npm - @janssenproject/cedarling_wasm - Versions diffs - 1.15.0-nodejs → 2.0.0-nodejs - Mend

@janssenproject/cedarling_wasm 1.15.0-nodejs → 2.0.0-nodejs

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/cedarling_wasm.d.ts CHANGED Viewed

@@ -1,186 +1,503 @@
 /* tslint:disable */
 /* eslint-disable */
+/**
+ * The `ReadableStreamType` enum.
+ *
+ * *This API requires the following crate features to be activated: `ReadableStreamType`*
+ */
+type ReadableStreamType = "bytes";
+/**
+ * A WASM wrapper for the Rust `cedarling::AuthorizeResult` struct.
+ * Represents the result of an authorization request.
+ */
 export class AuthorizeResult {
-  private constructor();
-  free(): void;
-  [Symbol.dispose](): void;
-  /**
-   * Convert `AuthorizeResult` to json string value
-   */
-  json_string(): string;
-  principal(principal: string): AuthorizeResultResponse | undefined;
-  /**
-   * Result of authorization where principal is `Jans::Workload`
-   */
-  get workload(): AuthorizeResultResponse | undefined;
-  /**
-   * Result of authorization where principal is `Jans::Workload`
-   */
-  set workload(value: AuthorizeResultResponse | null | undefined);
-  /**
-   * Result of authorization where principal is `Jans::User`
-   */
-  get person(): AuthorizeResultResponse | undefined;
-  /**
-   * Result of authorization where principal is `Jans::User`
-   */
-  set person(value: AuthorizeResultResponse | null | undefined);
-  /**
-   * Result of authorization
-   * true means `ALLOW`
-   * false means `Deny`
-   *
-   * this field is [`bool`] type to be compatible with [authzen Access Evaluation Decision](https://openid.github.io/authzen/#section-6.2.1).
-   */
-  decision: boolean;
-  /**
-   * Request ID of the authorization request
-   */
-  request_id: string;
+    private constructor();
+    free(): void;
+    [Symbol.dispose](): void;
+    /**
+     * Convert `AuthorizeResult` to json string value
+     */
+    json_string(): string;
+    /**
+     * Result of authorization
+     * true means `ALLOW`
+     * false means `Deny`
+     *
+     * this field is [`bool`] type to be compatible with [authzen Access Evaluation Decision](https://openid.github.io/authzen/#section-6.2.1).
+     */
+    decision: boolean;
+    /**
+     * Request ID of the authorization request
+     */
+    request_id: string;
+    /**
+     * Cedar authorization response for the request.
+     */
+    response: AuthorizeResultResponse;
 }
+/**
+ * A WASM wrapper for the Rust `cedar_policy::Response` struct.
+ * Represents the result of an authorization request.
+ */
 export class AuthorizeResultResponse {
-  private constructor();
-  free(): void;
-  [Symbol.dispose](): void;
-  /**
-   * Authorization decision
-   */
-  readonly decision: boolean;
-  /**
-   * Diagnostics providing more information on how this decision was reached
-   */
-  readonly diagnostics: Diagnostics;
+    private constructor();
+    free(): void;
+    [Symbol.dispose](): void;
+    /**
+     * Authorization decision
+     */
+    readonly decision: boolean;
+    /**
+     * Diagnostics providing more information on how this decision was reached
+     */
+    readonly diagnostics: Diagnostics;
 }
+/**
+ * The instance of the Cedarling application.
+ */
 export class Cedarling {
-  private constructor();
-  free(): void;
-  [Symbol.dispose](): void;
-  /**
-   * Create a new instance of the Cedarling application.
-   * Assume that config is `Object`
-   */
-  static new(config: object): Promise<Cedarling>;
-  /**
-   * Create a new instance of the Cedarling application.
-   * Assume that config is `Map`
-   */
-  static new_from_map(config: Map<any, any>): Promise<Cedarling>;
-  /**
-   * Authorize request
-   * makes authorization decision based on the [`Request`]
-   */
-  authorize(request: any): Promise<AuthorizeResult>;
-  /**
-   * Authorize request for unsigned principals.
-   * makes authorization decision based on the [`RequestUnsigned`]
-   */
-  authorize_unsigned(request: any): Promise<AuthorizeResult>;
-  /**
-   * Authorize multi-issuer request.
