@blamejs/core 0.13.43 → 0.13.45
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/README.md +1 -1
- package/lib/a2a.js +11 -11
- package/lib/agent-snapshot.js +1 -1
- package/lib/ai-capability.js +20 -20
- package/lib/ai-dp.js +17 -17
- package/lib/ai-input.js +3 -3
- package/lib/ai-pref.js +9 -9
- package/lib/ai-quota.js +17 -17
- package/lib/arg-parser.js +38 -38
- package/lib/audit-sign.js +4 -4
- package/lib/auth/acr-vocabulary.js +4 -4
- package/lib/auth/auth-time-tracker.js +1 -1
- package/lib/auth/elevation-grant.js +10 -10
- package/lib/auth/step-up-policy.js +12 -12
- package/lib/auth/step-up.js +15 -15
- package/lib/boot-gates.js +6 -6
- package/lib/budr.js +6 -6
- package/lib/cert.js +71 -9
- package/lib/content-credentials.js +13 -13
- package/lib/dark-patterns.js +15 -15
- package/lib/ddl-change-control.js +37 -37
- package/lib/dr-runbook.js +7 -7
- package/lib/fapi2.js +9 -9
- package/lib/fdx.js +7 -7
- package/lib/graphql-federation.js +2 -2
- package/lib/iab-mspa.js +5 -5
- package/lib/iab-tcf.js +18 -18
- package/lib/mcp.js +13 -13
- package/lib/middleware/require-step-up.js +3 -3
- package/lib/network-tls.js +81 -5
- package/lib/sec-cyber.js +3 -3
- package/lib/sse.js +14 -14
- package/lib/tcpa-10dlc.js +5 -5
- package/lib/tenant-quota.js +18 -18
- package/package.json +1 -1
- package/sbom.cdx.json +6 -6
|
@@ -59,7 +59,7 @@ var DAY_NAMES = ["sun", "mon", "tue", "wed", "thu", "fri", "sat"];
|
|
|
59
59
|
|
|
60
60
|
function _parseWindowSpec(spec) {
|
|
61
61
|
if (typeof spec !== "string" || spec.length === 0) {
|
|
62
|
-
throw new DdlChangeControlError("
|
|
62
|
+
throw new DdlChangeControlError("ddl-change-control/bad-window",
|
|
63
63
|
"windowSpec must be a non-empty string");
|
|
64
64
|
}
|
|
65
65
|
var trimmed = spec.trim();
|
|
@@ -68,11 +68,11 @@ function _parseWindowSpec(spec) {
|
|
|
68
68
|
}
|
|
69
69
|
var parts = trimmed.split(/\s+/);
|
|
70
70
|
if (parts.length !== 3) {
|
|
71
|
-
throw new DdlChangeControlError("
|
|
71
|
+
throw new DdlChangeControlError("ddl-change-control/bad-window",
|
|
72
72
|
"windowSpec must be 'always' or '<days> <HH:MM-HH:MM> UTC' - got " + JSON.stringify(spec));
|
|
73
73
|
}
|
|
74
74
|
if (parts[2].toUpperCase() !== "UTC") {
|
|
75
|
-
throw new DdlChangeControlError("
|
|
75
|
+
throw new DdlChangeControlError("ddl-change-control/bad-window",
|
|
76
76
|
"windowSpec timezone must be UTC - got " + parts[2]);
|
|
77
77
|
}
|
|
78
78
|
var days = new Set();
|
|
@@ -82,13 +82,13 @@ function _parseWindowSpec(spec) {
|
|
|
82
82
|
if (dp.indexOf("-") !== -1) {
|
|
83
83
|
var range = dp.split("-");
|
|
84
84
|
if (range.length !== 2) {
|
|
85
|
-
throw new DdlChangeControlError("
|
|
85
|
+
throw new DdlChangeControlError("ddl-change-control/bad-window",
|
|
86
86
|
"windowSpec day-range must be 'A-B' - got " + dp);
|
|
87
87
|
}
|
|
88
88
|
var lo = DAY_NAMES.indexOf(range[0]);
|
|
89
89
|
var hi = DAY_NAMES.indexOf(range[1]);
|
|
90
90
|
if (lo === -1 || hi === -1) {
|
|
91
|
-
throw new DdlChangeControlError("
|
|
91
|
+
throw new DdlChangeControlError("ddl-change-control/bad-window",
|
|
92
92
|
"windowSpec unknown day in range " + dp);
|
|
93
93
|
}
|
|
94
94
|
if (lo <= hi) {
|
|
@@ -100,7 +100,7 @@ function _parseWindowSpec(spec) {
|
|
|
100
100
|
} else {
|
|
101
101
|
var idx = DAY_NAMES.indexOf(dp);
|
|
102
102
|
if (idx === -1) {
|
|
103
|
-
throw new DdlChangeControlError("
|
|
103
|
+
throw new DdlChangeControlError("ddl-change-control/bad-window",
|
|
104
104
|
"windowSpec unknown day '" + dp + "'");
|
|
105
105
|
}
|
|
106
106
|
days.add(idx);
|
|
@@ -108,13 +108,13 @@ function _parseWindowSpec(spec) {
|
|
|
108
108
|
}
|
|
109
109
|
var hourParts = parts[1].split("-");
|
|
110
110
|
if (hourParts.length !== 2) {
|
|
111
|
-
throw new DdlChangeControlError("
|
|
111
|
+
throw new DdlChangeControlError("ddl-change-control/bad-window",
|
|
112
112
|
"windowSpec hour-range must be 'HH:MM-HH:MM' - got " + parts[1]);
|
|
113
113
|
}
|
|
114
114
|
var startMin = _parseHHMM(hourParts[0]);
|
|
115
115
|
var endMin = _parseHHMM(hourParts[1]);
|
|
116
116
|
if (startMin >= endMin) {
|
|
117
|
-
throw new DdlChangeControlError("
|
|
117
|
+
throw new DdlChangeControlError("ddl-change-control/bad-window",
|
|
118
118
|
"windowSpec start must be < end - got " + parts[1]);
|
|
119
119
|
}
|
|
120
120
|
return { always: false, days: days, startMin: startMin, endMin: endMin };
|
|
@@ -123,13 +123,13 @@ function _parseWindowSpec(spec) {
|
|
|
123
123
|
function _parseHHMM(s) {
|
|
124
124
|
var m = /^(\d{2}):(\d{2})$/.exec(s);
