace(/\.mdx?$/, "")
-        );
+        const routePath = resolveMarkdownRoutePath(req.url, basePath);
         const filePath = markdownFiles[routePath];
         if (!filePath) return next();
         try {

package/dist/declarations/config/validators/ZudokuConfig.d.ts

@@ -310,7 +310,6 @@ declare const AuthenticationSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
         apple: "apple";
         facebook: "facebook";
         github: "github";
-        phone: "phone";
         twitter: "twitter";
         google: "google";
         microsoft: "microsoft";
@@ -465,6 +464,7 @@ export declare const ZudokuConfig: z.ZodObject<{
             reloadDocument: z.ZodOptional<z.ZodBoolean>;
         }, z.core.$strip>>;
         showPoweredBy: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
+        notFoundPage: z.ZodOptional<z.ZodCustom<NonNullable<ReactNode>, NonNullable<ReactNode>>>;
         banner: z.ZodOptional<z.ZodObject<{
             message: z.ZodCustom<NonNullable<ReactNode>, NonNullable<ReactNode>>;
             color: z.ZodOptional<z.ZodCustom<"info" | (string & {}) | "note" | "tip" | "caution" | "danger", "info" | (string & {}) | "note" | "tip" | "caution" | "danger">>;
@@ -6674,7 +6674,6 @@ export declare const ZudokuConfig: z.ZodObject<{
             apple: "apple";
             facebook: "facebook";
             github: "github";
-            phone: "phone";
             twitter: "twitter";
             google: "google";
             microsoft: "microsoft";

package/dist/declarations/lib/authentication/components/LogoutCallbackHandler.d.ts

@@ -0,0 +1,3 @@
+export declare function LogoutCallbackHandler({ handleLogoutCallback, }: {
+    handleLogoutCallback: () => string;
+}): null;

package/dist/declarations/lib/authentication/providers/firebase.d.ts

@@ -10,5 +10,5 @@ declare module "../state.js" {
         firebase: FirebaseProviderData;
     }
 }
-declare const supabaseAuth: AuthenticationProviderInitializer<FirebaseAuthenticationConfig>;
-export default supabaseAuth;
+declare const firebaseAuth: AuthenticationProviderInitializer<FirebaseAuthenticationConfig>;
+export default firebaseAuth;

package/dist/declarations/lib/authentication/providers/openid.d.ts

@@ -18,6 +18,7 @@ declare module "../state.js" {
     }
 }
 export declare const OPENID_CALLBACK_PATH = "/oauth/callback";
+export declare const OPENID_LOGOUT_CALLBACK_PATH = "/oauth/logout-callback";
 export declare class OpenIDAuthenticationProvider extends CoreAuthenticationPlugin implements AuthenticationPlugin {
     protected client: oauth.Client;
     protected issuer: string;
@@ -48,6 +49,7 @@ export declare class OpenIDAuthenticationProvider extends CoreAuthenticationPlug
     signRequest: (request: Request) => Promise<Request>;
     signOut: (_: AuthActionContext) => Promise<void>;
     onPageLoad: () => Promise<void>;
+    handleLogoutCallback: () => string;
     handleCallback: () => Promise<string>;
     getRoutes(): {
         path: string;

package/dist/declarations/lib/components/Header.d.ts

@@ -1 +1 @@
-export declare const Header: import("react").NamedExoticComponent<object>;
+export declare const Header: import("react").MemoExoticComponent<() => import("react/jsx-runtime").JSX.Element>;

package/dist/declarations/lib/core/ZudokuContext.d.ts

@@ -61,6 +61,7 @@ type Site = Partial<{
         href?: string;
         reloadDocument?: boolean;
     };
+    notFoundPage?: ReactNode;
     banner?: {
         message: ReactNode;
         color?: "note" | "tip" | "info" | "caution" | "danger" | (string & {});
@@ -110,6 +111,7 @@ export declare class ZudokuContext {
     readonly queryClient: QueryClient;
     readonly options: ZudokuContextOptions;
     readonly env: Record<string, string | undefined>;
+    readonly notFoundPage?: ReactNode;
     readonly protectedRoutes: ReturnType<typeof normalizeProtectedRoutes>;
     private readonly plugins;
     private readonly emitter;

