@canton-network/wallet-gateway-remote 0.25.0 → 0.26.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth/jwt-auth-service.d.ts.map +1 -1
- package/dist/auth/jwt-auth-service.js +25 -0
- package/dist/config/Config.d.ts +5 -2
- package/dist/config/Config.d.ts.map +1 -1
- package/dist/config/Config.js +6 -0
- package/dist/config/Config.test.js +1 -1
- package/dist/dapp-api/controller.d.ts +1 -0
- package/dist/dapp-api/controller.d.ts.map +1 -1
- package/dist/dapp-api/controller.js +26 -1
- package/dist/dapp-api/rpc-gen/index.d.ts +3 -0
- package/dist/dapp-api/rpc-gen/index.d.ts.map +1 -1
- package/dist/dapp-api/rpc-gen/index.js +1 -0
- package/dist/dapp-api/rpc-gen/typings.d.ts +3 -2
- package/dist/dapp-api/rpc-gen/typings.d.ts.map +1 -1
- package/dist/dapp-api/server.test.js +1 -1
- package/dist/env.d.ts +1 -0
- package/dist/env.d.ts.map +1 -1
- package/dist/env.js +1 -0
- package/dist/example-config.d.ts +1 -0
- package/dist/example-config.d.ts.map +1 -1
- package/dist/example-config.js +1 -0
- package/dist/index.d.ts +1 -1
- package/dist/init.d.ts.map +1 -1
- package/dist/init.js +9 -4
- package/dist/ledger/party-allocation-service.test.js +19 -17
- package/dist/ledger/transaction-service.d.ts +1 -0
- package/dist/ledger/transaction-service.d.ts.map +1 -1
- package/dist/ledger/transaction-service.js +65 -53
- package/dist/ledger/wallet-allocation/signing-providers/blockdaemon-wallet-allocator.d.ts.map +1 -1
- package/dist/ledger/wallet-allocation/signing-providers/blockdaemon-wallet-allocator.js +2 -1
- package/dist/ledger/wallet-allocation/wallet-allocation-service.test.js +22 -22
- package/dist/ledger/wallet-sync-service.test.js +15 -13
- package/dist/middleware/rateLimit.d.ts +5 -0
- package/dist/middleware/rateLimit.d.ts.map +1 -1
- package/dist/middleware/rateLimit.js +40 -0
- package/dist/middleware/rateLimit.test.d.ts +2 -0
- package/dist/middleware/rateLimit.test.d.ts.map +1 -0
- package/dist/middleware/rateLimit.test.js +30 -0
- package/dist/user-api/controller.d.ts.map +1 -1
- package/dist/user-api/controller.js +6 -5
- package/dist/user-api/rpc-gen/typings.d.ts +12 -14
- package/dist/user-api/rpc-gen/typings.d.ts.map +1 -1
- package/dist/user-api/server.test.js +1 -1
- package/dist/web/frontend/404/index.html +2 -2
- package/dist/web/frontend/activities/index.html +3 -3
- package/dist/web/frontend/approve/index.html +5 -4
- package/dist/web/frontend/assets/{404-F1JWultf.js → 404-CEw-fKbi.js} +1 -1
- package/dist/web/frontend/assets/{activities-Da48Liee.js → activities-BdSUE0hv.js} +3 -2
- package/dist/web/frontend/assets/{addIdentityProvider-DC3NxrKJ.js → addIdentityProvider-Bzz1fUGn.js} +1 -1
- package/dist/web/frontend/assets/{addNetwork-Dr3W42IN.js → addNetwork-B4FpgV7D.js} +1 -1
- package/dist/web/frontend/assets/addParty-D-UmQ0Oh.js +38 -0
- package/dist/web/frontend/assets/approve-DP3Lfyhw.js +21 -0
- package/dist/web/frontend/assets/{callback-OyzKCduG.js → callback-CXLUjUAK.js} +1 -1
- package/dist/web/frontend/assets/{identityProviders-CNGCwCMd.js → identityProviders-CtFhI1gg.js} +1 -1
- package/dist/web/frontend/assets/{index-6feHRhfj.js → index-BuC7gGqj.js} +96 -55
- package/dist/web/frontend/assets/index-DFhaSBOK.js +91 -0
- package/dist/web/frontend/assets/{index-CH8oXI5W.js → index-dDAXt5F2.js} +1 -1
- package/dist/web/frontend/assets/{login-DcYD5VED.js → login-CmwQEYxS.js} +1 -1
- package/dist/web/frontend/assets/{networks--1UXXt0J.js → networks-f8gSZxSb.js} +1 -1
- package/dist/web/frontend/assets/{reviewIdentityProvider-BT1CChnu.js → reviewIdentityProvider-CJFOHumn.js} +2 -2
- package/dist/web/frontend/assets/{reviewNetwork-CGV3UYev.js → reviewNetwork-D3QSssLB.js} +1 -1
- package/dist/web/frontend/assets/{settings-DnbEcRUK.js → settings-Cc-Ij_uP.js} +1 -1
- package/dist/web/frontend/assets/state-CZ6wI2d4.js +1 -0
- package/dist/web/frontend/assets/utils-CVOqcw_M.js +1 -0
- package/dist/web/frontend/callback/index.html +2 -2
- package/dist/web/frontend/identity-providers/add/index.html +3 -3
- package/dist/web/frontend/identity-providers/index.html +3 -3
- package/dist/web/frontend/identity-providers/review/index.html +3 -3
- package/dist/web/frontend/index.html +1 -1
- package/dist/web/frontend/login/index.html +4 -4
- package/dist/web/frontend/networks/add/index.html +3 -3
- package/dist/web/frontend/networks/index.html +3 -3
- package/dist/web/frontend/networks/review/index.html +3 -3
- package/dist/web/frontend/parties/add/index.html +5 -3
- package/dist/web/frontend/parties/index.html +4 -3
- package/dist/web/frontend/settings/index.html +3 -3
- package/package.json +25 -28
- package/dist/web/frontend/assets/addParty-C6FKG-e0.js +0 -38
- package/dist/web/frontend/assets/approve-BcD3DHcB.js +0 -21
- package/dist/web/frontend/assets/parties-CjUMJ1Qt.js +0 -91
- package/dist/web/frontend/assets/state-Da4wx0rb.js +0 -1
|
@@ -0,0 +1,91 @@
|
|
|
1
|
+
import{b as y,Y as J,c as P,e as _,Q as K,h as Y,i as R,t as X}from"./index-BuC7gGqj.js";import{r as S}from"./state-CZ6wI2d4.js";import{s as g}from"./utils-CVOqcw_M.js";var ee=Object.create,L=Object.defineProperty,te=Object.getOwnPropertyDescriptor,Q=(t,e)=>(e=Symbol[t])?e:Symbol.for("Symbol."+t),v=t=>{throw TypeError(t)},ae=(t,e,a)=>e in t?L(t,e,{enumerable:!0,configurable:!0,writable:!0,value:a}):t[e]=a,D=(t,e)=>L(t,"name",{value:e,configurable:!0}),se=t=>[,,,ee(t?.[Q("metadata")]??null)],j=["class","method","getter","setter","accessor","field","value","get","set"],m=t=>t!==void 0&&typeof t!="function"?v("Function expected"):t,ie=(t,e,a,l,s)=>({kind:j[t],name:e,metadata:l,addInitializer:r=>a._?v("Already initialized"):s.push(m(r||null))}),re=(t,e)=>ae(e,Q("metadata"),t[3]),u=(t,e,a,l)=>{for(var s=0,r=t[e>>1],p=r&&r.length;s<p;s++)e&1?r[s].call(a):l=r[s].call(a,l);return l},b=(t,e,a,l,s,r)=>{var p,c,E,f,W,i=e&7,k=!!(e&8),h=!!(e&16),I=i>3?t.length+1:i?k?1:2:0,O=j[i+5],q=i>3&&(t[I-1]=[]),H=t[I]||(t[I]=[]),d=i&&(!h&&!k&&(s=s.prototype),i<5&&(i>3||!h)&&te(i<4?s:{get[a](){return F(this,r)},set[a](n){return N(this,r,n)}},a));i?h&&i<4&&D(r,(i>2?"set ":i>1?"get ":"")+a):D(s,a);for(var C=l.length-1;C>=0;C--)f=ie(i,a,E={},t[3],H),i&&(f.static=k,f.private=h,W=f.access={has:h?n=>le(s,n):n=>a in n},i^3&&(W.get=h?n=>(i^1?F:ne)(n,s,i^4?r:d.get):n=>n[a]),i>2&&(W.set=h?(n,$)=>N(n,s,$,i^4?r:d.set):(n,$)=>n[a]=$)),c=(0,l[C])(i?i<4?h?r:d[O]:i>4?void 0:{get:d.get,set:d.set}:s,f),E._=1,i^4||c===void 0?m(c)&&(i>4?q.unshift(c):i?h?r=c:d[O]=c:s=c):typeof c!="object"||c===null?v("Object expected"):(m(p=c.get)&&(d.get=p),m(p=c.set)&&(d.set=p),m(p=c.init)&&q.unshift(p));return i||re(t,s),d&&L(s,a,d),h?i^4?r:d:s},M=(t,e,a)=>e.has(t)||v("Cannot "+a),le=(t,e)=>Object(e)!==e?v('Cannot use the "in" operator on this value'):t.has(e),F=(t,e,a)=>(M(t,e,"read from private field"),a?a.call(t):e.get(t)),x=(t,e,a)=>e.has(t)?v("Cannot add the same private member more than once"):e instanceof WeakSet?e.add(t):e.set(t,a),N=(t,e,a,l)=>(M(t,e,"write to private field"),l?l.call(t,a):e.set(t,a),a),ne=(t,e,a)=>(M(t,e,"access private method"),a),G,V,Z,z,B,o,T,U,A,ce=(t=>(t.WALLET_ALLOCATED="1",t.WALLET_INITIALIZED="2",t.WALLET_REMOVED="3",t))(ce||{});B=[X("user-ui-parties")];class w extends(z=Y,Z=[S()],V=[S()],G=[S()],z){constructor(){super(...arguments),x(this,T,u(o,8,this)),u(o,11,this),x(this,U,u(o,12,this,!1)),u(o,15,this),x(this,A,u(o,16,this,null)),u(o,19,this)}render(){if(!this.client)return y``;const e={verifiedWallets:[],unverifiedWallets:[]};return this.wallets?.forEach(a=>{a.status==="allocated"?e.verifiedWallets.push(a):e.unverifiedWallets.push(a)}),y`
|
|
2
|
+
<div class="page-header">
|
|
3
|
+
<div class="page-title-wrap">
|
|
4
|
+
<h1 class="h4 fw-semibold mb-0">Parties</h1>
|
|
5
|
+
<wg-wallets-sync
|
|
6
|
+
.client=${this.client}
|
|
7
|
+
.wallets=${this.wallets}
|
|
8
|
+
@sync-success=${this.updateWallets}
|
|
9
|
+
></wg-wallets-sync>
|
|
10
|
+
</div>
|
|
11
|
+
|
|
12
|
+
<button
|
|
13
|
+
class="btn btn-primary btn-sm rounded-pill btn-add"
|
|
14
|
+
type="button"
|
|
15
|
+
@click=${()=>window.location.href=J("/parties/add/")}
|
|
16
|
+
>
|
|
17
|
+
<span class="btn-add-icon" aria-hidden="true">+</span>
|
|
18
|
+
<span>New</span>
|
|
19
|
+
</button>
|
|
20
|
+
</div>
|
|
21
|
+
|
|
22
|
+
${this.wallets===void 0?y`<p class="text-body-secondary mb-3">
|
|
23
|
+
Loading parties...
