@atproto/jwk 0.4.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/keyset.d.ts CHANGED
@@ -1,15 +1,13 @@
1
- import { Jwks, JwksPub } from './jwks.js';
1
+ import { PrivateKeyUsage } from './jwk.js';
2
+ import { JwksPub } from './jwks.js';
2
3
  import { VerifyOptions, VerifyResult } from './jwt-verify.js';
3
4
  import { JwtHeader, JwtPayload, SignedJwt } from './jwt.js';
4
- import { Key } from './key.js';
5
- import { DeepReadonly, Override } from './util.js';
6
- export type JwtSignHeader = Override<JwtHeader, Pick<KeySearch, 'alg' | 'kid'>>;
5
+ import { ActivityCheckOptions, Key, KeyMatchOptions } from './key.js';
6
+ import { Override } from './util.js';
7
+ export type { ActivityCheckOptions, KeyMatchOptions };
8
+ export type FindKeyOptions = KeyMatchOptions & ActivityCheckOptions;
9
+ export type JwtSignHeader = Override<JwtHeader, Pick<FindKeyOptions, 'alg' | 'kid'>>;
7
10
  export type JwtPayloadGetter<P = JwtPayload> = (header: JwtHeader, key: Key) => P | PromiseLike<P>;
8
- export type KeySearch = {
9
- use?: 'sig' | 'enc';
10
- kid?: string | string[];
11
- alg?: string | string[];
12
- };
13
11
  export declare class Keyset<K extends Key = Key> implements Iterable<K> {
14
12
  /**
15
13
  * The preferred algorithms to use when signing a JWT using this keyset.
@@ -27,18 +25,387 @@ export declare class Keyset<K extends Key = Key> implements Iterable<K> {
27
25
  preferredSigningAlgorithms?: readonly string[]);
28
26
  get size(): number;
29
27
  get signAlgorithms(): readonly string[];
30
- get publicJwks(): DeepReadonly<JwksPub>;
31
- get privateJwks(): DeepReadonly<Jwks>;
28
+ get publicJwks(): Readonly<{
29
+ keys: readonly (Readonly<{
30
+ kty: "RSA";
31
+ n: string;
32
+ e: string;
33
+ alg?: "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | undefined;
34
+ kid?: string | undefined;
35
+ use?: "sig" | "enc" | undefined;
36
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
37
+ x5c?: string[] | undefined;
38
+ x5t?: string | undefined;
39
+ 'x5t#S256'?: string | undefined;
40
+ x5u?: string | undefined;
41
+ ext?: boolean | undefined;
42
+ iat?: number | undefined;
43
+ exp?: number | undefined;
44
+ nbf?: number | undefined;
45
+ revoked?: {
46
+ revoked_at: number;
47
+ reason?: string | undefined;
48
+ } | undefined;
49
+ d?: string | undefined;
50
+ p?: string | undefined;
51
+ q?: string | undefined;
52
+ dp?: string | undefined;
53
+ dq?: string | undefined;
54
+ qi?: string | undefined;
55
+ oth?: {
56
+ d?: string | undefined;
57
+ r?: string | undefined;
58
+ t?: string | undefined;
59
+ }[] | undefined;
60
+ } & {
61
+ kid: NonNullable<unknown>;
62
+ } & {
63
+ d?: never;
64
+ }> | Readonly<{
65
+ kty: "EC";
66
+ crv: "P-256" | "P-384" | "P-521";
67
+ x: string;
68
+ y: string;
69
+ alg?: "ES256" | "ES384" | "ES512" | undefined;
70
+ kid?: string | undefined;
71
+ use?: "sig" | "enc" | undefined;
72
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
73
+ x5c?: string[] | undefined;
74
+ x5t?: string | undefined;
75
+ 'x5t#S256'?: string | undefined;
76
+ x5u?: string | undefined;
77
+ ext?: boolean | undefined;
78
+ iat?: number | undefined;
79
+ exp?: number | undefined;
80
+ nbf?: number | undefined;
81
+ revoked?: {
82
+ revoked_at: number;
83
+ reason?: string | undefined;
84
+ } | undefined;
85
+ d?: string | undefined;
86
+ } & {
87
+ kid: NonNullable<unknown>;
88
+ } & {
89
+ d?: never;
90
+ }> | Readonly<{
91
+ kty: "EC";
92
+ crv: "secp256k1";
93
+ x: string;
94
+ y: string;
95
+ alg?: "ES256K" | undefined;
96
+ kid?: string | undefined;
97
+ use?: "sig" | "enc" | undefined;
98
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
99
+ x5c?: string[] | undefined;
100
+ x5t?: string | undefined;
101
+ 'x5t#S256'?: string | undefined;
102
+ x5u?: string | undefined;
103
+ ext?: boolean | undefined;
104
+ iat?: number | undefined;
105
+ exp?: number | undefined;
106
+ nbf?: number | undefined;
107
+ revoked?: {
108
+ revoked_at: number;
109
+ reason?: string | undefined;
110
+ } | undefined;
111
+ d?: string | undefined;
112
+ } & {
113
+ kid: NonNullable<unknown>;
114
+ } & {
115
+ d?: never;
116
+ }> | Readonly<{
117
+ kty: "OKP";
118
+ crv: "Ed25519" | "Ed448";
119
+ x: string;
120
+ alg?: "EdDSA" | undefined;
121
+ kid?: string | undefined;
122
+ use?: "sig" | "enc" | undefined;
123
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
124
+ x5c?: string[] | undefined;
125
+ x5t?: string | undefined;
126
+ 'x5t#S256'?: string | undefined;
127
+ x5u?: string | undefined;
128
+ ext?: boolean | undefined;
129
+ iat?: number | undefined;
130
+ exp?: number | undefined;
131
+ nbf?: number | undefined;
132
+ revoked?: {
133
+ revoked_at: number;
134
+ reason?: string | undefined;
135
+ } | undefined;
136
+ d?: string | undefined;
137
+ } & {
138
+ kid: NonNullable<unknown>;
139
+ } & {
140
+ d?: never;
141
+ }>)[];
142
+ }>;
143
+ get privateJwks(): Readonly<{
144
+ keys: readonly (Readonly<{
145
+ kty: "RSA";
146
+ n: string;
147
+ e: string;
148
+ alg?: "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | undefined;
149
+ kid?: string | undefined;
150
+ use?: "sig" | "enc" | undefined;
151
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
152
+ x5c?: string[] | undefined;
153
+ x5t?: string | undefined;
154
+ 'x5t#S256'?: string | undefined;
155
+ x5u?: string | undefined;
156
+ ext?: boolean | undefined;
157
+ iat?: number | undefined;
158
+ exp?: number | undefined;
159
+ nbf?: number | undefined;
160
+ revoked?: {
161
+ revoked_at: number;
162
+ reason?: string | undefined;
163
+ } | undefined;
164
+ d?: string | undefined;
165
+ p?: string | undefined;
166
+ q?: string | undefined;
167
+ dp?: string | undefined;
168
+ dq?: string | undefined;
169
+ qi?: string | undefined;
170
+ oth?: {
171
+ d?: string | undefined;
172
+ r?: string | undefined;
173
+ t?: string | undefined;
174
+ }[] | undefined;
175
+ } & {
176
+ d: NonNullable<unknown>;
177
+ }> | Readonly<{
