@naylence/advanced-security 0.3.5-test.0 → 0.3.5-test.101
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/browser/index.js +25 -16
- package/dist/browser/index.js.map +1 -1
- package/dist/cjs/browser.js +13 -28
- package/dist/cjs/browser.js.map +1 -1
- package/dist/cjs/index.js +5 -6
- package/dist/cjs/index.js.map +1 -1
- package/dist/cjs/naylence/fame/factory-manifest.js +1 -4
- package/dist/cjs/naylence/fame/factory-manifest.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/ca-service-client.js +9 -15
- package/dist/cjs/naylence/fame/security/cert/ca-service-client.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/ca-service-factory.js +7 -11
- package/dist/cjs/naylence/fame/security/cert/ca-service-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/ca-types.js +2 -7
- package/dist/cjs/naylence/fame/security/cert/ca-types.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/default-ca-service-factory.js +6 -10
- package/dist/cjs/naylence/fame/security/cert/default-ca-service-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/default-ca-service.js +29 -66
- package/dist/cjs/naylence/fame/security/cert/default-ca-service.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/default-certificate-manager-factory.js +12 -16
- package/dist/cjs/naylence/fame/security/cert/default-certificate-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/default-certificate-manager.js +22 -59
- package/dist/cjs/naylence/fame/security/cert/default-certificate-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/grants.js +1 -4
- package/dist/cjs/naylence/fame/security/cert/grants.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/index.js +10 -50
- package/dist/cjs/naylence/fame/security/cert/index.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/internal-ca-service.js +79 -122
- package/dist/cjs/naylence/fame/security/cert/internal-ca-service.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/util.js +26 -30
- package/dist/cjs/naylence/fame/security/cert/util.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/channel/channel-encryption-manager-factory.js +10 -14
- package/dist/cjs/naylence/fame/security/encryption/channel/channel-encryption-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/channel/channel-encryption-manager.js +32 -36
- package/dist/cjs/naylence/fame/security/encryption/channel/channel-encryption-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/channel/index.js +2 -7
- package/dist/cjs/naylence/fame/security/encryption/channel/index.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/composite-encryption-manager-factory.js +10 -14
- package/dist/cjs/naylence/fame/security/encryption/composite-encryption-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/composite-encryption-manager.js +7 -11
- package/dist/cjs/naylence/fame/security/encryption/composite-encryption-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/default-secure-channel-manager-factory.js +7 -11
- package/dist/cjs/naylence/fame/security/encryption/default-secure-channel-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/default-secure-channel-manager.js +19 -23
- package/dist/cjs/naylence/fame/security/encryption/default-secure-channel-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/encryption-manager-registry.js +9 -15
- package/dist/cjs/naylence/fame/security/encryption/encryption-manager-registry.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/index.js +6 -15
- package/dist/cjs/naylence/fame/security/encryption/index.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/sealed/index.js +2 -7
- package/dist/cjs/naylence/fame/security/encryption/sealed/index.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/sealed/x25519-encryption-manager-factory.js +8 -12
- package/dist/cjs/naylence/fame/security/encryption/sealed/x25519-encryption-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/encryption/sealed/x25519-encryption-manager.js +26 -30
- package/dist/cjs/naylence/fame/security/encryption/sealed/x25519-encryption-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/security/index.js +5 -10
- package/dist/cjs/naylence/fame/security/index.js.map +1 -1
- package/dist/cjs/naylence/fame/security/keys/index.js +2 -8
- package/dist/cjs/naylence/fame/security/keys/index.js.map +1 -1
- package/dist/cjs/naylence/fame/security/keys/x5c-key-manager-factory.js +9 -13
- package/dist/cjs/naylence/fame/security/keys/x5c-key-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/keys/x5c-key-manager.js +16 -52
- package/dist/cjs/naylence/fame/security/keys/x5c-key-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/security/register-advanced-security-factories.js +8 -44
- package/dist/cjs/naylence/fame/security/register-advanced-security-factories.js.map +1 -1
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-signer-factory.js +6 -43
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-signer-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-verifier-factory.js +8 -12
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-verifier-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-verifier.js +33 -70
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-verifier.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-helper.js +8 -13
- package/dist/cjs/naylence/fame/stickiness/aft-helper.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-load-balancer-stickiness-manager-factory.js +12 -16
- package/dist/cjs/naylence/fame/stickiness/aft-load-balancer-stickiness-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-load-balancer-stickiness-manager.js +10 -14
