@private.me/xbind 3.0.0 → 3.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +55 -7
- package/dist-standalone/_deps/mldsa-wasm/dist/mldsa.js +1920 -1
- package/dist-standalone/_deps/shared/cjs/errors.js +729 -1
- package/dist-standalone/_deps/shared/cjs/index.js +463 -1
- package/dist-standalone/_deps/shared/cjs/types.js +315 -1
- package/dist-standalone/_deps/shared/errors.js +244 -1
- package/dist-standalone/_deps/shared/index.js +72 -1
- package/dist-standalone/_deps/shared/types.js +86 -1
- package/dist-standalone/_deps/ux-helpers/cjs/errors.js +1 -1
- package/dist-standalone/_deps/ux-helpers/cjs/index.js +1 -1
- package/dist-standalone/_deps/ux-helpers/cjs/pagination.js +1 -1
- package/dist-standalone/_deps/ux-helpers/cjs/progress.js +1 -1
- package/dist-standalone/_deps/ux-helpers/cjs/search.js +1 -1
- package/dist-standalone/_deps/ux-helpers/cjs/types.js +1 -1
- package/dist-standalone/_deps/ux-helpers/errors.js +1 -1
- package/dist-standalone/_deps/ux-helpers/index.js +1 -1
- package/dist-standalone/_deps/ux-helpers/pagination.js +1 -1
- package/dist-standalone/_deps/ux-helpers/progress.js +1 -1
- package/dist-standalone/_deps/ux-helpers/search.js +1 -1
- package/dist-standalone/_deps/xchange/auto-accept.js +1 -1
- package/dist-standalone/_deps/xchange/cjs/auto-accept.js +1 -1
- package/dist-standalone/_deps/xchange/cjs/errors.js +1 -1
- package/dist-standalone/_deps/xchange/cjs/index.js +1 -1
- package/dist-standalone/_deps/xchange/cjs/invite-client.js +1 -1
- package/dist-standalone/_deps/xchange/cjs/lazy-init.js +1 -1
- package/dist-standalone/_deps/xchange/cjs/trust-integration.js +1 -1
- package/dist-standalone/_deps/xchange/cjs/xchange.js +1 -1
- package/dist-standalone/_deps/xchange/errors.js +1 -1
- package/dist-standalone/_deps/xchange/index.js +1 -1
- package/dist-standalone/_deps/xchange/invite-client.js +1 -1
- package/dist-standalone/_deps/xchange/lazy-init.js +1 -1
- package/dist-standalone/_deps/xchange/trust-integration.js +1 -1
- package/dist-standalone/_deps/xchange/xchange.js +1 -1
- package/dist-standalone/_deps/xregistry/cjs/discovery.js +1 -1
- package/dist-standalone/_deps/xregistry/cjs/errors.js +1 -1
- package/dist-standalone/_deps/xregistry/cjs/index.js +1 -1
- package/dist-standalone/_deps/xregistry/cjs/registry.js +1 -1
- package/dist-standalone/_deps/xregistry/cjs/schema.js +1 -1
- package/dist-standalone/_deps/xregistry/cjs/types.js +1 -1
- package/dist-standalone/_deps/xregistry/discovery.js +1 -1
- package/dist-standalone/_deps/xregistry/errors.js +1 -1
- package/dist-standalone/_deps/xregistry/index.js +1 -1
- package/dist-standalone/_deps/xregistry/registry.js +1 -1
- package/dist-standalone/_deps/xregistry/schema.js +1 -1
- package/dist-standalone/_deps/xregistry/types.js +1 -1
- package/dist-standalone/agent-call.js +659 -1
- package/dist-standalone/agent-sdk.js +328 -1
- package/dist-standalone/agent.js +1800 -1
- package/dist-standalone/approval.js +193 -1
- package/dist-standalone/async-iterators.js +382 -1
- package/dist-standalone/auth.js +219 -1
- package/dist-standalone/auto-accept.js +229 -1
- package/dist-standalone/backup-config.js +201 -1
- package/dist-standalone/backup.js +326 -1
- package/dist-standalone/batch-operations.js +388 -1
- package/dist-standalone/cancellation.js +477 -1
- package/dist-standalone/checkpoint.js +186 -1
- package/dist-standalone/circuit-breaker.js +468 -1
- package/dist-standalone/cjs/agent-call.js +701 -1
- package/dist-standalone/cjs/agent-sdk.js +332 -1
- package/dist-standalone/cjs/agent.js +1837 -1
- package/dist-standalone/cjs/approval.js +199 -1
- package/dist-standalone/cjs/async-iterators.js +392 -1
- package/dist-standalone/cjs/auth.js +225 -1
- package/dist-standalone/cjs/auto-accept.js +233 -1
- package/dist-standalone/cjs/backup-config.js +207 -1
- package/dist-standalone/cjs/backup.js +330 -1
- package/dist-standalone/cjs/batch-operations.js +397 -1
- package/dist-standalone/cjs/cancellation.js +490 -1
- package/dist-standalone/cjs/checkpoint.js +193 -1
- package/dist-standalone/cjs/circuit-breaker.js +476 -1
- package/dist-standalone/cjs/cli/init.js +492 -1
- package/dist-standalone/cjs/config-validation.js +522 -1
- package/dist-standalone/cjs/connect.js +312 -1