178
+ kty: "EC";
179
+ crv: "P-256" | "P-384" | "P-521";
180
+ x: string;
181
+ y: string;
182
+ alg?: "ES256" | "ES384" | "ES512" | undefined;
183
+ kid?: string | undefined;
184
+ use?: "sig" | "enc" | undefined;
185
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
186
+ x5c?: string[] | undefined;
187
+ x5t?: string | undefined;
188
+ 'x5t#S256'?: string | undefined;
189
+ x5u?: string | undefined;
190
+ ext?: boolean | undefined;
191
+ iat?: number | undefined;
192
+ exp?: number | undefined;
193
+ nbf?: number | undefined;
194
+ revoked?: {
195
+ revoked_at: number;
196
+ reason?: string | undefined;
197
+ } | undefined;
198
+ d?: string | undefined;
199
+ } & {
200
+ d: NonNullable<unknown>;
201
+ }> | Readonly<{
202
+ kty: "EC";
203
+ crv: "secp256k1";
204
+ x: string;
205
+ y: string;
206
+ alg?: "ES256K" | undefined;
207
+ kid?: string | undefined;
208
+ use?: "sig" | "enc" | undefined;
209
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
210
+ x5c?: string[] | undefined;
211
+ x5t?: string | undefined;
212
+ 'x5t#S256'?: string | undefined;
213
+ x5u?: string | undefined;
214
+ ext?: boolean | undefined;
215
+ iat?: number | undefined;
216
+ exp?: number | undefined;
217
+ nbf?: number | undefined;
218
+ revoked?: {
219
+ revoked_at: number;
220
+ reason?: string | undefined;
221
+ } | undefined;
222
+ d?: string | undefined;
223
+ } & {
224
+ d: NonNullable<unknown>;
225
+ }> | Readonly<{
226
+ kty: "OKP";
227
+ crv: "Ed25519" | "Ed448";
228
+ x: string;
229
+ alg?: "EdDSA" | undefined;
230
+ kid?: string | undefined;
231
+ use?: "sig" | "enc" | undefined;
232
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
233
+ x5c?: string[] | undefined;
234
+ x5t?: string | undefined;
235
+ 'x5t#S256'?: string | undefined;
236
+ x5u?: string | undefined;
237
+ ext?: boolean | undefined;
238
+ iat?: number | undefined;
239
+ exp?: number | undefined;
240
+ nbf?: number | undefined;
241
+ revoked?: {
242
+ revoked_at: number;
243
+ reason?: string | undefined;
244
+ } | undefined;
245
+ d?: string | undefined;
246
+ } & {
247
+ d: NonNullable<unknown>;
248
+ }> | Readonly<{
249
+ kty: "oct";
250
+ k: string;
251
+ alg?: "HS256" | "HS384" | "HS512" | undefined;
252
+ kid?: string | undefined;
253
+ use?: "sig" | "enc" | undefined;
254
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
255
+ x5c?: string[] | undefined;
256
+ x5t?: string | undefined;
257
+ 'x5t#S256'?: string | undefined;
258
+ x5u?: string | undefined;
259
+ ext?: boolean | undefined;
260
+ iat?: number | undefined;
261
+ exp?: number | undefined;
262
+ nbf?: number | undefined;
263
+ revoked?: {
264
+ revoked_at: number;
265
+ reason?: string | undefined;
266
+ } | undefined;
267
+ } & {
268
+ d: NonNullable<unknown>;
269
+ }> | Readonly<{
270
+ kty: "RSA";
271
+ n: string;
272
+ e: string;
273
+ alg?: "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | undefined;
274
+ kid?: string | undefined;
275
+ use?: "sig" | "enc" | undefined;
276
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
277
+ x5c?: string[] | undefined;
278
+ x5t?: string | undefined;
279
+ 'x5t#S256'?: string | undefined;
280
+ x5u?: string | undefined;
281
+ ext?: boolean | undefined;
282
+ iat?: number | undefined;
283
+ exp?: number | undefined;
284
+ nbf?: number | undefined;
285
+ revoked?: {
286
+ revoked_at: number;
287
+ reason?: string | undefined;
288
+ } | undefined;
289
+ d?: string | undefined;
290
+ p?: string | undefined;
291
+ q?: string | undefined;
292
+ dp?: string | undefined;
293
+ dq?: string | undefined;
294
+ qi?: string | undefined;
295
+ oth?: {
296
+ d?: string | undefined;
297
+ r?: string | undefined;
298
+ t?: string | undefined;
299
+ }[] | undefined;
300
+ } & {
301
+ k: NonNullable<unknown>;
302
+ }> | Readonly<{
303
+ kty: "EC";
304
+ crv: "P-256" | "P-384" | "P-521";
305
+ x: string;
306
+ y: string;
307
+ alg?: "ES256" | "ES384" | "ES512" | undefined;
308
+ kid?: string | undefined;
309
+ use?: "sig" | "enc" | undefined;
310
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
311
+ x5c?: string[] | undefined;
312
+ x5t?: string | undefined;
313
+ 'x5t#S256'?: string | undefined;
314
+ x5u?: string | undefined;
315
+ ext?: boolean | undefined;
316
+ iat?: number | undefined;
317
+ exp?: number | undefined;
318
+ nbf?: number | undefined;
319
+ revoked?: {
320
+ revoked_at: number;
321
+ reason?: string | undefined;
322
+ } | undefined;
323
+ d?: string | undefined;
324
+ } & {
325
+ k: NonNullable<unknown>;
326
+ }> | Readonly<{
327
+ kty: "EC";
328
+ crv: "secp256k1";
329
+ x: string;
330
+ y: string;
331
+ alg?: "ES256K" | undefined;
332
+ kid?: string | undefined;
333
+ use?: "sig" | "enc" | undefined;
334
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
335
+ x5c?: string[] | undefined;
336
+ x5t?: string | undefined;
337
+ 'x5t#S256'?: string | undefined;
338
+ x5u?: string | undefined;
339
+ ext?: boolean | undefined;
340
+ iat?: number | undefined;
341
+ exp?: number | undefined;
342
+ nbf?: number | undefined;
343
+ revoked?: {
344
+ revoked_at: number;
345
+ reason?: string | undefined;
346
+ } | undefined;
347
+ d?: string | undefined;
348
+ } & {
349
+ k: NonNullable<unknown>;
350
+ }> | Readonly<{
351
+ kty: "OKP";
352
+ crv: "Ed25519" | "Ed448";
353
+ x: string;
354
+ alg?: "EdDSA" | undefined;
355
+ kid?: string | undefined;
356
+ use?: "sig" | "enc" | undefined;
357
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
358
+ x5c?: string[] | undefined;
359
+ x5t?: string | undefined;
360
+ 'x5t#S256'?: string | undefined;
361
+ x5u?: string | undefined;
362
+ ext?: boolean | undefined;
363
+ iat?: number | undefined;
364
+ exp?: number | undefined;
365
+ nbf?: number | undefined;
366
+ revoked?: {
367
+ revoked_at: number;
368
+ reason?: string | undefined;
369
+ } | undefined;
370
+ d?: string | undefined;
371
+ } & {
372
+ k: NonNullable<unknown>;
373
+ }> | Readonly<{
374
+ kty: "oct";
375
+ k: string;
