@lindorm/aegis 0.4.4 → 0.6.0

package/dist/internal/utils/jwt-verify.js.map

@@ -1 +1 @@
-{"version":3,"file":"jwt-verify.js","sourceRoot":"","sources":["../../../src/internal/utils/jwt-verify.ts"],"names":[],"mappings":";;;AAAA,wCAAuD;AACvD,oCAAoE;AAIpE,+CAAuF;AAEvF,MAAM,SAAS,GAAG,CAAC,GAA2B,EAAmB,EAAE;IACjE,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,aAAa;YAChB,OAAO,SAAS,CAAC;QACnB,KAAK,qBAAqB;YACxB,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,QAAQ,CAAC;QAClB,KAAK,kBAAkB;YACrB,OAAO,KAAK,CAAC;QACf,KAAK,YAAY;YACf,OAAO,KAAK,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,iBAAiB;YACpB,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,QAAQ,CAAC;QAClB,KAAK,UAAU;YACb,OAAO,WAAW,CAAC;QACrB,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,KAAK,CAAC;QACf,KAAK,QAAQ;YACX,OAAO,KAAK,CAAC;QACf,KAAK,kBAAkB;YACrB,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,SAAS;YACZ,OAAO,KAAK,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,YAAY,CAAC;QACtB;YACE,MAAM,IAAI,KAAK,CAAC,oBAAoB,GAAU,uBAAuB,CAAC,CAAC;IAC3E,CAAC;AACH,CAAC,CAAC;AAEK,MAAM,eAAe,GAAG,CAC7B,SAA2B,EAC3B,MAAwB,EACxB,cAAsB,EACL,EAAE;IACnB,MAAM,SAAS,GAA6D;QAC1E,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;QACD,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;QACD,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;QACD,SAAS,EAAE;YACT,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;KACF,CAAC;IAEF,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,MAAM,MAAM,GAAG,SAAS,CAAC,GAA6B,CAAC,CAAC;QAExD,IAAI,MAAM,KAAK,SAAS,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC5C,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,mCAAqB,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YACrE,SAAS;QACX,CAAC;QACD,IAAI,MAAM,KAAK,QAAQ,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC3C,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,4BAAc,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAC9D,SAAS;QACX,CAAC;QACD,IAAI,MAAM,KAAK,QAAQ,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC3C,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,6BAAe,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAC/D,SAAS;QACX,CAAC;QACD,IAAI,IAAA,YAAO,EAAS,KAAK,CAAC,EAAE,CAAC;YAC3B,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;YACpC,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YACnC,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YACnC,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,MAAM,CAAC,GAAG,KAA+B,CAAC;YACpD,SAAS;QACX,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,sBAAsB,KAAY,aAAa,GAAG,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,OAAO,SAA4B,CAAC;AACtC,CAAC,CAAC;AAxDW,QAAA,eAAe,mBAwD1B"}
+{"version":3,"file":"jwt-verify.js","sourceRoot":"","sources":["../../../src/internal/utils/jwt-verify.ts"],"names":[],"mappings":";;;AAAA,wCAAuD;AACvD,oCAAoE;AAIpE,+CAAuF;AAEvF,MAAM,SAAS,GAAG,CAAC,GAA2B,EAAmB,EAAE;IACjE,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,aAAa;YAChB,OAAO,SAAS,CAAC;QACnB,KAAK,qBAAqB;YACxB,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,QAAQ,CAAC;QAClB,KAAK,kBAAkB;YACrB,OAAO,KAAK,CAAC;QACf,KAAK,YAAY;YACf,OAAO,KAAK,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,iBAAiB;YACpB,OAAO,KAAK,CAAC;QACf,KAAK,WAAW;YACd,OAAO,QAAQ,CAAC;QAClB,KAAK,UAAU;YACb,OAAO,WAAW,CAAC;QACrB,KAAK,UAAU;YACb,OAAO,WAAW,CAAC;QACrB,KAAK,cAAc;YACjB,OAAO,cAAc,CAAC;QACxB,KAAK,WAAW;YACd,OAAO,KAAK,CAAC;QACf,KAAK,QAAQ;YACX,OAAO,QAAQ,CAAC;QAClB,KAAK,QAAQ;YACX,OAAO,KAAK,CAAC;QACf,KAAK,kBAAkB;YACrB,OAAO,KAAK,CAAC;QACf,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,aAAa;YAChB,OAAO,aAAa,CAAC;QACvB,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,SAAS;YACZ,OAAO,KAAK,CAAC;QACf,KAAK,aAAa;YAChB,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,WAAW,CAAC;QACrB;YACE,MAAM,IAAI,KAAK,CAAC,oBAAoB,GAAU,uBAAuB,CAAC,CAAC;IAC3E,CAAC;AACH,CAAC,CAAC;AAEK,MAAM,eAAe,GAAG,CAC7B,SAA2B,EAC3B,MAAwB,EACxB,cAAsB,EACL,EAAE;IACnB,MAAM,SAAS,GAA6D;QAC1E,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;QACD,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;QACD,GAAG,EAAE;YACH,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;QACD,SAAS,EAAE;YACT,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,IAAA,iBAAU,EAAC,IAAI,IAAI,EAAE,EAAE,cAAc,CAAC,EAAE,CAAC;SAC5E;KACF,CAAC;IAMF,MAAM,gBAAgB,GAAwB,IAAI,GAAG,CAAC;QACpD,KAAK;QACL,KAAK;QACL,KAAK;QACL,OAAO;QACP,OAAO;QACP,aAAa;QACb,QAAQ;QACR,cAAc;KACf,CAAC,CAAC;IAEH,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAElD,IAAI,GAAG,KAAK,WAAW;YAAE,SAAS;QAElC,IAAI,GAAG,KAAK,OAAO;YAAE,SAAS;QAE9B,IAAI,GAAG,KAAK,WAAW;YAAE,SAAS;QAElC,IAAI,GAAG,KAAK,sBAAsB;YAAE,SAAS;QAE7C,MAAM,MAAM,GAAG,SAAS,CAAC,GAA6B,CAAC,CAAC;QAExD,IAAI,MAAM,KAAK,SAAS,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC5C,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,mCAAqB,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YACrE,SAAS;QACX,CAAC;QACD,IAAI,MAAM,KAAK,QAAQ,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC3C,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,4BAAc,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAC9D,SAAS;QACX,CAAC;QACD,IAAI,MAAM,KAAK,QAAQ,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAC3C,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAA,6BAAe,EAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAC/D,SAAS;QACX,CAAC;QACD,IAAI,IAAA,YAAO,EAAS,KAAK,CAAC,EAAE,CAAC;YAC3B,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;YACpC,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YACnC,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YAGpB,IAAI,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjC,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC;gBACtC,SAAS;YACX,CAAC;YACD,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;YACnC,SAAS;QACX,CAAC;QACD,IAAI,IAAA,aAAQ,EAAC,KAAK,CAAC,EAAE,CAAC;YACpB,SAAS,CAAC,MAAM,CAAC,GAAG,KAA+B,CAAC;YACpD,SAAS;QACX,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,sBAAsB,KAAY,aAAa,GAAG,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,OAAO,SAA4B,CAAC;AACtC,CAAC,CAAC;AAtFW,QAAA,eAAe,mBAsF1B"}

