@opentdf/sdk 0.4.1-rc.37 → 0.5.0-beta.42
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/src/access/access-fetch.js +2 -1
- package/dist/cjs/src/access/access-rpc.js +11 -5
- package/dist/cjs/src/access/constants.js +6 -0
- package/dist/cjs/src/access.js +39 -4
- package/dist/cjs/src/auth/oidc-clientcredentials-provider.js +4 -2
- package/dist/cjs/src/auth/oidc-externaljwt-provider.js +5 -3
- package/dist/cjs/src/auth/oidc-refreshtoken-provider.js +19 -3
- package/dist/cjs/src/auth/oidc.js +9 -8
- package/dist/cjs/src/auth/providers.js +7 -1
- package/dist/cjs/src/index.js +4 -2
- package/dist/cjs/src/nanoclients.js +4 -4
- package/dist/cjs/src/nanotdf/Client.js +10 -6
- package/dist/cjs/src/opentdf.js +102 -13
- package/dist/cjs/src/platform/authorization/v2/authorization_pb.js +112 -0
- package/dist/cjs/src/platform/buf/validate/validate_pb.js +114 -170
- package/dist/cjs/src/platform/common/common_pb.js +16 -5
- package/dist/cjs/src/platform/entity/entity_pb.js +51 -0
- package/dist/cjs/src/platform/entityresolution/entity_resolution_pb.js +1 -1
- package/dist/cjs/src/platform/entityresolution/v2/entity_resolution_pb.js +49 -0
- package/dist/cjs/src/platform/google/api/annotations_pb.js +1 -1
- package/dist/cjs/src/platform/google/api/http_pb.js +3 -3
- package/dist/cjs/src/platform/kas/kas_pb.js +2 -2
- package/dist/cjs/src/platform/policy/attributes/attributes_pb.js +12 -2
- package/dist/cjs/src/platform/policy/kasregistry/key_access_server_registry_pb.js +57 -4
- package/dist/cjs/src/platform/policy/keymanagement/key_management_pb.js +2 -2
- package/dist/cjs/src/platform/policy/namespaces/namespaces_pb.js +31 -4
- package/dist/cjs/src/platform/policy/objects_pb.js +116 -42
- package/dist/cjs/src/platform/policy/obligations/obligations_pb.js +159 -0
- package/dist/cjs/src/platform/policy/registeredresources/registered_resources_pb.js +20 -15
- package/dist/cjs/src/platform/policy/resourcemapping/resource_mapping_pb.js +2 -3
- package/dist/cjs/src/platform/policy/selectors_pb.js +1 -1
- package/dist/cjs/src/platform/policy/subjectmapping/subject_mapping_pb.js +2 -3
- package/dist/cjs/src/platform/policy/unsafe/unsafe_pb.js +2 -4
- package/dist/cjs/src/platform.js +20 -3
- package/dist/cjs/src/policy/api.js +27 -7
- package/dist/cjs/src/policy/granter.js +75 -48
- package/dist/cjs/src/seekable.js +32 -1
- package/dist/cjs/src/utils.js +85 -3
- package/dist/cjs/src/version.js +1 -1
- package/dist/cjs/tdf3/src/assertions.js +39 -2
- package/dist/cjs/tdf3/src/client/DecoratedReadableStream.js +8 -1
- package/dist/cjs/tdf3/src/client/builders.js +13 -1
- package/dist/cjs/tdf3/src/client/index.js +213 -54
- package/dist/cjs/tdf3/src/client/validation.js +3 -3
- package/dist/cjs/tdf3/src/tdf.js +42 -9
- package/dist/cjs/tdf3/src/utils/unwrap.js +2 -2
- package/dist/types/src/access/access-fetch.d.ts +1 -0
- package/dist/types/src/access/access-fetch.d.ts.map +1 -1
- package/dist/types/src/access/access-rpc.d.ts +2 -1
- package/dist/types/src/access/access-rpc.d.ts.map +1 -1
- package/dist/types/src/access/constants.d.ts +3 -0
- package/dist/types/src/access/constants.d.ts.map +1 -0
- package/dist/types/src/access.d.ts +30 -1
- package/dist/types/src/access.d.ts.map +1 -1
- package/dist/types/src/auth/oidc-clientcredentials-provider.d.ts +1 -1
- package/dist/types/src/auth/oidc-clientcredentials-provider.d.ts.map +1 -1
- package/dist/types/src/auth/oidc-externaljwt-provider.d.ts +1 -1
- package/dist/types/src/auth/oidc-externaljwt-provider.d.ts.map +1 -1
- package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts +15 -1
- package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts.map +1 -1
- package/dist/types/src/auth/oidc.d.ts +4 -0
- package/dist/types/src/auth/oidc.d.ts.map +1 -1
- package/dist/types/src/auth/providers.d.ts.map +1 -1
- package/dist/types/src/index.d.ts +1 -0
- package/dist/types/src/index.d.ts.map +1 -1
- package/dist/types/src/nanotdf/Client.d.ts +8 -1
- package/dist/types/src/nanotdf/Client.d.ts.map +1 -1
- package/dist/types/src/opentdf.d.ts +137 -6
- package/dist/types/src/opentdf.d.ts.map +1 -1
- package/dist/types/src/platform/authorization/v2/authorization_pb.d.ts +439 -0
- package/dist/types/src/platform/authorization/v2/authorization_pb.d.ts.map +1 -0
- package/dist/types/src/platform/buf/validate/validate_pb.d.ts +495 -370
- package/dist/types/src/platform/buf/validate/validate_pb.d.ts.map +1 -1
- package/dist/types/src/platform/common/common_pb.d.ts +36 -0
- package/dist/types/src/platform/common/common_pb.d.ts.map +1 -1
- package/dist/types/src/platform/entity/entity_pb.d.ts +130 -0
- package/dist/types/src/platform/entity/entity_pb.d.ts.map +1 -0
- package/dist/types/src/platform/entityresolution/entity_resolution_pb.d.ts +4 -0
- package/dist/types/src/platform/entityresolution/entity_resolution_pb.d.ts.map +1 -1
- package/dist/types/src/platform/entityresolution/v2/entity_resolution_pb.d.ts +136 -0
- package/dist/types/src/platform/entityresolution/v2/entity_resolution_pb.d.ts.map +1 -0
- package/dist/types/src/platform/google/api/http_pb.d.ts.map +1 -1
- package/dist/types/src/platform/kas/kas_pb.d.ts +5 -0
- package/dist/types/src/platform/kas/kas_pb.d.ts.map +1 -1
- package/dist/types/src/platform/policy/attributes/attributes_pb.d.ts +44 -13
- package/dist/types/src/platform/policy/attributes/attributes_pb.d.ts.map +1 -1
- package/dist/types/src/platform/policy/kasregistry/key_access_server_registry_pb.d.ts +329 -24
- package/dist/types/src/platform/policy/kasregistry/key_access_server_registry_pb.d.ts.map +1 -1
- package/dist/types/src/platform/policy/keymanagement/key_management_pb.d.ts +20 -1
- package/dist/types/src/platform/policy/keymanagement/key_management_pb.d.ts.map +1 -1
- package/dist/types/src/platform/policy/namespaces/namespaces_pb.d.ts +143 -5
- package/dist/types/src/platform/policy/namespaces/namespaces_pb.d.ts.map +1 -1
- package/dist/types/src/platform/policy/objects_pb.d.ts +382 -33
- package/dist/types/src/platform/policy/objects_pb.d.ts.map +1 -1
- package/dist/types/src/platform/policy/obligations/obligations_pb.d.ts +670 -0
- package/dist/types/src/platform/policy/obligations/obligations_pb.d.ts.map +1 -0
- package/dist/types/src/platform/policy/registeredresources/registered_resources_pb.d.ts +67 -0
- package/dist/types/src/platform/policy/registeredresources/registered_resources_pb.d.ts.map +1 -1
- package/dist/types/src/platform/policy/resourcemapping/resource_mapping_pb.d.ts.map +1 -1
- package/dist/types/src/platform/policy/selectors_pb.d.ts +18 -0
- package/dist/types/src/platform/policy/selectors_pb.d.ts.map +1 -1
- package/dist/types/src/platform/policy/subjectmapping/subject_mapping_pb.d.ts.map +1 -1
- package/dist/types/src/platform/policy/unsafe/unsafe_pb.d.ts +18 -4
- package/dist/types/src/platform/policy/unsafe/unsafe_pb.d.ts.map +1 -1
- package/dist/types/src/platform.d.ts +21 -0
- package/dist/types/src/platform.d.ts.map +1 -1
- package/dist/types/src/policy/api.d.ts +2 -0
- package/dist/types/src/policy/api.d.ts.map +1 -1
- package/dist/types/src/policy/granter.d.ts +11 -6
- package/dist/types/src/policy/granter.d.ts.map +1 -1
- package/dist/types/src/seekable.d.ts +31 -0
- package/dist/types/src/seekable.d.ts.map +1 -1
- package/dist/types/src/utils.d.ts +61 -2
- package/dist/types/src/utils.d.ts.map +1 -1
- package/dist/types/src/version.d.ts +1 -1
- package/dist/types/tdf3/src/assertions.d.ts +4 -0
- package/dist/types/tdf3/src/assertions.d.ts.map +1 -1
- package/dist/types/tdf3/src/client/DecoratedReadableStream.d.ts +6 -0
- package/dist/types/tdf3/src/client/DecoratedReadableStream.d.ts.map +1 -1
- package/dist/types/tdf3/src/client/builders.d.ts +14 -0
- package/dist/types/tdf3/src/client/builders.d.ts.map +1 -1
- package/dist/types/tdf3/src/client/index.d.ts +25 -4
- package/dist/types/tdf3/src/client/index.d.ts.map +1 -1
- package/dist/types/tdf3/src/client/validation.d.ts +3 -3
- package/dist/types/tdf3/src/client/validation.d.ts.map +1 -1
- package/dist/types/tdf3/src/tdf.d.ts +3 -1
- package/dist/types/tdf3/src/tdf.d.ts.map +1 -1
- package/dist/types/tdf3/src/utils/unwrap.d.ts.map +1 -1
- package/dist/web/src/access/access-fetch.js +2 -1
- package/dist/web/src/access/access-rpc.js +11 -5
- package/dist/web/src/access/constants.js +3 -0
- package/dist/web/src/access.js +37 -3
- package/dist/web/src/auth/oidc-clientcredentials-provider.js +4 -2
- package/dist/web/src/auth/oidc-externaljwt-provider.js +5 -3
- package/dist/web/src/auth/oidc-refreshtoken-provider.js +19 -3
- package/dist/web/src/auth/oidc.js +9 -8
- package/dist/web/src/auth/providers.js +7 -1
- package/dist/web/src/index.js +2 -1
- package/dist/web/src/nanoclients.js +4 -4
- package/dist/web/src/nanotdf/Client.js +11 -7
- package/dist/web/src/opentdf.js +102 -13
- package/dist/web/src/platform/authorization/v2/authorization_pb.js +109 -0
- package/dist/web/src/platform/buf/validate/validate_pb.js +113 -169
- package/dist/web/src/platform/common/common_pb.js +15 -4
- package/dist/web/src/platform/entity/entity_pb.js +48 -0
- package/dist/web/src/platform/entityresolution/entity_resolution_pb.js +1 -1
- package/dist/web/src/platform/entityresolution/v2/entity_resolution_pb.js +46 -0
- package/dist/web/src/platform/google/api/annotations_pb.js +1 -1
- package/dist/web/src/platform/google/api/http_pb.js +3 -3
- package/dist/web/src/platform/kas/kas_pb.js +2 -2
- package/dist/web/src/platform/policy/attributes/attributes_pb.js +12 -2
- package/dist/web/src/platform/policy/kasregistry/key_access_server_registry_pb.js +55 -3
- package/dist/web/src/platform/policy/keymanagement/key_management_pb.js +2 -2
- package/dist/web/src/platform/policy/namespaces/namespaces_pb.js +30 -3
- package/dist/web/src/platform/policy/objects_pb.js +114 -41
- package/dist/web/src/platform/policy/obligations/obligations_pb.js +156 -0
- package/dist/web/src/platform/policy/registeredresources/registered_resources_pb.js +19 -14
- package/dist/web/src/platform/policy/resourcemapping/resource_mapping_pb.js +2 -3
- package/dist/web/src/platform/policy/selectors_pb.js +1 -1
- package/dist/web/src/platform/policy/subjectmapping/subject_mapping_pb.js +2 -3
- package/dist/web/src/platform/policy/unsafe/unsafe_pb.js +2 -4
- package/dist/web/src/platform.js +20 -3
- package/dist/web/src/policy/api.js +26 -7
- package/dist/web/src/policy/granter.js +75 -48
- package/dist/web/src/seekable.js +32 -1
- package/dist/web/src/utils.js +84 -3
- package/dist/web/src/version.js +1 -1
- package/dist/web/tdf3/src/assertions.js +38 -2
- package/dist/web/tdf3/src/client/DecoratedReadableStream.js +8 -1
- package/dist/web/tdf3/src/client/builders.js +13 -1
- package/dist/web/tdf3/src/client/index.js +215 -57
- package/dist/web/tdf3/src/client/validation.js +3 -3
- package/dist/web/tdf3/src/tdf.js +42 -9
- package/dist/web/tdf3/src/utils/unwrap.js +2 -2
- package/package.json +7 -5
- package/src/access/access-fetch.ts +1 -0
- package/src/access/access-rpc.ts +13 -4
- package/src/access/constants.ts +2 -0
- package/src/access.ts +54 -2
- package/src/auth/oidc-clientcredentials-provider.ts +4 -0
- package/src/auth/oidc-externaljwt-provider.ts +5 -1
- package/src/auth/oidc-refreshtoken-provider.ts +19 -1
- package/src/auth/oidc.ts +12 -7
- package/src/auth/providers.ts +6 -0
- package/src/index.ts +1 -0