package/dist/declarations/lib/plugins/openapi/SecurityRequirements.d.ts

@@ -0,0 +1,21 @@
+import type { SecuritySchemeIn, SecuritySchemeType } from "./graphql/graphql.js";
+type SecurityScheme = {
+    name: string;
+    type: SecuritySchemeType;
+    description?: string | null;
+    in?: SecuritySchemeIn | null;
+    paramName?: string | null;
+    scheme?: string | null;
+    bearerFormat?: string | null;
+    openIdConnectUrl?: string | null;
+};
+type SecurityRequirement = {
+    schemes: Array<{
+        scopes: Array<string>;
+        scheme: SecurityScheme;
+    }>;
+};
+export declare const SecurityRequirements: ({ security, }: {
+    security?: SecurityRequirement[] | null;
+}) => import("react/jsx-runtime").JSX.Element | null;
+export {};

package/dist/declarations/lib/plugins/openapi/SimpleSelect.d.ts

@@ -1,5 +1,5 @@
 import type { ChangeEventHandler } from "react";
-export declare const SimpleSelect: ({ value, onChange, className, options, showChevrons, }: {
+export declare const SimpleSelect: ({ value, onChange, className, options, showChevrons, "aria-label": ariaLabel, }: {
     value: string;
     onChange: ChangeEventHandler<HTMLSelectElement>;
     className?: string;
@@ -8,4 +8,5 @@ export declare const SimpleSelect: ({ value, onChange, className, options, showC
         label: string;
     }[];
     showChevrons?: boolean;
+    "aria-label"?: string;
 }) => import("react/jsx-runtime").JSX.Element;