|
|
125
125
|
if (!m) {
|
|
126
|
-
throw new DdlChangeControlError("
|
|
126
|
+
throw new DdlChangeControlError("ddl-change-control/bad-window",
|
|
127
127
|
"windowSpec time must be HH:MM - got " + s);
|
|
128
128
|
}
|
|
129
129
|
var hh = parseInt(m[1], 10);
|
|
130
130
|
var mm = parseInt(m[2], 10);
|
|
131
131
|
if (hh < 0 || hh > 23 || mm < 0 || mm > 59) {
|
|
132
|
-
throw new DdlChangeControlError("
|
|
132
|
+
throw new DdlChangeControlError("ddl-change-control/bad-window",
|
|
133
133
|
"windowSpec time out of range - got " + s);
|
|
134
134
|
}
|
|
135
135
|
return hh * 60 + mm; // allow:raw-time-literal — converting HH:MM to minute-of-day, not "60 seconds"
|
|
@@ -212,28 +212,28 @@ function create(opts) {
|
|
|
212
212
|
"verifyWith", "store", "now", "selfApproval",
|
|
213
213
|
], "ddlChangeControl.create");
|
|
214
214
|
validateOpts.auditShape(opts.audit, "ddlChangeControl",
|
|
215
|
-
DdlChangeControlError, "
|
|
215
|
+
DdlChangeControlError, "ddl-change-control/bad-audit");
|
|
216
216
|
validateOpts.optionalFunction(opts.signWith,
|
|
217
|
-
"ddlChangeControl: signWith", DdlChangeControlError, "
|
|
217
|
+
"ddlChangeControl: signWith", DdlChangeControlError, "ddl-change-control/bad-signer");
|
|
218
218
|
validateOpts.optionalFunction(opts.verifyWith,
|
|
219
|
-
"ddlChangeControl: verifyWith", DdlChangeControlError, "
|
|
219
|
+
"ddlChangeControl: verifyWith", DdlChangeControlError, "ddl-change-control/bad-verifier");
|
|
220
220
|
validateOpts.optionalFunction(opts.now,
|
|
221
|
-
"ddlChangeControl: now", DdlChangeControlError, "
|
|
221
|
+
"ddlChangeControl: now", DdlChangeControlError, "ddl-change-control/bad-now");
|
|
222
222
|
validateOpts.optionalNonEmptyString(opts.posture,
|
|
223
|
-
"ddlChangeControl: posture", DdlChangeControlError, "
|
|
223
|
+
"ddlChangeControl: posture", DdlChangeControlError, "ddl-change-control/bad-posture");
|
|
224
224
|
|
|
225
225
|
var approvers = 2;
|
|
226
226
|
if (opts.approvers !== undefined) {
|
|
227
227
|
if (typeof opts.approvers !== "number" || !isFinite(opts.approvers) ||
|
|
228
228
|
opts.approvers < 1) {
|
|
229
|
-
throw new DdlChangeControlError("
|
|
229
|
+
throw new DdlChangeControlError("ddl-change-control/bad-approvers",
|
|
230
230
|
"approvers must be a positive integer");
|
|
231
231
|
}
|
|
232
232
|
approvers = Math.floor(opts.approvers);
|
|
233
233
|
}
|
|
234
234
|
var posture = opts.posture || null;
|
|
235
235
|
if (posture && POSTURES_REQUIRING_CHANGE_CONTROL.indexOf(posture) !== -1 && approvers < 2) {
|
|
236
|
-
throw new DdlChangeControlError("
|
|
236
|
+
throw new DdlChangeControlError("ddl-change-control/insufficient-approvers",
|
|
237
237
|
"posture '" + posture + "' requires approvers >= 2 (SOX 404 / PCI-DSS 6.5)");
|
|
238
238
|
}
|
|
239
239
|
|
|
@@ -267,11 +267,11 @@ function create(opts) {
|
|
|
267
267
|
async function propose(sql, options) {
|
|
268
268
|
options = options || {};
|
|
269
269
|
if (typeof sql !== "string" || sql.length === 0) {
|
|
270
|
-
throw new DdlChangeControlError("
|
|
270
|
+
throw new DdlChangeControlError("ddl-change-control/bad-sql",
|
|
271
271
|
"propose: sql must be a non-empty string");
|
|
272
272
|
}
|
|
273
273
|
if (typeof options.proposer !== "string" || options.proposer.length === 0) {
|
|
274
|
-
throw new DdlChangeControlError("
|
|
274
|
+
throw new DdlChangeControlError("ddl-change-control/missing-proposer",
|
|
275
275
|
"propose: opts.proposer is required (non-empty string)");
|
|
276
276
|
}
|
|
277
277
|
var changeId = generateToken(C.BYTES.bytes(16));
|
|
@@ -311,37 +311,37 @@ function create(opts) {
|
|
|
311
311
|
async function approve(changeId, approver, options) {
|
|
312
312
|
options = options || {};
|
|
313
313
|
if (typeof changeId !== "string" || changeId.length === 0) {
|
|
314
|
-
throw new DdlChangeControlError("
|
|
314
|
+
throw new DdlChangeControlError("ddl-change-control/bad-id",
|
|
315
315
|
"approve: changeId must be a non-empty string");
|
|
316
316
|
}
|
|
317
317
|
if (typeof approver !== "string" || approver.length === 0) {
|
|
318
|
-
throw new DdlChangeControlError("
|
|
318
|
+
throw new DdlChangeControlError("ddl-change-control/missing-approver",
|
|
319
319
|
"approve: approver must be a non-empty string");
|
|
320
320
|
}
|
|
321
321
|
var change = store.get(changeId);
|
|
322
322
|
if (!change) {
|
|
323
|
-
throw new DdlChangeControlError("
|
|
323
|
+
throw new DdlChangeControlError("ddl-change-control/unknown-change",
|
|
324
324
|
"approve: unknown changeId '" + changeId + "'");
