diff --git a/Cargo.lock b/Cargo.lock index 67b30b27e..73d8e6459 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -85,9 +85,9 @@ dependencies = [ [[package]] name = "aide" -version = "0.14.2" +version = "0.15.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a2477554ebf38aea815a9c4729100cfc32f766876c45b9c9c38ef221b9d1a703" +checksum = "6966317188cdfe54c58c0900a195d021294afb3ece9b7073d09e4018dbb1e3a2" dependencies = [ "aide-macros", "axum", @@ -96,7 +96,7 @@ dependencies = [ "cfg-if", "http", "indexmap 2.11.4", - "schemars 0.8.22", + "schemars 0.9.0", "serde", "serde_json", "serde_qs", @@ -108,11 +108,12 @@ dependencies = [ [[package]] name = "aide-macros" -version = "0.8.0" +version = "0.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "be8e0d4af7cc08353807aaf80722125a229bf2d67be7fe0b89163c648db3d223" +checksum = "9f2a08f14808f3c46f3e3004b727bace64af44c3c5996d0480a14d3852b1b25a" dependencies = [ "darling", + "proc-macro2", "quote", "syn", ] @@ -2799,7 +2800,6 @@ version = "0.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bf466541e9d546596ee94f9f69590f89473455f88372423e0008fc1a7daf100e" dependencies = [ - "schemars 0.8.22", "serde", ] @@ -3096,7 +3096,7 @@ dependencies = [ [[package]] name = "mas-axum-utils" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "anyhow", "axum", @@ -3130,7 +3130,7 @@ dependencies = [ [[package]] name = "mas-cli" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "anyhow", "axum", @@ -3203,7 +3203,7 @@ dependencies = [ [[package]] name = "mas-config" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "anyhow", "camino", @@ -3223,7 +3223,7 @@ dependencies = [ "rand_chacha 0.3.1", "rustls-pemfile", "rustls-pki-types", - "schemars 0.8.22", + "schemars 0.9.0", "serde", "serde_json", "serde_with", @@ -3235,7 +3235,7 @@ dependencies = [ [[package]] name = "mas-context" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "console", "opentelemetry", @@ -3251,7 +3251,7 @@ dependencies = [ [[package]] name = "mas-data-model" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "base64ct", "chrono", @@ -3274,7 +3274,7 @@ dependencies = [ [[package]] name = "mas-email" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "async-trait", "lettre", @@ -3285,7 +3285,7 @@ dependencies = [ [[package]] name = "mas-handlers" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "aide", "anyhow", @@ -3341,7 +3341,7 @@ dependencies = [ "rand_chacha 0.3.1", "reqwest", "rustls", - "schemars 0.8.22", + "schemars 0.9.0", "sentry", "serde", "serde_json", @@ -3365,7 +3365,7 @@ dependencies = [ [[package]] name = "mas-http" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "futures-util", "headers", @@ -3386,7 +3386,7 @@ dependencies = [ [[package]] name = "mas-i18n" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "camino", "icu_calendar", @@ -3408,7 +3408,7 @@ dependencies = [ [[package]] name = "mas-i18n-scan" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "camino", "clap", @@ -3422,15 +3422,15 @@ dependencies = [ [[package]] name = "mas-iana" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ - "schemars 0.8.22", + "schemars 0.9.0", "serde", ] [[package]] name = "mas-iana-codegen" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "anyhow", "async-trait", @@ -3438,6 +3438,7 @@ dependencies = [ "convert_case", "csv", "reqwest", + "rustls", "serde", "tokio", "tracing", @@ -3446,7 +3447,7 @@ dependencies = [ [[package]] name = "mas-jose" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "base64ct", "chrono", @@ -3463,7 +3464,7 @@ dependencies = [ "rand 0.8.5", "rand_chacha 0.3.1", "rsa", - "schemars 0.8.22", + "schemars 0.9.0", "sec1", "serde", "serde_json", @@ -3476,7 +3477,7 @@ dependencies = [ [[package]] name = "mas-keystore" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "aead", "base64ct", @@ -3504,7 +3505,7 @@ dependencies = [ [[package]] name = "mas-listener" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "anyhow", "bytes", @@ -3529,7 +3530,7 @@ dependencies = [ [[package]] name = "mas-matrix" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "anyhow", "async-trait", @@ -3539,7 +3540,7 @@ dependencies = [ [[package]] name = "mas-matrix-synapse" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "anyhow", "async-trait", @@ -3556,7 +3557,7 @@ dependencies = [ [[package]] name = "mas-oidc-client" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "assert_matches", "async-trait", @@ -3592,14 +3593,14 @@ dependencies = [ [[package]] name = "mas-policy" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "anyhow", "arc-swap", "mas-data-model", "oauth2-types", "opa-wasm", - "schemars 0.8.22", + "schemars 0.9.0", "serde", "serde_json", "thiserror 2.0.17", @@ -3609,7 +3610,7 @@ dependencies = [ [[package]] name = "mas-router" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "axum", "serde", @@ -3620,7 +3621,7 @@ dependencies = [ [[package]] name = "mas-spa" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "camino", "serde", @@ -3629,7 +3630,7 @@ dependencies = [ [[package]] name = "mas-storage" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "async-trait", "chrono", @@ -3651,7 +3652,7 @@ dependencies = [ [[package]] name = "mas-storage-pg" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "async-trait", "chrono", @@ -3679,7 +3680,7 @@ dependencies = [ [[package]] name = "mas-tasks" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "anyhow", "async-trait", @@ -3711,7 +3712,7 @@ dependencies = [ [[package]] name = "mas-templates" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "anyhow", "arc-swap", @@ -3741,7 +3742,7 @@ dependencies = [ [[package]] name = "mas-tower" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "http", "opentelemetry", @@ -4011,7 +4012,7 @@ dependencies = [ [[package]] name = "oauth2-types" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "assert_matches", "base64ct", @@ -5227,14 +5228,14 @@ dependencies = [ [[package]] name = "schemars" -version = "0.8.22" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3fbf2ae1b8bc8e02df939598064d22402220cd5bbcca1c76f7d6a310974d5615" +checksum = "4cd191f9397d57d581cddd31014772520aa448f65ef991055d7f61582c65165f" dependencies = [ "chrono", "dyn-clone", - "indexmap 1.9.3", "indexmap 2.11.4", + "ref-cast", "schemars_derive", "serde", "serde_json", @@ -5243,21 +5244,9 @@ dependencies = [ [[package]] name = "schemars" -version = "0.9.0" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4cd191f9397d57d581cddd31014772520aa448f65ef991055d7f61582c65165f" -dependencies = [ - "dyn-clone", - "ref-cast", - "serde", - "serde_json", -] - -[[package]] -name = "schemars" -version = "1.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "82d20c4491bc164fa2f6c5d44565947a52ad80b9505d8e36f8d54c27c739fcd0" +checksum = "9558e172d4e8533736ba97870c4b2cd63f84b382a3d6eb063da41b91cce17289" dependencies = [ "dyn-clone", "ref-cast", @@ -5267,9 +5256,9 @@ dependencies = [ [[package]] name = "schemars_derive" -version = "0.8.22" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32e265784ad618884abaea0600a9adf15393368d840e0222d101a072f3f7534d" +checksum = "5016d94c77c6d32f0b8e08b781f7dc8a90c2007d4e77472cc2807bc10a8438fe" dependencies = [ "proc-macro2", "quote", @@ -5625,7 +5614,7 @@ dependencies = [ "indexmap 1.9.3", "indexmap 2.11.4", "schemars 0.9.0", - "schemars 1.0.4", + "schemars 1.1.0", "serde", "serde_derive", "serde_json", @@ -6094,7 +6083,7 @@ dependencies = [ [[package]] name = "syn2mas" -version = "1.6.0-rc.0" +version = "1.6.0" dependencies = [ "anyhow", "arc-swap", diff --git a/Cargo.toml b/Cargo.toml index 774e33ce7..816a4f13c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -9,7 +9,7 @@ members = ["crates/*"] resolver = "2" # Updated in the CI with a `sed` command -package.version = "1.6.0-rc.0" +package.version = "1.6.0" package.license = "AGPL-3.0-only OR LicenseRef-Element-Commercial" package.authors = ["Element Backend Team"] package.edition = "2024" @@ -34,39 +34,39 @@ broken_intra_doc_links = "deny" [workspace.dependencies] # Workspace crates -mas-axum-utils = { path = "./crates/axum-utils/", version = "=1.6.0-rc.0" } -mas-cli = { path = "./crates/cli/", version = "=1.6.0-rc.0" } -mas-config = { path = "./crates/config/", version = "=1.6.0-rc.0" } -mas-context = { path = "./crates/context/", version = "=1.6.0-rc.0" } -mas-data-model = { path = "./crates/data-model/", version = "=1.6.0-rc.0" } -mas-email = { path = "./crates/email/", version = "=1.6.0-rc.0" } -mas-graphql = { path = "./crates/graphql/", version = "=1.6.0-rc.0" } -mas-handlers = { path = "./crates/handlers/", version = "=1.6.0-rc.0" } -mas-http = { path = "./crates/http/", version = "=1.6.0-rc.0" } -mas-i18n = { path = "./crates/i18n/", version = "=1.6.0-rc.0" } -mas-i18n-scan = { path = "./crates/i18n-scan/", version = "=1.6.0-rc.0" } -mas-iana = { path = "./crates/iana/", version = "=1.6.0-rc.0" } -mas-iana-codegen = { path = "./crates/iana-codegen/", version = "=1.6.0-rc.0" } -mas-jose = { path = "./crates/jose/", version = "=1.6.0-rc.0" } -mas-keystore = { path = "./crates/keystore/", version = "=1.6.0-rc.0" } -mas-listener = { path = "./crates/listener/", version = "=1.6.0-rc.0" } -mas-matrix = { path = "./crates/matrix/", version = "=1.6.0-rc.0" } -mas-matrix-synapse = { path = "./crates/matrix-synapse/", version = "=1.6.0-rc.0" } -mas-oidc-client = { path = "./crates/oidc-client/", version = "=1.6.0-rc.0" } -mas-policy = { path = "./crates/policy/", version = "=1.6.0-rc.0" } -mas-router = { path = "./crates/router/", version = "=1.6.0-rc.0" } -mas-spa = { path = "./crates/spa/", version = "=1.6.0-rc.0" } -mas-storage = { path = "./crates/storage/", version = "=1.6.0-rc.0" } -mas-storage-pg = { path = "./crates/storage-pg/", version = "=1.6.0-rc.0" } -mas-tasks = { path = "./crates/tasks/", version = "=1.6.0-rc.0" } -mas-templates = { path = "./crates/templates/", version = "=1.6.0-rc.0" } -mas-tower = { path = "./crates/tower/", version = "=1.6.0-rc.0" } -oauth2-types = { path = "./crates/oauth2-types/", version = "=1.6.0-rc.0" } -syn2mas = { path = "./crates/syn2mas", version = "=1.6.0-rc.0" } +mas-axum-utils = { path = "./crates/axum-utils/", version = "=1.6.0" } +mas-cli = { path = "./crates/cli/", version = "=1.6.0" } +mas-config = { path = "./crates/config/", version = "=1.6.0" } +mas-context = { path = "./crates/context/", version = "=1.6.0" } +mas-data-model = { path = "./crates/data-model/", version = "=1.6.0" } +mas-email = { path = "./crates/email/", version = "=1.6.0" } +mas-graphql = { path = "./crates/graphql/", version = "=1.6.0" } +mas-handlers = { path = "./crates/handlers/", version = "=1.6.0" } +mas-http = { path = "./crates/http/", version = "=1.6.0" } +mas-i18n = { path = "./crates/i18n/", version = "=1.6.0" } +mas-i18n-scan = { path = "./crates/i18n-scan/", version = "=1.6.0" } +mas-iana = { path = "./crates/iana/", version = "=1.6.0" } +mas-iana-codegen = { path = "./crates/iana-codegen/", version = "=1.6.0" } +mas-jose = { path = "./crates/jose/", version = "=1.6.0" } +mas-keystore = { path = "./crates/keystore/", version = "=1.6.0" } +mas-listener = { path = "./crates/listener/", version = "=1.6.0" } +mas-matrix = { path = "./crates/matrix/", version = "=1.6.0" } +mas-matrix-synapse = { path = "./crates/matrix-synapse/", version = "=1.6.0" } +mas-oidc-client = { path = "./crates/oidc-client/", version = "=1.6.0" } +mas-policy = { path = "./crates/policy/", version = "=1.6.0" } +mas-router = { path = "./crates/router/", version = "=1.6.0" } +mas-spa = { path = "./crates/spa/", version = "=1.6.0" } +mas-storage = { path = "./crates/storage/", version = "=1.6.0" } +mas-storage-pg = { path = "./crates/storage-pg/", version = "=1.6.0" } +mas-tasks = { path = "./crates/tasks/", version = "=1.6.0" } +mas-templates = { path = "./crates/templates/", version = "=1.6.0" } +mas-tower = { path = "./crates/tower/", version = "=1.6.0" } +oauth2-types = { path = "./crates/oauth2-types/", version = "=1.6.0" } +syn2mas = { path = "./crates/syn2mas", version = "=1.6.0" } # OpenAPI schema generation and validation [workspace.dependencies.aide] -version = "0.14.2" +version = "0.15.1" features = ["axum", "axum-extra", "axum-extra-query", "axum-json", "macros"] # An `Arc` that can be atomically updated @@ -336,7 +336,7 @@ features = ["yaml", "json"] # IP network address types [workspace.dependencies.ipnetwork] version = "0.20.0" -features = ["serde", "schemars"] +features = ["serde"] # Iterator utilities [workspace.dependencies.itertools] @@ -541,8 +541,8 @@ version = "0.4.5" # JSON Schema generation [workspace.dependencies.schemars] -version = "0.8.22" -features = ["url", "chrono", "preserve_order"] +version = "0.9.0" +features = ["url2", "chrono04", "preserve_order"] # SEC1 encoding format [workspace.dependencies.sec1] diff --git a/crates/cli/src/server.rs b/crates/cli/src/server.rs index 4279e7e4a..58d3672e0 100644 --- a/crates/cli/src/server.rs +++ b/crates/cli/src/server.rs @@ -136,18 +136,23 @@ fn make_http_span(req: &Request) -> Span { span.record(USER_AGENT_ORIGINAL, user_agent); } - // Extract the parent span context from the request headers - let parent_context = opentelemetry::global::get_text_map_propagator(|propagator| { - let extractor = HeaderExtractor(req.headers()); - let context = opentelemetry::Context::new(); - propagator.extract_with_context(&context, &extractor) - }); + // In case the span is disabled by any of tracing layers, e.g. if `RUST_LOG` + // is set to `warn`, `set_parent` will fail. So we only try to set the + // parent context if the span is not disabled. + if !span.is_disabled() { + // Extract the parent span context from the request headers + let parent_context = opentelemetry::global::get_text_map_propagator(|propagator| { + let extractor = HeaderExtractor(req.headers()); + let context = opentelemetry::Context::new(); + propagator.extract_with_context(&context, &extractor) + }); - if let Err(err) = span.set_parent(parent_context) { - tracing::error!( - error = &err as &dyn std::error::Error, - "Failed to set parent context on span" - ); + if let Err(err) = span.set_parent(parent_context) { + tracing::error!( + error = &err as &dyn std::error::Error, + "Failed to set parent context on span" + ); + } } span diff --git a/crates/config/src/bin/schema.rs b/crates/config/src/bin/schema.rs index 83a28c8c9..db5ac230f 100644 --- a/crates/config/src/bin/schema.rs +++ b/crates/config/src/bin/schema.rs @@ -4,14 +4,10 @@ // SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial // Please see LICENSE files in the repository root for full details. -use schemars::r#gen::SchemaSettings; +use schemars::generate::SchemaSettings; fn main() { - let settings = SchemaSettings::draft07().with(|s| { - s.option_nullable = false; - s.option_add_null_type = false; - }); - let generator = settings.into_generator(); + let generator = SchemaSettings::draft07().into_generator(); let schema = generator.into_root_schema_for::(); serde_json::to_writer_pretty(std::io::stdout(), &schema).expect("Failed to serialize schema"); diff --git a/crates/config/src/schema.rs b/crates/config/src/schema.rs index a3c732419..7c1761e30 100644 --- a/crates/config/src/schema.rs +++ b/crates/config/src/schema.rs @@ -6,29 +6,22 @@ //! Useful JSON Schema definitions -use schemars::{ - JsonSchema, - r#gen::SchemaGenerator, - schema::{InstanceType, Schema, SchemaObject}, -}; +use std::borrow::Cow; + +use schemars::{JsonSchema, Schema, SchemaGenerator, json_schema}; /// A network hostname pub struct Hostname; impl JsonSchema for Hostname { - fn schema_name() -> String { - "Hostname".to_string() + fn schema_name() -> Cow<'static, str> { + Cow::Borrowed("Hostname") } - fn json_schema(generator: &mut SchemaGenerator) -> Schema { - hostname(generator) + fn json_schema(_generator: &mut SchemaGenerator) -> Schema { + json_schema!({ + "type": "string", + "format": "hostname", + }) } } - -fn hostname(_gen: &mut SchemaGenerator) -> Schema { - Schema::Object(SchemaObject { - instance_type: Some(InstanceType::String.into()), - format: Some("hostname".to_owned()), - ..SchemaObject::default() - }) -} diff --git a/crates/config/src/sections/http.rs b/crates/config/src/sections/http.rs index c75d47fd3..c01b8eb0d 100644 --- a/crates/config/src/sections/http.rs +++ b/crates/config/src/sections/http.rs @@ -23,19 +23,6 @@ fn default_public_base() -> Url { "http://[::]:8080".parse().unwrap() } -fn http_address_example_1() -> &'static str { - "[::1]:8080" -} -fn http_address_example_2() -> &'static str { - "[::]:8080" -} -fn http_address_example_3() -> &'static str { - "127.0.0.1:8080" -} -fn http_address_example_4() -> &'static str { - "0.0.0.0:8080" -} - #[cfg(not(any(feature = "docker", feature = "dist")))] fn http_listener_assets_path_default() -> Utf8PathBuf { "./frontend/dist/".into() @@ -111,10 +98,10 @@ pub enum BindConfig { Address { /// Host and port on which to listen #[schemars( - example = "http_address_example_1", - example = "http_address_example_2", - example = "http_address_example_3", - example = "http_address_example_4" + example = &"[::1]:8080", + example = &"[::]:8080", + example = &"127.0.0.1:8080", + example = &"0.0.0.0:8080", )] address: String, }, @@ -354,6 +341,7 @@ pub struct HttpConfig { /// List of trusted reverse proxies that can set the `X-Forwarded-For` /// header #[serde(default = "default_trusted_proxies")] + #[schemars(with = "Vec", inner(ip))] pub trusted_proxies: Vec, /// Public URL base from where the authentication service is reachable diff --git a/crates/config/src/sections/secrets.rs b/crates/config/src/sections/secrets.rs index ea2463167..003f932ec 100644 --- a/crates/config/src/sections/secrets.rs +++ b/crates/config/src/sections/secrets.rs @@ -20,10 +20,6 @@ use tracing::info; use super::ConfigurationSection; -fn example_secret() -> &'static str { - "0000111122223333444455556666777788889999aaaabbbbccccddddeeeeffff" -} - /// Password config option. /// /// It either holds the password value directly or references a file where the @@ -209,7 +205,7 @@ struct EncryptionRaw { #[schemars( with = "Option", regex(pattern = r"[0-9a-fA-F]{64}"), - example = "example_secret" + example = &"0000111122223333444455556666777788889999aaaabbbbccccddddeeeeffff" )] #[serde_as(as = "Option")] #[serde(skip_serializing_if = "Option::is_none")] diff --git a/crates/config/src/sections/telemetry.rs b/crates/config/src/sections/telemetry.rs index 44e75a354..9d9308fd9 100644 --- a/crates/config/src/sections/telemetry.rs +++ b/crates/config/src/sections/telemetry.rs @@ -11,10 +11,6 @@ use url::Url; use super::ConfigurationSection; -fn sample_rate_example() -> f64 { - 0.5 -} - /// Propagation format for incoming and outgoing requests #[derive(Clone, Copy, Debug, Serialize, Deserialize, PartialEq, Eq, JsonSchema)] #[serde(rename_all = "lowercase")] @@ -70,7 +66,7 @@ pub struct TracingConfig { /// /// Defaults to `1.0` if not set. #[serde(skip_serializing_if = "Option::is_none")] - #[schemars(example = "sample_rate_example", range(min = 0.0, max = 1.0))] + #[schemars(example = 0.5, range(min = 0.0, max = 1.0))] pub sample_rate: Option, } @@ -123,26 +119,18 @@ impl MetricsConfig { } } -fn sentry_dsn_example() -> &'static str { - "https://public@host:port/1" -} - -fn sentry_environment_example() -> &'static str { - "production" -} - /// Configuration related to the Sentry integration #[derive(Clone, Debug, Default, Serialize, Deserialize, JsonSchema)] pub struct SentryConfig { /// Sentry DSN - #[schemars(url, example = "sentry_dsn_example")] + #[schemars(url, example = &"https://public@host:port/1")] #[serde(skip_serializing_if = "Option::is_none")] pub dsn: Option, /// Environment to use when sending events to Sentry /// /// Defaults to `production` if not set. - #[schemars(example = "sentry_environment_example")] + #[schemars(example = &"production")] #[serde(skip_serializing_if = "Option::is_none")] pub environment: Option, @@ -150,14 +138,14 @@ pub struct SentryConfig { /// /// Defaults to `1.0` if not set. #[serde(skip_serializing_if = "Option::is_none")] - #[schemars(example = "sample_rate_example", range(min = 0.0, max = 1.0))] + #[schemars(example = 0.5, range(min = 0.0, max = 1.0))] pub sample_rate: Option, /// Sample rate for tracing transactions /// /// Defaults to `0.0` if not set. #[serde(skip_serializing_if = "Option::is_none")] - #[schemars(example = "sample_rate_example", range(min = 0.0, max = 1.0))] + #[schemars(example = 0.5, range(min = 0.0, max = 1.0))] pub traces_sample_rate: Option, } diff --git a/crates/context/src/fmt.rs b/crates/context/src/fmt.rs index f4c4981e1..47e72fcae 100644 --- a/crates/context/src/fmt.rs +++ b/crates/context/src/fmt.rs @@ -18,7 +18,7 @@ use tracing_subscriber::{ use crate::LogContext; -/// An event formatter usable by the [`tracing-subscriber`] crate, which +/// An event formatter usable by the [`tracing_subscriber`] crate, which /// includes the log context and the OTEL trace ID. #[derive(Debug, Default)] pub struct EventFormatter; diff --git a/crates/handlers/src/admin/mod.rs b/crates/handlers/src/admin/mod.rs index 194f839f3..cbb23edbf 100644 --- a/crates/handlers/src/admin/mod.rs +++ b/crates/handlers/src/admin/mod.rs @@ -29,6 +29,7 @@ use mas_router::{ UrlBuilder, }; use mas_templates::{ApiDocContext, Templates}; +use schemars::transform::AddNullable; use tower_http::cors::{Any, CorsLayer}; mod call_context; @@ -171,8 +172,16 @@ where aide::generate::infer_responses(false); aide::generate::in_context(|ctx| { - ctx.schema = - schemars::r#gen::SchemaGenerator::new(schemars::r#gen::SchemaSettings::openapi3()); + ctx.schema = schemars::generate::SchemaGenerator::new( + schemars::generate::SchemaSettings::openapi3().with(|settings| { + // Remove the transform which adds nullable fields, as it's not + // valid with OpenAPI 3.1. For some reason, aide/schemars output + // an OpenAPI 3.1 schema with this nullable transform. + settings + .transforms + .retain(|transform| !transform.is::()); + }), + ); }); let mut api = OpenApi::default(); diff --git a/crates/handlers/src/admin/schema.rs b/crates/handlers/src/admin/schema.rs index 068c68977..e305df061 100644 --- a/crates/handlers/src/admin/schema.rs +++ b/crates/handlers/src/admin/schema.rs @@ -6,11 +6,9 @@ //! Common schema definitions -use schemars::{ - JsonSchema, - r#gen::SchemaGenerator, - schema::{InstanceType, Metadata, Schema, SchemaObject, StringValidation}, -}; +use std::borrow::Cow; + +use schemars::{JsonSchema, Schema, SchemaGenerator, json_schema}; /// A type to use for schema definitions of ULIDs /// @@ -18,32 +16,21 @@ use schemars::{ pub struct Ulid; impl JsonSchema for Ulid { - fn schema_name() -> String { - "ULID".to_owned() + fn schema_name() -> Cow<'static, str> { + Cow::Borrowed("ULID") } fn json_schema(_gen: &mut SchemaGenerator) -> Schema { - SchemaObject { - instance_type: Some(InstanceType::String.into()), - - metadata: Some(Box::new(Metadata { - title: Some("ULID".into()), - description: Some("A ULID as per https://github.com/ulid/spec".into()), - examples: vec![ - "01ARZ3NDEKTSV4RRFFQ69G5FAV".into(), - "01J41912SC8VGAQDD50F6APK91".into(), - ], - ..Metadata::default() - })), - - string: Some(Box::new(StringValidation { - pattern: Some(r"^[0123456789ABCDEFGHJKMNPQRSTVWXYZ]{26}$".into()), - ..StringValidation::default() - })), - - ..SchemaObject::default() - } - .into() + json_schema!({ + "type": "string", + "title": "ULID", + "description": "A ULID as per https://github.com/ulid/spec", + "examples": [ + "01ARZ3NDEKTSV4RRFFQ69G5FAV", + "01J41912SC8VGAQDD50F6APK91", + ], + "pattern": "^[0123456789ABCDEFGHJKMNPQRSTVWXYZ]{26}$", + }) } } @@ -53,27 +40,20 @@ impl JsonSchema for Ulid { pub struct Device; impl JsonSchema for Device { - fn schema_name() -> String { - "DeviceID".to_owned() + fn schema_name() -> Cow<'static, str> { + Cow::Borrowed("DeviceID") } fn json_schema(_gen: &mut SchemaGenerator) -> Schema { - SchemaObject { - instance_type: Some(InstanceType::String.into()), - - metadata: Some(Box::new(Metadata { - title: Some("Device ID".into()), - examples: vec!["AABBCCDDEE".into(), "FFGGHHIIJJ".into()], - ..Metadata::default() - })), - - string: Some(Box::new(StringValidation { - pattern: Some(r"^[A-Za-z0-9._~!$&'()*+,;=:&/-]+$".into()), - ..StringValidation::default() - })), - - ..SchemaObject::default() - } - .into() + json_schema!({ + "type": "string", + "title": "Device ID", + "description": "A device ID as per https://matrix.org/docs/spec/client_server/r0.6.0#device-ids", + "examples": [ + "AABBCCDDEE", + "FFGGHHIIJJ", + ], + "pattern": "^[A-Za-z0-9._~!$&'()*+,;=:&/-]+$", + }) } } diff --git a/crates/handlers/src/admin/v1/policy_data/set.rs b/crates/handlers/src/admin/v1/policy_data/set.rs index e781a8996..5bee61415 100644 --- a/crates/handlers/src/admin/v1/policy_data/set.rs +++ b/crates/handlers/src/admin/v1/policy_data/set.rs @@ -59,7 +59,7 @@ fn data_example() -> serde_json::Value { #[derive(Deserialize, JsonSchema)] #[serde(rename = "SetPolicyDataRequest")] pub struct SetPolicyDataRequest { - #[schemars(example = "data_example")] + #[schemars(example = data_example())] pub data: serde_json::Value, } diff --git a/crates/handlers/src/admin/v1/users/set_password.rs b/crates/handlers/src/admin/v1/users/set_password.rs index 390c31e47..7e9365f73 100644 --- a/crates/handlers/src/admin/v1/users/set_password.rs +++ b/crates/handlers/src/admin/v1/users/set_password.rs @@ -55,16 +55,12 @@ impl IntoResponse for RouteError { } } -fn password_example() -> String { - "hunter2".to_owned() -} - /// # JSON payload for the `POST /api/admin/v1/users/:id/set-password` endpoint #[derive(Deserialize, JsonSchema)] #[schemars(rename = "SetUserPasswordRequest")] pub struct Request { /// The password to set for the user - #[schemars(example = "password_example")] + #[schemars(example = &"hunter2")] password: String, /// Skip the password complexity check diff --git a/crates/iana-codegen/Cargo.toml b/crates/iana-codegen/Cargo.toml index 0f30c8c31..0a8e8669b 100644 --- a/crates/iana-codegen/Cargo.toml +++ b/crates/iana-codegen/Cargo.toml @@ -23,6 +23,7 @@ camino.workspace = true convert_case.workspace = true csv.workspace = true reqwest.workspace = true +rustls.workspace = true serde.workspace = true tokio.workspace = true tracing-subscriber.workspace = true diff --git a/crates/iana-codegen/src/generation.rs b/crates/iana-codegen/src/generation.rs index 3ee792df1..2f1d4836e 100644 --- a/crates/iana-codegen/src/generation.rs +++ b/crates/iana-codegen/src/generation.rs @@ -165,11 +165,12 @@ pub fn json_schema_impl( write!( f, r#"impl schemars::JsonSchema for {} {{ - fn schema_name() -> String {{ - "{}".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> {{ + std::borrow::Cow::Borrowed("{}") }} - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {{ + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema {{ let enums = vec!["#, section.key, section.key, )?; @@ -179,20 +180,14 @@ pub fn json_schema_impl( f, r" // --- - schemars::schema::SchemaObject {{", + schemars::json_schema!({{", )?; if let Some(description) = &member.description { write!( f, - r" - metadata: Some(Box::new(schemars::schema::Metadata {{ - description: Some( - // --- - {}.to_owned(), - ), - ..Default::default() - }})),", + r#" + "description": {},"#, raw_string(description), )?; } @@ -200,34 +195,24 @@ pub fn json_schema_impl( write!( f, r#" - const_value: Some("{}".into()), - ..Default::default() - }} - .into(),"#, + "const": "{}", + }}),"#, member.value )?; } writeln!( f, - r" + r#" ]; let description = {}; - schemars::schema::SchemaObject {{ - metadata: Some(Box::new(schemars::schema::Metadata {{ - description: Some(description.to_owned()), - ..Default::default() - }})), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation {{ - any_of: Some(enums), - ..Default::default() - }})), - ..Default::default() - }} - .into() + schemars::json_schema!({{ + "description": description, + "anyOf": enums, + }}) }} -}}", +}}"#, raw_string(section.doc), ) } diff --git a/crates/iana-codegen/src/main.rs b/crates/iana-codegen/src/main.rs index cf809a0a9..d2ff734e0 100644 --- a/crates/iana-codegen/src/main.rs +++ b/crates/iana-codegen/src/main.rs @@ -189,6 +189,10 @@ async fn main() -> anyhow::Result<()> { .pretty() .init(); + rustls::crypto::aws_lc_rs::default_provider() + .install_default() + .unwrap(); + #[expect( clippy::disallowed_methods, reason = "reqwest::Client::new should be disallowed by clippy, but for the codegen it's fine" diff --git a/crates/iana/src/jose.rs b/crates/iana/src/jose.rs index 666d6cd7f..8a0434fad 100644 --- a/crates/iana/src/jose.rs +++ b/crates/iana/src/jose.rs @@ -144,248 +144,105 @@ impl serde::Serialize for JsonWebSignatureAlg { } impl schemars::JsonSchema for JsonWebSignatureAlg { - fn schema_name() -> String { - "JsonWebSignatureAlg".