@azure/attestation 1.0.1-alpha.20250620.1 → 1.0.1-alpha.20250730.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/browser/attestationAdministrationClient.js +24 -22
- package/dist/browser/attestationAdministrationClient.js.map +1 -1
- package/dist/browser/attestationClient.js +23 -21
- package/dist/browser/attestationClient.js.map +1 -1
- package/dist/browser/generated/generatedClient.js +14 -3
- package/dist/browser/generated/generatedClient.js.map +1 -1
- package/dist/browser/generated/operations/attestation.js +4 -3
- package/dist/browser/generated/operations/attestation.js.map +1 -1
- package/dist/browser/generated/operations/metadataConfiguration.js +2 -1
- package/dist/browser/generated/operations/metadataConfiguration.js.map +1 -1
- package/dist/browser/generated/operations/policy.js +4 -3
- package/dist/browser/generated/operations/policy.js.map +1 -1
- package/dist/browser/generated/operations/policyCertificates.js +4 -3
- package/dist/browser/generated/operations/policyCertificates.js.map +1 -1
- package/dist/browser/generated/operations/signingCertificates.js +2 -1
- package/dist/browser/generated/operations/signingCertificates.js.map +1 -1
- package/dist/browser/models/attestationResult.js +17 -0
- package/dist/browser/models/attestationResult.js.map +1 -1
- package/dist/browser/models/attestationSigner.js +2 -3
- package/dist/browser/models/attestationSigner.js.map +1 -1
- package/dist/browser/models/attestationToken.js +12 -8
- package/dist/browser/models/attestationToken.js.map +1 -1
- package/dist/browser/models/storedAttestationPolicy.js +4 -0
- package/dist/browser/models/storedAttestationPolicy.js.map +1 -1
- package/dist/commonjs/attestationAdministrationClient.js +24 -22
- package/dist/commonjs/attestationAdministrationClient.js.map +1 -1
- package/dist/commonjs/attestationClient.js +23 -21
- package/dist/commonjs/attestationClient.js.map +1 -1
- package/dist/commonjs/generated/generatedClient.js +14 -3
- package/dist/commonjs/generated/generatedClient.js.map +1 -1
- package/dist/commonjs/generated/operations/attestation.js +4 -3
- package/dist/commonjs/generated/operations/attestation.js.map +1 -1
- package/dist/commonjs/generated/operations/metadataConfiguration.js +2 -1
- package/dist/commonjs/generated/operations/metadataConfiguration.js.map +1 -1
- package/dist/commonjs/generated/operations/policy.js +4 -3
- package/dist/commonjs/generated/operations/policy.js.map +1 -1
- package/dist/commonjs/generated/operations/policyCertificates.js +4 -3
- package/dist/commonjs/generated/operations/policyCertificates.js.map +1 -1
- package/dist/commonjs/generated/operations/signingCertificates.js +2 -1
- package/dist/commonjs/generated/operations/signingCertificates.js.map +1 -1
- package/dist/commonjs/models/attestationResult.js +17 -0
- package/dist/commonjs/models/attestationResult.js.map +1 -1
- package/dist/commonjs/models/attestationSigner.js +2 -3
- package/dist/commonjs/models/attestationSigner.js.map +1 -1
- package/dist/commonjs/models/attestationToken.js +12 -8
- package/dist/commonjs/models/attestationToken.js.map +1 -1
- package/dist/commonjs/models/storedAttestationPolicy.js +4 -0
- package/dist/commonjs/models/storedAttestationPolicy.js.map +1 -1
- package/dist/commonjs/tsdoc-metadata.json +11 -11
- package/dist/esm/attestationAdministrationClient.js +24 -22
- package/dist/esm/attestationAdministrationClient.js.map +1 -1
- package/dist/esm/attestationClient.js +23 -21
- package/dist/esm/attestationClient.js.map +1 -1
- package/dist/esm/generated/generatedClient.js +14 -3
- package/dist/esm/generated/generatedClient.js.map +1 -1
- package/dist/esm/generated/operations/attestation.js +4 -3
- package/dist/esm/generated/operations/attestation.js.map +1 -1
- package/dist/esm/generated/operations/metadataConfiguration.js +2 -1
- package/dist/esm/generated/operations/metadataConfiguration.js.map +1 -1
- package/dist/esm/generated/operations/policy.js +4 -3
- package/dist/esm/generated/operations/policy.js.map +1 -1
- package/dist/esm/generated/operations/policyCertificates.js +4 -3
- package/dist/esm/generated/operations/policyCertificates.js.map +1 -1
- package/dist/esm/generated/operations/signingCertificates.js +2 -1
- package/dist/esm/generated/operations/signingCertificates.js.map +1 -1
- package/dist/esm/models/attestationResult.js +17 -0
- package/dist/esm/models/attestationResult.js.map +1 -1
- package/dist/esm/models/attestationSigner.js +2 -3
- package/dist/esm/models/attestationSigner.js.map +1 -1
- package/dist/esm/models/attestationToken.js +12 -8
- package/dist/esm/models/attestationToken.js.map +1 -1
- package/dist/esm/models/storedAttestationPolicy.js +4 -0
- package/dist/esm/models/storedAttestationPolicy.js.map +1 -1
- package/dist/esm/utils/textEncoding-browser.d.mts +8 -2
- package/dist/esm/utils/textEncoding-browser.d.mts.map +1 -1
- package/dist/react-native/attestationAdministrationClient.js +24 -22
- package/dist/react-native/attestationAdministrationClient.js.map +1 -1
- package/dist/react-native/attestationClient.js +23 -21
- package/dist/react-native/attestationClient.js.map +1 -1
- package/dist/react-native/generated/generatedClient.js +14 -3
- package/dist/react-native/generated/generatedClient.js.map +1 -1
- package/dist/react-native/generated/operations/attestation.js +4 -3
- package/dist/react-native/generated/operations/attestation.js.map +1 -1
- package/dist/react-native/generated/operations/metadataConfiguration.js +2 -1
- package/dist/react-native/generated/operations/metadataConfiguration.js.map +1 -1
- package/dist/react-native/generated/operations/policy.js +4 -3
- package/dist/react-native/generated/operations/policy.js.map +1 -1
- package/dist/react-native/generated/operations/policyCertificates.js +4 -3
- package/dist/react-native/generated/operations/policyCertificates.js.map +1 -1
- package/dist/react-native/generated/operations/signingCertificates.js +2 -1
- package/dist/react-native/generated/operations/signingCertificates.js.map +1 -1
- package/dist/react-native/models/attestationResult.js +17 -0
- package/dist/react-native/models/attestationResult.js.map +1 -1
- package/dist/react-native/models/attestationSigner.js +2 -3
- package/dist/react-native/models/attestationSigner.js.map +1 -1
- package/dist/react-native/models/attestationToken.js +12 -8
- package/dist/react-native/models/attestationToken.js.map +1 -1
- package/dist/react-native/models/storedAttestationPolicy.js +4 -0
- package/dist/react-native/models/storedAttestationPolicy.js.map +1 -1
- package/dist/react-native/utils/textEncoding-browser.d.mts +8 -2
- package/dist/react-native/utils/textEncoding-browser.d.mts.map +1 -1
- package/package.json +2 -2
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"metadataConfiguration.js","sourceRoot":"","sources":["../../../../src/generated/operations/metadataConfiguration.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,KAAK,UAAU,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAChD,OAAO,KAAK,UAAU,MAAM,yBAAyB,CAAC;AAOtD,yDAAyD;AACzD,MAAM,OAAO,yBAAyB;
|
|
1
|
+
{"version":3,"file":"metadataConfiguration.js","sourceRoot":"","sources":["../../../../src/generated/operations/metadataConfiguration.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,KAAK,UAAU,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAChD,OAAO,KAAK,UAAU,MAAM,yBAAyB,CAAC;AAOtD,yDAAyD;AACzD,MAAM,OAAO,yBAAyB;IACnB,MAAM,CAAkB;IAEzC;;;OAGG;IACH,YAAY,MAAuB;QACjC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,GAAG,CACP,OAAgD;QAEhD,OAAO,aAAa,CAAC,QAAQ,CAC3B,qBAAqB,EACrB,OAAO,IAAI,EAAE,EACb,KAAK,EAAE,OAAO,EAAE,EAAE;YAChB,OAAO,IAAI,CAAC,MAAM,CAAC,oBAAoB,CACrC,EAAE,OAAO,EAAE,EACX,gBAAgB,CAC4B,CAAC;QACjD,CAAC,CACF,CAAC;IACJ,CAAC;CACF;AACD,2BAA2B;AAC3B,MAAM,UAAU,GAAG,UAAU,CAAC,gBAAgB,CAAC,OAAO,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC;AAE3E,MAAM,gBAAgB,GAA6B;IACjD,IAAI,EAAE,mCAAmC;IACzC,UAAU,EAAE,KAAK;IACjB,SAAS,EAAE;QACT,GAAG,EAAE;YACH,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE;aAC/D;SACF;QACD,OAAO,EAAE;YACP,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B;KACF;IACD,aAAa,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC;IACvC,gBAAgB,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC;IACrC,UAAU;CACX,CAAC","sourcesContent":["/*\n * Copyright (c) Microsoft Corporation.\n * Licensed under the MIT License.\n *\n * Code generated by Microsoft (R) AutoRest Code Generator.\n * Changes may cause incorrect behavior and will be lost if the code is regenerated.\n */\n\nimport { tracingClient } from \"../tracing.js\";\nimport { MetadataConfiguration } from \"../operationsInterfaces/index.js\";\nimport * as coreClient from \"@azure/core-client\";\nimport * as Mappers from \"../models/mappers.js\";\nimport * as Parameters from \"../models/parameters.js\";\nimport { GeneratedClient } from \"../generatedClient.js\";\nimport {\n MetadataConfigurationGetOptionalParams,\n MetadataConfigurationGetResponse\n} from \"../models/index.js\";\n\n/** Class containing MetadataConfiguration operations. */\nexport class MetadataConfigurationImpl implements MetadataConfiguration {\n private readonly client: GeneratedClient;\n\n /**\n * Initialize a new instance of the class MetadataConfiguration class.\n * @param client Reference to the service client\n */\n constructor(client: GeneratedClient) {\n this.client = client;\n }\n\n /**\n * Retrieves metadata about the attestation signing keys in use by the attestation service\n * @param options The options parameters.\n */\n async get(\n options?: MetadataConfigurationGetOptionalParams\n ): Promise<MetadataConfigurationGetResponse> {\n return tracingClient.withSpan(\n \"GeneratedClient.get\",\n options ?? {},\n async (options) => {\n return this.client.sendOperationRequest(\n { options },\n getOperationSpec\n ) as Promise<MetadataConfigurationGetResponse>;\n }\n );\n }\n}\n// Operation Specifications\nconst serializer = coreClient.createSerializer(Mappers, /* isXml */ false);\n\nconst getOperationSpec: coreClient.OperationSpec = {\n path: \"/.well-known/openid-configuration\",\n httpMethod: \"GET\",\n responses: {\n 200: {\n bodyMapper: {\n type: { name: \"Dictionary\", value: { type: { name: \"any\" } } }\n }\n },\n default: {\n bodyMapper: Mappers.CloudError\n }\n },\n urlParameters: [Parameters.instanceUrl],\n headerParameters: [Parameters.accept],\n serializer\n};\n"]}
|
|
@@ -11,6 +11,7 @@ import * as Mappers from "../models/mappers.js";
|
|
|
11
11
|
import * as Parameters from "../models/parameters.js";
|
|
12
12
|
/** Class containing Policy operations. */
|
|
13
13
|
export class PolicyImpl {
|
|
14
|
+
client;
|
|
14
15
|
/**
|
|
15
16
|
* Initialize a new instance of the class Policy class.
|
|
16
17
|
* @param client Reference to the service client
|
|
@@ -25,7 +26,7 @@ export class PolicyImpl {
|
|
|
25
26
|
* @param options The options parameters.
|
|
26
27
|
*/
|
|
27
28
|
async get(attestationType, options) {
|
|
28
|
-
return tracingClient.withSpan("GeneratedClient.get", options
|
|
29
|
+
return tracingClient.withSpan("GeneratedClient.get", options ?? {}, async (options) => {
|
|
29
30
|
return this.client.sendOperationRequest({ attestationType, options }, getOperationSpec);
|
|
30
31
|
});
|
|
31
32
|
}
|
|
@@ -38,7 +39,7 @@ export class PolicyImpl {
|
|
|
38
39
|
* @param options The options parameters.
|
|
39
40
|
*/
|
|
40
41
|
async set(attestationType, newAttestationPolicy, options) {
|
|
41
|
-
return tracingClient.withSpan("GeneratedClient.set", options
|
|
42
|
+
return tracingClient.withSpan("GeneratedClient.set", options ?? {}, async (options) => {
|
|
42
43
|
return this.client.sendOperationRequest({ attestationType, newAttestationPolicy, options }, setOperationSpec);
|
|
43
44
|
});
|
|
44
45
|
}
|
|
@@ -50,7 +51,7 @@ export class PolicyImpl {
|
|
|
50
51
|
* @param options The options parameters.
