@opentdf/sdk 0.9.0-rc.82 → 0.10.0-beta.95
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -2
- package/dist/cjs/src/access/access-fetch.js +1 -2
- package/dist/cjs/src/access/access-rpc.js +1 -3
- package/dist/cjs/src/access.js +1 -14
- package/dist/cjs/src/auth/auth.js +13 -10
- package/dist/cjs/src/auth/dpop.js +121 -0
- package/dist/cjs/src/auth/oidc-clientcredentials-provider.js +37 -3
- package/dist/cjs/src/auth/oidc-externaljwt-provider.js +37 -3
- package/dist/cjs/src/auth/oidc-refreshtoken-provider.js +37 -3
- package/dist/cjs/src/auth/oidc.js +10 -8
- package/dist/cjs/src/auth/providers.js +35 -12
- package/dist/cjs/src/crypto/enums.js +1 -1
- package/dist/cjs/src/crypto/index.js +16 -2
- package/dist/cjs/src/crypto/pemPublicToCrypto.js +24 -20
- package/dist/cjs/src/errors.js +14 -2
- package/dist/cjs/src/index.js +8 -2
- package/dist/cjs/src/opentdf.js +50 -13
- package/dist/cjs/src/policy/discovery.js +188 -0
- package/dist/cjs/src/version.js +2 -2
- package/dist/cjs/tdf3/index.js +4 -2
- package/dist/cjs/tdf3/src/assertions.js +71 -31
- package/dist/cjs/tdf3/src/ciphers/aes-gcm-cipher.js +1 -1
- package/dist/cjs/tdf3/src/ciphers/symmetric-cipher-base.js +4 -2
- package/dist/cjs/tdf3/src/client/index.js +23 -33
- package/dist/cjs/tdf3/src/crypto/crypto-utils.js +12 -5
- package/dist/cjs/tdf3/src/crypto/declarations.js +1 -1
- package/dist/cjs/tdf3/src/crypto/index.js +849 -88
- package/dist/cjs/tdf3/src/crypto/jose/jwt-claims-set.js +11 -0
- package/dist/cjs/tdf3/src/crypto/jose/validate-crit.js +8 -0
- package/dist/cjs/tdf3/src/crypto/jose/vendor/lib/buffer_utils.js +41 -0
- package/dist/cjs/tdf3/src/crypto/jose/vendor/lib/epoch.js +6 -0
- package/dist/cjs/tdf3/src/crypto/jose/vendor/lib/is_object.js +21 -0
- package/dist/cjs/tdf3/src/crypto/jose/vendor/lib/jwt_claims_set.js +112 -0
- package/dist/cjs/tdf3/src/crypto/jose/vendor/lib/secs.js +60 -0
- package/dist/cjs/tdf3/src/crypto/jose/vendor/lib/validate_crit.js +38 -0
- package/dist/cjs/tdf3/src/crypto/jose/vendor/util/errors.js +135 -0
- package/dist/cjs/tdf3/src/crypto/jwt.js +183 -0
- package/dist/cjs/tdf3/src/crypto/salt.js +14 -8
- package/dist/cjs/tdf3/src/models/encryption-information.js +17 -20
- package/dist/cjs/tdf3/src/models/key-access.js +43 -63
- package/dist/cjs/tdf3/src/tdf.js +75 -75
- package/dist/cjs/tdf3/src/utils/index.js +5 -39
- package/dist/types/src/access/access-fetch.d.ts.map +1 -1
- package/dist/types/src/access/access-rpc.d.ts.map +1 -1
- package/dist/types/src/access.d.ts +0 -5
- package/dist/types/src/access.d.ts.map +1 -1
- package/dist/types/src/auth/auth.d.ts +9 -6
- package/dist/types/src/auth/auth.d.ts.map +1 -1
- package/dist/types/src/auth/dpop.d.ts +60 -0
- package/dist/types/src/auth/dpop.d.ts.map +1 -0
- package/dist/types/src/auth/oidc-clientcredentials-provider.d.ts +3 -2
- package/dist/types/src/auth/oidc-clientcredentials-provider.d.ts.map +1 -1
- package/dist/types/src/auth/oidc-externaljwt-provider.d.ts +3 -2
- package/dist/types/src/auth/oidc-externaljwt-provider.d.ts.map +1 -1
- package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts +3 -2
- package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts.map +1 -1
- package/dist/types/src/auth/oidc.d.ts +6 -4
- package/dist/types/src/auth/oidc.d.ts.map +1 -1
- package/dist/types/src/auth/providers.d.ts +5 -4
- package/dist/types/src/auth/providers.d.ts.map +1 -1
- package/dist/types/src/crypto/enums.d.ts +1 -1
- package/dist/types/src/crypto/index.d.ts +2 -1
- package/dist/types/src/crypto/index.d.ts.map +1 -1
- package/dist/types/src/crypto/pemPublicToCrypto.d.ts +18 -0
- package/dist/types/src/crypto/pemPublicToCrypto.d.ts.map +1 -1
- package/dist/types/src/errors.d.ts +8 -0
- package/dist/types/src/errors.d.ts.map +1 -1
- package/dist/types/src/index.d.ts +2 -1
- package/dist/types/src/index.d.ts.map +1 -1
- package/dist/types/src/opentdf.d.ts +26 -7
- package/dist/types/src/opentdf.d.ts.map +1 -1
- package/dist/types/src/policy/discovery.d.ts +74 -0
- package/dist/types/src/policy/discovery.d.ts.map +1 -0
- package/dist/types/src/version.d.ts +1 -1
- package/dist/types/src/version.d.ts.map +1 -1
- package/dist/types/tdf3/index.d.ts +3 -3
- package/dist/types/tdf3/index.d.ts.map +1 -1
- package/dist/types/tdf3/src/assertions.d.ts +23 -8
- package/dist/types/tdf3/src/assertions.d.ts.map +1 -1
- package/dist/types/tdf3/src/ciphers/aes-gcm-cipher.d.ts +3 -3
- package/dist/types/tdf3/src/ciphers/aes-gcm-cipher.d.ts.map +1 -1
- package/dist/types/tdf3/src/ciphers/symmetric-cipher-base.d.ts +4 -4
- package/dist/types/tdf3/src/ciphers/symmetric-cipher-base.d.ts.map +1 -1
- package/dist/types/tdf3/src/client/builders.d.ts +2 -2
- package/dist/types/tdf3/src/client/builders.d.ts.map +1 -1
- package/dist/types/tdf3/src/client/index.d.ts +6 -5
- package/dist/types/tdf3/src/client/index.d.ts.map +1 -1
- package/dist/types/tdf3/src/crypto/crypto-utils.d.ts +14 -4
- package/dist/types/tdf3/src/crypto/crypto-utils.d.ts.map +1 -1
- package/dist/types/tdf3/src/crypto/declarations.d.ts +283 -18
- package/dist/types/tdf3/src/crypto/declarations.d.ts.map +1 -1
- package/dist/types/tdf3/src/crypto/index.d.ts +105 -28
- package/dist/types/tdf3/src/crypto/index.d.ts.map +1 -1
- package/dist/types/tdf3/src/crypto/jose/jwt-claims-set.d.ts +3 -0
- package/dist/types/tdf3/src/crypto/jose/jwt-claims-set.d.ts.map +1 -0
- package/dist/types/tdf3/src/crypto/jose/validate-crit.d.ts +5 -0
- package/dist/types/tdf3/src/crypto/jose/validate-crit.d.ts.map +1 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/lib/buffer_utils.d.ts +6 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/lib/buffer_utils.d.ts.map +1 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/lib/epoch.d.ts +3 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/lib/epoch.d.ts.map +1 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/lib/is_object.d.ts +3 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/lib/is_object.d.ts.map +1 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/lib/jwt_claims_set.d.ts +3 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/lib/jwt_claims_set.d.ts.map +1 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/lib/secs.d.ts +3 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/lib/secs.d.ts.map +1 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/lib/validate_crit.d.ts +3 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/lib/validate_crit.d.ts.map +1 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/util/errors.d.ts +76 -0
- package/dist/types/tdf3/src/crypto/jose/vendor/util/errors.d.ts.map +1 -0
- package/dist/types/tdf3/src/crypto/jwt.d.ts +76 -0
- package/dist/types/tdf3/src/crypto/jwt.d.ts.map +1 -0
- package/dist/types/tdf3/src/crypto/salt.d.ts +6 -1
- package/dist/types/tdf3/src/crypto/salt.d.ts.map +1 -1
- package/dist/types/tdf3/src/models/encryption-information.d.ts +4 -4
- package/dist/types/tdf3/src/models/encryption-information.d.ts.map +1 -1
- package/dist/types/tdf3/src/models/key-access.d.ts +8 -5
- package/dist/types/tdf3/src/models/key-access.d.ts.map +1 -1
- package/dist/types/tdf3/src/tdf.d.ts +8 -8
- package/dist/types/tdf3/src/tdf.d.ts.map +1 -1
- package/dist/types/tdf3/src/utils/index.d.ts +4 -3
- package/dist/types/tdf3/src/utils/index.d.ts.map +1 -1
- package/dist/web/src/access/access-fetch.js +3 -4
- package/dist/web/src/access/access-rpc.js +3 -5
- package/dist/web/src/access.js +1 -13
- package/dist/web/src/auth/auth.js +13 -10
- package/dist/web/src/auth/dpop.js +118 -0
- package/dist/web/src/auth/oidc-clientcredentials-provider.js +4 -3
- package/dist/web/src/auth/oidc-externaljwt-provider.js +4 -3
- package/dist/web/src/auth/oidc-refreshtoken-provider.js +4 -3
- package/dist/web/src/auth/oidc.js +11 -9
- package/dist/web/src/auth/providers.js +13 -12
- package/dist/web/src/crypto/enums.js +1 -1
- package/dist/web/src/crypto/index.js +4 -2
- package/dist/web/src/crypto/pemPublicToCrypto.js +18 -18
- package/dist/web/src/errors.js +12 -1
- package/dist/web/src/index.js +3 -2
- package/dist/web/src/opentdf.js +17 -13
- package/dist/web/src/policy/discovery.js +182 -0
- package/dist/web/src/version.js +2 -2
- package/dist/web/tdf3/index.js +3 -2
- package/dist/web/tdf3/src/assertions.js +71 -31
- package/dist/web/tdf3/src/ciphers/aes-gcm-cipher.js +1 -1
- package/dist/web/tdf3/src/ciphers/symmetric-cipher-base.js +4 -2
- package/dist/web/tdf3/src/client/index.js +25 -35
- package/dist/web/tdf3/src/crypto/crypto-utils.js +12 -5
- package/dist/web/tdf3/src/crypto/declarations.js +1 -1
- package/dist/web/tdf3/src/crypto/index.js +830 -84
- package/dist/web/tdf3/src/crypto/jose/jwt-claims-set.js +5 -0
- package/dist/web/tdf3/src/crypto/jose/validate-crit.js +3 -0