package/dist/internal/utils/parse-introspection.d.ts

@@ -0,0 +1,7 @@
+import { Dict } from "@lindorm/types";
+import { AegisIntrospection } from "../../types";
+export type IntrospectClaimsInput = Dict & {
+    active?: unknown;
+};
+export declare const parseIntrospection: (data: IntrospectClaimsInput) => AegisIntrospection;
+//# sourceMappingURL=parse-introspection.d.ts.map

package/dist/internal/utils/parse-introspection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"parse-introspection.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/parse-introspection.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAGtC,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAOjD,MAAM,MAAM,qBAAqB,GAAG,IAAI,GAAG;IACzC,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,eAAO,MAAM,kBAAkB,GAAI,MAAM,qBAAqB,KAAG,kBAqBhE,CAAC"}

package/dist/internal/utils/parse-introspection.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseIntrospection = void 0;
+const is_1 = require("@lindorm/is");
+const utils_1 = require("@lindorm/utils");
+const errors_1 = require("../../errors");
+const extract_claims_1 = require("./extract-claims");
+const parseIntrospection = (data) => {
+    if (!(0, is_1.isBoolean)(data.active)) {
+        throw new errors_1.AegisError("Missing active claim");
+    }
+    if (!data.active) {
+        return { active: false };
+    }
+    const { claims } = (0, extract_claims_1.extractDomainClaims)(data);
+    return (0, utils_1.removeUndefined)({
+        ...claims,
+        active: true,
+        tokenType: (0, is_1.isString)(data.tokenType)
+            ? data.tokenType
+            : (0, is_1.isString)(data.token_type)
+                ? data.token_type
+                : undefined,
+        username: (0, is_1.isString)(data.username) ? data.username : undefined,
+    });
+};
+exports.parseIntrospection = parseIntrospection;
+//# sourceMappingURL=parse-introspection.js.map

package/dist/internal/utils/parse-introspection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"parse-introspection.js","sourceRoot":"","sources":["../../../src/internal/utils/parse-introspection.ts"],"names":[],"mappings":";;;AAAA,oCAAkD;AAElD,0CAAiD;AACjD,yCAA0C;AAE1C,qDAAuD;AAUhD,MAAM,kBAAkB,GAAG,CAAC,IAA2B,EAAsB,EAAE;IACpF,IAAI,CAAC,IAAA,cAAS,EAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,mBAAU,CAAC,sBAAsB,CAAC,CAAC;IAC/C,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACjB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,IAAA,oCAAmB,EAAC,IAAI,CAAC,CAAC;IAE7C,OAAO,IAAA,uBAAe,EAAC;QACrB,GAAG,MAAM;QACT,MAAM,EAAE,IAAa;QACrB,SAAS,EAAE,IAAA,aAAQ,EAAC,IAAI,CAAC,SAAS,CAAC;YACjC,CAAC,CAAC,IAAI,CAAC,SAAS;YAChB,CAAC,CAAC,IAAA,aAAQ,EAAE,IAAa,CAAC,UAAU,CAAC;gBACnC,CAAC,CAAG,IAAa,CAAC,UAAqB;gBACvC,CAAC,CAAC,SAAS;QACf,QAAQ,EAAE,IAAA,aAAQ,EAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;KAC9D,CAAC,CAAC;AACL,CAAC,CAAC;AArBW,QAAA,kBAAkB,sBAqB7B"}

package/dist/internal/utils/parse-userinfo.d.ts

@@ -0,0 +1,5 @@
+import { Dict } from "@lindorm/types";
+import { AegisUserinfo } from "../../types";
+export type UserinfoClaimsInput = Dict;
+export declare const parseUserinfo: (data: UserinfoClaimsInput) => AegisUserinfo;
+//# sourceMappingURL=parse-userinfo.d.ts.map

package/dist/internal/utils/parse-userinfo.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"parse-userinfo.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/parse-userinfo.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAEtC,OAAO,EAAgB,aAAa,EAAE,MAAM,aAAa,CAAC;AAO1D,MAAM,MAAM,mBAAmB,GAAG,IAAI,CAAC;AAEvC,eAAO,MAAM,aAAa,GAAI,MAAM,mBAAmB,KAAG,aAyBzD,CAAC"}

package/dist/internal/utils/parse-userinfo.js

@@ -0,0 +1,26 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseUserinfo = void 0;
+const is_1 = require("@lindorm/is");
+const errors_1 = require("../../errors");
+const extract_aegis_profile_1 = require("./extract-aegis-profile");
+const extract_claims_1 = require("./extract-claims");
+const parseUserinfo = (data) => {
+    const { claims, rest } = (0, extract_claims_1.extractDomainClaims)(data);
+    const preExtractedProfile = (0, is_1.isObject)(rest.profile) && !(0, is_1.isString)(rest.profile)
+        ? rest.profile
+        : undefined;
+    if (preExtractedProfile)
+        delete rest.profile;
+    const { profile: extractedProfile } = (0, extract_aegis_profile_1.extractAegisProfile)(rest);
+    const profile = preExtractedProfile ?? extractedProfile;
+    if (!(0, is_1.isString)(claims.subject)) {
+        throw new errors_1.AegisError("Missing subject claim");
+    }
+    return {
+        ...(profile ?? {}),
+        subject: claims.subject,
+    };
+};
+exports.parseUserinfo = parseUserinfo;
+//# sourceMappingURL=parse-userinfo.js.map

package/dist/internal/utils/parse-userinfo.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"parse-userinfo.js","sourceRoot":"","sources":["../../../src/internal/utils/parse-userinfo.ts"],"names":[],"mappings":";;;AAAA,oCAAiD;AAEjD,yCAA0C;AAE1C,mEAA8D;AAC9D,qDAAuD;AAOhD,MAAM,aAAa,GAAG,CAAC,IAAyB,EAAiB,EAAE;IACxE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,IAAA,oCAAmB,EAAC,IAAI,CAAC,CAAC;IAMnD,MAAM,mBAAmB,GACvB,IAAA,aAAQ,EAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAA,aAAQ,EAAC,IAAI,CAAC,OAAO,CAAC;QAC/C,CAAC,CAAE,IAAI,CAAC,OAAwB;QAChC,CAAC,CAAC,SAAS,CAAC;IAEhB,IAAI,mBAAmB;QAAE,OAAO,IAAI,CAAC,OAAO,CAAC;IAE7C,MAAM,EAAE,OAAO,EAAE,gBAAgB,EAAE,GAAG,IAAA,2CAAmB,EAAC,IAAI,CAAC,CAAC;IAChE,MAAM,OAAO,GAAG,mBAAmB,IAAI,gBAAgB,CAAC;IAExD,IAAI,CAAC,IAAA,aAAQ,EAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,mBAAU,CAAC,uBAAuB,CAAC,CAAC;IAChD,CAAC;IAED,OAAO;QACL,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;QAClB,OAAO,EAAE,MAAM,CAAC,OAAO;KACxB,CAAC;AACJ,CAAC,CAAC;AAzBW,QAAA,aAAa,iBAyBxB"}