376
+ alg?: "HS256" | "HS384" | "HS512" | undefined;
377
+ kid?: string | undefined;
378
+ use?: "sig" | "enc" | undefined;
379
+ key_ops?: ("verify" | "encrypt" | "wrapKey" | "sign" | "decrypt" | "unwrapKey" | "deriveKey" | "deriveBits")[] | undefined;
380
+ x5c?: string[] | undefined;
381
+ x5t?: string | undefined;
382
+ 'x5t#S256'?: string | undefined;
383
+ x5u?: string | undefined;
384
+ ext?: boolean | undefined;
385
+ iat?: number | undefined;
386
+ exp?: number | undefined;
387
+ nbf?: number | undefined;
388
+ revoked?: {
389
+ revoked_at: number;
390
+ reason?: string | undefined;
391
+ } | undefined;
392
+ } & {
393
+ k: NonNullable<unknown>;
394
+ }>)[];
395
+ }>;
32
396
  has(kid: string): boolean;
33
- get(search: KeySearch): K;
34
- list(search: KeySearch): Generator<K>;
35
- findPrivateKey({ kid, alg, use }: KeySearch): {
397
+ get(options: FindKeyOptions): K;
398
+ find(options: FindKeyOptions): K | undefined;
399
+ list<O extends FindKeyOptions>(options: O): Generator<K, void, unknown>;
400
+ findPrivateKey({ kid, alg, usage, ...options }: FindKeyOptions & {
401
+ usage: PrivateKeyUsage;
402
+ }): {
36
403
  key: Key;
37
404
  alg: string;
38
405
  };
39
406
  [Symbol.iterator](): IterableIterator<K>;
40
407
  createJwt({ alg: sAlg, kid: sKid, ...header }: JwtSignHeader, payload: JwtPayload | JwtPayloadGetter): Promise<SignedJwt>;
41
- verifyJwt<C extends string = never>(token: SignedJwt, options?: VerifyOptions<C>): Promise<VerifyResult<C> & {
408
+ verifyJwt<C extends string = never>(token: SignedJwt, options?: ActivityCheckOptions & VerifyOptions<C>): Promise<VerifyResult<C> & {
42
409
  key: K;
43
410
  }>;
44
411
  toJSON(): JwksPub;
@@ -1 +1 @@
1
- {"version":3,"file":"keyset.d.ts","sourceRoot":"","sources":["../src/keyset.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AAEzC,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAC7D,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AAC3D,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAA;AAC9B,OAAO,EACL,YAAY,EACZ,QAAQ,EAMT,MAAM,WAAW,CAAA;AAElB,MAAM,MAAM,aAAa,GAAG,QAAQ,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,KAAK,GAAG,KAAK,CAAC,CAAC,CAAA;AAE/E,MAAM,MAAM,gBAAgB,CAAC,CAAC,GAAG,UAAU,IAAI,CAC7C,MAAM,EAAE,SAAS,EACjB,GAAG,EAAE,GAAG,KACL,CAAC,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;AAEvB,MAAM,MAAM,SAAS,GAAG;IACtB,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAA;IACnB,GAAG,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;IACvB,GAAG,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;CACxB,CAAA;AAKD,qBAAa,MAAM,CAAC,CAAC,SAAS,GAAG,GAAG,GAAG,CAAE,YAAW,QAAQ,CAAC,CAAC,CAAC;IAK3D;;;;OAIG;aACa,0BAA0B,EAAE,SAAS,MAAM,EAAE;IAT/D,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAc;gBAGjC,QAAQ,EAAE,QAAQ,CAAC,CAAC,GAAG,IAAI,GAAG,SAAS,GAAG,KAAK,CAAC;IAChD;;;;OAIG;IACa,0BAA0B,GAAE,SAAS,MAAM,EAetD;IAmBP,IAAI,IAAI,IAAI,MAAM,CAEjB;IAED,IACI,cAAc,IAAI,SAAS,MAAM,EAAE,CAWtC;IAED,IACI,UAAU,IAAI,YAAY,CAAC,OAAO,CAAC,CAItC;IAED,IACI,WAAW,IAAI,YAAY,CAAC,IAAI,CAAC,CAIpC;IAED,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;IAIzB,GAAG,CAAC,MAAM,EAAE,SAAS,GAAG,CAAC;IAWxB,IAAI,CAAC,MAAM,EAAE,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC;IAwBtC,cAAc,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,SAAS,GAAG;QAAE,GAAG,EAAE,GAAG,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE;IAwCvE,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,gBAAgB,CAAC,CAAC,CAAC;IAIlC,SAAS,CACb,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,MAAM,EAAE,EAAE,aAAa,EAClD,OAAO,EAAE,UAAU,GAAG,gBAAgB,GACrC,OAAO,CAAC,SAAS,CAAC;IAmBf,SAAS,CAAC,CAAC,SAAS,MAAM,GAAG,KAAK,EACtC,KAAK,EAAE,SAAS,EAChB,OAAO,CAAC,EAAE,aAAa,CAAC,CAAC,CAAC,GACzB,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,GAAG;QAAE,GAAG,EAAE,CAAC,CAAA;KAAE,CAAC;IAyBxC,MAAM,IAAI,OAAO;CAIlB"}
1
+ {"version":3,"file":"keyset.d.ts","sourceRoot":"","sources":["../src/keyset.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAA;AAC1C,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AAEnC,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAC7D,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AAC3D,OAAO,EAAE,oBAAoB,EAAE,GAAG,EAAE,eAAe,EAAE,MAAM,UAAU,CAAA;AACrE,OAAO,EACL,QAAQ,EAKT,MAAM,WAAW,CAAA;AAElB,YAAY,EAAE,oBAAoB,EAAE,eAAe,EAAE,CAAA;AACrD,MAAM,MAAM,cAAc,GAAG,eAAe,GAAG,oBAAoB,CAAA;AAEnE,MAAM,MAAM,aAAa,GAAG,QAAQ,CAClC,SAAS,EACT,IAAI,CAAC,cAAc,EAAE,KAAK,GAAG,KAAK,CAAC,CACpC,CAAA;AAED,MAAM,MAAM,gBAAgB,CAAC,CAAC,GAAG,UAAU,IAAI,CAC7C,MAAM,EAAE,SAAS,EACjB,GAAG,EAAE,GAAG,KACL,CAAC,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;AAKvB,qBAAa,MAAM,CAAC,CAAC,SAAS,GAAG,GAAG,GAAG,CAAE,YAAW,QAAQ,CAAC,CAAC,CAAC;IAK3D;;;;OAIG;aACa,0BAA0B,EAAE,SAAS,MAAM,EAAE;IAT/D,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAc;gBAGjC,QAAQ,EAAE,QAAQ,CAAC,CAAC,GAAG,IAAI,GAAG,SAAS,GAAG,KAAK,CAAC;IAChD;;;;OAIG;IACa,0BAA0B,GAAE,SAAS,MAAM,EAetD;IAmBP,IAAI,IAAI,IAAI,MAAM,CAEjB;IAED,IACI,cAAc,IAAI,SAAS,MAAM,EAAE,CAWtC;IAED,IACI,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAIb;IAED,IACI,WAAW;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAMd;IAED,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;IAIzB,GAAG,CAAC,OAAO,EAAE,cAAc,GAAG,CAAC;IAU/B,IAAI,CAAC,OAAO,EAAE,cAAc,GAAG,CAAC,GAAG,SAAS;IAQ3C,IAAI,CAAC,CAAC,SAAS,cAAc,EAAE,OAAO,EAAE,CAAC;IAQ1C,cAAc,CAAC,EACb,GAAG,EACH,GAAG,EACH,KAAK,EACL,GAAG,OAAO,EACX,EAAE,cAAc,GAAG;QAAE,KAAK,EAAE,eAAe,CAAA;KAAE,GAAG;QAC/C,GAAG,EAAE,GAAG,CAAA;QACR,GAAG,EAAE,MAAM,CAAA;KACZ;IAwCD,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,gBAAgB,CAAC,CAAC,CAAC;IAIlC,SAAS,CACb,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,MAAM,EAAE,EAAE,aAAa,EAClD,OAAO,EAAE,UAAU,GAAG,gBAAgB,GACrC,OAAO,CAAC,SAAS,CAAC;IAoBf,SAAS,CAAC,CAAC,SAAS,MAAM,GAAG,KAAK,EACtC,KAAK,EAAE,SAAS,EAChB,OAAO,CAAC,EAAE,oBAAoB,GAAG,aAAa,CAAC,CAAC,CAAC,GAChD,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,GAAG;QAAE,GAAG,EAAE,CAAC,CAAA;KAAE,CAAC;IAyBxC,MAAM,IAEuC,OAAO;CAErD"}