package/dist/declarations/lib/plugins/openapi/graphql/gql.d.ts

@@ -1,7 +1,7 @@
 export declare function graphql(source: "\n  query ServersQuery($input: JSON!, $type: SchemaType!) {\n    schema(input: $input, type: $type) {\n      url\n      servers {\n        url\n      }\n    }\n  }\n"): typeof import("./graphql.js").ServersQueryDocument;
-export declare function graphql(source: "\n  fragment OperationsFragment on OperationItem {\n    slug\n    summary\n    method\n    description\n    operationId\n    contentTypes\n    path\n    deprecated\n    extensions\n    servers {\n      url\n      description\n    }\n    parameters {\n      name\n      in\n      description\n      required\n      schema\n      style\n      explode\n      allowReserved\n      examples {\n        name\n        description\n        externalValue\n        value\n        summary\n      }\n    }\n    requestBody {\n      content {\n        mediaType\n        encoding {\n          name\n        }\n        examples {\n          name\n          description\n          externalValue\n          value\n          summary\n        }\n        schema\n      }\n      description\n      required\n    }\n    responses {\n      statusCode\n      links\n      description\n      content {\n        examples {\n          name\n          description\n          externalValue\n          value\n          summary\n        }\n        mediaType\n        encoding {\n          name\n        }\n        schema\n      }\n    }\n  }\n"): typeof import("./graphql.js").OperationsFragmentFragmentDoc;
+export declare function graphql(source: "\n  fragment OperationsFragment on OperationItem {\n    slug\n    summary\n    method\n    description\n    operationId\n    contentTypes\n    path\n    deprecated\n    extensions\n    servers {\n      url\n      description\n    }\n    parameters {\n      name\n      in\n      description\n      required\n      schema\n      style\n      explode\n      allowReserved\n      examples {\n        name\n        description\n        externalValue\n        value\n        summary\n      }\n    }\n    security {\n      schemes {\n        scopes\n        scheme {\n          name\n          type\n          description\n          in\n          paramName\n          scheme\n          bearerFormat\n          openIdConnectUrl\n          flows {\n            implicit {\n              authorizationUrl\n              scopes {\n                name\n                description\n              }\n            }\n            password {\n              tokenUrl\n              scopes {\n                name\n                description\n              }\n            }\n            clientCredentials {\n              tokenUrl\n              scopes {\n                name\n                description\n              }\n            }\n            authorizationCode {\n              authorizationUrl\n              tokenUrl\n              scopes {\n                name\n                description\n              }\n            }\n          }\n        }\n      }\n    }\n    requestBody {\n      content {\n        mediaType\n        encoding {\n          name\n        }\n        examples {\n          name\n          description\n          externalValue\n          value\n          summary\n        }\n        schema\n      }\n      description\n      required\n    }\n    responses {\n      statusCode\n      links\n      description\n      content {\n        examples {\n          name\n          description\n          externalValue\n          value\n          summary\n        }\n        mediaType\n        encoding {\n          name\n        }\n        schema\n      }\n    }\n  }\n"): typeof import("./graphql.js").OperationsFragmentFragmentDoc;
 export declare function graphql(source: "\n  query OperationsForTag(\n    $input: JSON!\n    $type: SchemaType!\n    $tag: String\n    $untagged: Boolean\n  ) {\n    schema(input: $input, type: $type) {\n      servers {\n        url\n      }\n      description\n      summary\n      title\n      url\n      version\n      tag(slug: $tag, untagged: $untagged) {\n        name\n        description\n        operations {\n          slug\n          ...OperationsFragment\n        }\n        extensions\n        next {\n          name\n          slug\n          extensions\n        }\n        prev {\n          name\n          slug\n          extensions\n        }\n      }\n    }\n  }\n"): typeof import("./graphql.js").OperationsForTagDocument;
-export declare function graphql(source: "\n  query SchemaInfo($input: JSON!, $type: SchemaType!) {\n    schema(input: $input, type: $type) {\n      servers {\n        url\n        description\n      }\n      license {\n        name\n        url\n        identifier\n      }\n      termsOfService\n      externalDocs {\n        description\n        url\n      }\n      contact {\n        name\n        url\n        email\n      }\n      description\n      summary\n      title\n      url\n      version\n      tags {\n        name\n        description\n      }\n      components {\n        schemas {\n          name\n        }\n      }\n      webhooks {\n        name\n        method\n        summary\n        description\n      }\n    }\n  }\n"): typeof import("./graphql.js").SchemaInfoDocument;
+export declare function graphql(source: "\n  query SchemaInfo($input: JSON!, $type: SchemaType!) {\n    schema(input: $input, type: $type) {\n      servers {\n        url\n        description\n      }\n      license {\n        name\n        url\n        identifier\n      }\n      termsOfService\n      externalDocs {\n        description\n        url\n      }\n      contact {\n        name\n        url\n        email\n      }\n      description\n      summary\n      title\n      url\n      version\n      tags {\n        name\n        description\n        extensions\n      }\n      components {\n        securitySchemes {\n          name\n          type\n          description\n          in\n          paramName\n          scheme\n          bearerFormat\n          openIdConnectUrl\n          flows {\n            implicit {\n              authorizationUrl\n              scopes {\n                name\n                description\n              }\n            }\n            password {\n              tokenUrl\n              scopes {\n                name\n                description\n              }\n            }\n            clientCredentials {\n              tokenUrl\n              scopes {\n                name\n                description\n              }\n            }\n            authorizationCode {\n              authorizationUrl\n              tokenUrl\n              scopes {\n                name\n                description\n              }\n            }\n          }\n        }\n      }\n      webhooks {\n        name\n        method\n        summary\n        description\n      }\n    }\n  }\n"): typeof import("./graphql.js").SchemaInfoDocument;
 export declare function graphql(source: "\n  query GetSchemas($input: JSON!, $type: SchemaType!) {\n    schema(input: $input, type: $type) {\n      title\n      description\n      summary\n      components {\n        schemas {\n          name\n          schema\n          extensions\n        }\n      }\n    }\n  }\n"): typeof import("./graphql.js").GetSchemasDocument;
 export declare function graphql(source: "\n  query getServerQuery($input: JSON!, $type: SchemaType!) {\n    schema(input: $input, type: $type) {\n      url\n      servers {\n        url\n      }\n    }\n  }\n"): typeof import("./graphql.js").GetServerQueryDocument;
 export declare function graphql(source: "\n  query GetNavigationOperations($input: JSON!, $type: SchemaType!) {\n    schema(input: $input, type: $type) {\n      extensions\n      tags {\n        slug\n        name\n        extensions\n        operations {\n          summary\n          slug\n          method\n          operationId\n          path\n        }\n      }\n      components {\n        schemas {\n          __typename\n        }\n      }\n    }\n  }\n"): typeof import("./graphql.js").GetNavigationOperationsDocument;

