@icure/api 8.0.13 → 8.0.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-x-api/auth/JwtUtils.d.ts +5 -0
- package/icc-x-api/auth/JwtUtils.js +9 -1
- package/icc-x-api/auth/JwtUtils.js.map +1 -1
- package/icc-x-api/crypto/UserSignatureKeysManager.d.ts +1 -1
- package/icc-x-api/crypto/UserSignatureKeysManager.js +1 -1
- package/icc-x-api/crypto/UserSignatureKeysManager.js.map +1 -1
- package/icc-x-api/index.d.ts +6 -3
- package/icc-x-api/index.js +5 -2
- package/icc-x-api/index.js.map +1 -1
- package/package.json +1 -1
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js +1 -1
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js.map +1 -1
- package/test/icc-x-api/crypto/signature-keys-manager-test.js +2 -2
- package/test/icc-x-api/crypto/signature-keys-manager-test.js.map +1 -1
- package/test/support/CSM-87.d.ts +1 -0
- package/test/support/CSM-87.js +30 -2
- package/test/support/CSM-87.js.map +1 -1
|
@@ -8,3 +8,8 @@ export declare function isJwtInvalidOrExpired(jwt: string): boolean;
|
|
|
8
8
|
* Get the claims of the jwt.
|
|
9
9
|
*/
|
|
10
10
|
export declare function decodeJwtClaims(jwt: string): any;
|
|
11
|
+
/**
|
|
12
|
+
* @internal this function is for internal use only and may be changed without notice
|
|
13
|
+
* Get the group of the jwt.
|
|
14
|
+
*/
|
|
15
|
+
export declare function getGroupOfJwt(jwt: string): string;
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.decodeJwtClaims = exports.isJwtInvalidOrExpired = void 0;
|
|
3
|
+
exports.getGroupOfJwt = exports.decodeJwtClaims = exports.isJwtInvalidOrExpired = void 0;
|
|
4
4
|
const utils_1 = require("../utils");
|
|
5
5
|
/**
|
|
6
6
|
* @internal this function is for internal use only and may be changed without notice
|
|
@@ -28,4 +28,12 @@ function decodeJwtClaims(jwt) {
|
|
|
28
28
|
return JSON.parse((0, utils_1.a2b)(parts[1]));
|
|
29
29
|
}
|
|
30
30
|
exports.decodeJwtClaims = decodeJwtClaims;
|
|
31
|
+
/**
|
|
32
|
+
* @internal this function is for internal use only and may be changed without notice
|
|
33
|
+
* Get the group of the jwt.
|
|
34
|
+
*/
|
|
35
|
+
function getGroupOfJwt(jwt) {
|
|
36
|
+
return decodeJwtClaims(jwt)['g'];
|
|
37
|
+
}
|
|
38
|
+
exports.getGroupOfJwt = getGroupOfJwt;
|
|
31
39
|
//# sourceMappingURL=JwtUtils.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JwtUtils.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtUtils.ts"],"names":[],"mappings":";;;AAAA,oCAA8B;AAE9B;;;GAGG;AACH,SAAgB,qBAAqB,CAAC,GAAW;IAC/C,IAAI;QACF,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAA;QACnC,mGAAmG;QACnG,OAAO,CAAC,CAAC,KAAK,IAAI,MAAM,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;KACzE;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,IAAI,CAAA;KACZ;AACH,CAAC;AARD,sDAQC;AAED;;;GAGG;AACH,SAAgB,eAAe,CAAC,GAAW;IACzC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC5B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAA;IACzE,OAAO,IAAI,CAAC,KAAK,CAAC,IAAA,WAAG,EAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;AAClC,CAAC;AAJD,0CAIC","sourcesContent":["import { a2b } from '../utils'\n\n/**\n * @internal this function is for internal use only and may be changed without notice\n * Returns true if the jwt is invalid or expired, false otherwise.\n */\nexport function isJwtInvalidOrExpired(jwt: string): boolean {\n try {\n const claims = decodeJwtClaims(jwt)\n // Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.\n return !('exp' in claims) || claims['exp'] * 1000 < new Date().getTime()\n } catch (e) {\n return true\n }\n}\n\n/**\n * @internal this function is for internal use only and may be changed without notice\n * Get the claims of the jwt.\n */\nexport function decodeJwtClaims(jwt: string): any {\n const parts = jwt.split('.')\n if (parts.length !== 3) throw new Error('Invalid JWT: should be 3 parts')\n return JSON.parse(a2b(parts[1]))\n}\n"]}
|
|
1
|
+
{"version":3,"file":"JwtUtils.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtUtils.ts"],"names":[],"mappings":";;;AAAA,oCAA8B;AAE9B;;;GAGG;AACH,SAAgB,qBAAqB,CAAC,GAAW;IAC/C,IAAI;QACF,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAA;QACnC,mGAAmG;QACnG,OAAO,CAAC,CAAC,KAAK,IAAI,MAAM,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;KACzE;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,IAAI,CAAA;KACZ;AACH,CAAC;AARD,sDAQC;AAED;;;GAGG;AACH,SAAgB,eAAe,CAAC,GAAW;IACzC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC5B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAA;IACzE,OAAO,IAAI,CAAC,KAAK,CAAC,IAAA,WAAG,EAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;AAClC,CAAC;AAJD,0CAIC;AAED;;;GAGG;AACH,SAAgB,aAAa,CAAC,GAAW;IACvC,OAAO,eAAe,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAA;AAClC,CAAC;AAFD,sCAEC","sourcesContent":["import { a2b } from '../utils'\n\n/**\n * @internal this function is for internal use only and may be changed without notice\n * Returns true if the jwt is invalid or expired, false otherwise.\n */\nexport function isJwtInvalidOrExpired(jwt: string): boolean {\n try {\n const claims = decodeJwtClaims(jwt)\n // Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.\n return !('exp' in claims) || claims['exp'] * 1000 < new Date().getTime()\n } catch (e) {\n return true\n }\n}\n\n/**\n * @internal this function is for internal use only and may be changed without notice\n * Get the claims of the jwt.\n */\nexport function decodeJwtClaims(jwt: string): any {\n const parts = jwt.split('.')\n if (parts.length !== 3) throw new Error('Invalid JWT: should be 3 parts')\n return JSON.parse(a2b(parts[1]))\n}\n\n/**\n * @internal this function is for internal use only and may be changed without notice\n * Get the group of the jwt.\n */\nexport function getGroupOfJwt(jwt: string): string {\n return decodeJwtClaims(jwt)['g']\n}\n"]}
|
|
@@ -19,7 +19,7 @@ export declare class UserSignatureKeysManager {
|
|
|
19
19
|
/**
|
|
20
20
|
* Get all available keys which can be used to verify the authenticity of a signature which should have been created
|
|
21
21
|
* by the current data owner.
|
|
22
|
-
* @param fingerprint
|
|
22
|
+
* @param fingerprint v2 fingerprint of the key to retrieve.
|
|
23
23
|
* @return all available verification keys by fingerprint.
|
|
24
24
|
*/
|
|
25
25
|
getSignatureVerificationKey(fingerprint: string): Promise<CryptoKey | undefined>;
|
|
@@ -56,7 +56,7 @@ class UserSignatureKeysManager {
|
|
|
56
56
|
/**
|
|
57
57
|
* Get all available keys which can be used to verify the authenticity of a signature which should have been created
|
|
58
58
|
* by the current data owner.
|
|
59
|
-
* @param fingerprint
|
|
59
|
+
* @param fingerprint v2 fingerprint of the key to retrieve.
|
|
60
60
|
* @return all available verification keys by fingerprint.
|
|
61
61
|
*/
|
|
62
62
|
getSignatureVerificationKey(fingerprint) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"UserSignatureKeysManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/UserSignatureKeysManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AAGA,oCAAmD;AAEnD,mCAA6G;AAE7G,MAAa,wBAAwB;IACnC,YACmB,YAAgC,EAChC,YAA8B,EAC9B,UAA4B;QAF5B,iBAAY,GAAZ,YAAY,CAAoB;QAChC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,eAAU,GAAV,UAAU,CAAkB;QAGvC,uBAAkB,GAKV,SAAS,CAAA;QACjB,0BAAqB,GAAG,IAAI,GAAG,EAAqB,CAAA;IARzD,CAAC;IAUJ;;OAEG;IACG,2BAA2B;;YAI/B,IAAI,IAAI,CAAC,kBAAkB;gBAAE,OAAO,IAAI,CAAC,kBAAkB,CAAA;YAC3D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YACnE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAA;YACtE,IAAI,QAAQ,EAAE;gBACZ,MAAM,WAAW,GAAG,IAAA,qBAAa,EAAC,IAAA,gBAAQ,EAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAA;gBAC/D,IAAI,CAAC,kBAAkB,GAAG;oBACxB,WAAW;oBACX,OAAO,EAAE;wBACP,UAAU,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,kBAAkB,CAAC,KAAK,EAAE,QAAQ,CAAC,UAAU,CAAC;wBACpF,SAAS,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,EAAE,QAAQ,CAAC,SAAS,CAAC;qBACtF;iBACF,CAAA;gBACD,OAAO,IAAI,CAAC,kBAAkB,CAAA;aAC/B;iBAAM;gBACL,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,wBAAwB,EAAE,CAAA;gBAC1E,MAAM,WAAW,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,aAAa,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;gBAChG,IAAA,kCAA0B,EAAC,WAAW,CAAC,CAAA;gBACvC,MAAM,IAAI,GAAG,IAAA,qBAAa,EAAC,WAAW,CAAC,CAAA;gBACvC,+DAA+D;gBAC/D,MAAM,IAAI,CAAC,YAAY,CAAC,oBAAoB,CAC1C,WAAW,EACX,IAAA,qBAAa,EAAC,WAAW,CAAC,EAC1B,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,aAAa,EAAE,KAAK,EAAE,KAAK,CAAC,CAClE,CAAA;gBACD,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,IAAI,EAAE,aAAa,CAAC,SAAS,CAAC,CAAA;gBAC7D,IAAI,CAAC,kBAAkB,GAAG,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,CAAA;gBACvE,OAAO,IAAI,CAAC,kBAAkB,CAAA;aAC/B;QACH,CAAC;KAAA;IAED;;;;;OAKG;IACG,2BAA2B,CAAC,WAAmB;;YACnD,MAAM,MAAM,GAAG,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YAC1D,IAAI,MAAM;gBAAE,OAAO,MAAM,CAAA;YACzB,+DAA+D;YAC/D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,4BAA4B,CACjE,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAC/C,IAAA,iCAAyB,EAAC,WAAW,CAAC,CACvC,CAAA;YACD,IAAI,MAAM,EAAE;gBACV,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,EAAE,MAAM,CAAC,CAAA;gBAC/E,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAA;gBACrD,OAAO,QAAQ,CAAA;aAChB;QACH,CAAC;KAAA;CACF;AAxED,4DAwEC","sourcesContent":["import { IcureStorageFacade } from '../storage/IcureStorageFacade'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { hex2ua, jwk2spki, ua2hex } from '../utils'\nimport { KeyPair } from './RSA'\nimport { checkStandardPublicKeyTail, fingerprintV1, fingerprintV2, fingerprintV2ToStandardV1 } from './utils'\n\nexport class UserSignatureKeysManager {\n constructor(\n private readonly iCureStorage: IcureStorageFacade,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly primitives: CryptoPrimitives\n ) {}\n\n private signatureKeysCache:\n | {\n fingerprint: string\n keyPair: KeyPair<CryptoKey>\n }\n | undefined = undefined\n private verificationKeysCache = new Map<string, CryptoKey>()\n\n /**\n * Get a key which can be used to sign data in order to allow verification of the data authenticity in the future.\n */\n async getOrCreateSignatureKeyPair(): Promise<{\n fingerprint: string\n keyPair: KeyPair<CryptoKey>\n }> {\n if (this.signatureKeysCache) return this.signatureKeysCache\n const dataOwnerId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const existing = await this.iCureStorage.loadSignatureKey(dataOwnerId)\n if (existing) {\n const fingerprint = fingerprintV1(jwk2spki(existing.publicKey))\n this.signatureKeysCache = {\n fingerprint,\n keyPair: {\n privateKey: await this.primitives.RSA.importSignatureKey('jwk', existing.privateKey),\n publicKey: await this.primitives.RSA.importVerificationKey('jwk', existing.publicKey),\n },\n }\n return this.signatureKeysCache\n } else {\n const generatedPair = await this.primitives.RSA.generateSignatureKeyPair()\n const exportedPub = ua2hex(await this.primitives.RSA.exportKey(generatedPair.publicKey, 'spki'))\n checkStandardPublicKeyTail(exportedPub)\n const fpV2 = fingerprintV2(exportedPub)\n // For consistency with encryption keys we use fpv1 when saving\n await this.iCureStorage.saveSignatureKeyPair(\n dataOwnerId,\n fingerprintV1(exportedPub),\n await this.primitives.RSA.exportKeys(generatedPair, 'jwk', 'jwk')\n )\n this.verificationKeysCache.set(fpV2, generatedPair.publicKey)\n this.signatureKeysCache = { fingerprint: fpV2, keyPair: generatedPair }\n return this.signatureKeysCache\n }\n }\n\n /**\n * Get all available keys which can be used to verify the authenticity of a signature which should have been created\n * by the current data owner.\n * @param fingerprint
|
|
1
|
+
{"version":3,"file":"UserSignatureKeysManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/UserSignatureKeysManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AAGA,oCAAmD;AAEnD,mCAA6G;AAE7G,MAAa,wBAAwB;IACnC,YACmB,YAAgC,EAChC,YAA8B,EAC9B,UAA4B;QAF5B,iBAAY,GAAZ,YAAY,CAAoB;QAChC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,eAAU,GAAV,UAAU,CAAkB;QAGvC,uBAAkB,GAKV,SAAS,CAAA;QACjB,0BAAqB,GAAG,IAAI,GAAG,EAAqB,CAAA;IARzD,CAAC;IAUJ;;OAEG;IACG,2BAA2B;;YAI/B,IAAI,IAAI,CAAC,kBAAkB;gBAAE,OAAO,IAAI,CAAC,kBAAkB,CAAA;YAC3D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YACnE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAA;YACtE,IAAI,QAAQ,EAAE;gBACZ,MAAM,WAAW,GAAG,IAAA,qBAAa,EAAC,IAAA,gBAAQ,EAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAA;gBAC/D,IAAI,CAAC,kBAAkB,GAAG;oBACxB,WAAW;oBACX,OAAO,EAAE;wBACP,UAAU,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,kBAAkB,CAAC,KAAK,EAAE,QAAQ,CAAC,UAAU,CAAC;wBACpF,SAAS,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,EAAE,QAAQ,CAAC,SAAS,CAAC;qBACtF;iBACF,CAAA;gBACD,OAAO,IAAI,CAAC,kBAAkB,CAAA;aAC/B;iBAAM;gBACL,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,wBAAwB,EAAE,CAAA;gBAC1E,MAAM,WAAW,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,aAAa,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;gBAChG,IAAA,kCAA0B,EAAC,WAAW,CAAC,CAAA;gBACvC,MAAM,IAAI,GAAG,IAAA,qBAAa,EAAC,WAAW,CAAC,CAAA;gBACvC,+DAA+D;gBAC/D,MAAM,IAAI,CAAC,YAAY,CAAC,oBAAoB,CAC1C,WAAW,EACX,IAAA,qBAAa,EAAC,WAAW,CAAC,EAC1B,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,aAAa,EAAE,KAAK,EAAE,KAAK,CAAC,CAClE,CAAA;gBACD,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,IAAI,EAAE,aAAa,CAAC,SAAS,CAAC,CAAA;gBAC7D,IAAI,CAAC,kBAAkB,GAAG,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,CAAA;gBACvE,OAAO,IAAI,CAAC,kBAAkB,CAAA;aAC/B;QACH,CAAC;KAAA;IAED;;;;;OAKG;IACG,2BAA2B,CAAC,WAAmB;;YACnD,MAAM,MAAM,GAAG,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YAC1D,IAAI,MAAM;gBAAE,OAAO,MAAM,CAAA;YACzB,+DAA+D;YAC/D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,4BAA4B,CACjE,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAC/C,IAAA,iCAAyB,EAAC,WAAW,CAAC,CACvC,CAAA;YACD,IAAI,MAAM,EAAE;gBACV,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,EAAE,MAAM,CAAC,CAAA;gBAC/E,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAA;gBACrD,OAAO,QAAQ,CAAA;aAChB;QACH,CAAC;KAAA;CACF;AAxED,4DAwEC","sourcesContent":["import { IcureStorageFacade } from '../storage/IcureStorageFacade'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { hex2ua, jwk2spki, ua2hex } from '../utils'\nimport { KeyPair } from './RSA'\nimport { checkStandardPublicKeyTail, fingerprintV1, fingerprintV2, fingerprintV2ToStandardV1 } from './utils'\n\nexport class UserSignatureKeysManager {\n constructor(\n private readonly iCureStorage: IcureStorageFacade,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly primitives: CryptoPrimitives\n ) {}\n\n private signatureKeysCache:\n | {\n fingerprint: string\n keyPair: KeyPair<CryptoKey>\n }\n | undefined = undefined\n private verificationKeysCache = new Map<string, CryptoKey>()\n\n /**\n * Get a key which can be used to sign data in order to allow verification of the data authenticity in the future.\n */\n async getOrCreateSignatureKeyPair(): Promise<{\n fingerprint: string\n keyPair: KeyPair<CryptoKey>\n }> {\n if (this.signatureKeysCache) return this.signatureKeysCache\n const dataOwnerId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const existing = await this.iCureStorage.loadSignatureKey(dataOwnerId)\n if (existing) {\n const fingerprint = fingerprintV1(jwk2spki(existing.publicKey))\n this.signatureKeysCache = {\n fingerprint,\n keyPair: {\n privateKey: await this.primitives.RSA.importSignatureKey('jwk', existing.privateKey),\n publicKey: await this.primitives.RSA.importVerificationKey('jwk', existing.publicKey),\n },\n }\n return this.signatureKeysCache\n } else {\n const generatedPair = await this.primitives.RSA.generateSignatureKeyPair()\n const exportedPub = ua2hex(await this.primitives.RSA.exportKey(generatedPair.publicKey, 'spki'))\n checkStandardPublicKeyTail(exportedPub)\n const fpV2 = fingerprintV2(exportedPub)\n // For consistency with encryption keys we use fpv1 when saving\n await this.iCureStorage.saveSignatureKeyPair(\n dataOwnerId,\n fingerprintV1(exportedPub),\n await this.primitives.RSA.exportKeys(generatedPair, 'jwk', 'jwk')\n )\n this.verificationKeysCache.set(fpV2, generatedPair.publicKey)\n this.signatureKeysCache = { fingerprint: fpV2, keyPair: generatedPair }\n return this.signatureKeysCache\n }\n }\n\n /**\n * Get all available keys which can be used to verify the authenticity of a signature which should have been created\n * by the current data owner.\n * @param fingerprint v2 fingerprint of the key to retrieve.\n * @return all available verification keys by fingerprint.\n */\n async getSignatureVerificationKey(fingerprint: string): Promise<CryptoKey | undefined> {\n const cached = this.verificationKeysCache.get(fingerprint)\n if (cached) return cached\n // For consistency with encryption keys we use fpv1 when saving\n const loaded = await this.iCureStorage.loadSignatureVerificationKey(\n await this.dataOwnerApi.getCurrentDataOwnerId(),\n fingerprintV2ToStandardV1(fingerprint)\n )\n if (loaded) {\n const imported = await this.primitives.RSA.importVerificationKey('jwk', loaded)\n this.verificationKeysCache.set(fingerprint, imported)\n return imported\n }\n }\n}\n"]}
|
package/icc-x-api/index.d.ts
CHANGED
|
@@ -159,12 +159,15 @@ export interface IcureApiOptions {
|
|
|
159
159
|
readonly encryptedFieldsConfig?: EncryptedFieldsConfig;
|
|
160
160
|
/**
|
|
161
161
|
* Each user may exist in multiple groups, but an instance of {@link IcureApi} is specialised for a single group. This function allows you to decide
|
|
162
|
-
* the group to use for a given user.
|
|
163
|
-
*
|
|
162
|
+
* the group to use for a given user.
|
|
163
|
+
* This functions will be called only if a user exists in at least 2 groups, and takes in input:
|
|
164
|
+
* - the information on the groups the user can access (in no specific order)
|
|
165
|
+
* - if the authentication method uses JWT also the current group id (undefined otherwise)
|
|
166
|
+
* The function must return the id of one of the available groups.
|
|
164
167
|
* @default takes the first group provided. The group chosen by this method may vary between different instantiations of the {@link IcureApi} even
|
|
165
168
|
* if for the same user and if the groups available for the user do not change.
|
|
166
169
|
*/
|
|
167
|
-
readonly groupSelector?: (availableGroupsInfo: UserGroup[]) => Promise<string>;
|
|
170
|
+
readonly groupSelector?: (availableGroupsInfo: UserGroup[], currentGroupId?: string) => Promise<string>;
|
|
168
171
|
/**
|
|
169
172
|
* Temporary value to support EHR Lite and MedTech api implementations.
|
|
170
173
|
*
|
package/icc-x-api/index.js
CHANGED
|
@@ -84,6 +84,7 @@ const KeyPairRecoverer_1 = require("./crypto/KeyPairRecoverer");
|
|
|
84
84
|
const IccRecoveryDataApi_1 = require("../icc-api/api/internal/IccRecoveryDataApi");
|
|
85
85
|
const RecoveryDataEncryption_1 = require("./crypto/RecoveryDataEncryption");
|
|
86
86
|
const icc_recovery_x_api_1 = require("./icc-recovery-x-api");
|
|
87
|
+
const JwtUtils_1 = require("./auth/JwtUtils");
|
|
87
88
|
__exportStar(require("./icc-accesslog-x-api"), exports);
|
|
88
89
|
__exportStar(require("./icc-bekmehr-x-api"), exports);
|
|
89
90
|
__exportStar(require("./icc-calendar-item-x-api"), exports);
|
|
@@ -170,12 +171,14 @@ var IcureApi;
|
|
|
170
171
|
// TODO if this uses a smart auth provider the groupless auth provider does not share the secret cache with the group specific one.
|
|
171
172
|
const grouplessUserApi = new icc_api_1.IccUserApi(host, params.headers, grouplessAuthenticationProvider, fetchImpl);
|
|
172
173
|
const matches = yield getMatchesOrEmpty(grouplessUserApi);
|
|
173
|
-
const
|
|
174
|
+
const tokens = yield grouplessAuthenticationProvider.getIcureTokens();
|
|
175
|
+
const currentGroupId = tokens ? (0, JwtUtils_1.getGroupOfJwt)(tokens.token) : undefined;
|
|
176
|
+
const chosenGroupId = matches.length > 1 && !!options.groupSelector ? yield options.groupSelector(matches, currentGroupId) : (_a = matches[0]) === null || _a === void 0 ? void 0 : _a.groupId;
|
|
174
177
|
/*TODO
|
|
175
178
|
* On new very new users switching the authentication provider to a specific group may fail and block the user for too many requests. This is
|
|
176
179
|
* probably linked to replication of the user in the fallback database.
|
|
177
180
|
*/
|
|
178
|
-
const groupSpecificAuthenticationProvider = matches.length > 1 && chosenGroupId
|
|
181
|
+
const groupSpecificAuthenticationProvider = matches.length > 1 && chosenGroupId && chosenGroupId !== currentGroupId
|
|
179
182
|
? yield grouplessAuthenticationProvider.switchGroup(chosenGroupId, matches)
|
|
180
183
|
: grouplessAuthenticationProvider;
|
|
181
184
|
const cryptoInitInfo = yield initialiseCryptoWithProvider(host, fetchImpl, groupSpecificAuthenticationProvider, params, cryptoStrategies, crypto);
|
package/icc-x-api/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../icc-x-api/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,wCA8BmB;AACnB,qDAA8C;AAC9C,yDAAkD;AAClD,2DAAoD;AACpD,2DAAoD;AACpD,6DAAsD;AACtD,2DAAoD;AACpD,qDAA8C;AAC9C,6DAAsD;AACtD,yEAAkE;AAClE,uEAA+D;AAC/D,2DAAoD;AACpD,2DAAoD;AACpD,2DAAoD;AACpD,+DAAwD;AACxD,iEAAyD;AACzD,qDAA8C;AAC9C,6EAAqE;AACrE,iEAAyD;AAGzD,iEAA6D;AAC7D,6DAAyD;AACzD,0EAMsC;AACtC,gEAA4D;AAC5D,kFAA8E;AAC9E,qEAAiE;AACjE,6FAAyF;AACzF,sDAAkD;AAClD,8EAA0E;AAG1E,sEAAkE;AAClE,kEAA8D;AAC9D,sEAAkE;AAClE,+EAAuE;AACvE,wEAAoE;AACpE,0CAAwD;AACxD,oHAAgH;AAChH,sEAA+F;AAC/F,8EAA0E;AAC1E,mFAA+E;AAC/E,gFAA4E;AAC5E,gFAA4E;AAC5E,sFAAkF;AAClF,kHAA8G;AAC9G,0EAAsE;AACtE,gFAA4E;AAC5E,gGAA4F;AAC5F,yFAAqF;AACrF,4EAAwE;AACxE,yDAAkD;AAClD,2DAAoD;AACpD,mEAA4D;AAE5D,uDAAgD;AAChD,0DAAsD;AACtD,0EAAsE;AACtE,oFAAgF;AAChF,wEAAoE;AACpE,gEAAgF;AAChF,gEAA4D;AAC5D,mFAA+E;AAC/E,4EAAwE;AACxE,6DAAsD;AAEtD,wDAAqC;AACrC,sDAAmC;AACnC,4DAAyC;AACzC,6DAA0C;AAC1C,mDAAgC;AAChC,sDAAmC;AACnC,qDAAkC;AAClC,0DAAuC;AACvC,uDAAoC;AACpC,mDAAgC;AAChC,sDAAmC;AACnC,uDAAoC;AACpC,sDAAmC;AACnC,sDAAmC;AACnC,sDAAmC;AACnC,mDAAgC;AAChC,yDAAsC;AACtC,sDAAmC;AACnC,yDAAsC;AACtC,gEAA6C;AAC7C,+DAA4C;AAC5C,0CAAuB;AAEvB,+CAA4B;AAC5B,4DAAyC;AACzC,kEAA+C;AAC/C,gEAA6C;AAG7C,+DAA6D;AAApD,oHAAA,gBAAgB,OAAA;AAEzB,2DAAyD;AAAhD,gHAAA,cAAc,OAAA;AAEvB,wCAAoD;AAA3C,4GAAA,mBAAmB,OAAA;AAqH5B,IAAU,eAAe,CA4BxB;AA5BD,WAAU,eAAe;IACvB,IAAiB,QAAQ,CAIxB;IAJD,WAAiB,QAAQ;QACV,yBAAgB,GAAG,IAAI,+DAA8B,EAAE,CAAA;QACvD,uCAA8B,GAAG,IAAI,CAAA;QACrC,gBAAO,GAAG,EAAE,CAAA;IAC3B,CAAC,EAJgB,QAAQ,GAAR,wBAAQ,KAAR,wBAAQ,QAIxB;IAED,MAAa,YAAY;QAUvB,YAAY,MAAuB;;YACjC,IAAI,CAAC,gBAAgB,GAAG,MAAA,MAAM,CAAC,gBAAgB,mCAAI,QAAQ,CAAC,gBAAgB,CAAA;YAC5E,IAAI,CAAC,8BAA8B,GAAG,MAAA,MAAM,CAAC,8BAA8B,mCAAI,QAAQ,CAAC,8BAA8B,CAAA;YACtH,IAAI,CAAC,OAAO,GAAG,MAAA,MAAM,CAAC,OAAO,mCAAI,IAAI,mCAAgB,EAAE,CAAA;YACvD,IAAI,CAAC,UAAU,GAAG,MAAA,MAAM,CAAC,UAAU,mCAAI,IAAI,+BAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;YACvE,IAAI,CAAC,OAAO,GAAG,MAAA,MAAM,CAAC,OAAO,mCAAI,QAAQ,CAAC,OAAO,CAAA;YACjD,IAAI,CAAC,qBAAqB,GAAG,MAAA,MAAM,CAAC,qBAAqB,mCAAI,EAAE,CAAA;YAC/D,IAAI,CAAC,aAAa,GAAG,MAAA,MAAM,CAAC,aAAa,mCAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAQ,CAAC,CAAC,CAAA;YAC9F,IAAI,CAAC,+BAA+B,GAAG,MAAA,MAAM,CAAC,+BAA+B,mCAAI,KAAK,CAAA;QACxF,CAAC;KACF;IApBY,4BAAY,eAoBxB,CAAA;AACH,CAAC,EA5BS,eAAe,KAAf,eAAe,QA4BxB;AAwJD,IAAiB,qBAAqB,CAYrC;AAZD,WAAiB,qBAAqB;IACvB,8BAAQ,GAAG;QACtB,SAAS,EAAE,CAAC,QAAQ,EAAE,UAAU,CAAC;QACjC,YAAY,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,WAAW,CAAC;QAC/C,OAAO,EAAE,CAAC,OAAO,CAAC;QAClB,OAAO,EAAE,CAAC,kBAAkB,CAAC;QAC7B,aAAa,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,kBAAkB,CAAC;QACpD,eAAe,EAAE,CAAC,YAAY,CAAC;QAC/B,OAAO,EAAE,CAAC,MAAM,EAAE,kBAAkB,CAAC;QACrC,OAAO,EAAE,EAAE;QACX,KAAK,EAAE,CAAC,aAAa,EAAE,gBAAgB,EAAE,sBAAsB,CAAC;KACjE,CAAA;AACH,CAAC,EAZgB,qBAAqB,GAArB,6BAAqB,KAArB,6BAAqB,QAYrC;AA4ED,IAAiB,QAAQ,CA2CxB;AA3CD,WAAiB,QAAQ;IACvB;;OAEG;IACH,SAAsB,UAAU,CAC9B,IAAY,EACZ,qBAAqE,EACrE,gBAAkC,EAClC,SAAiB,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,EAAa,EAC3H,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK,EACT,UAA2B,EAAE;;;YAE7B,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,OAAO,CAAC,CAAA;YACxD,IAAI,+BAA+B,GAAG,MAAM,yBAAyB,CAAC,IAAI,EAAE,qBAAqB,EAAE,MAAM,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;YAC7H,mIAAmI;YACnI,MAAM,gBAAgB,GAAG,IAAI,oBAAU,CAAC,IAAI,EAAE,MAAM,CAAC,OAAO,EAAE,+BAA+B,EAAE,SAAS,CAAC,CAAA;YACzG,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,gBAAgB,CAAC,CAAA;YACzD,MAAM,aAAa,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAA,OAAO,CAAC,CAAC,CAAC,0CAAE,OAAO,CAAA;YAChI;;;eAGG;YACH,MAAM,mCAAmC,GACvC,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,aAAa;gBACjC,CAAC,CAAC,MAAM,+BAA+B,CAAC,WAAW,CAAC,aAAa,EAAE,OAAO,CAAC;gBAC3E,CAAC,CAAC,+BAA+B,CAAA;YACrC,MAAM,cAAc,GAAG,MAAM,4BAA4B,CAAC,IAAI,EAAE,SAAS,EAAE,mCAAmC,EAAE,MAAM,EAAE,gBAAgB,EAAE,MAAM,CAAC,CAAA;YACjJ,OAAO,IAAI,YAAY,CACrB,cAAc,EACd,IAAI,EACJ,mCAAmC,EACnC,KAAK,EACL,gBAAgB,EAChB,OAAO,EACP,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,KAAK,aAAa,CAAC,EACxD,MAAM,EACN,gBAAgB,CACjB,CAAA;;KACF;IAtCqB,mBAAU,aAsC/B,CAAA;AACH,CAAC,EA3CgB,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QA2CxB;AAED,SAAe,yBAAyB,CACtC,IAAY,EACZ,qBAAqE,EACrE,OAAyC,EACzC,SAAwE;;;QAExE,IAAI,sBAA8C,CAAA;QAClD,IAAI,gBAAgB,IAAI,qBAAqB,IAAI,aAAa,IAAI,qBAAqB,IAAI,gBAAgB,IAAI,qBAAqB,EAAE;YACpI,sBAAsB,GAAG,qBAAqB,CAAA;SAC/C;aAAM,IAAI,aAAa,IAAI,qBAAqB,IAAI,CAAC,CAAC,qBAAqB,CAAC,WAAW,EAAE;YACxF,sBAAsB,GAAG,IAAI,kDAAyB,CACpD,IAAI,oBAAU,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,iDAAwB,EAAE,EAAE,SAAS,CAAC,EACxE,MAAA,qBAAqB,aAArB,qBAAqB,uBAArB,qBAAqB,CAAE,WAAW,0CAAE,QAAQ,EAC5C,MAAA,qBAAqB,aAArB,qBAAqB,uBAArB,qBAAqB,CAAE,WAAW,0CAAE,QAAQ,EAC5C,SAAS,EACT,qBAAqB,CAAC,WAAW,CAClC,CAAA;SACF;aAAM,IACL,UAAU,IAAI,qBAAqB;YACnC,UAAU,IAAI,qBAAqB;YACnC,CAAC,CAAC,qBAAqB,CAAC,QAAQ;YAChC,CAAC,CAAC,qBAAqB,CAAC,QAAQ,EAChC;YACA,sBAAsB,GAAG,IAAI,uDAA8B,CACzD,IAAI,oBAAU,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,iDAAwB,EAAE,EAAE,SAAS,CAAC,EACxE,qBAAqB,CAAC,QAAQ,EAC9B,qBAAqB,CAAC,QAAQ,EAC9B,IAAI,EACJ,SAAS,EACT,SAAS,EACT,qBAAqB,CAAC,gBAAgB,CACvC,CAAA;SACF;aAAM,IAAI,kBAAkB,IAAI,qBAAqB,IAAI,CAAC,CAAC,qBAAqB,CAAC,gBAAgB,EAAE;YAClG,sBAAsB,GAAG,IAAI,kDAAyB,CACpD,IAAI,oBAAU,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,iDAAwB,EAAE,EAAE,SAAS,CAAC,EACxE,SAAS,EACT,SAAS,EACT,IAAI,6CAAqB,CACvB,IAAI,oBAAU,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,iDAAwB,EAAE,EAAE,SAAS,CAAC,EACxE,SAAS,EACT,SAAS,EACT,qBAAqB,CAAC,gBAAgB,EACtC,SAAS,CACV,CACF,CAAA;SACF;aAAM,IAAI,UAAU,IAAI,qBAAqB,IAAI,gBAAgB,IAAI,qBAAqB,EAAE;YAC3F,sBAAsB,GAAG,qCAAiB,CAAC,UAAU,CACnD,IAAI,oBAAU,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,iDAAwB,EAAE,EAAE,SAAS,CAAC,EACxE,qBAAqB,CAAC,QAAQ,EAC9B,qBAAqB,CAAC,cAAc,EACpC;gBACE,aAAa,EAAE,qBAAqB,CAAC,aAAa;gBAClD,gBAAgB,EAAE,qBAAqB,CAAC,gBAAgB;gBACxD,mBAAmB,EAAE,qBAAqB,CAAC,mBAAmB;aAC/D,CACF,CAAA;SACF;aAAM;YACL,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAA;SAC3D;QACD,OAAO,sBAAsB,CAAA;;CAC9B;AAiBD,MAAM,gCAAgC,GAAG,iCAAiC,CAAA;AAE1E,SAAe,4BAA4B,CACzC,IAAY,EACZ,SAAwE,EACxE,mCAA2D,EAC3D,MAAoC,EACpC,gBAAkC,EAClC,MAAc;;;QAEd,MAAM,oBAAoB,GAAG,MAAM,IAAI,uCAAgB,CACrD,IAAI,EACJ,MAAM,CAAC,OAAO,EACd,mCAAmC,EACnC,SAAS,CACV,CAAC,uBAAuB,EAAE,CAAA;QAC3B,MAAM,oCAAoC,GAAG,gBAAgB,CAAC,oCAAoC,CAAC,oBAAoB,CAAC,CAAA;QACxH,IAAI,cAAc,GAAG,MAAM,CAAC,OAAO,CAAA;QACnC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,QAAQ,CAAC,gCAAgC,CAAC,EAAE;YAC3E,IAAI,oBAAoB,CAAC,IAAI,IAAI,qCAAiB,CAAC,OAAO,IAAI,oBAAoB,CAAC,IAAI,IAAI,qCAAiB,CAAC,MAAM,EAAE;gBACnH,IAAI,CAAC,oCAAoC,EAAE;oBACzC,cAAc,mCAAQ,cAAc,KAAE,CAAC,gCAAgC,CAAC,EAAE,OAAO,GAAE,CAAA;iBACpF;aACF;iBAAM;gBACL,IAAI,oCAAoC,EAAE;oBACxC,cAAc,mCAAQ,cAAc,KAAE,CAAC,gCAAgC,CAAC,EAAE,MAAM,GAAE,CAAA;iBACnF;aACF;SACF;QAED,MAAM,OAAO,GAAG,IAAI,oBAAU,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,SAAS,CAAC,CAAA;QACpG,MAAM,OAAO,GAAG,IAAI,4BAAW,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;QAC9G,MAAM,kBAAkB,GAAG,IAAI,kCAAc,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;QAC5H,MAAM,SAAS,GAAG,IAAI,gCAAa,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;QAC3H,MAAM,cAAc,GAAG,IAAI,uBAAa,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,SAAS,CAAC,CAAA;QAC9G,MAAM,YAAY,GAAG,IAAI,uCAAgB,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,SAAS,CAAC,CAAA;QAC/G,MAAM,eAAe,GAAG,IAAI,uCAAkB,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,SAAS,CAAC,CAAA;QACpH,MAAM,mBAAmB,GAAG,IAAI,uCAAkB,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,SAAS,CAAC,CAAA;QACxH,wBAAwB;QACxB,MAAM,YAAY,GAAG,IAAI,uCAAkB,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,gBAAgB,CAAC,CAAA;QACvG,MAAM,gBAAgB,GAAG,IAAI,mCAAgB,CAAC,MAAM,CAAC,CAAA;QACrD,MAAM,uBAAuB,GAAG,IAAI,iDAAuB,CAAC,gBAAgB,EAAE,YAAY,EAAE,kBAAkB,EAAE,cAAc,EAAE,SAAS,CAAC,CAAA;QAC1I,MAAM,uBAAuB,GAAG,IAAI,iDAAuB,CAAC,eAAe,EAAE,YAAY,EAAE,gBAAgB,EAAE,oCAAoC,CAAC,CAAA;QAClJ,MAAM,WAAW,GAAG,IAAI,yBAAW,CAAC,gBAAgB,EAAE,YAAY,EAAE,uBAAuB,EAAE,uBAAuB,CAAC,CAAA;QACrH,MAAM,sBAAsB,GAAG,IAAI,+CAAsB,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,CAAA;QAChG,MAAM,gBAAgB,GAAG,IAAI,mCAAgB,CAAC,sBAAsB,CAAC,CAAA;QACrE,MAAM,yBAAyB,GAAG,IAAI,qDAAyB,CAC7D,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,WAAW,EACX,gBAAgB,EAChB,CAAC,MAAM,CAAC,+BAA+B,EACvC,gBAAgB,CACjB,CAAA;QACD,MAAM,wBAAwB,GAAG,IAAI,mDAAwB,CAAC,YAAY,EAAE,YAAY,EAAE,gBAAgB,CAAC,CAAA;QAC3G,MAAM,MAAM,GAAG,MAAM,yBAAyB,CAAC,cAAc,EAAE,CAAA;QAC/D,MAAM,IAAI,yCAAmB,CAC3B,gBAAgB,EAChB,uBAAuB,EACvB,YAAY,EACZ,yBAAyB,EACzB,wBAAwB,EACxB,YAAY,CACb,CAAC,kBAAkB,CAAC,MAAM,YAAY,CAAC,uBAAuB,EAAE,CAAC,CAAA;QAClE,6BAA6B;QAC7B,MAAM,mBAAmB,GAAG,IAAI,yCAAmB,CACjD,GAAG,EACH,GAAG,EACH,MAAM,EACN,KAAK,EACL,gBAAgB,EAChB,gBAAgB,EAChB,yBAAyB,EACzB,uBAAuB,EACvB,YAAY,EACZ,CAAC,MAAM,CAAC,+BAA+B,EACvC,YAAY,CACb,CAAA;QACD,MAAM,wBAAwB,GAAG,IAAI,mDAAwB,CAAC,gBAAgB,CAAC,CAAA;QAC/E,MAAM,mBAAmB,GAAG,MAAM,IAAA,sEAAgD,EAChF,uBAAuB,EACvB,yBAAyB,EACzB,wBAAwB,EACxB,wBAAwB,EACxB,gBAAgB,EAChB,YAAY,EACZ,gBAAgB,EAChB,CAAC,MAAM,CAAC,+BAA+B,CACxC,CAAA;QACD,MAAM,sBAAsB,GAAG,IAAI,+CAAsB,CACvD,IAAI,6CAAqB,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,SAAS,CAAC,CAChG,CAAA;QACD,MAAM,2BAA2B,GAAG,IAAI,yDAA2B,CAAC,yBAAyB,EAAE,gBAAgB,CAAC,CAAA;QAChH,MAAM,2CAA2C,GAAG,IAAI,uFAA0C,