@naylence/advanced-security 0.3.5-test.0 → 0.3.5-test.101
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/browser/index.js +25 -16
- package/dist/browser/index.js.map +1 -1
- package/dist/cjs/browser.js +13 -28
- package/dist/cjs/browser.js.map +1 -1
- package/dist/cjs/index.js +5 -6
- package/dist/cjs/index.js.map +1 -1
- package/dist/cjs/naylence/fame/factory-manifest.js +1 -4
- package/dist/cjs/naylence/fame/factory-manifest.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/ca-service-client.js +9 -15
- package/dist/cjs/naylence/fame/security/cert/ca-service-client.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/ca-service-factory.js +7 -11
- package/dist/cjs/naylence/fame/security/cert/ca-service-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/ca-types.js +2 -7
- package/dist/cjs/naylence/fame/security/cert/ca-types.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/default-ca-service-factory.js +6 -10
- package/dist/cjs/naylence/fame/security/cert/default-ca-service-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/default-ca-service.js +29 -66
- package/dist/cjs/naylence/fame/security/cert/default-ca-service.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/default-certificate-manager-factory.js +12 -16
- package/dist/cjs/naylence/fame/security/cert/default-certificate-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/default-certificate-manager.js +22 -59
- package/dist/cjs/naylence/fame/security/cert/default-certificate-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/grants.js +1 -4
- package/dist/cjs/naylence/fame/security/cert/grants.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/index.js +10 -50
- package/dist/cjs/naylence/fame/security/cert/index.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/internal-ca-service.js +79 -122
- package/dist/cjs/naylence/fame/security/cert/internal-ca-service.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/util.js +26 -30
- package/dist/cjs/naylence/fame/security/cert/util.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/channel/channel-encryption-manager-factory.js +10 -14
- package/dist/cjs/naylence/fame/security/encryption/channel/channel-encryption-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/channel/channel-encryption-manager.js +32 -36
- package/dist/cjs/naylence/fame/security/encryption/channel/channel-encryption-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/channel/index.js +2 -7
- package/dist/cjs/naylence/fame/security/encryption/channel/index.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/composite-encryption-manager-factory.js +10 -14
- package/dist/cjs/naylence/fame/security/encryption/composite-encryption-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/composite-encryption-manager.js +7 -11
- package/dist/cjs/naylence/fame/security/encryption/composite-encryption-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/default-secure-channel-manager-factory.js +7 -11
- package/dist/cjs/naylence/fame/security/encryption/default-secure-channel-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/default-secure-channel-manager.js +19 -23
- package/dist/cjs/naylence/fame/security/encryption/default-secure-channel-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/encryption-manager-registry.js +9 -15
- package/dist/cjs/naylence/fame/security/encryption/encryption-manager-registry.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/index.js +6 -15
- package/dist/cjs/naylence/fame/security/encryption/index.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/sealed/index.js +2 -7
- package/dist/cjs/naylence/fame/security/encryption/sealed/index.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/sealed/x25519-encryption-manager-factory.js +8 -12
- package/dist/cjs/naylence/fame/security/encryption/sealed/x25519-encryption-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/sealed/x25519-encryption-manager.js +26 -30
- package/dist/cjs/naylence/fame/security/encryption/sealed/x25519-encryption-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/security/index.js +5 -10
- package/dist/cjs/naylence/fame/security/index.js.map +1 -1
- package/dist/cjs/naylence/fame/security/keys/index.js +2 -8
- package/dist/cjs/naylence/fame/security/keys/index.js.map +1 -1
- package/dist/cjs/naylence/fame/security/keys/x5c-key-manager-factory.js +9 -13
- package/dist/cjs/naylence/fame/security/keys/x5c-key-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/keys/x5c-key-manager.js +16 -52
- package/dist/cjs/naylence/fame/security/keys/x5c-key-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/security/register-advanced-security-factories.js +8 -44
- package/dist/cjs/naylence/fame/security/register-advanced-security-factories.js.map +1 -1
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-signer-factory.js +6 -43
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-signer-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-verifier-factory.js +8 -12
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-verifier-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-verifier.js +33 -70
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-verifier.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-helper.js +8 -13
- package/dist/cjs/naylence/fame/stickiness/aft-helper.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-load-balancer-stickiness-manager-factory.js +12 -16
- package/dist/cjs/naylence/fame/stickiness/aft-load-balancer-stickiness-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-load-balancer-stickiness-manager.js +10 -14
- package/dist/cjs/naylence/fame/stickiness/aft-load-balancer-stickiness-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-model.js +6 -14
- package/dist/cjs/naylence/fame/stickiness/aft-model.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-replica-stickiness-manager-factory.js +12 -16
- package/dist/cjs/naylence/fame/stickiness/aft-replica-stickiness-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-replica-stickiness-manager.js +13 -18
- package/dist/cjs/naylence/fame/stickiness/aft-replica-stickiness-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-signer.js +23 -30
- package/dist/cjs/naylence/fame/stickiness/aft-signer.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-utils.js +3 -8
- package/dist/cjs/naylence/fame/stickiness/aft-utils.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-verifier.js +21 -28
- package/dist/cjs/naylence/fame/stickiness/aft-verifier.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/index.js +10 -39
- package/dist/cjs/naylence/fame/stickiness/index.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/stickiness-mode.js +3 -7
- package/dist/cjs/naylence/fame/stickiness/stickiness-mode.js.map +1 -1
- package/dist/cjs/naylence/fame/welcome/advanced-welcome-service-factory.js +14 -18
- package/dist/cjs/naylence/fame/welcome/advanced-welcome-service-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/welcome/advanced-welcome-service.js +14 -18
- package/dist/cjs/naylence/fame/welcome/advanced-welcome-service.js.map +1 -1
- package/dist/cjs/naylence/fame/welcome/index.js +2 -8
- package/dist/cjs/naylence/fame/welcome/index.js.map +1 -1
- package/dist/cjs/plugin.js +8 -10
- package/dist/cjs/plugin.js.map +1 -1
- package/dist/cjs/version.js +8 -0
- package/dist/cjs/version.js.map +1 -0
- package/dist/esm/browser.js +2 -0
- package/dist/esm/browser.js.map +1 -1
- package/dist/esm/index.js +2 -0
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/default-certificate-manager-factory.js +2 -2
- package/dist/esm/naylence/fame/security/cert/default-certificate-manager-factory.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/default-certificate-manager.js +1 -1
- package/dist/esm/naylence/fame/security/cert/default-certificate-manager.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/internal-ca-service.js +1 -1
- package/dist/esm/naylence/fame/security/cert/internal-ca-service.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/util.js +1 -1
- package/dist/esm/naylence/fame/security/cert/util.js.map +1 -1
- package/dist/esm/plugin.js +2 -0
- package/dist/esm/plugin.js.map +1 -1
- package/dist/esm/version.js +8 -0
- package/dist/esm/version.js.map +1 -0
- package/dist/types/browser.d.ts +1 -0
- package/dist/types/browser.d.ts.map +1 -1
- package/dist/types/index.d.ts +1 -0
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/cert/default-certificate-manager-factory.d.ts +3 -3
- package/dist/types/naylence/fame/security/cert/default-certificate-manager-factory.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/cert/default-certificate-manager.d.ts +1 -1
- package/dist/types/naylence/fame/security/cert/default-certificate-manager.d.ts.map +1 -1
- package/dist/types/plugin.d.ts.map +1 -1
- package/dist/types/version.d.ts +6 -0
- package/dist/types/version.d.ts.map +1 -0
- package/package.json +5 -4
package/dist/cjs/browser.js
CHANGED
|
@@ -1,34 +1,19 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/**
|
|
3
2
|
* Browser-friendly entry point that exposes only modules compatible with
|
|
4
3
|
* runtimes lacking Node.js built-ins. Node-specific certificate authority
|
|
5
4
|
* helpers and Fastify bindings are intentionally excluded.
