@pod-os/core 0.2.1-da0e5dd.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/lib/index.js CHANGED
@@ -468,26 +468,26 @@ var PodOS = (() => {
468
468
  }
469
469
  static lookupErrorIri(iri, messageParams) {
470
470
  if (InruptError.determineIfVocabTerm(iri)) {
471
- const message = messageParams === void 0 ? iri.message : iri.messageParams(...messageParams);
472
- return message === void 0 ? `Looked up error message IRI [${iri.value}], but found no message value.` : message;
471
+ const message2 = messageParams === void 0 ? iri.message : iri.messageParams(...messageParams);
472
+ return message2 === void 0 ? `Looked up error message IRI [${iri.value}], but found no message value.` : message2;
473
473
  }
474
474
  return `Error message looked up at: [${iri.value}]${messageParams === void 0 ? "" : `, with params [${messageParams.toString()}]`}`;
475
475
  }
476
- static appendHttpResponseDetails(message, response, append) {
476
+ static appendHttpResponseDetails(message2, response, append) {
477
477
  if (append && typeof response !== "undefined") {
478
- return `${message} HTTP details: status code [${response.status}], status text [${response.statusText}].`;
478
+ return `${message2} HTTP details: status code [${response.status}], status text [${response.statusText}].`;
479
479
  }
480
- return message;
480
+ return message2;
481
481
  }
482
- static appendErrorIri(message, iri, append) {
483
- return append ? `${message} Error IRI: [${iri.value}].` : message;
482
+ static appendErrorIri(message2, iri, append) {
483
+ return append ? `${message2} Error IRI: [${iri.value}].` : message2;
484
484
  }
485
- static substituteParams(message, params) {
486
- let fullMessage = message;
485
+ static substituteParams(message2, params) {
486
+ let fullMessage = message2;
487
487
  if (params !== void 0) {
488
- const paramsRequired = message.split("{{").length - 1;
488
+ const paramsRequired = message2.split("{{").length - 1;
489
489
  if (paramsRequired !== params.length) {
490
- throw new Error(`Setting parameters on message [${message}], but it requires [${paramsRequired}] params and we received [${params.length}].`);
490
+ throw new Error(`Setting parameters on message [${message2}], but it requires [${paramsRequired}] params and we received [${params.length}].`);
491
491
  }
492
492
  for (let i = 0; i < params.length; i += 1) {
493
493
  const marker = `{{${i}}}`;
@@ -918,10 +918,10 @@ var PodOS = (() => {
918
918
  try {
919
919
  new exports2.DOMException();
920
920
  } catch (err) {
921
- exports2.DOMException = function(message, name) {
922
- this.message = message;
921
+ exports2.DOMException = function(message2, name) {
922
+ this.message = message2;
923
923
  this.name = name;
924
- var error2 = Error(message);
924
+ var error2 = Error(message2);
925
925
  this.stack = error2.stack;
926
926
  };
927
927
  exports2.DOMException.prototype = Object.create(Error.prototype);
@@ -1153,9 +1153,9 @@ var PodOS = (() => {
1153
1153
  var init_errors = __esm({
1154
1154
  "../node_modules/jose/dist/browser/util/errors.js"() {
1155
1155
  JOSEError = class extends Error {
1156
- constructor(message) {
1156
+ constructor(message2) {
1157
1157
  var _a;
1158
- super(message);
1158
+ super(message2);
1159
1159
  this.code = "ERR_JOSE_GENERIC";
1160
1160
  this.name = this.constructor.name;
1161
1161
  (_a = Error.captureStackTrace) === null || _a === void 0 ? void 0 : _a.call(Error, this, this.constructor);
@@ -1165,8 +1165,8 @@ var PodOS = (() => {
1165
1165
  }
1166
1166
  };
1167
1167
  JWTClaimValidationFailed = class extends JOSEError {
1168
