@bernierllc/backoff-retry 0.1.1 → 0.3.1

package/dist/security/secure-storage.js

@@ -0,0 +1,418 @@
+"use strict";
+/*
+Copyright (c) 2025 Bernier LLC
+
+This file is licensed to the client under a limited-use license.
+The client may use and modify this code *only within the scope of the project it was delivered for*.
+Redistribution or use in other products or commercial offerings is not permitted without written consent from Bernier LLC.
+*/
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SecureStorage = void 0;
+/**
+ * Secure storage wrapper that adds encryption, access control, and audit logging
+ */
+class SecureStorage {
+    constructor(storage, securityManager, defaultAccessControl) {
+        this.storage = storage;
+        this.securityManager = securityManager;
+        this.defaultAccessControl = defaultAccessControl;
+    }
+    /**
+     * Store a retry state with encryption and access control
+     */
+    async set(key, value, accessControl) {
+        const ac = accessControl || this.defaultAccessControl;
+        // Check access permissions
+        if (!this.securityManager.checkAccess(ac, 'write', key)) {
+            throw new Error('Access denied: insufficient permissions to write retry state');
+        }
+        // Check rate limiting
+        const rateLimitId = `${ac.userId || 'anonymous'}_write`;
+        if (!this.securityManager.checkRateLimit(rateLimitId)) {
+            throw new Error('Rate limit exceeded for write operations');
+        }
+        try {
+            // Encrypt the retry state data
+            const encryptedValue = await this.securityManager.encryptData(value);
+            // Store the encrypted data
+            await this.storage.set(key, { encrypted: true, data: encryptedValue });
+            // Log successful operation
+            this.securityManager.logAudit({
+                userId: ac.userId,
+                userRole: ac.userRole,
+                action: 'write',
+                resource: key,
+                success: true,
+                details: {
+                    retryStateId: value.id,
+                    status: value.status,
+                    attempt: value.attempt
+                }
+            });
+        }
+        catch (error) {
+            // Log failed operation
+            this.securityManager.logAudit({
+                userId: ac.userId,
+                userRole: ac.userRole,
+                action: 'write',
+                resource: key,
+                success: false,
+                details: { error: error instanceof Error ? error.message : 'Unknown error' }
+            });
+            throw error;
+        }
+    }
+    /**
+     * Get a retry state with decryption and access control
+     */
+    async get(key, accessControl) {
+        const ac = accessControl || this.defaultAccessControl;
+        // Check access permissions
+        if (!this.securityManager.checkAccess(ac, 'read', key)) {
+            throw new Error('Access denied: insufficient permissions to read retry state');
+        }
+        // Check rate limiting
+        const rateLimitId = `${ac.userId || 'anonymous'}_read`;
+        if (!this.securityManager.checkRateLimit(rateLimitId)) {
+            throw new Error('Rate limit exceeded for read operations');
+        }
+        try {
+            // Get the stored data
+            const storedData = await this.storage.get(key);
+            if (!storedData) {
+                // Log successful read (no data found)
+                this.securityManager.logAudit({
+                    userId: ac.userId,
+                    userRole: ac.userRole,
+                    action: 'read',
+                    resource: key,
+                    success: true,
+                    details: { result: 'not_found' }
+                });
+                return null;
+            }
+            // Check if data is encrypted
+            if (this.isEncryptedData(storedData)) {
+                // Decrypt the data
+                const decryptedData = await this.securityManager.decryptData(storedData.data);
