@ixo/ucan 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. package/.turbo/turbo-build.log +1 -1
  2. package/README.md +72 -11
  3. package/dist/client/create-client.d.ts +4 -2
  4. package/dist/client/create-client.d.ts.map +1 -1
  5. package/dist/client/create-client.js +2 -0
  6. package/dist/client/create-client.js.map +1 -1
  7. package/dist/did/web-resolver.d.ts +7 -0
  8. package/dist/did/web-resolver.d.ts.map +1 -0
  9. package/dist/did/web-resolver.js +78 -0
  10. package/dist/did/web-resolver.js.map +1 -0
  11. package/dist/index.d.ts +2 -1
  12. package/dist/index.d.ts.map +1 -1
  13. package/dist/index.js +1 -0
  14. package/dist/index.js.map +1 -1
  15. package/dist/tsconfig.tsbuildinfo +1 -1
  16. package/dist/validator/validator.d.ts +2 -0
  17. package/dist/validator/validator.d.ts.map +1 -1
  18. package/dist/validator/validator.js +152 -6
  19. package/dist/validator/validator.js.map +1 -1
  20. package/package.json +18 -7
  21. package/src/client/create-client.ts +8 -1
  22. package/src/did/web-resolver.ts +140 -0
  23. package/src/index.ts +6 -0
  24. package/src/validator/validator.test.ts +502 -0
  25. package/src/validator/validator.ts +253 -12
package/dist/validator/validator.js CHANGED
@@ -1,14 +1,17 @@
1
1
  import { ed25519 } from '@ucanto/principal';
2
- import { Delegation } from '@ucanto/core';
2
+ import { Delegation, UCAN } from '@ucanto/core';
3
3
  import { claim } from '@ucanto/validator';
4
4
  import { InMemoryInvocationStore } from '../store/memory.js';
5
5
  export async function createUCANValidator(options) {
6
6
  const invocationStore = options.invocationStore ?? new InMemoryInvocationStore();
7
7
  let serverVerifier;
8
- if (options.serverDid.startsWith('did:key:')) {
9
- serverVerifier = ed25519.Verifier.parse(options.serverDid);
10
- }
11
- else {
8
+ async function getServerVerifier() {
9
+ if (serverVerifier)
10
+ return serverVerifier;
11
+ if (options.serverDid.startsWith('did:key:')) {
12
+ serverVerifier = ed25519.Verifier.parse(options.serverDid);
13
+ return serverVerifier;
14
+ }
12
15
  if (!options.didResolver) {
13
16
  throw new Error(`Cannot use ${options.serverDid} as server DID without a didResolver. ` +
14
17
  `Provide a didResolver to resolve non-did:key DIDs, or use a did:key directly.`);
@@ -26,6 +29,7 @@ export async function createUCANValidator(options) {
26
29
  throw new Error(`No valid key found for server DID ${options.serverDid}`);
27
30
  }
28
31
  serverVerifier = ed25519.Verifier.parse(keyDid);
32
+ return serverVerifier;
29
33
  }
30
34
  const resolveDIDKey = async (did) => {
31
35
  if (typeof did !== 'string') {
@@ -85,6 +89,70 @@ export async function createUCANValidator(options) {
85
89
  }
86
90
  return exp ?? parentExp;
87
91
  }
92
+ async function verifyDelegationChain(delegation) {
93
+ const issuerDid = delegation.issuer.did();
94
+ const resolved = await resolveDIDKey(issuerDid);
95
+ if ('error' in resolved) {
96
+ return {
97
+ ok: false,
98
+ error: {
99
+ code: 'INVALID_SIGNATURE',
100
+ message: `Cannot resolve issuer DID ${issuerDid}: ${resolved.error?.message ?? 'unknown'}`,
101
+ },
102
+ };
103
+ }
104
+ if (!resolved.ok || resolved.ok.length === 0) {
105
+ return {
106
+ ok: false,
107
+ error: {
108
+ code: 'INVALID_SIGNATURE',
109
+ message: `No keys found for issuer DID ${issuerDid}`,
110
+ },
111
+ };
112
+ }
113
+ const didKey = resolved.ok[0];
114
+ const realVerifier = ed25519.Verifier.parse(didKey);
115
+ const ucanView = delegation.data;
116
+ const wrappedVerifier = {
117
+ did: () => issuerDid,
118
+ verify: (payload, signature) => realVerifier.verify(payload, signature),
119
+ };
120
+ const sigValid = await UCAN.verifySignature(ucanView, wrappedVerifier);
121
+ if (!sigValid) {
122
+ return {
123
+ ok: false,
124
+ error: {
125
+ code: 'INVALID_SIGNATURE',
126
+ message: `Signature verification failed for issuer ${issuerDid}`,
127
+ },
128
+ };
129
+ }
130
+ if (delegation.proofs && delegation.proofs.length > 0) {
131
+ for (const proof of delegation.proofs) {
132
+ const proofAudience = proof.audience.did();
133
+ if (proofAudience !== issuerDid) {
134
+ const proofAudResolved = await resolveDIDKey(proofAudience);
135
+ const proofAudKey = 'ok' in proofAudResolved && proofAudResolved.ok
136
+ ? proofAudResolved.ok[0]
137
+ : null;
138
+ if (didKey !== proofAudKey) {
139
+ return {
140
+ ok: false,
141
+ error: {