|
|
6
5
|
*/
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
tslib_1.__exportStar(require("./naylence/fame/security/encryption/index.js"), exports);
|
|
21
|
-
var eddsa_envelope_signer_factory_js_1 = require("./naylence/fame/security/signing/eddsa-envelope-signer-factory.js");
|
|
22
|
-
Object.defineProperty(exports, "AdvancedEdDSAEnvelopeSignerFactory", { enumerable: true, get: function () { return eddsa_envelope_signer_factory_js_1.AdvancedEdDSAEnvelopeSignerFactory; } });
|
|
23
|
-
Object.defineProperty(exports, "ADVANCED_EDDSA_ENVELOPE_SIGNER_FACTORY_META", { enumerable: true, get: function () { return eddsa_envelope_signer_factory_js_1.FACTORY_META; } });
|
|
24
|
-
var eddsa_envelope_verifier_factory_js_1 = require("./naylence/fame/security/signing/eddsa-envelope-verifier-factory.js");
|
|
25
|
-
Object.defineProperty(exports, "AdvancedEdDSAEnvelopeVerifierFactory", { enumerable: true, get: function () { return eddsa_envelope_verifier_factory_js_1.AdvancedEdDSAEnvelopeVerifierFactory; } });
|
|
26
|
-
Object.defineProperty(exports, "ADVANCED_EDDSA_ENVELOPE_VERIFIER_FACTORY_META", { enumerable: true, get: function () { return eddsa_envelope_verifier_factory_js_1.FACTORY_META; } });
|
|
27
|
-
var eddsa_envelope_verifier_js_1 = require("./naylence/fame/security/signing/eddsa-envelope-verifier.js");
|
|
28
|
-
Object.defineProperty(exports, "EdDSAEnvelopeVerifier", { enumerable: true, get: function () { return eddsa_envelope_verifier_js_1.EdDSAEnvelopeVerifier; } });
|
|
29
|
-
tslib_1.__exportStar(require("./naylence/fame/security/keys/index.js"), exports);
|
|
30
|
-
var register_advanced_security_factories_js_1 = require("./naylence/fame/security/register-advanced-security-factories.js");
|
|
31
|
-
Object.defineProperty(exports, "registerAdvancedSecurityFactories", { enumerable: true, get: function () { return register_advanced_security_factories_js_1.registerAdvancedSecurityFactories; } });
|
|
32
|
-
tslib_1.__exportStar(require("./naylence/fame/stickiness/index.js"), exports);
|
|
33
|
-
tslib_1.__exportStar(require("./naylence/fame/welcome/index.js"), exports);
|
|
6
|
+
// Package version
|
|
7
|
+
export { VERSION } from './version.js';
|
|
8
|
+
export { validateJwkX5cCertificate, publicKeyFromX5c, } from "./naylence/fame/security/cert/util.js";
|
|
9
|
+
export { GRANT_PURPOSE_CA_SIGN } from "./naylence/fame/security/cert/grants.js";
|
|
10
|
+
export { CAServiceClient, ENV_VAR_FAME_CA_SERVICE_URL, extractCertificateInfo, formatCertificateInfo, } from "./naylence/fame/security/cert/ca-service-client.js";
|
|
11
|
+
export * from "./naylence/fame/security/encryption/index.js";
|
|
12
|
+
export { AdvancedEdDSAEnvelopeSignerFactory, FACTORY_META as ADVANCED_EDDSA_ENVELOPE_SIGNER_FACTORY_META, } from "./naylence/fame/security/signing/eddsa-envelope-signer-factory.js";
|
|
13
|
+
export { AdvancedEdDSAEnvelopeVerifierFactory, FACTORY_META as ADVANCED_EDDSA_ENVELOPE_VERIFIER_FACTORY_META, } from "./naylence/fame/security/signing/eddsa-envelope-verifier-factory.js";
|
|
14
|
+
export { EdDSAEnvelopeVerifier, } from "./naylence/fame/security/signing/eddsa-envelope-verifier.js";
|
|
15
|
+
export * from "./naylence/fame/security/keys/index.js";
|
|
16
|
+
export { registerAdvancedSecurityFactories, } from "./naylence/fame/security/register-advanced-security-factories.js";
|
|
17
|
+
export * from "./naylence/fame/stickiness/index.js";
|
|
18
|
+
export * from "./naylence/fame/welcome/index.js";
|
|
34
19
|
//# sourceMappingURL=browser.js.map
|
package/dist/cjs/browser.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"browser.js","sourceRoot":"","sources":["../../src/browser.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"browser.js","sourceRoot":"","sources":["../../src/browser.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,kBAAkB;AAClB,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAEvC,OAAO,EACN,yBAAyB,EAGzB,gBAAgB,GAEhB,MAAM,uCAAuC,CAAC;AAC/C,OAAO,EAAE,qBAAqB,EAAE,MAAM,yCAAyC,CAAC;AAChF,OAAO,EACN,eAAe,EAGf,2BAA2B,EAC3B,sBAAsB,EACtB,qBAAqB,GACrB,MAAM,oDAAoD,CAAC;AAE5D,cAAc,8CAA8C,CAAC;AAE7D,OAAO,EACN,kCAAkC,EAClC,YAAY,IAAI,2CAA2C,GAE3D,MAAM,mEAAmE,CAAC;AAC3E,OAAO,EACN,oCAAoC,EACpC,YAAY,IAAI,6CAA6C,GAE7D,MAAM,qEAAqE,CAAC;AAC7E,OAAO,EACN,qBAAqB,GAGrB,MAAM,6DAA6D,CAAC;AAErE,cAAc,wCAAwC,CAAC;AAEvD,OAAO,EACN,iCAAiC,GAEjC,MAAM,kEAAkE,CAAC;AAE1E,cAAc,qCAAqC,CAAC;AACpD,cAAc,kCAAkC,CAAC"}
|
package/dist/cjs/index.js
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
tslib_1.__exportStar(require("./naylence/fame/welcome/index.js"), exports);
|
|
1
|
+
// Package version
|
|
2
|
+
export { VERSION } from './version.js';
|
|
3
|
+
export * from "./naylence/fame/security/index.js";
|
|
4
|
+
export * from "./naylence/fame/stickiness/index.js";
|
|
5
|
+
export * from "./naylence/fame/welcome/index.js";
|
|
7
6
|
//# sourceMappingURL=index.js.map
|
package/dist/cjs/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,kBAAkB;AAClB,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAEvC,cAAc,mCAAmC,CAAC;AAClD,cAAc,qCAAqC,CAAC;AACpD,cAAc,kCAAkC,CAAC"}
|
|
@@ -1,13 +1,10 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/**
|
|
3
2
|
* AUTO-GENERATED FILE. DO NOT EDIT DIRECTLY.
