@naylence/runtime 0.3.5-test.922 → 0.3.5-test.924
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/browser/index.cjs +355 -278
- package/dist/browser/index.mjs +346 -273
- package/dist/cjs/naylence/fame/factory-manifest.js +2 -0
- package/dist/cjs/naylence/fame/security/default-security-manager-factory.js +12 -4
- package/dist/cjs/naylence/fame/security/index.js +8 -1
- package/dist/cjs/naylence/fame/security/trust-store/noop-trust-store-provider-factory.js +23 -0
- package/dist/cjs/naylence/fame/security/trust-store/trust-store-provider-factory.js +44 -0
- package/dist/cjs/naylence/fame/security/trust-store/trust-store-provider.js +2 -0
- package/dist/cjs/version.js +2 -2
- package/dist/esm/naylence/fame/factory-manifest.js +2 -0
- package/dist/esm/naylence/fame/security/default-security-manager-factory.js +12 -4
- package/dist/esm/naylence/fame/security/index.js +3 -0
- package/dist/esm/naylence/fame/security/trust-store/noop-trust-store-provider-factory.js +19 -0
- package/dist/esm/naylence/fame/security/trust-store/trust-store-provider-factory.js +39 -0
- package/dist/esm/naylence/fame/security/trust-store/trust-store-provider.js +1 -0
- package/dist/esm/version.js +2 -2
- package/dist/node/index.cjs +351 -274
- package/dist/node/index.mjs +346 -273
- package/dist/node/node.cjs +350 -273
- package/dist/node/node.mjs +345 -272
- package/dist/types/naylence/fame/factory-manifest.d.ts +1 -1
- package/dist/types/naylence/fame/security/default-security-manager-factory.d.ts +3 -0
- package/dist/types/naylence/fame/security/index.d.ts +4 -0
- package/dist/types/naylence/fame/security/security-manager-factory.d.ts +2 -0
- package/dist/types/naylence/fame/security/trust-store/noop-trust-store-provider-factory.d.ts +18 -0
- package/dist/types/naylence/fame/security/trust-store/trust-store-provider-factory.d.ts +27 -0
- package/dist/types/naylence/fame/security/trust-store/trust-store-provider.d.ts +42 -0
- package/dist/types/version.d.ts +1 -1
- package/package.json +1 -1
package/dist/node/node.mjs
CHANGED
|
@@ -11,11 +11,11 @@ import { x25519 } from '@noble/curves/ed25519.js';
|
|
|
11
11
|
import { hkdf } from '@noble/hashes/hkdf.js';
|
|
12
12
|
import { sha256, sha512 } from '@noble/hashes/sha2.js';
|
|
13
13
|
import { utf8ToBytes, bytesToHex, randomBytes, concatBytes } from '@noble/hashes/utils.js';
|
|
14
|
+
import { hashes, sign, verify } from '@noble/ed25519';
|
|
14
15
|
import fastify from 'fastify';
|
|
15
16
|
import websocketPlugin from '@fastify/websocket';
|
|
16
17
|
import formbody from '@fastify/formbody';
|
|
17
18
|
import { createHash, timingSafeEqual, randomBytes as randomBytes$1 } from 'node:crypto';
|
|
18
|
-
import { hashes, sign, verify } from '@noble/ed25519';
|
|
19
19
|
|
|
20
20
|
/**
|
|
21
21
|
* Cross-platform logging utilities for Naylence Fame
|
|
@@ -3391,7 +3391,7 @@ class WebSocketConnectionGrantImpl {
|
|
|
3391
3391
|
this.purpose = 'connection';
|
|
3392
3392
|
}
|
|
3393
3393
|
}
|
|
3394
|
-
const FACTORY_META$
|
|
3394
|
+
const FACTORY_META$18 = {
|
|
3395
3395
|
base: CONNECTOR_FACTORY_BASE_TYPE,
|
|
3396
3396
|
key: 'WebSocketConnector',
|
|
3397
3397
|
};
|
|
@@ -3762,7 +3762,7 @@ class WebSocketConnectorFactory extends ConnectorFactory {
|
|
|
3762
3762
|
|
|
3763
3763
|
var websocketConnectorFactory = /*#__PURE__*/Object.freeze({
|
|
3764
3764
|
__proto__: null,
|
|
3765
|
-
FACTORY_META: FACTORY_META$
|
|
3765
|
+
FACTORY_META: FACTORY_META$18,
|
|
3766
3766
|
WebSocketConnectorFactory: WebSocketConnectorFactory,
|
|
3767
3767
|
default: WebSocketConnectorFactory,
|
|
3768
3768
|
setWebSocketConnectorSslLoader: setWebSocketConnectorSslLoader
|
|
@@ -3895,7 +3895,7 @@ class EnvCredentialProviderFactory extends CredentialProviderFactory {
|
|
|
3895
3895
|
return new EnvCredentialProvider(resolved.varName);
|
|
3896
3896
|
}
|
|
3897
3897
|
}
|
|
3898
|
-
const FACTORY_META$
|
|
3898
|
+
const FACTORY_META$17 = {
|
|
3899
3899
|
base: CREDENTIAL_PROVIDER_FACTORY_BASE_TYPE,
|
|
3900
3900
|
key: 'EnvCredentialProvider',
|
|
3901
3901
|
};
|
|
@@ -3903,7 +3903,7 @@ const FACTORY_META$16 = {
|
|
|
3903
3903
|
var envCredentialProviderFactory = /*#__PURE__*/Object.freeze({
|
|
3904
3904
|
__proto__: null,
|
|
3905
3905
|
EnvCredentialProviderFactory: EnvCredentialProviderFactory,
|
|
3906
|
-
FACTORY_META: FACTORY_META$
|
|
3906
|
+
FACTORY_META: FACTORY_META$17,
|
|
3907
3907
|
default: EnvCredentialProviderFactory,
|
|
3908
3908
|
normalizeEnvConfig: normalizeEnvConfig
|
|
3909
3909
|
});
|
|
@@ -4001,14 +4001,14 @@ class PromptCredentialProviderFactory extends CredentialProviderFactory {
|
|
|
4001
4001
|
return new PromptCredentialProvider(resolved.credentialName);
|
|
4002
4002
|
}
|
|
4003
4003
|
}
|
|
4004
|
-
const FACTORY_META$
|
|
4004
|
+
const FACTORY_META$16 = {
|
|
4005
4005
|
base: CREDENTIAL_PROVIDER_FACTORY_BASE_TYPE,
|
|
4006
4006
|
key: 'PromptCredentialProvider',
|
|
4007
4007
|
};
|
|
4008
4008
|
|
|
4009
4009
|
var promptCredentialProviderFactory = /*#__PURE__*/Object.freeze({
|
|
4010
4010
|
__proto__: null,
|
|
4011
|
-
FACTORY_META: FACTORY_META$
|
|
4011
|
+
FACTORY_META: FACTORY_META$16,
|
|
4012
4012
|
PromptCredentialProviderFactory: PromptCredentialProviderFactory,
|
|
4013
4013
|
default: PromptCredentialProviderFactory,
|
|
4014
4014
|
normalizePromptConfig: normalizePromptConfig
|
|
@@ -4062,14 +4062,14 @@ class SecretStoreCredentialProviderFactory extends CredentialProviderFactory {
|
|
|
4062
4062
|
return new SecretStoreCredentialProvider(resolved.secretName);
|
|
4063
4063
|
}
|
|
4064
4064
|
}
|
|
4065
|
-
const FACTORY_META$
|
|
4065
|
+
const FACTORY_META$15 = {
|
|
4066
4066
|
base: CREDENTIAL_PROVIDER_FACTORY_BASE_TYPE,
|
|
4067
4067
|
key: 'SecretStoreCredentialProvider',
|
|
4068
4068
|
};
|
|
4069
4069
|
|
|
4070
4070
|
var secretStoreCredentialProviderFactory = /*#__PURE__*/Object.freeze({
|
|
4071
4071
|
__proto__: null,
|
|
4072
|
-
FACTORY_META: FACTORY_META$
|
|
4072
|
+
FACTORY_META: FACTORY_META$15,
|
|
4073
4073
|
SecretStoreCredentialProviderFactory: SecretStoreCredentialProviderFactory,
|
|
4074
4074
|
default: SecretStoreCredentialProviderFactory,
|
|
4075
4075
|
normalizeSecretStoreConfig: normalizeSecretStoreConfig
|
|
@@ -4118,14 +4118,14 @@ class StaticCredentialProviderFactory extends CredentialProviderFactory {
|
|
|
4118
4118
|
return new StaticCredentialProvider(resolved.credentialValue);
|
|
4119
4119
|
}
|
|
4120
4120
|
}
|
|
4121
|
-
const FACTORY_META$
|
|
4121
|
+
const FACTORY_META$14 = {
|
|
4122
4122
|
base: CREDENTIAL_PROVIDER_FACTORY_BASE_TYPE,
|
|
4123
4123
|
key: 'StaticCredentialProvider',
|
|
4124
4124
|
};
|
|
4125
4125
|
|
|
4126
4126
|
var staticCredentialProviderFactory = /*#__PURE__*/Object.freeze({
|
|
4127
4127
|
__proto__: null,
|
|
4128
|
-
FACTORY_META: FACTORY_META$
|
|
4128
|
+
FACTORY_META: FACTORY_META$14,
|
|
4129
4129
|
StaticCredentialProviderFactory: StaticCredentialProviderFactory,
|
|
4130
4130
|
default: StaticCredentialProviderFactory,
|
|
4131
4131
|
normalizeStaticConfig: normalizeStaticConfig
|
|
@@ -5371,12 +5371,12 @@ for (const [name, config] of Object.entries(SQLITE_PROFILES)) {
|
|
|
5371
5371
|
}
|
|
5372
5372
|
|
|
5373
5373
|
// This file is auto-generated during build - do not edit manually
|
|
5374
|
-
// Generated from package.json version: 0.3.5-test.
|
|
5374
|
+
// Generated from package.json version: 0.3.5-test.924
|
|
5375
5375
|
/**
|
|
5376
5376
|
* The package version, injected at build time.
|
|
5377
5377
|
* @internal
|
|
5378
5378
|
*/
|
|
5379
|
-
const VERSION = '0.3.5-test.
|
|
5379
|
+
const VERSION = '0.3.5-test.924';
|
|
5380
5380
|
|
|
5381
5381
|
/**
|
|
5382
5382
|
* Fame errors module - Fame protocol specific error classes
|
|
@@ -15117,6 +15117,7 @@ const MODULES = [
|
|
|
15117
15117
|
"./security/policy/no-security-policy-factory.js",
|
|
15118
15118
|
"./security/signing/eddsa-envelope-signer-factory.js",
|
|
15119
15119
|
"./security/signing/eddsa-envelope-verifier-factory.js",
|
|
15120
|
+
"./security/trust-store/noop-trust-store-provider-factory.js",
|
|
15120
15121
|
"./sentinel/capability-aware-routing-policy-factory.js",
|
|
15121
15122
|
"./sentinel/composite-routing-policy-factory.js",
|
|
15122
15123
|
"./sentinel/hybrid-path-routing-policy-factory.js",
|
|
@@ -15191,6 +15192,7 @@ const MODULE_LOADERS = {
|
|
|
15191
15192
|
"./security/policy/no-security-policy-factory.js": () => Promise.resolve().then(function () { return noSecurityPolicyFactory; }),
|
|
15192
15193
|
"./security/signing/eddsa-envelope-signer-factory.js": () => Promise.resolve().then(function () { return eddsaEnvelopeSignerFactory; }),
|
|
15193
15194
|
"./security/signing/eddsa-envelope-verifier-factory.js": () => Promise.resolve().then(function () { return eddsaEnvelopeVerifierFactory; }),
|
|
15195
|
+
"./security/trust-store/noop-trust-store-provider-factory.js": () => Promise.resolve().then(function () { return noopTrustStoreProviderFactory; }),
|
|
15194
15196
|
"./sentinel/capability-aware-routing-policy-factory.js": () => Promise.resolve().then(function () { return capabilityAwareRoutingPolicyFactory; }),
|
|
15195
15197
|
"./sentinel/composite-routing-policy-factory.js": () => Promise.resolve().then(function () { return compositeRoutingPolicyFactory; }),
|
|
15196
15198
|
"./sentinel/hybrid-path-routing-policy-factory.js": () => Promise.resolve().then(function () { return hybridPathRoutingPolicyFactory; }),
|
|
@@ -15495,7 +15497,7 @@ class NodeLikeFactory extends AbstractResourceFactory {
|
|
|
15495
15497
|
// registerFactory(NODE_LIKE_FACTORY_BASE_TYPE, type, factory);
|
|
15496
15498
|
// }
|
|
15497
15499
|
|
|
15498
|
-
const FACTORY_META$
|
|
15500
|
+
const FACTORY_META$13 = {
|
|
15499
15501
|
base: NODE_LIKE_FACTORY_BASE_TYPE,
|
|
15500
15502
|
key: 'Node',
|
|
15501
15503
|
};
|
|
@@ -15536,7 +15538,7 @@ class NodeFactory extends NodeLikeFactory {
|
|
|
15536
15538
|
|
|
15537
15539
|
var nodeFactory = /*#__PURE__*/Object.freeze({
|
|
15538
15540
|
__proto__: null,
|
|
15539
|
-
FACTORY_META: FACTORY_META$
|
|
15541
|
+
FACTORY_META: FACTORY_META$13,
|
|
15540
15542
|
NodeFactory: NodeFactory,
|
|
15541
15543
|
default: NodeFactory
|
|
15542
15544
|
});
|
|
@@ -16977,7 +16979,7 @@ class RouteStoreFactory extends AbstractResourceFactory {
|
|
|
16977
16979
|
return store ?? null;
|
|
16978
16980
|
}
|
|
16979
16981
|
}
|
|
16980
|
-
const FACTORY_META$
|
|
16982
|
+
const FACTORY_META$12 = {
|
|
16981
16983
|
base: ROUTE_STORE_FACTORY_BASE_TYPE,
|
|
16982
16984
|
key: 'InMemoryRouteStore',
|
|
16983
16985
|
};
|
|
@@ -16995,7 +16997,7 @@ class InMemoryRouteStoreFactory extends RouteStoreFactory {
|
|
|
16995
16997
|
|
|
16996
16998
|
var routeStoreFactory = /*#__PURE__*/Object.freeze({
|
|
16997
16999
|
__proto__: null,
|
|
16998
|
-
FACTORY_META: FACTORY_META$
|
|
17000
|
+
FACTORY_META: FACTORY_META$12,
|
|
16999
17001
|
InMemoryRouteStoreFactory: InMemoryRouteStoreFactory,
|
|
17000
17002
|
ROUTE_STORE_FACTORY_BASE_TYPE: ROUTE_STORE_FACTORY_BASE_TYPE,
|
|
17001
17003
|
RouteStoreFactory: RouteStoreFactory,
|
|
@@ -20811,7 +20813,7 @@ function isPlainRecord(value) {
|
|
|
20811
20813
|
return Boolean(value) && typeof value === 'object' && !Array.isArray(value);
|
|
20812
20814
|
}
|
|
20813
20815
|
|
|
20814
|
-
const FACTORY_META$
|
|
20816
|
+
const FACTORY_META$11 = {
|
|
20815
20817
|
base: NODE_LIKE_FACTORY_BASE_TYPE,
|
|
20816
20818
|
key: 'Sentinel',
|
|
20817
20819
|
};
|
|
@@ -20995,7 +20997,7 @@ class SentinelFactory extends NodeLikeFactory {
|
|
|
20995
20997
|
|
|
20996
20998
|
var sentinelFactory = /*#__PURE__*/Object.freeze({
|
|
20997
20999
|
__proto__: null,
|
|
20998
|
-
FACTORY_META: FACTORY_META$
|
|
21000
|
+
FACTORY_META: FACTORY_META$11,
|
|
20999
21001
|
SentinelFactory: SentinelFactory,
|
|
21000
21002
|
default: SentinelFactory
|
|
21001
21003
|
});
|
|
@@ -21609,6 +21611,45 @@ class CertificateManagerFactory extends AbstractResourceFactory {
|
|
|
21609
21611
|
}
|
|
21610
21612
|
}
|
|
21611
21613
|
|
|
21614
|
+
const DEFAULT_UNCONFIGURED_MESSAGE = "Trust store is not configured. Set FAME_CA_CERTS to a PEM value, a file path, a data URI, or an HTTPS bundle URL.";
|
|
21615
|
+
const TRUST_STORE_PROVIDER_FACTORY_BASE_TYPE = "TrustStoreProviderFactory";
|
|
21616
|
+
class TrustStoreProviderFactory extends AbstractResourceFactory {
|
|
21617
|
+
createUnconfiguredProvider(reason) {
|
|
21618
|
+
return new NoopTrustStoreProvider(reason ?? DEFAULT_UNCONFIGURED_MESSAGE);
|
|
21619
|
+
}
|
|
21620
|
+
static async createTrustStoreProvider(config, options = {}) {
|
|
21621
|
+
const { dependencies, factoryArgs, ...restOptions } = options;
|
|
21622
|
+
const mergedFactoryArgs = [
|
|
21623
|
+
...(dependencies ? [dependencies] : []),
|
|
21624
|
+
...(factoryArgs ?? []),
|
|
21625
|
+
];
|
|
21626
|
+
const creationOptions = {
|
|
21627
|
+
...restOptions,
|
|
21628
|
+
factoryArgs: mergedFactoryArgs,
|
|
21629
|
+
};
|
|
21630
|
+
if (config) {
|
|
21631
|
+
const instance = await createResource$1(TRUST_STORE_PROVIDER_FACTORY_BASE_TYPE, config, creationOptions);
|
|
21632
|
+
return instance ?? new NoopTrustStoreProvider();
|
|
21633
|
+
}
|
|
21634
|
+
const instance = await createDefaultResource(TRUST_STORE_PROVIDER_FACTORY_BASE_TYPE, null, creationOptions);
|
|
21635
|
+
return instance ?? new NoopTrustStoreProvider();
|
|
21636
|
+
}
|
|
21637
|
+
}
|
|
21638
|
+
class NoopTrustStoreProvider {
|
|
21639
|
+
constructor(reason = DEFAULT_UNCONFIGURED_MESSAGE) {
|
|
21640
|
+
this.reason = reason;
|
|
21641
|
+
}
|
|
21642
|
+
async getTrustStorePem() {
|
|
21643
|
+
throw new Error(this.reason);
|
|
21644
|
+
}
|
|
21645
|
+
async getRoots() {
|
|
21646
|
+
return [];
|
|
21647
|
+
}
|
|
21648
|
+
async initialize() {
|
|
21649
|
+
// No-op for the placeholder provider.