142
+ code: 'UNAUTHORIZED',
143
+ message: `Proof chain broken: proof audience ${proofAudience} does not match delegation issuer ${issuerDid}`,
144
+ },
145
+ };
146
+ }
147
+ }
148
+ const proofResult = await verifyDelegationChain(proof);
149
+ if (!proofResult.ok) {
150
+ return proofResult;
151
+ }
152
+ }
153
+ }
154
+ return { ok: true };
155
+ }
88
156
  return {
89
157
  serverDid: options.serverDid,
90
158
  async validate(invocationBase64, capabilityDef, resource) {
@@ -130,11 +198,14 @@ export async function createUCANValidator(options) {
130
198
  },
131
199
  };
132
200
  }
201
+ const resolvedVerifier = await getServerVerifier();
133
202
  const claimResult = claim(capabilityDef, [invocation], {
134
- authority: serverVerifier,
203
+ authority: resolvedVerifier,
135
204
  principal: ed25519.Verifier,
136
205
  resolveDIDKey: resolveDIDKey,
137
206
  canIssue: (cap, issuer) => {
207
+ if (options.rootIssuers.includes('*'))
208
+ return true;
138
209
  if (options.rootIssuers.includes(issuer))
139
210
  return true;
140
211
  if (typeof cap.with === 'string' && cap.with.includes(issuer))
@@ -180,6 +251,7 @@ export async function createUCANValidator(options) {
180
251
  }
181
252
  const proofChain = buildProofChain(invocation);
182
253
  const expiration = computeEffectiveExpiration(invocation);
254
+ const facts = invocation.facts;
183
255
  return {
184
256
  ok: true,
185
257
  invoker: invocation.issuer.did(),
@@ -192,6 +264,80 @@ export async function createUCANValidator(options) {
192
264
  : undefined,
193
265
  expiration,
194
266
  proofChain,
267
+ facts: facts && facts.length > 0 ? facts : undefined,
268
+ };
269
+ }
270
+ catch (err) {
271
+ const message = err instanceof Error ? err.message : 'Unknown error';
272
+ return { ok: false, error: { code: 'INVALID_FORMAT', message } };
273
+ }
274
+ },
275
+ async validateDelegation(delegationBase64) {
276
+ try {
277
+ const carBytes = new Uint8Array(Buffer.from(delegationBase64, 'base64'));
278
+ const extracted = await Delegation.extract(carBytes);
279
+ if (extracted.error) {
280
+ return {
281
+ ok: false,
282
+ error: {
283
+ code: 'INVALID_FORMAT',
284
+ message: `Failed to decode: ${extracted.error?.message ?? 'unknown'}`,
285
+ },
286
+ };
287
+ }
288
+ const delegation = 'ok' in extracted ? extracted.ok : extracted;
289
+ if (!delegation?.issuer?.did || !delegation?.audience?.did) {
290
+ return {
291
+ ok: false,
292
+ error: {
293
+ code: 'INVALID_FORMAT',
294
+ message: 'Delegation missing issuer or audience',
295
+ },
296
+ };
297
+ }
298
+ const audienceDid = delegation.audience.did();
299
+ if (audienceDid !== options.serverDid) {
300
+ return {
301
+ ok: false,
302
+ error: {
303
+ code: 'UNAUTHORIZED',
304
+ message: `Delegation addressed to ${audienceDid}, not ${options.serverDid}`,
305
+ },
306
+ };
307
+ }
308
+ const expiration = computeEffectiveExpiration(delegation);
309
+ if (expiration !== undefined) {
310
+ const nowSeconds = Math.floor(Date.now() / 1000);
311
+ if (expiration < nowSeconds) {
312
+ return {
313
+ ok: false,
314
+ error: {
315
+ code: 'EXPIRED',
316
+ message: `Delegation expired at ${new Date(expiration * 1000).toISOString()}`,
317
+ },
318
+ };
319
+ }
320
+ }
321
+ const sigResult = await verifyDelegationChain(delegation);
322
+ if (!sigResult.ok) {
323
+ return sigResult;
324
+ }
325
+ const proofChain = buildProofChain(delegation);
326
+ const cap = delegation.capabilities?.[0];
327
+ const facts = delegation.facts;
328
+ return {
329
+ ok: true,
330
+ invoker: delegation.issuer.did(),
331
+ capability: cap
332
+ ? {
333
+ can: cap.can,
334
+ with: cap.with,
335
+ nb: cap.nb,
336
+ }
337
+ : undefined,
338
+ expiration,
339
+ proofChain,
340
+ facts: facts && facts.length > 0 ? facts : undefined,
195
341
  };
196
342
  }
197
343
  catch (err) {