|
|
4
3
|
* Generated by scripts/generate-factory-manifest.mjs
|
|
5
4
|
*
|
|
6
5
|
* Provides the list of advanced security factory modules for registration.
|
|
7
6
|
*/
|
|
8
|
-
|
|
9
|
-
exports.MODULES = void 0;
|
|
10
|
-
exports.MODULES = [
|
|
7
|
+
export const MODULES = [
|
|
11
8
|
"./security/cert/default-ca-service-factory.js",
|
|
12
9
|
"./security/cert/default-certificate-manager-factory.js",
|
|
13
10
|
"./security/encryption/channel/channel-encryption-manager-factory.js",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"factory-manifest.js","sourceRoot":"","sources":["../../../../src/naylence/fame/factory-manifest.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"factory-manifest.js","sourceRoot":"","sources":["../../../../src/naylence/fame/factory-manifest.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,CAAC,MAAM,OAAO,GAAG;IACrB,+CAA+C;IAC/C,wDAAwD;IACxD,qEAAqE;IACrE,+DAA+D;IAC/D,iEAAiE;IACjE,mEAAmE;IACnE,4CAA4C;IAC5C,qDAAqD;IACrD,uDAAuD;IACvD,8DAA8D;IAC9D,wDAAwD;IACxD,+CAA+C;CACvC,CAAC"}
|
|
@@ -1,14 +1,9 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/**
|
|
3
2
|
* Certificate client for requesting certificates from a CA signing service.
|
|
4
3
|
*
|
|
5
4
|
* Provides async HTTP client to request certificates from the CA signing service.
|
|
6
5
|
*/
|
|
7
|
-
|
|
8
|
-
exports.CAServiceClient = exports.ENV_VAR_FAME_CA_SERVICE_URL = void 0;
|
|
9
|
-
exports.extractCertificateInfo = extractCertificateInfo;
|
|
10
|
-
exports.formatCertificateInfo = formatCertificateInfo;
|
|
11
|
-
const ca_types_js_1 = require("./ca-types.js");
|
|
6
|
+
import { CertificateRequestError } from "./ca-types.js";
|
|
12
7
|
// Simple logger for now - TODO: integrate with runtime logging
|
|
13
8
|
const logger = {
|
|
14
9
|
debug: (_event, _meta) => {
|
|
@@ -18,7 +13,7 @@ const logger = {
|
|
|
18
13
|
console.error(`[ERROR] ${_event}`, _meta);
|
|
19
14
|
},
|
|
20
15
|
};
|
|
21
|
-
|
|
16
|
+
export const ENV_VAR_FAME_CA_SERVICE_URL = "FAME_CA_SERVICE_URL";
|
|
22
17
|
/**
|
|
23
18
|
* Extract certificate information from a PEM certificate.
|
|
24
19
|
*
|
|
@@ -27,7 +22,7 @@ exports.ENV_VAR_FAME_CA_SERVICE_URL = "FAME_CA_SERVICE_URL";
|
|
|
27
22
|
* @param _certPem - Certificate in PEM format (prefixed with underscore as currently unused)
|
|
28
23
|
* @returns Certificate information object
|
|
29
24
|
*/
|
|
30
|
-
function extractCertificateInfo(_certPem) {
|
|
25
|
+
export function extractCertificateInfo(_certPem) {
|
|
31
26
|
try {
|
|
32
27
|
// TODO: Implement using node-forge or similar library
|
|
33
28
|
// For now, return a placeholder
|
|
@@ -59,7 +54,7 @@ function extractCertificateInfo(_certPem) {
|
|
|
59
54
|
* @param certType - Type description for logging (e.g., "Certificate", "CA Certificate")
|
|
60
55
|
* @returns Formatted string with certificate details
|
|
61
56
|
*/
|
|
62
|
-
function formatCertificateInfo(certPem, certType = "Certificate") {
|
|
57
|
+
export function formatCertificateInfo(certPem, certType = "Certificate") {
|
|
63
58
|
const info = extractCertificateInfo(certPem);
|
|
64
59
|
if (info.error) {
|
|
65
60
|
return `=== ${certType} Information ===\n${info.error}`;
|
|
@@ -115,7 +110,7 @@ function formatCertificateInfo(certPem, certType = "Certificate") {
|
|
|
115
110
|
/**
|
|
116
111
|
* Client for requesting certificates from a CA signing service.
|
|
117
112
|
*/
|
|
118
|
-
class CAServiceClient {
|
|
113
|
+
export class CAServiceClient {
|
|
119
114
|
/**
|
|
120
115
|
* Create a new CA service client.
|
|
121
116
|
*
|
|
@@ -254,7 +249,7 @@ class CAServiceClient {
|
|
|
254
249
|
status_code: response.status,
|
|
255
250
|
error: errorDetail,
|
|
256
251
|
});
|
|
257
|
-
throw new
|
|
252
|
+
throw new CertificateRequestError(`Certificate request failed (HTTP ${response.status}): ${errorDetail}`);
|
|
258
253
|
}
|
|
259
254
|
}
|
|
260
255
|
finally {
|
|
@@ -262,7 +257,7 @@ class CAServiceClient {
|
|
|
262
257
|
}
|
|
263
258
|
}
|
|
264
259
|
catch (error) {
|
|
265
|
-
if (error instanceof
|
|
260
|
+
if (error instanceof CertificateRequestError) {
|
|
266
261
|
throw error;
|
|
267
262
|
}
|
|
268
263
|
if (error instanceof Error && error.name === "AbortError") {
|
|
@@ -270,15 +265,14 @@ class CAServiceClient {
|
|
|
270
265
|
requester_id: requesterId,
|
|
271
266
|
timeout_seconds: this.timeoutSeconds,
|
|
272
267
|
});
|
|
273
|
-
throw new
|
|
268
|
+
throw new CertificateRequestError(`Certificate request timed out after ${this.timeoutSeconds} seconds`);
|
|
274
269
|
}
|
|
275
270
|
logger.error("certificate_request_network_error", {
|
|
276
271
|
requester_id: requesterId,
|
|
277
272
|
error: String(error),
|
|
278
273
|
});
|
|
279
|
-
throw new
|
|
274
|
+
throw new CertificateRequestError(`Network error requesting certificate: ${error}`);
|
|
280
275
|
}
|
|
281
276
|
}
|
|
282
277
|
}
|
|
283
|
-
exports.CAServiceClient = CAServiceClient;
|
|
284
278
|
