@datacules/agent-identity 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/approval.js +157 -0
- package/dist/cjs/approval.js.map +1 -0
- package/dist/cjs/attestation.js +89 -0
- package/dist/cjs/attestation.js.map +1 -0
- package/dist/cjs/budget.js +110 -0
- package/dist/cjs/budget.js.map +1 -0
- package/dist/cjs/credentials.js +14 -0
- package/dist/cjs/credentials.js.map +1 -0
- package/dist/cjs/decision.js +30 -0
- package/dist/cjs/decision.js.map +1 -0
- package/dist/cjs/federation.js +55 -0
- package/dist/cjs/federation.js.map +1 -0
- package/dist/cjs/index.js +42 -0
- package/dist/cjs/index.js.map +1 -0
- package/dist/cjs/providers.js +97 -0
- package/dist/cjs/providers.js.map +1 -0
- package/dist/cjs/rotation.js +127 -0
- package/dist/cjs/rotation.js.map +1 -0
- package/dist/cjs/router.js +216 -0
- package/dist/cjs/router.js.map +1 -0
- package/dist/cjs/schemas.js +127 -0
- package/dist/cjs/schemas.js.map +1 -0
- package/dist/cjs/types.js +4 -0
- package/dist/cjs/types.js.map +1 -0
- package/dist/esm/approval.js +150 -0
- package/dist/esm/approval.js.map +1 -0
- package/dist/esm/attestation.js +83 -0
- package/dist/esm/attestation.js.map +1 -0
- package/dist/esm/budget.js +105 -0
- package/dist/esm/budget.js.map +1 -0
- package/dist/esm/credentials.js +11 -0
- package/dist/esm/credentials.js.map +1 -0
- package/dist/esm/decision.js +27 -0
- package/dist/esm/decision.js.map +1 -0
- package/dist/esm/federation.js +50 -0
- package/dist/esm/federation.js.map +1 -0
- package/dist/esm/index.js +26 -0
- package/dist/esm/index.js.map +1 -0
- package/dist/esm/providers.js +92 -0
- package/dist/esm/providers.js.map +1 -0
- package/dist/esm/react/index.js +2 -0
- package/dist/esm/react/index.js.map +1 -0
- package/dist/esm/react/useAgentIdentity.js +100 -0
- package/dist/esm/react/useAgentIdentity.js.map +1 -0
- package/dist/esm/rotation.js +123 -0
- package/dist/esm/rotation.js.map +1 -0
- package/dist/esm/router.js +208 -0
- package/dist/esm/router.js.map +1 -0
- package/dist/esm/schemas.js +124 -0
- package/dist/esm/schemas.js.map +1 -0
- package/dist/esm/types.js +3 -0
- package/dist/esm/types.js.map +1 -0
- package/dist/types/approval.d.ts +48 -0
- package/dist/types/approval.d.ts.map +1 -0
- package/dist/types/attestation.d.ts +36 -0
- package/dist/types/attestation.d.ts.map +1 -0
- package/dist/types/budget.d.ts +38 -0
- package/dist/types/budget.d.ts.map +1 -0
- package/dist/types/credentials.d.ts +4 -0
- package/dist/types/credentials.d.ts.map +1 -0
- package/dist/types/decision.d.ts +3 -0
- package/dist/types/decision.d.ts.map +1 -0
- package/dist/types/federation.d.ts +23 -0
- package/dist/types/federation.d.ts.map +1 -0
- package/dist/types/index.d.ts +26 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/providers.d.ts +13 -0
- package/dist/types/providers.d.ts.map +1 -0
- package/dist/types/react/index.d.ts +3 -0
- package/dist/types/react/index.d.ts.map +1 -0
- package/dist/types/react/useAgentIdentity.d.ts +58 -0
- package/dist/types/react/useAgentIdentity.d.ts.map +1 -0
- package/dist/types/rotation.d.ts +51 -0
- package/dist/types/rotation.d.ts.map +1 -0
- package/dist/types/router.d.ts +48 -0
- package/dist/types/router.d.ts.map +1 -0
- package/dist/types/schemas.d.ts +434 -0
- package/dist/types/schemas.d.ts.map +1 -0
- package/dist/types/types.d.ts +263 -0
- package/dist/types/types.d.ts.map +1 -0
- package/package.json +59 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"providers.js","sourceRoot":"","sources":["../../src/providers.ts"],"names":[],"mappings":";;;AAgFA,gCAEC;AAUD,4CAEC;AA5FD,SAAS,oBAAoB,CAAC,UAA8B,EAAE,KAAqB,EAAE,SAA4B;IAC/G,MAAM,WAAW,GAAqB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IAC3D,MAAM,WAAW,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC1F,IAAI,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,IAAI,SAAS,sBAAsB,KAAK,kDAAkD,UAAU,CAAC,GAAG,sBAAsB,CAAC,CAAC;IAClJ,CAAC;IACD,IAAI,KAAK,KAAK,SAAS,IAAI,CAAC,WAAW,EAAE,CAAC;QACxC,OAAO,CAAC,IAAI,CAAC,IAAI,SAAS,qDAAqD,UAAU,CAAC,GAAG,oCAAoC,CAAC,CAAC;IACrI,CAAC;AACH,CAAC;AAED,MAAM,aAAa,GAAoB;IACrC,EAAE,EAAE,QAAQ;IACZ,KAAK,EAAE,QAAQ;IACf,gBAAgB,CAAC,OAAO,EAAE,UAAU;QAClC,OAAO,EAAE,GAAG,OAAO,EAAE,IAAI,EAAE,UAAU,CAAC,WAAW,EAAE,kBAAkB,EAAE,EAAE,aAAa,EAAE,UAAU,CAAC,GAAG,EAAE,WAAW,EAAE,UAAU,CAAC,WAAW,EAAE,cAAc,EAAE,4CAA4C,EAAE,EAAE,CAAC;IAChN,CAAC;IACD,QAAQ,CAAC,OAAO;QACd,IAAI,CAAC,OAAO,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;IAC5E,CAAC;IACD,oBAAoB,CAAC,UAAU,EAAE,KAAK,IAAI,oBAAoB,CAAC,UAAU,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC;CAC/F,CAAC;AAEF,MAAM,gBAAgB,GAAoB;IACxC,EAAE,EAAE,WAAW;IACf,KAAK,EAAE,WAAW;IAClB,gBAAgB,CAAC,OAAO,EAAE,UAAU;QAClC,OAAO,EAAE,GAAG,OAAO,EAAE,QAAQ,EAAE,EAAE,GAAI,OAAO,CAAC,QAAoC,EAAE,OAAO,EAAE,UAAU,CAAC,WAAW,EAAE,kBAAkB,EAAE,EAAE,aAAa,EAAE,UAAU,CAAC,GAAG,EAAE,cAAc,EAAE,gCAAgC,EAAE,EAAE,EAAE,CAAC;IAClO,CAAC;IACD,QAAQ,CAAC,OAAO;QACd,IAAI,CAAC,OAAO,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC7E,IAAI,CAAC,OAAO,