- package/dist/web/tdf3/src/crypto/jose/vendor/lib/buffer_utils.js +35 -0
- package/dist/web/tdf3/src/crypto/jose/vendor/lib/epoch.js +4 -0
- package/dist/web/tdf3/src/crypto/jose/vendor/lib/is_object.js +19 -0
- package/dist/web/tdf3/src/crypto/jose/vendor/lib/jwt_claims_set.js +107 -0
- package/dist/web/tdf3/src/crypto/jose/vendor/lib/secs.js +58 -0
- package/dist/web/tdf3/src/crypto/jose/vendor/lib/validate_crit.js +36 -0
- package/dist/web/tdf3/src/crypto/jose/vendor/util/errors.js +117 -0
- package/dist/web/tdf3/src/crypto/jwt.js +174 -0
- package/dist/web/tdf3/src/crypto/salt.js +13 -7
- package/dist/web/tdf3/src/models/encryption-information.js +11 -14
- package/dist/web/tdf3/src/models/key-access.js +44 -31
- package/dist/web/tdf3/src/tdf.js +71 -71
- package/dist/web/tdf3/src/utils/index.js +5 -6
- package/package.json +11 -4
- package/src/access/access-fetch.ts +2 -8
- package/src/access/access-rpc.ts +0 -7
- package/src/access.ts +0 -17
- package/src/auth/auth.ts +21 -12
- package/src/auth/dpop.ts +222 -0
- package/src/auth/oidc-clientcredentials-provider.ts +23 -15
- package/src/auth/oidc-externaljwt-provider.ts +23 -15
- package/src/auth/oidc-refreshtoken-provider.ts +23 -15
- package/src/auth/oidc.ts +21 -10
- package/src/auth/providers.ts +46 -29
- package/src/crypto/enums.ts +1 -1
- package/src/crypto/index.ts +21 -1
- package/src/crypto/pemPublicToCrypto.ts +18 -20
- package/src/errors.ts +9 -0
- package/src/index.ts +7 -0
- package/src/opentdf.ts +36 -17
- package/src/policy/discovery.ts +222 -0
- package/src/version.ts +1 -1
- package/tdf3/index.ts +32 -5
- package/tdf3/src/assertions.ts +99 -30
- package/tdf3/src/ciphers/aes-gcm-cipher.ts +7 -2
- package/tdf3/src/ciphers/symmetric-cipher-base.ts +7 -4
- package/tdf3/src/client/builders.ts +2 -2
- package/tdf3/src/client/index.ts +60 -59
- package/tdf3/src/crypto/crypto-utils.ts +15 -8
- package/tdf3/src/crypto/declarations.ts +338 -22
- package/tdf3/src/crypto/index.ts +1021 -118
- package/tdf3/src/crypto/jose/jwt-claims-set.ts +10 -0
- package/tdf3/src/crypto/jose/validate-crit.ts +9 -0
- package/tdf3/src/crypto/jose/vendor/lib/buffer_utils.ts +34 -0
- package/tdf3/src/crypto/jose/vendor/lib/epoch.ts +3 -0
- package/tdf3/src/crypto/jose/vendor/lib/is_object.ts +18 -0
- package/tdf3/src/crypto/jose/vendor/lib/jwt_claims_set.ts +106 -0
- package/tdf3/src/crypto/jose/vendor/lib/secs.ts +57 -0
- package/tdf3/src/crypto/jose/vendor/lib/validate_crit.ts +35 -0
- package/tdf3/src/crypto/jose/vendor/util/errors.ts +101 -0
- package/tdf3/src/crypto/jwt.ts +256 -0
- package/tdf3/src/crypto/salt.ts +16 -8
- package/tdf3/src/models/encryption-information.ts +14 -21
- package/tdf3/src/models/key-access.ts +57 -41
- package/tdf3/src/tdf.ts +110 -93
- package/tdf3/src/utils/index.ts +5 -6
|
@@ -1,37 +1,4 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
-
}) : function(o, v) {
|
|
16
|
-
o["default"] = v;
|
|
17
|
-
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
-
var ownKeys = function(o) {
|
|
20
|
-
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
-
var ar = [];
|
|
22
|
-
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
-
return ar;
|
|
24
|
-
};
|
|
25
|
-
return ownKeys(o);
|
|
26
|
-
};
|
|
27
|
-
return function (mod) {
|
|
28
|
-
if (mod && mod.__esModule) return mod;
|
|
29
|
-
var result = {};
|
|
30
|
-
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
-
__setModuleDefault(result, mod);
|
|
32
|
-
return result;
|
|
33
|
-
};
|
|
34
|
-
})();
|
|
35
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
3
|
exports.streamToBuffer = exports.keyMerge = exports.keySplit = exports.ZipWriter = exports.readUInt64LE = exports.ZipReader = void 0;
|
|
37
4
|
exports.concatUint8 = concatUint8;
|
|
@@ -45,7 +12,6 @@ exports.buffToString = buffToString;
|
|
|
45
12
|
exports.utf8Slice = utf8Slice;
|
|
46
13
|
exports.base64ToBytes = base64ToBytes;
|
|
47
14
|
exports.keyMiddleware = keyMiddleware;
|
|
48
|
-
const WebCryptoService = __importStar(require("../crypto/index.js"));
|
|
49
15
|
const index_js_1 = require("../models/index.js");
|
|
50
16
|
const aes_gcm_cipher_js_1 = require("../ciphers/aes-gcm-cipher.js");
|
|
51
17
|
const errors_js_1 = require("../../../src/errors.js");
|
|
@@ -290,12 +256,12 @@ function base64ToBytes(str) {
|
|
|
290
256
|
*
|
|
291
257
|
* @returns {Object}:
|
|
292
258
|
* {
|
|
293
|
-
* keyForEncryption:
|
|
294
|
-
* keyForManifest:
|
|
259
|
+
* keyForEncryption: KeyInfo;
|
|
260
|
+
* keyForManifest: KeyInfo;
|
|
295
261
|
* }
|
|
296
262
|
*/
|
|
297
|
-
async function keyMiddleware() {
|
|
298
|
-
const cipher = new aes_gcm_cipher_js_1.AesGcmCipher(
|
|
263
|
+
async function keyMiddleware(cryptoService) {
|
|
264
|
+
const cipher = new aes_gcm_cipher_js_1.AesGcmCipher(cryptoService);
|
|
299
265
|
const encryptionInformation = new index_js_1.SplitKey(cipher);
|
|
300
266
|
if (!encryptionInformation?.generateKey) {
|
|
301
267
|
throw new errors_js_1.ConfigurationError('Crypto service not initialised');
|
|
@@ -303,4 +269,4 @@ async function keyMiddleware() {
|
|
|
303
269
|
const key = await encryptionInformation.generateKey();
|
|
304
270
|
return { keyForEncryption: key, keyForManifest: key };
|
|
305
271
|
}
|
|
306
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi90ZGYzL3NyYy91dGlscy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUEwQkEsa0NBY0M7QUFFRCxvQ0FRQztBQUVELG9DQUVDO0FBRUQsb0NBR0M7QUFFRCxzQ0FHQztBQUVELHNDQUtDO0FBRUQsb0NBVUM7QUFxQ0Qsb0NBbUNDO0FBR0QsOEJBNkVDO0FBZ0RELHNDQUVDO0FBYUQsc0NBV0M7QUFyVEQscUVBQXVEO0FBQ3ZELGlEQUF1RDtBQUV2RCxvRUFBNEQ7QUFDNUQsc0RBQTREO0FBQzVELGdFQUF3RjtBQUV4RixpREFBMEQ7QUFBakQsMEdBQUEsU0FBUyxPQUFBO0FBQUUsNkdBQUEsWUFBWSxPQUFBO0FBQ2hDLGlEQUE0QztBQUFuQywwR0FBQSxTQUFTLE9BQUE7QUFDbEIsNkNBQW1EO0FBQTFDLHVHQUFBLFFBQVEsT0FBQTtBQUFFLHVHQUFBLFFBQVEsT0FBQTtBQUMzQixtRkFBc0U7QUFBN0QsNEhBQUEsY0FBYyxPQUFBO0FBSXZCLE1BQU0sbUJBQW1CLEdBQUcsQ0FBQyxHQUFHLEVBQUU7SUFDaEMsTUFBTSxRQUFRLEdBQUcsa0JBQWtCLENBQUM7SUFDcEMsTUFBTSxLQUFLLEdBQUcsSUFBSSxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7SUFDN0IsS0FBSyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxHQUFHLEVBQUUsRUFBRSxFQUFFLENBQUMsRUFBRSxDQUFDO1FBQzVCLE1BQU0sR0FBRyxHQUFHLENBQUMsR0FBRyxFQUFFLENBQUM7UUFDbkIsS0FBSyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxHQUFHLEVBQUUsRUFBRSxFQUFFLENBQUMsRUFBRSxDQUFDO1lBQzVCLEtBQUssQ0FBQyxHQUFHLEdBQUcsQ0FBQyxDQUFDLEdBQUcsUUFBUSxDQUFDLENBQUMsQ0FBQyxHQUFHLFFBQVEsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUM3QyxDQUFDO0lBQ0gsQ0FBQztJQUNELE9BQU8sS0FBSyxDQUFDO0FBQ2YsQ0FBQyxDQUFDLEVBQUUsQ0FBQztBQUVMLFNBQWdCLFdBQVcsQ0FBQyxXQUF5QjtJQUNuRCxNQUFNLFNBQVMsR0FBRyxXQUFXLENBQUMsTUFBTSxDQUNsQyxDQUFDLFdBQVcsRUFBRSxZQUFZLEVBQUUsRUFBRSxDQUFDLFdBQVcsR0FBRyxZQUFZLENBQUMsTUFBTSxFQUNoRSxDQUFDLENBQ0YsQ0FBQztJQUNGLE1BQU0sa0JBQWtCLEdBQUcsSUFBSSxVQUFVLENBQUMsU0FBUyxDQUFDLENBQUM7SUFFckQsSUFBSSxNQUFNLEdBQUcsQ0FBQyxDQUFDO0lBQ2YsS0FBSyxNQUFNLFVBQVUsSUFBSSxXQUFXLEVBQUUsQ0FBQztRQUNyQyxrQkFBa0IsQ0FBQyxHQUFHLENBQUMsVUFBVSxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBQzNDLE1BQU0sSUFBSSxVQUFVLENBQUMsTUFBTSxDQUFDO0lBQzlCLENBQUM7SUFFRCxPQUFPLGtCQUFrQixDQUFDO0FBQzVCLENBQUM7QUFFRCxTQUFnQixZQUFZLENBQUMsVUFBc0IsRUFBRSxNQUFjO0lBQ2pFLE9BQU8sQ0FDTCxDQUFDLFVBQVUsQ0FBQyxNQUFNLENBQUM7UUFDakIsQ0FBQyxVQUFVLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUM3QixDQUFDLFVBQVUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLElBQUksRUFBRSxDQUFDO1FBQzlCLENBQUMsVUFBVSxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQztRQUNqQyxDQUFDLENBQ0YsQ0FBQztBQUNKLENBQUM7QUFFRCxTQUFnQixZQUFZLENBQUMsVUFBc0IsRUFBRSxNQUFjO0lBQ2pFLE9BQU8sVUFBVSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsVUFBVSxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztBQUM1RCxDQUFDO0FBRUQsU0FBZ0IsWUFBWSxDQUFDLFdBQXdCLEVBQUUsTUFBYztJQUNuRSxNQUFNLElBQUksR0FBRyxJQUFJLFFBQVEsQ0FBQyxXQUFXLEVBQUUsTUFBTSxFQUFFLENBQUMsQ0FBQyxDQUFDO0lBQ2xELE9BQU8sSUFBSSxDQUFDLFNBQVMsQ0FBQyxDQUFDLEVBQUUsS0FBSyxDQUFDLENBQUM7QUFDbEMsQ0FBQztBQUVELFNBQWdCLGFBQWEsQ0FBQyxVQUFzQixFQUFFLEtBQWEsRUFBRSxNQUFjO0lBQ2pGLFVBQVUsQ0FBQyxNQUFNLENBQUMsR0FBRyxLQUFLLEdBQUcsSUFBSSxDQUFDO0lBQ2xDLFVBQVUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxLQUFLLElBQUksQ0FBQyxDQUFDLEdBQUcsSUFBSSxDQUFDO0FBQy9DLENBQUM7QUFFRCxTQUFnQixhQUFhLENBQUMsVUFBc0IsRUFBRSxLQUFhLEVBQUUsTUFBYztJQUNqRixVQUFVLENBQUMsTUFBTSxDQUFDLEdBQUcsS0FBSyxHQUFHLElBQUksQ0FBQztJQUNsQyxVQUFVLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxHQUFHLENBQUMsS0FBSyxJQUFJLENBQUMsQ0FBQyxHQUFHLElBQUksQ0FBQztJQUM3QyxVQUFVLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxHQUFHLENBQUMsS0FBSyxJQUFJLEVBQUUsQ0FBQyxHQUFHLElBQUksQ0FBQztJQUM5QyxVQUFVLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxHQUFHLENBQUMsS0FBSyxJQUFJLEVBQUUsQ0FBQyxHQUFHLElBQUksQ0FBQztBQUNoRCxDQUFDO0FBRUQsU0FBZ0IsWUFBWSxDQUMxQixNQUFrQixFQUNsQixNQUFrQixFQUNsQixjQUFzQixDQUFDLEVBQ3ZCLGNBQXNCLENBQUMsRUFDdkIsWUFBb0IsTUFBTSxDQUFDLE1BQU07SUFFakMsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxTQUFTLEdBQUcsV0FBVyxFQUFFLE1BQU0sQ0FBQyxNQUFNLEdBQUcsV0FBVyxDQUFDLENBQUM7SUFDOUUsTUFBTSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLFdBQVcsRUFBRSxXQUFXLEdBQUcsTUFBTSxDQUFDLEVBQUUsV0FBVyxDQUFDLENBQUM7SUFDNUUsT0FBTyxNQUFNLENBQUM7QUFDaEIsQ0FBQztBQUVELDhEQUE4RDtBQUM5RCxTQUFTLFFBQVEsQ0FBQyxHQUFlLEVBQUUsUUFBZ0IsQ0FBQyxFQUFFLE1BQWMsR0FBRyxDQUFDLE1BQU07SUFDNUUsTUFBTSxHQUFHLEdBQUcsR0FBRyxDQUFDLE1BQU0sQ0FBQztJQUV2QixJQUFJLENBQUMsS0FBSyxJQUFJLEtBQUssR0FBRyxDQUFDO1FBQUUsS0FBSyxHQUFHLENBQUMsQ0FBQztJQUNuQyxJQUFJLENBQUMsR0FBRyxJQUFJLEdBQUcsR0FBRyxDQUFDLElBQUksR0FBRyxHQUFHLEdBQUc7UUFBRSxHQUFHLEdBQUcsR0FBRyxDQUFDO0lBRTVDLElBQUksR0FBRyxHQUFHLEVBQUUsQ0FBQztJQUNiLEtBQUssSUFBSSxDQUFDLEdBQUcsS0FBSyxFQUFFLENBQUMsR0FBRyxHQUFHLEVBQUUsRUFBRSxDQUFDLEVBQUUsQ0FBQztRQUNqQyxHQUFHLElBQUksbUJBQW1CLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDckMsQ0FBQztJQUNELE9BQU8sR0FBRyxDQUFDO0FBQ2IsQ0FBQztBQUVELDhEQUE4RDtBQUM5RCxTQUFTLFdBQVcsQ0FBQyxHQUFlLEVBQUUsS0FBYSxFQUFFLEdBQVc7SUFDOUQsSUFBSSxNQUFNLEdBQUcsRUFBRSxDQUFDO0lBQ2hCLEdBQUcsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsR0FBRyxDQUFDLENBQUM7SUFFaEMsS0FBSyxJQUFJLENBQUMsR0FBRyxLQUFLLEVBQUUsQ0FBQyxHQUFHLEdBQUcsRUFBRSxFQUFFLENBQUMsRUFBRSxDQUFDO1FBQ2pDLE1BQU0sSUFBSSxNQUFNLENBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRCxPQUFPLE1BQU0sQ0FBQztBQUNoQixDQUFDO0FBRUQsU0FBUyxXQUFXLENBQUMsR0FBZSxFQUFFLEtBQWEsRUFBRSxHQUFXO0lBQzlELElBQUksS0FBSyxLQUFLLENBQUMsSUFBSSxHQUFHLEtBQUssR0FBRyxDQUFDLE1BQU0sRUFBRSxDQUFDO1FBQ3RDLE9BQU8sSUFBQSw2QkFBaUIsRUFBQyxHQUFHLENBQUMsQ0FBQztJQUNoQyxDQUFDO1NBQU0sQ0FBQztRQUNOLE9BQU8sSUFBQSw2QkFBaUIsRUFBQyxHQUFHLENBQUMsS0FBSyxDQUFDLEtBQUssRUFBRSxHQUFHLENBQUMsQ0FBQyxDQUFDO0lBQ2xELENBQUM7QUFDSCxDQUFDO0FBRUQsNkRBQTZEO0FBQzdELFNBQWdCLFlBQVksQ0FDMUIsTUFBa0IsRUFDbEIsV0FBOEIsTUFBTSxFQUNwQyxLQUFLLEdBQUcsQ0FBQyxFQUNULEdBQUcsR0FBRyxNQUFNLENBQUMsTUFBTTtJQUVuQixJQUFJLEtBQUssR0FBRyxDQUFDLEVBQUUsQ0FBQztRQUNkLEtBQUssR0FBRyxDQUFDLENBQUM7SUFDWixDQUFDO0lBRUQsSUFBSSxHQUFHLEdBQUcsTUFBTSxDQUFDLE1BQU0sRUFBRSxDQUFDO1FBQ3hCLEdBQUcsR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDO0lBQ3RCLENBQUM7SUFFRCwrRUFBK0U7SUFDL0UsdUJBQXVCO0lBQ3ZCLElBQUksS0FBSyxHQUFHLE1BQU0sQ0FBQyxNQUFNLElBQUksR0FBRyxJQUFJLENBQUMsSUFBSSxHQUFHLElBQUksS0FBSyxFQUFFLENBQUM7UUFDdEQsT0FBTyxFQUFFLENBQUM7SUFDWixDQUFDO0lBRUQsUUFBUSxRQUFRLEVBQUUsQ0FBQztRQUNqQixLQUFLLEtBQUs7WUFDUixPQUFPLFFBQVEsQ0FBQyxNQUFNLEVBQUUsS0FBSyxFQUFFLEdBQUcsQ0FBQyxDQUFDO1FBRXRDLEtBQUssTUFBTSxDQUFDO1FBQ1osS0FBSyxPQUFPO1lBQ1YsT0FBTyxTQUFTLENBQUMsTUFBTSxFQUFFLEtBQUssRUFBRSxHQUFHLENBQUMsQ0FBQztRQUV2QyxLQUFLLFFBQVEsQ0FBQztRQUNkLEtBQUssUUFBUTtZQUNYLE9BQU8sV0FBVyxDQUFDLE1BQU0sRUFBRSxLQUFLLEVBQUUsR0FBRyxDQUFDLENBQUM7UUFFekMsS0FBSyxRQUFRO1lBQ1gsT0FBTyxXQUFXLENBQUMsTUFBTSxFQUFFLEtBQUssRUFBRSxHQUFHLENBQUMsQ0FBQztJQUMzQyxDQUFDO0FBQ0gsQ0FBQztBQUVELDZEQUE2RDtBQUM3RCxTQUFnQixTQUFTLENBQUMsR0FBZSxFQUFFLEtBQWEsRUFBRSxHQUFXO0lBQ25FLEdBQUcsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsR0FBRyxDQUFDLENBQUM7SUFDaEMsTUFBTSxHQUFHLEdBQWEsRUFBRSxDQUFDO0lBRXpCLElBQUksQ0FBQyxHQUFHLEtBQUssQ0FBQztJQUNkLE9BQU8sQ0FBQyxHQUFHLEdBQUcsRUFBRSxDQUFDO1FBQ2YsTUFBTSxTQUFTLEdBQUcsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ3pCLElBQUksU0FBUyxHQUFrQixJQUFJLENBQUM7UUFDcEMsSUFBSSxnQkFBZ0IsR0FBRyxTQUFTLEdBQUcsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLFNBQVMsR0FBRyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsU0FBUyxHQUFHLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFFOUYsSUFBSSxDQUFDLEdBQUcsZ0JBQWdCLElBQUksR0FBRyxFQUFFLENBQUM7WUFDaEMsSUFBSSxVQUFVLEVBQUUsU0FBUyxFQUFFLFVBQVUsRUFBRSxhQUFhLENBQUM7WUFFckQsUUFBUSxnQkFBZ0IsRUFBRSxDQUFDO2dCQUN6QixLQUFLLENBQUM7b0JBQ0osSUFBSSxTQUFTLEdBQUcsSUFBSSxFQUFFLENBQUM7d0JBQ3JCLFNBQVMsR0FBRyxTQUFTLENBQUM7b0JBQ3hCLENBQUM7b0JBQ0QsTUFBTTtnQkFDUixLQUFLLENBQUM7b0JBQ0osVUFBVSxHQUFHLEdBQUcsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7b0JBQ3hCLElBQUksQ0FBQyxVQUFVLEdBQUcsSUFBSSxDQUFDLEtBQUssSUFBSSxFQUFFLENBQUM7d0JBQ2pDLGFBQWEsR0FBRyxDQUFDLENBQUMsU0FBUyxHQUFHLElBQUksQ0FBQyxJQUFJLEdBQUcsQ0FBQyxHQUFHLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxDQUFDO3dCQUNsRSxJQUFJLGFBQWEsR0FBRyxJQUFJLEVBQUUsQ0FBQzs0QkFDekIsU0FBUyxHQUFHLGFBQWEsQ0FBQzt3QkFDNUIsQ0FBQztvQkFDSCxDQUFDO29CQUNELE1BQU07Z0JBQ1IsS0FBSyxDQUFDO29CQUNKLFVBQVUsR0FBRyxHQUFHLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO29CQUN4QixTQUFTLEdBQUcsR0FBRyxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztvQkFDdkIsSUFBSSxDQUFDLFVBQVUsR0FBRyxJQUFJLENBQUMsS0FBSyxJQUFJLElBQUksQ0FBQyxTQUFTLEdBQUcsSUFBSSxDQUFDLEtBQUssSUFBSSxFQUFFLENBQUM7d0JBQ2hFLGFBQWE7NEJBQ1gsQ0FBQyxDQUFDLFNBQVMsR0FBRyxHQUFHLENBQUMsSUFBSSxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxJQUFJLEdBQUcsQ0FBQyxHQUFHLENBQUMsU0FBUyxHQUFHLElBQUksQ0FBQyxDQUFDO3dCQUNqRixJQUFJLGFBQWEsR0FBRyxLQUFLLElBQUksQ0FBQyxhQUFhLEdBQUcsTUFBTSxJQUFJLGFBQWEsR0FBRyxNQUFNLENBQUMsRUFBRSxDQUFDOzRCQUNoRixTQUFTLEdBQUcsYUFBYSxDQUFDO3dCQUM1QixDQUFDO29CQUNILENBQUM7b0JBQ0QsTUFBTTtnQkFDUixLQUFLLENBQUM7b0JBQ0osVUFBVSxHQUFHLEdBQUcsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7b0JBQ3hCLFNBQVMsR0FBRyxHQUFHLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO29CQUN2QixVQUFVLEdBQUcsR0FBRyxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztvQkFDeEIsSUFDRSxDQUFDLFVBQVUsR0FBRyxJQUFJLENBQUMsS0FBSyxJQUFJO3dCQUM1QixDQUFDLFNBQVMsR0FBRyxJQUFJLENBQUMsS0FBSyxJQUFJO3dCQUMzQixDQUFDLFVBQVUsR0FBRyxJQUFJLENBQUMsS0FBSyxJQUFJLEVBQzVCLENBQUM7d0JBQ0QsYUFBYTs0QkFDWCxDQUFDLENBQUMsU0FBUyxHQUFHLEdBQUcsQ0FBQyxJQUFJLElBQUksQ0FBQztnQ0FDM0IsQ0FBQyxDQUFDLFVBQVUsR0FBRyxJQUFJLENBQUMsSUFBSSxHQUFHLENBQUM7Z0NBQzVCLENBQUMsQ0FBQyxTQUFTLEdBQUcsSUFBSSxDQUFDLElBQUksR0FBRyxDQUFDO2dDQUMzQixDQUFDLFVBQVUsR0FBRyxJQUFJLENBQUMsQ0FBQzt3QkFDdEIsSUFBSSxhQUFhLEdBQUcsTUFBTSxJQUFJLGFBQWEsR0FBRyxRQUFRLEVBQUUsQ0FBQzs0QkFDdkQsU0FBUyxHQUFHLGFBQWEsQ0FBQzt3QkFDNUIsQ0FBQztvQkFDSCxDQUFDO1lBQ0wsQ0FBQztRQUNILENBQUM7UUFFRCxJQUFJLFNBQVMsS0FBSyxJQUFJLEVBQUUsQ0FBQztZQUN2QixvREFBb0Q7WUFDcEQsb0RBQW9EO1lBQ3BELFNBQVMsR0FBRyxNQUFNLENBQUM7WUFDbkIsZ0JBQWdCLEdBQUcsQ0FBQyxDQUFDO1FBQ3ZCLENBQUM7YUFBTSxJQUFJLFNBQVMsR0FBRyxNQUFNLEVBQUUsQ0FBQztZQUM5Qix5Q0FBeUM7WUFDekMsU0FBUyxJQUFJLE9BQU8sQ0FBQztZQUNyQixHQUFHLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxTQUFTLEtBQUssRUFBRSxDQUFDLEdBQUcsS0FBSyxDQUFDLEdBQUcsTUFBTSxDQUFDLENBQUM7WUFDaEQsU0FBUyxHQUFHLE1BQU0sR0FBRyxDQUFDLFNBQVMsR0FBRyxLQUFLLENBQUMsQ0FBQztRQUMzQyxDQUFDO1FBRUQsR0FBRyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsQ0FBQztRQUNwQixDQUFDLElBQUksZ0JBQWdCLENBQUM7SUFDeEIsQ0FBQztJQUVELE9BQU8scUJBQXFCLENBQUMsR0FBRyxDQUFDLENBQUM7QUFDcEMsQ0FBQztBQUVELE1BQU0sb0JBQW9CLEdBQUcsTUFBTSxDQUFDO0FBRXBDLDhEQUE4RDtBQUM5RCxTQUFTLHFCQUFxQixDQUFDLFVBQW9CO0lBQ2pELE1BQU0sR0FBRyxHQUFHLFVBQVUsQ0FBQyxNQUFNLENBQUM7SUFDOUIsSUFBSSxHQUFHLElBQUksb0JBQW9CLEVBQUUsQ0FBQztRQUNoQyxPQUFPLE1BQU0sQ0FBQyxZQUFZLENBQUMsR0FBRyxVQUFVLENBQUMsQ0FBQyxDQUFDLHNCQUFzQjtJQUNuRSxDQUFDO0lBRUQsd0RBQXdEO0lBQ3hELElBQUksR0FBRyxHQUFHLEVBQUUsQ0FBQztJQUNiLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUNWLE9BQU8sQ0FBQyxHQUFHLEdBQUcsRUFBRSxDQUFDO1FBQ2YsR0FBRyxJQUFJLE1BQU0sQ0FBQyxZQUFZLENBQUMsR0FBRyxVQUFVLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsSUFBSSxvQkFBb0IsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUNsRixDQUFDO0lBQ0QsT0FBTyxHQUFHLENBQUM7QUFDYixDQUFDO0FBRUQsTUFBTSxpQkFBaUIsR0FBRyxtQkFBbUIsQ0FBQztBQUU5Qzs7Ozs7Ozs7Ozs7R0FXRztBQUNILFNBQVMsV0FBVyxDQUFDLEdBQVc7SUFDOUIsdURBQXVEO0lBQ3ZELEdBQUcsR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ3hCLHdGQUF3RjtJQUN4RixHQUFHLEdBQUcsR0FBRyxDQUFDLElBQUksRUFBRSxDQUFDLE9BQU8sQ0FBQyxpQkFBaUIsRUFBRSxFQUFFLENBQUMsQ0FBQztJQUNoRCw4Q0FBOEM7SUFDOUMsSUFBSSxHQUFHLENBQUMsTUFBTSxHQUFHLENBQUM7UUFBRSxPQUFPLEVBQUUsQ0FBQztJQUM5Qix1RkFBdUY7SUFDdkYsT0FBTyxHQUFHLENBQUMsTUFBTSxHQUFHLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQztRQUM1QixHQUFHLEdBQUcsR0FBRyxHQUFHLEdBQUcsQ0FBQztJQUNsQixDQUFDO0lBQ0QsT0FBTyxHQUFHLENBQUM7QUFDYixDQUFDO0FBRUQsU0FBZ0IsYUFBYSxDQUFDLEdBQVc7SUFDdkMsT0FBTyxJQUFJLFVBQVUsQ0FBQyxJQUFBLDZCQUFpQixFQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUM7QUFDN0QsQ0FBQztBQUVEOzs7Ozs7Ozs7O0dBVUc7QUFDSSxLQUFLLFVBQVUsYUFBYTtJQUlqQyxNQUFNLE1BQU0sR0FBRyxJQUFJLGdDQUFZLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztJQUNsRCxNQUFNLHFCQUFxQixHQUFHLElBQUksbUJBQVEsQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUNuRCxJQUFJLENBQUMscUJBQXFCLEVBQUUsV0FBVyxFQUFFLENBQUM7UUFDeEMsTUFBTSxJQUFJLDhCQUFrQixDQUFDLGdDQUFnQyxDQUFDLENBQUM7SUFDakUsQ0FBQztJQUNELE1BQU0sR0FBRyxHQUFHLE1BQU0scUJBQXFCLENBQUMsV0FBVyxFQUFFLENBQUM7SUFDdEQsT0FBTyxFQUFFLGdCQUFnQixFQUFFLEdBQUcsRUFBRSxjQUFjLEVBQUUsR0FBRyxFQUFFLENBQUM7QUFDeEQsQ0FBQyJ9
