From 1fd9f8ec506e5b0198fba9093ce595e7c06fa1bf Mon Sep 17 00:00:00 2001 From: Darcy Ye Date: Tue, 5 Mar 2024 16:02:31 +0800 Subject: [PATCH] feat(core): remove guard definition and refactor code --- .../schemas/src/types/logto-config/index.ts | 4 +--- .../src/types/logto-config/oidc-provider.ts | 22 +++++-------------- 2 files changed, 6 insertions(+), 20 deletions(-) diff --git a/packages/schemas/src/types/logto-config/index.ts b/packages/schemas/src/types/logto-config/index.ts index d27b586c1..58aa3a932 100644 --- a/packages/schemas/src/types/logto-config/index.ts +++ b/packages/schemas/src/types/logto-config/index.ts @@ -64,13 +64,11 @@ export enum LogtoJwtTokenKey { ClientCredentials = 'jwt.clientCredentials', } -export const jwtCustomizerGuard = z +const jwtCustomizerGuard = z .object({ script: z.string(), envVars: z.record(z.string()), contextSample: jsonObjectGuard, - // This `tokenSample` field will be overridden by the `tokenSample` field once the `tokenType` is determined. - tokenSample: jsonObjectGuard, }) .partial(); diff --git a/packages/schemas/src/types/logto-config/oidc-provider.ts b/packages/schemas/src/types/logto-config/oidc-provider.ts index 13a0d4e08..4c30105b3 100644 --- a/packages/schemas/src/types/logto-config/oidc-provider.ts +++ b/packages/schemas/src/types/logto-config/oidc-provider.ts @@ -20,26 +20,15 @@ const baseTokenGuardObject = { kind: z.string(), }; -// Ref: https://github.com/DefinitelyTyped/DefinitelyTyped/blob/0b7b01b70c4c211a4f69caf05008228ac065413c/types/oidc-provider/index.d.ts#L144 -const claimsParameterMemberGuard = z - .object({ - essential: z.boolean(), - value: z.string(), - values: z.array(z.string()), - }) - .partial() - .catchall(jsonObjectGuard); - -// Ref: https://github.com/DefinitelyTyped/DefinitelyTyped/blob/0b7b01b70c4c211a4f69caf05008228ac065413c/types/oidc-provider/index.d.ts#L152 -const claimsParameterGuard = z.object({ - id_token: z.record(claimsParameterMemberGuard.nullable()).optional(), - userinfo: z.record(claimsParameterMemberGuard.nullable()).optional(), -}); - /** * Ref: * https://github.com/DefinitelyTyped/DefinitelyTyped/blob/0b7b01b70c4c211a4f69caf05008228ac065413c/types/oidc-provider/index.d.ts#L550 * https://github.com/panva/node-oidc-provider/blob/270af1da83dda4c49edb4aaab48908f737d73379/lib/models/access_token.js#L17 + * + * We do not include `claims` field in this guard because we did not enabled the `feature.claimsParameter` in the oidc-provider. + * If we enable the `feature.claimsParameter` feature in the future, we should include and implement the `claims` field guard. + * `feature.claimsParameter`: https://github.com/panva/node-oidc-provider/blob/main/docs/README.md#featuresclaimsparameter + * OIDC claims parameter: https://openid.net/specs/openid-connect-core-1_0.html#ClaimsParameter */ export const accessTokenGuard = z .object({ @@ -47,7 +36,6 @@ export const accessTokenGuard = z kind: z.literal('AccessToken'), accountId: z.string(), aud: z.string().or(z.array(z.string())), - claims: claimsParameterGuard.optional(), extra: jsonObjectGuard.optional(), grantId: z.string(), scope: z.string().optional(),