@azure/attestation 1.0.1-alpha.20250109.1 → 1.0.1-alpha.20250110.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/README.md +26 -31
  2. package/dist/browser/attestationClient.d.ts +1 -1
  3. package/dist/browser/attestationClient.js +1 -1
  4. package/dist/browser/attestationClient.js.map +1 -1
  5. package/dist/commonjs/attestationClient.d.ts +1 -1
  6. package/dist/commonjs/attestationClient.js +1 -1
  7. package/dist/commonjs/attestationClient.js.map +1 -1
  8. package/dist/esm/attestationClient.d.ts +1 -1
  9. package/dist/esm/attestationClient.js +1 -1
  10. package/dist/esm/attestationClient.js.map +1 -1
  11. package/dist/react-native/attestationClient.d.ts +1 -1
  12. package/dist/react-native/attestationClient.js +1 -1
  13. package/dist/react-native/attestationClient.js.map +1 -1
  14. package/package.json +1 -1
package/README.md CHANGED
@@ -17,7 +17,7 @@ Key links:
17
17
  - [Source code][source_code]
18
18
  - [Package (NPM)][attestation_npm]
19
19
  - [API reference documentation][api_reference]
20
- - [Product documentation](https://docs.microsoft.com/azure/attestation/)
20
+ - [Product documentation](https://learn.microsoft.com/azure/attestation/)
21
21
 
22
22
  ## Getting started
23
23
 
@@ -43,7 +43,7 @@ npm install @azure/attestation
43
43
 
44
44
  ### Authenticate the client
45
45
 
46
- In order to interact with the Microsoft Azure Attestation service, you'll need to create an instance of the [Attestation Client][attestation_client] or [Attestation Administration Client][attestation_admin_client] class. You need a **attestation instance url**, which will either be the "Attest URI"
46
+ In order to interact with the Microsoft Azure Attestation service, you'll need to create an instance of the [Attestation Client][attestation_client] or [Attestation Administration Client][attestation_admin_client] class. You need a **attestation instance url**, which will either be the "Attest URI"
47
47
  shown in the portal, or will be one of the shared attestation providers.
48
48
  You will also need client credentials to use the Attestation Administration Client or call the `attestTpm` API. Client credentials require **(client id, client secret, tenant id)** to instantiate a client object.
49
49
 
@@ -135,7 +135,7 @@ The [`AttestationResponse`][attestation_response] object contains two main attri
135
135
 
136
136
  Each attestation service instance has a policy applied to it which defines additional criteria which the customer has defined.
137
137
 
138
- For more information on attestation policies, see [Attestation Policy](https://docs.microsoft.com/azure/attestation/author-sign-policy)
138
+ For more information on attestation policies, see [Attestation Policy](https://learn.microsoft.com/azure/attestation/author-sign-policy)
139
139
 
140
140
  ### Policy Management certificate management
141
141
 
@@ -163,7 +163,7 @@ RuntimeData refers to data which is presented to the Intel SGX Quote generation
163
163
 
164
164
  InitTime data refers to data which is used to configure the SGX enclave being attested.
165
165
 
166
- > Note that InitTime data is not supported on Azure [DCsv2-Series](https://docs.microsoft.com/azure/virtual-machines/dcv2-series) virtual machines.
166
+ > Note that InitTime data is not supported on Azure [DCsv2-Series](https://learn.microsoft.com/azure/virtual-machines/dcv2-series) virtual machines.
167
167
 
168
168
  ### Additional concepts
169
169
 
@@ -182,7 +182,7 @@ azure credentials (`DefaultAzureCredential`).
182
182
 
183
183
  ```ts
184
184
  const credentials = new DefaultAzureCredential();
185
- const client = new AttestationClient(endpoint, {credentials: credentials});
185
+ const client = new AttestationClient(endpoint, { credentials: credentials });
186
186
 
187
187
  // Retrieve the set of attestation policy signers from the attestation client.
188
188
  const attestationSigners = await client.getAttestationSigners();
@@ -200,14 +200,13 @@ const attestationSigners = await client.getAttestationSigners();
200
200
 
201
201
  Creates an instance of the Attestation Administration Client at uri `endpoint`.
202
202
 
203
- Note that the administration client *requires* Azure credentials.
203
+ Note that the administration client _requires_ Azure credentials.
204
204
 
205
205
  ```ts
206
- const client = new AttestationAdministrationClient(endpoint, new DefaultAzureCredential());
207
-
208
- // Retrieve the SGX policy from the specified attestation instance.
209
- const policyResponse = await client.getPolicy(KnownAttestationType.SgxEnclave);
206
+ const client = new AttestationAdministrationClient(endpoint, new DefaultAzureCredential());
210
207
 
208
+ // Retrieve the SGX policy from the specified attestation instance.
209
+ const policyResponse = await client.getPolicy(KnownAttestationType.SgxEnclave);
211
210
  ```
212
211
 
213
212
  ### Get attestation policy
@@ -273,10 +272,7 @@ If a client wishes to ensure that the attestation policy document was not modifi
273
272
  To verify the hash, clients can create an attestation policy token (a helper class which represents the token used to set the attestation policy) and verify the hash generated from that token:
274
273
 
275
274
  ```js
276
- const expectedPolicy = createAttestationPolicyToken(
277
- `<Policy Document>`,
278
- privateKey,
279
- certificate);
275
+ const expectedPolicy = createAttestationPolicyToken(`<Policy Document>`, privateKey, certificate);
280
276
 
281
277
  // Use your favorite SHA256 hash generator function to create a hash of the
282
278
  // stringized JWS.
@@ -308,7 +304,7 @@ This example assumes that you have an existing `AttestationClient` object which
308
304
 
309
305
  ```ts
310
306
  const attestationResult = await client.attestOpenEnclave(report, {
311
- runTimeData: binaryRuntimeData
307
+ runTimeData: binaryRuntimeData,
312
308
  });
313
309
  ```
314
310
 
@@ -318,7 +314,7 @@ the attest API call:
318
314
 
319
315
  ```ts
320
316
  const attestationResult = await client.attestOpenEnclave(report, {
321
- runTimeJson: binaryRuntimeData
317
+ runTimeJson: binaryRuntimeData,
322
318
  });
323
319
  ```
324
320
 
@@ -326,7 +322,7 @@ Similarly, if you are using the Intel SDK to generate a "quote", you can validat
326
322
 
327
323
  ```ts
328
324
  const attestationResult = await client.attestSgxEnclave(quote, {
329
- runTimeData: binaryRuntimeData
325
+ runTimeData: binaryRuntimeData,
330
326
  });
331
327
  ```
332
328
 
@@ -341,12 +337,11 @@ the `attestSgxEnclave` or `attestOpenEnclave` APIs
341
337
 
342
338
  ```ts
343
339
  const credentials = new DefaultAzureCredential();
344
- const client = new AttestationClient(endpoint, {credentials: credentials});
340
+ const client = new AttestationClient(endpoint, { credentials: credentials });
345
341
 
346
342
  const attestationSigners = await client.getAttestationSigners();
347
343
 
348
344
  console.log(`There are ${attestationSigners.length} signers`);
349
-
350
345
  ```
351
346
 
352
347
  ## Troubleshooting
@@ -373,11 +368,11 @@ setLogLevel("info");
373
368
 
374
369
  For more detailed instructions on how to enable logs, you can look at the [@azure/logger package docs](https://github.com/Azure/azure-sdk-for-js/tree/main/sdk/core/logger).
375
370
 
376
- Additional troubleshooting information for the MAA service can be found [here](https://docs.microsoft.com/azure/attestation/troubleshoot-guide)
371
+ Additional troubleshooting information for the MAA service can be found [here](https://learn.microsoft.com/azure/attestation/troubleshoot-guide)
377
372
 
378
373
  ## Next steps
379
374
 
380
- For more information about the Microsoft Azure Attestation service, please see our [documentation page](https://docs.microsoft.com/azure/attestation/).
375
+ For more information about the Microsoft Azure Attestation service, please see our [documentation page](https://learn.microsoft.com/azure/attestation/).
381
376
 
382
377
  ## Contributing
383
378
 
@@ -398,20 +393,20 @@ section of the project.
398
393
  <!-- LINKS -->
399
394
 
400
395
  [source_code]: https://github.com/Azure/azure-sdk-for-js/tree/main/sdk/attestation/attestation
401
- [azure_identity]: https://docs.microsoft.com/javascript/api/@azure/identity
402
- [defaultazurecredential]: https://docs.microsoft.com/javascript/api/@azure/identity/defaultazurecredential
396
+ [azure_identity]: https://learn.microsoft.com/javascript/api/@azure/identity
397
+ [defaultazurecredential]: https://learn.microsoft.com/javascript/api/@azure/identity/defaultazurecredential
403
398
  [attestation_policy_result]: https://azuresdkdocs.blob.core.windows.net/$web/javascript/azure-attestation/1.0.0-beta.4/interfaces/policyresult.html
404
- [attestation_client]: https://docs.microsoft.com/javascript/api/@azure/attestation/attestationclient
405
- [attestation_admin_client]: https://docs.microsoft.com/javascript/api/@azure/attestation/attestationadministrationclient
406
- [attestation_response]: https://docs.microsoft.com/javascript/api/@azure/attestation/attestationresponse
407
- [attestation_policy_result_parameters]: https://docs.microsoft.com/javascript/api/@azure/attestation/policyresult#properties
408
- [attest_sgx]: https://docs.microsoft.com/javascript/api/@azure/attestation/attestationclient#attestSgxEnclave_Uint8Array__AttestSgxEnclaveOptions_
399
+ [attestation_client]: https://learn.microsoft.com/javascript/api/@azure/attestation/attestationclient
400
+ [attestation_admin_client]: https://learn.microsoft.com/javascript/api/@azure/attestation/attestationadministrationclient
401
+ [attestation_response]: https://learn.microsoft.com/javascript/api/@azure/attestation/attestationresponse
402
+ [attestation_policy_result_parameters]: https://learn.microsoft.com/javascript/api/@azure/attestation/policyresult#properties
403
+ [attest_sgx]: https://learn.microsoft.com/javascript/api/@azure/attestation/attestationclient#attestSgxEnclave_Uint8Array__AttestSgxEnclaveOptions_
409
404
  [attestation_npm]: https://www.npmjs.com/package/@azure/attestation
410
- [api_reference]: https://docs.microsoft.com/javascript/api/@azure/attestation
411
- [style-guide-msft]: https://docs.microsoft.com/style-guide/capitalization
405
+ [api_reference]: https://learn.microsoft.com/javascript/api/@azure/attestation
406
+ [style-guide-msft]: https://learn.microsoft.com/style-guide/capitalization
412
407
  [style-guide-cloud]: https://aka.ms/azsdk/cloud-style-guide
413
408
  [microsoft_code_of_conduct]: https://opensource.microsoft.com/codeofconduct/
414
- [azure_cli]: https://docs.microsoft.com/cli/azure
409
+ [azure_cli]: https://learn.microsoft.com/cli/azure
415
410
  [azure_sub]: https://azure.microsoft.com/free/
416
411
  [code_of_conduct]: https://opensource.microsoft.com/codeofconduct/
417
412
  [json_web_token]: https://tools.ietf.org/html/rfc7519
package/dist/browser/attestationClient.d.ts CHANGED
@@ -162,7 +162,7 @@ export declare class AttestationClient {
162
162
  attestSgxEnclave(quote: Uint8Array | Buffer | Blob, options?: AttestSgxEnclaveOptions): Promise<AttestationResponse<AttestationResult>>;
163
163
  /** Attest a TPM based enclave.
164
164
 
165
- * See the {@link https://docs.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
165
+ * See the {@link https://learn.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
166
166
  *
167
167
  * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.
168
168
  * @param options - Pipeline options for TPM attestation request.
package/dist/browser/attestationClient.js CHANGED
@@ -153,7 +153,7 @@ export class AttestationClient {
153
153
  }
154
154
  /** Attest a TPM based enclave.
155
155
 
