@janssenproject/cedarling_wasm 1.8.0-nodejs → 1.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/README.md +43 -12
  2. package/cedarling_wasm.d.ts +77 -0
  3. package/cedarling_wasm.js +616 -647
  4. package/cedarling_wasm_bg.wasm +0 -0
  5. package/package.json +6 -2
package/README.md CHANGED
@@ -37,7 +37,7 @@ To run example using `index.html` you need execute following steps:
37
37
  1. Build wasm cedarling.
38
38
  2. Run webserver using `python3 -m http.server` or any other.
39
39
  3. Visit example app [localhost](http://localhost:8000/), on this app you will get log in browser console.
40
- - Also you can try use cedarling with web app using [cedarling_app](http://localhost:8000/cedarling_app.html), using custom bootstrap properties and request.
40
+ - Also you can try use cedarling with web app using [cedarling_app](http://localhost:8000/cedarling_app.html), using custom bootstrap properties and request.
41
41
 
42
42
  ## WASM Usage
43
43
 
@@ -46,17 +46,17 @@ After building WASM bindings in folder `pkg` you can find where you can find `ce
46
46
  In `index.html` described simple usage of `cedarling wasm` API:
47
47
 
48
48
  ```js
49
- import { BOOTSTRAP_CONFIG, REQUEST } from "/example_data.js" // Import js objects: bootstrap config and request
50
- import initWasm, { init } from "/pkg/cedarling_wasm.js";
49
+ import { BOOTSTRAP_CONFIG, REQUEST } from "/example_data.js"; // Import js objects: bootstrap config and request
50
+ import initWasm, { init } from "/pkg/cedarling_wasm.js";
51
51
 
52
- async function main() {
53
- await initWasm(); // Initialize the WebAssembly module
52
+ async function main() {
53
+ await initWasm(); // Initialize the WebAssembly module
54
54
 
55
- let instance = await init(BOOTSTRAP_CONFIG);
56
- let result = await instance.authorize(REQUEST);
57
- console.log("result:", result);
58
- }
59
- main().catch(console.error);
55
+ let instance = await init(BOOTSTRAP_CONFIG);
56
+ let result = await instance.authorize(REQUEST);
57
+ console.log("result:", result);
58
+ }
59
+ main().catch(console.error);
60
60
  ```
61
61
 
62
62
  Before using any function from library you need initialize WASM runtime by calling `initWasm` function.
@@ -181,12 +181,12 @@ export class Diagnostics {
181
181
  *
182
182
  * The ids should be treated as unordered,
183
183
  */
184
- readonly reason: (string)[];
184
+ readonly reason: string[];
185
185
  /**
186
186
  * Errors that occurred during authorization. The errors should be
187
187
  * treated as unordered, since policies may be evaluated in any order.
188
188
  */
189
- readonly errors: (PolicyEvaluationError)[];
189
+ readonly errors: PolicyEvaluationError[];
190
190
  }
191
191
 