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("JsonWebSignatureAlg") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"HMAC using SHA-256".to_owned(), - ), - ..Default::default() - })), - const_value: Some("HS256".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"HMAC using SHA-256", + "const": "HS256", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"HMAC using SHA-384".to_owned(), - ), - ..Default::default() - })), - const_value: Some("HS384".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"HMAC using SHA-384", + "const": "HS384", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"HMAC using SHA-512".to_owned(), - ), - ..Default::default() - })), - const_value: Some("HS512".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"HMAC using SHA-512", + "const": "HS512", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"RSASSA-PKCS1-v1_5 using SHA-256".to_owned(), - ), - ..Default::default() - })), - const_value: Some("RS256".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"RSASSA-PKCS1-v1_5 using SHA-256", + "const": "RS256", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"RSASSA-PKCS1-v1_5 using SHA-384".to_owned(), - ), - ..Default::default() - })), - const_value: Some("RS384".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"RSASSA-PKCS1-v1_5 using SHA-384", + "const": "RS384", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"RSASSA-PKCS1-v1_5 using SHA-512".to_owned(), - ), - ..Default::default() - })), - const_value: Some("RS512".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"RSASSA-PKCS1-v1_5 using SHA-512", + "const": "RS512", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"ECDSA using P-256 and SHA-256".to_owned(), - ), - ..Default::default() - })), - const_value: Some("ES256".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"ECDSA using P-256 and SHA-256", + "const": "ES256", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"ECDSA using P-384 and SHA-384".to_owned(), - ), - ..Default::default() - })), - const_value: Some("ES384".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"ECDSA using P-384 and SHA-384", + "const": "ES384", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"ECDSA using P-521 and SHA-512".to_owned(), - ), - ..Default::default() - })), - const_value: Some("ES512".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"ECDSA using P-521 and SHA-512", + "const": "ES512", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"RSASSA-PSS using SHA-256 and MGF1 with SHA-256".to_owned(), - ), - ..Default::default() - })), - const_value: Some("PS256".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"RSASSA-PSS using SHA-256 and MGF1 with SHA-256", + "const": "PS256", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"RSASSA-PSS using SHA-384 and MGF1 with SHA-384".to_owned(), - ), - ..Default::default() - })), - const_value: Some("PS384".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"RSASSA-PSS using SHA-384 and MGF1 with SHA-384", + "const": "PS384", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"RSASSA-PSS using SHA-512 and MGF1 with SHA-512".to_owned(), - ), - ..Default::default() - })), - const_value: Some("PS512".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"RSASSA-PSS using SHA-512 and MGF1 with SHA-512", + "const": "PS512", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"No digital signature or MAC performed".to_owned(), - ), - ..Default::default() - })), - const_value: Some("none".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"No digital signature or MAC performed", + "const": "none", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"EdDSA signature algorithms".to_owned(), - ), - ..Default::default() - })), - const_value: Some("EdDSA".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"EdDSA signature algorithms", + "const": "EdDSA", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"ECDSA using secp256k1 curve and SHA-256".to_owned(), - ), - ..Default::default() - })), - const_value: Some("ES256K".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"ECDSA using secp256k1 curve and SHA-256", + "const": "ES256K", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"EdDSA using Ed25519 curve".to_owned(), - ), - ..Default::default() - })), - const_value: Some("Ed25519".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"EdDSA using Ed25519 curve", + "const": "Ed25519", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"EdDSA using Ed448 curve".to_owned(), - ), - ..Default::default() - })), - const_value: Some("Ed448".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"EdDSA using Ed448 curve", + "const": "Ed448", + }), ]; let description = r#"JSON Web Signature "alg" parameter"#; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } @@ -532,274 +389,115 @@ impl serde::Serialize for JsonWebEncryptionAlg { } impl schemars::JsonSchema for JsonWebEncryptionAlg { - fn schema_name() -> String { - "JsonWebEncryptionAlg".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("JsonWebEncryptionAlg") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"RSAES-PKCS1-v1_5".to_owned(), - ), - ..Default::default() - })), - const_value: Some("RSA1_5".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"RSAES-PKCS1-v1_5", + "const": "RSA1_5", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"RSAES OAEP using default parameters".to_owned(), - ), - ..Default::default() - })), - const_value: Some("RSA-OAEP".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"RSAES OAEP using default parameters", + "const": "RSA-OAEP", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"RSAES OAEP using SHA-256 and MGF1 with SHA-256".to_owned(), - ), - ..Default::default() - })), - const_value: Some("RSA-OAEP-256".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"RSAES OAEP using SHA-256 and MGF1 with SHA-256", + "const": "RSA-OAEP-256", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"AES Key Wrap using 128-bit key".to_owned(), - ), - ..Default::default() - })), - const_value: Some("A128KW".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"AES Key Wrap using 128-bit key", + "const": "A128KW", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"AES Key Wrap using 192-bit key".to_owned(), - ), - ..Default::default() - })), - const_value: Some("A192KW".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"AES Key Wrap using 192-bit key", + "const": "A192KW", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"AES Key Wrap using 256-bit key".to_owned(), - ), - ..Default::default() - })), - const_value: Some("A256KW".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"AES Key Wrap using 256-bit key", + "const": "A256KW", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Direct use of a shared symmetric key".to_owned(), - ), - ..Default::default() - })), - const_value: Some("dir".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Direct use of a shared symmetric key", + "const": "dir", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"ECDH-ES using Concat KDF".to_owned(), - ), - ..Default::default() - })), - const_value: Some("ECDH-ES".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"ECDH-ES using Concat KDF", + "const": "ECDH-ES", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r#"ECDH-ES using Concat KDF and "A128KW" wrapping"#.to_owned(), - ), - ..Default::default() - })), - const_value: Some("ECDH-ES+A128KW".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r#"ECDH-ES using Concat KDF and "A128KW" wrapping"#, + "const": "ECDH-ES+A128KW", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r#"ECDH-ES using Concat KDF and "A192KW" wrapping"#.to_owned(), - ), - ..Default::default() - })), - const_value: Some("ECDH-ES+A192KW".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r#"ECDH-ES using Concat KDF and "A192KW" wrapping"#, + "const": "ECDH-ES+A192KW", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r#"ECDH-ES using Concat KDF and "A256KW" wrapping"#.to_owned(), - ), - ..Default::default() - })), - const_value: Some("ECDH-ES+A256KW".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r#"ECDH-ES using Concat KDF and "A256KW" wrapping"#, + "const": "ECDH-ES+A256KW", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Key wrapping with AES GCM using 128-bit key".to_owned(), - ), - ..Default::default() - })), - const_value: Some("A128GCMKW".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Key wrapping with AES GCM using 128-bit key", + "const": "A128GCMKW", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Key wrapping with AES GCM using 192-bit key".to_owned(), - ), - ..Default::default() - })), - const_value: Some("A192GCMKW".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Key wrapping with AES GCM using 192-bit key", + "const": "A192GCMKW", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Key wrapping with AES GCM using 256-bit key".to_owned(), - ), - ..Default::default() - })), - const_value: Some("A256GCMKW".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Key wrapping with AES GCM using 256-bit key", + "const": "A256GCMKW", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r#"PBES2 with HMAC SHA-256 and "A128KW" wrapping"#.to_owned(), - ), - ..Default::default() - })), - const_value: Some("PBES2-HS256+A128KW".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r#"PBES2 with HMAC SHA-256 and "A128KW" wrapping"#, + "const": "PBES2-HS256+A128KW", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r#"PBES2 with HMAC SHA-384 and "A192KW" wrapping"#.to_owned(), - ), - ..Default::default() - })), - const_value: Some("PBES2-HS384+A192KW".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r#"PBES2 with HMAC SHA-384 and "A192KW" wrapping"#, + "const": "PBES2-HS384+A192KW", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r#"PBES2 with HMAC SHA-512 and "A256KW" wrapping"#.to_owned(), - ), - ..Default::default() - })), - const_value: Some("PBES2-HS512+A256KW".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r#"PBES2 with HMAC SHA-512 and "A256KW" wrapping"#, + "const": "PBES2-HS512+A256KW", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"RSA-OAEP using SHA-384 and MGF1 with SHA-384".to_owned(), - ), - ..Default::default() - })), - const_value: Some("RSA-OAEP-384".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"RSA-OAEP using SHA-384 and MGF1 with SHA-384", + "const": "RSA-OAEP-384", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"RSA-OAEP using SHA-512 and MGF1 with SHA-512".to_owned(), - ), - ..Default::default() - })), - const_value: Some("RSA-OAEP-512".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"RSA-OAEP using SHA-512 and MGF1 with SHA-512", + "const": "RSA-OAEP-512", + }), ]; let description = r#"JSON Web Encryption "alg" parameter"#; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } @@ -881,105 +579,50 @@ impl serde::Serialize for JsonWebEncryptionEnc { } impl schemars::JsonSchema for JsonWebEncryptionEnc { - fn schema_name() -> String { - "JsonWebEncryptionEnc".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("JsonWebEncryptionEnc") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"AES_128_CBC_HMAC_SHA_256 authenticated encryption algorithm".to_owned(), - ), - ..Default::default() - })), - const_value: Some("A128CBC-HS256".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"AES_128_CBC_HMAC_SHA_256 authenticated encryption algorithm", + "const": "A128CBC-HS256", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"AES_192_CBC_HMAC_SHA_384 authenticated encryption algorithm".to_owned(), - ), - ..Default::default() - })), - const_value: Some("A192CBC-HS384".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"AES_192_CBC_HMAC_SHA_384 authenticated encryption algorithm", + "const": "A192CBC-HS384", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"AES_256_CBC_HMAC_SHA_512 authenticated encryption algorithm".to_owned(), - ), - ..Default::default() - })), - const_value: Some("A256CBC-HS512".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"AES_256_CBC_HMAC_SHA_512 authenticated encryption algorithm", + "const": "A256CBC-HS512", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"AES GCM using 128-bit key".to_owned(), - ), - ..Default::default() - })), - const_value: Some("A128GCM".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"AES GCM using 128-bit key", + "const": "A128GCM", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"AES GCM using 192-bit key".to_owned(), - ), - ..Default::default() - })), - const_value: Some("A192GCM".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"AES GCM using 192-bit key", + "const": "A192GCM", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"AES GCM using 256-bit key".to_owned(), - ), - ..Default::default() - })), - const_value: Some("A256GCM".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"AES GCM using 256-bit key", + "const": "A256GCM", + }), ]; let description = r#"JSON Web Encryption "enc" parameter"#; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } @@ -1036,40 +679,25 @@ impl serde::Serialize for JsonWebEncryptionCompressionAlgorithm { } impl schemars::JsonSchema for JsonWebEncryptionCompressionAlgorithm { - fn schema_name() -> String { - "JsonWebEncryptionCompressionAlgorithm".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("JsonWebEncryptionCompressionAlgorithm") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"DEFLATE".to_owned(), - ), - ..Default::default() - })), - const_value: Some("DEF".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"DEFLATE", + "const": "DEF", + }), ]; let description = r"JSON Web Encryption Compression Algorithm"; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } @@ -1141,79 +769,40 @@ impl serde::Serialize for JsonWebKeyType { } impl schemars::JsonSchema for JsonWebKeyType { - fn schema_name() -> String { - "JsonWebKeyType".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("JsonWebKeyType") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Elliptic Curve".to_owned(), - ), - ..Default::default() - })), - const_value: Some("EC".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Elliptic Curve", + "const": "EC", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"RSA".to_owned(), - ), - ..Default::default() - })), - const_value: Some("RSA".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"RSA", + "const": "RSA", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Octet sequence".to_owned(), - ), - ..Default::default() - })), - const_value: Some("oct".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Octet sequence", + "const": "oct", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Octet string key pairs".to_owned(), - ), - ..Default::default() - })), - const_value: Some("OKP".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Octet string key pairs", + "const": "OKP", + }), ]; let description = r"JSON Web Key Type"; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } @@ -1285,79 +874,40 @@ impl serde::Serialize for JsonWebKeyEcEllipticCurve { } impl schemars::JsonSchema for JsonWebKeyEcEllipticCurve { - fn schema_name() -> String { - "JsonWebKeyEcEllipticCurve".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("JsonWebKeyEcEllipticCurve") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"P-256 Curve".to_owned(), - ), - ..Default::default() - })), - const_value: Some("P-256".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"P-256 Curve", + "const": "P-256", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"P-384 Curve".to_owned(), - ), - ..Default::default() - })), - const_value: Some("P-384".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"P-384 Curve", + "const": "P-384", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"P-521 Curve".to_owned(), - ), - ..Default::default() - })), - const_value: Some("P-521".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"P-521 Curve", + "const": "P-521", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"SECG secp256k1 curve".to_owned(), - ), - ..Default::default() - })), - const_value: Some("secp256k1".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"SECG secp256k1 curve", + "const": "secp256k1", + }), ]; let description = r"JSON Web Key EC Elliptic Curve"; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } @@ -1429,79 +979,40 @@ impl serde::Serialize for JsonWebKeyOkpEllipticCurve { } impl schemars::JsonSchema for JsonWebKeyOkpEllipticCurve { - fn schema_name() -> String { - "JsonWebKeyOkpEllipticCurve".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("JsonWebKeyOkpEllipticCurve") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Ed25519 signature algorithm key pairs".to_owned(), - ), - ..Default::default() - })), - const_value: Some("Ed25519".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Ed25519 signature algorithm key pairs", + "const": "Ed25519", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Ed448 signature algorithm key pairs".to_owned(), - ), - ..Default::default() - })), - const_value: Some("Ed448".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Ed448 signature algorithm key pairs", + "const": "Ed448", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"X25519 function key pairs".to_owned(), - ), - ..Default::default() - })), - const_value: Some("X25519".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"X25519 function key pairs", + "const": "X25519", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"X448 function key pairs".to_owned(), - ), - ..Default::default() - })), - const_value: Some("X448".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"X448 function key pairs", + "const": "X448", + }), ]; let description = r"JSON Web Key OKP Elliptic Curve"; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } @@ -1563,53 +1074,30 @@ impl serde::Serialize for JsonWebKeyUse { } impl schemars::JsonSchema for JsonWebKeyUse { - fn schema_name() -> String { - "JsonWebKeyUse".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("JsonWebKeyUse") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Digital Signature or MAC".to_owned(), - ), - ..Default::default() - })), - const_value: Some("sig".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Digital Signature or MAC", + "const": "sig", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Encryption".to_owned(), - ), - ..Default::default() - })), - const_value: Some("enc".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Encryption", + "const": "enc", + }), ]; let description = r"JSON Web Key Use"; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } @@ -1701,130 +1189,59 @@ impl serde::Serialize for JsonWebKeyOperation { } impl schemars::JsonSchema for JsonWebKeyOperation { - fn schema_name() -> String { - "JsonWebKeyOperation".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("JsonWebKeyOperation") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Compute digital signature or MAC".to_owned(), - ), - ..Default::default() - })), - const_value: Some("sign".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Compute digital signature or MAC", + "const": "sign", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Verify digital signature or MAC".to_owned(), - ), - ..Default::default() - })), - const_value: Some("verify".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Verify digital signature or MAC", + "const": "verify", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Encrypt content".to_owned(), - ), - ..Default::default() - })), - const_value: Some("encrypt".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Encrypt content", + "const": "encrypt", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Decrypt content and validate decryption, if applicable".to_owned(), - ), - ..Default::default() - })), - const_value: Some("decrypt".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Decrypt content and validate decryption, if applicable", + "const": "decrypt", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Encrypt key".to_owned(), - ), - ..Default::default() - })), - const_value: Some("wrapKey".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Encrypt key", + "const": "wrapKey", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Decrypt key and validate decryption, if applicable".to_owned(), - ), - ..Default::default() - })), - const_value: Some("unwrapKey".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Decrypt key and validate decryption, if applicable", + "const": "unwrapKey", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Derive key".to_owned(), - ), - ..Default::default() - })), - const_value: Some("deriveKey".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Derive key", + "const": "deriveKey", + }), // --- - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some( - // --- - r"Derive bits not to be used as a key".to_owned(), - ), - ..Default::default() - })), - const_value: Some("deriveBits".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "description": r"Derive bits not to be used as a key", + "const": "deriveBits", + }), ]; let description = r"JSON Web Key Operation"; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } diff --git a/crates/iana/src/oauth.rs b/crates/iana/src/oauth.rs index 3b65ce9f2..f59cd7c8c 100644 --- a/crates/iana/src/oauth.rs +++ b/crates/iana/src/oauth.rs @@ -79,51 +79,36 @@ impl serde::Serialize for OAuthAccessTokenType { } impl schemars::JsonSchema for OAuthAccessTokenType { - fn schema_name() -> String { - "OAuthAccessTokenType".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("OAuthAccessTokenType") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - const_value: Some("Bearer".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "Bearer", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("N_A".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "N_A", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("PoP".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "PoP", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("DPoP".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "DPoP", + }), ]; let description = r"OAuth Access Token Type"; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } @@ -210,75 +195,52 @@ impl serde::Serialize for OAuthAuthorizationEndpointResponseType { } impl schemars::JsonSchema for OAuthAuthorizationEndpointResponseType { - fn schema_name() -> String { - "OAuthAuthorizationEndpointResponseType".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("OAuthAuthorizationEndpointResponseType") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - const_value: Some("code".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "code", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("code id_token".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "code id_token", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("code id_token token".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "code id_token token", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("code token".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "code token", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("id_token".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "id_token", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("id_token token".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "id_token token", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("none".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "none", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("token".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "token", + }), ]; let description = r"OAuth Authorization Endpoint Response Type"; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } @@ -345,45 +307,32 @@ impl serde::Serialize for OAuthTokenTypeHint { } impl schemars::JsonSchema for OAuthTokenTypeHint { - fn schema_name() -> String { - "OAuthTokenTypeHint".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("OAuthTokenTypeHint") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - const_value: Some("access_token".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "access_token", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("refresh_token".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "refresh_token", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("pct".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "pct", + }), ]; let description = r"OAuth Token Type Hint"; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } @@ -470,69 +419,48 @@ impl serde::Serialize for OAuthClientAuthenticationMethod { } impl schemars::JsonSchema for OAuthClientAuthenticationMethod { - fn schema_name() -> String { - "OAuthClientAuthenticationMethod".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("OAuthClientAuthenticationMethod") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - const_value: Some("none".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "none", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("client_secret_post".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "client_secret_post", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("client_secret_basic".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "client_secret_basic", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("client_secret_jwt".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "client_secret_jwt", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("private_key_jwt".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "private_key_jwt", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("tls_client_auth".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "tls_client_auth", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("self_signed_tls_client_auth".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "self_signed_tls_client_auth", + }), ]; let description = r"OAuth Token Endpoint Authentication Method"; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } @@ -594,38 +522,27 @@ impl serde::Serialize for PkceCodeChallengeMethod { } impl schemars::JsonSchema for PkceCodeChallengeMethod { - fn schema_name() -> String { - "PkceCodeChallengeMethod".to_owned() + fn schema_name() -> std::borrow::Cow<'static, str> { + std::borrow::Cow::Borrowed("PkceCodeChallengeMethod") } - fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema { + #[allow(clippy::too_many_lines)] + fn json_schema(_gen: &mut schemars::SchemaGenerator) -> schemars::Schema { let enums = vec![ // --- - schemars::schema::SchemaObject { - const_value: Some("plain".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "plain", + }), // --- - schemars::schema::SchemaObject { - const_value: Some("S256".into()), - ..Default::default() - } - .into(), + schemars::json_schema!({ + "const": "S256", + }), ]; let description = r"PKCE Code Challenge Method"; - schemars::schema::SchemaObject { - metadata: Some(Box::new(schemars::schema::Metadata { - description: Some(description.to_owned()), - ..Default::default() - })), - subschemas: Some(Box::new(schemars::schema::SubschemaValidation { - any_of: Some(enums), - ..Default::default() - })), - ..Default::default() - } - .into() + schemars::json_schema!({ + "description": description, + "anyOf": enums, + }) } } diff --git a/crates/policy/src/bin/schema.rs b/crates/policy/src/bin/schema.rs index cc908d4c9..8e9c81a07 100644 --- a/crates/policy/src/bin/schema.rs +++ b/crates/policy/src/bin/schema.rs @@ -14,7 +14,7 @@ use std::path::{Path, PathBuf}; use mas_policy::model::{ AuthorizationGrantInput, ClientRegistrationInput, EmailInput, RegisterInput, }; -use schemars::{JsonSchema, r#gen::SchemaSettings}; +use schemars::{JsonSchema, generate::SchemaSettings}; fn write_schema(out_dir: Option<&Path>, file: &str) { let mut writer: Box = if let Some(out_dir) = out_dir { @@ -27,11 +27,7 @@ fn write_schema(out_dir: Option<&Path>, file: &str) { Box::new(std::io::stdout()) }; - let settings = SchemaSettings::draft07().with(|s| { - s.option_nullable = false; - s.option_add_null_type = false; - }); - let generator = settings.into_generator(); + let generator = SchemaSettings::draft07().into_generator(); let schema = generator.into_root_schema_for::(); serde_json::to_writer_pretty(&mut writer, &schema).expect("Failed to serialize schema"); writer.flush().expect("Failed to flush writer"); diff --git a/crates/storage/src/lib.rs b/crates/storage/src/lib.rs index 7a19f05ac..c5d5d0b26 100644 --- a/crates/storage/src/lib.rs +++ b/crates/storage/src/lib.rs @@ -20,7 +20,7 @@ //! To define a new repository, you have to: //! 1. Define a new (async) repository trait, with the methods you need //! 2. Write an implementation of this trait for each storage backend you want -//! (currently only for [`mas-storage-pg`]) +//! (currently only for `mas-storage-pg`) //! 