@icure/api 8.0.0-RC.3 → 8.0.0-RC.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-api/api/IccInsuranceApi.d.ts +2 -0
- package/icc-api/api/IccInsuranceApi.js +12 -0
- package/icc-api/api/IccInsuranceApi.js.map +1 -1
- package/icc-api/api/IccMessageApi.d.ts +6 -0
- package/icc-api/api/IccMessageApi.js +15 -0
- package/icc-api/api/IccMessageApi.js.map +1 -1
- package/icc-api/api/{IccExchangeDataApi.d.ts → internal/IccExchangeDataApi.d.ts} +4 -4
- package/icc-api/api/{IccExchangeDataApi.js → internal/IccExchangeDataApi.js} +5 -5
- package/icc-api/api/internal/IccExchangeDataApi.js.map +1 -0
- package/icc-api/api/{IccExchangeDataMapApi.d.ts → internal/IccExchangeDataMapApi.d.ts} +4 -4
- package/icc-api/api/{IccExchangeDataMapApi.js → internal/IccExchangeDataMapApi.js} +5 -5
- package/icc-api/api/internal/IccExchangeDataMapApi.js.map +1 -0
- package/icc-api/api/internal/IccRecoveryDataApi.d.ts +19 -0
- package/icc-api/api/internal/IccRecoveryDataApi.js +83 -0
- package/icc-api/api/internal/IccRecoveryDataApi.js.map +1 -0
- package/icc-api/api/{IccSecureDelegationKeyMapApi.d.ts → internal/IccSecureDelegationKeyMapApi.d.ts} +6 -6
- package/icc-api/api/{IccSecureDelegationKeyMapApi.js → internal/IccSecureDelegationKeyMapApi.js} +5 -5
- package/icc-api/api/internal/IccSecureDelegationKeyMapApi.js.map +1 -0
- package/icc-api/model/PaginatedListInsurance.d.ts +20 -0
- package/icc-api/model/PaginatedListInsurance.js +10 -0
- package/icc-api/model/PaginatedListInsurance.js.map +1 -0
- package/icc-api/model/User.d.ts +19 -0
- package/icc-api/model/User.js +6 -0
- package/icc-api/model/User.js.map +1 -1
- package/icc-api/model/internal/ExchangeData.d.ts +20 -4
- package/icc-api/model/internal/ExchangeData.js +8 -2
- package/icc-api/model/internal/ExchangeData.js.map +1 -1
- package/icc-api/model/internal/RecoveryData.d.ts +47 -0
- package/icc-api/model/internal/RecoveryData.js +34 -0
- package/icc-api/model/internal/RecoveryData.js.map +1 -0
- package/icc-x-api/auth/JwtBridgedAuthService.d.ts +1 -0
- package/icc-x-api/auth/JwtBridgedAuthService.js +10 -3
- package/icc-x-api/auth/JwtBridgedAuthService.js.map +1 -1
- package/icc-x-api/crypto/BaseExchangeDataManager.d.ts +37 -25
- package/icc-x-api/crypto/BaseExchangeDataManager.js +123 -64
- package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -1
- package/icc-x-api/crypto/CryptoPrimitives.d.ts +3 -0
- package/icc-x-api/crypto/CryptoPrimitives.js +5 -0
- package/icc-x-api/crypto/CryptoPrimitives.js.map +1 -1
- package/icc-x-api/crypto/DelegationsDeAnonymization.js +1 -1
- package/icc-x-api/crypto/DelegationsDeAnonymization.js.map +1 -1
- package/icc-x-api/crypto/ExchangeDataManager.js +14 -6
- package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
- package/icc-x-api/crypto/ExchangeDataMapManager.d.ts +1 -1
- package/icc-x-api/crypto/ExchangeDataMapManager.js.map +1 -1
- package/icc-x-api/crypto/HMACUtils.d.ts +10 -0
- package/icc-x-api/crypto/HMACUtils.js +48 -0
- package/icc-x-api/crypto/HMACUtils.js.map +1 -0
- package/icc-x-api/crypto/SecureDelegationsManager.js +3 -0
- package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -1
- package/icc-x-api/icc-icure-maintenance-x-api.d.ts +1 -1
- package/icc-x-api/icc-icure-maintenance-x-api.js.map +1 -1
- package/icc-x-api/icc-message-x-api.d.ts +1 -1
- package/icc-x-api/icc-message-x-api.js +3 -3
- package/icc-x-api/icc-message-x-api.js.map +1 -1
- package/icc-x-api/icc-recovery-x-api.d.ts +0 -0
- package/icc-x-api/icc-recovery-x-api.js +2 -0
- package/icc-x-api/icc-recovery-x-api.js.map +1 -0
- package/icc-x-api/index.js +2 -2
- package/icc-x-api/index.js.map +1 -1
- package/package.json +1 -1
- package/icc-api/api/IccExchangeDataApi.js.map +0 -1
- package/icc-api/api/IccExchangeDataMapApi.js.map +0 -1
- package/icc-api/api/IccSecureDelegationKeyMapApi.js.map +0 -1
package/icc-api/api/{IccSecureDelegationKeyMapApi.js → internal/IccSecureDelegationKeyMapApi.js}
RENAMED
|
@@ -10,11 +10,11 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
12
|
exports.IccSecureDelegationKeyMapApi = void 0;
|
|
13
|
-
const EntityBulkShareResult_1 = require("
|
|
14
|
-
const XHR_1 = require("
|
|
15
|
-
const icc_x_api_1 = require("
|
|
16
|
-
const IccRestApiPath_1 = require("
|
|
17
|
-
const SecureDelegationKeyMap_1 = require("
|
|
13
|
+
const EntityBulkShareResult_1 = require("../../model/requests/EntityBulkShareResult");
|
|
14
|
+
const XHR_1 = require("../XHR");
|
|
15
|
+
const icc_x_api_1 = require("../../../icc-x-api");
|
|
16
|
+
const IccRestApiPath_1 = require("../IccRestApiPath");
|
|
17
|
+
const SecureDelegationKeyMap_1 = require("../../model/internal/SecureDelegationKeyMap");
|
|
18
18
|
/**
|
|
19
19
|
* @internal this class is for internal use only and may be changed without notice.
