@enbox/dwn-sdk-js 0.3.7 → 0.3.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/browser.mjs +8 -8
- package/dist/browser.mjs.map +4 -4
- package/dist/esm/generated/precompiled-validators.js +2591 -1435
- package/dist/esm/generated/precompiled-validators.js.map +1 -1
- package/dist/esm/src/core/constants.js +20 -0
- package/dist/esm/src/core/constants.js.map +1 -1
- package/dist/esm/src/core/dwn-error.js +24 -1
- package/dist/esm/src/core/dwn-error.js.map +1 -1
- package/dist/esm/src/core/grant-authorization.js +4 -4
- package/dist/esm/src/core/grant-authorization.js.map +1 -1
- package/dist/esm/src/core/message.js +89 -4
- package/dist/esm/src/core/message.js.map +1 -1
- package/dist/esm/src/core/messages-grant-authorization.js +147 -55
- package/dist/esm/src/core/messages-grant-authorization.js.map +1 -1
- package/dist/esm/src/core/protocol-authorization.js +76 -0
- package/dist/esm/src/core/protocol-authorization.js.map +1 -1
- package/dist/esm/src/core/records-grant-authorization.js +40 -15
- package/dist/esm/src/core/records-grant-authorization.js.map +1 -1
- package/dist/esm/src/handlers/messages-read.js +5 -5
- package/dist/esm/src/handlers/messages-read.js.map +1 -1
- package/dist/esm/src/handlers/messages-subscribe.js +109 -7
- package/dist/esm/src/handlers/messages-subscribe.js.map +1 -1
- package/dist/esm/src/handlers/messages-sync.js +341 -96
- package/dist/esm/src/handlers/messages-sync.js.map +1 -1
- package/dist/esm/src/handlers/protocols-configure.js +81 -2
- package/dist/esm/src/handlers/protocols-configure.js.map +1 -1
- package/dist/esm/src/handlers/records-count.js +30 -0
- package/dist/esm/src/handlers/records-count.js.map +1 -1
- package/dist/esm/src/handlers/records-delete.js +3 -2
- package/dist/esm/src/handlers/records-delete.js.map +1 -1
- package/dist/esm/src/handlers/records-query.js +30 -0
- package/dist/esm/src/handlers/records-query.js.map +1 -1
- package/dist/esm/src/handlers/records-read.js +3 -2
- package/dist/esm/src/handlers/records-read.js.map +1 -1
- package/dist/esm/src/handlers/records-subscribe.js +31 -0
- package/dist/esm/src/handlers/records-subscribe.js.map +1 -1
- package/dist/esm/src/handlers/records-write.js +3 -2
- package/dist/esm/src/handlers/records-write.js.map +1 -1
- package/dist/esm/src/index.js +2 -0
- package/dist/esm/src/index.js.map +1 -1
- package/dist/esm/src/interfaces/messages-read.js +6 -3
- package/dist/esm/src/interfaces/messages-read.js.map +1 -1
- package/dist/esm/src/interfaces/messages-subscribe.js +6 -3
- package/dist/esm/src/interfaces/messages-subscribe.js.map +1 -1
- package/dist/esm/src/interfaces/messages-sync.js +17 -3
- package/dist/esm/src/interfaces/messages-sync.js.map +1 -1
- package/dist/esm/src/interfaces/protocols-configure.js +5 -2
- package/dist/esm/src/interfaces/protocols-configure.js.map +1 -1
- package/dist/esm/src/interfaces/protocols-query.js +8 -4
- package/dist/esm/src/interfaces/protocols-query.js.map +1 -1
- package/dist/esm/src/interfaces/records-count.js +5 -0
- package/dist/esm/src/interfaces/records-count.js.map +1 -1
- package/dist/esm/src/interfaces/records-delete.js +6 -2
- package/dist/esm/src/interfaces/records-delete.js.map +1 -1
- package/dist/esm/src/interfaces/records-query.js +5 -0
- package/dist/esm/src/interfaces/records-query.js.map +1 -1
- package/dist/esm/src/interfaces/records-read.js +6 -3
- package/dist/esm/src/interfaces/records-read.js.map +1 -1
- package/dist/esm/src/interfaces/records-subscribe.js +5 -0
- package/dist/esm/src/interfaces/records-subscribe.js.map +1 -1
- package/dist/esm/src/interfaces/records-write.js +6 -3
- package/dist/esm/src/interfaces/records-write.js.map +1 -1
- package/dist/esm/src/protocols/permissions.js +28 -7
- package/dist/esm/src/protocols/permissions.js.map +1 -1
- package/dist/esm/src/sync/records-projection.js +228 -0
- package/dist/esm/src/sync/records-projection.js.map +1 -0
- package/dist/esm/src/types/message-types.js.map +1 -1
- package/dist/esm/src/types/permission-types.js.map +1 -1
- package/dist/esm/src/utils/permission-scope.js +37 -0
- package/dist/esm/src/utils/permission-scope.js.map +1 -0
- package/dist/esm/tests/core/grant-authorization.spec.js +26 -3
- package/dist/esm/tests/core/grant-authorization.spec.js.map +1 -1
- package/dist/esm/tests/core/records-grant-authorization.spec.js +117 -0
- package/dist/esm/tests/core/records-grant-authorization.spec.js.map +1 -0
- package/dist/esm/tests/features/permissions.spec.js +126 -0
- package/dist/esm/tests/features/permissions.spec.js.map +1 -1
- package/dist/esm/tests/handlers/messages-read.spec.js +345 -12
- package/dist/esm/tests/handlers/messages-read.spec.js.map +1 -1
- package/dist/esm/tests/handlers/messages-subscribe.spec.js +326 -9
- package/dist/esm/tests/handlers/messages-subscribe.spec.js.map +1 -1
- package/dist/esm/tests/handlers/messages-sync.spec.js +1053 -7
- package/dist/esm/tests/handlers/messages-sync.spec.js.map +1 -1
- package/dist/esm/tests/handlers/protocols-configure.spec.js +361 -0
- package/dist/esm/tests/handlers/protocols-configure.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-count.spec.js +75 -2
- package/dist/esm/tests/handlers/records-count.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-query.spec.js +73 -0
- package/dist/esm/tests/handlers/records-query.spec.js.map +1 -1
- package/dist/esm/tests/handlers/records-subscribe.spec.js +75 -1
- package/dist/esm/tests/handlers/records-subscribe.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/messages-get.spec.js +107 -5
- package/dist/esm/tests/interfaces/messages-get.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/protocols-configure.spec.js +13 -0
- package/dist/esm/tests/interfaces/protocols-configure.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/records-delete.spec.js +12 -0
- package/dist/esm/tests/interfaces/records-delete.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/records-query.spec.js +10 -0
- package/dist/esm/tests/interfaces/records-query.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/records-subscribe.spec.js +10 -0
- package/dist/esm/tests/interfaces/records-subscribe.spec.js.map +1 -1
- package/dist/esm/tests/interfaces/records-write.spec.js +33 -0
- package/dist/esm/tests/interfaces/records-write.spec.js.map +1 -1
- package/dist/esm/tests/sync/records-projection.spec.js +245 -0
- package/dist/esm/tests/sync/records-projection.spec.js.map +1 -0
- package/dist/esm/tests/test-suite.js +2 -0
- package/dist/esm/tests/test-suite.js.map +1 -1
- package/dist/esm/tests/utils/permission-scope.spec.js +66 -0
- package/dist/esm/tests/utils/permission-scope.spec.js.map +1 -0
- package/dist/esm/tests/utils/test-data-generator.js +5 -2
- package/dist/esm/tests/utils/test-data-generator.js.map +1 -1
- package/dist/types/generated/precompiled-validators.d.ts.map +1 -1
- package/dist/types/src/core/constants.d.ts +13 -0
- package/dist/types/src/core/constants.d.ts.map +1 -1
- package/dist/types/src/core/dwn-error.d.ts +24 -1
- package/dist/types/src/core/dwn-error.d.ts.map +1 -1
- package/dist/types/src/core/grant-authorization.d.ts +1 -2
- package/dist/types/src/core/grant-authorization.d.ts.map +1 -1
- package/dist/types/src/core/message.d.ts +41 -1
- package/dist/types/src/core/message.d.ts.map +1 -1
- package/dist/types/src/core/messages-grant-authorization.d.ts +36 -4
- package/dist/types/src/core/messages-grant-authorization.d.ts.map +1 -1
- package/dist/types/src/core/protocol-authorization.d.ts +12 -0
- package/dist/types/src/core/protocol-authorization.d.ts.map +1 -1
- package/dist/types/src/core/records-grant-authorization.d.ts +6 -0
- package/dist/types/src/core/records-grant-authorization.d.ts.map +1 -1
- package/dist/types/src/handlers/messages-read.d.ts.map +1 -1
- package/dist/types/src/handlers/messages-subscribe.d.ts +2 -1
- package/dist/types/src/handlers/messages-subscribe.d.ts.map +1 -1
- package/dist/types/src/handlers/messages-sync.d.ts +31 -0
- package/dist/types/src/handlers/messages-sync.d.ts.map +1 -1
- package/dist/types/src/handlers/protocols-configure.d.ts +3 -0
- package/dist/types/src/handlers/protocols-configure.d.ts.map +1 -1
- package/dist/types/src/handlers/records-count.d.ts +4 -0
- package/dist/types/src/handlers/records-count.d.ts.map +1 -1
- package/dist/types/src/handlers/records-delete.d.ts.map +1 -1
- package/dist/types/src/handlers/records-query.d.ts +4 -0
- package/dist/types/src/handlers/records-query.d.ts.map +1 -1
- package/dist/types/src/handlers/records-read.d.ts.map +1 -1
- package/dist/types/src/handlers/records-subscribe.d.ts.map +1 -1
- package/dist/types/src/handlers/records-write.d.ts.map +1 -1
- package/dist/types/src/index.d.ts +6 -2
- package/dist/types/src/index.d.ts.map +1 -1
- package/dist/types/src/interfaces/messages-read.d.ts +1 -1
- package/dist/types/src/interfaces/messages-read.d.ts.map +1 -1
- package/dist/types/src/interfaces/messages-subscribe.d.ts +1 -1
- package/dist/types/src/interfaces/messages-subscribe.d.ts.map +1 -1
- package/dist/types/src/interfaces/messages-sync.d.ts +4 -1
- package/dist/types/src/interfaces/messages-sync.d.ts.map +1 -1
- package/dist/types/src/interfaces/protocols-configure.d.ts.map +1 -1
- package/dist/types/src/interfaces/protocols-query.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-count.d.ts +1 -0
- package/dist/types/src/interfaces/records-count.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-delete.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-query.d.ts +1 -0
- package/dist/types/src/interfaces/records-query.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-read.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-subscribe.d.ts +1 -0
- package/dist/types/src/interfaces/records-subscribe.d.ts.map +1 -1
- package/dist/types/src/interfaces/records-write.d.ts.map +1 -1
- package/dist/types/src/protocols/permissions.d.ts +2 -0
- package/dist/types/src/protocols/permissions.d.ts.map +1 -1
- package/dist/types/src/sync/records-projection.d.ts +98 -0
- package/dist/types/src/sync/records-projection.d.ts.map +1 -0
- package/dist/types/src/types/message-types.d.ts +1 -0
- package/dist/types/src/types/message-types.d.ts.map +1 -1
- package/dist/types/src/types/messages-types.d.ts +21 -3
- package/dist/types/src/types/messages-types.d.ts.map +1 -1
- package/dist/types/src/types/permission-types.d.ts +4 -0
- package/dist/types/src/types/permission-types.d.ts.map +1 -1
- package/dist/types/src/types/records-types.d.ts +4 -0
- package/dist/types/src/types/records-types.d.ts.map +1 -1
- package/dist/types/src/types/subscriptions.d.ts +18 -3
- package/dist/types/src/types/subscriptions.d.ts.map +1 -1
- package/dist/types/src/utils/permission-scope.d.ts +29 -0
- package/dist/types/src/utils/permission-scope.d.ts.map +1 -0
- package/dist/types/tests/core/records-grant-authorization.spec.d.ts +2 -0
- package/dist/types/tests/core/records-grant-authorization.spec.d.ts.map +1 -0