|
|
24
|
+
</p>`:""}
|
|
25
|
+
|
|
26
|
+
<div class="row g-3 my-1">
|
|
27
|
+
${e.unverifiedWallets.map(a=>y`
|
|
28
|
+
<div class="col-md-6 col-lg-4">
|
|
29
|
+
<wg-wallet-card
|
|
30
|
+
.wallet=${a}
|
|
31
|
+
?loading=${this.loading}
|
|
32
|
+
@wallet-allocate=${this._onAllocateParty}
|
|
33
|
+
></wg-wallet-card>
|
|
34
|
+
</div>
|
|
35
|
+
`)}
|
|
36
|
+
</div>
|
|
37
|
+
|
|
38
|
+
<div class="row g-3 my-1">
|
|
39
|
+
${e.verifiedWallets.map(a=>y`
|
|
40
|
+
<div class="col-md-6 col-lg-4">
|
|
41
|
+
<wg-wallet-card
|
|
42
|
+
.wallet=${a}
|
|
43
|
+
verified
|
|
44
|
+
?loading=${this.loading}
|
|
45
|
+
@wallet-set-primary=${this._onSetPrimary}
|
|
46
|
+
></wg-wallet-card>
|
|
47
|
+
</div>
|
|
48
|
+
`)}
|
|
49
|
+
</div>
|
|
50
|
+
`}async connectedCallback(){super.connectedCallback(),this.client=await P(_.accessToken.get()),this.showCreationToastIfNeeded(),this.updateWallets()}showCreationToastIfNeeded(){const e=new URL(window.location.href),a=e.searchParams.get("createPartyStatus");if(a==="1")g("Party created","Your new party has been added successfully.","success");else if(a==="2")g("Party creation pending","Complete the signing in your signing provider, then click Allocate to finish.","info");else if(a==="3")g("Party creation rejected","Party creation failed because the signing transaction was unsuccessful.","error");else return;e.searchParams.delete("createPartyStatus"),window.history.replaceState({},"",e)}async updateWallets(){const e=await P(_.accessToken.get()),s=(await e.request({method:"listSessions"}).catch(()=>({sessions:[]})))?.sessions?.[0]?.network?.id||_.networkId.get(),r=s?{networkIds:[s]}:void 0;e.request({method:"listWallets",params:r?{filter:r}:{}}).then(p=>{this.wallets=p||[]})}async _onSetPrimary(e){await(await P(_.accessToken.get())).request({method:"setPrimaryWallet",params:{partyId:e.wallet.partyId}}),this.updateWallets()}async _onAllocateParty(e){this.loading=!0;const a=e.wallet;try{const s=await(await P(_.accessToken.get())).request({method:"allocatePartyForWallet",params:{partyId:a.partyId}});s?.wallet&&(s.wallet.status==="removed"?g("Party removed","Party was removed because the signing transaction was unsuccessful.","error"):s.wallet.status==="allocated"?g("Party allocated","Party has been successfully allocated.","success"):s.wallet.status==="initialized"&&g("Transaction pending","The signing transaction is still pending. Please approve it in selected signing provider, then try again.","info"))}catch(l){K(l)}this.loading=!1,this.updateWallets()}}o=se(z);T=new WeakMap;U=new WeakMap;A=new WeakMap;b(o,4,"wallets",Z,w,T);b(o,4,"loading",V,w,U);b(o,4,"client",G,w,A);w=b(o,0,"UserUiParties",B,w);w.styles=[Y.styles,R`
|
|
51
|
+
:host {
|
|
52
|
+
display: block;
|
|
53
|
+
max-width: 900px;
|
|
54
|
+
margin: 0 auto;
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
.page-header {
|
|
58
|
+
display: flex;
|
|
59
|
+
justify-content: space-between;
|
|
60
|
+
align-items: center;
|
|
61
|
+
gap: var(--wg-space-3);
|
|
62
|
+
margin-bottom: var(--wg-space-4);
|
|
63
|
+
}
|
|
64
|
+
|
|
65
|
+
.page-title-wrap {
|
|
66
|
+
display: inline-flex;
|
|
67
|
+
align-items: center;
|
|
68
|
+
gap: 0.15rem;
|
|
69
|
+
}
|
|
70
|
+
|
|
71
|
+
.page-title-wrap > h1 {
|
|
72
|
+
line-height: 1.2;
|
|
73
|
+
}
|
|
74
|
+
|
|
75
|
+
.btn-add {
|
|
76
|
+
padding: 0.45rem 1.1rem;
|
|
77
|
+
display: inline-flex;
|
|
78
|
+
align-items: center;
|
|
79
|
+
justify-content: center;
|
|
80
|
+
gap: 0.35rem;
|
|
81
|
+
}
|
|
82
|
+
|
|
83
|
+
.btn-add-icon {
|
|
84
|
+
display: inline-flex;
|
|
85
|
+
align-items: center;
|
|
86
|
+
justify-content: center;
|
|
87
|
+
line-height: 1;
|
|
88
|
+
font-size: var(--wg-font-size-base);
|
|
89
|
+
font-weight: var(--wg-font-weight-medium);
|
|
90
|
+
}
|
|
91
|
+
`];u(o,1,w);export{ce as W};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
import{o as p,s as o,l as m,d as D}from"./index-6feHRhfj.js";const x=crypto,F=t=>t instanceof CryptoKey,g=new TextEncoder,W=new TextDecoder;function ee(...t){const e=t.reduce((s,{length:i})=>s+i,0),r=new Uint8Array(e);let n=0;for(const s of t)r.set(s,n),n+=s.length;return r}const te=t=>{let e=t;typeof e=="string"&&(e=g.encode(e));const r=32768,n=[];for(let s=0;s<e.length;s+=r)n.push(String.fromCharCode.apply(null,e.subarray(s,s+r)));return btoa(n.join(""))},J=t=>te(t).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"),re=t=>{const e=atob(t),r=new Uint8Array(e.length);for(let n=0;n<e.length;n++)r[n]=e.charCodeAt(n);return r},K=t=>{let e=t;e instanceof Uint8Array&&(e=W.decode(e)),e=e.replace(/-/g,"+").replace(/_/g,"/").replace(/\s/g,"");try{return re(e)}catch{throw new TypeError("The input to be decoded is not correctly encoded.")}};class c extends Error{constructor(e,r){super(e,r),this.code="ERR_JOSE_GENERIC",this.name=this.constructor.name,Error.captureStackTrace?.(this,this.constructor)}}c.code="ERR_JOSE_GENERIC";class ne extends c{constructor(e,r,n="unspecified",s="unspecified"){super(e,{cause:{claim:n,reason:s,payload:r}}),this.code="ERR_JWT_CLAIM_VALIDATION_FAILED",this.claim=n,this.reason=s,this.payload=r}}ne.code="ERR_JWT_CLAIM_VALIDATION_FAILED";class se extends c{constructor(e,r,n="unspecified",s="unspecified"){super(e,{cause:{claim:n,reason:s,payload:r}}),this.code="ERR_JWT_EXPIRED",this.claim=n,this.reason=s,this.payload=r}}se.code="ERR_JWT_EXPIRED";class oe extends c{constructor(){super(...arguments),this.code="ERR_JOSE_ALG_NOT_ALLOWED"}}oe.code="ERR_JOSE_ALG_NOT_ALLOWED";class f extends c{constructor(){super(...arguments),this.code="ERR_JOSE_NOT_SUPPORTED"}}f.code="ERR_JOSE_NOT_SUPPORTED";class ie extends c{constructor(e="decryption operation failed",r){super(e,r),this.code="ERR_JWE_DECRYPTION_FAILED"}}ie.code="ERR_JWE_DECRYPTION_FAILED";class ae extends c{constructor(){super(...arguments),this.code="ERR_JWE_INVALID"}}ae.code="ERR_JWE_INVALID";class w extends c{constructor(){super(...arguments),this.code="ERR_JWS_INVALID"}}w.code="ERR_JWS_INVALID";class h extends c{constructor(){super(...arguments),this.code="ERR_JWT_INVALID"}}h.code="ERR_JWT_INVALID";class ce extends c{constructor(){super(...arguments),this.code="ERR_JWK_INVALID"}}ce.code="ERR_JWK_INVALID";class de extends c{constructor(){super(...arguments),this.code="ERR_JWKS_INVALID"}}de.code="ERR_JWKS_INVALID";class he extends c{constructor(e="no applicable key found in the JSON Web Key Set",r){super(e,r),this.code="ERR_JWKS_NO_MATCHING_KEY"}}he.code="ERR_JWKS_NO_MATCHING_KEY";class le extends c{constructor(e="multiple matching keys found in the JSON Web Key Set",r){super(e,r),this.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS"}}le.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS";class ue extends c{constructor(e="request timed out",r){super(e,r),this.code="ERR_JWKS_TIMEOUT"}}ue.code="ERR_JWKS_TIMEOUT";class fe extends c{constructor(e="signature verification failed",r){super(e,r),this.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED"}}fe.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED";function d(t,e="algorithm.name"){return new TypeError(`CryptoKey does not support this operation, its ${e} must be ${t}`)}function _(t,e){return t.name===e}function P(t){return parseInt(t.name.slice(4),10)}function pe(t){switch(t){case"ES256":return"P-256";case"ES384":return"P-384";case"ES512":return"P-521";default:throw new Error("unreachable")}}function me(t,e){if(e.length&&!e.some(r=>t.usages.includes(r))){let r="CryptoKey does not support this operation, its usages must include ";if(e.length>2){const n=e.pop();r+=`one of ${e.join(", ")}, or ${n}.`}else e.length===2?r+=`one of ${e[0]} or ${e[1]}.`:r+=`${e[0]}.`;throw new TypeError(r)}}function ye(t,e,...r){switch(e){case"HS256":case"HS384":case"HS512":{if(!_(t.algorithm,"HMAC"))throw d("HMAC");const n=parseInt(e.slice(2),10);if(P(t.algorithm.hash)!==n)throw d(`SHA-${n}`,"algorithm.hash");break}case"RS256":case"RS384":case"RS512":{if(!_(t.algorithm,"RSASSA-PKCS1-v1_5"))throw d("RSASSA-PKCS1-v1_5");const n=parseInt(e.slice(2),10);if(P(t.algorithm.hash)!==n)throw d(`SHA-${n}`,"algorithm.hash");break}case"PS256":case"PS384":case"PS512":{if(!_(t.algorithm,"RSA-PSS"))throw d("RSA-PSS");const n=parseInt(e.slice(2),10);if(P(t.algorithm.hash)!==n)throw d(`SHA-${n}`,"algorithm.hash");break}case"EdDSA":{if(t.algorithm.name!=="Ed25519"&&t.algorithm.name!=="Ed448")throw d("Ed25519 or Ed448");break}case"Ed25519":{if(!_(t.algorithm,"Ed25519"))throw d("Ed25519");break}case"ES256":case"ES384":case"ES512":{if(!_(t.algorithm,"ECDSA"))throw d("ECDSA");const n=pe(e);if(t.algorithm.namedCurve!==n)throw d(n,"algorithm.namedCurve");break}default:throw new TypeError("CryptoKey does not support this operation")}me(t,r)}function k(t,e,...r){if(r=r.filter(Boolean),r.length>2){const n=r.pop();t+=`one of type ${r.join(", ")}, or ${n}.`}else r.length===2?t+=`one of type ${r[0]} or ${r[1]}.`:t+=`of type ${r[0]}.`;return e==null?t+=` Received ${e}`:typeof e=="function"&&e.name?t+=` Received function ${e.name}`:typeof e=="object"&&e!=null&&e.constructor?.name&&(t+=` Received an instance of ${e.constructor.name}`),t}const M=(t,...e)=>k("Key must be ",t,...e);function j(t,e,...r){return k(`Key for the ${t} algorithm must be `,e,...r)}const V=t=>F(t)?!0:t?.[Symbol.toStringTag]==="KeyObject",v=["CryptoKey"],Se=(...t)=>{const e=t.filter(Boolean);if(e.length===0||e.length===1)return!0;let r;for(const n of e){const s=Object.keys(n);if(!r||r.size===0){r=new Set(s);continue}for(const i of s){if(r.has(i))return!1;r.add(i)}}return!0};function we(t){return typeof t=="object"&&t!==null}function N(t){if(!we(t)||Object.prototype.toString.call(t)!=="[object Object]")return!1;if(Object.getPrototypeOf(t)===null)return!0;let e=t;for(;Object.getPrototypeOf(e)!==null;)e=Object.getPrototypeOf(e);return Object.getPrototypeOf(t)===e}const Ee=(t,e)=>{if(t.startsWith("RS")||t.startsWith("PS")){const{modulusLength:r}=e.algorithm;if(typeof r!="number"||r<2048)throw new TypeError(`${t} requires key modulusLength to be 2048 bits or larger`)}};function b(t){return N(t)&&typeof t.kty=="string"}function ge(t){return t.kty!=="oct"&&typeof t.d=="string"}function _e(t){return t.kty!=="oct"&&typeof t.d>"u"}function be(t){return b(t)&&t.kty==="oct"&&typeof t.k=="string"}function Te(t){let e,r;switch(t.kty){case"RSA":{switch(t.alg){case"PS256":case"PS384":case"PS512":e={name:"RSA-PSS",hash:`SHA-${t.alg.slice(-3)}`},r=t.d?["sign"]:["verify"];break;case"RS256":case"RS384":case"RS512":e={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${t.alg.slice(-3)}`},r=t.d?["sign"]:["verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":e={name:"RSA-OAEP",hash:`SHA-${parseInt(t.alg.slice(-3),10)||1}`},r=t.d?["decrypt","unwrapKey"]:["encrypt","wrapKey"];break;default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case"EC":{switch(t.alg){case"ES256":e={name:"ECDSA",namedCurve:"P-256"},r=t.d?["sign"]:["verify"];break;case"ES384":e={name:"ECDSA",namedCurve:"P-384"},r=t.d?["sign"]:["verify"];break;case"ES512":e={name:"ECDSA",namedCurve:"P-521"},r=t.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":e={name:"ECDH",namedCurve:t.crv},r=t.d?["deriveBits"]:[];break;default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case"OKP":{switch(t.alg){case"Ed25519":e={name:"Ed25519"},r=t.d?["sign"]:["verify"];break;case"EdDSA":e={name:t.crv},r=t.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":e={name:t.crv},r=t.d?["deriveBits"]:[];break;default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}default:throw new f('Invalid or unsupported JWK "kty" (Key Type) Parameter value')}return{algorithm:e,keyUsages:r}}const Ae=async t=>{if(!t.alg)throw new TypeError('"alg" argument is required when "jwk.alg" is not present');const{algorithm:e,keyUsages:r}=Te(t),n=[e,t.ext??!1,t.key_ops??r],s={...t};return delete s.alg,delete s.use,x.subtle.importKey("jwk",s,...n)},G=t=>K(t);let y,S;const z=t=>t?.