@icure/api 7.1.9 → 7.1.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-api/model/ModelHelper.js +5 -4
- package/icc-api/model/ModelHelper.js.map +1 -1
- package/icc-api/model/models.d.ts +1 -0
- package/icc-api/model/models.js +1 -0
- package/icc-api/model/models.js.map +1 -1
- package/icc-x-api/auth/JwtAuthService.d.ts +1 -1
- package/icc-x-api/auth/JwtAuthService.js +5 -4
- package/icc-x-api/auth/JwtAuthService.js.map +1 -1
- package/icc-x-api/auth/JwtBridgedAuthService.d.ts +1 -1
- package/icc-x-api/auth/JwtBridgedAuthService.js +5 -4
- package/icc-x-api/auth/JwtBridgedAuthService.js.map +1 -1
- package/icc-x-api/crypto/BaseExchangeKeysManager.js +11 -2
- package/icc-x-api/crypto/BaseExchangeKeysManager.js.map +1 -1
- package/icc-x-api/crypto/KeyManager.d.ts +23 -0
- package/icc-x-api/crypto/KeyManager.js +48 -7
- package/icc-x-api/crypto/KeyManager.js.map +1 -1
- package/icc-x-api/icc-crypto-x-api.d.ts +37 -3
- package/icc-x-api/icc-crypto-x-api.js +53 -1
- package/icc-x-api/icc-crypto-x-api.js.map +1 -1
- package/icc-x-api/index.d.ts +6 -0
- package/icc-x-api/index.js +7 -1
- package/icc-x-api/index.js.map +1 -1
- package/icc-x-api/utils/crypto-utils.js +1 -1
- package/icc-x-api/utils/crypto-utils.js.map +1 -1
- package/index.d.ts +1 -1
- package/index.js +1 -3
- package/index.js.map +1 -1
- package/package.json +1 -1
|
@@ -68,23 +68,24 @@ function b2a(a) {
|
|
|
68
68
|
}
|
|
69
69
|
exports.b2a = b2a;
|
|
70
70
|
function a2b(s) {
|
|
71
|
+
const urlUnsafeString = s.replace(/_/g, '/').replace(/-/g, '+');
|
|
71
72
|
if (typeof window !== 'undefined') {
|
|
72
73
|
//Favour atob in browser
|
|
73
74
|
if (typeof atob !== 'undefined') {
|
|
74
|
-
return atob(
|
|
75
|
+
return atob(urlUnsafeString);
|
|
75
76
|
}
|
|
76
77
|
if (typeof Buffer !== 'undefined') {
|
|
77
|
-
const buf = new Buffer(
|
|
78
|
+
const buf = new Buffer(urlUnsafeString, 'base64');
|
|
78
79
|
return buf.toString('latin1');
|
|
79
80
|
}
|
|
80
81
|
}
|
|
81
82
|
else {
|
|
82
83
|
if (typeof Buffer !== 'undefined') {
|
|
83
|
-
const buf = new Buffer(
|
|
84
|
+
const buf = new Buffer(urlUnsafeString, 'base64');
|
|
84
85
|
return buf.toString('latin1');
|
|
85
86
|
}
|
|
86
87
|
if (typeof atob !== 'undefined') {
|
|
87
|
-
return atob(
|
|
88
|
+
return atob(urlUnsafeString);
|
|
88
89
|
}
|
|
89
90
|
}
|
|
90
91
|
throw new Error('Unsupported operation a2b');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ModelHelper.js","sourceRoot":"","sources":["../../../icc-api/model/ModelHelper.ts"],"names":[],"mappings":";;;AAAA,SAAgB,SAAS,CAAC,GAA6B;IACrD,IAAI,GAAG,GAAG,EAAE,CAAA;IACZ,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAA;IAC9B,MAAM,KAAK,GAAG,EAAE,CAAC,MAAM,CAAA;IACvB,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACjC,IAAI,MAAM,EAAE,GAAG,EAAE,KAAK,CAAA;IACtB,KAAK,MAAM,GAAG,CAAC,EAAE,MAAM,GAAG,KAAK,EAAE,MAAM,IAAI,UAAU,EAAE;QACrD,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,GAAG,MAAM,CAAC,CAAA;QAC1C,KAAK,GAAG,EAAE,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,GAAG,CAAC,CAAA;QACzC,GAAG,IAAI,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,EAAE,KAAY,CAAC,CAAA;KACrD;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAZD,8BAYC;AAED,SAAgB,SAAS,CAAC,CAAS;IACjC,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAA;IACnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACjC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,CAAA;KAC/B;IACD,OAAO,EAAE,CAAA;AACX,CAAC;AAND,8BAMC;AAED,SAAgB,SAAS,CAAC,CAAS;IACjC,OAAO,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAA;AAC5B,CAAC;AAFD,8BAEC;AAED,SAAgB,KAAK,CAAC,EAAc;IAClC,MAAM,MAAM,GAAG,EAAE,CAAC,MAAM,CAAA;IACxB,OAAO,CAAC,MAAM,CAAC,UAAU,GAAG,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,MAAM,CAAgB,CAAA;AACrG,CAAC;AAHD,sBAGC;AAED,SAAgB,OAAO,CAAC,CAAS;IAC/B,OAAO,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;AACjC,CAAC;AAFD,0BAEC;AAED,SAAgB,OAAO,CAAC,CAAS;IAC/B,OAAO,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;AAC1B,CAAC;AAFD,0BAEC;AAED,SAAgB,MAAM,CAAC,GAA6B;IAClD,OAAO,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAA;AAC5B,CAAC;AAFD,wBAEC;AAED,SAAgB,GAAG,CAAC,CAAS;IAC3B,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE;QACjC,wBAAwB;QACxB,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE;YAC/B,OAAO,IAAI,CAAC,CAAC,CAAC,CAAA;SACf;QACD,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE;YACjC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAA;YACpC,OAAO,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;SAC9B;KACF;SAAM;QACL,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE;YACjC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAA;YACpC,OAAO,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;SAC9B;QACD,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE;YAC/B,OAAO,IAAI,CAAC,CAAC,CAAC,CAAA;SACf;KACF;IACD,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAA;AAC9C,CAAC;AApBD,kBAoBC;AAED,SAAgB,GAAG,CAAC,CAAS;IAC3B,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE;QACjC,wBAAwB;QACxB,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE;YAC/B,OAAO,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"ModelHelper.js","sourceRoot":"","sources":["../../../icc-api/model/ModelHelper.ts"],"names":[],"mappings":";;;AAAA,SAAgB,SAAS,CAAC,GAA6B;IACrD,IAAI,GAAG,GAAG,EAAE,CAAA;IACZ,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAA;IAC9B,MAAM,KAAK,GAAG,EAAE,CAAC,MAAM,CAAA;IACvB,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IACjC,IAAI,MAAM,EAAE,GAAG,EAAE,KAAK,CAAA;IACtB,KAAK,MAAM,GAAG,CAAC,EAAE,MAAM,GAAG,KAAK,EAAE,MAAM,IAAI,UAAU,EAAE;QACrD,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,GAAG,MAAM,CAAC,CAAA;QAC1C,KAAK,GAAG,EAAE,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,GAAG,CAAC,CAAA;QACzC,GAAG,IAAI,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,EAAE,KAAY,CAAC,CAAA;KACrD;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAZD,8BAYC;AAED,SAAgB,SAAS,CAAC,CAAS;IACjC,MAAM,EAAE,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAA;IACnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACjC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,CAAA;KAC/B;IACD,OAAO,EAAE,CAAA;AACX,CAAC;AAND,8BAMC;AAED,SAAgB,SAAS,CAAC,CAAS;IACjC,OAAO,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAA;AAC5B,CAAC;AAFD,8BAEC;AAED,SAAgB,KAAK,CAAC,EAAc;IAClC,MAAM,MAAM,GAAG,EAAE,CAAC,MAAM,CAAA;IACxB,OAAO,CAAC,MAAM,CAAC,UAAU,GAAG,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,MAAM,CAAgB,CAAA;AACrG,CAAC;AAHD,sBAGC;AAED,SAAgB,OAAO,CAAC,CAAS;IAC/B,OAAO,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;AACjC,CAAC;AAFD,0BAEC;AAED,SAAgB,OAAO,CAAC,CAAS;IAC/B,OAAO,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;AAC1B,CAAC;AAFD,0BAEC;AAED,SAAgB,MAAM,CAAC,GAA6B;IAClD,OAAO,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAA;AAC5B,CAAC;AAFD,wBAEC;AAED,SAAgB,GAAG,CAAC,CAAS;IAC3B,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE;QACjC,wBAAwB;QACxB,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE;YAC/B,OAAO,IAAI,CAAC,CAAC,CAAC,CAAA;SACf;QACD,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE;YACjC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAA;YACpC,OAAO,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;SAC9B;KACF;SAAM;QACL,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE;YACjC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAA;YACpC,OAAO,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;SAC9B;QACD,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE;YAC/B,OAAO,IAAI,CAAC,CAAC,CAAC,CAAA;SACf;KACF;IACD,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAA;AAC9C,CAAC;AApBD,kBAoBC;AAED,SAAgB,GAAG,CAAC,CAAS;IAC3B,MAAM,eAAe,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IAC/D,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE;QACjC,wBAAwB;QACxB,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE;YAC/B,OAAO,IAAI,CAAC,eAAe,CAAC,CAAA;SAC7B;QACD,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE;YACjC,MAAM,GAAG,GAAG,IAAI,MAAM,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAA;YACjD,OAAO,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;SAC9B;KACF;SAAM;QACL,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE;YACjC,MAAM,GAAG,GAAG,IAAI,MAAM,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAA;YACjD,OAAO,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;SAC9B;QACD,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE;YAC/B,OAAO,IAAI,CAAC,eAAe,CAAC,CAAA;SAC7B;KACF;IACD,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAA;AAC9C,CAAC;AArBD,kBAqBC","sourcesContent":["export function ua2string(_ua: Uint8Array | ArrayBuffer): string {\n let str = ''\n const ab = new Uint8Array(_ua)\n const abLen = ab.length\n const CHUNK_SIZE = Math.pow(2, 8)\n let offset, len, subab\n for (offset = 0; offset < abLen; offset += CHUNK_SIZE) {\n len = Math.min(CHUNK_SIZE, abLen - offset)\n subab = ab.subarray(offset, offset + len)\n str += String.fromCharCode.apply(null, subab as any)\n }\n return str\n}\n\nexport function string2ua(s: string): Uint8Array {\n const ua = new Uint8Array(s.length)\n for (let i = 0; i < s.length; i++) {\n ua[i] = s.charCodeAt(i) & 0xff\n }\n return ua\n}\n\nexport function string2ab(s: string): ArrayBuffer {\n return ua2ab(string2ua(s))\n}\n\nexport function ua2ab(ua: Uint8Array): ArrayBuffer {\n const buffer = ua.buffer\n return (buffer.byteLength > ua.byteLength ? buffer.slice(0, ua.byteLength) : buffer) as ArrayBuffer\n}\n\nexport function b64_2ab(s: string): ArrayBuffer {\n return ua2ab(string2ua(a2b(s)))\n}\n\nexport function b64_2ua(s: string): Uint8Array {\n return string2ua(a2b(s))\n}\n\nexport function ua2b64(_ua: Uint8Array | ArrayBuffer): string {\n return b2a(ua2string(_ua))\n}\n\nexport function b2a(a: string): string {\n if (typeof window !== 'undefined') {\n //Favour btoa in browser\n if (typeof btoa !== 'undefined') {\n return btoa(a)\n }\n if (typeof Buffer !== 'undefined') {\n const buf = Buffer.from(a, 'latin1')\n return buf.toString('base64')\n }\n } else {\n if (typeof Buffer !== 'undefined') {\n const buf = Buffer.from(a, 'latin1')\n return buf.toString('base64')\n }\n if (typeof btoa !== 'undefined') {\n return btoa(a)\n }\n }\n throw new Error('Unsupported operation b2a')\n}\n\nexport function a2b(s: string): string {\n const urlUnsafeString = s.replace(/_/g, '/').replace(/-/g, '+')\n if (typeof window !== 'undefined') {\n //Favour atob in browser\n if (typeof atob !== 'undefined') {\n return atob(urlUnsafeString)\n }\n if (typeof Buffer !== 'undefined') {\n const buf = new Buffer(urlUnsafeString, 'base64')\n return buf.toString('latin1')\n }\n } else {\n if (typeof Buffer !== 'undefined') {\n const buf = new Buffer(urlUnsafeString, 'base64')\n return buf.toString('latin1')\n }\n if (typeof atob !== 'undefined') {\n return atob(urlUnsafeString)\n }\n }\n throw new Error('Unsupported operation a2b')\n}\n"]}
|
|
@@ -271,6 +271,7 @@ export * from './VmpStub';
|
|
|
271
271
|
export * from './Vtm';
|
|
272
272
|
export * from './Wada';
|
|
273
273
|
export * from './Weekday';
|
|
274
|
+
export * from './CryptoActorStub';
|
|
274
275
|
export type EncryptedEntity = AccessLog | Article | CalendarItem | Classification | Contact | Document | Form | HealthElement | Invoice | MaintenanceTask | Message | Patient | Receipt;
|
|
275
276
|
export type EncryptedEntityStub = {
|
|
276
277
|
secretForeignKeys?: Array<string>;
|
package/icc-api/model/models.js
CHANGED
|
@@ -273,4 +273,5 @@ __exportStar(require("./VmpStub"), exports);
|
|
|
273
273
|
__exportStar(require("./Vtm"), exports);
|
|
274
274
|
__exportStar(require("./Wada"), exports);
|
|
275
275
|
__exportStar(require("./Weekday"), exports);
|
|
276
|
+
__exportStar(require("./CryptoActorStub"), exports);
|
|
276
277
|
//# sourceMappingURL=models.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"models.js","sourceRoot":"","sources":["../../../icc-api/model/models.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAeA,uDAAoC;AACpC,0DAAuC;AACvC,yDAAsC;AACtC,gEAA6C;AAC7C,kEAA+C;AAC/C,0DAAuC;AACvC,kEAA+C;AAC/C,0DAAuC;AACvC,0DAAuC;AACvC,uDAAoC;AACpC,8CAA2B;AAC3B,kDAA+B;AAC/B,4CAAyB;AACzB,2DAAwC;AACxC,2CAAwB;AACxB,sDAAmC;AACnC,wCAAqB;AACrB,iDAA8B;AAC9B,yCAAsB;AACtB,kDAA+B;AAC/B,+CAA4B;AAC5B,wDAAqC;AACrC,4DAAyC;AACzC,4CAAyB;AACzB,wCAAqB;AACrB,uDAAoC;AACpC,2DAAwC;AACxC,wDAAqC;AACrC,0CAAuB;AACvB,yCAAsB;AACtB,gEAA6C;AAC7C,iDAA8B;AAC9B,oDAAiC;AACjC,qDAAkC;AAClC,mDAAgC;AAChC,uDAAoC;AACpC,0DAAuC;AACvC,mDAAgC;AAChC,2DAAwC;AACxC,yCAAsB;AACtB,6CAA0B;AAC1B,6CAA0B;AAC1B,4DAAyC;AACzC,sDAAmC;AACnC,4CAAyB;AACzB,4CAAyB;AACzB,4CAAyB;AACzB,+CAA4B;AAC5B,8CAA2B;AAC3B,yCAAsB;AACtB,mDAAgC;AAChC,iEAA8C;AAC9C,sDAAmC;AACnC,iDAA8B;AAC9B,2DAAwC;AACxC,4DAAyC;AACzC,+CAA4B;AAC5B,sDAAmC;AACnC,2CAAwB;AACxB,+CAA4B;AAC5B,wDAAqC;AACrC,yCAAsB;AACtB,kDAA+B;AAC/B,6CAA0B;AAC1B,kDAA+B;AAC/B,qDAAkC;AAClC,6CAA0B;AAC1B,4CAAyB;AACzB,2CAAwB;AACxB,iDAA8B;AAC9B,6CAA0B;AAC1B,mDAAgC;AAChC,oDAAiC;AACjC,mDAAgC;AAChC,4CAAyB;AACzB,oDAAiC;AACjC,uDAAoC;AACpC,sDAAmC;AACnC,6DAA0C;AAC1C,+DAA4C;AAC5C,uDAAoC;AACpC,+DAA4C;AAC5C,uDAAoC;AACpC,uDAAoC;AACpC,oDAAiC;AACjC,oEAAiD;AACjD,yDAAsC;AACtC,6CAA0B;AAC1B,yCAAsB;AACtB,+CAA4B;AAC5B,mDAAgC;AAChC,+CAA4B;AAC5B,mDAAgC;AAChC,iDAA8B;AAC9B,gDAA6B;AAC7B,iDAA8B;AAC9B,uDAAoC;AACpC,4CAAyB;AACzB,sDAAmC;AACnC,0CAAuB;AACvB,uDAAoC;AACpC,4CAAyB;AACzB,gDAA6B;AAC7B,wDAAqC;AACrC,kDAA+B;AAC/B,oDAAiC;AACjC,iEAA8C;AAC9C,8CAA2B;AAC3B,8CAA2B;AAC3B,+CAA4B;AAC5B,2DAAwC;AACxC,kDAA+B;AAC/B,iDAA8B;AAC9B,yDAAsC;AACtC,iDAA8B;AAC9B,+CAA4B;AAC5B,iDAA8B;AAC9B,8CAA2B;AAC3B,4CAAyB;AACzB,gDAA6B;AAC7B,kDAA+B;AAC/B,kDAA+B;AAC/B,kDAA+B;AAC/B,4CAAyB;AACzB,mDAAgC;AAChC,sDAAmC;AACnC,gDAA6B;AAC7B,8CAA2B;AAC3B,qDAAkC;AAClC,qDAAkC;AAClC,oDAAiC;AACjC,6CAA0B;AAC1B,4CAAyB;AACzB,8CAA2B;AAC3B,yDAAsC;AACtC,oDAAiC;AACjC,+CAA4B;AAC5B,+DAA4C;AAC5C,qDAAkC;AAClC,4CAAyB;AACzB,sDAAmC;AACnC,qDAAkC;AAClC,6DAA0C;AAC1C,mDAAgC;AAChC,wCAAqB;AACrB,gEAA6C;AAC7C,mDAAgC;AAChC,mDAAgC;AAChC,kDAA+B;AAC/B,qEAAkD;AAClD,2DAAwC;AACxC,qDAAkC;AAClC,gEAA6C;AAC7C,wEAAqD;AACrD,sDAAmC;AACnC,yDAAsC;AACtC,wDAAqC;AACrC,0DAAuC;AACvC,gEAA6C;AAC7C,sDAAmC;AACnC,uDAAoC;AACpC,+DAA4C;AAC5C,iEAA8C;AAC9C,yDAAsC;AACtC,iEAA8C;AAC9C,yDAAsC;AACtC,qDAAkC;AAClC,yDAAsC;AACtC,yDAAsC;AACtC,wDAAqC;AACrC,8DAA2C;AAC3C,sDAAmC;AACnC,qDAAkC;AAClC,0DAAuC;AACvC,8CAA2B;AAC3B,uDAAoC;AACpC,yCAAsB;AACtB,gDAA6B;AAC7B,4CAAyB;AACzB,2DAAwC;AACxC,4CAAyB;AACzB,gDAA6B;AAC7B,+CAA4B;AAC5B,mDAAgC;AAChC,+CAA4B;AAC5B,uDAAoC;AACpC,2DAAwC;AACxC,0CAAuB;AACvB,iDAA8B;AAC9B,8CAA2B;AAC3B,4CAAyB;AACzB,iDAA8B;AAC9B,qDAAkC;AAClC,8CAA2B;AAC3B,6CAA0B;AAC1B,4CAAyB;AACzB,mDAAgC;AAChC,gDAA6B;AAC7B,4DAAyC;AACzC,wDAAqC;AACrC,kDAA+B;AAC/B,2DAAwC;AACxC,2CAAwB;AACxB,yDAAsC;AACtC,4CAAyB;AACzB,gDAA6B;AAC7B,qDAAkC;AAClC,oDAAiC;AACjC,qDAAkC;AAClC,uDAAoC;AACpC,uDAAoC;AACpC,+CAA4B;AAC5B,0CAAuB;AACvB,0DAAuC;AACvC,4CAAyB;AACzB,+CAA4B;AAC5B,kDAA+B;AAC/B,4CAAyB;AACzB,4CAAyB;AACzB,gDAA6B;AAC7B,8DAA2C;AAC3C,sDAAmC;AACnC,kDAA+B;AAC/B,qDAAkC;AAClC,+CAA4B;AAC5B,8CAA2B;AAC3B,kDAA+B;AAC/B,qDAAkC;AAClC,4CAAyB;AACzB,kDAA+B;AAC/B,qDAAkC;AAClC,mDAAgC;AAChC,kDAA+B;AAC/B,+CAA4B;AAC5B,wCAAqB;AACrB,iDAA8B;AAC9B,4CAAyB;AACzB,+CAA4B;AAC5B,8CAA2B;AAC3B,kDAA+B;AAC/B,kDAA+B;AAC/B,mDAAgC;AAChC,qDAAkC;AAClC,yCAAsB;AACtB,yCAAsB;AACtB,2DAAwC;AACxC,8CAA2B;AAC3B,iDAA8B;AAC9B,0CAAuB;AACvB,gDAA6B;AAC7B,sDAAmC;AACnC,wCAAqB;AACrB,iDAA8B;AAC9B,6CAA0B;AAC1B,iDAA8B;AAC9B,4CAAyB;AACzB,wCAAqB;AACrB,yCAAsB;AACtB,4CAAyB","sourcesContent":["import { AccessLog } from './AccessLog'\nimport { Article } from './Article'\nimport { Classification } from './Classification'\nimport { Document } from './Document'\nimport { HealthElement } from './HealthElement'\nimport { Invoice } from './Invoice'\nimport { Form } from './Form'\nimport { Contact } from './Contact'\nimport { CalendarItem } from './CalendarItem'\nimport { MaintenanceTask } from './MaintenanceTask'\nimport { Message } from './Message'\nimport { Receipt } from './Receipt'\nimport { Patient } from './Patient'\nimport { Delegation } from './Delegation'\n\nexport * from './AbstractFilterCode'\nexport * from './AbstractFilterContact'\nexport * from './AbstractFilterDevice'\nexport * from './AbstractFilterHealthElement'\nexport * from './AbstractFilterHealthcareParty'\nexport * from './AbstractFilterInvoice'\nexport * from './AbstractFilterMaintenanceTask'\nexport * from './AbstractFilterPatient'\nexport * from './AbstractFilterService'\nexport * from './AbstractFilterUser'\nexport * from './AccessLog'\nexport * from './AddedDocument'\nexport * from './Address'\nexport * from './AdministrationQuantity'\nexport * from './Agenda'\nexport * from './AgreementAppendix'\nexport * from './Amp'\nexport * from './AmpComponent'\nexport * from './Ampp'\nexport * from './AmppComponent'\nexport * from './Annotation'\nexport * from './ApplicationSettings'\nexport * from './AppointmentTypeAndPlace'\nexport * from './Article'\nexport * from './Atc'\nexport * from './AttachmentMetadata'\nexport * from './AuthenticationResponse'\nexport * from './AuthenticationToken'\nexport * from './Basic'\nexport * from './Body'\nexport * from './BulkAttachmentUpdateOptions'\nexport * from './CalendarItem'\nexport * from './CalendarItemTag'\nexport * from './CalendarItemType'\nexport * from './CareTeamMember'\nexport * from './CareTeamMembership'\nexport * from './CheckSMFPatientResult'\nexport * from './Classification'\nexport * from './ClassificationTemplate'\nexport * from './Code'\nexport * from './CodeStub'\nexport * from './CodeType'\nexport * from './CommentedClassification'\nexport * from './Commercialization'\nexport * from './Company'\nexport * from './Contact'\nexport * from './Content'\nexport * from './Connection'\nexport * from './Copayment'\nexport * from './Data'\nexport * from './DataAttachment'\nexport * from './DataOwnerRegistrationSuccess'\nexport * from './DataOwnerWithType'\nexport * from './DatabaseInfo'\nexport * from './DatabaseInitialisation'\nexport * from './DatabaseSynchronization'\nexport * from './Delegation'\nexport * from './DeletedAttachment'\nexport * from './Device'\nexport * from './DeviceType'\nexport * from './DiaryNoteExportInfo'\nexport * from './Dmpp'\nexport * from './DocIdentifier'\nexport * from './Document'\nexport * from './DocumentGroup'\nexport * from './DocumentTemplate'\nexport * from './Duration'\nexport * from './EIDItem'\nexport * from './Editor'\nexport * from './EfactInvoice'\nexport * from './Employer'\nexport * from './EmploymentInfo'\nexport * from './EntityReference'\nexport * from './EntityTemplate'\nexport * from './Episode'\nexport * from './FilterChainCode'\nexport * from './FilterChainContact'\nexport * from './FilterChainDevice'\nexport * from './FilterChainHealthElement'\nexport * from './FilterChainHealthcareParty'\nexport * from './FilterChainInvoice'\nexport * from './FilterChainMaintenanceTask'\nexport * from './FilterChainPatient'\nexport * from './FilterChainService'\nexport * from './FilterChainUser'\nexport * from './FinancialInstitutionInformation'\nexport * from './FlatRateTarification'\nexport * from './FlowItem'\nexport * from './Form'\nexport * from './FormColumn'\nexport * from './FormDataOption'\nexport * from './FormLayout'\nexport * from './FormLayoutData'\nexport * from './FormPlanning'\nexport * from './FormSection'\nexport * from './FormTemplate'\nexport * from './FormTemplateLayout'\nexport * from './Formula'\nexport * from './FrontEndMigration'\nexport * from './Group'\nexport * from './GroupDatabasesInfo'\nexport * from './GuiCode'\nexport * from './GuiCodeType'\nexport * from './GroupDeletionReport'\nexport * from './HealthElement'\nexport * from './HealthcareParty'\nexport * from './HealthcarePartyHistoryStatus'\nexport * from './IcureStub'\nexport * from './IdWithRev'\nexport * from './Identifier'\nexport * from './IdentityDocumentReader'\nexport * from './ImportMapping'\nexport * from './ImportResult'\nexport * from './IncapacityExportInfo'\nexport * from './IndexingInfo'\nexport * from './Ingredient'\nexport * from './Insurability'\nexport * from './Insurance'\nexport * from './Invoice'\nexport * from './InvoiceItem'\nexport * from './InvoiceSender'\nexport * from './InvoicesBatch'\nexport * from './InvoicingCode'\nexport * from './Keyword'\nexport * from './KeywordSubword'\nexport * from './LabelledOccurence'\nexport * from './LetterValue'\nexport * from './ListOfIds'\nexport * from './ListOfProperties'\nexport * from './LoginCredentials'\nexport * from './MaintenanceTask'\nexport * from './MapOfIds'\nexport * from './Measure'\nexport * from './MedexInfo'\nexport * from './MedicalHouseContract'\nexport * from './MedicalLocation'\nexport * from './Medication'\nexport * from './MedicationSchemeExportInfo'\nexport * from './Medicinalproduct'\nexport * from './Message'\nexport * from './MessageReadStatus'\nexport * from './MessageWithBatch'\nexport * from './MessagesReadStatusUpdate'\nexport * from './MimeAttachment'\nexport * from './Nmp'\nexport * from './NoGenericPrescriptionReason'\nexport * from './NoSwitchReason'\nexport * from './NumeratorRange'\nexport * from './PackagingType'\nexport * from './PaginatedDocumentKeyIdPairObject'\nexport * from './PaginatedListAccessLog'\nexport * from './PaginatedListAmp'\nexport * from './PaginatedListClassification'\nexport * from './PaginatedListClassificationTemplate'\nexport * from './PaginatedListCode'\nexport * from './PaginatedListContact'\nexport * from './PaginatedListDevice'\nexport * from './PaginatedListDocument'\nexport * from './PaginatedListEntityTemplate'\nexport * from './PaginatedListForm'\nexport * from './PaginatedListGroup'\nexport * from './PaginatedListHealthElement'\nexport * from './PaginatedListHealthcareParty'\nexport * from './PaginatedListInvoice'\nexport * from './PaginatedListMaintenanceTask'\nexport * from './PaginatedListMessage'\nexport * from './PaginatedListNmp'\nexport * from './PaginatedListPatient'\nexport * from './PaginatedListService'\nexport * from './PaginatedListString'\nexport * from './PaginatedListTarification'\nexport * from './PaginatedListUser'\nexport * from './PaginatedListVmp'\nexport * from './PaginatedListVmpGroup'\nexport * from './Paragraph'\nexport * from './ParagraphAgreement'\nexport * from './Part'\nexport * from './Partnership'\nexport * from './Patient'\nexport * from './PatientHealthCareParty'\nexport * from './Payment'\nexport * from './Periodicity'\nexport * from './Permission'\nexport * from './PermissionItem'\nexport * from './PersonName'\nexport * from './PharmaceuticalForm'\nexport * from './PharmaceuticalFormStub'\nexport * from './Place'\nexport * from './PlanOfAction'\nexport * from './Predicate'\nexport * from './Pricing'\nexport * from './PropertyStub'\nexport * from './PropertyTypeStub'\nexport * from './PublicKey'\nexport * from './Quantity'\nexport * from './Receipt'\nexport * from './ReferralPeriod'\nexport * from './RegimenItem'\nexport * from './RegistrationInformation'\nexport * from './RegistrationSuccess'\nexport * from './Reimbursement'\nexport * from './ReimbursementCriterion'\nexport * from './Remote'\nexport * from './RemoteAuthentication'\nexport * from './Renewal'\nexport * from './Replication'\nexport * from './ReplicateCommand'\nexport * from './ReplicationInfo'\nexport * from './ReplicationStats'\nexport * from './ReplicatorDocument'\nexport * from './ReplicatorResponse'\nexport * from './ResultInfo'\nexport * from './Right'\nexport * from './RouteOfAdministration'\nexport * from './SamText'\nexport * from './SamVersion'\nexport * from './SchoolingInfo'\nexport * from './Section'\nexport * from './Service'\nexport * from './ServiceLink'\nexport * from './SoftwareMedicalFileExport'\nexport * from './StandardSubstance'\nexport * from './StrengthRange'\nexport * from './StructureElement'\nexport * from './SubContact'\nexport * from './Substance'\nexport * from './SubstanceStub'\nexport * from './Substanceproduct'\nexport * from './Suggest'\nexport * from './SumehrContent'\nexport * from './SumehrExportInfo'\nexport * from './SumehrValidity'\nexport * from './SupplyProblem'\nexport * from './Suspension'\nexport * from './Tag'\nexport * from './Tarification'\nexport * from './Telecom'\nexport * from './TimeSeries'\nexport * from './TimeTable'\nexport * from './TimeTableHour'\nexport * from './TimeTableItem'\nexport * from './TokenWithGroup'\nexport * from './TypedValueObject'\nexport * from './Unit'\nexport * from './User'\nexport * from './UserAndHealthcareParty'\nexport * from './UserGroup'\nexport * from './Valorisation'\nexport * from './Verse'\nexport * from './VirtualForm'\nexport * from './VirtualIngredient'\nexport * from './Vmp'\nexport * from './VmpComponent'\nexport * from './VmpGroup'\nexport * from './VmpGroupStub'\nexport * from './VmpStub'\nexport * from './Vtm'\nexport * from './Wada'\nexport * from './Weekday'\n\nexport type EncryptedEntity =\n | AccessLog\n | Article\n | CalendarItem\n | Classification\n | Contact\n | Document\n | Form\n | HealthElement\n | Invoice\n | MaintenanceTask\n | Message\n | Patient\n | Receipt\n\nexport type EncryptedEntityStub = {\n secretForeignKeys?: Array<string>\n cryptedForeignKeys?: { [key: string]: Delegation[] }\n delegations?: { [key: string]: Delegation[] }\n encryptionKeys?: { [key: string]: Delegation[] }\n encryptedSelf?: string\n}\n\nexport type EncryptedParentEntity = Message | Patient\n\nexport type { ISO639_1 } from './ISO639_1'\n"]}
|
|
1
|
+
{"version":3,"file":"models.js","sourceRoot":"","sources":["../../../icc-api/model/models.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAeA,uDAAoC;AACpC,0DAAuC;AACvC,yDAAsC;AACtC,gEAA6C;AAC7C,kEAA+C;AAC/C,0DAAuC;AACvC,kEAA+C;AAC/C,0DAAuC;AACvC,0DAAuC;AACvC,uDAAoC;AACpC,8CAA2B;AAC3B,kDAA+B;AAC/B,4CAAyB;AACzB,2DAAwC;AACxC,2CAAwB;AACxB,sDAAmC;AACnC,wCAAqB;AACrB,iDAA8B;AAC9B,yCAAsB;AACtB,kDAA+B;AAC/B,+CAA4B;AAC5B,wDAAqC;AACrC,4DAAyC;AACzC,4CAAyB;AACzB,wCAAqB;AACrB,uDAAoC;AACpC,2DAAwC;AACxC,wDAAqC;AACrC,0CAAuB;AACvB,yCAAsB;AACtB,gEAA6C;AAC7C,iDAA8B;AAC9B,oDAAiC;AACjC,qDAAkC;AAClC,mDAAgC;AAChC,uDAAoC;AACpC,0DAAuC;AACvC,mDAAgC;AAChC,2DAAwC;AACxC,yCAAsB;AACtB,6CAA0B;AAC1B,6CAA0B;AAC1B,4DAAyC;AACzC,sDAAmC;AACnC,4CAAyB;AACzB,4CAAyB;AACzB,4CAAyB;AACzB,+CAA4B;AAC5B,8CAA2B;AAC3B,yCAAsB;AACtB,mDAAgC;AAChC,iEAA8C;AAC9C,sDAAmC;AACnC,iDAA8B;AAC9B,2DAAwC;AACxC,4DAAyC;AACzC,+CAA4B;AAC5B,sDAAmC;AACnC,2CAAwB;AACxB,+CAA4B;AAC5B,wDAAqC;AACrC,yCAAsB;AACtB,kDAA+B;AAC/B,6CAA0B;AAC1B,kDAA+B;AAC/B,qDAAkC;AAClC,6CAA0B;AAC1B,4CAAyB;AACzB,2CAAwB;AACxB,iDAA8B;AAC9B,6CAA0B;AAC1B,mDAAgC;AAChC,oDAAiC;AACjC,mDAAgC;AAChC,4CAAyB;AACzB,oDAAiC;AACjC,uDAAoC;AACpC,sDAAmC;AACnC,6DAA0C;AAC1C,+DAA4C;AAC5C,uDAAoC;AACpC,+DAA4C;AAC5C,uDAAoC;AACpC,uDAAoC;AACpC,oDAAiC;AACjC,oEAAiD;AACjD,yDAAsC;AACtC,6CAA0B;AAC1B,yCAAsB;AACtB,+CAA4B;AAC5B,mDAAgC;AAChC,+CAA4B;AAC5B,mDAAgC;AAChC,iDAA8B;AAC9B,gDAA6B;AAC7B,iDAA8B;AAC9B,uDAAoC;AACpC,4CAAyB;AACzB,sDAAmC;AACnC,0CAAuB;AACvB,uDAAoC;AACpC,4CAAyB;AACzB,gDAA6B;AAC7B,wDAAqC;AACrC,kDAA+B;AAC/B,oDAAiC;AACjC,iEAA8C;AAC9C,8CAA2B;AAC3B,8CAA2B;AAC3B,+CAA4B;AAC5B,2DAAwC;AACxC,kDAA+B;AAC/B,iDAA8B;AAC9B,yDAAsC;AACtC,iDAA8B;AAC9B,+CAA4B;AAC5B,iDAA8B;AAC9B,8CAA2B;AAC3B,4CAAyB;AACzB,gDAA6B;AAC7B,kDAA+B;AAC/B,kDAA+B;AAC/B,kDAA+B;AAC/B,4CAAyB;AACzB,mDAAgC;AAChC,sDAAmC;AACnC,gDAA6B;AAC7B,8CAA2B;AAC3B,qDAAkC;AAClC,qDAAkC;AAClC,oDAAiC;AACjC,6CAA0B;AAC1B,4CAAyB;AACzB,8CAA2B;AAC3B,yDAAsC;AACtC,oDAAiC;AACjC,+CAA4B;AAC5B,+DAA4C;AAC5C,qDAAkC;AAClC,4CAAyB;AACzB,sDAAmC;AACnC,qDAAkC;AAClC,6DAA0C;AAC1C,mDAAgC;AAChC,wCAAqB;AACrB,gEAA6C;AAC7C,mDAAgC;AAChC,mDAAgC;AAChC,kDAA+B;AAC/B,qEAAkD;AAClD,2DAAwC;AACxC,qDAAkC;AAClC,gEAA6C;AAC7C,wEAAqD;AACrD,sDAAmC;AACnC,yDAAsC;AACtC,wDAAqC;AACrC,0DAAuC;AACvC,gEAA6C;AAC7C,sDAAmC;AACnC,uDAAoC;AACpC,+DAA4C;AAC5C,iEAA8C;AAC9C,yDAAsC;AACtC,iEAA8C;AAC9C,yDAAsC;AACtC,qDAAkC;AAClC,yDAAsC;AACtC,yDAAsC;AACtC,wDAAqC;AACrC,8DAA2C;AAC3C,sDAAmC;AACnC,qDAAkC;AAClC,0DAAuC;AACvC,8CAA2B;AAC3B,uDAAoC;AACpC,yCAAsB;AACtB,gDAA6B;AAC7B,4CAAyB;AACzB,2DAAwC;AACxC,4CAAyB;AACzB,gDAA6B;AAC7B,+CAA4B;AAC5B,mDAAgC;AAChC,+CAA4B;AAC5B,uDAAoC;AACpC,2DAAwC;AACxC,0CAAuB;AACvB,iDAA8B;AAC9B,8CAA2B;AAC3B,4CAAyB;AACzB,iDAA8B;AAC9B,qDAAkC;AAClC,8CAA2B;AAC3B,6CAA0B;AAC1B,4CAAyB;AACzB,mDAAgC;AAChC,gDAA6B;AAC7B,4DAAyC;AACzC,wDAAqC;AACrC,kDAA+B;AAC/B,2DAAwC;AACxC,2CAAwB;AACxB,yDAAsC;AACtC,4CAAyB;AACzB,gDAA6B;AAC7B,qDAAkC;AAClC,oDAAiC;AACjC,qDAAkC;AAClC,uDAAoC;AACpC,uDAAoC;AACpC,+CAA4B;AAC5B,0CAAuB;AACvB,0DAAuC;AACvC,4CAAyB;AACzB,+CAA4B;AAC5B,kDAA+B;AAC/B,4CAAyB;AACzB,4CAAyB;AACzB,gDAA6B;AAC7B,8DAA2C;AAC3C,sDAAmC;AACnC,kDAA+B;AAC/B,qDAAkC;AAClC,+CAA4B;AAC5B,8CAA2B;AAC3B,kDAA+B;AAC/B,qDAAkC;AAClC,4CAAyB;AACzB,kDAA+B;AAC/B,qDAAkC;AAClC,mDAAgC;AAChC,kDAA+B;AAC/B,+CAA4B;AAC5B,wCAAqB;AACrB,iDAA8B;AAC9B,4CAAyB;AACzB,+CAA4B;AAC5B,8CAA2B;AAC3B,kDAA+B;AAC/B,kDAA+B;AAC/B,mDAAgC;AAChC,qDAAkC;AAClC,yCAAsB;AACtB,yCAAsB;AACtB,2DAAwC;AACxC,8CAA2B;AAC3B,iDAA8B;AAC9B,0CAAuB;AACvB,gDAA6B;AAC7B,sDAAmC;AACnC,wCAAqB;AACrB,iDAA8B;AAC9B,6CAA0B;AAC1B,iDAA8B;AAC9B,4CAAyB;AACzB,wCAAqB;AACrB,yCAAsB;AACtB,4CAAyB;AACzB,oDAAiC","sourcesContent":["import { AccessLog } from './AccessLog'\nimport { Article } from './Article'\nimport { Classification } from './Classification'\nimport { Document } from './Document'\nimport { HealthElement } from './HealthElement'\nimport { Invoice } from './Invoice'\nimport { Form } from './Form'\nimport { Contact } from './Contact'\nimport { CalendarItem } from './CalendarItem'\nimport { MaintenanceTask } from './MaintenanceTask'\nimport { Message } from './Message'\nimport { Receipt } from './Receipt'\nimport { Patient } from './Patient'\nimport { Delegation } from './Delegation'\n\nexport * from './AbstractFilterCode'\nexport * from './AbstractFilterContact'\nexport * from './AbstractFilterDevice'\nexport * from './AbstractFilterHealthElement'\nexport * from './AbstractFilterHealthcareParty'\nexport * from './AbstractFilterInvoice'\nexport * from './AbstractFilterMaintenanceTask'\nexport * from './AbstractFilterPatient'\nexport * from './AbstractFilterService'\nexport * from './AbstractFilterUser'\nexport * from './AccessLog'\nexport * from './AddedDocument'\nexport * from './Address'\nexport * from './AdministrationQuantity'\nexport * from './Agenda'\nexport * from './AgreementAppendix'\nexport * from './Amp'\nexport * from './AmpComponent'\nexport * from './Ampp'\nexport * from './AmppComponent'\nexport * from './Annotation'\nexport * from './ApplicationSettings'\nexport * from './AppointmentTypeAndPlace'\nexport * from './Article'\nexport * from './Atc'\nexport * from './AttachmentMetadata'\nexport * from './AuthenticationResponse'\nexport * from './AuthenticationToken'\nexport * from './Basic'\nexport * from './Body'\nexport * from './BulkAttachmentUpdateOptions'\nexport * from './CalendarItem'\nexport * from './CalendarItemTag'\nexport * from './CalendarItemType'\nexport * from './CareTeamMember'\nexport * from './CareTeamMembership'\nexport * from './CheckSMFPatientResult'\nexport * from './Classification'\nexport * from './ClassificationTemplate'\nexport * from './Code'\nexport * from './CodeStub'\nexport * from './CodeType'\nexport * from './CommentedClassification'\nexport * from './Commercialization'\nexport * from './Company'\nexport * from './Contact'\nexport * from './Content'\nexport * from './Connection'\nexport * from './Copayment'\nexport * from './Data'\nexport * from './DataAttachment'\nexport * from './DataOwnerRegistrationSuccess'\nexport * from './DataOwnerWithType'\nexport * from './DatabaseInfo'\nexport * from './DatabaseInitialisation'\nexport * from './DatabaseSynchronization'\nexport * from './Delegation'\nexport * from './DeletedAttachment'\nexport * from './Device'\nexport * from './DeviceType'\nexport * from './DiaryNoteExportInfo'\nexport * from './Dmpp'\nexport * from './DocIdentifier'\nexport * from './Document'\nexport * from './DocumentGroup'\nexport * from './DocumentTemplate'\nexport * from './Duration'\nexport * from './EIDItem'\nexport * from './Editor'\nexport * from './EfactInvoice'\nexport * from './Employer'\nexport * from './EmploymentInfo'\nexport * from './EntityReference'\nexport * from './EntityTemplate'\nexport * from './Episode'\nexport * from './FilterChainCode'\nexport * from './FilterChainContact'\nexport * from './FilterChainDevice'\nexport * from './FilterChainHealthElement'\nexport * from './FilterChainHealthcareParty'\nexport * from './FilterChainInvoice'\nexport * from './FilterChainMaintenanceTask'\nexport * from './FilterChainPatient'\nexport * from './FilterChainService'\nexport * from './FilterChainUser'\nexport * from './FinancialInstitutionInformation'\nexport * from './FlatRateTarification'\nexport * from './FlowItem'\nexport * from './Form'\nexport * from './FormColumn'\nexport * from './FormDataOption'\nexport * from './FormLayout'\nexport * from './FormLayoutData'\nexport * from './FormPlanning'\nexport * from './FormSection'\nexport * from './FormTemplate'\nexport * from './FormTemplateLayout'\nexport * from './Formula'\nexport * from './FrontEndMigration'\nexport * from './Group'\nexport * from './GroupDatabasesInfo'\nexport * from './GuiCode'\nexport * from './GuiCodeType'\nexport * from './GroupDeletionReport'\nexport * from './HealthElement'\nexport * from './HealthcareParty'\nexport * from './HealthcarePartyHistoryStatus'\nexport * from './IcureStub'\nexport * from './IdWithRev'\nexport * from './Identifier'\nexport * from './IdentityDocumentReader'\nexport * from './ImportMapping'\nexport * from './ImportResult'\nexport * from './IncapacityExportInfo'\nexport * from './IndexingInfo'\nexport * from './Ingredient'\nexport * from './Insurability'\nexport * from './Insurance'\nexport * from './Invoice'\nexport * from './InvoiceItem'\nexport * from './InvoiceSender'\nexport * from './InvoicesBatch'\nexport * from './InvoicingCode'\nexport * from './Keyword'\nexport * from './KeywordSubword'\nexport * from './LabelledOccurence'\nexport * from './LetterValue'\nexport * from './ListOfIds'\nexport * from './ListOfProperties'\nexport * from './LoginCredentials'\nexport * from './MaintenanceTask'\nexport * from './MapOfIds'\nexport * from './Measure'\nexport * from './MedexInfo'\nexport * from './MedicalHouseContract'\nexport * from './MedicalLocation'\nexport * from './Medication'\nexport * from './MedicationSchemeExportInfo'\nexport * from './Medicinalproduct'\nexport * from './Message'\nexport * from './MessageReadStatus'\nexport * from './MessageWithBatch'\nexport * from './MessagesReadStatusUpdate'\nexport * from './MimeAttachment'\nexport * from './Nmp'\nexport * from './NoGenericPrescriptionReason'\nexport * from './NoSwitchReason'\nexport * from './NumeratorRange'\nexport * from './PackagingType'\nexport * from './PaginatedDocumentKeyIdPairObject'\nexport * from './PaginatedListAccessLog'\nexport * from './PaginatedListAmp'\nexport * from './PaginatedListClassification'\nexport * from './PaginatedListClassificationTemplate'\nexport * from './PaginatedListCode'\nexport * from './PaginatedListContact'\nexport * from './PaginatedListDevice'\nexport * from './PaginatedListDocument'\nexport * from './PaginatedListEntityTemplate'\nexport * from './PaginatedListForm'\nexport * from './PaginatedListGroup'\nexport * from './PaginatedListHealthElement'\nexport * from './PaginatedListHealthcareParty'\nexport * from './PaginatedListInvoice'\nexport * from './PaginatedListMaintenanceTask'\nexport * from './PaginatedListMessage'\nexport * from './PaginatedListNmp'\nexport * from './PaginatedListPatient'\nexport * from './PaginatedListService'\nexport * from './PaginatedListString'\nexport * from './PaginatedListTarification'\nexport * from './PaginatedListUser'\nexport * from './PaginatedListVmp'\nexport * from './PaginatedListVmpGroup'\nexport * from './Paragraph'\nexport * from './ParagraphAgreement'\nexport * from './Part'\nexport * from './Partnership'\nexport * from './Patient'\nexport * from './PatientHealthCareParty'\nexport * from './Payment'\nexport * from './Periodicity'\nexport * from './Permission'\nexport * from './PermissionItem'\nexport * from './PersonName'\nexport * from './PharmaceuticalForm'\nexport * from './PharmaceuticalFormStub'\nexport * from './Place'\nexport * from './PlanOfAction'\nexport * from './Predicate'\nexport * from './Pricing'\nexport * from './PropertyStub'\nexport * from './PropertyTypeStub'\nexport * from './PublicKey'\nexport * from './Quantity'\nexport * from './Receipt'\nexport * from './ReferralPeriod'\nexport * from './RegimenItem'\nexport * from './RegistrationInformation'\nexport * from './RegistrationSuccess'\nexport * from './Reimbursement'\nexport * from './ReimbursementCriterion'\nexport * from './Remote'\nexport * from './RemoteAuthentication'\nexport * from './Renewal'\nexport * from './Replication'\nexport * from './ReplicateCommand'\nexport * from './ReplicationInfo'\nexport * from './ReplicationStats'\nexport * from './ReplicatorDocument'\nexport * from './ReplicatorResponse'\nexport * from './ResultInfo'\nexport * from './Right'\nexport * from './RouteOfAdministration'\nexport * from './SamText'\nexport * from './SamVersion'\nexport * from './SchoolingInfo'\nexport * from './Section'\nexport * from './Service'\nexport * from './ServiceLink'\nexport * from './SoftwareMedicalFileExport'\nexport * from './StandardSubstance'\nexport * from './StrengthRange'\nexport * from './StructureElement'\nexport * from './SubContact'\nexport * from './Substance'\nexport * from './SubstanceStub'\nexport * from './Substanceproduct'\nexport * from './Suggest'\nexport * from './SumehrContent'\nexport * from './SumehrExportInfo'\nexport * from './SumehrValidity'\nexport * from './SupplyProblem'\nexport * from './Suspension'\nexport * from './Tag'\nexport * from './Tarification'\nexport * from './Telecom'\nexport * from './TimeSeries'\nexport * from './TimeTable'\nexport * from './TimeTableHour'\nexport * from './TimeTableItem'\nexport * from './TokenWithGroup'\nexport * from './TypedValueObject'\nexport * from './Unit'\nexport * from './User'\nexport * from './UserAndHealthcareParty'\nexport * from './UserGroup'\nexport * from './Valorisation'\nexport * from './Verse'\nexport * from './VirtualForm'\nexport * from './VirtualIngredient'\nexport * from './Vmp'\nexport * from './VmpComponent'\nexport * from './VmpGroup'\nexport * from './VmpGroupStub'\nexport * from './VmpStub'\nexport * from './Vtm'\nexport * from './Wada'\nexport * from './Weekday'\nexport * from './CryptoActorStub'\n\nexport type EncryptedEntity =\n | AccessLog\n | Article\n | CalendarItem\n | Classification\n | Contact\n | Document\n | Form\n | HealthElement\n | Invoice\n | MaintenanceTask\n | Message\n | Patient\n | Receipt\n\nexport type EncryptedEntityStub = {\n secretForeignKeys?: Array<string>\n cryptedForeignKeys?: { [key: string]: Delegation[] }\n delegations?: { [key: string]: Delegation[] }\n encryptionKeys?: { [key: string]: Delegation[] }\n encryptedSelf?: string\n}\n\nexport type EncryptedParentEntity = Message | Patient\n\nexport type { ISO639_1 } from './ISO639_1'\n"]}
|
|
@@ -20,7 +20,7 @@ export declare class JwtAuthService implements AuthService {
|
|
|
20
20
|
} | undefined>;
|
|
21
21
|
getAuthHeaders(): Promise<Array<Header>>;
|
|
22
22
|
private _refreshAuthJwt;
|
|
23
|
-
private
|
|
23
|
+
private _isJwtInvalidOrExpired;
|
|
24
24
|
private _base64Decode;
|
|
25
25
|
invalidateHeader(error: Error): void;
|
|
26
26
|
isInErrorState(): boolean;
|
|
@@ -36,7 +36,7 @@ class JwtAuthService {
|
|
|
36
36
|
.then((x) => {
|
|
37
37
|
const authJwt = x === null || x === void 0 ? void 0 : x.authJwt;
|
|
38
38
|
const refreshJwt = x === null || x === void 0 ? void 0 : x.refreshJwt;
|
|
39
|
-
if ((!authJwt || this.
|
|
39
|
+
if ((!authJwt || this._isJwtInvalidOrExpired(authJwt)) && refreshJwt) {
|
|
40
40
|
// If it does not have the JWT, tries to get it
|
|
41
41
|
// If the JWT is expired, tries to refresh it
|
|
42
42
|
this._currentPromise = this._refreshAuthJwt(refreshJwt).then((updatedTokens) => {
|
|
@@ -62,7 +62,7 @@ class JwtAuthService {
|
|
|
62
62
|
return __awaiter(this, void 0, void 0, function* () {
|
|
63
63
|
// If I do not have a refresh JWT or the refresh JWT is expired,
|
|
64
64
|
// I have to log in again
|
|
65
|
-
if (this.
|
|
65
|
+
if (this._isJwtInvalidOrExpired(refreshJwt)) {
|
|
66
66
|
throw Error('Missing or expired refresh token: please log in again');
|
|
67
67
|
}
|
|
68
68
|
else {
|
|
@@ -73,12 +73,13 @@ class JwtAuthService {
|
|
|
73
73
|
}
|
|
74
74
|
});
|
|
75
75
|
}
|
|
76
|
-
|
|
76
|
+
_isJwtInvalidOrExpired(jwt) {
|
|
77
77
|
const parts = jwt.split('.');
|
|
78
78
|
if (parts.length !== 3) {
|
|
79
|
-
return
|
|
79
|
+
return true;
|
|
80
80
|
}
|
|
81
81
|
const payload = this._base64Decode(parts[1]);
|
|
82
|
+
// Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.
|
|
82
83
|
return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime();
|
|
83
84
|
}
|
|
84
85
|
_base64Decode(encodedString) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JwtAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAI3C,oCAA8B;AAI9B;;GAEG;AACH,MAAa,cAAc;IAIzB,YAA6B,OAAmB,EAAE,UAAoD;QAAzE,YAAO,GAAP,OAAO,CAAY;QAHxC,WAAM,GAAiB,IAAI,CAAA;QAC3B,oBAAe,GAAiE,OAAO,CAAC,OAAO,CAAC,SAAgB,CAAC,CAAA;QAGvH,IAAI,CAAC,CAAC,UAAU,EAAE;YAChB,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;SACnD;IACH,CAAC;IAED,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAiB,CAAC,CAAA;IAC/D,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAA;IAC7G,CAAC;IAEK,cAAc;;YAClB,OAAO,IAAI,CAAC,eAAe;iBACxB,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;gBACV,MAAM,OAAO,GAAG,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,CAAA;gBAC1B,MAAM,UAAU,GAAG,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,CAAA;gBAEhC,IAAI,CAAC,CAAC,OAAO,IAAI,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"JwtAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAI3C,oCAA8B;AAI9B;;GAEG;AACH,MAAa,cAAc;IAIzB,YAA6B,OAAmB,EAAE,UAAoD;QAAzE,YAAO,GAAP,OAAO,CAAY;QAHxC,WAAM,GAAiB,IAAI,CAAA;QAC3B,oBAAe,GAAiE,OAAO,CAAC,OAAO,CAAC,SAAgB,CAAC,CAAA;QAGvH,IAAI,CAAC,CAAC,UAAU,EAAE;YAChB,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;SACnD;IACH,CAAC;IAED,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAiB,CAAC,CAAA;IAC/D,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAA;IAC7G,CAAC;IAEK,cAAc;;YAClB,OAAO,IAAI,CAAC,eAAe;iBACxB,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;gBACV,MAAM,OAAO,GAAG,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,CAAA;gBAC1B,MAAM,UAAU,GAAG,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,CAAA;gBAEhC,IAAI,CAAC,CAAC,OAAO,IAAI,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,IAAI,UAAU,EAAE;oBACpE,+CAA+C;oBAC/C,6CAA6C;oBAE7C,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE;wBAC7E,6BAA6B;wBAC7B,iCAAiC;wBACjC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;4BAC1B,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAA;yBACnF;wBAED,OAAO,aAAa,CAAA;oBACtB,CAAC,CAAC,CAAA;iBACH;qBAAM,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE;oBACxB,MAAM,IAAI,CAAC,MAAM,CAAA;iBAClB;gBACD,OAAO,IAAI,CAAC,eAAe,CAAA;YAC7B,CAAC,CAAC;iBACD,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;gBACV,OAAO,CAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,EAAC,CAAC,CAAC,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,6BAA6B,CAAC,CAAA;YAC9H,CAAC,CAAC,CAAA;QACN,CAAC;KAAA;IAEa,eAAe,CAAC,UAAkB;;YAC9C,gEAAgE;YAChE,yBAAyB;YACzB,IAAI,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,EAAE;gBAC3C,MAAM,KAAK,CAAC,uDAAuD,CAAC,CAAA;aACrE;iBAAM;gBACL,OAAO,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;oBAClF,OAAO,EAAE,eAAe,CAAC,KAAM;oBAC/B,UAAU,EAAE,UAAU;iBACvB,CAAC,CAAC,CAAA;aACJ;QACH,CAAC;KAAA;IAEO,sBAAsB,CAAC,GAAW;QACxC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC5B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;YACtB,OAAO,IAAI,CAAA;SACZ;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QAC5C,mGAAmG;QACnG,OAAO,CAAC,CAAC,KAAK,IAAI,OAAO,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;IAC5E,CAAC;IAEO,aAAa,CAAC,aAAqB;QACzC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAA,WAAG,EAAC,aAAa,CAAC,CAAC,CAAA;IACvC,CAAC;IAED,gBAAgB,CAAC,KAAY;QAC3B,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;IACrB,CAAC;IAED,cAAc;QACZ,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAA;IACtB,CAAC;CACF;AAjFD,wCAiFC","sourcesContent":["import { AuthService } from './AuthService'\nimport { XHR } from '../../icc-api/api/XHR'\nimport { IccAuthApi, OAuthThirdParty } from '../../icc-api'\nimport { LoginCredentials } from '../../icc-api/model/LoginCredentials'\nimport Header = XHR.Header\nimport { a2b } from '../utils'\nimport { AuthenticationResponse } from '../../icc-api/model/AuthenticationResponse'\nimport XHRError = XHR.XHRError\n\n/**\n * Differs from JwtBridgedAuthService in that it cannot create new refresh tokens\n */\nexport class JwtAuthService implements AuthService {\n private _error: Error | null = null\n private _currentPromise: Promise<{ authJwt: string; refreshJwt: string } | undefined> = Promise.resolve(undefined as any)\n\n constructor(private readonly authApi: IccAuthApi, initialJwt?: { authJwt: string; refreshJwt: string }) {\n if (!!initialJwt) {\n this._currentPromise = Promise.resolve(initialJwt)\n }\n }\n\n get refreshToken(): Promise<string | undefined> {\n return this._currentPromise.then((x) => x?.refreshJwt as any)\n }\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this._currentPromise.then((x) => (x ? { token: x.authJwt, refreshToken: x.refreshJwt } : undefined))\n }\n\n async getAuthHeaders(): Promise<Array<Header>> {\n return this._currentPromise\n .then((x) => {\n const authJwt = x?.authJwt\n const refreshJwt = x?.refreshJwt\n\n if ((!authJwt || this._isJwtInvalidOrExpired(authJwt)) && refreshJwt) {\n // If it does not have the JWT, tries to get it\n // If the JWT is expired, tries to refresh it\n\n this._currentPromise = this._refreshAuthJwt(refreshJwt).then((updatedTokens) => {\n // If here the token is null,\n // it goes in a suspension status\n if (!updatedTokens.authJwt) {\n throw new Error('Your iCure back-end version does not support JWT authentication')\n }\n\n return updatedTokens\n })\n } else if (!!this._error) {\n throw this._error\n }\n return this._currentPromise\n })\n .then((x) => {\n return x?.authJwt ? [new XHR.Header('Authorization', `Bearer ${x.authJwt}`)] : Promise.reject('Cannot provide auth: No JWT')\n })\n }\n\n private async _refreshAuthJwt(refreshJwt: string): Promise<{ authJwt: string; refreshJwt: string }> {\n // If I do not have a refresh JWT or the refresh JWT is expired,\n // I have to log in again\n if (this._isJwtInvalidOrExpired(refreshJwt)) {\n throw Error('Missing or expired refresh token: please log in again')\n } else {\n return this.authApi.refreshAuthenticationJWT(refreshJwt).then((refreshResponse) => ({\n authJwt: refreshResponse.token!,\n refreshJwt: refreshJwt,\n }))\n }\n }\n\n private _isJwtInvalidOrExpired(jwt: string): boolean {\n const parts = jwt.split('.')\n if (parts.length !== 3) {\n return true\n }\n const payload = this._base64Decode(parts[1])\n // Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.\n return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime()\n }\n\n private _base64Decode(encodedString: string): any {\n return JSON.parse(a2b(encodedString))\n }\n\n invalidateHeader(error: Error): void {\n this._error = error\n }\n\n isInErrorState(): boolean {\n return !!this._error\n }\n}\n"]}
|
|
@@ -23,7 +23,7 @@ export declare class JwtBridgedAuthService implements AuthService {
|
|
|
23
23
|
getAuthHeaders(): Promise<Array<Header>>;
|
|
24
24
|
private _refreshAuthJwt;
|
|
25
25
|
private _loginAndGetTokens;
|
|
26
|
-
private
|
|
26
|
+
private _isJwtInvalidOrExpired;
|
|
27
27
|
private _base64Decode;
|
|
28
28
|
invalidateHeader(error: Error): void;
|
|
29
29
|
isInErrorState(): boolean;
|
|
@@ -36,7 +36,7 @@ class JwtBridgedAuthService {
|
|
|
36
36
|
return __awaiter(this, void 0, void 0, function* () {
|
|
37
37
|
return this._currentPromise
|
|
38
38
|
.then(({ authJwt, refreshJwt }) => {
|
|
39
|
-
if (!authJwt || this.
