@lifeready/core 1.0.21 → 1.0.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bundles/lifeready-core.umd.js +10612 -10527
- package/bundles/lifeready-core.umd.js.map +1 -1
- package/bundles/lifeready-core.umd.min.js +1 -15
- package/bundles/lifeready-core.umd.min.js.map +1 -1
- package/esm2015/lib/_common/ast.js +2 -1
- package/esm2015/lib/_common/deferred-promise.js +1 -1
- package/esm2015/lib/_common/exceptions.js +1 -1
- package/esm2015/lib/_common/queries.gql.js +1 -1
- package/esm2015/lib/_common/run-outside-angular.js +3 -2
- package/esm2015/lib/_common/types.js +2 -1
- package/esm2015/lib/_common/utils.js +2 -1
- package/esm2015/lib/api/lr-apollo.service.js +4 -3
- package/esm2015/lib/api/lr-graphql/index.js +1 -1
- package/esm2015/lib/api/lr-graphql/lr-graphql.service.js +9 -8
- package/esm2015/lib/api/lr-graphql/lr-merged-mutation.js +5 -6
- package/esm2015/lib/api/lr-graphql/lr-mutation-base.js +1 -1
- package/esm2015/lib/api/lr-graphql/lr-mutation.js +3 -3
- package/esm2015/lib/api/lr-graphql/lr.service.js +1 -1
- package/esm2015/lib/api/query-processor/common-processors.service.js +4 -3
- package/esm2015/lib/api/query-processor/index.js +1 -1
- package/esm2015/lib/api/query-processor/query-processor.service.js +5 -4
- package/esm2015/lib/api/query-processor/tp-password-reset-processor.service.js +8 -7
- package/esm2015/lib/api/types/graphql.types.js +2 -1
- package/esm2015/lib/api/types/index.js +1 -1
- package/esm2015/lib/api/types/lr-graphql.types.js +1 -1
- package/esm2015/lib/auth/auth.config.js +1 -1
- package/esm2015/lib/auth/auth.gql.js +1 -28
- package/esm2015/lib/auth/auth.types.js +1 -1
- package/esm2015/lib/auth/life-ready-auth.service.js +36 -32
- package/esm2015/lib/category/category-meta.service.js +1 -1
- package/esm2015/lib/category/category.gql.js +3 -2
- package/esm2015/lib/category/category.service.js +9 -8
- package/esm2015/lib/category/category.types.js +1 -1
- package/esm2015/lib/contact-card/contact-card.gql.js +79 -0
- package/esm2015/lib/contact-card/contact-card.service.js +156 -0
- package/esm2015/lib/contact-card/contact-card2.gql.js +29 -0
- package/esm2015/lib/contact-card/contact-card2.service.js +103 -0
- package/esm2015/lib/encryption/encryption.service.js +190 -0
- package/esm2015/lib/file-upload/file-upload.service.js +74 -0
- package/esm2015/lib/file-upload/file-upload.types.js +2 -0
- package/esm2015/lib/idle/idle.service.js +168 -0
- package/esm2015/lib/idle/idle.types.js +7 -0
- package/esm2015/lib/item2/item2.gql.js +127 -0
- package/esm2015/lib/item2/item2.gql.private.js +23 -0
- package/esm2015/lib/item2/item2.service.js +519 -0
- package/esm2015/lib/item2/item2.types.js +2 -0
- package/esm2015/lib/key/key-factory.service.js +237 -0
- package/esm2015/lib/key/key-graph.service.js +300 -0
- package/esm2015/lib/key/key-meta.service.js +201 -0
- package/esm2015/lib/{cryptography → key}/key.service.js +4 -4
- package/esm2015/lib/key/key.types.js +11 -0
- package/esm2015/lib/key-exchange/key-exchange.gql.js +188 -0
- package/esm2015/lib/key-exchange/key-exchange.service.js +441 -0
- package/esm2015/lib/key-exchange/key-exchange.types.js +7 -0
- package/esm2015/lib/key-exchange/key-exchange2.gql.js +171 -0
- package/esm2015/lib/key-exchange/key-exchange2.service.js +500 -0
- package/esm2015/lib/lbop/lbop.service.js +357 -0
- package/esm2015/lib/life-ready.config.js +2 -1
- package/esm2015/lib/life-ready.module.js +2 -27
- package/esm2015/lib/lock/lock.gql.js +40 -0
- package/esm2015/lib/lock/lock.service.js +64 -0
- package/esm2015/lib/message/message.gql.js +32 -0
- package/esm2015/lib/message/message.service.js +118 -0
- package/esm2015/lib/message/message.types.js +2 -0
- package/esm2015/lib/notification/notification.gql.js +1 -1
- package/esm2015/lib/notification/notification.service.js +2 -2
- package/esm2015/lib/password/password.gql.js +28 -0
- package/esm2015/lib/password/password.service.js +316 -0
- package/esm2015/lib/persist/persist.service.js +181 -0
- package/esm2015/lib/plan/plan.gql.js +1 -1
- package/esm2015/lib/plan/plan.service.js +3 -2
- package/esm2015/lib/plan/plan.types.js +1 -1
- package/esm2015/lib/profile/profile-details.service.js +215 -0
- package/esm2015/lib/profile/profile.gql.js +98 -0
- package/esm2015/lib/profile/profile.service.js +170 -0
- package/esm2015/lib/profile/profile.types.js +34 -0
- package/esm2015/lib/record/record-attachment.service.js +16 -15
- package/esm2015/lib/record/record.gql.js +1 -1
- package/esm2015/lib/record/record.service.js +8 -8
- package/esm2015/lib/record/record.types.js +1 -1
- package/esm2015/lib/record-type/record-type.service.js +1 -1
- package/esm2015/lib/record-type/record-type.types.js +1 -1
- package/esm2015/lib/register/register.service.js +173 -0
- package/esm2015/lib/scenario/scenario.constants.js +1 -1
- package/esm2015/lib/scenario/scenario.controller.js +2 -2
- package/esm2015/lib/scenario/scenario.gql.js +1 -1
- package/esm2015/lib/scenario/scenario.private.gql.js +198 -0
- package/esm2015/lib/scenario/scenario.service.js +19 -17
- package/esm2015/lib/scenario/scenario.types.js +2 -1
- package/esm2015/lib/shared-contact-card/shared-contact-card.service.js +119 -0
- package/esm2015/lib/shared-contact-card/shared-contact-card2.gql.js +41 -0
- package/esm2015/lib/shared-contact-card/shared-contact-card2.service.js +117 -0
- package/esm2015/lib/slip39/slip39.service.js +167 -0
- package/esm2015/lib/time/time.service.js +146 -0
- package/esm2015/lib/tp-assembly/tp-assembly.js +365 -0
- package/esm2015/lib/tp-assembly/tp-assembly.private.gql.js +22 -0
- package/esm2015/lib/tp-assembly/tp-assembly.types.js +2 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset-request.service.js +100 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset-user.service.js +118 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.constants.js +4 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.controller.js +34 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.gql.js +74 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.private.gql.js +165 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.private.service.js +54 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.service.js +92 -0
- package/esm2015/lib/tp-password-reset/tp-password-reset.types.js +2 -0
- package/esm2015/lib/trusted-party/trusted-party.gql.js +148 -0
- package/esm2015/lib/trusted-party/trusted-party.service.js +327 -0
- package/esm2015/lib/trusted-party/trusted-party.types.js +41 -0
- package/esm2015/lib/trusted-party/trusted-party2.gql.js +64 -0
- package/esm2015/lib/trusted-party/trusted-party2.gql.private.js +25 -0
- package/esm2015/lib/trusted-party/trusted-party2.service.js +224 -0
- package/esm2015/lib/trusted-party/trusted-party2.types.js +2 -0
- package/esm2015/lib/two-factor/two-factor.service.js +74 -0
- package/esm2015/lib/user/user.gql.js +60 -0
- package/esm2015/lib/user/user.service.js +80 -0
- package/esm2015/lib/user/user.types.js +2 -0
- package/esm2015/lib/web-crypto/web-crypto.service.js +29 -0
- package/esm2015/lifeready-core.js +15 -13
- package/esm2015/public-api.js +49 -51
- package/fesm2015/lifeready-core.js +8764 -8737
- package/fesm2015/lifeready-core.js.map +1 -1
- package/lib/_common/types.d.ts +3 -1
- package/lib/_common/utils.d.ts +2 -2
- package/lib/api/lr-apollo.service.d.ts +2 -2
- package/lib/api/lr-graphql/lr-graphql.service.d.ts +26 -8
- package/lib/api/lr-graphql/lr-merged-mutation.d.ts +22 -4
- package/lib/api/lr-graphql/lr-mutation.d.ts +1 -2
- package/lib/api/query-processor/common-processors.service.d.ts +1 -1
- package/lib/api/query-processor/query-processor.service.d.ts +1 -1
- package/lib/api/query-processor/tp-password-reset-processor.service.d.ts +2 -2
- package/lib/api/types/lr-graphql.types.d.ts +14 -3
- package/lib/auth/auth.gql.d.ts +0 -3
- package/lib/auth/auth.types.d.ts +5 -5
- package/lib/auth/life-ready-auth.service.d.ts +13 -13
- package/lib/category/category.gql.d.ts +1 -1
- package/lib/category/category.service.d.ts +3 -3
- package/lib/{api → contact-card}/contact-card.service.d.ts +9 -9
- package/lib/contact-card/contact-card2.gql.d.ts +25 -0
- package/lib/contact-card/contact-card2.service.d.ts +64 -0
- package/lib/{cryptography → encryption}/encryption.service.d.ts +10 -9
- package/lib/{api/file.service.d.ts → file-upload/file-upload.service.d.ts} +5 -8
- package/lib/file-upload/file-upload.types.d.ts +5 -0
- package/lib/{auth → idle}/idle.service.d.ts +6 -6
- package/lib/{items2 → item2}/item2.gql.d.ts +16 -16
- package/lib/{items2 → item2}/item2.service.d.ts +34 -35
- package/lib/{cryptography → key}/key-factory.service.d.ts +4 -3
- package/lib/{cryptography → key}/key-graph.service.d.ts +6 -6
- package/lib/{cryptography → key}/key-meta.service.d.ts +1 -1
- package/lib/{cryptography → key}/key.service.d.ts +2 -2
- package/lib/{cryptography/cryptography.types.d.ts → key/key.types.d.ts} +13 -17
- package/lib/{api → key-exchange}/key-exchange.service.d.ts +5 -5
- package/lib/{api → key-exchange}/key-exchange.types.d.ts +4 -4
- package/lib/{api → key-exchange}/key-exchange2.gql.d.ts +1 -1
- package/lib/{api → key-exchange}/key-exchange2.service.d.ts +82 -29
- package/lib/{auth → lbop}/lbop.service.d.ts +7 -7
- package/lib/life-ready.config.d.ts +1 -1
- package/lib/{api → lock}/lock.gql.d.ts +1 -1
- package/lib/{api → lock}/lock.service.d.ts +1 -1
- package/lib/message/message.gql.d.ts +13 -0
- package/lib/message/message.service.d.ts +36 -0
- package/lib/message/message.types.d.ts +12 -0
- package/lib/notification/notification.service.d.ts +3 -2
- package/lib/password/password.gql.d.ts +3 -0
- package/lib/{auth → password}/password.service.d.ts +9 -9
- package/lib/{api → persist}/persist.service.d.ts +3 -3
- package/lib/plan/plan.service.d.ts +3 -2
- package/lib/plan/plan.types.d.ts +2 -1
- package/lib/{users → profile}/profile-details.service.d.ts +3 -3
- package/lib/{users → profile}/profile.gql.d.ts +2 -2
- package/lib/{users → profile}/profile.service.d.ts +6 -6
- package/lib/{users → profile}/profile.types.d.ts +3 -2
- package/lib/record/record-attachment.service.d.ts +6 -6
- package/lib/record/record.service.d.ts +3 -3
- package/lib/{auth → register}/register.service.d.ts +4 -4
- package/lib/scenario/scenario.controller.d.ts +1 -1
- package/lib/scenario/scenario.service.d.ts +105 -5
- package/lib/scenario/scenario.types.d.ts +1 -1
- package/lib/{api → shared-contact-card}/shared-contact-card.service.d.ts +9 -9
- package/lib/{api → shared-contact-card}/shared-contact-card2.gql.d.ts +1 -1
- package/lib/{api → shared-contact-card}/shared-contact-card2.service.d.ts +6 -6
- package/lib/{cryptography → slip39}/slip39.service.d.ts +0 -1
- package/lib/{trusted-parties → tp-assembly}/tp-assembly.d.ts +7 -7
- package/lib/{trusted-parties → tp-assembly}/tp-assembly.types.d.ts +3 -3
- package/lib/{trusted-parties → tp-password-reset}/tp-password-reset-request.service.d.ts +5 -9
- package/lib/{trusted-parties → tp-password-reset}/tp-password-reset-user.service.d.ts +7 -13
- package/lib/{trusted-parties → tp-password-reset}/tp-password-reset.controller.d.ts +1 -1
- package/lib/tp-password-reset/tp-password-reset.gql.d.ts +63 -0
- package/lib/{trusted-parties/tp-password-reset.gql.d.ts → tp-password-reset/tp-password-reset.private.gql.d.ts} +1 -63
- package/lib/tp-password-reset/tp-password-reset.private.service.d.ts +59 -0
- package/lib/{trusted-parties → tp-password-reset}/tp-password-reset.service.d.ts +6 -89
- package/lib/tp-password-reset/tp-password-reset.types.d.ts +40 -0
- package/lib/{trusted-parties → trusted-party}/trusted-party.service.d.ts +7 -7
- package/lib/{trusted-parties → trusted-party}/trusted-party.types.d.ts +2 -3
- package/lib/{trusted-parties → trusted-party}/trusted-party2.gql.d.ts +0 -22
- package/lib/trusted-party/trusted-party2.gql.private.d.ts +23 -0
- package/lib/{trusted-parties → trusted-party}/trusted-party2.service.d.ts +11 -35
- package/lib/trusted-party/trusted-party2.types.d.ts +12 -0
- package/lib/{users → user}/user.gql.d.ts +1 -1
- package/lib/{users → user}/user.service.d.ts +1 -1
- package/lib/{users → user}/user.types.d.ts +1 -1
- package/lifeready-core.d.ts +14 -12
- package/lifeready-core.metadata.json +1 -1
- package/package.json +2 -2
- package/public-api.d.ts +48 -50
- package/esm2015/lib/api/contact-card.gql.js +0 -79
- package/esm2015/lib/api/contact-card.service.js +0 -154
- package/esm2015/lib/api/contact-card2.gql.js +0 -60
- package/esm2015/lib/api/contact-card2.service.js +0 -103
- package/esm2015/lib/api/file.service.js +0 -74
- package/esm2015/lib/api/key-exchange.gql.js +0 -188
- package/esm2015/lib/api/key-exchange.service.js +0 -442
- package/esm2015/lib/api/key-exchange.types.js +0 -7
- package/esm2015/lib/api/key-exchange2.gql.js +0 -171
- package/esm2015/lib/api/key-exchange2.service.js +0 -480
- package/esm2015/lib/api/lock.gql.js +0 -40
- package/esm2015/lib/api/lock.service.js +0 -64
- package/esm2015/lib/api/message.service.js +0 -138
- package/esm2015/lib/api/persist.service.js +0 -181
- package/esm2015/lib/api/shared-contact-card.service.js +0 -119
- package/esm2015/lib/api/shared-contact-card2.gql.js +0 -41
- package/esm2015/lib/api/shared-contact-card2.service.js +0 -117
- package/esm2015/lib/api/time.service.js +0 -146
- package/esm2015/lib/auth/idle.service.js +0 -168
- package/esm2015/lib/auth/idle.types.js +0 -7
- package/esm2015/lib/auth/lbop.service.js +0 -355
- package/esm2015/lib/auth/password.service.js +0 -315
- package/esm2015/lib/auth/register.service.js +0 -172
- package/esm2015/lib/auth/two-factor.service.js +0 -74
- package/esm2015/lib/cryptography/cryptography.types.js +0 -11
- package/esm2015/lib/cryptography/encryption.service.js +0 -189
- package/esm2015/lib/cryptography/key-factory.service.js +0 -237
- package/esm2015/lib/cryptography/key-graph.service.js +0 -299
- package/esm2015/lib/cryptography/key-meta.service.js +0 -200
- package/esm2015/lib/cryptography/slip39.service.js +0 -169
- package/esm2015/lib/cryptography/web-crypto.service.js +0 -29
- package/esm2015/lib/items2/item2.gql.js +0 -127
- package/esm2015/lib/items2/item2.gql.private.js +0 -23
- package/esm2015/lib/items2/item2.service.js +0 -516
- package/esm2015/lib/items2/item2.types.js +0 -1
- package/esm2015/lib/scenario/scenario.gql.private.js +0 -198
- package/esm2015/lib/trusted-parties/tp-assembly.gql.private.js +0 -22
- package/esm2015/lib/trusted-parties/tp-assembly.js +0 -365
- package/esm2015/lib/trusted-parties/tp-assembly.types.js +0 -1
- package/esm2015/lib/trusted-parties/tp-password-reset-request.service.js +0 -113
- package/esm2015/lib/trusted-parties/tp-password-reset-user.service.js +0 -129
- package/esm2015/lib/trusted-parties/tp-password-reset.constants.js +0 -4
- package/esm2015/lib/trusted-parties/tp-password-reset.controller.js +0 -34
- package/esm2015/lib/trusted-parties/tp-password-reset.gql.js +0 -237
- package/esm2015/lib/trusted-parties/tp-password-reset.service.js +0 -95
- package/esm2015/lib/trusted-parties/trusted-party.gql.js +0 -148
- package/esm2015/lib/trusted-parties/trusted-party.service.js +0 -326
- package/esm2015/lib/trusted-parties/trusted-party.types.js +0 -41
- package/esm2015/lib/trusted-parties/trusted-party2.gql.js +0 -87
- package/esm2015/lib/trusted-parties/trusted-party2.service.js +0 -218
- package/esm2015/lib/users/profile-details.service.js +0 -214
- package/esm2015/lib/users/profile.gql.js +0 -97
- package/esm2015/lib/users/profile.service.js +0 -169
- package/esm2015/lib/users/profile.types.js +0 -34
- package/esm2015/lib/users/user.gql.js +0 -60
- package/esm2015/lib/users/user.service.js +0 -79
- package/esm2015/lib/users/user.types.js +0 -1
- package/lib/api/contact-card2.gql.d.ts +0 -34
- package/lib/api/contact-card2.service.d.ts +0 -50
- package/lib/api/message.service.d.ts +0 -59
- /package/lib/{api → contact-card}/contact-card.gql.d.ts +0 -0
- /package/lib/{auth → idle}/idle.types.d.ts +0 -0
- /package/lib/{items2 → item2}/item2.gql.private.d.ts +0 -0
- /package/lib/{items2 → item2}/item2.types.d.ts +0 -0
- /package/lib/{api → key-exchange}/key-exchange.gql.d.ts +0 -0
- /package/lib/scenario/{scenario.gql.private.d.ts → scenario.private.gql.d.ts} +0 -0
- /package/lib/{api → time}/time.service.d.ts +0 -0
- /package/lib/{trusted-parties/tp-assembly.gql.private.d.ts → tp-assembly/tp-assembly.private.gql.d.ts} +0 -0
- /package/lib/{trusted-parties → tp-password-reset}/tp-password-reset.constants.d.ts +0 -0
- /package/lib/{trusted-parties → trusted-party}/trusted-party.gql.d.ts +0 -0
- /package/lib/{auth → two-factor}/two-factor.service.d.ts +0 -0
- /package/lib/{cryptography → web-crypto}/web-crypto.service.d.ts +0 -0
|
@@ -0,0 +1,146 @@
|
|
|
1
|
+
import { __awaiter } from "tslib";
|
|
2
|
+
import { Injectable } from '@angular/core';
|
|
3
|
+
import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
|
|
4
|
+
import { Apollo } from 'apollo-angular';
|
|
5
|
+
import gql from 'graphql-tag';
|
|
6
|
+
import * as moment_ from 'moment';
|
|
7
|
+
import { LrErrorCode, LrException, handleApolloError, } from '../_common/exceptions';
|
|
8
|
+
import * as i0 from "@angular/core";
|
|
9
|
+
import * as i1 from "@aws-amplify/auth/lib-esm/Auth";
|
|
10
|
+
import * as i2 from "apollo-angular";
|
|
11
|
+
// "why?" you ask: https://stackoverflow.com/questions/59735280/angular-8-moment-error-cannot-call-a-namespace-moment
|
|
12
|
+
const moment = moment_;
|
|
13
|
+
export const ServerTimeQuery = gql `
|
|
14
|
+
query {
|
|
15
|
+
serverTime {
|
|
16
|
+
timestamp
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
`;
|
|
20
|
+
export class TimeService {
|
|
21
|
+
constructor(auth, apollo) {
|
|
22
|
+
this.auth = auth;
|
|
23
|
+
this.apollo = apollo;
|
|
24
|
+
this.VERIFY_ENABLED = true;
|
|
25
|
+
this.MAX_DIFF_MSEC = moment
|
|
26
|
+
.duration({ seconds: 30 })
|
|
27
|
+
.asMilliseconds();
|
|
28
|
+
this.offsetMs = null; // Millisecond offset of local clock.