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IACrF,CAAC;IACD,oBAAoB,CAAC,UAAU,EAAE,KAAK,IAAI,oBAAoB,CAAC,UAAU,EAAE,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;CAClG,CAAC;AAEF,MAAM,aAAa,GAAoB;IACrC,EAAE,EAAE,QAAQ;IACZ,KAAK,EAAE,QAAQ;IACf,gBAAgB,CAAC,OAAO,EAAE,UAAU;QAClC,OAAO,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,EAAE,GAAI,OAAO,CAAC,MAAkC,EAAE,OAAO,EAAE,UAAU,CAAC,WAAW,EAAE,EAAE,kBAAkB,EAAE,EAAE,aAAa,EAAE,UAAU,CAAC,GAAG,EAAE,WAAW,EAAE,UAAU,CAAC,WAAW,EAAE,cAAc,EAAE,qCAAqC,EAAE,EAAE,CAAC;IACxQ,CAAC;IACD,QAAQ,CAAC,OAAO;QACd,IAAI,CAAC,OAAO,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAClF,CAAC;IACD,oBAAoB,CAAC,UAAU,EAAE,KAAK,IAAI,oBAAoB,CAAC,UAAU,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC;CAC/F,CAAC;AAEF,MAAM,cAAc,GAAoB;IACtC,EAAE,EAAE,SAAS;IACb,KAAK,EAAE,SAAS;IAChB,gBAAgB,CAAC,OAAO,EAAE,UAAU;QAClC,OAAO,EAAE,GAAG,OAAO,EAAE,kBAAkB,EAAE,EAAE,aAAa,EAAE,UAAU,CAAC,GAAG,EAAE,WAAW,EAAE,UAAU,CAAC,WAAW,EAAE,cAAc,EAAE,4CAA4C,EAAE,EAAE,CAAC;IAClL,CAAC;IACD,QAAQ,CAAC,OAAO;QACd,IAAI,CAAC,OAAO,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QAC3E,IAAI,CAAC,OAAO,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IACnF,CAAC;IACD,oBAAoB,CAAC,UAAU,EAAE,KAAK,IAAI,oBAAoB,CAAC,UAAU,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC;CAChG,CAAC;AAEF,MAAM,YAAY,GAAoB;IACpC,EAAE,EAAE,OAAO;IACX,KAAK,EAAE,qBAAqB;IAC5B,gBAAgB,CAAC,OAAO,EAAE,UAAU;QAClC,OAAO,EAAE,GAAG,OAAO,EAAE,kBAAkB,EAAE,EAAE,aAAa,EAAE,UAAU,CAAC,GAAG,EAAE,WAAW,EAAE,UAAU,CAAC,WAAW,EAAE,cAAc,EAAE,mBAAmB,EAAE,EAAE,CAAC;IACzJ,CAAC;IACD,oBAAoB,CAAC,UAAU,EAAE,KAAK,IAAI,oBAAoB,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC;CAC9F,CAAC;AAEW,QAAA,iBAAiB,GAA+C;IAC3E,MAAM,EAAE,aAAa;IACrB,SAAS,EAAE,gBAAgB;IAC3B,MAAM,EAAE,aAAa;IACrB,OAAO,EAAE,cAAc;IACvB,KAAK,EAAE,YAAY;CACpB,CAAC;AAEF,SAAgB,UAAU,CAAC,QAA2B;IACpD,OAAO,yBAAiB,CAAC,QAAQ,CAAC,CAAC;AACrC,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,gBAAgB,CAAC,OAAwB;IACtD,yBAAqD,CAAC,OAAO,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC;AAC/E,CAAC"}
|
|
@@ -0,0 +1,127 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.CredentialRotationScheduler = void 0;
|
|
4
|
+
// ─── CredentialRotationScheduler ─────────────────────────────────────────────
|
|
5
|
+
class CredentialRotationScheduler {
|
|
6
|
+
constructor(repository, auditLogger) {
|
|
7
|
+
this.repository = repository;
|
|
8
|
+
this.auditLogger = auditLogger;
|
|
9
|
+
this.providers = new Map();
|
|
10
|
+
this.intervalHandle = null;
|
|
11
|
+
}
|
|
12
|
+
registerProvider(provider) {
|
|
13
|
+
this.providers.set(provider.id, provider);
|
|
14
|
+
}
|
|
15
|
+
/**
|
|
16
|
+
* Check all active credentials for pending rotation and rotate them.
|
|
17
|
+
* Call this on a schedule (e.g. every hour via cron or setInterval).
|
|
18
|
+
*/
|
|
19
|
+
async runOnce() {
|
|
20
|
+
const credentials = await this.repository.listActive();
|
|
21
|
+
const now = new Date();
|
|
22
|
+
for (const cred of credentials) {
|
|
23
|
+
if (!cred.rotation)
|
|
24
|
+
continue;
|
|
25
|
+
const due = this.isRotationDue(cred, cred.rotation, now);
|
|
26
|
+
if (!due) {
|
|
27
|
+
await this.maybeEmitWarning(cred, cred.rotation, now);
|
|
28
|
+
continue;
|
|
29
|
+
}
|
|
30
|
+
const provider = cred.rotation.provisioner
|
|
31
|
+
? this.providers.get(cred.rotation.provisioner)
|
|
32
|
+
: null;
|
|
33
|
+
if (!provider) {
|
|
34
|
+
console.warn(`[RotationScheduler] No provider for credential ${cred.id} (provisioner: ${cred.rotation.provisioner ?? 'unset'})`);
|
|
35
|
+
continue;
|
|
36
|
+
}
|
|
37
|
+
try {
|
|
38
|
+
const { newRef, rotatedAt } = await provider.rotate(cred);
|
|
39
|
+
await this.repository.update(cred.id, { ref: newRef, lastRotated: rotatedAt });
|
|
40
|
+
if (this.auditLogger) {
|
|
41
|
+
await this.auditLogger.log({
|
|
42
|
+
timestamp: new Date().toISOString(),
|
|
43
|
+
traceId: `rotation-${cred.id}`,
|
|
44
|
+
userId: 'system',
|
|
45
|
+
action: 'credential.rotated',
|
|
46
|
+
resourceId: cred.id,
|
|
47
|
+
resourceKind: 'shared',
|
|
48
|
+
provider: 'local',
|
|
49
|
+
model: 'system',
|
|
50
|
+
credentialId: cred.id,
|
|
51
|
+
credentialKind: cred.kind,
|
|
52
|
+
resolvedFor: 'system',
|
|
53
|
+
});
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
catch (err) {
|
|
57
|
+
console.error(`[RotationScheduler] Rotation failed for ${cred.id}:`, err);
|
|
58
|
+
if (this.auditLogger) {
|
|
59
|
+
await this.auditLogger.log({
|
|
60
|
+
timestamp: new Date().toISOString(),
|
|
61
|
+
traceId: `rotation-${cred.id}`,
|
|
62
|
+
userId: 'system',
|
|
63
|
+
action: 'credential.rotation_failed',
|
|
64
|
+
resourceId: cred.id,
|
|
65
|
+
resourceKind: 'shared',
|
|
66
|
+
provider: 'local',
|
|
67
|
+
model: 'system',
|
|
68
|
+
credentialId: cred.id,
|
|
69
|
+
credentialKind: cred.kind,
|
|
70
|
+
resolvedFor: 'system',
|
|
71
|
+
});
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
/**
|
|
77
|
+
* Start a background rotation loop at the given interval.