|
|
21650
|
+
}
|
|
21651
|
+
}
|
|
21652
|
+
|
|
21612
21653
|
const ENCRYPTION_MANAGER_FACTORY_BASE_TYPE = 'EncryptionManagerFactory';
|
|
21613
21654
|
class EncryptionManagerFactory extends AbstractResourceFactory {
|
|
21614
21655
|
getPriority() {
|
|
@@ -26426,6 +26467,146 @@ function encodeUtf8(value) {
|
|
|
26426
26467
|
throw new Error('No UTF-8 encoder available in this environment');
|
|
26427
26468
|
}
|
|
26428
26469
|
|
|
26470
|
+
if (!hashes.sha512) {
|
|
26471
|
+
hashes.sha512 = (message) => sha512(message);
|
|
26472
|
+
}
|
|
26473
|
+
function normalizeSignerOptions(options) {
|
|
26474
|
+
if (!options || typeof options !== 'object') {
|
|
26475
|
+
return {};
|
|
26476
|
+
}
|
|
26477
|
+
const candidate = options;
|
|
26478
|
+
const result = {
|
|
26479
|
+
...options,
|
|
26480
|
+
};
|
|
26481
|
+
const cryptoProvider = resolveAlias(candidate, ['cryptoProvider', 'crypto_provider']);
|
|
26482
|
+
if (cryptoProvider !== undefined) {
|
|
26483
|
+
result.cryptoProvider = cryptoProvider ?? null;
|
|
26484
|
+
}
|
|
26485
|
+
const signingConfig = resolveAlias(candidate, ['signingConfig', 'signing_config']);
|
|
26486
|
+
if (signingConfig !== undefined) {
|
|
26487
|
+
result.signingConfig = signingConfig;
|
|
26488
|
+
}
|
|
26489
|
+
const privateKeyPem = resolveAlias(candidate, [
|
|
26490
|
+
'privateKeyPem',
|
|
26491
|
+
'private_key_pem',
|
|
26492
|
+
]);
|
|
26493
|
+
if (privateKeyPem !== undefined) {
|
|
26494
|
+
result.privateKeyPem = privateKeyPem;
|
|
26495
|
+
}
|
|
26496
|
+
const keyId = resolveAlias(candidate, [
|
|
26497
|
+
'keyId',
|
|
26498
|
+
'key_id',
|
|
26499
|
+
]);
|
|
26500
|
+
if (keyId !== undefined) {
|
|
26501
|
+
result.keyId = keyId;
|
|
26502
|
+
}
|
|
26503
|
+
return result;
|
|
26504
|
+
}
|
|
26505
|
+
class EdDSAEnvelopeSigner {
|
|
26506
|
+
constructor(options = {}) {
|
|
26507
|
+
const normalized = normalizeSignerOptions(options);
|
|
26508
|
+
const provider = normalized.cryptoProvider ?? null;
|
|
26509
|
+
if (!provider) {
|
|
26510
|
+
throw new Error('No crypto provider is configured for signing');
|
|
26511
|
+
}
|
|
26512
|
+
this.crypto = provider;
|
|
26513
|
+
const signingConfigOption = normalized.signingConfig;
|
|
26514
|
+
if (signingConfigOption instanceof SigningConfig) {
|
|
26515
|
+
this.signingConfig = signingConfigOption;
|
|
26516
|
+
}
|
|
26517
|
+
else if (signingConfigOption) {
|
|
26518
|
+
this.signingConfig = new SigningConfig(signingConfigOption);
|
|
26519
|
+
}
|
|
26520
|
+
else {
|
|
26521
|
+
this.signingConfig = new SigningConfig();
|
|
26522
|
+
}
|
|
26523
|
+
this.explicitPrivateKey = normalized.privateKeyPem;
|
|
26524
|
+
this.explicitKeyId = normalized.keyId;
|
|
26525
|
+
}
|
|
26526
|
+
signEnvelope(envelope, { physicalPath }) {
|
|
26527
|
+
if (!envelope.sid) {
|
|
26528
|
+
throw new Error('Envelope missing sid');
|
|
26529
|
+
}
|
|
26530
|
+
const frame = envelope.frame;
|
|
26531
|
+
if (frame.type === 'Data') {
|
|
26532
|
+
const dataFrame = frame;
|
|
26533
|
+
if (!dataFrame.pd) {
|
|
26534
|
+
const payload = dataFrame.payload ?? '';
|
|
26535
|
+
const payloadString = payload === '' ? '' : canonicalJson(payload);
|
|
26536
|
+
dataFrame.pd = secureDigest(payloadString);
|
|
26537
|
+
}
|
|
26538
|
+
}
|
|
26539
|
+
const digest = frameDigest(frame);
|
|
26540
|
+
const immutable = canonicalJson(immutableHeaders(envelope));
|
|
26541
|
+
const sidDigest = secureDigest(physicalPath);
|
|
26542
|
+
const tbs = new Uint8Array(encodeUtf8(sidDigest).length +
|
|
26543
|
+
1 +
|
|
26544
|
+
encodeUtf8(immutable).length +
|
|
26545
|
+
1 +
|
|
26546
|
+
encodeUtf8(digest).length);
|
|
26547
|
+
const sidBytes = encodeUtf8(sidDigest);
|
|
26548
|
+
const immBytes = encodeUtf8(immutable);
|
|
26549
|
+
const digBytes = encodeUtf8(digest);
|
|
26550
|
+
let offset = 0;
|
|
26551
|
+
tbs.set(sidBytes, offset);
|
|
26552
|
+
offset += sidBytes.length;
|
|
26553
|
+
tbs[offset] = 0x1f;
|
|
26554
|
+
offset += 1;
|
|
26555
|
+
tbs.set(immBytes, offset);
|
|
26556
|
+
offset += immBytes.length;
|
|
26557
|
+
tbs[offset] = 0x1f;
|
|
26558
|
+
offset += 1;
|
|
26559
|
+
tbs.set(digBytes, offset);
|
|
26560
|
+
const privateKey = this.loadPrivateKey();
|
|
26561
|
+
const signatureBytes = sign(tbs, privateKey);
|
|
26562
|
+
const signature = urlsafeBase64Encode(signatureBytes);
|
|
26563
|
+
const kid = this.determineKeyId();
|
|
26564
|
+
const signatureHeader = {
|
|
26565
|
+
kid,
|
|
26566
|
+
val: signature,
|
|
26567
|
+
alg: 'EdDSA',
|
|
26568
|
+
};
|
|
26569
|
+
const secHeader = envelope.sec ?? {};
|
|
26570
|
+
secHeader.sig = signatureHeader;
|
|
26571
|
+
envelope.sec = secHeader;
|
|
26572
|
+
return envelope;
|
|
26573
|
+
}
|
|
26574
|
+
loadPrivateKey() {
|
|
26575
|
+
const pem = this.explicitPrivateKey ??
|
|
26576
|
+
readStringProperty(this.crypto, 'signingPrivatePem', 'signing_private_pem');
|
|
26577
|
+
if (!pem) {
|
|
26578
|
+
throw new Error('Crypto provider does not expose a signing private key');
|
|
26579
|
+
}
|
|
26580
|
+
return parseEd25519PrivateKey(pem);
|
|
26581
|
+
}
|
|
26582
|
+
determineKeyId() {
|
|
26583
|
+
if (this.explicitKeyId) {
|
|
26584
|
+
return this.explicitKeyId;
|
|
26585
|
+
}
|
|
26586
|
+
if (this.signingConfig.signingMaterial === SigningMaterial.X509_CHAIN) {
|
|
26587
|
+
const certificateProvider = this
|
|
26588
|
+
.crypto;
|
|
26589
|
+
const jwk = certificateProvider.nodeJwk?.();
|
|
26590
|
+
if (jwk && typeof jwk === 'object' && 'kid' in jwk && 'x5c' in jwk) {
|
|
26591
|
+
const kid = jwk.kid;
|
|
26592
|
+
if (typeof kid === 'string' && kid.length > 0) {
|
|
26593
|
+
return kid;
|
|
26594
|
+
}
|
|
26595
|
+
}
|
|
26596
|
+
}
|
|
26597
|
+
const fallback = readStringProperty(this.crypto, 'signatureKeyId', 'signature_key_id');
|
|
26598
|
+
if (!fallback) {
|
|
26599
|
+
throw new Error('Crypto provider does not expose a signature key id');
|
|
26600
|
+
}
|
|
26601
|
+
return fallback;
|
|
26602
|
+
}
|
|
26603
|
+
}
|
|
26604
|
+
|
|
26605
|
+
var eddsaEnvelopeSigner = /*#__PURE__*/Object.freeze({
|
|
26606
|
+
__proto__: null,
|
|
26607
|
+
EdDSAEnvelopeSigner: EdDSAEnvelopeSigner
|
|
26608
|
+
});
|
|
26609
|
+
|
|
26429
26610
|
// Legacy global crypto provider accessors are intentionally disabled to force
|
|
26430
26611
|
// explicit dependency wiring. If a component still needs a global provider,
|
|
26431
26612
|
// refactor it to accept one via configuration instead of re-enabling this code.
