@m1a0rz/agent-identity 0.1.2

package/dist/src/services/identity-client.js

@@ -0,0 +1,578 @@
+/**
+ * Agent Identity API client.
+ * Service name: identity, service code: id.
+ * Data plane: GetWorkloadAccessTokenForJWT (Version 2025-10-30).
+ * Control plane (TOP): GetResourceOauth2Token, Oauth2Callback, GetResourceApiKey,
+ * CheckPermission, UserPool/UserPoolClient APIs (Version 2025-10-30).
+ *
+ * Credentials: explicit config, or env (VOLCENGINE_ACCESS_KEY/SECRET_KEY/SESSION_TOKEN),
+ * or file (VOLCENGINE_CREDENTIALS_FILE), with optional STS AssumeRole.
+ */
+import { loadIdentityCredentials } from "./identity-credentials.js";
+export { loadIdentityCredentials } from "./identity-credentials.js";
+function isWorkloadNotFoundError(err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    return /404|NotFound/i.test(msg);
+}
+function toUserPoolResult(r) {
+    const uid = r.Uid;
+    if (!uid)
+        throw new Error("Identity GetUserPool: missing Uid");
+    const brand = r.Brand;
+    const tags = r.Tags;
+    return {
+        uid,
+        name: r.Name ?? "",
+        description: r.Description,
+        domain: r.Domain ?? "",
+        trn: r.Trn,
+        createTime: r.CreateTime,
+        updateTime: r.UpdateTime,
+        enabled: r.Enabled,
+        brand: brand ? { name: brand.Name, logoUri: brand.LogoUri } : undefined,
+        discoveryUrl: r.DiscoveryUrl,
+        issuerUrl: r.IssuerUrl,
+        tokenUrl: r.TokenUrl,
+        tokenSigningKeyUrl: r.TokenSigningKeyUrl,
+        totalUsers: r.TotalUsers,
+        totalClients: r.TotalClients,
+        totalConnections: r.TotalConnections,
+        passwordSignInEnabled: r.PasswordSignInEnabled,
+        smsPasswordlessSignInEnabled: r.SmsPasswordlessSignInEnabled,
+        emailPasswordlessSignInEnabled: r.EmailPasswordlessSignInEnabled,
+        selfSignUpEnabled: r.SelfSignUpEnabled,
+        signUpAutoVerificationEnabled: r.SignUpAutoVerificationEnabled,
+        selfAccountRecoveryEnabled: r.SelfAccountRecoveryEnabled,
+        unconfirmedUserSignInEnabled: r.UnconfirmedUserSignInEnabled,
+        smsAnonymousSignUpEnabled: r.SmsAnonymousSignUpEnabled,
+        signInAttributes: r.SignInAttributes,
+        requiredSignUpAttributes: r.RequiredSignUpAttributes,
+        tags: tags?.map((t) => ({ key: t.Key ?? "", value: t.Value ?? "" })),
+        projectName: r.ProjectName,
+    };
+}
+function toUserPoolClientResult(r) {
+    const uid = r.Uid;
+    if (!uid)
+        throw new Error("Identity GetUserPoolClient: missing Uid");
+    const idToken = r.IdToken;
+    const refreshToken = r.RefreshToken;
+    return {
+        uid,
+        name: r.Name ?? "",
+        description: r.Description,
+        clientType: r.ClientType,
+        clientSecret: r.ClientSecret,
+        logoUri: r.LogoUri,
+        createTime: r.CreateTime,
+        updateTime: r.UpdateTime,
+        allowedCallbackUrls: r.AllowedCallbackUrls,
+        allowedLogoutUrls: r.AllowedLogoutUrls,
+        allowedWebOrigins: r.AllowedWebOrigins,
+        allowedCors: r.AllowedCors,
+        idToken: idToken ? { lifetimeSeconds: idToken.LifetimeSeconds } : undefined,
+        refreshToken: refreshToken
+            ? {
+                hasIdleLifetime: refreshToken.HasIdleLifetime,
+                idleLifetimeSeconds: refreshToken.IdleLifetimeSeconds,
+                hasCombinedLifetime: refreshToken.HasCombinedLifetime,
+                combinedLifetimeSeconds: refreshToken.CombinedLifetimeSeconds,
+                rotation: refreshToken.Rotation,
+            }
+            : undefined,
+        loginPageUrl: r.LoginPageUrl,
+    };
+}
+/**
+ * Identity client using fetch. Credentials from config, env, or file (veadk-style).
