@cubist-labs/cubesigner-sdk 0.1.77 → 0.2.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/package.json +68 -0
- package/dist/src/api.d.ts +493 -0
- package/dist/src/api.js +1166 -0
- package/dist/src/client.d.ts +534 -10
- package/dist/src/client.js +355 -19
- package/dist/src/ethers/index.d.ts +34 -9
- package/dist/src/ethers/index.js +63 -19
- package/dist/src/index.d.ts +51 -70
- package/dist/src/index.js +83 -237
- package/dist/src/key.d.ts +35 -64
- package/dist/src/key.js +32 -96
- package/dist/src/mfa.d.ts +85 -14
- package/dist/src/mfa.js +146 -40
- package/dist/src/org.d.ts +42 -194
- package/dist/src/org.js +52 -336
- package/dist/src/paginator.js +1 -1
- package/dist/src/response.d.ts +101 -0
- package/dist/src/response.js +164 -0
- package/dist/src/role.d.ts +87 -83
- package/dist/src/role.js +79 -136
- package/dist/src/schema.d.ts +936 -28
- package/dist/src/schema.js +1 -1
- package/dist/src/schema_types.d.ts +109 -0
- package/dist/src/schema_types.js +3 -0
- package/dist/src/session/cognito_manager.d.ts +15 -3
- package/dist/src/session/cognito_manager.js +23 -5
- package/dist/src/session/session_manager.d.ts +1 -1
- package/dist/src/session/session_manager.js +3 -11
- package/dist/src/session/session_storage.js +1 -1
- package/dist/src/session/signer_session_manager.d.ts +10 -29
- package/dist/src/session/signer_session_manager.js +21 -80
- package/dist/src/signer_session.d.ts +15 -252
- package/dist/src/signer_session.js +25 -424
- package/dist/src/user_export.d.ts +52 -0
- package/dist/src/user_export.js +129 -0
- package/dist/src/util.d.ts +15 -0
- package/dist/src/util.js +33 -11
- package/package.json +13 -11
- package/src/api.ts +1395 -0
- package/src/client.ts +413 -12
- package/src/ethers/index.ts +74 -28
- package/src/index.ts +96 -273
- package/src/key.ts +36 -131
- package/src/{fido.ts → mfa.ts} +62 -38
- package/src/org.ts +54 -405
- package/src/response.ts +196 -0
- package/src/role.ts +113 -184
- package/src/schema.ts +936 -28
- package/src/schema_types.ts +110 -0
- package/src/session/cognito_manager.ts +33 -6
- package/src/session/session_manager.ts +2 -8
- package/src/session/signer_session_manager.ts +29 -110
- package/src/signer_session.ts +22 -597
- package/src/user_export.ts +116 -0
- package/src/util.ts +29 -10
package/dist/src/client.js
CHANGED
|
@@ -1,21 +1,357 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
-
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
-
};
|
|
16
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
3
|
+
exports.CubeSignerClient = void 0;
|
|
4
|
+
const signer_session_manager_1 = require("./session/signer_session_manager");
|
|
5
|
+
const cognito_manager_1 = require("./session/cognito_manager");
|
|
6
|
+
const api_1 = require("./api");
|
|
7
|
+
const key_1 = require("./key");
|
|
8
|
+
const role_1 = require("./role");
|
|
9
|
+
const session_storage_1 = require("./session/session_storage");
|
|
10
|
+
/**
|
|
11
|
+
* Client to use to send requests to CubeSigner services
|
|
12
|
+
* when authenticating using a CubeSigner session token.
|
|
13
|
+
*/
|
|
14
|
+
class CubeSignerClient extends api_1.CubeSignerApi {
|
|
15
|
+
/**
|
|
16
|
+
* Constructor.
|
|
17
|
+
* @param {SignerSessionManager} sessionMgr The session manager to use
|
|
18
|
+
* @param {string?} orgId Optional organization ID; if omitted, uses the org ID from the session manager.
|
|
19
|
+
*/
|
|
20
|
+
constructor(sessionMgr, orgId) {
|
|
21
|
+
super(sessionMgr, orgId);
|
|
22
|
+
}
|
|
23
|
+
/**
|
|
24
|
+
* Returns a new instance of this class using the same session manager but targeting a different organization.
|
|
25
|
+
*
|
|
26
|
+
* @param {string} orgId The organization ID.
|
|
27
|
+
* @return {CubeSignerClient} A new instance of this class using the same session manager but targeting different organization.
|
|
28
|
+
*/
|
|
29
|
+
withOrg(orgId) {
|
|
30
|
+
return orgId ? new CubeSignerClient(this.sessionMgr, orgId) : this;
|
|
31
|
+
}
|
|
32
|
+
/**
|
|
33
|
+
* Loads an existing management session and creates a {@link CubeSignerClient} instance.
|
|
34
|
+
*
|
|
35
|
+
* @return {Promise<CubeSignerClient>} New CubeSigner instance
|
|
36
|
+
*/
|
|
37
|
+
static async loadManagementSession() {
|
|
38
|
+
const mgr = await cognito_manager_1.CognitoSessionManager.loadManagementSession();
|
|
39
|
+
// HACK: Ignore that sessionMgr may be a CognitoSessionManager and pretend that it
|
|
40
|
+
// is a SignerSessionManager; that's fine because the CubeSignerClient will
|
|
41
|
+
// almost always just call `await token()` on it, which works in both cases.
|
|
42
|
+
// NOTE: This will go away once `cs login` starts producing signer sessions.
|
|
43
|
+
return new CubeSignerClient(mgr);
|
|
44
|
+
}
|
|
45
|
+
/**
|
|
46
|
+
* Create a new signing key.
|
|
47
|
+
* @param {KeyType} type The type of key to create.
|
|
48
|
+
* @param {string?} ownerId The owner of the key. Defaults to the session's user.
|
|
49
|
+
* @return {Key[]} The new keys.
|
|
50
|
+
*/
|
|
51
|
+
async createKey(type, ownerId) {
|
|
52
|
+
return (await this.createKeys(type, 1, ownerId))[0];
|
|
53
|
+
}
|
|
54
|
+
/**
|
|
55
|
+
* Create new signing keys.
|
|
56
|
+
* @param {KeyType} type The type of key to create.
|
|
57
|
+
* @param {number} count The number of keys to create.
|
|
58
|
+
* @param {string?} ownerId The owner of the keys. Defaults to the session's user.
|
|
59
|
+
* @return {Key[]} The new keys.
|
|
60
|
+
*/
|
|
61
|
+
async createKeys(type, count, ownerId) {
|
|
62
|
+
const keys = await this.keysCreate(type, count, ownerId);
|
|
63
|
+
return keys.map((k) => new key_1.Key(this, k));
|
|
64
|
+
}
|
|
65
|
+
/**
|
|
66
|
+
* Derive a key of the given type using the given derivation path and mnemonic.
|
|
67
|
+
* The owner of the derived key will be the owner of the mnemonic.
|
|
68
|
+
*
|
|
69
|
+
* @param {KeyType} type Type of key to derive from the mnemonic.
|
|
70
|
+
* @param {string} derivationPath Mnemonic derivation path used to generate new key.
|
|
71
|
+
* @param {string} mnemonicId materialId of mnemonic key used to derive the new key.
|
|
72
|
+
*
|
|
73
|
+
* @return {Key} newly derived key or undefined if it already exists.
|
|
74
|
+
*/
|
|
75
|
+
async deriveKey(type, derivationPath, mnemonicId) {
|
|
76
|
+
return (await this.deriveKeys(type, [derivationPath], mnemonicId))[0];
|
|
77
|
+
}
|
|
78
|
+
/**
|
|
79
|
+
* Derive a set of keys of the given type using the given derivation paths and mnemonic.
|
|
80
|
+
*
|
|
81
|
+
* The owner of the derived keys will be the owner of the mnemonic.
|
|
82
|
+
*
|
|
83
|
+
* @param {KeyType} type Type of key to derive from the mnemonic.
|
|
84
|
+
* @param {string[]} derivationPaths Mnemonic derivation paths used to generate new key.
|
|
85
|
+
* @param {string} mnemonicId materialId of mnemonic key used to derive the new key.
|
|
86
|
+
*
|
|
87
|
+
* @return {Key[]} newly derived keys.
|
|
88
|
+
*/
|
|
89
|
+
async deriveKeys(type, derivationPaths, mnemonicId) {
|
|
90
|
+
const keys = await this.keysDerive(type, derivationPaths, mnemonicId);
|
|
91
|
+
return keys.map((k) => new key_1.Key(this, k));
|
|
92
|
+
}
|
|
93
|
+
/**
|
|
94
|
+
* Create a new {@link OidcClient} that will use a given OIDC token for auth.
|
|
95
|
+
* @param {string} oidcToken The authentication token to use
|
|
96
|
+
* @return {OidcClient} New OIDC client.
|
|
97
|
+
*/
|
|
98
|
+
newOidcClient(oidcToken) {
|
|
99
|
+
return new api_1.OidcClient(this.sessionMgr.env, this.orgId, oidcToken);
|
|
100
|
+
}
|
|
101
|
+
/**
|
|
102
|
+
* Authenticate an OIDC user and create a new session manager for them.
|
|
103
|
+
*
|
|
104
|
+
* @param {string} oidcToken The OIDC token
|
|
105
|
+
* @param {List<string>} scopes The scopes of the resulting session
|
|
106
|
+
* @param {OidcAuthOptions} options Options.