CAChG,mBAAmB,EACnB,sBAAsB,EACtB,2BAA2B,EAC3B,YAAY,CACb,CAAA;QACD,MAAM,SAAS,GAAG,IAAI,6CAAqB,CACzC,gBAAgB,EAChB,YAAY,EACZ,IAAI,qFAAyC,CAAC,mBAAmB,EAAE,gBAAgB,CAAC,EACpF,2CAA2C,EAC3C,IAAI,mDAAwB,CAC1B,mBAAmB,EACnB,sBAAsB,EACtB,2BAA2B,EAC3B,wBAAwB,EACxB,yBAAyB,EACzB,gBAAgB,EAChB,YAAY,EACZ,gBAAgB,EAChB,oCAAoC,CACrC,EACD,OAAO,EACP,CAAC,MAAM,CAAC,+BAA+B,CACxC,CAAA;QACD,MAAM,aAAa,GAAG,IAAI,qCAAiB,CAAC,gBAAgB,EAAE,YAAY,EAAE,yBAAyB,EAAE,mBAAmB,CAAC,CAAA;QAC3H,MAAM,qBAAqB,GAAG,IAAI,2CAAoB,CAAC,SAAS,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAA;QACjG,MAAM,IAAA,+BAAuB,EAAC,YAAY,EAAE,SAAS,EAAE,cAAc,EAAE,gBAAgB,CAAC,CAAA;QACxF,MAAM,gCAAgC,GAAG,IAAI,mEAAgC,CAAC,mBAAmB,CAAC,CAAA;QAClG,MAAM,0BAA0B,GAAG,IAAI,uDAA0B,CAC/D,YAAY,EACZ,2CAA2C,EAC3C,SAAS,EACT,gBAAgB,EAChB,wBAAwB,EACxB,IAAI,EACJ,cAAc,EACd,mCAAmC,EACnC,SAAS,EACT,gCAAgC,CACjC,CAAA;QACD,MAAM,SAAS,GAAG,IAAI,gCAAa,CACjC,mBAAmB,EACnB,gBAAgB,EAChB,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,aAAa,EACb,MAAM,CAAC,OAAO,EACd,MAAM,CAAC,UAAU,EACjB,qBAAqB,EACrB,mBAAmB,EACnB,gCAAgC,EAChC,0BAA0B,CAC3B,CAAA;QACD,MAAM,kBAAkB,GAAG,IAAI,mDAAsB,CACnD,IAAI,EACJ,cAAc,EACd,SAAS,EACT,kBAAkB,EAClB,YAAY,EACZ,OAAO,EACP,OAAO,EACP,CAAC,oCAAoC,EACrC,MAAA,MAAM,CAAC,qBAAqB,CAAC,eAAe,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,eAAe,EAC9F,mCAAmC,EACnC,SAAS,CACV,CAAA;QACD,MAAM,uBAAuB,GAAG,IAAI,qDAAuB,CAAC,SAAS,EAAE,kBAAkB,EAAE,YAAY,EAAE,eAAe,CAAC,CAAA;QAEzH,IAAI,MAAM,IAAI,MAAM,CAAC,8BAA8B,EAAE;YACnD,MAAM,uBAAuB,CAAC,mCAAmC,CAAC,MAAM,OAAO,CAAC,cAAc,EAAE,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;SACrH;QACD,OAAO;YACL,SAAS;YACT,OAAO;YACP,kBAAkB;YAClB,SAAS;YACT,kBAAkB;YAClB,YAAY;YACZ,uBAAuB;YACvB,OAAO,EAAE,cAAc;YACvB,oCAAoC;YACpC,WAAW,EAAE,IAAI,oCAAe,CAC9B,mBAAmB,EACnB,sBAAsB,EACtB,yBAAyB,EACzB,YAAY,EACZ,gBAAgB,EAChB,mBAAmB,CACpB;SACF,CAAA;;CACF;AAED,MAAM,YAAY;IAGhB,YACmB,eAAyC,EACzC,IAAY,EACZ,mCAA2D,EAC3D,KAAoE,EACpE,gBAA4B,EAC7C,aAA0B,EACT,gBAAuC,EACvC,MAAoC,EACpC,gBAAkC;QARlC,oBAAe,GAAf,eAAe,CAA0B;QACzC,SAAI,GAAJ,IAAI,CAAQ;QACZ,wCAAmC,GAAnC,mCAAmC,CAAwB;QAC3D,UAAK,GAAL,KAAK,CAA+D;QACpE,qBAAgB,GAAhB,gBAAgB,CAAY;QAE5B,qBAAgB,GAAhB,gBAAgB,CAAuB;QACvC,WAAM,GAAN,MAAM,CAA8B;QACpC,qBAAgB,GAAhB,gBAAgB,CAAkB;QAEnD,IAAI,CAAC,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;IAC3D,CAAC;IAID,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,eAAe,CAAC,WAAW,CAAA;IACzC,CAAC;IAED,IAAI,OAAO;;QACT,OAAO,CACL,MAAA,IAAI,CAAC,QAAQ,mCAAI,CAAC,IAAI,CAAC,QAAQ,GAAG,IAAI,oBAAU,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACjJ,CAAA;IACH,CAAC;IAID,IAAI,OAAO;;QACT,OAAO,CACL,MAAA,IAAI,CAAC,QAAQ,mCACb,CAAC,IAAI,CAAC,QAAQ,GAAG,IAAI,4BAAW,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACjI,CAAA;IACH,CAAC;IAID,IAAI,mBAAmB;;QACrB,OAAO,CACL,MAAA,IAAI,CAAC,oBAAoB,mCACzB,CAAC,IAAI,CAAC,oBAAoB,GAAG,IAAI,gCAAsB,CACrD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,kBAAkB;;QACpB,OAAO,CACL,MAAA,IAAI,CAAC,mBAAmB,mCACxB,CAAC,IAAI,CAAC,mBAAmB,GAAG,IAAI,+BAAqB,CACnD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,OAAO;;QACT,OAAO,MAAA,IAAI,CAAC,QAAQ,mCAAI,CAAC,IAAI,CAAC,QAAQ,GAAG,IAAI,uBAAU,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAA;IAChJ,CAAC;IAID,IAAI,kBAAkB;;QACpB,OAAO,CACL,MAAA,IAAI,CAAC,mBAAmB,mCACxB,CAAC,IAAI,CAAC,mBAAmB,GAAG,IAAI,yBAAe,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAChJ,CAAA;IACH,CAAC;IAID,IAAI,aAAa;;QACf,OAAO,CACL,MAAA,IAAI,CAAC,cAAc,mCACnB,CAAC,IAAI,CAAC,cAAc,GAAG,IAAI,0BAAgB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAC5I,CAAA;IACH,CAAC;IAID,IAAI,YAAY;;QACd,OAAO,CACL,MAAA,IAAI,CAAC,aAAa,mCAClB,CAAC,IAAI,CAAC,aAAa,GAAG,IAAI,sCAAgB,CACxC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,SAAS,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,SAAS,EACvF,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,SAAS;;QACX,OAAO,CACL,MAAA,IAAI,CAAC,UAAU,mCACf,CAAC,IAAI,CAAC,UAAU,GAAG,IAAI,sBAAY,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACpI,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,kCAAc,CACpC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,OAAO,EACZ,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,EACV,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,OAAO,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,OAAO,EACnF,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,OAAO,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,OAAO,CACpF,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,OAAO;;QACT,OAAO,CACL,MAAA,IAAI,CAAC,QAAQ,mCACb,CAAC,IAAI,CAAC,QAAQ,GAAG,IAAI,4BAAW,CAC9B,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,QAAQ;;QACV,OAAO,CACL,MAAA,IAAI,CAAC,SAAS,mCACd,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,qBAAW,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAClI,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,kCAAc,CACpC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,YAAY;;QACd,OAAO,CACL,MAAA,IAAI,CAAC,aAAa,mCAClB,CAAC,IAAI,CAAC,aAAa,GAAG,IAAI,yBAAe,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAC1I,CAAA;IACH,CAAC;IAID,IAAI,WAAW;;QACb,OAAO,CACL,MAAA,IAAI,CAAC,YAAY,mCACjB,CAAC,IAAI,CAAC,YAAY,GAAG,IAAI,oCAAe,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,oBAAoB;;QACtB,OAAO,CACL,MAAA,IAAI,CAAC,qBAAqB,mCAC1B,CAAC,IAAI,CAAC,qBAAqB,GAAG,IAAI,oCAAe,CAC/C,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,OAAO,EACZ,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,aAAa,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,aAAa,EAC/F,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,iBAAiB;;QACnB,OAAO,CACL,MAAA,IAAI,CAAC,kBAAkB,mCACvB,CAAC,IAAI,CAAC,kBAAkB,GAAG,IAAI,gDAAqB,CAClD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,eAAe;;QACjB,OAAO,CACL,MAAA,IAAI,CAAC,gBAAgB,mCACrB,CAAC,IAAI,CAAC,gBAAgB,GAAG,IAAI,6CAAmB,CAC9C,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,YAAY,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,YAAY,EAC7F,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,kCAAc,CACpC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,YAAY;;QACd,OAAO,CACL,MAAA,IAAI,CAAC,aAAa,mCAClB,CAAC,IAAI,CAAC,aAAa,GAAG,IAAI,uCAAgB,CACxC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,kCAAc,CACpC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,oBAAoB,EACzB,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,iBAAiB,EACtB,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,eAAe,EACpB,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,OAAO,EACZ,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,OAAO,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,OAAO,EACnF,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,kCAAc,CACpC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,OAAO,EACZ,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,OAAO,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,OAAO,EACnF,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,QAAQ;;QACV,OAAO,CACL,MAAA,IAAI,CAAC,SAAS,mCACd,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,8BAAY,CAChC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,OAAO,EACZ,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,KAAK,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,KAAK,EAC/E,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,kBAAkB;;QACpB,OAAO,CACL,MAAA,IAAI,CAAC,mBAAmB,mCACxB,CAAC,IAAI,CAAC,mBAAmB,GAAG,IAAI,+BAAqB,CACnD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,sBAAsB;;QACxB,OAAO,CACL,MAAA,IAAI,CAAC,uBAAuB,mCAC5B,CAAC,IAAI,CAAC,uBAAuB,GAAG,IAAI,mCAAyB,CAC3D,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,uBAAa,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACtI,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,kCAAc,CACpC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,oBAAoB,EACzB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,uBAAa,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACtI,CAAA;IACH,CAAC;IAID,IAAI,iBAAiB;;QACnB,OAAO,CACL,MAAA,IAAI,CAAC,kBAAkB,mCACvB,CAAC,IAAI,CAAC,kBAAkB,GAAG,IAAI,8BAAoB,CACjD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,iBAAiB;;QACnB,OAAO,CACL,MAAA,IAAI,CAAC,kBAAkB,mCACvB,CAAC,IAAI,CAAC,kBAAkB,GAAG,IAAI,8BAAoB,CACjD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,uBAAa,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACtI,CAAA;IACH,CAAC;IAID,IAAI,yBAAyB;;QAC3B,OAAO,CACL,MAAA,IAAI,CAAC,0BAA0B,mCAC/B,CAAC,IAAI,CAAC,0BAA0B,GAAG,IAAI,sCAA4B,CACjE,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,cAAc;;QAChB,OAAO,CACL,MAAA,IAAI,CAAC,eAAe,mCACpB,CAAC,IAAI,CAAC,eAAe,GAAG,IAAI,0CAAkB,CAC5C,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,iBAAiB;;QACnB,OAAO,CACL,MAAA,IAAI,CAAC,kBAAkB,mCACvB,CAAC,IAAI,CAAC,kBAAkB,GAAG,IAAI,8BAAoB,CACjD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,oBAAoB;;QACtB,OAAO,CACL,MAAA,IAAI,CAAC,qBAAqB,mCAC1B,CAAC,IAAI,CAAC,qBAAqB,GAAG,IAAI,iCAAuB,CACvD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,QAAQ;;QACV,OAAO,CACL,MAAA,IAAI,CAAC,SAAS,mCACd,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,qBAAW,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAClI,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,uBAAa,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACtI,CAAA;IACH,CAAC;IAID,IAAI,QAAQ;;QACV,OAAO,CACL,MAAA,IAAI,CAAC,SAAS,mCACd,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,qBAAW,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAClI,CAAA;IACH,CAAC;IAID,IAAI,QAAQ;;QACV,OAAO,CACL,MAAA,IAAI,CAAC,SAAS,mCACd,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,qBAAW,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAClI,CAAA;IACH,CAAC;IAID,IAAI,SAAS;;QACX,OAAO,CACL,MAAA,IAAI,CAAC,UAAU,mCACf,CAAC,IAAI,CAAC,UAAU,GAAG,IAAI,sBAAY,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACpI,CAAA;IACH,CAAC;IAID,IAAI,cAAc;;QAChB,OAAO,CACL,MAAA,IAAI,CAAC,eAAe,mCACpB,CAAC,IAAI,CAAC,eAAe,GAAG,IAAI,2BAAiB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAC9I,CAAA;IACH,CAAC;IAID,IAAI,eAAe;;QACjB,OAAO,CACL,MAAA,IAAI,CAAC,gBAAgB,mCACrB,CAAC,IAAI,CAAC,gBAAgB,GAAG,IAAI,4BAAkB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAChJ,CAAA;IACH,CAAC;IAID,IAAI,MAAM;;QACR,OAAO,CACL,MAAA,IAAI,CAAC,OAAO,mCAAI,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,mBAAS,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAC9I,CAAA;IACH,CAAC;IAED,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,eAAe,CAAC,SAAS,CAAA;IACvC,CAAC;IAED,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,YAAY,CAAA;IAC1C,CAAC;IAED,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,eAAe,CAAC,SAAS,CAAA;IACvC,CAAC;IAED,IAAI,kBAAkB;QACpB,OAAO,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAA;IAChD,CAAC;IAED,IAAI,uBAAuB;QACzB,OAAO,IAAI,CAAC,eAAe,CAAC,uBAAuB,CAAA;IACrD,CAAC;IAED,IAAI,kBAAkB;QACpB,OAAO,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAA;IAChD,CAAC;IAED,IAAI,OAAO;QACT,OAAO,IAAI,CAAC,eAAe,CAAC,OAAO,CAAA;IACrC,CAAC;IAEK,aAAa;;YACjB,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC,gBAAgB,CAAC,gBAAgB,EAAE,CAAA;YACnE,OAAO,EAAE,YAAY,EAAE,IAAI,CAAC,gBAAgB,EAAE,eAAe,EAAE,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAA;QACjG,CAAC;KAAA;IAEK,WAAW,CAAC,UAAkB;;YAClC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAA;YACtD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,mCAAmC,CAAC,WAAW,CAAC,UAAU,EAAE,eAAe,CAAC,CAAA;YAChH,MAAM,eAAe,GAAG,MAAM,4BAA4B,CACxD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,KAAK,EACV,gBAAgB,EAChB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,gBAAgB,EACrB,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,MAAM,CACjC,CAAA;YACD,OAAO,IAAI,YAAY,CACrB,eAAe,EACf,IAAI,CAAC,IAAI,EACT,gBAAgB,EAChB,IAAI,CAAC,KAAK,EACV,IAAI,CAAC,gBAAgB,EACrB,eAAe,EACf,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,UAAU,CAAE,EACtD,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,gBAAgB,CACtB,CAAA;QACH,CAAC;KAAA;CACF;AAED;;;;GAIG;AACI,MAAM,SAAS,GAAG,UACvB,IAAY,EACZ,qBAAqE,EACrE,SAAiB,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,EAAa,EAC3H,YAA2E,OAAO,MAAM,KAAK,WAAW;IACtG,CAAC,CAAC,MAAM,CAAC,KAAK;IACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;QAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;QACZ,CAAC,CAAC,KAAK,EACT,UAA0D,EAAE;;;QAE5D,MAAM,sBAAsB,GAAG,MAAM,yBAAyB,CAAC,IAAI,EAAE,qBAAqB,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,SAAS,CAAC,CAAA;QAC7H,MAAM,OAAO,GAAG,IAAI,oBAAU,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAE9F,MAAM,OAAO,GAAG,IAAI,4BAAW,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAC/F,MAAM,kBAAkB,GAAG,IAAI,yBAAe,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAC9G,MAAM,OAAO,GAAG,IAAI,4BAAW,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;QACxG,MAAM,SAAS,GAAG,IAAI,gCAAa,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;QACrH,MAAM,aAAa,GAAG,IAAI,0BAAgB,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAC1G,MAAM,SAAS,GAAG,IAAI,sBAAY,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAClG,MAAM,QAAQ,GAAG,IAAI,qBAAW,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,CAAC,CAAA;QACrF,MAAM,YAAY,GAAG,IAAI,yBAAe,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QACxG,MAAM,kBAAkB,GAAG,IAAI,kCAAc,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;QAEtH,OAAO;YACL,OAAO;YACP,SAAS;YACT,OAAO;YACP,OAAO;YACP,aAAa;YACb,YAAY;YACZ,kBAAkB;YAClB,SAAS;YACT,QAAQ;YACR,kBAAkB;SACnB,CAAA;;CACF,CAAA;AApCY,QAAA,SAAS,aAoCrB;AAED,SAAe,iBAAiB,CAAC,OAAmB;;QAClD,IAAI;YACF,OAAO,MAAM,OAAO,CAAC,gBAAgB,EAAE,CAAA;SACxC;QAAC,OAAO,GAAG,EAAE;YACZ,IAAI,GAAG,YAAY,KAAK,IAAI,YAAY,IAAI,GAAG,IAAK,GAAW,CAAC,UAAU,KAAK,GAAG;gBAAE,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;;gBACzG,OAAO,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;SAChC;IACH,CAAC;CAAA","sourcesContent":["import {\n IccAgendaApi,\n IccAnonymousAccessApi,\n IccApplicationsettingsApi,\n IccArticleApi,\n IccAuthApi,\n IccBeefactApi,\n IccBeresultexportApi,\n IccBeresultimportApi,\n IccBesamv2Api,\n IccCalendarItemTypeApi,\n IccClassificationTemplateApi,\n IccEntityrefApi,\n IccEntitytemplateApi,\n IccFrontendmigrationApi,\n IccGroupApi,\n IccIcureApi,\n IccInsuranceApi,\n IccKeywordApi,\n IccMedexApi,\n IccMedicallocationApi,\n IccPatientApi,\n IccPermissionApi,\n IccPlaceApi,\n IccPubsubApi,\n IccReplicationApi,\n IccTarificationApi,\n IccTmpApi,\n IccUserApi,\n OAuthThirdParty,\n} from '../icc-api'\nimport { IccUserXApi } from './icc-user-x-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport { IccContactXApi } from './icc-contact-x-api'\nimport { IccInvoiceXApi } from './icc-invoice-x-api'\nimport { IccDocumentXApi } from './icc-document-x-api'\nimport { IccHcpartyXApi } from './icc-hcparty-x-api'\nimport { IccFormXApi } from './icc-form-x-api'\nimport { IccHelementXApi } from './icc-helement-x-api'\nimport { IccClassificationXApi } from './icc-classification-x-api'\nimport { IccCalendarItemXApi } from './icc-calendar-item-x-api'\nimport { IccPatientXApi } from './icc-patient-x-api'\nimport { IccMessageXApi } from './icc-message-x-api'\nimport { IccReceiptXApi } from './icc-receipt-x-api'\nimport { IccAccesslogXApi } from './icc-accesslog-x-api'\nimport { IccTimeTableXApi } from './icc-time-table-x-api'\nimport { IccCodeXApi } from './icc-code-x-api'\nimport { IccMaintenanceTaskXApi } from './icc-maintenance-task-x-api'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { StorageFacade } from './storage/StorageFacade'\nimport { KeyStorageFacade } from './storage/KeyStorageFacade'\nimport { LocalStorageImpl } from './storage/LocalStorageImpl'\nimport { KeyStorageImpl } from './storage/KeyStorageImpl'\nimport {\n AuthenticationProvider,\n BasicAuthenticationProvider,\n EnsembleAuthenticationProvider,\n JwtAuthenticationProvider,\n NoAuthenticationProvider,\n} from './auth/AuthenticationProvider'\nimport { CryptoPrimitives } from './crypto/CryptoPrimitives'\nimport { UserEncryptionKeysManager } from './crypto/UserEncryptionKeysManager'\nimport { IcureStorageFacade } from './storage/IcureStorageFacade'\nimport { DefaultStorageEntryKeysFactory } from './storage/DefaultStorageEntryKeysFactory'\nimport { KeyRecovery } from './crypto/KeyRecovery'\nimport { BaseExchangeKeysManager } from './crypto/BaseExchangeKeysManager'\nimport { StorageEntryKeysFactory } from './storage/StorageEntryKeysFactory'\nimport { CryptoStrategies } from './crypto/CryptoStrategies'\nimport { ExchangeKeysManager } from './crypto/ExchangeKeysManager'\nimport { ShamirKeysManager } from './crypto/ShamirKeysManager'\nimport { TransferKeysManager } from './crypto/TransferKeysManager'\nimport { IccIcureMaintenanceXApi } from './icc-icure-maintenance-x-api'\nimport { ConfidentialEntities } from './crypto/ConfidentialEntities'\nimport { ensureDelegationForSelf } from './crypto/utils'\nimport { SecureDelegationsSecurityMetadataDecryptor } from './crypto/SecureDelegationsSecurityMetadataDecryptor'\nimport { initialiseExchangeDataManagerForCurrentDataOwner } from './crypto/ExchangeDataManager'\nimport { BaseExchangeDataManager } from './crypto/BaseExchangeDataManager'\nimport { IccExchangeDataApi } from '../icc-api/api/internal/IccExchangeDataApi'\nimport { UserSignatureKeysManager } from './crypto/UserSignatureKeysManager'\nimport { AccessControlSecretUtils } from './crypto/AccessControlSecretUtils'\nimport { SecureDelegationsEncryption } from './crypto/SecureDelegationsEncryption'\nimport { LegacyDelegationSecurityMetadataDecryptor } from './crypto/LegacyDelegationSecurityMetadataDecryptor'\nimport { ExtendedApisUtilsImpl } from './crypto/ExtendedApisUtilsImpl'\nimport { SecureDelegationsManager } from './crypto/SecureDelegationsManager'\nimport { AccessControlKeysHeadersProvider } from './crypto/AccessControlKeysHeadersProvider'\nimport { IccExchangeDataMapApi } from '../icc-api/api/internal/IccExchangeDataMapApi'\nimport { ExchangeDataMapManager } from './crypto/ExchangeDataMapManager'\nimport { IccDeviceXApi } from './icc-device-x-api'\nimport { IccBekmehrXApi } from './icc-bekmehr-x-api'\nimport { IccDoctemplateXApi } from './icc-doctemplate-x-api'\nimport { UserGroup } from '../icc-api/model/UserGroup'\nimport { IccTopicXApi } from './icc-topic-x-api'\nimport { IccRoleApi } from '../icc-api/api/IccRoleApi'\nimport { DataOwnerTypeEnum } from '../icc-api/model/DataOwnerTypeEnum'\nimport { DelegationsDeAnonymization } from './crypto/DelegationsDeAnonymization'\nimport { JwtBridgedAuthService } from './auth/JwtBridgedAuthService'\nimport { AuthSecretProvider, SmartAuthProvider } from './auth/SmartAuthProvider'\nimport { KeyPairRecoverer } from './crypto/KeyPairRecoverer'\nimport { IccRecoveryDataApi } from '../icc-api/api/internal/IccRecoveryDataApi'\nimport { RecoveryDataEncryption } from './crypto/RecoveryDataEncryption'\nimport { IccRecoveryXApi } from './icc-recovery-x-api'\n\nexport * from './icc-accesslog-x-api'\nexport * from './icc-bekmehr-x-api'\nexport * from './icc-calendar-item-x-api'\nexport * from './icc-classification-x-api'\nexport * from './icc-code-x-api'\nexport * from './icc-contact-x-api'\nexport * from './icc-crypto-x-api'\nexport * from './icc-doctemplate-x-api'\nexport * from './icc-document-x-api'\nexport * from './icc-form-x-api'\nexport * from './icc-hcparty-x-api'\nexport * from './icc-helement-x-api'\nexport * from './icc-invoice-x-api'\nexport * from './icc-message-x-api'\nexport * from './icc-patient-x-api'\nexport * from './icc-user-x-api'\nexport * from './icc-time-table-x-api'\nexport * from './icc-receipt-x-api'\nexport * from './icc-data-owner-x-api'\nexport * from './icc-icure-maintenance-x-api'\nexport * from './icc-maintenance-task-x-api'\nexport * from './utils'\n\nexport * from './crypto/RSA'\nexport * from './crypto/CryptoPrimitives'\nexport * from './crypto/ShareMetadataBehaviour'\nexport * from './auth/AuthenticationProvider'\n\nexport { KeyStorageFacade } from './storage/KeyStorageFacade'\nexport { LocalStorageImpl } from './storage/LocalStorageImpl'\nexport { StorageFacade } from './storage/StorageFacade'\nexport { KeyStorageImpl } from './storage/KeyStorageImpl'\nexport { CryptoStrategies } from './crypto/CryptoStrategies'\nexport { getShaVersionForKey } from './crypto/utils'\n\nexport interface BasicApis {\n readonly authApi: IccAuthApi\n readonly codeApi: IccCodeXApi\n readonly userApi: IccUserXApi\n readonly permissionApi: IccPermissionApi\n readonly insuranceApi: IccInsuranceApi\n readonly entityReferenceApi: IccEntityrefApi\n readonly agendaApi: IccAgendaApi\n readonly groupApi: IccGroupApi\n readonly healthcarePartyApi: IccHcpartyXApi\n readonly deviceApi: IccDeviceXApi\n}\nexport interface Apis extends BasicApis {\n readonly calendarItemTypeApi: IccCalendarItemTypeApi\n readonly medicalLocationApi: IccMedicallocationApi\n readonly cryptoApi: IccCryptoXApi\n readonly accessLogApi: IccAccesslogXApi\n readonly contactApi: IccContactXApi\n readonly formApi: IccFormXApi\n readonly invoiceApi: IccInvoiceXApi\n readonly documentApi: IccDocumentXApi\n readonly healthcareElementApi: IccHelementXApi\n readonly classificationApi: IccClassificationXApi\n readonly calendarItemApi: IccCalendarItemXApi\n readonly receiptApi: IccReceiptXApi\n readonly timetableApi: IccTimeTableXApi\n readonly patientApi: IccPatientXApi\n readonly messageApi: IccMessageXApi\n readonly maintenanceTaskApi: IccMaintenanceTaskXApi\n readonly dataOwnerApi: IccDataOwnerXApi\n readonly icureMaintenanceTaskApi: IccIcureMaintenanceXApi\n readonly anonymousAccessApi: IccAnonymousAccessApi\n readonly applicationSettingsApi: IccApplicationsettingsApi\n readonly articleApi: IccArticleApi\n readonly bekmehrApi: IccBekmehrXApi\n readonly beefactApi: IccBeefactApi\n readonly beresultexportApi: IccBeresultexportApi\n readonly beresultimportApi: IccBeresultimportApi\n readonly besamv2Api: IccBesamv2Api\n readonly classificationTemplateApi: IccClassificationTemplateApi\n readonly doctemplateApi: IccDoctemplateXApi\n readonly entitytemplateApi: IccEntitytemplateApi\n readonly frontendmigrationApi: IccFrontendmigrationApi\n readonly icureApi: IccIcureApi\n readonly keywordApi: IccKeywordApi\n readonly medexApi: IccMedexApi\n readonly placeApi: IccPlaceApi\n readonly pubsubApi: IccPubsubApi\n readonly replicationApi: IccReplicationApi\n readonly tarificationApi: IccTarificationApi\n readonly tmpApi: IccTmpApi\n readonly topicApi: IccTopicXApi\n readonly roleApi: IccRoleApi\n readonly recoveryApi: IccRecoveryXApi\n}\n\n/**\n * Allows to customise the behaviour of the iCure API by providing various optional parameters.\n */\nexport interface IcureApiOptions {\n /**\n * Specifies how iCure can store string values (e.g. json). In production this should be persistent storage.\n * @default the browser's localStorage.\n */\n readonly storage?: StorageFacade<string>\n /**\n * Specifies how iCure can store cryptographic keys. Preferably this should be some ad-hoc storage key storage.\n * @default stores the json of the jwk representation of the key in {@link storage}.\n */\n readonly keyStorage?: KeyStorageFacade\n /**\n * Specifies where iCure should store his data within the {@link storage} and {@link keyStorage}.\n * @default {@link DefaultStorageEntryKeysFactory}\n */\n readonly entryKeysFactory?: StorageEntryKeysFactory\n /**\n * Specifies if iCure should automatically create maintenance tasks for requesting access back when a new key is generated at initialisation time.\n * Note that the maintenance task will be created only towards HCP data owners: if you want to create a maintenance task also to other types of data\n * owners you should disable this and call {@link IccIcureMaintenanceXApi.createMaintenanceTasksForNewKeypair} yourself.\n * @default true\n */\n readonly createMaintenanceTasksOnNewKey?: boolean\n /**\n * Additional headers to use on each request made by the iCure api.\n * @default no additional headers\n */\n readonly headers?: { [headerName: string]: string }\n /**\n * Specifies which fields should be encrypted for each kind of encryptable entity. You should make sure that every application in your environment\n * specifies the same values for this configuration.\n * @default see documentation for {@link EncryptedFieldsConfig}\n */\n readonly encryptedFieldsConfig?: EncryptedFieldsConfig\n /**\n * Each user may exist in multiple groups, but an instance of {@link IcureApi} is specialised for a single group. This function allows you to decide\n * the group to use for a given user. This functions will be called only if a user exists in at least 2 groups, takes in input the information on\n * the groups the user can access (in no specific order) and must return the id of one of these groups.\n * @default takes the first group provided. The group chosen by this method may vary between different instantiations of the {@link IcureApi} even\n * if for the same user and if the groups available for the user do not change.\n */\n readonly groupSelector?: (availableGroupsInfo: UserGroup[]) => Promise<string>\n /**\n * Temporary value to support EHR Lite and MedTech api implementations.\n *\n * Currently, all hcps are able to access encrypted data shared with any of their parents, and on initialisation the api will verify that there is a\n * key pair available for the current user and for every parent of the user. If this option is set to true, the api will not load keys for the\n * parent users.\n *\n * This \"implicit data-sharing scheme\" (each parent HCP is essentially sharing data with all its children HCPs), however, may not be ideal for all\n * use cases, and it will be changed in future to be configurable in order to make it more general.\n * @default false, equivalent to previous behaviour.\n */\n readonly disableParentKeysInitialisation?: boolean\n}\n\nnamespace IcureApiOptions {\n export namespace Defaults {\n export const entryKeysFactory = new DefaultStorageEntryKeysFactory()\n export const createMaintenanceTasksOnNewKey = true\n export const headers = {}\n }\n\n export class WithDefaults implements IcureApiOptions {\n readonly entryKeysFactory: StorageEntryKeysFactory\n readonly createMaintenanceTasksOnNewKey: boolean\n readonly storage: StorageFacade<string>\n readonly keyStorage: KeyStorageFacade\n readonly headers: { [headerName: string]: string }\n readonly encryptedFieldsConfig: EncryptedFieldsConfig\n readonly groupSelector: (availableGroupsInfo: UserGroup[]) => Promise<string>\n readonly disableParentKeysInitialisation: boolean\n\n constructor(custom: IcureApiOptions) {\n this.entryKeysFactory = custom.entryKeysFactory ?? Defaults.entryKeysFactory\n this.createMaintenanceTasksOnNewKey = custom.createMaintenanceTasksOnNewKey ?? Defaults.createMaintenanceTasksOnNewKey\n this.storage = custom.storage ?? new LocalStorageImpl()\n this.keyStorage = custom.keyStorage ?? new KeyStorageImpl(this.storage)\n this.headers = custom.headers ?? Defaults.headers\n this.encryptedFieldsConfig = custom.encryptedFieldsConfig ?? {}\n this.groupSelector = custom.groupSelector ?? ((groups) => Promise.resolve(groups[0].groupId!))\n this.disableParentKeysInitialisation = custom.disableParentKeysInitialisation ?? false\n }\n }\n}\n\n/**\n * Specifies which fields should be encrypted for each kind of encryptable entity.\n *\n * Note that any value you specify here overrides the default values. For example if you specify `['medicalLocationId']` for `healthElement` the\n * fields `['descr', 'note']` which are usually encrypted by default will no longer be encrypted. If you want to add fields to the default values\n * you can use {@link EncryptedFieldsConfig.Defaults}, for example `[...EncryptedFieldsConfig.Defaults.healthElement, 'medicalLocationId'].\n *\n * # Encrypted fields syntax\n *\n * ## Grammar\n *\n * The grammar for each encrypted field is the following:\n * ```\n * fieldName :=\n * regex([a-zA-Z_][a-zA-Z0-9_]+)\n * encryptedField :=\n * fieldName\n * | fieldName + (\".\" | \".*.\" | \"[].\") + encryptedField\n * ```\n *\n * This grammar allows you to specify the fields to encrypt for the object and recursively for nested objects.\n * - A string containing only a single `fieldName` will encrypt the field with the given name.\n * - A string starting with `fieldName.` allows to specify the encrypted fields of a nested object. The encrypted values of the\n * fields in the nested object will be saved in the nested object.\n * - A string starting with `fieldName.*.` treats `fieldName` as a map/dictionary data structure and allows to specify the encrypted fields of the\n * values of the map. Note that the values of the map must be objects as well. The encrypted content of each map value is stored in that value.\n * - A string starting with `fieldName[].` treats `fieldName` as an array and allows to specify the encrypted fields of the values of the array.\n * Note that the values of the array must be objects as well. The encrypted content of each array element is stored in that element.\n *\n * ## Example\n *\n * Consider the following object and encryption keys:\n * ```javascript\n * const obj = {\n * a: { x: 0, y: 1 },\n * b: \"hello\",\n * c: [ { public: \"a\", secret: \"b\" }, { public: \"c\", secret: \"d\" } ],\n * d: \"ok\",\n * e: {\n * info: \"something\",\n * private: \"secret\",\n * dataMap: {\n * \"en\": {\n * a: 1,\n * b: 2\n * },\n * \"fr\": {\n * a: 3,\n * b: 4\n * }\n * }\n * }\n * }\n * const encryptedFields = [\n * \"a\",\n * \"c[].secret\",\n * \"d\",\n * \"e.private\",\n * \"e.datamap.*.a\"\n * ]\n * ```\n * If you use them with the crypt method you will get the following result:\n * ```json\n * {\n * b: \"hello\",\n * c: [\n * { public: \"a\", encryptedSelf: 'encrypted+encoded { secret: \"b\" }' },\n * { public: \"c\", encryptedSelf: 'encrypted+encoded { secret: \"d\" }' }\n * ],\n * e: {\n * info: \"something\",\n * dataMap: {\n * \"en\": { b: 2, encryptedSelf: 'encrypted+encoded { a: 1 }' },\n * \"fr\": { b: 4, encryptedSelf: 'encrypted+encoded { a: 3 }' }\n * },\n * encryptedSelf: 'encrypted+encoded { private: \"secret\" }'\n * },\n * encryptedSelf: 'encrypted+encoded { a: { x: 0, y: 1 }, d: \"ok\" }'\n * }\n * ```\n *\n * ## Shortened representation\n *\n * You can also group encrypted fields having the same prefix by concatenating to the prefix the JSON representation of an array of all the postfixes.