|
|
@@ -28045,7 +28226,7 @@ const PROFILE_MAP$4 = {
|
|
|
28045
28226
|
[PROFILE_NAME_GATED_CALLBACK]: GATED_CALLBACK_PROFILE,
|
|
28046
28227
|
[PROFILE_NAME_OPEN$1]: OPEN_PROFILE$1,
|
|
28047
28228
|
};
|
|
28048
|
-
const FACTORY_META
|
|
28229
|
+
const FACTORY_META$10 = {
|
|
28049
28230
|
base: SECURITY_MANAGER_FACTORY_BASE_TYPE,
|
|
28050
28231
|
key: 'SecurityProfile',
|
|
28051
28232
|
};
|
|
@@ -28171,7 +28352,7 @@ var nodeSecurityProfileFactory = /*#__PURE__*/Object.freeze({
|
|
|
28171
28352
|
ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE: ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE,
|
|
28172
28353
|
ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER: ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER,
|
|
28173
28354
|
ENV_VAR_JWT_TRUSTED_ISSUER: ENV_VAR_JWT_TRUSTED_ISSUER,
|
|
28174
|
-
FACTORY_META: FACTORY_META
|
|
28355
|
+
FACTORY_META: FACTORY_META$10,
|
|
28175
28356
|
NodeSecurityProfileFactory: NodeSecurityProfileFactory,
|
|
28176
28357
|
PROFILE_NAME_GATED: PROFILE_NAME_GATED,
|
|
28177
28358
|
PROFILE_NAME_GATED_CALLBACK: PROFILE_NAME_GATED_CALLBACK,
|
|
@@ -28300,7 +28481,7 @@ class SimpleLoadBalancerStickinessManager extends BaseNodeEventListener {
|
|
|
28300
28481
|
}
|
|
28301
28482
|
}
|
|
28302
28483
|
|
|
28303
|
-
const FACTORY_META
|
|
28484
|
+
const FACTORY_META$$ = {
|
|
28304
28485
|
base: LOAD_BALANCER_STICKINESS_MANAGER_FACTORY_BASE_TYPE,
|
|
28305
28486
|
key: 'SimpleLoadBalancerStickinessManager',
|
|
28306
28487
|
};
|
|
@@ -28324,7 +28505,7 @@ class SimpleLoadBalancerStickinessManagerFactory extends LoadBalancerStickinessM
|
|
|
28324
28505
|
|
|
28325
28506
|
var simpleLoadBalancerStickinessManagerFactory = /*#__PURE__*/Object.freeze({
|
|
28326
28507
|
__proto__: null,
|
|
28327
|
-
FACTORY_META: FACTORY_META
|
|
28508
|
+
FACTORY_META: FACTORY_META$$,
|
|
28328
28509
|
SimpleLoadBalancerStickinessManagerFactory: SimpleLoadBalancerStickinessManagerFactory,
|
|
28329
28510
|
default: SimpleLoadBalancerStickinessManagerFactory
|
|
28330
28511
|
});
|
|
@@ -28750,7 +28931,7 @@ class WelcomeServiceFactory extends AbstractResourceFactory {
|
|
|
28750
28931
|
}
|
|
28751
28932
|
}
|
|
28752
28933
|
|
|
28753
|
-
const FACTORY_META$
|
|
28934
|
+
const FACTORY_META$_ = {
|
|
28754
28935
|
base: WELCOME_SERVICE_FACTORY_BASE_TYPE,
|
|
28755
28936
|
key: 'DefaultWelcomeService',
|
|
28756
28937
|
};
|
|
@@ -28831,7 +29012,7 @@ function resolveConfigEntry(source, keys) {
|
|
|
28831
29012
|
var defaultWelcomeServiceFactory = /*#__PURE__*/Object.freeze({
|
|
28832
29013
|
__proto__: null,
|
|
28833
29014
|
DefaultWelcomeServiceFactory: DefaultWelcomeServiceFactory,
|
|
28834
|
-
FACTORY_META: FACTORY_META$
|
|
29015
|
+
FACTORY_META: FACTORY_META$_,
|
|
28835
29016
|
default: DefaultWelcomeServiceFactory
|
|
28836
29017
|
});
|
|
28837
29018
|
|
|
@@ -29035,7 +29216,7 @@ function normalizeConfig$r(config) {
|
|
|
29035
29216
|
authorizer: authorizerValue,
|
|
29036
29217
|
};
|
|
29037
29218
|
}
|
|
29038
|
-
const FACTORY_META$
|
|
29219
|
+
const FACTORY_META$Z = {
|
|
29039
29220
|
base: TRANSPORT_LISTENER_FACTORY_BASE_TYPE,
|
|
29040
29221
|
key: 'HttpListener',
|
|
29041
29222
|
};
|
|
@@ -29082,7 +29263,7 @@ class HttpListenerFactory extends TransportListenerFactory {
|
|
|
29082
29263
|
|
|
29083
29264
|
var httpListenerFactory = /*#__PURE__*/Object.freeze({
|
|
29084
29265
|
__proto__: null,
|
|
29085
|
-
FACTORY_META: FACTORY_META$
|
|
29266
|
+
FACTORY_META: FACTORY_META$Z,
|
|
29086
29267
|
HttpListenerFactory: HttpListenerFactory,
|
|
29087
29268
|
default: HttpListenerFactory
|
|
29088
29269
|
});
|
|
@@ -29151,7 +29332,7 @@ function normalizeConfig$q(config) {
|
|
|
29151
29332
|
authorizer: authorizerValue,
|
|
29152
29333
|
};
|
|
29153
29334
|
}
|
|
29154
|
-
const FACTORY_META$
|
|
29335
|
+
const FACTORY_META$Y = {
|
|
29155
29336
|
base: TRANSPORT_LISTENER_FACTORY_BASE_TYPE,
|
|
29156
29337
|
key: 'WebSocketListener',
|
|
29157
29338
|
};
|
|
@@ -29195,7 +29376,7 @@ class WebSocketListenerFactory extends TransportListenerFactory {
|
|
|
29195
29376
|
|
|
29196
29377
|
var websocketListenerFactory = /*#__PURE__*/Object.freeze({
|
|
29197
29378
|
__proto__: null,
|
|
29198
|
-
FACTORY_META: FACTORY_META$
|
|
29379
|
+
FACTORY_META: FACTORY_META$Y,
|
|
29199
29380
|
WebSocketListenerFactory: WebSocketListenerFactory,
|
|
29200
29381
|
default: WebSocketListenerFactory
|
|
29201
29382
|
});
|
|
@@ -29232,7 +29413,7 @@ function normalizeConfig$p(config) {
|
|
|
29232
29413
|
inboxCapacity,
|
|
29233
29414
|
};
|
|
29234
29415
|
}
|
|
29235
|
-
const FACTORY_META$
|
|
29416
|
+
const FACTORY_META$X = {
|
|
29236
29417
|
base: TRANSPORT_LISTENER_FACTORY_BASE_TYPE,
|
|
29237
29418
|
key: 'InPageListener',
|
|
29238
29419
|
};
|
|
@@ -29258,7 +29439,7 @@ class InPageListenerFactory extends TransportListenerFactory {
|
|
|
29258
29439
|
|
|
29259
29440
|
var inpageListenerFactory = /*#__PURE__*/Object.freeze({
|
|
29260
29441
|
__proto__: null,
|
|
29261
|
-
FACTORY_META: FACTORY_META$
|
|
29442
|
+
FACTORY_META: FACTORY_META$X,
|
|
29262
29443
|
InPageListenerFactory: InPageListenerFactory,
|
|
29263
29444
|
default: InPageListenerFactory
|
|
29264
29445
|
});
|
|
@@ -29295,7 +29476,7 @@ function normalizeConfig$o(config) {
|
|
|
29295
29476
|
inboxCapacity,
|
|
29296
29477
|
};
|
|
29297
29478
|
}
|
|
29298
|
-
const FACTORY_META$
|
|
29479
|
+
const FACTORY_META$W = {
|
|
29299
29480
|
base: TRANSPORT_LISTENER_FACTORY_BASE_TYPE,
|
|
29300
29481
|
key: 'BroadcastChannelListener',
|
|
29301
29482
|
};
|
|
@@ -29322,7 +29503,7 @@ class BroadcastChannelListenerFactory extends TransportListenerFactory {
|
|
|
29322
29503
|
var broadcastChannelListenerFactory = /*#__PURE__*/Object.freeze({
|
|
29323
29504
|
__proto__: null,
|
|
29324
29505
|
BroadcastChannelListenerFactory: BroadcastChannelListenerFactory,
|
|
29325
|
-
FACTORY_META: FACTORY_META$
|
|
29506
|
+
FACTORY_META: FACTORY_META$W,
|
|
29326
29507
|
default: BroadcastChannelListenerFactory
|
|
29327
29508
|
});
|
|
29328
29509
|
|
|
@@ -29446,7 +29627,7 @@ class HttpConnectionGrantImpl {
|
|
|
29446
29627
|
this.purpose = 'connection';
|
|
29447
29628
|
}
|
|
29448
29629
|
}
|
|
29449
|
-
const FACTORY_META$
|
|
29630
|
+
const FACTORY_META$V = {
|
|
29450
29631
|
base: CONNECTOR_FACTORY_BASE_TYPE,
|
|
29451
29632
|
key: HTTP_STATELESS_CONNECTOR_TYPE,
|
|
29452
29633
|
};
|
|
@@ -29615,7 +29796,7 @@ class HttpStatelessConnectorFactory extends ConnectorFactory {
|
|
|
29615
29796
|
|
|
29616
29797
|
var httpStatelessConnectorFactory = /*#__PURE__*/Object.freeze({
|
|
29617
29798
|
__proto__: null,
|
|
29618
|
-
FACTORY_META: FACTORY_META$
|
|
29799
|
+
FACTORY_META: FACTORY_META$V,
|
|
29619
29800
|
HttpStatelessConnectorFactory: HttpStatelessConnectorFactory,
|
|
29620
29801
|
default: HttpStatelessConnectorFactory
|
|
29621
29802
|
});
|
|
@@ -29628,7 +29809,7 @@ class InPageConnectionGrantImpl {
|
|
|
29628
29809
|
this.purpose = 'connection';
|
|
29629
29810
|
}
|
|
29630
29811
|
}
|
|
29631
|
-
const FACTORY_META$
|
|
29812
|
+
const FACTORY_META$U = {
|
|
29632
29813
|
base: CONNECTOR_FACTORY_BASE_TYPE,
|
|
29633
29814
|
key: INPAGE_CONNECTOR_TYPE,
|
|
29634
29815
|
};
|
|
@@ -29777,7 +29958,7 @@ class InPageConnectorFactory extends ConnectorFactory {
|
|
|
29777
29958
|
|
|
29778
29959
|
var inpageConnectorFactory = /*#__PURE__*/Object.freeze({
|
|
29779
29960
|
__proto__: null,
|
|
29780
|
-
FACTORY_META: FACTORY_META$
|
|
29961
|
+
FACTORY_META: FACTORY_META$U,
|
|
29781
29962
|
InPageConnectorFactory: InPageConnectorFactory,
|
|
29782
29963
|
default: InPageConnectorFactory
|
|
29783
29964
|
});
|
|
@@ -29790,7 +29971,7 @@ class BroadcastChannelConnectionGrantImpl {
|
|
|
29790
29971
|
this.purpose = 'connection';
|
|
29791
29972
|
}
|
|
29792
29973
|
}
|
|
29793
|
-
const FACTORY_META$
|
|
29974
|
+
const FACTORY_META$T = {
|
|
29794
29975
|
base: CONNECTOR_FACTORY_BASE_TYPE,
|
|
29795
29976
|
key: BROADCAST_CHANNEL_CONNECTOR_TYPE$1,
|
|
29796
29977
|
};
|
|
@@ -29938,7 +30119,7 @@ class BroadcastChannelConnectorFactory extends ConnectorFactory {
|
|
|
29938
30119
|
var broadcastChannelConnectorFactory = /*#__PURE__*/Object.freeze({
|
|
29939
30120
|
__proto__: null,
|
|
29940
30121
|
BroadcastChannelConnectorFactory: BroadcastChannelConnectorFactory,
|
|
29941
|
-
FACTORY_META: FACTORY_META$
|
|
30122
|
+
FACTORY_META: FACTORY_META$T,
|
|
29942
30123
|
default: BroadcastChannelConnectorFactory
|
|
29943
30124
|
});
|
|
29944
30125
|
|
|
@@ -32446,7 +32627,7 @@ function normalizeServiceName(value) {
|
|
|
32446
32627
|
|
|
32447
32628
|
// import { registerRuntimeFactories } from "../util/register-runtime-factories.js";
|
|
32448
32629
|
const FAME_FABRIC_FACTORY_BASE_TYPE = 'FameFabricFactory';
|
|
32449
|
-
const FACTORY_META$
|
|
32630
|
+
const FACTORY_META$S = {
|
|
32450
32631
|
base: FAME_FABRIC_FACTORY_BASE_TYPE,
|
|
32451
32632
|
key: 'InProcessFameFabric',
|
|
32452
32633
|
};
|
|
@@ -32466,7 +32647,7 @@ class InProcessFameFabricFactory extends FameFabricFactory {
|
|
|
32466
32647
|
|
|
32467
32648
|
var inProcessFameFabricFactory = /*#__PURE__*/Object.freeze({
|
|
32468
32649
|
__proto__: null,
|
|
32469
|
-
FACTORY_META: FACTORY_META$
|
|
32650
|
+
FACTORY_META: FACTORY_META$S,
|
|
32470
32651
|
FAME_FABRIC_FACTORY_BASE_TYPE: FAME_FABRIC_FACTORY_BASE_TYPE,
|
|
32471
32652
|
InProcessFameFabricFactory: InProcessFameFabricFactory,
|
|
32472
32653
|
default: InProcessFameFabricFactory
|
|
@@ -34263,7 +34444,7 @@ class NoopTraceEmitter extends BaseTraceEmitter {
|
|
|
34263
34444
|
}
|
|
34264
34445
|
}
|
|
34265
34446
|
|
|
34266
|
-
const FACTORY_META$
|
|
34447
|
+
const FACTORY_META$R = {
|
|
34267
34448
|
base: TRACE_EMITTER_FACTORY_BASE_TYPE,
|
|
34268
34449
|
key: 'NoopTraceEmitter',
|
|
34269
34450
|
};
|
|
@@ -34281,7 +34462,7 @@ class NoopTraceEmitterFactory extends TraceEmitterFactory {
|
|
|
34281
34462
|
|
|
34282
34463
|
var noopTraceEmitterFactory = /*#__PURE__*/Object.freeze({
|
|
34283
34464
|
__proto__: null,
|
|
34284
|
-
FACTORY_META: FACTORY_META$
|
|
34465
|
+
FACTORY_META: FACTORY_META$R,
|
|
34285
34466
|
NoopTraceEmitterFactory: NoopTraceEmitterFactory,
|
|
34286
34467
|
default: NoopTraceEmitterFactory
|
|
34287
34468
|
});
|
|
@@ -34536,7 +34717,7 @@ function getOtelApiModule() {
|
|
|
34536
34717
|
}
|
|
34537
34718
|
return otelApiModulePromise;
|
|
34538
34719
|
}
|
|
34539
|
-
const FACTORY_META$
|
|
34720
|
+
const FACTORY_META$Q = {
|
|
34540
34721
|
base: TRACE_EMITTER_FACTORY_BASE_TYPE,
|
|
34541
34722
|
key: 'OpenTelemetryTraceEmitter',
|
|
34542
34723
|
};
|
|
@@ -34706,7 +34887,7 @@ function extractHeaders(value) {
|
|
|
34706
34887
|
|
|
34707
34888
|
var openTelemetryTraceEmitterFactory = /*#__PURE__*/Object.freeze({
|
|
34708
34889
|
__proto__: null,
|
|
34709
|
-