- package/dist/types/tests/features/permissions.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/messages-read.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/messages-subscribe.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/messages-sync.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/protocols-configure.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-count.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-query.spec.d.ts.map +1 -1
- package/dist/types/tests/handlers/records-subscribe.spec.d.ts.map +1 -1
- package/dist/types/tests/sync/records-projection.spec.d.ts +2 -0
- package/dist/types/tests/sync/records-projection.spec.d.ts.map +1 -0
- package/dist/types/tests/test-suite.d.ts.map +1 -1
- package/dist/types/tests/utils/permission-scope.spec.d.ts +2 -0
- package/dist/types/tests/utils/permission-scope.spec.d.ts.map +1 -0
- package/dist/types/tests/utils/test-data-generator.d.ts +5 -2
- package/dist/types/tests/utils/test-data-generator.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/core/constants.ts +24 -0
- package/src/core/dwn-error.ts +24 -1
- package/src/core/grant-authorization.ts +7 -5
- package/src/core/message.ts +153 -6
- package/src/core/messages-grant-authorization.ts +282 -70
- package/src/core/protocol-authorization.ts +130 -0
- package/src/core/records-grant-authorization.ts +64 -21
- package/src/handlers/messages-read.ts +7 -5
- package/src/handlers/messages-subscribe.ts +149 -9
- package/src/handlers/messages-sync.ts +593 -102
- package/src/handlers/protocols-configure.ts +103 -2
- package/src/handlers/records-count.ts +33 -0
- package/src/handlers/records-delete.ts +3 -2
- package/src/handlers/records-query.ts +33 -0
- package/src/handlers/records-read.ts +3 -2
- package/src/handlers/records-subscribe.ts +34 -0
- package/src/handlers/records-write.ts +3 -2
- package/src/index.ts +7 -3
- package/src/interfaces/messages-read.ts +8 -5
- package/src/interfaces/messages-subscribe.ts +12 -9
- package/src/interfaces/messages-sync.ts +33 -12
- package/src/interfaces/protocols-configure.ts +8 -4
- package/src/interfaces/protocols-query.ts +13 -9
- package/src/interfaces/records-count.ts +7 -0
- package/src/interfaces/records-delete.ts +9 -5
- package/src/interfaces/records-query.ts +7 -0
- package/src/interfaces/records-read.ts +6 -3
- package/src/interfaces/records-subscribe.ts +7 -0
- package/src/interfaces/records-write.ts +25 -17
- package/src/protocols/permissions.ts +47 -9
- package/src/sync/records-projection.ts +328 -0
- package/src/types/message-types.ts +1 -0
- package/src/types/messages-types.ts +23 -3
- package/src/types/permission-types.ts +5 -1
- package/src/types/records-types.ts +5 -1
- package/src/types/subscriptions.ts +19 -3
- package/src/utils/permission-scope.ts +55 -0
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"messages-grant-authorization.js","sourceRoot":"","sources":["../../../../src/core/messages-grant-authorization.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"messages-grant-authorization.js","sourceRoot":"","sources":["../../../../src/core/messages-grant-authorization.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AACpE,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAAE,0CAA0C,EAAE,MAAM,gBAAgB,CAAC;AAC5E,OAAO,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;AACtE,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAC;AAC9D,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAExD,MAAM,OAAO,0BAA0B;IAE9B,MAAM,CAAC,KAAK,CAAC,qBAAqB,CACvC,MAAc,EACd,YAA0B,EAC1B,kBAA4B;QAE5B,OAAO,OAAO,CAAC,GAAG,CAChB,kBAAkB,CAAC,GAAG,CAAC,iBAAiB,CAAC,EAAE,CAAC,mBAAmB,CAAC,UAAU,CAAC,MAAM,EAAE,YAAY,EAAE,iBAAiB,CAAC,CAAC,CACrH,CAAC;IACJ,CAAC;IAED;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,KAOzC;QACC,MAAM,EACJ,mBAAmB,EAAE,aAAa,EAAE,eAAe,EAAE,eAAe,EAAE,gBAAgB,EAAE,YAAY,EACrG,GAAG,KAAK,CAAC;QAEV,MAAM,0BAA0B,CAAC,gCAAgC,CAAC;YAChE,eAAe,EAAE,mBAAmB;YACpC,eAAe;YACf,eAAe;YACf,gBAAgB;YAChB,YAAY;SACb,CAAC,CAAC;QAEH,KAAK,MAAM,eAAe,IAAI,gBAAgB,EAAE,CAAC;YAC/C,MAAM,KAAK,GAAG,eAAe,CAAC,KAAgC,CAAC;YAC/D,IAAI,MAAM,0BAA0B,CAAC,iBAAiB,CAAC,eAAe,EAAE,aAAa,EAAE,KAAK,EAAE,YAAY,CAAC,EAAE,CAAC;gBAC5G,OAAO;YACT,CAAC;QACH,CAAC;QAED,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,6BAA6B,EAAE,2CAA2C,CAAC,CAAC;IAC9G,CAAC;IAED;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,KAM5C;QACC,MAAM,EACJ,eAAe,EAAE,eAAe,EAAE,eAAe,EAAE,gBAAgB,EAAE,YAAY,EAClF,GAAG,KAAK,CAAC;QAEV,MAAM,0BAA0B,CAAC,gCAAgC,CAAC;YAChE,eAAe;YACf,eAAe;YACf,eAAe;YACf,gBAAgB;YAChB,YAAY;SACb,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,gBAAgB,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC,eAAe,CAAC,KAAgC,CAAC,CAAC;QAEzG,IAAI,QAAQ,IAAI,eAAe,CAAC,UAAU,EAAE,CAAC;YAC3C,0BAA0B,CAAC,kBAAkB,CAAC,eAAsC,EAAE,MAAM,CAAC,CAAC;YAC9F,OAAO;QACT,CAAC;QAED,0BAA0B,CAAC,uBAAuB,CAAC,eAA2C,EAAE,MAAM,CAAC,CAAC;IAC1G,CAAC;IAEO,MAAM,CAAC,kBAAkB,CAC/B,WAAgC,EAChC,MAAiC;QAEjC,MAAM,EAAE,gBAAgB,EAAE,QAAQ,EAAE,GAAG,WAAW,CAAC,UAAU,CAAC;QAE9D,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,0BAA0B,CAAC,0BAA0B,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACxE,OAAO;QACT,CAAC;QAED,0BAA0B,CAAC,yBAAyB,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;IACjF,CAAC;IAEO,MAAM,CAAC,0BAA0B,CACvC,MAAiC,EACjC,QAA4B;QAE5B,IAAI,0CAA0C,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzD,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,4DAA4D,EACzE,yEAAyE,QAAQ,EAAE,CACpF,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,0BAA0B,CAAC,gBAAgB,CAAC,MAAM,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;YACvE,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,4CAA4C,EACzD,8CAA8C,QAAQ,EAAE,CACzD,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,yBAAyB,CACtC,MAAiC,EACjC,gBAAiC;QAEjC,KAAK,MAAM,eAAe,IAAI,gBAAgB,EAAE,CAAC;YAC/C,IAAI,0CAA0C,CAAC,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACzE,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,0DAA0D,EACvE,mEAAmE,eAAe,CAAC,QAAQ,EAAE,CAC9F,CAAC;YACJ,CAAC;YAED,IAAI,0BAA0B,CAAC,gBAAgB,CAAC,MAAM,EAAE,eAAe,CAAC,EAAE,CAAC;gBACzE,SAAS;YACX,CAAC;YAED,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,iDAAiD,EAC9D,sDAAsD,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,EAAE,CACxF,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,uBAAuB,CACpC,gBAA0C,EAC1C,MAAiC;QAEjC,MAAM,EAAE,OAAO,EAAE,GAAG,gBAAgB,CAAC,UAAU,CAAC;QAEhD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC;YACjF,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,0DAA0D,EACvE,qEAAqE,CACtE,CAAC;QACJ,CAAC;QAED,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,IAAI,0BAA0B,CAAC,gBAAgB,CAAC,MAAM,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,EAAE,CAAC;gBACvF,SAAS;YACX,CAAC;YAED,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,mDAAmD,EAChE,8CAA8C,MAAM,CAAC,QAAQ,EAAE,CAChE,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,gBAAgB,CAAC,MAAiC,EAAE,MAAqB;QACtF,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,sBAAsB,CAAC,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IAC7E,CAAC;IAEO,MAAM,CAAC,gBAAgB,CAAC,MAAiC;QAC/D,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;IAC5D,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,KAAK,CAAC,0BAA0B,CAAC,KAO9C;QACC,MAAM,EACJ,wBAAwB,EACxB,eAAe,EACf,eAAe,EACf,gBAAgB,EAChB,YAAY,EACZ,iBAAiB,GAClB,GAAG,KAAK,CAAC;QAEV,MAAM,eAAe,GAA6B;YAChD,GAAG,wBAAwB;YAC3B,UAAU,EAAE;gBACV,GAAG,wBAAwB,CAAC,UAAU;gBACtC,gBAAgB,EAAE,iBAAiB;aACpC;SACF,CAAC;QAEF,MAAM,0BAA0B,CAAC,wBAAwB,CAAC;YACxD,eAAe,EAAE,eAAe;YAChC,eAAe;YACf,eAAe;YACf,gBAAgB;YAChB,YAAY;SACb,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACK,MAAM,CAAC,KAAK,CAAC,gCAAgC,CAAC,KAMrD;QACC,MAAM,EACJ,eAAe,EAAE,eAAe,EAAE,eAAe,EAAE,gBAAgB,EAAE,YAAY,EAClF,GAAG,KAAK,CAAC;QAEV,KAAK,MAAM,eAAe,IAAI,gBAAgB,EAAE,CAAC;YAC/C,MAAM,kBAAkB,CAAC,qBAAqB,CAAC;gBAC7C,eAAe;gBACf,eAAe;gBACf,eAAe;gBACf,eAAe;gBACf,YAAY;aACb,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,KAAK,CAAC,iBAAiB,CACpC,MAAc,EACd,YAA4B,EAC5B,aAAsC,EACtC,YAA0B;QAE1B,IAAI,aAAa,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YACzC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,YAAY,CAAC,UAAU,CAAC,SAAS,KAAK,gBAAgB,CAAC,OAAO,EAAE,CAAC;YACnE,OAAO,0BAA0B,CAAC,+BAA+B,CAC/D,MAAM,EACN,YAA0D,EAC1D,aAAa,EACb,YAAY,CACb,CAAC;QACJ,CAAC;QAED,IAAI,YAAY,CAAC,UAAU,CAAC,SAAS,KAAK,gBAAgB,CAAC,SAAS,EAAE,CAAC;YACrE,OAAO,0BAA0B,CAAC,mCAAmC,CACnE,YAAyC,EACzC,aAAa,CACd,CAAC;QACJ,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,+BAA+B,CAClD,MAAc,EACd,cAA0D,EAC1D,aAAsC,EACtC,YAA0B;QAE1B,MAAM,mBAAmB,GAAG,MAAM,0BAA0B,CAAC,yBAAyB,CACpF,MAAM,EACN,cAAc,EACd,YAAY,CACb,CAAC;QAEF,IAAI,mBAAmB,CAAC,UAAU,CAAC,QAAQ,KAAK,mBAAmB,CAAC,GAAG,EAAE,CAAC;YACxE,OAAO,0BAA0B,CAAC,iCAAiC,CACjE,MAAM,EACN,mBAAmB,EACnB,aAAa,EACb,YAAY,CACb,CAAC;QACJ,CAAC;QAED,OAAO,sBAAsB,CAAC,OAAO,CAAC,aAAa,EAAE,0BAA0B,CAAC,qBAAqB,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC9H,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,iCAAiC,CACpD,MAAc,EACd,mBAAwC,EACxC,aAAsC,EACtC,YAA0B;QAE1B,IAAI,0BAA0B,CAAC,cAAc,CAAC,aAAa,CAAC,EAAE,CAAC;YAC7D,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,mBAAmB,CAAC,4BAA4B,CAC5E,MAAM,EACN,YAAY,EACZ,mBAAqD,CACtD,CAAC;QAEF,OAAO,mBAAmB,CAAC,gBAAgB,CAAC,eAAe,CAAC;eACvD,sBAAsB,CAAC,OAAO,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;IACtE,CAAC;IAEO,MAAM,CAAC,mCAAmC,CAChD,yBAAoD,EACpD,aAAsC;QAEtC,uEAAuE;QACvE,yEAAyE;QACzE,OAAO,aAAa,CAAC,QAAQ,KAAK,SAAS;YACzC,aAAa,CAAC,QAAQ,KAAK,yBAAyB,CAAC,UAAU,CAAC,UAAU,CAAC,QAAQ,CAAC;IACxF,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,yBAAyB,CAC5C,MAAc,EACd,cAA0D,EAC1D,YAA0B;QAE1B,IAAI,OAAO,CAAC,cAAc,CAAC,cAAc,CAAC,EAAE,CAAC;YAC3C,OAAO,cAAc,CAAC;QACxB,CAAC;QAED,OAAO,YAAY,CAAC,uBAAuB,CAAC,YAAY,EAAE,MAAM,EAAE,cAAc,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IACxG,CAAC;IAEO,MAAM,CAAC,qBAAqB,CAAC,mBAAwC;QAC3E,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,mBAAmB,CAAC,UAAU,CAAC;QAClE,MAAM,EAAE,SAAS,EAAE,GAAG,mBAAmB,CAAC;QAC1C,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC;IAC/C,CAAC;IAEO,MAAM,CAAC,cAAc,CAAC,KAA8B;QAC1D,OAAO,KAAK,CAAC,YAAY,KAAK,SAAS,IAAI,KAAK,CAAC,SAAS,KAAK,SAAS,CAAC;IAC3E,CAAC;CACF"}
|
|
@@ -2,6 +2,7 @@ import { getRuleSetAtPath } from '../utils/protocols.js';
|
|
|
2
2
|
import { SortDirection } from '../types/query-types.js';
|
|
3
3
|
import { DwnError, DwnErrorCode } from './dwn-error.js';
|
|
4
4
|
import { DwnInterfaceName, DwnMethodName } from '../enums/dwn-interface-method.js';
|
|
5
|
+
import { ProtocolAction, ProtocolActor } from '../types/protocols-types.js';
|
|
5
6
|
import { authorizeAgainstAllowedActions, verifyInvokedRole } from './protocol-authorization-action.js';
|
|
6
7
|
import { constructRecordChain, fetchInitialWrite, getGoverningTimestamp } from './record-chain.js';
|
|
7
8
|
import { verifyAsRoleRecordIfNeeded, verifyImmutability, verifyProtocolPathAndContextId, verifyRecordLimit, verifySizeLimit, verifySquashEligibility, verifyTagsIfNeeded, verifyTypeWithComposition, } from './protocol-authorization-validation.js';
|
|
@@ -39,6 +40,29 @@ export class ProtocolAuthorization {
|
|
|
39
40
|
// Verify record count limit
|
|
40
41
|
await verifyRecordLimit(tenant, incomingMessage, ruleSet, messageStore);
|
|
41
42
|
}
|
|
43
|
+
/**
|
|
44
|
+
* Revalidates a stored initial write against the protocol definition that governed its creation timestamp.