|
|
78
|
+
* @param intervalMs Check frequency in milliseconds (default: 3600000 = 1 hour)
|
|
79
|
+
*/
|
|
80
|
+
start(intervalMs = 3600000) {
|
|
81
|
+
if (this.intervalHandle !== null)
|
|
82
|
+
return;
|
|
83
|
+
this.intervalHandle = setInterval(() => {
|
|
84
|
+
this.runOnce().catch(console.error);
|
|
85
|
+
}, intervalMs);
|
|
86
|
+
}
|
|
87
|
+
stop() {
|
|
88
|
+
if (this.intervalHandle !== null) {
|
|
89
|
+
clearInterval(this.intervalHandle);
|
|
90
|
+
this.intervalHandle = null;
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
isRotationDue(cred, policy, now) {
|
|
94
|
+
if (policy.rotateAfterDays !== undefined && cred.lastRotated) {
|
|
95
|
+
const lastRotated = new Date(cred.lastRotated);
|
|
96
|
+
const daysSince = (now.getTime() - lastRotated.getTime()) / 86400000;
|
|
97
|
+
if (daysSince >= policy.rotateAfterDays)
|
|
98
|
+
return true;
|
|
99
|
+
}
|
|
100
|
+
return false;
|
|
101
|
+
}
|
|
102
|
+
async maybeEmitWarning(cred, policy, now) {
|
|
103
|
+
if (!this.auditLogger)
|
|
104
|
+
return;
|
|
105
|
+
if (policy.notifyBeforeDays !== undefined && policy.rotateAfterDays !== undefined && cred.lastRotated) {
|
|
106
|
+
const lastRotated = new Date(cred.lastRotated);
|
|
107
|
+
const daysUntilDue = policy.rotateAfterDays - (now.getTime() - lastRotated.getTime()) / 86400000;
|
|
108
|
+
if (daysUntilDue > 0 && daysUntilDue <= policy.notifyBeforeDays) {
|
|
109
|
+
await this.auditLogger.log({
|
|
110
|
+
timestamp: new Date().toISOString(),
|
|
111
|
+
traceId: `rotation-warning-${cred.id}`,
|
|
112
|
+
userId: 'system',
|
|
113
|
+
action: 'credential.rotation_due',
|
|
114
|
+
resourceId: cred.id,
|
|
115
|
+
resourceKind: 'shared',
|
|
116
|
+
provider: 'local',
|
|
117
|
+
model: 'system',
|
|
118
|
+
credentialId: cred.id,
|
|
119
|
+
credentialKind: cred.kind,
|
|
120
|
+
resolvedFor: 'system',
|
|
121
|
+
});
|
|
122
|
+
}
|
|
123
|
+
}
|
|
124
|
+
}
|
|
125
|
+
}
|
|
126
|
+
exports.CredentialRotationScheduler = CredentialRotationScheduler;
|
|
127
|
+
//# sourceMappingURL=rotation.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"rotation.js","sourceRoot":"","sources":["../../src/rotation.ts"],"names":[],"mappings":";;;AA+BA,gFAAgF;AAEhF,MAAa,2BAA2B;IAItC,YACmB,UAA8B,EAC9B,WAAyB;QADzB,eAAU,GAAV,UAAU,CAAoB;QAC9B,gBAAW,GAAX,WAAW,CAAc;QAL3B,cAAS,GAAG,IAAI,GAAG,EAA4B,CAAC;QACzD,mBAAc,GAA0C,IAAI,CAAC;IAKlE,CAAC;IAEJ,gBAAgB,CAAC,QAA0B;QACzC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IAC5C,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,OAAO;QACX,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC;QACvD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QAEvB,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC,QAAQ;gBAAE,SAAS;YAE7B,MAAM,GAAG,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YACzD,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,CAAC,gBAAgB,CAAC,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;gBACtD,SAAS;YACX,CAAC;YAED,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW;gBACxC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;gBAC/C,CAAC,CAAC,IAAI,CAAC;YAET,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,IAAI,CAAC,kDAAkD,IAAI,CAAC,EAAE,kBAAkB,IAAI,CAAC,QAAQ,CAAC,WAAW,IAAI,OAAO,GAAG,CAAC,CAAC;gBACjI,SAAS;YACX,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;gBAC1D,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,SAAS,EAAE,CAAC,CAAC;gBAE/E,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;oBACrB,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC;wBACzB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;wBACnC,OAAO,EAAE,YAAY,IAAI,CAAC,EAAE,EAAE;wBAC9B,MAAM,EAAE,QAAQ;wBAChB,MAAM,EAAE,oBAAoB;wBAC5B,UAAU,EAAE,IAAI,CAAC,EAAE;wBACnB,YAAY,EAAE,QAAQ;wBACtB,QAAQ,EAAE,OAAO;wBACjB,KAAK,EAAE,QAAQ;wBACf,YAAY,EAAE,IAAI,CAAC,EAAE;wBACrB,cAAc,EAAE,IAAI,CAAC,IAAI;wBACzB,WAAW,EAAE,QAAQ;qBACtB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,KAAK,CAAC,2CAA2C,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;gBAC1E,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;oBACrB,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC;wBACzB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;wBACnC,OAAO,EAAE,YAAY,IAAI,CAAC,EAAE,EAAE;wBAC9B,MAAM,EAAE,QAAQ;wBAChB,MAAM,EAAE,4BAA4B;wBACpC,UAAU,EAAE,IAAI,CAAC,EAAE;wBACnB,YAAY,EAAE,QAAQ;wBACtB,QAAQ,EAAE,OAAO;wBACjB,KAAK,EAAE,QAAQ;wBACf,YAAY,EAAE,IAAI,CAAC,EAAE;wBACrB,cAAc,EAAE,IAAI,CAAC,IAAI;wBACzB,WAAW,EAAE,QAAQ;qBACtB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,UAAU,GAAG,OAAS;QAC1B,IAAI,IAAI,CAAC,cAAc,KAAK,IAAI;YAAE,OAAO;QACzC,IAAI,CAAC,cAAc,GAAG,WAAW,CAAC,GAAG,EAAE;YACrC,IAAI,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACtC,CAAC,EAAE,UAAU,CAAC,CAAC;IACjB,CAAC;IAED,IAAI;QACF,IAAI,IAAI,CAAC,cAAc,KAAK,IAAI,EAAE,CAAC;YACjC,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YACnC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC7B,CAAC;IACH,CAAC;IAEO,aAAa,CAAC,IAAgB,EAAE,MAAsB,EAAE,GAAS;QACvE,IAAI,MAAM,CAAC,eAAe,KAAK,SAAS,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YAC7D,MAAM,WAAW,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAC/C,MAAM,SAAS,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,WAAW,CAAC,OAAO,EAAE,CAAC,GAAG,QAAU,CAAC;YACvE,IAAI,SAAS,IAAI,MAAM,CAAC,eAAe;gBAAE,OAAO,IAAI,CAAC;QACvD,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,IAAgB,EAAE,MAAsB,EAAE,GAAS;QAChF,IAAI,CAAC,IAAI,CAAC,WAAW;YAAE,OAAO;QAC9B,IAAI,MAAM,CAAC,gBAAgB,KAAK,SAAS,IAAI,MAAM,CAAC,eAAe,KAAK,SAAS,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACtG,MAAM,WAAW,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAC/C,MAAM,YAAY,GAAG,MAAM,CAAC,eAAe,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,WAAW,CAAC,OAAO,EAAE,CAAC,GAAG,QAAU,CAAC;YACnG,IAAI,YAAY,GAAG,CAAC,IAAI,YAAY,IAAI,MAAM,CAAC,gBAAgB,EAAE,CAAC;gBAChE,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC;oBACzB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,OAAO,EAAE,oBAAoB,IAAI,CAAC,EAAE,EAAE;oBACtC,MAAM,EAAE,QAAQ;oBAChB,MAAM,EAAE,yBAAyB;oBACjC,UAAU,EAAE,IAAI,CAAC,EAAE;oBACnB,YAAY,EAAE,QAAQ;oBACtB,QAAQ,EAAE,OAAO;oBACjB,KAAK,EAAE,QAAQ;oBACf,YAAY,EAAE,IAAI,CAAC,EAAE;oBACrB,cAAc,EAAE,IAAI,CAAC,IAAI;oBACzB,WAAW,EAAE,QAAQ;iBACtB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAhID,kEAgIC"}
|
|
@@ -0,0 +1,216 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Credential Router — core of @datacules/agent-identity.