- package/dist-standalone/cjs/connection-pool.js +506 -1
- package/dist-standalone/cjs/correlation-id.js +339 -1
- package/dist-standalone/cjs/crypto-utils.js +176 -1
- package/dist-standalone/cjs/debug-mode.js +534 -1
- package/dist-standalone/cjs/did-document.js +101 -1
- package/dist-standalone/cjs/did-privateme.js +130 -1
- package/dist-standalone/cjs/did-web.js +201 -1
- package/dist-standalone/cjs/discovery.js +462 -1
- package/dist-standalone/cjs/dual-mode.js +251 -1
- package/dist-standalone/cjs/email-templates.js +313 -1
- package/dist-standalone/cjs/email-transport.js +239 -1
- package/dist-standalone/cjs/envelope.js +538 -1
- package/dist-standalone/cjs/errors.js +913 -1
- package/dist-standalone/cjs/event-emitter.js +461 -1
- package/dist-standalone/cjs/gateway-state.js +55 -1
- package/dist-standalone/cjs/gateway-transport.js +120 -1
- package/dist-standalone/cjs/graceful-degradation.js +403 -1
- package/dist-standalone/cjs/guardrails.js +223 -1
- package/dist-standalone/cjs/health-check.js +336 -1
- package/dist-standalone/cjs/http-compat.js +272 -1
- package/dist-standalone/cjs/http-status-map.js +571 -1
- package/dist-standalone/cjs/identity.js +645 -1
- package/dist-standalone/cjs/index.js +406 -1
- package/dist-standalone/cjs/invitation.js +421 -1
- package/dist-standalone/cjs/invite.js +328 -1
- package/dist-standalone/cjs/key-agreement.js +335 -1
- package/dist-standalone/cjs/lazy-init.js +300 -1
- package/dist-standalone/cjs/logger.js +291 -1
- package/dist-standalone/cjs/mdns-discovery.js +202 -1
- package/dist-standalone/cjs/nonce-store.js +80 -1
- package/dist-standalone/cjs/pairing-manager.js +223 -1
- package/dist-standalone/cjs/plugin-system.js +264 -1
- package/dist-standalone/cjs/plugins/logging.js +168 -1
- package/dist-standalone/cjs/plugins/metrics.js +181 -1
- package/dist-standalone/cjs/plugins/validation.js +302 -1
- package/dist-standalone/cjs/policy.js +320 -1
- package/dist-standalone/cjs/progress-callbacks.js +583 -1
- package/dist-standalone/cjs/redis-nonce-store.js +76 -1
- package/dist-standalone/cjs/registry-middleware.js +50 -1
- package/dist-standalone/cjs/retry-strategies.js +544 -1
- package/dist-standalone/cjs/retry-transport.js +102 -1
- package/dist-standalone/cjs/runtime/browser.js +533 -1
- package/dist-standalone/cjs/runtime/edge.js +526 -1
- package/dist-standalone/cjs/runtime/react-native.js +394 -1
- package/dist-standalone/cjs/security-policy.js +245 -1
- package/dist-standalone/cjs/serialization.js +1040 -1
- package/dist-standalone/cjs/split-channel.js +225 -1
- package/dist-standalone/cjs/subscription-proof.js +230 -1
- package/dist-standalone/cjs/succession.js +148 -1
- package/dist-standalone/cjs/timeouts.js +412 -1
- package/dist-standalone/cjs/trace-context.js +424 -1
- package/dist-standalone/cjs/trace-spans.js +495 -1
- package/dist-standalone/cjs/transport.js +63 -1
- package/dist-standalone/cjs/trust-registry.js +991 -1
- package/dist-standalone/cjs/types/error-response.js +56 -1
- package/dist-standalone/cjs/vault-auth.js +178 -1
- package/dist-standalone/cjs/vault-store-loader.js +194 -1
- package/dist-standalone/cjs/verify.js +25 -1
- package/dist-standalone/cjs/version-info.js +543 -1
- package/dist-standalone/cjs/xfetch.js +340 -1
- package/dist-standalone/cli/init.js +455 -1
- package/dist-standalone/cli/setup.js +514 -1
- package/dist-standalone/cli/types.js +27 -1
- package/dist-standalone/cli/xbind.js +148 -1
- package/dist-standalone/config-validation.js +513 -1
- package/dist-standalone/connect.js +274 -1
- package/dist-standalone/connection-pool.js +500 -1
- package/dist-standalone/correlation-id.js +326 -1
- package/dist-standalone/crypto-utils.js +157 -1
- package/dist-standalone/debug-mode.js +510 -1
- package/dist-standalone/did-document.js +96 -1
- package/dist-standalone/did-privateme.js +121 -1
- package/dist-standalone/did-web.js +196 -1
- package/dist-standalone/discovery.js +458 -1
- package/dist-standalone/dual-mode.js +247 -1
- package/dist-standalone/email-templates.js +309 -1
- package/dist-standalone/email-transport.js +232 -1
- package/dist-standalone/envelope.js +525 -1
- package/dist-standalone/errors.js +896 -1
- package/dist-standalone/event-emitter.js +456 -1