156
- * See the {@link https://docs.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
156
+ * See the {@link https://learn.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
157
157
  *
158
158
  * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.
159
159
  * @param options - Pipeline options for TPM attestation request.
package/dist/browser/attestationClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationClient.js","sourceRoot":"","sources":["../../src/attestationClient.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AAajE,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAE5D,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC,OAAO,KAAK,OAAO,MAAM,+BAA+B,CAAC;AAGzD,OAAO,EAAE,yBAAyB,EAAE,MAAM,iCAAiC,CAAC;AAE5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAE/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAErD,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAmGvD;;;;;;;;;;GAUG;AACH,MAAM,OAAO,iBAAiB;IA4C5B,YACE,QAAgB,EAChB,oBAAiE,EACjE,gBAA0C,EAAE;QAE5C,IAAI,gBAAgB,GAAyB,SAAS,CAAC;QACvD,IAAI,UAAU,GAAgC,SAAS,CAAC;QACxD,IAAI,OAAiC,CAAC;QAEtC,IAAI,oBAAoB,IAAI,iBAAiB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACpE,UAAU,GAAG,oBAAoB,CAAC;YAClC,gBAAgB,GAAG,CAAC,mCAAmC,CAAC,CAAC;YACzD,OAAO,GAAG,aAAa,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,oBAAoB,IAAI,EAAE,CAAC;QACvC,CAAC;QAED,MAAM,uBAAuB,mCACxB,OAAO,GACP;YACD,gBAAgB,EAAE,gBAAgB;YAClC,UAAU,EAAE,UAAU;YACtB,cAAc,EAAE;gBACd,MAAM,EAAE,MAAM,CAAC,IAAI;gBACnB,kBAAkB,EAAE,CAAC,iBAAiB,EAAE,0BAA0B,CAAC;aACpE;SACF,CACF,CAAC;QAEF,IAAI,CAAC,OAAO,GAAG,IAAI,eAAe,CAAC,QAAQ,EAAE,uBAAuB,CAAC,CAAC;QACtE,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IACtD,CAAC;IAED;;;;;;;;;;;OAWG;IACI,KAAK,CAAC,iBAAiB,CAC5B,MAAkC,EAClC,UAAoC,EAAE;QAEtC,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YAEtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,iBAAiB,CAC1E;gBACE,MAAM,EAAE,MAAM,mBAAmB,CAAC,MAAM,CAAC;gBACzC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,yBAAyB,CAC9B,KAAK,EACL,+BAA+B,CAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,gBAAgB,CAC3B,KAAiC,EACjC,UAAmC,EAAE;QAErC,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YACtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,gBAAgB,CACzE;gBACE,KAAK,EAAE,MAAM,mBAAmB,CAAC,KAAK,CAAC;gBACvC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,yBAAyB,CAC9B,KAAK,EACL,+BAA+B,CAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACI,KAAK,CAAC,SAAS,CAAC,OAAe,EAAE,UAA4B,EAAE;QACpE,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,SAAS,CACvD,EAAE,IAAI,EAAE,aAAa,CAAC,OAAO,CAAC,EAAE,EAChC,cAAc,CACf,CAAC;YACF,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAClB,OAAO,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACtC,CAAC;iBAAM,CAAC;gBACN,MAAM,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACrE,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,qBAAqB;IAChC,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,aAAa,CAAC,QAAQ,CAC3B,yCAAyC,EACzC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YACvF,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;YACjD,MAAA,mBAAmB,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC5C,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;YACzD,CAAC,CAAC,CAAC;YACH,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,iBAAiB;IAC5B,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC7E,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAMO,KAAK,CAAC,YAAY;;QACxB,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,EAAE,CAAC;QAC1D,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;QACjD,MAAA,IAAI,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { GeneratedClient } from \"./generated/generatedClient.js\";\n\nimport type {\n AttestationResult,\n AttestationSigner,\n AttestationTokenValidationOptions,\n} from \"./models/index.js\";\n\nimport type {\n GeneratedAttestationResult,\n InitTimeData,\n RuntimeData,\n} from \"./generated/models/index.js\";\nimport { KnownDataType } from \"./generated/models/index.js\";\n\nimport { logger } from \"./logger.js\";\nimport type { GeneratedClientOptionalParams } from \"./generated/models/index.js\";\nimport * as Mappers from \"./generated/models/mappers.js\";\n\nimport type { AttestationResponse } from \"./models/attestationResponse.js\";\nimport { createAttestationResponse } from \"./models/attestationResponse.js\";\n\nimport { TypeDeserializer } from \"./utils/typeDeserializer.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { isTokenCredential } from \"@azure/core-auth\";\nimport type { CommonClientOptions, OperationOptions } from \"@azure/core-client\";\nimport { bytesToString, stringToBytes } from \"./utils/utf8.js\";\nimport { _attestationResultFromGenerated } from \"./models/attestationResult.js\";\nimport { _attestationSignerFromGenerated } from \"./models/attestationSigner.js\";\nimport { AttestationTokenImpl } from \"./models/attestationToken.js\";\nimport { Uint8ArrayFromInput } from \"./utils/buffer.js\";\nimport { tracingClient } from \"./generated/tracing.js\";\n\n/**\n * Attestation Client Construction Options.\n */\nexport interface AttestationClientOptions extends CommonClientOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Operation options for the Attestation Client operations.\n */\nexport interface AttestationClientOperationOptions extends OperationOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service for the individual operation.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Optional parameters for the AttestOpenEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestOpenEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Optional parameters for the AttestSgxEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestSgxEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Operation options for the AttestTpm API.\n */\nexport interface AttestTpmOptions extends AttestationClientOperationOptions {}\n\n/**\n * Attestation Client class.\n *\n * The AttestationClient class enables access to the Attestation related APIs:\n *\n * - getOpenIdMetadata\n * - getAttestationSigners\n * - attestSgxEnclave\n * - attestOpenEnclave\n * - attestTpm\n */\nexport class AttestationClient {\n /**\n * Creates an instance of AttestationClient.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\"\n * );\n * ```\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param options - Options used to configure the Attestation Client.\n *\n */\n public constructor(endpoint: string, options?: AttestationClientOptions);\n\n /**\n * Creates an instance of AttestationClient with options and credentials.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\",\n * new TokenCredential(\"<>\"),\n * { tokenValidationOptions: { validateToken: false } }\n * );\n * ```\n *\n * Note that credentials are required to call the `attestTpm` API.\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param credentials - Credentials used to configure the attestation client.\n *\n */\n public constructor(\n endpoint: string,\n credentials: TokenCredential,\n options?: AttestationClientOptions,\n );\n public constructor(\n endpoint: string,\n credentialsOrOptions?: TokenCredential | AttestationClientOptions,\n clientOptions: AttestationClientOptions = {},\n ) {\n let credentialScopes: string[] | undefined = undefined;\n let credential: TokenCredential | undefined = undefined;\n let options: AttestationClientOptions;\n\n if (credentialsOrOptions && isTokenCredential(credentialsOrOptions)) {\n credential = credentialsOrOptions;\n credentialScopes = [\"https://attest.azure.net/.default\"];\n options = clientOptions;\n } else {\n options = credentialsOrOptions || {};\n }\n\n const internalPipelineOptions: GeneratedClientOptionalParams = {\n ...options,\n ...{\n credentialScopes: credentialScopes,\n credential: credential,\n loggingOptions: {\n logger: logger.info,\n allowedHeaderNames: [\"x-ms-request-id\", \"x-ms-maa-service-version\"],\n },\n },\n };\n\n this._client = new GeneratedClient(endpoint, internalPipelineOptions);\n this._validationOptions = options.validationOptions;\n }\n\n /** Attests an OpenEnclave report generated from an SGX Enclave using the OpenEnclave SDK.\n *\n * @param report - An OpenEnclave report generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n *\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n * @throws {@link Error} if the `initTimeJson` option is provided and the value of `initTimeJson` is not JSON.\n * @throws {@link Error} if the `runTimeJson` option is provided and the value of `runTimeJson` is not JSON.\n */\n public async attestOpenEnclave(\n report: Uint8Array | Buffer | Blob,\n options: AttestOpenEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestOpenEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestOpenEnclave(\n {\n report: await Uint8ArrayFromInput(report),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attests a quote generated from SGX Enclave using the Intel SDK.\n *\n * @param quote - An SGX quote generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n */\n public async attestSgxEnclave(\n quote: Uint8Array | Buffer | Blob,\n options: AttestSgxEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestSgxEnclave(\n {\n quote: await Uint8ArrayFromInput(quote),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attest a TPM based enclave.\n\n * See the {@link https://docs.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.\n * \n * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.\n * @param options - Pipeline options for TPM attestation request.\n * @returns A structure containing the response from the TPM attestation, Utf8 encoded.\n * \n * @remarks\n * \n * The incoming requests to the TPM attestation API are stringified JSON objects.\n * \n * @example\n * For example, the initial call for a TPM attestation operation is:\n * \n * ```js\n * const encodedPayload = JSON.stringify({ payload: { type: \"aikcert\" } });\n * const result = await client.attestTpm(encodedPayload);\n * ```\n * \n * where stringToBytes converts the string to UTF8.\n * \n * Note that the attestTpm requires an attestation client which is configured with\n * authentication credentials.\n * \n */\n public async attestTpm(request: string, options: AttestTpmOptions = {}): Promise<string> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n const response = await this._client.attestation.attestTpm(\n { data: stringToBytes(request) },\n updatedOptions,\n );\n if (response.data) {\n return bytesToString(response.data);\n } else {\n throw Error(\"Internal error - response data cannot be undefined.\");\n }\n },\n );\n }\n\n /**\n * Returns the list of attestation signers which can be used to sign attestation\n * service tokens.\n *\n * @param options - Client operation options.\n * @returns the set of AttestationSigners which may be used to sign attestation tokens.\n */\n public async getAttestationSigners(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<AttestationSigner[]> {\n return tracingClient.withSpan(\n \"AttestationClient-getAttestationSigners\",\n options,\n async (updatedOptions) => {\n const signingCertificates = await this._client.signingCertificates.get(updatedOptions);\n const signers: AttestationSigner[] = new Array();\n signingCertificates.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n return signers;\n },\n );\n }\n\n /**\n * Returns the OpenID Metadata discovery document for the attestation service instance.\n * @param options - Client operation options.\n * @returns The OpenID metadata discovery document for the attestation service.\n */\n public async getOpenIdMetadata(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<Record<string, unknown>> {\n return tracingClient.withSpan(\n \"AttestationClient-getOpenIdMetadata\",\n options,\n async (updatedOptions) => {\n const configs = await this._client.metadataConfiguration.get(updatedOptions);\n return configs;\n },\n );\n }\n\n private _client: GeneratedClient;\n private _validationOptions?: AttestationTokenValidationOptions;\n private _signers?: AttestationSigner[];\n\n private async _signingKeys(): Promise<AttestationSigner[]> {\n if (this._signers !== undefined) {\n return this._signers;\n }\n const jwks = await this._client.signingCertificates.get();\n const signers: AttestationSigner[] = new Array();\n jwks.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n this._signers = signers;\n return this._signers;\n }\n}\n"]}
1
+ {"version":3,"file":"attestationClient.js","sourceRoot":"","sources":["../../src/attestationClient.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AAajE,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAE5D,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC,OAAO,KAAK,OAAO,MAAM,+BAA+B,CAAC;AAGzD,OAAO,EAAE,yBAAyB,EAAE,MAAM,iCAAiC,CAAC;AAE5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAE/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAErD,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAmGvD;;;;;;;;;;GAUG;AACH,MAAM,OAAO,iBAAiB;IA4C5B,YACE,QAAgB,EAChB,oBAAiE,EACjE,gBAA0C,EAAE;QAE5C,IAAI,gBAAgB,GAAyB,SAAS,CAAC;QACvD,IAAI,UAAU,GAAgC,SAAS,CAAC;QACxD,IAAI,OAAiC,CAAC;QAEtC,IAAI,oBAAoB,IAAI,iBAAiB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACpE,UAAU,GAAG,oBAAoB,CAAC;YAClC,gBAAgB,GAAG,CAAC,mCAAmC,CAAC,CAAC;YACzD,OAAO,GAAG,aAAa,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,oBAAoB,IAAI,EAAE,CAAC;QACvC,CAAC;QAED,MAAM,uBAAuB,mCACxB,OAAO,GACP;YACD,gBAAgB,EAAE,gBAAgB;YAClC,UAAU,EAAE,UAAU;YACtB,cAAc,EAAE;gBACd,MAAM,EAAE,MAAM,CAAC,IAAI;gBACnB,kBAAkB,EAAE,CAAC,iBAAiB,EAAE,0BAA0B,CAAC;aACpE;SACF,CACF,CAAC;QAEF,IAAI,CAAC,OAAO,GAAG,IAAI,eAAe,CAAC,QAAQ,EAAE,uBAAuB,CAAC,CAAC;QACtE,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IACtD,CAAC;IAED;;;;;;;;;;;OAWG;IACI,KAAK,CAAC,iBAAiB,CAC5B,MAAkC,EAClC,UAAoC,EAAE;QAEtC,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YAEtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,iBAAiB,CAC1E;gBACE,MAAM,EAAE,MAAM,mBAAmB,CAAC,MAAM,CAAC;gBACzC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,yBAAyB,CAC9B,KAAK,EACL,+BAA+B,CAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,gBAAgB,CAC3B,KAAiC,EACjC,UAAmC,EAAE;QAErC,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YACtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,gBAAgB,CACzE;gBACE,KAAK,EAAE,MAAM,mBAAmB,CAAC,KAAK,CAAC;gBACvC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,yBAAyB,CAC9B,KAAK,EACL,+BAA+B,CAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACI,KAAK,CAAC,SAAS,CAAC,OAAe,EAAE,UAA4B,EAAE;QACpE,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,SAAS,CACvD,EAAE,IAAI,EAAE,aAAa,CAAC,OAAO,CAAC,EAAE,EAChC,cAAc,CACf,CAAC;YACF,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAClB,OAAO,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACtC,CAAC;iBAAM,CAAC;gBACN,MAAM,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACrE,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,qBAAqB;IAChC,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,aAAa,CAAC,QAAQ,CAC3B,yCAAyC,EACzC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YACvF,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;YACjD,MAAA,mBAAmB,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC5C,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;YACzD,CAAC,CAAC,CAAC;YACH,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,iBAAiB;IAC5B,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC7E,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAMO,KAAK,CAAC,YAAY;;QACxB,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,EAAE,CAAC;QAC1D,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;QACjD,MAAA,IAAI,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { GeneratedClient } from \"./generated/generatedClient.js\";\n\nimport type {\n AttestationResult,\n AttestationSigner,\n AttestationTokenValidationOptions,\n} from \"./models/index.js\";\n\nimport type {\n GeneratedAttestationResult,\n InitTimeData,\n RuntimeData,\n} from \"./generated/models/index.js\";\nimport { KnownDataType } from \"./generated/models/index.js\";\n\nimport { logger } from \"./logger.js\";\nimport type { GeneratedClientOptionalParams } from \"./generated/models/index.js\";\nimport * as Mappers from \"./generated/models/mappers.js\";\n\nimport type { AttestationResponse } from \"./models/attestationResponse.js\";\nimport { createAttestationResponse } from \"./models/attestationResponse.js\";\n\nimport { TypeDeserializer } from \"./utils/typeDeserializer.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { isTokenCredential } from \"@azure/core-auth\";\nimport type { CommonClientOptions, OperationOptions } from \"@azure/core-client\";\nimport { bytesToString, stringToBytes } from \"./utils/utf8.js\";\nimport { _attestationResultFromGenerated } from \"./models/attestationResult.js\";\nimport { _attestationSignerFromGenerated } from \"./models/attestationSigner.js\";\nimport { AttestationTokenImpl } from \"./models/attestationToken.js\";\nimport { Uint8ArrayFromInput } from \"./utils/buffer.js\";\nimport { tracingClient } from \"./generated/tracing.js\";\n\n/**\n * Attestation Client Construction Options.\n */\nexport interface AttestationClientOptions extends CommonClientOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Operation options for the Attestation Client operations.\n */\nexport interface AttestationClientOperationOptions extends OperationOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service for the individual operation.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Optional parameters for the AttestOpenEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestOpenEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Optional parameters for the AttestSgxEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestSgxEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Operation options for the AttestTpm API.\n */\nexport interface AttestTpmOptions extends AttestationClientOperationOptions {}\n\n/**\n * Attestation Client class.\n *\n * The AttestationClient class enables access to the Attestation related APIs:\n *\n * - getOpenIdMetadata\n * - getAttestationSigners\n * - attestSgxEnclave\n * - attestOpenEnclave\n * - attestTpm\n */\nexport class AttestationClient {\n /**\n * Creates an instance of AttestationClient.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\"\n * );\n * ```\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param options - Options used to configure the Attestation Client.\n *\n */\n public constructor(endpoint: string, options?: AttestationClientOptions);\n\n /**\n * Creates an instance of AttestationClient with options and credentials.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\",\n * new TokenCredential(\"<>\"),\n * { tokenValidationOptions: { validateToken: false } }\n * );\n * ```\n *\n * Note that credentials are required to call the `attestTpm` API.\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param credentials - Credentials used to configure the attestation client.\n *\n */\n public constructor(\n endpoint: string,\n credentials: TokenCredential,\n options?: AttestationClientOptions,\n );\n public constructor(\n endpoint: string,\n credentialsOrOptions?: TokenCredential | AttestationClientOptions,\n clientOptions: AttestationClientOptions = {},\n ) {\n let credentialScopes: string[] | undefined = undefined;\n let credential: TokenCredential | undefined = undefined;\n let options: AttestationClientOptions;\n\n if (credentialsOrOptions && isTokenCredential(credentialsOrOptions)) {\n credential = credentialsOrOptions;\n credentialScopes = [\"https://attest.azure.net/.default\"];\n options = clientOptions;\n } else {\n options = credentialsOrOptions || {};\n }\n\n const internalPipelineOptions: GeneratedClientOptionalParams = {\n ...options,\n ...{\n credentialScopes: credentialScopes,\n credential: credential,\n loggingOptions: {\n logger: logger.info,\n allowedHeaderNames: [\"x-ms-request-id\", \"x-ms-maa-service-version\"],\n },\n },\n };\n\n this._client = new GeneratedClient(endpoint, internalPipelineOptions);\n this._validationOptions = options.validationOptions;\n }\n\n /** Attests an OpenEnclave report generated from an SGX Enclave using the OpenEnclave SDK.\n *\n * @param report - An OpenEnclave report generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n *\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n * @throws {@link Error} if the `initTimeJson` option is provided and the value of `initTimeJson` is not JSON.\n * @throws {@link Error} if the `runTimeJson` option is provided and the value of `runTimeJson` is not JSON.\n */\n public async attestOpenEnclave(\n report: Uint8Array | Buffer | Blob,\n options: AttestOpenEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestOpenEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestOpenEnclave(\n {\n report: await Uint8ArrayFromInput(report),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attests a quote generated from SGX Enclave using the Intel SDK.\n *\n * @param quote - An SGX quote generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n */\n public async attestSgxEnclave(\n quote: Uint8Array | Buffer | Blob,\n options: AttestSgxEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestSgxEnclave(\n {\n quote: await Uint8ArrayFromInput(quote),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attest a TPM based enclave.\n\n * See the {@link https://learn.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.\n * \n * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.\n * @param options - Pipeline options for TPM attestation request.\n * @returns A structure containing the response from the TPM attestation, Utf8 encoded.\n * \n * @remarks\n * \n * The incoming requests to the TPM attestation API are stringified JSON objects.\n * \n * @example\n * For example, the initial call for a TPM attestation operation is:\n * \n * ```js\n * const encodedPayload = JSON.stringify({ payload: { type: \"aikcert\" } });\n * const result = await client.attestTpm(encodedPayload);\n * ```\n * \n * where stringToBytes converts the string to UTF8.\n * \n * Note that the attestTpm requires an attestation client which is configured with\n * authentication credentials.\n * \n */\n public async attestTpm(request: string, options: AttestTpmOptions = {}): Promise<string> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n const response = await this._client.attestation.attestTpm(\n { data: stringToBytes(request) },\n updatedOptions,\n );\n if (response.data) {\n return bytesToString(response.data);\n } else {\n throw Error(\"Internal error - response data cannot be undefined.\");\n }\n },\n );\n }\n\n /**\n * Returns the list of attestation signers which can be used to sign attestation\n * service tokens.\n *\n * @param options - Client operation options.\n * @returns the set of AttestationSigners which may be used to sign attestation tokens.\n */\n public async getAttestationSigners(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<AttestationSigner[]> {\n return tracingClient.withSpan(\n \"AttestationClient-getAttestationSigners\",\n options,\n async (updatedOptions) => {\n const signingCertificates = await this._client.signingCertificates.get(updatedOptions);\n const signers: AttestationSigner[] = new Array();\n signingCertificates.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n return signers;\n },\n );\n }\n\n /**\n * Returns the OpenID Metadata discovery document for the attestation service instance.\n * @param options - Client operation options.\n * @returns The OpenID metadata discovery document for the attestation service.\n */\n public async getOpenIdMetadata(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<Record<string, unknown>> {\n return tracingClient.withSpan(\n \"AttestationClient-getOpenIdMetadata\",\n options,\n async (updatedOptions) => {\n const configs = await this._client.metadataConfiguration.get(updatedOptions);\n return configs;\n },\n );\n }\n\n private _client: GeneratedClient;\n private _validationOptions?: AttestationTokenValidationOptions;\n private _signers?: AttestationSigner[];\n\n private async _signingKeys(): Promise<AttestationSigner[]> {\n if (this._signers !== undefined) {\n return this._signers;\n }\n const jwks = await this._client.signingCertificates.get();\n const signers: AttestationSigner[] = new Array();\n jwks.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n this._signers = signers;\n return this._signers;\n }\n}\n"]}
package/dist/commonjs/attestationClient.d.ts CHANGED
@@ -162,7 +162,7 @@ export declare class AttestationClient {
162
162
  attestSgxEnclave(quote: Uint8Array | Buffer | Blob, options?: AttestSgxEnclaveOptions): Promise<AttestationResponse<AttestationResult>>;
163
163
  /** Attest a TPM based enclave.
164
164
 