|
|
4
|
+
*
|
|
5
|
+
* Key features added in this version:
|
|
6
|
+
* - Canary routing: canaryRef + canaryWeight on RoutingRule
|
|
7
|
+
* - Attestation: optional AttestationSigner on router config
|
|
8
|
+
* - Budget enforcement: BudgetEnforcer check before resolving
|
|
9
|
+
* - Approval gate: ApprovalManager integration on rules with approval policy
|
|
10
|
+
*/
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.CredentialRouter = exports.MemoryCredentialStore = void 0;
|
|
13
|
+
exports.createRouter = createRouter;
|
|
14
|
+
exports.createRouterFromStore = createRouterFromStore;
|
|
15
|
+
exports.createRouterWithConfig = createRouterWithConfig;
|
|
16
|
+
const attestation_1 = require("./attestation");
|
|
17
|
+
function isSyncCapable(store) {
|
|
18
|
+
return typeof store.findByRefSync === 'function';
|
|
19
|
+
}
|
|
20
|
+
class MemoryCredentialStore {
|
|
21
|
+
constructor(credentials) {
|
|
22
|
+
this.reservations = new Map();
|
|
23
|
+
this.creds = credentials;
|
|
24
|
+
}
|
|
25
|
+
findByRefSync(ref) {
|
|
26
|
+
return this.creds.find((c) => c.ref === ref && c.status === 'active') ?? null;
|
|
27
|
+
}
|
|
28
|
+
async findByRef(ref) {
|
|
29
|
+
return this.findByRefSync(ref);
|
|
30
|
+
}
|
|
31
|
+
async listActive() {
|
|
32
|
+
return this.creds.filter((c) => c.status === 'active');
|
|
33
|
+
}
|
|
34
|
+
async listByKind(kind) {
|
|
35
|
+
return this.creds.filter((c) => c.kind === kind);
|
|
36
|
+
}
|
|
37
|
+
async reserve(ref, migrationId, ttlSeconds) {
|
|
38
|
+
const existing = this.reservations.get(ref);
|
|
39
|
+
const now = Date.now();
|
|
40
|
+
if (existing && existing.migrationId !== migrationId && existing.expiresAt > now)
|
|
41
|
+
return false;
|
|
42
|
+
this.reservations.set(ref, { migrationId, expiresAt: now + ttlSeconds * 1000 });
|
|
43
|
+
return true;
|
|
44
|
+
}
|
|
45
|
+
async release(ref, migrationId) {
|
|
46
|
+
const existing = this.reservations.get(ref);
|
|
47
|
+
if (existing?.migrationId === migrationId)
|
|
48
|
+
this.reservations.delete(ref);
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
exports.MemoryCredentialStore = MemoryCredentialStore;
|
|
52
|
+
class CredentialRouter {
|
|
53
|
+
constructor(config) {
|
|
54
|
+
this.config = config;
|
|
55
|
+
}
|
|
56
|
+
// ─── Sync resolve (requires SyncCapable store) ────────────────────────────
|
|
57
|
+
resolve(ctx) {
|
|
58
|
+
const { store, rules } = this.config;
|
|
59
|
+
const matching = rules
|
|
60
|
+
.filter((r) => this.ruleMatches(r, ctx))
|
|
61
|
+
.sort((a, b) => b.priority - a.priority);
|
|
62
|
+
const rule = matching[0];
|
|
63
|
+
if (!rule)
|
|
64
|
+
return null;
|
|
65
|
+
if (!isSyncCapable(store)) {
|
|
66
|
+
console.warn('[CredentialRouter] resolve() requires findByRefSync(). Use resolveAsync() for async stores.');
|
|
67
|
+
return null;
|
|
68
|
+
}
|
|
69
|
+
// Canary selection
|
|
70
|
+
const ref = this.selectRef(rule);
|
|
71
|
+
const isCanary = ref === rule.canaryRef;
|
|
72
|
+
const cred = store.findByRefSync(ref);
|
|
73
|
+
if (!cred)
|
|
74
|
+
return null;
|
|
75
|
+
if (cred.expiresAt && new Date(cred.expiresAt) < new Date())
|
|
76
|
+
return null;
|
|
77
|
+
if (rule.readOnly && !cred.scope.toLowerCase().includes('read'))
|
|
78
|
+
return null;
|
|
79
|
+
const resolved = {
|
|
80
|
+
credentialId: cred.id,
|
|
81
|
+
kind: cred.kind,
|
|
82
|
+
ref: cred.ref,
|
|
83
|
+
resolvedFor: cred.kind === 'user-delegated' ? ctx.userId : 'service',
|
|
84
|
+
expiresAt: cred.expiresAt,
|
|
85
|
+
isCanary,
|
|
86
|
+
};
|
|
87
|
+
if (this.config.logger) {
|
|
88
|
+
this.config.logger.log(this.buildAuditEntry(ctx, resolved, rule, isCanary)).catch(console.error);
|
|
89
|
+
}
|
|
90
|
+
return resolved;
|
|
91
|
+
}
|
|
92
|
+
// ─── Async resolve (all stores; supports approval + budget + attestation) ─
|
|
93
|
+
async resolveAsync(ctx) {
|
|
94
|
+
const { store, rules, approvalManager, budgetEnforcer, attestationSigner } = this.config;
|
|
95
|
+
const matching = rules
|
|
96
|
+
.filter((r) => this.ruleMatches(r, ctx))
|
|
97
|
+
.sort((a, b) => b.priority - a.priority);
|
|
98
|
+
const rule = matching[0];
|
|
99
|
+
if (!rule)
|
|
100
|
+
return null;
|
|
101
|
+
// Approval gate
|
|
102
|
+
if (rule.approval && approvalManager) {
|
|
103
|
+
const status = await approvalManager.request(ctx, rule.approval, rule.credentialRef, rule.id);
|
|
104
|
+
if (status !== 'approved' && status !== 'break_glass')
|
|
105
|
+
return null;
|
|
106
|
+
}
|
|
107
|
+
const ref = this.selectRef(rule);
|
|
108
|
+
const isCanary = ref === rule.canaryRef;
|
|
109
|
+
const cred = await store.findByRef(ref);
|
|
110
|
+
if (!cred)
|
|
111
|
+
return null;
|
|
112
|
+
if (cred.expiresAt && new Date(cred.expiresAt) < new Date())
|
|
113
|
+
return null;
|
|
114
|
+
if (rule.readOnly && !cred.scope.toLowerCase().includes('read'))
|
|
115
|
+
return null;
|
|
116
|
+
// Budget check
|
|
117
|
+
if (budgetEnforcer) {
|
|
118
|
+
const budget = await budgetEnforcer.check(cred);
|
|
119
|
+
if (!budget.allowed)
|
|
120
|
+
return null;
|
|
121
|
+
}
|
|
122
|
+
const resolved = {
|
|
123
|
+
credentialId: cred.id,
|
|
124
|
+
kind: cred.kind,
|
|
125
|
+
ref: cred.ref,
|
|
126
|
+
resolvedFor: cred.kind === 'user-delegated' ? ctx.userId : 'service',
|
|
127
|
+
expiresAt: cred.expiresAt,
|
|
128
|
+
isCanary,
|
|
129
|
+
};
|
|
130
|
+
// Attestation
|
|
131
|
+
if (attestationSigner) {
|
|
132
|
+
resolved.credentialAttestation = await (0, attestation_1.buildAttestation)(ctx, resolved, {
|
|
133
|
+
signer: attestationSigner,
|
|
134
|
+
ruleId: rule.id,
|
|
135
|
+
});
|
|
136
|
+
}
|
|
137
|
+
if (this.config.logger) {
|
|
138
|
+
await this.config.logger.log(this.buildAuditEntry(ctx, resolved, rule, isCanary));
|
|
139
|
+
}
|
|
140
|
+
return resolved;
|
|