- package/dist/cjs/naylence/fame/stickiness/aft-load-balancer-stickiness-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-model.js +6 -14
- package/dist/cjs/naylence/fame/stickiness/aft-model.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-replica-stickiness-manager-factory.js +12 -16
- package/dist/cjs/naylence/fame/stickiness/aft-replica-stickiness-manager-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-replica-stickiness-manager.js +13 -18
- package/dist/cjs/naylence/fame/stickiness/aft-replica-stickiness-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-signer.js +23 -30
- package/dist/cjs/naylence/fame/stickiness/aft-signer.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-utils.js +3 -8
- package/dist/cjs/naylence/fame/stickiness/aft-utils.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/aft-verifier.js +21 -28
- package/dist/cjs/naylence/fame/stickiness/aft-verifier.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/index.js +10 -39
- package/dist/cjs/naylence/fame/stickiness/index.js.map +1 -1
- package/dist/cjs/naylence/fame/stickiness/stickiness-mode.js +3 -7
- package/dist/cjs/naylence/fame/stickiness/stickiness-mode.js.map +1 -1
- package/dist/cjs/naylence/fame/welcome/advanced-welcome-service-factory.js +14 -18
- package/dist/cjs/naylence/fame/welcome/advanced-welcome-service-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/welcome/advanced-welcome-service.js +14 -18
- package/dist/cjs/naylence/fame/welcome/advanced-welcome-service.js.map +1 -1
- package/dist/cjs/naylence/fame/welcome/index.js +2 -8
- package/dist/cjs/naylence/fame/welcome/index.js.map +1 -1
- package/dist/cjs/plugin.js +8 -10
- package/dist/cjs/plugin.js.map +1 -1
- package/dist/cjs/version.js +8 -0
- package/dist/cjs/version.js.map +1 -0
- package/dist/esm/browser.js +2 -0
- package/dist/esm/browser.js.map +1 -1
- package/dist/esm/index.js +2 -0
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/default-certificate-manager-factory.js +2 -2
- package/dist/esm/naylence/fame/security/cert/default-certificate-manager-factory.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/default-certificate-manager.js +1 -1
- package/dist/esm/naylence/fame/security/cert/default-certificate-manager.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/internal-ca-service.js +1 -1
- package/dist/esm/naylence/fame/security/cert/internal-ca-service.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/util.js +1 -1
- package/dist/esm/naylence/fame/security/cert/util.js.map +1 -1
- package/dist/esm/plugin.js +2 -0
- package/dist/esm/plugin.js.map +1 -1
- package/dist/esm/version.js +8 -0
- package/dist/esm/version.js.map +1 -0
- package/dist/types/browser.d.ts +1 -0
- package/dist/types/browser.d.ts.map +1 -1
- package/dist/types/index.d.ts +1 -0
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/cert/default-certificate-manager-factory.d.ts +3 -3
- package/dist/types/naylence/fame/security/cert/default-certificate-manager-factory.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/cert/default-certificate-manager.d.ts +1 -1
- package/dist/types/naylence/fame/security/cert/default-certificate-manager.d.ts.map +1 -1
- package/dist/types/plugin.d.ts.map +1 -1
- package/dist/types/version.d.ts +6 -0
- package/dist/types/version.d.ts.map +1 -0
- package/package.json +5 -4
|
@@ -1,42 +1,6 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
-
}) : function(o, v) {
|
|
16
|
-
o["default"] = v;
|
|
17
|
-
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
-
var ownKeys = function(o) {
|
|
20
|
-
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
-
var ar = [];
|
|
22
|
-
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
-
return ar;
|
|
24
|
-
};
|
|
25
|
-
return ownKeys(o);
|
|
26
|
-
};
|
|
27
|
-
return function (mod) {
|
|
28
|
-
if (mod && mod.__esModule) return mod;
|
|
29
|
-
var result = {};
|
|
30
|
-
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
-
__setModuleDefault(result, mod);
|
|
32
|
-
return result;
|
|
33
|
-
};
|
|
34
|
-
})();
|
|
35
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
-
exports.AdvancedEdDSAEnvelopeSignerFactory = exports.FACTORY_META = void 0;
|
|
37
|
-
const runtime_1 = require("@naylence/runtime");
|
|
38
|
-
exports.FACTORY_META = {
|
|
39
|
-
base: runtime_1.ENVELOPE_SIGNER_FACTORY_BASE_TYPE,
|
|
1
|
+
import { ENVELOPE_SIGNER_FACTORY_BASE_TYPE, EnvelopeSignerFactory, } from "@naylence/runtime";
|
|
2
|
+
export const FACTORY_META = {
|
|
3
|
+
base: ENVELOPE_SIGNER_FACTORY_BASE_TYPE,
|
|
40
4
|
key: "EdDSAEnvelopeSigner",
|
|
41
5
|
isDefault: true,
|
|
42
6
|
priority: 100,
|
|
@@ -44,11 +8,11 @@ exports.FACTORY_META = {
|
|
|
44
8
|
let eddsaEnvelopeSignerModulePromise = null;
|
|
45
9
|
async function getEdDSAEnvelopeSignerModule() {
|
|
46
10
|
if (!eddsaEnvelopeSignerModulePromise) {
|
|
47
|
-
eddsaEnvelopeSignerModulePromise =
|
|
11
|
+
eddsaEnvelopeSignerModulePromise = import("@naylence/runtime/naylence/fame/security/signing/eddsa-envelope-signer.js");
|
|
48
12
|
}
|
|
49
13
|
return eddsaEnvelopeSignerModulePromise;
|
|
50
14
|
}
|
|
51
|
-
class AdvancedEdDSAEnvelopeSignerFactory extends
|
|
15
|
+
export class AdvancedEdDSAEnvelopeSignerFactory extends EnvelopeSignerFactory {
|
|
52
16
|
constructor() {
|
|
53
17
|
super(...arguments);
|
|
54
18
|
this.type = "EdDSAEnvelopeSigner";
|
|
@@ -66,6 +30,5 @@ class AdvancedEdDSAEnvelopeSignerFactory extends runtime_1.EnvelopeSignerFactory
|
|
|
66
30
|
return new EdDSAEnvelopeSigner(resolved);
|
|
67
31
|
}
|
|
68
32
|
}
|
|
69
|
-
|
|
70
|
-
exports.default = AdvancedEdDSAEnvelopeSignerFactory;
|
|
33
|
+
export default AdvancedEdDSAEnvelopeSignerFactory;
|
|
71
34
|