|
|
45
|
+
*
|
|
46
|
+
* This is used only for destructive config-history repair, so it deliberately validates config-owned
|
|
47
|
+
* structure and avoids live dependency checks. Missing grant, role, or parent records must not cause
|
|
48
|
+
* an already-admitted record to be hard-purged.
|
|
49
|
+
*/
|
|
50
|
+
static async validateStoredInitialWrite(tenant, incomingMessage, messageStore, coreProtocols) {
|
|
51
|
+
await ProtocolAuthorization.verifyStoredInitialWrite(incomingMessage);
|
|
52
|
+
const governingTimestamp = incomingMessage.message.descriptor.messageTimestamp;
|
|
53
|
+
const protocolDefinition = await ProtocolAuthorization.fetchProtocolDefinition(tenant, incomingMessage.message.descriptor.protocol, messageStore, governingTimestamp, coreProtocols);
|
|
54
|
+
const boundFetchDefinition = ProtocolAuthorization.createBoundFetchDefinition(coreProtocols);
|
|
55
|
+
await verifyTypeWithComposition(tenant, incomingMessage.message, protocolDefinition, messageStore, boundFetchDefinition, governingTimestamp);
|
|
56
|
+
const ruleSet = ProtocolAuthorization.getRuleSet(incomingMessage.message.descriptor.protocolPath, protocolDefinition);
|
|
57
|
+
ProtocolAuthorization.verifyStoredInitialWriteRoleRecipientIfNeeded(incomingMessage, ruleSet);
|
|
58
|
+
verifySizeLimit(incomingMessage, ruleSet);
|
|
59
|
+
verifyTagsIfNeeded(incomingMessage, ruleSet);
|
|
60
|
+
await verifySquashEligibility(incomingMessage, ruleSet);
|
|
61
|
+
ProtocolAuthorization.verifyStoredInitialWriteCreateAction(tenant, incomingMessage, ruleSet);
|
|
62
|
+
// `verifyRecordLimit()` is not replayed here. It is stateful and counts the present
|
|
63
|
+
// latest live set, which would incorrectly reject the record being revalidated.
|
|
64
|
+
// Inbound writes continue to enforce record limits at admission time.
|
|
65
|
+
}
|
|
42
66
|
/**
|
|
43
67
|
* Performs protocol-based authorization against the incoming RecordsWrite message.
|
|
44
68
|
* @throws {Error} if authorization fails.
|
|
@@ -189,5 +213,57 @@ export class ProtocolAuthorization {
|
|
|
189
213
|
}
|
|
190
214
|
return ruleSet;
|
|
191
215
|
}
|
|
216
|
+
static async verifyStoredInitialWrite(incomingMessage) {
|
|
217
|
+
if (await incomingMessage.isInitialWrite()) {
|
|
218
|
+
return;
|
|
219
|
+
}
|
|
220
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationInitialWriteRevalidationNotInitial, 'stored write revalidation only supports initial RecordsWrite messages');
|
|
221
|
+
}
|
|
222
|
+
static verifyStoredInitialWriteRoleRecipientIfNeeded(incomingMessage, ruleSet) {
|
|
223
|
+
if (ruleSet.$role !== true || incomingMessage.message.descriptor.recipient !== undefined) {
|
|
224
|
+
return;
|
|
225
|
+
}
|
|
226
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationStoredInitialWriteRoleMissingRecipient, 'role records must have a recipient');
|
|
227
|
+
}
|
|
228
|
+
static verifyStoredInitialWriteCreateAction(tenant, incomingMessage, ruleSet) {
|
|
229
|
+
if (ProtocolAuthorization.isStoredInitialWriteDirectlyAuthorized(tenant, incomingMessage)) {
|
|
230
|
+
return;
|
|
231
|
+
}
|
|
232
|
+
const actions = incomingMessage.message.descriptor.squash === true
|
|
233
|
+
? [ProtocolAction.Squash, ProtocolAction.Create]
|
|
234
|
+
: [ProtocolAction.Create];
|
|
235
|
+
const actionRules = ruleSet.$actions;
|
|
236
|
+
if (actionRules === undefined) {
|
|
237
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationStoredInitialWriteActionRulesNotFound, `no create action rule defined for stored RecordsWrite by author ${incomingMessage.author}`);
|
|
238
|
+
}
|
|
239
|
+
const invokedRole = incomingMessage.signaturePayload?.protocolRole;
|
|
240
|
+
for (const actionRule of actionRules) {
|
|
241
|
+
if (!actionRule.can.some((allowedAction) => actions.includes(allowedAction))) {
|
|
242
|
+
continue;
|
|
243
|
+
}
|
|
244
|
+
if (invokedRole !== undefined) {
|
|
245
|
+
if (actionRule.role === invokedRole) {
|
|
246
|
+
return;
|
|
247
|
+
}
|
|
248
|
+
continue;
|
|
249
|
+
}
|
|
250
|
+
if (actionRule.who === ProtocolActor.Anyone) {
|
|
251
|
+
return;
|
|
252
|
+
}
|
|
253
|
+
// Author/recipient-of rules depend on the parent chain. This repair path preserves
|
|
254
|
+
// instead of hard-purging when validity depends on mutable or missing dependency records.
|
|
255
|
+
if (actionRule.who === ProtocolActor.Author || actionRule.who === ProtocolActor.Recipient) {
|
|
256
|
+
return;
|
|
257
|
+
}
|
|
258
|
+
}
|
|
259
|
+
throw new DwnError(DwnErrorCode.ProtocolAuthorizationStoredInitialWriteActionNotAllowed, `stored RecordsWrite by author ${incomingMessage.author} is not allowed by the governing protocol config`);
|
|
260
|
+
}
|
|
261
|
+
static isStoredInitialWriteDirectlyAuthorized(tenant, incomingMessage) {
|
|
262
|
+
return incomingMessage.owner !== undefined ||
|
|
263
|
+
incomingMessage.author === tenant ||
|
|
264
|
+
incomingMessage.isSignedByAuthorDelegate ||
|
|
265
|
+
incomingMessage.isSignedByOwnerDelegate ||
|
|
266
|
+
incomingMessage.signaturePayload?.permissionGrantId !== undefined;
|
|
267
|
+
}
|
|
192
268
|
}
|
|
193
269
|
//# sourceMappingURL=protocol-authorization.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protocol-authorization.js","sourceRoot":"","sources":["../../../../src/core/protocol-authorization.ts"],"names":[],"mappings":"AAYA,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,kCAAkC,CAAC;AAEnF,OAAO,EAAE,8BAA8B,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvG,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AACnG,OAAO,EACL,0BAA0B,EAC1B,kBAAkB,EAClB,8BAA8B,EAC9B,iBAAiB,EACjB,eAAe,EACf,uBAAuB,EACvB,kBAAkB,EAClB,yBAAyB,GAC1B,MAAM,wCAAwC,CAAC;AAahD,MAAM,OAAO,qBAAqB;IAEhC;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,4BAA4B,CAC9C,MAAc,EACd,eAA6B,EAC7B,YAA0B,EAC1B,aAAoC;QAEpC,oEAAoE;QACpE,6DAA6D;QAC7D,0GAA0G;QAC1G,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CACpD,MAAM,EAAE,eAAe,EAAE,YAAY,CACtC,CAAC;QAEF,2EAA2E;QAC3E,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAC3C,YAAY,EACZ,kBAAkB,EAClB,aAAa,CACd,CAAC;QAEF,qFAAqF;QACrF,MAAM,oBAAoB,GAAG,qBAAqB,CAAC,0BAA0B,CAAC,aAAa,CAAC,CAAC;QAE7F,+FAA+F;QAC/F,oFAAoF;QACpF,MAAM,yBAAyB,CAC7B,MAAM,EAAE,eAAe,CAAC,OAAO,EAAE,kBAAkB,EAAE,YAAY,EACjE,oBAAoB,EAAE,kBAAkB,CACzC,CAAC;QAEF,0BAA0B;QAC1B,MAAM,8BAA8B,CAClC,MAAM,EAAE,eAAe,EAAE,YAAY,EACrC,oBAAoB,EAAE,kBAAkB,CACzC,CAAC;QAEF,2CAA2C;QAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,EAC/C,kBAAkB,CACnB,CAAC;QAEF,6EAA6E;QAC7E,MAAM,0BAA0B,CAC9B,MAAM,EACN,eAAe,EACf,OAAO,EACP,YAAY,CACb,CAAC;QAEF,oBAAoB;QACpB,eAAe,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAE1C,uBAAuB;QACvB,kBAAkB,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAE7C,6DAA6D;QAC7D,MAAM,kBAAkB,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAEnD,qGAAqG;QACrG,MAAM,uBAAuB,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAExD,4BAA4B;QAC5B,MAAM,iBAAiB,CAAC,MAAM,EAAE,eAAe,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;IAC1E,CAAC;IAED;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,cAAc,CAChC,MAAc,EACd,eAA6B,EAC7B,YAA0B,EAC1B,aAAoC;QAEpC,MAAM,oBAAoB,GAAG,MAAM,iBAAiB,CAAC,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QAE7G,IAAI,WAAW,CAAC;QAChB,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;YACvC,yGAAyG;YACzG,+GAA+G;YAC/G,6EAA6E;YAC7E,WAAW,GAAG,MAAM,oBAAoB,CAAC,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QAC9G,CAAC;aAAM,CAAC;YACN,WAAW,GAAG,MAAM,oBAAoB,CAAC,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QACnG,CAAC;QAED,oEAAoE;QACpE,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CACpD,MAAM,EAAE,eAAe,EAAE,YAAY,CACtC,CAAC;QAEF,2EAA2E;QAC3E,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAC3C,YAAY,EACZ,kBAAkB,EAClB,aAAa,CACd,CAAC;QAEF,2CAA2C;QAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,EAC/C,kBAAkB,CACnB,CAAC;QAEF,MAAM,oBAAoB,GAAG,qBAAqB,CAAC,0BAA0B,CAAC,aAAa,CAAC,CAAC;QAE7F,0FAA0F;QAC1F,MAAM,iBAAiB,CACrB,MAAM,EACN,eAAe,EACf,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAC3C,eAAe,CAAC,OAAO,CAAC,SAAS,EACjC,kBAAkB,EAClB,YAAY,EACZ,oBAAoB,EACpB,kBAAkB,CACnB,CAAC;QAEF,oEAAoE;QACpE,MAAM,8BAA8B,CAClC,