@lindorm/aegis 0.6.0 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +11 -0
- package/README.md +142 -180
- package/__tests__/jwe-interop.test.ts +3 -2
- package/__tests__/jwt-interop.test.ts +4 -7
- package/dist/classes/Aegis.d.ts +5 -5
- package/dist/classes/Aegis.d.ts.map +1 -1
- package/dist/classes/Aegis.js +35 -39
- package/dist/classes/Aegis.js.map +1 -1
- package/dist/classes/JweKit.d.ts +2 -2
- package/dist/classes/JweKit.d.ts.map +1 -1
- package/dist/classes/JweKit.js +47 -51
- package/dist/classes/JweKit.js.map +1 -1
- package/dist/classes/JwsKit.d.ts +2 -2
- package/dist/classes/JwsKit.d.ts.map +1 -1
- package/dist/classes/JwsKit.js +32 -36
- package/dist/classes/JwsKit.js.map +1 -1
- package/dist/classes/JwtKit.d.ts +3 -3
- package/dist/classes/JwtKit.d.ts.map +1 -1
- package/dist/classes/JwtKit.js +50 -54
- package/dist/classes/JwtKit.js.map +1 -1
- package/dist/classes/SignatureKit.d.ts +2 -2
- package/dist/classes/SignatureKit.d.ts.map +1 -1
- package/dist/classes/SignatureKit.js +13 -17
- package/dist/classes/SignatureKit.js.map +1 -1
- package/dist/classes/index.d.ts +5 -5
- package/dist/classes/index.d.ts.map +1 -1
- package/dist/classes/index.js +5 -21
- package/dist/classes/index.js.map +1 -1
- package/dist/constants/token-type.js +2 -5
- package/dist/constants/token-type.js.map +1 -1
- package/dist/errors/AegisError.js +2 -6
- package/dist/errors/AegisError.js.map +1 -1
- package/dist/errors/JweError.js +2 -6
- package/dist/errors/JweError.js.map +1 -1
- package/dist/errors/JwsError.js +2 -6
- package/dist/errors/JwsError.js.map +1 -1
- package/dist/errors/JwtError.js +2 -6
- package/dist/errors/JwtError.js.map +1 -1
- package/dist/errors/index.d.ts +4 -4
- package/dist/errors/index.d.ts.map +1 -1
- package/dist/errors/index.js +4 -20
- package/dist/errors/index.js.map +1 -1
- package/dist/guards/index.d.ts +2 -2
- package/dist/guards/index.d.ts.map +1 -1
- package/dist/guards/index.js +2 -18
- package/dist/guards/index.js.map +1 -1
- package/dist/guards/is-parsed-jws.d.ts +1 -1
- package/dist/guards/is-parsed-jws.d.ts.map +1 -1
- package/dist/guards/is-parsed-jws.js +1 -5
- package/dist/guards/is-parsed-jws.js.map +1 -1
- package/dist/guards/is-parsed-jwt.d.ts +1 -1
- package/dist/guards/is-parsed-jwt.d.ts.map +1 -1
- package/dist/guards/is-parsed-jwt.js +1 -5
- package/dist/guards/is-parsed-jwt.js.map +1 -1
- package/dist/index.d.ts +6 -7
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +5 -22
- package/dist/index.js.map +1 -1
- package/dist/interfaces/Aegis.d.ts +3 -3
- package/dist/interfaces/Aegis.d.ts.map +1 -1
- package/dist/interfaces/Aegis.js +1 -2
- package/dist/interfaces/JweKit.d.ts +1 -1
- package/dist/interfaces/JweKit.d.ts.map +1 -1
- package/dist/interfaces/JweKit.js +1 -2
- package/dist/interfaces/JwsKit.d.ts +1 -1
- package/dist/interfaces/JwsKit.d.ts.map +1 -1
- package/dist/interfaces/JwsKit.js +1 -2
- package/dist/interfaces/JwtKit.d.ts +2 -2
- package/dist/interfaces/JwtKit.d.ts.map +1 -1
- package/dist/interfaces/JwtKit.js +1 -2
- package/dist/interfaces/index.d.ts +4 -4
- package/dist/interfaces/index.d.ts.map +1 -1
- package/dist/interfaces/index.js +4 -20
- package/dist/interfaces/index.js.map +1 -1
- package/dist/internal/constants/aegis-profile-keys.js +1 -4
- package/dist/internal/constants/aegis-profile-keys.js.map +1 -1
- package/dist/internal/constants/format.js +1 -4
- package/dist/internal/constants/format.js.map +1 -1
- package/dist/internal/constants/header.js +13 -16
- package/dist/internal/constants/header.js.map +1 -1
- package/dist/internal/utils/compute-jwk-thumbprint.js +5 -9
- package/dist/internal/utils/compute-jwk-thumbprint.js.map +1 -1
- package/dist/internal/utils/compute-typ-header.d.ts +2 -2
- package/dist/internal/utils/compute-typ-header.d.ts.map +1 -1
- package/dist/internal/utils/compute-typ-header.js +6 -12
- package/dist/internal/utils/compute-typ-header.js.map +1 -1
- package/dist/internal/utils/create-hash.d.ts +1 -1
- package/dist/internal/utils/create-hash.d.ts.map +1 -1
- package/dist/internal/utils/create-hash.js +10 -17
- package/dist/internal/utils/create-hash.js.map +1 -1
- package/dist/internal/utils/extract-aegis-profile.d.ts +2 -2
- package/dist/internal/utils/extract-aegis-profile.d.ts.map +1 -1
- package/dist/internal/utils/extract-aegis-profile.js +6 -10
- package/dist/internal/utils/extract-aegis-profile.js.map +1 -1
- package/dist/internal/utils/extract-claims.d.ts +7 -7
- package/dist/internal/utils/extract-claims.d.ts.map +1 -1
- package/dist/internal/utils/extract-claims.js +47 -51
- package/dist/internal/utils/extract-claims.js.map +1 -1
- package/dist/internal/utils/extract-token-delegation.d.ts +2 -2
- package/dist/internal/utils/extract-token-delegation.d.ts.map +1 -1
- package/dist/internal/utils/extract-token-delegation.js +3 -7
- package/dist/internal/utils/extract-token-delegation.js.map +1 -1
- package/dist/internal/utils/generate-token-id.js +4 -8
- package/dist/internal/utils/generate-token-id.js.map +1 -1
- package/dist/internal/utils/jose-header.d.ts +1 -1
- package/dist/internal/utils/jose-header.d.ts.map +1 -1
- package/dist/internal/utils/jose-header.js +14 -19
- package/dist/internal/utils/jose-header.js.map +1 -1
- package/dist/internal/utils/jose-signature.d.ts +1 -1
- package/dist/internal/utils/jose-signature.d.ts.map +1 -1
- package/dist/internal/utils/jose-signature.js +7 -12
- package/dist/internal/utils/jose-signature.js.map +1 -1
- package/dist/internal/utils/jwt-payload.d.ts +3 -3
