// This is a partial copy from `@axinom/mosaic-id-guard` that might need to be aligned if original interface changes or if more properties from original interface would be required here.

/**
 * An interface that represents an authentication subject which is provided by Mosaic Admin Service in form of a JWT token.
 * The auth library `@axinom/mosaic-id-guard` can be used to validate and parse the JWT token to get such a PgAuthenticatedManagementSubject, and it also provides a more fitting interface:
 * ```ts
 * import { PgAuthenticatedManagementSubject } from '@axinom/mosaic-id-guard';
 * ```
 */
// TODO: Consider moving auth abstractions to a separate package instead of duplicating them.
export interface PgAuthenticatedManagementSubject {
  tenantId: string;
  environmentId: string;
  name: string;
  permissions: {
    [key: string]: string[];
  };
  tags?: string[];
  sub?: string;
}

/**
 * This interface represents an authenticated subject of type End User.
 * These will be tokens issued by the User Service.
 *
 * These authenticated subjects are not expected to have any permission structure.
 */
export interface PgAuthenticatedEndUser {
  tenantId: string;
  environmentId: string;
  sub: string;
  name: string;
  profileId: string;
}

/**
 * This interface represents an authenticated end-user application.
 * These will be tokens issued by the User Service.
 *
 * Having name and profileId is not mandatory for these tokens.
 */
export interface PgAuthenticatedEndUserApplication {
  tenantId: string;
  environmentId: string;
  sub: string;
  name: string;
  // eslint-disable-next-line @typescript-eslint/no-explicit-any
  [key: string]: any;
}