+                // Log successful read
+                this.securityManager.logAudit({
+                    userId: ac.userId,
+                    userRole: ac.userRole,
+                    action: 'read',
+                    resource: key,
+                    success: true,
+                    details: {
+                        retryStateId: decryptedData.id,
+                        status: decryptedData.status,
+                        encrypted: true
+                    }
+                });
+                return decryptedData;
+            }
+            else {
+                // Data is not encrypted (legacy or plain text)
+                this.securityManager.logAudit({
+                    userId: ac.userId,
+                    userRole: ac.userRole,
+                    action: 'read',
+                    resource: key,
+                    success: true,
+                    details: {
+                        retryStateId: storedData.id,
+                        status: storedData.status,
+                        encrypted: false
+                    }
+                });
+                return storedData;
+            }
+        }
+        catch (error) {
+            // Log failed operation
+            this.securityManager.logAudit({
+                userId: ac.userId,
+                userRole: ac.userRole,
+                action: 'read',
+                resource: key,
+                success: false,
+                details: { error: error instanceof Error ? error.message : 'Unknown error' }
+            });
+            throw error;
+        }
+    }
+    /**
+     * Delete a retry state with access control
+     */
+    async delete(key, accessControl) {
+        const ac = accessControl || this.defaultAccessControl;
+        // Check access permissions
+        if (!this.securityManager.checkAccess(ac, 'delete', key)) {
+            throw new Error('Access denied: insufficient permissions to delete retry state');
+        }
+        // Check rate limiting
+        const rateLimitId = `${ac.userId || 'anonymous'}_delete`;
+        if (!this.securityManager.checkRateLimit(rateLimitId)) {
+            throw new Error('Rate limit exceeded for delete operations');
+        }
+        try {
+            // Delete the data
+            await this.storage.delete(key);
+            // Log successful operation
+            this.securityManager.logAudit({
+                userId: ac.userId,
+                userRole: ac.userRole,
+                action: 'delete',
+                resource: key,
+                success: true
+            });
+        }
+        catch (error) {
+            // Log failed operation
+            this.securityManager.logAudit({
+                userId: ac.userId,
+                userRole: ac.userRole,
+                action: 'delete',
+                resource: key,
+                success: false,
+                details: { error: error instanceof Error ? error.message : 'Unknown error' }
+            });
+            throw error;
+        }
+    }
+    /**
+     * List all retry states with access control
+     */
+    async list(accessControl) {
+        const ac = accessControl || this.defaultAccessControl;
+        // Check access permissions
+        if (!this.securityManager.checkAccess(ac, 'read', 'all')) {
+            throw new Error('Access denied: insufficient permissions to list retry states');
+        }
+        // Check rate limiting
+        const rateLimitId = `${ac.userId || 'anonymous'}_list`;
+        if (!this.securityManager.checkRateLimit(rateLimitId)) {
+            throw new Error('Rate limit exceeded for list operations');
+        }
+        try {
+            // Get all stored data
+            const storedDataList = await this.storage.list();
+            const decryptedList = [];
+            // Process each item
+            for (const storedData of storedDataList) {
+                try {
+                    if (this.isEncryptedData(storedData)) {
+                        // Decrypt the data
