@golocalinteractive/golocal-cloud-wrapper 1.0.53 → 1.0.56

package/dist/golocal-cloud-wrapper.es256.js

@@ -0,0 +1,151 @@
+import { encode } from "./golocal-cloud-wrapper.es242.js";
+import { unprotected } from "./golocal-cloud-wrapper.es257.js";
+import encrypt from "./golocal-cloud-wrapper.es258.js";
+import encryptKeyManagement from "./golocal-cloud-wrapper.es259.js";
+import { JWEInvalid, JOSENotSupported } from "./golocal-cloud-wrapper.es240.js";
+import isDisjoint from "./golocal-cloud-wrapper.es244.js";
+import { encoder, concat, decoder } from "./golocal-cloud-wrapper.es241.js";
+import validateCrit from "./golocal-cloud-wrapper.es248.js";
+class FlattenedEncrypt {
+  constructor(plaintext) {
+    if (!(plaintext instanceof Uint8Array)) {
+      throw new TypeError("plaintext must be an instance of Uint8Array");
+    }
+    this._plaintext = plaintext;
+  }
+  setKeyManagementParameters(parameters) {
+    if (this._keyManagementParameters) {
+      throw new TypeError("setKeyManagementParameters can only be called once");
+    }
+    this._keyManagementParameters = parameters;
+    return this;
+  }
+  setProtectedHeader(protectedHeader) {
+    if (this._protectedHeader) {
+      throw new TypeError("setProtectedHeader can only be called once");
+    }
+    this._protectedHeader = protectedHeader;
+    return this;
+  }
+  setSharedUnprotectedHeader(sharedUnprotectedHeader) {
+    if (this._sharedUnprotectedHeader) {
+      throw new TypeError("setSharedUnprotectedHeader can only be called once");
+    }
+    this._sharedUnprotectedHeader = sharedUnprotectedHeader;
+    return this;
+  }
+  setUnprotectedHeader(unprotectedHeader) {
+    if (this._unprotectedHeader) {
+      throw new TypeError("setUnprotectedHeader can only be called once");
+    }
+    this._unprotectedHeader = unprotectedHeader;
+    return this;
+  }
+  setAdditionalAuthenticatedData(aad) {
+    this._aad = aad;
+    return this;
+  }
+  setContentEncryptionKey(cek) {
+    if (this._cek) {
+      throw new TypeError("setContentEncryptionKey can only be called once");
+    }
+    this._cek = cek;
+    return this;
+  }
+  setInitializationVector(iv) {
+    if (this._iv) {
+      throw new TypeError("setInitializationVector can only be called once");
+    }
+    this._iv = iv;
+    return this;
+  }
+  async encrypt(key, options) {
+    if (!this._protectedHeader && !this._unprotectedHeader && !this._sharedUnprotectedHeader) {
+      throw new JWEInvalid("either setProtectedHeader, setUnprotectedHeader, or sharedUnprotectedHeader must be called before #encrypt()");
+    }
+    if (!isDisjoint(this._protectedHeader, this._unprotectedHeader, this._sharedUnprotectedHeader)) {
+      throw new JWEInvalid("JWE Protected, JWE Shared Unprotected and JWE Per-Recipient Header Parameter names must be disjoint");
+    }
+    const joseHeader = {
+      ...this._protectedHeader,
+      ...this._unprotectedHeader,
+      ...this._sharedUnprotectedHeader
+    };
+    validateCrit(JWEInvalid, /* @__PURE__ */ new Map(), options == null ? void 0 : options.crit, this._protectedHeader, joseHeader);
+    if (joseHeader.zip !== void 0) {
+      throw new JOSENotSupported('JWE "zip" (Compression Algorithm) Header Parameter is not supported.');
+    }
+    const { alg, enc } = joseHeader;
+    if (typeof alg !== "string" || !alg) {
+      throw new JWEInvalid('JWE "alg" (Algorithm) Header Parameter missing or invalid');
+    }
+    if (typeof enc !== "string" || !enc) {
+      throw new JWEInvalid('JWE "enc" (Encryption Algorithm) Header Parameter missing or invalid');
+    }
+    let encryptedKey;
+    if (this._cek && (alg === "dir" || alg === "ECDH-ES")) {
+      throw new TypeError(`setContentEncryptionKey cannot be called with JWE "alg" (Algorithm) Header ${alg}`);
+    }
+    let cek;
+    {
+      let parameters;
+      ({ cek, encryptedKey, parameters } = await encryptKeyManagement(alg, enc, key, this._cek, this._keyManagementParameters));
+      if (parameters) {
+        if (options && unprotected in options) {
+          if (!this._unprotectedHeader) {
+            this.setUnprotectedHeader(parameters);
+          } else {
+            this._unprotectedHeader = { ...this._unprotectedHeader, ...parameters };
+          }
+        } else if (!this._protectedHeader) {
+          this.setProtectedHeader(parameters);
+        } else {
+          this._protectedHeader = { ...this._protectedHeader, ...parameters };
+        }
+      }
+    }
+    let additionalData;
+    let protectedHeader;
+    let aadMember;
+    if (this._protectedHeader) {
+      protectedHeader = encoder.encode(encode(JSON.stringify(this._protectedHeader)));
+    } else {
+      protectedHeader = encoder.encode("");
+    }
+    if (this._aad) {
+      aadMember = encode(this._aad);
+      additionalData = concat(protectedHeader, encoder.encode("."), encoder.encode(aadMember));
+    } else {
+      additionalData = protectedHeader;
+    }
+    const { ciphertext, tag, iv } = await encrypt(enc, this._plaintext, cek, this._iv, additionalData);
+    const jwe = {
+      ciphertext: encode(ciphertext)
+    };
+    if (iv) {
+      jwe.iv = encode(iv);
+    }
+    if (tag) {
+      jwe.tag = encode(tag);
+    }
+    if (encryptedKey) {
+      jwe.encrypted_key = encode(encryptedKey);
+    }
+    if (aadMember) {
+      jwe.aad = aadMember;
+    }
+    if (this._protectedHeader) {
+      jwe.protected = decoder.decode(protectedHeader);
+    }
+    if (this._sharedUnprotectedHeader) {
+      jwe.unprotected = this._sharedUnprotectedHeader;
+    }
+    if (this._unprotectedHeader) {
+      jwe.header = this._unprotectedHeader;
+    }
+    return jwe;
+  }
+}
+export {
+  FlattenedEncrypt
+};

