/* * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. * @generated-id: d80ce50a3fb4 */ import * as z from "zod/v3"; import { remap as remap$ } from "../../lib/primitives.js"; import { safeParse } from "../../lib/schemas.js"; import * as openEnums from "../../types/enums.js"; import { OpenEnum } from "../../types/enums.js"; import { Result as SafeParseResult } from "../../types/fp.js"; import { SDKValidationError } from "../errors/sdkvalidationerror.js"; /** * The type of authentication being used. * * @remarks * Use 'OAUTH_*' when Glean calls an external API (e.g., Jira) on behalf of a user to obtain an OAuth token. * 'OAUTH_ADMIN' utilizes an admin token for external API calls on behalf all users. * 'OAUTH_USER' uses individual user tokens for external API calls. * 'DWD' refers to domain wide delegation. */ export const AuthConfigType = { None: "NONE", OauthUser: "OAUTH_USER", OauthAdmin: "OAUTH_ADMIN", ApiKey: "API_KEY", BasicAuth: "BASIC_AUTH", Dwd: "DWD", } as const; /** * The type of authentication being used. * * @remarks * Use 'OAUTH_*' when Glean calls an external API (e.g., Jira) on behalf of a user to obtain an OAuth token. * 'OAUTH_ADMIN' utilizes an admin token for external API calls on behalf all users. * 'OAUTH_USER' uses individual user tokens for external API calls. * 'DWD' refers to domain wide delegation. */ export type AuthConfigType = OpenEnum; /** * The type of grant type being used. */ export const GrantType = { AuthCode: "AUTH_CODE", ClientCredentials: "CLIENT_CREDENTIALS", } as const; /** * The type of grant type being used. */ export type GrantType = OpenEnum; /** * Auth status of the tool. */ export const AuthConfigStatus = { AwaitingAuth: "AWAITING_AUTH", Authorized: "AUTHORIZED", AuthDisabled: "AUTH_DISABLED", } as const; /** * Auth status of the tool. */ export type AuthConfigStatus = OpenEnum; /** * The OAuth 2.0 token endpoint authentication method (RFC 7591). Determines how the client authenticates when exchanging an authorization code for a token. client_secret_post sends credentials as form fields, client_secret_basic sends them via Authorization header, none omits client secret and relies on PKCE only. Values use lowercase to match the OAuth 2.0 wire format (RFC 7591 Section 2). */ export const TokenEndpointAuthMethod = { ClientSecretPost: "client_secret_post", ClientSecretBasic: "client_secret_basic", None: "none", } as const; /** * The OAuth 2.0 token endpoint authentication method (RFC 7591). Determines how the client authenticates when exchanging an authorization code for a token. client_secret_post sends credentials as form fields, client_secret_basic sends them via Authorization header, none omits client secret and relies on PKCE only. Values use lowercase to match the OAuth 2.0 wire format (RFC 7591 Section 2). */ export type TokenEndpointAuthMethod = OpenEnum; /** * Config for tool's authentication method. */ export type AuthConfig = { /** * Whether or not this tool is hosted on-premise. */ isOnPrem?: boolean | undefined; /** * Whether or not this uses central auth. */ usesCentralAuth?: boolean | undefined; /** * The type of authentication being used. * * @remarks * Use 'OAUTH_*' when Glean calls an external API (e.g., Jira) on behalf of a user to obtain an OAuth token. * 'OAUTH_ADMIN' utilizes an admin token for external API calls on behalf all users. * 'OAUTH_USER' uses individual user tokens for external API calls. * 'DWD' refers to domain wide delegation. */ type?: AuthConfigType | undefined; /** * The type of grant type being used. */ grantType?: GrantType | undefined; /** * Auth status of the tool. */ status?: AuthConfigStatus | undefined; /** * The URL where users will be directed to start the OAuth flow. */ clientUrl?: string | undefined; /** * A list of strings denoting the different scopes or access levels required by the tool. */ scopes?: Array | undefined; /** * A list of strings denoting the different audience which can access the tool. */ audiences?: Array | undefined; /** * The OAuth provider's endpoint, where access tokens are requested. */ authorizationUrl?: string | undefined; /** * The OAuth 2.0 Resource Indicator (RFC 8707) for the protected resource. Discovered from Protected Resource Metadata (RFC 9728) during DCR. Included in authorization and token exchange requests when present. */ resource?: string | undefined; /** * The OAuth 