165
- * See the {@link https://docs.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
165
+ * See the {@link https://learn.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
166
166
  *
167
167
  * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.
168
168
  * @param options - Pipeline options for TPM attestation request.
package/dist/commonjs/attestationClient.js CHANGED
@@ -157,7 +157,7 @@ class AttestationClient {
157
157
  }
158
158
  /** Attest a TPM based enclave.
159
159
 
160
- * See the {@link https://docs.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
160
+ * See the {@link https://learn.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
161
161
  *
162
162
  * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.
163
163
  * @param options - Pipeline options for TPM attestation request.
package/dist/commonjs/attestationClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationClient.js","sourceRoot":"","sources":["../../src/attestationClient.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;;AAElC,uEAAiE;AAajE,0DAA4D;AAE5D,2CAAqC;AAErC,+EAAyD;AAGzD,4EAA4E;AAE5E,qEAA+D;AAE/D,gDAAqD;AAErD,6CAA+D;AAC/D,wEAAgF;AAChF,wEAAgF;AAChF,sEAAoE;AACpE,iDAAwD;AACxD,uDAAuD;AAmGvD;;;;;;;;;;GAUG;AACH,MAAa,iBAAiB;IA4C5B,YACE,QAAgB,EAChB,oBAAiE,EACjE,gBAA0C,EAAE;QAE5C,IAAI,gBAAgB,GAAyB,SAAS,CAAC;QACvD,IAAI,UAAU,GAAgC,SAAS,CAAC;QACxD,IAAI,OAAiC,CAAC;QAEtC,IAAI,oBAAoB,IAAI,IAAA,6BAAiB,EAAC,oBAAoB,CAAC,EAAE,CAAC;YACpE,UAAU,GAAG,oBAAoB,CAAC;YAClC,gBAAgB,GAAG,CAAC,mCAAmC,CAAC,CAAC;YACzD,OAAO,GAAG,aAAa,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,oBAAoB,IAAI,EAAE,CAAC;QACvC,CAAC;QAED,MAAM,uBAAuB,mCACxB,OAAO,GACP;YACD,gBAAgB,EAAE,gBAAgB;YAClC,UAAU,EAAE,UAAU;YACtB,cAAc,EAAE;gBACd,MAAM,EAAE,kBAAM,CAAC,IAAI;gBACnB,kBAAkB,EAAE,CAAC,iBAAiB,EAAE,0BAA0B,CAAC;aACpE;SACF,CACF,CAAC;QAEF,IAAI,CAAC,OAAO,GAAG,IAAI,oCAAe,CAAC,QAAQ,EAAE,uBAAuB,CAAC,CAAC;QACtE,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IACtD,CAAC;IAED;;;;;;;;;;;OAWG;IACI,KAAK,CAAC,iBAAiB,CAC5B,MAAkC,EAClC,UAAoC,EAAE;QAEtC,OAAO,0BAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,IAAA,+BAAmB,EAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,wBAAa,CAAC,IAAI,CAAC,CAAC,CAAC,wBAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,IAAA,+BAAmB,EAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YAEtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,wBAAa,CAAC,IAAI,CAAC,CAAC,CAAC,wBAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,iBAAiB,CAC1E;gBACE,MAAM,EAAE,MAAM,IAAA,+BAAmB,EAAC,MAAM,CAAC;gBACzC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,0CAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,sCAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,IAAA,kDAAyB,EAC9B,KAAK,EACL,IAAA,sDAA+B,EAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,gBAAgB,CAC3B,KAAiC,EACjC,UAAmC,EAAE;QAErC,OAAO,0BAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,IAAA,+BAAmB,EAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,wBAAa,CAAC,IAAI,CAAC,CAAC,CAAC,wBAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,IAAA,+BAAmB,EAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YACtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,wBAAa,CAAC,IAAI,CAAC,CAAC,CAAC,wBAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,gBAAgB,CACzE;gBACE,KAAK,EAAE,MAAM,IAAA,+BAAmB,EAAC,KAAK,CAAC;gBACvC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,0CAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,sCAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,IAAA,kDAAyB,EAC9B,KAAK,EACL,IAAA,sDAA+B,EAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACI,KAAK,CAAC,SAAS,CAAC,OAAe,EAAE,UAA4B,EAAE;QACpE,OAAO,0BAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,SAAS,CACvD,EAAE,IAAI,EAAE,IAAA,uBAAa,EAAC,OAAO,CAAC,EAAE,EAChC,cAAc,CACf,CAAC;YACF,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAClB,OAAO,IAAA,uBAAa,EAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACtC,CAAC;iBAAM,CAAC;gBACN,MAAM,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACrE,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,qBAAqB;IAChC,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,0BAAa,CAAC,QAAQ,CAC3B,yCAAyC,EACzC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YACvF,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;YACjD,MAAA,mBAAmB,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC5C,OAAO,CAAC,IAAI,CAAC,IAAA,sDAA+B,EAAC,OAAO,CAAC,CAAC,CAAC;YACzD,CAAC,CAAC,CAAC;YACH,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,iBAAiB;IAC5B,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,0BAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC7E,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAMO,KAAK,CAAC,YAAY;;QACxB,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,EAAE,CAAC;QAC1D,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;QACjD,MAAA,IAAI,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,OAAO,CAAC,IAAI,CAAC,IAAA,sDAA+B,EAAC,OAAO,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;CACF;AAzVD,8CAyVC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { GeneratedClient } from \"./generated/generatedClient.js\";\n\nimport type {\n AttestationResult,\n AttestationSigner,\n AttestationTokenValidationOptions,\n} from \"./models/index.js\";\n\nimport type {\n GeneratedAttestationResult,\n InitTimeData,\n RuntimeData,\n} from \"./generated/models/index.js\";\nimport { KnownDataType } from \"./generated/models/index.js\";\n\nimport { logger } from \"./logger.js\";\nimport type { GeneratedClientOptionalParams } from \"./generated/models/index.js\";\nimport * as Mappers from \"./generated/models/mappers.js\";\n\nimport type { AttestationResponse } from \"./models/attestationResponse.js\";\nimport { createAttestationResponse } from \"./models/attestationResponse.js\";\n\nimport { TypeDeserializer } from \"./utils/typeDeserializer.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { isTokenCredential } from \"@azure/core-auth\";\nimport type { CommonClientOptions, OperationOptions } from \"@azure/core-client\";\nimport { bytesToString, stringToBytes } from \"./utils/utf8.js\";\nimport { _attestationResultFromGenerated } from \"./models/attestationResult.js\";\nimport { _attestationSignerFromGenerated } from \"./models/attestationSigner.js\";\nimport { AttestationTokenImpl } from \"./models/attestationToken.js\";\nimport { Uint8ArrayFromInput } from \"./utils/buffer.js\";\nimport { tracingClient } from \"./generated/tracing.js\";\n\n/**\n * Attestation Client Construction Options.\n */\nexport interface AttestationClientOptions extends CommonClientOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Operation options for the Attestation Client operations.\n */\nexport interface AttestationClientOperationOptions extends OperationOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service for the individual operation.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Optional parameters for the AttestOpenEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestOpenEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Optional parameters for the AttestSgxEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestSgxEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Operation options for the AttestTpm API.\n */\nexport interface AttestTpmOptions extends AttestationClientOperationOptions {}\n\n/**\n * Attestation Client class.\n *\n * The AttestationClient class enables access to the Attestation related APIs:\n *\n * - getOpenIdMetadata\n * - getAttestationSigners\n * - attestSgxEnclave\n * - attestOpenEnclave\n * - attestTpm\n */\nexport class AttestationClient {\n /**\n * Creates an instance of AttestationClient.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\"\n * );\n * ```\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param options - Options used to configure the Attestation Client.\n *\n */\n public constructor(endpoint: string, options?: AttestationClientOptions);\n\n /**\n * Creates an instance of AttestationClient with options and credentials.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\",\n * new TokenCredential(\"<>\"),\n * { tokenValidationOptions: { validateToken: false } }\n * );\n * ```\n *\n * Note that credentials are required to call the `attestTpm` API.\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param credentials - Credentials used to configure the attestation client.\n *\n */\n public constructor(\n endpoint: string,\n credentials: TokenCredential,\n options?: AttestationClientOptions,\n );\n public constructor(\n endpoint: string,\n credentialsOrOptions?: TokenCredential | AttestationClientOptions,\n clientOptions: AttestationClientOptions = {},\n ) {\n let credentialScopes: string[] | undefined = undefined;\n let credential: TokenCredential | undefined = undefined;\n let options: AttestationClientOptions;\n\n if (credentialsOrOptions && isTokenCredential(credentialsOrOptions)) {\n credential = credentialsOrOptions;\n credentialScopes = [\"https://attest.azure.net/.default\"];\n options = clientOptions;\n } else {\n options = credentialsOrOptions || {};\n }\n\n const internalPipelineOptions: GeneratedClientOptionalParams = {\n ...options,\n ...{\n credentialScopes: credentialScopes,\n credential: credential,\n loggingOptions: {\n logger: logger.info,\n allowedHeaderNames: [\"x-ms-request-id\", \"x-ms-maa-service-version\"],\n },\n },\n };\n\n this._client = new GeneratedClient(endpoint, internalPipelineOptions);\n this._validationOptions = options.validationOptions;\n }\n\n /** Attests an OpenEnclave report generated from an SGX Enclave using the OpenEnclave SDK.\n *\n * @param report - An OpenEnclave report generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n *\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n * @throws {@link Error} if the `initTimeJson` option is provided and the value of `initTimeJson` is not JSON.\n * @throws {@link Error} if the `runTimeJson` option is provided and the value of `runTimeJson` is not JSON.\n */\n public async attestOpenEnclave(\n report: Uint8Array | Buffer | Blob,\n options: AttestOpenEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestOpenEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestOpenEnclave(\n {\n report: await Uint8ArrayFromInput(report),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attests a quote generated from SGX Enclave using the Intel SDK.\n *\n * @param quote - An SGX quote generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n */\n public async attestSgxEnclave(\n quote: Uint8Array | Buffer | Blob,\n options: AttestSgxEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestSgxEnclave(\n {\n quote: await Uint8ArrayFromInput(quote),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attest a TPM based enclave.\n\n * See the {@link https://docs.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.\n * \n * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.\n * @param options - Pipeline options for TPM attestation request.\n * @returns A structure containing the response from the TPM attestation, Utf8 encoded.\n * \n * @remarks\n * \n * The incoming requests to the TPM attestation API are stringified JSON objects.\n * \n * @example\n * For example, the initial call for a TPM attestation operation is:\n * \n * ```js\n * const encodedPayload = JSON.stringify({ payload: { type: \"aikcert\" } });\n * const result = await client.attestTpm(encodedPayload);\n * ```\n * \n * where stringToBytes converts the string to UTF8.\n * \n * Note that the attestTpm requires an attestation client which is configured with\n * authentication credentials.\n * \n */\n public async attestTpm(request: string, options: AttestTpmOptions = {}): Promise<string> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n const response = await this._client.attestation.attestTpm(\n { data: stringToBytes(request) },\n updatedOptions,\n );\n if (response.data) {\n return bytesToString(response.data);\n } else {\n throw Error(\"Internal error - response data cannot be undefined.\");\n }\n },\n );\n }\n\n /**\n * Returns the list of attestation signers which can be used to sign attestation\n * service tokens.\n *\n * @param options - Client operation options.\n * @returns the set of AttestationSigners which may be used to sign attestation tokens.\n */\n public async getAttestationSigners(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<AttestationSigner[]> {\n return tracingClient.withSpan(\n \"AttestationClient-getAttestationSigners\",\n options,\n async (updatedOptions) => {\n const signingCertificates = await this._client.signingCertificates.get(updatedOptions);\n const signers: AttestationSigner[] = new Array();\n signingCertificates.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n return signers;\n },\n );\n }\n\n /**\n * Returns the OpenID Metadata discovery document for the attestation service instance.\n * @param options - Client operation options.\n * @returns The OpenID metadata discovery document for the attestation service.\n */\n public async getOpenIdMetadata(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<Record<string, unknown>> {\n return tracingClient.withSpan(\n \"AttestationClient-getOpenIdMetadata\",\n options,\n async (updatedOptions) => {\n const configs = await this._client.metadataConfiguration.get(updatedOptions);\n return configs;\n },\n );\n }\n\n private _client: GeneratedClient;\n private _validationOptions?: AttestationTokenValidationOptions;\n private _signers?: AttestationSigner[];\n\n private async _signingKeys(): Promise<AttestationSigner[]> {\n if (this._signers !== undefined) {\n return this._signers;\n }\n const jwks = await this._client.signingCertificates.get();\n const signers: AttestationSigner[] = new Array();\n jwks.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n this._signers = signers;\n return this._signers;\n }\n}\n"]}