\n * For example the following encrypted fields:\n * ```javascript\n * const encryptedFields = [\"a.b.c.d.e.f1\", \"a.b.c.d.e.f2\", \"a.b.c.d.e.f3\", \"a.b.c.d.e.f4\"]\n * ```\n * can be shortened to\n * ```javascript\n * const encryptedFields = ['a.b.c.d.e.[\"f1\",\"f2\",\"f3\",\"f4\"]'] // Note the use of single quotes to avoid escaping the double quotes\n * ```\n * If you use the shortened representation you may need to escape nested json representations. In that case the use of `JSON.stringify` is\n * recommended.\n */\nexport interface EncryptedFieldsConfig {\n /**\n * Fields to encrypt for entities of type {@link AccessLog}\n * @default ['detail', 'objectId']\n */\n readonly accessLog?: string[]\n /**\n * Fields to encrypt for entities of type {@link CalendarItem}\n * @default ['details', 'title', 'patientId']\n */\n readonly calendarItem?: string[]\n /**\n * Fields to encrypt for entities of type {@link Contact}, excluding `services`. You can specify which fields of `services` should be encrypted\n * using {@link service}.\n * @default ['descr'] // encryption of `services` is managed through {@link service}\n */\n readonly contact?: string[]\n /**\n * Fields to encrypt for entities of type {@link Service}. Note that encryption of the `content` field and recursively contained `Services` through\n * `content.compoundValue` is automatically managed by the sdk, and you are not allowed to modify it.\n *\n * Note: any non-empty values for this field will break bi-directional data compatibility between v7 and previous: Contacts created with\n * v7 will not be read properly by previous versions. If you want\n * @default ['notes[].markdown'] // encryption of `content` is managed in a special way\n */\n readonly service?: string[]\n /**\n * Fields to encrypt for entities of type {@link HealthElement}\n * @default ['descr', 'note', 'notes[].markdown']\n */\n readonly healthElement?: string[]\n /**\n * Fields to encrypt for entities of type {@link MaintenanceTask}\n * @default ['properties']\n */\n readonly maintenanceTask?: string[]\n /**\n * Fields to encrypt for entities of type {@link Patient}\n * @default ['note', 'notes[].markdown']\n */\n readonly patient?: string[]\n\n /**\n * Fields to encrypt for entities of type {@link Message}\n * @default []\n */\n readonly message?: string[]\n\n /**\n * Fields to encrypt for entities of type {@link Topic}\n * @default ['description']\n */\n readonly topic?: string[]\n}\n\nexport namespace EncryptedFieldsConfig {\n export const Defaults = {\n accessLog: ['detail', 'objectId'],\n calendarItem: ['details', 'title', 'patientId'],\n contact: ['descr'],\n service: ['notes[].markdown'],\n healthElement: ['descr', 'note', 'notes[].markdown'],\n maintenanceTask: ['properties'],\n patient: ['note', 'notes[].markdown'],\n message: [],\n topic: ['description', 'linkedServices', 'linkedHealthElements'],\n }\n}\n\n/**\n * Details for the authentication of a user\n */\nexport type AuthenticationDetails =\n | {\n username: string\n password: string\n thirdPartyTokens?: { [thirdParty: string]: string }\n }\n | {\n icureTokens: { token: string; refreshToken: string }\n credentials?: { username: string; password: string }\n }\n | {\n thirdPartyTokens: { [thirdParty: string]: string }\n }\n | SmartAuthenticationDetails\n\n/**\n * Allows to perform authentication through an {@link AuthSecretProvider}.\n *\n * The iCure SDK can authenticate to the backend using different kinds of secrets, such as passwords, long-lived authentication tokens, and\n * short-lived authentication tokens generated through the message gateway. iCure associates to each kind of secret a certain security level, and for\n * some sensitive operations, depending on the configurations of the user and his group, some operations may require a secret of a certain security\n * level. For example, with the default configurations, in order to change his own email the user can't have logged in with a long-lived token, but he\n * needs to provide his current password or a short-lived token.\n *\n * By using this authentication option, the iCure SDK will automatically request and cache the secret from the {@link AuthSecretProvider} only when\n * needed, which should help to minimise the interaction with the user.\n *\n * Another advantage of using this authentication option over others is that in case all the cached tokens and secrets were to expire while performing\n * a request, instead of having the request fail the SDK will ask for a new secret from the {@link SmartAuthProvider} and the request will\n * automatically be retried with the new secret.\n *\n * You must provide the following information:\n * - username: any kind of value that can identify the user (userId, groupId/userId, username, email, ...). More generic identifiers, valid\n * on multiple groups, allow for simpler group switching by using {@link IcureApi.switchGroup}.\n * - secretProvider: the secret provider to use for authentication. Will handle interaction with the gui.\n *\n * You can also provide the following optional information, which may allow to reduce the requests for secrets initially:\n * - initialSecret: an initial secret (password, token, ...) that will be used to get new authentication tokens as needed. If it is expired it will be ignored.\n * - initialAuthToken: an initial authentication token used on each request. If it is expired it will be ignored.\n * - initialRefreshToken: an initial refresh token used to get new authentication tokens as needed. If it is expired it will be ignored.\n */\nexport type SmartAuthenticationDetails = {\n username: string\n secretProvider: AuthSecretProvider\n initialSecret?: { plainSecret: string } | { oauthToken: string; oauthType: OAuthThirdParty }\n initialAuthToken?: string\n initialRefreshToken?: string\n}\n\n/**\n * Main entry point for the iCure API. Provides entity-specific sub-apis and some general methods which are not related to a specific entity.\n */\nexport interface IcureApi extends Apis {\n /**\n * Get the information on groups that the current user can access and the current group that this api instance is working on.\n * Note that the values you will get for `availableGroups` may differ from the values you would get if you call {@link IccUserApi.getMatchingUsers}\n * on {@link Apis.userApi}, since the latter is specialised on the specific instance of the user in `currentGroup`.\n * - `currentGroup`: the group that this api instance is working on, or undefined if the backend environment is not multi-group.\n * - `availableGroups`: the list of groups that the current user can access with the provided secret. Empty if the backend environment is not\n * multi-group.\n */\n getGroupsInfo(): Promise<{ currentGroup: UserGroup | undefined; availableGroups: UserGroup[] }>\n\n /**\n * Switches the api to allow the user to work on a different group.\n * @param newGroupId the id of the group to switch to.\n * @return a new api for the specified group.\n */\n switchGroup(newGroupId: string): Promise<IcureApi>\n}\n\nexport namespace IcureApi {\n /**\n * Initialises a new instance of the iCure API.\n */\n export async function initialise(\n host: string,\n authenticationOptions: AuthenticationDetails | AuthenticationProvider,\n cryptoStrategies: CryptoStrategies,\n crypto: Crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : ({} as Crypto),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch,\n options: IcureApiOptions = {}\n ): Promise<IcureApi> {\n const params = new IcureApiOptions.WithDefaults(options)\n let grouplessAuthenticationProvider = await getAuthenticationProvider(host, authenticationOptions, params.headers, fetchImpl)\n // TODO if this uses a smart auth provider the groupless auth provider does not share the secret cache with the group specific one.\n const grouplessUserApi = new IccUserApi(host, params.headers, grouplessAuthenticationProvider, fetchImpl)\n const matches = await getMatchesOrEmpty(grouplessUserApi)\n const chosenGroupId = matches.length > 1 && !!options.groupSelector ? await options.groupSelector(matches) : matches[0]?.groupId\n /*TODO\n * On new very new users switching the authentication provider to a specific group may fail and block the user for too many requests. This is\n * probably linked to replication of the user in the fallback database.\n */\n const groupSpecificAuthenticationProvider =\n matches.length > 1 && chosenGroupId\n ? await grouplessAuthenticationProvider.switchGroup(chosenGroupId, matches)\n : grouplessAuthenticationProvider\n const cryptoInitInfo = await initialiseCryptoWithProvider(host, fetchImpl, groupSpecificAuthenticationProvider, params, cryptoStrategies, crypto)\n return new IcureApiImpl(\n cryptoInitInfo,\n host,\n groupSpecificAuthenticationProvider,\n fetch,\n grouplessUserApi,\n matches,\n matches.find((match) => match.groupId === chosenGroupId),\n params,\n cryptoStrategies\n )\n }\n}\n\nasync function getAuthenticationProvider(\n host: string,\n authenticationOptions: AuthenticationDetails | AuthenticationProvider,\n headers: { [headerName: string]: string },\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response>\n) {\n let authenticationProvider: AuthenticationProvider\n if ('getIcureTokens' in authenticationOptions && 'switchGroup' in authenticationOptions && 'getAuthService' in authenticationOptions) {\n authenticationProvider = authenticationOptions\n } else if ('icureTokens' in authenticationOptions && !!authenticationOptions.icureTokens) {\n authenticationProvider = new JwtAuthenticationProvider(\n new IccAuthApi(host, headers, new NoAuthenticationProvider(), fetchImpl),\n authenticationOptions?.credentials?.username,\n authenticationOptions?.credentials?.password,\n undefined,\n authenticationOptions.icureTokens\n )\n } else if (\n 'username' in authenticationOptions &&\n 'password' in authenticationOptions &&\n !!authenticationOptions.username &&\n !!authenticationOptions.password\n ) {\n authenticationProvider = new EnsembleAuthenticationProvider(\n new IccAuthApi(host, headers, new NoAuthenticationProvider(), fetchImpl),\n authenticationOptions.username,\n authenticationOptions.password,\n 3600,\n undefined,\n undefined,\n authenticationOptions.thirdPartyTokens\n )\n } else if ('thirdPartyTokens' in authenticationOptions && !!authenticationOptions.thirdPartyTokens) {\n authenticationProvider = new JwtAuthenticationProvider(\n new IccAuthApi(host, headers, new NoAuthenticationProvider(), fetchImpl),\n undefined,\n undefined,\n new JwtBridgedAuthService(\n new IccAuthApi(host, headers, new NoAuthenticationProvider(), fetchImpl),\n undefined,\n undefined,\n authenticationOptions.thirdPartyTokens,\n undefined\n )\n )\n } else if ('username' in authenticationOptions && 'secretProvider' in authenticationOptions) {\n authenticationProvider = SmartAuthProvider.initialise(\n new IccAuthApi(host, headers, new NoAuthenticationProvider(), fetchImpl),\n authenticationOptions.username,\n authenticationOptions.secretProvider,\n {\n initialSecret: authenticationOptions.initialSecret,\n initialAuthToken: authenticationOptions.initialAuthToken,\n initialRefreshToken: authenticationOptions.initialRefreshToken,\n }\n )\n } else {\n throw new Error('Invalid authentication options provided')\n }\n return authenticationProvider\n}\n\n// Apis which are used during crypto api initialisation, to avoid re-instantiating them later\ntype CryptoInitialisationInfo = {\n cryptoApi: IccCryptoXApi\n healthcarePartyApi: IccHcpartyXApi\n deviceApi: IccDeviceXApi\n // no patient api since it is base\n dataOwnerApi: IccDataOwnerXApi\n userApi: IccUserXApi\n icureMaintenanceTaskApi: IccIcureMaintenanceXApi\n maintenanceTaskApi: IccMaintenanceTaskXApi\n headers: { [headerName: string]: string }\n dataOwnerRequiresAnonymousDelegation: boolean\n recoveryApi: IccRecoveryXApi\n}\n\nconst REQUEST_AUTOFIX_ANONYMITY_HEADER = 'Icure-Request-Autofix-Anonymity'\n\nasync function initialiseCryptoWithProvider(\n host: string,\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response>,\n groupSpecificAuthenticationProvider: AuthenticationProvider,\n params: IcureApiOptions.WithDefaults,\n cryptoStrategies: CryptoStrategies,\n crypto: Crypto\n): Promise<CryptoInitialisationInfo> {\n const initialDataOwnerStub = await new IccDataOwnerXApi(\n host,\n params.headers,\n groupSpecificAuthenticationProvider,\n fetchImpl\n ).getCurrentDataOwnerStub()\n const dataOwnerRequiresAnonymousDelegation = cryptoStrategies.dataOwnerRequiresAnonymousDelegation(initialDataOwnerStub)\n let updatedHeaders = params.headers\n if (!Object.keys(updatedHeaders).includes(REQUEST_AUTOFIX_ANONYMITY_HEADER)) {\n if (initialDataOwnerStub.type == DataOwnerTypeEnum.Patient || initialDataOwnerStub.type == DataOwnerTypeEnum.Device) {\n if (!dataOwnerRequiresAnonymousDelegation) {\n updatedHeaders = { ...updatedHeaders, [REQUEST_AUTOFIX_ANONYMITY_HEADER]: 'false' }\n }\n } else {\n if (dataOwnerRequiresAnonymousDelegation) {\n updatedHeaders = { ...updatedHeaders, [REQUEST_AUTOFIX_ANONYMITY_HEADER]: 'true' }\n }\n }\n }\n\n const authApi = new IccAuthApi(host, updatedHeaders, groupSpecificAuthenticationProvider, fetchImpl)\n const userApi = new IccUserXApi(host, updatedHeaders, groupSpecificAuthenticationProvider, authApi, fetchImpl)\n const healthcarePartyApi = new IccHcpartyXApi(host, updatedHeaders, groupSpecificAuthenticationProvider, authApi, fetchImpl)\n const deviceApi = new IccDeviceXApi(host, updatedHeaders, groupSpecificAuthenticationProvider, userApi, authApi, fetchImpl)\n const basePatientApi = new IccPatientApi(host, updatedHeaders, groupSpecificAuthenticationProvider, fetchImpl)\n const dataOwnerApi = new IccDataOwnerXApi(host, updatedHeaders, groupSpecificAuthenticationProvider, fetchImpl)\n const exchangeDataApi = new IccExchangeDataApi(host, updatedHeaders, groupSpecificAuthenticationProvider, fetchImpl)\n const baseRecoveryDataApi = new IccRecoveryDataApi(host, updatedHeaders, groupSpecificAuthenticationProvider, fetchImpl)\n // Crypto initialisation\n const icureStorage = new IcureStorageFacade(params.keyStorage, params.storage, params.entryKeysFactory)\n const cryptoPrimitives = new CryptoPrimitives(crypto)\n const baseExchangeKeysManager = new BaseExchangeKeysManager(cryptoPrimitives, dataOwnerApi, healthcarePartyApi, basePatientApi, deviceApi)\n const baseExchangeDataManager = new BaseExchangeDataManager(exchangeDataApi, dataOwnerApi, cryptoPrimitives, dataOwnerRequiresAnonymousDelegation)\n const keyRecovery = new KeyRecovery(cryptoPrimitives, dataOwnerApi, baseExchangeKeysManager, baseExchangeDataManager)\n const recoveryDataEncryption = new RecoveryDataEncryption(cryptoPrimitives, baseRecoveryDataApi)\n const keyPairRecoverer = new KeyPairRecoverer(recoveryDataEncryption)\n const userEncryptionKeysManager = new UserEncryptionKeysManager(\n cryptoPrimitives,\n dataOwnerApi,\n icureStorage,\n keyRecovery,\n cryptoStrategies,\n !params.disableParentKeysInitialisation,\n keyPairRecoverer\n )\n const userSignatureKeysManager = new UserSignatureKeysManager(icureStorage, dataOwnerApi, cryptoPrimitives)\n const newKey = await userEncryptionKeysManager.initialiseKeys()\n await new TransferKeysManager(\n cryptoPrimitives,\n baseExchangeDataManager,\n dataOwnerApi,\n userEncryptionKeysManager,\n userSignatureKeysManager,\n icureStorage\n ).updateTransferKeys(await dataOwnerApi.getCurrentDataOwnerStub())\n // TODO customise cache size?\n const exchangeKeysManager = new ExchangeKeysManager(\n 100,\n 500,\n 600000,\n 60000,\n cryptoStrategies,\n cryptoPrimitives,\n userEncryptionKeysManager,\n baseExchangeKeysManager,\n dataOwnerApi,\n !params.disableParentKeysInitialisation,\n icureStorage\n )\n const accessControlSecretUtils = new AccessControlSecretUtils(cryptoPrimitives)\n const exchangeDataManager = await initialiseExchangeDataManagerForCurrentDataOwner(\n baseExchangeDataManager,\n userEncryptionKeysManager,\n userSignatureKeysManager,\n accessControlSecretUtils,\n cryptoStrategies,\n dataOwnerApi,\n cryptoPrimitives,\n !params.disableParentKeysInitialisation\n )\n const exchangeDataMapManager = new ExchangeDataMapManager(\n new IccExchangeDataMapApi(host, updatedHeaders, groupSpecificAuthenticationProvider, fetchImpl)\n )\n const secureDelegationsEncryption = new SecureDelegationsEncryption(userEncryptionKeysManager, cryptoPrimitives)\n const secureDelegationsSecurityMetadataEncryption = new SecureDelegationsSecurityMetadataDecryptor(\n exchangeDataManager,\n exchangeDataMapManager,\n secureDelegationsEncryption,\n dataOwnerApi\n )\n const xApiUtils = new ExtendedApisUtilsImpl(\n cryptoPrimitives,\n dataOwnerApi,\n new LegacyDelegationSecurityMetadataDecryptor(exchangeKeysManager, cryptoPrimitives),\n secureDelegationsSecurityMetadataEncryption,\n new SecureDelegationsManager(\n exchangeDataManager,\n exchangeDataMapManager,\n secureDelegationsEncryption,\n accessControlSecretUtils,\n userEncryptionKeysManager,\n cryptoPrimitives,\n dataOwnerApi,\n cryptoStrategies,\n dataOwnerRequiresAnonymousDelegation\n ),\n userApi,\n !params.disableParentKeysInitialisation\n )\n const shamirManager = new ShamirKeysManager(cryptoPrimitives, dataOwnerApi, userEncryptionKeysManager, exchangeDataManager)\n const confidentialEntitites = new ConfidentialEntities(xApiUtils, cryptoPrimitives, dataOwnerApi)\n await ensureDelegationForSelf(dataOwnerApi, xApiUtils, basePatientApi, cryptoPrimitives)\n const accessControlKeysHeadersProvider = new AccessControlKeysHeadersProvider(exchangeDataManager)\n const delegationsDeAnonymisation = new DelegationsDeAnonymization(\n dataOwnerApi,\n secureDelegationsSecurityMetadataEncryption,\n xApiUtils,\n cryptoPrimitives,\n accessControlSecretUtils,\n host,\n updatedHeaders,\n groupSpecificAuthenticationProvider,\n fetchImpl,\n accessControlKeysHeadersProvider\n )\n const cryptoApi = new IccCryptoXApi(\n exchangeKeysManager,\n cryptoPrimitives,\n userEncryptionKeysManager,\n dataOwnerApi,\n xApiUtils,\n shamirManager,\n params.storage,\n params.keyStorage,\n confidentialEntitites,\n exchangeDataManager,\n accessControlKeysHeadersProvider,\n delegationsDeAnonymisation\n )\n const maintenanceTaskApi = new IccMaintenanceTaskXApi(\n host,\n updatedHeaders,\n cryptoApi,\n healthcarePartyApi,\n dataOwnerApi,\n userApi,\n authApi,\n !dataOwnerRequiresAnonymousDelegation,\n params.encryptedFieldsConfig.maintenanceTask ?? EncryptedFieldsConfig.Defaults.maintenanceTask,\n groupSpecificAuthenticationProvider,\n fetchImpl\n )\n const icureMaintenanceTaskApi = new IccIcureMaintenanceXApi(cryptoApi, maintenanceTaskApi, dataOwnerApi, exchangeDataApi)\n\n if (newKey && params.createMaintenanceTasksOnNewKey) {\n await icureMaintenanceTaskApi.createMaintenanceTasksForNewKeypair(await userApi.getCurrentUser(), newKey.newKeyPair)\n }\n return {\n cryptoApi,\n userApi,\n healthcarePartyApi,\n deviceApi,\n maintenanceTaskApi,\n dataOwnerApi,\n icureMaintenanceTaskApi,\n headers: updatedHeaders,\n dataOwnerRequiresAnonymousDelegation,\n recoveryApi: new IccRecoveryXApi(\n baseRecoveryDataApi,\n recoveryDataEncryption,\n userEncryptionKeysManager,\n dataOwnerApi,\n cryptoPrimitives,\n exchangeDataManager\n ),\n }\n}\n\nclass IcureApiImpl implements IcureApi {\n private latestGroupsRequest: Promise<UserGroup[]>\n\n constructor(\n private readonly cryptoInitInfos: CryptoInitialisationInfo,\n private readonly host: string,\n private readonly groupSpecificAuthenticationProvider: AuthenticationProvider,\n private readonly fetch: (input: RequestInfo, init?: RequestInit) => Promise<Response>,\n private readonly grouplessUserApi: IccUserApi,\n latestMatches: UserGroup[],\n private readonly currentGroupInfo: UserGroup | undefined,\n private readonly params: IcureApiOptions.WithDefaults,\n private readonly cryptoStrategies: CryptoStrategies\n ) {\n this.latestGroupsRequest = Promise.resolve(latestMatches)\n }\n\n private _authApi: IccAuthApi | undefined\n\n get recoveryApi(): IccRecoveryXApi {\n return this.cryptoInitInfos.recoveryApi\n }\n\n get authApi(): IccAuthApi {\n return (\n this._authApi ?? (this._authApi = new IccAuthApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _codeApi: IccCodeXApi | undefined\n\n get codeApi(): IccCodeXApi {\n return (\n this._codeApi ??\n (this._codeApi = new IccCodeXApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _calendarItemTypeApi: IccCalendarItemTypeApi | undefined\n\n get calendarItemTypeApi(): IccCalendarItemTypeApi {\n return (\n this._calendarItemTypeApi ??\n (this._calendarItemTypeApi = new IccCalendarItemTypeApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _medicalLocationApi: IccMedicallocationApi | undefined\n\n get medicalLocationApi(): IccMedicallocationApi {\n return (\n this._medicalLocationApi ??\n (this._medicalLocationApi = new IccMedicallocationApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _roleApi: IccRoleApi | undefined\n\n get roleApi(): IccRoleApi {\n return this._roleApi ?? (this._roleApi = new IccRoleApi(this.host, this.params.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n }\n\n private _entityReferenceApi: IccEntityrefApi | undefined\n\n get entityReferenceApi(): IccEntityrefApi {\n return (\n this._entityReferenceApi ??\n (this._entityReferenceApi = new IccEntityrefApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _permissionApi: IccPermissionApi | undefined\n\n get permissionApi(): IccPermissionApi {\n return (\n this._permissionApi ??\n (this._permissionApi = new IccPermissionApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _accessLogApi: IccAccesslogXApi | undefined\n\n get accessLogApi(): IccAccesslogXApi {\n return (\n this._accessLogApi ??\n (this._accessLogApi = new IccAccesslogXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.params.encryptedFieldsConfig.accessLog ?? EncryptedFieldsConfig.Defaults.accessLog,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _agendaApi: IccAgendaApi | undefined\n\n get agendaApi(): IccAgendaApi {\n return (\n this._agendaApi ??\n (this._agendaApi = new IccAgendaApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _contactApi: IccContactXApi | undefined\n\n get contactApi(): IccContactXApi {\n return (\n this._contactApi ??\n (this._contactApi = new IccContactXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n this.userApi,\n this.authApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch,\n this.params.encryptedFieldsConfig.contact ?? EncryptedFieldsConfig.Defaults.contact,\n this.params.encryptedFieldsConfig.service ?? EncryptedFieldsConfig.Defaults.service\n ))\n )\n }\n\n private _formApi: IccFormXApi | undefined\n\n get formApi(): IccFormXApi {\n return (\n this._formApi ??\n (this._formApi = new IccFormXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _groupApi: IccGroupApi | undefined\n\n get groupApi(): IccGroupApi {\n return (\n this._groupApi ??\n (this._groupApi = new IccGroupApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _invoiceApi: IccInvoiceXApi | undefined\n\n get invoiceApi(): IccInvoiceXApi {\n return (\n this._invoiceApi ??\n (this._invoiceApi = new IccInvoiceXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.entityReferenceApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _insuranceApi: IccInsuranceApi | undefined\n\n get insuranceApi(): IccInsuranceApi {\n return (\n this._insuranceApi ??\n (this._insuranceApi = new IccInsuranceApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _documentApi: IccDocumentXApi | undefined\n\n get documentApi(): IccDocumentXApi {\n return (\n this._documentApi ??\n (this._documentApi = new IccDocumentXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.authApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _healthcareElementApi: IccHelementXApi | undefined\n\n get healthcareElementApi(): IccHelementXApi {\n return (\n this._healthcareElementApi ??\n (this._healthcareElementApi = new IccHelementXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n this.userApi,\n this.authApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.params.encryptedFieldsConfig.healthElement ?? EncryptedFieldsConfig.Defaults.healthElement,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _classificationApi: IccClassificationXApi | undefined\n\n get classificationApi(): IccClassificationXApi {\n return (\n this._classificationApi ??\n (this._classificationApi = new IccClassificationXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _calendarItemApi: IccCalendarItemXApi | undefined\n\n get calendarItemApi(): IccCalendarItemXApi {\n return (\n this._calendarItemApi ??\n (this._calendarItemApi = new IccCalendarItemXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.params.encryptedFieldsConfig.calendarItem ?? EncryptedFieldsConfig.Defaults.calendarItem,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _receiptApi: IccReceiptXApi | undefined\n\n get receiptApi(): IccReceiptXApi {\n return (\n this._receiptApi ??\n (this._receiptApi = new IccReceiptXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _timetableApi: IccTimeTableXApi | undefined\n\n get timetableApi(): IccTimeTableXApi {\n return (\n this._timetableApi ??\n (this._timetableApi = new IccTimeTableXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _patientApi: IccPatientXApi | undefined\n\n get patientApi(): IccPatientXApi {\n return (\n this._patientApi ??\n (this._patientApi = new IccPatientXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.contactApi,\n this.formApi,\n this.healthcareElementApi,\n this.invoiceApi,\n this.documentApi,\n this.healthcarePartyApi,\n this.classificationApi,\n this.dataOwnerApi,\n this.calendarItemApi,\n this.userApi,\n this.authApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.params.encryptedFieldsConfig.patient ?? EncryptedFieldsConfig.Defaults.patient,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _messageApi: IccMessageXApi | undefined\n\n get messageApi(): IccMessageXApi {\n return (\n this._messageApi ??\n (this._messageApi = new IccMessageXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n this.authApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.params.encryptedFieldsConfig.message ?? EncryptedFieldsConfig.Defaults.message,\n this.fetch\n ))\n )\n }\n\n private _topicApi: IccTopicXApi | undefined\n\n get topicApi(): IccTopicXApi {\n return (\n this._topicApi ??\n (this._topicApi = new IccTopicXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n this.authApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.params.encryptedFieldsConfig.topic ?? EncryptedFieldsConfig.Defaults.topic,\n this.fetch\n ))\n )\n }\n\n private _anonymousAccessApi: IccAnonymousAccessApi | undefined\n\n get anonymousAccessApi(): IccAnonymousAccessApi {\n return (\n this._anonymousAccessApi ??\n (this._anonymousAccessApi = new IccAnonymousAccessApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _applicationSettingsApi: IccApplicationsettingsApi | undefined\n\n get applicationSettingsApi(): IccApplicationsettingsApi {\n return (\n this._applicationSettingsApi ??\n (this._applicationSettingsApi = new IccApplicationsettingsApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _articleApi: IccArticleApi | undefined\n\n get articleApi(): IccArticleApi {\n return (\n this._articleApi ??\n (this._articleApi = new IccArticleApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _bekmehrApi: IccBekmehrXApi | undefined\n\n get bekmehrApi(): IccBekmehrXApi {\n return (\n this._bekmehrApi ??\n (this._bekmehrApi = new IccBekmehrXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.authApi,\n this.contactApi,\n this.healthcareElementApi,\n this.documentApi,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _beefactApi: IccBeefactApi | undefined\n\n get beefactApi(): IccBeefactApi {\n return (\n this._beefactApi ??\n (this._beefactApi = new IccBeefactApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _beresultexportApi: IccBeresultexportApi | undefined\n\n get beresultexportApi(): IccBeresultexportApi {\n return (\n this._beresultexportApi ??\n (this._beresultexportApi = new IccBeresultexportApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _beresultimportApi: IccBeresultimportApi | undefined\n\n get beresultimportApi(): IccBeresultimportApi {\n return (\n this._beresultimportApi ??\n (this._beresultimportApi = new IccBeresultimportApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _besamv2Api: IccBesamv2Api | undefined\n\n get besamv2Api(): IccBesamv2Api {\n return (\n this._besamv2Api ??\n (this._besamv2Api = new IccBesamv2Api(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _classificationTemplateApi: IccClassificationTemplateApi | undefined\n\n get classificationTemplateApi(): IccClassificationTemplateApi {\n return (\n this._classificationTemplateApi ??\n (this._classificationTemplateApi = new IccClassificationTemplateApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _doctemplateApi: IccDoctemplateXApi | undefined\n\n get doctemplateApi(): IccDoctemplateXApi {\n return (\n this._doctemplateApi ??\n (this._doctemplateApi = new IccDoctemplateXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _entitytemplateApi: IccEntitytemplateApi | undefined\n\n get entitytemplateApi(): IccEntitytemplateApi {\n return (\n this._entitytemplateApi ??\n (this._entitytemplateApi = new IccEntitytemplateApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _frontendmigrationApi: IccFrontendmigrationApi | undefined\n\n get frontendmigrationApi(): IccFrontendmigrationApi {\n return (\n this._frontendmigrationApi ??\n (this._frontendmigrationApi = new IccFrontendmigrationApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _icureApi: IccIcureApi | undefined\n\n get icureApi(): IccIcureApi {\n return (\n this._icureApi ??\n (this._icureApi = new IccIcureApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _keywordApi: IccKeywordApi | undefined\n\n get keywordApi(): IccKeywordApi {\n return (\n this._keywordApi ??