192
192
  /**
@@ -206,3 +206,34 @@ export class PolicyEvaluationError {
206
206
  readonly error: string;
207
207
  }
208
208
  ```
209
+
210
+ ## Configuration
211
+
212
+ ### ID Token Trust Mode
213
+
214
+ The `CEDARLING_ID_TOKEN_TRUST_MODE` property controls how ID tokens are validated:
215
+
216
+ - **`strict`** (default): Enforces strict validation rules
217
+ - ID token `aud` must match access token `client_id`
218
+ - If userinfo token is present, its `sub` must match the ID token `sub`
219
+ - **`never`**: Disables ID token validation (useful for testing)
220
+ - **`always`**: Always validates ID tokens when present
221
+ - **`ifpresent`**: Validates ID tokens only if they are provided
222
+
223
+ ### Testing Configuration
224
+
225
+ For testing scenarios, you may want to disable JWT validation. You can configure this in your bootstrap configuration:
226
+
227
+ ```javascript
228
+ const BOOTSTRAP_CONFIG = {
229
+ CEDARLING_JWT_SIG_VALIDATION: "disabled",
230
+ CEDARLING_JWT_STATUS_VALIDATION: "disabled",
231
+ CEDARLING_ID_TOKEN_TRUST_MODE: "never",
232
+ };
233
+ ```
234
+
235
+ For complete configuration documentation, see [cedarling-properties.md](../../../docs/cedarling/cedarling-properties.md).
236
+
237
+ ```
238
+
239
+ ```
package/cedarling_wasm.d.ts CHANGED
@@ -169,3 +169,80 @@ export class PolicyEvaluationError {
169
169
  */
170
170
  readonly error: string;
171
171
  }
172
+
173
+ export type InitInput = RequestInfo | URL | Response | BufferSource | WebAssembly.Module;
174
+
175
+ export interface InitOutput {
176
+ readonly memory: WebAssembly.Memory;
177
+ readonly __wbg_cedarling_free: (a: number, b: number) => void;
178
+ readonly init: (a: any) => any;
179
+ readonly cedarling_new: (a: any) => any;
180
+ readonly cedarling_new_from_map: (a: any) => any;
181
+ readonly cedarling_authorize: (a: number, b: any) => any;
182
+ readonly cedarling_authorize_unsigned: (a: number, b: any) => any;
183
+ readonly cedarling_pop_logs: (a: number) => [number, number, number];
184
+ readonly cedarling_get_log_by_id: (a: number, b: number, c: number) => [number, number, number];
185
+ readonly cedarling_get_log_ids: (a: number) => any;
186
+ readonly cedarling_get_logs_by_tag: (a: number, b: number, c: number) => [number, number, number, number];
187
+ readonly cedarling_get_logs_by_request_id: (a: number, b: number, c: number) => [number, number, number, number];
188
+ readonly cedarling_get_logs_by_request_id_and_tag: (a: number, b: number, c: number, d: number, e: number) => [number, number, number, number];
189
+ readonly cedarling_shut_down: (a: number) => any;
190
+ readonly __wbg_authorizeresult_free: (a: number, b: number) => void;
191
+ readonly __wbg_get_authorizeresult_workload: (a: number) => number;
192
+ readonly __wbg_set_authorizeresult_workload: (a: number, b: number) => void;
193
+ readonly __wbg_get_authorizeresult_person: (a: number) => number;
194
+ readonly __wbg_set_authorizeresult_person: (a: number, b: number) => void;
195
+ readonly __wbg_get_authorizeresult_decision: (a: number) => number;
196
+ readonly __wbg_set_authorizeresult_decision: (a: number, b: number) => void;
197
+ readonly __wbg_get_authorizeresult_request_id: (a: number) => [number, number];
198
+ readonly __wbg_set_authorizeresult_request_id: (a: number, b: number, c: number) => void;
199
+ readonly authorizeresult_json_string: (a: number) => [number, number];
200
+ readonly authorizeresult_principal: (a: number, b: number, c: number) => number;
201
+ readonly __wbg_authorizeresultresponse_free: (a: number, b: number) => void;
202
+ readonly authorizeresultresponse_decision: (a: number) => number;
203
+ readonly authorizeresultresponse_diagnostics: (a: number) => number;
204
+ readonly __wbg_diagnostics_free: (a: number, b: number) => void;
205
+ readonly diagnostics_reason: (a: number) => [number, number];
206
+ readonly diagnostics_errors: (a: number) => [number, number];
207
+ readonly __wbg_policyevaluationerror_free: (a: number, b: number) => void;
208
+ readonly policyevaluationerror_id: (a: number) => [number, number];
209
+ readonly policyevaluationerror_error: (a: number) => [number, number];
210
+ readonly __wbg_jsjsonlogic_free: (a: number, b: number) => void;
211
+ readonly jsjsonlogic_new: () => number;
212
+ readonly jsjsonlogic_apply: (a: number, b: any, c: any) => [number, number, number];
213
+ readonly ring_core_0_17_14__bn_mul_mont: (a: number, b: number, c: number, d: number, e: number, f: number) => void;
214
+ readonly __wbindgen_malloc: (a: number, b: number) => number;
215
+ readonly __wbindgen_realloc: (a: number, b: number, c: number, d: number) => number;
216
+ readonly __wbindgen_exn_store: (a: number) => void;
217
+ readonly __externref_table_alloc: () => number;
218
+ readonly __wbindgen_export_4: WebAssembly.Table;
219
+ readonly __wbindgen_export_5: WebAssembly.Table;
220
+ readonly __externref_table_dealloc: (a: number) => void;
221
+ readonly __externref_drop_slice: (a: number, b: number) => void;
222
+ readonly __wbindgen_free: (a: number, b: number, c: number) => void;
223
+ readonly _dyn_core__ops__function__FnMut_____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__h8e11c17984e20636: (a: number, b: number) => void;
224
+ readonly closure539_externref_shim: (a: number, b: number, c: any) => void;
225
+ readonly closure1819_externref_shim: (a: number, b: number, c: any, d: any) => void;
226
+ readonly __wbindgen_start: () => void;
227
+ }
228
+
229
+ export type SyncInitInput = BufferSource | WebAssembly.Module;
230
+ /**
231
+ * Instantiates the given `module`, which can either be bytes or
232
+ * a precompiled `WebAssembly.Module`.
233
+ *
234
+ * @param {{ module: SyncInitInput }} module - Passing `SyncInitInput` directly is deprecated.
235
+ *
236
+ * @returns {InitOutput}
237
+ */
238
+ export function initSync(module: { module: SyncInitInput } | SyncInitInput): InitOutput;
239
+
240
+ /**
241
+ * If `module_or_path` is {RequestInfo} or {URL}, makes a request and
242
+ * for everything else, calls `WebAssembly.instantiate` directly.
243
+ *
244
+ * @param {{ module_or_path: InitInput | Promise<InitInput> }} module_or_path - Passing `InitInput` directly is deprecated.
245
+ *
246
+ * @returns {Promise<InitOutput>}
247
+ */
248
+ export default function __wbg_init (module_or_path?: { module_or_path: InitInput | Promise<InitInput> } | InitInput | Promise<InitInput>): Promise<InitOutput>;