|
|
20
20
|
*/
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"IccSecureDelegationKeyMapApi.js","sourceRoot":"","sources":["../../../../icc-api/api/internal/IccSecureDelegationKeyMapApi.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,sFAAkF;AAClF,gCAA4B;AAC5B,kDAAqF;AACrF,sDAAkD;AAClD,wFAAoF;AAGpF;;GAEG;AACH,MAAa,4BAA4B;IAMvC,YACE,IAAY,EACZ,OAAY,EACZ,sBAA+C,EAC/C,SAAyE;QAEzE,IAAI,CAAC,IAAI,GAAG,IAAA,+BAAc,EAAC,IAAI,CAAC,CAAA;QAChC,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QAC9E,IAAI,CAAC,sBAAsB,GAAG,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,IAAI,oCAAwB,EAAE,CAAA;QAChH,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;IAC5B,CAAC;IAED,IAAI,OAAO;QACT,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACvC,CAAC;IAED,UAAU,CAAC,CAAoB;QAC7B,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAA;IACnB,CAAC;IAED,WAAW,CAAC,CAAe;QACzB,MAAM,CAAC,CAAA;IACT,CAAC;IAEK,mBAAmB,CAAC,cAAyB,EAAE,oBAAkC;;YACrF,IAAI,KAAK,GAAG,cAAc,CAAA;YAE1B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,0CAA0C,GAAG,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;YACnG,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,oBAAoB,CAAC,CAAA;YAChE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,cAAc,CAAC,CAAC,MAAM,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,CAAA;YACvH,OAAO,SAAG,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,CAAC;iBAC1H,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAE,GAAG,CAAC,IAAoB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,+CAAsB,CAAC,EAAE,CAAC,CAAC,CAAC;iBACpF,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAA;QAC1C,CAAC;KAAA;IAEK,MAAM,CAAC,gBAAwC,EAAE,mBAA+B;;YACpF,IAAI,KAAK,GAAG,gBAAgB,CAAA;YAE5B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,yBAAyB,GAAG,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;YAClF,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,mBAAmB,CAAC,CAAA;YAC5D,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,cAAc,CAAC,CAAC,MAAM,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,CAAA;YACvH,OAAO,SAAG,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,CAAC;iBAC1H,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,+CAAsB,CAAC,GAAG,CAAC,IAAY,CAAC,CAAC;iBAC3D,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAA;QAC1C,CAAC;KAAA;IAEK,+BAA+B,CACnC,OAEC,EACD,oBAAkC;;YAElC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,kDAAkD,GAAG,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;YAC3G,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,oBAAoB,CAAC,CAAA;YAChE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,cAAc,CAAC,CAAC,MAAM,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,CAAA;YACvH,OAAO,SAAG,CAAC,WAAW,CAAC,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,CAAC;iBAC3H,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAE,GAAG,CAAC,IAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,6CAAqB,CAAyB,CAAC,EAAE,+CAAsB,CAAC,CAAC,CAAC;iBACjI,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAA;QAC1C,CAAC;KAAA;CACF;AAjED,oEAiEC","sourcesContent":["import { EntityShareOrMetadataUpdateRequest } from '../../model/requests/EntityShareOrMetadataUpdateRequest'\nimport { EntityBulkShareResult } from '../../model/requests/EntityBulkShareResult'\nimport { XHR } from '../XHR'\nimport { AuthenticationProvider, NoAuthenticationProvider } from '../../../icc-x-api'\nimport { iccRestApiPath } from '../IccRestApiPath'\nimport { SecureDelegationKeyMap } from '../../model/internal/SecureDelegationKeyMap'\nimport { ListOfIds } from '../../model/ListOfIds'\n\n/**\n * @internal this class is for internal use only and may be changed without notice.\n */\nexport class IccSecureDelegationKeyMapApi {\n host: string\n _headers: Array<XHR.Header>\n authenticationProvider: AuthenticationProvider\n fetchImpl?: (input: RequestInfo, init?: RequestInit) => Promise<Response>\n\n constructor(\n host: string,\n headers: any,\n authenticationProvider?: AuthenticationProvider,\n fetchImpl?: (input: RequestInfo, init?: RequestInit) => Promise<Response>\n ) {\n this.host = iccRestApiPath(host)\n this._headers = Object.keys(headers).map((k) => new XHR.Header(k, headers[k]))\n this.authenticationProvider = !!authenticationProvider ? authenticationProvider : new NoAuthenticationProvider()\n this.fetchImpl = fetchImpl\n }\n\n get headers(): Promise<Array<XHR.Header>> {\n return Promise.resolve(this._headers)\n }\n\n setHeaders(h: Array<XHR.Header>) {\n this._headers = h\n }\n\n handleError(e: XHR.XHRError): never {\n throw e\n }\n\n async getByDelegationKeys(delegationKeys: ListOfIds, proofOfAccessHeaders: XHR.Header[]): Promise<SecureDelegationKeyMap[]> {\n let _body = delegationKeys\n\n const _url = this.host + `/securedelegationkeymap/bydelegationkeys` + '?ts=' + new Date().getTime()\n let headers = [...(await this.headers), ...proofOfAccessHeaders]\n headers = headers.filter((h) => h.header !== 'Content-Type').concat(new XHR.Header('Content-Type', 'application/json'))\n return XHR.sendCommand('POST', _url, headers, _body, this.fetchImpl, undefined, this.authenticationProvider.getAuthService())\n .then((doc) => (doc.body as Array<JSON>).map((it) => new SecureDelegationKeyMap(it)))\n .catch((err) => this.handleError(err))\n }\n\n async create(delegationKeyMap: SecureDelegationKeyMap, proofOfAccessHeader: XHR.Header): Promise<SecureDelegationKeyMap> {\n let _body = delegationKeyMap\n\n const _url = this.host + `/securedelegationkeymap` + '?ts=' + new Date().getTime()\n let headers = [...(await this.headers), proofOfAccessHeader]\n headers = headers.filter((h) => h.header !== 'Content-Type').concat(new XHR.Header('Content-Type', 'application/json'))\n return XHR.sendCommand('POST', _url, headers, _body, this.fetchImpl, undefined, this.authenticationProvider.getAuthService())\n .then((doc) => new SecureDelegationKeyMap(doc.body as JSON))\n .catch((err) => this.handleError(err))\n }\n\n async bulkShareSecureDelegationKeyMap(\n request: {\n [entityId: string]: { [requestId: string]: EntityShareOrMetadataUpdateRequest }\n },\n proofOfAccessHeaders: XHR.Header[]\n ): Promise<EntityBulkShareResult<SecureDelegationKeyMap>[]> {\n const _url = this.host + '/securedelegationkeymap/bulkSharedMetadataUpdate' + '?ts=' + new Date().getTime()\n let headers = [...(await this.headers), ...proofOfAccessHeaders]\n headers = headers.filter((h) => h.header !== 'Content-Type').concat(new XHR.Header('Content-Type', 'application/json'))\n return XHR.sendCommand('PUT', _url, headers, request, this.fetchImpl, undefined, this.authenticationProvider.getAuthService())\n .then((doc) => (doc.body as Array<JSON>).map((x) => new EntityBulkShareResult<SecureDelegationKeyMap>(x, SecureDelegationKeyMap)))\n .catch((err) => this.handleError(err))\n }\n}\n"]}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* iCure Data Stack API Documentation
|
|
3
|
+
* The iCure Data Stack Application API is the native interface to iCure. This version is obsolete, please use v2.
|
|
4
|
+
*
|
|
5
|
+
* OpenAPI spec version: v1
|
|
6
|
+
*
|
|
7
|
+
*
|
|
8
|
+
* NOTE: This class is auto generated by the swagger code generator program.
|
|
9
|
+
* https://github.com/swagger-api/swagger-codegen.git
|
|
10
|
+
* Do not edit the class manually.
|
|
11
|
+
*/
|
|
12
|
+
import { PaginatedDocumentKeyIdPairObject } from './PaginatedDocumentKeyIdPairObject';
|
|
13
|
+
import { Insurance } from './Insurance';
|
|
14
|
+
export declare class PaginatedListInsurance {
|
|
15
|
+
constructor(json: JSON | any);
|
|
16
|
+
pageSize?: number;
|
|
17
|
+
totalSize?: number;
|
|
18
|
+
rows?: Array<Insurance>;
|
|
19
|
+
nextKeyPair?: PaginatedDocumentKeyIdPairObject;
|
|
20
|
+
}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.PaginatedListInsurance = void 0;
|
|
4
|
+
class PaginatedListInsurance {
|
|
5
|
+
constructor(json) {
|
|
6
|
+
Object.assign(this, json);
|
|
7
|
+
}
|
|
8
|
+
}
|
|
9
|
+
exports.PaginatedListInsurance = PaginatedListInsurance;
|
|
10
|
+
//# sourceMappingURL=PaginatedListInsurance.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"PaginatedListInsurance.js","sourceRoot":"","sources":["../../../icc-api/model/PaginatedListInsurance.ts"],"names":[],"mappings":";;;AAcA,MAAa,sBAAsB;IACjC,YAAY,IAAgB;QAC1B,MAAM,CAAC,MAAM,CAAC,IAA8B,EAAE,IAAI,CAAC,CAAA;IACrD,CAAC;CAMF;AATD,wDASC","sourcesContent":["/**\n * iCure Data Stack API Documentation\n * The iCure Data Stack Application API is the native interface to iCure. This version is obsolete, please use v2.\n *\n * OpenAPI spec version: v1\n *\n *\n * NOTE: This class is auto generated by the swagger code generator program.\n * https://github.com/swagger-api/swagger-codegen.git\n * Do not edit the class manually.\n */\nimport { PaginatedDocumentKeyIdPairObject } from './PaginatedDocumentKeyIdPairObject'\nimport { Insurance } from './Insurance'\n\nexport class PaginatedListInsurance {\n constructor(json: JSON | any) {\n Object.assign(this as PaginatedListInsurance, json)\n }\n\n pageSize?: number\n totalSize?: number\n rows?: Array<Insurance>\n nextKeyPair?: PaginatedDocumentKeyIdPairObject\n}\n"]}
|
package/icc-api/model/User.d.ts
CHANGED
|
@@ -117,6 +117,10 @@ export declare class User {
|
|
|
117
117
|
authenticationTokens?: {
|
|
118
118
|
[key: string]: AuthenticationToken;
|
|
119
119
|
};
|
|
120
|
+
/**
|
|
121
|
+
* System metadata for the user: this configuration is read only, and defined only when using the cloud version of iCure.