- package/dist-standalone/gateway-state.js +51 -1
- package/dist-standalone/gateway-transport.js +116 -1
- package/dist-standalone/graceful-degradation.js +396 -1
- package/dist-standalone/guardrails.js +216 -1
- package/dist-standalone/health-check.js +332 -1
- package/dist-standalone/http-compat.js +267 -1
- package/dist-standalone/http-status-map.js +561 -1
- package/dist-standalone/identity.js +619 -1
- package/dist-standalone/index.js +78 -1
- package/dist-standalone/invitation.js +415 -1
- package/dist-standalone/invite.js +324 -1
- package/dist-standalone/key-agreement.js +325 -1
- package/dist-standalone/lazy-init.js +295 -1
- package/dist-standalone/logger.js +285 -1
- package/dist-standalone/mdns-discovery.js +195 -1
- package/dist-standalone/nonce-store.js +76 -1
- package/dist-standalone/pairing-manager.js +219 -1
- package/dist-standalone/plugin-system.js +257 -1
- package/dist-standalone/plugins/logging.d.ts +84 -0
- package/dist-standalone/plugins/logging.js +163 -0
- package/dist-standalone/plugins/metrics.d.ts +111 -0
- package/dist-standalone/plugins/metrics.js +176 -0
- package/dist-standalone/plugins/validation.d.ts +104 -0
- package/dist-standalone/plugins/validation.js +297 -0
- package/dist-standalone/policy.js +315 -1
- package/dist-standalone/progress-callbacks.js +576 -1
- package/dist-standalone/redis-nonce-store.js +72 -1
- package/dist-standalone/registry-middleware.js +47 -1
- package/dist-standalone/retry-strategies.js +534 -1
- package/dist-standalone/retry-transport.js +98 -1
- package/dist-standalone/runtime/browser.d.ts +311 -0
- package/dist-standalone/runtime/browser.js +516 -0
- package/dist-standalone/runtime/edge.d.ts +282 -0
- package/dist-standalone/runtime/edge.js +511 -0
- package/dist-standalone/runtime/react-native.d.ts +157 -0
- package/dist-standalone/runtime/react-native.js +383 -0
- package/dist-standalone/security-policy.js +239 -1
- package/dist-standalone/serialization.js +1031 -1
- package/dist-standalone/split-channel.js +219 -1
- package/dist-standalone/subscription-proof.js +224 -1
- package/dist-standalone/succession.js +142 -1
- package/dist-standalone/timeouts.js +398 -1
- package/dist-standalone/trace-context.js +414 -1
- package/dist-standalone/trace-spans.js +488 -1
- package/dist-standalone/transport.js +59 -1
- package/dist-standalone/trust-registry.js +950 -1
- package/dist-standalone/types/error-response.d.ts +209 -0
- package/dist-standalone/types/error-response.js +52 -0
- package/dist-standalone/vault-auth.js +174 -1
- package/dist-standalone/vault-store-loader.js +187 -1
- package/dist-standalone/verify.js +16 -1
- package/dist-standalone/version-info.js +530 -1
- package/dist-standalone/xfetch.js +335 -1
- package/package.json +4 -10
- package/share1.dat +0 -0
- package/dist-standalone/_deps/mldsa-wasm/LICENSE +0 -24
- package/dist-standalone/_deps/mldsa-wasm/package.json +0 -46
- package/dist-standalone/_deps/shared/cjs/package.json +0 -1
- package/dist-standalone/_deps/ux-helpers/cjs/package.json +0 -1
- package/dist-standalone/_deps/xchange/cjs/package.json +0 -1
- package/dist-standalone/_deps/xregistry/cjs/package.json +0 -1
- package/dist-standalone/cjs/package.json +0 -3
- package/dist-standalone/package.json +0 -10
|
@@ -1 +1,561 @@
|
|
|
1
|
-
|
|
1
|
+
/**
|
|
2
|
+
* @module http-status-map
|
|
3
|
+
* Maps xBind error codes to HTTP status codes for REST API responses.
|
|
4
|
+
*
|
|
5
|
+
* This mapping provides:
|
|
6
|
+
* - Consistent HTTP status codes for all 52 xBind error codes
|
|
7
|
+
* - Retryability information for client retry logic
|
|
8
|
+
* - Error categorization (client vs server errors)
|
|
9
|
+
* - Human-readable status text
|
|
10
|
+
*
|
|
11
|
+
* Based on RFC 9110 HTTP Semantics and REST API best practices.
|
|
12
|
+
*
|
|
13
|
+
* @example
|
|
14
|
+
* ```typescript
|
|
15
|
+
* import { getHttpStatus, isRetryable } from '@private.me/xbind/http-status-map';
|
|
16
|
+
*
|
|
17
|
+
* const status = getHttpStatus('VERIFY_FAILED'); // 401
|
|
18
|
+
* const canRetry = isRetryable('NETWORK_ERROR'); // true
|
|
19
|
+
* ```
|
|
20
|
+
*/
|
|
21
|
+
/**
|
|
22
|
+
* Complete mapping of xBind error codes to HTTP status codes.
|
|
23
|
+
* All 52 error codes are mapped for 100% coverage.