[Symbol.toStringTag]==="KeyObject",C=async(t,e,r,n,s=!1)=>{let i=t.get(e);if(i?.[n])return i[n];const a=await Ae({...r,alg:n});return s&&Object.freeze(e),i?i[n]=a:t.set(e,{[n]:a}),a},Ie=(t,e)=>{if(z(t)){let r=t.export({format:"jwk"});return delete r.d,delete r.dp,delete r.dq,delete r.p,delete r.q,delete r.qi,r.k?G(r.k):(S||(S=new WeakMap),C(S,t,r,e))}return b(t)?t.k?K(t.k):(S||(S=new WeakMap),C(S,t,t,e,!0)):t},Re=(t,e)=>{if(z(t)){let r=t.export({format:"jwk"});return r.k?G(r.k):(y||(y=new WeakMap),C(y,t,r,e))}return b(t)?t.k?K(t.k):(y||(y=new WeakMap),C(y,t,t,e,!0)):t},We={normalizePublicKey:Ie,normalizePrivateKey:Re},E=t=>t?.[Symbol.toStringTag],H=(t,e,r)=>{if(e.use!==void 0&&e.use!=="sig")throw new TypeError("Invalid key for this operation, when present its use must be sig");if(e.key_ops!==void 0&&e.key_ops.includes?.(r)!==!0)throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${r}`);if(e.alg!==void 0&&e.alg!==t)throw new TypeError(`Invalid key for this operation, when present its alg must be ${t}`);return!0},ve=(t,e,r,n)=>{if(!(e instanceof Uint8Array)){if(n&&b(e)){if(be(e)&&H(t,e,r))return;throw new TypeError('JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present')}if(!V(e))throw new TypeError(j(t,e,...v,"Uint8Array",n?"JSON Web Key":null));if(e.type!=="secret")throw new TypeError(`${E(e)} instances for symmetric algorithms must be of type "secret"`)}},Ce=(t,e,r,n)=>{if(n&&b(e))switch(r){case"sign":if(ge(e)&&H(t,e,r))return;throw new TypeError("JSON Web Key for this operation be a private JWK");case"verify":if(_e(e)&&H(t,e,r))return;throw new TypeError("JSON Web Key for this operation be a public JWK")}if(!V(e))throw new TypeError(j(t,e,...v,n?"JSON Web Key":null));if(e.type==="secret")throw new TypeError(`${E(e)} instances for asymmetric algorithms must not be of type "secret"`);if(r==="sign"&&e.type==="public")throw new TypeError(`${E(e)} instances for asymmetric algorithm signing must be of type "private"`);if(r==="decrypt"&&e.type==="public")throw new TypeError(`${E(e)} instances for asymmetric algorithm decryption must be of type "private"`);if(e.algorithm&&r==="verify"&&e.type==="private")throw new TypeError(`${E(e)} instances for asymmetric algorithm verifying must be of type "public"`);if(e.algorithm&&r==="encrypt"&&e.type==="private")throw new TypeError(`${E(e)} instances for asymmetric algorithm encryption must be of type "public"`)};function B(t,e,r,n){e.startsWith("HS")||e==="dir"||e.startsWith("PBES2")||/^A\d{3}(?:GCM)?KW$/.test(e)?ve(e,r,n,t):Ce(e,r,n,t)}B.bind(void 0,!1);const Ke=B.bind(void 0,!0);function Je(t,e,r,n,s){if(s.crit!==void 0&&n?.crit===void 0)throw new t('"crit" (Critical) Header Parameter MUST be integrity protected');if(!n||n.crit===void 0)return new Set;if(!Array.isArray(n.crit)||n.crit.length===0||n.crit.some(a=>typeof a!="string"||a.length===0))throw new t('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');let i;r!==void 0?i=new Map([...Object.entries(r),...e.entries()]):i=e;for(const a of n.crit){if(!i.has(a))throw new f(`Extension Header Parameter "${a}" is not recognized`);if(s[a]===void 0)throw new t(`Extension Header Parameter "${a}" is missing`);if(i.get(a)&&n[a]===void 0)throw new t(`Extension Header Parameter "${a}" MUST be integrity protected`)}return new Set(n.crit)}function Pe(t,e){const r=`SHA-${t.slice(-3)}`;switch(t){case"HS256":case"HS384":case"HS512":return{hash:r,name:"HMAC"};case"PS256":case"PS384":case"PS512":return{hash:r,name:"RSA-PSS",saltLength:t.slice(-3)>>3};case"RS256":case"RS384":case"RS512":return{hash:r,name:"RSASSA-PKCS1-v1_5"};case"ES256":case"ES384":case"ES512":return{hash:r,name:"ECDSA",namedCurve:e.namedCurve};case"Ed25519":return{name:"Ed25519"};case"EdDSA":return{name:e.name};default:throw new f(`alg ${t} is not supported either by JOSE or your javascript runtime`)}}async function Oe(t,e,r){if(e=await We.normalizePrivateKey(e,t),F(e))return ye(e,t,r),e;if(e instanceof Uint8Array){if(!t.startsWith("HS"))throw new TypeError(M(e,...v));return x.subtle.importKey("raw",e,{hash:`SHA-${t.slice(-3)}`,name:"HMAC"},!1,[r])}throw new TypeError(M(e,...v,"Uint8Array","JSON Web Key"))}const l=t=>Math.floor(t.getTime()/1e3),q=60,Y=q*60,$=Y*24,He=$*7,De=$*365.25,xe=/^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i,O=t=>{const e=xe.exec(t);if(!e||e[4]&&e[1])throw new TypeError("Invalid time period format");const r=parseFloat(e[2]),n=e[3].toLowerCase();let s;switch(n){case"sec":case"secs":case"second":case"seconds":case"s":s=Math.round(r);break;case"minute":case"minutes":case"min":case"mins":case"m":s=Math.round(r*q);break;case"hour":case"hours":case"hr":case"hrs":case"h":s=Math.round(r*Y);break;case"day":case"days":case"d":s=Math.round(r*$);break;case"week":case"weeks":case"w":s=Math.round(r*He);break;default:s=Math.round(r*De);break}return e[1]==="-"||e[4]==="ago"?-s:s},Ne=async(t,e,r)=>{const n=await Oe(t,e,"sign");Ee(t,n);const s=await x.subtle.sign(Pe(t,n.algorithm),n,r);return new Uint8Array(s)};class $e{constructor(e){if(!(e instanceof Uint8Array))throw new TypeError("payload must be an instance of Uint8Array");this._payload=e}setProtectedHeader(e){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=e,this}setUnprotectedHeader(e){if(this._unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this._unprotectedHeader=e,this}async sign(e,r){if(!this._protectedHeader&&!this._unprotectedHeader)throw new w("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");if(!Se(this._protectedHeader,this._unprotectedHeader))throw new w("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const n={...this._protectedHeader,...this._unprotectedHeader},s=Je(w,new Map([["b64",!0]]),r?.crit,this._protectedHeader,n);let i=!0;if(s.has("b64")&&(i=this._protectedHeader.b64,typeof i!="boolean"))throw new w('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:a}=n;if(typeof a!="string"||!a)throw new w('JWS "alg" (Algorithm) Header Parameter missing or invalid');Ke(a,e,"sign");let T=this._payload;i&&(T=g.encode(J(T)));let A;this._protectedHeader?A=g.encode(J(JSON.stringify(this._protectedHeader))):A=g.encode("");const Z=ee(A,g.encode("."),T),Q=await Ne(a,e,Z),I={signature:J(Q),payload:""};return i&&(I.payload=W.decode(T)),this._unprotectedHeader&&(I.header=this._unprotectedHeader),this._protectedHeader&&(I.protected=W.decode(A)),I}}class Ue{constructor(e){this._flattened=new $e(e)}setProtectedHeader(e){return this._flattened.setProtectedHeader(e),this}async sign(e,r){const n=await this._flattened.sign(e,r);if(n.payload===void 0)throw new TypeError("use the flattened module for creating JWS with b64: false");return`${n.protected}.${n.payload}.${n.signature}`}}function u(t,e){if(!Number.isFinite(e))throw new TypeError(`Invalid ${t} input`);return e}class Me{constructor(e={}){if(!N(e))throw new TypeError("JWT Claims Set MUST be an object");this._payload=e}setIssuer(e){return this._payload={...this._payload,iss:e},this}setSubject(e){return this._payload={...this._payload,sub:e},this}setAudience(e){return this._payload={...this._payload,aud:e},this}setJti(e){return this._payload={...this._payload,jti:e},this}setNotBefore(e){return typeof e=="number"?this._payload={...this._payload,nbf:u("setNotBefore",e)}:e instanceof Date?this._payload={...this._payload,nbf:u("setNotBefore",l(e))}:this._payload={...this._payload,nbf:l(new Date)+O(e)},this}setExpirationTime(e){return typeof e=="number"?this._payload={...this._payload,exp:u("setExpirationTime",e)}:e instanceof Date?this._payload={...this._payload,exp:u("setExpirationTime",l(e))}:this._payload={...this._payload,exp:l(new Date)+O(e)},this}setIssuedAt(e){return typeof e>"u"?this._payload={...this._payload,iat:l(new Date)}:e instanceof Date?this._payload={...this._payload,iat:u("setIssuedAt",l(e))}:typeof e=="string"?this._payload={...this._payload,iat:u("setIssuedAt",l(new Date)+O(e))}:this._payload={...this._payload,iat:u("setIssuedAt",e)},this}}class Le extends Me{setProtectedHeader(e){return this._protectedHeader=e,this}async sign(e,r){const n=new Ue(g.encode(JSON.stringify(this._payload)));if(n.setProtectedHeader(this._protectedHeader),Array.isArray(this._protectedHeader?.crit)&&this._protectedHeader.crit.includes("b64")&&this._protectedHeader.b64===!1)throw new h("JWTs MUST NOT use unencoded payload");return n.sign(e,r)}}const Fe=K;function U(t){if(typeof t!="string")throw new h("JWTs must use Compact JWS serialization, JWT must be a string");const{1:e,length:r}=t.split(".");if(r===5)throw new h("Only JWTs using Compact JWS serialization can be decoded");if(r!==3)throw new h("Invalid JWT");if(!e)throw new h("JWTs must contain a payload");let n;try{n=Fe(e)}catch{throw new h("Failed to base64url decode the payload")}let s;try{s=JSON.parse(W.decode(n))}catch{throw new h("Failed to parse the decoded payload as JSON")}if(!N(s))throw new h("Invalid JWT Claims Set");return s}var ke=Object.defineProperty,je=(t,e,r)=>e in t?ke(t,e,{enumerable:!0,configurable:!0,writable:!0,value:r}):t[e]=r,Ve=(t,e,r)=>je(t,e+"",r);function Ge(t){const{sub:e}=U(t);if(!e)throw new Error("token did not contain a subject field");return e}function ze(t){const{email:e}=U(t);if(!(typeof e!="string"||e.length===0))return e}function L(t){try{const e=U(t),r=Math.floor(Date.now()/1e3);return typeof e.exp=="number"&&e.exp<=r}catch{return!0}}var Be=class{constructor(t,e){this.configUrl=t,this.logger=e}async fetchToken(t){try{const e=await this.getOIDCConfig(this.configUrl);this.logger?.debug({oidcConfig:e},"Fetched OIDC config");const n=await(await this.fetchTokenEndpoint(e.token_endpoint,t)).json();if(this.logger?.info({response:n},`Fetched admin token for clientId: ${t.clientId}`),!n.access_token)throw new Error("No access_token in token endpoint response");return n.access_token}catch(e){throw this.logger?.error({err:e},"Failed to fetch admin token"),e}}async fetchTokenEndpoint(t,e){const r=new URLSearchParams({grant_type:"client_credentials",client_id:e.clientId,client_secret:e.clientSecret,scope:e.scope??"",audience:e.audience??""}),n=await fetch(t,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:r.toString()});if(!n.ok)throw this.logger?.error({status:n.status,statusText:n.statusText},"Token endpoint error"),new Error(`Token endpoint error: ${n.status} ${n.statusText}`);return n}async getOIDCConfig(t){const e=await fetch(t);if(!e.ok){const r=await e.text();throw this.logger?.error({status:e.status,statusText:e.statusText,body:r},"Failed to fetch OIDC config"),new Error(`OIDC config error: ${e.status} ${e.statusText}`)}return e.json()}},qe=(t,e)=>({fetchToken:async r=>new Be(t,e).fetchToken(r)}),Ye=class{static async fetchToken(t,e,r,n=3600){const s=new TextEncoder().encode(e.clientSecret),i=Math.floor(Date.now()/1e3),a=await new Le({sub:e.clientId,aud:e.audience||"",scope:e.scope||"",iat:i,exp:i+n,iss:r}).setProtectedHeader({alg:"HS256"}).sign(s);return t.info(`Generated self-signed JWT token: ${a}`),a}},rt=class R{constructor(e,r){this.config=e,this.logger=r,Ve(this,"cachedToken")}static fromToken(e,r){return new R({method:"static",token:e},r)}static fromGatewayConfig(e,r,n){if(r.method==="self_signed")return new R({method:r.method,issuer:r.issuer,credentials:{clientId:r.clientId,clientSecret:r.clientSecret,scope:r.scope,audience:r.audience}},n);if(r.method==="client_credentials"){if(e.type==="oauth")return new R({method:r.method,configUrl:e.configUrl,credentials:{clientId:r.clientId,clientSecret:r.clientSecret,scope:r.scope,audience:r.audience}},n);throw new Error(`IDP type ${e.type} not supported for client_credentials auth`)}throw new Error(`Auth method ${r.method} not supported for programmatic access token`)}async _fetchToken(){switch(this.logger.debug("Fetching user auth token"),this.config.method){case"static":return this.config.token;case"self_signed":return Ye.fetchToken(this.logger,this.config.credentials,this.config.issuer);case"client_credentials":return qe(this.config.configUrl,this.logger).fetchToken(this.config.credentials)}}async getAccessToken(){if(this.cachedToken&&!L(this.cachedToken))return this.cachedToken;{const e=await this._fetchToken();if(L(e))throw new Error("Attempted to refresh a token, but it came back expired.");return this.cachedToken=e,e}}async getAuthContext(){const e=await this.getAccessToken(),r=Ge(e),n=ze(e);return{accessToken:e,userId:r,...n?{email:n}:{}}}},X=p({method:m("authorization_code"),audience:o(),scope:o(),clientId:o()}).meta({description:"Authorization code flow authentication configuration. This is used for browser-based application login."}),Xe=p({method:m("client_credentials"),audience:o(),scope:o(),clientId:o(),clientSecret:o()}),Ze=p({method:m("self_signed"),issuer:o(),audience:o(),scope:o(),clientId:o(),clientSecret:o()}),Qe=p({method:m("client_credentials"),audience:o(),scope:o(),clientId:o(),clientSecretEnv:o()}),et=p({method:m("self_signed"),issuer:o(),audience:o(),scope:o(),clientId:o(),clientSecretEnv:o()}),nt=D("method",[X,Xe,Ze]);D("method",[X,Qe,et]);var st=D("type",[p({id:o(),type:m("self_signed"),issuer:o()}),p({id:o(),type:m("oauth"),issuer:o(),configUrl:o().url()})]);export{rt as A,nt as a,st as i};
