@decaf-ts/for-fabric 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE.md +22 -0
- package/README.md +647 -0
- package/dist/for-fabric.cjs +6223 -0
- package/dist/for-fabric.esm.cjs +6180 -0
- package/lib/client/FabricClientAdapter.cjs +760 -0
- package/lib/client/FabricClientAdapter.d.ts +381 -0
- package/lib/client/FabricClientDispatch.cjs +186 -0
- package/lib/client/FabricClientDispatch.d.ts +125 -0
- package/lib/client/FabricClientRepository.cjs +131 -0
- package/lib/client/FabricClientRepository.d.ts +100 -0
- package/lib/client/erc20/erc20ClientRepository.cjs +343 -0
- package/lib/client/erc20/erc20ClientRepository.d.ts +254 -0
- package/lib/client/fabric-fs.cjs +234 -0
- package/lib/client/fabric-fs.d.ts +92 -0
- package/lib/client/index.cjs +30 -0
- package/lib/client/index.d.ts +13 -0
- package/lib/client/logging.cjs +102 -0
- package/lib/client/logging.d.ts +60 -0
- package/lib/client/services/LoggedService.cjs +47 -0
- package/lib/client/services/LoggedService.d.ts +42 -0
- package/lib/client/services/constants.cjs +3 -0
- package/lib/client/services/constants.d.ts +15 -0
- package/lib/client/services/enrollementService.cjs +344 -0
- package/lib/client/services/enrollementService.d.ts +176 -0
- package/lib/client/services/index.cjs +18 -0
- package/lib/client/services/index.d.ts +1 -0
- package/lib/contracts/ContractAdapter.cjs +730 -0
- package/lib/contracts/ContractAdapter.d.ts +296 -0
- package/lib/contracts/ContractContext.cjs +85 -0
- package/lib/contracts/ContractContext.d.ts +64 -0
- package/lib/contracts/ContractPrivateDataAdapter.cjs +281 -0
- package/lib/contracts/ContractPrivateDataAdapter.d.ts +74 -0
- package/lib/contracts/FabricConstruction.cjs +441 -0
- package/lib/contracts/FabricConstruction.d.ts +304 -0
- package/lib/contracts/FabricContractRepository.cjs +306 -0
- package/lib/contracts/FabricContractRepository.d.ts +162 -0
- package/lib/contracts/FabricContractRepositoryObservableHandler.cjs +85 -0
- package/lib/contracts/FabricContractRepositoryObservableHandler.d.ts +62 -0
- package/lib/contracts/FabricContractSequence.cjs +139 -0
- package/lib/contracts/FabricContractSequence.d.ts +61 -0
- package/lib/contracts/FabricContractStatement.cjs +119 -0
- package/lib/contracts/FabricContractStatement.d.ts +34 -0
- package/lib/contracts/PrivateSequence.cjs +36 -0
- package/lib/contracts/PrivateSequence.d.ts +15 -0
- package/lib/contracts/crud/crud-contract.cjs +257 -0
- package/lib/contracts/crud/crud-contract.d.ts +168 -0
- package/lib/contracts/crud/index.cjs +19 -0
- package/lib/contracts/crud/index.d.ts +2 -0
- package/lib/contracts/crud/serialized-crud-contract.cjs +172 -0
- package/lib/contracts/crud/serialized-crud-contract.d.ts +37 -0
- package/lib/contracts/erc20/erc20contract.cjs +569 -0
- package/lib/contracts/erc20/erc20contract.d.ts +151 -0
- package/lib/contracts/erc20/index.cjs +21 -0
- package/lib/contracts/erc20/index.d.ts +2 -0
- package/lib/contracts/erc20/models.cjs +209 -0
- package/lib/contracts/erc20/models.d.ts +114 -0
- package/lib/contracts/index.cjs +32 -0
- package/lib/contracts/index.d.ts +15 -0
- package/lib/contracts/logging.cjs +96 -0
- package/lib/contracts/logging.d.ts +49 -0
- package/lib/contracts/private-data.cjs +121 -0
- package/lib/contracts/private-data.d.ts +16 -0
- package/lib/contracts/types.cjs +3 -0
- package/lib/contracts/types.d.ts +26 -0
- package/lib/esm/client/FabricClientAdapter.d.ts +381 -0
- package/lib/esm/client/FabricClientAdapter.js +723 -0
- package/lib/esm/client/FabricClientDispatch.d.ts +125 -0
- package/lib/esm/client/FabricClientDispatch.js +182 -0
- package/lib/esm/client/FabricClientRepository.d.ts +100 -0
- package/lib/esm/client/FabricClientRepository.js +127 -0
- package/lib/esm/client/erc20/erc20ClientRepository.d.ts +254 -0
- package/lib/esm/client/erc20/erc20ClientRepository.js +339 -0
- package/lib/esm/client/fabric-fs.d.ts +92 -0
- package/lib/esm/client/fabric-fs.js +191 -0
- package/lib/esm/client/index.d.ts +13 -0
- package/lib/esm/client/index.js +14 -0
- package/lib/esm/client/logging.d.ts +60 -0
- package/lib/esm/client/logging.js +98 -0
- package/lib/esm/client/services/LoggedService.d.ts +42 -0
- package/lib/esm/client/services/LoggedService.js +43 -0
- package/lib/esm/client/services/constants.d.ts +15 -0
- package/lib/esm/client/services/constants.js +2 -0
- package/lib/esm/client/services/enrollementService.d.ts +176 -0
- package/lib/esm/client/services/enrollementService.js +337 -0
- package/lib/esm/client/services/index.d.ts +1 -0
- package/lib/esm/client/services/index.js +2 -0
- package/lib/esm/contracts/ContractAdapter.d.ts +296 -0
- package/lib/esm/contracts/ContractAdapter.js +724 -0
- package/lib/esm/contracts/ContractContext.d.ts +64 -0
- package/lib/esm/contracts/ContractContext.js +81 -0
- package/lib/esm/contracts/ContractPrivateDataAdapter.d.ts +74 -0
- package/lib/esm/contracts/ContractPrivateDataAdapter.js +277 -0
- package/lib/esm/contracts/FabricConstruction.d.ts +304 -0
- package/lib/esm/contracts/FabricConstruction.js +433 -0
- package/lib/esm/contracts/FabricContractRepository.d.ts +162 -0
- package/lib/esm/contracts/FabricContractRepository.js +302 -0
- package/lib/esm/contracts/FabricContractRepositoryObservableHandler.d.ts +62 -0
- package/lib/esm/contracts/FabricContractRepositoryObservableHandler.js +81 -0
- package/lib/esm/contracts/FabricContractSequence.d.ts +61 -0
- package/lib/esm/contracts/FabricContractSequence.js +135 -0
- package/lib/esm/contracts/FabricContractStatement.d.ts +34 -0
- package/lib/esm/contracts/FabricContractStatement.js +115 -0
- package/lib/esm/contracts/PrivateSequence.d.ts +15 -0
- package/lib/esm/contracts/PrivateSequence.js +33 -0
- package/lib/esm/contracts/crud/crud-contract.d.ts +168 -0
- package/lib/esm/contracts/crud/crud-contract.js +253 -0
- package/lib/esm/contracts/crud/index.d.ts +2 -0
- package/lib/esm/contracts/crud/index.js +3 -0
- package/lib/esm/contracts/crud/serialized-crud-contract.d.ts +37 -0
- package/lib/esm/contracts/crud/serialized-crud-contract.js +168 -0
- package/lib/esm/contracts/erc20/erc20contract.d.ts +151 -0
- package/lib/esm/contracts/erc20/erc20contract.js +565 -0
- package/lib/esm/contracts/erc20/index.d.ts +2 -0
- package/lib/esm/contracts/erc20/index.js +4 -0
- package/lib/esm/contracts/erc20/models.d.ts +114 -0
- package/lib/esm/contracts/erc20/models.js +206 -0
- package/lib/esm/contracts/index.d.ts +15 -0
- package/lib/esm/contracts/index.js +16 -0
- package/lib/esm/contracts/logging.d.ts +49 -0
- package/lib/esm/contracts/logging.js +92 -0
- package/lib/esm/contracts/private-data.d.ts +16 -0
- package/lib/esm/contracts/private-data.js +113 -0
- package/lib/esm/contracts/types.d.ts +26 -0
- package/lib/esm/contracts/types.js +2 -0
- package/lib/esm/index.d.ts +8 -0
- package/lib/esm/index.js +9 -0
- package/lib/esm/shared/ClientSerializer.d.ts +52 -0
- package/lib/esm/shared/ClientSerializer.js +80 -0
- package/lib/esm/shared/DeterministicSerializer.d.ts +40 -0
- package/lib/esm/shared/DeterministicSerializer.js +50 -0
- package/lib/esm/shared/SimpleDeterministicSerializer.d.ts +7 -0
- package/lib/esm/shared/SimpleDeterministicSerializer.js +42 -0
- package/lib/esm/shared/constants.d.ts +39 -0
- package/lib/esm/shared/constants.js +42 -0
- package/lib/esm/shared/crypto.d.ts +107 -0
- package/lib/esm/shared/crypto.js +331 -0
- package/lib/esm/shared/decorators.d.ts +24 -0
- package/lib/esm/shared/decorators.js +98 -0
- package/lib/esm/shared/erc20/erc20-constants.d.ts +25 -0
- package/lib/esm/shared/erc20/erc20-constants.js +27 -0
- package/lib/esm/shared/errors.d.ts +116 -0
- package/lib/esm/shared/errors.js +132 -0
- package/lib/esm/shared/events.d.ts +39 -0
- package/lib/esm/shared/events.js +47 -0
- package/lib/esm/shared/fabric-types.d.ts +33 -0
- package/lib/esm/shared/fabric-types.js +2 -0
- package/lib/esm/shared/index.d.ts +13 -0
- package/lib/esm/shared/index.js +14 -0
- package/lib/esm/shared/interfaces/Checkable.d.ts +21 -0
- package/lib/esm/shared/interfaces/Checkable.js +2 -0
- package/lib/esm/shared/math.d.ts +34 -0
- package/lib/esm/shared/math.js +61 -0
- package/lib/esm/shared/model/Identity.d.ts +42 -0
- package/lib/esm/shared/model/Identity.js +78 -0
- package/lib/esm/shared/model/IdentityCredentials.d.ts +41 -0
- package/lib/esm/shared/model/IdentityCredentials.js +74 -0
- package/lib/esm/shared/model/index.d.ts +1 -0
- package/lib/esm/shared/model/index.js +2 -0
- package/lib/esm/shared/model/utils.d.ts +60 -0
- package/lib/esm/shared/model/utils.js +108 -0
- package/lib/esm/shared/types.d.ts +79 -0
- package/lib/esm/shared/types.js +2 -0
- package/lib/esm/shared/utils.d.ts +55 -0
- package/lib/esm/shared/utils.js +148 -0
- package/lib/index.cjs +25 -0
- package/lib/index.d.ts +8 -0
- package/lib/shared/ClientSerializer.cjs +84 -0
- package/lib/shared/ClientSerializer.d.ts +52 -0
- package/lib/shared/DeterministicSerializer.cjs +54 -0
- package/lib/shared/DeterministicSerializer.d.ts +40 -0
- package/lib/shared/SimpleDeterministicSerializer.cjs +46 -0
- package/lib/shared/SimpleDeterministicSerializer.d.ts +7 -0
- package/lib/shared/constants.cjs +45 -0
- package/lib/shared/constants.d.ts +39 -0
- package/lib/shared/crypto.cjs +369 -0
- package/lib/shared/crypto.d.ts +107 -0
- package/lib/shared/decorators.cjs +105 -0
- package/lib/shared/decorators.d.ts +24 -0
- package/lib/shared/erc20/erc20-constants.cjs +30 -0
- package/lib/shared/erc20/erc20-constants.d.ts +25 -0
- package/lib/shared/errors.cjs +142 -0
- package/lib/shared/errors.d.ts +116 -0
- package/lib/shared/events.cjs +51 -0
- package/lib/shared/events.d.ts +39 -0
- package/lib/shared/fabric-types.cjs +4 -0
- package/lib/shared/fabric-types.d.ts +33 -0
- package/lib/shared/index.cjs +30 -0
- package/lib/shared/index.d.ts +13 -0
- package/lib/shared/interfaces/Checkable.cjs +3 -0
- package/lib/shared/interfaces/Checkable.d.ts +21 -0
- package/lib/shared/math.cjs +66 -0
- package/lib/shared/math.d.ts +34 -0
- package/lib/shared/model/Identity.cjs +81 -0
- package/lib/shared/model/Identity.d.ts +42 -0
- package/lib/shared/model/IdentityCredentials.cjs +77 -0
- package/lib/shared/model/IdentityCredentials.d.ts +41 -0
- package/lib/shared/model/index.cjs +18 -0
- package/lib/shared/model/index.d.ts +1 -0
- package/lib/shared/model/utils.cjs +114 -0
- package/lib/shared/model/utils.d.ts +60 -0
- package/lib/shared/types.cjs +3 -0
- package/lib/shared/types.d.ts +79 -0
- package/lib/shared/utils.cjs +185 -0
- package/lib/shared/utils.d.ts +55 -0
- package/package.json +166 -0
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
import { Logger } from "@decaf-ts/logging";
|
|
2
|
+
/**
|
|
3
|
+
* @description Base service with logging utilities.
|
|
4
|
+
* @summary Provides a lightweight abstract class that equips inheriting services with per-instance and static logger accessors using the decaf-ts logging facility. Intended to standardize logging across client-side services.
|
|
5
|
+
* @param {void} constructor - No constructor parameters; inheritors should call super().
|
|
6
|
+
* @class LoggedService
|
|
7
|
+
* @example
|
|
8
|
+
* // Extend LoggedService to gain logging helpers
|
|
9
|
+
* class UserService extends LoggedService {
|
|
10
|
+
* async doWork() {
|
|
11
|
+
* const log = this.log.for(this.doWork);
|
|
12
|
+
* log.info("Working...");
|
|
13
|
+
* }
|
|
14
|
+
* }
|
|
15
|
+
*
|
|
16
|
+
* // Static logger for class-level logging
|
|
17
|
+
* const sLog = (UserService as any).log;
|
|
18
|
+
* sLog.debug("Class level message");
|
|
19
|
+
*/
|
|
20
|
+
export declare abstract class LoggedService {
|
|
21
|
+
/**
|
|
22
|
+
* @description Cached static logger shared by all instances of this class
|
|
23
|
+
*/
|
|
24
|
+
private static _log?;
|
|
25
|
+
/**
|
|
26
|
+
* @description Lazily created logger scoped to the concrete service instance
|
|
27
|
+
*/
|
|
28
|
+
private _log?;
|
|
29
|
+
protected constructor();
|
|
30
|
+
/**
|
|
31
|
+
* @description Retrieves or creates the instance logger
|
|
32
|
+
* @summary Lazily initializes a logger using the class name of the concrete service and returns it for use in instance methods
|
|
33
|
+
* @return {Logger} The instance-specific logger
|
|
34
|
+
*/
|
|
35
|
+
protected get log(): Logger;
|
|
36
|
+
/**
|
|
37
|
+
* @description Retrieves or creates the static logger for the class
|
|
38
|
+
* @summary Provides a logger not bound to a specific instance, suitable for class-level diagnostics
|
|
39
|
+
* @return {Logger} The class-level logger
|
|
40
|
+
*/
|
|
41
|
+
protected static get log(): Logger;
|
|
42
|
+
}
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RhbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2NsaWVudC9zZXJ2aWNlcy9jb25zdGFudHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IiIsInNvdXJjZXNDb250ZW50IjpbIi8qKlxuICogQGRlc2NyaXB0aW9uIENlcnRpZmljYXRlIEF1dGhvcml0eSByb2xlIHR5cGVzIHVzZWQgZHVyaW5nIGVucm9sbG1lbnQgYW5kIHJlZ2lzdHJhdGlvbi5cbiAqIEBzdW1tYXJ5IEVudW1lcmF0ZXMgdGhlIHN0YW5kYXJkIEh5cGVybGVkZ2VyIEZhYnJpYyBDQSByb2xlcyB0aGF0IGNhbiBiZSBhc3NpZ25lZCB0byBpZGVudGl0aWVzIHdoZW4gcmVnaXN0ZXJpbmcgd2l0aCB0aGUgQ0Egc2VydmljZS5cbiAqIEBlbnVtIHtzdHJpbmd9XG4gKiBAcmVhZG9ubHlcbiAqIEBtZW1iZXJPZiBtb2R1bGU6Zm9yLWZhYnJpYy5jbGllbnRcbiAqL1xuZXhwb3J0IGRlY2xhcmUgZW51bSBDQV9ST0xFIHtcbiAgLyoqIEFkbWluaXN0cmF0b3Igcm9sZSB3aXRoIGVsZXZhdGVkIHByaXZpbGVnZXMgZm9yIG1hbmFnaW5nIGlkZW50aXRpZXMgYW5kIGFmZmlsaWF0aW9ucyAqL1xuICBBRE1JTiA9IFwiYWRtaW5cIixcbiAgLyoqIFN0YW5kYXJkIHVzZXIgcm9sZSBmb3IgYXBwbGljYXRpb24gY2xpZW50cyBpbnRlcmFjdGluZyB3aXRoIHRoZSBuZXR3b3JrICovXG4gIFVTRVIgPSBcInVzZXJcIixcbiAgLyoqIENsaWVudCByb2xlIHR5cGljYWxseSB1c2VkIGZvciBTREstYmFzZWQgaW50ZXJhY3Rpb25zIGFuZCBzZXJ2aWNlIGFjY291bnRzICovXG4gIENMSUVOVCA9IFwiY2xpZW50XCIsXG59XG4iXX0=
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @description Certificate Authority role types used during enrollment and registration.