|
|
29
|
+
this.verified = false; // Verified with independent time source
|
|
30
|
+
}
|
|
31
|
+
getAccessToken() {
|
|
32
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
33
|
+
try {
|
|
34
|
+
return (yield this.auth.currentAuthenticatedUser())
|
|
35
|
+
.getSignInUserSession()
|
|
36
|
+
.getAccessToken()
|
|
37
|
+
.getJwtToken();
|
|
38
|
+
}
|
|
39
|
+
catch (error) {
|
|
40
|
+
return ''; // Not authenticated
|
|
41
|
+
}
|
|
42
|
+
});
|
|
43
|
+
}
|
|
44
|
+
// Get time from independent source to confirm.
|
|
45
|
+
verifyCognito() {
|
|
46
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
47
|
+
const accessToken = yield this.getAccessToken();
|
|
48
|
+
if (!accessToken) {
|
|
49
|
+
return;
|
|
50
|
+
}
|
|
51
|
+
// Request headers from AWS Amplify Auth lib
|
|
52
|
+
// accept: */*
|
|
53
|
+
// accept-encoding: gzip, deflate, br
|
|
54
|
+
// accept-language: en-GB,en-US;q=0.9,en;q=0.8
|
|
55
|
+
// cache-control: no-cache
|
|
56
|
+
// content-length: 1089
|
|
57
|
+
// content-type: application/x-amz-json-1.1
|
|
58
|
+
// origin: http://localhost:4200
|
|
59
|
+
// pragma: no-cache
|
|
60
|
+
// referer: http://localhost:4200/
|
|
61
|
+
// sec-fetch-dest: empty
|
|
62
|
+
// sec-fetch-mode: cors
|
|
63
|
+
// sec-fetch-site: cross-site
|
|
64
|
+
// user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36
|
|
65
|
+
// x-amz-target: AWSCognitoIdentityProviderService.GetUser
|
|
66
|
+
// x-amz-user-agent: aws-amplify/0.1.x js
|
|
67
|
+
// We are only interested in the Date field.
|
|
68
|
+
// AZ: I suppose we could use any end-point that provides a reliable Date field in the header. And we don't
|
|
69
|
+
// need to be authenticated. Even a 400 response would have a Date header. But the worry is that AWS might
|
|
70
|
+
// think it's some sort of attack, and block the IP or domain. At least in an authenticated call it can't be
|
|
71
|
+
// seen as illegitimate.
|
|
72
|
+
const response = yield fetch('https://cognito-idp.ap-southeast-2.amazonaws.com/', {
|
|
73
|
+
method: 'POST',
|
|
74
|
+
mode: 'cors',
|
|
75
|
+
cache: 'no-cache',
|
|
76
|
+
headers: {
|
|
77
|
+
'x-amz-target': 'AWSCognitoIdentityProviderService.GetUser',
|
|
78
|
+
'x-amz-user-agent': 'aws-amplify/0.1.x js',
|
|
79
|
+
'Content-Type': 'application/x-amz-json-1.1',
|
|
80
|
+
},
|
|
81
|
+
// redirect: 'follow', // manual, *follow, error
|
|
82
|
+
// referrerPolicy: 'no-referrer', // no-referrer, *no-referrer-when-downgrade, origin, origin-when-cross-origin, same-origin, strict-origin, strict-origin-when-cross-origin, unsafe-url
|
|
83
|
+
body: JSON.stringify({
|
|
84
|
+
AccessToken: accessToken,
|
|
85
|
+
}),
|
|
86
|
+
});
|
|
87
|
+
const now = Date.now();
|
|
88
|
+
const verifyTime = moment(response.headers.get('Date')).valueOf();
|
|
89
|
+
const serverTime = now + this.offsetMs;
|
|
90
|
+
const diff = Math.abs(serverTime - verifyTime);
|
|
91
|
+
if (diff > this.MAX_DIFF_MSEC) {
|
|
92
|
+
throw new LrException({
|
|
93
|
+
code: LrErrorCode.BadTimeSync,
|
|
94
|
+
message: `Server time does not match independent source. ServerTime: ${serverTime}, Cognito time: ${verifyTime}`,
|
|
95
|
+
});
|
|
96
|
+
}
|
|
97
|
+
this.verified = true;
|
|
98
|
+
});
|
|
99
|
+
}
|
|
100
|
+
refresh() {
|
|
101
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
102
|
+
const start = Date.now();
|
|
103
|
+
const res = yield this.apollo
|
|
104
|
+
.query({ query: ServerTimeQuery })
|
|
105
|
+
.toPromise();
|
|
106
|
+
const end = Date.now();
|
|
107
|
+
handleApolloError(res.errors);
|
|
108
|
+
const serverTime = parseInt(res.data.serverTime.timestamp, 10);
|
|
109
|
+
const roundtrip = end - start;
|
|
110
|
+
this.offsetMs = serverTime - (start + roundtrip / 2);
|
|
111
|
+
if (this.VERIFY_ENABLED) {
|
|
112
|
+
yield this.verifyCognito();
|
|
113
|
+
}
|
|
114
|
+
});
|
|
115
|
+
}
|
|
116
|
+
serverNow() {
|
|
117
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
118
|
+
let needsRefresh = false;
|
|
119
|
+
// First call
|
|
120
|
+
if (this.offsetMs === null) {
|
|
121
|
+
needsRefresh = true;
|
|
122
|
+
}
|
|
123
|
+
if (this.VERIFY_ENABLED) {
|
|
124
|
+
// logged in but not yet verified time matches.
|
|
125
|
+
if (!this.verified && (yield this.getAccessToken())) {
|
|
126
|
+
needsRefresh = true;
|
|
127
|
+
}
|
|
128
|
+
}
|
|
129
|
+
if (needsRefresh) {
|
|
130
|
+
yield this.refresh();
|
|
131
|
+
}
|
|
132
|
+
return Date.now() + this.offsetMs;
|
|
133
|
+
});
|
|
134
|
+
}
|
|
135
|
+
}
|
|
136
|
+
TimeService.ɵprov = i0.ɵɵdefineInjectable({ factory: function TimeService_Factory() { return new TimeService(i0.ɵɵinject(i1.AuthClass), i0.ɵɵinject(i2.Apollo)); }, token: TimeService, providedIn: "root" });
|
|
137
|
+
TimeService.decorators = [
|
|
138
|
+
{ type: Injectable, args: [{
|
|
139
|
+
providedIn: 'root',
|
|
140
|
+
},] }
|
|
141
|
+
];
|
|
142
|
+
TimeService.ctorParameters = () => [
|
|
143
|
+
{ type: AuthClass },
|
|
144
|
+
{ type: Apollo }
|
|
145
|
+
];
|
|
146
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGltZS5zZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vLi4vcHJvamVjdHMvY29yZS9zcmMvbGliL3RpbWUvdGltZS5zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sZUFBZSxDQUFDO0FBQzNDLE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUMzRCxPQUFPLEVBQUUsTUFBTSxFQUFFLE1BQU0sZ0JBQWdCLENBQUM7QUFDeEMsT0FBTyxHQUFHLE1BQU0sYUFBYSxDQUFDO0FBQzlCLE9BQU8sS0FBSyxPQUFPLE1BQU0sUUFBUSxDQUFDO0FBQ2xDLE9BQU8sRUFDTCxXQUFXLEVBQ1gsV0FBVyxFQUNYLGlCQUFpQixHQUNsQixNQUFNLHVCQUF1QixDQUFDOzs7O0FBQy9CLHFIQUFxSDtBQUNySCxNQUFNLE1BQU0sR0FBRyxPQUFPLENBQUM7QUFFdkIsTUFBTSxDQUFDLE1BQU0sZUFBZSxHQUFHLEdBQUcsQ0FBQTs7Ozs7O0NBTWpDLENBQUM7QUFTRixNQUFNLE9BQU8sV0FBVztJQVN0QixZQUFvQixJQUFlLEVBQVUsTUFBYztRQUF2QyxTQUFJLEdBQUosSUFBSSxDQUFXO1FBQVUsV0FBTSxHQUFOLE1BQU0sQ0FBUTtRQVJwRCxtQkFBYyxHQUFHLElBQUksQ0FBQztRQUNaLGtCQUFhLEdBQUcsTUFBTTthQUNwQyxRQUFRLENBQUMsRUFBRSxPQUFPLEVBQUUsRUFBRSxFQUFFLENBQUM7YUFDekIsY0FBYyxFQUFFLENBQUM7UUFFcEIsYUFBUSxHQUFXLElBQUksQ0FBQyxDQUFDLHFDQUFxQztRQUM5RCxhQUFRLEdBQUcsS0FBSyxDQUFDLENBQUMsd0NBQXdDO0lBRUksQ0FBQztJQUVqRCxjQUFjOztZQUMxQixJQUFJO2dCQUNGLE9BQU8sQ0FBQyxNQUFNLElBQUksQ0FBQyxJQUFJLENBQUMsd0JBQXdCLEVBQUUsQ0FBQztxQkFDaEQsb0JBQW9CLEVBQUU7cUJBQ3RCLGNBQWMsRUFBRTtxQkFDaEIsV0FBVyxFQUFFLENBQUM7YUFDbEI7WUFBQyxPQUFPLEtBQUssRUFBRTtnQkFDZCxPQUFPLEVBQUUsQ0FBQyxDQUFDLG9CQUFvQjthQUNoQztRQUNILENBQUM7S0FBQTtJQUVELCtDQUErQztJQUNqQyxhQUFhOztZQUN6QixNQUFNLFdBQVcsR0FBRyxNQUFNLElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztZQUNoRCxJQUFJLENBQUMsV0FBVyxFQUFFO2dCQUNoQixPQUFPO2FBQ1I7WUFFRCw0Q0FBNEM7WUFDNUMsY0FBYztZQUNkLHFDQUFxQztZQUNyQyw4Q0FBOEM7WUFDOUMsMEJBQTBCO1lBQzFCLHVCQUF1QjtZQUN2QiwyQ0FBMkM7WUFDM0MsZ0NBQWdDO1lBQ2hDLG1CQUFtQjtZQUNuQixrQ0FBa0M7WUFDbEMsd0JBQXdCO1lBQ3hCLHVCQUF1QjtZQUN2Qiw2QkFBNkI7WUFDN0Isd0hBQXdIO1lBQ3hILDBEQUEwRDtZQUMxRCx5Q0FBeUM7WUFFekMsNENBQTRDO1lBQzVDLDJHQUEyRztZQUMzRywwR0FBMEc7WUFDMUcsNEdBQTRHO1lBQzVHLHdCQUF3QjtZQUN4QixNQUFNLFFBQVEsR0FBRyxNQUFNLEtBQUssQ0FDMUIsbURBQW1ELEVBQ25EO2dCQUNFLE1BQU0sRUFBRSxNQUFNO2dCQUNkLElBQUksRUFBRSxNQUFNO2dCQUNaLEtBQUssRUFBRSxVQUFVO2dCQUNqQixPQUFPLEVBQUU7b0JBQ1AsY0FBYyxFQUFFLDJDQUEyQztvQkFDM0Qsa0JBQWtCLEVBQUUsc0JBQXNCO29CQUMxQyxjQUFjLEVBQUUsNEJBQTRCO2lCQUM3QztnQkFDRCxnREFBZ0Q7Z0JBQ2hELHdMQUF3TDtnQkFDeEwsSUFBSSxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUM7b0JBQ25CLFdBQVcsRUFBRSxXQUFXO2lCQUN6QixDQUFDO2FBQ0gsQ0FDRixDQUFDO1lBRUYsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO1lBRXZCLE1BQU0sVUFBVSxHQUFHLE1BQU0sQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ2xFLE1BQU0sVUFBVSxHQUFHLEdBQUcsR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDO1lBQ3ZDLE1BQU0sSUFBSSxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsVUFBVSxHQUFHLFVBQVUsQ0FBQyxDQUFDO1lBRS9DLElBQUksSUFBSSxHQUFHLElBQUksQ0FBQyxhQUFhLEVBQUU7Z0JBQzdCLE1BQU0sSUFBSSxXQUFXLENBQUM7b0JBQ3BCLElBQUksRUFBRSxXQUFXLENBQUMsV0FBVztvQkFDN0IsT0FBTyxFQUFFLDhEQUE4RCxVQUFVLG1CQUFtQixVQUFVLEVBQUU7aUJBQ2pILENBQUMsQ0FBQzthQUNKO1lBRUQsSUFBSSxDQUFDLFFBQVEsR0FBRyxJQUFJLENBQUM7UUFDdkIsQ0FBQztLQUFBO0lBRWEsT0FBTzs7WUFDbkIsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO1lBQ3pCLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLE1BQU07aUJBQzFCLEtBQUssQ0FBNkIsRUFBRSxLQUFLLEVBQUUsZUFBZSxFQUFFLENBQUM7aUJBQzdELFNBQVMsRUFBRSxDQUFDO1lBQ2YsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO1lBRXZCLGlCQUFpQixDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsQ0FBQztZQUU5QixNQUFNLFVBQVUsR0FBRyxRQUFRLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1lBRS9ELE1BQU0sU0FBUyxHQUFHLEdBQUcsR0FBRyxLQUFLLENBQUM7WUFDOUIsSUFBSSxDQUFDLFFBQVEsR0FBRyxVQUFVLEdBQUcsQ0FBQyxLQUFLLEdBQUcsU0FBUyxHQUFHLENBQUMsQ0FBQyxDQUFDO1lBRXJELElBQUksSUFBSSxDQUFDLGNBQWMsRUFBRTtnQkFDdkIsTUFBTSxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUM7YUFDNUI7UUFDSCxDQUFDO0tBQUE7SUFFSyxTQUFTOztZQUNiLElBQUksWUFBWSxHQUFHLEtBQUssQ0FBQztZQUV6QixhQUFhO1lBQ2IsSUFBSSxJQUFJLENBQUMsUUFBUSxLQUFLLElBQUksRUFBRTtnQkFDMUIsWUFBWSxHQUFHLElBQUksQ0FBQzthQUNyQjtZQUVELElBQUksSUFBSSxDQUFDLGNBQWMsRUFBRTtnQkFDdkIsK0NBQStDO2dCQUMvQyxJQUFJLENBQUMsSUFBSSxDQUFDLFFBQVEsSUFBSSxDQUFDLE1BQU0sSUFBSSxDQUFDLGNBQWMsRUFBRSxDQUFDLEVBQUU7b0JBQ25ELFlBQVksR0FBRyxJQUFJLENBQUM7aUJBQ3JCO2FBQ0Y7WUFFRCxJQUFJLFlBQVksRUFBRTtnQkFDaEIsTUFBTSxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUM7YUFDdEI7WUFFRCxPQUFPLElBQUksQ0FBQyxHQUFHLEVBQUUsR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDO1FBQ3BDLENBQUM7S0FBQTs7OztZQWhJRixVQUFVLFNBQUM7Z0JBQ1YsVUFBVSxFQUFFLE1BQU07YUFDbkI7OztZQTFCUSxTQUFTO1lBQ1QsTUFBTSIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEluamVjdGFibGUgfSBmcm9tICdAYW5ndWxhci9jb3JlJztcbmltcG9ydCB7IEF1dGhDbGFzcyB9IGZyb20gJ0Bhd3MtYW1wbGlmeS9hdXRoL2xpYi1lc20vQXV0aCc7XG5pbXBvcnQgeyBBcG9sbG8gfSBmcm9tICdhcG9sbG8tYW5ndWxhcic7XG5pbXBvcnQgZ3FsIGZyb20gJ2dyYXBocWwtdGFnJztcbmltcG9ydCAqIGFzIG1vbWVudF8gZnJvbSAnbW9tZW50JztcbmltcG9ydCB7XG4gIExyRXJyb3JDb2RlLFxuICBMckV4Y2VwdGlvbixcbiAgaGFuZGxlQXBvbGxvRXJyb3IsXG59IGZyb20gJy4uL19jb21tb24vZXhjZXB0aW9ucyc7XG4vLyBcIndoeT9cIiB5b3UgYXNrOiBodHRwczovL3N0YWNrb3ZlcmZsb3cuY29tL3F1ZXN0aW9ucy81OTczNTI4MC9hbmd1bGFyLTgtbW9tZW50LWVycm9yLWNhbm5vdC1jYWxsLWEtbmFtZXNwYWNlLW1vbWVudFxuY29uc3QgbW9tZW50ID0gbW9tZW50XztcblxuZXhwb3J0IGNvbnN0IFNlcnZlclRpbWVRdWVyeSA9IGdxbGBcbiAgcXVlcnkge1xuICAgIHNlcnZlclRpbWUge1xuICAgICAgdGltZXN0YW1wXG4gICAgfVxuICB9XG5gO1xuXG5pbnRlcmZhY2UgU2VydmVyVGltZSB7XG4gIHRpbWVzdGFtcDogc3RyaW5nO1xufVxuXG5ASW5qZWN0YWJsZSh7XG4gIHByb3ZpZGVkSW46ICdyb290Jyxcbn0pXG5leHBvcnQgY2xhc3MgVGltZVNlcnZpY2Uge1xuICBwdWJsaWMgVkVSSUZZX0VOQUJMRUQgPSB0cnVlO1xuICBwcml2YXRlIHJlYWRvbmx5IE1BWF9ESUZGX01TRUMgPSBtb21lbnRcbiAgICAuZHVyYXRpb24oeyBzZWNvbmRzOiAzMCB9KVxuICAgIC5hc01pbGxpc2Vjb25kcygpO1xuXG4gIG9mZnNldE1zOiBudW1iZXIgPSBudWxsOyAvLyBNaWxsaXNlY29uZCBvZmZzZXQgb2YgbG9jYWwgY2xvY2suXG4gIHZlcmlmaWVkID0gZmFsc2U7IC8vIFZlcmlmaWVkIHdpdGggaW5kZXBlbmRlbnQgdGltZSBzb3VyY2VcblxuICBjb25zdHJ1Y3Rvcihwcml2YXRlIGF1dGg6IEF1dGhDbGFzcywgcHJpdmF0ZSBhcG9sbG86IEFwb2xsbykge31cblxuICBwcml2YXRlIGFzeW5jIGdldEFjY2Vzc1Rva2VuKCk6IFByb21pc2U8c3RyaW5nPiB7XG4gICAgdHJ5IHtcbiAgICAgIHJldHVybiAoYXdhaXQgdGhpcy5hdXRoLmN1cnJlbnRBdXRoZW50aWNhdGVkVXNlcigpKVxuICAgICAgICAuZ2V0U2lnbkluVXNlclNlc3Npb24oKVxuICAgICAgICAuZ2V0QWNjZXNzVG9rZW4oKVxuICAgICAgICAuZ2V0Snd0VG9rZW4oKTtcbiAgICB9IGNhdGNoIChlcnJvcikge1xuICAgICAgcmV0dXJuICcnOyAvLyBOb3QgYXV0aGVudGljYXRlZFxuICAgIH1cbiAgfVxuXG4gIC8vIEdldCB0aW1lIGZyb20gaW5kZXBlbmRlbnQgc291cmNlIHRvIGNvbmZpcm0uXG4gIHByaXZhdGUgYXN5bmMgdmVyaWZ5Q29nbml0bygpOiBQcm9taXNlPHZvaWQ+IHtcbiAgICBjb25zdCBhY2Nlc3NUb2tlbiA9IGF3YWl0IHRoaXMuZ2V0QWNjZXNzVG9rZW4oKTtcbiAgICBpZiAoIWFjY2Vzc1Rva2VuKSB7XG4gICAgICByZXR1cm47XG4gICAgfVxuXG4gICAgLy8gUmVxdWVzdCBoZWFkZXJzIGZyb20gQVdTIEFtcGxpZnkgQXV0aCBsaWJcbiAgICAvLyBhY2NlcHQ6ICovKlxuICAgIC8vIGFjY2VwdC1lbmNvZGluZzogZ3ppcCwgZGVmbGF0ZSwgYnJcbiAgICAvLyBhY2NlcHQtbGFuZ3VhZ2U6IGVuLUdCLGVuLVVTO3E9MC45LGVuO3E9MC44XG4gICAgLy8gY2FjaGUtY29udHJvbDogbm8tY2FjaGVcbiAgICAvLyBjb250ZW50LWxlbmd0aDogMTA4OVxuICAgIC8vIGNvbnRlbnQtdHlwZTogYXBwbGljYXRpb24veC1hbXotanNvbi0xLjFcbiAgICAvLyBvcmlnaW46IGh0dHA6Ly9sb2NhbGhvc3Q6NDIwMFxuICAgIC8vIHByYWdtYTogbm8tY2FjaGVcbiAgICAvLyByZWZlcmVyOiBodHRwOi8vbG9jYWxob3N0OjQyMDAvXG4gICAgLy8gc2VjLWZldGNoLWRlc3Q6IGVtcHR5XG4gICAgLy8gc2VjLWZldGNoLW1vZGU6IGNvcnNcbiAgICAvLyBzZWMtZmV0Y2gtc2l0ZTogY3Jvc3Mtc2l0ZVxuICAgIC8vIHVzZXItYWdlbnQ6IE1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgwLjAuMzk4Ny4xMzIgU2FmYXJpLzUzNy4zNlxuICAgIC8vIHgtYW16LXRhcmdldDogQVdTQ29nbml0b0lkZW50aXR5UHJvdmlkZXJTZXJ2aWNlLkdldFVzZXJcbiAgICAvLyB4LWFtei11c2VyLWFnZW50OiBhd3MtYW1wbGlmeS8wLjEueCBqc1xuXG4gICAgLy8gV2UgYXJlIG9ubHkgaW50ZXJlc3RlZCBpbiB0aGUgRGF0ZSBmaWVsZC5cbiAgICAvLyBBWjogSSBzdXBwb3NlIHdlIGNvdWxkIHVzZSBhbnkgZW5kLXBvaW50IHRoYXQgcHJvdmlkZXMgYSByZWxpYWJsZSBEYXRlIGZpZWxkIGluIHRoZSBoZWFkZXIuIEFuZCB3ZSBkb24ndFxuICAgIC8vIG5lZWQgdG8gYmUgYXV0aGVudGljYXRlZC4gRXZlbiBhIDQwMCByZXNwb25zZSB3b3VsZCBoYXZlIGEgRGF0ZSBoZWFkZXIuIEJ1dCB0aGUgd29ycnkgaXMgdGhhdCBBV1MgbWlnaHRcbiAgICAvLyB0aGluayBpdCdzIHNvbWUgc29ydCBvZiBhdHRhY2ssIGFuZCBibG9jayB0aGUgSVAgb3IgZG9tYWluLiBBdCBsZWFzdCBpbiBhbiBhdXRoZW50aWNhdGVkIGNhbGwgaXQgY2FuJ3QgYmVcbiAgICAvLyBzZWVuIGFzIGlsbGVnaXRpbWF0ZS5cbiAgICBjb25zdCByZXNwb25zZSA9IGF3YWl0IGZldGNoKFxuICAgICAgJ2h0dHBzOi8vY29nbml0by1pZHAuYXAtc291dGhlYXN0LTIuYW1hem9uYXdzLmNvbS8nLFxuICAgICAge1xuICAgICAgICBtZXRob2Q6ICdQT1NUJywgLy8gKkdFVCwgUE9TVCwgUFVULCBERUxFVEUsIGV0Yy5cbiAgICAgICAgbW9kZTogJ2NvcnMnLCAvLyBuby1jb3JzLCAqY29ycywgc2FtZS1vcmlnaW5cbiAgICAgICAgY2FjaGU6ICduby1jYWNoZScsIC8vICpkZWZhdWx0LCBuby1jYWNoZSwgcmVsb2FkLCBmb3JjZS1jYWNoZSwgb25seS1pZi1jYWNoZWRcbiAgICAgICAgaGVhZGVyczoge1xuICAgICAgICAgICd4LWFtei10YXJnZXQnOiAnQVdTQ29nbml0b0lkZW50aXR5UHJvdmlkZXJTZXJ2aWNlLkdldFVzZXInLFxuICAgICAgICAgICd4LWFtei11c2VyLWFnZW50JzogJ2F3cy1hbXBsaWZ5LzAuMS54IGpzJyxcbiAgICAgICAgICAnQ29udGVudC1UeXBlJzogJ2FwcGxpY2F0aW9uL3gtYW16LWpzb24tMS4xJyxcbiAgICAgICAgfSxcbiAgICAgICAgLy8gcmVkaXJlY3Q6ICdmb2xsb3cnLCAvLyBtYW51YWwsICpmb2xsb3csIGVycm9yXG4gICAgICAgIC8vIHJlZmVycmVyUG9saWN5OiAnbm8tcmVmZXJyZXInLCAvLyBuby1yZWZlcnJlciwgKm5vLXJlZmVycmVyLXdoZW4tZG93bmdyYWRlLCBvcmlnaW4sIG9yaWdpbi13aGVuLWNyb3NzLW9yaWdpbiwgc2FtZS1vcmlnaW4sIHN0cmljdC1vcmlnaW4sIHN0cmljdC1vcmlnaW4td2hlbi1jcm9zcy1vcmlnaW4sIHVuc2FmZS11cmxcbiAgICAgICAgYm9keTogSlNPTi5zdHJpbmdpZnkoe1xuICAgICAgICAgIEFjY2Vzc1Rva2VuOiBhY2Nlc3NUb2tlbixcbiAgICAgICAgfSksIC8vIGJvZHkgZGF0YSB0eXBlIG11c3QgbWF0Y2ggXCJDb250ZW50LVR5cGVcIiBoZWFkZXJcbiAgICAgIH1cbiAgICApO1xuXG4gICAgY29uc3Qgbm93ID0gRGF0ZS5ub3coKTtcblxuICAgIGNvbnN0IHZlcmlmeVRpbWUgPSBtb21lbnQocmVzcG9uc2UuaGVhZGVycy5nZXQoJ0RhdGUnKSkudmFsdWVPZigpO1xuICAgIGNvbnN0IHNlcnZlclRpbWUgPSBub3cgKyB0aGlzLm9mZnNldE1zO1xuICAgIGNvbnN0IGRpZmYgPSBNYXRoLmFicyhzZXJ2ZXJUaW1lIC0gdmVyaWZ5VGltZSk7XG5cbiAgICBpZiAoZGlmZiA+IHRoaXMuTUFYX0RJRkZfTVNFQykge1xuICAgICAgdGhyb3cgbmV3IExyRXhjZXB0aW9uKHtcbiAgICAgICAgY29kZTogTHJFcnJvckNvZGUuQmFkVGltZVN5bmMsXG4gICAgICAgIG1lc3NhZ2U6IGBTZXJ2ZXIgdGltZSBkb2VzIG5vdCBtYXRjaCBpbmRlcGVuZGVudCBzb3VyY2UuIFNlcnZlclRpbWU6ICR7c2VydmVyVGltZX0sIENvZ25pdG8gdGltZTogJHt2ZXJpZnlUaW1lfWAsXG4gICAgICB9KTtcbiAgICB9XG5cbiAgICB0aGlzLnZlcmlmaWVkID0gdHJ1ZTtcbiAgfVxuXG4gIHByaXZhdGUgYXN5bmMgcmVmcmVzaCgpOiBQcm9taXNlPHZvaWQ+IHtcbiAgICBjb25zdCBzdGFydCA9IERhdGUubm93KCk7XG4gICAgY29uc3QgcmVzID0gYXdhaXQgdGhpcy5hcG9sbG9cbiAgICAgIC5xdWVyeTx7IHNlcnZlclRpbWU6IFNlcnZlclRpbWUgfT4oeyBxdWVyeTogU2VydmVyVGltZVF1ZXJ5IH0pXG4gICAgICAudG9Qcm9taXNlKCk7XG4gICAgY29uc3QgZW5kID0gRGF0ZS5ub3coKTtcblxuICAgIGhhbmRsZUFwb2xsb0Vycm9yKHJlcy5lcnJvcnMpO1xuXG4gICAgY29uc3Qgc2VydmVyVGltZSA9IHBhcnNlSW50KHJlcy5kYXRhLnNlcnZlclRpbWUudGltZXN0YW1wLCAxMCk7XG5cbiAgICBjb25zdCByb3VuZHRyaXAgPSBlbmQgLSBzdGFydDtcbiAgICB0aGlzLm9mZnNldE1zID0gc2VydmVyVGltZSAtIChzdGFydCArIHJvdW5kdHJpcCAvIDIpO1xuXG4gICAgaWYgKHRoaXMuVkVSSUZZX0VOQUJMRUQpIHtcbiAgICAgIGF3YWl0IHRoaXMudmVyaWZ5Q29nbml0bygpO1xuICAgIH1cbiAgfVxuXG4gIGFzeW5jIHNlcnZlck5vdygpOiBQcm9taXNlPG51bWJlcj4ge1xuICAgIGxldCBuZWVkc1JlZnJlc2ggPSBmYWxzZTtcblxuICAgIC8vIEZpcnN0IGNhbGxcbiAgICBpZiAodGhpcy5vZmZzZXRNcyA9PT0gbnVsbCkge1xuICAgICAgbmVlZHNSZWZyZXNoID0gdHJ1ZTtcbiAgICB9XG5cbiAgICBpZiAodGhpcy5WRVJJRllfRU5BQkxFRCkge1xuICAgICAgLy8gbG9nZ2VkIGluIGJ1dCBub3QgeWV0IHZlcmlmaWVkIHRpbWUgbWF0Y2hlcy5cbiAgICAgIGlmICghdGhpcy52ZXJpZmllZCAmJiAoYXdhaXQgdGhpcy5nZXRBY2Nlc3NUb2tlbigpKSkge1xuICAgICAgICBuZWVkc1JlZnJlc2ggPSB0cnVlO1xuICAgICAgfVxuICAgIH1cblxuICAgIGlmIChuZWVkc1JlZnJlc2gpIHtcbiAgICAgIGF3YWl0IHRoaXMucmVmcmVzaCgpO1xuICAgIH1cblxuICAgIHJldHVybiBEYXRlLm5vdygpICsgdGhpcy5vZmZzZXRNcztcbiAgfVxufVxuIl19
|
|
@@ -0,0 +1,365 @@
|
|
|
1
|
+
import { __awaiter, __rest } from "tslib";
|
|
2
|
+
import { LrGraphQLService } from '../api/lr-graphql';
|
|
3
|
+
import { mapEdges, } from '../api/types';
|
|
4
|
+
import { EncryptionService } from '../encryption/encryption.service';
|
|
5
|
+
import { KeyFactoryService } from '../key/key-factory.service';
|
|
6
|
+
import { KeyGraphService } from '../key/key-graph.service';
|
|
7
|
+
import { KeyService } from '../key/key.service';
|
|
8
|
+
import * as slip from '../slip39/slip39.service';
|
|
9
|
+
import { LrBadArgumentException, LrBadStateException, } from '../_common/exceptions';
|
|
10
|
+
import { TpsKeysQuery } from './tp-assembly.private.gql';
|
|
11
|
+
export class TpAssemblyController {
|
|
12
|
+
constructor(injector) {
|
|
13
|
+
this.keyFactory = injector.get(KeyFactoryService);
|
|
14
|
+
this.keyService = injector.get(KeyService);
|
|
15
|
+
this.encryptionService = injector.get(EncryptionService);
|
|
16
|
+
this.keyGraph = injector.get(KeyGraphService);
|
|
17
|
+
this.slip39Service = injector.get(slip.Slip39Service);
|
|
18
|
+
this.lrGraphQl = injector.get(LrGraphQLService);
|
|
19
|
+
}
|
|
20
|
+
recoverAssemblyKey(partials) {
|
|
21
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
22
|
+
// Every receiverPbkCipher should contain this and they should all be the same.
|
|
23
|
+
let assemblyKeyParams;
|
|
24
|
+
const shares = partials.map((partial) => {
|
|
25
|
+
if (assemblyKeyParams) {
|
|
26
|
+
if (JSON.stringify(assemblyKeyParams) !==
|
|
27
|
+
JSON.stringify(partial.assemblyKeyParams)) {
|
|
28
|
+
throw new LrBadStateException('The assembly key parameters are different between the approvals.');
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
else {
|
|
32
|
+
assemblyKeyParams = partial.assemblyKeyParams;
|
|
33
|
+
}
|
|
34
|
+
return partial.slip39.share.mnemonics;
|
|
35
|
+
});
|
|
36
|
+
const rawAssemblyKey = yield this.slip39Service.recoverSecret(shares, this.slip39Passphrase);
|
|
37
|
+
return yield KeyFactoryService.asKey(Object.assign(Object.assign({}, assemblyKeyParams), { k: rawAssemblyKey }));
|
|
38
|
+
});
|
|
39
|
+
}
|
|
40
|
+
prepareTpWrappingKey(tp) {
|
|
41
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
42
|
+
return this.keyGraph.getKey(tp.wrappingKeyId);
|
|
43
|
+
});
|
|
44
|
+
}
|
|
45
|
+
prepareAssembly({ subjectKey, rootKey, }) {
|
|
46
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
47
|
+
const assemblyKey = yield this.keyFactory.createKey();
|
|
48
|
+
console.log('prepareAssembly assemblyKey', assemblyKey);
|
|
49
|
+
const _a = assemblyKey.toJSON(true), { k: rawAssemblyKey } = _a, assemblyKeyParams = __rest(_a, ["k"]);
|
|
50
|
+
const assemblyKeyVerifierPrk = yield this.keyFactory.createPkcSignKey();
|
|
51
|
+
const wrappedAssemblyKeyVerifierPrk = yield this.encryptionService.encryptToString(assemblyKey, assemblyKeyVerifierPrk.toJSON(true));
|
|
52
|
+
const assemblyKeyVerifierPbk = JSON.stringify(assemblyKeyVerifierPrk.toJSON());
|
|
53
|
+
const subjectKeyWrappedAssemblyKey = yield this.encryptionService.encryptToString(subjectKey, assemblyKey.toJSON(true));
|
|
54
|
+
// Encrypt the rootKey with the assemblyKey
|
|
55
|
+
const assemblyCipherData = yield this.encryptionService.encryptToString(assemblyKey, {
|
|
56
|
+
rootKey: rootKey.toJSON(true),
|
|
57
|
+
});
|
|
58
|
+
return {
|
|
59
|
+
assemblyKey,
|
|
60
|
+
rawAssemblyKey,
|
|
61
|
+
assemblyKeyParams,
|
|
62
|
+
subjectKeyWrappedAssemblyKey,
|
|
63
|
+
assemblyCipherData,
|
|
64
|
+
assemblyKeyVerifierPbk,
|
|
65
|
+
wrappedAssemblyKeyVerifierPrk,
|
|
66
|
+
};
|
|
67
|
+
});
|
|
68
|
+
}
|
|
69
|
+
prepareCreateSubAssemblies({ input, subjectKey, slipSubAssemblies, assemblyKeyParams, }) {
|
|
70
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
71
|
+
return Promise.all(input.map((sa, saIndex) => __awaiter(this, void 0, void 0, function* () {
|
|
72
|
+
const subjectCipherData = yield this.encryptionService.encryptToString(subjectKey, sa.subjectCipherDataClearJson || '');
|
|
73
|
+
const createApprovers = yield Promise.all(sa.approverTps.map((approverTp, approverIndex) => __awaiter(this, void 0, void 0, function* () {
|
|
74
|
+
return this.prepareApprover({
|
|
75
|
+
tp: approverTp,
|
|
76
|
+
approverIndex,
|
|
77
|
+
slipSubAssembly: slipSubAssemblies[saIndex],
|
|
78
|
+
assemblyKeyParams,
|
|
79
|
+
subjectKey,
|
|
80
|
+
});
|
|
81
|
+
})));
|
|
82
|
+
return {
|
|
83
|
+
singleReject: sa.singleReject,
|
|
84
|
+
quorum: sa.quorum,
|
|
85
|
+
subjectCipherData,
|
|
86
|
+
createApprovers,
|
|
87
|
+
};
|
|
88
|
+
})));
|
|
89
|
+
});
|
|
90
|
+
}
|
|
91
|
+
prepareUpdateSubAssemblies({ input, subjectKey, slipSubAssemblies, assemblyKeyParams, subAssemblies, }) {
|
|
92
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
93
|
+
if (slipSubAssemblies.length !== input.length) {
|
|
94
|
+
throw new LrBadArgumentException('The slipSubAssemblies must be the same length as the input');
|
|
95
|
+
}
|
|
96
|
+
return Promise.all(input.map((sa, saIndex) => __awaiter(this, void 0, void 0, function* () {
|
|
97
|
+
const subjectCipherData = yield this.encryptionService.encryptToString(subjectKey, sa.subjectCipherDataClearJson || '');
|
|
98
|
+
// Get the existing sub-assembly
|
|
99
|
+
const existingSa = subAssemblies.edges.find((edge) => edge.node.id === sa.id).node;
|
|
100
|
+
// Get approvers that do not exist yet
|
|
101
|
+
const createApprovers = [];
|
|
102
|
+
const updateApprovers = [];
|
|
103
|
+
sa.approverTps.forEach((tp) => {
|
|
104
|
+
var _a;
|
|
105
|
+
const approver = (_a = existingSa.approvers.edges.find((edge) => edge.node.tp.id === tp.tpId)) === null || _a === void 0 ? void 0 : _a.node;
|
|
106
|
+
if (approver) {
|
|
107
|
+
updateApprovers.push({
|
|
108
|
+
tp,
|
|
109
|
+
approverId: approver.id,
|
|
110
|
+
});
|
|
111
|
+
}
|
|
112
|
+
else {
|
|
113
|
+
createApprovers.push({
|
|
114
|
+
tp,
|
|
115
|
+
});
|
|
116
|
+
}
|
|
117
|
+
});
|
|
118
|
+
const slipSubAssembly = slipSubAssemblies[saIndex];
|
|
119
|
+
return {
|
|
120
|
+
subAssemblyId: sa.id,
|
|
121
|
+
singleReject: sa.singleReject,
|
|
122
|
+
quorum: sa.quorum,
|
|
123
|
+
subjectCipherData,
|
|
124
|
+
createApprovers: yield Promise.all(createApprovers.map(({ tp }, approverIndex) => __awaiter(this, void 0, void 0, function* () {
|
|
125
|
+
return this.prepareApprover({
|
|
126
|
+
tp,
|
|
127
|
+
approverIndex,
|
|
128
|
+
slipSubAssembly,
|
|
129
|
+
assemblyKeyParams,
|
|
130
|
+
subjectKey,
|
|
131
|
+
});
|
|
132
|
+
}))),
|
|
133
|
+
updateApprovers: yield Promise.all(updateApprovers.map(({ tp, approverId }, approverIndex) => __awaiter(this, void 0, void 0, function* () {
|
|
134
|
+
return this.prepareApprover({
|
|
135
|
+
approverId,
|
|
136
|
+
tp,
|
|
137
|
+
approverIndex: approverIndex + createApprovers.length,
|
|
138
|
+
slipSubAssembly,
|
|
139
|
+
assemblyKeyParams,
|
|
140
|
+
subjectKey,
|
|
141
|
+
});
|
|
142
|
+
}))),
|
|
143
|
+
};
|
|
144
|
+
})));
|
|
145
|
+
});
|
|
146
|
+
}
|
|
147
|
+
fillWrappingKeyId(input, tps) {
|
|
148
|
+
// Fill in wrappingKeyId if not present
|
|
149
|
+
input.forEach((sa) => {
|
|
150
|
+
sa.approverTps.forEach((approver) => {
|
|
151
|
+
if (!approver.wrappingKeyId) {
|
|
152
|
+
const tp = tps.find((x) => x.id === approver.tpId);
|
|
153
|
+
approver.wrappingKeyId = this.getTpWrappingKeyId(tp);
|
|
154
|
+
}
|
|
155
|
+
});
|
|
156
|
+
});
|
|
157
|
+
}
|
|
158
|
+
getInputApprovers(input) {
|
|
159
|
+
const tpIds = [];
|
|
160
|
+
input.forEach((sa) => {
|
|
161
|
+
sa.approverTps.forEach((approver) => {
|
|
162
|
+
tpIds.push(approver.tpId);
|
|
163
|
+
});
|
|
164
|
+
});
|
|
165
|
+
return tpIds;
|
|
166
|
+
}
|
|
167
|
+
prepareCreate(input) {
|
|
168
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
169
|
+
const rootKey = yield this.keyService.getCurrentRootKey();
|
|
170
|
+
const subjectKey = yield this.keyFactory.createKey();
|
|
171
|
+
const rootKeyWrappedSubjectKey = yield this.keyGraph.wrapKey(rootKey, subjectKey);
|
|
172
|
+
const _a = yield this.prepareAssembly({
|
|
173
|
+
rootKey: rootKey.jwk,
|
|
174
|
+
subjectKey,
|
|
175
|
+
}), { assemblyKey, rawAssemblyKey, assemblyKeyParams } = _a, assemblyInput = __rest(_a, ["assemblyKey", "rawAssemblyKey", "assemblyKeyParams"]);
|
|
176
|
+
const slipAssembly = yield this.prepareSlip39(input.createSubAssemblies, input.quorum, rawAssemblyKey);
|
|
177
|
+
const tpIds = this.getInputApprovers(input.createSubAssemblies);
|
|
178
|
+
// This should contain all the TPs that we need to update the assembly.