3. Make it accessible via the [`RepositoryAccess`] trait //! //! The repository trait definition should look like this: diff --git a/deny.toml b/deny.toml index a0d6a8e03..1671119ca 100644 --- a/deny.toml +++ b/deny.toml @@ -60,8 +60,6 @@ multiple-versions = "deny" skip = [ { name = "itertools", version = "0.13.0" }, # zxcvbn depends on this old version - { name = "indexmap", version = "1.9.3" }, # schemars depends on this old version - { name = "hashbrown", version = "0.12.3" }, # schemars -> indexmap depends on this old version { name = "hashbrown", version = "0.14.5" }, # a few crates depend on this old version # a few dependencies depend on the 1.x version of thiserror { name = "thiserror", version = "1.0.69" }, diff --git a/docs/api/spec.json b/docs/api/spec.json index f45dd32b9..ac56910b8 100644 --- a/docs/api/spec.json +++ b/docs/api/spec.json @@ -90,8 +90,14 @@ "description": "Retrieve the items before the given ID", "schema": { "description": "Retrieve the items before the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -101,8 +107,14 @@ "description": "Retrieve the items after the given ID", "schema": { "description": "Retrieve the items after the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -112,10 +124,12 @@ "description": "Retrieve the first N items", "schema": { "description": "Retrieve the first N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -125,10 +139,12 @@ "description": "Retrieve the last N items", "schema": { "description": "Retrieve the last N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -138,8 +154,14 @@ "description": "Include the total number of items. Defaults to `true`.", "schema": { "description": "Include the total number of items. Defaults to `true`.", - "$ref": "#/components/schemas/IncludeCount", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/IncludeCount" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -149,8 +171,14 @@ "description": "Retrieve the items for the given user", "schema": { "description": "Retrieve the items for the given user", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -160,19 +188,31 @@ "description": "Retrieve the items started from the given browser session", "schema": { "description": "Retrieve the items started from the given browser session", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, { "in": "query", "name": "filter[status]", - "description": "Retrieve the items with the given status\n\nDefaults to retrieve all sessions, including finished ones.\n\n* `active`: Only retrieve active sessions\n\n* `finished`: Only retrieve finished sessions", + "description": "Retrieve the items with the given status\n\n Defaults to retrieve all sessions, including finished ones.\n\n * `active`: Only retrieve active sessions\n\n * `finished`: Only retrieve finished sessions", "schema": { - "description": "Retrieve the items with the given status\n\nDefaults to retrieve all sessions, including finished ones.\n\n* `active`: Only retrieve active sessions\n\n* `finished`: Only retrieve finished sessions", - "$ref": "#/components/schemas/CompatSessionStatus", - "nullable": true + "description": "Retrieve the items with the given status\n\n Defaults to retrieve all sessions, including finished ones.\n\n * `active`: Only retrieve active sessions\n\n * `finished`: Only retrieve finished sessions", + "anyOf": [ + { + "$ref": "#/components/schemas/CompatSessionStatus" + }, + { + "type": "null" + } + ] }, "style": "form" } @@ -474,8 +514,14 @@ "description": "Retrieve the items before the given ID", "schema": { "description": "Retrieve the items before the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -485,8 +531,14 @@ "description": "Retrieve the items after the given ID", "schema": { "description": "Retrieve the items after the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -496,10 +548,12 @@ "description": "Retrieve the first N items", "schema": { "description": "Retrieve the first N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -509,10 +563,12 @@ "description": "Retrieve the last N items", "schema": { "description": "Retrieve the last N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -522,8 +578,14 @@ "description": "Include the total number of items. Defaults to `true`.", "schema": { "description": "Include the total number of items. Defaults to `true`.", - "$ref": "#/components/schemas/IncludeCount", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/IncludeCount" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -533,8 +595,14 @@ "description": "Retrieve the items for the given user", "schema": { "description": "Retrieve the items for the given user", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -544,8 +612,14 @@ "description": "Retrieve the items for the given client", "schema": { "description": "Retrieve the items for the given client", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -555,8 +629,14 @@ "description": "Retrieve the items only for a specific client kind", "schema": { "description": "Retrieve the items only for a specific client kind", - "$ref": "#/components/schemas/OAuth2ClientKind", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/OAuth2ClientKind" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -566,8 +646,14 @@ "description": "Retrieve the items started from the given browser session", "schema": { "description": "Retrieve the items started from the given browser session", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -577,22 +663,28 @@ "description": "Retrieve the items with the given scope", "schema": { "description": "Retrieve the items with the given scope", - "default": [], "type": "array", "items": { "type": "string" - } + }, + "default": [] }, "style": "form" }, { "in": "query", "name": "filter[status]", - "description": "Retrieve the items with the given status\n\nDefaults to retrieve all sessions, including finished ones.\n\n* `active`: Only retrieve active sessions\n\n* `finished`: Only retrieve finished sessions", + "description": "Retrieve the items with the given status\n\n Defaults to retrieve all sessions, including finished ones.\n\n * `active`: Only retrieve active sessions\n\n * `finished`: Only retrieve finished sessions", "schema": { - "description": "Retrieve the items with the given status\n\nDefaults to retrieve all sessions, including finished ones.\n\n* `active`: Only retrieve active sessions\n\n* `finished`: Only retrieve finished sessions", - "$ref": "#/components/schemas/OAuth2SessionStatus", - "nullable": true + "description": "Retrieve the items with the given status\n\n Defaults to retrieve all sessions, including finished ones.\n\n * `active`: Only retrieve active sessions\n\n * `finished`: Only retrieve finished sessions", + "anyOf": [ + { + "$ref": "#/components/schemas/OAuth2SessionStatus" + }, + { + "type": "null" + } + ] }, "style": "form" } @@ -911,8 +1003,14 @@ "description": "Retrieve the items before the given ID", "schema": { "description": "Retrieve the items before the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -922,8 +1020,14 @@ "description": "Retrieve the items after the given ID", "schema": { "description": "Retrieve the items after the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -933,10 +1037,12 @@ "description": "Retrieve the first N items", "schema": { "description": "Retrieve the first N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -946,10 +1052,12 @@ "description": "Retrieve the last N items", "schema": { "description": "Retrieve the last N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -959,8 +1067,14 @@ "description": "Include the total number of items. Defaults to `true`.", "schema": { "description": "Include the total number of items. Defaults to `true`.", - "$ref": "#/components/schemas/IncludeCount", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/IncludeCount" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -970,8 +1084,14 @@ "description": "Filter by owner user ID", "schema": { "description": "Filter by owner user ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -981,8 +1101,14 @@ "description": "Filter by owner `OAuth2` client ID", "schema": { "description": "Filter by owner `OAuth2` client ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -992,8 +1118,14 @@ "description": "Filter by actor user ID", "schema": { "description": "Filter by actor user ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -1003,11 +1135,11 @@ "description": "Retrieve the items with the given scope", "schema": { "description": "Retrieve the items with the given scope", - "default": [], "type": "array", "items": { "type": "string" - } + }, + "default": [] }, "style": "form" }, @@ -1017,8 +1149,14 @@ "description": "Filter by session status", "schema": { "description": "Filter by session status", - "$ref": "#/components/schemas/PersonalSessionStatus", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/PersonalSessionStatus" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -1028,9 +1166,11 @@ "description": "Filter by access token expiry date", "schema": { "description": "Filter by access token expiry date", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "style": "form" }, @@ -1040,9 +1180,11 @@ "description": "Filter by access token expiry date", "schema": { "description": "Filter by access token expiry date", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "style": "form" }, @@ -1052,8 +1194,10 @@ "description": "Filter by whether the access token has an expiry time", "schema": { "description": "Filter by whether the access token has an expiry time", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] }, "style": "form" } @@ -1678,8 +1822,14 @@ "description": "Retrieve the items before the given ID", "schema": { "description": "Retrieve the items before the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -1689,8 +1839,14 @@ "description": "Retrieve the items after the given ID", "schema": { "description": "Retrieve the items after the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -1700,10 +1856,12 @@ "description": "Retrieve the first N items", "schema": { "description": "Retrieve the first N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -1713,10 +1871,12 @@ "description": "Retrieve the last N items", "schema": { "description": "Retrieve the last N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -1726,8 +1886,14 @@ "description": "Include the total number of items. Defaults to `true`.", "schema": { "description": "Include the total number of items. Defaults to `true`.", - "$ref": "#/components/schemas/IncludeCount", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/IncludeCount" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -1737,8 +1903,10 @@ "description": "Retrieve users with (or without) the `admin` flag set", "schema": { "description": "Retrieve users with (or without) the `admin` flag set", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] }, "style": "form" }, @@ -1748,30 +1916,40 @@ "description": "Retrieve users with (or without) the `legacy_guest` flag set", "schema": { "description": "Retrieve users with (or without) the `legacy_guest` flag set", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] }, "style": "form" }, { "in": "query", "name": "filter[search]", - "description": "Retrieve users where the username matches contains the given string\n\nNote that this doesn't change the ordering of the result, which are still ordered by ID.", + "description": "Retrieve users where the username matches contains the given string\n\n Note that this doesn't change the ordering of the result, which are\n still ordered by ID.", "schema": { - "description": "Retrieve users where the username matches contains the given string\n\nNote that this doesn't change the ordering of the result, which are still ordered by ID.", - "type": "string", - "nullable": true + "description": "Retrieve users where the username matches contains the given string\n\n Note that this doesn't change the ordering of the result, which are\n still ordered by ID.", + "type": [ + "string", + "null" + ] }, "style": "form" }, { "in": "query", "name": "filter[status]", - "description": "Retrieve the items with the given status\n\nDefaults to retrieve all users, including locked ones.\n\n* `active`: Only retrieve active users\n\n* `locked`: Only retrieve locked users (includes deactivated users)\n\n* `deactivated`: Only retrieve deactivated users", + "description": "Retrieve the items with the given status\n\n Defaults to retrieve all users, including locked ones.\n\n * `active`: Only retrieve active users\n\n * `locked`: Only retrieve locked users (includes deactivated users)\n\n * `deactivated`: Only retrieve deactivated users", "schema": { - "description": "Retrieve the items with the given status\n\nDefaults to retrieve all users, including locked ones.\n\n* `active`: Only retrieve active users\n\n* `locked`: Only retrieve locked users (includes deactivated users)\n\n* `deactivated`: Only retrieve deactivated users", - "$ref": "#/components/schemas/UserStatus", - "nullable": true + "description": "Retrieve the items with the given status\n\n Defaults to retrieve all users, including locked ones.\n\n * `active`: Only retrieve active users\n\n * `locked`: Only retrieve locked users (includes deactivated users)\n\n * `deactivated`: Only retrieve deactivated users", + "anyOf": [ + { + "$ref": "#/components/schemas/UserStatus" + }, + { + "type": "null" + } + ] }, "style": "form" } @@ -2563,8 +2741,14 @@ "description": "Retrieve the items before the given ID", "schema": { "description": "Retrieve the items before the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -2574,8 +2758,14 @@ "description": "Retrieve the items after the given ID", "schema": { "description": "Retrieve the items after the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -2585,10 +2775,12 @@ "description": "Retrieve the first N items", "schema": { "description": "Retrieve the first N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -2598,10 +2790,12 @@ "description": "Retrieve the last N items", "schema": { "description": "Retrieve the last N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -2611,8 +2805,14 @@ "description": "Include the total number of items. Defaults to `true`.", "schema": { "description": "Include the total number of items. Defaults to `true`.", - "$ref": "#/components/schemas/IncludeCount", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/IncludeCount" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -2622,8 +2822,14 @@ "description": "Retrieve the items for the given user", "schema": { "description": "Retrieve the items for the given user", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -2633,8 +2839,10 @@ "description": "Retrieve the user email with the given email address", "schema": { "description": "Retrieve the user email with the given email address", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] }, "style": "form" } @@ -2924,8 +3132,14 @@ "description": "Retrieve the items before the given ID", "schema": { "description": "Retrieve the items before the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -2935,8 +3149,14 @@ "description": "Retrieve the items after the given ID", "schema": { "description": "Retrieve the items after the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -2946,10 +3166,12 @@ "description": "Retrieve the first N items", "schema": { "description": "Retrieve the first N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -2959,10 +3181,12 @@ "description": "Retrieve the last N items", "schema": { "description": "Retrieve the last N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -2972,8 +3196,14 @@ "description": "Include the total number of items. Defaults to `true`.", "schema": { "description": "Include the total number of items. Defaults to `true`.", - "$ref": "#/components/schemas/IncludeCount", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/IncludeCount" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -2983,19 +3213,31 @@ "description": "Retrieve the items for the given user", "schema": { "description": "Retrieve the items for the given user", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, { "in": "query", "name": "filter[status]", - "description": "Retrieve the items with the given status\n\nDefaults to retrieve all sessions, including finished ones.\n\n* `active`: Only retrieve active sessions\n\n* `finished`: Only retrieve finished sessions", + "description": "Retrieve the items with the given status\n\n Defaults to retrieve all sessions, including finished ones.\n\n * `active`: Only retrieve active sessions\n\n * `finished`: Only retrieve finished sessions", "schema": { - "description": "Retrieve the items with the given status\n\nDefaults to retrieve all sessions, including finished ones.\n\n* `active`: Only retrieve active sessions\n\n* `finished`: Only retrieve finished sessions", - "$ref": "#/components/schemas/UserSessionStatus", - "nullable": true + "description": "Retrieve the items with the given status\n\n Defaults to retrieve all sessions, including finished ones.\n\n * `active`: Only retrieve active sessions\n\n * `finished`: Only retrieve finished sessions", + "anyOf": [ + { + "$ref": "#/components/schemas/UserSessionStatus" + }, + { + "type": "null" + } + ] }, "style": "form" } @@ -3276,8 +3518,14 @@ "description": "Retrieve the items before the given ID", "schema": { "description": "Retrieve the items before the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -3287,8 +3535,14 @@ "description": "Retrieve the items after the given ID", "schema": { "description": "Retrieve the items after the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -3298,10 +3552,12 @@ "description": "Retrieve the first N items", "schema": { "description": "Retrieve the first N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -3311,10 +3567,12 @@ "description": "Retrieve the last N items", "schema": { "description": "Retrieve the last N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -3324,8 +3582,14 @@ "description": "Include the total number of items. Defaults to `true`.", "schema": { "description": "Include the total number of items. Defaults to `true`.", - "$ref": "#/components/schemas/IncludeCount", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/IncludeCount" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -3335,8 +3599,10 @@ "description": "Retrieve tokens that have (or have not) been used at least once", "schema": { "description": "Retrieve tokens that have (or have not) been used at least once", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] }, "style": "form" }, @@ -3346,8 +3612,10 @@ "description": "Retrieve tokens that are (or are not) revoked", "schema": { "description": "Retrieve tokens that are (or are not) revoked", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] }, "style": "form" }, @@ -3357,19 +3625,23 @@ "description": "Retrieve tokens that are (or are not) expired", "schema": { "description": "Retrieve tokens that are (or are not) expired", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] }, "style": "form" }, { "in": "query", "name": "filter[valid]", - "description": "Retrieve tokens that are (or are not) valid\n\nValid means that the token has not expired, is not revoked, and has not reached its usage limit.", + "description": "Retrieve tokens that are (or are not) valid\n\n Valid means that the token has not expired, is not revoked, and has not\n reached its usage limit.", "schema": { - "description": "Retrieve tokens that are (or are not) valid\n\nValid means that the token has not expired, is not revoked, and has not reached its usage limit.", - "type": "boolean", - "nullable": true + "description": "Retrieve tokens that are (or are not) valid\n\n Valid means that the token has not expired, is not revoked, and has not\n reached its usage limit.", + "type": [ + "boolean", + "null" + ] }, "style": "form" } @@ -3844,8 +4116,14 @@ "description": "Retrieve the items before the given ID", "schema": { "description": "Retrieve the items before the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -3855,8 +4133,14 @@ "description": "Retrieve the items after the given ID", "schema": { "description": "Retrieve the items after the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -3866,10 +4150,12 @@ "description": "Retrieve the first N items", "schema": { "description": "Retrieve the first N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -3879,10 +4165,12 @@ "description": "Retrieve the last N items", "schema": { "description": "Retrieve the last N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -3892,8 +4180,14 @@ "description": "Include the total number of items. Defaults to `true`.", "schema": { "description": "Include the total number of items. Defaults to `true`.", - "$ref": "#/components/schemas/IncludeCount", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/IncludeCount" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -3903,8 +4197,14 @@ "description": "Retrieve the items for the given user", "schema": { "description": "Retrieve the items for the given user", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -3914,8 +4214,14 @@ "description": "Retrieve the items for the given provider", "schema": { "description": "Retrieve the items for the given provider", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -3925,8 +4231,10 @@ "description": "Retrieve the items with the given subject", "schema": { "description": "Retrieve the items with the given subject", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] }, "style": "form" } @@ -4267,8 +4575,14 @@ "description": "Retrieve the items before the given ID", "schema": { "description": "Retrieve the items before the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -4278,8 +4592,14 @@ "description": "Retrieve the items after the given ID", "schema": { "description": "Retrieve the items after the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -4289,10 +4609,12 @@ "description": "Retrieve the first N items", "schema": { "description": "Retrieve the first N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -4302,10 +4624,12 @@ "description": "Retrieve the last N items", "schema": { "description": "Retrieve the last N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "style": "form" }, @@ -4315,8 +4639,14 @@ "description": "Include the total number of items. Defaults to `true`.", "schema": { "description": "Include the total number of items. Defaults to `true`.", - "$ref": "#/components/schemas/IncludeCount", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/IncludeCount" + }, + { + "type": "null" + } + ] }, "style": "form" }, @@ -4326,8 +4656,10 @@ "description": "Retrieve providers that are (or are not) enabled", "schema": { "description": "Retrieve providers that are (or are not) enabled", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] }, "style": "form" } @@ -4510,20 +4842,6 @@ "schemas": { "SiteConfig": { "type": "object", - "required": [ - "account_deactivation_allowed", - "account_recovery_allowed", - "captcha_enabled", - "displayname_change_allowed", - "email_change_allowed", - "minimum_password_complexity", - "password_change_allowed", - "password_login_enabled", - "password_registration_email_required", - "password_registration_enabled", - "registration_token_required", - "server_name" - ], "properties": { "server_name": { "description": "The Matrix server name for which this instance is configured", @@ -4570,69 +4888,102 @@ "type": "boolean" }, "minimum_password_complexity": { - "description": "Minimum password complexity, between 0 and 4. This is a score from zxcvbn.", + "description": "Minimum password complexity, between 0 and 4.\n This is a score from zxcvbn.", "type": "integer", "format": "uint8", - "maximum": 4.0, - "minimum": 0.0 + "minimum": 0, + "maximum": 4 } - } + }, + "required": [ + "server_name", + "password_login_enabled", + "password_registration_enabled", + "password_registration_email_required", + "registration_token_required", + "email_change_allowed", + "displayname_change_allowed", + "password_change_allowed", + "account_recovery_allowed", + "account_deactivation_allowed", + "captcha_enabled", + "minimum_password_complexity" + ] }, "Version": { "type": "object", - "required": [ - "version" - ], "properties": { "version": { "description": "The semver version of the app", "type": "string" } - } + }, + "required": [ + "version" + ] }, "PaginationParams": { "type": "object", "properties": { "page[before]": { "description": "Retrieve the items before the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "page[after]": { "description": "Retrieve the items after the given ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "page[first]": { "description": "Retrieve the first N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "page[last]": { "description": "Retrieve the last N items", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 1.0, - "nullable": true + "minimum": 1 }, "count": { "description": "Include the total number of items. Defaults to `true`.", - "$ref": "#/components/schemas/IncludeCount", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/IncludeCount" + }, + { + "type": "null" + } + ] } } }, "ULID": { "title": "ULID", "description": "A ULID as per https://github.com/ulid/spec", - "examples": [ - "01ARZ3NDEKTSV4RRFFQ69G5FAV", - "01J41912SC8VGAQDD50F6APK91" - ], "type": "string", - "pattern": "^[0123456789ABCDEFGHJKMNPQRSTVWXYZ]{26}$" + "pattern": "^[0123456789ABCDEFGHJKMNPQRSTVWXYZ]{26}$", + "example": "01ARZ3NDEKTSV4RRFFQ69G5FAV" }, "IncludeCount": { "oneOf": [ @@ -4664,18 +5015,36 @@ "properties": { "filter[user]": { "description": "Retrieve the items for the given user", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "filter[user-session]": { "description": "Retrieve the items started from the given browser session", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "filter[status]": { - "description": "Retrieve the items with the given status\n\nDefaults to retrieve all sessions, including finished ones.\n\n* `active`: Only retrieve active sessions\n\n* `finished`: Only retrieve finished sessions", - "$ref": "#/components/schemas/CompatSessionStatus", - "nullable": true + "description": "Retrieve the items with the given status\n\n Defaults to retrieve all sessions, including finished ones.\n\n * `active`: Only retrieve active sessions\n\n * `finished`: Only retrieve finished sessions", + "anyOf": [ + { + "$ref": "#/components/schemas/CompatSessionStatus" + }, + { + "type": "null" + } + ] } } }, @@ -4689,50 +5058,58 @@ "PaginatedResponse_for_CompatSession": { "description": "A top-level response with a page of resources", "type": "object", - "required": [ - "links" - ], "properties": { "meta": { "description": "Response metadata", - "$ref": "#/components/schemas/PaginationMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/PaginationMeta" + }, + { + "type": "null" + } + ] }, "data": { "description": "The list of resources", - "type": "array", + "type": [ + "array", + "null" + ], "items": { "$ref": "#/components/schemas/SingleResource_for_CompatSession" - }, - "nullable": true + } }, "links": { "description": "Related links", - "$ref": "#/components/schemas/PaginationLinks" + "allOf": [ + { + "$ref": "#/components/schemas/PaginationLinks" + } + ] } - } + }, + "required": [ + "links" + ] }, "PaginationMeta": { "type": "object", "properties": { "count": { "description": "The total number of results", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint", - "minimum": 0.0, - "nullable": true + "minimum": 0 } } }, "SingleResource_for_CompatSession": { "description": "A single resource, with its type, ID, attributes and related links", "type": "object", - "required": [ - "attributes", - "id", - "links", - "type" - ], "properties": { "type": { "description": "The type of the resource", @@ -4740,50 +5117,82 @@ }, "id": { "description": "The ID of the resource", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "attributes": { "description": "The attributes of the resource", - "$ref": "#/components/schemas/CompatSession" + "allOf": [ + { + "$ref": "#/components/schemas/CompatSession" + } + ] }, "links": { "description": "Related links", - "$ref": "#/components/schemas/SelfLinks" + "allOf": [ + { + "$ref": "#/components/schemas/SelfLinks" + } + ] }, "meta": { "description": "Metadata about the resource", - "$ref": "#/components/schemas/SingleResourceMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/SingleResourceMeta" + }, + { + "type": "null" + } + ] } - } + }, + "required": [ + "type", + "id", + "attributes", + "links" + ] }, "CompatSession": { "description": "A compatibility session for legacy clients", "type": "object", - "required": [ - "created_at", - "device_id", - "user_id", - "user_session_id" - ], "properties": { "user_id": { "description": "The ID of the user that owns this session", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "device_id": { "description": "The Matrix device ID of this session", - "$ref": "#/components/schemas/DeviceID" + "allOf": [ + { + "$ref": "#/components/schemas/DeviceID" + } + ] }, "user_session_id": { "description": "The ID of the user session that started this session, if any", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "redirect_uri": { "description": "The redirect URI used to login in the client, if it was an SSO login", - "type": "string", - "format": "uri", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "uri" }, "created_at": { "description": "The time this session was created", @@ -4792,55 +5201,69 @@ }, "user_agent": { "description": "The user agent string that started this session, if any", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] }, "last_active_at": { "description": "The time this session was last active", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "last_active_ip": { "description": "The last IP address recorded for this session", - "type": "string", - "format": "ip", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "ip" }, "finished_at": { "description": "The time this session was finished", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "human_name": { "description": "The user-provided name, if any", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] } - } + }, + "required": [ + "user_id", + "device_id", + "user_session_id", + "created_at" + ] }, "DeviceID": { "title": "Device ID", - "examples": [ - "AABBCCDDEE", - "FFGGHHIIJJ" - ], + "description": "A device ID as per https://matrix.org/docs/spec/client_server/r0.6.0#device-ids", "type": "string", - "pattern": "^[A-Za-z0-9._~!