//# sourceMappingURL=eddsa-envelope-signer-factory.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"eddsa-envelope-signer-factory.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/signing/eddsa-envelope-signer-factory.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"eddsa-envelope-signer-factory.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/signing/eddsa-envelope-signer-factory.ts"],"names":[],"mappings":"AACA,OAAO,EACL,iCAAiC,EACjC,qBAAqB,GAEtB,MAAM,mBAAmB,CAAC;AAQ3B,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,IAAI,EAAE,iCAAiC;IACvC,GAAG,EAAE,qBAAqB;IAC1B,SAAS,EAAE,IAAI;IACf,QAAQ,EAAE,GAAG;CACL,CAAC;AAKX,IAAI,gCAAgC,GAClC,IAAI,CAAC;AAEP,KAAK,UAAU,4BAA4B;IACzC,IAAI,CAAC,gCAAgC,EAAE,CAAC;QACtC,gCAAgC,GAAG,MAAM,CACvC,2EAA2E,CAC5E,CAAC;IACJ,CAAC;IAED,OAAO,gCAAgC,CAAC;AAC1C,CAAC;AAED,MAAM,OAAO,kCAAmC,SAAQ,qBAAgD;IAAxG;;QACkB,SAAI,GAAG,qBAAqB,CAAC;QAC7B,cAAS,GAAG,IAAI,CAAC;QACjB,aAAQ,GAAG,GAAG,CAAC;IAiBjC,CAAC;IAfQ,KAAK,CAAC,MAAM,CACjB,OAAoE,EACpE,OAA2C;QAE3C,MAAM,QAAQ,GAA+B;YAC3C,cAAc,EAAE,OAAO,EAAE,cAAc,IAAI,IAAI;YAC/C,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,IAAI;YAC7C,aAAa,EAAE,OAAO,EAAE,aAAa;YACrC,KAAK,EAAE,OAAO,EAAE,KAAK;SACtB,CAAC;QAEF,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,4BAA4B,EAAE,CAAC;QAErE,OAAO,IAAI,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IAC3C,CAAC;CACF;AAED,eAAe,kCAAkC,CAAC"}
|
|
@@ -1,15 +1,12 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
const eddsa_envelope_verifier_js_1 = require("./eddsa-envelope-verifier.js");
|
|
6
|
-
exports.FACTORY_META = {
|
|
7
|
-
base: runtime_1.ENVELOPE_VERIFIER_FACTORY_BASE_TYPE,
|
|
1
|
+
import { ENVELOPE_VERIFIER_FACTORY_BASE_TYPE, EnvelopeVerifierFactory, SigningConfigClass, } from "@naylence/runtime";
|
|
2
|
+
import { EdDSAEnvelopeVerifier, } from "./eddsa-envelope-verifier.js";
|
|
3
|
+
export const FACTORY_META = {
|
|
4
|
+
base: ENVELOPE_VERIFIER_FACTORY_BASE_TYPE,
|
|
8
5
|
key: "EdDSAEnvelopeVerifier",
|
|
9
6
|
isDefault: true,
|
|
10
7
|
priority: 100,
|
|
11
8
|
};
|
|
12
|
-
class AdvancedEdDSAEnvelopeVerifierFactory extends
|
|
9
|
+
export class AdvancedEdDSAEnvelopeVerifierFactory extends EnvelopeVerifierFactory {
|
|
13
10
|
constructor() {
|
|
14
11
|
super(...arguments);
|
|
15
12
|
this.type = "EdDSAEnvelopeVerifier";
|
|
@@ -21,11 +18,10 @@ class AdvancedEdDSAEnvelopeVerifierFactory extends runtime_1.EnvelopeVerifierFac
|
|
|
21
18
|
throw new Error("EdDSAEnvelopeVerifierFactory requires a key provider");
|
|
22
19
|
}
|
|
23
20
|
const resolved = {
|
|
24
|
-
signingConfig: options.signingConfig ?? signingConfig ?? new
|
|
21
|
+
signingConfig: options.signingConfig ?? signingConfig ?? new SigningConfigClass(),
|
|
25
22
|
};
|
|
26
|
-
return new
|
|
23
|
+
return new EdDSAEnvelopeVerifier(keyProvider, resolved);
|
|
27
24
|
}
|
|
28
25
|
}
|
|
29
|
-
|
|
30
|
-
exports.default = AdvancedEdDSAEnvelopeVerifierFactory;
|
|
26
|
+
export default AdvancedEdDSAEnvelopeVerifierFactory;
|
|
31
27
|
//# sourceMappingURL=eddsa-envelope-verifier-factory.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"eddsa-envelope-verifier-factory.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/signing/eddsa-envelope-verifier-factory.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"eddsa-envelope-verifier-factory.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/signing/eddsa-envelope-verifier-factory.ts"],"names":[],"mappings":"AACA,OAAO,EACL,mCAAmC,EACnC,uBAAuB,EACvB,kBAAkB,GAGnB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EACL,qBAAqB,GAGtB,MAAM,8BAA8B,CAAC;AAMtC,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,IAAI,EAAE,mCAAmC;IACzC,GAAG,EAAE,uBAAuB;IAC5B,SAAS,EAAE,IAAI;IACf,QAAQ,EAAE,GAAG;CACL,CAAC;AAIX,MAAM,OAAO,oCAAqC,SAAQ,uBAAoD;IAA9G;;QACkB,SAAI,GAAG,uBAAuB,CAAC;QAC/B,cAAS,GAAG,IAAI,CAAC;QACjB,aAAQ,GAAG,GAAG,CAAC;IAmBjC,CAAC;IAjBQ,KAAK,CAAC,MAAM,CACjB,OAAsE,EACtE,WAAgC,EAChC,aAAoC,EACpC,UAAwC,EAAE;QAE1C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAC1E,CAAC;QAED,MAAM,QAAQ,GAAiC;YAC7C,aAAa,EACX,OAAO,CAAC,aAAa,IAAI,aAAa,IAAI,IAAI,kBAAkB,EAAE;SACrE,CAAC;QAEF,OAAO,IAAI,qBAAqB,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAC1D,CAAC;CACF;AAED,eAAe,oCAAoC,CAAC"}
|
|
@@ -1,47 +1,11 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
-
}) : function(o, v) {
|
|
16
|
-
o["default"] = v;
|
|
17
|
-
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
-
var ownKeys = function(o) {
|
|
20
|
-
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
-
var ar = [];
|
|
22
|
-
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
-
return ar;
|
|
24
|
-
};
|
|
25
|
-
return ownKeys(o);
|
|
26
|
-
};
|
|
27
|
-
return function (mod) {
|
|
28
|
-
if (mod && mod.__esModule) return mod;
|
|
29
|
-
var result = {};
|
|
30
|
-
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
-
__setModuleDefault(result, mod);
|
|
32
|
-
return result;
|
|
33
|
-
};
|
|
34
|
-
})();
|
|
35
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
-
exports.EdDSAEnvelopeVerifier = void 0;
|
|
37
|
-
const ed25519_1 = require("@noble/ed25519");
|
|
38
|
-
const sha2_js_1 = require("@noble/hashes/sha2.js");
|
|
39
|
-
const core_1 = require("@naylence/core");
|
|
40
|
-
const runtime_1 = require("@naylence/runtime");
|
|
41
|
-
const eddsa_signer_verifier_js_1 = require("@naylence/runtime/naylence/fame/security/signing/eddsa-signer-verifier.js");
|
|
42
|
-
const eddsa_utils_js_1 = require("@naylence/runtime/naylence/fame/security/signing/eddsa-utils.js");
|
|
43
|
-
const runtime_2 = require("@naylence/runtime");
|
|
44
|
-
const util_js_1 = require("../cert/util.js");
|
|
1
|
+
import { etc as edEtc, verify } from "@noble/ed25519";
|
