@opentdf/sdk 0.13.0-beta.119 → 0.13.0-beta.123
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +60 -10
- package/dist/cjs/src/access/access-rpc.js +6 -5
- package/dist/cjs/src/access.js +18 -5
- package/dist/cjs/src/auth/interceptors.js +186 -0
- package/dist/cjs/src/auth/oidc.js +5 -3
- package/dist/cjs/src/index.js +6 -2
- package/dist/cjs/src/opentdf.js +40 -32
- package/dist/cjs/src/platform.js +3 -46
- package/dist/cjs/src/policy/api.js +9 -5
- package/dist/cjs/src/policy/discovery.js +10 -9
- package/dist/cjs/tdf3/src/client/index.js +35 -17
- package/dist/cjs/tdf3/src/tdf.js +8 -7
- package/dist/types/src/access/access-rpc.d.ts +3 -3
- package/dist/types/src/access/access-rpc.d.ts.map +1 -1
- package/dist/types/src/access.d.ts +3 -3
- package/dist/types/src/access.d.ts.map +1 -1
- package/dist/types/src/auth/interceptors.d.ts +99 -0
- package/dist/types/src/auth/interceptors.d.ts.map +1 -0
- package/dist/types/src/auth/oidc.d.ts +1 -1
- package/dist/types/src/auth/oidc.d.ts.map +1 -1
- package/dist/types/src/index.d.ts +1 -0
- package/dist/types/src/index.d.ts.map +1 -1
- package/dist/types/src/opentdf.d.ts +18 -15
- package/dist/types/src/opentdf.d.ts.map +1 -1
- package/dist/types/src/platform.d.ts +6 -3
- package/dist/types/src/platform.d.ts.map +1 -1
- package/dist/types/src/policy/api.d.ts +3 -3
- package/dist/types/src/policy/api.d.ts.map +1 -1
- package/dist/types/src/policy/discovery.d.ts +5 -5
- package/dist/types/src/policy/discovery.d.ts.map +1 -1
- package/dist/types/tdf3/src/client/index.d.ts +10 -1
- package/dist/types/tdf3/src/client/index.d.ts.map +1 -1
- package/dist/types/tdf3/src/tdf.d.ts +5 -2
- package/dist/types/tdf3/src/tdf.d.ts.map +1 -1
- package/dist/web/src/access/access-rpc.js +6 -5
- package/dist/web/src/access.js +18 -5
- package/dist/web/src/auth/interceptors.js +142 -0
- package/dist/web/src/auth/oidc.js +5 -3
- package/dist/web/src/index.js +2 -1
- package/dist/web/src/opentdf.js +40 -32
- package/dist/web/src/platform.js +3 -46
- package/dist/web/src/policy/api.js +9 -5
- package/dist/web/src/policy/discovery.js +10 -9
- package/dist/web/tdf3/src/client/index.js +35 -17
- package/dist/web/tdf3/src/tdf.js +8 -7
- package/package.json +1 -1
- package/src/access/access-rpc.ts +5 -5
- package/src/access.ts +29 -13
- package/src/auth/interceptors.ts +197 -0
- package/src/auth/oidc.ts +5 -3
- package/src/index.ts +10 -0
- package/src/opentdf.ts +54 -34
- package/src/platform.ts +8 -52
- package/src/policy/api.ts +8 -5
- package/src/policy/discovery.ts +9 -9
- package/tdf3/src/client/index.ts +46 -17
- package/tdf3/src/tdf.ts +14 -11
|
@@ -6,7 +6,7 @@ import { type CryptoService, type KeyPair } from '../../tdf3/src/crypto/declarat
|
|
|
6
6
|
export type CommonCredentials = {
|
|
7
7
|
/** The OIDC client ID used for token issuance and exchange flows */
|
|
8
8
|
clientId: string;
|
|
9
|
-
/** The endpoint of the OIDC IdP to authenticate against, ex. 'https://
|
|
9
|
+
/** The endpoint of the OIDC IdP to authenticate against, ex. 'https://keycloak.opentdf.local/auth' */
|
|
10
10
|
oidcOrigin: string;
|
|
11
11
|
oidcTokenEndpoint?: string;
|
|
12
12
|
oidcUserInfoEndpoint?: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../../../../src/auth/oidc.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAe,MAAM,WAAW,CAAC;AAIrD,OAAO,EAAE,KAAK,aAAa,EAAE,KAAK,OAAO,EAAE,MAAM,uCAAuC,CAAC;AAEzF;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG;IAC9B,oEAAoE;IACpE,QAAQ,EAAE,MAAM,CAAC;IACjB,
|
|
1
|
+
{"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../../../../src/auth/oidc.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAe,MAAM,WAAW,CAAC;AAIrD,OAAO,EAAE,KAAK,aAAa,EAAE,KAAK,OAAO,EAAE,MAAM,uCAAuC,CAAC;AAEzF;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG;IAC9B,oEAAoE;IACpE,QAAQ,EAAE,MAAM,CAAC;IACjB,sGAAsG;IACtG,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,sCAAsC;IACtC,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB,2HAA2H;IAC3H,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAAG,iBAAiB,GAAG;IACxD,QAAQ,EAAE,QAAQ,CAAC;IACnB,yEAAyE;IACzE,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAAG,iBAAiB,GAAG;IACxD,QAAQ,EAAE,SAAS,CAAC;IACpB,qCAAqC;IACrC,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,sBAAsB,GAAG,iBAAiB,GAAG;IACvD,QAAQ,EAAE,UAAU,CAAC;IACrB,yCAAyC;IACzC,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,eAAe,GACvB,uBAAuB,GACvB,sBAAsB,GACtB,uBAAuB,CAAC;AAI5B,MAAM,MAAM,mBAAmB,GAAG;IAChC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,qBAAa,WAAW;IACtB,MAAM,EAAE,eAAe,CAAC;IAExB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,WAAW,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;IAExE,IAAI,CAAC,EAAE,mBAAmB,CAAC;IAE3B,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,MAAM,CAAC;IAEzB,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAM;IAE1C,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B,aAAa,EAAE,aAAa,CAAC;gBAEjB,GAAG,EAAE,eAAe,EAAE,aAAa,EAAE,aAAa,EAAE,OAAO,CAAC,EAAE,OAAO,KAAK;IA8BtF;;;;OAIG;IACG,IAAI,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA0B3C,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAwB7C,iBAAiB,CAAC,GAAG,EAAE,eAAe;IAqC5C;;;;OAIG;IACG,GAAG,CAAC,QAAQ,UAAO,GAAG,OAAO,CAAC,MAAM,CAAC;IA0B3C;;;;;;OAMG;IACG,0CAA0C,CAAC,UAAU,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAWpF;;OAEG;IACG,uBAAuB,IAAI,OAAO,CAAC,MAAM,CAAC;IAwB1C,SAAS,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;CAqB5D"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
export { type AuthProvider, type HttpMethod, HttpRequest, withHeaders } from './auth/auth.js';
|
|
2
2
|
export * as AuthProviders from './auth/providers.js';
|
|
3
|
+
export { authTokenInterceptor, authTokenDPoPInterceptor, authProviderInterceptor, type AuthConfig, type DPoPInterceptor, type DPoPInterceptorOptions, type Interceptor, type TokenProvider, } from './auth/interceptors.js';
|
|
3
4
|
export { attributeFQNsAsValues } from './policy/api.js';
|
|
4
5
|
export { listAttributes, validateAttributes, attributeExists, attributeValueExists, } from './policy/discovery.js';
|
|
5
6
|
export { version, clientType, tdfSpecVersion } from './version.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,KAAK,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC9F,OAAO,KAAK,aAAa,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EACL,cAAc,EACd,kBAAkB,EAClB,eAAe,EACf,oBAAoB,GACrB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,KAAK,qBAAqB,EAAE,KAAK,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAClG,cAAc,cAAc,CAAC;AAC7B,OAAO,EACL,QAAQ,EACR,qBAAqB,EACrB,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,wBAAwB,EACxB,sBAAsB,EACtB,kBAAkB,GACnB,MAAM,aAAa,CAAC;AACrB,cAAc,eAAe,CAAC;AAC9B,cAAc,6BAA6B,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,KAAK,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC9F,OAAO,KAAK,aAAa,MAAM,qBAAqB,CAAC;AACrD,OAAO,EACL,oBAAoB,EACpB,wBAAwB,EACxB,uBAAuB,EACvB,KAAK,UAAU,EACf,KAAK,eAAe,EACpB,KAAK,sBAAsB,EAC3B,KAAK,WAAW,EAChB,KAAK,aAAa,GACnB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EACL,cAAc,EACd,kBAAkB,EAClB,eAAe,EACf,oBAAoB,GACrB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,KAAK,qBAAqB,EAAE,KAAK,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAClG,cAAc,cAAc,CAAC;AAC7B,OAAO,EACL,QAAQ,EACR,qBAAqB,EACrB,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,wBAAwB,EACxB,sBAAsB,EACtB,kBAAkB,GACnB,MAAM,aAAa,CAAC;AACrB,cAAc,eAAe,CAAC;AAC9B,cAAc,6BAA6B,CAAC"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { type AuthProvider } from './auth/providers.js';
|
|
2
|
+
import { type Interceptor } from '@connectrpc/connect';
|
|
2
3
|
export { Client as TDF3Client } from '../tdf3/src/client/index.js';
|
|
3
4
|
import { type Source } from './seekable.js';
|
|
4
5
|
import { Client as TDF3Client } from '../tdf3/src/client/index.js';
|
|
@@ -104,8 +105,16 @@ export type OpenTDFOptions = {
|
|
|
104
105
|
policyEndpoint?: string;
|
|
105
106
|
/** Platform URL. */
|
|
106
107
|
platformUrl?: string;
|
|
107
|
-
/**
|
|
108
|
-
|
|
108
|
+
/**
|
|
109
|
+
* Connect RPC interceptors for authentication. Preferred over authProvider.
|
|
110
|
+
* Use `authTokenInterceptor()` or `authTokenDPoPInterceptor()` to create interceptors.
|
|
111
|
+
*/
|
|
112
|
+
interceptors?: Interceptor[];
|
|
113
|
+
/**
|
|
114
|
+
* Auth provider for connections to the policy service and KASes.
|
|
115
|
+
* @deprecated since 0.14.0. Use `interceptors` with `authTokenInterceptor()` or `authTokenDPoPInterceptor()` instead.
|
|
116
|
+
*/
|
|
117
|
+
authProvider?: AuthProvider;
|
|
109
118
|
/** Default settings for 'encrypt' type requests. */
|
|
110
119
|
defaultCreateOptions?: Omit<CreateOptions, 'source'>;
|
|
111
120
|
/** Default settings for 'decrypt' type requests. */
|
|
@@ -165,18 +174,10 @@ export type TDFReader = {
|
|
|
165
174
|
* It also requires a platform URL to be set, which is used to fetch key access servers and policies.