|
|
51
52
|
*/
|
|
52
53
|
async reset(attestationType, policyJws, options) {
|
|
53
|
-
return tracingClient.withSpan("GeneratedClient.reset", options
|
|
54
|
+
return tracingClient.withSpan("GeneratedClient.reset", options ?? {}, async (options) => {
|
|
54
55
|
return this.client.sendOperationRequest({ attestationType, policyJws, options }, resetOperationSpec);
|
|
55
56
|
});
|
|
56
57
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"policy.js","sourceRoot":"","sources":["../../../../src/generated/operations/policy.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,KAAK,UAAU,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAChD,OAAO,KAAK,UAAU,MAAM,yBAAyB,CAAC;AAYtD,0CAA0C;AAC1C,MAAM,OAAO,UAAU;
|
|
1
|
+
{"version":3,"file":"policy.js","sourceRoot":"","sources":["../../../../src/generated/operations/policy.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,KAAK,UAAU,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAChD,OAAO,KAAK,UAAU,MAAM,yBAAyB,CAAC;AAYtD,0CAA0C;AAC1C,MAAM,OAAO,UAAU;IACJ,MAAM,CAAkB;IAEzC;;;OAGG;IACH,YAAY,MAAuB;QACjC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,GAAG,CACP,eAAgC,EAChC,OAAiC;QAEjC,OAAO,aAAa,CAAC,QAAQ,CAC3B,qBAAqB,EACrB,OAAO,IAAI,EAAE,EACb,KAAK,EAAE,OAAO,EAAE,EAAE;YAChB,OAAO,IAAI,CAAC,MAAM,CAAC,oBAAoB,CACrC,EAAE,eAAe,EAAE,OAAO,EAAE,EAC5B,gBAAgB,CACa,CAAC;QAClC,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,GAAG,CACP,eAAgC,EAChC,oBAA4B,EAC5B,OAAsC;QAEtC,OAAO,aAAa,CAAC,QAAQ,CAC3B,qBAAqB,EACrB,OAAO,IAAI,EAAE,EACb,KAAK,EAAE,OAAO,EAAE,EAAE;YAChB,OAAO,IAAI,CAAC,MAAM,CAAC,oBAAoB,CACrC,EAAE,eAAe,EAAE,oBAAoB,EAAE,OAAO,EAAE,EAClD,gBAAgB,CACkB,CAAC;QACvC,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,KAAK,CACT,eAAgC,EAChC,SAAiB,EACjB,OAAmC;QAEnC,OAAO,aAAa,CAAC,QAAQ,CAC3B,uBAAuB,EACvB,OAAO,IAAI,EAAE,EACb,KAAK,EAAE,OAAO,EAAE,EAAE;YAChB,OAAO,IAAI,CAAC,MAAM,CAAC,oBAAoB,CACrC,EAAE,eAAe,EAAE,SAAS,EAAE,OAAO,EAAE,EACvC,kBAAkB,CACa,CAAC;QACpC,CAAC,CACF,CAAC;IACJ,CAAC;CACF;AACD,2BAA2B;AAC3B,MAAM,UAAU,GAAG,UAAU,CAAC,gBAAgB,CAAC,OAAO,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC;AAE3E,MAAM,gBAAgB,GAA6B;IACjD,IAAI,EAAE,6BAA6B;IACnC,UAAU,EAAE,KAAK;IACjB,SAAS,EAAE;QACT,GAAG,EAAE;YACH,UAAU,EAAE,OAAO,CAAC,cAAc;SACnC;QACD,OAAO,EAAE;YACP,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B;KACF;IACD,eAAe,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC;IACxC,aAAa,EAAE,CAAC,UAAU,CAAC,WAAW,EAAE,UAAU,CAAC,eAAe,CAAC;IACnE,gBAAgB,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC;IACrC,UAAU;CACX,CAAC;AACF,MAAM,gBAAgB,GAA6B;IACjD,IAAI,EAAE,6BAA6B;IACnC,UAAU,EAAE,KAAK;IACjB,SAAS,EAAE;QACT,GAAG,EAAE;YACH,UAAU,EAAE,OAAO,CAAC,cAAc;SACnC;QACD,OAAO,EAAE;YACP,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B;KACF;IACD,WAAW,EAAE,UAAU,CAAC,oBAAoB;IAC5C,eAAe,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC;IACxC,aAAa,EAAE,CAAC,UAAU,CAAC,WAAW,EAAE,UAAU,CAAC,eAAe,CAAC;IACnE,gBAAgB,EAAE,CAAC,UAAU,CAAC,WAAW,EAAE,UAAU,CAAC,OAAO,CAAC;IAC9D,SAAS,EAAE,MAAM;IACjB,UAAU;CACX,CAAC;AACF,MAAM,kBAAkB,GAA6B;IACnD,IAAI,EAAE,mCAAmC;IACzC,UAAU,EAAE,MAAM;IAClB,SAAS,EAAE;QACT,GAAG,EAAE;YACH,UAAU,EAAE,OAAO,CAAC,cAAc;SACnC;QACD,OAAO,EAAE;YACP,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B;KACF;IACD,WAAW,EAAE,UAAU,CAAC,SAAS;IACjC,eAAe,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC;IACxC,aAAa,EAAE,CAAC,UAAU,CAAC,WAAW,EAAE,UAAU,CAAC,eAAe,CAAC;IACnE,gBAAgB,EAAE,CAAC,UAAU,CAAC,WAAW,EAAE,UAAU,CAAC,OAAO,CAAC;IAC9D,SAAS,EAAE,MAAM;IACjB,UAAU;CACX,CAAC","sourcesContent":["/*\n * Copyright (c) Microsoft Corporation.\n * Licensed under the MIT License.\n *\n * Code generated by Microsoft (R) AutoRest Code Generator.\n * Changes may cause incorrect behavior and will be lost if the code is regenerated.\n */\n\nimport { tracingClient } from \"../tracing.js\";\nimport { Policy } from \"../operationsInterfaces/index.js\";\nimport * as coreClient from \"@azure/core-client\";\nimport * as Mappers from \"../models/mappers.js\";\nimport * as Parameters from \"../models/parameters.js\";\nimport { GeneratedClient } from \"../generatedClient.js\";\nimport {\n AttestationType,\n PolicyGetOptionalParams,\n PolicyGetResponse,\n PolicySetModelOptionalParams,\n PolicySetModelResponse,\n PolicyResetOptionalParams,\n PolicyResetResponse\n} from \"../models/index.js\";\n\n/** Class containing Policy operations. */\nexport class PolicyImpl implements Policy {\n private readonly client: GeneratedClient;\n\n /**\n * Initialize a new instance of the class Policy class.\n * @param client Reference to the service client\n */\n constructor(client: GeneratedClient) {\n this.client = client;\n }\n\n /**\n * Retrieves the current policy for an attestation type.\n * @param attestationType Specifies the trusted execution environment to be used to validate the\n * evidence\n * @param options The options parameters.\n */\n async get(\n attestationType: AttestationType,\n options?: PolicyGetOptionalParams\n ): Promise<PolicyGetResponse> {\n return tracingClient.withSpan(\n \"GeneratedClient.get\",\n options ?? {},\n async (options) => {\n return this.client.sendOperationRequest(\n { attestationType, options },\n getOperationSpec\n ) as Promise<PolicyGetResponse>;\n }\n );\n }\n\n /**\n * Sets the policy for a given attestation type.\n * @param attestationType Specifies the trusted execution environment to be used to validate the\n * evidence\n * @param newAttestationPolicy JWT Expressing the new policy whose body is a StoredAttestationPolicy\n * object.\n * @param options The options parameters.\n */\n async set(\n attestationType: AttestationType,\n newAttestationPolicy: string,\n options?: PolicySetModelOptionalParams\n ): Promise<PolicySetModelResponse> {\n return tracingClient.withSpan(\n \"GeneratedClient.set\",\n options ?? {},\n async (options) => {\n return this.client.sendOperationRequest(\n { attestationType, newAttestationPolicy, options },\n setOperationSpec\n ) as Promise<PolicySetModelResponse>;\n }\n );\n }\n\n /**\n * Resets the attestation policy for the specified tenant and reverts to the default policy.\n * @param attestationType Specifies the trusted execution environment to be used to validate the\n * evidence\n * @param policyJws JSON Web Signature with an empty policy document\n * @param options The options parameters.\n */\n async reset(\n attestationType: AttestationType,\n policyJws: string,\n options?: PolicyResetOptionalParams\n ): Promise<PolicyResetResponse> {\n return tracingClient.withSpan(\n \"GeneratedClient.reset\",\n options ?? {},\n async (options) => {\n return this.client.sendOperationRequest(\n { attestationType, policyJws, options },\n resetOperationSpec\n ) as Promise<PolicyResetResponse>;\n }\n );\n }\n}\n// Operation Specifications\nconst serializer = coreClient.createSerializer(Mappers, /* isXml */ false);\n\nconst getOperationSpec: coreClient.OperationSpec = {\n path: \"/policies/{attestationType}\",\n httpMethod: \"GET\",\n responses: {\n 200: {\n bodyMapper: Mappers.PolicyResponse\n },\n default: {\n bodyMapper: Mappers.CloudError\n }\n },\n queryParameters: [Parameters.apiVersion],\n urlParameters: [Parameters.instanceUrl, Parameters.attestationType],\n headerParameters: [Parameters.accept],\n serializer\n};\nconst setOperationSpec: coreClient.OperationSpec = {\n path: \"/policies/{attestationType}\",\n httpMethod: \"PUT\",\n responses: {\n 200: {\n bodyMapper: Mappers.PolicyResponse\n },\n default: {\n bodyMapper: Mappers.CloudError\n }\n },\n requestBody: Parameters.newAttestationPolicy,\n queryParameters: [Parameters.apiVersion],\n urlParameters: [Parameters.instanceUrl, Parameters.attestationType],\n headerParameters: [Parameters.contentType, Parameters.accept1],\n mediaType: \"text\",\n serializer\n};\nconst resetOperationSpec: coreClient.OperationSpec = {\n path: \"/policies/{attestationType}:reset\",\n httpMethod: \"POST\",\n responses: {\n 200: {\n bodyMapper: Mappers.PolicyResponse\n },\n default: {\n bodyMapper: Mappers.CloudError\n }\n },\n requestBody: Parameters.policyJws,\n queryParameters: [Parameters.apiVersion],\n urlParameters: [Parameters.instanceUrl, Parameters.attestationType],\n headerParameters: [Parameters.contentType, Parameters.accept1],\n mediaType: \"text\",\n serializer\n};\n"]}
|
|
@@ -11,6 +11,7 @@ import * as Mappers from "../models/mappers.js";
|
|
|
11
11
|
import * as Parameters from "../models/parameters.js";
|
|
12
12
|
/** Class containing PolicyCertificates operations. */
|
|
13
13
|
export class PolicyCertificatesImpl {
|
|
14
|
+
client;
|
|
14
15
|
/**
|
|
15
16
|
* Initialize a new instance of the class PolicyCertificates class.
|
|
16
17
|
* @param client Reference to the service client
|
|
@@ -23,7 +24,7 @@ export class PolicyCertificatesImpl {
|
|
|
23
24
|
* @param options The options parameters.
|
|
24
25
|
*/
|
|
25
26
|
async get(options) {
|
|
26
|
-
return tracingClient.withSpan("GeneratedClient.get", options
|
|
27
|
+
return tracingClient.withSpan("GeneratedClient.get", options ?? {}, async (options) => {
|
|
27
28
|
return this.client.sendOperationRequest({ options }, getOperationSpec);
|
|
28
29
|
});
|
|
29
30
|
}
|
|
@@ -34,7 +35,7 @@ export class PolicyCertificatesImpl {
|
|
|
34
35
|
* @param options The options parameters.
|
|
35
36
|
*/
|
|
36
37
|
async add(policyCertificateToAdd, options) {
|
|
37
|
-
return tracingClient.withSpan("GeneratedClient.add", options
|
|
38
|
+
return tracingClient.withSpan("GeneratedClient.add", options ?? {}, async (options) => {
|
|
38
39
|
return this.client.sendOperationRequest({ policyCertificateToAdd, options }, addOperationSpec);
|
|
39
40
|
});
|
|
40
41
|
}
|
|
@@ -47,7 +48,7 @@ export class PolicyCertificatesImpl {
|
|
|
47
48
|
* @param options The options parameters.
|
|
48
49
|
*/
|
|
49
50
|
async remove(policyCertificateToRemove, options) {
|
|
50
|
-
return tracingClient.withSpan("GeneratedClient.remove", options
|
|
51
|
+
return tracingClient.withSpan("GeneratedClient.remove", options ?? {}, async (options) => {
|
|
51
52
|
return this.client.sendOperationRequest({ policyCertificateToRemove, options }, removeOperationSpec);
|
|
52
53
|
});
|
|
53
54
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"policyCertificates.js","sourceRoot":"","sources":["../../../../src/generated/operations/policyCertificates.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,KAAK,UAAU,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAChD,OAAO,KAAK,UAAU,MAAM,yBAAyB,CAAC;AAWtD,sDAAsD;AACtD,MAAM,OAAO,sBAAsB;
|
|
1
|
+
{"version":3,"file":"policyCertificates.js","sourceRoot":"","sources":["../../../../src/generated/operations/policyCertificates.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,KAAK,UAAU,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAChD,OAAO,KAAK,UAAU,MAAM,yBAAyB,CAAC;AAWtD,sDAAsD;AACtD,MAAM,OAAO,sBAAsB;IAChB,MAAM,CAAkB;IAEzC;;;OAGG;IACH,YAAY,MAAuB;QACjC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,GAAG,CACP,OAA6C;QAE7C,OAAO,aAAa,CAAC,QAAQ,CAC3B,qBAAqB,EACrB,OAAO,IAAI,EAAE,EACb,KAAK,EAAE,OAAO,EAAE,EAAE;YAChB,OAAO,IAAI,CAAC,MAAM,CAAC,oBAAoB,CACrC,EAAE,OAAO,EAAE,EACX,gBAAgB,CACyB,CAAC;QAC9C,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,GAAG,CACP,sBAA8B,EAC9B,OAA6C;QAE7C,OAAO,aAAa,CAAC,QAAQ,CAC3B,qBAAqB,EACrB,OAAO,IAAI,EAAE,EACb,KAAK,EAAE,OAAO,EAAE,EAAE;YAChB,OAAO,IAAI,CAAC,MAAM,CAAC,oBAAoB,CACrC,EAAE,sBAAsB,EAAE,OAAO,EAAE,EACnC,gBAAgB,CACyB,CAAC;QAC9C,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,MAAM,CACV,yBAAiC,EACjC,OAAgD;QAEhD,OAAO,aAAa,CAAC,QAAQ,CAC3B,wBAAwB,EACxB,OAAO,IAAI,EAAE,EACb,KAAK,EAAE,OAAO,EAAE,EAAE;YAChB,OAAO,IAAI,CAAC,MAAM,CAAC,oBAAoB,CACrC,EAAE,yBAAyB,EAAE,OAAO,EAAE,EACtC,mBAAmB,CACyB,CAAC;QACjD,CAAC,CACF,CAAC;IACJ,CAAC;CACF;AACD,2BAA2B;AAC3B,MAAM,UAAU,GAAG,UAAU,CAAC,gBAAgB,CAAC,OAAO,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC;AAE3E,MAAM,gBAAgB,GAA6B;IACjD,IAAI,EAAE,eAAe;IACrB,UAAU,EAAE,KAAK;IACjB,SAAS,EAAE;QACT,GAAG,EAAE;YACH,UAAU,EAAE,OAAO,CAAC,0BAA0B;SAC/C;QACD,OAAO,EAAE;YACP,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B;KACF;IACD,eAAe,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC;IACxC,aAAa,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC;IACvC,gBAAgB,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC;IACrC,UAAU;CACX,CAAC;AACF,MAAM,gBAAgB,GAA6B;IACjD,IAAI,EAAE,mBAAmB;IACzB,UAAU,EAAE,MAAM;IAClB,SAAS,EAAE;QACT,GAAG,EAAE;YACH,UAAU,EAAE,OAAO,CAAC,gCAAgC;SACrD;QACD,OAAO,EAAE;YACP,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B;KACF;IACD,WAAW,EAAE,UAAU,CAAC,sBAAsB;IAC9C,eAAe,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC;IACxC,aAAa,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC;IACvC,gBAAgB,EAAE,CAAC,UAAU,CAAC,MAAM,EAAE,UAAU,CAAC,YAAY,CAAC;IAC9D,SAAS,EAAE,MAAM;IACjB,UAAU;CACX,CAAC;AACF,MAAM,mBAAmB,GAA6B;IACpD,IAAI,EAAE,sBAAsB;IAC5B,UAAU,EAAE,MAAM;IAClB,SAAS,EAAE;QACT,GAAG,EAAE;YACH,UAAU,EAAE,OAAO,CAAC,gCAAgC;SACrD;QACD,OAAO,EAAE;YACP,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B;KACF;IACD,WAAW,EAAE,UAAU,CAAC,yBAAyB;IACjD,eAAe,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC;IACxC,aAAa,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC;IACvC,gBAAgB,EAAE,CAAC,UAAU,CAAC,MAAM,EAAE,UAAU,CAAC,YAAY,CAAC;IAC9D,SAAS,EAAE,MAAM;IACjB,UAAU;CACX,CAAC","sourcesContent":["/*\n * Copyright (c) Microsoft Corporation.\n * Licensed under the MIT License.\n *\n * Code generated by Microsoft (R) AutoRest Code Generator.\n * Changes may cause incorrect behavior and will be lost if the code is regenerated.\n */\n\nimport { tracingClient } from \"../tracing.js\";\nimport { PolicyCertificates } from \"../operationsInterfaces/index.js\";\nimport * as coreClient from \"@azure/core-client\";\nimport * as Mappers from \"../models/mappers.js\";\nimport * as Parameters from \"../models/parameters.js\";\nimport { GeneratedClient } from \"../generatedClient.js\";\nimport {\n PolicyCertificatesGetOptionalParams,\n PolicyCertificatesGetResponse,\n PolicyCertificatesAddOptionalParams,\n PolicyCertificatesAddResponse,\n PolicyCertificatesRemoveOptionalParams,\n PolicyCertificatesRemoveResponse\n} from \"../models/index.js\";\n\n/** Class containing PolicyCertificates operations. */\nexport class PolicyCertificatesImpl implements PolicyCertificates {\n private readonly client: GeneratedClient;\n\n /**\n * Initialize a new instance of the class PolicyCertificates class.\n * @param client Reference to the service client\n */\n constructor(client: GeneratedClient) {\n this.client = client;\n }\n\n /**\n * Retrieves the set of certificates used to express policy for the current tenant.\n * @param options The options parameters.\n */\n async get(\n options?: PolicyCertificatesGetOptionalParams\n ): Promise<PolicyCertificatesGetResponse> {\n return tracingClient.withSpan(\n \"GeneratedClient.get\",\n options ?? {},\n async (options) => {\n return this.client.sendOperationRequest(\n { options },\n getOperationSpec\n ) as Promise<PolicyCertificatesGetResponse>;\n }\n );\n }\n\n /**\n * Adds a new attestation policy certificate to the set of policy management certificates.\n * @param policyCertificateToAdd An RFC7519 JSON Web Token whose body is an RFC7517 JSON Web Key\n * object. The RFC7519 JWT must be signed with one of the existing signing certificates\n * @param options The options parameters.\n */\n async add(\n policyCertificateToAdd: string,\n options?: PolicyCertificatesAddOptionalParams\n ): Promise<PolicyCertificatesAddResponse> {\n return tracingClient.withSpan(\n \"GeneratedClient.add\",\n options ?? {},\n async (options) => {\n return this.client.sendOperationRequest(\n { policyCertificateToAdd, options },\n addOperationSpec\n ) as Promise<PolicyCertificatesAddResponse>;\n }\n );\n }\n\n /**\n * Removes the specified policy management certificate. Note that the final policy management\n * certificate cannot be removed.\n * @param policyCertificateToRemove An RFC7519 JSON Web Token whose body is an\n * AttestationCertificateManagementBody object. The RFC7519 JWT must be signed with one of the existing\n * signing certificates\n * @param options The options parameters.\n */\n async remove(\n policyCertificateToRemove: string,\n options?: PolicyCertificatesRemoveOptionalParams\n ): Promise<PolicyCertificatesRemoveResponse> {\n return tracingClient.withSpan(\n \"GeneratedClient.remove\",\n options ?? {},\n async (options) => {\n return this.client.sendOperationRequest(\n { policyCertificateToRemove, options },\n removeOperationSpec\n ) as Promise<PolicyCertificatesRemoveResponse>;\n }\n );\n }\n}\n// Operation Specifications\nconst serializer = coreClient.createSerializer(Mappers, /* isXml */ false);\n\nconst getOperationSpec: coreClient.OperationSpec = {\n path: \"/certificates\",\n httpMethod: \"GET\",\n responses: {\n 200: {\n bodyMapper: Mappers.PolicyCertificatesResponse\n },\n default: {\n bodyMapper: Mappers.CloudError\n }\n },\n queryParameters: [Parameters.apiVersion],\n urlParameters: [Parameters.instanceUrl],\n headerParameters: [Parameters.accept],\n serializer\n};\nconst addOperationSpec: coreClient.OperationSpec = {\n path: \"/certificates:add\",\n httpMethod: \"POST\",\n responses: {\n 200: {\n bodyMapper: Mappers.PolicyCertificatesModifyResponse\n },\n default: {\n bodyMapper: Mappers.CloudError\n }\n },\n requestBody: Parameters.policyCertificateToAdd,\n queryParameters: [Parameters.apiVersion],\n urlParameters: [Parameters.instanceUrl],\n headerParameters: [Parameters.accept, Parameters.contentType1],\n mediaType: \"json\",\n serializer\n};\nconst removeOperationSpec: coreClient.OperationSpec = {\n path: \"/certificates:remove\",\n httpMethod: \"POST\",\n responses: {\n 200: {\n bodyMapper: Mappers.PolicyCertificatesModifyResponse\n },\n default: {\n bodyMapper: Mappers.CloudError\n }\n },\n requestBody: Parameters.policyCertificateToRemove,\n queryParameters: [Parameters.apiVersion],\n urlParameters: [Parameters.instanceUrl],\n headerParameters: [Parameters.accept, Parameters.contentType1],\n mediaType: \"json\",\n serializer\n};\n"]}
|
|
@@ -11,6 +11,7 @@ import * as Mappers from "../models/mappers.js";
|
|
|
11
11
|
import * as Parameters from "../models/parameters.js";
|
|
12
12
|
/** Class containing SigningCertificates operations. */
|
|
13
13
|
export class SigningCertificatesImpl {
|
|
14
|
+
client;
|
|
14
15
|
/**
|
|
15
16
|
* Initialize a new instance of the class SigningCertificates class.