- constructor(message, claim = "unspecified", reason = "unspecified") {
1169
- super(message);
1168
+ constructor(message2, claim = "unspecified", reason = "unspecified") {
1169
+ super(message2);
1170
1170
  this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED";
1171
1171
  this.claim = claim;
1172
1172
  this.reason = reason;
@@ -1176,8 +1176,8 @@ var PodOS = (() => {
1176
1176
  }
1177
1177
  };
1178
1178
  JWTExpired = class extends JOSEError {
1179
- constructor(message, claim = "unspecified", reason = "unspecified") {
1180
- super(message);
1179
+ constructor(message2, claim = "unspecified", reason = "unspecified") {
1180
+ super(message2);
1181
1181
  this.code = "ERR_JWT_EXPIRED";
1182
1182
  this.claim = claim;
1183
1183
  this.reason = reason;
@@ -1359,8 +1359,9 @@ var PodOS = (() => {
1359
1359
  "../node_modules/jose/dist/browser/runtime/check_cek_length.js"() {
1360
1360
  init_errors();
1361
1361
  checkCekLength = (cek, expected) => {
1362
- if (cek.length << 3 !== expected) {
1363
- throw new JWEInvalid("Invalid Content Encryption Key length");
1362
+ const actual = cek.byteLength << 3;
1363
+ if (actual !== expected) {
1364
+ throw new JWEInvalid(`Invalid Content Encryption Key length. Expected ${expected} bits, got ${actual} bits`);
1364
1365
  }
1365
1366
  };
1366
1367
  check_cek_length_default = checkCekLength;
@@ -1395,7 +1396,7 @@ var PodOS = (() => {
1395
1396
 
1396
1397
  // ../node_modules/jose/dist/browser/runtime/env.js
1397
1398
  function isCloudflareWorkers() {
1398
- return typeof WebSocketPair === "function";
1399
+ return typeof WebSocketPair !== "undefined" || typeof navigator !== "undefined" && navigator.userAgent === "Cloudflare-Workers" || typeof EdgeRuntime !== "undefined" && EdgeRuntime === "vercel";
1399
1400
  }
1400
1401
  var init_env = __esm({
1401
1402
  "../node_modules/jose/dist/browser/runtime/env.js"() {
@@ -1478,6 +1479,12 @@ var PodOS = (() => {
1478
1479
  throw unusable("NODE-ED25519");
1479
1480
  break;
1480
1481
  }
1482
+ case "EdDSA": {
1483
+ if (key.algorithm.name !== "Ed25519" && key.algorithm.name !== "Ed448") {
1484
+ throw unusable("Ed25519 or Ed448");
1485
+ }
1486
+ break;
1487
+ }
1481
1488
  case "ES256":
1482
1489
  case "ES384":
1483
1490
  case "ES512": {
@@ -1518,10 +1525,17 @@ var PodOS = (() => {
1518
1525
  throw unusable(expected, "algorithm.length");
1519
1526
  break;
1520
1527
  }
1521
- case "ECDH":
1522
- if (!isAlgorithm(key.algorithm, "ECDH"))
1523
- throw unusable("ECDH");
1528
+ case "ECDH": {
1529
+ switch (key.algorithm.name) {
1530
+ case "ECDH":
1531
+ case "X25519":
1532
+ case "X448":
1533
+ break;
1534
+ default:
1535
+ throw unusable("ECDH, X25519, or X448");
1536
+ }
1524
1537
  break;
1538
+ }
1525
1539
  case "PBES2-HS256+A128KW":
1526
1540
  case "PBES2-HS384+A192KW":
1527
1541
  case "PBES2-HS512+A256KW":
@@ -1552,29 +1566,34 @@ var PodOS = (() => {
1552
1566
  });
1553
1567
 
1554
1568
  // ../node_modules/jose/dist/browser/lib/invalid_key_input.js
1569
+ function message(msg2, actual, ...types2) {
1570
+ if (types2.length > 2) {
1571
+ const last = types2.pop();
1572
+ msg2 += `one of type ${types2.join(", ")}, or ${last}.`;
1573
+ } else if (types2.length === 2) {
1574
+ msg2 += `one of type ${types2[0]} or ${types2[1]}.`;
1575
+ } else {
1576
+ msg2 += `of type ${types2[0]}.`;
1577
+ }
1578
+ if (actual == null) {
1579
+ msg2 += ` Received ${actual}`;
1580
+ } else if (typeof actual === "function" && actual.name) {
1581
+ msg2 += ` Received function ${actual.name}`;
1582
+ } else if (typeof actual === "object" && actual != null) {
1583