1
+ {"version":3,"file":"attestationClient.js","sourceRoot":"","sources":["../../src/attestationClient.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;;AAElC,uEAAiE;AAajE,0DAA4D;AAE5D,2CAAqC;AAErC,+EAAyD;AAGzD,4EAA4E;AAE5E,qEAA+D;AAE/D,gDAAqD;AAErD,6CAA+D;AAC/D,wEAAgF;AAChF,wEAAgF;AAChF,sEAAoE;AACpE,iDAAwD;AACxD,uDAAuD;AAmGvD;;;;;;;;;;GAUG;AACH,MAAa,iBAAiB;IA4C5B,YACE,QAAgB,EAChB,oBAAiE,EACjE,gBAA0C,EAAE;QAE5C,IAAI,gBAAgB,GAAyB,SAAS,CAAC;QACvD,IAAI,UAAU,GAAgC,SAAS,CAAC;QACxD,IAAI,OAAiC,CAAC;QAEtC,IAAI,oBAAoB,IAAI,IAAA,6BAAiB,EAAC,oBAAoB,CAAC,EAAE,CAAC;YACpE,UAAU,GAAG,oBAAoB,CAAC;YAClC,gBAAgB,GAAG,CAAC,mCAAmC,CAAC,CAAC;YACzD,OAAO,GAAG,aAAa,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,oBAAoB,IAAI,EAAE,CAAC;QACvC,CAAC;QAED,MAAM,uBAAuB,mCACxB,OAAO,GACP;YACD,gBAAgB,EAAE,gBAAgB;YAClC,UAAU,EAAE,UAAU;YACtB,cAAc,EAAE;gBACd,MAAM,EAAE,kBAAM,CAAC,IAAI;gBACnB,kBAAkB,EAAE,CAAC,iBAAiB,EAAE,0BAA0B,CAAC;aACpE;SACF,CACF,CAAC;QAEF,IAAI,CAAC,OAAO,GAAG,IAAI,oCAAe,CAAC,QAAQ,EAAE,uBAAuB,CAAC,CAAC;QACtE,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IACtD,CAAC;IAED;;;;;;;;;;;OAWG;IACI,KAAK,CAAC,iBAAiB,CAC5B,MAAkC,EAClC,UAAoC,EAAE;QAEtC,OAAO,0BAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,IAAA,+BAAmB,EAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,wBAAa,CAAC,IAAI,CAAC,CAAC,CAAC,wBAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,IAAA,+BAAmB,EAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YAEtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,wBAAa,CAAC,IAAI,CAAC,CAAC,CAAC,wBAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,iBAAiB,CAC1E;gBACE,MAAM,EAAE,MAAM,IAAA,+BAAmB,EAAC,MAAM,CAAC;gBACzC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,0CAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,sCAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,IAAA,kDAAyB,EAC9B,KAAK,EACL,IAAA,sDAA+B,EAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,gBAAgB,CAC3B,KAAiC,EACjC,UAAmC,EAAE;QAErC,OAAO,0BAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,IAAA,+BAAmB,EAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,wBAAa,CAAC,IAAI,CAAC,CAAC,CAAC,wBAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,IAAA,+BAAmB,EAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YACtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,wBAAa,CAAC,IAAI,CAAC,CAAC,CAAC,wBAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,gBAAgB,CACzE;gBACE,KAAK,EAAE,MAAM,IAAA,+BAAmB,EAAC,KAAK,CAAC;gBACvC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,0CAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,sCAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,IAAA,kDAAyB,EAC9B,KAAK,EACL,IAAA,sDAA+B,EAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACI,KAAK,CAAC,SAAS,CAAC,OAAe,EAAE,UAA4B,EAAE;QACpE,OAAO,0BAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,SAAS,CACvD,EAAE,IAAI,EAAE,IAAA,uBAAa,EAAC,OAAO,CAAC,EAAE,EAChC,cAAc,CACf,CAAC;YACF,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAClB,OAAO,IAAA,uBAAa,EAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACtC,CAAC;iBAAM,CAAC;gBACN,MAAM,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACrE,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,qBAAqB;IAChC,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,0BAAa,CAAC,QAAQ,CAC3B,yCAAyC,EACzC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YACvF,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;YACjD,MAAA,mBAAmB,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC5C,OAAO,CAAC,IAAI,CAAC,IAAA,sDAA+B,EAAC,OAAO,CAAC,CAAC,CAAC;YACzD,CAAC,CAAC,CAAC;YACH,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,iBAAiB;IAC5B,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,0BAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC7E,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAMO,KAAK,CAAC,YAAY;;QACxB,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,EAAE,CAAC;QAC1D,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;QACjD,MAAA,IAAI,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,OAAO,CAAC,IAAI,CAAC,IAAA,sDAA+B,EAAC,OAAO,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;CACF;AAzVD,8CAyVC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { GeneratedClient } from \"./generated/generatedClient.js\";\n\nimport type {\n AttestationResult,\n AttestationSigner,\n AttestationTokenValidationOptions,\n} from \"./models/index.js\";\n\nimport type {\n GeneratedAttestationResult,\n InitTimeData,\n RuntimeData,\n} from \"./generated/models/index.js\";\nimport { KnownDataType } from \"./generated/models/index.js\";\n\nimport { logger } from \"./logger.js\";\nimport type { GeneratedClientOptionalParams } from \"./generated/models/index.js\";\nimport * as Mappers from \"./generated/models/mappers.js\";\n\nimport type { AttestationResponse } from \"./models/attestationResponse.js\";\nimport { createAttestationResponse } from \"./models/attestationResponse.js\";\n\nimport { TypeDeserializer } from \"./utils/typeDeserializer.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { isTokenCredential } from \"@azure/core-auth\";\nimport type { CommonClientOptions, OperationOptions } from \"@azure/core-client\";\nimport { bytesToString, stringToBytes } from \"./utils/utf8.js\";\nimport { _attestationResultFromGenerated } from \"./models/attestationResult.js\";\nimport { _attestationSignerFromGenerated } from \"./models/attestationSigner.js\";\nimport { AttestationTokenImpl } from \"./models/attestationToken.js\";\nimport { Uint8ArrayFromInput } from \"./utils/buffer.js\";\nimport { tracingClient } from \"./generated/tracing.js\";\n\n/**\n * Attestation Client Construction Options.\n */\nexport interface AttestationClientOptions extends CommonClientOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Operation options for the Attestation Client operations.\n */\nexport interface AttestationClientOperationOptions extends OperationOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service for the individual operation.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Optional parameters for the AttestOpenEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestOpenEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Optional parameters for the AttestSgxEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestSgxEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Operation options for the AttestTpm API.\n */\nexport interface AttestTpmOptions extends AttestationClientOperationOptions {}\n\n/**\n * Attestation Client class.\n *\n * The AttestationClient class enables access to the Attestation related APIs:\n *\n * - getOpenIdMetadata\n * - getAttestationSigners\n * - attestSgxEnclave\n * - attestOpenEnclave\n * - attestTpm\n */\nexport class AttestationClient {\n /**\n * Creates an instance of AttestationClient.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\"\n * );\n * ```\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param options - Options used to configure the Attestation Client.\n *\n */\n public constructor(endpoint: string, options?: AttestationClientOptions);\n\n /**\n * Creates an instance of AttestationClient with options and credentials.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\",\n * new TokenCredential(\"<>\"),\n * { tokenValidationOptions: { validateToken: false } }\n * );\n * ```\n *\n * Note that credentials are required to call the `attestTpm` API.\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param credentials - Credentials used to configure the attestation client.\n *\n */\n public constructor(\n endpoint: string,\n credentials: TokenCredential,\n options?: AttestationClientOptions,\n );\n public constructor(\n endpoint: string,\n credentialsOrOptions?: TokenCredential | AttestationClientOptions,\n clientOptions: AttestationClientOptions = {},\n ) {\n let credentialScopes: string[] | undefined = undefined;\n let credential: TokenCredential | undefined = undefined;\n let options: AttestationClientOptions;\n\n if (credentialsOrOptions && isTokenCredential(credentialsOrOptions)) {\n credential = credentialsOrOptions;\n credentialScopes = [\"https://attest.azure.net/.default\"];\n options = clientOptions;\n } else {\n options = credentialsOrOptions || {};\n }\n\n const internalPipelineOptions: GeneratedClientOptionalParams = {\n ...options,\n ...{\n credentialScopes: credentialScopes,\n credential: credential,\n loggingOptions: {\n logger: logger.info,\n allowedHeaderNames: [\"x-ms-request-id\", \"x-ms-maa-service-version\"],\n },\n },\n };\n\n this._client = new GeneratedClient(endpoint, internalPipelineOptions);\n this._validationOptions = options.validationOptions;\n }\n\n /** Attests an OpenEnclave report generated from an SGX Enclave using the OpenEnclave SDK.\n *\n * @param report - An OpenEnclave report generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n *\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n * @throws {@link Error} if the `initTimeJson` option is provided and the value of `initTimeJson` is not JSON.\n * @throws {@link Error} if the `runTimeJson` option is provided and the value of `runTimeJson` is not JSON.\n */\n public async attestOpenEnclave(\n report: Uint8Array | Buffer | Blob,\n options: AttestOpenEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestOpenEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestOpenEnclave(\n {\n report: await Uint8ArrayFromInput(report),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attests a quote generated from SGX Enclave using the Intel SDK.\n *\n * @param quote - An SGX quote generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n */\n public async attestSgxEnclave(\n quote: Uint8Array | Buffer | Blob,\n options: AttestSgxEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestSgxEnclave(\n {\n quote: await Uint8ArrayFromInput(quote),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attest a TPM based enclave.\n\n * See the {@link https://learn.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.\n * \n * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.\n * @param options - Pipeline options for TPM attestation request.\n * @returns A structure containing the response from the TPM attestation, Utf8 encoded.\n * \n * @remarks\n * \n * The incoming requests to the TPM attestation API are stringified JSON objects.\n * \n * @example\n * For example, the initial call for a TPM attestation operation is:\n * \n * ```js\n * const encodedPayload = JSON.stringify({ payload: { type: \"aikcert\" } });\n * const result = await client.attestTpm(encodedPayload);\n * ```\n * \n * where stringToBytes converts the string to UTF8.\n * \n * Note that the attestTpm requires an attestation client which is configured with\n * authentication credentials.\n * \n */\n public async attestTpm(request: string, options: AttestTpmOptions = {}): Promise<string> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n const response = await this._client.attestation.attestTpm(\n { data: stringToBytes(request) },\n updatedOptions,\n );\n if (response.data) {\n return bytesToString(response.data);\n } else {\n throw Error(\"Internal error - response data cannot be undefined.\");\n }\n },\n );\n }\n\n /**\n * Returns the list of attestation signers which can be used to sign attestation\n * service tokens.\n *\n * @param options - Client operation options.\n * @returns the set of AttestationSigners which may be used to sign attestation tokens.\n */\n public async getAttestationSigners(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<AttestationSigner[]> {\n return tracingClient.withSpan(\n \"AttestationClient-getAttestationSigners\",\n options,\n async (updatedOptions) => {\n const signingCertificates = await this._client.signingCertificates.get(updatedOptions);\n const signers: AttestationSigner[] = new Array();\n signingCertificates.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n return signers;\n },\n );\n }\n\n /**\n * Returns the OpenID Metadata discovery document for the attestation service instance.\n * @param options - Client operation options.\n * @returns The OpenID metadata discovery document for the attestation service.\n */\n public async getOpenIdMetadata(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<Record<string, unknown>> {\n return tracingClient.withSpan(\n \"AttestationClient-getOpenIdMetadata\",\n options,\n async (updatedOptions) => {\n const configs = await this._client.metadataConfiguration.get(updatedOptions);\n return configs;\n },\n );\n }\n\n private _client: GeneratedClient;\n private _validationOptions?: AttestationTokenValidationOptions;\n private _signers?: AttestationSigner[];\n\n private async _signingKeys(): Promise<AttestationSigner[]> {\n if (this._signers !== undefined) {\n return this._signers;\n }\n const jwks = await this._client.signingCertificates.get();\n const signers: AttestationSigner[] = new Array();\n jwks.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n this._signers = signers;\n return this._signers;\n }\n}\n"]}
package/dist/esm/attestationClient.d.ts CHANGED
@@ -162,7 +162,7 @@ export declare class AttestationClient {
162
162
  attestSgxEnclave(quote: Uint8Array | Buffer | Blob, options?: AttestSgxEnclaveOptions): Promise<AttestationResponse<AttestationResult>>;
163
163
  /** Attest a TPM based enclave.
164
164
 