|
|
166
175
|
* @example
|
|
167
176
|
* ```
|
|
168
|
-
* import {
|
|
169
|
-
*
|
|
170
|
-
* const oidcCredentials: RefreshTokenCredentials = {
|
|
171
|
-
* clientId: keycloakClientId,
|
|
172
|
-
* exchange: 'refresh',
|
|
173
|
-
* refreshToken: refreshToken,
|
|
174
|
-
* oidcOrigin: keycloakUrl,
|
|
175
|
-
* };
|
|
176
|
-
* const authProvider = await AuthProviders.refreshAuthProvider(oidcCredentials);
|
|
177
|
+
* import { authTokenInterceptor, OpenTDF } from '@opentdf/sdk';
|
|
177
178
|
*
|
|
178
179
|
* const client = new OpenTDF({
|
|
179
|
-
*
|
|
180
|
+
* interceptors: [authTokenInterceptor(() => `${myAuth.token.accessToken}`)],
|
|
180
181
|
* platformUrl: 'https://platform.example.com',
|
|
181
182
|
* });
|
|
182
183
|
*
|
|
@@ -193,8 +194,10 @@ export declare class OpenTDF {
|
|
|
193
194
|
readonly platformUrl: string;
|
|
194
195
|
/** The policy service endpoint */
|
|
195
196
|
readonly policyEndpoint: string;
|
|
196
|
-
/** The auth provider for the OpenTDF instance. */
|
|
197
|
-
readonly authProvider
|
|
197
|
+
/** The auth provider for the OpenTDF instance (deprecated, use interceptors). */
|
|
198
|
+
readonly authProvider?: AuthProvider;
|
|
199
|
+
/** Connect RPC interceptors for authentication. */
|
|
200
|
+
readonly interceptors?: Interceptor[];
|
|
198
201
|
/** If DPoP is enabled for this instance. */
|
|
199
202
|
readonly dpopEnabled: boolean;
|
|
200
203
|
/** Default options for creating TDF objects. */
|
|
@@ -209,7 +212,7 @@ export declare class OpenTDF {
|
|
|
209
212
|
readonly cryptoService: CryptoService;
|
|
210
213
|
/** The TDF3 client for encrypting and decrypting ZTDF files. */
|
|
211
214
|
readonly tdf3Client: TDF3Client;
|
|
212
|
-
constructor({ authProvider, dpopKeys, defaultCreateOptions, defaultReadOptions, disableDPoP, policyEndpoint, platformUrl, cryptoService, }: OpenTDFOptions);
|
|
215
|
+
constructor({ authProvider, interceptors, dpopKeys, defaultCreateOptions, defaultReadOptions, disableDPoP, policyEndpoint, platformUrl, cryptoService, }: OpenTDFOptions);
|
|
213
216
|
/** Creates a new TDF stream. */
|
|
214
217
|
createTDF(opts: CreateTDFOptions): Promise<DecoratedStream>;
|
|
215
218
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"opentdf.d.ts","sourceRoot":"","sources":["../../../src/opentdf.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"opentdf.d.ts","sourceRoot":"","sources":["../../../src/opentdf.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAEvD,OAAO,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACnE,OAAO,EAAuC,KAAK,MAAM,EAAE,MAAM,eAAe,CAAC;AACjF,OAAO,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACnE,OAAO,EAAE,KAAK,aAAa,EAAE,KAAK,OAAO,EAAE,MAAM,oCAAoC,CAAC;AAEtF,OAAO,EACL,KAAK,SAAS,EACd,eAAe,EACf,yBAAyB,EAC1B,MAAM,2BAA2B,CAAC;AACnC,OAAO,EACL,KAAK,qBAAqB,EAG1B,oBAAoB,EACrB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,gCAAgC,CAAC;AAC/D,OAAO,EAAE,KAAK,OAAO,EAAE,MAAM,+BAA+B,CAAC;AAC7D,OAAO,EACL,KAAK,OAAO,EACZ,KAAK,SAAS,EACd,KAAK,qBAAqB,EAC3B,MAAM,8CAA8C,CAAC;AACtD,OAAO,EAAE,KAAK,eAAe,EAAE,MAAM,kCAAkC,CAAC;AACxE,OAAO,EAIL,KAAK,kBAAkB,EACxB,MAAM,oBAAoB,CAAC;AAI5B,OAAO,EACL,KAAK,SAAS,EACd,KAAK,aAAa,EAClB,KAAK,qBAAqB,EAC1B,KAAK,kBAAkB,EACvB,KAAK,qBAAqB,EAC1B,KAAK,eAAe,EACpB,KAAK,QAAQ,EACb,KAAK,OAAO,EACZ,KAAK,OAAO,EACZ,KAAK,SAAS,EACd,oBAAoB,GACrB,CAAC;AAEF,sDAAsD;AACtD,MAAM,MAAM,IAAI,GAAG;IACjB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,aAAa,CAAC;CAC5C,CAAC;AAEF,8EAA8E;AAC9E,MAAM,MAAM,mBAAmB,GAAG;IAChC,yDAAyD;IACzD,IAAI,EAAE,MAAM,EAAE,CAAC;CAChB,CAAC;AAEF,iFAAiF;AACjF,MAAM,MAAM,aAAa,GAAG;IAC1B,wEAAwE;IACxE,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB,uEAAuE;IACvE,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IAEtB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,kFAAkF;IAClF,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B,oEAAoE;IACpE,OAAO,CAAC,EAAE,IAAI,CAAC;IAEf,gCAAgC;IAChC,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,iCAAiC;AACjC,MAAM,MAAM,QAAQ,GAAG,MAAM,CAAC;AAE9B,0CAA0C;AAC1C,MAAM,MAAM,QAAQ,GAAG,GAAG,MAAM,IAAI,MAAM,EAAE,CAAC;AAE7C,6EAA6E;AAC7E,MAAM,MAAM,SAAS,GAAG;IACtB,0DAA0D;IAC1D,GAAG,EAAE,MAAM,CAAC;IACZ;;;OAGG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,iBAAiB,GAAG,aAAa,GAAG;IAC9C,wCAAwC;IACxC,gBAAgB,CAAC,EAAE,eAAe,EAAE,CAAC;IAErC,qCAAqC;IACrC,QAAQ,CAAC,EAAE,QAAQ,CAAC;IAEpB,4DAA4D;IAC5D,QAAQ,CAAC,EAAE,QAAQ,CAAC;IAEpB,2EAA2E;IAC3E,SAAS,CAAC,EAAE,SAAS,EAAE,CAAC;IAExB;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,yDAAyD;IACzD,oBAAoB,CAAC,EAAE,qBAAqB,CAAC;IAE7C,kCAAkC;IAClC,cAAc,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;CACpC,CAAC;AAEF,kCAAkC;AAClC,MAAM,MAAM,gBAAgB,GAAG,iBAAiB,CAAC;AAEjD,uDAAuD;AACvD,MAAM,MAAM,WAAW,GAAG;IACxB,6BAA6B;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,wBAAwB;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,wDAAwD;IACxD,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,iDAAiD;IACjD,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,4DAA4D;IAC5D,yBAAyB,CAAC,EAAE,MAAM,EAAE,CAAC;IACrC,wDAAwD;IACxD,yBAAyB,CAAC,EAAE,yBAAyB,CAAC;IACtD,iDAAiD;IACjD,QAAQ,CAAC,EAAE,OAAO,CAAC;IAEnB,gFAAgF;IAChF,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B,iDAAiD;IACjD,oBAAoB,CAAC,EAAE,qBAAqB,CAAC;CAC9C,CAAC;AAEF,8EAA8E;AAC9E,MAAM,MAAM,cAAc,GAAG;IAC3B,+BAA+B;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,oBAAoB;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;OAGG;IACH,YAAY,CAAC,EAAE,WAAW,EAAE,CAAC;IAE7B;;;OAGG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAE5B,oDAAoD;IACpD,oBAAoB,CAAC,EAAE,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;IAErD,oDAAoD;IACpD,kBAAkB,CAAC,EAAE,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAEjD,6CAA6C;IAC7C,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAE5B;;;;OAIG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC;CAC/B,CAAC;AAEF,mCAAmC;AACnC,MAAM,MAAM,eAAe,GAAG,cAAc,CAAC,UAAU,CAAC,GAAG;IACzD,iFAAiF;IACjF,QAAQ,CAAC,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC5B,wBAAwB;IACxB,QAAQ,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;CAC9B,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,SAAS,GAAG;IACtB;;OAEG;IACH,OAAO,EAAE,MAAM,OAAO,CAAC,eAAe,CAAC,CAAC;IACxC;;OAEG;IACH,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAE3B;;OAEG;IACH,QAAQ,EAAE,MAAM,OAAO,CAAC,QAAQ,CAAC,CAAC;IAElC;;OAEG;IACH,UAAU,EAAE,MAAM,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAEpC;;OAEG;IACH,WAAW,EAAE,MAAM,OAAO,CAAC,mBAAmB,CAAC,CAAC;CACjD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,qBAAa,OAAO;IAClB,uBAAuB;IACvB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,kCAAkC;IAClC,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,iFAAiF;IACjF,QAAQ,CAAC,YAAY,CAAC,EAAE,YAAY,CAAC;IACrC,mDAAmD;IACnD,QAAQ,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,CAAC;IACtC,4CAA4C;IAC5C,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;IAC9B,gDAAgD;IAChD,oBAAoB,EAAE,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;IACpD,+CAA+C;IAC/C,kBAAkB,EAAE,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAChD,+CAA+C;IAC/C,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IACpC,uGAAuG;IACvG,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;IAC9B,0DAA0D;IAC1D,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;IACtC,gEAAgE;IAChE,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC;gBAEpB,EACV,YAAY,EACZ,YAAY,EACZ,QAAQ,EACR,oBAAoB,EACpB,kBAAkB,EAClB,WAAW,EACX,cAAc,EACd,WAAW,EACX,aAAa,GACd,EAAE,cAAc;IAyDjB,gCAAgC;IAC1B,SAAS,CAAC,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAIjE;;;OAGG;IACG,UAAU,CAAC,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC,eAAe,CAAC;IAwBnE,sDAAsD;IACtD,IAAI,CAAC,IAAI,EAAE,WAAW,GAAG,SAAS;IAKlC,2BAA2B;IACrB,IAAI,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,eAAe,CAAC;IAKvD,8DAA8D;IAC9D,KAAK;CAGN"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
export * as platformConnectWeb from '@connectrpc/connect-web';
|
|
2
2
|
export * as platformConnect from '@connectrpc/connect';
|
|
3
|
-
import { AuthProvider } from '../tdf3/index.js';
|
|
3
|
+
import type { AuthProvider } from '../tdf3/index.js';
|
|
4
4
|
import { Client, Interceptor } from '@connectrpc/connect';
|
|
5
5
|
import { WellKnownService } from './platform/wellknownconfiguration/wellknown_configuration_pb.js';
|
|
6
6
|
import { AuthorizationService } from './platform/authorization/authorization_pb.js';
|
|
@@ -37,9 +37,12 @@ export interface PlatformServicesV2 {
|
|
|
37
37
|
authorization: Client<typeof AuthorizationServiceV2>;
|
|
38
38
|
}
|
|
39
39
|
export interface PlatformClientOptions {
|
|
40
|
-
/**
|
|
40
|
+
/**
|
|
41
|
+
* Authentication provider for generating auth interceptor.