|
|
325
325
|
}
|
|
326
326
|
if (change.state === STATE_REJECTED) {
|
|
327
|
-
throw new DdlChangeControlError("
|
|
327
|
+
throw new DdlChangeControlError("ddl-change-control/already-rejected",
|
|
328
328
|
"approve: change '" + changeId + "' is already rejected");
|
|
329
329
|
}
|
|
330
330
|
if (change.state === STATE_APPLIED) {
|
|
331
|
-
throw new DdlChangeControlError("
|
|
331
|
+
throw new DdlChangeControlError("ddl-change-control/already-applied",
|
|
332
332
|
"approve: change '" + changeId + "' is already applied");
|
|
333
333
|
}
|
|
334
334
|
if (!selfApprovalAllowed && approver === change.proposer) {
|
|
335
335
|
_emit("ddl.change.apply_refused", {
|
|
336
336
|
changeId: changeId, reason: "self-approval-denied", actor: approver,
|
|
337
337
|
}, "denied");
|
|
338
|
-
throw new DdlChangeControlError("
|
|
338
|
+
throw new DdlChangeControlError("ddl-change-control/self-approval-denied",
|
|
339
339
|
"approve: proposer '" + approver + "' cannot approve their own change under posture '" +
|
|
340
340
|
(posture || "default") + "'");
|
|
341
341
|
}
|
|
342
342
|
for (var i = 0; i < change.approvals.length; i++) {
|
|
343
343
|
if (change.approvals[i].approver === approver) {
|
|
344
|
-
throw new DdlChangeControlError("
|
|
344
|
+
throw new DdlChangeControlError("ddl-change-control/duplicate-approval",
|
|
345
345
|
"approve: '" + approver + "' has already approved this change");
|
|
346
346
|
}
|
|
347
347
|
}
|
|
@@ -373,20 +373,20 @@ function create(opts) {
|
|
|
373
373
|
|
|
374
374
|
async function reject(changeId, reviewer, reason) {
|
|
375
375
|
if (typeof changeId !== "string" || changeId.length === 0) {
|
|
376
|
-
throw new DdlChangeControlError("
|
|
376
|
+
throw new DdlChangeControlError("ddl-change-control/bad-id",
|
|
377
377
|
"reject: changeId must be a non-empty string");
|
|
378
378
|
}
|
|
379
379
|
if (typeof reviewer !== "string" || reviewer.length === 0) {
|
|
380
|
-
throw new DdlChangeControlError("
|
|
380
|
+
throw new DdlChangeControlError("ddl-change-control/missing-reviewer",
|
|
381
381
|
"reject: reviewer must be a non-empty string");
|
|
382
382
|
}
|
|
383
383
|
var change = store.get(changeId);
|
|
384
384
|
if (!change) {
|
|
385
|
-
throw new DdlChangeControlError("
|
|
385
|
+
throw new DdlChangeControlError("ddl-change-control/unknown-change",
|
|
386
386
|
"reject: unknown changeId '" + changeId + "'");
|
|
387
387
|
}
|
|
388
388
|
if (change.state === STATE_APPLIED) {
|
|
389
|
-
throw new DdlChangeControlError("
|
|
389
|
+
throw new DdlChangeControlError("ddl-change-control/already-applied",
|
|
390
390
|
"reject: change '" + changeId + "' is already applied");
|
|
391
391
|
}
|
|
392
392
|
change.state = STATE_REJECTED;
|
|
@@ -422,20 +422,20 @@ function create(opts) {
|
|
|
422
422
|
|
|
423
423
|
async function applyApproved(changeId, runner) {
|
|
424
424
|
if (typeof runner !== "function") {
|
|
425
|
-
throw new DdlChangeControlError("
|
|
425
|
+
throw new DdlChangeControlError("ddl-change-control/bad-runner",
|
|
426
426
|
"applyApproved: runner must be an async function (sql) => result");
|
|
427
427
|
}
|
|
428
428
|
var change = store.get(changeId);
|
|
429
429
|
if (!change) {
|
|
430
|
-
throw new DdlChangeControlError("
|
|
430
|
+
throw new DdlChangeControlError("ddl-change-control/unknown-change",
|
|
431
431
|
"applyApproved: unknown changeId '" + changeId + "'");
|
|
432
432
|
}
|
|
433
433
|
if (change.state === STATE_APPLIED) {
|
|
434
|
-
throw new DdlChangeControlError("
|
|
434
|
+
throw new DdlChangeControlError("ddl-change-control/already-applied",
|
|
435
435
|
"applyApproved: change '" + changeId + "' is already applied");
|
|
436
436
|
}
|
|
437
437
|
if (change.state === STATE_REJECTED) {
|
|
438
|
-
throw new DdlChangeControlError("
|
|
438
|
+
throw new DdlChangeControlError("ddl-change-control/already-rejected",
|
|
439
439
|
"applyApproved: change '" + changeId + "' is rejected");
|
|
440
440
|
}
|
|
441
441
|
if (change.approvals.length < approvers) {
|
|
@@ -443,7 +443,7 @@ function create(opts) {
|
|
|
443
443
|
changeId: changeId,
|
|
444
444
|
reason: "insufficient-approvals: " + change.approvals.length + "/" + approvers,
|
|
445
445
|
}, "denied");
|
|
446
|
-
throw new DdlChangeControlError("
|
|
446
|
+
throw new DdlChangeControlError("ddl-change-control/insufficient-approvals",
|
|
447
447
|
"applyApproved: change '" + changeId + "' has " + change.approvals.length +
|
|
448
448
|
" approvals; threshold is " + approvers);
|
|
449
449
|
}
|
|
