{
  "version": 3,
  "sources": ["../../../../src/schemas/3.1/processed/security-scheme-object.ts"],
  "sourcesContent": ["import { z } from 'zod'\n\nconst DescriptionSchema = z.object({\n  /**\n   * A description for security scheme. CommonMark syntax MAY be used for rich text representation.\n   */\n  description: z.string().optional(),\n})\n\nexport const ApiKeyInValues = ['query', 'header', 'cookie'] as const\n\nexport const ApiKeySchema = DescriptionSchema.extend({\n  /**\n   * REQUIRED. The type of the security scheme. Valid values are \"apiKey\", \"http\", \"mutualTLS\", \"oauth2\",\n   * \"openIdConnect\".\n   */\n  type: z.literal('apiKey'),\n  /**\n   * REQUIRED. The name of the header, query or cookie parameter to be used.\n   *\n   * TODO: Why do we use an empty string as the default?\n   */\n  name: z.string().optional().default(''),\n  /**\n   * REQUIRED. The location of the API key. Valid values are \"query\", \"header\", or \"cookie\".\n   */\n  in: z.enum(ApiKeyInValues).optional().default('header').catch('header'),\n})\n\nexport const HttpSchema = DescriptionSchema.extend({\n  /**\n   * REQUIRED. The type of the security scheme. Valid values are \"apiKey\", \"http\", \"mutualTLS\", \"oauth2\",\n   * \"openIdConnect\".\n   */\n  type: z.literal('http'),\n  /**\n   * REQUIRED. The name of the HTTP Authentication scheme to be used in the Authorization header as defined in RFC7235.\n   * The values used SHOULD be registered in the IANA Authentication Scheme registry. The value is case-insensitive,\n   * as defined in RFC7235.\n   */\n  scheme: z\n    .string()\n    .toLowerCase()\n    .pipe(z.enum(['basic', 'bearer']))\n    .optional()\n    .default('basic'),\n  /**\n   * A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated by an\n   * authorization server, so this information is primarily for documentation purposes.\n   */\n  bearerFormat: z.union([z.literal('JWT'), z.literal('bearer'), z.string()]).optional(),\n})\n\nexport const OpenIdConnectSchema = DescriptionSchema.extend({\n  /**\n   * REQUIRED. The type of the security scheme. Valid values are \"apiKey\", \"http\", \"mutualTLS\", \"oauth2\",\n   * \"openIdConnect\".\n   */\n  type: z.literal('openIdConnect'),\n  /**\n   * REQUIRED. Well-known URL to discover the [[OpenID-Connect-Discovery]] provider metadata.\n   */\n  openIdConnectUrl: z.string().optional().default(''),\n})\n\n/**\n * REQUIRED. The authorization URL to be used for this flow. This MUST be in\n * the form of a URL. The OAuth2 standard requires the use of TLS.\n */\nconst authorizationUrl = z.string().default('')\n\n/**\n * REQUIRED. The token URL to be used for this flow. This MUST be in the\n * form of a URL. The OAuth2 standard requires the use of TLS.\n */\nconst tokenUrl = z.string().default('')\n\n/**\n * OAuth Flow Object\n *\n * Configuration details for a supported OAuth Flow\n */\nexport const OAuthFlowObjectSchema = z.object({\n  /**\n   * The URL to be used for obtaining refresh tokens. This MUST be in the form of a URL. The OAuth2 standard requires\n   * the use of TLS.\n   */\n  refreshUrl: z.string().optional(),\n  /**\n   * REQUIRED. The available scopes for the OAuth2 security scheme. A map\n   * between the scope name and a short description for it. The map MAY be empty.\n   */\n  scopes: z.record(z.string(), z.string().optional()).optional().default({}).catch({}),\n})\n\nexport const ImplicitFlowSchema = OAuthFlowObjectSchema.extend({\n  type: z.literal('implicit').optional(),\n  authorizationUrl,\n})\n\nexport const PasswordFlowSchema = OAuthFlowObjectSchema.extend({\n  type: z.literal('password').optional(),\n  tokenUrl,\n})\n\nexport const ClientCredentialsFlowSchema = OAuthFlowObjectSchema.extend({\n  type: z.literal('clientCredentials').optional(),\n  tokenUrl,\n})\n\nexport const AuthorizationCodeFlowSchema = OAuthFlowObjectSchema.extend({\n  type: z.literal('authorizationCode').optional(),\n  authorizationUrl,\n  tokenUrl,\n})\n\n/**\n * OAuth Flows Object\n *\n * Allows configuration of the supported OAuth Flows.\n *\n * @see https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.1.1.md#oauth-flows-object\n */\nexport const OAuthFlowsObjectSchema = DescriptionSchema.extend({\n  /**\n   * REQUIRED. The type of the security scheme. Valid values are \"apiKey\", \"http\", \"mutualTLS\", \"oauth2\",\n   * \"openIdConnect\".