@cubist-labs/cubesigner-sdk 0.2.28 → 0.3.8

package/dist/esm/src/key.js

@@ -0,0 +1,256 @@
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var _Key_data;
+/** Secp256k1 key type */
+export var Secp256k1;
+(function (Secp256k1) {
+    Secp256k1["Evm"] = "SecpEthAddr";
+    Secp256k1["Btc"] = "SecpBtc";
+    Secp256k1["BtcTest"] = "SecpBtcTest";
+    Secp256k1["Ava"] = "SecpAvaAddr";
+    Secp256k1["AvaTest"] = "SecpAvaTestAddr";
+})(Secp256k1 || (Secp256k1 = {}));
+/** BLS key type */
+export var Bls;
+(function (Bls) {
+    Bls["Eth2Deposited"] = "BlsPub";
+    Bls["Eth2Inactive"] = "BlsInactive";
+})(Bls || (Bls = {}));
+/** Ed25519 key type */
+export var Ed25519;
+(function (Ed25519) {
+    Ed25519["Solana"] = "Ed25519SolanaAddr";
+    Ed25519["Sui"] = "Ed25519SuiAddr";
+    Ed25519["Aptos"] = "Ed25519AptosAddr";
+    Ed25519["Cardano"] = "Ed25519CardanoAddrVk";
+    Ed25519["Stellar"] = "Ed25519StellarAddr";
+})(Ed25519 || (Ed25519 = {}));
+/** Mnemonic key type */
+export const Mnemonic = "Mnemonic";
+/** Stark key type */
+export const Stark = "Stark";
+/**
+ * Define some additional (backward compatibility) properties
+ * on a `KeyInfoApi` object returned from the remote end.
+ *
+ * @param {KeyInfoApi} key Key information returned from the remote end
+ * @return {KeyInfo} The same `key` object extended with some derived properties.
+ */
+export function toKeyInfo(key) {
+    return {
+        ...key,
+        id: key.key_id,
+        type: key.key_type,
+        publicKey: key.public_key,
+        materialId: key.material_id,
+    };
+}
+/**
+ * A representation of a signing key.
+ */
+export class Key {
+    /** The organization that this key is in */
+    get orgId() {
+        return this.csc.orgId;
+    }
+    /**
+     * The id of the key: "Key#" followed by a unique identifier specific to
+     * the type of key (such as a public key for BLS or an ethereum address for Secp)
+     * @example Key#0x8e3484687e66cdd26cf04c3647633ab4f3570148
+     */
+    get id() {
+        return __classPrivateFieldGet(this, _Key_data, "f").key_id;
+    }
+    /**
+     * A unique identifier specific to the type of key, such as a public key or an ethereum address
+     * @example 0x8e3484687e66cdd26cf04c3647633ab4f3570148
+     */
+    get materialId() {
+        return __classPrivateFieldGet(this, _Key_data, "f").material_id;
+    }
+    /**
+     * @description Hex-encoded, serialized public key. The format used depends on the key type:
+     * - secp256k1 keys use 65-byte uncompressed SECG format
+     * - BLS keys use 48-byte compressed BLS12-381 (ZCash) format
+     * @example 0x04d2688b6bc2ce7f9879b9e745f3c4dc177908c5cef0c1b64cff19ae7ff27dee623c64fe9d9c325c7fbbc748bbd5f607ce14dd83e28ebbbb7d3e7f2ffb70a79431
+     */
+    get publicKey() {
+        return __classPrivateFieldGet(this, _Key_data, "f").public_key;
+    }
+    /**
+     * Get the cached properties of this key. The cached properties reflect the
+     * state of the last fetch or update (e.g., after awaiting `Key.enabled()`
+     * or `Key.disable()`).
+     */
+    get cached() {
+        return __classPrivateFieldGet(this, _Key_data, "f");
+    }
+    /** The type of key. */
+    async type() {
+        const data = await this.fetch();
+        return fromSchemaKeyType(data.key_type);
+    }
+    /** Is the key enabled? */
+    async enabled() {
+        const data = await this.fetch();
+        return data.enabled;
+    }
+    /** Enable the key. */
+    async enable() {
+        await this.update({ enabled: true });
+    }
+    /** Disable the key. */
+    async disable() {
+        await this.update({ enabled: false });
+    }
+    /**
+     * The list roles this key is in.
+     * @param {PageOpts} page Optional pagination options; by default, retrieves all roles this key is in.
+     * @return {Promise<KeyInRoleInfo[]>} Roles this key is in.
+     */
+    async roles(page) {
+        return await this.csc.keyRolesList(this.id, page).fetch();
+    }
+    /**
+     * Set new policy (overwriting any policies previously set for this key)
+     * @param {KeyPolicy} policy The new policy to set
+     */
+    async setPolicy(policy) {
+        await this.update({ policy: policy });
+    }
+    /**
+     * Set key metadata. The metadata must be at most 1024 characters
+     * and must match the following regex: ^[A-Za-z0-9_=+/ \-\.\,]{0,1024}$.
+     *
+     * @param {string} metadata The new metadata to set.
+     */
+    async setMetadata(metadata) {
+        await this.update({ metadata });
+    }
+    /**
+     * Append to existing key policy. This append is not atomic -- it uses {@link policy}
+     * to fetch the current policy and then {@link setPolicy} to set the policy -- and
+     * should not be used in across concurrent sessions.
+     *
+     * @param {KeyPolicy} policy The policy to append to the existing one.
+     */
+    async appendPolicy(policy) {
+        const existing = await this.policy();
+        await this.setPolicy([...existing, ...policy]);
+    }
+    /**
+     * Get the policy for the key.
+     * @return {Promise<KeyPolicy>} The policy for the key.
+     */
+    async policy() {
+        const data = await this.fetch();
+        return (data.policy ?? []);
+    }
+    /**
+     * @description Owner of the key
+     * @example User#c3b9379c-4e8c-4216-bd0a-65ace53cf98f
+     */
+    async owner() {
+        const data = await this.fetch();
+        return data.owner;
+    }
+    /**
+     * Set the owner of the key. Only the key (or org) owner can change the owner of the key.
+     * @param {string} owner The user-id of the new owner of the key.
+     */
+    async setOwner(owner) {
+        await this.update({ owner });
+    }
+    /**
+     * Delete this key.
+     */
+    async delete() {
+        await this.csc.keyDelete(this.id);
+    }
+    // --------------------------------------------------------------------------
+    // -- INTERNAL --------------------------------------------------------------
+    // --------------------------------------------------------------------------
+    /**
+     * Create a new key.
+     *
+     * @param {CubeSignerClient} csc The CubeSigner instance to use for signing.
+     * @param {KeyInfoApi} data The JSON response from the API server.
+     * @internal
+     */
+    constructor(csc, data) {
+        /** The key information */
+        _Key_data.set(this, void 0);
+        this.csc = csc;
+        __classPrivateFieldSet(this, _Key_data, toKeyInfo(data), "f");
+    }
+    /**
+     * Update the key.
+     * @param {UpdateKeyRequest} request The JSON request to send to the API server.
+     * @return {KeyInfo} The JSON response from the API server.
+     * @internal
+     */
+    async update(request) {
+        __classPrivateFieldSet(this, _Key_data, await this.csc.keyUpdate(this.id, request).then(toKeyInfo), "f");
+        return __classPrivateFieldGet(this, _Key_data, "f");
+    }
+    /**
+     * Fetch the key information.
+     *
+     * @return {KeyInfo} The key information.
+     * @internal
+     */
+    async fetch() {
+        __classPrivateFieldSet(this, _Key_data, await this.csc.keyGet(this.id).then(toKeyInfo), "f");
+        return __classPrivateFieldGet(this, _Key_data, "f");
+    }
+}
+_Key_data = new WeakMap();
+/**
+ * Convert a schema key type to a key type.
+ *
+ * @param {SchemaKeyType} ty The schema key type.
+ * @return {KeyType} The key type.