165
- * See the {@link https://docs.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
165
+ * See the {@link https://learn.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
166
166
  *
167
167
  * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.
168
168
  * @param options - Pipeline options for TPM attestation request.
package/dist/esm/attestationClient.js CHANGED
@@ -153,7 +153,7 @@ export class AttestationClient {
153
153
  }
154
154
  /** Attest a TPM based enclave.
155
155
 
156
- * See the {@link https://docs.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
156
+ * See the {@link https://learn.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
157
157
  *
158
158
  * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.
159
159
  * @param options - Pipeline options for TPM attestation request.
package/dist/esm/attestationClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationClient.js","sourceRoot":"","sources":["../../src/attestationClient.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AAajE,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAE5D,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC,OAAO,KAAK,OAAO,MAAM,+BAA+B,CAAC;AAGzD,OAAO,EAAE,yBAAyB,EAAE,MAAM,iCAAiC,CAAC;AAE5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAE/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAErD,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAmGvD;;;;;;;;;;GAUG;AACH,MAAM,OAAO,iBAAiB;IA4C5B,YACE,QAAgB,EAChB,oBAAiE,EACjE,gBAA0C,EAAE;QAE5C,IAAI,gBAAgB,GAAyB,SAAS,CAAC;QACvD,IAAI,UAAU,GAAgC,SAAS,CAAC;QACxD,IAAI,OAAiC,CAAC;QAEtC,IAAI,oBAAoB,IAAI,iBAAiB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACpE,UAAU,GAAG,oBAAoB,CAAC;YAClC,gBAAgB,GAAG,CAAC,mCAAmC,CAAC,CAAC;YACzD,OAAO,GAAG,aAAa,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,oBAAoB,IAAI,EAAE,CAAC;QACvC,CAAC;QAED,MAAM,uBAAuB,mCACxB,OAAO,GACP;YACD,gBAAgB,EAAE,gBAAgB;YAClC,UAAU,EAAE,UAAU;YACtB,cAAc,EAAE;gBACd,MAAM,EAAE,MAAM,CAAC,IAAI;gBACnB,kBAAkB,EAAE,CAAC,iBAAiB,EAAE,0BAA0B,CAAC;aACpE;SACF,CACF,CAAC;QAEF,IAAI,CAAC,OAAO,GAAG,IAAI,eAAe,CAAC,QAAQ,EAAE,uBAAuB,CAAC,CAAC;QACtE,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IACtD,CAAC;IAED;;;;;;;;;;;OAWG;IACI,KAAK,CAAC,iBAAiB,CAC5B,MAAkC,EAClC,UAAoC,EAAE;QAEtC,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YAEtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,iBAAiB,CAC1E;gBACE,MAAM,EAAE,MAAM,mBAAmB,CAAC,MAAM,CAAC;gBACzC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,yBAAyB,CAC9B,KAAK,EACL,+BAA+B,CAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,gBAAgB,CAC3B,KAAiC,EACjC,UAAmC,EAAE;QAErC,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YACtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,gBAAgB,CACzE;gBACE,KAAK,EAAE,MAAM,mBAAmB,CAAC,KAAK,CAAC;gBACvC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,yBAAyB,CAC9B,KAAK,EACL,+BAA+B,CAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACI,KAAK,CAAC,SAAS,CAAC,OAAe,EAAE,UAA4B,EAAE;QACpE,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,SAAS,CACvD,EAAE,IAAI,EAAE,aAAa,CAAC,OAAO,CAAC,EAAE,EAChC,cAAc,CACf,CAAC;YACF,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAClB,OAAO,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACtC,CAAC;iBAAM,CAAC;gBACN,MAAM,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACrE,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,qBAAqB;IAChC,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,aAAa,CAAC,QAAQ,CAC3B,yCAAyC,EACzC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YACvF,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;YACjD,MAAA,mBAAmB,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC5C,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;YACzD,CAAC,CAAC,CAAC;YACH,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,iBAAiB;IAC5B,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC7E,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAMO,KAAK,CAAC,YAAY;;QACxB,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,EAAE,CAAC;QAC1D,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;QACjD,MAAA,IAAI,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { GeneratedClient } from \"./generated/generatedClient.js\";\n\nimport type {\n AttestationResult,\n AttestationSigner,\n AttestationTokenValidationOptions,\n} from \"./models/index.js\";\n\nimport type {\n GeneratedAttestationResult,\n InitTimeData,\n RuntimeData,\n} from \"./generated/models/index.js\";\nimport { KnownDataType } from \"./generated/models/index.js\";\n\nimport { logger } from \"./logger.js\";\nimport type { GeneratedClientOptionalParams } from \"./generated/models/index.js\";\nimport * as Mappers from \"./generated/models/mappers.js\";\n\nimport type { AttestationResponse } from \"./models/attestationResponse.js\";\nimport { createAttestationResponse } from \"./models/attestationResponse.js\";\n\nimport { TypeDeserializer } from \"./utils/typeDeserializer.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { isTokenCredential } from \"@azure/core-auth\";\nimport type { CommonClientOptions, OperationOptions } from \"@azure/core-client\";\nimport { bytesToString, stringToBytes } from \"./utils/utf8.js\";\nimport { _attestationResultFromGenerated } from \"./models/attestationResult.js\";\nimport { _attestationSignerFromGenerated } from \"./models/attestationSigner.js\";\nimport { AttestationTokenImpl } from \"./models/attestationToken.js\";\nimport { Uint8ArrayFromInput } from \"./utils/buffer.js\";\nimport { tracingClient } from \"./generated/tracing.js\";\n\n/**\n * Attestation Client Construction Options.\n */\nexport interface AttestationClientOptions extends CommonClientOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Operation options for the Attestation Client operations.\n */\nexport interface AttestationClientOperationOptions extends OperationOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service for the individual operation.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Optional parameters for the AttestOpenEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestOpenEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Optional parameters for the AttestSgxEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestSgxEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Operation options for the AttestTpm API.\n */\nexport interface AttestTpmOptions extends AttestationClientOperationOptions {}\n\n/**\n * Attestation Client class.\n *\n * The AttestationClient class enables access to the Attestation related APIs:\n *\n * - getOpenIdMetadata\n * - getAttestationSigners\n * - attestSgxEnclave\n * - attestOpenEnclave\n * - attestTpm\n */\nexport class AttestationClient {\n /**\n * Creates an instance of AttestationClient.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\"\n * );\n * ```\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param options - Options used to configure the Attestation Client.\n *\n */\n public constructor(endpoint: string, options?: AttestationClientOptions);\n\n /**\n * Creates an instance of AttestationClient with options and credentials.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\",\n * new TokenCredential(\"<>\"),\n * { tokenValidationOptions: { validateToken: false } }\n * );\n * ```\n *\n * Note that credentials are required to call the `attestTpm` API.\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param credentials - Credentials used to configure the attestation client.\n *\n */\n public constructor(\n endpoint: string,\n credentials: TokenCredential,\n options?: AttestationClientOptions,\n );\n public constructor(\n endpoint: string,\n credentialsOrOptions?: TokenCredential | AttestationClientOptions,\n clientOptions: AttestationClientOptions = {},\n ) {\n let credentialScopes: string[] | undefined = undefined;\n let credential: TokenCredential | undefined = undefined;\n let options: AttestationClientOptions;\n\n if (credentialsOrOptions && isTokenCredential(credentialsOrOptions)) {\n credential = credentialsOrOptions;\n credentialScopes = [\"https://attest.azure.net/.default\"];\n options = clientOptions;\n } else {\n options = credentialsOrOptions || {};\n }\n\n const internalPipelineOptions: GeneratedClientOptionalParams = {\n ...options,\n ...{\n credentialScopes: credentialScopes,\n credential: credential,\n loggingOptions: {\n logger: logger.info,\n allowedHeaderNames: [\"x-ms-request-id\", \"x-ms-maa-service-version\"],\n },\n },\n };\n\n this._client = new GeneratedClient(endpoint, internalPipelineOptions);\n this._validationOptions = options.validationOptions;\n }\n\n /** Attests an OpenEnclave report generated from an SGX Enclave using the OpenEnclave SDK.\n *\n * @param report - An OpenEnclave report generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n *\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n * @throws {@link Error} if the `initTimeJson` option is provided and the value of `initTimeJson` is not JSON.\n * @throws {@link Error} if the `runTimeJson` option is provided and the value of `runTimeJson` is not JSON.\n */\n public async attestOpenEnclave(\n report: Uint8Array | Buffer | Blob,\n options: AttestOpenEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestOpenEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestOpenEnclave(\n {\n report: await Uint8ArrayFromInput(report),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attests a quote generated from SGX Enclave using the Intel SDK.\n *\n * @param quote - An SGX quote generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n */\n public async attestSgxEnclave(\n quote: Uint8Array | Buffer | Blob,\n options: AttestSgxEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestSgxEnclave(\n {\n quote: await Uint8ArrayFromInput(quote),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attest a TPM based enclave.\n\n * See the {@link https://docs.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.\n * \n * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.\n * @param options - Pipeline options for TPM attestation request.\n * @returns A structure containing the response from the TPM attestation, Utf8 encoded.\n * \n * @remarks\n * \n * The incoming requests to the TPM attestation API are stringified JSON objects.\n * \n * @example\n * For example, the initial call for a TPM attestation operation is:\n * \n * ```js\n * const encodedPayload = JSON.stringify({ payload: { type: \"aikcert\" } });\n * const result = await client.attestTpm(encodedPayload);\n * ```\n * \n * where stringToBytes converts the string to UTF8.\n * \n * Note that the attestTpm requires an attestation client which is configured with\n * authentication credentials.\n * \n */\n public async attestTpm(request: string, options: AttestTpmOptions = {}): Promise<string> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n const response = await this._client.attestation.attestTpm(\n { data: stringToBytes(request) },\n updatedOptions,\n );\n if (response.data) {\n return bytesToString(response.data);\n } else {\n throw Error(\"Internal error - response data cannot be undefined.\");\n }\n },\n );\n }\n\n /**\n * Returns the list of attestation signers which can be used to sign attestation\n * service tokens.\n *\n * @param options - Client operation options.\n * @returns the set of AttestationSigners which may be used to sign attestation tokens.\n */\n public async getAttestationSigners(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<AttestationSigner[]> {\n return tracingClient.withSpan(\n \"AttestationClient-getAttestationSigners\",\n options,\n async (updatedOptions) => {\n const signingCertificates = await this._client.signingCertificates.get(updatedOptions);\n const signers: AttestationSigner[] = new Array();\n signingCertificates.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n return signers;\n },\n );\n }\n\n /**\n * Returns the OpenID Metadata discovery document for the attestation service instance.\n * @param options - Client operation options.\n * @returns The OpenID metadata discovery document for the attestation service.\n */\n public async getOpenIdMetadata(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<Record<string, unknown>> {\n return tracingClient.withSpan(\n \"AttestationClient-getOpenIdMetadata\",\n options,\n async (updatedOptions) => {\n const configs = await this._client.metadataConfiguration.get(updatedOptions);\n return configs;\n },\n );\n }\n\n private _client: GeneratedClient;\n private _validationOptions?: AttestationTokenValidationOptions;\n private _signers?: AttestationSigner[];\n\n private async _signingKeys(): Promise<AttestationSigner[]> {\n if (this._signers !== undefined) {\n return this._signers;\n }\n const jwks = await this._client.signingCertificates.get();\n const signers: AttestationSigner[] = new Array();\n jwks.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n this._signers = signers;\n return this._signers;\n }\n}\n"]}