2.0 token endpoint authentication method (RFC 7591). Determines how the client authenticates when exchanging an authorization code for a token. client_secret_post sends credentials as form fields, client_secret_basic sends them via Authorization header, none omits client secret and relies on PKCE only. Values use lowercase to match the OAuth 2.0 wire format (RFC 7591 Section 2). */ tokenEndpointAuthMethod?: TokenEndpointAuthMethod | undefined; /** * The time the tool was last authorized in ISO format (ISO 8601). */ lastAuthorizedAt?: Date | undefined; }; /** @internal */ export const AuthConfigType$inboundSchema: z.ZodType< AuthConfigType, z.ZodTypeDef, unknown > = openEnums.inboundSchema(AuthConfigType); /** @internal */ export const AuthConfigType$outboundSchema: z.ZodType< string, z.ZodTypeDef, AuthConfigType > = openEnums.outboundSchema(AuthConfigType); /** @internal */ export const GrantType$inboundSchema: z.ZodType< GrantType, z.ZodTypeDef, unknown > = openEnums.inboundSchema(GrantType); /** @internal */ export const GrantType$outboundSchema: z.ZodType< string, z.ZodTypeDef, GrantType > = openEnums.outboundSchema(GrantType); /** @internal */ export const AuthConfigStatus$inboundSchema: z.ZodType< AuthConfigStatus, z.ZodTypeDef, unknown > = openEnums.inboundSchema(AuthConfigStatus); /** @internal */ export const AuthConfigStatus$outboundSchema: z.ZodType< string, z.ZodTypeDef, AuthConfigStatus > = openEnums.outboundSchema(AuthConfigStatus); /** @internal */ export const TokenEndpointAuthMethod$inboundSchema: z.ZodType< TokenEndpointAuthMethod, z.ZodTypeDef, unknown > = openEnums.inboundSchema(TokenEndpointAuthMethod); /** @internal */ export const TokenEndpointAuthMethod$outboundSchema: z.ZodType< string, z.ZodTypeDef, TokenEndpointAuthMethod > = openEnums.outboundSchema(TokenEndpointAuthMethod); /** @internal */ export const AuthConfig$inboundSchema: z.ZodType< AuthConfig, z.ZodTypeDef, unknown > = z.object({ isOnPrem: z.boolean().optional(), usesCentralAuth: z.boolean().optional(), type: AuthConfigType$inboundSchema.optional(), grantType: GrantType$inboundSchema.optional(), status: AuthConfigStatus$inboundSchema.optional(), client_url: z.string().optional(), scopes: z.array(z.string()).optional(), audiences: z.array(z.string()).optional(), authorization_url: z.string().optional(), resource: z.string().optional(), token_endpoint_auth_method: TokenEndpointAuthMethod$inboundSchema.optional(), lastAuthorizedAt: z.string().datetime({ offset: true }).transform(v => new Date(v) ).optional(), }).transform((v) => { return remap$(v, { "client_url": "clientUrl", "authorization_url": "authorizationUrl", "token_endpoint_auth_method": "tokenEndpointAuthMethod", }); }); /** @internal */ export type AuthConfig$Outbound = { isOnPrem?: boolean | undefined; usesCentralAuth?: boolean | undefined; type?: string | undefined; grantType?: string | undefined; status?: string | undefined; client_url?: string | undefined; scopes?: Array | undefined; audiences?: Array | undefined; authorization_url?: string | undefined; resource?: string | undefined; token_endpoint_auth_method?: string | undefined; lastAuthorizedAt?: string | undefined; }; /** @internal */ export const AuthConfig$outboundSchema: z.ZodType< AuthConfig$Outbound, z.ZodTypeDef, AuthConfig > = z.object({ isOnPrem: z.boolean().optional(), usesCentralAuth: z.boolean().optional(), type: AuthConfigType$outboundSchema.optional(), grantType: GrantType$outboundSchema.optional(), status: AuthConfigStatus$outboundSchema.optional(), clientUrl: z.string().optional(), scopes: z.array(z.string()).optional(), audiences: z.array(z.string()).optional(), authorizationUrl: z.string().optional(), resource: z.string().optional(), tokenEndpointAuthMethod: TokenEndpointAuthMethod$outboundSchema.optional(), lastAuthorizedAt: z.date().transform(v => v.toISOString()).optional(), }).transform((v) => { return remap$(v, { clientUrl: "client_url", authorizationUrl: "authorization_url", tokenEndpointAuthMethod: "token_endpoint_auth_method", }); }); export function authConfigToJSON(authConfig: AuthConfig): string { return JSON.stringify(AuthConfig$outboundSchema.parse(authConfig)); } export function authConfigFromJSON( jsonString: string, ): SafeParseResult { return safeParse( jsonString, (x) => AuthConfig$inboundSchema.parse(JSON.parse(x)), `Failed to parse 'AuthConfig' from JSON`, ); }