@aifabrix/miso-client 4.0.0 → 4.2.0

package/dist/services/auth.service.d.ts

@@ -12,6 +12,7 @@ export declare class AuthService {
     private config;
     private tokenValidationTTL;
     private minValidationTTL;
+    private userTTL;
     constructor(httpClient: HttpClient, apiClient: ApiClient, cache: CacheService);
     /**
      * Check if token matches configured API key for testing
@@ -42,22 +43,17 @@ export declare class AuthService {
      * Generate unique correlation ID for request tracking
      */
     private generateCorrelationId;
-    /**
-     * Get environment token using client credentials
-     */
+    /** Extract token from response (handles nested and flat formats) */
+    private extractTokenFromEnvResponse;
+    /** Get environment token using client credentials */
     getEnvironmentToken(): Promise<string>;
     /**
-     * Initiate login flow by calling controller
-     * Returns the login URL and state for browser redirect or manual navigation
-     *
-     * Important: Your application only needs to know about your own app URLs and the miso-controller.
-     * The miso-controller manages all authentication flows internally, including OAuth callbacks with Keycloak.
-     * You don't need to handle OAuth callbacks in your application.
-     *
+     * Initiate login flow by calling controller. Returns login URL and state for browser redirect.
+     * Your app only needs to know your own URLs and miso-controller - it handles OAuth callbacks with Keycloak.
      * @param params - Login parameters
-     * @param params.redirect - Required final destination URL in your application where the user should be redirected after successful authentication. This is a URL in your app (e.g., 'https://myapp.com/dashboard'). The miso-controller handles the OAuth callback internally and then redirects the user to this URL.
+     * @param params.redirect - Final destination URL in your app after authentication (e.g., 'https://myapp.com/dashboard')
      * @param params.state - Optional CSRF protection token (auto-generated by controller if omitted)
-     * @returns Login response with loginUrl (the Keycloak authentication URL) and state
+     * @returns Login response with loginUrl and state
      */
     login(params: {
         redirect: string;
@@ -81,6 +77,7 @@ export declare class AuthService {
     getUser(token: string, authStrategy?: AuthStrategy): Promise<UserInfo | null>;
     /**
      * Get user information from GET /api/v1/auth/user endpoint
+     * Caches user info by userId with configurable TTL (default 5 minutes)
      * If API_KEY is configured and token matches, returns null (by design for testing)
      * @param token - User authentication token
      * @param authStrategy - Optional authentication strategy override
@@ -93,12 +90,14 @@ export declare class AuthService {
      */
     clearTokenCache(token: string): void;
     /**
-     * Logout user
-     * Gracefully handles cases where there's no active session (400 Bad Request)
-     * Only throws errors for unexpected failures (network errors, 5xx errors, etc.)
-     * Automatically clears token validation cache on logout
-     * @param params - Logout parameters
-     * @param params.token - Access token to invalidate
+     * Clear cached user info
+     * Uses userId extracted from token for cache key
+     * @param token - User authentication token
+     */
+    clearUserCache(token: string): void;
+    /**
+     * Logout user. Gracefully handles no active session (400). Clears token/user caches.
+     * @param params - Logout parameters with token to invalidate
      * @returns Logout response with success message
      */
     logout(params: {
@@ -106,8 +105,7 @@ export declare class AuthService {
     }): Promise<LogoutResponse>;
     /**
      * Refresh user access token using refresh token
-     * @param refreshToken - Refresh token to exchange for new access token
-     * @param authStrategy - Optional authentication strategy override
+     * @param refreshToken - Refresh token to exchange for new tokens
      * @returns New access token, refresh token, and expiration info, or null on error
      */
     refreshToken(refreshToken: string, authStrategy?: AuthStrategy): Promise<RefreshTokenResponse | null>;

package/dist/services/auth.service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAEL,QAAQ,EACR,YAAY,EACZ,aAAa,EACb,cAAc,EACd,oBAAoB,EACrB,MAAM,uBAAuB,CAAC;AAU/B,qBAAa,WAAW;IACtB,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,SAAS,CAAY;IAC7B,OAAO,CAAC,KAAK,CAAe;IAC5B,OAAO,CAAC,MAAM,CAAmB;IACjC,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,gBAAgB,CAAS;gBAErB,UAAU,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,YAAY;IAS7E;;;OAGG;IACH,OAAO,CAAC,aAAa;IAIrB;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAe9B;;;;;OAKG;IACH,OAAO,CAAC,gBAAgB;IAKxB;;;;;;OAMG;IACH,OAAO,CAAC,oBAAoB;IAsB5B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAO7B;;OAEG;IACG,mBAAmB,IAAI,OAAO,CAAC,MAAM,CAAC;IAuD5C;;;;;;;;;;;;OAYG;IACG,KAAK,CAAC,MAAM,EAAE;QAClB,QAAQ,EAAE,MAAM,CAAC;QACjB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC,aAAa,CAAC;IAoC1B;;;;;;;OAOG;IACG,aAAa,CACjB,KAAK,EAAE,MAAM,EACb,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,OAAO,CAAC;IA4CnB;;;;;OAKG;IACG,OAAO,CACX,KAAK,EAAE,MAAM,EACb,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC;IAgC3B;;;;;OAKG;IACG,WAAW,CACf,KAAK,EAAE,MAAM,EACb,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC;IA6B3B;;;;OAIG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAWpC;;;;;;;;OAQG;IACG,MAAM,CAAC,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,cAAc,CAAC;IAuBhE;;;;;OAKG;IACG,YAAY,CAChB,YAAY,EAAE,MAAM,EACpB,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC;IA8BvC;;;;OAIG;IACG,eAAe,CACnB,KAAK,EAAE,MAAM,EACb,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,OAAO,CAAC;CAGpB"}
+{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAEL,QAAQ,EACR,YAAY,EACZ,aAAa,EACb,cAAc,EACd,oBAAoB,EACrB,MAAM,uBAAuB,CAAC;AAW/B,qBAAa,WAAW;IACtB,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,SAAS,CAAY;IAC7B,OAAO,CAAC,KAAK,CAAe;IAC5B,OAAO,CAAC,MAAM,CAAmB;IACjC,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,OAAO,CAAS;gBAEZ,UAAU,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,YAAY;IAU7E;;;OAGG;IACH,OAAO,CAAC,aAAa;IAIrB;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAe9B;;;;;OAKG;IACH,OAAO,CAAC,gBAAgB;IAKxB;;;;;;OAMG;IACH,OAAO,CAAC,oBAAoB;IAsB5B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAO7B,oEAAoE;IACpE,OAAO,CAAC,2BAA2B;IAOnC,qDAAqD;IAC/C,mBAAmB,IAAI,OAAO,CAAC,MAAM,CAAC;IAqC5C;;;;;;;OAOG;IACG,KAAK,CAAC,MAAM,EAAE;QAClB,QAAQ,EAAE,MAAM,CAAC;QACjB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC,aAAa,CAAC;IAoC1B;;;;;;;OAOG;IACG,aAAa,CACjB,KAAK,EAAE,MAAM,EACb,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,OAAO,CAAC;IA4CnB;;;;;OAKG;IACG,OAAO,CACX,KAAK,EAAE,MAAM,EACb,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC;IAgC3B;;;;;;OAMG;IACG,WAAW,CACf,KAAK,EAAE,MAAM,EACb,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC;IAqD3B;;;;OAIG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAWpC;;;;OAIG;IACH,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAanC;;;;OAIG;IACG,MAAM,CAAC,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,cAAc,CAAC;IAyBhE;;;;OAIG;IACG,YAAY,CAChB,YAAY,EAAE,MAAM,EACpB,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC;IA8BvC;;;;OAIG;IACG,eAAe,CACnB,KAAK,EAAE,MAAM,EACb,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,OAAO,CAAC;CAGpB"}