package/dist/validator/validator.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"validator.js","sourceRoot":"","sources":["../../src/validator/validator.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAG1C,OAAO,EAAE,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AA6J7D,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAA+B;IAE/B,MAAM,eAAe,GACnB,OAAO,CAAC,eAAe,IAAI,IAAI,uBAAuB,EAAE,CAAC;IAI3D,IAAI,cAAwB,CAAC;IAE7B,IAAI,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAE7C,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAC7D,CAAC;SAAM,CAAC;QAEN,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,cAAc,OAAO,CAAC,SAAS,wCAAwC;gBACrE,+EAA+E,CAClF,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,WAAW,CACxC,OAAO,CAAC,SAAsC,CAC/C,CAAC;QAEF,IAAI,OAAO,IAAI,QAAQ,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CACb,gCAAgC,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAC/E,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,QAAQ,CAAC,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CACb,gCAAgC,OAAO,CAAC,SAAS,IAAI;gBACnD,8DAA8D,CACjE,CAAC;QACJ,CAAC;QAGD,MAAM,MAAM,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC9B,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,qCAAqC,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;QAC5E,CAAC;QAED,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAClD,CAAC;IAGD,MAAM,aAAa,GAAG,KAAK,EAAE,GAA8B,EAAE,EAAE;QAE7D,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,OAAO,CAAC,KAAK,CAAC,6CAA6C,EAAE,GAAG,CAAC,CAAC;YAClE,OAAO;gBACL,KAAK,EAAE;oBACL,IAAI,EAAE,uBAAgC;oBACtC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC;oBAChB,OAAO,EAAE,4BAA4B,OAAO,GAAG,EAAE;iBAClD;aACF,CAAC;QACJ,CAAC;QAGD,IAAI,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC/B,OAAO,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,CAAC;QAGD,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YACxB,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YAC9C,IAAI,IAAI,IAAI,MAAM,IAAI,MAAM,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAE3C,OAAO,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;YAC3B,CAAC;YACD,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;gBACtB,OAAO;oBACL,KAAK,EAAE;wBACL,IAAI,EAAE,uBAAgC;wBACtC,GAAG;wBACH,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO;qBAC9B;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO;YACL,KAAK,EAAE;gBACL,IAAI,EAAE,uBAAgC;gBACtC,GAAG;gBACH,OAAO,EAAE,uBAAuB,GAAG,EAAE;aACtC;SACF,CAAC;IACJ,CAAC,CAAC;IAOF,SAAS,eAAe,CAAC,UAAe;QACtC,IAAI,CAAC,UAAU,EAAE,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1D,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;QACnC,CAAC;QACD,MAAM,WAAW,GAAG,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1D,OAAO,CAAC,GAAG,WAAW,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;IACnD,CAAC;IAOD,SAAS,0BAA0B,CAAC,UAAe;QACjD,MAAM,GAAG,GACP,OAAO,UAAU,EAAE,UAAU,KAAK,QAAQ;YAC1C,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC;YAC7B,CAAC,CAAC,UAAU,CAAC,UAAU;YACvB,CAAC,CAAC,SAAS,CAAC;QAEhB,IAAI,CAAC,UAAU,EAAE,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1D,OAAO,GAAG,CAAC;QACb,CAAC;QAED,MAAM,SAAS,GAAG,0BAA0B,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAEnE,IAAI,GAAG,KAAK,SAAS,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YACjD,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAClC,CAAC;QACD,OAAO,GAAG,IAAI,SAAS,CAAC;IAC1B,CAAC;IAED,OAAO;QACL,SAAS,EAAE,OAAO,CAAC,SAAS;QAE5B,KAAK,CAAC,QAAQ,CACZ,gBAAgB,EAChB,aAAa,EACb,QAAQ;YAER,IAAI,CAAC;gBAEH,MAAM,QAAQ,GAAG,IAAI,UAAU,CAC7B,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CACxC,CAAC;gBAGF,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACrD,IAAI,SAAS,CAAC,KAAK,EAAE,CAAC;oBACpB,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,gBAAgB;4BACtB,OAAO,EAAE,qBAAqB,SAAS,CAAC,KAAK,EAAE,OAAO,IAAI,SAAS,EAAE;yBACtE;qBACF,CAAC;gBACJ,CAAC;gBAED,MAAM,UAAU,GAAG,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;gBAGhE,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC;oBAC3D,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,gBAAgB;4BACtB,OAAO,EAAE,uCAAuC;yBACjD;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;gBAC9C,IAAI,WAAW,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC;oBACtC,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,cAAc;4BACpB,OAAO,EAAE,2BAA2B,WAAW,SAAS,OAAO,CAAC,SAAS,EAAE;yBAC5E;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,aAAa,GAAG,UAAU,CAAC,GAAG,EAAE,QAAQ,EAAE,CAAC;gBACjD,IAAI,aAAa,IAAI,CAAC,MAAM,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;oBAChE,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,QAAQ;4BACd,OAAO,EAAE,kCAAkC;yBAC5C;qBACF,CAAC;gBACJ,CAAC;gBAID,MAAM,WAAW,GAAG,KAAK,CAAC,aAAa,EAAE,CAAC,UAAU,CAAC,EAAE;oBACrD,SAAS,EAAE,cAAc;oBACzB,SAAS,EAAE,OAAO,CAAC,QAAQ;oBAE3B,aAAa,EAAE,aAAoB;oBACnC,QAAQ,EAAE,CAAC,GAAqB,EAAE,MAAc,EAAE,EAAE;wBAElD,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC;4BAAE,OAAO,IAAI,CAAC;wBAEtD,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;4BAC3D,OAAO,IAAI,CAAC;wBACd,OAAO,KAAK,CAAC;oBACf,CAAC;oBACD,qBAAqB,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;iBAC1C,CAAC,CAAC;gBAEH,MAAM,YAAY,GAAG,MAAM,WAAW,CAAC;gBAEvC,IAAI,YAAY,CAAC,KAAK,EAAE,CAAC;oBAEvB,MAAM,QAAQ,GAAG,YAAY,CAAC,KAAK,CAAC,OAAO,IAAI,sBAAsB,CAAC;oBACtE,MAAM,aAAa,GACjB,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;wBAC1B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;wBAC3B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;wBAC5B,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;oBAEhC,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,cAAc;4BACzD,OAAO,EAAE,QAAQ;yBAClB;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,YAAY,GAAG,UAAU,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,CAAC;gBAClD,IAAI,YAAY,IAAI,YAAY,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAEnD,MAAM,OAAO,GAAG,YAAY,CAAC,IAAc,CAAC;oBAC5C,MAAM,eAAe,GACnB,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;wBACrB,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;wBAC5C,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;4BACrB,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;oBAE/C,IAAI,CAAC,eAAe,EAAE,CAAC;wBACrB,OAAO;4BACL,EAAE,EAAE,KAAK;4BACT,KAAK,EAAE;gCACL,IAAI,EAAE,cAAc;gCACpB,OAAO,EAAE,YAAY,YAAY,CAAC,IAAI,mBAAmB,QAAQ,EAAE;6BACpE;yBACF,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAGD,IAAI,aAAa,EAAE,CAAC;oBAClB,MAAM,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;gBAC3C,CAAC;gBAGD,MAAM,UAAU,GAAG,eAAe,CAAC,UAAU,CAAC,CAAC;gBAC/C,MAAM,UAAU,GAAG,0BAA0B,CAAC,UAAU,CAAC,CAAC;gBAE1D,OAAO;oBACL,EAAE,EAAE,IAAI;oBACR,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE;oBAChC,UAAU,EAAE,YAAY;wBACtB,CAAC,CAAC;4BACE,GAAG,EAAE,YAAY,CAAC,GAAG;4BACrB,IAAI,EAAE,YAAY,CAAC,IAAc;4BACjC,EAAE,EAAE,YAAY,CAAC,EAAyC;yBAC3D;wBACH,CAAC,CAAC,SAAS;oBACb,UAAU;oBACV,UAAU;iBACX,CAAC;YACJ,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACrE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,EAAE,CAAC;YACnE,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}
1
+ {"version":3,"file":"validator.js","sourceRoot":"","sources":["../../src/validator/validator.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAG1C,OAAO,EAAE,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AAyL7D,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAA+B;IAE/B,MAAM,eAAe,GACnB,OAAO,CAAC,eAAe,IAAI,IAAI,uBAAuB,EAAE,CAAC;IAM3D,IAAI,cAAoC,CAAC;IAEzC,KAAK,UAAU,iBAAiB;QAC9B,IAAI,cAAc;YAAE,OAAO,cAAc,CAAC;QAE1C,IAAI,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC7C,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YAC3D,OAAO,cAAc,CAAC;QACxB,CAAC;QAED,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,cAAc,OAAO,CAAC,SAAS,wCAAwC;gBACrE,+EAA+E,CAClF,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,WAAW,CACxC,OAAO,CAAC,SAAsC,CAC/C,CAAC;QAEF,IAAI,OAAO,IAAI,QAAQ,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CACb,gCAAgC,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAC/E,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,QAAQ,CAAC,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CACb,gCAAgC,OAAO,CAAC,SAAS,IAAI;gBACnD,8DAA8D,CACjE,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC9B,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,qCAAqC,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;QAC5E,CAAC;QAED,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAChD,OAAO,cAAc,CAAC;IACxB,CAAC;IAGD,MAAM,aAAa,GAAG,KAAK,EAAE,GAA8B,EAAE,EAAE;QAE7D,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,OAAO,CAAC,KAAK,CAAC,6CAA6C,EAAE,GAAG,CAAC,CAAC;YAClE,OAAO;gBACL,KAAK,EAAE;oBACL,IAAI,EAAE,uBAAgC;oBACtC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC;oBAChB,OAAO,EAAE,4BAA4B,OAAO,GAAG,EAAE;iBAClD;aACF,CAAC;QACJ,CAAC;QAGD,IAAI,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC/B,OAAO,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,CAAC;QAGD,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YACxB,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YAC9C,IAAI,IAAI,IAAI,MAAM,IAAI,MAAM,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAE3C,OAAO,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;YAC3B,CAAC;YACD,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;gBACtB,OAAO;oBACL,KAAK,EAAE;wBACL,IAAI,EAAE,uBAAgC;wBACtC,GAAG;wBACH,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO;qBAC9B;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO;YACL,KAAK,EAAE;gBACL,IAAI,EAAE,uBAAgC;gBACtC,GAAG;gBACH,