|
|
39
|
+
if (!authJwt || this._isJwtInvalidOrExpired(authJwt)) {
|
|
40
40
|
// If it does not have the JWT, tries to get it
|
|
41
41
|
// If the JWT is expired, tries to refresh it
|
|
42
42
|
this._currentPromise = this._refreshAuthJwt(refreshJwt).then((updatedTokens) => {
|
|
@@ -62,7 +62,7 @@ class JwtBridgedAuthService {
|
|
|
62
62
|
return __awaiter(this, void 0, void 0, function* () {
|
|
63
63
|
// If I do not have a refresh JWT or the refresh JWT is expired,
|
|
64
64
|
// I have to log in again
|
|
65
|
-
if (!refreshJwt || this.
|
|
65
|
+
if (!refreshJwt || this._isJwtInvalidOrExpired(refreshJwt)) {
|
|
66
66
|
return this._loginAndGetTokens();
|
|
67
67
|
}
|
|
68
68
|
else {
|
|
@@ -112,12 +112,13 @@ class JwtBridgedAuthService {
|
|
|
112
112
|
};
|
|
113
113
|
});
|
|
114
114
|
}
|
|
115
|
-
|
|
115
|
+
_isJwtInvalidOrExpired(jwt) {
|
|
116
116
|
const parts = jwt.split('.');
|
|
117
117
|
if (parts.length !== 3) {
|
|
118
|
-
return
|
|
118
|
+
return true;
|
|
119
119
|
}
|
|
120
120
|
const payload = this._base64Decode(parts[1]);
|
|
121
|
+
// Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.
|
|
121
122
|
return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime();
|
|
122
123
|
}
|
|
123
124
|
_base64Decode(encodedString) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JwtBridgedAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtBridgedAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAE3C,2EAAuE;AAEvE,oCAA8B;AAE9B,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAE9B;;GAEG;AACH,MAAa,qBAAqB;IAIhC,YACU,OAAmB,EACnB,QAAgB,EAChB,QAAgB,EAChB,mBAAqD,EAAE;QAHvD,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,qBAAgB,GAAhB,gBAAgB,CAAuC;QAPzD,WAAM,GAAiB,IAAI,CAAA;QAC3B,oBAAe,GAAuD,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;IAO9F,CAAC;IAEJ,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAiB,CAAC,CAAA;IAC9D,CAAC;IACD,cAAc;QACZ,OAAO,IAAI,CAAC,cAAc,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,OAAQ,EAAE,YAAY,EAAE,UAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IACnJ,CAAC;IAEK,cAAc;;YAClB,OAAO,IAAI,CAAC,eAAe;iBACxB,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE;gBAChC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"JwtBridgedAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtBridgedAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAE3C,2EAAuE;AAEvE,oCAA8B;AAE9B,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAE9B;;GAEG;AACH,MAAa,qBAAqB;IAIhC,YACU,OAAmB,EACnB,QAAgB,EAChB,QAAgB,EAChB,mBAAqD,EAAE;QAHvD,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,qBAAgB,GAAhB,gBAAgB,CAAuC;QAPzD,WAAM,GAAiB,IAAI,CAAA;QAC3B,oBAAe,GAAuD,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;IAO9F,CAAC;IAEJ,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAiB,CAAC,CAAA;IAC9D,CAAC;IACD,cAAc;QACZ,OAAO,IAAI,CAAC,cAAc,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,OAAQ,EAAE,YAAY,EAAE,UAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IACnJ,CAAC;IAEK,cAAc;;YAClB,OAAO,IAAI,CAAC,eAAe;iBACxB,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE;gBAChC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,EAAE;oBACpD,+CAA+C;oBAC/C,6CAA6C;oBAE7C,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE;wBAC7E,6BAA6B;wBAC7B,iCAAiC;wBACjC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;4BAC1B,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAA;yBACnF;wBAED,OAAO,aAAa,CAAA;oBACtB,CAAC,CAAC,CAAA;iBACH;qBAAM,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE;oBACxB,MAAM,IAAI,CAAC,MAAM,CAAA;iBAClB;gBACD,OAAO,IAAI,CAAC,eAAe,CAAA;YAC7B,CAAC,CAAC;iBACD,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE;gBACpB,OAAO,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,OAAO,EAAE,CAAC,CAAC,CAAA;YAC/D,CAAC,CAAC,CAAA;QACN,CAAC;KAAA;IAEa,eAAe,CAAC,UAA8B;;YAC1D,gEAAgE;YAChE,yBAAyB;YACzB,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,EAAE;gBAC1D,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAA;aACjC;iBAAM;gBACL,OAAO,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;oBAClF,OAAO,EAAE,eAAe,CAAC,KAAK;oBAC9B,UAAU,EAAE,UAAU;iBACvB,CAAC,CAAC,CAAA;aACJ;QACH,CAAC;KAAA;IAEa,kBAAkB;;YAC9B,IAAI,YAAgD,CAAA;YACpD,IAAI,UAAgC,CAAA;YACpC,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,EAAE;gBAClC,IAAI;oBACF,YAAY,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CACrC,IAAI,mCAAgB,CAAC;wBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;qBACxB,CAAC,CACH,CAAA;iBACF;gBAAC,OAAO,CAAC,EAAE;oBACV,UAAU,GAAG,CAAa,CAAA;iBAC3B;aACF;YACD,IAAI,CAAC,YAAY,EAAE;gBACjB,YAAY,GAAG,MAAO,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAiC,CAAC,MAAM,CAAC,CAAO,GAAG,EAAE,CAAC,UAAU,EAAE,KAAK,CAAC,EAAE,EAAE;oBACpI,MAAM,IAAI,GAAG,MAAM,GAAG,CAAA;oBACtB,OAAO,CACL,IAAI,aAAJ,IAAI,cAAJ,IAAI,GACJ,CAAC,KAAK;wBACJ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;4BACnE,IAAI,CAAC,UAAU,EAAE;gCACf,UAAU,GAAG,CAAa,CAAA;6BAC3B;4BACD,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;wBAChD,CAAC,CAAC;wBACJ,CAAC,CAAC,SAAS,CAAC,CACf,CAAA;gBACH,CAAC,CAAA,EAAE,OAAO,CAAC,OAAO,EAAiD,CAAC,CAAA;aACrE;YAED,IAAI,CAAC,YAAY,EAAE;gBACjB,IAAI,UAAU;oBAAE,MAAM,UAAU,CAAA;gBAChC,MAAM,IAAI,QAAQ,CAAC,EAAE,EAAE,eAAe,EAAE,GAAG,EAAE,cAAc,EAAE,IAAI,OAAO,EAAE,CAAC,CAAA;aAC5E;YAED,OAAO;gBACL,OAAO,EAAE,YAAY,CAAC,KAAK;gBAC3B,UAAU,EAAE,YAAY,CAAC,YAAY;aACtC,CAAA;QACH,CAAC;KAAA;IAEO,sBAAsB,CAAC,GAAW;QACxC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC5B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;YACtB,OAAO,IAAI,CAAA;SACZ;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QAC5C,mGAAmG;QACnG,OAAO,CAAC,CAAC,KAAK,IAAI,OAAO,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;IAC5E,CAAC;IAEO,aAAa,CAAC,aAAqB;QACzC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAA,WAAG,EAAC,aAAa,CAAC,CAAC,CAAA;IACvC,CAAC;IAED,gBAAgB,CAAC,KAAY;QAC3B,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;IACrB,CAAC;IAED,cAAc;QACZ,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAA;IACtB,CAAC;CACF;AAzHD,sDAyHC","sourcesContent":["import { AuthService } from './AuthService'\nimport { XHR } from '../../icc-api/api/XHR'\nimport { IccAuthApi, OAuthThirdParty } from '../../icc-api'\nimport { LoginCredentials } from '../../icc-api/model/LoginCredentials'\nimport Header = XHR.Header\nimport { a2b } from '../utils'\nimport { AuthenticationResponse } from '../../icc-api/model/AuthenticationResponse'\nimport XHRError = XHR.XHRError\n\n/**\n * Differs from JwtAuthService in that it can create new refresh tokens if the old one is expired\n */\nexport class JwtBridgedAuthService implements AuthService {\n private _error: Error | null = null\n private _currentPromise: Promise<{ authJwt?: string; refreshJwt?: string }> = Promise.resolve({})\n\n constructor(\n private authApi: IccAuthApi,\n private username: string,\n private password: string,\n private thirdPartyTokens: { [thirdParty: string]: string } = {}\n ) {}\n\n get refreshToken(): Promise<string | undefined> {\n return this._currentPromise.then((x) => x.refreshJwt as any)\n }\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.getAuthHeaders().then(() => this._currentPromise.then(({ authJwt, refreshJwt }) => ({ token: authJwt!, refreshToken: refreshJwt! })))\n }\n\n async getAuthHeaders(): Promise<Array<Header>> {\n return this._currentPromise\n .then(({ authJwt, refreshJwt }) => {\n if (!authJwt || this._isJwtInvalidOrExpired(authJwt)) {\n // If it does not have the JWT, tries to get it\n // If the JWT is expired, tries to refresh it\n\n this._currentPromise = this._refreshAuthJwt(refreshJwt).then((updatedTokens) => {\n // If here the token is null,\n // it goes in a suspension status\n if (!updatedTokens.authJwt) {\n throw new Error('Your iCure back-end version does not support JWT authentication')\n }\n\n return updatedTokens\n })\n } else if (!!this._error) {\n throw this._error\n }\n return this._currentPromise\n })\n .then(({ authJwt }) => {\n return [new XHR.Header('Authorization', `Bearer ${authJwt}`)]\n })\n }\n\n private async _refreshAuthJwt(refreshJwt: string | undefined): Promise<{ authJwt?: string; refreshJwt?: string }> {\n // If I do not have a refresh JWT or the refresh JWT is expired,\n // I have to log in again\n if (!refreshJwt || this._isJwtInvalidOrExpired(refreshJwt)) {\n return this._loginAndGetTokens()\n } else {\n return this.authApi.refreshAuthenticationJWT(refreshJwt).then((refreshResponse) => ({\n authJwt: refreshResponse.token,\n refreshJwt: refreshJwt,\n }))\n }\n }\n\n private async _loginAndGetTokens(): Promise<{ authJwt?: string; refreshJwt?: string }> {\n let authResponse: AuthenticationResponse | undefined\n let firstError: XHRError | undefined\n if (this.username && this.password) {\n try {\n authResponse = await this.authApi.login(\n new LoginCredentials({\n username: this.username,\n password: this.password,\n })\n )\n } catch (e) {\n firstError = e as XHRError\n }\n }\n if (!authResponse) {\n authResponse = await (Object.entries(this.thirdPartyTokens) as [OAuthThirdParty, string][]).reduce(async (acc, [thirdParty, token]) => {\n const prev = await acc\n return (\n prev ??\n (token\n ? this.authApi.loginWithThirdPartyToken(thirdParty, token).catch((e) => {\n if (!firstError) {\n firstError = e as XHRError\n }\n return Promise.resolve() as Promise<undefined>\n })\n : undefined)\n )\n }, Promise.resolve() as Promise<AuthenticationResponse | undefined>)\n }\n\n if (!authResponse) {\n if (firstError) throw firstError\n throw new XHRError('', 'Unknown error', 401, 'Unauthorized', new Headers())\n }\n\n return {\n authJwt: authResponse.token,\n refreshJwt: authResponse.refreshToken,\n }\n }\n\n private _isJwtInvalidOrExpired(jwt: string): boolean {\n const parts = jwt.split('.')\n if (parts.length !== 3) {\n return true\n }\n const payload = this._base64Decode(parts[1])\n // Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.\n return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime()\n }\n\n private _base64Decode(encodedString: string): any {\n return JSON.parse(a2b(encodedString))\n }\n\n invalidateHeader(error: Error): void {\n this._error = error\n }\n\n isInErrorState(): boolean {\n return !!this._error\n }\n}\n"]}
|
|
@@ -40,7 +40,7 @@ class BaseExchangeKeysManager {
|
|
|
40
40
|
return __awaiter(this, void 0, void 0, function* () {
|
|
41
41
|
const delegatorId = yield this.dataOwnerApi.getCurrentDataOwnerId();
|
|
42
42
|
return yield (0, utils_1.notConcurrent)(this.generateKeyConcurrencyMap, delegatorId, () => __awaiter(this, void 0, void 0, function* () {
|
|
43
|
-
var _a, _b, _c, _d, _e, _f, _g, _h, _j;
|
|
43
|
+
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k;
|
|
44
44
|
const delegator = CryptoActorStub_1.CryptoActorStubWithType.fromDataOwner(yield this.dataOwnerApi.getCurrentDataOwner());
|
|
45
45
|
const delegate = delegatorId === delegateId ? delegator : yield this.dataOwnerApi.getCryptoActorStub(delegateId);
|
|
46
46
|
const mainDelegatorKeyPairPubHex = (0, utils_1.ua2hex)(yield this.primitives.RSA.exportKey(delegatorMainKeyPair.publicKey, 'spki'));
|
|
@@ -62,7 +62,16 @@ class BaseExchangeKeysManager {
|
|
|
62
62
|
}
|
|
63
63
|
const allPublicKeys = Object.assign(Object.assign({}, additionalPublicKeys), { [mainDelegatorKeyPairPubHex.slice(-32)]: delegatorMainKeyPair.publicKey });
|
|
64
64
|
const encryptedKeyInfo = yield this.encryptExchangeKey(exchangeKey, allPublicKeys);
|
|
65
|
-
|
|
65
|
+
let updatedDelegatorPublicKey;
|
|
66
|
+
if (delegator.stub.publicKey == '') {
|
|
67
|
+
if (Object.entries((_j = delegator.stub.hcPartyKeys) !== null && _j !== void 0 ? _j : {}).length > 0)
|
|
68
|
+
throw new Error(`Data owner ${delegator.stub.id} has "" as public key but has non-empty hcPartyKeys`);
|
|
69
|
+
updatedDelegatorPublicKey = mainDelegatorKeyPairPubHex;
|
|
70
|
+
}
|
|
71
|
+
else {
|
|
72
|
+
updatedDelegatorPublicKey = (_k = delegator.stub.publicKey) !== null && _k !== void 0 ? _k : mainDelegatorKeyPairPubHex;
|
|
73
|
+
}
|
|
74
|
+
const updatedStub = Object.assign(Object.assign({}, delegator.stub), { aesExchangeKeys: yield this.updateExchangeKeys(delegator, delegate, mainDelegatorKeyPairPubHex, encryptedKeyInfo.encryptedExchangeKey), publicKey: updatedDelegatorPublicKey });
|
|
66
75
|
if (delegator.stub.publicKey === mainDelegatorKeyPairPubHex) {
|
|
67
76
|
updatedStub.hcPartyKeys = this.updateLegacyExchangeKeys(delegator, delegate, encryptedKeyInfo.encryptedExchangeKey);
|
|
68
77
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"BaseExchangeKeysManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/BaseExchangeKeysManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,oCAAwD;AAIxD,yEAA8F;AAC9F,6EAAyE;AAEzE;;;;GAIG;AACH,MAAa,uBAAuB;IAQlC,YACE,UAA4B,EAC5B,YAA8B,EAC9B,cAA6B,EAC7B,cAA6B,EAC7B,aAA2B;QAZZ,8BAAyB,GAAwC,EAAE,CAAA;QAclF,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;QAC5B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,cAAc,GAAG,cAAc,CAAA;QACpC,IAAI,CAAC,cAAc,GAAG,cAAc,CAAA;QACpC,IAAI,CAAC,aAAa,GAAG,aAAa,CAAA;IACpC,CAAC;IAED;;;;;;;;OAQG;IACG,oCAAoC,CACxC,UAAkB,EAClB,oBAAwC,EACxC,oBAA6D;;YAK7D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YACnE,OAAO,MAAM,IAAA,qBAAa,EAAC,IAAI,CAAC,yBAAyB,EAAE,WAAW,EAAE,GAAS,EAAE;;gBACjF,MAAM,SAAS,GAAG,yCAAuB,CAAC,aAAa,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,mBAAmB,EAAE,CAAC,CAAA;gBACtG,MAAM,QAAQ,GAAG,WAAW,KAAK,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAA;gBAChH,MAAM,0BAA0B,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,oBAAoB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;gBACtH,IAAI,WAAW,GAAgD,SAAS,CAAA;gBACxE,MAAM,mBAAmB,GACvB,MAAA,MAAA,MAAA,MAAA,SAAS,CAAC,IAAI,CAAC,eAAe,0CAAG,0BAA0B,CAAC,0CAAG,UAAU,CAAC,0CAAG,0BAA0B,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,mCACnH,CAAC,0BAA0B,KAAK,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,MAAA,MAAA,SAAS,CAAC,IAAI,CAAC,WAAW,0CAAG,UAAU,CAAC,0CAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;gBACvH,IAAI,mBAAmB,EAAE;oBACvB,WAAW,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,mBAAmB,EAAE,oBAAoB,EAAE,SAAS,CAAC,CAAA;oBACxG,IAAI,CAAC,WAAW;wBACd,MAAM,IAAI,KAAK,CACb,yDAAyD,0BAA0B,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,IAAI,WAAW,KAAK,UAAU,EAAE,CAC/H,CAAA;oBACH,MAAM,sBAAsB,GAAG,MAAA,MAAA,SAAS,CAAC,IAAI,CAAC,eAAe,0CAAG,0BAA0B,CAAC,0CAAG,UAAU,CAAC,CAAA;oBACzG,IAAI,sBAAsB,EAAE;wBAC1B,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,CAAA;wBAC1D,IAAI,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,qBAAqB,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;4BAChF,OAAO;gCACL,gBAAgB,EAAE,SAAS;gCAC3B,GAAG,EAAE,WAAW,CAAC,GAAG;6BACrB,CAAA;qBACJ;iBACF;gBACD,MAAM,aAAa,mCACd,oBAAoB,KACvB,CAAC,0BAA0B,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,oBAAoB,CAAC,SAAS,GACxE,CAAA;gBACD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,WAAW,EAAE,aAAa,CAAC,CAAA;gBAClF,MAAM,WAAW,mCACZ,SAAS,CAAC,IAAI,KACjB,eAAe,EAAE,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,EAAE,QAAQ,EAAE,0BAA0B,EAAE,gBAAgB,CAAC,oBAAoB,CAAC,EACtI,SAAS,EAAE,MAAA,SAAS,CAAC,IAAI,CAAC,SAAS,mCAAI,0BAA0B,GAClE,CAAA;gBACD,IAAI,SAAS,CAAC,IAAI,CAAC,SAAS,KAAK,0BAA0B,EAAE;oBAC3D,WAAW,CAAC,WAAW,GAAG,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,QAAQ,EAAE,gBAAgB,CAAC,oBAAoB,CAAC,CAAA;iBACpH;gBACD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,CAAC;oBACrE,IAAI,EAAE,SAAS,CAAC,IAAI;oBACpB,IAAI,EAAE,WAAW;iBAClB,CAAC,CAAA;gBACF,OAAO;oBACL,GAAG,EAAE,gBAAgB,CAAC,WAAW;oBACjC,gBAAgB;iBACjB,CAAA;YACH,CAAC,CAAA,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;;;;;;OAOG;IACG,gBAAgB,CACpB,cAAsB,EACtB,qBAA6B,EAC7B,qBAA6E;;YAE7E,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC9D,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,cAAM,EAAC,qBAAqB,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;YAC5G,MAAM,IAAI,CAAC,yBAAyB,CAAC,MAAM,EAAE,cAAc,EAAE,qBAAqB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,YAAY,EAAE,qBAAqB,CAAC,CAAA;YACnI,MAAM,IAAI,CAAC,yBAAyB,CAAC,cAAc,EAAE,MAAM,EAAE,qBAAqB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,YAAY,EAAE,qBAAqB,CAAC,CAAA;QACrI,CAAC;KAAA;IAED;;;;;OAKG;IACG,2BAA2B,CAAC,WAAmB,EAAE,UAAkB;;;YACvE,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,WAAW,CAAC,CAAA;YACzE,MAAM,GAAG,GAAiD,MAAM,CAAC,MAAM,CAAC,MAAA,SAAS,CAAC,IAAI,CAAC,eAAe,mCAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,EAAE;gBACtI,MAAM,uBAAuB,GAAG,aAAa,CAAC,UAAU,CAAC,CAAA;gBACzD,IAAI,uBAAuB,EAAE;oBAC3B,OAAO,CAAC,uBAAuB,CAAC,CAAA;iBACjC;qBAAM;oBACL,OAAO,EAAE,CAAA;iBACV;YACH,CAAC,CAAC,CAAA;YACF,MAAM,gBAAgB,GAAG,MAAA,MAAA,SAAS,CAAC,IAAI,CAAC,WAAW,0CAAG,UAAU,CAAC,0CAAG,CAAC,CAAC,CAAA;YACtE,IAAI,gBAAgB;gBAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,gBAAgB,EAAE,CAAC,CAAA;YACxD,OAAO,GAAG,CAAA;;KACX;IAED;;;;;OAKG;IACG,sBAAsB,CAC1B,WAAmB,EACnB,eAAoC;;YAKpC