|
|
122
|
+
*/
|
|
123
|
+
systemMetadata?: User.SystemMetadata;
|
|
120
124
|
}
|
|
121
125
|
export declare namespace User {
|
|
122
126
|
type TypeEnum = 'database' | 'ldap' | 'token';
|
|
@@ -153,4 +157,19 @@ export declare namespace User {
|
|
|
153
157
|
cdItemTreatment: AutoDelegationTagEnum;
|
|
154
158
|
cdItemVaccine: AutoDelegationTagEnum;
|
|
155
159
|
};
|
|
160
|
+
class SystemMetadata {
|
|
161
|
+
constructor(json: JSON | any);
|
|
162
|
+
/**
|
|
163
|
+
* The roles of the user that the cloud environment recognizes
|
|
164
|
+
*/
|
|
165
|
+
roles?: string[];
|
|
166
|
+
/**
|
|
167
|
+
* If the user is considered as an admin by the cloud environment
|
|
168
|
+
*/
|
|
169
|
+
isAdmin?: boolean;
|
|
170
|
+
/**
|
|
171
|
+
* True if the content of roles is inherited from the user's group configuration, false if the roles are defined specifically for the use
|
|
172
|
+
*/
|
|
173
|
+
inheritsRoles?: boolean;
|
|
174
|
+
}
|
|
156
175
|
}
|
package/icc-api/model/User.js
CHANGED
|
@@ -42,5 +42,11 @@ exports.User = User;
|
|
|
42
42
|
cdItemTreatment: 'cdItemTreatment',
|
|
43
43
|
cdItemVaccine: 'cdItemVaccine',
|
|
44
44
|
};
|
|
45
|
+
class SystemMetadata {
|
|
46
|
+
constructor(json) {
|
|
47
|
+
Object.assign(this, json);
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
User.SystemMetadata = SystemMetadata;
|
|
45
51
|
})(User = exports.User || (exports.User = {}));
|
|
46
52
|
//# sourceMappingURL=User.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"User.js","sourceRoot":"","sources":["../../../icc-api/model/User.ts"],"names":[],"mappings":";;;AAeA;;GAEG;AACH,MAAa,IAAI;IACf,YAAY,IAAgB;QAC1B,MAAM,CAAC,MAAM,CAAC,IAAY,EAAE,IAAI,CAAC,CAAA;IACnC,CAAC;
|
|
1
|
+
{"version":3,"file":"User.js","sourceRoot":"","sources":["../../../icc-api/model/User.ts"],"names":[],"mappings":";;;AAeA;;GAEG;AACH,MAAa,IAAI;IACf,YAAY,IAAgB;QAC1B,MAAM,CAAC,MAAM,CAAC,IAAY,EAAE,IAAI,CAAC,CAAA;IACnC,CAAC;CAoGF;AAvGD,oBAuGC;AACD,WAAiB,IAAI;IAEN,aAAQ,GAAG;QACtB,QAAQ,EAAE,UAAsB;QAChC,IAAI,EAAE,MAAkB;QACxB,KAAK,EAAE,OAAmB;KAC3B,CAAA;IAEY,eAAU,GAAG;QACxB,MAAM,EAAE,QAAsB;QAC9B,QAAQ,EAAE,UAAwB;QAClC,WAAW,EAAE,aAA2B;KACzC,CAAA;IAqBY,0BAAqB,GAAG;QACnC,GAAG,EAAE,KAA8B;QACnC,kBAAkB,EAAE,oBAA6C;QACjE,kBAAkB,EAAE,oBAA6C;QACjE,oBAAoB,EAAE,sBAA+C;QACrE,kBAAkB,EAAE,oBAA6C;QACjE,oBAAoB,EAAE,sBAA+C;QACrE,uBAAuB,EAAE,yBAAkD;QAC3E,UAAU,EAAE,YAAqC;QACjD,gBAAgB,EAAE,kBAA2C;QAC7D,uBAAuB,EAAE,yBAAkD;QAC3E,wBAAwB,EAAE,0BAAmD;QAC7E,aAAa,EAAE,eAAwC;QACvD,eAAe,EAAE,iBAA0C;QAC3D,SAAS,EAAE,WAAoC;QAC/C,YAAY,EAAE,cAAuC;QACrD,eAAe,EAAE,iBAA0C;QAC3D,gBAAgB,EAAE,kBAA2C;QAC7D,eAAe,EAAE,iBAA0C;QAC3D,aAAa,EAAE,eAAwC;KACxD,CAAA;IAED,MAAa,cAAc;QACzB,YAAY,IAAgB;YAC1B,MAAM,CAAC,MAAM,CAAC,IAAY,EAAE,IAAI,CAAC,CAAA;QACnC,CAAC;KAcF;IAjBY,mBAAc,iBAiB1B,CAAA;AACH,CAAC,EAzEgB,IAAI,GAAJ,YAAI,KAAJ,YAAI,QAyEpB","sourcesContent":["/**\n * iCure Data Stack API Documentation\n * The iCure Data Stack Application API is the native interface to iCure. This version is obsolete, please use v2.\n *\n * OpenAPI spec version: v1\n *\n *\n * NOTE: This class is auto generated by the swagger code generator program.\n * https://github.com/swagger-api/swagger-codegen.git\n * Do not edit the class manually.\n */\nimport { AuthenticationToken } from './AuthenticationToken'\nimport { Permission } from './Permission'\nimport { PropertyStub } from './PropertyStub'\n\n/**\n * This entity is a root level object. It represents an user that can log in to the iCure platform. It is serialized in JSON and saved in the underlying icure-base CouchDB database.\n */\nexport class User {\n constructor(json: JSON | any) {\n Object.assign(this as User, json)\n }\n\n /**\n * the Id of the user. We encourage using either a v4 UUID or a HL7 Id.\n */\n id?: string\n /**\n * the revision of the user in the database, used for conflict management / optimistic locking.\n */\n rev?: string\n /**\n * hard delete (unix epoch in ms) timestamp of the object. Filled automatically when deletePatient is called.\n */\n deletionDate?: number\n created?: number\n /**\n * Last name of the user. This is the official last name that should be used for official administrative purposes.\n */\n name?: string\n /**\n * Extra properties for the user. Those properties are typed (see class Property)\n */\n properties?: Array<PropertyStub>\n /**\n * If permission to modify patient data is granted or revoked\n */\n permissions?: Array<Permission>\n /**\n * Roles specified for the user\n */\n roles?: Array<string>\n /**\n * Authorization source for user. 'Database', 'ldap' or 'token'\n */\n type?: User.TypeEnum\n /**\n * State of user's activeness: 'Active', 'Disabled' or 'Registering'\n */\n status?: User.StatusEnum\n /**\n * Username for this user. We encourage using an email address\n */\n login?: string\n /**\n * Hashed version of the password (BCrypt is used for hashing)\n */\n passwordHash?: string\n /**\n * Secret token used to verify 2fa\n */\n secret?: string\n /**\n * Whether the user has activated two factors authentication\n */\n use2fa?: boolean\n /**\n * id of the group (practice/hospital) the user is member of\n */\n groupId?: string\n /**\n * Id of the healthcare party if the user is a healthcare party.