|
|
16
17
|
* @param client Reference to the service client
|
|
@@ -23,7 +24,7 @@ export class SigningCertificatesImpl {
|
|
|
23
24
|
* @param options The options parameters.
|
|
24
25
|
*/
|
|
25
26
|
async get(options) {
|
|
26
|
-
return tracingClient.withSpan("GeneratedClient.get", options
|
|
27
|
+
return tracingClient.withSpan("GeneratedClient.get", options ?? {}, async (options) => {
|
|
27
28
|
return this.client.sendOperationRequest({ options }, getOperationSpec);
|
|
28
29
|
});
|
|
29
30
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signingCertificates.js","sourceRoot":"","sources":["../../../../src/generated/operations/signingCertificates.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,KAAK,UAAU,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAChD,OAAO,KAAK,UAAU,MAAM,yBAAyB,CAAC;AAOtD,uDAAuD;AACvD,MAAM,OAAO,uBAAuB;
|
|
1
|
+
{"version":3,"file":"signingCertificates.js","sourceRoot":"","sources":["../../../../src/generated/operations/signingCertificates.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,OAAO,KAAK,UAAU,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAChD,OAAO,KAAK,UAAU,MAAM,yBAAyB,CAAC;AAOtD,uDAAuD;AACvD,MAAM,OAAO,uBAAuB;IACjB,MAAM,CAAkB;IAEzC;;;OAGG;IACH,YAAY,MAAuB;QACjC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,GAAG,CACP,OAA8C;QAE9C,OAAO,aAAa,CAAC,QAAQ,CAC3B,qBAAqB,EACrB,OAAO,IAAI,EAAE,EACb,KAAK,EAAE,OAAO,EAAE,EAAE;YAChB,OAAO,IAAI,CAAC,MAAM,CAAC,oBAAoB,CACrC,EAAE,OAAO,EAAE,EACX,gBAAgB,CAC0B,CAAC;QAC/C,CAAC,CACF,CAAC;IACJ,CAAC;CACF;AACD,2BAA2B;AAC3B,MAAM,UAAU,GAAG,UAAU,CAAC,gBAAgB,CAAC,OAAO,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC;AAE3E,MAAM,gBAAgB,GAA6B;IACjD,IAAI,EAAE,QAAQ;IACd,UAAU,EAAE,KAAK;IACjB,SAAS,EAAE;QACT,GAAG,EAAE;YACH,UAAU,EAAE,OAAO,CAAC,aAAa;SAClC;QACD,OAAO,EAAE;YACP,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B;KACF;IACD,aAAa,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC;IACvC,gBAAgB,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;IACtC,UAAU;CACX,CAAC","sourcesContent":["/*\n * Copyright (c) Microsoft Corporation.\n * Licensed under the MIT License.\n *\n * Code generated by Microsoft (R) AutoRest Code Generator.\n * Changes may cause incorrect behavior and will be lost if the code is regenerated.\n */\n\nimport { tracingClient } from \"../tracing.js\";\nimport { SigningCertificates } from \"../operationsInterfaces/index.js\";\nimport * as coreClient from \"@azure/core-client\";\nimport * as Mappers from \"../models/mappers.js\";\nimport * as Parameters from \"../models/parameters.js\";\nimport { GeneratedClient } from \"../generatedClient.js\";\nimport {\n SigningCertificatesGetOptionalParams,\n SigningCertificatesGetResponse\n} from \"../models/index.js\";\n\n/** Class containing SigningCertificates operations. */\nexport class SigningCertificatesImpl implements SigningCertificates {\n private readonly client: GeneratedClient;\n\n /**\n * Initialize a new instance of the class SigningCertificates class.\n * @param client Reference to the service client\n */\n constructor(client: GeneratedClient) {\n this.client = client;\n }\n\n /**\n * Retrieves metadata signing certificates in use by the attestation service\n * @param options The options parameters.\n */\n async get(\n options?: SigningCertificatesGetOptionalParams\n ): Promise<SigningCertificatesGetResponse> {\n return tracingClient.withSpan(\n \"GeneratedClient.get\",\n options ?? {},\n async (options) => {\n return this.client.sendOperationRequest(\n { options },\n getOperationSpec\n ) as Promise<SigningCertificatesGetResponse>;\n }\n );\n }\n}\n// Operation Specifications\nconst serializer = coreClient.createSerializer(Mappers, /* isXml */ false);\n\nconst getOperationSpec: coreClient.OperationSpec = {\n path: \"/certs\",\n httpMethod: \"GET\",\n responses: {\n 200: {\n bodyMapper: Mappers.JsonWebKeySet\n },\n default: {\n bodyMapper: Mappers.CloudError\n }\n },\n urlParameters: [Parameters.instanceUrl],\n headerParameters: [Parameters.accept2],\n serializer\n};\n"]}
|
|
@@ -30,6 +30,23 @@ export class AttestationResultImpl {
|
|
|
30
30
|
this._enclaveHeldData = params.enclaveHeldData;
|
|
31
31
|
this._sgxCollateral = params.sgxCollateral;
|
|
32
32
|
}
|
|
33
|
+
_issuer;
|
|
34
|
+
_version;
|
|
35
|
+
_nonce;
|
|
36
|
+
_uniqueId;
|
|
37
|
+
_runTimeClaims;
|
|
38
|
+
_initTimeClaims;
|
|
39
|
+
_policyClaims;
|
|
40
|
+
_verifierType;
|
|
41
|
+
_policySigner;
|
|
42
|
+
_policyHash;
|
|
43
|
+
_isDebuggable;
|
|
44
|
+
_productId;
|
|
45
|
+
_mrEnclave;
|
|
46
|
+
_mrSigner;
|
|
47
|
+
_svn;
|
|
48
|
+
_enclaveHeldData;
|
|
49
|
+
_sgxCollateral;
|
|
33
50
|
/**
|
|
34
51
|
* Unique Identifier for the token
|
|
35
52
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"attestationResult.js","sourceRoot":"","sources":["../../../src/models/attestationResult.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC,OAAO,EAAE,+BAA+B,EAAE,MAAM,wBAAwB,CAAC;AAqLzE;;GAEG;AACH,MAAM,OAAO,qBAAqB;IAChC;;;;;OAKG;IACH,YAAY,MAkBX;QACC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC;QAC3B,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC;QAC/B,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,aAAa,CAAC;QAC3C,IAAI,CAAC,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC;QAC7C,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,UAAU,CAAC;QACrC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC;QACvB,IAAI,CAAC,gBAAgB,GAAG,MAAM,CAAC,eAAe,CAAC;QAC/C,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,aAAa,CAAC;IAC7C,CAAC;IAoBD;;;OAGG;IACH,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;;OAGG;IACH,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,IAAI,OAAO;QACT,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,IAAI,aAAa;QACf,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IACD;;OAEG;IACH,IAAI,cAAc;QAChB,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IACD;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IACD;;OAEG;IACH,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IACD;;OAEG;IACH,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IACD;;OAEG;IACH,IAAI,GAAG;QACL,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IACD;;OAEG;IACH,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IACD;;OAEG;IACH,IAAI,aAAa;QACf,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;CACF;AAED;;;;;;GAMG;AACH,MAAM,UAAU,+BAA+B,CAC7C,SAAqC;IAErC,OAAO,IAAI,qBAAqB,CAAC;QAC/B,MAAM,EAAE,SAAS,CAAC,GAAG;QACrB,OAAO,EAAE,SAAS,CAAC,OAAO;QAC1B,KAAK,EAAE,SAAS,CAAC,KAAK;QACtB,QAAQ,EAAE,SAAS,CAAC,GAAG;QACvB,YAAY,EAAE,SAAS,CAAC,YAAY;YAClC,CAAC,CAAC,+BAA+B,CAAC,SAAS,CAAC,YAAY,CAAC;YACzD,CAAC,CAAC,SAAS;QACb,aAAa,EAAE,SAAS,CAAC,aAAa;QACtC,cAAc,EAAE,SAAS,CAAC,cAAc;QACxC,YAAY,EAAE,SAAS,CAAC,YAAY;QACpC,YAAY,EAAE,SAAS,CAAC,YAAY;QACpC,UAAU,EAAE,SAAS,CAAC,UAAU;QAChC,YAAY,EAAE,SAAS,CAAC,YAAY;QACpC,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,QAAQ,EAAE,SAAS,CAAC,QAAQ;QAC5B,GAAG,EAAE,SAAS,CAAC,GAAG;QAClB,eAAe,EAAE,SAAS,CAAC,eAAe;QAC1C,aAAa,EAAE,SAAS,CAAC,aAAa;KACvC,CAAC,CAAC;AACL,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AttestationSigner } from \"./index.js\";\nimport type { GeneratedAttestationResult } from \"../generated/index.js\";\nimport { _attestationSignerFromGenerated } from \"./attestationSigner.js\";\n\n/**\n * Defines the contents of the {@link AttestationResult.sgxCollateral} claim in\n * an {@link AttestationResult}.\n */\nexport interface AttestationSgxCollateralInfo {\n /**\n * Hex encoded Sha256 hash of the Quoting Enclave Certificates.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n qeidcertshash?: string;\n /**\n * Hex encoded Sha256 hash of the Quoting Enclave Certificate CRL.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n qeidcrlhash?: string;\n /**\n * Hex encoded Sha256 hash of the Quoting Enclave Identity.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n qeidhash?: string;\n /**\n * Hex encoded Sha256 hash of the SGX Quote or OpenEnclave Report validated\n * by this token.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n quotehash?: string;\n /**\n * Hex encoded Sha256 hash of the TCB Info Certificates.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n tcbinfocertshash?: string;\n /**\n * Hex encoded Sha256 hash of the TCB Info Certificate CRL.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n tcbinfocrlhash?: string;\n /**\n * Hex encoded Sha256 hash of the TCB Info for the device being attested.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n tcbinfohash?: string;\n}\n\n/**\n * A Microsoft Azure Attestation response token body - the body of a response token issued by MAA\n */\nexport interface AttestationResult {\n /**\n * Unique Identifier for the token.\n *\n * Corresponds to the 'jti' claim defined in\n * {@link https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.7 | RFC 7519 section 4.1.7}\n */\n uniqueId: string;\n\n /**\n * Returns the issuer of the attestation token. MUST be the same as the\n * endpoint used when constructing the attestation client instance.\n */\n issuer: string;\n\n /**\n * Returns the \"nonce\" value if one was specified in the Attest request.\n */\n nonce?: string;\n\n /**\n * The Schema version of this structure. Current Value: 1.0\n */\n version: string;\n\n /**\n * Returns the runtime claims in the token.\n *\n * This value will match the input `runTimeJson` property to the\n * {@link AttestationClient.attestSgxEnclave} or\n * {@link AttestationClient.attestOpenEnclave} API.\n *\n * @remarks\n *\n * The `runtimeClaims` property will only be populated if the\n * `runtimeJson` parameter to the `Attest` API is specified. It will\n * not be populated if the `runtimeData` parameter is specified.\n */\n runTimeClaims: unknown;\n /**\n * Returns the initialization time claims in the token.\n * This value will match the input `initTimeJson` property to the\n * {@link AttestationClient.attestSgxEnclave} or\n * {@link AttestationClient.attestOpenEnclave} API.\n *\n * @remarks\n *\n * The `initTimeClaims` property will only be populated if the `initTimeJson`\n * parameter to the `Attest` API is specified. It will not be populated if\n * the `initTimeData` parameter is specified.\n */\n initTimeClaims: unknown;\n\n /**\n * Returns the set of claims generated by the attestation policy on the instance.\n */\n policyClaims: unknown;\n\n /**\n * Returns the verifier which generated this attestation token. Normally one of:\n * \"SGX\" or \"TPM\", but others can be specified.\n */\n verifierType: string;\n /**\n * The certificate used to sign the policy object, if specified.\n */\n policySigner?: AttestationSigner;\n /**\n * The base64url encoded SHA256 hash of the BASE64URL encoded policy text\n * used for attestation.\n */\n policyHash: Uint8Array;\n /**\n * True if the enclave is debuggable, false otherwise. Only valid if `verifierType` is SGX.\n */\n isDebuggable?: boolean;\n\n /**\n * The SGX Product ID for the enclave. Only valid if the `verifierType` field is \"SGX\"\n */\n productId?: number;\n /**\n * The HEX encoded SGX MRENCLAVE value for the enclave. Only valid if the\n * `verifierType` field is \"SGX\"\n */\n mrEnclave?: string;\n\n /**\n * The HEX encoded SGX MRSIGNER value for the enclave. Only valid if the\n * `verifierType` field is \"SGX\"\n */\n mrSigner?: string;\n\n /**\n * The SGX SVN value for the enclave. Only valid if the `verifierType` field is \"SGX\"\n */\n svn?: number;\n\n /**\n * Returns the value of the runtime_data field specified as an input to the\n * {@link AttestationClient.attestSgxEnclave} or {@link AttestationClient.attestOpenEnclave} API.\n *\n * @remarks\n *\n * The `enclaveHeldData` property will only be populated if the\n * `runtimeData` parameter to the `Attest` API is specified.\n */\n enclaveHeldData?: Uint8Array;\n\n /**\n * Returns a set of information describing the complete set of inputs to the\n * Attestation validation logic.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n sgxCollateral?: AttestationSgxCollateralInfo;\n}\n\n/**\n * A Microsoft Azure Attestation response token body - the body of a response token issued by MAA\n */\nexport class AttestationResultImpl implements AttestationResult {\n /**\n *\n * @param params - The parameters for the constructor.\n *\n * @hidden\n */\n constructor(params: {\n issuer: string;\n version: string;\n nonce?: string;\n uniqueId: string;\n runTimeClaims?: unknown;\n initTimeClaims?: unknown;\n policyClaims?: unknown;\n verifierType: string;\n policySigner?: AttestationSigner;\n policyHash: Uint8Array;\n isDebuggable?: boolean;\n productId?: number;\n mrEnclave?: string;\n mrSigner?: string;\n svn?: number;\n enclaveHeldData?: Uint8Array;\n sgxCollateral?: AttestationSgxCollateralInfo;\n }) {\n this._issuer = params.issuer;\n this._nonce = params.nonce;\n this._version = params.version;\n this._uniqueId = params.uniqueId;\n this._runTimeClaims = params.runTimeClaims;\n this._initTimeClaims = params.initTimeClaims;\n this._policyClaims = params.policyClaims;\n this._verifierType = params.verifierType;\n this._policySigner = params.policySigner;\n this._policyHash = params.policyHash;\n this._isDebuggable = params.isDebuggable;\n this._productId = params.productId;\n this._mrEnclave = params.mrEnclave;\n this._mrSigner = params.mrSigner;\n this._svn = params.svn;\n this._enclaveHeldData = params.enclaveHeldData;\n this._sgxCollateral = params.sgxCollateral;\n }\n\n private _issuer: string;\n private _version: string;\n private _nonce?: string;\n private _uniqueId: string;\n private _runTimeClaims?: unknown;\n private _initTimeClaims?: unknown;\n private _policyClaims?: unknown;\n private _verifierType: string;\n private _policySigner?: AttestationSigner;\n private _policyHash: Uint8Array;\n private _isDebuggable?: boolean;\n private _productId?: number;\n private _mrEnclave?: string;\n private _mrSigner?: string;\n private _svn?: number;\n private _enclaveHeldData?: Uint8Array;\n private _sgxCollateral?: AttestationSgxCollateralInfo;\n\n /**\n * Unique Identifier for the token\n *\n */\n get uniqueId(): string {\n return this._uniqueId;\n }\n\n /**\n * Returns the issuer of the attestation token. MUST be the same as the\n * endpoint used when constructing the attestation client instance.\n */\n get issuer(): string {\n return this._issuer;\n }\n\n /**\n * Returns the \"nonce\" value specified in the Attest request.\n */\n get nonce(): string | undefined {\n return this._nonce;\n }\n\n /**\n * The Schema version of this structure. Current Value: 1.0\n */\n get version(): string {\n return this._version;\n }\n\n /**\n * Runtime Claims\n */\n get runTimeClaims(): unknown {\n return this._runTimeClaims;\n }\n /**\n * Inittime Claims\n */\n get initTimeClaims(): unknown {\n return this._initTimeClaims;\n }\n\n /**\n * Policy Generated Claims\n */\n get policyClaims(): unknown {\n return this._policyClaims;\n }\n /**\n * The Attestation type being attested.\n */\n get verifierType(): string {\n return this._verifierType;\n }\n /**\n * The certificate used to sign the policy object, if specified.\n */\n get policySigner(): AttestationSigner | undefined {\n return this._policySigner;\n }\n /**\n * The SHA256 hash of the BASE64URL encoded policy text used for attestation\n */\n get policyHash(): Uint8Array {\n return this._policyHash;\n }\n /**\n * True if the enclave is debuggable, false otherwise\n */\n get isDebuggable(): boolean | undefined {\n return this._isDebuggable;\n }\n /**\n * The SGX Product ID for the enclave.\n */\n get productId(): number | undefined {\n return this._productId;\n }\n /**\n * The HEX encoded SGX MRENCLAVE value for the enclave.\n */\n get mrEnclave(): string | undefined {\n return this._mrEnclave;\n }\n /**\n * The HEX encoded SGX MRSIGNER value for the enclave.\n */\n get mrSigner(): string | undefined {\n return this._mrSigner;\n }\n /**\n * The SGX SVN value for the enclave.\n */\n get svn(): number | undefined {\n return this._svn;\n }\n /**\n * A copy of the RuntimeData specified as an input to the attest call.\n */\n get enclaveHeldData(): Uint8Array | undefined {\n return this._enclaveHeldData;\n }\n /**\n * The SGX SVN value for the enclave.\n */\n get sgxCollateral(): AttestationSgxCollateralInfo | undefined {\n return this._sgxCollateral;\n }\n}\n\n/**\n *\n * @param generated - Generated attestation result object.\n * @returns newly created AttestationResult from the generated result.\n *\n * @internal\n */\nexport function _attestationResultFromGenerated(\n generated: GeneratedAttestationResult,\n): AttestationResultImpl {\n return new AttestationResultImpl({\n issuer: generated.iss,\n version: generated.version,\n nonce: generated.nonce,\n uniqueId: generated.jti,\n policySigner: generated.policySigner\n ? _attestationSignerFromGenerated(generated.policySigner)\n : undefined,\n runTimeClaims: generated.runtimeClaims,\n initTimeClaims: generated.inittimeClaims,\n policyClaims: generated.policyClaims,\n verifierType: generated.verifierType,\n policyHash: generated.policyHash,\n isDebuggable: generated.isDebuggable,\n productId: generated.productId,\n mrEnclave: generated.mrEnclave,\n mrSigner: generated.mrSigner,\n svn: generated.svn,\n enclaveHeldData: generated.enclaveHeldData,\n sgxCollateral: generated.sgxCollateral,\n });\n}\n"]}
