@brightchain/brightchain-api-lib 0.14.0 → 0.15.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +5 -5
- package/src/index.d.ts +3 -0
- package/src/index.d.ts.map +1 -1
- package/src/index.js +5 -0
- package/src/index.js.map +1 -1
- package/src/lib/application.d.ts +1 -0
- package/src/lib/application.d.ts.map +1 -1
- package/src/lib/application.js +23 -0
- package/src/lib/application.js.map +1 -1
- package/src/lib/auth/aclEnforcedAvailability.d.ts +57 -0
- package/src/lib/auth/aclEnforcedAvailability.d.ts.map +1 -0
- package/src/lib/auth/aclEnforcedAvailability.js +87 -0
- package/src/lib/auth/aclEnforcedAvailability.js.map +1 -0
- package/src/lib/auth/aclEnforcedBlockStore.d.ts +66 -0
- package/src/lib/auth/aclEnforcedBlockStore.d.ts.map +1 -0
- package/src/lib/auth/aclEnforcedBlockStore.js +83 -0
- package/src/lib/auth/aclEnforcedBlockStore.js.map +1 -0
- package/src/lib/auth/ecdsaNodeAuthenticator.d.ts +46 -0
- package/src/lib/auth/ecdsaNodeAuthenticator.d.ts.map +1 -0
- package/src/lib/auth/ecdsaNodeAuthenticator.js +110 -0
- package/src/lib/auth/ecdsaNodeAuthenticator.js.map +1 -0
- package/src/lib/auth/index.d.ts +7 -0
- package/src/lib/auth/index.d.ts.map +1 -0
- package/src/lib/auth/index.js +13 -0
- package/src/lib/auth/index.js.map +1 -0
- package/src/lib/auth/poolAclBootstrap.d.ts +36 -0
- package/src/lib/auth/poolAclBootstrap.d.ts.map +1 -0
- package/src/lib/auth/poolAclBootstrap.js +64 -0
- package/src/lib/auth/poolAclBootstrap.js.map +1 -0
- package/src/lib/auth/poolAclStore.d.ts +77 -0
- package/src/lib/auth/poolAclStore.d.ts.map +1 -0
- package/src/lib/auth/poolAclStore.js +189 -0
- package/src/lib/auth/poolAclStore.js.map +1 -0
- package/src/lib/auth/poolAclUpdater.d.ts +79 -0
- package/src/lib/auth/poolAclUpdater.d.ts.map +1 -0
- package/src/lib/auth/poolAclUpdater.js +144 -0
- package/src/lib/auth/poolAclUpdater.js.map +1 -0
- package/src/lib/availability/availabilityService.d.ts +2 -2
- package/src/lib/availability/availabilityService.d.ts.map +1 -1
- package/src/lib/availability/availabilityService.js +12 -5
- package/src/lib/availability/availabilityService.js.map +1 -1
- package/src/lib/availability/blockRegistry.d.ts +45 -3
- package/src/lib/availability/blockRegistry.d.ts.map +1 -1
- package/src/lib/availability/blockRegistry.js +123 -5
- package/src/lib/availability/blockRegistry.js.map +1 -1
- package/src/lib/availability/discoveryProtocol.d.ts +30 -1
- package/src/lib/availability/discoveryProtocol.d.ts.map +1 -1
- package/src/lib/availability/discoveryProtocol.js +76 -0
- package/src/lib/availability/discoveryProtocol.js.map +1 -1
- package/src/lib/availability/gossipService.d.ts +45 -6
- package/src/lib/availability/gossipService.d.ts.map +1 -1
- package/src/lib/availability/gossipService.js +177 -5
- package/src/lib/availability/gossipService.js.map +1 -1
- package/src/lib/availability/reconciliationService.d.ts +88 -1
- package/src/lib/availability/reconciliationService.d.ts.map +1 -1
- package/src/lib/availability/reconciliationService.js +246 -48
- package/src/lib/availability/reconciliationService.js.map +1 -1
- package/src/lib/blockFetch/blockFetcher.d.ts +100 -0
- package/src/lib/blockFetch/blockFetcher.d.ts.map +1 -0
- package/src/lib/blockFetch/blockFetcher.js +279 -0
- package/src/lib/blockFetch/blockFetcher.js.map +1 -0
- package/src/lib/blockFetch/fetchQueue.d.ts +88 -0
- package/src/lib/blockFetch/fetchQueue.d.ts.map +1 -0
- package/src/lib/blockFetch/fetchQueue.js +204 -0
- package/src/lib/blockFetch/fetchQueue.js.map +1 -0
- package/src/lib/blockFetch/httpBlockFetchTransport.d.ts +65 -0
- package/src/lib/blockFetch/httpBlockFetchTransport.d.ts.map +1 -0
- package/src/lib/blockFetch/httpBlockFetchTransport.js +104 -0
- package/src/lib/blockFetch/httpBlockFetchTransport.js.map +1 -0
- package/src/lib/blockFetch/index.d.ts +10 -0
- package/src/lib/blockFetch/index.d.ts.map +1 -0
- package/src/lib/blockFetch/index.js +13 -0
- package/src/lib/blockFetch/index.js.map +1 -0
- package/src/lib/controllers/api/brightpass.d.ts +72 -0
- package/src/lib/controllers/api/brightpass.d.ts.map +1 -0
- package/src/lib/controllers/api/brightpass.js +577 -0
- package/src/lib/controllers/api/brightpass.js.map +1 -0
- package/src/lib/controllers/api/channels.d.ts +122 -0
- package/src/lib/controllers/api/channels.d.ts.map +1 -0
- package/src/lib/controllers/api/channels.js +701 -0
- package/src/lib/controllers/api/channels.js.map +1 -0
- package/src/lib/controllers/api/conversations.d.ts +89 -0
- package/src/lib/controllers/api/conversations.d.ts.map +1 -0
- package/src/lib/controllers/api/conversations.js +259 -0
- package/src/lib/controllers/api/conversations.js.map +1 -0
- package/src/lib/controllers/api/emails.d.ts +122 -0
- package/src/lib/controllers/api/emails.d.ts.map +1 -0
- package/src/lib/controllers/api/emails.js +494 -0
- package/src/lib/controllers/api/emails.js.map +1 -0
- package/src/lib/controllers/api/explodingMessages.d.ts +79 -0
- package/src/lib/controllers/api/explodingMessages.d.ts.map +1 -0
- package/src/lib/controllers/api/explodingMessages.js +378 -0
- package/src/lib/controllers/api/explodingMessages.js.map +1 -0
- package/src/lib/controllers/api/groups.d.ts +94 -0
- package/src/lib/controllers/api/groups.d.ts.map +1 -0
- package/src/lib/controllers/api/groups.js +484 -0
- package/src/lib/controllers/api/groups.js.map +1 -0
- package/src/lib/controllers/api/index.d.ts +6 -0
- package/src/lib/controllers/api/index.d.ts.map +1 -1
- package/src/lib/controllers/api/index.js +6 -0
- package/src/lib/controllers/api/index.js.map +1 -1
- package/src/lib/controllers/api/messages.d.ts.map +1 -1
- package/src/lib/controllers/api/messages.js +2 -1
- package/src/lib/controllers/api/messages.js.map +1 -1
- package/src/lib/controllers/api/sync.d.ts +38 -2
- package/src/lib/controllers/api/sync.d.ts.map +1 -1
- package/src/lib/controllers/api/sync.js +89 -0
- package/src/lib/controllers/api/sync.js.map +1 -1
- package/src/lib/controllers/crypto/gitController.d.ts +70 -0
- package/src/lib/controllers/crypto/gitController.d.ts.map +1 -0
- package/src/lib/controllers/crypto/gitController.js +306 -0
- package/src/lib/controllers/crypto/gitController.js.map +1 -0
- package/src/lib/controllers/crypto/index.d.ts +3 -0
- package/src/lib/controllers/crypto/index.d.ts.map +1 -0
- package/src/lib/controllers/crypto/index.js +6 -0
- package/src/lib/controllers/crypto/index.js.map +1 -0
- package/src/lib/controllers/crypto/walletController.d.ts +64 -0
- package/src/lib/controllers/crypto/walletController.d.ts.map +1 -0
- package/src/lib/controllers/crypto/walletController.js +260 -0
- package/src/lib/controllers/crypto/walletController.js.map +1 -0
- package/src/lib/controllers/identity/deviceController.d.ts +96 -0
- package/src/lib/controllers/identity/deviceController.d.ts.map +1 -0
- package/src/lib/controllers/identity/deviceController.js +355 -0
- package/src/lib/controllers/identity/deviceController.js.map +1 -0