\n */\n healthcarePartyId?: string\n /**\n * Id of the patient if the user is a patient\n */\n patientId?: string\n /**\n * Id of the device if the user is a device\n */\n deviceId?: string\n /**\n * Delegations that are automatically generated client side when a new database object is created by this user\n */\n autoDelegations?: { [key in User.AutoDelegationTagEnum]?: Array<string> }\n /**\n * the timestamp (unix epoch in ms) of creation of the user, will be filled automatically if missing. Not enforced by the application server.\n */\n createdDate?: number\n /**\n * the timestamp (unix epoch in ms) of the latest validation of the terms of use of the application\n */\n termsOfUseDate?: number\n /**\n * email address of the user (used for token exchange or password recovery).\n */\n email?: string\n /**\n * mobile phone of the user (used for token exchange or password recovery).\n */\n mobilePhone?: string\n applicationTokens?: { [key: string]: string }\n /**\n * Encrypted and time-limited Authentication tokens used for inter-applications authentication\n */\n authenticationTokens?: { [key: string]: AuthenticationToken }\n /**\n * System metadata for the user: this configuration is read only, and defined only when using the cloud version of iCure.\n */\n systemMetadata?: User.SystemMetadata\n}\nexport namespace User {\n export type TypeEnum = 'database' | 'ldap' | 'token'\n export const TypeEnum = {\n Database: 'database' as TypeEnum,\n Ldap: 'ldap' as TypeEnum,\n Token: 'token' as TypeEnum,\n }\n export type StatusEnum = 'ACTIVE' | 'DISABLED' | 'REGISTERING'\n export const StatusEnum = {\n ACTIVE: 'ACTIVE' as StatusEnum,\n DISABLED: 'DISABLED' as StatusEnum,\n REGISTERING: 'REGISTERING' as StatusEnum,\n }\n export type AutoDelegationTagEnum =\n | 'all'\n | 'administrativeData'\n | 'generalInformation'\n | 'financialInformation'\n | 'medicalInformation'\n | 'sensitiveInformation'\n | 'confidentialInformation'\n | 'cdItemRisk'\n | 'cdItemFamilyRisk'\n | 'cdItemHealthcareelement'\n | 'cdItemHealthcareapproach'\n | 'cdItemAllergy'\n | 'cdItemDiagnosis'\n | 'cdItemLab'\n | 'cdItemResult'\n | 'cdItemParameter'\n | 'cdItemMedication'\n | 'cdItemTreatment'\n | 'cdItemVaccine'\n export const AutoDelegationTagEnum = {\n all: 'all' as AutoDelegationTagEnum,\n administrativeData: 'administrativeData' as AutoDelegationTagEnum,\n generalInformation: 'generalInformation' as AutoDelegationTagEnum,\n financialInformation: 'financialInformation' as AutoDelegationTagEnum,\n medicalInformation: 'medicalInformation' as AutoDelegationTagEnum,\n sensitiveInformation: 'sensitiveInformation' as AutoDelegationTagEnum,\n confidentialInformation: 'confidentialInformation' as AutoDelegationTagEnum,\n cdItemRisk: 'cdItemRisk' as AutoDelegationTagEnum,\n cdItemFamilyRisk: 'cdItemFamilyRisk' as AutoDelegationTagEnum,\n cdItemHealthcareelement: 'cdItemHealthcareelement' as AutoDelegationTagEnum,\n cdItemHealthcareapproach: 'cdItemHealthcareapproach' as AutoDelegationTagEnum,\n cdItemAllergy: 'cdItemAllergy' as AutoDelegationTagEnum,\n cdItemDiagnosis: 'cdItemDiagnosis' as AutoDelegationTagEnum,\n cdItemLab: 'cdItemLab' as AutoDelegationTagEnum,\n cdItemResult: 'cdItemResult' as AutoDelegationTagEnum,\n cdItemParameter: 'cdItemParameter' as AutoDelegationTagEnum,\n cdItemMedication: 'cdItemMedication' as AutoDelegationTagEnum,\n cdItemTreatment: 'cdItemTreatment' as AutoDelegationTagEnum,\n cdItemVaccine: 'cdItemVaccine' as AutoDelegationTagEnum,\n }\n\n export class SystemMetadata {\n constructor(json: JSON | any) {\n Object.assign(this as User, json)\n }\n\n /**\n * The roles of the user that the cloud environment recognizes\n */\n roles?: string[]\n /**\n * If the user is considered as an admin by the cloud environment\n */\n isAdmin?: boolean\n /**\n * True if the content of roles is inherited from the user's group configuration, false if the roles are defined specifically for the use\n */\n inheritsRoles?: boolean\n }\n}\n"]}
|
|
@@ -50,13 +50,29 @@ export declare class ExchangeData {
|
|
|
50
50
|
[keyPairFingerprint: string]: string;
|
|
51
51
|
};
|
|
52
52
|
/**
|
|
53
|
-
*
|
|
54
|
-
* the
|
|
55
|
-
* will contain the signature by fingerprint of the public key to use for verification.
|
|
53
|
+
* Encrypted signature key (hmac-sha256) shared between delegate and delegator, to allow either of them to modify
|
|
54
|
+
* the exchange data, without voiding the authenticity guarantee.
|
|
56
55
|
*/
|
|
57
|
-
|
|
56
|
+
sharedSignatureKey: {
|
|
58
57
|
[keyPairFingerprint: string]: string;
|
|
59
58
|
};
|
|
59
|
+
/**
|
|
60
|
+
* Signature to ensure the key data has not been tampered with by third parties (any actor without access to the
|
|
61
|
+
* keypair of the delegator/delegate): when creating new exchange data the delegator will create a new hmac key and
|
|
62
|
+
* sign it with his own private key.
|
|
63
|
+
* This field will contain the signature by fingerprint of the public key to use for verification.
|
|
64
|
+
*/
|
|
65
|
+
delegatorSignature: {
|
|
66
|
+
[keyPairFingerprint: string]: string;
|
|
67
|
+
};
|
|
68
|
+
/**
|
|
69
|
+
* Base 64 signature of the exchange data, to ensure it was not tampered by third parties. This signature validates:
|
|
70
|
+
* - The (decrypted) exchange key
|
|
71
|
+
* - The (decrypted) access control secret
|
|
72
|
+
* - The delegator and delegates being part of the exchange data
|
|
73
|
+
* - The public keys used in the exchange data (allows to consider them as verified in a second moment).
|
|
74
|
+
*/
|
|
75
|
+
sharedSignature: string;
|
|
60
76
|
/**
|
|
61
77
|
* hard delete (unix epoch in ms) timestamp of the object. Filled automatically when the delete method is called.