|
|
1
|
+
{"version":3,"file":"attestationResult.js","sourceRoot":"","sources":["../../../src/models/attestationResult.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC,OAAO,EAAE,+BAA+B,EAAE,MAAM,wBAAwB,CAAC;AAqLzE;;GAEG;AACH,MAAM,OAAO,qBAAqB;IAChC;;;;;OAKG;IACH,YAAY,MAkBX;QACC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC;QAC3B,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC;QAC/B,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,aAAa,CAAC;QAC3C,IAAI,CAAC,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC;QAC7C,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,UAAU,CAAC;QACrC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC;QACvB,IAAI,CAAC,gBAAgB,GAAG,MAAM,CAAC,eAAe,CAAC;QAC/C,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,aAAa,CAAC;IAC7C,CAAC;IAEO,OAAO,CAAS;IAChB,QAAQ,CAAS;IACjB,MAAM,CAAU;IAChB,SAAS,CAAS;IAClB,cAAc,CAAW;IACzB,eAAe,CAAW;IAC1B,aAAa,CAAW;IACxB,aAAa,CAAS;IACtB,aAAa,CAAqB;IAClC,WAAW,CAAa;IACxB,aAAa,CAAW;IACxB,UAAU,CAAU;IACpB,UAAU,CAAU;IACpB,SAAS,CAAU;IACnB,IAAI,CAAU;IACd,gBAAgB,CAAc;IAC9B,cAAc,CAAgC;IAEtD;;;OAGG;IACH,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;;OAGG;IACH,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,IAAI,OAAO;QACT,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,IAAI,aAAa;QACf,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IACD;;OAEG;IACH,IAAI,cAAc;QAChB,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IACD;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IACD;;OAEG;IACH,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IACD;;OAEG;IACH,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IACD;;OAEG;IACH,IAAI,GAAG;QACL,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IACD;;OAEG;IACH,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IACD;;OAEG;IACH,IAAI,aAAa;QACf,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;CACF;AAED;;;;;;GAMG;AACH,MAAM,UAAU,+BAA+B,CAC7C,SAAqC;IAErC,OAAO,IAAI,qBAAqB,CAAC;QAC/B,MAAM,EAAE,SAAS,CAAC,GAAG;QACrB,OAAO,EAAE,SAAS,CAAC,OAAO;QAC1B,KAAK,EAAE,SAAS,CAAC,KAAK;QACtB,QAAQ,EAAE,SAAS,CAAC,GAAG;QACvB,YAAY,EAAE,SAAS,CAAC,YAAY;YAClC,CAAC,CAAC,+BAA+B,CAAC,SAAS,CAAC,YAAY,CAAC;YACzD,CAAC,CAAC,SAAS;QACb,aAAa,EAAE,SAAS,CAAC,aAAa;QACtC,cAAc,EAAE,SAAS,CAAC,cAAc;QACxC,YAAY,EAAE,SAAS,CAAC,YAAY;QACpC,YAAY,EAAE,SAAS,CAAC,YAAY;QACpC,UAAU,EAAE,SAAS,CAAC,UAAU;QAChC,YAAY,EAAE,SAAS,CAAC,YAAY;QACpC,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,QAAQ,EAAE,SAAS,CAAC,QAAQ;QAC5B,GAAG,EAAE,SAAS,CAAC,GAAG;QAClB,eAAe,EAAE,SAAS,CAAC,eAAe;QAC1C,aAAa,EAAE,SAAS,CAAC,aAAa;KACvC,CAAC,CAAC;AACL,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AttestationSigner } from \"./index.js\";\nimport type { GeneratedAttestationResult } from \"../generated/index.js\";\nimport { _attestationSignerFromGenerated } from \"./attestationSigner.js\";\n\n/**\n * Defines the contents of the {@link AttestationResult.sgxCollateral} claim in\n * an {@link AttestationResult}.\n */\nexport interface AttestationSgxCollateralInfo {\n /**\n * Hex encoded Sha256 hash of the Quoting Enclave Certificates.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n qeidcertshash?: string;\n /**\n * Hex encoded Sha256 hash of the Quoting Enclave Certificate CRL.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n qeidcrlhash?: string;\n /**\n * Hex encoded Sha256 hash of the Quoting Enclave Identity.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n qeidhash?: string;\n /**\n * Hex encoded Sha256 hash of the SGX Quote or OpenEnclave Report validated\n * by this token.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n quotehash?: string;\n /**\n * Hex encoded Sha256 hash of the TCB Info Certificates.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n tcbinfocertshash?: string;\n /**\n * Hex encoded Sha256 hash of the TCB Info Certificate CRL.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n tcbinfocrlhash?: string;\n /**\n * Hex encoded Sha256 hash of the TCB Info for the device being attested.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n tcbinfohash?: string;\n}\n\n/**\n * A Microsoft Azure Attestation response token body - the body of a response token issued by MAA\n */\nexport interface AttestationResult {\n /**\n * Unique Identifier for the token.\n *\n * Corresponds to the 'jti' claim defined in\n * {@link https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.7 | RFC 7519 section 4.1.7}\n */\n uniqueId: string;\n\n /**\n * Returns the issuer of the attestation token. MUST be the same as the\n * endpoint used when constructing the attestation client instance.\n */\n issuer: string;\n\n /**\n * Returns the \"nonce\" value if one was specified in the Attest request.\n */\n nonce?: string;\n\n /**\n * The Schema version of this structure. Current Value: 1.0\n */\n version: string;\n\n /**\n * Returns the runtime claims in the token.\n *\n * This value will match the input `runTimeJson` property to the\n * {@link AttestationClient.attestSgxEnclave} or\n * {@link AttestationClient.attestOpenEnclave} API.\n *\n * @remarks\n *\n * The `runtimeClaims` property will only be populated if the\n * `runtimeJson` parameter to the `Attest` API is specified. It will\n * not be populated if the `runtimeData` parameter is specified.\n */\n runTimeClaims: unknown;\n /**\n * Returns the initialization time claims in the token.\n * This value will match the input `initTimeJson` property to the\n * {@link AttestationClient.attestSgxEnclave} or\n * {@link AttestationClient.attestOpenEnclave} API.\n *\n * @remarks\n *\n * The `initTimeClaims` property will only be populated if the `initTimeJson`\n * parameter to the `Attest` API is specified. It will not be populated if\n * the `initTimeData` parameter is specified.\n */\n initTimeClaims: unknown;\n\n /**\n * Returns the set of claims generated by the attestation policy on the instance.\n */\n policyClaims: unknown;\n\n /**\n * Returns the verifier which generated this attestation token. Normally one of:\n * \"SGX\" or \"TPM\", but others can be specified.\n */\n verifierType: string;\n /**\n * The certificate used to sign the policy object, if specified.\n */\n policySigner?: AttestationSigner;\n /**\n * The base64url encoded SHA256 hash of the BASE64URL encoded policy text\n * used for attestation.\n */\n policyHash: Uint8Array;\n /**\n * True if the enclave is debuggable, false otherwise. Only valid if `verifierType` is SGX.\n */\n isDebuggable?: boolean;\n\n /**\n * The SGX Product ID for the enclave. Only valid if the `verifierType` field is \"SGX\"\n */\n productId?: number;\n /**\n * The HEX encoded SGX MRENCLAVE value for the enclave. Only valid if the\n * `verifierType` field is \"SGX\"\n */\n mrEnclave?: string;\n\n /**\n * The HEX encoded SGX MRSIGNER value for the enclave. Only valid if the\n * `verifierType` field is \"SGX\"\n */\n mrSigner?: string;\n\n /**\n * The SGX SVN value for the enclave. Only valid if the `verifierType` field is \"SGX\"\n */\n svn?: number;\n\n /**\n * Returns the value of the runtime_data field specified as an input to the\n * {@link AttestationClient.attestSgxEnclave} or {@link AttestationClient.attestOpenEnclave} API.\n *\n * @remarks\n *\n * The `enclaveHeldData` property will only be populated if the\n * `runtimeData` parameter to the `Attest` API is specified.\n */\n enclaveHeldData?: Uint8Array;\n\n /**\n * Returns a set of information describing the complete set of inputs to the\n * Attestation validation logic.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n sgxCollateral?: AttestationSgxCollateralInfo;\n}\n\n/**\n * A Microsoft Azure Attestation response token body - the body of a response token issued by MAA\n */\nexport class AttestationResultImpl implements AttestationResult {\n /**\n *\n * @param params - The parameters for the constructor.\n *\n * @hidden\n */\n constructor(params: {\n issuer: string;\n version: string;\n nonce?: string;\n uniqueId: string;\n runTimeClaims?: unknown;\n initTimeClaims?: unknown;\n policyClaims?: unknown;\n verifierType: string;\n policySigner?: AttestationSigner;\n policyHash: Uint8Array;\n isDebuggable?: boolean;\n productId?: number;\n mrEnclave?: string;\n mrSigner?: string;\n svn?: number;\n enclaveHeldData?: Uint8Array;\n sgxCollateral?: AttestationSgxCollateralInfo;\n }) {\n this._issuer = params.issuer;\n this._nonce = params.nonce;\n this._version = params.version;\n this._uniqueId = params.uniqueId;\n this._runTimeClaims = params.runTimeClaims;\n this._initTimeClaims = params.initTimeClaims;\n this._policyClaims = params.policyClaims;\n this._verifierType = params.verifierType;\n this._policySigner = params.policySigner;\n this._policyHash = params.policyHash;\n this._isDebuggable = params.isDebuggable;\n this._productId = params.productId;\n this._mrEnclave = params.mrEnclave;\n this._mrSigner = params.mrSigner;\n this._svn = params.svn;\n this._enclaveHeldData = params.enclaveHeldData;\n this._sgxCollateral = params.sgxCollateral;\n }\n\n private _issuer: string;\n private _version: string;\n private _nonce?: string;\n private _uniqueId: string;\n private _runTimeClaims?: unknown;\n private _initTimeClaims?: unknown;\n private _policyClaims?: unknown;\n private _verifierType: string;\n private _policySigner?: AttestationSigner;\n private _policyHash: Uint8Array;\n private _isDebuggable?: boolean;\n private _productId?: number;\n private _mrEnclave?: string;\n private _mrSigner?: string;\n private _svn?: number;\n private _enclaveHeldData?: Uint8Array;\n private _sgxCollateral?: AttestationSgxCollateralInfo;\n\n /**\n * Unique Identifier for the token\n *\n */\n get uniqueId(): string {\n return this._uniqueId;\n }\n\n /**\n * Returns the issuer of the attestation token. MUST be the same as the\n * endpoint used when constructing the attestation client instance.\n */\n get issuer(): string {\n return this._issuer;\n }\n\n /**\n * Returns the \"nonce\" value specified in the Attest request.\n */\n get nonce(): string | undefined {\n return this._nonce;\n }\n\n /**\n * The Schema version of this structure. Current Value: 1.0\n */\n get version(): string {\n return this._version;\n }\n\n /**\n * Runtime Claims\n */\n get runTimeClaims(): unknown {\n return this._runTimeClaims;\n }\n /**\n * Inittime Claims\n */\n get initTimeClaims(): unknown {\n return this._initTimeClaims;\n }\n\n /**\n * Policy Generated Claims\n */\n get policyClaims(): unknown {\n return this._policyClaims;\n }\n /**\n * The Attestation type being attested.\n */\n get verifierType(): string {\n return this._verifierType;\n }\n /**\n * The certificate used to sign the policy object, if specified.\n */\n get policySigner(): AttestationSigner | undefined {\n return this._policySigner;\n }\n /**\n * The SHA256 hash of the BASE64URL encoded policy text used for attestation\n */\n get policyHash(): Uint8Array {\n return this._policyHash;\n }\n /**\n * True if the enclave is debuggable, false otherwise\n */\n get isDebuggable(): boolean | undefined {\n return this._isDebuggable;\n }\n /**\n * The SGX Product ID for the enclave.\n */\n get productId(): number | undefined {\n return this._productId;\n }\n /**\n * The HEX encoded SGX MRENCLAVE value for the enclave.\n */\n get mrEnclave(): string | undefined {\n return this._mrEnclave;\n }\n /**\n * The HEX encoded SGX MRSIGNER value for the enclave.\n */\n get mrSigner(): string | undefined {\n return this._mrSigner;\n }\n /**\n * The SGX SVN value for the enclave.\n */\n get svn(): number | undefined {\n return this._svn;\n }\n /**\n * A copy of the RuntimeData specified as an input to the attest call.\n */\n get enclaveHeldData(): Uint8Array | undefined {\n return this._enclaveHeldData;\n }\n /**\n * The SGX SVN value for the enclave.\n */\n get sgxCollateral(): AttestationSgxCollateralInfo | undefined {\n return this._sgxCollateral;\n }\n}\n\n/**\n *\n * @param generated - Generated attestation result object.\n * @returns newly created AttestationResult from the generated result.\n *\n * @internal\n */\nexport function _attestationResultFromGenerated(\n generated: GeneratedAttestationResult,\n): AttestationResultImpl {\n return new AttestationResultImpl({\n issuer: generated.iss,\n version: generated.version,\n nonce: generated.nonce,\n uniqueId: generated.jti,\n policySigner: generated.policySigner\n ? _attestationSignerFromGenerated(generated.policySigner)\n : undefined,\n runTimeClaims: generated.runtimeClaims,\n initTimeClaims: generated.inittimeClaims,\n policyClaims: generated.policyClaims,\n verifierType: generated.verifierType,\n policyHash: generated.policyHash,\n isDebuggable: generated.isDebuggable,\n productId: generated.productId,\n mrEnclave: generated.mrEnclave,\n mrSigner: generated.mrSigner,\n svn: generated.svn,\n enclaveHeldData: generated.enclaveHeldData,\n sgxCollateral: generated.sgxCollateral,\n });\n}\n"]}
|
|
@@ -9,10 +9,9 @@ import { pemFromBase64 } from "../utils/helpers.js";
|
|
|
9
9
|
* @internal
|
|
10
10
|
*/
|
|
11
11
|
export function _attestationSignerFromGenerated(key) {
|
|
12
|
-
var _a, _b;
|
|
13
12
|
return {
|
|
14
|
-
keyId: key
|
|
15
|
-
certificates:
|
|
13
|
+
keyId: key?.kid,
|
|
14
|
+
certificates: key?.x5C?.map((cert) => pemFromBase64(cert, "CERTIFICATE")) ?? [],
|
|
16
15
|
};
|
|
17
16
|
}
|
|
18
17
|
//# sourceMappingURL=attestationSigner.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"attestationSigner.js","sourceRoot":"","sources":["../../../src/models/attestationSigner.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAqBpD;;;;;;GAMG;AACH,MAAM,UAAU,+BAA+B,CAAC,GAAgB
|
|
1
|
+
{"version":3,"file":"attestationSigner.js","sourceRoot":"","sources":["../../../src/models/attestationSigner.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAqBpD;;;;;;GAMG;AACH,MAAM,UAAU,+BAA+B,CAAC,GAAgB;IAC9D,OAAO;QACL,KAAK,EAAE,GAAG,EAAE,GAAG;QACf,YAAY,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC,IAAI,EAAE;KAChF,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { JsonWebKey } from \"../generated/models/index.js\";\nimport { pemFromBase64 } from \"../utils/helpers.js\";\n\n/**\n * An AttestationSigner represents a signing certificate chain/Key ID combination\n * returned by the attestation service.\n */\nexport interface AttestationSigner {\n /**\n * The Key ID for the signer, as defined by the \"kid\" parameter in\n * {@link https://datatracker.ietf.org/doc/html/rfc7517#section-4.5 | RFC 7517 section 4.5}\n */\n keyId?: string;\n\n /**\n * An array of X.509 certificates DER encoded and PEM encoded one of which\n * will be used to sign an attestation token. Also the \"x5c\" parameter in\n * {@link https://datatracker.ietf.org/doc/html/rfc7517#section-4.7 | RFC 7517 section 4.7}\n */\n certificates: string[];\n}\n\n/**\n *\n * @param key - JsonWebKey for signing key.\n * @returns AttestationSigner created from the JsonWebKey.\n *\n * @internal\n */\nexport function _attestationSignerFromGenerated(key?: JsonWebKey): AttestationSigner {\n return {\n keyId: key?.kid,\n certificates: key?.x5C?.map((cert) => pemFromBase64(cert, \"CERTIFICATE\")) ?? [],\n };\n}\n"]}
|
|
@@ -36,6 +36,13 @@ export class AttestationTokenImpl {
|
|
|
36
36
|
// this._signature = base64UrlDecodeString(pieces[2]);
|
|
37
37
|
this._jwsVerifier = jsrsasign.KJUR.jws.JWS.parse(token);
|
|
38
38
|
}
|
|
39
|
+
_token;
|
|
40
|
+
_headerBytes;
|
|
41
|
+
_header;
|
|
42
|
+
_bodyBytes;
|
|
43
|
+
_body;
|
|
44
|
+
// private _signature: Uint8Array;
|
|
45
|
+
_jwsVerifier; // jsrsasign.KJUR.jws.JWS.JWSResult;
|
|
39
46
|
/**
|
|
40
47
|
* Returns the deserialized body of the AttestationToken object.