1
+ {"version":3,"file":"attestationClient.js","sourceRoot":"","sources":["../../src/attestationClient.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AAajE,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAE5D,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC,OAAO,KAAK,OAAO,MAAM,+BAA+B,CAAC;AAGzD,OAAO,EAAE,yBAAyB,EAAE,MAAM,iCAAiC,CAAC;AAE5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAE/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAErD,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAmGvD;;;;;;;;;;GAUG;AACH,MAAM,OAAO,iBAAiB;IA4C5B,YACE,QAAgB,EAChB,oBAAiE,EACjE,gBAA0C,EAAE;QAE5C,IAAI,gBAAgB,GAAyB,SAAS,CAAC;QACvD,IAAI,UAAU,GAAgC,SAAS,CAAC;QACxD,IAAI,OAAiC,CAAC;QAEtC,IAAI,oBAAoB,IAAI,iBAAiB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACpE,UAAU,GAAG,oBAAoB,CAAC;YAClC,gBAAgB,GAAG,CAAC,mCAAmC,CAAC,CAAC;YACzD,OAAO,GAAG,aAAa,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,oBAAoB,IAAI,EAAE,CAAC;QACvC,CAAC;QAED,MAAM,uBAAuB,mCACxB,OAAO,GACP;YACD,gBAAgB,EAAE,gBAAgB;YAClC,UAAU,EAAE,UAAU;YACtB,cAAc,EAAE;gBACd,MAAM,EAAE,MAAM,CAAC,IAAI;gBACnB,kBAAkB,EAAE,CAAC,iBAAiB,EAAE,0BAA0B,CAAC;aACpE;SACF,CACF,CAAC;QAEF,IAAI,CAAC,OAAO,GAAG,IAAI,eAAe,CAAC,QAAQ,EAAE,uBAAuB,CAAC,CAAC;QACtE,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IACtD,CAAC;IAED;;;;;;;;;;;OAWG;IACI,KAAK,CAAC,iBAAiB,CAC5B,MAAkC,EAClC,UAAoC,EAAE;QAEtC,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YAEtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,iBAAiB,CAC1E;gBACE,MAAM,EAAE,MAAM,mBAAmB,CAAC,MAAM,CAAC;gBACzC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,yBAAyB,CAC9B,KAAK,EACL,+BAA+B,CAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,gBAAgB,CAC3B,KAAiC,EACjC,UAAmC,EAAE;QAErC,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YACtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,gBAAgB,CACzE;gBACE,KAAK,EAAE,MAAM,mBAAmB,CAAC,KAAK,CAAC;gBACvC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,yBAAyB,CAC9B,KAAK,EACL,+BAA+B,CAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACI,KAAK,CAAC,SAAS,CAAC,OAAe,EAAE,UAA4B,EAAE;QACpE,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,SAAS,CACvD,EAAE,IAAI,EAAE,aAAa,CAAC,OAAO,CAAC,EAAE,EAChC,cAAc,CACf,CAAC;YACF,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAClB,OAAO,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACtC,CAAC;iBAAM,CAAC;gBACN,MAAM,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACrE,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,qBAAqB;IAChC,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,aAAa,CAAC,QAAQ,CAC3B,yCAAyC,EACzC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YACvF,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;YACjD,MAAA,mBAAmB,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC5C,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;YACzD,CAAC,CAAC,CAAC;YACH,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,iBAAiB;IAC5B,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC7E,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAMO,KAAK,CAAC,YAAY;;QACxB,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,EAAE,CAAC;QAC1D,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;QACjD,MAAA,IAAI,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { GeneratedClient } from \"./generated/generatedClient.js\";\n\nimport type {\n AttestationResult,\n AttestationSigner,\n AttestationTokenValidationOptions,\n} from \"./models/index.js\";\n\nimport type {\n GeneratedAttestationResult,\n InitTimeData,\n RuntimeData,\n} from \"./generated/models/index.js\";\nimport { KnownDataType } from \"./generated/models/index.js\";\n\nimport { logger } from \"./logger.js\";\nimport type { GeneratedClientOptionalParams } from \"./generated/models/index.js\";\nimport * as Mappers from \"./generated/models/mappers.js\";\n\nimport type { AttestationResponse } from \"./models/attestationResponse.js\";\nimport { createAttestationResponse } from \"./models/attestationResponse.js\";\n\nimport { TypeDeserializer } from \"./utils/typeDeserializer.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { isTokenCredential } from \"@azure/core-auth\";\nimport type { CommonClientOptions, OperationOptions } from \"@azure/core-client\";\nimport { bytesToString, stringToBytes } from \"./utils/utf8.js\";\nimport { _attestationResultFromGenerated } from \"./models/attestationResult.js\";\nimport { _attestationSignerFromGenerated } from \"./models/attestationSigner.js\";\nimport { AttestationTokenImpl } from \"./models/attestationToken.js\";\nimport { Uint8ArrayFromInput } from \"./utils/buffer.js\";\nimport { tracingClient } from \"./generated/tracing.js\";\n\n/**\n * Attestation Client Construction Options.\n */\nexport interface AttestationClientOptions extends CommonClientOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Operation options for the Attestation Client operations.\n */\nexport interface AttestationClientOperationOptions extends OperationOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service for the individual operation.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Optional parameters for the AttestOpenEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestOpenEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Optional parameters for the AttestSgxEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestSgxEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Operation options for the AttestTpm API.\n */\nexport interface AttestTpmOptions extends AttestationClientOperationOptions {}\n\n/**\n * Attestation Client class.\n *\n * The AttestationClient class enables access to the Attestation related APIs:\n *\n * - getOpenIdMetadata\n * - getAttestationSigners\n * - attestSgxEnclave\n * - attestOpenEnclave\n * - attestTpm\n */\nexport class AttestationClient {\n /**\n * Creates an instance of AttestationClient.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\"\n * );\n * ```\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param options - Options used to configure the Attestation Client.\n *\n */\n public constructor(endpoint: string, options?: AttestationClientOptions);\n\n /**\n * Creates an instance of AttestationClient with options and credentials.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\",\n * new TokenCredential(\"<>\"),\n * { tokenValidationOptions: { validateToken: false } }\n * );\n * ```\n *\n * Note that credentials are required to call the `attestTpm` API.\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param credentials - Credentials used to configure the attestation client.\n *\n */\n public constructor(\n endpoint: string,\n credentials: TokenCredential,\n options?: AttestationClientOptions,\n );\n public constructor(\n endpoint: string,\n credentialsOrOptions?: TokenCredential | AttestationClientOptions,\n clientOptions: AttestationClientOptions = {},\n ) {\n let credentialScopes: string[] | undefined = undefined;\n let credential: TokenCredential | undefined = undefined;\n let options: AttestationClientOptions;\n\n if (credentialsOrOptions && isTokenCredential(credentialsOrOptions)) {\n credential = credentialsOrOptions;\n credentialScopes = [\"https://attest.azure.net/.default\"];\n options = clientOptions;\n } else {\n options = credentialsOrOptions || {};\n }\n\n const internalPipelineOptions: GeneratedClientOptionalParams = {\n ...options,\n ...{\n credentialScopes: credentialScopes,\n credential: credential,\n loggingOptions: {\n logger: logger.info,\n allowedHeaderNames: [\"x-ms-request-id\", \"x-ms-maa-service-version\"],\n },\n },\n };\n\n this._client = new GeneratedClient(endpoint, internalPipelineOptions);\n this._validationOptions = options.validationOptions;\n }\n\n /** Attests an OpenEnclave report generated from an SGX Enclave using the OpenEnclave SDK.\n *\n * @param report - An OpenEnclave report generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n *\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n * @throws {@link Error} if the `initTimeJson` option is provided and the value of `initTimeJson` is not JSON.\n * @throws {@link Error} if the `runTimeJson` option is provided and the value of `runTimeJson` is not JSON.\n */\n public async attestOpenEnclave(\n report: Uint8Array | Buffer | Blob,\n options: AttestOpenEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestOpenEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestOpenEnclave(\n {\n report: await Uint8ArrayFromInput(report),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attests a quote generated from SGX Enclave using the Intel SDK.\n *\n * @param quote - An SGX quote generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n */\n public async attestSgxEnclave(\n quote: Uint8Array | Buffer | Blob,\n options: AttestSgxEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestSgxEnclave(\n {\n quote: await Uint8ArrayFromInput(quote),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attest a TPM based enclave.\n\n * See the {@link https://learn.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.\n * \n * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.\n * @param options - Pipeline options for TPM attestation request.\n * @returns A structure containing the response from the TPM attestation, Utf8 encoded.\n * \n * @remarks\n * \n * The incoming requests to the TPM attestation API are stringified JSON objects.\n * \n * @example\n * For example, the initial call for a TPM attestation operation is:\n * \n * ```js\n * const encodedPayload = JSON.stringify({ payload: { type: \"aikcert\" } });\n * const result = await client.attestTpm(encodedPayload);\n * ```\n * \n * where stringToBytes converts the string to UTF8.\n * \n * Note that the attestTpm requires an attestation client which is configured with\n * authentication credentials.\n * \n */\n public async attestTpm(request: string, options: AttestTpmOptions = {}): Promise<string> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n const response = await this._client.attestation.attestTpm(\n { data: stringToBytes(request) },\n updatedOptions,\n );\n if (response.data) {\n return bytesToString(response.data);\n } else {\n throw Error(\"Internal error - response data cannot be undefined.\");\n }\n },\n );\n }\n\n /**\n * Returns the list of attestation signers which can be used to sign attestation\n * service tokens.\n *\n * @param options - Client operation options.\n * @returns the set of AttestationSigners which may be used to sign attestation tokens.\n */\n public async getAttestationSigners(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<AttestationSigner[]> {\n return tracingClient.withSpan(\n \"AttestationClient-getAttestationSigners\",\n options,\n async (updatedOptions) => {\n const signingCertificates = await this._client.signingCertificates.get(updatedOptions);\n const signers: AttestationSigner[] = new Array();\n signingCertificates.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n return signers;\n },\n );\n }\n\n /**\n * Returns the OpenID Metadata discovery document for the attestation service instance.\n * @param options - Client operation options.\n * @returns The OpenID metadata discovery document for the attestation service.\n */\n public async getOpenIdMetadata(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<Record<string, unknown>> {\n return tracingClient.withSpan(\n \"AttestationClient-getOpenIdMetadata\",\n options,\n async (updatedOptions) => {\n const configs = await this._client.metadataConfiguration.get(updatedOptions);\n return configs;\n },\n );\n }\n\n private _client: GeneratedClient;\n private _validationOptions?: AttestationTokenValidationOptions;\n private _signers?: AttestationSigner[];\n\n private async _signingKeys(): Promise<AttestationSigner[]> {\n if (this._signers !== undefined) {\n return this._signers;\n }\n const jwks = await this._client.signingCertificates.get();\n const signers: AttestationSigner[] = new Array();\n jwks.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n this._signers = signers;\n return this._signers;\n }\n}\n"]}
package/dist/react-native/attestationClient.d.ts CHANGED
@@ -162,7 +162,7 @@ export declare class AttestationClient {
162
162
  attestSgxEnclave(quote: Uint8Array | Buffer | Blob, options?: AttestSgxEnclaveOptions): Promise<AttestationResponse<AttestationResult>>;
163
163
  /** Attest a TPM based enclave.
164
164
 