package/dist/keyset.js CHANGED
@@ -82,16 +82,16 @@ let Keyset = (() => {
82
82
  value: void 0
83
83
  });
84
84
  const keys = [];
85
- const kids = new Set();
85
+ const keyIds = new Set();
86
86
  for (const key of iterable) {
87
87
  if (!key)
88
88
  continue;
89
89
  keys.push(key);
90
90
  if (key.kid) {
91
- if (kids.has(key.kid))
91
+ if (keyIds.has(key.kid))
92
92
  throw new errors_js_1.JwkError(`Duplicate key: ${key.kid}`);
93
93
  else
94
- kids.add(key.kid);
94
+ keyIds.add(key.kid);
95
95
  }
96
96
  }
97
97
  this.keys = Object.freeze(keys);
@@ -111,59 +111,44 @@ let Keyset = (() => {
111
111
  return Object.freeze([...algorithms].sort((0, util_js_1.preferredOrderCmp)(this.preferredSigningAlgorithms)));
112
112
  }
113
113
  get publicJwks() {
114
- return {
115
- keys: Array.from(this, extractPublicJwk).filter(util_js_1.isDefined),
116
- };
114
+ return Object.freeze({
115
+ keys: Object.freeze(Array.from(this, extractPublicJwk).filter(util_js_1.isDefined)),
116
+ });
117
117
  }
118
118
  get privateJwks() {
119
- return {
120
- keys: Array.from(this, extractPrivateJwk).filter(util_js_1.isDefined),
121
- };
119
+ return Object.freeze({
120
+ keys: Object.freeze(Array.from(this, extractPrivateJwk).filter(util_js_1.isDefined)),
121
+ });
122
122
  }
123
123
  has(kid) {
124
124
  return this.keys.some((key) => key.kid === kid);
125
125
  }
126
- get(search) {
127
- for (const key of this.list(search)) {
126
+ get(options) {
127
+ const key = this.find(options);
128
+ if (key)
129
+ return key;
130
+ throw new errors_js_1.JwkError(`Key not found ${options.kid ?? options.alg ?? options.usage ?? '<unknown>'}`, errors_js_1.ERR_JWK_NOT_FOUND);
131
+ }
132
+ find(options) {
133
+ for (const key of this.list(options)) {
128
134
  return key;
129
135
  }
130
- throw new errors_js_1.JwkError(`Key not found ${search.kid || search.alg || '<unknown>'}`, errors_js_1.ERR_JWK_NOT_FOUND);
136
+ return undefined;
131
137
  }
132
- *list(search) {
133
- // Optimization: Empty string or empty array will not match any key
134
- if (search.kid?.length === 0)
135
- return;
136
- if (search.alg?.length === 0)
137
- return;
138
+ *list(options) {
138
139
  for (const key of this) {
139
- if (search.use && key.use !== search.use)
140
- continue;
141
- if (Array.isArray(search.kid)) {
142
- if (!key.kid || !search.kid.includes(key.kid))
143
- continue;
140
+ if (key.isActive(options) && key.matches(options)) {
141
+ yield key;
144
142
  }
145
- else if (search.kid) {
146
- if (key.kid !== search.kid)
147
- continue;
148
- }
149
- if (Array.isArray(search.alg)) {
150
- if (!search.alg.some((a) => key.algorithms.includes(a)))
151
- continue;
152
- }
153
- else if (typeof search.alg === 'string') {
154
- if (!key.algorithms.includes(search.alg))
155
- continue;
156
- }
157
- yield key;
158
143
  }
159
144
  }
160
- findPrivateKey({ kid, alg, use }) {
145
+ findPrivateKey({ kid, alg, usage, ...options }) {
161
146
  const matchingKeys = [];
162
- for (const key of this.list({ kid, alg, use })) {
163
- // Not a private key
164
- if (!key.isPrivate)
165
- continue;
166
- // Skip negotiation if a specific "alg" was provided
147
+ // Allow the loop bellow to return early when a single "alg" is provided
148
+ if (Array.isArray(alg) && alg.length === 1)
149
+ alg = alg[0];
150
+ for (const key of this.list({ ...options, kid, alg, usage })) {
151
+ // Skip negotiation if a single "alg" was provided
167
152
  if (typeof alg === 'string')
168
153
  return { key, alg };
169
154
  matchingKeys.push(key);
@@ -184,7 +169,7 @@ let Keyset = (() => {
184
169
  return { key: matchingKey, alg };
185
170
  }
186
171
  }
187
- throw new errors_js_1.JwkError(`No private key found for ${kid || alg || use || '<unknown>'}`, errors_js_1.ERR_JWK_NOT_FOUND);
172
+ throw new errors_js_1.JwkError(`No private key found for ${kid || alg || usage}`, errors_js_1.ERR_JWK_NOT_FOUND);
188
173
  }
189
174
  [(_get_signAlgorithms_decorators = [util_js_1.cachedGetter], _get_publicJwks_decorators = [util_js_1.cachedGetter], _get_privateJwks_decorators = [util_js_1.cachedGetter], Symbol.iterator)]() {
190
175
  return this.keys.values();
@@ -194,7 +179,8 @@ let Keyset = (() => {
194
179
  const { key, alg } = this.findPrivateKey({
195
180
  alg: sAlg,
196
181
  kid: sKid,
197
- use: 'sig',
182
+ usage: 'sign',
183
+ allowRevoked: false, // For explicitness (default value is false)
198
184
  });
199
185
  const protectedHeader = { ...header, alg, kid: key.kid };
200
186
  if (typeof payload === 'function') {
@@ -210,7 +196,7 @@ let Keyset = (() => {
210
196
  const { header } = (0, jwt_decode_js_1.unsafeDecodeJwt)(token);
211
197
  const { kid, alg } = header;
212
198
  const errors = [];
213
- for (const key of this.list({ kid, alg })) {
199
+ for (const key of this.list({ ...options, kid, alg, usage: 'verify' })) {
214
200
  try {
215
201
  const result = await key.verifyJwt(token, options);
216
202
  return { ...result, key };
@@ -229,7 +215,7 @@ let Keyset = (() => {
229
215
  }
230
216
  }
231
217
  toJSON() {
232
- // Make a copy to prevent mutation of the original keyset
218
+ // Make a copy to allow mutation of the result
233
219
  return structuredClone(this.publicJwks);
234
220
  }
235
221
  },
@@ -1 +1 @@
1