package/dist/golocal-cloud-wrapper.es257.js

@@ -0,0 +1,4 @@
+const unprotected = Symbol();
+export {
+  unprotected
+};

package/dist/golocal-cloud-wrapper.es258.js

@@ -0,0 +1,76 @@
+import { concat, uint64be } from "./golocal-cloud-wrapper.es241.js";
+import checkIvLength from "./golocal-cloud-wrapper.es299.js";
+import checkCekLength from "./golocal-cloud-wrapper.es300.js";
+import crypto, { isCryptoKey } from "./golocal-cloud-wrapper.es294.js";
+import { checkEncCryptoKey } from "./golocal-cloud-wrapper.es301.js";
+import invalidKeyInput from "./golocal-cloud-wrapper.es297.js";
+import generateIv from "./golocal-cloud-wrapper.es302.js";
+import { JOSENotSupported } from "./golocal-cloud-wrapper.es240.js";
+import { types } from "./golocal-cloud-wrapper.es298.js";
+async function cbcEncrypt(enc, plaintext, cek, iv, aad) {
+  if (!(cek instanceof Uint8Array)) {
+    throw new TypeError(invalidKeyInput(cek, "Uint8Array"));
+  }
+  const keySize = parseInt(enc.slice(1, 4), 10);
+  const encKey = await crypto.subtle.importKey("raw", cek.subarray(keySize >> 3), "AES-CBC", false, ["encrypt"]);
+  const macKey = await crypto.subtle.importKey("raw", cek.subarray(0, keySize >> 3), {
+    hash: `SHA-${keySize << 1}`,
+    name: "HMAC"
+  }, false, ["sign"]);
+  const ciphertext = new Uint8Array(await crypto.subtle.encrypt({
+    iv,
+    name: "AES-CBC"
+  }, encKey, plaintext));
+  const macData = concat(aad, iv, ciphertext, uint64be(aad.length << 3));
+  const tag = new Uint8Array((await crypto.subtle.sign("HMAC", macKey, macData)).slice(0, keySize >> 3));
+  return { ciphertext, tag, iv };
+}
+async function gcmEncrypt(enc, plaintext, cek, iv, aad) {
+  let encKey;
+  if (cek instanceof Uint8Array) {
+    encKey = await crypto.subtle.importKey("raw", cek, "AES-GCM", false, ["encrypt"]);
+  } else {
+    checkEncCryptoKey(cek, enc, "encrypt");
+    encKey = cek;
+  }
+  const encrypted = new Uint8Array(await crypto.subtle.encrypt({
+    additionalData: aad,
+    iv,
+    name: "AES-GCM",
+    tagLength: 128
+  }, encKey, plaintext));
+  const tag = encrypted.slice(-16);
+  const ciphertext = encrypted.slice(0, -16);
+  return { ciphertext, tag, iv };
+}
+const encrypt = async (enc, plaintext, cek, iv, aad) => {
+  if (!isCryptoKey(cek) && !(cek instanceof Uint8Array)) {
+    throw new TypeError(invalidKeyInput(cek, ...types, "Uint8Array"));
+  }
+  if (iv) {
+    checkIvLength(enc, iv);
+  } else {
+    iv = generateIv(enc);
+  }
+  switch (enc) {
+    case "A128CBC-HS256":
+    case "A192CBC-HS384":
+    case "A256CBC-HS512":
+      if (cek instanceof Uint8Array) {
+        checkCekLength(cek, parseInt(enc.slice(-3), 10));
+      }
+      return cbcEncrypt(enc, plaintext, cek, iv, aad);
+    case "A128GCM":
+    case "A192GCM":
+    case "A256GCM":
+      if (cek instanceof Uint8Array) {
+        checkCekLength(cek, parseInt(enc.slice(1, 4), 10));
+      }
+      return gcmEncrypt(enc, plaintext, cek, iv, aad);
+    default:
+      throw new JOSENotSupported("Unsupported JWE Content Encryption Algorithm");
+  }
+};
+export {
+  encrypt as default
+};