+                        const decryptedData = await this.securityManager.decryptData(storedData.data);
+                        decryptedList.push(decryptedData);
+                    }
+                    else {
+                        // Data is not encrypted
+                        decryptedList.push(storedData);
+                    }
+                }
+                catch (decryptError) {
+                    // Log decryption error but continue with other items
+                    this.securityManager.logAudit({
+                        userId: ac.userId,
+                        userRole: ac.userRole,
+                        action: 'decrypt_error',
+                        resource: 'list_operation',
+                        success: false,
+                        details: {
+                            error: decryptError instanceof Error ? decryptError.message : 'Unknown error',
+                            dataType: 'encrypted_retry_state'
+                        }
+                    });
+                }
+            }
+            // Log successful operation
+            this.securityManager.logAudit({
+                userId: ac.userId,
+                userRole: ac.userRole,
+                action: 'list',
+                resource: 'all',
+                success: true,
+                details: { count: decryptedList.length }
+            });
+            return decryptedList;
+        }
+        catch (error) {
+            // Log failed operation
+            this.securityManager.logAudit({
+                userId: ac.userId,
+                userRole: ac.userRole,
+                action: 'list',
+                resource: 'all',
+                success: false,
+                details: { error: error instanceof Error ? error.message : 'Unknown error' }
+            });
+            throw error;
+        }
+    }
+    /**
+     * Clear all retry states with access control
+     */
+    async clear(accessControl) {
+        const ac = accessControl || this.defaultAccessControl;
+        // Check access permissions
+        if (!this.securityManager.checkAccess(ac, 'clear', 'all')) {
+            throw new Error('Access denied: insufficient permissions to clear all retry states');
+        }
+        // Check rate limiting
+        const rateLimitId = `${ac.userId || 'anonymous'}_clear`;
+        if (!this.securityManager.checkRateLimit(rateLimitId)) {
+            throw new Error('Rate limit exceeded for clear operations');
+        }
+        try {
+            // Clear all data
+            await this.storage.clear();
+            // Log successful operation
+            this.securityManager.logAudit({
+                userId: ac.userId,
+                userRole: ac.userRole,
+                action: 'clear',
+                resource: 'all',
+                success: true,
+                details: { operation: 'clear_all_retry_states' }
+            });
+        }
+        catch (error) {
+            // Log failed operation
+            this.securityManager.logAudit({
+                userId: ac.userId,
+                userRole: ac.userRole,
+                action: 'clear',
+                resource: 'all',
+                success: false,
+                details: { error: error instanceof Error ? error.message : 'Unknown error' }
+            });
+            throw error;
+        }
+    }
+    /**
+     * Get storage statistics with access control
+     */
+    async getStats(accessControl) {
+        const ac = accessControl || this.defaultAccessControl;
+        // Check access permissions
+        if (!this.securityManager.checkAccess(ac, 'read', 'stats')) {
+            throw new Error('Access denied: insufficient permissions to read storage statistics');
+        }
+        try {
+            // Get storage statistics
+            const stats = await this.storage.getStats();
+            // Log successful operation
+            this.securityManager.logAudit({
+                userId: ac.userId,
+                userRole: ac.userRole,
+                action: 'read_stats',