- package/dist/internal/utils/jwt-payload.d.ts.map +1 -1
- package/dist/internal/utils/jwt-payload.js +79 -86
- package/dist/internal/utils/jwt-payload.js.map +1 -1
- package/dist/internal/utils/jwt-validate.d.ts +2 -2
- package/dist/internal/utils/jwt-validate.d.ts.map +1 -1
- package/dist/internal/utils/jwt-validate.js +13 -17
- package/dist/internal/utils/jwt-validate.js.map +1 -1
- package/dist/internal/utils/jwt-verify.d.ts +3 -3
- package/dist/internal/utils/jwt-verify.d.ts.map +1 -1
- package/dist/internal/utils/jwt-verify.js +18 -22
- package/dist/internal/utils/jwt-verify.js.map +1 -1
- package/dist/internal/utils/parse-introspection.d.ts +2 -2
- package/dist/internal/utils/parse-introspection.d.ts.map +1 -1
- package/dist/internal/utils/parse-introspection.js +12 -16
- package/dist/internal/utils/parse-introspection.js.map +1 -1
- package/dist/internal/utils/parse-userinfo.d.ts +2 -2
- package/dist/internal/utils/parse-userinfo.d.ts.map +1 -1
- package/dist/internal/utils/parse-userinfo.js +10 -14
- package/dist/internal/utils/parse-userinfo.js.map +1 -1
- package/dist/internal/utils/resolve-cert-binding.d.ts +2 -2
- package/dist/internal/utils/resolve-cert-binding.d.ts.map +1 -1
- package/dist/internal/utils/resolve-cert-binding.js +3 -7
- package/dist/internal/utils/resolve-cert-binding.js.map +1 -1
- package/dist/internal/utils/token-header.d.ts +1 -1
- package/dist/internal/utils/token-header.d.ts.map +1 -1
- package/dist/internal/utils/token-header.js +15 -20
- package/dist/internal/utils/token-header.js.map +1 -1
- package/dist/internal/utils/validate-actor.d.ts +1 -1
- package/dist/internal/utils/validate-actor.d.ts.map +1 -1
- package/dist/internal/utils/validate-actor.js +1 -5
- package/dist/internal/utils/validate-actor.js.map +1 -1
- package/dist/internal/utils/validate-crit.js +1 -5
- package/dist/internal/utils/validate-crit.js.map +1 -1
- package/dist/internal/utils/validate.d.ts +1 -1
- package/dist/internal/utils/validate.d.ts.map +1 -1
- package/dist/internal/utils/validate.js +6 -10
- package/dist/internal/utils/validate.js.map +1 -1
- package/dist/internal/utils/verify-cert-binding.d.ts +3 -3
- package/dist/internal/utils/verify-cert-binding.d.ts.map +1 -1
- package/dist/internal/utils/verify-cert-binding.js +4 -8
- package/dist/internal/utils/verify-cert-binding.js.map +1 -1
- package/dist/internal/utils/verify-dpop-proof.d.ts +1 -1
- package/dist/internal/utils/verify-dpop-proof.d.ts.map +1 -1
- package/dist/internal/utils/verify-dpop-proof.js +23 -27
- package/dist/internal/utils/verify-dpop-proof.js.map +1 -1
- package/dist/mocks/create-mock-aegis.d.ts +3 -3
- package/dist/mocks/create-mock-aegis.d.ts.map +1 -1
- package/dist/mocks/create-mock-aegis.js +20 -20
- package/dist/mocks/create-mock-aegis.js.map +1 -1
- package/dist/mocks/jest.d.ts +5 -0
- package/dist/mocks/jest.d.ts.map +1 -0
- package/dist/mocks/jest.js +4 -0
- package/dist/mocks/jest.js.map +1 -0
- package/dist/mocks/vitest.d.ts +6 -0
- package/dist/mocks/vitest.d.ts.map +1 -0
- package/dist/mocks/vitest.js +5 -0
- package/dist/mocks/vitest.js.map +1 -0
- package/dist/types/aegis.d.ts +5 -5
- package/dist/types/aegis.d.ts.map +1 -1
- package/dist/types/aegis.js +1 -2
- package/dist/types/claims/act-claim.js +1 -2
- package/dist/types/claims/aegis-introspection.d.ts +6 -6
- package/dist/types/claims/aegis-introspection.d.ts.map +1 -1
- package/dist/types/claims/aegis-introspection.js +1 -2
- package/dist/types/claims/aegis-profile.js +1 -2
- package/dist/types/claims/aegis-userinfo.d.ts +1 -1
- package/dist/types/claims/aegis-userinfo.d.ts.map +1 -1
- package/dist/types/claims/aegis-userinfo.js +1 -2
- package/dist/types/claims/confirmation-claim.d.ts +1 -1
- package/dist/types/claims/confirmation-claim.d.ts.map +1 -1
- package/dist/types/claims/confirmation-claim.js +1 -2
- package/dist/types/claims/delegation-claims.d.ts +1 -1
- package/dist/types/claims/delegation-claims.d.ts.map +1 -1
- package/dist/types/claims/delegation-claims.js +1 -2
- package/dist/types/claims/index.d.ts +12 -12
- package/dist/types/claims/index.d.ts.map +1 -1
- package/dist/types/claims/index.js +12 -28
- package/dist/types/claims/index.js.map +1 -1
- package/dist/types/claims/jwt/act-claim-wire.js +1 -2
- package/dist/types/claims/jwt/confirmation-claim-wire.d.ts +1 -1
- package/dist/types/claims/jwt/confirmation-claim-wire.d.ts.map +1 -1
- package/dist/types/claims/jwt/confirmation-claim-wire.js +1 -2
- package/dist/types/claims/jwt/delegation-claims-wire.d.ts +1 -1
- package/dist/types/claims/jwt/delegation-claims-wire.d.ts.map +1 -1
- package/dist/types/claims/jwt/delegation-claims-wire.js +1 -2
- package/dist/types/claims/jwt/index.d.ts +9 -9
- package/dist/types/claims/jwt/index.d.ts.map +1 -1
- package/dist/types/claims/jwt/index.js +9 -25
- package/dist/types/claims/jwt/index.js.map +1 -1
- package/dist/types/claims/jwt/jwt-claims.d.ts +6 -6
- package/dist/types/claims/jwt/jwt-claims.d.ts.map +1 -1
- package/dist/types/claims/jwt/jwt-claims.js +1 -2
- package/dist/types/claims/jwt/lindorm-claims-wire.d.ts +2 -2
- package/dist/types/claims/jwt/lindorm-claims-wire.d.ts.map +1 -1
- package/dist/types/claims/jwt/lindorm-claims-wire.js +1 -2
- package/dist/types/claims/jwt/oauth-claims-wire.js +1 -2
- package/dist/types/claims/jwt/oidc-claims-wire.js +1 -2
- package/dist/types/claims/jwt/pop-claims-wire.d.ts +1 -1
- package/dist/types/claims/jwt/pop-claims-wire.d.ts.map +1 -1
- package/dist/types/claims/jwt/pop-claims-wire.js +1 -2