+ * @internal
+ */
+export function fromSchemaKeyType(ty) {
+    switch (ty) {
+        case "SecpEthAddr":
+            return Secp256k1.Evm;
+        case "SecpBtc":
+            return Secp256k1.Btc;
+        case "SecpBtcTest":
+            return Secp256k1.BtcTest;
+        case "SecpAvaAddr":
+            return Secp256k1.Ava;
+        case "SecpAvaTestAddr":
+            return Secp256k1.AvaTest;
+        case "BlsPub":
+            return Bls.Eth2Deposited;
+        case "BlsInactive":
+            return Bls.Eth2Inactive;
+        case "Ed25519SolanaAddr":
+            return Ed25519.Solana;
+        case "Ed25519SuiAddr":
+            return Ed25519.Sui;
+        case "Ed25519AptosAddr":
+            return Ed25519.Aptos;
+        case "Ed25519CardanoAddrVk":
+            return Ed25519.Cardano;
+        case "Ed25519StellarAddr":
+            return Ed25519.Stellar;
+        case "Stark":
+            return Stark;
+        case "Mnemonic":
+            return Mnemonic;
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia2V5LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2tleS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7QUFXQSx5QkFBeUI7QUFDekIsTUFBTSxDQUFOLElBQVksU0FNWDtBQU5ELFdBQVksU0FBUztJQUNuQixnQ0FBbUIsQ0FBQTtJQUNuQiw0QkFBZSxDQUFBO0lBQ2Ysb0NBQXVCLENBQUE7SUFDdkIsZ0NBQW1CLENBQUE7SUFDbkIsd0NBQTJCLENBQUE7QUFDN0IsQ0FBQyxFQU5XLFNBQVMsS0FBVCxTQUFTLFFBTXBCO0FBRUQsbUJBQW1CO0FBQ25CLE1BQU0sQ0FBTixJQUFZLEdBR1g7QUFIRCxXQUFZLEdBQUc7SUFDYiwrQkFBd0IsQ0FBQTtJQUN4QixtQ0FBNEIsQ0FBQTtBQUM5QixDQUFDLEVBSFcsR0FBRyxLQUFILEdBQUcsUUFHZDtBQUVELHVCQUF1QjtBQUN2QixNQUFNLENBQU4sSUFBWSxPQU1YO0FBTkQsV0FBWSxPQUFPO0lBQ2pCLHVDQUE0QixDQUFBO0lBQzVCLGlDQUFzQixDQUFBO0lBQ3RCLHFDQUEwQixDQUFBO0lBQzFCLDJDQUFnQyxDQUFBO0lBQ2hDLHlDQUE4QixDQUFBO0FBQ2hDLENBQUMsRUFOVyxPQUFPLEtBQVAsT0FBTyxRQU1sQjtBQUVELHdCQUF3QjtBQUN4QixNQUFNLENBQUMsTUFBTSxRQUFRLEdBQUcsVUFBbUIsQ0FBQztBQUc1QyxxQkFBcUI7QUFDckIsTUFBTSxDQUFDLE1BQU0sS0FBSyxHQUFHLE9BQWdCLENBQUM7QUFrQnRDOzs7Ozs7R0FNRztBQUNILE1BQU0sVUFBVSxTQUFTLENBQUMsR0FBZTtJQUN2QyxPQUFPO1FBQ0wsR0FBRyxHQUFHO1FBQ04sRUFBRSxFQUFFLEdBQUcsQ0FBQyxNQUFNO1FBQ2QsSUFBSSxFQUFFLEdBQUcsQ0FBQyxRQUFRO1FBQ2xCLFNBQVMsRUFBRSxHQUFHLENBQUMsVUFBVTtRQUN6QixVQUFVLEVBQUUsR0FBRyxDQUFDLFdBQVc7S0FDNUIsQ0FBQztBQUNKLENBQUM7QUFFRDs7R0FFRztBQUNILE1BQU0sT0FBTyxHQUFHO0lBTWQsMkNBQTJDO0lBQzNDLElBQUksS0FBSztRQUNQLE9BQU8sSUFBSSxDQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUM7SUFDeEIsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxJQUFJLEVBQUU7UUFDSixPQUFPLHVCQUFBLElBQUksaUJBQU0sQ0FBQyxNQUFNLENBQUM7SUFDM0IsQ0FBQztJQUVEOzs7T0FHRztJQUNILElBQUksVUFBVTtRQUNaLE9BQU8sdUJBQUEsSUFBSSxpQkFBTSxDQUFDLFdBQVcsQ0FBQztJQUNoQyxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSCxJQUFJLFNBQVM7UUFDWCxPQUFPLHVCQUFBLElBQUksaUJBQU0sQ0FBQyxVQUFVLENBQUM7SUFDL0IsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxJQUFJLE1BQU07UUFDUixPQUFPLHVCQUFBLElBQUksaUJBQU0sQ0FBQztJQUNwQixDQUFDO0lBRUQsdUJBQXVCO0lBQ3ZCLEtBQUssQ0FBQyxJQUFJO1FBQ1IsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsS0FBSyxFQUFFLENBQUM7UUFDaEMsT0FBTyxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUVELDBCQUEwQjtJQUMxQixLQUFLLENBQUMsT0FBTztRQUNYLE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLEtBQUssRUFBRSxDQUFDO1FBQ2hDLE9BQU8sSUFBSSxDQUFDLE9BQU8sQ0FBQztJQUN0QixDQUFDO0lBRUQsc0JBQXNCO0lBQ3RCLEtBQUssQ0FBQyxNQUFNO1FBQ1YsTUFBTSxJQUFJLENBQUMsTUFBTSxDQUFDLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7SUFDdkMsQ0FBQztJQUVELHVCQUF1QjtJQUN2QixLQUFLLENBQUMsT0FBTztRQUNYLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7OztPQUlHO0lBQ0gsS0FBSyxDQUFDLEtBQUssQ0FBQyxJQUFlO1FBQ3pCLE9BQU8sTUFBTSxJQUFJLENBQUMsR0FBRyxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsRUFBRSxFQUFFLElBQUksQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFDO0lBQzVELENBQUM7SUFFRDs7O09BR0c7SUFDSCxLQUFLLENBQUMsU0FBUyxDQUFDLE1BQWlCO1FBQy9CLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLE1BQU0sRUFBRSxNQUE0QyxFQUFFLENBQUMsQ0FBQztJQUM5RSxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSCxLQUFLLENBQUMsV0FBVyxDQUFDLFFBQWdCO1FBQ2hDLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLFFBQVEsRUFBRSxDQUFDLENBQUM7SUFDbEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNILEtBQUssQ0FBQyxZQUFZLENBQUMsTUFBaUI7UUFDbEMsTUFBTSxRQUFRLEdBQUcsTUFBTSxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUM7UUFDckMsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUMsR0FBRyxRQUFRLEVBQUUsR0FBRyxNQUFNLENBQUMsQ0FBQyxDQUFDO0lBQ2pELENBQUM7SUFFRDs7O09BR0c7SUFDSCxLQUFLLENBQUMsTUFBTTtRQUNWLE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLEtBQUssRUFBRSxDQUFDO1FBQ2hDLE9BQU8sQ0FBQyxJQUFJLENBQUMsTUFBTSxJQUFJLEVBQUUsQ0FBeUIsQ0FBQztJQUNyRCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0gsS0FBSyxDQUFDLEtBQUs7UUFDVCxNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxLQUFLLEVBQUUsQ0FBQztRQUNoQyxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUM7SUFDcEIsQ0FBQztJQUVEOzs7T0FHRztJQUNILEtBQUssQ0FBQyxRQUFRLENBQUMsS0FBYTtRQUMxQixNQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsRUFBRSxLQUFLLEVBQUUsQ0FBQyxDQUFDO0lBQy9CLENBQUM7SUFFRDs7T0FFRztJQUNILEtBQUssQ0FBQyxNQUFNO1FBQ1YsTUFBTSxJQUFJLENBQUMsR0FBRyxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDcEMsQ0FBQztJQUVELDZFQUE2RTtJQUM3RSw2RUFBNkU7SUFDN0UsNkVBQTZFO0lBRTdFOzs7Ozs7T0FNRztJQUNILFlBQVksR0FBcUIsRUFBRSxJQUFnQjtRQXJKbkQsMEJBQTBCO1FBQzFCLDRCQUFlO1FBcUpiLElBQUksQ0FBQyxHQUFHLEdBQUcsR0FBRyxDQUFDO1FBQ2YsdUJBQUEsSUFBSSxhQUFTLFNBQVMsQ0FBQyxJQUFJLENBQUMsTUFBQSxDQUFDO0lBQy9CLENBQUM7SUFFRDs7Ozs7T0FLRztJQUNLLEtBQUssQ0FBQyxNQUFNLENBQUMsT0FBeUI7UUFDNUMsdUJBQUEsSUFBSSxhQUFTLE1BQU0sSUFBSSxDQUFDLEdBQUcsQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLEVBQUUsRUFBRSxPQUFPLENBQUMsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLE1BQUEsQ0FBQztRQUN4RSxPQUFPLHVCQUFBLElBQUksaUJBQU0sQ0FBQztJQUNwQixDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSyxLQUFLLENBQUMsS0FBSztRQUNqQix1QkFBQSxJQUFJLGFBQVMsTUFBTSxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxNQUFBLENBQUM7UUFDNUQsT0FBTyx1QkFBQSxJQUFJLGlCQUFNLENBQUM7SUFDcEIsQ0FBQztDQUNGOztBQUVEOzs7Ozs7R0FNRztBQUNILE1BQU0sVUFBVSxpQkFBaUIsQ0FBQyxFQUFpQjtJQUNqRCxRQUFRLEVBQUUsRUFBRSxDQUFDO1FBQ1gsS0FBSyxhQUFhO1lBQ2hCLE9BQU8sU0FBUyxDQUFDLEdBQUcsQ0FBQztRQUN2QixLQUFLLFNBQVM7WUFDWixPQUFPLFNBQVMsQ0FBQyxHQUFHLENBQUM7UUFDdkIsS0FBSyxhQUFhO1lBQ2hCLE9BQU8sU0FBUyxDQUFDLE9BQU8sQ0FBQztRQUMzQixLQUFLLGFBQWE7WUFDaEIsT0FBTyxTQUFTLENBQUMsR0FBRyxDQUFDO1FBQ3ZCLEtBQUssaUJBQWlCO1lBQ3BCLE9BQU8sU0FBUyxDQUFDLE9BQU8sQ0FBQztRQUMzQixLQUFLLFFBQVE7WUFDWCxPQUFPLEdBQUcsQ0FBQyxhQUFhLENBQUM7UUFDM0IsS0FBSyxhQUFhO1lBQ2hCLE9BQU8sR0FBRyxDQUFDLFlBQVksQ0FBQztRQUMxQixLQUFLLG1CQUFtQjtZQUN0QixPQUFPLE9BQU8sQ0FBQyxNQUFNLENBQUM7UUFDeEIsS0FBSyxnQkFBZ0I7WUFDbkIsT0FBTyxPQUFPLENBQUMsR0FBRyxDQUFDO1FBQ3JCLEtBQUssa0JBQWtCO1lBQ3JCLE9BQU8sT0FBTyxDQUFDLEtBQUssQ0FBQztRQUN2QixLQUFLLHNCQUFzQjtZQUN6QixPQUFPLE9BQU8sQ0FBQyxPQUFPLENBQUM7UUFDekIsS0FBSyxvQkFBb0I7WUFDdkIsT0FBTyxPQUFPLENBQUMsT0FBTyxDQUFDO1FBQ3pCLEtBQUssT0FBTztZQUNWLE9BQU8sS0FBSyxDQUFDO1FBQ2YsS0FBSyxVQUFVO1lBQ2IsT0FBTyxRQUFRLENBQUM7SUFDcEIsQ0FBQztBQUNILENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBLZXlQb2xpY3kgfSBmcm9tIFwiLi9yb2xlXCI7XG5pbXBvcnQgeyBQYWdlT3B0cyB9IGZyb20gXCIuL3BhZ2luYXRvclwiO1xuaW1wb3J0IHtcbiAgS2V5SW5mb0FwaSxcbiAgS2V5VHlwZUFwaSxcbiAgVXBkYXRlS2V5UmVxdWVzdCxcbiAgU2NoZW1hS2V5VHlwZSxcbiAgS2V5SW5Sb2xlSW5mbyxcbn0gZnJvbSBcIi4vc2NoZW1hX3R5cGVzXCI7XG5pbXBvcnQgeyBDdWJlU2lnbmVyQ2xpZW50IH0gZnJvbSBcIi4vY2xpZW50XCI7XG5cbi8qKiBTZWNwMjU2azEga2V5IHR5cGUgKi9cbmV4cG9ydCBlbnVtIFNlY3AyNTZrMSB7XG4gIEV2bSA9IFwiU2VjcEV0aEFkZHJcIiwgLy8gZXNsaW50LWRpc2FibGUtbGluZSBuby11bnVzZWQtdmFyc1xuICBCdGMgPSBcIlNlY3BCdGNcIiwgLy8gZXNsaW50LWRpc2FibGUtbGluZSBuby11bnVzZWQtdmFyc1xuICBCdGNUZXN0ID0gXCJTZWNwQnRjVGVzdFwiLCAvLyBlc2xpbnQtZGlzYWJsZS1saW5lIG5vLXVudXNlZC12YXJzXG4gIEF2YSA9IFwiU2VjcEF2YUFkZHJcIiwgLy8gZXNsaW50LWRpc2FibGUtbGluZSBuby11bnVzZWQtdmFyc1xuICBBdmFUZXN0ID0gXCJTZWNwQXZhVGVzdEFkZHJcIiwgLy8gZXNsaW50LWRpc2FibGUtbGluZSBuby11bnVzZWQtdmFyc1xufVxuXG4vKiogQkxTIGtleSB0eXBlICovXG5leHBvcnQgZW51bSBCbHMge1xuICBFdGgyRGVwb3NpdGVkID0gXCJCbHNQdWJcIiwgLy8gZXNsaW50LWRpc2FibGUtbGluZSBuby11bnVzZWQtdmFyc1xuICBFdGgySW5hY3RpdmUgPSBcIkJsc0luYWN0aXZlXCIsIC8vIGVzbGludC1kaXNhYmxlLWxpbmUgbm8tdW51c2VkLXZhcnNcbn1cblxuLyoqIEVkMjU1MTkga2V5IHR5cGUgKi9cbmV4cG9ydCBlbnVtIEVkMjU1MTkge1xuICBTb2xhbmEgPSBcIkVkMjU1MTlTb2xhbmFBZGRyXCIsIC8vIGVzbGludC1kaXNhYmxlLWxpbmUgbm8tdW51c2VkLXZhcnNcbiAgU3VpID0gXCJFZDI1NTE5U3VpQWRkclwiLCAvLyBlc2xpbnQtZGlzYWJsZS1saW5lIG5vLXVudXNlZC12YXJzXG4gIEFwdG9zID0gXCJFZDI1NTE5QXB0b3NBZGRyXCIsIC8vIGVzbGludC1kaXNhYmxlLWxpbmUgbm8tdW51c2VkLXZhcnNcbiAgQ2FyZGFubyA9IFwiRWQyNTUxOUNhcmRhbm9BZGRyVmtcIiwgLy8gZXNsaW50LWRpc2FibGUtbGluZSBuby11bnVzZWQtdmFyc1xuICBTdGVsbGFyID0gXCJFZDI1NTE5U3RlbGxhckFkZHJcIiwgLy8gZXNsaW50LWRpc2FibGUtbGluZSBuby11bnVzZWQtdmFyc1xufVxuXG4vKiogTW5lbW9uaWMga2V5IHR5cGUgKi9cbmV4cG9ydCBjb25zdCBNbmVtb25pYyA9IFwiTW5lbW9uaWNcIiBhcyBjb25zdDtcbmV4cG9ydCB0eXBlIE1uZW1vbmljID0gdHlwZW9mIE1uZW1vbmljO1xuXG4vKiogU3Rhcmsga2V5IHR5cGUgKi9cbmV4cG9ydCBjb25zdCBTdGFyayA9IFwiU3RhcmtcIiBhcyBjb25zdDtcbmV4cG9ydCB0eXBlIFN0YXJrID0gdHlwZW9mIFN0YXJrO1xuXG4vKiogS2V5IHR5cGUgKi9cbmV4cG9ydCB0eXBlIEtleVR5cGUgPSBTZWNwMjU2azEgfCBCbHMgfCBFZDI1NTE5IHwgTW5lbW9uaWMgfCBTdGFyaztcblxuLyoqIEFkZGl0aW9uYWwgcHJvcGVydGllcyAoZm9yIGJhY2t3YXJkIGNvbXBhdGliaWxpdHkpICovXG5leHBvcnQgaW50ZXJmYWNlIEtleUluZm8gZXh0ZW5kcyBLZXlJbmZvQXBpIHtcbiAgLyoqIEFsaWFzIGZvciBrZXlfaWQgKi9cbiAgaWQ6IHN0cmluZztcbiAgLyoqIEFsaWFzIGZvciBrZXlfdHlwZSAqL1xuICB0eXBlOiBLZXlUeXBlQXBpO1xuICAvKiogQWxpYXMgZm9yIG1hdGVyaWFsX2lkICovXG4gIG1hdGVyaWFsSWQ6IHN0cmluZztcbiAgLyoqIEFsaWFzIGZvciBwdWJsaWNfa2V5ICovXG4gIHB1YmxpY0tleTogc3RyaW5nO1xufVxuXG4vKipcbiAqIERlZmluZSBzb21lIGFkZGl0aW9uYWwgKGJhY2t3YXJkIGNvbXBhdGliaWxpdHkpIHByb3BlcnRpZXNcbiAqIG9uIGEgYEtleUluZm9BcGlgIG9iamVjdCByZXR1cm5lZCBmcm9tIHRoZSByZW1vdGUgZW5kLlxuICpcbiAqIEBwYXJhbSB7S2V5SW5mb0FwaX0ga2V5IEtleSBpbmZvcm1hdGlvbiByZXR1cm5lZCBmcm9tIHRoZSByZW1vdGUgZW5kXG4gKiBAcmV0dXJuIHtLZXlJbmZvfSBUaGUgc2FtZSBga2V5YCBvYmplY3QgZXh0ZW5kZWQgd2l0aCBzb21lIGRlcml2ZWQgcHJvcGVydGllcy5cbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIHRvS2V5SW5mbyhrZXk6IEtleUluZm9BcGkpOiBLZXlJbmZvIHtcbiAgcmV0dXJuIHtcbiAgICAuLi5rZXksXG4gICAgaWQ6IGtleS5rZXlfaWQsXG4gICAgdHlwZToga2V5LmtleV90eXBlLFxuICAgIHB1YmxpY0tleToga2V5LnB1YmxpY19rZXksXG4gICAgbWF0ZXJpYWxJZDoga2V5Lm1hdGVyaWFsX2lkLFxuICB9O1xufVxuXG4vKipcbiAqIEEgcmVwcmVzZW50YXRpb24gb2YgYSBzaWduaW5nIGtleS5cbiAqL1xuZXhwb3J0IGNsYXNzIEtleSB7XG4gIC8qKiBUaGUgQ3ViZVNpZ25lciBpbnN0YW5jZSB0aGF0IHRoaXMga2V5IGlzIGFzc29jaWF0ZWQgd2l0aCAqL1xuICBwcm90ZWN0ZWQgcmVhZG9ubHkgY3NjOiBDdWJlU2lnbmVyQ2xpZW50O1xuICAvKiogVGhlIGtleSBpbmZvcm1hdGlvbiAqL1xuICAjZGF0YTogS2V5SW5mbztcblxuICAvKiogVGhlIG9yZ2FuaXphdGlvbiB0aGF0IHRoaXMga2V5IGlzIGluICovXG4gIGdldCBvcmdJZCgpIHtcbiAgICByZXR1cm4gdGhpcy5jc2Mub3JnSWQ7XG4gIH1cblxuICAvKipcbiAgICogVGhlIGlkIG9mIHRoZSBrZXk6IFwiS2V5I1wiIGZvbGxvd2VkIGJ5IGEgdW5pcXVlIGlkZW50aWZpZXIgc3BlY2lmaWMgdG9cbiAgICogdGhlIHR5cGUgb2Yga2V5IChzdWNoIGFzIGEgcHVibGljIGtleSBmb3IgQkxTIG9yIGFuIGV0aGVyZXVtIGFkZHJlc3MgZm9yIFNlY3ApXG4gICAqIEBleGFtcGxlIEtleSMweDhlMzQ4NDY4N2U2NmNkZDI2Y2YwNGMzNjQ3NjMzYWI0ZjM1NzAxNDhcbiAgICovXG4gIGdldCBpZCgpOiBzdHJpbmcge1xuICAgIHJldHVybiB0aGlzLiNkYXRhLmtleV9pZDtcbiAgfVxuXG4gIC8qKlxuICAgKiBBIHVuaXF1ZSBpZGVudGlmaWVyIHNwZWNpZmljIHRvIHRoZSB0eXBlIG9mIGtleSwgc3VjaCBhcyBhIHB1YmxpYyBrZXkgb3IgYW4gZXRoZXJldW0gYWRkcmVzc1xuICAgKiBAZXhhbXBsZSAweDhlMzQ4NDY4N2U2NmNkZDI2Y2YwNGMzNjQ3NjMzYWI0ZjM1NzAxNDhcbiAgICovXG4gIGdldCBtYXRlcmlhbElkKCk6IHN0cmluZyB7XG4gICAgcmV0dXJuIHRoaXMuI2RhdGEubWF0ZXJpYWxfaWQ7XG4gIH1cblxuICAvKipcbiAgICogQGRlc2NyaXB0aW9uIEhleC1lbmNvZGVkLCBzZXJpYWxpemVkIHB1YmxpYyBrZXkuIFRoZSBmb3JtYXQgdXNlZCBkZXBlbmRzIG9uIHRoZSBrZXkgdHlwZTpcbiAgICogLSBzZWNwMjU2azEga2V5cyB1c2UgNjUtYnl0ZSB1bmNvbXByZXNzZWQgU0VDRyBmb3JtYXRcbiAgICogLSBCTFMga2V5cyB1c2UgNDgtYnl0ZSBjb21wcmVzc2VkIEJMUzEyLTM4MSAoWkNhc2gpIGZvcm1hdFxuICAgKiBAZXhhbXBsZSAweDA0ZDI2ODhiNmJjMmNlN2Y5ODc5YjllNzQ1ZjNjNGRjMTc3OTA4YzVjZWYwYzFiNjRjZmYxOWFlN2ZmMjdkZWU2MjNjNjRmZTlkOWMzMjVjN2ZiYmM3NDhiYmQ1ZjYwN2NlMTRkZDgzZTI4ZWJiYmI3ZDNlN2YyZmZiNzBhNzk0MzFcbiAgICovXG4gIGdldCBwdWJsaWNLZXkoKTogc3RyaW5nIHtcbiAgICByZXR1cm4gdGhpcy4jZGF0YS5wdWJsaWNfa2V5O1xuICB9XG5cbiAgLyoqXG4gICAqIEdldCB0aGUgY2FjaGVkIHByb3BlcnRpZXMgb2YgdGhpcyBrZXkuIFRoZSBjYWNoZWQgcHJvcGVydGllcyByZWZsZWN0IHRoZVxuICAgKiBzdGF0ZSBvZiB0aGUgbGFzdCBmZXRjaCBvciB1cGRhdGUgKGUuZy4sIGFmdGVyIGF3YWl0aW5nIGBLZXkuZW5hYmxlZCgpYFxuICAgKiBvciBgS2V5LmRpc2FibGUoKWApLlxuICAgKi9cbiAgZ2V0IGNhY2hlZCgpOiBLZXlJbmZvIHtcbiAgICByZXR1cm4gdGhpcy4jZGF0YTtcbiAgfVxuXG4gIC8qKiBUaGUgdHlwZSBvZiBrZXkuICovXG4gIGFzeW5jIHR5cGUoKTogUHJvbWlzZTxLZXlUeXBlPiB7XG4gICAgY29uc3QgZGF0YSA9IGF3YWl0IHRoaXMuZmV0Y