+                resource: 'storage',
+                success: true,
+                details: {
+                    totalKeys: stats.totalKeys,
+                    totalSize: stats.totalSize
+                }
+            });
+            return stats;
+        }
+        catch (error) {
+            // Log failed operation
+            this.securityManager.logAudit({
+                userId: ac.userId,
+                userRole: ac.userRole,
+                action: 'read_stats',
+                resource: 'storage',
+                success: false,
+                details: { error: error instanceof Error ? error.message : 'Unknown error' }
+            });
+            throw error;
+        }
+    }
+    /**
+     * Test connection with access control
+     */
+    async testConnection(accessControl) {
+        const ac = accessControl || this.defaultAccessControl;
+        // Check access permissions
+        if (!this.securityManager.checkAccess(ac, 'read', 'connection')) {
+            throw new Error('Access denied: insufficient permissions to test connection');
+        }
+        try {
+            // Test connection
+            const result = await this.storage.testConnection();
+            // Log successful operation
+            this.securityManager.logAudit({
+                userId: ac.userId,
+                userRole: ac.userRole,
+                action: 'test_connection',
+                resource: 'storage',
+                success: true,
+                details: { result }
+            });
+            return result;
+        }
+        catch (error) {
+            // Log failed operation
+            this.securityManager.logAudit({
+                userId: ac.userId,
+                userRole: ac.userRole,
+                action: 'test_connection',
+                resource: 'storage',
+                success: false,
+                details: { error: error instanceof Error ? error.message : 'Unknown error' }
+            });
+            throw error;
+        }
+    }
+    /**
+     * Close connection
+     */
+    async close() {
+        try {
+            await this.storage.close();
+            // Log successful operation
+            this.securityManager.logAudit({
+                action: 'close_connection',
+                resource: 'storage',
+                success: true
+            });
+        }
+        catch (error) {
+            // Log failed operation
+            this.securityManager.logAudit({
+                action: 'close_connection',
+                resource: 'storage',
+                success: false,
+                details: { error: error instanceof Error ? error.message : 'Unknown error' }
+            });
+            throw error;
+        }
+    }
+    /**
+     * Get security manager instance
+     */
+    getSecurityManager() {
+        return this.securityManager;
+    }
+    /**
+     * Update default access control
+     */
+    setDefaultAccessControl(accessControl) {
+        this.defaultAccessControl = accessControl;
+    }
+    /**
+     * Get security status
+     */
+    getSecurityStatus() {
+        return this.securityManager.getSecurityStatus();
+    }
+    /**
+     * Type guard to check if data is encrypted
+     */
+    isEncryptedData(data) {
+        return 'encrypted' in data && data.encrypted === true && 'data' in data;
+    }
+}
+exports.SecureStorage = SecureStorage;
+//# sourceMappingURL=secure-storage.js.map

