@cubist-labs/cubesigner-sdk 0.2.28 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +30 -28
- package/dist/cjs/package.json +41 -0
- package/dist/cjs/spec/env/beta.json +9 -0
- package/dist/cjs/spec/env/gamma.json +9 -0
- package/dist/cjs/spec/env/prod.json +9 -0
- package/dist/cjs/src/api.d.ts +634 -0
- package/dist/cjs/src/api.js +1309 -0
- package/dist/cjs/src/client.d.ts +575 -0
- package/dist/cjs/src/client.js +378 -0
- package/dist/cjs/src/env.d.ts +15 -0
- package/dist/cjs/src/env.js +35 -0
- package/dist/cjs/src/error.d.ts +29 -0
- package/dist/cjs/src/error.js +36 -0
- package/dist/cjs/src/events.d.ts +84 -0
- package/dist/cjs/src/events.js +195 -0
- package/dist/cjs/src/index.d.ts +203 -0
- package/dist/cjs/src/index.js +298 -0
- package/dist/cjs/src/key.d.ts +152 -0
- package/dist/cjs/src/key.js +242 -0
- package/dist/{src/fido.d.ts → cjs/src/mfa.d.ts} +33 -15
- package/dist/cjs/src/mfa.js +169 -0
- package/dist/cjs/src/org.d.ts +99 -0
- package/dist/cjs/src/org.js +95 -0
- package/dist/cjs/src/paginator.d.ts +76 -0
- package/dist/cjs/src/paginator.js +99 -0
- package/dist/cjs/src/response.d.ts +101 -0
- package/dist/cjs/src/response.js +164 -0
- package/dist/cjs/src/role.d.ts +283 -0
- package/dist/cjs/src/role.js +253 -0
- package/dist/cjs/src/schema.d.ts +6209 -0
- package/dist/cjs/src/schema.js +7 -0
- package/dist/cjs/src/schema_types.d.ts +113 -0
- package/dist/cjs/src/schema_types.js +3 -0
- package/dist/cjs/src/session/session_storage.d.ts +27 -0
- package/dist/cjs/src/session/session_storage.js +47 -0
- package/dist/cjs/src/session/signer_session_manager.d.ts +125 -0
- package/dist/cjs/src/session/signer_session_manager.js +239 -0
- package/dist/cjs/src/signer_session.d.ts +41 -0
- package/dist/cjs/src/signer_session.js +77 -0
- package/dist/cjs/src/user_export.d.ts +52 -0
- package/dist/cjs/src/user_export.js +129 -0
- package/dist/cjs/src/util.d.ts +56 -0
- package/dist/cjs/src/util.js +86 -0
- package/dist/esm/package.json +41 -0
- package/dist/esm/spec/env/beta.json +9 -0
- package/dist/esm/spec/env/gamma.json +9 -0
- package/dist/esm/spec/env/prod.json +9 -0
- package/dist/esm/src/api.d.ts +634 -0
- package/dist/esm/src/api.js +1299 -0
- package/dist/esm/src/client.d.ts +575 -0
- package/dist/esm/src/client.js +374 -0
- package/dist/esm/src/env.d.ts +15 -0
- package/dist/esm/src/env.js +9 -0
- package/dist/esm/src/error.d.ts +29 -0
- package/dist/esm/src/error.js +31 -0
- package/dist/esm/src/events.d.ts +84 -0
- package/dist/esm/src/events.js +189 -0
- package/dist/esm/src/index.d.ts +203 -0
- package/dist/esm/src/index.js +276 -0
- package/dist/esm/src/key.d.ts +152 -0
- package/dist/esm/src/key.js +236 -0
- package/dist/esm/src/mfa.d.ts +94 -0
- package/dist/esm/src/mfa.js +163 -0
- package/dist/esm/src/org.d.ts +99 -0
- package/dist/esm/src/org.js +91 -0
- package/dist/esm/src/paginator.d.ts +76 -0
- package/dist/esm/src/paginator.js +94 -0
- package/dist/esm/src/response.d.ts +101 -0
- package/dist/esm/src/response.js +159 -0
- package/dist/esm/src/role.d.ts +283 -0
- package/dist/esm/src/role.js +248 -0
- package/dist/esm/src/schema.d.ts +6209 -0
- package/dist/esm/src/schema.js +6 -0
- package/dist/esm/src/schema_types.d.ts +113 -0
- package/dist/esm/src/schema_types.js +2 -0
- package/dist/esm/src/session/session_storage.d.ts +27 -0
- package/dist/esm/src/session/session_storage.js +43 -0
- package/dist/esm/src/session/signer_session_manager.d.ts +125 -0
- package/dist/esm/src/session/signer_session_manager.js +235 -0
- package/dist/esm/src/signer_session.d.ts +41 -0
- package/dist/esm/src/signer_session.js +72 -0
- package/dist/esm/src/user_export.d.ts +52 -0
- package/dist/esm/src/user_export.js +99 -0
- package/dist/esm/src/util.d.ts +56 -0
- package/dist/esm/src/util.js +76 -0
- package/dist/package.json +13 -45
- package/dist/src/api.d.ts +29 -1
- package/dist/src/api.js +66 -1
- package/dist/src/client.d.ts +35 -14
- package/dist/src/client.js +12 -8
- package/dist/src/events.js +1 -1
- package/dist/src/index.d.ts +6 -11
- package/dist/src/index.js +9 -25
- package/dist/src/key.d.ts +18 -7
- package/dist/src/key.js +52 -19
- package/dist/src/role.d.ts +46 -3
- package/dist/src/role.js +60 -8
- package/dist/src/schema.d.ts +206 -72
- package/dist/src/schema.js +1 -1
- package/dist/src/schema_types.d.ts +3 -0
- package/dist/src/schema_types.js +1 -1
- package/dist/src/session/signer_session_manager.d.ts +38 -14
- package/dist/src/session/signer_session_manager.js +93 -33
- package/dist/src/util.d.ts +14 -0
- package/dist/src/util.js +24 -27
- package/package.json +19 -46
- package/src/api.ts +79 -0
- package/src/client.ts +12 -8
- package/src/events.ts +2 -0
- package/src/index.ts +10 -24
- package/src/key.ts +36 -18
- package/src/role.ts +78 -7
- package/src/schema.ts +269 -110
- package/src/schema_types.ts +3 -0
- package/src/session/session_storage.ts +0 -32
- package/src/session/signer_session_manager.ts +124 -36
- package/src/util.ts +19 -10
- package/tsconfig.json +1 -21
- package/LICENSE-APACHE +0 -177
- package/LICENSE-MIT +0 -25
- package/NOTICE +0 -13
- package/dist/examples/ethers.d.ts +0 -1
- package/dist/examples/ethers.js +0 -142
- package/dist/src/ethers/index.d.ts +0 -95
- package/dist/src/ethers/index.js +0 -215
- package/dist/src/fido.js +0 -148
- package/dist/src/session/cognito_manager.d.ts +0 -71
- package/dist/src/session/cognito_manager.js +0 -129
- package/dist/src/session/generic.d.ts +0 -47
- package/dist/src/session/generic.js +0 -3
- package/dist/src/session/management_session_manager.d.ts +0 -59
- package/dist/src/session/management_session_manager.js +0 -111
- package/dist/src/session/oidc_session_manager.d.ts +0 -78
- package/dist/src/session/oidc_session_manager.js +0 -142
- package/dist/src/session/session_manager.d.ts +0 -99
- package/dist/src/session/session_manager.js +0 -136
- package/dist/src/sign.d.ts +0 -114
- package/dist/src/sign.js +0 -248
- package/dist/test/sessions.d.ts +0 -35
- package/dist/test/sessions.js +0 -56
- package/src/ethers/index.ts +0 -253
- package/src/session/cognito_manager.ts +0 -161
- package/src/session/session_manager.ts +0 -165
|
@@ -0,0 +1,113 @@
|
|
|
1
|
+
import { MfaPolicy } from "./role";
|
|
2
|
+
import { components } from "./schema";
|
|
3
|
+
import { JsonMap } from "./util";
|
|
4
|
+
type schemas = components["schemas"];
|
|
5
|
+
export type UserInfo = schemas["UserInfo"];
|
|
6
|
+
export type ConfiguredMfa = schemas["ConfiguredMfa"];
|
|
7
|
+
export type RatchetConfig = schemas["RatchetConfig"];
|
|
8
|
+
export type IdentityProof = schemas["IdentityProof"];
|
|
9
|
+
export type TotpInfo = schemas["TotpInfo"];
|
|
10
|
+
export type OidcAuthResponse = schemas["NewSessionResponse"];
|
|
11
|
+
export type ApiAddFidoChallenge = schemas["FidoCreateChallengeResponse"];
|
|
12
|
+
export type ApiMfaFidoChallenge = schemas["FidoAssertChallenge"];
|
|
13
|
+
export type PublicKeyCredentialCreationOptions = schemas["PublicKeyCredentialCreationOptions"];
|
|
14
|
+
export type PublicKeyCredentialRequestOptions = schemas["PublicKeyCredentialRequestOptions"];
|
|
15
|
+
export type PublicKeyCredentialParameters = schemas["PublicKeyCredentialParameters"];
|
|
16
|
+
export type PublicKeyCredentialDescriptor = schemas["PublicKeyCredentialDescriptor"];
|
|
17
|
+
export type AuthenticatorSelectionCriteria = schemas["AuthenticatorSelectionCriteria"];
|
|
18
|
+
export type PublicKeyCredentialUserEntity = schemas["PublicKeyCredentialUserEntity"];
|
|
19
|
+
export type PublicKeyCredential = schemas["PublicKeyCredential"];
|
|
20
|
+
export type OrgInfo = schemas["OrgInfo"];
|
|
21
|
+
export type UserIdInfo = schemas["UserIdInfo"];
|
|
22
|
+
export type UpdateOrgRequest = schemas["UpdateOrgRequest"];
|
|
23
|
+
export type UpdateOrgResponse = schemas["UpdateOrgResponse"];
|
|
24
|
+
export type OidcIdentity = schemas["OIDCIdentity"];
|
|
25
|
+
export type MemberRole = schemas["MemberRole"];
|
|
26
|
+
export type SchemaKeyType = schemas["KeyType"];
|
|
27
|
+
export type ListKeysResponse = schemas["PaginatedListKeysResponse"];
|
|
28
|
+
export type UpdateKeyRequest = schemas["UpdateKeyRequest"];
|
|
29
|
+
export type KeyInfoApi = schemas["KeyInfo"];
|
|
30
|
+
export type KeyInRoleInfo = schemas["KeyInRoleInfo"];
|
|
31
|
+
export type UserInRoleInfo = schemas["UserInRoleInfo"];
|
|
32
|
+
export type KeyTypeApi = schemas["KeyType"];
|
|
33
|
+
export type ListRolesResponse = schemas["PaginatedListRolesResponse"];
|
|
34
|
+
export type ListRoleKeysResponse = schemas["PaginatedListRoleKeysResponse"];
|
|
35
|
+
export type ListRoleUsersResponse = schemas["PaginatedListRoleUsersResponse"];
|
|
36
|
+
export type UpdateRoleRequest = schemas["UpdateRoleRequest"];
|
|
37
|
+
export type KeyWithPoliciesInfo = schemas["KeyInRoleInfo"];
|
|
38
|
+
export type RoleInfo = schemas["RoleInfo"];
|
|
39
|
+
export type SessionInfo = schemas["SessionInfo"];
|
|
40
|
+
export type ClientSessionInfo = schemas["ClientSessionInfo"];
|
|
41
|
+
export type NewSessionResponse = schemas["NewSessionResponse"];
|
|
42
|
+
export type SessionsResponse = schemas["PaginatedSessionsResponse"];
