{"version":3,"sources":["../../../src/v0/schemas/client-credentials.ts"],"sourcesContent":["import { z } from \"zod\";\n\n/**\n * Allowed scopes for client credentials\n */\nexport const ClientCredentialsScopeSchema = z.enum([\"credentials\", \"external\"]);\n\nexport type ClientCredentialsScope = z.infer<\n  typeof ClientCredentialsScopeSchema\n>;\n\n// ============================================================================\n// Identity API Schemas (source of truth for upstream responses)\n// These use Identity API field names: created/updated (not created_at/updated_at)\n// ============================================================================\n\n/**\n * Base fields shared across Identity API client credentials responses\n */\nconst IdentityClientCredentialsBaseSchema = z.object({\n  client_id: z.string(),\n  name: z.string(),\n});\n\n/**\n * Identity API response for listing client credentials\n */\nexport const IdentityClientCredentialsItemSchema =\n  IdentityClientCredentialsBaseSchema.extend({\n    allowed_scopes: z.array(z.string()).nullable().optional(),\n    created: z.string().datetime().nullable().optional(),\n    updated: z.string().datetime().optional(),\n  });\n\n/**\n * Identity API response for creating client credentials\n * Only returns client_id, client_secret, and name\n */\nexport const IdentityClientCredentialsCreatedItemSchema =\n  IdentityClientCredentialsBaseSchema.extend({\n    client_secret: z.string(),\n  });\n\n/**\n * Identity API paginated response for listing\n */\nexport const IdentityClientCredentialsListResponseSchema = z.object({\n  count: z.number(),\n  next: z.string().nullable().optional(),\n  previous: z.string().nullable().optional(),\n  results: z.array(IdentityClientCredentialsItemSchema),\n});\n\nexport type IdentityClientCredentialsItem = z.infer<\n  typeof IdentityClientCredentialsItemSchema\n>;\nexport type IdentityClientCredentialsCreatedItem = z.infer<\n  typeof IdentityClientCredentialsCreatedItemSchema\n>;\nexport type IdentityClientCredentialsListResponse = z.infer<\n  typeof IdentityClientCredentialsListResponseSchema\n>;\n\n// ============================================================================\n// SDK API Schemas (for OpenAPI documentation and response types)\n// These use SDK API field names: created_at/updated_at\n// ============================================================================\n\n/**\n * Base fields shared across SDK API client credentials responses\n */\nconst ClientCredentialsBaseSchema = z.object({\n  client_id: z\n    .string()\n    .describe(\"The public identifier (Client ID) of the OAuth application\"),\n  name: z.string().describe(\"Human-readable name of the OAuth application\"),\n});\n\n/**\n * Client credentials item returned in list responses\n * Note: client_secret is NOT included in list responses for security\n */\nexport const ClientCredentialsItemSchema = ClientCredentialsBaseSchema.extend({\n  allowed_scopes: z\n    .array(ClientCredentialsScopeSchema)\n    .describe(\n      \"List of OAuth scopes that this application is allowed to request\",\n    ),\n  created_at: z\n    .string()\n    .datetime()\n    .nullable()\n    .optional()\n    .describe(\"When the application was created (ISO 8601)\"),\n  