@bsb/config-vault 0.0.1

package/README.md

@@ -0,0 +1,49 @@
+# BSB Vault
+
+`@bsb/config-vault` provides **Vault**, a secure managed configuration service for BSB.
+
+It contains two plugins:
+
+- `service-config-vault`: h3 + Postgres admin UI/API.
+- `config-vault`: BSB config plugin that loads the latest active published config from Vault.
+
+Runtime containers do not choose applications, groups, profiles, or versions. The Vault API key is bound server-side to an application, service group, deployment profile, and config plugin id.
+
+## Runtime
+
+```yaml
+config-vault:
+  plugin: config-vault
+  package: "@bsb/config-vault"
+  enabled: true
+  config:
+    vaultUrl: https://vault.example.com
+    apiKeyId: vk_xxx
+    apiSecret: vs_xxx
+```
+
+When a container restarts, it pulls the active published version for the API key's bound deployment profile.
+
+## Service
+
+```yaml
+service-config-vault:
+  plugin: service-config-vault
+  package: "@bsb/config-vault"
+  enabled: true
+  config:
+    host: 0.0.0.0
+    port: 8080
+    publicUrl: https://vault.example.com
+    production: true
+    databaseUrl: postgres://vault:secret@postgres:5432/vault
+    masterKey: BASE64_32_BYTE_KEY
+```
+
+`masterKey` must be a base64 encoded 32-byte key. Generate one with:
+
+```bash
+node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"
+```
+
+Keep the value stable. If the key changes, Vault cannot decrypt configs already stored in Postgres.

package/bsb-plugin.json

@@ -0,0 +1,40 @@
+{
+  "nodejs": [
+    {
+      "id": "config-vault",
+      "name": "config-vault",
+      "basePath": "./",
+      "description": "Managed BSB config plugin that loads latest active config from Vault",
+      "tags": [
+        "vault",
+        "config",
+        "managed",
+        "runtime"
+      ],
+      "documentation": [
+        "./docs/config-vault.md"
+      ],
+      "pluginPath": "src/plugins/config-vault/",
+      "image": "../../../docs/public/assets/images/bsb-logo.png"
+    },
+    {
+      "id": "service-config-vault",
+      "name": "Vault",
+      "basePath": "./",
+      "description": "Secure BSB managed configuration service with Postgres, admin UI, plugin catalog, and runtime API keys",
+      "tags": [
+        "vault",
+        "config",
+        "security",
+        "postgres",
+        "h3",
+        "admin-ui"
+      ],
+      "documentation": [
+        "./docs/service-config-vault.md"
+      ],
+      "pluginPath": "src/plugins/service-config-vault/",
+      "image": "../../../docs/public/assets/images/bsb-logo.png"
+    }
+  ]
+}

package/lib/index.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=index.d.ts.map

package/lib/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC"}

package/lib/index.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=index.js.map