|
|
42
|
+
* @deprecated since 0.14.0. Use `interceptors` with `authTokenInterceptor()` or `authTokenDPoPInterceptor()` instead.
|
|
43
|
+
*/
|
|
41
44
|
authProvider?: AuthProvider;
|
|
42
|
-
/** Array of
|
|
45
|
+
/** Array of interceptors to apply to rpc requests. Preferred over authProvider. */
|
|
43
46
|
interceptors?: Interceptor[];
|
|
44
47
|
/** Base URL of the platform API. */
|
|
45
48
|
platformUrl: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"platform.d.ts","sourceRoot":"","sources":["../../../src/platform.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,kBAAkB,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,eAAe,MAAM,qBAAqB,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"platform.d.ts","sourceRoot":"","sources":["../../../src/platform.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,kBAAkB,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,eAAe,MAAM,qBAAqB,CAAC;AAGvD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAGrD,OAAO,EAAE,MAAM,EAAgB,WAAW,EAAE,MAAM,qBAAqB,CAAC;AACxE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iEAAiE,CAAC;AACnG,OAAO,EAAE,oBAAoB,EAAE,MAAM,8CAA8C,CAAC;AACpF,OAAO,EAAE,oBAAoB,IAAI,sBAAsB,EAAE,MAAM,iDAAiD,CAAC;AACjH,OAAO,EAAE,uBAAuB,EAAE,MAAM,qDAAqD,CAAC;AAC9F,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,yCAAyC,CAAC;AACxE,OAAO,EAAE,iBAAiB,EAAE,MAAM,+CAA+C,CAAC;AAClF,OAAO,EAAE,8BAA8B,EAAE,MAAM,gEAAgE,CAAC;AAChH,OAAO,EAAE,oBAAoB,EAAE,MAAM,sDAAsD,CAAC;AAC5F,OAAO,EAAE,OAAO,IAAI,iBAAiB,EAAE,MAAM,iDAAiD,CAAC;AAC/F,OAAO,EAAE,gBAAgB,EAAE,MAAM,+CAA+C,CAAC;AACjF,OAAO,EAAE,0BAA0B,EAAE,MAAM,kEAAkE,CAAC;AAC9G,OAAO,EAAE,sBAAsB,EAAE,MAAM,0DAA0D,CAAC;AAClG,OAAO,EAAE,qBAAqB,EAAE,MAAM,wDAAwD,CAAC;AAC/F,OAAO,EAAE,aAAa,EAAE,MAAM,uCAAuC,CAAC;AAEtE,MAAM,WAAW,gBAAgB;IAC/B,aAAa,EAAE,MAAM,CAAC,OAAO,oBAAoB,CAAC,CAAC;IACnD,gBAAgB,EAAE,MAAM,CAAC,OAAO,uBAAuB,CAAC,CAAC;IACzD,MAAM,EAAE,MAAM,CAAC,OAAO,aAAa,CAAC,CAAC;IACrC,MAAM,EAAE,MAAM,CAAC,OAAO,aAAa,CAAC,CAAC;IACrC,UAAU,EAAE,MAAM,CAAC,OAAO,iBAAiB,CAAC,CAAC;IAC7C,uBAAuB,EAAE,MAAM,CAAC,OAAO,8BAA8B,CAAC,CAAC;IACvE,aAAa,EAAE,MAAM,CAAC,OAAO,oBAAoB,CAAC,CAAC;IACnD,SAAS,EAAE,MAAM,CAAC,OAAO,gBAAgB,CAAC,CAAC;IAC3C,UAAU,EAAE,MAAM,CAAC,OAAO,iBAAiB,CAAC,CAAC;IAC7C,mBAAmB,EAAE,MAAM,CAAC,OAAO,0BAA0B,CAAC,CAAC;IAC/D,eAAe,EAAE,MAAM,CAAC,OAAO,sBAAsB,CAAC,CAAC;IACvD,cAAc,EAAE,MAAM,CAAC,OAAO,qBAAqB,CAAC,CAAC;IACrD,MAAM,EAAE,MAAM,CAAC,OAAO,aAAa,CAAC,CAAC;IACrC,SAAS,EAAE,MAAM,CAAC,OAAO,gBAAgB,CAAC,CAAC;CAC5C;AAED,MAAM,WAAW,kBAAkB;IACjC,aAAa,EAAE,MAAM,CAAC,OAAO,sBAAsB,CAAC,CAAC;CACtD;AAED,MAAM,WAAW,qBAAqB;IACpC;;;OAGG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,mFAAmF;IACnF,YAAY,CAAC,EAAE,WAAW,EAAE,CAAC;IAC7B,oCAAoC;IACpC,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,qBAAa,cAAc;IACzB,QAAQ,CAAC,EAAE,EAAE,gBAAgB,CAAC;IAC9B,QAAQ,CAAC,EAAE,EAAE,kBAAkB,CAAC;gBAEpB,OAAO,EAAE,qBAAqB;CAqC3C"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { type AuthConfig } from '../auth/interceptors.js';
|
|
2
2
|
import { Value } from './attributes.js';
|
|
3
3
|
import { Certificate } from '../platform/policy/objects_pb.js';
|
|
4
|
-
export declare function attributeFQNsAsValues(platformUrl: string,
|
|
5
|
-
export declare function getRootCertsFromNamespace(platformUrl: string,
|
|
4
|
+
export declare function attributeFQNsAsValues(platformUrl: string, auth: AuthConfig, ...fqns: string[]): Promise<Value[]>;
|
|
5
|
+
export declare function getRootCertsFromNamespace(platformUrl: string, auth?: AuthConfig, namespaceId?: string, fqn?: string): Promise<Certificate[]>;
|
|
6
6
|
//# sourceMappingURL=api.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../../../src/policy/api.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../../../src/policy/api.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,UAAU,EAAuB,MAAM,yBAAyB,CAAC;AAG/E,OAAO,EAAE,KAAK,EAAE,MAAM,iBAAiB,CAAC;AAGxC,OAAO,EAAE,WAAW,EAAE,MAAM,kCAAkC,CAAC;AAK/D,wBAAsB,qBAAqB,CACzC,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,UAAU,EAChB,GAAG,IAAI,EAAE,MAAM,EAAE,GAChB,OAAO,CAAC,KAAK,EAAE,CAAC,CAiClB;AAGD,wBAAsB,yBAAyB,CAC7C,WAAW,EAAE,MAAM,EACnB,IAAI,CAAC,EAAE,UAAU,EACjB,WAAW,CAAC,EAAE,MAAM,EACpB,GAAG,CAAC,EAAE,MAAM,GACX,OAAO,CAAC,WAAW,EAAE,CAAC,CA8BxB"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { type
|
|
1
|
+
import { type AuthConfig } from '../auth/interceptors.js';
|
|
2
2
|
import type { Attribute } from '../platform/policy/objects_pb.js';
|
|
3
3
|
/**
|
|
4
4
|
* Returns all active attributes available on the platform, auto-paginating through all results.
|
|
@@ -19,7 +19,7 @@ import type { Attribute } from '../platform/policy/objects_pb.js';
|
|
|
19
19
|
* }
|
|
20
20
|
* ```
|
|
21
21
|
*/
|
|
22
|
-
export declare function listAttributes(platformUrl: string,
|
|
22
|
+
export declare function listAttributes(platformUrl: string, auth: AuthConfig, namespace?: string): Promise<Attribute[]>;
|
|
23
23
|
/**
|
|
24
24
|
* Checks that all provided attribute value FQNs exist on the platform.
|
|
25
25
|
* Validates FQN format first, then verifies existence via the platform API.
|
|
@@ -42,7 +42,7 @@ export declare function listAttributes(platformUrl: string, authProvider: AuthPr
|
|
|
42
42
|
* // Safe to encrypt — all attributes confirmed present
|
|
43
43
|
* ```
|
|
44
44
|
*/
|
|
45
|
-
export declare function validateAttributes(platformUrl: string,
|
|
45
|
+
export declare function validateAttributes(platformUrl: string, auth: AuthConfig, fqns: string[]): Promise<void>;
|
|
46
46
|
/**
|
|
47
47
|
* Reports whether the attribute definition identified by `attributeFqn` exists on the platform.
|
|
48
48
|
*
|
|
@@ -56,7 +56,7 @@ export declare function validateAttributes(platformUrl: string, authProvider: Au
|
|
|
56
56
|
* @throws {@link ConfigurationError} if the FQN format is invalid or the URL is insecure.
|
|
57
57
|
* @throws {@link NetworkError} if a non-not-found service error occurs.
|
|
58
58
|
*/
|
|
59
|
-
export declare function attributeExists(platformUrl: string,
|
|
59
|
+
export declare function attributeExists(platformUrl: string, auth: AuthConfig, attributeFqn: string): Promise<boolean>;
|
|
60
60
|
/**
|
|
61
61
|
* Reports whether the attribute value FQN exists on the platform.
|
|
62
62
|
*
|
|
@@ -70,5 +70,5 @@ export declare function attributeExists(platformUrl: string, authProvider: AuthP
|
|
|
70
70
|
* @throws {@link ConfigurationError} if the FQN format is invalid or the URL is insecure.
|
|
71
71
|
* @throws {@link NetworkError} if a service error occurs.