\n (this._keywordApi = new IccKeywordApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _medexApi: IccMedexApi | undefined\n\n get medexApi(): IccMedexApi {\n return (\n this._medexApi ??\n (this._medexApi = new IccMedexApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _placeApi: IccPlaceApi | undefined\n\n get placeApi(): IccPlaceApi {\n return (\n this._placeApi ??\n (this._placeApi = new IccPlaceApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _pubsubApi: IccPubsubApi | undefined\n\n get pubsubApi(): IccPubsubApi {\n return (\n this._pubsubApi ??\n (this._pubsubApi = new IccPubsubApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _replicationApi: IccReplicationApi | undefined\n\n get replicationApi(): IccReplicationApi {\n return (\n this._replicationApi ??\n (this._replicationApi = new IccReplicationApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _tarificationApi: IccTarificationApi | undefined\n\n get tarificationApi(): IccTarificationApi {\n return (\n this._tarificationApi ??\n (this._tarificationApi = new IccTarificationApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _tmpApi: IccTmpApi | undefined\n\n get tmpApi(): IccTmpApi {\n return (\n this._tmpApi ?? (this._tmpApi = new IccTmpApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n get cryptoApi(): IccCryptoXApi {\n return this.cryptoInitInfos.cryptoApi\n }\n\n get dataOwnerApi(): IccDataOwnerXApi {\n return this.cryptoInitInfos.dataOwnerApi\n }\n\n get deviceApi(): IccDeviceXApi {\n return this.cryptoInitInfos.deviceApi\n }\n\n get healthcarePartyApi(): IccHcpartyXApi {\n return this.cryptoInitInfos.healthcarePartyApi\n }\n\n get icureMaintenanceTaskApi(): IccIcureMaintenanceXApi {\n return this.cryptoInitInfos.icureMaintenanceTaskApi\n }\n\n get maintenanceTaskApi(): IccMaintenanceTaskXApi {\n return this.cryptoInitInfos.maintenanceTaskApi\n }\n\n get userApi(): IccUserXApi {\n return this.cryptoInitInfos.userApi\n }\n\n async getGroupsInfo(): Promise<{ currentGroup: UserGroup | undefined; availableGroups: UserGroup[] }> {\n this.latestGroupsRequest = this.grouplessUserApi.getMatchingUsers()\n return { currentGroup: this.currentGroupInfo, availableGroups: await this.latestGroupsRequest }\n }\n\n async switchGroup(newGroupId: string): Promise<IcureApi> {\n const availableGroups = await this.latestGroupsRequest\n const switchedProvider = await this.groupSpecificAuthenticationProvider.switchGroup(newGroupId, availableGroups)\n const cryptoInitInfos = await initialiseCryptoWithProvider(\n this.host,\n this.fetch,\n switchedProvider,\n this.params,\n this.cryptoStrategies,\n this.cryptoApi.primitives.crypto\n )\n return new IcureApiImpl(\n cryptoInitInfos,\n this.host,\n switchedProvider,\n this.fetch,\n this.grouplessUserApi,\n availableGroups,\n availableGroups.find((x) => x.groupId === newGroupId)!,\n this.params,\n this.cryptoStrategies\n )\n }\n}\n\n/**\n /**\n * @experimental This function still needs development and will be changed\n * Build apis which do not need crypto and can be used by non-data-owner users\n */\nexport const BasicApis = async function (\n host: string,\n authenticationOptions: AuthenticationDetails | AuthenticationProvider,\n crypto: Crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : ({} as Crypto),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch,\n options: { headers?: { [headerName: string]: string } } = {}\n): Promise<BasicApis> {\n const authenticationProvider = await getAuthenticationProvider(host, authenticationOptions, options.headers ?? {}, fetchImpl)\n const authApi = new IccAuthApi(host, options.headers ?? {}, authenticationProvider, fetchImpl)\n\n const codeApi = new IccCodeXApi(host, options.headers ?? {}, authenticationProvider, fetchImpl)\n const entityReferenceApi = new IccEntityrefApi(host, options.headers ?? {}, authenticationProvider, fetchImpl)\n const userApi = new IccUserXApi(host, options.headers ?? {}, authenticationProvider, authApi, fetchImpl)\n const deviceApi = new IccDeviceXApi(host, options.headers ?? {}, authenticationProvider, userApi, authApi, fetchImpl)\n const permissionApi = new IccPermissionApi(host, options.headers ?? {}, authenticationProvider, fetchImpl)\n const agendaApi = new IccAgendaApi(host, options.headers ?? {}, authenticationProvider, fetchImpl)\n const groupApi = new IccGroupApi(host, options.headers ?? {}, authenticationProvider)\n const insuranceApi = new IccInsuranceApi(host, options.headers ?? {}, authenticationProvider, fetchImpl)\n const healthcarePartyApi = new IccHcpartyXApi(host, options.headers ?? {}, authenticationProvider, authApi, fetchImpl)\n\n return {\n authApi,\n deviceApi,\n codeApi,\n userApi,\n permissionApi,\n insuranceApi,\n entityReferenceApi,\n agendaApi,\n groupApi,\n healthcarePartyApi,\n }\n}\n\nasync function getMatchesOrEmpty(userApi: IccUserApi): Promise<UserGroup[]> {\n try {\n return await userApi.getMatchingUsers()\n } catch (err) {\n if (err instanceof Error && 'statusCode' in err && (err as any).statusCode === 404) return Promise.resolve([])\n else return Promise.reject(err)\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../icc-x-api/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,wCA8BmB;AACnB,qDAA8C;AAC9C,yDAAkD;AAClD,2DAAoD;AACpD,2DAAoD;AACpD,6DAAsD;AACtD,2DAAoD;AACpD,qDAA8C;AAC9C,6DAAsD;AACtD,yEAAkE;AAClE,uEAA+D;AAC/D,2DAAoD;AACpD,2DAAoD;AACpD,2DAAoD;AACpD,+DAAwD;AACxD,iEAAyD;AACzD,qDAA8C;AAC9C,6EAAqE;AACrE,iEAAyD;AAGzD,iEAA6D;AAC7D,6DAAyD;AACzD,0EAMsC;AACtC,gEAA4D;AAC5D,kFAA8E;AAC9E,qEAAiE;AACjE,6FAAyF;AACzF,sDAAkD;AAClD,8EAA0E;AAG1E,sEAAkE;AAClE,kEAA8D;AAC9D,sEAAkE;AAClE,+EAAuE;AACvE,wEAAoE;AACpE,0CAAwD;AACxD,oHAAgH;AAChH,sEAA+F;AAC/F,8EAA0E;AAC1E,mFAA+E;AAC/E,gFAA4E;AAC5E,gFAA4E;AAC5E,sFAAkF;AAClF,kHAA8G;AAC9G,0EAAsE;AACtE,gFAA4E;AAC5E,gGAA4F;AAC5F,yFAAqF;AACrF,4EAAwE;AACxE,yDAAkD;AAClD,2DAAoD;AACpD,mEAA4D;AAE5D,uDAAgD;AAChD,0DAAsD;AACtD,0EAAsE;AACtE,oFAAgF;AAChF,wEAAoE;AACpE,gEAAgF;AAChF,gEAA4D;AAC5D,mFAA+E;AAC/E,4EAAwE;AACxE,6DAAsD;AACtD,8CAA+C;AAE/C,wDAAqC;AACrC,sDAAmC;AACnC,4DAAyC;AACzC,6DAA0C;AAC1C,mDAAgC;AAChC,sDAAmC;AACnC,qDAAkC;AAClC,0DAAuC;AACvC,uDAAoC;AACpC,mDAAgC;AAChC,sDAAmC;AACnC,uDAAoC;AACpC,sDAAmC;AACnC,sDAAmC;AACnC,sDAAmC;AACnC,mDAAgC;AAChC,yDAAsC;AACtC,sDAAmC;AACnC,yDAAsC;AACtC,gEAA6C;AAC7C,+DAA4C;AAC5C,0CAAuB;AAEvB,+CAA4B;AAC5B,4DAAyC;AACzC,kEAA+C;AAC/C,gEAA6C;AAG7C,+DAA6D;AAApD,oHAAA,gBAAgB,OAAA;AAEzB,2DAAyD;AAAhD,gHAAA,cAAc,OAAA;AAEvB,wCAAoD;AAA3C,4GAAA,mBAAmB,OAAA;AAwH5B,IAAU,eAAe,CA4BxB;AA5BD,WAAU,eAAe;IACvB,IAAiB,QAAQ,CAIxB;IAJD,WAAiB,QAAQ;QACV,yBAAgB,GAAG,IAAI,+DAA8B,EAAE,CAAA;QACvD,uCAA8B,GAAG,IAAI,CAAA;QACrC,gBAAO,GAAG,EAAE,CAAA;IAC3B,CAAC,EAJgB,QAAQ,GAAR,wBAAQ,KAAR,wBAAQ,QAIxB;IAED,MAAa,YAAY;QAUvB,YAAY,MAAuB;;YACjC,IAAI,CAAC,gBAAgB,GAAG,MAAA,MAAM,CAAC,gBAAgB,mCAAI,QAAQ,CAAC,gBAAgB,CAAA;YAC5E,IAAI,CAAC,8BAA8B,GAAG,MAAA,MAAM,CAAC,8BAA8B,mCAAI,QAAQ,CAAC,8BAA8B,CAAA;YACtH,IAAI,CAAC,OAAO,GAAG,MAAA,MAAM,CAAC,OAAO,mCAAI,IAAI,mCAAgB,EAAE,CAAA;YACvD,IAAI,CAAC,UAAU,GAAG,MAAA,MAAM,CAAC,UAAU,mCAAI,IAAI,+BAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;YACvE,IAAI,CAAC,OAAO,GAAG,MAAA,MAAM,CAAC,OAAO,mCAAI,QAAQ,CAAC,OAAO,CAAA;YACjD,IAAI,CAAC,qBAAqB,GAAG,MAAA,MAAM,CAAC,qBAAqB,mCAAI,EAAE,CAAA;YAC/D,IAAI,CAAC,aAAa,GAAG,MAAA,MAAM,CAAC,aAAa,mCAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAQ,CAAC,CAAC,CAAA;YAC9F,IAAI,CAAC,+BAA+B,GAAG,MAAA,MAAM,CAAC,+BAA+B,mCAAI,KAAK,CAAA;QACxF,CAAC;KACF;IApBY,4BAAY,eAoBxB,CAAA;AACH,CAAC,EA5BS,eAAe,KAAf,eAAe,QA4BxB;AAwJD,IAAiB,qBAAqB,CAYrC;AAZD,WAAiB,qBAAqB;IACvB,8BAAQ,GAAG;QACtB,SAAS,EAAE,CAAC,QAAQ,EAAE,UAAU,CAAC;QACjC,YAAY,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,WAAW,CAAC;QAC/C,OAAO,EAAE,CAAC,OAAO,CAAC;QAClB,OAAO,EAAE,CAAC,kBAAkB,CAAC;QAC7B,aAAa,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,kBAAkB,CAAC;QACpD,eAAe,EAAE,CAAC,YAAY,CAAC;QAC/B,OAAO,EAAE,CAAC,MAAM,EAAE,kBAAkB,CAAC;QACrC,OAAO,EAAE,EAAE;QACX,KAAK,EAAE,CAAC,aAAa,EAAE,gBAAgB,EAAE,sBAAsB,CAAC;KACjE,CAAA;AACH,CAAC,EAZgB,qBAAqB,GAArB,6BAAqB,KAArB,6BAAqB,QAYrC;AA4ED,IAAiB,QAAQ,CA6CxB;AA7CD,WAAiB,QAAQ;IACvB;;OAEG;IACH,SAAsB,UAAU,CAC9B,IAAY,EACZ,qBAAqE,EACrE,gBAAkC,EAClC,SAAiB,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,EAAa,EAC3H,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK,EACT,UAA2B,EAAE;;;YAE7B,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,OAAO,CAAC,CAAA;YACxD,IAAI,+BAA+B,GAAG,MAAM,yBAAyB,CAAC,IAAI,EAAE,qBAAqB,EAAE,MAAM,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;YAC7H,mIAAmI;YACnI,MAAM,gBAAgB,GAAG,IAAI,oBAAU,CAAC,IAAI,EAAE,MAAM,CAAC,OAAO,EAAE,+BAA+B,EAAE,SAAS,CAAC,CAAA;YACzG,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,gBAAgB,CAAC,CAAA;YACzD,MAAM,MAAM,GAAG,MAAM,+BAA+B,CAAC,cAAc,EAAE,CAAA;YACrE,MAAM,cAAc,GAAG,MAAM,CAAC,CAAC,CAAC,IAAA,wBAAa,EAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACvE,MAAM,aAAa,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,OAAO,CAAC,aAAa,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC,MAAA,OAAO,CAAC,CAAC,CAAC,0CAAE,OAAO,CAAA;YAChJ;;;eAGG;YACH,MAAM,mCAAmC,GACvC,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,aAAa,IAAI,aAAa,KAAK,cAAc;gBACrE,CAAC,CAAC,MAAM,+BAA+B,CAAC,WAAW,CAAC,aAAa,EAAE,OAAO,CAAC;gBAC3E,CAAC,CAAC,+BAA+B,CAAA;YACrC,MAAM,cAAc,GAAG,MAAM,4BAA4B,CAAC,IAAI,EAAE,SAAS,EAAE,mCAAmC,EAAE,MAAM,EAAE,gBAAgB,EAAE,MAAM,CAAC,CAAA;YACjJ,OAAO,IAAI,YAAY,CACrB,cAAc,EACd,IAAI,EACJ,mCAAmC,EACnC,KAAK,EACL,gBAAgB,EAChB,OAAO,EACP,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,KAAK,aAAa,CAAC,EACxD,MAAM,EACN,gBAAgB,CACjB,CAAA;;KACF;IAxCqB,mBAAU,aAwC/B,CAAA;AACH,CAAC,EA7CgB,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QA6CxB;AAED,SAAe,yBAAyB,CACtC,IAAY,EACZ,qBAAqE,EACrE,OAAyC,EACzC,SAAwE;;;QAExE,IAAI,sBAA8C,CAAA;QAClD,IAAI,gBAAgB,IAAI,qBAAqB,IAAI,aAAa,IAAI,qBAAqB,IAAI,gBAAgB,IAAI,qBAAqB,EAAE;YACpI,sBAAsB,GAAG,qBAAqB,CAAA;SAC/C;aAAM,IAAI,aAAa,IAAI,qBAAqB,IAAI,CAAC,CAAC,qBAAqB,CAAC,WAAW,EAAE;YACxF,sBAAsB,GAAG,IAAI,kDAAyB,CACpD,IAAI,oBAAU,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,iDAAwB,EAAE,EAAE,SAAS,CAAC,EACxE,MAAA,qBAAqB,aAArB,qBAAqB,uBAArB,qBAAqB,CAAE,WAAW,0CAAE,QAAQ,EAC5C,MAAA,qBAAqB,aAArB,qBAAqB,uBAArB,qBAAqB,CAAE,WAAW,0CAAE,QAAQ,EAC5C,SAAS,EACT,qBAAqB,CAAC,WAAW,CAClC,CAAA;SACF;aAAM,IACL,UAAU,IAAI,qBAAqB;YACnC,UAAU,IAAI,qBAAqB;YACnC,CAAC,CAAC,qBAAqB,CAAC,QAAQ;YAChC,CAAC,CAAC,qBAAqB,CAAC,QAAQ,EAChC;YACA,sBAAsB,GAAG,IAAI,uDAA8B,CACzD,IAAI,oBAAU,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,iDAAwB,EAAE,EAAE,SAAS,CAAC,EACxE,qBAAqB,CAAC,QAAQ,EAC9B,qBAAqB,CAAC,QAAQ,EAC9B,IAAI,EACJ,SAAS,EACT,SAAS,EACT,qBAAqB,CAAC,gBAAgB,CACvC,CAAA;SACF;aAAM,IAAI,kBAAkB,IAAI,qBAAqB,IAAI,CAAC,CAAC,qBAAqB,CAAC,gBAAgB,EAAE;YAClG,sBAAsB,GAAG,IAAI,kDAAyB,CACpD,IAAI,oBAAU,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,iDAAwB,EAAE,EAAE,SAAS,CAAC,EACxE,SAAS,EACT,SAAS,EACT,IAAI,6CAAqB,CACvB,IAAI,oBAAU,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,iDAAwB,EAAE,EAAE,SAAS,CAAC,EACxE,SAAS,EACT,SAAS,EACT,qBAAqB,CAAC,gBAAgB,EACtC,SAAS,CACV,CACF,CAAA;SACF;aAAM,IAAI,UAAU,IAAI,qBAAqB,IAAI,gBAAgB,IAAI,qBAAqB,EAAE;YAC3F,sBAAsB,GAAG,qCAAiB,CAAC,UAAU,CACnD,IAAI,oBAAU,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,iDAAwB,EAAE,EAAE,SAAS,CAAC,EACxE,qBAAqB,CAAC,QAAQ,EAC9B,qBAAqB,CAAC,cAAc,EACpC;gBACE,aAAa,EAAE,qBAAqB,CAAC,aAAa;gBAClD,gBAAgB,EAAE,qBAAqB,CAAC,gBAAgB;gBACxD,mBAAmB,EAAE,qBAAqB,CAAC,mBAAmB;aAC/D,CACF,CAAA;SACF;aAAM;YACL,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAA;SAC3D;QACD,OAAO,sBAAsB,CAAA;;CAC9B;AAiBD,MAAM,gCAAgC,GAAG,iCAAiC,CAAA;AAE1E,SAAe,4BAA4B,CACzC,IAAY,EACZ,SAAwE,EACxE,mCAA2D,EAC3D,MAAoC,EACpC,gBAAkC,EAClC,MAAc;;;QAEd,MAAM,oBAAoB,GAAG,MAAM,IAAI,uCAAgB,CACrD,IAAI,EACJ,MAAM,CAAC,OAAO,EACd,mCAAmC,EACnC,SAAS,CACV,CAAC,uBAAuB,EAAE,CAAA;QAC3B,MAAM,oCAAoC,GAAG,gBAAgB,CAAC,oCAAoC,CAAC,oBAAoB,CAAC,CAAA;QACxH,IAAI,cAAc,GAAG,MAAM,CAAC,OAAO,CAAA;QACnC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,QAAQ,CAAC,gCAAgC,CAAC,EAAE;YAC3E,IAAI,oBAAoB,CAAC,IAAI,IAAI,qCAAiB,CAAC,OAAO,IAAI,oBAAoB,CAAC,IAAI,IAAI,qCAAiB,CAAC,MAAM,EAAE;gBACnH,IAAI,CAAC,oCAAoC,EAAE;oBACzC,cAAc,mCAAQ,cAAc,KAAE,CAAC,gCAAgC,CAAC,EAAE,OAAO,GAAE,CAAA;iBACpF;aACF;iBAAM;gBACL,IAAI,oCAAoC,EAAE;oBACxC,cAAc,mCAAQ,cAAc,KAAE,CAAC,gCAAgC,CAAC,EAAE,MAAM,GAAE,CAAA;iBACnF;aACF;SACF;QAED,MAAM,OAAO,GAAG,IAAI,oBAAU,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,SAAS,CAAC,CAAA;QACpG,MAAM,OAAO,GAAG,IAAI,4BAAW,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;QAC9G,MAAM,kBAAkB,GAAG,IAAI,kCAAc,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;QAC5H,MAAM,SAAS,GAAG,IAAI,gCAAa,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;QAC3H,MAAM,cAAc,GAAG,IAAI,uBAAa,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,SAAS,CAAC,CAAA;QAC9G,MAAM,YAAY,GAAG,IAAI,uCAAgB,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,SAAS,CAAC,CAAA;QAC/G,MAAM,eAAe,GAAG,IAAI,uCAAkB,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,SAAS,CAAC,CAAA;QACpH,MAAM,mBAAmB,GAAG,IAAI,uCAAkB,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,SAAS,CAAC,CAAA;QACxH,wBAAwB;QACxB,MAAM,YAAY,GAAG,IAAI,uCAAkB,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,gBAAgB,CAAC,CAAA;QACvG,MAAM,gBAAgB,GAAG,IAAI,mCAAgB,CAAC,MAAM,CAAC,CAAA;QACrD,MAAM,uBAAuB,GAAG,IAAI,iDAAuB,CAAC,gBAAgB,EAAE,YAAY,EAAE,kBAAkB,EAAE,cAAc,EAAE,SAAS,CAAC,CAAA;QAC1I,MAAM,uBAAuB,GAAG,IAAI,iDAAuB,CAAC,eAAe,EAAE,YAAY,EAAE,gBAAgB,EAAE,oCAAoC,CAAC,CAAA;QAClJ,MAAM,WAAW,GAAG,IAAI,yBAAW,CAAC,gBAAgB,EAAE,YAAY,EAAE,uBAAuB,EAAE,uBAAuB,CAAC,CAAA;QACrH,MAAM,sBAAsB,GAAG,IAAI,+CAAsB,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,CAAA;QAChG,MAAM,gBAAgB,GAAG,IAAI,mCAAgB,CAAC,sBAAsB,CAAC,CAAA;QACrE,MAAM,yBAAyB,GAAG,IAAI,qDAAyB,CAC7D,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,WAAW,EACX,gBAAgB,EAChB,CAAC,MAAM,CAAC,+BAA+B,EACvC,gBAAgB,CACjB,CAAA;QACD,MAAM,wBAAwB,GAAG,IAAI,mDAAwB,CAAC,YAAY,EAAE,YAAY,EAAE,gBAAgB,CAAC,CAAA;QAC3G,MAAM,MAAM,GAAG,MAAM,yBAAyB,CAAC,cAAc,EAAE,CAAA;QAC/D,MAAM,IAAI,yCAAmB,CAC3B,gBAAgB,EAChB,uBAAuB,EACvB,YAAY,EACZ,yBAAyB,EACzB,wBAAwB,EACxB,YAAY,CACb,CAAC,kBAAkB,CAAC,MAAM,YAAY,CAAC,uBAAuB,EAAE,CAAC,CAAA;QAClE,6BAA6B;QAC7B,MAAM,mBAAmB,GAAG,IAAI,yCAAmB,CACjD,GAAG,EACH,GAAG,EACH,MAAM,EACN,KAAK,EACL,gBAAgB,EAChB,gBAAgB,EAChB,yBAAyB,EACzB,uBAAuB,EACvB,YAAY,EACZ,CAAC,MAAM,CAAC,+BAA+B,EACvC,YAAY,CACb,CAAA;QACD,MAAM,wBAAwB,GAAG,IAAI,mDAAwB,CAAC,gBAAgB,CAAC,CAAA;QAC/E,MAAM,mBAAmB,GAAG,MAAM,IAAA,sEAAgD,EAChF,uBAAuB,EACvB,yBAAyB,EACzB,wBAAwB,EACxB,wBAAwB,EACxB,gBAAgB,EAChB,YAAY,EACZ,gBAAgB,EAChB,CAAC,MAAM,CAAC,+BAA+B,CACxC,CAAA;QACD,MAAM,sBAAsB,GAAG,IAAI,+CAAsB,CACvD,IAAI,6CAAqB,CAAC,IAAI,EAAE,cAAc,EAAE,mCAAmC,EAAE,SAAS,CAAC,CAChG,CAAA;QACD,MAAM,2BAA2B,GAAG,IAAI,yDAA2B,CAAC,yBAAyB,EAAE,gBAAgB,CAAC,CAAA;QAChH,MAAM,2CAA2C,GAAG,IAAI,uFAA0C,CAChG,mBAAmB,EACnB,sBAAsB,EACtB,2BAA2B,EAC3B,YAAY,CACb,CAAA;QACD,MAAM,SAAS,GAAG,IAAI,6CAAqB,CACzC,gBAAgB,EAChB,YAAY,EACZ,IAAI,qFAAyC,CAAC,mBAAmB,EAAE,gBAAgB,CAAC,EACpF,2CAA2C,EAC3C,IAAI,mDAAwB,CAC1B,mBAAmB,EACnB,sBAAsB,EACtB,2BAA2B,EAC3B,wBAAwB,EACxB,yBAAyB,EACzB,gBAAgB,EAChB,YAAY,EACZ,gBAAgB,EAChB,oCAAoC,CACrC,EACD,OAAO,EACP,CAAC,MAAM,CAAC,+BAA+B,CACxC,CAAA;QACD,MAAM,aAAa,GAAG,IAAI,qCAAiB,CAAC,gBAAgB,EAAE,YAAY,EAAE,yBAAyB,EAAE,mBAAmB,CAAC,CAAA;QAC3H,MAAM,qBAAqB,GAAG,IAAI,2CAAoB,CAAC,SAAS,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAA;QACjG,MAAM,IAAA,+BAAuB,EAAC,YAAY,EAAE,SAAS,EAAE,cAAc,EAAE,gBAAgB,CAAC,CAAA;QACxF,MAAM,gCAAgC,GAAG,IAAI,mEAAgC,CAAC,mBAAmB,CAAC,CAAA;QAClG,MAAM,0BAA0B,GAAG,IAAI,uDAA0B,CAC/D,YAAY,EACZ,2CAA2C,EAC3C,SAAS,EACT,gBAAgB,EAChB,wBAAwB,EACxB,IAAI,EACJ,cAAc,EACd,mCAAmC,EACnC,SAAS,EACT,gCAAgC,CACjC,CAAA;QACD,MAAM,SAAS,GAAG,IAAI,gCAAa,CACjC,mBAAmB,EACnB,gBAAgB,EAChB,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,aAAa,EACb,MAAM,CAAC,OAAO,EACd,MAAM,CAAC,UAAU,EACjB,qBAAqB,EACrB,mBAAmB,EACnB,gCAAgC,EAChC,0BAA0B,CAC3B,CAAA;QACD,MAAM,kBAAkB,GAAG,IAAI,mDAAsB,CACnD,IAAI,EACJ,cAAc,EACd,SAAS,EACT,kBAAkB,EAClB,YAAY,EACZ,OAAO,EACP,OAAO,EACP,CAAC,oCAAoC,EACrC,MAAA,MAAM,CAAC,qBAAqB,CAAC,eAAe,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,eAAe,EAC9F,mCAAmC,EACnC,SAAS,CACV,CAAA;QACD,MAAM,uBAAuB,GAAG,IAAI,qDAAuB,CAAC,SAAS,EAAE,kBAAkB,EAAE,YAAY,EAAE,eAAe,CAAC,CAAA;QAEzH,IAAI,MAAM,IAAI,MAAM,CAAC,8BAA8B,EAAE;YACnD,MAAM,uBAAuB,CAAC,mCAAmC,CAAC,MAAM,OAAO,CAAC,cAAc,EAAE,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;SACrH;QACD,OAAO;YACL,SAAS;YACT,OAAO;YACP,kBAAkB;YAClB,SAAS;YACT,kBAAkB;YAClB,YAAY;YACZ,uBAAuB;YACvB,OAAO,EAAE,cAAc;YACvB,oCAAoC;YACpC,WAAW,EAAE,IAAI,oCAAe,CAC9B,mBAAmB,EACnB,sBAAsB,EACtB,yBAAyB,EACzB,YAAY,EACZ,gBAAgB,EAChB,mBAAmB,CACpB;SACF,CAAA;;CACF;AAED,MAAM,YAAY;IAGhB,YACmB,eAAyC,EACzC,IAAY,EACZ,mCAA2D,EAC3D,KAAoE,EACpE,gBAA4B,EAC7C,aAA0B,EACT,gBAAuC,EACvC,MAAoC,EACpC,gBAAkC;QARlC,oBAAe,GAAf,eAAe,CAA0B;QACzC,SAAI,GAAJ,IAAI,CAAQ;QACZ,wCAAmC,GAAnC,mCAAmC,CAAwB;QAC3D,UAAK,GAAL,KAAK,CAA+D;QACpE,qBAAgB,GAAhB,gBAAgB,CAAY;QAE5B,qBAAgB,GAAhB,gBAAgB,CAAuB;QACvC,WAAM,GAAN,MAAM,CAA8B;QACpC,qBAAgB,GAAhB,gBAAgB,CAAkB;QAEnD,IAAI,CAAC,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;IAC3D,CAAC;IAID,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,eAAe,CAAC,WAAW,CAAA;IACzC,CAAC;IAED,IAAI,OAAO;;QACT,OAAO,CACL,MAAA,IAAI,CAAC,QAAQ,mCAAI,CAAC,IAAI,CAAC,QAAQ,GAAG,IAAI,oBAAU,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACjJ,CAAA;IACH,CAAC;IAID,IAAI,OAAO;;QACT,OAAO,CACL,MAAA,IAAI,CAAC,QAAQ,mCACb,CAAC,IAAI,CAAC,QAAQ,GAAG,IAAI,4BAAW,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACjI,CAAA;IACH,CAAC;IAID,IAAI,mBAAmB;;QACrB,OAAO,CACL,MAAA,IAAI,CAAC,oBAAoB,mCACzB,CAAC,IAAI,CAAC,oBAAoB,GAAG,IAAI,gCAAsB,CACrD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,kBAAkB;;QACpB,OAAO,CACL,MAAA,IAAI,CAAC,mBAAmB,mCACxB,CAAC,IAAI,CAAC,mBAAmB,GAAG,IAAI,+BAAqB,CACnD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,OAAO;;QACT,OAAO,MAAA,IAAI,CAAC,QAAQ,mCAAI,CAAC,IAAI,CAAC,QAAQ,GAAG,IAAI,uBAAU,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAA;IAChJ,CAAC;IAID,IAAI,kBAAkB;;QACpB,OAAO,CACL,MAAA,IAAI,CAAC,mBAAmB,mCACxB,CAAC,IAAI,CAAC,mBAAmB,GAAG,IAAI,yBAAe,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAChJ,CAAA;IACH,CAAC;IAID,IAAI,aAAa;;QACf,OAAO,CACL,MAAA,IAAI,CAAC,cAAc,mCACnB,CAAC,IAAI,CAAC,cAAc,GAAG,IAAI,0BAAgB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAC5I,CAAA;IACH,CAAC;IAID,IAAI,YAAY;;QACd,OAAO,CACL,MAAA,IAAI,CAAC,aAAa,mCAClB,CAAC,IAAI,CAAC,aAAa,GAAG,IAAI,sCAAgB,CACxC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,SAAS,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,SAAS,EACvF,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,SAAS;;QACX,OAAO,CACL,MAAA,IAAI,CAAC,UAAU,mCACf,CAAC,IAAI,CAAC,UAAU,GAAG,IAAI,sBAAY,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACpI,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,kCAAc,CACpC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,OAAO,EACZ,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,EACV,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,OAAO,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,OAAO,EACnF,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,OAAO,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,OAAO,CACpF,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,OAAO;;QACT,OAAO,CACL,MAAA,IAAI,CAAC,QAAQ,mCACb,CAAC,IAAI,CAAC,QAAQ,GAAG,IAAI,4BAAW,CAC9B,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,QAAQ;;QACV,OAAO,CACL,MAAA,IAAI,CAAC,SAAS,mCACd,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,qBAAW,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAClI,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,kCAAc,CACpC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,YAAY;;QACd,OAAO,CACL,MAAA,IAAI,CAAC,aAAa,mCAClB,CAAC,IAAI,CAAC,aAAa,GAAG,IAAI,yBAAe,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAC1I,CAAA;IACH,CAAC;IAID,IAAI,WAAW;;QACb,OAAO,CACL,MAAA,IAAI,CAAC,YAAY,mCACjB,CAAC,IAAI,CAAC,YAAY,GAAG,IAAI,oCAAe,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,oBAAoB;;QACtB,OAAO,CACL,MAAA,IAAI,CAAC,qBAAqB,mCAC1B,CAAC,IAAI,CAAC,qBAAqB,GAAG,IAAI,oCAAe,CAC/C,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,OAAO,EACZ,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,aAAa,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,aAAa,EAC/F,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,iBAAiB;;QACnB,OAAO,CACL,MAAA,IAAI,CAAC,kBAAkB,mCACvB,CAAC,IAAI,CAAC,kBAAkB,GAAG,IAAI,gDAAqB,CAClD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,eAAe;;QACjB,OAAO,CACL,MAAA,IAAI,CAAC,gBAAgB,mCACrB,CAAC,IAAI,CAAC,gBAAgB,GAAG,IAAI,6CAAmB,CAC9C,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,YAAY,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,YAAY,EAC7F,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,kCAAc,CACpC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,YAAY;;QACd,OAAO,CACL,MAAA,IAAI,CAAC,aAAa,mCAClB,CAAC,IAAI,CAAC,aAAa,GAAG,IAAI,uCAAgB,CACxC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,kCAAc,CACpC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,oBAAoB,EACzB,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,iBAAiB,EACtB,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,eAAe,EACpB,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,OAAO,EACZ,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,OAAO,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,OAAO,EACnF,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,kCAAc,CACpC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,OAAO,EACZ,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,OAAO,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,OAAO,EACnF,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,QAAQ;;QACV,OAAO,CACL,MAAA,IAAI,CAAC,SAAS,mCACd,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,8BAAY,CAChC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,OAAO,EACZ,CAAC,IAAI,CAAC,eAAe,CAAC,oCAAoC,EAC1D,IAAI,CAAC,mCAAmC,EACxC,MAAA,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,KAAK,mCAAI,qBAAqB,CAAC,QAAQ,CAAC,KAAK,EAC/E,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,kBAAkB;;QACpB,OAAO,CACL,MAAA,IAAI,CAAC,mBAAmB,mCACxB,CAAC,IAAI,CAAC,mBAAmB,GAAG,IAAI,+BAAqB,CACnD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,sBAAsB;;QACxB,OAAO,CACL,MAAA,IAAI,CAAC,uBAAuB,mCAC5B,CAAC,IAAI,CAAC,uBAAuB,GAAG,IAAI,mCAAyB,CAC3D,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,uBAAa,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACtI,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,kCAAc,CACpC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,oBAAoB,EACzB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,uBAAa,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACtI,CAAA;IACH,CAAC;IAID,IAAI,iBAAiB;;QACnB,OAAO,CACL,MAAA,IAAI,CAAC,kBAAkB,mCACvB,CAAC,IAAI,CAAC,kBAAkB,GAAG,IAAI,8BAAoB,CACjD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,iBAAiB;;QACnB,OAAO,CACL,MAAA,IAAI,CAAC,kBAAkB,mCACvB,CAAC,IAAI,CAAC,kBAAkB,GAAG,IAAI,8BAAoB,CACjD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,uBAAa,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACtI,CAAA;IACH,CAAC;IAID,IAAI,yBAAyB;;QAC3B,OAAO,CACL,MAAA,IAAI,CAAC,0BAA0B,mCAC/B,CAAC,IAAI,CAAC,0BAA0B,GAAG,IAAI,sCAA4B,CACjE,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,cAAc;;QAChB,OAAO,CACL,MAAA,IAAI,CAAC,eAAe,mCACpB,CAAC,IAAI,CAAC,eAAe,GAAG,IAAI,0CAAkB,CAC5C,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,iBAAiB;;QACnB,OAAO,CACL,MAAA,IAAI,CAAC,kBAAkB,mCACvB,CAAC,IAAI,CAAC,kBAAkB,GAAG,IAAI,8BAAoB,CACjD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,oBAAoB;;QACtB,OAAO,CACL,MAAA,IAAI,CAAC,qBAAqB,mCAC1B,CAAC,IAAI,CAAC,qBAAqB,GAAG,IAAI,iCAAuB,CACvD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,eAAe,CAAC,OAAO,EAC5B,IAAI,CAAC,mCAAmC,EACxC,IAAI,CAAC,KAAK,CACX,CAAC,CACH,CAAA;IACH,CAAC;IAID,IAAI,QAAQ;;QACV,OAAO,CACL,MAAA,IAAI,CAAC,SAAS,mCACd,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,qBAAW,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAClI,CAAA;IACH,CAAC;IAID,IAAI,UAAU;;QACZ,OAAO,CACL,MAAA,IAAI,CAAC,WAAW,mCAChB,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,uBAAa,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACtI,CAAA;IACH,CAAC;IAID,IAAI,QAAQ;;QACV,OAAO,CACL,MAAA,IAAI,CAAC,SAAS,mCACd,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,qBAAW,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAClI,CAAA;IACH,CAAC;IAID,IAAI,QAAQ;;QACV,OAAO,CACL,MAAA,IAAI,CAAC,SAAS,mCACd,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,qBAAW,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAClI,CAAA;IACH,CAAC;IAID,IAAI,SAAS;;QACX,OAAO,CACL,MAAA,IAAI,CAAC,UAAU,mCACf,CAAC,IAAI,CAAC,UAAU,GAAG,IAAI,sBAAY,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CACpI,CAAA;IACH,CAAC;IAID,IAAI,cAAc;;QAChB,OAAO,CACL,MAAA,IAAI,CAAC,eAAe,mCACpB,CAAC,IAAI,CAAC,eAAe,GAAG,IAAI,2BAAiB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAC9I,CAAA;IACH,CAAC;IAID,IAAI,eAAe;;QACjB,OAAO,CACL,MAAA,IAAI,CAAC,gBAAgB,mCACrB,CAAC,IAAI,CAAC,gBAAgB,GAAG,IAAI,4BAAkB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAChJ,CAAA;IACH,CAAC;IAID,IAAI,MAAM;;QACR,OAAO,CACL,MAAA,IAAI,CAAC,OAAO,mCAAI,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,mBAAS,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAC9I,CAAA;IACH,CAAC;IAED,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,eAAe,CAAC,SAAS,CAAA;IACvC,CAAC;IAED,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,YAAY,CAAA;IAC1C,CAAC;IAED,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,eAAe,CAAC,SAAS,CAAA;IACvC,CAAC;IAED,IAAI,kBAAkB;QACpB,OAAO,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAA;IAChD,CAAC;IAED,IAAI,uBAAuB;QACzB,OAAO,IAAI,CAAC,eAAe,CAAC,uBAAuB,CAAA;IACrD,CAAC;IAED,IAAI,kBAAkB;QACpB,OAAO,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAA;IAChD,CAAC;IAED,IAAI,OAAO;QACT,OAAO,IAAI,CAAC,eAAe,CAAC,OAAO,CAAA;IACrC,CAAC;IAEK,aAAa;;YACjB,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC,gBAAgB,CAAC,gBAAgB,EAAE,CAAA;YACnE,OAAO,EAAE,YAAY,EAAE,IAAI,CAAC,gBAAgB,EAAE,eAAe,EAAE,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAA;QACjG,CAAC;KAAA;IAEK,WAAW,CAAC,UAAkB;;YAClC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAA;YACtD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,mCAAmC,CAAC,WAAW,CAAC,UAAU,EAAE,eAAe,CAAC,CAAA;YAChH,MAAM,eAAe,GAAG,MAAM,4BAA4B,CACxD,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,KAAK,EACV,gBAAgB,EAChB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,gBAAgB,EACrB,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,MAAM,CACjC,CAAA;YACD,OAAO,IAAI,YAAY,CACrB,eAAe,EACf,IAAI,CAAC,IAAI,EACT,gBAAgB,EAChB,IAAI,CAAC,KAAK,EACV,IAAI,CAAC,gBAAgB,EACrB,eAAe,EACf,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,UAAU,CAAE,EACtD,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,gBAAgB,CACtB,CAAA;QACH,CAAC;KAAA;CACF;AAED;;;;GAIG;AACI,MAAM,SAAS,GAAG,UACvB,IAAY,EACZ,qBAAqE,EACrE,SAAiB,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,EAAa,EAC3H,YAA2E,OAAO,MAAM,KAAK,WAAW;IACtG,CAAC,CAAC,MAAM,CAAC,KAAK;IACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;QAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;QACZ,CAAC,CAAC,KAAK,EACT,UAA0D,EAAE;;;QAE5D,MAAM,sBAAsB,GAAG,MAAM,yBAAyB,CAAC,IAAI,EAAE,qBAAqB,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,SAAS,CAAC,CAAA;QAC7H,MAAM,OAAO,GAAG,IAAI,oBAAU,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAE9F,MAAM,OAAO,GAAG,IAAI,4BAAW,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAC/F,MAAM,kBAAkB,GAAG,IAAI,yBAAe,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAC9G,MAAM,OAAO,GAAG,IAAI,4BAAW,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;QACxG,MAAM,SAAS,GAAG,IAAI,gCAAa,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;QACrH,MAAM,aAAa,GAAG,IAAI,0BAAgB,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAC1G,MAAM,SAAS,GAAG,IAAI,sBAAY,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAClG,MAAM,QAAQ,GAAG,IAAI,qBAAW,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,CAAC,CAAA;QACrF,MAAM,YAAY,GAAG,IAAI,yBAAe,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QACxG,MAAM,kBAAkB,GAAG,IAAI,kCAAc,CAAC,IAAI,EAAE,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,EAAE,sBAAsB,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;QAEtH,OAAO;YACL,OAAO;YACP,SAAS;YACT,OAAO;YACP,OAAO;YACP,aAAa;YACb,YAAY;YACZ,kBAAkB;YAClB,SAAS;YACT,QAAQ;YACR,kBAAkB;SACnB,CAAA;;CACF,CAAA;AApCY,QAAA,SAAS,aAoCrB;AAED,SAAe,iBAAiB,CAAC,OAAmB;;QAClD,IAAI;YACF,OAAO,MAAM,OAAO,CAAC,gBAAgB,EAAE,CAAA;SACxC;QAAC,OAAO,GAAG,EAAE;YACZ,IAAI,GAAG,YAAY,KAAK,IAAI,YAAY,IAAI,GAAG,IAAK,GAAW,CAAC,UAAU,KAAK,GAAG;gBAAE,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;;gBACzG,OAAO,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;SAChC;IACH,CAAC;CAAA","sourcesContent":["import {\n IccAgendaApi,\n IccAnonymousAccessApi,\n IccApplicationsettingsApi,\n IccArticleApi,\n IccAuthApi,\n IccBeefactApi,\n IccBeresultexportApi,\n IccBeresultimportApi,\n IccBesamv2Api,\n IccCalendarItemTypeApi,\n IccClassificationTemplateApi,\n IccEntityrefApi,\n IccEntitytemplateApi,\n IccFrontendmigrationApi,\n IccGroupApi,\n IccIcureApi,\n IccInsuranceApi,\n IccKeywordApi,\n IccMedexApi,\n IccMedicallocationApi,\n IccPatientApi,\n IccPermissionApi,\n IccPlaceApi,\n IccPubsubApi,\n IccReplicationApi,\n IccTarificationApi,\n IccTmpApi,\n IccUserApi,\n OAuthThirdParty,\n} from '../icc-api'\nimport { IccUserXApi } from './icc-user-x-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport { IccContactXApi } from './icc-contact-x-api'\nimport { IccInvoiceXApi } from './icc-invoice-x-api'\nimport { IccDocumentXApi } from './icc-document-x-api'\nimport { IccHcpartyXApi } from './icc-hcparty-x-api'\nimport { IccFormXApi } from './icc-form-x-api'\nimport { IccHelementXApi } from './icc-helement-x-api'\nimport { IccClassificationXApi } from './icc-classification-x-api'\nimport { IccCalendarItemXApi } from './icc-calendar-item-x-api'\nimport { IccPatientXApi } from './icc-patient-x-api'\nimport { IccMessageXApi } from './icc-message-x-api'\nimport { IccReceiptXApi } from './icc-receipt-x-api'\nimport { IccAccesslogXApi } from './icc-accesslog-x-api'\nimport { IccTimeTableXApi } from './icc-time-table-x-api'\nimport { IccCodeXApi } from './icc-code-x-api'\nimport { IccMaintenanceTaskXApi } from './icc-maintenance-task-x-api'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { StorageFacade } from './storage/StorageFacade'\nimport { KeyStorageFacade } from './storage/KeyStorageFacade'\nimport { LocalStorageImpl } from './storage/LocalStorageImpl'\nimport { KeyStorageImpl } from './storage/KeyStorageImpl'\nimport {\n AuthenticationProvider,\n BasicAuthenticationProvider,\n EnsembleAuthenticationProvider,\n JwtAuthenticationProvider,\n NoAuthenticationProvider,\n} from './auth/AuthenticationProvider'\nimport { CryptoPrimitives } from './crypto/CryptoPrimitives'\nimport { UserEncryptionKeysManager } from './crypto/UserEncryptionKeysManager'\nimport { IcureStorageFacade } from './storage/IcureStorageFacade'\nimport { DefaultStorageEntryKeysFactory } from './storage/DefaultStorageEntryKeysFactory'\nimport { KeyRecovery } from './crypto/KeyRecovery'\nimport { BaseExchangeKeysManager } from './crypto/BaseExchangeKeysManager'\nimport { StorageEntryKeysFactory } from './storage/StorageEntryKeysFactory'\nimport { CryptoStrategies } from './crypto/CryptoStrategies'\nimport { ExchangeKeysManager } from './crypto/ExchangeKeysManager'\nimport { ShamirKeysManager } from './crypto/ShamirKeysManager'\nimport { TransferKeysManager } from './crypto/TransferKeysManager'\nimport { IccIcureMaintenanceXApi } from './icc-icure-maintenance-x-api'\nimport { ConfidentialEntities } from './crypto/ConfidentialEntities'\nimport { ensureDelegationForSelf } from './crypto/utils'\nimport { SecureDelegationsSecurityMetadataDecryptor } from './crypto/SecureDelegationsSecurityMetadataDecryptor'\nimport { initialiseExchangeDataManagerForCurrentDataOwner } from './crypto/ExchangeDataManager'\nimport { BaseExchangeDataManager } from './crypto/BaseExchangeDataManager'\nimport { IccExchangeDataApi } from '../icc-api/api/internal/IccExchangeDataApi'\nimport { UserSignatureKeysManager } from './crypto/UserSignatureKeysManager'\nimport { AccessControlSecretUtils } from './crypto/AccessControlSecretUtils'\nimport { SecureDelegationsEncryption } from './crypto/SecureDelegationsEncryption'\nimport { LegacyDelegationSecurityMetadataDecryptor } from './crypto/LegacyDelegationSecurityMetadataDecryptor'\nimport { ExtendedApisUtilsImpl } from './crypto/ExtendedApisUtilsImpl'\nimport { SecureDelegationsManager } from './crypto/SecureDelegationsManager'\nimport { AccessControlKeysHeadersProvider } from './crypto/AccessControlKeysHeadersProvider'\nimport { IccExchangeDataMapApi } from '../icc-api/api/internal/IccExchangeDataMapApi'\nimport { ExchangeDataMapManager } from './crypto/ExchangeDataMapManager'\nimport { IccDeviceXApi } from './icc-device-x-api'\nimport { IccBekmehrXApi } from './icc-bekmehr-x-api'\nimport { IccDoctemplateXApi } from './icc-doctemplate-x-api'\nimport { UserGroup } from '../icc-api/model/UserGroup'\nimport { IccTopicXApi } from './icc-topic-x-api'\nimport { IccRoleApi } from '../icc-api/api/IccRoleApi'\nimport { DataOwnerTypeEnum } from '../icc-api/model/DataOwnerTypeEnum'\nimport { DelegationsDeAnonymization } from './crypto/DelegationsDeAnonymization'\nimport { JwtBridgedAuthService } from './auth/JwtBridgedAuthService'\nimport { AuthSecretProvider, SmartAuthProvider } from './auth/SmartAuthProvider'\nimport { KeyPairRecoverer } from './crypto/KeyPairRecoverer'\nimport { IccRecoveryDataApi } from '../icc-api/api/internal/IccRecoveryDataApi'\nimport { RecoveryDataEncryption } from './crypto/RecoveryDataEncryption'\nimport { IccRecoveryXApi } from './icc-recovery-x-api'\nimport { getGroupOfJwt } from './auth/JwtUtils'\n\nexport * from './icc-accesslog-x-api'\nexport * from './icc-bekmehr-x-api'\nexport * from './icc-calendar-item-x-api'\nexport * from './icc-classification-x-api'\nexport * from './icc-code-x-api'\nexport * from './icc-contact-x-api'\nexport * from './icc-crypto-x-api'\nexport * from './icc-doctemplate-x-api'\nexport * from './icc-document-x-api'\nexport * from './icc-form-x-api'\nexport * from './icc-hcparty-x-api'\nexport * from './icc-helement-x-api'\nexport * from './icc-invoice-x-api'\nexport * from './icc-message-x-api'\nexport * from './icc-patient-x-api'\nexport * from './icc-user-x-api'\nexport * from './icc-time-table-x-api'\nexport * from './icc-receipt-x-api'\nexport * from './icc-data-owner-x-api'\nexport * from './icc-icure-maintenance-x-api'\nexport * from './icc-maintenance-task-x-api'\nexport * from './utils'\n\nexport * from './crypto/RSA'\nexport * from './crypto/CryptoPrimitives'\nexport * from './crypto/ShareMetadataBehaviour'\nexport * from './auth/AuthenticationProvider'\n\nexport { KeyStorageFacade } from './storage/KeyStorageFacade'\nexport { LocalStorageImpl } from './storage/LocalStorageImpl'\nexport { StorageFacade } from './storage/StorageFacade'\nexport { KeyStorageImpl } from './storage/KeyStorageImpl'\nexport { CryptoStrategies } from './crypto/CryptoStrategies'\nexport { getShaVersionForKey } from './crypto/utils'\n\nexport interface BasicApis {\n readonly authApi: IccAuthApi\n readonly codeApi: IccCodeXApi\n readonly userApi: IccUserXApi\n readonly permissionApi: IccPermissionApi\n readonly insuranceApi: IccInsuranceApi\n readonly entityReferenceApi: IccEntityrefApi\n readonly agendaApi: IccAgendaApi\n readonly groupApi: IccGroupApi\n readonly healthcarePartyApi: IccHcpartyXApi\n readonly deviceApi: IccDeviceXApi\n}\nexport interface Apis extends BasicApis {\n readonly calendarItemTypeApi: IccCalendarItemTypeApi\n readonly medicalLocationApi: IccMedicallocationApi\n readonly cryptoApi: IccCryptoXApi\n readonly accessLogApi: IccAccesslogXApi\n readonly contactApi: IccContactXApi\n readonly formApi: IccFormXApi\n readonly invoiceApi: IccInvoiceXApi\n readonly documentApi: IccDocumentXApi\n readonly healthcareElementApi: IccHelementXApi\n readonly classificationApi: IccClassificationXApi\n readonly calendarItemApi: IccCalendarItemXApi\n readonly receiptApi: IccReceiptXApi\n readonly timetableApi: IccTimeTableXApi\n readonly patientApi: IccPatientXApi\n readonly messageApi: IccMessageXApi\n readonly maintenanceTaskApi: IccMaintenanceTaskXApi\n readonly dataOwnerApi: IccDataOwnerXApi\n readonly icureMaintenanceTaskApi: IccIcureMaintenanceXApi\n readonly anonymousAccessApi: IccAnonymousAccessApi\n readonly applicationSettingsApi: IccApplicationsettingsApi\n readonly articleApi: IccArticleApi\n readonly bekmehrApi: IccBekmehrXApi\n readonly beefactApi: IccBeefactApi\n readonly beresultexportApi: IccBeresultexportApi\n readonly beresultimportApi: IccBeresultimportApi\n readonly besamv2Api: IccBesamv2Api\n readonly classificationTemplateApi: IccClassificationTemplateApi\n readonly doctemplateApi: IccDoctemplateXApi\n readonly entitytemplateApi: IccEntitytemplateApi\n readonly frontendmigrationApi: IccFrontendmigrationApi\n readonly icureApi: IccIcureApi\n readonly keywordApi: IccKeywordApi\n readonly medexApi: IccMedexApi\n readonly placeApi: IccPlaceApi\n readonly pubsubApi: IccPubsubApi\n readonly replicationApi: IccReplicationApi\n readonly tarificationApi: IccTarificationApi\n readonly tmpApi: IccTmpApi\n readonly topicApi: IccTopicXApi\n readonly roleApi: IccRoleApi\n readonly recoveryApi: IccRecoveryXApi\n}\n\n/**\n * Allows to customise the behaviour of the iCure API by providing various optional parameters.\n */\nexport interface IcureApiOptions {\n /**\n * Specifies how iCure can store string values (e.g. json). In production this should be persistent storage.\n * @default the browser's localStorage.\n */\n readonly storage?: StorageFacade<string>\n /**\n * Specifies how iCure can store cryptographic keys. Preferably this should be some ad-hoc storage key storage.\n * @default stores the json of the jwk representation of the key in {@link storage}.\n */\n readonly keyStorage?: KeyStorageFacade\n /**\n * Specifies where iCure should store his data within the {@link storage} and {@link keyStorage}.\n * @default {@link DefaultStorageEntryKeysFactory}\n */\n readonly entryKeysFactory?: StorageEntryKeysFactory\n /**\n * Specifies if iCure should automatically create maintenance tasks for requesting access back when a new key is generated at initialisation time.\n * Note that the maintenance task will be created only towards HCP data owners: if you want to create a maintenance task also to other types of data\n * owners you should disable this and call {@link IccIcureMaintenanceXApi.createMaintenanceTasksForNewKeypair} yourself.\n * @default true\n */\n readonly createMaintenanceTasksOnNewKey?: boolean\n /**\n * Additional headers to use on each request made by the iCure api.\n * @default no additional headers\n */\n readonly headers?: { [headerName: string]: string }\n /**\n * Specifies which fields should be encrypted for each kind of encryptable entity. You should make sure that every application in your environment\n * specifies the same values for this configuration.\n * @default see documentation for {@link EncryptedFieldsConfig}\n */\n readonly encryptedFieldsConfig?: EncryptedFieldsConfig\n /**\n * Each user may exist in multiple groups, but an instance of {@link IcureApi} is specialised for a single group. This function allows you to decide\n * the group to use for a given user.\n * This functions will be called only if a user exists in at least 2 groups, and takes in input:\n * - the information on the groups the user can access (in no specific order)\n * - if the authentication method uses JWT also the current group id (undefined otherwise)\n * The function must return the id of one of the available groups.\n * @default takes the first group provided. The group chosen by this method may vary between different instantiations of the {@link IcureApi} even\n * if for the same user and if the groups available for the user do not change.\n */\n readonly groupSelector?: (availableGroupsInfo: UserGroup[], currentGroupId?: string) => Promise<string>\n /**\n * Temporary value to support EHR Lite and MedTech api implementations.\n *\n * Currently, all hcps are able to access encrypted data shared with any of their parents, and on initialisation the api will verify that there is a\n * key pair available for the current user and for every parent of the user. If this option is set to true, the api will not load keys for the\n * parent users.\n *\n * This \"implicit data-sharing scheme\" (each parent HCP is essentially sharing data with all its children HCPs), however, may not be ideal for all\n * use cases, and it will be changed in future to be configurable in order to make it more general.\n * @default false, equivalent to previous behaviour.\n */\n readonly disableParentKeysInitialisation?: boolean\n}\n\nnamespace IcureApiOptions {\n export namespace Defaults {\n export const entryKeysFactory = new DefaultStorageEntryKeysFactory()\n export const createMaintenanceTasksOnNewKey = true\n export const headers = {}\n }\n\n export class WithDefaults implements IcureApiOptions {\n readonly entryKeysFactory: StorageEntryKeysFactory\n readonly createMaintenanceTasksOnNewKey: boolean\n readonly storage: StorageFacade<string>\n readonly keyStorage: KeyStorageFacade\n readonly headers: { [headerName: string]: string }\n readonly encryptedFieldsConfig: EncryptedFieldsConfig\n readonly groupSelector: (availableGroupsInfo: UserGroup[]) => Promise<string>\n readonly disableParentKeysInitialisation: boolean\n\n constructor(custom: IcureApiOptions) {\n this.entryKeysFactory = custom.entryKeysFactory ?? Defaults.entryKeysFactory\n this.createMaintenanceTasksOnNewKey = custom.createMaintenanceTasksOnNewKey ?? Defaults.createMaintenanceTasksOnNewKey\n this.storage = custom.storage ?? new LocalStorageImpl()\n this.keyStorage = custom.keyStorage ?? new KeyStorageImpl(this.storage)\n this.headers = custom.headers ?? Defaults.headers\n this.encryptedFieldsConfig = custom.encryptedFieldsConfig ?? {}\n this.groupSelector = custom.groupSelector ?? ((groups) => Promise.resolve(groups[0].groupId!))\n this.disableParentKeysInitialisation = custom.disableParentKeysInitialisation ?? false\n }\n }\n}\n\n/**\n * Specifies which fields should be encrypted for each kind of encryptable entity.\n *\n * Note that any value you specify here overrides the default values. For example if you specify `['medicalLocationId']` for `healthElement` the\n * fields `['descr', 'note']` which are usually encrypted by default will no longer be encrypted. If you want to add fields to the default values\n * you can use {@link EncryptedFieldsConfig.Defaults}, for example `[...EncryptedFieldsConfig.Defaults.healthElement, 'medicalLocationId'].\n *\n * # Encrypted fields syntax\n *\n * ## Grammar\n *\n * The grammar for each encrypted field is the following:\n * ```\n * fieldName :=\n * regex([a-zA-Z_][a-zA-Z0-9_]+)\n * encryptedField :=\n * fieldName\n * | fieldName + (\".\" | \".*.\" | \"[].\") + encryptedField\n * ```\n *\n * This grammar allows you to specify the fields to encrypt for the object and recursively for nested objects.\n * - A string containing only a single `fieldName` will encrypt the field with the given name.\n * - A string starting with `fieldName.` allows to specify the encrypted fields of a nested object. The encrypted values of the\n * fields in the nested object will be saved in the nested object.\n * - A string starting with `fieldName.*.` treats `fieldName` as a map/dictionary data structure and allows to specify the encrypted fields of the\n * values of the map. Note that the values of the map must be objects as well. The encrypted content of each map value is stored in that value.\n * - A string starting with `fieldName[].` treats `fieldName` as an array and allows to specify the encrypted fields of the values of the array.\n * Note that the values of the array must be objects as well. The encrypted content of each array element is stored in that element.\n *\n * ## Example\n *\n * Consider the following object and encryption keys:\n * ```javascript\n * const obj = {\n * a: { x: 0, y: 1 },\n * b: \"hello\",\n * c: [ { public: \"a\", secret: \"b\" }, { public: \"c\", secret: \"d\" } ],\n * d: \"ok\",\n * e: {\n * info: \"something\",\n * private: \"secret\",\n * dataMap: {\n * \"en\": {\n * a: 1,\n * b: 2\n * },\n * \"fr\": {\n * a: 3,\n * b: 4\n * }\n * }\n * }\n * }\n * const encryptedFields = [\n * \"a\",\n * \"c[].secret\",\n * \"d\",\n * \"e.private\",\n * \"e.datamap.*.a\"\n * ]\n * ```\n * If you use them with the crypt method you will get the following result:\n * ```json\n * {\n * b: \"hello\",\n * c: [\n * { public: \"a\", encryptedSelf: 'encrypted+encoded { secret: \"b\" }' },\n * { public: \"c\", encryptedSelf: 'encrypted+encoded { secret: \"d\" }' }\n * ],\n * e: {\n * info: \"something\",\n * dataMap: {\n * \"en\": { b: 2, encryptedSelf: 'encrypted+encoded { a: 1 }' },\n * \"fr\": { b: 4, encryptedSelf: 'encrypted+encoded { a: 3 }' }\n * },\n * encryptedSelf: 'encrypted+encoded { private: \"secret\" }'\n * },\n * encryptedSelf: 'encrypted+encoded { a: { x: 0, y: 1 }, d: \"ok\" }'\n * }\n * ```\n *\n * ## Shortened representation\n *\n * You can also group encrypted fields having the same prefix by concatenating to the prefix the JSON representation of an array of all the postfixes.\n * For example the following encrypted fields:\n * ```javascript\n * const encryptedFields = [\"a.b.c.d.e.f1\", \"a.b.c.d.e.f2\", \"a.b.c.d.e.f3\", \"a.b.c.d.e.f4\"]\n * ```\n * can be shortened to\n * ```javascript\n * const encryptedFields = ['a.b.c.d.e.[\"f1\",\"f2\",\"f3\",\"f4\"]'] // Note the use of single quotes to avoid escaping the double quotes\n * ```\n * If you use the shortened representation you may need to escape nested json representations. In that case the use of `JSON.stringify` is\n * recommended.\n */\nexport interface EncryptedFieldsConfig {\n /**\n * Fields to encrypt for entities of type {@link AccessLog}\n * @default ['detail', 'objectId']\n */\n readonly accessLog?: string[]\n /**\n * Fields to encrypt for entities of type {@link CalendarItem}\n * @default ['details', 'title', 'patientId']\n */\n readonly calendarItem?: string[]\n /**\n * Fields to encrypt for entities of type {@link Contact}, excluding `services`. You can specify which fields of `services` should be encrypted\n * using {@link service}.\n * @default ['descr'] // encryption of `services` is managed through {@link service}\n */\n readonly contact?: string[]\n /**\n * Fields to encrypt for entities of type {@link Service}. Note that encryption of the `content` field and recursively contained `Services` through\n * `content.compoundValue` is automatically managed by the sdk, and you are not allowed to modify it.\n *\n * Note: any non-empty values for this field will break bi-directional data compatibility between v7 and previous: Contacts created with\n * v7 will not be read properly by previous versions. If you want\n * @default ['notes[].markdown'] // encryption of `content` is managed in a special way\n */\n readonly service?: string[]\n /**\n * Fields to encrypt for entities of type {@link HealthElement}\n * @default ['descr', 'note', 'notes[].markdown']\n */\n readonly healthElement?: string[]\n /**\n * Fields to encrypt for entities of type {@link MaintenanceTask}\n * @default ['properties']\n */\n readonly maintenanceTask?: string[]\n /**\n * Fields to encrypt for entities of type {@link Patient}\n * @default ['note', 'notes[].markdown']\n */\n readonly patient?: string[]\n\n /**\n * Fields to encrypt for entities of type {@link Message}\n * @default []\n */\n readonly message?: string[]\n\n /**\n * Fields to encrypt for entities of type {@link Topic}\n * @default ['description']\n */\n readonly topic?: string[]\n}\n\nexport namespace EncryptedFieldsConfig {\n export const Defaults = {\n accessLog: ['detail', 'objectId'],\n calendarItem: ['details', 'title', 'patientId'],\n contact: ['descr'],\n service: ['notes[].markdown'],\n healthElement: ['descr', 'note', 'notes[].markdown'],\n maintenanceTask: ['properties'],\n patient: ['note', 'notes[].markdown'],\n message: [],\n topic: ['description', 'linkedServices', 'linkedHealthElements'],\n }\n}\n\n/**\n * Details for the authentication of a user\n */\nexport type AuthenticationDetails =\n | {\n username: string\n password: string\n thirdPartyTokens?: { [thirdParty: string]: string }\n }\n | {\n icureTokens: { token: string; refreshToken: string }\n credentials?: { username: string; password: string }\n }\n | {\n thirdPartyTokens: { [thirdParty: string]: string }\n }\n | SmartAuthenticationDetails\n\n/**\n * Allows to perform authentication through an {@link AuthSecretProvider}.\n *\n * The iCure SDK can authenticate to the backend using different kinds of secrets, such as passwords, long-lived authentication tokens, and\n * short-lived authentication tokens generated through the message gateway. iCure associates to each kind of secret a certain security level, and for\n * some sensitive operations, depending on the configurations of the user and his group, some operations may require a secret of a certain security\n * level. For example, with the default configurations, in order to change his own email the user can't have logged in with a long-lived token, but he\n * needs to provide his current password or a short-lived token.\n *\n * By using this authentication option, the iCure SDK will automatically request and cache the secret from the {@link AuthSecretProvider} only when\n * needed, which should help to minimise the interaction with the user.\n *\n * Another advantage of using this authentication option over others is that in case all the cached tokens and secrets were to expire while performing\n * a request, instead of having the request fail the SDK will ask for a new secret from the {@link SmartAuthProvider} and the request will\n * automatically be retried with the new secret.\n *\n * You must provide the following information:\n * - username: any kind of value that can identify the user (userId, groupId/userId, username, email, ...). More generic identifiers, valid\n * on multiple groups, allow for simpler group switching by using {@link IcureApi.switchGroup}.\n * - secretProvider: the secret provider to use for authentication. Will handle interaction with the gui.\n *\n * You can also provide the following optional information, which may allow to reduce the requests for secrets initially:\n * - initialSecret: an initial secret (password, token, ...) that will be used to get new authentication tokens as needed. If it is expired it will be ignored.\n * - initialAuthToken: an initial authentication token used on each request. If it is expired it will be ignored.\n * - initialRefreshToken: an initial refresh token used to get new authentication tokens as needed. If it is expired it will be ignored.\n */\nexport type SmartAuthenticationDetails = {\n username: string\n secretProvider: AuthSecretProvider\n initialSecret?: { plainSecret: string } | { oauthToken: string; oauthType: OAuthThirdParty }\n initialAuthToken?: string\n initialRefreshToken?: string\n}\n\n/**\n * Main entry point for the iCure API. Provides entity-specific sub-apis and some general methods which are not related to a specific entity.\n */\nexport interface IcureApi extends Apis {\n /**\n * Get the information on groups that the current user can access and the current group that this api instance is working on.\n * Note that the values you will get for `availableGroups` may differ from the values you would get if you call {@link IccUserApi.getMatchingUsers}\n * on {@link Apis.userApi}, since the latter is specialised on the specific instance of the user in `currentGroup`.\n * - `currentGroup`: the group that this api instance is working on, or undefined if the backend environment is not multi-group.\n * - `availableGroups`: the list of groups that the current user can access with the provided secret. Empty if the backend environment is not\n * multi-group.\n */\n getGroupsInfo(): Promise<{ currentGroup: UserGroup | undefined; availableGroups: UserGroup[] }>\n\n /**\n * Switches the api to allow the user to work on a different group.\n * @param newGroupId the id of the group to switch to.\n * @return a new api for the specified group.\n */\n switchGroup(newGroupId: string): Promise<IcureApi>\n}\n\nexport namespace IcureApi {\n /**\n * Initialises a new instance of the iCure API.\n */\n export async function initialise(\n host: string,\n authenticationOptions: AuthenticationDetails | AuthenticationProvider,\n cryptoStrategies: CryptoStrategies,\n crypto: Crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : ({} as Crypto),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch,\n options: IcureApiOptions = {}\n ): Promise<IcureApi> {\n const params = new IcureApiOptions.WithDefaults(options)\n let grouplessAuthenticationProvider = await getAuthenticationProvider(host, authenticationOptions, params.headers, fetchImpl)\n // TODO if this uses a smart auth provider the groupless auth provider does not share the secret cache with the group specific one.\n const grouplessUserApi = new IccUserApi(host, params.headers, grouplessAuthenticationProvider, fetchImpl)\n const matches = await getMatchesOrEmpty(grouplessUserApi)\n const tokens = await grouplessAuthenticationProvider.getIcureTokens()\n const currentGroupId = tokens ? getGroupOfJwt(tokens.token) : undefined\n const chosenGroupId = matches.length > 1 && !!options.groupSelector ? await options.groupSelector(matches, currentGroupId) : matches[0]?.groupId\n /*TODO\n * On new very new users switching the authentication provider to a specific group may fail and block the user for too many requests. This is\n * probably linked to replication of the user in the fallback database.\n */\n const groupSpecificAuthenticationProvider =\n matches.length > 1 && chosenGroupId && chosenGroupId !== currentGroupId\n ? await grouplessAuthenticationProvider.switchGroup(chosenGroupId, matches)\n : grouplessAuthenticationProvider\n const cryptoInitInfo = await initialiseCryptoWithProvider(host, fetchImpl, groupSpecificAuthenticationProvider, params, cryptoStrategies, crypto)\n return new IcureApiImpl(\n cryptoInitInfo,\n host,\n groupSpecificAuthenticationProvider,\n fetch,\n grouplessUserApi,\n matches,\n matches.find((match) => match.groupId === chosenGroupId),\n params,\n cryptoStrategies\n )\n }\n}\n\nasync function getAuthenticationProvider(\n host: string,\n authenticationOptions: AuthenticationDetails | AuthenticationProvider,\n headers: { [headerName: string]: string },\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response>\n) {\n let authenticationProvider: AuthenticationProvider\n if ('getIcureTokens' in authenticationOptions && 'switchGroup' in authenticationOptions && 'getAuthService' in authenticationOptions) {\n authenticationProvider = authenticationOptions\n } else if ('icureTokens' in authenticationOptions && !!authenticationOptions.icureTokens) {\n authenticationProvider = new JwtAuthenticationProvider(\n new IccAuthApi(host, headers, new NoAuthenticationProvider(), fetchImpl),\n authenticationOptions?.credentials?.username,\n authenticationOptions?.credentials?.password,\n undefined,\n authenticationOptions.icureTokens\n )\n } else if (\n 'username' in authenticationOptions &&\n 'password' in authenticationOptions &&\n !!authenticationOptions.username &&\n !!authenticationOptions.password\n ) {\n authenticationProvider = new EnsembleAuthenticationProvider(\n new IccAuthApi(host, headers, new NoAuthenticationProvider(), fetchImpl),\n authenticationOptions.username,\n authenticationOptions.password,\n 3600,\n undefined,\n undefined,\n authenticationOptions.thirdPartyTokens\n )\n } else if ('thirdPartyTokens' in authenticationOptions && !!authenticationOptions.thirdPartyTokens) {\n authenticationProvider = new JwtAuthenticationProvider(\n new IccAuthApi(host, headers, new NoAuthenticationProvider(), fetchImpl),\n undefined,\n undefined,\n new JwtBridgedAuthService(\n new IccAuthApi(host, headers, new NoAuthenticationProvider(), fetchImpl),\n undefined,\n undefined,\n authenticationOptions.thirdPartyTokens,\n undefined\n )\n )\n } else if ('username' in authenticationOptions && 'secretProvider' in authenticationOptions) {\n authenticationProvider = SmartAuthProvider.initialise(\n new IccAuthApi(host, headers, new NoAuthenticationProvider(), fetchImpl),\n authenticationOptions.username,\n authenticationOptions.secretProvider,\n {\n initialSecret: authenticationOptions.initialSecret,\n initialAuthToken: authenticationOptions.initialAuthToken,\n initialRefreshToken: authenticationOptions.initialRefreshToken,\n }\n )\n } else {\n throw new Error('Invalid authentication options provided')\n }\n return authenticationProvider\n}\n\n// Apis which are used during crypto api initialisation, to avoid re-instantiating them later\ntype CryptoInitialisationInfo = {\n cryptoApi: IccCryptoXApi\n healthcarePartyApi: IccHcpartyXApi\n deviceApi: IccDeviceXApi\n // no patient api since it is base\n dataOwnerApi: IccDataOwnerXApi\n userApi: IccUserXApi\n icureMaintenanceTaskApi: IccIcureMaintenanceXApi\n maintenanceTaskApi: IccMaintenanceTaskXApi\n headers: { [headerName: string]: string }\n dataOwnerRequiresAnonymousDelegation: boolean\n recoveryApi: IccRecoveryXApi\n}\n\nconst REQUEST_AUTOFIX_ANONYMITY_HEADER = 'Icure-Request-Autofix-Anonymity'\n\nasync function initialiseCryptoWithProvider(\n host: string,\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response>,\n groupSpecificAuthenticationProvider: AuthenticationProvider,\n params: IcureApiOptions.WithDefaults,\n cryptoStrategies: CryptoStrategies,\n crypto: Crypto\n): Promise<CryptoInitialisationInfo> {\n const initialDataOwnerStub = await new IccDataOwnerXApi(\n host,\n params.headers,\n groupSpecificAuthenticationProvider,\n fetchImpl\n ).getCurrentDataOwnerStub()\n const dataOwnerRequiresAnonymousDelegation = cryptoStrategies.dataOwnerRequiresAnonymousDelegation(initialDataOwnerStub)\n let updatedHeaders = params.headers\n if (!Object.keys(updatedHeaders).includes(REQUEST_AUTOFIX_ANONYMITY_HEADER)) {\n if (initialDataOwnerStub.type == DataOwnerTypeEnum.Patient || initialDataOwnerStub.type == DataOwnerTypeEnum.Device) {\n if (!dataOwnerRequiresAnonymousDelegation) {\n updatedHeaders = { ...updatedHeaders, [REQUEST_AUTOFIX_ANONYMITY_HEADER]: 'false' }\n }\n } else {\n if (dataOwnerRequiresAnonymousDelegation) {\n updatedHeaders = { ...updatedHeaders, [REQUEST_AUTOFIX_ANONYMITY_HEADER]: 'true' }\n }\n }\n }\n\n const authApi = new IccAuthApi(host, updatedHeaders, groupSpecificAuthenticationProvider, fetchImpl)\n const userApi = new IccUserXApi(host, updatedHeaders, groupSpecificAuthenticationProvider, authApi, fetchImpl)\n const healthcarePartyApi = new IccHcpartyXApi(host, updatedHeaders, groupSpecificAuthenticationProvider, authApi, fetchImpl)\n const deviceApi = new IccDeviceXApi(host, updatedHeaders, groupSpecificAuthenticationProvider, userApi, authApi, fetchImpl)\n const basePatientApi = new IccPatientApi(host, updatedHeaders, groupSpecificAuthenticationProvider, fetchImpl)\n const dataOwnerApi = new IccDataOwnerXApi(host, updatedHeaders, groupSpecificAuthenticationProvider, fetchImpl)\n const exchangeDataApi = new IccExchangeDataApi(host, updatedHeaders, groupSpecificAuthenticationProvider, fetchImpl)\n const baseRecoveryDataApi = new IccRecoveryDataApi(host, updatedHeaders, groupSpecificAuthenticationProvider, fetchImpl)\n // Crypto initialisation\n const icureStorage = new IcureStorageFacade(params.keyStorage, params.storage, params.entryKeysFactory)\n const cryptoPrimitives = new CryptoPrimitives(crypto)\n const baseExchangeKeysManager = new BaseExchangeKeysManager(cryptoPrimitives, dataOwnerApi, healthcarePartyApi, basePatientApi, deviceApi)\n const baseExchangeDataManager = new BaseExchangeDataManager(exchangeDataApi, dataOwnerApi, cryptoPrimitives, dataOwnerRequiresAnonymousDelegation)\n const keyRecovery = new KeyRecovery(cryptoPrimitives, dataOwnerApi, baseExchangeKeysManager, baseExchangeDataManager)\n const recoveryDataEncryption = new RecoveryDataEncryption(cryptoPrimitives, baseRecoveryDataApi)\n const keyPairRecoverer = new KeyPairRecoverer(recoveryDataEncryption)\n const userEncryptionKeysManager = new UserEncryptionKeysManager(\n cryptoPrimitives,\n dataOwnerApi,\n icureStorage,\n keyRecovery,\n cryptoStrategies,\n !params.disableParentKeysInitialisation,\n keyPairRecoverer\n )\n const userSignatureKeysManager = new UserSignatureKeysManager(icureStorage, dataOwnerApi, cryptoPrimitives)\n const newKey = await userEncryptionKeysManager.initialiseKeys()\n await new TransferKeysManager(\n cryptoPrimitives,\n baseExchangeDataManager,\n dataOwnerApi,\n userEncryptionKeysManager,\n userSignatureKeysManager,\n icureStorage\n ).updateTransferKeys(await dataOwnerApi.getCurrentDataOwnerStub())\n // TODO customise cache size?