@fedify/fedify 0.9.0-dev.174 → 0.9.0-dev.175
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGES.md +9 -0
- package/esm/federation/handler.js +5 -2
- package/esm/federation/middleware.js +6 -2
- package/esm/httpsig/mod.js +7 -8
- package/package.json +1 -1
- package/types/federation/handler.d.ts +3 -1
- package/types/federation/handler.d.ts.map +1 -1
- package/types/federation/middleware.d.ts +9 -1
- package/types/federation/middleware.d.ts.map +1 -1
- package/types/httpsig/mod.d.ts +29 -5
- package/types/httpsig/mod.d.ts.map +1 -1
package/CHANGES.md
CHANGED
|
@@ -29,6 +29,15 @@ To be released.
|
|
|
29
29
|
- Added `SendActivityOptions.excludeBaseUris` property.
|
|
30
30
|
- Added `ExtractInboxesParameters.excludeBaseUris` property.
|
|
31
31
|
|
|
32
|
+
- The time window for signature verification is now configurable.
|
|
33
|
+
|
|
34
|
+
- The default time window for signature verification is now a minute (was
|
|
35
|
+
30 seconds).
|
|
36
|
+
- Added `signatureTimeWindow` option to `FederationParameters` interface.
|
|
37
|
+
- Added `VerifyOptions` interface.
|
|
38
|
+
- The signature of the `verify()` function is revamped; it now optionally
|
|
39
|
+
takes a `VerifyOptions` object as the second parameter.
|
|
40
|
+
|
|
32
41
|
- Added more log messages using the [LogTape] library. Currently the below
|
|
33
42
|
logger categories are used:
|
|
34
43
|
|
|
@@ -162,7 +162,7 @@ function filterCollectionItems(items, collectionName, filterPredicate) {
|
|
|
162
162
|
}
|
|
163
163
|
return result;
|
|
164
164
|
}
|
|
165
|
-
export async function handleInbox(request, { handle, context, kv, kvPrefix, actorDispatcher, inboxListeners, inboxErrorHandler, onNotFound, }) {
|
|
165
|
+
export async function handleInbox(request, { handle, context, kv, kvPrefix, actorDispatcher, inboxListeners, inboxErrorHandler, onNotFound, signatureTimeWindow, }) {
|
|
166
166
|
const logger = getLogger(["fedify", "federation", "inbox"]);
|
|
167
167
|
if (actorDispatcher == null) {
|
|
168
168
|
logger.error("Actor dispatcher is not set.", { handle });
|
|
@@ -176,7 +176,10 @@ export async function handleInbox(request, { handle, context, kv, kvPrefix, acto
|
|
|
176
176
|
return await onNotFound(request);
|
|
177
177
|
}
|
|
178
178
|
}
|
|
179
|
-
const key = await verify(request,
|
|
179
|
+
const key = await verify(request, {
|
|
180
|
+
...context,
|
|
181
|
+
timeWindow: signatureTimeWindow,
|
|
182
|
+
});
|
|
180
183
|
if (key == null) {
|
|
181
184
|
logger.error("Failed to verify the request signature.", { handle });
|
|
182
185
|
const response = new Response("Failed to verify the request signature.", {
|
|
@@ -36,12 +36,13 @@ export class Federation {
|
|
|
36
36
|
#authenticatedDocumentLoaderFactory;
|
|
37
37
|
#treatHttps;
|
|
38
38
|
#onOutboxError;
|
|
39
|
+
#signatureTimeWindow;
|
|
39
40
|
#backoffSchedule;
|
|
40
41
|
/**
|
|
41
42
|
* Create a new {@link Federation} instance.
|
|
42
43
|
* @param parameters Parameters for initializing the instance.