- package/src/nanoclients.ts +3 -3
- package/src/nanotdf/Client.ts +28 -6
- package/src/opentdf.ts +205 -73
- package/src/platform/authorization/v2/authorization_pb.ts +503 -0
- package/src/platform/buf/validate/validate_pb.ts +529 -401
- package/src/platform/common/common_pb.ts +48 -3
- package/src/platform/entity/entity_pb.ts +154 -0
- package/src/platform/entityresolution/entity_resolution_pb.ts +4 -0
- package/src/platform/entityresolution/v2/entity_resolution_pb.ts +170 -0
- package/src/platform/google/api/annotations_pb.ts +1 -1
- package/src/platform/google/api/http_pb.ts +2 -2
- package/src/platform/kas/kas_pb.ts +6 -1
- package/src/platform/policy/attributes/attributes_pb.ts +46 -16
- package/src/platform/policy/kasregistry/key_access_server_registry_pb.ts +371 -27
- package/src/platform/policy/keymanagement/key_management_pb.ts +24 -2
- package/src/platform/policy/namespaces/namespaces_pb.ts +163 -7
- package/src/platform/policy/objects_pb.ts +474 -59
- package/src/platform/policy/obligations/obligations_pb.ts +788 -0
- package/src/platform/policy/registeredresources/registered_resources_pb.ts +80 -13
- package/src/platform/policy/resourcemapping/resource_mapping_pb.ts +1 -2
- package/src/platform/policy/selectors_pb.ts +18 -0
- package/src/platform/policy/subjectmapping/subject_mapping_pb.ts +1 -2
- package/src/platform/policy/unsafe/unsafe_pb.ts +21 -6
- package/src/platform.ts +29 -5
- package/src/policy/api.ts +37 -6
- package/src/policy/granter.ts +82 -56
- package/src/seekable.ts +31 -0
- package/src/utils.ts +88 -2
- package/src/version.ts +1 -1
- package/tdf3/src/assertions.ts +52 -1
- package/tdf3/src/client/DecoratedReadableStream.ts +9 -0
- package/tdf3/src/client/builders.ts +16 -0
- package/tdf3/src/client/index.ts +309 -73
- package/tdf3/src/client/validation.ts +2 -2
- package/tdf3/src/tdf.ts +53 -9
- package/tdf3/src/utils/unwrap.ts +2 -1
|
@@ -11,6 +11,7 @@ const utils_js_1 = require("../utils.js");
|
|
|
11
11
|
* @param url Key access server rewrap endpoint
|
|
12
12
|
* @param requestBody a signed request with an encrypted document key
|
|
13
13
|
* @param authProvider Authorization middleware
|
|
14
|
+
* @param rewrapAdditionalContextHeader optional value for 'X-Rewrap-Additional-Context'
|
|
14
15
|
*/
|
|
15
16
|
async function fetchWrappedKey(url, requestBody, authProvider) {
|
|
16
17
|
const req = await authProvider.withCreds({
|
|
@@ -152,4 +153,4 @@ async function fetchKasPubKey(kasEndpoint, algorithm) {
|
|
|
152
153
|
...(kid && { kid }),
|
|
153
154
|
};
|
|
154
155
|
}
|
|
155
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
156
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWNjZXNzLWZldGNoLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2FjY2Vzcy9hY2Nlc3MtZmV0Y2gudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFtQ0EsMENBc0RDO0FBRUQsc0RBK0NDO0FBRUQsd0NBOERDO0FBMU1ELDRDQUtzQjtBQUV0Qiw0Q0FPc0I7QUFDdEIsMENBQXNFO0FBYXRFOzs7Ozs7R0FNRztBQUNJLEtBQUssVUFBVSxlQUFlLENBQ25DLEdBQVcsRUFDWCxXQUEwQixFQUMxQixZQUEwQjtJQUUxQixNQUFNLEdBQUcsR0FBRyxNQUFNLFlBQVksQ0FBQyxTQUFTLENBQUM7UUFDdkMsR0FBRztRQUNILE1BQU0sRUFBRSxNQUFNO1FBQ2QsT0FBTyxFQUFFO1lBQ1AsY0FBYyxFQUFFLGtCQUFrQjtTQUNuQztRQUNELElBQUksRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLFdBQVcsQ0FBQztLQUNsQyxDQUFDLENBQUM7SUFFSCxJQUFJLFFBQWtCLENBQUM7SUFFdkIsSUFBSSxDQUFDO1FBQ0gsUUFBUSxHQUFHLE1BQU0sS0FBSyxDQUFDLEdBQUcsQ0FBQyxHQUFHLEVBQUU7WUFDOUIsTUFBTSxFQUFFLEdBQUcsQ0FBQyxNQUFNO1lBQ2xCLElBQUksRUFBRSxNQUFNLEVBQUUsOEJBQThCO1lBQzVDLEtBQUssRUFBRSxVQUFVLEVBQUUsMERBQTBEO1lBQzdFLFdBQVcsRUFBRSxhQUFhLEVBQUUsOEJBQThCO1lBQzFELE9BQU8sRUFBRSxHQUFHLENBQUMsT0FBTztZQUNwQixRQUFRLEVBQUUsUUFBUSxFQUFFLHlCQUF5QjtZQUM3QyxjQUFjLEVBQUUsYUFBYSxFQUFFLHNKQUFzSjtZQUNyTCxJQUFJLEVBQUUsR0FBRyxDQUFDLElBQWdCO1NBQzNCLENBQUMsQ0FBQztJQUNMLENBQUM7SUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1FBQ1gsTUFBTSxJQUFJLHdCQUFZLENBQUMscUNBQXFDLEdBQUcsR0FBRyxFQUFFLENBQUMsQ0FBQyxDQUFDO0lBQ3pFLENBQUM7SUFFRCxJQUFJLENBQUMsUUFBUSxDQUFDLEVBQUUsRUFBRSxDQUFDO1FBQ2pCLFFBQVEsUUFBUSxDQUFDLE1BQU0sRUFBRSxDQUFDO1lBQ3hCLEtBQUssR0FBRztnQkFDTixNQUFNLElBQUksNEJBQWdCLENBQ3hCLFlBQVksR0FBRyxDQUFDLEdBQUcsMEJBQTBCLE1BQU0sUUFBUSxDQUFDLElBQUksRUFBRSxHQUFHLENBQ3RFLENBQUM7WUFDSixLQUFLLEdBQUc7Z0JBQ04sTUFBTSxJQUFJLGdDQUFvQixDQUFDLFlBQVksR0FBRyxDQUFDLEdBQUcsd0JBQXdCLENBQUMsQ0FBQztZQUM5RSxLQUFLLEdBQUc7Z0JBQ04sTUFBTSxJQUFJLGlDQUFxQixDQUFDLFlBQVksR0FBRyxDQUFDLEdBQUcsNkJBQTZCLENBQUMsQ0FBQztZQUNwRjtnQkFDRSxJQUFJLFFBQVEsQ0FBQyxNQUFNLElBQUksR0FBRyxFQUFFLENBQUM7b0JBQzNCLE1BQU0sSUFBSSx3QkFBWSxDQUNwQixHQUFHLFFBQVEsQ0FBQyxNQUFNLFNBQVMsR0FBRyxDQUFDLEdBQUcsMkNBQTJDLE1BQU0sUUFBUSxDQUFDLElBQUksRUFBRSxHQUFHLENBQ3RHLENBQUM7Z0JBQ0osQ0FBQztnQkFDRCxNQUFNLElBQUksd0JBQVksQ0FDcEIsR0FBRyxHQUFHLENBQUMsTUFBTSxJQUFJLEdBQUcsQ0FBQyxHQUFHLE9BQU8sUUFBUSxDQUFDLE1BQU0sSUFBSSxRQUFRLENBQUMsVUFBVSxFQUFFLENBQ3hFLENBQUM7UUFDTixDQUFDO0lBQ0gsQ0FBQztJQUVELE9BQU8sUUFBUSxDQUFDLElBQUksRUFBRSxDQUFDO0FBQ3pCLENBQUM7QUFFTSxLQUFLLFVBQVUscUJBQXFCLENBQ3pDLFdBQW1CLEVBQ25CLFlBQTBCO0lBRTFCLElBQUksVUFBVSxHQUFHLENBQUMsQ0FBQztJQUNuQixNQUFNLFVBQVUsR0FBRyxFQUFFLENBQUM7SUFDdEIsR0FBRyxDQUFDO1FBQ0YsTUFBTSxHQUFHLEdBQUcsTUFBTSxZQUFZLENBQUMsU0FBUyxDQUFDO1lBQ3ZDLEdBQUcsRUFBRSxHQUFHLFdBQVcseUNBQXlDLFVBQVUsRUFBRTtZQUN4RSxNQUFNLEVBQUUsS0FBSztZQUNiLE9BQU8sRUFBRTtnQkFDUCxjQUFjLEVBQUUsa0JBQWtCO2FBQ25DO1NBQ0YsQ0FBQyxDQUFDO1FBQ0gsSUFBSSxRQUFrQixDQUFDO1FBQ3ZCLElBQUksQ0FBQztZQUNILFFBQVEsR0FBRyxNQUFNLEtBQUssQ0FBQyxHQUFHLENBQUMsR0FBRyxFQUFFO2dCQUM5QixNQUFNLEVBQUUsR0FBRyxDQUFDLE1BQU07Z0JBQ2xCLE9BQU8sRUFBRSxHQUFHLENBQUMsT0FBTztnQkFDcEIsSUFBSSxFQUFFLEdBQUcsQ0FBQyxJQUFnQjtnQkFDMUIsSUFBSSxFQUFFLE1BQU07Z0JBQ1osS0FBSyxFQUFFLFVBQVU7Z0JBQ2pCLFdBQVcsRUFBRSxhQUFhO2dCQUMxQixRQUFRLEVBQUUsUUFBUTtnQkFDbEIsY0FBYyxFQUFFLGFBQWE7YUFDOUIsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztRQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7WUFDWCxNQUFNLElBQUksd0JBQVksQ0FBQyxrQ0FBa0MsR0FBRyxDQUFDLEdBQUcsR0FBRyxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBQzFFLENBQUM7UUFDRCwyREFBMkQ7UUFDM0QsSUFBSSxDQUFDLFFBQVEsQ0FBQyxFQUFFLEVBQUUsQ0FBQztZQUNqQixNQUFNLElBQUksd0JBQVksQ0FDcEIsa0NBQWtDLEdBQUcsQ0FBQyxHQUFHLGNBQWMsUUFBUSxDQUFDLE1BQU0sRUFBRSxDQUN6RSxDQUFDO1FBQ0osQ0FBQztRQUNELE1BQU0sRUFBRSxnQkFBZ0IsR0FBRyxFQUFFLEVBQUUsVUFBVSxHQUFHLEVBQUUsRUFBRSxHQUFHLE1BQU0sUUFBUSxDQUFDLElBQUksRUFBRSxDQUFDO1FBQ3pFLFVBQVUsQ0FBQyxJQUFJLENBQUMsR0FBRyxnQkFBZ0IsQ0FBQyxDQUFDO1FBQ3JDLFVBQVUsR0FBRyxVQUFVLENBQUMsVUFBVSxJQUFJLENBQUMsQ0FBQztJQUMxQyxDQUFDLFFBQVEsVUFBVSxHQUFHLENBQUMsRUFBRTtJQUV6QixNQUFNLFVBQVUsR0FBRyxVQUFVLENBQUMsR0FBRyxDQUFDLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUM7SUFDMUQsd0JBQXdCO0lBQ3hCLElBQUksQ0FBQyxVQUFVLENBQUMsUUFBUSxDQUFDLEdBQUcsV0FBVyxNQUFNLENBQUMsRUFBRSxDQUFDO1FBQy9DLFVBQVUsQ0FBQyxJQUFJLENBQUMsR0FBRyxXQUFXLE1BQU0sQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRCxPQUFPLElBQUksMkJBQWUsQ0FBQyxVQUFVLEVBQUUsS0FBSyxDQUFDLENBQUM7QUFDaEQsQ0FBQztBQUVNLEtBQUssVUFBVSxjQUFjLENBQ2xDLFdBQW1CLEVBQ25CLFNBQWlDO0lBRWpDLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUNqQixNQUFNLElBQUksOEJBQWtCLENBQUMsMEJBQTBCLENBQUMsQ0FBQztJQUMzRCxDQUFDO0lBQ0QsdURBQXVEO0lBQ3ZELElBQUEsNEJBQWlCLEVBQUMsV0FBVyxDQUFDLENBQUM7SUFFL0Isb0ZBQW9GO0lBQ3BGLElBQUksT0FBWSxDQUFDO0lBQ2pCLElBQUksQ0FBQztRQUNILE9BQU8sR0FBRyxJQUFJLEdBQUcsQ0FBQyxXQUFXLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztRQUNYLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyw0QkFBNEIsV0FBVyxHQUFHLEVBQUUsQ0FBQyxDQUFDLENBQUM7SUFDOUUsQ0FBQztJQUNELElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxnQkFBZ0IsQ0FBQyxFQUFFLENBQUM7UUFDakQsSUFBSSxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDcEMsT0FBTyxDQUFDLFFBQVEsSUFBSSxHQUFHLENBQUM7UUFDMUIsQ0FBQztRQUNELE9BQU8sQ0FBQyxRQUFRLElBQUksbUJBQW1CLENBQUM7SUFDMUMsQ0FBQztJQUNELE9BQU8sQ0FBQyxZQUFZLENBQUMsR0FBRyxDQUFDLFdBQVcsRUFBRSxTQUFTLElBQUksVUFBVSxDQUFDLENBQUM7SUFDL0QsSUFBSSxDQUFDLE9BQU8sQ0FBQyxZQUFZLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7UUFDbkMsT0FBTyxDQUFDLFlBQVksQ0FBQyxHQUFHLENBQUMsR0FBRyxFQUFFLEdBQUcsQ0FBQyxDQUFDO0lBQ3JDLENBQUM7SUFFRCxJQUFJLG1CQUE2QixDQUFDO0lBQ2xDLElBQUksQ0FBQztRQUNILG1CQUFtQixHQUFHLE1BQU0sS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQzdDLENBQUM7SUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1FBQ1gsTUFBTSxJQUFJLHdCQUFZLENBQUMsb0NBQW9DLE9BQU8sR0FBRyxFQUFFLENBQUMsQ0FBQyxDQUFDO0lBQzVFLENBQUM7SUFDRCxJQUFJLENBQUMsbUJBQW1CLENBQUMsRUFBRSxFQUFFLENBQUM7UUFDNUIsUUFBUSxtQkFBbUIsQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUNuQyxLQUFLLEdBQUc7Z0JBQ04sTUFBTSxJQUFJLDhCQUFrQixDQUFDLFlBQVksT0FBTyxHQUFHLENBQUMsQ0FBQztZQUN2RCxLQUFLLEdBQUc7Z0JBQ04sTUFBTSxJQUFJLGdDQUFvQixDQUFDLFlBQVksT0FBTyxHQUFHLENBQUMsQ0FBQztZQUN6RCxLQUFLLEdBQUc7Z0JBQ04sTUFBTSxJQUFJLGlDQUFxQixDQUFDLFlBQVksT0FBTyxHQUFHLENBQUMsQ0FBQztZQUMxRDtnQkFDRSxNQUFNLElBQUksd0JBQVksQ0FDcEIsR0FBRyxPQUFPLE9BQU8sbUJBQW1CLENBQUMsTUFBTSxJQUFJLG1CQUFtQixDQUFDLFVBQVUsRUFBRSxDQUNoRixDQUFDO1FBQ04sQ0FBQztJQUNILENBQUM7SUFDRCxNQUFNLFdBQVcsR0FBRyxNQUFNLG1CQUFtQixDQUFDLElBQUksRUFBRSxDQUFDO0lBQ3JELE1BQU0sRUFBRSxTQUFTLEVBQUUsR0FBRyxFQUFFLEdBQXFCLFdBQVcsQ0FBQztJQUN6RCxJQUFJLENBQUMsU0FBUyxFQUFFLENBQUM7UUFDZixNQUFNLElBQUksd0JBQVksQ0FDcEIsOENBQThDLElBQUksQ0FBQyxTQUFTLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FDN0UsQ0FBQztJQUNKLENBQUM7SUFDRCxPQUFPO1FBQ0wsR0FBRyxFQUFFLElBQUEsZ0NBQW9CLEVBQUMsT0FBTyxFQUFFLElBQUEsK0JBQW9CLEVBQUMsU0FBUyxDQUFDLENBQUM7UUFDbkUsU0FBUztRQUNULEdBQUcsRUFBRSxXQUFXO1FBQ2hCLFNBQVMsRUFBRSxTQUFTLElBQUksVUFBVTtRQUNsQyxHQUFHLENBQUMsR0FBRyxJQUFJLEVBQUUsR0FBRyxFQUFFLENBQUM7S0FDcEIsQ0FBQztBQUNKLENBQUMifQ==
|
|
@@ -8,20 +8,26 @@ const access_js_1 = require("../access.js");
|
|
|
8
8
|
const errors_js_1 = require("../errors.js");
|
|
9
9
|
const platform_js_1 = require("../platform.js");
|
|
10
10
|
const utils_js_1 = require("../utils.js");
|
|
11
|
+
const constants_js_1 = require("./constants.js");
|
|
11
12
|
/**
|
|
12
13
|
* Get a rewrapped access key to the document, if possible
|
|
13
14
|
* @param url Key access server rewrap endpoint
|
|
14
15
|
* @param requestBody a signed request with an encrypted document key
|
|
15
16
|
* @param authProvider Authorization middleware
|
|
17
|
+
* @param rewrapAdditionalContextHeader optional value for 'X-Rewrap-Additional-Context'
|
|
16
18
|
* @param clientVersion
|
|
17
19
|
*/
|
|
18
|
-
async function fetchWrappedKey(url, signedRequestToken, authProvider) {
|
|
20
|
+
async function fetchWrappedKey(url, signedRequestToken, authProvider, rewrapAdditionalContextHeader) {
|
|
19
21
|
const platformUrl = (0, utils_js_1.getPlatformUrlFromKasEndpoint)(url);
|
|
20
22
|
const platform = new platform_js_1.PlatformClient({ authProvider, platformUrl });
|
|
23
|
+
const options = {};
|
|
24
|
+
if (rewrapAdditionalContextHeader) {
|
|
25
|
+
options.headers = {
|
|
26
|
+
[constants_js_1.X_REWRAP_ADDITIONAL_CONTEXT]: rewrapAdditionalContextHeader,
|
|
27
|
+
};
|
|
28
|
+
}
|
|
21
29
|
try {
|
|
22
|
-
return await platform.v1.access.rewrap({
|
|
23
|
-
signedRequestToken,
|
|
24
|
-
});
|
|
30
|
+
return await platform.v1.access.rewrap({ signedRequestToken }, options);
|
|
25
31
|
}
|
|
26
32
|
catch (e) {
|
|
27
33
|
throw new errors_js_1.NetworkError(`[${platformUrl}] [Rewrap] ${(0, utils_js_1.extractRpcErrorMessage)(e)}`);
|
|
@@ -128,4 +134,4 @@ async function fetchKasBasePubKey(kasEndpoint) {
|
|
|
128
134
|
throw new errors_js_1.NetworkError(`[${platformUrl}] [PublicKey] ${(0, utils_js_1.extractRpcErrorMessage)(e)}`);
|
|
129