//# sourceMappingURL=ca-service-client.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ca-service-client.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/ca-service-client.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"ca-service-client.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/ca-service-client.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AAExD,+DAA+D;AAC/D,MAAM,MAAM,GAAG;IACb,KAAK,EAAE,CAAC,MAAc,EAAE,KAA+B,EAAE,EAAE;QACzD,yCAAyC;IAC3C,CAAC;IACD,KAAK,EAAE,CAAC,MAAc,EAAE,KAA+B,EAAE,EAAE;QACzD,OAAO,CAAC,KAAK,CAAC,WAAW,MAAM,EAAE,EAAE,KAAK,CAAC,CAAC;IAC5C,CAAC;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,2BAA2B,GAAG,qBAAqB,CAAC;AAwBjE;;;;;;;GAOG;AACH,MAAM,UAAU,sBAAsB,CAAC,QAAgB;IACrD,IAAI,CAAC;QACH,sDAAsD;QACtD,gCAAgC;QAChC,OAAO;YACL,OAAO,EAAE,yBAAyB;YAClC,MAAM,EAAE,yBAAyB;YACjC,YAAY,EAAE,MAAM;YACpB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,UAAU,EAAE,IAAI,IAAI,CAClB,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CACvC,CAAC,WAAW,EAAE;YACf,MAAM,EAAE,SAAS;SAClB,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,OAAO,EAAE,EAAE;YACX,MAAM,EAAE,EAAE;YACV,YAAY,EAAE,EAAE;YAChB,SAAS,EAAE,EAAE;YACb,UAAU,EAAE,EAAE;YACd,MAAM,EAAE,SAAS;YACjB,KAAK,EAAE,gCAAgC,KAAK,EAAE;SAC/C,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,qBAAqB,CACnC,OAAe,EACf,WAAmB,aAAa;IAEhC,MAAM,IAAI,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAC;IAE7C,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,OAAO,OAAO,QAAQ,qBAAqB,IAAI,CAAC,KAAK,EAAE,CAAC;IAC1D,CAAC;IAED,MAAM,KAAK,GAAG;QACZ,OAAO,QAAQ,kBAAkB;QACjC,YAAY,IAAI,CAAC,OAAO,EAAE;QAC1B,WAAW,IAAI,CAAC,MAAM,EAAE;QACxB,kBAAkB,IAAI,CAAC,YAAY,EAAE;QACrC,eAAe,IAAI,CAAC,SAAS,EAAE;QAC/B,gBAAgB,IAAI,CAAC,UAAU,EAAE;KAClC,CAAC;IAEF,IAAI,IAAI,CAAC,uBAAuB,IAAI,IAAI,CAAC,uBAAuB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5E,KAAK,CAAC,IAAI,CACR,8BAA8B,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACxE,CAAC;IACJ,CAAC;IAED,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,KAAK,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,KAAK,CAAC,IAAI,CAAC,aAAa,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;IAC1C,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,KAAK,CAAC,IAAI,CAAC,YAAY,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACxC,CAAC;IAED,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtD,KAAK,CAAC,IAAI,CAAC,kBAAkB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC/D,CAAC;IAED,sBAAsB;IACtB,IAAI,IAAI,CAAC,MAAM,KAAK,OAAO,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;QAChE,IAAI,IAAI,CAAC,aAAa,GAAG,CAAC,EAAE,CAAC;YAC3B,KAAK,CAAC,IAAI,CAAC,kBAAkB,IAAI,CAAC,aAAa,kBAAkB,CAAC,CAAC;QACrE,CAAC;aAAM,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,IAAI,IAAI,CAAC,cAAc,GAAG,CAAC,EAAE,CAAC;YACxE,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,IAAI,IAAI,CAAC,gBAAgB,GAAG,CAAC,EAAE,CAAC;gBACrE,KAAK,CAAC,IAAI,CACR,kBAAkB,IAAI,CAAC,cAAc,WAAW,IAAI,CAAC,gBAAgB,qBAAqB,CAC3F,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,KAAK,CAAC,IAAI,CAAC,kBAAkB,IAAI,CAAC,cAAc,mBAAmB,CAAC,CAAC;YACvE,CAAC;QACH,CAAC;aAAM,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;YAC/C,KAAK,CAAC,IAAI,CAAC,kBAAkB,IAAI,CAAC,gBAAgB,qBAAqB,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;SAAM,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;QACrC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAChC,CAAC;SAAM,IAAI,IAAI,CAAC,MAAM,KAAK,eAAe,EAAE,CAAC;QAC3C,KAAK,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;IACtC,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,eAAe;IAK1B;;;;;OAKG;IACH,YACE,eAAoC,EACpC,iBAAyB,IAAI;QAVvB,eAAU,GAAkB,IAAI,CAAC;QAYvC,IAAI,CAAC,eAAe,IAAI,OAAO,eAAe,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YAChE,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;QACpE,CAAC;QAED,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QACvC,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;IACvC,CAAC;IAED;;;;OAIG;IACH,aAAa,CAAC,UAAkB;QAC9B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,kBAAkB,CACtB,MAAc,EACd,WAAmB,EACnB,YAAqB,EACrB,QAAmB;QAEnB,MAAM,WAAW,GAAG;YAClB,OAAO,EAAE,MAAM;YACf,YAAY,EAAE,WAAW;YACzB,aAAa,EAAE,YAAY;YAC3B,QAAQ,EAAE,QAAQ,IAAI,EAAE;SACzB,CAAC;QAEF,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,CAAC;QAElE,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE;YACrC,YAAY,EAAE,WAAW;YACzB,cAAc,EAAE,GAAG;YACnB,aAAa,EAAE,YAAY;YAC3B,QAAQ;SACT,CAAC,CAAC;QAEH,kBAAkB;QAClB,MAAM,OAAO,GAA2B;YACtC,cAAc,EAAE,kBAAkB;SACnC,CAAC;QAEF,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,OAAO,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC;QAC7C,CAAC;QAED,IAAI,CAAC;YACH,sCAAsC;YACtC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAC1B,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EACxB,IAAI,CAAC,cAAc,GAAG,IAAI,CAC3B,CAAC;YAEF,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;oBAChC,MAAM,EAAE,MAAM;oBACd,OAAO;oBACP,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;oBACjC,MAAM,EAAE,UAAU,CAAC,MAAM;iBAC1B,CAAC,CAAC;gBAEH,YAAY,CAAC,SAAS,CAAC,CAAC;gBAExB,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;oBAChB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;oBACrC,MAAM,cAAc,GAAW,MAAM,CAAC,eAAe,CAAC;oBACtD,MAAM,mBAAmB,GACvB,MAAM,CAAC,qBAAqB,IAAI,cAAc,CAAC;oBAEjD,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE;wBAC7C,YAAY,EAAE,WAAW;wBACzB,UAAU,EAAE,MAAM,CAAC,UAAU;qBAC9B,CAAC,CAAC;oBAEH,kEAAkE;oBAClE,MAAM,QAAQ,GAAG,sBAAsB,CAAC,cAAc,CAAC,CAAC;oBACxD,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE;wBAClC,YAAY,EAAE,WAAW;wBACzB,gBAAgB,EAAE,oBAAoB;wBACtC,GAAG,QAAQ;qBACZ,CAAC,CAAC;oBAEH,gEAAgE;oBAChE,IAAI,mBAAmB,KAAK,cAAc,EAAE,CAAC;wBAC3C,iDAAiD;wBACjD,MAAM,UAAU,GAAG,mBAAmB;6BACnC,KAAK,CAAC,6BAA6B,CAAC;6BACpC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;wBAEhB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;4BAC3C,MAAM,SAAS,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;4BAChC,IAAI,SAAS,IAAI,SAAS,CAAC,IAAI,EAAE,EAAE,CAAC;gCAClC,MAAM,YAAY,GAAG,SAAS,GAAG,6BAA6B,CAAC;gCAE/D,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;oCACZ,wDAAwD;oCACxD,IAAI,YAAY,CAAC,IAAI,EAAE,KAAK,cAAc,CAAC,IAAI,EAAE,EAAE,CAAC;wCAClD,MAAM,aAAa,GAAG,sBAAsB,CAAC,YAAY,CAAC,CAAC;wCAC3D,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE;4CACxC,YAAY,EAAE,WAAW;4CACzB,gBAAgB,EAAE,mBAAmB;4CACrC,WAAW,EAAE,CAAC;4CACd,GAAG,aAAa;yCACjB,CAAC,CAAC;oCACL,CAAC;gCACH,CAAC;qCAAM,CAAC;oCACN,6CAA6C;oCAC7C,MAAM,UAAU,GAAG,sBAAsB,CAAC,YAAY,CAAC,CAAC;oCACxD,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE;wCACxC,YAAY,EAAE,WAAW;wCACzB,gBAAgB,EAAE,gBAAgB;wCAClC,WAAW,EAAE,CAAC;wCACd,GAAG,UAAU;qCACd,CAAC,CAAC;gCACL,CAAC;4BACH,CAAC;wBACH,CAAC;oBACH,CAAC;oBAED,OAAO,CAAC,cAAc,EAAE,mBAAmB,CAAC,CAAC;gBAC/C,CAAC;qBAAM,CAAC;oBACN,IAAI,WAAW,GAAG,eAAe,CAAC;oBAClC,IAAI,CAAC;wBACH,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;wBACvC,IAAI,CAAC;4BACH,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;4BACvC,WAAW,GAAG,SAAS,CAAC,MAAM,IAAI,QAAQ,CAAC;wBAC7C,CAAC;wBAAC,MAAM,CAAC;4BACP,WAAW,GAAG,QAAQ,CAAC;wBACzB,CAAC;oBACH,CAAC;oBAAC,MAAM,CAAC;wBACP,4BAA4B;wBAC5B,WAAW,GAAG,QAAQ,QAAQ,CAAC,MAAM,EAAE,CAAC;oBAC1C,CAAC;oBAED,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE;wBACzC,YAAY,EAAE,WAAW;wBACzB,WAAW,EAAE,QAAQ,CAAC,MAAM;wBAC5B,KAAK,EAAE,WAAW;qBACnB,CAAC,CAAC;oBAEH,MAAM,IAAI,uBAAuB,CAC/B,oCAAoC,QAAQ,CAAC,MAAM,MAAM,WAAW,EAAE,CACvE,CAAC;gBACJ,CAAC;YACH,CAAC;oBAAS,CAAC;gBACT,YAAY,CAAC,SAAS,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,uBAAuB,EAAE,CAAC;gBAC7C,MAAM,KAAK,CAAC;YACd,CAAC;YAED,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC1D,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE;oBAC1C,YAAY,EAAE,WAAW;oBACzB,eAAe,EAAE,IAAI,CAAC,cAAc;iBACrC,CAAC,CAAC;gBACH,MAAM,IAAI,uBAAuB,CAC/B,uCAAuC,IAAI,CAAC,cAAc,UAAU,CACrE,CAAC;YACJ,CAAC;YAED,MAAM,CAAC,KAAK,CAAC,mCAAmC,EAAE;gBAChD,YAAY,EAAE,WAAW;gBACzB,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC;aACrB,CAAC,CAAC;YACH,MAAM,IAAI,uBAAuB,CAC/B,yCAAyC,KAAK,EAAE,CACjD,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}
|
|
@@ -1,18 +1,15 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/**
|
|
3
2
|
* Factory pattern for creating CA service instances.
|
|
4
3
|
*
|
|
5
4
|
* Provides a unified way to create CAService implementations from configuration.
|
|
6
5
|
*/
|
|
7
|
-
|
|
8
|
-
exports.FACTORY_META = exports.CA_SERVICE_FACTORY_BASE_TYPE = exports.CAServiceFactory = void 0;
|
|
9
|
-
const factory_1 = require("@naylence/factory");
|
|
6
|
+
import { AbstractResourceFactory, createDefaultResource, createResource, } from "@naylence/factory";
|
|
10
7
|
/**
|
|
11
8
|
* Factory for creating CAService instances.
|
|
12
9
|
*
|
|
13
10
|
* Supports multiple CAService implementations through the factory pattern.
|
|
14
11
|
*/
|
|
15
|
-
class CAServiceFactory extends
|
|
12
|
+
export class CAServiceFactory extends AbstractResourceFactory {
|
|
16
13
|
/**
|
|
17
14
|
* Create a CAService instance from configuration.
|
|
18
15
|
*
|
|
@@ -23,7 +20,7 @@ class CAServiceFactory extends factory_1.AbstractResourceFactory {
|
|
|
23
20
|
static async createCAService(config, options) {
|
|
24
21
|
if (!config) {
|
|
25
22
|
// Use default CA service
|
|
26
|
-
const service = await
|
|
23
|
+
const service = await createDefaultResource("CAServiceFactory", config, options);
|
|
27
24
|
if (!service) {
|
|
28
25
|
throw new Error("No default CA service factory registered");
|
|
29
26
|
}
|
|
@@ -31,7 +28,7 @@ class CAServiceFactory extends factory_1.AbstractResourceFactory {
|
|
|
31
28
|
}
|
|
32
29
|
if (typeof config === "object" && !("type" in config)) {
|
|
33
30
|
// No type specified, use default
|
|
34
|
-
const service = await
|
|
31
|
+
const service = await createDefaultResource("CAServiceFactory", config, options);
|
|
35
32
|
if (!service) {
|
|
36
33
|
throw new Error("No default CA service factory registered");
|
|
37
34
|
}
|
|
@@ -41,22 +38,21 @@ class CAServiceFactory extends factory_1.AbstractResourceFactory {
|
|
|
41
38
|
const configObj = config instanceof Object && "type" in config
|
|
42
39
|
? config
|
|
43
40
|
: { type: "CAService", ...config };
|
|
44
|
-
const service = await
|
|
41
|
+
const service = await createResource("CAServiceFactory", configObj, options);
|
|
45
42
|
if (!service) {
|
|
46
43
|
throw new Error(`Failed to create CA service of type "${configObj.type}"`);
|
|
47
44
|
}
|
|
48
45
|
return service;
|
|
49
46
|
}
|
|
50
47
|
}
|
|
51
|
-
exports.CAServiceFactory = CAServiceFactory;
|
|
52
48
|
/**
|
|
53
49
|
* Base type for CA service factories.
|
|
54
50
|
*/
|
|
55
|
-
|
|
51
|
+
export const CA_SERVICE_FACTORY_BASE_TYPE = "CAServiceFactory";
|
|
56
52
|
/**
|
|
57
53
|
* Factory metadata for CAServiceFactory.