|
|
107
|
+
* @return {Promise<SignerSessionManager>} The signer session manager
|
|
108
|
+
*/
|
|
109
|
+
async oidcAuth(oidcToken, scopes, options) {
|
|
110
|
+
const oidcClient = this.newOidcClient(oidcToken);
|
|
111
|
+
const resp = await oidcClient.sessionCreate(scopes, options?.lifetimes, options?.mfaReceipt);
|
|
112
|
+
return await signer_session_manager_1.SignerSessionManager.loadFromStorage(new session_storage_1.MemorySessionStorage(resp.data()));
|
|
113
|
+
}
|
|
114
|
+
/**
|
|
115
|
+
* Create a new user in the organization and sends an invitation to that user.
|
|
116
|
+
*
|
|
117
|
+
* Same as {@link orgUserInvite}.
|
|
118
|
+
*/
|
|
119
|
+
get createUser() {
|
|
120
|
+
return this.orgUserInvite.bind(this);
|
|
121
|
+
}
|
|
122
|
+
/**
|
|
123
|
+
* Create a new OIDC user.
|
|
124
|
+
*
|
|
125
|
+
* Same as {@link orgUserCreateOidc}.
|
|
126
|
+
*/
|
|
127
|
+
get createOidcUser() {
|
|
128
|
+
return this.orgUserCreateOidc.bind(this);
|
|
129
|
+
}
|
|
130
|
+
/**
|
|
131
|
+
* Delete an existing OIDC user.
|
|
132
|
+
*
|
|
133
|
+
* Same as {@link orgUserDeleteOidc}.
|
|
134
|
+
*/
|
|
135
|
+
get deleteOidcUser() {
|
|
136
|
+
return this.orgUserDeleteOidc.bind(this);
|
|
137
|
+
}
|
|
138
|
+
/**
|
|
139
|
+
* List users in the organization.
|
|
140
|
+
*
|
|
141
|
+
* Same as {@link orgUsersList}
|
|
142
|
+
*/
|
|
143
|
+
get users() {
|
|
144
|
+
return this.orgUsersList.bind(this);
|
|
145
|
+
}
|
|
146
|
+
/**
|
|
147
|
+
* Obtain information about the current user.
|
|
148
|
+
*
|
|
149
|
+
* Same as {@link userGet}
|
|
150
|
+
*/
|
|
151
|
+
get user() {
|
|
152
|
+
return this.userGet.bind(this);
|
|
153
|
+
}
|
|
154
|
+
/**
|
|
155
|
+
* Get information about a specific org.
|
|
156
|
+
*
|
|
157
|
+
* @param {string?} orgId The ID or name of the org
|
|
158
|
+
* @return {Promise<OrgInfo>} CubeSigner client for the requested org.
|
|
159
|
+
*/
|
|
160
|
+
async org(orgId) {
|
|
161
|
+
return await this.withOrg(orgId).orgGet();
|
|
162
|
+
}
|
|
163
|
+
/**
|
|
164
|
+
* Obtain information about the current user.
|
|
165
|
+
*
|
|
166
|
+
* Same as {@link userGet}
|
|
167
|
+
*/
|
|
168
|
+
get aboutMe() {
|
|
169
|
+
return this.userGet.bind(this);
|
|
170
|
+
}
|
|
171
|
+
/**
|
|
172
|
+
* Get a key by id.
|
|
173
|
+
*
|
|
174
|
+
* @param {string} keyId The id of the key to get.
|
|
175
|
+
* @return {Key} The key.
|
|
176
|
+
*/
|
|
177
|
+
async getKey(keyId) {
|
|
178
|
+
const keyInfo = await this.keyGet(keyId);
|
|
179
|
+
return new key_1.Key(this, keyInfo);
|
|
180
|
+
}
|
|
181
|
+
/**
|
|
182
|
+
* Get all keys in the org.
|
|
183
|
+
*
|
|
184
|
+
* @param {KeyType?} type Optional key type to filter list for.
|
|
185
|
+
* @param {PageOpts} page Pagination options. Defaults to fetching the entire result set.
|
|
186
|
+
* @return {Promise<Key[]>} The keys.
|
|
187
|
+
*/
|
|
188
|
+
async orgKeys(type, page) {
|
|
189
|
+
const paginator = this.keysList(type, page);
|
|
190
|
+
const keys = await paginator.fetch();
|
|
191
|
+
return keys.map((k) => new key_1.Key(this, k));
|
|
192
|
+
}
|
|
193
|
+
/**
|
|
194
|
+
* Create a new role.
|
|
195
|
+
*
|
|
196
|
+
* @param {string?} name The name of the role.
|
|
197
|
+
* @return {Role} The new role.
|
|
198
|
+
*/
|
|
199
|
+
async createRole(name) {
|
|
200
|
+
const roleId = await this.roleCreate(name);
|
|
201
|
+
const roleInfo = await this.roleGet(roleId);
|
|
202
|
+
return new role_1.Role(this, roleInfo);
|
|
203
|
+
}
|
|
204
|
+
/**
|
|
205
|
+
* Get a role by id or name.
|
|
206
|
+
*
|
|
207
|
+
* @param {string} roleId The id or name of the role to get.
|
|
208
|
+
* @return {Role} The role.
|
|
209
|
+
*/
|
|
210
|
+
async getRole(roleId) {
|
|
211
|
+
const roleInfo = await this.roleGet(roleId);
|
|
212
|
+
return new role_1.Role(this, roleInfo);
|
|
213
|
+
}
|
|
214
|
+
/**
|
|
215
|
+
* List all roles in the org.
|
|
216
|
+
*
|
|
217
|
+
* @param {PageOpts} page Pagination options. Defaults to fetching the entire result set.
|
|
218
|
+
* @return {Role[]} The roles.
|
|
219
|
+
*/
|
|
220
|
+
async listRoles(page) {
|
|
221
|
+
const roles = await this.rolesList(page).fetch();
|
|
222
|
+
return roles.map((r) => new role_1.Role(this, r));
|
|
223
|
+
}
|
|
224
|
+
/**
|
|
225
|
+
* List all users in the org.
|
|
226
|
+
*
|
|
227
|
+
* Same as {@link orgUsersList}
|
|
228
|
+
*/
|
|
229
|
+
get listUsers() {
|
|
230
|
+
return this.orgUsersList.bind(this);
|
|
231
|
+
}
|
|
232
|
+
/**
|
|
233
|
+
* Approve a pending MFA request.
|
|
234
|
+
*
|
|
235
|
+
* Same as {@link mfaApprove}
|
|
236
|
+
*/
|
|
237
|
+
get approveMfaRequest() {
|
|
238
|
+
return this.mfaApprove.bind(this);
|
|
239
|
+
}
|
|
240
|
+
/**
|
|
241
|
+
* Approve a pending MFA request using TOTP.
|
|
242
|
+
*
|
|
243
|
+
* Same as {@link mfaApproveTotp}
|
|
244
|
+
*/
|
|
245
|
+
get totpApprove() {
|
|
246
|
+
return this.mfaApproveTotp.bind(this);
|
|
247
|
+
}
|
|
248
|
+
/**
|
|
249
|
+
* Initiate approval of an existing MFA request using FIDO.
|
|
250
|
+
*
|
|
251
|
+
* Returns a {@link MfaFidoChallenge} that must be answered by calling
|
|
252
|
+
* {@link MfaFidoChallenge.answer} or {@link fidoApproveComplete}.
|
|
253
|
+
*
|
|
254
|
+
* Same as {@link mfaApproveFidoInit}
|
|
255
|
+
*/
|
|
256
|
+
get fidoApproveStart() {
|
|
257
|
+
return this.mfaApproveFidoInit.bind(this);
|
|
258
|
+
}
|
|
259
|
+
/**
|
|
260
|
+
* Answer the MFA approval with FIDO challenge issued by {@link fidoApproveStart}.
|
|
261
|
+
*
|
|
262
|
+
* Same as {@link mfaApproveFidoComplete}
|
|
263
|
+
*/
|
|
264
|
+
get fidoApproveComplete() {
|
|
265
|
+
return this.mfaApproveFidoComplete.bind(this);
|
|
266
|
+
}
|
|
267
|
+
/**
|
|
268
|
+
* Get a pending MFA request by its id.
|
|
269
|
+
*
|
|
270
|
+
* Same as {@link CubeSignerClient.getMfaInfo}
|
|
271
|
+
*/
|
|
272
|
+
get getMfaInfo() {
|
|
273
|
+
return this.mfaGet.bind(this);
|
|
274
|
+
}
|
|
275
|
+
/**
|
|
276
|
+
* List pending MFA requests accessible to the current user.
|
|
277
|
+
*
|
|
278
|
+
* Same as {@link CubeSignerClient.mfaList}
|
|
279
|
+
*/
|
|
280
|
+
get listMfaInfos() {
|
|
281
|
+
return this.mfaList.bind(this);
|
|
282
|
+
}
|
|
283
|
+
/**
|
|
284
|
+
* Obtain a proof of authentication.
|
|
285
|
+
*
|
|
286
|
+
* Same as {@link CubeSignerClient.identityProve}
|
|
287
|
+
*/
|
|
288
|
+
get proveIdentity() {
|
|
289
|
+
return this.identityProve.bind(this);
|
|
290
|
+
}
|
|
291
|
+
/**
|
|
292
|
+
* Check if a given proof of OIDC authentication is valid.