updated_at: z\n    .string()\n    .datetime()\n    .optional()\n    .describe(\"When the application was last updated (ISO 8601)\"),\n});\n\n/**\n * Client credentials item returned when creating (includes client_secret)\n * The client_secret is only shown once on creation\n */\nexport const ClientCredentialsCreatedItemSchema =\n  ClientCredentialsBaseSchema.extend({\n    client_secret: z\n      .string()\n      .describe(\"The client secret (only shown once on creation)\"),\n  });\n\nexport type ClientCredentialsItem = z.infer<typeof ClientCredentialsItemSchema>;\nexport type ClientCredentialsCreatedItem = z.infer<\n  typeof ClientCredentialsCreatedItemSchema\n>;\n\n/**\n * Query parameters for listing client credentials\n */\nexport const ListClientCredentialsQuerySchema = z\n  .object({\n    /** @deprecated Use page_size instead */\n    pageSize: z.coerce\n      .number()\n      .int()\n      .min(1)\n      .max(100)\n      .optional()\n      .describe(\n        \"Deprecated: Use page_size instead. Number of items per page (default: 100, max: 100)\",\n      ),\n    page_size: z.coerce\n      .number()\n      .int()\n      .min(1)\n      .max(100)\n      .optional()\n      .describe(\"Number of items per page (default: 100, max: 100)\"),\n    offset: z.coerce\n      .number()\n      .int()\n      .min(0)\n      .optional()\n      .describe(\"Pagination offset\"),\n  })\n  .describe(\"Query parameters for listing client credentials\");\n\n/**\n * Response schema for listClientCredentials\n */\nexport const ListClientCredentialsResponseSchema = z\n  .object({\n    data: z\n      .array(ClientCredentialsItemSchema)\n      .describe(\"Array of client credentials\"),\n    links: z\n      .object({\n        next: z\n          .string()\n          .nullable()\n          .optional()\n          .describe(\"URL for the next page of results (if available)\"),\n      })\n      .describe(\"Pagination links\"),\n    meta: z\n      .object({\n        count: z.number().describe(\"Total number of items\"),\n        limit: z.number().describe(\"Number of items per page\"),\n        offset: z.number().describe(\"Offset of the current page\"),\n      })\n      .describe(\"Pagination metadata\"),\n  })\n  .describe(\"Response for listing client credentials\");\n\nexport type ListClientCredentialsQuery = z.infer<\n  typeof ListClientCredentialsQuerySchema\n>;\nexport type ListClientCredentialsResponse = z.infer<\n  typeof ListClientCredentialsResponseSchema\n>;\n\n/**\n * Request body for creating client credentials\n */\nexport const CreateClientCredentialsRequestSchema = z\n  .object({\n    name: z\n      .string()\n      .min(1)\n      .max(255)\n      .describe(\"Human-readable name for the client credentials\"),\n    allowed_scopes: z\n      .array(ClientCredentialsScopeSchema)\n      .min(1)\n      .describe(\n        \"List of OAuth scopes that this application will be allowed to request\",\n      ),\n    // Policy validation is performed by Identity — sdkapi passes it through as-is.