From 239b81e31a3b37abf0558f338995e1a17173afa7 Mon Sep 17 00:00:00 2001 From: Gao Sun Date: Wed, 4 Dec 2024 15:37:16 +0800 Subject: [PATCH] refactor: loose redirect uri restrictions (#6846) * refactor: loose redirect uri restrictions * refactor: fix types and add tests * chore: add changeset --- .changeset/nervous-apes-suffer.md | 20 ++ .../ApplicationDetailsContent/Settings.tsx | 40 ++- .../index.module.scss | 4 + packages/core/package.json | 6 +- packages/core/src/event-listeners/index.ts | 2 +- .../lib-keep/helpers/filter_claims.d.ts | 3 +- .../lib-keep/helpers/weak_cache.d.ts | 2 +- packages/core/src/libraries/session.test.ts | 2 +- packages/core/src/libraries/session.ts | 3 +- .../middleware/koa-auth/koa-oidc-auth.test.ts | 2 +- .../core/src/middleware/koa-auto-consent.ts | 2 +- .../src/middleware/koa-interaction-details.ts | 2 +- .../middleware/koa-spa-session-guard.test.ts | 2 +- .../src/middleware/koa-spa-session-guard.ts | 2 +- packages/core/src/oidc/defaults.ts | 3 +- .../src/oidc/grants/client-credentials.ts | 2 +- packages/core/src/oidc/grants/index.ts | 2 +- .../core/src/oidc/grants/refresh-token.ts | 2 +- .../src/oidc/grants/token-exchange/index.ts | 2 +- packages/core/src/oidc/grants/utils.ts | 4 +- packages/core/src/oidc/init.ts | 3 +- packages/core/src/routes/experience/types.ts | 2 +- .../actions/submit-interaction.mfa.test.ts | 2 +- .../actions/submit-interaction.test.ts | 2 +- .../routes/interaction/utils/interaction.ts | 3 +- .../utils/single-sign-on-session.ts | 2 +- .../interaction/utils/single-sign-on.test.ts | 2 +- .../interaction/utils/social-verification.ts | 2 +- .../mandatory-user-profile-validation.test.ts | 2 +- .../mfa-payload-verification.test.ts | 2 +- .../mfa-verification.backup-code.test.ts | 2 +- .../verifications/mfa-verification.test.ts | 2 +- .../verifications/mfa-verification.ts | 2 +- packages/core/src/tenants/Tenant.ts | 2 +- packages/core/src/tenants/TenantContext.ts | 2 +- packages/core/src/test-utils/oidc-provider.ts | 3 +- .../core/src/utils/saml-assertion-handler.ts | 2 +- .../tests/api/application/application.test.ts | 37 +++ .../tests/api/oidc/mixed-redirect-uri.test.ts | 70 ++++ .../admin-console/application-details.ts | 2 + packages/toolkit/core-kit/src/regex.ts | 2 +- .../toolkit/core-kit/src/utils/url.test.ts | 2 + pnpm-lock.yaml | 304 ++++++++++-------- 43 files changed, 377 insertions(+), 184 deletions(-) create mode 100644 .changeset/nervous-apes-suffer.md create mode 100644 packages/integration-tests/src/tests/api/oidc/mixed-redirect-uri.test.ts diff --git a/.changeset/nervous-apes-suffer.md b/.changeset/nervous-apes-suffer.md new file mode 100644 index 000000000..5a1835bda --- /dev/null +++ b/.changeset/nervous-apes-suffer.md @@ -0,0 +1,20 @@ +--- +"@logto/integration-tests": patch +"@logto/core-kit": patch +"@logto/console": patch +"@logto/phrases": patch +"@logto/core": patch +--- + +loose redirect uri restrictions + +Logto has been following the industry best practices for OAuth2.0 and OIDC from the start. However, in the real world, there are things we cannot control, like third-party services or operation systems like Windows. + +This update relaxes restrictions on redirect URIs to allow the following: + +1. A mix of native and HTTP(S) redirect URIs. For example, a native app can now use a redirect URI like `https://example.com`. +2. Native schemes without a period (`.`). For example, `myapp://callback` is now allowed. + +When such URIs are configured, Logto Console will display a prominent warning. This change is backward-compatible and will not affect existing applications. + +We hope this change will make it easier for you to integrate Logto with your applications. diff --git a/packages/console/src/pages/ApplicationDetails/ApplicationDetailsContent/Settings.tsx b/packages/console/src/pages/ApplicationDetails/ApplicationDetailsContent/Settings.tsx index 880d74a03..4101c90ea 100644 --- a/packages/console/src/pages/ApplicationDetails/ApplicationDetailsContent/Settings.tsx +++ b/packages/console/src/pages/ApplicationDetails/ApplicationDetailsContent/Settings.tsx @@ -8,6 +8,7 @@ import FormCard from '@/components/FormCard'; import MultiTextInputField from '@/components/MultiTextInputField'; import CodeEditor from '@/ds-components/CodeEditor'; import FormField from '@/ds-components/FormField'; +import InlineNotification from '@/ds-components/InlineNotification'; import type { MultiTextInputRule } from '@/ds-components/MultiTextInput/types'; import { convertRhfErrorMessage, @@ -19,8 +20,33 @@ import useDocumentationUrl from '@/hooks/use-documentation-url'; import { isJsonObject } from '@/utils/json'; import ProtectedAppSettings from './ProtectedAppSettings'; +import styles from './index.module.scss'; import { type ApplicationForm } from './utils'; +const hasMixedUriProtocols = (applicationType: ApplicationType, uris: string[]): boolean => { + switch (applicationType) { + case ApplicationType.Native: { + return uris.some((uri) => validateRedirectUrl(uri, 'web')); + } + case ApplicationType.Traditional: + case ApplicationType.SPA: { + return uris.some((uri) => validateRedirectUrl(uri, 'mobile')); + } + default: { + return false; + } + } +}; + +function MixedUriWarning() { + const { t } = useTranslation(undefined, { keyPrefix: 'admin_console' }); + return ( + + {t('application_details.mixed_redirect_uri_warning')} + + ); +} + type Props = { readonly data: Application; }; @@ -31,19 +57,27 @@ function Settings({ data }: Props) { const { control, register, + watch, formState: { errors }, } = useFormContext(); const { type: applicationType } = data; - const isNativeApp = applicationType === ApplicationType.Native; const isProtectedApp = applicationType === ApplicationType.Protected; const uriPatternRules: MultiTextInputRule = { pattern: { - verify: (value) => !value || validateRedirectUrl(value, isNativeApp ? 'mobile' : 'web'), + verify: (value) => + !value || validateRedirectUrl(value, 'web') || validateRedirectUrl(value, 'mobile'), message: t('errors.invalid_uri_format'), }, }; + const redirectUris = watch('oidcClientMetadata.redirectUris'); + const postLogoutRedirectUris = watch('oidcClientMetadata.postLogoutRedirectUris'); + const showRedirectUriMixedWarning = hasMixedUriProtocols(applicationType, redirectUris); + const showPostLogoutUriMixedWarning = hasMixedUriProtocols( + applicationType, + postLogoutRedirectUris + ); if (isProtectedApp) { return ; @@ -113,6 +147,7 @@ function Settings({ data }: Props) { )} /> )} + {showRedirectUriMixedWarning && } {applicationType !== ApplicationType.MachineToMachine && ( )} + {showPostLogoutUriMixedWarning && } {applicationType !