|
|
58
54
|
*/
|
|
59
|
-
|
|
55
|
+
export const FACTORY_META = {
|
|
60
56
|
factoryId: "CAServiceFactory",
|
|
61
57
|
factoryType: CAServiceFactory,
|
|
62
58
|
resourceType: "CAService",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ca-service-factory.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/ca-service-factory.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"ca-service-factory.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/ca-service-factory.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EACL,uBAAuB,EACvB,qBAAqB,EACrB,cAAc,GACf,MAAM,mBAAmB,CAAC;AAU3B;;;;GAIG;AACH,MAAM,OAAgB,gBAEpB,SAAQ,uBAAqC;IAC7C;;;;;;OAMG;IACH,MAAM,CAAC,KAAK,CAAC,eAAe,CAC1B,MAAkD,EAClD,OAA+B;QAE/B,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,yBAAyB;YACzB,MAAM,OAAO,GAAG,MAAM,qBAAqB,CACzC,kBAAkB,EAClB,MAAM,EACN,OAAO,CACR,CAAC;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;YAC9D,CAAC;YACD,OAAO,OAAoB,CAAC;QAC9B,CAAC;QAED,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,IAAI,MAAM,CAAC,EAAE,CAAC;YACtD,iCAAiC;YACjC,MAAM,OAAO,GAAG,MAAM,qBAAqB,CACzC,kBAAkB,EAClB,MAAM,EACN,OAAO,CACR,CAAC;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;YAC9D,CAAC;YACD,OAAO,OAAoB,CAAC;QAC9B,CAAC;QAED,4BAA4B;QAC5B,MAAM,SAAS,GACb,MAAM,YAAY,MAAM,IAAI,MAAM,IAAI,MAAM;YAC1C,CAAC,CAAE,MAA0B;YAC7B,CAAC,CAAE,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,EAAsB,CAAC;QAE5D,MAAM,OAAO,GAAG,MAAM,cAAc,CAClC,kBAAkB,EAClB,SAAS,EACT,OAAO,CACR,CAAC;QACF,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CACb,wCAAwC,SAAS,CAAC,IAAI,GAAG,CAC1D,CAAC;QACJ,CAAC;QACD,OAAO,OAAoB,CAAC;IAC9B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAG,kBAAkB,CAAC;AAE/D;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,SAAS,EAAE,kBAAkB;IAC7B,WAAW,EAAE,gBAAgB;IAC7B,YAAY,EAAE,WAAW;IACzB,WAAW,EACT,mEAAmE;CACtE,CAAC"}
|
|
@@ -1,19 +1,16 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/**
|
|
3
2
|
* Certificate Authority (CA) types and interfaces.
|
|
4
3
|
*
|
|
5
4
|
* Provides type definitions for CA service operations, certificate signing requests,
|
|
6
5
|
* and certificate issuance responses.
|
|
7
6
|
*/
|
|
8
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
-
exports.CertificateRequestError = exports.CAService = void 0;
|
|
10
7
|
/**
|
|
11
8
|
* Abstract CA signing service interface.
|
|
12
9
|
*
|
|
13
10
|
* Defines the contract for certificate authority services that can issue
|
|
14
11
|
* certificates from certificate signing requests.
|
|
15
12
|
*/
|
|
16
|
-
class CAService {
|
|
13
|
+
export class CAService {
|
|
17
14
|
/**
|
|
18
15
|
* Optional authorizer for request authentication.
|
|
19
16
|
*/
|
|
@@ -21,16 +18,14 @@ class CAService {
|
|
|
21
18
|
return null;
|
|
22
19
|
}
|
|
23
20
|
}
|
|
24
|
-
exports.CAService = CAService;
|
|
25
21
|
/**
|
|
26
22
|
* Error thrown when a certificate request fails.
|
|
27
23
|
*/
|
|
28
|
-
class CertificateRequestError extends Error {
|
|
24
|
+
export class CertificateRequestError extends Error {
|
|
29
25
|
constructor(message) {
|
|
30
26
|
super(message);
|
|
31
27
|
this.name = "CertificateRequestError";
|
|
32
28
|
Object.setPrototypeOf(this, CertificateRequestError.prototype);
|
|
33
29
|
}
|
|
34
30
|
}
|
|
35
|
-
exports.CertificateRequestError = CertificateRequestError;
|
|
36
31
|
//# sourceMappingURL=ca-types.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ca-types.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/ca-types.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"ca-types.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/ca-types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAyCH;;;;;GAKG;AACH,MAAM,OAAgB,SAAS;IAC7B;;OAEG;IACH,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;CAWF;AAED;;GAEG;AACH,MAAM,OAAO,uBAAwB,SAAQ,KAAK;IAChD,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,yBAAyB,CAAC;QACtC,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,uBAAuB,CAAC,SAAS,CAAC,CAAC;IACjE,CAAC;CACF"}
|
|
@@ -1,17 +1,14 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/**
|
|
3
2
|
* Factory for creating DefaultCAService instances.
|
|
4
3
|
*
|
|
5
4
|
* Provides the default CA service implementation with environment variable support.
|
|
6
5
|
*/
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
const factory_1 = require("@naylence/factory");
|
|
10
|
-
const default_ca_service_js_1 = require("./default-ca-service.js");
|
|
6
|
+
import { AbstractResourceFactory } from "@naylence/factory";
|
|
7
|
+
import { DefaultCAService } from "./default-ca-service.js";
|
|
11
8
|
/**
|
|
12
9
|
* Factory metadata for DefaultCAServiceFactory.
|
|
13
10
|
*/
|
|
14
|
-
|
|
11
|
+
export const FACTORY_META = {
|
|
15
12
|
base: "CAServiceFactory",
|
|
16
13
|
key: "DefaultCAService",
|
|
17
14
|
};
|
|
@@ -31,7 +28,7 @@ function normalizeConfig(config) {
|
|
|
31
28
|
/**
|
|
32
29
|
* Factory for creating DefaultCAService instances.
