release: version packages

[silverhand-bot]

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and publish to npm yourself or setup this action to publish automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to master, this PR will be updated.

Releases

@logto/[email protected]

Minor Changes

• f2c0a05: added an updated_at field to the user_sso_identities table to track the last update time for each record.

  On each successfull SSO sign-in, the updated_at field will be set to the current timestamp. This allows for better tracking of when a user's SSO identity was authenticated and updated.

• db77aad: feat: introduced new oidc_session_extensions table

  This change introduces a new table named oidc_session_extensions to the Logto database schema. This table is designed to store additional user session-related data for OpenID Connect (OIDC) sessions, allowing for more flexible and extensible session management.

• 50d50f7: manage WebAuthn passkeys in Account API

  You can now manage WebAuthn passkeys in Account API, including:

  1. Bind a WebAuthn passkey to the user's account through your website.
  2. Manage the passkeys in the user's account.

  We implemented Related Origin Requests so that you can manage the WebAuthn passkeys in your website which has a different domain from the Logto's sign-in page.

  To learn more, checkout the documentation.

@logto/[email protected]

Patch Changes

• Updated dependencies [f2c0a05]
• Updated dependencies [db77aad]
• Updated dependencies [50d50f7]
  • @logto/[email protected]

@logto/[email protected]

Patch Changes

• @logto/[email protected]

@logto/[email protected]

Minor Changes

• db77aad: add user interaction context to custom token claims script

  This change introduces the ability to access user interaction details in the custom token claims script within Logto console. The interaction context includes information about the user's interaction event, user ID, and verification records, allowing developers to create dynamic and context-aware token claims.

@logto/[email protected]

Minor Changes

• f2c0a05: added an updated_at field to the user_sso_identities table to track the last update time for each record.

  On each successfull SSO sign-in, the updated_at field will be set to the current timestamp. This allows for better tracking of when a user's SSO identity was authenticated and updated.

• 50d50f7: manage WebAuthn passkeys in Account API

  You can now manage WebAuthn passkeys in Account API, including:

  1. Bind a WebAuthn passkey to the user's account through your website.
  2. Manage the passkeys in the user's account.

  We implemented Related Origin Requests so that you can manage the WebAuthn passkeys in your website which has a different domain from the Logto's sign-in page.

  To learn more, checkout the documentation.

• db77aad: feat: add user interaction details to the custom token claims context

  This update introduces a key feature that allows the storage of user interaction details in the oidc_session_extensions table for future reference.

  Developers can now access user interaction data associated with the current token's authentication session through the context in the custom token claims script, enabling the creation of tailored token claims.

  Key Changes:

  • Store interaction details: User interaction details are now stored in the oidc_session_extensions table, providing a historical reference for the associated authentication session.
  • Access user interaction details: In the custom token claims script, developers can retrieve user interaction details through the context.interaction property, allowing for the creation of dynamic and context-aware token claims. Logto will use the sessionUid to query the oidc_session_extensions table and retrieve the user interaction details.
  • Interaction Context Includes:
    • interactionEvent: The event that triggered the interaction, such as SignIn, Register.
    • userId: The unique identifier of the user involved in the interaction.
    • verificationRecords: An array of verification records, providing details about the verification methods used for user identification and any MFA verification if enabled.

  Example Use Case:
  Developers can read the verification records from the interaction context. If an Enterprise SSO verification record is found, they can pass the user profile from the Enterprise SSO identities as additional token claims.

  const ssoVerification = verifications.find(
    (record) => record.type === "EnterpriseSso",
  );
  
  if (ssoVerification) {
    return {
      enterpriseSsoIdentityId:
        enterpriseSsoVerification?.enterpriseSsoUserInfo?.id,
      familyName: enterpriseSsoVerification?.enterpriseSsoUserInfo?.familyName,
    };
  }

Patch Changes

• 47b2547: fix: make access_token optional for Azure OIDC SSO connector

  Previously, the Azure OIDC connector strictly required an access token in the token response, which caused issues with Azure B2C applications that only return ID tokens.

  This change makes the connector more flexible by:

  • Making access token optional in token response
  • Conditionally fetching user claims from userinfo endpoint only when:
    • Access token is present in the response
    • Userinfo endpoint is supported by the provider
  • Falling back to ID token claims when access token is not available

• 3cf7ee1: fix potential WebAuthn registration errors by specifying the displayName

  This is an optional field, but it's actually required by some browsers. For example, when using Chrome on Windows 11 with the "Use other devices" option (scanning QR code), an empty displayName will cause the registration to fail.

• Updated dependencies [f2c0a05]

• Updated dependencies [db77aad]

• Updated dependencies [db77aad]

• Updated dependencies [50d50f7]

  • @logto/[email protected]
  • @logto/[email protected]
  • @logto/[email protected]

@logto/[email protected]

Patch Changes

• 3cf7ee1: fix potential WebAuthn registration errors by specifying the displayName

  This is an optional field, but it's actually required by some browsers. For example, when using Chrome on Windows 11 with the "Use other devices" option (scanning QR code), an empty displayName will cause the registration to fail.

[github-actions]

COMPARE TO master

Total Size Diff 📈 +2.98 KB

Diff by File

Name	Diff
.changeset/blue-brooms-clean.md	📈 +352 Bytes
.changeset/fluffy-actors-knock.md	📈 +351 Bytes
.changeset/large-carrots-think.md	📈 +407 Bytes
.changeset/lemon-walls-fry.md	📈 +600 Bytes
.changeset/pink-rules-compare.md	📈 +369 Bytes
.changeset/purple-zebras-deliver.md	📈 +609 Bytes
.changeset/twenty-buttons-chew.md	📈 +1.9 KB
packages/cli/CHANGELOG.md	📈 +162 Bytes
packages/cli/package.json	0 Bytes
packages/console/CHANGELOG.md	📈 +420 Bytes
packages/console/package.json	0 Bytes
packages/core/CHANGELOG.md	📈 +3.96 KB
packages/core/package.json	0 Bytes
packages/create/CHANGELOG.md	📈 +51 Bytes
packages/create/package.json	0 Bytes
packages/integration-tests/CHANGELOG.md	📈 +351 Bytes
packages/integration-tests/package.json	0 Bytes
packages/schemas/CHANGELOG.md	📈 +1.23 KB
packages/schemas/alterations/1.29.0-1748832174-add-webauthn-related-origins.ts	📈 +504 Bytes
packages/schemas/alterations/1.29.0-1749005587-user-sso-identities-table-add-updated-at-column.ts	📈 +759 Bytes
packages/schemas/alterations/1.29.0-1749026308-add-oidc-session-extension-table.ts	📈 +1.26 KB
packages/schemas/alterations/1.29.0-1749523818-add-custom-profile-fields.ts	📈 +2.11 KB
packages/schemas/alterations/next-1748832174-add-webauthn-related-origins.ts	📈 +504 Bytes
packages/schemas/alterations/next-1749005587-user-sso-identities-table-add-updated-at-column.ts	📈 +759 Bytes
packages/schemas/alterations/next-1749026308-add-oidc-session-extension-table.ts	📈 +1.26 KB
packages/schemas/alterations/next-1749523818-add-custom-profile-fields.ts	📈 +2.11 KB
packages/schemas/package.json	0 Bytes
pnpm-lock.yaml	📈 +1.36 KB