- package/dist/types/claims/jwt/std-claims-wire.js +1 -2
- package/dist/types/claims/lindorm-claims.d.ts +1 -1
- package/dist/types/claims/lindorm-claims.d.ts.map +1 -1
- package/dist/types/claims/lindorm-claims.js +1 -2
- package/dist/types/claims/oauth-claims.js +1 -2
- package/dist/types/claims/oidc-claims.js +1 -2
- package/dist/types/claims/pop-claims.d.ts +1 -1
- package/dist/types/claims/pop-claims.d.ts.map +1 -1
- package/dist/types/claims/pop-claims.js +1 -2
- package/dist/types/claims/std-claims.js +1 -2
- package/dist/types/header.d.ts +3 -3
- package/dist/types/header.d.ts.map +1 -1
- package/dist/types/header.js +1 -2
- package/dist/types/header.js.map +1 -1
- package/dist/types/index.d.ts +9 -9
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js +9 -25
- package/dist/types/index.js.map +1 -1
- package/dist/types/jwe/index.d.ts +4 -4
- package/dist/types/jwe/index.d.ts.map +1 -1
- package/dist/types/jwe/index.js +4 -20
- package/dist/types/jwe/index.js.map +1 -1
- package/dist/types/jwe/jwe-decode.d.ts +1 -1
- package/dist/types/jwe/jwe-decode.d.ts.map +1 -1
- package/dist/types/jwe/jwe-decode.js +1 -2
- package/dist/types/jwe/jwe-decrypt.d.ts +3 -3
- package/dist/types/jwe/jwe-decrypt.d.ts.map +1 -1
- package/dist/types/jwe/jwe-decrypt.js +1 -2
- package/dist/types/jwe/jwe-encrypt.d.ts +2 -2
- package/dist/types/jwe/jwe-encrypt.d.ts.map +1 -1
- package/dist/types/jwe/jwe-encrypt.js +1 -2
- package/dist/types/jwe/jwe-kit.d.ts +1 -1
- package/dist/types/jwe/jwe-kit.d.ts.map +1 -1
- package/dist/types/jwe/jwe-kit.js +1 -2
- package/dist/types/jws/index.d.ts +4 -4
- package/dist/types/jws/index.d.ts.map +1 -1
- package/dist/types/jws/index.js +4 -20
- package/dist/types/jws/index.js.map +1 -1
- package/dist/types/jws/jws-decode.d.ts +1 -1
- package/dist/types/jws/jws-decode.d.ts.map +1 -1
- package/dist/types/jws/jws-decode.js +1 -2
- package/dist/types/jws/jws-kit.d.ts +1 -1
- package/dist/types/jws/jws-kit.d.ts.map +1 -1
- package/dist/types/jws/jws-kit.js +1 -2
- package/dist/types/jws/jws-parse.d.ts +3 -3
- package/dist/types/jws/jws-parse.d.ts.map +1 -1
- package/dist/types/jws/jws-parse.js +1 -2
- package/dist/types/jws/jws-sign.d.ts +2 -2
- package/dist/types/jws/jws-sign.d.ts.map +1 -1
- package/dist/types/jws/jws-sign.js +1 -2
- package/dist/types/jwt/index.d.ts +9 -9
- package/dist/types/jwt/index.d.ts.map +1 -1
- package/dist/types/jwt/index.js +9 -25
- package/dist/types/jwt/index.js.map +1 -1
- package/dist/types/jwt/jwt-claim-matchers.d.ts +1 -1
- package/dist/types/jwt/jwt-claim-matchers.d.ts.map +1 -1
- package/dist/types/jwt/jwt-claim-matchers.js +1 -2
- package/dist/types/jwt/jwt-decode.d.ts +3 -3
- package/dist/types/jwt/jwt-decode.d.ts.map +1 -1
- package/dist/types/jwt/jwt-decode.js +1 -2
- package/dist/types/jwt/jwt-delegation.d.ts +1 -1
- package/dist/types/jwt/jwt-delegation.d.ts.map +1 -1
- package/dist/types/jwt/jwt-delegation.js +1 -2
- package/dist/types/jwt/jwt-dpop.js +1 -2
- package/dist/types/jwt/jwt-kit.d.ts +1 -1
- package/dist/types/jwt/jwt-kit.d.ts.map +1 -1
- package/dist/types/jwt/jwt-kit.js +1 -2
- package/dist/types/jwt/jwt-parse.d.ts +7 -7
- package/dist/types/jwt/jwt-parse.d.ts.map +1 -1
- package/dist/types/jwt/jwt-parse.js +1 -2
- package/dist/types/jwt/jwt-sign.d.ts +4 -4
- package/dist/types/jwt/jwt-sign.d.ts.map +1 -1
- package/dist/types/jwt/jwt-sign.js +1 -2
- package/dist/types/jwt/jwt-validate.d.ts +3 -3
- package/dist/types/jwt/jwt-validate.d.ts.map +1 -1
- package/dist/types/jwt/jwt-validate.js +1 -2
- package/dist/types/jwt/jwt-verify.d.ts +2 -2
- package/dist/types/jwt/jwt-verify.d.ts.map +1 -1
- package/dist/types/jwt/jwt-verify.js +1 -2
- package/dist/types/kit.d.ts +3 -3
- package/dist/types/kit.d.ts.map +1 -1
- package/dist/types/kit.js +1 -2
- package/dist/types/level-of-assurance.js +1 -2
- package/dist/types/signature-kit.d.ts +2 -2
- package/dist/types/signature-kit.d.ts.map +1 -1
- package/dist/types/signature-kit.js +1 -2
- package/package.json +33 -33
- package/vitest.config.mjs +6 -0
- package/__tests__/__mocks__/cbor.ts +0 -17
- package/dist/mocks/index.d.ts +0 -2
- package/dist/mocks/index.d.ts.map +0 -1
- package/dist/mocks/index.js +0 -6
- package/dist/mocks/index.js.map +0 -1
- package/jest.config.interop.mjs +0 -27
- package/tsconfig.interop.json +0 -9
package/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,17 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
|
5
5
|
|
|
6
|
+
# [0.7.0](https://github.com/lindorm-io/monorepo/compare/@lindorm/aegis@0.6.0...@lindorm/aegis@0.7.0) (2026-05-02)
|
|
7
|
+
|
|
8
|
+
### Bug Fixes
|
|
9
|
+
|
|
10
|
+
- **aegis:** drop createRequire interop workaround in jwt-interop test ([492e3df](https://github.com/lindorm-io/monorepo/commit/492e3dff29971a3958b0628ce5465195f8a8cfe5))
|
|
11
|
+
- widen @lindorm/\* peer ranges to unbounded >= ([f192b59](https://github.com/lindorm-io/monorepo/commit/f192b59107bf1f276d296837f40fa97765d9d2ba))
|
|
12
|
+
|
|
13
|
+
### Features
|
|
14
|
+
|
|
15
|
+
- migrate 20 packages from jest to vitest ([d8bfda8](https://github.com/lindorm-io/monorepo/commit/d8bfda8854dc1cb9537ba0b3e47ec4e4c7bded08))
|
|
16
|
+
|
|
6
17
|
# [0.6.0](https://github.com/lindorm-io/monorepo/compare/@lindorm/aegis@0.5.0...@lindorm/aegis@0.6.0) (2026-04-19)
|
|
7
18
|
|
|
8
19
|
### Features
|
package/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# @lindorm/aegis
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
JOSE token operations for JWT, JWS, and JWE backed by an Amphora key store.