|
2
|
+
import { sha512 } from "@noble/hashes/sha2.js";
|
|
3
|
+
import { SigningMaterial } from "@naylence/core";
|
|
4
|
+
import { SigningConfigClass, secureDigest, } from "@naylence/runtime";
|
|
5
|
+
import { canonicalJson, decodeBase64Url, frameDigest, immutableHeaders, } from "@naylence/runtime/naylence/fame/security/signing/eddsa-signer-verifier.js";
|
|
6
|
+
import { encodeUtf8 } from "@naylence/runtime/naylence/fame/security/signing/eddsa-utils.js";
|
|
7
|
+
import { JWKValidationError, validateSigningKey } from "@naylence/runtime";
|
|
8
|
+
import { publicKeyFromX5c } from "../cert/util.js";
|
|
45
9
|
function assertString(value, field) {
|
|
46
10
|
if (typeof value !== "string" || value.length === 0) {
|
|
47
11
|
throw new Error(`${field} must be a non-empty string`);
|
|
@@ -72,17 +36,17 @@ function encodeBase64Url(value) {
|
|
|
72
36
|
throw new Error("No base64 encoder available in this environment");
|
|
73
37
|
}
|
|
74
38
|
function ensureNobleSha512Fallback() {
|
|
75
|
-
const etcPatch =
|
|
39
|
+
const etcPatch = edEtc;
|
|
76
40
|
if (!etcPatch.sha512) {
|
|
77
|
-
etcPatch.sha512 = (message) =>
|
|
41
|
+
etcPatch.sha512 = (message) => sha512(message);
|
|
78
42
|
}
|
|
79
43
|
if (!etcPatch.sha512Sync) {
|
|
80
44
|
etcPatch.sha512Sync = (...messages) => {
|
|
81
45
|
if (messages.length === 1) {
|
|
82
|
-
return
|
|
46
|
+
return sha512(messages[0]);
|
|
83
47
|
}
|
|
84
|
-
const combined =
|
|
85
|
-
return
|
|
48
|
+
const combined = edEtc.concatBytes(...messages);
|
|
49
|
+
return sha512(combined);
|
|
86
50
|
};
|
|
87
51
|
}
|
|
88
52
|
}
|
|
@@ -90,13 +54,13 @@ function normalizeCertificateKey(jwk, signingConfig, trustStorePem) {
|
|
|
90
54
|
if (!Array.isArray(jwk.x5c) || jwk.x5c.length === 0) {
|
|
91
55
|
return null;
|
|
92
56
|
}
|
|
93
|
-
if (signingConfig.signingMaterial !==
|
|
57
|
+
if (signingConfig.signingMaterial !== SigningMaterial.X509_CHAIN) {
|
|
94
58
|
throw new Error("Certificate keys are disabled by signing policy");
|
|
95
59
|
}
|
|
96
60
|
if (!trustStorePem) {
|
|
97
61
|
throw new Error("FAME_CA_CERTS environment variable must be set to a PEM file containing trusted CA certs when using certificate-based verification");
|
|
98
62
|
}
|
|
99
|
-
const publicKey =
|
|
63
|
+
const publicKey = publicKeyFromX5c(jwk.x5c, {
|
|
100
64
|
enforceNameConstraints: signingConfig.validateCertNameConstraints,
|
|
101
65
|
trustStorePem,
|
|
102
66
|
});
|
|
@@ -117,7 +81,7 @@ async function loadPublicKey(jwk, signingConfig) {
|
|
|
117
81
|
if (typeof candidate !== "string") {
|
|
118
82
|
throw new Error("JWK missing public key material");
|
|
119
83
|
}
|
|
120
|
-
return
|
|
84
|
+
return decodeBase64Url(candidate);
|
|
121
85
|
}
|
|
122
86
|
function hasProcessEnv() {
|
|
123
87
|
return typeof process !== "undefined" && typeof process.env !== "undefined";
|
|
@@ -143,7 +107,7 @@ async function resolveTrustStorePem() {
|
|
|
143
107
|
throw new Error("FAME_CA_CERTS must contain PEM-encoded certificates when running outside of Node.js");
|
|
144
108
|
}
|
|
145
109
|
try {
|
|
146
|
-
const fs = await
|
|
110
|
+
const fs = await import("node:fs/promises");
|
|
147
111
|
const content = await fs.readFile(trimmed, "utf8");
|
|
148
112
|
return content.replace(/\r/gu, "").trim();
|
|
149
113
|
}
|
|
@@ -152,10 +116,10 @@ async function resolveTrustStorePem() {
|
|
|
152
116
|
throw new Error(`Failed to read trust store from ${trimmed}: ${reason}`);
|
|
153
117
|
}
|
|
154
118
|
}
|
|
155
|
-
class EdDSAEnvelopeVerifier {
|
|
119
|
+
export class EdDSAEnvelopeVerifier {
|
|
156
120
|
constructor(keyProvider, options = {}) {
|
|
157
121
|
this.keyProvider = keyProvider;
|
|
158
|
-
this.signingConfig = options.signingConfig ?? new
|
|
122
|
+
this.signingConfig = options.signingConfig ?? new SigningConfigClass();
|
|
159
123
|
ensureNobleSha512Fallback();
|
|
160
124
|
}
|
|
161
125
|
async verifyEnvelope(envelope, options = {}) {
|
|
@@ -170,10 +134,10 @@ class EdDSAEnvelopeVerifier {
|
|
|
170
134
|
throw new Error(`Unknown key id: ${kid}`);
|
|
171
135
|
}
|
|
172
136
|
try {
|
|
173
|
-
|
|
137
|
+
validateSigningKey(jwk);
|
|
174
138
|
}
|
|
175
139
|
catch (error) {
|
|
176
|
-
if (error instanceof
|
|
140
|
+
if (error instanceof JWKValidationError) {
|
|
177
141
|
throw new Error(`Key ${kid} is not valid for signing: ${error.message}`);
|
|
178
142
|
}
|
|
179
143
|
throw error;
|
|
@@ -186,8 +150,8 @@ class EdDSAEnvelopeVerifier {
|
|
|
186
150
|
throw new Error("DataFrame missing payload digest (pd field)");
|
|
187
151
|
}
|
|
188
152
|
const payload = envelope.frame.payload ?? "";
|
|
189
|
-
const payloadString = payload === "" ? "" :
|
|
190
|
-
const actualDigest =
|
|
153
|
+
const payloadString = payload === "" ? "" : canonicalJson(payload);
|
|
154
|
+
const actualDigest = secureDigest(payloadString);
|
|
191
155
|
if (actualDigest !== envelope.frame.pd) {
|
|
192
156
|
throw new Error("Payload digest mismatch in DataFrame");
|
|
193
157
|
}
|
|
@@ -201,18 +165,18 @@ class EdDSAEnvelopeVerifier {
|
|
|
201
165
|
}
|
|
202
166
|
}
|
|
203
167
|
else {
|
|
204
|
-
trustedDigest =
|
|
168
|
+
trustedDigest = frameDigest(envelope.frame);
|
|
205
169
|
}
|
|
206
170
|
const sid = assertString(jwk.sid, "Signing key missing sid");
|
|
207
|
-
const immutable =
|
|
208
|
-
const tbs = new Uint8Array(
|
|
171
|
+
const immutable = canonicalJson(immutableHeaders(envelope));
|
|
172
|
+
const tbs = new Uint8Array(encodeUtf8(sid).length +
|
|
209
173
|
1 +
|
|
210
|
-
|
|
174
|
+
encodeUtf8(immutable).length +
|
|
211
175
|
1 +
|
|
212
|
-
|
|
213
|
-
const sidBytes =
|
|
214
|
-
const immBytes =