141
|
+
}
|
|
142
|
+
// ─── Pair resolve for migration ───────────────────────────────────────────
|
|
143
|
+
resolvePair(ctx) {
|
|
144
|
+
const sourceCtx = { ...ctx, resourceId: ctx.sourceResourceId, action: 'read' };
|
|
145
|
+
const targetCtx = { ...ctx, resourceId: ctx.targetResourceId, action: ctx.dryRun ? 'read' : ctx.action };
|
|
146
|
+
const source = this.resolve(sourceCtx);
|
|
147
|
+
const target = this.resolve(targetCtx);
|
|
148
|
+
if (!source || !target)
|
|
149
|
+
return null;
|
|
150
|
+
return { source, target, migrationId: ctx.migrationId };
|
|
151
|
+
}
|
|
152
|
+
// ─── Canary selection ─────────────────────────────────────────────────────
|
|
153
|
+
selectRef(rule) {
|
|
154
|
+
if (rule.canaryRef && rule.canaryWeight && rule.canaryWeight > 0) {
|
|
155
|
+
const roll = Math.random() * 100;
|
|
156
|
+
if (roll < rule.canaryWeight)
|
|
157
|
+
return rule.canaryRef;
|
|
158
|
+
}
|
|
159
|
+
return rule.credentialRef;
|
|
160
|
+
}
|
|
161
|
+
// ─── Rule matching ────────────────────────────────────────────────────────
|
|
162
|
+
ruleMatches(rule, ctx) {
|
|
163
|
+
if (rule.matchResourceKind && rule.matchResourceKind !== ctx.resourceKind)
|
|
164
|
+
return false;
|
|
165
|
+
if (rule.matchProvider && rule.matchProvider !== ctx.provider)
|
|
166
|
+
return false;
|
|
167
|
+
if (rule.matchUserId && rule.matchUserId !== ctx.userId)
|
|
168
|
+
return false;
|
|
169
|
+
if (rule.matchSpiffeId && ctx.spiffeId !== rule.matchSpiffeId)
|
|
170
|
+
return false;
|
|
171
|
+
if (rule.matchAction) {
|
|
172
|
+
const actions = Array.isArray(rule.matchAction) ? rule.matchAction : [rule.matchAction];
|
|
173
|
+
if (!actions.includes(ctx.action))
|
|
174
|
+
return false;
|
|
175
|
+
}
|
|
176
|
+
if (rule.matchPhase) {
|
|
177
|
+
const migCtx = ctx;
|
|
178
|
+
if (!migCtx.phase)
|
|
179
|
+
return false;
|
|
180
|
+
const phases = Array.isArray(rule.matchPhase) ? rule.matchPhase : [rule.matchPhase];
|
|
181
|
+
if (!phases.includes(migCtx.phase))
|
|
182
|
+
return false;
|
|
183
|
+
}
|
|
184
|
+
return true;
|
|
185
|
+
}
|
|
186
|
+
// ─── Audit entry builder ─────────────────────────────────────────────────
|
|
187
|
+
buildAuditEntry(ctx, resolved, rule, isCanary) {
|
|
188
|
+
return {
|
|
189
|
+
timestamp: new Date().toISOString(),
|
|
190
|
+
traceId: ctx.traceId,
|
|
191
|
+
userId: ctx.userId,
|
|
192
|
+
action: ctx.action,
|
|
193
|
+
resourceId: ctx.resourceId,
|
|
194
|
+
resourceKind: ctx.resourceKind,
|
|
195
|
+
provider: ctx.provider,
|
|
196
|
+
model: ctx.model,
|
|
197
|
+
credentialId: resolved.credentialId,
|
|
198
|
+
credentialKind: resolved.kind,
|
|
199
|
+
resolvedFor: resolved.resolvedFor,
|
|
200
|
+
isCanary,
|
|
201
|
+
spiffeId: ctx.spiffeId,
|
|
202
|
+
};
|
|
203
|
+
}
|
|
204
|
+
}
|
|
205
|
+
exports.CredentialRouter = CredentialRouter;
|
|
206
|
+
// ─── Factory functions ────────────────────────────────────────────────────────
|
|
207
|
+
function createRouter(credentials, rules, logger) {
|
|
208
|
+
return new CredentialRouter({ store: new MemoryCredentialStore(credentials), rules, logger });
|
|
209
|
+
}
|
|
210
|
+
function createRouterFromStore(store, rules, logger) {
|
|
211
|
+
return new CredentialRouter({ store, rules, logger });
|
|
212
|
+
}
|
|
213
|
+
function createRouterWithConfig(config) {
|
|
214
|
+
return new CredentialRouter(config);
|
|
215
|
+
}
|
|
216
|
+
//# sourceMappingURL=router.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"router.js","sourceRoot":"","sources":["../../src/router.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAsPH,oCAMC;AAED,sDAMC;AAED,wDAEC;AA1PD,+CAAiD;AAQjD,SAAS,aAAa,CAAC,KAAsB;IAC3C,OAAO,OAAQ,KAA0B,CAAC,aAAa,KAAK,UAAU,CAAC;AACzE,CAAC;AAcD,MAAa,qBAAqB;IAIhC,YAAY,WAAyB;QAFpB,iBAAY,GAAG,IAAI,GAAG,EAAsD,CAAC;QAG5F,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC;IAC3B,CAAC;IAED,aAAa,CAAC,GAAW;QACvB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,IAAI,IAAI,CAAC;IAChF,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,GAAW;QACzB,OAAO,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,UAAU;QACd,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,IAAwB;QACvC,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;IACnD,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAW,EAAE,WAAmB,EAAE,UAAkB;QAChE,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,QAAQ,IAAI,QAAQ,CAAC,WAAW,KAAK,WAAW,IAAI,QAAQ,CAAC,SAAS,GAAG,GAAG;YAAE,OAAO,KAAK,CAAC;QAC/F,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,WAAW,EAAE,SAAS,EAAE,GAAG,GAAG,UAAU,GAAG,IAAI,EAAE,CAAC,CAAC;QAChF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAW,EAAE,WAAmB;QAC5C,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5C,IAAI,QAAQ,EAAE,WAAW,KAAK,WAAW;YAAE,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC3E,CAAC;CACF;AApCD,sDAoCC;AAED,MAAa,gBAAgB;IAC3B,YAA6B,MAAoB;QAApB,WAAM,GAAN,MAAM,CAAc;IAAG,CAAC;IAErD,6EAA6E;IAE7E,OAAO,CAAC,GAAwB;QAC9B,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC;QACrC,MAAM,QAAQ,GAAG,KAAK;aACnB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;aACvC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC;QAE3C,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QACzB,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAC;QAEvB,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1B,OAAO,CAAC,IAAI,CAAC,6FAA6F,CAAC,CAAC;YAC5G,OAAO,IAAI,CAAC;QACd,CAAC;QAED,mBAAmB;QACnB,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QACjC,MAAM,QAAQ,GAAG,GAAG,KAAK,IAAI,CAAC,SAAS,CAAC;QAExC,MAAM,IAAI,GAAG,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;QACtC,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAC;QACvB,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,IAAI,IAAI,EAAE;YAAE,OAAO,IAAI,CAAC;QACzE,IAAI,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC;YAAE,OAAO