|
|
272
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi90ZGYzL3NyYy91dGlscy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUF5QkEsa0NBY0M7QUFFRCxvQ0FRQztBQUVELG9DQUVDO0FBRUQsb0NBR0M7QUFFRCxzQ0FHQztBQUVELHNDQUtDO0FBRUQsb0NBVUM7QUFxQ0Qsb0NBbUNDO0FBR0QsOEJBNkVDO0FBZ0RELHNDQUVDO0FBYUQsc0NBV0M7QUFwVEQsaURBQXVEO0FBQ3ZELG9FQUE0RDtBQUM1RCxzREFBNEQ7QUFFNUQsZ0VBQXdGO0FBRXhGLGlEQUEwRDtBQUFqRCwwR0FBQSxTQUFTLE9BQUE7QUFBRSw2R0FBQSxZQUFZLE9BQUE7QUFDaEMsaURBQTRDO0FBQW5DLDBHQUFBLFNBQVMsT0FBQTtBQUNsQiw2Q0FBbUQ7QUFBMUMsdUdBQUEsUUFBUSxPQUFBO0FBQUUsdUdBQUEsUUFBUSxPQUFBO0FBQzNCLG1GQUFzRTtBQUE3RCw0SEFBQSxjQUFjLE9BQUE7QUFJdkIsTUFBTSxtQkFBbUIsR0FBRyxDQUFDLEdBQUcsRUFBRTtJQUNoQyxNQUFNLFFBQVEsR0FBRyxrQkFBa0IsQ0FBQztJQUNwQyxNQUFNLEtBQUssR0FBRyxJQUFJLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUM3QixLQUFLLElBQUksQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDLEdBQUcsRUFBRSxFQUFFLEVBQUUsQ0FBQyxFQUFFLENBQUM7UUFDNUIsTUFBTSxHQUFHLEdBQUcsQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUNuQixLQUFLLElBQUksQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDLEdBQUcsRUFBRSxFQUFFLEVBQUUsQ0FBQyxFQUFFLENBQUM7WUFDNUIsS0FBSyxDQUFDLEdBQUcsR0FBRyxDQUFDLENBQUMsR0FBRyxRQUFRLENBQUMsQ0FBQyxDQUFDLEdBQUcsUUFBUSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzdDLENBQUM7SUFDSCxDQUFDO0lBQ0QsT0FBTyxLQUFLLENBQUM7QUFDZixDQUFDLENBQUMsRUFBRSxDQUFDO0FBRUwsU0FBZ0IsV0FBVyxDQUFDLFdBQXlCO0lBQ25ELE1BQU0sU0FBUyxHQUFHLFdBQVcsQ0FBQyxNQUFNLENBQ2xDLENBQUMsV0FBVyxFQUFFLFlBQVksRUFBRSxFQUFFLENBQUMsV0FBVyxHQUFHLFlBQVksQ0FBQyxNQUFNLEVBQ2hFLENBQUMsQ0FDRixDQUFDO0lBQ0YsTUFBTSxrQkFBa0IsR0FBRyxJQUFJLFVBQVUsQ0FBQyxTQUFTLENBQUMsQ0FBQztJQUVyRCxJQUFJLE1BQU0sR0FBRyxDQUFDLENBQUM7SUFDZixLQUFLLE1BQU0sVUFBVSxJQUFJLFdBQVcsRUFBRSxDQUFDO1FBQ3JDLGtCQUFrQixDQUFDLEdBQUcsQ0FBQyxVQUFVLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFDM0MsTUFBTSxJQUFJLFVBQVUsQ0FBQyxNQUFNLENBQUM7SUFDOUIsQ0FBQztJQUVELE9BQU8sa0JBQWtCLENBQUM7QUFDNUIsQ0FBQztBQUVELFNBQWdCLFlBQVksQ0FBQyxVQUFzQixFQUFFLE1BQWM7SUFDakUsT0FBTyxDQUNMLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQztRQUNqQixDQUFDLFVBQVUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQzdCLENBQUMsVUFBVSxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDOUIsQ0FBQyxVQUFVLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBQ2pDLENBQUMsQ0FDRixDQUFDO0FBQ0osQ0FBQztBQUVELFNBQWdCLFlBQVksQ0FBQyxVQUFzQixFQUFFLE1BQWM7SUFDakUsT0FBTyxVQUFVLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxVQUFVLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO0FBQzVELENBQUM7QUFFRCxTQUFnQixZQUFZLENBQUMsV0FBd0IsRUFBRSxNQUFjO0lBQ25FLE1BQU0sSUFBSSxHQUFHLElBQUksUUFBUSxDQUFDLFdBQVcsRUFBRSxNQUFNLEVBQUUsQ0FBQyxDQUFDLENBQUM7SUFDbEQsT0FBTyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUMsRUFBRSxLQUFLLENBQUMsQ0FBQztBQUNsQyxDQUFDO0FBRUQsU0FBZ0IsYUFBYSxDQUFDLFVBQXNCLEVBQUUsS0FBYSxFQUFFLE1BQWM7SUFDakYsVUFBVSxDQUFDLE1BQU0sQ0FBQyxHQUFHLEtBQUssR0FBRyxJQUFJLENBQUM7SUFDbEMsVUFBVSxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsR0FBRyxDQUFDLEtBQUssSUFBSSxDQUFDLENBQUMsR0FBRyxJQUFJLENBQUM7QUFDL0MsQ0FBQztBQUVELFNBQWdCLGFBQWEsQ0FBQyxVQUFzQixFQUFFLEtBQWEsRUFBRSxNQUFjO0lBQ2pGLFVBQVUsQ0FBQyxNQUFNLENBQUMsR0FBRyxLQUFLLEdBQUcsSUFBSSxDQUFDO0lBQ2xDLFVBQVUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxLQUFLLElBQUksQ0FBQyxDQUFDLEdBQUcsSUFBSSxDQUFDO0lBQzdDLFVBQVUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxLQUFLLElBQUksRUFBRSxDQUFDLEdBQUcsSUFBSSxDQUFDO0lBQzlDLFVBQVUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxLQUFLLElBQUksRUFBRSxDQUFDLEdBQUcsSUFBSSxDQUFDO0FBQ2hELENBQUM7QUFFRCxTQUFnQixZQUFZLENBQzFCLE1BQWtCLEVBQ2xCLE1BQWtCLEVBQ2xCLGNBQXNCLENBQUMsRUFDdkIsY0FBc0IsQ0FBQyxFQUN2QixZQUFvQixNQUFNLENBQUMsTUFBTTtJQUVqQyxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLFNBQVMsR0FBRyxXQUFXLEVBQUUsTUFBTSxDQUFDLE1BQU0sR0FBRyxXQUFXLENBQUMsQ0FBQztJQUM5RSxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsV0FBVyxFQUFFLFdBQVcsR0FBRyxNQUFNLENBQUMsRUFBRSxXQUFXLENBQUMsQ0FBQztJQUM1RSxPQUFPLE1BQU0sQ0FBQztBQUNoQixDQUFDO0FBRUQsOERBQThEO0FBQzlELFNBQVMsUUFBUSxDQUFDLEdBQWUsRUFBRSxRQUFnQixDQUFDLEVBQUUsTUFBYyxHQUFHLENBQUMsTUFBTTtJQUM1RSxNQUFNLEdBQUcsR0FBRyxHQUFHLENBQUMsTUFBTSxDQUFDO0lBRXZCLElBQUksQ0FBQyxLQUFLLElBQUksS0FBSyxHQUFHLENBQUM7UUFBRSxLQUFLLEdBQUcsQ0FBQyxDQUFDO0lBQ25DLElBQUksQ0FBQyxHQUFHLElBQUksR0FBRyxHQUFHLENBQUMsSUFBSSxHQUFHLEdBQUcsR0FBRztRQUFFLEdBQUcsR0FBRyxHQUFHLENBQUM7SUFFNUMsSUFBSSxHQUFHLEdBQUcsRUFBRSxDQUFDO0lBQ2IsS0FBSyxJQUFJLENBQUMsR0FBRyxLQUFLLEVBQUUsQ0FBQyxHQUFHLEdBQUcsRUFBRSxFQUFFLENBQUMsRUFBRSxDQUFDO1FBQ2pDLEdBQUcsSUFBSSxtQkFBbUIsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUNyQyxDQUFDO0lBQ0QsT0FBTyxHQUFHLENBQUM7QUFDYixDQUFDO0FBRUQsOERBQThEO0FBQzlELFNBQVMsV0FBVyxDQUFDLEdBQWUsRUFBRSxLQUFhLEVBQUUsR0FBVztJQUM5RCxJQUFJLE1BQU0sR0FBRyxFQUFFLENBQUM7SUFDaEIsR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxHQUFHLENBQUMsQ0FBQztJQUVoQyxLQUFLLElBQUksQ0FBQyxHQUFHLEtBQUssRUFBRSxDQUFDLEdBQUcsR0FBRyxFQUFFLEVBQUUsQ0FBQyxFQUFFLENBQUM7UUFDakMsTUFBTSxJQUFJLE1BQU0sQ0FBQyxZQUFZLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDeEMsQ0FBQztJQUVELE9BQU8sTUFBTSxDQUFDO0FBQ2hCLENBQUM7QUFFRCxTQUFTLFdBQVcsQ0FBQyxHQUFlLEVBQUUsS0FBYSxFQUFFLEdBQVc7SUFDOUQsSUFBSSxLQUFLLEtBQUssQ0FBQyxJQUFJLEdBQUcsS0FBSyxHQUFHLENBQUMsTUFBTSxFQUFFLENBQUM7UUFDdEMsT0FBTyxJQUFBLDZCQUFpQixFQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7U0FBTSxDQUFDO1FBQ04sT0FBTyxJQUFBLDZCQUFpQixFQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsS0FBSyxFQUFFLEdBQUcsQ0FBQyxDQUFDLENBQUM7SUFDbEQsQ0FBQztBQUNILENBQUM7QUFFRCw2REFBNkQ7QUFDN0QsU0FBZ0IsWUFBWSxDQUMxQixNQUFrQixFQUNsQixXQUE4QixNQUFNLEVBQ3BDLEtBQUssR0FBRyxDQUFDLEVBQ1QsR0FBRyxHQUFHLE1BQU0sQ0FBQyxNQUFNO0lBRW5CLElBQUksS0FBSyxHQUFHLENBQUMsRUFBRSxDQUFDO1FBQ2QsS0FBSyxHQUFHLENBQUMsQ0FBQztJQUNaLENBQUM7SUFFRCxJQUFJLEdBQUcsR0FBRyxNQUFNLENBQUMsTUFBTSxFQUFFLENBQUM7UUFDeEIsR0FBRyxHQUFHLE1BQU0sQ0FBQyxNQUFNLENBQUM7SUFDdEIsQ0FBQztJQUVELCtFQUErRTtJQUMvRSx1QkFBdUI7SUFDdkIsSUFBSSxLQUFLLEdBQUcsTUFBTSxDQUFDLE1BQU0sSUFBSSxHQUFHLElBQUksQ0FBQyxJQUFJLEdBQUcsSUFBSSxLQUFLLEVBQUUsQ0FBQztRQUN0RCxPQUFPLEVBQUUsQ0FBQztJQUNaLENBQUM7SUFFRCxRQUFRLFFBQVEsRUFBRSxDQUFDO1FBQ2pCLEtBQUssS0FBSztZQUNSLE9BQU8sUUFBUSxDQUFDLE1BQU0sRUFBRSxLQUFLLEVBQUUsR0FBRyxDQUFDLENBQUM7UUFFdEMsS0FBSyxNQUFNLENBQUM7UUFDWixLQUFLLE9BQU87WUFDVixPQUFPLFNBQVMsQ0FBQyxNQUFNLEVBQUUsS0FBSyxFQUFFLEdBQUcsQ0FBQyxDQUFDO1FBRXZDLEtBQUssUUFBUSxDQUFDO1FBQ2QsS0FBSyxRQUFRO1lBQ1gsT0FBTyxXQUFXLENBQUMsTUFBTSxFQUFFLEtBQUssRUFBRSxHQUFHLENBQUMsQ0FBQztRQUV6QyxLQUFLLFFBQVE7WUFDWCxPQUFPLFdBQVcsQ0FBQyxNQUFNLEVBQUUsS0FBSyxFQUFFLEdBQUcsQ0FBQyxDQUFDO0lBQzNDLENBQUM7QUFDSCxDQUFDO0FBRUQsNkRBQTZEO0FBQzdELFNBQWdCLFNBQVMsQ0FBQyxHQUFlLEVBQUUsS0FBYSxFQUFFLEdBQVc7SUFDbkUsR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxHQUFHLENBQUMsQ0FBQztJQUNoQyxNQUFNLEdBQUcsR0FBYSxFQUFFLENBQUM7SUFFekIsSUFBSSxDQUFDLEdBQUcsS0FBSyxDQUFDO0lBQ2QsT0FBTyxDQUFDLEdBQUcsR0FBRyxFQUFFLENBQUM7UUFDZixNQUFNLFNBQVMsR0FBRyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDekIsSUFBSSxTQUFTLEdBQWtCLElBQUksQ0FBQztRQUNwQyxJQUFJLGdCQUFnQixHQUFHLFNBQVMsR0FBRyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsU0FBUyxHQUFHLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxTQUFTLEdBQUcsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUU5RixJQUFJLENBQUMsR0FBRyxnQkFBZ0IsSUFBSSxHQUFHLEVBQUUsQ0FBQztZQUNoQyxJQUFJLFVBQVUsRUFBRSxTQUFTLEVBQUUsVUFBVSxFQUFFLGFBQWEsQ0FBQztZQUVyRCxRQUFRLGdCQUFnQixFQUFFLENBQUM7Z0JBQ3pCLEtBQUssQ0FBQztvQkFDSixJQUFJLFNBQVMsR0FBRyxJQUFJLEVBQUUsQ0FBQzt3QkFDckIsU0FBUyxHQUFHLFNBQVMsQ0FBQztvQkFDeEIsQ0FBQztvQkFDRCxNQUFNO2dCQUNSLEtBQUssQ0FBQztvQkFDSixVQUFVLEdBQUcsR0FBRyxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztvQkFDeEIsSUFBSSxDQUFDLFVBQVUsR0FBRyxJQUFJLENBQUMsS0FBSyxJQUFJLEVBQUUsQ0FBQzt3QkFDakMsYUFBYSxHQUFHLENBQUMsQ0FBQyxTQUFTLEdBQUcsSUFBSSxDQUFDLElBQUksR0FBRyxDQUFDLEdBQUcsQ0FBQyxVQUFVLEdBQUcsSUFBSSxDQUFDLENBQUM7d0JBQ2xFLElBQUksYUFBYSxHQUFHLElBQUksRUFBRSxDQUFDOzRCQUN6QixTQUFTLEdBQUcsYUFBYSxDQUFDO3dCQUM1QixDQUFDO29CQUNILENBQUM7b0JBQ0QsTUFBTTtnQkFDUixLQUFLLENBQUM7b0JBQ0osVUFBVSxHQUFHLEdBQUcsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7b0JBQ3hCLFNBQVMsR0FBRyxHQUFHLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO29CQUN2QixJQUFJLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxLQUFLLElBQUksSUFBSSxDQUFDLFNBQVMsR0FBRyxJQUFJLENBQUMsS0FBSyxJQUFJLEVBQUUsQ0FBQzt3QkFDaEUsYUFBYTs0QkFDWCxDQUFDLENBQUMsU0FBUyxHQUFHLEdBQUcsQ0FBQyxJQUFJLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQyxVQUFVLEdBQUcsSUFBSSxDQUFDLElBQUksR0FBRyxDQUFDLEdBQUcsQ0FBQyxTQUFTLEdBQUcsSUFBSSxDQUFDLENBQUM7d0JBQ2pGLElBQUksYUFBYSxHQUFHLEtBQUssSUFBSSxDQUFDLGFBQWEsR0FBRyxNQUFNLElBQUksYUFBYSxHQUFHLE1BQU0sQ0FBQyxFQUFFLENBQUM7NEJBQ2hGLFNBQVMsR0FBRyxhQUFhLENBQUM7d0JBQzVCLENBQUM7b0JBQ0gsQ0FBQztvQkFDRCxNQUFNO2dCQUNSLEtBQUssQ0FBQztvQkFDSixVQUFVLEdBQUcsR0FBRyxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztvQkFDeEIsU0FBUyxHQUFHLEdBQUcsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7b0JBQ3ZCLFVBQVUsR0FBRyxHQUFHLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO29CQUN4QixJQUNFLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxLQUFLLElBQUk7d0JBQzVCLENBQUMsU0FBUyxHQUFHLElBQUksQ0FBQyxLQUFLLElBQUk7d0JBQzNCLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxLQUFLLElBQUksRUFDNUIsQ0FBQzt3QkFDRCxhQUFhOzRCQUNYLENBQUMsQ0FBQyxTQUFTLEdBQUcsR0FBRyxDQUFDLElBQUksSUFBSSxDQUFDO2dDQUMzQixDQUFDLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxJQUFJLEdBQUcsQ0FBQztnQ0FDNUIsQ0FBQyxDQUFDLFNBQVMsR0FBRyxJQUFJLENBQUMsSUFBSSxHQUFHLENBQUM7Z0NBQzNCLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxDQUFDO3dCQUN0QixJQUFJLGFBQWEsR0FBRyxNQUFNLElBQUksYUFBYSxHQUFHLFFBQVEsRUFBRSxDQUFDOzRCQUN2RCxTQUFTLEdBQUcsYUFBYSxDQUFDO3dCQUM1QixDQUFDO29CQUNILENBQUM7WUFDTCxDQUFDO1FBQ0gsQ0FBQztRQUVELElBQUksU0FBUyxLQUFLLElBQUksRUFBRSxDQUFDO1lBQ3ZCLG9EQUFvRDtZQUNwRCxvREFBb0Q7WUFDcEQsU0FBUyxHQUFHLE1BQU0sQ0FBQztZQUNuQixnQkFBZ0IsR0FBRyxDQUFDLENBQUM7UUFDdkIsQ0FBQzthQUFNLElBQUksU0FBUyxHQUFHLE1BQU0sRUFBRSxDQUFDO1lBQzlCLHlDQUF5QztZQUN6QyxTQUFTLElBQUksT0FBTyxDQUFDO1lBQ3JCLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLFNBQVMsS0FBSyxFQUFFLENBQUMsR0FBRyxLQUFLLENBQUMsR0FBRyxNQUFNLENBQUMsQ0FBQztZQUNoRCxTQUFTLEdBQUcsTUFBTSxHQUFHLENBQUMsU0FBUyxHQUFHLEtBQUssQ0FBQyxDQUFDO1FBQzNDLENBQUM7UUFFRCxHQUFHLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBQ3BCLENBQUMsSUFBSSxnQkFBZ0IsQ0FBQztJQUN4QixDQUFDO0lBRUQsT0FBTyxxQkFBcUIsQ0FBQyxHQUFHLENBQUMsQ0FBQztBQUNwQyxDQUFDO0FBRUQsTUFBTSxvQkFBb0IsR0FBRyxNQUFNLENBQUM7QUFFcEMsOERBQThEO0FBQzlELFNBQVMscUJBQXFCLENBQUMsVUFBb0I7SUFDakQsTUFBTSxHQUFHLEdBQUcsVUFBVSxDQUFDLE1BQU0sQ0FBQztJQUM5QixJQUFJLEdBQUcsSUFBSSxvQkFBb0IsRUFBRSxDQUFDO1FBQ2hDLE9BQU8sTUFBTSxDQUFDLFlBQVksQ0FBQyxHQUFHLFVBQVUsQ0FBQyxDQUFDLENBQUMsc0JBQXNCO0lBQ25FLENBQUM7SUFFRCx3REFBd0Q7SUFDeEQsSUFBSSxHQUFHLEdBQUcsRUFBRSxDQUFDO0lBQ2IsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQ1YsT0FBTyxDQUFDLEdBQUcsR0FBRyxFQUFFLENBQUM7UUFDZixHQUFHLElBQUksTUFBTSxDQUFDLFlBQVksQ0FBQyxHQUFHLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxJQUFJLG9CQUFvQixDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ2xGLENBQUM7SUFDRCxPQUFPLEdBQUcsQ0FBQztBQUNiLENBQUM7QUFFRCxNQUFNLGlCQUFpQixHQUFHLG1CQUFtQixDQUFDO0FBRTlDOzs7Ozs7Ozs7OztHQVdHO0FBQ0gsU0FBUyxXQUFXLENBQUMsR0FBVztJQUM5Qix1REFBdUQ7SUFDdkQsR0FBRyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDeEIsd0ZBQXdGO0lBQ3hGLEdBQUcsR0FBRyxHQUFHLENBQUMsSUFBSSxFQUFFLENBQUMsT0FBTyxDQUFDLGlCQUFpQixFQUFFLEVBQUUsQ0FBQyxDQUFDO0lBQ2hELDhDQUE4QztJQUM5QyxJQUFJLEdBQUcsQ0FBQyxNQUFNLEdBQUcsQ0FBQztRQUFFLE9BQU8sRUFBRSxDQUFDO0lBQzlCLHVGQUF1RjtJQUN2RixPQUFPLEdBQUcsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDO1FBQzVCLEdBQUcsR0FBRyxHQUFHLEdBQUcsR0FBRyxDQUFDO0lBQ2xCLENBQUM7SUFDRCxPQUFPLEdBQUcsQ0FBQztBQUNiLENBQUM7QUFFRCxTQUFnQixhQUFhLENBQUMsR0FBVztJQUN2QyxPQUFPLElBQUksVUFBVSxDQUFDLElBQUEsNkJBQWlCLEVBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQztBQUM3RCxDQUFDO0FBRUQ7Ozs7Ozs7Ozs7R0FVRztBQUNJLEtBQUssVUFBVSxhQUFhLENBQUMsYUFBNEI7SUFJOUQsTUFBTSxNQUFNLEdBQUcsSUFBSSxnQ0FBWSxDQUFDLGFBQWEsQ0FBQyxDQUFDO0lBQy9DLE1BQU0scUJBQXFCLEdBQUcsSUFBSSxtQkFBUSxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBQ25ELElBQUksQ0FBQyxxQkFBcUIsRUFBRSxXQUFXLEVBQUUsQ0FBQztRQUN4QyxNQUFNLElBQUksOEJBQWtCLENBQUMsZ0NBQWdDLENBQUMsQ0FBQztJQUNqRSxDQUFDO0lBQ0QsTUFBTSxHQUFHLEdBQUcsTUFBTSxxQkFBcUIsQ0FBQyxXQUFXLEVBQUUsQ0FBQztJQUN0RCxPQUFPLEVBQUUsZ0JBQWdCLEVBQUUsR0FBRyxFQUFFLGNBQWMsRUFBRSxHQUFHLEVBQUUsQ0FBQztBQUN4RCxDQUFDIn0=
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"access-fetch.d.ts","sourceRoot":"","sources":["../../../../src/access/access-fetch.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"access-fetch.d.ts","sourceRoot":"","sources":["../../../../src/access/access-fetch.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACxF,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAWpD,MAAM,MAAM,aAAa,GAAG;IAC1B,kBAAkB,EAAE,MAAM,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,CAAC;IACzB,aAAa,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF;;;;;;GAMG;AACH,wBAAsB,eAAe,CACnC,GAAG,EAAE,MAAM,EACX,WAAW,EAAE,aAAa,EAC1B,YAAY,EAAE,YAAY,GACzB,OAAO,CAAC,oBAAoB,CAAC,CAkD/B;AAED,wBAAsB,qBAAqB,CACzC,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,YAAY,GACzB,OAAO,CAAC,eAAe,CAAC,CA4C1B;AAED,wBAAsB,cAAc,CAClC,WAAW,EAAE,MAAM,EACnB,SAAS,CAAC,EAAE,qBAAqB,GAChC,OAAO,CAAC,gBAAgB,CAAC,CA0D3B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"access-rpc.d.ts","sourceRoot":"","sources":["../../../../src/access/access-rpc.ts"],"names":[],"mappings":"AACA,OAAO,EAEL,qBAAqB,EACrB,gBAAgB,
|
|
1
|
+
{"version":3,"file":"access-rpc.d.ts","sourceRoot":"","sources":["../../../../src/access/access-rpc.ts"],"names":[],"mappings":"AACA,OAAO,EAEL,qBAAqB,EACrB,gBAAgB,EAChB,eAAe,EAChB,MAAM,cAAc,CAAC;AAEtB,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAUpD,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAU3D;;;;;;;GAOG;AACH,wBAAsB,eAAe,CACnC,GAAG,EAAE,MAAM,EACX,kBAAkB,EAAE,MAAM,EAC1B,YAAY,EAAE,YAAY,EAC1B,6BAA6B,CAAC,EAAE,MAAM,GACrC,OAAO,CAAC,cAAc,CAAC,CAgBzB;AAED,wBAAgB,oBAAoB,CAAC,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,GAAG,KAAK,CAwB3E;AAED,wBAAgB,0BAA0B,CACxC,CAAC,EAAE,MAAM,EACT,WAAW,EAAE,MAAM,EACnB,mBAAmB,CAAC,EAAE,MAAM,EAAE,GAC7B,KAAK,CA8BP;AAED,wBAAsB,qBAAqB,CACzC,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,YAAY,GACzB,OAAO,CAAC,eAAe,CAAC,CA8B1B;AA2BD,wBAAsB,cAAc,CAClC,WAAW,EAAE,MAAM,EACnB,SAAS,CAAC,EAAE,qBAAqB,GAChC,OAAO,CAAC,gBAAgB,CAAC,CA0B3B;AAED;;;;;;GAMG;AACH,wBAAsB,kBAAkB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CA6BvF"}
|
|
@@ -42,12 +42,7 @@ export type KasPublicKeyInfo = {
|
|
|
42
42
|
kid?: string;
|
|
43
43
|
/** The key value, encoded within a PEM envelope */
|
|
44
44
|
publicKey: string;
|
|
45
|
-
/** A subtle crypto version of the key.
|
|
46
|
-
* This can be used for wrapping key data for key access objects (with RSA)
|
|
47
|
-
* or to derive key data (with EC keys). */
|
|
48
|
-
key: Promise<CryptoKey>;
|
|
49
45
|
};
|
|
50
|
-
export declare function noteInvalidPublicKey(url: URL, r: Promise<CryptoKey>): Promise<CryptoKey>;
|
|
51
46
|
/**
|
|
52
47
|
* Fetches the key access servers for a given platform URL.
|
|
53
48
|
* @param platformUrl The platform URL to fetch key access servers for.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"access.d.ts","sourceRoot":"","sources":["../../../src/access.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"access.d.ts","sourceRoot":"","sources":["../../../src/access.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,gBAAgB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAc1D;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAAG;IACpC,WAAW,EAAE;QACX,eAAe,EAAE,MAAM,EAAE,CAAC;KAC3B,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B,kBAAkB,EAAE,MAAM,CAAC;CAC5B,CAAC;AAEF;;;;;;;GAOG;AACH,wBAAsB,eAAe,CACnC,GAAG,EAAE,MAAM,EACX,kBAAkB,EAAE,MAAM,EAC1B,YAAY,EAAE,YAAY,EAC1B,yBAAyB,EAAE,MAAM,EAAE,GAClC,OAAO,CAAC,cAAc,CAAC,CAoBzB;AAED;;;GAGG;AACH,eAAO,MAAM,6BAA6B,GACxC,gCAAgC,MAAM,EAAE,KACvC,MAAM,GAAG,SASX,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAC7B,cAAc,GACd,cAAc,GACd,cAAc,GACd,UAAU,GACV,UAAU,CAAC;AAEf,eAAO,MAAM,oBAAoB,GAAI,GAAG,MAAM,KAAG,CAAC,IAAI,qBAErD,CAAC;AAEF,eAAO,MAAM,gCAAgC,GAAI,GAAG,SAAS,KAAG,qBA8B/D,CAAC;AAEF,eAAO,MAAM,uBAAuB,GAAI,GAAG,qBAAqB,KAAG,MAelE,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,gBAAgB,GAAG;IAC7B,4DAA4D;IAC5D,GAAG,EAAE,MAAM,CAAC;IAEZ,2DAA2D;IAC3D,SAAS,EAAE,qBAAqB,CAAC;IAEjC,oEAAoE;IACpE,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,mDAAmD;IACnD,SAAS,EAAE,MAAM,CAAC;CACnB,CAAC;AAEF;;;;;GAKG;AACH,wBAAsB,qBAAqB,CACzC,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,YAAY,GACzB,OAAO,CAAC,eAAe,CAAC,CAK1B;AAED;;;;GAIG;AACH,wBAAsB,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAErF;AAED;;;;;;;;;GASG;AACH,wBAAsB,cAAc,CAClC,WAAW,EAAE,MAAM,EACnB,SAAS,CAAC,EAAE,qBAAqB,GAChC,OAAO,CAAC,gBAAgB,CAAC,CAW3B;AAWD;;;;;;;;GAQG;AACH,qBAAa,eAAe;IAC1B,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,QAAQ,EAAE,OAAO,CAAC;gBACN,IAAI,EAAE,MAAM,EAAE,EAAE,QAAQ,CAAC,EAAE,OAAO;IAK9C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;CAM7B"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
import { type
|
|
1
|
+
import { type CryptoService, type KeyPair, type PrivateKey } from '../../tdf3/src/crypto/declarations.js';
|
|
2
|
+
import { type JwtHeader } from '../../tdf3/src/crypto/jwt.js';
|
|
2
3
|
export type HttpMethod = 'GET' | 'HEAD' | 'POST' | 'PUT' | 'DELETE' | 'CONNECT' | 'OPTIONS' | 'TRACE' | 'PATCH';
|
|
3
4
|
/**
|
|
4
5
|
* Generic HTTP request interface used by AuthProvider implementers.