package/dist/security/secure-storage.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"secure-storage.js","sourceRoot":"","sources":["../../src/security/secure-storage.ts"],"names":[],"mappings":";AAAA;;;;;;EAME;;;AAmBF;;GAEG;AACH,MAAa,aAAa;IAKxB,YACE,OAAuB,EACvB,eAAgC,EAChC,oBAAmC;QAEnC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QACvC,IAAI,CAAC,oBAAoB,GAAG,oBAAoB,CAAC;IACnD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,KAAiB,EAAE,aAA6B;QACrE,MAAM,EAAE,GAAG,aAAa,IAAI,IAAI,CAAC,oBAAoB,CAAC;QAEtD,2BAA2B;QAC3B,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,EAAE,EAAE,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC;YACxD,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAClF,CAAC;QAED,sBAAsB;QACtB,MAAM,WAAW,GAAG,GAAG,EAAE,CAAC,MAAM,IAAI,WAAW,QAAQ,CAAC;QACxD,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;YACtD,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,CAAC;YACH,+BAA+B;YAC/B,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YAErE,2BAA2B;YAC3B,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,EAAS,CAAC,CAAC;YAE9E,2BAA2B;YAC3B,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,GAAG;gBACb,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE;oBACP,YAAY,EAAE,KAAK,CAAC,EAAE;oBACtB,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,OAAO,EAAE,KAAK,CAAC,OAAO;iBACvB;aACF,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uBAAuB;YACvB,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,GAAG;gBACb,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;aAC7E,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,aAA6B;QAClD,MAAM,EAAE,GAAG,aAAa,IAAI,IAAI,CAAC,oBAAoB,CAAC;QAEtD,2BAA2B;QAC3B,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,CAAC;YACvD,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;QACjF,CAAC;QAED,sBAAsB;QACtB,MAAM,WAAW,GAAG,GAAG,EAAE,CAAC,MAAM,IAAI,WAAW,OAAO,CAAC;QACvD,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;YACtD,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC;QAED,IAAI,CAAC;YACH,sBAAsB;YACtB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAsB,CAAC;YAEpE,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,sCAAsC;gBACtC,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;oBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;oBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;oBACrB,MAAM,EAAE,MAAM;oBACd,QAAQ,EAAE,GAAG;oBACb,OAAO,EAAE,IAAI;oBACb,OAAO,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE;iBACjC,CAAC,CAAC;gBACH,OAAO,IAAI,CAAC;YACd,CAAC;YAED,6BAA6B;YAC7B,IAAI,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,EAAE,CAAC;gBACrC,mBAAmB;gBACnB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;gBAE9E,sBAAsB;gBACtB,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;oBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;oBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;oBACrB,MAAM,EAAE,MAAM;oBACd,QAAQ,EAAE,GAAG;oBACb,OAAO,EAAE,IAAI;oBACb,OAAO,EAAE;wBACP,YAAY,EAAE,aAAa,CAAC,EAAE;wBAC9B,MAAM,EAAE,aAAa,CAAC,MAAM;wBAC5B,SAAS,EAAE,IAAI;qBAChB;iBACF,CAAC,CAAC;gBAEH,OAAO,aAAa,CAAC;YACvB,CAAC;iBAAM,CAAC;gBACN,+CAA+C;gBAC/C,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;oBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;oBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;oBACrB,MAAM,EAAE,MAAM;oBACd,QAAQ,EAAE,GAAG;oBACb,OAAO,EAAE,IAAI;oBACb,OAAO,EAAE;wBACP,YAAY,EAAE,UAAU,CAAC,EAAE;wBAC3B,MAAM,EAAE,UAAU,CAAC,MAAM;wBACzB,SAAS,EAAE,KAAK;qBACjB;iBACF,CAAC,CAAC;gBAEH,OAAO,UAAU,CAAC;YACpB,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uBAAuB;YACvB,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,GAAG;gBACb,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;aAC7E,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,GAAW,EAAE,aAA6B;QACrD,MAAM,EAAE,GAAG,aAAa,IAAI,IAAI,CAAC,oBAAoB,CAAC;QAEtD,2BAA2B;QAC3B,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,GAAG,CAAC,EAAE,CAAC;YACzD,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;QACnF,CAAC;QAED,sBAAsB;QACtB,MAAM,WAAW,GAAG,GAAG,EAAE,CAAC,MAAM,IAAI,WAAW,SAAS,CAAC;QACzD,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;YACtD,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC/D,CAAC;QAED,IAAI,CAAC;YACH,kBAAkB;YAClB,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAE/B,2BAA2B;YAC3B,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,QAAQ;gBAChB,QAAQ,EAAE,GAAG;gBACb,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uBAAuB;YACvB,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,QAAQ;gBAChB,QAAQ,EAAE,GAAG;gBACb,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;aAC7E,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,aAA6B;QACtC,MAAM,EAAE,GAAG,aAAa,IAAI,IAAI,CAAC,oBAAoB,CAAC;QAEtD,2BAA2