FACTORY_META: FACTORY_META$
|
|
34890
|
+
FACTORY_META: FACTORY_META$Q,
|
|
34710
34891
|
OpenTelemetryTraceEmitterFactory: OpenTelemetryTraceEmitterFactory,
|
|
34711
34892
|
default: OpenTelemetryTraceEmitterFactory
|
|
34712
34893
|
});
|
|
@@ -34727,7 +34908,7 @@ const PROFILE_MAP$3 = {
|
|
|
34727
34908
|
[PROFILE_NAME_NOOP$1]: NOOP_PROFILE$1,
|
|
34728
34909
|
[PROFILE_NAME_OPEN_TELEMETRY]: OPEN_TELEMETRY_PROFILE,
|
|
34729
34910
|
};
|
|
34730
|
-
const FACTORY_META$
|
|
34911
|
+
const FACTORY_META$P = {
|
|
34731
34912
|
base: TRACE_EMITTER_FACTORY_BASE_TYPE,
|
|
34732
34913
|
key: 'TraceEmitterProfile',
|
|
34733
34914
|
};
|
|
@@ -34807,7 +34988,7 @@ function deepClone$2(value) {
|
|
|
34807
34988
|
|
|
34808
34989
|
var traceEmitterProfileFactory = /*#__PURE__*/Object.freeze({
|
|
34809
34990
|
__proto__: null,
|
|
34810
|
-
FACTORY_META: FACTORY_META$
|
|
34991
|
+
FACTORY_META: FACTORY_META$P,
|
|
34811
34992
|
PROFILE_NAME_NOOP: PROFILE_NAME_NOOP$1,
|
|
34812
34993
|
PROFILE_NAME_OPEN_TELEMETRY: PROFILE_NAME_OPEN_TELEMETRY,
|
|
34813
34994
|
TraceEmitterProfileFactory: TraceEmitterProfileFactory,
|
|
@@ -34977,7 +35158,7 @@ function withOption(source, keys) {
|
|
|
34977
35158
|
[camelKey]: value,
|
|
34978
35159
|
};
|
|
34979
35160
|
}
|
|
34980
|
-
const FACTORY_META$
|
|
35161
|
+
const FACTORY_META$O = {
|
|
34981
35162
|
base: DELIVERY_POLICY_FACTORY_BASE_TYPE,
|
|
34982
35163
|
key: 'AtLeastOnceDeliveryPolicy',
|
|
34983
35164
|
};
|
|
@@ -34985,7 +35166,7 @@ const FACTORY_META$N = {
|
|
|
34985
35166
|
var atLeastOnceDeliveryPolicyFactory = /*#__PURE__*/Object.freeze({
|
|
34986
35167
|
__proto__: null,
|
|
34987
35168
|
AtLeastOnceDeliveryPolicyFactory: AtLeastOnceDeliveryPolicyFactory,
|
|
34988
|
-
FACTORY_META: FACTORY_META$
|
|
35169
|
+
FACTORY_META: FACTORY_META$O,
|
|
34989
35170
|
default: AtLeastOnceDeliveryPolicyFactory
|
|
34990
35171
|
});
|
|
34991
35172
|
|
|
@@ -35012,7 +35193,7 @@ class AtMostOnceDeliveryPolicyFactory extends DeliveryPolicyFactory {
|
|
|
35012
35193
|
}
|
|
35013
35194
|
registerDeliveryPolicyFactory('AtMostOnceDeliveryPolicy', AtMostOnceDeliveryPolicyFactory);
|
|
35014
35195
|
registerDeliveryPolicyFactory('AtMostOnceMessageDeliveryPolicy', AtMostOnceDeliveryPolicyFactory);
|
|
35015
|
-
const FACTORY_META$
|
|
35196
|
+
const FACTORY_META$N = {
|
|
35016
35197
|
base: DELIVERY_POLICY_FACTORY_BASE_TYPE,
|
|
35017
35198
|
key: 'AtMostOnceDeliveryPolicy',
|
|
35018
35199
|
};
|
|
@@ -35020,7 +35201,7 @@ const FACTORY_META$M = {
|
|
|
35020
35201
|
var atMostOnceDeliveryPolicyFactory = /*#__PURE__*/Object.freeze({
|
|
35021
35202
|
__proto__: null,
|
|
35022
35203
|
AtMostOnceDeliveryPolicyFactory: AtMostOnceDeliveryPolicyFactory,
|
|
35023
|
-
FACTORY_META: FACTORY_META$
|
|
35204
|
+
FACTORY_META: FACTORY_META$N,
|
|
35024
35205
|
default: AtMostOnceDeliveryPolicyFactory
|
|
35025
35206
|
});
|
|
35026
35207
|
|
|
@@ -35113,7 +35294,7 @@ function resolveProfileConfig$1(profileName) {
|
|
|
35113
35294
|
function deepClone$1(value) {
|
|
35114
35295
|
return JSON.parse(JSON.stringify(value));
|
|
35115
35296
|
}
|
|
35116
|
-
const FACTORY_META$
|
|
35297
|
+
const FACTORY_META$M = {
|
|
35117
35298
|
base: DELIVERY_POLICY_FACTORY_BASE_TYPE,
|
|
35118
35299
|
key: 'DeliveryProfile',
|
|
35119
35300
|
};
|
|
@@ -35121,7 +35302,7 @@ const FACTORY_META$L = {
|
|
|
35121
35302
|
var deliveryProfileFactory = /*#__PURE__*/Object.freeze({
|
|
35122
35303
|
__proto__: null,
|
|
35123
35304
|
DeliveryProfileFactory: DeliveryProfileFactory,
|
|
35124
|
-
FACTORY_META: FACTORY_META$
|
|
35305
|
+
FACTORY_META: FACTORY_META$M,
|
|
35125
35306
|
PROFILE_NAME_AT_LEAST_ONCE: PROFILE_NAME_AT_LEAST_ONCE,
|
|
35126
35307
|
PROFILE_NAME_AT_MOST_ONCE: PROFILE_NAME_AT_MOST_ONCE,
|
|
35127
35308
|
default: DeliveryProfileFactory
|
|
@@ -35350,7 +35531,7 @@ const PROFILE_MAP$1 = {
|
|
|
35350
35531
|
[PROFILE_NAME_NOOP]: NOOP_PROFILE,
|
|
35351
35532
|
[PROFILE_NAME_NONE]: NOOP_PROFILE,
|
|
35352
35533
|
};
|
|
35353
|
-
const FACTORY_META$
|
|
35534
|
+
const FACTORY_META$L = {
|
|
35354
35535
|
base: ADMISSION_CLIENT_FACTORY_BASE_TYPE,
|
|
35355
35536
|
key: 'AdmissionProfile',
|
|
35356
35537
|
};
|
|
@@ -35397,7 +35578,7 @@ function deepClone(value) {
|
|
|
35397
35578
|
var admissionProfileFactory = /*#__PURE__*/Object.freeze({
|
|
35398
35579
|
__proto__: null,
|
|
35399
35580
|
AdmissionProfileFactory: AdmissionProfileFactory,
|
|
35400
|
-
FACTORY_META: FACTORY_META$
|
|
35581
|
+
FACTORY_META: FACTORY_META$L,
|
|
35401
35582
|
default: AdmissionProfileFactory
|
|
35402
35583
|
});
|
|
35403
35584
|
|
|
@@ -35479,7 +35660,7 @@ function cloneGrant(grant) {
|
|
|
35479
35660
|
return JSON.parse(JSON.stringify(grant));
|
|
35480
35661
|
}
|
|
35481
35662
|
|
|
35482
|
-
const FACTORY_META$
|
|
35663
|
+
const FACTORY_META$K = {
|
|
35483
35664
|
base: ADMISSION_CLIENT_FACTORY_BASE_TYPE,
|
|
35484
35665
|
key: 'DirectAdmissionClient',
|
|
35485
35666
|
};
|
|
@@ -35531,11 +35712,11 @@ function normalizeConfig$l(config) {
|
|
|
35531
35712
|
var directAdmissionClientFactory = /*#__PURE__*/Object.freeze({
|
|
35532
35713
|
__proto__: null,
|
|
35533
35714
|
DirectAdmissionClientFactory: DirectAdmissionClientFactory,
|
|
35534
|
-
FACTORY_META: FACTORY_META$
|
|
35715
|
+
FACTORY_META: FACTORY_META$K,
|
|
35535
35716
|
default: DirectAdmissionClientFactory
|
|
35536
35717
|
});
|
|
35537
35718
|
|
|
35538
|
-
const FACTORY_META$
|
|
35719
|
+
const FACTORY_META$J = {
|
|
35539
35720
|
base: ADMISSION_CLIENT_FACTORY_BASE_TYPE,
|
|
35540
35721
|
key: 'NoopAdmissionClient',
|
|
35541
35722
|
};
|
|
@@ -35584,7 +35765,7 @@ function normalizeConfig$k(config, factoryArgs) {
|
|
|
35584
35765
|
|
|
35585
35766
|
var noopAdmissionClientFactory = /*#__PURE__*/Object.freeze({
|
|
35586
35767
|
__proto__: null,
|
|
35587
|
-
FACTORY_META: FACTORY_META$
|
|
35768
|
+
FACTORY_META: FACTORY_META$J,
|
|
35588
35769
|
NoopAdmissionClientFactory: NoopAdmissionClientFactory,
|
|
35589
35770
|
default: NoopAdmissionClientFactory
|
|
35590
35771
|
});
|
|
@@ -35599,7 +35780,7 @@ class NoAuthInjectionStrategy {
|
|
|
35599
35780
|
}
|
|
35600
35781
|
}
|
|
35601
35782
|
|
|
35602
|
-
const FACTORY_META$
|
|
35783
|
+
const FACTORY_META$I = {
|
|
35603
35784
|
base: AUTH_INJECTION_STRATEGY_FACTORY_BASE_TYPE,
|
|
35604
35785
|
key: 'NoAuth',
|
|
35605
35786
|
};
|
|
@@ -35628,7 +35809,7 @@ function normalizeConfig$j(config) {
|
|
|
35628
35809
|
|
|
35629
35810
|
var noAuthInjectionStrategyFactory = /*#__PURE__*/Object.freeze({
|
|
35630
35811
|
__proto__: null,
|
|
35631
|
-
FACTORY_META: FACTORY_META$
|
|
35812
|
+
FACTORY_META: FACTORY_META$I,
|
|
35632
35813
|
NoAuthInjectionStrategyFactory: NoAuthInjectionStrategyFactory,
|
|
35633
35814
|
default: NoAuthInjectionStrategyFactory
|
|
35634
35815
|
});
|
|
@@ -35777,7 +35958,7 @@ function convertKeysToCamelCase(value) {
|
|
|
35777
35958
|
return result;
|
|
35778
35959
|
}
|
|
35779
35960
|
|
|
35780
|
-
const FACTORY_META$
|
|
35961
|
+
const FACTORY_META$H = {
|
|
35781
35962
|
base: ADMISSION_CLIENT_FACTORY_BASE_TYPE,
|
|
35782
35963
|
key: 'WelcomeServiceClient',
|
|
35783
35964
|
};
|
|
@@ -35847,7 +36028,7 @@ async function createAuthStrategy(config) {
|
|
|
35847
36028
|
|
|
35848
36029
|
var welcomeServiceClientFactory = /*#__PURE__*/Object.freeze({
|
|
35849
36030
|
__proto__: null,
|
|
35850
|
-
FACTORY_META: FACTORY_META$
|
|
36031
|
+
FACTORY_META: FACTORY_META$H,
|
|
35851
36032
|
WelcomeServiceClientFactory: WelcomeServiceClientFactory,
|
|
35852
36033
|
default: WelcomeServiceClientFactory
|
|
35853
36034
|
});
|
|
@@ -35965,7 +36146,7 @@ class StaticNodePlacementStrategyFactory extends NodePlacementStrategyFactory {
|
|
|
35965
36146
|
});
|
|
35966
36147
|
}
|
|
35967
36148
|
}
|
|
35968
|
-
const FACTORY_META$
|
|
36149
|
+
const FACTORY_META$G = {
|
|
35969
36150
|
base: NODE_PLACEMENT_STRATEGY_FACTORY_BASE_TYPE,
|
|
35970
36151
|
key: 'StaticNodePlacementStrategy',
|
|
35971
36152
|
};
|
|
@@ -35975,7 +36156,7 @@ registerNodePlacementStrategyFactory('StaticNodePlacementStrategy', StaticNodePl
|
|
|
35975
36156
|
|
|
35976
36157
|
var staticNodePlacementStrategyFactory = /*#__PURE__*/Object.freeze({
|
|
35977
36158
|
__proto__: null,
|
|
35978
|
-
FACTORY_META: FACTORY_META$
|
|
36159
|
+
FACTORY_META: FACTORY_META$G,
|
|
35979
36160
|
StaticNodePlacementStrategyFactory: StaticNodePlacementStrategyFactory,
|
|
35980
36161
|
default: StaticNodePlacementStrategyFactory
|
|
35981
36162
|
});
|
|
@@ -36134,7 +36315,7 @@ function connectorTypeName(connector) {
|
|
|
36134
36315
|
return typeof connector;
|
|
36135
36316
|
}
|
|
36136
36317
|
|
|
36137
|
-
const FACTORY_META$
|
|
36318
|
+
const FACTORY_META$F = {
|
|
36138
36319
|
base: AUTH_INJECTION_STRATEGY_FACTORY_BASE_TYPE,
|
|
36139
36320
|
key: 'BearerTokenHeaderAuth',
|
|
36140
36321
|
};
|
|
@@ -36175,7 +36356,7 @@ function normalizeConfig$g(config) {
|
|
|
36175
36356
|
var bearerTokenHeaderAuthInjectionStrategyFactory = /*#__PURE__*/Object.freeze({
|
|
36176
36357
|
__proto__: null,
|
|
36177
36358
|
BearerTokenHeaderAuthInjectionStrategyFactory: BearerTokenHeaderAuthInjectionStrategyFactory,
|
|
36178
|
-
FACTORY_META: FACTORY_META$
|
|
36359
|
+
FACTORY_META: FACTORY_META$F,
|
|
36179
36360
|
default: BearerTokenHeaderAuthInjectionStrategyFactory
|
|
36180
36361
|
});
|
|
36181
36362
|
|
|
@@ -36202,7 +36383,7 @@ function normalizeConfig$f(config) {
|
|
|
36202
36383
|
function isTokenVerifier(candidate) {
|
|
36203
36384
|
return Boolean(candidate && typeof candidate.verify === 'function');
|
|
36204
36385
|
}
|
|
36205
|
-
const FACTORY_META$
|
|
36386
|
+
const FACTORY_META$E = {
|
|
36206
36387
|
base: AUTHORIZER_FACTORY_BASE_TYPE,
|
|
36207
36388
|
key: 'DefaultAuthorizer',
|
|
36208
36389
|
};
|
|
@@ -36232,7 +36413,7 @@ class DefaultAuthorizerFactory extends AuthorizerFactory {
|
|
|
36232
36413
|
var defaultAuthorizerFactory = /*#__PURE__*/Object.freeze({
|
|
36233
36414
|
__proto__: null,
|
|
36234
36415
|
DefaultAuthorizerFactory: DefaultAuthorizerFactory,
|
|
36235
|
-
FACTORY_META: FACTORY_META$
|
|
36416
|
+
FACTORY_META: FACTORY_META$E,
|
|
36236
36417
|
default: DefaultAuthorizerFactory
|
|
36237
36418
|
});
|
|
36238
36419
|
|
|
@@ -36243,7 +36424,7 @@ function getJwksJwtTokenVerifierModule() {
|
|
|
36243
36424
|
}
|
|
36244
36425
|
return jwksJwtTokenVerifierModulePromise;
|
|
36245
36426
|
}
|
|
36246
|
-
const FACTORY_META$
|
|
36427
|
+
const FACTORY_META$D = {
|
|
36247
36428
|
base: TOKEN_VERIFIER_FACTORY_BASE_TYPE,
|
|
36248
36429
|
key: 'JWKSJWTTokenVerifier',
|
|
36249
36430
|
};
|
|
@@ -36305,12 +36486,12 @@ function normalizeConfig$e(config) {
|
|
|
36305
36486
|
|
|
36306
36487
|
var jwksJwtTokenVerifierFactory = /*#__PURE__*/Object.freeze({
|
|
36307
36488
|
__proto__: null,
|
|
36308
|
-