165
- * See the {@link https://docs.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
165
+ * See the {@link https://learn.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
166
166
  *
167
167
  * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.
168
168
  * @param options - Pipeline options for TPM attestation request.
package/dist/react-native/attestationClient.js CHANGED
@@ -153,7 +153,7 @@ export class AttestationClient {
153
153
  }
154
154
  /** Attest a TPM based enclave.
155
155
 
156
- * See the {@link https://docs.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
156
+ * See the {@link https://learn.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
157
157
  *
158
158
  * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.
159
159
  * @param options - Pipeline options for TPM attestation request.
package/dist/react-native/attestationClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationClient.js","sourceRoot":"","sources":["../../src/attestationClient.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AAajE,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAE5D,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC,OAAO,KAAK,OAAO,MAAM,+BAA+B,CAAC;AAGzD,OAAO,EAAE,yBAAyB,EAAE,MAAM,iCAAiC,CAAC;AAE5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAE/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAErD,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAmGvD;;;;;;;;;;GAUG;AACH,MAAM,OAAO,iBAAiB;IA4C5B,YACE,QAAgB,EAChB,oBAAiE,EACjE,gBAA0C,EAAE;QAE5C,IAAI,gBAAgB,GAAyB,SAAS,CAAC;QACvD,IAAI,UAAU,GAAgC,SAAS,CAAC;QACxD,IAAI,OAAiC,CAAC;QAEtC,IAAI,oBAAoB,IAAI,iBAAiB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACpE,UAAU,GAAG,oBAAoB,CAAC;YAClC,gBAAgB,GAAG,CAAC,mCAAmC,CAAC,CAAC;YACzD,OAAO,GAAG,aAAa,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,oBAAoB,IAAI,EAAE,CAAC;QACvC,CAAC;QAED,MAAM,uBAAuB,mCACxB,OAAO,GACP;YACD,gBAAgB,EAAE,gBAAgB;YAClC,UAAU,EAAE,UAAU;YACtB,cAAc,EAAE;gBACd,MAAM,EAAE,MAAM,CAAC,IAAI;gBACnB,kBAAkB,EAAE,CAAC,iBAAiB,EAAE,0BAA0B,CAAC;aACpE;SACF,CACF,CAAC;QAEF,IAAI,CAAC,OAAO,GAAG,IAAI,eAAe,CAAC,QAAQ,EAAE,uBAAuB,CAAC,CAAC;QACtE,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IACtD,CAAC;IAED;;;;;;;;;;;OAWG;IACI,KAAK,CAAC,iBAAiB,CAC5B,MAAkC,EAClC,UAAoC,EAAE;QAEtC,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YAEtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,iBAAiB,CAC1E;gBACE,MAAM,EAAE,MAAM,mBAAmB,CAAC,MAAM,CAAC;gBACzC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,yBAAyB,CAC9B,KAAK,EACL,+BAA+B,CAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,gBAAgB,CAC3B,KAAiC,EACjC,UAAmC,EAAE;QAErC,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YACtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,gBAAgB,CACzE;gBACE,KAAK,EAAE,MAAM,mBAAmB,CAAC,KAAK,CAAC;gBACvC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,yBAAyB,CAC9B,KAAK,EACL,+BAA+B,CAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACI,KAAK,CAAC,SAAS,CAAC,OAAe,EAAE,UAA4B,EAAE;QACpE,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,SAAS,CACvD,EAAE,IAAI,EAAE,aAAa,CAAC,OAAO,CAAC,EAAE,EAChC,cAAc,CACf,CAAC;YACF,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAClB,OAAO,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACtC,CAAC;iBAAM,CAAC;gBACN,MAAM,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACrE,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,qBAAqB;IAChC,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,aAAa,CAAC,QAAQ,CAC3B,yCAAyC,EACzC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YACvF,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;YACjD,MAAA,mBAAmB,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC5C,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;YACzD,CAAC,CAAC,CAAC;YACH,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,iBAAiB;IAC5B,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC7E,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAMO,KAAK,CAAC,YAAY;;QACxB,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,EAAE,CAAC;QAC1D,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;QACjD,MAAA,IAAI,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { GeneratedClient } from \"./generated/generatedClient.js\";\n\nimport type {\n AttestationResult,\n AttestationSigner,\n AttestationTokenValidationOptions,\n} from \"./models/index.js\";\n\nimport type {\n GeneratedAttestationResult,\n InitTimeData,\n RuntimeData,\n} from \"./generated/models/index.js\";\nimport { KnownDataType } from \"./generated/models/index.js\";\n\nimport { logger } from \"./logger.js\";\nimport type { GeneratedClientOptionalParams } from \"./generated/models/index.js\";\nimport * as Mappers from \"./generated/models/mappers.js\";\n\nimport type { AttestationResponse } from \"./models/attestationResponse.js\";\nimport { createAttestationResponse } from \"./models/attestationResponse.js\";\n\nimport { TypeDeserializer } from \"./utils/typeDeserializer.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { isTokenCredential } from \"@azure/core-auth\";\nimport type { CommonClientOptions, OperationOptions } from \"@azure/core-client\";\nimport { bytesToString, stringToBytes } from \"./utils/utf8.js\";\nimport { _attestationResultFromGenerated } from \"./models/attestationResult.js\";\nimport { _attestationSignerFromGenerated } from \"./models/attestationSigner.js\";\nimport { AttestationTokenImpl } from \"./models/attestationToken.js\";\nimport { Uint8ArrayFromInput } from \"./utils/buffer.js\";\nimport { tracingClient } from \"./generated/tracing.js\";\n\n/**\n * Attestation Client Construction Options.\n */\nexport interface AttestationClientOptions extends CommonClientOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Operation options for the Attestation Client operations.\n */\nexport interface AttestationClientOperationOptions extends OperationOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service for the individual operation.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Optional parameters for the AttestOpenEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestOpenEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Optional parameters for the AttestSgxEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestSgxEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Operation options for the AttestTpm API.\n */\nexport interface AttestTpmOptions extends AttestationClientOperationOptions {}\n\n/**\n * Attestation Client class.\n *\n * The AttestationClient class enables access to the Attestation related APIs:\n *\n * - getOpenIdMetadata\n * - getAttestationSigners\n * - attestSgxEnclave\n * - attestOpenEnclave\n * - attestTpm\n */\nexport class AttestationClient {\n /**\n * Creates an instance of AttestationClient.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\"\n * );\n * ```\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param options - Options used to configure the Attestation Client.\n *\n */\n public constructor(endpoint: string, options?: AttestationClientOptions);\n\n /**\n * Creates an instance of AttestationClient with options and credentials.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\",\n * new TokenCredential(\"<>\"),\n * { tokenValidationOptions: { validateToken: false } }\n * );\n * ```\n *\n * Note that credentials are required to call the `attestTpm` API.\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param credentials - Credentials used to configure the attestation client.\n *\n */\n public constructor(\n endpoint: string,\n credentials: TokenCredential,\n options?: AttestationClientOptions,\n );\n public constructor(\n endpoint: string,\n credentialsOrOptions?: TokenCredential | AttestationClientOptions,\n clientOptions: AttestationClientOptions = {},\n ) {\n let credentialScopes: string[] | undefined = undefined;\n let credential: TokenCredential | undefined = undefined;\n let options: AttestationClientOptions;\n\n if (credentialsOrOptions && isTokenCredential(credentialsOrOptions)) {\n credential = credentialsOrOptions;\n credentialScopes = [\"https://attest.azure.net/.default\"];\n options = clientOptions;\n } else {\n options = credentialsOrOptions || {};\n }\n\n const internalPipelineOptions: GeneratedClientOptionalParams = {\n ...options,\n ...{\n credentialScopes: credentialScopes,\n credential: credential,\n loggingOptions: {\n logger: logger.info,\n allowedHeaderNames: [\"x-ms-request-id\", \"x-ms-maa-service-version\"],\n },\n },\n };\n\n this._client = new GeneratedClient(endpoint, internalPipelineOptions);\n this._validationOptions = options.validationOptions;\n }\n\n /** Attests an OpenEnclave report generated from an SGX Enclave using the OpenEnclave SDK.\n *\n * @param report - An OpenEnclave report generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n *\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n * @throws {@link Error} if the `initTimeJson` option is provided and the value of `initTimeJson` is not JSON.\n * @throws {@link Error} if the `runTimeJson` option is provided and the value of `runTimeJson` is not JSON.\n */\n public async attestOpenEnclave(\n report: Uint8Array | Buffer | Blob,\n options: AttestOpenEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestOpenEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestOpenEnclave(\n {\n report: await Uint8ArrayFromInput(report),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attests a quote generated from SGX Enclave using the Intel SDK.\n *\n * @param quote - An SGX quote generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n */\n public async attestSgxEnclave(\n quote: Uint8Array | Buffer | Blob,\n options: AttestSgxEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestSgxEnclave(\n {\n quote: await Uint8ArrayFromInput(quote),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attest a TPM based enclave.\n\n * See the {@link https://docs.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.\n * \n * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.\n * @param options - Pipeline options for TPM attestation request.\n * @returns A structure containing the response from the TPM attestation, Utf8 encoded.\n * \n * @remarks\n * \n * The incoming requests to the TPM attestation API are stringified JSON objects.\n * \n * @example\n * For example, the initial call for a TPM attestation operation is:\n * \n * ```js\n * const encodedPayload = JSON.stringify({ payload: { type: \"aikcert\" } });\n * const result = await client.attestTpm(encodedPayload);\n * ```\n * \n * where stringToBytes converts the string to UTF8.\n * \n * Note that the attestTpm requires an attestation client which is configured with\n * authentication credentials.\n * \n */\n public async attestTpm(request: string, options: AttestTpmOptions = {}): Promise<string> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n const response = await this._client.attestation.attestTpm(\n { data: stringToBytes(request) },\n updatedOptions,\n );\n if (response.data) {\n return bytesToString(response.data);\n } else {\n throw Error(\"Internal error - response data cannot be undefined.\");\n }\n },\n );\n }\n\n /**\n * Returns the list of attestation signers which can be used to sign attestation\n * service tokens.\n *\n * @param options - Client operation options.\n * @returns the set of AttestationSigners which may be used to sign attestation tokens.\n */\n public async getAttestationSigners(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<AttestationSigner[]> {\n return tracingClient.withSpan(\n \"AttestationClient-getAttestationSigners\",\n options,\n async (updatedOptions) => {\n const signingCertificates = await this._client.signingCertificates.get(updatedOptions);\n const signers: AttestationSigner[] = new Array();\n signingCertificates.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n return signers;\n },\n );\n }\n\n /**\n * Returns the OpenID Metadata discovery document for the attestation service instance.\n * @param options - Client operation options.\n * @returns The OpenID metadata discovery document for the attestation service.\n */\n public async getOpenIdMetadata(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<Record<string, unknown>> {\n return tracingClient.withSpan(\n \"AttestationClient-getOpenIdMetadata\",\n options,\n async (updatedOptions) => {\n const configs = await this._client.metadataConfiguration.get(updatedOptions);\n return configs;\n },\n );\n }\n\n private _client: GeneratedClient;\n private _validationOptions?: AttestationTokenValidationOptions;\n private _signers?: AttestationSigner[];\n\n private async _signingKeys(): Promise<AttestationSigner[]> {\n if (this._signers !== undefined) {\n return this._signers;\n }\n const jwks = await this._client.signingCertificates.get();\n const signers: AttestationSigner[] = new Array();\n jwks.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n this._signers = signers;\n return this._signers;\n }\n}\n"]}
1