B;QAC3B,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC;YACzD,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAClF,CAAC;QAED,sBAAsB;QACtB,MAAM,WAAW,GAAG,GAAG,EAAE,CAAC,MAAM,IAAI,WAAW,OAAO,CAAC;QACvD,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;YACtD,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC;QAED,IAAI,CAAC;YACH,sBAAsB;YACtB,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,EAAkB,CAAC;YACjE,MAAM,aAAa,GAAiB,EAAE,CAAC;YAEvC,oBAAoB;YACpB,KAAK,MAAM,UAAU,IAAI,cAAc,EAAE,CAAC;gBACxC,IAAI,CAAC;oBACH,IAAI,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,EAAE,CAAC;wBACrC,mBAAmB;wBACnB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;wBAC9E,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;oBACpC,CAAC;yBAAM,CAAC;wBACN,wBAAwB;wBACxB,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;oBACjC,CAAC;gBACH,CAAC;gBAAC,OAAO,YAAY,EAAE,CAAC;oBACtB,qDAAqD;oBACrD,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;wBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;wBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;wBACrB,MAAM,EAAE,eAAe;wBACvB,QAAQ,EAAE,gBAAgB;wBAC1B,OAAO,EAAE,KAAK;wBACd,OAAO,EAAE;4BACP,KAAK,EAAE,YAAY,YAAY,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;4BAC7E,QAAQ,EAAE,uBAAuB;yBAClC;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,2BAA2B;YAC3B,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,EAAE,KAAK,EAAE,aAAa,CAAC,MAAM,EAAE;aACzC,CAAC,CAAC;YAEH,OAAO,aAAa,CAAC;QACvB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uBAAuB;YACvB,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;aAC7E,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,aAA6B;QACvC,MAAM,EAAE,GAAG,aAAa,IAAI,IAAI,CAAC,oBAAoB,CAAC;QAEtD,2BAA2B;QAC3B,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,EAAE,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,CAAC;YAC1D,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;QACvF,CAAC;QAED,sBAAsB;QACtB,MAAM,WAAW,GAAG,GAAG,EAAE,CAAC,MAAM,IAAI,WAAW,QAAQ,CAAC;QACxD,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;YACtD,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,CAAC;YACH,iBAAiB;YACjB,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YAE3B,2BAA2B;YAC3B,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,EAAE,SAAS,EAAE,wBAAwB,EAAE;aACjD,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uBAAuB;YACvB,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;aAC7E,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ,CAAC,aAA6B;QAC1C,MAAM,EAAE,GAAG,aAAa,IAAI,IAAI,CAAC,oBAAoB,CAAC;QAEtD,2BAA2B;QAC3B,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;YAC3D,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;QACxF,CAAC;QAED,IAAI,CAAC;YACH,yBAAyB;YACzB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;YAE5C,2BAA2B;YAC3B,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,YAAY;gBACpB,QAAQ,EAAE,SAAS;gBACnB,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE;oBACP,SAAS,EAAE,KAAK,CAAC,SAAS;oBAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;iBAC3B;aACF,CAAC,CAAC;YAEH,OAAO,KAAK,CAAC;QACf,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uBAAuB;YACvB,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,YAAY;gBACpB,QAAQ,EAAE,SAAS;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;aAC7E,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAAC,aAA6B;QAChD,MAAM,EAAE,GAAG,aAAa,IAAI,IAAI,CAAC,oBAAoB,CAAC;QAEtD,2BAA2B;QAC3B,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,EAAE,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,CAAC;YAChE,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;QAChF,CAAC;QAED,IAAI,CAAC;YACH,kBAAkB;YAClB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;YAEnD,2BAA2B;YAC3B,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,iBAAiB;gBACzB,QAAQ,EAAE,SAAS;gBACnB,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,EAAE,MAAM,EAAE;aACpB,CAAC,CAAC;YAEH,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uBAAuB;YACvB,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,iBAAiB;gBACzB,QAAQ,EAAE,SAAS;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;aAC7E,