FACTORY_META: FACTORY_META$
|
|
36489
|
+
FACTORY_META: FACTORY_META$D,
|
|
36309
36490
|
JWKSTokenVerifierFactory: JWKSTokenVerifierFactory,
|
|
36310
36491
|
default: JWKSTokenVerifierFactory
|
|
36311
36492
|
});
|
|
36312
36493
|
|
|
36313
|
-
const FACTORY_META$
|
|
36494
|
+
const FACTORY_META$C = {
|
|
36314
36495
|
base: TOKEN_ISSUER_FACTORY_BASE_TYPE,
|
|
36315
36496
|
key: 'JWTTokenIssuer',
|
|
36316
36497
|
};
|
|
@@ -36507,12 +36688,12 @@ function getProviderKeyId(provider) {
|
|
|
36507
36688
|
|
|
36508
36689
|
var jwtTokenIssuerFactory = /*#__PURE__*/Object.freeze({
|
|
36509
36690
|
__proto__: null,
|
|
36510
|
-
FACTORY_META: FACTORY_META$
|
|
36691
|
+
FACTORY_META: FACTORY_META$C,
|
|
36511
36692
|
JWTTokenIssuerFactory: JWTTokenIssuerFactory,
|
|
36512
36693
|
default: JWTTokenIssuerFactory
|
|
36513
36694
|
});
|
|
36514
36695
|
|
|
36515
|
-
const FACTORY_META$
|
|
36696
|
+
const FACTORY_META$B = {
|
|
36516
36697
|
base: TOKEN_VERIFIER_FACTORY_BASE_TYPE,
|
|
36517
36698
|
key: 'JWTTokenVerifier',
|
|
36518
36699
|
};
|
|
@@ -36680,7 +36861,7 @@ function getProviderVerificationKey(provider) {
|
|
|
36680
36861
|
|
|
36681
36862
|
var jwtTokenVerifierFactory = /*#__PURE__*/Object.freeze({
|
|
36682
36863
|
__proto__: null,
|
|
36683
|
-
FACTORY_META: FACTORY_META$
|
|
36864
|
+
FACTORY_META: FACTORY_META$B,
|
|
36684
36865
|
JWTTokenVerifierFactory: JWTTokenVerifierFactory,
|
|
36685
36866
|
default: JWTTokenVerifierFactory
|
|
36686
36867
|
});
|
|
@@ -36696,7 +36877,7 @@ class NoneTokenProvider {
|
|
|
36696
36877
|
}
|
|
36697
36878
|
}
|
|
36698
36879
|
|
|
36699
|
-
const FACTORY_META$
|
|
36880
|
+
const FACTORY_META$A = {
|
|
36700
36881
|
base: TOKEN_PROVIDER_FACTORY_BASE_TYPE,
|
|
36701
36882
|
key: 'NoneTokenProvider',
|
|
36702
36883
|
};
|
|
@@ -36713,7 +36894,7 @@ class NoneTokenProviderFactory extends TokenProviderFactory {
|
|
|
36713
36894
|
|
|
36714
36895
|
var noneTokenProviderFactory = /*#__PURE__*/Object.freeze({
|
|
36715
36896
|
__proto__: null,
|
|
36716
|
-
FACTORY_META: FACTORY_META$
|
|
36897
|
+
FACTORY_META: FACTORY_META$A,
|
|
36717
36898
|
NoneTokenProviderFactory: NoneTokenProviderFactory,
|
|
36718
36899
|
default: NoneTokenProviderFactory
|
|
36719
36900
|
});
|
|
@@ -36765,7 +36946,7 @@ class NoopAuthorizer {
|
|
|
36765
36946
|
}
|
|
36766
36947
|
}
|
|
36767
36948
|
|
|
36768
|
-
const FACTORY_META$
|
|
36949
|
+
const FACTORY_META$z = {
|
|
36769
36950
|
base: AUTHORIZER_FACTORY_BASE_TYPE,
|
|
36770
36951
|
key: 'NoopAuthorizer',
|
|
36771
36952
|
};
|
|
@@ -36781,7 +36962,7 @@ class NoopAuthorizerFactory extends AuthorizerFactory {
|
|
|
36781
36962
|
|
|
36782
36963
|
var noopAuthorizerFactory = /*#__PURE__*/Object.freeze({
|
|
36783
36964
|
__proto__: null,
|
|
36784
|
-
FACTORY_META: FACTORY_META$
|
|
36965
|
+
FACTORY_META: FACTORY_META$z,
|
|
36785
36966
|
NoopAuthorizerFactory: NoopAuthorizerFactory,
|
|
36786
36967
|
default: NoopAuthorizerFactory
|
|
36787
36968
|
});
|
|
@@ -36795,7 +36976,7 @@ class NoopTokenIssuer {
|
|
|
36795
36976
|
}
|
|
36796
36977
|
}
|
|
36797
36978
|
|
|
36798
|
-
const FACTORY_META$
|
|
36979
|
+
const FACTORY_META$y = {
|
|
36799
36980
|
base: TOKEN_ISSUER_FACTORY_BASE_TYPE,
|
|
36800
36981
|
key: 'NoopTokenIssuer',
|
|
36801
36982
|
};
|
|
@@ -36811,7 +36992,7 @@ class NoopTokenIssuerFactory extends TokenIssuerFactory {
|
|
|
36811
36992
|
|
|
36812
36993
|
var noopTokenIssuerFactory = /*#__PURE__*/Object.freeze({
|
|
36813
36994
|
__proto__: null,
|
|
36814
|
-
FACTORY_META: FACTORY_META$
|
|
36995
|
+
FACTORY_META: FACTORY_META$y,
|
|
36815
36996
|
NoopTokenIssuerFactory: NoopTokenIssuerFactory,
|
|
36816
36997
|
default: NoopTokenIssuerFactory
|
|
36817
36998
|
});
|
|
@@ -36833,7 +37014,7 @@ class NoopTokenVerifier {
|
|
|
36833
37014
|
}
|
|
36834
37015
|
}
|
|
36835
37016
|
|
|
36836
|
-
const FACTORY_META$
|
|
37017
|
+
const FACTORY_META$x = {
|
|
36837
37018
|
base: TOKEN_VERIFIER_FACTORY_BASE_TYPE,
|
|
36838
37019
|
key: 'NoopTokenVerifier',
|
|
36839
37020
|
};
|
|
@@ -36849,7 +37030,7 @@ class NoopTokenVerifierFactory extends TokenVerifierFactory {
|
|
|
36849
37030
|
|
|
36850
37031
|
var noopTokenVerifierFactory = /*#__PURE__*/Object.freeze({
|
|
36851
37032
|
__proto__: null,
|
|
36852
|
-
FACTORY_META: FACTORY_META$
|
|
37033
|
+
FACTORY_META: FACTORY_META$x,
|
|
36853
37034
|
NoopTokenVerifierFactory: NoopTokenVerifierFactory,
|
|
36854
37035
|
default: NoopTokenVerifierFactory
|
|
36855
37036
|
});
|
|
@@ -36862,7 +37043,7 @@ function getOAuth2AuthorizerModule() {
|
|
|
36862
37043
|
}
|
|
36863
37044
|
return oauth2AuthorizerModulePromise;
|
|
36864
37045
|
}
|
|
36865
|
-
const FACTORY_META$
|
|
37046
|
+
const FACTORY_META$w = {
|
|
36866
37047
|
base: AUTHORIZER_FACTORY_BASE_TYPE,
|
|
36867
37048
|
key: 'OAuth2Authorizer',
|
|
36868
37049
|
};
|
|
@@ -37007,7 +37188,7 @@ function normalizeTokenVerifierConfig({ config, issuer, jwksUrl, algorithm, }) {
|
|
|
37007
37188
|
|
|
37008
37189
|
var oauth2AuthorizerFactory = /*#__PURE__*/Object.freeze({
|
|
37009
37190
|
__proto__: null,
|
|
37010
|
-
FACTORY_META: FACTORY_META$
|
|
37191
|
+
FACTORY_META: FACTORY_META$w,
|
|
37011
37192
|
OAuth2AuthorizerFactory: OAuth2AuthorizerFactory,
|
|
37012
37193
|
default: OAuth2AuthorizerFactory
|
|
37013
37194
|
});
|
|
@@ -37047,7 +37228,7 @@ function normalizeConfig$a(config) {
|
|
|
37047
37228
|
}
|
|
37048
37229
|
return normalized;
|
|
37049
37230
|
}
|
|
37050
|
-
const FACTORY_META$
|
|
37231
|
+
const FACTORY_META$v = {
|
|
37051
37232
|
base: TOKEN_PROVIDER_FACTORY_BASE_TYPE,
|
|
37052
37233
|
key: 'OAuth2ClientCredentialsTokenProvider',
|
|
37053
37234
|
};
|
|
@@ -37078,7 +37259,7 @@ class OAuth2ClientCredentialsTokenProviderFactory extends TokenProviderFactory {
|
|
|
37078
37259
|
|
|
37079
37260
|
var oauth2ClientCredentialsTokenProviderFactory = /*#__PURE__*/Object.freeze({
|
|
37080
37261
|
__proto__: null,
|
|
37081
|
-
FACTORY_META: FACTORY_META$
|
|
37262
|
+
FACTORY_META: FACTORY_META$v,
|
|
37082
37263
|
OAuth2ClientCredentialsTokenProviderFactory: OAuth2ClientCredentialsTokenProviderFactory,
|
|
37083
37264
|
default: OAuth2ClientCredentialsTokenProviderFactory
|
|
37084
37265
|
});
|
|
@@ -37160,7 +37341,7 @@ function normalizeConfig$9(config) {
|
|
|
37160
37341
|
}
|
|
37161
37342
|
return normalized;
|
|
37162
37343
|
}
|
|
37163
|
-
const FACTORY_META$
|
|
37344
|
+
const FACTORY_META$u = {
|
|
37164
37345
|
base: TOKEN_PROVIDER_FACTORY_BASE_TYPE,
|
|
37165
37346
|
key: 'OAuth2PkceTokenProvider',
|
|
37166
37347
|
};
|
|
@@ -37215,7 +37396,7 @@ class OAuth2PkceTokenProviderFactory extends TokenProviderFactory {
|
|
|
37215
37396
|
|
|
37216
37397
|
var oauth2PkceTokenProviderFactory = /*#__PURE__*/Object.freeze({
|
|
37217
37398
|
__proto__: null,
|
|
37218
|
-
FACTORY_META: FACTORY_META$
|
|
37399
|
+
FACTORY_META: FACTORY_META$u,
|
|
37219
37400
|
OAuth2PkceTokenProviderFactory: OAuth2PkceTokenProviderFactory,
|
|
37220
37401
|
default: OAuth2PkceTokenProviderFactory
|
|
37221
37402
|
});
|
|
@@ -37265,7 +37446,7 @@ class QueryParamAuthInjectionStrategy {
|
|
|
37265
37446
|
}
|
|
37266
37447
|
}
|
|
37267
37448
|
|
|
37268
|
-
const FACTORY_META$
|
|
37449
|
+
const FACTORY_META$t = {
|
|
37269
37450
|
base: AUTH_INJECTION_STRATEGY_FACTORY_BASE_TYPE,
|
|
37270
37451
|
key: 'QueryParamAuth',
|
|
37271
37452
|
};
|
|
@@ -37305,7 +37486,7 @@ function normalizeConfig$8(config) {
|
|
|
37305
37486
|
|
|
37306
37487
|
var queryParamAuthInjectionStrategyFactory = /*#__PURE__*/Object.freeze({
|
|
37307
37488
|
__proto__: null,
|
|
37308
|
-
FACTORY_META: FACTORY_META$
|
|
37489
|
+
FACTORY_META: FACTORY_META$t,
|
|
37309
37490
|
QueryParamAuthInjectionStrategyFactory: QueryParamAuthInjectionStrategyFactory,
|
|
37310
37491
|
default: QueryParamAuthInjectionStrategyFactory
|
|
37311
37492
|
});
|
|
@@ -37341,7 +37522,7 @@ function normalizeConfig$7(config) {
|
|
|
37341
37522
|
secretConfig: normalizeSecretSource(secretSource),
|
|
37342
37523
|
};
|
|
37343
37524
|
}
|
|
37344
|
-
const FACTORY_META$
|
|
37525
|
+
const FACTORY_META$s = {
|
|
37345
37526
|
base: AUTHORIZER_FACTORY_BASE_TYPE,
|
|
37346
37527
|
key: 'SharedSecretAuthorizer',
|
|
37347
37528
|
};
|
|
@@ -37360,7 +37541,7 @@ class SharedSecretAuthorizerFactory extends AuthorizerFactory {
|
|
|
37360
37541
|
|
|
37361
37542
|
var sharedSecretAuthorizerFactory = /*#__PURE__*/Object.freeze({
|
|
37362
37543
|
__proto__: null,
|
|
37363
|
-
FACTORY_META: FACTORY_META$
|
|
37544
|
+
FACTORY_META: FACTORY_META$s,
|
|
37364
37545
|
SharedSecretAuthorizerFactory: SharedSecretAuthorizerFactory,
|
|
37365
37546
|
default: SharedSecretAuthorizerFactory
|
|
37366
37547
|
});
|
|
@@ -37396,7 +37577,7 @@ function normalizeConfig$6(config) {
|
|
|
37396
37577
|
secretConfig: normalizeSecretSource(secretSource),
|
|
37397
37578
|
};
|
|
37398
37579
|
}
|
|
37399
|
-
const FACTORY_META$
|
|
37580
|
+
const FACTORY_META$r = {
|
|
37400
37581
|
base: TOKEN_PROVIDER_FACTORY_BASE_TYPE,
|
|
37401
37582
|
key: 'SharedSecretTokenProvider',
|
|
37402
37583
|
};
|
|
@@ -37415,7 +37596,7 @@ class SharedSecretTokenProviderFactory extends TokenProviderFactory {
|
|
|
37415
37596
|
|
|
37416
37597
|
var sharedSecretTokenProviderFactory = /*#__PURE__*/Object.freeze({
|
|
37417
37598
|
__proto__: null,
|
|
37418
|
-
FACTORY_META: FACTORY_META$
|
|
37599
|
+
FACTORY_META: FACTORY_META$r,
|
|
37419
37600
|
SharedSecretTokenProviderFactory: SharedSecretTokenProviderFactory,
|
|
37420
37601
|
default: SharedSecretTokenProviderFactory
|
|
37421
37602
|
});
|
|
@@ -37459,7 +37640,7 @@ function normalizeConfig$5(config) {
|
|
|
37459
37640
|
}
|
|
37460
37641
|
return normalized;
|
|
37461
37642
|
}
|
|
37462
|
-
const FACTORY_META$
|
|
37643
|
+
const FACTORY_META$q = {
|
|
37463
37644
|
base: TOKEN_VERIFIER_FACTORY_BASE_TYPE,
|
|
37464
37645
|
key: 'SharedSecretTokenVerifier',
|
|
37465
37646
|
};
|
|
@@ -37484,7 +37665,7 @@ class SharedSecretTokenVerifierFactory extends TokenVerifierFactory {
|
|
|
37484
37665
|
|
|
37485
37666
|
var sharedSecretTokenVerifierFactory = /*#__PURE__*/Object.freeze({
|
|
37486
37667
|
__proto__: null,
|
|
37487
|
-
FACTORY_META: FACTORY_META$
|
|
37668
|
+
FACTORY_META: FACTORY_META$q,
|
|
37488
37669
|
SharedSecretTokenVerifierFactory: SharedSecretTokenVerifierFactory,
|
|
37489
37670
|
default: SharedSecretTokenVerifierFactory
|
|
37490
37671
|
});
|
|
@@ -37599,7 +37780,7 @@ function normalizeConfig$4(config) {
|
|
|
37599
37780
|
}
|
|
37600
37781
|
return options;
|
|
37601
37782
|
}
|
|
37602
|
-
const FACTORY_META$
|
|
37783
|
+
const FACTORY_META$p = {
|
|
37603
37784
|
base: TOKEN_PROVIDER_FACTORY_BASE_TYPE,
|
|
37604
37785
|
key: 'StaticTokenProvider',
|
|
37605
37786
|
};
|
|
@@ -37616,7 +37797,7 @@ class StaticTokenProviderFactory extends TokenProviderFactory {
|
|
|