package/dist/internal/utils/resolve-cert-binding.d.ts

@@ -0,0 +1,4 @@
+import { IKryptos } from "@lindorm/kryptos";
+import { BindCertificateMode, CertificateHeaderFields } from "../../types";
+export declare const resolveCertBinding: (kryptos: IKryptos, mode: BindCertificateMode | undefined) => CertificateHeaderFields | undefined;
+//# sourceMappingURL=resolve-cert-binding.d.ts.map

package/dist/internal/utils/resolve-cert-binding.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"resolve-cert-binding.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/resolve-cert-binding.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,OAAO,EAAE,mBAAmB,EAAE,uBAAuB,EAAE,MAAM,aAAa,CAAC;AAE3E,eAAO,MAAM,kBAAkB,GAC7B,SAAS,QAAQ,EACjB,MAAM,mBAAmB,GAAG,SAAS,KACpC,uBAAuB,GAAG,SA4B5B,CAAC"}

package/dist/internal/utils/resolve-cert-binding.js

@@ -0,0 +1,30 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveCertBinding = void 0;
+const errors_1 = require("../../errors");
+const resolveCertBinding = (kryptos, mode) => {
+    const resolved = mode === "none"
+        ? "none"
+        : mode === undefined
+            ? kryptos.hasCertificate
+                ? "thumbprint"
+                : "none"
+            : mode;
+    if (resolved === "none")
+        return undefined;
+    if (!kryptos.hasCertificate) {
+        throw new errors_1.AegisError("bindCertificate requires kryptos with certificateChain", {
+            debug: { kryptosId: kryptos.id, mode },
+        });
+    }
+    const fields = {
+        x5tS256: kryptos.certificateThumbprint ?? undefined,
+    };
+    if (resolved === "chain") {
+        fields.x5c =
+            kryptos.certificateChain.length > 0 ? kryptos.certificateChain : undefined;
+    }
+    return fields;
+};
+exports.resolveCertBinding = resolveCertBinding;
+//# sourceMappingURL=resolve-cert-binding.js.map

package/dist/internal/utils/resolve-cert-binding.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"resolve-cert-binding.js","sourceRoot":"","sources":["../../../src/internal/utils/resolve-cert-binding.ts"],"names":[],"mappings":";;;AACA,yCAA0C;AAGnC,MAAM,kBAAkB,GAAG,CAChC,OAAiB,EACjB,IAAqC,EACA,EAAE;IACvC,MAAM,QAAQ,GACZ,IAAI,KAAK,MAAM;QACb,CAAC,CAAC,MAAM;QACR,CAAC,CAAC,IAAI,KAAK,SAAS;YAClB,CAAC,CAAC,OAAO,CAAC,cAAc;gBACtB,CAAC,CAAC,YAAY;gBACd,CAAC,CAAC,MAAM;YACV,CAAC,CAAC,IAAI,CAAC;IAEb,IAAI,QAAQ,KAAK,MAAM;QAAE,OAAO,SAAS,CAAC;IAE1C,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,IAAI,mBAAU,CAAC,wDAAwD,EAAE;YAC7E,KAAK,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,IAAI,EAAE;SACvC,CAAC,CAAC;IACL,CAAC;IAED,MAAM,MAAM,GAA4B;QACtC,OAAO,EAAE,OAAO,CAAC,qBAAqB,IAAI,SAAS;KACpD,CAAC;IAEF,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG;YACR,OAAO,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;IAC/E,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AA/BW,QAAA,kBAAkB,sBA+B7B"}

package/dist/internal/utils/token-header.d.ts

@@ -1,4 +1,4 @@
-import { DecodedTokenHeader, ParsedTokenHeader, RawTokenHeaderClaims, TokenHeaderOptions } from "../../types";
-export declare const mapTokenHeader: (options: TokenHeaderOptions) => RawTokenHeaderClaims;
+import { CertificateHeaderFields, DecodedTokenHeader, ParsedTokenHeader, RawTokenHeaderClaims, TokenHeaderOptions } from "../../types";
+export declare const mapTokenHeader: (options: TokenHeaderOptions, cert?: CertificateHeaderFields) => RawTokenHeaderClaims;
 export declare const parseTokenHeader: <T extends ParsedTokenHeader = ParsedTokenHeader>(decoded: DecodedTokenHeader) => T;
 //# sourceMappingURL=token-header.d.ts.map

package/dist/internal/utils/token-header.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"token-header.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/token-header.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,kBAAkB,EAClB,iBAAiB,EACjB,oBAAoB,EACpB,kBAAkB,EACnB,MAAM,aAAa,CAAC;AAErB,eAAO,MAAM,cAAc,GAAI,SAAS,kBAAkB,KAAG,oBAgE5D,CAAC;AAEF,eAAO,MAAM,gBAAgB,GAAI,CAAC,SAAS,iBAAiB,GAAG,iBAAiB,EAC9E,SAAS,kBAAkB,KAC1B,CAiEF,CAAC"}
+{"version":3,"file":"token-header.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/token-header.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,uBAAuB,EACvB,kBAAkB,EAClB,iBAAiB,EACjB,oBAAoB,EACpB,kBAAkB,EACnB,MAAM,aAAa,CAAC;AAGrB,eAAO,MAAM,cAAc,GACzB,SAAS,kBAAkB,EAC3B,OAAM,uBAA4B,KACjC,oBAsDF,CAAC;AAEF,eAAO,MAAM,gBAAgB,GAAI,CAAC,SAAS,iBAAiB,GAAG,iBAAiB,EAC9E,SAAS,kBAAkB,KAC1B,CA+DF,CAAC"}