package/dist/services/auth.service.js

@@ -52,6 +52,7 @@ class AuthService {
         this.apiClient = apiClient;
         this.tokenValidationTTL = this.config.cache?.tokenValidationTTL || 900; // 15 minutes default
         this.minValidationTTL = this.config.cache?.minValidationTTL || 60; // 60 seconds default
+        this.userTTL = this.config.cache?.userTTL || 300; // 5 minutes default
     }
     /**
      * Check if token matches configured API key for testing
@@ -121,27 +122,29 @@ class AuthService {
         const clientPrefix = this.config.clientId.substring(0, 10);
         return `${clientPrefix}-${timestamp}-${random}`;
     }
-    /**
-     * Get environment token using client credentials
-     */
+    /** Extract token from response (handles nested and flat formats) */
+    extractTokenFromEnvResponse(data) {
+        const rd = data;
+        const dataObj = rd?.data;
+        const nestedData = dataObj?.data;
+        return (nestedData?.token || dataObj?.token || rd?.token);
+    }
+    /** Get environment token using client credentials */
     async getEnvironmentToken() {
         const correlationId = this.generateCorrelationId();
         const clientId = this.config.clientId;
+        const axiosTimeout = 4000;
         try {
             const axios = (await Promise.resolve().then(() => __importStar(require("axios")))).default;
-            const controllerUrl = (0, controller_url_resolver_1.resolveControllerUrl)(this.config);
-            const tokenUri = this.config.clientTokenUri || "/api/v1/auth/token";
-            const axiosTimeout = 4000;
-            const controller = new AbortController();
-            const timeoutId = setTimeout(() => controller.abort(), axiosTimeout);
             const http = await Promise.resolve().then(() => __importStar(require("http")));
             const https = await Promise.resolve().then(() => __importStar(require("https")));
+            const controllerUrl = (0, controller_url_resolver_1.resolveControllerUrl)(this.config);
             const isHttps = controllerUrl.startsWith("https://");
             const agentOpts = { family: 4, timeout: axiosTimeout };
+            const controller = new AbortController();
+            const timeoutId = setTimeout(() => controller.abort(), axiosTimeout);
             const tempAxios = axios.create({
-                baseURL: controllerUrl,
-                timeout: axiosTimeout,
-                signal: controller.signal,
+                baseURL: controllerUrl, timeout: axiosTimeout, signal: controller.signal,
                 httpAgent: !isHttps ? new http.Agent(agentOpts) : undefined,
                 httpsAgent: isHttps ? new https.Agent(agentOpts) : undefined,
                 headers: { "Content-Type": "application/json", "x-client-id": clientId, "x-client-secret": this.config.clientSecret },
@@ -149,21 +152,16 @@ class AuthService {
             const timeoutPromise = new Promise((_, reject) => setTimeout(() => reject(new Error(`Request timeout after ${axiosTimeout}ms`)), axiosTimeout));
             let response;
             try {
-                response = await Promise.race([tempAxios.post(tokenUri), timeoutPromise]);
+                response = await Promise.race([tempAxios.post(this.config.clientTokenUri || "/api/v1/auth/token"), timeoutPromise]);
                 clearTimeout(timeoutId);
             }
             catch (e) {
                 clearTimeout(timeoutId);
                 throw e;
             }
-            // Extract token from various response formats
-            const rd = response.data;
-            const dataObj = rd?.data;
-            const nestedData = dataObj?.data;
-            const token = (nestedData?.token || dataObj?.token || rd?.token);
-            if (response.status >= 200 && response.status < 300 && token) {
+            const token = this.extractTokenFromEnvResponse(response.data);
+            if (response.status >= 200 && response.status < 300 && token)
                 return token;
-            }
             throw new Error(`Invalid response format. Status: ${response.status}`);
         }
         catch (error) {
@@ -171,17 +169,12 @@ class AuthService {
         }
     }
     /**
-     * Initiate login flow by calling controller
-     * Returns the login URL and state for browser redirect or manual navigation
-     *
-     * Important: Your application only needs to know about your own app URLs and the miso-controller.
-     * The miso-controller manages all authentication flows internally, including OAuth callbacks with Keycloak.
-     * You don't need to handle OAuth callbacks in your application.
-     *
+     * Initiate login flow by calling controller. Returns login URL and state for browser redirect.
+     * Your app only needs to know your own URLs and miso-controller - it handles OAuth callbacks with Keycloak.
      * @param params - Login parameters
-     * @param params.redirect - Required final destination URL in your application where the user should be redirected after successful authentication. This is a URL in your app (e.g., 'https://myapp.com/dashboard'). The miso-controller handles the OAuth callback internally and then redirects the user to this URL.
+     * @param params.redirect - Final destination URL in your app after authentication (e.g., 'https://myapp.com/dashboard')
      * @param params.state - Optional CSRF protection token (auto-generated by controller if omitted)
-     * @returns Login response with loginUrl (the Keycloak authentication URL) and state
+     * @returns Login response with loginUrl and state
      */
     async login(params) {
         const correlationId = this.generateCorrelationId();
@@ -283,6 +276,7 @@ class AuthService {
     }
     /**
      * Get user information from GET /api/v1/auth/user endpoint
+     * Caches user info by userId with configurable TTL (default 5 minutes)
      * If API_KEY is configured and token matches, returns null (by design for testing)
      * @param token - User authentication token
      * @param authStrategy - Optional authentication strategy override
@@ -293,17 +287,33 @@ class AuthService {
             return null;
         }
         try {
+            // Extract userId from token to check cache first (avoids API call on cache hit)
+            const userId = this.extractUserIdFromToken(token);
+            const cacheKey = userId ? `user:${userId}` : null;
+            // Check cache first if we have userId
+            if (cacheKey) {
+                const cached = await this.cache.get(cacheKey);
+                if (cached) {
+                    return cached.user;
+                }
+            }
+            // Cache miss - fetch from controller
             const authStrategyToUse = authStrategy || this.config.authStrategy;
             const authStrategyWithToken = authStrategyToUse
                 ? { ...authStrategyToUse, bearerToken: token }
                 : { methods: ['bearer'], bearerToken: token };
             const result = await this.apiClient.auth.getUser(authStrategyWithToken);
             if (result.data?.authenticated && result.data.user) {
-                return {
+                const user = {
                     id: result.data.user.id,
                     username: result.data.user.username,
                     email: result.data.user.email,
                 };
+                // Cache the result if we have userId
+                if (cacheKey) {
+                    await this.cache.set(cacheKey, { user, timestamp: Date.now() }, this.userTTL);
+                }
+                return user;
             }
             return null;
         }
@@ -329,12 +339,26 @@ class AuthService {
         }
     }
     /**
-     * Logout user
-     * Gracefully handles cases where there's no active session (400 Bad Request)
-     * Only throws errors for unexpected failures (network errors, 5xx errors, etc.)
-     * Automatically clears token validation cache on logout
-     * @param params - Logout parameters
-     * @param params.token - Access token to invalidate
+     * Clear cached user info
+     * Uses userId extracted from token for cache key
+     * @param token - User authentication token
+     */
+    clearUserCache(token) {
+        try {
+            const userId = this.extractUserIdFromToken(token);
+            if (userId) {
+                // Use void to ignore promise result - cache clearing should not block
+                void this.cache.delete(`user:${userId}`);
+            }
+        }
+        catch (error) {
+            // Log but don't throw - cache clearing failures should not break flow
+            console.warn("Failed to clear user cache:", error);
+        }
+    }
+    /**
+     * Logout user. Gracefully handles no active session (400). Clears token/user caches.
+     * @param params - Logout parameters with token to invalidate
      * @returns Logout response with success message
      */
     async logout(params) {
@@ -343,8 +367,9 @@ class AuthService {
         try {
             // Use ApiClient for typed API call
             const response = await this.apiClient.auth.logoutWithToken(params.token);
-            // Clear token cache after successful logout
+            // Clear caches after successful logout
             this.clearTokenCache(params.token);
+            this.clearUserCache(params.token);
             return response;
         }
         catch (error) {
@@ -352,6 +377,7 @@ class AuthService {
             if ((0, auth_error_handler_1.isHttpStatus)(error, 400)) {
                 console.warn(`Logout: No active session (400) [correlationId: ${correlationId}]`);
                 this.clearTokenCache(params.token);
+                this.clearUserCache(params.token);
                 return { success: true, message: "Logout successful (no active session)", timestamp: new Date().toISOString() };
             }
             (0, auth_error_handler_1.handleAuthError)(error, "Logout", correlationId, clientId);
@@ -359,8 +385,7 @@ class AuthService {
     }
     /**
      * Refresh user access token using refresh token
-     * @param refreshToken - Refresh token to exchange for new access token
-     * @param authStrategy - Optional authentication strategy override
+     * @param refreshToken - Refresh token to exchange for new tokens
      * @returns New access token, refresh token, and expiration info, or null on error
      */
     async refreshToken(refreshToken, authStrategy) {