37616
37797
|
|
|
37617
37798
|
var staticTokenProviderFactory = /*#__PURE__*/Object.freeze({
|
|
37618
37799
|
__proto__: null,
|
|
37619
|
-
FACTORY_META: FACTORY_META$
|
|
37800
|
+
FACTORY_META: FACTORY_META$p,
|
|
37620
37801
|
StaticTokenProviderFactory: StaticTokenProviderFactory,
|
|
37621
37802
|
default: StaticTokenProviderFactory
|
|
37622
37803
|
});
|
|
@@ -37667,7 +37848,7 @@ class WebSocketSubprotocolAuthInjectionStrategy {
|
|
|
37667
37848
|
}
|
|
37668
37849
|
}
|
|
37669
37850
|
|
|
37670
|
-
const FACTORY_META$
|
|
37851
|
+
const FACTORY_META$o = {
|
|
37671
37852
|
base: AUTH_INJECTION_STRATEGY_FACTORY_BASE_TYPE,
|
|
37672
37853
|
key: 'WebSocketSubprotocolAuth',
|
|
37673
37854
|
};
|
|
@@ -37709,7 +37890,7 @@ function normalizeConfig$3(config) {
|
|
|
37709
37890
|
|
|
37710
37891
|
var websocketSubprotocolAuthInjectionStrategyFactory = /*#__PURE__*/Object.freeze({
|
|
37711
37892
|
__proto__: null,
|
|
37712
|
-
FACTORY_META: FACTORY_META$
|
|
37893
|
+
FACTORY_META: FACTORY_META$o,
|
|
37713
37894
|
WebSocketSubprotocolAuthInjectionStrategyFactory: WebSocketSubprotocolAuthInjectionStrategyFactory,
|
|
37714
37895
|
default: WebSocketSubprotocolAuthInjectionStrategyFactory
|
|
37715
37896
|
});
|
|
@@ -37757,7 +37938,7 @@ class DevFixedKeyCredentialProviderFactory extends CredentialProviderFactory {
|
|
|
37757
37938
|
throw new Error('DevFixedKeyCredentialProvider requires keyHex or keyBase64');
|
|
37758
37939
|
}
|
|
37759
37940
|
}
|
|
37760
|
-
const FACTORY_META$
|
|
37941
|
+
const FACTORY_META$n = {
|
|
37761
37942
|
base: CREDENTIAL_PROVIDER_FACTORY_BASE_TYPE,
|
|
37762
37943
|
key: 'DevFixedKeyCredentialProvider',
|
|
37763
37944
|
};
|
|
@@ -37765,7 +37946,7 @@ const FACTORY_META$m = {
|
|
|
37765
37946
|
var devFixedKeyCredentialProviderFactory = /*#__PURE__*/Object.freeze({
|
|
37766
37947
|
__proto__: null,
|
|
37767
37948
|
DevFixedKeyCredentialProviderFactory: DevFixedKeyCredentialProviderFactory,
|
|
37768
|
-
FACTORY_META: FACTORY_META$
|
|
37949
|
+
FACTORY_META: FACTORY_META$n,
|
|
37769
37950
|
default: DevFixedKeyCredentialProviderFactory,
|
|
37770
37951
|
normalizeDevFixedConfig: normalizeDevFixedConfig
|
|
37771
37952
|
});
|
|
@@ -37781,14 +37962,14 @@ class NoneCredentialProviderFactory extends CredentialProviderFactory {
|
|
|
37781
37962
|
return new NoneCredentialProvider();
|
|
37782
37963
|
}
|
|
37783
37964
|
}
|
|
37784
|
-
const FACTORY_META$
|
|
37965
|
+
const FACTORY_META$m = {
|
|
37785
37966
|
base: CREDENTIAL_PROVIDER_FACTORY_BASE_TYPE,
|
|
37786
37967
|
key: 'NoneCredentialProvider',
|
|
37787
37968
|
};
|
|
37788
37969
|
|
|
37789
37970
|
var noneCredentialProviderFactory = /*#__PURE__*/Object.freeze({
|
|
37790
37971
|
__proto__: null,
|
|
37791
|
-
FACTORY_META: FACTORY_META$
|
|
37972
|
+
FACTORY_META: FACTORY_META$m,
|
|
37792
37973
|
NoneCredentialProviderFactory: NoneCredentialProviderFactory,
|
|
37793
37974
|
default: NoneCredentialProviderFactory
|
|
37794
37975
|
});
|
|
@@ -37826,14 +38007,14 @@ class SessionKeyCredentialProviderFactory extends CredentialProviderFactory {
|
|
|
37826
38007
|
return new SessionKeyCredentialProvider(resolved.length);
|
|
37827
38008
|
}
|
|
37828
38009
|
}
|
|
37829
|
-
const FACTORY_META$
|
|
38010
|
+
const FACTORY_META$l = {
|
|
37830
38011
|
base: CREDENTIAL_PROVIDER_FACTORY_BASE_TYPE,
|
|
37831
38012
|
key: 'SessionKeyCredentialProvider',
|
|
37832
38013
|
};
|
|
37833
38014
|
|
|
37834
38015
|
var sessionKeyCredentialProviderFactory = /*#__PURE__*/Object.freeze({
|
|
37835
38016
|
__proto__: null,
|
|
37836
|
-
FACTORY_META: FACTORY_META$
|
|
38017
|
+
FACTORY_META: FACTORY_META$l,
|
|
37837
38018
|
SessionKeyCredentialProviderFactory: SessionKeyCredentialProviderFactory,
|
|
37838
38019
|
default: SessionKeyCredentialProviderFactory,
|
|
37839
38020
|
normalizeSessionKeyConfig: normalizeSessionKeyConfig
|
|
@@ -37871,9 +38052,10 @@ function normalizeDefaultSecurityManagerConfig(config) {
|
|
|
37871
38052
|
ensureAlias('keyValidator', 'key_validator');
|
|
37872
38053
|
ensureAlias('eventListeners', 'event_listeners');
|
|
37873
38054
|
ensureAlias('cryptoProvider', 'crypto_provider');
|
|
38055
|
+
ensureAlias('trustStoreProvider', 'trust_store_provider');
|
|
37874
38056
|
return normalized;
|
|
37875
38057
|
}
|
|
37876
|
-
const FACTORY_META$
|
|
38058
|
+
const FACTORY_META$k = {
|
|
37877
38059
|
base: SECURITY_MANAGER_FACTORY_BASE_TYPE,
|
|
37878
38060
|
key: 'DefaultSecurityManager',
|
|
37879
38061
|
};
|
|
@@ -37919,6 +38101,7 @@ class DefaultSecurityManagerFactory extends SecurityManagerFactory {
|
|
|
37919
38101
|
const certificateManager = DefaultSecurityManagerFactory.extractInstance(config, 'certificateManager', 'certificate_manager');
|
|
37920
38102
|
const secureChannelManager = DefaultSecurityManagerFactory.extractInstance(config, 'secureChannelManager', 'secure_channel_manager');
|
|
37921
38103
|
const cryptoProvider = DefaultSecurityManagerFactory.extractInstance(config, 'cryptoProvider', 'crypto_provider');
|
|
38104
|
+
const trustStoreProvider = DefaultSecurityManagerFactory.extractInstance(config, 'trustStoreProvider', 'trust_store_provider');
|
|
37922
38105
|
const listenersSource = overrides?.eventListeners ??
|
|
37923
38106
|
config.eventListeners ??
|
|
37924
38107
|
config.event_listeners;
|
|
@@ -37938,10 +38121,11 @@ class DefaultSecurityManagerFactory extends SecurityManagerFactory {
|
|
|
37938
38121
|
secureChannelManager,
|
|
37939
38122
|
eventListeners,
|
|
37940
38123
|
cryptoProvider: cryptoProvider ?? null,
|
|
38124
|
+
trustStoreProvider: trustStoreProvider ?? null,
|
|
37941
38125
|
};
|
|
37942
38126
|
}
|
|
37943
38127
|
static async buildSecurityManager(options) {
|
|
37944
|
-
let { config, createOptions, policy, envelopeSigner, envelopeVerifier, encryptionManager, keyStore, keyManager, keyValidator, authorizer, certificateManager, secureChannelManager, eventListeners, cryptoProvider, } = options;
|
|
38128
|
+
let { config, createOptions, policy, envelopeSigner, envelopeVerifier, encryptionManager, keyStore, keyManager, keyValidator, authorizer, certificateManager, secureChannelManager, eventListeners, cryptoProvider, trustStoreProvider, } = options;
|
|
37945
38129
|
if (!keyStore) {
|
|
37946
38130
|
keyStore = await DefaultSecurityManagerFactory.getOrCreateKeyStore(config, createOptions ?? null);
|
|
37947
38131
|
}
|
|
@@ -37954,6 +38138,10 @@ class DefaultSecurityManagerFactory extends SecurityManagerFactory {
|
|
|
37954
38138
|
if (!policy) {
|
|
37955
38139
|
throw new Error('DefaultSecurityManagerFactory could not resolve a SecurityPolicy');
|
|
37956
38140
|
}
|
|
38141
|
+
if (!trustStoreProvider) {
|
|
38142
|
+
trustStoreProvider =
|
|
38143
|
+
await TrustStoreProviderFactory.createTrustStoreProvider();
|
|
38144
|
+
}
|
|
37957
38145
|
if (!keyManager) {
|
|
37958
38146
|
keyManager =
|
|
37959
38147
|
await DefaultSecurityManagerFactory.createKeyManagerFromConfig(config, policy, keyStore, createOptions ?? null);
|
|
@@ -37964,7 +38152,7 @@ class DefaultSecurityManagerFactory extends SecurityManagerFactory {
|
|
|
37964
38152
|
}
|
|
37965
38153
|
if (!envelopeVerifier) {
|
|
37966
38154
|
envelopeVerifier =
|
|
37967
|
-
await DefaultSecurityManagerFactory.createEnvelopeVerifierFromConfig(config, policy, keyManager);
|
|
38155
|
+
await DefaultSecurityManagerFactory.createEnvelopeVerifierFromConfig(config, policy, keyManager, trustStoreProvider);
|
|
37968
38156
|
}
|
|
37969
38157
|
if (!encryptionManager || !secureChannelManager) {
|
|
37970
38158
|
const encryptionResult = await DefaultSecurityManagerFactory.createEncryptionManagerFromConfig(config, policy, keyManager, secureChannelManager, cryptoProvider ?? null);
|
|
@@ -38064,7 +38252,7 @@ class DefaultSecurityManagerFactory extends SecurityManagerFactory {
|
|
|
38064
38252
|
throw error instanceof Error ? error : new Error(String(error));
|
|
38065
38253
|
}
|
|
38066
38254
|
}
|
|
38067
|
-
static async createEnvelopeVerifierFromConfig(config, policy, keyManager) {
|
|
38255
|
+
static async createEnvelopeVerifierFromConfig(config, policy, keyManager, trustStoreProvider) {
|
|
38068
38256
|
const verifierConfig = config.envelope_verifier ?? config.envelopeVerifier ?? null;
|
|
38069
38257
|
if (verifierConfig &&
|
|
38070
38258
|
DefaultSecurityManagerFactory.isConfigLike(verifierConfig)) {
|
|
@@ -38088,7 +38276,7 @@ class DefaultSecurityManagerFactory extends SecurityManagerFactory {
|
|
|
38088
38276
|
}
|
|
38089
38277
|
const signing = policy.signing ?? null;
|
|
38090
38278
|
return await EnvelopeVerifierFactory.createEnvelopeVerifier(null, {
|
|
38091
|
-
factoryArgs: [keyManager, signing ?? null],
|
|
38279
|
+
factoryArgs: [keyManager, signing ?? null, { trustStoreProvider }],
|
|
38092
38280
|
});
|
|
38093
38281
|
}
|
|
38094
38282
|
catch (error) {
|
|
@@ -38329,11 +38517,11 @@ class DefaultSecurityManagerFactory extends SecurityManagerFactory {
|
|
|
38329
38517
|
var defaultSecurityManagerFactory = /*#__PURE__*/Object.freeze({
|
|
38330
38518
|
__proto__: null,
|
|
38331
38519
|
DefaultSecurityManagerFactory: DefaultSecurityManagerFactory,
|
|
38332
|
-
FACTORY_META: FACTORY_META$
|
|
38520
|
+
FACTORY_META: FACTORY_META$k,
|
|
38333
38521
|
default: DefaultSecurityManagerFactory
|
|
38334
38522
|
});
|
|
38335
38523
|
|
|
38336
|
-
const FACTORY_META$
|
|
38524
|
+
const FACTORY_META$j = {
|
|
38337
38525
|
base: ENCRYPTION_MANAGER_FACTORY_BASE_TYPE,
|
|
38338
38526
|
key: 'NoopEncryptionManager',
|
|
38339
38527
|
};
|
|
@@ -38390,7 +38578,7 @@ class NoopEncryptionManagerFactory extends EncryptionManagerFactory {
|
|
|
38390
38578
|
|
|
38391
38579
|
var noopEncryptionManagerFactory = /*#__PURE__*/Object.freeze({
|
|
38392
38580
|
__proto__: null,
|
|
38393
|
-
FACTORY_META: FACTORY_META$
|
|
38581
|
+
FACTORY_META: FACTORY_META$j,
|
|
38394
38582
|
NoopEncryptionManagerFactory: NoopEncryptionManagerFactory,
|
|
38395
38583
|
default: NoopEncryptionManagerFactory
|
|
38396
38584
|
});
|
|
@@ -38462,7 +38650,7 @@ class NoopSecureChannelManager {
|
|
|
38462
38650
|
}
|
|
38463
38651
|
}
|
|
38464
38652
|
|
|
38465
|
-
const FACTORY_META$
|
|
38653
|
+
const FACTORY_META$i = {
|
|
38466
38654
|
base: SECURE_CHANNEL_MANAGER_FACTORY_BASE_TYPE,
|
|
38467
38655
|
key: 'NoopSecureChannelManager',
|
|
38468
38656
|
};
|
|
@@ -38479,12 +38667,12 @@ class NoopSecureChannelManagerFactory extends SecureChannelManagerFactory {
|
|
|
38479
38667
|
|
|
38480
38668
|
var noopSecureChannelManagerFactory = /*#__PURE__*/Object.freeze({
|
|
38481
38669
|
__proto__: null,
|
|
38482
|
-
FACTORY_META: FACTORY_META$
|
|
38670
|
+
FACTORY_META: FACTORY_META$i,
|
|
38483
38671
|
NoopSecureChannelManagerFactory: NoopSecureChannelManagerFactory,
|
|
38484
38672
|
default: NoopSecureChannelManagerFactory
|
|
38485
38673
|
});
|
|