OAAO,EAAE,uBAAuB,GAAG,EAAE;aACtC;SACF,CAAC;IACJ,CAAC,CAAC;IAOF,SAAS,eAAe,CAAC,UAAe;QACtC,IAAI,CAAC,UAAU,EAAE,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1D,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;QACnC,CAAC;QACD,MAAM,WAAW,GAAG,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1D,OAAO,CAAC,GAAG,WAAW,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;IACnD,CAAC;IAOD,SAAS,0BAA0B,CAAC,UAAe;QACjD,MAAM,GAAG,GACP,OAAO,UAAU,EAAE,UAAU,KAAK,QAAQ;YAC1C,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC;YAC7B,CAAC,CAAC,UAAU,CAAC,UAAU;YACvB,CAAC,CAAC,SAAS,CAAC;QAEhB,IAAI,CAAC,UAAU,EAAE,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1D,OAAO,GAAG,CAAC;QACb,CAAC;QAED,MAAM,SAAS,GAAG,0BAA0B,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAEnE,IAAI,GAAG,KAAK,SAAS,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YACjD,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAClC,CAAC;QACD,OAAO,GAAG,IAAI,SAAS,CAAC;IAC1B,CAAC;IAQD,KAAK,UAAU,qBAAqB,CAAC,UAAe;QAClD,MAAM,SAAS,GAAW,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAGlD,MAAM,QAAQ,GAAG,MAAM,aAAa,CAClC,SAAsC,CACvC,CAAC;QACF,IAAI,OAAO,IAAI,QAAQ,EAAE,CAAC;YACxB,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE;oBACL,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,6BAA6B,SAAS,KAAK,QAAQ,CAAC,KAAK,EAAE,OAAO,IAAI,SAAS,EAAE;iBAC3F;aACF,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,QAAQ,CAAC,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7C,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE;oBACL,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,gCAAgC,SAAS,EAAE;iBACrD;aACF,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAE,CAAC;QAC/B,MAAM,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAIpD,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC;QAOjC,MAAM,eAAe,GAAG;YACtB,GAAG,EAAE,GAAG,EAAE,CAAC,SAAS;YACpB,MAAM,EAAE,CAAC,OAAmB,EAAE,SAAkB,EAAE,EAAE,CAClD,YAAY,CAAC,MAAM,CACjB,OAAO,EAEP,SAAgB,CACjB;SACJ,CAAC;QAGF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,eAAsB,CAAC,CAAC;QAC9E,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE;oBACL,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,4CAA4C,SAAS,EAAE;iBACjE;aACF,CAAC;QACJ,CAAC;QAGD,IAAI,UAAU,CAAC,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtD,KAAK,MAAM,KAAK,IAAI,UAAU,CAAC,MAAM,EAAE,CAAC;gBAEtC,MAAM,aAAa,GAAW,KAAK,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;gBACnD,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;oBAEhC,MAAM,gBAAgB,GAAG,MAAM,aAAa,CAC1C,aAA0C,CAC3C,CAAC;oBACF,MAAM,WAAW,GACf,IAAI,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,EAAE;wBAC7C,CAAC,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAC;wBACxB,CAAC,CAAC,IAAI,CAAC;oBAEX,IAAI,MAAM,KAAK,WAAW,EAAE,CAAC;wBAC3B,OAAO;4BACL,EAAE,EAAE,KAAK;4BACT,KAAK,EAAE;gCACL,IAAI,EAAE,cAAc;gCACpB,OAAO,EAAE,sCAAsC,aAAa,qCAAqC,SAAS,EAAE;6BAC7G;yBACF,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAED,MAAM,WAAW,GAAG,MAAM,qBAAqB,CAAC,KAAK,CAAC,CAAC;gBACvD,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,CAAC;oBACpB,OAAO,WAAW,CAAC;gBACrB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;IACtB,CAAC;IAED,OAAO;QACL,SAAS,EAAE,OAAO,CAAC,SAAS;QAE5B,KAAK,CAAC,QAAQ,CACZ,gBAAgB,EAChB,aAAa,EACb,QAAQ;YAER,IAAI,CAAC;gBAEH,MAAM,QAAQ,GAAG,IAAI,UAAU,CAC7B,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CACxC,CAAC;gBAGF,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACrD,IAAI,SAAS,CAAC,KAAK,EAAE,CAAC;oBACpB,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,gBAAgB;4BACtB,OAAO,EAAE,qBAAqB,SAAS,CAAC,KAAK,EAAE,OAAO,IAAI,SAAS,EAAE;yBACtE;qBACF,CAAC;gBACJ,CAAC;gBAED,MAAM,UAAU,GAAG,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;gBAGhE,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC;oBAC3D,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,gBAAgB;4BACtB,OAAO,EAAE,uCAAuC;yBACjD;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;gBAC9C,IAAI,WAAW,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC;oBACtC,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,cAAc;4BACpB,OAAO,EAAE,2BAA2B,WAAW,SAAS,OAAO,CAAC,SAAS,EAAE;yBAC5E;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,aAAa,GAAG,UAAU,CAAC,GAAG,EAAE,QAAQ,EAAE,CAAC;gBACjD,IAAI,aAAa,IAAI,CAAC,MAAM,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;oBAChE,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,QAAQ;4BACd,OAAO,EAAE,kCAAkC;yBAC5C;qBACF,CAAC;gBACJ,CAAC;gBAID,MAAM,gBAAgB,GAAG,MAAM,iBAAiB,EAAE,CAAC;gBACnD,MAAM,WAAW,GAAG,KAAK,CAAC,aAAa,EAAE,CAAC,UAAU,CAAC,EAAE;oBACrD,SAAS,EAAE,gBAAgB;oBAC3B,SAAS,EAAE,OAAO,CAAC,QAAQ;oBAE3B,aAAa,EAAE,aAAoB;oBACnC,QAAQ,EAAE,CAAC,GAAqB,EAAE,MAAc,EAAE,EAAE;wBAElD,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC;4BAAE,OAAO,IAAI,CAAC;wBAEnD,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC;4BAAE,OAAO,IAAI,CAAC;wBAEtD,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;4BAC3D,OAAO,IAAI,CAAC;wBACd,OAAO,KAAK,CAAC;oBACf,CAAC;oBACD,qBAAqB,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;iBAC1C,CAAC,CAAC;gBAEH,MAAM,YAAY,GAAG,MAAM,WAAW,CAAC;gBAEvC,IAAI,YAAY,CAAC,KAAK,EAAE,CAAC;oBAEvB,MAAM,QAAQ,GAAG,YAAY,CAAC,KAAK,CAAC,OAAO,IAAI,sBAAsB,CAAC;oBACtE,MAAM,aAAa,GACjB,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;wBAC1B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;wBAC3B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;wBAC5B,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;oBAEhC,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,cAAc;4BACzD,OAAO,EAAE,QAAQ;yBAClB;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,YAAY,GAAG,UAAU,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,CAAC;gBAClD,IAAI,YAAY,IAAI,YAAY,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAEnD,MAAM,OAAO,GAAG,YAAY,CAAC,IAAc,CAAC;oBAC5C,MAAM,eAAe,GACnB,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;wBACrB,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;wBAC5C,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;4BACrB,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;oBAE/C,IAAI,CAAC,eAAe,EAAE,CAAC;wBACrB,OAAO;4BACL,EAAE,EAAE,KAAK;4BACT,KAAK,EAAE;gCACL,IAAI,EAAE,cAAc;gCACpB,OAAO,EAAE,YAAY,YAAY,CAAC,IAAI,mBAAmB,QAAQ,EAAE;6BACpE;yBACF,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAGD,IAAI,aAAa,EAAE,CAAC;oBAClB,MAAM,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;gBAC3C,CAAC;gBAGD,MAAM,UAAU,GAAG,eAAe,CAAC,UAAU,CAAC,CAAC;gBAC/C,MAAM,UAAU,GAAG,0BAA0B,CAAC,UAAU,CAAC,CAAC;gBAI1D,MAAM,KAAK,GAAI,UAAkB,CAAC,KAErB,CAAC;gBAEd,OAAO;oBACL,EAAE,EAAE,IAAI;oBACR,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE;oBAChC,UAAU,EAAE,YAAY;wBACtB,CAAC,CAAC;4BACE,GAAG,EAAE,YAAY,CAAC,GAAG;4BACrB,IAAI,EAAE,YAAY,CAAC,IAAc;4BACjC,EAAE,EAAE,YAAY,CAAC,EAAyC;yBAC3D;wBACH,CAAC,CAAC,SAAS;oBACb,UAAU;oBACV,UAAU;oBACV,KAAK,EAAE,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;iBACrD,CAAC;YACJ,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACrE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,EAAE,CAAC;YACnE,CAAC;QACH,CAAC;QAED,KAAK,CAAC,kBAAkB,CACtB,gBAAwB;YAExB,IAAI,CAAC;gBAEH,MAAM,QAAQ,GAAG,IAAI,UAAU,CAC7B,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CACxC,CAAC;gBAGF,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACrD,IAAI,SAAS,CAAC,KAAK,EAAE,CAAC;oBACpB,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,gBAAgB;4BACtB,OAAO,EAAE,qBAAqB,SAAS,CAAC,KAAK,EAAE,OAAO,IAAI,SAAS,EAAE;yBACtE;qBACF,CAAC;gBACJ,CAAC;gBAED,MAAM,UAAU,GAAG,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;gBAGhE,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC;oBAC3D,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,gBAAgB;4BACtB,OAAO,EAAE,uCAAuC;yBACjD;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;gBAC9C,IAAI,WAAW,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC;oBACtC,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,cAAc;4BACpB,OAAO,EAAE,2BAA2B,WAAW,SAAS,OAAO,CAAC,SAAS,EAAE;yBAC5E;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,UAAU,GAAG,0BAA0B,CAAC,UAAU,CAAC,CAAC;gBAC1D,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;oBAC7B,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;oBACjD,IAAI,UAAU,GAAG,UAAU,EAAE,CAAC;wBAC5B,OAAO;4BACL,EAAE,EAAE,KAAK;4BACT,KAAK,EAAE;gCACL,IAAI,EAAE,SAAS;gCACf,OAAO,EAAE,yBAAyB,IAAI,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE;6BAC9E;yBACF,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAGD,MAAM,SAAS,GAAG,MAAM,qBAAqB,CAAC,UAAU,CAAC,CAAC;gBAC1D,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC;oBAClB,OAAO,SAAS,CAAC;gBACnB,CAAC;gBAGD,MAAM,UAAU,GAAG,eAAe,CAAC,UAAU,CAAC,CAAC;gBAC/C,MAAM,GAAG,GAAG,UAAU,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,CAAC;gBAEzC,MAAM,KAAK,GAAI,UAAkB,CAAC,KAErB,CAAC;gBAEd,OAAO;oBACL,EAAE,EAAE,IAAI;oBACR,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE;oBAChC,UAAU,EAAE,GAAG;wBACb,CAAC,CAAC;4BACE,GAAG,EAAE,GAAG,CAAC,GAAG;4BACZ,IAAI,EAAE,GAAG,CAAC,IAAc;4BACxB,EAAE,EAAE,GAAG,CAAC,EAAyC;yBAClD;wBACH,CAAC,CAAC,SAAS;oBACb,UAAU;oBACV,UAAU;oBACV,KAAK,EAAE,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;iBACrD,CAAC;YACJ,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACrE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,EAAE,CAAC;YACnE,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@ixo/ucan",