+ if (actual.constructor && actual.constructor.name) {
1584
+ msg2 += ` Received an instance of ${actual.constructor.name}`;
1585
+ }
1586
+ }
1587
+ return msg2;
1588
+ }
1589
+ function withAlg(alg, actual, ...types2) {
1590
+ return message(`Key for the ${alg} algorithm must be `, actual, ...types2);
1591
+ }
1555
1592
  var invalid_key_input_default;
1556
1593
  var init_invalid_key_input = __esm({
1557
1594
  "../node_modules/jose/dist/browser/lib/invalid_key_input.js"() {
1558
1595
  invalid_key_input_default = (actual, ...types2) => {
1559
- let msg2 = "Key must be ";
1560
- if (types2.length > 2) {
1561
- const last = types2.pop();
1562
- msg2 += `one of type ${types2.join(", ")}, or ${last}.`;
1563
- } else if (types2.length === 2) {
1564
- msg2 += `one of type ${types2[0]} or ${types2[1]}.`;
1565
- } else {
1566
- msg2 += `of type ${types2[0]}.`;
1567
- }
1568
- if (actual == null) {
1569
- msg2 += ` Received ${actual}`;
1570
- } else if (typeof actual === "function" && actual.name) {
1571
- msg2 += ` Received function ${actual.name}`;
1572
- } else if (typeof actual === "object" && actual != null) {
1573
- if (actual.constructor && actual.constructor.name) {
1574
- msg2 += ` Received an instance of ${actual.constructor.name}`;
1575
- }
1576
- }
1577
- return msg2;
1596
+ return message("Key must be ", actual, ...types2);
1578
1597
  };
1579
1598
  }
1580
1599
  });
@@ -1807,10 +1826,18 @@ var PodOS = (() => {
1807
1826
  }
1808
1827
  checkEncCryptoKey(privateKey, "ECDH", "deriveBits");
1809
1828
  const value = concat(lengthAndInput(encoder.encode(algorithm)), lengthAndInput(apu), lengthAndInput(apv), uint32be(keyLength));
1829
+ let length;
1830
+ if (publicKey.algorithm.name === "X25519") {
1831
+ length = 256;
1832
+ } else if (publicKey.algorithm.name === "X448") {
1833
+ length = 448;
1834
+ } else {
1835
+ length = Math.ceil(parseInt(publicKey.algorithm.namedCurve.substr(-3), 10) / 8) << 3;
1836
+ }
1810
1837
  const sharedSecret = new Uint8Array(await webcrypto_default.subtle.deriveBits({
1811
- name: "ECDH",
1838
+ name: publicKey.algorithm.name,
1812
1839
  public: publicKey
1813
- }, privateKey, Math.ceil(parseInt(privateKey.algorithm.namedCurve.slice(-3), 10) / 8) << 3));
1840
+ }, privateKey, length));
1814
1841
  return concatKdf(sharedSecret, keyLength, value);
1815
1842
  }
1816
1843
  async function generateEpk(key) {
@@ -1823,7 +1850,7 @@ var PodOS = (() => {
1823
1850
  if (!isCryptoKey(key)) {
1824
1851
  throw new TypeError(invalid_key_input_default(key, ...types));
1825
1852
  }
1826
- return ["P-256", "P-384", "P-521"].includes(key.algorithm.namedCurve);
1853
+ return ["P-256", "P-384", "P-521"].includes(key.algorithm.namedCurve) || key.algorithm.name === "X25519" || key.algorithm.name === "X448";
1827
1854
  }
1828
1855
  var init_ecdhes = __esm({
1829
1856
  "../node_modules/jose/dist/browser/runtime/ecdhes.js"() {
@@ -2072,8 +2099,14 @@ ${newlined}
2072
2099
  return "P-384";
2073
2100
  case findOid(keyData, [43, 129, 4, 0, 35]):
2074
2101
  return "P-521";
2075
- case (isCloudflareWorkers() && findOid(keyData, [43, 101, 112])):
2102
+ case findOid(keyData, [43, 101, 110]):
2103
+ return "X25519";
2104
+ case findOid(keyData, [43, 101, 111]):
2105
+ return "X448";
2106
+ case findOid(keyData, [43, 101, 112]):
2076
2107
  return "Ed25519";
2108
+ case findOid(keyData, [43, 101, 113]):
2109
+ return "Ed448";
2077
2110
  default:
2078
2111
  throw new JOSENotSupported("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
2079
2112
  }
@@ -2122,15 +2155,22 @@ ${newlined}
2122
2155
  case "ECDH-ES":
2123
2156