- package/src/lib/controllers/identity/directoryController.d.ts +75 -0
- package/src/lib/controllers/identity/directoryController.d.ts.map +1 -0
- package/src/lib/controllers/identity/directoryController.js +288 -0
- package/src/lib/controllers/identity/directoryController.js.map +1 -0
- package/src/lib/controllers/identity/identityProofController.d.ts +94 -0
- package/src/lib/controllers/identity/identityProofController.d.ts.map +1 -0
- package/src/lib/controllers/identity/identityProofController.js +454 -0
- package/src/lib/controllers/identity/identityProofController.js.map +1 -0
- package/src/lib/controllers/identity/index.d.ts +4 -0
- package/src/lib/controllers/identity/index.d.ts.map +1 -0
- package/src/lib/controllers/identity/index.js +7 -0
- package/src/lib/controllers/identity/index.js.map +1 -0
- package/src/lib/controllers/index.d.ts +2 -0
- package/src/lib/controllers/index.d.ts.map +1 -1
- package/src/lib/controllers/index.js +2 -0
- package/src/lib/controllers/index.js.map +1 -1
- package/src/lib/encryption/encryptedMetadataService.d.ts +87 -0
- package/src/lib/encryption/encryptedMetadataService.d.ts.map +1 -0
- package/src/lib/encryption/encryptedMetadataService.js +224 -0
- package/src/lib/encryption/encryptedMetadataService.js.map +1 -0
- package/src/lib/encryption/encryptionAwareReplication.d.ts +76 -0
- package/src/lib/encryption/encryptionAwareReplication.d.ts.map +1 -0
- package/src/lib/encryption/encryptionAwareReplication.js +116 -0
- package/src/lib/encryption/encryptionAwareReplication.js.map +1 -0
- package/src/lib/encryption/errors.d.ts +49 -0
- package/src/lib/encryption/errors.d.ts.map +1 -0
- package/src/lib/encryption/errors.js +80 -0
- package/src/lib/encryption/errors.js.map +1 -0
- package/src/lib/encryption/index.d.ts +6 -0
- package/src/lib/encryption/index.d.ts.map +1 -0
- package/src/lib/encryption/index.js +9 -0
- package/src/lib/encryption/index.js.map +1 -0
- package/src/lib/encryption/poolEncryptionService.d.ts +94 -0
- package/src/lib/encryption/poolEncryptionService.d.ts.map +1 -0
- package/src/lib/encryption/poolEncryptionService.js +252 -0
- package/src/lib/encryption/poolEncryptionService.js.map +1 -0
- package/src/lib/encryption/poolKeyManager.d.ts +82 -0
- package/src/lib/encryption/poolKeyManager.d.ts.map +1 -0
- package/src/lib/encryption/poolKeyManager.js +156 -0
- package/src/lib/encryption/poolKeyManager.js.map +1 -0
- package/src/lib/environment.d.ts +3 -0
- package/src/lib/environment.d.ts.map +1 -1
- package/src/lib/environment.js +5 -0
- package/src/lib/environment.js.map +1 -1
- package/src/lib/interfaces/environment.d.ts +7 -1
- package/src/lib/interfaces/environment.d.ts.map +1 -1
- package/src/lib/interfaces/index.d.ts +0 -1
- package/src/lib/interfaces/index.d.ts.map +1 -1
- package/src/lib/interfaces/requests/getBlockDataRequest.d.ts +12 -0
- package/src/lib/interfaces/requests/getBlockDataRequest.d.ts.map +1 -0
- package/src/lib/interfaces/{blockStore.js → requests/getBlockDataRequest.js} +1 -1
- package/src/lib/interfaces/requests/getBlockDataRequest.js.map +1 -0
- package/src/lib/interfaces/requests/index.d.ts +1 -0
- package/src/lib/interfaces/requests/index.d.ts.map +1 -1
- package/src/lib/routers/api.d.ts +54 -1
- package/src/lib/routers/api.d.ts.map +1 -1
- package/src/lib/routers/api.js +77 -0
- package/src/lib/routers/api.js.map +1 -1
- package/src/lib/services/blockStore.d.ts +5 -2
- package/src/lib/services/blockStore.d.ts.map +1 -1
- package/src/lib/services/blockStore.js +4 -0
- package/src/lib/services/blockStore.js.map +1 -1
- package/src/lib/services/brightpass/auditLogger.d.ts +77 -0
- package/src/lib/services/brightpass/auditLogger.d.ts.map +1 -0
- package/src/lib/services/brightpass/auditLogger.js +184 -0
- package/src/lib/services/brightpass/auditLogger.js.map +1 -0
- package/src/lib/services/brightpass/vaultEncryption.d.ts +82 -0
- package/src/lib/services/brightpass/vaultEncryption.d.ts.map +1 -0
- package/src/lib/services/brightpass/vaultEncryption.js +144 -0
- package/src/lib/services/brightpass/vaultEncryption.js.map +1 -0
- package/src/lib/services/brightpass.d.ts +294 -0
- package/src/lib/services/brightpass.d.ts.map +1 -0
- package/src/lib/services/brightpass.js +1260 -0
- package/src/lib/services/brightpass.js.map +1 -0
- package/src/lib/services/eventNotificationSystem.d.ts +69 -3
- package/src/lib/services/eventNotificationSystem.d.ts.map +1 -1
- package/src/lib/services/eventNotificationSystem.js +200 -0
- package/src/lib/services/eventNotificationSystem.js.map +1 -1
- package/src/lib/services/expirationScheduler.d.ts +90 -0
- package/src/lib/services/expirationScheduler.d.ts.map +1 -0
- package/src/lib/services/expirationScheduler.js +131 -0
- package/src/lib/services/expirationScheduler.js.map +1 -0
- package/src/lib/services/fecUsageExample.d.ts +2 -2
- package/src/lib/services/index.d.ts +2 -0
- package/src/lib/services/index.d.ts.map +1 -1
- package/src/lib/services/index.js +2 -0
- package/src/lib/services/index.js.map +1 -1
- package/src/lib/services/paginationService.d.ts +18 -0
- package/src/lib/services/paginationService.d.ts.map +1 -0
- package/src/lib/services/paginationService.js +32 -0
- package/src/lib/services/paginationService.js.map +1 -0
- package/src/lib/services/presenceService.d.ts +76 -0
- package/src/lib/services/presenceService.d.ts.map +1 -0
- package/src/lib/services/presenceService.js +143 -0
- package/src/lib/services/presenceService.js.map +1 -0
- package/src/lib/services/wireConversationPromotion.d.ts +23 -0
- package/src/lib/services/wireConversationPromotion.d.ts.map +1 -0
- package/src/lib/services/wireConversationPromotion.js +26 -0
- package/src/lib/services/wireConversationPromotion.js.map +1 -0
- package/src/lib/stores/availabilityAwareBlockStore.d.ts +115 -10
- package/src/lib/stores/availabilityAwareBlockStore.d.ts.map +1 -1
- package/src/lib/stores/availabilityAwareBlockStore.js +267 -23
- package/src/lib/stores/availabilityAwareBlockStore.js.map +1 -1
- package/src/lib/stores/diskBlockAsyncStore.d.ts +81 -2
- package/src/lib/stores/diskBlockAsyncStore.d.ts.map +1 -1
- package/src/lib/stores/diskBlockAsyncStore.js +297 -10
- package/src/lib/stores/diskBlockAsyncStore.js.map +1 -1
- package/src/lib/utils/communicationValidation.d.ts +44 -0
- package/src/lib/utils/communicationValidation.d.ts.map +1 -0
- package/src/lib/utils/communicationValidation.js +291 -0
- package/src/lib/utils/communicationValidation.js.map +1 -0
- package/src/lib/utils/emailValidation.d.ts +19 -0
- package/src/lib/utils/emailValidation.d.ts.map +1 -0
- package/src/lib/utils/emailValidation.js +232 -0
- package/src/lib/utils/emailValidation.js.map +1 -0
- package/src/lib/interfaces/blockStore.d.ts +0 -7
- package/src/lib/interfaces/blockStore.d.ts.map +0 -1
- package/src/lib/interfaces/blockStore.js.map +0 -1
|
@@ -0,0 +1,454 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* IdentityProofController — REST API for identity proof management.