package/lib/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":""}

package/lib/plugins/config-vault/index.d.ts

@@ -0,0 +1,39 @@
+import * as av from 'anyvali';
+import { BSBConfig, type BSBConfigConstructor, type EventsConfig, type Observable, type ObservableConfig, type PluginDefinition, type PluginType } from '@bsb/base';
+export declare const Config: import("@bsb/base").BSBPluginConfigClass<av.ObjectSchema<{
+    vaultUrl: av.StringSchema;
+    apiKeyId: av.StringSchema;
+    apiSecret: av.StringSchema;
+    timeoutMs: av.Int32Schema;
+    allowInsecureHttp: av.BoolSchema;
+}>>;
+export declare class Plugin extends BSBConfig<InstanceType<typeof Config>> {
+    static Config: import("@bsb/base").BSBPluginConfigClass<av.ObjectSchema<{
+        vaultUrl: av.StringSchema;
+        apiKeyId: av.StringSchema;
+        apiSecret: av.StringSchema;
+        timeoutMs: av.Int32Schema;
+        allowInsecureHttp: av.BoolSchema;
+    }>>;
+    private appConfig;
+    private deploymentProfile;
+    constructor(config: BSBConfigConstructor<InstanceType<typeof Config>>);
+    init(obs: Observable): Promise<void>;
+    getServicePluginDefinition(obs: Observable, pluginName: string): Promise<{
+        name: string;
+        enabled: boolean;
+    }>;
+    getObservablePlugins(_obs: Observable): Promise<Record<string, ObservableConfig>>;
+    getEventsPlugins(_obs: Observable): Promise<Record<string, EventsConfig>>;
+    getServicePlugins(obs: Observable): Promise<Record<string, PluginDefinition>>;
+    getPluginConfig(_obs: Observable, pluginType: PluginType, plugin: string): Promise<object | null>;
+    getPlugins(): Promise<{
+        npmPackage: string | undefined | null;
+        plugin: string;
+        name: string;
+        enabled: boolean;
+    }[]>;
+    dispose(): void;
+    private getRequiredServices;
+}
+//# sourceMappingURL=index.d.ts.map

package/lib/plugins/config-vault/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/plugins/config-vault/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EACL,SAAS,EACT,KAAK,oBAAoB,EAEzB,KAAK,YAAY,EACjB,KAAK,UAAU,EACf,KAAK,gBAAgB,EACrB,KAAK,gBAAgB,EACrB,KAAK,UAAU,EAIhB,MAAM,WAAW,CAAC;AAWnB,eAAO,MAAM,MAAM;;;;;;GASlB,CAAC;AAUF,qBAAa,MAAO,SAAQ,SAAS,CAAC,YAAY,CAAC,OAAO,MAAM,CAAC,CAAC;IAChE,MAAM,CAAC,MAAM;;;;;;QAAU;IAEvB,OAAO,CAAC,SAAS,CAAsB;IACvC,OAAO,CAAC,iBAAiB,CAAa;gBAE1B,MAAM,EAAE,oBAAoB,CAAC,YAAY,CAAC,OAAO,MAAM,CAAC,CAAC;IAI/D,IAAI,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IA0DpC,0BAA0B,CAC9B,GAAG,EAAE,UAAU,EACf,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAexC,oBAAoB,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;IAIjF,gBAAgB,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;IAIzE,iBAAiB,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;IAI7E,eAAe,CACnB,IAAI,EAAE,UAAU,EAChB,UAAU,EAAE,UAAU,EACtB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IASnB,UAAU,IAAI,OAAO,CAAC;QAAE,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,OAAO,CAAA;KAAE,EAAE,CAAC;IAUxH,OAAO,IAAI,IAAI;IAIf,OAAO,CAAC,mBAAmB;CAY5B"}