  case "ECDH-ES+A128KW":
2124
2157
  case "ECDH-ES+A192KW":
2125
- case "ECDH-ES+A256KW":
2126
- algorithm = { name: "ECDH", namedCurve: getNamedCurve2(keyData) };
2158
+ case "ECDH-ES+A256KW": {
2159
+ const namedCurve = getNamedCurve2(keyData);
2160
+ algorithm = namedCurve.startsWith("P-") ? { name: "ECDH", namedCurve } : { name: namedCurve };
2127
2161
  keyUsages = isPublic ? [] : ["deriveBits"];
2128
2162
  break;
2129
- case (isCloudflareWorkers() && "EdDSA"):
2163
+ }
2164
+ case (isCloudflareWorkers() && "EdDSA"): {
2130
2165
  const namedCurve = getNamedCurve2(keyData).toUpperCase();
2131
2166
  algorithm = { name: `NODE-${namedCurve}`, namedCurve: `NODE-${namedCurve}` };
2132
2167
  keyUsages = isPublic ? ["verify"] : ["sign"];
2133
2168
  break;
2169
+ }
2170
+ case "EdDSA":
2171
+ algorithm = { name: getNamedCurve2(keyData) };
2172
+ keyUsages = isPublic ? ["verify"] : ["sign"];
2173
+ break;
2134
2174
  default:
2135
2175
  throw new JOSENotSupported('Invalid or unsupported "alg" (Algorithm) value');
2136
2176
  }
@@ -2253,9 +2293,27 @@ ${newlined}
2253
2293
  keyUsages = jwk.d ? ["sign"] : ["verify"];
2254
2294
  break;
2255
2295
  default:
2256
- throw new JOSENotSupported('Invalid or unsupported JWK "crv" (Subtype of Key Pair) Parameter value');
2296
+ throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
2297
+ }
2298
+ break;
2299
+ case "OKP": {
2300
+ switch (jwk.alg) {
2301
+ case "EdDSA":
2302
+ algorithm = { name: jwk.crv };
2303
+ keyUsages = jwk.d ? ["sign"] : ["verify"];
2304
+ break;
2305
+ case "ECDH-ES":
2306
+ case "ECDH-ES+A128KW":
2307
+ case "ECDH-ES+A192KW":
2308
+ case "ECDH-ES+A256KW":
2309
+ algorithm = { name: jwk.crv };
2310
+ keyUsages = jwk.d ? ["deriveBits"] : [];
2311
+ break;
2312
+ default:
2313
+ throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
2257
2314
  }
2258
2315
  break;
2316
+ }
2259
2317
  default:
2260
2318
  throw new JOSENotSupported('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
2261
2319
  }
@@ -2315,18 +2373,12 @@ ${newlined}
2315
2373
  if (bytes[position] < 128) {
2316
2374
  length = bytes[position];
2317
2375
  position++;
2318
- } else {
2319
- let numberOfDigits = bytes[position] & 127;
2320
- position++;
2321
- length = 0;
2322
- for (let i = 0; i < numberOfDigits; i++) {
2323
- length = length * 256 + bytes[position];
2324
- position++;
2325
- }
2326
- }
2327
- if (length === 128) {
2376
+ } else if (length === 128) {
2328
2377
  length = 0;
2329
2378
  while (bytes[position + length] !== 0 || bytes[position + length + 1] !== 0) {
2379
+ if (length > bytes.byteLength) {
2380
+ throw new TypeError("invalid indefinite form length");
2381
+ }
2330
2382
  length++;
2331
2383
  }
2332
2384
  const byteLength2 = position + length + 2;
@@ -2335,6 +2387,14 @@ ${newlined}
2335
2387
  contents: bytes.subarray(position, position + length),
2336
2388
  raw: bytes.subarray(0, byteLength2)
2337
2389
  };
2390
+ } else {
2391
+ let numberOfDigits = bytes[position] & 127;
2392
+ position++;
2393
+ length = 0;
2394
+ for (let i = 0; i < numberOfDigits; i++) {
2395
+ length = length * 256 + bytes[position];
2396
+ position++;
2397
+ }
2338
2398
  }
2339
2399
  const byteLength = position + length;
2340
2400
  return {
@@ -2362,7 +2422,12 @@ ${newlined}
2362
2422
  if (typeof x509 !== "string" || x509.indexOf("-----BEGIN CERTIFICATE-----") !== 0) {
2363
2423
  throw new TypeError('"x509" must be X.509 formatted string');
2364
2424
  }
2365
- const spki = getSPKI(x509);
2425
+ let spki;
2426
+ try {
2427
+ spki = getSPKI(x509);
2428
+ } catch (cause) {
2429
+ throw new TypeError("failed to parse the X.509 certificate", { cause });
2430
+ }
2366
2431
  return fromSPKI(spki, alg, options);
2367
2432
  }
2368
2433
  async function importPKCS8(pkcs8, alg, options) {
@@ -2418,19 +2483,19 @@ ${newlined}
2418
2483
  "../node_modules/jose/dist/browser/lib/check_key_type.js"() {
2419
2484
  init_invalid_key_input();
2420
2485
  init_is_key_like();
2421
- symmetricTypeCheck = (key) => {
2486
+ symmetricTypeCheck = (alg, key) => {
2422
2487
  if (key instanceof Uint8Array)
2423
2488
  return;
2424
2489
  if (!is_key_like_default(key)) {
2425
- throw new TypeError(invalid_key_input_default(key, ...types, "Uint8Array"));
2490
+ throw new TypeError(withAlg(alg, key, ...types, "Uint8Array"));
2426
2491
  }
2427
2492
  if (key.type !== "secret") {
2428
2493
  throw new TypeError(`${types.join(" or ")} instances for symmetric algorithms must be of type "secret"`);
2429
2494
  }
2430
2495
  };
2431
- asymmetricTypeCheck = (key, usage) => {
2496
+ asymmetricTypeCheck = (alg, key, usage) => {
2432
2497
  if (!is_key_like_default(key)) {
2433
- throw new TypeError(invalid_key_input_default(key, ...types));
2498
+ throw new TypeError(withAlg(alg, key, ...types));
2434
2499
  }
2435
2500
  if (key.type === "secret") {
2436
2501
  throw new TypeError(`${types.join(" or ")} instances for asymmetric algorithms must not be of type "secret"`);
@@ -2451,9 +2516,9 @@ ${newlined}
2451
2516
  checkKeyType = (alg, key, usage) => {
2452
2517
  const symmetric = alg.startsWith("HS") || alg === "dir" || alg.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(alg);
2453
2518
  if (symmetric) {
2454
- symmetricTypeCheck(key);
2519
+ symmetricTypeCheck(alg, key);
2455
2520
  } else {
2456
- asymmetricTypeCheck(key, usage);
2521
+ asymmetricTypeCheck(alg, key, usage);
2457
2522
  }
2458
2523
  };
2459
2524
  check_key_type_default = checkKeyType;
@@ -2555,7 +2620,7 @@ ${newlined}
2555
2620
  });
2556
2621
 
2557
2622
  // ../node_modules/jose/dist/browser/lib/decrypt_key_management.js
2558
- async function decryptKeyManagement(alg, key, encryptedKey, joseHeader) {
2623
+ async function decryptKeyManagement(alg, key, encryptedKey, joseHeader, options) {
2559
2624
  check_key_type_default(alg, key, "decrypt");
2560
2625
  switch (alg) {
2561
2626
  case "dir": {
@@ -2609,6 +2674,9 @@ ${newlined}
2609
2674
  throw new JWEInvalid("JWE Encrypted Key missing");
2610
2675
  if (typeof joseHeader.p2c !== "number")
2611
2676
  throw new JWEInvalid(`JOSE Header "p2c" (PBES2 Count) missing or invalid`);
2677
+ const p2cLimit = (options === null || options === void 0 ? void 0 : options.maxPBES2Count) || 1e4;
2678
+ if (joseHeader.p2c > p2cLimit)
2679
+ throw new JWEInvalid(`JOSE Header "p2c" (PBES2 Count) out is of acceptable bounds`);
2612
2680
  if (typeof joseHeader.p2s !== "string")
2613
2681
  throw new JWEInvalid(`JOSE Header "p2s" (PBES2 Salt) missing or invalid`);
2614
2682
  return decrypt2(alg, key, encryptedKey, joseHeader.p2c, decode(joseHeader.p2s));
@@ -2795,9 +2863,9 @@ ${newlined}
2795
2863
  }
2796
2864
  let cek;
2797
2865
  try {
2798
- cek = await decrypt_key_management_default(alg, key, encryptedKey, joseHeader);
2866
+ cek = await decrypt_key_management_default(alg, key, encryptedKey, joseHeader, options);
2799
2867
  } catch (err) {
2800
- if (err instanceof TypeError) {
2868
+ if (err instanceof TypeError || err instanceof JWEInvalid || err instanceof JOSENotSupported) {
2801
2869
  throw err;
2802
2870
  }
2803
2871
  cek = cek_default(enc);
@@ -3426,6 +3494,8 @@ ${newlined}
3426
3494
  case (isCloudflareWorkers() && "EdDSA"):
3427
3495