@@ -451,7 +451,7 @@ function create(opts) {
|
|
|
451
451
|
_emit("ddl.change.apply_refused", {
|
|
452
452
|
changeId: changeId, reason: "window-closed",
|
|
453
453
|
}, "denied");
|
|
454
|
-
throw new DdlChangeControlError("
|
|
454
|
+
throw new DdlChangeControlError("ddl-change-control/window-closed",
|
|
455
455
|
"applyApproved: change '" + changeId + "' refused - outside allowed window");
|
|
456
456
|
}
|
|
457
457
|
var currentHash = _hashSql(change.sql);
|
|
@@ -459,7 +459,7 @@ function create(opts) {
|
|
|
459
459
|
_emit("ddl.change.apply_refused", {
|
|
460
460
|
changeId: changeId, reason: "sql-tampered",
|
|
461
461
|
}, "denied");
|
|
462
|
-
throw new DdlChangeControlError("
|
|
462
|
+
throw new DdlChangeControlError("ddl-change-control/sql-tampered",
|
|
463
463
|
"applyApproved: stored SQL no longer matches its hash - refusing to apply");
|
|
464
464
|
}
|
|
465
465
|
var startedAt = now();
|
package/lib/dr-runbook.js
CHANGED
|
@@ -232,7 +232,7 @@ function _renderTest(posture) {
|
|
|
232
232
|
* placeholder otherwise so the runbook never silently drops a
|
|
233
233
|
* required section.
|
|
234
234
|
*
|
|
235
|
-
* Throws `DrRunbookError("
|
|
235
|
+
* Throws `DrRunbookError("dr-runbook/unknown-posture")` when `posture`
|
|
236
236
|
* is not in the supported list.
|
|
237
237
|
*
|
|
238
238
|
* @opts
|
|
@@ -272,22 +272,22 @@ async function emit(opts) {
|
|
|
272
272
|
], "drRunbook.emit");
|
|
273
273
|
|
|
274
274
|
validateOpts.requireNonEmptyString(opts.outDir,
|
|
275
|
-
"drRunbook.emit: outDir", DrRunbookError, "
|
|
275
|
+
"drRunbook.emit: outDir", DrRunbookError, "dr-runbook/no-outdir");
|
|
276
276
|
validateOpts.requireNonEmptyString(opts.posture,
|
|
277
|
-
"drRunbook.emit: posture", DrRunbookError, "
|
|
277
|
+
"drRunbook.emit: posture", DrRunbookError, "dr-runbook/no-posture");
|
|
278
278
|
if (!POSTURE_BLOCKS[opts.posture]) {
|
|
279
|
-
throw new DrRunbookError("
|
|
279
|
+
throw new DrRunbookError("dr-runbook/unknown-posture",
|
|
280
280
|
"drRunbook.emit: posture '" + opts.posture + "' not in supported list (" +
|
|
281
281
|
Object.keys(POSTURE_BLOCKS).join(", ") + ")");
|
|
282
282
|
}
|
|
283
283
|
if (opts.services !== undefined && !Array.isArray(opts.services)) {
|
|
284
|
-
throw new DrRunbookError("
|
|
284
|
+
throw new DrRunbookError("dr-runbook/bad-services",
|
|
285
285
|
"drRunbook.emit: services must be an array of {name, rtoMs, rpoMs}");
|
|
286
286
|
}
|
|
287
287
|
validateOpts.optionalPositiveFinite(opts.rtoMs,
|
|
288
|
-
"drRunbook.emit: rtoMs", DrRunbookError, "
|
|
288
|
+
"drRunbook.emit: rtoMs", DrRunbookError, "dr-runbook/bad-rto");
|
|
289
289
|
validateOpts.optionalPositiveFinite(opts.rpoMs,
|
|
290
|
-
"drRunbook.emit: rpoMs", DrRunbookError, "
|
|
290
|
+
"drRunbook.emit: rpoMs", DrRunbookError, "dr-runbook/bad-rpo");
|
|
291
291
|
|
|
292
292
|
var auditOn = opts.audit !== false;
|
|
293
293
|
var postureBlock = POSTURE_BLOCKS[opts.posture];
|
package/lib/fapi2.js
CHANGED
|
@@ -135,17 +135,17 @@ var SENDER_CONSTRAINTS = ["dpop", "mtls"];
|
|
|
135
135
|
*/
|
|
136
136
|
function assertConformance(opts) {
|
|
137
137
|
if (!opts || typeof opts !== "object") {
|
|
138
|
-
throw Fapi2Error.factory("
|
|
138
|
+
throw Fapi2Error.factory("fapi2/bad-opts",
|
|
139
139
|
"fapi2.assertConformance: opts required");
|
|
140
140
|
}
|
|
141
141
|
if (SENDER_CONSTRAINTS.indexOf(opts.senderConstraint) === -1) {
|
|
142
|
-
throw Fapi2Error.factory("
|
|
142
|
+
throw Fapi2Error.factory("fapi2/bad-sender-constraint",
|
|
143
143
|
"fapi2.assertConformance: senderConstraint must be 'dpop' or 'mtls'");
|
|
144
144
|
}
|
|
145
145
|
var parRequired = opts.parRequired !== false;
|
|
146
146
|
var pkceMethod = opts.pkceMethod || "S256";
|
|
147
147
|
if (pkceMethod !== "S256") {
|
|
148
|
-
throw Fapi2Error.factory("
|
|
148
|
+
throw Fapi2Error.factory("fapi2/bad-pkce",
|
|
149
149
|
"fapi2.assertConformance: PKCE method must be S256 (FAPI 2.0 §5.3.1.1) — got '" +
|
|
150
150
|
pkceMethod + "'");
|
|
151
151
|
}
|
|
@@ -224,17 +224,17 @@ function assertConformance(opts) {
|
|
|
224
224
|
*/
|
|
225
225
|
function assertOAuthConfig(oauthOpts) {
|
|
226
226
|
if (!oauthOpts || typeof oauthOpts !== "object") {
|
|
227
|
-
throw Fapi2Error.factory("
|
|
227
|
+
throw Fapi2Error.factory("fapi2/bad-oauth-opts",
|
|
228
228
|
"fapi2.assertOAuthConfig: oauth opts required");
|
|
229
229
|
}
|
|
230
230
|
// PKCE — refuse pkce: false (b.auth.oauth.create already does this,
|
|
231
231
|
// but check explicitly for FAPI clarity).