|
|
215
|
-
const digestBytes =
|
|
176
|
+
encodeUtf8(trustedDigest).length);
|
|
177
|
+
const sidBytes = encodeUtf8(sid);
|
|
178
|
+
const immBytes = encodeUtf8(immutable);
|
|
179
|
+
const digestBytes = encodeUtf8(trustedDigest);
|
|
216
180
|
let offset = 0;
|
|
217
181
|
tbs.set(sidBytes, offset);
|
|
218
182
|
offset += sidBytes.length;
|
|
@@ -223,7 +187,7 @@ class EdDSAEnvelopeVerifier {
|
|
|
223
187
|
tbs[offset] = 0x1f;
|
|
224
188
|
offset += 1;
|
|
225
189
|
tbs.set(digestBytes, offset);
|
|
226
|
-
const signatureBytes =
|
|
190
|
+
const signatureBytes = decodeBase64Url(signatureValue);
|
|
227
191
|
if (signatureBytes.length !== 64) {
|
|
228
192
|
throw new Error("Signature must be 64 bytes for Ed25519");
|
|
229
193
|
}
|
|
@@ -231,12 +195,11 @@ class EdDSAEnvelopeVerifier {
|
|
|
231
195
|
if (publicKey.length !== 32) {
|
|
232
196
|
throw new Error("Ed25519 public key must be 32 bytes");
|
|
233
197
|
}
|
|
234
|
-
const valid = await
|
|
198
|
+
const valid = await verify(signatureBytes, tbs, publicKey);
|
|
235
199
|
if (!valid) {
|
|
236
200
|
throw new Error("Envelope signature verification failed");
|
|
237
201
|
}
|
|
238
202
|
return true;
|
|
239
203
|
}
|
|
240
204
|
}
|
|
241
|
-
exports.EdDSAEnvelopeVerifier = EdDSAEnvelopeVerifier;
|
|
242
205
|
//# sourceMappingURL=eddsa-envelope-verifier.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"eddsa-envelope-verifier.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/signing/eddsa-envelope-verifier.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"eddsa-envelope-verifier.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/signing/eddsa-envelope-verifier.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,IAAI,KAAK,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AACtD,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAE/C,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EACL,kBAAkB,EAClB,YAAY,GAEb,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,aAAa,EACb,eAAe,EACf,WAAW,EACX,gBAAgB,GACjB,MAAM,2EAA2E,CAAC;AACnF,OAAO,EAAE,UAAU,EAAE,MAAM,iEAAiE,CAAC;AAC7F,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAC3E,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAanD,SAAS,YAAY,CAAC,KAAc,EAAE,KAAa;IACjD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,6BAA6B,CAAC,CAAC;IACzD,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,WAAW,CAAC,KAA4B;IAC/C,OAAQ,KAA2B,CAAC,IAAI,KAAK,MAAM,CAAC;AACtD,CAAC;AAED,SAAS,eAAe,CAAC,KAAiB;IACxC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC;aACtB,QAAQ,CAAC,QAAQ,CAAC;aAClB,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;aACpB,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;aACpB,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACzB,CAAC;IAED,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;IACtC,CAAC;IAED,IAAI,OAAO,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,OAAO,IAAI,CAAC,MAAM,CAAC;aAChB,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;aACpB,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;aACpB,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACzB,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;AACrE,CAAC;AAED,SAAS,yBAAyB;IAChC,MAAM,QAAQ,GAAG,KAGhB,CAAC;IAEF,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;QACrB,QAAQ,CAAC,MAAM,GAAG,CAAC,OAAmB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;QACzB,QAAQ,CAAC,UAAU,GAAG,CAAC,GAAG,QAAsB,EAAc,EAAE;YAC9D,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC1B,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAE,CAAC,CAAC;YAC9B,CAAC;YAED,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC;YAChD,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1B,CAAC,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,uBAAuB,CAC9B,GAAgB,EAChB,aAA4B,EAC5B,aAA4B;IAE5B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,aAAa,CAAC,eAAe,KAAK,eAAe,CAAC,UAAU,EAAE,CAAC;QACjE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CACb,oIAAoI,CACrI,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAG,gBAAgB,CAAC,GAAG,CAAC,GAAe,EAAE;QACtD,sBAAsB,EAAE,aAAa,CAAC,2BAA2B;QACjE,aAAa;KACd,CAAC,CAAC;IAEH,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;IAED,OAAO,eAAe,CAAC,SAAS,CAAC,CAAC;AACpC,CAAC;AAED,KAAK,UAAU,aAAa,CAC1B,GAAgB,EAChB,aAA4B;IAE5B,MAAM,aAAa,GAAG,MAAM,oBAAoB,EAAE,CAAC;IACnD,MAAM,cAAc,GAAG,uBAAuB,CAC5C,GAAG,EACH,aAAa,EACb,aAAa,CACd,CAAC;IAEF,MAAM,SAAS,GACb,cAAc;QACd,CAAC,OAAO,GAAG,CAAC,CAAC,KAAK,QAAQ;YACxB,CAAC,CAAC,GAAG,CAAC,CAAC;YACP,CAAC,CAAC,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ;gBAC7B,CAAC,CAAC,GAAG,CAAC,KAAK;gBACX,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAEjB,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACrD,CAAC;IAED,OAAO,eAAe,CAAC,SAAS,CAAC,CAAC;AACpC,CAAC;AAED,SAAS,aAAa;IACpB,OAAO,OAAO,OAAO,KAAK,WAAW,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,WAAW,CAAC;AAC9E,CAAC;AAED,SAAS,aAAa;IACpB,OAAO,CACL,OAAO,OAAO,KAAK,WAAW;QAC9B,OAAO,OAAO,CAAC,OAAO,KAAK,WAAW;QACtC,OAAO,CAAC,OAAO,EAAE,IAAI,KAAK,MAAM,CACjC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,oBAAoB;IACjC,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC;QACrB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,EAAE,aAAa,IAAI,IAAI,CAAC;IACpD,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACpD,IAAI,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACrC,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CACb,qFAAqF,CACtF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;QAC5C,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACnD,OAAO,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IAC5C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,MAAM,