|
|
43
44
|
*/
|
|
44
|
-
constructor({ kv, kvPrefixes, queue, documentLoader, contextLoader, authenticatedDocumentLoaderFactory, treatHttps, onOutboxError, backoffSchedule, }) {
|
|
45
|
+
constructor({ kv, kvPrefixes, queue, documentLoader, contextLoader, authenticatedDocumentLoaderFactory, treatHttps, onOutboxError, signatureTimeWindow, backoffSchedule, }) {
|
|
45
46
|
this.#kv = kv;
|
|
46
47
|
this.#kvPrefixes = {
|
|
47
48
|
...({
|
|
@@ -68,6 +69,7 @@ export class Federation {
|
|
|
68
69
|
getAuthenticatedDocumentLoader;
|
|
69
70
|
this.#onOutboxError = onOutboxError;
|
|
70
71
|
this.#treatHttps = treatHttps ?? false;
|
|
72
|
+
this.#signatureTimeWindow = signatureTimeWindow ?? { minutes: 1 };
|
|
71
73
|
this.#backoffSchedule = backoffSchedule ?? [
|
|
72
74
|
3000,
|
|
73
75
|
15000,
|
|
@@ -293,6 +295,7 @@ export class Federation {
|
|
|
293
295
|
return context;
|
|
294
296
|
let signedKey = undefined;
|
|
295
297
|
let signedKeyOwner = undefined;
|
|
298
|
+
const timeWindow = this.#signatureTimeWindow;
|
|
296
299
|
const reqCtx = {
|
|
297
300
|
...context,
|
|
298
301
|
request,
|
|
@@ -341,7 +344,7 @@ export class Federation {
|
|
|
341
344
|
async getSignedKey() {
|
|
342
345
|
if (signedKey !== undefined)
|
|
343
346
|
return signedKey;
|
|
344
|
-
return signedKey = await verify(request, context
|
|
347
|
+
return signedKey = await verify(request, { ...context, timeWindow });
|
|
345
348
|
},
|
|
346
349
|
async getSignedKeyOwner() {
|
|
347
350
|
if (signedKeyOwner !== undefined)
|
|
@@ -939,6 +942,7 @@ export class Federation {
|
|
|
939
942
|
inboxListeners: this.#inboxListeners,
|
|
940
943
|
inboxErrorHandler: this.#inboxErrorHandler,
|
|
941
944
|
onNotFound,
|
|
945
|
+
signatureTimeWindow: this.#signatureTimeWindow,
|
|
942
946
|
});
|
|
943
947
|
case "following":
|
|
944
948
|
return await handleCollection(request, {
|
package/esm/httpsig/mod.js
CHANGED
|
@@ -67,15 +67,13 @@ const supportedHashAlgorithms = {
|
|
|
67
67
|
* if the request body is already consumed. Consuming the request body after
|
|
68
68
|
* calling this function is okay, since this function clones the request
|
|
69
69
|
* under the hood.
|
|
70
|
+
*
|
|
70
71
|
* @param request The request to verify.
|
|
71
|
-
* @param
|
|
72
|
-
* @param contextLoader The context loader to use for JSON-LD context retrieval.
|
|
73
|
-
* @param currentTime The current time. If not specified, the current time is
|
|
74
|
-
* used. This is useful for testing.
|
|
72
|
+
* @param options Options for verifying the request.
|
|
75
73
|
* @returns The public key of the verified signature, or `null` if the signature
|
|
76
74
|
* could not be verified.
|
|
77
75
|
*/
|
|
78
|
-
export async function verify(request, documentLoader, contextLoader, currentTime) {
|
|
76
|
+
export async function verify(request, { documentLoader, contextLoader, timeWindow, currentTime } = {}) {
|
|
79
77
|
const logger = getLogger(["fedify", "httpsig", "verify"]);
|
|
80
78
|
request = request.clone();
|
|
81
79
|
const dateHeader = request.headers.get("Date");
|
|
@@ -127,11 +125,12 @@ export async function verify(request, documentLoader, contextLoader, currentTime
|
|
|
127
125
|
}
|
|
128
126
|
const date = dntShim.Temporal.Instant.from(new Date(dateHeader).toISOString());
|
|
129
127
|
const now = currentTime ?? dntShim.Temporal.Now.instant();
|
|
130
|
-
|
|
128
|
+
const tw = timeWindow ?? { minutes: 1 };
|
|
129
|
+
if (dntShim.Temporal.Instant.compare(date, now.add(tw)) > 0) {
|
|
131
130
|