|
|
179
|
+
const tps = mapEdges((yield this.lrGraphQl.query({
|
|
180
|
+
query: TpsKeysQuery,
|
|
181
|
+
variables: {
|
|
182
|
+
ids: tpIds,
|
|
183
|
+
},
|
|
184
|
+
})).tps);
|
|
185
|
+
// Fill in wrappingKeyId if not present
|
|
186
|
+
this.fillWrappingKeyId(input.createSubAssemblies, tps);
|
|
187
|
+
const createSubAssemblies = yield this.prepareCreateSubAssemblies({
|
|
188
|
+
input: input.createSubAssemblies,
|
|
189
|
+
assemblyKeyParams,
|
|
190
|
+
slipSubAssemblies: slipAssembly.subAssemblies,
|
|
191
|
+
subjectKey,
|
|
192
|
+
});
|
|
193
|
+
const subjectCipherData = yield this.encryptionService.encryptToString(subjectKey, input.subjectCipherDataClearJson || '');
|
|
194
|
+
return {
|
|
195
|
+
assemblyKey,
|
|
196
|
+
mutationInput: Object.assign(Object.assign({}, assemblyInput), { singleReject: input.singleReject, quorum: input.quorum, subjectCipherData,
|
|
197
|
+
createSubAssemblies, rootKeyId: rootKey.id, rootKeyWrappedSubjectKey }),
|
|
198
|
+
};
|
|
199
|
+
});
|
|
200
|
+
}
|
|
201
|
+
getAssemblyApprovers(assembly) {
|
|
202
|
+
const tpIds = [];
|
|
203
|
+
// Find all TPs that belong to sub-assemblies
|
|
204
|
+
mapEdges(assembly.subAssemblies).map((sa) => {
|
|
205
|
+
mapEdges(sa.approvers).forEach((approver) => tpIds.push(approver.tp.id));
|
|
206
|
+
});
|
|
207
|
+
return tpIds;
|
|
208
|
+
}
|
|
209
|
+
prepareUpdate(input, assembly // TODO type this to only what we need.
|
|
210
|
+
) {
|
|
211
|
+
var _a;
|
|
212
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
213
|
+
input = Object.assign({ createSubAssemblies: [] }, input);
|
|
214
|
+
const createSubAssembliesInput = input.createSubAssemblies || [];
|
|
215
|
+
const updateSubAssembliesInput = input.updateSubAssemblies || [];
|
|
216
|
+
const deleteSubAssembliesInput = input.deleteSubAssemblies || [];
|
|
217
|
+
// Must have at least one.
|
|
218
|
+
if (createSubAssembliesInput.length === 0 &&
|
|
219
|
+
updateSubAssembliesInput.length === 0 &&
|
|
220
|
+
deleteSubAssembliesInput.length === 0) {
|
|
221
|
+
throw new LrBadArgumentException('Must specify at least one of: [createSubAssemblies, updateSubAssemblies, deleteSubAssemblies]');
|
|
222
|
+
}
|
|
223
|
+
const rootKey = yield this.keyService.getCurrentRootKey();
|
|
224
|
+
const subjectKey = yield this.keyGraph.getKey(assembly.subjectKey.id);
|
|
225
|
+
const _b = yield this.prepareAssembly({
|
|
226
|
+
rootKey: rootKey.jwk,
|
|
227
|
+
subjectKey: subjectKey.jwk,
|
|
228
|
+
}), { assemblyKey, rawAssemblyKey, assemblyKeyParams } = _b, assemblyInput = __rest(_b, ["assemblyKey", "rawAssemblyKey", "assemblyKeyParams"]);
|
|
229
|
+
// Find all the TPs that we need, duplicates are no problem.
|
|
230
|
+
// Existing approvers
|
|
231
|
+
const tpIds = this.getAssemblyApprovers(assembly).concat(this.getInputApprovers(createSubAssembliesInput), this.getInputApprovers(updateSubAssembliesInput));
|
|
232
|
+
// This should contain all the TPs that we need to update the assembly.
|
|
233
|
+
const tps = mapEdges((yield this.lrGraphQl.query({
|
|
234
|
+
query: TpsKeysQuery,
|
|
235
|
+
variables: {
|
|
236
|
+
ids: tpIds,
|
|
237
|
+
},
|
|
238
|
+
})).tps);
|
|
239
|
+
// Auto fill the updateSubAssemblies with existing sub assemblies if they are not
|
|
240
|
+
// explicitly deleted.
|
|
241
|
+
mapEdges(assembly.subAssemblies).forEach((existing) => {
|
|
242
|
+
// Deleting existing, don't include it
|
|
243
|
+
if (deleteSubAssembliesInput.includes(existing.id)) {
|
|
244
|
+
return;
|
|
245
|
+
}
|
|
246
|
+
// Update already specified in the input
|
|
247
|
+
if (updateSubAssembliesInput.some((sa) => sa.id === existing.id)) {
|
|
248
|
+
return;
|
|
249
|
+
}
|
|
250
|
+
const approverTps = mapEdges(existing.approvers).map((approver) => {
|
|
251
|
+
return {
|
|
252
|
+
tpId: approver.tp.id,
|
|
253
|
+
sharedCipherDataClearJson: approver.sharedCipherDataClearJson,
|
|
254
|
+
sharedCipherApprovalDataClearJson: approver.sharedCipherApprovalDataClearJson,
|
|
255
|
+
};
|
|
256
|
+
});
|
|
257
|
+
updateSubAssembliesInput.push({
|
|
258
|
+
id: existing.id,
|
|
259
|
+
quorum: existing.quorum,
|
|
260
|
+
singleReject: existing.singleReject,
|
|
261
|
+
approverTps,
|
|
262
|
+
subjectCipherDataClearJson: existing.subjectCipherDataClearJson,
|
|
263
|
+
});
|
|
264
|
+
});
|
|
265
|
+
// Fill in wrappingKeyId if not present
|
|
266
|
+
this.fillWrappingKeyId(createSubAssembliesInput, tps);
|
|
267
|
+
this.fillWrappingKeyId(updateSubAssembliesInput, tps);
|
|
268
|
+
let slipAssembly;
|
|
269
|
+
try {
|
|
270
|
+
slipAssembly = yield this.prepareSlip39((createSubAssembliesInput || []).concat(updateSubAssembliesInput || []), input.quorum, rawAssemblyKey);
|
|
271
|
+
}
|
|
272
|
+
catch (error) {
|
|
273
|
+
// TODO this sometimes happens. Maybe missing await.
|
|
274
|
+
console.log('Error while creating slip assembly', error);
|
|
275
|
+
}
|
|
276
|
+
const common = {
|
|
277
|
+
assemblyKeyParams,
|
|
278
|
+
subjectKey: subjectKey.jwk,
|
|
279
|
+
};
|
|
280
|
+
const createSubAssemblies = yield this.prepareCreateSubAssemblies(Object.assign(Object.assign({}, common), { input: createSubAssembliesInput,
|
|
281
|
+
// Need to match the slip sub assemblies to the input
|
|
282
|
+
slipSubAssemblies: slipAssembly.subAssemblies.slice(0, createSubAssembliesInput.length) }));
|
|
283
|
+
const updateSubAssemblies = yield this.prepareUpdateSubAssemblies(Object.assign(Object.assign({}, common), { input: updateSubAssembliesInput,
|
|
284
|
+
// Add an offset to the sub assemblies to skip the one that are created.
|
|
285
|
+
slipSubAssemblies: slipAssembly.subAssemblies.slice(createSubAssembliesInput.length), subAssemblies: assembly.subAssemblies }));
|
|
286
|
+
const subjectCipherData = yield this.encryptionService.encryptToString(subjectKey.jwk, (_a = input.subjectCipherDataClearJson) !== null && _a !== void 0 ? _a : assembly.subjectCipherDataClearJson);
|
|
287
|
+
return {
|
|
288
|
+
assemblyKey,
|
|
289
|
+
mutationInput: Object.assign(Object.assign({}, assemblyInput), { singleReject: input.singleReject, quorum: input.quorum, subjectCipherData, subjectKeyId: subjectKey.id, createSubAssemblies,
|
|
290
|
+
updateSubAssemblies }),
|
|
291
|
+
};
|
|
292
|
+
});
|
|
293
|
+
}
|
|
294
|
+
prepareApprover({ approverId, tp, approverIndex, slipSubAssembly, assemblyKeyParams, subjectKey, }) {
|
|
295
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
296
|
+
const tpWrappingKey = yield this.prepareTpWrappingKey(tp);
|
|
297
|
+
// shared key is rotated every time.
|
|
298
|
+
const sharedKey = yield this.keyFactory.createKey();
|
|
299
|
+
// For TP to access shared_key
|
|
300
|
+
const tpWrappedSharedKey = yield this.encryptionService.encryptToString(tpWrappingKey.jwk, sharedKey.toJSON(true));
|
|
301
|
+
// For subject to access shared_key
|
|
302
|
+
const subjectKeyWrappedSharedKey = yield this.encryptionService.encryptToString(subjectKey, sharedKey.toJSON(true));
|
|
303
|
+
// If quorum is 1, then using the same share for every member.
|
|
304
|
+
const share = slipSubAssembly.threshold === 1
|
|
305
|
+
? slipSubAssembly.shares[0]
|
|
306
|
+
: slipSubAssembly.shares[approverIndex];
|
|
307
|
+
const partialAssemblyKey = {
|
|
308
|
+
slip39: {
|
|
309
|
+
share,
|
|
310
|
+
subAssembly: {
|
|
311
|
+
quorum: slipSubAssembly.threshold,
|
|
312
|
+
size: slipSubAssembly.size,
|
|
313
|
+
},
|
|
314
|
+
},
|
|
315
|
+
assemblyKeyParams,
|
|
316
|
+
};
|
|
317
|
+
console.log('partialAssemblyKey', partialAssemblyKey);
|
|
318
|
+
const sharedCipherData = yield this.encryptionService.encryptToString(sharedKey, tp.sharedCipherDataClearJson || '');
|
|
319
|
+
const sharedCipherApprovalData = yield this.encryptionService.encryptToString(sharedKey, tp.sharedCipherApprovalDataClearJson || '');
|
|
320
|
+
const sharedCipherPartialAssemblyKey = yield this.encryptionService.encryptToString(sharedKey, partialAssemblyKey);
|
|
321
|
+
return {
|
|
322
|
+
tpWrappingKeyId: tpWrappingKey.id,
|
|
323
|
+
tpWrappedSharedKey,
|
|
324
|
+
subjectKeyWrappedSharedKey,
|
|
325
|
+
sharedCipherData,
|
|
326
|
+
sharedCipherApprovalData,
|
|
327
|
+
sharedCipherPartialAssemblyKey,
|
|
328
|
+
approverId: approverId || void 0,
|
|
329
|
+
tpId: approverId ? void 0 : tp.tpId,
|
|
330
|
+
};
|
|
331
|
+
});
|
|
332
|
+
}
|
|
333
|
+
validateApprovers(approvers) {
|
|
334
|
+
// Ensure all approvers have mkSharedKey.
|
|
335
|
+
for (const tp of approvers) {
|
|
336
|
+
if (!tp.currentUserSharedKey.userSharedKey.mkSharedKey) {
|
|
337
|
+
const msg = `tp ${tp.other.username} does not have mkSharedKey`;
|
|
338
|
+
console.log(msg);
|
|
339
|
+
throw new LrBadArgumentException(msg);
|
|
340
|
+
}
|
|
341
|
+
}
|
|
342
|
+
}
|
|
343
|
+
// Prepare slip39
|
|
344
|
+
prepareSlip39(subAssemblies, assemblyQuorum, rawAssemblyKey) {
|
|
345
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
346
|
+
// Is there enough sub assemblies to meet quorum
|
|
347
|
+
if (subAssemblies.length < assemblyQuorum) {
|
|
348
|
+
throw new LrBadArgumentException('Not enough sub assemblies to meet quorum');
|
|
349
|
+
}
|
|
350
|
+
const slipAssembly = new slip.Assembly(assemblyQuorum);
|
|
351
|
+
subAssemblies.forEach((sa, index) => {
|
|
352
|
+
let approverCount = sa.approverTps.length;
|
|
353
|
+
// slip39 restricts quorum == 1 to have only 1 member. So we just share the same
|
|
354
|
+
// partial key for all sub assembly members.
|
|
355
|
+
if (sa.quorum === 1) {
|
|
356
|
+
approverCount = 1;
|
|
357
|
+
}
|
|
358
|
+
slipAssembly.addSubAssembly(new slip.SubAssembly(index, sa.quorum, approverCount));
|
|
359
|
+
});
|
|
360
|
+
yield this.slip39Service.generateShares(rawAssemblyKey, this.slip39Passphrase, slipAssembly);
|
|
361
|
+
return slipAssembly;
|
|
362
|
+
});
|
|
363
|
+
}
|
|
364
|
+
}
|
|
365