package/dist/golocal-cloud-wrapper.es259.js

@@ -0,0 +1,92 @@
+import { wrap as wrap$1 } from "./golocal-cloud-wrapper.es284.js";
+import { ecdhAllowed, generateEpk, deriveKey } from "./golocal-cloud-wrapper.es285.js";
+import { encrypt } from "./golocal-cloud-wrapper.es286.js";
+import { encrypt as encrypt$1 } from "./golocal-cloud-wrapper.es287.js";
+import { encode } from "./golocal-cloud-wrapper.es242.js";
+import normalize from "./golocal-cloud-wrapper.es288.js";
+import generateCek, { bitLength } from "./golocal-cloud-wrapper.es247.js";
+import { JOSENotSupported } from "./golocal-cloud-wrapper.es240.js";
+import { exportJWK } from "./golocal-cloud-wrapper.es263.js";
+import checkKeyType from "./golocal-cloud-wrapper.es252.js";
+import { wrap } from "./golocal-cloud-wrapper.es289.js";
+async function encryptKeyManagement(alg, enc, key, providedCek, providedParameters = {}) {
+  var _a, _b;
+  let encryptedKey;
+  let parameters;
+  let cek;
+  checkKeyType(alg, key, "encrypt");
+  key = await ((_b = (_a = normalize).normalizePublicKey) == null ? void 0 : _b.call(_a, key, alg)) || key;
+  switch (alg) {
+    case "dir": {
+      cek = key;
+      break;
+    }
+    case "ECDH-ES":
+    case "ECDH-ES+A128KW":
+    case "ECDH-ES+A192KW":
+    case "ECDH-ES+A256KW": {
+      if (!ecdhAllowed(key)) {
+        throw new JOSENotSupported("ECDH with the provided key is not allowed or not supported by your javascript runtime");
+      }
+      const { apu, apv } = providedParameters;
+      let { epk: ephemeralKey } = providedParameters;
+      ephemeralKey || (ephemeralKey = (await generateEpk(key)).privateKey);
+      const { x, y, crv, kty } = await exportJWK(ephemeralKey);
+      const sharedSecret = await deriveKey(key, ephemeralKey, alg === "ECDH-ES" ? enc : alg, alg === "ECDH-ES" ? bitLength(enc) : parseInt(alg.slice(-5, -2), 10), apu, apv);
+      parameters = { epk: { x, crv, kty } };
+      if (kty === "EC")
+        parameters.epk.y = y;
+      if (apu)
+        parameters.apu = encode(apu);
+      if (apv)
+        parameters.apv = encode(apv);
+      if (alg === "ECDH-ES") {
+        cek = sharedSecret;
+        break;
+      }
+      cek = providedCek || generateCek(enc);
+      const kwAlg = alg.slice(-6);
+      encryptedKey = await wrap$1(kwAlg, sharedSecret, cek);
+      break;
+    }
+    case "RSA1_5":
+    case "RSA-OAEP":
+    case "RSA-OAEP-256":
+    case "RSA-OAEP-384":
+    case "RSA-OAEP-512": {
+      cek = providedCek || generateCek(enc);
+      encryptedKey = await encrypt$1(alg, key, cek);
+      break;
+    }
+    case "PBES2-HS256+A128KW":
+    case "PBES2-HS384+A192KW":
+    case "PBES2-HS512+A256KW": {
+      cek = providedCek || generateCek(enc);
+      const { p2c, p2s } = providedParameters;
+      ({ encryptedKey, ...parameters } = await encrypt(alg, key, cek, p2c, p2s));
+      break;
+    }
+    case "A128KW":
+    case "A192KW":
+    case "A256KW": {
+      cek = providedCek || generateCek(enc);
+      encryptedKey = await wrap$1(alg, key, cek);
+      break;
+    }
+    case "A128GCMKW":
+    case "A192GCMKW":
+    case "A256GCMKW": {
+      cek = providedCek || generateCek(enc);
+      const { iv } = providedParameters;
+      ({ encryptedKey, ...parameters } = await wrap(alg, key, cek, iv));
+      break;
+    }
+    default: {
+      throw new JOSENotSupported('Invalid or unsupported "alg" (JWE Algorithm) header value');
+    }
+  }
+  return { cek, encryptedKey, parameters };
+}
+export {
+  encryptKeyManagement as default
+};