135
|
}
|
|
130
136
|
}
|
|
131
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
137
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWNjZXNzLXJwYy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9hY2Nlc3MvYWNjZXNzLXJwYy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQThCQSwwQ0FtQkM7QUFFRCxzREFpQ0M7QUEyQkQsd0NBOEJDO0FBU0QsZ0RBaUNDO0FBdExELDRDQU1zQjtBQUd0Qiw0Q0FBZ0U7QUFDaEUsZ0RBQWdEO0FBR2hELDBDQUtxQjtBQUNyQixpREFBNkQ7QUFFN0Q7Ozs7Ozs7R0FPRztBQUNJLEtBQUssVUFBVSxlQUFlLENBQ25DLEdBQVcsRUFDWCxrQkFBMEIsRUFDMUIsWUFBMEIsRUFDMUIsNkJBQXNDO0lBRXRDLE1BQU0sV0FBVyxHQUFHLElBQUEsd0NBQTZCLEVBQUMsR0FBRyxDQUFDLENBQUM7SUFDdkQsTUFBTSxRQUFRLEdBQUcsSUFBSSw0QkFBYyxDQUFDLEVBQUUsWUFBWSxFQUFFLFdBQVcsRUFBRSxDQUFDLENBQUM7SUFDbkUsTUFBTSxPQUFPLEdBQWdCLEVBQUUsQ0FBQztJQUNoQyxJQUFJLDZCQUE2QixFQUFFLENBQUM7UUFDbEMsT0FBTyxDQUFDLE9BQU8sR0FBRztZQUNoQixDQUFDLDBDQUEyQixDQUFDLEVBQUUsNkJBQTZCO1NBQzdELENBQUM7SUFDSixDQUFDO0lBQ0QsSUFBSSxDQUFDO1FBQ0gsT0FBTyxNQUFNLFFBQVEsQ0FBQyxFQUFFLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxFQUFFLGtCQUFrQixFQUFFLEVBQUUsT0FBTyxDQUFDLENBQUM7SUFDMUUsQ0FBQztJQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7UUFDWCxNQUFNLElBQUksd0JBQVksQ0FBQyxJQUFJLFdBQVcsY0FBYyxJQUFBLGlDQUFzQixFQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQztJQUNuRixDQUFDO0FBQ0gsQ0FBQztBQUVNLEtBQUssVUFBVSxxQkFBcUIsQ0FDekMsV0FBbUIsRUFDbkIsWUFBMEI7SUFFMUIsSUFBSSxVQUFVLEdBQUcsQ0FBQyxDQUFDO0lBQ25CLE1BQU0sVUFBVSxHQUFHLEVBQUUsQ0FBQztJQUN0QixNQUFNLFFBQVEsR0FBRyxJQUFJLDRCQUFjLENBQUMsRUFBRSxZQUFZLEVBQUUsV0FBVyxFQUFFLENBQUMsQ0FBQztJQUVuRSxHQUFHLENBQUM7UUFDRixJQUFJLFFBQXNDLENBQUM7UUFDM0MsSUFBSSxDQUFDO1lBQ0gsUUFBUSxHQUFHLE1BQU0sUUFBUSxDQUFDLEVBQUUsQ0FBQyx1QkFBdUIsQ0FBQyxvQkFBb0IsQ0FBQztnQkFDeEUsVUFBVSxFQUFFO29CQUNWLE1BQU0sRUFBRSxVQUFVO2lCQUNuQjthQUNGLENBQUMsQ0FBQztRQUNMLENBQUM7UUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1lBQ1gsTUFBTSxJQUFJLHdCQUFZLENBQ3BCLElBQUksV0FBVyw0QkFBNEIsSUFBQSxpQ0FBc0IsRUFBQyxDQUFDLENBQUMsRUFBRSxDQUN2RSxDQUFDO1FBQ0osQ0FBQztRQUVELFVBQVUsQ0FBQyxJQUFJLENBQUMsR0FBRyxRQUFRLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztRQUM5QyxVQUFVLEdBQUcsUUFBUSxFQUFFLFVBQVUsRUFBRSxVQUFVLElBQUksQ0FBQyxDQUFDO0lBQ3JELENBQUMsUUFBUSxVQUFVLEdBQUcsQ0FBQyxFQUFFO0lBRXpCLE1BQU0sVUFBVSxHQUFHLFVBQVUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUMxRCx3QkFBd0I7SUFDeEIsSUFBSSxDQUFDLFVBQVUsQ0FBQyxRQUFRLENBQUMsR0FBRyxXQUFXLE1BQU0sQ0FBQyxFQUFFLENBQUM7UUFDL0MsVUFBVSxDQUFDLElBQUksQ0FBQyxHQUFHLFdBQVcsTUFBTSxDQUFDLENBQUM7SUFDeEMsQ0FBQztJQUVELE9BQU8sSUFBSSwyQkFBZSxDQUFDLFVBQVUsRUFBRSxLQUFLLENBQUMsQ0FBQztBQUNoRCxDQUFDO0FBWUQsU0FBUyxTQUFTLENBQUMsT0FBaUI7SUFDbEMsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFDO1FBQ2IsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDO0lBQ0QsTUFBTSxFQUFFLEdBQUcsT0FBMEIsQ0FBQztJQUN0QyxPQUFPLENBQ0wsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxPQUFPO1FBQ1osQ0FBQyxDQUFDLEVBQUUsQ0FBQyxVQUFVO1FBQ2YsT0FBTyxFQUFFLENBQUMsVUFBVSxLQUFLLFFBQVE7UUFDakMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsR0FBRztRQUNuQixDQUFDLENBQUMsRUFBRSxDQUFDLFVBQVUsQ0FBQyxTQUFTO1FBQ3pCLElBQUEsZ0NBQW9CLEVBQUMsRUFBRSxDQUFDLFVBQVUsQ0FBQyxTQUFTLENBQUMsQ0FDOUMsQ0FBQztBQUNKLENBQUM7QUFFTSxLQUFLLFVBQVUsY0FBYyxDQUNsQyxXQUFtQixFQUNuQixTQUFpQztJQUVqQyxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7UUFDakIsTUFBTSxJQUFJLDhCQUFrQixDQUFDLDBCQUEwQixDQUFDLENBQUM7SUFDM0QsQ0FBQztJQUNELHVEQUF1RDtJQUN2RCxJQUFBLDRCQUFpQixFQUFDLFdBQVcsQ0FBQyxDQUFDO0lBRS9CLE1BQU0sV0FBVyxHQUFHLElBQUEsd0NBQTZCLEVBQUMsV0FBVyxDQUFDLENBQUM7SUFDL0QsTUFBTSxRQUFRLEdBQUcsSUFBSSw0QkFBYyxDQUFDO1FBQ2xDLFdBQVc7S0FDWixDQUFDLENBQUM7SUFDSCxJQUFJLENBQUM7UUFDSCxNQUFNLEVBQUUsR0FBRyxFQUFFLFNBQVMsRUFBRSxHQUFHLE1BQU0sUUFBUSxDQUFDLEVBQUUsQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDO1lBQzVELFNBQVMsRUFBRSxTQUFTLElBQUksVUFBVTtZQUNsQyxDQUFDLEVBQUUsR0FBRztTQUNQLENBQUMsQ0FBQztRQUNILE1BQU0sTUFBTSxHQUFxQjtZQUMvQixHQUFHLEVBQUUsSUFBQSxnQ0FBb0IsRUFBQyxJQUFJLEdBQUcsQ0FBQyxXQUFXLENBQUMsRUFBRSxJQUFBLCtCQUFvQixFQUFDLFNBQVMsQ0FBQyxDQUFDO1lBQ2hGLFNBQVM7WUFDVCxHQUFHLEVBQUUsV0FBVztZQUNoQixTQUFTLEVBQUUsU0FBUyxJQUFJLFVBQVU7WUFDbEMsR0FBRyxDQUFDLEdBQUcsSUFBSSxFQUFFLEdBQUcsRUFBRSxDQUFDO1NBQ3BCLENBQUM7UUFDRixPQUFPLE1BQU0sQ0FBQztJQUNoQixDQUFDO0lBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztRQUNYLE1BQU0sSUFBSSx3QkFBWSxDQUFDLElBQUksV0FBVyxpQkFBaUIsSUFBQSxpQ0FBc0IsRUFBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDdEYsQ0FBQztBQUNILENBQUM7QUFFRDs7Ozs7O0dBTUc7QUFDSSxLQUFLLFVBQVUsa0JBQWtCLENBQUMsV0FBbUI7SUFDMUQsSUFBSSxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQ2pCLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0lBQzNELENBQUM7SUFDRCxJQUFBLDRCQUFpQixFQUFDLFdBQVcsQ0FBQyxDQUFDO0lBRS9CLE1BQU0sV0FBVyxHQUFHLElBQUEsd0NBQTZCLEVBQUMsV0FBVyxDQUFDLENBQUM7SUFDL0QsTUFBTSxRQUFRLEdBQUcsSUFBSSw0QkFBYyxDQUFDO1FBQ2xDLFdBQVc7S0FDWixDQUFDLENBQUM7SUFDSCxJQUFJLENBQUM7UUFDSCxNQUFNLEVBQUUsYUFBYSxFQUFFLEdBQUcsTUFBTSxRQUFRLENBQUMsRUFBRSxDQUFDLFNBQVMsQ0FBQyx5QkFBeUIsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUNwRixNQUFNLE9BQU8sR0FBRyxhQUFhLEVBQUUsUUFBc0MsQ0FBQztRQUN0RSxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7WUFDeEIsTUFBTSxJQUFJLHdCQUFZLENBQ3BCLG9DQUFvQyxXQUFXLGdEQUFnRCxDQUNoRyxDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0sTUFBTSxHQUFxQjtZQUMvQixHQUFHLEVBQUUsSUFBQSxnQ0FBb0IsRUFDdkIsSUFBSSxHQUFHLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxFQUN4QixJQUFBLCtCQUFvQixFQUFDLE9BQU8sQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLENBQzdDO1lBQ0QsU0FBUyxFQUFFLE9BQU8sQ0FBQyxVQUFVLENBQUMsR0FBRztZQUNqQyxHQUFHLEVBQUUsT0FBTyxDQUFDLE9BQU87WUFDcEIsU0FBUyxFQUFFLE9BQU8sQ0FBQyxVQUFVLENBQUMsU0FBUztZQUN2QyxHQUFHLEVBQUUsT0FBTyxDQUFDLFVBQVUsQ0FBQyxHQUFHO1NBQzVCLENBQUM7UUFDRixPQUFPLE1BQU0sQ0FBQztJQUNoQixDQUFDO0lBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztRQUNYLE1BQU0sSUFBSSx3QkFBWSxDQUFDLElBQUksV0FBVyxpQkFBaUIsSUFBQSxpQ0FBc0IsRUFBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDdEYsQ0FBQztBQUNILENBQUMifQ==
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.X_REWRAP_ADDITIONAL_CONTEXT = void 0;
|
|
4
|
+
/** Header expected by KAS rewrap containing additional context in base64 encoded JSON */
|
|
5
|
+
exports.X_REWRAP_ADDITIONAL_CONTEXT = 'X-Rewrap-Additional-Context';
|
|
6
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RhbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2FjY2Vzcy9jb25zdGFudHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEseUZBQXlGO0FBQzVFLFFBQUEsMkJBQTJCLEdBQUcsNkJBQTZCLENBQUMifQ==
|
package/dist/cjs/src/access.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.OriginAllowList = exports.publicKeyAlgorithmToJwa = exports.keyAlgorithmToPublicKeyAlgorithm = exports.isPublicKeyAlgorithm = void 0;
|
|
3
|
+
exports.OriginAllowList = exports.publicKeyAlgorithmToJwa = exports.keyAlgorithmToPublicKeyAlgorithm = exports.isPublicKeyAlgorithm = exports.rewrapAdditionalContextHeader = void 0;
|
|
4
4
|
exports.fetchWrappedKey = fetchWrappedKey;
|
|
5
5
|
exports.noteInvalidPublicKey = noteInvalidPublicKey;
|
|
6
6
|
exports.fetchKeyAccessServers = fetchKeyAccessServers;
|
|
@@ -8,6 +8,7 @@ exports.fetchECKasPubKey = fetchECKasPubKey;
|
|
|
8
8
|
exports.fetchKasPubKey = fetchKasPubKey;
|
|
9
9
|
const errors_js_1 = require("./errors.js");
|
|
10
10
|
const utils_js_1 = require("./utils.js");
|
|
11
|
+
const index_js_1 = require("./encodings/index.js");
|
|
11
12
|
const access_rpc_js_1 = require("./access/access-rpc.js");
|
|
12
13
|
const access_fetch_js_1 = require("./access/access-fetch.js");
|
|
13
14
|
const access_rpc_js_2 = require("./access/access-rpc.js");
|
|
@@ -19,12 +20,31 @@ const access_fetch_js_3 = require("./access/access-fetch.js");
|
|
|
19
20
|
* @param url Key access server rewrap endpoint
|
|
20
21
|
* @param requestBody a signed request with an encrypted document key
|
|
21
22
|
* @param authProvider Authorization middleware
|
|
23
|
+
* @param fulfillableObligationFQNs client-configured list of obligation value FQNs that can be fulfilled in this PEP
|
|
22
24
|
* @param clientVersion
|
|
23
25
|
*/
|
|
24
|
-
async function fetchWrappedKey(url, signedRequestToken, authProvider) {
|
|
26
|
+
async function fetchWrappedKey(url, signedRequestToken, authProvider, fulfillableObligationFQNs) {
|
|
25
27
|
const platformUrl = (0, utils_js_1.getPlatformUrlFromKasEndpoint)(url);
|
|
26
|
-
return await tryPromisesUntilFirstSuccess(() => (0, access_rpc_js_2.fetchWrappedKey)(platformUrl, signedRequestToken, authProvider
|
|
28
|
+
return await tryPromisesUntilFirstSuccess(() => (0, access_rpc_js_2.fetchWrappedKey)(platformUrl, signedRequestToken, authProvider, (0, exports.rewrapAdditionalContextHeader)(fulfillableObligationFQNs)),
|
|
29
|
+
// We intentionally do not provide the rewrap additional context to legacy requests destined for older platforms.
|
|
30
|
+
// Platforms new enough to have knowledge of obligations will be handling RPC requests successfully.
|
|
31
|
+
() => (0, access_fetch_js_2.fetchWrappedKey)(url, { signedRequestToken }, authProvider));
|
|
27
32
|
}
|
|
33
|
+
/**
|
|
34
|
+
* Transform fulfillable, fully-qualified obligations into the expected KAS Rewrap 'X-Rewrap-Additional-Context' header value.
|
|
35
|
+
* @param fulfillableObligationValueFQNs
|
|
36
|
+
*/
|
|
37
|
+
const rewrapAdditionalContextHeader = (fulfillableObligationValueFQNs) => {
|
|
38
|
+
if (!fulfillableObligationValueFQNs.length)
|
|
39
|
+
return;
|
|
40
|
+
const context = {
|
|
41
|
+
obligations: {
|
|
42
|
+
fulfillableFQNs: fulfillableObligationValueFQNs.map((fqn) => fqn.toLowerCase()),
|
|
43
|
+
},
|
|
44
|
+
};
|
|
45
|
+
return index_js_1.base64.encode(JSON.stringify(context));
|
|
46
|
+
};
|
|
47
|
+
exports.rewrapAdditionalContextHeader = rewrapAdditionalContextHeader;
|
|
28
48
|
const isPublicKeyAlgorithm = (a) => {
|
|
29
49
|
return a === 'ec:secp256r1' || a === 'rsa:2048';
|
|
30
50
|
};
|
|
@@ -89,6 +109,12 @@ async function noteInvalidPublicKey(url, r) {
|
|
|
89
109
|
throw e;
|
|
90
110
|
}
|
|
91
111
|
}
|
|
112
|
+
/**
|
|
113
|
+
* Fetches the key access servers for a given platform URL.
|
|
114
|
+
* @param platformUrl The platform URL to fetch key access servers for.
|
|
115
|
+
* @param authProvider The authentication provider to use for the request.
|
|
116
|
+
* @returns A promise that resolves to an OriginAllowList.
|
|
117
|
+
*/
|
|
92
118
|
async function fetchKeyAccessServers(platformUrl, authProvider) {
|
|
93
119
|
return await tryPromisesUntilFirstSuccess(() => (0, access_rpc_js_1.fetchKeyAccessServers)(platformUrl, authProvider), () => (0, access_fetch_js_1.fetchKeyAccessServers)(platformUrl, authProvider));
|
|
94
120
|
}
|
|
@@ -128,6 +154,15 @@ const origin = (u) => {
|
|
|
128
154
|
throw e;
|
|
129
155
|
}
|
|
130
156
|
};
|
|
157
|
+
/**
|
|
158
|
+
* Manages a list of origins that are allowed to access the Key Access Server (KAS).
|
|
159
|
+
* @origins A list of origins that are allowed to access the KAS.
|
|
160
|
+
* @allowAll If true, all origins are allowed to access the KAS.
|
|
161
|
+
* If false, only the origins in the list are allowed to access the KAS.
|
|
162
|
+
* @description This class is used to manage a list of origins that are allowed to access the KAS.
|
|
163
|
+
* It validates the URLs and provides a method to check if a given URL is allowed.
|
|
164
|
+
* It is used to ensure that only authorized origins can access the KAS.