|
|
4
|
+
*
|
|
5
|
+
* Routes:
|
|
6
|
+
* POST /create — Create a new identity proof
|
|
7
|
+
* POST /verify — Verify a proof's signature
|
|
8
|
+
* POST /check-url — Check if a proof URL contains the signed statement
|
|
9
|
+
* POST /:id/revoke — Revoke an identity proof
|
|
10
|
+
* GET /instructions/:platform — Get platform-specific posting instructions
|
|
11
|
+
* GET /list — List proofs for a member
|
|
12
|
+
*
|
|
13
|
+
* Requirements: 4.1-4.10
|
|
14
|
+
*/
|
|
15
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
16
|
+
exports.IdentityProofController = void 0;
|
|
17
|
+
const proofPlatform_1 = require("@brightchain/brightchain-lib/lib/enumerations/proofPlatform");
|
|
18
|
+
const verificationStatus_1 = require("@brightchain/brightchain-lib/lib/enumerations/verificationStatus");
|
|
19
|
+
const identity_1 = require("@brightchain/brightchain-lib/lib/services/identity");
|
|
20
|
+
const node_express_suite_1 = require("@digitaldefiance/node-express-suite");
|
|
21
|
+
const errorResponse_1 = require("../../utils/errorResponse");
|
|
22
|
+
const base_1 = require("../base");
|
|
23
|
+
// ─── In-memory proof store (per-controller instance) ────────────────────────
|
|
24
|
+
/**
|
|
25
|
+
* Simple in-memory proof store for managing identity proofs.
|
|
26
|
+
* In production this would be backed by a persistent store.
|
|
27
|
+
*/
|
|
28
|
+
class ProofStore {
|
|
29
|
+
constructor() {
|
|
30
|
+
this.proofs = new Map();
|
|
31
|
+
}
|
|
32
|
+
add(proof) {
|
|
33
|
+
this.proofs.set(proof.id, proof);
|
|
34
|
+
}
|
|
35
|
+
get(id) {
|
|
36
|
+
return this.proofs.get(id);
|
|
37
|
+
}
|
|
38
|
+
listByMember(memberId) {
|
|
39
|
+
const results = [];
|
|
40
|
+
for (const proof of this.proofs.values()) {
|
|
41
|
+
if (proof.memberId === memberId) {
|
|
42
|
+
results.push(proof);
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
return results;
|
|
46
|
+
}
|
|
47
|
+
update(id, updates) {
|
|
48
|
+
const existing = this.proofs.get(id);
|
|
49
|
+
if (!existing)
|
|
50
|
+
return undefined;
|
|
51
|
+
const updated = { ...existing, ...updates };
|
|
52
|
+
this.proofs.set(id, updated);
|
|
53
|
+
return updated;
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
// ─── Controller ─────────────────────────────────────────────────────────────
|
|
57
|
+
/**
|
|
58
|
+
* Controller for identity proof creation, verification, and management.
|
|
59
|
+
*
|
|
60
|
+
* Delegates to {@link IdentityProofService} in brightchain-lib for
|
|
61
|
+
* core cryptographic operations.
|
|
62
|
+
*
|
|
63
|
+
* @requirements 4.1, 4.2, 4.3, 4.4, 4.5, 4.6, 4.7, 4.8, 4.9, 4.10
|
|
64
|
+
*/
|
|
65
|
+
class IdentityProofController extends base_1.BaseController {
|
|
66
|
+
constructor(application) {
|
|
67
|
+
super(application);
|
|
68
|
+
this.eciesService = null;
|
|
69
|
+
this.memberResolver = null;
|
|
70
|
+
this.proofStore = new ProofStore();
|
|
71
|
+
}
|
|
72
|
+
/**
|
|
73
|
+
* Inject the ECIES service for cryptographic operations.
|
|
74
|
+
*/
|
|
75
|
+
setEciesService(service) {
|
|
76
|
+
this.eciesService = service;
|
|
77
|
+
}
|
|
78
|
+
/**
|
|
79
|
+
* Inject a member resolver function that looks up a Member by ID.
|
|
80
|
+
* Required for the create endpoint which needs the member's private key.
|
|
81
|
+
*/
|
|
82
|
+
setMemberResolver(resolver) {
|
|
83
|
+
this.memberResolver = resolver;
|
|
84
|
+
}
|
|
85
|
+
getEciesService() {
|
|
86
|
+
if (!this.eciesService) {
|
|
87
|
+
throw new Error('ECIESService not initialized');
|
|
88
|
+
}
|
|
89
|
+
return this.eciesService;
|
|
90
|
+
}
|
|
91
|
+
resolveMember(memberId) {
|
|
92
|
+
if (!this.memberResolver) {
|
|
93
|
+
throw new Error('Member resolver not initialized');
|
|
94
|
+
}
|
|
95
|
+
const member = this.memberResolver(memberId);
|
|
96
|
+
if (!member) {
|
|
97
|
+
throw new Error(`Member not found: ${memberId}`);
|
|
98
|
+
}
|
|
99
|
+
return member;
|
|
100
|
+
}
|
|
101
|
+
// ─── Route definitions ──────────────────────────────────────────────────
|
|
102
|
+
initRouteDefinitions() {
|
|
103
|
+
const noAuth = {
|
|
104
|
+
useAuthentication: false,
|
|
105
|
+
useCryptoAuthentication: false,
|
|
106
|
+
};
|
|
107
|
+
this.routeDefinitions = [
|
|
108
|
+
(0, node_express_suite_1.routeConfig)('post', '/create', {
|
|
109
|
+
...noAuth,
|
|
110
|
+
handlerKey: 'createProof',
|
|
111
|
+
openapi: {
|
|
112
|
+
summary: 'Create a new identity proof',
|
|
113
|
+
description: 'Signs a statement linking a BrightChain member to an external platform account.',
|
|
114
|
+
tags: ['Identity Proofs'],
|
|
115
|
+
responses: {
|
|
116
|
+
201: {
|
|
117
|
+
schema: 'CreateProofResponse',
|
|
118
|
+
description: 'Proof created successfully',
|
|
119
|
+
},
|
|
120
|
+
400: {
|
|
121
|
+
schema: 'ApiErrorResponse',
|
|
122
|
+
description: 'Invalid platform or missing fields',
|
|
123
|
+
},
|
|
124
|
+
},
|
|
125
|
+
},
|
|
126
|
+
}),
|
|
127
|
+
(0, node_express_suite_1.routeConfig)('post', '/verify', {
|
|
128
|
+
...noAuth,
|
|
129
|
+
handlerKey: 'verifyProof',
|
|
130
|
+
openapi: {
|
|
131
|
+
summary: 'Verify an identity proof signature',
|
|
132
|
+
description: 'Verifies the ECDSA signature of an identity proof against a public key.',
|
|
133
|
+
tags: ['Identity Proofs'],
|
|
134
|
+
responses: {
|
|
135
|
+
200: {
|
|
136
|
+
schema: 'VerifyProofResponse',
|
|
137
|
+
description: 'Verification result',
|
|
138
|
+
},
|
|
139
|
+
400: {
|
|
140
|
+
schema: 'ApiErrorResponse',
|
|
141
|
+
description: 'Missing proof or public key',
|
|
142
|
+
},
|
|
143
|
+
},
|
|
144
|
+
},
|
|
145
|
+
}),
|
|
146
|
+
(0, node_express_suite_1.routeConfig)('post', '/check-url', {
|
|
147
|
+
...noAuth,
|
|
148
|
+
handlerKey: 'checkProofUrl',
|
|
149
|
+
openapi: {
|
|
150
|
+
summary: 'Check a proof URL for the signed statement',