package/dist/golocal-cloud-wrapper.es26.js

@@ -0,0 +1,102 @@
+import * as React from "react";
+import { composeRefs } from "./golocal-cloud-wrapper.es56.js";
+import { j as jsxRuntimeExports } from "./golocal-cloud-wrapper.es18.js";
+// @__NO_SIDE_EFFECTS__
+function createSlot(ownerName) {
+  const SlotClone = /* @__PURE__ */ createSlotClone(ownerName);
+  const Slot2 = React.forwardRef((props, forwardedRef) => {
+    const { children, ...slotProps } = props;
+    const childrenArray = React.Children.toArray(children);
+    const slottable = childrenArray.find(isSlottable);
+    if (slottable) {
+      const newElement = slottable.props.children;
+      const newChildren = childrenArray.map((child) => {
+        if (child === slottable) {
+          if (React.Children.count(newElement) > 1) return React.Children.only(null);
+          return React.isValidElement(newElement) ? newElement.props.children : null;
+        } else {
+          return child;
+        }
+      });
+      return /* @__PURE__ */ jsxRuntimeExports.jsx(SlotClone, { ...slotProps, ref: forwardedRef, children: React.isValidElement(newElement) ? React.cloneElement(newElement, void 0, newChildren) : null });
+    }
+    return /* @__PURE__ */ jsxRuntimeExports.jsx(SlotClone, { ...slotProps, ref: forwardedRef, children });
+  });
+  Slot2.displayName = `${ownerName}.Slot`;
+  return Slot2;
+}
+var Slot = /* @__PURE__ */ createSlot("Slot");
+// @__NO_SIDE_EFFECTS__
+function createSlotClone(ownerName) {
+  const SlotClone = React.forwardRef((props, forwardedRef) => {
+    const { children, ...slotProps } = props;
+    if (React.isValidElement(children)) {
+      const childrenRef = getElementRef(children);
+      const props2 = mergeProps(slotProps, children.props);
+      if (children.type !== React.Fragment) {
+        props2.ref = forwardedRef ? composeRefs(forwardedRef, childrenRef) : childrenRef;
+      }
+      return React.cloneElement(children, props2);
+    }
+    return React.Children.count(children) > 1 ? React.Children.only(null) : null;
+  });
+  SlotClone.displayName = `${ownerName}.SlotClone`;
+  return SlotClone;
+}
+var SLOTTABLE_IDENTIFIER = Symbol("radix.slottable");
+// @__NO_SIDE_EFFECTS__
+function createSlottable(ownerName) {
+  const Slottable2 = ({ children }) => {
+    return /* @__PURE__ */ jsxRuntimeExports.jsx(jsxRuntimeExports.Fragment, { children });
+  };
+  Slottable2.displayName = `${ownerName}.Slottable`;
+  Slottable2.__radixId = SLOTTABLE_IDENTIFIER;
+  return Slottable2;
+}
+function isSlottable(child) {
+  return React.isValidElement(child) && typeof child.type === "function" && "__radixId" in child.type && child.type.__radixId === SLOTTABLE_IDENTIFIER;
+}
+function mergeProps(slotProps, childProps) {
+  const overrideProps = { ...childProps };
+  for (const propName in childProps) {
+    const slotPropValue = slotProps[propName];
+    const childPropValue = childProps[propName];
+    const isHandler = /^on[A-Z]/.test(propName);
+    if (isHandler) {
+      if (slotPropValue && childPropValue) {
+        overrideProps[propName] = (...args) => {
+          const result = childPropValue(...args);
+          slotPropValue(...args);
+          return result;
+        };
+      } else if (slotPropValue) {
+        overrideProps[propName] = slotPropValue;
+      }
+    } else if (propName === "style") {
+      overrideProps[propName] = { ...slotPropValue, ...childPropValue };
+    } else if (propName === "className") {
+      overrideProps[propName] = [slotPropValue, childPropValue].filter(Boolean).join(" ");
+    }
+  }
+  return { ...slotProps, ...overrideProps };
+}
+function getElementRef(element) {
+  var _a, _b;
+  let getter = (_a = Object.getOwnPropertyDescriptor(element.props, "ref")) == null ? void 0 : _a.get;
+  let mayWarn = getter && "isReactWarning" in getter && getter.isReactWarning;
+  if (mayWarn) {
+    return element.ref;
+  }
+  getter = (_b = Object.getOwnPropertyDescriptor(element, "ref")) == null ? void 0 : _b.get;
+  mayWarn = getter && "isReactWarning" in getter && getter.isReactWarning;
+  if (mayWarn) {
+    return element.props.ref;
+  }
+  return element.props.ref || element.ref;
+}
+export {
+  Slot as Root,
+  Slot,
+  createSlot,
+  createSlottable
+};