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK;QACT,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YAE3B,2BAA2B;YAC3B,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,kBAAkB;gBAC1B,QAAQ,EAAE,SAAS;gBACnB,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uBAAuB;YACvB,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;gBAC5B,MAAM,EAAE,kBAAkB;gBAC1B,QAAQ,EAAE,SAAS;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;aAC7E,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,uBAAuB,CAAC,aAA4B;QAClD,IAAI,CAAC,oBAAoB,GAAG,aAAa,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,iBAAiB;QACf,OAAO,IAAI,CAAC,eAAe,CAAC,iBAAiB,EAAE,CAAC;IAClD,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,IAAgB;QACtC,OAAO,WAAW,IAAI,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,IAAI,IAAI,MAAM,IAAI,IAAI,CAAC;IAC1E,CAAC;CACF;AA/bD,sCA+bC"}

package/dist/security/security-manager.d.ts

@@ -0,0 +1,172 @@
+import { EventEmitter } from 'events';
+/**
+ * Security configuration interface
+ */
+export interface SecurityConfig {
+    encryption?: {
+        enabled: boolean;
+        algorithm?: 'AES-256-CBC' | 'AES-256-GCM';
+        key?: string;
+        keyEnvVar?: string;
+    };
+    accessControl?: {
+        enabled: boolean;
+        roles?: string[];
+        permissions?: Record<string, string[]>;
+        defaultRole?: string;
+    };
+    auditLogging?: {
+        enabled: boolean;
+        level?: 'basic' | 'detailed' | 'verbose';
+        includeSensitiveData?: boolean;
+        maxLogSize?: number;
+    };
+    rateLimiting?: {
+        enabled: boolean;
+        maxRequestsPerMinute?: number;
+        maxRequestsPerHour?: number;
+        windowMs?: number;
+    };
+}
+/**
+ * Default security configuration
+ */
+export declare const DEFAULT_SECURITY_CONFIG: SecurityConfig;
+/**
+ * Audit log entry interface
+ */
+export interface AuditLogEntry {
+    id: string;
+    timestamp: Date;
+    userId?: string;
+    userRole?: string;
+    action: string;
+    resource: string;
+    success: boolean;
+    details?: Record<string, any>;
+    ipAddress?: string;
+    userAgent?: string;
+}
+/**
+ * Access control interface
+ */
+export interface AccessControl {
+    userId?: string;
+    userRole: string;
+    permissions: string[];
+    ipAddress?: string;
+    userAgent?: string;
+}
+/**
+ * Rate limiting interface
+ */
+export interface RateLimitInfo {
+    userId?: string;
+    ipAddress?: string;
+    requests: number;
+    windowStart: Date;
+    limit: number;
+}
+/**
+ * Security Manager for handling encryption, access control, and audit logging
+ */
+export declare class SecurityManager extends EventEmitter {
+    private config;
+    private auditLog;
+    private rateLimitStore;
+    private encryptionKey;
+    constructor(config?: Partial<SecurityConfig>);
+    /**
+     * Validate encryption configuration synchronously
+     */
+    private validateEncryptionConfig;
+    /**
+     * Initialize security features
+     */
+    private initializeSecurity;
+    /**
+     * Initialize encryption
+     */
+    private initializeEncryption;
+    /**
+     * Encrypt retry state data
+     */
+    encryptData(data: any): Promise<string>;
+    /**
+     * Decrypt retry state data
+     */
+    decryptData(encryptedData: string): Promise<any>;
+    /**
+     * Check access permissions
+     */
+    checkAccess(accessControl: AccessControl, action: string, resource: string): boolean;
+    /**
+     * Check rate limiting
+     */
+    checkRateLimit(identifier: string, limit?: number): boolean;
+    /**
+     * Log audit entry
+     */
+    logAudit(entry: Omit<AuditLogEntry, 'id' | 'timestamp'>): void;
+    /**
+     * Get audit log entries
+     */
+    getAuditLog(limit?: number, offset?: number): AuditLogEntry[];
+    /**
+     * Get audit log entries by user
+     */
+    getAuditLogByUser(userId: string, limit?: number): AuditLogEntry[];
+    /**
+     * Get audit log entries by action
+     */
+    getAuditLogByAction(action: string, limit?: number): AuditLogEntry[];
+    /**
+     * Get audit statistics