|
|
41
48
|
*
|
|
@@ -116,7 +123,6 @@ export class AttestationTokenImpl {
|
|
|
116
123
|
* @param options - Options to be used validating the time properties.
|
|
117
124
|
*/
|
|
118
125
|
validateTimeProperties(options) {
|
|
119
|
-
var _a, _b;
|
|
120
126
|
// Calculate the current time as a number of seconds since the start of the
|
|
121
127
|
// Unix epoch.
|
|
122
128
|
const problems = new Array();
|
|
@@ -126,7 +132,7 @@ export class AttestationTokenImpl {
|
|
|
126
132
|
const expTime = this.expiresOn.getTime() / 1000;
|
|
127
133
|
if (timeNow > expTime) {
|
|
128
134
|
const delta = timeNow - expTime;
|
|
129
|
-
if (delta > (
|
|
135
|
+
if (delta > (options.timeValidationSlack ?? 0)) {
|
|
130
136
|
problems.push("AttestationToken has expired.");
|
|
131
137
|
}
|
|
132
138
|
}
|
|
@@ -136,7 +142,7 @@ export class AttestationTokenImpl {
|
|
|
136
142
|
const nbfTime = this.notBefore.getTime() / 1000;
|
|
137
143
|
if (nbfTime > timeNow) {
|
|
138
144
|
const delta = nbfTime - timeNow;
|
|
139
|
-
if (delta > (
|
|
145
|
+
if (delta > (options.timeValidationSlack ?? 0)) {
|
|
140
146
|
problems.push("AttestationToken is not yet valid.");
|
|
141
147
|
}
|
|
142
148
|
}
|
|
@@ -166,7 +172,7 @@ export class AttestationTokenImpl {
|
|
|
166
172
|
}
|
|
167
173
|
}
|
|
168
174
|
else {
|
|
169
|
-
possibleSigningCertificates
|
|
175
|
+
possibleSigningCertificates?.map((value) => candidateSigners.push(value));
|
|
170
176
|
if (this.certificateChain !== undefined) {
|
|
171
177
|
candidateSigners.push(this.certificateChain);
|
|
172
178
|
}
|
|
@@ -183,8 +189,7 @@ export class AttestationTokenImpl {
|
|
|
183
189
|
* If the value of algorithm is "none" it indicates that the token is unsecured.
|
|
184
190
|
*/
|
|
185
191
|
get algorithm() {
|
|
186
|
-
|
|
187
|
-
return (_a = this._header) === null || _a === void 0 ? void 0 : _a.alg;
|
|
192
|
+
return this._header?.alg;
|
|
188
193
|
}
|
|
189
194
|
/**
|
|
190
195
|
* Json Web Signature Header "kid".
|
|
@@ -307,7 +312,6 @@ export class AttestationTokenImpl {
|
|
|
307
312
|
* @returns an {@link AttestationToken | attestation token}
|
|
308
313
|
*/
|
|
309
314
|
static create(params) {
|
|
310
|
-
var _a;
|
|
311
315
|
const header = { alg: "none" };
|
|
312
316
|
if ((!params.privateKey && params.certificate) || (params.privateKey && !params.certificate)) {
|
|
313
317
|
throw new Error("If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.");
|
|
@@ -333,7 +337,7 @@ export class AttestationTokenImpl {
|
|
|
333
337
|
else {
|
|
334
338
|
header.alg = "none";
|
|
335
339
|
}
|
|
336
|
-
const encodedToken = jsrsasign.KJUR.jws.JWS.sign(header.alg, header,
|
|
340
|
+
const encodedToken = jsrsasign.KJUR.jws.JWS.sign(header.alg, header, params.body ?? "", params.privateKey);
|
|
337
341
|
return new AttestationTokenImpl(encodedToken);
|
|
338
342
|
}
|
|
339
343
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"attestationToken.js","sourceRoot":"","sources":["../../../src/models/attestationToken.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,qEAAqE;AACrE,yCAAyC;AACzC,OAAO,KAAK,SAAS,MAAM,WAAW,CAAC;AAGvC,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,OAAO,EAAE,+BAA+B,EAAE,MAAM,wBAAwB,CAAC;AAEzE,OAAO,KAAK,OAAO,MAAM,gCAAgC,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,2BAA2B,EAAE,MAAM,qBAAqB,CAAC;AAkN/E;;;;;;;GAOG;AACH,MAAM,OAAO,oBAAoB;IAC/B;;;;OAIG;IACH,YAAY,KAAa;QACvB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC;QAEpB,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAChC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,CAAC,YAAY,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACrD,IAAI,CAAC,OAAO,GAAG,aAAa,CAAC,aAAa,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;QAC/D,IAAI,CAAC,UAAU,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACnD,IAAI,CAAC,KAAK,GAAG,aAAa,CAAC,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAC3D,2DAA2D;QAE3D,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC1D,CAAC;IAWD;;;;OAIG;IACI,OAAO;QACZ,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC;IACtC,CAAC;IAED;;;;;;;OAOG;IACI,SAAS;QACd,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED;;;;;;OAMG;IACI,gBAAgB,CACrB,eAAqC,EACrC,UAA6C;QAC3C,sBAAsB,EAAE,IAAI;QAC5B,aAAa,EAAE,IAAI;QACnB,qBAAqB,EAAE,IAAI;KAC5B;QAED,IAAI,QAAQ,GAAG,IAAI,KAAK,EAAU,CAAC;QACnC,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;YAC3B,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,IAAI,WAAW,GAAkC,SAAS,CAAC;QAC3D,IAAI,IAAI,CAAC,SAAS,KAAK,MAAM,EAAE,CAAC;YAC9B,MAAM,OAAO,GAAG,IAAI,CAAC,mBAAmB,CAAC,eAAe,CAAC,CAAC;YAE1D,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;gBACtB,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;gBACzC,kDAAkD;gBAElD,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;gBAEjE,IAAI,OAAO,EAAE,CAAC;oBACZ,WAAW,GAAG,MAAM,CAAC;gBACvB,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC9B,QAAQ,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QAED,iEAAiE;QACjE,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;YAC7B,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,CAAC;YACjE,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;QAC3D,CAAC;QAED,IAAI,OAAO,CAAC,wBAAwB,KAAK,SAAS,EAAE,CAAC;YACnD,kFAAkF;YAClF,kBAAkB;YAClB,MAAM,gBAAgB,GAAG,OAAO,CAAC,wBAAwB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;YAC7E,IAAI,gBAAgB,EAAE,CAAC;gBACrB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,cAAc,CAAC,OAA0C;QAC/D,MAAM,QAAQ,GAAG,IAAI,KAAK,EAAU,CAAC;QACrC,IAAI,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;YAC1C,IAAI,IAAI,CAAC,MAAM,KAAK,OAAO,CAAC,cAAc,EAAE,CAAC;gBAC3C,QAAQ,CAAC,IAAI,CACX,gBAAgB,GAAG,IAAI,CAAC,MAAM,GAAG,qBAAqB,GAAG,OAAO,CAAC,cAAc,CAChF,CAAC;YACJ,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD;;;;OAIG;IACK,sBAAsB,CAAC,OAA0C;;QACvE,2EAA2E;QAC3E,cAAc;QACd,MAAM,QAAQ,GAAG,IAAI,KAAK,EAAU,CAAC;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QAExD,4BAA4B;QAC5B,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,IAAI,OAAO,CAAC,sBAAsB,EAAE,CAAC;YACnE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;YAChD,IAAI,OAAO,GAAG,OAAO,EAAE,CAAC;gBACtB,MAAM,KAAK,GAAG,OAAO,GAAG,OAAO,CAAC;gBAChC,IAAI,KAAK,GAAG,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,CAAC,CAAC,EAAE,CAAC;oBAC/C,QAAQ,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;gBACjD,CAAC;YACH,CAAC;QACH,CAAC;QAED,4BAA4B;QAC5B,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,IAAI,OAAO,CAAC,qBAAqB,EAAE,CAAC;YAClE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;YAChD,IAAI,OAAO,GAAG,OAAO,EAAE,CAAC;gBACtB,MAAM,KAAK,GAAG,OAAO,GAAG,OAAO,CAAC;gBAChC,IAAI,KAAK,GAAG,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,CAAC,CAAC,EAAE,CAAC;oBAC/C,QAAQ,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,cAAc,CAAC,MAAyB;QAC9C,sCAAsC;QACtC,OAAO,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAChC,CAAC;IAEO,mBAAmB,CACzB,2BAAiD;QAEjD,MAAM,gBAAgB,GAAG,IAAI,KAAK,EAAqB,CAAC;QAExD,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC;QAEhC,IAAI,YAAY,KAAK,SAAS,IAAI,2BAA2B,KAAK,SAAS,EAAE,CAAC;YAC5E,2BAA2B,CAAC,OAAO,CAAC,CAAC,cAAc,EAAE,EAAE;gBACrD,IAAI,cAAc,CAAC,KAAK,KAAK,YAAY,EAAE,CAAC;oBAC1C,gBAAgB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;gBACxC,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,uEAAuE;YACvE,sEAAsE;YACtE,qDAAqD;YACrD,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAClC,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,IAAI,IAAI,CAAC,gBAAgB,KAAK,IAAI,EAAE,CAAC;oBAC1E,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBAC/C,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,2BAA2B,aAA3B,2BAA2B,uBAA3B,2BAA2B,CAAE,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;YAC1E,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;gBACxC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QACD,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAED,yDAAyD;IAEzD;;;;;;;OAOG;IACH,IAAW,SAAS;;QAClB,OAAO,MAAA,IAAI,CAAC,OAAO,0CAAE,GAAG,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACH,IAAW,KAAK;QACd,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;;;OAMG;IACH,IAAW,QAAQ;QACjB,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACH,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;;OAKG;IACH,IAAW,MAAM;QACf,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;OAIG;IACH,IAAW,OAAO;QAChB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;OAIG;IACH,IAAW,IAAI;QACb,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;OAGG;IACH,IAAW,qBAAqB;QAC9B,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;OAIG;IACH,IAAW,2BAA2B;QACpC,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACjC,CAAC;IAED;;;;OAIG;IACH,IAAW,gBAAgB;QACzB,IAAI,GAAe,CAAC;QACpB,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YACnC,GAAG,GAAG,gBAAgB,CAAC,WAAW,CAChC,IAAI,CAAC,OAAO,CAAC,GAAG,EAChB,CAAC,OAAO,CAAC,UAAU,CAAC,EACpB,YAAY,CACC,CAAC;QAClB,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,gBAAgB,CAAC,WAAW,CAChC,IAAI,CAAC,OAAO,EACZ,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,EAClC,YAAY,CACC,CAAC;QAClB,CAAC;QACD,OAAO,+BAA+B,CAAC,GAAG,CAAC,CAAC;IAC9C,CAAC;IAED,qDAAqD;IAErD;;;OAGG;IACH,IAAW,MAAM;QACf,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC;IACxB,CAAC;IAED;;;;OAIG;IACH,IAAW,SAAS;QAClB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtE,CAAC;IAED;;;;OAIG;IACH,IAAW,QAAQ;QACjB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtE,CAAC;IAED;;;;;OAKG;IACH,IAAW,SAAS;QAClB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtE,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,MAAM,CAAC,MAIpB;;QACC,MAAM,MAAM,GAGR,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC;QAEpB,IAAI,CAAC,CAAC,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7F,MAAM,IAAI,KAAK,CACb,8HAA8H,CAC/H,CAAC;QACJ,CAAC;QAED,IAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5C,2BAA2B,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5C,MAAM,GAAG,GAAG,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;YACjC,GAAG,CAAC,WAAW,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACpC,MAAM,MAAM,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC;YAClC,IAAI,MAAM,YAAY,SAAS,CAAC,MAAM,EAAE,CAAC;gBACvC,MAAM,CAAC,GAAG,GAAG,OAAO,CAAC;YACvB,CAAC;iBAAM,IAAI,MAAM,YAAY,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACzD,MAAM,CAAC,GAAG,GAAG,OAAO,CAAC;YACvB,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,MAAM,CAAC,CAAC;YAC/D,CAAC;YACD,MAAM,CAAC,GAAG,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QACtC,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,GAAG,GAAG,MAAM,CAAC;QACtB,CAAC;QAED,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAC9C,MAAM,CAAC,GAAG,EACV,MAAM,EACN,MAAA,MAAM,CAAC,IAAI,mCAAI,EAAE,EACjB,MAAM,CAAC,UAAU,CAClB,CAAC;QACF,OAAO,IAAI,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAChD,CAAC;CACF;AAED,SAAS,QAAQ,CAAC,KAAU;IAC1B,OAAO,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,iBAAiB,CAAC;AACrE,CAAC;AAED,SAAS,aAAa,CAAC,KAAU;IAC/B,IAAI,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAClC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n// eslint-disable-next-line @typescript-eslint/triple-slash-reference\n/// <reference path=\"../jsrsasign.d.ts\"/>\nimport * as jsrsasign from \"jsrsasign\";\n\nimport type { JsonWebKey } from \"../generated/models/index.js\";\nimport { base64UrlDecodeString } from \"../utils/base64.js\";\nimport { bytesToString } from \"../utils/utf8.js\";\nimport type { AttestationSigner } from \"./attestationSigner.js\";\nimport { _attestationSignerFromGenerated } from \"./attestationSigner.js\";\n\nimport * as Mappers from \"../generated/models/mappers.js\";\nimport { TypeDeserializer } from \"../utils/typeDeserializer.js\";\nimport { hexToBase64, verifyAttestationSigningKey } from \"../utils/helpers.js\";\n\n/**\n * Options used to validate attestation tokens.\n *\n * @typeparam issuer - if provided, specifies the expected issuer of the attestation token.\n * @typeparam validateExpirationTime - if true, validate the expiration time in the token.\n * @typeparam validateNotBeforeTime - if true, validate the \"not before\" time in the token.\n * @typeparam validateToken - if true, validate the token.\n * @typeparam timeValidationSlack - the validation time slack in the time based validations.\n *\n * @remarks\n *\n * If validateToken, validateNotBeforeTime, or validateExpirationTime are not\n * provided, they are all assumed to be 'true'.\n *\n */\nexport interface AttestationTokenValidationOptions {\n /**\n * If true, validate the attestation token, if false, skip validation.\n */\n validateToken?: boolean;\n /**\n * If true, validate the expiration time for the token.\n */\n validateExpirationTime?: boolean;\n /**\n * If true, validate the \"not before\" time for the token.\n */\n validateNotBeforeTime?: boolean;\n /**\n * If true, validate the issuer of the token.\n */\n validateIssuer?: boolean;\n /**\n * The expected issuer for the {@link AttestationToken}. Only checked if {@link validateIssuer} is set.\n */\n expectedIssuer?: string;\n\n /**\n * Tolerance time (in seconds) used to accound for clock drift between the local machine\n * and the server creating the token.\n */\n timeValidationSlack?: number;\n\n /**\n * Validation function which allows developers to provide their own validation\n * functionality for the attestation token. This can be used to perform additional\n * validations for signing certificate in AttestationSigner.\n *\n * @param token - Attestation Token to validate.\n * @param signer - Signing Certificate which validated the token.\n *\n * @remarks\n *\n * If there is a problem with token validation, the validateAttestationCallback function\n * will return an array of strings indicating the set of problems found in the token.\n *\n * @returns an array of problems in the token, or undefined if there are no problems.\n */\n validateAttestationToken?: (\n token: AttestationToken,\n signer?: AttestationSigner,\n ) => string[] | undefined;\n}\n\n/**\n *\n * An AttestationToken represents an RFC 7515 JSON Web Signature object.\n *\n * It can represent either the token returned by the attestation service,\n * or it can be used to create a token locally which can be used to verify\n * attestation policy changes.\n */\nexport interface AttestationToken {\n /**\n * Returns the deserialized body of the AttestationToken object.\n *\n * @returns The body of the attestation token as an object.\n */\n getBody(): unknown;\n\n /**\n * the token to a string.\n *\n * @remarks\n * Serializes the token to a string.\n *\n * @returns The token serialized to a RFC 7515 JSON Web Signature.\n */\n serialize(): string;\n\n /**\n * Validates the attestation token to verify that it is semantically correct.\n *\n * @param possibleSigners - the set of possible signers for this attestation token.