package/dist/internal/utils/token-header.js

@@ -3,7 +3,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.parseTokenHeader = exports.mapTokenHeader = void 0;
 const is_1 = require("@lindorm/is");
 const utils_1 = require("@lindorm/utils");
-const mapTokenHeader = (options) => {
+const compute_typ_header_1 = require("./compute-typ-header");
+const mapTokenHeader = (options, cert = {}) => {
     const crit = options.critical
         ?.map((key) => {
         switch (key) {
@@ -33,14 +34,6 @@ const mapTokenHeader = (options) => {
                 return "epk";
             case "publicEncryptionTag":
                 return "tag";
-            case "x5c":
-                return "x5c";
-            case "x5t":
-                return "x5t";
-            case "x5u":
-                return "x5u";
-            case "x5tS256":
-                return "x5t#S256";
             default:
                 return key;
         }
@@ -61,10 +54,8 @@ const mapTokenHeader = (options) => {
         p2s: options.pbkdfSalt,
         tag: options.publicEncryptionTag,
         typ: options.headerType,
-        x5c: (0, is_1.isString)(options.x5c) ? options.x5c : undefined,
-        x5t: (0, is_1.isString)(options.x5t) ? options.x5t : undefined,
-        x5u: (0, is_1.isString)(options.x5u) ? options.x5u : undefined,
-        "x5t#S256": (0, is_1.isString)(options.x5tS256) ? options.x5tS256 : undefined,
+        x5c: Array.isArray(cert.x5c) ? cert.x5c : undefined,
+        "x5t#S256": (0, is_1.isString)(cert.x5tS256) ? cert.x5tS256 : undefined,
     });
 };
 exports.mapTokenHeader = mapTokenHeader;
@@ -102,8 +93,6 @@ const parseTokenHeader = (decoded) => {
                 return "x5c";
             case "x5t":
                 return "x5t";
-            case "x5u":
-                return "x5u";
             case "x5t#S256":
                 return "x5tS256";
             default:
@@ -113,6 +102,7 @@ const parseTokenHeader = (decoded) => {
         .sort() ?? [];
     return (0, utils_1.removeUndefined)({
         algorithm: decoded.alg,
+        baseFormat: (0, compute_typ_header_1.getBaseFormat)(decoded.typ),
         contentType: decoded.cty,
         critical,
         encryption: decoded.enc,
@@ -128,7 +118,6 @@ const parseTokenHeader = (decoded) => {
         publicEncryptionTag: decoded.tag,
         x5c: decoded.x5c,
         x5t: decoded.x5t,
-        x5u: decoded.x5u,
         x5tS256: decoded["x5t#S256"],
     });
 };