MAAM,EACN,eAAe,EACf,OAAO,EACP,WAAW,EACX,YAAY,EACZ,kBAAkB,CACnB,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,MAAM,CAAC,KAAK,CAAC,aAAa,CAC/B,MAAc,EACd,eAA4B,EAC5B,kBAAgC,EAChC,YAA0B,EAC1B,aAAoC;QAEpC,qBAAqB;QACrB,MAAM,WAAW,GACf,MAAM,oBAAoB,CAAC,MAAM,EAAE,kBAAkB,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QAExF,oFAAoF;QACpF,2EAA2E;QAC3E,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAC1C,MAAM,EAAE,kBAAkB,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAC1D,CAAC;QACF,MAAM,kBAAkB,GAAG,YAAY,KAAK,SAAS;YACnD,CAAC,CAAC,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,gBAAgB;YACxD,CAAC,CAAC,YAAY,CAAC,UAAU,CAAC,gBAAgB,CAAC;QAE7C,4EAA4E;QAC5E,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAC9C,YAAY,EACZ,kBAAkB,EAClB,aAAa,CACd,CAAC;QAEF,2CAA2C;QAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,EAClD,kBAAkB,CACnB,CAAC;QAEF,MAAM,oBAAoB,GAAG,qBAAqB,CAAC,0BAA0B,CAAC,aAAa,CAAC,CAAC;QAE7F,0FAA0F;QAC1F,MAAM,iBAAiB,CACrB,MAAM,EACN,eAAe,EACf,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAC9C,kBAAkB,CAAC,OAAO,CAAC,SAAS,EACpC,kBAAkB,EAClB,YAAY,EACZ,oBAAoB,EACpB,kBAAkB,CACnB,CAAC;QAEF,oEAAoE;QACpE,MAAM,8BAA8B,CAClC,MAAM,EACN,eAAe,EACf,OAAO,EACP,WAAW,EACX,YAAY,EACZ,kBAAkB,CACnB,CAAC;IACJ,CAAC;IAEM,MAAM,CAAC,KAAK,CAAC,yBAAyB,CAC3C,MAAc,EACd,eAA+D,EAC/D,YAA0B,EAC1B,aAAoC;QAEpC,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,SAAS,EAAE,GAAG,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC;QAExF,gCAAgC;QAChC,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,QAAS,EAAE,sEAAsE;QACjF,YAAY,EACZ,SAAS,EACT,aAAa,CACd,CAAC;QAEF,2CAA2C;QAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,YAAa,EAAE,sDAAsD;QACrE,kBAAkB,CACnB,CAAC;QAEF,MAAM,oBAAoB,GAAG,qBAAqB,CAAC,0BAA0B,CAAC,aAAa,CAAC,CAAC;QAE7F,0FAA0F;QAC1F,MAAM,iBAAiB,CACrB,MAAM,EACN,eAAe,EACf,QAAS,EACT,SAAS,EACT,kBAAkB,EAClB,YAAY,EACZ,oBAAoB,CACrB,CAAC;QAEF,oEAAoE;QACpE,MAAM,8BAA8B,CAClC,MAAM,EACN,eAAe,EACf,OAAO,EACP,EAAE,EAAE,2DAA2D;QAC/D,YAAY,EACZ,kBAAkB,CACnB,CAAC;IACJ,CAAC;IAED;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,eAAe,CACjC,MAAc,EACd,eAA8B,EAC9B,YAA0B,EAC1B,YAA0B,EAC1B,aAAoC;QAGpC,qBAAqB;QACrB,MAAM,WAAW,GACf,MAAM,oBAAoB,CAAC,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QAEhG,oFAAoF;QACpF,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAC1C,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAClE,CAAC;QACF,MAAM,kBAAkB,GAAG,YAAY,KAAK,SAAS;YACnD,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,gBAAgB;YAClD,CAAC,CAAC,YAAY,CAAC,UAAU,CAAC,gBAAgB,CAAC;QAE7C,4EAA4E;QAC5E,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EACxC,YAAY,EACZ,kBAAkB,EAClB,aAAa,CACd,CAAC;QAEF,2CAA2C;QAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,EAC5C,kBAAkB,CACnB,CAAC;QAEF,MAAM,oBAAoB,GAAG,qBAAqB,CAAC,0BAA0B,CAAC,aAAa,CAAC,CAAC;QAE7F,0FAA0F;QAC1F,MAAM,iBAAiB,CACrB,MAAM,EACN,eAAe,EACf,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EACxC,YAAY,CAAC,OAAO,CAAC,SAAS,EAC9B,kBAAkB,EAClB,YAAY,EACZ,oBAAoB,EACpB,kBAAkB,CACnB,CAAC;QAEF,oEAAoE;QACpE,MAAM,8BAA8B,CAClC,MAAM,EACN,eAAe,EACf,OAAO,EACP,WAAW,EACX,YAAY,EACZ,kBAAkB,CACnB,CAAC;IACJ,CAAC;IAED;;;;;;;;;;OAUG;IACI,MAAM,CAAC,KAAK,CAAC,uBAAuB,CACzC,MAAc,EACd,WAAmB,EACnB,YAA0B,EAC1B,gBAAyB,EACzB,aAAoC;QAEpC,sGAAsG;QACtG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;YAChC,MAAM,cAAc,GAAG,aAAa,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;YAChE,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;gBACjC,OAAO,cAAc,CAAC;YACxB,CAAC;QACH,CAAC;QAED,8CAA8C;QAC9C,MAAM,KAAK,GAAW;YACpB,SAAS,EAAG,gBAAgB,CAAC,SAAS;YACtC,MAAM,EAAM,aAAa,CAAC,SAAS;YACnC,QAAQ,EAAI,WAAW;SACxB,CAAC;QAEF,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,sDAAsD;YACtD,KAAK,CAAC,iBAAiB,GAAG,IAAI,CAAC;QACjC,CAAC;aAAM,CAAC;YACN,8EAA8E;YAC9E,KAAK,CAAC,gBAAgB,GAAG,EAAE,GAAG,EAAE,gBAAgB,EAAE,CAAC;QACrD,CAAC;QAED,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,MAAM,YAAY,CAAC,KAAK,CACtD,MAAM,EACN,CAAC,KAAK,CAAC,EACP,EAAE,gBAAgB,EAAE,aAAa,CAAC,UAAU,EAAE,EAC9C,EAAE,KAAK,EAAE,CAAC,EAAE,CACb,CAAC;QAEF,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,qCAAqC,EAAE,0CAA0C,WAAW,EAAE,CAAC,CAAC;QAClI,CAAC;QAED,MAAM,eAAe,GAAG,SAAS,CAAC,CAAC,CAA8B,CAAC;QAClE,OAAO,eAAe,CAAC,UAAU,CAAC,UAAU,CAAC;IAC/C,CAAC;IAED;;;;;OAKG;IACK,MAAM,CAAC,0BAA0B,CAAC,aAAoC;QAC5E,OAAO,CACL,MAAc,EACd,WAAmB,EACnB,YAA0B,EAC1B,gBAAyB,EACI,EAAE;YAC/B,OAAO,qBAAqB,CAAC,uBAAuB,CAAC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,gBAAgB,EAAE,aAAa,CAAC,CAAC;QAC3H,CAAC,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,UAAU,CACvB,YAAoB,EACpB,kBAAsC;QAEtC,MAAM,OAAO,GAAG,gBAAgB,CAAC,YAAY,EAAE,kBAAkB,CAAC,SAAS,CAAC,CAAC;QAC7E,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,mCAAmC,EACjE,wCAAwC,YAAY,EAAE,CAAC,CAAC;QAC5D,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;CAEF"}
|
|
1
|
+
{"version":3,"file":"protocol-authorization.js","sourceRoot":"","sources":["../../../../src/core/protocol-authorization.ts"],"names":[],"mappings":"AAYA,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,kCAAkC,CAAC;AACnF,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAE5E,OAAO,EAAE,8BAA8B,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvG,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AACnG,OAAO,EACL,0BAA0B,EAC1B,kBAAkB,EAClB,8BAA8B,EAC9B,iBAAiB,EACjB,eAAe,EACf,uBAAuB,EACvB,kBAAkB,EAClB,yBAAyB,GAC1B,MAAM,wCAAwC,CAAC;AAahD,MAAM,OAAO,qBAAqB;IAEhC;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,4BAA4B,CAC9C,MAAc,EACd,eAA6B,EAC7B,YAA0B,EAC1B,aAAoC;QAEpC,oEAAoE;QACpE,6DAA6D;QAC7D,0GAA0G;QAC1G,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CACpD,MAAM,EAAE,eAAe,EAAE,YAAY,CACtC,CAAC;QAEF,2EAA2E;QAC3E,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAC3C,YAAY,EACZ,kBAAkB,EAClB,aAAa,CACd,CAAC;QAEF,qFAAqF;QACrF,MAAM,oBAAoB,GAAG,qBAAqB,CAAC,0BAA0B,CAAC,aAAa,CAAC,CAAC;QAE7F,+FAA+F;QAC/F,oFAAoF;QACpF,MAAM,yBAAyB,CAC7B,MAAM,EAAE,eAAe,CAAC,OAAO,EAAE,kBAAkB,EAAE,YAAY,EACjE,oBAAoB,EAAE,kBAAkB,CACzC,CAAC;QAEF,0BAA0B;QAC1B,MAAM,8BAA8B,CAClC,MAAM,EAAE,eAAe,EAAE,YAAY,EACrC,oBAAoB,EAAE,kBAAkB,CACzC,CAAC;QAEF,2CAA2C;QAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,EAC/C,kBAAkB,CACnB,CAAC;QAEF,6EAA6E;QAC7E,MAAM,0BAA0B,CAC9B,MAAM,EACN,eAAe,EACf,OAAO,EACP,YAAY,CACb,CAAC;QAEF,oBAAoB;QACpB,eAAe,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAE1C,uBAAuB;QACvB,kBAAkB,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAE7C,6DAA6D;QAC7D,MAAM,kBAAkB,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAEnD,qGAAqG;QACrG,MAAM,uBAAuB,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAExD,4BAA4B;QAC5B,MAAM,iBAAiB,CAAC,MAAM,EAAE,eAAe,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;IAC1E,CAAC;IAED;;;;;;OAMG;IACI,MAAM,CAAC,KAAK,CAAC,0BAA0B,CAC5C,MAAc,EACd,eAA6B,EAC7B,YAA0B,EAC1B,aAAoC;QAEpC,MAAM,qBAAqB,CAAC,wBAAwB,CAAC,eAAe,CAAC,CAAC;QAEtE,MAAM,kBAAkB,GAAG,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,gBAAgB,CAAC;QAC/E,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAC3C,YAAY,EACZ,kBAAkB,EAClB,aAAa,CACd,CAAC;QAEF,MAAM,oBAAoB,GAAG,qBAAqB,CAAC,0BAA0B,CAAC,aAAa,CAAC,CAAC;QAE7F,MAAM,yBAAyB,CAC7B,MAAM,EAAE,eAAe,CAAC,OAAO,EAAE,kBAAkB,EAAE,YAAY,EAAE,oBAAoB,EAAE,kBAAkB,CAC5G,CAAC;QAEF,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,EAC/C,kBAAkB,CACnB,CAAC;QAEF,qBAAqB,CAAC,6CAA6C,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAC9F,eAAe,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAC1C,kBAAkB,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAC7C,MAAM,uBAAuB,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QACxD,qBAAqB,CAAC,oCAAoC,CAAC,MAAM,EAAE,eAAe,EAAE,OAAO,CAAC,CAAC;QAE7F,oFAAoF;QACpF,gFAAgF;QAChF,sEAAsE;IACxE,CAAC;IAED;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,cAAc,CAChC,MAAc,EACd,eAA6B,EAC7B,YAA0B,EAC1B,aAAoC;QAEpC,MAAM,oBAAoB,GAAG,MAAM,iBAAiB,CAAC,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QAE7G,IAAI,WAAW,CAAC;QAChB,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;YACvC,yGAAyG;YACzG,+GAA+G;YAC/G,6EAA6E;YAC7E,WAAW,GAAG,MAAM,oBAAoB,CAAC,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QAC9G,CAAC;aAAM,CAAC;YACN,WAAW,GAAG,MAAM,oBAAoB,CAAC,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QACnG,CAAC;QAED,oEAAoE;QACpE,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CACpD,MAAM,EAAE,eAAe,EAAE,YAAY,CACtC,CAAC;QAEF,2EAA2E;QAC3E,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAC3C,YAAY,EACZ,kBAAkB,EAClB,aAAa,CACd,CAAC;QAEF,2CAA2C;QAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,EAC/C,kBAAkB,CACnB,CAAC;QAEF,MAAM,oBAAoB,GAAG,qBAAqB,CAAC,0BAA0B,CAAC,aAAa,CAAC,CAAC;QAE7F,0FAA0F;QAC1F,MAAM,iBAAiB,CACrB,MAAM,EACN,eAAe,EACf,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAC3C,eAAe,CAAC,OAAO,CAAC,SAAS,EACjC,kBAAkB,EAClB,YAAY,EACZ,oBAAoB,EACpB,kBAAkB,CACnB,CAAC;QAEF,oEAAoE;QACpE,MAAM,8BAA8B,CAClC,MAAM,EACN,eAAe,EACf,OAAO,EACP,WAAW,EACX,YAAY,EACZ,kBAAkB,CACnB,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,MAAM,CAAC,KAAK,CAAC,aAAa,CAC/B,MAAc,EACd,eAA4B,EAC5B,kBAAgC,EAChC,YAA0B,EAC1B,aAAoC;QAEpC,qBAAqB;QACrB,MAAM,WAAW,GACf,MAAM,oBAAoB,CAAC,MAAM,EAAE,kBAAkB,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QAExF,oFAAoF;QACpF,2EAA2E;QAC3E,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAC1C,MAAM,EAAE,kBAAkB,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAC1D,CAAC;QACF,MAAM,kBAAkB,GAAG,YAAY,KAAK,SAAS;YACnD,CAAC,CAAC,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,gBAAgB;YACxD,CAAC,CAAC,YAAY,CAAC,UAAU,CAAC,gBAAgB,CAAC;QAE7C,4EAA4E;QAC5E,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAC9C,YAAY,EACZ,kBAAkB,EAClB,aAAa,CACd,CAAC;QAEF,2CAA2C;QAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,EAClD,kBAAkB,CACnB,CAAC;QAEF,MAAM,oBAAoB,GAAG,qBAAqB,CAAC,0BAA0B,CAAC,aAAa,CAAC,CAAC;QAE7F,0FAA0F;QAC1F,MAAM,iBAAiB,CACrB,MAAM,EACN,eAAe,EACf,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAC9C,kBAAkB,CAAC,OAAO,CAAC,SAAS,EACpC,kBAAkB,EAClB,YAAY,EACZ,oBAAoB,EACpB,kBAAkB,CACnB,CAAC;QAEF,oEAAoE;QACpE,MAAM,8BAA8B,CAClC,MAAM,EACN,eAAe,EACf,OAAO,EACP,WAAW,EACX,YAAY,EACZ,kBAAkB,CACnB,CAAC;IACJ,CAAC;IAEM,MAAM,CAAC,KAAK,CAAC,yBAAyB,CAC3C,MAAc,EACd,eAA+D,EAC/D,YAA0B,EAC1B,aAAoC;QAEpC,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,SAAS,EAAE,GAAG,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC;QAExF,gCAAgC;QAChC,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,QAAS,EAAE,sEAAsE;QACjF,YAAY,EACZ,SAAS,EACT,aAAa,CACd,CAAC;QAEF,2CAA2C;QAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,YAAa,EAAE,sDAAsD;QACrE,kBAAkB,CACnB,CAAC;QAEF,MAAM,oBAAoB,GAAG,qBAAqB,CAAC,0BAA0B,CAAC,aAAa,CAAC,CAAC;QAE7F,0FAA0F;QAC1F,MAAM,iBAAiB,CACrB,MAAM,EACN,eAAe,EACf,QAAS,EACT,SAAS,EACT,kBAAkB,EAClB,YAAY,EACZ,oBAAoB,CACrB,CAAC;QAEF,oEAAoE;QACpE,MAAM,8BAA8B,CAClC,MAAM,EACN,eAAe,EACf,OAAO,EACP,EAAE,EAAE,2DAA2D;QAC/D,YAAY,EACZ,kBAAkB,CACnB,CAAC;IACJ,CAAC;IAED;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,eAAe,CACjC,MAAc,EACd,eAA8B,EAC9B,YAA0B,EAC1B,YAA0B,EAC1B,aAAoC;QAGpC,qBAAqB;QACrB,MAAM,WAAW,GACf,MAAM,oBAAoB,CAAC,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QAEhG,oFAAoF;QACpF,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAC1C,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAClE,CAAC;QACF,MAAM,kBAAkB,GAAG,YAAY,KAAK,SAAS;YACnD,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,gBAAgB;YAClD,CAAC,CAAC,YAAY,CAAC,UAAU,CAAC,gBAAgB,CAAC;QAE7C,4EAA4E;QAC5E,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,uBAAuB,CAC5E,MAAM,EACN,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EACxC,YAAY,EACZ,kBAAkB,EAClB,aAAa,CACd,CAAC;QAEF,2CAA2C;QAC3C,MAAM,OAAO,GAAG,qBAAqB,CAAC,UAAU,CAC9C,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,EAC5C,kBAAkB,CACnB,CAAC;QAEF,MAAM,oBAAoB,GAAG,qBAAqB,CAAC,0BAA0B,CAAC,aAAa,CAAC,CAAC;QAE7F,0FAA0F;QAC1F,MAAM,iBAAiB,CACrB,MAAM,EACN,eAAe,EACf,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,EACxC,YAAY,CAAC,OAAO,CAAC,SAAS,EAC9B,kBAAkB,EAClB,YAAY,EACZ,oBAAoB,EACpB,kBAAkB,CACnB,CAAC;QAEF,oEAAoE;QACpE,MAAM,8BAA8B,CAClC,MAAM,EACN,eAAe,EACf,OAAO,EACP,WAAW,EACX,YAAY,EACZ,kBAAkB,CACnB,CAAC;IACJ,CAAC;IAED;;;;;;;;;;OAUG;IACI,MAAM,CAAC,KAAK,CAAC,uBAAuB,CACzC,MAAc,EACd,WAAmB,EACnB,YAA0B,EAC1B,gBAAyB,EACzB,aAAoC;QAEpC,sGAAsG;QACtG,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;YAChC,MAAM,cAAc,GAAG,aAAa,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;YAChE,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;gBACjC,OAAO,cAAc,CAAC;YACxB,CAAC;QACH,CAAC;QAED,8CAA8C;QAC9C,MAAM,KAAK,GAAW;YACpB,SAAS,EAAG,gBAAgB,CAAC,SAAS;YACtC,MAAM,EAAM,aAAa,CAAC,SAAS;YACnC,QAAQ,EAAI,WAAW;SACxB,CAAC;QAEF,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,sDAAsD;YACtD,KAAK,CAAC,iBAAiB,GAAG,IAAI,CAAC;QACjC,CAAC;aAAM,CAAC;YACN,8EAA8E;YAC9E,KAAK,CAAC,gBAAgB,GAAG,EAAE,GAAG,EAAE,gBAAgB,EAAE,CAAC;QACrD,CAAC;QAED,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,MAAM,YAAY,CAAC,KAAK,CACtD,MAAM,EACN,CAAC,KAAK,CAAC,EACP,EAAE,gBAAgB,EAAE,aAAa,CAAC,UAAU,EAAE,EAC9C,EAAE,KAAK,EAAE,CAAC,EAAE,CACb,CAAC;QAEF,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,qCAAqC,EAAE,0CAA0C,WAAW,EAAE,CAAC,CAAC;QAClI,CAAC;QAED,MAAM,eAAe,GAAG,SAAS,CAAC,CAAC,CAA8B,CAAC;QAClE,OAAO,eAAe,CAAC,UAAU,CAAC,UAAU,CAAC;IAC/C,CAAC;IAED;;;;;OAKG;IACK,MAAM,CAAC,0BAA0B,CAAC,aAAoC;QAC5E,OAAO,CACL,MAAc,EACd,WAAmB,EACnB,YAA0B,EAC1B,gBAAyB,EACI,EAAE;YAC/B,OAAO,qBAAqB,CAAC,uBAAuB,CAAC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,gBAAgB,EAAE,aAAa,CAAC,CAAC;QAC3H,CAAC,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,UAAU,CACvB,YAAoB,EACpB,kBAAsC;QAEtC,MAAM,OAAO,GAAG,gBAAgB,CAAC,YAAY,EAAE,kBAAkB,CAAC,SAAS,CAAC,CAAC;QAC7E,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,mCAAmC,EACjE,wCAAwC,YAAY,EAAE,CAAC,CAAC;QAC5D,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,eAA6B;QACzE,IAAI,MAAM,eAAe,CAAC,cAAc,EAAE,EAAE,CAAC;YAC3C,OAAO;QACT,CAAC;QAED,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,uDAAuD,EACpE,uEAAuE,CACxE,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,6CAA6C,CAC1D,eAA6B,EAC7B,OAAwB;QAExB,IAAI,OAAO,CAAC,KAAK,KAAK,IAAI,IAAI,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;YACzF,OAAO;QACT,CAAC;QAED,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,2DAA2D,EACxE,oCAAoC,CACrC,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,oCAAoC,CACjD,MAAc,EACd,eAA6B,EAC7B,OAAwB;QAExB,IAAI,qBAAqB,CAAC,sCAAsC,CAAC,MAAM,EAAE,eAAe,CAAC,EAAE,CAAC;YAC1F,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,KAAK,IAAI;YAChE,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM,EAAE,cAAc,CAAC,MAAM,CAAC;YAChD,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAC5B,MAAM,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;QACrC,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,0DAA0D,EACvE,mEAAmE,eAAe,CAAC,MAAM,EAAE,CAC5F,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAG,eAAe,CAAC,gBAAgB,EAAE,YAAY,CAAC;QACnE,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;YACrC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,aAAqB,EAAW,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,aAA+B,CAAC,CAAC,EAAE,CAAC;gBAChH,SAAS;YACX,CAAC;YAED,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC9B,IAAI,UAAU,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;oBACpC,OAAO;gBACT,CAAC;gBACD,SAAS;YACX,CAAC;YAED,IAAI,UAAU,CAAC,GAAG,KAAK,aAAa,CAAC,MAAM,EAAE,CAAC;gBAC5C,OAAO;YACT,CAAC;YAED,mFAAmF;YACnF,0FAA0F;YAC1F,IAAI,UAAU,CAAC,GAAG,KAAK,aAAa,CAAC,MAAM,IAAI,UAAU,CAAC,GAAG,KAAK,aAAa,CAAC,SAAS,EAAE,CAAC;gBAC1F,OAAO;YACT,CAAC;QACH,CAAC;QAED,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,uDAAuD,EACpE,iCAAiC,eAAe,CAAC,MAAM,kDAAkD,CAC1G,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,sCAAsC,CAAC,MAAc,EAAE,eAA6B;QACjG,OAAO,eAAe,CAAC,KAAK,KAAK,SAAS;YACxC,eAAe,CAAC,MAAM,KAAK,MAAM;YACjC,eAAe,CAAC,wBAAwB;YACxC,eAAe,CAAC,uBAAuB;YACvC,eAAe,CAAC,gBAAgB,EAAE,iBAAiB,KAAK,SAAS,CAAC;IACtE,CAAC;CAEF"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { GrantAuthorization } from './grant-authorization.js';
|
|
2
2
|
import { PermissionConditionPublication } from '../types/permission-types.js';
|
|
3
|
+
import { PermissionScopeMatcher } from '../utils/permission-scope.js';
|
|
3
4
|
import { DwnError, DwnErrorCode } from './dwn-error.js';
|
|
4
5
|
export class RecordsGrantAuthorization {
|
|
5
6
|
/**
|
|
@@ -50,9 +51,13 @@ export class RecordsGrantAuthorization {
|
|
|
50
51
|
// The grant's protocol must match the query/subscribe filter's protocol.