|
|
232
232
|
if (oauthOpts.pkce === false) {
|
|
233
|
-
throw Fapi2Error.factory("
|
|
233
|
+
throw Fapi2Error.factory("fapi2/pkce-disabled",
|
|
234
234
|
"fapi2.assertOAuthConfig: PKCE is disabled — FAPI 2.0 §5.3.1.1 mandates S256");
|
|
235
235
|
}
|
|
236
236
|
if (oauthOpts.pkceMethod && oauthOpts.pkceMethod !== "S256") {
|
|
237
|
-
throw Fapi2Error.factory("
|
|
237
|
+
throw Fapi2Error.factory("fapi2/pkce-not-s256",
|
|
238
238
|
"fapi2.assertOAuthConfig: PKCE method '" + oauthOpts.pkceMethod +
|
|
239
239
|
"' is not S256 (FAPI 2.0 §5.3.1.1)");
|
|
240
240
|
}
|
|
@@ -242,16 +242,16 @@ function assertOAuthConfig(oauthOpts) {
|
|
|
242
242
|
var hasDpop = oauthOpts.dpop === true || oauthOpts.senderConstraint === "dpop";
|
|
243
243
|
var hasMtls = oauthOpts.mtls === true || oauthOpts.senderConstraint === "mtls";
|
|
244
244
|
if (!hasDpop && !hasMtls) {
|
|
245
|
-
throw Fapi2Error.factory("
|
|
245
|
+
throw Fapi2Error.factory("fapi2/no-sender-constraint",
|
|
246
246
|
"fapi2.assertOAuthConfig: FAPI 2.0 §5.3.2.5 requires sender-constrained tokens via DPoP OR mTLS — neither declared");
|
|
247
247
|
}
|
|
248
248
|
if (hasDpop && hasMtls) {
|
|
249
|
-
throw Fapi2Error.factory("
|
|
249
|
+
throw Fapi2Error.factory("fapi2/both-sender-constraints",
|
|
250
250
|
"fapi2.assertOAuthConfig: declare exactly one of DPoP / mTLS — both creates over-binding ambiguity");
|
|
251
251
|
}
|
|
252
252
|
// PAR
|
|
253
253
|
if (oauthOpts.par === false) {
|
|
254
|
-
throw Fapi2Error.factory("
|
|
254
|
+
throw Fapi2Error.factory("fapi2/par-disabled",
|
|
255
255
|
"fapi2.assertOAuthConfig: PAR is disabled — FAPI 2.0 §5.3.2.2 mandates Pushed Authorization Requests");
|
|
256
256
|
}
|
|
257
257
|
}
|
package/lib/fdx.js
CHANGED
|
@@ -162,10 +162,10 @@ var FDX_SCHEMAS = {
|
|
|
162
162
|
*/
|
|
163
163
|
function bind(opts) {
|
|
164
164
|
if (!opts || typeof opts !== "object") {
|
|
165
|
-
throw FdxError.factory("
|
|
165
|
+
throw FdxError.factory("fdx/bad-opts", "fdx.bind: opts required");
|
|
166
166
|
}
|
|
167
167
|
if (!opts.authServer || typeof opts.authServer !== "object") {
|
|
168
|
-
throw FdxError.factory("
|
|
168
|
+
throw FdxError.factory("fdx/bad-auth-server",
|
|
169
169
|
"fdx.bind: authServer object required");
|
|
170
170
|
}
|
|
171
171
|
validateOpts.requireNonEmptyString(opts.authServer.issuer,
|
|
@@ -174,12 +174,12 @@ function bind(opts) {
|
|
|
174
174
|
"fdx.bind: authServer.jwksUri", FdxError, "BAD_JWKS_URI");
|
|
175
175
|
|
|
176
176
|
if (!Array.isArray(opts.resources) || opts.resources.length === 0) {
|
|
177
|
-
throw FdxError.factory("
|
|
177
|
+
throw FdxError.factory("fdx/bad-resources",
|
|
178
178
|
"fdx.bind: resources must be a non-empty array");
|
|
179
179
|
}
|
|
180
180
|
for (var i = 0; i < opts.resources.length; i += 1) {
|
|
181
181
|
if (FDX_RESOURCES.indexOf(opts.resources[i]) === -1) {
|
|
182
|
-
throw FdxError.factory("
|
|
182
|
+
throw FdxError.factory("fdx/unknown-resource",
|
|
183
183
|
"fdx.bind: unknown resource '" + opts.resources[i] +
|
|
184
184
|
"' (allowed: " + FDX_RESOURCES.join(", ") + ")");
|
|
185
185
|
}
|
|
@@ -248,7 +248,7 @@ function bind(opts) {
|
|
|
248
248