|
|
151
|
+
description: 'Fetches the proof URL and checks that it contains the signed statement.',
|
|
152
|
+
tags: ['Identity Proofs'],
|
|
153
|
+
responses: {
|
|
154
|
+
200: {
|
|
155
|
+
schema: 'CheckProofUrlResponse',
|
|
156
|
+
description: 'URL check result',
|
|
157
|
+
},
|
|
158
|
+
400: {
|
|
159
|
+
schema: 'ApiErrorResponse',
|
|
160
|
+
description: 'Missing proof data',
|
|
161
|
+
},
|
|
162
|
+
},
|
|
163
|
+
},
|
|
164
|
+
}),
|
|
165
|
+
(0, node_express_suite_1.routeConfig)('post', '/:id/revoke', {
|
|
166
|
+
...noAuth,
|
|
167
|
+
handlerKey: 'revokeProof',
|
|
168
|
+
openapi: {
|
|
169
|
+
summary: 'Revoke an identity proof',
|
|
170
|
+
description: 'Marks an identity proof as revoked so it is no longer considered valid.',
|
|
171
|
+
tags: ['Identity Proofs'],
|
|
172
|
+
responses: {
|
|
173
|
+
200: {
|
|
174
|
+
schema: 'RevokeProofResponse',
|
|
175
|
+
description: 'Proof revoked',
|
|
176
|
+
},
|
|
177
|
+
404: {
|
|
178
|
+
schema: 'ApiErrorResponse',
|
|
179
|
+
description: 'Proof not found',
|
|
180
|
+
},
|
|
181
|
+
},
|
|
182
|
+
},
|
|
183
|
+
}),
|
|
184
|
+
(0, node_express_suite_1.routeConfig)('get', '/instructions/:platform', {
|
|
185
|
+
...noAuth,
|
|
186
|
+
handlerKey: 'getInstructions',
|
|
187
|
+
openapi: {
|
|
188
|
+
summary: 'Get platform-specific posting instructions',
|
|
189
|
+
description: 'Returns instructions for posting an identity proof on the specified platform.',
|
|
190
|
+
tags: ['Identity Proofs'],
|
|
191
|
+
responses: {
|
|
192
|
+
200: {
|
|
193
|
+
schema: 'GetInstructionsResponse',
|
|
194
|
+
description: 'Platform instructions',
|
|
195
|
+
},
|
|
196
|
+
},
|
|
197
|
+
},
|
|
198
|
+
}),
|
|
199
|
+
(0, node_express_suite_1.routeConfig)('get', '/list', {
|
|
200
|
+
...noAuth,
|
|
201
|
+
handlerKey: 'listProofs',
|
|
202
|
+
openapi: {
|
|
203
|
+
summary: 'List identity proofs for a member',
|
|
204
|
+
description: 'Returns all identity proofs associated with the specified member.',
|
|
205
|
+
tags: ['Identity Proofs'],
|
|
206
|
+
responses: {
|
|
207
|
+
200: {
|
|
208
|
+
schema: 'ListProofsResponse',
|
|
209
|
+
description: 'List of proofs',
|
|
210
|
+
},
|
|
211
|
+
},
|
|
212
|
+
},
|
|
213
|
+
}),
|
|
214
|
+
];
|
|
215
|
+
this.handlers = {
|
|
216
|
+
createProof: this.handleCreateProof.bind(this),
|
|
217
|
+
verifyProof: this.handleVerifyProof.bind(this),
|
|
218
|
+
checkProofUrl: this.handleCheckProofUrl.bind(this),
|
|
219
|
+
revokeProof: this.handleRevokeProof.bind(this),
|
|
220
|
+
getInstructions: this.handleGetInstructions.bind(this),
|
|
221
|
+
listProofs: this.handleListProofs.bind(this),
|
|
222
|
+
};
|
|
223
|
+
}
|
|
224
|
+
// ─── Handlers ─────────────────────────────────────────────────────────
|
|
225
|
+
/**
|
|
226
|
+
* POST /create — Create a new identity proof.
|
|
227
|
+
*
|
|
228
|
+
* @requirements 4.1, 4.2, 4.3, 4.8
|
|
229
|
+
*/
|
|
230
|
+
async handleCreateProof(req) {
|
|
231
|
+
try {
|
|
232
|
+
const { memberId, platform, username } = req.body;
|
|
233
|
+
if (!memberId || typeof memberId !== 'string') {
|
|
234
|
+
return (0, errorResponse_1.validationError)('Missing required field: memberId');
|
|
235
|
+
}
|
|
236
|
+
if (!platform || typeof platform !== 'string') {
|
|
237
|
+
return (0, errorResponse_1.validationError)('Missing required field: platform');
|
|
238
|
+
}
|
|
239
|
+
if (!Object.values(proofPlatform_1.ProofPlatform).includes(platform)) {
|
|
240
|
+
return (0, errorResponse_1.validationError)(`Invalid platform: ${platform} (expected one of ${Object.values(proofPlatform_1.ProofPlatform).join(', ')})`);
|
|
241
|
+
}
|
|
242
|
+
if (!username || typeof username !== 'string') {
|
|
243
|
+
return (0, errorResponse_1.validationError)('Missing required field: username');
|
|
244
|
+
}
|
|
245
|
+
const member = this.resolveMember(memberId);
|
|
246
|
+
const proof = identity_1.IdentityProofService.create(member, platform, username);
|
|
247
|
+
// Store the proof
|
|
248
|
+
this.proofStore.add(proof);
|
|
249
|
+
const instructions = identity_1.IdentityProofService.getInstructions(platform);
|
|
250
|
+
return {
|
|
251
|
+
statusCode: 201,
|
|
252
|
+
response: {
|
|
253
|
+
status: 'success',
|
|
254
|
+
data: { proof, instructions },
|
|
255
|
+
message: 'Identity proof created successfully',
|
|
256
|
+
},
|
|
257
|
+
};
|
|
258
|
+
}
|
|
259
|
+
catch (error) {
|
|
260
|
+
return this.mapProofError(error);
|
|
261
|
+
}
|
|
262
|
+
}
|
|
263
|
+
/**
|
|
264
|
+
* POST /verify — Verify an identity proof's signature.
|
|
265
|
+
*
|
|
266
|
+
* @requirements 4.4
|
|
267
|
+
*/
|
|
268
|
+
async handleVerifyProof(req) {
|
|
269
|
+
try {
|
|
270
|
+
const { proof, publicKeyHex } = req.body;
|
|
271
|
+
if (!proof || typeof proof !== 'object') {
|
|
272
|
+
return (0, errorResponse_1.validationError)('Missing required field: proof');
|
|
273
|
+
}
|
|
274
|
+
if (!publicKeyHex || typeof publicKeyHex !== 'string') {
|
|
275
|
+
return (0, errorResponse_1.validationError)('Missing required field: publicKeyHex');
|
|
276
|
+
}
|
|
277
|
+
const eciesService = this.getEciesService();
|
|
278
|
+
const publicKeyBytes = Buffer.from(publicKeyHex, 'hex');
|
|
279
|
+
const verified = identity_1.IdentityProofService.verify(proof, publicKeyBytes, eciesService);
|
|
280
|
+
return {
|
|
281
|
+
statusCode: 200,
|
|
282
|
+
response: {
|
|
283
|
+
status: 'success',
|
|
284
|
+
data: { verified, proofId: proof.id },
|
|
285
|
+
message: verified
|
|
286
|
+
? 'Proof signature is valid'
|
|
287
|
+
: 'Proof signature is invalid',
|
|
288
|
+
},
|
|
289
|
+
};
|
|
290
|
+
}
|
|
291
|
+
catch (error) {
|
|
292
|
+
return (0, errorResponse_1.handleError)(error);
|
|
293
|
+
}
|
|
294
|
+
}
|
|
295
|
+
/**
|
|
296
|
+
* POST /check-url — Check if a proof URL contains the signed statement.