|
|
43
|
+
export type CreateSignerSessionRequest = schemas["CreateTokenRequest"];
|
|
44
|
+
export type RefreshSignerSessionRequest = schemas["AuthData"];
|
|
45
|
+
export type EvmSignRequest = schemas["Eth1SignRequest"];
|
|
46
|
+
export type EvmSignResponse = schemas["Eth1SignResponse"];
|
|
47
|
+
export type Eip191SignRequest = schemas["Eip191SignRequest"];
|
|
48
|
+
export type Eip712SignRequest = schemas["Eip712SignRequest"];
|
|
49
|
+
export type Eip191Or712SignResponse = schemas["Eip191Or712SignResponse"];
|
|
50
|
+
export type Eth2SignRequest = schemas["Eth2SignRequest"];
|
|
51
|
+
export type Eth2SignResponse = schemas["Eth2SignResponse"];
|
|
52
|
+
export type Eth2StakeRequest = schemas["StakeRequest"];
|
|
53
|
+
export type Eth2StakeResponse = schemas["StakeResponse"];
|
|
54
|
+
export type Eth2UnstakeRequest = schemas["UnstakeRequest"];
|
|
55
|
+
export type Eth2UnstakeResponse = schemas["UnstakeResponse"];
|
|
56
|
+
export type BlobSignRequest = schemas["BlobSignRequest"];
|
|
57
|
+
export type BlobSignResponse = schemas["BlobSignResponse"];
|
|
58
|
+
export type BtcSignRequest = schemas["BtcSignRequest"];
|
|
59
|
+
export type BtcSignResponse = schemas["BtcSignResponse"];
|
|
60
|
+
export type SolanaSignRequest = schemas["SolanaSignRequest"];
|
|
61
|
+
export type SolanaSignResponse = schemas["SolanaSignResponse"];
|
|
62
|
+
export type AvaSignRequest = schemas["AvaSignRequest"];
|
|
63
|
+
export type AvaSignResponse = schemas["AvaSignResponse"];
|
|
64
|
+
export type AcceptedResponse = schemas["AcceptedResponse"];
|
|
65
|
+
export type ErrorResponse = schemas["ErrorResponse"];
|
|
66
|
+
export type BtcSignatureKind = schemas["BtcSignatureKind"];
|
|
67
|
+
export type MfaType = schemas["MfaType"];
|
|
68
|
+
export type MfaRequestInfo = schemas["MfaRequestInfo"];
|
|
69
|
+
export type UserExportInitRequest = schemas["UserExportInitRequest"];
|
|
70
|
+
export type UserExportInitResponse = schemas["UserExportInitResponse"];
|
|
71
|
+
export type UserExportCompleteRequest = schemas["UserExportCompleteRequest"];
|
|
72
|
+
export type UserExportCompleteResponse = schemas["UserExportCompleteResponse"];
|
|
73
|
+
export type UserExportListResponse = schemas["PaginatedUserExportListResponse"];
|
|
74
|
+
export type UserExportKeyMaterial = schemas["JsonKeyPackage"];
|
|
75
|
+
export type Empty = schemas["EmptyImpl"];
|
|
76
|
+
/** Options for a new OIDC user */
|
|
77
|
+
export interface CreateOidcUserOptions {
|
|
78
|
+
/** The role of an OIDC user, default is "Alien" */
|
|
79
|
+
memberRole?: MemberRole;
|
|
80
|
+
/** Optional MFA policy to associate with the user account */
|
|
81
|
+
mfaPolicy?: MfaPolicy;
|
|
82
|
+
}
|
|
83
|
+
/** Ava P- or X-chain transaction */
|
|
84
|
+
export type AvaTx = {
|
|
85
|
+
P: AvaPChainTx;
|
|
86
|
+
} | {
|
|
87
|
+
X: AvaXChainTx;
|
|
88
|
+
};
|
|
89
|
+
/** Ava P-chain transaction */
|
|
90
|
+
export type AvaPChainTx = {
|
|
91
|
+
AddPermissionlessValidator: JsonMap;
|
|
92
|
+
} | {
|
|
93
|
+
AddSubnetValidator: JsonMap;
|
|
94
|
+
} | {
|
|
95
|
+
AddValidator: JsonMap;
|
|
96
|
+
} | {
|
|
97
|
+
CreateChain: JsonMap;
|
|
98
|
+
} | {
|
|
99
|
+
CreateSubnet: JsonMap;
|
|
100
|
+
} | {
|
|
101
|
+
Export: JsonMap;
|
|
102
|
+
} | {
|
|
103
|
+
Import: JsonMap;
|
|
104
|
+
};
|
|
105
|
+
/** Ava X-chain transaction */
|
|
106
|
+
export type AvaXChainTx = {
|
|
107
|
+
Base: JsonMap;
|
|
108
|
+
} | {
|
|
109
|
+
Export: JsonMap;
|
|
110
|
+
} | {
|
|
111
|
+
Import: JsonMap;
|
|
112
|
+
};
|
|
113
|
+
export {};
|
|
@@ -0,0 +1,2 @@
|
|
|
1
|
+
export {};
|
|
2
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2NoZW1hX3R5cGVzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3NjaGVtYV90eXBlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgTWZhUG9saWN5IH0gZnJvbSBcIi4vcm9sZVwiO1xuaW1wb3J0IHsgY29tcG9uZW50cyB9IGZyb20gXCIuL3NjaGVtYVwiO1xuaW1wb3J0IHsgSnNvbk1hcCB9IGZyb20gXCIuL3V0aWxcIjtcblxudHlwZSBzY2hlbWFzID0gY29tcG9uZW50c1tcInNjaGVtYXNcIl07XG5cbmV4cG9ydCB0eXBlIFVzZXJJbmZvID0gc2NoZW1hc1tcIlVzZXJJbmZvXCJdO1xuZXhwb3J0IHR5cGUgQ29uZmlndXJlZE1mYSA9IHNjaGVtYXNbXCJDb25maWd1cmVkTWZhXCJdO1xuZXhwb3J0IHR5cGUgUmF0Y2hldENvbmZpZyA9IHNjaGVtYXNbXCJSYXRjaGV0Q29uZmlnXCJdO1xuZXhwb3J0IHR5cGUgSWRlbnRpdHlQcm9vZiA9IHNjaGVtYXNbXCJJZGVudGl0eVByb29mXCJdO1xuZXhwb3J0IHR5cGUgVG90cEluZm8gPSBzY2hlbWFzW1wiVG90cEluZm9cIl07XG5cbmV4cG9ydCB0eXBlIE9pZGNBdXRoUmVzcG9uc2UgPSBzY2hlbWFzW1wiTmV3U2Vzc2lvblJlc3BvbnNlXCJdO1xuZXhwb3J0IHR5cGUgQXBpQWRkRmlkb0NoYWxsZW5nZSA9IHNjaGVtYXNbXCJGaWRvQ3JlYXRlQ2hhbGxlbmdlUmVzcG9uc2VcIl07XG5leHBvcnQgdHlwZSBBcGlNZmFGaWRvQ2hhbGxlbmdlID0gc2NoZW1hc1tcIkZpZG9Bc3NlcnRDaGFsbGVuZ2VcIl07XG5cbmV4cG9ydCB0eXBlIFB1YmxpY0tleUNyZWRlbnRpYWxDcmVhdGlvbk9wdGlvbnMgPSBzY2hlbWFzW1wiUHVibGljS2V5Q3JlZGVudGlhbENyZWF0aW9uT3B0aW9uc1wiXTtcbmV4cG9ydCB0eXBlIFB1YmxpY0tleUNyZWRlbnRpYWxSZXF1ZXN0T3B0aW9ucyA9IHNjaGVtYXNbXCJQdWJsaWNLZXlDcmVkZW50aWFsUmVxdWVzdE9wdGlvbnNcIl07XG5leHBvcnQgdHlwZSBQdWJsaWNLZXlDcmVkZW50aWFsUGFyYW1ldGVycyA9IHNjaGVtYXNbXCJQdWJsaWNLZXlDcmVkZW50aWFsUGFyYW1ldGVyc1wiXTtcbmV4cG9ydCB0eXBlIFB1YmxpY0tleUNyZWRlbnRpYWxEZXNjcmlwdG9yID0gc2NoZW1hc1tcIlB1YmxpY0tleUNyZWRlbnRpYWxEZXNjcmlwdG9yXCJdO1xuZXhwb3J0IHR5cGUgQXV0aGVudGljYXRvclNlbGVjdGlvbkNyaXRlcmlhID0gc2NoZW1hc1tcIkF1dGhlbnRpY2F0b3JTZWxlY3Rpb25Dcml0ZXJpYVwiXTtcbmV4cG9ydCB0eXBlIFB1YmxpY0tleUNyZWRlbnRpYWxVc2VyRW50aXR5ID0gc2NoZW1hc1tcIlB1YmxpY0tleUNyZWRlbnRpYWxVc2VyRW50aXR5XCJdO1xuZXhwb3J0IHR5cGUgUHVibGljS2V5Q3JlZGVudGlhbCA9IHNjaGVtYXNbXCJQdWJsaWNLZXlDcmVkZW50aWFsXCJdO1xuXG5leHBvcnQgdHlwZSBPcmdJbmZvID0gc2NoZW1hc1tcIk9yZ0luZm9cIl07XG5leHBvcnQgdHlwZSBVc2VySWRJbmZvID0gc2NoZW1hc1tcIlVzZXJJZEluZm9cIl07XG5leHBvcnQgdHlwZSBVcGRhdGVPcmdSZXF1ZXN0ID0gc2NoZW1hc1tcIlVwZGF0ZU9yZ1JlcXVlc3RcIl07XG5leHBvcnQgdHlwZSBVcGRhdGVPcmdSZXNwb25zZSA9IHNjaGVtYXNbXCJVcGRhdGVPcmdSZXNwb25zZVwiXTtcblxuZXhwb3J0IHR5cGUgT2lkY0lkZW50aXR5ID0gc2NoZW1hc1tcIk9JRENJZGVudGl0eVwiXTtcbmV4cG9ydCB0eXBlIE1lbWJlclJvbGUgPSBzY2hlbWFzW1wiTWVtYmVyUm9sZVwiXTtcblxuZXhwb3J0IHR5cGUgU2NoZW1hS2V5VHlwZSA9IHNjaGVtYXNbXCJLZXlUeXBlXCJdO1xuXG5leHBvcnQgdHlwZSBMaXN0S2V5c1Jlc3BvbnNlID0gc2NoZW1hc1tcIlBhZ2luYXRlZExpc3RLZXlzUmVzcG9uc2VcIl07XG5leHBvcnQgdHlwZSBVcGRhdGVLZXlSZXF1ZXN0ID0gc2NoZW1hc1tcIlVwZGF0ZUtleVJlcXVlc3RcIl07XG5leHBvcnQgdHlwZSBLZXlJbmZvQXBpID0gc2NoZW1hc1tcIktleUluZm9cIl07XG5leHBvcnQgdHlwZSBLZXlJblJvbGVJbmZvID0gc2NoZW1hc1tcIktleUluUm9sZUluZm9cIl07XG5leHBvcnQgdHlwZSBVc2VySW5Sb2xlSW5mbyA9IHNjaGVtYXNbXCJVc2VySW5Sb2xlSW5mb1wiXTtcbmV4cG9ydCB0eXBlIEtleVR5cGVBcGkgPSBzY2hlbWFzW1wiS2V5VHlwZVwiXTtcblxuZXhwb3J0IHR5cGUgTGlzdFJvbGVzUmVzcG9uc2UgPSBzY2hlbWFzW1wiUGFnaW5hdGVkTGlzdFJvbGVzUmVzcG9uc2VcIl07XG5leHBvcnQgdHlwZSBMaXN0Um9sZUtleXNSZXNwb25zZSA9IHNjaGVtYXNbXCJQYWdpbmF0ZWRMaXN0Um9sZUtleXNSZXNwb25zZVwiXTtcbmV4cG9ydCB0eXBlIExpc3RSb2xlVXNlcnNSZXNwb25zZSA9IHNjaGVtYXNbXCJQYWdpbmF0ZWRMaXN0Um9sZVVzZXJzUmVzcG9uc2VcIl07XG5leHBvcnQgdHlwZSBVcGRhdGVSb2xlUmVxdWVzdCA9IHNjaGVtYXNbXCJVcGRhdGVSb2xlUmVxdWVzdFwiXTtcbmV4cG9ydCB0eXBlIEtleVdpdGhQb2xpY2llc0luZm8gPSBzY2hlbWFzW1wiS2V5SW5Sb2xlSW5mb1wiXTtcbmV4cG9ydCB0eXBlIFJvbGVJbmZvID0gc2NoZW1hc1tcIlJvbGVJbmZvXCJdO1xuXG5leHBvcnQgdHlwZSBTZXNzaW9uSW5mbyA9IHNjaGVtYXNbXCJTZXNzaW9uSW5mb1wiXTtcbmV4cG9ydCB0eXBlIENsaWVudFNlc3Npb25JbmZvID0gc2NoZW1hc1tcIkNsaWVudFNlc3Npb25JbmZvXCJdO1xuZXhwb3J0IHR5cGUgTmV3U2Vzc2lvblJlc3BvbnNlID0gc2NoZW1hc1tcIk5ld1Nlc3Npb25SZXNwb25zZVwiXTtcbmV4cG9ydCB0eXBlIFNlc3Npb25zUmVzcG9uc2UgPSBzY2hlbWFzW1wiUGFnaW5hdGVkU2Vzc2lvbnNSZXNwb25zZVwiXTtcblxuZXhwb3J0IHR5cGUgQ3JlYXRlU2lnbmVyU2Vzc2lvblJlcXVlc3QgPSBzY2hlbWFzW1wiQ3JlYXRlVG9rZW5SZXF1ZXN0XCJdO1xuZXhwb3J0IHR5cGUgUmVmcmVzaFNpZ25lclNlc3Npb25SZXF1ZXN0ID0gc2NoZW1hc1tcIkF1dGhEYXRhXCJdO1xuXG5leHBvcnQgdHlwZSBFdm1TaWduUmVxdWVzdCA9IHNjaGVtYXNbXCJFdGgxU2lnblJlcXVlc3RcIl07XG5leHBvcnQgdHlwZSBFdm1TaWduUmVzcG9uc2UgPSBzY2hlbWFzW1wiRXRoMVNpZ25SZXNwb25zZVwiXTtcbmV4cG9ydCB0eXBlIEVpcDE5MVNpZ25SZXF1ZXN0ID0gc2NoZW1hc1tcIkVpcDE5MVNpZ25SZXF1ZXN0XCJdO1xuZXhwb3J0IHR5cGUgRWlwNzEyU2lnblJlcXVlc3QgPSBzY2hlbWFzW1wiRWlwNzEyU2lnblJlcXVlc3RcIl07XG5leHBvcnQgdHlwZSBFaXAxOTFPcjcxMlNpZ25SZXNwb25zZSA9IHNjaGVtYXNbXCJFaXAxOTFPcjcxMlNpZ25SZXNwb25zZVwiXTtcbmV4cG9ydCB0eXBlIEV0aDJTaWduUmVxdWVzdCA9IHNjaGVtYXNbXCJFdGgyU2lnblJlcXVlc3RcIl07XG5leHBvcnQgdHlwZSBFdGgyU2lnblJlc3BvbnNlID0gc2NoZW1hc1tcIkV0aDJTaWduUmVzcG9uc2VcIl07XG5leHBvcnQgdHlwZSBFdGgyU3Rha2VSZXF1ZXN0ID0gc2NoZW1hc1tcIlN0YWtlUmVxdWVzdFwiXTtcbmV4cG9ydCB0eXBlIEV0aDJTdGFrZVJlc3BvbnNlID0gc2NoZW1hc1tcIlN0YWtlUmVzcG9uc2VcIl07XG5leHBvcnQgdHlwZSBFdGgyVW5zdGFrZVJlcXVlc3QgPSBzY2hlbWFzW1wiVW5zdGFrZVJlcXVlc3RcIl07XG5leHBvcnQgdHlwZSBFdGgyVW5zdGFrZVJlc3BvbnNlID0gc2NoZW1hc1tcIlVuc3Rha2VSZXNwb25zZVwiXTtcbmV4cG9ydCB0eXBlIEJsb2JTaWduUmVxdWVzdCA9IHNjaGVtYXNbXCJCbG9iU2lnblJlcXVlc3RcIl07XG5leHBvcnQgdHlwZSBCbG9iU2lnblJlc3BvbnNlID0gc2NoZW1hc1tcIkJsb2JTaWduUmVzcG9uc2VcIl07XG5leHBvcnQgdHlwZSBCdGNTaWduUmVxdWVzdCA9IHNjaGVtYXNbXCJCdGNTaWduUmVxdWVzdFwiXTtcbmV4cG9ydCB0eXBlIEJ0Y1NpZ25SZXNwb25zZSA9IHNjaGVtYXNbXCJCdGNTaWduUmVzcG9uc2VcIl07XG5leHBvcnQgdHlwZSBTb2xhbmFTaWduUmVxdWVzdCA9IHNjaGVtYXNbXCJTb2xhbmFTaWduUmVxdWVzdFwiXTtcbmV4cG9ydCB0eXBlIFNvbGFuYVNpZ25SZXNwb25zZSA9IHNjaGVtYXNbXCJTb2xhbmFTaWduUmVzcG9uc2VcIl07XG5leHBvcnQgdHlwZSBBdmFTaWduUmVxdWVzdCA9IHNjaGVtYXNbXCJBdmFTaWduUmVxdWVzdFwiXTtcbmV4cG9ydCB0eXBlIEF2YVNpZ25SZXNwb25zZSA9IHNjaGVtYXNbXCJBdmFTaWduUmVzcG9uc2VcIl07XG5cbmV4cG9ydCB0eXBlIEFjY2VwdGVkUmVzcG9uc2UgPSBzY2hlbWFzW1wiQWNjZXB0ZWRSZXNwb25zZVwiXTtcbmV4cG9ydCB0eXBlIEVycm9yUmVzcG9uc2UgPSBzY2hlbWFzW1wiRXJyb3JSZXNwb25zZVwiXTtcbmV4cG9ydCB0eXBlIEJ0Y1NpZ25hdHVyZUtpbmQgPSBzY2hlbWFzW1wiQnRjU2lnbmF0dXJlS2luZFwiXTtcblxuZXhwb3J0IHR5cGUgTWZhVHlwZSA9IHNjaGVtYXNbXCJNZmFUeXBlXCJdO1xuZXhwb3J0IHR5cGUgTWZhUmVxdWVzdEluZm8gPSBzY2hlbWFzW1wiTWZhUmVxdWVzdEluZm9cIl07XG5cbmV4cG9ydCB0eXBlIFVzZXJFeHBvcnRJbml0UmVxdWVzdCA9IHNjaGVtYXNbXCJVc2VyRXhwb3J0SW5pdFJlcXVlc3RcIl07XG5leHBvcnQgdHlwZSBVc2VyRXhwb3J0SW5pdFJlc3BvbnNlID0gc2NoZW1hc1tcIlVzZXJFeHBvcnRJbml0UmVzcG9uc2VcIl07XG5leHBvcnQgdHlwZSBVc2VyRXhwb3J0Q29tcGxldGVSZXF1ZXN0ID0gc2NoZW1hc1tcIlVzZXJFeHBvcnRDb21wbGV0ZVJlcXVlc3RcIl07XG5leHBvcnQgdHlwZSBVc2VyRXhwb3J0Q29tcGxldGVSZXNwb25zZSA9IHNjaGVtYXNbXCJVc2VyRXhwb3J0Q29tcGxldGVSZXNwb25zZVwiXTtcbmV4cG9ydCB0eXBlIFVzZXJFeHBvcnRMaXN0UmVzcG9uc2UgPSBzY2hlbWFzW1wiUGFnaW5hdGVkVXNlckV4cG9ydExpc3RSZXNwb25zZVwiXTtcbmV4cG9ydCB0eXBlIFVzZXJFeHBvcnRLZXlNYXRlcmlhbCA9IHNjaGVtYXNbXCJKc29uS2V5UGFja2FnZVwiXTtcblxuZXhwb3J0IHR5cGUgRW1wdHkgPSBzY2hlbWFzW1wiRW1wdHlJbXBsXCJdO1xuXG4vKiogT3B0aW9ucyBmb3IgYSBuZXcgT0lEQyB1c2VyICovXG5leHBvcnQgaW50ZXJmYWNlIENyZWF0ZU9pZGNVc2VyT3B0aW9ucyB7XG4gIC8qKiBUaGUgcm9sZSBvZiBhbiBPSURDIHVzZXIsIGRlZmF1bHQgaXMgXCJBbGllblwiICovXG4gIG1lbWJlclJvbGU/OiBNZW1iZXJSb2xlO1xuICAvKiogT3B0aW9uYWwgTUZBIHBvbGljeSB0byBhc3NvY2lhdGUgd2l0aCB0aGUgdXNlciBhY2NvdW50ICovXG4gIG1mYVBvbGljeT86IE1mYVBvbGljeTtcbn1cblxuLyoqIEF2YSBQLSBvciBYLWNoYWluIHRyYW5zYWN0aW9uICovXG5leHBvcnQgdHlwZSBBdmFUeCA9IHsgUDogQXZhUENoYWluVHggfSB8IHsgWDogQXZhWENoYWluVHggfTtcblxuLyoqIEF2YSBQLWNoYWluIHRyYW5zYWN0aW9uICovXG5leHBvcnQgdHlwZSBBdmFQQ2hhaW5UeCA9XG4gIHwgeyBBZGRQZXJtaXNzaW9ubGVzc1ZhbGlkYXRvcjogSnNvbk1hcCB9XG4gIHwgeyBBZGRTdWJuZXRWYWxpZGF0b3I6IEpzb25NYXAgfVxuICB8IHsgQWRkVmFsaWRhdG9yOiBKc29uTWFwIH1cbiAgfCB7IENyZWF0ZUNoYWluOiBKc29uTWFwIH1cbiAgfCB7IENyZWF0ZVN1Ym5ldDogSnNvbk1hcCB9XG4gIHwgeyBFeHBvcnQ6IEpzb25NYXAgfVxuICB8IHsgSW1wb3J0OiBKc29uTWFwIH07XG5cbi8qKiBBdmEgWC1jaGFpbiB0cmFuc2FjdGlvbiAqL1xuZXhwb3J0IHR5cGUgQXZhWENoYWluVHggPSB7IEJhc2U6IEpzb25NYXAgfSB8IHsgRXhwb3J0OiBKc29uTWFwIH0gfCB7IEltcG9ydDogSnNvbk1hcCB9O1xuIl19
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
/** Interface for storing sessions. */
|
|
2
|
+
export interface SessionStorage<U> {
|
|
3
|
+
/** Store session information */
|
|
4
|
+
save(data: U): Promise<void>;
|
|
5
|
+
/** Retrieve session information */
|
|
6
|
+
retrieve(): Promise<U>;
|
|
7
|
+
}
|
|
8
|
+
/** Stores session information in memory */
|
|
9
|
+
export declare class MemorySessionStorage<U> implements SessionStorage<U> {
|
|
10
|
+
#private;
|
|
11
|
+
/**
|
|
12
|
+
* Store session information.
|
|
13
|
+
* @param {U} data The session information to store
|
|
14
|
+
* @return {Promise<void>}
|
|
15
|
+
*/
|
|
16
|
+
save(data: U): Promise<void>;
|
|
17
|
+
/**
|
|
18
|
+
* Retrieve session information.
|
|
19
|
+
* @return {Promise<U>} The session information
|
|
20
|
+
*/
|
|
21
|
+
retrieve(): Promise<U>;
|
|
22
|
+
/**
|
|
23
|
+
* Constructor.
|
|
24
|
+
* @param {U?} data The initial data
|
|
25
|
+
*/
|
|
26
|
+
constructor(data?: U);
|
|
27
|
+
}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
|
|
2
|
+
if (kind === "m") throw new TypeError("Private method is not writable");
|
|
3
|
+
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
|
|
4
|
+
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
|
|
5
|
+
return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
|
|
6
|
+
};
|
|
7
|
+
var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
|
|
8
|
+
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
|
|
9
|
+
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
|
|
10
|
+
return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
|
|
11
|
+
};
|
|
12
|
+
var _MemorySessionStorage_data;
|
|
13
|
+
/** Stores session information in memory */
|
|
14
|
+
export class MemorySessionStorage {
|
|
15
|
+
/**
|
|
16
|
+
* Store session information.
|
|
17
|
+
* @param {U} data The session information to store
|
|
18
|
+
* @return {Promise<void>}
|
|
19
|
+
*/
|
|
20
|
+
async save(data) {
|
|
21
|
+
__classPrivateFieldSet(this, _MemorySessionStorage_data, data, "f");
|
|
22
|
+
}
|
|
23
|
+
/**
|
|
24
|
+
* Retrieve session information.
|
|
25
|
+
* @return {Promise<U>} The session information
|
|
26
|
+
*/
|
|
27
|
+
async retrieve() {
|
|
28
|
+
if (!__classPrivateFieldGet(this, _MemorySessionStorage_data, "f")) {
|
|
29
|
+
throw new Error("Missing session information");
|
|
30
|
+
}
|
|
31
|
+
return __classPrivateFieldGet(this, _MemorySessionStorage_data, "f");
|
|
32
|
+
}
|
|
33
|
+
/**
|
|
34
|
+
* Constructor.
|
|
35
|
+
* @param {U?} data The initial data
|
|
36
|
+
*/
|
|
37
|
+
constructor(data) {
|
|
38
|
+
_MemorySessionStorage_data.set(this, void 0);
|
|
39
|
+
__classPrivateFieldSet(this, _MemorySessionStorage_data, data, "f");
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
_MemorySessionStorage_data = new WeakMap();
|
|
43
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2Vzc2lvbl9zdG9yYWdlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL3Nlc3Npb24vc2Vzc2lvbl9zdG9yYWdlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7OztBQVNBLDJDQUEyQztBQUMzQyxNQUFNLE9BQU8sb0JBQW9CO0lBRy9COzs7O09BSUc7SUFDSCxLQUFLLENBQUMsSUFBSSxDQUFDLElBQU87UUFDaEIsdUJBQUEsSUFBSSw4QkFBUyxJQUFJLE1BQUEsQ0FBQztJQUNwQixDQUFDO0lBRUQ7OztPQUdHO0lBQ0gsS0FBSyxDQUFDLFFBQVE7UUFDWixJQUFJLENBQUMsdUJBQUEsSUFBSSxrQ0FBTSxFQUFFLENBQUM7WUFDaEIsTUFBTSxJQUFJLEtBQUssQ0FBQyw2QkFBNkIsQ0FBQyxDQUFDO1FBQ2pELENBQUM7UUFDRCxPQUFPLHVCQUFBLElBQUksa0NBQU0sQ0FBQztJQUNwQixDQUFDO0lBRUQ7OztPQUdHO0lBQ0gsWUFBWSxJQUFRO1FBMUJwQiw2Q0FBVTtRQTJCUix1QkFBQSxJQUFJLDhCQUFTLElBQUksTUFBQSxDQUFDO0lBQ3BCLENBQUM7Q0FDRiIsInNvdXJjZXNDb250ZW50IjpbIi8qKiBJbnRlcmZhY2UgZm9yIHN0b3Jpbmcgc2Vzc2lvbnMuICovXG5leHBvcnQgaW50ZXJmYWNlIFNlc3Npb25TdG9yYWdlPFU+IHtcbiAgLyoqIFN0b3JlIHNlc3Npb24gaW5mb3JtYXRpb24gKi9cbiAgc2F2ZShkYXRhOiBVKTogUHJvbWlzZTx2b2lkPjtcblxuICAvKiogUmV0cmlldmUgc2Vzc2lvbiBpbmZvcm1hdGlvbiAqL1xuICByZXRyaWV2ZSgpOiBQcm9taXNlPFU+O1xufVxuXG4vKiogU3RvcmVzIHNlc3Npb24gaW5mb3JtYXRpb24gaW4gbWVtb3J5ICovXG5leHBvcnQgY2xhc3MgTWVtb3J5U2Vzc2lvblN0b3JhZ2U8VT4gaW1wbGVtZW50cyBTZXNzaW9uU3RvcmFnZTxVPiB7XG4gICNkYXRhPzogVTtcblxuICAvKipcbiAgICogU3RvcmUgc2Vzc2lvbiBpbmZvcm1hdGlvbi5cbiAgICogQHBhcmFtIHtVfSBkYXRhIFRoZSBzZXNzaW9uIGluZm9ybWF0aW9uIHRvIHN0b3JlXG4gICAqIEByZXR1cm4ge1Byb21pc2U8dm9pZD59XG4gICAqL1xuICBhc3luYyBzYXZlKGRhdGE6IFUpOiBQcm9taXNlPHZvaWQ+IHtcbiAgICB0aGlzLiNkYXRhID0gZGF0YTtcbiAgfVxuXG4gIC8qKlxuICAgKiBSZXRyaWV2ZSBzZXNzaW9uIGluZm9ybWF0aW9uLlxuICAgKiBAcmV0dXJuIHtQcm9taXNlPFU+fSBUaGUgc2Vzc2lvbiBpbmZvcm1hdGlvblxuICAgKi9cbiAgYXN5bmMgcmV0cmlldmUoKTogUHJvbWlzZTxVPiB7XG4gICAgaWYgKCF0aGlzLiNkYXRhKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoXCJNaXNzaW5nIHNlc3Npb24gaW5mb3JtYXRpb25cIik7XG4gICAgfVxuICAgIHJldHVybiB0aGlzLiNkYXRhO1xuICB9XG5cbiAgLyoqXG4gICAqIENvbnN0cnVjdG9yLlxuICAgKiBAcGFyYW0ge1U/fSBkYXRhIFRoZSBpbml0aWFsIGRhdGFcbiAgICovXG4gIGNvbnN0cnVjdG9yKGRhdGE/OiBVKSB7XG4gICAgdGhpcy4jZGF0YSA9IGRhdGE7XG4gIH1cbn1cbiJdfQ==
|
|
@@ -0,0 +1,125 @@
|
|
|
1
|
+
import { Events } from "../events";
|
|
2
|
+
import { EnvInterface } from "../env";
|
|
3
|
+
import { Client } from "../api";
|
|
4
|
+
import { SessionStorage } from "./session_storage";
|
|
5
|
+
import { ClientSessionInfo, NewSessionResponse } from "../schema_types";
|
|
6
|
+
import { operations } from "../schema";
|
|
7
|
+
/** JSON representation of our "signer session" file format */
|
|
8
|
+
export interface SignerSessionData {
|
|
9
|
+
/** The organization ID */
|
|
10
|
+
org_id: string;
|
|
11
|
+
/** The role ID */
|
|
12
|
+
role_id?: string;
|
|
13
|
+
/** The purpose of the session token */
|
|
14
|
+
purpose?: string;
|
|
15
|
+
/** The token to include in Authorization header */
|
|
16
|
+
token: string;
|
|
17
|
+
/** Session info */
|
|
18
|
+
session_info: ClientSessionInfo;
|
|
19
|
+
/** Session expiration (in seconds since UNIX epoch) beyond which it cannot be refreshed */
|
|
20
|
+
session_exp: number | undefined;
|
|
21
|
+
/** The environment */
|
|
22
|
+
env: {
|
|
23
|
+
["Dev-CubeSignerStack"]: EnvInterface;
|
|
24
|
+
};
|
|
25
|
+
}
|
|
26
|
+
/** Type of storage required for signer sessions */
|
|
27
|
+
export type SignerSessionStorage = SessionStorage<SignerSessionData>;
|
|
28
|
+
export interface SignerSessionLifetime {
|
|
29
|
+
/** Session lifetime (in seconds). Defaults to one week (604800). */
|
|
30
|
+
session?: number;
|
|
31
|
+
/** Auth token lifetime (in seconds). Defaults to five minutes (300). */
|
|
32
|
+
auth: number;
|
|
33
|
+
/** Refresh token lifetime (in seconds). Defaults to one day (86400). */
|
|
34
|
+
refresh?: number;
|
|
35
|
+
/** Grace lifetime (in seconds). Defaults to 30 seconds (30). */
|
|
36
|
+
grace?: number;
|
|
37
|
+
}
|
|
38
|
+
/** Generic session manager interface. */
|
|
39
|
+
export declare class SignerSessionManager {
|
|
40
|
+
#private;
|
|
41
|
+
readonly env: EnvInterface;
|
|
42
|
+
readonly orgId: string;
|
|
43
|
+
readonly storage: SignerSessionStorage;
|
|
44
|
+
readonly events: Events;
|
|
45
|
+
/**
|
|
46
|
+
* @return {string} The current auth token.