+     */
+    getAuditStats(): Record<string, any>;
+    /**
+     * Clear audit log
+     */
+    clearAuditLog(): void;
+    /**
+     * Get rate limit information
+     */
+    getRateLimitInfo(identifier: string): RateLimitInfo | null;
+    /**
+     * Reset rate limit for an identifier
+     */
+    resetRateLimit(identifier: string): void;
+    /**
+     * Get security configuration
+     */
+    getConfig(): SecurityConfig;
+    /**
+     * Update security configuration
+     */
+    updateConfig(newConfig: Partial<SecurityConfig>): void;
+    /**
+     * Check if encryption is enabled
+     */
+    isEncryptionEnabled(): boolean;
+    /**
+     * Check if access control is enabled
+     */
+    isAccessControlEnabled(): boolean;
+    /**
+     * Check if audit logging is enabled
+     */
+    isAuditLoggingEnabled(): boolean;
+    /**
+     * Check if rate limiting is enabled
+     */
+    isRateLimitingEnabled(): boolean;
+    /**
+     * Generate unique ID for audit entries
+     */
+    private generateId;
+    /**
+     * Get security status
+     */
+    getSecurityStatus(): Record<string, any>;
+}
+//# sourceMappingURL=security-manager.d.ts.map

package/dist/security/security-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-manager.d.ts","sourceRoot":"","sources":["../../src/security/security-manager.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AAMtC;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,UAAU,CAAC,EAAE;QACX,OAAO,EAAE,OAAO,CAAC;QACjB,SAAS,CAAC,EAAE,aAAa,GAAG,aAAa,CAAC;QAC1C,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,CAAC;IACF,aAAa,CAAC,EAAE;QACd,OAAO,EAAE,OAAO,CAAC;QACjB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;QACjB,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;QACvC,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,YAAY,CAAC,EAAE;QACb,OAAO,EAAE,OAAO,CAAC;QACjB,KAAK,CAAC,EAAE,OAAO,GAAG,UAAU,GAAG,SAAS,CAAC;QACzC,oBAAoB,CAAC,EAAE,OAAO,CAAC;QAC/B,UAAU,CAAC,EAAE,MAAM,CAAC;KACrB,CAAC;IACF,YAAY,CAAC,EAAE;QACb,OAAO,EAAE,OAAO,CAAC;QACjB,oBAAoB,CAAC,EAAE,MAAM,CAAC;QAC9B,kBAAkB,CAAC,EAAE,MAAM,CAAC;QAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,CAAC;CACH;AAED;;GAEG;AACH,eAAO,MAAM,uBAAuB,EAAE,cA4BrC,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,IAAI,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC9B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,IAAI,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,qBAAa,eAAgB,SAAQ,YAAY;IAC/C,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,QAAQ,CAAuB;IACvC,OAAO,CAAC,cAAc,CAAyC;IAC/D,OAAO,CAAC,aAAa,CAAuB;gBAEhC,MAAM,GAAE,OAAO,CAAC,cAAc,CAAM;IAYhD;;OAEG;IACH,OAAO,CAAC,wBAAwB;IAgBhC;;OAEG;YACW,kBAAkB;IAMhC;;OAEG;YACW,oBAAoB;IAgBlC;;OAEG;IACG,WAAW,CAAC,IAAI,EAAE,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC;IAe7C;;OAEG;IACG,WAAW,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;IAetD;;OAEG;IACH,WAAW,CAAC,aAAa,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO;IAgCpF;;OAEG;IACH,cAAc,CAAC,UAAU,EAAE,MAAM,EAAE,KAAK,GAAE,MAA8D,GAAG,OAAO;IAyClH;;OAEG;IACH,QAAQ,CAAC,KAAK,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,GAAG,WAAW,CAAC,GAAG,IAAI;IA8B9D;;OAEG;IACH,WAAW,CAAC,KAAK,GAAE,MAAY,EAAE,MAAM,GAAE,MAAU,GAAG,aAAa,EAAE;IAMrE;;OAEG;IACH,iBAAiB,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,GAAE,MAAY,GAAG,aAAa,EAAE;IAOvE;;OAEG;IACH,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,GAAE,MAAY,GAAG,aAAa,EAAE;IAOzE;;OAEG;IACH,aAAa,IAAI,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;IA8BpC;;OAEG;IACH,aAAa,IAAI,IAAI;IAKrB;;OAEG;IACH,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI;IAI1D;;OAEG;IACH,cAAc,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;IAKxC;;OAEG;IACH,SAAS,IAAI,cAAc;IAI3B;;OAEG;IACH,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,cAAc,CAAC,GAAG,IAAI;IAKtD;;OAEG;IACH,mBAAmB,IAAI,OAAO;IAI9B;;OAEG;IACH,sBAAsB,IAAI,OAAO;IAIjC;;OAEG;IACH,qBAAqB,IAAI,OAAO;IAIhC;;OAEG;IACH,qBAAqB,IAAI,OAAO;IAIhC;;OAEG;IACH,OAAO,CAAC,UAAU;IAIlB;;OAEG;IACH,iBAAiB,IAAI,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;CA0BzC"}