,IAAI,CAAC;QAE7E,MAAM,QAAQ,GAAuB;YACnC,YAAY,EAAE,IAAI,CAAC,EAAE;YACrB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,WAAW,EAAE,IAAI,CAAC,IAAI,KAAK,gBAAgB,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;YACpE,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,QAAQ;SACT,CAAC;QAEF,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACvB,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACnG,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,6EAA6E;IAE7E,KAAK,CAAC,YAAY,CAAC,GAAwB;QACzC,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,iBAAiB,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC;QACzF,MAAM,QAAQ,GAAG,KAAK;aACnB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;aACvC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC;QAE3C,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QACzB,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAC;QAEvB,gBAAgB;QAChB,IAAI,IAAI,CAAC,QAAQ,IAAI,eAAe,EAAE,CAAC;YACrC,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;YAC9F,IAAI,MAAM,KAAK,UAAU,IAAI,MAAM,KAAK,aAAa;gBAAE,OAAO,IAAI,CAAC;QACrE,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QACjC,MAAM,QAAQ,GAAG,GAAG,KAAK,IAAI,CAAC,SAAS,CAAC;QAExC,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACxC,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAC;QACvB,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,IAAI,IAAI,EAAE;YAAE,OAAO,IAAI,CAAC;QACzE,IAAI,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC;YAAE,OAAO,IAAI,CAAC;QAE7E,eAAe;QACf,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAChD,IAAI,CAAC,MAAM,CAAC,OAAO;gBAAE,OAAO,IAAI,CAAC;QACnC,CAAC;QAED,MAAM,QAAQ,GAAuB;YACnC,YAAY,EAAE,IAAI,CAAC,EAAE;YACrB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,WAAW,EAAE,IAAI,CAAC,IAAI,KAAK,gBAAgB,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;YACpE,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,QAAQ;SACT,CAAC;QAEF,cAAc;QACd,IAAI,iBAAiB,EAAE,CAAC;YACtB,QAAQ,CAAC,qBAAqB,GAAG,MAAM,IAAA,8BAAgB,EAAC,GAAG,EAAE,QAAQ,EAAE;gBACrE,MAAM,EAAE,iBAAiB;gBACzB,MAAM,EAAE,IAAI,CAAC,EAAE;aAChB,CAAC,CAAC;QACL,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACvB,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC;QACpF,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,6EAA6E;IAE7E,WAAW,CAAC,GAAqB;QAC/B,MAAM,SAAS,GAAwB,EAAE,GAAG,GAAG,EAAE,UAAU,EAAE,GAAG,CAAC,gBAAgB,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;QACpG,MAAM,SAAS,GAAwB,EAAE,GAAG,GAAG,EAAE,UAAU,EAAE,GAAG,CAAC,gBAAgB,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC;QAE9H,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QACvC,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QACvC,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QAEpC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,CAAC,WAAW,EAAE,CAAC;IAC1D,CAAC;IAED,6EAA6E;IAErE,SAAS,CAAC,IAAiB;QACjC,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,YAAY,GAAG,CAAC,EAAE,CAAC;YACjE,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC;YACjC,IAAI,IAAI,GAAG,IAAI,CAAC,YAAY;gBAAE,OAAO,IAAI,CAAC,SAAS,CAAC;QACtD,CAAC;QACD,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IAED,6EAA6E;IAErE,WAAW,CAAC,IAAiB,EAAE,GAAwB;QAC7D,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,iBAAiB,KAAK,GAAG,CAAC,YAAY;YAAE,OAAO,KAAK,CAAC;QACxF,IAAI,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,aAAa,KAAK,GAAG,CAAC,QAAQ;YAAE,OAAO,KAAK,CAAC;QAC5E,IAAI,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW,KAAK,GAAG,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QACtE,IAAI,IAAI,CAAC,aAAa,IAAI,GAAG,CAAC,QAAQ,KAAK,IAAI,CAAC,aAAa;YAAE,OAAO,KAAK,CAAC;QAC5E,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACxF,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC;gBAAE,OAAO,KAAK,CAAC;QAClD,CAAC;QACD,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,MAAM,MAAM,GAAG,GAAuB,CAAC;YACvC,IAAI,CAAC,MAAM,CAAC,KAAK;gBAAE,OAAO,KAAK,CAAC;YAChC,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACpF,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC;QACnD,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,4EAA4E;IAEpE,eAAe,CACrB,GAAwB,EACxB,QAA4B,EAC5B,IAAiB,EACjB,QAAiB;QAEjB,OAAO;YACL,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,YAAY,EAAE,GAAG,CAAC,YAAY;YAC9B,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,YAAY,EAAE,QAAQ,CAAC,YAAY;YACnC,cAAc,EAAE,QAAQ,CAAC,IAAI;YAC7B,WAAW,EAAE,QAAQ,CAAC,WAAW;YACjC,QAAQ;YACR,QAAQ,EAAE,GAAG,CAAC,QAAQ;SACvB,CAAC;IACJ,CAAC;CACF;AAtKD,4CAsKC;AAED,iFAAiF;AAEjF,SAAgB,YAAY,CAC1B,WAAyB,EACzB,KAAoB,EACpB,MAAoB;IAEpB,OAAO,IAAI,gBAAgB,CAAC,EAAE,KAAK,EAAE,IAAI,qBAAqB,CAAC,WAAW,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;AAChG,CAAC;AAED,SAAgB,qBAAqB,CACnC,KAAsB,EACtB,KAAoB,EACpB,MAAoB;IAEpB,OAAO,IAAI,gBAAgB,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;AACxD,CAAC;AAED,SAAgB,sBAAsB,CAAC,MAAoB;IACzD,OAAO,IAAI,gBAAgB,CAAC,MAAM,CAAC,CAAC;AACtC,CAAC"}
|
|
@@ -0,0 +1,127 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.MigrationContextSchema = exports.AgentRequestContextSchema = exports.RoutingRuleSchema = exports.CredentialSchema = exports.ApprovalPolicySchema = exports.ApproverSchema = exports.BudgetPolicySchema = exports.RotationPolicySchema = exports.ApproverKindSchema = exports.MigrationPhaseSchema = exports.CredentialStatusSchema = exports.CredentialKindSchema = exports.ResourceKindSchema = exports.SupportedProviderSchema = void 0;
|
|
4
|
+
/**
|
|
5
|
+
* @datacules/agent-identity/schemas
|
|
6
|
+
*
|
|
7
|
+
* Zod schemas mirroring every public type. Three uses simultaneously:
|
|
8
|
+
* 1. Runtime validation in route handlers (replaces manual field loops)
|
|
9
|
+
* 2. TypeScript type inference via z.infer<>
|
|
10
|
+
* 3. JSON Schema / OpenAPI generation via zod-to-json-schema
|
|
11
|
+
*
|
|
12
|
+
* Since zod is already in dependencies, this costs nothing to ship.