|
|
24
|
+
*/
|
|
25
|
+
export const HTTP_STATUS_MAP = {
|
|
26
|
+
// ============================================================================
|
|
27
|
+
// IDENTITY (8 error codes)
|
|
28
|
+
// ============================================================================
|
|
29
|
+
KEYGEN_FAILED: {
|
|
30
|
+
statusCode: 500,
|
|
31
|
+
statusText: 'Internal Server Error',
|
|
32
|
+
retryable: true,
|
|
33
|
+
errorType: 'Server',
|
|
34
|
+
category: 'Identity',
|
|
35
|
+
rationale: 'Server crypto initialization failure - client should retry',
|
|
36
|
+
},
|
|
37
|
+
SIGN_FAILED: {
|
|
38
|
+
statusCode: 500,
|
|
39
|
+
statusText: 'Internal Server Error',
|
|
40
|
+
retryable: false,
|
|
41
|
+
errorType: 'Server',
|
|
42
|
+
category: 'Identity',
|
|
43
|
+
rationale: 'Server key corruption - requires admin intervention',
|
|
44
|
+
},
|
|
45
|
+
VERIFY_FAILED: {
|
|
46
|
+
statusCode: 401,
|
|
47
|
+
statusText: 'Unauthorized',
|
|
48
|
+
retryable: false,
|
|
49
|
+
errorType: 'Client',
|
|
50
|
+
category: 'Identity',
|
|
51
|
+
rationale: 'Invalid signature - authentication failure',
|
|
52
|
+
},
|
|
53
|
+
INVALID_DID: {
|
|
54
|
+
statusCode: 400,
|
|
55
|
+
statusText: 'Bad Request',
|
|
56
|
+
retryable: false,
|
|
57
|
+
errorType: 'Client',
|
|
58
|
+
category: 'Identity',
|
|
59
|
+
rationale: 'Malformed DID format - client validation error',
|
|
60
|
+
},
|
|
61
|
+
INVALID_KEY_LENGTH: {
|
|
62
|
+
statusCode: 400,
|
|
63
|
+
statusText: 'Bad Request',
|
|
64
|
+
retryable: false,
|
|
65
|
+
errorType: 'Client',
|
|
66
|
+
category: 'Identity',
|
|
67
|
+
rationale: 'Invalid key material size - client validation error',
|
|
68
|
+
},
|
|
69
|
+
EXPORT_FAILED: {
|
|
70
|
+
statusCode: 500,
|
|
71
|
+
statusText: 'Internal Server Error',
|
|
72
|
+
retryable: true,
|
|
73
|
+
errorType: 'Server',
|
|
74
|
+
category: 'Identity',
|
|
75
|
+
rationale: 'Crypto API failure - transient server issue',
|
|
76
|
+
},
|
|
77
|
+
IMPORT_FAILED: {
|
|
78
|
+
statusCode: 400,
|
|
79
|
+
statusText: 'Bad Request',
|
|
80
|
+
retryable: false,
|
|
81
|
+
errorType: 'Client',
|
|
82
|
+
category: 'Identity',
|
|
83
|
+
rationale: 'Invalid PKCS8 format - client validation error',
|
|
84
|
+
},
|
|
85
|
+
// ============================================================================
|
|
86
|
+
// ENVELOPE (7 error codes)
|
|
87
|
+
// ============================================================================
|
|
88
|
+
INVALID_VERSION: {
|
|
89
|
+
statusCode: 400,
|
|
90
|
+
statusText: 'Bad Request',
|
|
91
|
+
retryable: false,
|
|
92
|
+
errorType: 'Client',
|
|
93
|
+
category: 'Envelope',
|
|
94
|
+
rationale: 'Unsupported protocol version - client must upgrade',
|
|
95
|
+
},
|
|
96
|
+
INVALID_ALG: {
|
|
97
|
+
statusCode: 400,
|
|
98
|
+
statusText: 'Bad Request',
|
|
99
|
+
retryable: false,
|
|
100
|
+
errorType: 'Client',
|
|
101
|
+
category: 'Envelope',
|
|
102
|
+
rationale: 'Unsupported algorithm - client must use AES-256-GCM',
|
|
103
|
+
},
|
|
104
|
+
INVALID_NONCE: {
|
|
105
|
+
statusCode: 400,
|
|
106
|
+
statusText: 'Bad Request',
|
|
107
|
+
retryable: false,
|
|
108
|
+
errorType: 'Client',
|
|
109
|
+
category: 'Envelope',
|
|
110
|
+
rationale: 'Missing or invalid nonce - client validation error',
|
|
111
|
+
},
|
|
112
|
+
INVALID_FIELDS: {
|
|
113
|
+
statusCode: 400,
|
|
114
|
+
statusText: 'Bad Request',
|
|
115
|
+
retryable: false,
|
|
116
|
+
errorType: 'Client',
|
|
117
|
+
category: 'Envelope',
|
|
118
|
+
rationale: 'Missing required envelope fields - client validation error',
|
|
119
|
+
},
|
|
120
|
+
ENCRYPT_FAILED: {
|
|
121
|
+
statusCode: 500,
|
|
122
|
+
statusText: 'Internal Server Error',
|
|
123
|
+
retryable: true,
|
|
124
|
+
errorType: 'Server',
|
|
125
|
+
category: 'Envelope',
|
|
126
|
+
rationale: 'Server encryption failure - transient issue',
|
|
127
|
+
},
|
|
128
|
+
DECRYPT_FAILED: {
|
|
129
|
+
statusCode: 401,
|
|
130
|
+
statusText: 'Unauthorized',
|
|
131
|
+
retryable: false,
|
|
132
|
+
errorType: 'Client',
|
|
133
|
+
category: 'Envelope',
|
|
134
|
+
rationale: 'Decryption failed - wrong key or corrupted data',
|
|
135
|
+
},
|
|
136
|
+
PARSE_FAILED: {
|
|
137
|
+
statusCode: 400,