38486
38674
|
|
|
38487
|
-
const FACTORY_META$
|
|
38675
|
+
const FACTORY_META$h = {
|
|
38488
38676
|
base: KEY_MANAGER_FACTORY_BASE_TYPE,
|
|
38489
38677
|
key: 'DefaultKeyManager',
|
|
38490
38678
|
};
|
|
@@ -38513,7 +38701,7 @@ class DefaultKeyManagerFactory extends KeyManagerFactory {
|
|
|
38513
38701
|
var defaultKeyManagerFactory = /*#__PURE__*/Object.freeze({
|
|
38514
38702
|
__proto__: null,
|
|
38515
38703
|
DefaultKeyManagerFactory: DefaultKeyManagerFactory,
|
|
38516
|
-
FACTORY_META: FACTORY_META$
|
|
38704
|
+
FACTORY_META: FACTORY_META$h,
|
|
38517
38705
|
default: DefaultKeyManagerFactory
|
|
38518
38706
|
});
|
|
38519
38707
|
|
|
@@ -38698,7 +38886,7 @@ class InMemoryKeyStore extends KeyStore {
|
|
|
38698
38886
|
}
|
|
38699
38887
|
registerDefaultKeyStoreFactory(() => new InMemoryKeyStore());
|
|
38700
38888
|
|
|
38701
|
-
const FACTORY_META$
|
|
38889
|
+
const FACTORY_META$g = {
|
|
38702
38890
|
base: KEY_STORE_FACTORY_BASE_TYPE,
|
|
38703
38891
|
key: 'InMemoryKeyStore',
|
|
38704
38892
|
};
|
|
@@ -38733,12 +38921,12 @@ class InMemoryKeyStoreFactory extends KeyStoreFactory {
|
|
|
38733
38921
|
|
|
38734
38922
|
var inMemoryKeyStoreFactory = /*#__PURE__*/Object.freeze({
|
|
38735
38923
|
__proto__: null,
|
|
38736
|
-
FACTORY_META: FACTORY_META$
|
|
38924
|
+
FACTORY_META: FACTORY_META$g,
|
|
38737
38925
|
InMemoryKeyStoreFactory: InMemoryKeyStoreFactory,
|
|
38738
38926
|
default: InMemoryKeyStoreFactory
|
|
38739
38927
|
});
|
|
38740
38928
|
|
|
38741
|
-
const FACTORY_META$
|
|
38929
|
+
const FACTORY_META$f = {
|
|
38742
38930
|
base: ATTACHMENT_KEY_VALIDATOR_FACTORY_BASE_TYPE,
|
|
38743
38931
|
key: 'NoopKeyValidator',
|
|
38744
38932
|
};
|
|
@@ -38756,12 +38944,12 @@ class NoopKeyValidatorFactory extends AttachmentKeyValidatorFactory {
|
|
|
38756
38944
|
|
|
38757
38945
|
var noopKeyValidatorFactory = /*#__PURE__*/Object.freeze({
|
|
38758
38946
|
__proto__: null,
|
|
38759
|
-
FACTORY_META: FACTORY_META$
|
|
38947
|
+
FACTORY_META: FACTORY_META$f,
|
|
38760
38948
|
NoopKeyValidatorFactory: NoopKeyValidatorFactory,
|
|
38761
38949
|
default: NoopKeyValidatorFactory
|
|
38762
38950
|
});
|
|
38763
38951
|
|
|
38764
|
-
const FACTORY_META$
|
|
38952
|
+
const FACTORY_META$e = {
|
|
38765
38953
|
base: SECURITY_POLICY_FACTORY_BASE_TYPE,
|
|
38766
38954
|
key: 'DefaultSecurityPolicy',
|
|
38767
38955
|
};
|
|
@@ -38822,11 +39010,11 @@ function normalizeConfig$2(config) {
|
|
|
38822
39010
|
var defaultSecurityPolicyFactory = /*#__PURE__*/Object.freeze({
|
|
38823
39011
|
__proto__: null,
|
|
38824
39012
|
DefaultSecurityPolicyFactory: DefaultSecurityPolicyFactory,
|
|
38825
|
-
FACTORY_META: FACTORY_META$
|
|
39013
|
+
FACTORY_META: FACTORY_META$e,
|
|
38826
39014
|
default: DefaultSecurityPolicyFactory
|
|
38827
39015
|
});
|
|
38828
39016
|
|
|
38829
|
-
const FACTORY_META$
|
|
39017
|
+
const FACTORY_META$d = {
|
|
38830
39018
|
base: SECURITY_POLICY_FACTORY_BASE_TYPE,
|
|
38831
39019
|
key: 'NoSecurityPolicy',
|
|
38832
39020
|
};
|
|
@@ -38854,7 +39042,7 @@ function normalizeConfig$1(config) {
|
|
|
38854
39042
|
|
|
38855
39043
|
var noSecurityPolicyFactory = /*#__PURE__*/Object.freeze({
|
|
38856
39044
|
__proto__: null,
|
|
38857
|
-
FACTORY_META: FACTORY_META$
|
|
39045
|
+
FACTORY_META: FACTORY_META$d,
|
|
38858
39046
|
NoSecurityPolicyFactory: NoSecurityPolicyFactory,
|
|
38859
39047
|
default: NoSecurityPolicyFactory
|
|
38860
39048
|
});
|
|
@@ -38869,7 +39057,7 @@ async function getEdDSAEnvelopeSignerModule() {
|
|
|
38869
39057
|
}
|
|
38870
39058
|
return eddsaEnvelopeSignerModulePromise;
|
|
38871
39059
|
}
|
|
38872
|
-
const FACTORY_META$
|
|
39060
|
+
const FACTORY_META$c = {
|
|
38873
39061
|
base: ENVELOPE_SIGNER_FACTORY_BASE_TYPE,
|
|
38874
39062
|
key: 'EdDSAEnvelopeSigner',
|
|
38875
39063
|
};
|
|
@@ -38898,7 +39086,7 @@ class EdDSAEnvelopeSignerFactory extends EnvelopeSignerFactory {
|
|
|
38898
39086
|
var eddsaEnvelopeSignerFactory = /*#__PURE__*/Object.freeze({
|
|
38899
39087
|
__proto__: null,
|
|
38900
39088
|
EdDSAEnvelopeSignerFactory: EdDSAEnvelopeSignerFactory,
|
|
38901
|
-
FACTORY_META: FACTORY_META$
|
|
39089
|
+
FACTORY_META: FACTORY_META$c,
|
|
38902
39090
|
default: EdDSAEnvelopeSignerFactory
|
|
38903
39091
|
});
|
|
38904
39092
|
|
|
@@ -38912,7 +39100,7 @@ async function getEdDSAEnvelopeVerifierModule() {
|
|
|
38912
39100
|
}
|
|
38913
39101
|
return eddsaEnvelopeVerifierModulePromise;
|
|
38914
39102
|
}
|
|
38915
|
-
const FACTORY_META$
|
|
39103
|
+
const FACTORY_META$b = {
|
|
38916
39104
|
base: ENVELOPE_VERIFIER_FACTORY_BASE_TYPE,
|
|
38917
39105
|
key: 'EdDSAEnvelopeVerifier',
|
|
38918
39106
|
};
|
|
@@ -38938,10 +39126,35 @@ class EdDSAEnvelopeVerifierFactory extends EnvelopeVerifierFactory {
|
|
|
38938
39126
|
var eddsaEnvelopeVerifierFactory = /*#__PURE__*/Object.freeze({
|
|
38939
39127
|
__proto__: null,
|
|
38940
39128
|
EdDSAEnvelopeVerifierFactory: EdDSAEnvelopeVerifierFactory,
|
|
38941
|
-
FACTORY_META: FACTORY_META$
|
|
39129
|
+
FACTORY_META: FACTORY_META$b,
|
|
38942
39130
|
default: EdDSAEnvelopeVerifierFactory
|
|
38943
39131
|
});
|
|
38944
39132
|
|
|
39133
|
+
const FACTORY_META$a = {
|
|
39134
|
+
base: TRUST_STORE_PROVIDER_FACTORY_BASE_TYPE,
|
|
39135
|
+
key: "NoopTrustStoreProvider",
|
|
39136
|
+
isDefault: true,
|
|
39137
|
+
priority: 10,
|
|
39138
|
+
};
|
|
39139
|
+
class NoopTrustStoreProviderFactory extends TrustStoreProviderFactory {
|
|
39140
|
+
constructor() {
|
|
39141
|
+
super(...arguments);
|
|
39142
|
+
this.type = "NoopTrustStoreProvider";
|
|
39143
|
+
this.isDefault = true;
|
|
39144
|
+
this.priority = 10;
|
|
39145
|
+
}
|
|
39146
|
+
async create(_config, ..._factoryArgs) {
|
|
39147
|
+
return new NoopTrustStoreProvider();
|
|
39148
|
+
}
|
|
39149
|
+
}
|
|
39150
|
+
|
|
39151
|
+
var noopTrustStoreProviderFactory = /*#__PURE__*/Object.freeze({
|
|
39152
|
+
__proto__: null,
|
|
39153
|
+
FACTORY_META: FACTORY_META$a,
|
|
39154
|
+
NoopTrustStoreProviderFactory: NoopTrustStoreProviderFactory,
|
|
39155
|
+
default: NoopTrustStoreProviderFactory
|
|
39156
|
+
});
|
|
39157
|
+
|
|
38945
39158
|
const FACTORY_META$9 = {
|
|
38946
39159
|
base: ROUTING_POLICY_FACTORY_BASE,
|
|
38947
39160
|
key: 'CapabilityAwareRoutingPolicy',
|
|
@@ -41588,146 +41801,6 @@ var sharedSecretTokenVerifier = /*#__PURE__*/Object.freeze({
|
|
|
41588
41801
|
SharedSecretTokenVerifier: SharedSecretTokenVerifier
|
|
41589
41802
|
});
|
|
41590
41803
|
|
|
41591
|
-
if (!hashes.sha512) {
|
|
41592
|
-
hashes.sha512 = (message) => sha512(message);
|
|
41593
|
-
}
|
|
41594
|
-
function normalizeSignerOptions(options) {
|
|
41595
|
-
if (!options || typeof options !== 'object') {
|
|
41596
|
-
return {};
|
|
41597
|
-
}
|
|
41598
|
-
const candidate = options;
|
|
41599
|
-
const result = {
|
|
41600
|
-
...options,
|
|
41601
|
-
};
|
|
41602
|
-
const cryptoProvider = resolveAlias(candidate, ['cryptoProvider', 'crypto_provider']);
|
|
41603
|
-
if (cryptoProvider !== undefined) {
|
|
41604
|
-
result.cryptoProvider = cryptoProvider ?? null;
|
|
41605
|
-
}
|
|
41606
|
-
const signingConfig = resolveAlias(candidate, ['signingConfig', 'signing_config']);
|
|
41607
|
-
if (signingConfig !== undefined) {
|
|
41608
|
-
result.signingConfig = signingConfig;
|
|
41609
|
-
}
|
|
41610
|
-
const privateKeyPem = resolveAlias(candidate, [
|
|
41611
|
-
'privateKeyPem',
|
|
41612
|
-
'private_key_pem',
|
|
41613
|
-
]);
|
|
41614
|
-
if (privateKeyPem !== undefined) {
|
|
41615
|
-
result.privateKeyPem = privateKeyPem;
|
|
41616
|
-
}
|
|
41617
|
-
const keyId = resolveAlias(candidate, [
|
|
41618
|
-
'keyId',
|
|
41619
|
-
'key_id',
|
|
41620
|
-
]);
|
|
41621
|
-
if (keyId !== undefined) {
|
|
41622
|
-
result.keyId = keyId;
|
|
41623
|
-
}
|
|
41624
|
-
return result;
|
|
41625
|
-
}
|
|
41626
|
-
class EdDSAEnvelopeSigner {
|
|
41627
|
-
constructor(options = {}) {
|
|
41628
|
-
const normalized = normalizeSignerOptions(options);
|
|
41629
|
-
const provider = normalized.cryptoProvider ?? null;
|
|
41630
|
-
if (!provider) {
|
|
41631
|
-
throw new Error('No crypto provider is configured for signing');
|
|
41632
|
-
}
|
|
41633
|
-
this.crypto = provider;
|
|
41634
|
-
const signingConfigOption = normalized.signingConfig;
|
|
41635
|
-
if (signingConfigOption instanceof SigningConfig) {
|
|
41636
|
-
this.signingConfig = signingConfigOption;
|
|
41637
|
-
}
|
|
41638
|
-
else if (signingConfigOption) {
|
|
41639
|
-
this.signingConfig = new SigningConfig(signingConfigOption);
|
|
41640
|
-
}
|
|
41641
|
-
else {
|
|
41642
|
-
this.signingConfig = new SigningConfig();
|
|
41643
|
-
}
|
|
41644
|
-
this.explicitPrivateKey = normalized.privateKeyPem;
|
|
41645
|
-
this.explicitKeyId = normalized.keyId;
|
|
41646
|
-
}
|
|
41647
|
-
signEnvelope(envelope, { physicalPath }) {
|
|
41648
|
-
if (!envelope.sid) {
|
|
41649
|
-
throw new Error('Envelope missing sid');
|
|
41650
|
-
}
|
|
41651
|
-
const frame = envelope.frame;
|
|
41652
|
-
if (frame.type === 'Data') {
|
|
41653
|
-
const dataFrame = frame;
|
|
41654
|
-
if (!dataFrame.pd) {
|
|
41655
|
-
const payload = dataFrame.payload ?? '';
|
|
41656
|
-
const payloadString = payload === '' ? '' : canonicalJson(payload);
|
|
41657
|
-
dataFrame.pd = secureDigest(payloadString);
|
|
41658
|
-
}
|
|
41659
|
-
}
|
|
41660
|
-
const digest = frameDigest(frame);
|
|
41661
|
-
const immutable = canonicalJson(immutableHeaders(envelope));
|
|
41662
|
-
const sidDigest = secureDigest(physicalPath);
|
|
41663
|
-
const tbs = new Uint8Array(encodeUtf8(sidDigest).length +
|
|
41664
|
-
1 +
|
|
41665
|
-
encodeUtf8(immutable).length +
|
|
41666
|
-
1 +
|
|
41667
|
-
encodeUtf8(digest).length);
|
|
41668
|
-
const sidBytes = encodeUtf8(sidDigest);
|
|
41669
|
-
const immBytes = encodeUtf8(immutable);
|
|
41670
|
-
const digBytes = encodeUtf8(digest);
|
|
41671
|
-
let offset = 0;
|
|
41672
|
-
tbs.set(sidBytes, offset);
|
|
41673
|
-
offset += sidBytes.length;
|
|
41674
|
-
tbs[offset] = 0x1f;
|
|
41675
|
-
offset += 1;
|
|
41676
|
-
tbs.set(immBytes, offset);
|
|
41677
|
-
offset += immBytes.length;
|
|
41678
|
-
tbs[offset] = 0x1f;
|
|
41679
|
-
offset += 1;
|
|
41680
|
-
tbs.set(digBytes, offset);
|
|
41681
|
-
const privateKey = this.loadPrivateKey();
|
|
41682
|
-
const signatureBytes = sign(tbs, privateKey);
|
|
41683
|
-
const signature = urlsafeBase64Encode(signatureBytes);
|
|
41684
|
-
const kid = this.determineKeyId();
|
|
41685
|
-
const signatureHeader = {
|
|
41686
|
-
kid,
|
|
41687
|
-
val: signature,
|
|
41688
|
-
alg: 'EdDSA',
|
|
41689
|
-
};
|
|
41690
|
-
const secHeader = envelope.sec ?? {};
|
|
41691
|
-
secHeader.sig = signatureHeader;
|
|
41692
|
-
envelope.sec = secHeader;
|
|
41693
|
-
return envelope;
|
|
41694
|
-
}
|
|
41695
|
-
loadPrivateKey() {
|
|
41696
|
-
const pem = this.explicitPrivateKey ??