logger.debug("Failed to verify; Date is too far in the future.", { date: date.toString(), now: now.toString() });
|
|
132
131
|
return null;
|
|
133
132
|
}
|
|
134
|
-
else if (dntShim.Temporal.Instant.compare(date, now.subtract(
|
|
133
|
+
else if (dntShim.Temporal.Instant.compare(date, now.subtract(tw)) < 0) {
|
|
135
134
|
logger.debug("Failed to verify; Date is too far in the past.", { date: date.toString(), now: now.toString() });
|
|
136
135
|
return null;
|
|
137
136
|
}
|
|
@@ -152,7 +151,7 @@ export async function verify(request, documentLoader, contextLoader, currentTime
|
|
|
152
151
|
logger.debug("Fetching key {keyId} to verify signature...", { keyId });
|
|
153
152
|
let document;
|
|
154
153
|
try {
|
|
155
|
-
const remoteDocument = await documentLoader(keyId);
|
|
154
|
+
const remoteDocument = await (documentLoader ?? fetchDocumentLoader)(keyId);
|
|
156
155
|
document = remoteDocument.document;
|
|
157
156
|
}
|
|
158
157
|
catch (_) {
|
package/package.json
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
2
|
/// <reference types="node" />
|
|
3
|
+
import * as dntShim from "../_dnt.shims.js";
|
|
3
4
|
import type { DocumentLoader } from "../runtime/docloader.js";
|
|
4
5
|
import type { Recipient } from "../vocab/actor.js";
|
|
5
6
|
import { Activity, Link, Object } from "../vocab/vocab.js";
|
|
@@ -73,8 +74,9 @@ export interface InboxHandlerParameters<TContextData> {
|
|
|
73
74
|
inboxListeners: Map<new (...args: unknown[]) => Activity, InboxListener<TContextData, Activity>>;
|
|
74
75
|
inboxErrorHandler?: InboxErrorHandler<TContextData>;
|
|
75
76
|
onNotFound(request: Request): Response | Promise<Response>;
|
|
77
|
+
signatureTimeWindow: dntShim.Temporal.DurationLike;
|
|
76
78
|
}
|
|
77
|
-
export declare function handleInbox<TContextData>(request: Request, { handle, context, kv, kvPrefix, actorDispatcher, inboxListeners, inboxErrorHandler, onNotFound, }: InboxHandlerParameters<TContextData>): Promise<Response>;
|
|
79
|
+
export declare function handleInbox<TContextData>(request: Request, { handle, context, kv, kvPrefix, actorDispatcher, inboxListeners, inboxErrorHandler, onNotFound, signatureTimeWindow, }: InboxHandlerParameters<TContextData>): Promise<Response>;
|
|
78
80
|
/**
|
|
79
81
|
* Options for the {@link respondWithObject} and
|
|
80
82
|
* {@link respondWithObjectIfAcceptable} functions.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"handler.d.ts","sourceRoot":"","sources":["../../src/federation/handler.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"handler.d.ts","sourceRoot":"","sources":["../../src/federation/handler.ts"],"names":[],"mappings":";;AAAA,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAC;AAI5C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EACL,QAAQ,EACR,IAAI,EACJ,MAAM,EAGP,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,EACV,eAAe,EACf,kBAAkB,EAClB,iBAAiB,EACjB,gBAAgB,EAChB,oBAAoB,EACpB,iBAAiB,EACjB,aAAa,EACb,wBAAwB,EACxB,gBAAgB,EACjB,MAAM,eAAe,CAAC;AACvB,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAE9C,wBAAgB,aAAa,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CASvD;AAED,MAAM,WAAW,sBAAsB,CAAC,YAAY;IAClD,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,cAAc,CAAC,YAAY,CAAC,CAAC;IACtC,eAAe,CAAC,EAAE,eAAe,CAAC,YAAY,CAAC,CAAC;IAChD,kBAAkB,CAAC,EAAE,kBAAkB,CAAC,YAAY,CAAC,CAAC;IACtD,cAAc,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC/D,UAAU,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC3D,eAAe,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;CACjE;AAED,wBAAsB,WAAW,CAAC,YAAY,EAC5C,OAAO,EAAE,OAAO,EAChB,EACE,MAAM,EACN,OAAO,EACP,eAAe,EACf,kBAAkB,EAClB,UAAU,EACV,eAAe,EACf,cAAc,GACf,EAAE,sBAAsB,CAAC,YAAY,CAAC,GACtC,OAAO,CAAC,QAAQ,CAAC,CAoBnB;AAED,MAAM,WAAW,uBAAuB,CAAC,YAAY;IACnD,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/B,OAAO,EAAE,cAAc,CAAC,YAAY,CAAC,CAAC;IACtC,gBAAgB,CAAC,EAAE,gBAAgB,CAAC,YAAY,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;IAClE,kBAAkB,CAAC,EAAE,wBAAwB,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IACpE,cAAc,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC/D,UAAU,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC3D,eAAe,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;CACjE;AAED,wBAAsB,YAAY,CAAC,YAAY,EAC7C,OAAO,EAAE,OAAO,EAChB,EACE,MAAM,EACN,OAAO,EACP,gBAAgB,EAChB,kBAAkB,EAClB,UAAU,EACV,eAAe,EACf,cAAc,GACf,EAAE,uBAAuB,CAAC,YAAY,CAAC,GACvC,OAAO,CAAC,QAAQ,CAAC,CAmBnB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO;IAC/D;;OAEG;IACH,UAAU,EAAE,oBAAoB,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;IAE/D;;OAEG;IACH,OAAO,CAAC,EAAE,iBAAiB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAEnD;;OAEG;IACH,WAAW,CAAC,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAEtD;;OAEG;IACH,UAAU,CAAC,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAErD;;OAEG;IACH,kBAAkB,CAAC,EAAE,kBAAkB,CAAC,YAAY,CAAC,CAAC;CACvD;AAED,MAAM,WAAW,2BAA2B,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO;IACvE,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,eAAe,CAAC,EAAE,CAAC,IAAI,EAAE,KAAK,KAAK,OAAO,CAAC;IAC3C,OAAO,EAAE,cAAc,CAAC,YAAY,CAAC,CAAC;IACtC,mBAAmB,CAAC,EAAE,mBAAmB,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;IACxE,cAAc,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC/D,UAAU,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC3D,eAAe,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;CACjE;AAED,wBAAsB,gBAAgB,CACpC,KAAK,SAAS,GAAG,GAAG,MAAM,GAAG,IAAI,GAAG,SAAS,EAC7C,YAAY,EACZ,OAAO,EAEP,OAAO,EAAE,OAAO,EAChB,EACE,IAAI,EACJ,MAAM,EACN,MAAM,EACN,eAAe,EACf,OAAO,EACP,mBAAmB,EACnB,cAAc,EACd,UAAU,EACV,eAAe,GAChB,EAAE,2BAA2B,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,CAAC,GAC3D,OAAO,CAAC,QAAQ,CAAC,CA4FnB;AA+BD,MAAM,WAAW,sBAAsB,CAAC,YAAY;IAClD,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,OAAO,EAAE,cAAc,CAAC,YAAY,CAAC,CAAC;IACtC,EAAE,EAAE,OAAO,CAAC;IACZ,QAAQ,EAAE,KAAK,CAAC;IAChB,eAAe,CAAC,EAAE,eAAe,CAAC,YAAY,CAAC,CAAC;IAChD,cAAc,EAAE,GAAG,CACjB,KAAK,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,QAAQ,EACpC,aAAa,CAAC,YAAY,EAAE,QAAQ,CAAC,CACtC,CAAC;IACF,iBAAiB,CAAC,EAAE,iBAAiB,CAAC,YAAY,CAAC,CAAC;IACpD,UAAU,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC3D,mBAAmB,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;CACpD;AAED,wBAAsB,WAAW,CAAC,YAAY,EAC5C,OAAO,EAAE,OAAO,EAChB,EACE,MAAM,EACN,OAAO,EACP,EAAE,EACF,QAAQ,EACR,eAAe,EACf,cAAc,EACd,iBAAiB,EACjB,UAAU,EACV,mBAAmB,GACpB,EAAE,sBAAsB,CAAC,YAAY,CAAC,GACtC,OAAO,CAAC,QAAQ,CAAC,CAgInB;AAED;;;;GAIG;AACH,MAAM,WAAW,wBAAwB;IACvC;;;OAGG;IACH,aAAa,EAAE,cAAc,CAAC;CAC/B;AAED;;;;;;GAMG;AACH,wBAAsB,iBAAiB,CACrC,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,QAAQ,CAAC,CAOnB;AAED;;;;;;;;GAQG;AACH,wBAAsB,6BAA6B,CACjD,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,OAAO,EAChB,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAK1B"}
|
|
@@ -63,6 +63,14 @@ export interface FederationParameters {
|
|
|
63
63
|
* @since 0.6.0
|
|
64
64
|
*/
|
|
65
65
|
onOutboxError?: OutboxErrorHandler;
|
|
66
|
+
/**
|
|
67
|
+
* The time window for verifying the signature of incoming requests. If the
|
|
68
|
+
* request is older or newer than this window, it is rejected. By default,
|
|
69
|
+
* the window is a minute.