package/dist/golocal-cloud-wrapper.es260.js

@@ -0,0 +1,71 @@
+import epoch from "./golocal-cloud-wrapper.es291.js";
+import isObject from "./golocal-cloud-wrapper.es245.js";
+import secs from "./golocal-cloud-wrapper.es292.js";
+function validateInput(label, input) {
+  if (!Number.isFinite(input)) {
+    throw new TypeError(`Invalid ${label} input`);
+  }
+  return input;
+}
+class ProduceJWT {
+  constructor(payload = {}) {
+    if (!isObject(payload)) {
+      throw new TypeError("JWT Claims Set MUST be an object");
+    }
+    this._payload = payload;
+  }
+  setIssuer(issuer) {
+    this._payload = { ...this._payload, iss: issuer };
+    return this;
+  }
+  setSubject(subject) {
+    this._payload = { ...this._payload, sub: subject };
+    return this;
+  }
+  setAudience(audience) {
+    this._payload = { ...this._payload, aud: audience };
+    return this;
+  }
+  setJti(jwtId) {
+    this._payload = { ...this._payload, jti: jwtId };
+    return this;
+  }
+  setNotBefore(input) {
+    if (typeof input === "number") {
+      this._payload = { ...this._payload, nbf: validateInput("setNotBefore", input) };
+    } else if (input instanceof Date) {
+      this._payload = { ...this._payload, nbf: validateInput("setNotBefore", epoch(input)) };
+    } else {
+      this._payload = { ...this._payload, nbf: epoch(/* @__PURE__ */ new Date()) + secs(input) };
+    }
+    return this;
+  }
+  setExpirationTime(input) {
+    if (typeof input === "number") {
+      this._payload = { ...this._payload, exp: validateInput("setExpirationTime", input) };
+    } else if (input instanceof Date) {
+      this._payload = { ...this._payload, exp: validateInput("setExpirationTime", epoch(input)) };
+    } else {
+      this._payload = { ...this._payload, exp: epoch(/* @__PURE__ */ new Date()) + secs(input) };
+    }
+    return this;
+  }
+  setIssuedAt(input) {
+    if (typeof input === "undefined") {
+      this._payload = { ...this._payload, iat: epoch(/* @__PURE__ */ new Date()) };
+    } else if (input instanceof Date) {
+      this._payload = { ...this._payload, iat: validateInput("setIssuedAt", epoch(input)) };
+    } else if (typeof input === "string") {
+      this._payload = {
+        ...this._payload,
+        iat: validateInput("setIssuedAt", epoch(/* @__PURE__ */ new Date()) + secs(input))
+      };
+    } else {
+      this._payload = { ...this._payload, iat: validateInput("setIssuedAt", input) };
+    }
+    return this;
+  }
+}
+export {
+  ProduceJWT
+};

package/dist/golocal-cloud-wrapper.es261.js

@@ -0,0 +1,124 @@
+import { importJWK } from "./golocal-cloud-wrapper.es156.js";
+import { JWKSInvalid, JWKSNoMatchingKey, JWKSMultipleMatchingKeys, JOSENotSupported } from "./golocal-cloud-wrapper.es240.js";
+import isObject from "./golocal-cloud-wrapper.es245.js";
+function getKtyFromAlg(alg) {
+  switch (typeof alg === "string" && alg.slice(0, 2)) {
+    case "RS":
+    case "PS":
+      return "RSA";
+    case "ES":
+      return "EC";
+    case "Ed":
+      return "OKP";
+    default:
+      throw new JOSENotSupported('Unsupported "alg" value for a JSON Web Key Set');
+  }
+}
+function isJWKSLike(jwks) {
+  return jwks && typeof jwks === "object" && Array.isArray(jwks.keys) && jwks.keys.every(isJWKLike);