,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAA;YACvF,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;gBACpC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,qCAAiB,CAAC,GAAG,CAAC;oBACtD,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,6BAA6B,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC;oBAChF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvB,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,qCAAiB,CAAC,OAAO,CAAC;oBAC1D,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,oCAAoC,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC;oBACvF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvB,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,qCAAiB,CAAC,MAAM,CAAC;oBACzD,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,mCAAmC,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC;oBACrF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;aACxB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,8CAAK,CAAC,GAAK,CAAC,GAAK,CAAC,CAA0F,CAAA,CAAC,CAAA;YACrI,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,WAAW,CAAC,CAAA;YACzE,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,uCAAuC,CAAC,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,CAAA;YAClG,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAC/B,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAO,GAAG,EAAE,OAAO,EAAE,EAAE;gBAClH,MAAM,UAAU,GAAG,MAAM,GAAG,CAAA;gBAC5B,IAAI,OAAO,KAAK,WAAW,EAAE;oBAC3B,OAAO,CAAC,GAAG,UAAU,EAAE,OAAO,CAAC,CAAA;iBAChC;qBAAM;oBACL,MAAM,aAAa,GAAsB,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAA;oBACnG,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,aAAa,CAAC,EAAE;wBACpD,OAAO,CAAC,GAAG,UAAU,EAAE,OAAO,CAAC,CAAA;qBAChC;;wBAAM,OAAO,UAAU,CAAA;iBACzB;YACH,CAAC,CAAA,EAAE,OAAO,CAAC,OAAO,CAAC,EAAc,CAAC,CAAC,CACpC,CAAA;YACD,MAAM,aAAa,GAAG,MAAM,CAAC,WAAW,CACtC,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC;iBACzB,GAAG,CAAC,CAAC,CAAC,eAAe,EAAE,cAAc,CAAC,EAAE,EAAE,CAAC;gBAC1C,eAAe;gBACf,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAwC,CAClI;aACF,CAAC;iBACD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAyD,CACxG,CAAA;YACD,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,CAAA;QACvC,CAAC;KAAA;IAED;;;;;OAKG;IACG,sBAAsB,CAC1B,qBAAmE,EACnE,qBAA6E;;YAK7E,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAA;YAC9B,MAAM,GAAG,GAGL,EAAE,qBAAqB,EAAE,EAAE,EAAE,iBAAiB,EAAE,EAAE,EAAE,CAAA;YACxD,KAAK,MAAM,oBAAoB,IAAI,qBAAqB,EAAE;gBACxD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,oBAAoB,EAAE,qBAAqB,CAAC,CAAA;gBAC/F,IAAI,SAAS,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE;oBACvD,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;oBACvB,GAAG,CAAC,qBAAqB,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;iBAC9C;qBAAM;oBACL,GAAG,CAAC,iBAAiB,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAA;iBACjD;aACF;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEa,yBAAyB,CACrC,WAAmB,EACnB,UAAkB,EAClB,cAAsB,EACtB,YAAuB,EACvB,+BAAuF;;YAEvF,MAAM,IAAA,qBAAa,EAAC,IAAI,CAAC,yBAAyB,EAAE,WAAW,EAAE,GAAS,EAAE;gBAC1E,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,WAAW,CAAC,CAAA;gBACzE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAA;gBACvE,IAAI,gBAAgB,GAAG,KAAK,CAAA;gBAC5B,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,uCAAuC,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA;gBACtG,MAAM,mBAAmB,GAAsF,EAAE,CAAA;gBACjH,MAAM,iBAAiB,GAAG,EAAE,CAAC,cAAc,CAAC,EAAE,YAAY,EAAE,CAAA;gBAC5D,KAAK,MAAM,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE;oBAClF,MAAM,sBAAsB,GAA0D,EAAE,CAAA;oBACxF,KAAK,MAAM,CAAC,cAAc,EAAE,gBAAgB,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAAE;wBACpF,IAAI,UAAU,KAAK,cAAc,IAAI,cAAc,IAAI,gBAAgB,EAAE;4BACvE,sBAAsB,CAAC,cAAc,CAAC,GAAG,gBAAgB,CAAA;yBAC1D;6BAAM;4BACL,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,gBAAgB,EAAE,+BAA+B,CAAC,CAAA;4BACrG,IAAI,SAAS,EAAE;gCACb,gBAAgB,GAAG,IAAI,CAAA;gCACvB,sBAAsB,CAAC,cAAc,CAAC,mCACjC,gBAAgB,GAChB,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC,CAAC,oBAAoB,CACtF,CAAA;6BACF;iCAAM;gCACL,sBAAsB,CAAC,cAAc,CAAC,GAAG,gBAAgB,CAAA;6BAC1D;yBACF;qBACF;oBACD,mBAAmB,CAAC,gBAAgB,CAAC,GAAG,sBAAsB,CAAA;iBAC/D;gBACD,IAAI,gBAAgB,EAAE;oBACpB,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,CAAC;wBAC5C,IAAI,EAAE,SAAS,CAAC,IAAI;wBACpB,IAAI,kCACC,SAAS,CAAC,IAAI,KACjB,eAAe,EAAE,mBAAmB,GACrC;qBACF,CAAC,CAAA;iBACH;YACH,CAAC,CAAA,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;;;;;OAMG;IACW,qBAAqB,CACjC,oBAAgE,EAChE,qBAA6E;;YAE7E,KAAK,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE;gBACxE,kHAAkH;gBAClH,MAAM,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;gBAC9B,MAAM,OAAO,GAAG,qBAAqB,CAAC,EAAE,CAAC,CAAA;gBACzC,IAAI,OAAO,KAAK,SAAS,EAAE;oBACzB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,SAAS,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;oBACxE,IAAI,GAAG,KAAK,SAAS;wBAAE,OAAO,GAAG,CAAA;iBAClC;aACF;YACD,MAAM,mBAAmB,GAAG,oBAAoB,CAAC,EAAE,CAAC,CAAA;YACpD,IAAI,mBAAmB,KAAK,SAAS,EAAE;gBACrC,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAE;oBAC1D,oEAAoE;oBACpE,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,mBAAmB,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;oBACzF,IAAI,GAAG,KAAK,SAAS;wBAAE,OAAO,GAAG,CAAA;iBAClC;aACF;YACD,OAAO,SAAS,CAAA;QAClB,CAAC;KAAA;IAED;;;;;OAKG;IACW,kBAAkB,CAC9B,WAAwD,EACxD,UAAmD;;;YAKnD,MAAM,iBAAiB,GAAG,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,mCAAI,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAA;YAClG,MAAM,gBAAgB,GAAG,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,IAAA,cAAM,EAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAA;YAC5I,MAAM,oBAAoB,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,MAAM,CAClE,CAAO,GAAG,EAAE,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE;gBAAC,OAAA,iCAChC,CAAC,MAAM,GAAG,CAAC,KACd,CAAC,SAAS,CAAC,EAAE,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,UAAU,CAAC,gBAAgB,CAAC,CAAC,CAAC,IACjG,CAAA;cAAA,EACF,OAAO,CAAC,OAAO,CAAC,EAAoC,CAAC,CACtD,CAAA;YACD,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,CAAA;;KAChE;IAED;;;;;;;;;OASG;IACW,yBAAyB,CACrC,iBAAyB,EACzB,OAA2B,EAC3B,SAA6B,CAAC,iGAAiG;;;YAE/H,IAAI;gBACF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,IAAA,cAAM,EAAC,iBAAiB,CAAC,CAAC,CAAA;gBAClG,OAAO,EAAE,GAAG,EAAE,IAAA,cAAM,EAAC,SAAS,CAAC,EAAE,GAAG,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,EAAE,SAAS,CAAC,EAAE,CAAA;aAC9F;YAAC,OAAO,CAAC,EAAE;gBACV,IAAI,SAAS,EAAE;oBACb,OAAO,CAAC,KAAK,CAAC,4CAA4C,iBAAiB,+BAA+B,SAAS,GAAG,EAAE,CAAC,CAAC,CAAA;iBAC3H;aACF;QACH,CAAC;KAAA;IAEO,wBAAwB,CAC9B,SAAkC,EAClC,QAAiC,EACjC,eAAyC;;QAEzC,MAAM,2BAA2B,GAAG,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACpH,MAAM,0BAA0B,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACjH,IAAI,2BAA2B,IAAI,0BAA0B,EAAE;YAC7D,uCACK,CAAC,MAAA,SAAS,CAAC,IAAI,CAAC,WAAW,mCAAI,EAAE,CAAC,KACrC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAG,CAAC,EAAE,CAAC,2BAA2B,EAAE,0BAA0B,CAAC,IAC/E;SACF;;YAAM,OAAO,SAAS,CAAC,IAAI,CAAC,WAAW,CAAA;IAC1C,CAAC;IAEa,kBAAkB,CAC9B,SAAkC,EAClC,QAAiC,EACjC,0BAAkC,EAClC,eAAyC;;;YAEzC,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,uCAAuC,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA;YACjH,OAAO,IAAI,CAAC,sCAAsC,iCAC7C,uBAAuB,KAC1B,CAAC,0BAA0B,CAAC,kCACvB,CAAC,MAAA,uBAAuB,CAAC,0BAA0B,CAAC,mCAAI,EAAE,CAAC,KAC9D,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAG,CAAC,kCACd,CAAC,MAAA,MAAA,uBAAuB,CAAC,0BAA0B,CAAC,0CAAG,QAAQ,CAAC,IAAI,CAAC,EAAG,CAAC,mCAAI,EAAE,CAAC,GAChF,eAAe,QAGtB,CAAA;;KACH;IAED,mEAAmE;IACrD,uCAAuC,CACnD,KAAsB,EACtB,QAAqC;;;YAErC,MAAM,oBAAoB,GAAG,KAAK,CAAC,SAAS,CAAA;YAC5C,IAAI,oBAAoB,IAAI,CAAC,CAAC,MAAA,KAAK,CAAC,eAAe,mCAAI,EAAE,CAAC,CAAC,oBAAoB,CAAC,EAAE;gBAChF;;;;mBAIG;gBACH,MAAM,8BAA8B,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,KAAK,CAAC,WAAW,mCAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,KAAK,CAAC,EAAE,IAAI,CAAC,MAAK,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,CAAA,CAAC,CAAA;gBAC/H,MAAM,gBAAgB,GAAG;oBACvB,KAAK;oBACL,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC/B,GAAG,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,GAAG,CAAC,CAAO,IAAI,EAAE,EAAE,gDAAC,OAAA,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAA,GAAA,CAAC,CAAC,CAAC;iBACpI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,SAAS,EAAE,EAAE;oBAC1B,GAAG,CAAC,SAAS,CAAC,EAAG,CAAC,GAAG,SAAS,CAAA;oBAC9B,OAAO,GAAG,CAAA;gBACZ,CAAC,EAAE,EAAuC,CAAC,CAAA;gBAC3C,uBACE,CAAC,oBAAoB,CAAC,EAAE,MAAM,CAAC,OAAO,CAAC,MAAA,KAAK,CAAC,WAAW,mCAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,EAAE,IAAI,CAAC,EAAE,EAAE;;wBAC5F,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,MAAA,MAAA,MAAA,gBAAgB,CAAC,KAAK,CAAC,0CAAE,SAAS,0CAAE,KAAK,CAAC,CAAC,EAAE,CAAC,mCAAI,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAA;wBAC5H,OAAO,GAAG,CAAA;oBACZ,CAAC,EAAE,EAAiE,CAAC,IAClE,CAAC,MAAA,KAAK,CAAC,eAAe,mCAAI,EAAE,CAAC,EACjC;aACF;;gBAAM,OAAO,MAAA,KAAK,CAAC,eAAe,mCAAI,EAAE,CAAA;;KAC1C;IAEO,sCAAsC,CAAC,eAE9C;QACC,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,eAAe,EAAE,YAAY,CAAC,EAAE,EAAE,CAAC;YACvE,eAAe;YACf,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC;gBAC7D,UAAU;gBACV,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC;aAC5H,CAAC,CACH;SACF,CAAC,CACH,CAAA;IACH,CAAC;CACF;AAlaD,0DAkaC","sourcesContent":["import { KeyPair } from './RSA'\nimport { hex2ua, notConcurrent, ua2hex } from '../utils'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { IccDeviceApi, IccHcpartyApi, IccPatientApi } from '../../icc-api'\nimport { CryptoActorStub, CryptoActorStubWithType } from '../../icc-api/model/CryptoActorStub'\nimport { DataOwnerTypeEnum } from '../../icc-api/model/DataOwnerTypeEnum'\n\n/**\n * @internal This class is meant only for internal use and may be changed without notice.\n * Functions to create and get exchange keys.\n * The methods of this api require to pass the appropriate keys for encryption/decryption manually.\n */\nexport class BaseExchangeKeysManager {\n private readonly generateKeyConcurrencyMap: { [key: string]: PromiseLike<any> } = {}\n private readonly primitives: CryptoPrimitives\n private readonly dataOwnerApi: IccDataOwnerXApi\n private readonly hcpartyBaseApi: IccHcpartyApi\n private readonly patientBaseApi: IccPatientApi\n private readonly deviceBaseApi: IccDeviceApi\n\n constructor(\n primitives: CryptoPrimitives,\n dataOwnerApi: IccDataOwnerXApi,\n hcpartyBaseApi: IccHcpartyApi,\n patientBaseApi: IccPatientApi,\n deviceBaseApi: IccDeviceApi\n ) {\n this.primitives = primitives\n this.dataOwnerApi = dataOwnerApi\n this.hcpartyBaseApi = hcpartyBaseApi\n this.patientBaseApi = patientBaseApi\n this.deviceBaseApi = deviceBaseApi\n }\n\n /**\n * Creates a new exchange key from the current data owner to a delegate, or updates an existing one allowing additional public keys to access it.\n * @param delegateId the delegate data owner id.\n * @param delegatorMainKeyPair main key pair for the delegator. The private key will be used for the decryption of the existing key in case of\n * update, and the public key will be used as entry key of the aesExchangeKey map\n * @param additionalPublicKeys all public keys of key pairs other than {@link delegatorMainKeyPair} that need to have access to the exchange key.\n * Can be a mix of crypto keys and full hex-encoded spki format (no fingerprints).\n * @return the exchange key for the delegator-delegate-delegatorKey triple (new or existing) and the updated delegator.\n */\n async createOrUpdateEncryptedExchangeKeyTo(\n delegateId: string,\n delegatorMainKeyPair: KeyPair<CryptoKey>,\n additionalPublicKeys: { [keyFingerprint: string]: CryptoKey }\n ): Promise<{\n updatedDelegator: CryptoActorStubWithType\n key: CryptoKey\n }> {\n const delegatorId = await this.dataOwnerApi.getCurrentDataOwnerId()\n return await notConcurrent(this.generateKeyConcurrencyMap, delegatorId, async () => {\n const delegator = CryptoActorStubWithType.fromDataOwner(await this.dataOwnerApi.getCurrentDataOwner())\n const delegate = delegatorId === delegateId ? delegator : await this.dataOwnerApi.getCryptoActorStub(delegateId)\n const mainDelegatorKeyPairPubHex = ua2hex(await this.primitives.RSA.exportKey(delegatorMainKeyPair.publicKey, 'spki'))\n let exchangeKey: { raw: string; key: CryptoKey } | undefined = undefined\n const existingExchangeKey =\n delegator.stub.aesExchangeKeys?.[mainDelegatorKeyPairPubHex]?.[delegateId]?.[mainDelegatorKeyPairPubHex.slice(-32)] ??\n (mainDelegatorKeyPairPubHex === delegator.stub.publicKey ? delegator.stub.hcPartyKeys?.[delegateId]?.[0] : undefined)\n if (existingExchangeKey) {\n exchangeKey = await this.tryDecryptExchangeKeyWith(existingExchangeKey, delegatorMainKeyPair, undefined)\n if (!exchangeKey)\n throw new Error(\n `Failed to decrypt existing exchange key for update of ${mainDelegatorKeyPairPubHex.slice(-32)}@${delegatorId}->${delegateId}`\n )\n const existingAesExchangeKey = delegator.stub.aesExchangeKeys?.[mainDelegatorKeyPairPubHex]?.[delegateId]\n if (existingAesExchangeKey) {\n const existingPublicKeysSet = new Set(existingExchangeKey)\n if (Object.keys(additionalPublicKeys).every((fp) => existingPublicKeysSet.has(fp)))\n return {\n updatedDelegator: delegator,\n key: exchangeKey.key,\n }\n }\n }\n const allPublicKeys = {\n ...additionalPublicKeys,\n [mainDelegatorKeyPairPubHex.slice(-32)]: delegatorMainKeyPair.publicKey,\n }\n const encryptedKeyInfo = await this.encryptExchangeKey(exchangeKey, allPublicKeys)\n const updatedStub: CryptoActorStub = {\n ...delegator.stub,\n aesExchangeKeys: await this.updateExchangeKeys(delegator, delegate, mainDelegatorKeyPairPubHex, encryptedKeyInfo.encryptedExchangeKey),\n publicKey: delegator.stub.publicKey ?? mainDelegatorKeyPairPubHex,\n }\n if (delegator.stub.publicKey === mainDelegatorKeyPairPubHex) {\n updatedStub.hcPartyKeys = this.updateLegacyExchangeKeys(delegator, delegate, encryptedKeyInfo.encryptedExchangeKey)\n }\n const updatedDelegator = await this.dataOwnerApi.modifyCryptoActorStub({\n type: delegator.type,\n stub: updatedStub,\n })\n return {\n key: encryptedKeyInfo.exchangeKey,\n updatedDelegator,\n }\n })\n }\n\n /**\n * Updates the aes exchange keys between the current data owner and another data owner to allow the other data owner to access the exchange key\n * using his new public key. Note that this will make existing exchange keys from the other data owner to the current data owner invalid for\n * encryption.\n * @param otherDataOwner the other data owner.\n * @param newDataOwnerPublicKey a new public key of the other data owner.\n * @param keyPairsByFingerprint all available key pairs to use for the decryption of existing aes exchange keys.\n */\n async giveAccessBackTo(\n otherDataOwner: string,\n newDataOwnerPublicKey: string,\n keyPairsByFingerprint: { [publicKeyFingerprint: string]: KeyPair<CryptoKey> }\n ) {\n const selfId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const newPublicKey = await this.primitives.RSA.importKey('spki', hex2ua(newDataOwnerPublicKey), ['encrypt'])\n await this.extendForGiveAccessBackTo(selfId, otherDataOwner, newDataOwnerPublicKey.slice(-32), newPublicKey, keyPairsByFingerprint)\n await this.extendForGiveAccessBackTo(otherDataOwner, selfId, newDataOwnerPublicKey.slice(-32), newPublicKey, keyPairsByFingerprint)\n }\n\n /**\n * Get the encrypted exchange keys for a delegator-delegate pair.\n * @param delegatorId id of the delegator data owner.\n * @param delegateId id of the delegate data owner.\n * @return an array of exchange keys from the delegator to delegate where each key is encrypted with one or more public keys.\n */\n async getEncryptedExchangeKeysFor(delegatorId: string, delegateId: string): Promise<{ [publicKeyFingerprint: string]: string }[]> {\n const delegator = await this.dataOwnerApi.getCryptoActorStub(delegatorId)\n const res: { [publicKeyFingerprint: string]: string }[] = Object.values(delegator.stub.aesExchangeKeys ?? {}).flatMap((delegateToKey) => {\n const encryptedKeyForDelegate = delegateToKey[delegateId]\n if (encryptedKeyForDelegate) {\n return [encryptedKeyForDelegate]\n } else {\n return []\n }\n })\n const legacyDelegation = delegator.stub.hcPartyKeys?.[delegateId]?.[1]\n if (legacyDelegation) res.push({ '': legacyDelegation })\n return res\n }\n\n /**\n * Get all exchange keys where the provided data owner is involved either as the delegator or as the delegate.\n * @param dataOwnerId id of a data owner.\n * @param otherOwnerTypes only exchange keys between the current data owner and data owners of this type will be included in the result.\n * @return all exchange keys involving the provided data owner. Note that there may be an overlap between some keys to and from the data owner.