|
|
138
|
+
statusText: 'Bad Request',
|
|
139
|
+
retryable: false,
|
|
140
|
+
errorType: 'Client',
|
|
141
|
+
category: 'Envelope',
|
|
142
|
+
rationale: 'Malformed JSON envelope - client validation error',
|
|
143
|
+
},
|
|
144
|
+
// ============================================================================
|
|
145
|
+
// TRANSPORT (4 error codes)
|
|
146
|
+
// ============================================================================
|
|
147
|
+
SEND_FAILED: {
|
|
148
|
+
statusCode: 503,
|
|
149
|
+
statusText: 'Service Unavailable',
|
|
150
|
+
retryable: true,
|
|
151
|
+
errorType: 'Server',
|
|
152
|
+
category: 'Transport',
|
|
153
|
+
rationale: 'Network send failure - retry with backoff',
|
|
154
|
+
},
|
|
155
|
+
NETWORK_ERROR: {
|
|
156
|
+
statusCode: 503,
|
|
157
|
+
statusText: 'Service Unavailable',
|
|
158
|
+
retryable: true,
|
|
159
|
+
errorType: 'Server',
|
|
160
|
+
category: 'Transport',
|
|
161
|
+
rationale: 'Network connectivity issue - retry with backoff',
|
|
162
|
+
},
|
|
163
|
+
RECIPIENT_UNREACHABLE: {
|
|
164
|
+
statusCode: 503,
|
|
165
|
+
statusText: 'Service Unavailable',
|
|
166
|
+
retryable: true,
|
|
167
|
+
errorType: 'Server',
|
|
168
|
+
category: 'Transport',
|
|
169
|
+
rationale: 'Recipient offline or unreachable - retry later',
|
|
170
|
+
},
|
|
171
|
+
TIMEOUT: {
|
|
172
|
+
statusCode: 504,
|
|
173
|
+
statusText: 'Gateway Timeout',
|
|
174
|
+
retryable: true,
|
|
175
|
+
errorType: 'Server',
|
|
176
|
+
category: 'Transport',
|
|
177
|
+
rationale: 'Request timed out - increase timeout and retry',
|
|
178
|
+
},
|
|
179
|
+
// ============================================================================
|
|
180
|
+
// REGISTRY (3 error codes)
|
|
181
|
+
// ============================================================================
|
|
182
|
+
NOT_FOUND: {
|
|
183
|
+
statusCode: 404,
|
|
184
|
+
statusText: 'Not Found',
|
|
185
|
+
retryable: false,
|
|
186
|
+
errorType: 'Client',
|
|
187
|
+
category: 'Registry',
|
|
188
|
+
rationale: 'Agent not in registry - recipient must register first',
|
|
189
|
+
},
|
|
190
|
+
ALREADY_REGISTERED: {
|
|
191
|
+
statusCode: 409,
|
|
192
|
+
statusText: 'Conflict',
|
|
193
|
+
retryable: false,
|
|
194
|
+
errorType: 'Client',
|
|
195
|
+
category: 'Registry',
|
|
196
|
+
rationale: 'DID already exists - use updateAgent instead',
|
|
197
|
+
},
|
|
198
|
+
REVOKED: {
|
|
199
|
+
statusCode: 403,
|
|
200
|
+
statusText: 'Forbidden',
|
|
201
|
+
retryable: false,
|
|
202
|
+
errorType: 'Client',
|
|
203
|
+
category: 'Registry',
|
|
204
|
+
rationale: 'Agent revoked - contact admin for re-registration',
|
|
205
|
+
},
|
|
206
|
+
// ============================================================================
|
|
207
|
+
// KEY AGREEMENT (8 error codes)
|
|
208
|
+
// ============================================================================
|
|
209
|
+
DERIVE_FAILED: {
|
|
210
|
+
statusCode: 500,
|
|
211
|
+
statusText: 'Internal Server Error',
|
|
212
|
+
retryable: true,
|
|
213
|
+
errorType: 'Server',
|
|
214
|
+
category: 'Key Agreement',
|
|
215
|
+
rationale: 'ECDH derivation failure - transient crypto issue',
|
|
216
|
+
},
|
|
217
|
+
KEM_ENCAPSULATE_FAILED: {
|
|
218
|
+
statusCode: 500,
|
|
219
|
+
statusText: 'Internal Server Error',
|
|
220
|
+
retryable: true,
|
|
221
|
+
errorType: 'Server',
|
|
222
|
+
category: 'Key Agreement',
|
|
223
|
+
rationale: 'ML-KEM encapsulation failure - transient crypto issue',
|
|
224
|
+
},
|
|
225
|
+
KEM_DECAPSULATE_FAILED: {
|
|
226
|
+
statusCode: 401,
|
|
227
|
+
statusText: 'Unauthorized',
|
|
228
|
+
retryable: false,
|
|
229
|
+
errorType: 'Client',
|
|
230
|
+
category: 'Key Agreement',
|
|
231
|
+
rationale: 'ML-KEM decapsulation failed - wrong ciphertext',
|
|
232
|
+
},
|
|
233
|
+
HKDF_FAILED: {
|
|
234
|
+
statusCode: 500,
|
|
235
|
+
statusText: 'Internal Server Error',
|
|
236
|
+
retryable: true,
|
|
237
|
+
errorType: 'Server',
|
|
238
|
+
category: 'Key Agreement',
|
|
239
|
+
rationale: 'HKDF derivation failure - transient crypto issue',
|
|
240
|
+
},
|
|
241
|
+
MLKEM_NOT_AVAILABLE: {
|
|
242
|
+
statusCode: 400,
|
|
243
|
+
statusText: 'Bad Request',
|
|
244
|
+
retryable: false,