|
|
4
4
|
|
|
5
5
|
## Installation
|
|
6
6
|
|
|
@@ -8,256 +8,186 @@ Token operations for JWT, JWE, JWS, CWT (CBOR Web Token), CWS (COSE Sign1), and
|
|
|
8
8
|
npm install @lindorm/aegis
|
|
9
9
|
```
|
|
10
10
|
|
|
11
|
-
|
|
11
|
+
This package is **ESM-only**. All examples use `import`; `require()` is not supported.
|
|
12
|
+
|
|
13
|
+
The `Aegis` class requires `@lindorm/amphora` (key store) and `@lindorm/logger` (logger) instances at construction time:
|
|
14
|
+
|
|
15
|
+
```bash
|
|
16
|
+
npm install @lindorm/amphora @lindorm/logger
|
|
17
|
+
```
|
|
12
18
|
|
|
13
|
-
|
|
19
|
+
## Overview
|
|
14
20
|
|
|
15
|
-
|
|
16
|
-
- **Kit classes** (`JwtKit`, `CwtKit`, `CwsKit`, etc.) — synchronous, single-key operations. You supply an `IKryptos` key directly.
|
|
21
|
+
Aegis exposes two layers:
|
|
17
22
|
|
|
18
|
-
|
|
23
|
+
- **`Aegis`** — async façade that resolves keys from an `IAmphora` key store and delegates to the kit classes. Use this when you want JWT/JWS/JWE operations driven by a managed key store with `kid`-based lookup.
|
|
24
|
+
- **Kit classes** (`JwtKit`, `JwsKit`, `JweKit`, `SignatureKit`) — synchronous, single-key primitives. You supply an `IKryptos` key directly. Use these when you already have the key in hand and don't need the Amphora layer.
|
|
19
25
|
|
|
20
|
-
|
|
26
|
+
The `Aegis` instance methods are async because they perform key lookups. All kit instance methods are synchronous.
|
|
21
27
|
|
|
22
|
-
|
|
28
|
+
## Aegis
|
|
23
29
|
|
|
24
30
|
```typescript
|
|
25
31
|
import { Aegis } from "@lindorm/aegis";
|
|
26
32
|
|
|
27
33
|
const aegis = new Aegis({
|
|
28
|
-
amphora,
|
|
29
|
-
logger,
|
|
30
|
-
issuer: "https://example.com",
|
|
31
|
-
clockTolerance:
|
|
34
|
+
amphora, // IAmphora — key store
|
|
35
|
+
logger, // ILogger
|
|
36
|
+
issuer: "https://example.com", // optional; falls back to amphora.domain
|
|
37
|
+
clockTolerance: 30, // optional, in seconds (default 0)
|
|
32
38
|
encryption: "A256GCM", // optional, default "A256GCM"
|
|
33
|
-
encAlgorithm: "ECDH-ES", // optional
|
|
34
|
-
sigAlgorithm: "ES256", // optional
|
|
39
|
+
encAlgorithm: "ECDH-ES", // optional — restricts encryption key selection
|
|
40
|
+
sigAlgorithm: "ES256", // optional — restricts signing key selection
|
|
41
|
+
certBindingMode: "strict", // optional, "strict" | "lax" (default "strict")
|
|
42
|
+
dpopMaxSkew: 60, // optional, in seconds (default 60)
|
|
35
43
|
});
|
|
36
44
|
```
|
|
37
45
|
|
|
38
46
|
### Namespaced operations
|
|
39
47
|
|
|
40
48
|
```typescript
|
|
41
|
-
// JWT
|
|
42
49
|
const signed = await aegis.jwt.sign({
|
|
43
50
|
expires: "1h",
|
|
44
|
-
subject: "
|
|
51
|
+
subject: "user-123",
|
|
45
52
|
tokenType: "access_token",
|
|
53
|
+
audience: ["https://api.example.com"],
|
|
54
|
+
scope: ["read", "write"],
|
|
55
|
+
claims: { role: "admin" },
|
|
46
56
|
});
|
|
47
|
-
const parsed = await aegis.jwt.verify(signed.token);
|
|
48
57
|
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
subject: "u1",
|
|
53
|
-
tokenType: "access_token",
|
|
58
|
+
const parsed = await aegis.jwt.verify(signed.token, {
|
|
59
|
+
audience: "https://api.example.com",
|
|
60
|
+
scope: ["read"],
|
|
54
61
|
});
|
|
55
|
-
const cwtParsed = await aegis.cwt.verify(cwt.token);
|
|
56
62
|
|
|
57
|
-
|
|
58
|
-
const
|
|
59
|
-
const cws = await aegis.cws.sign("data");
|
|
63
|
+
const jws = await aegis.jws.sign("payload");
|
|
64
|
+
const verifiedJws = await aegis.jws.verify(jws.token);
|
|
60
65
|
|
|
61
|
-
// JWE / CWE — encrypt and decrypt
|
|
62
66
|
const jwe = await aegis.jwe.encrypt("secret");
|
|
63
|
-
const
|
|
67
|
+
const decrypted = await aegis.jwe.decrypt(jwe.token);
|
|
68
|
+
```
|
|
64
69
|
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
const
|
|
69
|
-
const
|
|
70
|
+
### AES helpers
|
|
71
|
+
|
|
72
|
+
```typescript
|
|
73
|
+
const encoded = await aegis.aes.encrypt("data"); // base64 string
|
|
74
|
+
const record = await aegis.aes.encrypt("data", "record"); // AesEncryptionRecord
|
|
75
|
+
const serialised = await aegis.aes.encrypt("data", "serialised"); // SerialisedAesEncryption
|
|
76
|
+
const tokenised = await aegis.aes.encrypt("data", "tokenised"); // base64 string
|
|
77
|
+
|
|
78
|
+
const plain = await aegis.aes.decrypt(encoded);
|
|
70
79
|
```
|
|
71
80
|
|
|
72
81
|
### Universal verification
|
|
73
82
|
|
|
74
|
-
|
|
83
|
+
`aegis.verify` auto-detects JWT, JWS, and JWE compact serialisations. JWE inputs are decrypted first, then the inner payload is re-verified.