package/dist/internal/utils/token-header.js.map

@@ -1 +1 @@
-{"version":3,"file":"token-header.js","sourceRoot":"","sources":["../../../src/internal/utils/token-header.ts"],"names":[],"mappings":";;;AAAA,oCAAsE;AACtE,0CAAiD;AAQ1C,MAAM,cAAc,GAAG,CAAC,OAA2B,EAAwB,EAAE;IAClF,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ;QAC3B,EAAE,GAAG,CAAC,CAAC,GAAG,EAAU,EAAE;QACpB,QAAQ,GAAG,EAAE,CAAC;YACZ,KAAK,WAAW;gBACd,OAAO,KAAK,CAAC;YACf,KAAK,aAAa;gBAChB,OAAO,KAAK,CAAC;YACf,KAAK,YAAY;gBACf,OAAO,KAAK,CAAC;YACf,KAAK,YAAY;gBACf,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,SAAS;gBACZ,OAAO,KAAK,CAAC;YACf,KAAK,OAAO;gBACV,OAAO,KAAK,CAAC;YACf,KAAK,UAAU;gBACb,OAAO,KAAK,CAAC;YACf,KAAK,iBAAiB;gBACpB,OAAO,KAAK,CAAC;YACf,KAAK,WAAW;gBACd,OAAO,KAAK,CAAC;YACf,KAAK,sBAAsB;gBACzB,OAAO,IAAI,CAAC;YACd,KAAK,qBAAqB;gBACxB,OAAO,KAAK,CAAC;YACf,KAAK,qBAAqB;gBACxB,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,SAAS;gBACZ,OAAO,UAAU,CAAC;YACpB;gBACE,OAAO,GAAG,CAAC;QACf,CAAC;IACH,CAAC,CAAC;SACD,IAAI,EAAE,CAAC;IAEV,OAAO,IAAA,uBAAe,EAAC;QACrB,GAAG,EAAE,OAAO,CAAC,SAAS;QACtB,IAAI;QACJ,GAAG,EAAE,OAAO,CAAC,WAAW;QACxB,GAAG,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;QAClE,GAAG,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS;QACpF,EAAE,EAAE,OAAO,CAAC,oBAAoB;QAChC,GAAG,EAAE,IAAA,cAAS,EAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;QAC7D,GAAG,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QACpD,GAAG,EAAE,OAAO,CAAC,KAAK;QAClB,GAAG,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;QAC9D,GAAG,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS;QAC5E,GAAG,EAAE,OAAO,CAAC,SAAS;QACtB,GAAG,EAAE,OAAO,CAAC,mBAAmB;QAChC,GAAG,EAAE,OAAO,CAAC,UAAU;QACvB,GAAG,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QACpD,GAAG,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QACpD,GAAG,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QACpD,UAAU,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;KACpE,CAAC,CAAC;AACL,CAAC,CAAC;AAhEW,QAAA,cAAc,kBAgEzB;AAEK,MAAM,gBAAgB,GAAG,CAC9B,OAA2B,EACxB,EAAE;IACL,MAAM,QAAQ,GACX,OAAO,CAAC,IAAI;QACX,EAAE,GAAG,CAAC,CAAC,GAAG,EAAU,EAAE;QACpB,QAAQ,GAAG,EAAE,CAAC;YACZ,KAAK,KAAK;gBACR,OAAO,WAAW,CAAC;YACrB,KAAK,KAAK;gBACR,OAAO,aAAa,CAAC;YACvB,KAAK,KAAK;gBACR,OAAO,YAAY,CAAC;YACtB,KAAK,KAAK;gBACR,OAAO,qBAAqB,CAAC;YAC/B,KAAK,IAAI;gBACP,OAAO,sBAAsB,CAAC;YAChC,KAAK,KAAK;gBACR,OAAO,SAAS,CAAC;YACnB,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,OAAO,CAAC;YACjB,KAAK,KAAK;gBACR,OAAO,UAAU,CAAC;YACpB,KAAK,KAAK;gBACR,OAAO,iBAAiB,CAAC;YAC3B,KAAK,KAAK;gBACR,OAAO,WAAW,CAAC;YACrB,KAAK,KAAK;gBACR,OAAO,qBAAqB,CAAC;YAC/B,KAAK,KAAK;gBACR,OAAO,YAAY,CAAC;YACtB,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,UAAU;gBACb,OAAO,SAAS,CAAC;YACnB;gBACE,OAAO,GAAG,CAAC;QACf,CAAC;IACH,CAAC,CAAC;SACD,IAAI,EAAoC,IAAI,EAAE,CAAC;IAEpD,OAAO,IAAA,uBAAe,EAAC;QACrB,SAAS,EAAE,OAAO,CAAC,GAAG;QACtB,WAAW,EAAE,OAAO,CAAC,GAAG;QACxB,QAAQ;QACR,UAAU,EAAE,OAAO,CAAC,GAAG;QACvB,UAAU,EAAE,OAAO,CAAC,GAAG;QACvB,oBAAoB,EAAE,OAAO,CAAC,EAAE;QAChC,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,OAAO,EAAE,OAAO,CAAC,GAAG;QACpB,KAAK,EAAE,OAAO,CAAC,GAAG;QAClB,QAAQ,EAAE,OAAO,CAAC,GAAG;QACrB,eAAe,EAAE,OAAO,CAAC,GAAG;QAC5B,SAAS,EAAE,OAAO,CAAC,GAAG;QACtB,mBAAmB,EAAE,OAAO,CAAC,GAAG;QAChC,mBAAmB,EAAE,OAAO,CAAC,GAAG;QAChC,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,OAAO,EAAE,OAAO,CAAC,UAAU,CAAC;KAC7B,CAAM,CAAC;AACV,CAAC,CAAC;AAnEW,QAAA,gBAAgB,oBAmE3B"}
+{"version":3,"file":"token-header.js","sourceRoot":"","sources":["../../../src/internal/utils/token-header.ts"],"names":[],"mappings":";;;AAAA,oCAAsE;AACtE,0CAAiD;AAQjD,6DAAqD;AAE9C,MAAM,cAAc,GAAG,CAC5B,OAA2B,EAC3B,OAAgC,EAAE,EACZ,EAAE;IACxB,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ;QAC3B,EAAE,GAAG,CAAC,CAAC,GAAG,EAAU,EAAE;QACpB,QAAQ,GAAG,EAAE,CAAC;YACZ,KAAK,WAAW;gBACd,OAAO,KAAK,CAAC;YACf,KAAK,aAAa;gBAChB,OAAO,KAAK,CAAC;YACf,KAAK,YAAY;gBACf,OAAO,KAAK,CAAC;YACf,KAAK,YAAY;gBACf,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,SAAS;gBACZ,OAAO,KAAK,CAAC;YACf,KAAK,OAAO;gBACV,OAAO,KAAK,CAAC;YACf,KAAK,UAAU;gBACb,OAAO,KAAK,CAAC;YACf,KAAK,iBAAiB;gBACpB,OAAO,KAAK,CAAC;YACf,KAAK,WAAW;gBACd,OAAO,KAAK,CAAC;YACf,KAAK,sBAAsB;gBACzB,OAAO,IAAI,CAAC;YACd,KAAK,qBAAqB;gBACxB,OAAO,KAAK,CAAC;YACf,KAAK,qBAAqB;gBACxB,OAAO,KAAK,CAAC;YACf;gBACE,OAAO,GAAG,CAAC;QACf,CAAC;IACH,CAAC,CAAC;SACD,IAAI,EAAE,CAAC;IAEV,OAAO,IAAA,uBAAe,EAAC;QACrB,GAAG,EAAE,OAAO,CAAC,SAAS;QACtB,IAAI;QACJ,GAAG,EAAE,OAAO,CAAC,WAAW;QACxB,GAAG,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;QAClE,GAAG,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS;QACpF,EAAE,EAAE,OAAO,CAAC,oBAAoB;QAChC,GAAG,EAAE,IAAA,cAAS,EAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;QAC7D,GAAG,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QACpD,GAAG,EAAE,OAAO,CAAC,KAAK;QAClB,GAAG,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;QAC9D,GAAG,EAAE,IAAA,aAAQ,EAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS;QAC5E,GAAG,EAAE,OAAO,CAAC,SAAS;QACtB,GAAG,EAAE,OAAO,CAAC,mBAAmB;QAChC,GAAG,EAAE,OAAO,CAAC,UAAU;QACvB,GAAG,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QACnD,UAAU,EAAE,IAAA,aAAQ,EAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;KAC9D,CAAC,CAAC;AACL,CAAC,CAAC;AAzDW,QAAA,cAAc,kBAyDzB;AAEK,MAAM,gBAAgB,GAAG,CAC9B,OAA2B,EACxB,EAAE;IACL,MAAM,QAAQ,GACX,OAAO,CAAC,IAAI;QACX,EAAE,GAAG,CAAC,CAAC,GAAG,EAAU,EAAE;QACpB,QAAQ,GAAG,EAAE,CAAC;YACZ,KAAK,KAAK;gBACR,OAAO,WAAW,CAAC;YACrB,KAAK,KAAK;gBACR,OAAO,aAAa,CAAC;YACvB,KAAK,KAAK;gBACR,OAAO,YAAY,CAAC;YACtB,KAAK,KAAK;gBACR,OAAO,qBAAqB,CAAC;YAC/B,KAAK,IAAI;gBACP,OAAO,sBAAsB,CAAC;YAChC,KAAK,KAAK;gBACR,OAAO,SAAS,CAAC;YACnB,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,OAAO,CAAC;YACjB,KAAK,KAAK;gBACR,OAAO,UAAU,CAAC;YACpB,KAAK,KAAK;gBACR,OAAO,iBAAiB,CAAC;YAC3B,KAAK,KAAK;gBACR,OAAO,WAAW,CAAC;YACrB,KAAK,KAAK;gBACR,OAAO,qBAAqB,CAAC;YAC/B,KAAK,KAAK;gBACR,OAAO,YAAY,CAAC;YACtB,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,KAAK;gBACR,OAAO,KAAK,CAAC;YACf,KAAK,UAAU;gBACb,OAAO,SAAS,CAAC;YACnB;gBACE,OAAO,GAAG,CAAC;QACf,CAAC;IACH,CAAC,CAAC;SACD,IAAI,EAAoC,IAAI,EAAE,CAAC;IAEpD,OAAO,IAAA,uBAAe,EAAC;QACrB,SAAS,EAAE,OAAO,CAAC,GAAG;QACtB,UAAU,EAAE,IAAA,kCAAa,EAAC,OAAO,CAAC,GAAG,CAAC;QACtC,WAAW,EAAE,OAAO,CAAC,GAAG;QACxB,QAAQ;QACR,UAAU,EAAE,OAAO,CAAC,GAAG;QACvB,UAAU,EAAE,OAAO,CAAC,GAAG;QACvB,oBAAoB,EAAE,OAAO,CAAC,EAAE;QAChC,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,OAAO,EAAE,OAAO,CAAC,GAAG;QACpB,KAAK,EAAE,OAAO,CAAC,GAAG;QAClB,QAAQ,EAAE,OAAO,CAAC,GAAG;QACrB,eAAe,EAAE,OAAO,CAAC,GAAG;QAC5B,SAAS,EAAE,OAAO,CAAC,GAAG;QACtB,mBAAmB,EAAE,OAAO,CAAC,GAAG;QAChC,mBAAmB,EAAE,OAAO,CAAC,GAAG;QAChC,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,OAAO,EAAE,OAAO,CAAC,UAAU,CAAC;KAC7B,CAAM,CAAC;AACV,CAAC,CAAC;AAjEW,QAAA,gBAAgB,oBAiE3B"}