|
|
51
52
|
// NOTE: validated the invoked permission is for Records in GrantAuthorization.performBaseValidation()
|
|
52
53
|
const permissionScope = permissionGrant.scope;
|
|
53
|
-
const
|
|
54
|
-
if (
|
|
55
|
-
|
|
54
|
+
const messageFilter = incomingMessage.descriptor.filter;
|
|
55
|
+
if (!PermissionScopeMatcher.matches(permissionScope, {
|
|
56
|
+
protocol: messageFilter.protocol,
|
|
57
|
+
protocolPath: messageFilter.protocolPath,
|
|
58
|
+
contextId: messageFilter.contextId,
|
|
59
|
+
})) {
|
|
60
|
+
throw new DwnError(DwnErrorCode.RecordsGrantAuthorizationQueryOrSubscribeProtocolScopeMismatch, `Grant scope does not match Records ${incomingMessage.descriptor.method} filter`);
|
|
56
61
|
}
|
|
57
62
|
}
|
|
58
63
|
/**
|
|
@@ -68,32 +73,52 @@ export class RecordsGrantAuthorization {
|
|
|
68
73
|
permissionGrant,
|
|
69
74
|
messageStore
|
|
70
75
|
});
|
|
71
|
-
// The grant's protocol must match the protocol of the record being deleted.
|
|
72
76
|
// NOTE: validated the invoked permission is for Records in GrantAuthorization.performBaseValidation()
|
|
73
|
-
|
|
74
|
-
const protocolOfRecordToDelete = recordsWriteToDelete.descriptor.protocol;
|
|
75
|
-
if (protocolOfRecordToDelete !== permissionScope.protocol) {
|
|
76
|
-
throw new DwnError(DwnErrorCode.RecordsGrantAuthorizationDeleteProtocolScopeMismatch, `Grant protocol scope ${permissionScope.protocol} does not match protocol in record to delete ${protocolOfRecordToDelete}`);
|
|
77
|
-
}
|
|
77
|
+
RecordsGrantAuthorization.verifyDeleteScope(recordsWriteToDelete, permissionGrant.scope);
|
|
78
78
|
}
|
|
79
79
|
/**
|
|
80
80
|
* Verifies a record against the scope of the given grant.
|
|
81
81
|
*/
|
|
82
82
|
static verifyScope(recordsWriteMessage, grantScope) {
|
|
83
|
-
|
|
84
|
-
if (grantScope
|
|
83
|
+
const target = RecordsGrantAuthorization.getProtocolScopeTarget(recordsWriteMessage);
|
|
84
|
+
if (PermissionScopeMatcher.matches(grantScope, target)) {
|
|
85
|
+
return;
|
|
86
|
+
}
|
|
87
|
+
if (grantScope.protocol !== target.protocol) {
|
|
85
88
|
throw new DwnError(DwnErrorCode.RecordsGrantAuthorizationScopeProtocolMismatch, `Grant scope specifies different protocol than what appears in the record`);
|
|
86
89
|
}
|
|
90
|
+
RecordsGrantAuthorization.throwScopeMismatchAfterProtocolMatch(grantScope, target);
|
|
91
|
+
}
|
|
92
|
+
/**
|
|
93
|
+
* Verifies RecordsDelete scope while preserving the delete-specific protocol mismatch code.
|
|
94
|
+
*/
|
|
95
|
+
static verifyDeleteScope(recordsWriteMessage, grantScope) {
|
|
96
|
+
const target = RecordsGrantAuthorization.getProtocolScopeTarget(recordsWriteMessage);
|
|
97
|
+
if (PermissionScopeMatcher.matches(grantScope, target)) {
|
|
98
|
+
return;
|
|
99
|
+
}
|
|
100
|
+
if (grantScope.protocol !== target.protocol) {
|
|
101
|
+
throw new DwnError(DwnErrorCode.RecordsGrantAuthorizationDeleteProtocolScopeMismatch, `Grant protocol scope ${grantScope.protocol} does not match protocol in record to delete ${target.protocol}`);
|
|
102
|
+
}
|
|
103
|
+
RecordsGrantAuthorization.throwScopeMismatchAfterProtocolMatch(grantScope, target);
|
|
104
|
+
}
|
|
105
|
+
static getProtocolScopeTarget(recordsWriteMessage) {
|
|
106
|
+
return {
|
|
107
|
+
protocol: recordsWriteMessage.descriptor.protocol,
|
|
108
|
+
protocolPath: recordsWriteMessage.descriptor.protocolPath,
|
|
109
|
+
contextId: recordsWriteMessage.contextId,
|
|
110
|
+
};
|
|
111
|
+
}
|
|
112
|
+
static throwScopeMismatchAfterProtocolMatch(grantScope, target) {
|
|
87
113
|
// If grant specifies a contextId, check that record falls under that contextId
|
|
88
114
|
if (grantScope.contextId !== undefined) {
|
|
89
|
-
|
|
90
|
-
throw new DwnError(DwnErrorCode.RecordsGrantAuthorizationScopeContextIdMismatch, `Grant scope specifies different contextId than what appears in the record`);
|
|
91
|
-
}
|
|
115
|
+
throw new DwnError(DwnErrorCode.RecordsGrantAuthorizationScopeContextIdMismatch, `Grant scope specifies different contextId than what appears in the record`);
|
|
92
116
|
}
|
|
93
117
|
// If grant specifies protocolPath, check that record is at that protocolPath
|
|
94
|
-
if (grantScope.protocolPath !== undefined && grantScope.protocolPath !==
|
|
118
|
+
if (grantScope.protocolPath !== undefined && grantScope.protocolPath !== target.protocolPath) {
|
|
95
119
|
throw new DwnError(DwnErrorCode.RecordsGrantAuthorizationScopeProtocolPathMismatch, `Grant scope specifies different protocolPath than what appears in the record`);
|
|
96
120
|
}
|
|
121
|
+
throw new DwnError(DwnErrorCode.RecordsGrantAuthorizationScopeMismatch, `Grant scope does not match the record`);
|
|
97
122
|
}
|
|
98
123
|
/**
|
|
99
124
|
* Verifies grant `conditions`.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"records-grant-authorization.js","sourceRoot":"","sources":["../../../../src/core/records-grant-authorization.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"records-grant-authorization.js","sourceRoot":"","sources":["../../../../src/core/records-grant-authorization.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAAE,8BAA8B,EAAE,MAAM,8BAA8B,CAAC;AAC9E,OAAO,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;AACtE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAExD,MAAM,OAAO,yBAAyB;IACpC;;OAEG;IACI,MAAM,CAAC,KAAK,CAAC,cAAc,CAAC,KAMlC;QACC,MAAM,EACJ,mBAAmB,EAAE,eAAe,EAAE,eAAe,EAAE,eAAe,EAAE,YAAY,EACrF,GAAG,KAAK,CAAC;QAEV,MAAM,kBAAkB,CAAC,qBAAqB,CAAC;YAC7C,eAAe,EAAE,mBAAmB;YACpC,eAAe;YACf,eAAe;YACf,eAAe;YACf,YAAY;SACb,CAAC,CAAC;QAEH,sGAAsG;QACtG,yBAAyB,CAAC,WAAW,CAAC,mBAAmB,EAAE,eAAe,CAAC,KAA+B,CAAC,CAAC;QAE5G,yBAAyB,CAAC,gBAAgB,CAAC,mBAAmB,EAAE,eAAe,CAAC,UAAU,CAAC,CAAC;IAC9F,CAAC;IAED;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,KAOjC;QACC,MAAM,EACJ,kBAAkB,EAAE,2BAA2B,EAAE,eAAe,EAAE,eAAe,EAAE,eAAe,EAAE,YAAY,EACjH,GAAG,KAAK,CAAC;QAEV,MAAM,kBAAkB,CAAC,qBAAqB,CAAC;YAC7C,eAAe,EAAE,kBAAkB;YACnC,eAAe;YACf,eAAe;YACf,eAAe;YACf,YAAY;SACb,CAAC,CAAC;QAEH,sGAAsG;QACtG,yBAAyB,CAAC,WAAW,CAAC,2BAA2B,EAAE,eAAe,CAAC,KAA+B,CAAC,CAAC;IACtH,CAAC;IAED;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,yBAAyB,CAAC,KAM7C;QACC,MAAM,EACJ,eAAe,EAAE,eAAe,EAAE,eAAe,EAAE,eAAe,EAAE,YAAY,EACjF,GAAG,KAAK,CAAC;QAEV,MAAM,kBAAkB,CAAC,qBAAqB,CAAC;YAC7C,eAAe;YACf,eAAe;YACf,eAAe;YACf,eAAe;YACf,YAAY;SACb,CAAC,CAAC;QAEH,yEAAyE;QACzE,sGAAsG;QACtG,MAAM,eAAe,GAAG,eAAe,CAAC,KAA+B,CAAC;QACxE,MAAM,aAAa,GAAG,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC;QACxD,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,eAAe,EAAE;YACnD,QAAQ,EAAO,aAAa,CAAC,QAAQ;YACrC,YAAY,EAAG,aAAa,CAAC,YAAY;YACzC,SAAS,EAAM,aAAa,CAAC,SAAS;SACvC,CAAC,EAAE,CAAC;YACH,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,8DAA8D,EAC3E,sCAAsC,eAAe,CAAC,UAAU,CAAC,MAAM,SAAS,CACjF,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACI,MAAM,CAAC,KAAK,CAAC,eAAe,CAAC,KAOnC;QACC,MAAM,EACJ,oBAAoB,EAAE,oBAAoB,EAAE,eAAe,EAAE,eAAe,EAAE,eAAe,EAAE,YAAY,EAC5G,GAAG,KAAK,CAAC;QAEV,MAAM,kBAAkB,CAAC,qBAAqB,CAAC;YAC7C,eAAe,EAAE,oBAAoB;YACrC,eAAe;YACf,eAAe;YACf,eAAe;YACf,YAAY;SACb,CAAC,CAAC;QAEH,sGAAsG;QACtG,yBAAyB,CAAC,iBAAiB,CAAC,oBAAoB,EAAE,eAAe,CAAC,KAA+B,CAAC,CAAC;IACrH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,WAAW,CACxB,mBAAwC,EACxC,UAAkC;QAElC,MAAM,MAAM,GAAG,yBAAyB,CAAC,sBAAsB,CAAC,mBAAmB,CAAC,CAAC;QAErF,IAAI,sBAAsB,CAAC,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,CAAC;YACvD,OAAO;QACT,CAAC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC5C,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,8CAA8C,EAC3D,0EAA0E,CAC3E,CAAC;QACJ,CAAC;QAED,yBAAyB,CAAC,oCAAoC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IACrF,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,iBAAiB,CAC9B,mBAAwC,EACxC,UAAkC;QAElC,MAAM,MAAM,GAAG,yBAAyB,CAAC,sBAAsB,CAAC,mBAAmB,CAAC,CAAC;QAErF,IAAI,sBAAsB,CAAC,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,CAAC;YACvD,OAAO;QACT,CAAC;QAED,IAAI,UAAU,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC5C,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,oDAAoD,EACjE,wBAAwB,UAAU,CAAC,QAAQ,gDAAgD,MAAM,CAAC,QAAQ,EAAE,CAC7G,CAAC;QACJ,CAAC;QAED,yBAAyB,CAAC,oCAAoC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IACrF,CAAC;IAEO,MAAM,CAAC,sBAAsB,CAAC,mBAAwC;QAC5E,OAAO;YACL,QAAQ,EAAO,mBAAmB,CAAC,UAAU,CAAC,QAAQ;YACtD,YAAY,EAAG,mBAAmB,CAAC,UAAU,CAAC,YAAY;YAC1D,SAAS,EAAM,mBAAmB,CAAC,SAAS;SAC7C,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,oCAAoC,CACjD,UAAkC,EAClC,MAAqB;QAErB,+EAA+E;QAC/E,IAAI,UAAU,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;YACvC,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,+CAA+C,EAC5D,2EAA2E,CAC5E,CAAC;QACJ,CAAC;QAED,6EAA6E;QAC7E,IAAI,UAAU,CAAC,YAAY,KAAK,SAAS,IAAI,UAAU,CAAC,YAAY,KAAK,MAAM,CAAC,YAAY,EAAE,CAAC;YAC7F,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,kDAAkD,EAC/D,8EAA8E,CAC/E,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,sCAAsC,EACnD,uCAAuC,CACxC,CAAC;IACJ,CAAC;IAED;;;OAGG;IACK,MAAM,CAAC,gBAAgB,CAAC,mBAAwC,EAAE,UAA4C;QAEpH,iFAAiF;QACjF,IAAI,UAAU,EAAE,WAAW,KAAK,8BAA8B,CAAC,QAAQ,IAAI,CAAC,mBAAmB,CAAC,UAAU,CAAC,SAAS,EAAE,CAAC;YACrH,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,qDAAqD,EAClE,mDAAmD,CACpD,CAAC;QACJ,CAAC;QAED,8FAA8F;QAC9F,IAAI,UAAU,EAAE,WAAW,KAAK,8BAA8B,CAAC,UAAU,IAAI,mBAAmB,CAAC,UAAU,CAAC,SAAS,EAAE,CAAC;YACtH,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,uDAAuD,EACpE,yDAAyD,CAC1D,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
import { authenticate } from '../core/auth.js';
|
|
2
2
|
import { DataStream } from '../utils/data-stream.js';
|
|
3
3
|
import { Encoder } from '../utils/encoder.js';
|
|
4
|
+
import { Message } from '../core/message.js';
|
|
4
5
|
import { messageReplyFromError } from '../core/message-reply.js';
|
|
5
6
|
import { MessagesGrantAuthorization } from '../core/messages-grant-authorization.js';
|
|
6
7
|