|
|
1
|
+
import{o as p,s as o,l as m,d as D}from"./index-BuC7gGqj.js";const x=crypto,F=t=>t instanceof CryptoKey,g=new TextEncoder,W=new TextDecoder;function ee(...t){const e=t.reduce((s,{length:i})=>s+i,0),r=new Uint8Array(e);let n=0;for(const s of t)r.set(s,n),n+=s.length;return r}const te=t=>{let e=t;typeof e=="string"&&(e=g.encode(e));const r=32768,n=[];for(let s=0;s<e.length;s+=r)n.push(String.fromCharCode.apply(null,e.subarray(s,s+r)));return btoa(n.join(""))},J=t=>te(t).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"),re=t=>{const e=atob(t),r=new Uint8Array(e.length);for(let n=0;n<e.length;n++)r[n]=e.charCodeAt(n);return r},K=t=>{let e=t;e instanceof Uint8Array&&(e=W.decode(e)),e=e.replace(/-/g,"+").replace(/_/g,"/").replace(/\s/g,"");try{return re(e)}catch{throw new TypeError("The input to be decoded is not correctly encoded.")}};class c extends Error{constructor(e,r){super(e,r),this.code="ERR_JOSE_GENERIC",this.name=this.constructor.name,Error.captureStackTrace?.(this,this.constructor)}}c.code="ERR_JOSE_GENERIC";class ne extends c{constructor(e,r,n="unspecified",s="unspecified"){super(e,{cause:{claim:n,reason:s,payload:r}}),this.code="ERR_JWT_CLAIM_VALIDATION_FAILED",this.claim=n,this.reason=s,this.payload=r}}ne.code="ERR_JWT_CLAIM_VALIDATION_FAILED";class se extends c{constructor(e,r,n="unspecified",s="unspecified"){super(e,{cause:{claim:n,reason:s,payload:r}}),this.code="ERR_JWT_EXPIRED",this.claim=n,this.reason=s,this.payload=r}}se.code="ERR_JWT_EXPIRED";class oe extends c{constructor(){super(...arguments),this.code="ERR_JOSE_ALG_NOT_ALLOWED"}}oe.code="ERR_JOSE_ALG_NOT_ALLOWED";class f extends c{constructor(){super(...arguments),this.code="ERR_JOSE_NOT_SUPPORTED"}}f.code="ERR_JOSE_NOT_SUPPORTED";class ie extends c{constructor(e="decryption operation failed",r){super(e,r),this.code="ERR_JWE_DECRYPTION_FAILED"}}ie.code="ERR_JWE_DECRYPTION_FAILED";class ae extends c{constructor(){super(...arguments),this.code="ERR_JWE_INVALID"}}ae.code="ERR_JWE_INVALID";class w extends c{constructor(){super(...arguments),this.code="ERR_JWS_INVALID"}}w.code="ERR_JWS_INVALID";class h extends c{constructor(){super(...arguments),this.code="ERR_JWT_INVALID"}}h.code="ERR_JWT_INVALID";class ce extends c{constructor(){super(...arguments),this.code="ERR_JWK_INVALID"}}ce.code="ERR_JWK_INVALID";class de extends c{constructor(){super(...arguments),this.code="ERR_JWKS_INVALID"}}de.code="ERR_JWKS_INVALID";class he extends c{constructor(e="no applicable key found in the JSON Web Key Set",r){super(e,r),this.code="ERR_JWKS_NO_MATCHING_KEY"}}he.code="ERR_JWKS_NO_MATCHING_KEY";class le extends c{constructor(e="multiple matching keys found in the JSON Web Key Set",r){super(e,r),this.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS"}}le.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS";class ue extends c{constructor(e="request timed out",r){super(e,r),this.code="ERR_JWKS_TIMEOUT"}}ue.code="ERR_JWKS_TIMEOUT";class fe extends c{constructor(e="signature verification failed",r){super(e,r),this.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED"}}fe.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED";function d(t,e="algorithm.name"){return new TypeError(`CryptoKey does not support this operation, its ${e} must be ${t}`)}function _(t,e){return t.name===e}function P(t){return parseInt(t.name.slice(4),10)}function pe(t){switch(t){case"ES256":return"P-256";case"ES384":return"P-384";case"ES512":return"P-521";default:throw new Error("unreachable")}}function me(t,e){if(e.length&&!e.some(r=>t.usages.includes(r))){let r="CryptoKey does not support this operation, its usages must include ";if(e.length>2){const n=e.pop();r+=`one of ${e.join(", ")}, or ${n}.`}else e.length===2?r+=`one of ${e[0]} or ${e[1]}.`:r+=`${e[0]}.`;throw new TypeError(r)}}function ye(t,e,...r){switch(e){case"HS256":case"HS384":case"HS512":{if(!_(t.algorithm,"HMAC"))throw d("HMAC");const n=parseInt(e.slice(2),10);if(P(t.algorithm.hash)!==n)throw d(`SHA-${n}`,"algorithm.hash");break}case"RS256":case"RS384":case"RS512":{if(!_(t.algorithm,"RSASSA-PKCS1-v1_5"))throw d("RSASSA-PKCS1-v1_5");const n=parseInt(e.slice(2),10);if(P(t.algorithm.hash)!==n)throw d(`SHA-${n}`,"algorithm.hash");break}case"PS256":case"PS384":case"PS512":{if(!_(t.algorithm,"RSA-PSS"))throw d("RSA-PSS");const n=parseInt(e.slice(2),10);if(P(t.algorithm.hash)!==n)throw d(`SHA-${n}`,"algorithm.hash");break}case"EdDSA":{if(t.algorithm.name!=="Ed25519"&&t.algorithm.name!=="Ed448")throw d("Ed25519 or Ed448");break}case"Ed25519":{if(!_(t.algorithm,"Ed25519"))throw d("Ed25519");break}case"ES256":case"ES384":case"ES512":{if(!_(t.algorithm,"ECDSA"))throw d("ECDSA");const n=pe(e);if(t.algorithm.namedCurve!==n)throw d(n,"algorithm.namedCurve");break}default:throw new TypeError("CryptoKey does not support this operation")}me(t,r)}function k(t,e,...r){if(r=r.filter(Boolean),r.length>2){const n=r.pop();t+=`one of type ${r.join(", ")}, or ${n}.`}else r.length===2?t+=`one of type ${r[0]} or ${r[1]}.`:t+=`of type ${r[0]}.`;return e==null?t+=` Received ${e}`:typeof e=="function"&&e.name?t+=` Received function ${e.name}`:typeof e=="object"&&e!=null&&e.constructor?.name&&(t+=` Received an instance of ${e.constructor.name}`),t}const M=(t,...e)=>k("Key must be ",t,...e);function j(t,e,...r){return k(`Key for the ${t} algorithm must be `,e,...r)}const V=t=>F(t)?!0:t?.[Symbol.toStringTag]==="KeyObject",v=["CryptoKey"],Se=(...t)=>{const e=t.filter(Boolean);if(e.length===0||e.length===1)return!0;let r;for(const n of e){const s=Object.keys(n);if(!r||r.size===0){r=new Set(s);continue}for(const i of s){if(r.has(i))return!1;r.add(i)}}return!0};function we(t){return typeof t=="object"&&t!==null}function N(t){if(!we(t)||Object.prototype.toString.call(t)!=="[object Object]")return!1;if(Object.getPrototypeOf(t)===null)return!0;let e=t;for(;Object.getPrototypeOf(e)!==null;)e=Object.getPrototypeOf(e);return Object.getPrototypeOf(t)===e}const Ee=(t,e)=>{if(t.startsWith("RS")||t.startsWith("PS")){const{modulusLength:r}=e.algorithm;if(typeof r!="number"||r<2048)throw new TypeError(`${t} requires key modulusLength to be 2048 bits or larger`)}};function b(t){return N(t)&&typeof t.kty=="string"}function ge(t){return t.kty!=="oct"&&typeof t.d=="string"}function _e(t){return t.kty!=="oct"&&typeof t.d>"u"}function be(t){return b(t)&&t.kty==="oct"&&typeof t.k=="string"}function Te(t){let e,r;switch(t.kty){case"RSA":{switch(t.alg){case"PS256":case"PS384":case"PS512":e={name:"RSA-PSS",hash:`SHA-${t.alg.slice(-3)}`},r=t.d?["sign"]:["verify"];break;case"RS256":case"RS384":case"RS512":e={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${t.alg.slice(-3)}`},r=t.d?["sign"]:["verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":e={name:"RSA-OAEP",hash:`SHA-${parseInt(t.alg.slice(-3),10)||1}`},r=t.d?["decrypt","unwrapKey"]:["encrypt","wrapKey"];break;default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case"EC":{switch(t.alg){case"ES256":e={name:"ECDSA",namedCurve:"P-256"},r=t.d?["sign"]:["verify"];break;case"ES384":e={name:"ECDSA",namedCurve:"P-384"},r=t.d?["sign"]:["verify"];break;case"ES512":e={name:"ECDSA",namedCurve:"P-521"},r=t.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":e={name:"ECDH",namedCurve:t.crv},r=t.d?["deriveBits"]:[];break;default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case"OKP":{switch(t.alg){case"Ed25519":e={name:"Ed25519"},r=t.d?["sign"]:["verify"];break;case"EdDSA":e={name:t.crv},r=t.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":e={name:t.crv},r=t.d?["deriveBits"]:[];break;default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}default:throw new f('Invalid or unsupported JWK "kty" (Key Type) Parameter value')}return{algorithm:e,keyUsages:r}}const Ae=async t=>{if(!t.alg)throw new TypeError('"alg" argument is required when "jwk.alg" is not present');const{algorithm:e,keyUsages:r}=Te(t),n=[e,t.ext??!1,t.key_ops??r],s={...t};return delete s.alg,delete s.use,x.subtle.importKey("jwk",s,...n)},G=t=>K(t);let y,S;const z=t=>t?.[Symbol.toStringTag]==="KeyObject",C=async(t,e,r,n,s=!1)=>{let i=t.get(e);if(i?.[n])return i[n];const a=await Ae({...r,alg:n});return s&&Object.freeze(e),i?i[n]=a:t.set(e,{[n]:a}),a},Ie=(t,e)=>{if(z(t)){let r=t.export({format:"jwk"});return delete r.d,delete r.dp,delete r.dq,delete r.p,delete r.q,delete r.qi,r.k?G(r.k):(S||(S=new WeakMap),C(S,t,r,e))}return b(t)?t.k?K(t.k):(S||(S=new WeakMap),C(S,t,t,e,!0)):t},Re=(t,e)=>{if(z(t)){let r=t.export({format:"jwk"});return r.k?G(r.k):(y||(y=new WeakMap),C(y,t,r,e))}return b(t)?t.k?K(t.k):(y||(y=new WeakMap),C(y,t,t,e,!0)):t},We={normalizePublicKey:Ie,normalizePrivateKey:Re},E=t=>t?.[Symbol.toStringTag],H=(t,e,r)=>{if(e.use!==void 0&&e.use!=="sig")throw new TypeError("Invalid key for this operation, when present its use must be sig");if(e.key_ops!==void 0&&e.key_ops.includes?.(r)!==!0)throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${r}`);if(e.alg!==void 0&&e.alg!==t)throw new TypeError(`Invalid key for this operation, when present its alg must be ${t}`);return!0},ve=(t,e,r,n)=>{if(!(e instanceof Uint8Array)){if(n&&b(e)){if(be(e)&&H(t,e,r))return;throw new TypeError('JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present')}if(!V(e))throw new TypeError(j(t,e,...v,"Uint8Array",n?"JSON Web Key":null));if(e.type!