|
|
297
|
+
*
|
|
298
|
+
* @requirements 4.6, 4.10
|
|
299
|
+
*/
|
|
300
|
+
async handleCheckProofUrl(req) {
|
|
301
|
+
try {
|
|
302
|
+
const { proof } = req.body;
|
|
303
|
+
if (!proof || typeof proof !== 'object') {
|
|
304
|
+
return (0, errorResponse_1.validationError)('Missing required field: proof');
|
|
305
|
+
}
|
|
306
|
+
if (!proof.proofUrl || typeof proof.proofUrl !== 'string') {
|
|
307
|
+
return (0, errorResponse_1.validationError)('Proof must have a non-empty proofUrl');
|
|
308
|
+
}
|
|
309
|
+
const valid = await identity_1.IdentityProofService.checkProofUrl(proof);
|
|
310
|
+
// Update stored proof verification status if we have it
|
|
311
|
+
if (this.proofStore.get(proof.id)) {
|
|
312
|
+
this.proofStore.update(proof.id, {
|
|
313
|
+
verificationStatus: valid
|
|
314
|
+
? verificationStatus_1.VerificationStatus.VERIFIED
|
|
315
|
+
: verificationStatus_1.VerificationStatus.FAILED,
|
|
316
|
+
verifiedAt: valid ? new Date() : undefined,
|
|
317
|
+
lastCheckedAt: new Date(),
|
|
318
|
+
});
|
|
319
|
+
}
|
|
320
|
+
return {
|
|
321
|
+
statusCode: 200,
|
|
322
|
+
response: {
|
|
323
|
+
status: 'success',
|
|
324
|
+
data: { valid, proofId: proof.id },
|
|
325
|
+
message: valid
|
|
326
|
+
? 'Proof URL contains the signed statement'
|
|
327
|
+
: 'Proof URL does not contain the signed statement',
|
|
328
|
+
},
|
|
329
|
+
};
|
|
330
|
+
}
|
|
331
|
+
catch (error) {
|
|
332
|
+
return (0, errorResponse_1.handleError)(error);
|
|
333
|
+
}
|
|
334
|
+
}
|
|
335
|
+
/**
|
|
336
|
+
* POST /:id/revoke — Revoke an identity proof.
|
|
337
|
+
*
|
|
338
|
+
* @requirements 4.7
|
|
339
|
+
*/
|
|
340
|
+
async handleRevokeProof(req) {
|
|
341
|
+
try {
|
|
342
|
+
const { id } = req.params;
|
|
343
|
+
if (!id) {
|
|
344
|
+
return (0, errorResponse_1.validationError)('Missing required parameter: id');
|
|
345
|
+
}
|
|
346
|
+
const proof = this.proofStore.get(id);
|
|
347
|
+
if (!proof) {
|
|
348
|
+
return (0, errorResponse_1.notFoundError)('IdentityProof', id);
|
|
349
|
+
}
|
|
350
|
+
if (proof.verificationStatus === verificationStatus_1.VerificationStatus.REVOKED) {
|
|
351
|
+
return (0, errorResponse_1.validationError)('Proof is already revoked');
|
|
352
|
+
}
|
|
353
|
+
const revokedAt = new Date();
|
|
354
|
+
this.proofStore.update(id, {
|
|
355
|
+
verificationStatus: verificationStatus_1.VerificationStatus.REVOKED,
|
|
356
|
+
revokedAt,
|
|
357
|
+
});
|
|
358
|
+
return {
|
|
359
|
+
statusCode: 200,
|
|
360
|
+
response: {
|
|
361
|
+
status: 'success',
|
|
362
|
+
data: { revoked: true, revokedAt: revokedAt.toISOString() },
|
|
363
|
+
message: 'Identity proof revoked',
|
|
364
|
+
},
|
|
365
|
+
};
|
|
366
|
+
}
|
|
367
|
+
catch (error) {
|
|
368
|
+
return (0, errorResponse_1.handleError)(error);
|
|
369
|
+
}
|
|
370
|
+
}
|
|
371
|
+
/**
|
|
372
|
+
* GET /instructions/:platform — Get platform-specific posting instructions.
|
|
373
|
+
*
|
|
374
|
+
* @requirements 4.9
|
|
375
|
+
*/
|
|
376
|
+
async handleGetInstructions(req) {
|
|
377
|
+
try {
|
|
378
|
+
const { platform } = req.params;
|
|
379
|
+
if (!platform) {
|
|
380
|
+
return (0, errorResponse_1.validationError)('Missing required parameter: platform');
|
|
381
|
+
}
|
|
382
|
+
const instructions = identity_1.IdentityProofService.getInstructions(platform);
|
|
383
|
+
return {
|
|
384
|
+
statusCode: 200,
|
|
385
|
+
response: {
|
|
386
|
+
status: 'success',
|
|
387
|
+
data: { platform, instructions },
|
|
388
|
+
message: 'Instructions retrieved',
|
|
389
|
+
},
|
|
390
|
+
};
|
|
391
|
+
}
|
|
392
|
+
catch (error) {
|
|
393
|
+
return (0, errorResponse_1.handleError)(error);
|
|
394
|
+
}
|
|
395
|
+
}
|
|
396
|
+
/**
|
|
397
|
+
* GET /list — List identity proofs for a member.
|
|
398
|
+
*
|
|
399
|
+
* @requirements 4.5
|
|
400
|
+
*/
|
|
401
|
+
async handleListProofs(req) {
|
|
402
|
+
try {
|
|
403
|
+
const { memberId } = req.query;
|
|
404
|
+
if (!memberId || typeof memberId !== 'string') {
|
|
405
|
+
return (0, errorResponse_1.validationError)('Missing required query parameter: memberId');
|
|
406
|
+
}
|
|
407
|
+
const proofs = this.proofStore.listByMember(memberId);
|
|
408
|
+
return {
|
|
409
|
+
statusCode: 200,
|
|
410
|
+
response: {
|
|
411
|
+
status: 'success',
|
|
412
|
+
data: proofs,
|
|
413
|
+
message: `Found ${proofs.length} proof(s)`,
|
|
414
|
+
},
|
|
415
|
+
};
|
|
416
|
+
}
|
|
417
|
+
catch (error) {
|
|
418
|
+
return (0, errorResponse_1.handleError)(error);
|
|
419
|
+
}
|
|
420
|
+
}
|
|
421
|
+
// ─── Error mapping ──────────────────────────────────────────────────
|
|
422
|
+
mapProofError(error) {
|
|
423
|
+
if (error instanceof identity_1.UnsupportedPlatformError) {
|
|
424
|
+
return {
|
|
425
|
+
statusCode: 400,
|
|
426
|
+
response: {
|
|
427
|
+
message: error.message,
|
|
428
|
+
error: 'UNSUPPORTED_PLATFORM',
|
|
429
|
+
},
|
|
430
|
+
};
|
|
431
|
+
}
|
|
432
|
+
if (error instanceof identity_1.ProofCreationError) {
|
|
433
|
+
return {
|
|
434
|
+
statusCode: 400,
|
|
435
|
+
response: {
|
|
436
|
+
message: error.message,
|
|
437
|
+
error: 'PROOF_CREATION_FAILED',
|
|
438
|
+
},
|
|
439
|
+
};
|
|
440
|
+
}
|
|
441
|
+
if (error instanceof identity_1.ProofUrlError) {
|
|
442
|
+
return {
|
|
443
|
+
statusCode: 400,
|
|
444
|
+
response: {
|
|
445
|
+
message: error.message,
|
|
446
|
+
error: 'PROOF_URL_ERROR',
|
|
447
|
+
},
|
|
448
|
+
};
|
|
449
|
+
}
|
|
450
|
+
return (0, errorResponse_1.handleError)(error);
|
|
451
|
+
}
|
|
452
|
+
}
|
|
453
|
+
exports.IdentityProofController = IdentityProofController;
|
|
454
|
+