|
|
293
|
+
*
|
|
294
|
+
* Same as {@link CubeSignerClient.identityVerify}
|
|
295
|
+
*/
|
|
296
|
+
get verifyIdentity() {
|
|
297
|
+
return this.identityVerify.bind(this);
|
|
298
|
+
}
|
|
299
|
+
/**
|
|
300
|
+
* Creates a request to add a new FIDO device.
|
|
301
|
+
*
|
|
302
|
+
* Returns a {@link AddFidoChallenge} that must be answered by calling {@link AddFidoChallenge.answer}.
|
|
303
|
+
*
|
|
304
|
+
* MFA may be required.
|
|
305
|
+
*
|
|
306
|
+
* Same as {@link CubeSignerClient.userRegisterFidoInit}
|
|
307
|
+
*/
|
|
308
|
+
get addFidoStart() {
|
|
309
|
+
return this.userRegisterFidoInit.bind(this);
|
|
310
|
+
}
|
|
311
|
+
/**
|
|
312
|
+
* Creates a request to change user's TOTP. Returns a {@link TotpChallenge}
|
|
313
|
+
* that must be answered by calling {@link TotpChallenge.answer} or
|
|
314
|
+
* {@link resetTotpComplete}.
|
|
315
|
+
*
|
|
316
|
+
* Same as {@link userResetTotpInit}
|
|
317
|
+
*/
|
|
318
|
+
get resetTotpStart() {
|
|
319
|
+
return this.userResetTotpInit.bind(this);
|
|
320
|
+
}
|
|
321
|
+
/**
|
|
322
|
+
* Answer the TOTP challenge issued by {@link resetTotpStart}. If successful,
|
|
323
|
+
* user's TOTP configuration will be updated to that of the TOTP challenge.
|
|
324
|
+
*
|
|
325
|
+
* Same as {@link userResetTotpComplete}
|
|
326
|
+
*/
|
|
327
|
+
get resetTotpComplete() {
|
|
328
|
+
return this.userResetTotpComplete.bind(this);
|
|
329
|
+
}
|
|
330
|
+
/**
|
|
331
|
+
* Verifies a given TOTP code against the current user's TOTP configuration.
|
|
332
|
+
* Throws an error if the verification fails.
|
|
333
|
+
*
|
|
334
|
+
* Same as {@link userVerifyTotp}
|
|
335
|
+
*/
|
|
336
|
+
get verifyTotp() {
|
|
337
|
+
return this.userVerifyTotp.bind(this);
|
|
338
|
+
}
|
|
339
|
+
/**
|
|
340
|
+
* Sign a stake request.
|
|
341
|
+
*
|
|
342
|
+
* Same as {@link signStake}
|
|
343
|
+
*/
|
|
344
|
+
get stake() {
|
|
345
|
+
return this.signStake.bind(this);
|
|
346
|
+
}
|
|
347
|
+
/**
|
|
348
|
+
* Sign an unstake request.
|
|
349
|
+
*
|
|
350
|
+
* Same as {@link signUnstake}
|
|
351
|
+
*/
|
|
352
|
+
get unstake() {
|
|
353
|
+
return this.signUnstake.bind(this);
|
|
354
|
+
}
|
|
355
|
+
}
|
|
356
|
+
exports.CubeSignerClient = CubeSignerClient;
|
|
357
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xpZW50LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2NsaWVudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2RUFBOEY7QUFDOUYsK0RBQWtFO0FBQ2xFLCtCQUFrRDtBQUNsRCwrQkFBcUM7QUFJckMsaUNBQThCO0FBSzlCLCtEQUFpRTtBQVlqRTs7O0dBR0c7QUFDSCxNQUFhLGdCQUFpQixTQUFRLG1CQUFhO0lBQ2pEOzs7O09BSUc7SUFDSCxZQUFZLFVBQWdDLEVBQUUsS0FBYztRQUMxRCxLQUFLLENBQUMsVUFBVSxFQUFFLEtBQUssQ0FBQyxDQUFDO0lBQzNCLENBQUM7SUFFRDs7Ozs7T0FLRztJQUNILE9BQU8sQ0FBQyxLQUFjO1FBQ3BCLE9BQU8sS0FBSyxDQUFDLENBQUMsQ0FBQyxJQUFJLGdCQUFnQixDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQztJQUNyRSxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILE1BQU0sQ0FBQyxLQUFLLENBQUMscUJBQXFCO1FBQ2hDLE1BQU0sR0FBRyxHQUFHLE1BQU0sdUNBQXFCLENBQUMscUJBQXFCLEVBQUUsQ0FBQztRQUNoRSxrRkFBa0Y7UUFDbEYsaUZBQWlGO1FBQ2pGLGtGQUFrRjtRQUNsRiw0RUFBNEU7UUFDNUUsT0FBTyxJQUFJLGdCQUFnQixDQUFDLEdBQXNDLENBQUMsQ0FBQztJQUN0RSxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSCxLQUFLLENBQUMsU0FBUyxDQUFDLElBQWEsRUFBRSxPQUFnQjtRQUM3QyxPQUFPLENBQUMsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksRUFBRSxDQUFDLEVBQUUsT0FBTyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUN0RCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0gsS0FBSyxDQUFDLFVBQVUsQ0FBQyxJQUFhLEVBQUUsS0FBYSxFQUFFLE9BQWdCO1FBQzdELE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLEVBQUUsS0FBSyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQ3pELE9BQU8sSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsSUFBSSxTQUFHLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDM0MsQ0FBQztJQUVEOzs7Ozs7Ozs7T0FTRztJQUNILEtBQUssQ0FBQyxTQUFTLENBQ2IsSUFBYSxFQUNiLGNBQXNCLEVBQ3RCLFVBQWtCO1FBRWxCLE9BQU8sQ0FBQyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxFQUFFLENBQUMsY0FBYyxDQUFDLEVBQUUsVUFBVSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUN4RSxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNILEtBQUssQ0FBQyxVQUFVLENBQUMsSUFBYSxFQUFFLGVBQXlCLEVBQUUsVUFBa0I7UUFDM0UsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksRUFBRSxlQUFlLEVBQUUsVUFBVSxDQUFDLENBQUM7UUFDdEUsT0FBTyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxJQUFJLFNBQUcsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUMzQyxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILGFBQWEsQ0FBQyxTQUFpQjtRQUM3QixPQUFPLElBQUksZ0JBQVUsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLEdBQUcsRUFBRSxJQUFJLENBQUMsS0FBSyxFQUFFLFNBQVMsQ0FBQyxDQUFDO0lBQ3BFLENBQUM7SUFFRDs7Ozs7OztPQU9HO0lBQ0gsS0FBSyxDQUFDLFFBQVEsQ0FDWixTQUFpQixFQUNqQixNQUFxQixFQUNyQixPQUF5QjtRQUV6QixNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBQ2pELE1BQU0sSUFBSSxHQUFHLE1BQU0sVUFBVSxDQUFDLGFBQWEsQ0FBQyxNQUFNLEVBQUUsT0FBTyxFQUFFLFNBQVMsRUFBRSxPQUFPLEVBQUUsVUFBVSxDQUFDLENBQUM7UUFDN0YsT0FBTyxNQUFNLDZDQUFvQixDQUFDLGVBQWUsQ0FBQyxJQUFJLHNDQUFvQixDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUM7SUFDM0YsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxJQUFJLFVBQVU7UUFDWixPQUFPLElBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQ3ZDLENBQUM7SUFFRDs7OztPQUlHO0lBQ0gsSUFBSSxjQUFjO1FBQ2hCLE9BQU8sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUMzQyxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILElBQUksY0FBYztRQUNoQixPQUFPLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDM0MsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxJQUFJLEtBQUs7UUFDUCxPQUFPLElBQUksQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQ3RDLENBQUM7SUFFRDs7OztPQUlHO0lBQ0gsSUFBSSxJQUFJO1FBQ04sT0FBTyxJQUFJLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSCxLQUFLLENBQUMsR0FBRyxDQUFDLEtBQWM7UUFDdEIsT0FBTyxNQUFNLElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUMsTUFBTSxFQUFFLENBQUM7SUFDNUMsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxJQUFJLE9BQU87UUFDVCxPQUFPLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQ2pDLENBQUM7SUFFRDs7Ozs7T0FLRztJQUNILEtBQUssQ0FBQyxNQUFNLENBQUMsS0FBYTtRQUN4QixNQUFNLE9BQU8sR0FBRyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDekMsT0FBTyxJQUFJLFNBQUcsQ0FBQyxJQUFJLEVBQUUsT0FBTyxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNILEtBQUssQ0FBQyxPQUFPLENBQUMsSUFBYyxFQUFFLElBQWU7UUFDM0MsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLFFBQVEsQ0FBQyxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFDNUMsTUFBTSxJQUFJLEdBQUcsTUFBTSxTQUFTLENBQUMsS0FBSyxFQUFFLENBQUM7UUFDckMsT0FBTyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxJQUFJLFNBQUcsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUMzQyxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSCxLQUFLLENBQUMsVUFBVSxDQUFDLElBQWE7UUFDNUIsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQzNDLE1BQU0sUUFBUSxHQUFHLE1BQU0sSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUM1QyxPQUFPLElBQUksV0FBSSxDQUFDLElBQUksRUFBRSxRQUFRLENBQUMsQ0FBQztJQUNsQyxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSCxLQUFLLENBQUMsT0FBTyxDQUFDLE1BQWM7UUFDMUIsTUFBTSxRQUFRLEdBQUcsTUFBTSxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQzVDLE9BQU8sSUFBSSxXQUFJLENBQUMsSUFBSSxFQUFFLFFBQVEsQ0FBQyxDQUFDO0lBQ2xDLENBQUM7SUFFRDs7Ozs7T0FLRztJQUNILEtBQUssQ0FBQyxTQUFTLENBQUMsSUFBZTtRQUM3QixNQUFNLEtBQUssR0FBRyxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUM7UUFDakQsT0FBTyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxJQUFJLFdBQUksQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUM3QyxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILElBQUksU0FBUztRQUNYLE9BQU8sSUFBSSxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDdEMsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxJQUFJLGlCQUFpQjtRQUNuQixPQUFPLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQ3BDLENBQUM7SUFFRDs7OztPQUlHO0lBQ0gsSUFBSSxXQUFXO1FBQ2IsT0FBTyxJQUFJLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUN4QyxDQUFDO0lBRUQ7Ozs7Ozs7T0FPRztJQUNILElBQUksZ0JBQWdCO1FBQ2xCLE9BQU8sSUFBSSxDQUFDLGtCQUFrQixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUM1QyxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILElBQUksbUJBQW1CO1FBQ3JCLE9BQU8sSUFBSSxDQUFDLHNCQUFzQixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUNoRCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILElBQUksVUFBVTtRQUNaLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxJQUFJLFlBQVk7UUFDZCxPQUFPLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQ2pDLENBQUM7SUFFRDs7OztPQUlHO0lBQ0gsSUFBSSxhQUFhO1FBQ2YsT0FBTyxJQUFJLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUN2QyxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILElBQUksY0FBYztRQUNoQixPQUFPLElBQUksQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7Ozs7T0FRRztJQUNILElBQUksWUFBWTtRQUNkLE9BQU8sSUFBSSxDQUFDLG9CQUFvQixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUM5QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0gsSUFBSSxjQUFjO1FBQ2hCLE9BQU8sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUMzQyxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSCxJQUFJLGlCQUFpQjtRQUNuQixPQUFPLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDL0MsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0gsSUFBSSxVQUFVO1FBQ1osT0FBTyxJQUFJLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUN4QyxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILElBQUksS0FBSztRQUNQLE9BQU8sSUFBSSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDbkMsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxJQUFJLE9BQU87UUFDVCxPQUFPLElBQUksQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQ3JDLENBQUM7Q0FDRjtBQWhZRCw0Q0FnWUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBTaWduZXJTZXNzaW9uTWFuYWdlciwgU2lnbmVyU2Vzc2lvblN0b3JhZ2UgfSBmcm9tIFwiLi9zZXNzaW9uL3NpZ25lcl9zZXNzaW9uX21hbmFnZXJcIjtcbmltcG9ydCB7IENvZ25pdG9TZXNzaW9uTWFuYWdlciB9IGZyb20gXCIuL3Nlc3Npb24vY29nbml0b19tYW5hZ2VyXCI7XG5pbXBvcnQgeyBDdWJlU2lnbmVyQXBpLCBPaWRjQ2xpZW50IH0gZnJvbSBcIi4vYXBpXCI7XG5pbXBvcnQgeyBLZXlUeXBlLCBLZXkgfSBmcm9tIFwiLi9rZXlcIjtcbmltcG9ydCB7IE9yZ0luZm8sIFJhdGNoZXRDb25maWcgfSBmcm9tIFwiLi9zY2hlbWFfdHlwZXNcIjtcbmltcG9ydCB7IE1mYVJlY2VpcHQgfSBmcm9tIFwiLi9tZmFcIjtcbmltcG9ydCB7IFBhZ2VPcHRzIH0gZnJvbSBcIi4vcGFnaW5hdG9yXCI7XG5pbXBvcnQgeyBSb2xlIH0gZnJvbSBcIi4vcm9sZVwiO1xuXG4vLyB1c2VkIGluIGRvYyBjb21tZW50c1xuLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIG5vLXVudXNlZC12YXJzLCBAdHlwZXNjcmlwdC1lc2xpbnQvbm8tdW51c2VkLXZhcnNcbmltcG9ydCB7IEFkZEZpZG9DaGFsbGVuZ2UsIE1mYUZpZG9DaGFsbGVuZ2UsIFRvdHBDaGFsbGVuZ2UgfSBmcm9tIFwiLi9tZmFcIjtcbmltcG9ydCB7IE1lbW9yeVNlc3Npb25TdG9yYWdlIH0gZnJvbSBcIi4vc2Vzc2lvbi9zZXNzaW9uX3N0b3JhZ2VcIjtcblxuLyoqIE9wdGlvbnMgZm9yIGxvZ2dpbmcgaW4gd2l0aCBPSURDIHRva2VuICovXG5leHBvcnQgaW50ZXJmYWNlIE9pZGNBdXRoT3B0aW9ucyB7XG4gIC8qKiBPcHRpb25hbCB0b2tlbiBsaWZldGltZXMgKi9cbiAgbGlmZXRpbWVzPzogUmF0Y2hldENvbmZpZztcbiAgLyoqIE9wdGlvbmFsIE1GQSByZWNlaXB0ICovXG4gIG1mYVJlY2VpcHQ/OiBNZmFSZWNlaXB0O1xuICAvKiogT3B0aW9uYWwgc3RvcmFnZSB0byB1c2UgZm9yIHRoZSByZXR1cm5lZCBzZXNzaW9uIChkZWZhdWx0cyB0byB7QGxpbmsgTWVtb3J5U2Vzc2lvblN0b3JhZ2V9KSAqL1xuICBzdG9yYWdlPzogU2lnbmVyU2Vzc2lvblN0b3JhZ2U7XG59XG5cbi8qKlxuICogQ2xpZW50IHRvIHVzZSB0byBzZW5kIHJlcXVlc3RzIHRvIEN1YmVTaWduZXIgc2VydmljZXNcbiAqIHdoZW4gYXV0aGVudGljYXRpbmcgdXNpbmcgYSBDdWJlU2lnbmVyIHNlc3Npb24gdG9rZW4uXG4gKi9cbmV4cG9ydCBjbGFzcyBDdWJlU2lnbmVyQ2xpZW50IGV4dGVuZHMgQ3ViZVNpZ25lckFwaSB7XG4gIC8qKlxuICAgKiBDb25zdHJ1Y3Rvci5cbiAgICogQHBhcmFtIHtTaWduZXJTZXNzaW9uTWFuYWdlcn0gc2Vzc2lvbk1nciBUaGUgc2Vzc2lvbiBtYW5hZ2VyIHRvIHVzZVxuICAgKiBAcGFyYW0ge3N0cmluZz99IG9yZ0lkIE9wdGlvbmFsIG9yZ2FuaXphdGlvbiBJRDsgaWYgb21pdHRlZCwgdXNlcyB0aGUgb3JnIElEIGZyb20gdGhlIHNlc3Npb24gbWFuYWdlci5cbiAgICovXG4gIGNvbnN0cnVjdG9yKHNlc3Npb25NZ3I6IFNpZ25lclNlc3Npb25NYW5hZ2VyLCBvcmdJZD86IHN0cmluZykge1xuICAgIHN1cGVyKHNlc3Npb25NZ3IsIG9yZ0lkKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBSZXR1cm5zIGEgbmV3IGluc3RhbmNlIG9mIHRoaXMgY2xhc3MgdXNpbmcgdGhlIHNhbWUgc2Vzc2lvbiBtYW5hZ2VyIGJ1dCB0YXJnZXRpbmcgYSBkaWZmZXJlbnQgb3JnYW5pemF0aW9uLlxuICAgKlxuICAgKiBAcGFyYW0ge3N0cmluZ30gb3JnSWQgVGhlIG9yZ2FuaXphdGlvbiBJRC5cbiAgICogQHJldHVybiB7Q3ViZVNpZ25lckNsaWVudH0gQSBuZXcgaW5zdGFuY2Ugb2YgdGhpcyBjbGFzcyB1c2luZyB0aGUgc2FtZSBzZXNzaW9uIG1hbmFnZXIgYnV0IHRhcmdldGluZyBkaWZmZXJlbnQgb3JnYW5pemF0aW9uLlxuICAgKi9cbiAgd2l0aE9yZyhvcmdJZD86IHN0cmluZyk6IEN1YmVTaWduZXJDbGllbnQge1xuICAgIHJldHVybiBvcmdJZCA/IG5ldyBDdWJlU2lnbmVyQ2xpZW50KHRoaXMuc2Vzc2lvbk1nciwgb3JnSWQpIDogdGhpcztcbiAgfVxuXG4gIC8qKlxuICAgKiBMb2FkcyBhbiBleGlzdGluZyBtYW5hZ2VtZW50IHNlc3Npb24gYW5kIGNyZWF0ZXMgYSB7QGxpbmsgQ3ViZVNpZ25lckNsaWVudH0gaW5zdGFuY2UuXG4gICAqXG4gICAqIEByZXR1cm4ge1Byb21pc2U8Q3ViZVNpZ25lckNsaWVudD59IE5ldyBDdWJlU2lnbmVyIGluc3RhbmNlXG4gICAqL1xuICBzdGF0aWMgYXN5bmMgbG9hZE1hbmFnZW1lbnRTZXNzaW9uKCk6IFByb21pc2U8Q3ViZVNpZ25lckNsaWVudD4ge1xuICAgIGNvbnN0IG1nciA9IGF3YWl0IENvZ25pdG9TZXNzaW9uTWFuYWdlci5sb2FkTWFuYWdlbWVudFNlc3Npb24oKTtcbiAgICAvLyBIQUNLOiBJZ25vcmUgdGhhdCBzZXNzaW9uTWdyIG1heSBiZSBhIENvZ25pdG9TZXNzaW9uTWFuYWdlciBhbmQgcHJldGVuZCB0aGF0IGl0XG4gICAgLy8gICAgICAgaXMgYSBTaWduZXJTZXNzaW9uTWFuYWdlcjsgdGhhdCdzIGZpbmUgYmVjYXVzZSB0aGUgQ3ViZVNpZ25lckNsaWVudCB3aWxsXG4gICAgLy8gICAgICAgYWxtb3N0IGFsd2F5cyBqdXN0IGNhbGwgYGF3YWl0IHRva2VuKClgIG9uIGl0LCB3aGljaCB3b3JrcyBpbiBib3RoIGNhc2VzLlxuICAgIC8vIE5PVEU6IFRoaXMgd2lsbCBnbyBhd2F5IG9uY2UgYGNzIGxvZ2luYCBzdGFydHMgcHJvZHVjaW5nIHNpZ25lciBzZXNzaW9ucy5cbiAgICByZXR1cm4gbmV3IEN1YmVTaWduZXJDbGllbnQobWdyIGFzIHVua25vd24gYXMgU2lnbmVyU2Vzc2lvbk1hbmFnZXIpO1xuICB9XG5cbiAgLyoqXG4gICAqIENyZWF0ZSBhIG5ldyBzaWduaW5nIGtleS5cbiAgICogQHBhcmFtIHtLZXlUeXBlfSB0eXBlIFRoZSB0eXBlIG9mIGtleSB0byBjcmVhdGUuXG4gICAqIEBwYXJhbSB7c3RyaW5nP30gb3duZXJJZCBUaGUgb3duZXIgb2YgdGhlIGtleS4gRGVmYXVsdHMgdG8gdGhlIHNlc3Npb24ncyB1c2VyLlxuICAgKiBAcmV0dXJuIHtLZXlbXX0gVGhlIG5ldyBrZXlzLlxuICAgKi9cbiAgYXN5bmMgY3JlYXRlS2V5KHR5cGU6IEtleVR5cGUsIG93bmVySWQ/OiBzdHJpbmcpOiBQcm9taXNlPEtleT4ge1xuICAgIHJldHVybiAoYXdhaXQgdGhpcy5jcmVhdGVLZXlzKHR5cGUsIDEsIG93bmVySWQpKVswXTtcbiAgfVxuXG4gIC8qKlxuICAgKiBDcmVhdGUgbmV3IHNpZ25pbmcga2V5cy5cbiAgICogQHBhcmFtIHtLZXlUeXBlfSB0eXBlIFRoZSB0eXBlIG9mIGtleSB0byBjcmVhdGUuXG4gICAqIEBwYXJhbSB7bnVtYmVyfSBjb3VudCBUaGUgbnVtYmVyIG9mIGtleXMgdG8gY3JlYXRlLlxuICAgKiBAcGFyYW0ge3N0cmluZz99IG93bmVySWQgVGhlIG93bmVyIG9mIHRoZSBrZXlzLiBEZWZhdWx0cyB0byB0aGUgc2Vzc2lvbidzIHVzZXIuXG4gICAqIEByZXR1cm4ge0tleVtdfSBUaGUgbmV3IGtleXMuXG4gICAqL1xuICBhc3luYyBjcmVhdGVLZXlzKHR5cGU6IEtleVR5cGUsIGNvdW50OiBudW1iZXIsIG93bmVySWQ/OiBzdHJpbmcpOiBQcm9taXNlPEtleVtdPiB7XG4gICAgY29uc3Qga2V5cyA9IGF3YWl0IHRoaXMua2V5c0NyZWF0ZSh0eXBlLCBjb3VudCwgb3duZXJJZCk7XG4gICAgcmV0dXJuIGtleXMubWFwKChrKSA9PiBuZXcgS2V5KHRoaXMsIGspKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBEZXJpdmUgYSBrZXkgb2YgdGhlIGdpdmVuIHR5cGUgdXNpbmcgdGhlIGdpdmVuIGRlcml2YXRpb24gcGF0aCBhbmQgbW5lbW9uaWMuXG4gICAqIFRoZSBvd25lciBvZiB0aGUgZGVyaXZlZCBrZXkgd2lsbCBiZSB0aGUgb3duZXIgb2YgdGhlIG1uZW1vbmljLlxuICAgKlxuICAgKiBAcGFyYW0ge0tleVR5cGV9IHR5cGUgVHlwZSBvZiBrZXkgdG8gZGVyaXZlIGZyb20gdGhlIG1uZW1vbmljLlxuICAgKiBAcGFyYW0ge3N0cmluZ30gZGVyaXZhdGlvblBhdGggTW5lbW9uaWMgZGVyaXZhdGlvbiBwYXRoIHVzZWQgdG8gZ2VuZXJhdGUgbmV3IGtleS5cbiAgICogQHBhcmFtIHtzdHJpbmd9IG1uZW1vbmljSWQgbWF0ZXJpYWxJZCBvZiBtbmVtb25pYyBrZXkgdXNlZCB0byBkZXJpdmUgdGhlIG5ldyBrZXkuXG4gICAqXG4gICAqIEByZXR1cm4ge0tleX0gbmV3bHkgZGVyaXZlZCBrZXkgb3IgdW5kZWZpbmVkIGlmIGl0IGFscmVhZHkgZXhpc3RzLlxuICAgKi9cbiAgYXN5bmMgZGVyaXZlS2V5KFxuICAgIHR5cGU6IEtleVR5cGUsXG4gICAgZGVyaXZhdGlvblBhdGg6IHN0cmluZyxcbiAgICBtbmVtb25pY0lkOiBzdHJpbmcsXG4gICk6IFByb21pc2U8S2V5IHwgdW5kZWZpbmVkPiB7XG4gICAgcmV0dXJuIChhd2FpdCB0aGlzLmRlcml2ZUtleXModHlwZSwgW2Rlcml2YXRpb25QYXRoXSwgbW5lbW9uaWNJZCkpWzBdO1xuICB9XG5cbiAgLyoqXG4gICAqIERlcml2ZSBhIHNldCBvZiBrZXlzIG9mIHRoZSBnaXZlbiB0eXBlIHVzaW5nIHRoZSBnaXZlbiBkZXJpdmF0aW9uIHBhdGhzIGFuZCBtbmVtb25pYy5cbiAgICpcbiAgICogVGhlIG93bmVyIG9mIHRoZSBkZXJpdmVkIGtleXMgd2lsbCBiZSB0aGUgb3duZXIgb2YgdGhlIG1uZW1vbmljLlxuICAgKlxuICAgKiBAcGFyYW0ge0tleVR5cGV9IHR5cGUgVHlwZSBvZiBrZXkgdG8gZGVyaXZlIGZyb20gdGhlIG1uZW1vbmljLlxuICAgKiBAcGFyYW0ge3N0cmluZ1tdfSBkZXJpdmF0aW9uUGF0aHMgTW5lbW9uaWMgZGVyaXZhdGlvbiBwYXRocyB1c2VkIHRvIGdlbmVyYXRlIG5ldyBrZXkuXG4gICAqIEBwYXJhbSB7c3RyaW5nfSBtbmVtb25pY0lkIG1hdGVyaWFsSWQgb2YgbW5lbW9uaWMga2V5IHVzZWQgdG8gZGVyaXZlIHRoZSBuZXcga2V5LlxuICAgKlxuICAgKiBAcmV0dXJuIHtLZXlbXX0gbmV3bHkgZGVyaXZlZCBrZXlzLlxuICAgKi9cbiAgYXN5bmMgZGVyaXZlS2V5cyh0eXBlOiBLZXlUeXBlLCBkZXJpdmF0aW9uUGF0aHM6IHN0cmluZ1tdLCBtbmVtb25pY0lkOiBzdHJpbmcpOiBQcm9taXNlPEtleVtdPiB7XG4gICAgY29uc3Qga2V5cyA9IGF3YWl0IHRoaXMua2V5c0Rlcml2ZSh0eXBlLCBkZXJpdmF0aW9uUGF0aHMsIG1uZW1vbmljSWQpO1xuICAgIHJldHVybiBrZXlzLm1hcCgoaykgPT4gbmV3IEtleSh0aGlzLCBrKSk7XG4gIH1cblxuICAvKipcbiAgICogQ3JlYXRlIGEgbmV3IHtAbGluayBPaWRjQ2xpZW50fSB0aGF0IHdpbGwgdXNlIGEgZ2l2ZW4gT0lEQyB0b2tlbiBmb3IgYXV0aC5cbiAgICogQHBhcmFtIHtzdHJpbmd9IG9pZGNUb2tlbiBUaGUgYXV0aGVudGljYXRpb24gdG9rZW4gdG8gdXNlXG4gICAqIEByZXR1cm4ge09pZGNDbGllbnR9IE5ldyBPSURDIGNsaWVudC5cbiAgICovXG4gIG5ld09pZGNDbGllbnQob2lkY1Rva2VuOiBzdHJpbmcpOiBPaWRjQ2xpZW50IHtcbiAgICByZXR1cm4gbmV3IE9pZGNDbGllbnQodGhpcy5zZXNzaW9uTWdyLmVudiwgdGhpcy5vcmdJZCwgb2lkY1Rva2VuKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBBdXRoZW50aWNhdGUgYW4gT0lEQyB1c2VyIGFuZCBjcmVhdGUgYSBuZXcgc2Vzc2lvbiBtYW5hZ2VyIGZvciB0aGVtLlxuICAgKlxuICAgKiBAcGFyYW0ge3N0cmluZ30gb2lkY1Rva2VuIFRoZSBPSURDIHRva2VuXG4gICAqIEBwYXJhbSB7TGlzdDxzdHJpbmc+fSBzY29wZXMgVGhlIHNjb3BlcyBvZiB0aGUgcmVzdWx0aW5nIHNlc3Npb25cbiAgICogQHBhcmFtIHtPaWRjQXV0aE9wdGlvbnN9IG9wdGlvbnMgT3B0aW9ucy5cbiAgICogQHJldHVybiB7UHJvbWlzZTxTaWduZXJTZXNzaW9uTWFuYWdlcj59IFRoZSBzaWduZXIgc2Vzc2lvbiBtYW5hZ2VyXG4gICAqL1xuICBhc3luYyBvaWRjQXV0aChcbiAgICBvaWRjVG9rZW46IHN0cmluZyxcbiAgICBzY29wZXM6IEFycmF5PHN0cmluZz4sXG4gICAgb3B0aW9ucz86IE9pZGNBdXRoT3B0aW9ucyxcbiAgKTogUHJvbWlzZTxTaWduZXJTZXNzaW9uTWFuYWdlcj4ge1xuICAgIGNvbnN0IG9pZGNDbGllbnQgPSB0aGlzLm5ld09pZGNDbGllbnQob2lkY1Rva2VuKTtcbiAgICBjb25zdCByZXNwID0gYXdhaXQgb2lkY0NsaWVudC5zZXNzaW9uQ3JlYXRlKHNjb3Blcywgb3B0aW9ucz8ubGlmZXRpbWVzLCBvcHRpb25zPy5tZmFSZWNlaXB0KTtcbiAgICByZXR1cm4gYXdhaXQgU2lnbmVyU2Vzc2lvbk1hbmFnZXIubG9hZEZyb21TdG9yYWdlKG5ldyBNZW1vcnlTZXNzaW9uU3RvcmFnZShyZXNwLmRhdGEoKSkpO1xuICB9XG5cbiAgLyoqXG4gICAqIENyZWF0ZSBhIG5ldyB1c2VyIGluIHRoZSBvcmdhbml6YXRpb24gYW5kIHNlbmRzIGFuIGludml0YXRpb24gdG8gdGhhdCB1c2VyLlxuICAgKlxuICAgKiBTYW1lIGFzIHtAbGluayBvcmdVc2VySW52aXRlfS5cbiAgICovXG4gIGdldCBjcmVhdGVVc2VyKCkge1xuICAgIHJldHVybiB0aGlzLm9yZ1VzZXJJbnZpdGUuYmluZCh0aGlzKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBDcmVhdGUgYSBuZXcgT0lEQyB1c2VyLlxuICAgKlxuICAgKiBTYW1lIGFzIHtAbGluayBvcmdVc2VyQ3JlYXRlT2lkY30uXG4gICAqL1xuICBnZXQgY3JlYXRlT2lkY1VzZXIoKSB7XG4gICAgcmV0dXJuIHRoaXMub3JnVXNlckNyZWF0ZU9pZGMuYmluZCh0aGlzKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBEZWxldGUgYW4gZXhpc3RpbmcgT0lEQyB1c2VyLlxuICAgKlxuICAgKiBTYW1lIGFzIHtAbGluayBvcmdVc2VyRGVsZXRlT2lkY30uXG4gICAqL1xuICBnZXQgZGVsZXRlT2lkY1VzZXIoKSB7XG4gICAgcmV0dXJuIHRoaXMub3JnVXNlckRlbGV0ZU9pZGMuYmluZCh0aGlzKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBMaXN0IHVzZXJzIGluIHRoZSBvcmdhbml6YXRpb24uXG4gICAqXG4gICAqIFNhbWUgYXMge0BsaW5rIG9yZ1VzZXJzTGlzdH1cbiAgICovXG4gIGdldCB1c2VycygpIHtcbiAgICByZXR1cm4gdGhpcy5vcmdVc2Vyc0xpc3QuYmluZCh0aGlzKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBPYnRhaW4gaW5mb3JtYXRpb24gYWJvdXQgdGhlIGN1cnJlbnQgdXNlci5cbiAgICpcbiAgICogU2FtZSBhcyB7QGxpbmsgdXNlckdldH1cbiAgICovXG4gIGdldCB1c2VyKCkge1xuICAgIHJldHVybiB0aGlzLnVzZXJHZXQuYmluZCh0aGlzKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHZXQgaW5mb3JtYXRpb24gYWJvdXQgYSBzcGVjaWZpYyBvcmcuXG4gICAqXG4gICAqIEBwYXJhbSB7c3RyaW5nP30gb3JnSWQgVGhlIElEIG9yIG5hbWUgb2YgdGhlIG9yZ1xuICAgKiBAcmV0dXJuIHtQcm9taXNlPE9yZ0luZm8+fSBDdWJlU2lnbmVyIGNsaWVudCBmb3IgdGhlIHJlcXVlc3RlZCBvcmcuXG4gICAqL1xuICBhc3luYyBvcmcob3JnSWQ/OiBzdHJpbmcpOiBQcm9taXNlPE9yZ0luZm8+IHtcbiAgICByZXR1cm4gYXdhaXQgdGhpcy53aXRoT3JnKG9yZ0lkKS5vcmdHZXQoKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBPYnRhaW4gaW5mb3JtYXRpb24gYWJvdXQgdGhlIGN1cnJlbnQgdXNlci5cbiAgICpcbiAgICogU2FtZSBhcyB7QGxpbmsgdXNlckdldH1cbiAgICovXG4gIGdldCBhYm91dE1lKCkge1xuICAgIHJldHVybiB0aGlzLnVzZXJHZXQuYmluZCh0aGlzKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHZXQgYSBrZXkgYnkgaWQuXG4gICAqXG4gICAqIEBwYXJhbSB7c3RyaW5nfSBrZXlJZCBUaGUgaWQgb2YgdGhlIGtleSB0byBnZXQuXG4gICAqIEByZXR1cm4ge0tleX0gVGhlIGtleS5cbiAgICovXG4gIGFzeW5jIGdldEtleShrZXlJZDogc3RyaW5nKTogUHJvbWlzZTxLZXk+IHtcbiAgICBjb25zdCBrZXlJbmZvID0gYXdhaXQgdGhpcy5rZXlHZXQoa2V5SWQpO1xuICAgIHJldHVybiBuZXcgS2V5KHRoaXMsIGtleUluZm8pO1xuICB9XG5cbiAgLyoqXG4gICAqIEdldCBhbGwga2V5cyBpbiB0aGUgb3JnLlxuICAgKlxuICAgKiBAcGFyYW0ge0tleVR5cGU/fSB0eXBlIE9wdGlvbmFsIGtleSB0eXBlIHRvIGZpbHRlciBsaXN0IGZvci5cbiAgICogQHBhcmFtIHtQYWdlT3B0c30gcGFnZSBQYWdpbmF0aW9uIG9wdGlvbnMuIERlZmF1bHRzIHRvIGZldGNoaW5nIHRoZSBlbnRpcmUgcmVzdWx0IHNldC5cbiAgICogQHJldHVybiB7UHJvbWlzZTxLZXlbXT59IFRoZSBrZXlzLlxuICAgKi9cbiAgYXN5bmMgb3JnS2V5cyh0eXBlPzogS2V5VHlwZSwgcGFnZT86IFBhZ2VPcHRzKTogUHJvbWlzZTxLZXlbXT4ge1xuICAgIGNvbnN0IHBhZ2luYXRvciA9IHRoaXMua2V5c0xpc3QodHlwZSwgcGFnZSk7XG4gICAgY29uc3Qga2V5cyA9IGF3YWl0IHBhZ2luYXRvci5mZXRjaCgpO1xuICAgIHJldHVybiBrZXlzLm1hcCgoaykgPT4gbmV3IEtleSh0aGlzLCBrKSk7XG4gIH1cblxuICAvKipcbiAgICogQ3JlYXRlIGEgbmV3IHJvbGUuXG4gICAqXG4gICAqIEBwYXJhbSB7c3RyaW5nP30gbmFtZSBUaGUgbmFtZSBvZiB0aGUgcm9sZS5cbiAgICogQHJldHVybiB7Um9sZX0gVGhlIG5ldyByb2xlLlxuICAgKi9cbiAgYXN5bmMgY3JlYXRlUm9sZShuYW1lPzogc3RyaW5nKTogUHJvbWlzZTxSb2xlPiB7XG4gICAgY29uc3Qgcm9sZUlkID0gYXdhaXQgdGhpcy5yb2xlQ3JlYXRlKG5hbWUpO1xuICAgIGNvbnN0IHJvbGVJbmZvID0gYXdhaXQgdGhpcy5yb2xlR2V0KHJvbGVJZCk7XG4gICAgcmV0dXJuIG5ldyBSb2xlKHRoaXMsIHJvbGVJbmZvKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHZXQgYSByb2xlIGJ5IGlkIG9yIG5hbWUuXG4gICAqXG4gICAqIEBwYXJhbSB7c3RyaW5nfSByb2xlSWQgVGhlIGlkIG9yIG5hbWUgb2YgdGhlIHJvbGUgdG8gZ2V0LlxuICAgKiBAcmV0dXJuIHtSb2xlfSBUaGUgcm9sZS5cbiAgICovXG4gIGFzeW5jIGdldFJvbGUocm9sZUlkOiBzdHJpbmcpOiBQcm9taXNlPFJvbGU+IHtcbiAgICBjb25zdCByb2xlSW5mbyA9IGF3YWl0IHRoaXMucm9sZUdldChyb2xlSWQpO1xuICAgIHJldHVybiBuZXcgUm9sZSh0aGlzLCByb2xlSW5mbyk7XG4gIH1cblxuICAvKipcbiAgICogTGlzdCBhbGwgcm9sZXMgaW4gdGhlIG9yZy5cbiAgICpcbiAgICogQHBhcmFtIHtQYWdlT3B0c30gcGFnZSBQYWdpbmF0aW9uIG9wdGlvbnMuIERlZmF1bHRzIHRvIGZldGNoaW5nIHRoZSBlbnRpcmUgcmVzdWx0IHNldC5cbiAgICogQHJldHVybiB7Um9sZVtdfSBUaGUgcm9sZXMuXG4gICAqL1xuICBhc3luYyBsaXN0Um9sZXMocGFnZT86IFBhZ2VPcHRzKTogUHJvbWlzZTxSb2xlW10+IHtcbiAgICBjb25zdCByb2xlcyA9IGF3YWl0IHRoaXMucm9sZXNMaXN0KHBhZ2UpLmZldGNoKCk7XG4gICAgcmV0dXJuIHJvbGVzLm1hcCgocikgPT4gbmV3IFJvbGUodGhpcywgcikpO1xuICB9XG5cbiAgLyoqXG4gICAqIExpc3QgYWxsIHVzZXJzIGluIHRoZSBvcmcuXG4gICAqXG4gICAqIFNhbWUgYXMge0BsaW5rIG9yZ1VzZXJzTGlzdH1cbiAgICovXG4gIGdldCBsaXN0VXNlcnMoKSB7XG4gICAgcmV0dXJuIHRoaXMub3JnVXNlcnNMaXN0LmJpbmQodGhpcyk7XG4gIH1cblxuICAvKipcbiAgICogQXBwcm92ZSBhIHBlbmRpbmcgTUZBIHJlcXVlc3QuXG4gICAqXG4gICAqIFNhbWUgYXMge0BsaW5rIG1mYUFwcHJvdmV9XG4gICAqL1xuICBnZXQgYXBwcm92ZU1mYVJlcXVlc3QoKSB7XG4gICAgcmV0dXJuIHRoaXMubWZhQXBwcm92ZS5iaW5kKHRoaXMpO1xuICB9XG5cbiAgLyoqXG4gICAqIEFwcHJvdmUgYSBwZW5kaW5nIE1GQSByZXF1ZXN0IHVzaW5nIFRPVFAuXG4gICAqXG4gICAqIFNhbWUgYXMge0BsaW5rIG1mYUFwcHJvdmVUb3RwfVxuICAgKi9cbiAgZ2V0IHRvdHBBcHByb3ZlKCkge1xuICAgIHJldHVybiB0aGlzLm1mYUFwcHJvdmVUb3RwLmJpbmQodGhpcyk7XG4gIH1cblxuICAvKipcbiAgICogSW5pdGlhdGUgYXBwcm92YWwgb2YgYW4gZXhpc3RpbmcgTUZBIHJlcXVlc3QgdXNpbmcgRklETy5cbiAgICpcbiAgICogUmV0dXJucyBhIHtAbGluayBNZmFGaWRvQ2hhbGxlbmdlfSB0aGF0IG11c3QgYmUgYW5zd2VyZWQgYnkgY2FsbGluZ1xuICAgKiB7QGxpbmsgTWZhRmlkb0NoYWxsZW5nZS5hbnN3ZXJ9IG9yIHtAbGluayBmaWRvQXBwcm92ZUNvbXBsZXRlfS5cbiAgICpcbiAgICogU2FtZSBhcyB7QGxpbmsgbWZhQXBwcm92ZUZpZG9Jbml0fVxuICAgKi9cbiAgZ2V0IGZpZG9BcHByb3ZlU3RhcnQoKSB7XG4gICAgcmV0dXJuIHRoaXMubWZhQXBwcm92ZUZpZG9Jbml0LmJpbmQodGhpcyk7XG4gIH1cblxuICAvKipcbiAgICogQW5zd2VyIHRoZSBNRkEgYXBwcm92YWwgd2l0aCBGSURPIGNoYWxsZW5nZSBpc3N1ZWQgYnkge0BsaW5rIGZpZG9BcHByb3ZlU3RhcnR9LlxuICAgKlxuICAgKiBTYW1lIGFzIHtAbGluayBtZmFBcHByb3ZlRmlkb0NvbXBsZXRlfVxuICAgKi9cbiAgZ2V0IGZpZG9BcHByb3ZlQ29tcGxldGUoKSB7XG4gICAgcmV0dXJuIHRoaXMubWZhQXBwcm92ZUZpZG9Db21wbGV0ZS5iaW5kKHRoaXMpO1xuICB9XG5cbiAgLyoqXG4gICAqIEdldCBhIHBlbmRpbmcgTUZBIHJlcXVlc3QgYnkgaXRzIGlkLlxuICAgKlxuICAgKiBTYW1lIGFzIHtAbGluayBDdWJlU2lnbmVyQ2xpZW50LmdldE1mYUluZm99XG4gICAqL1xuICBnZXQgZ2V0TWZhSW5mbygpIHtcbiAgICByZXR1cm4gdGhpcy5tZmFHZXQuYmluZCh0aGlzKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBMaXN0IHBlbmRpbmcgTUZBIHJlcXVlc3RzIGFjY2Vzc2libGUgdG8gdGhlIGN1cnJlbnQgdXNlci5cbiAgICpcbiAgICogU2FtZSBhcyB7QGxpbmsgQ3ViZVNpZ25lckNsaWVudC5tZmFMaXN0fVxuICAgKi9cbiAgZ2V0IGxpc3RNZmFJbmZvcygpIHtcbiAgICByZXR1cm4gdGhpcy5tZmFMaXN0LmJpbmQodGhpcyk7XG4gIH1cblxuICAvKipcbiAgICogT2J0YWluIGEgcHJvb2Ygb2YgYXV0aGVudGljYXRpb24uXG4gICAqXG4gICAqIFNhbWUgYXMge0BsaW5rIEN1YmVTaWduZXJDbGllbnQuaWRlbnRpdHlQcm92ZX1cbiAgICovXG4gIGdldCBwcm92ZUlkZW50aXR5KCkge1xuICAgIHJldHVybiB0aGlzLmlkZW50aXR5UHJvdmUuYmluZCh0aGlzKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBDaGVjayBpZiBhIGdpdmVuIHByb29mIG9mIE9JREMgYXV0aGVudGljYXRpb24gaXMgdmFsaWQuXG4gICAqXG4gICAqIFNhbWUgYXMge0BsaW5rIEN1YmVTaWduZXJDbGllbnQuaWRlbnRpdHlWZXJpZnl9XG4gICAqL1xuICBnZXQgdmVyaWZ5SWRlbnRpdHkoKSB7XG4gICAgcmV0dXJuIHRoaXMuaWRlbnRpdHlWZXJpZnkuYmluZCh0aGlzKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBDcmVhdGVzIGEgcmVxdWVzdCB0byBhZGQgYSBuZXcgRklETyBkZXZpY2UuXG4gICAqXG4gICAqIFJldHVybnMgYSB7QGxpbmsgQWRkRmlkb0NoYWxsZW5nZX0gdGhhdCBtdXN0IGJlIGFuc3dlcmVkIGJ5IGNhbGxpbmcge0BsaW5rIEFkZEZpZG9DaGFsbGVuZ2UuYW5zd2VyfS5cbiAgICpcbiAgICogTUZBIG1heSBiZSByZXF1aXJlZC5cbiAgICpcbiAgICogU2FtZSBhcyB7QGxpbmsgQ3ViZVNpZ25lckNsaWVudC51c2VyUmVnaXN0ZXJGaWRvSW5pdH1cbiAgICovXG4gIGdldCBhZGRGaWRvU3RhcnQoKSB7XG4gICAgcmV0dXJuIHRoaXMudXNlclJlZ2lzdGVyRmlkb0luaXQuYmluZCh0aGlzKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBDcmVhdGVzIGEgcmVxdWVzdCB0byBjaGFuZ2UgdXNlcidzIFRPVFAuIFJldHVybnMgYSB7QGxpbmsgVG90cENoYWxsZW5nZX1cbiAgICogdGhhdCBtdXN0IGJlIGFuc3dlcmVkIGJ5IGNhbGxpbmcge0BsaW5rIFRvdHBDaGFsbGVuZ2UuYW5zd2VyfSBvclxuICAgKiB7QGxpbmsgcmVzZXRUb3RwQ29tcGxldGV9LlxuICAgKlxuICAgKiBTYW1lIGFzIHtAbGluayB1c2VyUmVzZXRUb3RwSW5pdH1cbiAgICovXG4gIGdldCByZXNldFRvdHBTdGFydCgpIHtcbiAgICByZXR1cm4gdGhpcy51c2VyUmVzZXRUb3RwSW5pdC5iaW5kKHRoaXMpO1xuICB9XG5cbiAgLyoqXG4gICAqIEFuc3dlciB0aGUgVE9UUCBjaGFsbGVuZ2UgaXNzdWVkIGJ5IHtAbGluayByZXNldFRvdHBTdGFydH0uIElmIHN1Y2Nlc3NmdWwsXG4gICAqIHVzZXIncyBUT1RQIGNvbmZpZ3VyYXRpb24gd2lsbCBiZSB1cGRhdGVkIHRvIHRoYXQgb2YgdGhlIFRPVFAgY2hhbGxlbmdlLlxuICAgKlxuICAgKiBTYW1lIGFzIHtAbGluayB1c2VyUmVzZXRUb3RwQ29tcGxldGV9XG4gICAqL1xuICBnZXQgcmVzZXRUb3RwQ29tcGxldGUoKSB7XG4gICAgcmV0dXJuIHRoaXMudXNlclJlc2V0VG90cENvbXBsZXRlLmJpbmQodGhpcyk7XG4gIH1cblxuICAvKipcbiAgICogVmVyaWZpZXMgYSBnaXZlbiBUT1RQIGNvZGUgYWdhaW5zdCB0aGUgY3VycmVudCB1c2VyJ3MgVE9UUCBjb25maWd1cmF0aW9uLlxuICAgKiBUaHJvd3MgYW4gZXJyb3IgaWYgdGhlIHZlcmlmaWNhdGlvbiBmYWlscy5cbiAgICpcbiAgICogU2FtZSBhcyB7QGxpbmsgdXNlclZlcmlmeVRvdHB9XG4gICAqL1xuICBnZXQgdmVyaWZ5VG90cCgpIHtcbiAgICByZXR1cm4gdGhpcy51c2VyVmVyaWZ5VG90cC5iaW5kKHRoaXMpO1xuICB9XG5cbiAgLyoqXG4gICAqIFNpZ24gYSBzdGFrZSByZXF1ZXN0LlxuICAgKlxuICAgKiBTYW1lIGFzIHtAbGluayBzaWduU3Rha2V9XG4gICAqL1xuICBnZXQgc3Rha2UoKSB7XG4gICAgcmV0dXJuIHRoaXMuc2lnblN0YWtlLmJpbmQodGhpcyk7XG4gIH1cblxuICAvKipcbiAgICogU2lnbiBhbiB1bnN0YWtlIHJlcXVlc3QuXG4gICAqXG4gICAqIFNhbWUgYXMge0BsaW5rIHNpZ25VbnN0YWtlfVxuICAgKi9cbiAgZ2V0IHVuc3Rha2UoKSB7XG4gICAgcmV0dXJuIHRoaXMuc2lnblVuc3Rha2UuYmluZCh0aGlzKTtcbiAgfVxufVxuIl19