=="secret")throw new TypeError(`${E(e)} instances for symmetric algorithms must be of type "secret"`)}},Ce=(t,e,r,n)=>{if(n&&b(e))switch(r){case"sign":if(ge(e)&&H(t,e,r))return;throw new TypeError("JSON Web Key for this operation be a private JWK");case"verify":if(_e(e)&&H(t,e,r))return;throw new TypeError("JSON Web Key for this operation be a public JWK")}if(!V(e))throw new TypeError(j(t,e,...v,n?"JSON Web Key":null));if(e.type==="secret")throw new TypeError(`${E(e)} instances for asymmetric algorithms must not be of type "secret"`);if(r==="sign"&&e.type==="public")throw new TypeError(`${E(e)} instances for asymmetric algorithm signing must be of type "private"`);if(r==="decrypt"&&e.type==="public")throw new TypeError(`${E(e)} instances for asymmetric algorithm decryption must be of type "private"`);if(e.algorithm&&r==="verify"&&e.type==="private")throw new TypeError(`${E(e)} instances for asymmetric algorithm verifying must be of type "public"`);if(e.algorithm&&r==="encrypt"&&e.type==="private")throw new TypeError(`${E(e)} instances for asymmetric algorithm encryption must be of type "public"`)};function B(t,e,r,n){e.startsWith("HS")||e==="dir"||e.startsWith("PBES2")||/^A\d{3}(?:GCM)?KW$/.test(e)?ve(e,r,n,t):Ce(e,r,n,t)}B.bind(void 0,!1);const Ke=B.bind(void 0,!0);function Je(t,e,r,n,s){if(s.crit!==void 0&&n?.crit===void 0)throw new t('"crit" (Critical) Header Parameter MUST be integrity protected');if(!n||n.crit===void 0)return new Set;if(!Array.isArray(n.crit)||n.crit.length===0||n.crit.some(a=>typeof a!="string"||a.length===0))throw new t('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');let i;r!==void 0?i=new Map([...Object.entries(r),...e.entries()]):i=e;for(const a of n.crit){if(!i.has(a))throw new f(`Extension Header Parameter "${a}" is not recognized`);if(s[a]===void 0)throw new t(`Extension Header Parameter "${a}" is missing`);if(i.get(a)&&n[a]===void 0)throw new t(`Extension Header Parameter "${a}" MUST be integrity protected`)}return new Set(n.crit)}function Pe(t,e){const r=`SHA-${t.slice(-3)}`;switch(t){case"HS256":case"HS384":case"HS512":return{hash:r,name:"HMAC"};case"PS256":case"PS384":case"PS512":return{hash:r,name:"RSA-PSS",saltLength:t.slice(-3)>>3};case"RS256":case"RS384":case"RS512":return{hash:r,name:"RSASSA-PKCS1-v1_5"};case"ES256":case"ES384":case"ES512":return{hash:r,name:"ECDSA",namedCurve:e.namedCurve};case"Ed25519":return{name:"Ed25519"};case"EdDSA":return{name:e.name};default:throw new f(`alg ${t} is not supported either by JOSE or your javascript runtime`)}}async function Oe(t,e,r){if(e=await We.normalizePrivateKey(e,t),F(e))return ye(e,t,r),e;if(e instanceof Uint8Array){if(!t.startsWith("HS"))throw new TypeError(M(e,...v));return x.subtle.importKey("raw",e,{hash:`SHA-${t.slice(-3)}`,name:"HMAC"},!1,[r])}throw new TypeError(M(e,...v,"Uint8Array","JSON Web Key"))}const l=t=>Math.floor(t.getTime()/1e3),q=60,Y=q*60,$=Y*24,He=$*7,De=$*365.25,xe=/^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i,O=t=>{const e=xe.exec(t);if(!e||e[4]&&e[1])throw new TypeError("Invalid time period format");const r=parseFloat(e[2]),n=e[3].toLowerCase();let s;switch(n){case"sec":case"secs":case"second":case"seconds":case"s":s=Math.round(r);break;case"minute":case"minutes":case"min":case"mins":case"m":s=Math.round(r*q);break;case"hour":case"hours":case"hr":case"hrs":case"h":s=Math.round(r*Y);break;case"day":case"days":case"d":s=Math.round(r*$);break;case"week":case"weeks":case"w":s=Math.round(r*He);break;default:s=Math.round(r*De);break}return e[1]==="-"||e[4]==="ago"?-s:s},Ne=async(t,e,r)=>{const n=await Oe(t,e,"sign");Ee(t,n);const s=await x.subtle.sign(Pe(t,n.algorithm),n,r);return new Uint8Array(s)};class $e{constructor(e){if(!(e instanceof Uint8Array))throw new TypeError("payload must be an instance of Uint8Array");this._payload=e}setProtectedHeader(e){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=e,this}setUnprotectedHeader(e){if(this._unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this._unprotectedHeader=e,this}async sign(e,r){if(!this._protectedHeader&&!this._unprotectedHeader)throw new w("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");if(!Se(this._protectedHeader,this._unprotectedHeader))throw new w("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const n={...this._protectedHeader,...this._unprotectedHeader},s=Je(w,new Map([["b64",!0]]),r?.crit,this._protectedHeader,n);let i=!0;if(s.has("b64")&&(i=this._protectedHeader.b64,typeof i!="boolean"))throw new w('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:a}=n;if(typeof a!="string"||!a)throw new w('JWS "alg" (Algorithm) Header Parameter missing or invalid');Ke(a,e,"sign");let T=this._payload;i&&(T=g.encode(J(T)));let A;this._protectedHeader?A=g.encode(J(JSON.stringify(this._protectedHeader))):A=g.encode("");const Z=ee(A,g.encode("."),T),Q=await Ne(a,e,Z),I={signature:J(Q),payload:""};return i&&(I.payload=W.decode(T)),this._unprotectedHeader&&(I.header=this._unprotectedHeader),this._protectedHeader&&(I.protected=W.decode(A)),I}}class Ue{constructor(e){this._flattened=new $e(e)}setProtectedHeader(e){return this._flattened.setProtectedHeader(e),this}async sign(e,r){const n=await this._flattened.sign(e,r);if(n.payload===void 0)throw new TypeError("use the flattened module for creating JWS with b64: false");return`${n.protected}.${n.payload}.${n.signature}`}}function u(t,e){if(!Number.isFinite(e))throw new TypeError(`Invalid ${t} input`);return e}class Me{constructor(e={}){if(!N(e))throw new TypeError("JWT Claims Set MUST be an object");this._payload=e}setIssuer(e){return this._payload={...this._payload,iss:e},this}setSubject(e){return this._payload={...this._payload,sub:e},this}setAudience(e){return this._payload={...this._payload,aud:e},this}setJti(e){return this._payload={...this._payload,jti:e},this}setNotBefore(e){return typeof e=="number"?this._payload={...this._payload,nbf:u("setNotBefore",e)}:e instanceof Date?this._payload={...this._payload,nbf:u("setNotBefore",l(e))}:this._payload={...this._payload,nbf:l(new Date)+O(e)},this}setExpirationTime(e){return typeof e=="number"?this._payload={...this._payload,exp:u("setExpirationTime",e)}:e instanceof Date?this._payload={...this._payload,exp:u("setExpirationTime",l(e))}:this._payload={...this._payload,exp:l(new Date)+O(e)},this}setIssuedAt(e){return typeof e>"u"?this._payload={...this._payload,iat:l(new Date)}:e instanceof Date?this._payload={...this._payload,iat:u("setIssuedAt",l(e))}:typeof e=="string"?this._payload={...this._payload,iat:u("setIssuedAt",l(new Date)+O(e))}:this._payload={...this._payload,iat:u("setIssuedAt",e)},this}}class Le extends Me{setProtectedHeader(e){return this._protectedHeader=e,this}async sign(e,r){const n=new Ue(g.encode(JSON.stringify(this._payload)));if(n.setProtectedHeader(this._protectedHeader),Array.isArray(this._protectedHeader?.crit)&&this._protectedHeader.crit.includes("b64")&&this._protectedHeader.b64===!1)throw new h("JWTs MUST NOT use unencoded payload");return n.sign(e,r)}}const Fe=K;function U(t){if(typeof t!="string")throw new h("JWTs must use Compact JWS serialization, JWT must be a string");const{1:e,length:r}=t.split(".");if(r===5)throw new h("Only JWTs using Compact JWS serialization can be decoded");if(r!==3)throw new h("Invalid JWT");if(!e)throw new h("JWTs must contain a payload");let n;try{n=Fe(e)}catch{throw new h("Failed to base64url decode the payload")}let s;try{s=JSON.parse(W.decode(n))}catch{throw new h("Failed to parse the decoded payload as JSON")}if(!N(s))throw new h("Invalid JWT Claims Set");return s}var ke=Object.defineProperty,je=(t,e,r)=>e in t?ke(t,e,{enumerable:!0,configurable:!0,writable:!0,value:r}):t[e]=r,Ve=(t,e,r)=>je(t,e+"",r);function Ge(t){const{sub:e}=U(t);if(!e)throw new Error("token did not contain a subject field");return e}function ze(t){const{email:e}=U(t);if(!(typeof e!="string"||e.length===0))return e}function L(t){try{const e=U(t),r=Math.floor(Date.now()/1e3);return typeof e.exp=="number"&&e.exp<=r}catch{return!0}}var Be=class{constructor(t,e){this.configUrl=t,this.logger=e}async fetchToken(t){try{const e=await this.getOIDCConfig(this.configUrl);this.logger?.debug({oidcConfig:e},"Fetched OIDC config");const n=await(await this.fetchTokenEndpoint(e.token_endpoint,t)).json();if(this.logger?.info({response:n},`Fetched admin token for clientId: ${t.clientId}`),!n.access_token)throw new Error("No access_token in token endpoint response");return n.access_token}catch(e){throw this.logger?.error({err:e},"Failed to fetch admin token"),e}}async fetchTokenEndpoint(t,e){const r=new URLSearchParams({grant_type:"client_credentials",client_id:e.clientId,client_secret:e.clientSecret,scope:e.scope??"",audience:e.audience??""}),n=await fetch(t,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:r.toString()});if(!n.ok)throw this.logger?.error({status:n.status,statusText:n.statusText},"Token endpoint error"),new Error(`Token endpoint error: ${n.status} ${n.statusText}`);return n}async getOIDCConfig(t){const e=await fetch(t);if(!e.ok){const r=await e.text();throw this.logger?.error({status:e.status,statusText:e.statusText,body:r},"Failed to fetch OIDC config"),new Error(`OIDC config error: ${e.status} ${e.statusText}`)}return e.json()}},qe=(t,e)=>({fetchToken:async r=>new Be(t,e).fetchToken(r)}),Ye=class{static async fetchToken(t,e,r,n=3600){const s=new TextEncoder().encode(e.clientSecret),i=Math.floor(Date.now()/1e3),a=await new Le({sub:e.clientId,aud:e.audience||"",scope:e.scope||"",iat:i,exp:i+n,iss:r}).setProtectedHeader({alg:"HS256"}).sign(s);return t.info(`Generated self-signed JWT token: ${a}`),a}},rt=class R{constructor(e,r){this.config=e,this.logger=r,Ve(this,"cachedToken")}static fromToken(e,r){return new R({method:"static",token:e},r)}static fromGatewayConfig(e,r,n){if(r.method==="self_signed")return new R({method:r.method,issuer:r.issuer,credentials:{clientId:r.clientId,clientSecret:r.clientSecret,scope:r.scope,audience:r.audience}},n);if(r.method==="client_credentials"){if(e.type==="oauth")return new R({method:r.method,configUrl:e.configUrl,credentials:{clientId:r.clientId,clientSecret:r.clientSecret,scope:r.scope,audience:r.audience}},n);throw new Error(`IDP type ${e.type} not supported for client_credentials auth`)}throw new Error(`Auth method ${r.method} not supported for programmatic access token`)}async _fetchToken(){switch(this.logger.debug("Fetching user auth token"),this.config.method){case"static":return this.config.token;case"self_signed":return Ye.fetchToken(this.logger,this.config.credentials,this.config.issuer);case"client_credentials":return qe(this.config.configUrl,this.logger).fetchToken(this.config.credentials)}}async getAccessToken(){if(this.cachedToken&&!L(this.cachedToken))return this.cachedToken;{const e=await this._fetchToken();if(L(e))throw new Error("Attempted to refresh a token, but it came back expired.");return this.cachedToken=e,e}}async getAuthContext(){const e=await this.getAccessToken(),r=Ge(e),n=ze(e);return{accessToken:e,userId:r,...n?{email:n}:{}}}},X=p({method:m("authorization_code"),audience:o(),scope:o(),clientId:o()}).meta({description:"Authorization code flow authentication configuration. This is used for browser-based application login."}),Xe=p({method:m("client_credentials"),audience:o(),scope:o(),clientId:o(),clientSecret:o()}),Ze=p({method:m("self_signed"),issuer:o(),audience:o(),scope:o(),clientId:o(),clientSecret:o()}),Qe=p({method:m("client_credentials"),audience:o(),scope:o(),clientId:o(),clientSecretEnv:o()}),et=p({method:m("self_signed"),issuer:o(),audience:o(),scope:o(),clientId:o(),clientSecretEnv:o()}),nt=D("method",[X,Xe,Ze]);D("method",[X,Qe,et]);var st=D("type",[p({id:o(),type:m("self_signed"),issuer:o()}),p({id:o(),type:m("oauth"),issuer:o(),configUrl:o().url()})]);export{rt as A,nt as a,st as i};
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import{c as z,e as w,Q as R,r as Z,S as j,g as ee,b as F,h as te,t as ne}from"./index-
|
|
1
|
+