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACtE,MAAM,IAAI,KAAK,CAAC,mCAAmC,OAAO,KAAK,MAAM,EAAE,CAAC,CAAC;IAC3E,CAAC;AACH,CAAC;AAMD,MAAM,OAAO,qBAAqB;IAKhC,YACE,WAAwB,EACxB,UAAwC,EAAE;QAE1C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,IAAI,kBAAkB,EAAE,CAAC;QACvE,yBAAyB,EAAE,CAAC;IAC9B,CAAC;IAEM,KAAK,CAAC,cAAc,CACzB,QAAsB,EACtB,UAAwD,EAAE;QAE1D,MAAM,eAAe,GAAG,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC;QAC1C,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;QACrD,CAAC;QAED,MAAM,GAAG,GAAG,YAAY,CACtB,eAAe,CAAC,GAAG,EACnB,gCAAgC,CACjC,CAAC;QACF,MAAM,cAAc,GAAG,YAAY,CACjC,eAAe,CAAC,GAAG,EACnB,gCAAgC,CACjC,CAAC;QAEF,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAuB,CAAC;QACvE,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,EAAE,CAAC,CAAC;QAC5C,CAAC;QAED,IAAI,CAAC;YACH,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAC1B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,kBAAkB,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CACb,OAAO,GAAG,8BAA8B,KAAK,CAAC,OAAO,EAAE,CACxD,CAAC;YACJ,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;QAED,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,IAAI,CAAC;QAElD,IAAI,aAAqB,CAAC;QAC1B,IAAI,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAChC,IAAI,YAAY,EAAE,CAAC;gBACjB,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;oBACvB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;gBACjE,CAAC;gBACD,MAAM,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,IAAI,EAAE,CAAC;gBAC7C,MAAM,aAAa,GAAG,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;gBACnE,MAAM,YAAY,GAAG,YAAY,CAAC,aAAa,CAAC,CAAC;gBACjD,IAAI,YAAY,KAAK,QAAQ,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;oBACvC,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;gBAC1D,CAAC;gBACD,aAAa,GAAG,YAAY,CAAC;YAC/B,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;oBACvB,MAAM,IAAI,KAAK,CACb,2EAA2E,CAC5E,CAAC;gBACJ,CAAC;gBACD,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACpC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,aAAa,GAAG,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAC9C,CAAC;QAED,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;QAC7D,MAAM,SAAS,GAAG,aAAa,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC5D,MAAM,GAAG,GAAG,IAAI,UAAU,CACxB,UAAU,CAAC,GAAG,CAAC,CAAC,MAAM;YACpB,CAAC;YACD,UAAU,CAAC,SAAS,CAAC,CAAC,MAAM;YAC5B,CAAC;YACD,UAAU,CAAC,aAAa,CAAC,CAAC,MAAM,CACnC,CAAC;QAEF,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QACjC,MAAM,QAAQ,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC;QACvC,MAAM,WAAW,GAAG,UAAU,CAAC,aAAa,CAAC,CAAC;QAC9C,IAAI,MAAM,GAAG,CAAC,CAAC;QAEf,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC1B,MAAM,IAAI,QAAQ,CAAC,MAAM,CAAC;QAC1B,GAAG,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC;QACnB,MAAM,IAAI,CAAC,CAAC;QAEZ,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC1B,MAAM,IAAI,QAAQ,CAAC,MAAM,CAAC;QAC1B,GAAG,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC;QACnB,MAAM,IAAI,CAAC,CAAC;QAEZ,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAE7B,MAAM,cAAc,GAAG,eAAe,CAAC,cAAc,CAAC,CAAC;QACvD,IAAI,cAAc,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAC/D,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,cAAc,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC;QAC3D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF"}
|
|
@@ -1,12 +1,8 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
const aft_signer_js_1 = require("./aft-signer.js");
|
|
7
|
-
const stickiness_mode_js_1 = require("./stickiness-mode.js");
|
|
8
|
-
const logger = (0, runtime_1.getLogger)("naylence.fame.stickiness.aft_helper");
|
|
9
|
-
class AFTHelper {
|
|
1
|
+
import { getLogger } from "@naylence/runtime";
|
|
2
|
+
import { createAftSigner } from "./aft-signer.js";
|
|
3
|
+
import { StickinessMode } from "./stickiness-mode.js";
|
|
4
|
+
const logger = getLogger("naylence.fame.stickiness.aft_helper");
|
|
5
|
+
export class AFTHelper {
|
|
10
6
|
constructor(options) {
|
|
11
7
|
this.signer = options.signer;
|
|
12
8
|
this.nodeSid = options.nodeSid;
|
|
@@ -67,11 +63,10 @@ class AFTHelper {
|
|
|
67
63
|
return this.requestStickiness(envelope, { ...options, scope: "sess" });
|
|
68
64
|
}
|
|
69
65
|
}
|
|
70
|
-
|
|
71
|
-
function createAftHelper(options) {
|
|
66
|
+
export function createAftHelper(options) {
|
|
72
67
|
const { nodeSid, maxTtlSec = 7200 } = options;
|
|
73
|
-
const signer =
|
|
68
|
+
const signer = createAftSigner(options);
|
|
74
69
|
return new AFTHelper({ signer, nodeSid, maxTtlSec });
|
|
75
70
|
}
|
|
76
|
-
|
|
71
|
+
export const DEFAULT_STICKINESS_SECURITY_LEVEL = StickinessMode.SIGNED_OPTIONAL;
|
|
77
72
|
//# sourceMappingURL=aft-helper.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"aft-helper.js","sourceRoot":"","sources":["../../../../../src/naylence/fame/stickiness/aft-helper.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"aft-helper.js","sourceRoot":"","sources":["../../../../../src/naylence/fame/stickiness/aft-helper.