\n    policy: z\n      .record(z.string(), z.unknown())\n      .optional()\n      .describe(\"Policy document to attach to the credentials\"),\n  })\n  .describe(\"Request body for creating client credentials\");\n\n/**\n * Response schema for createClientCredentials\n */\nexport const CreateClientCredentialsResponseSchema = z\n  .object({\n    data: ClientCredentialsCreatedItemSchema.describe(\n      \"The created client credentials (includes client_secret)\",\n    ),\n  })\n  .describe(\"Response for creating client credentials\");\n\nexport type CreateClientCredentialsRequest = z.infer<\n  typeof CreateClientCredentialsRequestSchema\n>;\nexport type CreateClientCredentialsResponse = z.infer<\n  typeof CreateClientCredentialsResponseSchema\n>;\n\n/**\n * Path parameters for deleting client credentials\n */\nexport const DeleteClientCredentialsParamSchema = z.object({\n  clientId: z.string().describe(\"The client ID of the credentials to delete\"),\n});\n\nexport type DeleteClientCredentialsParam = z.infer<\n  typeof DeleteClientCredentialsParamSchema\n>;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,iBAAkB;AAKX,IAAM,+BAA+B,aAAE,KAAK,CAAC,eAAe,UAAU,CAAC;AAc9E,IAAM,sCAAsC,aAAE,OAAO;AAAA,EACnD,WAAW,aAAE,OAAO;AAAA,EACpB,MAAM,aAAE,OAAO;AACjB,CAAC;AAKM,IAAM,sCACX,oCAAoC,OAAO;AAAA,EACzC,gBAAgB,aAAE,MAAM,aAAE,OAAO,CAAC,EAAE,SAAS,EAAE,SAAS;AAAA,EACxD,SAAS,aAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS;AAAA,EACnD,SAAS,aAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAC1C,CAAC;AAMI,IAAM,6CACX,oCAAoC,OAAO;AAAA,EACzC,eAAe,aAAE,OAAO;AAC1B,CAAC;AAKI,IAAM,8CAA8C,aAAE,OAAO;AAAA,EAClE,OAAO,aAAE,OAAO;AAAA,EAChB,MAAM,aAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACrC,UAAU,aAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACzC,SAAS,aAAE,MAAM,mCAAmC;AACtD,CAAC;AAoBD,IAAM,8BAA8B,aAAE,OAAO;AAAA,EAC3C,WAAW,aACR,OAAO,EACP,SAAS,4DAA4D;AAAA,EACxE,MAAM,aAAE,OAAO,EAAE,SAAS,8CAA8C;AAC1E,CAAC;AAMM,IAAM,8BAA8B,4BAA4B,OAAO;AAAA,EAC5E,gBAAgB,aACb,MAAM,4BAA4B,EAClC;AAAA,IACC;AAAA,EACF;AAAA,EACF,YAAY,aACT,OAAO,EACP,SAAS,EACT,SAAS,EACT,SAAS,EACT,SAAS,6CAA6C;AAAA,EACzD,YAAY,aACT,OAAO,EACP,SAAS,EACT,SAAS,EACT,SAAS,kDAAkD;AAChE,CAAC;AAMM,IAAM,qCACX,4BAA4B,OAAO;AAAA,EACjC,eAAe,aACZ,OAAO,EACP,SAAS,iDAAiD;AAC/D,CAAC;AAUI,IAAM,mCAAmC,aAC7C,OAAO;AAAA;AAAA,EAEN,UAAU,aAAE,OACT,OAAO,EACP,IAAI,EACJ,IAAI,CAAC,EACL,IAAI,GAAG,EACP,SAAS,EACT;AAAA,IACC;AAAA,EACF;AAAA,EACF,WAAW,aAAE,OACV,OAAO,EACP,IAAI,EACJ,IAAI,CAAC,EACL,IAAI,GAAG,EACP,SAAS,EACT,SAAS,mDAAmD;AAAA,EAC/D,QAAQ,aAAE,OACP,OAAO,EACP,IAAI,EACJ,IAAI,CAAC,EACL,SAAS,EACT,SAAS,mBAAmB;AACjC,CAAC,EACA,SAAS,iDAAiD;AAKtD,IAAM,sCAAsC,aAChD,OAAO;AAAA,EACN,MAAM,aACH,MAAM,2BAA2B,EACjC,SAAS,6BAA6B;AAAA,EACzC,OAAO,aACJ,OAAO;AAAA,IACN,MAAM,aACH,OAAO,EACP,SAAS,EACT,SAAS,EACT,SAAS,iDAAiD;AAAA,EAC/D,CAAC,EACA,SAAS,kBAAkB;AAAA,EAC9B,MAAM,aACH,OAAO;AAAA,IACN,OAAO,aAAE,OAAO,EAAE,SAAS,uBAAuB;AAAA,IAClD,OAAO,aAAE,OAAO,EAAE,SAAS,0BAA0B;AAAA,IACrD,QAAQ,aAAE,OAAO,EAAE,SAAS,4BAA4B;AAAA,EAC1D,CAAC,EACA,SAAS,qBAAqB;AACnC,CAAC,EACA,SAAS,yCAAyC;AAY9C,IAAM,uCAAuC,aACjD,OAAO;AAAA,EACN,MAAM,aACH,OAAO,EACP,IAAI,CAAC,EACL,IAAI,GAAG,EACP,SAAS,gDAAgD;AAAA,EAC5D,gBAAgB,aACb,MAAM,4BAA4B,EAClC,IAAI,CAAC,EACL;AAAA,IACC;AAAA,EACF;AAAA;AAAA,EAEF,QAAQ,aACL,OAAO,aAAE,OAAO,GAAG,aAAE,QAAQ,CAAC,EAC9B,SAAS,EACT,SAAS,8CAA8C;AAC5D,CAAC,EACA,SAAS,8CAA8C;AAKnD,IAAM,wCAAwC,aAClD,OAAO;AAAA,EACN,MAAM,mCAAmC;AAAA,IACvC;AAAA,EACF;AACF,CAAC,EACA,SAAS,0CAA0C;AAY/C,IAAM,qCAAqC,aAAE,OAAO;AAAA,EACzD,UAAU,aAAE,OAAO,EAAE,SAAS,4CAA4C;AAC5E,CAAC;","names":[]}