import{c as z,e as w,Q as R,r as Z,S as j,g as ee,b as F,h as te,t as ne}from"./index-BuC7gGqj.js";import{r as S}from"./state-CZ6wI2d4.js";import{A as se}from"./index-dDAXt5F2.js";var ie=Object.create,P=Object.defineProperty,oe=Object.getOwnPropertyDescriptor,G=(t,e)=>(e=Symbol[t])?e:Symbol.for("Symbol."+t),f=t=>{throw TypeError(t)},re=(t,e,n)=>e in t?P(t,e,{enumerable:!0,configurable:!0,writable:!0,value:n}):t[e]=n,W=(t,e)=>P(t,"name",{value:e,configurable:!0}),ae=t=>[,,,ie(t?.[G("metadata")]??null)],H=["class","method","getter","setter","accessor","field","value","get","set"],m=t=>t!==void 0&&typeof t!="function"?f("Function expected"):t,ce=(t,e,n,r,i)=>({kind:H[t],name:e,metadata:r,addInitializer:o=>n._?f("Already initialized"):i.push(m(o||null))}),de=(t,e)=>re(e,G("metadata"),t[3]),p=(t,e,n,r)=>{for(var i=0,o=t[e>>1],c=o&&o.length;i<c;i++)e&1?o[i].call(n):r=o[i].call(n,r);return r},I=(t,e,n,r,i,o)=>{var c,d,v,_,k,s=e&7,y=!!(e&8),g=!!(e&16),U=s>3?t.length+1:s?y?1:2:0,D=H[s+5],N=s>3&&(t[U-1]=[]),Y=t[U]||(t[U]=[]),h=s&&(!g&&!y&&(i=i.prototype),s<5&&(s>3||!g)&&oe(s<4?i:{get[n](){return x(this,o)},set[n](l){return q(this,o,l)}},n));s?g&&s<4&&W(o,(s>2?"set ":s>1?"get ":"")+n):W(i,n);for(var M=r.length-1;M>=0;M--)_=ce(s,n,v={},t[3],Y),s&&(_.static=y,_.private=g,k=_.access={has:g?l=>le(i,l):l=>n in l},s^3&&(k.get=g?l=>(s^1?x:he)(l,i,s^4?o:h.get):l=>l[n]),s>2&&(k.set=g?(l,E)=>q(l,i,E,s^4?o:h.set):(l,E)=>l[n]=E)),d=(0,r[M])(s?s<4?g?o:h[D]:s>4?void 0:{get:h.get,set:h.set}:i,_),v._=1,s^4||d===void 0?m(d)&&(s>4?N.unshift(d):s?g?o=d:h[D]=d:i=d):typeof d!="object"||d===null?f("Object expected"):(m(c=d.get)&&(h.get=c),m(c=d.set)&&(h.set=c),m(c=d.init)&&N.unshift(c));return s||de(t,i),h&&P(i,n,h),g?s^4?o:h:i},T=(t,e,n)=>e.has(t)||f("Cannot "+n),le=(t,e)=>Object(e)!==e?f('Cannot use the "in" operator on this value'):t.has(e),x=(t,e,n)=>(T(t,e,"read from private field"),n?n.call(t):e.get(t)),C=(t,e,n)=>e.has(t)?f("Cannot add the same private member more than once"):e instanceof WeakSet?e.add(t):e.set(t,n),q=(t,e,n,r)=>(T(t,e,"write to private field"),r?r.call(t,n):e.set(t,n),n),he=(t,e,n)=>(T(t,e,"access private method"),n),J,Q,V,K,O,X,a,$,b,L,A;const ge=64,B=t=>{const e=String.fromCharCode(...t);return btoa(e).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/g,"")},pe=async()=>{const t=crypto.getRandomValues(new Uint8Array(ge)),e=B(t),n=await crypto.subtle.digest("SHA-256",new TextEncoder().encode(e));return{verifier:e,challenge:B(new Uint8Array(n))}};X=[ne("user-ui-login")];class u extends(O=te,K=[S()],V=[S()],Q=[S()],J=[S()],O){constructor(){super(...arguments),C(this,$,p(a,8,this,[])),p(a,11,this),C(this,b,p(a,12,this,[])),p(a,15,this),C(this,L,p(a,16,this,!1)),p(a,19,this),C(this,A,p(a,20,this,"Connecting...")),p(a,23,this)}async loadNetworks(){return(await(await z(w.accessToken.get())).request({method:"listNetworks"})).networks}async loadIdps(){return(await(await z(w.accessToken.get())).request({method:"listIdps"})).idps}async connectedCallback(){super.connectedCallback();try{this.networks=await this.loadNetworks(),this.idps=await this.loadIdps()}catch(e){R(e)}}get _loginForm(){return this.renderRoot.querySelector("wg-login-form")}async showLoginError(e){this.connecting=!1,await this.updateComplete,this._loginForm?.setMessage(e,"error")}async handleConnect(e){const{selectedNetwork:n,selectedIdp:r,clientId:i}=e;this.connecting=!0,this.connectingMessage=`Connecting to ${n.name}...`,w.networkId.set(n.id);try{if(r.type==="self_signed"){await this.selfSign({clientId:i,clientSecret:n.auth.clientSecret||"",scope:n.auth.scope,audience:n.auth.audience}),Z();return}if(r.type==="oauth"){if(n.auth.method==="authorization_code"){const o=new URL(j("/callback"),window.location.origin).toString(),c=n.auth,d=await fetch(r.configUrl||"").then(y=>y.json()),v={configUrl:r.configUrl,clientId:c.clientId,audience:c.audience,stateId:crypto.randomUUID()},{verifier:_,challenge:k}=await pe();sessionStorage.setItem(`oauth-pkce-${v.stateId}`,_);const s=new URLSearchParams({response_type:"code",client_id:c.clientId||"",redirect_uri:o,nonce:crypto.randomUUID(),scope:c.scope||"",audience:c.audience||"",state:btoa(JSON.stringify(v)),code_challenge:k,code_challenge_method:"S256"});this.connectingMessage=`Redirecting to ${n.name}...`,setTimeout(()=>{window.location.href=`${d.authorization_endpoint}?${s.toString()}`},250);return}await this.showLoginError("This authentication method is not valid.");return}await this.showLoginError("This authentication type is not supported yet.")}catch(o){this.connecting=!1,R(o),await this.updateComplete,this._loginForm?.setMessage("Unable to connect. Please try again.","error")}}async selfSign(e){const r=await new se({method:"self_signed",issuer:"unsafe-auth",credentials:e},console).getAccessToken(),i=JSON.parse(atob(r.split(".")[1]));w.expirationDate.set(new Date(i.exp*1e3).toISOString()),w.accessToken.set(r);const o=w.networkId.get()||"";ee(r,o)}render(){return this.connecting?F`<wg-loading-state
|
|
2
2
|
.text=${this.connectingMessage}
|
|
3
3
|
></wg-loading-state>`:F`
|
|
4
4
|
<wg-login-form
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import{c as V,e as X,Q as Z,Y as D,b as g,h as F,i as j,t as ee}from"./index-
|
|
1
|
+
import{c as V,e as X,Q as Z,Y as D,b as g,h as F,i as j,t as ee}from"./index-BuC7gGqj.js";import{r as f}from"./state-CZ6wI2d4.js";var te=Object.create,A=Object.defineProperty,se=Object.getOwnPropertyDescriptor,Q=(t,e)=>(e=Symbol[t])?e:Symbol.for("Symbol."+t),u=t=>{throw TypeError(t)},ie=(t,e,s)=>e in t?A(t,e,{enumerable:!0,configurable:!0,writable:!0,value:s}):t[e]=s,T=(t,e)=>A(t,"name",{value:e,configurable:!0}),ae=t=>[,,,te(t?.[Q("metadata")]??null)],Y=["class","method","getter","setter","accessor","field","value","get","set"],k=t=>t!==void 0&&typeof t!="function"?u("Function expected"):t,re=(t,e,s,n,a)=>({kind:Y[t],name:e,metadata:n,addInitializer:r=>s._?u("Already initialized"):a.push(k(r||null))}),ne=(t,e)=>ie(e,Q("metadata"),t[3]),p=(t,e,s,n)=>{for(var a=0,r=t[e>>1],w=r&&r.length;a<w;a++)e&1?r[a].call(s):n=r[a].call(s,n);return n},m=(t,e,s,n,a,r)=>{var w,d,I,v,b,i=e&7,P=!!(e&8),l=!!(e&16),S=i>3?t.length+1:i?P?1:2:0,R=Y[i+5],W=i>3&&(t[S-1]=[]),L=t[S]||(t[S]=[]),h=i&&(!l&&!P&&(a=a.prototype),i<5&&(i>3||!l)&&se(i<4?a:{get[s](){return q(this,r)},set[s](c){return E(this,r,c)}},s));i?l&&i<4&&T(r,(i>2?"set ":i>1?"get ":"")+s):T(a,s);for(var $=n.length-1;$>=0;$--)v=re(i,s,I={},t[3],L),i&&(v.static=P,v.private=l,b=v.access={has:l?c=>oe(a,c):c=>s in c},i^3&&(b.get=l?c=>(i^1?q:ce)(c,a,i^4?r:h.get):c=>c[s]),i>2&&(b.set=l?(c,z)=>E(c,a,z,i^4?r:h.set):(c,z)=>c[s]=z)),d=(0,n[$])(i?i<4?l?r:h[R]:i>4?void 0:{get:h.get,set:h.set}:a,v),I._=1,i^4||d===void 0?k(d)&&(i>4?W.unshift(d):i?l?r=d:h[R]=d:a=d):typeof d!="object"||d===null?u("Object expected"):(k(w=d.get)&&(h.get=w),k(w=d.set)&&(h.set=w),k(w=d.init)&&W.unshift(w));return i||ne(t,a),h&&A(a,s,h),l?i^4?r:h:a},N=(t,e,s)=>e.has(t)||u("Cannot "+s),oe=(t,e)=>Object(e)!==e?u('Cannot use the "in" operator on this value'):t.has(e),q=(t,e,s)=>(N(t,e,"read from private field"),s?s.call(t):e.get(t)),y=(t,e,s)=>e.has(t)?u("Cannot add the same private member more than once"):e instanceof WeakSet?e.add(t):e.set(t,s),E=(t,e,s,n)=>(N(t,e,"write to private field"),n?n.call(t,s):e.set(t,s),s),ce=(t,e,s)=>(N(t,e,"access private method"),s),G,B,H,J,C,K,o,x,M,U,O;K=[ee("user-ui-networks")];class _ extends(C=F,J=[f()],H=[f()],B=[f()],G=[f()],C){constructor(){super(...arguments),y(this,x,p(o,8,this,[])),p(o,11,this),y(this,M,p(o,12,this,[])),p(o,15,this),y(this,U,p(o,16,this,!1)),p(o,19,this),y(this,O,p(o,20,this,1)),p(o,23,this),this.pageSize=3}get pagedNetworks(){const e=(this.currentPage-1)*this.pageSize;return this.networks.slice(e,e+this.pageSize)}async connectedCallback(){super.connectedCallback(),await this.loadData()}async loadData(){try{const e=await V(X.accessToken.get()),[s,n,a]=await Promise.all([e.request({method:"listNetworks"}),e.request({method:"listSessions"}).catch(()=>({sessions:[]})),e.request({method:"getUser"}).catch(()=>({userId:"",isAdmin:!1}))]);this.networks=s.networks,this.sessions=n.sessions,this.isAdmin=a.isAdmin;const r=Math.max(1,Math.ceil(this.networks.length/this.pageSize));this.currentPage>r&&(this.currentPage=r)}catch(e){Z(e)}}_onReview(e){window.location.href=`${D("/networks/review/")}?id=${encodeURIComponent(e.network.id)}`}_onPageChange(e){this.currentPage=e.page}render(){return g`
|
|
2
2
|
<div class="page-header">
|
|
3
3
|
<h1 class="h4 fw-semibold mb-0">Networks</h1>
|
|
4
4
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import{c as I,e as S,Q as g,S as K,Y as R,b as
|
|
1
|
+
import{c as I,e as S,Q as g,S as K,Y as R,b as E,u as V,p as X,h as L,i as Z,t as j}from"./index-BuC7gGqj.js";import{r as T}from"./state-CZ6wI2d4.js";var ee=Object.create,U=Object.defineProperty,te=Object.getOwnPropertyDescriptor,Q=(e,t)=>(t=Symbol[e])?t:Symbol.for("Symbol."+e),_=e=>{throw TypeError(e)},ie=(e,t,i)=>t in e?U(e,t,{enumerable:!0,configurable:!0,writable:!0,value:i}):e[t]=i,q=(e,t)=>U(e,"name",{value:t,configurable:!0}),ae=e=>[,,,ee(e?.[Q("metadata")]??null)],Y=["class","method","getter","setter","accessor","field","value","get","set"],f=e=>e!==void 0&&typeof e!="function"?_("Function expected"):e,re=(e,t,i,s,r)=>({kind:Y[e],name:t,metadata:s,addInitializer:n=>i._?_("Already initialized"):r.push(f(n||null))}),ne=(e,t)=>ie(t,Q("metadata"),e[3]),w=(e,t,i,s)=>{for(var r=0,n=e[t>>1],p=n&&n.length;r<p;r++)t&1?n[r].call(i):s=n[r].call(i,s);return s},$=(e,t,i,s,r,n)=>{var p,d,z,u,m,a=t&7,y=!!(t&8),l=!!(t&16),k=a>3?e.length+1:a?y?1:2:0,D=Y[a+5],M=a>3&&(e[k-1]=[]),J=e[k]||(e[k]=[]),c=a&&(!l&&!y&&(r=r.prototype),a<5&&(a>3||!l)&&te(a<4?r:{get[i](){return A(this,n)},set[i](o){return F(this,n,o)}},i));a?l&&a<4&&q(n,(a>2?"set ":a>1?"get ":"")+i):q(r,i);for(var b=s.length-1;b>=0;b--)u=re(a,i,z={},e[3],J),a&&(u.static=y,u.private=l,m=u.access={has:l?o=>se(r,o):o=>i in o},a^3&&(m.get=l?o=>(a^1?A:oe)(o,r,a^4?n:c.get):o=>o[i]),a>2&&(m.set=l?(o,C)=>F(o,r,C,a^4?n:c.set):(o,C)=>o[i]=C)),d=(0,s[b])(a?a<4?l?n:c[D]:a>4?void 0:{get:c.get,set:c.set}:r,u),z._=1,a^4||d===void 0?f(d)&&(a>4?M.unshift(d):a?l?n=d:c[D]=d:r=d):typeof d!="object"||d===null?_("Object expected"):(f(p=d.get)&&(c.get=p),f(p=d.set)&&(c.set=p),f(p=d.init)&&M.unshift(p));return a||ne(e,r),c&&U(r,i,c),l?a^4?n:c:r},x=(e,t,i)=>t.has(e)||_("Cannot "+i),se=(e,t)=>Object(t)!==t?_('Cannot use the "in" operator on this value'):e.has(t),A=(e,t,i)=>(x(e,t,"read from private field"),i?i.call(e):t.get(e)),W=(e,t,i)=>t.has(e)?_("Cannot add the same private member more than once"):t instanceof WeakSet?t.add(e):t.set(e,i),F=(e,t,i,s)=>(x(e,t,"write to private field"),s?s.call(e,i):t.set(e,i),i),oe=(e,t,i)=>(x(e,t,"access private method"),i),G,N,P,H,v,B,O;H=[j("user-ui-review-idp")];class h extends(P=L,N=[T()],G=[T()],P){constructor(){super(...arguments),W(this,B,w(v,8,this,null)),w(v,11,this),W(this,O,w(v,12,this,!0)),w(v,15,this)}async connectedCallback(){super.connectedCallback(),await this.loadIdp()}async loadIdp(){const i=new URLSearchParams(window.location.search).get("id");if(!i){this.navigateBack();return}try{const n=(await(await I(S.accessToken.get())).request({method:"listIdps"})).idps.find(p=>p.id===i);if(!n){g(new Error(`Identity provider "${i}" not found`)),this.navigateBack();return}this.idp=n}catch(s){g(s),this.navigateBack()}finally{this.loading=!1}}navigateBack(){window.location.href=K("/identity-providers")}async onSave(t){try{await(await I(S.accessToken.get())).request({method:"addIdp",params:{idp:t.idp}}),window.location.href=R("/identity-providers/")}catch(i){g(i)}}async onDelete(t){if(confirm(`Delete identity provider "${t.idp.id}"?`))try{await(await I(S.accessToken.get())).request({method:"removeIdp",params:{identityProviderId:t.idp.id}}),window.location.href=R("/identity-providers/")}catch(i){g(i)}}onCancel(){this.navigateBack()}render(){return this.loading?E`<p class="mb-0 text-body-secondary">
|
|
2
2
|
Loading identity provider...