|
|
75
84
|
|
|
76
85
|
```typescript
|
|
77
86
|
const result = await aegis.verify(anyToken, {
|
|
78
87
|
audience: "https://api.example.com",
|
|
79
88
|
});
|
|
80
|
-
// Works with JWT, JWE, JWS, CWT, CWE, or CWS
|
|
81
|
-
// JWE/CWE tokens are decrypted, then their inner payload is verified
|
|
82
89
|
```
|
|
83
90
|
|
|
84
|
-
### Static
|
|
91
|
+
### Static helpers
|
|
85
92
|
|
|
86
|
-
|
|
93
|
+
These do not need a key or amphora.
|
|
87
94
|
|
|
88
95
|
```typescript
|
|
89
96
|
Aegis.isJwt(token);
|
|
90
|
-
Aegis.isCwt(token);
|
|
91
97
|
Aegis.isJws(token);
|
|
92
|
-
Aegis.isCws(token);
|
|
93
98
|
Aegis.isJwe(token);
|
|
94
|
-
Aegis.isCwe(token);
|
|
95
99
|
|
|
96
|
-
Aegis.header(token); //
|
|
97
|
-
Aegis.decode(token); // auto-detect
|
|
98
|
-
Aegis.parse(token); // auto-detect
|
|
99
|
-
```
|
|
100
|
+
Aegis.header(token); // decode the JOSE protected header
|
|
101
|
+
Aegis.decode(token); // auto-detect, decode without verifying
|
|
102
|
+
Aegis.parse(token); // auto-detect (JWT or JWS), validate structure
|
|
100
103
|
|
|
101
|
-
|
|
104
|
+
Aegis.parseUserinfo(claims); // → AegisUserinfo
|
|
105
|
+
Aegis.parseIntrospection(claims); // → AegisIntrospection
|
|
106
|
+
Aegis.validateClaims(claims, matchers); // throws on mismatch
|
|
107
|
+
```
|
|
102
108
|
|
|
103
|
-
|
|
109
|
+
## JwtKit
|
|
104
110
|
|
|
105
|
-
|
|
111
|
+
Synchronous JWT sign and verify against a single `IKryptos` key.
|
|
106
112
|
|
|
107
113
|
```typescript
|
|
108
114
|
import { JwtKit } from "@lindorm/aegis";
|
|
109
115
|
|
|
110
|
-
const kit = new JwtKit({
|
|
116
|
+
const kit = new JwtKit({
|
|
117
|
+
issuer: "https://example.com",
|
|
118
|
+
kryptos,
|
|
119
|
+
logger,
|
|
120
|
+
clockTolerance: 30, // seconds, optional
|
|
121
|
+
});
|
|
111
122
|
|
|
112
|
-
// Sign — returns { token, expiresAt, expiresIn, expiresOn, objectId, tokenId }
|
|
113
123
|
const signed = kit.sign({
|
|
114
124
|
expires: "1h",
|
|
115
125
|
subject: "user-123",
|
|
116
126
|
tokenType: "access_token",
|
|
117
127
|
audience: ["https://api.example.com"],
|
|
118
128
|
claims: { role: "admin" },
|
|
119
|
-
scope: ["read", "write"],
|
|
120
129
|
});
|
|
130
|
+
// → { token, expiresAt, expiresIn, expiresOn, objectId, tokenId }
|
|
121
131
|
|
|
122
|
-
// Verify — returns { decoded, header, payload, token }
|
|
123
132
|
const parsed = kit.verify(signed.token, {
|
|
124
133
|
audience: "https://api.example.com",
|
|
125
134
|
scope: ["read"],
|
|
126
135
|
});
|
|
127
136
|
|
|
128
|
-
|
|
129
|
-
JwtKit.
|
|
130
|
-
JwtKit.
|
|
131
|
-
JwtKit.
|
|
132
|
-
JwtKit.validate(payload, options); // throws on mismatch
|
|
133
|
-
```
|
|
134
|
-
|
|
135
|
-
### CwtKit
|
|
136
|
-
|
|
137
|
-
Signs and verifies CBOR Web Tokens (RFC 8392). Uses COSE Sign1 structure with CBOR-encoded payloads and integer claim labels.
|
|
138
|
-
|
|
139
|
-
```typescript
|
|
140
|
-
import { CwtKit } from "@lindorm/aegis";
|
|
141
|
-
|
|
142
|
-
const kit = new CwtKit({ issuer: "https://example.com", logger, kryptos });
|
|
143
|
-
|
|
144
|
-
// Sign — returns { buffer, token, expiresAt, expiresIn, expiresOn, objectId, tokenId }
|
|
145
|
-
const signed = kit.sign({
|
|
146
|
-
expires: "1h",
|
|
147
|
-
subject: "user-123",
|
|
148
|
-
tokenType: "access_token",
|
|
149
|
-
claims: { 900: "custom-value", 901: 42 }, // integer labels >= 900
|
|
150
|
-
});
|
|
151
|
-
|
|
152
|
-
// Verify — accepts Buffer or base64url string
|
|
153
|
-
const parsed = kit.verify(signed.token, {
|
|
154
|
-
tokenType: "access_token",
|
|
155
|
-
});
|
|
156
|
-
|
|
157
|
-
// Static methods
|
|
158
|
-
CwtKit.isCwt(token);
|
|
159
|
-
CwtKit.decode(token);
|
|
160
|
-
CwtKit.parse(token);
|
|
161
|
-
CwtKit.validate(payload, options);
|
|
137
|
+
JwtKit.isJwt(token);
|
|
138
|
+
JwtKit.decode(token);
|
|
139
|
+
JwtKit.parse(token);
|
|
140
|
+
JwtKit.validate(payload, matchers);
|
|
162
141
|
```
|
|
163
142
|
|
|
164
|
-
|
|
143
|
+
## JwsKit
|
|
165
144
|
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
### CwsKit
|
|
169
|
-
|
|
170
|
-
Signs and verifies arbitrary data using COSE Sign1 (RFC 9052).