package/lib/plugins/config-vault/index.js

@@ -0,0 +1,175 @@
+import * as av from 'anyvali';
+import { BSBConfig, BSBError, PluginTypes, Tools, createConfigSchema, } from '@bsb/base';
+const ConfigSchema = av.object({
+    vaultUrl: av.string().minLength(1).describe('Vault service base URL'),
+    apiKeyId: av.string().minLength(1).describe('Vault runtime API key id'),
+    apiSecret: av.string().minLength(1).describe('Vault runtime API secret'),
+    timeoutMs: av.int32().min(1000).default(5000).describe('Vault HTTP request timeout in milliseconds'),
+    allowInsecureHttp: av.bool().default(false).describe('Allow http:// Vault URLs for local development only'),
+}).describe('Vault config plugin settings');
+export const Config = createConfigSchema({
+    name: 'config-vault',
+    description: 'Managed BSB config plugin that loads latest active config from Vault',
+    image: '../../../docs/public/assets/images/bsb-logo.png',
+    tags: ['vault', 'config', 'managed', 'runtime'],
+    documentation: ['./docs/config-vault.md'],
+}, ConfigSchema);
+export class Plugin extends BSBConfig {
+    static Config = Config;
+    appConfig;
+    deploymentProfile = 'default';
+    constructor(config) {
+        super(config);
+    }
+    async init(obs) {
+        const url = new URL('/runtime/config', this.config.vaultUrl);
+        if (url.protocol !== 'https:' && !this.config.allowInsecureHttp) {
+            throw new BSBError(obs.trace, 'config-vault requires https Vault URLs unless allowInsecureHttp is true');
+        }
+        const controller = new AbortController();
+        const timeout = setTimeout(() => controller.abort(), this.config.timeoutMs);
+        let response;
+        try {
+            response = await fetch(url, {
+                method: 'GET',
+                headers: {
+                    'x-vault-key-id': this.config.apiKeyId,
+                    'x-vault-secret': this.config.apiSecret,
+                },
+                signal: controller.signal,
+            });
+        }
+        catch (error) {
+            throw new BSBError(obs.trace, 'Failed to fetch Vault config: {error}', {
+                error: error instanceof Error ? error.message : String(error),
+            });
+        }
+        finally {
+            clearTimeout(timeout);
+        }
+        if (!response.ok) {
+            throw new BSBError(obs.trace, 'Vault config fetch failed with HTTP {status}', {
+                status: response.status,
+            });
+        }
+        const parsed = await response.json();
+        const resolved = parseRuntimeResolve(parsed, obs);
+        this.deploymentProfile = resolved.profile;
+        this.appConfig = resolved.config;
+        if (Tools.isNullOrUndefined(this.appConfig[this.deploymentProfile])) {
+            throw new BSBError(obs.trace, 'Vault returned no config for deployment profile ({deploymentProfile})', {
+                deploymentProfile: this.deploymentProfile,
+            });
+        }
+        this.appConfig[this.deploymentProfile] = {
+            observable: {},
+            events: {},
+            services: {},
+            ...this.appConfig[this.deploymentProfile],
+        };
+        this.getRequiredServices(obs);
+        obs.log.info('Loaded Vault config {application}/{group}/{profile}@{version}', {
+            application: resolved.application,
+            group: resolved.group,
+            profile: resolved.profile,
+            version: resolved.version,
+        });
+    }
+    async getServicePluginDefinition(obs, pluginName) {
+        const services = this.appConfig[this.deploymentProfile].services ?? {};
+        const keydWithMap = Object.keys(services).map((key) => ({
+            mappedName: key,
+            ...services[key],
+        }));
+        const enabledPlugin = keydWithMap.find((plugin) => plugin.plugin === pluginName && plugin.enabled === true);
+        if (enabledPlugin)
+            return { name: enabledPlugin.mappedName, enabled: enabledPlugin.enabled };
+        const plugin = keydWithMap.find((item) => item.plugin === pluginName);
+        if (plugin)
+            return { name: plugin.mappedName, enabled: plugin.enabled };
+        throw new BSBError(obs.trace, 'Cannot find the plugin {plugin} in the Vault config', {
+            plugin: pluginName,
+        });
+    }
+    async getObservablePlugins(_obs) {
+        return mapEnabledPlugins(this.appConfig[this.deploymentProfile].observable ?? {});
+    }
+    async getEventsPlugins(_obs) {
+        return mapEnabledPlugins(this.appConfig[this.deploymentProfile].events ?? {});
+    }
+    async getServicePlugins(obs) {
+        return mapEnabledPlugins(this.getRequiredServices(obs));
+    }
+    async getPluginConfig(_obs, pluginType, plugin) {
+        if (pluginType === PluginTypes.config)
+            return null;
+        let configKey = 'services';
+        if (pluginType === PluginTypes.events)
+            configKey = 'events';
+        if (pluginType === PluginTypes.observable)
+            configKey = 'observable';
+        const pluginConfig = this.appConfig[this.deploymentProfile][configKey]?.[plugin]?.config;
+        return Tools.isNullOrUndefined(pluginConfig) ? {} : pluginConfig;
+    }
+    async getPlugins() {
+        const services = this.getRequiredServices();
+        return Object.keys(services).map((name) => ({
+            npmPackage: services[name].package,
+            plugin: services[name].plugin,
+            name,
+            enabled: services[name].enabled === true,
+        }));
+    }
+    dispose() {
+        this.appConfig = undefined;
+    }
+    getRequiredServices(obs) {
+        const services = this.appConfig[this.deploymentProfile].services ?? {};
+        const enabledServices = Object.keys(services).filter((key) => services[key].enabled === true);
+        if (enabledServices.length === 0) {
+            const message = 'No enabled service plugins found in Vault deployment profile ({deploymentProfile}); at least one service is required.';
+            if (obs) {
+                throw new BSBError(obs.trace, message, { deploymentProfile: this.deploymentProfile });
+            }
+            throw new Error(message.replace('{deploymentProfile}', this.deploymentProfile));
+        }
+        return services;
+    }
+}
+function mapEnabledPlugins(plugins) {
+    return Object.keys(plugins)
+        .filter((key) => plugins[key].enabled === true)
+        .reduce((acc, key) => {
+        acc[key] = {
+            version: plugins[key].version,
+            plugin: plugins[key].plugin,
+            package: plugins[key].package,
+            enabled: plugins[key].enabled,
+            filter: plugins[key].filter,
+        };
+        return acc;
+    }, {});
+}
+function parseRuntimeResolve(input, obs) {
+    if (typeof input !== 'object' || input === null || Array.isArray(input)) {
+        throw new BSBError(obs.trace, 'Invalid Vault response: expected object');
+    }
+    const value = input;
+    if (typeof value.profile !== 'string' || typeof value.application !== 'string' || typeof value.group !== 'string') {
+        throw new BSBError(obs.trace, 'Invalid Vault response: missing application, group, or profile');
+    }
+    if (typeof value.version !== 'number') {
+        throw new BSBError(obs.trace, 'Invalid Vault response: missing numeric version');
+    }
+    if (typeof value.config !== 'object' || value.config === null || Array.isArray(value.config)) {
+        throw new BSBError(obs.trace, 'Invalid Vault response: missing config object');
+    }
+    return {
+        application: value.application,
+        group: value.group,
+        profile: value.profile,
+        version: value.version,
+        config: value.config,
+    };
+}
+//# sourceMappingURL=index.js.map