|
|
3
|
-
</p>`:this.idp?
|
|
3
|
+
</p>`:this.idp?E`
|
|
4
4
|
<div class="page-header">
|
|
5
5
|
<h1 class="h4 fw-semibold mb-0">Review Identity Provider</h1>
|
|
6
6
|
<button
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import{c as S,e as A,Q as f,S as K,Y as D,b as M,
|
|
1
|
+
import{c as S,e as A,Q as f,S as K,Y as D,b as M,u as V,p as X,h as F,i as Z,t as j}from"./index-BuC7gGqj.js";import{r as R}from"./state-CZ6wI2d4.js";var ee=Object.create,N=Object.defineProperty,te=Object.getOwnPropertyDescriptor,L=(t,e)=>(e=Symbol[t])?e:Symbol.for("Symbol."+t),k=t=>{throw TypeError(t)},re=(t,e,r)=>e in t?N(t,e,{enumerable:!0,configurable:!0,writable:!0,value:r}):t[e]=r,E=(t,e)=>N(t,"name",{value:e,configurable:!0}),ne=t=>[,,,ee(t?.[L("metadata")]??null)],Q=["class","method","getter","setter","accessor","field","value","get","set"],u=t=>t!==void 0&&typeof t!="function"?k("Function expected"):t,ie=(t,e,r,o,i)=>({kind:Q[t],name:e,metadata:o,addInitializer:a=>r._?k("Already initialized"):i.push(u(a||null))}),ae=(t,e)=>re(e,L("metadata"),t[3]),_=(t,e,r,o)=>{for(var i=0,a=t[e>>1],l=a&&a.length;i<l;i++)e&1?a[i].call(r):o=a[i].call(r,o);return o},U=(t,e,r,o,i,a)=>{var l,c,x,v,m,n=e&7,g=!!(e&8),w=!!(e&16),y=n>3?t.length+1:n?g?1:2:0,B=Q[n+5],O=n>3&&(t[y-1]=[]),J=t[y]||(t[y]=[]),d=n&&(!w&&!g&&(i=i.prototype),n<5&&(n>3||!w)&&te(n<4?i:{get[r](){return T(this,a)},set[r](s){return W(this,a,s)}},r));n?w&&n<4&&E(a,(n>2?"set ":n>1?"get ":"")+r):E(i,r);for(var b=o.length-1;b>=0;b--)v=ie(n,r,x={},t[3],J),n&&(v.static=g,v.private=w,m=v.access={has:w?s=>oe(i,s):s=>r in s},n^3&&(m.get=w?s=>(n^1?T:se)(s,i,n^4?a:d.get):s=>s[r]),n>2&&(m.set=w?(s,C)=>W(s,i,C,n^4?a:d.set):(s,C)=>s[r]=C)),c=(0,o[b])(n?n<4?w?a:d[B]:n>4?void 0:{get:d.get,set:d.set}:i,v),x._=1,n^4||c===void 0?u(c)&&(n>4?O.unshift(c):n?w?a=c:d[B]=c:i=c):typeof c!="object"||c===null?k("Object expected"):(u(l=c.get)&&(d.get=l),u(l=c.set)&&(d.set=l),u(l=c.init)&&O.unshift(l));return n||ae(t,i),d&&N(i,r,d),w?n^4?a:d:i},z=(t,e,r)=>e.has(t)||k("Cannot "+r),oe=(t,e)=>Object(e)!==e?k('Cannot use the "in" operator on this value'):t.has(e),T=(t,e,r)=>(z(t,e,"read from private field"),r?r.call(t):e.get(t)),q=(t,e,r)=>e.has(t)?k("Cannot add the same private member more than once"):e instanceof WeakSet?e.add(t):e.set(t,r),W=(t,e,r,o)=>(z(t,e,"write to private field"),o?o.call(t,r):e.set(t,r),r),se=(t,e,r)=>(z(t,e,"access private method"),r),Y,G,I,H,h,P,$;H=[j("user-ui-review-network")];class p extends(I=F,G=[R()],Y=[R()],I){constructor(){super(...arguments),q(this,P,_(h,8,this,null)),_(h,11,this),q(this,$,_(h,12,this,!0)),_(h,15,this)}async connectedCallback(){super.connectedCallback(),await this.loadNetwork()}async loadNetwork(){const r=new URLSearchParams(window.location.search).get("id");if(!r){this.navigateBack();return}try{const a=(await(await S(A.accessToken.get())).request({method:"listNetworks"})).networks.find(l=>l.id===r);if(!a){f(new Error(`Network "${r}" not found`)),this.navigateBack();return}this.network=a}catch(o){f(o),this.navigateBack()}finally{this.loading=!1}}navigateBack(){window.location.href=K("/networks")}toApiAuth(e){return{method:e.method,audience:e.audience??"",scope:e.scope??"",clientId:e.clientId??"",issuer:e.issuer??"",clientSecret:e.clientSecret??""}}async onSave(e){const r=this.toApiAuth(e.network.auth),o=e.network.adminAuth?this.toApiAuth(e.network.adminAuth):{method:"client_credentials",audience:"",scope:"",clientId:"",clientSecret:""};try{await(await S(A.accessToken.get())).request({method:"addNetwork",params:{network:{id:e.network.id,name:e.network.name,description:e.network.description,identityProviderId:e.network.identityProviderId,...e.network.synchronizerId&&{synchronizerId:e.network.synchronizerId},ledgerApi:e.network.ledgerApi.baseUrl,auth:r,adminAuth:o}}}),window.location.href=D("/networks/")}catch(i){f(i)}}async onDelete(e){if(confirm(`Delete network "${e.network.name}"?`))try{await(await S(A.accessToken.get())).request({method:"removeNetwork",params:{networkName:e.network.id}}),window.location.href=D("/networks/")}catch(r){f(r)}}onCancel(){this.navigateBack()}render(){return this.loading?M`<p class="mb-0 text-body-secondary">
|
|
2
2
|
Loading network...
|
|
3
3
|
</p>`:this.network?M`
|
|
4
4
|
<div class="page-header">
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import{c as u,e as _,Q as f,Y as ae,b as G,h as H,i as oe,t as de}from"./index-
|
|
1
|
+
import{c as u,e as _,Q as f,Y as ae,b as G,h as H,i as oe,t as de}from"./index-BuC7gGqj.js";import{r as m}from"./state-CZ6wI2d4.js";var ce=Object.create,U=Object.defineProperty,he=Object.getOwnPropertyDescriptor,J=(s,e)=>(e=Symbol[s])?e:Symbol.for("Symbol."+s),y=s=>{throw TypeError(s)},le=(s,e,t)=>e in s?U(s,e,{enumerable:!0,configurable:!0,writable:!0,value:t}):s[e]=t,Q=(s,e)=>U(s,"name",{value:e,configurable:!0}),pe=s=>[,,,ce(s?.[J("metadata")]??null)],K=["class","method","getter","setter","accessor","field","value","get","set"],A=s=>s!==void 0&&typeof s!="function"?y("Function expected"):s,we=(s,e,t,d,r)=>({kind:K[s],name:e,metadata:d,addInitializer:o=>t._?y("Already initialized"):r.push(A(o||null))}),ue=(s,e)=>le(e,J("metadata"),s[3]),a=(s,e,t,d)=>{for(var r=0,o=s[e>>1],v=o&&o.length;r<v;r++)e&1?o[r].call(t):d=o[r].call(t,d);return d},k=(s,e,t,d,r,o)=>{var v,h,E,I,C,i=e&7,S=!!(e&8),w=!!(e&16),$=i>3?s.length+1:i?S?1:2:0,x=K[i+5],F=i>3&&(s[$-1]=[]),re=s[$]||(s[$]=[]),p=i&&(!w&&!S&&(r=r.prototype),i<5&&(i>3||!w)&&he(i<4?r:{get[t](){return Y(this,o)},set[t](c){return B(this,o,c)}},t));i?w&&i<4&&Q(o,(i>2?"set ":i>1?"get ":"")+t):Q(r,t);for(var b=d.length-1;b>=0;b--)I=we(i,t,E={},s[3],re),i&&(I.static=S,I.private=w,C=I.access={has:w?c=>_e(r,c):c=>t in c},i^3&&(C.get=w?c=>(i^1?Y:ke)(c,r,i^4?o:p.get):c=>c[t]),i>2&&(C.set=w?(c,N)=>B(c,r,N,i^4?o:p.set):(c,N)=>c[t]=N)),h=(0,d[b])(i?i<4?w?o:p[x]:i>4?void 0:{get:p.get,set:p.set}:r,I),E._=1,i^4||h===void 0?A(h)&&(i>4?F.unshift(h):i?w?o=h:p[x]=h:r=h):typeof h!="object"||h===null?y("Object expected"):(A(v=h.get)&&(p.get=v),A(v=h.set)&&(p.set=v),A(v=h.init)&&F.unshift(v));return i||ue(s,r),p&&U(r,t,p),w?i^4?o:p:r},T=(s,e,t)=>e.has(s)||y("Cannot "+t),_e=(s,e)=>Object(e)!==e?y('Cannot use the "in" operator on this value'):s.has(e),Y=(s,e,t)=>(T(s,e,"read from private field"),t?t.call(s):e.get(s)),g=(s,e,t)=>e.has(s)?y("Cannot add the same private member more than once"):e instanceof WeakSet?e.add(s):e.set(s,t),B=(s,e,t,d)=>(T(s,e,"write to private field"),d?d.call(s,t):e.set(s,t),t),ke=(s,e,t)=>(T(s,e,"access private method"),t),L,X,Z,j,ee,te,se,ie,M,ne,n,W,q,z,D,P,O,V,R;ne=[de("user-ui-settings")];class l extends(M=H,ie=[m()],se=[m()],te=[m()],ee=[m()],j=[m()],Z=[m()],X=[m()],L=[m()],M){constructor(){super(...arguments),g(this,W,a(n,8,this,[])),a(n,11,this),g(this,q,a(n,12,this,[])),a(n,15,this),g(this,z,a(n,16,this,[])),a(n,19,this),g(this,D,a(n,20,this,null)),a(n,23,this),g(this,P,a(n,24,this)),a(n,27,this),g(this,O,a(n,28,this,"")),a(n,31,this),g(this,V,a(n,32,this,!1)),a(n,35,this),g(this,R,a(n,36,this,[])),a(n,39,this),this.handleNetworkSubmit=async e=>{e.preventDefault();const t=this.toApiAuth(e.network.auth),d=e.network.adminAuth?this.toApiAuth(e.network.adminAuth):{method:"client_credentials",audience:"",scope:"",clientId:"",clientSecret:""};try{await(await u(_.accessToken.get())).request({method:"addNetwork",params:{network:{id:e.network.id,name:e.network.name,description:e.network.description,identityProviderId:e.network.identityProviderId,...e.network.synchronizerId&&{synchronizerId:e.network.synchronizerId},ledgerApi:e.network.ledgerApi.baseUrl,auth:t,adminAuth:d}}}),await this.listNetworks()}catch(r){f(r)}},this.handleIdpSubmit=async e=>{console.log(e);try{await(await u(_.accessToken.get())).request({method:"addIdp",params:{idp:e.idp}}),await this.listIdps()}catch(t){f(t)}},this.handleIdpDelete=async e=>{console.log(e);try{await(await u(_.accessToken.get())).request({method:"removeIdp",params:{identityProviderId:e.idp.id}}),await this.listIdps()}catch(t){f(t)}}}async connectedCallback(){super.connectedCallback(),this.client=await u(_.accessToken.get()),this.listNetworks(),this.listSessions(),this.listIdps(),this.checkAdmin();const e=await fetch(ae("/.well-known/wallet-gateway-version")).then(t=>t.json()).then(t=>t.version);this.gatewayVersion=e?`v${e}`:"unknown_version"}async checkAdmin(){try{const t=await(await u(_.accessToken.get())).request({method:"getUser"});this.userId=t.userId,this.isAdmin=t.isAdmin}catch{this.isAdmin=!1}}async listNetworks(){const t=await(await u(_.accessToken.get())).request({method:"listNetworks"});this.networks=t.networks}async listSessions(){const t=await(await u(_.accessToken.get())).request({method:"listSessions"});this.sessions=t.sessions}async listIdps(){const t=await(await u(_.accessToken.get())).request({method:"listIdps"});this.idps=t.idps}toApiAuth(e){return{method:e.method,audience:e.audience??"",scope:e.scope??"",clientId:e.clientId??"",issuer:e.issuer??"",clientSecret:e.clientSecret??""}}async handleNetworkDelete(e){if(confirm(`Delete network "${e.network.name}"?`))try{await(await u(_.accessToken.get())).request({method:"removeNetwork",params:{networkName:e.network.id}}),await this.listNetworks()}catch(t){f(t)}}render(){return this.client?G`
|
|
2
2
|
<div>
|
|
3
3
|
<h1>Wallet Gateway (${this.gatewayVersion})</h1>
|
|
4
4
|
</div>
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