2goKTtcbiAgICByZXR1cm4gZnJvbVNjaGVtYUtleVR5cGUoZGF0YS5rZXlfdHlwZSk7XG4gIH1cblxuICAvKiogSXMgdGhlIGtleSBlbmFibGVkPyAqL1xuICBhc3luYyBlbmFibGVkKCk6IFByb21pc2U8Ym9vbGVhbj4ge1xuICAgIGNvbnN0IGRhdGEgPSBhd2FpdCB0aGlzLmZldGNoKCk7XG4gICAgcmV0dXJuIGRhdGEuZW5hYmxlZDtcbiAgfVxuXG4gIC8qKiBFbmFibGUgdGhlIGtleS4gKi9cbiAgYXN5bmMgZW5hYmxlKCkge1xuICAgIGF3YWl0IHRoaXMudXBkYXRlKHsgZW5hYmxlZDogdHJ1ZSB9KTtcbiAgfVxuXG4gIC8qKiBEaXNhYmxlIHRoZSBrZXkuICovXG4gIGFzeW5jIGRpc2FibGUoKSB7XG4gICAgYXdhaXQgdGhpcy51cGRhdGUoeyBlbmFibGVkOiBmYWxzZSB9KTtcbiAgfVxuXG4gIC8qKlxuICAgKiBUaGUgbGlzdCByb2xlcyB0aGlzIGtleSBpcyBpbi5cbiAgICogQHBhcmFtIHtQYWdlT3B0c30gcGFnZSBPcHRpb25hbCBwYWdpbmF0aW9uIG9wdGlvbnM7IGJ5IGRlZmF1bHQsIHJldHJpZXZlcyBhbGwgcm9sZXMgdGhpcyBrZXkgaXMgaW4uXG4gICAqIEByZXR1cm4ge1Byb21pc2U8S2V5SW5Sb2xlSW5mb1tdPn0gUm9sZXMgdGhpcyBrZXkgaXMgaW4uXG4gICAqL1xuICBhc3luYyByb2xlcyhwYWdlPzogUGFnZU9wdHMpOiBQcm9taXNlPEtleUluUm9sZUluZm9bXT4ge1xuICAgIHJldHVybiBhd2FpdCB0aGlzLmNzYy5rZXlSb2xlc0xpc3QodGhpcy5pZCwgcGFnZSkuZmV0Y2goKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBTZXQgbmV3IHBvbGljeSAob3ZlcndyaXRpbmcgYW55IHBvbGljaWVzIHByZXZpb3VzbHkgc2V0IGZvciB0aGlzIGtleSlcbiAgICogQHBhcmFtIHtLZXlQb2xpY3l9IHBvbGljeSBUaGUgbmV3IHBvbGljeSB0byBzZXRcbiAgICovXG4gIGFzeW5jIHNldFBvbGljeShwb2xpY3k6IEtleVBvbGljeSkge1xuICAgIGF3YWl0IHRoaXMudXBkYXRlKHsgcG9saWN5OiBwb2xpY3kgYXMgdW5rbm93biBhcyBSZWNvcmQ8c3RyaW5nLCBuZXZlcj5bXSB9KTtcbiAgfVxuXG4gIC8qKlxuICAgKiBTZXQga2V5IG1ldGFkYXRhLiBUaGUgbWV0YWRhdGEgbXVzdCBiZSBhdCBtb3N0IDEwMjQgY2hhcmFjdGVyc1xuICAgKiBhbmQgbXVzdCBtYXRjaCB0aGUgZm9sbG93aW5nIHJlZ2V4OiBeW0EtWmEtejAtOV89Ky8gXFwtXFwuXFwsXXswLDEwMjR9JC5cbiAgICpcbiAgICogQHBhcmFtIHtzdHJpbmd9IG1ldGFkYXRhIFRoZSBuZXcgbWV0YWRhdGEgdG8gc2V0LlxuICAgKi9cbiAgYXN5bmMgc2V0TWV0YWRhdGEobWV0YWRhdGE6IHN0cmluZykge1xuICAgIGF3YWl0IHRoaXMudXBkYXRlKHsgbWV0YWRhdGEgfSk7XG4gIH1cblxuICAvKipcbiAgICogQXBwZW5kIHRvIGV4aXN0aW5nIGtleSBwb2xpY3kuIFRoaXMgYXBwZW5kIGlzIG5vdCBhdG9taWMgLS0gaXQgdXNlcyB7QGxpbmsgcG9saWN5fVxuICAgKiB0byBmZXRjaCB0aGUgY3VycmVudCBwb2xpY3kgYW5kIHRoZW4ge0BsaW5rIHNldFBvbGljeX0gdG8gc2V0IHRoZSBwb2xpY3kgLS0gYW5kXG4gICAqIHNob3VsZCBub3QgYmUgdXNlZCBpbiBhY3Jvc3MgY29uY3VycmVudCBzZXNzaW9ucy5cbiAgICpcbiAgICogQHBhcmFtIHtLZXlQb2xpY3l9IHBvbGljeSBUaGUgcG9saWN5IHRvIGFwcGVuZCB0byB0aGUgZXhpc3Rpbmcgb25lLlxuICAgKi9cbiAgYXN5bmMgYXBwZW5kUG9saWN5KHBvbGljeTogS2V5UG9saWN5KSB7XG4gICAgY29uc3QgZXhpc3RpbmcgPSBhd2FpdCB0aGlzLnBvbGljeSgpO1xuICAgIGF3YWl0IHRoaXMuc2V0UG9saWN5KFsuLi5leGlzdGluZywgLi4ucG9saWN5XSk7XG4gIH1cblxuICAvKipcbiAgICogR2V0IHRoZSBwb2xpY3kgZm9yIHRoZSBrZXkuXG4gICAqIEByZXR1cm4ge1Byb21pc2U8S2V5UG9saWN5Pn0gVGhlIHBvbGljeSBmb3IgdGhlIGtleS5cbiAgICovXG4gIGFzeW5jIHBvbGljeSgpOiBQcm9taXNlPEtleVBvbGljeT4ge1xuICAgIGNvbnN0IGRhdGEgPSBhd2FpdCB0aGlzLmZldGNoKCk7XG4gICAgcmV0dXJuIChkYXRhLnBvbGljeSA/PyBbXSkgYXMgdW5rbm93biBhcyBLZXlQb2xpY3k7XG4gIH1cblxuICAvKipcbiAgICogQGRlc2NyaXB0aW9uIE93bmVyIG9mIHRoZSBrZXlcbiAgICogQGV4YW1wbGUgVXNlciNjM2I5Mzc5Yy00ZThjLTQyMTYtYmQwYS02NWFjZTUzY2Y5OGZcbiAgICovXG4gIGFzeW5jIG93bmVyKCk6IFByb21pc2U8c3RyaW5nPiB7XG4gICAgY29uc3QgZGF0YSA9IGF3YWl0IHRoaXMuZmV0Y2goKTtcbiAgICByZXR1cm4gZGF0YS5vd25lcjtcbiAgfVxuXG4gIC8qKlxuICAgKiBTZXQgdGhlIG93bmVyIG9mIHRoZSBrZXkuIE9ubHkgdGhlIGtleSAob3Igb3JnKSBvd25lciBjYW4gY2hhbmdlIHRoZSBvd25lciBvZiB0aGUga2V5LlxuICAgKiBAcGFyYW0ge3N0cmluZ30gb3duZXIgVGhlIHVzZXItaWQgb2YgdGhlIG5ldyBvd25lciBvZiB0aGUga2V5LlxuICAgKi9cbiAgYXN5bmMgc2V0T3duZXIob3duZXI6IHN0cmluZykge1xuICAgIGF3YWl0IHRoaXMudXBkYXRlKHsgb3duZXIgfSk7XG4gIH1cblxuICAvKipcbiAgICogRGVsZXRlIHRoaXMga2V5LlxuICAgKi9cbiAgYXN5bmMgZGVsZXRlKCkge1xuICAgIGF3YWl0IHRoaXMuY3NjLmtleURlbGV0ZSh0aGlzLmlkKTtcbiAgfVxuXG4gIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXG4gIC8vIC0tIElOVEVSTkFMIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXG4gIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXG5cbiAgLyoqXG4gICAqIENyZWF0ZSBhIG5ldyBrZXkuXG4gICAqXG4gICAqIEBwYXJhbSB7Q3ViZVNpZ25lckNsaWVudH0gY3NjIFRoZSBDdWJlU2lnbmVyIGluc3RhbmNlIHRvIHVzZSBmb3Igc2lnbmluZy5cbiAgICogQHBhcmFtIHtLZXlJbmZvQXBpfSBkYXRhIFRoZSBKU09OIHJlc3BvbnNlIGZyb20gdGhlIEFQSSBzZXJ2ZXIuXG4gICAqIEBpbnRlcm5hbFxuICAgKi9cbiAgY29uc3RydWN0b3IoY3NjOiBDdWJlU2lnbmVyQ2xpZW50LCBkYXRhOiBLZXlJbmZvQXBpKSB7XG4gICAgdGhpcy5jc2MgPSBjc2M7XG4gICAgdGhpcy4jZGF0YSA9IHRvS2V5SW5mbyhkYXRhKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBVcGRhdGUgdGhlIGtleS5cbiAgICogQHBhcmFtIHtVcGRhdGVLZXlSZXF1ZXN0fSByZXF1ZXN0IFRoZSBKU09OIHJlcXVlc3QgdG8gc2VuZCB0byB0aGUgQVBJIHNlcnZlci5cbiAgICogQHJldHVybiB7S2V5SW5mb30gVGhlIEpTT04gcmVzcG9uc2UgZnJvbSB0aGUgQVBJIHNlcnZlci5cbiAgICogQGludGVybmFsXG4gICAqL1xuICBwcml2YXRlIGFzeW5jIHVwZGF0ZShyZXF1ZXN0OiBVcGRhdGVLZXlSZXF1ZXN0KTogUHJvbWlzZTxLZXlJbmZvPiB7XG4gICAgdGhpcy4jZGF0YSA9IGF3YWl0IHRoaXMuY3NjLmtleVVwZGF0ZSh0aGlzLmlkLCByZXF1ZXN0KS50aGVuKHRvS2V5SW5mbyk7XG4gICAgcmV0dXJuIHRoaXMuI2RhdGE7XG4gIH1cblxuICAvKipcbiAgICogRmV0Y2ggdGhlIGtleSBpbmZvcm1hdGlvbi5cbiAgICpcbiAgICogQHJldHVybiB7S2V5SW5mb30gVGhlIGtleSBpbmZvcm1hdGlvbi5cbiAgICogQGludGVybmFsXG4gICAqL1xuICBwcml2YXRlIGFzeW5jIGZldGNoKCk6IFByb21pc2U8S2V5SW5mbz4ge1xuICAgIHRoaXMuI2RhdGEgPSBhd2FpdCB0aGlzLmNzYy5rZXlHZXQodGhpcy5pZCkudGhlbih0b0tleUluZm8pO1xuICAgIHJldHVybiB0aGlzLiNkYXRhO1xuICB9XG59XG5cbi8qKlxuICogQ29udmVydCBhIHNjaGVtYSBrZXkgdHlwZSB0byBhIGtleSB0eXBlLlxuICpcbiAqIEBwYXJhbSB7U2NoZW1hS2V5VHlwZX0gdHkgVGhlIHNjaGVtYSBrZXkgdHlwZS5cbiAqIEByZXR1cm4ge0tleVR5cGV9IFRoZSBrZXkgdHlwZS5cbiAqIEBpbnRlcm5hbFxuICovXG5leHBvcnQgZnVuY3Rpb24gZnJvbVNjaGVtYUtleVR5cGUodHk6IFNjaGVtYUtleVR5cGUpOiBLZXlUeXBlIHtcbiAgc3dpdGNoICh0eSkge1xuICAgIGNhc2UgXCJTZWNwRXRoQWRkclwiOlxuICAgICAgcmV0dXJuIFNlY3AyNTZrMS5Fdm07XG4gICAgY2FzZSBcIlNlY3BCdGNcIjpcbiAgICAgIHJldHVybiBTZWNwMjU2azEuQnRjO1xuICAgIGNhc2UgXCJTZWNwQnRjVGVzdFwiOlxuICAgICAgcmV0dXJuIFNlY3AyNTZrMS5CdGNUZXN0O1xuICAgIGNhc2UgXCJTZWNwQXZhQWRkclwiOlxuICAgICAgcmV0dXJuIFNlY3AyNTZrMS5BdmE7XG4gICAgY2FzZSBcIlNlY3BBdmFUZXN0QWRkclwiOlxuICAgICAgcmV0dXJuIFNlY3AyNTZrMS5BdmFUZXN0O1xuICAgIGNhc2UgXCJCbHNQdWJcIjpcbiAgICAgIHJldHVybiBCbHMuRXRoMkRlcG9zaXRlZDtcbiAgICBjYXNlIFwiQmxzSW5hY3RpdmVcIjpcbiAgICAgIHJldHVybiBCbHMuRXRoMkluYWN0aXZlO1xuICAgIGNhc2UgXCJFZDI1NTE5U29sYW5hQWRkclwiOlxuICAgICAgcmV0dXJuIEVkMjU1MTkuU29sYW5hO1xuICAgIGNhc2UgXCJFZDI1NTE5U3VpQWRkclwiOlxuICAgICAgcmV0dXJuIEVkMjU1MTkuU3VpO1xuICAgIGNhc2UgXCJFZDI1NTE5QXB0b3NBZGRyXCI6XG4gICAgICByZXR1cm4gRWQyNTUxOS5BcHRvcztcbiAgICBjYXNlIFwiRWQyNTUxOUNhcmRhbm9BZGRyVmtcIjpcbiAgICAgIHJldHVybiBFZDI1NTE5LkNhcmRhbm87XG4gICAgY2FzZSBcIkVkMjU1MTlTdGVsbGFyQWRkclwiOlxuICAgICAgcmV0dXJuIEVkMjU1MTkuU3RlbGxhcjtcbiAgICBjYXNlIFwiU3RhcmtcIjpcbiAgICAgIHJldHVybiBTdGFyaztcbiAgICBjYXNlIFwiTW5lbW9uaWNcIjpcbiAgICAgIHJldHVybiBNbmVtb25pYztcbiAgfVxufVxuIl19