|
|
245
|
+
errorType: 'Client',
|
|
246
|
+
category: 'Key Agreement',
|
|
247
|
+
rationale: 'Post-quantum not enabled - client must configure',
|
|
248
|
+
},
|
|
249
|
+
PQ_SIGN_FAILED: {
|
|
250
|
+
statusCode: 500,
|
|
251
|
+
statusText: 'Internal Server Error',
|
|
252
|
+
retryable: true,
|
|
253
|
+
errorType: 'Server',
|
|
254
|
+
category: 'Key Agreement',
|
|
255
|
+
rationale: 'ML-DSA signing failure - transient crypto issue',
|
|
256
|
+
},
|
|
257
|
+
PQ_VERIFY_FAILED: {
|
|
258
|
+
statusCode: 401,
|
|
259
|
+
statusText: 'Unauthorized',
|
|
260
|
+
retryable: false,
|
|
261
|
+
errorType: 'Client',
|
|
262
|
+
category: 'Key Agreement',
|
|
263
|
+
rationale: 'ML-DSA verification failed - invalid signature',
|
|
264
|
+
},
|
|
265
|
+
// ============================================================================
|
|
266
|
+
// SPLIT CHANNEL (6 error codes)
|
|
267
|
+
// ============================================================================
|
|
268
|
+
SPLIT_FAILED: {
|
|
269
|
+
statusCode: 500,
|
|
270
|
+
statusText: 'Internal Server Error',
|
|
271
|
+
retryable: true,
|
|
272
|
+
errorType: 'Server',
|
|
273
|
+
category: 'Split Channel',
|
|
274
|
+
rationale: 'XorIDA split failure - transient issue',
|
|
275
|
+
},
|
|
276
|
+
INSUFFICIENT_SHARES: {
|
|
277
|
+
statusCode: 400,
|
|
278
|
+
statusText: 'Bad Request',
|
|
279
|
+
retryable: false,
|
|
280
|
+
errorType: 'Client',
|
|
281
|
+
category: 'Split Channel',
|
|
282
|
+
rationale: 'Not enough shares - client must collect more',
|
|
283
|
+
},
|
|
284
|
+
INCONSISTENT_SHARES: {
|
|
285
|
+
statusCode: 400,
|
|
286
|
+
statusText: 'Bad Request',
|
|
287
|
+
retryable: false,
|
|
288
|
+
errorType: 'Client',
|
|
289
|
+
category: 'Split Channel',
|
|
290
|
+
rationale: 'Mismatched shares - client validation error',
|
|
291
|
+
},
|
|
292
|
+
HMAC_VERIFICATION_FAILED: {
|
|
293
|
+
statusCode: 401,
|
|
294
|
+
statusText: 'Unauthorized',
|
|
295
|
+
retryable: false,
|
|
296
|
+
errorType: 'Client',
|
|
297
|
+
category: 'Split Channel',
|
|
298
|
+
rationale: 'Share tampered with - security violation',
|
|
299
|
+
},
|
|
300
|
+
UNPAD_FAILED: {
|
|
301
|
+
statusCode: 500,
|
|
302
|
+
statusText: 'Internal Server Error',
|
|
303
|
+
retryable: false,
|
|
304
|
+
errorType: 'Server',
|
|
305
|
+
category: 'Split Channel',
|
|
306
|
+
rationale: 'Padding removal error - data corruption',
|
|
307
|
+
},
|
|
308
|
+
INVALID_SHARE_DATA: {
|
|
309
|
+
statusCode: 400,
|
|
310
|
+
statusText: 'Bad Request',
|
|
311
|
+
retryable: false,
|
|
312
|
+
errorType: 'Client',
|
|
313
|
+
category: 'Split Channel',
|
|
314
|
+
rationale: 'Malformed share format - client validation error',
|
|
315
|
+
},
|
|
316
|
+
// ============================================================================
|
|
317
|
+
// XCHANGE (4 error codes)
|
|
318
|
+
// ============================================================================
|
|
319
|
+
XCHANGE_KEYGEN_FAILED: {
|
|
320
|
+
statusCode: 500,
|
|
321
|
+
statusText: 'Internal Server Error',
|
|
322
|
+
retryable: true,
|
|
323
|
+
errorType: 'Server',
|
|
324
|
+
category: 'Xchange',
|
|
325
|
+
rationale: 'Key generation failure - transient crypto issue',
|
|
326
|
+
},
|
|
327
|
+
XCHANGE_ENCRYPT_FAILED: {
|
|
328
|
+
statusCode: 500,
|
|
329
|
+
statusText: 'Internal Server Error',
|
|
330
|
+
retryable: true,
|
|
331
|
+
errorType: 'Server',
|
|
332
|
+
category: 'Xchange',
|
|
333
|
+
rationale: 'Bundle encryption failure - transient crypto issue',
|
|
334
|
+
},
|
|
335
|
+
XCHANGE_DECRYPT_FAILED: {
|
|
336
|
+
statusCode: 401,
|
|
337
|
+
statusText: 'Unauthorized',
|
|
338
|
+
retryable: false,
|
|
339
|
+
errorType: 'Client',
|
|
340
|
+
category: 'Xchange',
|
|
341
|
+
rationale: 'Bundle decryption failed - wrong key',
|
|
342
|
+
},
|
|
343
|
+
INVALID_BUNDLE: {
|
|
344
|
+
statusCode: 400,
|
|
345
|
+
statusText: 'Bad Request',
|
|
346
|
+
retryable: false,
|
|
347
|
+
errorType: 'Client',
|
|
348
|
+
category: 'Xchange',
|
|
349
|
+
rationale: 'Malformed bundle format - client validation error',
|
|
350
|
+
},
|
|
351
|
+
// ============================================================================
|
|
352
|
+
// AGENT (12 error codes)