|
function validateResponse(resourceType, body) {
|
|
249
249
|
var schema = FDX_SCHEMAS[resourceType];
|
|
250
250
|
if (!schema) {
|
|
251
|
-
throw FdxError.factory("
|
|
251
|
+
throw FdxError.factory("fdx/unknown-resource",
|
|
252
252
|
"fdx.validateResponse: unknown resource '" + resourceType + "'");
|
|
253
253
|
}
|
|
254
254
|
if (!body || typeof body !== "object") {
|
|
@@ -313,7 +313,7 @@ function validateResponse(resourceType, body) {
|
|
|
313
313
|
*/
|
|
314
314
|
function consentReceipt(opts) {
|
|
315
315
|
if (!opts || typeof opts !== "object") {
|
|
316
|
-
throw FdxError.factory("
|
|
316
|
+
throw FdxError.factory("fdx/bad-opts", "fdx.consentReceipt: opts required");
|
|
317
317
|
}
|
|
318
318
|
validateOpts.requireNonEmptyString(opts.dataProvider,
|
|
319
319
|
"fdx.consentReceipt: dataProvider", FdxError, "BAD_DATA_PROVIDER");
|
|
@@ -324,7 +324,7 @@ function consentReceipt(opts) {
|
|
|
324
324
|
validateOpts.requireNonEmptyString(opts.revocationUrl,
|
|
325
325
|
"fdx.consentReceipt: revocationUrl", FdxError, "BAD_REVOCATION_URL");
|
|
326
326
|
if (!Array.isArray(opts.scopes) || opts.scopes.length === 0) {
|
|
327
|
-
throw FdxError.factory("
|
|
327
|
+
throw FdxError.factory("fdx/bad-scopes",
|
|
328
328
|
"fdx.consentReceipt: scopes must be a non-empty array");
|
|
329
329
|
}
|
|
330
330
|
numericBounds.requirePositiveFiniteIntIfPresent(opts.durationMs,
|
|
@@ -87,7 +87,7 @@ function _readBody(req, errorClass) {
|
|
|
87
87
|
try { collector.push(chunk); }
|
|
88
88
|
catch (_e) {
|
|
89
89
|
req.destroy();
|
|
90
|
-
reject(errorClass.factory("
|
|
90
|
+
reject(errorClass.factory("graphql-federation/body-too-large",
|
|
91
91
|
"graphqlFederation: body exceeds " + cap + " bytes"));
|
|
92
92
|
}
|
|
93
93
|
});
|
|
@@ -133,7 +133,7 @@ function guardSdl(opts) {
|
|
|
133
133
|
var publicSchemaOk = opts.publicSchemaOk === true;
|
|
134
134
|
var routerToken = typeof opts.routerToken === "string" ? opts.routerToken : null;
|
|
135
135
|
if (!publicSchemaOk && (!routerToken || routerToken.length < ROUTER_TOKEN_MIN_LEN)) {
|
|
136
|
-
throw errorClass.factory("
|
|
136
|
+
throw errorClass.factory("graphql-federation/bad-opts",
|
|
137
137
|
"graphqlFederation.guardSdl: routerToken (32+ char) required unless publicSchemaOk=true");
|
|
138
138
|
}
|
|
139
139
|
var nonceStore = opts.nonceStore && typeof opts.nonceStore.has === "function" &&
|
package/lib/iab-mspa.js
CHANGED
|
@@ -74,11 +74,11 @@ var DATA_USES = ["sale", "sharing", "targeted-ads", "sensitive", "child-data"];
|
|
|
74
74
|
*/
|
|
75
75
|
function parseGpp(gppString) {
|
|
76
76
|
if (typeof gppString !== "string" || gppString.length === 0) {
|
|
77
|
-
throw IabMspaError.factory("
|
|
77
|
+
throw IabMspaError.factory("iab-mspa/bad-input",
|
|
78
78
|
"iabMspa.parseGpp: gppString required");
|
|
79
79
|
}
|
|
80
80
|
if (gppString.length > 8192) { // allow:raw-byte-literal — GPP string cap, not bytes
|
|
81
|
-
throw IabMspaError.factory("
|
|
81
|
+
throw IabMspaError.factory("iab-mspa/input-too-large",
|
|
82
82
|
"iabMspa.parseGpp: gppString exceeds 8192 chars");
|
|
83
83
|
}
|
|
84
84
|
// GPP framing: <header>~<section1>~<section2>...