+ * Uses HMAC-SHA256 signing per Volcengine OpenAPI conventions. Supports STS.
+ */
+export class IdentityClient {
+    config;
+    constructor(config) {
+        this.config = config;
+    }
+    async resolveCredentials() {
+        if (this.config.credentialsGetter) {
+            return this.config.credentialsGetter();
+        }
+        if (this.config.accessKeyId && this.config.secretAccessKey) {
+            return {
+                accessKeyId: this.config.accessKeyId,
+                secretAccessKey: this.config.secretAccessKey,
+                sessionToken: this.config.sessionToken,
+            };
+        }
+        return loadIdentityCredentials({
+            accessKeyId: this.config.accessKeyId,
+            secretAccessKey: this.config.secretAccessKey,
+            sessionToken: this.config.sessionToken,
+            credentialsFile: this.config.credentialsFile,
+            roleTrn: this.config.roleTrn,
+        });
+    }
+    async getWorkloadAccessTokenForJWT(params) {
+        const doFetch = async () => {
+            const body = {
+                UserToken: params.userToken,
+                WorkloadPoolName: params.workloadPoolName ?? "default",
+                DurationSeconds: params.durationSeconds ?? 3600,
+            };
+            if (params.name)
+                body.Name = params.name;
+            if (params.audience?.length)
+                body.Audience = params.audience;
+            const result = (await this.signedPost(this.config.endpoint, "GetWorkloadAccessTokenForJWT", body, "2025-10-30"));
+            if (!result?.WorkloadAccessToken) {
+                throw new Error("Identity API: missing WorkloadAccessToken in response");
+            }
+            return {
+                workloadAccessToken: result.WorkloadAccessToken,
+                expiresAt: result.ExpiresAt ?? new Date(Date.now() + 3600 * 1000).toISOString(),
+            };
+        };
+        try {
+            return await doFetch();
+        }
+        catch (err) {
+            // When workload (agent) does not exist (404), create it and retry. Only when Name was passed.
+            if (params.name && isWorkloadNotFoundError(err)) {
+                await this.createWorkloadIdentity({
+                    workloadPoolName: params.workloadPoolName ?? "default",
+                    name: params.name,
+                    category: "Agent",
+                });
+                return doFetch();
+            }
+            throw err;
+        }
+    }
+    async createWorkloadIdentity(params) {
+        const body = {
+            WorkloadPoolName: params.workloadPoolName,
+            Name: params.name,
+        };
+        if (params.category)
+            body.Category = params.category;
+        if (params.description)
+            body.Description = params.description;
+        try {
+            await this.signedPost(this.config.endpoint, "CreateWorkloadIdentity", body, "2025-10-30");
+        }
+        catch (err) {
+            // Duplicated (409): workload already exists, e.g. race with another process. Retry will succeed.
+            const msg = err instanceof Error ? err.message : String(err);
+            if (/409|Duplicated/i.test(msg))
+                return;
+            throw err;
+        }
+    }
+    async sha256Hex(data) {
+        const { createHash } = await import("node:crypto");
+        return createHash("sha256").update(data, "utf-8").digest("hex");
+    }
+    async hmacSha256(key, data) {
+        const { createHmac } = await import("node:crypto");
+        return createHmac("sha256", key).update(data, "utf-8").digest();
+    }
+    async hmacSha256Hex(key, data) {
+        const { createHmac } = await import("node:crypto");
+        return createHmac("sha256", key).update(data, "utf-8").digest("hex");
+    }
+    /** Build canonical query string (sorted, URI-encoded) per volc-sdk-nodejs. */
+    queryParamsToString(params) {
+        return Object.keys(params)
+            .sort()
+            .map((key) => {
+            const val = params[key];
+            if (val == null)
+                return "";
+            const ek = encodeURIComponent(key).replace(/[^A-Za-z0-9_.~-]/g, (c) => `%${c.charCodeAt(0).toString(16).toUpperCase()}`);