package/dist/internal/utils/validate-actor.d.ts

@@ -0,0 +1,3 @@
+import { TokenDelegation, VerifyActorOptions } from "../../types/jwt";
+export declare const validateActor: (delegation: TokenDelegation, options: VerifyActorOptions | undefined) => string | null;
+//# sourceMappingURL=validate-actor.d.ts.map

package/dist/internal/utils/validate-actor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate-actor.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/validate-actor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAEtE,eAAO,MAAM,aAAa,GACxB,YAAY,eAAe,EAC3B,SAAS,kBAAkB,GAAG,SAAS,KACtC,MAAM,GAAG,IA2BX,CAAC"}

package/dist/internal/utils/validate-actor.js

@@ -0,0 +1,27 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateActor = void 0;
+const validateActor = (delegation, options) => {
+    if (!options)
+        return null;
+    if (options.required && !delegation.isDelegated) {
+        return "Expected delegated token with act claim";
+    }
+    if (options.forbidden && delegation.isDelegated) {
+        return "Expected non-delegated token";
+    }
+    if (options.maxChainDepth !== undefined &&
+        delegation.actorChain.length > options.maxChainDepth) {
+        return `Actor chain exceeds maximum depth of ${options.maxChainDepth}`;
+    }
+    if (options.allowedSubjects) {
+        for (const entry of delegation.actorChain) {
+            if (!entry.subject || !options.allowedSubjects.includes(entry.subject)) {
+                return `Actor subject not allowed: ${entry.subject ?? "undefined"}`;
+            }
+        }
+    }
+    return null;
+};
+exports.validateActor = validateActor;
+//# sourceMappingURL=validate-actor.js.map

package/dist/internal/utils/validate-actor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate-actor.js","sourceRoot":"","sources":["../../../src/internal/utils/validate-actor.ts"],"names":[],"mappings":";;;AAEO,MAAM,aAAa,GAAG,CAC3B,UAA2B,EAC3B,OAAuC,EACxB,EAAE;IACjB,IAAI,CAAC,OAAO;QAAE,OAAO,IAAI,CAAC;IAE1B,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC;QAChD,OAAO,yCAAyC,CAAC;IACnD,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,IAAI,UAAU,CAAC,WAAW,EAAE,CAAC;QAChD,OAAO,8BAA8B,CAAC;IACxC,CAAC;IAED,IACE,OAAO,CAAC,aAAa,KAAK,SAAS;QACnC,UAAU,CAAC,UAAU,CAAC,MAAM,GAAG,OAAO,CAAC,aAAa,EACpD,CAAC;QACD,OAAO,wCAAwC,OAAO,CAAC,aAAa,EAAE,CAAC;IACzE,CAAC;IAED,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;QAC5B,KAAK,MAAM,KAAK,IAAI,UAAU,CAAC,UAAU,EAAE,CAAC;YAC1C,IAAI,CAAC,KAAK,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvE,OAAO,8BAA8B,KAAK,CAAC,OAAO,IAAI,WAAW,EAAE,CAAC;YACtE,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AA9BW,QAAA,aAAa,iBA8BxB"}

package/dist/internal/utils/validate-crit.d.ts

@@ -0,0 +1,4 @@
+export declare const validateCrit: (decoded: {
+    crit?: unknown;
+} & Record<string, unknown>) => string | null;
+//# sourceMappingURL=validate-crit.d.ts.map

package/dist/internal/utils/validate-crit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate-crit.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/validate-crit.ts"],"names":[],"mappings":"AAoDA,eAAO,MAAM,YAAY,GACvB,SAAS;IAAE,IAAI,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KACpD,MAAM,GAAG,IAoCX,CAAC"}

package/dist/internal/utils/validate-crit.js

@@ -0,0 +1,55 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateCrit = void 0;
+const IANA_REGISTERED_JOSE_HEADER_PARAMS = new Set([
+    "alg",
+    "jku",
+    "jwk",
+    "kid",
+    "x5u",
+    "x5c",
+    "x5t",
+    "x5t#S256",
+    "typ",
+    "cty",
+    "crit",
+    "enc",
+    "zip",
+    "epk",
+    "apu",
+    "apv",
+    "iv",
+    "tag",
+    "p2s",
+    "p2c",
+    "b64",
+    "ppt",
+    "url",
+    "nonce",
+    "svt",
+]);
+const validateCrit = (decoded) => {
+    const crit = decoded.crit;
+    if (crit === undefined)
+        return null;
+    if (!Array.isArray(crit)) {
+        return "crit must be an array";
+    }
+    if (crit.length === 0) {
+        return "crit must not be an empty array when present";
+    }
+    for (const name of crit) {
+        if (typeof name !== "string") {
+            return "crit entries must be strings";
+        }
+        if (IANA_REGISTERED_JOSE_HEADER_PARAMS.has(name)) {
+            return `crit must not contain the IANA-registered header parameter "${name}"`;
+        }
+        if (!(name in decoded)) {
+            return `crit listed parameter "${name}" is not present in the header`;
+        }
+    }
+    return null;
+};
+exports.validateCrit = validateCrit;
+//# sourceMappingURL=validate-crit.js.map

package/dist/internal/utils/validate-crit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate-crit.js","sourceRoot":"","sources":["../../../src/internal/utils/validate-crit.ts"],"names":[],"mappings":";;;AAOA,MAAM,kCAAkC,GAAG,IAAI,GAAG,CAAC;IAEjD,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;IACL,UAAU;IACV,KAAK;IACL,KAAK;IACL,MAAM;IAEN,KAAK;IACL,KAAK;IAEL,KAAK;IACL,KAAK;IACL,KAAK;IACL,IAAI;IACJ,KAAK;IACL,KAAK;IACL,KAAK;IAEL,KAAK;IAEL,KAAK;IAEL,KAAK;IACL,OAAO;IAEP,KAAK;CACN,CAAC,CAAC;AAYI,MAAM,YAAY,GAAG,CAC1B,OAAqD,EACtC,EAAE;IACjB,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAE1B,IAAI,IAAI,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC;IAEpC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QACzB,OAAO,uBAAuB,CAAC;IACjC,CAAC;IAGD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,8CAA8C,CAAC;IACxD,CAAC;IAED,KAAK,MAAM,IAAI,IAAI,IAAI,EAAE,CAAC;QACxB,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,OAAO,8BAA8B,CAAC;QACxC,CAAC;QAID,IAAI,kCAAkC,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACjD,OAAO,+DAA+D,IAAI,GAAG,CAAC;QAChF,CAAC;QAOD,IAAI,CAAC,CAAC,IAAI,IAAI,OAAO,CAAC,EAAE,CAAC;YACvB,OAAO,0BAA0B,IAAI,gCAAgC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAtCW,QAAA,YAAY,gBAsCvB"}