|
|
70
|
+
*
|
|
71
|
+
* @since 0.9.0
|
|
72
|
+
*/
|
|
73
|
+
signatureTimeWindow?: dntShim.Temporal.DurationLike;
|
|
66
74
|
backoffSchedule?: dntShim.Temporal.Duration[];
|
|
67
75
|
}
|
|
68
76
|
/**
|
|
@@ -93,7 +101,7 @@ export declare class Federation<TContextData> {
|
|
|
93
101
|
* Create a new {@link Federation} instance.
|
|
94
102
|
* @param parameters Parameters for initializing the instance.
|
|
95
103
|
*/
|
|
96
|
-
constructor({ kv, kvPrefixes, queue, documentLoader, contextLoader, authenticatedDocumentLoaderFactory, treatHttps, onOutboxError, backoffSchedule, }: FederationParameters);
|
|
104
|
+
constructor({ kv, kvPrefixes, queue, documentLoader, contextLoader, authenticatedDocumentLoaderFactory, treatHttps, onOutboxError, signatureTimeWindow, backoffSchedule, }: FederationParameters);
|
|
97
105
|
/**
|
|
98
106
|
* Create a new context.
|
|
99
107
|
* @param baseUrl The base URL of the server. The `pathname` remains root,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/federation/middleware.ts"],"names":[],"mappings":";;AAAA,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAC;AAK5C,OAAO,EACL,KAAK,kCAAkC,EACvC,KAAK,cAAc,EAIpB,MAAM,yBAAyB,CAAC;AACjC,OAAO,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,EAAE,QAAQ,EAAoB,KAAK,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAE1E,OAAO,KAAK,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,EAClB,iBAAiB,EACjB,gBAAgB,EAChB,oBAAoB,EACpB,iBAAiB,EACjB,aAAa,EACb,kBAAkB,EAClB,wBAAwB,EACxB,gBAAgB,EAChB,kBAAkB,EACnB,MAAM,eAAe,CAAC;AAEvB,OAAO,KAAK,EACV,OAAO,EACP,cAAc,EACd,mBAAmB,EACpB,MAAM,cAAc,CAAC;AAQtB,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAC9C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAK5C;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,EAAE,EAAE,OAAO,CAAC;IAEZ;;;OAGG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAE3C;;;;OAIG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IAErB;;;OAGG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAEhC;;;;OAIG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAE/B;;;;;;OAMG;IACH,kCAAkC,CAAC,EAAE,kCAAkC,CAAC;IAExE;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB;;;;;;;;;OASG;IACH,aAAa,CAAC,EAAE,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/federation/middleware.ts"],"names":[],"mappings":";;AAAA,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAC;AAK5C,OAAO,EACL,KAAK,kCAAkC,EACvC,KAAK,cAAc,EAIpB,MAAM,yBAAyB,CAAC;AACjC,OAAO,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,EAAE,QAAQ,EAAoB,KAAK,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAE1E,OAAO,KAAK,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,EAClB,iBAAiB,EACjB,gBAAgB,EAChB,oBAAoB,EACpB,iBAAiB,EACjB,aAAa,EACb,kBAAkB,EAClB,wBAAwB,EACxB,gBAAgB,EAChB,kBAAkB,EACnB,MAAM,eAAe,CAAC;AAEvB,OAAO,KAAK,EACV,OAAO,EACP,cAAc,EACd,mBAAmB,EACpB,MAAM,cAAc,CAAC;AAQtB,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAC9C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAK5C;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,EAAE,EAAE,OAAO,CAAC;IAEZ;;;OAGG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAE3C;;;;OAIG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IAErB;;;OAGG