|
|
72
72
|
*/
|
|
73
|
-
export declare function attributeValueExists(platformUrl: string,
|
|
73
|
+
export declare function attributeValueExists(platformUrl: string, auth: AuthConfig, valueFqn: string): Promise<boolean>;
|
|
74
74
|
//# sourceMappingURL=discovery.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"discovery.d.ts","sourceRoot":"","sources":["../../../../src/policy/discovery.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,KAAK,
|
|
1
|
+
{"version":3,"file":"discovery.d.ts","sourceRoot":"","sources":["../../../../src/policy/discovery.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,KAAK,UAAU,EAAuB,MAAM,yBAAyB,CAAC;AAG/E,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,kCAAkC,CAAC;AAyBlE;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,cAAc,CAClC,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,UAAU,EAChB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,SAAS,EAAE,CAAC,CA6BtB;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAsB,kBAAkB,CACtC,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,UAAU,EAChB,IAAI,EAAE,MAAM,EAAE,GACb,OAAO,CAAC,IAAI,CAAC,CAkCf;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,eAAe,CACnC,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,UAAU,EAChB,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,OAAO,CAAC,CAqBlB;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,oBAAoB,CACxC,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,UAAU,EAChB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,OAAO,CAAC,CAkBlB"}
|
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
import { fetchKasPublicKey } from '../tdf.js';
|
|
2
2
|
import { CryptoService } from '../crypto/declarations.js';
|
|
3
3
|
import { type AuthProvider, HttpRequest, withHeaders } from '../../../src/auth/auth.js';
|
|
4
|
+
import { type AuthConfig } from '../../../src/auth/interceptors.js';
|
|
5
|
+
import { type Interceptor } from '@connectrpc/connect';
|
|
4
6
|
import { type DecryptParams, DecryptParamsBuilder, type DecryptSource, type EncryptParams, EncryptParamsBuilder } from './builders.js';
|
|
5
7
|
import { DecoratedReadableStream } from './DecoratedReadableStream.js';
|
|
6
8
|
import { type KasPublicKeyInfo, OriginAllowList } from '../../../src/access.js';
|
|
@@ -37,7 +39,10 @@ export interface ClientConfig {
|
|
|
37
39
|
kasPublicKey?: string;
|
|
38
40
|
oidcOrigin?: string;
|
|
39
41
|
externalJwt?: string;
|
|
42
|
+
/** @deprecated since 0.14.0. Use `interceptors` instead. */
|
|
40
43
|
authProvider?: AuthProvider;
|
|
44
|
+
/** Connect RPC interceptors for authentication. Preferred over authProvider. */
|
|
45
|
+
interceptors?: Interceptor[];
|
|
41
46
|
readerUrl?: string;
|
|
42
47
|
entityObjectEndpoint?: string;
|
|
43
48
|
fileStreamServiceWorker?: string;
|
|
@@ -83,7 +88,11 @@ export declare class Client {
|
|
|
83
88
|
readonly kasKeyInfoCache: KasKeyInfoCache;
|
|
84
89
|
readonly easEndpoint?: string;
|
|
85
90
|
readonly clientId?: string;
|
|
86
|
-
|
|
91
|
+
/**
|
|
92
|
+
* Resolved auth configuration. Set once in the constructor from either
|
|
93
|
+
* authProvider or interceptors. Threaded through all internal layers.
|
|
94
|
+
*/
|
|
95
|
+
readonly auth?: AuthConfig;
|
|
87
96
|
readonly readerUrl?: string;
|
|
88
97
|
readonly fileStreamServiceWorker?: string;
|
|
89
98
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../tdf3/src/client/index.ts"],"names":[],"mappings":"AAOA,OAAO,EAGL,iBAAiB,EAKlB,MAAM,WAAW,CAAC;AAInB,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,KAAK,YAAY,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../tdf3/src/client/index.ts"],"names":[],"mappings":"AAOA,OAAO,EAGL,iBAAiB,EAKlB,MAAM,WAAW,CAAC;AAInB,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,KAAK,YAAY,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxF,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAGvD,OAAO,EACL,KAAK,aAAa,EAClB,oBAAoB,EACpB,KAAK,aAAa,EAIlB,KAAK,aAAa,EAClB,oBAAoB,EAGrB,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,uBAAuB,EAAE,MAAM,8BAA8B,CAAC;AACvE,OAAO,EAEL,KAAK,gBAAgB,EACrB,eAAe,EAChB,MAAM,wBAAwB,CAAC;AAGhC,OAAO,EAAE,KAAK,OAAO,EAAqB,MAAM,2BAA2B,CAAC;AA2B5E,eAAO,MAAM,cAAc,GACzB,KAAK,MAAM,EACX,KAAK,MAAM,EACX,eAAe,aAAa,EAC5B,MAAM,MAAM,KACX,OAAO,CAAC,gBAAgB,CAQ1B,CAAC;AAsCF,MAAM,WAAW,YAAY;IAC3B,aAAa,CAAC,EAAE,aAAa,CAAC;IAE9B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,QAAQ,CAAC,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB;;;OAGG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB;;;;OAIG;IACH,yBAAyB,CAAC,EAAE,MAAM,EAAE,CAAC;IAErC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,4DAA4D;IAC5D,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,gFAAgF;IAChF,YAAY,CAAC,EAAE,WAAW,EAAE,CAAC;IAC7B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,eAAe,CAAC,EAAE,CAAC,cAAc,EAAE,MAAM,KAAK,IAAI,CAAC;CACpD;AAQD,wBAAsB,iBAAiB,CAAC,EACtC,YAAY,EACZ,aAAa,EACb,QAAQ,GACT,EAAE;IACD,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,aAAa,EAAE,aAAa,CAAC;IAC7B,QAAQ,CAAC,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;CAC7B,GAAG,OAAO,CAAC,OAAO,CAAC,CAenB;AAgCD,KAAK,eAAe,GAAG;IACrB,GAAG,UAAU,CAAC,OAAO,iBAAiB,CAAC;IACvC,cAAc,EAAE,UAAU,CAAC,OAAO,iBAAiB,CAAC;CACrD,EAAE,CAAC;AAEJ,wBAAgB,gBAAgB,CAC9B,KAAK,EAAE,eAAe,EACtB,GAAG,MAAM,EAAE,UAAU,CAAC,OAAO,iBAAiB,CAAC,oCAmBhD;AAED,QAAA,MAAM,oBAAoB,GACxB,OAAO,eAAe,EACtB,GAAG,QAAQ,UAAU,CAAC,OAAO,iBAAiB,CAAC,KAC9C,UAAU,CAAC,OAAO,iBAAiB,CAQrC,CAAC;AAgDF,qBAAa,MAAM;IACjB,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;IAEtC;;OAEG;IACH,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAE7B;;;OAGG;IACH,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAEhC;;;OAGG;IACH,QAAQ,CAAC,YAAY,CAAC,EAAE,eAAe,CAAC;IAExC;;;;OAIG;IACH,QAAQ,CAAC,yBAAyB,EAAE,MAAM,EAAE,CAAC;IAE7C;;OAEG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAE9B,QAAQ,CAAC,eAAe,EAAE,eAAe,CAAM;IAE/C,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAE9B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAE3B;;;OAGG;IACH,QAAQ,CAAC,IAAI,CAAC,EAAE,UAAU,CAAC;IAE3B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAE5B,QAAQ,CAAC,uBAAuB,CAAC,EAAE,MAAM,CAAC;IAE1C;;OAEG;IACH,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAEpC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;IAE9B,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IAEpC;;;;;;;;;OASG;gBACS,MAAM,EAAE,YAAY;IA8GhC,uHAAuH;IACvH,uBAAuB,CACrB,GAAG,MAAM,EAAE,UAAU,CAAC,OAAO,oBAAoB,CAAC,GACjD,UAAU,CAAC,OAAO,oBAAoB,CAAC;IAI1C;;;;;;;;;;;;;;OAcG;IACG,OAAO,CAAC,IAAI,EAAE,aAAa,GAAG,OAAO,CAAC,uBAAuB,CAAC;IA2QpE;;;;;;;;;;;OAWG;IACG,OAAO,CAAC,EACZ,MAAM,EACN,SAAS,EACT,aAAgD,EAChD,gBAAoE,EACpE,yBAAyB,EACzB,kBAAkB,EAClB,gBAAoB,EACpB,oBAAoB,EACpB,yBAA8B,GAC/B,EAAE,aAAa,GAAG,OAAO,CAAC,uBAAuB,CAAC;IAyCnD;;;;;;;;;OASG;IACG,WAAW,CAAC,EAAE,MAAM,EAAE,EAAE;QAAE,MAAM,EAAE,aAAa,CAAA;KAAE;IASjD,aAAa,CAAC,EAAE,MAAM,EAAE,EAAE;QAAE,MAAM,EAAE,aAAa,CAAA;KAAE;CAI1D;AAED,YAAY,EAAE,YAAY,EAAE,CAAC;AAE7B,OAAO,EAAE,oBAAoB,EAAE,aAAa,EAAE,oBAAoB,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { KasPublicKeyAlgorithm, KasPublicKeyInfo, OriginAllowList } from '../../src/access.js';