  const { namedCurve } = algorithm;
3428
3496
  return { name: namedCurve, namedCurve };
3497
+ case "EdDSA":
3498
+ return { name: algorithm.name };
3429
3499
  default:
3430
3500
  throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);
3431
3501
  }
@@ -4717,7 +4787,7 @@ ${newlined}
4717
4787
  return modulusLength;
4718
4788
  }
4719
4789
  async function generateKeyPair(alg, options) {
4720
- var _a, _b;
4790
+ var _a, _b, _c;
4721
4791
  let algorithm;
4722
4792
  let keyUsages;
4723
4793
  switch (alg) {
@@ -4778,17 +4848,44 @@ ${newlined}
4778
4848
  throw new JOSENotSupported("Invalid or unsupported crv option provided");
4779
4849
  }
4780
4850
  break;
4851
+ case "EdDSA":
4852
+ keyUsages = ["sign", "verify"];
4853
+ const crv = (_a = options === null || options === void 0 ? void 0 : options.crv) !== null && _a !== void 0 ? _a : "Ed25519";
4854
+ switch (crv) {
4855
+ case "Ed25519":
4856
+ case "Ed448":
4857
+ algorithm = { name: crv };
4858
+ break;
4859
+ default:
4860
+ throw new JOSENotSupported("Invalid or unsupported crv option provided");
4861
+ }
4862
+ break;
4781
4863
  case "ECDH-ES":
4782
4864
  case "ECDH-ES+A128KW":
4783
4865
  case "ECDH-ES+A192KW":
4784
- case "ECDH-ES+A256KW":
4785
- algorithm = { name: "ECDH", namedCurve: (_a = options === null || options === void 0 ? void 0 : options.crv) !== null && _a !== void 0 ? _a : "P-256" };
4866
+ case "ECDH-ES+A256KW": {
4786
4867
  keyUsages = ["deriveKey", "deriveBits"];
4868
+ const crv2 = (_b = options === null || options === void 0 ? void 0 : options.crv) !== null && _b !== void 0 ? _b : "P-256";
4869
+ switch (crv2) {
4870
+ case "P-256":
4871
+ case "P-384":
4872
+ case "P-521": {
4873
+ algorithm = { name: "ECDH", namedCurve: crv2 };
4874
+ break;
4875
+ }
4876
+ case "X25519":
4877
+ case "X448":
4878
+ algorithm = { name: crv2 };
4879
+ break;
4880
+ default:
4881
+ throw new JOSENotSupported("Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448");
4882
+ }
4787
4883
  break;
4884
+ }
4788
4885
  default:
4789
4886
  throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
4790
4887
  }
4791
- return webcrypto_default.subtle.generateKey(algorithm, (_b = options === null || options === void 0 ? void 0 : options.extractable) !== null && _b !== void 0 ? _b : false, keyUsages);
4888
+ return webcrypto_default.subtle.generateKey(algorithm, (_c = options === null || options === void 0 ? void 0 : options.extractable) !== null && _c !== void 0 ? _c : false, keyUsages);
4792
4889
  }
4793
4890
  var init_generate = __esm({
4794
4891
  "../node_modules/jose/dist/browser/runtime/generate.js"() {
@@ -5183,8 +5280,8 @@ ${newlined}
5183
5280
  "use strict";
5184
5281
  Object.defineProperty(exports, "__esModule", { value: true });
5185
5282
  var ConfigurationError = class extends Error {
5186
- constructor(message) {
5187
- super(message);
5283
+ constructor(message2) {
5284
+ super(message2);
5188
5285
  }
5189
5286
  };
5190
5287
  exports.default = ConfigurationError;
@@ -5228,8 +5325,8 @@ ${newlined}
5228
5325
  Object.defineProperty(exports, "__esModule", { value: true });
5229
5326
  exports.OidcProviderError = void 0;
5230
5327
  var OidcProviderError = class extends Error {
5231
- constructor(message, error2, errorDescription) {
5232
- super(message);
5328
+ constructor(message2, error2, errorDescription) {
5329
+ super(message2);
5233
5330
  this.error = error2;
5234
5331
  this.errorDescription = errorDescription;
5235
5332
  }
@@ -16065,10 +16162,10 @@ ${newlined}
16065
16162
  "../node_modules/jsonld/lib/JsonLdError.js"(exports, module2) {
16066
16163