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAEhC;;;;OAIG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAE/B;;;;;;OAMG;IACH,kCAAkC,CAAC,EAAE,kCAAkC,CAAC;IAExE;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB;;;;;;;;;OASG;IACH,aAAa,CAAC,EAAE,kBAAkB,CAAC;IAEnC;;;;;;OAMG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAIpD,eAAe,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;CAC/C;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,mBAAmB,EAAE,KAAK,CAAC;IAE3B;;;OAGG;IACH,cAAc,EAAE,KAAK,CAAC;CACvB;AAED;;;;;;GAMG;AACH,qBAAa,UAAU,CAAC,YAAY;;IAyBlC;;;OAGG;gBAED,EACE,EAAE,EACF,UAAU,EACV,KAAK,EACL,cAAc,EACd,aAAa,EACb,kCAAkC,EAClC,UAAU,EACV,aAAa,EACb,mBAAmB,EACnB,eAAe,GAChB,EAAE,oBAAoB;IA6GzB;;;;;;OAMG;IACH,aAAa,CAAC,OAAO,EAAE,GAAG,EAAE,WAAW,EAAE,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;IAE7E;;;;;OAKG;IACH,aAAa,CACX,OAAO,EAAE,OAAO,EAChB,WAAW,EAAE,YAAY,GACxB,cAAc,CAAC,YAAY,CAAC;IAyQ/B;;;;;;;;;OASG;IACH,qBAAqB,CACnB,IAAI,EAAE,MAAM,EACZ,UAAU,EAAE,kBAAkB,CAAC,YAAY,CAAC;IAc9C;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACH,kBAAkB,CAChB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,eAAe,CAAC,YAAY,CAAC,GACxC,oBAAoB,CAAC,YAAY,CAAC;IAyHrC;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EACF,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACrI,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EACF,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACjH,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EACF,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EAC7F,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EACF,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACzE,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EAAE,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACzD,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EAAE,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACrC,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAgCvD;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,mBAAmB,CACjB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,QAAQ,EAAE,YAAY,EAAE,IAAI,CAAC,GAC7D,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IAmChD;;;;;;;;;;OAUG;IACH,sBAAsB,CACpB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,KAAK,GAAG,GAAG,EAAE,YAAY,EAAE,IAAI,CAAC,GAChE,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IAmChD;;;;;;;;;;OAUG;IACH,sBAAsB,CACpB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAC9B,SAAS,EACT,YAAY,EACZ,GAAG,CACJ,GACA,yBAAyB,CAAC,YAAY,EAAE,GAAG,CAAC;IAyE/C;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACH,iBAAiB,CACf,SAAS,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EACvC,eAAe,CAAC,EAAE,MAAM,GACvB,mBAAmB,CAAC,YAAY,CAAC;IAyCpC;;;;;;;;;OASG;IACG,YAAY,CAChB,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE;QAAE,KAAK,EAAE,GAAG,CAAC;QAAC,UAAU,EAAE,OAAO,CAAC,SAAS,CAAA;KAAE,EACpE,UAAU,EAAE,SAAS,GAAG,SAAS,EAAE,EACnC,QAAQ,EAAE,QAAQ,EAClB,EAAE,iBAAiB,EAAE,SAAS,EAAE,eAAe,EAAE,cAAc,EAAE,GAC/D,2BAAgC,GACjC,OAAO,CAAC,IAAI,CAAC;IA2FhB;;;;;;;;;;;OAWG;IACH,MAAM,CACJ,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,sBAAsB,CAAC,YAAY,CAAC,GAC5C,OAAO,CAAC,QAAQ,CAAC;IAOpB;;;;;;;;;;;OAWG;IACG,KAAK,CACT,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