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHAtYXNzZW1ibHkuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi9wcm9qZWN0cy9jb3JlL3NyYy9saWIvdHAtYXNzZW1ibHkvdHAtYXNzZW1ibHkudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUVBLE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxNQUFNLG1CQUFtQixDQUFDO0FBQ3JELE9BQU8sRUFHTCxRQUFRLEdBSVQsTUFBTSxjQUFjLENBQUM7QUFDdEIsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0sa0NBQWtDLENBQUM7QUFDckUsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0sNEJBQTRCLENBQUM7QUFDL0QsT0FBTyxFQUFFLGVBQWUsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBQzNELE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxvQkFBb0IsQ0FBQztBQUVoRCxPQUFPLEtBQUssSUFBSSxNQUFNLDBCQUEwQixDQUFDO0FBQ2pELE9BQU8sRUFDTCxzQkFBc0IsRUFDdEIsbUJBQW1CLEdBQ3BCLE1BQU0sdUJBQXVCLENBQUM7QUFDL0IsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLDJCQUEyQixDQUFDO0FBVXpELE1BQU0sT0FBZ0Isb0JBQW9CO0lBVXhDLFlBQVksUUFBa0I7UUFDNUIsSUFBSSxDQUFDLFVBQVUsR0FBRyxRQUFRLENBQUMsR0FBRyxDQUFDLGlCQUFpQixDQUFDLENBQUM7UUFDbEQsSUFBSSxDQUFDLFVBQVUsR0FBRyxRQUFRLENBQUMsR0FBRyxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBQzNDLElBQUksQ0FBQyxpQkFBaUIsR0FBRyxRQUFRLENBQUMsR0FBRyxDQUFDLGlCQUFpQixDQUFDLENBQUM7UUFDekQsSUFBSSxDQUFDLFFBQVEsR0FBRyxRQUFRLENBQUMsR0FBRyxDQUFDLGVBQWUsQ0FBQyxDQUFDO1FBQzlDLElBQUksQ0FBQyxhQUFhLEdBQUcsUUFBUSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLENBQUM7UUFDdEQsSUFBSSxDQUFDLFNBQVMsR0FBRyxRQUFRLENBQUMsR0FBRyxDQUFDLGdCQUFnQixDQUFDLENBQUM7SUFDbEQsQ0FBQztJQUlLLGtCQUFrQixDQUFDLFFBQThCOztZQUNyRCwrRUFBK0U7WUFDL0UsSUFBSSxpQkFBNkMsQ0FBQztZQUVsRCxNQUFNLE1BQU0sR0FBRyxRQUFRLENBQUMsR0FBRyxDQUFDLENBQUMsT0FBTyxFQUFFLEVBQUU7Z0JBQ3RDLElBQUksaUJBQWlCLEVBQUU7b0JBQ3JCLElBQ0UsSUFBSSxDQUFDLFNBQVMsQ0FBQyxpQkFBaUIsQ0FBQzt3QkFDakMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsaUJBQWlCLENBQUMsRUFDekM7d0JBQ0EsTUFBTSxJQUFJLG1CQUFtQixDQUMzQixrRUFBa0UsQ0FDbkUsQ0FBQztxQkFDSDtpQkFDRjtxQkFBTTtvQkFDTCxpQkFBaUIsR0FBRyxPQUFPLENBQUMsaUJBQWlCLENBQUM7aUJBQy9DO2dCQUNELE9BQU8sT0FBTyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsU0FBUyxDQUFDO1lBQ3hDLENBQUMsQ0FBQyxDQUFDO1lBRUgsTUFBTSxjQUFjLEdBQUcsTUFBTSxJQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsQ0FDM0QsTUFBTSxFQUNOLElBQUksQ0FBQyxnQkFBZ0IsQ0FDdEIsQ0FBQztZQUVGLE9BQU8sTUFBTSxpQkFBaUIsQ0FBQyxLQUFLLGlDQUMvQixpQkFBaUIsS0FDcEIsQ0FBQyxFQUFFLGNBQWMsSUFDakIsQ0FBQztRQUNMLENBQUM7S0FBQTtJQUVlLG9CQUFvQixDQUNsQyxFQUEyQjs7WUFFM0IsT0FBTyxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLENBQUM7UUFDaEQsQ0FBQztLQUFBO0lBRWUsZUFBZSxDQUFDLEVBQzlCLFVBQVUsRUFDVixPQUFPLEdBSVI7O1lBQ0MsTUFBTSxXQUFXLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQ3RELE9BQU8sQ0FBQyxHQUFHLENBQUMsNkJBQTZCLEVBQUUsV0FBVyxDQUFDLENBQUM7WUFFeEQsTUFBTSxLQUE4QyxXQUFXLENBQUMsTUFBTSxDQUNwRSxJQUFJLENBQ1MsRUFGVCxFQUFFLENBQUMsRUFBRSxjQUFjLE9BRVYsRUFGZSxpQkFBaUIsY0FBekMsS0FBMkMsQ0FFbEMsQ0FBQztZQUNoQixNQUFNLHNCQUFzQixHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1lBQ3hFLE1BQU0sNkJBQTZCLEdBQ2pDLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FDMUMsV0FBVyxFQUNYLHNCQUFzQixDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDcEMsQ0FBQztZQUNKLE1BQU0sc0JBQXNCLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FDM0Msc0JBQXNCLENBQUMsTUFBTSxFQUFFLENBQ2hDLENBQUM7WUFFRixNQUFNLDRCQUE0QixHQUNoQyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLENBQzFDLFVBQVUsRUFDVixXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUN6QixDQUFDO1lBRUosMkNBQTJDO1lBQzNDLE1BQU0sa0JBQWtCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxDQUNyRSxXQUFXLEVBQ1g7Z0JBQ0UsT0FBTyxFQUFFLE9BQU8sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDO2FBQzlCLENBQ0YsQ0FBQztZQUVGLE9BQU87Z0JBQ0wsV0FBVztnQkFDWCxjQUFjO2dCQUNkLGlCQUFpQjtnQkFDakIsNEJBQTRCO2dCQUM1QixrQkFBa0I7Z0JBQ2xCLHNCQUFzQjtnQkFDdEIsNkJBQTZCO2FBQzlCLENBQUM7UUFDSixDQUFDO0tBQUE7SUFFZSwwQkFBMEIsQ0FBQyxFQUN6QyxLQUFLLEVBQ0wsVUFBVSxFQUNWLGlCQUFpQixFQUNqQixpQkFBaUIsR0FNbEI7O1lBQ0MsT0FBTyxPQUFPLENBQUMsR0FBRyxDQUNoQixLQUFLLENBQUMsR0FBRyxDQUFDLENBQU8sRUFBRSxFQUFFLE9BQU8sRUFBRSxFQUFFO2dCQUM5QixNQUFNLGlCQUFpQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FDcEUsVUFBVSxFQUNWLEVBQUUsQ0FBQywwQkFBMEIsSUFBSSxFQUFFLENBQ3BDLENBQUM7Z0JBRUYsTUFBTSxlQUFlLEdBQUcsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUN2QyxFQUFFLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFPLFVBQVUsRUFBRSxhQUFhLEVBQUUsRUFBRTtvQkFDckQsT0FBQSxJQUFJLENBQUMsZUFBZSxDQUFDO3dCQUNuQixFQUFFLEVBQUUsVUFBVTt3QkFDZCxhQUFhO3dCQUNiLGVBQWUsRUFBRSxpQkFBaUIsQ0FBQyxPQUFPLENBQUM7d0JBQzNDLGlCQUFpQjt3QkFDakIsVUFBVTtxQkFDWCxDQUFDLENBQUE7a0JBQUEsQ0FDSCxDQUNGLENBQUM7Z0JBRUYsT0FBTztvQkFDTCxZQUFZLEVBQUUsRUFBRSxDQUFDLFlBQVk7b0JBQzdCLE1BQU0sRUFBRSxFQUFFLENBQUMsTUFBTTtvQkFDakIsaUJBQWlCO29CQUNqQixlQUFlO2lCQUNoQixDQUFDO1lBQ0osQ0FBQyxDQUFBLENBQUMsQ0FDSCxDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRWUsMEJBQTBCLENBQUMsRUFDekMsS0FBSyxFQUNMLFVBQVUsRUFDVixpQkFBaUIsRUFDakIsaUJBQWlCLEVBQ2pCLGFBQWEsR0FPZDs7WUFDQyxJQUFJLGlCQUFpQixDQUFDLE1BQU0sS0FBSyxLQUFLLENBQUMsTUFBTSxFQUFFO2dCQUM3QyxNQUFNLElBQUksc0JBQXNCLENBQzlCLDREQUE0RCxDQUM3RCxDQUFDO2FBQ0g7WUFFRCxPQUFPLE9BQU8sQ0FBQyxHQUFHLENBQ2hCLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBTyxFQUFFLEVBQUUsT0FBTyxFQUFFLEVBQUU7Z0JBQzlCLE1BQU0saUJBQWlCLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxDQUNwRSxVQUFVLEVBQ1YsRUFBRSxDQUFDLDBCQUEwQixJQUFJLEVBQUUsQ0FDcEMsQ0FBQztnQkFFRixnQ0FBZ0M7Z0JBQ2hDLE1BQU0sVUFBVSxHQUFHLGFBQWEsQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUN6QyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLEtBQUssRUFBRSxDQUFDLEVBQUUsQ0FDakMsQ0FBQyxJQUFJLENBQUM7Z0JBRVAsc0NBQXNDO2dCQUN0QyxNQUFNLGVBQWUsR0FBRyxFQUFFLENBQUM7Z0JBQzNCLE1BQU0sZUFBZSxHQUFHLEVBQUUsQ0FBQztnQkFFM0IsRUFBRSxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQyxFQUFFLEVBQUUsRUFBRTs7b0JBQzVCLE1BQU0sUUFBUSxTQUFHLFVBQVUsQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLElBQUksQ0FDOUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLEVBQUUsS0FBSyxFQUFFLENBQUMsSUFBSSxDQUN0QywwQ0FBRSxJQUFJLENBQUM7b0JBQ1IsSUFBSSxRQUFRLEVBQUU7d0JBQ1osZUFBZSxDQUFDLElBQUksQ0FBQzs0QkFDbkIsRUFBRTs0QkFDRixVQUFVLEVBQUUsUUFBUSxDQUFDLEVBQUU7eUJBQ3hCLENBQUMsQ0FBQztxQkFDSjt5QkFBTTt3QkFDTCxlQUFlLENBQUMsSUFBSSxDQUFDOzRCQUNuQixFQUFFO3lCQUNILENBQUMsQ0FBQztxQkFDSjtnQkFDSCxDQUFDLENBQUMsQ0FBQztnQkFFSCxNQUFNLGVBQWUsR0FBRyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsQ0FBQztnQkFFbkQsT0FBTztvQkFDTCxhQUFhLEVBQUUsRUFBRSxDQUFDLEVBQUU7b0JBQ3BCLFlBQVksRUFBRSxFQUFFLENBQUMsWUFBWTtvQkFDN0IsTUFBTSxFQUFFLEVBQUUsQ0FBQyxNQUFNO29CQUNqQixpQkFBaUI7b0JBQ2pCLGVBQWUsRUFBRSxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQ2hDLGVBQWUsQ0FBQyxHQUFHLENBQUMsQ0FBTyxFQUFFLEVBQUUsRUFBRSxFQUFFLGFBQWEsRUFBRSxFQUFFO3dCQUNsRCxPQUFBLElBQUksQ0FBQyxlQUFlLENBQUM7NEJBQ25CLEVBQUU7NEJBQ0YsYUFBYTs0QkFDYixlQUFlOzRCQUNmLGlCQUFpQjs0QkFDakIsVUFBVTt5QkFDWCxDQUFDLENBQUE7c0JBQUEsQ0FDSCxDQUNGO29CQUNELGVBQWUsRUFBRSxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQ2hDLGVBQWUsQ0FBQyxHQUFHLENBQUMsQ0FBTyxFQUFFLEVBQUUsRUFBRSxVQUFVLEVBQUUsRUFBRSxhQUFhLEVBQUUsRUFBRTt3QkFDOUQsT0FBQSxJQUFJLENBQUMsZUFBZSxDQUFDOzRCQUNuQixVQUFVOzRCQUNWLEVBQUU7NEJBQ0YsYUFBYSxFQUFFLGFBQWEsR0FBRyxlQUFlLENBQUMsTUFBTTs0QkFDckQsZUFBZTs0QkFDZixpQkFBaUI7NEJBQ2pCLFVBQVU7eUJBQ1gsQ0FBQyxDQUFBO3NCQUFBLENBQ0gsQ0FDRjtpQkFDRixDQUFDO1lBQ0osQ0FBQyxDQUFBLENBQUMsQ0FDSCxDQUFDO1FBQ0osQ0FBQztLQUFBO0lBRU8saUJBQWlCLENBQUMsS0FBaUMsRUFBRSxHQUFhO1FBQ3hFLHVDQUF1QztRQUN2QyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUU7WUFDbkIsRUFBRSxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRTtnQkFDbEMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxhQUFhLEVBQUU7b0JBQzNCLE1BQU0sRUFBRSxHQUFHLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxFQUFFLEtBQUssUUFBUSxDQUFDLElBQUksQ0FBQyxDQUFDO29CQUNuRCxRQUFRLENBQUMsYUFBYSxHQUFHLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQUMsQ0FBQztpQkFDdEQ7WUFDSCxDQUFDLENBQUMsQ0FBQztRQUNMLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVPLGlCQUFpQixDQUFDLEtBQWlDO1FBQ3pELE1BQU0sS0FBSyxHQUFhLEVBQUUsQ0FBQztRQUMzQixLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUU7WUFDbkIsRUFBRSxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRTtnQkFDbEMsS0FBSyxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDNUIsQ0FBQyxDQUFDLENBQUM7UUFDTCxDQUFDLENBQUMsQ0FBQztRQUNILE9BQU8sS0FBSyxDQUFDO0lBQ2YsQ0FBQztJQUVZLGFBQWEsQ0FBQyxLQUE0Qjs7WUFDckQsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFDMUQsTUFBTSxVQUFVLEdBQUcsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQ3JELE1BQU0sd0JBQXdCLEdBQUcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FDMUQsT0FBTyxFQUNQLFVBQVUsQ0FDWCxDQUFDO1lBRUYsTUFBTSxLQUNKLE1BQU0sSUFBSSxDQUFDLGVBQWUsQ0FBQztnQkFDekIsT0FBTyxFQUFFLE9BQU8sQ0FBQyxHQUFHO2dCQUNwQixVQUFVO2FBQ1gsQ0FBQyxFQUpFLEVBQUUsV0FBVyxFQUFFLGNBQWMsRUFBRSxpQkFBaUIsT0FJbEQsRUFKdUQsYUFBYSxjQUFsRSxzREFBb0UsQ0FJdEUsQ0FBQztZQUVMLE1BQU0sWUFBWSxHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FDM0MsS0FBSyxDQUFDLG1CQUFtQixFQUN6QixLQUFLLENBQUMsTUFBTSxFQUNaLGNBQWMsQ0FDZixDQUFDO1lBRUYsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLEtBQUssQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO1lBRWhFLHVFQUF1RTtZQUN2RSxNQUFNLEdBQUcsR0FBRyxRQUFRLENBQ2xCLENBQ0UsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQztnQkFDekIsS0FBSyxFQUFFLFlBQVk7Z0JBQ25CLFNBQVMsRUFBRTtvQkFDVCxHQUFHLEVBQUUsS0FBSztpQkFDWDthQUNGLENBQUMsQ0FDSCxDQUFDLEdBQUcsQ0FDTixDQUFDO1lBRUYsdUNBQXVDO1lBQ3ZDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLLENBQUMsbUJBQW1CLEVBQUUsR0FBRyxDQUFDLENBQUM7WUFFdkQsTUFBTSxtQkFBbUIsR0FBRyxNQUFNLElBQUksQ0FBQywwQkFBMEIsQ0FBQztnQkFDaEUsS0FBSyxFQUFFLEtBQUssQ0FBQyxtQkFBbUI7Z0JBQ2hDLGlCQUFpQjtnQkFDakIsaUJBQWlCLEVBQUUsWUFBWSxDQUFDLGFBQWE7Z0JBQzdDLFVBQVU7YUFDWCxDQUFDLENBQUM7WUFFSCxNQUFNLGlCQUFpQixHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FDcEUsVUFBVSxFQUNWLEtBQUssQ0FBQywwQkFBMEIsSUFBSSxFQUFFLENBQ3ZDLENBQUM7WUFFRixPQUFPO2dCQUNMLFdBQVc7Z0JBQ1gsYUFBYSxrQ0FDUixhQUFhLEtBQ2hCLFlBQVksRUFBRSxLQUFLLENBQUMsWUFBWSxFQUNoQyxNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU0sRUFDcEIsaUJBQWlCO29CQUNqQixtQkFBbUIsRUFDbkIsU0FBUyxFQUFFLE9BQU8sQ0FBQyxFQUFFLEVBQ3JCLHdCQUF3QixHQUN6QjthQUNGLENBQUM7UUFDSixDQUFDO0tBQUE7SUFFTyxvQkFBb0IsQ0FBQyxRQUF3QjtRQUNuRCxNQUFNLEtBQUssR0FBYSxFQUFFLENBQUM7UUFFM0IsNkNBQTZDO1FBQzdDLFFBQVEsQ0FBQyxRQUFRLENBQUMsYUFBYSxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUU7WUFDMUMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxTQUFTLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBQzNFLENBQUMsQ0FBQyxDQUFDO1FBRUgsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDO0lBRVksYUFBYSxDQUN4QixLQUE0QixFQUM1QixRQUF3QixDQUFDLHVDQUF1Qzs7OztZQUVoRSxLQUFLLG1CQUNILG1CQUFtQixFQUFFLEVBQUUsSUFDcEIsS0FBSyxDQUNULENBQUM7WUFFRixNQUFNLHdCQUF3QixHQUFHLEtBQUssQ0FBQyxtQkFBbUIsSUFBSSxFQUFFLENBQUM7WUFDakUsTUFBTSx3QkFBd0IsR0FBRyxLQUFLLENBQUMsbUJBQW1CLElBQUksRUFBRSxDQUFDO1lBQ2pFLE1BQU0sd0JBQXdCLEdBQUcsS0FBSyxDQUFDLG1CQUFtQixJQUFJLEVBQUUsQ0FBQztZQUVqRSwwQkFBMEI7WUFDMUIsSUFDRSx3QkFBd0IsQ0FBQyxNQUFNLEtBQUssQ0FBQztnQkFDckMsd0JBQXdCLENBQUMsTUFBTSxLQUFLLENBQUM7Z0JBQ3JDLHdCQUF3QixDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQ3JDO2dCQUNBLE1BQU0sSUFBSSxzQkFBc0IsQ0FDOUIsK0ZBQStGLENBQ2hHLENBQUM7YUFDSDtZQUVELE1BQU0sT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1lBQzFELE1BQU0sVUFBVSxHQUFHLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUV0RSxNQUFNLEtBQ0osTUFBTSxJQUFJLENBQUMsZUFBZSxDQUFDO2dCQUN6QixPQUFPLEVBQUUsT0FBTyxDQUFDLEdBQUc7Z0JBQ3BCLFVBQVUsRUFBRSxVQUFVLENBQUMsR0FBRzthQUMzQixDQUFDLEVBSkUsRUFBRSxXQUFXLEVBQUUsY0FBYyxFQUFFLGlCQUFpQixPQUlsRCxFQUp1RCxhQUFhLGNBQWxFLHNEQUFvRSxDQUl0RSxDQUFDO1lBRUwsNERBQTREO1lBQzVELHFCQUFxQjtZQUNyQixNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsb0JBQW9CLENBQUMsUUFBUSxDQUFDLENBQUMsTUFBTSxDQUN0RCxJQUFJLENBQUMsaUJBQWlCLENBQUMsd0JBQXdCLENBQUMsRUFDaEQsSUFBSSxDQUFDLGlCQUFpQixDQUFDLHdCQUF3QixDQUFDLENBQ2pELENBQUM7WUFFRix1RUFBdUU7WUFDdkUsTUFBTSxHQUFHLEdBQUcsUUFBUSxDQUNsQixDQUNFLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUM7Z0JBQ3pCLEtBQUssRUFBRSxZQUFZO2dCQUNuQixTQUFTLEVBQUU7b0JBQ1QsR0FBRyxFQUFFLEtBQUs7aUJBQ1g7YUFDRixDQUFDLENBQ0gsQ0FBQyxHQUFHLENBQ04sQ0FBQztZQUVGLGlGQUFpRjtZQUNqRixzQkFBc0I7WUFDdEIsUUFBUSxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRTtnQkFDcEQsc0NBQXNDO2dCQUN0QyxJQUFJLHdCQUF3QixDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsRUFBRSxDQUFDLEVBQUU7b0JBQ2xELE9BQU87aUJBQ1I7Z0JBRUQsd0NBQXdDO2dCQUN4QyxJQUFJLHdCQUF3QixDQUFDLElBQUksQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsRUFBRSxDQUFDLEVBQUUsS0FBSyxRQUFRLENBQUMsRUFBRSxDQUFDLEVBQUU7b0JBQ2hFLE9BQU87aUJBQ1I7Z0JBRUQsTUFBTSxXQUFXLEdBQThCLFFBQVEsQ0FDckQsUUFBUSxDQUFDLFNBQVMsQ0FDbkIsQ0FBQyxHQUFHLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRTtvQkFDakIsT0FBTzt3QkFDTCxJQUFJLEVBQUUsUUFBUSxDQUFDLEVBQUUsQ0FBQyxFQUFFO3dCQUNwQix5QkFBeUIsRUFBRSxRQUFRLENBQUMseUJBQXlCO3dCQUM3RCxpQ0FBaUMsRUFDL0IsUUFBUSxDQUFDLGlDQUFpQztxQkFDN0MsQ0FBQztnQkFDSixDQUFDLENBQUMsQ0FBQztnQkFFSCx3QkFBd0IsQ0FBQyxJQUFJLENBQUM7b0JBQzVCLEVBQUUsRUFBRSxRQUFRLENBQUMsRUFBRTtvQkFDZixNQUFNLEVBQUUsUUFBUSxDQUFDLE1BQU07b0JBQ3ZCLFlBQVksRUFBRSxRQUFRLENBQUMsWUFBWTtvQkFDbkMsV0FBVztvQkFDWCwwQkFBMEIsRUFBRSxRQUFRLENBQUMsMEJBQTBCO2lCQUNoRSxDQUFDLENBQUM7WUFDTCxDQUFDLENBQUMsQ0FBQztZQUVILHVDQUF1QztZQUN2QyxJQUFJLENBQUMsaUJBQWlCLENBQUMsd0JBQXdCLEVBQUUsR0FBRyxDQUFDLENBQUM7WUFDdEQsSUFBSSxDQUFDLGlCQUFpQixDQUFDLHdCQUF3QixFQUFFLEdBQUcsQ0FBQyxDQUFDO1lBRXRELElBQUksWUFBWSxDQUFDO1lBQ2pCLElBQUk7Z0JBQ0YsWUFBWSxHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FDckMsQ0FBQyx3QkFBd0IsSUFBSSxFQUFFLENBQUMsQ0FBQyxNQUFNLENBQUMsd0JBQXdCLElBQUksRUFBRSxDQUFDLEVBQ3ZFLEtBQUssQ0FBQyxNQUFNLEVBQ1osY0FBYyxDQUNmLENBQUM7YUFDSDtZQUFDLE9BQU8sS0FBSyxFQUFFO2dCQUNkLG9EQUFvRDtnQkFDcEQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxvQ0FBb0MsRUFBRSxLQUFLLENBQUMsQ0FBQzthQUMxRDtZQUVELE1BQU0sTUFBTSxHQUFHO2dCQUNiLGlCQUFpQjtnQkFDakIsVUFBVSxFQUFFLFVBQVUsQ0FBQyxHQUFHO2FBQzNCLENBQUM7WUFFRixNQUFNLG1CQUFtQixHQUFHLE1BQU0sSUFBSSxDQUFDLDBCQUEwQixpQ0FDNUQsTUFBTSxLQUNULEtBQUssRUFBRSx3QkFBd0I7Z0JBQy9CLHFEQUFxRDtnQkFDckQsaUJBQWlCLEVBQUUsWUFBWSxDQUFDLGFBQWEsQ0FBQyxLQUFLLENBQ2pELENBQUMsRUFDRCx3QkFBd0IsQ0FBQyxNQUFNLENBQ2hDLElBQ0QsQ0FBQztZQUVILE1BQU0sbUJBQW1CLEdBQUcsTUFBTSxJQUFJLENBQUMsMEJBQTBCLGlDQUM1RCxNQUFNLEtBQ1QsS0FBSyxFQUFFLHdCQUF3QjtnQkFDL0Isd0VBQXdFO2dCQUN4RSxpQkFBaUIsRUFBRSxZQUFZLENBQUMsYUFBYSxDQUFDLEtBQUssQ0FDakQsd0JBQXdCLENBQUMsTUFBTSxDQUNoQyxFQUNELGFBQWEsRUFBRSxRQUFRLENBQUMsYUFBYSxJQUNyQyxDQUFDO1lBRUgsTUFBTSxpQkFBaUIsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLENBQ3BFLFVBQVUsQ0FBQyxHQUFHLFFBQ2QsS0FBSyxDQUFDLDBCQUEwQixtQ0FBSSxRQUFRLENBQUMsMEJBQTBCLENBQ3hFLENBQUM7WUFFRixPQUFPO2dCQUNMLFdBQVc7Z0JBQ1gsYUFBYSxrQ0FDUixhQUFhLEtBQ2hCLFlBQVksRUFBRSxLQUFLLENBQUMsWUFBWSxFQUNoQyxNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU0sRUFDcEIsaUJBQWlCLEVBQ2pCLFlBQVksRUFBRSxVQUFVLENBQUMsRUFBRSxFQUMzQixtQkFBbUI7b0JBQ25CLG1CQUFtQixHQUNwQjthQUNGLENBQUM7O0tBQ0g7SUFFYSxlQUFlLENBQUMsRUFDNUIsVUFBVSxFQUNWLEVBQUUsRUFDRixhQUFhLEVBQ2IsZUFBZSxFQUNmLGlCQUFpQixFQUNqQixVQUFVLEdBUVg7O1lBQ0MsTUFBTSxhQUFhLEdBQUcsTUFBTSxJQUFJLENBQUMsb0JBQW9CLENBQUMsRUFBRSxDQUFDLENBQUM7WUFDMUQsb0NBQW9DO1lBQ3BDLE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUVwRCw4QkFBOEI7WUFDOUIsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLENBQ3JFLGFBQWEsQ0FBQyxHQUFHLEVBQ2pCLFNBQVMsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQ3ZCLENBQUM7WUFDRixtQ0FBbUM7WUFDbkMsTUFBTSwwQkFBMEIsR0FDOUIsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxDQUMxQyxVQUFVLEVBQ1YsU0FBUyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FDdkIsQ0FBQztZQUVKLDhEQUE4RDtZQUM5RCxNQUFNLEtBQUssR0FDVCxlQUFlLENBQUMsU0FBUyxLQUFLLENBQUM7Z0JBQzdCLENBQUMsQ0FBQyxlQUFlLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQztnQkFDM0IsQ0FBQyxDQUFDLGVBQWUsQ0FBQyxNQUFNLENBQUMsYUFBYSxDQUFDLENBQUM7WUFFNUMsTUFBTSxrQkFBa0IsR0FBdUI7Z0JBQzdDLE1BQU0sRUFBRTtvQkFDTixLQUFLO29CQUNMLFdBQVcsRUFBRTt3QkFDWCxNQUFNLEVBQUUsZUFBZSxDQUFDLFNBQVM7d0JBQ2pDLElBQUksRUFBRSxlQUFlLENBQUMsSUFBSTtxQkFDM0I7aUJBQ0Y7Z0JBQ0QsaUJBQWlCO2FBQ2xCLENBQUM7WUFFRixPQUFPLENBQUMsR0FBRyxDQUFDLG9CQUFvQixFQUFFLGtCQUFrQixDQUFDLENBQUM7WUFFdEQsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLENBQ25FLFNBQVMsRUFDVCxFQUFFLENBQUMseUJBQXlCLElBQUksRUFBRSxDQUNuQyxDQUFDO1lBRUYsTUFBTSx3QkFBd0IsR0FDNUIsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxDQUMxQyxTQUFTLEVBQ1QsRUFBRSxDQUFDLGlDQUFpQyxJQUFJLEVBQUUsQ0FDM0MsQ0FBQztZQUVKLE1BQU0sOEJBQThCLEdBQ2xDLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FDMUMsU0FBUyxFQUNULGtCQUFrQixDQUNuQixDQUFDO1lBRUosT0FBTztnQkFDTCxlQUFlLEVBQUUsYUFBYSxDQUFDLEVBQUU7Z0JBQ2pDLGtCQUFrQjtnQkFDbEIsMEJBQTBCO2dCQUMxQixnQkFBZ0I7Z0JBQ2hCLHdCQUF3QjtnQkFDeEIsOEJBQThCO2dCQUM5QixVQUFVLEVBQUUsVUFBVSxJQUFJLEtBQUssQ0FBQztnQkFDaEMsSUFBSSxFQUFFLFVBQVUsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxJQUFJO2FBQ3BDLENBQUM7UUFDSixDQUFDO0tBQUE7SUFFRCxpQkFBaUIsQ0FBQyxTQUFtQjtRQUNuQyx5Q0FBeUM7UUFDekMsS0FBSyxNQUFNLEVBQUUsSUFBSSxTQUFTLEVBQUU7WUFDMUIsSUFBSSxDQUFDLEVBQUUsQ0FBQyxvQkFBb0IsQ0FBQyxhQUFhLENBQUMsV0FBVyxFQUFFO2dCQUN0RCxNQUFNLEdBQUcsR0FBRyxNQUFNLEVBQUUsQ0FBQyxLQUFLLENBQUMsUUFBUSw0QkFBNEIsQ0FBQztnQkFDaEUsT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQztnQkFDakIsTUFBTSxJQUFJLHNCQUFzQixDQUFDLEdBQUcsQ0FBQyxDQUFDO2FBQ3ZDO1NBQ0Y7SUFDSCxDQUFDO0lBRUQsaUJBQWlCO0lBQ0QsYUFBYSxDQUMzQixhQUFhLEVBQ2IsY0FBc0IsRUFDdEIsY0FBc0I7O1lBRXRCLGdEQUFnRDtZQUNoRCxJQUFJLGFBQWEsQ0FBQyxNQUFNLEdBQUcsY0FBYyxFQUFFO2dCQUN6QyxNQUFNLElBQUksc0JBQXNCLENBQzlCLDBDQUEwQyxDQUMzQyxDQUFDO2FBQ0g7WUFFRCxNQUFNLFlBQVksR0FBRyxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsY0FBYyxDQUFDLENBQUM7WUFFdkQsYUFBYSxDQUFDLE9BQU8sQ0FBQyxDQUFDLEVBQUUsRUFBRSxLQUFLLEVBQUUsRUFBRTtnQkFDbEMsSUFBSSxhQUFhLEdBQUcsRUFBRSxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUM7Z0JBRTFDLGdGQUFnRjtnQkFDaEYsNENBQTRDO2dCQUM1QyxJQUFJLEVBQUUsQ0FBQyxNQUFNLEtBQUssQ0FBQyxFQUFFO29CQUNuQixhQUFhLEdBQUcsQ0FBQyxDQUFDO2lCQUNuQjtnQkFDRCxZQUFZLENBQUMsY0FBYyxDQUN6QixJQUFJLElBQUksQ0FBQyxXQUFXLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxNQUFNLEVBQUUsYUFBYSxDQUFDLENBQ3RELENBQUM7WUFDSixDQUFDLENBQUMsQ0FBQztZQUVILE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FBQyxjQUFjLENBQ3JDLGNBQWMsRUFDZCxJQUFJLENBQUMsZ0JBQWdCLEVBQ3JCLFlBQVksQ0FDYixDQUFDO1lBQ0YsT0FBTyxZQUFZLENBQUM7UUFDdEIsQ0FBQztLQUFBO0NBQ0YiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBJbmplY3RvciB9IGZyb20gJ0Bhbmd1bGFyL2NvcmUnO1xuaW1wb3J0IHsgSldLIH0gZnJvbSAnbm9kZS1qb3NlJztcbmltcG9ydCB7IExyR3JhcGhRTFNlcnZpY2UgfSBmcm9tICcuLi9hcGkvbHItZ3JhcGhxbCc7XG5pbXBvcnQge1xuICBDb25uZWN0aW9uLFxuICBKU09OT2JqZWN0LFxuICBtYXBFZGdlcyxcbiAgVHBBc3NlbWJseU5vZGUsXG4gIFRwTm9kZSxcbiAgVHBTdWJBc3NlbWJseU5vZGUsXG59IGZyb20gJy4uL2FwaS90eXBlcyc7XG5pbXBvcnQgeyBFbmNyeXB0aW9uU2VydmljZSB9IGZyb20gJy4uL2VuY3J5cHRpb24vZW5jcnlwdGlvbi5zZXJ2aWNlJztcbmltcG9ydCB7IEtleUZhY3RvcnlTZXJ2aWNlIH0gZnJvbSAnLi4va2V5L2tleS1mYWN0b3J5LnNlcnZpY2UnO1xuaW1wb3J0IHsgS2V5R3JhcGhTZXJ2aWNlIH0gZnJvbSAnLi4va2V5L2tleS1ncmFwaC5zZXJ2aWNlJztcbmltcG9ydCB7IEtleVNlcnZpY2UgfSBmcm9tICcuLi9rZXkva2V5LnNlcnZpY2UnO1xuaW1wb3J0IHsgS2V5IH0gZnJvbSAnLi4va2V5L2tleS50eXBlcyc7XG5pbXBvcnQgKiBhcyBzbGlwIGZyb20gJy4uL3NsaXAzOS9zbGlwMzkuc2VydmljZSc7XG5pbXBvcnQge1xuICBMckJhZEFyZ3VtZW50RXhjZXB0aW9uLFxuICBMckJhZFN0YXRlRXhjZXB0aW9uLFxufSBmcm9tICcuLi9fY29tbW9uL2V4Y2VwdGlvbnMnO1xuaW1wb3J0IHsgVHBzS2V5c1F1ZXJ5IH0gZnJvbSAnLi90cC1hc3NlbWJseS5wcml2YXRlLmdxbCc7XG5pbXBvcnQge1xuICBDcmVhdGVUcEFzc2VtYmx5SW5wdXQsXG4gIENyZWF0ZVRwU3ViQXNzZW1ibHlJbnB1dCxcbiAgUGFydGlhbEFzc2VtYmx5S2V5LFxuICBUcEFzc2VtYmx5QXBwcm92ZXJJbnB1dCxcbiAgVXBkYXRlVHBBc3NlbWJseUlucHV0LFxuICBVcGRhdGVUcFN1YkFzc2VtYmx5SW5wdXQsXG59IGZyb20gJy4vdHAtYXNzZW1ibHkudHlwZXMnO1xuXG5leHBvcnQgYWJzdHJhY3QgY2xhc3MgVHBBc3NlbWJseUNvbnRyb2xsZXIge1xuICBhYnN0cmFjdCBzbGlwMzlQYXNzcGhyYXNlOiBzdHJpbmc7XG5cbiAgcHJvdGVjdGVkIGtleUZhY3Rvcnk6IEtleUZhY3RvcnlTZXJ2aWNlO1xuICBwcm90ZWN0ZWQga2V5U2VydmljZTogS2V5U2VydmljZTtcbiAgcHJvdGVjdGVkIGVuY3J5cHRpb25TZXJ2aWNlOiBFbmNyeXB0aW9uU2VydmljZTtcbiAgcHJvdGVjdGVkIGtleUdyYXBoOiBLZXlHcmFwaFNlcnZpY2U7XG4gIHByb3RlY3RlZCBzbGlwMzlTZXJ2aWNlOiBzbGlwLlNsaXAzOVNlcnZpY2U7XG4gIHByb3RlY3RlZCBsckdyYXBoUWw6IExyR3JhcGhRTFNlcnZpY2U7XG5cbiAgY29uc3RydWN0b3IoaW5qZWN0b3I6IEluamVjdG9yKSB7XG4gICAgdGhpcy5rZXlGYWN0b3J5ID0gaW5qZWN0b3IuZ2V0KEtleUZhY3RvcnlTZXJ2aWNlKTtcbiAgICB0aGlzLmtleVNlcnZpY2UgPSBpbmplY3Rvci5nZXQoS2V5U2VydmljZSk7XG4gICAgdGhpcy5lbmNyeXB0aW9uU2VydmljZSA9IGluamVjdG9yLmdldChFbmNyeXB0aW9uU2VydmljZSk7XG4gICAgdGhpcy5rZXlHcmFwaCA9IGluamVjdG9yLmdldChLZXlHcmFwaFNlcnZpY2UpO1xuICAgIHRoaXMuc2xpcDM5U2VydmljZSA9IGluamVjdG9yLmdldChzbGlwLlNsaXAzOVNlcnZpY2UpO1xuICAgIHRoaXMubHJHcmFwaFFsID0gaW5qZWN0b3IuZ2V0KExyR3JhcGhRTFNlcnZpY2UpO1xuICB9XG5cbiAgYWJzdHJhY3QgZ2V0VHBXcmFwcGluZ0tleUlkKHRwOiBUcE5vZGUpOiBzdHJpbmc7XG5cbiAgYXN5bmMgcmVjb3ZlckFzc2VtYmx5S2V5KHBhcnRpYWxzOiBQYXJ0aWFsQXNzZW1ibHlLZXlbXSkge1xuICAgIC8vIEV2ZXJ5IHJlY2VpdmVyUGJrQ2lwaGVyIHNob3VsZCBjb250YWluIHRoaXMgYW5kIHRoZXkgc2hvdWxkIGFsbCBiZSB0aGUgc2FtZS5cbiAgICBsZXQgYXNzZW1ibHlLZXlQYXJhbXM6IFJlY29yZDxzdHJpbmcsIEpTT05PYmplY3Q+O1xuXG4gICAgY29uc3Qgc2hhcmVzID0gcGFydGlhbHMubWFwKChwYXJ0aWFsKSA9PiB7XG4gICAgICBpZiAoYXNzZW1ibHlLZXlQYXJhbXMpIHtcbiAgICAgICAgaWYgKFxuICAgICAgICAgIEpTT04uc3RyaW5naWZ5KGFzc2VtYmx5S2V5UGFyYW1zKSAhPT1cbiAgICAgICAgICBKU09OLnN0cmluZ2lmeShwYXJ0aWFsLmFzc2VtYmx5S2V5UGFyYW1zKVxuICAgICAgICApIHtcbiAgICAgICAgICB0aHJvdyBuZXcgTHJCYWRTdGF0ZUV4Y2VwdGlvbihcbiAgICAgICAgICAgICdUaGUgYXNzZW1ibHkga2V5IHBhcmFtZXRlcnMgYXJlIGRpZmZlcmVudCBiZXR3ZWVuIHRoZSBhcHByb3ZhbHMuJ1xuICAgICAgICAgICk7XG4gICAgICAgIH1cbiAgICAgIH0gZWxzZSB7XG4gICAgICAgIGFzc2VtYmx5S2V5UGFyYW1zID0gcGFydGlhbC5hc3NlbWJseUtleVBhcmFtcztcbiAgICAgIH1cbiAgICAgIHJldHVybiBwYXJ0aWFsLnNsaXAzOS5zaGFyZS5tbmVtb25pY3M7XG4gICAgfSk7XG5cbiAgICBjb25zdCByYXdBc3NlbWJseUtleSA9IGF3YWl0IHRoaXMuc2xpcDM5U2VydmljZS5yZWNvdmVyU2VjcmV0KFxuICAgICAgc2hhcmVzLFxuICAgICAgdGhpcy5zbGlwMzlQYXNzcGhyYXNlXG4gICAgKTtcblxuICAgIHJldHVybiBhd2FpdCBLZXlGYWN0b3J5U2VydmljZS5hc0tleSh7XG4gICAgICAuLi5hc3NlbWJseUtleVBhcmFtcyxcbiAgICAgIGs6IHJhd0Fzc2VtYmx5S2V5LFxuICAgIH0pO1xuICB9XG5cbiAgcHJvdGVjdGVkIGFzeW5jIHByZXBhcmVUcFdyYXBwaW5nS2V5KFxuICAgIHRwOiBUcEFzc2VtYmx5QXBwcm92ZXJJbnB1dFxuICApOiBQcm9taXNlPEtleT4ge1xuICAgIHJldHVybiB0aGlzLmtleUdyYXBoLmdldEtleSh0cC53cmFwcGluZ0tleUlkKTtcbiAgfVxuXG4gIHByb3RlY3RlZCBhc3luYyBwcmVwYXJlQXNzZW1ibHkoe1xuICAgIHN1YmplY3RLZXksXG4gICAgcm9vdEtleSxcbiAgfToge1xuICAgIHN1YmplY3RLZXk6IEpXSy5LZXk7XG4gICAgcm9vdEtleTogSldLLktleTtcbiAgfSkge1xuICAgIGNvbnN0IGFzc2VtYmx5S2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuICAgIGNvbnNvbGUubG9nKCdwcmVwYXJlQXNzZW1ibHkgYXNzZW1ibHlLZXknLCBhc3NlbWJseUtleSk7XG5cbiAgICBjb25zdCB7IGs6IHJhd0Fzc2VtYmx5S2V5LCAuLi5hc3NlbWJseUtleVBhcmFtcyB9ID0gYXNzZW1ibHlLZXkudG9KU09OKFxuICAgICAgdHJ1ZVxuICAgICkgYXMgSlNPTk9iamVjdDtcbiAgICBjb25zdCBhc3NlbWJseUtleVZlcmlmaWVyUHJrID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZVBrY1NpZ25LZXkoKTtcbiAgICBjb25zdCB3cmFwcGVkQXNzZW1ibHlLZXlWZXJpZmllclByayA9XG4gICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcbiAgICAgICAgYXNzZW1ibHlLZXksXG4gICAgICAgIGFzc2VtYmx5S2V5VmVyaWZpZXJQcmsudG9KU09OKHRydWUpXG4gICAgICApO1xuICAgIGNvbnN0IGFzc2VtYmx5S2V5VmVyaWZpZXJQYmsgPSBKU09OLnN0cmluZ2lmeShcbiAgICAgIGFzc2VtYmx5S2V5VmVyaWZpZXJQcmsudG9KU09OKClcbiAgICApO1xuXG4gICAgY29uc3Qgc3ViamVjdEtleVdyYXBwZWRBc3NlbWJseUtleSA9XG4gICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcbiAgICAgICAgc3ViamVjdEtleSxcbiAgICAgICAgYXNzZW1ibHlLZXkudG9KU09OKHRydWUpXG4gICAgICApO1xuXG4gICAgLy8gRW5jcnlwdCB0aGUgcm9vdEtleSB3aXRoIHRoZSBhc3NlbWJseUtleVxuICAgIGNvbnN0IGFzc