|
|
62
78
|
*/
|
|
@@ -6,8 +6,14 @@ exports.ExchangeData = void 0;
|
|
|
6
6
|
*/
|
|
7
7
|
class ExchangeData {
|
|
8
8
|
constructor(json) {
|
|
9
|
-
if (!json.delegator ||
|
|
10
|
-
|
|
9
|
+
if (!json.delegator ||
|
|
10
|
+
!json.delegate ||
|
|
11
|
+
!json.exchangeKey ||
|
|
12
|
+
!json.accessControlSecret ||
|
|
13
|
+
!json.sharedSignatureKey ||
|
|
14
|
+
!json.sharedSignature ||
|
|
15
|
+
!json.delegatorSignature)
|
|
16
|
+
throw new Error(`Exchange data json is missing required properties.\n${JSON.stringify(json, undefined, 2)}`);
|
|
11
17
|
Object.assign(this, json);
|
|
12
18
|
}
|
|
13
19
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ExchangeData.js","sourceRoot":"","sources":["../../../../icc-api/model/internal/ExchangeData.ts"],"names":[],"mappings":";;;AAAA;;GAEG;AACH,MAAa,YAAY;IACvB,YAAY,IAAgB;QAC1B,
|
|
1
|
+
{"version":3,"file":"ExchangeData.js","sourceRoot":"","sources":["../../../../icc-api/model/internal/ExchangeData.ts"],"names":[],"mappings":";;;AAAA;;GAEG;AACH,MAAa,YAAY;IACvB,YAAY,IAAgB;QAC1B,IACE,CAAC,IAAI,CAAC,SAAS;YACf,CAAC,IAAI,CAAC,QAAQ;YACd,CAAC,IAAI,CAAC,WAAW;YACjB,CAAC,IAAI,CAAC,mBAAmB;YACzB,CAAC,IAAI,CAAC,kBAAkB;YACxB,CAAC,IAAI,CAAC,eAAe;YACrB,CAAC,IAAI,CAAC,kBAAkB;YAExB,MAAM,IAAI,KAAK,CAAC,uDAAuD,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC,EAAE,CAAC,CAAA;QAC9G,MAAM,CAAC,MAAM,CAAC,IAAoB,EAAE,IAAI,CAAC,CAAA;IAC3C,CAAC;CAoEF;AAjFD,oCAiFC","sourcesContent":["/**\n * @internal this entity is meant for internal use only\n */\nexport class ExchangeData {\n constructor(json: JSON | any) {\n if (\n !json.delegator ||\n !json.delegate ||\n !json.exchangeKey ||\n !json.accessControlSecret ||\n !json.sharedSignatureKey ||\n !json.sharedSignature ||\n !json.delegatorSignature\n )\n throw new Error(`Exchange data json is missing required properties.\\n${JSON.stringify(json, undefined, 2)}`)\n Object.assign(this as ExchangeData, json)\n }\n\n /**\n * the Id of the exchange data. We encourage using either a v4 UUID or a HL7 Id.\n */\n id?: string\n /**\n * the revision of the exchange data in the database, used for conflict management / optimistic locking.\n */\n rev?: string\n /**\n * ID of the data owner which created this exchange data, in order to share some data with the [delegate].\n */\n delegator!: string\n /**\n * ID of a data owner which can use this exchange data to access data shared with him by [delegator].\n */\n delegate!: string\n /**\n * Aes key to use for sharing data from the delegator to the delegate, encrypted with the public keys of both delegate\n * and delegator. This key should never be sent decrypted to the server, as it allows to read medical data.\n */\n exchangeKey!: { [keyPairFingerprint: string]: string }\n /**\n * Key used for access control to data shared from the delegator to the delegate, encrypted with the public keys of both\n * delegate and delegator.\n *\n * This key will be used by the client to calculate the keys of [HasSecureDelegationsAccessControl.securityMetadata] which\n * allows to implement a form of access control where the identity of data owners with access to a specific entity can't be\n * deduced from the database alone. This is useful for example to allow patients to access their medical data without creating\n * a deducible link between the patient and the medical data in the database.\n *\n * There are no strict requirements on how the client should use this secret to create the security metadata key, but for\n * authentication the client must be able to provide a 128 bit long access control key (see [DataOwnerAuthenticationDetails.accessControlKeys])\n * which once hashed using sha256 will give the key of the security metadata.\n * However, in order to avoid introducing undesired links between entities which could be detrimental to the patients privacy\n * the access control keys should be created also using information on the entity class and confidentiality level of information\n * in applications where hcps share information using a hierarchical structure.\n * ```\n * accessControlKey = sha256Bytes(accessControlSecret + entityClass + confidentialityLevel).take(16)\n * securityMetadataKey = sha256Hex(accessControlKey)\n * ```\n */\n accessControlSecret!: { [keyPairFingerprint: string]: string }\n /**\n * Encrypted signature key (hmac-sha256) shared between delegate and delegator, to allow either of them to modify\n * the exchange data, without voiding the authenticity guarantee.\n */\n sharedSignatureKey!: { [keyPairFingerprint: string]: string }\n /**\n * Signature to ensure the key data has not been tampered with by third parties (any actor without access to the\n * keypair of the delegator/delegate): when creating new exchange data the delegator will create a new hmac key and\n * sign it with his own private key.\n * This field will contain the signature by fingerprint of the public key to use for verification.\n */\n delegatorSignature!: { [keyPairFingerprint: string]: string }\n /**\n * Base 64 signature of the exchange data, to ensure it was not tampered by third parties. This signature validates:\n * - The (decrypted) exchange key\n * - The (decrypted) access control secret\n * - The delegator and delegates being part of the exchange data\n * - The public keys used in the exchange data (allows to consider them as verified in a second moment).\n */\n sharedSignature!: string\n /**\n * hard delete (unix epoch in ms) timestamp of the object. Filled automatically when the delete method is called.\n */\n deletionDate?: number\n}\n"]}
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @internal this entity is meant for internal use only
|
|
3
|
+
*/
|
|
4
|
+
export declare class RecoveryData {
|
|
5
|
+
constructor(json: JSON | any);
|
|
6
|
+
id?: string;
|
|
7
|
+
rev?: string;
|
|
8
|
+
/**
|
|
9
|
+
* Id of the data owner that this recovery data is meant for
|
|
10
|
+
*/
|
|
11
|
+
recipient: string;
|
|
12
|
+
/**
|
|
13
|
+
* Encrypted recovery data. The structure of the decrypted data depends on the [type] of the recovery data.
|
|
14
|
+
*/
|
|
15
|
+
encryptedSelf: string;
|
|
16
|
+
/**
|
|
17
|
+
* Type of the recovery data.
|
|
18
|
+
*/
|
|
19
|
+
type: RecoveryData.Type;
|
|
20
|
+
/**
|
|
21
|
+
* Timestamp (unix epoch in ms) at which this recovery data will expire. If null, this recovery data will never
|
|
22
|
+
* expire. Negative values or zero mean the data is already expired.
|
|
23
|
+
*/
|
|
24
|
+
expirationInstant?: number;
|
|
25
|
+
/**
|
|
26
|
+
* hard delete (unix epoch in ms) timestamp of the object. Filled automatically when the delete method is called.
|
|
27
|
+
*/
|
|
28
|
+
deletionDate?: number;
|
|
29
|
+
}
|
|
30
|
+
export declare namespace RecoveryData {
|
|
31
|
+
/**
|
|
32
|
+
* Represents possible types of recovery data.
|
|
33
|
+
*/
|
|
34
|
+
enum Type {
|
|
35
|
+
/**
|
|
36
|
+
* This recovery data is meant to be used to recover a keypair of the recipient. This could be for making a key
|
|
37
|
+
* available on another device, or for recovering a keypair that has been fully lost.
|
|
38
|
+
*/
|
|
39
|
+
KEYPAIR_RECOVERY = "KEYPAIR_RECOVERY",
|
|
40
|
+
/**
|
|
41
|
+
* This recovery data is meant to be used to recover an exchange key of the recipient. The main purpose of this
|
|
42
|
+
* is to allow data owners to share data with other data owners that do not have created a keypair yet, but it
|
|
43
|
+
* can also be used as part of the give-access-back recovery mechanism.
|
|
44
|
+
*/
|
|
45
|
+
EXCHANGE_KEY_RECOVERY = "EXCHANGE_KEY_RECOVERY"
|
|
46
|
+
}
|
|
47
|
+
}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.RecoveryData = void 0;
|
|
4
|
+
/**
|
|
5
|
+
* @internal this entity is meant for internal use only
|
|
6
|
+
*/
|
|
7
|
+
class RecoveryData {
|
|
8
|
+
constructor(json) {
|
|
9
|
+
if (!json.recipient || !json.encryptedSelf || !json.type)
|
|
10
|
+
throw new Error(`Recovery data json is missing required properties.\n${JSON.stringify(json)}`);
|
|
11
|
+
Object.assign(this, json);
|
|
12
|
+
}
|
|
13
|
+
}
|
|
14
|
+
exports.RecoveryData = RecoveryData;
|
|
15
|
+
(function (RecoveryData) {
|
|
16
|
+
/**
|
|
17
|
+
* Represents possible types of recovery data.
|
|
18
|
+
*/
|
|
19
|
+
let Type;
|
|
20
|
+
(function (Type) {
|
|
21
|
+
/**
|
|
22
|
+
* This recovery data is meant to be used to recover a keypair of the recipient. This could be for making a key
|
|
23
|
+
* available on another device, or for recovering a keypair that has been fully lost.
|
|
24
|
+
*/
|
|
25
|
+
Type["KEYPAIR_RECOVERY"] = "KEYPAIR_RECOVERY";
|
|
26
|
+
/**
|
|
27
|
+
* This recovery data is meant to be used to recover an exchange key of the recipient. The main purpose of this
|
|
28
|
+
* is to allow data owners to share data with other data owners that do not have created a keypair yet, but it
|
|
29
|
+
* can also be used as part of the give-access-back recovery mechanism.