|
|
@@ -21,11 +22,13 @@ export declare class HttpRequest {
|
|
|
21
22
|
export declare function withHeaders(httpReq: HttpRequest, newHeaders: Record<string, string>): HttpRequest;
|
|
22
23
|
/**
|
|
23
24
|
* Generate a JWT (or JWS-ed object)
|
|
24
|
-
* @param toSign the data to sign. Interpreted as
|
|
25
|
-
* @param privateKey an RSA key
|
|
25
|
+
* @param toSign the data to sign. Interpreted as JwtPayload but AFAIK this isn't required
|
|
26
|
+
* @param privateKey an opaque RSA private key
|
|
27
|
+
* @param cryptoService the crypto service to use for signing
|
|
28
|
+
* @param jwtProtectedHeader optional JWT header, defaults to RS256
|
|
26
29
|
* @returns the signed object, with a JWS header. This may be a JWT.
|
|
27
30
|
*/
|
|
28
|
-
export declare function reqSignature(toSign: unknown, privateKey:
|
|
31
|
+
export declare function reqSignature(toSign: unknown, privateKey: PrivateKey, cryptoService: CryptoService, jwtProtectedHeader?: JwtHeader): Promise<string>;
|
|
29
32
|
/**
|
|
30
33
|
* A utility type for getting and updating a bearer token to associate with
|
|
31
34
|
* HTTP requests to the backend services, notably rewrap and upsert endpoints.
|
|
@@ -44,10 +47,10 @@ export type AuthProvider = {
|
|
|
44
47
|
* using the cached refresh token, and update the auth server config with the
|
|
45
48
|
* current key.
|
|
46
49
|
*
|
|
47
|
-
* @param signingKey the client signing key pair. Will be bound
|
|
50
|
+
* @param signingKey the client signing key pair (opaque keys). Will be bound
|
|
48
51
|
* to the OIDC token and require a DPoP header, when set.
|
|
49
52
|
*/
|
|
50
|
-
updateClientPublicKey(signingKey?:
|
|
53
|
+
updateClientPublicKey(signingKey?: KeyPair): Promise<void>;
|
|
51
54
|
/**
|
|
52
55
|
* Augment the provided http request with custom auth info to be used by backend services.
|
|
53
56
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../../src/auth/auth.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../../src/auth/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,aAAa,EAClB,KAAK,OAAO,EACZ,KAAK,UAAU,EAChB,MAAM,uCAAuC,CAAC;AAC/C,OAAO,EAAW,KAAK,SAAS,EAAmB,MAAM,8BAA8B,CAAC;AAExF,MAAM,MAAM,UAAU,GAClB,KAAK,GACL,MAAM,GACN,MAAM,GACN,KAAK,GACL,QAAQ,GACR,SAAS,GACT,SAAS,GACT,OAAO,GACP,OAAO,CAAC;AAEZ;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAEhC,MAAM,EAAE,UAAU,CAAC;IAEnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,GAAG,EAAE,MAAM,CAAC;IAEZ,IAAI,CAAC,EAAE,QAAQ,GAAG,IAAI,CAAC;;CAQxB;AAED;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,WAAW,CAMjG;AAMD;;;;;;;GAOG;AACH,wBAAsB,YAAY,CAChC,MAAM,EAAE,OAAO,EACf,UAAU,EAAE,UAAU,EACtB,aAAa,EAAE,aAAa,EAC5B,kBAAkB,GAAE,SAA4B,mBAUjD;AAED;;;;;;;GAOG;AACH,MAAM,MAAM,YAAY,GAAG;IACzB;;;;;;;;;;;OAWG;IACH,qBAAqB,CAAC,UAAU,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE3D;;;;OAIG;IACH,SAAS,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;CACvD,CAAC;AAEF,wBAAgB,cAAc,CAAC,CAAC,CAAC,EAAE,OAAO,GAAG,CAAC,IAAI,YAAY,CAK7D"}
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
import type { CryptoService, KeyPair } from '../../tdf3/src/crypto/declarations.js';
|
|
2
|
+
export type JsonObject = {
|
|
3
|
+
[Key in string]?: JsonValue;
|
|
4
|
+
};
|
|
5
|
+
export type JsonArray = JsonValue[];
|
|
6
|
+
export type JsonPrimitive = string | number | boolean | null;
|
|
7
|
+
export type JsonValue = JsonPrimitive | JsonObject | JsonArray;
|
|
8
|
+
/**
|
|
9
|
+
* Supported JWS `alg` Algorithm identifiers.
|
|
10
|
+
*
|
|
11
|
+
* @example PS256 CryptoKey algorithm
|
|
12
|
+
* ```ts
|
|
13
|
+
* interface Ps256Algorithm extends RsaHashedKeyAlgorithm {
|
|
14
|
+
* name: 'RSA-PSS'
|
|
15
|
+
* hash: { name: 'SHA-256' }
|
|
16
|
+
* }
|
|
17
|
+
* ```
|
|
18
|
+
*
|
|
19
|
+
* @example CryptoKey algorithm for the `ES256` JWS Algorithm Identifier
|
|
20
|
+
* ```ts
|
|
21
|
+
* interface Es256Algorithm extends EcKeyAlgorithm {
|
|
22
|
+
* name: 'ECDSA'
|
|
23
|
+
* namedCurve: 'P-256'
|
|
24
|
+
* }
|
|
25
|
+
* ```
|
|
26
|
+
*
|
|
27
|
+
* @example CryptoKey algorithm for the `RS256` JWS Algorithm Identifier
|
|
28
|
+
* ```ts
|
|
29
|
+
* interface Rs256Algorithm extends RsaHashedKeyAlgorithm {
|
|
30
|
+
* name: 'RSASSA-PKCS1-v1_5'
|
|
31
|
+
* hash: { name: 'SHA-256' }
|
|
32
|
+
* }
|
|
33
|
+
* ```
|
|
34
|
+
*
|
|
35
|
+
* @example CryptoKey algorithm for the `EdDSA` JWS Algorithm Identifier (Experimental)
|
|
36
|
+
*
|
|
37
|
+
* Runtime support for this algorithm is very limited, it depends on the [Secure Curves in the Web
|
|
38
|
+
* Cryptography API](https://wicg.github.io/webcrypto-secure-curves/) proposal which is yet to be
|
|
39
|
+
* widely adopted. If the proposal changes this implementation will follow up with a minor release.
|
|
40
|
+
*
|
|
41
|
+
* ```ts
|
|
42
|
+
* interface EdDSAAlgorithm extends KeyAlgorithm {
|
|
43
|
+
* name: 'Ed25519'
|
|
44
|
+
* }
|
|
45
|
+
* ```
|
|
46
|
+
*/
|
|
47
|
+
export type JWSAlgorithm = 'PS256' | 'ES256' | 'ES384' | 'ES512' | 'RS256' | 'EdDSA';
|
|
48
|
+
/**
|
|
49
|
+
* Generates a unique DPoP Proof JWT.
|
|
50
|
+
*
|
|
51
|
+
* @param keypair Opaque key pair
|
|
52
|
+
* @param cryptoService CryptoService for cryptographic operations
|
|
53
|
+
* @param htu The HTTP URI (without query and fragment parts) of the request
|
|
54
|
+
* @param htm The HTTP method of the request
|
|
55
|
+
* @param nonce Server-provided nonce.
|
|
56
|
+
* @param accessToken Associated access token's value.
|
|
57
|
+
* @param additional Any additional claims.
|
|
58
|
+
*/
|
|
59
|
+
export default function DPoP(keypair: KeyPair, cryptoService: CryptoService, htu: string, htm: string, nonce?: string, accessToken?: string, additional?: Record<string, JsonValue>): Promise<string>;
|
|
60
|
+
//# sourceMappingURL=dpop.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"dpop.d.ts","sourceRoot":"","sources":["../../../../src/auth/dpop.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,aAAa,EACb,OAAO,EAGR,MAAM,uCAAuC,CAAC;AAE/C,MAAM,MAAM,UAAU,GAAG;KAAG,GAAG,IAAI,MAAM,CAAC,CAAC,EAAE,SAAS;CAAE,CAAC;AACzD,MAAM,MAAM,SAAS,GAAG,SAAS,EAAE,CAAC;AACpC,MAAM,MAAM,aAAa,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,IAAI,CAAC;AAC7D,MAAM,MAAM,SAAS,GAAG,aAAa,GAAG,UAAU,GAAG,SAAS,CAAC;AAwD/D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AACH,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,OAAO,GAAG,OAAO,GAAG,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;AAoCrF;;;;;;;;;;GAUG;AACH,wBAA8B,IAAI,CAChC,OAAO,EAAE,OAAO,EAChB,aAAa,EAAE,aAAa,EAC5B,GAAG,EAAE,MAAM,EACX,GAAG,EAAE,MAAM,EACX,KAAK,CAAC,EAAE,MAAM,EACd,WAAW,CAAC,EAAE,MAAM,EACpB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,GACrC,OAAO,CAAC,MAAM,CAAC,CA0DjB"}
|
|
@@ -1,9 +1,10 @@
|
|
|
1
1
|
import { AuthProvider, type HttpRequest } from './auth.js';
|
|
2
2
|
import { AccessToken, type ClientSecretCredentials } from './oidc.js';
|
|
3
|
+
import { type CryptoService, type KeyPair } from '../../tdf3/src/crypto/declarations.js';
|
|
3
4
|
export declare class OIDCClientCredentialsProvider implements AuthProvider {
|
|
4
5
|
oidcAuth: AccessToken;
|
|
5
|
-
constructor({ clientId, clientSecret, oidcOrigin, oidcTokenEndpoint, oidcUserInfoEndpoint, }: Partial<ClientSecretCredentials> & Omit<ClientSecretCredentials, 'exchange'
|
|
6
|
-
updateClientPublicKey(signingKey:
|
|
6
|
+
constructor({ clientId, clientSecret, oidcOrigin, oidcTokenEndpoint, oidcUserInfoEndpoint, }: Partial<ClientSecretCredentials> & Omit<ClientSecretCredentials, 'exchange'>, cryptoService?: CryptoService);
|
|
7
|
+
updateClientPublicKey(signingKey: KeyPair): Promise<void>;
|
|
7
8
|
withCreds(httpReq: HttpRequest): Promise<HttpRequest>;
|
|
8
9
|
}
|
|
9
10
|
//# sourceMappingURL=oidc-clientcredentials-provider.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidc-clientcredentials-provider.d.ts","sourceRoot":"","sources":["../../../../src/auth/oidc-clientcredentials-provider.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,KAAK,WAAW,EAAE,MAAM,WAAW,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,KAAK,uBAAuB,EAAE,MAAM,WAAW,CAAC;AAEtE,qBAAa,6BAA8B,YAAW,YAAY;IAChE,QAAQ,EAAE,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"oidc-clientcredentials-provider.d.ts","sourceRoot":"","sources":["../../../../src/auth/oidc-clientcredentials-provider.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,KAAK,WAAW,EAAE,MAAM,WAAW,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,KAAK,uBAAuB,EAAE,MAAM,WAAW,CAAC;AAEtE,OAAO,EAAE,KAAK,aAAa,EAAE,KAAK,OAAO,EAAE,MAAM,uCAAuC,CAAC;AAEzF,qBAAa,6BAA8B,YAAW,YAAY;IAChE,QAAQ,EAAE,WAAW,CAAC;gBAGpB,EACE,QAAQ,EACR,YAAY,EACZ,UAAU,EACV,iBAAiB,EACjB,oBAAoB,GACrB,EAAE,OAAO,CAAC,uBAAuB,CAAC,GAAG,IAAI,CAAC,uBAAuB,EAAE,UAAU,CAAC,EAC/E,aAAa,GAAE,aAAoC;IAmB/C,qBAAqB,CAAC,UAAU,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAIzD,SAAS,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;CAG5D"}
|
|
@@ -1,10 +1,11 @@
|
|
|
1
1
|
import { type AuthProvider, type HttpRequest } from './auth.js';
|
|
2
2
|
import { AccessToken, type ExternalJwtCredentials } from './oidc.js';
|
|
3
|
+
import { type CryptoService, type KeyPair } from '../../tdf3/src/crypto/declarations.js';
|
|
3
4
|
export declare class OIDCExternalJwtProvider implements AuthProvider {
|
|
4
5
|
oidcAuth: AccessToken;
|
|
5
6
|
externalJwt?: string;
|
|
6
|
-
constructor({ clientId, externalJwt, oidcOrigin, oidcTokenEndpoint, oidcUserInfoEndpoint, }: Partial<ExternalJwtCredentials> & Omit<ExternalJwtCredentials, 'exchange'
|
|
7
|
-
updateClientPublicKey(signingKey:
|
|
7
|
+
constructor({ clientId, externalJwt, oidcOrigin, oidcTokenEndpoint, oidcUserInfoEndpoint, }: Partial<ExternalJwtCredentials> & Omit<ExternalJwtCredentials, 'exchange'>, cryptoService?: CryptoService);
|
|
8
|
+
updateClientPublicKey(signingKey: KeyPair): Promise<void>;
|
|
8
9
|
withCreds(httpReq: HttpRequest): Promise<HttpRequest>;
|
|
9
10
|
}
|
|
10
11
|
//# sourceMappingURL=oidc-externaljwt-provider.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidc-externaljwt-provider.d.ts","sourceRoot":"","sources":["../../../../src/auth/oidc-externaljwt-provider.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,YAAY,EAAE,KAAK,WAAW,EAAE,MAAM,WAAW,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,KAAK,sBAAsB,EAAE,MAAM,WAAW,CAAC;AAErE,qBAAa,uBAAwB,YAAW,YAAY;IAC1D,QAAQ,EAAE,WAAW,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"oidc-externaljwt-provider.d.ts","sourceRoot":"","sources":["../../../../src/auth/oidc-externaljwt-provider.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,YAAY,EAAE,KAAK,WAAW,EAAE,MAAM,WAAW,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,KAAK,sBAAsB,EAAE,MAAM,WAAW,CAAC;AAErE,OAAO,EAAE,KAAK,aAAa,EAAE,KAAK,OAAO,EAAE,MAAM,uCAAuC,CAAC;AAEzF,qBAAa,uBAAwB,YAAW,YAAY;IAC1D,QAAQ,EAAE,WAAW,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;gBAGnB,EACE,QAAQ,EACR,WAAW,EACX,UAAU,EACV,iBAAiB,EACjB,oBAAoB,GACrB,EAAE,OAAO,CAAC,sBAAsB,CAAC,GAAG,IAAI,CAAC,sBAAsB,EAAE,UAAU,CAAC,EAC7E,aAAa,GAAE,aAAoC;IAqB/C,qBAAqB,CAAC,UAAU,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAIzD,SAAS,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;CAS5D"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { type AuthProvider, type HttpRequest } from './auth.js';
|
|
2
2
|
import { AccessToken, type RefreshTokenCredentials } from './oidc.js';
|
|
3
|
+
import { type CryptoService, type KeyPair } from '../../tdf3/src/crypto/declarations.js';
|
|
3
4
|
/**
|
|
4
5
|
* An AuthProvider that uses an OIDC refresh token to obtain an access token.