  "use strict";
16067
16164
  module2.exports = class JsonLdError extends Error {
16068
- constructor(message = "An unspecified JSON-LD error occurred.", name = "jsonld.Error", details = {}) {
16069
- super(message);
16165
+ constructor(message2 = "An unspecified JSON-LD error occurred.", name = "jsonld.Error", details = {}) {
16166
+ super(message2);
16070
16167
  this.name = name;
16071
- this.message = message;
16168
+ this.message = message2;
16072
16169
  this.details = details;
16073
16170
  }
16074
16171
  };
@@ -22865,9 +22962,9 @@ ${newlined}
22865
22962
  var INVALID_MODIFICATION_ERR = ExceptionCode.INVALID_MODIFICATION_ERR = (ExceptionMessage[13] = "Invalid modification", 13);
22866
22963
  var NAMESPACE_ERR = ExceptionCode.NAMESPACE_ERR = (ExceptionMessage[14] = "Invalid namespace", 14);
22867
22964
  var INVALID_ACCESS_ERR = ExceptionCode.INVALID_ACCESS_ERR = (ExceptionMessage[15] = "Invalid access", 15);
22868
- function DOMException(code, message) {
22869
- if (message instanceof Error) {
22870
- var error2 = message;
22965
+ function DOMException(code, message2) {
22966
+ if (message2 instanceof Error) {
22967
+ var error2 = message2;
22871
22968
  } else {
22872
22969
  error2 = this;
22873
22970
  Error.call(this, ExceptionMessage[code]);
@@ -22876,8 +22973,8 @@ ${newlined}
22876
22973
  Error.captureStackTrace(this, DOMException);
22877
22974
  }
22878
22975
  error2.code = code;
22879
- if (message)
22880
- this.message = this.message + ": " + message;
22976
+ if (message2)
22977
+ this.message = this.message + ": " + message2;
22881
22978
  return error2;
22882
22979
  }
22883
22980
  DOMException.prototype = Error.prototype;
@@ -24171,8 +24268,8 @@ ${newlined}
24171
24268
  var S_ATTR_END = 5;
24172
24269
  var S_TAG_SPACE = 6;
24173
24270
  var S_TAG_CLOSE = 7;
24174
- function ParseError(message, locator) {
24175
- this.message = message;
24271
+ function ParseError(message2, locator) {
24272
+ this.message = message2;
24176
24273
  this.locator = locator;
24177
24274
  if (Error.captureStackTrace)
24178
24275
  Error.captureStackTrace(this, ParseError);
@@ -25004,7 +25101,10 @@ ${newlined}
25004
25101
  // src/index.ts
25005
25102
  var src_exports = {};
25006
25103
  __export(src_exports, {
25104
+ BinaryFile: () => BinaryFile,
25105
+ BrokenFile: () => BrokenFile,
25007
25106
  BrowserSession: () => BrowserSession,
25107
+ HttpStatus: () => HttpStatus,
25008
25108
  PodOS: () => PodOS
25009
25109
  });
25010
25110
 
@@ -25043,18 +25143,58 @@ ${newlined}
25043
25143
  }
25044
25144
  };
25045
25145
 
25146
+ // src/files/BinaryFile.ts
25147
+ var BinaryFile = class {
25148
+ constructor(url, data) {
25149
+ this.url = url;
25150
+ this.data = data;
25151
+ }
25152
+ blob() {
25153
+ return this.data;
25154
+ }
25155
+ };
25156
+
25157
+ // src/files/BrokenFile.ts
25158
+ var BrokenFile = class {
25159
+ constructor(url, status) {
25160
+ this.url = url;
25161
+ this.status = status;
25162
+ }
25163
+ toString() {
25164
+ return `${this.status.toString()} - ${this.url}`;
25165
+ }
25166
+ blob() {
25167
+ return null;
25168
+ }
25169
+ };
25170
+
25171
+ // src/files/HttpStatus.ts
25172
+ var HttpStatus = class {
25173
+ constructor(code, text) {
25174
+ this.code = code;
25175
+ this.text = text;
25176
+ }
25177
+ toString() {
25178
+ return this.text ? `${this.code} - ${this.text}` : this.code.toString();
25179
+ }
25180
+ };
25181
+
25046
25182
  // src/files/FileFetcher.ts
25047
25183
  var FileFetcher = class {
25048
25184
  constructor(session) {
25049
25185
  this.session = session;
25050
25186
  }
25051