+            const ev = encodeURIComponent(val).replace(/[^A-Za-z0-9_.~-]/g, (c) => `%${c.charCodeAt(0).toString(16).toUpperCase()}`);
+            return `${ek}=${ev}`;
+        })
+            .filter(Boolean)
+            .join("&");
+    }
+    /** DateTime for signing: ISO8601 without ms, then strip separators (volc-sdk-nodejs). */
+    getDateTime() {
+        return new Date()
+            .toISOString()
+            .replace(/\.\d{3}Z$/, "Z")
+            .replace(/[:\-]/g, "");
+    }
+    async signedPost(baseUrl, action, body, versionOverride) {
+        const creds = await this.resolveCredentials();
+        const { accessKeyId, secretAccessKey, sessionToken } = creds;
+        const serviceCode = this.config.serviceCode ?? "id";
+        const version = versionOverride ?? this.config.version ?? "2025-10-30";
+        const region = this.config.region ?? "cn-beijing";
+        const url = new URL(baseUrl);
+        url.pathname = url.pathname || "/";
+        const queryParams = { Action: action, Version: version };
+        const canonicalQuery = this.queryParamsToString(queryParams);
+        url.search = canonicalQuery ? `?${canonicalQuery}` : "";
+        const bodyStr = JSON.stringify(body);
+        const xDate = this.getDateTime();
+        const xContentSha256 = await this.sha256Hex(bodyStr);
+        const host = url.host;
+        // Headers to sign (volc-sdk-nodejs addHeaders): host, x-content-sha256, x-date, x-security-token (if present)
+        const headerEntries = [
+            ["host", host],
+            ["x-content-sha256", xContentSha256],
+            ["x-date", xDate],
+        ];
+        if (sessionToken) {
+            headerEntries.push(["x-security-token", sessionToken.replace(/\s+/g, " ").trim()]);
+        }
+        headerEntries.sort((a, b) => (a[0] < b[0] ? -1 : 1));
+        const canonicalHeaders = headerEntries.map(([k, v]) => `${k}:${v}`).join("\n");
+        const signedHeaders = headerEntries.map(([k]) => k).join(";");
+        const canonicalRequest = [
+            "POST",
+            url.pathname,
+            canonicalQuery,
+            canonicalHeaders + "\n",
+            signedHeaders,
+            xContentSha256,
+        ].join("\n");
+        const algorithm = "HMAC-SHA256";
+        const credentialScope = `${xDate.slice(0, 8)}/${region}/${serviceCode}/request`;
+        const stringToSign = [
+            algorithm,
+            xDate,
+            credentialScope,
+            await this.sha256Hex(canonicalRequest),
+        ].join("\n");
+        const kDate = await this.hmacSha256(secretAccessKey, xDate.slice(0, 8));
+        const kRegion = await this.hmacSha256(kDate, region);
+        const kService = await this.hmacSha256(kRegion, serviceCode);
+        const kSigning = await this.hmacSha256(kService, "request");
+        const signature = await this.hmacSha256Hex(kSigning, stringToSign);
+        const authorization = `${algorithm} Credential=${accessKeyId}/${credentialScope}, SignedHeaders=${signedHeaders}, Signature=${signature}`;
+        const headers = {
+            "Content-Type": "application/json; charset=UTF-8",
+            "X-Date": xDate,
+            "X-Content-Sha256": xContentSha256,
+            Authorization: authorization,
+        };
+        if (sessionToken) {
+            headers["X-Security-Token"] = sessionToken;
+        }
+        const res = await fetch(url.toString(), {
+            method: "POST",
+            headers,
+            body: bodyStr,
+        });
+        if (!res.ok) {
+            const text = await res.text();
+            throw new Error(`Identity API error ${res.status}: ${text}`);
+        }
+        const json = (await res.json());
+        if (json.Error) {
+            throw new Error(`Identity API error: ${json.Error.Code ?? "Unknown"} - ${json.Error.Message ?? ""}`);
+        }
+        return json.Result ?? {};
+    }
+    async getResourceOauth2Token(params) {
+        const body = {
+            ProviderName: params.providerName,
+            IdentityToken: params.identityToken,
+        };
+        if (params.flow)
+            body.Flow = params.flow;
+        if (params.scopes?.length)
+            body.Scopes = params.scopes;
+        if (params.redirectUrl)
+            body.RedirectUrl = params.redirectUrl;
+        if (params.forceAuthentication !== undefined)