$&'()*+,;=:&/-]+$" + "pattern": "^[A-Za-z0-9._~!$&'()*+,;=:&/-]+$", + "example": "AABBCCDDEE" }, "SelfLinks": { "description": "Related links", "type": "object", - "required": [ - "self" - ], "properties": { "self": { "description": "The canonical link to the current resource", "type": "string" } - } + }, + "required": [ + "self" + ] }, "SingleResourceMeta": { "description": "Metadata associated with a resource", @@ -4848,30 +5271,33 @@ "properties": { "page": { "description": "Information about the pagination of the resource", - "$ref": "#/components/schemas/SingleResourceMetaPage", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/SingleResourceMetaPage" + }, + { + "type": "null" + } + ] } } }, "SingleResourceMetaPage": { "description": "Pagination metadata for a resource", "type": "object", - "required": [ - "cursor" - ], "properties": { "cursor": { "description": "The cursor of this resource in the paginated result", "type": "string" } - } + }, + "required": [ + "cursor" + ] }, "PaginationLinks": { "description": "Related links", "type": "object", - "required": [ - "self" - ], "properties": { "self": { "description": "The canonical link to the current page", @@ -4879,32 +5305,40 @@ }, "first": { "description": "The link to the first page of results", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] }, "last": { "description": "The link to the last page of results", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] }, "next": { - "description": "The link to the next page of results\n\nOnly present if there is a next page", - "type": "string", - "nullable": true + "description": "The link to the next page of results\n\n Only present if there is a next page", + "type": [ + "string", + "null" + ] }, "prev": { - "description": "The link to the previous page of results\n\nOnly present if there is a previous page", - "type": "string", - "nullable": true + "description": "The link to the previous page of results\n\n Only present if there is a previous page", + "type": [ + "string", + "null" + ] } - } + }, + "required": [ + "self" + ] }, "ErrorResponse": { "description": "A top-level response with a list of errors", "type": "object", - "required": [ - "errors" - ], "properties": { "errors": { "description": "The list of errors", @@ -4913,40 +5347,43 @@ "$ref": "#/components/schemas/Error" } } - } + }, + "required": [ + "errors" + ] }, "Error": { "description": "A single error", "type": "object", - "required": [ - "title" - ], "properties": { "title": { "description": "A human-readable title for the error", "type": "string" } - } + }, + "required": [ + "title" + ] }, "UlidInPath": { "type": "object", - "required": [ - "id" - ], "properties": { "id": { "title": "The ID of the resource", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] } - } + }, + "required": [ + "id" + ] }, "SingleResponse_for_CompatSession": { "description": "A top-level response with a single resource", "type": "object", - "required": [ - "data", - "links" - ], "properties": { "data": { "$ref": "#/components/schemas/SingleResource_for_CompatSession" @@ -4954,43 +5391,77 @@ "links": { "$ref": "#/components/schemas/SelfLinks" } - } + }, + "required": [ + "data", + "links" + ] }, "OAuth2SessionFilter": { "type": "object", "properties": { "filter[user]": { "description": "Retrieve the items for the given user", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "filter[client]": { "description": "Retrieve the items for the given client", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "filter[client-kind]": { "description": "Retrieve the items only for a specific client kind", - "$ref": "#/components/schemas/OAuth2ClientKind", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/OAuth2ClientKind" + }, + { + "type": "null" + } + ] }, "filter[user-session]": { "description": "Retrieve the items started from the given browser session", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "filter[scope]": { "description": "Retrieve the items with the given scope", - "default": [], "type": "array", "items": { "type": "string" - } + }, + "default": [] }, "filter[status]": { - "description": "Retrieve the items with the given status\n\nDefaults to retrieve all sessions, including finished ones.\n\n* `active`: Only retrieve active sessions\n\n* `finished`: Only retrieve finished sessions", - "$ref": "#/components/schemas/OAuth2SessionStatus", - "nullable": true + "description": "Retrieve the items with the given status\n\n Defaults to retrieve all sessions, including finished ones.\n\n * `active`: Only retrieve active sessions\n\n * `finished`: Only retrieve finished sessions", + "anyOf": [ + { + "$ref": "#/components/schemas/OAuth2SessionStatus" + }, + { + "type": "null" + } + ] } } }, @@ -5011,38 +5482,44 @@ "PaginatedResponse_for_OAuth2Session": { "description": "A top-level response with a page of resources", "type": "object", - "required": [ - "links" - ], "properties": { "meta": { "description": "Response metadata", - "$ref": "#/components/schemas/PaginationMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/PaginationMeta" + }, + { + "type": "null" + } + ] }, "data": { "description": "The list of resources", - "type": "array", + "type": [ + "array", + "null" + ], "items": { "$ref": "#/components/schemas/SingleResource_for_OAuth2Session" - }, - "nullable": true + } }, "links": { "description": "Related links", - "$ref": "#/components/schemas/PaginationLinks" + "allOf": [ + { + "$ref": "#/components/schemas/PaginationLinks" + } + ] } - } + }, + "required": [ + "links" + ] }, "SingleResource_for_OAuth2Session": { "description": "A single resource, with its type, ID, attributes and related links", "type": "object", - "required": [ - "attributes", - "id", - "links", - "type" - ], "properties": { "type": { "description": "The type of the resource", @@ -5050,31 +5527,50 @@ }, "id": { "description": "The ID of the resource", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "attributes": { "description": "The attributes of the resource", - "$ref": "#/components/schemas/OAuth2Session" + "allOf": [ + { + "$ref": "#/components/schemas/OAuth2Session" + } + ] }, "links": { "description": "Related links", - "$ref": "#/components/schemas/SelfLinks" + "allOf": [ + { + "$ref": "#/components/schemas/SelfLinks" + } + ] }, "meta": { "description": "Metadata about the resource", - "$ref": "#/components/schemas/SingleResourceMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/SingleResourceMeta" + }, + { + "type": "null" + } + ] } - } + }, + "required": [ + "type", + "id", + "attributes", + "links" + ] }, "OAuth2Session": { "description": "A OAuth 2.0 session", "type": "object", - "required": [ - "client_id", - "created_at", - "scope" - ], "properties": { "created_at": { "description": "When the object was created", @@ -5083,23 +5579,41 @@ }, "finished_at": { "description": "When the session was finished", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "user_id": { "description": "The ID of the user who owns the session", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "user_session_id": { "description": "The ID of the browser session which started this session", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "client_id": { "description": "The ID of the client which requested this session", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "scope": { "description": "The scope granted for this session", @@ -5107,35 +5621,44 @@ }, "user_agent": { "description": "The user agent string of the client which started this session", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] }, "last_active_at": { "description": "The last time the session was active", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "last_active_ip": { "description": "The last IP address used by the session", - "type": "string", - "format": "ip", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "ip" }, "human_name": { "description": "The user-provided name, if any", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] } - } + }, + "required": [ + "created_at", + "client_id", + "scope" + ] }, "SingleResponse_for_OAuth2Session": { "description": "A top-level response with a single resource", "type": "object", - "required": [ - "data", - "links" - ], "properties": { "data": { "$ref": "#/components/schemas/SingleResource_for_OAuth2Session" @@ -5143,55 +5666,89 @@ "links": { "$ref": "#/components/schemas/SelfLinks" } - } + }, + "required": [ + "data", + "links" + ] }, "PersonalSessionFilter": { "type": "object", "properties": { "filter[owner_user]": { "description": "Filter by owner user ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "filter[owner_client]": { "description": "Filter by owner `OAuth2` client ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "filter[actor_user]": { "description": "Filter by actor user ID", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "filter[scope]": { "description": "Retrieve the items with the given scope", - "default": [], "type": "array", "items": { "type": "string" - } + }, + "default": [] }, "filter[status]": { "description": "Filter by session status", - "$ref": "#/components/schemas/PersonalSessionStatus", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/PersonalSessionStatus" + }, + { + "type": "null" + } + ] }, "filter[expires_before]": { "description": "Filter by access token expiry date", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "filter[expires_after]": { "description": "Filter by access token expiry date", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "filter[expires]": { "description": "Filter by whether the access token has an expiry time", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] } } }, @@ -5205,38 +5762,44 @@ "PaginatedResponse_for_PersonalSession": { "description": "A top-level response with a page of resources", "type": "object", - "required": [ - "links" - ], "properties": { "meta": { "description": "Response metadata", - "$ref": "#/components/schemas/PaginationMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/PaginationMeta" + }, + { + "type": "null" + } + ] }, "data": { "description": "The list of resources", - "type": "array", + "type": [ + "array", + "null" + ], "items": { "$ref": "#/components/schemas/SingleResource_for_PersonalSession" - }, - "nullable": true + } }, "links": { "description": "Related links", - "$ref": "#/components/schemas/PaginationLinks" + "allOf": [ + { + "$ref": "#/components/schemas/PaginationLinks" + } + ] } - } + }, + "required": [ + "links" + ] }, "SingleResource_for_PersonalSession": { "description": "A single resource, with its type, ID, attributes and related links", "type": "object", - "required": [ - "attributes", - "id", - "links", - "type" - ], "properties": { "type": { "description": "The type of the resource", @@ -5244,32 +5807,50 @@ }, "id": { "description": "The ID of the resource", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "attributes": { "description": "The attributes of the resource", - "$ref": "#/components/schemas/PersonalSession" + "allOf": [ + { + "$ref": "#/components/schemas/PersonalSession" + } + ] }, "links": { "description": "Related links", - "$ref": "#/components/schemas/SelfLinks" + "allOf": [ + { + "$ref": "#/components/schemas/SelfLinks" + } + ] }, "meta": { "description": "Metadata about the resource", - "$ref": "#/components/schemas/SingleResourceMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/SingleResourceMeta" + }, + { + "type": "null" + } + ] } - } + }, + "required": [ + "type", + "id", + "attributes", + "links" + ] }, "PersonalSession": { "description": "A personal session (session using personal access tokens)", "type": "object", - "required": [ - "actor_user_id", - "created_at", - "human_name", - "scope" - ], "properties": { "created_at": { "description": "When the session was created", @@ -5278,23 +5859,41 @@ }, "revoked_at": { "description": "When the session was revoked, if applicable", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "owner_user_id": { "description": "The ID of the user who owns this session (if user-owned)", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "owner_client_id": { "description": "The ID of the `OAuth2` client that owns this session (if client-owned)", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "actor_user_id": { "description": "The ID of the user that the session acts on behalf of", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "human_name": { "description": "Human-readable name for the session", @@ -5306,41 +5905,54 @@ }, "last_active_at": { "description": "When the session was last active", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "last_active_ip": { "description": "IP address of last activity", - "type": "string", - "format": "ip", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "ip" }, "expires_at": { - "description": "When the current token for this session expires. The session will need to be regenerated, producing a new access token, after this time. None if the current token won't expire or if the session is revoked.", - "type": "string", - "format": "date-time", - "nullable": true + "description": "When the current token for this session expires.\n The session will need to be regenerated, producing a new access token,\n after this time.\n None if the current token won't expire or if the session is revoked.", + "type": [ + "string", + "null" + ], + "format": "date-time" }, "access_token": { "description": "The actual access token (only returned on creation)", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] } - } + }, + "required": [ + "created_at", + "actor_user_id", + "human_name", + "scope" + ] }, "CreatePersonalSessionRequest": { "title": "JSON payload for the `POST /api/admin/v1/personal-sessions` endpoint", "type": "object", - "required": [ - "actor_user_id", - "human_name", - "scope" - ], "properties": { "actor_user_id": { "description": "The user this session will act on behalf of", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "human_name": { "description": "Human-readable name for the session", @@ -5351,21 +5963,24 @@ "type": "string" }, "expires_in": { - "description": "Token expiry time in seconds. If not set, the token won't expire.", - "type": "integer", + "description": "Token expiry time in seconds.\n If not set, the token won't expire.", + "type": [ + "integer", + "null" + ], "format": "uint32", - "minimum": 0.0, - "nullable": true + "minimum": 0 } - } + }, + "required": [ + "actor_user_id", + "human_name", + "scope" + ] }, "SingleResponse_for_PersonalSession": { "description": "A top-level response with a single resource", "type": "object", - "required": [ - "data", - "links" - ], "properties": { "data": { "$ref": "#/components/schemas/SingleResource_for_PersonalSession" @@ -5373,46 +5988,46 @@ "links": { "$ref": "#/components/schemas/SelfLinks" } - } + }, + "required": [ + "data", + "links" + ] }, "RegeneratePersonalSessionRequest": { "title": "JSON payload for the `POST /api/admin/v1/personal-sessions/{id}/regenerate` endpoint", "type": "object", "properties": { "expires_in": { - "description": "Token expiry time in seconds. If not set, the token won't expire.", - "type": "integer", + "description": "Token expiry time in seconds.\n If not set, the token won't expire.", + "type": [ + "integer", + "null" + ], "format": "uint32", - "minimum": 0.0, - "nullable": true + "minimum": 0 } } }, "SetPolicyDataRequest": { "title": "JSON payload for the `POST /api/admin/v1/policy-data`", "type": "object", - "required": [ - "data" - ], "properties": { "data": { - "examples": [ - { - "hello": "world", - "foo": 42, - "bar": true - } - ] + "example": { + "hello": "world", + "foo": 42, + "bar": true + } } - } + }, + "required": [ + "data" + ] }, "SingleResponse_for_PolicyData": { "description": "A top-level response with a single resource", "type": "object", - "required": [ - "data", - "links" - ], "properties": { "data": { "$ref": "#/components/schemas/SingleResource_for_PolicyData" @@ -5420,17 +6035,15 @@ "links": { "$ref": "#/components/schemas/SelfLinks" } - } + }, + "required": [ + "data", + "links" + ] }, "SingleResource_for_PolicyData": { "description": "A single resource, with its type, ID, attributes and related links", "type": "object", - "required": [ - "attributes", - "id", - "links", - "type" - ], "properties": { "type": { "description": "The type of the resource", @@ -5438,30 +6051,50 @@ }, "id": { "description": "The ID of the resource", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "attributes": { "description": "The attributes of the resource", - "$ref": "#/components/schemas/PolicyData" + "allOf": [ + { + "$ref": "#/components/schemas/PolicyData" + } + ] }, "links": { "description": "Related links", - "$ref": "#/components/schemas/SelfLinks" + "allOf": [ + { + "$ref": "#/components/schemas/SelfLinks" + } + ] }, "meta": { "description": "Metadata about the resource", - "$ref": "#/components/schemas/SingleResourceMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/SingleResourceMeta" + }, + { + "type": "null" + } + ] } - } + }, + "required": [ + "type", + "id", + "attributes", + "links" + ] }, "PolicyData": { "description": "The policy data", "type": "object", - "required": [ - "created_at", - "data" - ], "properties": { "created_at": { "description": "The creation date of the policy data", @@ -5471,30 +6104,46 @@ "data": { "description": "The policy data content" } - } + }, + "required": [ + "created_at", + "data" + ] }, "UserFilter": { "type": "object", "properties": { "filter[admin]": { "description": "Retrieve users with (or without) the `admin` flag set", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] }, "filter[legacy-guest]": { "description": "Retrieve users with (or without) the `legacy_guest` flag set", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] }, "filter[search]": { - "description": "Retrieve users where the username matches contains the given string\n\nNote that this doesn't change the ordering of the result, which are still ordered by ID.", - "type": "string", - "nullable": true + "description": "Retrieve users where the username matches contains the given string\n\n Note that this doesn't change the ordering of the result, which are\n still ordered by ID.", + "type": [ + "string", + "null" + ] }, "filter[status]": { - "description": "Retrieve the items with the given status\n\nDefaults to retrieve all users, including locked ones.\n\n* `active`: Only retrieve active users\n\n* `locked`: Only retrieve locked users (includes deactivated users)\n\n* `deactivated`: Only retrieve deactivated users", - "$ref": "#/components/schemas/UserStatus", - "nullable": true + "description": "Retrieve the items with the given status\n\n Defaults to retrieve all users, including locked ones.\n\n * `active`: Only retrieve active users\n\n * `locked`: Only retrieve locked users (includes deactivated users)\n\n * `deactivated`: Only retrieve deactivated users", + "anyOf": [ + { + "$ref": "#/components/schemas/UserStatus" + }, + { + "type": "null" + } + ] } } }, @@ -5509,38 +6158,44 @@ "PaginatedResponse_for_User": { "description": "A top-level response with a page of resources", "type": "object", - "required": [ - "links" - ], "properties": { "meta": { "description": "Response metadata", - "$ref": "#/components/schemas/PaginationMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/PaginationMeta" + }, + { + "type": "null" + } + ] }, "data": { "description": "The list of resources", - "type": "array", + "type": [ + "array", + "null" + ], "items": { "$ref": "#/components/schemas/SingleResource_for_User" - }, - "nullable": true + } }, "links": { "description": "Related links", - "$ref": "#/components/schemas/PaginationLinks" + "allOf": [ + { + "$ref": "#/components/schemas/PaginationLinks" + } + ] } - } + }, + "required": [ + "links" + ] }, "SingleResource_for_User": { "description": "A single resource, with its type, ID, attributes and related links", "type": "object", - "required": [ - "attributes", - "id", - "links", - "type" - ], "properties": { "type": { "description": "The type of the resource", @@ -5548,32 +6203,50 @@ }, "id": { "description": "The ID of the resource", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "attributes": { "description": "The attributes of the resource", - "$ref": "#/components/schemas/User" + "allOf": [ + { + "$ref": "#/components/schemas/User" + } + ] }, "links": { "description": "Related links", - "$ref": "#/components/schemas/SelfLinks" + "allOf": [ + { + "$ref": "#/components/schemas/SelfLinks" + } + ] }, "meta": { "description": "Metadata about the resource", - "$ref": "#/components/schemas/SingleResourceMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/SingleResourceMeta" + }, + { + "type": "null" + } + ] } - } + }, + "required": [ + "type", + "id", + "attributes", + "links" + ] }, "User": { "description": "A user", "type": "object", - "required": [ - "admin", - "created_at", - "legacy_guest", - "username" - ], "properties": { "username": { "description": "The username (localpart) of the user", @@ -5586,15 +6259,19 @@ }, "locked_at": { "description": "When the user was locked. If null, the user is not locked.", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "deactivated_at": { "description": "When the user was deactivated. If null, the user is not deactivated.", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "admin": { "description": "Whether the user can request admin privileges.", @@ -5604,33 +6281,35 @@ "description": "Whether the user was a guest before migrating to MAS,", "type": "boolean" } - } + }, + "required": [ + "username", + "created_at", + "admin", + "legacy_guest" + ] }, "AddUserRequest": { "title": "JSON payload for the `POST /api/admin/v1/users` endpoint", "type": "object", - "required": [ - "username" - ], "properties": { "username": { "description": "The username of the user to add.", "type": "string" }, "skip_homeserver_check": { - "description": "Skip checking with the homeserver whether the username is available.\n\nUse this with caution! The main reason to use this, is when a user used by an application service needs to exist in MAS to craft special tokens (like with admin access) for them", - "default": false, - "type": "boolean" + "description": "Skip checking with the homeserver whether the username is available.\n\n Use this with caution! The main reason to use this, is when a user used\n by an application service needs to exist in MAS to craft special\n tokens (like with admin access) for them", + "type": "boolean", + "default": false } - } + }, + "required": [ + "username" + ] }, "SingleResponse_for_User": { "description": "A top-level response with a single resource", "type": "object", - "required": [ - "data", - "links" - ], "properties": { "data": { "$ref": "#/components/schemas/SingleResource_for_User" @@ -5638,62 +6317,66 @@ "links": { "$ref": "#/components/schemas/SelfLinks" } - } + }, + "required": [ + "data", + "links" + ] }, "SetUserPasswordRequest": { "title": "JSON payload for the `POST /api/admin/v1/users/:id/set-password` endpoint", "type": "object", - "required": [ - "password" - ], "properties": { "password": { "description": "The password to set for the user", - "examples": [ - "hunter2" - ], - "type": "string" + "type": "string", + "example": "hunter2" }, "skip_password_check": { "description": "Skip the password complexity check", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] } - } + }, + "required": [ + "password" + ] }, "UsernamePathParam": { "type": "object", - "required": [ - "username" - ], "properties": { "username": { "description": "The username (localpart) of the user to get", "type": "string" } - } + }, + "required": [ + "username" + ] }, "UserSetAdminRequest": { "title": "JSON payload for the `POST /api/admin/v1/users/:id/set-admin` endpoint", "type": "object", - "required": [ - "admin" - ], "properties": { "admin": { "description": "Whether the user can request admin privileges.", "type": "boolean" } - } + }, + "required": [ + "admin" + ] }, "DeactivateUserRequest": { "title": "JSON payload for the `POST /api/admin/v1/users/:id/deactivate` endpoint", "type": "object", "properties": { "skip_erase": { - "description": "Whether to skip requesting the homeserver to GDPR-erase the user upon deactivation.", - "default": false, - "type": "boolean" + "description": "Whether to skip requesting the homeserver to GDPR-erase the user upon\n deactivation.", + "type": "boolean", + "default": false } } }, @@ -5702,51 +6385,65 @@ "properties": { "filter[user]": { "description": "Retrieve the items for the given user", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "filter[email]": { "description": "Retrieve the user email with the given email address", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] } } }, "PaginatedResponse_for_UserEmail": { "description": "A top-level response with a page of resources", "type": "object", - "required": [ - "links" - ], "properties": { "meta": { "description": "Response metadata", - "$ref": "#/components/schemas/PaginationMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/PaginationMeta" + }, + { + "type": "null" + } + ] }, "data": { "description": "The list of resources", - "type": "array", + "type": [ + "array", + "null" + ], "items": { "$ref": "#/components/schemas/SingleResource_for_UserEmail" - }, - "nullable": true + } }, "links": { "description": "Related links", - "$ref": "#/components/schemas/PaginationLinks" + "allOf": [ + { + "$ref": "#/components/schemas/PaginationLinks" + } + ] } - } + }, + "required": [ + "links" + ] }, "SingleResource_for_UserEmail": { "description": "A single resource, with its type, ID, attributes and related links", "type": "object", - "required": [ - "attributes", - "id", - "links", - "type" - ], "properties": { "type": { "description": "The type of the resource", @@ -5754,31 +6451,50 @@ }, "id": { "description": "The ID of the resource", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "attributes": { "description": "The attributes of the resource", - "$ref": "#/components/schemas/UserEmail" + "allOf": [ + { + "$ref": "#/components/schemas/UserEmail" + } + ] }, "links": { "description": "Related links", - "$ref": "#/components/schemas/SelfLinks" + "allOf": [ + { + "$ref": "#/components/schemas/SelfLinks" + } + ] }, "meta": { "description": "Metadata about the resource", - "$ref": "#/components/schemas/SingleResourceMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/SingleResourceMeta" + }, + { + "type": "null" + } + ] } - } + }, + "required": [ + "type", + "id", + "attributes", + "links" + ] }, "UserEmail": { "description": "An email address for a user", "type": "object", - "required": [ - "created_at", - "email", - "user_id" - ], "properties": { "created_at": { "description": "When the object was created", @@ -5787,40 +6503,49 @@ }, "user_id": { "description": "The ID of the user who owns this email address", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "email": { "description": "The email address", "type": "string" } - } + }, + "required": [ + "created_at", + "user_id", + "email" + ] }, "AddUserEmailRequest": { "title": "JSON payload for the `POST /api/admin/v1/user-emails`", "type": "object", - "required": [ - "email", - "user_id" - ], "properties": { "user_id": { "description": "The ID of the user to which the email should be added.", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "email": { "description": "The email address of the user to add.", "type": "string", "format": "email" } - } + }, + "required": [ + "user_id", + "email" + ] }, "SingleResponse_for_UserEmail": { "description": "A top-level response with a single resource", "type": "object", - "required": [ - "data", - "links" - ], "properties": { "data": { "$ref": "#/components/schemas/SingleResource_for_UserEmail" @@ -5828,20 +6553,36 @@ "links": { "$ref": "#/components/schemas/SelfLinks" } - } + }, + "required": [ + "data", + "links" + ] }, "UserSessionFilter": { "type": "object", "properties": { "filter[user]": { "description": "Retrieve the items for the given user", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "filter[status]": { - "description": "Retrieve the items with the given status\n\nDefaults to retrieve all sessions, including finished ones.