\n const exchangeKeysManager = new ExchangeKeysManager(\n 100,\n 500,\n 600000,\n 60000,\n cryptoStrategies,\n cryptoPrimitives,\n userEncryptionKeysManager,\n baseExchangeKeysManager,\n dataOwnerApi,\n !params.disableParentKeysInitialisation,\n icureStorage\n )\n const accessControlSecretUtils = new AccessControlSecretUtils(cryptoPrimitives)\n const exchangeDataManager = await initialiseExchangeDataManagerForCurrentDataOwner(\n baseExchangeDataManager,\n userEncryptionKeysManager,\n userSignatureKeysManager,\n accessControlSecretUtils,\n cryptoStrategies,\n dataOwnerApi,\n cryptoPrimitives,\n !params.disableParentKeysInitialisation\n )\n const exchangeDataMapManager = new ExchangeDataMapManager(\n new IccExchangeDataMapApi(host, updatedHeaders, groupSpecificAuthenticationProvider, fetchImpl)\n )\n const secureDelegationsEncryption = new SecureDelegationsEncryption(userEncryptionKeysManager, cryptoPrimitives)\n const secureDelegationsSecurityMetadataEncryption = new SecureDelegationsSecurityMetadataDecryptor(\n exchangeDataManager,\n exchangeDataMapManager,\n secureDelegationsEncryption,\n dataOwnerApi\n )\n const xApiUtils = new ExtendedApisUtilsImpl(\n cryptoPrimitives,\n dataOwnerApi,\n new LegacyDelegationSecurityMetadataDecryptor(exchangeKeysManager, cryptoPrimitives),\n secureDelegationsSecurityMetadataEncryption,\n new SecureDelegationsManager(\n exchangeDataManager,\n exchangeDataMapManager,\n secureDelegationsEncryption,\n accessControlSecretUtils,\n userEncryptionKeysManager,\n cryptoPrimitives,\n dataOwnerApi,\n cryptoStrategies,\n dataOwnerRequiresAnonymousDelegation\n ),\n userApi,\n !params.disableParentKeysInitialisation\n )\n const shamirManager = new ShamirKeysManager(cryptoPrimitives, dataOwnerApi, userEncryptionKeysManager, exchangeDataManager)\n const confidentialEntitites = new ConfidentialEntities(xApiUtils, cryptoPrimitives, dataOwnerApi)\n await ensureDelegationForSelf(dataOwnerApi, xApiUtils, basePatientApi, cryptoPrimitives)\n const accessControlKeysHeadersProvider = new AccessControlKeysHeadersProvider(exchangeDataManager)\n const delegationsDeAnonymisation = new DelegationsDeAnonymization(\n dataOwnerApi,\n secureDelegationsSecurityMetadataEncryption,\n xApiUtils,\n cryptoPrimitives,\n accessControlSecretUtils,\n host,\n updatedHeaders,\n groupSpecificAuthenticationProvider,\n fetchImpl,\n accessControlKeysHeadersProvider\n )\n const cryptoApi = new IccCryptoXApi(\n exchangeKeysManager,\n cryptoPrimitives,\n userEncryptionKeysManager,\n dataOwnerApi,\n xApiUtils,\n shamirManager,\n params.storage,\n params.keyStorage,\n confidentialEntitites,\n exchangeDataManager,\n accessControlKeysHeadersProvider,\n delegationsDeAnonymisation\n )\n const maintenanceTaskApi = new IccMaintenanceTaskXApi(\n host,\n updatedHeaders,\n cryptoApi,\n healthcarePartyApi,\n dataOwnerApi,\n userApi,\n authApi,\n !dataOwnerRequiresAnonymousDelegation,\n params.encryptedFieldsConfig.maintenanceTask ?? EncryptedFieldsConfig.Defaults.maintenanceTask,\n groupSpecificAuthenticationProvider,\n fetchImpl\n )\n const icureMaintenanceTaskApi = new IccIcureMaintenanceXApi(cryptoApi, maintenanceTaskApi, dataOwnerApi, exchangeDataApi)\n\n if (newKey && params.createMaintenanceTasksOnNewKey) {\n await icureMaintenanceTaskApi.createMaintenanceTasksForNewKeypair(await userApi.getCurrentUser(), newKey.newKeyPair)\n }\n return {\n cryptoApi,\n userApi,\n healthcarePartyApi,\n deviceApi,\n maintenanceTaskApi,\n dataOwnerApi,\n icureMaintenanceTaskApi,\n headers: updatedHeaders,\n dataOwnerRequiresAnonymousDelegation,\n recoveryApi: new IccRecoveryXApi(\n baseRecoveryDataApi,\n recoveryDataEncryption,\n userEncryptionKeysManager,\n dataOwnerApi,\n cryptoPrimitives,\n exchangeDataManager\n ),\n }\n}\n\nclass IcureApiImpl implements IcureApi {\n private latestGroupsRequest: Promise<UserGroup[]>\n\n constructor(\n private readonly cryptoInitInfos: CryptoInitialisationInfo,\n private readonly host: string,\n private readonly groupSpecificAuthenticationProvider: AuthenticationProvider,\n private readonly fetch: (input: RequestInfo, init?: RequestInit) => Promise<Response>,\n private readonly grouplessUserApi: IccUserApi,\n latestMatches: UserGroup[],\n private readonly currentGroupInfo: UserGroup | undefined,\n private readonly params: IcureApiOptions.WithDefaults,\n private readonly cryptoStrategies: CryptoStrategies\n ) {\n this.latestGroupsRequest = Promise.resolve(latestMatches)\n }\n\n private _authApi: IccAuthApi | undefined\n\n get recoveryApi(): IccRecoveryXApi {\n return this.cryptoInitInfos.recoveryApi\n }\n\n get authApi(): IccAuthApi {\n return (\n this._authApi ?? (this._authApi = new IccAuthApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _codeApi: IccCodeXApi | undefined\n\n get codeApi(): IccCodeXApi {\n return (\n this._codeApi ??\n (this._codeApi = new IccCodeXApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _calendarItemTypeApi: IccCalendarItemTypeApi | undefined\n\n get calendarItemTypeApi(): IccCalendarItemTypeApi {\n return (\n this._calendarItemTypeApi ??\n (this._calendarItemTypeApi = new IccCalendarItemTypeApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _medicalLocationApi: IccMedicallocationApi | undefined\n\n get medicalLocationApi(): IccMedicallocationApi {\n return (\n this._medicalLocationApi ??\n (this._medicalLocationApi = new IccMedicallocationApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _roleApi: IccRoleApi | undefined\n\n get roleApi(): IccRoleApi {\n return this._roleApi ?? (this._roleApi = new IccRoleApi(this.host, this.params.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n }\n\n private _entityReferenceApi: IccEntityrefApi | undefined\n\n get entityReferenceApi(): IccEntityrefApi {\n return (\n this._entityReferenceApi ??\n (this._entityReferenceApi = new IccEntityrefApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _permissionApi: IccPermissionApi | undefined\n\n get permissionApi(): IccPermissionApi {\n return (\n this._permissionApi ??\n (this._permissionApi = new IccPermissionApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _accessLogApi: IccAccesslogXApi | undefined\n\n get accessLogApi(): IccAccesslogXApi {\n return (\n this._accessLogApi ??\n (this._accessLogApi = new IccAccesslogXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.params.encryptedFieldsConfig.accessLog ?? EncryptedFieldsConfig.Defaults.accessLog,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _agendaApi: IccAgendaApi | undefined\n\n get agendaApi(): IccAgendaApi {\n return (\n this._agendaApi ??\n (this._agendaApi = new IccAgendaApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _contactApi: IccContactXApi | undefined\n\n get contactApi(): IccContactXApi {\n return (\n this._contactApi ??\n (this._contactApi = new IccContactXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n this.userApi,\n this.authApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch,\n this.params.encryptedFieldsConfig.contact ?? EncryptedFieldsConfig.Defaults.contact,\n this.params.encryptedFieldsConfig.service ?? EncryptedFieldsConfig.Defaults.service\n ))\n )\n }\n\n private _formApi: IccFormXApi | undefined\n\n get formApi(): IccFormXApi {\n return (\n this._formApi ??\n (this._formApi = new IccFormXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _groupApi: IccGroupApi | undefined\n\n get groupApi(): IccGroupApi {\n return (\n this._groupApi ??\n (this._groupApi = new IccGroupApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _invoiceApi: IccInvoiceXApi | undefined\n\n get invoiceApi(): IccInvoiceXApi {\n return (\n this._invoiceApi ??\n (this._invoiceApi = new IccInvoiceXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.entityReferenceApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _insuranceApi: IccInsuranceApi | undefined\n\n get insuranceApi(): IccInsuranceApi {\n return (\n this._insuranceApi ??\n (this._insuranceApi = new IccInsuranceApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _documentApi: IccDocumentXApi | undefined\n\n get documentApi(): IccDocumentXApi {\n return (\n this._documentApi ??\n (this._documentApi = new IccDocumentXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.authApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _healthcareElementApi: IccHelementXApi | undefined\n\n get healthcareElementApi(): IccHelementXApi {\n return (\n this._healthcareElementApi ??\n (this._healthcareElementApi = new IccHelementXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n this.userApi,\n this.authApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.params.encryptedFieldsConfig.healthElement ?? EncryptedFieldsConfig.Defaults.healthElement,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _classificationApi: IccClassificationXApi | undefined\n\n get classificationApi(): IccClassificationXApi {\n return (\n this._classificationApi ??\n (this._classificationApi = new IccClassificationXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _calendarItemApi: IccCalendarItemXApi | undefined\n\n get calendarItemApi(): IccCalendarItemXApi {\n return (\n this._calendarItemApi ??\n (this._calendarItemApi = new IccCalendarItemXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.params.encryptedFieldsConfig.calendarItem ?? EncryptedFieldsConfig.Defaults.calendarItem,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _receiptApi: IccReceiptXApi | undefined\n\n get receiptApi(): IccReceiptXApi {\n return (\n this._receiptApi ??\n (this._receiptApi = new IccReceiptXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _timetableApi: IccTimeTableXApi | undefined\n\n get timetableApi(): IccTimeTableXApi {\n return (\n this._timetableApi ??\n (this._timetableApi = new IccTimeTableXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _patientApi: IccPatientXApi | undefined\n\n get patientApi(): IccPatientXApi {\n return (\n this._patientApi ??\n (this._patientApi = new IccPatientXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.contactApi,\n this.formApi,\n this.healthcareElementApi,\n this.invoiceApi,\n this.documentApi,\n this.healthcarePartyApi,\n this.classificationApi,\n this.dataOwnerApi,\n this.calendarItemApi,\n this.userApi,\n this.authApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.params.encryptedFieldsConfig.patient ?? EncryptedFieldsConfig.Defaults.patient,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _messageApi: IccMessageXApi | undefined\n\n get messageApi(): IccMessageXApi {\n return (\n this._messageApi ??\n (this._messageApi = new IccMessageXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n this.authApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.params.encryptedFieldsConfig.message ?? EncryptedFieldsConfig.Defaults.message,\n this.fetch\n ))\n )\n }\n\n private _topicApi: IccTopicXApi | undefined\n\n get topicApi(): IccTopicXApi {\n return (\n this._topicApi ??\n (this._topicApi = new IccTopicXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.dataOwnerApi,\n this.authApi,\n !this.cryptoInitInfos.dataOwnerRequiresAnonymousDelegation,\n this.groupSpecificAuthenticationProvider,\n this.params.encryptedFieldsConfig.topic ?? EncryptedFieldsConfig.Defaults.topic,\n this.fetch\n ))\n )\n }\n\n private _anonymousAccessApi: IccAnonymousAccessApi | undefined\n\n get anonymousAccessApi(): IccAnonymousAccessApi {\n return (\n this._anonymousAccessApi ??\n (this._anonymousAccessApi = new IccAnonymousAccessApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _applicationSettingsApi: IccApplicationsettingsApi | undefined\n\n get applicationSettingsApi(): IccApplicationsettingsApi {\n return (\n this._applicationSettingsApi ??\n (this._applicationSettingsApi = new IccApplicationsettingsApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _articleApi: IccArticleApi | undefined\n\n get articleApi(): IccArticleApi {\n return (\n this._articleApi ??\n (this._articleApi = new IccArticleApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _bekmehrApi: IccBekmehrXApi | undefined\n\n get bekmehrApi(): IccBekmehrXApi {\n return (\n this._bekmehrApi ??\n (this._bekmehrApi = new IccBekmehrXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.authApi,\n this.contactApi,\n this.healthcareElementApi,\n this.documentApi,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _beefactApi: IccBeefactApi | undefined\n\n get beefactApi(): IccBeefactApi {\n return (\n this._beefactApi ??\n (this._beefactApi = new IccBeefactApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _beresultexportApi: IccBeresultexportApi | undefined\n\n get beresultexportApi(): IccBeresultexportApi {\n return (\n this._beresultexportApi ??\n (this._beresultexportApi = new IccBeresultexportApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _beresultimportApi: IccBeresultimportApi | undefined\n\n get beresultimportApi(): IccBeresultimportApi {\n return (\n this._beresultimportApi ??\n (this._beresultimportApi = new IccBeresultimportApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _besamv2Api: IccBesamv2Api | undefined\n\n get besamv2Api(): IccBesamv2Api {\n return (\n this._besamv2Api ??\n (this._besamv2Api = new IccBesamv2Api(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _classificationTemplateApi: IccClassificationTemplateApi | undefined\n\n get classificationTemplateApi(): IccClassificationTemplateApi {\n return (\n this._classificationTemplateApi ??\n (this._classificationTemplateApi = new IccClassificationTemplateApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _doctemplateApi: IccDoctemplateXApi | undefined\n\n get doctemplateApi(): IccDoctemplateXApi {\n return (\n this._doctemplateApi ??\n (this._doctemplateApi = new IccDoctemplateXApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.cryptoApi,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _entitytemplateApi: IccEntitytemplateApi | undefined\n\n get entitytemplateApi(): IccEntitytemplateApi {\n return (\n this._entitytemplateApi ??\n (this._entitytemplateApi = new IccEntitytemplateApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _frontendmigrationApi: IccFrontendmigrationApi | undefined\n\n get frontendmigrationApi(): IccFrontendmigrationApi {\n return (\n this._frontendmigrationApi ??\n (this._frontendmigrationApi = new IccFrontendmigrationApi(\n this.host,\n this.cryptoInitInfos.headers,\n this.groupSpecificAuthenticationProvider,\n this.fetch\n ))\n )\n }\n\n private _icureApi: IccIcureApi | undefined\n\n get icureApi(): IccIcureApi {\n return (\n this._icureApi ??\n (this._icureApi = new IccIcureApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _keywordApi: IccKeywordApi | undefined\n\n get keywordApi(): IccKeywordApi {\n return (\n this._keywordApi ??\n (this._keywordApi = new IccKeywordApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _medexApi: IccMedexApi | undefined\n\n get medexApi(): IccMedexApi {\n return (\n this._medexApi ??\n (this._medexApi = new IccMedexApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _placeApi: IccPlaceApi | undefined\n\n get placeApi(): IccPlaceApi {\n return (\n this._placeApi ??\n (this._placeApi = new IccPlaceApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _pubsubApi: IccPubsubApi | undefined\n\n get pubsubApi(): IccPubsubApi {\n return (\n this._pubsubApi ??\n (this._pubsubApi = new IccPubsubApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _replicationApi: IccReplicationApi | undefined\n\n get replicationApi(): IccReplicationApi {\n return (\n this._replicationApi ??\n (this._replicationApi = new IccReplicationApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _tarificationApi: IccTarificationApi | undefined\n\n get tarificationApi(): IccTarificationApi {\n return (\n this._tarificationApi ??\n (this._tarificationApi = new IccTarificationApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n private _tmpApi: IccTmpApi | undefined\n\n get tmpApi(): IccTmpApi {\n return (\n this._tmpApi ?? (this._tmpApi = new IccTmpApi(this.host, this.cryptoInitInfos.headers, this.groupSpecificAuthenticationProvider, this.fetch))\n )\n }\n\n get cryptoApi(): IccCryptoXApi {\n return this.cryptoInitInfos.cryptoApi\n }\n\n get dataOwnerApi(): IccDataOwnerXApi {\n return this.cryptoInitInfos.dataOwnerApi\n }\n\n get deviceApi(): IccDeviceXApi {\n return this.cryptoInitInfos.deviceApi\n }\n\n get healthcarePartyApi(): IccHcpartyXApi {\n return this.cryptoInitInfos.healthcarePartyApi\n }\n\n get icureMaintenanceTaskApi(): IccIcureMaintenanceXApi {\n return this.cryptoInitInfos.icureMaintenanceTaskApi\n }\n\n get maintenanceTaskApi(): IccMaintenanceTaskXApi {\n return this.cryptoInitInfos.maintenanceTaskApi\n }\n\n get userApi(): IccUserXApi {\n return this.cryptoInitInfos.userApi\n }\n\n async getGroupsInfo(): Promise<{ currentGroup: UserGroup | undefined; availableGroups: UserGroup[] }> {\n this.latestGroupsRequest = this.grouplessUserApi.getMatchingUsers()\n return { currentGroup: this.currentGroupInfo, availableGroups: await this.latestGroupsRequest }\n }\n\n async switchGroup(newGroupId: string): Promise<IcureApi> {\n const availableGroups = await this.latestGroupsRequest\n const switchedProvider = await this.groupSpecificAuthenticationProvider.switchGroup(newGroupId, availableGroups)\n const cryptoInitInfos = await initialiseCryptoWithProvider(\n this.host,\n this.fetch,\n switchedProvider,\n this.params,\n this.cryptoStrategies,\n this.cryptoApi.primitives.crypto\n )\n return new IcureApiImpl(\n cryptoInitInfos,\n this.host,\n switchedProvider,\n this.fetch,\n this.grouplessUserApi,\n availableGroups,\n availableGroups.find((x) => x.groupId === newGroupId)!,\n this.params,\n this.cryptoStrategies\n )\n }\n}\n\n/**\n /**\n * @experimental This function still needs development and will be changed\n * Build apis which do not need crypto and can be used by non-data-owner users\n */\nexport const BasicApis = async function (\n host: string,\n authenticationOptions: AuthenticationDetails | AuthenticationProvider,\n crypto: Crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : ({} as Crypto),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch,\n options: { headers?: { [headerName: string]: string } } = {}\n): Promise<BasicApis> {\n const authenticationProvider = await getAuthenticationProvider(host, authenticationOptions, options.headers ?? {}, fetchImpl)\n const authApi = new IccAuthApi(host, options.headers ?? {}, authenticationProvider, fetchImpl)\n\n const codeApi = new IccCodeXApi(host, options.headers ?? {}, authenticationProvider, fetchImpl)\n const entityReferenceApi = new IccEntityrefApi(host, options.headers ?? {}, authenticationProvider, fetchImpl)\n const userApi = new IccUserXApi(host, options.headers ?? {}, authenticationProvider, authApi, fetchImpl)\n const deviceApi = new IccDeviceXApi(host, options.headers ?? {}, authenticationProvider, userApi, authApi, fetchImpl)\n const permissionApi = new IccPermissionApi(host, options.headers ?? {}, authenticationProvider, fetchImpl)\n const agendaApi = new IccAgendaApi(host, options.headers ?? {}, authenticationProvider, fetchImpl)\n const groupApi = new IccGroupApi(host, options.headers ?? {}, authenticationProvider)\n const insuranceApi = new IccInsuranceApi(host, options.headers ?? {}, authenticationProvider, fetchImpl)\n const healthcarePartyApi = new IccHcpartyXApi(host, options.headers ?? {}, authenticationProvider, authApi, fetchImpl)\n\n return {\n authApi,\n deviceApi,\n codeApi,\n userApi,\n permissionApi,\n insuranceApi,\n entityReferenceApi,\n agendaApi,\n groupApi,\n healthcarePartyApi,\n }\n}\n\nasync function getMatchesOrEmpty(userApi: IccUserApi): Promise<UserGroup[]> {\n try {\n return await userApi.getMatchingUsers()\n } catch (err) {\n if (err instanceof Error && 'statusCode' in err && (err as any).statusCode === 404) return Promise.resolve([])\n else return Promise.reject(err)\n }\n}\n"]}
|
package/package.json
CHANGED
|
@@ -106,7 +106,7 @@ var EntryUpdateTypeEnum = EntitySharedMetadataUpdateRequest_1.EntitySharedMetada
|
|
|
106
106
|
else if (explicitSelf && !explicitDelegate) {
|
|
107
107
|
(0, chai_1.expect)(shareParams.exchangeDataId).to.be.undefined;
|
|
108
108
|
(0, chai_1.expect)(Object.entries((_b = shareParams.encryptedExchangeDataId) !== null && _b !== void 0 ? _b : {})).to.have.length(1);
|
|
109
|
-
(0, chai_1.expect)(shareParams.encryptedExchangeDataId[selfKeyFp]).to.not.be.undefined;
|
|
109
|
+
(0, chai_1.expect)(shareParams.encryptedExchangeDataId[(0, utils_1.fingerprintV1toV2)(selfKeyFp)]).to.not.be.undefined;
|
|
110
110
|
}
|
|
111
111
|
else if (!explicitSelf && explicitDelegate) {
|
|
112
112
|
(0, chai_1.expect)(shareParams.exchangeDataId).to.be.undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secure-delegations-manager-test.js","sourceRoot":"","sources":["../../../../test/icc-x-api/crypto/secure-delegations-manager-test.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,iCAAgC;AAChC,iFAA6E;AAC7E,mCAAkC;AAClC,qFAAiF;AACjF,qIAAiI;AACjI,uGAAmG;AACnG,kDAA6F;AAC7F,iGAA6F;AAC7F,iGAA6F;AAC7F,uFAAqI;AACrI,+FAA2F;AAC3F,yEAAqE;AACrE,mEAA+D;AAC/D,2EAAuE;AACvE,mFAA+E;AAE/E,2FAAuF;AACvF,+BAA6B;AAE7B,8EAA0E;AAC1E,8EAA0E;AAC1E,gFAAiF;AACjF,yHAAqH;AACrH,2DAA+D;AAC/D,gFAA4E;AAC5E,uFAAmF;AACnF,IAAO,uBAAuB,GAAG,uCAAkB,CAAC,2BAA2B,CAAA;AAC/E,IAAO,mBAAmB,GAAG,qEAAiC,CAAC,mBAAmB,CAAA;AAElF,IAAA,gBAAQ,EAAC,4BAA4B,EAAE;;QACrC,MAAM,UAAU,GAAG,IAAI,mCAAgB,CAAC,kBAAgB,CAAC,CAAA;QACzD,IAAI,MAAc,CAAA;QAClB,IAAI,SAAiB,CAAA;QACrB,IAAI,WAA+B,CAAA;QACnC,IAAI,UAAkB,CAAA;QACtB,IAAI,aAAqB,CAAA;QACzB,IAAI,eAAmC,CAAA;QACvC,IAAI,YAA8B,CAAA;QAClC,IAAI,sBAAkD,CAAA;QACtD,IAAI,2BAAwD,CAAA;QAC5D,IAAI,SAAqD,CAAA;QACzD,IAAI,OAAiC,CAAA;QACrC,IAAI,YAAiC,CAAA;QACrC,IAAI,wBAAkD,CAAA;QAEtD,SAAe,oBAAoB,CAAC,YAAqB,EAAE,gBAAyB;;gBAClF,MAAM,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;gBAChC,WAAW,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,eAAe,CAAC,sBAAU,CAAC,MAAM,CAAC,CAAA;gBACrE,SAAS,GAAG,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,WAAW,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;gBAC5F,UAAU,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;gBACpC,eAAe,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,eAAe,CAAC,sBAAU,CAAC,MAAM,CAAC,CAAA;gBACzE,aAAa,GAAG,IAAA,qBAAa,EAAC,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,CAAA;gBACxG,YAAY,GAAG,IAAI,mCAAgB,CACjC;oBACE,EAAE,EAAE,MAAM;oBACV,IAAI,EAAE,YAAY,CAAC,CAAC,CAAC,qCAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,qCAAiB,CAAC,OAAO;oBACtE,SAAS,EAAE,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,WAAW,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;iBACjF,EACD;oBACE;wBACE,EAAE,EAAE,UAAU;wBACd,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,qCAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,qCAAiB,CAAC,OAAO;wBAC1E,SAAS,EAAE,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;qBACrF;iBACF,CACF,CAAA;gBACD,MAAM,gBAAgB,GAAG,IAAI,2CAAoB,EAAE,CAAA;gBACnD,MAAM,eAAe,GAAG,IAAI,yCAAmB,EAAE,CAAA;gBACjD,wBAAwB,GAAG,IAAI,mDAAwB,CAAC,UAAU,CAAC,CAAA;gBACnE,MAAM,qBAAqB,GAAG,MAAM,qDAAyB,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,WAAW,CAAC,CAAC,CAAA;gBAC/F,MAAM,oBAAoB,GAAG,IAAI,mDAAwB,CAAC,UAAU,CAAC,CAAA;gBACrE,MAAM,gBAAgB,GAAG,IAAI,iDAAuB,CAAC,eAAe,EAAE,YAAY,EAAE,UAAU,EAAE,CAAC,YAAY,CAAC,CAAA;gBAC9G,YAAY,GAAG,MAAM,IAAA,sEAAgD,EACnE,gBAAgB,EAChB,qBAAqB,EACrB,oBAAoB,EACpB,wBAAwB,EACxB,gBAAgB,EAChB,YAAY,EACZ,UAAU,EACV,IAAI,CACL,CAAA;gBACD,sBAAsB,GAAG,IAAI,uDAA0B,EAAE,CAAA;gBACzD,2BAA2B,GAAG,IAAI,yDAA2B,CAAC,qBAAqB,EAAE,UAAU,CAAC,CAAA;gBAChG,SAAS,GAAG,IAAI,uFAA0C,CAAC,YAAY,EAAE,sBAAsB,EAAE,2BAA2B,EAAE,YAAY,CAAC,CAAA;gBAC3I,OAAO,GAAG,IAAI,mDAAwB,CACpC,YAAY,EACZ,sBAAsB,EACtB,2BAA2B,EAC3B,wBAAwB,EACxB,qBAAqB,EACrB,UAAU,EACV,YAAY,EACZ,gBAAgB,EAChB,CAAC,YAAY,CACd,CAAA;YACH,CAAC;SAAA;QAED,EAAE,CAAC,gFAAgF,EAAE;;gBACnF,SAAe,MAAM,CAAC,YAAqB,EAAE,gBAAyB;;;wBACpE,MAAM,oBAAoB,CAAC,YAAY,EAAE,gBAAgB,CAAC,CAAA;wBAC1D,MAAM,SAAS,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,EAAE,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBAC1F,MAAM,cAAc,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBAC3D,MAAM,eAAe,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,EAAE,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,EAAE,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBACpI,MAAM,UAAU,GAAG,wCAA4B,CAAC,OAAO,CAAA;wBACvD,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,8BAA8B,CACtE,EAAE,MAAM,EAAE,EAAE,iBAAiB,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,EACvD,UAAU,EACV,SAAS,EACT,cAAc,EACd,eAAe,EACf,uCAAkB,CAAC,uBAAuB,CAAC,SAAS,CACrD,CAAA;wBACD,IAAA,aAAM,EAAC,mBAAmB,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;wBAC/C,IAAA,aAAM,EAAC,mBAAoB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;wBACnD,IAAA,aAAM,EAAC,mBAAoB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;wBACtD,MAAM,WAAW,GAAG,mBAAoB,CAAC,KAAM,CAAA;wBAC/C,IAAA,aAAM,EAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;wBACvD,IAAI,YAAY,IAAI,gBAAgB,EAAE;4BACpC,IAAA,aAAM,EAAC,WAAW,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;4BACtD,IAAA,aAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAA,WAAW,CAAC,uBAAuB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;yBACpF;6BAAM,IAAI,YAAY,IAAI,CAAC,gBAAgB,EAAE;4BAC5C,IAAA,aAAM,EAAC,WAAW,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;4BAClD,IAAA,aAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAA,WAAW,CAAC,uBAAuB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;4BACnF,IAAA,aAAM,EAAC,WAAW,CAAC,uBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;yBAC5E;6BAAM,IAAI,CAAC,YAAY,IAAI,gBAAgB,EAAE;4BAC5C,IAAA,aAAM,EAAC,WAAW,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;4BAClD,IAAA,aAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAA,WAAW,CAAC,uBAAuB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;4BACnF,IAAA,aAAM,EAAC,WAAW,CAAC,uBAAwB,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;yBAChF;6BAAM;4BACL,IAAA,aAAM,EAAC,WAAW,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;4BAClD,IAAA,aAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAA,WAAW,CAAC,uBAAuB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;yBACpF;wBACD,MAAM,SAAS,GAAG,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,MAAM,CAAC,IAAA,kBAAM,EAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;wBAC3F,MAAM,UAAU,GAAwE;4BACtF,MAAM,EAAE;gCACN,iBAAiB,EAAE,EAAE;gCACrB,gBAAgB,EAAE,IAAI,mCAAgB,CAAC;oCACrC,iBAAiB,EAAE;wCACjB,CAAC,SAAS,CAAC,EAAE,IAAI,mCAAgB,CAAC;4CAChC,SAAS,EAAE,WAAW,CAAC,iBAAiB;4CACxC,QAAQ,EAAE,WAAW,CAAC,gBAAgB;4CACtC,SAAS,EAAE,WAAW,CAAC,SAAS;4CAChC,cAAc,EAAE,WAAW,CAAC,cAAc;4CAC1C,eAAe,EAAE,WAAW,CAAC,eAAe;4CAC5C,cAAc,EAAE,WAAW,CAAC,cAAc;4CAC1C,uBAAuB,EAAE,WAAW,CAAC,uBAAuB;4CAC5D,WAAW,EAAE,mCAAgB,CAAC,eAAe,CAAC,KAAK;yCACpD,CAAC;qCACH;iCACF,CAAC;6BACH;4BACD,IAAI,EAAE,wCAA4B,CAAC,OAAO;yBAC3C,CAAA;wBACD,MAAM,sBAAsB,CAAC,sBAAsB,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,WAAW,CAAC,uBAAwB,EAAE,CAAC,CAAA;wBAC1G,MAAM,YAAY,CAAC,sBAAsB,EAAE,CAAA;wBAC3C,MAAM,kBAAkB,GAAG,CAAC,MAAM,IAAA,wCAAqB,EAAC,SAAS,CAAC,kBAAkB,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;wBACpI,MAAM,uBAAuB,GAAG,CAAC,MAAM,IAAA,wCAAqB,EAAC,SAAS,CAAC,uBAAuB,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;wBAC9I,MAAM,wBAAwB,GAAG,CAAC,MAAM,IAAA,wCAAqB,EAAC,SAAS,CAAC,wBAAwB,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;wBAChJ,IAAA,aAAM,EAAC,kBAAkB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;wBAC3D,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE;4BAChC,IAAA,aAAM,EAAC,kBAAkB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;yBAChD;wBACD,IAAA,aAAM,EAAC,uBAAuB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,CAAA;wBACrE,KAAK,MAAM,aAAa,IAAI,cAAc,EAAE;4BAC1C,IAAA,aAAM,EAAC,uBAAuB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;yBAC1D;wBACD,IAAA,aAAM,EAAC,wBAAwB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAA;wBACvE,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE;4BAC5C,IAAA,aAAM,EAAC,wBAAwB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;yBAC5D;;iBACF;gBACD,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;gBAC/B,MAAM,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;gBAC1B,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAA;gBAC3B,MAAM,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;gBACzB,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAA;gBAC3B,MAAM,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;gBACzB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;gBACvB,MAAM,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;YAC1B,CAAC;SAAA,CAAC,CAAA;QAEF,EAAE,CAAC,0FAA0F,EAAE;;gBAC7F,SAAe,MAAM,CAAC,uBAAgC;;;wBACpD,MAAM,oBAAoB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;wBACxC,MAAM,YAAY,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;wBAC5C,MAAM,QAAQ,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;wBACxC,MAAM,gBAAgB,GAAG,MAAM,YAAY,CAAC,2BAA2B,CAAC,UAAU,EAAE,wCAA4B,CAAC,OAAO,EAAE,EAAE,EAAE,KAAK,CAAC,CAAA;wBACpI,MAAM,YAAY,GAAG,MAAM,wBAAwB,CAAC,sBAAsB,CACxE,gBAAgB,CAAC,mBAAmB,EACpC,wCAA4B,CAAC,OAAO,EACpC,YAAY,CACb,CAAA;wBACD,MAAM,QAAQ,GAAG,MAAM,wBAAwB,CAAC,sBAAsB,CACpE,gBAAgB,CAAC,mBAAmB,EACpC,wCAA4B,CAAC,OAAO,EACpC,QAAQ,CACT,CAAA;wBACD,MAAM,iBAAiB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBAC9D,MAAM,YAAY,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBACzD,MAAM,sBAAsB,GAAa,EAAE,CAAA;