0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-30 20:33:54 -05:00

chore(schemas): update customJwtFetcherGuard to specify custom jwt use case

This commit is contained in:
Darcy Ye 2024-03-26 14:37:42 +08:00
parent af53be8639
commit 0c4ba5b8a4
No known key found for this signature in database
GPG key ID: B46F4C07EDEFC610

View file

@ -32,22 +32,31 @@ export const jwtCustomizerUserContextGuard = userInfoGuard.extend({
export type JwtCustomizerUserContext = z.infer<typeof jwtCustomizerUserContextGuard>;
export enum LogtoJwtTokenPath {
AccessToken = 'access-token',
ClientCredentials = 'client-credentials',
}
/**
* This guard is for cloud API use (request body guard).
* Since the cloud API will be use by both testing and production, should keep the fields as general as possible.
* The response guard for the cloud API is `jsonObjectGuard` since it extends the `token` with extra claims.
*/
export const customJwtFetcherGuard = jwtCustomizerGuard
const commonJwtCustomizerGuard = jwtCustomizerGuard
.pick({ script: true, envVars: true })
.required({ script: true })
.extend({
token: jsonObjectGuard,
context: jsonObjectGuard.optional(),
});
export type CustomJwtFetcher = z.infer<typeof customJwtFetcherGuard>;
export const customJwtFetcherGuard = z.discriminatedUnion('tokenType', [
commonJwtCustomizerGuard.extend({
tokenType: z.literal(LogtoJwtTokenPath.AccessToken),
context: jsonObjectGuard,
}),
commonJwtCustomizerGuard.extend({
tokenType: z.literal(LogtoJwtTokenPath.ClientCredentials),
}),
]);
export enum LogtoJwtTokenPath {
AccessToken = 'access-token',
ClientCredentials = 'client-credentials',
}
export type CustomJwtFetcher = z.infer<typeof customJwtFetcherGuard>;