|
|
2
2
|
import { type AuthProvider } from '../../src/auth/auth.js';
|
|
3
|
+
import { type AuthConfig } from '../../src/auth/interceptors.js';
|
|
3
4
|
import { type Chunker } from '../../src/seekable.js';
|
|
4
5
|
import { AssertionConfig, AssertionVerificationKeys } from './assertions.js';
|
|
5
6
|
import { SymmetricCipher } from './ciphers/symmetric-cipher-base.js';
|
|
@@ -54,7 +55,8 @@ export type EncryptConfiguration = {
|
|
|
54
55
|
contentStream: ReadableStream<Uint8Array>;
|
|
55
56
|
mimeType?: string;
|
|
56
57
|
policy: Policy;
|
|
57
|
-
|
|
58
|
+
/** Auth configuration: AuthProvider or { interceptors }. */
|
|
59
|
+
auth?: AuthConfig;
|
|
58
60
|
byteLimit: number;
|
|
59
61
|
progressHandler?: (bytesProcessed: number) => void;
|
|
60
62
|
keyForEncryption: KeyInfo;
|
|
@@ -67,7 +69,8 @@ export type DecryptConfiguration = {
|
|
|
67
69
|
fulfillableObligations: string[];
|
|
68
70
|
allowedKases?: string[];
|
|
69
71
|
allowList?: OriginAllowList;
|
|
70
|
-
|
|
72
|
+
/** Auth configuration: AuthProvider or { interceptors }. */
|
|
73
|
+
auth?: AuthConfig;
|
|
71
74
|
cryptoService: CryptoService;
|
|
72
75
|
dpopKeys: KeyPair;
|
|
73
76
|
chunker: Chunker;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tdf.d.ts","sourceRoot":"","sources":["../../../../tdf3/src/tdf.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,qBAAqB,EACrB,gBAAgB,EAChB,eAAe,EAIhB,MAAM,qBAAqB,CAAC;AAS7B,OAAO,EAAE,KAAK,YAAY,EAAgB,MAAM,wBAAwB,CAAC;
|
|
1
|
+
{"version":3,"file":"tdf.d.ts","sourceRoot":"","sources":["../../../../tdf3/src/tdf.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,qBAAqB,EACrB,gBAAgB,EAChB,eAAe,EAIhB,MAAM,qBAAqB,CAAC;AAS7B,OAAO,EAAE,KAAK,YAAY,EAAgB,MAAM,wBAAwB,CAAC;AACzE,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,gCAAgC,CAAC;AAajE,OAAO,EAAE,KAAK,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAErD,OAAO,EAAE,eAAe,EAAgB,yBAAyB,EAAE,MAAM,iBAAiB,CAAC;AAI3F,OAAO,EAAE,eAAe,EAAE,MAAM,oCAAoC,CAAC;AACrE,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,uBAAuB,EAAE,MAAM,qCAAqC,CAAC;AAC9E,OAAO,EACL,KAAK,aAAa,EAClB,KAAK,aAAa,EAClB,KAAK,OAAO,EACZ,KAAK,YAAY,EAClB,MAAM,0BAA0B,CAAC;AAElC,OAAO,EAEL,aAAa,EACb,OAAO,EACP,QAAQ,EACR,MAAM,EACN,QAAQ,EAER,SAAS,EACT,eAAe,EACf,SAAS,EACV,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EAAE,SAAS,EAAwC,MAAM,kBAAkB,CAAC;AACnF,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAczD;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG;IAC9B;;OAEG;IACH,IAAI,CAAC,EAAE,SAAS,CAAC;IAEjB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,KAAK,aAAa,GAAG,aAAa,CAAC,eAAe,CAAC,CAAC;AAEpD,MAAM,MAAM,QAAQ,GAAG,OAAO,CAAC;AAE/B,MAAM,MAAM,cAAc,GAAG;IAC3B,IAAI,EAAE,aAAa,CAAC;IACpB,GAAG,CAAC,EAAE,qBAAqB,CAAC;IAC5B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,QAAQ,CAAC;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,aAAa,EAAE,aAAa,CAAC;CAC9B,CAAC;AAeF,KAAK,OAAO,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,GAAG;IAC7B,GAAG,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,IAAI,CAAC;IACxB,MAAM,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;CAChC,CAAC;AAiBF,KAAK,KAAK,GAAG;IACX,IAAI,EAAE,MAAM,CAAC;IACb,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,eAAe,EAAE,MAAM,CAAC;IACxB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,cAAc,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;CACxC,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG,MAAM,GAAG,OAAO,CAAC;AAElD,MAAM,MAAM,oBAAoB,GAAG;IACjC,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,aAAa,EAAE,aAAa,CAAC;IAC7B,QAAQ,EAAE,OAAO,CAAC;IAClB,qBAAqB,EAAE,QAAQ,CAAC;IAChC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,yBAAyB,EAAE,kBAAkB,CAAC;IAC9C,aAAa,EAAE,cAAc,CAAC,UAAU,CAAC,CAAC;IAC1C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,4DAA4D;IAC5D,IAAI,CAAC,EAAE,UAAU,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,CAAC,cAAc,EAAE,MAAM,KAAK,IAAI,CAAC;IACnD,gBAAgB,EAAE,OAAO,CAAC;IAC1B,cAAc,EAAE,OAAO,CAAC;IACxB,gBAAgB,CAAC,EAAE,eAAe,EAAE,CAAC;IACrC,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,sBAAsB,EAAE,MAAM,EAAE,CAAC;IACjC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,4DAA4D;IAC5D,IAAI,CAAC,EAAE,UAAU,CAAC;IAClB,aAAa,EAAE,aAAa,CAAC;IAE7B,QAAQ,EAAE,OAAO,CAAC;IAElB,OAAO,EAAE,OAAO,CAAC;IACjB,aAAa,EAAE,aAAa,CAAC;IAC7B,eAAe,CAAC,EAAE,CAAC,cAAc,EAAE,MAAM,KAAK,IAAI,CAAC;IACnD,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,yBAAyB,CAAC,EAAE,yBAAyB,CAAC;IACtD,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,oBAAoB,CAAC,EAAE,qBAAqB,CAAC;CAC9C,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,YAAY,EAAE,YAAY,CAAC;IAE3B,UAAU,EAAE,SAAS,CAAC;IAEtB,eAAe,EAAE,QAAQ,CAAC;IAE1B,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B,kBAAkB,EAAE,MAAM,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG,OAAO,GAAG,MAAM,CAAC;AAElD;;;GAGG;AACH,wBAAsB,iBAAiB,CACrC,GAAG,EAAE,MAAM,EACX,SAAS,CAAC,EAAE,qBAAqB,EACjC,GAAG,CAAC,EAAE,MAAM,GACX,OAAO,CAAC,gBAAgB,CAAC,CAQ3B;AAED,wBAAsB,uBAAuB,CAC3C,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,qBAAqB,EAC1B,aAAa,EAAE,aAAa,GAC3B,OAAO,CAAC,MAAM,CAAC,CAKjB;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,cAAc,CAAC,EACnC,IAAI,EACJ,GAAG,EACH,SAAS,EACT,GAAG,EACH,QAAQ,EACR,GAAQ,EACR,GAAgB,EAChB,aAAa,GACd,EAAE,cAAc,GAAG,OAAO,CAAC,SAAS,CAAC,CA2BrC;AAED,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAYzD;AA+ED,wBAAsB,WAAW,CAAC,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAoT7F;AAED,MAAM,MAAM,oBAAoB,GAAG;IACjC,QAAQ,EAAE,QAAQ,CAAC;IACnB,SAAS,EAAE,SAAS,CAAC;IACrB,gBAAgB,EAAE,gBAAgB,EAAE,CAAC;CACtC,CAAC;AAGF,wBAAsB,aAAa,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAKnF;AAED,wBAAgB,uBAAuB,CACrC,SAAS,EAAE,eAAe,EAAE,EAC5B,YAAY,EAAE,eAAe,GAC5B,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC,CA6BjD;AA4UD,wBAAsB,eAAe,CAAC,EACpC,MAAM,EACN,gBAAgB,EAChB,KAAK,EACL,MAAM,EACN,aAAa,EACb,yBAAyB,EACzB,WAAW,GACZ,EAAE;IACD,MAAM,EAAE,UAAU,CAAC;IACnB,gBAAgB,EAAE,YAAY,CAAC;IAC/B,KAAK,EAAE,KAAK,EAAE,CAAC;IACf,MAAM,EAAE,eAAe,CAAC;IACxB,aAAa,EAAE,aAAa,CAAC;IAC7B,yBAAyB,EAAE,kBAAkB,CAAC;IAC9C,WAAW,EAAE,MAAM,CAAC;CACrB,iBAkCA;AAED,wBAAsB,UAAU,CAAC,GAAG,EAAE,oBAAoB,oCAGzD;AAED,wBAAsB,iBAAiB,CACrC,GAAG,EAAE,oBAAoB,EACzB,EAAE,QAAQ,EAAE,SAAS,EAAE,gBAAgB,EAAE,EAAE,oBAAoB,oCA8JhE"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { isPublicKeyAlgorithm, OriginAllowList, } from '../access.js';
|
|
2
|
+
import { resolveInterceptors } from '../auth/interceptors.js';