wBAC3C,MAAM,iBAAiB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBAC9D,MAAM,uBAAuB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBACpE,MAAM,kBAAkB,GAAa,EAAE,CAAA;wBACvC,MAAM,UAAU,GAAwE;4BACtF,MAAM,EAAE;gCACN,iBAAiB,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC;gCACxE,gBAAgB,EAAE,IAAI,mCAAgB,CAAC;oCACrC,iBAAiB,EAAE;wCACjB,CAAC,YAAY,CAAC,EAAE,IAAI,mCAAgB,CAAC;4CACnC,SAAS,EAAE,MAAM;4CACjB,QAAQ,EAAE,MAAM;4CAChB,SAAS,EAAE,MAAM,2BAA2B,CAAC,gBAAgB,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,WAAW,CAAC;4CAC9G,cAAc,EAAE,MAAM,2BAA2B,CAAC,qBAAqB,CAAC,sBAAsB,EAAE,gBAAgB,CAAC,WAAW,CAAC;4CAC7H,eAAe,EAAE,MAAM,2BAA2B,CAAC,sBAAsB,CAAC,uBAAuB,EAAE,gBAAgB,CAAC,WAAW,CAAC;4CAChI,WAAW,EAAE,mCAAgB,CAAC,eAAe,CAAC,KAAK;yCACpD,CAAC;qCACH;oCACD,gBAAgB,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,YAAY,EAAE;iCAC/C,CAAC;6BACH;4BACD,IAAI,EAAE,wCAA4B,CAAC,OAAO;yBAC3C,CAAA;wBACD,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,8BAA8B,CACtE,UAAU,EACV,UAAU,EACV,CAAC,GAAG,iBAAiB,EAAE,GAAG,YAAY,CAAC,EACvC,CAAC,GAAG,sBAAsB,EAAE,GAAG,iBAAiB,CAAC,EACjD,CAAC,GAAG,uBAAuB,EAAE,GAAG,kBAAkB,CAAC,EACnD,uBAAuB,CAAC,SAAS,CAClC,CAAA;wBACD,IAAA,aAAM,EAAC,mBAAmB,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;wBAC/C,IAAA,aAAM,EAAC,mBAAoB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;wBAClD,IAAA,aAAM,EAAC,mBAAoB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;wBACvD,MAAM,YAAY,GAAG,mBAAoB,CAAC,MAAO,CAAA;wBACjD,IAAA,aAAM,EAAC,YAAY,CAAC,yBAAyB,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;wBACrE,IAAA,aAAM,EAAC,MAAM,CAAC,IAAI,CAAC,MAAA,YAAY,CAAC,SAAS,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;wBACrF,KAAK,MAAM,CAAC,QAAQ,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAA,YAAY,CAAC,SAAS,mCAAI,EAAE,CAAC,EAAE;4BACjF,IAAA,aAAM,EAAC,UAAU,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAA;4BACvD,IAAA,aAAM,EAAC,YAAY,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,2BAA2B,CAAC,eAAe,CAAC,QAAQ,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAA;yBAC3H;wBACD,IAAA,aAAM,EAAC,MAAM,CAAC,IAAI,CAAC,MAAA,YAAY,CAAC,cAAc,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAA;wBAC/F,KAAK,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAA,YAAY,CAAC,cAAc,mCAAI,EAAE,CAAC,EAAE;4BAC3F,IAAA,aAAM,EAAC,UAAU,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAA;4BACvD,IAAA,aAAM,EAAC,iBAAiB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,2BAA2B,CAAC,oBAAoB,CAAC,aAAa,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAA;yBAC1I;wBACD,IAAA,aAAM,EAAC,MAAM,CAAC,IAAI,CAAC,MAAA,YAAY,CAAC,eAAe,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAA;wBACjG,KAAK,MAAM,CAAC,cAAc,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAA,YAAY,CAAC,eAAe,mCAAI,EAAE,CAAC,EAAE;4BAC7F,IAAA,aAAM,EAAC,UAAU,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAA;4BACvD,IAAA,aAAM,EAAC,kBAAkB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,2BAA2B,CAAC,qBAAqB,CAAC,cAAc,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAA;yBAC7I;;iBACF;gBACD,MAAM,MAAM,CAAC,IAAI,CAAC,CAAA;gBAClB,MAAM,MAAM,CAAC,KAAK,CAAC,CAAA;YACrB,CAAC;SAAA,CAAC,CAAA;QAEF,EAAE,CAAC,qFAAqF,EAAE;;gBACxF,MAAM,oBAAoB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;gBACxC,MAAM,YAAY,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;gBAC5C,MAAM,gBAAgB,GAAG,MAAM,YAAY,CAAC,2BAA2B,CAAC,UAAU,EAAE,wCAA4B,CAAC,OAAO,EAAE,EAAE,EAAE,KAAK,CAAC,CAAA;gBACpI,MAAM,YAAY,GAAG,MAAM,wBAAwB,CAAC,sBAAsB,CACxE,gBAAgB,CAAC,mBAAmB,EACpC,wCAA4B,CAAC,OAAO,EACpC,YAAY,CACb,CAAA;gBACD,MAAM,iBAAiB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBAC9D,MAAM,sBAAsB,GAAa,EAAE,CAAA;gBAC3C,MAAM,uBAAuB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBACpE,MAAM,UAAU,GAAwE;oBACtF,MAAM,EAAE;wBACN,iBAAiB,EAAE,CAAC,YAAY,CAAC;wBACjC,gBAAgB,EAAE,IAAI,mCAAgB,CAAC;4BACrC,iBAAiB,EAAE;gCACjB,CAAC,YAAY,CAAC,EAAE,IAAI,mCAAgB,CAAC;oCACnC,SAAS,EAAE,MAAM;oCACjB,QAAQ,EAAE,MAAM;oCAChB,SAAS,EAAE,MAAM,2BAA2B,CAAC,gBAAgB,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,WAAW,CAAC;oCAC9G,cAAc,EAAE,MAAM,2BAA2B,CAAC,qBAAqB,CAAC,sBAAsB,EAAE,gBAAgB,CAAC,WAAW,CAAC;oCAC7H,eAAe,EAAE,MAAM,2BAA2B,CAAC,sBAAsB,CAAC,uBAAuB,EAAE,gBAAgB,CAAC,WAAW,CAAC;oCAChI,WAAW,EAAE,mCAAgB,CAAC,eAAe,CAAC,KAAK;iCACpD,CAAC;6BACH;yBACF,CAAC;qBACH;oBACD,IAAI,EAAE,wCAA4B,CAAC,OAAO;iBAC3C,CAAA;gBACD,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,8BAA8B,CACtE,UAAU,EACV,UAAU,EACV,CAAC,GAAG,iBAAiB,CAAC,EACtB,CAAC,GAAG,sBAAsB,CAAC,EAC3B,CAAC,GAAG,uBAAuB,CAAC,EAC5B,uBAAuB,CAAC,SAAS,CAClC,CAAA;gBACD,IAAA,aAAM,EAAC,mBAAmB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;YAC7C,CAAC;SAAA,CAAC,CAAA;IACJ,CAAC;CAAA,CAAC,CAAA","sourcesContent":["import { describe } from 'mocha'\nimport { CryptoPrimitives } from '../../../icc-x-api/crypto/CryptoPrimitives'\nimport { webcrypto } from 'crypto'\nimport { FakeEncryptionKeysManager } from '../../utils/FakeEncryptionKeysManager'\nimport { SecureDelegationsSecurityMetadataDecryptor } from '../../../icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor'\nimport { SecureDelegationsEncryption } from '../../../icc-x-api/crypto/SecureDelegationsEncryption'\nimport { EntityWithDelegationTypeName, hex2ua, ShaVersion, ua2hex } from '../../../icc-x-api'\nimport { SecureDelegationsManager } from '../../../icc-x-api/crypto/SecureDelegationsManager'\nimport { AccessControlSecretUtils } from '../../../icc-x-api/crypto/AccessControlSecretUtils'\nimport { ExchangeDataManager, initialiseExchangeDataManagerForCurrentDataOwner } from '../../../icc-x-api/crypto/ExchangeDataManager'\nimport { BaseExchangeDataManager } from '../../../icc-x-api/crypto/BaseExchangeDataManager'\nimport { FakeExchangeDataApi } from '../../utils/FakeExchangeDataApi'\nimport { FakeDataOwnerApi } from '../../utils/FakeDataOwnerApi'\nimport { TestCryptoStrategies } from '../../utils/TestCryptoStrategies'\nimport { FakeSignatureKeysManager } from '../../utils/FakeSignatureKeysManager'\nimport { KeyPair } from '../../../icc-x-api/crypto/RSA'\nimport { EntityShareRequest } from '../../../icc-api/model/requests/EntityShareRequest'\nimport { expect } from 'chai'\nimport { EncryptedEntityStub } from '../../../icc-api/model/models'\nimport { SecurityMetadata } from '../../../icc-api/model/SecurityMetadata'\nimport { SecureDelegation } from '../../../icc-api/model/SecureDelegation'\nimport { asyncGeneratorToArray } from '../../../icc-x-api/utils/collection-utils'\nimport { EntitySharedMetadataUpdateRequest } from '../../../icc-api/model/requests/EntitySharedMetadataUpdateRequest'\nimport { fingerprintV2 } from '../../../icc-x-api/crypto/utils'\nimport { DataOwnerTypeEnum } from '../../../icc-api/model/DataOwnerTypeEnum'\nimport { FakeExchangeDataMapManager } from '../../utils/FakeExchangeDataMapManager'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionInternal\nimport EntryUpdateTypeEnum = EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum\n\ndescribe('Secure delegations manager', async function () {\n const primitives = new CryptoPrimitives(webcrypto as any)\n let selfId: string\n let selfKeyFp: string\n let selfKeypair: KeyPair<CryptoKey>\n let delegateId: string\n let delegateKeyFp: string\n let delegateKeypair: KeyPair<CryptoKey>\n let dataOwnerApi: FakeDataOwnerApi\n let exchangeDataMapManager: FakeExchangeDataMapManager\n let secureDelegationsEncryption: SecureDelegationsEncryption\n let decryptor: SecureDelegationsSecurityMetadataDecryptor\n let manager: SecureDelegationsManager\n let exchangeData: ExchangeDataManager\n let accessControlSecretUtils: AccessControlSecretUtils\n\n async function initialiseComponents(explicitSelf: boolean, explicitDelegate: boolean) {\n selfId = primitives.randomUuid()\n selfKeypair = await primitives.RSA.generateKeyPair(ShaVersion.Sha256)\n selfKeyFp = ua2hex(await primitives.RSA.exportKey(selfKeypair.publicKey, 'spki')).slice(-32)\n delegateId = primitives.randomUuid()\n delegateKeypair = await primitives.RSA.generateKeyPair(ShaVersion.Sha256)\n delegateKeyFp = fingerprintV2(ua2hex(await primitives.RSA.exportKey(delegateKeypair.publicKey, 'spki')))\n dataOwnerApi = new FakeDataOwnerApi(\n {\n id: selfId,\n type: explicitSelf ? DataOwnerTypeEnum.Hcp : DataOwnerTypeEnum.Patient,\n publicKey: ua2hex(await primitives.RSA.exportKey(selfKeypair.publicKey, 'spki')),\n },\n [\n {\n id: delegateId,\n type: explicitDelegate ? DataOwnerTypeEnum.Hcp : DataOwnerTypeEnum.Patient,\n publicKey: ua2hex(await primitives.RSA.exportKey(delegateKeypair.publicKey, 'spki')),\n },\n ]\n )\n const cryptoStrategies = new TestCryptoStrategies()\n const exchangeDataApi = new FakeExchangeDataApi()\n accessControlSecretUtils = new AccessControlSecretUtils(primitives)\n const encryptionKeysManager = await FakeEncryptionKeysManager.create(primitives, [selfKeypair])\n const signatureKeysManager = new FakeSignatureKeysManager(primitives)\n const baseExchangeData = new BaseExchangeDataManager(exchangeDataApi, dataOwnerApi, primitives, !explicitSelf)\n exchangeData = await initialiseExchangeDataManagerForCurrentDataOwner(\n baseExchangeData,\n encryptionKeysManager,\n signatureKeysManager,\n accessControlSecretUtils,\n cryptoStrategies,\n dataOwnerApi,\n primitives,\n true\n )\n exchangeDataMapManager = new FakeExchangeDataMapManager()\n secureDelegationsEncryption = new SecureDelegationsEncryption(encryptionKeysManager, primitives)\n decryptor = new SecureDelegationsSecurityMetadataDecryptor(exchangeData, exchangeDataMapManager, secureDelegationsEncryption, dataOwnerApi)\n manager = new SecureDelegationsManager(\n exchangeData,\n exchangeDataMapManager,\n secureDelegationsEncryption,\n accessControlSecretUtils,\n encryptionKeysManager,\n primitives,\n dataOwnerApi,\n cryptoStrategies,\n !explicitSelf\n )\n }\n\n it('should make a share request which will create a decryptable secure delegation.', async function () {\n async function doTest(explicitSelf: boolean, explicitDelegate: boolean) {\n await initialiseComponents(explicitSelf, explicitDelegate)\n const secretIds = [ua2hex(primitives.randomBytes(16)), ua2hex(primitives.randomBytes(16))]\n const encryptionKeys = [ua2hex(primitives.randomBytes(16))]\n const owningEntityIds = [ua2hex(primitives.randomBytes(16)), ua2hex(primitives.randomBytes(16)), ua2hex(primitives.randomBytes(16))]\n const entityType = EntityWithDelegationTypeName.Patient\n const shareOrUpdateParams = await manager.makeShareOrUpdateRequestParams(\n { entity: { secretForeignKeys: [] }, type: entityType },\n delegateId,\n secretIds,\n encryptionKeys,\n owningEntityIds,\n EntityShareRequest.RequestedPermissionEnum.MAX_WRITE\n )\n expect(shareOrUpdateParams).to.not.be.undefined\n expect(shareOrUpdateParams!.update).to.be.undefined\n expect(shareOrUpdateParams!.share).to.not.be.undefined\n const shareParams = shareOrUpdateParams!.share!\n expect(shareParams.accessControlKeys).to.have.length(1)\n if (explicitSelf && explicitDelegate) {\n expect(shareParams.exchangeDataId).to.not.be.undefined\n expect(Object.entries(shareParams.encryptedExchangeDataId ?? {})).to.have.length(0)\n } else if (explicitSelf && !explicitDelegate) {\n expect(shareParams.exchangeDataId).to.be.undefined\n expect(Object.entries(shareParams.encryptedExchangeDataId ?? {})).to.have.length(1)\n expect(shareParams.encryptedExchangeDataId![selfKeyFp]).to.not.be.undefined\n } else if (!explicitSelf && explicitDelegate) {\n expect(shareParams.exchangeDataId).to.be.undefined\n expect(Object.entries(shareParams.encryptedExchangeDataId ?? {})).to.have.length(1)\n expect(shareParams.encryptedExchangeDataId![delegateKeyFp]).to.not.be.undefined\n } else {\n expect(shareParams.exchangeDataId).to.be.undefined\n expect(Object.entries(shareParams.encryptedExchangeDataId ?? {})).to.have.length(0)\n }\n const secDelKey = ua2hex(await primitives.sha256(hex2ua(shareParams.accessControlKeys[0])))\n const fakeEntity: { entity: EncryptedEntityStub; type: EntityWithDelegationTypeName } = {\n entity: {\n secretForeignKeys: [],\n securityMetadata: new SecurityMetadata({\n secureDelegations: {\n [secDelKey]: new SecureDelegation({\n delegator: shareParams.explicitDelegator,\n delegate: shareParams.explicitDelegate,\n secretIds: shareParams.secretIds,\n encryptionKeys: shareParams.encryptionKeys,\n owningEntityIds: shareParams.owningEntityIds,\n exchangeDataId: shareParams.exchangeDataId,\n encryptedExchangeDataId: shareParams.encryptedExchangeDataId,\n permissions: SecureDelegation.AccessLevelEnum.WRITE,\n }),\n },\n }),\n },\n type: EntityWithDelegationTypeName.Patient,\n }\n await exchangeDataMapManager.createExchangeDataMaps({ [secDelKey]: shareParams.encryptedExchangeDataId! })\n await exchangeData.clearOrRepopulateCache()\n const decryptedSecretIds = (await asyncGeneratorToArray(decryptor.decryptSecretIdsOf(fakeEntity, [selfId]))).map((x) => x.decrypted)\n const decryptedEncryptionKeys = (await asyncGeneratorToArray(decryptor.decryptEncryptionKeysOf(fakeEntity, [selfId]))).map((x) => x.decrypted)\n const decryptedOwningEntityIds = (await asyncGeneratorToArray(decryptor.decryptOwningEntityIdsOf(fakeEntity, [selfId]))).map((x) => x.decrypted)\n expect(decryptedSecretIds).to.have.length(secretIds.length)\n for (const secretId of secretIds) {\n expect(decryptedSecretIds).to.include(secretId)\n }\n expect(decryptedEncryptionKeys).to.have.length(encryptionKeys.length)\n for (const encryptionKey of encryptionKeys) {\n expect(decryptedEncryptionKeys).to.include(encryptionKey)\n }\n expect(decryptedOwningEntityIds).to.have.length(owningEntityIds.length)\n for (const owningEntityId of owningEntityIds) {\n expect(decryptedOwningEntityIds).to.include(owningEntityId)\n }\n }\n console.log('Patient->Patient')\n await doTest(false, false)\n console.log('Hcp->Patient')\n await doTest(true, false)\n console.log('Patient->Hcp')\n await doTest(false, true)\n console.log('Hcp->Hcp')\n await doTest(true, true)\n })\n\n it('should make an update request which the missing entries for existing secure delegations.', async function () {\n async function doTest(makeAccessibleFromAlias: boolean) {\n await initialiseComponents(false, false)\n const canonicalSfk = primitives.randomUuid()\n const aliasSfk = primitives.randomUuid()\n const exchangeDataInfo = await exchangeData.getOrCreateEncryptionDataTo(delegateId, EntityWithDelegationTypeName.Patient, [], false)\n const canonicalKey = await accessControlSecretUtils.secureDelegationKeyFor(\n exchangeDataInfo.accessControlSecret,\n EntityWithDelegationTypeName.Patient,\n canonicalSfk\n )\n const aliasKey = await accessControlSecretUtils.secureDelegationKeyFor(\n exchangeDataInfo.accessControlSecret,\n EntityWithDelegationTypeName.Patient,\n aliasSfk\n )\n const existingSecretIds = [ua2hex(primitives.randomBytes(16))]\n const newSecretIds = [ua2hex(primitives.randomBytes(16))]\n const existingEncryptionKeys: string[] = []\n const newEncryptionKeys = [ua2hex(primitives.randomBytes(16))]\n const existingOwningEntityIds = [ua2hex(primitives.randomBytes(16))]\n const newOwningEntityIds: string[] = []\n const fakeEntity: { entity: EncryptedEntityStub; type: EntityWithDelegationTypeName } = {\n entity: {\n secretForeignKeys: makeAccessibleFromAlias ? [aliasSfk] : [canonicalSfk],\n securityMetadata: new SecurityMetadata({\n secureDelegations: {\n [canonicalKey]: new SecureDelegation({\n delegator: selfId,\n delegate: selfId,\n secretIds: await secureDelegationsEncryption.encryptSecretIds(existingSecretIds, exchangeDataInfo.exchangeKey),\n encryptionKeys: await secureDelegationsEncryption.encryptEncryptionKeys(existingEncryptionKeys, exchangeDataInfo.exchangeKey),\n owningEntityIds: await secureDelegationsEncryption.encryptOwningEntityIds(existingOwningEntityIds, exchangeDataInfo.exchangeKey),\n permissions: SecureDelegation.AccessLevelEnum.WRITE,\n }),\n },\n keysEquivalences: { [aliasKey]: canonicalKey },\n }),\n },\n type: EntityWithDelegationTypeName.Patient,\n }\n const shareOrUpdateParams = await manager.makeShareOrUpdateRequestParams(\n fakeEntity,\n delegateId,\n [...existingSecretIds, ...newSecretIds],\n [...existingEncryptionKeys, ...newEncryptionKeys],\n [...existingOwningEntityIds, ...newOwningEntityIds],\n RequestedPermissionEnum.MAX_WRITE\n )\n expect(shareOrUpdateParams).to.not.be.undefined\n expect(shareOrUpdateParams!.share).to.be.undefined\n expect(shareOrUpdateParams!.update).to.not.be.undefined\n const updateParams = shareOrUpdateParams!.update!\n expect(updateParams.metadataAccessControlHash).to.equal(canonicalKey)\n expect(Object.keys(updateParams.secretIds ?? {})).to.have.length(newSecretIds.length)\n for (const [secretId, updateType] of Object.entries(updateParams.secretIds ?? {})) {\n expect(updateType).to.equal(EntryUpdateTypeEnum.CREATE)\n expect(newSecretIds).to.contain(await secureDelegationsEncryption.decryptSecretId(secretId, exchangeDataInfo.exchangeKey))\n }\n expect(Object.keys(updateParams.encryptionKeys ?? {})).to.have.length(newEncryptionKeys.length)\n for (const [encryptionKey, updateType] of Object.entries(updateParams.encryptionKeys ?? {})) {\n expect(updateType).to.equal(EntryUpdateTypeEnum.CREATE)\n expect(newEncryptionKeys).to.contain(await secureDelegationsEncryption.decryptEncryptionKey(encryptionKey, exchangeDataInfo.exchangeKey))\n }\n expect(Object.keys(updateParams.owningEntityIds ?? {})).to.have.length(newOwningEntityIds.length)\n for (const [owningEntityId, updateType] of Object.entries(updateParams.owningEntityIds ?? {})) {\n expect(updateType).to.equal(EntryUpdateTypeEnum.CREATE)\n expect(newOwningEntityIds).to.contain(await secureDelegationsEncryption.decryptOwningEntityId(owningEntityId, exchangeDataInfo.exchangeKey))\n }\n }\n await doTest(true)\n await doTest(false)\n })\n\n it('should return undefined for existing secure delegations if it contains all entries.', async function () {\n await initialiseComponents(false, false)\n const canonicalSfk = primitives.randomUuid()\n const exchangeDataInfo = await exchangeData.getOrCreateEncryptionDataTo(delegateId, EntityWithDelegationTypeName.Patient, [], false)\n const canonicalKey = await accessControlSecretUtils.secureDelegationKeyFor(\n exchangeDataInfo.accessControlSecret,\n EntityWithDelegationTypeName.Patient,\n canonicalSfk\n )\n const existingSecretIds = [ua2hex(primitives.randomBytes(16))]\n const existingEncryptionKeys: string[] = []\n const existingOwningEntityIds = [ua2hex(primitives.randomBytes(16))]\n const fakeEntity: { entity: EncryptedEntityStub; type: EntityWithDelegationTypeName } = {\n entity: {\n secretForeignKeys: [canonicalSfk],\n securityMetadata: new SecurityMetadata({\n secureDelegations: {\n [canonicalKey]: new SecureDelegation({\n delegator: selfId,\n delegate: selfId,\n secretIds: await secureDelegationsEncryption.encryptSecretIds(existingSecretIds, exchangeDataInfo.exchangeKey),\n encryptionKeys: await secureDelegationsEncryption.encryptEncryptionKeys(existingEncryptionKeys, exchangeDataInfo.exchangeKey),\n owningEntityIds: await secureDelegationsEncryption.encryptOwningEntityIds(existingOwningEntityIds, exchangeDataInfo.exchangeKey),\n permissions: SecureDelegation.AccessLevelEnum.WRITE,\n }),\n },\n }),\n },\n type: EntityWithDelegationTypeName.Patient,\n }\n const shareOrUpdateParams = await manager.makeShareOrUpdateRequestParams(\n fakeEntity,\n delegateId,\n [...existingSecretIds],\n [...existingEncryptionKeys],\n [...existingOwningEntityIds],\n RequestedPermissionEnum.MAX_WRITE\n )\n expect(shareOrUpdateParams).to.be.undefined\n })\n})\n"]}
|
|
1
|
+
{"version":3,"file":"secure-delegations-manager-test.js","sourceRoot":"","sources":["../../../../test/icc-x-api/crypto/secure-delegations-manager-test.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,iCAAgC;AAChC,iFAA6E;AAC7E,mCAAkC;AAClC,qFAAiF;AACjF,qIAAiI;AACjI,uGAAmG;AACnG,kDAA6F;AAC7F,iGAA6F;AAC7F,iGAA6F;AAC7F,uFAAqI;AACrI,+FAA2F;AAC3F,yEAAqE;AACrE,mEAA+D;AAC/D,2EAAuE;AACvE,mFAA+E;AAE/E,2FAAuF;AACvF,+BAA6B;AAE7B,8EAA0E;AAC1E,8EAA0E;AAC1E,gFAAiF;AACjF,yHAAqH;AACrH,2DAAkF;AAClF,gFAA4E;AAC5E,uFAAmF;AACnF,IAAO,uBAAuB,GAAG,uCAAkB,CAAC,2BAA2B,CAAA;AAC/E,IAAO,mBAAmB,GAAG,qEAAiC,CAAC,mBAAmB,CAAA;AAElF,IAAA,gBAAQ,EAAC,4BAA4B,EAAE;;QACrC,MAAM,UAAU,GAAG,IAAI,mCAAgB,CAAC,kBAAgB,CAAC,CAAA;QACzD,IAAI,MAAc,CAAA;QAClB,IAAI,SAAiB,CAAA;QACrB,IAAI,WAA+B,CAAA;QACnC,IAAI,UAAkB,CAAA;QACtB,IAAI,aAAqB,CAAA;QACzB,IAAI,eAAmC,CAAA;QACvC,IAAI,YAA8B,CAAA;QAClC,IAAI,sBAAkD,CAAA;QACtD,IAAI,2BAAwD,CAAA;QAC5D,IAAI,SAAqD,CAAA;QACzD,IAAI,OAAiC,CAAA;QACrC,IAAI,YAAiC,CAAA;QACrC,IAAI,wBAAkD,CAAA;QAEtD,SAAe,oBAAoB,CAAC,YAAqB,EAAE,gBAAyB;;gBAClF,MAAM,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;gBAChC,WAAW,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,eAAe,CAAC,sBAAU,CAAC,MAAM,CAAC,CAAA;gBACrE,SAAS,GAAG,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,WAAW,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;gBAC5F,UAAU,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;gBACpC,eAAe,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,eAAe,CAAC,sBAAU,CAAC,MAAM,CAAC,CAAA;gBACzE,aAAa,GAAG,IAAA,qBAAa,EAAC,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,CAAA;gBACxG,YAAY,GAAG,IAAI,mCAAgB,CACjC;oBACE,EAAE,EAAE,MAAM;oBACV,IAAI,EAAE,YAAY,CAAC,CAAC,CAAC,qCAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,qCAAiB,CAAC,OAAO;oBACtE,SAAS,EAAE,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,WAAW,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;iBACjF,EACD;oBACE;wBACE,EAAE,EAAE,UAAU;wBACd,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,qCAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,qCAAiB,CAAC,OAAO;wBAC1E,SAAS,EAAE,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;qBACrF;iBACF,CACF,CAAA;gBACD,MAAM,gBAAgB,GAAG,IAAI,2CAAoB,EAAE,CAAA;gBACnD,MAAM,eAAe,GAAG,IAAI,yCAAmB,EAAE,CAAA;gBACjD,wBAAwB,GAAG,IAAI,mDAAwB,CAAC,UAAU,CAAC,CAAA;gBACnE,MAAM,qBAAqB,GAAG,MAAM,qDAAyB,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,WAAW,CAAC,CAAC,CAAA;gBAC/F,MAAM,oBAAoB,GAAG,IAAI,mDAAwB,CAAC,UAAU,CAAC,CAAA;gBACrE,MAAM,gBAAgB,GAAG,IAAI,iDAAuB,CAAC,eAAe,EAAE,YAAY,EAAE,UAAU,EAAE,CAAC,YAAY,CAAC,CAAA;gBAC9G,YAAY,GAAG,MAAM,IAAA,sEAAgD,EACnE,gBAAgB,EAChB,qBAAqB,EACrB,oBAAoB,EACpB,wBAAwB,EACxB,gBAAgB,EAChB,YAAY,EACZ,UAAU,EACV,IAAI,CACL,CAAA;gBACD,sBAAsB,GAAG,IAAI,uDAA0B,EAAE,CAAA;gBACzD,2BAA2B,GAAG,IAAI,yDAA2B,CAAC,qBAAqB,EAAE,UAAU,CAAC,CAAA;gBAChG,SAAS,GAAG,IAAI,uFAA0C,CAAC,YAAY,EAAE,sBAAsB,EAAE,2BAA2B,EAAE,YAAY,CAAC,CAAA;gBAC3I,OAAO,GAAG,IAAI,mDAAwB,CACpC,YAAY,EACZ,sBAAsB,EACtB,2BAA2B,EAC3B,wBAAwB,EACxB,qBAAqB,EACrB,UAAU,EACV,YAAY,EACZ,gBAAgB,EAChB,CAAC,YAAY,CACd,CAAA;YACH,CAAC;SAAA;QAED,EAAE,CAAC,gFAAgF,EAAE;;gBACnF,SAAe,MAAM,CAAC,YAAqB,EAAE,gBAAyB;;;wBACpE,MAAM,oBAAoB,CAAC,YAAY,EAAE,gBAAgB,CAAC,CAAA;wBAC1D,MAAM,SAAS,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,EAAE,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBAC1F,MAAM,cAAc,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBAC3D,MAAM,eAAe,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,EAAE,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,EAAE,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBACpI,MAAM,UAAU,GAAG,wCAA4B,CAAC,OAAO,CAAA;wBACvD,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,8BAA8B,CACtE,EAAE,MAAM,EAAE,EAAE,iBAAiB,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,EACvD,UAAU,EACV,SAAS,EACT,cAAc,EACd,eAAe,EACf,uCAAkB,CAAC,uBAAuB,CAAC,SAAS,CACrD,CAAA;wBACD,IAAA,aAAM,EAAC,mBAAmB,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;wBAC/C,IAAA,aAAM,EAAC,mBAAoB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;wBACnD,IAAA,aAAM,EAAC,mBAAoB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;wBACtD,MAAM,WAAW,GAAG,mBAAoB,CAAC,KAAM,CAAA;wBAC/C,IAAA,aAAM,EAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;wBACvD,IAAI,YAAY,IAAI,gBAAgB,EAAE;4BACpC,IAAA,aAAM,EAAC,WAAW,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;4BACtD,IAAA,aAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAA,WAAW,CAAC,uBAAuB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;yBACpF;6BAAM,IAAI,YAAY,IAAI,CAAC,gBAAgB,EAAE;4BAC5C,IAAA,aAAM,EAAC,WAAW,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;4BAClD,IAAA,aAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAA,WAAW,CAAC,uBAAuB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;4BACnF,IAAA,aAAM,EAAC,WAAW,CAAC,uBAAwB,CAAC,IAAA,yBAAiB,EAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;yBAC/F;6BAAM,IAAI,CAAC,YAAY,IAAI,gBAAgB,EAAE;4BAC5C,IAAA,aAAM,EAAC,WAAW,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;4BAClD,IAAA,aAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAA,WAAW,CAAC,uBAAuB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;4BACnF,IAAA,aAAM,EAAC,WAAW,CAAC,uBAAwB,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;yBAChF;6BAAM;4BACL,IAAA,aAAM,EAAC,WAAW,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;4BAClD,IAAA,aAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAA,WAAW,CAAC,uBAAuB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;yBACpF;wBACD,MAAM,SAAS,GAAG,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,MAAM,CAAC,IAAA,kBAAM,EAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;wBAC3F,MAAM,UAAU,GAAwE;4BACtF,MAAM,EAAE;gCACN,iBAAiB,EAAE,EAAE;gCACrB,gBAAgB,EAAE,IAAI,mCAAgB,CAAC;oCACrC,iBAAiB,EAAE;wCACjB,CAAC,SAAS,CAAC,EAAE,IAAI,mCAAgB,CAAC;4CAChC,SAAS,EAAE,WAAW,CAAC,iBAAiB;4CACxC,QAAQ,EAAE,WAAW,CAAC,gBAAgB;4CACtC,SAAS,EAAE,WAAW,CAAC,SAAS;4CAChC,cAAc,EAAE,WAAW,CAAC,cAAc;4CAC1C,eAAe,EAAE,WAAW,CAAC,eAAe;4CAC5C,cAAc,EAAE,WAAW,CAAC,cAAc;4CAC1C,uBAAuB,EAAE,WAAW,CAAC,uBAAuB;4CAC5D,WAAW,EAAE,mCAAgB,CAAC,eAAe,CAAC,KAAK;yCACpD,CAAC;qCACH;iCACF,CAAC;6BACH;4BACD,IAAI,EAAE,wCAA4B,CAAC,OAAO;yBAC3C,CAAA;wBACD,MAAM,sBAAsB,CAAC,sBAAsB,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,WAAW,CAAC,uBAAwB,EAAE,CAAC,CAAA;wBAC1G,MAAM,YAAY,CAAC,sBAAsB,EAAE,CAAA;wBAC3C,MAAM,kBAAkB,GAAG,CAAC,MAAM,IAAA,wCAAqB,EAAC,SAAS,CAAC,kBAAkB,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;wBACpI,MAAM,uBAAuB,GAAG,CAAC,MAAM,IAAA,wCAAqB,EAAC,SAAS,CAAC,uBAAuB,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;wBAC9I,MAAM,wBAAwB,GAAG,CAAC,MAAM,IAAA,wCAAqB,EAAC,SAAS,CAAC,wBAAwB,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;wBAChJ,IAAA,aAAM,EAAC,kBAAkB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;wBAC3D,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE;4BAChC,IAAA,aAAM,EAAC,kBAAkB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;yBAChD;wBACD,IAAA,aAAM,EAAC,uBAAuB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,CAAA;wBACrE,KAAK,MAAM,aAAa,IAAI,cAAc,EAAE;4BAC1C,IAAA,aAAM,EAAC,uBAAuB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;yBAC1D;wBACD,IAAA,aAAM,EAAC,wBAAwB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAA;wBACvE,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE;4BAC5C,IAAA,aAAM,EAAC,wBAAwB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;yBAC5D;;iBACF;gBACD,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;gBAC/B,MAAM,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;gBAC1B,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAA;gBAC3B,MAAM,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;gBACzB,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAA;gBAC3B,MAAM,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;gBACzB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;gBACvB,MAAM,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;YAC1B,CAAC;SAAA,CAAC,CAAA;QAEF,EAAE,CAAC,0FAA0F,EAAE;;gBAC7F,SAAe,MAAM,CAAC,uBAAgC;;;wBACpD,MAAM,oBAAoB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;wBACxC,MAAM,YAAY,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;wBAC5C,MAAM,QAAQ,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;wBACxC,MAAM,gBAAgB,GAAG,MAAM,YAAY,CAAC,2BAA2B,CAAC,UAAU,EAAE,wCAA4B,CAAC,OAAO,EAAE,EAAE,EAAE,KAAK,CAAC,CAAA;wBACpI,MAAM,YAAY,GAAG,MAAM,wBAAwB,CAAC,sBAAsB,CACxE,gBAAgB,CAAC,mBAAmB,EACpC,wCAA4B,CAAC,OAAO,EACpC,YAAY,CACb,CAAA;wBACD,MAAM,QAAQ,GAAG,MAAM,wBAAwB,CAAC,sBAAsB,CACpE,gBAAgB,CAAC,mBAAmB,EACpC,wCAA4B,CAAC,OAAO,EACpC,QAAQ,CACT,CAAA;wBACD,MAAM,iBAAiB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBAC9D,MAAM,YAAY,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBACzD,MAAM,sBAAsB,GAAa,EAAE,CAAA;wBAC3C,MAAM,iBAAiB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBAC9D,MAAM,uBAAuB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBACpE,MAAM,kBAAkB,GAAa,EAAE,CAAA;wBACvC,MAAM,UAAU,GAAwE;4BACtF,MAAM,EAAE;gCACN,iBAAiB,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC;gCACxE,gBAAgB,EAAE,IAAI,mCAAgB,CAAC;oCACrC,iBAAiB,EAAE;wCACjB,CAAC,YAAY,CAAC,EAAE,IAAI,mCAAgB,CAAC;4CACnC,SAAS,EAAE,MAAM;4CACjB,QAAQ,EAAE,MAAM;4CAChB,SAAS,EAAE,MAAM,2BAA2B,CAAC,gBAAgB,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,WAAW,CAAC;4CAC9G,cAAc,EAAE,MAAM,2BAA2B,CAAC,qBAAqB,CAAC,sBAAsB,EAAE,gBAAgB,CAAC,WAAW,CAAC;4CAC7H,eAAe,EAAE,MAAM,2BAA2B,CAAC,sBAAsB,CAAC,uBAAuB,EAAE,gBAAgB,CAAC,WAAW,CAAC;4CAChI,WAAW,EAAE,mCAAgB,CAAC,eAAe,CAAC,KAAK;yCACpD,CAAC;qCACH;oCACD,gBAAgB,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,YAAY,EAAE;iCAC/C,CAAC;6BACH;4BACD,IAAI,EAAE,wCAA4B,CAAC,OAAO;yBAC3C,CAAA;wBACD,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,8BAA8B,CACtE,UAAU,EACV,UAAU,EACV,CAAC,GAAG,iBAAiB,EAAE,GAAG,YAAY,CAAC,EACvC,CAAC,GAAG,sBAAsB,EAAE,GAAG,iBAAiB,CAAC,EACjD,CAAC,GAAG,uBAAuB,EAAE,GAAG,kBAAkB,CAAC,EACnD,uBAAuB,CAAC,SAAS,CAClC,CAAA;wBACD,IAAA,aAAM,EAAC,mBAAmB,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;wBAC/C,IAAA,aAAM,EAAC,mBAAoB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;wBAClD,IAAA,aAAM,EAAC,mBAAoB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;wBACvD,MAAM,YAAY,GAAG,mBAAoB,CAAC,MAAO,CAAA;wBACjD,IAAA,aAAM,EAAC,YAAY,CAAC,yBAAyB,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;wBACrE,IAAA,aAAM,EAAC,MAAM,CAAC,IAAI,CAAC,MAAA,YAAY,CAAC,SAAS,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;wBACrF,KAAK,MAAM,CAAC,QAAQ,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAA,YAAY,CAAC,SAAS,mCAAI,EAAE,CAAC,EAAE;4BACjF,IAAA,aAAM,EAAC,UAAU,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAA;4BACvD,IAAA,aAAM,EAAC,YAAY,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,2BAA2B,CAAC,eAAe,CAAC,QAAQ,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAA;yBAC3H;wBACD,IAAA,aAAM,EAAC,MAAM,CAAC,IAAI,CAAC,MAAA,YAAY,CAAC,cAAc,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAA;wBAC/F,KAAK,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAA,YAAY,CAAC,cAAc,mCAAI,EAAE,CAAC,EAAE;4BAC3F,IAAA,aAAM,EAAC,UAAU,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAA;4BACvD,IAAA,aAAM,EAAC,iBAAiB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,2BAA2B,CAAC,oBAAoB,CAAC,aAAa,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAA;yBAC1I;wBACD,IAAA,aAAM,EAAC,MAAM,CAAC,IAAI,CAAC,MAAA,YAAY,CAAC,eAAe,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAA;wBACjG,KAAK,MAAM,CAAC,cAAc,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAA,YAAY,CAAC,eAAe,mCAAI,EAAE,CAAC,EAAE;4BAC7F,IAAA,aAAM,EAAC,UAAU,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAA;4BACvD,IAAA,aAAM,EAAC,kBAAkB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,2BAA2B,CAAC,qBAAqB,CAAC,cAAc,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAA;yBAC7I;;iBACF;gBACD,MAAM,MAAM,CAAC,IAAI,CAAC,CAAA;gBAClB,MAAM,MAAM,CAAC,KAAK,CAAC,CAAA;YACrB,CAAC;SAAA,CAAC,CAAA;QAEF,EAAE,CAAC,qFAAqF,EAAE;;gBACxF,MAAM,oBAAoB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;gBACxC,MAAM,YAAY,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;gBAC5C,MAAM,gBAAgB,GAAG,MAAM,YAAY,CAAC,2BAA2B,CAAC,UAAU,EAAE,wCAA4B,CAAC,OAAO,EAAE,EAAE,EAAE,KAAK,CAAC,CAAA;gBACpI,MAAM,YAAY,GAAG,MAAM,wBAAwB,CAAC,sBAAsB,CACxE,gBAAgB,CAAC,mBAAmB,EACpC,wCAA4B,CAAC,OAAO,EACpC,YAAY,CACb,CAAA;gBACD,MAAM,iBAAiB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBAC9D,MAAM,sBAAsB,GAAa,EAAE,CAAA;gBAC3C,MAAM,uBAAuB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBACpE,MAAM,UAAU,GAAwE;oBACtF,MAAM,EAAE;wBACN,iBAAiB,EAAE,CAAC,YAAY,CAAC;wBACjC,gBAAgB,EAAE,IAAI,mCAAgB,CAAC;4BACrC,iBAAiB,EAAE;gCACjB,CAAC,YAAY,CAAC,EAAE,IAAI,mCAAgB,CAAC;oCACnC,SAAS,EAAE,MAAM;oCACjB,QAAQ,EAAE,MAAM;oCAChB,SAAS,EAAE,MAAM,2BAA2B,CAAC,gBAAgB,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,WAAW,CAAC;oCAC9G,cAAc,EAAE,MAAM,2BAA2B,CAAC,qBAAqB,CAAC,sBAAsB,EAAE,gBAAgB,CAAC,WAAW,CAAC;oCAC7H,eAAe,EAAE,MAAM,2BAA2B,CAAC,sBAAsB,CAAC,uBAAuB,EAAE,gBAAgB,CAAC,WAAW,CAAC;oCAChI,WAAW,EAAE,mCAAgB,CAAC,eAAe,CAAC,KAAK;iCACpD,CAAC;6BACH;yBACF,CAAC;qBACH;oBACD,IAAI,EAAE,wCAA4B,CAAC,OAAO;iBAC3C,CAAA;gBACD,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,8BAA8B,CACtE,UAAU,EACV,UAAU,EACV,CAAC,GAAG,iBAAiB,CAAC,EACtB,CAAC,GAAG,sBAAsB,CAAC,EAC3B,CAAC,GAAG,uBAAuB,CAAC,EAC5B,uBAAuB,CAAC,SAAS,CAClC,CAAA;gBACD,IAAA,aAAM,EAAC,mBAAmB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;YAC7C,CAAC;SAAA,CAAC,CAAA;IACJ,CAAC;CAAA,CAAC,CAAA","sourcesContent":["import { describe } from 'mocha'\nimport { CryptoPrimitives } from '../../../icc-x-api/crypto/CryptoPrimitives'\nimport { webcrypto } from 'crypto'\nimport { FakeEncryptionKeysManager } from '../../utils/FakeEncryptionKeysManager'\nimport { SecureDelegationsSecurityMetadataDecryptor } from '../../../icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor'\nimport { SecureDelegationsEncryption } from '../../../icc-x-api/crypto/SecureDelegationsEncryption'\nimport { EntityWithDelegationTypeName, hex2ua, ShaVersion, ua2hex } from '../../../icc-x-api'\nimport { SecureDelegationsManager } from '../../../icc-x-api/crypto/SecureDelegationsManager'\nimport { AccessControlSecretUtils } from '../../../icc-x-api/crypto/AccessControlSecretUtils'\nimport { ExchangeDataManager, initialiseExchangeDataManagerForCurrentDataOwner } from '../../../icc-x-api/crypto/ExchangeDataManager'\nimport { BaseExchangeDataManager } from '../../../icc-x-api/crypto/BaseExchangeDataManager'\nimport { FakeExchangeDataApi } from '../../utils/FakeExchangeDataApi'\nimport { FakeDataOwnerApi } from '../../utils/FakeDataOwnerApi'\nimport { TestCryptoStrategies } from '../../utils/TestCryptoStrategies'\nimport { FakeSignatureKeysManager } from '../../utils/FakeSignatureKeysManager'\nimport { KeyPair } from '../../../icc-x-api/crypto/RSA'\nimport { EntityShareRequest } from '../../../icc-api/model/requests/EntityShareRequest'\nimport { expect } from 'chai'\nimport { EncryptedEntityStub } from '../../../icc-api/model/models'\nimport { SecurityMetadata } from '../../../icc-api/model/SecurityMetadata'\nimport { SecureDelegation } from '../../../icc-api/model/SecureDelegation'\nimport { asyncGeneratorToArray } from '../../../icc-x-api/utils/collection-utils'\nimport { EntitySharedMetadataUpdateRequest } from '../../../icc-api/model/requests/EntitySharedMetadataUpdateRequest'\nimport { fingerprintV1toV2, fingerprintV2 } from '../../../icc-x-api/crypto/utils'\nimport { DataOwnerTypeEnum } from '../../../icc-api/model/DataOwnerTypeEnum'\nimport { FakeExchangeDataMapManager } from '../../utils/FakeExchangeDataMapManager'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionInternal\nimport EntryUpdateTypeEnum = EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum\n\ndescribe('Secure delegations manager', async function () {\n const primitives = new CryptoPrimitives(webcrypto as any)\n let selfId: string\n let selfKeyFp: string\n let selfKeypair: KeyPair<CryptoKey>\n let delegateId: string\n let delegateKeyFp: string\n let delegateKeypair: KeyPair<CryptoKey>\n let dataOwnerApi: FakeDataOwnerApi\n let exchangeDataMapManager: FakeExchangeDataMapManager\n let secureDelegationsEncryption: SecureDelegationsEncryption\n let decryptor: SecureDelegationsSecurityMetadataDecryptor\n let manager: SecureDelegationsManager\n let exchangeData: ExchangeDataManager\n let accessControlSecretUtils: AccessControlSecretUtils\n\n async function initialiseComponents(explicitSelf: boolean, explicitDelegate: boolean) {\n selfId = primitives.randomUuid()\n selfKeypair = await primitives.RSA.generateKeyPair(ShaVersion.Sha256)\n selfKeyFp = ua2hex(await primitives.RSA.exportKey(selfKeypair.publicKey, 'spki')).slice(-32)\n delegateId = primitives.randomUuid()\n delegateKeypair = await primitives.RSA.generateKeyPair(ShaVersion.Sha256)\n delegateKeyFp = fingerprintV2(ua2hex(await primitives.RSA.exportKey(delegateKeypair.publicKey, 'spki')))\n dataOwnerApi = new FakeDataOwnerApi(\n {\n id: selfId,\n type: explicitSelf ? DataOwnerTypeEnum.Hcp : DataOwnerTypeEnum.Patient,\n publicKey: ua2hex(await primitives.RSA.exportKey(selfKeypair.publicKey, 'spki')),\n },\n [\n {\n id: delegateId,\n type: explicitDelegate ? DataOwnerTypeEnum.Hcp : DataOwnerTypeEnum.Patient,\n publicKey: ua2hex(await primitives.RSA.exportKey(delegateKeypair.publicKey, 'spki')),\n },\n ]\n )\n const cryptoStrategies = new TestCryptoStrategies()\n const exchangeDataApi = new FakeExchangeDataApi()\n accessControlSecretUtils = new AccessControlSecretUtils(primitives)\n const encryptionKeysManager = await FakeEncryptionKeysManager.create(primitives, [selfKeypair])\n const signatureKeysManager = new FakeSignatureKeysManager(primitives)\n const baseExchangeData = new BaseExchangeDataManager(exchangeDataApi, dataOwnerApi, primitives, !explicitSelf)\n exchangeData = await initialiseExchangeDataManagerForCurrentDataOwner(\n baseExchangeData,\n encryptionKeysManager,\n signatureKeysManager,\n accessControlSecretUtils,\n cryptoStrategies,\n dataOwnerApi,\n primitives,\n true\n )\n exchangeDataMapManager = new FakeExchangeDataMapManager()\n secureDelegationsEncryption = new SecureDelegationsEncryption(encryptionKeysManager, primitives)\n decryptor = new SecureDelegationsSecurityMetadataDecryptor(exchangeData, exchangeDataMapManager, secureDelegationsEncryption, dataOwnerApi)\n manager = new SecureDelegationsManager(\n exchangeData,\n exchangeDataMapManager,\n secureDelegationsEncryption,\n accessControlSecretUtils,\n encryptionKeysManager,\n primitives,\n dataOwnerApi,\n cryptoStrategies,\n !explicitSelf\n )\n }\n\n it('should make a share request which will create a decryptable secure delegation.', async function () {\n async function doTest(explicitSelf: boolean, explicitDelegate: boolean) {\n await initialiseComponents(explicitSelf, explicitDelegate)\n const secretIds = [ua2hex(primitives.randomBytes(16)), ua2hex(primitives.randomBytes(16))]\n const encryptionKeys = [ua2hex(primitives.randomBytes(16))]\n const owningEntityIds = [ua2hex(primitives.randomBytes(16)), ua2hex(primitives.randomBytes(16)), ua2hex(primitives.randomBytes(16))]\n const entityType = EntityWithDelegationTypeName.Patient\n const shareOrUpdateParams = await manager.makeShareOrUpdateRequestParams(\n { entity: { secretForeignKeys: [] }, type: entityType },\n delegateId,\n secretIds,\n encryptionKeys,\n owningEntityIds,\n EntityShareRequest.RequestedPermissionEnum.MAX_WRITE\n )\n expect(shareOrUpdateParams).to.not.be.undefined\n expect(shareOrUpdateParams!.update).to.be.undefined\n expect(shareOrUpdateParams!.share).to.not.be.undefined\n const shareParams = shareOrUpdateParams!.share!\n expect(shareParams.accessControlKeys).to.have.length(1)\n if (explicitSelf && explicitDelegate) {\n expect(shareParams.exchangeDataId).to.not.be.undefined\n expect(Object.entries(shareParams.encryptedExchangeDataId ?? {})).to.have.length(0)\n } else if (explicitSelf && !explicitDelegate) {\n expect(shareParams.exchangeDataId).to.be.undefined\n expect(Object.entries(shareParams.encryptedExchangeDataId ?? {})).to.have.length(1)\n expect(shareParams.encryptedExchangeDataId![fingerprintV1toV2(selfKeyFp)]).to.not.be.undefined\n } else if (!explicitSelf && explicitDelegate) {\n expect(shareParams.exchangeDataId).to.be.undefined\n expect(Object.entries(shareParams.encryptedExchangeDataId ?? {})).to.have.length(1)\n expect(shareParams.encryptedExchangeDataId![delegateKeyFp]).to.not.be.undefined\n } else {\n expect(shareParams.exchangeDataId).to.be.undefined\n expect(Object.entries(shareParams.encryptedExchangeDataId ?? {})).to.have.length(0)\n }\n const secDelKey = ua2hex(await primitives.sha256(hex2ua(shareParams.accessControlKeys[0])))\n const fakeEntity: { entity: EncryptedEntityStub; type: EntityWithDelegationTypeName } = {\n entity: {\n secretForeignKeys: [],\n securityMetadata: new SecurityMetadata({\n secureDelegations: {\n [secDelKey]: new SecureDelegation({\n delegator: shareParams.explicitDelegator,\n delegate: shareParams.explicitDelegate,\n secretIds: shareParams.secretIds,\n encryptionKeys: shareParams.encryptionKeys,\n owningEntityIds: shareParams.owningEntityIds,\n exchangeDataId: shareParams.exchangeDataId,\n encryptedExchangeDataId: shareParams.encryptedExchangeDataId,\n permissions: SecureDelegation.AccessLevelEnum.WRITE,\n }),\n },\n }),\n },\n type: EntityWithDelegationTypeName.Patient,\n }\n await exchangeDataMapManager.createExchangeDataMaps({ [secDelKey]: shareParams.encryptedExchangeDataId! })\n await exchangeData.clearOrRepopulateCache()\n const decryptedSecretIds = (await asyncGeneratorToArray(decryptor.decryptSecretIdsOf(fakeEntity, [selfId]))).map((x) => x.decrypted)\n const decryptedEncryptionKeys = (await asyncGeneratorToArray(decryptor.decryptEncryptionKeysOf(fakeEntity, [selfId]))).map((x) => x.decrypted)\n const decryptedOwningEntityIds = (await asyncGeneratorToArray(decryptor.decryptOwningEntityIdsOf(fakeEntity, [selfId]))).map((x) => x.decrypted)\n expect(decryptedSecretIds).to.have.length(secretIds.length)\n for (const secretId of secretIds) {\n expect(decryptedSecretIds).to.include(secretId)\n }\n expect(decryptedEncryptionKeys).to.have.length(encryptionKeys.length)\n for (const encryptionKey of encryptionKeys) {\n expect(decryptedEncryptionKeys).to.include(encryptionKey)\n }\n expect(decryptedOwningEntityIds).to.have.length(owningEntityIds.length)\n for (const owningEntityId of owningEntityIds) {\n expect(decryptedOwningEntityIds).to.include(owningEntityId)\n }\n }\n console.log('Patient->Patient')\n await doTest(false, false)\n console.log('Hcp->Patient')\n await doTest(true, false)\n console.log('Patient->Hcp')\n await doTest(false, true)\n console.log('Hcp->Hcp')\n await doTest(true, true)\n })\n\n it('should make an update request which the missing entries for existing secure delegations.', async function () {\n async function doTest(makeAccessibleFromAlias: boolean) {\n await initialiseComponents(false, false)\n const canonicalSfk = primitives.randomUuid()\n const aliasSfk = primitives.randomUuid()\n const exchangeDataInfo = await exchangeData.getOrCreateEncryptionDataTo(delegateId, EntityWithDelegationTypeName.Patient, [], false)\n const canonicalKey = await accessControlSecretUtils.secureDelegationKeyFor(\n exchangeDataInfo.accessControlSecret,\n EntityWithDelegationTypeName.Patient,\n canonicalSfk\n )\n const aliasKey = await accessControlSecretUtils.secureDelegationKeyFor(\n exchangeDataInfo.accessControlSecret,\n EntityWithDelegationTypeName.Patient,\n aliasSfk\n )\n const existingSecretIds = [ua2hex(primitives.randomBytes(16))]\n const newSecretIds = [ua2hex(primitives.randomBytes(16))]\n const existingEncryptionKeys: string[] = []\n const newEncryptionKeys = [ua2hex(primitives.randomBytes(16))]\n const existingOwningEntityIds = [ua2hex(primitives.randomBytes(16))]\n const newOwningEntityIds: string[] = []\n const fakeEntity: { entity: EncryptedEntityStub; type: EntityWithDelegationTypeName } = {\n entity: {\n secretForeignKeys: makeAccessibleFromAlias ? [aliasSfk] : [canonicalSfk],\n securityMetadata: new SecurityMetadata({\n secureDelegations: {\n [canonicalKey]: new SecureDelegation({\n delegator: selfId,\n delegate: selfId,\n secretIds: await secureDelegationsEncryption.encryptSecretIds(existingSecretIds, exchangeDataInfo.exchangeKey),\n encryptionKeys: await secureDelegationsEncryption.encryptEncryptionKeys(existingEncryptionKeys, exchangeDataInfo.exchangeKey),\n owningEntityIds: await secureDelegationsEncryption.encryptOwningEntityIds(existingOwningEntityIds, exchangeDataInfo.exchangeKey),\n permissions: SecureDelegation.AccessLevelEnum.WRITE,\n }),\n },\n keysEquivalences: { [aliasKey]: canonicalKey },\n }),\n },\n type: EntityWithDelegationTypeName.Patient,\n }\n const shareOrUpdateParams = await manager.makeShareOrUpdateRequestParams(\n fakeEntity,\n delegateId,\n [...existingSecretIds, ...newSecretIds],\n [...existingEncryptionKeys, ...newEncryptionKeys],\n [...existingOwningEntityIds, ...newOwningEntityIds],\n RequestedPermissionEnum.MAX_WRITE\n )\n expect(shareOrUpdateParams).to.not.be.undefined\n expect(shareOrUpdateParams!.share).to.be.undefined\n expect(shareOrUpdateParams!.update).to.not.be.undefined\n const updateParams = shareOrUpdateParams!.update!\n expect(updateParams.metadataAccessControlHash).to.equal(canonicalKey)\n expect(Object.keys(updateParams.secretIds ?? {})).to.have.length(newSecretIds.length)\n for (const [secretId, updateType] of Object.entries(updateParams.secretIds ?? {})) {\n expect(updateType).to.equal(EntryUpdateTypeEnum.CREATE)\n expect(newSecretIds).to.contain(await secureDelegationsEncryption.decryptSecretId(secretId, exchangeDataInfo.exchangeKey))\n }\n expect(Object.keys(updateParams.encryptionKeys ?? {})).to.have.length(newEncryptionKeys.length)\n for (const [encryptionKey, updateType] of Object.entries(updateParams.encryptionKeys ?? {})) {\n expect(updateType).to.equal(EntryUpdateTypeEnum.CREATE)\n expect(newEncryptionKeys).to.contain(await secureDelegationsEncryption.decryptEncryptionKey(encryptionKey, exchangeDataInfo.exchangeKey))\n }\n expect(Object.keys(updateParams.owningEntityIds ?? {})).to.have.length(newOwningEntityIds.length)\n for (const [owningEntityId, updateType] of Object.entries(updateParams.owningEntityIds ?? {})) {\n expect(updateType).to.equal(EntryUpdateTypeEnum.CREATE)\n expect(newOwningEntityIds).to.contain(await secureDelegationsEncryption.decryptOwningEntityId(owningEntityId, exchangeDataInfo.exchangeKey))\n }\n }\n await doTest(true)\n await doTest(false)\n })\n\n it('should return undefined for existing secure delegations if it contains all entries.', async function () {\n await initialiseComponents(false, false)\n const canonicalSfk = primitives.randomUuid()\n const exchangeDataInfo = await exchangeData.getOrCreateEncryptionDataTo(delegateId, EntityWithDelegationTypeName.Patient, [], false)\n const canonicalKey = await accessControlSecretUtils.secureDelegationKeyFor(\n exchangeDataInfo.accessControlSecret,\n EntityWithDelegationTypeName.Patient,\n canonicalSfk\n )\n const existingSecretIds = [ua2hex(primitives.randomBytes(16))]\n const existingEncryptionKeys: string[] = []\n const existingOwningEntityIds = [ua2hex(primitives.randomBytes(16))]\n const fakeEntity: { entity: EncryptedEntityStub; type: EntityWithDelegationTypeName } = {\n entity: {\n secretForeignKeys: [canonicalSfk],\n securityMetadata: new SecurityMetadata({\n secureDelegations: {\n [canonicalKey]: new SecureDelegation({\n delegator: selfId,\n delegate: selfId,\n secretIds: await secureDelegationsEncryption.encryptSecretIds(existingSecretIds, exchangeDataInfo.exchangeKey),\n encryptionKeys: await secureDelegationsEncryption.encryptEncryptionKeys(existingEncryptionKeys, exchangeDataInfo.exchangeKey),\n owningEntityIds: await secureDelegationsEncryption.encryptOwningEntityIds(existingOwningEntityIds, exchangeDataInfo.exchangeKey),\n permissions: SecureDelegation.AccessLevelEnum.WRITE,\n }),\n },\n }),\n },\n type: EntityWithDelegationTypeName.Patient,\n }\n const shareOrUpdateParams = await manager.makeShareOrUpdateRequestParams(\n fakeEntity,\n delegateId,\n [...existingSecretIds],\n [...existingEncryptionKeys],\n [...existingOwningEntityIds],\n RequestedPermissionEnum.MAX_WRITE\n )\n expect(shareOrUpdateParams).to.be.undefined\n })\n})\n"]}
|
|
@@ -35,8 +35,8 @@ describe('SignatureKeysManager', () => {
|
|
|
35
35
|
const public1 = (0, icc_x_api_1.ua2hex)(yield primitives.RSA.exportKey(pair1.keyPair.publicKey, 'spki'));
|
|
36
36
|
const public2 = (0, icc_x_api_1.ua2hex)(yield primitives.RSA.exportKey(pair2.keyPair.publicKey, 'spki'));
|
|
37
37
|
(0, chai_1.expect)(public1).to.equal(public2);
|
|
38
|
-
const verification1 = (0, icc_x_api_1.ua2hex)(yield primitives.RSA.exportKey((yield manager1.getSignatureVerificationKey((0, utils_1.
|
|
39
|
-
const verification2 = (0, icc_x_api_1.ua2hex)(yield primitives.RSA.exportKey((yield manager2.getSignatureVerificationKey((0, utils_1.
|
|
38
|
+
const verification1 = (0, icc_x_api_1.ua2hex)(yield primitives.RSA.exportKey((yield manager1.getSignatureVerificationKey((0, utils_1.fingerprintV2)(public1))), 'spki'));
|
|
39
|
+
const verification2 = (0, icc_x_api_1.ua2hex)(yield primitives.RSA.exportKey((yield manager2.getSignatureVerificationKey((0, utils_1.fingerprintV2)(public1))), 'spki'));
|
|
40
40
|
(0, chai_1.expect)(verification1).to.equal(public1);
|
|
41
41
|
(0, chai_1.expect)(verification2).to.equal(public1);
|
|
42
42
|
}));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signature-keys-manager-test.js","sourceRoot":"","sources":["../../../../test/icc-x-api/crypto/signature-keys-manager-test.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,iGAA6F;AAC7F,sFAAkF;AAClF,yDAAqE;AACrE,8GAA0G;AAC1G,mEAA+D;AAC/D,iFAA6E;AAC7E,mCAAkC;AAClC,gFAA4E;AAC5E,kDAA2C;AAC3C,+BAA6B;AAC7B,
|
|
1
|
+
{"version":3,"file":"signature-keys-manager-test.js","sourceRoot":"","sources":["../../../../test/icc-x-api/crypto/signature-keys-manager-test.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,iGAA6F;AAC7F,sFAAkF;AAClF,yDAAqE;AACrE,8GAA0G;AAC1G,mEAA+D;AAC/D,iFAA6E;AAC7E,mCAAkC;AAClC,gFAA4E;AAC5E,kDAA2C;AAC3C,+BAA6B;AAC7B,2DAA8E;AAE9E,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,EAAE,CAAC,mEAAmE,EAAE,GAAS,EAAE;QACjF,MAAM,YAAY,GAAG,IAAI,uCAAkB,CAAC,IAAI,4BAAc,EAAE,EAAE,IAAI,yBAAW,EAAE,EAAE,IAAI,+DAA8B,EAAE,CAAC,CAAA;QAC1H,MAAM,UAAU,GAAG,IAAI,mCAAgB,CAAC,kBAAgB,CAAC,CAAA;QACzD,MAAM,YAAY,GAAG,IAAI,mCAAgB,CAAC,EAAE,EAAE,EAAE,UAAU,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,qCAAiB,CAAC,GAAG,EAAE,CAAC,CAAA;QACvG,MAAM,QAAQ,GAAG,IAAI,mDAAwB,CAAC,YAAY,EAAE,YAAY,EAAE,UAAU,CAAC,CAAA;QACrF,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,2BAA2B,EAAE,CAAA;QAC1D,MAAM,QAAQ,GAAG,IAAI,mDAAwB,CAAC,YAAY,EAAE,YAAY,EAAE,UAAU,CAAC,CAAA;QACrF,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,2BAA2B,EAAE,CAAA;QAC1D,MAAM,QAAQ,GAAG,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAA;QAC1F,MAAM,QAAQ,GAAG,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAA;QAC1F,IAAA,aAAM,EAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAA;QACnC,MAAM,OAAO,GAAG,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;QACvF,MAAM,OAAO,GAAG,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;QACvF,IAAA,aAAM,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;QACjC,MAAM,aAAa,GAAG,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,MAAM,QAAQ,CAAC,2BAA2B,CAAC,IAAA,qBAAa,EAAC,OAAO,CAAC,CAAC,CAAE,EAAE,MAAM,CAAC,CAAC,CAAA;QAC3I,MAAM,aAAa,GAAG,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,MAAM,QAAQ,CAAC,2BAA2B,CAAC,IAAA,qBAAa,EAAC,OAAO,CAAC,CAAC,CAAE,EAAE,MAAM,CAAC,CAAC,CAAA;QAC3I,IAAA,aAAM,EAAC,aAAa,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;QACvC,IAAA,aAAM,EAAC,aAAa,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;IACzC,CAAC,CAAA,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA","sourcesContent":["import { UserSignatureKeysManager } from '../../../icc-x-api/crypto/UserSignatureKeysManager'\nimport { IcureStorageFacade } from '../../../icc-x-api/storage/IcureStorageFacade'\nimport { TestKeyStorage, TestStorage } from '../../utils/TestStorage'\nimport { DefaultStorageEntryKeysFactory } from '../../../icc-x-api/storage/DefaultStorageEntryKeysFactory'\nimport { FakeDataOwnerApi } from '../../utils/FakeDataOwnerApi'\nimport { CryptoPrimitives } from '../../../icc-x-api/crypto/CryptoPrimitives'\nimport { webcrypto } from 'crypto'\nimport { DataOwnerTypeEnum } from '../../../icc-api/model/DataOwnerTypeEnum'\nimport { ua2hex } from '../../../icc-x-api'\nimport { expect } from 'chai'\nimport { fingerprintV1, fingerprintV2 } from '../../../icc-x-api/crypto/utils'\n\ndescribe('SignatureKeysManager', () => {\n it('should be able to store a key pair in local storage and reload it', async () => {\n const iCureStorage = new IcureStorageFacade(new TestKeyStorage(), new TestStorage(), new DefaultStorageEntryKeysFactory())\n const primitives = new CryptoPrimitives(webcrypto as any)\n const dataOwnerApi = new FakeDataOwnerApi({ id: primitives.randomUuid(), type: DataOwnerTypeEnum.Hcp })\n const manager1 = new UserSignatureKeysManager(iCureStorage, dataOwnerApi, primitives)\n const pair1 = await manager1.getOrCreateSignatureKeyPair()\n const manager2 = new UserSignatureKeysManager(iCureStorage, dataOwnerApi, primitives)\n const pair2 = await manager2.getOrCreateSignatureKeyPair()\n const private1 = ua2hex(await primitives.RSA.exportKey(pair1.keyPair.privateKey, 'pkcs8'))\n const private2 = ua2hex(await primitives.RSA.exportKey(pair2.keyPair.privateKey, 'pkcs8'))\n expect(private1).to.equal(private2)\n const public1 = ua2hex(await primitives.RSA.exportKey(pair1.keyPair.publicKey, 'spki'))\n const public2 = ua2hex(await primitives.RSA.exportKey(pair2.keyPair.publicKey, 'spki'))\n expect(public1).to.equal(public2)\n const verification1 = ua2hex(await primitives.RSA.exportKey((await manager1.getSignatureVerificationKey(fingerprintV2(public1)))!, 'spki'))\n const verification2 = ua2hex(await primitives.RSA.exportKey((await manager2.getSignatureVerificationKey(fingerprintV2(public1)))!, 'spki'))\n expect(verification1).to.equal(public1)\n expect(verification2).to.equal(public1)\n })\n})\n"]}
|
package/test/support/CSM-87.d.ts
CHANGED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
import 'isomorphic-fetch';
|
package/test/support/CSM-87.js
CHANGED
|
@@ -8,12 +8,40 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
8
8
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
const icc_x_api_1 = require("../../icc-x-api");
|
|
13
|
+
const crypto_1 = require("crypto");
|
|
14
|
+
require("isomorphic-fetch");
|
|
15
|
+
const test_utils_1 = require("../utils/test_utils");
|
|
16
|
+
const icc_api_1 = require("../../icc-api");
|
|
17
|
+
(0, test_utils_1.setLocalStorage)(fetch);
|
|
18
|
+
class DiocaneCryptoStrategies {
|
|
19
|
+
generateNewKeyForDataOwner(self, cryptoPrimitives) {
|
|
20
|
+
return Promise.resolve(false);
|
|
21
|
+
}
|
|
22
|
+
recoverAndVerifySelfHierarchyKeys(keysData, cryptoPrimitives) {
|
|
23
|
+
return Promise.resolve(Object.fromEntries(keysData.map(({ dataOwner }) => [dataOwner.dataOwner.id, { recoveredKeys: {}, keyAuthenticity: {} }])));
|
|
24
|
+
}
|
|
25
|
+
verifyDelegatePublicKeys(delegate, publicKeys, cryptoPrimitives) {
|
|
26
|
+
return Promise.resolve(publicKeys);
|
|
27
|
+
}
|
|
28
|
+
dataOwnerRequiresAnonymousDelegation(dataOwner) {
|
|
29
|
+
return dataOwner.type !== 'hcp';
|
|
30
|
+
}
|
|
31
|
+
}
|
|
11
32
|
describe('CSM-87', function () {
|
|
12
33
|
return __awaiter(this, void 0, void 0, function* () {
|
|
13
34
|
it('An hcp should be able to load his key with `loadKeyPairsAsJwkInBrowserLocalStorage` and then create shamir partitions for himself', function () {
|
|
14
35
|
return __awaiter(this, void 0, void 0, function* () {
|
|
15
|
-
|
|
16
|
-
|
|
36
|
+
const api = yield icc_x_api_1.IcureApi.initialise("https://api.icure.cloud", new icc_x_api_1.JwtAuthenticationProvider(new icc_api_1.IccAuthApi("https://api.icure.cloud", {}, new icc_x_api_1.NoAuthenticationProvider(), fetch), "fabien.zimmer@medispring.be", "Ztf993pf", undefined, undefined), new DiocaneCryptoStrategies(), crypto_1.webcrypto, fetch, {
|
|
37
|
+
groupSelector: (availableGroupsInfo, currentGroupId) => {
|
|
38
|
+
const testapp = availableGroupsInfo.filter(g => { var _a; return ((_a = g.groupId) === null || _a === void 0 ? void 0 : _a.startsWith('ms-testapppatient')) == true; });
|
|
39
|
+
return Promise.resolve(currentGroupId);
|
|
40
|
+
// if (testapp.length != 1) throw new Error(`Found ${JSON.stringify(testapp)}`)
|
|
41
|
+
// return Promise.resolve(testapp[0].groupId!)
|
|
42
|
+
}
|
|
43
|
+
});
|
|
44
|
+
console.log("Hello");
|
|
17
45
|
});
|
|
18
46
|
});
|
|
19
47
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CSM-87.js","sourceRoot":"","sources":["../../../test/support/CSM-87.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"CSM-87.js","sourceRoot":"","sources":["../../../test/support/CSM-87.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,+CAA0I;AAG1I,mCAAgC;AAChC,4BAAyB;AACzB,oDAAmD;AACnD,2CAAwC;AACxC,IAAA,4BAAe,EAAC,KAAK,CAAC,CAAA;AAEtB,MAAM,uBAAuB;IAC3B,0BAA0B,CAAC,IAAuB,EAAE,gBAAkC;QACpF,OAAO,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAED,iCAAiC,CAC/B,QAA8F,EAC9F,gBAAkC;QAElC,OAAO,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,aAAa,EAAE,EAAE,EAAE,eAAe,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;IACnJ,CAAC;IAED,wBAAwB,CAAC,QAAiC,EAAE,UAAoB,EAAE,gBAAkC;QAClH,OAAO,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;IACpC,CAAC;IAED,oCAAoC,CAAC,SAAkC;QACrE,OAAO,SAAS,CAAC,IAAI,KAAK,KAAK,CAAA;IACjC,CAAC;CACF;AAGD,QAAQ,CAAC,QAAQ,EAAE;;QACjB,EAAE,CAAC,mIAAmI,EAAE;;gBACtI,MAAM,GAAG,GAAG,MAAM,oBAAQ,CAAC,UAAU,CACnC,yBAAyB,EACzB,IAAI,qCAAyB,CAC3B,IAAI,oBAAU,CAAC,yBAAyB,EAAE,EAAE,EAAE,IAAI,oCAAwB,EAAE,EAAE,KAAK,CAAC,EACpF,6BAA6B,EAC7B,UAAU,EACV,SAAS,EACT,SAAS,CACV,EACD,IAAI,uBAAuB,EAAE,EAC7B,kBAAgB,EAChB,KAAK,EACL;oBACE,aAAa,EAAE,CAAC,mBAAmB,EAAE,cAAc,EAAE,EAAE;wBACrD,MAAM,OAAO,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,WAAC,OAAA,CAAA,MAAA,CAAC,CAAC,OAAO,0CAAE,UAAU,CAAC,mBAAmB,CAAC,KAAI,IAAI,CAAA,EAAA,CAAC,CAAA;wBACnG,OAAO,OAAO,CAAC,OAAO,CAAC,cAAe,CAAC,CAAA;wBACvC,+EAA+E;wBAC/E,8CAA8C;oBAChD,CAAC;iBACF,CACF,CAAA;gBACD,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;YACtB,CAAC;SAAA,CAAC,CAAA;IACJ,CAAC;CAAA,CAAC,CAAA","sourcesContent":["import {CryptoPrimitives, CryptoStrategies, IcureApi, JwtAuthenticationProvider, KeyPair, NoAuthenticationProvider} from \"../../icc-x-api\"\nimport {DataOwnerWithType} from \"../../icc-api/model/DataOwnerWithType\"\nimport {CryptoActorStubWithType} from \"../../icc-api/model/CryptoActorStub\"\nimport {webcrypto} from \"crypto\"\nimport 'isomorphic-fetch'\nimport {setLocalStorage} from \"../utils/test_utils\"\nimport {IccAuthApi} from \"../../icc-api\"\nsetLocalStorage(fetch)\n\nclass DiocaneCryptoStrategies implements CryptoStrategies {\n generateNewKeyForDataOwner(self: DataOwnerWithType, cryptoPrimitives: CryptoPrimitives): Promise<KeyPair<CryptoKey> | boolean> {\n return Promise.resolve(false)\n }\n\n recoverAndVerifySelfHierarchyKeys(\n keysData: { dataOwner: DataOwnerWithType; unknownKeys: string[]; unavailableKeys: string[] }[],\n cryptoPrimitives: CryptoPrimitives\n ): Promise<{ [p: string]: { recoveredKeys: { [p: string]: KeyPair<CryptoKey> }; keyAuthenticity: { [p: string]: boolean } } }> {\n return Promise.resolve(Object.fromEntries(keysData.map(({ dataOwner }) => [dataOwner.dataOwner.id, { recoveredKeys: {}, keyAuthenticity: {} }])))\n }\n\n verifyDelegatePublicKeys(delegate: CryptoActorStubWithType, publicKeys: string[], cryptoPrimitives: CryptoPrimitives): Promise<string[]> {\n return Promise.resolve(publicKeys)\n }\n\n dataOwnerRequiresAnonymousDelegation(dataOwner: CryptoActorStubWithType): boolean {\n return dataOwner.type !== 'hcp'\n }\n}\n\n\ndescribe('CSM-87', async function () {\n it('An hcp should be able to load his key with `loadKeyPairsAsJwkInBrowserLocalStorage` and then create shamir partitions for himself', async function () {\n const api = await IcureApi.initialise(\n \"https://api.icure.cloud\",\n new JwtAuthenticationProvider(\n new IccAuthApi(\"https://api.icure.cloud\", {}, new NoAuthenticationProvider(), fetch),\n \"fabien.zimmer@medispring.be\",\n \"Ztf993pf\",\n undefined,\n undefined\n ),\n new DiocaneCryptoStrategies(),\n webcrypto as any,\n fetch,\n {\n groupSelector: (availableGroupsInfo, currentGroupId) => {\n const testapp = availableGroupsInfo.filter(g => g.groupId?.startsWith('ms-testapppatient') == true)\n return Promise.resolve(currentGroupId!)\n // if (testapp.length != 1) throw new Error(`Found ${JSON.stringify(testapp)}`)\n // return Promise.resolve(testapp[0].groupId!)\n }\n }\n )\n console.log(\"Hello\")\n })\n})\n"]}
|