|
|
165
|
+
*/
|
|
131
166
|
class OriginAllowList {
|
|
132
167
|
constructor(urls, allowAll) {
|
|
133
168
|
this.origins = urls.map(origin);
|
|
@@ -162,4 +197,4 @@ async function tryPromisesUntilFirstSuccess(first, second) {
|
|
|
162
197
|
}
|
|
163
198
|
}
|
|
164
199
|
}
|
|
165
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
200
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWNjZXNzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2FjY2Vzcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFxQ0EsMENBeUJDO0FBc0dELG9EQVNDO0FBUUQsc0RBUUM7QUFPRCw0Q0FFQztBQVlELHdDQWNDO0FBL05ELDJDQUEyQztBQUUzQyx5Q0FBOEU7QUFDOUUsbURBQThDO0FBRTlDLDBEQUdnQztBQUNoQyw4REFBZ0c7QUFDaEcsMERBQWdGO0FBQ2hGLDhEQUFxRjtBQUNyRiwwREFBNkU7QUFDN0UsOERBQWtGO0FBZWxGOzs7Ozs7O0dBT0c7QUFDSSxLQUFLLFVBQVUsZUFBZSxDQUNuQyxHQUFXLEVBQ1gsa0JBQTBCLEVBQzFCLFlBQTBCLEVBQzFCLHlCQUFtQztJQUVuQyxNQUFNLFdBQVcsR0FBRyxJQUFBLHdDQUE2QixFQUFDLEdBQUcsQ0FBQyxDQUFDO0lBRXZELE9BQU8sTUFBTSw0QkFBNEIsQ0FDdkMsR0FBRyxFQUFFLENBQ0gsSUFBQSwrQkFBbUIsRUFDakIsV0FBVyxFQUNYLGtCQUFrQixFQUNsQixZQUFZLEVBQ1osSUFBQSxxQ0FBNkIsRUFBQyx5QkFBeUIsQ0FBQyxDQUN6RDtJQUNILGlIQUFpSDtJQUNqSCxvR0FBb0c7SUFDcEcsR0FBRyxFQUFFLENBQ0gsSUFBQSxpQ0FBc0IsRUFDcEIsR0FBRyxFQUNILEVBQUUsa0JBQWtCLEVBQUUsRUFDdEIsWUFBWSxDQUN5QixDQUMxQyxDQUFDO0FBQ0osQ0FBQztBQUVEOzs7R0FHRztBQUNJLE1BQU0sNkJBQTZCLEdBQUcsQ0FDM0MsOEJBQXdDLEVBQ3BCLEVBQUU7SUFDdEIsSUFBSSxDQUFDLDhCQUE4QixDQUFDLE1BQU07UUFBRSxPQUFPO0lBRW5ELE1BQU0sT0FBTyxHQUE0QjtRQUN2QyxXQUFXLEVBQUU7WUFDWCxlQUFlLEVBQUUsOEJBQThCLENBQUMsR0FBRyxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUUsQ0FBQyxHQUFHLENBQUMsV0FBVyxFQUFFLENBQUM7U0FDaEY7S0FDRixDQUFDO0lBQ0YsT0FBTyxpQkFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUM7QUFDaEQsQ0FBQyxDQUFDO0FBWFcsUUFBQSw2QkFBNkIsaUNBV3hDO0FBU0ssTUFBTSxvQkFBb0IsR0FBRyxDQUFDLENBQVMsRUFBOEIsRUFBRTtJQUM1RSxPQUFPLENBQUMsS0FBSyxjQUFjLElBQUksQ0FBQyxLQUFLLFVBQVUsQ0FBQztBQUNsRCxDQUFDLENBQUM7QUFGVyxRQUFBLG9CQUFvQix3QkFFL0I7QUFFSyxNQUFNLGdDQUFnQyxHQUFHLENBQUMsQ0FBWSxFQUF5QixFQUFFO0lBQ3RGLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxTQUFTLENBQUM7SUFDdEIsSUFBSSxDQUFDLENBQUMsSUFBSSxLQUFLLE9BQU8sSUFBSSxDQUFDLENBQUMsSUFBSSxLQUFLLE1BQU0sRUFBRSxDQUFDO1FBQzVDLE1BQU0sR0FBRyxHQUFHLENBQW1CLENBQUM7UUFDaEMsUUFBUSxHQUFHLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDdkIsS0FBSyxPQUFPO2dCQUNWLE9BQU8sY0FBYyxDQUFDO1lBQ3hCLEtBQUssT0FBTztnQkFDVixPQUFPLGNBQWMsQ0FBQztZQUN4QixLQUFLLE9BQU87Z0JBQ1YsT0FBTyxjQUFjLENBQUM7WUFDeEI7Z0JBQ0UsTUFBTSxJQUFJLEtBQUssQ0FBQyx5QkFBeUIsR0FBRyxDQUFDLFVBQVUsRUFBRSxDQUFDLENBQUM7UUFDL0QsQ0FBQztJQUNILENBQUM7SUFDRCxJQUFJLENBQUMsQ0FBQyxJQUFJLEtBQUssVUFBVSxJQUFJLENBQUMsQ0FBQyxJQUFJLEtBQUssbUJBQW1CLEVBQUUsQ0FBQztRQUM1RCxNQUFNLElBQUksR0FBRyxDQUEwQixDQUFDO1FBQ3hDLElBQUksSUFBSSxDQUFDLGNBQWMsQ0FBQyxRQUFRLEVBQUUsS0FBSyxPQUFPLEVBQUUsQ0FBQztZQUMvQyxNQUFNLElBQUksS0FBSyxDQUFDLG9DQUFvQyxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUMsQ0FBQztRQUM3RSxDQUFDO1FBQ0QsUUFBUSxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUM7WUFDM0IsS0FBSyxJQUFJO2dCQUNQLE9BQU8sVUFBVSxDQUFDO1lBQ3BCLEtBQUssSUFBSTtnQkFDUCxPQUFPLFVBQVUsQ0FBQztZQUNwQjtnQkFDRSxNQUFNLElBQUksS0FBSyxDQUFDLG1DQUFtQyxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUMsQ0FBQztRQUM3RSxDQUFDO0lBQ0gsQ0FBQztJQUNELE1BQU0sSUFBSSxLQUFLLENBQUMsOEJBQThCLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDO0FBQzFELENBQUMsQ0FBQztBQTlCVyxRQUFBLGdDQUFnQyxvQ0E4QjNDO0FBRUssTUFBTSx1QkFBdUIsR0FBRyxDQUFDLENBQXdCLEVBQVUsRUFBRTtJQUMxRSxRQUFRLENBQUMsRUFBRSxDQUFDO1FBQ1YsS0FBSyxjQUFjO1lBQ2pCLE9BQU8sT0FBTyxDQUFDO1FBQ2pCLEtBQUssVUFBVTtZQUNiLE9BQU8sT0FBTyxDQUFDO1FBQ2pCLEtBQUssVUFBVTtZQUNiLE9BQU8sT0FBTyxDQUFDO1FBQ2pCLEtBQUssY0FBYztZQUNqQixPQUFPLE9BQU8sQ0FBQztRQUNqQixLQUFLLGNBQWM7WUFDakIsT0FBTyxPQUFPLENBQUM7UUFDakI7WUFDRSxNQUFNLElBQUksS0FBSyxDQUFDLHFDQUFxQyxDQUFDLEVBQUUsQ0FBQyxDQUFDO0lBQzlELENBQUM7QUFDSCxDQUFDLENBQUM7QUFmVyxRQUFBLHVCQUF1QiwyQkFlbEM7QUF5QkssS0FBSyxVQUFVLG9CQUFvQixDQUFDLEdBQVEsRUFBRSxDQUFxQjtJQUN4RSxJQUFJLENBQUM7UUFDSCxPQUFPLE1BQU0sQ0FBQyxDQUFDO0lBQ2pCLENBQUM7SUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1FBQ1gsSUFBSSxDQUFDLFlBQVksU0FBUyxFQUFFLENBQUM7WUFDM0IsTUFBTSxJQUFJLHdCQUFZLENBQUMsNEJBQTRCLEdBQUcsR0FBRyxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBQ2hFLENBQUM7UUFDRCxNQUFNLENBQUMsQ0FBQztJQUNWLENBQUM7QUFDSCxDQUFDO0FBRUQ7Ozs7O0dBS0c7QUFDSSxLQUFLLFVBQVUscUJBQXFCLENBQ3pDLFdBQW1CLEVBQ25CLFlBQTBCO0lBRTFCLE9BQU8sTUFBTSw0QkFBNEIsQ0FDdkMsR0FBRyxFQUFFLENBQUMsSUFBQSxxQ0FBd0IsRUFBQyxXQUFXLEVBQUUsWUFBWSxDQUFDLEVBQ3pELEdBQUcsRUFBRSxDQUFDLElBQUEsdUNBQTJCLEVBQUMsV0FBVyxFQUFFLFlBQVksQ0FBQyxDQUM3RCxDQUFDO0FBQ0osQ0FBQztBQUVEOzs7O0dBSUc7QUFDSSxLQUFLLFVBQVUsZ0JBQWdCLENBQUMsV0FBbUI7SUFDeEQsT0FBTyxjQUFjLENBQUMsV0FBVyxFQUFFLGNBQWMsQ0FBQyxDQUFDO0FBQ3JELENBQUM7QUFFRDs7Ozs7Ozs7O0dBU0c7QUFDSSxLQUFLLFVBQVUsY0FBYyxDQUNsQyxXQUFtQixFQUNuQixTQUFpQztJQUVqQyxJQUFJLENBQUM7UUFDSCxPQUFPLE1BQU0sSUFBQSxrQ0FBa0IsRUFBQyxXQUFXLENBQUMsQ0FBQztJQUMvQyxDQUFDO0lBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztRQUNYLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDakIsQ0FBQztJQUVELE9BQU8sTUFBTSw0QkFBNEIsQ0FDdkMsR0FBRyxFQUFFLENBQUMsSUFBQSw4QkFBaUIsRUFBQyxXQUFXLEVBQUUsU0FBUyxDQUFDLEVBQy9DLEdBQUcsRUFBRSxDQUFDLElBQUEsZ0NBQW9CLEVBQUMsV0FBVyxFQUFFLFNBQVMsQ0FBQyxDQUNuRCxDQUFDO0FBQ0osQ0FBQztBQUVELE1BQU0sTUFBTSxHQUFHLENBQUMsQ0FBUyxFQUFVLEVBQUU7SUFDbkMsSUFBSSxDQUFDO1FBQ0gsT0FBTyxJQUFJLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUM7SUFDM0IsQ0FBQztJQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7UUFDWCxPQUFPLENBQUMsR0FBRyxDQUFDLHFCQUFxQixDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ3ZDLE1BQU0sQ0FBQyxDQUFDO0lBQ1YsQ0FBQztBQUNILENBQUMsQ0FBQztBQUVGOzs7Ozs7OztHQVFHO0FBQ0gsTUFBYSxlQUFlO0lBRzFCLFlBQVksSUFBYyxFQUFFLFFBQWtCO1FBQzVDLElBQUksQ0FBQyxPQUFPLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUNoQyxJQUFJLENBQUMsT0FBTyxDQUFDLDRCQUFpQixDQUFDLENBQUM7UUFDaEMsSUFBSSxDQUFDLFFBQVEsR0FBRyxDQUFDLENBQUMsUUFBUSxDQUFDO0lBQzdCLENBQUM7SUFDRCxNQUFNLENBQUMsR0FBVztRQUNoQixJQUFJLElBQUksQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUNsQixPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFDRCxPQUFPLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO0lBQzVDLENBQUM7Q0FDRjtBQWRELDBDQWNDO0FBRUQ7Ozs7O0dBS0c7QUFDSCxLQUFLLFVBQVUsNEJBQTRCLENBQ3pDLEtBQXVCLEVBQ3ZCLE1BQXdCO0lBRXhCLElBQUksQ0FBQztRQUNILE9BQU8sTUFBTSxLQUFLLEVBQUUsQ0FBQztJQUN2QixDQUFDO0lBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQztRQUNaLE9BQU8sQ0FBQyxJQUFJLENBQUMsa0JBQWtCLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFDckMsSUFBSSxDQUFDO1lBQ0gsT0FBTyxNQUFNLE1BQU0sRUFBRSxDQUFDO1FBQ3hCLENBQUM7UUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO1lBQ2IsTUFBTSxHQUFHLENBQUM7UUFDWixDQUFDO0lBQ0gsQ0FBQztBQUNILENBQUMifQ==
|
|
@@ -4,7 +4,7 @@ exports.OIDCClientCredentialsProvider = void 0;
|
|
|
4
4
|
const errors_js_1 = require("../errors.js");
|
|
5
5
|
const oidc_js_1 = require("./oidc.js");
|
|
6
6
|
class OIDCClientCredentialsProvider {
|
|
7
|
-
constructor({ clientId, clientSecret, oidcOrigin, }) {
|
|
7
|
+
constructor({ clientId, clientSecret, oidcOrigin, oidcTokenEndpoint, oidcUserInfoEndpoint, }) {
|
|
8
8
|
if (!clientId || !clientSecret) {
|
|
9
9
|
throw new errors_js_1.ConfigurationError('clientId & clientSecret required for client credentials flow');
|
|
10
10
|
}
|
|
@@ -13,6 +13,8 @@ class OIDCClientCredentialsProvider {
|
|
|
13
13
|
clientId,
|
|
14
14
|
clientSecret,
|
|
15
15
|
oidcOrigin,
|
|
16
|
+
oidcTokenEndpoint,
|
|
17
|
+
oidcUserInfoEndpoint,
|
|
16
18
|
});
|
|
17
19
|
}
|
|
18
20
|
async updateClientPublicKey(signingKey) {
|
|
@@ -23,4 +25,4 @@ class OIDCClientCredentialsProvider {
|
|
|
23
25
|
}
|
|
24
26
|
}
|
|
25
27
|
exports.OIDCClientCredentialsProvider = OIDCClientCredentialsProvider;
|
|
26
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
28
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib2lkYy1jbGllbnRjcmVkZW50aWFscy1wcm92aWRlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9hdXRoL29pZGMtY2xpZW50Y3JlZGVudGlhbHMtcHJvdmlkZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNENBQWtEO0FBRWxELHVDQUFzRTtBQUV0RSxNQUFhLDZCQUE2QjtJQUd4QyxZQUFZLEVBQ1YsUUFBUSxFQUNSLFlBQVksRUFDWixVQUFVLEVBQ1YsaUJBQWlCLEVBQ2pCLG9CQUFvQixHQUN5RDtRQUM3RSxJQUFJLENBQUMsUUFBUSxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7WUFDL0IsTUFBTSxJQUFJLDhCQUFrQixDQUFDLDhEQUE4RCxDQUFDLENBQUM7UUFDL0YsQ0FBQztRQUVELElBQUksQ0FBQyxRQUFRLEdBQUcsSUFBSSxxQkFBVyxDQUFDO1lBQzlCLFFBQVEsRUFBRSxRQUFRO1lBQ2xCLFFBQVE7WUFDUixZQUFZO1lBQ1osVUFBVTtZQUNWLGlCQUFpQjtZQUNqQixvQkFBb0I7U0FDckIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELEtBQUssQ0FBQyxxQkFBcUIsQ0FBQyxVQUF5QjtRQUNuRCxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsMENBQTBDLENBQUMsVUFBVSxDQUFDLENBQUM7SUFDN0UsQ0FBQztJQUVELEtBQUssQ0FBQyxTQUFTLENBQUMsT0FBb0I7UUFDbEMsT0FBTyxJQUFJLENBQUMsUUFBUSxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUMxQyxDQUFDO0NBQ0Y7QUEvQkQsc0VBK0JDIn0=
|
|
@@ -4,15 +4,17 @@ exports.OIDCExternalJwtProvider = void 0;
|
|
|
4
4
|
const errors_js_1 = require("../errors.js");
|
|
5
5
|
const oidc_js_1 = require("./oidc.js");
|
|
6
6
|
class OIDCExternalJwtProvider {
|
|
7
|
-
constructor({ clientId, externalJwt, oidcOrigin, }) {
|
|
7
|
+
constructor({ clientId, externalJwt, oidcOrigin, oidcTokenEndpoint, oidcUserInfoEndpoint, }) {
|
|
8
8
|
if (!clientId || !externalJwt) {
|
|
9
9
|
throw new errors_js_1.ConfigurationError('external JWT exchange reequires client id and jwt');
|
|
10
10
|
}
|
|
11
11
|
this.oidcAuth = new oidc_js_1.AccessToken({
|
|
12
12
|
exchange: 'external',
|
|
13
13
|
clientId,
|
|
14
|
-
oidcOrigin,
|
|
15
14
|
externalJwt,
|
|
15
|
+
oidcOrigin,
|
|
16
|
+
oidcTokenEndpoint,
|
|
17
|
+
oidcUserInfoEndpoint,
|
|
16
18
|
});
|
|
17
19
|
this.externalJwt = externalJwt;
|
|
18
20
|
}
|
|
@@ -30,4 +32,4 @@ class OIDCExternalJwtProvider {
|
|
|
30
32
|
}
|
|
31
33
|
}
|
|
32
34
|
exports.OIDCExternalJwtProvider = OIDCExternalJwtProvider;
|
|
33
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
35
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib2lkYy1leHRlcm5hbGp3dC1wcm92aWRlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9hdXRoL29pZGMtZXh0ZXJuYWxqd3QtcHJvdmlkZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNENBQWtEO0FBRWxELHVDQUFxRTtBQUVyRSxNQUFhLHVCQUF1QjtJQUlsQyxZQUFZLEVBQ1YsUUFBUSxFQUNSLFdBQVcsRUFDWCxVQUFVLEVBQ1YsaUJBQWlCLEVBQ2pCLG9CQUFvQixHQUN1RDtRQUMzRSxJQUFJLENBQUMsUUFBUSxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDOUIsTUFBTSxJQUFJLDhCQUFrQixDQUFDLG1EQUFtRCxDQUFDLENBQUM7UUFDcEYsQ0FBQztRQUVELElBQUksQ0FBQyxRQUFRLEdBQUcsSUFBSSxxQkFBVyxDQUFDO1lBQzlCLFFBQVEsRUFBRSxVQUFVO1lBQ3BCLFFBQVE7WUFDUixXQUFXO1lBQ1gsVUFBVTtZQUNWLGlCQUFpQjtZQUNqQixvQkFBb0I7U0FDckIsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLFdBQVcsR0FBRyxXQUFXLENBQUM7SUFDakMsQ0FBQztJQUVELEtBQUssQ0FBQyxxQkFBcUIsQ0FBQyxVQUF5QjtRQUNuRCxJQUFJLENBQUMsUUFBUSxDQUFDLDBDQUEwQyxDQUFDLFVBQVUsQ0FBQyxDQUFDO0lBQ3ZFLENBQUM7SUFFRCxLQUFLLENBQUMsU0FBUyxDQUFDLE9BQW9CO1FBQ2xDLGdFQUFnRTtRQUNoRSw0Q0FBNEM7UUFDNUMsSUFBSSxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDckIsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLHVCQUF1QixFQUFFLENBQUM7WUFDOUMsT0FBTyxJQUFJLENBQUMsV0FBVyxDQUFDO1FBQzFCLENBQUM7UUFDRCxPQUFPLElBQUksQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQzFDLENBQUM7Q0FDRjtBQXhDRCwwREF3Q0MifQ==
|
|
@@ -3,16 +3,32 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.OIDCRefreshTokenProvider = void 0;
|
|
4
4
|
const errors_js_1 = require("../errors.js");
|
|
5
5
|
const oidc_js_1 = require("./oidc.js");
|
|
6
|
+
/**
|
|
7
|
+
* An AuthProvider that uses an OIDC refresh token to obtain an access token.
|
|
8
|
+
* It exchanges the refresh token for an access token and uses that to augment HTTP requests with credentials.