+            body.ForceAuthentication = params.forceAuthentication ? 1 : 0;
+        if (params.poolName)
+            body.PoolName = params.poolName;
+        const result = (await this.signedPost(this.config.endpoint, "GetResourceOauth2Token", body));
+        return {
+            accessToken: result.AccessToken,
+            authorizationUrl: result.AuthorizationUrl,
+        };
+    }
+    async oauth2Callback(params) {
+        const body = {
+            Code: params.code,
+            State: params.state,
+            IdentityToken: params.identityToken,
+        };
+        if (params.error)
+            body.Error = params.error;
+        const result = (await this.signedPost(this.config.endpoint, "Oauth2Callback", body));
+        if (!result.AccessToken) {
+            throw new Error("Identity Oauth2Callback: missing AccessToken");
+        }
+        return { accessToken: result.AccessToken };
+    }
+    async getResourceApiKey(params) {
+        const body = {
+            ProviderName: params.providerName,
+            IdentityToken: params.identityToken,
+        };
+        const result = (await this.signedPost(this.config.endpoint, "GetResourceApiKey", body));
+        if (!result.ApiKey) {
+            throw new Error("Identity GetResourceApiKey: missing ApiKey");
+        }
+        return {
+            apiKey: result.ApiKey,
+            metadata: result.Metadata,
+        };
+    }
+    async checkPermission(params) {
+        const body = {
+            NamespaceName: params.namespaceName,
+            Principal: params.principal,
+            Operation: params.action,
+            Resource: params.resource,
+            ...(params.originalCallers?.length ? { OriginalCallers: params.originalCallers } : {}),
+        };
+        const result = (await this.signedPost(this.config.endpoint, "CheckPermission", body));
+        return {
+            allowed: result.Allowed ?? false,
+            message: result.Message,
+        };
+    }
+    async listCredentialProviders(params) {
+        const body = {
+            PageNumber: params.PageNumber ?? 1,
+            PageSize: params.PageSize ?? 20,
+        };
+        if (params.PoolName)
+            body.PoolName = params.PoolName;
+        if (params.Filter && Object.keys(params.Filter).length > 0) {
+            body.Filter = params.Filter;
+        }
+        const r = (await this.signedPost(this.config.endpoint, "ListCredentialProviders", body));
+        const providers = r.CredentialProviders ?? r.Data ?? [];
+        return {
+            CredentialProviders: providers,
+            Data: providers,
+            TotalCount: r.TotalCount ?? providers.length,
+            PageNumber: r.PageNumber ?? 1,
+            PageSize: r.PageSize ?? 20,
+        };
+    }
+    async getUserPool(params) {
+        const body = { UserPoolUid: params.userPoolUid };
+        const r = (await this.signedPost(this.config.endpoint, "GetUserPool", body));
+        return toUserPoolResult(r);
+    }
+    async listUserPools(params) {
+        const body = {};
+        body.PageNumber = params.pageNumber ?? 1;
+        body.PageSize = params.pageSize ?? 10;
+        if (params.projectName)
+            body.ProjectName = params.projectName;
+        if (params.sortField)
+            body.SortField = params.sortField;
+        if (params.sortDirection)
+            body.SortDirection = params.sortDirection;
+        if (params.filter) {
+            const f = params.filter;
+            body.Filter = {
+                ...(f.name && { Name: f.name }),
+                ...(f.trn && { Trn: f.trn }),
+                ...(f.description && { Description: f.description }),
+                ...(f.uid && { Uid: f.uid }),
+                ...(f.tagFilters && {
+                    TagFilters: f.tagFilters.map((t) => ({
+                        Key: t.key,
+                        Values: t.values,
+                    })),
+                }),
+            };
+        }
+        const r = (await this.signedPost(this.config.endpoint, "ListUserPools", body));
+        const data = (r.Data ?? []).map((d) => {
+            const tags = d.Tags;
+            return {
+                uid: d.Uid ?? "",
+                name: d.Name ?? "",
+                description: d.Description,