//# sourceMappingURL=identityProofController.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identityProofController.js","sourceRoot":"","sources":["../../../../../../brightchain-api-lib/src/lib/controllers/identity/identityProofController.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;;AAEH,+FAA4F;AAC5F,yGAAsG;AAUtG,iFAK4D;AAG5D,4EAK6C;AAG7C,6DAImC;AACnC,kCAAyC;AA6DzC,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,UAAU;IAAhB;QACmB,WAAM,GAAG,IAAI,GAAG,EAA0B,CAAC;IA8B9D,CAAC;IA5BC,GAAG,CAAC,KAAqB;QACvB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;IACnC,CAAC;IAED,GAAG,CAAC,EAAU;QACZ,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC7B,CAAC;IAED,YAAY,CAAC,QAAgB;QAC3B,MAAM,OAAO,GAAqB,EAAE,CAAC;QACrC,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;YACzC,IAAI,KAAK,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAChC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACtB,CAAC;QACH,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,MAAM,CACJ,EAAU,EACV,OAAgC;QAEhC,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrC,IAAI,CAAC,QAAQ;YAAE,OAAO,SAAS,CAAC;QAChC,MAAM,OAAO,GAAG,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,EAAE,CAAC;QAC5C,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QAC7B,OAAO,OAAO,CAAC;IACjB,CAAC;CACF;AAED,+EAA+E;AAE/E;;;;;;;GAOG;AACH,MAAa,uBAEX,SAAQ,qBAKT;IAOC,YAAY,WAAyC;QACnD,KAAK,CAAC,WAAW,CAAC,CAAC;QAPb,iBAAY,GAA6B,IAAI,CAAC;QAC9C,mBAAc,GAEX,IAAI,CAAC;QACC,eAAU,GAAG,IAAI,UAAU,EAAE,CAAC;IAI/C,CAAC;IAED;;OAEG;IACI,eAAe,CAAC,OAA0B;QAC/C,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC;IAC9B,CAAC;IAED;;;OAGG;IACI,iBAAiB,CACtB,QAAuD;QAEvD,IAAI,CAAC,cAAc,GAAG,QAAQ,CAAC;IACjC,CAAC;IAEO,eAAe;QACrB,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QACD,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAEO,aAAa,CAAC,QAAgB;QACpC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;QACrD,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QAC7C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,qBAAqB,QAAQ,EAAE,CAAC,CAAC;QACnD,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,2EAA2E;IAEjE,oBAAoB;QAC5B,MAAM,MAAM,GAAG;YACb,iBAAiB,EAAE,KAAK;YACxB,uBAAuB,EAAE,KAAK;SAC/B,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG;YACtB,IAAA,gCAAW,EAAC,MAAM,EAAE,SAAS,EAAE;gBAC7B,GAAG,MAAM;gBACT,UAAU,EAAE,aAAa;gBACzB,OAAO,EAAE;oBACP,OAAO,EAAE,6BAA6B;oBACtC,WAAW,EACT,iFAAiF;oBACnF,IAAI,EAAE,CAAC,iBAAiB,CAAC;oBACzB,SAAS,EAAE;wBACT,GAAG,EAAE;4BACH,MAAM,EAAE,qBAAqB;4BAC7B,WAAW,EAAE,4BAA4B;yBAC1C;wBACD,GAAG,EAAE;4BACH,MAAM,EAAE,kBAAkB;4BAC1B,WAAW,EAAE,oCAAoC;yBAClD;qBACF;iBACF;aACF,CAAC;YACF,IAAA,gCAAW,EAAC,MAAM,EAAE,SAAS,EAAE;gBAC7B,GAAG,MAAM;gBACT,UAAU,EAAE,aAAa;gBACzB,OAAO,EAAE;oBACP,OAAO,EAAE,oCAAoC;oBAC7C,WAAW,EACT,yEAAyE;oBAC3E,IAAI,EAAE,CAAC,iBAAiB,CAAC;oBACzB,SAAS,EAAE;wBACT,GAAG,EAAE;4BACH,MAAM,EAAE,qBAAqB;4BAC7B,WAAW,EAAE,qBAAqB;yBACnC;wBACD,GAAG,EAAE;4BACH,MAAM,EAAE,kBAAkB;4BAC1B,WAAW,EAAE,6BAA6B;yBAC3C;qBACF;iBACF;aACF,CAAC;YACF,IAAA,gCAAW,EAAC,MAAM,EAAE,YAAY,EAAE;gBAChC,GAAG,MAAM;gBACT,UAAU,EAAE,eAAe;gBAC3B,OAAO,EAAE;oBACP,OAAO,EAAE,4CAA4C;oBACrD,WAAW,EACT,yEAAyE;oBAC3E,IAAI,EAAE,CAAC,iBAAiB,CAAC;oBACzB,SAAS,EAAE;wBACT,GAAG,EAAE;4BACH,MAAM,EAAE,uBAAuB;4BAC/B,WAAW,EAAE,kBAAkB;yBAChC;wBACD,GAAG,EAAE;4BACH,MAAM,EAAE,kBAAkB;4BAC1B,WAAW,EAAE,oBAAoB;yBAClC;qBACF;iBACF;aACF,CAAC;YACF,IAAA,gCAAW,EAAC,MAAM,EAAE,aAAa,EAAE;gBACjC,GAAG,MAAM;gBACT,UAAU,EAAE,aAAa;gBACzB,OAAO,EAAE;oBACP,OAAO,EAAE,0BAA0B;oBACnC,WAAW,EACT,yEAAyE;oBAC3E,IAAI,EAAE,CAAC,iBAAiB,CAAC;oBACzB,SAAS,EAAE;wBACT,GAAG,EAAE;4BACH,MAAM,EAAE,qBAAqB;4BAC7B,WAAW,EAAE,eAAe;yBAC7B;wBACD,GAAG,EAAE;4BACH,MAAM,EAAE,kBAAkB;4BAC1B,WAAW,EAAE,iBAAiB;yBAC/B;qBACF;iBACF;aACF,CAAC;YACF,IAAA,gCAAW,EAAC,KAAK,EAAE,yBAAyB,EAAE;gBAC5C,GAAG,MAAM;gBACT,UAAU,EAAE,iBAAiB;gBAC7B,OAAO,EAAE;oBACP,OAAO,EAAE,4CAA4C;oBACrD,WAAW,EACT,+EAA+E;oBACjF,IAAI,EAAE,CAAC,iBAAiB,CAAC;oBACzB,SAAS,EAAE;wBACT,GAAG,EAAE;4BACH,MAAM,EAAE,yBAAyB;4BACjC,WAAW,EAAE,uBAAuB;yBACrC;qBACF;iBACF;aACF,CAAC;YACF,IAAA,gCAAW,EAAC,KAAK,EAAE,OAAO,EAAE;gBAC1B,GAAG,MAAM;gBACT,UAAU,EAAE,YAAY;gBACxB,OAAO,EAAE;oBACP,OAAO,EAAE,mCAAmC;oBAC5C,WAAW,EACT,mEAAmE;oBACrE,IAAI,EAAE,CAAC,iBAAiB,CAAC;oBACzB,SAAS,EAAE;wBACT,GAAG,EAAE;4BACH,MAAM,EAAE,oBAAoB;4BAC5B,WAAW,EAAE,gBAAgB;yBAC9B;qBACF;iBACF;aACF,CAAC;SACH,CAAC;QAEF,IAAI,CAAC,QAAQ,GAAG;YACd,WAAW,EAAE,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;YAC9C,WAAW,EAAE,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;YAC9C,aAAa,EAAE,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC;YAClD,WAAW,EAAE,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;YAC9C,eAAe,EAAE,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC;YACtD,UAAU,EAAE,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC;SAC7C,CAAC;IACJ,CAAC;IAED,yEAAyE;IAEzE;;;;OAIG;IACK,KAAK,CAAC,iBAAiB,CAAC,GAAY;QAI1C,IAAI,CAAC;YACH,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAI,GAAuB,CAAC,IAAI,CAAC;YAEvE,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC9C,OAAO,IAAA,+BAAe,EAAC,kCAAkC,CAAC,CAAC;YAC7D,CAAC;YACD,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC9C,OAAO,IAAA,+BAAe,EAAC,kCAAkC,CAAC,CAAC;YAC7D,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,6BAAa,CAAC,CAAC,QAAQ,CAAC,QAAyB,CAAC,EAAE,CAAC;gBACtE,OAAO,IAAA,+BAAe,EACpB,qBAAqB,QAAQ,qBAAqB,MAAM,CAAC,MAAM,CAAC,6BAAa,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAC7F,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC9C,OAAO,IAAA,+BAAe,EAAC,kCAAkC,CAAC,CAAC;YAC7D,CAAC;YAED,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;YAC5C,MAAM,KAAK,GAAG,+BAAoB,CAAC,MAAM,CACvC,MAAM,EACN,QAAyB,EACzB,QAAQ,CACT,CAAC;YAEF,kBAAkB;YAClB,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YAE3B,MAAM,YAAY,GAAG,+BAAoB,CAAC,eAAe,CACvD,QAAyB,CAC1B,CAAC;YAEF,OAAO;gBACL,UAAU,EAAE,GAAG;gBACf,QAAQ,EAAE;oBACR,MAAM,EAAE,SAAS;oBACjB,IAAI,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE;oBAC7B,OAAO,EAAE,qCAAqC;iBAChB;aACjC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,iBAAiB,CAAC,GAAY;QAI1C,IAAI,CAAC;YACH,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,GAAI,GAAuB,CAAC,IAAI,CAAC;YAE9D,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACxC,OAAO,IAAA,+BAAe,EAAC,+BAA+B,CAAC,CAAC;YAC1D,CAAC;YACD,IAAI,CAAC,YAAY,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE,CAAC;gBACtD,OAAO,IAAA,+BAAe,EAAC,sCAAsC,CAAC,CAAC;YACjE,CAAC;YAED,MAAM,YAAY,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;YAC5C,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;YACxD,MAAM,QAAQ,GAAG,+BAAoB,CAAC,MAAM,CAC1C,KAAK,EACL,cAAc,EACd,YAAY,CACb,CAAC;YAEF,OAAO;gBACL,UAAU,EAAE,GAAG;gBACf,QAAQ,EAAE;oBACR,MAAM,EAAE,SAAS;oBACjB,IAAI,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,EAAE;oBACrC,OAAO,EAAE,QAAQ;wBACf,CAAC,CAAC,0BAA0B;wBAC5B,CAAC,CAAC,4BAA4B;iBACF;aACjC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAA,2BAAW,EAAC,KAAK,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,mBAAmB,CAAC,GAAY;QAI5C,IAAI,CAAC;YACH,MAAM,EAAE,KAAK,EAAE,GAAI,GAAyB,CAAC,IAAI,CAAC;YAElD,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACxC,OAAO,IAAA,+BAAe,EAAC,+BAA+B,CAAC,CAAC;YAC1D,CAAC;YACD,IAAI,CAAC,KAAK,CAAC,QAAQ,IAAI,OAAO,KAAK,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC1D,OAAO,IAAA,+BAAe,EAAC,sCAAsC,CAAC,CAAC;YACjE,CAAC;YAED,MAAM,KAAK,GAAG,MAAM,+BAAoB,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;YAE9D,wDAAwD;YACxD,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC;gBAClC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE;oBAC/B,kBAAkB,EAAE,KAAK;wBACvB,CAAC,CAAC,uCAAkB,CAAC,QAAQ;wBAC7B,CAAC,CAAC,uCAAkB,CAAC,MAAM;oBAC7B,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS;oBAC1C,aAAa,EAAE,IAAI,IAAI,EAAE;iBAC1B,CAAC,CAAC;YACL,CAAC;YAED,OAAO;gBACL,UAAU,EAAE,GAAG;gBACf,QAAQ,EAAE;oBACR,MAAM,EAAE,SAAS;oBACjB,IAAI,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,EAAE;oBAClC,OAAO,EAAE,KAAK;wBACZ,CAAC,CAAC,yCAAyC;wBAC3C,CAAC,CAAC,iDAAiD;iBACrB;aACnC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAA,2BAAW,EAAC,KAAK,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,iBAAiB,CAAC,GAAY;QAI1C,IAAI,CAAC;YACH,MAAM,EAAE,EAAE,EAAE,GAAI,GAAqB,CAAC,MAAM,CAAC;YAC7C,IAAI,CAAC,EAAE,EAAE,CAAC;gBACR,OAAO,IAAA,+BAAe,EAAC,gCAAgC,CAAC,CAAC;YAC3D,CAAC;YAED,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACtC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,IAAA,6BAAa,EAAC,eAAe,EAAE,EAAE,CAAC,CAAC;YAC5C,CAAC;YAED,IAAI,KAAK,CAAC,kBAAkB,KAAK,uCAAkB,CAAC,OAAO,EAAE,CAAC;gBAC5D,OAAO,IAAA,+BAAe,EAAC,0BAA0B,CAAC,CAAC;YACrD,CAAC;YAED,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;YAC7B,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,EAAE;gBACzB,kBAAkB,EAAE,uCAAkB,CAAC,OAAO;gBAC9C,SAAS;aACV,CAAC,CAAC;YAEH,OAAO;gBACL,UAAU,EAAE,GAAG;gBACf,QAAQ,EAAE;oBACR,MAAM,EAAE,SAAS;oBACjB,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,WAAW,EAAE,EAAE;oBAC3D,OAAO,EAAE,wBAAwB;iBACH;aACjC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAA,2BAAW,EAAC,KAAK,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,qBAAqB,CAAC,GAAY;QAI9C,IAAI,CAAC;YACH,MAAM,EAAE,QAAQ,EAAE,GAAI,GAAsB,CAAC,MAAM,CAAC;YACpD,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,IAAA,+BAAe,EAAC,sCAAsC,CAAC,CAAC;YACjE,CAAC;YAED,MAAM,YAAY,GAAG,+BAAoB,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;YAEpE,OAAO;gBACL,UAAU,EAAE,GAAG;gBACf,QAAQ,EAAE;oBACR,MAAM,EAAE,SAAS;oBACjB,IAAI,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE;oBAChC,OAAO,EAAE,wBAAwB;iBACC;aACrC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAA,2BAAW,EAAC,KAAK,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,gBAAgB,CAAC,GAAY;QAIzC,IAAI,CAAC;YACH,MAAM,EAAE,QAAQ,EAAE,GAAI,GAAuB,CAAC,KAAK,CAAC;YACpD,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC9C,OAAO,IAAA,+BAAe,EAAC,4CAA4C,CAAC,CAAC;YACvE,CAAC;YAED,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;YAEtD,OAAO;gBACL,UAAU,EAAE,GAAG;gBACf,QAAQ,EAAE;oBACR,MAAM,EAAE,SAAS;oBACjB,IAAI,EAAE,MAAM;oBACZ,OAAO,EAAE,SAAS,MAAM,CAAC,MAAM,WAAW;iBACb;aAChC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAA,2BAAW,EAAC,KAAK,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IAED,uEAAuE;IAE/D,aAAa,CAAC,KAAc;QAIlC,IAAI,KAAK,YAAY,mCAAwB,EAAE,CAAC;YAC9C,OAAO;gBACL,UAAU,EAAE,GAAG;gBACf,QAAQ,EAAE;oBACR,OAAO,EAAE,KAAK,CAAC,OAAO;oBACtB,KAAK,EAAE,sBAAsB;iBAC9B;aACF,CAAC;QACJ,CAAC;QACD,IAAI,KAAK,YAAY,6BAAkB,EAAE,CAAC;YACxC,OAAO;gBACL,UAAU,EAAE,GAAG;gBACf,QAAQ,EAAE;oBACR,OAAO,EAAE,KAAK,CAAC,OAAO;oBACtB,KAAK,EAAE,uBAAuB;iBAC/B;aACF,CAAC;QACJ,CAAC;QACD,IAAI,KAAK,YAAY,wBAAa,EAAE,CAAC;YACnC,OAAO;gBACL,UAAU,EAAE,GAAG;gBACf,QAAQ,EAAE;oBACR,OAAO,EAAE,KAAK,CAAC,OAAO;oBACtB,KAAK,EAAE,iBAAiB;iBACzB;aACF,CAAC;QACJ,CAAC;QACD,OAAO,IAAA,2BAAW,EAAC,KAAK,CAAC,CAAC;IAC5B,CAAC;CACF;AArdD,0DAqdC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../brightchain-api-lib/src/lib/controllers/identity/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAC;AACnC,cAAc,uBAAuB,CAAC;AACtC,cAAc,2BAA2B,CAAC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
const tslib_1 = require("tslib");
|
|
4
|
+
tslib_1.__exportStar(require("./deviceController"), exports);
|
|
5
|
+
tslib_1.__exportStar(require("./directoryController"), exports);
|
|
6
|
+
tslib_1.__exportStar(require("./identityProofController"), exports);
|
|
7
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../brightchain-api-lib/src/lib/controllers/identity/index.ts"],"names":[],"mappings":";;;AAAA,6DAAmC;AACnC,gEAAsC;AACtC,oEAA0C"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/controllers/index.ts"],"names":[],"mappings":"AAAA,cAAc,OAAO,CAAC;AACtB,cAAc,QAAQ,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/controllers/index.ts"],"names":[],"mappings":"AAAA,cAAc,OAAO,CAAC;AACtB,cAAc,QAAQ,CAAC;AACvB,cAAc,UAAU,CAAC;AACzB,cAAc,YAAY,CAAC"}
|
|
@@ -3,4 +3,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
const tslib_1 = require("tslib");
|
|
4
4
|
tslib_1.__exportStar(require("./api"), exports);
|
|
5
5
|
tslib_1.__exportStar(require("./base"), exports);
|
|
6
|
+
tslib_1.__exportStar(require("./crypto"), exports);
|
|
7
|
+
tslib_1.__exportStar(require("./identity"), exports);
|
|
6
8
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/controllers/index.ts"],"names":[],"mappings":";;;AAAA,gDAAsB;AACtB,iDAAuB"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/controllers/index.ts"],"names":[],"mappings":";;;AAAA,gDAAsB;AACtB,iDAAuB;AACvB,mDAAyB;AACzB,qDAA2B"}
|
|
@@ -0,0 +1,87 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Encrypted Metadata Service — handles metadata encryption/decryption
|
|
3
|
+
* for CBL Index entries in encrypted pools.