3
3
  "description": "UCAN authorization for any service - built on ucanto",
4
- "version": "1.1.0",
4
+ "version": "1.2.0",
5
5
  "private": false,
6
6
  "publishConfig": {
7
7
  "access": "public"
@@ -11,28 +11,39 @@
11
11
  "types": "./dist/index.d.ts",
12
12
  "exports": {
13
13
  ".": {
14
+ "types": "./dist/index.d.ts",
14
15
  "import": "./dist/index.js",
15
- "types": "./dist/index.d.ts"
16
+ "default": "./dist/index.js"
16
17
  },
17
18
  "./validator": {
19
+ "types": "./dist/validator/validator.d.ts",
18
20
  "import": "./dist/validator/validator.js",
19
- "types": "./dist/validator/validator.d.ts"
21
+ "default": "./dist/validator/validator.js"
20
22
  },
21
23
  "./client": {
24
+ "types": "./dist/client/create-client.d.ts",
22
25
  "import": "./dist/client/create-client.js",
23
- "types": "./dist/client/create-client.d.ts"
26
+ "default": "./dist/client/create-client.js"
24
27
  },
25
28
  "./capabilities": {
29
+ "types": "./dist/capabilities/capability.d.ts",
26
30
  "import": "./dist/capabilities/capability.js",
27
- "types": "./dist/capabilities/capability.d.ts"
31
+ "default": "./dist/capabilities/capability.js"
28
32
  },
29
33
  "./did": {
34
+ "types": "./dist/did/ixo-resolver.d.ts",
30
35
  "import": "./dist/did/ixo-resolver.js",
31
- "types": "./dist/did/ixo-resolver.d.ts"
36
+ "default": "./dist/did/ixo-resolver.js"
37
+ },
38
+ "./did/web": {
39
+ "types": "./dist/did/web-resolver.d.ts",
40
+ "import": "./dist/did/web-resolver.js",
41
+ "default": "./dist/did/web-resolver.js"
32
42
  },
33
43
  "./store": {
44
+ "types": "./dist/store/memory.d.ts",
34
45
  "import": "./dist/store/memory.js",
35
- "types": "./dist/store/memory.d.ts"
46
+ "default": "./dist/store/memory.js"
36
47
  }
37
48
  },
38
49
  "devDependencies": {
package/src/client/create-client.ts CHANGED
@@ -14,6 +14,7 @@ import type {
14
14
  Delegation,
15
15
  Capability,
16
16
  Principal,
17
+ Fact,
17
18
  } from '@ucanto/interface';
18
19
  import type { SupportedDID } from '../types.js';
19
20
 
@@ -199,6 +200,8 @@ export async function createDelegation(options: {
199
200
  notBefore?: number;
200
201
  /** Parent delegations (proof chain) */
201
202
  proofs?: Delegation[];
203
+ /** Verifiable facts and proofs of knowledge (UCAN spec §3.2.4) */
204
+ facts?: Fact[];
202
205
  }): Promise<Delegation> {
203
206
  // Create principal from any DID (did:key, did:ixo, did:web, etc.)
204
207
  const audiencePrincipal = createPrincipal(options.audience);
@@ -211,6 +214,7 @@ export async function createDelegation(options: {
211
214
  expiration: options.expiration ?? Infinity,
212
215
  proofs: options.proofs,
213
216
  notBefore: options.notBefore,
217
+ facts: options.facts,
214
218
  });
215
219
  }
216
220
 
@@ -252,6 +256,8 @@ export async function createInvocation(options: {
252
256
  proofs?: Delegation[];
253
257
  /** Expiration timestamp (Unix seconds). Defaults to Infinity (never expires). */
254
258
  expiration?: number;
259
+ /** Verifiable facts and proofs of knowledge (UCAN spec §3.2.4) */
260
+ facts?: Fact[];
255
261
  }) {
256
262
  // Create principal from any DID (did:key, did:ixo, did:web, etc.)
257
263
  const audiencePrincipal = createPrincipal(options.audience);
@@ -262,6 +268,7 @@ export async function createInvocation(options: {
262
268
  capability: options.capability,
263
269
  proofs: options.proofs ?? [],
264
270
  expiration: options.expiration ?? Infinity,
271
+ facts: options.facts,
265
272
  });
266
273
  }
267
274
 
@@ -344,4 +351,4 @@ export async function parseDelegation(serialized: string): Promise<Delegation> {
344
351
  }
345
352
 
346
353
  // Re-export useful types
347
- export type { Signer, Delegation, Capability };
354
+ export type { Signer, Delegation, Capability, Fact };
package/src/did/web-resolver.ts ADDED
@@ -0,0 +1,140 @@
1
+ /**
2
+ * @fileoverview did:web resolver for UCAN validation
3
+ *
4
+ * Resolves did:web identifiers by fetching the DID document from
5
+ * the well-known endpoint as defined in the did:web specification.