package/lib/plugins/config-vault/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/plugins/config-vault/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EACL,SAAS,EAET,QAAQ,EAMR,WAAW,EACX,KAAK,EACL,kBAAkB,GACnB,MAAM,WAAW,CAAC;AAGnB,MAAM,YAAY,GAAG,EAAE,CAAC,MAAM,CAAC;IAC7B,QAAQ,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,wBAAwB,CAAC;IACrE,QAAQ,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,0BAA0B,CAAC;IACvE,SAAS,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,0BAA0B,CAAC;IACxE,SAAS,EAAE,EAAE,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,4CAA4C,CAAC;IACpG,iBAAiB,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,qDAAqD,CAAC;CAC5G,CAAC,CAAC,QAAQ,CAAC,8BAA8B,CAAC,CAAC;AAE5C,MAAM,CAAC,MAAM,MAAM,GAAG,kBAAkB,CACtC;IACE,IAAI,EAAE,cAAc;IACpB,WAAW,EAAE,sEAAsE;IACnF,KAAK,EAAE,iDAAiD;IACxD,IAAI,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,CAAC;IAC/C,aAAa,EAAE,CAAC,wBAAwB,CAAC;CAC1C,EACD,YAAY,CACb,CAAC;AAUF,MAAM,OAAO,MAAO,SAAQ,SAAsC;IAChE,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC;IAEf,SAAS,CAAsB;IAC/B,iBAAiB,GAAG,SAAS,CAAC;IAEtC,YAAY,MAAyD;QACnE,KAAK,CAAC,MAAM,CAAC,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,GAAe;QACxB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC7D,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;YAChE,MAAM,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,yEAAyE,CAAC,CAAC;QAC3G,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5E,IAAI,QAAkB,CAAC;QACvB,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBAC1B,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE;oBACP,gBAAgB,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBACtC,gBAAgB,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;iBACxC;gBACD,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,uCAAuC,EAAE;gBACrE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC9D,CAAC,CAAC;QACL,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,OAAO,CAAC,CAAC;QACxB,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,8CAA8C,EAAE;gBAC5E,MAAM,EAAE,QAAQ,CAAC,MAAM;aACxB,CAAC,CAAC;QACL,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAa,CAAC;QAChD,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAClD,IAAI,CAAC,iBAAiB,GAAG,QAAQ,CAAC,OAAO,CAAC;QAC1C,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC;QAEjC,IAAI,KAAK,CAAC,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,EAAE,CAAC;YACpE,MAAM,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,uEAAuE,EAAE;gBACrG,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;aAC1C,CAAC,CAAC;QACL,CAAC;QAED,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG;YACvC,UAAU,EAAE,EAAE;YACd,MAAM,EAAE,EAAE;YACV,QAAQ,EAAE,EAAE;YACZ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC;SAC1C,CAAC;QACF,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC;QAC9B,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,+DAA+D,EAAE;YAC5E,WAAW,EAAE,QAAQ,CAAC,WAAW;YACjC,KAAK,EAAE,QAAQ,CAAC,KAAK;YACrB,OAAO,EAAE,QAAQ,CAAC,OAAO;YACzB,OAAO,EAAE,QAAQ,CAAC,OAAO;SAC1B,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,0BAA0B,CAC9B,GAAe,EACf,UAAkB;QAElB,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,QAAQ,IAAI,EAAE,CAAC;QACvE,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACtD,UAAU,EAAE,GAAG;YACf,GAAG,QAAQ,CAAC,GAAG,CAAC;SACjB,CAAC,CAAC,CAAC;QACJ,MAAM,aAAa,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,KAAK,UAAU,IAAI,MAAM,CAAC,OAAO,KAAK,IAAI,CAAC,CAAC;QAC5G,IAAI,aAAa;YAAE,OAAO,EAAE,IAAI,EAAE,aAAa,CAAC,UAAU,EAAE,OAAO,EAAE,aAAa,CAAC,OAAO,EAAE,CAAC;QAC7F,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC;QACtE,IAAI,MAAM;YAAE,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC;QACxE,MAAM,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,qDAAqD,EAAE;YACnF,MAAM,EAAE,UAAU;SACnB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,IAAgB;QACzC,OAAO,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC;IACpF,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,IAAgB;QACrC,OAAO,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;IAChF,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,GAAe;QACrC,OAAO,iBAAiB,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1D,CAAC;IAED,KAAK,CAAC,eAAe,CACnB,IAAgB,EAChB,UAAsB,EACtB,MAAc;QAEd,IAAI,UAAU,KAAK,WAAW,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QACnD,IAAI,SAAS,GAAyC,UAAU,CAAC;QACjE,IAAI,UAAU,KAAK,WAAW,CAAC,MAAM;YAAE,SAAS,GAAG,QAAQ,CAAC;QAC5D,IAAI,UAAU,KAAK,WAAW,CAAC,UAAU;YAAE,SAAS,GAAG,YAAY,CAAC;QACpE,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,SAAS,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;QACzF,OAAO,KAAK,CAAC,iBAAiB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC;IACnE,CAAC;IAED,KAAK,CAAC,UAAU;QACd,MAAM,QAAQ,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC5C,OAAO,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YAC1C,UAAU,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO;YAClC,MAAM,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,MAAM;YAC7B,IAAI;YACJ,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,KAAK,IAAI;SACzC,CAAC,CAAC,CAAC;IACN,CAAC;IAED,OAAO;QACL,IAAI,CAAC,SAAS,GAAG,SAAU,CAAC;IAC9B,CAAC;IAEO,mBAAmB,CAAC,GAAgB;QAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,QAAQ,IAAI,EAAE,CAAC;QACvE,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,KAAK,IAAI,CAAC,CAAC;QAC9F,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjC,MAAM,OAAO,GAAG,uHAAuH,CAAC;YACxI,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE,iBAAiB,EAAE,IAAI,CAAC,iBAAiB,EAAE,CAAC,CAAC;YACxF,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,qBAAqB,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;QAClF,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;;AAGH,SAAS,iBAAiB,CACxB,OAAgD;IAEhD,OAAO,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC;SACxB,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,OAAO,KAAK,IAAI,CAAC;SAC9C,MAAM,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACnB,GAAG,CAAC,GAAG,CAAC,GAAG;YACT,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,OAAO;YAC7B,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM;YAC3B,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,OAAO;YAC7B,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,OAAO;YAC7B,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM;SACvB,CAAC;QACP,OAAO,GAAG,CAAC;IACb,CAAC,EAAE,EAAuB,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,mBAAmB,CAAC,KAAc,EAAE,GAAe;IAC1D,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACxE,MAAM,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,yCAAyC,CAAC,CAAC;IAC3E,CAAC;IACD,MAAM,KAAK,GAAG,KAAgC,CAAC;IAC/C,IAAI,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,IAAI,OAAO,KAAK,CAAC,WAAW,KAAK,QAAQ,IAAI,OAAO,KAAK,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QAClH,MAAM,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,gEAAgE,CAAC,CAAC;IAClG,CAAC;IACD,IAAI,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;QACtC,MAAM,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,iDAAiD,CAAC,CAAC;IACnF,CAAC;IACD,IAAI,OAAO,KAAK,CAAC,MAAM,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7F,MAAM,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,+CAA+C,CAAC,CAAC;IACjF,CAAC;IACD,OAAO;QACL,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,MAAM,EAAE,KAAK,CAAC,MAA4B;KAC3C,CAAC;AACJ,CAAC"}