- {"version":3,"file":"keyset.js","sourceRoot":"","sources":["../src/keyset.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAOoB;AAGpB,mDAAiD;AAIjD,uCAQkB;AAelB,MAAM,iBAAiB,GAAG,CAAC,GAAQ,EAAmB,EAAE,CAAC,GAAG,CAAC,UAAU,CAAA;AACvE,MAAM,gBAAgB,GAAG,CAAC,GAAQ,EAAmB,EAAE,CAAC,GAAG,CAAC,SAAS,CAAA;IAExD,MAAM;;;;;;sBAAN,MAAM;YAGjB,YACE,QAAgD;YAChD;;;;eAIG;YACa,6BAAgD,QAAQ;gBACxE,EAAM;gBACJ,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,0BAA0B,CAAC;gBAC1C,CAAC,CAAC;oBACE,mCAAmC;oBACnC,OAAO;oBACP,QAAQ;oBACR,OAAO;oBACP,4DAA4D;oBAC5D,OAAO;oBACP,OAAO;oBACP,OAAO;oBACP,OAAO;oBACP,OAAO;oBACP,OAAO;iBACR;gBAfL;;;;4BAVS,mDAAM,EAUC,0BAA0B;mBAerC;gBAxBU;;;;;mBAAkB;gBA0BjC,MAAM,IAAI,GAAQ,EAAE,CAAA;gBAEpB,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAA;gBAC9B,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;oBAC3B,IAAI,CAAC,GAAG;wBAAE,SAAQ;oBAElB,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;oBAEd,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC;wBACZ,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC;4BAAE,MAAM,IAAI,oBAAQ,CAAC,kBAAkB,GAAG,CAAC,GAAG,EAAE,CAAC,CAAA;;4BACjE,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;oBACxB,CAAC;gBACH,CAAC;gBAED,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;YACjC,CAAC;YAED,IAAI,IAAI;gBACN,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAA;YACzB,CAAC;YAGD,IAAI,cAAc;gBAChB,MAAM,UAAU,GAAG,IAAI,GAAG,EAAU,CAAA;gBACpC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;oBACvB,IAAI,GAAG,CAAC,GAAG,KAAK,KAAK;wBAAE,SAAQ;oBAC/B,KAAK,MAAM,GAAG,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;wBACjC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;oBACrB,CAAC;gBACH,CAAC;gBACD,OAAO,MAAM,CAAC,MAAM,CAClB,CAAC,GAAG,UAAU,CAAC,CAAC,IAAI,CAAC,IAAA,2BAAiB,EAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,CACzE,CAAA;YACH,CAAC;YAGD,IAAI,UAAU;gBACZ,OAAO;oBACL,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC,MAAM,CAAC,mBAAS,CAAC;iBAC3D,CAAA;YACH,CAAC;YAGD,IAAI,WAAW;gBACb,OAAO;oBACL,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC,MAAM,CAAC,mBAAS,CAAC;iBAC5D,CAAA;YACH,CAAC;YAED,GAAG,CAAC,GAAW;gBACb,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,GAAG,CAAC,CAAA;YACjD,CAAC;YAED,GAAG,CAAC,MAAiB;gBACnB,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBACpC,OAAO,GAAG,CAAA;gBACZ,CAAC;gBAED,MAAM,IAAI,oBAAQ,CAChB,iBAAiB,MAAM,CAAC,GAAG,IAAI,MAAM,CAAC,GAAG,IAAI,WAAW,EAAE,EAC1D,6BAAiB,CAClB,CAAA;YACH,CAAC;YAED,CAAC,IAAI,CAAC,MAAiB;gBACrB,mEAAmE;gBACnE,IAAI,MAAM,CAAC,GAAG,EAAE,MAAM,KAAK,CAAC;oBAAE,OAAM;gBACpC,IAAI,MAAM,CAAC,GAAG,EAAE,MAAM,KAAK,CAAC;oBAAE,OAAM;gBAEpC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;oBACvB,IAAI,MAAM,CAAC,GAAG,IAAI,GAAG,CAAC,GAAG,KAAK,MAAM,CAAC,GAAG;wBAAE,SAAQ;oBAElD,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;wBAC9B,IAAI,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC;4BAAE,SAAQ;oBACzD,CAAC;yBAAM,IAAI,MAAM,CAAC,GAAG,EAAE,CAAC;wBACtB,IAAI,GAAG,CAAC,GAAG,KAAK,MAAM,CAAC,GAAG;4BAAE,SAAQ;oBACtC,CAAC;oBAED,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;wBAC9B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;4BAAE,SAAQ;oBACnE,CAAC;yBAAM,IAAI,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;wBAC1C,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC;4BAAE,SAAQ;oBACpD,CAAC;oBAED,MAAM,GAAG,CAAA;gBACX,CAAC;YACH,CAAC;YAED,cAAc,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAa;gBACzC,MAAM,YAAY,GAAU,EAAE,CAAA;gBAE9B,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;oBAC/C,oBAAoB;oBACpB,IAAI,CAAC,GAAG,CAAC,SAAS;wBAAE,SAAQ;oBAE5B,oDAAoD;oBACpD,IAAI,OAAO,GAAG,KAAK,QAAQ;wBAAE,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,CAAA;oBAEhD,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;gBACxB,CAAC;gBAED,MAAM,YAAY,GAAG,IAAA,oBAAU,EAAC,GAAG,CAAC,CAAA;gBACpC,MAAM,UAAU,GAAG,YAAY,CAAC,GAAG,CACjC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAU,CAC7D,CAAA;gBAED,oEAAoE;gBACpE,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,0BAA0B,EAAE,CAAC;oBACtD,KAAK,MAAM,CAAC,WAAW,EAAE,YAAY,CAAC,IAAI,UAAU,EAAE,CAAC;wBACrD,IAAI,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;4BACnC,OAAO,EAAE,GAAG,EAAE,WAAW,EAAE,GAAG,EAAE,OAAO,EAAE,CAAA;wBAC3C,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,uBAAuB;gBACvB,KAAK,MAAM,CAAC,WAAW,EAAE,YAAY,CAAC,IAAI,UAAU,EAAE,CAAC;oBACrD,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;wBAC/B,OAAO,EAAE,GAAG,EAAE,WAAW,EAAE,GAAG,EAAE,CAAA;oBAClC,CAAC;gBACH,CAAC;gBAED,MAAM,IAAI,oBAAQ,CAChB,4BAA4B,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,WAAW,EAAE,EAC9D,6BAAiB,CAClB,CAAA;YACH,CAAC;YAED,oCA3GC,sBAAY,iCAcZ,sBAAY,kCAOZ,sBAAY,GAsFZ,MAAM,CAAC,QAAQ,EAAC;gBACf,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAA;YAC3B,CAAC;YAED,KAAK,CAAC,SAAS,CACb,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,MAAM,EAAiB,EAClD,OAAsC;gBAEtC,IAAI,CAAC;oBACH,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,cAAc,CAAC;wBACvC,GAAG,EAAE,IAAI;wBACT,GAAG,EAAE,IAAI;wBACT,GAAG,EAAE,KAAK;qBACX,CAAC,CAAA;oBACF,MAAM,eAAe,GAAG,EAAE,GAAG,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAA;oBAExD,IAAI,OAAO,OAAO,KAAK,UAAU,EAAE,CAAC;wBAClC,OAAO,GAAG,MAAM,OAAO,CAAC,eAAe,EAAE,GAAG,CAAC,CAAA;oBAC/C,CAAC;oBAED,OAAO,MAAM,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,OAAO,CAAC,CAAA;gBACtD,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,MAAM,0BAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;gBAChC,CAAC;YACH,CAAC;YAED,KAAK,CAAC,SAAS,CACb,KAAgB,EAChB,OAA0B;gBAE1B,MAAM,EAAE,MAAM,EAAE,GAAG,IAAA,+BAAe,EAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,MAAM,CAAA;gBAE3B,MAAM,MAAM,GAAc,EAAE,CAAA;gBAE5B,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;oBAC1C,IAAI,CAAC;wBACH,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,SAAS,CAAI,KAAK,EAAE,OAAO,CAAC,CAAA;wBACrD,OAAO,EAAE,GAAG,MAAM,EAAE,GAAG,EAAE,CAAA;oBAC3B,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;oBAClB,CAAC;gBACH,CAAC;gBAED,QAAQ,MAAM,CAAC,MAAM,EAAE,CAAC;oBACtB,KAAK,CAAC;wBACJ,MAAM,IAAI,0BAAc,CAAC,gBAAgB,EAAE,oCAAwB,CAAC,CAAA;oBACtE,KAAK,CAAC;wBACJ,MAAM,0BAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,2BAAe,CAAC,CAAA;oBACvD;wBACE,MAAM,0BAAc,CAAC,IAAI,CAAC,MAAM,EAAE,2BAAe,CAAC,CAAA;gBACtD,CAAC;YACH,CAAC;YAED,MAAM;gBACJ,yDAAyD;gBACzD,OAAO,eAAe,CAAC,IAAI,CAAC,UAAU,CAAwB,CAAA;YAChE,CAAC;;;;YAnKD,+LAAI,cAAc,6DAWjB;YAGD,mLAAI,UAAU,6DAIb;YAGD,sLAAI,WAAW,6DAId;;;;;AA1EU,wBAAM"}
1