|
|
47
|
+
* @internal
|
|
48
|
+
*/
|
|
49
|
+
token(): Promise<string>;
|
|
50
|
+
/**
|
|
51
|
+
* Refreshes the current session if needed, then returns a client using the current session.
|
|
52
|
+
*
|
|
53
|
+
* May **UPDATE/MUTATE** self.
|
|
54
|
+
*
|
|
55
|
+
* @param {operations} operation The operation that this client will be
|
|
56
|
+
* used for. This parameter is used exclusively for more accurate error
|
|
57
|
+
* reporting and does not affect functionality.
|
|
58
|
+
* @return {Client} The client with the current session
|
|
59
|
+
*/
|
|
60
|
+
client(operation?: keyof operations): Promise<Client>;
|
|
61
|
+
/** Revokes the session. */
|
|
62
|
+
revoke(): Promise<void>;
|
|
63
|
+
/**
|
|
64
|
+
* Refreshes the session and **UPDATES/MUTATES** self.
|
|
65
|
+
*/
|
|
66
|
+
refresh(): Promise<void>;
|
|
67
|
+
/**
|
|
68
|
+
* Returns whether it's time to refresh this token.
|
|
69
|
+
* @return {boolean} Whether it's time to refresh this token.
|
|
70
|
+
* @internal
|
|
71
|
+
*/
|
|
72
|
+
isStale(): Promise<boolean>;
|
|
73
|
+
/**
|
|
74
|
+
* Return whether this session has expired and cannot be refreshed anymore.
|
|
75
|
+
* @return {boolean} Whether this session has expired.
|
|
76
|
+
* @internal
|
|
77
|
+
*/
|
|
78
|
+
hasExpired(): boolean;
|
|
79
|
+
/**
|
|
80
|
+
* Refreshes the session if it is about to expire.
|
|
81
|
+
* @return {boolean} Whether the session token was refreshed.
|
|
82
|
+
* @internal
|
|
83
|
+
*/
|
|
84
|
+
refreshIfNeeded(): Promise<boolean>;
|
|
85
|
+
/**
|
|
86
|
+
* Automatically refreshes the session in the background (if needed) every
|
|
87
|
+
* minute. This is a simple wrapper around `setInterval`.
|
|
88
|
+
* @return {number} The interval ID of the refresh timer.
|
|
89
|
+
*/
|
|
90
|
+
autoRefresh(): RefreshId;
|
|
91
|
+
/**
|
|
92
|
+
* Clears the auto refresh timer.
|
|
93
|
+
* @param {number} timer The timer ID to clear.
|
|
94
|
+
*/
|
|
95
|
+
clearAutoRefresh(timer: RefreshId): void;
|
|
96
|
+
/**
|
|
97
|
+
* @param {EnvInterface} env The CubeSigner environment
|
|
98
|
+
* @param {string} orgId The organization ID
|
|
99
|
+
* @param {NewSessionResponse} session The session information.
|
|
100
|
+
* @param {SignerSessionStorage} storage The storage to use for saving the session.
|
|
101
|
+
* @return {Promise<SignerSessionManager>} New signer session manager.
|
|
102
|
+
*/
|
|
103
|
+
static createFromSessionInfo(env: EnvInterface, orgId: string, session: NewSessionResponse, storage?: SignerSessionStorage): Promise<SignerSessionManager>;
|
|
104
|
+
/**
|
|
105
|
+
* @param {SignerSessionData} sessionData The session information.
|
|
106
|
+
* @param {SignerSessionStorage} storage The storage to use for saving the session.
|
|
107
|
+
* @return {Promise<SignerSessionManager>} New signer session manager.
|
|
108
|
+
*/
|
|
109
|
+
static createFromSessionData(sessionData: SignerSessionData, storage?: SignerSessionStorage): Promise<SignerSessionManager>;
|
|
110
|
+
/**
|
|
111
|
+
* Uses an existing session to create a new signer session manager.
|
|
112
|
+
*
|
|
113
|
+
* @param {SignerSessionStorage} storage The session storage to use
|
|
114
|
+
* @return {Promise<SingerSession>} New signer session manager
|
|
115
|
+
*/
|
|
116
|
+
static loadFromStorage(storage: SignerSessionStorage): Promise<SignerSessionManager>;
|
|
117
|
+
/**
|
|
118
|
+
* Constructor.
|
|
119
|
+
* @param {SignerSessionData} sessionData Session data
|
|
120
|
+
* @param {SignerSessionStorage} storage The session storage to use.
|
|
121
|
+
*/
|
|
122
|
+
constructor(sessionData: SignerSessionData, storage: SignerSessionStorage);
|
|
123
|
+
}
|
|
124
|
+
/** Type of the refresh timer ID. */
|
|
125
|
+
export type RefreshId = ReturnType<typeof setInterval>;
|
|
@@ -0,0 +1,235 @@
|
|
|
1
|
+
var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
|
|
2
|
+
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
|
|
3
|
+
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
|
|
4
|
+
return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
|
|
5
|
+
};
|
|
6
|
+
var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
|
|
7
|
+
if (kind === "m") throw new TypeError("Private method is not writable");
|
|
8
|
+
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
|
|
9
|
+
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
|
|
10
|
+
return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
|
|
11
|
+
};
|
|
12
|
+
var _SignerSessionManager_instances, _a, _SignerSessionManager_eventEmitter, _SignerSessionManager_refreshing, _SignerSessionManager_client, _SignerSessionManager_createClient, _SignerSessionManager_hasTimestampExpired;
|
|
13
|
+
import { Events } from "../events";
|
|
14
|
+
import { createHttpClient, OpClient } from "../api";
|
|
15
|
+
import { MemorySessionStorage } from "./session_storage";
|
|
16
|
+
import { delay } from "../util";
|
|
17
|
+
import { EventEmitter } from "../events";
|
|
18
|
+
import { SessionExpiredError } from "../error";
|
|
19
|
+
const DEFAULT_EXPIRATION_BUFFER_SECS = 30;
|
|
20
|
+
/**
|
|
21
|
+
* Constructs {@link Date} from a number representing seconds since unix epoch.
|
|
22
|
+
* @param {number} secs Seconds since unix epoch.
|
|
23
|
+
* @return {Date} The equivalent date.
|
|
24
|
+
*/
|
|
25
|
+
function secondsSinceEpochToDate(secs) {
|
|
26
|
+
return new Date(secs * 1000);
|
|
27
|
+
}
|
|
28
|
+
/** Generic session manager interface. */
|
|
29
|
+
export class SignerSessionManager {
|
|
30
|
+
/**
|
|
31
|
+
* @return {string} The current auth token.
|
|
32
|
+
* @internal
|
|
33
|
+
*/
|
|
34
|
+
async token() {
|
|
35
|
+
const session = await this.storage.retrieve();
|
|
36
|
+
return session.token;
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* Refreshes the current session if needed, then returns a client using the current session.
|
|
40
|
+
*
|
|
41
|
+
* May **UPDATE/MUTATE** self.
|
|
42
|
+
*
|
|
43
|
+
* @param {operations} operation The operation that this client will be
|
|
44
|
+
* used for. This parameter is used exclusively for more accurate error
|
|
45
|
+
* reporting and does not affect functionality.
|
|
46
|
+
* @return {Client} The client with the current session
|
|
47
|
+
*/
|
|
48
|
+
async client(operation) {
|
|
49
|
+
await this.refreshIfNeeded();
|
|
50
|
+
// trigger "session expired" if the session as a whole has expired
|
|
51
|
+
// or if (for whatever reason) the token is still stale
|
|
52
|
+
if (__classPrivateFieldGet(_a, _a, "m", _SignerSessionManager_hasTimestampExpired).call(_a, __classPrivateFieldGet(this, _SignerSessionManager_client, "f").token_exp) || this.hasExpired()) {
|
|
53
|
+
await __classPrivateFieldGet(this, _SignerSessionManager_eventEmitter, "f").emitSessionExpired();
|
|
54
|
+
throw new SessionExpiredError(operation);
|
|
55
|
+
}
|
|
56
|
+
return __classPrivateFieldGet(this, _SignerSessionManager_client, "f").client;
|
|
57
|
+
}
|
|
58
|
+
/** Revokes the session. */
|
|
59
|
+
async revoke() {
|
|
60
|
+
const client = new OpClient("revokeCurrentSession", await this.client(), __classPrivateFieldGet(this, _SignerSessionManager_eventEmitter, "f"));
|
|
61
|
+
await client.del("/v0/org/{org_id}/session/self", {
|
|
62
|
+
params: { path: { org_id: this.orgId } },
|
|
63
|
+
});
|
|
64
|
+
}
|
|
65
|
+
/**
|
|
66
|
+
* Refreshes the session and **UPDATES/MUTATES** self.
|
|
67
|
+
*/
|
|
68
|
+
async refresh() {
|
|
69
|
+
if (this.hasExpired()) {
|
|
70
|
+
await __classPrivateFieldGet(this, _SignerSessionManager_eventEmitter, "f").emitSessionExpired();
|
|
71
|
+
throw new SessionExpiredError("signerSessionRefresh");
|
|
72
|
+
}
|
|
73
|
+
const currSession = await this.storage.retrieve();
|
|
74
|
+
const client = new OpClient("signerSessionRefresh", __classPrivateFieldGet(this, _SignerSessionManager_client, "f").client, __classPrivateFieldGet(this, _SignerSessionManager_eventEmitter, "f"));
|
|
75
|
+
const csi = currSession.session_info;
|
|
76
|
+
const data = await client.patch("/v1/org/{org_id}/token/refresh", {
|
|
77
|
+
params: { path: { org_id: this.orgId } },
|
|
78
|
+
body: {
|
|
79
|
+
epoch_num: csi.epoch,
|
|
80
|
+
epoch_token: csi.epoch_token,
|
|
81
|
+
other_token: csi.refresh_token,
|
|
82
|
+
},
|
|
83
|
+
});
|
|
84
|
+
const newSession = {
|
|
85
|
+
...currSession,
|
|
86
|
+
session_info: data.session_info,
|
|
87
|
+
token: data.token,
|
|
88
|
+
};
|
|
89
|
+
await this.storage.save(newSession);
|
|
90
|
+
__classPrivateFieldSet(this, _SignerSessionManager_client, {
|
|
91
|
+
client: __classPrivateFieldGet(this, _SignerSessionManager_instances, "m", _SignerSessionManager_createClient).call(this, newSession.token),
|
|
92
|
+
token_exp: secondsSinceEpochToDate(newSession.session_info.auth_token_exp),
|
|
93
|
+
session_exp: newSession.session_exp
|
|
94
|
+
? secondsSinceEpochToDate(newSession.session_exp)
|
|
95
|
+
: undefined,
|
|
96
|
+
}, "f");
|
|
97
|
+
}
|
|
98
|
+
/**
|
|
99
|
+
* Returns whether it's time to refresh this token.
|
|
100
|
+
* @return {boolean} Whether it's time to refresh this token.
|
|
101
|
+
* @internal
|
|
102
|
+
*/
|
|
103
|
+
async isStale() {
|
|
104
|
+
return __classPrivateFieldGet(_a, _a, "m", _SignerSessionManager_hasTimestampExpired).call(_a, __classPrivateFieldGet(this, _SignerSessionManager_client, "f").token_exp, DEFAULT_EXPIRATION_BUFFER_SECS);
|
|
105
|
+
}
|
|
106
|
+
/**
|
|
107
|
+
* Return whether this session has expired and cannot be refreshed anymore.
|
|
108
|
+
* @return {boolean} Whether this session has expired.
|
|
109
|
+
* @internal
|
|
110
|
+
*/
|
|
111
|
+
hasExpired() {
|
|
112
|
+
return ((__classPrivateFieldGet(this, _SignerSessionManager_client, "f").session_exp || false) &&
|
|
113
|
+
__classPrivateFieldGet(_a, _a, "m", _SignerSessionManager_hasTimestampExpired).call(_a, __classPrivateFieldGet(this, _SignerSessionManager_client, "f").session_exp));
|
|
114
|
+
}
|
|
115
|
+
/**
|
|
116
|
+
* Refreshes the session if it is about to expire.
|
|
117
|
+
* @return {boolean} Whether the session token was refreshed.