|
|
33
30
|
*/
|
|
34
|
-
class DefaultCAServiceFactory extends
|
|
31
|
+
export class DefaultCAServiceFactory extends AbstractResourceFactory {
|
|
35
32
|
constructor() {
|
|
36
33
|
super(...arguments);
|
|
37
34
|
this.type = "DefaultCAService";
|
|
@@ -55,7 +52,7 @@ class DefaultCAServiceFactory extends factory_1.AbstractResourceFactory {
|
|
|
55
52
|
const signingKeyPem = normalizedConfig.signingKeyPem ?? normalizedConfig.signing_key_pem;
|
|
56
53
|
// TODO: Create authorizer from config when AuthorizerFactory is available
|
|
57
54
|
const authorizer = undefined;
|
|
58
|
-
return new
|
|
55
|
+
return new DefaultCAService({
|
|
59
56
|
caCertPem,
|
|
60
57
|
caKeyPem,
|
|
61
58
|
intermediateChainPem,
|
|
@@ -65,6 +62,5 @@ class DefaultCAServiceFactory extends factory_1.AbstractResourceFactory {
|
|
|
65
62
|
});
|
|
66
63
|
}
|
|
67
64
|
}
|
|
68
|
-
|
|
69
|
-
exports.default = DefaultCAServiceFactory;
|
|
65
|
+
export default DefaultCAServiceFactory;
|
|
70
66
|
//# sourceMappingURL=default-ca-service-factory.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"default-ca-service-factory.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/default-ca-service-factory.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"default-ca-service-factory.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/default-ca-service-factory.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAG5D,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAgC3D;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,IAAI,EAAE,kBAAkB;IACxB,GAAG,EAAE,kBAAkB;CACf,CAAC;AAEX;;GAEG;AACH,SAAS,eAAe,CACtB,MAAgE;IAEhE,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,IAAI,EAAE,kBAAkB,EAAE,CAAC;IACtC,CAAC;IAED,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,IAAI,EAAE,GAAG,MAAiC,CAAC;IAC1E,OAAO;QACL,GAAG,IAAI;QACP,IAAI,EAAE,kBAAkB;KACC,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,uBAAwB,SAAQ,uBAG5C;IAHD;;QAIkB,SAAI,GAAG,kBAAkB,CAAC;QAC1B,cAAS,GAAG,IAAI,CAAC;QACjB,aAAQ,GAAG,GAAG,CAAC;IAsCjC,CAAC;IApCC;;;;;OAKG;IACI,KAAK,CAAC,MAAM,CACjB,MAAgE,EAChE,GAAG,YAAuB;QAE1B,MAAM,gBAAgB,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;QAEjD,kDAAkD;QAClD,MAAM,SAAS,GACb,gBAAgB,CAAC,SAAS,IAAI,gBAAgB,CAAC,WAAW,CAAC;QAC7D,MAAM,QAAQ,GAAG,gBAAgB,CAAC,QAAQ,IAAI,gBAAgB,CAAC,UAAU,CAAC;QAC1E,MAAM,oBAAoB,GACxB,gBAAgB,CAAC,oBAAoB;YACrC,gBAAgB,CAAC,sBAAsB,CAAC;QAC1C,MAAM,cAAc,GAClB,gBAAgB,CAAC,cAAc,IAAI,gBAAgB,CAAC,gBAAgB,CAAC;QACvE,MAAM,aAAa,GACjB,gBAAgB,CAAC,aAAa,IAAI,gBAAgB,CAAC,eAAe,CAAC;QAErE,0EAA0E;QAC1E,MAAM,UAAU,GAA2B,SAAS,CAAC;QAErD,OAAO,IAAI,gBAAgB,CAAC;YAC1B,SAAS;YACT,QAAQ;YACR,oBAAoB;YACpB,cAAc;YACd,aAAa;YACb,UAAU;SACX,CAAC,CAAC;IACL,CAAC;CACF;AAED,eAAe,uBAAuB,CAAC"}
|
|
@@ -1,60 +1,24 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/**
|
|
3
2
|
* Default CA service implementation with environment variable support.
|
|
4
3
|
*
|
|
5
4
|
* Wraps InternalCAService (CASigningService) with automatic credential
|
|
6
5
|
* loading from environment variables and test CA fallback.
|
|
7
6
|
*/
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
11
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
12
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
13
|
-
}
|
|
14
|
-
Object.defineProperty(o, k2, desc);
|
|
15
|
-
}) : (function(o, m, k, k2) {
|
|
16
|
-
if (k2 === undefined) k2 = k;
|
|
17
|
-
o[k2] = m[k];
|
|
18
|
-
}));
|
|
19
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
20
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
21
|
-
}) : function(o, v) {
|
|
22
|
-
o["default"] = v;
|
|
23
|
-
});
|
|
24
|
-
var __importStar = (this && this.__importStar) || (function () {
|
|
25
|
-
var ownKeys = function(o) {
|
|
26
|
-
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
27
|
-
var ar = [];
|
|
28
|
-
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
29
|
-
return ar;
|
|
30
|
-
};
|
|
31
|
-
return ownKeys(o);
|
|
32
|
-
};
|
|
33
|
-
return function (mod) {
|
|
34
|
-
if (mod && mod.__esModule) return mod;
|
|
35
|
-
var result = {};
|
|
36
|
-
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
37
|
-
__setModuleDefault(result, mod);
|
|
38
|
-
return result;
|
|
39
|
-
};
|
|
40
|
-
})();
|
|
41
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
42
|
-
exports.DefaultCAService = exports.ENV_FAME_SIGNING_KEY_PEM = exports.ENV_FAME_SIGNING_KEY_FILE = exports.ENV_FAME_SIGNING_CERT_PEM = exports.ENV_FAME_SIGNING_CERT_FILE = exports.ENV_FAME_INTERMEDIATE_CHAIN_PEM = exports.ENV_FAME_INTERMEDIATE_CHAIN_FILE = exports.ENV_FAME_CA_KEY_PEM = exports.ENV_FAME_CA_KEY_FILE = exports.ENV_FAME_CA_CERT_PEM = exports.ENV_FAME_CA_CERT_FILE = void 0;
|
|
43
|
-
const ca_types_js_1 = require("./ca-types.js");
|
|
44
|
-
const internal_ca_service_js_1 = require("./internal-ca-service.js");
|
|
7
|
+
import { CAService } from "./ca-types.js";
|
|
8
|
+
import { CASigningService, createTestCA } from "./internal-ca-service.js";
|
|
45
9
|
/**
|
|
46
10
|
* Environment variable names for CA credentials.
|
|
47
11
|
*/
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
12
|
+
export const ENV_FAME_CA_CERT_FILE = "FAME_CA_CERT_FILE";
|
|
13
|
+
export const ENV_FAME_CA_CERT_PEM = "FAME_CA_CERT_PEM";
|
|
14
|
+
export const ENV_FAME_CA_KEY_FILE = "FAME_CA_KEY_FILE";
|
|
15
|
+
export const ENV_FAME_CA_KEY_PEM = "FAME_CA_KEY_PEM";
|
|
16
|
+
export const ENV_FAME_INTERMEDIATE_CHAIN_FILE = "FAME_INTERMEDIATE_CHAIN_FILE";
|
|
17
|
+
export const ENV_FAME_INTERMEDIATE_CHAIN_PEM = "FAME_INTERMEDIATE_CHAIN_PEM";
|
|
18
|
+
export const ENV_FAME_SIGNING_CERT_FILE = "FAME_SIGNING_CERT_FILE";
|
|
19
|
+
export const ENV_FAME_SIGNING_CERT_PEM = "FAME_SIGNING_CERT_PEM";
|
|
20
|
+
export const ENV_FAME_SIGNING_KEY_FILE = "FAME_SIGNING_KEY_FILE";
|
|
21
|
+
export const ENV_FAME_SIGNING_KEY_PEM = "FAME_SIGNING_KEY_PEM";
|
|
58
22
|
/**
|
|
59
23
|
* Default CA service with environment variable support and test CA fallback.
|
|
60
24
|
*
|
|
@@ -63,7 +27,7 @@ exports.ENV_FAME_SIGNING_KEY_PEM = "FAME_SIGNING_KEY_PEM";
|
|
|
63
27
|
* 2. Environment variables (FAME_CA_CERT_PEM, FAME_CA_KEY_PEM, etc.)