|
|
353
|
+
// ============================================================================
|
|
354
|
+
IDENTITY_FAILED: {
|
|
355
|
+
statusCode: 500,
|
|
356
|
+
statusText: 'Internal Server Error',
|
|
357
|
+
retryable: true,
|
|
358
|
+
errorType: 'Server',
|
|
359
|
+
category: 'Agent',
|
|
360
|
+
rationale: 'Agent identity creation failed - transient issue',
|
|
361
|
+
},
|
|
362
|
+
REGISTRATION_FAILED: {
|
|
363
|
+
statusCode: 503,
|
|
364
|
+
statusText: 'Service Unavailable',
|
|
365
|
+
retryable: true,
|
|
366
|
+
errorType: 'Server',
|
|
367
|
+
category: 'Agent',
|
|
368
|
+
rationale: 'Registry unavailable - retry with backoff',
|
|
369
|
+
},
|
|
370
|
+
RECIPIENT_NOT_FOUND: {
|
|
371
|
+
statusCode: 404,
|
|
372
|
+
statusText: 'Not Found',
|
|
373
|
+
retryable: false,
|
|
374
|
+
errorType: 'Client',
|
|
375
|
+
category: 'Agent',
|
|
376
|
+
rationale: 'Recipient not in registry - recipient must register',
|
|
377
|
+
},
|
|
378
|
+
RECIPIENT_REVOKED: {
|
|
379
|
+
statusCode: 403,
|
|
380
|
+
statusText: 'Forbidden',
|
|
381
|
+
retryable: false,
|
|
382
|
+
errorType: 'Client',
|
|
383
|
+
category: 'Agent',
|
|
384
|
+
rationale: 'Recipient revoked - contact admin',
|
|
385
|
+
},
|
|
386
|
+
KEY_AGREEMENT_FAILED: {
|
|
387
|
+
statusCode: 500,
|
|
388
|
+
statusText: 'Internal Server Error',
|
|
389
|
+
retryable: true,
|
|
390
|
+
errorType: 'Server',
|
|
391
|
+
category: 'Agent',
|
|
392
|
+
rationale: 'Key agreement failure - transient crypto issue',
|
|
393
|
+
},
|
|
394
|
+
ENVELOPE_FAILED: {
|
|
395
|
+
statusCode: 500,
|
|
396
|
+
statusText: 'Internal Server Error',
|
|
397
|
+
retryable: true,
|
|
398
|
+
errorType: 'Server',
|
|
399
|
+
category: 'Agent',
|
|
400
|
+
rationale: 'Envelope creation failed - transient issue',
|
|
401
|
+
},
|
|
402
|
+
VERIFICATION_FAILED: {
|
|
403
|
+
statusCode: 401,
|
|
404
|
+
statusText: 'Unauthorized',
|
|
405
|
+
retryable: false,
|
|
406
|
+
errorType: 'Client',
|
|
407
|
+
category: 'Agent',
|
|
408
|
+
rationale: 'Envelope verification failed - authentication error',
|
|
409
|
+
},
|
|
410
|
+
REPLAY_DETECTED: {
|
|
411
|
+
statusCode: 403,
|
|
412
|
+
statusText: 'Forbidden',
|
|
413
|
+
retryable: false,
|
|
414
|
+
errorType: 'Client',
|
|
415
|
+
category: 'Agent',
|
|
416
|
+
rationale: 'Replay attack detected - security violation',
|
|
417
|
+
},
|
|
418
|
+
SCOPE_DENIED: {
|
|
419
|
+
statusCode: 403,
|
|
420
|
+
statusText: 'Forbidden',
|
|
421
|
+
retryable: false,
|
|
422
|
+
errorType: 'Client',
|
|
423
|
+
category: 'Agent',
|
|
424
|
+
rationale: 'Sender lacks scope permission - authorization failure',
|
|
425
|
+
},
|
|
426
|
+
RECEIVER_SCOPE_DENIED: {
|
|
427
|
+
statusCode: 403,
|
|
428
|
+
statusText: 'Forbidden',
|
|
429
|
+
retryable: false,
|
|
430
|
+
errorType: 'Client',
|
|
431
|
+
category: 'Agent',
|
|
432
|
+
rationale: 'Recipient rejects scope - authorization failure',
|
|
433
|
+
},
|
|
434
|
+
TIMESTAMP_EXPIRED: {
|
|
435
|
+
statusCode: 400,
|
|
436
|
+
statusText: 'Bad Request',
|
|
437
|
+
retryable: true,
|
|
438
|
+
errorType: 'Client',
|
|
439
|
+
category: 'Agent',
|
|
440
|
+
rationale: 'Timestamp outside window - clock sync issue (retryable)',
|
|
441
|
+
},
|
|
442
|
+
};
|
|
443
|
+
/**
|
|
444
|
+
* Get HTTP status code for a given xBind error code.
|
|
445
|
+
* Handles colon-separated sub-codes (e.g., 'DECRYPT_FAILED:KEY_AGREEMENT').
|
|
446
|
+
*
|
|
447
|
+
* @param errorCode - xBind error code (e.g., 'VERIFY_FAILED')
|
|
448
|
+
* @returns HTTP status code (e.g., 401) or 500 if unknown
|
|
449
|
+
*
|
|
450
|
+
* @example
|
|
451
|
+
* ```typescript
|
|
452
|
+
* getHttpStatus('VERIFY_FAILED') // 401
|
|
453
|
+
* getHttpStatus('DECRYPT_FAILED:NETWORK') // 401 (ignores sub-code)
|
|
454
|
+
* getHttpStatus('UNKNOWN_ERROR') // 500 (fallback)
|
|
455
|
+
* ```
|
|
456
|
+
*/
|
|
457
|
+
export function getHttpStatus(errorCode) {
|
|
458
|
+
const baseCode = errorCode.split(':')[0] ?? errorCode;
|
|
459
|
+
const mapping = HTTP_STATUS_MAP[baseCode];
|
|
460
|
+
return mapping?.statusCode ?? 500; // Default to 500 for unknown errors
|
|
461
|
+
}
|
|
462
|
+
/**
|
|
463
|
+
* Get HTTP status text for a given xBind error code.