\n\n* `active`: Only retrieve active sessions\n\n* `finished`: Only retrieve finished sessions", - "$ref": "#/components/schemas/UserSessionStatus", - "nullable": true + "description": "Retrieve the items with the given status\n\n Defaults to retrieve all sessions, including finished ones.\n\n * `active`: Only retrieve active sessions\n\n * `finished`: Only retrieve finished sessions", + "anyOf": [ + { + "$ref": "#/components/schemas/UserSessionStatus" + }, + { + "type": "null" + } + ] } } }, @@ -5855,38 +6596,44 @@ "PaginatedResponse_for_UserSession": { "description": "A top-level response with a page of resources", "type": "object", - "required": [ - "links" - ], "properties": { "meta": { "description": "Response metadata", - "$ref": "#/components/schemas/PaginationMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/PaginationMeta" + }, + { + "type": "null" + } + ] }, "data": { "description": "The list of resources", - "type": "array", + "type": [ + "array", + "null" + ], "items": { "$ref": "#/components/schemas/SingleResource_for_UserSession" - }, - "nullable": true + } }, "links": { "description": "Related links", - "$ref": "#/components/schemas/PaginationLinks" + "allOf": [ + { + "$ref": "#/components/schemas/PaginationLinks" + } + ] } - } + }, + "required": [ + "links" + ] }, "SingleResource_for_UserSession": { "description": "A single resource, with its type, ID, attributes and related links", "type": "object", - "required": [ - "attributes", - "id", - "links", - "type" - ], "properties": { "type": { "description": "The type of the resource", @@ -5894,30 +6641,50 @@ }, "id": { "description": "The ID of the resource", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "attributes": { "description": "The attributes of the resource", - "$ref": "#/components/schemas/UserSession" + "allOf": [ + { + "$ref": "#/components/schemas/UserSession" + } + ] }, "links": { "description": "Related links", - "$ref": "#/components/schemas/SelfLinks" + "allOf": [ + { + "$ref": "#/components/schemas/SelfLinks" + } + ] }, "meta": { "description": "Metadata about the resource", - "$ref": "#/components/schemas/SingleResourceMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/SingleResourceMeta" + }, + { + "type": "null" + } + ] } - } + }, + "required": [ + "type", + "id", + "attributes", + "links" + ] }, "UserSession": { "description": "The browser (cookie) session for a user", "type": "object", - "required": [ - "created_at", - "user_id" - ], "properties": { "created_at": { "description": "When the object was created", @@ -5926,40 +6693,52 @@ }, "finished_at": { "description": "When the session was finished", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "user_id": { "description": "The ID of the user who owns the session", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "user_agent": { "description": "The user agent string of the client which started this session", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] }, "last_active_at": { "description": "The last time the session was active", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "last_active_ip": { "description": "The last IP address used by the session", - "type": "string", - "format": "ip", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "ip" } - } + }, + "required": [ + "created_at", + "user_id" + ] }, "SingleResponse_for_UserSession": { "description": "A top-level response with a single resource", "type": "object", - "required": [ - "data", - "links" - ], "properties": { "data": { "$ref": "#/components/schemas/SingleResource_for_UserSession" @@ -5967,68 +6746,86 @@ "links": { "$ref": "#/components/schemas/SelfLinks" } - } + }, + "required": [ + "data", + "links" + ] }, "RegistrationTokenFilter": { "type": "object", "properties": { "filter[used]": { "description": "Retrieve tokens that have (or have not) been used at least once", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] }, "filter[revoked]": { "description": "Retrieve tokens that are (or are not) revoked", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] }, "filter[expired]": { "description": "Retrieve tokens that are (or are not) expired", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] }, "filter[valid]": { - "description": "Retrieve tokens that are (or are not) valid\n\nValid means that the token has not expired, is not revoked, and has not reached its usage limit.", - "type": "boolean", - "nullable": true + "description": "Retrieve tokens that are (or are not) valid\n\n Valid means that the token has not expired, is not revoked, and has not\n reached its usage limit.", + "type": [ + "boolean", + "null" + ] } } }, "PaginatedResponse_for_UserRegistrationToken": { "description": "A top-level response with a page of resources", "type": "object", - "required": [ - "links" - ], "properties": { "meta": { "description": "Response metadata", - "$ref": "#/components/schemas/PaginationMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/PaginationMeta" + }, + { + "type": "null" + } + ] }, "data": { "description": "The list of resources", - "type": "array", + "type": [ + "array", + "null" + ], "items": { "$ref": "#/components/schemas/SingleResource_for_UserRegistrationToken" - }, - "nullable": true + } }, "links": { "description": "Related links", - "$ref": "#/components/schemas/PaginationLinks" + "allOf": [ + { + "$ref": "#/components/schemas/PaginationLinks" + } + ] } - } + }, + "required": [ + "links" + ] }, "SingleResource_for_UserRegistrationToken": { "description": "A single resource, with its type, ID, attributes and related links", "type": "object", - "required": [ - "attributes", - "id", - "links", - "type" - ], "properties": { "type": { "description": "The type of the resource", @@ -6036,32 +6833,50 @@ }, "id": { "description": "The ID of the resource", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "attributes": { "description": "The attributes of the resource", - "$ref": "#/components/schemas/UserRegistrationToken" + "allOf": [ + { + "$ref": "#/components/schemas/UserRegistrationToken" + } + ] }, "links": { "description": "Related links", - "$ref": "#/components/schemas/SelfLinks" + "allOf": [ + { + "$ref": "#/components/schemas/SelfLinks" + } + ] }, "meta": { "description": "Metadata about the resource", - "$ref": "#/components/schemas/SingleResourceMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/SingleResourceMeta" + }, + { + "type": "null" + } + ] } - } + }, + "required": [ + "type", + "id", + "attributes", + "links" + ] }, "UserRegistrationToken": { "description": "A registration token", "type": "object", - "required": [ - "created_at", - "times_used", - "token", - "valid" - ], "properties": { "token": { "description": "The token string", @@ -6073,16 +6888,18 @@ }, "usage_limit": { "description": "Maximum number of times this token can be used", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint32", - "minimum": 0.0, - "nullable": true + "minimum": 0 }, "times_used": { "description": "Number of times this token has been used", "type": "integer", "format": "uint32", - "minimum": 0.0 + "minimum": 0 }, "created_at": { "description": "When the token was created", @@ -6091,23 +6908,35 @@ }, "last_used_at": { "description": "When the token was last used. If null, the token has never been used.", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "expires_at": { "description": "When the token expires. If null, the token never expires.", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "revoked_at": { "description": "When the token was revoked. If null, the token is not revoked.", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" } - } + }, + "required": [ + "token", + "valid", + "times_used", + "created_at" + ] }, "AddUserRegistrationTokenRequest": { "title": "JSON payload for the `POST /api/admin/v1/user-registration-tokens`", @@ -6115,31 +6944,33 @@ "properties": { "token": { "description": "The token string. If not provided, a random token will be generated.", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] }, "usage_limit": { - "description": "Maximum number of times this token can be used. If not provided, the token can be used an unlimited number of times.", - "type": "integer", + "description": "Maximum number of times this token can be used. If not provided, the\n token can be used an unlimited number of times.", + "type": [ + "integer", + "null" + ], "format": "uint32", - "minimum": 0.0, - "nullable": true + "minimum": 0 }, "expires_at": { "description": "When the token expires. If not provided, the token never expires.", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" } } }, "SingleResponse_for_UserRegistrationToken": { "description": "A top-level response with a single resource", "type": "object", - "required": [ - "data", - "links" - ], "properties": { "data": { "$ref": "#/components/schemas/SingleResource_for_UserRegistrationToken" @@ -6147,7 +6978,11 @@ "links": { "$ref": "#/components/schemas/SelfLinks" } - } + }, + "required": [ + "data", + "links" + ] }, "EditUserRegistrationTokenRequest": { "title": "JSON payload for the `PUT /api/admin/v1/user-registration-tokens/{id}` endpoint", @@ -6155,16 +6990,20 @@ "properties": { "expires_at": { "description": "New expiration date for the token, or null to remove expiration", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" }, "usage_limit": { "description": "New usage limit for the token, or null to remove the limit", - "type": "integer", + "type": [ + "integer", + "null" + ], "format": "uint32", - "minimum": 0.0, - "nullable": true + "minimum": 0 } } }, @@ -6173,56 +7012,76 @@ "properties": { "filter[user]": { "description": "Retrieve the items for the given user", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "filter[provider]": { "description": "Retrieve the items for the given provider", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "filter[subject]": { "description": "Retrieve the items with the given subject", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] } } }, "PaginatedResponse_for_UpstreamOAuthLink": { "description": "A top-level response with a page of resources", "type": "object", - "required": [ - "links" - ], "properties": { "meta": { "description": "Response metadata", - "$ref": "#/components/schemas/PaginationMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/PaginationMeta" + }, + { + "type": "null" + } + ] }, "data": { "description": "The list of resources", - "type": "array", + "type": [ + "array", + "null" + ], "items": { "$ref": "#/components/schemas/SingleResource_for_UpstreamOAuthLink" - }, - "nullable": true + } }, "links": { "description": "Related links", - "$ref": "#/components/schemas/PaginationLinks" + "allOf": [ + { + "$ref": "#/components/schemas/PaginationLinks" + } + ] } - } + }, + "required": [ + "links" + ] }, "SingleResource_for_UpstreamOAuthLink": { "description": "A single resource, with its type, ID, attributes and related links", "type": "object", - "required": [ - "attributes", - "id", - "links", - "type" - ], "properties": { "type": { "description": "The type of the resource", @@ -6230,31 +7089,50 @@ }, "id": { "description": "The ID of the resource", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "attributes": { "description": "The attributes of the resource", - "$ref": "#/components/schemas/UpstreamOAuthLink" + "allOf": [ + { + "$ref": "#/components/schemas/UpstreamOAuthLink" + } + ] }, "links": { "description": "Related links", - "$ref": "#/components/schemas/SelfLinks" + "allOf": [ + { + "$ref": "#/components/schemas/SelfLinks" + } + ] }, "meta": { "description": "Metadata about the resource", - "$ref": "#/components/schemas/SingleResourceMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/SingleResourceMeta" + }, + { + "type": "null" + } + ] } - } + }, + "required": [ + "type", + "id", + "attributes", + "links" + ] }, "UpstreamOAuthLink": { "description": "An upstream OAuth 2.0 link", "type": "object", - "required": [ - "created_at", - "provider_id", - "subject" - ], "properties": { "created_at": { "description": "When the object was created", @@ -6263,7 +7141,11 @@ }, "provider_id": { "description": "The ID of the provider", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "subject": { "description": "The subject of the upstream account, unique per provider", @@ -6271,32 +7153,48 @@ }, "user_id": { "description": "The ID of the user who owns this link, if any", - "$ref": "#/components/schemas/ULID", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/ULID" + }, + { + "type": "null" + } + ] }, "human_account_name": { "description": "A human-readable name of the upstream account", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] } - } + }, + "required": [ + "created_at", + "provider_id", + "subject" + ] }, "AddUpstreamOauthLinkRequest": { "title": "JSON payload for the `POST /api/admin/v1/upstream-oauth-links`", "type": "object", - "required": [ - "provider_id", - "subject", - "user_id" - ], "properties": { "user_id": { "description": "The ID of the user to which the link should be added.", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "provider_id": { "description": "The ID of the upstream provider to which the link is for.", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "subject": { "description": "The subject (sub) claim of the user on the provider.", @@ -6304,18 +7202,21 @@ }, "human_account_name": { "description": "A human readable account name.", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] } - } + }, + "required": [ + "user_id", + "provider_id", + "subject" + ] }, "SingleResponse_for_UpstreamOAuthLink": { "description": "A top-level response with a single resource", "type": "object", - "required": [ - "data", - "links" - ], "properties": { "data": { "$ref": "#/components/schemas/SingleResource_for_UpstreamOAuthLink" @@ -6323,53 +7224,65 @@ "links": { "$ref": "#/components/schemas/SelfLinks" } - } + }, + "required": [ + "data", + "links" + ] }, "UpstreamOAuthProviderFilter": { "type": "object", "properties": { "filter[enabled]": { "description": "Retrieve providers that are (or are not) enabled", - "type": "boolean", - "nullable": true + "type": [ + "boolean", + "null" + ] } } }, "PaginatedResponse_for_UpstreamOAuthProvider": { "description": "A top-level response with a page of resources", "type": "object", - "required": [ - "links" - ], "properties": { "meta": { "description": "Response metadata", - "$ref": "#/components/schemas/PaginationMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/PaginationMeta" + }, + { + "type": "null" + } + ] }, "data": { "description": "The list of resources", - "type": "array", + "type": [ + "array", + "null" + ], "items": { "$ref": "#/components/schemas/SingleResource_for_UpstreamOAuthProvider" - }, - "nullable": true + } }, "links": { "description": "Related links", - "$ref": "#/components/schemas/PaginationLinks" + "allOf": [ + { + "$ref": "#/components/schemas/PaginationLinks" + } + ] } - } + }, + "required": [ + "links" + ] }, "SingleResource_for_UpstreamOAuthProvider": { "description": "A single resource, with its type, ID, attributes and related links", "type": "object", - "required": [ - "attributes", - "id", - "links", - "type" - ], "properties": { "type": { "description": "The type of the resource", @@ -6377,44 +7290,71 @@ }, "id": { "description": "The ID of the resource", - "$ref": "#/components/schemas/ULID" + "allOf": [ + { + "$ref": "#/components/schemas/ULID" + } + ] }, "attributes": { "description": "The attributes of the resource", - "$ref": "#/components/schemas/UpstreamOAuthProvider" + "allOf": [ + { + "$ref": "#/components/schemas/UpstreamOAuthProvider" + } + ] }, "links": { "description": "Related links", - "$ref": "#/components/schemas/SelfLinks" + "allOf": [ + { + "$ref": "#/components/schemas/SelfLinks" + } + ] }, "meta": { "description": "Metadata about the resource", - "$ref": "#/components/schemas/SingleResourceMeta", - "nullable": true + "anyOf": [ + { + "$ref": "#/components/schemas/SingleResourceMeta" + }, + { + "type": "null" + } + ] } - } + }, + "required": [ + "type", + "id", + "attributes", + "links" + ] }, "UpstreamOAuthProvider": { "description": "An upstream OAuth 2.0 provider", "type": "object", - "required": [ - "created_at" - ], "properties": { "issuer": { "description": "The OIDC issuer of the provider", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] }, "human_name": { "description": "A human-readable name for the provider", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] }, "brand_name": { "description": "A brand identifier, e.g. \"apple\" or \"google\"", - "type": "string", - "nullable": true + "type": [ + "string", + "null" + ] }, "created_at": { "description": "When the provider was created", @@ -6423,19 +7363,20 @@ }, "disabled_at": { "description": "When the provider was disabled. If null, the provider is enabled.", - "type": "string", - "format": "date-time", - "nullable": true + "type": [ + "string", + "null" + ], + "format": "date-time" } - } + }, + "required": [ + "created_at" + ] }, "SingleResponse_for_UpstreamOAuthProvider": { "description": "A top-level response with a single resource", "type": "object", - "required": [ - "data", - "links" - ], "properties": { "data": { "$ref": "#/components/schemas/SingleResource_for_UpstreamOAuthProvider" @@ -6443,7 +7384,11 @@ "links": { "$ref": "#/components/schemas/SelfLinks" } - } + }, + "required": [ + "data", + "links" + ] } } }, diff --git a/docs/config.schema.json b/docs/config.schema.json index 409d49fdf..e69de29bb 100644 --- a/docs/config.schema.json +++ b/docs/config.schema.json @@ -1,2725 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "RootConfig", - "description": "Application configuration root", - "type": "object", - "required": [ - "matrix", - "secrets" - ], - "properties": { - "clients": { - "description": "List of OAuth 2.0/OIDC clients config", - "type": "array", - "items": { - "$ref": "#/definitions/ClientConfig" - } - }, - "http": { - "description": "Configuration of the HTTP server", - "default": { - "listeners": [ - { - "name": "web", - "resources": [ - { - "name": "discovery" - }, - { - "name": "human" - }, - { - "name": "oauth" - }, - { - "name": "compat" - }, - { - "name": "graphql" - }, - { - "name": "assets" - } - ], - "binds": [ - { - "address": "[::]:8080" - } - ], - "proxy_protocol": false - }, - { - "name": "internal", - "resources": [ - { - "name": "health" - } - ], - "binds": [ - { - "host": "localhost", - "port": 8081 - } - ], - "proxy_protocol": false - } - ], - "trusted_proxies": [ - "192.168.0.0/16", - "172.16.0.0/12", - "10.0.0.0/10", - "127.0.0.1/8", - "fd00::/8", - "::1/128" - ], - "public_base": "http://[::]:8080/", - "issuer": "http://[::]:8080/" - }, - "allOf": [ - { - "$ref": "#/definitions/HttpConfig" - } - ] - }, - "database": { - "description": "Database connection configuration", - "default": { - "uri": "postgresql://", - "max_connections": 10, - "min_connections": 0, - "connect_timeout": 30, - "idle_timeout": 600, - "max_lifetime": 1800 - }, - "allOf": [ - { - "$ref": "#/definitions/DatabaseConfig" - } - ] - }, - "telemetry": { - "description": "Configuration related to sending monitoring data", - "allOf": [ - { - "$ref": "#/definitions/TelemetryConfig" - } - ] - }, - "templates": { - "description": "Configuration related to templates", - "allOf": [ - { - "$ref": "#/definitions/TemplatesConfig" - } - ] - }, - "email": { - "description": "Configuration related to sending emails", - "default": { - "from": "\"Authentication Service\" ", - "reply_to": "\"Authentication Service\" ", - "transport": "blackhole" - }, - "allOf": [ - { - "$ref": "#/definitions/EmailConfig" - } - ] - }, - "secrets": { - "description": "Application secrets", - "allOf": [ - { - "$ref": "#/definitions/SecretsConfig" - } - ] - }, - "passwords": { - "description": "Configuration related to user passwords", - "default": { - "enabled": true, - "schemes": [ - { - "version": 1, - "algorithm": "argon2id" - } - ], - "minimum_complexity": 3 - }, - "allOf": [ - { - "$ref": "#/definitions/PasswordsConfig" - } - ] - }, - "matrix": { - "description": "Configuration related to the homeserver", - "allOf": [ - { - "$ref": "#/definitions/MatrixConfig" - } - ] - }, - "policy": { - "description": "Configuration related to the OPA policies", - "allOf": [ - { - "$ref": "#/definitions/PolicyConfig" - } - ] - }, - "rate_limiting": { - "description": "Configuration related to limiting the rate of user actions to prevent abuse", - "allOf": [ - { - "$ref": "#/definitions/RateLimitingConfig" - } - ] - }, - "upstream_oauth2": { - "description": "Configuration related to upstream OAuth providers", - "allOf": [ - { - "$ref": "#/definitions/UpstreamOAuth2Config" - } - ] - }, - "branding": { - "description": "Configuration section for tweaking the branding of the service", - "allOf": [ - { - "$ref": "#/definitions/BrandingConfig" - } - ] - }, - "captcha": { - "description": "Configuration section to setup CAPTCHA protection on a few operations", - "allOf": [ - { - "$ref": "#/definitions/CaptchaConfig" - } - ] - }, - "account": { - "description": "Configuration section to configure features related to account management", - "allOf": [ - { - "$ref": "#/definitions/AccountConfig" - } - ] - }, - "experimental": { - "description": "Experimental configuration options", - "allOf": [ - { - "$ref": "#/definitions/ExperimentalConfig" - } - ] - } - }, - "definitions": { - "ClientConfig": { - "description": "An OAuth 2.0 client configuration", - "type": "object", - "required": [ - "client_auth_method", - "client_id" - ], - "properties": { - "client_id": { - "description": "A ULID as per https://github.com/ulid/spec", - "type": "string", - "pattern": "^[0123456789ABCDEFGHJKMNPQRSTVWXYZ]{26}$" - }, - "client_auth_method": { - "description": "Authentication method used for this client", - "allOf": [ - { - "$ref": "#/definitions/ClientAuthMethodConfig" - } - ] - }, - "client_name": { - "description": "Name of the `OAuth2` client", - "type": "string" - }, - "jwks": { - "description": "The JSON Web Key Set (JWKS) used by the `private_key_jwt` authentication method. Mutually exclusive with `jwks_uri`", - "allOf": [ - { - "$ref": "#/definitions/JsonWebKeySet_for_JsonWebKeyPublicParameters" - } - ] - }, - "jwks_uri": { - "description": "The URL of the JSON Web Key Set (JWKS) used by the `private_key_jwt` authentication method. Mutually exclusive with `jwks`", - "type": "string", - "format": "uri" - }, - "redirect_uris": { - "description": "List of allowed redirect URIs", - "type": "array", - "items": { - "type": "string", - "format": "uri" - } - }, - "client_secret_file": { - "description": "Path to the file containing the client secret. The client secret is used by the `client_secret_basic`, `client_secret_post` and `client_secret_jwt` authentication methods.", - "type": "string" - }, - "client_secret": { - "description": "Alternative to `client_secret_file`: Reads the client secret directly from the config.", - "type": "string" - } - } - }, - "ClientAuthMethodConfig": { - "description": "Authentication method used by clients", - "oneOf": [ - { - "description": "`none`: No authentication", - "type": "string", - "enum": [ - "none" - ] - }, - { - "description": "`client_secret_basic`: `client_id` and `client_secret` used as basic authorization credentials", - "type": "string", - "enum": [ - "client_secret_basic" - ] - }, - { - "description": "`client_secret_post`: `client_id` and `client_secret` sent in the request body", - "type": "string", - "enum": [ - "client_secret_post" - ] - }, - { - "description": "`client_secret_basic`: a `client_assertion` sent in the request body and signed using the `client_secret`", - "type": "string", - "enum": [ - "client_secret_jwt" - ] - }, - { - "description": "`client_secret_basic`: a `client_assertion` sent in the request body and signed by an asymmetric key", - "type": "string", - "enum": [ - "private_key_jwt" - ] - } - ] - }, - "JsonWebKeySet_for_JsonWebKeyPublicParameters": { - "type": "object", - "required": [ - "keys" - ], - "properties": { - "keys": { - "type": "array", - "items": { - "$ref": "#/definitions/JsonWebKey_for_JsonWebKeyPublicParameters" - } - } - } - }, - "JsonWebKey_for_JsonWebKeyPublicParameters": { - "type": "object", - "oneOf": [ - { - "type": "object", - "required": [ - "e", - "kty", - "n" - ], - "properties": { - "kty": { - "type": "string", - "enum": [ - "RSA" - ] - }, - "n": { - "type": "string" - }, - "e": { - "type": "string" - } - } - }, - { - "type": "object", - "required": [ - "crv", - "kty", - "x", - "y" - ], - "properties": { - "kty": { - "type": "string", - "enum": [ - "EC" - ] - }, - "crv": { - "$ref": "#/definitions/JsonWebKeyEcEllipticCurve" - }, - "x": { - "type": "string" - }, - "y": { - "type": "string" - } - } - }, - { - "type": "object", - "required": [ - "crv", - "kty", - "x" - ], - "properties": { - "kty": { - "type": "string", - "enum": [ - "OKP" - ] - }, - "crv": { - "$ref": "#/definitions/JsonWebKeyOkpEllipticCurve" - }, - "x": { - "type": "string" - } - } - } - ], - "properties": { - "use": { - "$ref": "#/definitions/JsonWebKeyUse" - }, - "key_ops": { - "type": "array", - "items": { - "$ref": "#/definitions/JsonWebKeyOperation" - } - }, - "alg": { - "$ref": "#/definitions/JsonWebSignatureAlg" - }, - "kid": { - "type": "string" - }, - "x5u": { - "type": "string" - }, - "x5c": { - "type": "array", - "items": { - "type": "string" - } - }, - "x5t": { - "type": "string" - }, - "x5t#S256": { - "type": "string" - } - } - }, - "JsonWebKeyUse": { - "description": "JSON Web Key Use", - "anyOf": [ - { - "description": "Digital Signature or MAC", - "const": "sig" - }, - { - "description": "Encryption", - "const": "enc" - } - ] - }, - "JsonWebKeyOperation": { - "description": "JSON Web Key Operation", - "anyOf": [ - { - "description": "Compute digital signature or MAC", - "const": "sign" - }, - { - "description": "Verify digital signature or MAC", - "const": "verify" - }, - { - "description": "Encrypt content", - "const": "encrypt" - }, - { - "description": "Decrypt content and validate decryption, if applicable", - "const": "decrypt" - }, - { - "description": "Encrypt key", - "const": "wrapKey" - }, - { - "description": "Decrypt key and validate decryption, if applicable", - "const": "unwrapKey" - }, - { - "description": "Derive key", - "const": "deriveKey" - }, - { - "description": "Derive bits not to be used as a key", - "const": "deriveBits" - } - ] - }, - "JsonWebSignatureAlg": { - "description": "JSON Web Signature \"alg\" parameter", - "anyOf": [ - { - "description": "HMAC using SHA-256", - "const": "HS256" - }, - { - "description": "HMAC using SHA-384", - "const": "HS384" - }, - { - "description": "HMAC using SHA-512", - "const": "HS512" - }, - { - "description": "RSASSA-PKCS1-v1_5 using SHA-256", - "const": "RS256" - }, - { - "description": "RSASSA-PKCS1-v1_5 using SHA-384", - "const": "RS384" - }, - { - "description": "RSASSA-PKCS1-v1_5 using SHA-512", - "const": "RS512" - }, - { - "description": "ECDSA using P-256 and SHA-256", - "const": "ES256" - }, - { - "description": "ECDSA using P-384 and SHA-384", - "const": "ES384" - }, - { - "description": "ECDSA using