-   * Makes authorization decision based on multiple JWT tokens from different issuers
-   */
-  authorize_multi_issuer(request: any): Promise<MultiIssuerAuthorizeResult>;
-  /**
-   * Get logs and remove them from the storage.
-   * Returns `Array` of `Map`
-   */
-  pop_logs(): Array<any>;
-  /**
-   * Get specific log entry.
-   * Returns `Map` with values or `null`.
-   */
-  get_log_by_id(id: string): any;
-  /**
-   * Returns a list of all log ids.
-   * Returns `Array` of `String`
-   */
-  get_log_ids(): Array<any>;
-  /**
-   * Get logs by tag, like `log_kind` or `log level`.
-   * Tag can be `log_kind`, `log_level`.
-   */
-  get_logs_by_tag(tag: string): any[];
-  /**
-   * Get logs by request_id.
-   * Return log entries that match the given request_id.
-   */
-  get_logs_by_request_id(request_id: string): any[];
-  /**
-   * Get log by request_id and tag, like composite key `request_id` + `log_kind`.
-   * Tag can be `log_kind`, `log_level`.
-   * Return log entries that match the given request_id and tag.
-   */
-  get_logs_by_request_id_and_tag(request_id: string, tag: string): any[];
-  /**
-   * Closes the connections to the Lock Server and pushes all available logs.
-   */
-  shut_down(): Promise<void>;
+    private constructor();
+    free(): void;
+    [Symbol.dispose](): void;
+    /**
+     * Authorize multi-issuer request.
+     * Makes authorization decision based on multiple JWT tokens from different issuers
+     */
+    authorize_multi_issuer(request: any): Promise<MultiIssuerAuthorizeResult>;
+    /**
+     * Authorize an unsigned request carrying an optional single principal.
+     * Makes an authorization decision based on the [`RequestUnsigned`].
+     *
+     * When `principal` is omitted / `null` on the JS side the core uses Cedar
+     * partial evaluation; residual-dependent requests fail closed with
+     * `Decision::Deny` and surface residual policy ids in
+     * `response.diagnostics.reason`.
+     */
+    authorize_unsigned(request: any): Promise<AuthorizeResult>;
+    /**
+     * Clear all entries from the data store.
+     *
+     * # Example
+     *
+     * ```javascript
+     * cedarling.clear_data_ctx();
+     * console.log("All data entries cleared");
+     * ```
+     */
+    clear_data_ctx(): void;
+    /**
+     * Get trusted issuer identifiers that failed to load.
+     *
+     * # Example
+     *
+     * ```javascript
+     * const ids = cedarling.failed_trusted_issuer_ids();
+     * ```
+     */
+    failed_trusted_issuer_ids(): Array<any>;
+    /**
+     * Get a value from the data store by key.
+     * Returns null if the key doesn't exist or the entry has expired.
+     *
+     * # Arguments
+     *
+     * * `key` - A string key for the data entry to retrieve
+     *
+     * # Example
+     *
+     * ```javascript
+     * const value = cedarling.get_data_ctx("user:123");
+     * if (value !== null) {
+     *     console.log(value.name); // "John"
+     * }
+     * ```
+     */
+    get_data_ctx(key: string): any;
+    /**
+     * Get a data entry with full metadata by key.
+     * Returns null if the key doesn't exist or the entry has expired.
+     *
+     * # Arguments
+     *
+     * * `key` - A string key for the data entry to retrieve
+     *
+     * # Example
+     *
+     * ```javascript
+     * const entry = cedarling.get_data_entry_ctx("user:123");
+     * if (entry !== null) {
+     *     console.log(entry.key); // "user:123"
+     *     console.log(entry.value); // { name: "John", age: 30 }
+     *     console.log(entry.data_type); // "Record"
+     *     console.log(entry.created_at); // "2024-01-01T12:00:00Z"
+     *     console.log(entry.access_count); // 5
+     * }
+     * ```
+     */
+    get_data_entry_ctx(key: string): DataEntry | undefined;
+    /**
+     * Get specific log entry.
+     * Returns `Map` with values or `null`.
+     */
+    get_log_by_id(id: string): any;
+    /**
+     * Returns a list of all log ids.
+     * Returns `Array` of `String`
+     */
+    get_log_ids(): Array<any>;
+    /**
+     * Get logs by request_id.