6
+ *
7
+ * @see https://w3c-ccg.github.io/did-method-web/
8
+ */
9
+
10
+ import type { DID } from '@ucanto/interface';
11
+ import type { DIDKeyResolver, KeyDID } from '../types.js';
12
+
13
+ export interface WebDIDResolverConfig {
14
+ fetch?: typeof globalThis.fetch;
15
+ /** If true, retry with http:// when https:// fetch fails. Default: false. */
16
+ fallbackToHttp?: boolean;
17
+ }
18
+
19
+ interface VerificationMethod {
20
+ id: string;
21
+ type: string;
22
+ publicKeyMultibase?: string;
23
+ }
24
+
25
+ /**
26
+ * Creates a DID resolver for did:web identifiers
27
+ *
28
+ * Fetches the DID document from `https://{domain}/.well-known/did.json`
29
+ * (or `https://{domain}/{path}/did.json` for path-based did:web DIDs)
30
+ * and extracts Ed25519 verification methods as did:key identifiers.
31
+ *
32
+ * @example
33
+ * ```typescript
34
+ * const resolver = createWebDIDResolver();
35
+ * const result = await resolver('did:web:sandbox.ixo.world');
36
+ * if ('ok' in result) {
37
+ * console.log('Keys:', result.ok); // ['did:key:z6Mk...']
38
+ * }
39
+ * ```
40
+ */
41
+ export function createWebDIDResolver(
42
+ config?: WebDIDResolverConfig,
43
+ ): DIDKeyResolver {
44
+ const fetchFn = config?.fetch ?? globalThis.fetch;
45
+
46
+ return async (
47
+ did: DID,
48
+ ): Promise<
49
+ { ok: KeyDID[] } | { error: { name: string; did: string; message: string } }
50
+ > => {
51
+ if (!did.startsWith('did:web:')) {
52
+ return {
53
+ error: {
54
+ name: 'DIDKeyResolutionError',
55
+ did,
56
+ message: `Cannot resolve ${did}: not a did:web identifier`,
57
+ },
58
+ };
59
+ }
60
+
61
+ try {
62
+ // did:web:example.com → https://example.com/.well-known/did.json
63
+ // did:web:example.com:path:to → https://example.com/path/to/did.json
64
+ const parts = did.slice('did:web:'.length).split(':');
65
+ const domain = decodeURIComponent(parts[0]!);
66
+ const pathSegments = parts.slice(1).map(decodeURIComponent);
67
+
68
+ const path =
69
+ pathSegments.length > 0
70
+ ? `/${pathSegments.join('/')}/did.json`
71
+ : '/.well-known/did.json';
72
+
73
+ const httpsUrl = `https://${domain}${path}`;
74
+
75
+ let response: Response | null = null;
76
+ let fetchUrl = httpsUrl;
77
+
78
+ try {
79
+ response = await fetchFn(httpsUrl);
80
+ } catch (httpsError) {
81
+ if (config?.fallbackToHttp) {
82
+ fetchUrl = `http://${domain}${path}`;
83
+ response = await fetchFn(fetchUrl);
84
+ } else {
85
+ throw httpsError;
86
+ }
87
+ }
88
+
89
+ if (!response.ok && config?.fallbackToHttp && fetchUrl === httpsUrl) {
90
+ // HTTPS returned a non-ok status, try HTTP
91
+ fetchUrl = `http://${domain}${path}`;
92
+ response = await fetchFn(fetchUrl);
93
+ }
94
+
95
+ if (!response.ok) {
96
+ return {
97
+ error: {
98
+ name: 'DIDKeyResolutionError',
99
+ did,
100
+ message: `Failed to fetch DID document from ${fetchUrl}: HTTP ${response.status}`,
101
+ },
102
+ };
103
+ }
104
+
105
+ const doc = (await response.json()) as {
106
+ verificationMethod?: VerificationMethod[];
107
+ };
108
+
109
+ const keys: KeyDID[] = [];
110
+ for (const vm of doc.verificationMethod ?? []) {
111
+ if (
112
+ vm.type.includes('Ed25519') &&
113
+ vm.publicKeyMultibase?.startsWith('z')
114
+ ) {
115
+ keys.push(`did:key:${vm.publicKeyMultibase}`);
116
+ }
117
+ }
118
+
119
+ if (keys.length === 0) {
120
+ return {
121
+ error: {
122
+ name: 'DIDKeyResolutionError',
123
+ did,
124
+ message: `No valid Ed25519 verification methods found in DID document for ${did}`,
125
+ },
126
+ };
127
+ }
128
+
129
+ return { ok: keys };
130
+ } catch (error) {
131
+ return {
132
+ error: {
133
+ name: 'DIDKeyResolutionError',
134
+ did,
135
+ message: `Failed to resolve ${did}: ${error instanceof Error ? error.message : 'Unknown error'}`,
136
+ },
137
+ };
138
+ }
139
+ };
140
+ }
package/src/index.ts CHANGED
@@ -107,6 +107,7 @@ export {
107
107
  type Signer,
108
108
  type Delegation,
109
109
  type Capability,
110
+ type Fact,
110
111
  } from './client/create-client.js';
111
112
 
112
113
  // =============================================================================
@@ -119,6 +120,11 @@ export {
119
120
  type IxoDIDResolverConfig,
120
121
  } from './did/ixo-resolver.js';
121
122
 
123
+ export {
124
+ createWebDIDResolver,
125
+ type WebDIDResolverConfig,
126
+ } from './did/web-resolver.js';
127
+
122
128
  // =============================================================================
123
129
  // Store (for replay protection)
124
130
  // =============================================================================