package/lib/plugins/service-config-vault/crypto.d.ts

@@ -0,0 +1,17 @@
+export interface EncryptedPayload {
+    encryptedPayload: string;
+    iv: string;
+    authTag: string;
+    keyVersion: string;
+}
+export declare function newId(): string;
+export declare function newToken(bytes?: number): string;
+export declare function loadMasterKey(raw: string): Buffer;
+export declare function hashSecret(secret: string): Promise<string>;
+export declare function verifySecret(secret: string, hash: string): Promise<boolean>;
+export declare function encryptJson(value: unknown, key: Buffer, keyVersion?: string): EncryptedPayload;
+export declare function decryptJson<T>(payload: EncryptedPayload, key: Buffer): T;
+export declare function createTotpSecret(): string;
+export declare function verifyTotp(secret: string, code: string, now?: number): boolean;
+export declare function generateTotp(secret: string, step?: number): string;
+//# sourceMappingURL=crypto.d.ts.map

package/lib/plugins/service-config-vault/crypto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../../src/plugins/service-config-vault/crypto.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,gBAAgB;IAC/B,gBAAgB,EAAE,MAAM,CAAC;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,wBAAgB,KAAK,IAAI,MAAM,CAE9B;AAED,wBAAgB,QAAQ,CAAC,KAAK,SAAK,GAAG,MAAM,CAE3C;AAED,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAMjD;AAED,wBAAsB,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAIhE;AAED,wBAAsB,YAAY,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAOjF;AAED,wBAAgB,WAAW,CAAC,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,SAAO,GAAG,gBAAgB,CAa5F;AAED,wBAAgB,WAAW,CAAC,CAAC,EAAE,OAAO,EAAE,gBAAgB,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,CAQxE;AAED,wBAAgB,gBAAgB,IAAI,MAAM,CAEzC;AAED,wBAAgB,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,SAAa,GAAG,OAAO,CAKlF;AAED,wBAAgB,YAAY,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,SAAiC,GAAG,MAAM,CAW1F"}