+     * Return log entries that match the given request_id.
+     */
+    get_logs_by_request_id(request_id: string): any[];
+    /**
+     * Get log by request_id and tag, like composite key `request_id` + `log_kind`.
+     * Tag can be `log_kind`, `log_level`.
+     * Return log entries that match the given request_id and tag.
+     */
+    get_logs_by_request_id_and_tag(request_id: string, tag: string): any[];
+    /**
+     * Get logs by tag, like `log_kind` or `log level`.
+     * Tag can be `log_kind`, `log_level`.
+     */
+    get_logs_by_tag(tag: string): any[];
+    /**
+     * Get statistics about the data store.
+     *
+     * # Example
+     *
+     * ```javascript
+     * const stats = cedarling.get_stats_ctx();
+     * console.log(`Entries: ${stats.entry_count}/${stats.max_entries || 'unlimited'}`);
+     * console.log(`Capacity: ${stats.capacity_usage_percent.toFixed(2)}%`);
+     * console.log(`Total size: ${stats.total_size_bytes} bytes`);
+     * ```
+     */
+    get_stats_ctx(): DataStoreStats;
+    /**
+     * Check whether a trusted issuer was loaded by `iss` claim.
+     *
+     * # Arguments
+     *
+     * * `iss_claim` - Issuer `iss` claim value to check.
+     *
+     * # Example
+     *
+     * ```javascript
+     * const ok = cedarling.is_trusted_issuer_loaded_by_iss("https://issuer.example.org");
+     * ```
+     */
+    is_trusted_issuer_loaded_by_iss(iss_claim: string): boolean;
+    /**
+     * Check whether a trusted issuer was loaded by issuer identifier.
+     *
+     * # Arguments
+     *
+     * * `issuer_id` - Trusted issuer identifier to check.
+     *
+     * # Example
+     *
+     * ```javascript
+     * const ok = cedarling.is_trusted_issuer_loaded_by_name("issuer_id");
+     * ```
+     */
+    is_trusted_issuer_loaded_by_name(issuer_id: string): boolean;
+    /**
+     * List all entries with their metadata.
+     * Returns an array of DataEntry objects.
+     *
+     * # Example
+     *
+     * ```javascript
+     * const entries = cedarling.list_data_ctx();
+     * entries.forEach(entry => {
+     *     console.log(`${entry.key}: ${entry.data_type} (accessed ${entry.access_count} times)`);
+     * });
+     * ```
+     */
+    list_data_ctx(): Array<any>;
+    /**
+     * Get trusted issuer identifiers loaded successfully.
+     *
+     * # Example
+     *
+     * ```javascript
+     * const ids = cedarling.loaded_trusted_issuer_ids();
+     * ```
+     */
+    loaded_trusted_issuer_ids(): Array<any>;
+    /**
+     * Get the number of trusted issuers loaded successfully.
+     *
+     * # Example
+     *
+     * ```javascript
+     * const loadedCount = cedarling.loaded_trusted_issuers_count();
+     * ```
+     */
+    loaded_trusted_issuers_count(): number;
+    /**
+     * Create a new instance of the Cedarling application.
+     * Assume that config is `Object`
+     */
+    static new(config: object): Promise<Cedarling>;
+    /**
+     * Create a new instance of the Cedarling application.
+     * Assume that config is `Map`
+     */
+    static new_from_map(config: Map<any, any>): Promise<Cedarling>;
+    /**
+     * Get logs and remove them from the storage.
+     * Returns `Array` of `Map`
+     */
+    pop_logs(): Array<any>;
+    /**
+     * Push a value into the data store with an optional TTL.
+     * If the key already exists, the value will be replaced.
+     * If TTL is not provided, the default TTL from configuration is used.
+     *
+     * # Arguments
+     *
+     * * `key` - A string key for the data entry (must not be empty)
+     * * `value` - The value to store (any JSON-serializable JavaScript value: object, array, string, number, boolean)
+     * * `ttl_secs` - Optional TTL in seconds (undefined/null uses default from config)
+     *
+     * # Example
+     *
+     * ```javascript
+     * cedarling.push_data_ctx("user:123", { name: "John", age: 30 }, 3600);
+     * cedarling.push_data_ctx("config", { setting: "value" }); // Uses default TTL
+     * ```
+     */
+    push_data_ctx(key: string, value: any, ttl_secs?: bigint | null): void;
+    /**
+     * Remove a value from the data store by key.