|
|
@@ -157,11 +157,11 @@ function parseGpp(gppString) {
|
|
|
157
157
|
*/
|
|
158
158
|
function checkOptOut(parsed, opts) {
|
|
159
159
|
if (!parsed || typeof parsed !== "object" || !Array.isArray(parsed.sections)) {
|
|
160
|
-
throw IabMspaError.factory("
|
|
160
|
+
throw IabMspaError.factory("iab-mspa/bad-parsed",
|
|
161
161
|
"iabMspa.checkOptOut: parsed object required (call parseGpp first)");
|
|
162
162
|
}
|
|
163
163
|
if (!opts || DATA_USES.indexOf(opts.dataUse) === -1) {
|
|
164
|
-
throw IabMspaError.factory("
|
|
164
|
+
throw IabMspaError.factory("iab-mspa/bad-data-use",
|
|
165
165
|
"iabMspa.checkOptOut: opts.dataUse must be one of " + DATA_USES.join(", "));
|
|
166
166
|
}
|
|
167
167
|
var signals = [];
|
|
@@ -214,7 +214,7 @@ function refuseProcessing(parsed, opts) {
|
|
|
214
214
|
signals: rv.signals,
|
|
215
215
|
},
|
|
216
216
|
});
|
|
217
|
-
throw IabMspaError.factory("
|
|
217
|
+
throw IabMspaError.factory("iab-mspa/opt-out-honored",
|
|
218
218
|
"iabMspa: opt-out signal must be honored for dataUse='" + opts.dataUse +
|
|
219
219
|
"' (signals: " + rv.signals.join(", ") + ")");
|
|
220
220
|
}
|
package/lib/iab-tcf.js
CHANGED
|
@@ -116,7 +116,7 @@ function _b64urlDecode(s) {
|
|
|
116
116
|
var pad = padded.length % 4;
|
|
117
117
|
if (pad === 2) padded += "==";
|
|
118
118
|
else if (pad === 3) padded += "=";
|
|
119
|
-
else if (pad === 1) throw IabTcfError.factory("
|
|
119
|
+
else if (pad === 1) throw IabTcfError.factory("iab-tcf/bad-base64",
|
|
120
120
|
"iabTcf: base64url segment has invalid length");
|
|
121
121
|
return Buffer.from(padded, "base64");
|
|
122
122
|
}
|
|
@@ -127,7 +127,7 @@ function _bitReader(buf) {
|
|
|
127
127
|
var totalBits = buf.length * 8; // allow:raw-byte-literal — bits per byte
|
|
128
128
|
function read(n) {
|
|
129
129
|
if (bitOffset + n > totalBits) {
|
|
130
|
-
throw IabTcfError.factory("
|
|
130
|
+
throw IabTcfError.factory("iab-tcf/bad-length",
|
|
131
131
|
"iabTcf: read past end of segment (offset=" + bitOffset + " want=" + n + " total=" + totalBits + ")");
|
|
132
132
|
}
|
|
133
133
|
// Accumulate with `* 2`, not `<< 1`: the Created / LastUpdated fields are
|
|
@@ -288,7 +288,7 @@ function _parseSecondaryVendorSegment(buf, expectedType) {
|
|
|
288
288
|
var r = _bitReader(buf);
|
|
289
289
|
var segType = r.read(3); // allow:raw-byte-literal — TCF spec field width
|
|
290
290
|
if (segType !== expectedType) {
|
|
291
|
-
throw IabTcfError.factory("
|
|
291
|
+
throw IabTcfError.factory("iab-tcf/bad-segment-type",
|
|
292
292
|
"iabTcf: expected segment type " + expectedType + ", got " + segType);
|
|
293
293
|
}
|
|
294
294
|
return _parseVendorSection(r);
|
|
@@ -318,18 +318,18 @@ function _parseSecondaryVendorSegment(buf, expectedType) {
|
|
|
318
318
|
*/
|
|
319
319
|
function parseString(tcString) {
|
|
320
320
|
if (typeof tcString !== "string" || tcString.length === 0) {
|
|
321
|
-
throw IabTcfError.factory("
|
|
321
|
+
throw IabTcfError.factory("iab-tcf/bad-input",
|
|
322
322
|
"iabTcf.parseString: tcString must be a non-empty string");
|
|
323
323
|
}
|
|
324
324
|
if (tcString.length > MAX_TC_STRING_BYTES) {
|
|
325
|
-
throw IabTcfError.factory("
|
|
325
|
+
throw IabTcfError.factory("iab-tcf/input-too-large",
|
|
326
326
|
"iabTcf.parseString: tcString exceeds " + MAX_TC_STRING_BYTES + " bytes");
|
|
327
327
|
}
|
|
328
328
|
var segments = tcString.split(".");
|
|
329
329
|
var coreBuf;
|
|
330
330
|
try { coreBuf = _b64urlDecode(segments[0]); }
|
|
331
331
|
catch (e) {
|
|
332
|
-
throw IabTcfError.factory("
|
|
332
|
+
throw IabTcfError.factory("iab-tcf/bad-core",
|
|
333
333
|
"iabTcf.parseString: core segment base64url decode failed: " + e.message);
|
|
334
334
|
}
|
|
335
335
|
var core = _parseCore(coreBuf);
|
|
@@ -425,7 +425,7 @@ function requireV23Disclosed(tcString, opts) {
|
|
|
425
425
|
metadata: { coreVersion: parsed.core.version, required: TCF_V23_CORE_VERSION },
|
|
426
426
|
});
|
|
427
427
|
}
|
|
428
|
-
throw IabTcfError.factory("
|
|
428
|
+
throw IabTcfError.factory("iab-tcf/wrong-core-version",
|
|
429
429
|
"iabTcf: core version " + parsed.core.version + " not v2.3 (required " +
|
|
430
430
|
TCF_V23_CORE_VERSION + ")");
|
|
431
431
|
}
|
|
@@ -438,7 +438,7 @@ function requireV23Disclosed(tcString, opts) {
|
|
|
438
438
|
metadata: { policyVersion: parsed.core.policyVersion, required: TCF_V23_POLICY_VERSION },
|
|
439
439
|
});
|
|
440
440
|
}
|
|
441
|
-
throw IabTcfError.factory("
|
|
441
|
+