|
|
171
|
-
|
|
172
|
-
```typescript
|
|
173
|
-
import { CwsKit } from "@lindorm/aegis";
|
|
174
|
-
|
|
175
|
-
const kit = new CwsKit({ logger, kryptos });
|
|
176
|
-
|
|
177
|
-
// Sign string or Buffer — returns { buffer, objectId, token }
|
|
178
|
-
const signed = kit.sign("hello world", {
|
|
179
|
-
objectId: "msg-001",
|
|
180
|
-
target: "internal", // or "external"
|
|
181
|
-
});
|
|
182
|
-
|
|
183
|
-
// Verify — returns { decoded, header, payload, token }
|
|
184
|
-
const parsed = kit.verify(signed.token);
|
|
185
|
-
// parsed.payload === "hello world"
|
|
186
|
-
|
|
187
|
-
// Static methods
|
|
188
|
-
CwsKit.isCws(token);
|
|
189
|
-
CwsKit.decode(token);
|
|
190
|
-
CwsKit.parse(token);
|
|
191
|
-
```
|
|
192
|
-
|
|
193
|
-
### CweKit
|
|
194
|
-
|
|
195
|
-
Encrypts and decrypts data using COSE Encrypt (RFC 9052).
|
|
196
|
-
|
|
197
|
-
```typescript
|
|
198
|
-
import { CweKit } from "@lindorm/aegis";
|
|
199
|
-
|
|
200
|
-
const kit = new CweKit({ logger, kryptos, encryption: "A256GCM" });
|
|
201
|
-
|
|
202
|
-
// Encrypt string or Buffer — returns { buffer, token }
|
|
203
|
-
const encrypted = kit.encrypt("secret data", {
|
|
204
|
-
objectId: "msg-002",
|
|
205
|
-
target: "internal",
|
|
206
|
-
});
|
|
207
|
-
|
|
208
|
-
// Decrypt — returns { decoded, header, payload, token }
|
|
209
|
-
const decrypted = kit.decrypt(encrypted.token);
|
|
210
|
-
// decrypted.payload === "secret data"
|
|
211
|
-
|
|
212
|
-
// Static methods
|
|
213
|
-
CweKit.isCwe(token);
|
|
214
|
-
CweKit.decode(token);
|
|
215
|
-
```
|
|
216
|
-
|
|
217
|
-
### JwsKit
|
|
218
|
-
|
|
219
|
-
Signs and verifies arbitrary data using JSON Web Signatures.
|
|
145
|
+
Synchronous JWS sign and verify over arbitrary `string` or `Buffer` data.
|
|
220
146
|
|
|
221
147
|
```typescript
|
|
222
148
|
import { JwsKit } from "@lindorm/aegis";
|
|
223
149
|
|
|
224
|
-
const kit = new JwsKit({
|
|
150
|
+
const kit = new JwsKit({ kryptos, logger });
|
|
225
151
|
|
|
226
|
-
|
|
227
|
-
|
|
152
|
+
const signed = kit.sign("hello world", { objectId: "msg-001" });
|
|
153
|
+
// → { token, objectId }
|
|
228
154
|
|
|
229
|
-
|
|
230
|
-
|
|
155
|
+
const parsed = kit.verify<string>(signed.token);
|
|
156
|
+
// parsed.payload === "hello world"
|
|
231
157
|
|
|
232
|
-
// Static methods
|
|
233
158
|
JwsKit.isJws(token);
|
|
234
159
|
JwsKit.decode(token);
|
|
235
160
|
JwsKit.parse(token);
|
|
236
161
|
```
|
|
237
162
|
|
|
238
|
-
|
|
163
|
+
## JweKit
|
|
239
164
|
|
|
240
|
-
|
|
165
|
+
Synchronous JWE encrypt and decrypt over `string` data.
|
|
241
166
|
|
|
242
167
|
```typescript
|
|
243
168
|
import { JweKit } from "@lindorm/aegis";
|
|
244
169
|
|
|
245
|
-
const kit = new JweKit({
|
|
170
|
+
const kit = new JweKit({
|
|
171
|
+
kryptos,
|
|
172
|
+
logger,
|
|
173
|
+
encryption: "A256GCM", // optional; falls back to kryptos.encryption
|
|
174
|
+
});
|
|
246
175
|
|
|
247
|
-
|
|
248
|
-
|
|
176
|
+
const encrypted = kit.encrypt("secret data", { objectId: "msg-002" });
|
|
177
|
+
// → { token }
|
|
249
178
|
|
|
250
|
-
// Decrypt — returns { decoded, header, payload, token }
|
|
251
179
|
const decrypted = kit.decrypt(encrypted.token);
|
|
180
|
+
// → { decoded, header, payload, token }
|
|
252
181
|
|
|
253
|
-
// Static methods
|
|
254
182
|
JweKit.isJwe(token);
|
|
255
183
|
JweKit.decode(token);
|
|
256
184
|
```
|
|
257
185
|
|
|
258
|
-
|
|
186
|
+
Compressed payloads (`zip` header) are explicitly rejected.
|
|
187
|
+
|
|
188
|
+
## SignatureKit
|
|
259
189
|
|
|
260
|
-
Low-level signature
|
|
190
|
+
Low-level signature primitives over raw bytes. Dispatches to the appropriate driver kit based on `kryptos.type` (AKP / EC / OKP / RSA / oct).