package/lib/plugins/service-config-vault/crypto.js

@@ -0,0 +1,76 @@
+import { createCipheriv, createDecipheriv, randomBytes, randomUUID, scrypt as scryptCb, timingSafeEqual, createHmac } from 'node:crypto';
+import { promisify } from 'node:util';
+const scrypt = promisify(scryptCb);
+export function newId() {
+    return randomUUID();
+}
+export function newToken(bytes = 32) {
+    return randomBytes(bytes).toString('base64url');
+}
+export function loadMasterKey(raw) {
+    const key = Buffer.from(raw, 'base64');
+    if (key.length !== 32) {
+        throw new Error('CONFIG_VAULT_MASTER_KEY must be a base64 encoded 32-byte key');
+    }
+    return key;
+}
+export async function hashSecret(secret) {
+    const salt = randomBytes(16);
+    const derived = await scrypt(secret, salt, 64);
+    return `scrypt$${salt.toString('base64url')}$${derived.toString('base64url')}`;
+}
+export async function verifySecret(secret, hash) {
+    const parts = hash.split('$');
+    if (parts.length !== 3 || parts[0] !== 'scrypt')
+        return false;
+    const salt = Buffer.from(parts[1], 'base64url');
+    const expected = Buffer.from(parts[2], 'base64url');
+    const actual = await scrypt(secret, salt, expected.length);
+    return actual.length === expected.length && timingSafeEqual(actual, expected);
+}
+export function encryptJson(value, key, keyVersion = 'v1') {
+    const iv = randomBytes(12);
+    const cipher = createCipheriv('aes-256-gcm', key, iv);
+    const encrypted = Buffer.concat([
+        cipher.update(JSON.stringify(value), 'utf8'),
+        cipher.final(),
+    ]);
+    return {
+        encryptedPayload: encrypted.toString('base64url'),
+        iv: iv.toString('base64url'),
+        authTag: cipher.getAuthTag().toString('base64url'),
+        keyVersion,
+    };
+}
+export function decryptJson(payload, key) {
+    const decipher = createDecipheriv('aes-256-gcm', key, Buffer.from(payload.iv, 'base64url'));
+    decipher.setAuthTag(Buffer.from(payload.authTag, 'base64url'));
+    const decrypted = Buffer.concat([
+        decipher.update(Buffer.from(payload.encryptedPayload, 'base64url')),
+        decipher.final(),
+    ]);
+    return JSON.parse(decrypted.toString('utf8'));
+}
+export function createTotpSecret() {
+    return randomBytes(20).toString('base64url');
+}
+export function verifyTotp(secret, code, now = Date.now()) {
+    const cleaned = code.replace(/\s+/g, '');
+    if (!/^\d{6}$/.test(cleaned))
+        return false;
+    const step = Math.floor(now / 30000);
+    return [-1, 0, 1].some((offset) => generateTotp(secret, step + offset) === cleaned);
+}
+export function generateTotp(secret, step = Math.floor(Date.now() / 30000)) {
+    const key = Buffer.from(secret, 'base64url');
+    const counter = Buffer.alloc(8);
+    counter.writeBigInt64BE(BigInt(step));
+    const hmac = createHmac('sha1', key).update(counter).digest();
+    const offset = hmac[hmac.length - 1] & 0xf;
+    const value = ((hmac[offset] & 0x7f) << 24)
+        | ((hmac[offset + 1] & 0xff) << 16)
+        | ((hmac[offset + 2] & 0xff) << 8)
+        | (hmac[offset + 3] & 0xff);
+    return String(value % 1_000_000).padStart(6, '0');
+}
+//# sourceMappingURL=crypto.js.map