+}
+function isJWKLike(key) {
+  return isObject(key);
+}
+function clone(obj) {
+  if (typeof structuredClone === "function") {
+    return structuredClone(obj);
+  }
+  return JSON.parse(JSON.stringify(obj));
+}
+class LocalJWKSet {
+  constructor(jwks) {
+    this._cached = /* @__PURE__ */ new WeakMap();
+    if (!isJWKSLike(jwks)) {
+      throw new JWKSInvalid("JSON Web Key Set malformed");
+    }
+    this._jwks = clone(jwks);
+  }
+  async getKey(protectedHeader, token) {
+    const { alg, kid } = { ...protectedHeader, ...token == null ? void 0 : token.header };
+    const kty = getKtyFromAlg(alg);
+    const candidates = this._jwks.keys.filter((jwk2) => {
+      let candidate = kty === jwk2.kty;
+      if (candidate && typeof kid === "string") {
+        candidate = kid === jwk2.kid;
+      }
+      if (candidate && typeof jwk2.alg === "string") {
+        candidate = alg === jwk2.alg;
+      }
+      if (candidate && typeof jwk2.use === "string") {
+        candidate = jwk2.use === "sig";
+      }
+      if (candidate && Array.isArray(jwk2.key_ops)) {
+        candidate = jwk2.key_ops.includes("verify");
+      }
+      if (candidate) {
+        switch (alg) {
+          case "ES256":
+            candidate = jwk2.crv === "P-256";
+            break;
+          case "ES256K":
+            candidate = jwk2.crv === "secp256k1";
+            break;
+          case "ES384":
+            candidate = jwk2.crv === "P-384";
+            break;
+          case "ES512":
+            candidate = jwk2.crv === "P-521";
+            break;
+          case "Ed25519":
+            candidate = jwk2.crv === "Ed25519";
+            break;
+          case "EdDSA":
+            candidate = jwk2.crv === "Ed25519" || jwk2.crv === "Ed448";
+            break;
+        }
+      }
+      return candidate;
+    });
+    const { 0: jwk, length } = candidates;
+    if (length === 0) {
+      throw new JWKSNoMatchingKey();
+    }
+    if (length !== 1) {
+      const error = new JWKSMultipleMatchingKeys();
+      const { _cached } = this;
+      error[Symbol.asyncIterator] = async function* () {
+        for (const jwk2 of candidates) {
+          try {
+            yield await importWithAlgCache(_cached, jwk2, alg);
+          } catch {
+          }
+        }
+      };
+      throw error;
+    }
+    return importWithAlgCache(this._cached, jwk, alg);
+  }
+}
+async function importWithAlgCache(cache, jwk, alg) {
+  const cached = cache.get(jwk) || cache.set(jwk, {}).get(jwk);
+  if (cached[alg] === void 0) {
+    const key = await importJWK({ ...jwk, ext: true }, alg);
+    if (key instanceof Uint8Array || key.type !== "public") {
+      throw new JWKSInvalid("JSON Web Key Set members must be public keys");
+    }
+    cached[alg] = key;
+  }
+  return cached[alg];
+}
+function createLocalJWKSet(jwks) {
+  const set = new LocalJWKSet(jwks);
+  const localJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token);
+  Object.defineProperties(localJWKSet, {
+    jwks: {
+      value: () => clone(set._jwks),
+      enumerable: true,
+      configurable: false,
+      writable: false
+    }
+  });
+  return localJWKSet;
+}
+export {
+  createLocalJWKSet
+};