P-521 and SHA-512", - "const": "ES512" - }, - { - "description": "RSASSA-PSS using SHA-256 and MGF1 with SHA-256", - "const": "PS256" - }, - { - "description": "RSASSA-PSS using SHA-384 and MGF1 with SHA-384", - "const": "PS384" - }, - { - "description": "RSASSA-PSS using SHA-512 and MGF1 with SHA-512", - "const": "PS512" - }, - { - "description": "No digital signature or MAC performed", - "const": "none" - }, - { - "description": "EdDSA signature algorithms", - "const": "EdDSA" - }, - { - "description": "ECDSA using secp256k1 curve and SHA-256", - "const": "ES256K" - }, - { - "description": "EdDSA using Ed25519 curve", - "const": "Ed25519" - }, - { - "description": "EdDSA using Ed448 curve", - "const": "Ed448" - } - ] - }, - "JsonWebKeyEcEllipticCurve": { - "description": "JSON Web Key EC Elliptic Curve", - "anyOf": [ - { - "description": "P-256 Curve", - "const": "P-256" - }, - { - "description": "P-384 Curve", - "const": "P-384" - }, - { - "description": "P-521 Curve", - "const": "P-521" - }, - { - "description": "SECG secp256k1 curve", - "const": "secp256k1" - } - ] - }, - "JsonWebKeyOkpEllipticCurve": { - "description": "JSON Web Key OKP Elliptic Curve", - "anyOf": [ - { - "description": "Ed25519 signature algorithm key pairs", - "const": "Ed25519" - }, - { - "description": "Ed448 signature algorithm key pairs", - "const": "Ed448" - }, - { - "description": "X25519 function key pairs", - "const": "X25519" - }, - { - "description": "X448 function key pairs", - "const": "X448" - } - ] - }, - "HttpConfig": { - "description": "Configuration related to the web server", - "type": "object", - "required": [ - "public_base" - ], - "properties": { - "listeners": { - "description": "List of listeners to run", - "default": [], - "type": "array", - "items": { - "$ref": "#/definitions/ListenerConfig" - } - }, - "trusted_proxies": { - "description": "List of trusted reverse proxies that can set the `X-Forwarded-For` header", - "default": [ - "192.168.0.0/16", - "172.16.0.0/12", - "10.0.0.0/10", - "127.0.0.1/8", - "fd00::/8", - "::1/128" - ], - "type": "array", - "items": { - "$ref": "#/definitions/IpNetwork" - } - }, - "public_base": { - "description": "Public URL base from where the authentication service is reachable", - "type": "string", - "format": "uri" - }, - "issuer": { - "description": "OIDC issuer URL. Defaults to `public_base` if not set.", - "type": "string", - "format": "uri" - } - } - }, - "ListenerConfig": { - "description": "Configuration of a listener", - "type": "object", - "required": [ - "binds", - "resources" - ], - "properties": { - "name": { - "description": "A unique name for this listener which will be shown in traces and in metrics labels", - "type": "string" - }, - "resources": { - "description": "List of resources to mount", - "type": "array", - "items": { - "$ref": "#/definitions/Resource" - } - }, - "prefix": { - "description": "HTTP prefix to mount the resources on", - "type": "string" - }, - "binds": { - "description": "List of sockets to bind", - "type": "array", - "items": { - "$ref": "#/definitions/BindConfig" - } - }, - "proxy_protocol": { - "description": "Accept `HAProxy`'s Proxy Protocol V1", - "default": false, - "type": "boolean" - }, - "tls": { - "description": "If set, makes the listener use TLS with the provided certificate and key", - "allOf": [ - { - "$ref": "#/definitions/TlsConfig" - } - ] - } - } - }, - "Resource": { - "description": "HTTP resources to mount", - "oneOf": [ - { - "description": "Healthcheck endpoint (/health)", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string", - "enum": [ - "health" - ] - } - } - }, - { - "description": "Prometheus metrics endpoint (/metrics)", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string", - "enum": [ - "prometheus" - ] - } - } - }, - { - "description": "OIDC discovery endpoints", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string", - "enum": [ - "discovery" - ] - } - } - }, - { - "description": "Pages destined to be viewed by humans", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string", - "enum": [ - "human" - ] - } - } - }, - { - "description": "GraphQL endpoint", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string", - "enum": [ - "graphql" - ] - }, - "playground": { - "description": "Enabled the GraphQL playground", - "type": "boolean" - }, - "undocumented_oauth2_access": { - "description": "Allow access for OAuth 2.0 clients (undocumented)", - "type": "boolean" - } - } - }, - { - "description": "OAuth-related APIs", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string", - "enum": [ - "oauth" - ] - } - } - }, - { - "description": "Matrix compatibility API", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string", - "enum": [ - "compat" - ] - } - } - }, - { - "description": "Static files", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string", - "enum": [ - "assets" - ] - }, - "path": { - "description": "Path to the directory to serve.", - "type": "string" - } - } - }, - { - "description": "Admin API, served at `/api/admin/v1`", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string", - "enum": [ - "adminapi" - ] - } - } - }, - { - "description": "Mount a \"/connection-info\" handler which helps debugging informations on the upstream connection", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string", - "enum": [ - "connection-info" - ] - } - } - } - ] - }, - "BindConfig": { - "description": "Configuration of a single listener", - "anyOf": [ - { - "description": "Listen on the specified host and port", - "type": "object", - "required": [ - "port" - ], - "properties": { - "host": { - "description": "Host on which to listen.\n\nDefaults to listening on all addresses", - "type": "string" - }, - "port": { - "description": "Port on which to listen.", - "type": "integer", - "format": "uint16", - "minimum": 0.0 - } - } - }, - { - "description": "Listen on the specified address", - "type": "object", - "required": [ - "address" - ], - "properties": { - "address": { - "description": "Host and port on which to listen", - "examples": [ - "[::1]:8080", - "[::]:8080", - "127.0.0.1:8080", - "0.0.0.0:8080" - ], - "type": "string" - } - } - }, - { - "description": "Listen on a UNIX domain socket", - "type": "object", - "required": [ - "socket" - ], - "properties": { - "socket": { - "description": "Path to the socket", - "type": "string" - } - } - }, - { - "description": "Accept connections on file descriptors passed by the parent process.\n\nThis is useful for grabbing sockets passed by systemd.\n\nSee ", - "type": "object", - "properties": { - "fd": { - "description": "Index of the file descriptor. Note that this is offseted by 3 because of the standard input/output sockets, so setting here a value of `0` will grab the file descriptor `3`", - "default": 0, - "type": "integer", - "format": "uint", - "minimum": 0.0 - }, - "kind": { - "description": "Whether the socket is a TCP socket or a UNIX domain socket. Defaults to TCP.", - "default": "tcp", - "allOf": [ - { - "$ref": "#/definitions/UnixOrTcp" - } - ] - } - } - } - ] - }, - "UnixOrTcp": { - "description": "Kind of socket", - "oneOf": [ - { - "description": "UNIX domain socket", - "type": "string", - "enum": [ - "unix" - ] - }, - { - "description": "TCP socket", - "type": "string", - "enum": [ - "tcp" - ] - } - ] - }, - "TlsConfig": { - "description": "Configuration related to TLS on a listener", - "type": "object", - "properties": { - "certificate": { - "description": "PEM-encoded X509 certificate chain\n\nExactly one of `certificate` or `certificate_file` must be set.", - "type": "string" - }, - "certificate_file": { - "description": "File containing the PEM-encoded X509 certificate chain\n\nExactly one of `certificate` or `certificate_file` must be set.", - "type": "string" - }, - "key": { - "description": "PEM-encoded private key\n\nExactly one of `key` or `key_file` must be set.", - "type": "string" - }, - "key_file": { - "description": "File containing a PEM or DER-encoded private key\n\nExactly one of `key` or `key_file` must be set.", - "type": "string" - }, - "password": { - "description": "Password used to decode the private key\n\nOne of `password` or `password_file` must be set if the key is encrypted.", - "type": "string" - }, - "password_file": { - "description": "Password file used to decode the private key\n\nOne of `password` or `password_file` must be set if the key is encrypted.", - "type": "string" - } - } - }, - "IpNetwork": { - "oneOf": [ - { - "title": "v4", - "allOf": [ - { - "$ref": "#/definitions/Ipv4Network" - } - ] - }, - { - "title": "v6", - "allOf": [ - { - "$ref": "#/definitions/Ipv6Network" - } - ] - } - ], - "x-rust-type": "ipnetwork::IpNetwork" - }, - "Ipv4Network": { - "type": "string", - "pattern": "^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\/(3[0-2]|[0-2]?[0-9])$", - "x-rust-type": "ipnetwork::Ipv4Network" - }, - "Ipv6Network": { - "type": "string", - "pattern": "^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\")[/](12[0-8]|1[0-1][0-9]|[0-9]?[0-9])$", - "x-rust-type": "ipnetwork::Ipv6Network" - }, - "DatabaseConfig": { - "description": "Database connection configuration", - "type": "object", - "properties": { - "uri": { - "description": "Connection URI\n\nThis must not be specified if `host`, `port`, `socket`, `username`, `password`, or `database` are specified.", - "default": "postgresql://", - "type": "string", - "format": "uri" - }, - "host": { - "description": "Name of host to connect to\n\nThis must not be specified if `uri` is specified.", - "allOf": [ - { - "$ref": "#/definitions/Hostname" - } - ] - }, - "port": { - "description": "Port number to connect at the server host\n\nThis must not be specified if `uri` is specified.", - "type": "integer", - "format": "uint16", - "maximum": 65535.0, - "minimum": 1.0 - }, - "socket": { - "description": "Directory containing the UNIX socket to connect to\n\nThis must not be specified if `uri` is specified.", - "type": "string" - }, - "username": { - "description": "PostgreSQL user name to connect as\n\nThis must not be specified if `uri` is specified.", - "type": "string" - }, - "password": { - "description": "Password to be used if the server demands password authentication\n\nThis must not be specified if `uri` is specified.", - "type": "string" - }, - "database": { - "description": "The database name\n\nThis must not be specified if `uri` is specified.", - "type": "string" - }, - "ssl_mode": { - "description": "How to handle SSL connections", - "allOf": [ - { - "$ref": "#/definitions/PgSslMode" - } - ] - }, - "ssl_ca": { - "description": "The PEM-encoded root certificate for SSL connections\n\nThis must not be specified if the `ssl_ca_file` option is specified.", - "type": "string" - }, - "ssl_ca_file": { - "description": "Path to the root certificate for SSL connections\n\nThis must not be specified if the `ssl_ca` option is specified.", - "type": "string" - }, - "ssl_certificate": { - "description": "The PEM-encoded client certificate for SSL connections\n\nThis must not be specified if the `ssl_certificate_file` option is specified.", - "type": "string" - }, - "ssl_certificate_file": { - "description": "Path to the client certificate for SSL connections\n\nThis must not be specified if the `ssl_certificate` option is specified.", - "type": "string" - }, - "ssl_key": { - "description": "The PEM-encoded client key for SSL connections\n\nThis must not be specified if the `ssl_key_file` option is specified.", - "type": "string" - }, - "ssl_key_file": { - "description": "Path to the client key for SSL connections\n\nThis must not be specified if the `ssl_key` option is specified.", - "type": "string" - }, - "max_connections": { - "description": "Set the maximum number of connections the pool should maintain", - "default": 10, - "type": "integer", - "format": "uint32", - "minimum": 1.0 - }, - "min_connections": { - "description": "Set the minimum number of connections the pool should maintain", - "default": 0, - "type": "integer", - "format": "uint32", - "minimum": 0.0 - }, - "connect_timeout": { - "description": "Set the amount of time to attempt connecting to the database", - "default": 30, - "type": "integer", - "format": "uint64", - "minimum": 0.0 - }, - "idle_timeout": { - "description": "Set a maximum idle duration for individual connections", - "default": 600, - "type": "integer", - "format": "uint64", - "minimum": 0.0 - }, - "max_lifetime": { - "description": "Set the maximum lifetime of individual connections", - "default": 1800, - "type": "integer", - "format": "uint64", - "minimum": 0.0 - } - } - }, - "Hostname": { - "type": "string", - "format": "hostname" - }, - "PgSslMode": { - "description": "Options for controlling the level of protection provided for PostgreSQL SSL connections.", - "oneOf": [ - { - "description": "Only try a non-SSL connection.", - "type": "string", - "enum": [ - "disable" - ] - }, - { - "description": "First try a non-SSL connection; if that fails, try an SSL connection.", - "type": "string", - "enum": [ - "allow" - ] - }, - { - "description": "First try an SSL connection; if that fails, try a non-SSL connection.", - "type": "string", - "enum": [ - "prefer" - ] - }, - { - "description": "Only try an SSL connection. If a root CA file is present, verify the connection in the same way as if `VerifyCa` was specified.", - "type": "string", - "enum": [ - "require" - ] - }, - { - "description": "Only try an SSL connection, and verify that the server certificate is issued by a trusted certificate authority (CA).", - "type": "string", - "enum": [ - "verify-ca" - ] - }, - { - "description": "Only try an SSL connection; verify that the server certificate is issued by a trusted CA and that the requested server host name matches that in the certificate.", - "type": "string", - "enum": [ - "verify-full" - ] - } - ] - }, - "TelemetryConfig": { - "description": "Configuration related to sending monitoring data", - "type": "object", - "properties": { - "tracing": { - "description": "Configuration related to exporting traces", - "allOf": [ - { - "$ref": "#/definitions/TracingConfig" - } - ] - }, - "metrics": { - "description": "Configuration related to exporting metrics", - "allOf": [ - { - "$ref": "#/definitions/MetricsConfig" - } - ] - }, - "sentry": { - "description": "Configuration related to the Sentry integration", - "allOf": [ - { - "$ref": "#/definitions/SentryConfig" - } - ] - } - } - }, - "TracingConfig": { - "description": "Configuration related to exporting traces", - "type": "object", - "properties": { - "exporter": { - "description": "Exporter to use when exporting traces", - "default": "none", - "allOf": [ - { - "$ref": "#/definitions/TracingExporterKind" - } - ] - }, - "endpoint": { - "description": "OTLP exporter: OTLP over HTTP compatible endpoint", - "default": "https://localhost:4318", - "type": "string", - "format": "uri" - }, - "propagators": { - "description": "List of propagation formats to use for incoming and outgoing requests", - "default": [], - "type": "array", - "items": { - "$ref": "#/definitions/Propagator" - } - }, - "sample_rate": { - "description": "Sample rate for traces\n\nDefaults to `1.0` if not set.", - "examples": [ - 0.5 - ], - "type": "number", - "format": "double", - "maximum": 1.0, - "minimum": 0.0 - } - } - }, - "TracingExporterKind": { - "description": "Exporter to use when exporting traces", - "oneOf": [ - { - "description": "Don't export traces", - "type": "string", - "enum": [ - "none" - ] - }, - { - "description": "Export traces to the standard output. Only useful for debugging", - "type": "string", - "enum": [ - "stdout" - ] - }, - { - "description": "Export traces to an OpenTelemetry protocol compatible endpoint", - "type": "string", - "enum": [ - "otlp" - ] - } - ] - }, - "Propagator": { - "description": "Propagation format for incoming and outgoing requests", - "oneOf": [ - { - "description": "Propagate according to the W3C Trace Context specification", - "type": "string", - "enum": [ - "tracecontext" - ] - }, - { - "description": "Propagate according to the W3C Baggage specification", - "type": "string", - "enum": [ - "baggage" - ] - }, - { - "description": "Propagate trace context with Jaeger compatible headers", - "type": "string", - "enum": [ - "jaeger" - ] - } - ] - }, - "MetricsConfig": { - "description": "Configuration related to exporting metrics", - "type": "object", - "properties": { - "exporter": { - "description": "Exporter to use when exporting metrics", - "default": "none", - "allOf": [ - { - "$ref": "#/definitions/MetricsExporterKind" - } - ] - }, - "endpoint": { - "description": "OTLP exporter: OTLP over HTTP compatible endpoint", - "default": "https://localhost:4318", - "type": "string", - "format": "uri" - } - } - }, - "MetricsExporterKind": { - "description": "Exporter to use when exporting metrics", - "oneOf": [ - { - "description": "Don't export metrics", - "type": "string", - "enum": [ - "none" - ] - }, - { - "description": "Export metrics to stdout. Only useful for debugging", - "type": "string", - "enum": [ - "stdout" - ] - }, - { - "description": "Export metrics to an OpenTelemetry protocol compatible endpoint", - "type": "string", - "enum": [ - "otlp" - ] - }, - { - "description": "Export metrics via Prometheus. An HTTP listener with the `prometheus` resource must be setup to expose the Promethes metrics.", - "type": "string", - "enum": [ - "prometheus" - ] - } - ] - }, - "SentryConfig": { - "description": "Configuration related to the Sentry integration", - "type": "object", - "properties": { - "dsn": { - "description": "Sentry DSN", - "examples": [ - "https://public@host:port/1" - ], - "type": "string", - "format": "uri" - }, - "environment": { - "description": "Environment to use when sending events to Sentry\n\nDefaults to `production` if not set.", - "examples": [ - "production" - ], - "type": "string" - }, - "sample_rate": { - "description": "Sample rate for event submissions\n\nDefaults to `1.0` if not set.", - "examples": [ - 0.5 - ], - "type": "number", - "format": "float", - "maximum": 1.0, - "minimum": 0.0 - }, - "traces_sample_rate": { - "description": "Sample rate for tracing transactions\n\nDefaults to `0.0` if not set.", - "examples": [ - 0.5 - ], - "type": "number", - "format": "float", - "maximum": 1.0, - "minimum": 0.0 - } - } - }, - "TemplatesConfig": { - "description": "Configuration related to templates", - "type": "object", - "properties": { - "path": { - "description": "Path to the folder which holds the templates", - "type": "string" - }, - "assets_manifest": { - "description": "Path to the assets manifest", - "type": "string" - }, - "translations_path": { - "description": "Path to the translations", - "type": "string" - } - } - }, - "EmailConfig": { - "description": "Configuration related to sending emails", - "type": "object", - "required": [ - "transport" - ], - "properties": { - "from": { - "description": "Email address to use as From when sending emails", - "default": "\"Authentication Service\" ", - "type": "string", - "format": "email" - }, - "reply_to": { - "description": "Email address to use as Reply-To when sending emails", - "default": "\"Authentication Service\" ", - "type": "string", - "format": "email" - }, - "transport": { - "description": "What backend should be used when sending emails", - "allOf": [ - { - "$ref": "#/definitions/EmailTransportKind" - } - ] - }, - "mode": { - "description": "SMTP transport: Connection mode to the relay", - "allOf": [ - { - "$ref": "#/definitions/EmailSmtpMode" - } - ] - }, - "hostname": { - "description": "SMTP transport: Hostname to connect to", - "allOf": [ - { - "$ref": "#/definitions/Hostname" - } - ] - }, - "port": { - "description": "SMTP transport: Port to connect to. Default is 25 for plain, 465 for TLS and 587 for `StartTLS`", - "type": "integer", - "format": "uint16", - "maximum": 65535.0, - "minimum": 1.0 - }, - "username": { - "description": "SMTP transport: Username for use to authenticate when connecting to the SMTP server\n\nMust be set if the `password` field is set", - "type": "string" - }, - "password": { - "description": "SMTP transport: Password for use to authenticate when connecting to the SMTP server\n\nMust be set if the `username` field is set", - "type": "string" - }, - "command": { - "description": "Sendmail transport: Command to use to send emails", - "default": "sendmail", - "type": "string" - } - } - }, - "EmailTransportKind": { - "description": "What backend should be used when sending emails", - "oneOf": [ - { - "description": "Don't send emails anywhere", - "type": "string", - "enum": [ - "blackhole" - ] - }, - { - "description": "Send emails via an SMTP relay", - "type": "string", - "enum": [ - "smtp" - ] - }, - { - "description": "Send emails by calling sendmail", - "type": "string", - "enum": [ - "sendmail" - ] - } - ] - }, - "EmailSmtpMode": { - "description": "Encryption mode to use", - "oneOf": [ - { - "description": "Plain text", - "type": "string", - "enum": [ - "plain" - ] - }, - { - "description": "`StartTLS` (starts as plain text then upgrade to TLS)", - "type": "string", - "enum": [ - "starttls" - ] - }, - { - "description": "TLS", - "type": "string", - "enum": [ - "tls" - ] - } - ] - }, - "SecretsConfig": { - "description": "Application secrets", - "type": "object", - "properties": { - "keys": { - "description": "List of private keys to use for signing and encrypting payloads", - "default": [], - "type": "array", - "items": { - "$ref": "#/definitions/KeyConfig" - } - }, - "encryption_file": { - "description": "File containing the encryption key for secure cookies.", - "type": "string" - }, - "encryption": { - "description": "Encryption key for secure cookies.", - "examples": [ - "0000111122223333444455556666777788889999aaaabbbbccccddddeeeeffff" - ], - "type": "string", - "pattern": "[0-9a-fA-F]{64}" - } - } - }, - "KeyConfig": { - "description": "A single key with its key ID and optional password.", - "type": "object", - "properties": { - "kid": { - "description": "The key ID `kid` of the key as used by JWKs.\n\nIf not given, `kid` will be the key’s RFC 7638 JWK Thumbprint.", - "type": "string" - }, - "password_file": { - "type": "string" - }, - "password": { - "type": "string" - }, - "key_file": { - "type": "string" - }, - "key": { - "type": "string" - } - } - }, - "PasswordsConfig": { - "description": "User password hashing config", - "type": "object", - "properties": { - "enabled": { - "description": "Whether password-based authentication is enabled", - "default": true, - "type": "boolean" - }, - "schemes": { - "description": "The hashing schemes to use for hashing and validating passwords\n\nThe hashing scheme with the highest version number will be used for hashing new passwords.", - "default": [ - { - "version": 1, - "algorithm": "argon2id" - } - ], - "type": "array", - "items": { - "$ref": "#/definitions/HashingScheme" - } - }, - "minimum_complexity": { - "description": "Score between 0 and 4 determining the minimum allowed password complexity. Scores are based on the ESTIMATED number of guesses needed to guess the password.\n\n- 0: less than 10^2 (100) - 1: less than 10^4 (10'000) - 2: less than 10^6 (1'000'000) - 3: less than 10^8 (100'000'000) - 4: any more than that", - "default": 3, - "type": "integer", - "format": "uint8", - "minimum": 0.0 - } - } - }, - "HashingScheme": { - "description": "Parameters for a password hashing scheme", - "type": "object", - "required": [ - "algorithm", - "version" - ], - "properties": { - "version": { - "description": "The version of the hashing scheme. They must be unique, and the highest version will be used for hashing new passwords.", - "type": "integer", - "format": "uint16", - "minimum": 0.0 - }, - "algorithm": { - "description": "The hashing algorithm to use", - "allOf": [ - { - "$ref": "#/definitions/Algorithm" - } - ] - }, - "unicode_normalization": { - "description": "Whether to apply Unicode normalization to the password before hashing\n\nDefaults to `false`, and generally recommended to stay false. This is although recommended when importing password hashs from Synapse, as it applies an NFKC normalization to the password before hashing it.", - "type": "boolean" - }, - "cost": { - "description": "Cost for the bcrypt algorithm", - "default": 12, - "type": "integer", - "format": "uint32", - "minimum": 0.0 - }, - "secret": { - "description": "An optional secret to use when hashing passwords. This makes it harder to brute-force the passwords in case of a database leak.", - "type": "string" - }, - "secret_file": { - "description": "Same as `secret`, but read from a file.", - "type": "string" - } - } - }, - "Algorithm": { - "description": "A hashing algorithm", - "oneOf": [ - { - "description": "bcrypt", - "type": "string", - "enum": [ - "bcrypt" - ] - }, - { - "description": "argon2id", - "type": "string", - "enum": [ - "argon2id" - ] - }, - { - "description": "PBKDF2", - "type": "string", - "enum": [ - "pbkdf2" - ] - } - ] - }, - "MatrixConfig": { - "description": "Configuration related to the Matrix homeserver", - "type": "object", - "properties": { - "kind": { - "description": "The kind of homeserver it is.", - "default": "synapse", - "allOf": [ - { - "$ref": "#/definitions/HomeserverKind" - } - ] - }, - "homeserver": { - "description": "The server name of the homeserver.", - "default": "localhost:8008", - "type": "string" - }, - "endpoint": { - "description": "The base URL of the homeserver's client API", - "default": "http://localhost:8008/", - "type": "string", - "format": "uri" - }, - "secret_file": { - "type": "string" - }, - "secret": { - "type": "string" - } - } - }, - "HomeserverKind": { - "description": "The kind of homeserver it is.", - "oneOf": [ - { - "description": "Homeserver is Synapse, version 1.135.0 or newer", - "type": "string", - "enum": [ - "synapse" - ] - }, - { - "description": "Homeserver is Synapse, version 1.135.0 or newer, in read-only mode\n\nThis is meant for testing rolling out Matrix Authentication Service with no risk of writing data to the homeserver.", - "type": "string", - "enum": [ - "synapse_read_only" - ] - }, - { - "description": "Homeserver is Synapse, using the legacy API", - "type": "string", - "enum": [ - "synapse_legacy" - ] - }, - { - "description": "Homeserver is Synapse, with the modern API available (>= 1.135.0)", - "type": "string", - "enum": [ - "synapse_modern" - ] - } - ] - }, - "PolicyConfig": { - "description": "Application secrets", - "type": "object", - "properties": { - "wasm_module": { - "description": "Path to the WASM module", - "type": "string" - }, - "client_registration_entrypoint": { - "description": "Entrypoint to use when evaluating client registrations", - "type": "string" - }, - "register_entrypoint": { - "description": "Entrypoint to use when evaluating user registrations", - "type": "string" - }, - "authorization_grant_entrypoint": { - "description": "Entrypoint to use when evaluating authorization grants", - "type": "string" - }, - "password_entrypoint": { - "description": "Entrypoint to use when changing password", - "type": "string" - }, - "email_entrypoint": { - "description": "Entrypoint to use when adding an email address", - "type": "string" - }, - "data": { - "description": "Arbitrary data to pass to the policy" - } - } - }, - "RateLimitingConfig": { - "description": "Configuration related to sending emails", - "type": "object", - "properties": { - "account_recovery": { - "description": "Account Recovery-specific rate limits", - "default": { - "per_ip": { - "burst": 3, - "per_second": 0.0008333333333333334 - }, - "per_address": { - "burst": 3, - "per_second": 0.0002777777777777778 - } - }, - "allOf": [ - { - "$ref": "#/definitions/AccountRecoveryRateLimitingConfig" - } - ] - }, - "login": { - "description": "Login-specific rate limits", - "default": { - "per_ip": { - "burst": 3, - "per_second": 0.05 - }, - "per_account": { - "burst": 1800, - "per_second": 0.5 - } - }, - "allOf": [ - { - "$ref": "#/definitions/LoginRateLimitingConfig" - } - ] - }, - "registration": { - "description": "Controls how many registrations attempts are permitted based on source address.", - "default": { - "burst": 3, - "per_second": 0.0008333333333333334 - }, - "allOf": [ - { - "$ref": "#/definitions/RateLimiterConfiguration" - } - ] - }, - "email_authentication": { - "description": "Email authentication-specific rate limits", - "default": { - "per_ip": { - "burst": 5, - "per_second": 0.016666666666666666 - }, - "per_address": { - "burst": 3, - "per_second": 0.0002777777777777778 - }, - "emails_per_session": { - "burst": 2, - "per_second": 0.0033333333333333335 - }, - "attempt_per_session": { - "burst": 10, - "per_second": 0.016666666666666666 - } - }, - "allOf": [ - { - "$ref": "#/definitions/EmailauthenticationRateLimitingConfig" - } - ] - } - } - }, - "AccountRecoveryRateLimitingConfig": { - "type": "object", - "properties": { - "per_ip": { - "description": "Controls how many account recovery attempts are permitted based on source IP address. This can protect against causing e-mail spam to many targets.