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { TypedDataDomain, TypedDataField, ethers } from "ethers";
|
|
2
|
-
import {
|
|
2
|
+
import { SignerSession } from "../signer_session";
|
|
3
|
+
import { EvmSignRequest, MfaRequestInfo } from "../schema_types";
|
|
3
4
|
import { KeyInfo } from "../key";
|
|
4
|
-
import { CubeSigner } from "..";
|
|
5
5
|
/** Options for the signer */
|
|
6
6
|
interface SignerOptions {
|
|
7
7
|
/** Optional provider to use */
|
|
@@ -16,15 +16,14 @@ interface SignerOptions {
|
|
|
16
16
|
* updates. Default is 1000ms
|
|
17
17
|
*/
|
|
18
18
|
mfaPollIntervalMs?: number;
|
|
19
|
-
/** Optional management session. Used to check for MFA updates */
|
|
20
|
-
managementSession?: CubeSigner;
|
|
21
19
|
}
|
|
22
20
|
/**
|
|
23
21
|
* A ethers.js Signer using CubeSigner
|
|
24
22
|
*/
|
|
25
23
|
export declare class Signer extends ethers.AbstractSigner {
|
|
26
24
|
#private;
|
|
27
|
-
/**
|
|
25
|
+
/**
|
|
26
|
+
* Create new Signer instance
|
|
28
27
|
* @param {KeyInfo | string} address The key or the eth address of the account to use.
|
|
29
28
|
* @param {SignerSession} signerSession The underlying Signer session.
|
|
30
29
|
* @param {SignerOptions} options The options to use for the Signer instance
|
|
@@ -39,19 +38,29 @@ export declare class Signer extends ethers.AbstractSigner {
|
|
|
39
38
|
*/
|
|
40
39
|
connect(provider: null | ethers.Provider): Signer;
|
|
41
40
|
/**
|
|
42
|
-
*
|
|
41
|
+
* Construct a signing request from a transaction. This populates the transaction
|
|
42
|
+
* type to `0x02` (EIP-1559) unless set.
|
|
43
|
+
*
|
|
44
|
+
* @param {ethers.TransactionRequest} tx The transaction
|
|
45
|
+
* @return {EvmSignRequest} The EVM sign request to be sent to CubeSigner
|
|
46
|
+
*/
|
|
47
|
+
evmSignRequestFromTx(tx: ethers.TransactionRequest): Promise<EvmSignRequest>;
|
|
48
|
+
/**
|
|
49
|
+
* Sign a transaction. This method will block if the key requires MFA approval.
|
|
43
50
|
* @param {ethers.TransactionRequest} tx The transaction to sign.
|
|
44
51
|
* @return {Promise<string>} Hex-encoded RLP encoding of the transaction and its signature.
|
|
45
52
|
*/
|
|
46
53
|
signTransaction(tx: ethers.TransactionRequest): Promise<string>;
|
|
47
|
-
/**
|
|
54
|
+
/**
|
|
55
|
+
* Signs arbitrary messages. This uses ethers.js's [hashMessage](https://docs.ethers.org/v6/api/hashing/#hashMessage)
|
|
48
56
|
* to compute the EIP-191 digest and signs this digest using {@link Key#signBlob}.
|
|
49
57
|
* The key (for this session) must have the `"AllowRawBlobSigning"` policy attached.
|
|
50
58
|
* @param {string | Uint8Array} message The message to sign.
|
|
51
59
|
* @return {Promise<string>} The signature.
|
|
52
60
|
*/
|
|
53
61
|
signMessage(message: string | Uint8Array): Promise<string>;
|
|
54
|
-
/**
|
|
62
|
+
/**
|
|
63
|
+
* Signs EIP-712 typed data. This uses ethers.js's
|
|
55
64
|
* [TypedDataEncoder.hash](https://docs.ethers.org/v6/api/hashing/#TypedDataEncoder_hash)
|
|
56
65
|
* to compute the EIP-712 digest and signs this digest using {@link Key#signBlob}.
|
|
57
66
|
* The key (for this session) must have the `"AllowRawBlobSigning"` policy attached.
|
|
@@ -61,10 +70,26 @@ export declare class Signer extends ethers.AbstractSigner {
|
|
|
61
70
|
* @return {Promise<string>} The signature.
|
|
62
71
|
*/
|
|
63
72
|
signTypedData(domain: TypedDataDomain, types: Record<string, Array<TypedDataField>>, value: Record<string, any>): Promise<string>;
|
|
64
|
-
/**
|
|
73
|
+
/**
|
|
74
|
+
* Sign arbitrary digest. This uses {@link Key#signBlob}.
|
|
65
75
|
* @param {string} digest The digest to sign.
|
|
66
76
|
* @return {Promise<string>} The signature.
|
|
67
77
|
*/
|
|
68
78
|
private signBlob;
|
|
79
|
+
/**
|
|
80
|
+
* Initialize the signing a message using MFA approvals. This method populates
|
|
81
|
+
* missing fields. If the signing does not require MFA, this method throws.
|
|
82
|
+
* @param {ethers.TransactionRequest} tx The transaction to send.
|
|
83
|
+
* @return {string} The MFA id associated with the signing request.
|
|
84
|
+
*/
|
|
85
|
+
sendTransactionMfaInit(tx: ethers.TransactionRequest): Promise<string>;
|
|
86
|
+
/**
|
|
87
|
+
* Send a transaction from an approved MFA request. The MFA request contains
|
|
88
|
+
* information about the approved signing request, which this method will
|
|
89
|
+
* execute.
|
|
90
|
+
* @param {MfaRequestInfo} mfaInfo The approved MFA request.
|
|
91
|
+
* @return {ethers.TransactionResponse} The result of submitting the transaction
|
|
92
|
+
*/
|
|
93
|
+
sendTransactionMfaApproved(mfaInfo: MfaRequestInfo): Promise<ethers.TransactionResponse>;
|
|
69
94
|
}
|
|
70
95
|
export {};
|