|
|
118
|
+
* @internal
|
|
119
|
+
*/
|
|
120
|
+
async refreshIfNeeded() {
|
|
121
|
+
if (await this.isStale()) {
|
|
122
|
+
if (__classPrivateFieldGet(this, _SignerSessionManager_refreshing, "f")) {
|
|
123
|
+
// wait until done refreshing
|
|
124
|
+
while (__classPrivateFieldGet(this, _SignerSessionManager_refreshing, "f")) {
|
|
125
|
+
await delay(100);
|
|
126
|
+
}
|
|
127
|
+
return false;
|
|
128
|
+
}
|
|
129
|
+
else {
|
|
130
|
+
// refresh
|
|
131
|
+
__classPrivateFieldSet(this, _SignerSessionManager_refreshing, true, "f");
|
|
132
|
+
try {
|
|
133
|
+
await this.refresh();
|
|
134
|
+
return true;
|
|
135
|
+
}
|
|
136
|
+
finally {
|
|
137
|
+
__classPrivateFieldSet(this, _SignerSessionManager_refreshing, false, "f");
|
|
138
|
+
}
|
|
139
|
+
}
|
|
140
|
+
}
|
|
141
|
+
return false;
|
|
142
|
+
}
|
|
143
|
+
/**
|
|
144
|
+
* Automatically refreshes the session in the background (if needed) every
|
|
145
|
+
* minute. This is a simple wrapper around `setInterval`.
|
|
146
|
+
* @return {number} The interval ID of the refresh timer.
|
|
147
|
+
*/
|
|
148
|
+
autoRefresh() {
|
|
149
|
+
return setInterval(async () => {
|
|
150
|
+
await this.refreshIfNeeded();
|
|
151
|
+
}, 60 * 1000);
|
|
152
|
+
}
|
|
153
|
+
/**
|
|
154
|
+
* Clears the auto refresh timer.
|
|
155
|
+
* @param {number} timer The timer ID to clear.
|
|
156
|
+
*/
|
|
157
|
+
clearAutoRefresh(timer) {
|
|
158
|
+
clearInterval(timer);
|
|
159
|
+
}
|
|
160
|
+
/**
|
|
161
|
+
* @param {EnvInterface} env The CubeSigner environment
|
|
162
|
+
* @param {string} orgId The organization ID
|
|
163
|
+
* @param {NewSessionResponse} session The session information.
|
|
164
|
+
* @param {SignerSessionStorage} storage The storage to use for saving the session.
|
|
165
|
+
* @return {Promise<SignerSessionManager>} New signer session manager.
|
|
166
|
+
*/
|
|
167
|
+
static async createFromSessionInfo(env, orgId, session, storage) {
|
|
168
|
+
const sessionData = {
|
|
169
|
+
env: {
|
|
170
|
+
["Dev-CubeSignerStack"]: env,
|
|
171
|
+
},
|
|
172
|
+
org_id: orgId,
|
|
173
|
+
token: session.token,
|
|
174
|
+
purpose: "sign via oidc",
|
|
175
|
+
session_info: session.session_info,
|
|
176
|
+
session_exp: session.expiration,
|
|
177
|
+
};
|
|
178
|
+
storage ??= new MemorySessionStorage();
|
|
179
|
+
await storage.save(sessionData);
|
|
180
|
+
return await _a.loadFromStorage(storage);
|
|
181
|
+
}
|
|
182
|
+
/**
|
|
183
|
+
* @param {SignerSessionData} sessionData The session information.
|
|
184
|
+
* @param {SignerSessionStorage} storage The storage to use for saving the session.
|
|
185
|
+
* @return {Promise<SignerSessionManager>} New signer session manager.
|
|
186
|
+
*/
|
|
187
|
+
static async createFromSessionData(sessionData, storage) {
|
|
188
|
+
storage ??= new MemorySessionStorage();
|
|
189
|
+
await storage.save(sessionData);
|
|
190
|
+
return await _a.loadFromStorage(storage);
|
|
191
|
+
}
|
|
192
|
+
/**
|
|
193
|
+
* Uses an existing session to create a new signer session manager.
|
|
194
|
+
*
|
|
195
|
+
* @param {SignerSessionStorage} storage The session storage to use
|
|
196
|
+
* @return {Promise<SingerSession>} New signer session manager
|
|
197
|
+
*/
|
|
198
|
+
static async loadFromStorage(storage) {
|
|
199
|
+
const session = await storage.retrieve();
|
|
200
|
+
return new _a(session, storage);
|
|
201
|
+
}
|
|
202
|
+
/**
|
|
203
|
+
* Constructor.
|
|
204
|
+
* @param {SignerSessionData} sessionData Session data
|
|
205
|
+
* @param {SignerSessionStorage} storage The session storage to use.
|
|
206
|
+
*/
|
|
207
|
+
constructor(sessionData, storage) {
|
|
208
|
+
_SignerSessionManager_instances.add(this);
|
|
209
|
+
this.events = new Events();
|
|
210
|
+
_SignerSessionManager_eventEmitter.set(this, void 0);
|
|
211
|
+
_SignerSessionManager_refreshing.set(this, false);
|
|
212
|
+
_SignerSessionManager_client.set(this, void 0);
|
|
213
|
+
this.env = sessionData.env["Dev-CubeSignerStack"];
|
|
214
|
+
this.orgId = sessionData.org_id;
|
|
215
|
+
this.storage = storage;
|
|
216
|
+
__classPrivateFieldSet(this, _SignerSessionManager_eventEmitter, new EventEmitter([this.events]), "f");
|
|
217
|
+
__classPrivateFieldSet(this, _SignerSessionManager_client, {
|
|
218
|
+
client: __classPrivateFieldGet(this, _SignerSessionManager_instances, "m", _SignerSessionManager_createClient).call(this, sessionData.token),
|
|
219
|
+
token_exp: secondsSinceEpochToDate(sessionData.session_info.auth_token_exp),
|
|
220
|
+
session_exp: sessionData.session_exp
|
|
221
|
+
? secondsSinceEpochToDate(sessionData.session_exp)
|
|
222
|
+
: undefined,
|
|
223
|
+
}, "f");
|
|
224
|
+
}
|
|
225
|
+
}
|
|
226
|
+
_a = SignerSessionManager, _SignerSessionManager_eventEmitter = new WeakMap(), _SignerSessionManager_refreshing = new WeakMap(), _SignerSessionManager_client = new WeakMap(), _SignerSessionManager_instances = new WeakSet(), _SignerSessionManager_createClient = function _SignerSessionManager_createClient(token) {
|
|
227
|
+
return createHttpClient(this.env.SignerApiRoot, token);
|
|
228
|
+
}, _SignerSessionManager_hasTimestampExpired = function _SignerSessionManager_hasTimestampExpired(exp, bufferSeconds) {
|
|
229
|
+
bufferSeconds ??= 0;
|
|
230
|
+
const expMsSinceEpoch = exp.getTime();
|
|
231
|
+
const nowMsSinceEpoch = new Date().getTime();
|
|
232
|
+
const bufferMs = bufferSeconds * 1000;
|
|
233
|
+
return expMsSinceEpoch < nowMsSinceEpoch + bufferMs;
|
|
234
|
+
};
|
|
235
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2lnbmVyX3Nlc3Npb25fbWFuYWdlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9zZXNzaW9uL3NpZ25lcl9zZXNzaW9uX21hbmFnZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7O0FBQUEsT0FBTyxFQUFFLE1BQU0sRUFBRSxNQUFNLFdBQVcsQ0FBQztBQUVuQyxPQUFPLEVBQVUsZ0JBQWdCLEVBQUUsUUFBUSxFQUFFLE1BQU0sUUFBUSxDQUFDO0FBQzVELE9BQU8sRUFBRSxvQkFBb0IsRUFBa0IsTUFBTSxtQkFBbUIsQ0FBQztBQUN6RSxPQUFPLEVBQUUsS0FBSyxFQUFFLE1BQU0sU0FBUyxDQUFDO0FBTWhDLE9BQU8sRUFBRSxZQUFZLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFDekMsT0FBTyxFQUFFLG1CQUFtQixFQUFFLE1BQU0sVUFBVSxDQUFDO0FBRy9DLE1BQU0sOEJBQThCLEdBQUcsRUFBRSxDQUFDO0FBc0IxQzs7OztHQUlHO0FBQ0gsU0FBUyx1QkFBdUIsQ0FBQyxJQUFZO0lBQzNDLE9BQU8sSUFBSSxJQUFJLENBQUMsSUFBSSxHQUFHLElBQUksQ0FBQyxDQUFDO0FBQy9CLENBQUM7QUFnQkQseUNBQXlDO0FBQ3pDLE1BQU0sT0FBTyxvQkFBb0I7SUFTL0I7OztPQUdHO0lBQ0gsS0FBSyxDQUFDLEtBQUs7UUFDVCxNQUFNLE9BQU8sR0FBRyxNQUFNLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDOUMsT0FBTyxPQUFPLENBQUMsS0FBSyxDQUFDO0lBQ3ZCLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSCxLQUFLLENBQUMsTUFBTSxDQUFDLFNBQTRCO1FBQ3ZDLE1BQU0sSUFBSSxDQUFDLGVBQWUsRUFBRSxDQUFDO1FBRTdCLGtFQUFrRTtRQUNsRSx1REFBdUQ7UUFDdkQsSUFBSSx1QkFBQSxFQUFvQixxREFBcUIsTUFBekMsRUFBb0IsRUFBc0IsdUJBQUEsSUFBSSxvQ0FBUSxDQUFDLFNBQVMsQ0FBQyxJQUFJLElBQUksQ0FBQyxVQUFVLEVBQUUsRUFBRSxDQUFDO1lBQzNGLE1BQU0sdUJBQUEsSUFBSSwwQ0FBYyxDQUFDLGtCQUFrQixFQUFFLENBQUM7WUFDOUMsTUFBTSxJQUFJLG1CQUFtQixDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBQzNDLENBQUM7UUFFRCxPQUFPLHVCQUFBLElBQUksb0NBQVEsQ0FBQyxNQUFNLENBQUM7SUFDN0IsQ0FBQztJQUVELDJCQUEyQjtJQUMzQixLQUFLLENBQUMsTUFBTTtRQUNWLE1BQU0sTUFBTSxHQUFHLElBQUksUUFBUSxDQUFDLHNCQUFzQixFQUFFLE1BQU0sSUFBSSxDQUFDLE1BQU0sRUFBRSxFQUFFLHVCQUFBLElBQUksMENBQWMsQ0FBQyxDQUFDO1FBQzdGLE1BQU0sTUFBTSxDQUFDLEdBQUcsQ0FBQywrQkFBK0IsRUFBRTtZQUNoRCxNQUFNLEVBQUUsRUFBRSxJQUFJLEVBQUUsRUFBRSxNQUFNLEVBQUUsSUFBSSxDQUFDLEtBQUssRUFBRSxFQUFFO1NBQ3pDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7T0FFRztJQUNILEtBQUssQ0FBQyxPQUFPO1FBQ1gsSUFBSSxJQUFJLENBQUMsVUFBVSxFQUFFLEVBQUUsQ0FBQztZQUN0QixNQUFNLHVCQUFBLElBQUksMENBQWMsQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO1lBQzlDLE1BQU0sSUFBSSxtQkFBbUIsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO1FBQ3hELENBQUM7UUFFRCxNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7UUFFbEQsTUFBTSxNQUFNLEdBQUcsSUFBSSxRQUFRLENBQUMsc0JBQXNCLEVBQUUsdUJBQUEsSUFBSSxvQ0FBUSxDQUFDLE1BQU0sRUFBRSx1QkFBQSxJQUFJLDBDQUFjLENBQUMsQ0FBQztRQUM3RixNQUFNLEdBQUcsR0FBRyxXQUFXLENBQUMsWUFBWSxDQUFDO1FBQ3JDLE1BQU0sSUFBSSxHQUFHLE1BQU0sTUFBTSxDQUFDLEtBQUssQ0FBQyxnQ0FBZ0MsRUFBRTtZQUNoRSxNQUFNLEVBQUUsRUFBRSxJQUFJLEVBQUUsRUFBRSxNQUFNLEVBQUUsSUFBSSxDQUFDLEtBQUssRUFBRSxFQUFFO1lBQ3hDLElBQUksRUFBK0I7Z0JBQ2pDLFNBQVMsRUFBRSxHQUFHLENBQUMsS0FBSztnQkFDcEIsV0FBVyxFQUFFLEdBQUcsQ0FBQyxXQUFXO2dCQUM1QixXQUFXLEVBQUUsR0FBRyxDQUFDLGFBQWE7YUFDL0I7U0FDRixDQUFDLENBQUM7UUFDSCxNQUFNLFVBQVUsR0FBc0I7WUFDcEMsR0FBRyxXQUFXO1lBQ2QsWUFBWSxFQUFFLElBQUksQ0FBQyxZQUFZO1lBQy9CLEtBQUssRUFBRSxJQUFJLENBQUMsS0FBSztTQUNsQixDQUFDO1FBRUYsTUFBTSxJQUFJLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUNwQyx1QkFBQSxJQUFJLGdDQUFXO1lBQ2IsTUFBTSxFQUFFLHVCQUFBLElBQUksMkVBQWMsTUFBbEIsSUFBSSxFQUFlLFVBQVUsQ0FBQyxLQUFLLENBQUM7WUFDNUMsU0FBUyxFQUFFLHVCQUF1QixDQUFDLFVBQVUsQ0FBQyxZQUFZLENBQUMsY0FBYyxDQUFDO1lBQzFFLFdBQVcsRUFBRSxVQUFVLENBQUMsV0FBVztnQkFDakMsQ0FBQyxDQUFDLHVCQUF1QixDQUFDLFVBQVUsQ0FBQyxXQUFXLENBQUM7Z0JBQ2pELENBQUMsQ0FBQyxTQUFTO1NBQ2QsTUFBQSxDQUFDO0lBQ0osQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxLQUFLLENBQUMsT0FBTztRQUNYLE9BQU8sdUJBQUEsRUFBb0IscURBQXFCLE1BQXpDLEVBQW9CLEVBQ3pCLHVCQUFBLElBQUksb0NBQVEsQ0FBQyxTQUFTLEVBQ3RCLDhCQUE4QixDQUMvQixDQUFDO0lBQ0osQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxVQUFVO1FBQ1IsT0FBTyxDQUNMLENBQUMsdUJBQUEsSUFBSSxvQ0FBUSxDQUFDLFdBQVcsSUFBSSxLQUFLLENBQUM7WUFDbkMsdUJBQUEsRUFBb0IscURBQXFCLE1BQXpDLEVBQW9CLEVBQXNCLHVCQUFBLElBQUksb0NBQVEsQ0FBQyxXQUFXLENBQUMsQ0FDcEUsQ0FBQztJQUNKLENBQUM7SUFFRDs7OztPQUlHO0lBQ0gsS0FBSyxDQUFDLGVBQWU7UUFDbkIsSUFBSSxNQUFNLElBQUksQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDO1lBQ3pCLElBQUksdUJBQUEsSUFBSSx3Q0FBWSxFQUFFLENBQUM7Z0JBQ3JCLDZCQUE2QjtnQkFDN0IsT0FBTyx1QkFBQSxJQUFJLHdDQUFZLEVBQUUsQ0FBQztvQkFDeEIsTUFBTSxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7Z0JBQ25CLENBQUM7Z0JBQ0QsT0FBTyxLQUFLLENBQUM7WUFDZixDQUFDO2lCQUFNLENBQUM7Z0JBQ04sVUFBVTtnQkFDVix1QkFBQSxJQUFJLG9DQUFlLElBQUksTUFBQSxDQUFDO2dCQUN4QixJQUFJLENBQUM7b0JBQ0gsTUFBTSxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUM7b0JBQ3JCLE9BQU8sSUFBSSxDQUFDO2dCQUNkLENBQUM7d0JBQVMsQ0FBQztvQkFDVCx1QkFBQSxJQUFJLG9DQUFlLEtBQUssTUFBQSxDQUFDO2dCQUMzQixDQUFDO1lBQ0gsQ0FBQztRQUNILENBQUM7UUFFRCxPQUFPLEtBQUssQ0FBQztJQUNmLENBQUM7SUFFRDs7OztPQUlHO0lBQ0gsV0FBVztRQUNULE9BQU8sV0FBVyxDQUFDLEtBQUssSUFBSSxFQUFFO1lBQzVCLE1BQU0sSUFBSSxDQUFDLGVBQWUsRUFBRSxDQUFDO1FBQy9CLENBQUMsRUFBRSxFQUFFLEdBQUcsSUFBSSxDQUFDLENBQUM7SUFDaEIsQ0FBQztJQUVEOzs7T0FHRztJQUNILGdCQUFnQixDQUFDLEtBQWdCO1FBQy9CLGFBQWEsQ0FBQyxLQUFLLENBQUMsQ0FBQztJQUN2QixDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0gsTUFBTSxDQUFDLEtBQUssQ0FBQyxxQkFBcUIsQ0FDaEMsR0FBaUIsRUFDakIsS0FBYSxFQUNiLE9BQTJCLEVBQzNCLE9BQThCO1FBRTlCLE1BQU0sV0FBVyxHQUFHO1lBQ2xCLEdBQUcsRUFBRTtnQkFDSCxDQUFDLHFCQUFxQixDQUFDLEVBQUUsR0FBRzthQUM3QjtZQUNELE1BQU0sRUFBRSxLQUFLO1lBQ2IsS0FBSyxFQUFFLE9BQU8sQ0FBQyxLQUFLO1lBQ3BCLE9BQU8sRUFBRSxlQUFlO1lBQ3hCLFlBQVksRUFBRSxPQUFPLENBQUMsWUFBWTtZQUNsQyxXQUFXLEVBQUUsT0FBTyxDQUFDLFVBQVc7U0FDakMsQ0FBQztRQUNGLE9BQU8sS0FBSyxJQUFJLG9CQUFvQixFQUFFLENBQUM7UUFDdkMsTUFBTSxPQUFPLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBQ2hDLE9BQU8sTUFBTSxFQUFvQixDQUFDLGVBQWUsQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUM3RCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILE1BQU0sQ0FBQyxLQUFLLENBQUMscUJBQXFCLENBQ2hDLFdBQThCLEVBQzlCLE9BQThCO1FBRTlCLE9BQU8sS0FBSyxJQUFJLG9CQUFvQixFQUFFLENBQUM7UUFDdkMsTUFBTSxPQUFPLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBQ2hDLE9BQU8sTUFBTSxFQUFvQixDQUFDLGVBQWUsQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUM3RCxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSCxNQUFNLENBQUMsS0FBSyxDQUFDLGVBQWUsQ0FBQyxPQUE2QjtRQUN4RCxNQUFNLE9BQU8sR0FBRyxNQUFNLE9BQU8sQ0FBQyxRQUFRLEVBQUUsQ0FBQztRQUN6QyxPQUFPLElBQUksRUFBb0IsQ0FBQyxPQUFPLEVBQUUsT0FBTyxDQUFDLENBQUM7SUFDcEQsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxZQUFZLFdBQThCLEVBQUUsT0FBNkI7O1FBbk5oRSxXQUFNLEdBQUcsSUFBSSxNQUFNLEVBQUUsQ0FBQztRQUN0QixxREFBNEI7UUFDckMsMkNBQXVCLEtBQUssRUFBQztRQUM3QiwrQ0FBaUU7UUFpTi9ELElBQUksQ0FBQyxHQUFHLEdBQUcsV0FBVyxDQUFDLEdBQUcsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO1FBQ2xELElBQUksQ0FBQyxLQUFLLEdBQUcsV0FBVyxDQUFDLE1BQU0sQ0FBQztRQUNoQyxJQUFJLENBQUMsT0FBTyxHQUFHLE9BQU8sQ0FBQztRQUN2Qix1QkFBQSxJQUFJLHNDQUFpQixJQUFJLFlBQVksQ0FBQyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQyxNQUFBLENBQUM7UUFDckQsdUJBQUEsSUFBSSxnQ0FBVztZQUNiLE1BQU0sRUFBRSx1QkFBQSxJQUFJLDJFQUFjLE1BQWxCLElBQUksRUFBZSxXQUFXLENBQUMsS0FBSyxDQUFDO1lBQzdDLFNBQVMsRUFBRSx1QkFBdUIsQ0FBQyxXQUFXLENBQUMsWUFBWSxDQUFDLGNBQWMsQ0FBQztZQUMzRSxXQUFXLEVBQUUsV0FBVyxDQUFDLFdBQVc7Z0JBQ2xDLENBQUMsQ0FBQyx1QkFBdUIsQ0FBQyxXQUFXLENBQUMsV0FBVyxDQUFDO2dCQUNsRCxDQUFDLENBQUMsU0FBUztTQUNkLE1BQUEsQ0FBQztJQUNKLENBQUM7Q0F3QkY7aVRBakJlLEtBQWE7SUFDekIsT0FBTyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLGFBQWEsRUFBRSxLQUFLLENBQUMsQ0FBQztBQUN6RCxDQUFDLGlHQVEyQixHQUFTLEVBQUUsYUFBc0I7SUFDM0QsYUFBYSxLQUFLLENBQUMsQ0FBQztJQUNwQixNQUFNLGVBQWUsR0FBRyxHQUFHLENBQUMsT0FBTyxFQUFFLENBQUM7SUFDdEMsTUFBTSxlQUFlLEdBQUcsSUFBSSxJQUFJLEVBQUUsQ0FBQyxPQUFPLEVBQUUsQ0FBQztJQUM3QyxNQUFNLFFBQVEsR0FBRyxhQUFhLEdBQUcsSUFBSSxDQUFDO0lBQ3RDLE9BQU8sZUFBZSxHQUFHLGVBQWUsR0FBRyxRQUFRLENBQUM7QUFDdEQsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEV2ZW50cyB9IGZyb20gXCIuLi9ldmVudHNcIjtcbmltcG9ydCB7IEVudkludGVyZmFjZSB9IGZyb20gXCIuLi9lbnZcIjtcbmltcG9ydCB7IENsaWVudCwgY3JlYXRlSHR0cENsaWVudCwgT3BDbGllbnQgfSBmcm9tIFwiLi4vYXBpXCI7XG5pbXBvcnQgeyBNZW1vcnlTZXNzaW9uU3RvcmFnZSwgU2Vzc2lvblN0b3JhZ2UgfSBmcm9tIFwiLi9zZXNzaW9uX3N0b3JhZ2VcIjtcbmltcG9ydCB7IGRlbGF5IH0gZnJvbSBcIi4uL3V0aWxcIjtcbmltcG9ydCB7XG4gIENsaWVudFNlc3Npb25JbmZvLFxuICBOZXdTZXNzaW9uUmVzcG9uc2UsXG4gIFJlZnJlc2hTaWduZXJTZXNzaW9uUmVxdWVzdCxcbn0gZnJvbSBcIi4uL3NjaGVtYV90eXBlc1wiO1xuaW1wb3J0IHsgRXZlbnRFbWl0dGVyIH0gZnJvbSBcIi4uL2V2ZW50c1wiO1xuaW1wb3J0IHsgU2Vzc2lvbkV4cGlyZWRFcnJvciB9IGZyb20gXCIuLi9lcnJvclwiO1xuaW1wb3J0IHsgb3BlcmF0aW9ucyB9IGZyb20gXCIuLi9zY2hlbWFcIjtcblxuY29uc3QgREVGQVVMVF9FWFBJUkFUSU9OX0JVRkZFUl9TRUNTID0gMzA7XG5cbi8qKiBKU09OIHJlcHJlc2VudGF0aW9uIG9mIG91ciBcInNpZ25lciBzZXNzaW9uXCIgZmlsZSBmb3JtYXQgKi9cbmV4cG9ydCBpbnRlcmZhY2UgU2lnbmVyU2Vzc2lvbkRhdGEge1xuICAvKiogVGhlIG9yZ2FuaXphdGlvbiBJRCAqL1xuICBvcmdfaWQ6IHN0cmluZztcbiAgLyoqIFRoZSByb2xlIElEICovXG4gIHJvbGVfaWQ/OiBzdHJpbmc7XG4gIC8qKiBUaGUgcHVycG9zZSBvZiB0aGUgc2Vzc2lvbiB0b2tlbiAqL1xuICBwdXJwb3NlPzogc3RyaW5nO1xuICAvKiogVGhlIHRva2VuIHRvIGluY2x1ZGUgaW4gQXV0aG9yaXphdGlvbiBoZWFkZXIgKi9cbiAgdG9rZW46IHN0cmluZztcbiAgLyoqIFNlc3Npb24gaW5mbyAqL1xuICBzZXNzaW9uX2luZm86IENsaWVudFNlc3Npb25JbmZvO1xuICAvKiogU2Vzc2lvbiBleHBpcmF0aW9uIChpbiBzZWNvbmRzIHNpbmNlIFVOSVggZXBvY2gpIGJleW9uZCB3aGljaCBpdCBjYW5ub3QgYmUgcmVmcmVzaGVkICovXG4gIHNlc3Npb25fZXhwOiBudW1iZXIgfCB1bmRlZmluZWQ7IC8vIG1heSBiZSBtaXNzaW