|
|
30
|
+
*/
|
|
31
|
+
Type["EXCHANGE_KEY_RECOVERY"] = "EXCHANGE_KEY_RECOVERY";
|
|
32
|
+
})(Type = RecoveryData.Type || (RecoveryData.Type = {}));
|
|
33
|
+
})(RecoveryData = exports.RecoveryData || (exports.RecoveryData = {}));
|
|
34
|
+
//# sourceMappingURL=RecoveryData.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"RecoveryData.js","sourceRoot":"","sources":["../../../../icc-api/model/internal/RecoveryData.ts"],"names":[],"mappings":";;;AAAA;;GAEG;AACH,MAAa,YAAY;IACvB,YAAY,IAAgB;QAC1B,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,CAAC,aAAa,IAAI,CAAC,IAAI,CAAC,IAAI;YACtD,MAAM,IAAI,KAAK,CAAC,uDAAuD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QAChG,MAAM,CAAC,MAAM,CAAC,IAAoB,EAAE,IAAI,CAAC,CAAA;IAC3C,CAAC;CAyBF;AA9BD,oCA8BC;AACD,WAAiB,YAAY;IAC3B;;OAEG;IACH,IAAY,IAYX;IAZD,WAAY,IAAI;QACd;;;WAGG;QACH,6CAAqC,CAAA;QACrC;;;;WAIG;QACH,uDAA+C,CAAA;IACjD,CAAC,EAZW,IAAI,GAAJ,iBAAI,KAAJ,iBAAI,QAYf;AACH,CAAC,EAjBgB,YAAY,GAAZ,oBAAY,KAAZ,oBAAY,QAiB5B","sourcesContent":["/**\n * @internal this entity is meant for internal use only\n */\nexport class RecoveryData {\n constructor(json: JSON | any) {\n if (!json.recipient || !json.encryptedSelf || !json.type)\n throw new Error(`Recovery data json is missing required properties.\\n${JSON.stringify(json)}`)\n Object.assign(this as RecoveryData, json)\n }\n\n id?: string\n rev?: string\n /**\n * Id of the data owner that this recovery data is meant for\n */\n recipient!: string\n /**\n * Encrypted recovery data. The structure of the decrypted data depends on the [type] of the recovery data.\n */\n encryptedSelf!: string\n /**\n * Type of the recovery data.\n */\n type!: RecoveryData.Type\n /**\n * Timestamp (unix epoch in ms) at which this recovery data will expire. If null, this recovery data will never\n * expire. Negative values or zero mean the data is already expired.\n */\n expirationInstant?: number\n /**\n * hard delete (unix epoch in ms) timestamp of the object. Filled automatically when the delete method is called.\n */\n deletionDate?: number\n}\nexport namespace RecoveryData {\n /**\n * Represents possible types of recovery data.\n */\n export enum Type {\n /**\n * This recovery data is meant to be used to recover a keypair of the recipient. This could be for making a key\n * available on another device, or for recovering a keypair that has been fully lost.\n */\n KEYPAIR_RECOVERY = 'KEYPAIR_RECOVERY',\n /**\n * This recovery data is meant to be used to recover an exchange key of the recipient. The main purpose of this\n * is to allow data owners to share data with other data owners that do not have created a keypair yet, but it\n * can also be used as part of the give-access-back recovery mechanism.\n */\n EXCHANGE_KEY_RECOVERY = 'EXCHANGE_KEY_RECOVERY',\n }\n}\n"]}
|
|
@@ -20,6 +20,7 @@ export declare class JwtBridgedAuthService implements AuthService {
|
|
|
20
20
|
token: string;
|
|
21
21
|
refreshToken: string;
|
|
22
22
|
} | undefined>;
|
|
23
|
+
getJWT(): Promise<string | undefined>;
|
|
23
24
|
getAuthHeaders(): Promise<Array<Header>>;
|
|
24
25
|
private _refreshAuthJwt;
|
|
25
26
|
private _loginAndGetTokens;
|
|
@@ -32,7 +32,7 @@ class JwtBridgedAuthService {
|
|
|
32
32
|
getIcureTokens() {
|
|
33
33
|
return this.getAuthHeaders().then(() => this._currentPromise.then(({ authJwt, refreshJwt }) => ({ token: authJwt, refreshToken: refreshJwt })));
|
|
34
34
|
}
|
|
35
|
-
|
|
35
|
+
getJWT() {
|
|
36
36
|
return __awaiter(this, void 0, void 0, function* () {
|
|
37
37
|
return this._currentPromise
|
|
38
38
|
.then(({ authJwt, refreshJwt }) => {
|
|
@@ -52,8 +52,15 @@ class JwtBridgedAuthService {
|
|
|
52
52
|
throw this._error;
|
|
53
53
|
}
|
|
54
54
|
return this._currentPromise;
|
|
55
|
-
})
|
|
56
|
-
|
|
55
|
+
}).then(({ authJwt }) => {
|
|
56
|
+
return authJwt;
|
|
57
|
+
});
|
|
58
|
+
});
|
|
59
|
+
}
|
|
60
|
+
getAuthHeaders() {
|
|
61
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
62
|
+
return this.getJWT()
|
|
63
|
+
.then((authJwt) => {
|
|
57
64
|
return [new XHR_1.XHR.Header('Authorization', `Bearer ${authJwt}`)];
|
|
58
65
|
});
|
|
59
66
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JwtBridgedAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtBridgedAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAE3C,2EAAuE;AAEvE,oCAA8B;AAE9B,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAE9B;;GAEG;AACH,MAAa,qBAAqB;IAIhC,YACU,OAAmB,EACnB,QAAgB,EAChB,QAAgB,EAChB,mBAAqD,EAAE;QAHvD,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,qBAAgB,GAAhB,gBAAgB,CAAuC;QAPzD,WAAM,GAAiB,IAAI,CAAA;QAC3B,oBAAe,GAAuD,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;IAO9F,CAAC;IAEJ,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAiB,CAAC,CAAA;IAC9D,CAAC;IACD,cAAc;QACZ,OAAO,IAAI,CAAC,cAAc,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,OAAQ,EAAE,YAAY,EAAE,UAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IACnJ,CAAC;IAEK,
|
|
1
|
+
{"version":3,"file":"JwtBridgedAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtBridgedAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAE3C,2EAAuE;AAEvE,oCAA8B;AAE9B,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAE9B;;GAEG;AACH,MAAa,qBAAqB;IAIhC,YACU,OAAmB,EACnB,QAAgB,EAChB,QAAgB,EAChB,mBAAqD,EAAE;QAHvD,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,qBAAgB,GAAhB,gBAAgB,CAAuC;QAPzD,WAAM,GAAiB,IAAI,CAAA;QAC3B,oBAAe,GAAuD,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;IAO9F,CAAC;IAEJ,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAiB,CAAC,CAAA;IAC9D,CAAC;IACD,cAAc;QACZ,OAAO,IAAI,CAAC,cAAc,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,OAAQ,EAAE,YAAY,EAAE,UAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IACnJ,CAAC;IAEK,MAAM;;YACV,OAAO,IAAI,CAAC,eAAe;iBACxB,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE;gBAChC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,EAAE;oBACpD,+CAA+C;oBAC/C,6CAA6C;oBAE7C,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE;wBAC7E,6BAA6B;wBAC7B,iCAAiC;wBACjC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;4BAC1B,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAA;yBACnF;wBAED,OAAO,aAAa,CAAA;oBACtB,CAAC,CAAC,CAAA;iBACH;qBAAM,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE;oBACxB,MAAM,IAAI,CAAC,MAAM,CAAA;iBAClB;gBACD,OAAO,IAAI,CAAC,eAAe,CAAA;YAC7B,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAC,OAAO,EAAC,EAAE,EAAE;gBACpB,OAAO,OAAO,CAAA;YAChB,CAAC,CAAC,CAAA;QACN,CAAC;KAAA;IAEK,cAAc;;YAClB,OAAO,IAAI,CAAC,MAAM,EAAE;iBACjB,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;gBAChB,OAAO,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,OAAO,EAAE,CAAC,CAAC,CAAA;YAC/D,CAAC,CAAC,CAAA;QACN,CAAC;KAAA;IAEa,eAAe,CAAC,UAA8B;;YAC1D,gEAAgE;YAChE,yBAAyB;YACzB,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,EAAE;gBAC1D,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAA;aACjC;iBAAM;gBACL,OAAO,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;oBAClF,OAAO,EAAE,eAAe,CAAC,KAAK;oBAC