|
|
41697
|
-
readStringProperty(this.crypto, 'signingPrivatePem', 'signing_private_pem');
|
|
41698
|
-
if (!pem) {
|
|
41699
|
-
throw new Error('Crypto provider does not expose a signing private key');
|
|
41700
|
-
}
|
|
41701
|
-
return parseEd25519PrivateKey(pem);
|
|
41702
|
-
}
|
|
41703
|
-
determineKeyId() {
|
|
41704
|
-
if (this.explicitKeyId) {
|
|
41705
|
-
return this.explicitKeyId;
|
|
41706
|
-
}
|
|
41707
|
-
if (this.signingConfig.signingMaterial === SigningMaterial.X509_CHAIN) {
|
|
41708
|
-
const certificateProvider = this
|
|
41709
|
-
.crypto;
|
|
41710
|
-
const jwk = certificateProvider.nodeJwk?.();
|
|
41711
|
-
if (jwk && typeof jwk === 'object' && 'kid' in jwk && 'x5c' in jwk) {
|
|
41712
|
-
const kid = jwk.kid;
|
|
41713
|
-
if (typeof kid === 'string' && kid.length > 0) {
|
|
41714
|
-
return kid;
|
|
41715
|
-
}
|
|
41716
|
-
}
|
|
41717
|
-
}
|
|
41718
|
-
const fallback = readStringProperty(this.crypto, 'signatureKeyId', 'signature_key_id');
|
|
41719
|
-
if (!fallback) {
|
|
41720
|
-
throw new Error('Crypto provider does not expose a signature key id');
|
|
41721
|
-
}
|
|
41722
|
-
return fallback;
|
|
41723
|
-
}
|
|
41724
|
-
}
|
|
41725
|
-
|
|
41726
|
-
var eddsaEnvelopeSigner = /*#__PURE__*/Object.freeze({
|
|
41727
|
-
__proto__: null,
|
|
41728
|
-
EdDSAEnvelopeSigner: EdDSAEnvelopeSigner
|
|
41729
|
-
});
|
|
41730
|
-
|
|
41731
41804
|
async function loadPublicKey(jwk, signingConfig) {
|
|
41732
41805
|
if (jwk.x5c) {
|
|
41733
41806
|
if (signingConfig.signingMaterial !== SigningMaterial.X509_CHAIN) {
|
|
@@ -41965,4 +42038,4 @@ var websocketTransportProvisioner = /*#__PURE__*/Object.freeze({
|
|
|
41965
42038
|
WebSocketTransportProvisionerFactory: WebSocketTransportProvisionerFactory
|
|
41966
42039
|
});
|
|
41967
42040
|
|
|
41968
|
-
export { ADMISSION_CLIENT_FACTORY_BASE_TYPE, ATTACHMENT_KEY_VALIDATOR_FACTORY_BASE_TYPE, AUTHORIZER_FACTORY_BASE_TYPE, AUTH_INJECTION_STRATEGY_FACTORY_BASE_TYPE, AnsiColor, AsyncLock, AttachmentKeyValidator, AuthInjectionStrategyFactory, AuthorizerFactory, BROADCAST_CHANNEL_CONNECTION_GRANT_TYPE, BackPressureFull, BaseAsyncConnector, BaseNodeEventListener, BindingManager, BindingStoreEntryRecord, BrowserAutoKeyCredentialProvider, BrowserWrappedKeyCredentialProvider, CERTIFICATE_MANAGER_FACTORY_BASE_TYPE, CREDENTIAL_PROVIDER_FACTORY_BASE_TYPE, CRYPTO_LEVEL_SECURITY_ORDER, CertificateManagerFactory, ConnectorConfigDefaults, ConnectorFactory, ConsoleMetricsEmitter, CryptoLevel, FACTORY_META$
|
|
42041
|
+
export { ADMISSION_CLIENT_FACTORY_BASE_TYPE, ATTACHMENT_KEY_VALIDATOR_FACTORY_BASE_TYPE, AUTHORIZER_FACTORY_BASE_TYPE, AUTH_INJECTION_STRATEGY_FACTORY_BASE_TYPE, AnsiColor, AsyncLock, AttachmentKeyValidator, AuthInjectionStrategyFactory, AuthorizerFactory, BROADCAST_CHANNEL_CONNECTION_GRANT_TYPE, BackPressureFull, BaseAsyncConnector, BaseNodeEventListener, BindingManager, BindingStoreEntryRecord, BrowserAutoKeyCredentialProvider, BrowserWrappedKeyCredentialProvider, CERTIFICATE_MANAGER_FACTORY_BASE_TYPE, CREDENTIAL_PROVIDER_FACTORY_BASE_TYPE, CRYPTO_LEVEL_SECURITY_ORDER, CertificateManagerFactory, ConnectorConfigDefaults, ConnectorFactory, ConsoleMetricsEmitter, CryptoLevel, FACTORY_META$_ as DEFAULT_WELCOME_FACTORY_META, DefaultCryptoProvider, DefaultHttpServer, DefaultKeyManager, DefaultSecurityManager, DefaultSecurityPolicy, DefaultWelcomeService, DefaultWelcomeServiceFactory, DevFixedKeyCredentialProvider, ENCRYPTION_MANAGER_FACTORY_BASE_TYPE, ENVELOPE_SIGNER_FACTORY_BASE_TYPE, ENVELOPE_VERIFIER_FACTORY_BASE_TYPE, ENV_VAR_DEFAULT_ENCRYPTION_LEVEL, ENV_VAR_HMAC_SECRET, ENV_VAR_JWKS_URL, ENV_VAR_JWT_ALGORITHM$2 as ENV_VAR_JWT_ALGORITHM, ENV_VAR_JWT_AUDIENCE$2 as ENV_VAR_JWT_AUDIENCE, ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE, ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER, ENV_VAR_JWT_TRUSTED_ISSUER, ENV_VAR_SHOW_ENVELOPES$1 as ENV_VAR_SHOW_ENVELOPES, EdDSAEnvelopeSigner, EncryptedKeyValueStore, EncryptedStorageProviderBase, EncryptedValue, EncryptionConfiguration, EncryptionManagerFactory, EncryptionResult, EncryptionStatus, EnvCredentialProvider, EnvelopeContext, EnvelopeListenerManager, EnvelopeSecurityHandler, EnvelopeSignerFactory, EnvelopeVerifierFactory, FACTORY_META$$ as FACTORY_META, FAME_FABRIC_FACTORY_BASE_TYPE, FIXED_PREFIX_LEN, FameAuthorizedDeliveryContextSchema, FameConnectError, FameEnvironmentContext, FameError, FameMessageTooLarge, FameNode, FameNodeAuthorizationContextSchema, FameProtocolError, FameTransportClose, FlowController, GRANT_PURPOSE_NODE_ATTACH, HTTP_CONNECTION_GRANT_TYPE, HTTP_STATELESS_CONNECTOR_TYPE, HttpListener, HttpStatelessConnector, INPAGE_CONNECTION_GRANT_TYPE, INPAGE_CONNECTOR_TYPE, InMemoryBinding, InMemoryFanoutBroker, InMemoryKeyValueStore, InMemoryReadWriteChannel, InMemoryStorageProvider, InPageConnector, InPageListener, InProcessFameFabric, InProcessFameFabricFactory, IndexedDBKeyValueStore, IndexedDBStorageProvider, InvalidPassphraseError, JWKValidationError, KEY_MANAGER_FACTORY_BASE_TYPE, KEY_STORE_FACTORY_BASE_TYPE, KeyInfo, KeyManagementHandler, KeyManagerFactory, KeyStore, KeyStoreFactory, KeyValidationError, LOAD_BALANCER_STICKINESS_MANAGER_FACTORY_BASE_TYPE, LoadBalancerStickinessManagerFactory, LogLevel, LogLevelNames, MemoryMetricsEmitter, NODE_LIKE_FACTORY_BASE_TYPE, NODE_PLACEMENT_STRATEGY_FACTORY_BASE_TYPE, NoOpMetricsEmitter, NoSecurityPolicy, NodeFactory, NodePlacementStrategyFactory, NoneCredentialProvider, NoopEncryptionManager, NoopKeyValidator, NoopTrustStoreProvider, NotAuthorized, PROFILE_NAME_GATED, PROFILE_NAME_GATED_CALLBACK, PROFILE_NAME_OPEN$1 as PROFILE_NAME_OPEN, PROFILE_NAME_OVERLAY, PROFILE_NAME_OVERLAY_CALLBACK, PROFILE_NAME_STRICT_OVERLAY, PromptCredentialProvider, QueueFullError, REPLICA_STICKINESS_MANAGER_FACTORY_BASE_TYPE, REQUIRED_FIELDS_BY_KTY, ReplicaStickinessManagerFactory, RootSessionManager, RouteManager, RpcMixin, RpcProxy, SEALED_ENVELOPE_NONCE_LENGTH, SEALED_ENVELOPE_OVERHEAD, SEALED_ENVELOPE_PRIVATE_KEY_LENGTH, SEALED_ENVELOPE_PUBLIC_KEY_LENGTH, SEALED_ENVELOPE_TAG_LENGTH, SECURE_CHANNEL_MANAGER_FACTORY_BASE_TYPE, SECURITY_MANAGER_FACTORY_BASE_TYPE, SECURITY_POLICY_FACTORY_BASE_TYPE, SQLiteKeyValueStore, SQLiteStorageProvider, STORAGE_PROVIDER_FACTORY_BASE_TYPE, SecretSource, SecretStoreCredentialProvider, SecureChannelFrameHandler, SecureChannelManagerFactory, SecurityAction, SecurityRequirements, Sentinel, SentinelFactory, SessionKeyCredentialProvider, SignaturePolicy, SigningConfig as SigningConfigClass, SigningConfiguration, SimpleLoadBalancerStickinessManager, SimpleLoadBalancerStickinessManagerFactory, StaticCredentialProvider, StorageAESEncryptionManager, TOKEN_ISSUER_FACTORY_BASE_TYPE, TOKEN_PROVIDER_FACTORY_BASE_TYPE, TOKEN_VERIFIER_FACTORY_BASE_TYPE, TRANSPORT_LISTENER_FACTORY_BASE_TYPE, TRANSPORT_PROVISIONER_FACTORY_BASE_TYPE, TRUST_STORE_PROVIDER_FACTORY_BASE_TYPE, TaskSpawner, TokenIssuerFactory, TokenProviderFactory, TokenVerifierFactory, TransportListener, TransportProvisionerFactory, TrustStoreProviderFactory, TtlValidationError, UpstreamSessionManager, VALID_CURVES_BY_KTY, VALID_KEY_USES, VERSION, WEBSOCKET_CONNECTION_GRANT_TYPE, WELCOME_SERVICE_FACTORY_BASE_TYPE, WebSocketCloseCode, WebSocketConnector, WebSocketListener, WebSocketState, WelcomeServiceFactory, _NoopFlowController, __runtimePluginLoader, addEnvelopeFields, addLogLevel, addTimestamp, assertConnectionGrant, assertGrant, basicConfig, broadcastChannelGrantToConnectorConfig, camelToSnakeCase, canonicalJson, capitalizeFirstLetter, color, compareCryptoLevels, compiledPathPattern, consoleTransport, convertWildcardLogicalToDnsConstraint, createConnectorConfig, createEd25519Keypair, createHostLogicalUri, createJwksRouter, createLogicalUri, createNodeDeliveryContext, createApp as createOAuth2ServerApp, createOAuth2TokenRouter, createOpenIDConfigurationRouter, createResource, createRpcProxy, createRsaKeypair, createTransportCloseError, createX25519Keypair, credentialToString, currentTraceId$1 as currentTraceId, debounce, decodeBase64Url, decodeFameDataPayload, deepMerge, defaultJsonEncoder, delay, dropEmpty, enableLogging, encodeUtf8, ensureRuntimeFactoriesRegistered, extractId, extractPoolAddressBase, extractPoolBase, filterKeysByUse, formatTimestamp, formatTimestampForConsole$1 as formatTimestampForConsole, frameDigest, getCurrentEnvelope, getFameRoot, getHttpListenerInstance, getInPageListenerInstance, getKeyProvider, getKeyStore, getLogger, getWebsocketListenerInstance, hasCryptoSupport, hostnameToLogical, hostnamesToLogicals, httpGrantToConnectorConfig, immutableHeaders, inPageGrantToConnectorConfig, isAuthInjectionStrategy, isBroadcastChannelConnectionGrant, isConnectionGrant, isConnectorConfig, isEnvelopeLoggingEnabled, isFameError, isFameErrorType, isGrant, isHttpConnectionGrant, isInPageConnectionGrant, isNodeLike, isPlainObject$3 as isPlainObject, isPoolAddress, isPoolLogical, isRegisterable, isTokenExpired, isTokenProvider, isTokenValid, isWebSocketConnectionGrant, jsonDumps, logicalPatternsToDnsConstraints, logicalToHostname, logicalsToHostnames, matchesPoolAddress, matchesPoolLogical, maybeAwait, nodeWelcomeRouter, nodeWelcomeRouterPlugin, normalizeBroadcastChannelConnectionGrant, normalizeEncryptionConfig, normalizeEnvelopeSnapshot, normalizeExtendedFameConfig, normalizeHttpConnectionGrant, normalizeInPageConnectionGrant, normalizeInboundCryptoRules, normalizeInboundSigningRules, normalizeOutboundCryptoRules, normalizeOutboundSigningRules, normalizePath, normalizeResponseCryptoRules, normalizeResponseSigningRules, normalizeSecretSource, normalizeSecurityRequirements, normalizeSigningConfig, normalizeWebSocketConnectionGrant, objectToBytes, operation, parseSealedEnvelope, pinoTransport, prettyModel$1 as prettyModel, registerDefaultFactories, registerDefaultKeyStoreFactory, registerNodePlacementStrategyFactory, registerRuntimeFactories, requireCryptoSupport, retryWithBackoff, main as runOAuth2Server, safeColor, sealedDecrypt, sealedEncrypt, secureDigest, setKeyStore, showEnvelopes$1 as showEnvelopes, sleep, snakeToCamelCase, stringifyNonPrimitives, supportsColor, throttle, urlsafeBase64Decode, urlsafeBase64Encode, validateCacheTtlSec, validateEncryptionKey, validateHostLogical, validateHostLogicals, validateJwkComplete, validateJwkStructure, validateJwkUseField, validateJwtTokenTtlSec, validateKeyCorrelationTtlSec, validateLogical, validateLogicalSegment, validateOAuth2TtlSec, validateSigningKey, validateTtlSec, waitForAll, waitForAllSettled, waitForAny, websocketGrantToConnectorConfig, withEnvelopeContext, withEnvelopeContextAsync, withLegacySnakeCaseKeys, withLock, withTimeout };
|