import { MessagesRead } from '../interfaces/messages-read.js';
|
|
7
|
-
import { PermissionsProtocol } from '../protocols/permissions.js';
|
|
8
8
|
import { Records } from '../utils/records.js';
|
|
9
9
|
import { DwnError, DwnErrorCode } from '../core/dwn-error.js';
|
|
10
10
|
export class MessagesReadHandler {
|
|
@@ -68,15 +68,15 @@ export class MessagesReadHandler {
|
|
|
68
68
|
// If the author is the tenant, no further authorization is needed
|
|
69
69
|
return;
|
|
70
70
|
}
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
const
|
|
71
|
+
const permissionGrantIds = Message.getPermissionGrantIds(messagesRead.signaturePayload);
|
|
72
|
+
if (messagesRead.author !== undefined && permissionGrantIds.length > 0) {
|
|
73
|
+
const permissionGrants = await MessagesGrantAuthorization.fetchPermissionGrants(tenant, messageStore, permissionGrantIds);
|
|
74
74
|
await MessagesGrantAuthorization.authorizeMessagesRead({
|
|
75
75
|
messagesReadMessage: messagesRead.message,
|
|
76
76
|
messageToRead: matchedMessage,
|
|
77
77
|
expectedGrantor: tenant,
|
|
78
78
|
expectedGrantee: messagesRead.author,
|
|
79
|
-
|
|
79
|
+
permissionGrants,
|
|
80
80
|
messageStore
|
|
81
81
|
});
|
|
82
82
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"messages-read.js","sourceRoot":"","sources":["../../../../src/handlers/messages-read.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AACrD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"messages-read.js","sourceRoot":"","sources":["../../../../src/handlers/messages-read.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AACrD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,EAAE,0BAA0B,EAAE,MAAM,yCAAyC,CAAC;AACrF,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAC;AAC9D,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAI9D,MAAM,OAAO,mBAAmB;IAED;IAA7B,YAA6B,IAAyB;QAAzB,SAAI,GAAJ,IAAI,CAAqB;IAAG,CAAC;IAEnD,KAAK,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,OAAO,EAAc;QACjD,IAAI,YAA0B,CAAC;QAE/B,IAAI,CAAC;YACH,YAAY,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACnD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,qBAAqB,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACvC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,YAAY,CAAC,OAAO,CAAC,aAAa,EAAE,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACnE,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,qBAAqB,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACvC,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;QAC9F,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,EAAE,CAAC;QACxD,CAAC;QAED,IAAI,CAAC;YACH,MAAM,mBAAmB,CAAC,qBAAqB,CAAC,MAAM,EAAE,YAAY,EAAE,aAAa,EAAE,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC/G,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,qBAAqB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC3C,CAAC;QAED,2FAA2F;QAC3F,MAAM,KAAK,GAA2B,EAAE,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC;QAC5G,IAAI,OAAO,CAAC,cAAc,CAAC,aAAa,CAAC,EAAE,CAAC;YAC1C,MAAM,YAAY,GAAG,KAAK,CAAC,OAAiC,CAAC;YAC7D,uGAAuG;YACvG,0FAA0F;YAC1F,IAAI,YAAY,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC3C,+CAA+C;gBAC/C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,SAAU,CAAC,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC,QAAQ,EAAE,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBAC9G,IAAI,MAAM,EAAE,UAAU,KAAK,SAAS,EAAE,CAAC;oBACrC,KAAK,CAAC,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC;gBACjC,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,SAAS,GAAG,OAAO,CAAC,gBAAgB,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;gBACrE,KAAK,CAAC,IAAI,GAAG,UAAU,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;gBAC7C,OAAO,YAAY,CAAC,WAAW,CAAC;YAClC,CAAC;QACH,CAAC;QAED,OAAO;YACL,MAAM,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;YACnC,KAAK;SACN,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,KAAK,CAAC,qBAAqB,CACxC,MAAc,EACd,YAA0B,EAC1B,cAA8B,EAC9B,YAA0B;QAG1B,IAAI,YAAY,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YACnC,kEAAkE;YAClE,OAAO;QACT,CAAC;QAED,MAAM,kBAAkB,GAAG,OAAO,CAAC,qBAAqB,CAAC,YAAY,CAAC,gBAAiB,CAAC,CAAC;QACzF,IAAI,YAAY,CAAC,MAAM,KAAK,SAAS,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvE,MAAM,gBAAgB,GAAG,MAAM,0BAA0B,CAAC,qBAAqB,CAAC,MAAM,EAAE,YAAY,EAAE,kBAAkB,CAAC,CAAC;YAC1H,MAAM,0BAA0B,CAAC,qBAAqB,CAAC;gBACrD,mBAAmB,EAAG,YAAY,CAAC,OAAO;gBAC1C,aAAa,EAAS,cAAc;gBACpC,eAAe,EAAO,MAAM;gBAC5B,eAAe,EAAO,YAAY,CAAC,MAAM;gBACzC,gBAAgB;gBAChB,YAAY;aACb,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,+BAA+B,EAAE,uCAAuC,CAAC,CAAC;QAC5G,CAAC;IACH,CAAC;CACF"}
|
|
@@ -4,7 +4,7 @@ import { messageReplyFromError } from '../core/message-reply.js';
|
|
|
4
4
|
import { Messages } from '../utils/messages.js';
|
|
5
5
|
import { MessagesGrantAuthorization } from '../core/messages-grant-authorization.js';
|
|
6
6
|
import { MessagesSubscribe } from '../interfaces/messages-subscribe.js';
|
|
7
|
-
import {
|
|
7
|
+
import { Time } from '../utils/time.js';
|
|
8
8
|
import { DwnError, DwnErrorCode } from '../core/dwn-error.js';
|
|
9
9
|
export class MessagesSubscribeHandler {
|
|
10
10
|
deps;
|
|
@@ -22,21 +22,29 @@ export class MessagesSubscribeHandler {
|
|
|
22
22
|
catch (e) {
|
|
23
23
|
return messageReplyFromError(e, 400);
|
|
24
24
|
}
|
|
25
|
+
let authorization;
|
|
25
26
|
try {
|
|
26
27
|
await authenticate(message.authorization, this.deps.didResolver);
|
|
27
|
-
await MessagesSubscribeHandler.authorizeMessagesSubscribe(tenant, messagesSubscribe, this.deps.messageStore);
|
|
28
|
+
authorization = await MessagesSubscribeHandler.authorizeMessagesSubscribe(tenant, messagesSubscribe, this.deps.messageStore);
|
|
28
29
|
}
|
|
29
30
|
catch (error) {
|
|
30
31
|
return messageReplyFromError(error, 401);
|
|
31
32
|
}
|
|
33
|
+
const guardedHandler = MessagesSubscribeHandler.createAuthorizationGuard({
|
|
34
|
+
authorization,
|
|
35
|
+
messagesSubscribe,
|
|
36
|
+
messageStore: this.deps.messageStore,
|
|
37
|
+
subscriptionHandler,
|
|
38
|
+
});
|
|
32
39
|
const { filters, cursor: eventLogCursor } = message.descriptor;
|
|
33
40
|
const messagesFilters = Messages.convertFilters(filters, this.deps.coreProtocols);
|
|
34
41
|
const messageCid = await Message.getCid(message);
|
|
35
42
|
try {
|
|
36
|
-
const subscription = await this.deps.eventLog.subscribe(tenant, messageCid,
|
|
43
|
+
const subscription = await this.deps.eventLog.subscribe(tenant, messageCid, guardedHandler.listener, {
|
|
37
44
|
cursor: eventLogCursor,
|
|
38
45
|
filters: messagesFilters,
|
|
39
46
|
});
|
|
47
|
+
await guardedHandler.setSubscription(subscription);
|
|
40
48
|
return {
|
|
41
49
|
status: { code: 200, detail: 'OK' },
|
|
42
50
|
subscription,
|
|
@@ -56,21 +64,115 @@ export class MessagesSubscribeHandler {
|
|
|
56
64
|
static async authorizeMessagesSubscribe(tenant, messagesSubscribe, messageStore) {
|
|
57
65
|
// if `MessagesSubscribe` author is the same as the target tenant, we can directly grant access
|
|
58
66
|
if (messagesSubscribe.author === tenant) {
|
|
59
|
-
return;
|
|
67
|
+
return { kind: 'owner' };
|
|
60
68
|
}
|
|
61
|
-
|
|
62
|
-
|
|
69
|
+
const permissionGrantIds = Message.getPermissionGrantIds(messagesSubscribe.signaturePayload);
|
|
70
|
+
if (messagesSubscribe.author !== undefined && permissionGrantIds.length > 0) {
|
|
71
|
+
const permissionGrants = await MessagesGrantAuthorization.fetchPermissionGrants(tenant, messageStore, permissionGrantIds);
|
|
63
72
|
await MessagesGrantAuthorization.authorizeSubscribeOrSync({
|
|
64
73
|
incomingMessage: messagesSubscribe.message,
|
|
65
74
|
expectedGrantor: tenant,
|
|
66
75
|
expectedGrantee: messagesSubscribe.author,
|
|
67
|
-
|
|
76
|
+
permissionGrants,
|
|
68
77
|
messageStore
|
|
69
78
|
});
|
|
79
|
+
return {
|
|
80
|
+
kind: 'delegate',
|
|
81
|
+
expectedGrantor: tenant,
|
|
82
|
+
expectedGrantee: messagesSubscribe.author,
|
|
83
|
+
permissionGrants,
|
|
84
|
+
};
|
|
70
85
|
}
|
|
71
86
|
else {
|
|
72
87
|
throw new DwnError(DwnErrorCode.MessagesSubscribeAuthorizationFailed, 'message failed authorization');
|
|
73
88
|
}
|
|
74
89
|
}
|
|
90
|
+
static createAuthorizationGuard(input) {
|
|
91
|
+
const { authorization, messagesSubscribe, messageStore, subscriptionHandler } = input;
|
|
92
|
+
if (authorization.kind === 'owner') {
|
|
93
|
+
return {
|
|
94
|
+
listener: subscriptionHandler,
|
|
95
|
+
setSubscription: async () => { },
|
|
96
|
+
};
|
|
97
|
+
}
|
|
98
|
+
let subscription;
|
|
99
|
+
let closeRequested = false;
|
|
100
|
+
let terminalErrorEmitted = false;
|
|
101
|
+
let deliveryQueue = Promise.resolve();
|
|
102
|
+
const closeSubscription = () => {
|
|
103
|
+
if (closeRequested) {
|
|
104
|
+
return;
|
|
105
|
+
}
|
|
106
|
+
closeRequested = true;
|
|
107
|
+
Promise.resolve(subscription?.close()).catch(() => { });
|
|
108
|
+
};
|
|
109
|
+
const emitTerminalAuthorizationError = (cursor) => {
|
|
110
|
+
if (terminalErrorEmitted) {
|
|
111
|
+
return;
|
|
112
|
+
}
|
|
113
|
+
terminalErrorEmitted = true;
|
|
114
|
+
subscriptionHandler({
|
|
115
|
+
type: 'error',
|
|
116
|
+
cursor,
|
|
117
|
+
error: {
|
|
118
|
+
code: DwnErrorCode.MessagesSubscribeDeliveryAuthorizationFailed,
|
|
119
|
+
detail: 'subscription authorization failed during delivery',
|
|
120
|
+
},
|
|
121
|
+
});
|
|
122
|
+
};
|
|
123
|
+
// Deliberately do not cache delivery authorization here. Subscribe-open
|
|
124
|
+
// authorization validates static grant shape and filter scope; this per-event
|
|
125
|
+
// check revalidates dynamic grant state so expiry or revocation stops delivery
|
|
126
|
+
// before the next event is forwarded. Future throughput optimizations should
|
|
127
|
+
// split static and dynamic checks explicitly and document any bounded staleness
|
|
128
|
+
// introduced by caching revocation lookups.