|
|
2
3
|
import { ConfigurationError, InvalidFileError, NetworkError, PermissionDeniedError, ServiceError, UnauthenticatedError, } from '../errors.js';
|
|
3
4
|
import { PlatformClient } from '../platform.js';
|
|
4
5
|
import { extractRpcErrorMessage, getPlatformUrlFromKasEndpoint, validateSecureUrl, } from '../utils.js';
|
|
@@ -12,9 +13,9 @@ import { ConnectError, Code } from '@connectrpc/connect';
|
|
|
12
13
|
* @param rewrapAdditionalContextHeader optional value for 'X-Rewrap-Additional-Context'
|
|
13
14
|
* @param clientVersion
|
|
14
15
|
*/
|
|
15
|
-
export async function fetchWrappedKey(url, signedRequestToken,
|
|
16
|
+
export async function fetchWrappedKey(url, signedRequestToken, auth, rewrapAdditionalContextHeader) {
|
|
16
17
|
const platformUrl = getPlatformUrlFromKasEndpoint(url);
|
|
17
|
-
const platform = new PlatformClient({
|
|
18
|
+
const platform = new PlatformClient({ interceptors: resolveInterceptors(auth), platformUrl });
|
|
18
19
|
const options = {};
|
|
19
20
|
if (rewrapAdditionalContextHeader) {
|
|
20
21
|
options.headers = {
|
|
@@ -79,10 +80,10 @@ export function handleRpcRewrapErrorString(e, platformUrl, requiredObligations)
|
|
|
79
80
|
}
|
|
80
81
|
throw new NetworkError(`[${platformUrl}] [Rewrap] ${e}`);
|
|
81
82
|
}
|
|
82
|
-
export async function fetchKeyAccessServers(platformUrl,
|
|
83
|
+
export async function fetchKeyAccessServers(platformUrl, auth) {
|
|
83
84
|
let nextOffset = 0;
|
|
84
85
|
const allServers = [];
|
|
85
|
-
const platform = new PlatformClient({
|
|
86
|
+
const platform = new PlatformClient({ interceptors: resolveInterceptors(auth), platformUrl });
|
|
86
87
|
do {
|
|
87
88
|
let response;
|
|
88
89
|
try {
|
|
@@ -178,4 +179,4 @@ export async function fetchKasBasePubKey(kasEndpoint) {
|
|
|
178
179
|
throw new NetworkError(`[${platformUrl}] [PublicKey] ${extractRpcErrorMessage(e)}`);
|
|
179
180
|
}
|
|
180
181
|
}
|
|
181
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
182
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWNjZXNzLXJwYy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9hY2Nlc3MvYWNjZXNzLXJwYy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFDQSxPQUFPLEVBQ0wsb0JBQW9CLEVBR3BCLGVBQWUsR0FDaEIsTUFBTSxjQUFjLENBQUM7QUFFdEIsT0FBTyxFQUFtQixtQkFBbUIsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQy9FLE9BQU8sRUFDTCxrQkFBa0IsRUFDbEIsZ0JBQWdCLEVBQ2hCLFlBQVksRUFDWixxQkFBcUIsRUFDckIsWUFBWSxFQUNaLG9CQUFvQixHQUNyQixNQUFNLGNBQWMsQ0FBQztBQUN0QixPQUFPLEVBQUUsY0FBYyxFQUFFLE1BQU0sZ0JBQWdCLENBQUM7QUFHaEQsT0FBTyxFQUNMLHNCQUFzQixFQUN0Qiw2QkFBNkIsRUFDN0IsaUJBQWlCLEdBQ2xCLE1BQU0sYUFBYSxDQUFDO0FBQ3JCLE9BQU8sRUFBRSwyQkFBMkIsRUFBRSxNQUFNLGdCQUFnQixDQUFDO0FBQzdELE9BQU8sRUFBRSxZQUFZLEVBQUUsSUFBSSxFQUFFLE1BQU0scUJBQXFCLENBQUM7QUFFekQ7Ozs7Ozs7R0FPRztBQUNILE1BQU0sQ0FBQyxLQUFLLFVBQVUsZUFBZSxDQUNuQyxHQUFXLEVBQ1gsa0JBQTBCLEVBQzFCLElBQWdCLEVBQ2hCLDZCQUFzQztJQUV0QyxNQUFNLFdBQVcsR0FBRyw2QkFBNkIsQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUN2RCxNQUFNLFFBQVEsR0FBRyxJQUFJLGNBQWMsQ0FBQyxFQUFFLFlBQVksRUFBRSxtQkFBbUIsQ0FBQyxJQUFJLENBQUMsRUFBRSxXQUFXLEVBQUUsQ0FBQyxDQUFDO0lBQzlGLE1BQU0sT0FBTyxHQUFnQixFQUFFLENBQUM7SUFDaEMsSUFBSSw2QkFBNkIsRUFBRSxDQUFDO1FBQ2xDLE9BQU8sQ0FBQyxPQUFPLEdBQUc7WUFDaEIsQ0FBQywyQkFBMkIsQ0FBQyxFQUFFLDZCQUE2QjtTQUM3RCxDQUFDO0lBQ0osQ0FBQztJQUNELElBQUksUUFBd0IsQ0FBQztJQUM3QixJQUFJLENBQUM7UUFDSCxRQUFRLEdBQUcsTUFBTSxRQUFRLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsRUFBRSxrQkFBa0IsRUFBRSxFQUFFLE9BQU8sQ0FBQyxDQUFDO0lBQzlFLENBQUM7SUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1FBQ1gsb0JBQW9CLENBQUMsQ0FBQyxFQUFFLFdBQVcsQ0FBQyxDQUFDO0lBQ3ZDLENBQUM7SUFDRCxPQUFPLFFBQVEsQ0FBQztBQUNsQixDQUFDO0FBRUQsTUFBTSxVQUFVLG9CQUFvQixDQUFDLENBQVUsRUFBRSxXQUFtQjtJQUNsRSxJQUFJLENBQUMsWUFBWSxZQUFZLEVBQUUsQ0FBQztRQUM5QixPQUFPLENBQUMsR0FBRyxDQUFDLG9DQUFvQyxFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUMxRCxRQUFRLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUNmLEtBQUssSUFBSSxDQUFDLGVBQWUsRUFBRSxrQkFBa0I7Z0JBQzNDLE1BQU0sSUFBSSxnQkFBZ0IsQ0FBQyxZQUFZLFdBQVcsMEJBQTBCLENBQUMsQ0FBQyxPQUFPLEdBQUcsQ0FBQyxDQUFDO1lBQzVGLEtBQUssSUFBSSxDQUFDLGdCQUFnQixFQUFFLGdCQUFnQjtnQkFDMUMsTUFBTSxJQUFJLHFCQUFxQixDQUFDLFlBQVksV0FBVyw2QkFBNkIsQ0FBQyxDQUFDO1lBQ3hGLEtBQUssSUFBSSxDQUFDLGVBQWUsRUFBRSxtQkFBbUI7Z0JBQzVDLE1BQU0sSUFBSSxvQkFBb0IsQ0FBQyxZQUFZLFdBQVcsd0JBQXdCLENBQUMsQ0FBQztZQUNsRixLQUFLLElBQUksQ0FBQyxRQUFRLENBQUM7WUFDbkIsS0FBSyxJQUFJLENBQUMsYUFBYSxDQUFDO1lBQ3hCLEtBQUssSUFBSSxDQUFDLFFBQVEsQ0FBQztZQUNuQixLQUFLLElBQUksQ0FBQyxPQUFPLENBQUM7WUFDbEIsS0FBSyxJQUFJLENBQUMsZ0JBQWdCLENBQUM7WUFDM0IsS0FBSyxJQUFJLENBQUMsV0FBVyxFQUFFLHFCQUFxQjtnQkFDMUMsTUFBTSxJQUFJLFlBQVksQ0FDcEIsR0FBRyxDQUFDLENBQUMsSUFBSSxTQUFTLFdBQVcsMkNBQTJDLENBQUMsQ0FBQyxPQUFPLEdBQUcsQ0FDckYsQ0FBQztZQUNKO2dCQUNFLE1BQU0sSUFBSSxZQUFZLENBQUMsSUFBSSxXQUFXLGNBQWMsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFDckUsQ0FBQztJQUNILENBQUM7SUFDRCxNQUFNLElBQUksWUFBWSxDQUFDLElBQUksV0FBVyxjQUFjLHNCQUFzQixDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQztBQUNuRixDQUFDO0FBRUQsTUFBTSxVQUFVLDBCQUEwQixDQUN4QyxDQUFTLEVBQ1QsV0FBbUIsRUFDbkIsbUJBQThCO0lBRTlCLElBQUksQ0FBQyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxDQUFDLEVBQUUsQ0FBQztRQUMzQyxrQkFBa0I7UUFDbEIsTUFBTSxJQUFJLGdCQUFnQixDQUFDLFlBQVksV0FBVywwQkFBMEIsQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUNwRixDQUFDO0lBQ0QsSUFBSSxDQUFDLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsQ0FBQyxFQUFFLENBQUM7UUFDNUMsSUFBSSxtQkFBbUIsSUFBSSxtQkFBbUIsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDMUQsTUFBTSxJQUFJLHFCQUFxQixDQUM3QixZQUFZLFdBQVcsNkJBQTZCLEVBQ3BELG1CQUFtQixDQUNwQixDQUFDO1FBQ0osQ0FBQztRQUNELE1BQU0sSUFBSSxxQkFBcUIsQ0FBQyxZQUFZLFdBQVcsNkJBQTZCLENBQUMsQ0FBQztJQUN4RixDQUFDO0lBQ0QsSUFBSSxDQUFDLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLENBQUMsRUFBRSxDQUFDO1FBQzNDLG1CQUFtQjtRQUNuQixNQUFNLElBQUksb0JBQW9CLENBQUMsWUFBWSxXQUFXLHdCQUF3QixDQUFDLENBQUM7SUFDbEYsQ0FBQztJQUNELElBQ0UsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQy9CLENBQUMsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUNwQyxDQUFDLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDL0IsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQzlCLENBQUMsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO1FBQ3ZDLENBQUMsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQyxFQUNsQyxDQUFDO1FBQ0QsUUFBUTtRQUNSLE1BQU0sSUFBSSxZQUFZLENBQUMsU0FBUyxXQUFXLDJDQUEyQyxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQzlGLENBQUM7SUFDRCxNQUFNLElBQUksWUFBWSxDQUFDLElBQUksV0FBVyxjQUFjLENBQUMsRUFBRSxDQUFDLENBQUM7QUFDM0QsQ0FBQztBQUVELE1BQU0sQ0FBQyxLQUFLLFVBQVUscUJBQXFCLENBQ3pDLFdBQW1CLEVBQ25CLElBQWdCO0lBRWhCLElBQUksVUFBVSxHQUFHLENBQUMsQ0FBQztJQUNuQixNQUFNLFVBQVUsR0FBRyxFQUFFLENBQUM7SUFDdEIsTUFBTSxRQUFRLEdBQUcsSUFBSSxjQUFjLENBQUMsRUFBRSxZQUFZLEVBQUUsbUJBQW1CLENBQUMsSUFBSSxDQUFDLEVBQUUsV0FBVyxFQUFFLENBQUMsQ0FBQztJQUU5RixHQUFHLENBQUM7UUFDRixJQUFJLFFBQXNDLENBQUM7UUFDM0MsSUFBSSxDQUFDO1lBQ0gsUUFBUSxHQUFHLE1BQU0sUUFBUSxDQUFDLEVBQUUsQ0FBQyx1QkFBdUIsQ0FBQyxvQkFBb0IsQ0FBQztnQkFDeEUsVUFBVSxFQUFFO29CQUNWLE1BQU0sRUFBRSxVQUFVO2lCQUNuQjthQUNGLENBQUMsQ0FBQztRQUNMLENBQUM7UUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1lBQ1gsTUFBTSxJQUFJLFlBQVksQ0FDcEIsSUFBSSxXQUFXLDRCQUE0QixzQkFBc0IsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUN2RSxDQUFDO1FBQ0osQ0FBQztRQUVELFVBQVUsQ0FBQyxJQUFJLENBQUMsR0FBRyxRQUFRLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztRQUM5QyxVQUFVLEdBQUcsUUFBUSxFQUFFLFVBQVUsRUFBRSxVQUFVLElBQUksQ0FBQyxDQUFDO0lBQ3JELENBQUMsUUFBUSxVQUFVLEdBQUcsQ0FBQyxFQUFFO0lBRXpCLE1BQU0sVUFBVSxHQUFHLFVBQVUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUMxRCx3QkFBd0I7SUFDeEIsSUFBSSxDQUFDLFVBQVUsQ0FBQyxRQUFRLENBQUMsR0FBRyxXQUFXLE1BQU0sQ0FBQyxFQUFFLENBQUM7UUFDL0MsVUFBVSxDQUFDLElBQUksQ0FBQyxHQUFHLFdBQVcsTUFBTSxDQUFDLENBQUM7SUFDeEMsQ0FBQztJQUVELE9BQU8sSUFBSSxlQUFlLENBQUMsVUFBVSxFQUFFLEtBQUssQ0FBQyxDQUFDO0FBQ2hELENBQUM7QUFZRCxTQUFTLFNBQVMsQ0FBQyxPQUFpQjtJQUNsQyxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUM7UUFDYixPQUFPLEtBQUssQ0FBQztJQUNmLENBQUM7SUFDRCxNQUFNLEVBQUUsR0FBRyxPQUEwQixDQUFDO0lBQ3RDLE9BQU8sQ0FDTCxDQUFDLENBQUMsRUFBRSxDQUFDLE9BQU87UUFDWixDQUFDLENBQUMsRUFBRSxDQUFDLFVBQVU7UUFDZixPQUFPLEVBQUUsQ0FBQyxVQUFVLEtBQUssUUFBUTtRQUNqQyxDQUFDLENBQUMsRUFBRSxDQUFDLFVBQVUsQ0FBQyxHQUFHO1FBQ25CLENBQUMsQ0FBQyxFQUFFLENBQUMsVUFBVSxDQUFDLFNBQVM7UUFDekIsb0JBQW9CLENBQUMsRUFBRSxDQUFDLFVBQVUsQ0FBQyxTQUFTLENBQUMsQ0FDOUMsQ0FBQztBQUNKLENBQUM7QUFFRCxNQUFNLENBQUMsS0FBSyxVQUFVLGNBQWMsQ0FDbEMsV0FBbUIsRUFDbkIsU0FBaUM7SUFFakMsSUFBSSxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQ2pCLE1BQU0sSUFBSSxrQkFBa0IsQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0lBQzNELENBQUM7SUFDRCx1REFBdUQ7SUFDdkQsaUJBQWlCLENBQUMsV0FBVyxDQUFDLENBQUM7SUFFL0IsTUFBTSxXQUFXLEdBQUcsNkJBQTZCLENBQUMsV0FBVyxDQUFDLENBQUM7SUFDL0QsTUFBTSxRQUFRLEdBQUcsSUFBSSxjQUFjLENBQUM7UUFDbEMsV0FBVztLQUNaLENBQUMsQ0FBQztJQUNILElBQUksQ0FBQztRQUNILE1BQU0sRUFBRSxHQUFHLEVBQUUsU0FBUyxFQUFFLEdBQUcsTUFBTSxRQUFRLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUM7WUFDNUQsU0FBUyxFQUFFLFNBQVMsSUFBSSxVQUFVO1lBQ2xDLENBQUMsRUFBRSxHQUFHO1NBQ1AsQ0FBQyxDQUFDO1FBQ0gsTUFBTSxNQUFNLEdBQXFCO1lBQy9CLFNBQVM7WUFDVCxHQUFHLEVBQUUsV0FBVztZQUNoQixTQUFTLEVBQUUsU0FBUyxJQUFJLFVBQVU7WUFDbEMsR0FBRyxDQUFDLEdBQUcsSUFBSSxFQUFFLEdBQUcsRUFBRSxDQUFDO1NBQ3BCLENBQUM7UUFDRixPQUFPLE1BQU0sQ0FBQztJQUNoQixDQUFDO0lBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztRQUNYLE1BQU0sSUFBSSxZQUFZLENBQUMsSUFBSSxXQUFXLGlCQUFpQixzQkFBc0IsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDdEYsQ0FBQztBQUNILENBQUM7QUFFRDs7Ozs7O0dBTUc7QUFDSCxNQUFNLENBQUMsS0FBSyxVQUFVLGtCQUFrQixDQUFDLFdBQW1CO0lBQzFELElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUNqQixNQUFNLElBQUksa0JBQWtCLENBQUMsMEJBQTBCLENBQUMsQ0FBQztJQUMzRCxDQUFDO0lBQ0QsaUJBQWlCLENBQUMsV0FBVyxDQUFDLENBQUM7SUFFL0IsTUFBTSxXQUFXLEdBQUcsNkJBQTZCLENBQUMsV0FBVyxDQUFDLENBQUM7SUFDL0QsTUFBTSxRQUFRLEdBQUcsSUFBSSxjQUFjLENBQUM7UUFDbEMsV0FBVztLQUNaLENBQUMsQ0FBQztJQUNILElBQUksQ0FBQztRQUNILE1BQU0sRUFBRSxhQUFhLEVBQUUsR0FBRyxNQUFNLFFBQVEsQ0FBQyxFQUFFLENBQUMsU0FBUyxDQUFDLHlCQUF5QixDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ3BGLE1BQU0sT0FBTyxHQUFHLGFBQWEsRUFBRSxRQUFzQyxDQUFDO1FBQ3RFLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztZQUN4QixNQUFNLElBQUksWUFBWSxDQUNwQixvQ0FBb0MsV0FBVyxnREFBZ0QsQ0FDaEcsQ0FBQztRQUNKLENBQUM7UUFFRCxNQUFNLE1BQU0sR0FBcUI7WUFDL0IsU0FBUyxFQUFFLE9BQU8sQ0FBQyxVQUFVLENBQUMsR0FBRztZQUNqQyxHQUFHLEVBQUUsT0FBTyxDQUFDLE9BQU87WUFDcEIsU0FBUyxFQUFFLE9BQU8sQ0FBQyxVQUFVLENBQUMsU0FBUztZQUN2QyxHQUFHLEVBQUUsT0FBTyxDQUFDLFVBQVUsQ0FBQyxHQUFHO1NBQzVCLENBQUM7UUFDRixPQUFPLE1BQU0sQ0FBQztJQUNoQixDQUFDO0lBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztRQUNYLE1BQU0sSUFBSSxZQUFZLENBQUMsSUFBSSxXQUFXLGlCQUFpQixzQkFBc0IsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDdEYsQ0FBQztBQUNILENBQUMifQ==
|
package/dist/web/src/access.js
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { resolveAuthConfig } from './auth/interceptors.js';
|
|
1
2
|
import { getPlatformUrlFromKasEndpoint, validateSecureUrl } from './utils.js';
|
|
2
3
|
import { base64 } from './encodings/index.js';
|
|
3
4
|
import { fetchKasBasePubKey, fetchKeyAccessServers as fetchKeyAccessServersRpc, } from './access/access-rpc.js';
|
|
@@ -14,9 +15,16 @@ import { fetchKasPubKey as fetchKasPubKeyLegacy } from './access/access-fetch.js
|
|
|
14
15
|
* @param fulfillableObligationFQNs client-configured list of obligation value FQNs that can be fulfilled in this PEP
|
|
15
16
|
* @param clientVersion
|
|
16
17
|
*/
|
|
17
|
-
export async function fetchWrappedKey(url, signedRequestToken,
|
|
18
|
+
export async function fetchWrappedKey(url, signedRequestToken, auth, fulfillableObligationFQNs) {
|
|
18
19
|
const platformUrl = getPlatformUrlFromKasEndpoint(url);
|
|
19
|
-
|
|
20
|
+
const { interceptors, authProvider } = resolveAuthConfig(auth);
|
|
21
|
+
const rpcCall = () => fetchWrappedKeysRpc(platformUrl, signedRequestToken, { interceptors }, rewrapAdditionalContextHeader(fulfillableObligationFQNs));
|
|
22
|
+
// When no AuthProvider is available, skip the legacy fallback so the real
|
|
23
|
+
// RPC error propagates instead of being masked by tryPromisesUntilFirstSuccess.
|
|
24
|
+
if (!authProvider) {
|
|
25
|
+
return await rpcCall();
|
|
26
|
+
}
|
|
27
|
+
return await tryPromisesUntilFirstSuccess(rpcCall,
|
|
20
28
|
// We intentionally do not provide the rewrap additional context to legacy requests destined for older platforms.
|
|
21
29
|
// Platforms new enough to have knowledge of obligations will be handling RPC requests successfully.
|
|
22
30
|
() => fetchWrappedKeysLegacy(url, { signedRequestToken }, authProvider));
|
|
@@ -91,8 +99,13 @@ export const publicKeyAlgorithmToJwa = (a) => {
|
|
|
91
99
|
* @param authProvider The authentication provider to use for the request.
|
|
92
100
|
* @returns A promise that resolves to an OriginAllowList.
|
|
93
101
|
*/
|
|
94
|
-
export async function fetchKeyAccessServers(platformUrl,
|
|
95
|
-
|
|
102
|
+
export async function fetchKeyAccessServers(platformUrl, auth) {
|
|
103
|
+
const { interceptors, authProvider } = resolveAuthConfig(auth);
|
|
104
|
+
const rpcCall = () => fetchKeyAccessServersRpc(platformUrl, { interceptors });
|
|
105
|
+
if (!authProvider) {
|
|
106
|
+
return await rpcCall();
|
|
107
|
+
}
|
|
108
|
+
return await tryPromisesUntilFirstSuccess(rpcCall, () => fetchKeyAccessServersLegacy(platformUrl, authProvider));
|
|
96
109
|
}
|
|
97
110
|
/**
|
|
98
111
|
* Fetch the EC (secp256r1) public key for a KAS endpoint.