import{v as u,w as l}from"./index-BuC7gGqj.js";const p={attribute:!0,type:String,converter:l,reflect:!1,hasChanged:u},d=(t=p,s,r)=>{const{kind:a,metadata:i}=r;let n=globalThis.litPropertyMetadata.get(i);if(n===void 0&&globalThis.litPropertyMetadata.set(i,n=new Map),a==="setter"&&((t=Object.create(t)).wrapped=!0),n.set(r.name,t),a==="accessor"){const{name:o}=r;return{set(e){const c=s.get.call(this);s.set.call(this,e),this.requestUpdate(o,c,t,!0,e)},init(e){return e!==void 0&&this.C(o,void 0,t,e),e}}}if(a==="setter"){const{name:o}=r;return function(e){const c=this[o];s.call(this,e),this.requestUpdate(o,c,t,!0,e)}}throw Error("Unsupported decorator location: "+a)};function h(t){return(s,r)=>typeof r=="object"?d(t,s,r):((a,i,n)=>{const o=i.hasOwnProperty(n);return i.constructor.createProperty(n,a),o?Object.getOwnPropertyDescriptor(i,n):void 0})(t,s,r)}function b(t){return h({...t,state:!0,attribute:!1})}export{b as r};
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
import{q as a}from"./index-BuC7gGqj.js";const p=(o,s,e)=>{const t=new a;t.title=o,t.message=s,t.type=e,document.body.appendChild(t)};export{p as s};
|
|
@@ -4,8 +4,8 @@
|
|
|
4
4
|
<meta charset="UTF-8" />
|
|
5
5
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
6
6
|
<title>Wallet Gateway - Remote Callback</title>
|
|
7
|
-
<script type="module" crossorigin src="../assets/callback-
|
|
8
|
-
<link rel="modulepreload" crossorigin href="../assets/index-
|
|
7
|
+
<script type="module" crossorigin src="../assets/callback-CXLUjUAK.js"></script>
|
|
8
|
+
<link rel="modulepreload" crossorigin href="../assets/index-BuC7gGqj.js">
|
|
9
9
|
</head>
|
|
10
10
|
<body>
|
|
11
11
|
<login-callback></login-callback>
|
|
@@ -4,9 +4,9 @@
|
|
|
4
4
|
<meta charset="UTF-8" />
|
|
5
5
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
6
6
|
<title>Wallet Gateway - Add Identity Provider</title>
|
|
7
|
-
<script type="module" crossorigin src="../../assets/addIdentityProvider-
|
|
8
|
-
<link rel="modulepreload" crossorigin href="../../assets/index-
|
|
9
|
-
<link rel="modulepreload" crossorigin href="../../assets/state-
|
|
7
|
+
<script type="module" crossorigin src="../../assets/addIdentityProvider-Bzz1fUGn.js"></script>
|
|
8
|
+
<link rel="modulepreload" crossorigin href="../../assets/index-BuC7gGqj.js">
|
|
9
|
+
<link rel="modulepreload" crossorigin href="../../assets/state-CZ6wI2d4.js">
|
|
10
10
|
</head>
|
|
11
11
|
<body>
|
|
12
12
|
<user-app>
|
|
@@ -4,9 +4,9 @@
|
|
|
4
4
|
<meta charset="UTF-8" />
|
|
5
5
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
6
6
|
<title>Wallet Gateway - Identity Providers</title>
|
|
7
|
-
<script type="module" crossorigin src="../assets/identityProviders-
|
|
8
|
-
<link rel="modulepreload" crossorigin href="../assets/index-
|
|
9
|
-
<link rel="modulepreload" crossorigin href="../assets/state-
|
|
7
|
+
<script type="module" crossorigin src="../assets/identityProviders-CtFhI1gg.js"></script>
|
|
8
|
+
<link rel="modulepreload" crossorigin href="../assets/index-BuC7gGqj.js">
|
|
9
|
+
<link rel="modulepreload" crossorigin href="../assets/state-CZ6wI2d4.js">
|
|
10
10
|
</head>
|
|
11
11
|
<body>
|
|
12
12
|
<user-app>
|
|
@@ -4,9 +4,9 @@
|
|
|
4
4
|
<meta charset="UTF-8" />
|
|
5
5
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
6
6
|
<title>Wallet Gateway - Review Identity Provider</title>
|
|
7
|
-
<script type="module" crossorigin src="../../assets/reviewIdentityProvider-
|
|
8
|
-
<link rel="modulepreload" crossorigin href="../../assets/index-
|
|
9
|
-
<link rel="modulepreload" crossorigin href="../../assets/state-
|
|
7
|
+
<script type="module" crossorigin src="../../assets/reviewIdentityProvider-CJFOHumn.js"></script>
|
|
8
|
+
<link rel="modulepreload" crossorigin href="../../assets/index-BuC7gGqj.js">
|
|
9
|
+
<link rel="modulepreload" crossorigin href="../../assets/state-CZ6wI2d4.js">
|
|
10
10
|
</head>
|
|
11
11
|
<body>
|
|
12
12
|
<user-app>
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
<meta charset="UTF-8" />
|
|
5
5
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
6
6
|
<title>Wallet Gateway Remote</title>
|
|
7
|
-
<script type="module" crossorigin src="./assets/index-
|
|
7
|
+
<script type="module" crossorigin src="./assets/index-BuC7gGqj.js"></script>
|
|
8
8
|
</head>
|
|
9
9
|
<body>
|
|
10
10
|
<user-app>
|
|
@@ -13,10 +13,10 @@
|
|
|
13
13
|
background: #efefef;
|
|
14
14
|
}
|
|
15
15
|
</style>
|
|
16
|
-
<script type="module" crossorigin src="../assets/login-
|
|
17
|
-
<link rel="modulepreload" crossorigin href="../assets/index-
|
|
18
|
-
<link rel="modulepreload" crossorigin href="../assets/state-
|
|
19
|
-
<link rel="modulepreload" crossorigin href="../assets/index-
|
|
16
|
+
<script type="module" crossorigin src="../assets/login-CmwQEYxS.js"></script>
|
|
17
|
+
<link rel="modulepreload" crossorigin href="../assets/index-BuC7gGqj.js">
|
|
18
|
+
<link rel="modulepreload" crossorigin href="../assets/state-CZ6wI2d4.js">
|
|
19
|
+
<link rel="modulepreload" crossorigin href="../assets/index-dDAXt5F2.js">
|
|
20
20
|
</head>
|
|
21
21
|
|
|
22
22
|
<body>
|
|
@@ -4,9 +4,9 @@
|
|
|
4
4
|
<meta charset="UTF-8" />
|
|
5
5
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
6
6
|
<title>Wallet Gateway - Add Network</title>
|
|
7
|
-
<script type="module" crossorigin src="../../assets/addNetwork-
|
|
8
|
-
<link rel="modulepreload" crossorigin href="../../assets/index-
|
|
9
|
-
<link rel="modulepreload" crossorigin href="../../assets/state-
|
|
7
|
+
<script type="module" crossorigin src="../../assets/addNetwork-B4FpgV7D.js"></script>
|
|
8
|
+
<link rel="modulepreload" crossorigin href="../../assets/index-BuC7gGqj.js">
|
|
9
|
+
<link rel="modulepreload" crossorigin href="../../assets/state-CZ6wI2d4.js">
|
|
10
10
|
</head>
|
|
11
11
|
<body>
|
|
12
12
|
<user-app>
|
|
@@ -4,9 +4,9 @@
|
|
|
4
4
|
<meta charset="UTF-8" />
|
|
5
5
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
6
6
|
<title>Wallet Gateway - Networks</title>
|
|
7
|
-
<script type="module" crossorigin src="../assets/networks
|
|
8
|
-
<link rel="modulepreload" crossorigin href="../assets/index-
|
|
9
|
-
<link rel="modulepreload" crossorigin href="../assets/state-
|
|
7
|
+
<script type="module" crossorigin src="../assets/networks-f8gSZxSb.js"></script>
|
|
8
|
+
<link rel="modulepreload" crossorigin href="../assets/index-BuC7gGqj.js">
|
|
9
|
+
<link rel="modulepreload" crossorigin href="../assets/state-CZ6wI2d4.js">
|
|
10
10
|
</head>
|
|
11
11
|
<body>
|
|
12
12
|
<user-app>
|
|
@@ -4,9 +4,9 @@
|
|
|
4
4
|
<meta charset="UTF-8" />
|
|
5
5
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
6
6
|
<title>Wallet Gateway - Review Network</title>
|
|
7
|
-
<script type="module" crossorigin src="../../assets/reviewNetwork-
|
|
8
|
-
<link rel="modulepreload" crossorigin href="../../assets/index-
|
|
9
|
-
<link rel="modulepreload" crossorigin href="../../assets/state-
|
|
7
|
+
<script type="module" crossorigin src="../../assets/reviewNetwork-D3QSssLB.js"></script>
|
|
8
|
+
<link rel="modulepreload" crossorigin href="../../assets/index-BuC7gGqj.js">
|
|
9
|
+
<link rel="modulepreload" crossorigin href="../../assets/state-CZ6wI2d4.js">
|
|
10
10
|
</head>
|
|
11
11
|
<body>
|
|
12
12
|
<user-app>
|
|
@@ -4,9 +4,11 @@
|
|
|
4
4
|
<meta charset="UTF-8" />
|
|
5
5
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
6
6
|
<title>Wallet Gateway - Add Party</title>
|
|
7
|
-
<script type="module" crossorigin src="../../assets/addParty-
|
|
8
|
-
<link rel="modulepreload" crossorigin href="../../assets/index-
|
|
9
|
-
<link rel="modulepreload" crossorigin href="../../assets/state-
|
|
7
|
+
<script type="module" crossorigin src="../../assets/addParty-D-UmQ0Oh.js"></script>
|
|
8
|
+
<link rel="modulepreload" crossorigin href="../../assets/index-BuC7gGqj.js">
|
|
9
|
+
<link rel="modulepreload" crossorigin href="../../assets/state-CZ6wI2d4.js">
|
|
10
|
+
<link rel="modulepreload" crossorigin href="../../assets/utils-CVOqcw_M.js">
|
|
11
|
+
<link rel="modulepreload" crossorigin href="../../assets/index-DFhaSBOK.js">
|
|
10
12
|
</head>
|
|
11
13
|
<body>
|
|
12
14
|
<user-app>
|
|
@@ -4,9 +4,10 @@
|
|
|
4
4
|
<meta charset="UTF-8" />
|
|
5
5
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
6
6
|
<title>Wallet Gateway - Parties</title>
|
|
7
|
-
<script type="module" crossorigin src="../assets/
|
|
8
|
-
<
|
|
9
|
-
<
|
|
7
|
+
<script type="module" crossorigin src="../assets/index-BuC7gGqj.js"></script>
|
|
8
|
+
<script type="module" crossorigin src="../assets/state-CZ6wI2d4.js"></script>
|
|
9
|
+
<script type="module" crossorigin src="../assets/utils-CVOqcw_M.js"></script>
|
|
10
|
+
<script type="module" crossorigin src="../assets/index-DFhaSBOK.js"></script>
|
|
10
11
|
</head>
|
|
11
12
|
<body>
|
|
12
13
|
<user-app>
|
|
@@ -4,9 +4,9 @@
|
|
|
4
4
|
<meta charset="UTF-8" />
|
|
5
5
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
6
6
|
<title>Wallet Gateway - Settings</title>
|
|
7
|
-
<script type="module" crossorigin src="../assets/settings-
|
|
8
|
-
<link rel="modulepreload" crossorigin href="../assets/index-
|
|
9
|
-
<link rel="modulepreload" crossorigin href="../assets/state-
|
|
7
|
+
<script type="module" crossorigin src="../assets/settings-Cc-Ij_uP.js"></script>
|
|
8
|
+
<link rel="modulepreload" crossorigin href="../assets/index-BuC7gGqj.js">
|
|
9
|
+
<link rel="modulepreload" crossorigin href="../assets/state-CZ6wI2d4.js">
|
|
10
10
|
</head>
|
|
11
11
|
<body>
|
|
12
12
|
<user-app>
|