|
|
261
191
|
|
|
262
192
|
```typescript
|
|
263
193
|
import { SignatureKit } from "@lindorm/aegis";
|
|
@@ -266,27 +196,27 @@ const kit = new SignatureKit({ kryptos });
|
|
|
266
196
|
|
|
267
197
|
const signature = kit.sign(data); // Buffer
|
|
268
198
|
const valid = kit.verify(data, signature); // boolean
|
|
269
|
-
kit.assert(data, signature); // throws
|
|
270
|
-
kit.format(signature); // string
|
|
199
|
+
kit.assert(data, signature); // throws on mismatch
|
|
200
|
+
const formatted = kit.format(signature); // string
|
|
271
201
|
```
|
|
272
202
|
|
|
273
|
-
## Sign
|
|
203
|
+
## Sign content shape
|
|
274
204
|
|
|
275
|
-
|
|
205
|
+
`SignJwtContent` accepts the standard, OIDC, OAuth, PoP, delegation, and Lindorm claim families plus:
|
|
276
206
|
|
|
277
207
|
```typescript
|
|
278
208
|
{
|
|
279
|
-
//
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
tokenType: string;
|
|
209
|
+
expires: string | Date; // required, e.g. "1h", "30m", or a Date
|
|
210
|
+
subject: string; // required
|
|
211
|
+
tokenType: string; // required, e.g. "access_token"
|
|
283
212
|
|
|
284
|
-
// Optional
|
|
285
213
|
audience?: string[];
|
|
286
|
-
claims?: Record<string, any>;
|
|
214
|
+
claims?: Record<string, any>; // arbitrary custom claims
|
|
287
215
|
scope?: string[];
|
|
288
216
|
permissions?: string[];
|
|
289
217
|
roles?: string[];
|
|
218
|
+
groups?: string[];
|
|
219
|
+
entitlements?: string[];
|
|
290
220
|
clientId?: string;
|
|
291
221
|
grantType?: string;
|
|
292
222
|
tenantId?: string;
|
|
@@ -295,50 +225,82 @@ The `SignJwtContent` / `SignCwtContent` types share the same shape:
|
|
|
295
225
|
notBefore?: Date;
|
|
296
226
|
authTime?: Date;
|
|
297
227
|
authContextClass?: string;
|
|
298
|
-
authFactor?: string;
|
|
228
|
+
authFactor?: string[];
|
|
299
229
|
authMethods?: string[];
|
|
300
230
|
authorizedParty?: string;
|
|
301
231
|
adjustedAccessLevel?: number;
|
|
302
232
|
levelOfAssurance?: number;
|
|
303
233
|
sessionHint?: string;
|
|
304
234
|
subjectHint?: string;
|
|
235
|
+
// …plus the rest of the StdClaims / OidcClaims / DelegationClaims surface
|
|
305
236
|
}
|
|
306
237
|
```
|
|
307
238
|
|
|
308
|
-
## Verify
|
|
239
|
+
## Verify options
|
|
309
240
|
|
|
310
|
-
|
|
241
|
+
`VerifyJwtOptions` extends the claim matcher set. Each field accepts either a literal value or a `PredicateOperator` for flexible matching:
|
|
311
242
|
|
|
312
243
|
```typescript
|
|
313
|
-
|
|
314
|
-
audience: "https://api.example.com",
|
|
244
|
+
await aegis.jwt.verify(token, {
|
|
245
|
+
audience: "https://api.example.com",
|
|
315
246
|
scope: ["read", "write"], // array contains
|
|
316
|
-
tokenType:
|
|
317
|
-
subject: { $in: ["user-1", "user-2"] },
|
|
318
|
-
levelOfAssurance: { $gte: 2 },
|
|
247
|
+
tokenType: "access_token",
|
|
248
|
+
subject: { $in: ["user-1", "user-2"] },
|
|
249
|
+
levelOfAssurance: { $gte: 2 },
|
|
250
|
+
authTime: { $gte: new Date("2024-01-01") },
|
|
319
251
|
});
|
|
320
252
|
```
|
|
321
253
|
|
|
254
|
+
Additional verify options:
|
|
255
|
+
|
|
256
|
+
- `actor` — controls token-delegation (`act`) chain enforcement
|
|
257
|
+
- `dpopProof` — when present, the verifier requires a `cnf.jkt` binding and validates the supplied DPoP proof
|
|
258
|
+
- `trustBoundThumbprint` — when `true`, allow a bound token without an inline DPoP proof (for cases where the binding is enforced out-of-band)
|
|
259
|
+
|
|
260
|
+
## Type guards
|
|
261
|
+
|
|
262
|
+
```typescript
|
|
263
|
+
import { isParsedJwt, isParsedJws } from "@lindorm/aegis";
|
|
264
|
+
|
|
265
|
+
const parsed = await aegis.verify(token);
|
|
266
|
+
if (isParsedJwt(parsed)) {
|
|
267
|
+
/* parsed.payload typed as ParsedJwtPayload */
|
|
268
|
+
}
|
|
269
|
+
if (isParsedJws(parsed)) {
|
|
270
|
+
/* parsed.payload typed as Buffer | string */
|
|
271
|
+
}
|
|
272
|
+
```
|
|
273
|
+
|
|
322
274
|
## Errors
|
|
323
275
|
|
|
324
276
|
```typescript
|
|
325
277
|
import {
|
|
326
|
-
AegisError, // base
|
|
278
|
+
AegisError, // base class
|
|
327
279
|
JwtError,
|
|
328
280
|
JwsError,
|
|
329
281
|
JweError,
|
|
330
|
-
CwtError,
|
|
331
|
-
CoseSignError,
|
|
332
|
-
CoseEncryptError,
|
|
333
282
|
} from "@lindorm/aegis";
|
|
334
283
|
```
|
|
335
284
|
|
|
285
|
+
## Security notes
|
|
286
|
+
|
|
287
|
+
- Signature/decryption keys are always sourced from the supplied `IAmphora`. The `jku`, `jwk`, `x5u`, `x5c`, `x5t`, and `x5t#S256` JOSE header parameters are never trusted as key sources during verification — only `kid` is used as a lookup key into Amphora.
|
|
288
|
+
- JWE payload compression (`zip` header) is rejected outright.
|
|
289
|
+
- Critical header parameters are enforced per RFC 7515 §4.1.11; unknown `crit` entries cause verification to fail.
|
|
290
|
+
- DPoP-bound tokens (`cnf.jkt`) require either a matching DPoP proof or `trustBoundThumbprint: true` on verify.