|
|
13
|
+
*/
|
|
14
|
+
const zod_1 = require("zod");
|
|
15
|
+
// ─── Primitives ───────────────────────────────────────────────────────────────
|
|
16
|
+
exports.SupportedProviderSchema = zod_1.z.enum([
|
|
17
|
+
'openai',
|
|
18
|
+
'anthropic',
|
|
19
|
+
'gemini',
|
|
20
|
+
'mistral',
|
|
21
|
+
'local',
|
|
22
|
+
]);
|
|
23
|
+
exports.ResourceKindSchema = zod_1.z.enum(['shared', 'personal']);
|
|
24
|
+
exports.CredentialKindSchema = zod_1.z.enum(['fixed', 'user-delegated']);
|
|
25
|
+
exports.CredentialStatusSchema = zod_1.z.enum(['active', 'pending', 'revoked']);
|
|
26
|
+
exports.MigrationPhaseSchema = zod_1.z.enum([
|
|
27
|
+
'dry-run',
|
|
28
|
+
'extract',
|
|
29
|
+
'transform',
|
|
30
|
+
'load',
|
|
31
|
+
'verify',
|
|
32
|
+
'rollback',
|
|
33
|
+
]);
|
|
34
|
+
exports.ApproverKindSchema = zod_1.z.enum(['webhook', 'email', 'slack']);
|
|
35
|
+
// ─── Rotation Policy ─────────────────────────────────────────────────────────
|
|
36
|
+
exports.RotationPolicySchema = zod_1.z.object({
|
|
37
|
+
rotateAfterDays: zod_1.z.number().int().positive().optional(),
|
|
38
|
+
rotateAfterUses: zod_1.z.number().int().positive().optional(),
|
|
39
|
+
gracePeriodSeconds: zod_1.z.number().int().nonnegative().optional(),
|
|
40
|
+
notifyBeforeDays: zod_1.z.number().int().positive().optional(),
|
|
41
|
+
provisioner: zod_1.z.string().optional(),
|
|
42
|
+
});
|
|
43
|
+
// ─── Budget Policy ────────────────────────────────────────────────────────────
|
|
44
|
+
exports.BudgetPolicySchema = zod_1.z.object({
|
|
45
|
+
maxResolutionsPerHour: zod_1.z.number().int().positive().optional(),
|
|
46
|
+
maxConcurrentSessions: zod_1.z.number().int().positive().optional(),
|
|
47
|
+
maxDailySpendUsd: zod_1.z.number().positive().optional(),
|
|
48
|
+
softThresholdPercent: zod_1.z.number().min(0).max(100).optional(),
|
|
49
|
+
resetSchedule: zod_1.z.string().optional(),
|
|
50
|
+
});
|
|
51
|
+
// ─── Approval Policy ─────────────────────────────────────────────────────────
|
|
52
|
+
exports.ApproverSchema = zod_1.z.object({
|
|
53
|
+
kind: exports.ApproverKindSchema,
|
|
54
|
+
target: zod_1.z.string().min(1),
|
|
55
|
+
});
|
|
56
|
+
exports.ApprovalPolicySchema = zod_1.z.object({
|
|
57
|
+
requiredApprovers: zod_1.z.number().int().positive(),
|
|
58
|
+
approvers: zod_1.z.array(exports.ApproverSchema),
|
|
59
|
+
timeoutSeconds: zod_1.z.number().int().positive().optional(),
|
|
60
|
+
breakGlass: zod_1.z
|
|
61
|
+
.object({
|
|
62
|
+
approver: zod_1.z.string().min(1),
|
|
63
|
+
requireJustification: zod_1.z.boolean().optional(),
|
|
64
|
+
})
|
|
65
|
+
.optional(),
|
|
66
|
+
});
|
|
67
|
+
// ─── Credential ─────────────────────────────────────────────────────────────
|
|
68
|
+
exports.CredentialSchema = zod_1.z.object({
|
|
69
|
+
id: zod_1.z.string().min(1),
|
|
70
|
+
kind: exports.CredentialKindSchema,
|
|
71
|
+
name: zod_1.z.string().min(1),
|
|
72
|
+
scope: zod_1.z.string(),
|
|
73
|
+
status: exports.CredentialStatusSchema,
|
|
74
|
+
provider: zod_1.z.string().optional(),
|
|
75
|
+
ref: zod_1.z.string().min(1),
|
|
76
|
+
expiresAt: zod_1.z.string().datetime().optional(),
|
|
77
|
+
lastRotated: zod_1.z.string().datetime().optional(),
|
|
78
|
+
refreshTokenRef: zod_1.z.string().optional(),
|
|
79
|
+
rotationIntervalDays: zod_1.z.number().int().nonnegative().optional(),
|
|
80
|
+
rotation: exports.RotationPolicySchema.optional(),
|
|
81
|
+
budget: exports.BudgetPolicySchema.optional(),
|
|
82
|
+
tags: zod_1.z.array(zod_1.z.string()).optional(),
|
|
83
|
+
});
|
|
84
|
+
// ─── Routing Rule ──────────────────────────────────────────────────────────
|
|
85
|
+
exports.RoutingRuleSchema = zod_1.z.object({
|
|
86
|
+
id: zod_1.z.string().min(1),
|
|
87
|
+
description: zod_1.z.string(),
|
|
88
|
+
credentialRef: zod_1.z.string().min(1),
|
|
89
|
+
credentialKind: exports.CredentialKindSchema,
|
|
90
|
+
priority: zod_1.z.number().int(),
|
|
91
|
+
matchResourceKind: exports.ResourceKindSchema.optional(),
|
|
92
|
+
matchAction: zod_1.z.union([zod_1.z.string(), zod_1.z.array(zod_1.z.string())]).optional(),
|
|
93
|
+
matchProvider: exports.SupportedProviderSchema.optional(),
|
|
94
|
+
matchUserId: zod_1.z.string().optional(),
|
|
95
|
+
matchPhase: zod_1.z
|
|
96
|
+
.union([exports.MigrationPhaseSchema, zod_1.z.array(exports.MigrationPhaseSchema)])
|
|
97
|
+
.optional(),
|
|
98
|
+
matchSpiffeId: zod_1.z.string().optional(),
|
|
99
|
+
readOnly: zod_1.z.boolean().optional(),
|
|
100
|
+
canaryRef: zod_1.z.string().optional(),
|
|
101
|
+
canaryWeight: zod_1.z.number().int().min(0).max(100).optional(),
|
|
102
|
+
approval: exports.ApprovalPolicySchema.optional(),
|
|
103
|
+
});
|
|
104
|
+
// ─── Agent Request Context ───────────────────────────────────────────────
|
|
105
|
+
exports.AgentRequestContextSchema = zod_1.z.object({
|
|
106
|
+
userId: zod_1.z.string().min(1),
|
|
107
|
+
resourceId: zod_1.z.string().min(1),
|
|
108
|
+
resourceKind: exports.ResourceKindSchema,
|
|
109
|
+
provider: exports.SupportedProviderSchema,
|
|
110
|
+
model: zod_1.z.string().min(1),
|
|
111
|
+
action: zod_1.z.string().min(1),
|
|
112
|
+
traceId: zod_1.z.string().min(1),
|
|
113
|
+
sessionId: zod_1.z.string().optional(),
|
|
114
|
+
requestedAt: zod_1.z.string().datetime(),
|
|
115
|
+
parentTraceId: zod_1.z.string().optional(),
|
|
116
|
+
spiffeId: zod_1.z.string().optional(),
|
|
117
|
+
});
|
|
118
|
+