|
|
3
|
+
* @summary Enumerates the standard Hyperledger Fabric CA roles that can be assigned to identities when registering with the CA service.
|
|
4
|
+
* @enum {string}
|
|
5
|
+
* @readonly
|
|
6
|
+
* @memberOf module:for-fabric.client
|
|
7
|
+
*/
|
|
8
|
+
export declare enum CA_ROLE {
|
|
9
|
+
/** Administrator role with elevated privileges for managing identities and affiliations */
|
|
10
|
+
ADMIN = "admin",
|
|
11
|
+
/** Standard user role for application clients interacting with the network */
|
|
12
|
+
USER = "user",
|
|
13
|
+
/** Client role typically used for SDK-based interactions and service accounts */
|
|
14
|
+
CLIENT = "client"
|
|
15
|
+
}
|
|
@@ -0,0 +1,344 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.FabricEnrollmentService = exports.HFCAIdentityAttributes = exports.HFCAIdentityType = void 0;
|
|
7
|
+
const fabric_ca_client_1 = __importDefault(require("fabric-ca-client"));
|
|
8
|
+
const Identity_1 = require("./../../shared/model/Identity.cjs");
|
|
9
|
+
const core_1 = require("@decaf-ts/core");
|
|
10
|
+
const db_decorators_1 = require("@decaf-ts/db-decorators");
|
|
11
|
+
const utils_1 = require("./../../shared/utils.cjs");
|
|
12
|
+
const crypto_1 = require("./../../shared/crypto.cjs");
|
|
13
|
+
const errors_1 = require("./../../shared/errors.cjs");
|
|
14
|
+
const LoggedService_1 = require("./LoggedService.cjs");
|
|
15
|
+
/**
|
|
16
|
+
* @description Hyperledger Fabric CA identity types.
|
|
17
|
+
* @summary Enumerates the supported identity types recognized by Fabric CA for registration and identity management.
|
|
18
|
+
* @enum {string}
|
|
19
|
+
* @readonly
|
|
20
|
+
* @memberOf module:for-fabric.client
|
|
21
|
+
*/
|
|
22
|
+
var HFCAIdentityType;
|
|
23
|
+
(function (HFCAIdentityType) {
|
|
24
|
+
HFCAIdentityType["PEER"] = "peer";
|
|
25
|
+
HFCAIdentityType["ORDERER"] = "orderer";
|
|
26
|
+
HFCAIdentityType["CLIENT"] = "client";
|
|
27
|
+
HFCAIdentityType["USER"] = "user";
|
|
28
|
+
HFCAIdentityType["ADMIN"] = "admin";
|
|
29
|
+
})(HFCAIdentityType || (exports.HFCAIdentityType = HFCAIdentityType = {}));
|
|
30
|
+
/**
|
|
31
|
+
* @description Standard Fabric CA identity attribute keys.
|
|
32
|
+
* @summary Enumerates well-known Fabric CA attribute keys that can be assigned to identities for delegations and permissions.
|
|
33
|
+
* @enum {string}
|
|
34
|
+
* @readonly
|
|
35
|
+
* @memberOf module:for-fabric.client
|
|
36
|
+
*/
|
|
37
|
+
var HFCAIdentityAttributes;
|
|
38
|
+
(function (HFCAIdentityAttributes) {
|
|
39
|
+
HFCAIdentityAttributes["HFREGISTRARROLES"] = "hf.Registrar.Roles";
|
|
40
|
+
HFCAIdentityAttributes["HFREGISTRARDELEGATEROLES"] = "hf.Registrar.DelegateRoles";
|
|
41
|
+
HFCAIdentityAttributes["HFREGISTRARATTRIBUTES"] = "hf.Registrar.Attributes";
|
|
42
|
+
HFCAIdentityAttributes["HFINTERMEDIATECA"] = "hf.IntermediateCA";
|
|
43
|
+
HFCAIdentityAttributes["HFREVOKER"] = "hf.Revoker";
|
|
44
|
+
HFCAIdentityAttributes["HFAFFILIATIONMGR"] = "hf.AffiliationMgr";
|
|
45
|
+
HFCAIdentityAttributes["HFGENCRL"] = "hf.GenCRL";
|
|
46
|
+
})(HFCAIdentityAttributes || (exports.HFCAIdentityAttributes = HFCAIdentityAttributes = {}));
|
|
47
|
+
/**
|
|
48
|
+
* @description Service wrapper for interacting with a Fabric CA.
|
|
49
|
+
* @summary Provides high-level operations for managing identities against a Hyperledger Fabric Certificate Authority, including registration, enrollment, revocation, and administrative queries. Encapsulates lower-level Fabric CA client calls with consistent logging and error mapping.
|
|
50
|
+
* @param {CAConfig} caConfig - Connection and TLS configuration for the target CA.
|
|
51
|
+
* @class FabricEnrollmentService
|
|
52
|
+
* @example
|
|
53
|
+
* // Register and enroll a new user
|
|
54
|
+
* const svc = new FabricEnrollmentService({
|
|
55
|
+
* url: 'https://localhost:7054',
|
|
56
|
+
* caName: 'Org1CA',
|
|
57
|
+
* tls: { trustedRoots: ['/path/to/ca.pem'], verify: false },
|
|
58
|
+
* caCert: '/path/to/admin/certDir',
|
|
59
|
+
* caKey: '/path/to/admin/keyDir'
|
|
60
|
+
* });
|
|
61
|
+
* await svc.register({ userName: 'alice', password: 's3cr3t' }, false, 'org1.department1', CA_ROLE.USER);
|
|
62
|
+
* const id = await svc.enroll('alice', 's3cr3t');
|
|
63
|
+
* @mermaid
|
|
64
|
+
* sequenceDiagram
|
|
65
|
+
* autonumber
|
|
66
|
+
* participant App
|
|
67
|
+
* participant Svc as FabricEnrollmentService
|
|
68
|
+
* participant CA as Fabric CA
|
|
69
|
+
* App->>Svc: register(credentials, ...)
|
|
70
|
+
* Svc->>CA: register(request, adminUser)
|
|
71
|
+
* CA-->>Svc: enrollmentSecret
|
|
72
|
+
* Svc-->>App: secret
|
|
73
|
+
* App->>Svc: enroll(enrollmentId, secret)
|
|
74
|
+
* Svc->>CA: enroll({enrollmentID, secret})
|
|
75
|
+
* CA-->>Svc: certificates
|
|
76
|
+
* Svc-->>App: Identity
|
|
77
|
+
*/
|
|
78
|
+
class FabricEnrollmentService extends LoggedService_1.LoggedService {
|
|
79
|
+
constructor(caConfig) {
|
|
80
|
+
super();
|
|
81
|
+
this.caConfig = caConfig;
|
|
82
|
+
}
|
|
83
|
+
async User() {
|
|
84
|
+
if (this.user)
|
|
85
|
+
return this.user;
|
|
86
|
+
const { caName, caCert, caKey, url } = this.caConfig;
|
|
87
|
+
const log = this.log.for(this.User);
|
|
88
|
+
log.debug(`Creating CA user for ${caName} at ${url}`);
|
|
89
|
+
log.debug(`Retrieving CA certificate from ${caCert}`);
|
|
90
|
+
const certificate = await utils_1.CoreUtils.getFirstDirFileNameContent(caCert);
|
|
91
|
+
log.debug(`Retrieving CA key from ${caKey}`);
|
|
92
|
+
const key = await utils_1.CoreUtils.getFirstDirFileNameContent(caKey);
|
|
93
|
+
log.debug(`Loading Admin user for ca ${caName}`);
|
|
94
|
+
this.user = await utils_1.CoreUtils.getCAUser("admin", key, certificate, caName);
|
|
95
|
+
return this.user;
|
|
96
|
+
}
|
|
97
|
+
async CA() {
|
|
98
|
+
if (this.ca)
|
|
99
|
+
return this.ca;
|
|
100
|
+
const log = this.log.for(this.CA);
|
|
101
|
+
const { url, tls, caName } = this.caConfig;
|
|
102
|
+
// FOR Some Reason the verification fails need to investigate this works for now
|
|
103
|
+
// eslint-disable-next-line prefer-const
|
|
104
|
+
let { trustedRoots, verify } = tls;
|
|
105
|
+
verify = false;
|
|
106
|
+
const root = trustedRoots[0];
|
|
107
|
+
log.debug(`Retrieving CA certificate from ${root}. cwd: ${process.cwd()}`);
|
|
108
|
+
const certificate = await utils_1.CoreUtils.getFileContent(root);
|
|
109
|
+
log.debug(`Creating CA Client for CA ${caName} under ${url}`);
|
|
110
|
+
this.ca = new fabric_ca_client_1.default(url, {
|
|
111
|
+
trustedRoots: Buffer.from(certificate),
|
|
112
|
+
verify,
|
|
113
|
+
}, caName);
|
|
114
|
+
return this.ca;
|
|
115
|
+
}
|
|
116
|
+
async Client() {
|
|
117
|
+
if (this.client)
|
|
118
|
+
return this.client;
|
|
119
|
+
const ca = await this.CA();
|
|
120
|
+
this.client = ca["_FabricCAServices"];
|
|
121
|
+
return this.client;
|
|
122
|
+
}
|
|
123
|
+
async Certificate() {
|
|
124
|
+
if (!this.certificateService)
|
|
125
|
+
this.certificateService = (await this.Client()).newCertificateService();
|
|
126
|
+
return this.certificateService;
|
|
127
|
+
}
|
|
128
|
+
async Affiliations() {
|
|
129
|
+
if (!this.affiliationService)
|
|
130
|
+
this.affiliationService = (await this.CA()).newAffiliationService();
|
|
131
|
+
return this.affiliationService;
|
|
132
|
+
}
|
|
133
|
+
async Identities() {
|
|
134
|
+
if (!this.identityService)
|
|
135
|
+
this.identityService = (await this.CA()).newIdentityService();
|
|
136
|
+
return this.identityService;
|
|
137
|
+
}
|
|
138
|
+
/**
|
|
139
|
+
* @description Retrieve certificates from the CA.
|
|
140
|
+
* @summary Calls the CA certificate service to list certificates, optionally mapping to PEM strings only.
|
|
141
|
+
* @param {GetCertificatesRequest} [request] - Optional filter request for certificate lookup.
|
|
142
|
+
* @param {boolean} [doMap=true] - When true, returns array of PEM strings; otherwise returns full response object.
|
|
143
|
+
* @return {Promise<string[] | CertificateResponse>} Array of PEM strings or the full certificate response.
|
|
144
|
+
*/
|
|
145
|
+
async getCertificates(request, doMap = true) {
|
|
146
|
+
const certificateService = await this.Certificate();
|
|
147
|
+
const user = await this.User();
|
|
148
|
+
const log = this.log.for(this.getCertificates);
|
|
149
|
+
log.debug(`Retrieving certificates${request ? ` for ${request.id}` : ""} for CA ${this.caConfig.caName}`);
|
|
150
|
+
const response = (await certificateService.getCertificates(request || {}, user)).result;
|
|
151
|
+
log.debug(`Found ${response.certs.length} certificates: ${JSON.stringify(response)}`);
|
|
152
|
+
return doMap ? response.certs.map((c) => c.PEM) : response;
|
|
153
|
+
}
|
|
154
|
+
/**
|
|
155
|
+
* @description List identities registered in the CA.
|
|
156
|
+
* @summary Queries the CA identity service to fetch all identities and returns the list as FabricIdentity objects.
|
|
157
|
+
* @return {Promise<FabricIdentity[]>} The list of identities registered in the CA.
|
|
158
|
+
*/
|
|
159
|
+
async getIdentities() {
|
|
160
|
+
const identitiesService = await this.Identities();
|
|
161
|
+
const log = this.log.for(this.getIdentities);
|
|
162
|
+
log.debug(`Retrieving Identities under CA ${this.caConfig.caName}`);
|
|
163
|
+
const response = (await identitiesService.getAll(await this.User())).result;
|
|
164
|
+
log.debug(`Found ${response.identities.length} Identities: ${JSON.stringify(response)}`);
|
|
165
|
+
return response.identities;
|
|
166
|
+
}
|
|
167
|
+
parseError(e) {
|
|
168
|
+
const regexp = /.*code:\s(\d+).*?message:\s["'](.+)["']/gs;
|
|
169
|
+
const match = regexp.exec(e.message);
|
|
170
|
+
if (!match)
|
|
171
|
+
return new errors_1.RegistrationError(e);
|
|
172
|
+
const [, code, message] = match;
|
|
173
|
+
switch (code) {
|
|
174
|
+
case "74":
|
|
175
|
+
case "71":
|
|
176
|
+
return new db_decorators_1.ConflictError(message);
|
|
177
|
+
case "20":
|
|
178
|
+
return new core_1.AuthorizationError(message);
|
|
179
|
+
default:
|
|
180
|
+
return new errors_1.RegistrationError(message);
|
|
181
|
+
}
|
|
182
|
+
}
|
|
183
|
+
/**
|
|
184
|
+
* @description Retrieve affiliations from the CA.
|
|
185
|
+
* @summary Queries the CA for the list of affiliations available under the configured CA.
|
|
186
|
+
* @return {string} The affiliations result payload.
|
|
187
|
+
*/
|
|
188
|
+
async getAffiliations() {
|
|
189
|
+
const affiliationService = await this.Affiliations();
|
|
190
|
+
const log = this.log.for(this.getAffiliations);
|
|
191
|
+
log.debug(`Retrieving Affiliations under CA ${this.caConfig.caName}`);
|
|
192
|
+
const response = (await affiliationService.getAll(await this.User()))
|
|
193
|
+
.result;
|
|
194
|
+
log.debug(`Found ${response.a.length} Affiliations: ${JSON.stringify(response)}`);
|
|
195
|
+
return response;
|
|
196
|
+
}
|
|
197
|
+
/**
|
|
198
|
+
* @description Read identity details from the CA by enrollment ID.
|
|
199
|
+
* @summary Retrieves and validates a single identity, throwing NotFoundError when missing.
|
|
200
|
+
* @param {string} enrollmentId - Enrollment ID to lookup.
|
|
201
|
+
* @return {Promise<FabricIdentity>} The identity details stored in the CA.