+                domain: d.Domain ?? "",
+                trn: d.Trn,
+                createTime: d.CreateTime,
+                updateTime: d.UpdateTime,
+                tags: tags?.map((t) => ({ key: t.Key ?? "", value: t.Value ?? "" })),
+                projectName: d.ProjectName,
+            };
+        });
+        return {
+            pageNumber: r.PageNumber ?? 1,
+            pageSize: r.PageSize ?? 10,
+            totalCount: r.TotalCount ?? 0,
+            data,
+        };
+    }
+    async createUserPool(params) {
+        const body = {
+            Name: params.name,
+            Description: params.description,
+            ProjectName: params.projectName ?? "default",
+            PasswordSignInEnabled: params.passwordSignInEnabled ?? true,
+            EmailPasswordlessSignInEnabled: params.emailPasswordlessSignInEnabled ?? false,
+            SelfSignUpEnabled: params.selfSignUpEnabled ?? true,
+            SignInAttributes: params.signInAttributes ?? ["email"],
+            RequiredSignUpAttributes: params.requiredSignUpAttributes ?? ["email"],
+            SignUpAutoVerificationEnabled: params.signUpAutoVerificationEnabled ?? true,
+            SmsPasswordlessSignInEnabled: params.smsPasswordlessSignInEnabled ?? false,
+            SelfAccountRecoveryEnabled: params.selfAccountRecoveryEnabled ?? true,
+            UnconfirmedUserSignInEnabled: params.unconfirmedUserSignInEnabled ?? true,
+            SmsAnonymousSignUpEnabled: params.smsAnonymousSignUpEnabled ?? false,
+            Tags: params.tags?.map((t) => ({ Key: t.key, Value: t.value })),
+            Brand: params.brand ? { Name: params.brand.name, LogoUri: params.brand.logoUri } : undefined,
+        };
+        const r = (await this.signedPost(this.config.endpoint, "CreateUserPool", body));
+        return toUserPoolResult(r);
+    }
+    async getUserPoolClient(params) {
+        const body = {
+            UserPoolUid: params.userPoolUid,
+            ClientUid: params.clientUid,
+        };
+        const r = (await this.signedPost(this.config.endpoint, "GetUserPoolClient", body));
+        return toUserPoolClientResult(r);
+    }
+    async listUserPoolClients(params) {
+        const body = { UserPoolUid: params.userPoolUid };
+        body.PageNumber = params.pageNumber ?? 1;
+        body.PageSize = params.pageSize ?? 10;
+        if (params.sortField)
+            body.SortField = params.sortField;
+        if (params.sortDirection)
+            body.SortDirection = params.sortDirection;
+        if (params.filter) {
+            const f = params.filter;
+            body.Filter = {
+                ...(f.name && { Name: f.name }),
+                ...(f.description && { Description: f.description }),
+                ...(f.clientTypes && { ClientTypes: f.clientTypes }),
+            };
+        }
+        const r = (await this.signedPost(this.config.endpoint, "ListUserPoolClients", body));
+        const data = (r.Data ?? []).map((d) => ({
+            uid: d.Uid ?? "",
+            name: d.Name ?? "",
+            description: d.Description,
+            clientType: d.ClientType,
+            createTime: d.CreateTime,
+            updateTime: d.UpdateTime,
+        }));
+        return {
+            pageNumber: r.PageNumber ?? 1,
+            pageSize: r.PageSize ?? 10,
+            totalCount: r.TotalCount ?? 0,
+            data,
+        };
+    }
+    async createUserPoolClient(params) {
+        const body = {
+            UserPoolUid: params.userPoolUid,
+            Name: params.name,
+            Description: params.description,
+            LogoUri: params.logoUri,
+            ClientType: params.clientType ?? "WEB_APPLICATION",
+            AllowedCallbackUrls: params.allowedCallbackUrls ?? [],
+            AllowedLogoutUrls: params.allowedLogoutUrls,
+            AllowedWebOrigins: params.allowedWebOrigins,
+            AllowedCors: params.allowedCors,
+        };
+        const r = (await this.signedPost(this.config.endpoint, "CreateUserPoolClient", body));
+        return toUserPoolClientResult(r);
+    }
+}
+/**
+ * Resolve OIDC config from UserPool and Client names (from_veidentity style).
+ * If pool/client not found and autoCreate=true, creates them.
+ * Returns discoveryUrl, clientId, clientSecret, callbackUrl for OIDC flow.