package/dist/esm/src/mfa.d.ts

@@ -0,0 +1,97 @@
+import { ApiAddFidoChallenge, ApiMfaFidoChallenge, MfaRequestInfo, MfaVote, TotpInfo } from "./schema_types";
+import { CubeSignerApi } from "./api";
+/** MFA receipt */
+export interface MfaReceipt {
+    /** MFA request ID */
+    mfaId: string;
+    /** Corresponding org ID */
+    mfaOrgId: string;
+    /** MFA confirmation code */
+    mfaConf: string;
+}
+/** TOTP challenge that must be answered before user's TOTP is updated */
+export declare class TotpChallenge {
+    #private;
+    /** The id of the challenge */
+    get totpId(): string;
+    /** The new TOTP configuration */
+    get totpUrl(): string;
+    /**
+     * @param {CubeSignerApi} api Used when answering the challenge.
+     * @param {TotpInfo} totpInfo TOTP challenge information.
+     */
+    constructor(api: CubeSignerApi, totpInfo: TotpInfo);
+    /**
+     * Answer the challenge with the code that corresponds to `this.totpUrl`.
+     * @param {string} code 6-digit code that corresponds to `this.totpUrl`.
+     */
+    answer(code: string): Promise<void>;
+}
+/**
+ * Returned after creating a request to add a new FIDO device.
+ * Provides some helper methods for answering this challenge.
+ */
+export declare class AddFidoChallenge {
+    #private;
+    readonly challengeId: string;
+    readonly options: any;
+    /**
+     * Constructor
+     * @param {CubeSignerApi} api The API client used to request to add a FIDO device
+     * @param {ApiAddFidoChallenge} challenge The challenge returned by the remote end.
+     */
+    constructor(api: CubeSignerApi, challenge: ApiAddFidoChallenge);
+    /**
+     * Answers this challenge by using the `CredentialsContainer` API to create a credential
+     * based on the the public key credential creation options from this challenge.
+     */
+    createCredentialAndAnswer(): Promise<void>;
+    /**
+     * Answers this challenge using a given credential `cred`;
+     * the credential should be obtained by calling
+     *
+     * ```
+     * const cred = await navigator.credentials.create({ publicKey: this.options });
+     * ```
+     *
+     * @param {any} cred Credential created by calling the `CredentialContainer`'s `create` method
+     *                   based on the public key creation options from this challenge.
+     */
+    answer(cred: any): Promise<void>;
+}
+/**
+ * Returned after initiating MFA approval using FIDO.
+ * Provides some helper methods for answering this challenge.
+ */
+export declare class MfaFidoChallenge {
+    #private;
+    readonly mfaId: string;
+    readonly challengeId: string;
+    readonly options: any;
+    /**
+     * @param {CubeSignerApi} api The API client used to initiate MFA approval using FIDO
+     * @param {string} mfaId The MFA request id.
+     * @param {ApiMfaFidoChallenge} challenge The challenge returned by the remote end
+     */
+    constructor(api: CubeSignerApi, mfaId: string, challenge: ApiMfaFidoChallenge);
+    /**
+     * Answers this challenge by using the `CredentialsContainer` API to get a credential
+     * based on the the public key credential request options from this challenge.
+     *
+     * @param {MfaVote} vote Approve or reject the MFA request. Defaults to "approve".
+     */
+    createCredentialAndAnswer(vote?: MfaVote): Promise<MfaRequestInfo>;
+    /**
+     * Answers this challenge using a given credential `cred`.
+     * To obtain this credential, for example, call
+     *
+     * ```
+     * const cred = await navigator.credentials.get({ publicKey: this.options });
+     * ```
+     *
+     * @param {any} cred Credential created by calling the `CredentialContainer`'s `get` method
+     *                   based on the public key credential request options from this challenge.
+     * @param {MfaVote} vote Approve or reject. Defaults to "approve".
+     */
+    answer(cred: any, vote?: MfaVote): Promise<MfaRequestInfo>;
+}

package/dist/esm/src/mfa.js

@@ -0,0 +1,166 @@
+/* eslint-disable @typescript-eslint/no-explicit-any */
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var _TotpChallenge_api, _TotpChallenge_totpInfo, _AddFidoChallenge_api, _MfaFidoChallenge_api;
+import { decodeBase64Url, encodeToBase64Url } from "./util";
+/** TOTP challenge that must be answered before user's TOTP is updated */
+export class TotpChallenge {
+    /** The id of the challenge */
+    get totpId() {
+        return __classPrivateFieldGet(this, _TotpChallenge_totpInfo, "f").totp_id;
+    }
+    /** The new TOTP configuration */
+    get totpUrl() {
+        return __classPrivateFieldGet(this, _TotpChallenge_totpInfo, "f").totp_url;
+    }
+    /**
+     * @param {CubeSignerApi} api Used when answering the challenge.
+     * @param {TotpInfo} totpInfo TOTP challenge information.
+     */
+    constructor(api, totpInfo) {
+        _TotpChallenge_api.set(this, void 0);
+        _TotpChallenge_totpInfo.set(this, void 0);
+        __classPrivateFieldSet(this, _TotpChallenge_api, api, "f");
+        __classPrivateFieldSet(this, _TotpChallenge_totpInfo, totpInfo, "f");
+    }
+    /**
+     * Answer the challenge with the code that corresponds to `this.totpUrl`.
+     * @param {string} code 6-digit code that corresponds to `this.totpUrl`.
+     */
+    async answer(code) {
+        if (!/^\d{1,6}$/.test(code)) {
+            throw new Error(`Invalid TOTP code: ${code}; it must be a 6-digit string`);
+        }
+        await __classPrivateFieldGet(this, _TotpChallenge_api, "f").userTotpResetComplete(this.totpId, code);
+    }
+}
+_TotpChallenge_api = new WeakMap(), _TotpChallenge_totpInfo = new WeakMap();
+/**
+ * Returned after creating a request to add a new FIDO device.
+ * Provides some helper methods for answering this challenge.
+ */
+export class AddFidoChallenge {
+    /**
+     * Constructor
+     * @param {CubeSignerApi} api The API client used to request to add a FIDO device
+     * @param {ApiAddFidoChallenge} challenge The challenge returned by the remote end.