+ {"version":3,"file":"keyset.js","sourceRoot":"","sources":["../src/keyset.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAOoB;AAGpB,mDAAiD;AAIjD,uCAMkB;AAelB,MAAM,iBAAiB,GAAG,CAAC,GAAQ,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAA;AACtD,MAAM,gBAAgB,GAAG,CAAC,GAAQ,EAAE,EAAE,CAAC,GAAG,CAAC,SAAS,CAAA;IAEvC,MAAM;;;;;;sBAAN,MAAM;YAGjB,YACE,QAAgD;YAChD;;;;eAIG;YACa,6BAAgD,QAAQ;gBACxE,EAAM;gBACJ,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,0BAA0B,CAAC;gBAC1C,CAAC,CAAC;oBACE,mCAAmC;oBACnC,OAAO;oBACP,QAAQ;oBACR,OAAO;oBACP,4DAA4D;oBAC5D,OAAO;oBACP,OAAO;oBACP,OAAO;oBACP,OAAO;oBACP,OAAO;oBACP,OAAO;iBACR;gBAfL;;;;4BAVS,mDAAM,EAUC,0BAA0B;mBAerC;gBAxBU;;;;;mBAAkB;gBA0BjC,MAAM,IAAI,GAAQ,EAAE,CAAA;gBAEpB,MAAM,MAAM,GAAG,IAAI,GAAG,EAAU,CAAA;gBAChC,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;oBAC3B,IAAI,CAAC,GAAG;wBAAE,SAAQ;oBAElB,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;oBAEd,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC;wBACZ,IAAI,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC;4BAAE,MAAM,IAAI,oBAAQ,CAAC,kBAAkB,GAAG,CAAC,GAAG,EAAE,CAAC,CAAA;;4BACnE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;oBAC1B,CAAC;gBACH,CAAC;gBAED,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;YACjC,CAAC;YAED,IAAI,IAAI;gBACN,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAA;YACzB,CAAC;YAGD,IAAI,cAAc;gBAChB,MAAM,UAAU,GAAG,IAAI,GAAG,EAAU,CAAA;gBACpC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;oBACvB,IAAI,GAAG,CAAC,GAAG,KAAK,KAAK;wBAAE,SAAQ;oBAC/B,KAAK,MAAM,GAAG,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;wBACjC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;oBACrB,CAAC;gBACH,CAAC;gBACD,OAAO,MAAM,CAAC,MAAM,CAClB,CAAC,GAAG,UAAU,CAAC,CAAC,IAAI,CAAC,IAAA,2BAAiB,EAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,CACzE,CAAA;YACH,CAAC;YAGD,IAAI,UAAU;gBACZ,OAAO,MAAM,CAAC,MAAM,CAAC;oBACnB,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC,MAAM,CAAC,mBAAS,CAAC,CAAC;iBAC1E,CAAC,CAAA;YACJ,CAAC;YAGD,IAAI,WAAW;gBACb,OAAO,MAAM,CAAC,MAAM,CAAC;oBACnB,IAAI,EAAE,MAAM,CAAC,MAAM,CACjB,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC,MAAM,CAAC,mBAAS,CAAC,CACtD;iBACF,CAAC,CAAA;YACJ,CAAC;YAED,GAAG,CAAC,GAAW;gBACb,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,GAAG,CAAC,CAAA;YACjD,CAAC;YAED,GAAG,CAAC,OAAuB;gBACzB,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;gBAC9B,IAAI,GAAG;oBAAE,OAAO,GAAG,CAAA;gBAEnB,MAAM,IAAI,oBAAQ,CAChB,iBAAiB,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,KAAK,IAAI,WAAW,EAAE,EAC7E,6BAAiB,CAClB,CAAA;YACH,CAAC;YAED,IAAI,CAAC,OAAuB;gBAC1B,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBACrC,OAAO,GAAG,CAAA;gBACZ,CAAC;gBAED,OAAO,SAAS,CAAA;YAClB,CAAC;YAED,CAAC,IAAI,CAA2B,OAAU;gBACxC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;oBACvB,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;wBAClD,MAAM,GAAG,CAAA;oBACX,CAAC;gBACH,CAAC;YACH,CAAC;YAED,cAAc,CAAC,EACb,GAAG,EACH,GAAG,EACH,KAAK,EACL,GAAG,OAAO,EACkC;gBAI5C,MAAM,YAAY,GAAU,EAAE,CAAA;gBAE9B,wEAAwE;gBACxE,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;oBAAE,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,CAAA;gBAExD,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;oBAC7D,kDAAkD;oBAClD,IAAI,OAAO,GAAG,KAAK,QAAQ;wBAAE,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,CAAA;oBAEhD,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;gBACxB,CAAC;gBAED,MAAM,YAAY,GAAG,IAAA,oBAAU,EAAC,GAAG,CAAC,CAAA;gBACpC,MAAM,UAAU,GAAG,YAAY,CAAC,GAAG,CACjC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAU,CAC7D,CAAA;gBAED,oEAAoE;gBACpE,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,0BAA0B,EAAE,CAAC;oBACtD,KAAK,MAAM,CAAC,WAAW,EAAE,YAAY,CAAC,IAAI,UAAU,EAAE,CAAC;wBACrD,IAAI,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;4BACnC,OAAO,EAAE,GAAG,EAAE,WAAW,EAAE,GAAG,EAAE,OAAO,EAAE,CAAA;wBAC3C,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,uBAAuB;gBACvB,KAAK,MAAM,CAAC,WAAW,EAAE,YAAY,CAAC,IAAI,UAAU,EAAE,CAAC;oBACrD,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;wBAC/B,OAAO,EAAE,GAAG,EAAE,WAAW,EAAE,GAAG,EAAE,CAAA;oBAClC,CAAC;gBACH,CAAC;gBAED,MAAM,IAAI,oBAAQ,CAChB,4BAA4B,GAAG,IAAI,GAAG,IAAI,KAAK,EAAE,EACjD,6BAAiB,CAClB,CAAA;YACH,CAAC;YAED,oCA5GC,sBAAY,iCAcZ,sBAAY,kCAOZ,sBAAY,GAuFZ,MAAM,CAAC,QAAQ,EAAC;gBACf,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAA;YAC3B,CAAC;YAED,KAAK,CAAC,SAAS,CACb,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,MAAM,EAAiB,EAClD,OAAsC;gBAEtC,IAAI,CAAC;oBACH,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,cAAc,CAAC;wBACvC,GAAG,EAAE,IAAI;wBACT,GAAG,EAAE,IAAI;wBACT,KAAK,EAAE,MAAM;wBACb,YAAY,EAAE,KAAK,EAAE,4CAA4C;qBAClE,CAAC,CAAA;oBACF,MAAM,eAAe,GAAG,EAAE,GAAG,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAA;oBAExD,IAAI,OAAO,OAAO,KAAK,UAAU,EAAE,CAAC;wBAClC,OAAO,GAAG,MAAM,OAAO,CAAC,eAAe,EAAE,GAAG,CAAC,CAAA;oBAC/C,CAAC;oBAED,OAAO,MAAM,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,OAAO,CAAC,CAAA;gBACtD,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,MAAM,0BAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;gBAChC,CAAC;YACH,CAAC;YAED,KAAK,CAAC,SAAS,CACb,KAAgB,EAChB,OAAiD;gBAEjD,MAAM,EAAE,MAAM,EAAE,GAAG,IAAA,+BAAe,EAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,MAAM,CAAA;gBAE3B,MAAM,MAAM,GAAc,EAAE,CAAA;gBAE5B,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;oBACvE,IAAI,CAAC;wBACH,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,SAAS,CAAI,KAAK,EAAE,OAAO,CAAC,CAAA;wBACrD,OAAO,EAAE,GAAG,MAAM,EAAE,GAAG,EAAE,CAAA;oBAC3B,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;oBAClB,CAAC;gBACH,CAAC;gBAED,QAAQ,MAAM,CAAC,MAAM,EAAE,CAAC;oBACtB,KAAK,CAAC;wBACJ,MAAM,IAAI,0BAAc,CAAC,gBAAgB,EAAE,oCAAwB,CAAC,CAAA;oBACtE,KAAK,CAAC;wBACJ,MAAM,0BAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,2BAAe,CAAC,CAAA;oBACvD;wBACE,MAAM,0BAAc,CAAC,IAAI,CAAC,MAAM,EAAE,2BAAe,CAAC,CAAA;gBACtD,CAAC;YACH,CAAC;YAED,MAAM;gBACJ,8CAA8C;gBAC9C,OAAO,eAAe,CAAC,IAAI,CAAC,UAAU,CAAY,CAAA;YACpD,CAAC;;;;YArKD,+LAAI,cAAc,6DAWjB;YAGD,mLAAI,UAAU,6DAIb;YAGD,sLAAI,WAAW,6DAMd;;;;;AA5EU,wBAAM","sourcesContent":["import {\n ERR_JWKS_NO_MATCHING_KEY,\n ERR_JWK_NOT_FOUND,\n ERR_JWT_INVALID,\n JwkError,\n JwtCreateError,\n JwtVerifyError,\n} from './errors.js'\nimport { PrivateKeyUsage } from './jwk.js'\nimport { JwksPub } from './jwks.js'\nimport { unsafeDecodeJwt } from './jwt-decode.js'\nimport { VerifyOptions, VerifyResult } from './jwt-verify.js'\nimport { JwtHeader, JwtPayload, SignedJwt } from './jwt.js'\nimport { ActivityCheckOptions, Key, KeyMatchOptions } from './key.js'\nimport {\n Override,\n cachedGetter,\n isDefined,\n matchesAny,\n preferredOrderCmp,\n} from './util.js'\n\nexport type { ActivityCheckOptions, KeyMatchOptions }\nexport type FindKeyOptions = KeyMatchOptions & ActivityCheckOptions\n\nexport type JwtSignHeader = Override<\n JwtHeader,\n Pick<FindKeyOptions, 'alg' | 'kid'>\n>\n\nexport type JwtPayloadGetter<P = JwtPayload> = (\n header: JwtHeader,\n key: Key,\n) => P | PromiseLike<P>\n\nconst extractPrivateJwk = (key: Key) => key.privateJwk\nconst extractPublicJwk = (key: Key) => key.publicJwk\n\nexport class Keyset<K extends Key = Key> implements Iterable<K> {\n private readonly keys: readonly K[]\n\n constructor(\n iterable: Iterable<K | null | undefined | false>,\n /**\n * The preferred algorithms to use when signing a JWT using this keyset.\n *\n * @see {@link https://datatracker.ietf.org/doc/html/rfc7518#section-3.1}\n */\n public readonly preferredSigningAlgorithms: readonly string[] = iterable instanceof\n Keyset\n ? [...iterable.preferredSigningAlgorithms]\n : [\n // Prefer elliptic curve algorithms\n 'EdDSA',\n 'ES256K',\n 'ES256',\n // https://datatracker.ietf.org/doc/html/rfc7518#section-3.5\n 'PS256',\n 'PS384',\n 'PS512',\n 'HS256',\n 'HS384',\n 'HS512',\n ],\n ) {\n const keys: K[] = []\n\n const keyIds = new Set<string>()\n for (const key of iterable) {\n if (!key) continue\n\n keys.push(key)\n\n if (key.kid) {\n if (keyIds.has(key.kid)) throw new JwkError(`Duplicate key: ${key.kid}`)\n else keyIds.add(key.kid)\n }\n }\n\n this.keys = Object.freeze(keys)\n }\n\n get size(): number {\n return this.keys.length\n }\n\n @cachedGetter\n get signAlgorithms(): readonly string[] {\n const algorithms = new Set<string>()\n for (const key of this) {\n if (key.use !== 'sig') continue\n for (const alg of key.algorithms) {\n algorithms.add(alg)\n }\n }\n return Object.freeze(\n [...algorithms].sort(preferredOrderCmp(this.preferredSigningAlgorithms)),\n )\n }\n\n @cachedGetter\n get publicJwks() {\n return Object.freeze({\n keys: Object.freeze(Array.from(this, extractPublicJwk).filter(isDefined)),\n })\n }\n\n @cachedGetter\n get privateJwks() {\n return Object.freeze({\n keys: Object.freeze(\n Array.from(this, extractPrivateJwk).filter(isDefined),\n ),\n })\n }\n\n has(kid: string): boolean {\n return this.keys.some((key) => key.kid === kid)\n }\n\n get(options: FindKeyOptions): K {\n const key = this.find(options)\n if (key) return key\n\n throw new JwkError(\n `Key not found ${options.kid ?? options.alg ?? options.usage ?? '<unknown>'}`,\n ERR_JWK_NOT_FOUND,\n )\n }\n\n find(options: FindKeyOptions): K | undefined {\n for (const key of this.list(options)) {\n return key\n }\n\n return undefined\n }\n\n *list<O extends FindKeyOptions>(options: O) {\n for (const key of this) {\n if (key.isActive(options) && key.matches(options)) {\n yield key\n }\n }\n }\n\n findPrivateKey({\n kid,\n alg,\n usage,\n ...options\n }: FindKeyOptions & { usage: PrivateKeyUsage }): {\n key: Key\n alg: string\n } {\n const matchingKeys: Key[] = []\n\n // Allow the loop bellow to return early when a single \"alg\" is provided\n if (Array.isArray(alg) && alg.length === 1) alg = alg[0]\n\n for (const key of this.list({ ...options, kid, alg, usage })) {\n // Skip negotiation if a single \"alg\" was provided\n if (typeof alg === 'string') return { key, alg }\n\n matchingKeys.push(key)\n }\n\n const isAllowedAlg = matchesAny(alg)\n const candidates = matchingKeys.map(\n (key) => [key, key.algorithms.filter(isAllowedAlg)] as const,\n )\n\n // Return the first candidates that matches the preferred algorithms\n for (const prefAlg of this.preferredSigningAlgorithms) {\n for (const [matchingKey, matchingAlgs] of candidates) {\n if (matchingAlgs.includes(prefAlg)) {\n return { key: matchingKey, alg: prefAlg }\n }\n }\n }\n\n // Return any candidate\n for (const [matchingKey, matchingAlgs] of candidates) {\n for (const alg of matchingAlgs) {\n return { key: matchingKey, alg }\n }\n }\n\n throw new JwkError(\n `No private key found for ${kid || alg || usage}`,\n ERR_JWK_NOT_FOUND,\n )\n }\n\n [Symbol.iterator](): IterableIterator<K> {\n return this.keys.values()\n }\n\n async createJwt(\n { alg: sAlg, kid: sKid, ...header }: JwtSignHeader,\n payload: JwtPayload | JwtPayloadGetter,\n ): Promise<SignedJwt> {\n try {\n const { key, alg } = this.findPrivateKey({\n alg: sAlg,\n kid: sKid,\n usage: 'sign',\n allowRevoked: false, // For explicitness (default value is false)\n })\n const protectedHeader = { ...header, alg, kid: key.kid }\n\n if (typeof payload === 'function') {\n payload = await payload(protectedHeader, key)\n }\n\n return await key.createJwt(protectedHeader, payload)\n } catch (err) {\n throw JwtCreateError.from(err)\n }\n }\n\n async verifyJwt<C extends string = never>(\n token: SignedJwt,\n options?: ActivityCheckOptions & VerifyOptions<C>,\n ): Promise<VerifyResult<C> & { key: K }> {\n const { header } = unsafeDecodeJwt(token)\n const { kid, alg } = header\n\n const errors: unknown[] = []\n\n for (const key of this.list({ ...options, kid, alg, usage: 'verify' })) {\n try {\n const result = await key.verifyJwt<C>(token, options)\n return { ...result, key }\n } catch (err) {\n errors.push(err)\n }\n }\n\n switch (errors.length) {\n case 0:\n throw new JwtVerifyError('No key matched', ERR_JWKS_NO_MATCHING_KEY)\n case 1:\n throw JwtVerifyError.from(errors[0], ERR_JWT_INVALID)\n default:\n throw JwtVerifyError.from(errors, ERR_JWT_INVALID)\n }\n }\n\n toJSON() {\n // Make a copy to allow mutation of the result\n return structuredClone(this.publicJwks) as JwksPub\n }\n}\n"]}