\n */\n async getAllExchangeKeysWith(\n dataOwnerId: string,\n otherOwnerTypes: DataOwnerTypeEnum[]\n ): Promise<{\n keysToOwner: { [delegatorId: string]: { [delegatorFp: string]: { [entryFp: string]: string } } }\n keysFromOwner: { [delegatorFp: string]: { [delegateId: string]: { [entryFp: string]: string } } }\n }> {\n if (otherOwnerTypes.length === 0) throw new Error('otherOwnerTypes must not be empty!')\n const keysToOwner = await Promise.all([\n otherOwnerTypes.find((x) => x === DataOwnerTypeEnum.Hcp)\n ? this.hcpartyBaseApi.getAesExchangeKeysForDelegate(dataOwnerId).catch(() => {})\n : Promise.resolve({}),\n otherOwnerTypes.find((x) => x === DataOwnerTypeEnum.Patient)\n ? this.patientBaseApi.getPatientAesExchangeKeysForDelegate(dataOwnerId).catch(() => {})\n : Promise.resolve({}),\n otherOwnerTypes.find((x) => x === DataOwnerTypeEnum.Device)\n ? this.deviceBaseApi.getDeviceAesExchangeKeysForDelegate(dataOwnerId).catch(() => {})\n : Promise.resolve({}),\n ]).then(([a, b, c]) => ({ ...a, ...b, ...c } as { [delegatorId: string]: { [delegatorFp: string]: { [entryFp: string]: string } } }))\n const dataOwner = await this.dataOwnerApi.getCryptoActorStub(dataOwnerId)\n const allOwnerKeys = await this.combineLegacyHcpKeysWithAesExchangeKeys(dataOwner.stub, undefined)\n const filteredDelegates = new Set(\n await Array.from(new Set(Object.values(allOwnerKeys).flatMap((x) => Object.keys(x)))).reduce(async (acc, ownerId) => {\n const awaitedAcc = await acc\n if (ownerId === dataOwnerId) {\n return [...awaitedAcc, ownerId]\n } else {\n const dataOwnerType: DataOwnerTypeEnum = (await this.dataOwnerApi.getCryptoActorStub(ownerId)).type\n if (otherOwnerTypes.some((x) => x === dataOwnerType)) {\n return [...awaitedAcc, ownerId]\n } else return awaitedAcc\n }\n }, Promise.resolve([] as string[]))\n )\n const keysFromOwner = Object.fromEntries(\n Object.entries(allOwnerKeys)\n .map(([delegatorPubKey, delegateToKeys]) => [\n delegatorPubKey,\n Object.fromEntries(\n Object.entries(delegateToKeys).filter(([delegateId]) => filteredDelegates.has(delegateId)) as [string, { [k: string]: string }][]\n ),\n ])\n .filter(([, x]) => Object.keys(x).length > 0) as [string, { [k: string]: { [k: string]: string } }][]\n )\n return { keysToOwner, keysFromOwner }\n }\n\n /**\n * Attempts to decrypt many exchange keys using any of the provided key pairs.\n * @param encryptedExchangeKeys an array of exchange keys where each key is encrypted with one or more public keys.\n * @param keyPairsByFingerprint rsa key pairs to use for decryption.\n * @return an array all successfully decrypted exchange keys and an array containing all exchange keys which could not be decrypted.\n */\n async tryDecryptExchangeKeys(\n encryptedExchangeKeys: { [publicKeyFingerprint: string]: string }[],\n keyPairsByFingerprint: { [publicKeyFingerprint: string]: KeyPair<CryptoKey> }\n ): Promise<{\n successfulDecryptions: CryptoKey[]\n failedDecryptions: { [publicKeyFingerprint: string]: string }[]\n }> {\n const raws = new Set<string>()\n const res: {\n successfulDecryptions: CryptoKey[]\n failedDecryptions: { [publicKeyFingerprint: string]: string }[]\n } = { successfulDecryptions: [], failedDecryptions: [] }\n for (const encryptedExchangeKey of encryptedExchangeKeys) {\n const decrypted = await this.tryDecryptExchangeKey(encryptedExchangeKey, keyPairsByFingerprint)\n if (decrypted !== undefined && !raws.has(decrypted.raw)) {\n raws.add(decrypted.raw)\n res.successfulDecryptions.push(decrypted.key)\n } else {\n res.failedDecryptions.push(encryptedExchangeKey)\n }\n }\n return res\n }\n\n private async extendForGiveAccessBackTo(\n delegatorId: string,\n delegateId: string,\n newPublicKeyFp: string,\n newPublicKey: CryptoKey,\n decryptionKeyPairsByFingerprint: { [publicKeyFingerprint: string]: KeyPair<CryptoKey> }\n ) {\n await notConcurrent(this.generateKeyConcurrencyMap, delegatorId, async () => {\n const delegator = await this.dataOwnerApi.getCryptoActorStub(delegatorId)\n const delegate = await this.dataOwnerApi.getCryptoActorStub(delegateId)\n let didUpdateSomeKey = false\n const combinedKeys = await this.combineLegacyHcpKeysWithAesExchangeKeys(delegator.stub, delegate.stub)\n const updatedExchangeKeys: { [delegatorKey: string]: { [delegateId: string]: { [keyFp: string]: string } } } = {}\n const newEncryptionKeys = { [newPublicKeyFp]: newPublicKey }\n for (const [currDelegatorKey, currDelegatesToKeys] of Object.entries(combinedKeys)) {\n const updatedDelegatesToKeys: { [delegateId: string]: { [keyFp: string]: string } } = {}\n for (const [currDelegateId, currEncryptedKey] of Object.entries(currDelegatesToKeys)) {\n if (delegateId !== currDelegateId || newPublicKeyFp in currEncryptedKey) {\n updatedDelegatesToKeys[currDelegateId] = currEncryptedKey\n } else {\n const decrypted = await this.tryDecryptExchangeKey(currEncryptedKey, decryptionKeyPairsByFingerprint)\n if (decrypted) {\n didUpdateSomeKey = true\n updatedDelegatesToKeys[currDelegateId] = {\n ...currEncryptedKey,\n ...(await this.encryptExchangeKey(decrypted, newEncryptionKeys)).encryptedExchangeKey,\n }\n } else {\n updatedDelegatesToKeys[currDelegateId] = currEncryptedKey\n }\n }\n }\n updatedExchangeKeys[currDelegatorKey] = updatedDelegatesToKeys\n }\n if (didUpdateSomeKey) {\n await this.dataOwnerApi.modifyCryptoActorStub({\n type: delegator.type,\n stub: {\n ...delegator.stub,\n aesExchangeKeys: updatedExchangeKeys,\n },\n })\n }\n })\n }\n\n /**\n * Attempts to decrypt an exchange key using any of the provided key pairs.\n * @param encryptedExchangeKey an encrypted exchange key, in the form publicKeyXyzFingerprint -> hex(exchangeKeyEncryptedByPrivateKeyXyz).\n * @param keyPairsByFingerprint rsa key pairs to use for decryption.\n * @return the decrypted exchange key, in raw and key format (to allow deduplication), or undefined if the key could not be decrypted using the\n * provided keys.\n */\n private async tryDecryptExchangeKey(\n encryptedExchangeKey: { [publicKeyFingerprint: string]: string },\n keyPairsByFingerprint: { [publicKeyFingerprint: string]: KeyPair<CryptoKey> }\n ): Promise<{ raw: string; key: CryptoKey } | undefined> {\n for (const [entryKey, encrypted] of Object.entries(encryptedExchangeKey)) {\n // Due to bugs in past version the entry may actually contain the full public key instead of just the fingerprint.\n const fp = entryKey.slice(-32)\n const keyPair = keyPairsByFingerprint[fp]\n if (keyPair !== undefined) {\n const res = await this.tryDecryptExchangeKeyWith(encrypted, keyPair, fp)\n if (res !== undefined) return res\n }\n }\n const defaultEncryptedKey = encryptedExchangeKey['']\n if (defaultEncryptedKey !== undefined) {\n for (const keyPair of Object.values(keyPairsByFingerprint)) {\n // disable error logging, we are not sure keyPair is the correct key\n const res = await this.tryDecryptExchangeKeyWith(defaultEncryptedKey, keyPair, undefined)\n if (res !== undefined) return res\n }\n }\n return undefined\n }\n\n /**\n * Creates an encrypted exchange key for the provided public keys.\n * @param exchangeKey the exchange key in raw and imported format. If undefined a new key will be automatically created.\n * @param publicKeys additional public keys that will have access to the exchange key in spki format, hex-encoded.\n * @return the exchangeKey and an object with the exchange key encrypted with each of the provided public keys, hex-encoded, by fingerprint.\n */\n private async encryptExchangeKey(\n exchangeKey: { raw: string; key: CryptoKey } | undefined,\n publicKeys: { [keyFingerprint: string]: CryptoKey }\n ): Promise<{\n exchangeKey: CryptoKey\n encryptedExchangeKey: { [pubKeyFp: string]: string }\n }> {\n const exchangeKeyCrypto = exchangeKey?.key ?? (await this.primitives.AES.generateCryptoKey(false))\n const exchangeKeyBytes = exchangeKey !== undefined ? hex2ua(exchangeKey.raw) : await this.primitives.AES.exportKey(exchangeKeyCrypto, 'raw')\n const encryptedExchangeKey = await Object.entries(publicKeys).reduce(\n async (acc, [currKeyFp, currKey]) => ({\n ...(await acc),\n [currKeyFp]: ua2hex(await this.primitives.RSA.encrypt(currKey, new Uint8Array(exchangeKeyBytes))),\n }),\n Promise.resolve({} as { [pubKeyFp: string]: string })\n )\n return { exchangeKey: exchangeKeyCrypto, encryptedExchangeKey }\n }\n\n /**\n * Attempts to decrypt an exchange key using the provided key pairs.\n * If you are confident that the provided {@link keyPair} was used to encrypt {@link encryptedByOneKey} you should also provide {@link keyPairFp},\n * so that if the decryption fail an error will be logged to console before returning undefined.\n * @param encryptedByOneKey an exchange key which may be encrypted with {@link keyPair}.\n * @param keyPair an rsa key pair.\n * @param keyPairFp the fingerprint of the provided key pair or undefined to disable logging of error if the decryption failed.\n * @return the decrypted exchange key, in raw and key format (to allow deduplication), or undefined if the key could not be decrypted using the\n * provided key.\n */\n private async tryDecryptExchangeKeyWith(\n encryptedByOneKey: string,\n keyPair: KeyPair<CryptoKey>,\n keyPairFp: string | undefined // if undefined will not log errors, when we are not sure the key to be used is the provided key.\n ): Promise<{ raw: string; key: CryptoKey } | undefined> {\n try {\n const decrypted = await this.primitives.RSA.decrypt(keyPair.privateKey, hex2ua(encryptedByOneKey))\n return { raw: ua2hex(decrypted), key: await this.primitives.AES.importKey('raw', decrypted) }\n } catch (e) {\n if (keyPairFp) {\n console.error(`Failed to decrypt or import exchange key ${encryptedByOneKey} using key with fingerprint ${keyPairFp}.`, e)\n }\n }\n }\n\n private updateLegacyExchangeKeys(\n delegator: CryptoActorStubWithType,\n delegate: CryptoActorStubWithType,\n encryptedKeyMap: { [fp: string]: string }\n ): { [delegateId: string]: string[] } | undefined {\n const legacyEncryptedKeyDelegator = delegator.stub.publicKey ? encryptedKeyMap[delegator.stub.publicKey] : undefined\n const legacyEncryptedKeyDelegate = delegate.stub.publicKey ? encryptedKeyMap[delegate.stub.publicKey] : undefined\n if (legacyEncryptedKeyDelegator && legacyEncryptedKeyDelegate) {\n return {\n ...(delegator.stub.hcPartyKeys ?? {}),\n [delegate.stub.id!]: [legacyEncryptedKeyDelegator, legacyEncryptedKeyDelegate],\n }\n } else return delegator.stub.hcPartyKeys\n }\n\n private async updateExchangeKeys(\n delegator: CryptoActorStubWithType,\n delegate: CryptoActorStubWithType,\n mainDelegatorKeyPairPubHex: string,\n encryptedKeyMap: { [fp: string]: string }\n ): Promise<{ [ownerPublicKey: string]: { [delegateId: string]: { [fingerprint: string]: string } } }> {\n const combinedAesExchangeKeys = await this.combineLegacyHcpKeysWithAesExchangeKeys(delegator.stub, delegate.stub)\n return this.fixAesExchangeKeyEntriesToFingerprints({\n ...combinedAesExchangeKeys,\n [mainDelegatorKeyPairPubHex]: {\n ...(combinedAesExchangeKeys[mainDelegatorKeyPairPubHex] ?? {}),\n [delegate.stub.id!]: {\n ...(combinedAesExchangeKeys[mainDelegatorKeyPairPubHex]?.[delegate.stub.id!] ?? {}),\n ...encryptedKeyMap,\n },\n },\n })\n }\n\n // Copy all legacy hcp exchange keys into the new aes exchange keys\n private async combineLegacyHcpKeysWithAesExchangeKeys(\n owner: CryptoActorStub,\n delegate: CryptoActorStub | undefined\n ): Promise<{ [ownerPublicKey: string]: { [delegateId: string]: { [fingerprint: string]: string } } }> {\n const ownerLegacyPublicKey = owner.publicKey\n if (ownerLegacyPublicKey && !(owner.aesExchangeKeys ?? {})[ownerLegacyPublicKey]) {\n /*\n * This condition would technically prevent new updates to the hcPartyKeys to be migrated to the aes exchange keys, but since I can only update\n * data for self data owner and parent entities this is not an issue, because I will always be using the new api from now on and I won't have\n * a situation where the legacy keys are updated but the aes exchange keys are not.\n */\n const unknownDataOwnerCounterPartIds = Object.keys(owner.hcPartyKeys ?? {}).filter((x) => x !== owner.id && x !== delegate?.id)\n const counterPartsById = [\n owner,\n ...(delegate ? [delegate] : []),\n ...(await Promise.all(unknownDataOwnerCounterPartIds.map(async (cpid) => (await this.dataOwnerApi.getCryptoActorStub(cpid)).stub))),\n ].reduce((acc, dataOwner) => {\n acc[dataOwner.id!] = dataOwner\n return acc\n }, {} as { [id: string]: CryptoActorStub })\n return {\n [ownerLegacyPublicKey]: Object.entries(owner.hcPartyKeys ?? {}).reduce((acc, [hcpId, keys]) => {\n acc[hcpId] = { [ownerLegacyPublicKey.slice(-32)]: keys[0], [counterPartsById[hcpId]?.publicKey?.slice(-32) ?? '']: keys[1] }\n return acc\n }, {} as { [delegateId: string]: { [fingerprint: string]: string } }),\n ...(owner.aesExchangeKeys ?? {}),\n }\n } else return owner.aesExchangeKeys ?? {}\n }\n\n private fixAesExchangeKeyEntriesToFingerprints(aesExchangeKeys: {\n [delegatorPubKey: string]: { [delegateId: string]: { [pubKeyFp: string]: string } }\n }): { [delegatorPubKey: string]: { [delegateId: string]: { [pubKeyFp: string]: string } } } {\n return Object.fromEntries(\n Object.entries(aesExchangeKeys).map(([delegatorPubKey, allDelegates]) => [\n delegatorPubKey,\n Object.fromEntries(\n Object.entries(allDelegates).map(([delegateId, keyEntries]) => [\n delegateId,\n Object.fromEntries(Object.entries(keyEntries).map(([publicKey, encryptedValue]) => [publicKey.slice(-32), encryptedValue])),\n ])\n ),\n ])\n )\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"BaseExchangeKeysManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/BaseExchangeKeysManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,oCAAwD;AAIxD,yEAA8F;AAC9F,6EAAyE;AAEzE;;;;GAIG;AACH,MAAa,uBAAuB;IAQlC,YACE,UAA4B,EAC5B,YAA8B,EAC9B,cAA6B,EAC7B,cAA6B,EAC7B,aAA2B;QAZZ,8BAAyB,GAAwC,EAAE,CAAA;QAclF,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;QAC5B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,cAAc,GAAG,cAAc,CAAA;QACpC,IAAI,CAAC,cAAc,GAAG,cAAc,CAAA;QACpC,IAAI,CAAC,aAAa,GAAG,aAAa,CAAA;IACpC,CAAC;IAED;;;;;;;;OAQG;IACG,oCAAoC,CACxC,UAAkB,EAClB,oBAAwC,EACxC,oBAA6D;;YAK7D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YACnE,OAAO,MAAM,IAAA,qBAAa,EAAC,IAAI,CAAC,yBAAyB,EAAE,WAAW,EAAE,GAAS,EAAE;;gBACjF,MAAM,SAAS,GAAG,yCAAuB,CAAC,aAAa,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,mBAAmB,EAAE,CAAC,CAAA;gBACtG,MAAM,QAAQ,GAAG,WAAW,KAAK,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAA;gBAChH,MAAM,0BAA0B,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,oBAAoB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;gBACtH,IAAI,WAAW,GAAgD,SAAS,CAAA;gBACxE,MAAM,mBAAmB,GACvB,MAAA,MAAA,MAAA,MAAA,SAAS,CAAC,IAAI,CAAC,eAAe,0CAAG,0BAA0B,CAAC,0CAAG,UAAU,CAAC,0CAAG,0BAA0B,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,mCACnH,CAAC,0BAA0B,KAAK,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,MAAA,MAAA,SAAS,CAAC,IAAI,CAAC,WAAW,0CAAG,UAAU,CAAC,0CAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;gBACvH,IAAI,mBAAmB,EAAE;oBACvB,WAAW,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,mBAAmB,EAAE,oBAAoB,EAAE,SAAS,CAAC,CAAA;oBACxG,IAAI,CAAC,WAAW;wBACd,MAAM,IAAI,KAAK,CACb,yDAAyD,0BAA0B,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,IAAI,WAAW,KAAK,UAAU,EAAE,CAC/H,CAAA;oBACH,MAAM,sBAAsB,GAAG,MAAA,MAAA,SAAS,CAAC,IAAI,CAAC,eAAe,0CAAG,0BAA0B,CAAC,0CAAG,UAAU,CAAC,CAAA;oBACzG,IAAI,sBAAsB,EAAE;wBAC1B,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,CAAA;wBAC1D,IAAI,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,qBAAqB,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;4BAChF,OAAO;gCACL,gBAAgB,EAAE,SAAS;gCAC3B,GAAG,EAAE,WAAW,CAAC,GAAG;6BACrB,CAAA;qBACJ;iBACF;gBACD,MAAM,aAAa,mCACd,oBAAoB,KACvB,CAAC,0BAA0B,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,oBAAoB,CAAC,SAAS,GACxE,CAAA;gBACD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,WAAW,EAAE,aAAa,CAAC,CAAA;gBAClF,IAAI,yBAAiC,CAAA;gBACrC,IAAI,SAAS,CAAC,IAAI,CAAC,SAAS,IAAI,EAAE,EAAE;oBAClC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAA,SAAS,CAAC,IAAI,CAAC,WAAW,mCAAI,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC;wBAC7D,MAAM,IAAI,KAAK,CAAC,cAAc,SAAS,CAAC,IAAI,CAAC,EAAE,qDAAqD,CAAC,CAAA;oBACvG,yBAAyB,GAAG,0BAA0B,CAAA;iBACvD;qBAAM;oBACL,yBAAyB,GAAG,MAAA,SAAS,CAAC,IAAI,CAAC,SAAS,mCAAI,0BAA0B,CAAA;iBACnF;gBACD,MAAM,WAAW,mCACZ,SAAS,CAAC,IAAI,KACjB,eAAe,EAAE,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,EAAE,QAAQ,EAAE,0BAA0B,EAAE,gBAAgB,CAAC,oBAAoB,CAAC,EACtI,SAAS,EAAE,yBAAyB,GACrC,CAAA;gBACD,IAAI,SAAS,CAAC,IAAI,CAAC,SAAS,KAAK,0BAA0B,EAAE;oBAC3D,WAAW,CAAC,WAAW,GAAG,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,QAAQ,EAAE,gBAAgB,CAAC,oBAAoB,CAAC,CAAA;iBACpH;gBACD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,CAAC;oBACrE,IAAI,EAAE,SAAS,CAAC,IAAI;oBACpB,IAAI,EAAE,WAAW;iBAClB,CAAC,CAAA;gBACF,