package/dist/golocal-cloud-wrapper.es262.js

@@ -0,0 +1,35 @@
+import { JWKSTimeout, JOSEError } from "./golocal-cloud-wrapper.es240.js";
+const fetchJwks = async (url, timeout, options) => {
+  let controller;
+  let id;
+  let timedOut = false;
+  if (typeof AbortController === "function") {
+    controller = new AbortController();
+    id = setTimeout(() => {
+      timedOut = true;
+      controller.abort();
+    }, timeout);
+  }
+  const response = await fetch(url.href, {
+    signal: controller ? controller.signal : void 0,
+    redirect: "manual",
+    headers: options.headers
+  }).catch((err) => {
+    if (timedOut)
+      throw new JWKSTimeout();
+    throw err;
+  });
+  if (id !== void 0)
+    clearTimeout(id);
+  if (response.status !== 200) {
+    throw new JOSEError("Expected 200 OK from the JSON Web Key Set HTTP response");
+  }
+  try {
+    return await response.json();
+  } catch {
+    throw new JOSEError("Failed to parse the JSON Web Key Set HTTP response as JSON");
+  }
+};
+export {
+  fetchJwks as default
+};

package/dist/golocal-cloud-wrapper.es263.js

@@ -0,0 +1,7 @@
+import keyToJWK from "./golocal-cloud-wrapper.es264.js";
+async function exportJWK(key) {
+  return keyToJWK(key);
+}
+export {
+  exportJWK
+};

package/dist/golocal-cloud-wrapper.es264.js

@@ -0,0 +1,23 @@
+import crypto, { isCryptoKey } from "./golocal-cloud-wrapper.es294.js";
+import invalidKeyInput from "./golocal-cloud-wrapper.es297.js";
+import { encode } from "./golocal-cloud-wrapper.es242.js";
+import { types } from "./golocal-cloud-wrapper.es298.js";
+const keyToJWK = async (key) => {
+  if (key instanceof Uint8Array) {
+    return {
+      kty: "oct",
+      k: encode(key)
+    };
+  }
+  if (!isCryptoKey(key)) {
+    throw new TypeError(invalidKeyInput(key, ...types, "Uint8Array"));
+  }
+  if (!key.extractable) {
+    throw new TypeError("non-extractable CryptoKey cannot be exported as a JWK");
+  }
+  const { ext, key_ops, alg, use, ...jwk } = await crypto.subtle.exportKey("jwk", key);
+  return jwk;
+};
+export {
+  keyToJWK as default
+};