0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2025-01-13 21:30:30 -05:00

chore(schemas): update customJwtFetcherGuard to specify custom jwt use case

This commit is contained in:
Darcy Ye 2024-03-26 14:37:42 +08:00
parent af53be8639
commit 0c4ba5b8a4
No known key found for this signature in database
GPG key ID: B46F4C07EDEFC610

View file

@ -32,22 +32,31 @@ export const jwtCustomizerUserContextGuard = userInfoGuard.extend({
export type JwtCustomizerUserContext = z.infer<typeof jwtCustomizerUserContextGuard>; export type JwtCustomizerUserContext = z.infer<typeof jwtCustomizerUserContextGuard>;
export enum LogtoJwtTokenPath {
AccessToken = 'access-token',
ClientCredentials = 'client-credentials',
}
/** /**
* This guard is for cloud API use (request body guard). * This guard is for cloud API use (request body guard).
* Since the cloud API will be use by both testing and production, should keep the fields as general as possible. * Since the cloud API will be use by both testing and production, should keep the fields as general as possible.
* The response guard for the cloud API is `jsonObjectGuard` since it extends the `token` with extra claims. * The response guard for the cloud API is `jsonObjectGuard` since it extends the `token` with extra claims.
*/ */
export const customJwtFetcherGuard = jwtCustomizerGuard const commonJwtCustomizerGuard = jwtCustomizerGuard
.pick({ script: true, envVars: true }) .pick({ script: true, envVars: true })
.required({ script: true }) .required({ script: true })
.extend({ .extend({
token: jsonObjectGuard, token: jsonObjectGuard,
context: jsonObjectGuard.optional(),
}); });
export type CustomJwtFetcher = z.infer<typeof customJwtFetcherGuard>; export const customJwtFetcherGuard = z.discriminatedUnion('tokenType', [
commonJwtCustomizerGuard.extend({
tokenType: z.literal(LogtoJwtTokenPath.AccessToken),
context: jsonObjectGuard,
}),
commonJwtCustomizerGuard.extend({
tokenType: z.literal(LogtoJwtTokenPath.ClientCredentials),
}),
]);
export enum LogtoJwtTokenPath { export type CustomJwtFetcher = z.infer<typeof customJwtFetcherGuard>;
AccessToken = 'access-token',
ClientCredentials = 'client-credentials',
}