OAAO;oBACL,GAAG,EAAE,gBAAgB,CAAC,WAAW;oBACjC,gBAAgB;iBACjB,CAAA;YACH,CAAC,CAAA,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;;;;;;OAOG;IACG,gBAAgB,CACpB,cAAsB,EACtB,qBAA6B,EAC7B,qBAA6E;;YAE7E,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC9D,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,cAAM,EAAC,qBAAqB,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;YAC5G,MAAM,IAAI,CAAC,yBAAyB,CAAC,MAAM,EAAE,cAAc,EAAE,qBAAqB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,YAAY,EAAE,qBAAqB,CAAC,CAAA;YACnI,MAAM,IAAI,CAAC,yBAAyB,CAAC,cAAc,EAAE,MAAM,EAAE,qBAAqB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,YAAY,EAAE,qBAAqB,CAAC,CAAA;QACrI,CAAC;KAAA;IAED;;;;;OAKG;IACG,2BAA2B,CAAC,WAAmB,EAAE,UAAkB;;;YACvE,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,WAAW,CAAC,CAAA;YACzE,MAAM,GAAG,GAAiD,MAAM,CAAC,MAAM,CAAC,MAAA,SAAS,CAAC,IAAI,CAAC,eAAe,mCAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,EAAE;gBACtI,MAAM,uBAAuB,GAAG,aAAa,CAAC,UAAU,CAAC,CAAA;gBACzD,IAAI,uBAAuB,EAAE;oBAC3B,OAAO,CAAC,uBAAuB,CAAC,CAAA;iBACjC;qBAAM;oBACL,OAAO,EAAE,CAAA;iBACV;YACH,CAAC,CAAC,CAAA;YACF,MAAM,gBAAgB,GAAG,MAAA,MAAA,SAAS,CAAC,IAAI,CAAC,WAAW,0CAAG,UAAU,CAAC,0CAAG,CAAC,CAAC,CAAA;YACtE,IAAI,gBAAgB;gBAAE,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,gBAAgB,EAAE,CAAC,CAAA;YACxD,OAAO,GAAG,CAAA;;KACX;IAED;;;;;OAKG;IACG,sBAAsB,CAC1B,WAAmB,EACnB,eAAoC;;YAKpC,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAA;YACvF,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;gBACpC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,qCAAiB,CAAC,GAAG,CAAC;oBACtD,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,6BAA6B,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC;oBAChF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvB,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,qCAAiB,CAAC,OAAO,CAAC;oBAC1D,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,oCAAoC,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC;oBACvF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvB,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,qCAAiB,CAAC,MAAM,CAAC;oBACzD,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,mCAAmC,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC;oBACrF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;aACxB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,8CAAK,CAAC,GAAK,CAAC,GAAK,CAAC,CAA0F,CAAA,CAAC,CAAA;YACrI,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,WAAW,CAAC,CAAA;YACzE,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,uCAAuC,CAAC,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,CAAA;YAClG,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAC/B,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAO,GAAG,EAAE,OAAO,EAAE,EAAE;gBAClH,MAAM,UAAU,GAAG,MAAM,GAAG,CAAA;gBAC5B,IAAI,OAAO,KAAK,WAAW,EAAE;oBAC3B,OAAO,CAAC,GAAG,UAAU,EAAE,OAAO,CAAC,CAAA;iBAChC;qBAAM;oBACL,MAAM,aAAa,GAAsB,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAA;oBACnG,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,aAAa,CAAC,EAAE;wBACpD,OAAO,CAAC,GAAG,UAAU,EAAE,OAAO,CAAC,CAAA;qBAChC;;wBAAM,OAAO,UAAU,CAAA;iBACzB;YACH,CAAC,CAAA,EAAE,OAAO,CAAC,OAAO,CAAC,EAAc,CAAC,CAAC,CACpC,CAAA;YACD,MAAM,aAAa,GAAG,MAAM,CAAC,WAAW,CACtC,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC;iBACzB,GAAG,CAAC,CAAC,CAAC,eAAe,EAAE,cAAc,CAAC,EAAE,EAAE,CAAC;gBAC1C,eAAe;gBACf,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAwC,CAClI;aACF,CAAC;iBACD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAyD,CACxG,CAAA;YACD,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,CAAA;QACvC,CAAC;KAAA;IAED;;;;;OAKG;IACG,sBAAsB,CAC1B,qBAAmE,EACnE,qBAA6E;;YAK7E,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAA;YAC9B,MAAM,GAAG,GAGL,EAAE,qBAAqB,EAAE,EAAE,EAAE,iBAAiB,EAAE,EAAE,EAAE,CAAA;YACxD,KAAK,MAAM,oBAAoB,IAAI,qBAAqB,EAAE;gBACxD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,oBAAoB,EAAE,qBAAqB,CAAC,CAAA;gBAC/F,IAAI,SAAS,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE;oBACvD,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;oBACvB,GAAG,CAAC,qBAAqB,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;iBAC9C;qBAAM;oBACL,GAAG,CAAC,iBAAiB,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAA;iBACjD;aACF;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEa,yBAAyB,CACrC,WAAmB,EACnB,UAAkB,EAClB,cAAsB,EACtB,YAAuB,EACvB,+BAAuF;;YAEvF,MAAM,IAAA,qBAAa,EAAC,IAAI,CAAC,yBAAyB,EAAE,WAAW,EAAE,GAAS,EAAE;gBAC1E,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,WAAW,CAAC,CAAA;gBACzE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAA;gBACvE,IAAI,gBAAgB,GAAG,KAAK,CAAA;gBAC5B,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,uCAAuC,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA;gBACtG,MAAM,mBAAmB,GAAsF,EAAE,CAAA;gBACjH,MAAM,iBAAiB,GAAG,EAAE,CAAC,cAAc,CAAC,EAAE,YAAY,EAAE,CAAA;gBAC5D,KAAK,MAAM,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE;oBAClF,MAAM,sBAAsB,GAA0D,EAAE,CAAA;oBACxF,KAAK,MAAM,CAAC,cAAc,EAAE,gBAAgB,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAAE;wBACpF,IAAI,UAAU,KAAK,cAAc,IAAI,cAAc,IAAI,gBAAgB,EAAE;4BACvE,sBAAsB,CAAC,cAAc,CAAC,GAAG,gBAAgB,CAAA;yBAC1D;6BAAM;4BACL,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,gBAAgB,EAAE,+BAA+B,CAAC,CAAA;4BACrG,IAAI,SAAS,EAAE;gCACb,gBAAgB,GAAG,IAAI,CAAA;gCACvB,sBAAsB,CAAC,cAAc,CAAC,mCACjC,gBAAgB,GAChB,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC,CAAC,oBAAoB,CACtF,CAAA;6BACF;iCAAM;gCACL,sBAAsB,CAAC,cAAc,CAAC,GAAG,gBAAgB,CAAA;6BAC1D;yBACF;qBACF;oBACD,mBAAmB,CAAC,gBAAgB,CAAC,GAAG,sBAAsB,CAAA;iBAC/D;gBACD,IAAI,gBAAgB,EAAE;oBACpB,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,CAAC;wBAC5C,IAAI,EAAE,SAAS,CAAC,IAAI;wBACpB,IAAI,kCACC,SAAS,CAAC,IAAI,KACjB,eAAe,EAAE,mBAAmB,GACrC;qBACF,CAAC,CAAA;iBACH;YACH,CAAC,CAAA,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;;;;;OAMG;IACW,qBAAqB,CACjC,oBAAgE,EAChE,qBAA6E;;YAE7E,KAAK,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE;gBACxE,kHAAkH;gBAClH,MAAM,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;gBAC9B,MAAM,OAAO,GAAG,qBAAqB,CAAC,EAAE,CAAC,CAAA;gBACzC,IAAI,OAAO,KAAK,SAAS,EAAE;oBACzB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,SAAS,EAAE,OAAO,EAAE,EAAE,CAAC,CAAA;oBACxE,IAAI,GAAG,KAAK,SAAS;wBAAE,OAAO,GAAG,CAAA;iBAClC;aACF;YACD,MAAM,mBAAmB,GAAG,oBAAoB,CAAC,EAAE,CAAC,CAAA;YACpD,IAAI,mBAAmB,KAAK,SAAS,EAAE;gBACrC,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAE;oBAC1D,oEAAoE;oBACpE,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,mBAAmB,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;oBACzF,IAAI,GAAG,KAAK,SAAS;wBAAE,OAAO,GAAG,CAAA;iBAClC;aACF;YACD,OAAO,SAAS,CAAA;QAClB,CAAC;KAAA;IAED;;;;;OAKG;IACW,kBAAkB,CAC9B,WAAwD,EACxD,UAAmD;;;YAKnD,MAAM,iBAAiB,GAAG,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,mCAAI,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAA;YAClG,MAAM,gBAAgB,GAAG,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,IAAA,cAAM,EAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAA;YAC5I,MAAM,oBAAoB,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,MAAM,CAClE,CAAO,GAAG,EAAE,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE;gBAAC,OAAA,iCAChC,CAAC,MAAM,GAAG,CAAC,KACd,CAAC,SAAS,CAAC,EAAE,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,UAAU,CAAC,gBAAgB,CAAC,CAAC,CAAC,IACjG,CAAA;cAAA,EACF,OAAO,CAAC,OAAO,CAAC,EAAoC,CAAC,CACtD,CAAA;YACD,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,CAAA;;KAChE;IAED;;;;;;;;;OASG;IACW,yBAAyB,CACrC,iBAAyB,EACzB,OAA2B,EAC3B,SAA6B,CAAC,iGAAiG;;;YAE/H,IAAI;gBACF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,IAAA,cAAM,EAAC,iBAAiB,CAAC,CAAC,CAAA;gBAClG,OAAO,EAAE,GAAG,EAAE,IAAA,cAAM,EAAC,SAAS,CAAC,EAAE,GAAG,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,EAAE,SAAS,CAAC,EAAE,CAAA;aAC9F;YAAC,OAAO,CAAC,EAAE;gBACV,IAAI,SAAS,EAAE;oBACb,OAAO,CAAC,KAAK,CAAC,4CAA4C,iBAAiB,+BAA+B,SAAS,GAAG,EAAE,CAAC,CAAC,CAAA;iBAC3H;aACF;QACH,CAAC;KAAA;IAEO,wBAAwB,CAC9B,SAAkC,EAClC,QAAiC,EACjC,eAAyC;;QAEzC,MAAM,2BAA2B,GAAG,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACpH,MAAM,0BAA0B,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACjH,IAAI,2BAA2B,IAAI,0BAA0B,EAAE;YAC7D,uCACK,CAAC,MAAA,SAAS,CAAC,IAAI,CAAC,WAAW,mCAAI,EAAE,CAAC,KACrC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAG,CAAC,EAAE,CAAC,2BAA2B,EAAE,0BAA0B,CAAC,IAC/E;SACF;;YAAM,OAAO,SAAS,CAAC,IAAI,CAAC,WAAW,CAAA;IAC1C,CAAC;IAEa,kBAAkB,CAC9B,SAAkC,EAClC,QAAiC,EACjC,0BAAkC,EAClC,eAAyC;;;YAEzC,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,uCAAuC,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA;YACjH,OAAO,IAAI,CAAC,sCAAsC,iCAC7C,uBAAuB,KAC1B,CAAC,0BAA0B,CAAC,kCACvB,CAAC,MAAA,uBAAuB,CAAC,0BAA0B,CAAC,mCAAI,EAAE,CAAC,KAC9D,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAG,CAAC,kCACd,CAAC,MAAA,MAAA,uBAAuB,CAAC,0BAA0B,CAAC,0CAAG,QAAQ,CAAC,IAAI,CAAC,EAAG,CAAC,mCAAI,EAAE,CAAC,GAChF,eAAe,QAGtB,CAAA;;KACH;IAED,mEAAmE;IACrD,uCAAuC,CACnD,KAAsB,EACtB,QAAqC;;;YAErC,MAAM,oBAAoB,GAAG,KAAK,CAAC,SAAS,CAAA;YAC5C,IAAI,oBAAoB,IAAI,CAAC,CAAC,MAAA,KAAK,CAAC,eAAe,mCAAI,EAAE,CAAC,CAAC,oBAAoB,CAAC,EAAE;gBAChF;;;;mBAIG;gBACH,MAAM,8BAA8B,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,KAAK,CAAC,WAAW,mCAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,KAAK,CAAC,EAAE,IAAI,CAAC,MAAK,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,CAAA,CAAC,CAAA;gBAC/H,MAAM,gBAAgB,GAAG;oBACvB,KAAK;oBACL,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC/B,GAAG,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,GAAG,CAAC,CAAO,IAAI,EAAE,EAAE,gDAAC,OAAA,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAA,GAAA,CAAC,CAAC,CAAC;iBACpI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,SAAS,EAAE,EAAE;oBAC1B,GAAG,CAAC,SAAS,CAAC,EAAG,CAAC,GAAG,SAAS,CAAA;oBAC9B,OAAO,GAAG,CAAA;gBACZ,CAAC,EAAE,EAAuC,CAAC,CAAA;gBAC3C,uBACE,CAAC,oBAAoB,CAAC,EAAE,MAAM,CAAC,OAAO,CAAC,MAAA,KAAK,CAAC,WAAW,mCAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,EAAE,IAAI,CAAC,EAAE,EAAE;;wBAC5F,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,MAAA,MAAA,MAAA,gBAAgB,CAAC,KAAK,CAAC,0CAAE,SAAS,0CAAE,KAAK,CAAC,CAAC,EAAE,CAAC,mCAAI,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAA;wBAC5H,OAAO,GAAG,CAAA;oBACZ,CAAC,EAAE,EAAiE,CAAC,IAClE,CAAC,MAAA,KAAK,CAAC,eAAe,mCAAI,EAAE,CAAC,EACjC;aACF;;gBAAM,OAAO,MAAA,KAAK,CAAC,eAAe,mCAAI,EAAE,CAAA;;KAC1C;IAEO,sCAAsC,CAAC,eAE9C;QACC,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,eAAe,EAAE,YAAY,CAAC,EAAE,EAAE,CAAC;YACvE,eAAe;YACf,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC;gBAC7D,UAAU;gBACV,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC;aAC5H,CAAC,CACH;SACF,CAAC,CACH,CAAA;IACH,CAAC;CACF;AA1aD,0DA0aC","sourcesContent":["import { KeyPair } from './RSA'\nimport { hex2ua, notConcurrent, ua2hex } from '../utils'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { IccDeviceApi, IccHcpartyApi, IccPatientApi } from '../../icc-api'\nimport { CryptoActorStub, CryptoActorStubWithType } from '../../icc-api/model/CryptoActorStub'\nimport { DataOwnerTypeEnum } from '../../icc-api/model/DataOwnerTypeEnum'\n\n/**\n * @internal This class is meant only for internal use and may be changed without notice.\n * Functions to create and get exchange keys.\n * The methods of this api require to pass the appropriate keys for encryption/decryption manually.\n */\nexport class BaseExchangeKeysManager {\n private readonly generateKeyConcurrencyMap: { [key: string]: PromiseLike<any> } = {}\n private readonly primitives: CryptoPrimitives\n private readonly dataOwnerApi: IccDataOwnerXApi\n private readonly hcpartyBaseApi: IccHcpartyApi\n private readonly patientBaseApi: IccPatientApi\n private readonly deviceBaseApi: IccDeviceApi\n\n constructor(\n primitives: CryptoPrimitives,\n dataOwnerApi: IccDataOwnerXApi,\n hcpartyBaseApi: IccHcpartyApi,\n patientBaseApi: IccPatientApi,\n deviceBaseApi: IccDeviceApi\n ) {\n this.primitives = primitives\n this.dataOwnerApi = dataOwnerApi\n this.hcpartyBaseApi = hcpartyBaseApi\n this.patientBaseApi = patientBaseApi\n this.deviceBaseApi = deviceBaseApi\n }\n\n /**\n * Creates a new exchange key from the current data owner to a delegate, or updates an existing one allowing additional public keys to access it.\n * @param delegateId the delegate data owner id.\n * @param delegatorMainKeyPair main key pair for the delegator. The private key will be used for the decryption of the existing key in case of\n * update, and the public key will be used as entry key of the aesExchangeKey map\n * @param additionalPublicKeys all public keys of key pairs other than {@link delegatorMainKeyPair} that need to have access to the exchange key.\n * Can be a mix of crypto keys and full hex-encoded spki format (no fingerprints).\n * @return the exchange key for the delegator-delegate-delegatorKey triple (new or existing) and the updated delegator.\n */\n async createOrUpdateEncryptedExchangeKeyTo(\n delegateId: string,\n delegatorMainKeyPair: KeyPair<CryptoKey>,\n additionalPublicKeys: { [keyFingerprint: string]: CryptoKey }\n ): Promise<{\n updatedDelegator: CryptoActorStubWithType\n key: CryptoKey\n }> {\n const delegatorId = await this.dataOwnerApi.getCurrentDataOwnerId()\n return await notConcurrent(this.generateKeyConcurrencyMap, delegatorId, async () => {\n const delegator = CryptoActorStubWithType.fromDataOwner(await this.dataOwnerApi.getCurrentDataOwner())\n const delegate = delegatorId === delegateId ? delegator : await this.dataOwnerApi.getCryptoActorStub(delegateId)\n const mainDelegatorKeyPairPubHex = ua2hex(await this.primitives.RSA.exportKey(delegatorMainKeyPair.publicKey, 'spki'))\n let exchangeKey: { raw: string; key: CryptoKey } | undefined = undefined\n const existingExchangeKey =\n delegator.stub.aesExchangeKeys?.[mainDelegatorKeyPairPubHex]?.[delegateId]?.[mainDelegatorKeyPairPubHex.slice(-32)] ??\n (mainDelegatorKeyPairPubHex === delegator.stub.publicKey ? delegator.stub.hcPartyKeys?.[delegateId]?.[0] : undefined)\n if (existingExchangeKey) {\n exchangeKey = await this.tryDecryptExchangeKeyWith(existingExchangeKey, delegatorMainKeyPair, undefined)\n if (!exchangeKey)\n throw new Error(\n `Failed to decrypt existing exchange key for update of ${mainDelegatorKeyPairPubHex.slice(-32)}@${delegatorId}->${delegateId}`\n )\n const existingAesExchangeKey = delegator.stub.aesExchangeKeys?.[mainDelegatorKeyPairPubHex]?.[delegateId]\n if (existingAesExchangeKey) {\n const existingPublicKeysSet = new Set(existingExchangeKey)\n if (Object.keys(additionalPublicKeys).every((fp) => existingPublicKeysSet.has(fp)))\n return {\n updatedDelegator: delegator,\n key: exchangeKey.key,\n }\n }\n }\n const allPublicKeys = {\n ...additionalPublicKeys,\n [mainDelegatorKeyPairPubHex.slice(-32)]: delegatorMainKeyPair.publicKey,\n }\n const encryptedKeyInfo = await this.encryptExchangeKey(exchangeKey, allPublicKeys)\n let updatedDelegatorPublicKey: string\n if (delegator.stub.publicKey == '') {\n if (Object.entries(delegator.stub.hcPartyKeys ?? {}).length > 0)\n throw new Error(`Data owner ${delegator.stub.id} has \"\" as public key but has non-empty hcPartyKeys`)\n updatedDelegatorPublicKey = mainDelegatorKeyPairPubHex\n } else {\n updatedDelegatorPublicKey = delegator.stub.publicKey ?? mainDelegatorKeyPairPubHex\n }\n const updatedStub: CryptoActorStub = {\n ...delegator.stub,\n aesExchangeKeys: await this.updateExchangeKeys(delegator, delegate, mainDelegatorKeyPairPubHex, encryptedKeyInfo.encryptedExchangeKey),\n publicKey: updatedDelegatorPublicKey,\n }\n if (delegator.stub.publicKey === mainDelegatorKeyPairPubHex) {\n updatedStub.hcPartyKeys = this.updateLegacyExchangeKeys(delegator, delegate, encryptedKeyInfo.encryptedExchangeKey)\n }\n const updatedDelegator = await this.dataOwnerApi.modifyCryptoActorStub({\n type: delegator.type,\n stub: updatedStub,\n })\n return {\n key: encryptedKeyInfo.exchangeKey,\n updatedDelegator,\n }\n })\n }\n\n /**\n * Updates the aes exchange keys between the current data owner and another data owner to allow the other data owner to access the exchange key\n * using his new public key. Note that this will make existing exchange keys from the other data owner to the current data owner invalid for\n * encryption.\n * @param otherDataOwner the other data owner.\n * @param newDataOwnerPublicKey a new public key of the other data owner.\n * @param keyPairsByFingerprint all available key pairs to use for the decryption of existing aes exchange keys.\n */\n async giveAccessBackTo(\n otherDataOwner: string,\n newDataOwnerPublicKey: string,\n keyPairsByFingerprint: { [publicKeyFingerprint: string]: KeyPair<CryptoKey> }\n ) {\n const selfId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const newPublicKey = await this.primitives.RSA.importKey('spki', hex2ua(newDataOwnerPublicKey), ['encrypt'])\n await this.extendForGiveAccessBackTo(selfId, otherDataOwner, newDataOwnerPublicKey.slice(-32), newPublicKey, keyPairsByFingerprint)\n await this.extendForGiveAccessBackTo(otherDataOwner, selfId, newDataOwnerPublicKey.slice(-32), newPublicKey, keyPairsByFingerprint)\n }\n\n /**\n * Get the encrypted exchange keys for a delegator-delegate pair.