package/dist/internal/utils/verify-cert-binding.d.ts

@@ -0,0 +1,14 @@
+import { IKryptos } from "@lindorm/kryptos";
+import { ILogger } from "@lindorm/logger";
+import { CertBindingMode } from "../../types";
+type VerifyCertBindingOptions = {
+    header: {
+        x5tS256: string | undefined;
+    };
+    kryptos: IKryptos;
+    logger: ILogger;
+    mode: CertBindingMode;
+};
+export declare const verifyCertBinding: ({ header, kryptos, logger, mode, }: VerifyCertBindingOptions) => void;
+export {};
+//# sourceMappingURL=verify-cert-binding.d.ts.map

package/dist/internal/utils/verify-cert-binding.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify-cert-binding.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/verify-cert-binding.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAE1C,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAE9C,KAAK,wBAAwB,GAAG;IAC9B,MAAM,EAAE;QAAE,OAAO,EAAE,MAAM,GAAG,SAAS,CAAA;KAAE,CAAC;IACxC,OAAO,EAAE,QAAQ,CAAC;IAClB,MAAM,EAAE,OAAO,CAAC;IAChB,IAAI,EAAE,eAAe,CAAC;CACvB,CAAC;AAqBF,eAAO,MAAM,iBAAiB,GAAI,oCAK/B,wBAAwB,KAAG,IAyB7B,CAAC"}

package/dist/internal/utils/verify-cert-binding.js

@@ -0,0 +1,25 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyCertBinding = void 0;
+const errors_1 = require("../../errors");
+const verifyCertBinding = ({ header, kryptos, logger, mode, }) => {
+    if (header.x5tS256 === undefined)
+        return;
+    if (kryptos.certificateThumbprint === null) {
+        if (mode === "strict") {
+            throw new errors_1.AegisError("token header x5t#S256 present but signing kryptos has no certificateChain", { debug: { kryptosId: kryptos.id } });
+        }
+        logger.warn("Cert binding: token header x5t#S256 present but signing kryptos has no certificateChain (lax mode — passing through)", { kryptosId: kryptos.id });
+        return;
+    }
+    if (header.x5tS256 !== kryptos.certificateThumbprint) {
+        throw new errors_1.AegisError("signing certificate thumbprint mismatch", {
+            debug: {
+                expected: kryptos.certificateThumbprint,
+                received: header.x5tS256,
+            },
+        });
+    }
+};
+exports.verifyCertBinding = verifyCertBinding;
+//# sourceMappingURL=verify-cert-binding.js.map

package/dist/internal/utils/verify-cert-binding.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify-cert-binding.js","sourceRoot":"","sources":["../../../src/internal/utils/verify-cert-binding.ts"],"names":[],"mappings":";;;AAEA,yCAA0C;AA6BnC,MAAM,iBAAiB,GAAG,CAAC,EAChC,MAAM,EACN,OAAO,EACP,MAAM,EACN,IAAI,GACqB,EAAQ,EAAE;IACnC,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS;QAAE,OAAO;IAEzC,IAAI,OAAO,CAAC,qBAAqB,KAAK,IAAI,EAAE,CAAC;QAC3C,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtB,MAAM,IAAI,mBAAU,CAClB,2EAA2E,EAC3E,EAAE,KAAK,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,EAAE,CACrC,CAAC;QACJ,CAAC;QACD,MAAM,CAAC,IAAI,CACT,sHAAsH,EACtH,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,CAC1B,CAAC;QACF,OAAO;IACT,CAAC;IAED,IAAI,MAAM,CAAC,OAAO,KAAK,OAAO,CAAC,qBAAqB,EAAE,CAAC;QACrD,MAAM,IAAI,mBAAU,CAAC,yCAAyC,EAAE;YAC9D,KAAK,EAAE;gBACL,QAAQ,EAAE,OAAO,CAAC,qBAAqB;gBACvC,QAAQ,EAAE,MAAM,CAAC,OAAO;aACzB;SACF,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC;AA9BW,QAAA,iBAAiB,qBA8B5B"}

package/dist/internal/utils/verify-dpop-proof.d.ts

@@ -0,0 +1,10 @@
+import { ParsedDpopProof } from "../../types/jwt/jwt-dpop";
+type Options = {
+    proof: string;
+    accessToken: string;
+    expectedThumbprint: string;
+    dpopMaxSkew: number;
+};
+export declare const verifyDpopProof: (options: Options) => ParsedDpopProof;
+export {};
+//# sourceMappingURL=verify-dpop-proof.d.ts.map

package/dist/internal/utils/verify-dpop-proof.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify-dpop-proof.d.ts","sourceRoot":"","sources":["../../../src/internal/utils/verify-dpop-proof.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAM3D,KAAK,OAAO,GAAG;IACb,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAkBF,eAAO,MAAM,eAAe,GAAI,SAAS,OAAO,KAAG,eA8ElD,CAAC"}