9B,UAAU,EAAE,UAAU;iBACvB,CAAC,CAAC,CAAA;aACJ;QACH,CAAC;KAAA;IAEa,kBAAkB;;YAC9B,IAAI,YAAgD,CAAA;YACpD,IAAI,UAAgC,CAAA;YACpC,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,EAAE;gBAClC,IAAI;oBACF,YAAY,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CACrC,IAAI,mCAAgB,CAAC;wBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;qBACxB,CAAC,CACH,CAAA;iBACF;gBAAC,OAAO,CAAC,EAAE;oBACV,UAAU,GAAG,CAAa,CAAA;iBAC3B;aACF;YACD,IAAI,CAAC,YAAY,EAAE;gBACjB,YAAY,GAAG,MAAO,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAiC,CAAC,MAAM,CAAC,CAAO,GAAG,EAAE,CAAC,UAAU,EAAE,KAAK,CAAC,EAAE,EAAE;oBACpI,MAAM,IAAI,GAAG,MAAM,GAAG,CAAA;oBACtB,OAAO,CACL,IAAI,aAAJ,IAAI,cAAJ,IAAI,GACJ,CAAC,KAAK;wBACJ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;4BACnE,IAAI,CAAC,UAAU,EAAE;gCACf,UAAU,GAAG,CAAa,CAAA;6BAC3B;4BACD,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;wBAChD,CAAC,CAAC;wBACJ,CAAC,CAAC,SAAS,CAAC,CACf,CAAA;gBACH,CAAC,CAAA,EAAE,OAAO,CAAC,OAAO,EAAiD,CAAC,CAAA;aACrE;YAED,IAAI,CAAC,YAAY,EAAE;gBACjB,IAAI,UAAU;oBAAE,MAAM,UAAU,CAAA;gBAChC,MAAM,IAAI,QAAQ,CAAC,EAAE,EAAE,eAAe,EAAE,GAAG,EAAE,cAAc,EAAE,IAAI,OAAO,EAAE,CAAC,CAAA;aAC5E;YAED,OAAO;gBACL,OAAO,EAAE,YAAY,CAAC,KAAK;gBAC3B,UAAU,EAAE,YAAY,CAAC,YAAY;aACtC,CAAA;QACH,CAAC;KAAA;IAEO,sBAAsB,CAAC,GAAW;QACxC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC5B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;YACtB,OAAO,IAAI,CAAA;SACZ;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QAC5C,mGAAmG;QACnG,OAAO,CAAC,CAAC,KAAK,IAAI,OAAO,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;IAC5E,CAAC;IAEO,aAAa,CAAC,aAAqB;QACzC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAA,WAAG,EAAC,aAAa,CAAC,CAAC,CAAA;IACvC,CAAC;IAED,gBAAgB,CAAC,KAAY;QAC3B,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;IACrB,CAAC;IAED,cAAc;QACZ,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAA;IACtB,CAAC;CACF;AA/HD,sDA+HC","sourcesContent":["import { AuthService } from './AuthService'\nimport { XHR } from '../../icc-api/api/XHR'\nimport { IccAuthApi, OAuthThirdParty } from '../../icc-api'\nimport { LoginCredentials } from '../../icc-api/model/LoginCredentials'\nimport Header = XHR.Header\nimport { a2b } from '../utils'\nimport { AuthenticationResponse } from '../../icc-api/model/AuthenticationResponse'\nimport XHRError = XHR.XHRError\n\n/**\n * Differs from JwtAuthService in that it can create new refresh tokens if the old one is expired\n */\nexport class JwtBridgedAuthService implements AuthService {\n private _error: Error | null = null\n private _currentPromise: Promise<{ authJwt?: string; refreshJwt?: string }> = Promise.resolve({})\n\n constructor(\n private authApi: IccAuthApi,\n private username: string,\n private password: string,\n private thirdPartyTokens: { [thirdParty: string]: string } = {}\n ) {}\n\n get refreshToken(): Promise<string | undefined> {\n return this._currentPromise.then((x) => x.refreshJwt as any)\n }\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.getAuthHeaders().then(() => this._currentPromise.then(({ authJwt, refreshJwt }) => ({ token: authJwt!, refreshToken: refreshJwt! })))\n }\n\n async getJWT(): Promise<string | undefined> {\n return this._currentPromise\n .then(({ authJwt, refreshJwt }) => {\n if (!authJwt || this._isJwtInvalidOrExpired(authJwt)) {\n // If it does not have the JWT, tries to get it\n // If the JWT is expired, tries to refresh it\n\n this._currentPromise = this._refreshAuthJwt(refreshJwt).then((updatedTokens) => {\n // If here the token is null,\n // it goes in a suspension status\n if (!updatedTokens.authJwt) {\n throw new Error('Your iCure back-end version does not support JWT authentication')\n }\n\n return updatedTokens\n })\n } else if (!!this._error) {\n throw this._error\n }\n return this._currentPromise\n }).then(({authJwt}) => {\n return authJwt\n })\n }\n\n async getAuthHeaders(): Promise<Array<Header>> {\n return this.getJWT()\n .then((authJwt) => {\n return [new XHR.Header('Authorization', `Bearer ${authJwt}`)]\n })\n }\n\n private async _refreshAuthJwt(refreshJwt: string | undefined): Promise<{ authJwt?: string; refreshJwt?: string }> {\n // If I do not have a refresh JWT or the refresh JWT is expired,\n // I have to log in again\n if (!refreshJwt || this._isJwtInvalidOrExpired(refreshJwt)) {\n return this._loginAndGetTokens()\n } else {\n return this.authApi.refreshAuthenticationJWT(refreshJwt).then((refreshResponse) => ({\n authJwt: refreshResponse.token,\n refreshJwt: refreshJwt,\n }))\n }\n }\n\n private async _loginAndGetTokens(): Promise<{ authJwt?: string; refreshJwt?: string }> {\n let authResponse: AuthenticationResponse | undefined\n let firstError: XHRError | undefined\n if (this.username && this.password) {\n try {\n authResponse = await this.authApi.login(\n new LoginCredentials({\n username: this.username,\n password: this.password,\n })\n )\n } catch (e) {\n firstError = e as XHRError\n }\n }\n if (!authResponse) {\n authResponse = await (Object.entries(this.thirdPartyTokens) as [OAuthThirdParty, string][]).reduce(async (acc, [thirdParty, token]) => {\n const prev = await acc\n return (\n prev ??\n (token\n ? this.authApi.loginWithThirdPartyToken(thirdParty, token).catch((e) => {\n if (!firstError) {\n firstError = e as XHRError\n }\n return Promise.resolve() as Promise<undefined>\n })\n : undefined)\n )\n }, Promise.resolve() as Promise<AuthenticationResponse | undefined>)\n }\n\n if (!authResponse) {\n if (firstError) throw firstError\n throw new XHRError('', 'Unknown error', 401, 'Unauthorized', new Headers())\n }\n\n return {\n authJwt: authResponse.token,\n refreshJwt: authResponse.refreshToken,\n }\n }\n\n private _isJwtInvalidOrExpired(jwt: string): boolean {\n const parts = jwt.split('.')\n if (parts.length !== 3) {\n return true\n }\n const payload = this._base64Decode(parts[1])\n // Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.\n return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime()\n }\n\n private _base64Decode(encodedString: string): any {\n return JSON.parse(a2b(encodedString))\n }\n\n invalidateHeader(error: Error): void {\n this._error = error\n }\n\n isInErrorState(): boolean {\n return !!this._error\n }\n}\n"]}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { IccDataOwnerXApi } from '../icc-data-owner-x-api';
|
|
2
2
|
import { KeyPair } from './RSA';
|
|
3
3
|
import { ExchangeData } from '../../icc-api/model/internal/ExchangeData';
|
|
4
|
-
import { IccExchangeDataApi } from '../../icc-api/api/IccExchangeDataApi';
|
|
4
|
+
import { IccExchangeDataApi } from '../../icc-api/api/internal/IccExchangeDataApi';
|
|
5
5
|
import { CryptoPrimitives } from './CryptoPrimitives';
|
|
6
6
|
/**
|
|
7
7
|
* @internal this class is intended for internal use only and may be modified without notice
|
|
@@ -35,27 +35,27 @@ export declare class BaseExchangeDataManager {
|
|
|
35
35
|
* @return the exchange data with the provided id or undefined if no exchange data with such id could be found.