|
|
@@ -172,4 +185,4 @@ async function tryPromisesUntilFirstSuccess(first, second) {
|
|
|
172
185
|
}
|
|
173
186
|
}
|
|
174
187
|
}
|
|
175
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
188
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWNjZXNzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2FjY2Vzcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQW1CLGlCQUFpQixFQUFFLE1BQU0sd0JBQXdCLENBQUM7QUFFNUUsT0FBTyxFQUFFLDZCQUE2QixFQUFFLGlCQUFpQixFQUFFLE1BQU0sWUFBWSxDQUFDO0FBQzlFLE9BQU8sRUFBRSxNQUFNLEVBQUUsTUFBTSxzQkFBc0IsQ0FBQztBQUU5QyxPQUFPLEVBQ0wsa0JBQWtCLEVBQ2xCLHFCQUFxQixJQUFJLHdCQUF3QixHQUNsRCxNQUFNLHdCQUF3QixDQUFDO0FBQ2hDLE9BQU8sRUFBRSxxQkFBcUIsSUFBSSwyQkFBMkIsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBQ2hHLE9BQU8sRUFBRSxlQUFlLElBQUksbUJBQW1CLEVBQUUsTUFBTSx3QkFBd0IsQ0FBQztBQUNoRixPQUFPLEVBQUUsZUFBZSxJQUFJLHNCQUFzQixFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFDckYsT0FBTyxFQUFFLGNBQWMsSUFBSSxpQkFBaUIsRUFBRSxNQUFNLHdCQUF3QixDQUFDO0FBQzdFLE9BQU8sRUFBRSxjQUFjLElBQUksb0JBQW9CLEVBQUUsTUFBTSwwQkFBMEIsQ0FBQztBQWVsRjs7Ozs7OztHQU9HO0FBQ0gsTUFBTSxDQUFDLEtBQUssVUFBVSxlQUFlLENBQ25DLEdBQVcsRUFDWCxrQkFBMEIsRUFDMUIsSUFBZ0IsRUFDaEIseUJBQW1DO0lBRW5DLE1BQU0sV0FBVyxHQUFHLDZCQUE2QixDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQ3ZELE1BQU0sRUFBRSxZQUFZLEVBQUUsWUFBWSxFQUFFLEdBQUcsaUJBQWlCLENBQUMsSUFBSSxDQUFDLENBQUM7SUFFL0QsTUFBTSxPQUFPLEdBQUcsR0FBRyxFQUFFLENBQ25CLG1CQUFtQixDQUNqQixXQUFXLEVBQ1gsa0JBQWtCLEVBQ2xCLEVBQUUsWUFBWSxFQUFFLEVBQ2hCLDZCQUE2QixDQUFDLHlCQUF5QixDQUFDLENBQ3pELENBQUM7SUFFSiwwRUFBMEU7SUFDMUUsZ0ZBQWdGO0lBQ2hGLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUNsQixPQUFPLE1BQU0sT0FBTyxFQUFFLENBQUM7SUFDekIsQ0FBQztJQUVELE9BQU8sTUFBTSw0QkFBNEIsQ0FDdkMsT0FBTztJQUNQLGlIQUFpSDtJQUNqSCxvR0FBb0c7SUFDcEcsR0FBRyxFQUFFLENBQ0gsc0JBQXNCLENBQ3BCLEdBQUcsRUFDSCxFQUFFLGtCQUFrQixFQUFFLEVBQ3RCLFlBQVksQ0FDeUIsQ0FDMUMsQ0FBQztBQUNKLENBQUM7QUFFRDs7O0dBR0c7QUFDSCxNQUFNLENBQUMsTUFBTSw2QkFBNkIsR0FBRyxDQUMzQyw4QkFBd0MsRUFDcEIsRUFBRTtJQUN0QixJQUFJLENBQUMsOEJBQThCLENBQUMsTUFBTTtRQUFFLE9BQU87SUFFbkQsTUFBTSxPQUFPLEdBQTRCO1FBQ3ZDLFdBQVcsRUFBRTtZQUNYLGVBQWUsRUFBRSw4QkFBOEIsQ0FBQyxHQUFHLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxDQUFDLEdBQUcsQ0FBQyxXQUFXLEVBQUUsQ0FBQztTQUNoRjtLQUNGLENBQUM7SUFDRixPQUFPLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDO0FBQ2hELENBQUMsQ0FBQztBQVNGLE1BQU0sQ0FBQyxNQUFNLG9CQUFvQixHQUFHLENBQUMsQ0FBUyxFQUE4QixFQUFFO0lBQzVFLE9BQU8sQ0FBQyxLQUFLLGNBQWMsSUFBSSxDQUFDLEtBQUssVUFBVSxDQUFDO0FBQ2xELENBQUMsQ0FBQztBQUVGLE1BQU0sQ0FBQyxNQUFNLGdDQUFnQyxHQUFHLENBQUMsQ0FBWSxFQUF5QixFQUFFO0lBQ3RGLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxTQUFTLENBQUM7SUFDdEIsSUFBSSxDQUFDLENBQUMsSUFBSSxLQUFLLE9BQU8sSUFBSSxDQUFDLENBQUMsSUFBSSxLQUFLLE1BQU0sRUFBRSxDQUFDO1FBQzVDLE1BQU0sR0FBRyxHQUFHLENBQW1CLENBQUM7UUFDaEMsUUFBUSxHQUFHLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDdkIsS0FBSyxPQUFPO2dCQUNWLE9BQU8sY0FBYyxDQUFDO1lBQ3hCLEtBQUssT0FBTztnQkFDVixPQUFPLGNBQWMsQ0FBQztZQUN4QixLQUFLLE9BQU87Z0JBQ1YsT0FBTyxjQUFjLENBQUM7WUFDeEI7Z0JBQ0UsTUFBTSxJQUFJLEtBQUssQ0FBQyx5QkFBeUIsR0FBRyxDQUFDLFVBQVUsRUFBRSxDQUFDLENBQUM7UUFDL0QsQ0FBQztJQUNILENBQUM7SUFDRCxJQUFJLENBQUMsQ0FBQyxJQUFJLEtBQUssVUFBVSxJQUFJLENBQUMsQ0FBQyxJQUFJLEtBQUssbUJBQW1CLEVBQUUsQ0FBQztRQUM1RCxNQUFNLElBQUksR0FBRyxDQUEwQixDQUFDO1FBQ3hDLElBQUksSUFBSSxDQUFDLGNBQWMsQ0FBQyxRQUFRLEVBQUUsS0FBSyxPQUFPLEVBQUUsQ0FBQztZQUMvQyxNQUFNLElBQUksS0FBSyxDQUFDLG9DQUFvQyxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUMsQ0FBQztRQUM3RSxDQUFDO1FBQ0QsUUFBUSxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUM7WUFDM0IsS0FBSyxJQUFJO2dCQUNQLE9BQU8sVUFBVSxDQUFDO1lBQ3BCLEtBQUssSUFBSTtnQkFDUCxPQUFPLFVBQVUsQ0FBQztZQUNwQjtnQkFDRSxNQUFNLElBQUksS0FBSyxDQUFDLG1DQUFtQyxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUMsQ0FBQztRQUM3RSxDQUFDO0lBQ0gsQ0FBQztJQUNELE1BQU0sSUFBSSxLQUFLLENBQUMsOEJBQThCLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDO0FBQzFELENBQUMsQ0FBQztBQUVGLE1BQU0sQ0FBQyxNQUFNLHVCQUF1QixHQUFHLENBQUMsQ0FBd0IsRUFBVSxFQUFFO0lBQzFFLFFBQVEsQ0FBQyxFQUFFLENBQUM7UUFDVixLQUFLLGNBQWM7WUFDakIsT0FBTyxPQUFPLENBQUM7UUFDakIsS0FBSyxVQUFVO1lBQ2IsT0FBTyxPQUFPLENBQUM7UUFDakIsS0FBSyxVQUFVO1lBQ2IsT0FBTyxPQUFPLENBQUM7UUFDakIsS0FBSyxjQUFjO1lBQ2pCLE9BQU8sT0FBTyxDQUFDO1FBQ2pCLEtBQUssY0FBYztZQUNqQixPQUFPLE9BQU8sQ0FBQztRQUNqQjtZQUNFLE1BQU0sSUFBSSxLQUFLLENBQUMscUNBQXFDLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDOUQsQ0FBQztBQUNILENBQUMsQ0FBQztBQW9CRjs7Ozs7R0FLRztBQUNILE1BQU0sQ0FBQyxLQUFLLFVBQVUscUJBQXFCLENBQ3pDLFdBQW1CLEVBQ25CLElBQWdCO0lBRWhCLE1BQU0sRUFBRSxZQUFZLEVBQUUsWUFBWSxFQUFFLEdBQUcsaUJBQWlCLENBQUMsSUFBSSxDQUFDLENBQUM7SUFFL0QsTUFBTSxPQUFPLEdBQUcsR0FBRyxFQUFFLENBQUMsd0JBQXdCLENBQUMsV0FBVyxFQUFFLEVBQUUsWUFBWSxFQUFFLENBQUMsQ0FBQztJQUU5RSxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDbEIsT0FBTyxNQUFNLE9BQU8sRUFBRSxDQUFDO0lBQ3pCLENBQUM7SUFFRCxPQUFPLE1BQU0sNEJBQTRCLENBQUMsT0FBTyxFQUFFLEdBQUcsRUFBRSxDQUN0RCwyQkFBMkIsQ0FBQyxXQUFXLEVBQUUsWUFBWSxDQUFDLENBQ3ZELENBQUM7QUFDSixDQUFDO0FBRUQ7Ozs7R0FJRztBQUNILE1BQU0sQ0FBQyxLQUFLLFVBQVUsZ0JBQWdCLENBQUMsV0FBbUI7SUFDeEQsT0FBTyxjQUFjLENBQUMsV0FBVyxFQUFFLGNBQWMsQ0FBQyxDQUFDO0FBQ3JELENBQUM7QUFFRDs7Ozs7Ozs7O0dBU0c7QUFDSCxNQUFNLENBQUMsS0FBSyxVQUFVLGNBQWMsQ0FDbEMsV0FBbUIsRUFDbkIsU0FBaUM7SUFFakMsSUFBSSxDQUFDO1FBQ0gsT0FBTyxNQUFNLGtCQUFrQixDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQy9DLENBQUM7SUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1FBQ1gsT0FBTyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUNqQixDQUFDO0lBRUQsT0FBTyxNQUFNLDRCQUE0QixDQUN2QyxHQUFHLEVBQUUsQ0FBQyxpQkFBaUIsQ0FBQyxXQUFXLEVBQUUsU0FBUyxDQUFDLEVBQy9DLEdBQUcsRUFBRSxDQUFDLG9CQUFvQixDQUFDLFdBQVcsRUFBRSxTQUFTLENBQUMsQ0FDbkQsQ0FBQztBQUNKLENBQUM7QUFFRCxNQUFNLE1BQU0sR0FBRyxDQUFDLENBQVMsRUFBVSxFQUFFO0lBQ25DLElBQUksQ0FBQztRQUNILE9BQU8sSUFBSSxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDO0lBQzNCLENBQUM7SUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1FBQ1gsT0FBTyxDQUFDLEdBQUcsQ0FBQyxxQkFBcUIsQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUN2QyxNQUFNLENBQUMsQ0FBQztJQUNWLENBQUM7QUFDSCxDQUFDLENBQUM7QUFFRjs7Ozs7Ozs7R0FRRztBQUNILE1BQU0sT0FBTyxlQUFlO0lBRzFCLFlBQVksSUFBYyxFQUFFLFFBQWtCO1FBQzVDLElBQUksQ0FBQyxPQUFPLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUNoQyxJQUFJLENBQUMsT0FBTyxDQUFDLGlCQUFpQixDQUFDLENBQUM7UUFDaEMsSUFBSSxDQUFDLFFBQVEsR0FBRyxDQUFDLENBQUMsUUFBUSxDQUFDO0lBQzdCLENBQUM7SUFDRCxNQUFNLENBQUMsR0FBVztRQUNoQixJQUFJLElBQUksQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUNsQixPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFDRCxPQUFPLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO0lBQzVDLENBQUM7Q0FDRjtBQUVEOzs7OztHQUtHO0FBQ0gsS0FBSyxVQUFVLDRCQUE0QixDQUN6QyxLQUF1QixFQUN2QixNQUF3QjtJQUV4QixJQUFJLENBQUM7UUFDSCxPQUFPLE1BQU0sS0FBSyxFQUFFLENBQUM7SUFDdkIsQ0FBQztJQUFDLE9BQU8sRUFBRSxFQUFFLENBQUM7UUFDWixPQUFPLENBQUMsSUFBSSxDQUFDLGtCQUFrQixFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBQ3JDLElBQUksQ0FBQztZQUNILE9BQU8sTUFBTSxNQUFNLEVBQUUsQ0FBQztRQUN4QixDQUFDO1FBQUMsT0FBTyxHQUFHLEVBQUUsQ0FBQztZQUNiLE1BQU0sR0FBRyxDQUFDO1FBQ1osQ0FBQztJQUNILENBQUM7QUFDSCxDQUFDIn0=
|