package/dist/services/auth.service.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,oDAA4B;AAY5B,8EAAwE;AACxE,gEAA+B;AAC/B,6DAA4F;AAO5F,MAAa,WAAW;IAQtB,YAAY,UAAsB,EAAE,SAAoB,EAAE,KAAmB;QAC3E,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;QAChC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,kBAAkB,IAAI,GAAG,CAAC,CAAC,qBAAqB;QAC7F,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,gBAAgB,IAAI,EAAE,CAAC,CAAC,qBAAqB;IAC1F,CAAC;IAED;;;OAGG;IACK,aAAa,CAAC,KAAa;QACjC,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;IAC1E,CAAC;IAED;;;OAGG;IACK,sBAAsB,CAAC,KAAa;QAC1C,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,CAAmC,CAAC;YACpE,IAAI,CAAC,OAAO;gBAAE,OAAO,IAAI,CAAC;YAE1B,0CAA0C;YAC1C,OAAO,CAAC,OAAO,CAAC,GAAG;gBACjB,OAAO,CAAC,MAAM;gBACd,OAAO,CAAC,OAAO;gBACf,OAAO,CAAC,EAAE,CAAkB,CAAC;QACjC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACK,gBAAgB,CAAC,KAAa;QACpC,MAAM,IAAI,GAAG,gBAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACrE,OAAO,oBAAoB,IAAI,EAAE,CAAC;IACpC,CAAC;IAED;;;;;;OAMG;IACK,oBAAoB,CAAC,KAAa;QACxC,MAAM,cAAc,GAAG,EAAE,CAAC,CAAC,0BAA0B;QAErD,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,CAAmC,CAAC;YACpE,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;gBAChD,OAAO,IAAI,CAAC,kBAAkB,CAAC,CAAC,6BAA6B;YAC/D,CAAC;YAED,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAC1C,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,GAAG,GAAG,GAAG,cAAc,CAAC;YAEpD,wDAAwD;YACxD,OAAO,IAAI,CAAC,GAAG,CACb,IAAI,CAAC,gBAAgB,EACrB,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAC5C,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC,kBAAkB,CAAC;QACjC,CAAC;IACH,CAAC;IAED;;OAEG;IACK,qBAAqB;QAC3B,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC1D,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC3D,OAAO,GAAG,YAAY,IAAI,SAAS,IAAI,MAAM,EAAE,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,mBAAmB;QACvB,MAAM,aAAa,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAEtC,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,CAAC,wDAAa,OAAO,GAAC,CAAC,CAAC,OAAO,CAAC;YAC9C,MAAM,aAAa,GAAG,IAAA,8CAAoB,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACxD,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,oBAAoB,CAAC;YACpE,MAAM,YAAY,GAAG,IAAI,CAAC;YAC1B,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,YAAY,CAAC,CAAC;YAErE,MAAM,IAAI,GAAG,wDAAa,MAAM,GAAC,CAAC;YAClC,MAAM,KAAK,GAAG,wDAAa,OAAO,GAAC,CAAC;YACpC,MAAM,OAAO,GAAG,aAAa,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;YACrD,MAAM,SAAS,GAAG,EAAE,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;YAEvD,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC;gBAC7B,OAAO,EAAE,aAAa;gBACtB,OAAO,EAAE,YAAY;gBACrB,MAAM,EAAE,UAAU,CAAC,MAAM;gBACzB,SAAS,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS;gBAC3D,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS;gBAC5D,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,QAAQ,EAAE,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE;aACtH,CAAC,CAAC;YAEH,MAAM,cAAc,GAAG,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CACtD,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,yBAAyB,YAAY,IAAI,CAAC,CAAC,EAAE,YAAY,CAAC,CAC7F,CAAC;YAEF,IAAI,QAAQ,CAAC;YACb,IAAI,CAAC;gBACH,QAAQ,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,IAAI,CAAsD,QAAQ,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC;gBAC/H,YAAY,CAAC,SAAS,CAAC,CAAC;YAC1B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,YAAY,CAAC,SAAS,CAAC,CAAC;gBACxB,MAAM,CAAC,CAAC;YACV,CAAC;YAED,8CAA8C;YAC9C,MAAM,EAAE,GAAG,QAAQ,CAAC,IAA0C,CAAC;YAC/D,MAAM,OAAO,GAAG,EAAE,EAAE,IAA2C,CAAC;YAChE,MAAM,UAAU,GAAG,OAAO,EAAE,IAA2C,CAAC;YACxE,MAAM,KAAK,GAAG,CAAC,UAAU,EAAE,KAAK,IAAI,OAAO,EAAE,KAAK,IAAI,EAAE,EAAE,KAAK,CAAuB,CAAC;YAEvF,IAAI,QAAQ,CAAC,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG,IAAI,KAAK,EAAE,CAAC;gBAC7D,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,IAAI,KAAK,CAAC,oCAAoC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACzE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAA,oCAAe,EAAC,KAAK,EAAE,uBAAuB,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,KAAK,CAAC,MAGX;QACC,MAAM,aAAa,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAEtC,IAAI,CAAC;YACH,yBAAyB;YACzB,MAAM,WAAW,GAA2B;gBAC1C,QAAQ,EAAE,MAAM,CAAC,QAAQ;aAC1B,CAAC;YAEF,wBAAwB;YACxB,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;gBACjB,WAAW,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;YACnC,CAAC;YAED,mCAAmC;YACnC,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YAC9C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,CAC9C,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,EAClD,YAAY,CACb,CAAC;YAEF,+DAA+D;YAC/D,OAAO;gBACL,OAAO,EAAE,QAAQ,CAAC,OAAO;gBACzB,IAAI,EAAE;oBACJ,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ;oBAChC,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE;iBACjC;gBACD,SAAS,EAAE,QAAQ,CAAC,SAAS;aAC9B,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAA,oCAAe,EAAC,KAAK,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,aAAa,CACjB,KAAa,EACb,YAA2B;QAE3B,mCAAmC;QACnC,IAAI,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,sEAAsE;YACtE,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;YAE9C,oBAAoB;YACpB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAiB,QAAQ,CAAC,CAAC;YAC9D,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,MAAM,CAAC,aAAa,CAAC;YAC9B,CAAC;YAED,qDAAqD;YACrD,MAAM,iBAAiB,GAAG,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YACnE,MAAM,qBAAqB,GAAiB,iBAAiB;gBAC3D,CAAC,CAAC,EAAE,GAAG,iBAAiB,EAAE,WAAW,EAAE,KAAK,EAAE;gBAC9C,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,QAAQ,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;YAEhD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,aAAa,CACpD,EAAE,KAAK,EAAE,EACT,qBAAqB,CACtB,CAAC;YAEF,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,EAAE,aAAa,IAAI,KAAK,CAAC;YAE1D,4DAA4D;YAC5D,MAAM,GAAG,GAAG,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC;YAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAClB,QAAQ,EACR,EAAE,aAAa,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EACxC,GAAG,CACJ,CAAC;YAEF,OAAO,aAAa,CAAC;QACvB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,wCAAwC;YACxC,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CACX,KAAa,EACb,YAA2B;QAE3B,2DAA2D;QAC3D,IAAI,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,MAAM,iBAAiB,GAAG,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YACnE,MAAM,qBAAqB,GAAiB,iBAAiB;gBAC3D,CAAC,CAAC,EAAE,GAAG,iBAAiB,EAAE,WAAW,EAAE,KAAK,EAAE;gBAC9C,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,QAAQ,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;YAEhD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,aAAa,CACpD,EAAE,KAAK,EAAE,EACT,qBAAqB,CACtB,CAAC;YAEF,IAAI,MAAM,CAAC,IAAI,EAAE,aAAa,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACnD,OAAO;oBACL,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBACvB,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ;oBACnC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK;iBAC9B,CAAC;YACJ,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uCAAuC;YACvC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,WAAW,CACf,KAAa,EACb,YAA2B;QAE3B,2DAA2D;QAC3D,IAAI,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,MAAM,iBAAiB,GAAG,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YACnE,MAAM,qBAAqB,GAAiB,iBAAiB;gBAC3D,CAAC,CAAC,EAAE,GAAG,iBAAiB,EAAE,WAAW,EAAE,KAAK,EAAE;gBAC9C,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,QAAQ,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;YAEhD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC;YAExE,IAAI,MAAM,CAAC,IAAI,EAAE,aAAa,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACnD,OAAO;oBACL,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBACvB,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ;oBACnC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK;iBAC9B,CAAC;YACJ,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uCAAuC;YACvC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,KAAa;QAC3B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;YAC9C,sEAAsE;YACtE,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACnC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,sEAAsE;YACtE,OAAO,CAAC,IAAI,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,MAAM,CAAC,MAAyB;QACpC,MAAM,aAAa,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAEtC,IAAI,CAAC;YACH,mCAAmC;YACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAEzE,4CAA4C;YAC5C,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAEnC,OAAO,QAAQ,CAAC;QAClB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,2EAA2E;YAC3E,IAAI,IAAA,iCAAY,EAAC,KAAK,EAAE,GAAG,CAAC,EAAE,CAAC;gBAC7B,OAAO,CAAC,IAAI,CAAC,mDAAmD,aAAa,GAAG,CAAC,CAAC;gBAClF,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACnC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,uCAAuC,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;YAClH,CAAC;YACD,IAAA,oCAAe,EAAC,KAAK,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,YAAY,CAChB,YAAoB,EACpB,YAA2B;QAE3B,MAAM,aAAa,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAEtC,IAAI,CAAC;YACH,mCAAmC;YACnC,MAAM,iBAAiB,GAAG,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YACnE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,YAAY,CACrD,EAAE,YAAY,EAAE,EAChB,iBAAiB,CAClB,CAAC;YAEF,+DAA+D;YAC/D,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAClB,OAAO;oBACL,OAAO,EAAE,QAAQ,CAAC,OAAO;oBACzB,WAAW,EAAE,QAAQ,CAAC,IAAI,CAAC,WAAW;oBACtC,YAAY,EAAE,QAAQ,CAAC,IAAI,CAAC,YAAY,IAAI,YAAY;oBACxD,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,SAAS;oBAClC,SAAS,EAAE,QAAQ,CAAC,SAAS;oBAC7B,SAAS,EAAE,QAAQ,CAAC,SAAS;iBAC9B,CAAC;YACJ,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAA,0CAAqB,EAAC,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;QAChF,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe,CACnB,KAAa,EACb,YAA2B;QAE3B,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;IACjD,CAAC;CACF;AApbD,kCAobC"}