,sBAAsB,CAAC,YAAY,CAAC,GAC5C,OAAO,CAAC,QAAQ,CAAC;CA8IrB;AAED;;;;;GAKG;AACH,MAAM,WAAW,sBAAsB,CAAC,YAAY;IAClD;;OAEG;IACH,WAAW,EAAE,YAAY,CAAC;IAE1B;;;;;OAKG;IACH,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAEhE;;;;;OAKG;IACH,eAAe,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAErE;;;;;;OAMG;IACH,cAAc,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;CACrE;AAQD;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,oBAAoB,CAAC,YAAY;IAChD;;;;OAIG;IACH,oBAAoB,CAClB,UAAU,EAAE,sBAAsB,CAAC,YAAY,CAAC,GAC/C,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAEtC;;;;;OAKG;IACH,SAAS,CACP,SAAS,EAAE,kBAAkB,CAAC,YAAY,CAAC,GAC1C,oBAAoB,CAAC,YAAY,CAAC,CAAC;CACvC;AAQD;;GAEG;AACH,MAAM,WAAW,qBAAqB,CACpC,YAAY,EACZ,OAAO,SAAS,MAAM,EACtB,MAAM,SAAS,MAAM;IAErB;;;;;OAKG;IACH,SAAS,CACP,SAAS,EAAE,wBAAwB,CAAC,YAAY,EAAE,MAAM,CAAC,GACxD,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;CACzD;AAED;;;;;GAKG;AACH,MAAM,WAAW,yBAAyB,CAAC,YAAY,EAAE,OAAO;IAC9D;;;;OAIG;IACH,UAAU,CACR,OAAO,EAAE,iBAAiB,CAAC,YAAY,EAAE,OAAO,CAAC,GAChD,yBAAyB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAEpD;;;;OAIG;IACH,cAAc,CACZ,MAAM,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,CAAC,GAC9C,yBAAyB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAEpD;;;;OAIG;IACH,aAAa,CACX,MAAM,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,CAAC,GAC9C,yBAAyB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAEpD;;;;;OAKG;IACH,SAAS,CACP,SAAS,EAAE,kBAAkB,CAAC,YAAY,CAAC,GAC1C,yBAAyB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;CACrD;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB,CAAC,YAAY;IAC/C;;;;;;OAMG;IACH,EAAE,CAAC,SAAS,SAAS,QAAQ,EAE3B,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,SAAS,EACvC,QAAQ,EAAE,aAAa,CAAC,YAAY,EAAE,SAAS,CAAC,GAC/C,mBAAmB,CAAC,YAAY,CAAC,CAAC;IAErC;;;;;;OAMG;IACH,OAAO,CACL,OAAO,EAAE,iBAAiB,CAAC,YAAY,CAAC,GACvC,mBAAmB,CAAC,YAAY,CAAC,CAAC;CACtC;AAED,UAAU,2BAA4B,SAAQ,mBAAmB;IAC/D,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB"}
|
package/types/httpsig/mod.d.ts
CHANGED
|
@@ -21,6 +21,32 @@ export { exportJwk, generateCryptoKeyPair, importJwk } from "./key.js";
|
|
|
21
21
|
* @throws {TypeError} If the private key is invalid or unsupported.
|
|
22
22
|
*/
|
|
23
23
|
export declare function sign(request: Request, privateKey: dntShim.CryptoKey, keyId: URL): Promise<Request>;
|
|
24
|
+
/**
|
|
25
|
+
* Options for {@link verify}.
|
|
26
|
+
*
|
|
27
|
+
* @since 0.9.0
|
|
28
|
+
*/
|
|
29
|
+
export interface VerifyOptions {
|
|
30
|
+
/**
|
|
31
|
+
* The document loader to use for fetching the public key.
|
|
32
|
+
*/
|
|
33
|
+
documentLoader?: DocumentLoader;
|
|
34
|
+
/**
|
|
35
|
+
* The context loader to use for JSON-LD context retrieval.
|
|
36
|
+
*/
|
|
37
|
+
contextLoader?: DocumentLoader;
|
|
38
|
+
/**
|
|
39
|
+
* The time window to allow for the request date. The actual time window is
|
|
40
|
+
* twice the value of this option, with the current time as the center.
|
|
41
|
+
* A minute by default.
|
|
42
|
+
*/
|
|
43
|
+
timeWindow?: dntShim.Temporal.DurationLike;
|
|
44
|
+
/**
|
|
45
|
+
* The current time. If not specified, the current time is used. This is
|
|
46
|
+
* useful for testing.