+ {"version":3,"file":"attestationClient.js","sourceRoot":"","sources":["../../src/attestationClient.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AAajE,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAE5D,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC,OAAO,KAAK,OAAO,MAAM,+BAA+B,CAAC;AAGzD,OAAO,EAAE,yBAAyB,EAAE,MAAM,iCAAiC,CAAC;AAE5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAE/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAErD,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAmGvD;;;;;;;;;;GAUG;AACH,MAAM,OAAO,iBAAiB;IA4C5B,YACE,QAAgB,EAChB,oBAAiE,EACjE,gBAA0C,EAAE;QAE5C,IAAI,gBAAgB,GAAyB,SAAS,CAAC;QACvD,IAAI,UAAU,GAAgC,SAAS,CAAC;QACxD,IAAI,OAAiC,CAAC;QAEtC,IAAI,oBAAoB,IAAI,iBAAiB,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACpE,UAAU,GAAG,oBAAoB,CAAC;YAClC,gBAAgB,GAAG,CAAC,mCAAmC,CAAC,CAAC;YACzD,OAAO,GAAG,aAAa,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,oBAAoB,IAAI,EAAE,CAAC;QACvC,CAAC;QAED,MAAM,uBAAuB,mCACxB,OAAO,GACP;YACD,gBAAgB,EAAE,gBAAgB;YAClC,UAAU,EAAE,UAAU;YACtB,cAAc,EAAE;gBACd,MAAM,EAAE,MAAM,CAAC,IAAI;gBACnB,kBAAkB,EAAE,CAAC,iBAAiB,EAAE,0BAA0B,CAAC;aACpE;SACF,CACF,CAAC;QAEF,IAAI,CAAC,OAAO,GAAG,IAAI,eAAe,CAAC,QAAQ,EAAE,uBAAuB,CAAC,CAAC;QACtE,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IACtD,CAAC;IAED;;;;;;;;;;;OAWG;IACI,KAAK,CAAC,iBAAiB,CAC5B,MAAkC,EAClC,UAAoC,EAAE;QAEtC,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YAEtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,iBAAiB,CAC1E;gBACE,MAAM,EAAE,MAAM,mBAAmB,CAAC,MAAM,CAAC;gBACzC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,yBAAyB,CAC9B,KAAK,EACL,+BAA+B,CAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,gBAAgB,CAC3B,KAAiC,EACjC,UAAmC,EAAE;QAErC,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAC7E,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,YAAY,mCAAI,OAAO,CAAC,YAAY,CAAC,CAAC;YAEzF,MAAM,YAAY,GAA6B,QAAQ;gBACrD,CAAC,CAAC;oBACE,IAAI,EAAE,QAAQ;oBACd,QAAQ,EACN,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBACjF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,MAAA,OAAO,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC,CAAC;YACtF,MAAM,WAAW,GAA4B,OAAO;gBAClD,CAAC,CAAC;oBACE,IAAI,EAAE,OAAO;oBACb,QAAQ,EACN,OAAO,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM;iBAChF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,gBAAgB,CACzE;gBACE,KAAK,EAAE,MAAM,mBAAmB,CAAC,KAAK,CAAC;gBACvC,YAAY,EAAE,YAAY;gBAC1B,WAAW,EAAE,WAAW;gBACxB,yBAAyB,EAAE,MAAA,OAAO,CAAC,yBAAyB,mCAAI,SAAS;aAC1E,EACD,cAAc,CACf,CAAC;YAEF,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,YAAY,EAAE,EACzB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,0BAA0B,EAAE,OAAO,CAAC,0BAA0B;gBAC9D,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,4BAA4B,CACC,CAAC;YAEhC,OAAO,yBAAyB,CAC9B,KAAK,EACL,+BAA+B,CAAC,iBAAiB,CAAC,CACnD,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACI,KAAK,CAAC,SAAS,CAAC,OAAe,EAAE,UAA4B,EAAE;QACpE,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,SAAS,CACvD,EAAE,IAAI,EAAE,aAAa,CAAC,OAAO,CAAC,EAAE,EAChC,cAAc,CACf,CAAC;YACF,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAClB,OAAO,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACtC,CAAC;iBAAM,CAAC;gBACN,MAAM,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACrE,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,qBAAqB;IAChC,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,aAAa,CAAC,QAAQ,CAC3B,yCAAyC,EACzC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YACvF,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;YACjD,MAAA,mBAAmB,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC5C,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;YACzD,CAAC,CAAC,CAAC;YACH,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,iBAAiB;IAC5B,8DAA8D;IAC9D,UAA6C,EAAE;QAE/C,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC7E,OAAO,OAAO,CAAC;QACjB,CAAC,CACF,CAAC;IACJ,CAAC;IAMO,KAAK,CAAC,YAAY;;QACxB,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,EAAE,CAAC;QAC1D,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;QACjD,MAAA,IAAI,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { GeneratedClient } from \"./generated/generatedClient.js\";\n\nimport type {\n AttestationResult,\n AttestationSigner,\n AttestationTokenValidationOptions,\n} from \"./models/index.js\";\n\nimport type {\n GeneratedAttestationResult,\n InitTimeData,\n RuntimeData,\n} from \"./generated/models/index.js\";\nimport { KnownDataType } from \"./generated/models/index.js\";\n\nimport { logger } from \"./logger.js\";\nimport type { GeneratedClientOptionalParams } from \"./generated/models/index.js\";\nimport * as Mappers from \"./generated/models/mappers.js\";\n\nimport type { AttestationResponse } from \"./models/attestationResponse.js\";\nimport { createAttestationResponse } from \"./models/attestationResponse.js\";\n\nimport { TypeDeserializer } from \"./utils/typeDeserializer.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { isTokenCredential } from \"@azure/core-auth\";\nimport type { CommonClientOptions, OperationOptions } from \"@azure/core-client\";\nimport { bytesToString, stringToBytes } from \"./utils/utf8.js\";\nimport { _attestationResultFromGenerated } from \"./models/attestationResult.js\";\nimport { _attestationSignerFromGenerated } from \"./models/attestationSigner.js\";\nimport { AttestationTokenImpl } from \"./models/attestationToken.js\";\nimport { Uint8ArrayFromInput } from \"./utils/buffer.js\";\nimport { tracingClient } from \"./generated/tracing.js\";\n\n/**\n * Attestation Client Construction Options.\n */\nexport interface AttestationClientOptions extends CommonClientOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Operation options for the Attestation Client operations.\n */\nexport interface AttestationClientOperationOptions extends OperationOptions {\n /**\n * Validation options to be used to validate attestation tokens received\n * from the attestation service for the individual operation.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Optional parameters for the AttestOpenEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestOpenEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Optional parameters for the AttestSgxEnclave API.\n *\n * @param initTimeData - data provided at the time the enclave was initialized.\n * @param runTimeData - data provided at the time the SGX quote being attested was created.\n * @param draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\nexport interface AttestSgxEnclaveOptions extends AttestationClientOperationOptions {\n /**\n *initTimeData : data provided at the time the enclave was initialized, to be interpreted as binary data.\n *\n */\n initTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * inittimeJson : data provided at the time the enclave was initialized, to be interpreted as JSON data.\n */\n initTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeData - data provided at the time the OpenEnclave report being attested was created to be interpreted as binary data.\n */\n runTimeData?: Uint8Array | Buffer | Blob;\n\n /**\n * runTimeJson - data provided at the time the OpenEnclave report being attested was created to be interpreted as JSON data.\n */\n runTimeJson?: Uint8Array | Buffer | Blob;\n\n /**\n * draftPolicyForAttestation - If specified, the attestation policy to be used during the attestation request.\n */\n draftPolicyForAttestation?: string;\n}\n\n/**\n * Operation options for the AttestTpm API.\n */\nexport interface AttestTpmOptions extends AttestationClientOperationOptions {}\n\n/**\n * Attestation Client class.\n *\n * The AttestationClient class enables access to the Attestation related APIs:\n *\n * - getOpenIdMetadata\n * - getAttestationSigners\n * - attestSgxEnclave\n * - attestOpenEnclave\n * - attestTpm\n */\nexport class AttestationClient {\n /**\n * Creates an instance of AttestationClient.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\"\n * );\n * ```\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param options - Options used to configure the Attestation Client.\n *\n */\n public constructor(endpoint: string, options?: AttestationClientOptions);\n\n /**\n * Creates an instance of AttestationClient with options and credentials.\n *\n * Example usage:\n * ```ts\n * import { AttestationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationClient(\n * \"<service endpoint>\",\n * new TokenCredential(\"<>\"),\n * { tokenValidationOptions: { validateToken: false } }\n * );\n * ```\n *\n * Note that credentials are required to call the `attestTpm` API.\n *\n * @param endpoint - The attestation instance base URI, for example https://mytenant.attest.azure.net.\n * @param credentials - Credentials used to configure the attestation client.\n *\n */\n public constructor(\n endpoint: string,\n credentials: TokenCredential,\n options?: AttestationClientOptions,\n );\n public constructor(\n endpoint: string,\n credentialsOrOptions?: TokenCredential | AttestationClientOptions,\n clientOptions: AttestationClientOptions = {},\n ) {\n let credentialScopes: string[] | undefined = undefined;\n let credential: TokenCredential | undefined = undefined;\n let options: AttestationClientOptions;\n\n if (credentialsOrOptions && isTokenCredential(credentialsOrOptions)) {\n credential = credentialsOrOptions;\n credentialScopes = [\"https://attest.azure.net/.default\"];\n options = clientOptions;\n } else {\n options = credentialsOrOptions || {};\n }\n\n const internalPipelineOptions: GeneratedClientOptionalParams = {\n ...options,\n ...{\n credentialScopes: credentialScopes,\n credential: credential,\n loggingOptions: {\n logger: logger.info,\n allowedHeaderNames: [\"x-ms-request-id\", \"x-ms-maa-service-version\"],\n },\n },\n };\n\n this._client = new GeneratedClient(endpoint, internalPipelineOptions);\n this._validationOptions = options.validationOptions;\n }\n\n /** Attests an OpenEnclave report generated from an SGX Enclave using the OpenEnclave SDK.\n *\n * @param report - An OpenEnclave report generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n *\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n * @throws {@link Error} if the `initTimeJson` option is provided and the value of `initTimeJson` is not JSON.\n * @throws {@link Error} if the `runTimeJson` option is provided and the value of `runTimeJson` is not JSON.\n */\n public async attestOpenEnclave(\n report: Uint8Array | Buffer | Blob,\n options: AttestOpenEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestOpenEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestOpenEnclave(\n {\n report: await Uint8ArrayFromInput(report),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attests a quote generated from SGX Enclave using the Intel SDK.\n *\n * @param quote - An SGX quote generated by an SGX enclave.\n * @param options - Operation options for the attestOpenEnclave API call.\n * @returns Returns an AttestationResponse whose body is an AttestationResult describing\n * the claims returned by the attestation service.\n * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.\n * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.\n */\n public async attestSgxEnclave(\n quote: Uint8Array | Buffer | Blob,\n options: AttestSgxEnclaveOptions = {},\n ): Promise<AttestationResponse<AttestationResult>> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {\n throw new Error(\"Cannot provide both initTimeData and initTimeJson.\");\n }\n\n if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {\n throw new Error(\"Cannot provide both runTimeData and runTimeJson.\");\n }\n\n const initData = await Uint8ArrayFromInput(options.initTimeData ?? options.initTimeJson);\n\n const initTimeData: InitTimeData | undefined = initData\n ? {\n data: initData,\n dataType:\n options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const runData = await Uint8ArrayFromInput(options.runTimeData ?? options.runTimeJson);\n const runTimeData: RuntimeData | undefined = runData\n ? {\n data: runData,\n dataType:\n options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,\n }\n : undefined;\n\n const attestationResponse = await this._client.attestation.attestSgxEnclave(\n {\n quote: await Uint8ArrayFromInput(quote),\n initTimeData: initTimeData,\n runtimeData: runTimeData,\n draftPolicyForAttestation: options.draftPolicyForAttestation ?? undefined,\n },\n updatedOptions,\n );\n\n const token = new AttestationTokenImpl(attestationResponse.token);\n const problems = token.getTokenProblems(\n await this._signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n const attestationResult = TypeDeserializer.deserialize(\n token.getBody(),\n {\n GeneratedAttestationResult: Mappers.GeneratedAttestationResult,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"GeneratedAttestationResult\",\n ) as GeneratedAttestationResult;\n\n return createAttestationResponse<AttestationResult>(\n token,\n _attestationResultFromGenerated(attestationResult),\n );\n },\n );\n }\n\n /** Attest a TPM based enclave.\n\n * See the {@link https://learn.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.\n * \n * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.\n * @param options - Pipeline options for TPM attestation request.\n * @returns A structure containing the response from the TPM attestation, Utf8 encoded.\n * \n * @remarks\n * \n * The incoming requests to the TPM attestation API are stringified JSON objects.\n * \n * @example\n * For example, the initial call for a TPM attestation operation is:\n * \n * ```js\n * const encodedPayload = JSON.stringify({ payload: { type: \"aikcert\" } });\n * const result = await client.attestTpm(encodedPayload);\n * ```\n * \n * where stringToBytes converts the string to UTF8.\n * \n * Note that the attestTpm requires an attestation client which is configured with\n * authentication credentials.\n * \n */\n public async attestTpm(request: string, options: AttestTpmOptions = {}): Promise<string> {\n return tracingClient.withSpan(\n \"AttestationClient-attestSgxEnclave\",\n options,\n async (updatedOptions) => {\n const response = await this._client.attestation.attestTpm(\n { data: stringToBytes(request) },\n updatedOptions,\n );\n if (response.data) {\n return bytesToString(response.data);\n } else {\n throw Error(\"Internal error - response data cannot be undefined.\");\n }\n },\n );\n }\n\n /**\n * Returns the list of attestation signers which can be used to sign attestation\n * service tokens.\n *\n * @param options - Client operation options.\n * @returns the set of AttestationSigners which may be used to sign attestation tokens.\n */\n public async getAttestationSigners(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<AttestationSigner[]> {\n return tracingClient.withSpan(\n \"AttestationClient-getAttestationSigners\",\n options,\n async (updatedOptions) => {\n const signingCertificates = await this._client.signingCertificates.get(updatedOptions);\n const signers: AttestationSigner[] = new Array();\n signingCertificates.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n return signers;\n },\n );\n }\n\n /**\n * Returns the OpenID Metadata discovery document for the attestation service instance.\n * @param options - Client operation options.\n * @returns The OpenID metadata discovery document for the attestation service.\n */\n public async getOpenIdMetadata(\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: AttestationClientOperationOptions = {},\n ): Promise<Record<string, unknown>> {\n return tracingClient.withSpan(\n \"AttestationClient-getOpenIdMetadata\",\n options,\n async (updatedOptions) => {\n const configs = await this._client.metadataConfiguration.get(updatedOptions);\n return configs;\n },\n );\n }\n\n private _client: GeneratedClient;\n private _validationOptions?: AttestationTokenValidationOptions;\n private _signers?: AttestationSigner[];\n\n private async _signingKeys(): Promise<AttestationSigner[]> {\n if (this._signers !== undefined) {\n return this._signers;\n }\n const jwks = await this._client.signingCertificates.get();\n const signers: AttestationSigner[] = new Array();\n jwks.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n this._signers = signers;\n return this._signers;\n }\n}\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@azure/attestation",
3
- "version": "1.0.1-alpha.20250109.1",
3
+ "version": "1.0.1-alpha.20250110.1",
4
4
  "description": "Javascript/Typescript client implementation for the Microsoft Azure Attestation service.",
5
5
  "sdk-type": "client",
6
6
  "main": "./dist/commonjs/index.js",