+{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,oDAA4B;AAY5B,8EAAwE;AACxE,gEAA+B;AAC/B,6DAA4F;AAQ5F,MAAa,WAAW;IAStB,YAAY,UAAsB,EAAE,SAAoB,EAAE,KAAmB;QAC3E,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;QAChC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,kBAAkB,IAAI,GAAG,CAAC,CAAC,qBAAqB;QAC7F,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,gBAAgB,IAAI,EAAE,CAAC,CAAC,qBAAqB;QACxF,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,IAAI,GAAG,CAAC,CAAC,oBAAoB;IACxE,CAAC;IAED;;;OAGG;IACK,aAAa,CAAC,KAAa;QACjC,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;IAC1E,CAAC;IAED;;;OAGG;IACK,sBAAsB,CAAC,KAAa;QAC1C,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,CAAmC,CAAC;YACpE,IAAI,CAAC,OAAO;gBAAE,OAAO,IAAI,CAAC;YAE1B,0CAA0C;YAC1C,OAAO,CAAC,OAAO,CAAC,GAAG;gBACjB,OAAO,CAAC,MAAM;gBACd,OAAO,CAAC,OAAO;gBACf,OAAO,CAAC,EAAE,CAAkB,CAAC;QACjC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACK,gBAAgB,CAAC,KAAa;QACpC,MAAM,IAAI,GAAG,gBAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACrE,OAAO,oBAAoB,IAAI,EAAE,CAAC;IACpC,CAAC;IAED;;;;;;OAMG;IACK,oBAAoB,CAAC,KAAa;QACxC,MAAM,cAAc,GAAG,EAAE,CAAC,CAAC,0BAA0B;QAErD,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,CAAmC,CAAC;YACpE,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;gBAChD,OAAO,IAAI,CAAC,kBAAkB,CAAC,CAAC,6BAA6B;YAC/D,CAAC;YAED,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAC1C,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,GAAG,GAAG,GAAG,cAAc,CAAC;YAEpD,wDAAwD;YACxD,OAAO,IAAI,CAAC,GAAG,CACb,IAAI,CAAC,gBAAgB,EACrB,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAC5C,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC,kBAAkB,CAAC;QACjC,CAAC;IACH,CAAC;IAED;;OAEG;IACK,qBAAqB;QAC3B,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC1D,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC3D,OAAO,GAAG,YAAY,IAAI,SAAS,IAAI,MAAM,EAAE,CAAC;IAClD,CAAC;IAED,oEAAoE;IAC5D,2BAA2B,CAAC,IAAa;QAC/C,MAAM,EAAE,GAAG,IAA+B,CAAC;QAC3C,MAAM,OAAO,GAAG,EAAE,EAAE,IAA2C,CAAC;QAChE,MAAM,UAAU,GAAG,OAAO,EAAE,IAA2C,CAAC;QACxE,OAAO,CAAC,UAAU,EAAE,KAAK,IAAI,OAAO,EAAE,KAAK,IAAI,EAAE,EAAE,KAAK,CAAuB,CAAC;IAClF,CAAC;IAED,qDAAqD;IACrD,KAAK,CAAC,mBAAmB;QACvB,MAAM,aAAa,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QACtC,MAAM,YAAY,GAAG,IAAI,CAAC;QAE1B,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,CAAC,wDAAa,OAAO,GAAC,CAAC,CAAC,OAAO,CAAC;YAC9C,MAAM,IAAI,GAAG,wDAAa,MAAM,GAAC,CAAC;YAClC,MAAM,KAAK,GAAG,wDAAa,OAAO,GAAC,CAAC;YACpC,MAAM,aAAa,GAAG,IAAA,8CAAoB,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACxD,MAAM,OAAO,GAAG,aAAa,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;YACrD,MAAM,SAAS,GAAG,EAAE,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;YACvD,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,YAAY,CAAC,CAAC;YAErE,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC;gBAC7B,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM;gBACxE,SAAS,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS;gBAC3D,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS;gBAC5D,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,QAAQ,EAAE,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE;aACtH,CAAC,CAAC;YAEH,MAAM,cAAc,GAAG,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,yBAAyB,YAAY,IAAI,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,CAAC;YACvJ,IAAI,QAAQ,CAAC;YACb,IAAI,CAAC;gBACH,QAAQ,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,IAAI,CAAsD,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC;gBACzK,YAAY,CAAC,SAAS,CAAC,CAAC;YAC1B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBAAC,YAAY,CAAC,SAAS,CAAC,CAAC;gBAAC,MAAM,CAAC,CAAC;YAAC,CAAC;YAEjD,MAAM,KAAK,GAAG,IAAI,CAAC,2BAA2B,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC9D,IAAI,QAAQ,CAAC,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG,IAAI,KAAK;gBAAE,OAAO,KAAK,CAAC;YAC3E,MAAM,IAAI,KAAK,CAAC,oCAAoC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACzE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAA,oCAAe,EAAC,KAAK,EAAE,uBAAuB,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,KAAK,CAAC,MAGX;QACC,MAAM,aAAa,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAEtC,IAAI,CAAC;YACH,yBAAyB;YACzB,MAAM,WAAW,GAA2B;gBAC1C,QAAQ,EAAE,MAAM,CAAC,QAAQ;aAC1B,CAAC;YAEF,wBAAwB;YACxB,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;gBACjB,WAAW,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;YACnC,CAAC;YAED,mCAAmC;YACnC,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YAC9C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,CAC9C,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,EAClD,YAAY,CACb,CAAC;YAEF,+DAA+D;YAC/D,OAAO;gBACL,OAAO,EAAE,QAAQ,CAAC,OAAO;gBACzB,IAAI,EAAE;oBACJ,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ;oBAChC,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE;iBACjC;gBACD,SAAS,EAAE,QAAQ,CAAC,SAAS;aAC9B,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAA,oCAAe,EAAC,KAAK,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,aAAa,CACjB,KAAa,EACb,YAA2B;QAE3B,mCAAmC;QACnC,IAAI,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,sEAAsE;YACtE,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;YAE9C,oBAAoB;YACpB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAiB,QAAQ,CAAC,CAAC;YAC9D,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,MAAM,CAAC,aAAa,CAAC;YAC9B,CAAC;YAED,qDAAqD;YACrD,MAAM,iBAAiB,GAAG,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YACnE,MAAM,qBAAqB,GAAiB,iBAAiB;gBAC3D,CAAC,CAAC,EAAE,GAAG,iBAAiB,EAAE,WAAW,EAAE,KAAK,EAAE;gBAC9C,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,QAAQ,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;YAEhD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,aAAa,CACpD,EAAE,KAAK,EAAE,EACT,qBAAqB,CACtB,CAAC;YAEF,