package/dist/declarations/lib/plugins/openapi/graphql/graphql.d.ts

@@ -57,6 +57,7 @@ export type Scalars = {
 export type Components = {
     __typename?: "Components";
     schemas?: Maybe<Array<SchemaItem>>;
+    securitySchemes?: Maybe<Array<SecuritySchemeItem>>;
 };
 export type EncodingItem = {
     __typename?: "EncodingItem";
@@ -82,6 +83,25 @@ export type MediaTypeObject = {
     mediaType: Scalars["String"]["output"];
     schema?: Maybe<Scalars["JSONSchema"]["output"]>;
 };
+export type OAuthFlowItem = {
+    __typename?: "OAuthFlowItem";
+    authorizationUrl?: Maybe<Scalars["String"]["output"]>;
+    refreshUrl?: Maybe<Scalars["String"]["output"]>;
+    scopes: Array<OAuthScopeItem>;
+    tokenUrl?: Maybe<Scalars["String"]["output"]>;
+};
+export type OAuthFlowsItem = {
+    __typename?: "OAuthFlowsItem";
+    authorizationCode?: Maybe<OAuthFlowItem>;
+    clientCredentials?: Maybe<OAuthFlowItem>;
+    implicit?: Maybe<OAuthFlowItem>;
+    password?: Maybe<OAuthFlowItem>;
+};
+export type OAuthScopeItem = {
+    __typename?: "OAuthScopeItem";
+    description: Scalars["String"]["output"];
+    name: Scalars["String"]["output"];
+};
 export type OperationItem = {
     __typename?: "OperationItem";
     contentTypes: Array<Scalars["String"]["output"]>;
@@ -94,6 +114,7 @@ export type OperationItem = {
     path: Scalars["String"]["output"];
     requestBody?: Maybe<RequestBodyObject>;
     responses: Array<ResponseItem>;
+    security?: Maybe<Array<SecurityRequirementItem>>;
     servers: Array<Server>;
     slug: Scalars["String"]["output"];
     summary?: Maybe<Scalars["String"]["output"]>;
@@ -154,6 +175,7 @@ export type Schema = {
     openapi: Scalars["String"]["output"];
     operations: Array<OperationItem>;
     paths: Array<PathItem>;
+    security?: Maybe<Array<SecurityRequirementItem>>;
     servers: Array<Server>;
     summary?: Maybe<Scalars["String"]["output"]>;
     tag?: Maybe<SchemaTag>;
@@ -211,6 +233,30 @@ export type SchemaTag = {
     slug?: Maybe<Scalars["String"]["output"]>;
 };
 export type SchemaType = "file" | "raw" | "url";
+export type SecurityRequirementItem = {
+    __typename?: "SecurityRequirementItem";
+    schemes: Array<SecurityRequirementScheme>;
+};
+export type SecurityRequirementScheme = {
+    __typename?: "SecurityRequirementScheme";
+    scheme: SecuritySchemeItem;
+    scopes: Array<Scalars["String"]["output"]>;
+};
+export type SecuritySchemeIn = "cookie" | "header" | "query";
+export type SecuritySchemeItem = {
+    __typename?: "SecuritySchemeItem";
+    bearerFormat?: Maybe<Scalars["String"]["output"]>;
+    description?: Maybe<Scalars["String"]["output"]>;
+    extensions?: Maybe<Scalars["JSONObject"]["output"]>;
+    flows?: Maybe<OAuthFlowsItem>;
+    in?: Maybe<SecuritySchemeIn>;
+    name: Scalars["String"]["output"];
+    openIdConnectUrl?: Maybe<Scalars["String"]["output"]>;
+    paramName?: Maybe<Scalars["String"]["output"]>;
+    scheme?: Maybe<Scalars["String"]["output"]>;
+    type: SecuritySchemeType;
+};
+export type SecuritySchemeType = "apiKey" | "http" | "mutualTLS" | "oauth2" | "openIdConnect";
 export type Server = {
     __typename?: "Server";
     description?: Maybe<Scalars["String"]["output"]>;
@@ -280,6 +326,64 @@ export type OperationsFragmentFragment = {
             summary?: string | null;
         }> | null;
     }> | null;
+    security?: Array<{
+        __typename?: "SecurityRequirementItem";
+        schemes: Array<{
+            __typename?: "SecurityRequirementScheme";
+            scopes: Array<string>;
+            scheme: {
+                __typename?: "SecuritySchemeItem";
+                name: string;
+                type: SecuritySchemeType;
+                description?: string | null;
+                in?: SecuritySchemeIn | null;
+                paramName?: string | null;
+                scheme?: string | null;
+                bearerFormat?: string | null;
+                openIdConnectUrl?: string | null;
+                flows?: {
+                    __typename?: "OAuthFlowsItem";
+                    implicit?: {
+                        __typename?: "OAuthFlowItem";
+                        authorizationUrl?: string | null;
+                        scopes: Array<{
+                            __typename?: "OAuthScopeItem";
+                            name: string;
+                            description: string;
+                        }>;
+                    } | null;
+                    password?: {
+                        __typename?: "OAuthFlowItem";
+                        tokenUrl?: string | null;
+                        scopes: Array<{