|
|
5
6
|
* It exchanges the refresh token for an access token and uses that to augment HTTP requests with credentials.
|
|
@@ -17,8 +18,8 @@ import { AccessToken, type RefreshTokenCredentials } from './oidc.js';
|
|
|
17
18
|
export declare class OIDCRefreshTokenProvider implements AuthProvider {
|
|
18
19
|
oidcAuth: AccessToken;
|
|
19
20
|
refreshToken?: string;
|
|
20
|
-
constructor({ clientId, refreshToken, oidcOrigin, oidcTokenEndpoint, oidcUserInfoEndpoint, }: Partial<RefreshTokenCredentials> & Omit<RefreshTokenCredentials, 'exchange'
|
|
21
|
-
updateClientPublicKey(signingKey:
|
|
21
|
+
constructor({ clientId, refreshToken, oidcOrigin, oidcTokenEndpoint, oidcUserInfoEndpoint, }: Partial<RefreshTokenCredentials> & Omit<RefreshTokenCredentials, 'exchange'>, cryptoService?: CryptoService);
|
|
22
|
+
updateClientPublicKey(signingKey: KeyPair): Promise<void>;
|
|
22
23
|
withCreds(httpReq: HttpRequest): Promise<HttpRequest>;
|
|
23
24
|
}
|
|
24
25
|
//# sourceMappingURL=oidc-refreshtoken-provider.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidc-refreshtoken-provider.d.ts","sourceRoot":"","sources":["../../../../src/auth/oidc-refreshtoken-provider.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,YAAY,EAAE,KAAK,WAAW,EAAE,MAAM,WAAW,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,KAAK,uBAAuB,EAAE,MAAM,WAAW,CAAC;AAEtE;;;;;;;;;;;;;GAaG;AACH,qBAAa,wBAAyB,YAAW,YAAY;IAC3D,QAAQ,EAAE,WAAW,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"oidc-refreshtoken-provider.d.ts","sourceRoot":"","sources":["../../../../src/auth/oidc-refreshtoken-provider.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,YAAY,EAAE,KAAK,WAAW,EAAE,MAAM,WAAW,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,KAAK,uBAAuB,EAAE,MAAM,WAAW,CAAC;AAEtE,OAAO,EAAE,KAAK,aAAa,EAAE,KAAK,OAAO,EAAE,MAAM,uCAAuC,CAAC;AAEzF;;;;;;;;;;;;;GAaG;AACH,qBAAa,wBAAyB,YAAW,YAAY;IAC3D,QAAQ,EAAE,WAAW,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,CAAC;gBAGpB,EACE,QAAQ,EACR,YAAY,EACZ,UAAU,EACV,iBAAiB,EACjB,oBAAoB,GACrB,EAAE,OAAO,CAAC,uBAAuB,CAAC,GAAG,IAAI,CAAC,uBAAuB,EAAE,UAAU,CAAC,EAC/E,aAAa,GAAE,aAAoC;IAoB/C,qBAAqB,CAAC,UAAU,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAIzD,SAAS,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;CAU5D"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { HttpRequest } from './auth.js';
|
|
2
|
+
import { type CryptoService, type KeyPair } from '../../tdf3/src/crypto/declarations.js';
|
|
2
3
|
/**
|
|
3
4
|
* Common fields used by all OIDC credentialing flows.
|
|
4
5
|
*/
|
|
@@ -12,7 +13,7 @@ export type CommonCredentials = {
|
|
|
12
13
|
/** Whether or not DPoP is enabled. */
|
|
13
14
|
dpopEnabled?: boolean;
|
|
14
15
|
/** the client's public key, base64 encoded. Will be bound to the OIDC token. Deprecated. If not set in the constructor, */
|
|
15
|
-
signingKey?:
|
|
16
|
+
signingKey?: KeyPair;
|
|
16
17
|
};
|
|
17
18
|
/**
|
|
18
19
|
* Information needed for Client Secret OIDC credentialing flow
|
|
@@ -73,10 +74,11 @@ export declare class AccessToken {
|
|
|
73
74
|
baseUrl: string;
|
|
74
75
|
tokenEndpoint: string;
|
|
75
76
|
userInfoEndpoint: string;
|
|
76
|
-
signingKey?:
|
|
77
|
+
signingKey?: KeyPair;
|
|
77
78
|
extraHeaders: Record<string, string>;
|
|
78
79
|
currentAccessToken?: string;
|
|
79
|
-
|
|
80
|
+
cryptoService: CryptoService;
|
|
81
|
+
constructor(cfg: OIDCCredentials, cryptoService: CryptoService, request?: typeof fetch);
|
|
80
82
|
/**
|
|
81
83
|
* https://connect2id.com/products/server/docs/api/userinfo
|
|
82
84
|
* @param accessToken the current access_token or code
|
|
@@ -98,7 +100,7 @@ export declare class AccessToken {
|
|
|
98
100
|
*
|
|
99
101
|
* Calling this function will trigger a forcible token refresh using the cached refresh token, and contact the auth server.
|
|
100
102
|
*/
|
|
101
|
-
refreshTokenClaimsWithClientPubkeyIfNeeded(signingKey:
|
|
103
|
+
refreshTokenClaimsWithClientPubkeyIfNeeded(signingKey: KeyPair): Promise<void>;
|
|
102
104
|
/**
|
|
103
105
|
* Converts included refresh token or external JWT for a new one.
|
|
104
106
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../../../../src/auth/oidc.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAe,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../../../../src/auth/oidc.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAe,MAAM,WAAW,CAAC;AAIrD,OAAO,EAAE,KAAK,aAAa,EAAE,KAAK,OAAO,EAAE,MAAM,uCAAuC,CAAC;AAEzF;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG;IAC9B,oEAAoE;IACpE,QAAQ,EAAE,MAAM,CAAC;IACjB,0FAA0F;IAC1F,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,sCAAsC;IACtC,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB,2HAA2H;IAC3H,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAAG,iBAAiB,GAAG;IACxD,QAAQ,EAAE,QAAQ,CAAC;IACnB,yEAAyE;IACzE,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAAG,iBAAiB,GAAG;IACxD,QAAQ,EAAE,SAAS,CAAC;IACpB,qCAAqC;IACrC,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,sBAAsB,GAAG,iBAAiB,GAAG;IACvD,QAAQ,EAAE,UAAU,CAAC;IACrB,yCAAyC;IACzC,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,eAAe,GACvB,uBAAuB,GACvB,sBAAsB,GACtB,uBAAuB,CAAC;AAI5B,MAAM,MAAM,mBAAmB,GAAG;IAChC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,qBAAa,WAAW;IACtB,MAAM,EAAE,eAAe,CAAC;IAExB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,WAAW,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;IAExE,IAAI,CAAC,EAAE,mBAAmB,CAAC;IAE3B,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,MAAM,CAAC;IAEzB,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAM;IAE1C,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B,aAAa,EAAE,aAAa,CAAC;gBAEjB,GAAG,EAAE,eAAe,EAAE,aAAa,EAAE,aAAa,EAAE,OAAO,CAAC,EAAE,OAAO,KAAK;IA8BtF;;;;OAIG;IACG,IAAI,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA0B3C,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAsB7C,iBAAiB,CAAC,GAAG,EAAE,eAAe;IAqC5C;;;;OAIG;IACG,GAAG,CAAC,QAAQ,UAAO,GAAG,OAAO,CAAC,MAAM,CAAC;IA0B3C;;;;;;OAMG;IACG,0CAA0C,CAAC,UAAU,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAWpF;;OAEG;IACG,uBAAuB,IAAI,OAAO,CAAC,MAAM,CAAC;IAwB1C,SAAS,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;CAqB5D"}
|
|
@@ -3,6 +3,7 @@ import { OIDCClientCredentialsProvider } from './oidc-clientcredentials-provider
|
|
|
3
3
|
import { OIDCExternalJwtProvider } from './oidc-externaljwt-provider.js';
|
|
4
4
|
import { type AuthProvider } from './auth.js';
|
|
5
5
|
import { OIDCRefreshTokenProvider } from './oidc-refreshtoken-provider.js';
|
|
6
|
+
import { type CryptoService } from '../../tdf3/src/crypto/declarations.js';
|
|
6
7
|
/**
|
|
7
8
|
* Creates an OIDC Client Credentials Provider for non-browser contexts.
|
|
8
9
|
*
|
|
@@ -21,7 +22,7 @@ import { OIDCRefreshTokenProvider } from './oidc-refreshtoken-provider.js';
|
|
|
21
22
|
* {@link updateClientPublicKey} which will force an explicit token refresh
|
|
22
23
|
*
|
|
23
24
|
*/
|
|
24
|
-
export declare const clientSecretAuthProvider: (clientConfig: ClientSecretCredentials) => Promise<OIDCClientCredentialsProvider>;
|
|
25
|
+
export declare const clientSecretAuthProvider: (clientConfig: ClientSecretCredentials, cryptoService?: CryptoService) => Promise<OIDCClientCredentialsProvider>;
|
|
25
26
|
/**
|
|
26
27
|
* Create an OIDC External JWT Provider for browser contexts.
|
|
27
28
|
*
|
|
@@ -38,7 +39,7 @@ export declare const clientSecretAuthProvider: (clientConfig: ClientSecretCreden
|
|
|
38
39
|
* Virtru claims. The public key may be passed to this provider's constructor, or supplied post-construction by calling
|
|
39
40
|
* {@link updateClientPublicKey}, which will force an explicit token refresh.
|
|
40
41
|
*/
|
|
41
|
-
export declare const externalAuthProvider: (clientConfig: ExternalJwtCredentials) => Promise<OIDCExternalJwtProvider>;
|
|
42
|
+
export declare const externalAuthProvider: (clientConfig: ExternalJwtCredentials, cryptoService?: CryptoService) => Promise<OIDCExternalJwtProvider>;
|
|
42
43
|
/**
|
|
43
44
|
* Creates an OIDC Refresh Token Provider for browser and non-browser contexts.
|
|
44
45
|
*
|
|
@@ -53,13 +54,13 @@ export declare const externalAuthProvider: (clientConfig: ExternalJwtCredentials
|
|
|
53
54
|
* Virtru claims. The public key may be passed to this provider's constructor, or supplied post-construction by calling
|
|
54
55
|
* {@link updateClientPublicKey} which will force an explicit token refresh
|
|
55
56
|
*/
|
|
56
|
-
export declare const refreshAuthProvider: (clientConfig: RefreshTokenCredentials) => Promise<OIDCRefreshTokenProvider>;
|
|
57
|
+
export declare const refreshAuthProvider: (clientConfig: RefreshTokenCredentials, cryptoService?: CryptoService) => Promise<OIDCRefreshTokenProvider>;
|
|
57
58
|
/**
|
|
58
59
|
* Generate an auth provder.