|
|
36
36
|
*/
|
|
37
37
|
getExchangeDataById(exchangeDataId: string): Promise<ExchangeData | undefined>;
|
|
38
|
-
/**
|
|
39
|
-
* Filters exchange data returning only the instances that could be verified using their signature and the provided verification
|
|
40
|
-
* keys.
|
|
41
|
-
* Note that all exchange data created by data owners other than the current data owner (including members of his hierarchy)
|
|
42
|
-
* will always be unverified.
|
|
43
|
-
* @param exchangeData the exchange data to verify.
|
|
44
|
-
* @param getVerificationKey function to retrieve keys to use for verification by fingerprint.
|
|
45
|
-
* @return the exchange data which could be verified given his signature and the available verification keys.
|
|
46
|
-
* @throws if any of the provided exchange data has been created by a data owner other than the current data owner.
|
|
47
|
-
*/
|
|
48
|
-
filterVerifiedExchangeData(exchangeData: ExchangeData[], getVerificationKey: (publicKeyFingerprint: string) => Promise<CryptoKey | undefined>): Promise<ExchangeData[]>;
|
|
49
38
|
/**
|
|
50
39
|
* Verifies the authenticity of the exchange data by checking the signature.
|
|
51
40
|
* Note that all exchange data created by data owners other than the current data owner (including members of his hierarchy)
|
|
52
41
|
* will always be unverified.
|
|
53
|
-
* @param
|
|
42
|
+
* @param data collects the following information about the exchange data being verified:
|
|
43
|
+
* - exchangeData the exchange data to verify.
|
|
44
|
+
* - decryptedAccessControlSecret the access control secret decrypted from the exchange data.
|
|
45
|
+
* - decryptedExchangeKey the exchange key decrypted from the exchange data.
|
|
46
|
+
* - decryptedSharedSignatureKey the shared signature key decrypted from the exchange data.
|
|
54
47
|
* @param getVerificationKey function to retrieve keys to use for verification by fingerprint.
|
|
48
|
+
* @param verifyAsDelegator if true the method will also verify that the hmac key used for the signature was created by the delegator of the
|
|
49
|
+
* exchange data. If true and the data was not created by the current data owner this method will return false.
|
|
55
50
|
* @return the exchange data which could be verified given his signature and the available verification keys.
|
|
56
51
|
* @throws if any of the provided exchange data has been created by a data owner other than the current data owner.
|
|
57
52
|
*/
|
|
58
|
-
verifyExchangeData(
|
|
53
|
+
verifyExchangeData(data: {
|
|
54
|
+
exchangeData: ExchangeData;
|
|
55
|
+
decryptedAccessControlSecret: string;
|
|
56
|
+
decryptedExchangeKey: CryptoKey;
|
|
57
|
+
decryptedSharedSignatureKey: CryptoKey;
|
|
58
|
+
}, getVerificationKey: (publicKeyFingerprint: string) => Promise<CryptoKey | undefined>, verifyAsDelegator: boolean): Promise<boolean>;
|
|
59
59
|
/**
|
|
60
60
|
* Extracts and decrypts the access control secret from the provided exchange data.
|
|
61
61
|
* These need to be hashed together with the entity class and confidentiality level in order to get the actual access control key
|
|
@@ -86,6 +86,20 @@ export declare class BaseExchangeDataManager {
|
|
|
86
86
|
successfulDecryptions: CryptoKey[];
|
|
87
87
|
failedDecryptions: ExchangeData[];
|
|
88
88
|
}>;
|
|
89
|
+
/**
|
|
90
|
+
* Extract and decrypts the shared signature key from the provided exchange data.
|
|
91
|
+
* @param exchangeData the exchange data from which to extract exchange keys.
|
|
92
|
+
* @param decryptionKeys rsa key pairs to use for the decryption of the exchange keys.
|
|
93
|
+
* @return an object composed of:
|
|
94
|
+
* - successfulDecryptions: array containing the successfully decrypted exchange keys.
|
|
95
|
+
* - failedDecryptions: array containing all exchange data for which the access control key could not be decrypted (using the provided keys).
|
|
96
|
+
*/
|
|
97
|
+
tryDecryptSharedSignatureKeys(exchangeData: ExchangeData[], decryptionKeys: {
|
|
98
|
+
[publicKeyFingerprint: string]: KeyPair<CryptoKey>;
|
|
99
|
+
}): Promise<{
|
|
100
|
+
successfulDecryptions: CryptoKey[];
|
|
101
|
+
failedDecryptions: ExchangeData[];
|
|
102
|
+
}>;
|
|
89
103
|
private tryDecryptExchangeData;
|
|
90
104
|
private tryDecrypt;
|
|
91
105
|
/**
|
|
@@ -113,15 +127,9 @@ export declare class BaseExchangeDataManager {
|
|
|
113
127
|
* where one of the data owners involved in the exchange data has lost one of his keys.
|
|
114
128
|
* If the content of the exchange data could not be decrypted using the provided keys the method will not update anything and will return undefined.
|
|
115
129
|
* This method assumes that the new encryption keys have been verified.
|
|
116
|
-
* If the current data owner is also the delegator of the provided exchange data and at least one of the verification keys can be used to
|
|
117
|
-
* validate the current exchange data then the signature will be updated using the signature keys.
|
|
118
|
-
* Instead, if the current data owner is not the delegator of the provided exchange data, or the exchange data could not be verified using
|
|
119
|
-
* the provided verification keys then the updated exchange data will become unverified, and won't ever be verifiable again.
|
|
120
130
|
* @param exchangeData exchange data to update.
|
|
121
131
|
* @param decryptionKeys keys to use to extract the content of the exchange data which will be shared with the new keys.
|
|
122
|
-
* @param signatureKeys keys to use for the new signature of the updated exchange data.
|
|
123
132
|
* @param newEncryptionKeys new keys to add to the exchange data.
|
|
124
|
-
* @param getVerificationKey function to retrieve keys to use for verification by fingerprint.
|
|
125
133
|
* @return the updated exchange data, and its decrypted exchange key and access control secret, or undefined if the exchange data content could not
|
|
126
134
|
* be decrypted and the exchange data could not be updated.
|
|
127
135
|
*/
|
|
@@ -129,18 +137,22 @@ export declare class BaseExchangeDataManager {
|
|
|
129
137
|
[publicKeyFingerprint: string]: KeyPair<CryptoKey>;
|
|
130
138
|
}, newEncryptionKeys: {
|
|
131
139
|
[keyPairFingerprint: string]: CryptoKey;
|
|
132
|
-
}
|
|
133
|
-
[keyPairFingerprint: string]: CryptoKey;
|
|
134
|
-
}, getVerificationKey: (publicKeyFingerprint: string) => Promise<CryptoKey | undefined>): Promise<{
|
|
140
|
+
}): Promise<{
|
|
135
141
|
exchangeData: ExchangeData;
|
|
136
142
|
exchangeKey: CryptoKey;
|
|
137
143
|
accessControlSecret: string;
|
|
138
144
|
} | undefined>;
|
|
139
|
-
private
|
|
145
|
+
private bytesToSignForSharedSignature;
|
|
146
|
+
private bytesToSignForDelegatorSignature;
|
|
140
147
|
private generateExchangeKey;
|
|
141
148
|
private importExchangeKey;
|
|
149
|
+
private generateSharedSignatureKey;
|
|
150
|
+
private importSharedSignatureKey;
|
|
142
151
|
private generateAccessControlSecret;
|
|
143
152
|
private importAccessControlSecret;
|
|
144
153
|
private encryptDataWithKeys;
|
|
145
|
-
private
|
|
154
|
+
private signDataWithDelegatorKeys;
|
|
155
|
+
private verifyDelegatorSignature;
|
|
156
|
+
private signDataWithSharedKey;
|
|
157
|
+
private verifyDataWithSharedKey;
|
|
146
158
|
}
|