\n * @param delegatorId id of the delegator data owner.\n * @param delegateId id of the delegate data owner.\n * @return an array of exchange keys from the delegator to delegate where each key is encrypted with one or more public keys.\n */\n async getEncryptedExchangeKeysFor(delegatorId: string, delegateId: string): Promise<{ [publicKeyFingerprint: string]: string }[]> {\n const delegator = await this.dataOwnerApi.getCryptoActorStub(delegatorId)\n const res: { [publicKeyFingerprint: string]: string }[] = Object.values(delegator.stub.aesExchangeKeys ?? {}).flatMap((delegateToKey) => {\n const encryptedKeyForDelegate = delegateToKey[delegateId]\n if (encryptedKeyForDelegate) {\n return [encryptedKeyForDelegate]\n } else {\n return []\n }\n })\n const legacyDelegation = delegator.stub.hcPartyKeys?.[delegateId]?.[1]\n if (legacyDelegation) res.push({ '': legacyDelegation })\n return res\n }\n\n /**\n * Get all exchange keys where the provided data owner is involved either as the delegator or as the delegate.\n * @param dataOwnerId id of a data owner.\n * @param otherOwnerTypes only exchange keys between the current data owner and data owners of this type will be included in the result.\n * @return all exchange keys involving the provided data owner. Note that there may be an overlap between some keys to and from the data owner.\n */\n async getAllExchangeKeysWith(\n dataOwnerId: string,\n otherOwnerTypes: DataOwnerTypeEnum[]\n ): Promise<{\n keysToOwner: { [delegatorId: string]: { [delegatorFp: string]: { [entryFp: string]: string } } }\n keysFromOwner: { [delegatorFp: string]: { [delegateId: string]: { [entryFp: string]: string } } }\n }> {\n if (otherOwnerTypes.length === 0) throw new Error('otherOwnerTypes must not be empty!')\n const keysToOwner = await Promise.all([\n otherOwnerTypes.find((x) => x === DataOwnerTypeEnum.Hcp)\n ? this.hcpartyBaseApi.getAesExchangeKeysForDelegate(dataOwnerId).catch(() => {})\n : Promise.resolve({}),\n otherOwnerTypes.find((x) => x === DataOwnerTypeEnum.Patient)\n ? this.patientBaseApi.getPatientAesExchangeKeysForDelegate(dataOwnerId).catch(() => {})\n : Promise.resolve({}),\n otherOwnerTypes.find((x) => x === DataOwnerTypeEnum.Device)\n ? this.deviceBaseApi.getDeviceAesExchangeKeysForDelegate(dataOwnerId).catch(() => {})\n : Promise.resolve({}),\n ]).then(([a, b, c]) => ({ ...a, ...b, ...c } as { [delegatorId: string]: { [delegatorFp: string]: { [entryFp: string]: string } } }))\n const dataOwner = await this.dataOwnerApi.getCryptoActorStub(dataOwnerId)\n const allOwnerKeys = await this.combineLegacyHcpKeysWithAesExchangeKeys(dataOwner.stub, undefined)\n const filteredDelegates = new Set(\n await Array.from(new Set(Object.values(allOwnerKeys).flatMap((x) => Object.keys(x)))).reduce(async (acc, ownerId) => {\n const awaitedAcc = await acc\n if (ownerId === dataOwnerId) {\n return [...awaitedAcc, ownerId]\n } else {\n const dataOwnerType: DataOwnerTypeEnum = (await this.dataOwnerApi.getCryptoActorStub(ownerId)).type\n if (otherOwnerTypes.some((x) => x === dataOwnerType)) {\n return [...awaitedAcc, ownerId]\n } else return awaitedAcc\n }\n }, Promise.resolve([] as string[]))\n )\n const keysFromOwner = Object.fromEntries(\n Object.entries(allOwnerKeys)\n .map(([delegatorPubKey, delegateToKeys]) => [\n delegatorPubKey,\n Object.fromEntries(\n Object.entries(delegateToKeys).filter(([delegateId]) => filteredDelegates.has(delegateId)) as [string, { [k: string]: string }][]\n ),\n ])\n .filter(([, x]) => Object.keys(x).length > 0) as [string, { [k: string]: { [k: string]: string } }][]\n )\n return { keysToOwner, keysFromOwner }\n }\n\n /**\n * Attempts to decrypt many exchange keys using any of the provided key pairs.\n * @param encryptedExchangeKeys an array of exchange keys where each key is encrypted with one or more public keys.\n * @param keyPairsByFingerprint rsa key pairs to use for decryption.\n * @return an array all successfully decrypted exchange keys and an array containing all exchange keys which could not be decrypted.\n */\n async tryDecryptExchangeKeys(\n encryptedExchangeKeys: { [publicKeyFingerprint: string]: string }[],\n keyPairsByFingerprint: { [publicKeyFingerprint: string]: KeyPair<CryptoKey> }\n ): Promise<{\n successfulDecryptions: CryptoKey[]\n failedDecryptions: { [publicKeyFingerprint: string]: string }[]\n }> {\n const raws = new Set<string>()\n const res: {\n successfulDecryptions: CryptoKey[]\n failedDecryptions: { [publicKeyFingerprint: string]: string }[]\n } = { successfulDecryptions: [], failedDecryptions: [] }\n for (const encryptedExchangeKey of encryptedExchangeKeys) {\n const decrypted = await this.tryDecryptExchangeKey(encryptedExchangeKey, keyPairsByFingerprint)\n if (decrypted !== undefined && !raws.has(decrypted.raw)) {\n raws.add(decrypted.raw)\n res.successfulDecryptions.push(decrypted.key)\n } else {\n res.failedDecryptions.push(encryptedExchangeKey)\n }\n }\n return res\n }\n\n private async extendForGiveAccessBackTo(\n delegatorId: string,\n delegateId: string,\n newPublicKeyFp: string,\n newPublicKey: CryptoKey,\n decryptionKeyPairsByFingerprint: { [publicKeyFingerprint: string]: KeyPair<CryptoKey> }\n ) {\n await notConcurrent(this.generateKeyConcurrencyMap, delegatorId, async () => {\n const delegator = await this.dataOwnerApi.getCryptoActorStub(delegatorId)\n const delegate = await this.dataOwnerApi.getCryptoActorStub(delegateId)\n let didUpdateSomeKey = false\n const combinedKeys = await this.combineLegacyHcpKeysWithAesExchangeKeys(delegator.stub, delegate.stub)\n const updatedExchangeKeys: { [delegatorKey: string]: { [delegateId: string]: { [keyFp: string]: string } } } = {}\n const newEncryptionKeys = { [newPublicKeyFp]: newPublicKey }\n for (const [currDelegatorKey, currDelegatesToKeys] of Object.entries(combinedKeys)) {\n const updatedDelegatesToKeys: { [delegateId: string]: { [keyFp: string]: string } } = {}\n for (const [currDelegateId, currEncryptedKey] of Object.entries(currDelegatesToKeys)) {\n if (delegateId !== currDelegateId || newPublicKeyFp in currEncryptedKey) {\n updatedDelegatesToKeys[currDelegateId] = currEncryptedKey\n } else {\n const decrypted = await this.tryDecryptExchangeKey(currEncryptedKey, decryptionKeyPairsByFingerprint)\n if (decrypted) {\n didUpdateSomeKey = true\n updatedDelegatesToKeys[currDelegateId] = {\n ...currEncryptedKey,\n ...(await this.encryptExchangeKey(decrypted, newEncryptionKeys)).encryptedExchangeKey,\n }\n } else {\n updatedDelegatesToKeys[currDelegateId] = currEncryptedKey\n }\n }\n }\n updatedExchangeKeys[currDelegatorKey] = updatedDelegatesToKeys\n }\n if (didUpdateSomeKey) {\n await this.dataOwnerApi.modifyCryptoActorStub({\n type: delegator.type,\n stub: {\n ...delegator.stub,\n aesExchangeKeys: updatedExchangeKeys,\n },\n })\n }\n })\n }\n\n /**\n * Attempts to decrypt an exchange key using any of the provided key pairs.\n * @param encryptedExchangeKey an encrypted exchange key, in the form publicKeyXyzFingerprint -> hex(exchangeKeyEncryptedByPrivateKeyXyz).\n * @param keyPairsByFingerprint rsa key pairs to use for decryption.\n * @return the decrypted exchange key, in raw and key format (to allow deduplication), or undefined if the key could not be decrypted using the\n * provided keys.\n */\n private async tryDecryptExchangeKey(\n encryptedExchangeKey: { [publicKeyFingerprint: string]: string },\n keyPairsByFingerprint: { [publicKeyFingerprint: string]: KeyPair<CryptoKey> }\n ): Promise<{ raw: string; key: CryptoKey } | undefined> {\n for (const [entryKey, encrypted] of Object.entries(encryptedExchangeKey)) {\n // Due to bugs in past version the entry may actually contain the full public key instead of just the fingerprint.\n const fp = entryKey.slice(-32)\n const keyPair = keyPairsByFingerprint[fp]\n if (keyPair !== undefined) {\n const res = await this.tryDecryptExchangeKeyWith(encrypted, keyPair, fp)\n if (res !== undefined) return res\n }\n }\n const defaultEncryptedKey = encryptedExchangeKey['']\n if (defaultEncryptedKey !== undefined) {\n for (const keyPair of Object.values(keyPairsByFingerprint)) {\n // disable error logging, we are not sure keyPair is the correct key\n const res = await this.tryDecryptExchangeKeyWith(defaultEncryptedKey, keyPair, undefined)\n if (res !== undefined) return res\n }\n }\n return undefined\n }\n\n /**\n * Creates an encrypted exchange key for the provided public keys.\n * @param exchangeKey the exchange key in raw and imported format. If undefined a new key will be automatically created.\n * @param publicKeys additional public keys that will have access to the exchange key in spki format, hex-encoded.\n * @return the exchangeKey and an object with the exchange key encrypted with each of the provided public keys, hex-encoded, by fingerprint.\n */\n private async encryptExchangeKey(\n exchangeKey: { raw: string; key: CryptoKey } | undefined,\n publicKeys: { [keyFingerprint: string]: CryptoKey }\n ): Promise<{\n exchangeKey: CryptoKey\n encryptedExchangeKey: { [pubKeyFp: string]: string }\n }> {\n const exchangeKeyCrypto = exchangeKey?.key ?? (await this.primitives.AES.generateCryptoKey(false))\n const exchangeKeyBytes = exchangeKey !== undefined ? hex2ua(exchangeKey.raw) : await this.primitives.AES.exportKey(exchangeKeyCrypto, 'raw')\n const encryptedExchangeKey = await Object.entries(publicKeys).reduce(\n async (acc, [currKeyFp, currKey]) => ({\n ...(await acc),\n [currKeyFp]: ua2hex(await this.primitives.RSA.encrypt(currKey, new Uint8Array(exchangeKeyBytes))),\n }),\n Promise.resolve({} as { [pubKeyFp: string]: string })\n )\n return { exchangeKey: exchangeKeyCrypto, encryptedExchangeKey }\n }\n\n /**\n * Attempts to decrypt an exchange key using the provided key pairs.\n * If you are confident that the provided {@link keyPair} was used to encrypt {@link encryptedByOneKey} you should also provide {@link keyPairFp},\n * so that if the decryption fail an error will be logged to console before returning undefined.\n * @param encryptedByOneKey an exchange key which may be encrypted with {@link keyPair}.\n * @param keyPair an rsa key pair.\n * @param keyPairFp the fingerprint of the provided key pair or undefined to disable logging of error if the decryption failed.\n * @return the decrypted exchange key, in raw and key format (to allow deduplication), or undefined if the key could not be decrypted using the\n * provided key.\n */\n private async tryDecryptExchangeKeyWith(\n encryptedByOneKey: string,\n keyPair: KeyPair<CryptoKey>,\n keyPairFp: string | undefined // if undefined will not log errors, when we are not sure the key to be used is the provided key.\n ): Promise<{ raw: string; key: CryptoKey } | undefined> {\n try {\n const decrypted = await this.primitives.RSA.decrypt(keyPair.privateKey, hex2ua(encryptedByOneKey))\n return { raw: ua2hex(decrypted), key: await this.primitives.AES.importKey('raw', decrypted) }\n } catch (e) {\n if (keyPairFp) {\n console.error(`Failed to decrypt or import exchange key ${encryptedByOneKey} using key with fingerprint ${keyPairFp}.`, e)\n }\n }\n }\n\n private updateLegacyExchangeKeys(\n delegator: CryptoActorStubWithType,\n delegate: CryptoActorStubWithType,\n encryptedKeyMap: { [fp: string]: string }\n ): { [delegateId: string]: string[] } | undefined {\n const legacyEncryptedKeyDelegator = delegator.stub.publicKey ? encryptedKeyMap[delegator.stub.publicKey] : undefined\n const legacyEncryptedKeyDelegate = delegate.stub.publicKey ? encryptedKeyMap[delegate.stub.publicKey] : undefined\n if (legacyEncryptedKeyDelegator && legacyEncryptedKeyDelegate) {\n return {\n ...(delegator.stub.hcPartyKeys ?? {}),\n [delegate.stub.id!]: [legacyEncryptedKeyDelegator, legacyEncryptedKeyDelegate],\n }\n } else return delegator.stub.hcPartyKeys\n }\n\n private async updateExchangeKeys(\n delegator: CryptoActorStubWithType,\n delegate: CryptoActorStubWithType,\n mainDelegatorKeyPairPubHex: string,\n encryptedKeyMap: { [fp: string]: string }\n ): Promise<{ [ownerPublicKey: string]: { [delegateId: string]: { [fingerprint: string]: string } } }> {\n const combinedAesExchangeKeys = await this.combineLegacyHcpKeysWithAesExchangeKeys(delegator.stub, delegate.stub)\n return this.fixAesExchangeKeyEntriesToFingerprints({\n ...combinedAesExchangeKeys,\n [mainDelegatorKeyPairPubHex]: {\n ...(combinedAesExchangeKeys[mainDelegatorKeyPairPubHex] ?? {}),\n [delegate.stub.id!]: {\n ...(combinedAesExchangeKeys[mainDelegatorKeyPairPubHex]?.[delegate.stub.id!] ?? {}),\n ...encryptedKeyMap,\n },\n },\n })\n }\n\n // Copy all legacy hcp exchange keys into the new aes exchange keys\n private async combineLegacyHcpKeysWithAesExchangeKeys(\n owner: CryptoActorStub,\n delegate: CryptoActorStub | undefined\n ): Promise<{ [ownerPublicKey: string]: { [delegateId: string]: { [fingerprint: string]: string } } }> {\n const ownerLegacyPublicKey = owner.publicKey\n if (ownerLegacyPublicKey && !(owner.aesExchangeKeys ?? {})[ownerLegacyPublicKey]) {\n /*\n * This condition would technically prevent new updates to the hcPartyKeys to be migrated to the aes exchange keys, but since I can only update\n * data for self data owner and parent entities this is not an issue, because I will always be using the new api from now on and I won't have\n * a situation where the legacy keys are updated but the aes exchange keys are not.\n */\n const unknownDataOwnerCounterPartIds = Object.keys(owner.hcPartyKeys ?? {}).filter((x) => x !== owner.id && x !== delegate?.id)\n const counterPartsById = [\n owner,\n ...(delegate ? [delegate] : []),\n ...(await Promise.all(unknownDataOwnerCounterPartIds.map(async (cpid) => (await this.dataOwnerApi.getCryptoActorStub(cpid)).stub))),\n ].reduce((acc, dataOwner) => {\n acc[dataOwner.id!] = dataOwner\n return acc\n }, {} as { [id: string]: CryptoActorStub })\n return {\n [ownerLegacyPublicKey]: Object.entries(owner.hcPartyKeys ?? {}).reduce((acc, [hcpId, keys]) => {\n acc[hcpId] = { [ownerLegacyPublicKey.slice(-32)]: keys[0], [counterPartsById[hcpId]?.publicKey?.slice(-32) ?? '']: keys[1] }\n return acc\n }, {} as { [delegateId: string]: { [fingerprint: string]: string } }),\n ...(owner.aesExchangeKeys ?? {}),\n }\n } else return owner.aesExchangeKeys ?? {}\n }\n\n private fixAesExchangeKeyEntriesToFingerprints(aesExchangeKeys: {\n [delegatorPubKey: string]: { [delegateId: string]: { [pubKeyFp: string]: string } }\n }): { [delegatorPubKey: string]: { [delegateId: string]: { [pubKeyFp: string]: string } } } {\n return Object.fromEntries(\n Object.entries(aesExchangeKeys).map(([delegatorPubKey, allDelegates]) => [\n delegatorPubKey,\n Object.fromEntries(\n Object.entries(allDelegates).map(([delegateId, keyEntries]) => [\n delegateId,\n Object.fromEntries(Object.entries(keyEntries).map(([publicKey, encryptedValue]) => [publicKey.slice(-32), encryptedValue])),\n ])\n ),\n ])\n )\n }\n}\n"]}
|
|
@@ -20,6 +20,29 @@ export declare class KeyManager {
|
|
|
20
20
|
private selfLegacyPublicKey;
|
|
21
21
|
private keysCache;
|
|
22
22
|
constructor(primitives: CryptoPrimitives, dataOwnerApi: IccDataOwnerXApi, icureStorage: IcureStorageFacade, keyRecovery: KeyRecovery, baseExchangeKeyManager: BaseExchangeKeysManager, strategies: CryptoStrategies, initialiseParentKeys: boolean);
|
|
23
|
+
/**
|
|
24
|
+
* @internal
|
|
25
|
+
* Get all key pairs available for the current data owner and his parents.
|
|
26
|
+
* @return an object with:
|
|
27
|
+
* - `self` an object containing the current data owner id and the list of key pairs available for the current data owner with verification details.
|
|
28
|
+
* - `parents` the list of parents to the current data owner with the list of key pairs available for each parent. The list is ordered from the
|
|
29
|
+
* topmost ancestor (at index 0) to the direct parent of the current data owner (at the last index, may be 0).
|
|
30
|
+
*/
|
|
31
|
+
getCurrentUserHierarchyAvailableKeypairs(): Promise<{
|
|
32
|
+
self: {
|
|
33
|
+
dataOwnerId: string;
|
|
34
|
+
keys: {
|
|
35
|
+
pair: KeyPair<CryptoKey>;
|
|
36
|
+
verified: boolean;
|
|
37
|
+
}[];
|
|
38
|
+
};
|
|
39
|
+
parents: {
|
|
40
|
+
dataOwnerId: string;
|
|
41
|
+
keys: {
|
|
42
|
+
pair: KeyPair<CryptoKey>;
|
|
43
|
+
}[];
|
|
44
|
+
}[];
|
|
45
|
+
}>;
|
|
23
46
|
/**
|
|
24
47
|
* Get the public keys of available key pairs for the current user in hex-encoded spki representation (uses cached keys: no request is done to the
|
|
25
48
|
* server).
|