package/lib/plugins/service-config-vault/crypto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../../src/plugins/service-config-vault/crypto.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,IAAI,QAAQ,EAAE,eAAe,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzI,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAEtC,MAAM,MAAM,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;AASnC,MAAM,UAAU,KAAK;IACnB,OAAO,UAAU,EAAE,CAAC;AACtB,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,KAAK,GAAG,EAAE;IACjC,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAClD,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,GAAW;IACvC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IACvC,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;IAClF,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,MAAc;IAC7C,MAAM,IAAI,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;IAC7B,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE,CAAW,CAAC;IACzD,OAAO,UAAU,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;AACjF,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,MAAc,EAAE,IAAY;IAC7D,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC9D,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IAChD,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IACpD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,CAAC,MAAM,CAAW,CAAC;IACrE,OAAO,MAAM,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM,IAAI,eAAe,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;AAChF,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,KAAc,EAAE,GAAW,EAAE,UAAU,GAAG,IAAI;IACxE,MAAM,EAAE,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;IAC3B,MAAM,MAAM,GAAG,cAAc,CAAC,aAAa,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;QAC9B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAC5C,MAAM,CAAC,KAAK,EAAE;KACf,CAAC,CAAC;IACH,OAAO;QACL,gBAAgB,EAAE,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC;QACjD,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC5B,OAAO,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC;QAClD,UAAU;KACX,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,WAAW,CAAI,OAAyB,EAAE,GAAW;IACnE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,aAAa,EAAE,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC,CAAC;IAC5F,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC;IAC/D,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;QAC9B,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,WAAW,CAAC,CAAC;QACnE,QAAQ,CAAC,KAAK,EAAE;KACjB,CAAC,CAAC;IACH,OAAO,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAM,CAAC;AACrD,CAAC;AAED,MAAM,UAAU,gBAAgB;IAC9B,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAC/C,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,MAAc,EAAE,IAAY,EAAE,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE;IACvE,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACzC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC;IACrC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,GAAG,MAAM,CAAC,KAAK,OAAO,CAAC,CAAC;AACtF,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,MAAc,EAAE,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;IAChF,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAChC,OAAO,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;IACtC,MAAM,IAAI,GAAG,UAAU,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IAC9D,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC;IAC3C,MAAM,KAAK,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;UACvC,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;UACjC,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC;UAChC,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC9B,OAAO,MAAM,CAAC,KAAK,GAAG,SAAS,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AACpD,CAAC"}

package/lib/plugins/service-config-vault/http-server.d.ts

@@ -0,0 +1,20 @@
+import type { Observable } from '@bsb/base';
+import type { VaultService } from './vault.js';
+export interface VaultHttpOptions {
+    host: string;
+    port: number;
+    publicUrl: string;
+    production: boolean;
+    obs: Observable;
+    vault: VaultService;
+}
+export declare class VaultHttpServer {
+    private readonly options;
+    private server?;
+    constructor(options: VaultHttpOptions);
+    start(): Promise<void>;
+    stop(): Promise<void>;
+    private requireUser;
+    private page;
+}
+//# sourceMappingURL=http-server.d.ts.map

package/lib/plugins/service-config-vault/http-server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"http-server.d.ts","sourceRoot":"","sources":["../../../src/plugins/service-config-vault/http-server.ts"],"names":[],"mappings":"AAgBA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAC5C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAG/C,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,OAAO,CAAC;IACpB,GAAG,EAAE,UAAU,CAAC;IAChB,KAAK,EAAE,YAAY,CAAC;CACrB;AAED,qBAAa,eAAe;IAC1B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAmB;IAC3C,OAAO,CAAC,MAAM,CAAC,CAAS;gBAEZ,OAAO,EAAE,gBAAgB;IAI/B,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IA2ItB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;YAUb,WAAW;IAUzB,OAAO,CAAC,IAAI;CAGb"}