|
|
47
|
+
*/
|
|
48
|
+
currentTime?: dntShim.Temporal.Instant;
|
|
49
|
+
}
|
|
24
50
|
/**
|
|
25
51
|
* Verifies the signature of a request.
|
|
26
52
|
*
|
|
@@ -28,15 +54,13 @@ export declare function sign(request: Request, privateKey: dntShim.CryptoKey, ke
|
|
|
28
54
|
* if the request body is already consumed. Consuming the request body after
|
|
29
55
|
* calling this function is okay, since this function clones the request
|
|
30
56
|
* under the hood.
|
|
57
|
+
*
|
|
31
58
|
* @param request The request to verify.
|
|
32
|
-
* @param
|
|
33
|
-
* @param contextLoader The context loader to use for JSON-LD context retrieval.
|
|
34
|
-
* @param currentTime The current time. If not specified, the current time is
|
|
35
|
-
* used. This is useful for testing.
|
|
59
|
+
* @param options Options for verifying the request.
|
|
36
60
|
* @returns The public key of the verified signature, or `null` if the signature
|
|
37
61
|
* could not be verified.
|
|
38
62
|
*/
|
|
39
|
-
export declare function verify(request: Request, documentLoader
|
|
63
|
+
export declare function verify(request: Request, { documentLoader, contextLoader, timeWindow, currentTime }?: VerifyOptions): Promise<CryptographicKey | null>;
|
|
40
64
|
/**
|
|
41
65
|
* Options for {@link doesActorOwnKey}.
|
|
42
66
|
* @since 0.8.0
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../src/httpsig/mod.ts"],"names":[],"mappings":";;AAAA;;;;;GAKG;AACH,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAC;AAK5C,OAAO,EACL,KAAK,cAAc,EAEpB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,KAAK,KAAK,EAAW,MAAM,mBAAmB,CAAC;AACxD,OAAO,EACL,KAAK,QAAQ,EACb,gBAAgB,EAEjB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EAAE,SAAS,EAAE,qBAAqB,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAEvE;;;;;;;;GAQG;AACH,wBAAsB,IAAI,CACxB,OAAO,EAAE,OAAO,EAChB,UAAU,EAAE,OAAO,CAAC,SAAS,EAC7B,KAAK,EAAE,GAAG,GACT,OAAO,CAAC,OAAO,CAAC,CAuClB;AAQD
|
|
1
|
+
{"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../src/httpsig/mod.ts"],"names":[],"mappings":";;AAAA;;;;;GAKG;AACH,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAC;AAK5C,OAAO,EACL,KAAK,cAAc,EAEpB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,KAAK,KAAK,EAAW,MAAM,mBAAmB,CAAC;AACxD,OAAO,EACL,KAAK,QAAQ,EACb,gBAAgB,EAEjB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EAAE,SAAS,EAAE,qBAAqB,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAEvE;;;;;;;;GAQG;AACH,wBAAsB,IAAI,CACxB,OAAO,EAAE,OAAO,EAChB,UAAU,EAAE,OAAO,CAAC,SAAS,EAC7B,KAAK,EAAE,GAAG,GACT,OAAO,CAAC,OAAO,CAAC,CAuClB;AAQD;;;;GAIG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAEhC;;OAEG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAE/B;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAE3C;;;OAGG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC;CACxC;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,MAAM,CAC1B,OAAO,EAAE,OAAO,EAChB,EAAE,cAAc,EAAE,aAAa,EAAE,UAAU,EAAE,WAAW,EAAE,GAAE,aACxD,GACH,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,CA+NlC;AAED;;;GAGG;AACH,MAAM,WAAW,sBAAsB;IACrC;;OAEG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAEhC;;OAEG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;CAChC;AAED;;;;;;GAMG;AACH,wBAAsB,eAAe,CACnC,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,gBAAgB,EACrB,OAAO,EAAE,sBAAsB,GAC9B,OAAO,CAAC,OAAO,CAAC,CAUlB;AAED;;;GAGG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAEhC;;OAEG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;CAChC;AAED;;;;;;;;;GASG;AACH,wBAAsB,WAAW,CAC/B,KAAK,EAAE,GAAG,GAAG,gBAAgB,EAC7B,OAAO,EAAE,kBAAkB,GAC1B,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CAgDvB"}
|