- async fetchBlob(url) {
25052
- return this.session.authenticatedFetch(url).then((response) => {
25053
- if (!response.ok) {
25054
- throw new Error(`${response.status} - ${response.statusText}`);
25055
- }
25056
- return response.blob();
25057
- });
25187
+ async fetchFile(url) {
25188
+ const response = await this.session.authenticatedFetch(url);
25189
+ if (response.ok) {
25190
+ const blob = await response.blob();
25191
+ return new BinaryFile(url, blob);
25192
+ } else {
25193
+ return new BrokenFile(
25194
+ url,
25195
+ new HttpStatus(response.status, response.statusText)
25196
+ );
25197
+ }
25058
25198
  }
25059
25199
  };
25060
25200
 
@@ -25473,8 +25613,8 @@ ${newlined}
25473
25613
  throw new Error('NamedNode IRI "' + iri + '" must be absolute.');
25474
25614
  }
25475
25615
  if (_this.value.includes(" ")) {
25476
- var message = 'Error: NamedNode IRI "' + iri + '" must not contain unencoded spaces.';
25477
- throw new Error(message);
25616
+ var message2 = 'Error: NamedNode IRI "' + iri + '" must not contain unencoded spaces.';
25617
+ throw new Error(message2);
25478
25618
  }
25479
25619
  return _this;
25480
25620
  }
@@ -28958,8 +29098,8 @@ ${newlined}
28958
29098
  _emit(subject, predicate, object, graph3) {
28959
29099
  this._callback(null, this._quad(subject, predicate, object, graph3 || this.DEFAULTGRAPH));
28960
29100
  }
28961
- _error(message, token) {
28962
- const err = new Error(`${message} on line ${token.line}.`);
29101
+ _error(message2, token) {
29102
+ const err = new Error(`${message2} on line ${token.line}.`);
28963
29103
  err.context = {
28964
29104
  token,
28965
29105
  line: token.line,
@@ -36730,13 +36870,13 @@ ${newlined}
36730
36870
  }
36731
36871
  }
36732
36872
  }, function(err) {
36733
- var message = err.message || err.statusText;
36734
- message = "Failed to load <" + uri + "> " + message;
36735
- console.log(message);
36873
+ var message2 = err.message || err.statusText;
36874
+ message2 = "Failed to load <" + uri + "> " + message2;
36875
+ console.log(message2);
36736
36876
  if (err.response && err.response.status) {
36737
- message += " status: " + err.response.status;
36877
+ message2 += " status: " + err.response.status;
36738
36878
  }
36739
- userCallback(false, message, err.response);
36879
+ userCallback(false, message2, err.response);
36740
36880
  });
36741
36881
  }
36742
36882
  }, {
@@ -37230,16 +37370,16 @@ ${newlined}
37230
37370
  return this.redirectToProxy(proxyUri, options);
37231
37371
  }
37232
37372
  }
37233
- var message;
37373
+ var message2;
37234
37374
  if (response instanceof Error) {
37235
- message = "Fetch error: " + response.message;
37375
+ message2 = "Fetch error: " + response.message;
37236
37376
  } else {
37237
- message = response.statusText;
37377
+ message2 = response.statusText;
37238
37378
  if (response.responseText) {
37239
- message += " ".concat(response.responseText);
37379
+ message2 += " ".concat(response.responseText);
37240
37380
  }
37241
37381
  }
37242
- return this.failFetch(options, message, response.status || 998, response);
37382
+ return this.failFetch(options, message2, response.status || 998, response);
37243
37383
  }
37244
37384
  }, {
37245
37385
  key: "addType",
@@ -37713,8 +37853,8 @@ ${newlined}
37713
37853
  fetch(uri) {
37714
37854
  return this.store.fetch(uri);
37715
37855
  }
37716
- fetchBlob(url) {
37717
- return this.fileFetcher.fetchBlob(url);
37856
+ fetchFile(url) {
37857
+ return this.fileFetcher.fetchFile(url);
37718
37858
  }
37719
37859
  trackSession(callback) {
37720
37860
  return this.session.trackSession(callback);