|
|
464
|
+
*
|
|
465
|
+
* @param errorCode - xBind error code (e.g., 'VERIFY_FAILED')
|
|
466
|
+
* @returns HTTP status text (e.g., 'Unauthorized') or 'Internal Server Error' if unknown
|
|
467
|
+
*
|
|
468
|
+
* @example
|
|
469
|
+
* ```typescript
|
|
470
|
+
* getStatusText('VERIFY_FAILED') // 'Unauthorized'
|
|
471
|
+
* getStatusText('NOT_FOUND') // 'Not Found'
|
|
472
|
+
* ```
|
|
473
|
+
*/
|
|
474
|
+
export function getStatusText(errorCode) {
|
|
475
|
+
const baseCode = errorCode.split(':')[0] ?? errorCode;
|
|
476
|
+
const mapping = HTTP_STATUS_MAP[baseCode];
|
|
477
|
+
return mapping?.statusText ?? 'Internal Server Error';
|
|
478
|
+
}
|
|
479
|
+
/**
|
|
480
|
+
* Check if an error is retryable by the client.
|
|
481
|
+
*
|
|
482
|
+
* @param errorCode - xBind error code (e.g., 'NETWORK_ERROR')
|
|
483
|
+
* @returns True if the client should retry the operation
|
|
484
|
+
*
|
|
485
|
+
* @example
|
|
486
|
+
* ```typescript
|
|
487
|
+
* isRetryable('NETWORK_ERROR') // true (503 - retry with backoff)
|
|
488
|
+
* isRetryable('VERIFY_FAILED') // false (401 - authentication failure)
|
|
489
|
+
* isRetryable('KEYGEN_FAILED') // true (500 - transient server issue)
|
|
490
|
+
* ```
|
|
491
|
+
*/
|
|
492
|
+
export function isRetryable(errorCode) {
|
|
493
|
+
const baseCode = errorCode.split(':')[0] ?? errorCode;
|
|
494
|
+
const mapping = HTTP_STATUS_MAP[baseCode];
|
|
495
|
+
return mapping?.retryable ?? false; // Default to non-retryable for unknown errors
|
|
496
|
+
}
|
|
497
|
+
/**
|
|
498
|
+
* Get complete mapping information for an error code.
|
|
499
|
+
*
|
|
500
|
+
* @param errorCode - xBind error code (e.g., 'VERIFY_FAILED')
|
|
501
|
+
* @returns Complete mapping information or null if not found
|
|
502
|
+
*
|
|
503
|
+
* @example
|
|
504
|
+
* ```typescript
|
|
505
|
+
* const mapping = getMapping('VERIFY_FAILED');
|
|
506
|
+
* if (mapping) {
|
|
507
|
+
* console.log(`${mapping.statusCode} ${mapping.statusText}`);
|
|
508
|
+
* console.log(`Retryable: ${mapping.retryable}`);
|
|
509
|
+
* console.log(`Rationale: ${mapping.rationale}`);
|
|
510
|
+
* }
|
|
511
|
+
* ```
|
|
512
|
+
*/
|
|
513
|
+
export function getMapping(errorCode) {
|
|
514
|
+
const baseCode = errorCode.split(':')[0] ?? errorCode;
|
|
515
|
+
return HTTP_STATUS_MAP[baseCode] ?? null;
|
|
516
|
+
}
|
|
517
|
+
/**
|
|
518
|
+
* Get all error codes in a specific category.
|
|
519
|
+
*
|
|
520
|
+
* @param category - Error category (e.g., 'Identity', 'Transport')
|
|
521
|
+
* @returns Array of error codes in that category
|
|
522
|
+
*
|
|
523
|
+
* @example
|
|
524
|
+
* ```typescript
|
|
525
|
+
* const identityErrors = getErrorCodesByCategory('Identity');
|
|
526
|
+
* // ['KEYGEN_FAILED', 'SIGN_FAILED', 'VERIFY_FAILED', ...]
|
|
527
|
+
* ```
|
|
528
|
+
*/
|
|
529
|
+
export function getErrorCodesByCategory(category) {
|
|
530
|
+
return Object.entries(HTTP_STATUS_MAP)
|
|
531
|
+
.filter(([_, mapping]) => mapping.category === category)
|
|
532
|
+
.map(([code]) => code);
|
|
533
|
+
}
|
|
534
|
+
/**
|
|
535
|
+
* Get all retryable error codes.
|
|
536
|
+
*
|
|
537
|
+
* @returns Array of error codes that are retryable
|
|
538
|
+
*
|
|
539
|
+
* @example
|
|
540
|
+
* ```typescript
|
|
541
|
+
* const retryableErrors = getRetryableErrorCodes();
|
|
542
|
+
* // ['KEYGEN_FAILED', 'EXPORT_FAILED', 'ENCRYPT_FAILED', ...]
|
|
543
|
+
* ```
|
|
544
|
+
*/
|
|
545
|
+
export function getRetryableErrorCodes() {
|
|
546
|
+
return Object.entries(HTTP_STATUS_MAP)
|
|
547
|
+
.filter(([_, mapping]) => mapping.retryable)
|
|
548
|
+
.map(([code]) => code);
|
|
549
|
+
}
|
|
550
|
+
/**
|
|
551
|
+
* Validate that all error codes from the CSV are mapped.
|
|
552
|
+
* This function is used for testing purposes to ensure 100% coverage.
|
|
553
|
+
*
|
|
554
|
+
* @param csvErrorCodes - Array of error codes from the CSV file
|
|
555
|
+
* @returns Array of missing error codes (empty if all mapped)
|
|
556
|
+
*
|
|
557
|
+
* @internal
|
|
558
|
+
*/
|
|
559
|
+
export function validateCoverage(csvErrorCodes) {
|
|
560
|
+
return csvErrorCodes.filter((code) => !HTTP_STATUS_MAP[code]);
|
|
561
|
+
}
|