|
|
9
|
+
* @example
|
|
10
|
+
* ```ts
|
|
11
|
+
* import { OIDCRefreshTokenProvider } from '@opentdf/sdk';
|
|
12
|
+
* await AuthProviders.refreshAuthProvider({
|
|
13
|
+
clientId: 'my-client-id',
|
|
14
|
+
exchange: 'refresh',
|
|
15
|
+
refreshToken: 'refresh-token-from-oidc-provider',
|
|
16
|
+
oidcOrigin: 'https://example.oidc.provider.com',
|
|
17
|
+
});
|
|
18
|
+
```
|
|
19
|
+
*/
|
|
6
20
|
class OIDCRefreshTokenProvider {
|
|
7
|
-
constructor({ clientId, refreshToken, oidcOrigin, }) {
|
|
21
|
+
constructor({ clientId, refreshToken, oidcOrigin, oidcTokenEndpoint, oidcUserInfoEndpoint, }) {
|
|
8
22
|
if (!clientId || !refreshToken) {
|
|
9
23
|
throw new errors_js_1.ConfigurationError('refresh token or client id missing');
|
|
10
24
|
}
|
|
11
25
|
this.oidcAuth = new oidc_js_1.AccessToken({
|
|
12
26
|
exchange: 'refresh',
|
|
13
27
|
clientId,
|
|
14
|
-
refreshToken
|
|
28
|
+
refreshToken,
|
|
15
29
|
oidcOrigin,
|
|
30
|
+
oidcTokenEndpoint,
|
|
31
|
+
oidcUserInfoEndpoint,
|
|
16
32
|
});
|
|
17
33
|
this.refreshToken = refreshToken;
|
|
18
34
|
}
|
|
@@ -31,4 +47,4 @@ class OIDCRefreshTokenProvider {
|
|
|
31
47
|
}
|
|
32
48
|
}
|
|
33
49
|
exports.OIDCRefreshTokenProvider = OIDCRefreshTokenProvider;
|
|
34
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
50
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib2lkYy1yZWZyZXNodG9rZW4tcHJvdmlkZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYXV0aC9vaWRjLXJlZnJlc2h0b2tlbi1wcm92aWRlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw0Q0FBa0Q7QUFFbEQsdUNBQXNFO0FBRXRFOzs7Ozs7Ozs7Ozs7O0dBYUc7QUFDSCxNQUFhLHdCQUF3QjtJQUluQyxZQUFZLEVBQ1YsUUFBUSxFQUNSLFlBQVksRUFDWixVQUFVLEVBQ1YsaUJBQWlCLEVBQ2pCLG9CQUFvQixHQUN5RDtRQUM3RSxJQUFJLENBQUMsUUFBUSxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7WUFDL0IsTUFBTSxJQUFJLDhCQUFrQixDQUFDLG9DQUFvQyxDQUFDLENBQUM7UUFDckUsQ0FBQztRQUVELElBQUksQ0FBQyxRQUFRLEdBQUcsSUFBSSxxQkFBVyxDQUFDO1lBQzlCLFFBQVEsRUFBRSxTQUFTO1lBQ25CLFFBQVE7WUFDUixZQUFZO1lBQ1osVUFBVTtZQUNWLGlCQUFpQjtZQUNqQixvQkFBb0I7U0FDckIsQ0FBQyxDQUFDO1FBQ0gsSUFBSSxDQUFDLFlBQVksR0FBRyxZQUFZLENBQUM7SUFDbkMsQ0FBQztJQUVELEtBQUssQ0FBQyxxQkFBcUIsQ0FBQyxVQUF5QjtRQUNuRCxNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsMENBQTBDLENBQUMsVUFBVSxDQUFDLENBQUM7SUFDN0UsQ0FBQztJQUVELEtBQUssQ0FBQyxTQUFTLENBQUMsT0FBb0I7UUFDbEMsMEVBQTBFO1FBQzFFLDRFQUE0RTtRQUM1RSxnQkFBZ0I7UUFDaEIsSUFBSSxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7WUFDdEIsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLHVCQUF1QixFQUFFLENBQUM7WUFDOUMsT0FBTyxJQUFJLENBQUMsWUFBWSxDQUFDO1FBQzNCLENBQUM7UUFDRCxPQUFPLElBQUksQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQzFDLENBQUM7Q0FDRjtBQXhDRCw0REF3Q0MifQ==
|
|
@@ -53,6 +53,9 @@ class AccessToken {
|
|
|
53
53
|
this.config = cfg;
|
|
54
54
|
this.request = request;
|
|
55
55
|
this.baseUrl = (0, utils_js_1.rstrip)(cfg.oidcOrigin, '/');
|
|
56
|
+
this.tokenEndpoint = cfg.oidcTokenEndpoint || `${this.baseUrl}/protocol/openid-connect/token`;
|
|
57
|
+
this.userInfoEndpoint =
|
|
58
|
+
cfg.oidcUserInfoEndpoint || `${this.baseUrl}/protocol/openid-connect/userinfo`;
|
|
56
59
|
this.signingKey = cfg.signingKey;
|
|
57
60
|
}
|
|
58
61
|
/**
|
|
@@ -61,20 +64,19 @@ class AccessToken {
|
|
|
61
64
|
* @returns
|
|
62
65
|
*/
|
|
63
66
|
async info(accessToken) {
|
|
64
|
-
const url = `${this.baseUrl}/protocol/openid-connect/userinfo`;
|
|
65
67
|
const headers = {
|
|
66
68
|
...this.extraHeaders,
|
|
67
69
|
Authorization: `Bearer ${accessToken}`,
|
|
68
70
|
};
|
|
69
71
|
if (this.config.dpopEnabled && this.signingKey) {
|
|
70
|
-
headers.DPoP = await (0, dpop_1.default)(this.signingKey,
|
|
72
|
+
headers.DPoP = await (0, dpop_1.default)(this.signingKey, this.userInfoEndpoint, 'POST');
|
|
71
73
|
}
|
|
72
|
-
const response = await (this.request || fetch)(
|
|
74
|
+
const response = await (this.request || fetch)(this.userInfoEndpoint, {
|
|
73
75
|
headers,
|
|
74
76
|
});
|
|
75
77
|
if (!response.ok) {
|
|
76
78
|
console.error(await response.text());
|
|
77
|
-
throw new errors_js_1.TdfError(`auth info fail: GET [${
|
|
79
|
+
throw new errors_js_1.TdfError(`auth info fail: GET [${this.userInfoEndpoint}] => ${response.status} ${response.statusText}`);
|
|
78
80
|
}
|
|
79
81
|
return (await response.json());
|
|
80
82
|
}
|
|
@@ -99,7 +101,6 @@ class AccessToken {
|
|
|
99
101
|
});
|
|
100
102
|
}
|
|
101
103
|
async accessTokenLookup(cfg) {
|
|
102
|
-
const url = `${this.baseUrl}/protocol/openid-connect/token`;
|
|
103
104
|
let body;
|
|
104
105
|
switch (cfg.exchange) {
|
|
105
106
|
case 'client':
|
|
@@ -126,10 +127,10 @@ class AccessToken {
|
|
|
126
127
|
};
|
|
127
128
|
break;
|
|
128
129
|
}
|
|
129
|
-
const response = await this.doPost(
|
|
130
|
+
const response = await this.doPost(this.tokenEndpoint, body);
|
|
130
131
|
if (!response.ok) {
|
|
131
132
|
console.error(await response.text());
|
|
132
|
-
throw new errors_js_1.TdfError(`token/code exchange fail: POST [${
|
|
133
|
+
throw new errors_js_1.TdfError(`token/code exchange fail: POST [${this.tokenEndpoint}] => ${response.status} ${response.statusText}`);
|
|
133
134
|
}
|
|
134
135
|
return response.json();
|
|
135
136
|
}
|
|
@@ -219,4 +220,4 @@ class AccessToken {
|
|
|
219
220
|
}
|
|
220
221
|
}
|
|
221
222
|
exports.AccessToken = AccessToken;
|
|
222
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
223
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib2lkYy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9hdXRoL29pZGMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7O0FBQUEsZ0RBQXlDO0FBQ3pDLHVDQUFxRDtBQUNyRCxvREFBK0M7QUFDL0MsNENBQTREO0FBQzVELDBDQUF3RDtBQW9EeEQsTUFBTSxVQUFVLEdBQUcsQ0FBQyxHQUEyQixFQUFFLEVBQUUsQ0FBQyxJQUFJLGVBQWUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztBQU94Rjs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0dBcUJHO0FBQ0gsTUFBYSxXQUFXO0lBaUJ0QixZQUFZLEdBQW9CLEVBQUUsT0FBc0I7UUFKeEQsaUJBQVksR0FBMkIsRUFBRSxDQUFDO1FBS3hDLElBQUksQ0FBQyxHQUFHLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDbEIsTUFBTSxJQUFJLDhCQUFrQixDQUMxQiw0RUFBNEUsQ0FDN0UsQ0FBQztRQUNKLENBQUM7UUFDRCxJQUFJLEdBQUcsQ0FBQyxRQUFRLEtBQUssUUFBUSxJQUFJLENBQUMsR0FBRyxDQUFDLFlBQVksRUFBRSxDQUFDO1lBQ25ELE1BQU0sSUFBSSw4QkFBa0IsQ0FDMUIsNEVBQTRFLENBQzdFLENBQUM7UUFDSixDQUFDO1FBQ0QsSUFBSSxHQUFHLENBQUMsUUFBUSxLQUFLLFNBQVMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUNwRCxNQUFNLElBQUksOEJBQWtCLENBQUMsNERBQTRELENBQUMsQ0FBQztRQUM3RixDQUFDO1FBQ0QsSUFBSSxHQUFHLENBQUMsUUFBUSxLQUFLLFVBQVUsSUFBSSxDQUFDLEdBQUcsQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUNwRCxNQUFNLElBQUksOEJBQWtCLENBQUMsbURBQW1ELENBQUMsQ0FBQztRQUNwRixDQUFDO1FBQ0QsSUFBSSxDQUFDLEdBQUcsQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUNsQixNQUFNLElBQUksOEJBQWtCLENBQUMsNEJBQTRCLENBQUMsQ0FBQztRQUM3RCxDQUFDO1FBQ0QsSUFBSSxDQUFDLE1BQU0sR0FBRyxHQUFHLENBQUM7UUFDbEIsSUFBSSxDQUFDLE9BQU8sR0FBRyxPQUFPLENBQUM7UUFDdkIsSUFBSSxDQUFDLE9BQU8sR0FBRyxJQUFBLGlCQUFNLEVBQUMsR0FBRyxDQUFDLFVBQVUsRUFBRSxHQUFHLENBQUMsQ0FBQztRQUMzQyxJQUFJLENBQUMsYUFBYSxHQUFHLEdBQUcsQ0FBQyxpQkFBaUIsSUFBSSxHQUFHLElBQUksQ0FBQyxPQUFPLGdDQUFnQyxDQUFDO1FBQzlGLElBQUksQ0FBQyxnQkFBZ0I7WUFDbkIsR0FBRyxDQUFDLG9CQUFvQixJQUFJLEdBQUcsSUFBSSxDQUFDLE9BQU8sbUNBQW1DLENBQUM7UUFDakYsSUFBSSxDQUFDLFVBQVUsR0FBRyxHQUFHLENBQUMsVUFBVSxDQUFDO0lBQ25DLENBQUM7SUFFRDs7OztPQUlHO0lBQ0gsS0FBSyxDQUFDLElBQUksQ0FBQyxXQUFtQjtRQUM1QixNQUFNLE9BQU8sR0FBRztZQUNkLEdBQUcsSUFBSSxDQUFDLFlBQVk7WUFDcEIsYUFBYSxFQUFFLFVBQVUsV0FBVyxFQUFFO1NBQ2IsQ0FBQztRQUM1QixJQUFJLElBQUksQ0FBQyxNQUFNLENBQUMsV0FBVyxJQUFJLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztZQUMvQyxPQUFPLENBQUMsSUFBSSxHQUFHLE1BQU0sSUFBQSxjQUFNLEVBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsZ0JBQWdCLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFDOUUsQ0FBQztRQUNELE1BQU0sUUFBUSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxJQUFJLEtBQUssQ0FBQyxDQUFDLElBQUksQ0FBQyxnQkFBZ0IsRUFBRTtZQUNwRSxPQUFPO1NBQ1IsQ0FBQyxDQUFDO1FBQ0gsSUFBSSxDQUFDLFFBQVEsQ0FBQyxFQUFFLEVBQUUsQ0FBQztZQUNqQixPQUFPLENBQUMsS0FBSyxDQUFDLE1BQU0sUUFBUSxDQUFDLElBQUksRUFBRSxDQUFDLENBQUM7WUFDckMsTUFBTSxJQUFJLG9CQUFRLENBQ2hCLHdCQUF3QixJQUFJLENBQUMsZ0JBQWdCLFFBQVEsUUFBUSxDQUFDLE1BQU0sSUFBSSxRQUFRLENBQUMsVUFBVSxFQUFFLENBQzlGLENBQUM7UUFDSixDQUFDO1FBRUQsT0FBTyxDQUFDLE1BQU0sUUFBUSxDQUFDLElBQUksRUFBRSxDQUFZLENBQUM7SUFDNUMsQ0FBQztJQUVELEtBQUssQ0FBQyxNQUFNLENBQUMsR0FBVyxFQUFFLENBQXlCO1FBQ2pELE1BQU0sT0FBTyxHQUEyQjtZQUN0QyxjQUFjLEVBQUUsbUNBQW1DO1lBQ25ELE1BQU0sRUFBRSxrQkFBa0I7U0FDM0IsQ0FBQztRQUNGLGlDQUFpQztRQUNqQyxJQUFJLElBQUksQ0FBQyxNQUFNLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDNUIsSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztnQkFDckIsTUFBTSxJQUFJLDhCQUFrQixDQUFDLHlCQUF5QixDQUFDLENBQUM7WUFDMUQsQ0FBQztZQUNELE1BQU0sWUFBWSxHQUFHLE1BQU0sSUFBQSw0QkFBaUIsRUFBQyxJQUFJLENBQUMsVUFBVSxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBQ3hFLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxHQUFHLGlCQUFNLENBQUMsTUFBTSxDQUFDLFlBQVksQ0FBQyxDQUFDO1lBQ3hELE9BQU8sQ0FBQyxJQUFJLEdBQUcsTUFBTSxJQUFBLGNBQU0sRUFBQyxJQUFJLENBQUMsVUFBVSxFQUFFLEdBQUcsRUFBRSxNQUFNLENBQUMsQ0FBQztRQUM1RCxDQUFDO1FBQ0QsT0FBTyxDQUFDLElBQUksQ0FBQyxPQUFPLElBQUksS0FBSyxDQUFDLENBQUMsR0FBRyxFQUFFO1lBQ2xDLE1BQU0sRUFBRSxNQUFNO1lBQ2QsT0FBTztZQUNQLElBQUksRUFBRSxVQUFVLENBQUMsQ0FBQyxDQUFDO1NBQ3BCLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxLQUFLLENBQUMsaUJBQWlCLENBQUMsR0FBb0I7UUFDMUMsSUFBSSxJQUFJLENBQUM7UUFDVCxRQUFRLEdBQUcsQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUNyQixLQUFLLFFBQVE7Z0JBQ1gsSUFBSSxHQUFHO29CQUNMLFVBQVUsRUFBRSxvQkFBb0I7b0JBQ2hDLFNBQVMsRUFBRSxHQUFHLENBQUMsUUFBUTtvQkFDdkIsYUFBYSxFQUFFLEdBQUcsQ0FBQyxZQUFZO2lCQUNoQyxDQUFDO2dCQUNGLE1BQU07WUFDUixLQUFLLFVBQVU7Z0JBQ2IsSUFBSSxHQUFHO29CQUNMLFVBQVUsRUFBRSxpREFBaUQ7b0JBQzdELGFBQWEsRUFBRSxHQUFHLENBQUMsV0FBVztvQkFDOUIsa0JBQWtCLEVBQUUsc0NBQXNDO29CQUMxRCxRQUFRLEVBQUUsR0FBRyxDQUFDLFFBQVE7b0JBQ3RCLFNBQVMsRUFBRSxHQUFHLENBQUMsUUFBUTtpQkFDeEIsQ0FBQztnQkFDRixNQUFNO1lBQ1IsS0FBSyxTQUFTO2dCQUNaLElBQUksR0FBRztvQkFDTCxVQUFVLEVBQUUsZUFBZTtvQkFDM0IsYUFBYSxFQUFFLEdBQUcsQ0FBQyxZQUFZO29CQUMvQixTQUFTLEVBQUUsR0FBRyxDQUFDLFFBQVE7aUJBQ3hCLENBQUM7Z0JBQ0YsTUFBTTtRQUNWLENBQUM7UUFDRCxNQUFNLFFBQVEsR0FBRyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLGFBQWEsRUFBRSxJQUFJLENBQUMsQ0FBQztRQUM3RCxJQUFJLENBQUMsUUFBUSxDQUFDLEVBQUUsRUFBRSxDQUFDO1lBQ2pCLE9BQU8sQ0FBQyxLQUFLLENBQUMsTUFBTSxRQUFRLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQztZQUNyQyxNQUFNLElBQUksb0JBQVEsQ0FDaEIsbUNBQW1DLElBQUksQ0FBQyxhQUFhLFFBQVEsUUFBUSxDQUFDLE1BQU0sSUFBSSxRQUFRLENBQUMsVUFBVSxFQUFFLENBQ3RHLENBQUM7UUFDSixDQUFDO1FBQ0QsT0FBTyxRQUFRLENBQUMsSUFBSSxFQUFFLENBQUM7SUFDekIsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxLQUFLLENBQUMsR0FBRyxDQUFDLFFBQVEsR0FBRyxJQUFJO1FBQ3ZCLElBQUksSUFBSSxDQUFDLElBQUksRUFBRSxZQUFZLEVBQUUsQ0FBQztZQUM1QixJQUFJLENBQUM7Z0JBQ0gsSUFBSSxRQUFRLEVBQUUsQ0FBQztvQkFDYixNQUFNLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsQ0FBQztnQkFDMUMsQ0FBQztnQkFDRCxPQUFPLElBQUksQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDO1lBQ2hDLENBQUM7WUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO2dCQUNYLE9BQU8sQ0FBQyxHQUFHLENBQUMsK0RBQStELEVBQUUsQ0FBQyxDQUFDLENBQUM7Z0JBQ2hGLElBQUksSUFBSSxDQUFDLElBQUksRUFBRSxhQUFhLEVBQUUsQ0FBQztvQkFDN0Isa0VBQWtFO29CQUNsRSxpQkFBaUI7b0JBQ2pCLElBQUksQ0FBQyxNQUFNLEdBQUc7d0JBQ1osR0FBRyxJQUFJLENBQUMsTUFBTTt3QkFDZCxRQUFRLEVBQUUsU0FBUzt3QkFDbkIsWUFBWSxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsYUFBYTtxQkFDdEMsQ0FBQztnQkFDSixDQUFDO2dCQUNELE9BQU8sSUFBSSxDQUFDLElBQUksQ0FBQztZQUNuQixDQUFDO1FBQ0gsQ0FBQztRQUVELE1BQU0sYUFBYSxHQUFHLENBQUMsSUFBSSxDQUFDLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQztRQUM5RSxPQUFPLGFBQWEsQ0FBQyxZQUFZLENBQUM7SUFDcEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNILEtBQUssQ0FBQywwQ0FBMEMsQ0FBQyxVQUF5QjtRQUN4RSxzREFBc0Q7UUFDdEQsNkNBQTZDO1FBQzdDLDJEQUEyRDtRQUMzRCxJQUFJLElBQUksQ0FBQyxrQkFBa0IsSUFBSSxVQUFVLEtBQUssSUFBSSxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQzlELE9BQU87UUFDVCxDQUFDO1FBQ0QsT0FBTyxJQUFJLENBQUMsa0JBQWtCLENBQUM7UUFDL0IsSUFBSSxDQUFDLFVBQVUsR0FBRyxVQUFVLENBQUM7SUFDL0IsQ0FBQztJQUVEOztPQUVHO0lBQ0gsS0FBSyxDQUFDLHVCQUF1QjtRQUMzQixNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDO1FBQ3hCLElBQUksR0FBRyxDQUFDLFFBQVEsSUFBSSxVQUFVLElBQUksR0FBRyxDQUFDLFFBQVEsSUFBSSxTQUFTLEVBQUUsQ0FBQztZQUM1RCxNQUFNLElBQUksOEJBQWtCLENBQUMsNEJBQTRCLENBQUMsQ0FBQztRQUM3RCxDQUFDO1FBQ0QsTUFBTSxhQUFhLEdBQUcsQ0FBQyxJQUFJLENBQUMsSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDO1FBQzlFLElBQUksQ0FBQyxhQUFhLENBQUMsYUFBYSxFQUFFLENBQUM7WUFDakMsT0FBTyxDQUFDLEdBQUcsQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO1lBQ3pDLE9BQU8sQ0FDTCxDQUFDLEdBQUcsQ0FBQyxRQUFRLElBQUksU0FBUyxJQUFJLEdBQUcsQ0FBQyxZQUFZLENBQUM7Z0JBQy9DLENBQUMsR0FBRyxDQUFDLFFBQVEsSUFBSSxVQUFVLElBQUksR0FBRyxDQUFDLFdBQVcsQ0FBQztnQkFDL0MsRUFBRSxDQUNILENBQUM7UUFDSixDQUFDO1FBQ0Qsa0VBQWtFO1FBQ2xFLGlCQUFpQjtRQUNqQixJQUFJLENBQUMsTUFBTSxHQUFHO1lBQ1osR0FBRyxJQUFJLENBQUMsTUFBTTtZQUNkLFFBQVEsRUFBRSxTQUFTO1lBQ25CLFlBQVksRUFBRSxhQUFhLENBQUMsYUFBYTtTQUMxQyxDQUFDO1FBQ0YsT0FBTyxhQUFhLENBQUMsWUFBWSxDQUFDO0lBQ3BDLENBQUM7SUFFRCxLQUFLLENBQUMsU0FBUyxDQUFDLE9BQW9CO1FBQ2xDLElBQUksQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDckIsTUFBTSxJQUFJLDhCQUFrQixDQUMxQiwwSUFBMEksQ0FDM0ksQ0FBQztRQUNKLENBQUM7UUFDRCxNQUFNLFdBQVcsR0FBRyxDQUFDLElBQUksQ0FBQyxrQkFBa0IsS0FBSyxNQUFNLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQyxDQUFDO1FBQ25FLElBQUksSUFBSSxDQUFDLE1BQU0sQ0FBQyxXQUFXLElBQUksSUFBSSxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQy9DLE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBQSxjQUFNLEVBQzVCLElBQUksQ0FBQyxVQUFVLEVBQ2YsT0FBTyxDQUFDLEdBQUcsRUFDWCxPQUFPLENBQUMsTUFBTTtZQUNkLFdBQVcsQ0FBQyxTQUFTLEVBQ3JCLFdBQVcsQ0FDWixDQUFDO1lBQ0YsdUVBQXVFO1lBQ3ZFLE9BQU8sSUFBQSxxQkFBVyxFQUFDLE9BQU8sRUFBRSxFQUFFLGFBQWEsRUFBRSxVQUFVLFdBQVcsRUFBRSxFQUFFLElBQUksRUFBRSxTQUFTLEVBQUUsQ0FBQyxDQUFDO1FBQzNGLENBQUM7UUFDRCxPQUFPLElBQUEscUJBQVcsRUFBQyxPQUFPLEVBQUUsRUFBRSxhQUFhLEVBQUUsVUFBVSxXQUFXLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDMUUsQ0FBQztDQUNGO0FBbE9ELGtDQWtPQyJ9
|
|
@@ -43,6 +43,8 @@ const clientSecretAuthProvider = async (clientConfig) => {
|
|
|
43
43
|
clientId: clientConfig.clientId,
|
|
44
44
|
clientSecret: clientConfig.clientSecret,
|
|
45
45
|
oidcOrigin: clientConfig.oidcOrigin,
|
|
46
|
+
oidcTokenEndpoint: clientConfig.oidcTokenEndpoint,
|
|
47
|
+
oidcUserInfoEndpoint: clientConfig.oidcUserInfoEndpoint,
|
|
46
48
|
});
|
|
47
49
|
};
|
|
48
50
|
exports.clientSecretAuthProvider = clientSecretAuthProvider;
|
|
@@ -67,6 +69,8 @@ const externalAuthProvider = async (clientConfig) => {
|
|
|
67
69
|
clientId: clientConfig.clientId,
|
|
68
70
|
externalJwt: clientConfig.externalJwt,
|
|
69
71
|
oidcOrigin: clientConfig.oidcOrigin,
|
|
72
|
+
oidcTokenEndpoint: clientConfig.oidcTokenEndpoint,
|
|
73
|
+
oidcUserInfoEndpoint: clientConfig.oidcUserInfoEndpoint,
|
|
70
74
|
});
|
|
71
75
|
};
|
|
72
76
|
exports.externalAuthProvider = externalAuthProvider;
|
|
@@ -89,6 +93,8 @@ const refreshAuthProvider = async (clientConfig) => {
|
|
|
89
93
|
clientId: clientConfig.clientId,
|
|
90
94
|
refreshToken: clientConfig.refreshToken,
|
|
91
95
|
oidcOrigin: clientConfig.oidcOrigin,
|
|
96
|
+
oidcTokenEndpoint: clientConfig.oidcTokenEndpoint,
|
|
97
|
+
oidcUserInfoEndpoint: clientConfig.oidcUserInfoEndpoint,
|
|
92
98
|
});
|
|
93
99
|
};
|
|
94
100
|
exports.refreshAuthProvider = refreshAuthProvider;
|
|
@@ -140,4 +146,4 @@ var oidc_externaljwt_provider_js_2 = require("./oidc-externaljwt-provider.js");
|
|
|
140
146
|
Object.defineProperty(exports, "OIDCExternalJwtProvider", { enumerable: true, get: function () { return oidc_externaljwt_provider_js_2.OIDCExternalJwtProvider; } });
|
|
141
147
|
var oidc_refreshtoken_provider_js_2 = require("./oidc-refreshtoken-provider.js");
|
|
142
148
|
Object.defineProperty(exports, "OIDCRefreshTokenProvider", { enumerable: true, get: function () { return oidc_refreshtoken_provider_js_2.OIDCRefreshTokenProvider; } });
|
|
143
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
149
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicHJvdmlkZXJzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2F1dGgvcHJvdmlkZXJzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBTUEsNkZBQXFGO0FBQ3JGLGlGQUF5RTtBQUV6RSxtRkFBMkU7QUFDM0UsMENBQXdDO0FBQ3hDLDRDQUFrRDtBQUVsRDs7Ozs7Ozs7Ozs7Ozs7Ozs7R0FpQkc7QUFDSSxNQUFNLHdCQUF3QixHQUFHLEtBQUssRUFDM0MsWUFBcUMsRUFDRyxFQUFFO0lBQzFDLE9BQU8sSUFBSSxrRUFBNkIsQ0FBQztRQUN2QyxRQUFRLEVBQUUsWUFBWSxDQUFDLFFBQVE7UUFDL0IsWUFBWSxFQUFFLFlBQVksQ0FBQyxZQUFZO1FBQ3ZDLFVBQVUsRUFBRSxZQUFZLENBQUMsVUFBVTtRQUNuQyxpQkFBaUIsRUFBRSxZQUFZLENBQUMsaUJBQWlCO1FBQ2pELG9CQUFvQixFQUFFLFlBQVksQ0FBQyxvQkFBb0I7S0FDeEQsQ0FBQyxDQUFDO0FBQ0wsQ0FBQyxDQUFDO0FBVlcsUUFBQSx3QkFBd0IsNEJBVW5DO0FBRUY7Ozs7Ozs7Ozs7Ozs7OztHQWVHO0FBQ0ksTUFBTSxvQkFBb0IsR0FBRyxLQUFLLEVBQ3ZDLFlBQW9DLEVBQ0YsRUFBRTtJQUNwQyxPQUFPLElBQUksc0RBQXVCLENBQUM7UUFDakMsUUFBUSxFQUFFLFlBQVksQ0FBQyxRQUFRO1FBQy9CLFdBQVcsRUFBRSxZQUFZLENBQUMsV0FBVztRQUNyQyxVQUFVLEVBQUUsWUFBWSxDQUFDLFVBQVU7UUFDbkMsaUJBQWlCLEVBQUUsWUFBWSxDQUFDLGlCQUFpQjtRQUNqRCxvQkFBb0IsRUFBRSxZQUFZLENBQUMsb0JBQW9CO0tBQ3hELENBQUMsQ0FBQztBQUNMLENBQUMsQ0FBQztBQVZXLFFBQUEsb0JBQW9CLHdCQVUvQjtBQUVGOzs7Ozs7Ozs7Ozs7O0dBYUc7QUFDSSxNQUFNLG1CQUFtQixHQUFHLEtBQUssRUFDdEMsWUFBcUMsRUFDRixFQUFFO0lBQ3JDLE9BQU8sSUFBSSx3REFBd0IsQ0FBQztRQUNsQyxRQUFRLEVBQUUsWUFBWSxDQUFDLFFBQVE7UUFDL0IsWUFBWSxFQUFFLFlBQVksQ0FBQyxZQUFZO1FBQ3ZDLFVBQVUsRUFBRSxZQUFZLENBQUMsVUFBVTtRQUNuQyxpQkFBaUIsRUFBRSxZQUFZLENBQUMsaUJBQWlCO1FBQ2pELG9CQUFvQixFQUFFLFlBQVksQ0FBQyxvQkFBb0I7S0FDeEQsQ0FBQyxDQUFDO0FBQ0wsQ0FBQyxDQUFDO0FBVlcsUUFBQSxtQkFBbUIsdUJBVTlCO0FBRUY7Ozs7R0FJRztBQUNJLE1BQU0sa0JBQWtCLEdBQUcsS0FBSyxFQUFFLFlBQTZCLEVBQXlCLEVBQUU7SUFDL0YsSUFBSSxDQUFDLFlBQVksQ0FBQyxRQUFRLEVBQUUsQ0FBQztRQUMzQixNQUFNLElBQUksOEJBQWtCLENBQUMsMkNBQTJDLENBQUMsQ0FBQztJQUM1RSxDQUFDO0lBRUQsSUFBSSxJQUFBLG9CQUFTLEdBQUUsRUFBRSxDQUFDO1FBQ2hCLDJFQUEyRTtRQUMzRSxtQ0FBbUM7UUFDbkMsMkZBQTJGO1FBQzNGLElBQUk7UUFDSiwwRkFBMEY7UUFDMUYsMEVBQTBFO1FBQzFFLDBHQUEwRztRQUMxRyxnRkFBZ0Y7UUFDaEYsUUFBUSxZQUFZLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDOUIsS0FBSyxTQUFTLENBQUMsQ0FBQyxDQUFDO2dCQUNmLE9BQU8sSUFBQSwyQkFBbUIsRUFBQyxZQUFZLENBQUMsQ0FBQztZQUMzQyxDQUFDO1lBQ0QsS0FBSyxVQUFVLENBQUMsQ0FBQyxDQUFDO2dCQUNoQixPQUFPLElBQUEsNEJBQW9CLEVBQUMsWUFBWSxDQUFDLENBQUM7WUFDNUMsQ0FBQztZQUNELEtBQUssUUFBUSxDQUFDLENBQUMsQ0FBQztnQkFDZCxPQUFPLElBQUEsZ0NBQXdCLEVBQUMsWUFBWSxDQUFDLENBQUM7WUFDaEQsQ0FBQztZQUNEO2dCQUNFLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyx5QkFBeUIsQ0FBQyxDQUFDO1FBQzVELENBQUM7SUFDSCxDQUFDO0lBQ0QsdUZBQXVGO0lBQ3ZGLDZHQUE2RztJQUM3Ryw0REFBNEQ7SUFDNUQsSUFBSSxZQUFZLENBQUMsUUFBUSxLQUFLLFFBQVEsRUFBRSxDQUFDO1FBQ3ZDLE1BQU0sSUFBSSw4QkFBa0IsQ0FDMUIsNEZBQTRGLENBQzdGLENBQUM7SUFDSixDQUFDO0lBQ0QsT0FBTyxJQUFBLGdDQUF3QixFQUFDLFlBQVksQ0FBQyxDQUFDO0FBQ2hELENBQUMsQ0FBQztBQXJDVyxRQUFBLGtCQUFrQixzQkFxQzdCO0FBRUYsNENBQTBCO0FBQzFCLDJGQUFxRjtBQUE1RSxtSkFBQSw2QkFBNkIsT0FBQTtBQUN0QywrRUFBeUU7QUFBaEUsdUlBQUEsdUJBQXVCLE9BQUE7QUFDaEMsaUZBQTJFO0FBQWxFLHlJQUFBLHdCQUF3QixPQUFBIn0=
|
package/dist/cjs/src/index.js
CHANGED
|
@@ -36,7 +36,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
36
36
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
37
37
|
};
|
|
38
38
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
39
|
-
exports.tdfSpecVersion = exports.clientType = exports.version = exports.attributeFQNsAsValues = exports.AuthProviders = exports.withHeaders = exports.HttpRequest = void 0;
|
|
39
|
+
exports.PlatformClient = exports.tdfSpecVersion = exports.clientType = exports.version = exports.attributeFQNsAsValues = exports.AuthProviders = exports.withHeaders = exports.HttpRequest = void 0;
|
|
40
40
|
var auth_js_1 = require("./auth/auth.js");
|
|
41
41
|
Object.defineProperty(exports, "HttpRequest", { enumerable: true, get: function () { return auth_js_1.HttpRequest; } });
|
|
42
42
|
Object.defineProperty(exports, "withHeaders", { enumerable: true, get: function () { return auth_js_1.withHeaders; } });
|
|
@@ -47,7 +47,9 @@ var version_js_1 = require("./version.js");
|
|
|
47
47
|
Object.defineProperty(exports, "version", { enumerable: true, get: function () { return version_js_1.version; } });
|
|
48
48
|
Object.defineProperty(exports, "clientType", { enumerable: true, get: function () { return version_js_1.clientType; } });
|
|
49
49
|
Object.defineProperty(exports, "tdfSpecVersion", { enumerable: true, get: function () { return version_js_1.tdfSpecVersion; } });
|
|
50
|
+
var platform_js_1 = require("./platform.js");
|
|
51
|
+
Object.defineProperty(exports, "PlatformClient", { enumerable: true, get: function () { return platform_js_1.PlatformClient; } });
|
|
50
52
|
__exportStar(require("./opentdf.js"), exports);
|
|
51
53
|
__exportStar(require("./seekable.js"), exports);
|
|
52
54
|
__exportStar(require("../tdf3/src/models/index.js"), exports);
|
|
53
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
55
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsMENBQThGO0FBQWpELHNHQUFBLFdBQVcsT0FBQTtBQUFFLHNHQUFBLFdBQVcsT0FBQTtBQUNyRSxxRUFBcUQ7QUFDckQsMENBQXdEO0FBQS9DLCtHQUFBLHFCQUFxQixPQUFBO0FBQzlCLDJDQUFtRTtBQUExRCxxR0FBQSxPQUFPLE9BQUE7QUFBRSx3R0FBQSxVQUFVLE9BQUE7QUFBRSw0R0FBQSxjQUFjLE9BQUE7QUFDNUMsNkNBQWtHO0FBQXpGLDZHQUFBLGNBQWMsT0FBQTtBQUN2QiwrQ0FBNkI7QUFDN0IsZ0RBQThCO0FBQzlCLDhEQUE0QyJ9
|
|
@@ -29,7 +29,7 @@ class NanoTDFClient extends index_js_1.Client {
|
|
|
29
29
|
const version = '0.0.1';
|
|
30
30
|
const kasUrl = nanotdf.header.getKasRewrapUrl();
|
|
31
31
|
// Rewrap key on every request
|
|
32
|
-
const ukey = await this.rewrapKey(nanotdf.header.toBuffer(), kasUrl, nanotdf.header.magicNumberVersion, version);
|
|
32
|
+
const { unwrappedKey: ukey } = await this.rewrapKey(nanotdf.header.toBuffer(), kasUrl, nanotdf.header.magicNumberVersion, version);
|
|
33
33
|
if (!ukey) {
|
|
34
34
|
throw new Error('internal: key rewrap failure');
|
|
35
35
|
}
|
|
@@ -48,7 +48,7 @@ class NanoTDFClient extends index_js_1.Client {
|
|
|
48
48
|
const nanotdf = index_js_1.NanoTDF.from(ciphertext, undefined, true);
|
|
49
49
|
const legacyVersion = '0.0.0';
|
|
50
50
|
// Rewrap key on every request
|
|
51
|
-
const key = await this.rewrapKey(nanotdf.header.toBuffer(), nanotdf.header.getKasRewrapUrl(), nanotdf.header.magicNumberVersion, legacyVersion);
|
|
51
|
+
const { unwrappedKey: key } = await this.rewrapKey(nanotdf.header.toBuffer(), nanotdf.header.getKasRewrapUrl(), nanotdf.header.magicNumberVersion, legacyVersion);
|
|
52
52
|
if (!key) {
|
|
53
53
|
throw new Error('internal: failed unwrap');
|
|
54
54
|
}
|
|
@@ -244,7 +244,7 @@ class NanoTDFDatasetClient extends index_js_1.Client {
|
|
|
244
244
|
// TODO: The version number should be fetched from the API
|
|
245
245
|
const version = '0.0.1';
|
|
246
246
|
// Rewrap key on every request
|
|
247
|
-
const ukey = await this.rewrapKey(nanotdf.header.toBuffer(), nanotdf.header.getKasRewrapUrl(), nanotdf.header.magicNumberVersion, version);
|
|
247
|
+
const { unwrappedKey: ukey } = await this.rewrapKey(nanotdf.header.toBuffer(), nanotdf.header.getKasRewrapUrl(), nanotdf.header.magicNumberVersion, version);
|
|
248
248
|
if (!ukey) {
|
|
249
249
|
// These should have thrown already.