|
|
291
|
+
|
|
336
292
|
## Testing
|
|
337
293
|
|
|
294
|
+
The package ships pre-built mock factories for both Jest and Vitest. Import from the runner-specific subpath:
|
|
295
|
+
|
|
338
296
|
```typescript
|
|
339
|
-
|
|
297
|
+
// Jest
|
|
298
|
+
import { createMockAegis } from "@lindorm/aegis/mocks/jest";
|
|
299
|
+
|
|
300
|
+
// Vitest
|
|
301
|
+
import { createMockAegis } from "@lindorm/aegis/mocks/vitest";
|
|
340
302
|
|
|
341
|
-
const aegis = createMockAegis(); // fully mocked IAegis
|
|
303
|
+
const aegis = createMockAegis(); // fully mocked IAegis
|
|
342
304
|
```
|
|
343
305
|
|
|
344
306
|
## License
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
import { KryptosKit } from "@lindorm/kryptos";
|
|
2
|
-
import { createMockLogger } from "@lindorm/logger";
|
|
2
|
+
import { createMockLogger } from "@lindorm/logger/mocks/vitest";
|
|
3
3
|
import { CompactEncrypt, compactDecrypt, importJWK } from "jose";
|
|
4
|
-
import { JweKit } from "../src/classes/JweKit";
|
|
4
|
+
import { JweKit } from "../src/classes/JweKit.js";
|
|
5
|
+
import { describe, expect, test } from "vitest";
|
|
5
6
|
|
|
6
7
|
// ---------------------------------------------------------------------------
|
|
7
8
|
// Shared constants
|
|
@@ -1,12 +1,9 @@
|
|
|
1
1
|
import { KryptosKit } from "@lindorm/kryptos";
|
|
2
|
-
import { createMockLogger } from "@lindorm/logger";
|
|
2
|
+
import { createMockLogger } from "@lindorm/logger/mocks/vitest";
|
|
3
3
|
import { importJWK, jwtVerify, SignJWT } from "jose";
|
|
4
|
-
import
|
|
5
|
-
import {
|
|
6
|
-
import {
|
|
7
|
-
|
|
8
|
-
const require = createRequire(import.meta.url);
|
|
9
|
-
const jsonwebtoken = require("jsonwebtoken") as typeof import("jsonwebtoken");
|
|
4
|
+
import jsonwebtoken, { type JwtPayload } from "jsonwebtoken";
|
|
5
|
+
import { JwtKit } from "../src/classes/JwtKit.js";
|
|
6
|
+
import { describe, expect, test } from "vitest";
|
|
10
7
|
|
|
11
8
|
// ---------------------------------------------------------------------------
|
|
12
9
|
// Shared constants
|
package/dist/classes/Aegis.d.ts
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
import { Dict } from "@lindorm/types";
|
|
2
|
-
import { IAegis, IAegisAes, IAegisJwe, IAegisJws, IAegisJwt } from "../interfaces";
|
|
3
|
-
import { AegisIntrospection, AegisOptions, AegisUserinfo, DecodedJwe, DecodedJws, DecodedJwt, ParsedJws, ParsedJwt, TokenHeaderClaims, ValidateJwtOptions, VerifyJwtOptions } from "../types";
|
|
4
|
-
import { IntrospectClaimsInput } from "../internal/utils/parse-introspection";
|
|
5
|
-
import { UserinfoClaimsInput } from "../internal/utils/parse-userinfo";
|
|
1
|
+
import type { Dict } from "@lindorm/types";
|
|
2
|
+
import type { IAegis, IAegisAes, IAegisJwe, IAegisJws, IAegisJwt } from "../interfaces/index.js";
|
|
3
|
+
import type { AegisIntrospection, AegisOptions, AegisUserinfo, DecodedJwe, DecodedJws, DecodedJwt, ParsedJws, ParsedJwt, TokenHeaderClaims, ValidateJwtOptions, VerifyJwtOptions } from "../types/index.js";
|
|
4
|
+
import { type IntrospectClaimsInput } from "../internal/utils/parse-introspection.js";
|
|
5
|
+
import { type UserinfoClaimsInput } from "../internal/utils/parse-userinfo.js";
|
|
6
6
|
export declare class Aegis implements IAegis {
|
|
7
7
|
readonly issuer: string | null;
|
|
8
8
|
private readonly amphora;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Aegis.d.ts","sourceRoot":"","sources":["../../src/classes/Aegis.ts"],"names":[],"mappings":"AAgBA,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"Aegis.d.ts","sourceRoot":"","sources":["../../src/classes/Aegis.ts"],"names":[],"mappings":"AAgBA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAE3C,OAAO,KAAK,EACV,MAAM,EACN,SAAS,EACT,SAAS,EACT,SAAS,EACT,SAAS,EACV,MAAM,wBAAwB,CAAC;AAChC,OAAO,KAAK,EACV,kBAAkB,EAClB,YAAY,EAEZ,aAAa,EAEb,UAAU,EACV,UAAU,EACV,UAAU,EAKV,SAAS,EACT,SAAS,EAMT,iBAAiB,EACjB,kBAAkB,EAClB,gBAAgB,EACjB,MAAM,mBAAmB,CAAC;AAI3B,OAAO,EACL,KAAK,qBAAqB,EAE3B,MAAM,0CAA0C,CAAC;AAClD,OAAO,EAEL,KAAK,mBAAmB,EACzB,MAAM,qCAAqC,CAAC;AAqB7C,qBAAa,KAAM,YAAW,MAAM;IAClC,SAAgB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IAEtC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAW;IACnC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAkB;IAClD,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAS;IACxC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAqB;IACjD,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAkC;IAC/D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAoB;IAC/C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAU;IACjC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAkC;gBAE5C,OAAO,EAAE,YAAY;IAaxC,IAAW,GAAG,IAAI,SAAS,CAK1B;IAED,IAAW,GAAG,IAAI,SAAS,CAK1B;IAED,IAAW,GAAG,IAAI,SAAS,CAK1B;IAED,IAAW,GAAG,IAAI,SAAS,CAK1B;IAEY,MAAM,CAAC,CAAC,SAAS,SAAS,GAAG,SAAS,CAAC,GAAG,CAAC,EACtD,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,CAAC,CAAC;WAgBC,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,iBAAiB;WAKxC,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;WAI3B,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;WAI3B,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;WAI3B,MAAM,CAAC,CAAC,SAAS,UAAU,GAAG,UAAU,GAAG,UAAU,EAAE,KAAK,EAAE,MAAM,GAAG,CAAC;WAaxE,KAAK,CAAC,CAAC,SAAS,SAAS,GAAG,SAAS,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,CAAC;WAU7D,aAAa,CAAC,IAAI,EAAE,mBAAmB,GAAG,aAAa;WAIvD,kBAAkB,CAAC,IAAI,EAAE,qBAAqB,GAAG,kBAAkB;WAYnE,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,kBAAkB,GAAG,IAAI;YAOhE,MAAM;YAMN,UAAU;YASV,UAAU;YAeV,MAAM;YAWN,UAAU;YASV,UAAU;YAaV,MAAM;YAUN,OAAO;YASP,SAAS;YAaT,MAAM;YAaN,OAAO;YASP,SAAS;YAgBT,UAAU;YA+BV,UAAU;CAgCzB"}
|