2VtYmx5Q2lwaGVyRGF0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdFRvU3RyaW5nKFxuICAgICAgYXNzZW1ibHlLZXksXG4gICAgICB7XG4gICAgICAgIHJvb3RLZXk6IHJvb3RLZXkudG9KU09OKHRydWUpLFxuICAgICAgfVxuICAgICk7XG5cbiAgICByZXR1cm4ge1xuICAgICAgYXNzZW1ibHlLZXksXG4gICAgICByYXdBc3NlbWJseUtleSxcbiAgICAgIGFzc2VtYmx5S2V5UGFyYW1zLFxuICAgICAgc3ViamVjdEtleVdyYXBwZWRBc3NlbWJseUtleSxcbiAgICAgIGFzc2VtYmx5Q2lwaGVyRGF0YSxcbiAgICAgIGFzc2VtYmx5S2V5VmVyaWZpZXJQYmssXG4gICAgICB3cmFwcGVkQXNzZW1ibHlLZXlWZXJpZmllclByayxcbiAgICB9O1xuICB9XG5cbiAgcHJvdGVjdGVkIGFzeW5jIHByZXBhcmVDcmVhdGVTdWJBc3NlbWJsaWVzKHtcbiAgICBpbnB1dCxcbiAgICBzdWJqZWN0S2V5LFxuICAgIHNsaXBTdWJBc3NlbWJsaWVzLFxuICAgIGFzc2VtYmx5S2V5UGFyYW1zLFxuICB9OiB7XG4gICAgaW5wdXQ6IENyZWF0ZVRwU3ViQXNzZW1ibHlJbnB1dFtdO1xuICAgIHN1YmplY3RLZXk6IEpXSy5LZXk7XG4gICAgc2xpcFN1YkFzc2VtYmxpZXM6IHNsaXAuU3ViQXNzZW1ibHlbXTtcbiAgICBhc3NlbWJseUtleVBhcmFtczsgLy8gVE9ETyB0eXBlIHRoaXNcbiAgfSkge1xuICAgIHJldHVybiBQcm9taXNlLmFsbChcbiAgICAgIGlucHV0Lm1hcChhc3luYyAoc2EsIHNhSW5kZXgpID0+IHtcbiAgICAgICAgY29uc3Qgc3ViamVjdENpcGhlckRhdGEgPSBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcbiAgICAgICAgICBzdWJqZWN0S2V5LFxuICAgICAgICAgIHNhLnN1YmplY3RDaXBoZXJEYXRhQ2xlYXJKc29uIHx8ICcnXG4gICAgICAgICk7XG5cbiAgICAgICAgY29uc3QgY3JlYXRlQXBwcm92ZXJzID0gYXdhaXQgUHJvbWlzZS5hbGwoXG4gICAgICAgICAgc2EuYXBwcm92ZXJUcHMubWFwKGFzeW5jIChhcHByb3ZlclRwLCBhcHByb3ZlckluZGV4KSA9PlxuICAgICAgICAgICAgdGhpcy5wcmVwYXJlQXBwcm92ZXIoe1xuICAgICAgICAgICAgICB0cDogYXBwcm92ZXJUcCxcbiAgICAgICAgICAgICAgYXBwcm92ZXJJbmRleCxcbiAgICAgICAgICAgICAgc2xpcFN1YkFzc2VtYmx5OiBzbGlwU3ViQXNzZW1ibGllc1tzYUluZGV4XSxcbiAgICAgICAgICAgICAgYXNzZW1ibHlLZXlQYXJhbXMsXG4gICAgICAgICAgICAgIHN1YmplY3RLZXksXG4gICAgICAgICAgICB9KVxuICAgICAgICAgIClcbiAgICAgICAgKTtcblxuICAgICAgICByZXR1cm4ge1xuICAgICAgICAgIHNpbmdsZVJlamVjdDogc2Euc2luZ2xlUmVqZWN0LFxuICAgICAgICAgIHF1b3J1bTogc2EucXVvcnVtLFxuICAgICAgICAgIHN1YmplY3RDaXBoZXJEYXRhLFxuICAgICAgICAgIGNyZWF0ZUFwcHJvdmVycyxcbiAgICAgICAgfTtcbiAgICAgIH0pXG4gICAgKTtcbiAgfVxuXG4gIHByb3RlY3RlZCBhc3luYyBwcmVwYXJlVXBkYXRlU3ViQXNzZW1ibGllcyh7XG4gICAgaW5wdXQsXG4gICAgc3ViamVjdEtleSxcbiAgICBzbGlwU3ViQXNzZW1ibGllcyxcbiAgICBhc3NlbWJseUtleVBhcmFtcyxcbiAgICBzdWJBc3NlbWJsaWVzLFxuICB9OiB7XG4gICAgaW5wdXQ6IFVwZGF0ZVRwU3ViQXNzZW1ibHlJbnB1dFtdO1xuICAgIHN1YmplY3RLZXk6IEpXSy5LZXk7XG4gICAgc2xpcFN1YkFzc2VtYmxpZXM6IHNsaXAuU3ViQXNzZW1ibHlbXTtcbiAgICBhc3NlbWJseUtleVBhcmFtczsgLy8gVE9ETyB0eXBlIHRoaXNcbiAgICBzdWJBc3NlbWJsaWVzOiBDb25uZWN0aW9uPFRwU3ViQXNzZW1ibHlOb2RlPjtcbiAgfSkge1xuICAgIGlmIChzbGlwU3ViQXNzZW1ibGllcy5sZW5ndGggIT09IGlucHV0Lmxlbmd0aCkge1xuICAgICAgdGhyb3cgbmV3IExyQmFkQXJndW1lbnRFeGNlcHRpb24oXG4gICAgICAgICdUaGUgc2xpcFN1YkFzc2VtYmxpZXMgbXVzdCBiZSB0aGUgc2FtZSBsZW5ndGggYXMgdGhlIGlucHV0J1xuICAgICAgKTtcbiAgICB9XG5cbiAgICByZXR1cm4gUHJvbWlzZS5hbGwoXG4gICAgICBpbnB1dC5tYXAoYXN5bmMgKHNhLCBzYUluZGV4KSA9PiB7XG4gICAgICAgIGNvbnN0IHN1YmplY3RDaXBoZXJEYXRhID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0VG9TdHJpbmcoXG4gICAgICAgICAgc3ViamVjdEtleSxcbiAgICAgICAgICBzYS5zdWJqZWN0Q2lwaGVyRGF0YUNsZWFySnNvbiB8fCAnJ1xuICAgICAgICApO1xuXG4gICAgICAgIC8vIEdldCB0aGUgZXhpc3Rpbmcgc3ViLWFzc2VtYmx5XG4gICAgICAgIGNvbnN0IGV4aXN0aW5nU2EgPSBzdWJBc3NlbWJsaWVzLmVkZ2VzLmZpbmQoXG4gICAgICAgICAgKGVkZ2UpID0+IGVkZ2Uubm9kZS5pZCA9PT0gc2EuaWRcbiAgICAgICAgKS5ub2RlO1xuXG4gICAgICAgIC8vIEdldCBhcHByb3ZlcnMgdGhhdCBkbyBub3QgZXhpc3QgeWV0XG4gICAgICAgIGNvbnN0IGNyZWF0ZUFwcHJvdmVycyA9IFtdO1xuICAgICAgICBjb25zdCB1cGRhdGVBcHByb3ZlcnMgPSBbXTtcblxuICAgICAgICBzYS5hcHByb3ZlclRwcy5mb3JFYWNoKCh0cCkgPT4ge1xuICAgICAgICAgIGNvbnN0IGFwcHJvdmVyID0gZXhpc3RpbmdTYS5hcHByb3ZlcnMuZWRnZXMuZmluZChcbiAgICAgICAgICAgIChlZGdlKSA9PiBlZGdlLm5vZGUudHAuaWQgPT09IHRwLnRwSWRcbiAgICAgICAgICApPy5ub2RlO1xuICAgICAgICAgIGlmIChhcHByb3Zlcikge1xuICAgICAgICAgICAgdXBkYXRlQXBwcm92ZXJzLnB1c2goe1xuICAgICAgICAgICAgICB0cCxcbiAgICAgICAgICAgICAgYXBwcm92ZXJJZDogYXBwcm92ZXIuaWQsXG4gICAgICAgICAgICB9KTtcbiAgICAgICAgICB9IGVsc2Uge1xuICAgICAgICAgICAgY3JlYXRlQXBwcm92ZXJzLnB1c2goe1xuICAgICAgICAgICAgICB0cCxcbiAgICAgICAgICAgIH0pO1xuICAgICAgICAgIH1cbiAgICAgICAgfSk7XG5cbiAgICAgICAgY29uc3Qgc2xpcFN1YkFzc2VtYmx5ID0gc2xpcFN1YkFzc2VtYmxpZXNbc2FJbmRleF07XG5cbiAgICAgICAgcmV0dXJuIHtcbiAgICAgICAgICBzdWJBc3NlbWJseUlkOiBzYS5pZCxcbiAgICAgICAgICBzaW5nbGVSZWplY3Q6IHNhLnNpbmdsZVJlamVjdCxcbiAgICAgICAgICBxdW9ydW06IHNhLnF1b3J1bSxcbiAgICAgICAgICBzdWJqZWN0Q2lwaGVyRGF0YSxcbiAgICAgICAgICBjcmVhdGVBcHByb3ZlcnM6IGF3YWl0IFByb21pc2UuYWxsKFxuICAgICAgICAgICAgY3JlYXRlQXBwcm92ZXJzLm1hcChhc3luYyAoeyB0cCB9LCBhcHByb3ZlckluZGV4KSA9PlxuICAgICAgICAgICAgICB0aGlzLnByZXBhcmVBcHByb3Zlcih7XG4gICAgICAgICAgICAgICAgdHAsXG4gICAgICAgICAgICAgICAgYXBwcm92ZXJJbmRleCxcbiAgICAgICAgICAgICAgICBzbGlwU3ViQXNzZW1ibHksXG4gICAgICAgICAgICAgICAgYXNzZW1ibHlLZXlQYXJhbXMsXG4gICAgICAgICAgICAgICAgc3ViamVjdEtleSxcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgIClcbiAgICAgICAgICApLFxuICAgICAgICAgIHVwZGF0ZUFwcHJvdmVyczogYXdhaXQgUHJvbWlzZS5hbGwoXG4gICAgICAgICAgICB1cGRhdGVBcHByb3ZlcnMubWFwKGFzeW5jICh7IHRwLCBhcHByb3ZlcklkIH0sIGFwcHJvdmVySW5kZXgpID0+XG4gICAgICAgICAgICAgIHRoaXMucHJlcGFyZUFwcHJvdmVyKHtcbiAgICAgICAgICAgICAgICBhcHByb3ZlcklkLFxuICAgICAgICAgICAgICAgIHRwLFxuICAgICAgICAgICAgICAgIGFwcHJvdmVySW5kZXg6IGFwcHJvdmVySW5kZXggKyBjcmVhdGVBcHByb3ZlcnMubGVuZ3RoLFxuICAgICAgICAgICAgICAgIHNsaXBTdWJBc3NlbWJseSxcbiAgICAgICAgICAgICAgICBhc3NlbWJseUtleVBhcmFtcyxcbiAgICAgICAgICAgICAgICBzdWJqZWN0S2V5LFxuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgKVxuICAgICAgICAgICksXG4gICAgICAgIH07XG4gICAgICB9KVxuICAgICk7XG4gIH1cblxuICBwcml2YXRlIGZpbGxXcmFwcGluZ0tleUlkKGlucHV0OiBDcmVhdGVUcFN1YkFzc2VtYmx5SW5wdXRbXSwgdHBzOiBUcE5vZGVbXSkge1xuICAgIC8vIEZpbGwgaW4gd3JhcHBpbmdLZXlJZCBpZiBub3QgcHJlc2VudFxuICAgIGlucHV0LmZvckVhY2goKHNhKSA9PiB7XG4gICAgICBzYS5hcHByb3ZlclRwcy5mb3JFYWNoKChhcHByb3ZlcikgPT4ge1xuICAgICAgICBpZiAoIWFwcHJvdmVyLndyYXBwaW5nS2V5SWQpIHtcbiAgICAgICAgICBjb25zdCB0cCA9IHRwcy5maW5kKCh4KSA9PiB4LmlkID09PSBhcHByb3Zlci50cElkKTtcbiAgICAgICAgICBhcHByb3Zlci53cmFwcGluZ0tleUlkID0gdGhpcy5nZXRUcFdyYXBwaW5nS2V5SWQodHApO1xuICAgICAgICB9XG4gICAgICB9KTtcbiAgICB9KTtcbiAgfVxuXG4gIHByaXZhdGUgZ2V0SW5wdXRBcHByb3ZlcnMoaW5wdXQ6IENyZWF0ZVRwU3ViQXNzZW1ibHlJbnB1dFtdKSB7XG4gICAgY29uc3QgdHBJZHM6IHN0cmluZ1tdID0gW107XG4gICAgaW5wdXQuZm9yRWFjaCgoc2EpID0+IHtcbiAgICAgIHNhLmFwcHJvdmVyVHBzLmZvckVhY2goKGFwcHJvdmVyKSA9PiB7XG4gICAgICAgIHRwSWRzLnB1c2goYXBwcm92ZXIudHBJZCk7XG4gICAgICB9KTtcbiAgICB9KTtcbiAgICByZXR1cm4gdHBJZHM7XG4gIH1cblxuICBwdWJsaWMgYXN5bmMgcHJlcGFyZUNyZWF0ZShpbnB1dDogQ3JlYXRlVHBBc3NlbWJseUlucHV0KSB7XG4gICAgY29uc3Qgcm9vdEtleSA9IGF3YWl0IHRoaXMua2V5U2VydmljZS5nZXRDdXJyZW50Um9vdEtleSgpO1xuICAgIGNvbnN0IHN1YmplY3RLZXkgPSBhd2FpdCB0aGlzLmtleUZhY3RvcnkuY3JlYXRlS2V5KCk7XG4gICAgY29uc3Qgcm9vdEtleVdyYXBwZWRTdWJqZWN0S2V5ID0gYXdhaXQgdGhpcy5rZXlHcmFwaC53cmFwS2V5KFxuICAgICAgcm9vdEtleSxcbiAgICAgIHN1YmplY3RLZXlcbiAgICApO1xuXG4gICAgY29uc3QgeyBhc3NlbWJseUtleSwgcmF3QXNzZW1ibHlLZXksIGFzc2VtYmx5S2V5UGFyYW1zLCAuLi5hc3NlbWJseUlucHV0IH0gPVxuICAgICAgYXdhaXQgdGhpcy5wcmVwYXJlQXNzZW1ibHkoe1xuICAgICAgICByb290S2V5OiByb290S2V5Lmp3ayxcbiAgICAgICAgc3ViamVjdEtleSxcbiAgICAgIH0pO1xuXG4gICAgY29uc3Qgc2xpcEFzc2VtYmx5ID0gYXdhaXQgdGhpcy5wcmVwYXJlU2xpcDM5KFxuICAgICAgaW5wdXQuY3JlYXRlU3ViQXNzZW1ibGllcyxcbiAgICAgIGlucHV0LnF1b3J1bSxcbiAgICAgIHJhd0Fzc2VtYmx5S2V5XG4gICAgKTtcblxuICAgIGNvbnN0IHRwSWRzID0gdGhpcy5nZXRJbnB1dEFwcHJvdmVycyhpbnB1dC5jcmVhdGVTdWJBc3NlbWJsaWVzKTtcblxuICAgIC8vIFRoaXMgc2hvdWxkIGNvbnRhaW4gYWxsIHRoZSBUUHMgdGhhdCB3ZSBuZWVkIHRvIHVwZGF0ZSB0aGUgYXNzZW1ibHkuXG4gICAgY29uc3QgdHBzID0gbWFwRWRnZXMoXG4gICAgICAoXG4gICAgICAgIGF3YWl0IHRoaXMubHJHcmFwaFFsLnF1ZXJ5KHtcbiAgICAgICAgICBxdWVyeTogVHBzS2V5c1F1ZXJ5LFxuICAgICAgICAgIHZhcmlhYmxlczoge1xuICAgICAgICAgICAgaWRzOiB0cElkcyxcbiAgICAgICAgICB9LFxuICAgICAgICB9KVxuICAgICAgKS50cHNcbiAgICApO1xuXG4gICAgLy8gRmlsbCBpbiB3cmFwcGluZ0tleUlkIGlmIG5vdCBwcmVzZW50XG4gICAgdGhpcy5maWxsV3JhcHBpbmdLZXlJZChpbnB1dC5jcmVhdGVTdWJBc3NlbWJsaWVzLCB0cHMpO1xuXG4gICAgY29uc3QgY3JlYXRlU3ViQXNzZW1ibGllcyA9IGF3YWl0IHRoaXMucHJlcGFyZUNyZWF0ZVN1YkFzc2VtYmxpZXMoe1xuICAgICAgaW5wdXQ6IGlucHV0LmNyZWF0ZVN1YkFzc2VtYmxpZXMsXG4gICAgICBhc3NlbWJseUtleVBhcmFtcyxcbiAgICAgIHNsaXBTdWJBc3NlbWJsaWVzOiBzbGlwQXNzZW1ibHkuc3ViQXNzZW1ibGllcyxcbiAgICAgIHN1YmplY3RLZXksXG4gICAgfSk7XG5cbiAgICBjb25zdCBzdWJqZWN0Q2lwaGVyRGF0YSA9IGF3YWl0IHRoaXMuZW5jcnlwdGlvblNlcnZpY2UuZW5jcnlwdFRvU3RyaW5nKFxuICAgICAgc3ViamVjdEtleSxcbiAgICAgIGlucHV0LnN1YmplY3RDaXBoZXJEYXRhQ2xlYXJKc29uIHx8ICcnXG4gICAgKTtcblxuICAgIHJldHVybiB7XG4gICAgICBhc3NlbWJseUtleSxcbiAgICAgIG11dGF0aW9uSW5wdXQ6IHtcbiAgICAgICAgLi4uYXNzZW1ibHlJbnB1dCxcbiAgICAgICAgc2luZ2xlUmVqZWN0OiBpbnB1dC5zaW5nbGVSZWplY3QsXG4gICAgICAgIHF1b3J1bTogaW5wdXQucXVvcnVtLFxuICAgICAgICBzdWJqZWN0Q2lwaGVyRGF0YSxcbiAgICAgICAgY3JlYXRlU3ViQXNzZW1ibGllcyxcbiAgICAgICAgcm9vdEtleUlkOiByb290S2V5LmlkLFxuICAgICAgICByb290S2V5V3JhcHBlZFN1YmplY3RLZXksXG4gICAgICB9LFxuICAgIH07XG4gIH1cblxuICBwcml2YXRlIGdldEFzc2VtYmx5QXBwcm92ZXJzKGFzc2VtYmx5OiBUcEFzc2VtYmx5Tm9kZSkge1xuICAgIGNvbnN0IHRwSWRzOiBzdHJpbmdbXSA9IFtdO1xuXG4gICAgLy8gRmluZCBhbGwgVFBzIHRoYXQgYmVsb25nIHRvIHN1Yi1hc3NlbWJsaWVzXG4gICAgbWFwRWRnZXMoYXNzZW1ibHkuc3ViQXNzZW1ibGllcykubWFwKChzYSkgPT4ge1xuICAgICAgbWFwRWRnZXMoc2EuYXBwcm92ZXJzKS5mb3JFYWNoKChhcHByb3ZlcikgPT4gdHBJZHMucHVzaChhcHByb3Zlci50cC5pZCkpO1xuICAgIH0pO1xuXG4gICAgcmV0dXJuIHRwSWRzO1xuICB9XG5cbiAgcHVibGljIGFzeW5jIHByZXBhcmVVcGRhdGUoXG4gICAgaW5wdXQ6IFVwZGF0ZVRwQXNzZW1ibHlJbnB1dCxcbiAgICBhc3NlbWJseTogVHBBc3NlbWJseU5vZGUgLy8gVE9ETyB0eXBlIHRoaXMgdG8gb25seSB3aGF0IHdlIG5lZWQuXG4gICkge1xuICAgIGlucHV0ID0ge1xuICAgICAgY3JlYXRlU3ViQXNzZW1ibGllczogW10sXG4gICAgICAuLi5pbnB1dCxcbiAgICB9O1xuXG4gICAgY29uc3QgY3JlYXRlU3ViQXNzZW1ibGllc0lucHV0ID0gaW5wdXQuY3JlYXRlU3ViQXNzZW1ibGllcyB8fCBbXTtcbiAgICBjb25zdCB1cGRhdGVTdWJBc3NlbWJsaWVzSW5wdXQgPSBpbnB1dC51cGRhdGVTdWJBc3NlbWJsaWVzIHx8IFtdO1xuICAgIGNvbnN0IGRlbGV0ZVN1YkFzc2VtYmxpZXNJbnB1dCA9IGlucHV0LmRlbGV0ZVN1YkFzc2VtYmxpZXMgfHwgW107XG5cbiAgICAvLyBNdXN0IGhhdmUgYXQgbGVhc3Qgb25lLlxuICAgIGlmIChcbiAgICAgIGNyZWF0ZVN1YkFzc2VtYmxpZXNJbnB1dC5sZW5ndGggPT09IDAgJiZcbiAgICAgIHVwZGF0ZVN1YkFzc2VtYmxpZXNJbnB1dC5sZW5ndGggPT09IDAgJiZcbiAgICAgIGRlbGV0ZVN1YkFzc2VtYmxpZXNJbnB1dC5sZW5ndGggPT09IDBcbiAgICApIHtcbiAgICAgIHRocm93IG5ldyBMckJhZEFyZ3VtZW50RXhjZXB0aW9uKFxuICAgICAgICAnTXVzdCBzcGVjaWZ5IGF0IGxlYXN0IG9uZSBvZjogW2NyZWF0ZVN1YkFzc2VtYmxpZXMsIHVwZGF0ZVN1YkFzc2VtYmxpZXMsIGRlbGV0ZVN1YkFzc2VtYmxpZXNdJ1xuICAgICAgKTtcbiAgICB9XG5cbiAgICBjb25zdCByb290S2V5ID0gYXdhaXQgdGhpcy5rZXlTZXJ2aWNlLmdldEN1cnJlbnRSb290S2V5KCk7XG4gICAgY29uc3Qgc3ViamVjdEtleSA9IGF3YWl0IHRoaXMua2V5R3JhcGguZ2V0S2V5KGFzc2VtYmx5LnN1YmplY3RLZXkuaWQpO1xuXG4gICAgY29uc3QgeyBhc3NlbWJseUtleSwgcmF3QXNzZW1ibHlLZXksIGFzc2VtYmx5S2V5UGFyYW1zLCAuLi5hc3NlbWJseUlucHV0IH0gPVxuICAgICAgYXdhaXQgdGhpcy5wcmVwYXJlQXNzZW1ibHkoe1xuICAgICAgICByb290S2V5OiByb290S2V5Lmp3ayxcbiAgICAgICAgc3ViamVjdEtleTogc3ViamVjdEtleS5qd2ssXG4gICAgICB9KTtcblxuICAgIC8vIEZpbmQgYWxsIHRoZSBUUHMgdGhhdCB3ZSBuZWVkLCBkdXBsaWNhdGVzIGFyZSBubyBwcm9ibGVtLlxuICAgIC8vIEV4aXN0aW5nIGFwcHJvdmVyc1xuICAgIGNvbnN0IHRwSWRzID0gdGhpcy5nZXRBc3NlbWJseUFwcHJvdmVycyhhc3NlbWJseSkuY29uY2F0KFxuICAgICAgdGhpcy5nZXRJbnB1dEFwcHJvdmVycyhjcmVhdGVTdWJBc3NlbWJsaWVzSW5wdXQpLFxuICAgICAgdGhpcy5nZXRJbnB1dEFwcHJvdmVycyh1cGRhdGVTdWJBc3NlbWJsaWVzSW5wdXQpXG4gICAgKTtcblxuICAgIC8vIFRoaXMgc2hvdWxkIGNvbnRhaW4gYWxsIHRoZSBUUHMgdGhhdCB3ZSBuZWVkIHRvIHVwZGF0ZSB0aGUgYXNzZW1ibHkuXG4gICAgY29uc3QgdHBzID0gbWFwRWRnZXMoXG4gICAgICAoXG4gICAgICAgIGF3YWl0IHRoaXMubHJHcmFwaFFsLnF1ZXJ5KHtcbiAgICAgICAgICBxdWVyeTogVHBzS2V5c1F1ZXJ5LFxuICAgICAgICAgIHZhcmlhYmxlczoge1xuICAgICAgICAgICAgaWRzOiB0cElkcyxcbiAgICAgICAgICB9LFxuICAgICAgICB9KVxuICAgICAgKS50cHNcbiAgICApO1xuXG4gICAgLy8gQXV0byBmaWxsIHRoZSB1cGRhdGVTdWJBc3NlbWJsaWVzIHdpdGggZXhpc3Rpbmcgc3ViIGFzc2VtYmxpZXMgaWYgdGhleSBhcmUgbm90XG4gICAgLy8gZXhwbGljaXRseSBkZWxldGVkLlxuICAgIG1hcEVkZ2VzKGFzc2VtYmx5LnN1YkFzc2VtYmxpZXMpLmZvckVhY2goKGV4aXN0aW5nKSA9PiB7XG4gICAgICAvLyBEZWxldGluZyBleGlzdGluZywgZG9uJ3QgaW5jbHVkZSBpdFxuICAgICAgaWYgKGRlbGV0ZVN1YkFzc2VtYmxpZXNJbnB1dC5pbmNsdWRlcyhleGlzdGluZy5pZCkpIHtcbiAgICAgICAgcmV0dXJuO1xuICAgICAgfVxuXG4gICAgICAvLyBVcGRhdGUgYWxyZWFkeSBzcGVjaWZpZWQgaW4gdGhlIGlucHV0XG4gICAgICBpZiAodXBkYXRlU3ViQXNzZW1ibGllc0lucHV0LnNvbWUoKHNhKSA9PiBzYS5pZCA9PT0gZXhpc3RpbmcuaWQpKSB7XG4gICAgICAgIHJldHVybjtcbiAgICAgIH1cblxuICAgICAgY29uc3QgYXBwcm92ZXJUcHM6IFRwQXNzZW1ibHlBcHByb3ZlcklucHV0W10gPSBtYXBFZGdlcyhcbiAgICAgICAgZXhpc3RpbmcuYXBwcm92ZXJzXG4gICAgICApLm1hcCgoYXBwcm92ZXIpID0+IHtcbiAgICAgICAgcmV0dXJuIHtcbiAgICAgICAgICB0cElkOiBhcHByb3Zlci50cC5pZCxcbiAgICAgICAgICBzaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uOiBhcHByb3Zlci5zaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uLFxuICAgICAgICAgIHNoYXJlZENpcGhlckFwcHJvdmFsRGF0YUNsZWFySnNvbjpcbiAgICAgICAgICAgIGFwcHJvdmVyLnNoYXJlZENpcGhlckFwcHJvdmFsRGF0YUNsZWFySnNvbixcbiAgICAgICAgfTtcbiAgICAgIH0pO1xuXG4gICAgICB1cGRhdGVTdWJBc3NlbWJsaWVzSW5wdXQucHVzaCh7XG4gICAgICAgIGlkOiBleGlzdGluZy5pZCxcbiAgICAgICAgcXVvcnVtOiBleGlzdGluZy5xdW9ydW0sXG4gICAgICAgIHNpbmdsZVJlamVjdDogZXhpc3Rpbmcuc2luZ2xlUmVqZWN0LFxuICAgICAgICBhcHByb3ZlclRwcyxcbiAgICAgICAgc3ViamVjdENpcGhlckRhdGFDbGVhckpzb246IGV4aXN0aW5nLnN1YmplY3RDaXBoZXJEYXRhQ2xlYXJKc29uLFxuICAgICAgfSk7XG4gICAgfSk7XG5cbiAgICAvLyBGaWxsIGluIHdyYXBwaW5nS2V5SWQgaWYgbm90IHByZXNlbnRcbiAgICB0aGlzLmZpbGxXcmFwcGluZ0tleUlkKGNyZWF0ZVN1YkFzc2VtYmxpZXNJbnB1dCwgdHBzKTtcbiAgICB0aGlzLmZpbGxXcmFwcGluZ0tleUlkKHVwZGF0ZVN1YkFzc2VtYmxpZXNJbnB1dCwgdHBzKTtcblxuICAgIGxldCBzbGlwQXNzZW1ibHk7XG4gICAgdHJ5IHtcbiAgICAgIHNsaXBBc3NlbWJseSA9IGF3YWl0IHRoaXMucHJlcGFyZVNsaXAzOShcbiAgICAgICAgKGNyZWF0ZVN1YkFzc2VtYmxpZXNJbnB1dCB8fCBbXSkuY29uY2F0KHVwZGF0ZVN1YkFzc2VtYmxpZXNJbnB1dCB8fCBbXSksXG4gICAgICAgIGlucHV0LnF1b3J1bSxcbiAgICAgICAgcmF3QXNzZW1ibHlLZXlcbiAgICAgICk7XG4gICAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICAgIC8vIFRPRE8gdGhpcyBzb21ldGltZXMgaGFwcGVucy4gTWF5YmUgbWlzc2luZyBhd2FpdC5cbiAgICAgIGNvbnNvbGUubG9nKCdFcnJvciB3aGlsZSBjcmVhdGluZyBzbGlwIGFzc2VtYmx5JywgZXJyb3IpO1xuICAgIH1cblxuICAgIGNvbnN0IGNvbW1vbiA9IHtcbiAgICAgIGFzc2VtYmx5S2V5UGFyYW1zLFxuICAgICAgc3ViamVjdEtleTogc3ViamVjdEtleS5qd2ssXG4gICAgfTtcblxuICAgIGNvbnN0IGNyZWF0ZVN1YkFzc2VtYmxpZXMgPSBhd2FpdCB0aGlzLnByZXBhcmVDcmVhdGVTdWJBc3NlbWJsaWVzKHtcbiAgICAgIC4uLmNvbW1vbixcbiAgICAgIGlucHV0OiBjcmVhdGVTdWJBc3NlbWJsaWVzSW5wdXQsXG4gICAgICAvLyBOZWVkIHRvIG1hdGNoIHRoZSBzbGlwIHN1YiBhc3NlbWJsaWVzIHRvIHRoZSBpbnB1dFxuICAgICAgc2xpcFN1YkFzc2VtYmxpZXM6IHNsaXBBc3NlbWJseS5zdWJBc3NlbWJsaWVzLnNsaWNlKFxuICAgICAgICAwLFxuICAgICAgICBjcmVhdGVTdWJBc3NlbWJsaWVzSW5wdXQubGVuZ3RoXG4gICAgICApLFxuICAgIH0pO1xuXG4gICAgY29uc3QgdXBkYXRlU3ViQXNzZW1ibGllcyA9IGF3YWl0IHRoaXMucHJlcGFyZVVwZGF0ZVN1YkFzc2VtYmxpZXMoe1xuICAgICAgLi4uY29tbW9uLFxuICAgICAgaW5wdXQ6IHVwZGF0ZVN1YkFzc2VtYmxpZXNJbnB1dCxcbiAgICAgIC8vIEFkZCBhbiBvZmZzZXQgdG8gdGhlIHN1YiBhc3NlbWJsaWVzIHRvIHNraXAgdGhlIG9uZSB0aGF0IGFyZSBjcmVhdGVkLlxuICAgICAgc2xpcFN1YkFzc2VtYmxpZXM6IHNsaXBBc3NlbWJseS5zdWJBc3NlbWJsaWVzLnNsaWNlKFxuICAgICAgICBjcmVhdGVTdWJBc3NlbWJsaWVzSW5wdXQubGVuZ3RoXG4gICAgICApLFxuICAgICAgc3ViQXNzZW1ibGllczogYXNzZW1ibHkuc3ViQXNzZW1ibGllcyxcbiAgICB9KTtcblxuICAgIGNvbnN0IHN1YmplY3RDaXBoZXJEYXRhID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0VG9TdHJpbmcoXG4gICAgICBzdWJqZWN0S2V5Lmp3ayxcbiAgICAgIGlucHV0LnN1YmplY3RDaXBoZXJEYXRhQ2xlYXJKc29uID8/IGFzc2VtYmx5LnN1YmplY3RDaXBoZXJEYXRhQ2xlYXJKc29uXG4gICAgKTtcblxuICAgIHJldHVybiB7XG4gICAgICBhc3NlbWJseUtleSxcbiAgICAgIG11dGF0aW9uSW5wdXQ6IHtcbiAgICAgICAgLi4uYXNzZW1ibHlJbnB1dCxcbiAgICAgICAgc2luZ2xlUmVqZWN0OiBpbnB1dC5zaW5nbGVSZWplY3QsXG4gICAgICAgIHF1b3J1bTogaW5wdXQucXVvcnVtLFxuICAgICAgICBzdWJqZWN0Q2lwaGVyRGF0YSxcbiAgICAgICAgc3ViamVjdEtleUlkOiBzdWJqZWN0S2V5LmlkLFxuICAgICAgICBjcmVhdGVTdWJBc3NlbWJsaWVzLFxuICAgICAgICB1cGRhdGVTdWJBc3NlbWJsaWVzLFxuICAgICAgfSxcbiAgICB9O1xuICB9XG5cbiAgcHJpdmF0ZSBhc3luYyBwcmVwYXJlQXBwcm92ZXIoe1xuICAgIGFwcHJvdmVySWQsXG4gICAgdHAsXG4gICAgYXBwcm92ZXJJbmRleCxcbiAgICBzbGlwU3ViQXNzZW1ibHksXG4gICAgYXNzZW1ibHlLZXlQYXJhbXMsXG4gICAgc3ViamVjdEtleSxcbiAgfToge1xuICAgIGFwcHJvdmVySWQ/OiBzdHJpbmc7IC8vIEdpdmVuIGlmIHVwZGF0aW5nIGV4aXN0aW5nIGFwcHJvdmVyXG4gICAgdHA6IFRwQXNzZW1ibHlBcHByb3ZlcklucHV0O1xuICAgIGFwcHJvdmVySW5kZXg6IG51bWJlcjtcbiAgICBzbGlwU3ViQXNzZW1ibHk6IHNsaXAuU3ViQXNzZW1ibHk7XG4gICAgYXNzZW1ibHlLZXlQYXJhbXM6IFJlY29yZDxzdHJpbmcsIEpTT05PYmplY3Q+O1xuICAgIHN1YmplY3RLZXk6IEpXSy5LZXk7XG4gIH0pIHtcbiAgICBjb25zdCB0cFdyYXBwaW5nS2V5ID0gYXdhaXQgdGhpcy5wcmVwYXJlVHBXcmFwcGluZ0tleSh0cCk7XG4gICAgLy8gc2hhcmVkIGtleSBpcyByb3RhdGVkIGV2ZXJ5IHRpbWUuXG4gICAgY29uc3Qgc2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5rZXlGYWN0b3J5LmNyZWF0ZUtleSgpO1xuXG4gICAgLy8gRm9yIFRQIHRvIGFjY2VzcyBzaGFyZWRfa2V5XG4gICAgY29uc3QgdHBXcmFwcGVkU2hhcmVkS2V5ID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0VG9TdHJpbmcoXG4gICAgICB0cFdyYXBwaW5nS2V5Lmp3ayxcbiAgICAgIHNoYXJlZEtleS50b0pTT04odHJ1ZSlcbiAgICApO1xuICAgIC8vIEZvciBzdWJqZWN0IHRvIGFjY2VzcyBzaGFyZWRfa2V5XG4gICAgY29uc3Qgc3ViamVjdEtleVdyYXBwZWRTaGFyZWRLZXkgPVxuICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0VG9TdHJpbmcoXG4gICAgICAgIHN1YmplY3RLZXksXG4gICAgICAgIHNoYXJlZEtleS50b0pTT04odHJ1ZSlcbiAgICAgICk7XG5cbiAgICAvLyBJZiBxdW9ydW0gaXMgMSwgdGhlbiB1c2luZyB0aGUgc2FtZSBzaGFyZSBmb3IgZXZlcnkgbWVtYmVyLlxuICAgIGNvbnN0IHNoYXJlID1cbiAgICAgIHNsaXBTdWJBc3NlbWJseS50aHJlc2hvbGQgPT09IDFcbiAgICAgICAgPyBzbGlwU3ViQXNzZW1ibHkuc2hhcmVzWzBdXG4gICAgICAgIDogc2xpcFN1YkFzc2VtYmx5LnNoYXJlc1thcHByb3ZlckluZGV4XTtcblxuICAgIGNvbnN0IHBhcnRpYWxBc3NlbWJseUtleTogUGFydGlhbEFzc2VtYmx5S2V5ID0ge1xuICAgICAgc2xpcDM5OiB7XG4gICAgICAgIHNoYXJlLFxuICAgICAgICBzdWJBc3NlbWJseToge1xuICAgICAgICAgIHF1b3J1bTogc2xpcFN1YkFzc2VtYmx5LnRocmVzaG9sZCxcbiAgICAgICAgICBzaXplOiBzbGlwU3ViQXNzZW1ibHkuc2l6ZSxcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgICBhc3NlbWJseUtleVBhcmFtcyxcbiAgICB9O1xuXG4gICAgY29uc29sZS5sb2coJ3BhcnRpYWxBc3NlbWJseUtleScsIHBhcnRpYWxBc3NlbWJseUtleSk7XG5cbiAgICBjb25zdCBzaGFyZWRDaXBoZXJEYXRhID0gYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0VG9TdHJpbmcoXG4gICAgICBzaGFyZWRLZXksXG4gICAgICB0cC5zaGFyZWRDaXBoZXJEYXRhQ2xlYXJKc29uIHx8ICcnXG4gICAgKTtcblxuICAgIGNvbnN0IHNoYXJlZENpcGhlckFwcHJvdmFsRGF0YSA9XG4gICAgICBhd2FpdCB0aGlzLmVuY3J5cHRpb25TZXJ2aWNlLmVuY3J5cHRUb1N0cmluZyhcbiAgICAgICAgc2hhcmVkS2V5LFxuICAgICAgICB0cC5zaGFyZWRDaXBoZXJBcHByb3ZhbERhdGFDbGVhckpzb24gfHwgJydcbiAgICAgICk7XG5cbiAgICBjb25zdCBzaGFyZWRDaXBoZXJQYXJ0aWFsQXNzZW1ibHlLZXkgPVxuICAgICAgYXdhaXQgdGhpcy5lbmNyeXB0aW9uU2VydmljZS5lbmNyeXB0VG9TdHJpbmcoXG4gICAgICAgIHNoYXJlZEtleSxcbiAgICAgICAgcGFydGlhbEFzc2VtYmx5S2V5XG4gICAgICApO1xuXG4gICAgcmV0dXJuIHtcbiAgICAgIHRwV3JhcHBpbmdLZXlJZDogdHBXcmFwcGluZ0tleS5pZCxcbiAgICAgIHRwV3JhcHBlZFNoYXJlZEtleSxcbiAgICAgIHN1YmplY3RLZXlXcmFwcGVkU2hhcmVkS2V5LFxuICAgICAgc2hhcmVkQ2lwaGVyRGF0YSxcbiAgICAgIHNoYXJlZENpcGhlckFwcHJvdmFsRGF0YSxcbiAgICAgIHNoYXJlZENpcGhlclBhcnRpYWxBc3NlbWJseUtleSxcbiAgICAgIGFwcHJvdmVySWQ6IGFwcHJvdmVySWQgfHwgdm9pZCAwLCAvLyBJZiBleGlzdGluZyBhcHByb3ZlclxuICAgICAgdHBJZDogYXBwcm92ZXJJZCA/IHZvaWQgMCA6IHRwLnRwSWQsIC8vIGVsc2UgYWRkaW5nIG5ldyBUUFxuICAgIH07XG4gIH1cblxuICB2YWxpZGF0ZUFwcHJvdmVycyhhcHByb3ZlcnM6IFRwTm9kZVtdKTogdm9pZCB7XG4gICAgLy8gRW5zdXJlIGFsbCBhcHByb3ZlcnMgaGF2ZSBta1NoYXJlZEtleS5cbiAgICBmb3IgKGNvbnN0IHRwIG9mIGFwcHJvdmVycykge1xuICAgICAgaWYgKCF0cC5jdXJyZW50VXNlclNoYXJlZEtleS51c2VyU2hhcmVkS2V5Lm1rU2hhcmVkS2V5KSB7XG4gICAgICAgIGNvbnN0IG1zZyA9IGB0cCAke3RwLm90aGVyLnVzZXJuYW1lfSBkb2VzIG5vdCBoYXZlIG1rU2hhcmVkS2V5YDtcbiAgICAgICAgY29uc29sZS5sb2cobXNnKTtcbiAgICAgICAgdGhyb3cgbmV3IExyQmFkQXJndW1lbnRFeGNlcHRpb24obXNnKTtcbiAgICAgIH1cbiAgICB9XG4gIH1cblxuICAvLyBQcmVwYXJlIHNsaXAzOVxuICBwcm90ZWN0ZWQgYXN5bmMgcHJlcGFyZVNsaXAzOShcbiAgICBzdWJBc3NlbWJsaWVzLFxuICAgIGFzc2VtYmx5UXVvcnVtOiBudW1iZXIsXG4gICAgcmF3QXNzZW1ibHlLZXk6IHN0cmluZ1xuICApOiBQcm9taXNlPHNsaXAuQXNzZW1ibHk+IHtcbiAgICAvLyBJcyB0aGVyZSBlbm91Z2ggc3ViIGFzc2VtYmxpZXMgdG8gbWVldCBxdW9ydW1cbiAgICBpZiAoc3ViQXNzZW1ibGllcy5sZW5ndGggPCBhc3NlbWJseVF1b3J1bSkge1xuICAgICAgdGhyb3cgbmV3IExyQmFkQXJndW1lbnRFeGNlcHRpb24oXG4gICAgICAgICdOb3QgZW5vdWdoIHN1YiBhc3NlbWJsaWVzIHRvIG1lZXQgcXVvcnVtJ1xuICAgICAgKTtcbiAgICB9XG5cbiAgICBjb25zdCBzbGlwQXNzZW1ibHkgPSBuZXcgc2xpcC5Bc3NlbWJseShhc3NlbWJseVF1b3J1bSk7XG5cbiAgICBzdWJBc3NlbWJsaWVzLmZvckVhY2goKHNhLCBpbmRleCkgPT4ge1xuICAgICAgbGV0IGFwcHJvdmVyQ291bnQgPSBzYS5hcHByb3ZlclRwcy5sZW5ndGg7XG5cbiAgICAgIC8vIHNsaXAzOSByZXN0cmljdHMgcXVvcnVtID09IDEgdG8gaGF2ZSBvbmx5IDEgbWVtYmVyLiBTbyB3ZSBqdXN0IHNoYXJlIHRoZSBzYW1lXG4gICAgICAvLyBwYXJ0aWFsIGtleSBmb3IgYWxsIHN1YiBhc3NlbWJseSBtZW1iZXJzLlxuICAgICAgaWYgKHNhLnF1b3J1bSA9PT0gMSkge1xuICAgICAgICBhcHByb3ZlckNvdW50ID0gMTtcbiAgICAgIH1cbiAgICAgIHNsaXBBc3NlbWJseS5hZGRTdWJBc3NlbWJseShcbiAgICAgICAgbmV3IHNsaXAuU3ViQXNzZW1ibHkoaW5kZXgsIHNhLnF1b3J1bSwgYXBwcm92ZXJDb3VudClcbiAgICAgICk7XG4gICAgfSk7XG5cbiAgICBhd2FpdCB0aGlzLnNsaXAzOVNlcnZpY2UuZ2VuZXJhdGVTaGFyZXMoXG4gICAgICByYXdBc3NlbWJseUtleSxcbiAgICAgIHRoaXMuc2xpcDM5UGFzc3BocmFzZSxcbiAgICAgIHNsaXBBc3NlbWJseVxuICAgICk7XG4gICAgcmV0dXJuIHNsaXBBc3NlbWJseTtcbiAgfVxufVxuIl19
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
import { gqlTyped } from '../_common/ast';
|
|
2
|
+
export const TpsKeysQuery = gqlTyped `
|
|
3
|
+
query TpsKeysQuery($ids: [ID]) {
|
|
4
|
+
tps(id_In: $ids) {
|
|
5
|
+
edges {
|
|
6
|
+
node {
|
|
7
|
+
id
|
|
8
|
+
currentUserSharedKey {
|
|
9
|
+
userSharedKey {
|
|
10
|
+
sharedKey {
|
|
11
|
+
id
|
|
12
|
+
}
|
|
13
|
+
mkSharedKey {
|
|
14
|
+
id
|
|
15
|
+
}
|
|
16
|
+
}
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
}`;
|
|
22
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHAtYXNzZW1ibHkucHJpdmF0ZS5ncWwuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi9wcm9qZWN0cy9jb3JlL3NyYy9saWIvdHAtYXNzZW1ibHkvdHAtYXNzZW1ibHkucHJpdmF0ZS5ncWwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQ0EsT0FBTyxFQUFFLFFBQVEsRUFBRSxNQUFNLGdCQUFnQixDQUFDO0FBSzFDLE1BQU0sQ0FBQyxNQUFNLFlBQVksR0FBRyxRQUFRLENBQW9COzs7Ozs7Ozs7Ozs7Ozs7Ozs7O0VBbUJ0RCxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgQ29ubmVjdGlvbiwgVHBOb2RlIH0gZnJvbSAnLi4vYXBpL3R5cGVzJztcbmltcG9ydCB7IGdxbFR5cGVkIH0gZnJvbSAnLi4vX2NvbW1vbi9hc3QnO1xuXG5leHBvcnQgaW50ZXJmYWNlIFRwc0tleXNRdWVyeVJlc3VsdCB7XG4gIHRwczogQ29ubmVjdGlvbjxUcE5vZGU+O1xufVxuZXhwb3J0IGNvbnN0IFRwc0tleXNRdWVyeSA9IGdxbFR5cGVkPFRwc0tleXNRdWVyeVJlc3VsdD5gXG5xdWVyeSBUcHNLZXlzUXVlcnkoJGlkczogW0lEXSkge1xuICB0cHMoaWRfSW46ICRpZHMpIHtcbiAgICBlZGdlcyB7XG4gICAgICBub2RlIHtcbiAgICAgICAgaWRcbiAgICAgICAgY3VycmVudFVzZXJTaGFyZWRLZXkge1xuICAgICAgICAgIHVzZXJTaGFyZWRLZXkge1xuICAgICAgICAgICAgc2hhcmVkS2V5IHtcbiAgICAgICAgICAgICAgaWRcbiAgICAgICAgICAgIH1cbiAgICAgICAgICAgIG1rU2hhcmVkS2V5IHtcbiAgICAgICAgICAgICAgaWRcbiAgICAgICAgICAgIH1cbiAgICAgICAgICB9XG4gICAgICAgIH1cbiAgICAgIH1cbiAgICB9XG4gIH1cbn1gO1xuIl19
|