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,EAAE,aAAa,IAAI,KAAK,CAAC;YAE1D,4DAA4D;YAC5D,MAAM,GAAG,GAAG,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC;YAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAClB,QAAQ,EACR,EAAE,aAAa,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EACxC,GAAG,CACJ,CAAC;YAEF,OAAO,aAAa,CAAC;QACvB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,wCAAwC;YACxC,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CACX,KAAa,EACb,YAA2B;QAE3B,2DAA2D;QAC3D,IAAI,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,MAAM,iBAAiB,GAAG,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YACnE,MAAM,qBAAqB,GAAiB,iBAAiB;gBAC3D,CAAC,CAAC,EAAE,GAAG,iBAAiB,EAAE,WAAW,EAAE,KAAK,EAAE;gBAC9C,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,QAAQ,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;YAEhD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,aAAa,CACpD,EAAE,KAAK,EAAE,EACT,qBAAqB,CACtB,CAAC;YAEF,IAAI,MAAM,CAAC,IAAI,EAAE,aAAa,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACnD,OAAO;oBACL,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBACvB,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ;oBACnC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK;iBAC9B,CAAC;YACJ,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uCAAuC;YACvC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,WAAW,CACf,KAAa,EACb,YAA2B;QAE3B,2DAA2D;QAC3D,IAAI,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,gFAAgF;YAChF,MAAM,MAAM,GAAG,IAAI,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;YAClD,MAAM,QAAQ,GAAG,MAAM,CAAC,CAAC,CAAC,QAAQ,MAAM,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;YAElD,sCAAsC;YACtC,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAoB,QAAQ,CAAC,CAAC;gBACjE,IAAI,MAAM,EAAE,CAAC;oBACX,OAAO,MAAM,CAAC,IAAI,CAAC;gBACrB,CAAC;YACH,CAAC;YAED,qCAAqC;YACrC,MAAM,iBAAiB,GAAG,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YACnE,MAAM,qBAAqB,GAAiB,iBAAiB;gBAC3D,CAAC,CAAC,EAAE,GAAG,iBAAiB,EAAE,WAAW,EAAE,KAAK,EAAE;gBAC9C,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,QAAQ,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;YAEhD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC;YAExE,IAAI,MAAM,CAAC,IAAI,EAAE,aAAa,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACnD,MAAM,IAAI,GAAa;oBACrB,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBACvB,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ;oBACnC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK;iBAC9B,CAAC;gBAEF,qCAAqC;gBACrC,IAAI,QAAQ,EAAE,CAAC;oBACb,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAClB,QAAQ,EACR,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EAC/B,IAAI,CAAC,OAAO,CACb,CAAC;gBACJ,CAAC;gBAED,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uCAAuC;YACvC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,KAAa;QAC3B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;YAC9C,sEAAsE;YACtE,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACnC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,sEAAsE;YACtE,OAAO,CAAC,IAAI,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,cAAc,CAAC,KAAa;QAC1B,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;YAClD,IAAI,MAAM,EAAE,CAAC;gBACX,sEAAsE;gBACtE,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,MAAM,EAAE,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,sEAAsE;YACtE,OAAO,CAAC,IAAI,CAAC,6BAA6B,EAAE,KAAK,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,MAAM,CAAC,MAAyB;QACpC,MAAM,aAAa,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAEtC,IAAI,CAAC;YACH,mCAAmC;YACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAEzE,uCAAuC;YACvC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACnC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAElC,OAAO,QAAQ,CAAC;QAClB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,2EAA2E;YAC3E,IAAI,IAAA,iCAAY,EAAC,KAAK,EAAE,GAAG,CAAC,EAAE,CAAC;gBAC7B,OAAO,CAAC,IAAI,CAAC,mDAAmD,aAAa,GAAG,CAAC,CAAC;gBAClF,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACnC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAClC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,uCAAuC,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;YAClH,CAAC;YACD,IAAA,oCAAe,EAAC,KAAK,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,YAAY,CAChB,YAAoB,EACpB,YAA2B;QAE3B,MAAM,aAAa,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAEtC,IAAI,CAAC;YACH,mCAAmC;YACnC,MAAM,iBAAiB,GAAG,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YACnE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,YAAY,CACrD,EAAE,YAAY,EAAE,EAChB,iBAAiB,CAClB,CAAC;YAEF,+DAA+D;YAC/D,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAClB,OAAO;oBACL,OAAO,EAAE,QAAQ,CAAC,OAAO;oBACzB,WAAW,EAAE,QAAQ,CAAC,IAAI,CAAC,WAAW;oBACtC,YAAY,EAAE,QAAQ,CAAC,IAAI,CAAC,YAAY,IAAI,YAAY;oBACxD,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,SAAS;oBAClC,SAAS,EAAE,QAAQ,CAAC,SAAS;oBAC7B,SAAS,EAAE,QAAQ,CAAC,SAAS;iBAC9B,CAAC;YACJ,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAA,0CAAqB,EAAC,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;QAChF,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe,CACnB,KAAa,EACb,YAA2B;QAE3B,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;IACjD,CAAC;CACF;AA7cD,kCA6cC"}