|
|
202
|
+
*/
|
|
203
|
+
async read(enrollmentId) {
|
|
204
|
+
const ca = await this.CA();
|
|
205
|
+
const user = await this.User();
|
|
206
|
+
let result;
|
|
207
|
+
try {
|
|
208
|
+
result = await ca.newIdentityService().getOne(enrollmentId, user);
|
|
209
|
+
}
|
|
210
|
+
catch (e) {
|
|
211
|
+
throw new db_decorators_1.NotFoundError(`Couldn't find enrollment with id ${enrollmentId}: ${e}`);
|
|
212
|
+
}
|
|
213
|
+
if (!result.success)
|
|
214
|
+
throw new db_decorators_1.NotFoundError(`Couldn't find enrollment with id ${enrollmentId}: ${result.errors.join("\n")}`);
|
|
215
|
+
return result.result;
|
|
216
|
+
}
|
|
217
|
+
/**
|
|
218
|
+
* @description Register a new identity with the CA.
|
|
219
|
+
* @summary Submits a registration request for a new enrollment ID, returning the enrollment secret upon success.
|
|
220
|
+
* @param {Credentials} model - Credentials containing userName and password for the new identity.
|
|
221
|
+
* @param {boolean} [isSuperUser=false] - Whether to register the identity as a super user.
|
|
222
|
+
* @param {string} [affiliation=""] - Affiliation string (e.g., org1.department1).
|
|
223
|
+
* @param {CA_ROLE | string} [userRole] - Role to assign to the identity.
|
|
224
|
+
* @param {IKeyValueAttribute} [attrs] - Optional attributes to attach to the identity.
|
|
225
|
+
* @param {number} [maxEnrollments] - Maximum number of enrollments allowed for the identity.
|
|
226
|
+
* @return {Promise<string>} The enrollment secret for the registered identity.
|
|
227
|
+
*/
|
|
228
|
+
async register(model, isSuperUser = false, affiliation = "", userRole, attrs, maxEnrollments) {
|
|
229
|
+
let registration;
|
|
230
|
+
const log = this.log.for(this.register);
|
|
231
|
+
try {
|
|
232
|
+
const { userName, password } = model;
|
|
233
|
+
const ca = await this.CA();
|
|
234
|
+
const user = await this.User();
|
|
235
|
+
const props = {
|
|
236
|
+
enrollmentID: userName,
|
|
237
|
+
enrollmentSecret: password,
|
|
238
|
+
affiliation: affiliation,
|
|
239
|
+
userRole: userRole,
|
|
240
|
+
attrs: attrs,
|
|
241
|
+
maxEnrollments: maxEnrollments,
|
|
242
|
+
};
|
|
243
|
+
registration = await ca.register(props, user);
|
|
244
|
+
log.info(`Registration for ${userName} created with user type ${userRole ?? "Undefined Role"} ${isSuperUser ? "as super user" : ""}`);
|
|
245
|
+
}
|
|
246
|
+
catch (e) {
|
|
247
|
+
throw this.parseError(e);
|
|
248
|
+
}
|
|
249
|
+
return registration;
|
|
250
|
+
}
|
|
251
|
+
static identityFromEnrollment(enrollment, mspId) {
|
|
252
|
+
const { certificate, key, rootCertificate } = enrollment;
|
|
253
|
+
const log = this.log.for(this.identityFromEnrollment);
|
|
254
|
+
log.debug(`Generating Identity from certificate ${certificate} in msp ${mspId}`);
|
|
255
|
+
const clientId = crypto_1.CryptoUtils.fabricIdFromCertificate(certificate);
|
|
256
|
+
const id = crypto_1.CryptoUtils.encode(clientId);
|
|
257
|
+
log.debug(`Identity ${clientId} and encodedId ${id}`);
|
|
258
|
+
const now = new Date();
|
|
259
|
+
return new Identity_1.Identity({
|
|
260
|
+
id: id,
|
|
261
|
+
credentials: {
|
|
262
|
+
id: id,
|
|
263
|
+
certificate: certificate,
|
|
264
|
+
privateKey: key.toBytes(),
|
|
265
|
+
rootCertificate: rootCertificate,
|
|
266
|
+
createdOn: now,
|
|
267
|
+
updatedOn: now,
|
|
268
|
+
},
|
|
269
|
+
mspId: mspId,
|
|
270
|
+
createdOn: now,
|
|
271
|
+
updatedOn: now,
|
|
272
|
+
});
|
|
273
|
+
}
|
|
274
|
+
/**
|
|
275
|
+
* @description Enroll an identity with the CA using a registration secret.
|
|
276
|
+
* @summary Exchanges the enrollment ID and secret for certificates, returning a constructed Identity model.
|
|
277
|
+
* @param {string} enrollmentId - Enrollment ID to enroll.
|
|
278
|
+
* @param {string} registration - Enrollment secret returned at registration time.
|
|
279
|
+
* @return {Promise<Identity>} The enrolled identity object with credentials.
|
|
280
|
+
*/
|
|
281
|
+
async enroll(enrollmentId, registration) {
|
|
282
|
+
let identity;
|
|
283
|
+
const log = this.log.for(this.enroll);
|
|
284
|
+
try {
|
|
285
|
+
const ca = await this.CA();
|
|
286
|
+
log.debug(`Enrolling ${enrollmentId}`);
|
|
287
|
+
const enrollment = await ca.enroll({
|
|
288
|
+
enrollmentID: enrollmentId,
|
|
289
|
+
enrollmentSecret: registration,
|
|
290
|
+
});
|
|
291
|
+
identity = FabricEnrollmentService.identityFromEnrollment(enrollment, this.caConfig.caName);
|
|
292
|
+
log.info(`Successfully enrolled ${enrollmentId} under ${this.caConfig.caName} as ${identity.id}`);
|
|
293
|
+
}
|
|
294
|
+
catch (e) {
|
|
295
|
+
throw this.parseError(e);
|
|
296
|
+
}
|
|
297
|
+
return identity;
|
|
298
|
+
}
|
|
299
|
+
/**
|
|
300
|
+
* @description Register and enroll a new identity in one step.
|
|
301
|
+
* @summary Registers a new enrollment ID with the CA and immediately exchanges the secret to enroll, returning the created Identity.
|
|
302
|
+
* @param {Credentials} model - Credentials for the new identity containing userName and password.
|
|
303
|
+
* @param {boolean} [isSuperUser=false] - Whether to register the identity as a super user.
|
|
304
|
+
* @param {string} [affiliation=""] - Affiliation string (e.g., org1.department1).
|
|
305
|
+
* @param {CA_ROLE | string} [userRole] - Role to assign to the identity.
|
|
306
|
+
* @param {IKeyValueAttribute} [attrs] - Optional attributes to attach to the identity.
|
|
307
|
+
* @param {number} [maxEnrollments] - Maximum number of enrollments allowed for the identity.
|
|
308
|
+
* @return {Promise<Identity>} The enrolled identity.
|
|
309
|
+
*/
|
|
310
|
+
async registerAndEnroll(model, isSuperUser = false, affiliation = "", userRole, attrs, maxEnrollments) {
|
|
311
|
+
const registration = await this.register(model, isSuperUser, affiliation, userRole, attrs, maxEnrollments);
|
|
312
|
+
const { userName } = model;
|
|
313
|
+
return this.enroll(userName, registration);
|
|
314
|
+
}
|
|
315
|
+
/**
|
|
316
|
+
* Revokes the enrollment of an identity with the specified enrollment ID.
|
|
317
|
+
*
|
|
318
|
+
* @param enrollmentId - The enrollment ID of the identity to be revoked.
|
|
319
|
+
*
|
|
320
|
+
* @returns A Promise that resolves to the result of the revocation operation.
|
|
321
|
+
*
|
|
322
|
+
* @throws {NotFoundError} If the enrollment with the specified ID does not exist.
|
|
323
|
+
* @throws {InternalError} If there is an error during the revocation process.
|
|
324
|
+
*/
|
|
325
|
+
async revoke(enrollmentId) {
|
|
326
|
+
const ca = await this.CA();
|
|
327
|
+
const user = await this.User();
|
|
328
|
+
const identity = await this.read(enrollmentId);
|
|
329
|
+
if (!identity)
|
|
330
|
+
throw new db_decorators_1.NotFoundError(`Could not find enrollment with id ${enrollmentId}`);
|
|
331
|
+
let result;
|
|
332
|
+
try {
|
|
333
|
+
result = await ca.revoke({ enrollmentID: identity.id, reason: "User Deletation" }, user);
|
|
334
|
+
}
|
|
335
|
+
catch (e) {
|
|
336
|
+
throw new db_decorators_1.InternalError(`Could not revoke enrollment with id ${enrollmentId}: ${e}`);
|
|
337
|
+
}
|
|
338
|
+
if (!result.success)
|
|
339
|
+
throw new db_decorators_1.InternalError(`Could not revoke enrollment with id ${enrollmentId}: ${result.errors.join("\n")}`);
|
|
340
|
+
return result;
|
|
341
|
+
}
|
|
342
|
+
}
|
|
343
|
+
exports.FabricEnrollmentService = FabricEnrollmentService;
|
|
344
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZW5yb2xsZW1lbnRTZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2NsaWVudC9zZXJ2aWNlcy9lbnJvbGxlbWVudFNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7O0FBQUEsd0VBQWdEO0FBV2hELGdFQUF1RDtBQUN2RCx5Q0FBb0Q7QUFDcEQsMkRBSWlDO0FBQ2pDLG9EQUErQztBQUUvQyxzREFBa0Q7QUFPbEQsc0RBQXdEO0FBQ3hELHVEQUFnRDtBQUVoRDs7Ozs7O0dBTUc7QUFDSCxJQUFZLGdCQU1YO0FBTkQsV0FBWSxnQkFBZ0I7SUFDMUIsaUNBQWEsQ0FBQTtJQUNiLHVDQUFtQixDQUFBO0lBQ25CLHFDQUFpQixDQUFBO0lBQ2pCLGlDQUFhLENBQUE7SUFDYixtQ0FBZSxDQUFBO0FBQ2pCLENBQUMsRUFOVyxnQkFBZ0IsZ0NBQWhCLGdCQUFnQixRQU0zQjtBQWlCRDs7Ozs7O0dBTUc7QUFDSCxJQUFZLHNCQVFYO0FBUkQsV0FBWSxzQkFBc0I7SUFDaEMsaUVBQXVDLENBQUE7SUFDdkMsaUZBQXVELENBQUE7SUFDdkQsMkVBQWlELENBQUE7SUFDakQsZ0VBQXNDLENBQUE7SUFDdEMsa0RBQXdCLENBQUE7SUFDeEIsZ0VBQXNDLENBQUE7SUFDdEMsZ0RBQXNCLENBQUE7QUFDeEIsQ0FBQyxFQVJXLHNCQUFzQixzQ0FBdEIsc0JBQXNCLFFBUWpDO0FBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztHQThCRztBQUNILE1BQWEsdUJBQXdCLFNBQVEsNkJBQWE7SUFheEQsWUFBb0IsUUFBa0I7UUFDcEMsS0FBSyxFQUFFLENBQUM7UUFEVSxhQUFRLEdBQVIsUUFBUSxDQUFVO0lBRXRDLENBQUM7SUFFUyxLQUFLLENBQUMsSUFBSTtRQUNsQixJQUFJLElBQUksQ0FBQyxJQUFJO1lBQUUsT0FBTyxJQUFJLENBQUMsSUFBSSxDQUFDO1FBQ2hDLE1BQU0sRUFBRSxNQUFNLEVBQUUsTUFBTSxFQUFFLEtBQUssRUFBRSxHQUFHLEVBQUUsR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDO1FBQ3JELE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUNwQyxHQUFHLENBQUMsS0FBSyxDQUFDLHdCQUF3QixNQUFNLE9BQU8sR0FBRyxFQUFFLENBQUMsQ0FBQztRQUN0RCxHQUFHLENBQUMsS0FBSyxDQUFDLGtDQUFrQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO1FBQ3RELE1BQU0sV0FBVyxHQUFHLE1BQU0saUJBQVMsQ0FBQywwQkFBMEIsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUN2RSxHQUFHLENBQUMsS0FBSyxDQUFDLDBCQUEwQixLQUFLLEVBQUUsQ0FBQyxDQUFDO1FBQzdDLE1BQU0sR0FBRyxHQUFHLE1BQU0saUJBQVMsQ0FBQywwQkFBMEIsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUM5RCxHQUFHLENBQUMsS0FBSyxDQUFDLDZCQUE2QixNQUFNLEVBQUUsQ0FBQyxDQUFDO1FBQ2pELElBQUksQ0FBQyxJQUFJLEdBQUcsTUFBTSxpQkFBUyxDQUFDLFNBQVMsQ0FBQyxPQUFPLEVBQUUsR0FBRyxFQUFFLFdBQVcsRUFBRSxNQUFNLENBQUMsQ0FBQztRQUN6RSxPQUFPLElBQUksQ0FBQyxJQUFJLENBQUM7SUFDbkIsQ0FBQztJQUVTLEtBQUssQ0FBQyxFQUFFO1FBQ2hCLElBQUksSUFBSSxDQUFDLEVBQUU7WUFBRSxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUM7UUFDNUIsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ2xDLE1BQU0sRUFBRSxHQUFHLEVBQUUsR0FBRyxFQUFFLE1BQU0sRUFBRSxHQUFHLElBQUksQ0FBQyxRQUFRLENBQUM7UUFFM0MsZ0ZBQWdGO1FBQ2hGLHdDQUF3QztRQUN4QyxJQUFJLEVBQUUsWUFBWSxFQUFFLE1BQU0sRUFBRSxHQUFHLEdBQWlCLENBQUM7UUFFakQsTUFBTSxHQUFHLEtBQUssQ0FBQztRQUVmLE1BQU0sSUFBSSxHQUFJLFlBQXlCLENBQUMsQ0FBQyxDQUFXLENBQUM7UUFDckQsR0FBRyxDQUFDLEtBQUssQ0FBQyxrQ0FBa0MsSUFBSSxVQUFVLE9BQU8sQ0FBQyxHQUFHLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFM0UsTUFBTSxXQUFXLEdBQUcsTUFBTSxpQkFBUyxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUN6RCxHQUFHLENBQUMsS0FBSyxDQUFDLDZCQUE2QixNQUFNLFVBQVUsR0FBRyxFQUFFLENBQUMsQ0FBQztRQUM5RCxJQUFJLENBQUMsRUFBRSxHQUFHLElBQUksMEJBQWdCLENBQzVCLEdBQUcsRUFDSDtZQUNFLFlBQVksRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQztZQUN0QyxNQUFNO1NBQ08sRUFDZixNQUFNLENBQ1AsQ0FBQztRQUNGLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQztJQUNqQixDQUFDO0lBRVMsS0FBSyxDQUFDLE1BQU07UUFDcEIsSUFBSSxJQUFJLENBQUMsTUFBTTtZQUFFLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQztRQUNwQyxNQUFNLEVBQUUsR0FBRyxNQUFNLElBQUksQ0FBQyxFQUFFLEVBQUUsQ0FBQztRQUMzQixJQUFJLENBQUMsTUFBTSxHQUFJLEVBQVUsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO1FBQy9DLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQztJQUNyQixDQUFDO0lBRVMsS0FBSyxDQUFDLFdBQVc7UUFDekIsSUFBSSxDQUFDLElBQUksQ0FBQyxrQkFBa0I7WUFDMUIsSUFBSSxDQUFDLGtCQUFrQixHQUFHLENBQUMsTUFBTSxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxxQkFBcUIsRUFBRSxDQUFDO1FBQzFFLE9BQU8sSUFBSSxDQUFDLGtCQUFrQixDQUFDO0lBQ2pDLENBQUM7SUFFUyxLQUFLLENBQUMsWUFBWTtRQUMxQixJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQjtZQUMxQixJQUFJLENBQUMsa0JBQWtCLEdBQUcsQ0FBQyxNQUFNLElBQUksQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLHFCQUFxQixFQUFFLENBQUM7UUFDdEUsT0FBTyxJQUFJLENBQUMsa0JBQWtCLENBQUM7SUFDakMsQ0FBQztJQUVTLEtBQUssQ0FBQyxVQUFVO1FBQ3hCLElBQUksQ0FBQyxJQUFJLENBQUMsZUFBZTtZQUN2QixJQUFJLENBQUMsZUFBZSxHQUFHLENBQUMsTUFBTSxJQUFJLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO1FBQ2hFLE9BQU8sSUFBSSxDQUFDLGVBQWUsQ0FBQztJQUM5QixDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0gsS0FBSyxDQUFDLGVBQWUsQ0FDbkIsT0FBZ0MsRUFDaEMsS0FBSyxHQUFHLElBQUk7UUFFWixNQUFNLGtCQUFrQixHQUFHLE1BQU0sSUFBSSxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQ3BELE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1FBQy9CLE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxlQUFlLENBQUMsQ0FBQztRQUMvQyxHQUFHLENBQUMsS0FBSyxDQUNQLDBCQUEwQixPQUFPLENBQUMsQ0FBQyxDQUFDLFFBQVEsT0FBTyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxFQUFFLFdBQVcsSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLEVBQUUsQ0FDL0YsQ0FBQztRQUNGLE1BQU0sUUFBUSxHQUF3QixDQUNwQyxNQUFNLGtCQUFrQixDQUFDLGVBQWUsQ0FBQyxPQUFPLElBQUksRUFBRSxFQUFFLElBQUksQ0FBQyxDQUM5RCxDQUFDLE1BQU0sQ0FBQztRQUNULEdBQUcsQ0FBQyxLQUFLLENBQ1AsU0FBUyxRQUFRLENBQUMsS0FBSyxDQUFDLE1BQU0sa0JBQWtCLElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FDM0UsQ0FBQztRQUNGLE9BQU8sS0FBSyxDQUFDLENBQUMsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxRQUFRLENBQUM7SUFDN0QsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxLQUFLLENBQUMsYUFBYTtRQUNqQixNQUFNLGlCQUFpQixHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ2xELE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUM3QyxHQUFHLENBQUMsS0FBSyxDQUFDLGtDQUFrQyxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUM7UUFDcEUsTUFBTSxRQUFRLEdBQXFCLENBQ2pDLE1BQU0saUJBQWlCLENBQUMsTUFBTSxDQUFDLE1BQU0sSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDLENBQ2xELENBQUMsTUFBTSxDQUFDO1FBQ1QsR0FBRyxDQUFDLEtBQUssQ0FDUCxTQUFTLFFBQVEsQ0FBQyxVQUFVLENBQUMsTUFBTSxnQkFBZ0IsSUFBSSxDQUFDLFNBQVMsQ0FBQyxRQUFRLENBQUMsRUFBRSxDQUM5RSxDQUFDO1FBQ0YsT0FBTyxRQUFRLENBQUMsVUFBVSxDQUFDO0lBQzdCLENBQUM7SUFFUyxVQUFVLENBQUMsQ0FBUTtRQUMzQixNQUFNLE1BQU0sR0FBRywyQ0FBMkMsQ0FBQztRQUMzRCxNQUFNLEtBQUssR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUNyQyxJQUFJLENBQUMsS0FBSztZQUFFLE9BQU8sSUFBSSwwQkFBaUIsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUM1QyxNQUFNLENBQUMsRUFBRSxJQUFJLEVBQUUsT0FBTyxDQUFDLEdBQUcsS0FBSyxDQUFDO1FBQ2hDLFFBQVEsSUFBSSxFQUFFLENBQUM7WUFDYixLQUFLLElBQUksQ0FBQztZQUNWLEtBQUssSUFBSTtnQkFDUCxPQUFPLElBQUksNkJBQWEsQ0FBQyxPQUFPLENBQUMsQ0FBQztZQUNwQyxLQUFLLElBQUk7Z0JBQ1AsT0FBTyxJQUFJLHlCQUFrQixDQUFDLE9BQU8sQ0FBQyxDQUFDO1lBQ3pDO2dCQUNFLE9BQU8sSUFBSSwwQkFBaUIsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUMxQyxDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxLQUFLLENBQUMsZUFBZTtRQUNuQixNQUFNLGtCQUFrQixHQUFHLE1BQU0sSUFBSSxDQUFDLFlBQVksRUFBRSxDQUFDO1FBQ3JELE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxlQUFlLENBQUMsQ0FBQztRQUMvQyxHQUFHLENBQUMsS0FBSyxDQUFDLG9DQUFvQyxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUM7UUFDdEUsTUFBTSxRQUFRLEdBQUcsQ0FBQyxNQUFNLGtCQUFrQixDQUFDLE1BQU0sQ0FBQyxNQUFNLElBQUksQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDO2FBQ2xFLE1BQU0sQ0FBQztRQUNWLEdBQUcsQ0FBQyxLQUFLLENBQ1AsU0FBUyxRQUFRLENBQUMsQ0FBQyxDQUFDLE1BQU0sa0JBQWtCLElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FDdkUsQ0FBQztRQUNGLE9BQU8sUUFBUSxDQUFDO0lBQ2xCLENBQUM7SUFFRDs7Ozs7T0FLRztJQUNILEtBQUssQ0FBQyxJQUFJLENBQUMsWUFBb0I7UUFDN0IsTUFBTSxFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsRUFBRSxFQUFFLENBQUM7UUFDM0IsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDL0IsSUFBSSxNQUF3QixDQUFDO1FBQzdCLElBQUksQ0FBQztZQUNILE1BQU0sR0FBRyxNQUFNLEVBQUUsQ0FBQyxrQkFBa0IsRUFBRSxDQUFDLE1BQU0sQ0FBQyxZQUFZLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFDcEUsQ0FBQztRQUFDLE9BQU8sQ0FBTSxFQUFFLENBQUM7WUFDaEIsTUFBTSxJQUFJLDZCQUFhLENBQ3JCLG9DQUFvQyxZQUFZLEtBQUssQ0FBQyxFQUFFLENBQ3pELENBQUM7UUFDSixDQUFDO1FBRUQsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPO1lBQ2pCLE1BQU0sSUFBSSw2QkFBYSxDQUNyQixvQ0FBb0MsWUFBWSxLQUFLLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQ2hGLENBQUM7UUFFSixPQUFPLE1BQU0sQ0FBQyxNQUF3QixDQUFDO0lBQ3pDLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0gsS0FBSyxDQUFDLFFBQVEsQ0FDWixLQUFrQixFQUNsQixjQUF1QixLQUFLLEVBQzVCLGNBQXNCLEVBQUUsRUFDeEIsUUFBMkIsRUFDM0IsS0FBMEIsRUFDMUIsY0FBdUI7UUFFdkIsSUFBSSxZQUFvQixDQUFDO1FBQ3pCLE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUN4QyxJQUFJLENBQUM7WUFDSCxNQUFNLEVBQUUsUUFBUSxFQUFFLFFBQVEsRUFBRSxHQUFHLEtBQUssQ0FBQztZQUNyQyxNQUFNLEVBQUUsR0FBRyxNQUFNLElBQUksQ0FBQyxFQUFFLEVBQUUsQ0FBQztZQUMzQixNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUMvQixNQUFNLEtBQUssR0FBRztnQkFDWixZQUFZLEVBQUUsUUFBa0I7Z0JBQ2hDLGdCQUFnQixFQUFFLFFBQVE7Z0JBQzFCLFdBQVcsRUFBRSxXQUFXO2dCQUN4QixRQUFRLEVBQUUsUUFBUTtnQkFDbEIsS0FBSyxFQUFFLEtBQUs7Z0JBQ1osY0FBYyxFQUFFLGNBQWM7YUFDWCxDQUFDO1lBQ3RCLFlBQVksR0FBRyxNQUFNLEVBQUUsQ0FBQyxRQUFRLENBQUMsS0FBSyxFQUFFLElBQUksQ0FBQyxDQUFDO1lBQzlDLEdBQUcsQ0FBQyxJQUFJLENBQ04sb0JBQW9CLFFBQVEsMkJBQTJCLFFBQVEsSUFBSSxnQkFBZ0IsSUFBSSxXQUFXLENBQUMsQ0FBQyxDQUFDLGVBQWUsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQzVILENBQUM7UUFDSixDQUFDO1FBQUMsT0FBTyxDQUFNLEVBQUUsQ0FBQztZQUNoQixNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDM0IsQ0FBQztRQUNELE9BQU8sWUFBWSxDQUFDO0lBQ3RCLENBQUM7SUFFUyxNQUFNLENBQUMsc0JBQXNCLENBQ3JDLFVBQTJCLEVBQzNCLEtBQWE7UUFFYixNQUFNLEVBQUUsV0FBVyxFQUFFLEdBQUcsRUFBRSxlQUFlLEVBQUUsR0FBRyxVQUFVLENBQUM7UUFDekQsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLHNCQUFzQixDQUFDLENBQUM7UUFDdEQsR0FBRyxDQUFDLEtBQUssQ0FDUCx3Q0FBd0MsV0FBVyxXQUFXLEtBQUssRUFBRSxDQUN0RSxDQUFDO1FBQ0YsTUFBTSxRQUFRLEdBQUcsb0JBQVcsQ0FBQyx1QkFBdUIsQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUNsRSxNQUFNLEVBQUUsR0FBRyxvQkFBVyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUN4QyxHQUFHLENBQUMsS0FBSyxDQUFDLFlBQVksUUFBUSxrQkFBa0IsRUFBRSxFQUFFLENBQUMsQ0FBQztRQUN0RCxNQUFNLEdBQUcsR0FBRyxJQUFJLElBQUksRUFBRSxDQUFDO1FBQ3ZCLE9BQU8sSUFBSSxtQkFBUSxDQUFDO1lBQ2xCLEVBQUUsRUFBRSxFQUFFO1lBQ04sV0FBVyxFQUFFO2dCQUNYLEVBQUUsRUFBRSxFQUFFO2dCQUNOLFdBQVcsRUFBRSxXQUFXO2dCQUN4QixVQUFVLEVBQUUsR0FBRyxDQUFDLE9BQU8sRUFBRTtnQkFDekIsZUFBZSxFQUFFLGVBQWU7Z0JBQ2hDLFNBQVMsRUFBRSxHQUFHO2dCQUNkLFNBQVMsRUFBRSxHQUFHO2FBQ2Y7WUFDRCxLQUFLLEVBQUUsS0FBSztZQUNaLFNBQVMsRUFBRSxHQUFHO1lBQ2QsU0FBUyxFQUFFLEdBQUc7U0FDZixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0gsS0FBSyxDQUFDLE1BQU0sQ0FBQyxZQUFvQixFQUFFLFlBQW9CO1FBQ3JELElBQUksUUFBa0IsQ0FBQztRQUN2QixNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDdEMsSUFBSSxDQUFDO1lBQ0gsTUFBTSxFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsRUFBRSxFQUFFLENBQUM7WUFDM0IsR0FBRyxDQUFDLEtBQUssQ0FBQyxhQUFhLFlBQVksRUFBRSxDQUFDLENBQUM7WUFDdkMsTUFBTSxVQUFVLEdBQW9CLE1BQU0sRUFBRSxDQUFDLE1BQU0sQ0FBQztnQkFDbEQsWUFBWSxFQUFFLFlBQVk7Z0JBQzFCLGdCQUFnQixFQUFFLFlBQVk7YUFDL0IsQ0FBQyxDQUFDO1lBQ0gsUUFBUSxHQUFHLHVCQUF1QixDQUFDLHNCQUFzQixDQUN2RCxVQUFVLEVBQ1YsSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQ3JCLENBQUM7WUFDRixHQUFHLENBQUMsSUFBSSxDQUNOLHlCQUF5QixZQUFZLFVBQVUsSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLE9BQU8sUUFBUSxDQUFDLEVBQUUsRUFBRSxDQUN4RixDQUFDO1FBQ0osQ0FBQztRQUFDLE9BQU8sQ0FBTSxFQUFFLENBQUM7WUFDaEIsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzNCLENBQUM7UUFDRCxPQUFPLFFBQVEsQ0FBQztJQUNsQixDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNILEtBQUssQ0FBQyxpQkFBaUIsQ0FDckIsS0FBa0IsRUFDbEIsY0FBdUIsS0FBSyxFQUM1QixjQUFzQixFQUFFLEVBQ3hCLFFBQTJCLEVBQzNCLEtBQTBCLEVBQzFCLGNBQXVCO1FBRXZCLE1BQU0sWUFBWSxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FDdEMsS0FBSyxFQUNMLFdBQVcsRUFDWCxXQUFXLEVBQ1gsUUFBUSxFQUNSLEtBQUssRUFDTCxjQUFjLENBQ2YsQ0FBQztRQUNGLE1BQU0sRUFBRSxRQUFRLEVBQUUsR0FBRyxLQUFLLENBQUM7UUFDM0IsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLFFBQWtCLEVBQUUsWUFBWSxDQUFDLENBQUM7SUFDdkQsQ0FBQztJQUVEOzs7Ozs7Ozs7T0FTRztJQUNILEtBQUssQ0FBQyxNQUFNLENBQUMsWUFBb0I7UUFDL0IsTUFBTSxFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsRUFBRSxFQUFFLENBQUM7UUFDM0IsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDL0IsTUFBTSxRQUFRLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBQy9DLElBQUksQ0FBQyxRQUFRO1lBQ1gsTUFBTSxJQUFJLDZCQUFhLENBQ3JCLHFDQUFxQyxZQUFZLEVBQUUsQ0FDcEQsQ0FBQztRQUNKLElBQUksTUFBd0IsQ0FBQztRQUM3QixJQUFJLENBQUM7WUFDSCxNQUFNLEdBQUcsTUFBTSxFQUFFLENBQUMsTUFBTSxDQUN0QixFQUFFLFlBQVksRUFBRSxRQUFRLENBQUMsRUFBRSxFQUFFLE1BQU0sRUFBRSxpQkFBaUIsRUFBRSxFQUN4RCxJQUFJLENBQ0wsQ0FBQztRQUNKLENBQUM7UUFBQyxPQUFPLENBQVUsRUFBRSxDQUFDO1lBQ3BCLE1BQU0sSUFBSSw2QkFBYSxDQUNyQix1Q0FBdUMsWUFBWSxLQUFLLENBQUMsRUFBRSxDQUM1RCxDQUFDO1FBQ0osQ0FBQztRQUNELElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTztZQUNqQixNQUFNLElBQUksNkJBQWEsQ0FDckIsdUNBQXVDLFlBQVksS0FBSyxNQUFNLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUNuRixDQUFDO1FBQ0osT0FBTyxNQUFNLENBQUM7SUFDaEIsQ0FBQztDQUNGO0FBbFdELDBEQWtXQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCBGYWJyaWNDQVNlcnZpY2VzIGZyb20gXCJmYWJyaWMtY2EtY2xpZW50XCI7XG5pbXBvcnQge1xuICBBZmZpbGlhdGlvblNlcnZpY2UsXG4gIElkZW50aXR5U2VydmljZSxcbiAgSUVucm9sbFJlc3BvbnNlLFxuICBJUmVnaXN0ZXJSZXF1ZXN0LFxuICBJU2VydmljZVJlc3BvbnNlLFxuICBUTFNPcHRpb25zLFxufSBmcm9tIFwiZmFicmljLWNhLWNsaWVudFwiO1xuaW1wb3J0IHsgVXNlciB9IGZyb20gXCJmYWJyaWMtY29tbW9uXCI7XG5pbXBvcnQgeyBDQUNvbmZpZywgQ3JlZGVudGlhbHMgfSBmcm9tIFwiLi4vLi4vc2hhcmVkL3R5cGVzXCI7XG5pbXBvcnQgeyBJZGVudGl0eSB9IGZyb20gXCIuLi8uLi9zaGFyZWQvbW9kZWwvSWRlbnRpdHlcIjtcbmltcG9ydCB7IEF1dGhvcml6YXRpb25FcnJvciB9IGZyb20gXCJAZGVjYWYtdHMvY29yZVwiO1xuaW1wb3J0IHtcbiAgQ29uZmxpY3RFcnJvcixcbiAgSW50ZXJuYWxFcnJvcixcbiAgTm90Rm91bmRFcnJvcixcbn0gZnJvbSBcIkBkZWNhZi10cy9kYi1kZWNvcmF0b3JzXCI7XG5pbXBvcnQgeyBDb3JlVXRpbHMgfSBmcm9tIFwiLi4vLi4vc2hhcmVkL3V0aWxzXCI7XG5pbXBvcnQgeyBDQV9ST0xFIH0gZnJvbSBcIi4vY29uc3RhbnRzXCI7XG5pbXBvcnQgeyBDcnlwdG9VdGlscyB9IGZyb20gXCIuLi8uLi9zaGFyZWQvY3J5cHRvXCI7XG5pbXBvcnQge1xuICBDZXJ0aWZpY2F0ZVJlc3BvbnNlLFxuICBGYWJyaWNJZGVudGl0eSxcbiAgR2V0Q2VydGlmaWNhdGVzUmVxdWVzdCxcbiAgSWRlbnRpdHlSZXNwb25zZSxcbn0gZnJvbSBcIi4uLy4uL3NoYXJlZC9mYWJyaWMtdHlwZXNcIjtcbmltcG9ydCB7IFJlZ2lzdHJhdGlvbkVycm9yIH0gZnJvbSBcIi4uLy4uL3NoYXJlZC9lcnJvcnNcIjtcbmltcG9ydCB7IExvZ2dlZFNlcnZpY2UgfSBmcm9tIFwiLi9Mb2dnZWRTZXJ2aWNlXCI7XG5cbi8qKlxuICogQGRlc2NyaXB0aW9uIEh5cGVybGVkZ2VyIEZhYnJpYyBDQSBpZGVudGl0eSB0eXBlcy5cbiAqIEBzdW1tYXJ5IEVudW1lcmF0ZXMgdGhlIHN1cHBvcnRlZCBpZGVudGl0eSB0eXBlcyByZWNvZ25pemVkIGJ5IEZhYnJpYyBDQSBmb3IgcmVnaXN0cmF0aW9uIGFuZCBpZGVudGl0eSBtYW5hZ2VtZW50LlxuICogQGVudW0ge3N0cmluZ31cbiAqIEByZWFkb25seVxuICogQG1lbWJlck9mIG1vZHVsZTpmb3ItZmFicmljLmNsaWVudFxuICovXG5leHBvcnQgZW51bSBIRkNBSWRlbnRpdHlUeXBlIHtcbiAgUEVFUiA9IFwicGVlclwiLFxuICBPUkRFUkVSID0gXCJvcmRlcmVyXCIsXG4gIENMSUVOVCA9IFwiY2xpZW50XCIsXG4gIFVTRVIgPSBcInVzZXJcIixcbiAgQURNSU4gPSBcImFkbWluXCIsXG59XG4vKipcbiAqIEBkZXNjcmlwdGlvbiBLZXkvdmFsdWUgYXR0cmlidXRlIHVzZWQgZHVyaW5nIENBIHJlZ2lzdHJhdGlvbi5cbiAqIEBzdW1tYXJ5IFJlcHJlc2VudHMgYW4gYXR0cmlidXRlIGVudHJ5IHRoYXQgY2FuIGJlIGF0dGFjaGVkIHRvIGEgRmFicmljIENBIGlkZW50aXR5IGR1cmluZyByZWdpc3RyYXRpb24sIG9wdGlvbmFsbHkgbWFya2luZyBpdCBmb3IgaW5jbHVzaW9uIGluIGVjZXJ0LlxuICogQGludGVyZmFjZSBJS2V5VmFsdWVBdHRyaWJ1dGVcbiAqIEB0ZW1wbGF0ZSBUXG4gKiBAcGFyYW0ge3N0cmluZ30gbmFtZSAtIEF0dHJpYnV0ZSBuYW1lLlxuICogQHBhcmFtIHtzdHJpbmd9IHZhbHVlIC0gQXR0cmlidXRlIHZhbHVlLlxuICogQHBhcmFtIHtib29sZWFufSBbZWNlcnRdIC0gV2hldGhlciB0aGUgYXR0cmlidXRlIHNob3VsZCBiZSBpbmNsdWRlZCBpbiB0aGUgZW5yb2xsbWVudCBjZXJ0aWZpY2F0ZSAoRUNlcnQpLlxuICogQG1lbWJlck9mIG1vZHVsZTpmb3ItZmFicmljLmNsaWVudFxuICovXG5leHBvcnQgaW50ZXJmYWNlIElLZXlWYWx1ZUF0dHJpYnV0ZSB7XG4gIG5hbWU6IHN0cmluZztcbiAgdmFsdWU6IHN0cmluZztcbiAgZWNlcnQ/OiBib29sZWFuO1xufVxuXG4vKipcbiAqIEBkZXNjcmlwdGlvbiBTdGFuZGFyZCBGYWJyaWMgQ0EgaWRlbnRpdHkgYXR0cmlidXRlIGtleXMuXG4gKiBAc3VtbWFyeSBFbnVtZXJhdGVzIHdlbGwta25vd24gRmFicmljIENBIGF0dHJpYnV0ZSBrZXlzIHRoYXQgY2FuIGJlIGFzc2lnbmVkIHRvIGlkZW50aXRpZXMgZm9yIGRlbGVnYXRpb25zIGFuZCBwZXJtaXNzaW9ucy5cbiAqIEBlbnVtIHtzdHJpbmd9XG4gKiBAcmVhZG9ubHlcbiAqIEBtZW1iZXJPZiBtb2R1bGU6Zm9yLWZhYnJpYy5jbGllbnRcbiAqL1xuZXhwb3J0IGVudW0gSEZDQUlkZW50aXR5QXR0cmlidXRlcyB7XG4gIEhGUkVHSVNUUkFSUk9MRVMgPSBcImhmLlJlZ2lzdHJhci5Sb2xlc1wiLFxuICBIRlJFR0lTVFJBUkRFTEVHQVRFUk9MRVMgPSBcImhmLlJlZ2lzdHJhci5EZWxlZ2F0ZVJvbGVzXCIsXG4gIEhGUkVHSVNUUkFSQVRUUklCVVRFUyA9IFwiaGYuUmVnaXN0cmFyLkF0dHJpYnV0ZXNcIixcbiAgSEZJTlRFUk1FRElBVEVDQSA9IFwiaGYuSW50ZXJtZWRpYXRlQ0FcIixcbiAgSEZSRVZPS0VSID0gXCJoZi5SZXZva2VyXCIsXG4gIEhGQUZGSUxJQVRJT05NR1IgPSBcImhmLkFmZmlsaWF0aW9uTWdyXCIsXG4gIEhGR0VOQ1JMID0gXCJoZi5HZW5DUkxcIixcbn1cblxuLyoqXG4gKiBAZGVzY3JpcHRpb24gU2VydmljZSB3cmFwcGVyIGZvciBpbnRlcmFjdGluZyB3aXRoIGEgRmFicmljIENBLlxuICogQHN1bW1hcnkgUHJvdmlkZXMgaGlnaC1sZXZlbCBvcGVyYXRpb25zIGZvciBtYW5hZ2luZyBpZGVudGl0aWVzIGFnYWluc3QgYSBIeXBlcmxlZGdlciBGYWJyaWMgQ2VydGlmaWNhdGUgQXV0aG9yaXR5LCBpbmNsdWRpbmcgcmVnaXN0cmF0aW9uLCBlbnJvbGxtZW50LCByZXZvY2F0aW9uLCBhbmQgYWRtaW5pc3RyYXRpdmUgcXVlcmllcy4gRW5jYXBzdWxhdGVzIGxvd2VyLWxldmVsIEZhYnJpYyBDQSBjbGllbnQgY2FsbHMgd2l0aCBjb25zaXN0ZW50IGxvZ2dpbmcgYW5kIGVycm9yIG1hcHBpbmcuXG4gKiBAcGFyYW0ge0NBQ29uZmlnfSBjYUNvbmZpZyAtIENvbm5lY3Rpb24gYW5kIFRMUyBjb25maWd1cmF0aW9uIGZvciB0aGUgdGFyZ2V0IENBLlxuICogQGNsYXNzIEZhYnJpY0Vucm9sbG1lbnRTZXJ2aWNlXG4gKiBAZXhhbXBsZVxuICogLy8gUmVnaXN0ZXIgYW5kIGVucm9sbCBhIG5ldyB1c2VyXG4gKiBjb25zdCBzdmMgPSBuZXcgRmFicmljRW5yb2xsbWVudFNlcnZpY2Uoe1xuICogICB1cmw6ICdodHRwczovL2xvY2FsaG9zdDo3MDU0JyxcbiAqICAgY2FOYW1lOiAnT3JnMUNBJyxcbiAqICAgdGxzOiB7IHRydXN0ZWRSb290czogWycvcGF0aC90by9jYS5wZW0nXSwgdmVyaWZ5OiBmYWxzZSB9LFxuICogICBjYUNlcnQ6ICcvcGF0aC90by9hZG1pbi9jZXJ0RGlyJyxcbiAqICAgY2FLZXk6ICcvcGF0aC90by9hZG1pbi9rZXlEaXInXG4gKiB9KTtcbiAqIGF3YWl0IHN2Yy5yZWdpc3Rlcih7IHVzZXJOYW1lOiAnYWxpY2UnLCBwYXNzd29yZDogJ3MzY3IzdCcgfSwgZmFsc2UsICdvcmcxLmRlcGFydG1lbnQxJywgQ0FfUk9MRS5VU0VSKTtcbiAqIGNvbnN0IGlkID0gYXdhaXQgc3ZjLmVucm9sbCgnYWxpY2UnLCAnczNjcjN0Jyk7XG4gKiBAbWVybWFpZFxuICogc2VxdWVuY2VEaWFncmFtXG4gKiAgIGF1dG9udW1iZXJcbiAqICAgcGFydGljaXBhbnQgQXBwXG4gKiAgIHBhcnRpY2lwYW50IFN2YyBhcyBGYWJyaWNFbnJvbGxtZW50U2VydmljZVxuICogICBwYXJ0aWNpcGFudCBDQSBhcyBGYWJyaWMgQ0FcbiAqICAgQXBwLT4+U3ZjOiByZWdpc3RlcihjcmVkZW50aWFscywgLi4uKVxuICogICBTdmMtPj5DQTogcmVnaXN0ZXIocmVxdWVzdCwgYWRtaW5Vc2VyKVxuICogICBDQS0tPj5TdmM6IGVucm9sbG1lbnRTZWNyZXRcbiAqICAgU3ZjLS0+PkFwcDogc2VjcmV0XG4gKiAgIEFwcC0+PlN2YzogZW5yb2xsKGVucm9sbG1lbnRJZCwgc2VjcmV0KVxuICogICBTdmMtPj5DQTogZW5yb2xsKHtlbnJvbGxtZW50SUQsIHNlY3JldH0pXG4gKiAgIENBLS0+PlN2YzogY2VydGlmaWNhdGVzXG4gKiAgIFN2Yy0tPj5BcHA6IElkZW50aXR5XG4gKi9cbmV4cG9ydCBjbGFzcyBGYWJyaWNFbnJvbGxtZW50U2VydmljZSBleHRlbmRzIExvZ2dlZFNlcnZpY2Uge1xuICBwcml2YXRlIGNhPzogRmFicmljQ0FTZXJ2aWNlcztcblxuICBwcml2YXRlIGNlcnRpZmljYXRlU2VydmljZT86IGFueTtcblxuICBwcml2YXRlIGFmZmlsaWF0aW9uU2VydmljZT86IEFmZmlsaWF0aW9uU2VydmljZTtcblxuICBwcml2YXRlIGlkZW50aXR5U2VydmljZT86IElkZW50aXR5U2VydmljZTtcblxuICBwcml2YXRlIGNsaWVudD86IGFueTtcblxuICBwcml2YXRlIHVzZXI/OiBVc2VyO1xuXG4gIGNvbnN0cnVjdG9yKHByaXZhdGUgY2FDb25maWc6IENBQ29uZmlnKSB7XG4gICAgc3VwZXIoKTtcbiAgfVxuXG4gIHByb3RlY3RlZCBhc3luYyBVc2VyKCk6IFByb21pc2U8VXNlcj4ge1xuICAgIGlmICh0aGlzLnVzZXIpIHJldHVybiB0aGlzLnVzZXI7XG4gICAgY29uc3QgeyBjYU5hbWUsIGNhQ2VydCwgY2FLZXksIHVybCB9ID0gdGhpcy5jYUNvbmZpZztcbiAgICBjb25zdCBsb2cgPSB0aGlzLmxvZy5mb3IodGhpcy5Vc2VyKTtcbiAgICBsb2cuZGVidWcoYENyZWF0aW5nIENBIHVzZXIgZm9yICR7Y2FOYW1lfSBhdCAke3VybH1gKTtcbiAgICBsb2cuZGVidWcoYFJldHJpZXZpbmcgQ0EgY2VydGlmaWNhdGUgZnJvbSAke2NhQ2VydH1gKTtcbiAgICBjb25zdCBjZXJ0aWZpY2F0ZSA9IGF3YWl0IENvcmVVdGlscy5nZXRGaXJzdERpckZpbGVOYW1lQ29udGVudChjYUNlcnQpO1xuICAgIGxvZy5kZWJ1ZyhgUmV0cmlldmluZyBDQSBrZXkgZnJvbSAke2NhS2V5fWApO1xuICAgIGNvbnN0IGtleSA9IGF3YWl0IENvcmVVdGlscy5nZXRGaXJzdERpckZpbGVOYW1lQ29udGVudChjYUtleSk7XG4gICAgbG9nLmRlYnVnKGBMb2FkaW5nIEFkbWluIHVzZXIgZm9yIGNhICR7Y2FOYW1lfWApO1xuICAgIHRoaXMudXNlciA9IGF3YWl0IENvcmVVdGlscy5nZXRDQVVzZXIoXCJhZG1pblwiLCBrZXksIGNlcnRpZmljYXRlLCBjYU5hbWUpO1xuICAgIHJldHVybiB0aGlzLnVzZXI7XG4gIH1cblxuICBwcm90ZWN0ZWQgYXN5bmMgQ0EoKTogUHJvbWlzZTxGYWJyaWNDQVNlcnZpY2VzPiB7XG4gICAgaWYgKHRoaXMuY2EpIHJldHVybiB0aGlzLmNhO1xuICAgIGNvbnN0IGxvZyA9IHRoaXMubG9nLmZvcih0aGlzLkNBKTtcbiAgICBjb25zdCB7IHVybCwgdGxzLCBjYU5hbWUgfSA9IHRoaXMuY2FDb25maWc7XG5cbiAgICAvLyBGT1IgU29tZSBSZWFzb24gdGhlIHZlcmlmaWNhdGlvbiBmYWlscyBuZWVkIHRvIGludmVzdGlnYXRlIHRoaXMgd29ya3MgZm9yIG5vd1xuICAgIC8vIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBwcmVmZXItY29uc3RcbiAgICBsZXQgeyB0cnVzdGVkUm9vdHMsIHZlcmlmeSB9ID0gdGxzIGFzIFRMU09wdGlvbnM7XG5cbiAgICB2ZXJpZnkgPSBmYWxzZTtcblxuICAgIGNvbnN0IHJvb3QgPSAodHJ1c3RlZFJvb3RzIGFzIHN0cmluZ1tdKVswXSBhcyBzdHJpbmc7XG4gICAgbG9nLmRlYnVnKGBSZXRyaWV2aW5nIENBIGNlcnRpZmljYXRlIGZyb20gJHtyb290fS4gY3dkOiAke3Byb2Nlc3MuY3dkKCl9YCk7XG5cbiAgICBjb25zdCBjZXJ0aWZpY2F0ZSA9IGF3YWl0IENvcmVVdGlscy5nZXRGaWxlQ29udGVudChyb290KTtcbiAgICBsb2cuZGVidWcoYENyZWF0aW5nIENBIENsaWVudCBmb3IgQ0EgJHtjYU5hbWV9IHVuZGVyICR7dXJsfWApO1xuICAgIHRoaXMuY2EgPSBuZXcgRmFicmljQ0FTZXJ2aWNlcyhcbiAgICAgIHVybCxcbiAgICAgIHtcbiAgICAgICAgdHJ1c3RlZFJvb3RzOiBCdWZmZXIuZnJvbShjZXJ0aWZpY2F0ZSksXG4gICAgICAgIHZlcmlmeSxcbiAgICAgIH0gYXMgVExTT3B0aW9ucyxcbiAgICAgIGNhTmFtZVxuICAgICk7XG4gICAgcmV0dXJuIHRoaXMuY2E7XG4gIH1cblxuICBwcm90ZWN0ZWQgYXN5bmMgQ2xpZW50KCk6IFByb21pc2U8eyBuZXdDZXJ0aWZpY2F0ZVNlcnZpY2U6IGFueSB9PiB7XG4gICAgaWYgKHRoaXMuY2xpZW50KSByZXR1cm4gdGhpcy5jbGllbnQ7XG4gICAgY29uc3QgY2EgPSBhd2FpdCB0aGlzLkNBKCk7XG4gICAgdGhpcy5jbGllbnQgPSAoY2EgYXMgYW55KVtcIl9GYWJyaWNDQVNlcnZpY2VzXCJdO1xuICAgIHJldHVybiB0aGlzLmNsaWVudDtcbiAgfVxuXG4gIHByb3RlY3RlZCBhc3luYyBDZXJ0aWZpY2F0ZSgpIHtcbiAgICBpZiAoIXRoaXMuY2VydGlmaWNhdGVTZXJ2aWNlKVxuICAgICAgdGhpcy5jZXJ0aWZpY2F0ZVNlcnZpY2UgPSAoYXdhaXQgdGhpcy5DbGllbnQoKSkubmV3Q2VydGlmaWNhdGVTZXJ2aWNlKCk7XG4gICAgcmV0dXJuIHRoaXMuY2VydGlmaWNhdGVTZXJ2aWNlO1xuICB9XG5cbiAgcHJvdGVjdGVkIGFzeW5jIEFmZmlsaWF0aW9ucygpIHtcbiAgICBpZiAoIXRoaXMuYWZmaWxpYXRpb25TZXJ2aWNlKVxuICAgICAgdGhpcy5hZmZpbGlhdGlvblNlcnZpY2UgPSAoYXdhaXQgdGhpcy5DQSgpKS5uZXdBZmZpbGlhdGlvblNlcnZpY2UoKTtcbiAgICByZXR1cm4gdGhpcy5hZmZpbGlhdGlvblNlcnZpY2U7XG4gIH1cblxuICBwcm90ZWN0ZWQgYXN5bmMgSWRlbnRpdGllcygpIHtcbiAgICBpZiAoIXRoaXMuaWRlbnRpdHlTZXJ2aWNlKVxuICAgICAgdGhpcy5pZGVudGl0eVNlcnZpY2UgPSAoYXdhaXQgdGhpcy5DQSgpKS5uZXdJZGVudGl0eVNlcnZpY2UoKTtcbiAgICByZXR1cm4gdGhpcy5pZGVudGl0eVNlcnZpY2U7XG4gIH1cblxuICAvKipcbiAgICogQGRlc2NyaXB0aW9uIFJldHJpZXZlIGNlcnRpZmljYXRlcyBmcm9tIHRoZSBDQS5cbiAgICogQHN1bW1hcnkgQ2FsbHMgdGhlIENBIGNlcnRpZmljYXRlIHNlcnZpY2UgdG8gbGlzdCBjZXJ0aWZpY2F0ZXMsIG9wdGlvbmFsbHkgbWFwcGluZyB0byBQRU0gc3RyaW5ncyBvbmx5LlxuICAgKiBAcGFyYW0ge0dldENlcnRpZmljYXRlc1JlcXVlc3R9IFtyZXF1ZXN0XSAtIE9wdGlvbmFsIGZpbHRlciByZXF1ZXN0IGZvciBjZXJ0aWZpY2F0ZSBsb29rdXAuXG4gICAqIEBwYXJhbSB7Ym9vbGVhbn0gW2RvTWFwPXRydWVdIC0gV2hlbiB0cnVlLCByZXR1cm5zIGFycmF5IG9mIFBFTSBzdHJpbmdzOyBvdGhlcndpc2UgcmV0dXJucyBmdWxsIHJlc3BvbnNlIG9iamVjdC5cbiAgICogQHJldHVybiB7UHJvbWlzZTxzdHJpbmdbXSB8IENlcnRpZmljYXRlUmVzcG9uc2U+fSBBcnJheSBvZiBQRU0gc3RyaW5ncyBvciB0aGUgZnVsbCBjZXJ0aWZpY2F0ZSByZXNwb25zZS5cbiAgICovXG4gIGFzeW5jIGdldENlcnRpZmljYXRlcyhcbiAgICByZXF1ZXN0PzogR2V0Q2VydGlmaWNhdGVzUmVxdWVzdCxcbiAgICBkb01hcCA9IHRydWVcbiAgKTogUHJvbWlzZTxzdHJpbmdbXSB8IENlcnRpZmljYXRlUmVzcG9uc2U+IHtcbiAgICBjb25zdCBjZXJ0aWZpY2F0ZVNlcnZpY2UgPSBhd2FpdCB0aGlzLkNlcnRpZmljYXRlKCk7XG4gICAgY29uc3QgdXNlciA9IGF3YWl0IHRoaXMuVXNlcigpO1xuICAgIGNvbnN0IGxvZyA9IHRoaXMubG9nLmZvcih0aGlzLmdldENlcnRpZmljYXRlcyk7XG4gICAgbG9nLmRlYnVnKFxuICAgICAgYFJldHJpZXZpbmcgY2VydGlmaWNhdGVzJHtyZXF1ZXN0ID8gYCBmb3IgJHtyZXF1ZXN0LmlkfWAgOiBcIlwifSBmb3IgQ0EgJHt0aGlzLmNhQ29uZmlnLmNhTmFtZX1gXG4gICAgKTtcbiAgICBjb25zdCByZXNwb25zZTogQ2VydGlmaWNhdGVSZXNwb25zZSA9IChcbiAgICAgIGF3YWl0IGNlcnRpZmljYXRlU2VydmljZS5nZXRDZXJ0aWZpY2F0ZXMocmVxdWVzdCB8fCB7fSwgdXNlcilcbiAgICApLnJlc3VsdDtcbiAgICBsb2cuZGVidWcoXG4gICAgICBgRm91bmQgJHtyZXNwb25zZS5jZXJ0cy5sZW5ndGh9IGNlcnRpZmljYXRlczogJHtKU09OLnN0cmluZ2lmeShyZXNwb25zZSl9YFxuICAgICk7XG4gICAgcmV0dXJuIGRvTWFwID8gcmVzcG9uc2UuY2VydHMubWFwKChjKSA9PiBjLlBFTSkgOiByZXNwb25zZTtcbiAgfVxuXG4gIC8qKlxuICAgKiBAZGVzY3JpcHRpb24gTGlzdCBpZGVudGl0aWVzIHJlZ2lzdGVyZWQgaW4gdGhlIENBLlxuICAgKiBAc3VtbWFyeSBRdWVyaWVzIHRoZSBDQSBpZGVudGl0eSBzZXJ2aWNlIHRvIGZldGNoIGFsbCBpZGVudGl0aWVzIGFuZCByZXR1cm5zIHRoZSBsaXN0IGFzIEZhYnJpY0lkZW50aXR5IG9iamVjdHMuXG4gICAqIEByZXR1cm4ge1Byb21pc2U8RmFicmljSWRlbnRpdHlbXT59IFRoZSBsaXN0IG9mIGlkZW50aXRpZXMgcmVnaXN0ZXJlZCBpbiB0aGUgQ0EuXG4gICAqL1xuICBhc3luYyBnZXRJZGVudGl0aWVzKCk6IFByb21pc2U8RmFicmljSWRlbnRpdHlbXT4ge1xuICAgIGNvbnN0IGlkZW50aXRpZXNTZXJ2aWNlID0gYXdhaXQgdGhpcy5JZGVudGl0aWVzKCk7XG4gICAgY29uc3QgbG9nID0gdGhpcy5sb2cuZm9yKHRoaXMuZ2V0SWRlbnRpdGllcyk7XG4gICAgbG9nLmRlYnVnKGBSZXRyaWV2aW5nIElkZW50aXRpZXMgdW5kZXIgQ0EgJHt0aGlzLmNhQ29uZmlnLmNhTmFtZX1gKTtcbiAgICBjb25zdCByZXNwb25zZTogSWRlbnRpdHlSZXNwb25zZSA9IChcbiAgICAgIGF3YWl0IGlkZW50aXRpZXNTZXJ2aWNlLmdldEFsbChhd2FpdCB0aGlzLlVzZXIoKSlcbiAgICApLnJlc3VsdDtcbiAgICBsb2cuZGVidWcoXG4gICAgICBgRm91bmQgJHtyZXNwb25zZS5pZGVudGl0aWVzLmxlbmd0aH0gSWRlbnRpdGllczogJHtKU09OLnN0cmluZ2lmeShyZXNwb25zZSl9YFxuICAgICk7XG4gICAgcmV0dXJuIHJlc3BvbnNlLmlkZW50aXRpZXM7XG4gIH1cblxuICBwcm90ZWN0ZWQgcGFyc2VFcnJvcihlOiBFcnJvcikge1xuICAgIGNvbnN0IHJlZ2V4cCA9IC8uKmNvZGU6XFxzKFxcZCspLio/bWVzc2FnZTpcXHNbXCInXSguKylbXCInXS9ncztcbiAgICBjb25zdCBtYXRjaCA9IHJlZ2V4cC5leGVjKGUubWVzc2FnZSk7XG4gICAgaWYgKCFtYXRjaCkgcmV0dXJuIG5ldyBSZWdpc3RyYXRpb25FcnJvcihlKTtcbiAgICBjb25zdCBbLCBjb2RlLCBtZXNzYWdlXSA9IG1hdGNoO1xuICAgIHN3aXRjaCAoY29kZSkge1xuICAgICAgY2FzZSBcIjc0XCI6XG4gICAgICBjYXNlIFwiNzFcIjpcbiAgICAgICAgcmV0dXJuIG5ldyBDb25mbGljdEVycm9yKG1lc3NhZ2UpO1xuICAgICAgY2FzZSBcIjIwXCI6XG4gICAgICAgIHJldHVybiBuZXcgQXV0aG9yaXphdGlvbkVycm9yKG1lc3NhZ2UpO1xuICAgICAgZGVmYXVsdDpcbiAgICAgICAgcmV0dXJuIG5ldyBSZWdpc3RyYXRpb25FcnJvcihtZXNzYWdlKTtcbiAgICB9XG4gIH1cblxuICAvKipcbiAgICogQGRlc2NyaXB0aW9uIFJldHJpZXZlIGFmZmlsaWF0aW9ucyBmcm9tIHRoZSBDQS5cbiAgICogQHN1bW1hcnkgUXVlcmllcyB0aGUgQ0EgZm9yIHRoZSBsaXN0IG9mIGFmZmlsaWF0aW9ucyBhdmFpbGFibGUgdW5kZXIgdGhlIGNvbmZpZ3VyZWQgQ0EuXG4gICAqIEByZXR1cm4ge3N0cmluZ30gVGhlIGFmZmlsaWF0aW9ucyByZXN1bHQgcGF5bG9hZC5cbiAgICovXG4gIGFzeW5jIGdldEFmZmlsaWF0aW9ucygpIHtcbiAgICBjb25zdCBhZmZpbGlhdGlvblNlcnZpY2UgPSBhd2FpdCB0aGlzLkFmZmlsaWF0aW9ucygpO1xuICAgIGNvbnN0IGxvZyA9IHRoaXMubG9nLmZvcih0aGlzLmdldEFmZmlsaWF0aW9ucyk7XG4gICAgbG9nLmRlYnVnKGBSZXRyaWV2aW5nIEFmZmlsaWF0aW9ucyB1bmRlciBDQSAke3RoaXMuY2FDb25maWcuY2FOYW1lfWApO1xuICAgIGNvbnN0IHJlc3BvbnNlID0gKGF3YWl0IGFmZmlsaWF0aW9uU2VydmljZS5nZXRBbGwoYXdhaXQgdGhpcy5Vc2VyKCkpKVxuICAgICAgLnJlc3VsdDtcbiAgICBsb2cuZGVidWcoXG4gICAgICBgRm91bmQgJHtyZXNwb25zZS5hLmxlbmd0aH0gQWZmaWxpYXRpb25zOiAke0pTT04uc3RyaW5naWZ5KHJlc3BvbnNlKX1gXG4gICAgKTtcbiAgICByZXR1cm4gcmVzcG9uc2U7XG4gIH1cblxuICAvKipcbiAgICogQGRlc2NyaXB0aW9uIFJlYWQgaWRlbnRpdHkgZGV0YWlscyBmcm9tIHRoZSBDQSBieSBlbnJvbGxtZW50IElELlxuICAgKiBAc3VtbWFyeSBSZXRyaWV2ZXMgYW5kIHZhbGlkYXRlcyBhIHNpbmdsZSBpZGVudGl0eSwgdGhyb3dpbmcgTm90Rm91bmRFcnJvciB3aGVuIG1pc3NpbmcuXG4gICAqIEBwYXJhbSB7c3RyaW5nfSBlbnJvbGxtZW50SWQgLSBFbnJvbGxtZW50IElEIHRvIGxvb2t1cC5cbiAgICogQHJldHVybiB7UHJvbWlzZTxGYWJyaWNJZGVudGl0eT59IFRoZSBpZGVudGl0eSBkZXRhaWxzIHN0b3JlZCBpbiB0aGUgQ0EuXG4gICAqL1xuICBhc3luYyByZWFkKGVucm9sbG1lbnRJZDogc3RyaW5nKSB7XG4gICAgY29uc3QgY2EgPSBhd2FpdCB0aGlzLkNBKCk7XG4gICAgY29uc3QgdXNlciA9IGF3YWl0IHRoaXMuVXNlcigpO1xuICAgIGxldCByZXN1bHQ6IElTZXJ2aWNlUmVzcG9uc2U7XG4gICAgdHJ5IHtcbiAgICAgIHJlc3VsdCA9IGF3YWl0IGNhLm5ld0lkZW50aXR5U2VydmljZSgpLmdldE9uZShlbnJvbGxtZW50SWQsIHVzZXIpO1xuICAgIH0gY2F0Y2ggKGU6IGFueSkge1xuICAgICAgdGhyb3cgbmV3IE5vdEZvdW5kRXJyb3IoXG4gICAgICAgIGBDb3VsZG4ndCBmaW5kIGVucm9sbG1lbnQgd2l0aCBpZCAke2Vucm9sbG1lbnRJZH06ICR7ZX1gXG4gICAgICApO1xuICAgIH1cblxuICAgIGlmICghcmVzdWx0LnN1Y2Nlc3MpXG4gICAgICB0aHJvdyBuZXcgTm90Rm91bmRFcnJvcihcbiAgICAgICAgYENvdWxkbid0IGZpbmQgZW5yb2xsbWVudCB3aXRoIGlkICR7ZW5yb2xsbWVudElkfTogJHtyZXN1bHQuZXJyb3JzLmpvaW4oXCJcXG5cIil9YFxuICAgICAgKTtcblxuICAgIHJldHVybiByZXN1bHQucmVzdWx0IGFzIEZhYnJpY0lkZW50aXR5O1xuICB9XG5cbiAgLyoqXG4gICAqIEBkZXNjcmlwdGlvbiBSZWdpc3RlciBhIG5ldyBpZGVudGl0eSB3aXRoIHRoZSBDQS5cbiAgICogQHN1bW1hcnkgU3VibWl0cyBhIHJlZ2lzdHJhdGlvbiByZXF1ZXN0IGZvciBhIG5ldyBlbnJvbGxtZW50IElELCByZXR1cm5pbmcgdGhlIGVucm9sbG1lbnQgc2VjcmV0IHVwb24gc3VjY2Vzcy5cbiAgICogQHBhcmFtIHtDcmVkZW50aWFsc30gbW9kZWwgLSBDcmVkZW50aWFscyBjb250YWluaW5nIHVzZXJOYW1lIGFuZCBwYXNzd29yZCBmb3IgdGhlIG5ldyBpZGVudGl0eS5cbiAgICogQHBhcmFtIHtib29sZWFufSBbaXNTdXBlclVzZXI9ZmFsc2VdIC0gV2hldGhlciB0byByZWdpc3RlciB0aGUgaWRlbnRpdHkgYXMgYSBzdXBlciB1c2VyLlxuICAgKiBAcGFyYW0ge3N0cmluZ30gW2FmZmlsaWF0aW9uPVwiXCJdIC0gQWZmaWxpYXRpb24gc3RyaW5nIChlLmcuLCBvcmcxLmRlcGFydG1lbnQxKS5cbiAgICogQHBhcmFtIHtDQV9ST0xFIHwgc3RyaW5nfSBbdXNlclJvbGVdIC0gUm9sZSB0byBhc3NpZ24gdG8gdGhlIGlkZW50aXR5LlxuICAgKiBAcGFyYW0ge0lLZXlWYWx1ZUF0dHJpYnV0ZX0gW2F0dHJzXSAtIE9wdGlvbmFsIGF0dHJpYnV0ZXMgdG8gYXR0YWNoIHRvIHRoZSBpZGVudGl0eS5cbiAgICogQHBhcmFtIHtudW1iZXJ9IFttYXhFbnJvbGxtZW50c10gLSBNYXhpbXVtIG51bWJlciBvZiBlbnJvbGxtZW50cyBhbGxvd2VkIGZvciB0aGUgaWRlbnRpdHkuXG4gICAqIEByZXR1cm4ge1Byb21pc2U8c3RyaW5nPn0gVGhlIGVucm9sbG1lbnQgc2VjcmV0IGZvciB0aGUgcmVnaXN0ZXJlZCBpZGVudGl0eS5cbiAgICovXG4gIGFzeW5jIHJlZ2lzdGVyKFxuICAgIG1vZGVsOiBDcmVkZW50aWFscyxcbiAgICBpc1N1cGVyVXNlcjogYm9vbGVhbiA9IGZhbHNlLFxuICAgIGFmZmlsaWF0aW9uOiBzdHJpbmcgPSBcIlwiLFxuICAgIHVzZXJSb2xlPzogQ0FfUk9MRSB8IHN0cmluZyxcbiAgICBhdHRycz86IElLZXlWYWx1ZUF0dHJpYnV0ZSxcbiAgICBtYXhFbnJvbGxtZW50cz86IG51bWJlclxuICApOiBQcm9taXNlPHN0cmluZz4ge1xuICAgIGxldCByZWdpc3RyYXRpb246IHN0cmluZztcbiAgICBjb25zdCBsb2cgPSB0aGlzLmxvZy5mb3IodGhpcy5yZWdpc3Rlcik7XG4gICAgdHJ5IHtcbiAgICAgIGNvbnN0IHsgdXNlck5hbWUsIHBhc3N3b3JkIH0gPSBtb2RlbDtcbiAgICAgIGNvbnN0IGNhID0gYXdhaXQgdGhpcy5DQSgpO1xuICAgICAgY29uc3QgdXNlciA9IGF3YWl0IHRoaXMuVXNlcigpO1xuICAgICAgY29uc3QgcHJvcHMgPSB7XG4gICAgICAgIGVucm9sbG1lbnRJRDogdXNlck5hbWUgYXMgc3RyaW5nLFxuICAgICAgICBlbnJvbGxtZW50U2VjcmV0OiBwYXNzd29yZCxcbiAgICAgICAgYWZmaWxpYXRpb246IGFmZmlsaWF0aW9uLFxuICAgICAgICB1c2VyUm9sZTogdXNlclJvbGUsXG4gICAgICAgIGF0dHJzOiBhdHRycyxcbiAgICAgICAgbWF4RW5yb2xsbWVudHM6IG1heEVucm9sbG1lbnRzLFxuICAgICAgfSBhcyBJUmVnaXN0ZXJSZXF1ZXN0O1xuICAgICAgcmVnaXN0cmF0aW9uID0gYXdhaXQgY2EucmVnaXN0ZXIocHJvcHMsIHVzZXIpO1xuICAgICAgbG9nLmluZm8oXG4gICAgICAgIGBSZWdpc3RyYXRpb24gZm9yICR7dXNlck5hbWV9IGNyZWF0ZWQgd2l0aCB1c2VyIHR5cGUgJHt1c2VyUm9sZSA/PyBcIlVuZGVmaW5lZCBSb2xlXCJ9ICR7aXNTdXBlclVzZXIgPyBcImFzIHN1cGVyIHVzZXJcIiA6IFwiXCJ9YFxuICAgICAgKTtcbiAgICB9IGNhdGNoIChlOiBhbnkpIHtcbiAgICAgIHRocm93IHRoaXMucGFyc2VFcnJvcihlKTtcbiAgICB9XG4gICAgcmV0dXJuIHJlZ2lzdHJhdGlvbjtcbiAgfVxuXG4gIHByb3RlY3RlZCBzdGF0aWMgaWRlbnRpdHlGcm9tRW5yb2xsbWVudChcbiAgICBlbnJvbGxtZW50OiBJRW5yb2xsUmVzcG9uc2UsXG4gICAgbXNwSWQ6IHN0cmluZ1xuICApOiBJZGVudGl0eSB7XG4gICAgY29uc3QgeyBjZXJ0aWZpY2F0ZSwga2V5LCByb290Q2VydGlmaWNhdGUgfSA9IGVucm9sbG1lbnQ7XG4gICAgY29uc3QgbG9nID0gdGhpcy5sb2cuZm9yKHRoaXMuaWRlbnRpdHlGcm9tRW5yb2xsbWVudCk7XG4gICAgbG9nLmRlYnVnKFxuICAgICAgYEdlbmVyYXRpbmcgSWRlbnRpdHkgZnJvbSBjZXJ0aWZpY2F0ZSAke2NlcnRpZmljYXRlfSBpbiBtc3AgJHttc3BJZH1gXG4gICAgKTtcbiAgICBjb25zdCBjbGllbnRJZCA9IENyeXB0b1V0aWxzLmZhYnJpY0lkRnJvbUNlcnRpZmljYXRlKGNlcnRpZmljYXRlKTtcbiAgICBjb25zdCBpZCA9IENyeXB0b1V0aWxzLmVuY29kZShjbGllbnRJZCk7XG4gICAgbG9nLmRlYnVnKGBJZGVudGl0eSAke2NsaWVudElkfSBhbmQgZW5jb2RlZElkICR7aWR9YCk7XG4gICAgY29uc3Qgbm93ID0gbmV3IERhdGUoKTtcbiAgICByZXR1cm4gbmV3IElkZW50aXR5KHtcbiAgICAgIGlkOiBpZCxcbiAgICAgIGNyZWRlbnRpYWxzOiB7XG4gICAgICAgIGlkOiBpZCxcbiAgICAgICAgY2VydGlmaWNhdGU6IGNlcnRpZmljYXRlLFxuICAgICAgICBwcml2YXRlS2V5OiBrZXkudG9CeXRlcygpLFxuICAgICAgICByb290Q2VydGlmaWNhdGU6IHJvb3RDZXJ0aWZpY2F0ZSxcbiAgICAgICAgY3JlYXRlZE9uOiBub3csXG4gICAgICAgIHVwZGF0ZWRPbjogbm93LFxuICAgICAgfSxcbiAgICAgIG1zcElkOiBtc3BJZCxcbiAgICAgIGNyZWF0ZWRPbjogbm93LFxuICAgICAgdXBkYXRlZE9uOiBub3csXG4gICAgfSk7XG4gIH1cblxuICAvKipcbiAgICogQGRlc2NyaXB0aW9uIEVucm9sbCBhbiBpZGVudGl0eSB3aXRoIHRoZSBDQSB1c2luZyBhIHJlZ2lzdHJhdGlvbiBzZWNyZXQuXG4gICAqIEBzdW1tYXJ5IEV4Y2hhbmdlcyB0aGUgZW5yb2xsbWVudCBJRCBhbmQgc2VjcmV0IGZvciBjZXJ0aWZpY2F0ZXMsIHJldHVybmluZyBhIGNvbnN0cnVjdGVkIElkZW50aXR5IG1vZGVsLlxuICAgKiBAcGFyYW0ge3N0cmluZ30gZW5yb2xsbWVudElkIC0gRW5yb2xsbWVudCBJRCB0byBlbnJvbGwuXG4gICAqIEBwYXJhbSB7c3RyaW5nfSByZWdpc3RyYXRpb24gLSBFbnJvbGxtZW50IHNlY3JldCByZXR1cm5lZCBhdCByZWdpc3RyYXRpb24gdGltZS5cbiAgICogQHJldHVybiB7UHJvbWlzZTxJZGVudGl0eT59IFRoZSBlbnJvbGxlZCBpZGVudGl0eSBvYmplY3Qgd2l0aCBjcmVkZW50aWFscy5cbiAgICovXG4gIGFzeW5jIGVucm9sbChlbnJvbGxtZW50SWQ6IHN0cmluZywgcmVnaXN0cmF0aW9uOiBzdHJpbmcpIHtcbiAgICBsZXQgaWRlbnRpdHk6IElkZW50aXR5O1xuICAgIGNvbnN0IGxvZyA9IHRoaXMubG9nLmZvcih0aGlzLmVucm9sbCk7XG4gICAgdHJ5IHtcbiAgICAgIGNvbnN0IGNhID0gYXdhaXQgdGhpcy5DQSgpO1xuICAgICAgbG9nLmRlYnVnKGBFbnJvbGxpbmcgJHtlbnJvbGxtZW50SWR9YCk7XG4gICAgICBjb25zdCBlbnJvbGxtZW50OiBJRW5yb2xsUmVzcG9uc2UgPSBhd2FpdCBjYS5lbnJvbGwoe1xuICAgICAgICBlbnJvbGxtZW50SUQ6IGVucm9sbG1lbnRJZCxcbiAgICAgICAgZW5yb2xsbWVudFNlY3JldDogcmVnaXN0cmF0aW9uLFxuICAgICAgfSk7XG4gICAgICBpZGVudGl0eSA9IEZhYnJpY0Vucm9sbG1lbnRTZXJ2aWNlLmlkZW50aXR5RnJvbUVucm9sbG1lbnQoXG4gICAgICAgIGVucm9sbG1lbnQsXG4gICAgICAgIHRoaXMuY2FDb25maWcuY2FOYW1lXG4gICAgICApO1xuICAgICAgbG9nLmluZm8oXG4gICAgICAgIGBTdWNjZXNzZnVsbHkgZW5yb2xsZWQgJHtlbnJvbGxtZW50SWR9IHVuZGVyICR7dGhpcy5jYUNvbmZpZy5jYU5hbWV9IGFzICR7aWRlbnRpdHkuaWR9YFxuICAgICAgKTtcbiAgICB9IGNhdGNoIChlOiBhbnkpIHtcbiAgICAgIHRocm93IHRoaXMucGFyc2VFcnJvcihlKTtcbiAgICB9XG4gICAgcmV0dXJuIGlkZW50aXR5O1xuICB9XG5cbiAgLyoqXG4gICAqIEBkZXNjcmlwdGlvbiBSZWdpc3RlciBhbmQgZW5yb2xsIGEgbmV3IGlkZW50aXR5IGluIG9uZSBzdGVwLlxuICAgKiBAc3VtbWFyeSBSZWdpc3RlcnMgYSBuZXcgZW5yb2xsbWVudCBJRCB3aXRoIHRoZSBDQSBhbmQgaW1tZWRpYXRlbHkgZXhjaGFuZ2VzIHRoZSBzZWNyZXQgdG8gZW5yb2xsLCByZXR1cm5pbmcgdGhlIGNyZWF0ZWQgSWRlbnRpdHkuXG4gICAqIEBwYXJhbSB7Q3JlZGVudGlhbHN9IG1vZGVsIC0gQ3JlZGVudGlhbHMgZm9yIHRoZSBuZXcgaWRlbnRpdHkgY29udGFpbmluZyB1c2VyTmFtZSBhbmQgcGFzc3dvcmQuXG4gICAqIEBwYXJhbSB7Ym9vbGVhbn0gW2lzU3VwZXJVc2VyPWZhbHNlXSAtIFdoZXRoZXIgdG8gcmVnaXN0ZXIgdGhlIGlkZW50aXR5IGFzIGEgc3VwZXIgdXNlci5cbiAgICogQHBhcmFtIHtzdHJpbmd9IFthZmZpbGlhdGlvbj1cIlwiXSAtIEFmZmlsaWF0aW9uIHN0cmluZyAoZS5nLiwgb3JnMS5kZXBhcnRtZW50MSkuXG4gICAqIEBwYXJhbSB7Q0FfUk9MRSB8IHN0cmluZ30gW3VzZXJSb2xlXSAtIFJvbGUgdG8gYXNzaWduIHRvIHRoZSBpZGVudGl0eS5cbiAgICogQHBhcmFtIHtJS2V5VmFsdWVBdHRyaWJ1dGV9IFthdHRyc10gLSBPcHRpb25hbCBhdHRyaWJ1dGVzIHRvIGF0dGFjaCB0byB0aGUgaWRlbnRpdHkuXG4gICAqIEBwYXJhbSB7bnVtYmVyfSBbbWF4RW5yb2xsbWVudHNdIC0gTWF4aW11bSBudW1iZXIgb2YgZW5yb2xsbWVudHMgYWxsb3dlZCBmb3IgdGhlIGlkZW50aXR5LlxuICAgKiBAcmV0dXJuIHtQcm9taXNlPElkZW50aXR5Pn0gVGhlIGVucm9sbGVkIGlkZW50aXR5LlxuICAgKi9cbiAgYXN5bmMgcmVnaXN0ZXJBbmRFbnJvbGwoXG4gICAgbW9kZWw6IENyZWRlbnRpYWxzLFxuICAgIGlzU3VwZXJVc2VyOiBib29sZWFuID0gZmFsc2UsXG4gICAgYWZmaWxpYXRpb246IHN0cmluZyA9IFwiXCIsXG4gICAgdXNlclJvbGU/OiBDQV9ST0xFIHwgc3RyaW5nLFxuICAgIGF0dHJzPzogSUtleVZhbHVlQXR0cmlidXRlLFxuICAgIG1heEVucm9sbG1lbnRzPzogbnVtYmVyXG4gICk6IFByb21pc2U8SWRlbnRpdHk+IHtcbiAgICBjb25zdCByZWdpc3RyYXRpb24gPSBhd2FpdCB0aGlzLnJlZ2lzdGVyKFxuICAgICAgbW9kZWwsXG4gICAgICBpc1N1cGVyVXNlcixcbiAgICAgIGFmZmlsaWF0aW9uLFxuICAgICAgdXNlclJvbGUsXG4gICAgICBhdHRycyxcbiAgICAgIG1heEVucm9sbG1lbnRzXG4gICAgKTtcbiAgICBjb25zdCB7IHVzZXJOYW1lIH0gPSBtb2RlbDtcbiAgICByZXR1cm4gdGhpcy5lbnJvbGwodXNlck5hbWUgYXMgc3RyaW5nLCByZWdpc3RyYXRpb24pO1xuICB9XG5cbiAgLyoqXG4gICAqIFJldm9rZXMgdGhlIGVucm9sbG1lbnQgb2YgYW4gaWRlbnRpdHkgd2l0aCB0aGUgc3BlY2lmaWVkIGVucm9sbG1lbnQgSUQuXG4gICAqXG4gICAqIEBwYXJhbSBlbnJvbGxtZW50SWQgLSBUaGUgZW5yb2xsbWVudCBJRCBvZiB0aGUgaWRlbnRpdHkgdG8gYmUgcmV2b2tlZC5cbiAgICpcbiAgICogQHJldHVybnMgQSBQcm9taXNlIHRoYXQgcmVzb2x2ZXMgdG8gdGhlIHJlc3VsdCBvZiB0aGUgcmV2b2NhdGlvbiBvcGVyYXRpb24uXG4gICAqXG4gICAqIEB0aHJvd3Mge05vdEZvdW5kRXJyb3J9IElmIHRoZSBlbnJvbGxtZW50IHdpdGggdGhlIHNwZWNpZmllZCBJRCBkb2VzIG5vdCBleGlzdC5cbiAgICogQHRocm93cyB7SW50ZXJuYWxFcnJvcn0gSWYgdGhlcmUgaXMgYW4gZXJyb3IgZHVyaW5nIHRoZSByZXZvY2F0aW9uIHByb2Nlc3MuXG4gICAqL1xuICBhc3luYyByZXZva2UoZW5yb2xsbWVudElkOiBzdHJpbmcpIHtcbiAgICBjb25zdCBjYSA9IGF3YWl0IHRoaXMuQ0EoKTtcbiAgICBjb25zdCB1c2VyID0gYXdhaXQgdGhpcy5Vc2VyKCk7XG4gICAgY29uc3QgaWRlbnRpdHkgPSBhd2FpdCB0aGlzLnJlYWQoZW5yb2xsbWVudElkKTtcbiAgICBpZiAoIWlkZW50aXR5KVxuICAgICAgdGhyb3cgbmV3IE5vdEZvdW5kRXJyb3IoXG4gICAgICAgIGBDb3VsZCBub3QgZmluZCBlbnJvbGxtZW50IHdpdGggaWQgJHtlbnJvbGxtZW50SWR9YFxuICAgICAgKTtcbiAgICBsZXQgcmVzdWx0OiBJU2VydmljZVJlc3BvbnNlO1xuICAgIHRyeSB7XG4gICAgICByZXN1bHQgPSBhd2FpdCBjYS5yZXZva2UoXG4gICAgICAgIHsgZW5yb2xsbWVudElEOiBpZGVudGl0eS5pZCwgcmVhc29uOiBcIlVzZXIgRGVsZXRhdGlvblwiIH0sXG4gICAgICAgIHVzZXJcbiAgICAgICk7XG4gICAgfSBjYXRjaCAoZTogdW5rbm93bikge1xuICAgICAgdGhyb3cgbmV3IEludGVybmFsRXJyb3IoXG4gICAgICAgIGBDb3VsZCBub3QgcmV2b2tlIGVucm9sbG1lbnQgd2l0aCBpZCAke2Vucm9sbG1lbnRJZH06ICR7ZX1gXG4gICAgICApO1xuICAgIH1cbiAgICBpZiAoIXJlc3VsdC5zdWNjZXNzKVxuICAgICAgdGhyb3cgbmV3IEludGVybmFsRXJyb3IoXG4gICAgICAgIGBDb3VsZCBub3QgcmV2b2tlIGVucm9sbG1lbnQgd2l0aCBpZCAke2Vucm9sbG1lbnRJZH06ICR7cmVzdWx0LmVycm9ycy5qb2luKFwiXFxuXCIpfWBcbiAgICAgICk7XG4gICAgcmV0dXJuIHJlc3VsdDtcbiAgfVxufVxuIl19
|
|
@@ -0,0 +1,176 @@
|
|
|
1
|
+
import FabricCAServices from "fabric-ca-client";
|
|
2
|
+
import { IEnrollResponse } from "fabric-ca-client";
|
|
3
|
+
import { User } from "fabric-common";
|
|
4
|
+
import { CAConfig, Credentials } from "../../shared/types";
|
|
5
|
+
import { Identity } from "../../shared/model/Identity";
|
|
6
|
+
import { AuthorizationError } from "@decaf-ts/core";
|
|
7
|
+
import { ConflictError } from "@decaf-ts/db-decorators";
|
|
8
|
+
import { CA_ROLE } from "./constants";
|
|
9
|
+
import { CertificateResponse, FabricIdentity, GetCertificatesRequest } from "../../shared/fabric-types";
|
|
10
|
+
import { LoggedService } from "./LoggedService";
|
|
11
|
+
/**
|
|
12
|
+
* @description Hyperledger Fabric CA identity types.