== ApplicationType.MachineToMachine && ( = T extends Record diff --git a/packages/core/src/libraries/session.test.ts b/packages/core/src/libraries/session.test.ts index 32a8e0e54..37084ab5d 100644 --- a/packages/core/src/libraries/session.test.ts +++ b/packages/core/src/libraries/session.test.ts @@ -1,6 +1,6 @@ import { type User } from '@logto/schemas'; import { generateStandardId } from '@logto/shared'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { mockUser } from '#src/__mocks__/user.js'; import type Queries from '#src/tenants/Queries.js'; diff --git a/packages/core/src/libraries/session.ts b/packages/core/src/libraries/session.ts index e1173fc04..be073dfcf 100644 --- a/packages/core/src/libraries/session.ts +++ b/packages/core/src/libraries/session.ts @@ -1,7 +1,6 @@ import { conditional } from '@silverhand/essentials'; import type { Context } from 'koa'; -import type { InteractionResults, PromptDetail } from 'oidc-provider'; -import type Provider from 'oidc-provider'; +import type { InteractionResults, PromptDetail, Provider } from 'oidc-provider'; import { z } from 'zod'; import type Queries from '#src/tenants/Queries.js'; diff --git a/packages/core/src/middleware/koa-auth/koa-oidc-auth.test.ts b/packages/core/src/middleware/koa-auth/koa-oidc-auth.test.ts index 787f31088..c7a486b92 100644 --- a/packages/core/src/middleware/koa-auth/koa-oidc-auth.test.ts +++ b/packages/core/src/middleware/koa-auth/koa-oidc-auth.test.ts @@ -1,7 +1,7 @@ import { pickDefault } from '@logto/shared/esm'; import type { Context } from 'koa'; import type { IRouterParamContext } from 'koa-router'; -import Provider from 'oidc-provider'; +import { Provider } from 'oidc-provider'; import Sinon from 'sinon'; import RequestError from '#src/errors/RequestError/index.js'; diff --git a/packages/core/src/middleware/koa-auto-consent.ts b/packages/core/src/middleware/koa-auto-consent.ts index d13cb4dfb..0e59d63ea 100644 --- a/packages/core/src/middleware/koa-auto-consent.ts +++ b/packages/core/src/middleware/koa-auto-consent.ts @@ -1,7 +1,7 @@ import { demoAppApplicationId } from '@logto/schemas'; import { type MiddlewareType } from 'koa'; import { type IRouterParamContext } from 'koa-router'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { errors } from 'oidc-provider'; import { consent, getMissingScopes } from '#src/libraries/session.js'; diff --git a/packages/core/src/middleware/koa-interaction-details.ts b/packages/core/src/middleware/koa-interaction-details.ts index e1242a943..82791cb87 100644 --- a/packages/core/src/middleware/koa-interaction-details.ts +++ b/packages/core/src/middleware/koa-interaction-details.ts @@ -1,6 +1,6 @@ import type { MiddlewareType } from 'koa'; import { type IRouterParamContext } from 'koa-router'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; export type WithInteractionDetailsContext< ContextT extends IRouterParamContext = IRouterParamContext, diff --git a/packages/core/src/middleware/koa-spa-session-guard.test.ts b/packages/core/src/middleware/koa-spa-session-guard.test.ts index 7d79ff1c7..c97653893 100644 --- a/packages/core/src/middleware/koa-spa-session-guard.test.ts +++ b/packages/core/src/middleware/koa-spa-session-guard.test.ts @@ -1,5 +1,5 @@ import { createMockUtils } from '@logto/shared/esm'; -import Provider from 'oidc-provider'; +import { Provider } from 'oidc-provider'; import Sinon from 'sinon'; import { EnvSet, UserApps } from '#src/env-set/index.js'; diff --git a/packages/core/src/middleware/koa-spa-session-guard.ts b/packages/core/src/middleware/koa-spa-session-guard.ts index 3f1fefb56..ff90b7618 100644 --- a/packages/core/src/middleware/koa-spa-session-guard.ts +++ b/packages/core/src/middleware/koa-spa-session-guard.ts @@ -2,7 +2,7 @@ import { logtoConfigGuards, LogtoTenantConfigKey } from '@logto/schemas'; import { appendPath, trySafe } from '@silverhand/essentials'; import type { MiddlewareType } from 'koa'; import type { IRouterParamContext } from 'koa-router'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { EnvSet, getTenantEndpoint } from '#src/env-set/index.js'; import RequestError from '#src/errors/RequestError/index.js'; diff --git a/packages/core/src/oidc/defaults.ts b/packages/core/src/oidc/defaults.ts index 55523c3d4..6e0d345bd 100644 --- a/packages/core/src/oidc/defaults.ts +++ b/packages/core/src/oidc/defaults.ts @@ -1,5 +1,4 @@ -import type Provider from 'oidc-provider'; -import type { TTLFunction, KoaContextWithOIDC } from 'oidc-provider'; +import type { Provider, TTLFunction, KoaContextWithOIDC } from 'oidc-provider'; /** * Keep the default pre-checks from oidc-provider. diff --git a/packages/core/src/oidc/grants/client-credentials.ts b/packages/core/src/oidc/grants/client-credentials.ts index 7dffd2be4..56eaa665c 100644 --- a/packages/core/src/oidc/grants/client-credentials.ts +++ b/packages/core/src/oidc/grants/client-credentials.ts @@ -20,7 +20,7 @@ */ import { cond } from '@silverhand/essentials'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { errors } from 'oidc-provider'; import instance from 'oidc-provider/lib/helpers/weak_cache.js'; import checkResource from 'oidc-provider/lib/shared/check_resource.js'; diff --git a/packages/core/src/oidc/grants/index.ts b/packages/core/src/oidc/grants/index.ts index 0b641495e..6285c1b42 100644 --- a/packages/core/src/oidc/grants/index.ts +++ b/packages/core/src/oidc/grants/index.ts @@ -1,5 +1,5 @@ import { GrantType } from '@logto/schemas'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import instance from 'oidc-provider/lib/helpers/weak_cache.js'; import { type EnvSet } from '#src/env-set/index.js'; diff --git a/packages/core/src/oidc/grants/refresh-token.ts b/packages/core/src/oidc/grants/refresh-token.ts index 9d885d58f..673a4d90d 100644 --- a/packages/core/src/oidc/grants/refresh-token.ts +++ b/packages/core/src/oidc/grants/refresh-token.ts @@ -21,7 +21,7 @@ import { UserScope } from '@logto/core-kit'; import { isKeyInObject } from '@silverhand/essentials'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { errors } from 'oidc-provider'; import difference from 'oidc-provider/lib/helpers/_/difference.js'; import filterClaims from 'oidc-provider/lib/helpers/filter_claims.js'; diff --git a/packages/core/src/oidc/grants/token-exchange/index.ts b/packages/core/src/oidc/grants/token-exchange/index.ts index a9358a5ef..f1aba4d57 100644 --- a/packages/core/src/oidc/grants/token-exchange/index.ts +++ b/packages/core/src/oidc/grants/token-exchange/index.ts @@ -6,7 +6,7 @@ import { buildOrganizationUrn } from '@logto/core-kit'; import { GrantType } from '@logto/schemas'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { errors } from 'oidc-provider'; import resolveResource from 'oidc-provider/lib/helpers/resolve_resource.js'; import