\n   */\n  type: z.literal('oauth2'),\n  /**\n   * REQUIRED. An object containing configuration information for the flow types supported.\n   */\n  flows: z\n    .object({\n      /**\n       * Configuration for the OAuth Implicit flow\n       */\n      implicit: ImplicitFlowSchema.optional(),\n      /**\n       * Configuration for the OAuth Resource Owner Password flow\n       */\n      password: PasswordFlowSchema.optional(),\n      /**\n       * Configuration for the OAuth Client Credentials flow. Previously called application in OpenAPI 2.0.\n       */\n      clientCredentials: ClientCredentialsFlowSchema.optional(),\n      /**\n       * Configuration for the OAuth Authorization Code flow. Previously called accessCode in OpenAPI 2.0.\n       */\n      authorizationCode: AuthorizationCodeFlowSchema.optional(),\n    })\n    .partial(),\n})\n\nexport const MutualTlsSchema = DescriptionSchema.extend({\n  /**\n   * REQUIRED. The type of the security scheme. Valid values are \"apiKey\", \"http\", \"mutualTLS\", \"oauth2\",\n   * \"openIdConnect\".\n   */\n  type: z.literal('mutualTLS'),\n})\n\n/**\n * Security Scheme Object\n *\n * Defines a security scheme that can be used by the operations.\n *\n * Supported schemes are HTTP authentication, an API key (either as a header, a cookie parameter or as a query\n * parameter), mutual TLS (use of a client certificate), OAuth2's common flows (implicit, password, client credentials\n * and authorization code) as defined in RFC6749, and [[OpenID-Connect-Core]]. Please note that as of 2020, the implicit\n * flow is about to be deprecated by OAuth 2.0 Security Best Current Practice. Recommended for most use cases is\n * Authorization Code Grant flow with PKCE.\n *\n * @see https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.1.1.md#security-scheme-object\n */\nexport const SecuritySchemeObjectSchema = z.union([\n  ApiKeySchema,\n  HttpSchema,\n  MutualTlsSchema,\n  OAuthFlowsObjectSchema,\n  OpenIdConnectSchema,\n])\n"],
  "mappings": "AAAA,SAAS,SAAS;AAElB,MAAM,oBAAoB,EAAE,OAAO;AAAA;AAAA;AAAA;AAAA,EAIjC,aAAa,EAAE,OAAO,EAAE,SAAS;AACnC,CAAC;AAEM,MAAM,iBAAiB,CAAC,SAAS,UAAU,QAAQ;AAEnD,MAAM,eAAe,kBAAkB,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA,EAKnD,MAAM,EAAE,QAAQ,QAAQ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMxB,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE;AAAA;AAAA;AAAA;AAAA,EAItC,IAAI,EAAE,KAAK,cAAc,EAAE,SAAS,EAAE,QAAQ,QAAQ,EAAE,MAAM,QAAQ;AACxE,CAAC;AAEM,MAAM,aAAa,kBAAkB,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA,EAKjD,MAAM,EAAE,QAAQ,MAAM;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMtB,QAAQ,EACL,OAAO,EACP,YAAY,EACZ,KAAK,EAAE,KAAK,CAAC,SAAS,QAAQ,CAAC,CAAC,EAChC,SAAS,EACT,QAAQ,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA,EAKlB,cAAc,EAAE,MAAM,CAAC,EAAE,QAAQ,KAAK,GAAG,EAAE,QAAQ,QAAQ,GAAG,EAAE,OAAO,CAAC,CAAC,EAAE,SAAS;AACtF,CAAC;AAEM,MAAM,sBAAsB,kBAAkB,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA,EAK1D,MAAM,EAAE,QAAQ,eAAe;AAAA;AAAA;AAAA;AAAA,EAI/B,kBAAkB,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE;AACpD,CAAC;AAMD,MAAM,mBAAmB,EAAE,OAAO,EAAE,QAAQ,EAAE;AAM9C,MAAM,WAAW,EAAE,OAAO,EAAE,QAAQ,EAAE;AAO/B,MAAM,wBAAwB,EAAE,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA,EAK5C,YAAY,EAAE,OAAO,EAAE,SAAS;AAAA;AAAA;AAAA;AAAA;AAAA,EAKhC,QAAQ,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,OAAO,EAAE,SAAS,CAAC,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AACrF,CAAC;AAEM,MAAM,qBAAqB,sBAAsB,OAAO;AAAA,EAC7D,MAAM,EAAE,QAAQ,UAAU,EAAE,SAAS;AAAA,EACrC;AACF,CAAC;AAEM,MAAM,qBAAqB,sBAAsB,OAAO;AAAA,EAC7D,MAAM,EAAE,QAAQ,UAAU,EAAE,SAAS;AAAA,EACrC;AACF,CAAC;AAEM,MAAM,8BAA8B,sBAAsB,OAAO;AAAA,EACtE,MAAM,EAAE,QAAQ,mBAAmB,EAAE,SAAS;AAAA,EAC9C;AACF,CAAC;AAEM,MAAM,8BAA8B,sBAAsB,OAAO;AAAA,EACtE,MAAM,EAAE,QAAQ,mBAAmB,EAAE,SAAS;AAAA,EAC9C;AAAA,EACA;AACF,CAAC;AASM,MAAM,yBAAyB,kBAAkB,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA,EAK7D,MAAM,EAAE,QAAQ,QAAQ;AAAA;AAAA;AAAA;AAAA,EAIxB,OAAO,EACJ,OAAO;AAAA;AAAA;AAAA;AAAA,IAIN,UAAU,mBAAmB,SAAS;AAAA;AAAA;AAAA;AAAA,IAItC,UAAU,mBAAmB,SAAS;AAAA;AAAA;AAAA;AAAA,IAItC,mBAAmB,4BAA4B,SAAS;AAAA;AAAA;AAAA;AAAA,IAIxD,mBAAmB,4BAA4B,SAAS;AAAA,EAC1D,CAAC,EACA,QAAQ;AACb,CAAC;AAEM,MAAM,kBAAkB,kBAAkB,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA,EAKtD,MAAM,EAAE,QAAQ,WAAW;AAC7B,CAAC;AAeM,MAAM,6BAA6B,EAAE,MAAM;AAAA,EAChD;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;",
  "names": []
}