\n\nNote: this limit also applies to re-sends.", - "default": { - "burst": 3, - "per_second": 0.0008333333333333334 - }, - "allOf": [ - { - "$ref": "#/definitions/RateLimiterConfiguration" - } - ] - }, - "per_address": { - "description": "Controls how many account recovery attempts are permitted based on the e-mail address entered into the recovery form. This can protect against causing e-mail spam to one target.\n\nNote: this limit also applies to re-sends.", - "default": { - "burst": 3, - "per_second": 0.0002777777777777778 - }, - "allOf": [ - { - "$ref": "#/definitions/RateLimiterConfiguration" - } - ] - } - } - }, - "RateLimiterConfiguration": { - "type": "object", - "required": [ - "burst", - "per_second" - ], - "properties": { - "burst": { - "description": "A one-off burst of actions that the user can perform in one go without waiting.", - "type": "integer", - "format": "uint32", - "minimum": 1.0 - }, - "per_second": { - "description": "How quickly the allowance replenishes, in number of actions per second. Can be fractional to replenish slower.", - "type": "number", - "format": "double" - } - } - }, - "LoginRateLimitingConfig": { - "type": "object", - "properties": { - "per_ip": { - "description": "Controls how many login attempts are permitted based on source IP address. This can protect against brute force login attempts.\n\nNote: this limit also applies to password checks when a user attempts to change their own password.", - "default": { - "burst": 3, - "per_second": 0.05 - }, - "allOf": [ - { - "$ref": "#/definitions/RateLimiterConfiguration" - } - ] - }, - "per_account": { - "description": "Controls how many login attempts are permitted based on the account that is being attempted to be logged into. This can protect against a distributed brute force attack but should be set high enough to prevent someone's account being casually locked out.\n\nNote: this limit also applies to password checks when a user attempts to change their own password.", - "default": { - "burst": 1800, - "per_second": 0.5 - }, - "allOf": [ - { - "$ref": "#/definitions/RateLimiterConfiguration" - } - ] - } - } - }, - "EmailauthenticationRateLimitingConfig": { - "type": "object", - "properties": { - "per_ip": { - "description": "Controls how many email authentication attempts are permitted based on the source IP address. This can protect against causing e-mail spam to many targets.", - "default": { - "burst": 5, - "per_second": 0.016666666666666666 - }, - "allOf": [ - { - "$ref": "#/definitions/RateLimiterConfiguration" - } - ] - }, - "per_address": { - "description": "Controls how many email authentication attempts are permitted based on the e-mail address entered into the authentication form. This can protect against causing e-mail spam to one target.\n\nNote: this limit also applies to re-sends.", - "default": { - "burst": 3, - "per_second": 0.0002777777777777778 - }, - "allOf": [ - { - "$ref": "#/definitions/RateLimiterConfiguration" - } - ] - }, - "emails_per_session": { - "description": "Controls how many authentication emails are permitted to be sent per authentication session. This ensures not too many authentication codes are created for the same authentication session.", - "default": { - "burst": 2, - "per_second": 0.0033333333333333335 - }, - "allOf": [ - { - "$ref": "#/definitions/RateLimiterConfiguration" - } - ] - }, - "attempt_per_session": { - "description": "Controls how many code authentication attempts are permitted per authentication session. This can protect against brute-forcing the code.", - "default": { - "burst": 10, - "per_second": 0.016666666666666666 - }, - "allOf": [ - { - "$ref": "#/definitions/RateLimiterConfiguration" - } - ] - } - } - }, - "UpstreamOAuth2Config": { - "description": "Upstream OAuth 2.0 providers configuration", - "type": "object", - "required": [ - "providers" - ], - "properties": { - "providers": { - "description": "List of OAuth 2.0 providers", - "type": "array", - "items": { - "$ref": "#/definitions/Provider" - } - } - } - }, - "Provider": { - "description": "Configuration for one upstream OAuth 2 provider.", - "type": "object", - "required": [ - "client_id", - "id", - "token_endpoint_auth_method" - ], - "properties": { - "enabled": { - "description": "Whether this provider is enabled.\n\nDefaults to `true`", - "type": "boolean" - }, - "id": { - "description": "A ULID as per https://github.com/ulid/spec", - "type": "string", - "pattern": "^[0123456789ABCDEFGHJKMNPQRSTVWXYZ]{26}$" - }, - "synapse_idp_id": { - "description": "The ID of the provider that was used by Synapse. In order to perform a Synapse-to-MAS migration, this must be specified.\n\n## For providers that used OAuth 2.0 or OpenID Connect in Synapse\n\n### For `oidc_providers`: This should be specified as `oidc-` followed by the ID that was configured as `idp_id` in one of the `oidc_providers` in the Synapse configuration. For example, if Synapse's configuration contained `idp_id: wombat` for this provider, then specify `oidc-wombat` here.\n\n### For `oidc_config` (legacy): Specify `oidc` here.", - "type": "string" - }, - "issuer": { - "description": "The OIDC issuer URL\n\nThis is required if OIDC discovery is enabled (which is the default)", - "type": "string" - }, - "human_name": { - "description": "A human-readable name for the provider, that will be shown to users", - "type": "string" - }, - "brand_name": { - "description": "A brand identifier used to customise the UI, e.g. `apple`, `google`, `github`, etc.\n\nValues supported by the default template are:\n\n- `apple` - `google` - `facebook` - `github` - `gitlab` - `twitter` - `discord`", - "type": "string" - }, - "client_id": { - "description": "The client ID to use when authenticating with the provider", - "type": "string" - }, - "client_secret": { - "description": "The client secret to use when authenticating with the provider\n\nUsed by the `client_secret_basic`, `client_secret_post`, and `client_secret_jwt` methods", - "type": "string" - }, - "token_endpoint_auth_method": { - "description": "The method to authenticate the client with the provider", - "allOf": [ - { - "$ref": "#/definitions/TokenAuthMethod" - } - ] - }, - "sign_in_with_apple": { - "description": "Additional parameters for the `sign_in_with_apple` method", - "allOf": [ - { - "$ref": "#/definitions/SignInWithApple" - } - ] - }, - "token_endpoint_auth_signing_alg": { - "description": "The JWS algorithm to use when authenticating the client with the provider\n\nUsed by the `client_secret_jwt` and `private_key_jwt` methods", - "allOf": [ - { - "$ref": "#/definitions/JsonWebSignatureAlg" - } - ] - }, - "id_token_signed_response_alg": { - "description": "Expected signature for the JWT payload returned by the token authentication endpoint.\n\nDefaults to `RS256`.", - "allOf": [ - { - "$ref": "#/definitions/JsonWebSignatureAlg" - } - ] - }, - "scope": { - "description": "The scopes to request from the provider\n\nDefaults to `openid`.", - "type": "string" - }, - "discovery_mode": { - "description": "How to discover the provider's configuration\n\nDefaults to `oidc`, which uses OIDC discovery with strict metadata verification", - "allOf": [ - { - "$ref": "#/definitions/DiscoveryMode" - } - ] - }, - "pkce_method": { - "description": "Whether to use proof key for code exchange (PKCE) when requesting and exchanging the token.\n\nDefaults to `auto`, which uses PKCE if the provider supports it.", - "allOf": [ - { - "$ref": "#/definitions/PkceMethod" - } - ] - }, - "fetch_userinfo": { - "description": "Whether to fetch the user profile from the userinfo endpoint, or to rely on the data returned in the `id_token` from the `token_endpoint`.\n\nDefaults to `false`.", - "default": false, - "type": "boolean" - }, - "userinfo_signed_response_alg": { - "description": "Expected signature for the JWT payload returned by the userinfo endpoint.\n\nIf not specified, the response is expected to be an unsigned JSON payload.", - "allOf": [ - { - "$ref": "#/definitions/JsonWebSignatureAlg" - } - ] - }, - "authorization_endpoint": { - "description": "The URL to use for the provider's authorization endpoint\n\nDefaults to the `authorization_endpoint` provided through discovery", - "type": "string", - "format": "uri" - }, - "userinfo_endpoint": { - "description": "The URL to use for the provider's userinfo endpoint\n\nDefaults to the `userinfo_endpoint` provided through discovery", - "type": "string", - "format": "uri" - }, - "token_endpoint": { - "description": "The URL to use for the provider's token endpoint\n\nDefaults to the `token_endpoint` provided through discovery", - "type": "string", - "format": "uri" - }, - "jwks_uri": { - "description": "The URL to use for getting the provider's public keys\n\nDefaults to the `jwks_uri` provided through discovery", - "type": "string", - "format": "uri" - }, - "response_mode": { - "description": "The response mode we ask the provider to use for the callback", - "allOf": [ - { - "$ref": "#/definitions/ResponseMode" - } - ] - }, - "claims_imports": { - "description": "How claims should be imported from the `id_token` provided by the provider", - "allOf": [ - { - "$ref": "#/definitions/ClaimsImports" - } - ] - }, - "additional_authorization_parameters": { - "description": "Additional parameters to include in the authorization request\n\nOrders of the keys are not preserved.", - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "forward_login_hint": { - "description": "Whether the `login_hint` should be forwarded to the provider in the authorization request.\n\nDefaults to `false`.", - "default": false, - "type": "boolean" - }, - "on_backchannel_logout": { - "description": "What to do when receiving an OIDC Backchannel logout request.\n\nDefaults to `do_nothing`.", - "allOf": [ - { - "$ref": "#/definitions/OnBackchannelLogout" - } - ] - } - } - }, - "TokenAuthMethod": { - "description": "Authentication methods used against the OAuth 2.0 provider", - "oneOf": [ - { - "description": "`none`: No authentication", - "type": "string", - "enum": [ - "none" - ] - }, - { - "description": "`client_secret_basic`: `client_id` and `client_secret` used as basic authorization credentials", - "type": "string", - "enum": [ - "client_secret_basic" - ] - }, - { - "description": "`client_secret_post`: `client_id` and `client_secret` sent in the request body", - "type": "string", - "enum": [ - "client_secret_post" - ] - }, - { - "description": "`client_secret_jwt`: a `client_assertion` sent in the request body and signed using the `client_secret`", - "type": "string", - "enum": [ - "client_secret_jwt" - ] - }, - { - "description": "`private_key_jwt`: a `client_assertion` sent in the request body and signed by an asymmetric key", - "type": "string", - "enum": [ - "private_key_jwt" - ] - }, - { - "description": "`sign_in_with_apple`: a special method for Signin with Apple", - "type": "string", - "enum": [ - "sign_in_with_apple" - ] - } - ] - }, - "SignInWithApple": { - "type": "object", - "required": [ - "key_id", - "team_id" - ], - "properties": { - "private_key_file": { - "description": "The private key file used to sign the `id_token`", - "type": "string" - }, - "private_key": { - "description": "The private key used to sign the `id_token`", - "type": "string" - }, - "team_id": { - "description": "The Team ID of the Apple Developer Portal", - "type": "string" - }, - "key_id": { - "description": "The key ID of the Apple Developer Portal", - "type": "string" - } - } - }, - "DiscoveryMode": { - "description": "How to discover the provider's configuration", - "oneOf": [ - { - "description": "Use OIDC discovery with strict metadata verification", - "type": "string", - "enum": [ - "oidc" - ] - }, - { - "description": "Use OIDC discovery with relaxed metadata verification", - "type": "string", - "enum": [ - "insecure" - ] - }, - { - "description": "Use a static configuration", - "type": "string", - "enum": [ - "disabled" - ] - } - ] - }, - "PkceMethod": { - "description": "Whether to use proof key for code exchange (PKCE) when requesting and exchanging the token.", - "oneOf": [ - { - "description": "Use PKCE if the provider supports it\n\nDefaults to no PKCE if provider discovery is disabled", - "type": "string", - "enum": [ - "auto" - ] - }, - { - "description": "Always use PKCE with the S256 challenge method", - "type": "string", - "enum": [ - "always" - ] - }, - { - "description": "Never use PKCE", - "type": "string", - "enum": [ - "never" - ] - } - ] - }, - "ResponseMode": { - "description": "The response mode we ask the provider to use for the callback", - "oneOf": [ - { - "description": "`query`: The provider will send the response as a query string in the URL search parameters", - "type": "string", - "enum": [ - "query" - ] - }, - { - "description": "`form_post`: The provider will send the response as a POST request with the response parameters in the request body\n\n", - "type": "string", - "enum": [ - "form_post" - ] - } - ] - }, - "ClaimsImports": { - "description": "How claims should be imported", - "type": "object", - "properties": { - "subject": { - "description": "How to determine the subject of the user", - "allOf": [ - { - "$ref": "#/definitions/SubjectImportPreference" - } - ] - }, - "localpart": { - "description": "Import the localpart of the MXID", - "allOf": [ - { - "$ref": "#/definitions/LocalpartImportPreference" - } - ] - }, - "displayname": { - "description": "Import the displayname of the user.", - "allOf": [ - { - "$ref": "#/definitions/DisplaynameImportPreference" - } - ] - }, - "email": { - "description": "Import the email address of the user based on the `email` and `email_verified` claims", - "allOf": [ - { - "$ref": "#/definitions/EmailImportPreference" - } - ] - }, - "account_name": { - "description": "Set a human-readable name for the upstream account for display purposes", - "allOf": [ - { - "$ref": "#/definitions/AccountNameImportPreference" - } - ] - } - } - }, - "SubjectImportPreference": { - "description": "What should be done for the subject attribute", - "type": "object", - "properties": { - "template": { - "description": "The Jinja2 template to use for the subject attribute\n\nIf not provided, the default template is `{{ user.sub }}`", - "type": "string" - } - } - }, - "LocalpartImportPreference": { - "description": "What should be done for the localpart attribute", - "type": "object", - "properties": { - "action": { - "description": "How to handle the attribute", - "allOf": [ - { - "$ref": "#/definitions/ImportAction" - } - ] - }, - "template": { - "description": "The Jinja2 template to use for the localpart attribute\n\nIf not provided, the default template is `{{ user.preferred_username }}`", - "type": "string" - }, - "on_conflict": { - "description": "How to handle conflicts on the claim, default value is `Fail`", - "allOf": [ - { - "$ref": "#/definitions/OnConflict" - } - ] - } - } - }, - "ImportAction": { - "description": "How to handle a claim", - "oneOf": [ - { - "description": "Ignore the claim", - "type": "string", - "enum": [ - "ignore" - ] - }, - { - "description": "Suggest the claim value, but allow the user to change it", - "type": "string", - "enum": [ - "suggest" - ] - }, - { - "description": "Force the claim value, but don't fail if it is missing", - "type": "string", - "enum": [ - "force" - ] - }, - { - "description": "Force the claim value, and fail if it is missing", - "type": "string", - "enum": [ - "require" - ] - } - ] - }, - "OnConflict": { - "description": "How to handle an existing localpart claim", - "oneOf": [ - { - "description": "Fails the sso login on conflict", - "type": "string", - "enum": [ - "fail" - ] - }, - { - "description": "Adds the oauth identity link, regardless of whether there is an existing link or not", - "type": "string", - "enum": [ - "add" - ] - } - ] - }, - "DisplaynameImportPreference": { - "description": "What should be done for the displayname attribute", - "type": "object", - "properties": { - "action": { - "description": "How to handle the attribute", - "allOf": [ - { - "$ref": "#/definitions/ImportAction" - } - ] - }, - "template": { - "description": "The Jinja2 template to use for the displayname attribute\n\nIf not provided, the default template is `{{ user.name }}`", - "type": "string" - } - } - }, - "EmailImportPreference": { - "description": "What should be done with the email attribute", - "type": "object", - "properties": { - "action": { - "description": "How to handle the claim", - "allOf": [ - { - "$ref": "#/definitions/ImportAction" - } - ] - }, - "template": { - "description": "The Jinja2 template to use for the email address attribute\n\nIf not provided, the default template is `{{ user.email }}`", - "type": "string" - } - } - }, - "AccountNameImportPreference": { - "description": "What should be done for the account name attribute", - "type": "object", - "properties": { - "template": { - "description": "The Jinja2 template to use for the account name. This name is only used for display purposes.\n\nIf not provided, it will be ignored.", - "type": "string" - } - } - }, - "OnBackchannelLogout": { - "description": "What to do when receiving an OIDC Backchannel logout request.", - "oneOf": [ - { - "description": "Do nothing", - "type": "string", - "enum": [ - "do_nothing" - ] - }, - { - "description": "Only log out the MAS 'browser session' started by this OIDC session", - "type": "string", - "enum": [ - "logout_browser_only" - ] - }, - { - "description": "Log out all sessions started by this OIDC session, including MAS 'browser sessions' and client sessions", - "type": "string", - "enum": [ - "logout_all" - ] - } - ] - }, - "BrandingConfig": { - "description": "Configuration section for tweaking the branding of the service", - "type": "object", - "properties": { - "service_name": { - "description": "A human-readable name. Defaults to the server's address.", - "type": "string" - }, - "policy_uri": { - "description": "Link to a privacy policy, displayed in the footer of web pages and emails. It is also advertised to clients through the `op_policy_uri` OIDC provider metadata.", - "type": "string", - "format": "uri" - }, - "tos_uri": { - "description": "Link to a terms of service document, displayed in the footer of web pages and emails. It is also advertised to clients through the `op_tos_uri` OIDC provider metadata.", - "type": "string", - "format": "uri" - }, - "imprint": { - "description": "Legal imprint, displayed in the footer in the footer of web pages and emails.", - "type": "string" - }, - "logo_uri": { - "description": "Logo displayed in some web pages.", - "type": "string", - "format": "uri" - } - } - }, - "CaptchaConfig": { - "description": "Configuration section to setup CAPTCHA protection on a few operations", - "type": "object", - "properties": { - "service": { - "description": "Which service should be used for CAPTCHA protection", - "allOf": [ - { - "$ref": "#/definitions/CaptchaServiceKind" - } - ] - }, - "site_key": { - "description": "The site key to use", - "type": "string" - }, - "secret_key": { - "description": "The secret key to use", - "type": "string" - } - } - }, - "CaptchaServiceKind": { - "description": "Which service should be used for CAPTCHA protection", - "oneOf": [ - { - "description": "Use Google's reCAPTCHA v2 API", - "type": "string", - "enum": [ - "recaptcha_v2" - ] - }, - { - "description": "Use Cloudflare Turnstile", - "type": "string", - "enum": [ - "cloudflare_turnstile" - ] - }, - { - "description": "Use ``HCaptcha``", - "type": "string", - "enum": [ - "hcaptcha" - ] - } - ] - }, - "AccountConfig": { - "description": "Configuration section to configure features related to account management", - "type": "object", - "properties": { - "email_change_allowed": { - "description": "Whether users are allowed to change their email addresses. Defaults to `true`.", - "type": "boolean" - }, - "displayname_change_allowed": { - "description": "Whether users are allowed to change their display names. Defaults to `true`.\n\nThis should be in sync with the policy in the homeserver configuration.", - "type": "boolean" - }, - "password_registration_enabled": { - "description": "Whether to enable self-service password registration. Defaults to `false` if password authentication is enabled.\n\nThis has no effect if password login is disabled.", - "type": "boolean" - }, - "password_registration_email_required": { - "description": "Whether self-service password registrations require a valid email. Defaults to `true`.\n\nThis has no effect if password registration is disabled.", - "type": "boolean" - }, - "password_change_allowed": { - "description": "Whether users are allowed to change their passwords. Defaults to `true`.\n\nThis has no effect if password login is disabled.", - "type": "boolean" - }, - "password_recovery_enabled": { - "description": "Whether email-based password recovery is enabled. Defaults to `false`.\n\nThis has no effect if password login is disabled.", - "type": "boolean" - }, - "account_deactivation_allowed": { - "description": "Whether users are allowed to delete their own account. Defaults to `true`.", - "type": "boolean" - }, - "login_with_email_allowed": { - "description": "Whether users can log in with their email address. Defaults to `false`.\n\nThis has no effect if password login is disabled.", - "type": "boolean" - }, - "registration_token_required": { - "description": "Whether registration tokens are required for password registrations. Defaults to `false`.\n\nWhen enabled, users must provide a valid registration token during password registration. This has no effect if password registration is disabled.", - "type": "boolean" - } - } - }, - "ExperimentalConfig": { - "description": "Configuration sections for experimental options\n\nDo not change these options unless you know what you are doing.", - "type": "object", - "properties": { - "access_token_ttl": { - "description": "Time-to-live of access tokens in seconds. Defaults to 5 minutes.", - "type": "integer", - "format": "uint64", - "maximum": 86400.0, - "minimum": 60.0 - }, - "compat_token_ttl": { - "description": "Time-to-live of compatibility access tokens in seconds. Defaults to 5 minutes.", - "type": "integer", - "format": "uint64", - "maximum": 86400.0, - "minimum": 60.0 - }, - "inactive_session_expiration": { - "description": "Experimetal feature to automatically expire inactive sessions\n\nDisabled by default", - "allOf": [ - { - "$ref": "#/definitions/InactiveSessionExpirationConfig" - } - ] - }, - "plan_management_iframe_uri": { - "description": "Experimental feature to show a plan management tab and iframe. This value is passed through \"as is\" to the client without any validation.", - "type": "string" - }, - "session_limit": { - "description": "Experimental feature to limit the number of application sessions per user.\n\nDisabled by default.", - "allOf": [ - { - "$ref": "#/definitions/SessionLimitConfig" - } - ] - } - } - }, - "InactiveSessionExpirationConfig": { - "description": "Configuration options for the inactive session expiration feature", - "type": "object", - "required": [ - "ttl" - ], - "properties": { - "ttl": { - "description": "Time after which an inactive session is automatically finished", - "type": "integer", - "format": "uint64", - "maximum": 7776000.0, - "minimum": 600.0 - }, - "expire_compat_sessions": { - "description": "Should compatibility sessions expire after inactivity", - "default": true, - "type": "boolean" - }, - "expire_oauth_sessions": { - "description": "Should OAuth 2.0 sessions expire after inactivity", - "default": true, - "type": "boolean" - }, - "expire_user_sessions": { - "description": "Should user sessions expire after inactivity", - "default": true, - "type": "boolean" - } - } - }, - "SessionLimitConfig": { - "description": "Configuration options for the session limit feature", - "type": "object", - "required": [ - "hard_limit", - "soft_limit" - ], - "properties": { - "soft_limit": { - "type": "integer", - "format": "uint64", - "minimum": 1.0 - }, - "hard_limit": { - "type": "integer", - "format": "uint64", - "minimum": 1.0 - } - } - } - } -} \ No newline at end of file diff --git a/frontend/.storybook/locales.ts b/frontend/.storybook/locales.ts index 090812bf0..a9f88823c 100644 --- a/frontend/.storybook/locales.ts +++ b/frontend/.storybook/locales.ts @@ -27,7 +27,7 @@ export type LocalazyMetadata = { }; const localazyMetadata: LocalazyMetadata = { - projectUrl: "https://localazy.com/p/matrix-authentication-service", + projectUrl: "https://localazy.com/p/matrix-authentication-service!v1.6", baseLocale: "en", languages: [ { @@ -172,21 +172,21 @@ const localazyMetadata: LocalazyMetadata = { file: "frontend.json", path: "", cdnFiles: { - "cs": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/cs/frontend.json", - "da": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/da/frontend.json", - "de": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/de/frontend.json", - "en": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/en/frontend.json", - "et": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/et/frontend.json", - "fi": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/fi/frontend.json", - "fr": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/fr/frontend.json", - "hu": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/hu/frontend.json", - "nb_NO": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/nb-NO/frontend.json", - "nl": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/nl/frontend.json", - "pt": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/pt/frontend.json", - "ru": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/ru/frontend.json", - "sv": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/sv/frontend.json", - "uk": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/uk/frontend.json", - "zh#Hans": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/zh-Hans/frontend.json" + "cs": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/cs/frontend.json", + "da": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/da/frontend.json", + "de": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/de/frontend.json", + "en": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/en/frontend.json", + "et": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/et/frontend.json", + "fi": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/fi/frontend.json", + "fr": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/fr/frontend.json", + "hu": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/hu/frontend.json", + "nb_NO": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/nb-NO/frontend.json", + "nl": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/nl/frontend.json", + "pt": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/pt/frontend.json", + "ru": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/ru/frontend.json", + "sv": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/sv/frontend.json", + "uk": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/uk/frontend.json", + "zh#Hans": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/7c203a8ac8bd48c3c4609a8effcd0fbac430f9b2/zh-Hans/frontend.json" } }, { @@ -194,21 +194,21 @@ const localazyMetadata: LocalazyMetadata = { file: "file.json", path: "", cdnFiles: { - "cs": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/cs/file.json", - "da": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/da/file.json", - "de": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/de/file.json", - "en": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/en/file.json", - "et": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/et/file.json", - "fi": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/fi/file.json", - "fr": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/fr/file.json", - "hu": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/hu/file.json", - "nb_NO": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/nb-NO/file.json", - "nl": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/nl/file.json", - "pt": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/pt/file.json", - "ru": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/ru/file.json", - "sv": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/sv/file.json", - "uk": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/uk/file.json", - "zh#Hans": "https://delivery.localazy.com/_a7686032324574572744739e0707/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/zh-Hans/file.json" + "cs": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/cs/file.json", + "da": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/da/file.json", + "de": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/de/file.json", + "en": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/en/file.json", + "et": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/et/file.json", + "fi": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/fi/file.json", + "fr": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/fr/file.json", + "hu": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/hu/file.json", + "nb_NO": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/nb-NO/file.json", + "nl": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/nl/file.json", + "pt": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/pt/file.json", + "ru": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/ru/file.json", + "sv": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/sv/file.json", + "uk": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/uk/file.json", + "zh#Hans": "https://delivery.localazy.com/_a67480892591190493723a576eac/_e0/5b69b0350dccfd47c245a5d41c1b9fdf6912cc6e/zh-Hans/file.json" } } ] diff --git a/frontend/package-lock.json b/frontend/package-lock.json index ef6e9f9c3..9885509dc 100644 --- a/frontend/package-lock.json +++ b/frontend/package-lock.json @@ -34,10 +34,10 @@ "@browser-logos/firefox": "^3.0.10", "@browser-logos/safari": "^2.1.0", "@graphql-codegen/cli": "^6.0.1", - "@graphql-codegen/client-preset": "^5.1.0", + "@graphql-codegen/client-preset": "^5.1.1", "@graphql-codegen/typescript-msw": "^3.0.1", - "@storybook/addon-docs": "^9.1.13", - "@storybook/react-vite": "^9.1.13", + "@storybook/addon-docs": "^10.0.5", + "@storybook/react-vite": "^10.0.5", "@tanstack/react-query-devtools": "^5.90.2", "@tanstack/react-router-devtools": "^1.131.44", "@tanstack/router-plugin": "^1.131.44", @@ -62,10 +62,10 @@ "postcss-import": "^16.1.1", "postcss-nesting": "^13.0.2", "rimraf": "^6.0.1", - "storybook": "^9.1.5", + "storybook": "^10.0.5", "tailwindcss": "^3.4.18", "typescript": "^5.9.3", - "vite": "7.1.12", + "vite": "7.2.2", "vite-plugin-compression": "^0.5.1", "vite-plugin-graphql-codegen": "^3.7.0", "vite-plugin-manifest-sri": "^0.2.0", @@ -1981,16 +1981,16 @@ } }, "node_modules/@graphql-codegen/client-preset": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/@graphql-codegen/client-preset/-/client-preset-5.1.0.tgz", - "integrity": "sha512-MYMy9dIlAgT3q1U8WUys6Y8yt/T9WLsm1DczRtrCpV5N11v4Rlg3hGWQmEvhJtBbWxgzfYoHZHb0TohtbLkJ+g==", + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/@graphql-codegen/client-preset/-/client-preset-5.1.1.tgz", + "integrity": "sha512-d7a4KdZJBOPt/O55JneBz9WwvpWar/P5yyxfjZvvoRErXPRsWtswLp+CBKKPkRcEIz9MXfTdQ1GL3kQg16DLfg==", "dev": true, "license": "MIT", "dependencies": { "@babel/helper-plugin-utils": "^7.20.2", "@babel/template": "^7.20.7", "@graphql-codegen/add": "^6.0.0", - "@graphql-codegen/gql-tag-operations": "5.0.2", + "@graphql-codegen/gql-tag-operations": "5.0.3", "@graphql-codegen/plugin-helpers": "^6.0.0", "@graphql-codegen/typed-document-node": "^6.0.2", "@graphql-codegen/typescript": "^5.0.2", @@ -2048,9 +2048,9 @@ "license": "0BSD" }, "node_modules/@graphql-codegen/gql-tag-operations": { - "version": "5.0.2", - "resolved": "https://registry.npmjs.org/@graphql-codegen/gql-tag-operations/-/gql-tag-operations-5.0.2.tgz", - "integrity": "sha512-iK+LFGv4ihHKeerADFPTL7Iq4iNr+J1jm2+GUMtwTSAL4nGk+BdfyruV7eR53R7Des8NFdI+9hBzKbbob7VwGQ==", + "version": "5.0.3", + "resolved": "https://registry.npmjs.org/@graphql-codegen/gql-tag-operations/-/gql-tag-operations-5.0.3.tgz", + "integrity": "sha512-G6YqeDMMuwMvAtlW+MUaQDoYgQtBuBrfp89IOSnj7YXqSc/TMOma3X5XeXM4/oeNDQyfm2A66j5H8DYf04mJZg==", "dev": true, "license": "MIT", "dependencies": { @@ -5134,16 +5134,16 @@ "license": "Apache-2.0" }, "node_modules/@storybook/addon-docs": { - "version": "9.1.13", - "resolved": "https://registry.npmjs.org/@storybook/addon-docs/-/addon-docs-9.1.13.tgz", - "integrity": "sha512-V1nCo7bfC3kQ5VNVq0VDcHsIhQf507m+BxMA5SIYiwdJHljH2BXpW2fL3FFn9gv9Wp57AEEzhm+wh4zANaJgkg==", + "version": "10.0.5", + "resolved": "https://registry.npmjs.org/@storybook/addon-docs/-/addon-docs-10.0.5.tgz", + "integrity": "sha512-KCdvqXnBzsHSDZJNonH07FjqiHEQOEo3UtWH/Co43vYvDMEIwZTuQqswxBaO8KCXQlHyLtz5LJ4RluNW+KNJKQ==", "dev": true, "license": "MIT", "dependencies": { "@mdx-js/react": "^3.0.0", - "@storybook/csf-plugin": "9.1.13", - "@storybook/icons": "^1.4.0", - "@storybook/react-dom-shim": "9.1.13", + "@storybook/csf-plugin": "10.0.5", + "@storybook/icons": "^1.6.0", + "@storybook/react-dom-shim": "10.0.5", "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0", "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0", "ts-dedent": "^2.0.0" @@ -5153,43 +5153,58 @@ "url": "https://opencollective.com/storybook" }, "peerDependencies": { - "storybook": "^9.1.13" + "storybook": "^10.0.5" } }, - "node_modules/@storybook/builder-vite": { - "version": "9.1.13", - "resolved": "https://registry.npmjs.org/@storybook/builder-vite/-/builder-vite-9.1.13.tgz", - "integrity": "sha512-pmtIjU02ASJOZKdL8DoxWXJgZnpTDgD5WmMnjKJh9FaWmc2YiCW2Y6VRxPox96OM655jYHQe5+UIbk3Cwtwb4A==", + "node_modules/@storybook/addon-docs/node_modules/@storybook/csf-plugin": { + "version": "10.0.5", + "resolved": "https://registry.npmjs.org/@storybook/csf-plugin/-/csf-plugin-10.0.5.tgz", + "integrity": "sha512-4lQ/ZFmv3vVO/9cfY79HwQBo6ZnKhq9JWwngoWrw+8vpHuBx3Ks0l9E+PrAgfPmdOkmk5FedOI5VR68l5XAhzA==", "dev": true, "license": "MIT", "dependencies": { - "@storybook/csf-plugin": "9.1.13", - "ts-dedent": "^2.0.0" + "unplugin": "^2.3.5" }, "funding": { "type": "opencollective", "url": "https://opencollective.com/storybook" }, "peerDependencies": { - "storybook": "^9.1.13", - "vite": "^5.0.0 || ^6.0.0 || ^7.0.0" + "esbuild": "*", + "rollup": "*", + "storybook": "^10.0.5", + "vite": "*", + "webpack": "*" + }, + "peerDependenciesMeta": { + "esbuild": { + "optional": true + }, + "rollup": { + "optional": true + }, + "vite": { + "optional": true + }, + "webpack": { + "optional": true + } } }, - "node_modules/@storybook/csf-plugin": { - "version": "9.1.13", - "resolved": "https://registry.npmjs.org/@storybook/csf-plugin/-/csf-plugin-9.1.13.tgz", - "integrity": "sha512-EMpzYuyt9FDcxxfBChWzfId50y8QMpdenviEQ8m+pa6c+ANx3pC5J6t7y0khD8TQu815sTy+nc6cc8PC45dPUA==", + "node_modules/@storybook/addon-docs/node_modules/@storybook/react-dom-shim": { + "version": "10.0.5", + "resolved": "https://registry.npmjs.org/@storybook/react-dom-shim/-/react-dom-shim-10.0.5.tgz", + "integrity": "sha512-bC6pSrQWRHUVmDDxH5uYq/tf2oqIEyzGIC4+3mZl67ngOKwOgjaBatKLnHBDeWrn25pA11mymdFt1VOStbNzGQ==", "dev": true, "license": "MIT", - "dependencies": { - "unplugin": "^1.3.1" - }, "funding": { "type": "opencollective", "url": "https://opencollective.com/storybook" }, "peerDependencies": { - "storybook": "^9.1.13" + "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0", + "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0", + "storybook": "^10.0.5" } }, "node_modules/@storybook/global": { @@ -5200,9 +5215,9 @@ "license": "MIT" }, "node_modules/@storybook/icons": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/@storybook/icons/-/icons-1.4.0.tgz", - "integrity": "sha512-Td73IeJxOyalzvjQL+JXx72jlIYHgs+REaHiREOqfpo3A2AYYG71AUbcv+lg7mEDIweKVCxsMQ0UKo634c8XeA==", + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/@storybook/icons/-/icons-1.6.0.tgz", + "integrity": "sha512-hcFZIjW8yQz8O8//2WTIXylm5Xsgc+lW9ISLgUk1xGmptIJQRdlhVIXCpSyLrQaaRiyhQRaVg7l3BD9S216BHw==", "dev": true, "license": "MIT", "engines": { @@ -5213,27 +5228,106 @@ "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0-beta" } }, - "node_modules/@storybook/react": { - "version": "9.1.13", - "resolved": "https://registry.npmjs.org/@storybook/react/-/react-9.1.13.tgz", - "integrity": "sha512-B0UpYikKf29t8QGcdmumWojSQQ0phSDy/Ne2HYdrpNIxnUvHHUVOlGpq4lFcIDt52Ip5YG5GuAwJg3+eR4LCRg==", + "node_modules/@storybook/react-vite": { + "version": "10.0.5", + "resolved": "https://registry.npmjs.org/@storybook/react-vite/-/react-vite-10.0.5.tgz", + "integrity": "sha512-YK27cKM+Znc8yg+kCrP/X6bphlCihv819mYAI9emXUcj+6tzY0+UaPXIXgYNe9jbK39V2stQML7W55N7qv9MRg==", "dev": true, "license": "MIT", "dependencies": { - "@storybook/global": "^5.0.0", - "@storybook/react-dom-shim": "9.1.13" - }, - "engines": { - "node": ">=20.0.0" + "@joshwooding/vite-plugin-react-docgen-typescript": "0.6.1", + "@rollup/pluginutils": "^5.0.2", + "@storybook/builder-vite": "10.0.5", + "@storybook/react": "10.0.5", + "empathic": "^2.0.0", + "magic-string": "^0.30.0", + "react-docgen": "^8.0.0", + "resolve": "^1.22.8", + "tsconfig-paths": "^4.2.0" }, "funding": { "type": "opencollective", "url": "https://opencollective.com/storybook" }, "peerDependencies": { - "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0-beta", - "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0-beta", - "storybook": "^9.1.13", + "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0", + "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0", + "storybook": "^10.0.5", + "vite": "^5.0.0 || ^6.0.0 || ^7.0.0" + } + }, + "node_modules/@storybook/react-vite/node_modules/@storybook/builder-vite": { + "version": "10.0.5", + "resolved": "https://registry.npmjs.org/@storybook/builder-vite/-/builder-vite-10.0.5.tgz", + "integrity": "sha512-ukTgD1hY+00VOA85fbXGrm30eMKYZr7I69/EonAb3rX8JS7JeI2Zoxd8WRXwQUafYbwRH6GSfjJ65xLXe9BCuQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "@storybook/csf-plugin": "10.0.5", + "ts-dedent": "^2.0.0" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/storybook" + }, + "peerDependencies": { + "storybook": "^10.0.5", + "vite": "^5.0.0 || ^6.0.0 || ^7.0.0" + } + }, + "node_modules/@storybook/react-vite/node_modules/@storybook/builder-vite/node_modules/@storybook/csf-plugin": { + "version": "10.0.5", + "resolved": "https://registry.npmjs.org/@storybook/csf-plugin/-/csf-plugin-10.0.5.tgz", + "integrity": "sha512-4lQ/ZFmv3vVO/9cfY79HwQBo6ZnKhq9JWwngoWrw+8vpHuBx3Ks0l9E+PrAgfPmdOkmk5FedOI5VR68l5XAhzA==", + "dev": true, + "license": "MIT", + "dependencies": { + "unplugin": "^2.3.5" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/storybook" + }, + "peerDependencies": { + "esbuild": "*", + "rollup": "*", + "storybook": "^10.0.5", + "vite": "*", + "webpack": "*" + }, + "peerDependenciesMeta": { + "esbuild": { + "optional": true + }, + "rollup": { + "optional": true + }, + "vite": { + "optional": true + }, + "webpack": { + "optional": true + } + } + }, + "node_modules/@storybook/react-vite/node_modules/@storybook/react": { + "version": "10.0.5", + "resolved": "https://registry.npmjs.org/@storybook/react/-/react-10.0.5.tgz", + "integrity": "sha512-FDajPP8HG4n1w3nql7lxQUNKg5+wEa+qJzAPNk583FRaeH6GuxSHlG1vUARQ1QnAZwwlrZzcmgjVNxIucms/5g==", + "dev": true, + "license": "MIT", + "dependencies": { + "@storybook/global": "^5.0.0", + "@storybook/react-dom-shim": "10.0.5" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/storybook" + }, + "peerDependencies": { + "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0", + "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0", + "storybook": "^10.0.5", "typescript": ">= 4.9.x" }, "peerDependenciesMeta": { @@ -5242,10 +5336,10 @@ } } }, - "node_modules/@storybook/react-dom-shim": { - "version": "9.1.13", - "resolved": "https://registry.npmjs.org/@storybook/react-dom-shim/-/react-dom-shim-9.1.13.tgz", - "integrity": "sha512-/tMr9TmV3+98GEQO0S03k4gtKHGCpv9+k9Dmnv+TJK3TBz7QsaFEzMwe3gCgoTaebLACyVveDiZkWnCYAWB6NA==", + "node_modules/@storybook/react-vite/node_modules/@storybook/react/node_modules/@storybook/react-dom-shim": { + "version": "10.0.5", + "resolved": "https://registry.npmjs.org/@storybook/react-dom-shim/-/react-dom-shim-10.0.5.tgz", + "integrity": "sha512-bC6pSrQWRHUVmDDxH5uYq/tf2oqIEyzGIC4+3mZl67ngOKwOgjaBatKLnHBDeWrn25pA11mymdFt1VOStbNzGQ==", "dev": true, "license": "MIT", "funding": { @@ -5253,40 +5347,9 @@ "url": "https://opencollective.com/storybook" }, "peerDependencies": { - "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0-beta", - "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0-beta", - "storybook": "^9.1.13" - } - }, - "node_modules/@storybook/react-vite": { - "version": "9.1.13", - "resolved": "https://registry.npmjs.org/@storybook/react-vite/-/react-vite-9.1.13.tgz", - "integrity": "sha512-mV1bZ1bpkNQygnuDo1xMGAS5ZXuoXFF0WGmr/BzNDGmRhZ1K1HQh42kC0w3PklckFBUwCFxmP58ZwTFzf+/dJA==", - "dev": true, - "license": "MIT", - "dependencies": { - "@joshwooding/vite-plugin-react-docgen-typescript": "0.6.1", - "@rollup/pluginutils": "^5.0.2", - "@storybook/builder-vite": "9.1.13", - "@storybook/react": "9.1.13", - "find-up": "^7.0.0", - "magic-string": "^0.30.0", - "react-docgen": "^8.0.0", - "resolve": "^1.22.8", - "tsconfig-paths": "^4.2.0" - }, - "engines": { - "node": ">=20.0.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/storybook" - }, - "peerDependencies": { - "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0-beta", - "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0-beta", - "storybook": "^9.1.13", - "vite": "^5.0.0 || ^6.0.0 || ^7.0.0" + "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0", + "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0", + "storybook": "^10.0.5" } }, "node_modules/@tanstack/history": { @@ -5552,22 +5615,6 @@ } } }, - "node_modules/@tanstack/router-plugin/node_modules/unplugin": { - "version": "2.3.10", - "resolved": "https://registry.npmjs.org/unplugin/-/unplugin-2.3.10.tgz", - "integrity": "sha512-6NCPkv1ClwH+/BGE9QeoTIl09nuiAt0gS28nn1PvYXsGKRwM2TCbFA2QiilmehPDTXIe684k4rZI1yl3A1PCUw==", - "dev": true, - "license": "MIT", - "dependencies": { - "@jridgewell/remapping": "^2.3.5", - "acorn": "^8.15.0", - "picomatch": "^4.0.3", - "webpack-virtual-modules": "^0.6.2" - }, - "engines": { - "node": ">=18.12.0" - } - }, "node_modules/@tanstack/router-utils": { "version": "1.131.2", "resolved": "https://registry.npmjs.org/@tanstack/router-utils/-/router-utils-1.131.2.tgz", @@ -6581,19 +6628,6 @@ "baseline-browser-mapping": "dist/cli.js" } }, - "node_modules/better-opn": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/better-opn/-/better-opn-3.0.2.tgz", - "integrity": "sha512-aVNobHnJqLiUelTaHat9DZ1qM2w0C0Eym4LPI/3JxOnSokGVdsl1T1kN7TFvsEAD8G47A6VKQ0TVHqbBnYMJlQ==", - "dev": true, - "license": "MIT", - "dependencies": { - "open": "^8.0.4" - }, - "engines": { - "node": ">=12.0.0" - } - }, "node_modules/binary-extensions": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz", @@ -7557,16 +7591,6 @@ "node": ">=6" } }, - "node_modules/define-lazy-prop": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/define-lazy-prop/-/define-lazy-prop-2.0.0.tgz", - "integrity": "sha512-Ds09qNh8yw3khSjiJjiUInaGX9xlqZDY7JVryGxdxV7NPeuqQfplOpQ66yJFZut3jLa5zOwkXw1g9EI2uKh4Og==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=8" - } - }, "node_modules/dependency-graph": { "version": "0.11.0", "resolved": "https://registry.npmjs.org/dependency-graph/-/dependency-graph-0.11.0.tgz", @@ -7762,6 +7786,16 @@ "dev": true, "license": "MIT" }, + "node_modules/empathic": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/empathic/-/empathic-2.0.0.tgz", + "integrity": "sha512-i6UzDscO/XfAcNYD75CfICkmfLedpyPDdozrLMmQc5ORaQcdMoc21OnlEylMIqI7U8eniKrPMxxtj8k0vhmJhA==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=14" + } + }, "node_modules/encoding-sniffer": { "version": "0.2.1", "resolved": "https://registry.npmjs.org/encoding-sniffer/-/encoding-sniffer-0.2.1.tgz", @@ -7885,19 +7919,6 @@ "@esbuild/win32-x64": "0.25.9" } }, - "node_modules/esbuild-register": { - "version": "3.6.0", - "resolved": "https://registry.npmjs.org/esbuild-register/-/esbuild-register-3.6.0.tgz", - "integrity": "sha512-H2/S7Pm8a9CL1uhp9OvjwrBh5Pvx0H8qVOxNu8Wed9Y7qv56MPtq+GGM8RJpq6glYJn9Wspr8uw7l55uyinNeg==", - "dev": true, - "license": "MIT", - "dependencies": { - "debug": "^4.3.4" - }, - "peerDependencies": { - "esbuild": ">=0.12 <1" - } - }, "node_modules/escalade": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", @@ -8097,24 +8118,6 @@ "node": ">=8" } }, - "node_modules/find-up": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/find-up/-/find-up-7.0.0.tgz", - "integrity": "sha512-YyZM99iHrqLKjmt4LJDj58KI+fYyufRLBSYcqycxf//KpBk9FoewoGX0450m9nB44qrZnovzC2oeP5hUibxc/g==", - "dev": true, - "license": "MIT", - "dependencies": { - "locate-path": "^7.2.0", - "path-exists": "^5.0.0", - "unicorn-magic": "^0.1.0" - }, - "engines": { - "node": ">=18" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/foreground-child": { "version": "3.3.1", "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.1.tgz", @@ -9018,22 +9021,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/is-docker": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.2.1.tgz", - "integrity": "sha512-F+i2BKsFrH66iaUFc0woD8sLy8getkwTwtOBjvs56Cx4CgJDeKQeqfz8wAYiSb8JOprWhHH5p77PbmYCvvUuXQ==", - "dev": true, - "license": "MIT", - "bin": { - "is-docker": "cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/is-extglob": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", @@ -9186,19 +9173,6 @@ "node": ">=0.10.0" } }, - "node_modules/is-wsl": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz", - "integrity": "sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww==", - "dev": true, - "license": "MIT", - "dependencies": { - "is-docker": "^2.0.0" - }, - "engines": { - "node": ">=8" - } - }, "node_modules/isarray": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", @@ -9587,22 +9561,6 @@ "url": "https://github.com/chalk/wrap-ansi?sponsor=1" } }, - "node_modules/locate-path": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-7.2.0.tgz", - "integrity": "sha512-gvVijfZvn7R+2qyPX8mAuKcFGDf6Nc61GdvGafQsHL0sBIxfKzA+usWn4GFC/bk+QdwPUD4kWFJLhElipq+0VA==", - "dev": true, - "license": "MIT", - "dependencies": { - "p-locate": "^6.0.0" - }, - "engines": { - "node": "^12.20.0 || ^14.13.1 || >=16.0.0" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/lodash": { "version": "4.17.21", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", @@ -10321,24 +10279,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/open": { - "version": "8.4.2", - "resolved": "https://registry.npmjs.org/open/-/open-8.4.2.tgz", - "integrity": "sha512-7x81NCL719oNbsq/3mh+hVrAWmFuEYUqrq/Iw3kUzH8ReypT9QQ0BLoJS7/G9k6N81XjW4qHWtjWwe/9eLy1EQ==", - "dev": true, - "license": "MIT", - "dependencies": { - "define-lazy-prop": "^2.0.0", - "is-docker": "^2.1.1", - "is-wsl": "^2.2.0" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/outvariant": { "version": "1.4.3", "resolved": "https://registry.npmjs.org/outvariant/-/outvariant-1.4.3.tgz", @@ -10393,51 +10333,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/p-locate": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-6.0.0.tgz", - "integrity": "sha512-wPrq66Llhl7/4AGC6I+cqxT07LhXvWL08LNXz1fENOw0Ap4sRZZ/gZpTTJ5jpurzzzfS2W/Ge9BY3LgLjCShcw==", - "dev": true, - "license": "MIT", - "dependencies": { - "p-limit": "^4.0.0" - }, - "engines": { - "node": "^12.20.0 || ^14.13.1 || >=16.0.0" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate/node_modules/p-limit": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-4.0.0.tgz", - "integrity": "sha512-5b0R4txpzjPWVw/cXXUResoD4hb6U/x9BH08L7nw+GN1sezDzPdxeRvpc9c433fZhBan/wusjbCsqwqm4EIBIQ==", - "dev": true, - "license": "MIT", - "dependencies": { - "yocto-queue": "^1.0.0" - }, - "engines": { - "node": "^12.20.0 || ^14.13.1 || >=16.0.0" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/p-locate/node_modules/yocto-queue": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-1.2.1.tgz", - "integrity": "sha512-AyeEbWOu/TAXdxlV9wmGcR0+yh2j3vYPGOECcIj2S7MkrLyC7ne+oye2BKTItt0ii2PHk4cDy+95+LshzbXnGg==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=12.20" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/p-try": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", @@ -10588,16 +10483,6 @@ "tslib": "^2.0.3" } }, - "node_modules/path-exists": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-5.0.0.tgz", - "integrity": "sha512-RjhtfwJOxzcFmNOi6ltcbcu4Iu+FL3zEj83dk4kAS+fVpTxXLO1b38RvJgT/0QwvV/L3aY9TAnyv0EOqW4GoMQ==", - "dev": true, - "license": "MIT", - "engines": { - "node": "^12.20.0 || ^14.13.1 || >=16.0.0" - } - }, "node_modules/path-is-absolute": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", @@ -12044,27 +11929,26 @@ "license": "MIT" }, "node_modules/storybook": { - "version": "9.1.13", - "resolved": "https://registry.npmjs.org/storybook/-/storybook-9.1.13.tgz", - "integrity": "sha512-G3KZ36EVzXyHds72B/qtWiJnhUpM0xOUeYlDcO9DSHL1bDTv15cW4+upBl+mcBZrDvU838cn7Bv4GpF+O5MCfw==", + "version": "10.0.5", + "resolved": "https://registry.npmjs.org/storybook/-/storybook-10.0.5.tgz", + "integrity": "sha512-3UEwXiIcTnc8sLUIlc/J1gI7tJjKEqIAvVYhfcj+uSSeb7i+6M6zQnCF8p36emBJyUdE4S3cq6FW5cmAluOfBg==", "dev": true, "license": "MIT", "dependencies": { "@storybook/global": "^5.0.0", + "@storybook/icons": "^1.6.0", "@testing-library/jest-dom": "^6.6.3", "@testing-library/user-event": "^14.6.1", "@vitest/expect": "3.2.4", "@vitest/mocker": "3.2.4", "@vitest/spy": "3.2.4", - "better-opn": "^3.0.2", "esbuild": "^0.18.0 || ^0.19.0 || ^0.20.0 || ^0.21.0 || ^0.22.0 || ^0.23.0 || ^0.24.0 || ^0.25.0", - "esbuild-register": "^3.5.0", "recast": "^0.23.5", "semver": "^7.6.2", "ws": "^8.18.0" }, "bin": { - "storybook": "bin/index.cjs" + "storybook": "dist/bin/dispatcher.js" }, "funding": { "type": "opencollective", @@ -12880,19 +12764,6 @@ "dev": true, "license": "MIT" }, - "node_modules/unicorn-magic": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/unicorn-magic/-/unicorn-magic-0.1.0.tgz", - "integrity": "sha512-lRfVq8fE8gz6QMBuDM6a+LO3IAzTi05H6gCVaUpir2E1Rwpo4ZUog45KpNXKC/Mn3Yb9UDuHumeFTo9iV/D9FQ==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=18" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/universalify": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz", @@ -12930,17 +12801,19 @@ } }, "node_modules/unplugin": { - "version": "1.16.1", - "resolved": "https://registry.npmjs.org/unplugin/-/unplugin-1.16.1.tgz", - "integrity": "sha512-4/u/j4FrCKdi17jaxuJA0jClGxB1AvU2hw/IuayPc4ay1XGaJs/rbb4v5WKwAjNifjmXK9PIFyuPiaK8azyR9w==", + "version": "2.3.10", + "resolved": "https://registry.npmjs.org/unplugin/-/unplugin-2.3.10.tgz", + "integrity": "sha512-6NCPkv1ClwH+/BGE9QeoTIl09nuiAt0gS28nn1PvYXsGKRwM2TCbFA2QiilmehPDTXIe684k4rZI1yl3A1PCUw==", "dev": true, "license": "MIT", "dependencies": { - "acorn": "^8.14.0", + "@jridgewell/remapping": "^2.3.5", + "acorn": "^8.15.0", + "picomatch": "^4.0.3", "webpack-virtual-modules": "^0.6.2" }, "engines": { - "node": ">=14.0.0" + "node": ">=18.12.0" } }, "node_modules/until-async": { @@ -13219,9 +13092,9 @@ } }, "node_modules/vite": { - "version": "7.1.12", - "resolved": "https://registry.npmjs.org/vite/-/vite-7.1.12.tgz", - "integrity": "sha512-ZWyE8YXEXqJrrSLvYgrRP7p62OziLW7xI5HYGWFzOvupfAlrLvURSzv/FyGyy0eidogEM3ujU+kUG1zuHgb6Ug==", + "version": "7.2.2", + "resolved": "https://registry.npmjs.org/vite/-/vite-7.2.2.tgz", + "integrity": "sha512-BxAKBWmIbrDgrokdGZH1IgkIk/5mMHDreLDmCJ0qpyJaAteP8NvMhkwr/ZCQNqNH97bw/dANTE9PDzqwJghfMQ==", "dev": true, "license": "MIT", "dependencies": { diff --git a/frontend/package.json b/frontend/package.json index 38d5faa1f..5d2194f48 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -44,10 +44,10 @@ "@browser-logos/firefox": "^3.0.10", "@browser-logos/safari": "^2.1.0", "@graphql-codegen/cli": "^6.0.1", - "@graphql-codegen/client-preset": "^5.1.0", + "@graphql-codegen/client-preset": "^5.1.1", "@graphql-codegen/typescript-msw": "^3.0.1", - "@storybook/addon-docs": "^9.1.13", - "@storybook/react-vite": "^9.1.13", + "@storybook/addon-docs": "^10.0.5", + "@storybook/react-vite": "^10.0.5", "@tanstack/react-query-devtools": "^5.90.2", "@tanstack/react-router-devtools": "^1.131.44", "@tanstack/router-plugin": "^1.131.44", @@ -72,10 +72,10 @@ "postcss-import": "^16.1.1", "postcss-nesting": "^13.0.2", "rimraf": "^6.0.1", - "storybook": "^9.1.5", + "storybook": "^10.0.5", "tailwindcss": "^3.4.18", "typescript": "^5.9.3", - "vite": "7.1.12", + "vite": "7.2.2", "vite-plugin-compression": "^0.5.1", "vite-plugin-graphql-codegen": "^3.7.0", "vite-plugin-manifest-sri": "^0.2.0", diff --git a/policies/schema/authorization_grant_input.json b/policies/schema/authorization_grant_input.json index a5d49e304..fb96e7070 100644 --- a/policies/schema/authorization_grant_input.json +++ b/policies/schema/authorization_grant_input.json @@ -3,15 +3,12 @@ "title": "AuthorizationGrantInput", "description": "Input for the authorization grant policy.", "type": "object", - "required": [ - "client", - "grant_type", - "requester", - "scope" - ], "properties": { "user": { - "type": "object", + "type": [ + "object", + "null" + ], "additionalProperties": true }, "session_counts": { @@ -36,6 +33,12 @@ "$ref": "#/definitions/Requester" } }, + "required": [ + "client", + "scope", + "grant_type", + "requester" + ], "definitions": { "SessionCounts": { "description": "Information about how many sessions the user has", @@ -83,12 +86,18 @@ "properties": { "ip_address": { "description": "IP address of the entity making the request", - "type": "string", + "type": [ + "string", + "null" + ], "format": "ip" }, "user_agent": { "description": "User agent of the entity making the request", - "type": "string" + "type": [ + "string", + "null" + ] } } } diff --git a/policies/schema/client_registration_input.json b/policies/schema/client_registration_input.json index 461645126..ca9da8440 100644 --- a/policies/schema/client_registration_input.json +++ b/policies/schema/client_registration_input.json @@ -3,10 +3,6 @@ "title": "ClientRegistrationInput", "description": "Input for the client registration policy.", "type": "object", - "required": [ - "client_metadata", - "requester" - ], "properties": { "client_metadata": { "type": "object", @@ -16,6 +12,10 @@ "$ref": "#/definitions/Requester" } }, + "required": [ + "client_metadata", + "requester" + ], "definitions": { "Requester": { "description": "Identity of the requester", @@ -23,12 +23,18 @@ "properties": { "ip_address": { "description": "IP address of the entity making the request", - "type": "string", + "type": [ + "string", + "null" + ], "format": "ip" }, "user_agent": { "description": "User agent of the entity making the request", - "type": "string" + "type": [ + "string", + "null" + ] } } } diff --git a/policies/schema/email_input.json b/policies/schema/email_input.json index d97f291be..f807fbc0e 100644 --- a/policies/schema/email_input.json +++ b/policies/schema/email_input.json @@ -3,10 +3,6 @@ "title": "EmailInput", "description": "Input for the email add policy.", "type": "object", - "required": [ - "email", - "requester" - ], "properties": { "email": { "type": "string" @@ -15,6 +11,10 @@ "$ref": "#/definitions/Requester" } }, + "required": [ + "email", + "requester" + ], "definitions": { "Requester": { "description": "Identity of the requester", @@ -22,12 +22,18 @@ "properties": { "ip_address": { "description": "IP address of the entity making the request", - "type": "string", + "type": [ + "string", + "null" + ], "format": "ip" }, "user_agent": { "description": "User agent of the entity making the request", - "type": "string" + "type": [ + "string", + "null" + ] } } } diff --git a/policies/schema/register_input.json b/policies/schema/register_input.json index cd8868cd4..ce794d064 100644 --- a/policies/schema/register_input.json +++ b/policies/schema/register_input.json @@ -3,11 +3,6 @@ "title": "RegisterInput", "description": "Input for the user registration policy.", "type": "object", - "required": [ - "registration_method", - "requester", - "username" - ], "properties": { "registration_method": { "$ref": "#/definitions/RegistrationMethod" @@ -16,12 +11,20 @@ "type": "string" }, "email": { - "type": "string" + "type": [ + "string", + "null" + ] }, "requester": { "$ref": "#/definitions/Requester" } }, + "required": [ + "registration_method", + "username", + "requester" + ], "definitions": { "RegistrationMethod": { "type": "string", @@ -36,12 +39,18 @@ "properties": { "ip_address": { "description": "IP address of the entity making the request", - "type": "string", + "type": [ + "string", + "null" + ], "format": "ip" }, "user_agent": { "description": "User agent of the entity making the request", - "type": "string" + "type": [ + "string", + "null" + ] } } }