\n * @param options - validation options\n */\n getTokenProblems(\n possibleSigners?: AttestationSigner[],\n options?: AttestationTokenValidationOptions,\n ): string[];\n\n /** ********* JSON WEB SIGNATURE (RFC 7515) PROPERTIES */\n\n /**\n * Returns the algorithm from the header of the JSON Web Signature.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.1 | RFC 7515 Section 4.1.1})\n * for details.\n *\n * If the value of algorithm is \"none\" it indicates that the token is unsecured.\n */\n algorithm: string;\n\n /**\n * Json Web Signature Header \"kid\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.4 | RFC 7515 Section 4.1.4})\n * for details.\n */\n keyId?: string;\n\n /**\n * Json Web Signature Header \"crit\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.11 | RFC 7515 Section 4.1.11})\n * for details.\n *\n */\n critical?: boolean;\n\n /**\n * Json Web Token Header \"content type\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.10 | RFC 7515 Section 4.1.10})\n *\n */\n contentType?: string;\n\n /**\n * Json Web Token Header \"key URL\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.2 | RFC 7515 Section 4.1.2})\n *\n */\n keyUrl?: string;\n\n /**\n * Json Web Token Header \"X509 Url\".\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.5 | RFC 7515 Section 4.1.5})\n *\n */\n x509Url?: string;\n\n /** Json Web Token Header \"Typ\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.9 | RFC 7515 Section 4.1.9})\n *\n */\n type?: string;\n /**\n * Json Web Token Header \"x509 thumprint\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.7 | RFC 7515 Section 4.1.7})\n */\n certificateThumbprint?: string;\n\n /** Json Web Token Header \"x509 SHA256 thumprint\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.8 | RFC 7515 Section 4.1.8})\n *\n */\n certificateSha256Thumbprint?: string;\n\n /** Json Web Token Header \"x509 certificate chain\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.6 | RFC 7515 Section 4.1.6})\n *\n */\n certificateChain?: AttestationSigner;\n\n /** ********* JSON WEB TOKEN (RFC 7519) PROPERTIES */\n\n /** Issuer of the attestation token.\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n issuer?: string;\n\n /** Expiration time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.4 | RFC 7519 Section 4.1.4})\n * for details.\n */\n expiresOn?: Date;\n\n /** Issuance time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n issuedAt?: Date;\n\n /**\n * Not Before time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.5 | RFC 7519 Section 4.1.5})\n * for details.\n */\n notBefore?: Date;\n}\n\n/**\n *\n * An AttestationToken represents an RFC 7515 JSON Web Signature object.\n *\n * It can represent either the token returned by the attestation service,\n * or it can be used to create a token locally which can be used to verify\n * attestation policy changes.\n */\nexport class AttestationTokenImpl implements AttestationToken {\n /**\n * @internal\n *\n * @param token - Attetation token returned by the attestation service.\n */\n constructor(token: string) {\n this._token = token;\n\n const pieces = token.split(\".\");\n if (pieces.length !== 3) {\n throw Error(\"Incorrectly formatted token:\");\n }\n this._headerBytes = base64UrlDecodeString(pieces[0]);\n this._header = safeJsonParse(bytesToString(this._headerBytes));\n this._bodyBytes = base64UrlDecodeString(pieces[1]);\n this._body = safeJsonParse(bytesToString(this._bodyBytes));\n // this._signature = base64UrlDecodeString(pieces[2]);\n\n this._jwsVerifier = jsrsasign.KJUR.jws.JWS.parse(token);\n }\n\n private _token: string;\n private _headerBytes: Uint8Array;\n private _header: any;\n private _bodyBytes: Uint8Array;\n private _body: any;\n // private _signature: Uint8Array;\n\n private _jwsVerifier: any; // jsrsasign.KJUR.jws.JWS.JWSResult;\n\n /**\n * Returns the deserialized body of the AttestationToken object.\n *\n * @returns The body of the attestation token as an object.\n */\n public getBody(): unknown {\n return this._jwsVerifier.payloadObj;\n }\n\n /**\n * the token to a string.\n *\n * @remarks\n * Serializes the token to a string.\n *\n * @returns The token serialized to a RFC 7515 JSON Web Signature.\n */\n public serialize(): string {\n return this._token;\n }\n\n /**\n * Returns the set of problems discovered in the attestation token.\n *\n * @param possibleSigners - the set of possible signers for this attestation token.\n * @param options - validation options\n * @returns an array of string values. If there are no problems, returns an empty array.\n */\n public getTokenProblems(\n possibleSigners?: AttestationSigner[],\n options: AttestationTokenValidationOptions = {\n validateExpirationTime: true,\n validateToken: true,\n validateNotBeforeTime: true,\n },\n ): string[] {\n let problems = new Array<string>();\n if (!options.validateToken) {\n return problems;\n }\n\n let foundSigner: AttestationSigner | undefined = undefined;\n if (this.algorithm !== \"none\") {\n const signers = this.getCandidateSigners(possibleSigners);\n\n signers.some((signer) => {\n const cert = this.certFromSigner(signer);\n // const pubKeyObj = cert.getPublicKey();\n\n const isValid = jsrsasign.KJUR.jws.JWS.verify(this._token, cert);\n\n if (isValid) {\n foundSigner = signer;\n }\n });\n\n if (foundSigner === undefined) {\n problems.push(\"Attestation Token is not properly signed.\");\n }\n }\n\n // If the token has a body, check the expiration time and issuer.\n if (this._body !== undefined) {\n problems = problems.concat(this.validateTimeProperties(options));\n problems = problems.concat(this.validateIssuer(options));\n }\n\n if (options.validateAttestationToken !== undefined) {\n // If there is a validation error, the getProblemsCallback will return the list of\n // problems found.\n const validationErrors = options.validateAttestationToken(this, foundSigner);\n if (validationErrors) {\n problems = problems.concat(validationErrors);\n }\n }\n return problems;\n }\n\n private validateIssuer(options: AttestationTokenValidationOptions): string[] {\n const problems = new Array<string>();\n if (this.issuer && options.validateIssuer) {\n if (this.issuer !== options.expectedIssuer) {\n problems.push(\n \"Found issuer: \" + this.issuer + \"; expected issuer: \" + options.expectedIssuer,\n );\n }\n }\n return problems;\n }\n /**\n * Validate the expiration and notbefore time claims in the JSON web token.\n *\n * @param options - Options to be used validating the time properties.\n */\n private validateTimeProperties(options: AttestationTokenValidationOptions): string[] {\n // Calculate the current time as a number of seconds since the start of the\n // Unix epoch.\n const problems = new Array<string>();\n const timeNow = Math.floor(new Date().getTime() / 1000);\n\n // Validate expiration time.\n if (this.expiresOn !== undefined && options.validateExpirationTime) {\n const expTime = this.expiresOn.getTime() / 1000;\n if (timeNow > expTime) {\n const delta = timeNow - expTime;\n if (delta > (options.timeValidationSlack ?? 0)) {\n problems.push(\"AttestationToken has expired.\");\n }\n }\n }\n\n // Validate not before time.\n if (this.notBefore !== undefined && options.validateNotBeforeTime) {\n const nbfTime = this.notBefore.getTime() / 1000;\n if (nbfTime > timeNow) {\n const delta = nbfTime - timeNow;\n if (delta > (options.timeValidationSlack ?? 0)) {\n problems.push(\"AttestationToken is not yet valid.\");\n }\n }\n }\n return problems;\n }\n\n private certFromSigner(signer: AttestationSigner): string {\n // return the PEM encoded certificate.\n return signer.certificates[0];\n }\n\n private getCandidateSigners(\n possibleSigningCertificates?: AttestationSigner[],\n ): AttestationSigner[] {\n const candidateSigners = new Array<AttestationSigner>();\n\n const desiredKeyId = this.keyId;\n\n if (desiredKeyId !== undefined && possibleSigningCertificates !== undefined) {\n possibleSigningCertificates.forEach((possibleSigner) => {\n if (possibleSigner.keyId === desiredKeyId) {\n candidateSigners.push(possibleSigner);\n }\n });\n\n // If we didn't find any candidate signers looking through the provided\n // signing certificates, then maybe there's a certificate chain in the\n // token itself that might be used to sign the token.\n if (candidateSigners.length === 0) {\n if (this.certificateChain !== undefined && this.certificateChain !== null) {\n candidateSigners.push(this.certificateChain);\n }\n }\n } else {\n possibleSigningCertificates?.map((value) => candidateSigners.push(value));\n if (this.certificateChain !== undefined) {\n candidateSigners.push(this.certificateChain);\n }\n }\n return candidateSigners;\n }\n\n /** ********* JSON WEB SIGNATURE (RFC 7515) PROPERTIES */\n\n /**\n * Returns the algorithm from the header of the JSON Web Signature.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.1 | RFC 7515 Section 4.1.1})\n * for details.\n *\n * If the value of algorithm is \"none\" it indicates that the token is unsecured.\n */\n public get algorithm(): string {\n return this._header?.alg;\n }\n\n /**\n * Json Web Signature Header \"kid\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.4 | RFC 7515 Section 4.1.4})\n * for details.\n */\n public get keyId(): string | undefined {\n return this._header.kid;\n }\n\n /**\n * Json Web Signature Header \"crit\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.11 | RFC 7515 Section 4.1.11})\n * for details.\n *\n */\n public get critical(): boolean | undefined {\n return this._header.crit;\n }\n\n /**\n * Json Web Token Header \"content type\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.10 | RFC 7515 Section 4.1.10})\n *\n */\n public get contentType(): string | undefined {\n return this._header.cty;\n }\n\n /**\n * Json Web Token Header \"key URL\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.2 | RFC 7515 Section 4.1.2})\n *\n */\n public get keyUrl(): string | undefined {\n return this._header.jku;\n }\n\n /**\n * Json Web Token Header \"X509 Url\".\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.5 | RFC 7515 Section 4.1.5})\n *\n */\n public get x509Url(): string | undefined {\n return this._header.x5u;\n }\n\n /** Json Web Token Header \"Typ\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.9 | RFC 7515 Section 4.1.9})\n *\n */\n public get type(): string | undefined {\n return this._header.typ;\n }\n\n /**\n * Json Web Token Header \"x509 thumprint\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.7 | RFC 7515 Section 4.1.7})\n */\n public get certificateThumbprint(): string | undefined {\n return this._header.x5t;\n }\n\n /** Json Web Token Header \"x509 SHA256 thumprint\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.8 | RFC 7515 Section 4.1.8})\n *\n */\n public get certificateSha256Thumbprint(): string | undefined {\n return this._header[\"x5t#256\"];\n }\n\n /** Json Web Token Header \"x509 certificate chain\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.6 | RFC 7515 Section 4.1.6})\n *\n */\n public get certificateChain(): AttestationSigner | undefined {\n let jwk: JsonWebKey;\n if (this._header.jwk !== undefined) {\n jwk = TypeDeserializer.deserialize(\n this._header.jwk,\n [Mappers.JsonWebKey],\n \"JsonWebKey\",\n ) as JsonWebKey;\n } else {\n jwk = TypeDeserializer.deserialize(\n this._header,\n { JsonWebKey: Mappers.JsonWebKey },\n \"JsonWebKey\",\n ) as JsonWebKey;\n }\n return _attestationSignerFromGenerated(jwk);\n }\n\n /** ********* JSON WEB TOKEN (RFC 7519) PROPERTIES */\n\n /** Issuer of the attestation token.\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n public get issuer(): string | undefined {\n return this._body.iss;\n }\n\n /** Expiration time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.4 | RFC 7519 Section 4.1.4})\n * for details.\n */\n public get expiresOn(): Date | undefined {\n return this._body.exp ? new Date(this._body.exp * 1000) : undefined;\n }\n\n /** Issuance time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n public get issuedAt(): Date | undefined {\n return this._body.iat ? new Date(this._body.iat * 1000) : undefined;\n }\n\n /**\n * Not Before time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.5 | RFC 7519 Section 4.1.5})\n * for details.\n */\n public get notBefore(): Date | undefined {\n return this._body.nbf ? new Date(this._body.nbf * 1000) : undefined;\n }\n\n /**\n * Creates a new attestation token from a body and signing key.\n * @param body - stringified body of the body of the token to be created.\n * @param signer - Optional signing key used to sign the newly created token.\n * @returns an {@link AttestationToken | attestation token}\n */\n public static create(params: {\n body?: string;\n privateKey?: string;\n certificate?: string;\n }): AttestationToken {\n const header: {\n alg: string;\n [k: string]: any;\n } = { alg: \"none\" };\n\n if ((!params.privateKey && params.certificate) || (params.privateKey && !params.certificate)) {\n throw new Error(\n \"If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.\",\n );\n }\n\n if (params.privateKey && params.certificate) {\n verifyAttestationSigningKey(params.privateKey, params.certificate);\n }\n\n if (params.privateKey || params.certificate) {\n const x5c = new jsrsasign.X509();\n x5c.readCertPEM(params.certificate);\n const pubKey = x5c.getPublicKey();\n if (pubKey instanceof jsrsasign.RSAKey) {\n header.alg = \"RS256\";\n } else if (pubKey instanceof jsrsasign.KJUR.crypto.ECDSA) {\n header.alg = \"ES256\";\n } else {\n throw new Error(\"Unknown public key type: \" + typeof pubKey);\n }\n header.x5c = [hexToBase64(x5c.hex)];\n } else {\n header.alg = \"none\";\n }\n\n const encodedToken = jsrsasign.KJUR.jws.JWS.sign(\n header.alg,\n header,\n params.body ?? \"\",\n params.privateKey,\n );\n return new AttestationTokenImpl(encodedToken);\n }\n}\n\nfunction isObject(thing: any): boolean {\n return Object.prototype.toString.call(thing) === \"[object Object]\";\n}\n\nfunction safeJsonParse(thing: any): any {\n if (isObject(thing)) return thing;\n try {\n return JSON.parse(thing);\n } catch (e: any) {\n return undefined;\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"attestationToken.js","sourceRoot":"","sources":["../../../src/models/attestationToken.