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAG9C,OAAO,EAAE,eAAe,EAA+B,MAAM,iBAAiB,CAAC;AAC/E,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD,MAAM,MAAM,GAAG,SAAS,CAAC,qCAAqC,CAAC,CAAC;AAQhE,MAAM,OAAO,SAAS;IAKpB,YAAmB,OAIlB;QACC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;QAC/B,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;IACrC,CAAC;IAEM,KAAK,CAAC,iBAAiB,CAC5B,QAAsB,EACtB,UAAoC,EAAE;QAEtC,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,IAAI,CAAC,SAAS,CAAC;QAChD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,IAAI,CAAC;QACpC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC;QAExC,IAAI,SAA6B,CAAC;QAClC,IAAI,OAAO,EAAE,SAAS,EAAE,CAAC;YACvB,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;YAC9B,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC;QACzE,CAAC;QAED,MAAM,WAAW,GAAmB;YAClC,GAAG,EAAE,IAAI,CAAC,OAAO;YACjB,MAAM;YACN,KAAK;YACL,SAAS,EAAE,SAAS,IAAI,IAAI;SAC7B,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;YAExD,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,KAAK,CAAC;YACf,CAAC;YAED,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACnB,QAAQ,CAAC,IAAI,GAAG,EAAE,CAAC;YACrB,CAAC;YAED,IAAI,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,GAA0C,CAAC;YACvE,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;gBAC5C,OAAO,GAAG,EAAE,CAAC;gBACb,QAAQ,CAAC,IAAI,CAAC,GAAG,GAAG,OAGnB,CAAC;YACJ,CAAC;YAEA,OAAmC,CAAC,GAAG,GAAG,QAAQ,CAAC;YAEpD,MAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE;gBACpC,WAAW,EAAE,QAAQ,CAAC,EAAE;gBACxB,OAAO,EAAE,MAAM;gBACf,KAAK;gBACL,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;aAC1C,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE;gBACpC,WAAW,EAAE,QAAQ,CAAC,EAAE;gBACxB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC9D,CAAC,CAAC;YACH,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAEM,qBAAqB,CAC1B,QAAsB,EACtB,UAAmD,EAAE;QAErD,OAAO,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,EAAE,GAAG,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;IACzE,CAAC;IAEM,qBAAqB,CAC1B,QAAsB,EACtB,UAAmD,EAAE;QAErD,OAAO,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,EAAE,GAAG,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;IACzE,CAAC;IAEM,wBAAwB,CAC7B,QAAsB,EACtB,UAAmD,EAAE;QAErD,OAAO,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,EAAE,GAAG,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;IACzE,CAAC;CACF;AAMD,MAAM,UAAU,eAAe,CAAC,OAA+B;IAC7D,MAAM,EAAE,OAAO,EAAE,SAAS,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;IAC9C,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IACxC,OAAO,IAAI,SAAS,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC;AACvD,CAAC;AAED,MAAM,CAAC,MAAM,iCAAiC,GAAG,cAAc,CAAC,eAAe,CAAC"}
|
|
@@ -1,12 +1,9 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
const
|
|
6
|
-
|
|
7
|
-
const stickiness_mode_js_1 = require("./stickiness-mode.js");
|
|
8
|
-
exports.FACTORY_META = {
|
|
9
|
-
base: runtime_1.LOAD_BALANCER_STICKINESS_MANAGER_FACTORY_BASE_TYPE,
|
|
1
|
+
import { LOAD_BALANCER_STICKINESS_MANAGER_FACTORY_BASE_TYPE, LoadBalancerStickinessManagerFactory, } from "@naylence/runtime";
|
|
2
|
+
import { AFTLoadBalancerStickinessManager } from "./aft-load-balancer-stickiness-manager.js";
|
|
3
|
+
import { createAftVerifier } from "./aft-verifier.js";
|
|
4
|
+
import { StickinessMode, normalizeStickinessMode } from "./stickiness-mode.js";
|
|
5
|
+
export const FACTORY_META = {
|
|
6
|
+
base: LOAD_BALANCER_STICKINESS_MANAGER_FACTORY_BASE_TYPE,
|
|
10
7
|
key: "AFTLoadBalancerStickinessManager",
|
|
11
8
|
};
|
|
12
9
|
const DEFAULT_VALUES = {
|
|
@@ -14,7 +11,7 @@ const DEFAULT_VALUES = {
|
|
|
14
11
|
clientEcho: false,
|
|
15
12
|
defaultTtlSec: 30,
|
|
16
13
|
cacheMax: 100000,
|
|
17
|
-
securityLevel:
|
|
14
|
+
securityLevel: StickinessMode.SIGNED_OPTIONAL,
|
|
18
15
|
maxTtlSec: 7200,
|
|
19
16
|
};
|
|
20
17
|
function toBoolean(value, fallback) {
|
|
@@ -29,7 +26,7 @@ function toNumber(value, fallback) {
|
|
|
29
26
|
function normalizeConfig(config) {
|
|
30
27
|
const record = (config ?? {});
|
|
31
28
|
const normalizedSecurity = record.securityLevel
|
|
32
|
-
?
|
|
29
|
+
? normalizeStickinessMode(record.securityLevel)
|
|
33
30
|
: DEFAULT_VALUES.securityLevel;
|
|
34
31
|
return {
|
|
35
32
|
...record,
|
|
@@ -42,7 +39,7 @@ function normalizeConfig(config) {
|
|
|
42
39
|
maxTtlSec: toNumber(record.maxTtlSec, DEFAULT_VALUES.maxTtlSec),
|
|
43
40
|
};
|
|
44
41
|
}
|
|
45
|
-
class AFTLoadBalancerStickinessManagerFactory extends
|
|
42
|
+
export class AFTLoadBalancerStickinessManagerFactory extends LoadBalancerStickinessManagerFactory {
|
|
46
43
|
constructor() {
|
|
47
44
|
super(...arguments);
|
|
48
45
|
this.type = "AFTLoadBalancerStickinessManager";
|
|
@@ -52,7 +49,7 @@ class AFTLoadBalancerStickinessManagerFactory extends runtime_1.LoadBalancerStic
|
|
|
52
49
|
const resolvedConfig = normalizeConfig(config);
|
|
53
50
|
let effectiveVerifier = verifier ?? null;
|
|
54
51
|
if (!effectiveVerifier && keyProvider) {
|
|
55
|
-
effectiveVerifier =
|
|
52
|
+
effectiveVerifier = createAftVerifier({
|
|
56
53
|
securityLevel: resolvedConfig.securityLevel ?? DEFAULT_VALUES.securityLevel,
|
|
57
54
|
keyProvider,
|
|
58
55
|
defaultTtlSec: resolvedConfig.defaultTtlSec ?? DEFAULT_VALUES.defaultTtlSec,
|
|
@@ -61,9 +58,8 @@ class AFTLoadBalancerStickinessManagerFactory extends runtime_1.LoadBalancerStic
|
|
|
61
58
|
if (!effectiveVerifier) {
|
|
62
59
|
throw new Error("AFTLoadBalancerStickinessManagerFactory requires an AFT verifier or key provider");
|
|
63
60
|
}
|
|
64
|
-
return new
|
|
61
|
+
return new AFTLoadBalancerStickinessManager(resolvedConfig, effectiveVerifier);
|
|
65
62
|
}
|
|
66
63
|
}
|
|
67
|
-
|
|
68
|
-
exports.default = AFTLoadBalancerStickinessManagerFactory;
|
|
64
|
+
export default AFTLoadBalancerStickinessManagerFactory;
|
|
69
65
|
//# sourceMappingURL=aft-load-balancer-stickiness-manager-factory.js.map
|