+     * Returns true if the key existed and was removed, false otherwise.
+     *
+     * # Arguments
+     *
+     * * `key` - A string key for the data entry to remove
+     *
+     * # Example
+     *
+     * ```javascript
+     * const removed = cedarling.remove_data_ctx("user:123");
+     * if (removed) {
+     *     console.log("Entry was successfully removed");
+     * }
+     * ```
+     */
+    remove_data_ctx(key: string): boolean;
+    /**
+     * Closes the connections to the Lock Server and pushes all available logs.
+     */
+    shut_down(): Promise<void>;
+    /**
+     * Get the total number of trusted issuer entries discovered.
+     *
+     * # Example
+     *
+     * ```javascript
+     * const total = cedarling.total_issuers();
+     * ```
+     */
+    total_issuers(): number;
+}
+/**
+ * A WASM wrapper for the Rust `cedarling::DataEntry` struct.
+ * Represents a data entry in the DataStore with value and metadata.
+ */
+export class DataEntry {
+    private constructor();
+    free(): void;
+    [Symbol.dispose](): void;
+    /**
+     * Convert `DataEntry` to json string value
+     */
+    json_string(): string;
+    /**
+     * Get the value stored in this entry as a JavaScript object
+     */
+    value(): any;
+    /**
+     * Number of times this entry has been accessed
+     */
+    access_count: bigint;
+    /**
+     * Timestamp when this entry was created (RFC 3339 format)
+     */
+    created_at: string;
+    /**
+     * The inferred Cedar type of the value
+     */
+    data_type: string;
+    /**
+     * Timestamp when this entry expires (RFC 3339 format), or null if no TTL
+     */
+    get expires_at(): string | undefined;
+    /**
+     * Timestamp when this entry expires (RFC 3339 format), or null if no TTL
+     */
+    set expires_at(value: string | null | undefined);
+    /**
+     * The key for this entry
+     */
+    key: string;
+}
+/**
+ * A WASM wrapper for the Rust `cedarling::DataStoreStats` struct.
+ * Statistics about the DataStore.
+ */
+export class DataStoreStats {
+    private constructor();
+    free(): void;
+    [Symbol.dispose](): void;
+    /**
+     * Convert `DataStoreStats` to json string value
+     */
+    json_string(): string;
+    /**
+     * Average size per entry in bytes (0 if no entries)
+     */
+    avg_entry_size_bytes: number;
+    /**
+     * Percentage of capacity used (0.0-100.0, based on entry count)
+     */
+    capacity_usage_percent: number;
+    /**
+     * Number of entries currently stored
+     */
+    entry_count: number;
+    /**
+     * Maximum number of entries allowed (0 = unlimited)
+     */
+    max_entries: number;
+    /**
+     * Maximum size per entry in bytes (0 = unlimited)
+     */
+    max_entry_size: number;
+    /**
+     * Memory usage threshold percentage (from config)
+     */
+    memory_alert_threshold: number;
+    /**
+     * Whether memory usage exceeds the alert threshold
+     */
+    memory_alert_triggered: boolean;
+    /**
+     * Whether metrics tracking is enabled
+     */
+    metrics_enabled: boolean;
+    /**
+     * Total size of all entries in bytes (approximate, based on JSON serialization)
+     */
+    total_size_bytes: number;
 }
+/**
+ * Diagnostics
+ * ===========
+ *
+ * Provides detailed information about how a policy decision was made, including policies that contributed to the decision and any errors encountered during evaluation.
+ */
 export class Diagnostics {
-  private constructor();
-  free(): void;
-  [Symbol.dispose](): void;
-  /**
-   * `PolicyId`s of the policies that contributed to the decision.
-   * If no policies applied to the request, this set will be empty.
-   *
-   * The ids should be treated as unordered,
-   */
-  readonly reason: string[];
-  /**
-   * Errors that occurred during authorization. The errors should be
-   * treated as unordered, since policies may be evaluated in any order.
-   */
-  readonly errors: PolicyEvaluationError[];
+    private constructor();
+    free(): void;
+    [Symbol.dispose](): void;
+    /**
+     * Errors that occurred during authorization. The errors should be
+     * treated as unordered, since policies may be evaluated in any order.