|
|
4
|
+
*
|
|
5
|
+
* Controls which metadata fields remain searchable (unencrypted) based
|
|
6
|
+
* on pool configuration, encrypts the rest, and enforces query restrictions
|
|
7
|
+
* on encrypted fields.
|
|
8
|
+
*
|
|
9
|
+
* @see Requirements 16.1, 16.2, 16.3, 16.4, 16.5
|
|
10
|
+
*/
|
|
11
|
+
import type { ICBLIndexEntry, IPoolEncryptionConfig } from '@brightchain/brightchain-lib';
|
|
12
|
+
import { PoolEncryptionService } from './poolEncryptionService';
|
|
13
|
+
export declare class EncryptedMetadataService {
|
|
14
|
+
private readonly encryptionService;
|
|
15
|
+
private readonly config;
|
|
16
|
+
constructor(encryptionService: PoolEncryptionService, config: IPoolEncryptionConfig);
|
|
17
|
+
/**
|
|
18
|
+
* Encrypt non-searchable metadata fields on a CBL index entry.
|
|
19
|
+
*
|
|
20
|
+
* Fields listed in ALWAYS_UNENCRYPTED_FIELDS are never encrypted.
|
|
21
|
+
* Fields listed in ENCRYPTABLE_FIELDS are encrypted unless they appear
|
|
22
|
+
* in the pool config's searchableMetadataFields.
|
|
23
|
+
*
|
|
24
|
+
* Encrypted values are stored as base64 strings in the entry's
|
|
25
|
+
* `encryptedFields` map, and the original fields are set to undefined.
|
|
26
|
+
*
|
|
27
|
+
* @param entry - The CBL index entry to encrypt
|
|
28
|
+
* @param poolKey - The 32-byte symmetric pool key for AES-256-GCM encryption
|
|
29
|
+
* @returns A new entry with non-searchable fields encrypted
|
|
30
|
+
* @see Requirements 16.1, 16.3
|
|
31
|
+
*/
|
|
32
|
+
encryptMetadata(entry: ICBLIndexEntry, poolKey: Uint8Array): Promise<ICBLIndexEntry>;
|
|
33
|
+
/**
|
|
34
|
+
* Decrypt encrypted metadata fields on a CBL index entry,
|
|
35
|
+
* restoring original field values from the `encryptedFields` map.
|
|
36
|
+
*
|
|
37
|
+
* @param entry - The CBL index entry with encrypted fields
|
|
38
|
+
* @param poolKey - The 32-byte symmetric pool key for AES-256-GCM decryption
|
|
39
|
+
* @returns A new entry with all fields decrypted and restored
|
|
40
|
+
*/
|
|
41
|
+
decryptMetadata(entry: ICBLIndexEntry, poolKey: Uint8Array): Promise<ICBLIndexEntry>;
|
|
42
|
+
/**
|
|
43
|
+
* Validate that queried fields are searchable (not encrypted).
|
|
44
|
+
* Throws EncryptedFieldError if any queried field is encrypted.
|
|
45
|
+
*
|
|
46
|
+
* @param queryFields - Field names being queried
|
|
47
|
+
* @throws EncryptedFieldError if a queried field is encrypted
|
|
48
|
+
* @see Requirement 16.5
|
|
49
|
+
*/
|
|
50
|
+
validateQuery(queryFields: string[]): void;
|
|
51
|
+
/**
|
|
52
|
+
* Returns false if the pool has any encryption mode other than None.
|
|
53
|
+
* Content-based indexing and CBL address extraction are not possible
|
|
54
|
+
* on encrypted blocks because the block content is opaque.
|
|
55
|
+
*
|
|
56
|
+
* @returns Whether content-based indexing is allowed
|
|
57
|
+
* @see Requirement 16.4
|
|
58
|
+
*/
|
|
59
|
+
isContentIndexingAllowed(): boolean;
|
|
60
|
+
/**
|
|
61
|
+
* Returns the list of always-unencrypted fields plus the configured
|
|
62
|
+
* searchable metadata fields.
|
|
63
|
+
*
|
|
64
|
+
* @returns All searchable (unencrypted) field names
|
|
65
|
+
* @see Requirement 16.1
|
|
66
|
+
*/
|
|
67
|
+
getSearchableFields(): string[];
|
|
68
|
+
/**
|
|
69
|
+
* Check if a field path is searchable (always unencrypted or in config).
|
|
70
|
+
*/
|
|
71
|
+
private isSearchable;
|
|
72
|
+
/**
|
|
73
|
+
* Get a field value from an entry by dot-notation path.
|
|
74
|
+
*/
|
|
75
|
+
private getFieldValue;
|
|
76
|
+
/**
|
|
77
|
+
* Clear a field value on an entry by dot-notation path (set to undefined).
|
|
78
|
+
*/
|
|
79
|
+
private clearFieldValue;
|
|
80
|
+
/**
|
|
81
|
+
* Set a field value on an entry by dot-notation path.
|
|
82
|
+
*/
|
|
83
|
+
private setFieldValue;
|
|
84
|
+
private uint8ArrayToBase64;
|
|
85
|
+
private base64ToUint8Array;
|
|
86
|
+
}
|
|
87
|
+
//# sourceMappingURL=encryptedMetadataService.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"encryptedMetadataService.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/encryption/encryptedMetadataService.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EACV,cAAc,EACd,qBAAqB,EACtB,MAAM,8BAA8B,CAAC;AAGtC,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAsChE,qBAAa,wBAAwB;IACnC,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAwB;IAC1D,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAwB;gBAG7C,iBAAiB,EAAE,qBAAqB,EACxC,MAAM,EAAE,qBAAqB;IAM/B;;;;;;;;;;;;;;OAcG;IACG,eAAe,CACnB,KAAK,EAAE,cAAc,EACrB,OAAO,EAAE,UAAU,GAClB,OAAO,CAAC,cAAc,CAAC;IAsC1B;;;;;;;OAOG;IACG,eAAe,CACnB,KAAK,EAAE,cAAc,EACrB,OAAO,EAAE,UAAU,GAClB,OAAO,CAAC,cAAc,CAAC;IAgC1B;;;;;;;OAOG;IACH,aAAa,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,IAAI;IAS1C;;;;;;;OAOG;IACH,wBAAwB,IAAI,OAAO;IAInC;;;;;;OAMG;IACH,mBAAmB,IAAI,MAAM,EAAE;IAS/B;;OAEG;IACH,OAAO,CAAC,YAAY;IAOpB;;OAEG;IACH,OAAO,CAAC,aAAa;IAWrB;;OAEG;IACH,OAAO,CAAC,eAAe;IAavB;;OAEG;IACH,OAAO,CAAC,aAAa;IAgBrB,OAAO,CAAC,kBAAkB;IAI1B,OAAO,CAAC,kBAAkB;CAG3B"}
|