|
|
250
250
|
throw new Error('internal: key rewrap failure');
|
|
@@ -289,4 +289,4 @@ exports.NanoTDFDatasetClient = NanoTDFDatasetClient;
|
|
|
289
289
|
// Total unique IVs(2^24 -1) used for encrypting the nano tdf payloads
|
|
290
290
|
// IV starts from 1 since the 0 IV is reserved for policy encryption
|
|
291
291
|
NanoTDFDatasetClient.NTDF_MAX_KEY_ITERATIONS = 8388606;
|
|
292
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibmFub2NsaWVudHMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvbmFub2NsaWVudHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsaURBUzRCO0FBQzVCLHdEQUF5RDtBQUN6RCwrQ0FBZ0Q7QUFDaEQsMkNBQStDO0FBRS9DLDJDQUFpRDtBQVFqRCx5QkFBeUI7QUFDekIsTUFBTSxjQUFjLEdBQW1CO0lBQ3JDLFlBQVksRUFBRSxLQUFLO0NBQ3BCLENBQUM7QUFFRjs7O0dBR0c7QUFDSCxNQUFhLGFBQWMsU0FBUSxpQkFBTTtJQUN2Qzs7Ozs7O09BTUc7SUFDSCxLQUFLLENBQUMsT0FBTyxDQUFDLFVBQW9DO1FBQ2hELG1CQUFtQjtRQUNuQixNQUFNLE9BQU8sR0FBRyxrQkFBTyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUV6QywwREFBMEQ7UUFDMUQsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDO1FBQ3hCLE1BQU0sTUFBTSxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsZUFBZSxFQUFFLENBQUM7UUFFaEQsOEJBQThCO1FBQzlCLE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FDL0IsT0FBTyxDQUFDLE1BQU0sQ0FBQyxRQUFRLEVBQUUsRUFDekIsTUFBTSxFQUNOLE9BQU8sQ0FBQyxNQUFNLENBQUMsa0JBQWtCLEVBQ2pDLE9BQU8sQ0FDUixDQUFDO1FBRUYsSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ1YsTUFBTSxJQUFJLEtBQUssQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO1FBQ2xELENBQUM7UUFDRCx5QkFBeUI7UUFDekIsT0FBTyxJQUFBLGtCQUFPLEVBQUMsSUFBSSxFQUFFLE9BQU8sQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSCxLQUFLLENBQUMsZ0JBQWdCLENBQUMsVUFBb0M7UUFDekQsbUJBQW1CO1FBQ25CLE1BQU0sT0FBTyxHQUFHLGtCQUFPLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxTQUFTLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFFMUQsTUFBTSxhQUFhLEdBQUcsT0FBTyxDQUFDO1FBQzlCLDhCQUE4QjtRQUM5QixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxTQUFTLENBQzlCLE9BQU8sQ0FBQyxNQUFNLENBQUMsUUFBUSxFQUFFLEVBQ3pCLE9BQU8sQ0FBQyxNQUFNLENBQUMsZUFBZSxFQUFFLEVBQ2hDLE9BQU8sQ0FBQyxNQUFNLENBQUMsa0JBQWtCLEVBQ2pDLGFBQWEsQ0FDZCxDQUFDO1FBRUYsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO1lBQ1QsTUFBTSxJQUFJLEtBQUssQ0FBQyx5QkFBeUIsQ0FBQyxDQUFDO1FBQzdDLENBQUM7UUFDRCx5QkFBeUI7UUFDekIsT0FBTyxJQUFBLGtCQUFPLEVBQUMsR0FBRyxFQUFFLE9BQU8sQ0FBQyxDQUFDO0lBQy9CLENBQUM7SUFFRDs7Ozs7OztPQU9HO0lBQ0gsS0FBSyxDQUFDLE9BQU8sQ0FBQyxJQUE4QixFQUFFLE9BQXdCO1FBQ3BFLDBEQUEwRDtRQUMxRCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLGdCQUFnQixDQUFDO1FBQ3JELE1BQU0sb0JBQW9CLEdBQUcsSUFBSSxDQUFDLEVBQUUsQ0FBQztRQUVyQyxJQUFJLE9BQU8sb0JBQW9CLEtBQUssUUFBUSxFQUFFLENBQUM7WUFDN0MsTUFBTSxJQUFJLDhCQUFrQixDQUMxQiwyRUFBMkUsQ0FDNUUsQ0FBQztRQUNKLENBQUM7UUFDRCxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUM7UUFFZixJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQ3BCLElBQUksQ0FBQyxTQUFTLEdBQUcsTUFBTSxJQUFBLDRCQUFnQixFQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUN2RCxDQUFDO1FBRUQsOEJBQThCO1FBQzlCLE1BQU0sTUFBTSxHQUFHLElBQUkseUJBQWEsRUFBRSxDQUFDO1FBRW5DLHVCQUF1QjtRQUN2QixLQUFLLE1BQU0sYUFBYSxJQUFJLElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztZQUNoRCxNQUFNLFNBQVMsR0FBb0I7Z0JBQ2pDLFNBQVMsRUFBRSxhQUFhO2dCQUN4QixNQUFNLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxTQUFTO2dCQUNoQyxNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07YUFDcEIsQ0FBQztZQUNGLE1BQU0sQ0FBQyxZQUFZLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDakMsQ0FBQztRQUVELElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLElBQUksQ0FBQyxJQUFJLElBQUksQ0FBQyxjQUFjLENBQUMsTUFBTSxJQUFJLENBQUMsRUFBRSxDQUFDO1lBQ2hFLE9BQU8sQ0FBQyxJQUFJLENBQ1YscUpBQXFKLENBQ3RKLENBQUM7UUFDSixDQUFDO1FBRUQsc0JBQXNCO1FBQ3RCLE1BQU0saUJBQWlCLEdBQUcsTUFBTSxDQUFDLE1BQU0sRUFBRSxDQUFDO1FBRTFDLGtFQUFrRTtRQUNsRSw4QkFBOEI7UUFDOUIsTUFBTSxjQUFjLEdBQUcsSUFBSSxXQUFXLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDMUMsY0FBYyxDQUFDLENBQUMsQ0FBQyxHQUFHLG9CQUFvQixDQUFDO1FBRXpDLE1BQU0sY0FBYyxHQUFHLElBQUksVUFBVSxDQUFDLGNBQWMsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUU3RCxzREFBc0Q7UUFDdEQsTUFBTSxTQUFTLEdBQUcsSUFBSSxVQUFVLENBQUMsRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzdDLFNBQVMsQ0FBQyxDQUFDLENBQUMsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDakMsU0FBUyxDQUFDLEVBQUUsQ0FBQyxHQUFHLGNBQWMsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNsQyxTQUFTLENBQUMsRUFBRSxDQUFDLEdBQUcsY0FBYyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRWxDLE1BQU0sYUFBYSxHQUFtQixFQUFFLEdBQUcsY0FBYyxFQUFFLEdBQUcsT0FBTyxFQUFFLENBQUM7UUFDeEUsT0FBTyxJQUFBLGtCQUFPLEVBQ1osaUJBQWlCLEVBQ2pCLElBQUksQ0FBQyxTQUFTLEVBQ2QsZ0JBQWdCLEVBQ2hCLFNBQVMsRUFDVCxJQUFJLEVBQ0osYUFBYSxDQUFDLFlBQVksQ0FDM0IsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQS9IRCxzQ0ErSEM7QUFNRDs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0dBd0JHO0FBQ0gsTUFBYSxvQkFBcUIsU0FBUSxpQkFBTTtJQWE5Qzs7Ozs7Ozs7Ozs7T0FXRztJQUNILFlBQVksSUFBbUI7UUFDN0IsSUFDRSxJQUFJLENBQUMsZ0JBQWdCO1lBQ3JCLElBQUksQ0FBQyxnQkFBZ0IsR0FBRyxvQkFBb0IsQ0FBQyx1QkFBdUIsRUFDcEUsQ0FBQztZQUNELE1BQU0sSUFBSSw4QkFBa0IsQ0FDMUIsd0NBQXdDLG9CQUFvQixDQUFDLHVCQUF1QixHQUFHLENBQ3hGLENBQUM7UUFDSixDQUFDO1FBQ0QsS0FBSyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBRVosSUFBSSxDQUFDLGVBQWUsR0FBRyxJQUFJLENBQUMsZ0JBQWdCLElBQUksb0JBQW9CLENBQUMsdUJBQXVCLENBQUM7UUFDN0YsSUFBSSxDQUFDLGlCQUFpQixHQUFHLENBQUMsQ0FBQztJQUM3QixDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0gsS0FBSyxDQUFDLE9BQU8sQ0FBQyxJQUE4QixFQUFFLE9BQXdCO1FBQ3BFLGlCQUFpQjtRQUNqQixJQUFJLElBQUksQ0FBQyxpQkFBaUIsSUFBSSxDQUFDLEVBQUUsQ0FBQztZQUNoQyxNQUFNLGFBQWEsR0FBbUIsRUFBRSxHQUFHLGNBQWMsRUFBRSxHQUFHLE9BQU8sRUFBRSxDQUFDO1lBQ3hFLElBQUksQ0FBQyxZQUFZLEdBQUcsYUFBYSxDQUFDLFlBQVksQ0FBQztZQUMvQywwREFBMEQ7WUFDMUQsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQztZQUVyRCxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUNwQixJQUFJLENBQUMsU0FBUyxHQUFHLE1BQU0sSUFBQSw0QkFBZ0IsRUFBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7WUFDdkQsQ0FBQztZQUVELDhCQUE4QjtZQUM5QixNQUFNLE1BQU0sR0FBRyxJQUFJLHlCQUFhLEVBQUUsQ0FBQztZQUVuQyx1QkFBdUI7WUFDdkIsS0FBSyxNQUFNLGFBQWEsSUFBSSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7Z0JBQ2hELE1BQU0sU0FBUyxHQUFHO29CQUNoQixTQUFTLEVBQUUsYUFBYTtvQkFDeEIsU0FBUyxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsU0FBUztvQkFDbkMsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO2lCQUNwQixDQUFDO2dCQUNGLE1BQU0sQ0FBQyxZQUFZLENBQUMsU0FBUyxDQUFDLENBQUM7WUFDakMsQ0FBQztZQUVELElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLElBQUksQ0FBQyxJQUFJLElBQUksQ0FBQyxjQUFjLENBQUMsTUFBTSxJQUFJLENBQUMsRUFBRSxDQUFDO2dCQUNoRSxPQUFPLENBQUMsSUFBSSxDQUNWLHFKQUFxSixDQUN0SixDQUFDO1lBQ0osQ0FBQztZQUVELHNCQUFzQjtZQUN0QixNQUFNLGlCQUFpQixHQUFHLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUUxQyxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7WUFFbkMsNEJBQTRCO1lBQzVCLElBQUksQ0FBQyxZQUFZLEdBQUcsTUFBTSxJQUFBLHVCQUFZLEVBQ3BDLGdCQUFnQixDQUFDLFVBQVUsRUFDM0IsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUFDLEdBQUcsRUFDeEIsTUFBTSxJQUFBLHNCQUFXLEVBQUMsd0JBQWEsQ0FBQyxrQkFBa0IsQ0FBQyxDQUNwRCxDQUFDO1lBRUYsTUFBTSxhQUFhLEdBQUcsTUFBTSxJQUFBLGtCQUFPLEVBQ2pDLGlCQUFpQixFQUNqQixJQUFJLENBQUMsU0FBUyxFQUNkLGdCQUFnQixFQUNoQixRQUFRLEVBQ1IsSUFBSSxFQUNKLElBQUksQ0FBQyxZQUFZLENBQ2xCLENBQUM7WUFFRixtREFBbUQ7WUFDbkQsSUFBSSxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztnQkFDdkIsTUFBTSxPQUFPLEdBQUcsa0JBQU8sQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLENBQUM7Z0JBQzVDLElBQUksQ0FBQyxZQUFZLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQztZQUNyQyxDQUFDO1lBRUQsSUFBSSxDQUFDLGlCQUFpQixJQUFJLENBQUMsQ0FBQztZQUU1QixPQUFPLGFBQWEsQ0FBQztRQUN2QixDQUFDO1FBRUQsSUFBSSxDQUFDLGlCQUFpQixJQUFJLENBQUMsQ0FBQztRQUU1QixJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVksRUFBRSxDQUFDO1lBQ3ZCLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyw4Q0FBOEMsQ0FBQyxDQUFDO1FBQy9FLENBQUM7UUFDRCxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVksRUFBRSxDQUFDO1lBQ3ZCLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyxtQ0FBbUMsQ0FBQyxDQUFDO1FBQ3BFLENBQUM7UUFFRCxJQUFJLENBQUMsaUJBQWlCLElBQUksQ0FBQyxDQUFDO1FBQzVCLElBQUksSUFBSSxDQUFDLGlCQUFpQixJQUFJLElBQUksQ0FBQyxlQUFlLEVBQUUsQ0FBQztZQUNuRCwwQkFBMEI7WUFDMUIsSUFBSSxDQUFDLGlCQUFpQixHQUFHLENBQUMsQ0FBQztRQUM3QixDQUFDO1FBRUQsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBRW5DLE9BQU8sSUFBQSx5QkFBYyxFQUFDLElBQUksQ0FBQyxZQUFZLEVBQUUsSUFBSSxDQUFDLFlBQVksRUFBRSxRQUFRLEVBQUUsSUFBSSxDQUFDLENBQUM7SUFDOUUsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNILEtBQUssQ0FBQyxPQUFPLENBQUMsVUFBb0M7UUFDaEQsbUJBQW1CO1FBQ25CLE1BQU0sT0FBTyxHQUFHLGtCQUFPLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBRXpDLElBQUksQ0FBQyxJQUFJLENBQUMsa0JBQWtCLEVBQUUsQ0FBQztZQUM3QixnQkFBZ0I7WUFDaEIsT0FBTyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDeEMsQ0FBQztRQUVELGlCQUFpQjtRQUNqQixJQUFJLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLEVBQUUsSUFBSSxPQUFPLENBQUMsTUFBTSxDQUFDLGtCQUFrQixDQUFDLFFBQVEsRUFBRSxFQUFFLENBQUM7WUFDdkYsTUFBTSxJQUFJLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQztZQUMvQixJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7Z0JBQ1Ysb0NBQW9DO2dCQUNwQyxNQUFNLElBQUksS0FBSyxDQUFDLDhCQUE4QixDQUFDLENBQUM7WUFDbEQsQ0FBQztZQUNELHlCQUF5QjtZQUN6QixPQUFPLElBQUEsa0JBQU8sRUFBQyxJQUFJLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDaEMsQ0FBQzthQUFNLENBQUM7WUFDTixPQUFPLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUN4QyxDQUFDO0lBQ0gsQ0FBQztJQUVELEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFnQjtRQUNyQywwREFBMEQ7UUFDMUQsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDO1FBQ3hCLDhCQUE4QjtRQUM5QixNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxTQUFTLENBQy9CLE9BQU8sQ0FBQyxNQUFNLENBQUMsUUFBUSxFQUFFLEVBQ3pCLE9BQU8sQ0FBQyxNQUFNLENBQUMsZUFBZSxFQUFFLEVBQ2hDLE9BQU8sQ0FBQyxNQUFNLENBQUMsa0JBQWtCLEVBQ2pDLE9BQU8sQ0FDUixDQUFDO1FBQ0YsSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ1Ysb0NBQW9DO1lBQ3BDLE1BQU0sSUFBSSxLQUFLLENBQUMsOEJBQThCLENBQUMsQ0FBQztRQUNsRCxDQUFDO1FBRUQsSUFBSSxDQUFDLGtCQUFrQixHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsa0JBQWtCLENBQUM7UUFDNUQsSUFBSSxDQUFDLFlBQVksR0FBRyxJQUFJLENBQUM7UUFFekIseUJBQXlCO1FBQ3pCLE9BQU8sSUFBQSxrQkFBTyxFQUFDLElBQUksRUFBRSxPQUFPLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQsVUFBVTtRQUNSLE1BQU0sRUFBRSxHQUFHLElBQUksQ0FBQyxFQUFFLENBQUM7UUFDbkIsSUFBSSxFQUFFLEtBQUssU0FBUyxFQUFFLENBQUM7WUFDckIseURBQXlEO1lBQ3pELE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyxjQUFjLENBQUMsQ0FBQztRQUMvQyxDQUFDO1FBQ0QsNEJBQTRCO1FBQzVCLElBQUksQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQyxJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUksU0FBUyxHQUFHLEVBQUUsRUFBRSxDQUFDO1lBQ3ZELHFFQUFxRTtZQUNyRSx1RUFBdUU7WUFDdkUsNENBQTRDO1lBQzVDLE1BQU0sSUFBSSxLQUFLLENBQUMseUJBQXlCLENBQUMsQ0FBQztRQUM3QyxDQUFDO1FBRUQsTUFBTSxjQUFjLEdBQUcsSUFBSSxXQUFXLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDMUMsY0FBYyxDQUFDLENBQUMsQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUV2QixNQUFNLGNBQWMsR0FBRyxJQUFJLFVBQVUsQ0FBQyxjQUFjLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFN0Qsc0RBQXNEO1FBQ3RELE1BQU0sUUFBUSxHQUFHLElBQUksVUFBVSxDQUFDLGlCQUFNLENBQUMsT0FBTyxDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ3hELFFBQVEsQ0FBQyxDQUFDLENBQUMsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDaEMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxHQUFHLGNBQWMsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNqQyxRQUFRLENBQUMsRUFBRSxDQUFDLEdBQUcsY0FBYyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRWpDLG1CQUFtQjtRQUNuQixJQUFJLEVBQUUsSUFBSSxTQUFTLEVBQUUsQ0FBQztZQUNwQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUM7UUFDakIsQ0FBQzthQUFNLENBQUM7WUFDTixJQUFJLENBQUMsRUFBRSxHQUFHLEVBQUUsR0FBRyxDQUFDLENBQUM7UUFDbkIsQ0FBQztRQUVELE9BQU8sUUFBUSxDQUFDO0lBQ2xCLENBQUM7O0FBdk5ILG9EQXdOQztBQXZOQyxzRUFBc0U7QUFDdEUsb0VBQW9FO0FBQ3BELDRDQUF1QixHQUFHLE9BQU8sQ0FBQyJ9