package/dist/internal/utils/verify-dpop-proof.js

@@ -0,0 +1,76 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyDpopProof = void 0;
+const kryptos_1 = require("@lindorm/kryptos");
+const sha_1 = require("@lindorm/sha");
+const errors_1 = require("../../errors");
+const compute_jwk_thumbprint_1 = require("./compute-jwk-thumbprint");
+const jose_header_1 = require("./jose-header");
+const jose_signature_1 = require("./jose-signature");
+const jwt_payload_1 = require("./jwt-payload");
+const assertString = (value, claim) => {
+    if (typeof value !== "string" || value.length === 0) {
+        throw new errors_1.JwtError(`Invalid DPoP proof: "${claim}" claim is required`);
+    }
+    return value;
+};
+const verifyDpopProof = (options) => {
+    const { proof, accessToken, expectedThumbprint, dpopMaxSkew } = options;
+    const parts = proof.split(".");
+    if (parts.length !== 3) {
+        throw new errors_1.JwtError("Invalid DPoP proof: not a compact JWS");
+    }
+    const [headerB64, payloadB64] = parts;
+    const header = (0, jose_header_1.decodeJoseHeader)(headerB64);
+    if (header.typ !== "dpop+jwt") {
+        throw new errors_1.JwtError("Invalid DPoP proof: header typ must be dpop+jwt", {
+            data: { typ: header.typ },
+        });
+    }
+    if (!header.jwk) {
+        throw new errors_1.JwtError("Invalid DPoP proof: header jwk is required");
+    }
+    const rawJwk = header.jwk;
+    const thumbprint = (0, compute_jwk_thumbprint_1.computeJwkThumbprint)(rawJwk);
+    if (thumbprint !== expectedThumbprint) {
+        throw new errors_1.JwtError("Invalid DPoP proof: thumbprint does not match cnf.jkt", {
+            data: { expected: expectedThumbprint, actual: thumbprint },
+        });
+    }
+    const proofKryptos = kryptos_1.KryptosKit.from.jwk({
+        ...rawJwk,
+        alg: header.alg,
+        use: "sig",
+    });
+    if (!(0, jose_signature_1.verifyJoseSignature)(proofKryptos, proof)) {
+        throw new errors_1.JwtError("Invalid DPoP proof: signature verification failed");
+    }
+    const payload = (0, jwt_payload_1.decodeJwtPayload)(payloadB64);
+    const tokenId = assertString(payload.jti, "jti");
+    const httpMethod = assertString(payload.htm, "htm");
+    const httpUri = assertString(payload.htu, "htu");
+    if (typeof payload.iat !== "number") {
+        throw new errors_1.JwtError("Invalid DPoP proof: iat claim is required");
+    }
+    const now = Math.floor(Date.now() / 1000);
+    if (Math.abs(now - payload.iat) > dpopMaxSkew) {
+        throw new errors_1.JwtError("Invalid DPoP proof: iat is outside the allowed skew window", {
+            data: { iat: payload.iat, now, dpopMaxSkew },
+        });
+    }
+    const expectedAth = sha_1.ShaKit.S256(accessToken);
+    if (payload.ath !== expectedAth) {
+        throw new errors_1.JwtError("Invalid DPoP proof: ath does not match access token hash");
+    }
+    return {
+        thumbprint,
+        tokenId,
+        httpMethod,
+        httpUri,
+        issuedAt: new Date(payload.iat * 1000),
+        accessTokenHash: expectedAth,
+        nonce: typeof payload.nonce === "string" ? payload.nonce : undefined,
+    };
+};
+exports.verifyDpopProof = verifyDpopProof;
+//# sourceMappingURL=verify-dpop-proof.js.map

package/dist/internal/utils/verify-dpop-proof.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify-dpop-proof.js","sourceRoot":"","sources":["../../../src/internal/utils/verify-dpop-proof.ts"],"names":[],"mappings":";;;AAAA,8CAA8C;AAC9C,sCAAsC;AACtC,yCAAwC;AAExC,qEAAgE;AAChE,+CAAiD;AACjD,qDAAuD;AACvD,+CAAiD;AAkBjD,MAAM,YAAY,GAAG,CAAC,KAAc,EAAE,KAAa,EAAU,EAAE;IAC7D,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpD,MAAM,IAAI,iBAAQ,CAAC,wBAAwB,KAAK,qBAAqB,CAAC,CAAC;IACzE,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAEK,MAAM,eAAe,GAAG,CAAC,OAAgB,EAAmB,EAAE;IACnE,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,kBAAkB,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;IAExE,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,iBAAQ,CAAC,uCAAuC,CAAC,CAAC;IAC9D,CAAC;IACD,MAAM,CAAC,SAAS,EAAE,UAAU,CAAC,GAAG,KAAK,CAAC;IAEtC,MAAM,MAAM,GAAG,IAAA,8BAAgB,EAAC,SAAS,CAAC,CAAC;IAE3C,IAAI,MAAM,CAAC,GAAG,KAAK,UAAU,EAAE,CAAC;QAC9B,MAAM,IAAI,iBAAQ,CAAC,iDAAiD,EAAE;YACpE,IAAI,EAAE,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE;SAC1B,CAAC,CAAC;IACL,CAAC;IAED,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAChB,MAAM,IAAI,iBAAQ,CAAC,4CAA4C,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,GAA8B,CAAC;IAIrD,MAAM,UAAU,GAAG,IAAA,6CAAoB,EAAC,MAAM,CAAC,CAAC;IAEhD,IAAI,UAAU,KAAK,kBAAkB,EAAE,CAAC;QACtC,MAAM,IAAI,iBAAQ,CAAC,uDAAuD,EAAE;YAC1E,IAAI,EAAE,EAAE,QAAQ,EAAE,kBAAkB,EAAE,MAAM,EAAE,UAAU,EAAE;SAC3D,CAAC,CAAC;IACL,CAAC;IAOD,MAAM,YAAY,GAAG,oBAAU,CAAC,IAAI,CAAC,GAAG,CAAC;QACvC,GAAG,MAAM;QACT,GAAG,EAAE,MAAM,CAAC,GAAG;QACf,GAAG,EAAE,KAAK;KACkC,CAAC,CAAC;IAEhD,IAAI,CAAC,IAAA,oCAAmB,EAAC,YAAY,EAAE,KAAK,CAAC,EAAE,CAAC;QAC9C,MAAM,IAAI,iBAAQ,CAAC,mDAAmD,CAAC,CAAC;IAC1E,CAAC;IAED,MAAM,OAAO,GAAG,IAAA,8BAAgB,EAAmB,UAAU,CAAC,CAAC;IAE/D,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACjD,MAAM,UAAU,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACpD,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAEjD,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,MAAM,IAAI,iBAAQ,CAAC,2CAA2C,CAAC,CAAC;IAClE,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,WAAW,EAAE,CAAC;QAC9C,MAAM,IAAI,iBAAQ,CAAC,4DAA4D,EAAE;YAC/E,IAAI,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,WAAW,EAAE;SAC7C,CAAC,CAAC;IACL,CAAC;IAED,MAAM,WAAW,GAAG,YAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC7C,IAAI,OAAO,CAAC,GAAG,KAAK,WAAW,EAAE,CAAC;QAChC,MAAM,IAAI,iBAAQ,CAAC,0DAA0D,CAAC,CAAC;IACjF,CAAC;IAED,OAAO;QACL,UAAU;QACV,OAAO;QACP,UAAU;QACV,OAAO;QACP,QAAQ,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC;QACtC,eAAe,EAAE,WAAW;QAC5B,KAAK,EAAE,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;KACrE,CAAC;AACJ,CAAC,CAAC;AA9EW,QAAA,eAAe,mBA8E1B"}

package/dist/mocks/create-mock-aegis.d.ts

@@ -1,3 +1,4 @@
 import { IAegis } from "../interfaces";
-export declare const createMockAegis: () => IAegis;
+export type MockAegis = jest.Mocked<IAegis>;
+export declare const createMockAegis: () => MockAegis;
 //# sourceMappingURL=create-mock-aegis.d.ts.map

package/dist/mocks/create-mock-aegis.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"create-mock-aegis.d.ts","sourceRoot":"","sources":["../../src/mocks/create-mock-aegis.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAEvC,eAAO,MAAM,eAAe,QAAO,MAoFjC,CAAC"}
+{"version":3,"file":"create-mock-aegis.d.ts","sourceRoot":"","sources":["../../src/mocks/create-mock-aegis.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAEvC,MAAM,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAE5C,eAAO,MAAM,eAAe,QAAO,SA0DlC,CAAC"}