+     */
+    readonly errors: PolicyEvaluationError[];
+    /**
+     * `PolicyId`s of the policies that contributed to the decision.
+     * If no policies applied to the request, this set will be empty.
+     *
+     * The ids should be treated as unordered,
+     */
+    readonly reason: string[];
+}
+export class IntoUnderlyingByteSource {
+    private constructor();
+    free(): void;
+    [Symbol.dispose](): void;
+    cancel(): void;
+    pull(controller: ReadableByteStreamController): Promise<any>;
+    start(controller: ReadableByteStreamController): void;
+    readonly autoAllocateChunkSize: number;
+    readonly type: ReadableStreamType;
+}
+export class IntoUnderlyingSink {
+    private constructor();
+    free(): void;
+    [Symbol.dispose](): void;
+    abort(reason: any): Promise<any>;
+    close(): Promise<any>;
+    write(chunk: any): Promise<any>;
 }
-export class JsJsonLogic {
-  free(): void;
-  [Symbol.dispose](): void;
-  constructor();
-  apply(logic: any, data: any): any;
+export class IntoUnderlyingSource {
+    private constructor();
+    free(): void;
+    [Symbol.dispose](): void;
+    cancel(): void;
+    pull(controller: ReadableStreamDefaultController): Promise<any>;
 }
+/**
+ * A WASM wrapper for the Rust `cedarling::MultiIssuerAuthorizeResult` struct.
+ * Represents the result of a multi-issuer authorization request.
+ */
 export class MultiIssuerAuthorizeResult {
-  private constructor();
-  free(): void;
-  [Symbol.dispose](): void;
-  /**
-   * Convert `MultiIssuerAuthorizeResult` to json string value
-   */
-  json_string(): string;
-  /**
-   * Result of Cedar policy authorization
-   */
-  response: AuthorizeResultResponse;
-  /**
-   * Result of authorization
-   * true means `ALLOW`
-   * false means `Deny`
-   */
-  decision: boolean;
-  /**
-   * Request ID of the authorization request
-   */
-  request_id: string;
+    private constructor();
+    free(): void;
+    [Symbol.dispose](): void;
+    /**
+     * Convert `MultiIssuerAuthorizeResult` to json string value
+     */
+    json_string(): string;
+    /**
+     * Result of authorization
+     * true means `ALLOW`
+     * false means `Deny`
+     */
+    decision: boolean;
+    /**
+     * Request ID of the authorization request
+     */
+    request_id: string;
+    /**
+     * Result of Cedar policy authorization
+     */
+    response: AuthorizeResultResponse;
 }
+/**
+ * PolicyEvaluationError
+ * =====================
+ *
+ * Represents an error that occurred when evaluating a Cedar policy.
+ */
 export class PolicyEvaluationError {
-  private constructor();
-  free(): void;
-  [Symbol.dispose](): void;
-  /**
-   * Id of the policy with an error
-   */
-  readonly id: string;
-  /**
-   * Underlying evaluation error string representation
-   */
-  readonly error: string;
+    private constructor();
+    free(): void;
+    [Symbol.dispose](): void;
+    /**
+     * Underlying evaluation error string representation
+     */
+    readonly error: string;
+    /**
+     * Id of the policy with an error
+     */
+    readonly id: string;
 }
 /**
@@ -188,3 +505,22 @@ export class PolicyEvaluationError {
  * This function can take as config parameter the eather `Map` other `Object`
  */
 export function init(config: any): Promise<Cedarling>;
+/**
+ * Create a new instance of the Cedarling application from archive bytes.
+ *
+ * This function allows loading a policy store from a Cedar Archive (.cjar)
+ * that was fetched with custom logic (e.g., with authentication headers).
+ *
+ * # Arguments
+ * * `config` - Bootstrap configuration (Map or Object). Policy store config is ignored.
+ * * `archive_bytes` - The .cjar archive bytes (Uint8Array)
+ *
+ * # Example
+ * ```javascript
+ * const response = await fetch(url, { headers: { Authorization: 'Bearer ...' } });
+ * const bytes = new Uint8Array(await response.arrayBuffer());
+ * const cedarling = await init_from_archive_bytes(config, bytes);
+ * ```
+ */
+export function init_from_archive_bytes(config: any, archive_bytes: Uint8Array): Promise<Cedarling>;