|
|
59
60
|
* @param clientConfig OIDC client credentials
|
|
60
61
|
* @returns a promise for a new auth provider with the requested excahnge type
|
|
61
62
|
*/
|
|
62
|
-
export declare const clientAuthProvider: (clientConfig: OIDCCredentials) => Promise<AuthProvider>;
|
|
63
|
+
export declare const clientAuthProvider: (clientConfig: OIDCCredentials, cryptoService?: CryptoService) => Promise<AuthProvider>;
|
|
63
64
|
export * from './auth.js';
|
|
64
65
|
export { OIDCClientCredentialsProvider } from './oidc-clientcredentials-provider.js';
|
|
65
66
|
export { OIDCExternalJwtProvider } from './oidc-externaljwt-provider.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"providers.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,uBAAuB,EACvB,sBAAsB,EACtB,eAAe,EACf,uBAAuB,EACxB,MAAM,WAAW,CAAC;AACnB,OAAO,EAAE,6BAA6B,EAAE,MAAM,sCAAsC,CAAC;AACrF,OAAO,EAAE,uBAAuB,EAAE,MAAM,gCAAgC,CAAC;AACzE,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,wBAAwB,EAAE,MAAM,iCAAiC,CAAC;
|
|
1
|
+
{"version":3,"file":"providers.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,uBAAuB,EACvB,sBAAsB,EACtB,eAAe,EACf,uBAAuB,EACxB,MAAM,WAAW,CAAC;AACnB,OAAO,EAAE,6BAA6B,EAAE,MAAM,sCAAsC,CAAC;AACrF,OAAO,EAAE,uBAAuB,EAAE,MAAM,gCAAgC,CAAC;AACzE,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,wBAAwB,EAAE,MAAM,iCAAiC,CAAC;AAG3E,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,uCAAuC,CAAC;AAG3E;;;;;;;;;;;;;;;;;GAiBG;AACH,eAAO,MAAM,wBAAwB,GACnC,cAAc,uBAAuB,EACrC,gBAAe,aAAoC,KAClD,OAAO,CAAC,6BAA6B,CAWvC,CAAC;AAEF;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,oBAAoB,GAC/B,cAAc,sBAAsB,EACpC,gBAAe,aAAoC,KAClD,OAAO,CAAC,uBAAuB,CAWjC,CAAC;AAEF;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,mBAAmB,GAC9B,cAAc,uBAAuB,EACrC,gBAAe,aAAoC,KAClD,OAAO,CAAC,wBAAwB,CAWlC,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,kBAAkB,GAC7B,cAAc,eAAe,EAC7B,gBAAe,aAAoC,KAClD,OAAO,CAAC,YAAY,CAqCtB,CAAC;AAEF,cAAc,WAAW,CAAC;AAC1B,OAAO,EAAE,6BAA6B,EAAE,MAAM,sCAAsC,CAAC;AACrF,OAAO,EAAE,uBAAuB,EAAE,MAAM,gCAAgC,CAAC;AACzE,OAAO,EAAE,wBAAwB,EAAE,MAAM,iCAAiC,CAAC"}
|
|
@@ -6,6 +6,7 @@ export { generateKeyPair } from './generateKeyPair.js';
|
|
|
6
6
|
export { keyAgreement } from './keyAgreement.js';
|
|
7
7
|
export { default as exportCryptoKey } from './exportCryptoKey.js';
|
|
8
8
|
export { generateRandomNumber } from './generateRandomNumber.js';
|
|
9
|
-
export { pemPublicToCrypto, pemCertToCrypto } from './pemPublicToCrypto.js';
|
|
9
|
+
export { pemPublicToCrypto, pemCertToCrypto, guessAlgorithmName, guessCurveName, toJwsAlg, RSA_OID, EC_OID, P256_OID, P384_OID, P521_OID, type AlgorithmName, } from './pemPublicToCrypto.js';
|
|
10
10
|
export * as enums from './enums.js';
|
|
11
|
+
export { formatAsPem, removePemFormatting, isPemKeyPair, isCryptoKeyPair, } from '../../tdf3/src/crypto/crypto-utils.js';
|
|
11
12
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/crypto/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,EAAE,OAAO,IAAI,MAAM,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,OAAO,IAAI,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACjE,OAAO,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/crypto/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,EAAE,OAAO,IAAI,MAAM,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,OAAO,IAAI,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACjE,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,kBAAkB,EAClB,cAAc,EACd,QAAQ,EACR,OAAO,EACP,MAAM,EACN,QAAQ,EACR,QAAQ,EACR,QAAQ,EACR,KAAK,aAAa,GACnB,MAAM,wBAAwB,CAAC;AAChC,OAAO,KAAK,KAAK,MAAM,YAAY,CAAC;AAGpC,OAAO,EACL,WAAW,EACX,mBAAmB,EACnB,YAAY,EACZ,eAAe,GAChB,MAAM,uCAAuC,CAAC"}
|
|
@@ -6,12 +6,25 @@
|
|
|
6
6
|
* @link https://github.com/safebash/opencrypto
|
|
7
7
|
*
|
|
8
8
|
*/
|
|
9
|
+
import { NamedCurve } from './enums.js';
|
|
10
|
+
export declare const RSA_OID = "06092a864886f70d010101";
|
|
11
|
+
export declare const EC_OID = "06072a8648ce3d0201";
|
|
12
|
+
export declare const P256_OID = "06082a8648ce3d030107";
|
|
13
|
+
export declare const P384_OID = "06052b81040022";
|
|
14
|
+
export declare const P521_OID = "06052b81040023";
|
|
15
|
+
declare const ECDH = "ECDH";
|
|
16
|
+
declare const ECDSA = "ECDSA";
|
|
17
|
+
declare const RSA_OAEP = "RSA-OAEP";
|
|
18
|
+
declare const RSA_PSS = "RSA-PSS";
|
|
19
|
+
export type AlgorithmName = typeof ECDH | typeof ECDSA | typeof RSA_OAEP | typeof RSA_PSS;
|
|
9
20
|
interface PemPublicToCryptoOptions {
|
|
10
21
|
name?: string;
|
|
11
22
|
hash?: string;
|
|
12
23
|
usages?: KeyUsage[];
|
|
13
24
|
isExtractable: boolean;
|
|
14
25
|
}
|
|
26
|
+
export declare function guessAlgorithmName(hex: string, algorithmName?: string): AlgorithmName;
|
|
27
|
+
export declare function guessCurveName(hex: string): NamedCurve;
|
|
15
28
|
/**
|
|
16
29
|
*
|
|
17
30
|
* Converts asymmetric public key from PEM to CryptoKey
|
|
@@ -23,6 +36,11 @@ interface PemPublicToCryptoOptions {
|
|
|
23
36
|
* -- RSA-PSS: { name: 'RSA-PSS', hash: { name: 'SHA-512' }, usages: ['verify'], isExtractable: true }
|
|
24
37
|
*/
|
|
25
38
|
export declare function pemPublicToCrypto(pem: string, options?: PemPublicToCryptoOptions): Promise<CryptoKey>;
|
|
39
|
+
/**
|
|
40
|
+
* Detect JWS algorithm from hex-encoded key/certificate data.
|
|
41
|
+
* Look up JWK algorithm at https://github.com/panva/jose/issues/210
|
|
42
|
+
*/
|
|
43
|
+
export declare function toJwsAlg(hex: string): "ES256" | "ES384" | "ES512" | "ECDH-ES" | "RS512" | "RSA-OAEP-512";
|
|
26
44
|
export declare function pemCertToCrypto(pem: string, options?: PemPublicToCryptoOptions): Promise<CryptoKey>;
|
|
27
45
|
export {};
|
|
28
46
|
//# sourceMappingURL=pemPublicToCrypto.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pemPublicToCrypto.d.ts","sourceRoot":"","sources":["../../../../src/crypto/pemPublicToCrypto.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;
|
|
1
|
+
{"version":3,"file":"pemPublicToCrypto.d.ts","sourceRoot":"","sources":["../../../../src/crypto/pemPublicToCrypto.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AA0BH,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAGxC,eAAO,MAAM,OAAO,2BAA2B,CAAC;AAChD,eAAO,MAAM,MAAM,uBAAuB,CAAC;AAC3C,eAAO,MAAM,QAAQ,yBAAyB,CAAC;AAC/C,eAAO,MAAM,QAAQ,mBAAmB,CAAC;AACzC,eAAO,MAAM,QAAQ,mBAAmB,CAAC;AAMzC,QAAA,MAAM,IAAI,SAAS,CAAC;AACpB,QAAA,MAAM,KAAK,UAAU,CAAC;AACtB,QAAA,MAAM,QAAQ,aAAa,CAAC;AAC5B,QAAA,MAAM,OAAO,YAAY,CAAC;AAC1B,MAAM,MAAM,aAAa,GAAG,OAAO,IAAI,GAAG,OAAO,KAAK,GAAG,OAAO,QAAQ,GAAG,OAAO,OAAO,CAAC;AAE1F,UAAU,wBAAwB;IAChC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,QAAQ,EAAE,CAAC;IACpB,aAAa,EAAE,OAAO,CAAC;CACxB;AAiBD,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,MAAM,GAAG,aAAa,CAerF;AAED,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAStD;AAED;;;;;;;;;GASG;AACH,wBAAsB,iBAAiB,CACrC,GAAG,EAAE,MAAM,EACX,OAAO,GAAE,wBAER,GACA,OAAO,CAAC,SAAS,CAAC,CAsCpB;AAED;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,GAAG,EAAE,MAAM,sEAkBnC;AAED,wBAAsB,eAAe,CACnC,GAAG,EAAE,MAAM,EACX,OAAO,GAAE,wBAER,GACA,OAAO,CAAC,SAAS,CAAC,CAapB"}
|
|
@@ -71,4 +71,12 @@ export declare class PermissionDeniedError extends TdfError {
|
|
|
71
71
|
export declare class UnsupportedFeatureError extends TdfError {
|
|
72
72
|
name: string;
|
|
73
73
|
}
|
|
74
|
+
/**
|
|
75
|
+
* One or more attribute value FQNs were not found on the platform.
|
|
76
|
+
* Thrown by {@link validateAttributes} and {@link validateAttributeValue} when the platform
|
|
77
|
+
* does not recognize the requested FQNs.
|
|
78
|
+
*/
|
|
79
|
+
export declare class AttributeNotFoundError extends TdfError {
|
|
80
|
+
name: string;
|
|
81
|
+
}
|
|
74
82
|
//# sourceMappingURL=errors.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../src/errors.ts"],"names":[],"mappings":"AAiBA;;;GAGG;AACH,qBAAa,QAAS,SAAQ,KAAK;IACxB,IAAI,SAAc;gBAEf,OAAO,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK;CAO5C;AAED;;GAEG;AACH,qBAAa,kBAAmB,SAAQ,QAAQ;IACrC,IAAI,SAAwB;CACtC;AAED;;GAEG;AACH,qBAAa,wBAAyB,SAAQ,kBAAkB;IACrD,IAAI,SAA8B;IAC3C,SAAS,EAAE,OAAO,CAAC;gBACP,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,KAAK;CAI/D;AAED;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,QAAQ;CAAG;AAEjD;;GAEG;AACH,qBAAa,YAAa,SAAQ,gBAAgB;IACvC,IAAI,SAAkB;CAChC;AAED,qBAAa,cAAe,SAAQ,gBAAgB;IACzC,IAAI,SAAoB;CAClC;AAED;;;GAGG;AACH,qBAAa,cAAe,SAAQ,gBAAgB;IACzC,IAAI,SAAoB;IACjC,QAAQ,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC;gBAEX,OAAO,EAAE,MAAM,EAAE,GAAG,GAAG,EAAE,MAAM,EAAE;CAK9C;AAED;;GAEG;AACH,qBAAa,YAAa,SAAQ,QAAQ;IAC/B,IAAI,SAAkB;CAChC;AAED;;GAEG;AACH,qBAAa,YAAa,SAAQ,QAAQ;IAC/B,IAAI,SAAkB;CAChC;AAED,mCAAmC;AACnC,qBAAa,oBAAqB,SAAQ,QAAQ;IACvC,IAAI,SAA0B;CACxC;AAED,kCAAkC;AAClC,qBAAa,qBAAsB,SAAQ,QAAQ;IACxC,IAAI,SAA2B;IACxC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;gBAE5B,OAAO,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,EAAE,EAAE,KAAK,CAAC,EAAE,KAAK;CAMnE;AAED;;GAEG;AACH,qBAAa,uBAAwB,SAAQ,QAAQ;IAC1C,IAAI,SAA6B;CAC3C"}
|
|
1
|
+
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../src/errors.ts"],"names":[],"mappings":"AAiBA;;;GAGG;AACH,qBAAa,QAAS,SAAQ,KAAK;IACxB,IAAI,SAAc;gBAEf,OAAO,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK;CAO5C;AAED;;GAEG;AACH,qBAAa,kBAAmB,SAAQ,QAAQ;IACrC,IAAI,SAAwB;CACtC;AAED;;GAEG;AACH,qBAAa,wBAAyB,SAAQ,kBAAkB;IACrD,IAAI,SAA8B;IAC3C,SAAS,EAAE,OAAO,CAAC;gBACP,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,KAAK;CAI/D;AAED;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,QAAQ;CAAG;AAEjD;;GAEG;AACH,qBAAa,YAAa,SAAQ,gBAAgB;IACvC,IAAI,SAAkB;CAChC;AAED,qBAAa,cAAe,SAAQ,gBAAgB;IACzC,IAAI,SAAoB;CAClC;AAED;;;GAGG;AACH,qBAAa,cAAe,SAAQ,gBAAgB;IACzC,IAAI,SAAoB;IACjC,QAAQ,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC;gBAEX,OAAO,EAAE,MAAM,EAAE,GAAG,GAAG,EAAE,MAAM,EAAE;CAK9C;AAED;;GAEG;AACH,qBAAa,YAAa,SAAQ,QAAQ;IAC/B,IAAI,SAAkB;CAChC;AAED;;GAEG;AACH,qBAAa,YAAa,SAAQ,QAAQ;IAC/B,IAAI,SAAkB;CAChC;AAED,mCAAmC;AACnC,qBAAa,oBAAqB,SAAQ,QAAQ;IACvC,IAAI,SAA0B;CACxC;AAED,kCAAkC;AAClC,qBAAa,qBAAsB,SAAQ,QAAQ;IACxC,IAAI,SAA2B;IACxC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;gBAE5B,OAAO,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,EAAE,EAAE,KAAK,CAAC,EAAE,KAAK;CAMnE;AAED;;GAEG;AACH,qBAAa,uBAAwB,SAAQ,QAAQ;IAC1C,IAAI,SAA6B;CAC3C;AAED;;;;GAIG;AACH,qBAAa,sBAAuB,SAAQ,QAAQ;IACzC,IAAI,SAA4B;CAC1C"}
|
|
@@ -1,10 +1,11 @@
|
|
|
1
1
|
export { type AuthProvider, type HttpMethod, HttpRequest, withHeaders } from './auth/auth.js';
|
|
2
2
|
export * as AuthProviders from './auth/providers.js';
|
|
3
3
|
export { attributeFQNsAsValues } from './policy/api.js';
|
|
4
|
+
export { listAttributes, validateAttributes, attributeExists, attributeValueExists, } from './policy/discovery.js';
|
|
4
5
|
export { version, clientType, tdfSpecVersion } from './version.js';
|
|
5
6
|
export { PlatformClient, type PlatformClientOptions, type PlatformServices } from './platform.js';
|
|
6
7
|
export * from './opentdf.js';
|
|
7
|
-
export { TdfError, PermissionDeniedError, IntegrityError, InvalidFileError, DecryptError, NetworkError, AttributeValidationError, ConfigurationError, } from './errors.js';
|
|
8
|
+
export { TdfError, PermissionDeniedError, IntegrityError, InvalidFileError, DecryptError, NetworkError, AttributeValidationError, AttributeNotFoundError, ConfigurationError, } from './errors.js';
|
|
8
9
|
export * from './seekable.js';
|
|
9
10
|
export * from '../tdf3/src/models/index.js';
|
|
10
11
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,KAAK,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC9F,OAAO,KAAK,aAAa,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,KAAK,qBAAqB,EAAE,KAAK,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAClG,cAAc,cAAc,CAAC;AAC7B,OAAO,EACL,QAAQ,EACR,qBAAqB,EACrB,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,wBAAwB,EACxB,kBAAkB,GACnB,MAAM,aAAa,CAAC;AACrB,cAAc,eAAe,CAAC;AAC9B,cAAc,6BAA6B,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,KAAK,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC9F,OAAO,KAAK,aAAa,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EACL,cAAc,EACd,kBAAkB,EAClB,eAAe,EACf,oBAAoB,GACrB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,KAAK,qBAAqB,EAAE,KAAK,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAClG,cAAc,cAAc,CAAC;AAC7B,OAAO,EACL,QAAQ,EACR,qBAAqB,EACrB,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,wBAAwB,EACxB,sBAAsB,EACtB,kBAAkB,GACnB,MAAM,aAAa,CAAC;AACrB,cAAc,eAAe,CAAC;AAC9B,cAAc,6BAA6B,CAAC"}
|