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,qEAAqE;AACrE,yCAAyC;AACzC,OAAO,KAAK,SAAS,MAAM,WAAW,CAAC;AAGvC,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,OAAO,EAAE,+BAA+B,EAAE,MAAM,wBAAwB,CAAC;AAEzE,OAAO,KAAK,OAAO,MAAM,gCAAgC,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,2BAA2B,EAAE,MAAM,qBAAqB,CAAC;AAkN/E;;;;;;;GAOG;AACH,MAAM,OAAO,oBAAoB;IAC/B;;;;OAIG;IACH,YAAY,KAAa;QACvB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC;QAEpB,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAChC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,CAAC,YAAY,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACrD,IAAI,CAAC,OAAO,GAAG,aAAa,CAAC,aAAa,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;QAC/D,IAAI,CAAC,UAAU,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACnD,IAAI,CAAC,KAAK,GAAG,aAAa,CAAC,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAC3D,2DAA2D;QAE3D,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC1D,CAAC;IAEO,MAAM,CAAS;IACf,YAAY,CAAa;IACzB,OAAO,CAAM;IACb,UAAU,CAAa;IACvB,KAAK,CAAM;IACnB,qCAAqC;IAE7B,YAAY,CAAM,CAAC,oCAAoC;IAE/D;;;;OAIG;IACI,OAAO;QACZ,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC;IACtC,CAAC;IAED;;;;;;;OAOG;IACI,SAAS;QACd,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED;;;;;;OAMG;IACI,gBAAgB,CACrB,eAAqC,EACrC,UAA6C;QAC3C,sBAAsB,EAAE,IAAI;QAC5B,aAAa,EAAE,IAAI;QACnB,qBAAqB,EAAE,IAAI;KAC5B;QAED,IAAI,QAAQ,GAAG,IAAI,KAAK,EAAU,CAAC;QACnC,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;YAC3B,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,IAAI,WAAW,GAAkC,SAAS,CAAC;QAC3D,IAAI,IAAI,CAAC,SAAS,KAAK,MAAM,EAAE,CAAC;YAC9B,MAAM,OAAO,GAAG,IAAI,CAAC,mBAAmB,CAAC,eAAe,CAAC,CAAC;YAE1D,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;gBACtB,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;gBACzC,kDAAkD;gBAElD,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;gBAEjE,IAAI,OAAO,EAAE,CAAC;oBACZ,WAAW,GAAG,MAAM,CAAC;gBACvB,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC9B,QAAQ,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QAED,iEAAiE;QACjE,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;YAC7B,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,CAAC;YACjE,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;QAC3D,CAAC;QAED,IAAI,OAAO,CAAC,wBAAwB,KAAK,SAAS,EAAE,CAAC;YACnD,kFAAkF;YAClF,kBAAkB;YAClB,MAAM,gBAAgB,GAAG,OAAO,CAAC,wBAAwB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;YAC7E,IAAI,gBAAgB,EAAE,CAAC;gBACrB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,cAAc,CAAC,OAA0C;QAC/D,MAAM,QAAQ,GAAG,IAAI,KAAK,EAAU,CAAC;QACrC,IAAI,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;YAC1C,IAAI,IAAI,CAAC,MAAM,KAAK,OAAO,CAAC,cAAc,EAAE,CAAC;gBAC3C,QAAQ,CAAC,IAAI,CACX,gBAAgB,GAAG,IAAI,CAAC,MAAM,GAAG,qBAAqB,GAAG,OAAO,CAAC,cAAc,CAChF,CAAC;YACJ,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD;;;;OAIG;IACK,sBAAsB,CAAC,OAA0C;QACvE,2EAA2E;QAC3E,cAAc;QACd,MAAM,QAAQ,GAAG,IAAI,KAAK,EAAU,CAAC;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QAExD,4BAA4B;QAC5B,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,IAAI,OAAO,CAAC,sBAAsB,EAAE,CAAC;YACnE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;YAChD,IAAI,OAAO,GAAG,OAAO,EAAE,CAAC;gBACtB,MAAM,KAAK,GAAG,OAAO,GAAG,OAAO,CAAC;gBAChC,IAAI,KAAK,GAAG,CAAC,OAAO,CAAC,mBAAmB,IAAI,CAAC,CAAC,EAAE,CAAC;oBAC/C,QAAQ,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;gBACjD,CAAC;YACH,CAAC;QACH,CAAC;QAED,4BAA4B;QAC5B,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,IAAI,OAAO,CAAC,qBAAqB,EAAE,CAAC;YAClE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;YAChD,IAAI,OAAO,GAAG,OAAO,EAAE,CAAC;gBACtB,MAAM,KAAK,GAAG,OAAO,GAAG,OAAO,CAAC;gBAChC,IAAI,KAAK,GAAG,CAAC,OAAO,CAAC,mBAAmB,IAAI,CAAC,CAAC,EAAE,CAAC;oBAC/C,QAAQ,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,cAAc,CAAC,MAAyB;QAC9C,sCAAsC;QACtC,OAAO,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAChC,CAAC;IAEO,mBAAmB,CACzB,2BAAiD;QAEjD,MAAM,gBAAgB,GAAG,IAAI,KAAK,EAAqB,CAAC;QAExD,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC;QAEhC,IAAI,YAAY,KAAK,SAAS,IAAI,2BAA2B,KAAK,SAAS,EAAE,CAAC;YAC5E,2BAA2B,CAAC,OAAO,CAAC,CAAC,cAAc,EAAE,EAAE;gBACrD,IAAI,cAAc,CAAC,KAAK,KAAK,YAAY,EAAE,CAAC;oBAC1C,gBAAgB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;gBACxC,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,uEAAuE;YACvE,sEAAsE;YACtE,qDAAqD;YACrD,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAClC,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,IAAI,IAAI,CAAC,gBAAgB,KAAK,IAAI,EAAE,CAAC;oBAC1E,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBAC/C,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,2BAA2B,EAAE,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;YAC1E,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;gBACxC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QACD,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAED,yDAAyD;IAEzD;;;;;;;OAOG;IACH,IAAW,SAAS;QAClB,OAAO,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACH,IAAW,KAAK;QACd,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;;;OAMG;IACH,IAAW,QAAQ;QACjB,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACH,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;;OAKG;IACH,IAAW,MAAM;QACf,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;OAIG;IACH,IAAW,OAAO;QAChB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;OAIG;IACH,IAAW,IAAI;QACb,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;OAGG;IACH,IAAW,qBAAqB;QAC9B,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;OAIG;IACH,IAAW,2BAA2B;QACpC,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACjC,CAAC;IAED;;;;OAIG;IACH,IAAW,gBAAgB;QACzB,IAAI,GAAe,CAAC;QACpB,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YACnC,GAAG,GAAG,gBAAgB,CAAC,WAAW,CAChC,IAAI,CAAC,OAAO,CAAC,GAAG,EAChB,CAAC,OAAO,CAAC,UAAU,CAAC,EACpB,YAAY,CACC,CAAC;QAClB,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,gBAAgB,CAAC,WAAW,CAChC,IAAI,CAAC,OAAO,EACZ,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,EAClC,YAAY,CACC,CAAC;QAClB,CAAC;QACD,OAAO,+BAA+B,CAAC,GAAG,CAAC,CAAC;IAC9C,CAAC;IAED,qDAAqD;IAErD;;;OAGG;IACH,IAAW,MAAM;QACf,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC;IACxB,CAAC;IAED;;;;OAIG;IACH,IAAW,SAAS;QAClB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtE,CAAC;IAED;;;;OAIG;IACH,IAAW,QAAQ;QACjB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtE,CAAC;IAED;;;;;OAKG;IACH,IAAW,SAAS;QAClB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtE,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,MAAM,CAAC,MAIpB;QACC,MAAM,MAAM,GAGR,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC;QAEpB,IAAI,CAAC,CAAC,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7F,MAAM,IAAI,KAAK,CACb,8HAA8H,CAC/H,CAAC;QACJ,CAAC;QAED,IAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5C,2BAA2B,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5C,MAAM,GAAG,GAAG,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;YACjC,GAAG,CAAC,WAAW,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACpC,MAAM,MAAM,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC;YAClC,IAAI,MAAM,YAAY,SAAS,CAAC,MAAM,EAAE,CAAC;gBACvC,MAAM,CAAC,GAAG,GAAG,OAAO,CAAC;YACvB,CAAC;iBAAM,IAAI,MAAM,YAAY,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACzD,MAAM,CAAC,GAAG,GAAG,OAAO,CAAC;YACvB,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,MAAM,CAAC,CAAC;YAC/D,CAAC;YACD,MAAM,CAAC,GAAG,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QACtC,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,GAAG,GAAG,MAAM,CAAC;QACtB,CAAC;QAED,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAC9C,MAAM,CAAC,GAAG,EACV,MAAM,EACN,MAAM,CAAC,IAAI,IAAI,EAAE,EACjB,MAAM,CAAC,UAAU,CAClB,CAAC;QACF,OAAO,IAAI,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAChD,CAAC;CACF;AAED,SAAS,QAAQ,CAAC,KAAU;IAC1B,OAAO,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,iBAAiB,CAAC;AACrE,CAAC;AAED,SAAS,aAAa,CAAC,KAAU;IAC/B,IAAI,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAClC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n// eslint-disable-next-line @typescript-eslint/triple-slash-reference\n/// <reference path=\"../jsrsasign.d.ts\"/>\nimport * as jsrsasign from \"jsrsasign\";\n\nimport type { JsonWebKey } from \"../generated/models/index.js\";\nimport { base64UrlDecodeString } from \"../utils/base64.js\";\nimport { bytesToString } from \"../utils/utf8.js\";\nimport type { AttestationSigner } from \"./attestationSigner.js\";\nimport { _attestationSignerFromGenerated } from \"./attestationSigner.js\";\n\nimport * as Mappers from \"../generated/models/mappers.js\";\nimport { TypeDeserializer } from \"../utils/typeDeserializer.js\";\nimport { hexToBase64, verifyAttestationSigningKey } from \"../utils/helpers.js\";\n\n/**\n * Options used to validate attestation tokens.\n *\n * @typeparam issuer - if provided, specifies the expected issuer of the attestation token.\n * @typeparam validateExpirationTime - if true, validate the expiration time in the token.\n * @typeparam validateNotBeforeTime - if true, validate the \"not before\" time in the token.\n * @typeparam validateToken - if true, validate the token.\n * @typeparam timeValidationSlack - the validation time slack in the time based validations.\n *\n * @remarks\n *\n * If validateToken, validateNotBeforeTime, or validateExpirationTime are not\n * provided, they are all assumed to be 'true'.\n *\n */\nexport interface AttestationTokenValidationOptions {\n /**\n * If true, validate the attestation token, if false, skip validation.\n */\n validateToken?: boolean;\n /**\n * If true, validate the expiration time for the token.\n */\n validateExpirationTime?: boolean;\n /**\n * If true, validate the \"not before\" time for the token.\n */\n validateNotBeforeTime?: boolean;\n /**\n * If true, validate the issuer of the token.\n */\n validateIssuer?: boolean;\n /**\n * The expected issuer for the {@link AttestationToken}. Only checked if {@link validateIssuer} is set.\n */\n expectedIssuer?: string;\n\n /**\n * Tolerance time (in seconds) used to accound for clock drift between the local machine\n * and the server creating the token.\n */\n timeValidationSlack?: number;\n\n /**\n * Validation function which allows developers to provide their own validation\n * functionality for the attestation token. This can be used to perform additional\n * validations for signing certificate in AttestationSigner.\n *\n * @param token - Attestation Token to validate.\n * @param signer - Signing Certificate which validated the token.\n *\n * @remarks\n *\n * If there is a problem with token validation, the validateAttestationCallback function\n * will return an array of strings indicating the set of problems found in the token.\n *\n * @returns an array of problems in the token, or undefined if there are no problems.\n */\n validateAttestationToken?: (\n token: AttestationToken,\n signer?: AttestationSigner,\n ) => string[] | undefined;\n}\n\n/**\n *\n * An AttestationToken represents an RFC 7515 JSON Web Signature object.\n *\n * It can represent either the token returned by the attestation service,\n * or it can be used to create a token locally which can be used to verify\n * attestation policy changes.\n */\nexport interface AttestationToken {\n /**\n * Returns the deserialized body of the AttestationToken object.\n *\n * @returns The body of the attestation token as an object.\n */\n getBody(): unknown;\n\n /**\n * the token to a string.\n *\n * @remarks\n * Serializes the token to a string.\n *\n * @returns The token serialized to a RFC 7515 JSON Web Signature.\n */\n serialize(): string;\n\n /**\n * Validates the attestation token to verify that it is semantically correct.\n *\n * @param possibleSigners - the set of possible signers for this attestation token.\n * @param options - validation options\n */\n getTokenProblems(\n possibleSigners?: AttestationSigner[],\n options?: AttestationTokenValidationOptions,\n ): string[];\n\n /** ********* JSON WEB SIGNATURE (RFC 7515) PROPERTIES */\n\n /**\n * Returns the algorithm from the header of the JSON Web Signature.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.1 | RFC 7515 Section 4.1.1})\n * for details.\n *\n * If the value of algorithm is \"none\" it indicates that the token is unsecured.\n */\n algorithm: string;\n\n /**\n * Json Web Signature Header \"kid\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.4 | RFC 7515 Section 4.1.4})\n * for details.\n */\n keyId?: string;\n\n /**\n * Json Web Signature Header \"crit\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.11 | RFC 7515 Section 4.1.11})\n * for details.\n *\n */\n critical?: boolean;\n\n /**\n * Json Web Token Header \"content type\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.10 | RFC 7515 Section 4.1.10})\n *\n */\n contentType?: string;\n\n /**\n * Json Web Token Header \"key URL\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.2 | RFC 7515 Section 4.1.2})\n *\n */\n keyUrl?: string;\n\n /**\n * Json Web Token Header \"X509 Url\".\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.5 | RFC 7515 Section 4.1.5})\n *\n */\n x509Url?: string;\n\n /** Json Web Token Header \"Typ\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.9 | RFC 7515 Section 4.1.9})\n *\n */\n type?: string;\n /**\n * Json Web Token Header \"x509 thumprint\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.7 | RFC 7515 Section 4.1.7})\n */\n certificateThumbprint?: string;\n\n /** Json Web Token Header \"x509 SHA256 thumprint\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.8 | RFC 7515 Section 4.1.8})\n *\n */\n certificateSha256Thumbprint?: string;\n\n /** Json Web Token Header \"x509 certificate chain\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.6 | RFC 7515 Section 4.1.6})\n *\n */\n certificateChain?: AttestationSigner;\n\n /** ********* JSON WEB TOKEN (RFC 7519) PROPERTIES */\n\n /** Issuer of the attestation token.\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n issuer?: string;\n\n /** Expiration time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.4 | RFC 7519 Section 4.1.4})\n * for details.\n */\n expiresOn?: Date;\n\n /** Issuance time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n issuedAt?: Date;\n\n /**\n * Not Before time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.5 | RFC 7519 Section 4.1.5})\n * for details.\n */\n notBefore?: Date;\n}\n\n/**\n *\n * An AttestationToken represents an RFC 7515 JSON Web Signature object.\n *\n * It can represent either the token returned by the attestation service,\n * or it can be used to create a token locally which can be used to verify\n * attestation policy changes.\n */\nexport class AttestationTokenImpl implements AttestationToken {\n /**\n * @internal\n *\n * @param token - Attetation token returned by the attestation service.\n */\n constructor(token: string) {\n this._token = token;\n\n const pieces = token.split(\".\");\n if (pieces.length !== 3) {\n throw Error(\"Incorrectly formatted token:\");\n }\n this._headerBytes = base64UrlDecodeString(pieces[0]);\n this._header = safeJsonParse(bytesToString(this._headerBytes));\n this._bodyBytes = base64UrlDecodeString(pieces[1]);\n this._body = safeJsonParse(bytesToString(this._bodyBytes));\n // this._signature = base64UrlDecodeString(pieces[2]);\n\n this._jwsVerifier = jsrsasign.KJUR.jws.JWS.parse(token);\n }\n\n private _token: string;\n private _headerBytes: Uint8Array;\n private _header: any;\n private _bodyBytes: Uint8Array;\n private _body: any;\n // private _signature: Uint8Array;\n\n private _jwsVerifier: any; // jsrsasign.KJUR.jws.JWS.JWSResult;\n\n /**\n * Returns the deserialized body of the AttestationToken object.