exports.MigrationContextSchema = exports.AgentRequestContextSchema.extend({
|
|
119
|
+
migrationId: zod_1.z.string().min(1),
|
|
120
|
+
phase: exports.MigrationPhaseSchema,
|
|
121
|
+
sourceResourceId: zod_1.z.string().min(1),
|
|
122
|
+
targetResourceId: zod_1.z.string().min(1),
|
|
123
|
+
dryRun: zod_1.z.boolean(),
|
|
124
|
+
batchIndex: zod_1.z.number().int().nonnegative().optional(),
|
|
125
|
+
totalBatches: zod_1.z.number().int().positive().optional(),
|
|
126
|
+
});
|
|
127
|
+
//# sourceMappingURL=schemas.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"schemas.js","sourceRoot":"","sources":["../../src/schemas.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;GASG;AACH,6BAAwB;AAExB,iFAAiF;AAEpE,QAAA,uBAAuB,GAAG,OAAC,CAAC,IAAI,CAAC;IAC5C,QAAQ;IACR,WAAW;IACX,QAAQ;IACR,SAAS;IACT,OAAO;CACR,CAAC,CAAC;AAEU,QAAA,kBAAkB,GAAG,OAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC;AAEpD,QAAA,oBAAoB,GAAG,OAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC,CAAC;AAE3D,QAAA,sBAAsB,GAAG,OAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC;AAElE,QAAA,oBAAoB,GAAG,OAAC,CAAC,IAAI,CAAC;IACzC,SAAS;IACT,SAAS;IACT,WAAW;IACX,MAAM;IACN,QAAQ;IACR,UAAU;CACX,CAAC,CAAC;AAEU,QAAA,kBAAkB,GAAG,OAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;AAExE,gFAAgF;AAEnE,QAAA,oBAAoB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3C,eAAe,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IACvD,eAAe,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IACvD,kBAAkB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE;IAC7D,gBAAgB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IACxD,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACnC,CAAC,CAAC;AAEH,iFAAiF;AAEpE,QAAA,kBAAkB,GAAG,OAAC,CAAC,MAAM,CAAC;IACzC,qBAAqB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC7D,qBAAqB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC7D,gBAAgB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAClD,oBAAoB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;IAC3D,aAAa,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACrC,CAAC,CAAC;AAEH,gFAAgF;AAEnE,QAAA,cAAc,GAAG,OAAC,CAAC,MAAM,CAAC;IACrC,IAAI,EAAE,0BAAkB;IACxB,MAAM,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;CAC1B,CAAC,CAAC;AAEU,QAAA,oBAAoB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3C,iBAAiB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAC9C,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,sBAAc,CAAC;IAClC,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IACtD,UAAU,EAAE,OAAC;SACV,MAAM,CAAC;QACN,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3B,oBAAoB,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;KAC7C,CAAC;SACD,QAAQ,EAAE;CACd,CAAC,CAAC;AAEH,+EAA+E;AAElE,QAAA,gBAAgB,GAAG,OAAC,CAAC,MAAM,CAAC;IACvC,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACrB,IAAI,EAAE,4BAAoB;IAC1B,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE;IACjB,MAAM,EAAE,8BAAsB;IAC9B,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC/B,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACtB,SAAS,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC3C,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC7C,eAAe,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtC,oBAAoB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE;IAC/D,QAAQ,EAAE,4BAAoB,CAAC,QAAQ,EAAE;IACzC,MAAM,EAAE,0BAAkB,CAAC,QAAQ,EAAE;IACrC,IAAI,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CACrC,CAAC,CAAC;AAEH,8EAA8E;AAEjE,QAAA,iBAAiB,GAAG,OAAC,CAAC,MAAM,CAAC;IACxC,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACrB,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE;IACvB,aAAa,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAChC,cAAc,EAAE,4BAAoB;IACpC,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IAC1B,iBAAiB,EAAE,0BAAkB,CAAC,QAAQ,EAAE;IAChD,WAAW,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAClE,aAAa,EAAE,+BAAuB,CAAC,QAAQ,EAAE;IACjD,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,UAAU,EAAE,OAAC;SACV,KAAK,CAAC,CAAC,4BAAoB,EAAE,OAAC,CAAC,KAAK,CAAC,4BAAoB,CAAC,CAAC,CAAC;SAC5D,QAAQ,EAAE;IACb,aAAa,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACpC,QAAQ,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAChC,SAAS,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAChC,YAAY,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;IACzD,QAAQ,EAAE,4BAAoB,CAAC,QAAQ,EAAE;CAC1C,CAAC,CAAC;AAEH,4EAA4E;AAE/D,QAAA,yBAAyB,GAAG,OAAC,CAAC,MAAM,CAAC;IAChD,MAAM,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACzB,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC7B,YAAY,EAAE,0BAAkB;IAChC,QAAQ,EAAE,+BAAuB;IACjC,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACxB,MAAM,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACzB,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1B,SAAS,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAChC,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,aAAa,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACpC,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAChC,CAAC,CAAC;AAEU,QAAA,sBAAsB,GAAG,iCAAyB,CAAC,MAAM,CAAC;IACrE,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC9B,KAAK,EAAE,4BAAoB;IAC3B,gBAAgB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACnC,gBAAgB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACnC,MAAM,EAAE,OAAC,CAAC,OAAO,EAAE;IACnB,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE;IACrD,YAAY,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;CACrD,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":";AAAA,iFAAiF"}
|