+     */
+    constructor(api, challenge) {
+        _AddFidoChallenge_api.set(this, void 0);
+        __classPrivateFieldSet(this, _AddFidoChallenge_api, api, "f");
+        this.challengeId = challenge.challenge_id;
+        // fix options returned from the server: rename fields and decode base64 fields to uint8[]
+        this.options = {
+            ...challenge.options,
+            challenge: decodeBase64Url(challenge.options.challenge),
+        };
+        if (challenge.options.user) {
+            this.options.user.id = decodeBase64Url(challenge.options.user.id);
+        }
+        for (const credential of this.options.excludeCredentials ?? []) {
+            credential.id = decodeBase64Url(credential.id);
+        }
+    }
+    /**
+     * Answers this challenge by using the `CredentialsContainer` API to create a credential
+     * based on the the public key credential creation options from this challenge.
+     */
+    async createCredentialAndAnswer() {
+        const cred = await navigator.credentials.create({ publicKey: this.options });
+        await this.answer(cred);
+    }
+    /**
+     * Answers this challenge using a given credential `cred`;
+     * the credential should be obtained by calling
+     *
+     * ```
+     * const cred = await navigator.credentials.create({ publicKey: this.options });
+     * ```
+     *
+     * @param {any} cred Credential created by calling the `CredentialContainer`'s `create` method
+     *                   based on the public key creation options from this challenge.
+     */
+    async answer(cred) {
+        const answer = {
+            id: cred.id,
+            response: {
+                clientDataJSON: encodeToBase64Url(cred.response.clientDataJSON),
+                attestationObject: encodeToBase64Url(cred.response.attestationObject),
+            },
+        };
+        await __classPrivateFieldGet(this, _AddFidoChallenge_api, "f").userFidoRegisterComplete(this.challengeId, answer);
+    }
+}
+_AddFidoChallenge_api = new WeakMap();
+/**
+ * Returned after initiating MFA approval using FIDO.
+ * Provides some helper methods for answering this challenge.
+ */
+export class MfaFidoChallenge {
+    /**
+     * @param {CubeSignerApi} api The API client used to initiate MFA approval using FIDO
+     * @param {string} mfaId The MFA request id.
+     * @param {ApiMfaFidoChallenge} challenge The challenge returned by the remote end
+     */
+    constructor(api, mfaId, challenge) {
+        _MfaFidoChallenge_api.set(this, void 0);
+        __classPrivateFieldSet(this, _MfaFidoChallenge_api, api, "f");
+        this.mfaId = mfaId;
+        this.challengeId = challenge.challenge_id;
+        // fix options returned from the server: rename fields and decode base64 fields into uint8[]
+        this.options = {
+            ...challenge.options,
+            challenge: decodeBase64Url(challenge.options.challenge),
+        };
+        for (const credential of this.options.allowCredentials ?? []) {
+            credential.id = decodeBase64Url(credential.id);
+            if (credential.transports === null) {
+                delete credential.transports;
+            }
+        }
+    }
+    /**
+     * Answers this challenge by using the `CredentialsContainer` API to get a credential
+     * based on the the public key credential request options from this challenge.
+     *
+     * @param {MfaVote} vote Approve or reject the MFA request. Defaults to "approve".
+     */
+    async createCredentialAndAnswer(vote) {
+        const cred = await navigator.credentials.get({ publicKey: this.options });
+        return await this.answer(cred, vote);
+    }
+    /**
+     * Answers this challenge using a given credential `cred`.
+     * To obtain this credential, for example, call
+     *
+     * ```
+     * const cred = await navigator.credentials.get({ publicKey: this.options });
+     * ```
+     *
+     * @param {any} cred Credential created by calling the `CredentialContainer`'s `get` method
+     *                   based on the public key credential request options from this challenge.
+     * @param {MfaVote} vote Approve or reject. Defaults to "approve".
+     */
+    async answer(cred, vote = "approve") {
+        const answer = {
+            id: cred.id,
+            response: {
+                clientDataJSON: encodeToBase64Url(cred.response.clientDataJSON),
+                authenticatorData: encodeToBase64Url(cred.response.authenticatorData),
+                signature: encodeToBase64Url(cred.response.signature),
+            },
+        };
+        return await __classPrivateFieldGet(this, _MfaFidoChallenge_api, "f").mfaVoteFidoComplete(this.mfaId, vote, this.challengeId, answer);
+    }
+}
+_MfaFidoChallenge_api = new WeakMap();
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibWZhLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL21mYS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSx1REFBdUQ7Ozs7Ozs7Ozs7Ozs7QUFVdkQsT0FBTyxFQUFFLGVBQWUsRUFBRSxpQkFBaUIsRUFBRSxNQUFNLFFBQVEsQ0FBQztBQWE1RCx5RUFBeUU7QUFDekUsTUFBTSxPQUFPLGFBQWE7SUFJeEIsOEJBQThCO0lBQzlCLElBQUksTUFBTTtRQUNSLE9BQU8sdUJBQUEsSUFBSSwrQkFBVSxDQUFDLE9BQU8sQ0FBQztJQUNoQyxDQUFDO0lBRUQsaUNBQWlDO0lBQ2pDLElBQUksT0FBTztRQUNULE9BQU8sdUJBQUEsSUFBSSwrQkFBVSxDQUFDLFFBQVEsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7OztPQUdHO0lBQ0gsWUFBWSxHQUFrQixFQUFFLFFBQWtCO1FBakJ6QyxxQ0FBb0I7UUFDcEIsMENBQW9CO1FBaUIzQix1QkFBQSxJQUFJLHNCQUFRLEdBQUcsTUFBQSxDQUFDO1FBQ2hCLHVCQUFBLElBQUksMkJBQWEsUUFBUSxNQUFBLENBQUM7SUFDNUIsQ0FBQztJQUVEOzs7T0FHRztJQUNILEtBQUssQ0FBQyxNQUFNLENBQUMsSUFBWTtRQUN2QixJQUFJLENBQUMsV0FBVyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO1lBQzVCLE1BQU0sSUFBSSxLQUFLLENBQUMsc0JBQXNCLElBQUksK0JBQStCLENBQUMsQ0FBQztRQUM3RSxDQUFDO1FBRUQsTUFBTSx1QkFBQSxJQUFJLDBCQUFLLENBQUMscUJBQXFCLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxJQUFJLENBQUMsQ0FBQztJQUMzRCxDQUFDO0NBQ0Y7O0FBRUQ7OztHQUdHO0FBQ0gsTUFBTSxPQUFPLGdCQUFnQjtJQUszQjs7OztPQUlHO0lBQ0gsWUFBWSxHQUFrQixFQUFFLFNBQThCO1FBVHJELHdDQUFvQjtRQVUzQix1QkFBQSxJQUFJLHlCQUFRLEdBQUcsTUFBQSxDQUFDO1FBQ2hCLElBQUksQ0FBQyxXQUFXLEdBQUcsU0FBUyxDQUFDLFlBQVksQ0FBQztRQUUxQywwRkFBMEY7UUFDMUYsSUFBSSxDQUFDLE9BQU8sR0FBRztZQUNiLEdBQUcsU0FBUyxDQUFDLE9BQU87WUFDcEIsU0FBUyxFQUFFLGVBQWUsQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQztTQUN4RCxDQUFDO1FBRUYsSUFBSSxTQUFTLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxDQUFDO1lBQzNCLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLEVBQUUsR0FBRyxlQUFlLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLENBQUM7UUFDcEUsQ0FBQztRQUVELEtBQUssTUFBTSxVQUFVLElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxrQkFBa0IsSUFBSSxFQUFFLEVBQUUsQ0FBQztZQUMvRCxVQUFVLENBQUMsRUFBRSxHQUFHLGVBQWUsQ0FBQyxVQUFVLENBQUMsRUFBRSxDQUFDLENBQUM7UUFDakQsQ0FBQztJQUNILENBQUM7SUFFRDs7O09BR0c7SUFDSCxLQUFLLENBQUMseUJBQXlCO1FBQzdCLE1BQU0sSUFBSSxHQUFHLE1BQU0sU0FBUyxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUMsRUFBRSxTQUFTLEVBQUUsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFDN0UsTUFBTSxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQzFCLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0gsS0FBSyxDQUFDLE1BQU0sQ0FBQyxJQUFTO1FBQ3BCLE1BQU0sTUFBTSxHQUF3QjtZQUNsQyxFQUFFLEVBQUUsSUFBSSxDQUFDLEVBQUU7WUFDWCxRQUFRLEVBQUU7Z0JBQ1IsY0FBYyxFQUFFLGlCQUFpQixDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsY0FBYyxDQUFDO2dCQUMvRCxpQkFBaUIsRUFBRSxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLGlCQUFpQixDQUFDO2FBQ3RFO1NBQ0YsQ0FBQztRQUNGLE1BQU0sdUJBQUEsSUFBSSw2QkFBSyxDQUFDLHdCQUF3QixDQUFDLElBQUksQ0FBQyxXQUFXLEVBQUUsTUFBTSxDQUFDLENBQUM7SUFDckUsQ0FBQztDQUNGOztBQUVEOzs7R0FHRztBQUNILE1BQU0sT0FBTyxnQkFBZ0I7SUFNM0I7Ozs7T0FJRztJQUNILFlBQVksR0FBa0IsRUFBRSxLQUFhLEVBQUUsU0FBOEI7UUFWcEUsd0NBQW9CO1FBVzNCLHVCQUFBLElBQUkseUJBQVEsR0FBRyxNQUFBLENBQUM7UUFDaEIsSUFBSSxDQUFDLEtBQUssR0FBRyxLQUFLLENBQUM7UUFDbkIsSUFBSSxDQUFDLFdBQVcsR0FBRyxTQUFTLENBQUMsWUFBWSxDQUFDO1FBRTFDLDRGQUE0RjtRQUM1RixJQUFJLENBQUMsT0FBTyxHQUFHO1lBQ2IsR0FBRyxTQUFTLENBQUMsT0FBTztZQUNwQixTQUFTLEVBQUUsZUFBZSxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsU0FBUyxDQUFDO1NBQ3hELENBQUM7UUFFRixLQUFLLE1BQU0sVUFBVSxJQUFJLElBQUksQ0FBQyxPQUFPLENBQUMsZ0JBQWdCLElBQUksRUFBRSxFQUFFLENBQUM7WUFDN0QsVUFBVSxDQUFDLEVBQUUsR0FBRyxlQUFlLENBQUMsVUFBVSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBQy9DLElBQUksVUFBVSxDQUFDLFVBQVUsS0FBSyxJQUFJLEVBQUUsQ0FBQztnQkFDbkMsT0FBTyxVQUFVLENBQUMsVUFBVSxDQUFDO1lBQy9CLENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0gsS0FBSyxDQUFDLHlCQUF5QixDQUFDLElBQWM7UUFDNUMsTUFBTSxJQUFJLEdBQUcsTUFBTSxTQUFTLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxFQUFFLFNBQVMsRUFBRSxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztRQUMxRSxPQUFPLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7SUFDdkMsQ0FBQztJQUVEOzs7Ozs7Ozs7OztPQVdHO0lBQ0gsS0FBSyxDQUFDLE1BQU0sQ0FBQyxJQUFTLEVBQUUsT0FBZ0IsU0FBUztRQUMvQyxNQUFNLE1BQU0sR0FBd0I7WUFDbEMsRUFBRSxFQUFFLElBQUksQ0FBQyxFQUFFO1lBQ1gsUUFBUSxFQUFFO2dCQUNSLGNBQWMsRUFBRSxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLGNBQWMsQ0FBQztnQkFDL0QsaUJBQWlCLEVBQUUsaUJBQWlCLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxpQkFBaUIsQ0FBQztnQkFDckUsU0FBUyxFQUFFLGlCQUFpQixDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDO2FBQ3REO1NBQ0YsQ0FBQztRQUNGLE9BQU8sTUFBTSx1QkFBQSxJQUFJLDZCQUFLLENBQUMsbUJBQW1CLENBQUMsSUFBSSxDQUFDLEtBQUssRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLFdBQVcsRUFBRSxNQUFNLENBQUMsQ0FBQztJQUN6RixDQUFDO0NBQ0YiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBlc2xpbnQtZGlzYWJsZSBAdHlwZXNjcmlwdC1lc2xpbnQvbm8tZXhwbGljaXQtYW55ICovXG5cbmltcG9ydCB7XG4gIEFwaUFkZEZpZG9DaGFsbGVuZ2UsXG4gIEFwaU1mYUZpZG9DaGFsbGVuZ2UsXG4gIE1mYVJlcXVlc3RJbmZvLFxuICBNZmFWb3RlLFxuICBQdWJsaWNLZXlDcmVkZW50aWFsLFxuICBUb3RwSW5mbyxcbn0gZnJvbSBcIi4vc2NoZW1hX3R5cGVzXCI7XG5pbXBvcnQgeyBkZWNvZGVCYXNlNjRVcmwsIGVuY29kZVRvQmFzZTY0VXJsIH0gZnJvbSBcIi4vdXRpbFwiO1xuaW1wb3J0IHsgQ3ViZVNpZ25lckFwaSB9IGZyb20gXCIuL2FwaVwiO1xuXG4vKiogTUZBIHJlY2VpcHQgKi9cbmV4cG9ydCBpbnRlcmZhY2UgTWZhUmVjZWlwdCB7XG4gIC8qKiBNRkEgcmVxdWVzdCBJRCAqL1xuICBtZmFJZDogc3RyaW5nO1xuICAvKiogQ29ycmVzcG9uZGluZyBvcmcgSUQgKi9cbiAgbWZhT3JnSWQ6IHN0cmluZztcbiAgLyoqIE1GQSBjb25maXJtYXRpb24gY29kZSAqL1xuICBtZmFDb25mOiBzdHJpbmc7XG59XG5cbi8qKiBUT1RQIGNoYWxsZW5nZSB0aGF0IG11c3QgYmUgYW5zd2VyZWQgYmVmb3JlIHVzZXIncyBUT1RQIGlzIHVwZGF0ZWQgKi9cbmV4cG9ydCBjbGFzcyBUb3RwQ2hhbGxlbmdlIHtcbiAgcmVhZG9ubHkgI2FwaTogQ3ViZVNpZ25lckFwaTtcbiAgcmVhZG9ubHkgI3RvdHBJbmZvOiBUb3RwSW5mbztcblxuICAvKiogVGhlIGlkIG9mIHRoZSBjaGFsbGVuZ2UgKi9cbiAgZ2V0IHRvdHBJZCgpIHtcbiAgICByZXR1cm4gdGhpcy4jdG90cEluZm8udG90cF9pZDtcbiAgfVxuXG4gIC8qKiBUaGUgbmV3IFRPVFAgY29uZmlndXJhdGlvbiAqL1xuICBnZXQgdG90cFVybCgpIHtcbiAgICByZXR1cm4gdGhpcy4jdG90cEluZm8udG90cF91cmw7XG4gIH1cblxuICAvKipcbiAgICogQHBhcmFtIHtDdWJlU2lnbmVyQXBpfSBhcGkgVXNlZCB3aGVuIGFuc3dlcmluZyB0aGUgY2hhbGxlbmdlLlxuICAgKiBAcGFyYW0ge1RvdHBJbmZvfSB0b3RwSW5mbyBUT1RQIGNoYWxsZW5nZSBpbmZvcm1hdGlvbi5cbiAgICovXG4gIGNvbnN0cnVjdG9yKGFwaTogQ3ViZVNpZ25lckFwaSwgdG90cEluZm86IFRvdHBJbmZvKSB7XG4gICAgdGhpcy4jYXBpID0gYXBpO1xuICAgIHRoaXMuI3RvdHBJbmZvID0gdG90cEluZm87XG4gIH1cblxuICAvKipcbiAgICogQW5zd2VyIHRoZSBjaGFsbGVuZ2Ugd2l0aCB0aGUgY29kZSB0aGF0IGNvcnJlc3BvbmRzIHRvIGB0aGlzLnRvdHBVcmxgLlxuICAgKiBAcGFyYW0ge3N0cmluZ30gY29kZSA2LWRpZ2l0IGNvZGUgdGhhdCBjb3JyZXNwb25kcyB0byBgdGhpcy50b3RwVXJsYC5cbiAgICovXG4gIGFzeW5jIGFuc3dlcihjb2RlOiBzdHJpbmcpIHtcbiAgICBpZiAoIS9eXFxkezEsNn0kLy50ZXN0KGNvZGUpKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoYEludmFsaWQgVE9UUCBjb2RlOiAke2NvZGV9OyBpdCBtdXN0IGJlIGEgNi1kaWdpdCBzdHJpbmdgKTtcbiAgICB9XG5cbiAgICBhd2FpdCB0aGlzLiNhcGkudXNlclRvdHBSZXNldENvbXBsZXRlKHRoaXMudG90cElkLCBjb2RlKTtcbiAgfVxufVxuXG4vKipcbiAqIFJldHVybmVkIGFmdGVyIGNyZWF0aW5nIGEgcmVxdWVzdCB0byBhZGQgYSBuZXcgRklETyBkZXZpY2UuXG4gKiBQcm92aWRlcyBzb21lIGhlbHBlciBtZXRob2RzIGZvciBhbnN3ZXJpbmcgdGhpcyBjaGFsbGVuZ2UuXG4gKi9cbmV4cG9ydCBjbGFzcyBBZGRGaWRvQ2hhbGxlbmdlIHtcbiAgcmVhZG9ubHkgI2FwaTogQ3ViZVNpZ25lckFwaTtcbiAgcmVhZG9ubHkgY2hhbGxlbmdlSWQ6IHN0cmluZztcbiAgcmVhZG9ubHkgb3B0aW9uczogYW55O1xuXG4gIC8qKlxuICAgKiBDb25zdHJ1Y3RvclxuICAgKiBAcGFyYW0ge0N1YmVTaWduZXJBcGl9IGFwaSBUaGUgQVBJIGNsaWVudCB1c2VkIHRvIHJlcXVlc3QgdG8gYWRkIGEgRklETyBkZXZpY2VcbiAgICogQHBhcmFtIHtBcGlBZGRGaWRvQ2hhbGxlbmdlfSBjaGFsbGVuZ2UgVGhlIGNoYWxsZW5nZSByZXR1cm5lZCBieSB0aGUgcmVtb3RlIGVuZC5cbiAgICovXG4gIGNvbnN0cnVjdG9yKGFwaTogQ3ViZVNpZ25lckFwaSwgY2hhbGxlbmdlOiBBcGlBZGRGaWRvQ2hhbGxlbmdlKSB7XG4gICAgdGhpcy4jYXBpID0gYXBpO1xuICAgIHRoaXMuY2hhbGxlbmdlSWQgPSBjaGFsbGVuZ2UuY2hhbGxlbmdlX2lkO1xuXG4gICAgLy8gZml4IG9wdGlvbnMgcmV0dXJuZWQgZnJvbSB0aGUgc2VydmVyOiByZW5hbWUgZmllbGRzIGFuZCBkZWNvZGUgYmFzZTY0IGZpZWxkcyB0byB1aW50OFtdXG4gICAgdGhpcy5vcHRpb25zID0ge1xuICAgICAgLi4uY2hhbGxlbmdlLm9wdGlvbnMsXG4gICAgICBjaGFsbGVuZ2U6IGRlY29kZUJhc2U2NFVybChjaGFsbGVuZ2Uub3B0aW9ucy5jaGFsbGVuZ2UpLFxuICAgIH07XG5cbiAgICBpZiAoY2hhbGxlbmdlLm9wdGlvbnMudXNlcikge1xuICAgICAgdGhpcy5vcHRpb25zLnVzZXIuaWQgPSBkZWNvZGVCYXNlNjRVcmwoY2hhbGxlbmdlLm9wdGlvbnMudXNlci5pZCk7XG4gICAgfVxuXG4gICAgZm9yIChjb25zdCBjcmVkZW50aWFsIG9mIHRoaXMub3B0aW9ucy5leGNsdWRlQ3JlZGVudGlhbHMgPz8gW10pIHtcbiAgICAgIGNyZWRlbnRpYWwuaWQgPSBkZWNvZGVCYXNlNjRVcmwoY3JlZGVudGlhbC5pZCk7XG4gICAgfVxuICB9XG5cbiAgLyoqXG4gICAqIEFuc3dlcnMgdGhpcyBjaGFsbGVuZ2UgYnkgdXNpbmcgdGhlIGBDcmVkZW50aWFsc0NvbnRhaW5lcmAgQVBJIHRvIGNyZWF0ZSBhIGNyZWRlbnRpYWxcbiAgICogYmFzZWQgb24gdGhlIHRoZSBwdWJsaWMga2V5IGNyZWRlbnRpYWwgY3JlYXRpb24gb3B0aW9ucyBmcm9tIHRoaXMgY2hhbGxlbmdlLlxuICAgKi9cbiAgYXN5bmMgY3JlYXRlQ3JlZGVudGlhbEFuZEFuc3dlcigpIHtcbiAgICBjb25zdCBjcmVkID0gYXdhaXQgbmF2aWdhdG9yLmNyZWRlbnRpYWxzLmNyZWF0ZSh7IHB1YmxpY0tleTogdGhpcy5vcHRpb25zIH0pO1xuICAgIGF3YWl0IHRoaXMuYW5zd2VyKGNyZWQpO1xuICB9XG5cbiAgLyoqXG4gICAqIEFuc3dlcnMgdGhpcyBjaGFsbGVuZ2UgdXNpbmcgYSBnaXZlbiBjcmVkZW50aWFsIGBjcmVkYDtcbiAgICogdGhlIGNyZWRlbnRpYWwgc2hvdWxkIGJlIG9idGFpbmVkIGJ5IGNhbGxpbmdcbiAgICpcbiAgICogYGBgXG4gICAqIGNvbnN0IGNyZWQgPSBhd2FpdCBuYXZpZ2F0b3IuY3JlZGVudGlhbHMuY3JlYXRlKHsgcHVibGljS2V5OiB0aGlzLm9wdGlvbnMgfSk7XG4gICAqIGBgYFxuICAgKlxuICAgKiBAcGFyYW0ge2FueX0gY3JlZCBDcmVkZW50aWFsIGNyZWF0ZWQgYnkgY2FsbGluZyB0aGUgYENyZWRlbnRpYWxDb250YWluZXJgJ3MgYGNyZWF0ZWAgbWV0aG9kXG4gICAqICAgICAgICAgICAgICAgICAgIGJhc2VkIG9uIHRoZSBwdWJsaWMga2V5IGNyZWF0aW9uIG9wdGlvbnMgZnJvbSB0aGlzIGNoYWxsZW5nZS5cbiAgICovXG4gIGFzeW5jIGFuc3dlcihjcmVkOiBhbnkpIHtcbiAgICBjb25zdCBhbnN3ZXIgPSA8UHVibGljS2V5Q3JlZGVudGlhbD57XG4gICAgICBpZDogY3JlZC5pZCxcbiAgICAgIHJlc3BvbnNlOiB7XG4gICAgICAgIGNsaWVudERhdGFKU09OOiBlbmNvZGVUb0Jhc2U2NFVybChjcmVkLnJlc3BvbnNlLmNsaWVudERhdGFKU09OKSxcbiAgICAgICAgYXR0ZXN0YXRpb25PYmplY3Q6IGVuY29kZVRvQmFzZTY0VXJsKGNyZWQucmVzcG9uc2UuYXR0ZXN0YXRpb25PYmplY3QpLFxuICAgICAgfSxcbiAgICB9O1xuICAgIGF3YWl0IHRoaXMuI2FwaS51c2VyRmlkb1JlZ2lzdGVyQ29tcGxldGUodGhpcy5jaGFsbGVuZ2VJZCwgYW5zd2VyKTtcbiAgfVxufVxuXG4vKipcbiAqIFJldHVybmVkIGFmdGVyIGluaXRpYXRpbmcgTUZBIGFwcHJvdmFsIHVzaW5nIEZJRE8uXG4gKiBQcm92aWRlcyBzb21lIGhlbHBlciBtZXRob2RzIGZvciBhbnN3ZXJpbmcgdGhpcyBjaGFsbGVuZ2UuXG4gKi9cbmV4cG9ydCBjbGFzcyBNZmFGaWRvQ2hhbGxlbmdlIHtcbiAgcmVhZG9ubHkgI2FwaTogQ3ViZVNpZ25lckFwaTtcbiAgcmVhZG9ubHkgbWZhSWQ6IHN0cmluZztcbiAgcmVhZG9ubHkgY2hhbGxlbmdlSWQ6IHN0cmluZztcbiAgcmVhZG9ubHkgb3B0aW9uczogYW55O1xuXG4gIC8qKlxuICAgKiBAcGFyYW0ge0N1YmVTaWduZXJBcGl9IGFwaSBUaGUgQVBJIGNsaWVudCB1c2VkIHRvIGluaXRpYXRlIE1GQSBhcHByb3ZhbCB1c2luZyBGSURPXG4gICAqIEBwYXJhbSB7c3RyaW5nfSBtZmFJZCBUaGUgTUZBIHJlcXVlc3QgaWQuXG4gICAqIEBwYXJhbSB7QXBpTWZhRmlkb0NoYWxsZW5nZX0gY2hhbGxlbmdlIFRoZSBjaGFsbGVuZ2UgcmV0dXJuZWQgYnkgdGhlIHJlbW90ZSBlbmRcbiAgICovXG4gIGNvbnN0cnVjdG9yKGFwaTogQ3ViZVNpZ25lckFwaSwgbWZhSWQ6IHN0cmluZywgY2hhbGxlbmdlOiBBcGlNZmFGaWRvQ2hhbGxlbmdlKSB7XG4gICAgdGhpcy4jYXBpID0gYXBpO1xuICAgIHRoaXMubWZhSWQgPSBtZmFJZDtcbiAgICB0aGlzLmNoYWxsZW5nZUlkID0gY2hhbGxlbmdlLmNoYWxsZW5nZV9pZDtcblxuICAgIC8vIGZpeCBvcHRpb25zIHJldHVybmVkIGZyb20gdGhlIHNlcnZlcjogcmVuYW1lIGZpZWxkcyBhbmQgZGVjb2RlIGJhc2U2NCBmaWVsZHMgaW50byB1aW50OFtdXG4gICAgdGhpcy5vcHRpb25zID0ge1xuICAgICAgLi4uY2hhbGxlbmdlLm9wdGlvbnMsXG4gICAgICBjaGFsbGVuZ2U6IGRlY29kZUJhc2U2NFVybChjaGFsbGVuZ2Uub3B0aW9ucy5jaGFsbGVuZ2UpLFxuICAgIH07XG5cbiAgICBmb3IgKGNvbnN0IGNyZWRlbnRpYWwgb2YgdGhpcy5vcHRpb25zLmFsbG93Q3JlZGVudGlhbHMgPz8gW10pIHtcbiAgICAgIGNyZWRlbnRpYWwuaWQgPSBkZWNvZGVCYXNlNjRVcmwoY3JlZGVudGlhbC5pZCk7XG4gICAgICBpZiAoY3JlZGVudGlhbC50cmFuc3BvcnRzID09PSBudWxsKSB7XG4gICAgICAgIGRlbGV0ZSBjcmVkZW50aWFsLnRyYW5zcG9ydHM7XG4gICAgICB9XG4gICAgfVxuICB9XG5cbiAgLyoqXG4gICAqIEFuc3dlcnMgdGhpcyBjaGFsbGVuZ2UgYnkgdXNpbmcgdGhlIGBDcmVkZW50aWFsc0NvbnRhaW5lcmAgQVBJIHRvIGdldCBhIGNyZWRlbnRpYWxcbiAgICogYmFzZWQgb24gdGhlIHRoZSBwdWJsaWMga2V5IGNyZWRlbnRpYWwgcmVxdWVzdCBvcHRpb25zIGZyb20gdGhpcyBjaGFsbGVuZ2UuXG4gICAqXG4gICAqIEBwYXJhbSB7TWZhVm90ZX0gdm90ZSBBcHByb3ZlIG9yIHJlamVjdCB0aGUgTUZBIHJlcXVlc3QuIERlZmF1bHRzIHRvIFwiYXBwcm92ZVwiLlxuICAgKi9cbiAgYXN5bmMgY3JlYXRlQ3JlZGVudGlhbEFuZEFuc3dlcih2b3RlPzogTWZhVm90ZSk6IFByb21pc2U8TWZhUmVxdWVzdEluZm8+IHtcbiAgICBjb25zdCBjcmVkID0gYXdhaXQgbmF2aWdhdG9yLmNyZWRlbnRpYWxzLmdldCh7IHB1YmxpY0tleTogdGhpcy5vcHRpb25zIH0pO1xuICAgIHJldHVybiBhd2FpdCB0aGlzLmFuc3dlcihjcmVkLCB2b3RlKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBBbnN3ZXJzIHRoaXMgY2hhbGxlbmdlIHVzaW5nIGEgZ2l2ZW4gY3JlZGVudGlhbCBgY3JlZGAuXG4gICAqIFRvIG9idGFpbiB0aGlzIGNyZWRlbnRpYWwsIGZvciBleGFtcGxlLCBjYWxsXG4gICAqXG4gICAqIGBgYFxuICAgKiBjb25zdCBjcmVkID0gYXdhaXQgbmF2aWdhdG9yLmNyZWRlbnRpYWxzLmdldCh7IHB1YmxpY0tleTogdGhpcy5vcHRpb25zIH0pO1xuICAgKiBgYGBcbiAgICpcbiAgICogQHBhcmFtIHthbnl9IGNyZWQgQ3JlZGVudGlhbCBjcmVhdGVkIGJ5IGNhbGxpbmcgdGhlIGBDcmVkZW50aWFsQ29udGFpbmVyYCdzIGBnZXRgIG1ldGhvZFxuICAgKiAgICAgICAgICAgICAgICAgICBiYXNlZCBvbiB0aGUgcHVibGljIGtleSBjcmVkZW50aWFsIHJlcXVlc3Qgb3B0aW9ucyBmcm9tIHRoaXMgY2hhbGxlbmdlLlxuICAgKiBAcGFyYW0ge01mYVZvdGV9IHZvdGUgQXBwcm92ZSBvciByZWplY3QuIERlZmF1bHRzIHRvIFwiYXBwcm92ZVwiLlxuICAgKi9cbiAgYXN5bmMgYW5zd2VyKGNyZWQ6IGFueSwgdm90ZTogTWZhVm90ZSA9IFwiYXBwcm92ZVwiKTogUHJvbWlzZTxNZmFSZXF1ZXN0SW5mbz4ge1xuICAgIGNvbnN0IGFuc3dlciA9IDxQdWJsaWNLZXlDcmVkZW50aWFsPntcbiAgICAgIGlkOiBjcmVkLmlkLFxuICAgICAgcmVzcG9uc2U6IHtcbiAgICAgICAgY2xpZW50RGF0YUpTT046IGVuY29kZVRvQmFzZTY0VXJsKGNyZWQucmVzcG9uc2UuY2xpZW50RGF0YUpTT04pLFxuICAgICAgICBhdXRoZW50aWNhdG9yRGF0YTogZW5jb2RlVG9CYXNlNjRVcmwoY3JlZC5yZXNwb25zZS5hdXRoZW50aWNhdG9yRGF0YSksXG4gICAgICAgIHNpZ25hdHVyZTogZW5jb2RlVG9CYXNlNjRVcmwoY3JlZC5yZXNwb25zZS5zaWduYXR1cmUpLFxuICAgICAgfSxcbiAgICB9O1xuICAgIHJldHVybiBhd2FpdCB0aGlzLiNhcGkubWZhVm90ZUZpZG9Db21wbGV0ZSh0aGlzLm1mYUlkLCB2b3RlLCB0aGlzLmNoYWxsZW5nZUlkLCBhbnN3ZXIpO1xuICB9XG59XG4iXX0=