\n *\n * @returns The body of the attestation token as an object.\n */\n public getBody(): unknown {\n return this._jwsVerifier.payloadObj;\n }\n\n /**\n * the token to a string.\n *\n * @remarks\n * Serializes the token to a string.\n *\n * @returns The token serialized to a RFC 7515 JSON Web Signature.\n */\n public serialize(): string {\n return this._token;\n }\n\n /**\n * Returns the set of problems discovered in the attestation token.\n *\n * @param possibleSigners - the set of possible signers for this attestation token.\n * @param options - validation options\n * @returns an array of string values. If there are no problems, returns an empty array.\n */\n public getTokenProblems(\n possibleSigners?: AttestationSigner[],\n options: AttestationTokenValidationOptions = {\n validateExpirationTime: true,\n validateToken: true,\n validateNotBeforeTime: true,\n },\n ): string[] {\n let problems = new Array<string>();\n if (!options.validateToken) {\n return problems;\n }\n\n let foundSigner: AttestationSigner | undefined = undefined;\n if (this.algorithm !== \"none\") {\n const signers = this.getCandidateSigners(possibleSigners);\n\n signers.some((signer) => {\n const cert = this.certFromSigner(signer);\n // const pubKeyObj = cert.getPublicKey();\n\n const isValid = jsrsasign.KJUR.jws.JWS.verify(this._token, cert);\n\n if (isValid) {\n foundSigner = signer;\n }\n });\n\n if (foundSigner === undefined) {\n problems.push(\"Attestation Token is not properly signed.\");\n }\n }\n\n // If the token has a body, check the expiration time and issuer.\n if (this._body !== undefined) {\n problems = problems.concat(this.validateTimeProperties(options));\n problems = problems.concat(this.validateIssuer(options));\n }\n\n if (options.validateAttestationToken !== undefined) {\n // If there is a validation error, the getProblemsCallback will return the list of\n // problems found.\n const validationErrors = options.validateAttestationToken(this, foundSigner);\n if (validationErrors) {\n problems = problems.concat(validationErrors);\n }\n }\n return problems;\n }\n\n private validateIssuer(options: AttestationTokenValidationOptions): string[] {\n const problems = new Array<string>();\n if (this.issuer && options.validateIssuer) {\n if (this.issuer !== options.expectedIssuer) {\n problems.push(\n \"Found issuer: \" + this.issuer + \"; expected issuer: \" + options.expectedIssuer,\n );\n }\n }\n return problems;\n }\n /**\n * Validate the expiration and notbefore time claims in the JSON web token.\n *\n * @param options - Options to be used validating the time properties.\n */\n private validateTimeProperties(options: AttestationTokenValidationOptions): string[] {\n // Calculate the current time as a number of seconds since the start of the\n // Unix epoch.\n const problems = new Array<string>();\n const timeNow = Math.floor(new Date().getTime() / 1000);\n\n // Validate expiration time.\n if (this.expiresOn !== undefined && options.validateExpirationTime) {\n const expTime = this.expiresOn.getTime() / 1000;\n if (timeNow > expTime) {\n const delta = timeNow - expTime;\n if (delta > (options.timeValidationSlack ?? 0)) {\n problems.push(\"AttestationToken has expired.\");\n }\n }\n }\n\n // Validate not before time.\n if (this.notBefore !== undefined && options.validateNotBeforeTime) {\n const nbfTime = this.notBefore.getTime() / 1000;\n if (nbfTime > timeNow) {\n const delta = nbfTime - timeNow;\n if (delta > (options.timeValidationSlack ?? 0)) {\n problems.push(\"AttestationToken is not yet valid.\");\n }\n }\n }\n return problems;\n }\n\n private certFromSigner(signer: AttestationSigner): string {\n // return the PEM encoded certificate.\n return signer.certificates[0];\n }\n\n private getCandidateSigners(\n possibleSigningCertificates?: AttestationSigner[],\n ): AttestationSigner[] {\n const candidateSigners = new Array<AttestationSigner>();\n\n const desiredKeyId = this.keyId;\n\n if (desiredKeyId !== undefined && possibleSigningCertificates !== undefined) {\n possibleSigningCertificates.forEach((possibleSigner) => {\n if (possibleSigner.keyId === desiredKeyId) {\n candidateSigners.push(possibleSigner);\n }\n });\n\n // If we didn't find any candidate signers looking through the provided\n // signing certificates, then maybe there's a certificate chain in the\n // token itself that might be used to sign the token.\n if (candidateSigners.length === 0) {\n if (this.certificateChain !== undefined && this.certificateChain !== null) {\n candidateSigners.push(this.certificateChain);\n }\n }\n } else {\n possibleSigningCertificates?.map((value) => candidateSigners.push(value));\n if (this.certificateChain !== undefined) {\n candidateSigners.push(this.certificateChain);\n }\n }\n return candidateSigners;\n }\n\n /** ********* JSON WEB SIGNATURE (RFC 7515) PROPERTIES */\n\n /**\n * Returns the algorithm from the header of the JSON Web Signature.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.1 | RFC 7515 Section 4.1.1})\n * for details.\n *\n * If the value of algorithm is \"none\" it indicates that the token is unsecured.\n */\n public get algorithm(): string {\n return this._header?.alg;\n }\n\n /**\n * Json Web Signature Header \"kid\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.4 | RFC 7515 Section 4.1.4})\n * for details.\n */\n public get keyId(): string | undefined {\n return this._header.kid;\n }\n\n /**\n * Json Web Signature Header \"crit\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.11 | RFC 7515 Section 4.1.11})\n * for details.\n *\n */\n public get critical(): boolean | undefined {\n return this._header.crit;\n }\n\n /**\n * Json Web Token Header \"content type\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.10 | RFC 7515 Section 4.1.10})\n *\n */\n public get contentType(): string | undefined {\n return this._header.cty;\n }\n\n /**\n * Json Web Token Header \"key URL\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.2 | RFC 7515 Section 4.1.2})\n *\n */\n public get keyUrl(): string | undefined {\n return this._header.jku;\n }\n\n /**\n * Json Web Token Header \"X509 Url\".\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.5 | RFC 7515 Section 4.1.5})\n *\n */\n public get x509Url(): string | undefined {\n return this._header.x5u;\n }\n\n /** Json Web Token Header \"Typ\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.9 | RFC 7515 Section 4.1.9})\n *\n */\n public get type(): string | undefined {\n return this._header.typ;\n }\n\n /**\n * Json Web Token Header \"x509 thumprint\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.7 | RFC 7515 Section 4.1.7})\n */\n public get certificateThumbprint(): string | undefined {\n return this._header.x5t;\n }\n\n /** Json Web Token Header \"x509 SHA256 thumprint\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.8 | RFC 7515 Section 4.1.8})\n *\n */\n public get certificateSha256Thumbprint(): string | undefined {\n return this._header[\"x5t#256\"];\n }\n\n /** Json Web Token Header \"x509 certificate chain\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.6 | RFC 7515 Section 4.1.6})\n *\n */\n public get certificateChain(): AttestationSigner | undefined {\n let jwk: JsonWebKey;\n if (this._header.jwk !== undefined) {\n jwk = TypeDeserializer.deserialize(\n this._header.jwk,\n [Mappers.JsonWebKey],\n \"JsonWebKey\",\n ) as JsonWebKey;\n } else {\n jwk = TypeDeserializer.deserialize(\n this._header,\n { JsonWebKey: Mappers.JsonWebKey },\n \"JsonWebKey\",\n ) as JsonWebKey;\n }\n return _attestationSignerFromGenerated(jwk);\n }\n\n /** ********* JSON WEB TOKEN (RFC 7519) PROPERTIES */\n\n /** Issuer of the attestation token.\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n public get issuer(): string | undefined {\n return this._body.iss;\n }\n\n /** Expiration time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.4 | RFC 7519 Section 4.1.4})\n * for details.\n */\n public get expiresOn(): Date | undefined {\n return this._body.exp ? new Date(this._body.exp * 1000) : undefined;\n }\n\n /** Issuance time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n public get issuedAt(): Date | undefined {\n return this._body.iat ? new Date(this._body.iat * 1000) : undefined;\n }\n\n /**\n * Not Before time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.5 | RFC 7519 Section 4.1.5})\n * for details.\n */\n public get notBefore(): Date | undefined {\n return this._body.nbf ? new Date(this._body.nbf * 1000) : undefined;\n }\n\n /**\n * Creates a new attestation token from a body and signing key.\n * @param body - stringified body of the body of the token to be created.\n * @param signer - Optional signing key used to sign the newly created token.\n * @returns an {@link AttestationToken | attestation token}\n */\n public static create(params: {\n body?: string;\n privateKey?: string;\n certificate?: string;\n }): AttestationToken {\n const header: {\n alg: string;\n [k: string]: any;\n } = { alg: \"none\" };\n\n if ((!params.privateKey && params.certificate) || (params.privateKey && !params.certificate)) {\n throw new Error(\n \"If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.\",\n );\n }\n\n if (params.privateKey && params.certificate) {\n verifyAttestationSigningKey(params.privateKey, params.certificate);\n }\n\n if (params.privateKey || params.certificate) {\n const x5c = new jsrsasign.X509();\n x5c.readCertPEM(params.certificate);\n const pubKey = x5c.getPublicKey();\n if (pubKey instanceof jsrsasign.RSAKey) {\n header.alg = \"RS256\";\n } else if (pubKey instanceof jsrsasign.KJUR.crypto.ECDSA) {\n header.alg = \"ES256\";\n } else {\n throw new Error(\"Unknown public key type: \" + typeof pubKey);\n }\n header.x5c = [hexToBase64(x5c.hex)];\n } else {\n header.alg = \"none\";\n }\n\n const encodedToken = jsrsasign.KJUR.jws.JWS.sign(\n header.alg,\n header,\n params.body ?? \"\",\n params.privateKey,\n );\n return new AttestationTokenImpl(encodedToken);\n }\n}\n\nfunction isObject(thing: any): boolean {\n return Object.prototype.toString.call(thing) === \"[object Object]\";\n}\n\nfunction safeJsonParse(thing: any): any {\n if (isObject(thing)) return thing;\n try {\n return JSON.parse(thing);\n } catch (e: any) {\n return undefined;\n }\n}\n"]}
|
|
@@ -27,5 +27,9 @@ export class StoredAttestationPolicy {
|
|
|
27
27
|
static deserialize(value) {
|
|
28
28
|
return TypeDeserializer.deserialize(value, { StoredAttestationPolicy: Mappers.StoredAttestationPolicy }, "StoredAttestationPolicy");
|
|
29
29
|
}
|
|
30
|
+
/**
|
|
31
|
+
* Stored attestation policy, utf8 encoded.
|
|
32
|
+
*/
|
|
33
|
+
attestationPolicy;
|
|
30
34
|
}
|
|
31
35
|
//# sourceMappingURL=storedAttestationPolicy.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"storedAttestationPolicy.js","sourceRoot":"","sources":["../../../src/models/storedAttestationPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAClC,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAEhE,OAAO,KAAK,OAAO,MAAM,gCAAgC,CAAC;AAE1D;;GAEG;AACH,MAAM,OAAO,uBAAuB;IAClC,YAAY,KAAa;QACvB,IAAI,CAAC,iBAAiB,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IAED;;;;OAIG;IACH,SAAS;QACP,OAAO,gBAAgB,CAAC,SAAS,CAC/B,IAAI,EACJ,EAAE,uBAAuB,EAAE,OAAO,CAAC,uBAAuB,EAAE,EAC5D,OAAO,CAAC,uBAAuB,CAChC,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACH,MAAM,CAAC,WAAW,CAAC,KAAc;QAC/B,OAAO,gBAAgB,CAAC,WAAW,CACjC,KAAK,EACL,EAAE,uBAAuB,EAAE,OAAO,CAAC,uBAAuB,EAAE,EAC5D,yBAAyB,CACC,CAAC;IAC/B,CAAC;
|
|
1
|
+
{"version":3,"file":"storedAttestationPolicy.js","sourceRoot":"","sources":["../../../src/models/storedAttestationPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAClC,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAEhE,OAAO,KAAK,OAAO,MAAM,gCAAgC,CAAC;AAE1D;;GAEG;AACH,MAAM,OAAO,uBAAuB;IAClC,YAAY,KAAa;QACvB,IAAI,CAAC,iBAAiB,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IAED;;;;OAIG;IACH,SAAS;QACP,OAAO,gBAAgB,CAAC,SAAS,CAC/B,IAAI,EACJ,EAAE,uBAAuB,EAAE,OAAO,CAAC,uBAAuB,EAAE,EAC5D,OAAO,CAAC,uBAAuB,CAChC,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACH,MAAM,CAAC,WAAW,CAAC,KAAc;QAC/B,OAAO,gBAAgB,CAAC,WAAW,CACjC,KAAK,EACL,EAAE,uBAAuB,EAAE,OAAO,CAAC,uBAAuB,EAAE,EAC5D,yBAAyB,CACC,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,iBAAiB,CAAa;CAC/B","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\nimport { stringToBytes } from \"../utils/utf8.js\";\nimport { TypeDeserializer } from \"../utils/typeDeserializer.js\";\n\nimport * as Mappers from \"../generated/models/mappers.js\";\n\n/**\n * Represents a stored attestation policy sent to the attestation service.\n */\nexport class StoredAttestationPolicy {\n constructor(value: string) {\n this.attestationPolicy = stringToBytes(value);\n }\n\n /**\n * Serializes a StoredAttestationPolicy object to a JSON encoded string.\n *\n * @returns The serialized JSON policy.\n */\n serialize(): string {\n return TypeDeserializer.serialize(\n this,\n { StoredAttestationPolicy: Mappers.StoredAttestationPolicy },\n Mappers.StoredAttestationPolicy,\n );\n }\n\n /**\n * Deserializes a stored attestation policy object returned from the attestation service.\n *\n * @param value - Raw JSON object from service to serialize as an attestation policy.\n * @returns Stored attestation policy.\n */\n static deserialize(value: unknown): StoredAttestationPolicy {\n return TypeDeserializer.deserialize(\n value,\n { StoredAttestationPolicy: Mappers.StoredAttestationPolicy },\n \"StoredAttestationPolicy\",\n ) as StoredAttestationPolicy;\n }\n\n /**\n * Stored attestation policy, utf8 encoded.\n */\n attestationPolicy: Uint8Array;\n}\n"]}
|
|
@@ -1,4 +1,10 @@
|
|
|
1
|
-
declare const textDecoder:
|
|
2
|
-
|
|
1
|
+
declare const textDecoder: {
|
|
2
|
+
new (label?: string, options?: TextDecoderOptions): TextDecoder;
|
|
3
|
+
prototype: TextDecoder;
|
|
4
|
+
};
|
|
5
|
+
declare const textEncoder: {
|
|
6
|
+
new (): TextEncoder;
|
|
7
|
+
prototype: TextEncoder;
|
|
8
|
+
};
|
|
3
9
|
export { textDecoder as TextDecoder, textEncoder as TextEncoder };
|
|
4
10
|
//# sourceMappingURL=textEncoding-browser.d.mts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"textEncoding-browser.d.mts","sourceRoot":"","sources":["../../../src/utils/textEncoding-browser.mts"],"names":[],"mappings":"AAGA,QAAA,MAAM,WAAW,
|
|
1
|
+
{"version":3,"file":"textEncoding-browser.d.mts","sourceRoot":"","sources":["../../../src/utils/textEncoding-browser.mts"],"names":[],"mappings":"AAGA,QAAA,MAAM,WAAW;;;CAAc,CAAC;AAChC,QAAA,MAAM,WAAW;;;CAAc,CAAC;AAEhC,OAAO,EAAE,WAAW,IAAI,WAAW,EAAE,WAAW,IAAI,WAAW,EAAE,CAAC"}
|