throw IabTcfError.factory("iab-tcf/wrong-policy-version",
|
|
442
442
|
"iabTcf: policy version " + parsed.core.policyVersion + " not v2.3 (required " +
|
|
443
443
|
TCF_V23_POLICY_VERSION + ")");
|
|
444
444
|
}
|
|
@@ -451,7 +451,7 @@ function requireV23Disclosed(tcString, opts) {
|
|
|
451
451
|
metadata: {},
|
|
452
452
|
});
|
|
453
453
|
}
|
|
454
|
-
throw IabTcfError.factory("
|
|
454
|
+
throw IabTcfError.factory("iab-tcf/missing-disclosed-vendors",
|
|
455
455
|
"iabTcf: TC string lacks DisclosedVendors segment (TCF v2.3 §III.B.5 — REQUIRED since 2026-02-28)");
|
|
456
456
|
}
|
|
457
457
|
if (auditOn) {
|
|
@@ -492,12 +492,12 @@ function requireV23Disclosed(tcString, opts) {
|
|
|
492
492
|
*/
|
|
493
493
|
function checkVendor(parsed, vendorId) {
|
|
494
494
|
if (!parsed || !parsed.core) {
|
|
495
|
-
throw IabTcfError.factory("
|
|
495
|
+
throw IabTcfError.factory("iab-tcf/bad-parsed",
|
|
496
496
|
"iabTcf.checkVendor: parsed object required (call parseString first)");
|
|
497
497
|
}
|
|
498
498
|
if (typeof vendorId !== "number" || !isFinite(vendorId) || vendorId < 1 ||
|
|
499
499
|
Math.floor(vendorId) !== vendorId) {
|
|
500
|
-
throw IabTcfError.factory("
|
|
500
|
+
throw IabTcfError.factory("iab-tcf/bad-vendor-id",
|
|
501
501
|
"iabTcf.checkVendor: vendorId must be a positive integer");
|
|
502
502
|
}
|
|
503
503
|
return {
|
|
@@ -522,7 +522,7 @@ function _idArray(x) {
|
|
|
522
522
|
var out = [];
|
|
523
523
|
list.forEach(function (id) {
|
|
524
524
|
if (typeof id !== "number" || !isFinite(id) || id < 1 || Math.floor(id) !== id) {
|
|
525
|
-
throw IabTcfError.factory("
|
|
525
|
+
throw IabTcfError.factory("iab-tcf/bad-value", "iabTcf.encode: vendor/purpose ids must be positive integers, got " + id);
|
|
526
526
|
}
|
|
527
527
|
if (!seen[id]) { seen[id] = 1; out.push(id); }
|
|
528
528
|
});
|
|
@@ -544,7 +544,7 @@ function _idRuns(ids) {
|
|
|
544
544
|
|
|
545
545
|
function _decisec(t) {
|
|
546
546
|
var ms = t instanceof Date ? t.getTime() : (t == null ? Date.now() : Number(t));
|
|
547
|
-
if (!isFinite(ms) || ms < 0) throw IabTcfError.factory("
|
|
547
|
+
if (!isFinite(ms) || ms < 0) throw IabTcfError.factory("iab-tcf/bad-value", "iabTcf.encode: timestamp must be a Date or non-negative epoch-ms");
|
|
548
548
|
return Math.round(ms / 100); // allow:raw-time-literal — ms → TCF deciseconds
|
|
549
549
|
}
|
|
550
550
|
|
|
@@ -554,8 +554,8 @@ function _decisec(t) {
|
|
|
554
554
|
function _bitWriter() {
|
|
555
555
|
var bits = "";
|
|
556
556
|
function writeInt(v, n) {
|
|
557
|
-
if (typeof v !== "number" || !isFinite(v) || v < 0 || Math.floor(v) !== v) throw IabTcfError.factory("
|
|
558
|
-
if (v >= Math.pow(2, n)) throw IabTcfError.factory("
|
|
557
|
+
if (typeof v !== "number" || !isFinite(v) || v < 0 || Math.floor(v) !== v) throw IabTcfError.factory("iab-tcf/bad-value", "iabTcf.encode: expected a non-negative integer, got " + v);
|
|
558
|
+
if (v >= Math.pow(2, n)) throw IabTcfError.factory("iab-tcf/value-overflow", "iabTcf.encode: " + v + " does not fit in " + n + " bits");
|
|
559
559
|
bits += v.toString(2).padStart(n, "0");
|
|
560
560
|
}
|
|
561
561
|
function writeBool(flag) { bits += flag ? "1" : "0"; }
|
|
@@ -601,10 +601,10 @@ function _b64urlEncode(buf) {
|
|
|
601
601
|
|
|
602
602
|
function _writeLetters(w, s, label) {
|
|
603
603
|
var str = String(s).toUpperCase();
|
|
604
|
-
if (str.length !== 2) throw IabTcfError.factory("
|
|
604
|
+
if (str.length !== 2) throw IabTcfError.factory("iab-tcf/bad-value", "iabTcf.encode: " + label + " must be a 2-letter code, got '" + s + "'");
|
|
605
605
|
for (var i = 0; i < 2; i += 1) {
|
|
606
606
|
var v = str.charCodeAt(i) - 0x41; // allow:raw-byte-literal — ASCII 'A' offset
|
|
607
|
-
if (v < 0 || v > 25) throw IabTcfError.factory("
|
|
607
|
+
if (v < 0 || v > 25) throw IabTcfError.factory("iab-tcf/bad-value", "iabTcf.encode: '" + str.charAt(i) + "' is not an A-Z letter");
|
|
608
608
|
w.writeInt(v, 6); // allow:raw-byte-literal — TCF spec field width
|
|
609
609
|
}
|
|
610
610
|
}
|
|
@@ -650,7 +650,7 @@ function _encodePublisherTC(pub) {
|
|
|
650
650
|
*/
|
|
651
651
|
function encode(obj) {
|
|
652
652
|
if (!obj || typeof obj !== "object" || !obj.core || typeof obj.core !== "object") {
|
|
653
|
-
throw IabTcfError.factory("
|
|
653
|
+
throw IabTcfError.factory("iab-tcf/bad-input", "iabTcf.encode: obj must have a 'core' object");
|
|
654
654
|
}
|
|
655
655
|
var c = obj.core;
|
|
656
656
|
var w = _bitWriter();
|