validatePresence from 'oidc-provider/lib/helpers/validate_presence.js'; diff --git a/packages/core/src/oidc/grants/utils.ts b/packages/core/src/oidc/grants/utils.ts index 1242cd1b2..f552d9c76 100644 --- a/packages/core/src/oidc/grants/utils.ts +++ b/packages/core/src/oidc/grants/utils.ts @@ -1,7 +1,7 @@ import { buildOrganizationUrn } from '@logto/core-kit'; import { cond } from '@silverhand/essentials'; -import type Provider from 'oidc-provider'; -import { type Account, errors, type KoaContextWithOIDC } from 'oidc-provider'; +import { errors } from 'oidc-provider'; +import type { Provider, Account, KoaContextWithOIDC } from 'oidc-provider'; import certificateThumbprint from 'oidc-provider/lib/helpers/certificate_thumbprint.js'; import epochTime from 'oidc-provider/lib/helpers/epoch_time.js'; import dpopValidate from 'oidc-provider/lib/helpers/validate_dpop.js'; diff --git a/packages/core/src/oidc/init.ts b/packages/core/src/oidc/init.ts index b4cb6772f..3d069947a 100644 --- a/packages/core/src/oidc/init.ts +++ b/packages/core/src/oidc/init.ts @@ -18,7 +18,7 @@ import { } from '@logto/schemas'; import { removeUndefinedKeys, trySafe, tryThat } from '@silverhand/essentials'; import i18next from 'i18next'; -import Provider, { errors } from 'oidc-provider'; +import { Provider, errors } from 'oidc-provider'; import getRawBody from 'raw-body'; import snakecaseKeys from 'snakecase-keys'; @@ -77,6 +77,7 @@ export default function initOidc( sameSite: 'lax', path: '/', signed: true, + overwrite: true, } as const); // Do NOT deconstruct variables from `envSet` earlier, since we might reload `envSet` on the fly, diff --git a/packages/core/src/routes/experience/types.ts b/packages/core/src/routes/experience/types.ts index eb9f1e340..d524d389a 100644 --- a/packages/core/src/routes/experience/types.ts +++ b/packages/core/src/routes/experience/types.ts @@ -7,7 +7,7 @@ import { UserSsoIdentities, type UserSsoIdentity, } from '@logto/schemas'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { z } from 'zod'; import { type WithLogContext } from '#src/middleware/koa-audit-log.js'; diff --git a/packages/core/src/routes/interaction/actions/submit-interaction.mfa.test.ts b/packages/core/src/routes/interaction/actions/submit-interaction.mfa.test.ts index 8e69999f2..2cc0ec90f 100644 --- a/packages/core/src/routes/interaction/actions/submit-interaction.mfa.test.ts +++ b/packages/core/src/routes/interaction/actions/submit-interaction.mfa.test.ts @@ -1,6 +1,6 @@ import { InteractionEvent, MfaFactor, adminTenantId } from '@logto/schemas'; import { createMockUtils, pickDefault } from '@logto/shared/esm'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { mockWebAuthnBind } from '#src/__mocks__/mfa-verification.js'; import { createMockLogContext } from '#src/test-utils/koa-audit-log.js'; diff --git a/packages/core/src/routes/interaction/actions/submit-interaction.test.ts b/packages/core/src/routes/interaction/actions/submit-interaction.test.ts index 26704a6b7..e98ae3f8d 100644 --- a/packages/core/src/routes/interaction/actions/submit-interaction.test.ts +++ b/packages/core/src/routes/interaction/actions/submit-interaction.test.ts @@ -6,7 +6,7 @@ import { type User, } from '@logto/schemas'; import { createMockUtils, pickDefault } from '@logto/shared/esm'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { type InsertUserResult } from '#src/libraries/user.js'; import { createMockLogContext } from '#src/test-utils/koa-audit-log.js'; diff --git a/packages/core/src/routes/interaction/utils/interaction.ts b/packages/core/src/routes/interaction/utils/interaction.ts index 370818bac..01628ffba 100644 --- a/packages/core/src/routes/interaction/utils/interaction.ts +++ b/packages/core/src/routes/interaction/utils/interaction.ts @@ -2,8 +2,7 @@ import type { Profile } from '@logto/schemas'; import { InteractionEvent } from '@logto/schemas'; import { assert } from '@silverhand/essentials'; import type { Context } from 'koa'; -import type Provider from 'oidc-provider'; -import type { InteractionResults } from 'oidc-provider'; +import type { Provider, InteractionResults } from 'oidc-provider'; import { errors } from 'oidc-provider'; import RequestError from '#src/errors/RequestError/index.js'; diff --git a/packages/core/src/routes/interaction/utils/single-sign-on-session.ts b/packages/core/src/routes/interaction/utils/single-sign-on-session.ts index 5a10c5432..3cfab3dc4 100644 --- a/packages/core/src/routes/interaction/utils/single-sign-on-session.ts +++ b/packages/core/src/routes/interaction/utils/single-sign-on-session.ts @@ -1,5 +1,5 @@ import { type Context } from 'koa'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { z } from 'zod'; import { diff --git a/packages/core/src/routes/interaction/utils/single-sign-on.test.ts b/packages/core/src/routes/interaction/utils/single-sign-on.test.ts index 188c575a6..45090c315 100644 --- a/packages/core/src/routes/interaction/utils/single-sign-on.test.ts +++ b/packages/core/src/routes/interaction/utils/single-sign-on.test.ts @@ -1,6 +1,6 @@ /* eslint-disable max-lines */ import { createMockUtils } from '@logto/shared/esm'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import Sinon from 'sinon'; import { diff --git a/packages/core/src/routes/interaction/utils/social-verification.ts b/packages/core/src/routes/interaction/utils/social-verification.ts index ad9cd5afa..103047859 100644 --- a/packages/core/src/routes/interaction/utils/social-verification.ts +++ b/packages/core/src/routes/interaction/utils/social-verification.ts @@ -3,7 +3,7 @@ import { connectorSessionGuard, GoogleConnector } from '@logto/connector-kit'; import type { SocialConnectorPayload } from '@logto/schemas'; import { ConnectorType } from '@logto/schemas'; import type { Context } from 'koa'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { z } from 'zod'; import type { WithLogContext } from '#src/middleware/koa-audit-log.js'; diff --git a/packages/core/src/routes/interaction/verifications/mandatory-user-profile-validation.test.ts b/packages/core/src/routes/interaction/verifications/mandatory-user-profile-validation.test.ts index 73d126a2b..7f8182436 100644 --- a/packages/core/src/routes/interaction/verifications/mandatory-user-profile-validation.test.ts +++ b/packages/core/src/routes/interaction/verifications/mandatory-user-profile-validation.test.ts @@ -3,7 +3,7 @@ import crypto from 'node:crypto'; import { PasswordPolicyChecker } from '@logto/core-kit'; import { InteractionEvent, MissingProfile, SignInIdentifier } from '@logto/schemas'; import { createMockUtils, pickDefault } from '@logto/shared/esm'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { mockSignInExperience } from '#src/__mocks__/sign-in-experience.js'; import RequestError from '#src/errors/RequestError/index.js'; diff --git a/packages/core/src/routes/interaction/verifications/mfa-payload-verification.test.ts b/packages/core/src/routes/interaction/verifications/mfa-payload-verification.test.ts index c3a6d5b82..93440ab8d 100644 --- a/packages/core/src/routes/interaction/verifications/mfa-payload-verification.test.ts +++ b/packages/core/src/routes/interaction/verifications/mfa-payload-verification.test.ts @@ -1,6 +1,6 @@ import { InteractionEvent, MfaFactor } from '@logto/schemas'; import { createMockUtils } from '@logto/shared/esm'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { mockUserBackupCodeMfaVerification, diff --git a/packages/core/src/routes/interaction/verifications/mfa-verification.backup-code.test.ts b/packages/core/src/routes/interaction/verifications/mfa-verification.backup-code.test.ts index c9014b907..2ceac2884 100644 --- a/packages/core/src/routes/interaction/verifications/mfa-verification.backup-code.test.ts +++ b/packages/core/src/routes/interaction/verifications/mfa-verification.backup-code.test.ts @@ -3,7 +3,7 @@ import crypto from 'node:crypto'; import { PasswordPolicyChecker } from '@logto/core-kit'; import { InteractionEvent, MfaFactor, MfaPolicy } from '@logto/schemas'; import { createMockUtils } from '@logto/shared/esm'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { mockBackupCodeBind, mockTotpBind } from '#src/__mocks__/mfa-verification.js'; import { mockSignInExperience } from '#src/__mocks__/sign-in-experience.js'; diff --git a/packages/core/src/routes/interaction/verifications/mfa-verification.test.ts b/packages/core/src/routes/interaction/verifications/mfa-verification.test.ts index e561293aa..26ef5dc80 100644 --- a/packages/core/src/routes/interaction/verifications/mfa-verification.test.ts +++ b/packages/core/src/routes/interaction/verifications/mfa-verification.test.ts @@ -3,7 +3,7 @@ import crypto from 'node:crypto'; import { PasswordPolicyChecker } from '@logto/core-kit'; import { InteractionEvent, MfaFactor, MfaPolicy } from '@logto/schemas'; import { createMockUtils } from '@logto/shared/esm'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { mockSignInExperience } from '#src/__mocks__/sign-in-experience.js'; import { diff --git a/packages/core/src/routes/interaction/verifications/mfa-verification.ts b/packages/core/src/routes/interaction/verifications/mfa-verification.ts index 95c062545..670c439c2 100644 --- a/packages/core/src/routes/interaction/verifications/mfa-verification.ts +++ b/packages/core/src/routes/interaction/verifications/mfa-verification.ts @@ -6,7 +6,7 @@ import { type MfaVerification, } from '@logto/schemas'; import { type Context } from 'koa'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { z } from 'zod'; import RequestError from '#src/errors/RequestError/index.js'; diff --git a/packages/core/src/tenants/Tenant.ts b/packages/core/src/tenants/Tenant.ts index 6314b5bfd..21c58ecb2 100644 --- a/packages/core/src/tenants/Tenant.ts +++ b/packages/core/src/tenants/Tenant.ts @@ -5,7 +5,7 @@ import Koa from 'koa'; import compose from 'koa-compose'; import koaCompress from 'koa-compress'; import mount from 'koa-mount'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { type CacheStore } from '#src/caches/types.js'; import { WellKnownCache } from '#src/caches/well-known.js'; diff --git a/packages/core/src/tenants/TenantContext.ts b/packages/core/src/tenants/TenantContext.ts index 6214962af..afcce2679 100644 --- a/packages/core/src/tenants/TenantContext.ts +++ b/packages/core/src/tenants/TenantContext.ts @@ -1,5 +1,5 @@ import { type Sentinel } from '@logto/schemas'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import type { EnvSet } from '#src/env-set/index.js'; import type { CloudConnectionLibrary } from '#src/libraries/cloud-connection.js'; diff --git a/packages/core/src/test-utils/oidc-provider.ts b/packages/core/src/test-utils/oidc-provider.ts index 879c37fe2..7e5290a1a 100644 --- a/packages/core/src/test-utils/oidc-provider.ts +++ b/packages/core/src/test-utils/oidc-provider.ts @@ -1,4 +1,5 @@ -import Provider, { type KoaContextWithOIDC } from 'oidc-provider'; +import { type KoaContextWithOIDC } from 'oidc-provider'; +import { Provider } from 'oidc-provider'; import Sinon from 'sinon'; import createMockContext from './jest-koa-mocks/create-mock-context.js'; diff --git a/packages/core/src/utils/saml-assertion-handler.ts b/packages/core/src/utils/saml-assertion-handler.ts index a08c4832d..ceb06cb4e 100644 --- a/packages/core/src/utils/saml-assertion-handler.ts +++ b/packages/core/src/utils/saml-assertion-handler.ts @@ -1,6 +1,6 @@ import type { ConnectorSession } from '@logto/connector-kit'; import { connectorSessionGuard } from '@logto/connector-kit'; -import type Provider from 'oidc-provider'; +import type { Provider } from 'oidc-provider'; import { z } from 'zod'; import { diff --git a/packages/integration-tests/src/tests/api/application/application.test.ts b/packages/integration-tests/src/tests/api/application/application.test.ts index 7873ab46a..2b920e01b 100644 --- a/packages/integration-tests/src/tests/api/application/application.test.ts +++ b/packages/integration-tests/src/tests/api/application/application.test.ts @@ -134,6 +134,43 @@ describe('application APIs', () => { }); }); + it('should be able to add a native redirect uri to a web application, and vice versa', async () => { + const [application1, application2] = await Promise.all([ + createApplication('test-update-app-1', ApplicationType.Native), + createApplication('test-update-app-2', ApplicationType.SPA), + ]); + + const nativeRedirectUri = 'io.logto://my-app/callback'; + const webRedirectUri = 'https://example.com/callback'; + + await Promise.all([ + updateApplication(application1.id, { + oidcClientMetadata: { + ...application1.oidcClientMetadata, + redirectUris: [nativeRedirectUri], + postLogoutRedirectUris: [nativeRedirectUri], + }, + }), + updateApplication(application2.id, { + oidcClientMetadata: { + ...application2.oidcClientMetadata, + redirectUris: [webRedirectUri], + postLogoutRedirectUris: [webRedirectUri], + }, + }), + ]); + + const [updated1, updated2] = await Promise.all([ + getApplication(application1.id), + getApplication(application2.id), + ]); + + expect(updated1.oidcClientMetadata.redirectUris).toEqual([nativeRedirectUri]); + expect(updated1.oidcClientMetadata.postLogoutRedirectUris).toEqual([nativeRedirectUri]); + expect(updated2.oidcClientMetadata.redirectUris).toEqual([webRedirectUri]); + expect(updated2.oidcClientMetadata.postLogoutRedirectUris).toEqual([webRedirectUri]); + }); + it('should update