+                            __typename?: "OAuthScopeItem";
+                            name: string;
+                            description: string;
+                        }>;
+                    } | null;
+                    clientCredentials?: {
+                        __typename?: "OAuthFlowItem";
+                        tokenUrl?: string | null;
+                        scopes: Array<{
+                            __typename?: "OAuthScopeItem";
+                            name: string;
+                            description: string;
+                        }>;
+                    } | null;
+                    authorizationCode?: {
+                        __typename?: "OAuthFlowItem";
+                        authorizationUrl?: string | null;
+                        tokenUrl?: string | null;
+                        scopes: Array<{
+                            __typename?: "OAuthScopeItem";
+                            name: string;
+                            description: string;
+                        }>;
+                    } | null;
+                } | null;
+            };
+        }>;
+    }> | null;
     requestBody?: {
         __typename?: "RequestBodyObject";
         description?: string | null;
@@ -415,12 +519,60 @@ export type SchemaInfoQuery = {
             __typename?: "SchemaTag";
             name?: string | null;
             description?: string | null;
+            extensions?: any | null;
         }>;
         components?: {
             __typename?: "Components";
-            schemas?: Array<{
-                __typename?: "SchemaItem";
+            securitySchemes?: Array<{
+                __typename?: "SecuritySchemeItem";
                 name: string;
+                type: SecuritySchemeType;
+                description?: string | null;
+                in?: SecuritySchemeIn | null;
+                paramName?: string | null;
+                scheme?: string | null;
+                bearerFormat?: string | null;
+                openIdConnectUrl?: string | null;
+                flows?: {
+                    __typename?: "OAuthFlowsItem";
+                    implicit?: {
+                        __typename?: "OAuthFlowItem";
+                        authorizationUrl?: string | null;
+                        scopes: Array<{
+                            __typename?: "OAuthScopeItem";
+                            name: string;
+                            description: string;
+                        }>;
+                    } | null;
+                    password?: {
+                        __typename?: "OAuthFlowItem";
+                        tokenUrl?: string | null;
+                        scopes: Array<{
+                            __typename?: "OAuthScopeItem";
+                            name: string;
+                            description: string;
+                        }>;
+                    } | null;
+                    clientCredentials?: {
+                        __typename?: "OAuthFlowItem";
+                        tokenUrl?: string | null;
+                        scopes: Array<{
+                            __typename?: "OAuthScopeItem";
+                            name: string;
+                            description: string;
+                        }>;
+                    } | null;
+                    authorizationCode?: {
+                        __typename?: "OAuthFlowItem";
+                        authorizationUrl?: string | null;
+                        tokenUrl?: string | null;
+                        scopes: Array<{
+                            __typename?: "OAuthScopeItem";
+                            name: string;
+                            description: string;
+                        }>;
+                    } | null;
+                } | null;
             }> | null;
         } | null;
         webhooks: Array<{

package/dist/declarations/lib/plugins/openapi/interfaces.d.ts

@@ -70,6 +70,7 @@ type BaseOasConfig = {
         }[];
         disablePlayground?: boolean;
         disableSidecar?: boolean;
+        disableSecurity?: boolean;
         showVersionSelect?: "always" | "if-available" | "hide";
         expandAllTags?: boolean;
         showInfoPage?: boolean;

package/dist/declarations/lib/plugins/openapi/playground/AuthorizeDialog.d.ts

@@ -0,0 +1,6 @@
+import type { SecuritySchemeData } from "./scheme-forms/types.js";
+export declare const AuthorizeDialog: ({ securitySchemes, open, onOpenChange, }: {
+    securitySchemes: SecuritySchemeData[];
+    open: boolean;
+    onOpenChange: (open: boolean) => void;
+}) => import("react/jsx-runtime").JSX.Element | null;