package/dist/util.d.ts CHANGED
@@ -6,12 +6,6 @@ export type Override<T, V> = Simplify<V & Omit<T, keyof V>>;
6
6
  export type RequiredKey<T, K extends keyof T = never> = Simplify<T & {
7
7
  [L in K]-?: unknown extends T[L] ? NonNullable<unknown> | null : Exclude<T[L], undefined>;
8
8
  }>;
9
- export type DeepReadonly<T> = T extends Function ? T : T extends object ? {
10
- readonly [K in keyof T]: DeepReadonly<T[K]>;
11
- } : T extends readonly (infer U)[] ? readonly DeepReadonly<U>[] : T;
12
- export type UnReadonly<T> = T extends Function ? T : T extends object ? {
13
- -readonly [K in keyof T]: UnReadonly<T[K]>;
14
- } : T extends readonly (infer U)[] ? UnReadonly<U>[] : T;
15
9
  export declare const isDefined: <T>(i: T | undefined) => i is T;
16
10
  export declare const preferredOrderCmp: <T>(order: readonly T[]) => (a: T, b: T) => number;
17
11
  export declare function matchesAny<T extends string | number | symbol | boolean>(value: null | undefined | T | readonly T[]): (v: unknown) => v is T;
@@ -50,5 +44,6 @@ type SegmentedString<C extends number, Acc extends string[] = [string]> = Acc['l
50
44
  * ```
51
45
  */
52
46
  export declare const segmentedStringRefinementFactory: <C extends number>(count: C, minPartLength?: number) => (data: string, ctx: RefinementCtx) => data is SegmentedString<C>;
47
+ export declare function isLastOccurrence<T extends number | boolean | string | null | undefined | symbol | bigint>(v: T, i: number, arr: readonly T[]): boolean;
53
48
  export {};
54
49
  //# sourceMappingURL=util.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAgB,MAAM,KAAK,CAAA;AAGjD,MAAM,MAAM,QAAQ,CAAC,CAAC,IAAI;KAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CAAE,GAAG,EAAE,CAAA;AACvD,MAAM,MAAM,QAAQ,CAAC,CAAC,EAAE,CAAC,IAAI,QAAQ,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAA;AAE3D,MAAM,MAAM,WAAW,CAAC,CAAC,EAAE,CAAC,SAAS,MAAM,CAAC,GAAG,KAAK,IAAI,QAAQ,CAC9D,CAAC,GAAG;KACD,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,GAC5B,WAAW,CAAC,OAAO,CAAC,GAAG,IAAI,GAC3B,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC;CAC7B,CACF,CAAA;AAGD,MAAM,MAAM,YAAY,CAAC,CAAC,IAAI,CAAC,SAAS,QAAQ,GAC5C,CAAC,GACD,CAAC,SAAS,MAAM,GACd;IAAE,QAAQ,EAAE,CAAC,IAAI,MAAM,CAAC,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;CAAE,GAC/C,CAAC,SAAS,SAAS,CAAC,MAAM,CAAC,CAAC,EAAE,GAC5B,SAAS,YAAY,CAAC,CAAC,CAAC,EAAE,GAC1B,CAAC,CAAA;AAGT,MAAM,MAAM,UAAU,CAAC,CAAC,IAAI,CAAC,SAAS,QAAQ,GAC1C,CAAC,GACD,CAAC,SAAS,MAAM,GACd;IAAE,CAAC,UAAU,CAAC,IAAI,MAAM,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;CAAE,GAC9C,CAAC,SAAS,SAAS,CAAC,MAAM,CAAC,CAAC,EAAE,GAC5B,UAAU,CAAC,CAAC,CAAC,EAAE,GACf,CAAC,CAAA;AAET,eAAO,MAAM,SAAS,GAAI,CAAC,EAAE,GAAG,CAAC,GAAG,SAAS,KAAG,CAAC,IAAI,CAAoB,CAAA;AAEzE,eAAO,MAAM,iBAAiB,GAC3B,CAAC,EAAE,OAAO,SAAS,CAAC,EAAE,MACtB,GAAG,CAAC,EAAE,GAAG,CAAC,WAOV,CAAA;AAEH,wBAAgB,UAAU,CAAC,CAAC,SAAS,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,EACrE,KAAK,EAAE,IAAI,GAAG,SAAS,GAAG,CAAC,GAAG,SAAS,CAAC,EAAE,GACzC,CAAC,CAAC,EAAE,OAAO,KAAK,CAAC,IAAI,CAAC,CAMxB;AAED;;GAEG;AACH,eAAO,MAAM,YAAY,GAAI,CAAC,SAAS,MAAM,EAAE,CAAC,EAC9C,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,EACtB,UAAU,2BAA2B,CAAC,CAAC,EAAE,CAAC,CAAC,MAE1B,MAAM,CAAC,MASzB,CAAA;AAGD,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAIpD;AAED;;;;;;GAMG;AACH,eAAO,MAAM,kBAAkB,GAAI,MAAM,MAAM,EAAE,KAAK,aAAa,KAAG,IA2BrE,CAAA;AAED;;;;;;;;;;;;GAYG;AACH,KAAK,eAAe,CAClB,CAAC,SAAS,MAAM,EAChB,GAAG,SAAS,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,IAC7B,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,GACvB,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,GACX,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,eAAe,CAAC,CAAC,EAAE,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,CAAA;AAEvD;;;;;;GAMG;AACH,eAAO,MAAM,gCAAgC,GAAI,CAAC,SAAS,MAAM,EAC/D,OAAO,CAAC,EACR,sBAAiB,MAST,MAAM,MAAM,EAAE,KAAK,aAAa,KAAG,IAAI,IAAI,eAAe,CAAC,CAAC,CA2CrE,CAAA"}
1
+ {"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAgB,MAAM,KAAK,CAAA;AAGjD,MAAM,MAAM,QAAQ,CAAC,CAAC,IAAI;KAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CAAE,GAAG,EAAE,CAAA;AACvD,MAAM,MAAM,QAAQ,CAAC,CAAC,EAAE,CAAC,IAAI,QAAQ,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAA;AAE3D,MAAM,MAAM,WAAW,CAAC,CAAC,EAAE,CAAC,SAAS,MAAM,CAAC,GAAG,KAAK,IAAI,QAAQ,CAC9D,CAAC,GAAG;KACD,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,GAC5B,WAAW,CAAC,OAAO,CAAC,GAAG,IAAI,GAC3B,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC;CAC7B,CACF,CAAA;AAED,eAAO,MAAM,SAAS,GAAI,CAAC,EAAE,GAAG,CAAC,GAAG,SAAS,KAAG,CAAC,IAAI,CAAoB,CAAA;AAEzE,eAAO,MAAM,iBAAiB,GAC3B,CAAC,EAAE,OAAO,SAAS,CAAC,EAAE,MACtB,GAAG,CAAC,EAAE,GAAG,CAAC,WAOV,CAAA;AAEH,wBAAgB,UAAU,CAAC,CAAC,SAAS,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,EACrE,KAAK,EAAE,IAAI,GAAG,SAAS,GAAG,CAAC,GAAG,SAAS,CAAC,EAAE,GACzC,CAAC,CAAC,EAAE,OAAO,KAAK,CAAC,IAAI,CAAC,CAMxB;AAED;;GAEG;AACH,eAAO,MAAM,YAAY,GAAI,CAAC,SAAS,MAAM,EAAE,CAAC,EAC9C,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,EACtB,UAAU,2BAA2B,CAAC,CAAC,EAAE,CAAC,CAAC,MAE1B,MAAM,CAAC,MASzB,CAAA;AAGD,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAIpD;AAED;;;;;;GAMG;AACH,eAAO,MAAM,kBAAkB,GAAI,MAAM,MAAM,EAAE,KAAK,aAAa,KAAG,IA2BrE,CAAA;AAED;;;;;;;;;;;;GAYG;AACH,KAAK,eAAe,CAClB,CAAC,SAAS,MAAM,EAChB,GAAG,SAAS,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,IAC7B,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,GACvB,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,GACX,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,eAAe,CAAC,CAAC,EAAE,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,EAAE,CAAA;AAEvD;;;;;;GAMG;AACH,eAAO,MAAM,gCAAgC,GAAI,CAAC,SAAS,MAAM,EAC/D,OAAO,CAAC,EACR,sBAAiB,MAST,MAAM,MAAM,EAAE,KAAK,aAAa,KAAG,IAAI,IAAI,eAAe,CAAC,CAAC,CA2CrE,CAAA;AAED,wBAAgB,gBAAgB,CAC9B,CAAC,SAAS,MAAM,GAAG,OAAO,GAAG,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,GAAG,MAAM,EACxE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS,CAAC,EAAE,GAAG,OAAO,CAE7C"}