application details for protected app successfully', async () => { const metadata = { origin: 'https://example.com', diff --git a/packages/integration-tests/src/tests/api/oidc/mixed-redirect-uri.test.ts b/packages/integration-tests/src/tests/api/oidc/mixed-redirect-uri.test.ts new file mode 100644 index 000000000..903741c82 --- /dev/null +++ b/packages/integration-tests/src/tests/api/oidc/mixed-redirect-uri.test.ts @@ -0,0 +1,70 @@ +/** + * @fileoverview Tests for mixed redirect URI protocols. It means web applications can have native + * redirect URIs and vice versa. Both should work without any issues. + */ + +import { Prompt } from '@logto/js'; +import { ApplicationType, InteractionEvent } from '@logto/schemas'; + +import { deleteUser } from '#src/api/admin-user.js'; +import { createApplication } from '#src/api/application.js'; +import { putInteraction } from '#src/api/interaction.js'; +import MockClient from '#src/client/index.js'; +import { processSession } from '#src/helpers/client.js'; +import { createUserByAdmin } from '#src/helpers/index.js'; +import { enableAllPasswordSignInMethods } from '#src/helpers/sign-in-experience.js'; +import { generatePassword, generateUsername } from '#src/utils.js'; + +describe('mixed redirect URI protocols', () => { + const username = generateUsername(); + const password = generatePassword(); + // eslint-disable-next-line @silverhand/fp/no-let + let userId = ''; + + const run = async (applicationType: ApplicationType) => { + if ( + ![ApplicationType.Native, ApplicationType.Traditional, ApplicationType.SPA].includes( + applicationType + ) + ) { + throw new Error('Unsupported application type'); + } + + const redirectUri = + applicationType === ApplicationType.Native ? 'http://localhost' : 'myapp://callback'; + const application = await createApplication('Mixed Redirect URI', applicationType, { + oidcClientMetadata: { redirectUris: [redirectUri], postLogoutRedirectUris: [redirectUri] }, + }); + const client = new MockClient({ + appId: application.id, + prompt: Prompt.Login, + scopes: [], + }); + await client.initSession(redirectUri); + await client.successSend(putInteraction, { + event: InteractionEvent.SignIn, + identifier: { username, password }, + }); + const { redirectTo } = await client.submitInteraction(); + await processSession(client, redirectTo); + }; + + beforeAll(async () => { + const { id } = await createUserByAdmin({ username, password }); + // eslint-disable-next-line @silverhand/fp/no-mutation + userId = id; + await enableAllPasswordSignInMethods(); + }); + + afterAll(async () => { + await deleteUser(userId); + }); + + it('should work for native applications', async () => { + await run(ApplicationType.Native); + }); + + it('should work for web applications', async () => { + await run(ApplicationType.SPA); + }); +}); diff --git a/packages/phrases/src/locales/en/translation/admin-console/application-details.ts b/packages/phrases/src/locales/en/translation/admin-console/application-details.ts index b8088d39f..12179e4ba 100644 --- a/packages/phrases/src/locales/en/translation/admin-console/application-details.ts +++ b/packages/phrases/src/locales/en/translation/admin-console/application-details.ts @@ -40,6 +40,8 @@ const application_details = { redirect_uri_placeholder_native: 'io.logto://callback', redirect_uri_tip: 'The URI redirects after a user sign-in (whether successful or not). See OpenID Connect AuthRequest for more info.', + mixed_redirect_uri_warning: + 'Your application type is not compatible with at least one of the redirect URIs. It does not follow best practices and we strongly recommend keeping the redirect URIs consistent.', post_sign_out_redirect_uri: 'Post sign-out redirect URI', post_sign_out_redirect_uris: 'Post sign-out redirect URIs', post_sign_out_redirect_uri_placeholder: 'https://your.website.com/home', diff --git a/packages/toolkit/core-kit/src/regex.ts b/packages/toolkit/core-kit/src/regex.ts index be044e922..abc8a4156 100644 --- a/packages/toolkit/core-kit/src/regex.ts +++ b/packages/toolkit/core-kit/src/regex.ts @@ -3,7 +3,7 @@ export const phoneRegEx = /^\d+$/; export const phoneInputRegEx = /^\+?[\d-( )]+$/; export const usernameRegEx = /^[A-Z_a-z]\w*$/; export const webRedirectUriProtocolRegEx = /^https?:$/; -export const mobileUriSchemeProtocolRegEx = /^[a-z][\d+_a-z-]*(\.[\d+_a-z-]+)+:$/; +export const mobileUriSchemeProtocolRegEx = /^(?!http(s)?:)[a-z][\d+_a-z-]*(\.[\d+_a-z-]+)*:$/; export const hexColorRegEx = /^#[\da-f]{3}([\da-f]{3})?$/i; export const dateRegex = /^\d{4}(-\d{2}){2}/; export const noSpaceRegEx = /^\S+$/; diff --git a/packages/toolkit/core-kit/src/utils/url.test.ts b/packages/toolkit/core-kit/src/utils/url.test.ts index 67ceed20e..4200c736c 100644 --- a/packages/toolkit/core-kit/src/utils/url.test.ts +++ b/packages/toolkit/core-kit/src/utils/url.test.ts @@ -19,6 +19,8 @@ describe('url utilities', () => { expect(validateRedirectUrl('com.company://demo:1234', 'mobile')).toBeTruthy(); expect(validateRedirectUrl('io.logto.SwiftUI-Demo://callback', 'mobile')).toBeTruthy(); expect(validateRedirectUrl('io.logto.SwiftUI+Demo://callback', 'mobile')).toBeTruthy(); + expect(validateRedirectUrl('logto:/my-app/callback', 'mobile')).toBeTruthy(); + expect(validateRedirectUrl('http1://localhost:3001', 'mobile')).toBeTruthy(); }); it('should detect invalid redirect URIs', () => { diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 403ff173b..00f2deede 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -44,7 +44,7 @@ importers: version: 8.8.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.0.2)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.0.2)(yaml@2.4.5) typescript: specifier: ^5.0.0 version: 5.0.2 @@ -266,7 +266,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -333,7 +333,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -391,7 +391,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -449,7 +449,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -513,7 +513,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -577,7 +577,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -638,7 +638,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -705,7 +705,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -763,7 +763,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -821,7 +821,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -879,7 +879,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -937,7 +937,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -998,7 +998,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1068,7 +1068,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1129,7 +1129,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1184,7 +1184,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1242,7 +1242,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1300,7 +1300,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1358,7 +1358,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1419,7 +1419,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1477,7 +1477,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1535,7 +1535,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1593,7 +1593,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1651,7 +1651,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1709,7 +1709,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1767,7 +1767,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1825,7 +1825,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1883,7 +1883,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -1950,7 +1950,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -2020,7 +2020,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -2078,7 +2078,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -2133,7 +2133,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -2197,7 +2197,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -2255,7 +2255,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -2313,7 +2313,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -2377,7 +2377,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -2435,7 +2435,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -2493,7 +2493,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -2548,7 +2548,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -2606,7 +2606,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -2664,7 +2664,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -2722,7 +2722,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -3186,8 +3186,8 @@ importers: specifier: ^1.3.1 version: 1.3.1 oidc-provider: - specifier: ^8.4.6 - version: 8.4.6 + specifier: github:logto-io/node-oidc-provider#de2d8fd68e91b76d71fb910d44142f9eccd844bc + version: https://codeload.github.com/logto-io/node-oidc-provider/tar.gz/de2d8fd68e91b76d71fb910d44142f9eccd844bc openapi-types: specifier: ^12.1.3 version: 12.1.3 @@ -3210,8 +3210,8 @@ importers: specifier: ^1.5.3 version: 1.5.3 raw-body: - specifier: ^2.5.2 - version: 2.5.2 + specifier: ^3.0.0 + version: 3.0.0 redis: specifier: ^4.6.14 version: 4.6.14 @@ -3286,8 +3286,8 @@ importers: specifier: ^1.3.1 version: 1.3.11 '@types/oidc-provider': - specifier: ^8.4.4 - version: 8.4.4 + specifier: ^8.5.2 + version: 8.5.2 '@types/pluralize': specifier: ^0.0.33 version: 0.0.33 @@ -3311,7 +3311,7 @@ importers: version: 8.57.0 jest: specifier: ^29.7.0 - version: 29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)) + version: 29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)) jest-matcher-specific-error: specifier: ^1.0.0 version: 1.0.0 @@ -3341,7 +3341,7 @@ importers: version: 7.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -3510,7 +3510,7 @@ importers: version: 3.0.0 tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) packages/experience: devDependencies: @@ -3985,7 +3985,7 @@ importers: version: 10.0.0 jest: specifier: ^29.7.0 - version: 29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)) + version: 29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)) jest-matcher-specific-error: specifier: ^1.0.0 version: 1.0.0 @@ -4012,7 +4012,7 @@ importers: version: 22.6.5(typescript@5.5.3) tsup: specifier: ^8.3.0 - version: 8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) + version: 8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5) typescript: specifier: ^5.5.3 version: 5.5.3 @@ -5896,10 +5896,9 @@ packages: resolution: {integrity: sha512-x/iUDjcS90W69PryLDIMgFyV21YLTnG9zOpPXS7Bkt2b8AsY3zZsIpOLBkYr9fBcF3HbkKaER5hOBZLfpLgYNw==} engines: {node: '>= 14.0.0'} - '@koa/router@12.0.1': - resolution: {integrity: sha512-ribfPYfHb+Uw3b27Eiw6NPqjhIhTpVFzEWLwyc/1Xp+DCdwRRyIlAUODX+9bPARF6aQtUu1+/PHzdNvRzcs/+Q==} - engines: {node: '>= 12'} - deprecated: Use v12.0.2 or higher to fix the vulnerability issue + '@koa/router@13.1.0': + resolution: {integrity: sha512-mNVu1nvkpSd8Q8gMebGbCkDWJ51ODetrFvLKYusej+V0ByD4btqHYnPIzTBLXnQMVUlm/oxVwqmWBY3zQfZilw==} + engines: {node: '>= 18'} '@levischuck/tiny-cbor@0.2.2': resolution: {integrity: sha512-f5CnPw997Y2GQ8FAvtuVVC19FX8mwNNC+1XJcIi16n/LTJifKO6QBgGLgN3YEmqtGMk17SKSuoWES3imJVxAVw==} @@ -7115,8 +7114,8 @@ packages: '@types/normalize-package-data@2.4.1': resolution: {integrity: sha512-Gj7cI7z+98M282Tqmp2K5EIsoouUEzbBJhQQzDE3jSIRk6r9gsz0oUokqIUR4u1R3dMHo0pDHM7sNOHyhulypw==} - '@types/oidc-provider@8.4.4': - resolution: {integrity: sha512-+SlmKc4qlCJLjpw6Du/8cXw18JsPEYyQwoy+xheLkiuNsCz1mPEYI/lRXLQHvfJD9TH6+2/WDTLZQ2UUJ5G4bw==} + '@types/oidc-provider@8.5.2': + resolution: {integrity: sha512-NiD3VG49+cRCAAe8+uZLM4onOcX8y9+cwaml8JG1qlgc98rWoCRgsnOB4Ypx+ysays5jiwzfUgT0nWyXPB/9uQ==} '@types/parse5@6.0.3': resolution: {integrity: sha512-SuT16Q1K51EAVPz1K29DJ/sXjhSQ0zjvsypYJ6tlwVsRV9jwW5Adq2ch8Dq8kDBCkYnELS7N7VNCSB5nC56t/g==} @@ -8208,7 +8207,7 @@ packages: engines: {node: '>= 0.6'} concat-map@0.0.1: - resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==} + resolution: {integrity: sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=} confusing-browser-globals@1.0.11: resolution: {integrity: sha512-JsPKdmh8ZkmnHxDk55FZ1TqVLvEQTvoByJZRN9jzI0UjxK/QgAmsphz7PGtqgPieQZ/CQcHWXCR7ATDNhGe+YA==} @@ -8843,7 +8842,7 @@ packages: resolution: {integrity: sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==} ee-first@1.1.1: - resolution: {integrity: sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==} + resolution: {integrity: sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=} electron-to-chromium@1.5.0: resolution: {integrity: sha512-Vb3xHHYnLseK8vlMJQKJYXJ++t4u1/qJ3vykuVrVjvdiOEhYyT1AuP4x03G8EnPmYvYOhe9T+dADTmthjRQMkA==} @@ -9231,8 +9230,8 @@ packages: resolution: {integrity: sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==} engines: {node: '>=0.10.0'} - eta@3.4.0: - resolution: {integrity: sha512-tCsc7WXTjrTx4ZjYLplcqrI3o4mYJ+Z6YspeuGL8tbt/hHoMchwBwtKfwM09svEY86iRapY93vUqQttcNuIO5Q==} + eta@3.5.0: + resolution: {integrity: sha512-e3x3FBvGzeCIHhF+zhK8FZA2vC5uFn6b4HJjegUbIWrDb4mJ7JjTGMJY9VGIbRVpmSwHopNiaJibhjIr+HfLug==} engines: {node: '>=6.0.0'} etag@1.8.1: @@ -9907,7 +9906,7 @@ packages: engines: {node: '>=16.17.0'} humanize-number@0.0.2: - resolution: {integrity: sha512-un3ZAcNQGI7RzaWGZzQDH47HETM4Wrj6z6E4TId8Yeq9w5ZKUVB1nrT2jwFheTUjEmqcgTjXDc959jum+ai1kQ==} + resolution: {integrity: sha1-EcCvakcWQ2M1iFiASPF5lUFInBg=} husky@9.0.7: resolution: {integrity: sha512-vWdusw+y12DUEeoZqW1kplOFqk3tedGV8qlga8/SF6a3lOiWLqGZZQvfWvY0fQYdfiRi/u1DFNpudTSV9l1aCg==} @@ -10551,6 +10550,9 @@ packages: jose@5.6.3: resolution: {integrity: sha512-1Jh//hEEwMhNYPDDLwXHa2ePWgWiFNNUadVmguAAw2IJ6sj9mNxV5tGXJNqlMkJAybF6Lgw1mISDxTePP/187g==} + jose@5.9.6: + resolution: {integrity: sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==} + joycon@3.1.1: resolution: {integrity: sha512-34wB/Y7MW7bzjKRjUKTa46I2Z7eV62Rkhva+KkopW7Qvv/OSWBqvkSY7vusOPrNuZcUG3tApvdVgNB8POj3SPw==} engines: {node: '>=10'} @@ -11159,7 +11161,7 @@ packages: resolution: {integrity: sha512-GaqWWShW4kv/G9IEucWScBx9G1/vsFZZJUO+tD26M8J8z3Kw5RDQjaoZe03YAClgeS/SWPOcb4nkFBTEi5DUEA==} media-typer@0.3.0: - resolution: {integrity: sha512-dq+qelQ9akHpcOl/gUVRTxVIOkAJ1wR3QAvb4RsVjS8oVoFjDGTc679wJYmUmknUF5HwMLOgb5O+a3KxfWapPQ==} + resolution: {integrity: sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=} engines: {node: '>= 0.6'} meow@10.1.5: @@ -11532,6 +11534,11 @@ packages: engines: {node: ^18 || >=20} hasBin: true + nanoid@5.0.9: + resolution: {integrity: sha512-Aooyr6MXU6HpvvWXKoVoXwKMs/KyVakWwg7xQfv5/S/RIgJMy0Ifa45H9qqYy7pTCszrHzP21Uk4PZq2HpEM8Q==} + engines: {node: ^18 || >=20} + hasBin: true + natural-compare@1.4.0: resolution: {integrity: sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==} @@ -11686,8 +11693,9 @@ packages: obuf@1.1.2: resolution: {integrity: sha512-PX1wu0AmAdPqOL1mWhqmlOd8kOIZQwGZw6rh7uby9fTc5lhaOWFLX3I6R1hrF9k3zUY40e6igsLGkDXK92LJNg==} - oidc-provider@8.4.6: - resolution: {integrity: sha512-liuHBXRaIjer6nPGWagrl5UjPhIZqahqLVPoYlc2WXsRR7XddwNCBUl1ks5r3Q3uCUfMdQTv1VsjmlaObdff8w==} + oidc-provider@https://codeload.github.com/logto-io/node-oidc-provider/tar.gz/de2d8fd68e91b76d71fb910d44142f9eccd844bc: + resolution: {tarball: https://codeload.github.com/logto-io/node-oidc-provider/tar.gz/de2d8fd68e91b76d71fb910d44142f9eccd844bc} + version: 8.6.0 oidc-token-hash@5.0.3: resolution: {integrity: sha512-IF4PcGgzAr6XXSff26Sk/+P4KZFJVuHAJZj3wgO3vX2bMdNVp/QXTP3P7CEm9V1IdG8lDLY3HhiqpsE/nOwpPw==} @@ -11892,7 +11900,7 @@ packages: engines: {node: '>= 0.8'} passthrough-counter@1.0.0: - resolution: {integrity: sha512-Wy8PXTLqPAN0oEgBrlnsXPMww3SYJ44tQ8aVrGAI4h4JZYCS0oYqsPqtPR8OhJpv6qFbpbB7XAn0liKV7EXubA==} + resolution: {integrity: sha1-GWfZ5m2lcrXAI8eH2xEqOHqxZvo=} path-exists@4.0.0: resolution: {integrity: sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==} @@ -11930,6 +11938,9 @@ packages: path-to-regexp@6.2.1: resolution: {integrity: sha512-JLyh7xT1kizaEvcaXOQwOc2/Yhw6KZOvPf1S8401UyLk86CU79LN3vl7ztXGm/pZ+YjoyAJ4rxmHwbkBXJX+yw==} + path-to-regexp@6.3.0: + resolution: {integrity: sha512-Yhpw4T9C6hPpgPeA28us07OJeqZ5EzQTkbfwuhsUg0c237RomFoETJgmp2sa3F/41gfLE6G5cqcYwznmeEeOlQ==} + path-to-regexp@8.2.0: resolution: {integrity: sha512-TdrF7fW9Rphjq4RjrW0Kp2AW0Ahwu9sRGTkS6bvDi0SCwZlEZYmcfDbEsTz8RVk0EHIS/Vd1bv3JhG+1xZuAyQ==} engines: {node: '>=16'} @@ -12382,6 +12393,10 @@ packages: resolution: {integrity: sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==} engines: {node: '>= 0.8'} + raw-body@3.0.0: + resolution: {integrity: sha512-RmkhL8CAyCRPXCE28MMH0z2PNWQBNk2Q09ZdxM9IOOXwxwZbN+qbWaatPkdkWIKL2ZVDImrN/pK5HTRz2PcS4g==} + engines: {node: '>= 0.8'} + react-animate-height@3.0.4: resolution: {integrity: sha512-k+mBS8yCzpFp+7BdrHsL5bXd6CO/2bYO2SvRGKfxK+Ss3nzplAJLlgnd6Zhcxe/avdpy/CgcziicFj7pIHgG5g==} engines: {node: '>= 12.0.0'} @@ -14916,7 +14931,7 @@ snapshots: '@babel/traverse': 7.24.8 '@babel/types': 7.24.9 convert-source-map: 2.0.0 - debug: 4.3.5 + debug: 4.3.7(supports-color@5.5.0) gensync: 1.0.0-beta.2 json5: 2.2.3 semver: 6.3.1 @@ -15877,7 +15892,7 @@ snapshots: jest-util: 29.7.0 slash: 3.0.0 - '@jest/core@29.7.0(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.12.7)(typescript@5.5.3))': + '@jest/core@29.7.0(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3))': dependencies: '@jest/console': 29.7.0 '@jest/reporters': 29.7.0 @@ -15891,7 +15906,7 @@ snapshots: exit: 0.1.2 graceful-fs: 4.2.11 jest-changed-files: 29.7.0 - jest-config: 29.7.0(@types/node@20.12.7)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.12.7)(typescript@5.5.3)) + jest-config: 29.7.0(@types/node@20.12.7)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)) jest-haste-map: 29.7.0 jest-message-util: 29.7.0 jest-regex-util: 29.6.3 @@ -15912,7 +15927,7 @@ snapshots: - supports-color - ts-node - '@jest/core@29.7.0(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3))': + '@jest/core@29.7.0(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.12.7)(typescript@5.5.3))': dependencies: '@jest/console': 29.7.0 '@jest/reporters': 29.7.0 @@ -15926,7 +15941,7 @@ snapshots: exit: 0.1.2 graceful-fs: 4.2.11 jest-changed-files: 29.7.0 - jest-config: 29.7.0(@types/node@20.12.7)(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)) + jest-config: 29.7.0(@types/node@20.12.7)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.12.7)(typescript@5.5.3)) jest-haste-map: 29.7.0 jest-message-util: 29.7.0 jest-regex-util: 29.6.3 @@ -16152,15 +16167,11 @@ snapshots: dependencies: vary: 1.1.2 - '@koa/router@12.0.1': + '@koa/router@13.1.0': dependencies: - debug: 4.3.5 http-errors: 2.0.0 koa-compose: 4.1.0 - methods: 1.1.2 - path-to-regexp: 6.2.1 - transitivePeerDependencies: - - supports-color + path-to-regexp: 6.3.0 '@levischuck/tiny-cbor@0.2.2': {} @@ -16212,7 +16223,7 @@ snapshots: '@logto/js': 4.1.4 '@silverhand/essentials': 2.9.2 camelcase-keys: 7.0.2 - jose: 5.6.3 + jose: 5.9.6 '@logto/cloud@0.2.5-5e334eb(zod@3.23.8)': dependencies: @@ -17674,7 +17685,7 @@ snapshots: '@types/normalize-package-data@2.4.1': {} - '@types/oidc-provider@8.4.4': + '@types/oidc-provider@8.5.2': dependencies: '@types/koa': 2.15.0 '@types/node': 20.12.7 @@ -17880,7 +17891,7 @@ snapshots: dependencies: '@typescript-eslint/typescript-estree': 7.7.0(typescript@5.5.3) '@typescript-eslint/utils': 7.7.0(eslint@8.57.0)(typescript@5.5.3) - debug: 4.3.5 + debug: 4.3.7(supports-color@5.5.0) eslint: 8.57.0 ts-api-utils: 1.3.0(typescript@5.5.3) optionalDependencies: @@ -17894,7 +17905,7 @@ snapshots: dependencies: '@typescript-eslint/types': 7.7.0 '@typescript-eslint/visitor-keys': 7.7.0 - debug: 4.3.5 + debug: 4.3.7(supports-color@5.5.0) globby: 11.1.0 is-glob: 4.0.3 minimatch: 9.0.4 @@ -19318,13 +19329,13 @@ snapshots: dependencies: lodash.get: 4.4.2 - create-jest@29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)): + create-jest@29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)): dependencies: '@jest/types': 29.6.3 chalk: 4.1.2 exit: 0.1.2 graceful-fs: 4.2.11 - jest-config: 29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)) + jest-config: 29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)) jest-util: 29.7.0 prompts: 2.4.2 transitivePeerDependencies: @@ -20472,7 +20483,7 @@ snapshots: esutils@2.0.3: {} - eta@3.4.0: {} + eta@3.5.0: {} etag@1.8.1: {} @@ -21738,16 +21749,16 @@ snapshots: - babel-plugin-macros - supports-color - jest-cli@29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)): + jest-cli@29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)): dependencies: - '@jest/core': 29.7.0(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)) + '@jest/core': 29.7.0(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)) '@jest/test-result': 29.7.0 '@jest/types': 29.6.3 chalk: 4.1.2 - create-jest: 29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)) + create-jest: 29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)) exit: 0.1.2 import-local: 3.1.0 - jest-config: 29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)) + jest-config: 29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)) jest-util: 29.7.0 jest-validate: 29.7.0 yargs: 17.7.2 @@ -21776,7 +21787,7 @@ snapshots: - supports-color - ts-node - jest-config@29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)): + jest-config@29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)): dependencies: '@babel/core': 7.24.4 '@jest/test-sequencer': 29.7.0 @@ -21802,7 +21813,38 @@ snapshots: strip-json-comments: 3.1.1 optionalDependencies: '@types/node': 20.10.4 - ts-node: 10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3) + ts-node: 10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3) + transitivePeerDependencies: + - babel-plugin-macros + - supports-color + + jest-config@29.7.0(@types/node@20.12.7)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)): + dependencies: + '@babel/core': 7.24.4 + '@jest/test-sequencer': 29.7.0 + '@jest/types': 29.6.3 + babel-jest: 29.7.0(@babel/core@7.24.4) + chalk: 4.1.2 + ci-info: 3.8.0 + deepmerge: 4.3.1 + glob: 7.2.3 + graceful-fs: 4.2.11 + jest-circus: 29.7.0 + jest-environment-node: 29.7.0 + jest-get-type: 29.6.3 + jest-regex-util: 29.6.3 + jest-resolve: 29.7.0 + jest-runner: 29.7.0 + jest-util: 29.7.0 + jest-validate: 29.7.0 + micromatch: 4.0.5 + parse-json: 5.2.0 + pretty-format: 29.7.0 + slash: 3.0.0 + strip-json-comments: 3.1.1 + optionalDependencies: + '@types/node': 20.12.7 + ts-node: 10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3) transitivePeerDependencies: - babel-plugin-macros - supports-color @@ -21838,37 +21880,6 @@ snapshots: - babel-plugin-macros - supports-color - jest-config@29.7.0(@types/node@20.12.7)(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)): - dependencies: - '@babel/core': 7.24.4 - '@jest/test-sequencer': 29.7.0 - '@jest/types': 29.6.3 - babel-jest: 29.7.0(@babel/core@7.24.4) - chalk: 4.1.2 - ci-info: 3.8.0 - deepmerge: 4.3.1 - glob: 7.2.3 - graceful-fs: 4.2.11 - jest-circus: 29.7.0 - jest-environment-node: 29.7.0 - jest-get-type: 29.6.3 - jest-regex-util: 29.6.3 - jest-resolve: 29.7.0 - jest-runner: 29.7.0 - jest-util: 29.7.0 - jest-validate: 29.7.0 - micromatch: 4.0.5 - parse-json: 5.2.0 - pretty-format: 29.7.0 - slash: 3.0.0 - strip-json-comments: 3.1.1 - optionalDependencies: - '@types/node': 20.12.7 - ts-node: 10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3) - transitivePeerDependencies: - - babel-plugin-macros - - supports-color - jest-dev-server@10.1.1: dependencies: chalk: 4.1.2 @@ -22177,12 +22188,12 @@ snapshots: merge-stream: 2.0.0 supports-color: 8.1.1 - jest@29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)): + jest@29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)): dependencies: - '@jest/core': 29.7.0(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)) + '@jest/core': 29.7.0(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)) '@jest/types': 29.6.3 import-local: 3.1.0 - jest-cli: 29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3)) + jest-cli: 29.7.0(@types/node@20.10.4)(ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3)) transitivePeerDependencies: - '@types/node' - babel-plugin-macros @@ -22213,6 +22224,8 @@ snapshots: jose@5.6.3: {} + jose@5.9.6: {} + joycon@3.1.1: {} js-base64@3.7.5: {} @@ -23615,6 +23628,8 @@ snapshots: nanoid@5.0.7: {} + nanoid@5.0.9: {} + natural-compare@1.4.0: {} negotiator@0.6.2: {} @@ -23789,21 +23804,21 @@ snapshots: obuf@1.1.2: {} - oidc-provider@8.4.6: + oidc-provider@https://codeload.github.com/logto-io/node-oidc-provider/tar.gz/de2d8fd68e91b76d71fb910d44142f9eccd844bc: dependencies: '@koa/cors': 5.0.0 - '@koa/router': 12.0.1 - debug: 4.3.4 - eta: 3.4.0 + '@koa/router': 13.1.0 + debug: 4.3.7(supports-color@5.5.0) + eta: 3.5.0 got: 13.0.0 - jose: 5.6.3 + jose: 5.9.6 jsesc: 3.0.2 koa: 2.15.3 - nanoid: 5.0.7 + nanoid: 5.0.9 object-hash: 3.0.0 oidc-token-hash: 5.0.3 quick-lru: 7.0.0 - raw-body: 2.5.2 + raw-body: 3.0.0 transitivePeerDependencies: - supports-color @@ -24064,6 +24079,8 @@ snapshots: path-to-regexp@6.2.1: {} + path-to-regexp@6.3.0: {} + path-to-regexp@8.2.0: {} path-type@4.0.0: {} @@ -24523,6 +24540,13 @@ snapshots: iconv-lite: 0.4.24 unpipe: 1.0.0 + raw-body@3.0.0: + dependencies: + bytes: 3.1.2 + http-errors: 2.0.0 + iconv-lite: 0.6.3 + unpipe: 1.0.0 + react-animate-height@3.0.4(react-dom@18.3.1(react@18.3.1))(react@18.3.1): dependencies: classnames: 2.3.1 @@ -25832,14 +25856,14 @@ snapshots: ts-interface-checker@0.1.13: {} - ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.12.7)(typescript@5.5.3): + ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.10.4)(typescript@5.5.3): dependencies: '@cspotcode/source-map-support': 0.8.1 '@tsconfig/node10': 1.0.11 '@tsconfig/node12': 1.0.11 '@tsconfig/node14': 1.0.3 '@tsconfig/node16': 1.0.4 - '@types/node': 20.12.7 + '@types/node': 20.10.4 acorn: 8.13.0 acorn-walk: 8.3.4 arg: 4.1.3 @@ -25853,14 +25877,14 @@ snapshots: '@swc/core': 1.3.52(@swc/helpers@0.5.1) optional: true - ts-node@10.9.2(@swc/core@1.3.52)(@types/node@20.10.4)(typescript@5.5.3): + ts-node@10.9.2(@swc/core@1.3.52(@swc/helpers@0.5.1))(@types/node@20.12.7)(typescript@5.5.3): dependencies: '@cspotcode/source-map-support': 0.8.1 '@tsconfig/node10': 1.0.11 '@tsconfig/node12': 1.0.11 '@tsconfig/node14': 1.0.3 '@tsconfig/node16': 1.0.4 - '@types/node': 20.10.4 + '@types/node': 20.12.7 acorn: 8.13.0 acorn-walk: 8.3.4 arg: 4.1.3 @@ -25897,7 +25921,7 @@ snapshots: tsscmp@1.0.6: {} - tsup@8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.0.2)(yaml@2.4.5): + tsup@8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.0.2)(yaml@2.4.5): dependencies: bundle-require: 5.0.0(esbuild@0.23.1) cac: 6.7.14 @@ -25925,7 +25949,7 @@ snapshots: - tsx - yaml - tsup@8.3.0(@swc/core@1.3.52)(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5): + tsup@8.3.0(@swc/core@1.3.52(@swc/helpers@0.5.1))(jiti@1.21.0)(postcss@8.4.39)(typescript@5.5.3)(yaml@2.4.5): dependencies: bundle-require: 5.0.0(esbuild@0.23.1) cac: 6.7.14