|
|
13
|
+
* @summary Enumerates the supported identity types recognized by Fabric CA for registration and identity management.
|
|
14
|
+
* @enum {string}
|
|
15
|
+
* @readonly
|
|
16
|
+
* @memberOf module:for-fabric.client
|
|
17
|
+
*/
|
|
18
|
+
export declare enum HFCAIdentityType {
|
|
19
|
+
PEER = "peer",
|
|
20
|
+
ORDERER = "orderer",
|
|
21
|
+
CLIENT = "client",
|
|
22
|
+
USER = "user",
|
|
23
|
+
ADMIN = "admin"
|
|
24
|
+
}
|
|
25
|
+
/**
|
|
26
|
+
* @description Key/value attribute used during CA registration.
|
|
27
|
+
* @summary Represents an attribute entry that can be attached to a Fabric CA identity during registration, optionally marking it for inclusion in ecert.
|
|
28
|
+
* @interface IKeyValueAttribute
|
|
29
|
+
* @template T
|
|
30
|
+
* @param {string} name - Attribute name.
|
|
31
|
+
* @param {string} value - Attribute value.
|
|
32
|
+
* @param {boolean} [ecert] - Whether the attribute should be included in the enrollment certificate (ECert).
|
|
33
|
+
* @memberOf module:for-fabric.client
|
|
34
|
+
*/
|
|
35
|
+
export interface IKeyValueAttribute {
|
|
36
|
+
name: string;
|
|
37
|
+
value: string;
|
|
38
|
+
ecert?: boolean;
|
|
39
|
+
}
|
|
40
|
+
/**
|
|
41
|
+
* @description Standard Fabric CA identity attribute keys.
|
|
42
|
+
* @summary Enumerates well-known Fabric CA attribute keys that can be assigned to identities for delegations and permissions.
|
|
43
|
+
* @enum {string}
|
|
44
|
+
* @readonly
|
|
45
|
+
* @memberOf module:for-fabric.client
|
|
46
|
+
*/
|
|
47
|
+
export declare enum HFCAIdentityAttributes {
|
|
48
|
+
HFREGISTRARROLES = "hf.Registrar.Roles",
|
|
49
|
+
HFREGISTRARDELEGATEROLES = "hf.Registrar.DelegateRoles",
|
|
50
|
+
HFREGISTRARATTRIBUTES = "hf.Registrar.Attributes",
|
|
51
|
+
HFINTERMEDIATECA = "hf.IntermediateCA",
|
|
52
|
+
HFREVOKER = "hf.Revoker",
|
|
53
|
+
HFAFFILIATIONMGR = "hf.AffiliationMgr",
|
|
54
|
+
HFGENCRL = "hf.GenCRL"
|
|
55
|
+
}
|
|
56
|
+
/**
|
|
57
|
+
* @description Service wrapper for interacting with a Fabric CA.
|
|
58
|
+
* @summary Provides high-level operations for managing identities against a Hyperledger Fabric Certificate Authority, including registration, enrollment, revocation, and administrative queries. Encapsulates lower-level Fabric CA client calls with consistent logging and error mapping.
|
|
59
|
+
* @param {CAConfig} caConfig - Connection and TLS configuration for the target CA.
|
|
60
|
+
* @class FabricEnrollmentService
|
|
61
|
+
* @example
|
|
62
|
+
* // Register and enroll a new user
|
|
63
|
+
* const svc = new FabricEnrollmentService({
|
|
64
|
+
* url: 'https://localhost:7054',
|
|
65
|
+
* caName: 'Org1CA',
|
|
66
|
+
* tls: { trustedRoots: ['/path/to/ca.pem'], verify: false },
|
|
67
|
+
* caCert: '/path/to/admin/certDir',
|
|
68
|
+
* caKey: '/path/to/admin/keyDir'
|
|
69
|
+
* });
|
|
70
|
+
* await svc.register({ userName: 'alice', password: 's3cr3t' }, false, 'org1.department1', CA_ROLE.USER);
|
|
71
|
+
* const id = await svc.enroll('alice', 's3cr3t');
|
|
72
|
+
* @mermaid
|
|
73
|
+
* sequenceDiagram
|
|
74
|
+
* autonumber
|
|
75
|
+
* participant App
|
|
76
|
+
* participant Svc as FabricEnrollmentService
|
|
77
|
+
* participant CA as Fabric CA
|
|
78
|
+
* App->>Svc: register(credentials, ...)
|
|
79
|
+
* Svc->>CA: register(request, adminUser)
|
|
80
|
+
* CA-->>Svc: enrollmentSecret
|
|
81
|
+
* Svc-->>App: secret
|
|
82
|
+
* App->>Svc: enroll(enrollmentId, secret)
|
|
83
|
+
* Svc->>CA: enroll({enrollmentID, secret})
|
|
84
|
+
* CA-->>Svc: certificates
|
|
85
|
+
* Svc-->>App: Identity
|
|
86
|
+
*/
|
|
87
|
+
export declare class FabricEnrollmentService extends LoggedService {
|
|
88
|
+
private caConfig;
|
|
89
|
+
private ca?;
|
|
90
|
+
private certificateService?;
|
|
91
|
+
private affiliationService?;
|
|
92
|
+
private identityService?;
|
|
93
|
+
private client?;
|
|
94
|
+
private user?;
|
|
95
|
+
constructor(caConfig: CAConfig);
|
|
96
|
+
protected User(): Promise<User>;
|
|
97
|
+
protected CA(): Promise<FabricCAServices>;
|
|
98
|
+
protected Client(): Promise<{
|
|
99
|
+
newCertificateService: any;
|
|
100
|
+
}>;
|
|
101
|
+
protected Certificate(): Promise<any>;
|
|
102
|
+
protected Affiliations(): Promise<FabricCAServices.AffiliationService>;
|
|
103
|
+
protected Identities(): Promise<FabricCAServices.IdentityService>;
|
|
104
|
+
/**
|
|
105
|
+
* @description Retrieve certificates from the CA.
|
|
106
|
+
* @summary Calls the CA certificate service to list certificates, optionally mapping to PEM strings only.
|
|
107
|
+
* @param {GetCertificatesRequest} [request] - Optional filter request for certificate lookup.
|
|
108
|
+
* @param {boolean} [doMap=true] - When true, returns array of PEM strings; otherwise returns full response object.
|
|
109
|
+
* @return {Promise<string[] | CertificateResponse>} Array of PEM strings or the full certificate response.
|
|
110
|
+
*/
|
|
111
|
+
getCertificates(request?: GetCertificatesRequest, doMap?: boolean): Promise<string[] | CertificateResponse>;
|
|
112
|
+
/**
|
|
113
|
+
* @description List identities registered in the CA.
|
|
114
|
+
* @summary Queries the CA identity service to fetch all identities and returns the list as FabricIdentity objects.
|
|
115
|
+
* @return {Promise<FabricIdentity[]>} The list of identities registered in the CA.
|
|
116
|
+
*/
|
|
117
|
+
getIdentities(): Promise<FabricIdentity[]>;
|
|
118
|
+
protected parseError(e: Error): ConflictError | AuthorizationError;
|
|
119
|
+
/**
|
|
120
|
+
* @description Retrieve affiliations from the CA.
|
|
121
|
+
* @summary Queries the CA for the list of affiliations available under the configured CA.
|
|
122
|
+
* @return {string} The affiliations result payload.
|
|
123
|
+
*/
|
|
124
|
+
getAffiliations(): Promise<any>;
|
|
125
|
+
/**
|
|
126
|
+
* @description Read identity details from the CA by enrollment ID.
|
|
127
|
+
* @summary Retrieves and validates a single identity, throwing NotFoundError when missing.
|
|
128
|
+
* @param {string} enrollmentId - Enrollment ID to lookup.
|
|
129
|
+
* @return {Promise<FabricIdentity>} The identity details stored in the CA.
|
|
130
|
+
*/
|
|
131
|
+
read(enrollmentId: string): Promise<FabricIdentity>;
|
|
132
|
+
/**
|
|
133
|
+
* @description Register a new identity with the CA.
|
|
134
|
+
* @summary Submits a registration request for a new enrollment ID, returning the enrollment secret upon success.
|
|
135
|
+
* @param {Credentials} model - Credentials containing userName and password for the new identity.
|
|
136
|
+
* @param {boolean} [isSuperUser=false] - Whether to register the identity as a super user.
|
|
137
|
+
* @param {string} [affiliation=""] - Affiliation string (e.g., org1.department1).
|
|
138
|
+
* @param {CA_ROLE | string} [userRole] - Role to assign to the identity.
|
|
139
|
+
* @param {IKeyValueAttribute} [attrs] - Optional attributes to attach to the identity.
|
|
140
|
+
* @param {number} [maxEnrollments] - Maximum number of enrollments allowed for the identity.
|
|
141
|
+
* @return {Promise<string>} The enrollment secret for the registered identity.
|
|
142
|
+
*/
|
|
143
|
+
register(model: Credentials, isSuperUser?: boolean, affiliation?: string, userRole?: CA_ROLE | string, attrs?: IKeyValueAttribute, maxEnrollments?: number): Promise<string>;
|
|
144
|
+
protected static identityFromEnrollment(enrollment: IEnrollResponse, mspId: string): Identity;
|
|
145
|
+
/**
|
|
146
|
+
* @description Enroll an identity with the CA using a registration secret.
|
|
147
|
+
* @summary Exchanges the enrollment ID and secret for certificates, returning a constructed Identity model.
|
|
148
|
+
* @param {string} enrollmentId - Enrollment ID to enroll.
|
|
149
|
+
* @param {string} registration - Enrollment secret returned at registration time.
|
|
150
|
+
* @return {Promise<Identity>} The enrolled identity object with credentials.
|
|
151
|
+
*/
|
|
152
|
+
enroll(enrollmentId: string, registration: string): Promise<Identity>;
|
|
153
|
+
/**
|
|
154
|
+
* @description Register and enroll a new identity in one step.
|
|
155
|
+
* @summary Registers a new enrollment ID with the CA and immediately exchanges the secret to enroll, returning the created Identity.
|
|
156
|
+
* @param {Credentials} model - Credentials for the new identity containing userName and password.
|
|
157
|
+
* @param {boolean} [isSuperUser=false] - Whether to register the identity as a super user.
|
|
158
|
+
* @param {string} [affiliation=""] - Affiliation string (e.g., org1.department1).
|
|
159
|
+
* @param {CA_ROLE | string} [userRole] - Role to assign to the identity.
|
|
160
|
+
* @param {IKeyValueAttribute} [attrs] - Optional attributes to attach to the identity.
|
|
161
|
+
* @param {number} [maxEnrollments] - Maximum number of enrollments allowed for the identity.
|
|
162
|
+
* @return {Promise<Identity>} The enrolled identity.
|
|
163
|
+
*/
|
|
164
|
+
registerAndEnroll(model: Credentials, isSuperUser?: boolean, affiliation?: string, userRole?: CA_ROLE | string, attrs?: IKeyValueAttribute, maxEnrollments?: number): Promise<Identity>;
|
|
165
|
+
/**
|
|
166
|
+
* Revokes the enrollment of an identity with the specified enrollment ID.
|
|
167
|
+
*
|
|
168
|
+
* @param enrollmentId - The enrollment ID of the identity to be revoked.
|
|
169
|
+
*
|
|
170
|
+
* @returns A Promise that resolves to the result of the revocation operation.
|
|
171
|
+
*
|
|
172
|
+
* @throws {NotFoundError} If the enrollment with the specified ID does not exist.
|
|
173
|
+
* @throws {InternalError} If there is an error during the revocation process.
|
|
174
|
+
*/
|
|
175
|
+
revoke(enrollmentId: string): Promise<FabricCAServices.IServiceResponse>;
|
|
176
|
+
}
|