|
|
129
|
+
const authorizeAndDeliverEvent = async (subMessage) => {
|
|
130
|
+
try {
|
|
131
|
+
await MessagesGrantAuthorization.authorizeSubscribeDelivery({
|
|
132
|
+
messagesSubscribeMessage: messagesSubscribe.message,
|
|
133
|
+
expectedGrantor: authorization.expectedGrantor,
|
|
134
|
+
expectedGrantee: authorization.expectedGrantee,
|
|
135
|
+
permissionGrants: authorization.permissionGrants,
|
|
136
|
+
messageStore,
|
|
137
|
+
deliveryTimestamp: Time.getCurrentTimestamp(),
|
|
138
|
+
});
|
|
139
|
+
}
|
|
140
|
+
catch {
|
|
141
|
+
emitTerminalAuthorizationError(subMessage.cursor);
|
|
142
|
+
closeSubscription();
|
|
143
|
+
return;
|
|
144
|
+
}
|
|
145
|
+
if (!closeRequested) {
|
|
146
|
+
subscriptionHandler(subMessage);
|
|
147
|
+
}
|
|
148
|
+
};
|
|
149
|
+
const deliverQueuedMessage = async (subMessage) => {
|
|
150
|
+
if (closeRequested) {
|
|
151
|
+
return;
|
|
152
|
+
}
|
|
153
|
+
if (subMessage.type !== 'event') {
|
|
154
|
+
subscriptionHandler(subMessage);
|
|
155
|
+
return;
|
|
156
|
+
}
|
|
157
|
+
await authorizeAndDeliverEvent(subMessage);
|
|
158
|
+
};
|
|
159
|
+
const enqueueDelivery = (subMessage) => {
|
|
160
|
+
deliveryQueue = deliveryQueue
|
|
161
|
+
.then(() => deliverQueuedMessage(subMessage))
|
|
162
|
+
.catch(() => { });
|
|
163
|
+
};
|
|
164
|
+
const listener = (subMessage) => {
|
|
165
|
+
enqueueDelivery(subMessage);
|
|
166
|
+
};
|
|
167
|
+
return {
|
|
168
|
+
listener,
|
|
169
|
+
setSubscription: async (eventSubscription) => {
|
|
170
|
+
subscription = eventSubscription;
|
|
171
|
+
if (closeRequested) {
|
|
172
|
+
await eventSubscription.close();
|
|
173
|
+
}
|
|
174
|
+
},
|
|
175
|
+
};
|
|
176
|
+
}
|
|
75
177
|
}
|
|
76
178
|
//# sourceMappingURL=messages-subscribe.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"messages-subscribe.js","sourceRoot":"","sources":["../../../../src/handlers/messages-subscribe.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"messages-subscribe.js","sourceRoot":"","sources":["../../../../src/handlers/messages-subscribe.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,0BAA0B,EAAE,MAAM,yCAAyC,CAAC;AACrF,OAAO,EAAE,iBAAiB,EAAE,MAAM,qCAAqC,CAAC;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACxC,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAgB9D,MAAM,OAAO,wBAAwB;IAEN;IAA7B,YAA6B,IAAyB;QAAzB,SAAI,GAAJ,IAAI,CAAqB;IAAG,CAAC;IAEnD,KAAK,CAAC,MAAM,CAAC,EAClB,MAAM,EACN,OAAO,EACP,mBAAmB,EAKpB;QACC,IAAI,IAAI,CAAC,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YACrC,OAAO,qBAAqB,CAAC,IAAI,QAAQ,CACvC,YAAY,CAAC,sCAAsC,EACnD,iCAAiC,CAClC,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;QAED,IAAI,iBAAoC,CAAC;QACzC,IAAI,CAAC;YACH,iBAAiB,GAAG,MAAM,iBAAiB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC7D,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,qBAAqB,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACvC,CAAC;QAED,IAAI,aAA6C,CAAC;QAClD,IAAI,CAAC;YACH,MAAM,YAAY,CAAC,OAAO,CAAC,aAAa,EAAE,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACjE,aAAa,GAAG,MAAM,wBAAwB,CAAC,0BAA0B,CAAC,MAAM,EAAE,iBAAiB,EAAE,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC/H,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,qBAAqB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC3C,CAAC;QAED,MAAM,cAAc,GAAG,wBAAwB,CAAC,wBAAwB,CAAC;YACvE,aAAa;YACb,iBAAiB;YACjB,YAAY,EAAE,IAAI,CAAC,IAAI,CAAC,YAAY;YACpC,mBAAmB;SACpB,CAAC,CAAC;QAEH,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,OAAO,CAAC,UAAU,CAAC;QAC/D,MAAM,eAAe,GAAG,QAAQ,CAAC,cAAc,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAClF,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAEjD,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,EAAE,UAAU,EAAE,cAAc,CAAC,QAAQ,EAAE;gBACnG,MAAM,EAAI,cAAc;gBACxB,OAAO,EAAG,eAAe;aAC1B,CAAC,CAAC;YACH,MAAM,cAAc,CAAC,eAAe,CAAC,YAAY,CAAC,CAAC;YAEnD,OAAO;gBACL,MAAM,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;gBACnC,YAAY;aACb,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,QAAQ,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,CAAC,mBAAmB,EAAE,CAAC;gBACjF,MAAM,OAAO,GAAI,KAAa,CAAC,OAAsC,CAAC;gBACtE,OAAO;oBACL,MAAM,EAAG,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,oBAAoB,EAAE;oBACpD,KAAK,EAAI,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,aAAsB,EAAE,GAAG,OAAO,EAAE;iBAC1F,CAAC;YACJ,CAAC;YACD,OAAO,qBAAqB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,0BAA0B,CAC7C,MAAc,EACd,iBAAoC,EACpC,YAA0B;QAE1B,+FAA+F;QAC/F,IAAI,iBAAiB,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YACxC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;QAC3B,CAAC;QAED,MAAM,kBAAkB,GAAG,OAAO,CAAC,qBAAqB,CAAC,iBAAiB,CAAC,gBAAiB,CAAC,CAAC;QAC9F,IAAI,iBAAiB,CAAC,MAAM,KAAK,SAAS,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5E,MAAM,gBAAgB,GAAG,MAAM,0BAA0B,CAAC,qBAAqB,CAAC,MAAM,EAAE,YAAY,EAAE,kBAAkB,CAAC,CAAC;YAC1H,MAAM,0BAA0B,CAAC,wBAAwB,CAAC;gBACxD,eAAe,EAAG,iBAAiB,CAAC,OAAO;gBAC3C,eAAe,EAAG,MAAM;gBACxB,eAAe,EAAG,iBAAiB,CAAC,MAAM;gBAC1C,gBAAgB;gBAChB,YAAY;aACb,CAAC,CAAC;YACH,OAAO;gBACL,IAAI,EAAc,UAAU;gBAC5B,eAAe,EAAG,MAAM;gBACxB,eAAe,EAAG,iBAAiB,CAAC,MAAM;gBAC1C,gBAAgB;aACjB,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,8BAA8B,CAAC,CAAC;QACxG,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,wBAAwB,CAAC,KAKvC;QACC,MAAM,EAAE,aAAa,EAAE,iBAAiB,EAAE,YAAY,EAAE,mBAAmB,EAAE,GAAG,KAAK,CAAC;QACtF,IAAI,aAAa,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YACnC,OAAO;gBACL,QAAQ,EAAU,mBAAmB;gBACrC,eAAe,EAAG,KAAK,IAAmB,EAAE,GAAE,CAAC;aAChD,CAAC;QACJ,CAAC;QAED,IAAI,YAA2C,CAAC;QAChD,IAAI,cAAc,GAAG,KAAK,CAAC;QAC3B,IAAI,oBAAoB,GAAG,KAAK,CAAC;QACjC,IAAI,aAAa,GAAkB,OAAO,CAAC,OAAO,EAAE,CAAC;QAErD,MAAM,iBAAiB,GAAG,GAAS,EAAE;YACnC,IAAI,cAAc,EAAE,CAAC;gBACnB,OAAO;YACT,CAAC;YACD,cAAc,GAAG,IAAI,CAAC;YACtB,OAAO,CAAC,OAAO,CAAC,YAAY,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC;QAEF,MAAM,8BAA8B,GAAG,CAAC,MAAmC,EAAQ,EAAE;YACnF,IAAI,oBAAoB,EAAE,CAAC;gBACzB,OAAO;YACT,CAAC;YACD,oBAAoB,GAAG,IAAI,CAAC;YAC5B,mBAAmB,CAAC;gBAClB,IAAI,EAAI,OAAO;gBACf,MAAM;gBACN,KAAK,EAAG;oBACN,IAAI,EAAK,YAAY,CAAC,4CAA4C;oBAClE,MAAM,EAAG,mDAAmD;iBAC7D;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF,wEAAwE;QACxE,8EAA8E;QAC9E,+EAA+E;QAC/E,6EAA6E;QAC7E,gFAAgF;QAChF,4CAA4C;QAC5C,MAAM,wBAAwB,GAAG,KAAK,EAAE,UAA6B,EAAiB,EAAE;YACtF,IAAI,CAAC;gBACH,MAAM,0BAA0B,CAAC,0BAA0B,CAAC;oBAC1D,wBAAwB,EAAG,iBAAiB,CAAC,OAAO;oBACpD,eAAe,EAAY,aAAa,CAAC,eAAe;oBACxD,eAAe,EAAY,aAAa,CAAC,eAAe;oBACxD,gBAAgB,EAAW,aAAa,CAAC,gBAAgB;oBACzD,YAAY;oBACZ,iBAAiB,EAAU,IAAI,CAAC,mBAAmB,EAAE;iBACtD,CAAC,CAAC;YACL,CAAC;YAAC,MAAM,CAAC;gBACP,8BAA8B,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;gBAClD,iBAAiB,EAAE,CAAC;gBACpB,OAAO;YACT,CAAC;YAED,IAAI,CAAC,cAAc,EAAE,CAAC;gBACpB,mBAAmB,CAAC,UAAU,CAAC,CAAC;YAClC,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,oBAAoB,GAAG,KAAK,EAAE,UAA+B,EAAiB,EAAE;YACpF,IAAI,cAAc,EAAE,CAAC;gBACnB,OAAO;YACT,CAAC;YAED,IAAI,UAAU,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;gBAChC,mBAAmB,CAAC,UAAU,CAAC,CAAC;gBAChC,OAAO;YACT,CAAC;YAED,MAAM,wBAAwB,CAAC,UAAU,CAAC,CAAC;QAC7C,CAAC,CAAC;QAEF,MAAM,eAAe,GAAG,CAAC,UAA+B,EAAQ,EAAE;YAChE,aAAa,GAAG,aAAa;iBAC1B,IAAI,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;iBAC5C,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACrB,CAAC,CAAC;QAEF,MAAM,QAAQ,GAAyB,CAAC,UAA+B,EAAQ,EAAE;YAC/E,eAAe,CAAC,UAAU,CAAC,CAAC;QAC9B,CAAC,CAAC;QAEF,OAAO;YACL,QAAQ;YACR,eAAe,EAAE,KAAK,EAAE,iBAAoC,EAAiB,EAAE;gBAC7E,YAAY,GAAG,iBAAiB,CAAC;gBACjC,IAAI,cAAc,EAAE,CAAC;oBACnB,MAAM,iBAAiB,CAAC,KAAK,EAAE,CAAC;gBAClC,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF"}
|