+ */
+export async function resolveOIDCConfig(client, params) {
+    const { userPoolName, userPoolUid, clientName, clientUid, redirectUri, scope = "openid profile email", autoCreate = true, clientType = "WEB_APPLICATION", } = params;
+    if (!userPoolName && !userPoolUid) {
+        throw new Error("Either userPoolName or userPoolUid must be provided");
+    }
+    if (!clientName && !clientUid) {
+        throw new Error("Either clientName or clientUid must be provided");
+    }
+    let poolUid;
+    let poolDomain;
+    if (userPoolUid) {
+        const pool = await client.getUserPool({ userPoolUid });
+        poolUid = pool.uid;
+        poolDomain = pool.domain;
+    }
+    else {
+        const list = await client.listUserPools({
+            pageSize: 50,
+            filter: { name: userPoolName },
+        });
+        const found = list.data.find((p) => p.name === userPoolName);
+        if (found) {
+            poolUid = found.uid;
+            poolDomain = found.domain;
+        }
+        else if (autoCreate && userPoolName) {
+            const created = await client.createUserPool({ name: userPoolName });
+            poolUid = created.uid;
+            poolDomain = created.domain;
+        }
+        else {
+            throw new Error(`User pool '${userPoolName}' not found (autoCreate=false or only UID provided)`);
+        }
+    }
+    let clientId;
+    let clientSecret;
+    if (clientUid) {
+        const c = await client.getUserPoolClient({
+            userPoolUid: poolUid,
+            clientUid,
+        });
+        clientId = c.uid;
+        clientSecret = c.clientSecret;
+    }
+    else {
+        const list = await client.listUserPoolClients({
+            userPoolUid: poolUid,
+            pageSize: 50,
+            filter: { name: clientName },
+        });
+        const found = list.data.find((c) => c.name === clientName);
+        if (found) {
+            const full = await client.getUserPoolClient({
+                userPoolUid: poolUid,
+                clientUid: found.uid,
+            });
+            clientId = full.uid;
+            clientSecret = full.clientSecret;
+        }
+        else if (autoCreate && clientName) {
+            const created = await client.createUserPoolClient({
+                userPoolUid: poolUid,
+                name: clientName,
+                clientType,
+                allowedCallbackUrls: [redirectUri],
+            });
+            clientId = created.uid;
+            clientSecret = created.clientSecret;
+        }
+        else {
+            throw new Error(`Client '${clientName}' not found (autoCreate=false or only UID provided)`);
+        }
+    }
+    const discoveryBase = poolDomain.startsWith("http") ? poolDomain : `https://${poolDomain}`;
+    const discoveryUrl = discoveryBase.endsWith("/")
+        ? `${discoveryBase}.well-known/openid-configuration`
+        : `${discoveryBase}/.well-known/openid-configuration`;
+    return {
+        discoveryUrl,
+        clientId,
+        clientSecret,
+        scope,
+        callbackUrl: redirectUri,
+    };
+}

package/dist/src/services/identity-credentials.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Identity credentials loader (veadk-style).
+ * Loads AK/SK from:
+ * 1. Explicit config (accessKeyId, secretAccessKey, sessionToken)
+ * 2. Environment variables (VOLCENGINE_ACCESS_KEY, VOLCENGINE_SECRET_KEY, VOLCENGINE_SESSION_TOKEN)
+ * 3. Credential file (VOLCENGINE_CREDENTIALS_FILE or /var/run/secrets/iam/credential)
+ * Supports STS session token. Optional AssumeRole via roleTrn.
+ */
+export type IdentityCredentials = {
+    accessKeyId: string;
+    secretAccessKey: string;
+    sessionToken?: string;
+};
+export type LoadCredentialsOptions = {
+    accessKeyId?: string;
+    secretAccessKey?: string;
+    sessionToken?: string;
+    credentialsFile?: string;
+    roleTrn?: string;
+    resolvePath?: (p: string) => string;
+};
+/**
+ * Load credentials from config, env, or file (veadk-style).
+ * Order: explicit > env > file.
+ * Returns resolved credentials or throws if none found.
+ */
+export declare function loadIdentityCredentials(opts?: LoadCredentialsOptions): Promise<IdentityCredentials>;
+//# sourceMappingURL=identity-credentials.d.ts.map

package/dist/src/services/identity-credentials.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"identity-credentials.d.ts","sourceRoot":"","sources":["../../../src/services/identity-credentials.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAMH,MAAM,MAAM,mBAAmB,GAAG;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AASF,MAAM,MAAM,sBAAsB,GAAG;IACnC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;CACrC,CAAC;AAEF;;;;GAIG;AACH,wBAAsB,uBAAuB,CAC3C,IAAI,GAAE,sBAA2B,GAChC,OAAO,CAAC,mBAAmB,CAAC,CAkD9B"}