package/dist/services/encryption.service.d.ts

@@ -20,13 +20,20 @@ export declare class EncryptionService {
     private apiClient;
     /** Parameter name validation regex (matches controller validation) */
     private static readonly PARAMETER_NAME_REGEX;
-    constructor(apiClient: ApiClient);
+    /** Encryption key for server-side validation */
+    private encryptionKey;
+    /**
+     * Create encryption service
+     * @param apiClient - API client for controller communication
+     * @param encryptionKey - Encryption key for server-side validation (from MISO_ENCRYPTION_KEY)
+     */
+    constructor(apiClient: ApiClient, encryptionKey?: string);
     /**
      * Encrypt a plaintext value and store as security parameter
      * @param plaintext - The value to encrypt (max 32KB)
      * @param parameterName - Name identifier (alphanumeric, dots, underscores, hyphens, 1-128 chars)
      * @returns Encrypt result with value reference and storage type
-     * @throws EncryptionError if parameter name is invalid or encryption fails
+     * @throws EncryptionError if encryption key is missing, parameter name is invalid, or encryption fails
      */
     encrypt(plaintext: string, parameterName: string): Promise<EncryptResult>;
     /**
@@ -34,9 +41,14 @@ export declare class EncryptionService {
      * @param value - Encrypted reference (kv:// or enc://v1:)
      * @param parameterName - Name identifier (must match encryption)
      * @returns Decrypted plaintext value
-     * @throws EncryptionError if parameter name is invalid or decryption fails
+     * @throws EncryptionError if encryption key is missing, parameter name is invalid, or decryption fails
      */
     decrypt(value: string, parameterName: string): Promise<string>;
+    /**
+     * Validate that encryption key is configured
+     * @throws EncryptionError if encryption key is not set
+     */
+    private validateEncryptionKey;
     /**
      * Validate parameter name against allowed pattern
      * @param name - Parameter name to validate

package/dist/services/encryption.service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"encryption.service.d.ts","sourceRoot":"","sources":["../../src/services/encryption.service.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AAGnC;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,8DAA8D;IAC9D,KAAK,EAAE,MAAM,CAAC;IACd,2BAA2B;IAC3B,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC;CAC/B;AAED;;;GAGG;AACH,qBAAa,iBAAiB;IAIhB,OAAO,CAAC,SAAS;IAH7B,sEAAsE;IACtE,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,oBAAoB,CAA6B;gBAErD,SAAS,EAAE,SAAS;IAExC;;;;;;OAMG;IACG,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAc/E;;;;;;OAMG;IACG,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAWpE;;;;OAIG;IACH,OAAO,CAAC,qBAAqB;CAS9B"}
+{"version":3,"file":"encryption.service.d.ts","sourceRoot":"","sources":["../../src/services/encryption.service.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AAGnC;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,8DAA8D;IAC9D,KAAK,EAAE,MAAM,CAAC;IACd,2BAA2B;IAC3B,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC;CAC/B;AAED;;;GAGG;AACH,qBAAa,iBAAiB;IAYhB,OAAO,CAAC,SAAS;IAX7B,sEAAsE;IACtE,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,oBAAoB,CAA6B;IAEzE,gDAAgD;IAChD,OAAO,CAAC,aAAa,CAAqB;IAE1C;;;;OAIG;gBACiB,SAAS,EAAE,SAAS,EAAE,aAAa,CAAC,EAAE,MAAM;IAIhE;;;;;;OAMG;IACG,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAgB/E;;;;;;OAMG;IACG,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAapE;;;OAGG;IACH,OAAO,CAAC,qBAAqB;IAS7B;;;;OAIG;IACH,OAAO,CAAC,qBAAqB;CAS9B"}

package/dist/services/encryption.service.js

@@ -11,21 +11,29 @@ const encryption_error_1 = require("../utils/encryption-error");
  * Provides encrypt/decrypt methods with client-side parameter validation
  */
 class EncryptionService {
-    constructor(apiClient) {
+    /**
+     * Create encryption service
+     * @param apiClient - API client for controller communication
+     * @param encryptionKey - Encryption key for server-side validation (from MISO_ENCRYPTION_KEY)
+     */
+    constructor(apiClient, encryptionKey) {
         this.apiClient = apiClient;
+        this.encryptionKey = encryptionKey;
     }
     /**
      * Encrypt a plaintext value and store as security parameter
      * @param plaintext - The value to encrypt (max 32KB)
      * @param parameterName - Name identifier (alphanumeric, dots, underscores, hyphens, 1-128 chars)
      * @returns Encrypt result with value reference and storage type
-     * @throws EncryptionError if parameter name is invalid or encryption fails
+     * @throws EncryptionError if encryption key is missing, parameter name is invalid, or encryption fails
      */
     async encrypt(plaintext, parameterName) {
+        this.validateEncryptionKey();
         this.validateParameterName(parameterName);
         const response = await this.apiClient.encryption.encrypt({
             plaintext,
             parameterName,
+            encryptionKey: this.encryptionKey,
         });
         return {
             value: response.value,
@@ -37,16 +45,27 @@ class EncryptionService {
      * @param value - Encrypted reference (kv:// or enc://v1:)
      * @param parameterName - Name identifier (must match encryption)
      * @returns Decrypted plaintext value
-     * @throws EncryptionError if parameter name is invalid or decryption fails
+     * @throws EncryptionError if encryption key is missing, parameter name is invalid, or decryption fails
      */
     async decrypt(value, parameterName) {
+        this.validateEncryptionKey();
         this.validateParameterName(parameterName);
         const response = await this.apiClient.encryption.decrypt({
             value,
             parameterName,
+            encryptionKey: this.encryptionKey,
         });
         return response.plaintext;
     }
+    /**
+     * Validate that encryption key is configured
+     * @throws EncryptionError if encryption key is not set
+     */
+    validateEncryptionKey() {
+        if (!this.encryptionKey) {
+            throw new encryption_error_1.EncryptionError('Encryption key is required. Set MISO_ENCRYPTION_KEY environment variable or provide encryptionKey in config.', 'ENCRYPTION_KEY_REQUIRED');
+        }
+    }
     /**
      * Validate parameter name against allowed pattern
      * @param name - Parameter name to validate