|
|
64
28
|
* 3. Test CA generation (development only)
|
|
65
29
|
*/
|
|
66
|
-
class DefaultCAService extends
|
|
30
|
+
export class DefaultCAService extends CAService {
|
|
67
31
|
constructor(options = {}) {
|
|
68
32
|
super();
|
|
69
33
|
this.caCertPem = options.caCertPem;
|
|
@@ -89,57 +53,57 @@ class DefaultCAService extends ca_types_js_1.CAService {
|
|
|
89
53
|
let signingKeyPem = this.signingKeyPem;
|
|
90
54
|
// Try environment variables if not provided
|
|
91
55
|
if (!caCertPem) {
|
|
92
|
-
const caCertFile = process.env[
|
|
56
|
+
const caCertFile = process.env[ENV_FAME_CA_CERT_FILE];
|
|
93
57
|
if (caCertFile) {
|
|
94
58
|
caCertPem = await this.readFileIfExists(caCertFile);
|
|
95
59
|
}
|
|
96
60
|
if (!caCertPem) {
|
|
97
|
-
caCertPem = process.env[
|
|
61
|
+
caCertPem = process.env[ENV_FAME_CA_CERT_PEM];
|
|
98
62
|
}
|
|
99
63
|
}
|
|
100
64
|
if (!caKeyPem) {
|
|
101
|
-
const caKeyFile = process.env[
|
|
65
|
+
const caKeyFile = process.env[ENV_FAME_CA_KEY_FILE];
|
|
102
66
|
if (caKeyFile) {
|
|
103
67
|
caKeyPem = await this.readFileIfExists(caKeyFile);
|
|
104
68
|
}
|
|
105
69
|
if (!caKeyPem) {
|
|
106
|
-
caKeyPem = process.env[
|
|
70
|
+
caKeyPem = process.env[ENV_FAME_CA_KEY_PEM];
|
|
107
71
|
}
|
|
108
72
|
}
|
|
109
73
|
// Load intermediate chain
|
|
110
74
|
if (!intermediateChainPem) {
|
|
111
|
-
const intermediateChainFile = process.env[
|
|
75
|
+
const intermediateChainFile = process.env[ENV_FAME_INTERMEDIATE_CHAIN_FILE];
|
|
112
76
|
if (intermediateChainFile) {
|
|
113
77
|
intermediateChainPem = await this.readFileIfExists(intermediateChainFile);
|
|
114
78
|
}
|
|
115
79
|
if (!intermediateChainPem) {
|
|
116
|
-
intermediateChainPem = process.env[
|
|
80
|
+
intermediateChainPem = process.env[ENV_FAME_INTERMEDIATE_CHAIN_PEM];
|
|
117
81
|
}
|
|
118
82
|
}
|
|
119
83
|
// Load signing certificate
|
|
120
84
|
if (!signingCertPem) {
|
|
121
|
-
const signingCertFile = process.env[
|
|
85
|
+
const signingCertFile = process.env[ENV_FAME_SIGNING_CERT_FILE];
|
|
122
86
|
if (signingCertFile) {
|
|
123
87
|
signingCertPem = await this.readFileIfExists(signingCertFile);
|
|
124
88
|
}
|
|
125
89
|
if (!signingCertPem) {
|
|
126
|
-
signingCertPem = process.env[
|
|
90
|
+
signingCertPem = process.env[ENV_FAME_SIGNING_CERT_PEM];
|
|
127
91
|
}
|
|
128
92
|
}
|
|
129
93
|
// Load signing key
|
|
130
94
|
if (!signingKeyPem) {
|
|
131
|
-
const signingKeyFile = process.env[
|
|
95
|
+
const signingKeyFile = process.env[ENV_FAME_SIGNING_KEY_FILE];
|
|
132
96
|
if (signingKeyFile) {
|
|
133
97
|
signingKeyPem = await this.readFileIfExists(signingKeyFile);
|
|
134
98
|
}
|
|
135
99
|
if (!signingKeyPem) {
|
|
136
|
-
signingKeyPem = process.env[
|
|
100
|
+
signingKeyPem = process.env[ENV_FAME_SIGNING_KEY_PEM];
|
|
137
101
|
}
|
|
138
102
|
}
|
|
139
103
|
// Fallback to test CA if nothing configured
|
|
140
104
|
if (!caCertPem || !caKeyPem) {
|
|
141
105
|
console.warn("No CA credentials configured, using test CA (not for production!)");
|
|
142
|
-
const [rootCert, rootKey] = await
|
|
106
|
+
const [rootCert, rootKey] = await createTestCA();
|
|
143
107
|
return {
|
|
144
108
|
rootCaCertPem: rootCert,
|
|
145
109
|
rootCaKeyPem: rootKey,
|
|
@@ -169,7 +133,7 @@ class DefaultCAService extends ca_types_js_1.CAService {
|
|
|
169
133
|
}
|
|
170
134
|
// Node.js environment
|
|
171
135
|
try {
|
|
172
|
-
const fs = await
|
|
136
|
+
const fs = await import("fs/promises");
|
|
173
137
|
const stats = await fs.stat(filePath);
|
|
174
138
|
if (stats.isFile()) {
|
|
175
139
|
return await fs.readFile(filePath, "utf-8");
|
|
@@ -220,7 +184,7 @@ class DefaultCAService extends ca_types_js_1.CAService {
|
|
|
220
184
|
let signingService;
|
|
221
185
|
if (credentials.signingCertPem && credentials.signingKeyPem) {
|
|
222
186
|
// Use specific signing certificate (leaf of intermediate chain)
|
|
223
|
-
signingService = new
|
|
187
|
+
signingService = new CASigningService({
|
|
224
188
|
rootCertPem: credentials.signingCertPem,
|
|
225
189
|
rootKeyPem: credentials.signingKeyPem,
|
|
226
190
|
});
|
|
@@ -232,7 +196,7 @@ class DefaultCAService extends ca_types_js_1.CAService {
|
|
|
232
196
|
if (intermediateCerts.length > 0 && credentials.signingKeyPem) {
|
|
233
197
|
// Use the first certificate in the chain (should be the leaf/signing certificate)
|
|
234
198
|
const leafCertPem = intermediateCerts[0];
|
|
235
|
-
signingService = new
|
|
199
|
+
signingService = new CASigningService({
|
|
236
200
|
rootCertPem: leafCertPem,
|
|
237
201
|
rootKeyPem: credentials.signingKeyPem,
|
|
238
202
|
});
|
|
@@ -240,7 +204,7 @@ class DefaultCAService extends ca_types_js_1.CAService {
|
|
|
240
204
|
}
|
|
241
205
|
else {
|
|
242
206
|
// Fall back to root CA if no signing key provided
|
|
243
|
-
signingService = new
|
|
207
|
+
signingService = new CASigningService({
|
|
244
208
|
rootCertPem: credentials.rootCaCertPem,
|
|
245
209
|
rootKeyPem: credentials.rootCaKeyPem,
|
|
246
210
|
});
|
|
@@ -249,7 +213,7 @@ class DefaultCAService extends ca_types_js_1.CAService {
|
|
|
249
213
|
}
|
|
250
214
|
else {
|
|
251
215
|
// Sign with root CA
|
|
252
|
-
signingService = new
|
|
216
|
+
signingService = new CASigningService({
|
|
253
217
|
rootCertPem: credentials.rootCaCertPem,
|
|
254
218
|
rootKeyPem: credentials.rootCaKeyPem,
|
|
255
219
|
});
|
|
@@ -296,5 +260,4 @@ class DefaultCAService extends ca_types_js_1.CAService {
|
|
|
296
260
|
}
|
|
297
261
|
}
|
|
298
262
|
}
|
|
299
|
-
exports.DefaultCAService = DefaultCAService;
|
|
300
263
|
//# sourceMappingURL=default-ca-service.js.map
|