package/dist/cjs/naylence/fame/stickiness/aft-load-balancer-stickiness-manager-factory.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"aft-load-balancer-stickiness-manager-factory.js","sourceRoot":"","sources":["../../../../../src/naylence/fame/stickiness/aft-load-balancer-stickiness-manager-factory.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"aft-load-balancer-stickiness-manager-factory.js","sourceRoot":"","sources":["../../../../../src/naylence/fame/stickiness/aft-load-balancer-stickiness-manager-factory.ts"],"names":[],"mappings":"AACA,OAAO,EACL,kDAAkD,EAClD,oCAAoC,GAErC,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EAAE,gCAAgC,EAAE,MAAM,2CAA2C,CAAC;AAC7F,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtD,OAAO,EAAE,cAAc,EAAE,uBAAuB,EAAE,MAAM,sBAAsB,CAAC;AAa/E,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,IAAI,EAAE,kDAAkD;IACxD,GAAG,EAAE,kCAAkC;CAC/B,CAAC;AAEX,MAAM,cAAc,GAAG;IACrB,OAAO,EAAE,IAAI;IACb,UAAU,EAAE,KAAK;IACjB,aAAa,EAAE,EAAE;IACjB,QAAQ,EAAE,MAAO;IACjB,aAAa,EAAE,cAAc,CAAC,eAAe;IAC7C,SAAS,EAAE,IAAI;CACP,CAAC;AAEX,SAAS,SAAS,CAAC,KAAc,EAAE,QAAiB;IAClD,OAAO,OAAO,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC;AACvD,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc,EAAE,QAAgB;IAChD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACxD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,eAAe,CACtB,MAGQ;IAER,MAAM,MAAM,GAAG,CAAC,MAAM,IAAI,EAAE,CAA4B,CAAC;IAEzD,MAAM,kBAAkB,GAAG,MAAM,CAAC,aAAa;QAC7C,CAAC,CAAC,uBAAuB,CAAC,MAAM,CAAC,aAAwC,CAAC;QAC1E,CAAC,CAAC,cAAc,CAAC,aAAa,CAAC;IAEjC,OAAO;QACL,GAAG,MAAM;QACT,IAAI,EAAE,kCAAkC;QACxC,OAAO,EAAE,SAAS,CAAC,MAAM,CAAC,OAAO,EAAE,cAAc,CAAC,OAAO,CAAC;QAC1D,UAAU,EAAE,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,cAAc,CAAC,UAAU,CAAC;QACnE,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,cAAc,CAAC,aAAa,CAAC;QAC3E,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,cAAc,CAAC,QAAQ,CAAC;QAC5D,aAAa,EAAE,kBAAkB;QACjC,SAAS,EAAE,QAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,cAAc,CAAC,SAAS,CAAC;KACtB,CAAC;AAC9C,CAAC;AAED,MAAM,OAAO,uCAAwC,SAAQ,oCAA4E;IAAzI;;QACkB,SAAI,GAAG,kCAAkC,CAAC;QAC1C,cAAS,GAAG,KAAK,CAAC;IAkCpC,CAAC;IAhCQ,KAAK,CAAC,MAAM,CACjB,MAGQ,EACR,WAAgC,EAChC,QAA6B;QAE7B,MAAM,cAAc,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;QAE/C,IAAI,iBAAiB,GAAG,QAAQ,IAAI,IAAI,CAAC;QACzC,IAAI,CAAC,iBAAiB,IAAI,WAAW,EAAE,CAAC;YACtC,iBAAiB,GAAG,iBAAiB,CAAC;gBACpC,aAAa,EACX,cAAc,CAAC,aAAa,IAAI,cAAc,CAAC,aAAa;gBAC9D,WAAW;gBACX,aAAa,EACX,cAAc,CAAC,aAAa,IAAI,cAAc,CAAC,aAAa;aAC/D,CAAC,CAAC;QACL,CAAC;QAED,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,gCAAgC,CACzC,cAAc,EACd,iBAAiB,CAClB,CAAC;IACJ,CAAC;CACF;AAED,eAAe,uCAAuC,CAAC"}
|
|
@@ -1,11 +1,8 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
const
|
|
6
|
-
const runtime_2 = require("@naylence/runtime");
|
|
7
|
-
const stickiness_mode_js_1 = require("./stickiness-mode.js");
|
|
8
|
-
const logger = (0, runtime_2.getLogger)("naylence.fame.stickiness.aft_load_balancer_stickiness_manager");
|
|
1
|
+
import { DeliveryOriginType } from "@naylence/core";
|
|
2
|
+
import { BaseNodeEventListener } from "@naylence/runtime";
|
|
3
|
+
import { getLogger } from "@naylence/runtime";
|
|
4
|
+
import { StickinessMode } from "./stickiness-mode.js";
|
|
5
|
+
const logger = getLogger("naylence.fame.stickiness.aft_load_balancer_stickiness_manager");
|
|
9
6
|
class AFTAssociation {
|
|
10
7
|
constructor(params) {
|
|
11
8
|
this.replicaId = params.replicaId;
|
|
@@ -24,7 +21,7 @@ class AFTAssociation {
|
|
|
24
21
|
return this.trustLevel === "low-trust";
|
|
25
22
|
}
|
|
26
23
|
}
|
|
27
|
-
class AFTLoadBalancerStickinessManager extends
|
|
24
|
+
export class AFTLoadBalancerStickinessManager extends BaseNodeEventListener {
|
|
28
25
|
get cacheMax() {
|
|
29
26
|
return this.config.cacheMax ?? 100000;
|
|
30
27
|
}
|
|
@@ -180,7 +177,7 @@ class AFTLoadBalancerStickinessManager extends runtime_1.BaseNodeEventListener {
|
|
|
180
177
|
if (envelope.sid) {
|
|
181
178
|
const cachedReplica = this.sidCache.get(envelope.sid);
|
|
182
179
|
if (cachedReplica) {
|
|
183
|
-
if (this.config.securityLevel ===
|
|
180
|
+
if (this.config.securityLevel === StickinessMode.SID_ONLY) {
|
|
184
181
|
this.metrics.cacheHits += 1;
|
|
185
182
|
logger.debug("sid_cache_routed_envelope", {
|
|
186
183
|
envelope_id: envelope.id,
|
|
@@ -327,14 +324,14 @@ class AFTLoadBalancerStickinessManager extends runtime_1.BaseNodeEventListener {
|
|
|
327
324
|
origin_type: context?.originType ?? "unknown",
|
|
328
325
|
from_system_id: context?.fromSystemId ?? null,
|
|
329
326
|
});
|
|
330
|
-
if (context?.originType ===
|
|
327
|
+
if (context?.originType === DeliveryOriginType.DOWNSTREAM) {
|
|
331
328
|
const sourceRoute = context.fromSystemId;
|
|
332
329
|
if (sourceRoute) {
|
|
333
330
|
logger.debug("processing_downstream_envelope", {
|
|
334
331
|
envelope_id: envelope.id,
|
|
335
332
|
source_route: sourceRoute,
|
|
336
333
|
});
|
|
337
|
-
if (this.config.securityLevel ===
|
|
334
|
+
if (this.config.securityLevel === StickinessMode.SID_ONLY &&
|
|
338
335
|
envelope.sid &&
|
|
339
336
|
!this.sidCache.has(envelope.sid)) {
|
|
340
337
|
this.sidCache.set(envelope.sid, sourceRoute);
|
|
@@ -406,7 +403,7 @@ class AFTLoadBalancerStickinessManager extends runtime_1.BaseNodeEventListener {
|
|
|
406
403
|
this.removeAssociation(token);
|
|
407
404
|
return null;
|
|
408
405
|
}
|
|
409
|
-
if (this.verifier.securityLevel ===
|
|
406
|
+
if (this.verifier.securityLevel === StickinessMode.STRICT &&
|
|
410
407
|
association.isLowTrust()) {
|
|
411
408
|
logger.warning("rejecting_low_trust_association", {
|
|
412
409
|
envelope_id: envelope.id,
|
|
@@ -420,7 +417,6 @@ class AFTLoadBalancerStickinessManager extends runtime_1.BaseNodeEventListener {
|
|
|
420
417
|
return association.replicaId;
|
|
421
418
|
}
|
|
422
419
|
}
|
|
423
|
-
exports.AFTLoadBalancerStickinessManager = AFTLoadBalancerStickinessManager;
|
|
424
420
|
function extractAftInstruction(envelope) {
|
|
425
421
|
if (!envelope.meta) {
|
|
426
422
|
return null;
|