5nIGluIGxlZ2FjeSBzZXNzaW9uIGZpbGVzXG4gIC8qKiBUaGUgZW52aXJvbm1lbnQgKi9cbiAgZW52OiB7XG4gICAgW1wiRGV2LUN1YmVTaWduZXJTdGFja1wiXTogRW52SW50ZXJmYWNlO1xuICB9O1xufVxuXG4vKipcbiAqIENvbnN0cnVjdHMge0BsaW5rIERhdGV9IGZyb20gYSBudW1iZXIgcmVwcmVzZW50aW5nIHNlY29uZHMgc2luY2UgdW5peCBlcG9jaC5cbiAqIEBwYXJhbSB7bnVtYmVyfSBzZWNzIFNlY29uZHMgc2luY2UgdW5peCBlcG9jaC5cbiAqIEByZXR1cm4ge0RhdGV9IFRoZSBlcXVpdmFsZW50IGRhdGUuXG4gKi9cbmZ1bmN0aW9uIHNlY29uZHNTaW5jZUVwb2NoVG9EYXRlKHNlY3M6IG51bWJlcik6IERhdGUge1xuICByZXR1cm4gbmV3IERhdGUoc2VjcyAqIDEwMDApO1xufVxuXG4vKiogVHlwZSBvZiBzdG9yYWdlIHJlcXVpcmVkIGZvciBzaWduZXIgc2Vzc2lvbnMgKi9cbmV4cG9ydCB0eXBlIFNpZ25lclNlc3Npb25TdG9yYWdlID0gU2Vzc2lvblN0b3JhZ2U8U2lnbmVyU2Vzc2lvbkRhdGE+O1xuXG5leHBvcnQgaW50ZXJmYWNlIFNpZ25lclNlc3Npb25MaWZldGltZSB7XG4gIC8qKiBTZXNzaW9uIGxpZmV0aW1lIChpbiBzZWNvbmRzKS4gRGVmYXVsdHMgdG8gb25lIHdlZWsgKDYwNDgwMCkuICovXG4gIHNlc3Npb24/OiBudW1iZXI7XG4gIC8qKiBBdXRoIHRva2VuIGxpZmV0aW1lIChpbiBzZWNvbmRzKS4gRGVmYXVsdHMgdG8gZml2ZSBtaW51dGVzICgzMDApLiAqL1xuICBhdXRoOiBudW1iZXI7XG4gIC8qKiBSZWZyZXNoIHRva2VuIGxpZmV0aW1lIChpbiBzZWNvbmRzKS4gRGVmYXVsdHMgdG8gb25lIGRheSAoODY0MDApLiAqL1xuICByZWZyZXNoPzogbnVtYmVyO1xuICAvKiogR3JhY2UgbGlmZXRpbWUgKGluIHNlY29uZHMpLiBEZWZhdWx0cyB0byAzMCBzZWNvbmRzICgzMCkuICovXG4gIGdyYWNlPzogbnVtYmVyO1xufVxuXG4vKiogR2VuZXJpYyBzZXNzaW9uIG1hbmFnZXIgaW50ZXJmYWNlLiAqL1xuZXhwb3J0IGNsYXNzIFNpZ25lclNlc3Npb25NYW5hZ2VyIHtcbiAgcmVhZG9ubHkgZW52OiBFbnZJbnRlcmZhY2U7XG4gIHJlYWRvbmx5IG9yZ0lkOiBzdHJpbmc7XG4gIHJlYWRvbmx5IHN0b3JhZ2U6IFNpZ25lclNlc3Npb25TdG9yYWdlO1xuICByZWFkb25seSBldmVudHMgPSBuZXcgRXZlbnRzKCk7XG4gIHJlYWRvbmx5ICNldmVudEVtaXR0ZXI6IEV2ZW50RW1pdHRlcjtcbiAgI3JlZnJlc2hpbmc6IGJvb2xlYW4gPSBmYWxzZTtcbiAgI2NsaWVudDogeyBjbGllbnQ6IENsaWVudDsgdG9rZW5fZXhwOiBEYXRlOyBzZXNzaW9uX2V4cD86IERhdGUgfTtcblxuICAvKipcbiAgICogQHJldHVybiB7c3RyaW5nfSBUaGUgY3VycmVudCBhdXRoIHRva2VuLlxuICAgKiBAaW50ZXJuYWxcbiAgICovXG4gIGFzeW5jIHRva2VuKCk6IFByb21pc2U8c3RyaW5nPiB7XG4gICAgY29uc3Qgc2Vzc2lvbiA9IGF3YWl0IHRoaXMuc3RvcmFnZS5yZXRyaWV2ZSgpO1xuICAgIHJldHVybiBzZXNzaW9uLnRva2VuO1xuICB9XG5cbiAgLyoqXG4gICAqIFJlZnJlc2hlcyB0aGUgY3VycmVudCBzZXNzaW9uIGlmIG5lZWRlZCwgdGhlbiByZXR1cm5zIGEgY2xpZW50IHVzaW5nIHRoZSBjdXJyZW50IHNlc3Npb24uXG4gICAqXG4gICAqIE1heSAqKlVQREFURS9NVVRBVEUqKiBzZWxmLlxuICAgKlxuICAgKiBAcGFyYW0ge29wZXJhdGlvbnN9IG9wZXJhdGlvbiBUaGUgb3BlcmF0aW9uIHRoYXQgdGhpcyBjbGllbnQgd2lsbCBiZVxuICAgKiAgIHVzZWQgZm9yLiBUaGlzIHBhcmFtZXRlciBpcyB1c2VkIGV4Y2x1c2l2ZWx5IGZvciBtb3JlIGFjY3VyYXRlIGVycm9yXG4gICAqICAgcmVwb3J0aW5nIGFuZCBkb2VzIG5vdCBhZmZlY3QgZnVuY3Rpb25hbGl0eS5cbiAgICogQHJldHVybiB7Q2xpZW50fSBUaGUgY2xpZW50IHdpdGggdGhlIGN1cnJlbnQgc2Vzc2lvblxuICAgKi9cbiAgYXN5bmMgY2xpZW50KG9wZXJhdGlvbj86IGtleW9mIG9wZXJhdGlvbnMpOiBQcm9taXNlPENsaWVudD4ge1xuICAgIGF3YWl0IHRoaXMucmVmcmVzaElmTmVlZGVkKCk7XG5cbiAgICAvLyB0cmlnZ2VyIFwic2Vzc2lvbiBleHBpcmVkXCIgaWYgdGhlIHNlc3Npb24gYXMgYSB3aG9sZSBoYXMgZXhwaXJlZFxuICAgIC8vIG9yIGlmIChmb3Igd2hhdGV2ZXIgcmVhc29uKSB0aGUgdG9rZW4gaXMgc3RpbGwgc3RhbGVcbiAgICBpZiAoU2lnbmVyU2Vzc2lvbk1hbmFnZXIuI2hhc1RpbWVzdGFtcEV4cGlyZWQodGhpcy4jY2xpZW50LnRva2VuX2V4cCkgfHwgdGhpcy5oYXNFeHBpcmVkKCkpIHtcbiAgICAgIGF3YWl0IHRoaXMuI2V2ZW50RW1pdHRlci5lbWl0U2Vzc2lvbkV4cGlyZWQoKTtcbiAgICAgIHRocm93IG5ldyBTZXNzaW9uRXhwaXJlZEVycm9yKG9wZXJhdGlvbik7XG4gICAgfVxuXG4gICAgcmV0dXJuIHRoaXMuI2NsaWVudC5jbGllbnQ7XG4gIH1cblxuICAvKiogUmV2b2tlcyB0aGUgc2Vzc2lvbi4gKi9cbiAgYXN5bmMgcmV2b2tlKCk6IFByb21pc2U8dm9pZD4ge1xuICAgIGNvbnN0IGNsaWVudCA9IG5ldyBPcENsaWVudChcInJldm9rZUN1cnJlbnRTZXNzaW9uXCIsIGF3YWl0IHRoaXMuY2xpZW50KCksIHRoaXMuI2V2ZW50RW1pdHRlcik7XG4gICAgYXdhaXQgY2xpZW50LmRlbChcIi92MC9vcmcve29yZ19pZH0vc2Vzc2lvbi9zZWxmXCIsIHtcbiAgICAgIHBhcmFtczogeyBwYXRoOiB7IG9yZ19pZDogdGhpcy5vcmdJZCB9IH0sXG4gICAgfSk7XG4gIH1cblxuICAvKipcbiAgICogUmVmcmVzaGVzIHRoZSBzZXNzaW9uIGFuZCAqKlVQREFURVMvTVVUQVRFUyoqIHNlbGYuXG4gICAqL1xuICBhc3luYyByZWZyZXNoKCk6IFByb21pc2U8dm9pZD4ge1xuICAgIGlmICh0aGlzLmhhc0V4cGlyZWQoKSkge1xuICAgICAgYXdhaXQgdGhpcy4jZXZlbnRFbWl0dGVyLmVtaXRTZXNzaW9uRXhwaXJlZCgpO1xuICAgICAgdGhyb3cgbmV3IFNlc3Npb25FeHBpcmVkRXJyb3IoXCJzaWduZXJTZXNzaW9uUmVmcmVzaFwiKTtcbiAgICB9XG5cbiAgICBjb25zdCBjdXJyU2Vzc2lvbiA9IGF3YWl0IHRoaXMuc3RvcmFnZS5yZXRyaWV2ZSgpO1xuXG4gICAgY29uc3QgY2xpZW50ID0gbmV3IE9wQ2xpZW50KFwic2lnbmVyU2Vzc2lvblJlZnJlc2hcIiwgdGhpcy4jY2xpZW50LmNsaWVudCwgdGhpcy4jZXZlbnRFbWl0dGVyKTtcbiAgICBjb25zdCBjc2kgPSBjdXJyU2Vzc2lvbi5zZXNzaW9uX2luZm87XG4gICAgY29uc3QgZGF0YSA9IGF3YWl0IGNsaWVudC5wYXRjaChcIi92MS9vcmcve29yZ19pZH0vdG9rZW4vcmVmcmVzaFwiLCB7XG4gICAgICBwYXJhbXM6IHsgcGF0aDogeyBvcmdfaWQ6IHRoaXMub3JnSWQgfSB9LFxuICAgICAgYm9keTogPFJlZnJlc2hTaWduZXJTZXNzaW9uUmVxdWVzdD57XG4gICAgICAgIGVwb2NoX251bTogY3NpLmVwb2NoLFxuICAgICAgICBlcG9jaF90b2tlbjogY3NpLmVwb2NoX3Rva2VuLFxuICAgICAgICBvdGhlcl90b2tlbjogY3NpLnJlZnJlc2hfdG9rZW4sXG4gICAgICB9LFxuICAgIH0pO1xuICAgIGNvbnN0IG5ld1Nlc3Npb24gPSA8U2lnbmVyU2Vzc2lvbkRhdGE+e1xuICAgICAgLi4uY3VyclNlc3Npb24sXG4gICAgICBzZXNzaW9uX2luZm86IGRhdGEuc2Vzc2lvbl9pbmZvLFxuICAgICAgdG9rZW46IGRhdGEudG9rZW4sXG4gICAgfTtcblxuICAgIGF3YWl0IHRoaXMuc3RvcmFnZS5zYXZlKG5ld1Nlc3Npb24pO1xuICAgIHRoaXMuI2NsaWVudCA9IHtcbiAgICAgIGNsaWVudDogdGhpcy4jY3JlYXRlQ2xpZW50KG5ld1Nlc3Npb24udG9rZW4pLFxuICAgICAgdG9rZW5fZXhwOiBzZWNvbmRzU2luY2VFcG9jaFRvRGF0ZShuZXdTZXNzaW9uLnNlc3Npb25faW5mby5hdXRoX3Rva2VuX2V4cCksXG4gICAgICBzZXNzaW9uX2V4cDogbmV3U2Vzc2lvbi5zZXNzaW9uX2V4cFxuICAgICAgICA/IHNlY29uZHNTaW5jZUVwb2NoVG9EYXRlKG5ld1Nlc3Npb24uc2Vzc2lvbl9leHApXG4gICAgICAgIDogdW5kZWZpbmVkLFxuICAgIH07XG4gIH1cblxuICAvKipcbiAgICogUmV0dXJucyB3aGV0aGVyIGl0J3MgdGltZSB0byByZWZyZXNoIHRoaXMgdG9rZW4uXG4gICAqIEByZXR1cm4ge2Jvb2xlYW59IFdoZXRoZXIgaXQncyB0aW1lIHRvIHJlZnJlc2ggdGhpcyB0b2tlbi5cbiAgICogQGludGVybmFsXG4gICAqL1xuICBhc3luYyBpc1N0YWxlKCk6IFByb21pc2U8Ym9vbGVhbj4ge1xuICAgIHJldHVybiBTaWduZXJTZXNzaW9uTWFuYWdlci4jaGFzVGltZXN0YW1wRXhwaXJlZChcbiAgICAgIHRoaXMuI2NsaWVudC50b2tlbl9leHAsXG4gICAgICBERUZBVUxUX0VYUElSQVRJT05fQlVGRkVSX1NFQ1MsXG4gICAgKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBSZXR1cm4gd2hldGhlciB0aGlzIHNlc3Npb24gaGFzIGV4cGlyZWQgYW5kIGNhbm5vdCBiZSByZWZyZXNoZWQgYW55bW9yZS5cbiAgICogQHJldHVybiB7Ym9vbGVhbn0gV2hldGhlciB0aGlzIHNlc3Npb24gaGFzIGV4cGlyZWQuXG4gICAqIEBpbnRlcm5hbFxuICAgKi9cbiAgaGFzRXhwaXJlZCgpOiBib29sZWFuIHtcbiAgICByZXR1cm4gKFxuICAgICAgKHRoaXMuI2NsaWVudC5zZXNzaW9uX2V4cCB8fCBmYWxzZSkgJiZcbiAgICAgIFNpZ25lclNlc3Npb25NYW5hZ2VyLiNoYXNUaW1lc3RhbXBFeHBpcmVkKHRoaXMuI2NsaWVudC5zZXNzaW9uX2V4cClcbiAgICApO1xuICB9XG5cbiAgLyoqXG4gICAqIFJlZnJlc2hlcyB0aGUgc2Vzc2lvbiBpZiBpdCBpcyBhYm91dCB0byBleHBpcmUuXG4gICAqIEByZXR1cm4ge2Jvb2xlYW59IFdoZXRoZXIgdGhlIHNlc3Npb24gdG9rZW4gd2FzIHJlZnJlc2hlZC5cbiAgICogQGludGVybmFsXG4gICAqL1xuICBhc3luYyByZWZyZXNoSWZOZWVkZWQoKTogUHJvbWlzZTxib29sZWFuPiB7XG4gICAgaWYgKGF3YWl0IHRoaXMuaXNTdGFsZSgpKSB7XG4gICAgICBpZiAodGhpcy4jcmVmcmVzaGluZykge1xuICAgICAgICAvLyB3YWl0IHVudGlsIGRvbmUgcmVmcmVzaGluZ1xuICAgICAgICB3aGlsZSAodGhpcy4jcmVmcmVzaGluZykge1xuICAgICAgICAgIGF3YWl0IGRlbGF5KDEwMCk7XG4gICAgICAgIH1cbiAgICAgICAgcmV0dXJuIGZhbHNlO1xuICAgICAgfSBlbHNlIHtcbiAgICAgICAgLy8gcmVmcmVzaFxuICAgICAgICB0aGlzLiNyZWZyZXNoaW5nID0gdHJ1ZTtcbiAgICAgICAgdHJ5IHtcbiAgICAgICAgICBhd2FpdCB0aGlzLnJlZnJlc2goKTtcbiAgICAgICAgICByZXR1cm4gdHJ1ZTtcbiAgICAgICAgfSBmaW5hbGx5IHtcbiAgICAgICAgICB0aGlzLiNyZWZyZXNoaW5nID0gZmFsc2U7XG4gICAgICAgIH1cbiAgICAgIH1cbiAgICB9XG5cbiAgICByZXR1cm4gZmFsc2U7XG4gIH1cblxuICAvKipcbiAgICogQXV0b21hdGljYWxseSByZWZyZXNoZXMgdGhlIHNlc3Npb24gaW4gdGhlIGJhY2tncm91bmQgKGlmIG5lZWRlZCkgZXZlcnlcbiAgICogbWludXRlLiBUaGlzIGlzIGEgc2ltcGxlIHdyYXBwZXIgYXJvdW5kIGBzZXRJbnRlcnZhbGAuXG4gICAqIEByZXR1cm4ge251bWJlcn0gVGhlIGludGVydmFsIElEIG9mIHRoZSByZWZyZXNoIHRpbWVyLlxuICAgKi9cbiAgYXV0b1JlZnJlc2goKTogUmVmcmVzaElkIHtcbiAgICByZXR1cm4gc2V0SW50ZXJ2YWwoYXN5bmMgKCkgPT4ge1xuICAgICAgYXdhaXQgdGhpcy5yZWZyZXNoSWZOZWVkZWQoKTtcbiAgICB9LCA2MCAqIDEwMDApO1xuICB9XG5cbiAgLyoqXG4gICAqIENsZWFycyB0aGUgYXV0byByZWZyZXNoIHRpbWVyLlxuICAgKiBAcGFyYW0ge251bWJlcn0gdGltZXIgVGhlIHRpbWVyIElEIHRvIGNsZWFyLlxuICAgKi9cbiAgY2xlYXJBdXRvUmVmcmVzaCh0aW1lcjogUmVmcmVzaElkKTogdm9pZCB7XG4gICAgY2xlYXJJbnRlcnZhbCh0aW1lcik7XG4gIH1cblxuICAvKipcbiAgICogQHBhcmFtIHtFbnZJbnRlcmZhY2V9IGVudiBUaGUgQ3ViZVNpZ25lciBlbnZpcm9ubWVudFxuICAgKiBAcGFyYW0ge3N0cmluZ30gb3JnSWQgVGhlIG9yZ2FuaXphdGlvbiBJRFxuICAgKiBAcGFyYW0ge05ld1Nlc3Npb25SZXNwb25zZX0gc2Vzc2lvbiBUaGUgc2Vzc2lvbiBpbmZvcm1hdGlvbi5cbiAgICogQHBhcmFtIHtTaWduZXJTZXNzaW9uU3RvcmFnZX0gc3RvcmFnZSBUaGUgc3RvcmFnZSB0byB1c2UgZm9yIHNhdmluZyB0aGUgc2Vzc2lvbi5cbiAgICogQHJldHVybiB7UHJvbWlzZTxTaWduZXJTZXNzaW9uTWFuYWdlcj59IE5ldyBzaWduZXIgc2Vzc2lvbiBtYW5hZ2VyLlxuICAgKi9cbiAgc3RhdGljIGFzeW5jIGNyZWF0ZUZyb21TZXNzaW9uSW5mbyhcbiAgICBlbnY6IEVudkludGVyZmFjZSxcbiAgICBvcmdJZDogc3RyaW5nLFxuICAgIHNlc3Npb246IE5ld1Nlc3Npb25SZXNwb25zZSxcbiAgICBzdG9yYWdlPzogU2lnbmVyU2Vzc2lvblN0b3JhZ2UsXG4gICk6IFByb21pc2U8U2lnbmVyU2Vzc2lvbk1hbmFnZXI+IHtcbiAgICBjb25zdCBzZXNzaW9uRGF0YSA9IHtcbiAgICAgIGVudjoge1xuICAgICAgICBbXCJEZXYtQ3ViZVNpZ25lclN0YWNrXCJdOiBlbnYsXG4gICAgICB9LFxuICAgICAgb3JnX2lkOiBvcmdJZCxcbiAgICAgIHRva2VuOiBzZXNzaW9uLnRva2VuLFxuICAgICAgcHVycG9zZTogXCJzaWduIHZpYSBvaWRjXCIsXG4gICAgICBzZXNzaW9uX2luZm86IHNlc3Npb24uc2Vzc2lvbl9pbmZvLFxuICAgICAgc2Vzc2lvbl9leHA6IHNlc3Npb24uZXhwaXJhdGlvbiEsXG4gICAgfTtcbiAgICBzdG9yYWdlID8/PSBuZXcgTWVtb3J5U2Vzc2lvblN0b3JhZ2UoKTtcbiAgICBhd2FpdCBzdG9yYWdlLnNhdmUoc2Vzc2lvbkRhdGEpO1xuICAgIHJldHVybiBhd2FpdCBTaWduZXJTZXNzaW9uTWFuYWdlci5sb2FkRnJvbVN0b3JhZ2Uoc3RvcmFnZSk7XG4gIH1cblxuICAvKipcbiAgICogQHBhcmFtIHtTaWduZXJTZXNzaW9uRGF0YX0gc2Vzc2lvbkRhdGEgVGhlIHNlc3Npb24gaW5mb3JtYXRpb24uXG4gICAqIEBwYXJhbSB7U2lnbmVyU2Vzc2lvblN0b3JhZ2V9IHN0b3JhZ2UgVGhlIHN0b3JhZ2UgdG8gdXNlIGZvciBzYXZpbmcgdGhlIHNlc3Npb24uXG4gICAqIEByZXR1cm4ge1Byb21pc2U8U2lnbmVyU2Vzc2lvbk1hbmFnZXI+fSBOZXcgc2lnbmVyIHNlc3Npb24gbWFuYWdlci5cbiAgICovXG4gIHN0YXRpYyBhc3luYyBjcmVhdGVGcm9tU2Vzc2lvbkRhdGEoXG4gICAgc2Vzc2lvbkRhdGE6IFNpZ25lclNlc3Npb25EYXRhLFxuICAgIHN0b3JhZ2U/OiBTaWduZXJTZXNzaW9uU3RvcmFnZSxcbiAgKTogUHJvbWlzZTxTaWduZXJTZXNzaW9uTWFuYWdlcj4ge1xuICAgIHN0b3JhZ2UgPz89IG5ldyBNZW1vcnlTZXNzaW9uU3RvcmFnZSgpO1xuICAgIGF3YWl0IHN0b3JhZ2Uuc2F2ZShzZXNzaW9uRGF0YSk7XG4gICAgcmV0dXJuIGF3YWl0IFNpZ25lclNlc3Npb25NYW5hZ2VyLmxvYWRGcm9tU3RvcmFnZShzdG9yYWdlKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBVc2VzIGFuIGV4aXN0aW5nIHNlc3Npb24gdG8gY3JlYXRlIGEgbmV3IHNpZ25lciBzZXNzaW9uIG1hbmFnZXIuXG4gICAqXG4gICAqIEBwYXJhbSB7U2lnbmVyU2Vzc2lvblN0b3JhZ2V9IHN0b3JhZ2UgVGhlIHNlc3Npb24gc3RvcmFnZSB0byB1c2VcbiAgICogQHJldHVybiB7UHJvbWlzZTxTaW5nZXJTZXNzaW9uPn0gTmV3IHNpZ25lciBzZXNzaW9uIG1hbmFnZXJcbiAgICovXG4gIHN0YXRpYyBhc3luYyBsb2FkRnJvbVN0b3JhZ2Uoc3RvcmFnZTogU2lnbmVyU2Vzc2lvblN0b3JhZ2UpOiBQcm9taXNlPFNpZ25lclNlc3Npb25NYW5hZ2VyPiB7XG4gICAgY29uc3Qgc2Vzc2lvbiA9IGF3YWl0IHN0b3JhZ2UucmV0cmlldmUoKTtcbiAgICByZXR1cm4gbmV3IFNpZ25lclNlc3Npb25NYW5hZ2VyKHNlc3Npb24sIHN0b3JhZ2UpO1xuICB9XG5cbiAgLyoqXG4gICAqIENvbnN0cnVjdG9yLlxuICAgKiBAcGFyYW0ge1NpZ25lclNlc3Npb25EYXRhfSBzZXNzaW9uRGF0YSBTZXNzaW9uIGRhdGFcbiAgICogQHBhcmFtIHtTaWduZXJTZXNzaW9uU3RvcmFnZX0gc3RvcmFnZSBUaGUgc2Vzc2lvbiBzdG9yYWdlIHRvIHVzZS5cbiAgICovXG4gIGNvbnN0cnVjdG9yKHNlc3Npb25EYXRhOiBTaWduZXJTZXNzaW9uRGF0YSwgc3RvcmFnZTogU2lnbmVyU2Vzc2lvblN0b3JhZ2UpIHtcbiAgICB0aGlzLmVudiA9IHNlc3Npb25EYXRhLmVudltcIkRldi1DdWJlU2lnbmVyU3RhY2tcIl07XG4gICAgdGhpcy5vcmdJZCA9IHNlc3Npb25EYXRhLm9yZ19pZDtcbiAgICB0aGlzLnN0b3JhZ2UgPSBzdG9yYWdlO1xuICAgIHRoaXMuI2V2ZW50RW1pdHRlciA9IG5ldyBFdmVudEVtaXR0ZXIoW3RoaXMuZXZlbnRzXSk7XG4gICAgdGhpcy4jY2xpZW50ID0ge1xuICAgICAgY2xpZW50OiB0aGlzLiNjcmVhdGVDbGllbnQoc2Vzc2lvbkRhdGEudG9rZW4pLFxuICAgICAgdG9rZW5fZXhwOiBzZWNvbmRzU2luY2VFcG9jaFRvRGF0ZShzZXNzaW9uRGF0YS5zZXNzaW9uX2luZm8uYXV0aF90b2tlbl9leHApLFxuICAgICAgc2Vzc2lvbl9leHA6IHNlc3Npb25EYXRhLnNlc3Npb25fZXhwXG4gICAgICAgID8gc2Vjb25kc1NpbmNlRXBvY2hUb0RhdGUoc2Vzc2lvbkRhdGEuc2Vzc2lvbl9leHApXG4gICAgICAgIDogdW5kZWZpbmVkLFxuICAgIH07XG4gIH1cblxuICAvKipcbiAgICogQ3JlYXRlcyBhIG5ldyBSRVNUIGNsaWVudCB3aXRoIGEgZ2l2ZW4gdG9rZW5cbiAgICogQHBhcmFtIHtzdHJpbmd9IHRva2VuIFRoZSBhdXRob3JpemF0aW9uIHRva2VuIHRvIHVzZSBmb3IgdGhlIGNsaWVudFxuICAgKiBAcmV0dXJuIHtDbGllbnR9IFRoZSBuZXcgUkVTVCBjbGllbnRcbiAgICovXG4gICNjcmVhdGVDbGllbnQodG9rZW46IHN0cmluZyk6IENsaWVudCB7XG4gICAgcmV0dXJuIGNyZWF0ZUh0dHBDbGllbnQodGhpcy5lbnYuU2lnbmVyQXBpUm9vdCwgdG9rZW4pO1xuICB9XG5cbiAgLyoqXG4gICAqIENoZWNrIGlmIGEgdGltZXN0YW1wIGlzIHdpdGhpbiB7QGxpbmsgYnVmZmVyU2Vjb25kc30gc2Vjb25kcyBmcm9tIGV4cGlyYXRpb24uXG4gICAqIEBwYXJhbSB7RGF0ZX0gZXhwIFRoZSB0aW1lc3RhbXAgdG8gY2hlY2tcbiAgICogQHBhcmFtIHtudW1iZXJ9IGJ1ZmZlclNlY29uZHMgVGltZSBidWZmZXIgaW4gc2Vjb25kcyAoZGVmYXVsdHMgdG8gMHMpXG4gICAqIEByZXR1cm4ge2Jvb2xlYW59IFRydWUgaWYgdGhlIHRpbWVzdGFtcCBoYXMgZXhwaXJlZFxuICAgKi9cbiAgc3RhdGljICNoYXNUaW1lc3RhbXBFeHBpcmVkKGV4cDogRGF0ZSwgYnVmZmVyU2Vjb25kcz86IG51bWJlcik6IGJvb2xlYW4ge1xuICAgIGJ1ZmZlclNlY29uZHMgPz89IDA7XG4gICAgY29uc3QgZXhwTXNTaW5jZUVwb2NoID0gZXhwLmdldFRpbWUoKTtcbiAgICBjb25zdCBub3dNc1NpbmNlRXBvY2ggPSBuZXcgRGF0ZSgpLmdldFRpbWUoKTtcbiAgICBjb25zdCBidWZmZXJNcyA9IGJ1ZmZlclNlY29uZHMgKiAxMDAwO1xuICAgIHJldHVybiBleHBNc1NpbmNlRXBvY2ggPCBub3dNc1NpbmNlRXBvY2ggKyBidWZmZXJNcztcbiAgfVxufVxuXG4vKiogVHlwZSBvZiB0aGUgcmVmcmVzaCB0aW1lciBJRC4gKi9cbmV4cG9ydCB0eXBlIFJlZnJlc2hJZCA9IFJldHVyblR5cGU8dHlwZW9mIHNldEludGVydmFsPjtcbiJdfQ==
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
import { CubeSignerClient } from "./client";
|
|
2
|
+
import { KeyInfo } from "./key";
|
|
3
|
+
import { SignerSessionManager, SignerSessionStorage } from "./session/signer_session_manager";
|
|
4
|
+
/** Signer session info. Can only be used to revoke a token, but not for authentication. */
|
|
5
|
+
export declare class SignerSessionInfo {
|
|
6
|
+
#private;
|
|
7
|
+
readonly purpose: string;
|
|
8
|
+
/** Revoke this session */
|
|
9
|
+
revoke(): Promise<void>;
|
|
10
|
+
/**
|
|
11
|
+
* Internal constructor.
|
|
12
|
+
* @param {CubeSignerClient} cs CubeSigner instance to use when calling `revoke`
|
|
13
|
+
* @param {string} sessionId The ID of the session; can be used for revocation but not for auth
|
|
14
|
+
* @param {string} purpose Session purpose
|
|
15
|
+
* @internal
|
|
16
|
+
*/
|
|
17
|
+
constructor(cs: CubeSignerClient, sessionId: string, purpose: string);
|
|
18
|
+
}
|
|
19
|
+
/**
|
|
20
|
+
* Signer session.
|
|
21
|
+
* Extends {@link CubeSignerClient} and provides a few convenience methods on top.
|
|
22
|
+
*/
|
|
23
|
+
export declare class SignerSession extends CubeSignerClient {
|
|
24
|
+
/**
|
|
25
|
+
* Loads an existing signer session from storage.
|
|
26
|
+
* @param {SignerSessionStorage} storage The session storage to use
|
|
27
|
+
* @return {Promise<SingerSession>} New signer session
|
|
28
|
+
*/
|
|
29
|
+
static loadSignerSession(storage: SignerSessionStorage): Promise<SignerSession>;
|
|
30
|
+
/**
|
|
31
|
+
* Constructor.
|
|
32
|
+
* @param {SignerSessionManager} sessionMgr The session manager to use
|
|
33
|
+
* @internal
|
|
34
|
+
*/
|
|
35
|
+
constructor(sessionMgr: SignerSessionManager);
|
|
36
|
+
/**
|
|
37
|
+
* Returns the list of keys that this token grants access to.
|
|
38
|
+
* @return {KeyInfo[]} The list of keys.
|
|
39
|
+
*/
|
|
40
|
+
keys(): Promise<KeyInfo[]>;
|
|
41
|
+
}
|