|
|
292
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibmFub2NsaWVudHMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvbmFub2NsaWVudHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsaURBUzRCO0FBQzVCLHdEQUF5RDtBQUN6RCwrQ0FBZ0Q7QUFDaEQsMkNBQStDO0FBRS9DLDJDQUFpRDtBQVFqRCx5QkFBeUI7QUFDekIsTUFBTSxjQUFjLEdBQW1CO0lBQ3JDLFlBQVksRUFBRSxLQUFLO0NBQ3BCLENBQUM7QUFFRjs7O0dBR0c7QUFDSCxNQUFhLGFBQWMsU0FBUSxpQkFBTTtJQUN2Qzs7Ozs7O09BTUc7SUFDSCxLQUFLLENBQUMsT0FBTyxDQUFDLFVBQW9DO1FBQ2hELG1CQUFtQjtRQUNuQixNQUFNLE9BQU8sR0FBRyxrQkFBTyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUV6QywwREFBMEQ7UUFDMUQsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDO1FBQ3hCLE1BQU0sTUFBTSxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsZUFBZSxFQUFFLENBQUM7UUFFaEQsOEJBQThCO1FBQzlCLE1BQU0sRUFBRSxZQUFZLEVBQUUsSUFBSSxFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUNqRCxPQUFPLENBQUMsTUFBTSxDQUFDLFFBQVEsRUFBRSxFQUN6QixNQUFNLEVBQ04sT0FBTyxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsRUFDakMsT0FBTyxDQUNSLENBQUM7UUFFRixJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDVixNQUFNLElBQUksS0FBSyxDQUFDLDhCQUE4QixDQUFDLENBQUM7UUFDbEQsQ0FBQztRQUNELHlCQUF5QjtRQUN6QixPQUFPLElBQUEsa0JBQU8sRUFBQyxJQUFJLEVBQUUsT0FBTyxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNILEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxVQUFvQztRQUN6RCxtQkFBbUI7UUFDbkIsTUFBTSxPQUFPLEdBQUcsa0JBQU8sQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLFNBQVMsRUFBRSxJQUFJLENBQUMsQ0FBQztRQUUxRCxNQUFNLGFBQWEsR0FBRyxPQUFPLENBQUM7UUFDOUIsOEJBQThCO1FBQzlCLE1BQU0sRUFBRSxZQUFZLEVBQUUsR0FBRyxFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUNoRCxPQUFPLENBQUMsTUFBTSxDQUFDLFFBQVEsRUFBRSxFQUN6QixPQUFPLENBQUMsTUFBTSxDQUFDLGVBQWUsRUFBRSxFQUNoQyxPQUFPLENBQUMsTUFBTSxDQUFDLGtCQUFrQixFQUNqQyxhQUFhLENBQ2QsQ0FBQztRQUVGLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQztZQUNULE1BQU0sSUFBSSxLQUFLLENBQUMseUJBQXlCLENBQUMsQ0FBQztRQUM3QyxDQUFDO1FBQ0QseUJBQXlCO1FBQ3pCLE9BQU8sSUFBQSxrQkFBTyxFQUFDLEdBQUcsRUFBRSxPQUFPLENBQUMsQ0FBQztJQUMvQixDQUFDO0lBRUQ7Ozs7Ozs7T0FPRztJQUNILEtBQUssQ0FBQyxPQUFPLENBQUMsSUFBOEIsRUFBRSxPQUF3QjtRQUNwRSwwREFBMEQ7UUFDMUQsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQztRQUNyRCxNQUFNLG9CQUFvQixHQUFHLElBQUksQ0FBQyxFQUFFLENBQUM7UUFFckMsSUFBSSxPQUFPLG9CQUFvQixLQUFLLFFBQVEsRUFBRSxDQUFDO1lBQzdDLE1BQU0sSUFBSSw4QkFBa0IsQ0FDMUIsMkVBQTJFLENBQzVFLENBQUM7UUFDSixDQUFDO1FBQ0QsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDO1FBRWYsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUNwQixJQUFJLENBQUMsU0FBUyxHQUFHLE1BQU0sSUFBQSw0QkFBZ0IsRUFBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDdkQsQ0FBQztRQUVELDhCQUE4QjtRQUM5QixNQUFNLE1BQU0sR0FBRyxJQUFJLHlCQUFhLEVBQUUsQ0FBQztRQUVuQyx1QkFBdUI7UUFDdkIsS0FBSyxNQUFNLGFBQWEsSUFBSSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7WUFDaEQsTUFBTSxTQUFTLEdBQW9CO2dCQUNqQyxTQUFTLEVBQUUsYUFBYTtnQkFDeEIsTUFBTSxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsU0FBUztnQkFDaEMsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO2FBQ3BCLENBQUM7WUFDRixNQUFNLENBQUMsWUFBWSxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBQ2pDLENBQUM7UUFFRCxJQUFJLElBQUksQ0FBQyxPQUFPLENBQUMsTUFBTSxJQUFJLENBQUMsSUFBSSxJQUFJLENBQUMsY0FBYyxDQUFDLE1BQU0sSUFBSSxDQUFDLEVBQUUsQ0FBQztZQUNoRSxPQUFPLENBQUMsSUFBSSxDQUNWLHFKQUFxSixDQUN0SixDQUFDO1FBQ0osQ0FBQztRQUVELHNCQUFzQjtRQUN0QixNQUFNLGlCQUFpQixHQUFHLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUUxQyxrRUFBa0U7UUFDbEUsOEJBQThCO1FBQzlCLE1BQU0sY0FBYyxHQUFHLElBQUksV0FBVyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzFDLGNBQWMsQ0FBQyxDQUFDLENBQUMsR0FBRyxvQkFBb0IsQ0FBQztRQUV6QyxNQUFNLGNBQWMsR0FBRyxJQUFJLFVBQVUsQ0FBQyxjQUFjLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFN0Qsc0RBQXNEO1FBQ3RELE1BQU0sU0FBUyxHQUFHLElBQUksVUFBVSxDQUFDLEVBQUUsQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUM3QyxTQUFTLENBQUMsQ0FBQyxDQUFDLEdBQUcsY0FBYyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ2pDLFNBQVMsQ0FBQyxFQUFFLENBQUMsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDbEMsU0FBUyxDQUFDLEVBQUUsQ0FBQyxHQUFHLGNBQWMsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUVsQyxNQUFNLGFBQWEsR0FBbUIsRUFBRSxHQUFHLGNBQWMsRUFBRSxHQUFHLE9BQU8sRUFBRSxDQUFDO1FBQ3hFLE9BQU8sSUFBQSxrQkFBTyxFQUNaLGlCQUFpQixFQUNqQixJQUFJLENBQUMsU0FBUyxFQUNkLGdCQUFnQixFQUNoQixTQUFTLEVBQ1QsSUFBSSxFQUNKLGFBQWEsQ0FBQyxZQUFZLENBQzNCLENBQUM7SUFDSixDQUFDO0NBQ0Y7QUEvSEQsc0NBK0hDO0FBTUQ7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztHQXdCRztBQUNILE1BQWEsb0JBQXFCLFNBQVEsaUJBQU07SUFhOUM7Ozs7Ozs7Ozs7O09BV0c7SUFDSCxZQUFZLElBQW1CO1FBQzdCLElBQ0UsSUFBSSxDQUFDLGdCQUFnQjtZQUNyQixJQUFJLENBQUMsZ0JBQWdCLEdBQUcsb0JBQW9CLENBQUMsdUJBQXVCLEVBQ3BFLENBQUM7WUFDRCxNQUFNLElBQUksOEJBQWtCLENBQzFCLHdDQUF3QyxvQkFBb0IsQ0FBQyx1QkFBdUIsR0FBRyxDQUN4RixDQUFDO1FBQ0osQ0FBQztRQUNELEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUVaLElBQUksQ0FBQyxlQUFlLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixJQUFJLG9CQUFvQixDQUFDLHVCQUF1QixDQUFDO1FBQzdGLElBQUksQ0FBQyxpQkFBaUIsR0FBRyxDQUFDLENBQUM7SUFDN0IsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNILEtBQUssQ0FBQyxPQUFPLENBQUMsSUFBOEIsRUFBRSxPQUF3QjtRQUNwRSxpQkFBaUI7UUFDakIsSUFBSSxJQUFJLENBQUMsaUJBQWlCLElBQUksQ0FBQyxFQUFFLENBQUM7WUFDaEMsTUFBTSxhQUFhLEdBQW1CLEVBQUUsR0FBRyxjQUFjLEVBQUUsR0FBRyxPQUFPLEVBQUUsQ0FBQztZQUN4RSxJQUFJLENBQUMsWUFBWSxHQUFHLGFBQWEsQ0FBQyxZQUFZLENBQUM7WUFDL0MsMERBQTBEO1lBQzFELE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxJQUFJLENBQUMsZ0JBQWdCLENBQUM7WUFFckQsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFDcEIsSUFBSSxDQUFDLFNBQVMsR0FBRyxNQUFNLElBQUEsNEJBQWdCLEVBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1lBQ3ZELENBQUM7WUFFRCw4QkFBOEI7WUFDOUIsTUFBTSxNQUFNLEdBQUcsSUFBSSx5QkFBYSxFQUFFLENBQUM7WUFFbkMsdUJBQXVCO1lBQ3ZCLEtBQUssTUFBTSxhQUFhLElBQUksSUFBSSxDQUFDLGNBQWMsRUFBRSxDQUFDO2dCQUNoRCxNQUFNLFNBQVMsR0FBRztvQkFDaEIsU0FBUyxFQUFFLGFBQWE7b0JBQ3hCLFNBQVMsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLFNBQVM7b0JBQ25DLE1BQU0sRUFBRSxJQUFJLENBQUMsTUFBTTtpQkFDcEIsQ0FBQztnQkFDRixNQUFNLENBQUMsWUFBWSxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBQ2pDLENBQUM7WUFFRCxJQUFJLElBQUksQ0FBQyxPQUFPLENBQUMsTUFBTSxJQUFJLENBQUMsSUFBSSxJQUFJLENBQUMsY0FBYyxDQUFDLE1BQU0sSUFBSSxDQUFDLEVBQUUsQ0FBQztnQkFDaEUsT0FBTyxDQUFDLElBQUksQ0FDVixxSkFBcUosQ0FDdEosQ0FBQztZQUNKLENBQUM7WUFFRCxzQkFBc0I7WUFDdEIsTUFBTSxpQkFBaUIsR0FBRyxNQUFNLENBQUMsTUFBTSxFQUFFLENBQUM7WUFFMUMsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBRW5DLDRCQUE0QjtZQUM1QixJQUFJLENBQUMsWUFBWSxHQUFHLE1BQU0sSUFBQSx1QkFBWSxFQUNwQyxnQkFBZ0IsQ0FBQyxVQUFVLEVBQzNCLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FBQyxHQUFHLEVBQ3hCLE1BQU0sSUFBQSxzQkFBVyxFQUFDLHdCQUFhLENBQUMsa0JBQWtCLENBQUMsQ0FDcEQsQ0FBQztZQUVGLE1BQU0sYUFBYSxHQUFHLE1BQU0sSUFBQSxrQkFBTyxFQUNqQyxpQkFBaUIsRUFDakIsSUFBSSxDQUFDLFNBQVMsRUFDZCxnQkFBZ0IsRUFDaEIsUUFBUSxFQUNSLElBQUksRUFDSixJQUFJLENBQUMsWUFBWSxDQUNsQixDQUFDO1lBRUYsbURBQW1EO1lBQ25ELElBQUksQ0FBQyxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7Z0JBQ3ZCLE1BQU0sT0FBTyxHQUFHLGtCQUFPLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxDQUFDO2dCQUM1QyxJQUFJLENBQUMsWUFBWSxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUM7WUFDckMsQ0FBQztZQUVELElBQUksQ0FBQyxpQkFBaUIsSUFBSSxDQUFDLENBQUM7WUFFNUIsT0FBTyxhQUFhLENBQUM7UUFDdkIsQ0FBQztRQUVELElBQUksQ0FBQyxpQkFBaUIsSUFBSSxDQUFDLENBQUM7UUFFNUIsSUFBSSxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUN2QixNQUFNLElBQUksOEJBQWtCLENBQUMsOENBQThDLENBQUMsQ0FBQztRQUMvRSxDQUFDO1FBQ0QsSUFBSSxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUN2QixNQUFNLElBQUksOEJBQWtCLENBQUMsbUNBQW1DLENBQUMsQ0FBQztRQUNwRSxDQUFDO1FBRUQsSUFBSSxDQUFDLGlCQUFpQixJQUFJLENBQUMsQ0FBQztRQUM1QixJQUFJLElBQUksQ0FBQyxpQkFBaUIsSUFBSSxJQUFJLENBQUMsZUFBZSxFQUFFLENBQUM7WUFDbkQsMEJBQTBCO1lBQzFCLElBQUksQ0FBQyxpQkFBaUIsR0FBRyxDQUFDLENBQUM7UUFDN0IsQ0FBQztRQUVELE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztRQUVuQyxPQUFPLElBQUEseUJBQWMsRUFBQyxJQUFJLENBQUMsWUFBWSxFQUFFLElBQUksQ0FBQyxZQUFZLEVBQUUsUUFBUSxFQUFFLElBQUksQ0FBQyxDQUFDO0lBQzlFLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSCxLQUFLLENBQUMsT0FBTyxDQUFDLFVBQW9DO1FBQ2hELG1CQUFtQjtRQUNuQixNQUFNLE9BQU8sR0FBRyxrQkFBTyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUV6QyxJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixFQUFFLENBQUM7WUFDN0IsZ0JBQWdCO1lBQ2hCLE9BQU8sSUFBSSxDQUFDLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3hDLENBQUM7UUFFRCxpQkFBaUI7UUFDakIsSUFBSSxJQUFJLENBQUMsa0JBQWtCLENBQUMsUUFBUSxFQUFFLElBQUksT0FBTyxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLEVBQUUsRUFBRSxDQUFDO1lBQ3ZGLE1BQU0sSUFBSSxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUM7WUFDL0IsSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO2dCQUNWLG9DQUFvQztnQkFDcEMsTUFBTSxJQUFJLEtBQUssQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO1lBQ2xELENBQUM7WUFDRCx5QkFBeUI7WUFDekIsT0FBTyxJQUFBLGtCQUFPLEVBQUMsSUFBSSxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQ2hDLENBQUM7YUFBTSxDQUFDO1lBQ04sT0FBTyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDeEMsQ0FBQztJQUNILENBQUM7SUFFRCxLQUFLLENBQUMsZ0JBQWdCLENBQUMsT0FBZ0I7UUFDckMsMERBQTBEO1FBQzFELE1BQU0sT0FBTyxHQUFHLE9BQU8sQ0FBQztRQUN4Qiw4QkFBOEI7UUFDOUIsTUFBTSxFQUFFLFlBQVksRUFBRSxJQUFJLEVBQUUsR0FBRyxNQUFNLElBQUksQ0FBQyxTQUFTLENBQ2pELE9BQU8sQ0FBQyxNQUFNLENBQUMsUUFBUSxFQUFFLEVBQ3pCLE9BQU8sQ0FBQyxNQUFNLENBQUMsZUFBZSxFQUFFLEVBQ2hDLE9BQU8sQ0FBQyxNQUFNLENBQUMsa0JBQWtCLEVBQ2pDLE9BQU8sQ0FDUixDQUFDO1FBQ0YsSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ1Ysb0NBQW9DO1lBQ3BDLE1BQU0sSUFBSSxLQUFLLENBQUMsOEJBQThCLENBQUMsQ0FBQztRQUNsRCxDQUFDO1FBRUQsSUFBSSxDQUFDLGtCQUFrQixHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsa0JBQWtCLENBQUM7UUFDNUQsSUFBSSxDQUFDLFlBQVksR0FBRyxJQUFJLENBQUM7UUFFekIseUJBQXlCO1FBQ3pCLE9BQU8sSUFBQSxrQkFBTyxFQUFDLElBQUksRUFBRSxPQUFPLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQsVUFBVTtRQUNSLE1BQU0sRUFBRSxHQUFHLElBQUksQ0FBQyxFQUFFLENBQUM7UUFDbkIsSUFBSSxFQUFFLEtBQUssU0FBUyxFQUFFLENBQUM7WUFDckIseURBQXlEO1lBQ3pELE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyxjQUFjLENBQUMsQ0FBQztRQUMvQyxDQUFDO1FBQ0QsNEJBQTRCO1FBQzVCLElBQUksQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQyxJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUksU0FBUyxHQUFHLEVBQUUsRUFBRSxDQUFDO1lBQ3ZELHFFQUFxRTtZQUNyRSx1RUFBdUU7WUFDdkUsNENBQTRDO1lBQzVDLE1BQU0sSUFBSSxLQUFLLENBQUMseUJBQXlCLENBQUMsQ0FBQztRQUM3QyxDQUFDO1FBRUQsTUFBTSxjQUFjLEdBQUcsSUFBSSxXQUFXLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDMUMsY0FBYyxDQUFDLENBQUMsQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUV2QixNQUFNLGNBQWMsR0FBRyxJQUFJLFVBQVUsQ0FBQyxjQUFjLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFN0Qsc0RBQXNEO1FBQ3RELE1BQU0sUUFBUSxHQUFHLElBQUksVUFBVSxDQUFDLGlCQUFNLENBQUMsT0FBTyxDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ3hELFFBQVEsQ0FBQyxDQUFDLENBQUMsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDaEMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxHQUFHLGNBQWMsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNqQyxRQUFRLENBQUMsRUFBRSxDQUFDLEdBQUcsY0FBYyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRWpDLG1CQUFtQjtRQUNuQixJQUFJLEVBQUUsSUFBSSxTQUFTLEVBQUUsQ0FBQztZQUNwQixPQUFPLElBQUksQ0FBQyxFQUFFLENBQUM7UUFDakIsQ0FBQzthQUFNLENBQUM7WUFDTixJQUFJLENBQUMsRUFBRSxHQUFHLEVBQUUsR0FBRyxDQUFDLENBQUM7UUFDbkIsQ0FBQztRQUVELE9BQU8sUUFBUSxDQUFDO0lBQ2xCLENBQUM7O0FBdk5ILG9EQXdOQztBQXZOQyxzRUFBc0U7QUFDdEUsb0VBQW9FO0FBQ3BELDRDQUF1QixHQUFHLE9BQU8sQ0FBQyJ9
|