package/dist/services/encryption.service.js.map

@@ -1 +1 @@
-{"version":3,"file":"encryption.service.js","sourceRoot":"","sources":["../../src/services/encryption.service.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAGH,gEAA4D;AAY5D;;;GAGG;AACH,MAAa,iBAAiB;IAI5B,YAAoB,SAAoB;QAApB,cAAS,GAAT,SAAS,CAAW;IAAG,CAAC;IAE5C;;;;;;OAMG;IACH,KAAK,CAAC,OAAO,CAAC,SAAiB,EAAE,aAAqB;QACpD,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,CAAC;QAE1C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,OAAO,CAAC;YACvD,SAAS;YACT,aAAa;SACd,CAAC,CAAC;QAEH,OAAO;YACL,KAAK,EAAE,QAAQ,CAAC,KAAK;YACrB,OAAO,EAAE,QAAQ,CAAC,OAAO;SAC1B,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,OAAO,CAAC,KAAa,EAAE,aAAqB;QAChD,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,CAAC;QAE1C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,OAAO,CAAC;YACvD,KAAK;YACL,aAAa;SACd,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC,SAAS,CAAC;IAC5B,CAAC;IAED;;;;OAIG;IACK,qBAAqB,CAAC,IAAY;QACxC,IAAI,CAAC,iBAAiB,CAAC,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvD,MAAM,IAAI,kCAAe,CACvB,sGAAsG,EACtG,wBAAwB,EACxB,IAAI,CACL,CAAC;QACJ,CAAC;IACH,CAAC;;AA1DH,8CA2DC;AA1DC,sEAAsE;AAC9C,sCAAoB,GAAG,yBAAyB,CAAC"}
+{"version":3,"file":"encryption.service.js","sourceRoot":"","sources":["../../src/services/encryption.service.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAGH,gEAA4D;AAY5D;;;GAGG;AACH,MAAa,iBAAiB;IAO5B;;;;OAIG;IACH,YAAoB,SAAoB,EAAE,aAAsB;QAA5C,cAAS,GAAT,SAAS,CAAW;QACtC,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IACrC,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,OAAO,CAAC,SAAiB,EAAE,aAAqB;QACpD,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAC7B,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,CAAC;QAE1C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,OAAO,CAAC;YACvD,SAAS;YACT,aAAa;YACb,aAAa,EAAE,IAAI,CAAC,aAAc;SACnC,CAAC,CAAC;QAEH,OAAO;YACL,KAAK,EAAE,QAAQ,CAAC,KAAK;YACrB,OAAO,EAAE,QAAQ,CAAC,OAAO;SAC1B,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,OAAO,CAAC,KAAa,EAAE,aAAqB;QAChD,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAC7B,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,CAAC;QAE1C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,OAAO,CAAC;YACvD,KAAK;YACL,aAAa;YACb,aAAa,EAAE,IAAI,CAAC,aAAc;SACnC,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC,SAAS,CAAC;IAC5B,CAAC;IAED;;;OAGG;IACK,qBAAqB;QAC3B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,MAAM,IAAI,kCAAe,CACvB,8GAA8G,EAC9G,yBAAyB,CAC1B,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;OAIG;IACK,qBAAqB,CAAC,IAAY;QACxC,IAAI,CAAC,iBAAiB,CAAC,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvD,MAAM,IAAI,kCAAe,CACvB,sGAAsG,EACtG,wBAAwB,EACxB,IAAI,CACL,CAAC;QACJ,CAAC;IACH,CAAC;;AArFH,8CAsFC;AArFC,sEAAsE;AAC9C,sCAAoB,GAAG,yBAAyB,CAAC"}

package/dist/services/permission.service.d.ts

@@ -13,13 +13,20 @@ export declare class PermissionService {
     private permissionTTL;
     private applicationContextService;
     constructor(httpClient: HttpClient, apiClient: ApiClient, cache: CacheService);
+    /** Build auth strategy with bearer token */
+    private buildAuthStrategy;
+    /** Get environment query params from application context */
+    private getEnvironmentParams;
+    /** Get userId from token, validating via API if not in JWT */
+    private resolveUserId;
     /**
      * Get user permissions with caching
-     * Optimized to extract userId from token first to check cache before API call
      * @param token - User authentication token
      * @param authStrategy - Optional authentication strategy override
      */
     getPermissions(token: string, authStrategy?: AuthStrategy): Promise<string[]>;
+    /** Fetch permissions from controller API */
+    private fetchPermissionsFromController;
     /**
      * Check if user has specific permission
      * @param token - User authentication token

package/dist/services/permission.service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"permission.service.d.ts","sourceRoot":"","sources":["../../src/services/permission.service.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAEL,YAAY,EAEb,MAAM,uBAAuB,CAAC;AAS/B,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,SAAS,CAAY;IAC7B,OAAO,CAAC,KAAK,CAAe;IAC5B,OAAO,CAAC,MAAM,CAAmB;IACjC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,yBAAyB,CAA4B;gBAEjD,UAAU,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,YAAY;IAS7E;;;;;OAKG;IACG,cAAc,CAClB,KAAK,EAAE,MAAM,EACb,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,MAAM,EAAE,CAAC;IAiEpB;;;;;OAKG;IACG,aAAa,CACjB,KAAK,EAAE,MAAM,EACb,UAAU,EAAE,MAAM,EAClB,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,OAAO,CAAC;IAKnB;;;;;OAKG;IACG,gBAAgB,CACpB,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,MAAM,EAAE,EACrB,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,OAAO,CAAC;IAOnB;;;;;OAKG;IACG,iBAAiB,CACrB,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,MAAM,EAAE,EACrB,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,OAAO,CAAC;IAOnB;;;;OAIG;IACG,kBAAkB,CACtB,KAAK,EAAE,MAAM,EACb,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,MAAM,EAAE,CAAC;IA+CpB;;;;OAIG;IACG,qBAAqB,CACzB,KAAK,EAAE,MAAM,EACb,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,IAAI,CAAC;CA2BjB"}
+{"version":3,"file":"permission.service.d.ts","sourceRoot":"","sources":["../../src/services/permission.service.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAEL,YAAY,EAEb,MAAM,uBAAuB,CAAC;AAS/B,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,SAAS,CAAY;IAC7B,OAAO,CAAC,KAAK,CAAe;IAC5B,OAAO,CAAC,MAAM,CAAmB;IACjC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,yBAAyB,CAA4B;gBAEjD,UAAU,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,YAAY;IAS7E,4CAA4C;IAC5C,OAAO,CAAC,iBAAiB;IAKzB,4DAA4D;IAC5D,OAAO,CAAC,oBAAoB;IAK5B,8DAA8D;YAChD,aAAa;IAQ3B;;;;OAIG;IACG,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IA6BnF,4CAA4C;YAC9B,8BAA8B;IAO5C;;;;;OAKG;IACG,aAAa,CACjB,KAAK,EAAE,MAAM,EACb,UAAU,EAAE,MAAM,EAClB,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,OAAO,CAAC;IAKnB;;;;;OAKG;IACG,gBAAgB,CACpB,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,MAAM,EAAE,EACrB,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,OAAO,CAAC;IAOnB;;;;;OAKG;IACG,iBAAiB,CACrB,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,MAAM,EAAE,EACrB,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,OAAO,CAAC;IAOnB;;;;OAIG;IACG,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAqBvF;;;;OAIG;IACG,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;CAWvF"}