@qlever-llc/trellis 0.5.1 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (490) hide show
  1. package/README.md +16 -2
  2. package/esm/_dnt.polyfills.d.ts +11 -0
  3. package/esm/_dnt.polyfills.d.ts.map +1 -1
  4. package/esm/_dnt.polyfills.js +14 -0
  5. package/esm/_dnt.shims.d.ts +6 -0
  6. package/esm/_dnt.shims.d.ts.map +1 -0
  7. package/esm/_dnt.shims.js +61 -0
  8. package/esm/auth/browser/login.d.ts +27 -0
  9. package/esm/auth/browser/login.d.ts.map +1 -0
  10. package/esm/auth/browser/login.js +94 -0
  11. package/esm/auth/browser/portal.d.ts +11 -0
  12. package/esm/auth/browser/portal.d.ts.map +1 -0
  13. package/esm/auth/browser/portal.js +33 -0
  14. package/esm/auth/browser/session.d.ts +19 -0
  15. package/esm/auth/browser/session.d.ts.map +1 -0
  16. package/esm/auth/browser/session.js +65 -0
  17. package/esm/auth/browser/storage.d.ts +12 -0
  18. package/esm/auth/browser/storage.d.ts.map +1 -0
  19. package/esm/auth/browser/storage.js +61 -0
  20. package/esm/auth/browser.d.ts +13 -0
  21. package/esm/auth/browser.d.ts.map +1 -0
  22. package/esm/auth/browser.js +11 -0
  23. package/esm/auth/keys.d.ts +5 -0
  24. package/esm/auth/keys.d.ts.map +1 -0
  25. package/esm/auth/keys.js +50 -0
  26. package/esm/auth/mod.d.ts +18 -0
  27. package/esm/auth/mod.d.ts.map +1 -0
  28. package/esm/auth/mod.js +17 -0
  29. package/esm/auth/proof.d.ts +9 -0
  30. package/esm/auth/proof.d.ts.map +1 -0
  31. package/esm/auth/proof.js +43 -0
  32. package/esm/auth/protocol.d.ts +1212 -0
  33. package/esm/auth/protocol.d.ts.map +1 -0
  34. package/esm/auth/protocol.js +682 -0
  35. package/esm/auth/schemas.d.ts +93 -0
  36. package/esm/auth/schemas.d.ts.map +1 -0
  37. package/esm/auth/schemas.js +64 -0
  38. package/esm/auth/session_auth.d.ts +20 -0
  39. package/esm/auth/session_auth.d.ts.map +1 -0
  40. package/esm/auth/session_auth.js +42 -0
  41. package/esm/auth/trellis_id.d.ts +2 -0
  42. package/esm/auth/trellis_id.d.ts.map +1 -0
  43. package/esm/auth/trellis_id.js +5 -0
  44. package/esm/auth/types.d.ts +8 -0
  45. package/esm/auth/types.d.ts.map +1 -0
  46. package/esm/auth/types.js +1 -0
  47. package/esm/auth/utils.d.ts +11 -0
  48. package/esm/auth/utils.d.ts.map +1 -0
  49. package/esm/auth/utils.js +68 -0
  50. package/esm/auth/workload_activation.d.ts +192 -0
  51. package/esm/auth/workload_activation.d.ts.map +1 -0
  52. package/esm/auth/workload_activation.js +290 -0
  53. package/esm/contracts/canonical.d.ts +14 -0
  54. package/esm/contracts/canonical.d.ts.map +1 -0
  55. package/esm/contracts/canonical.js +135 -0
  56. package/esm/contracts/mod.d.ts +462 -0
  57. package/esm/contracts/mod.d.ts.map +1 -0
  58. package/esm/contracts/mod.js +532 -0
  59. package/esm/contracts/protocol.d.ts +301 -0
  60. package/esm/contracts/protocol.d.ts.map +1 -0
  61. package/esm/contracts/protocol.js +130 -0
  62. package/esm/contracts/runtime.d.ts +48 -0
  63. package/esm/contracts/runtime.d.ts.map +1 -0
  64. package/esm/contracts/runtime.js +9 -0
  65. package/esm/contracts/schema_pointers.d.ts +18 -0
  66. package/esm/contracts/schema_pointers.d.ts.map +1 -0
  67. package/esm/contracts/schema_pointers.js +59 -0
  68. package/esm/server/deno.d.ts +7 -0
  69. package/esm/server/deno.d.ts.map +1 -0
  70. package/esm/server/deno.js +16 -0
  71. package/esm/server/health.d.ts +92 -0
  72. package/esm/server/health.d.ts.map +1 -0
  73. package/esm/server/health.js +74 -0
  74. package/esm/server/health_rpc.d.ts +16 -0
  75. package/esm/server/health_rpc.d.ts.map +1 -0
  76. package/esm/server/health_rpc.js +23 -0
  77. package/esm/server/health_schemas.d.ts +20 -0
  78. package/esm/server/health_schemas.d.ts.map +1 -0
  79. package/esm/server/health_schemas.js +18 -0
  80. package/esm/server/mod.d.ts +17 -0
  81. package/esm/server/mod.d.ts.map +1 -0
  82. package/esm/server/mod.js +17 -0
  83. package/esm/server/node.d.ts +7 -0
  84. package/esm/server/node.d.ts.map +1 -0
  85. package/esm/server/node.js +16 -0
  86. package/esm/server/runtime.d.ts +16 -0
  87. package/esm/server/runtime.d.ts.map +1 -0
  88. package/esm/server/runtime.js +1 -0
  89. package/esm/server/service.d.ts +121 -0
  90. package/esm/server/service.d.ts.map +1 -0
  91. package/esm/server/service.js +256 -0
  92. package/esm/server/subscription.d.ts +99 -0
  93. package/esm/server/subscription.d.ts.map +1 -0
  94. package/esm/server/subscription.js +25 -0
  95. package/esm/telemetry/carrier.d.ts +9 -0
  96. package/esm/telemetry/carrier.d.ts.map +1 -0
  97. package/esm/telemetry/carrier.js +20 -0
  98. package/esm/telemetry/core.d.ts +8 -0
  99. package/esm/telemetry/core.d.ts.map +1 -0
  100. package/esm/telemetry/core.js +14 -0
  101. package/esm/telemetry/env.d.ts +2 -0
  102. package/esm/telemetry/env.d.ts.map +1 -0
  103. package/esm/telemetry/env.js +10 -0
  104. package/esm/telemetry/mod.d.ts +11 -0
  105. package/esm/telemetry/mod.d.ts.map +1 -0
  106. package/esm/telemetry/mod.js +7 -0
  107. package/esm/telemetry/nats.d.ts +7 -0
  108. package/esm/telemetry/nats.d.ts.map +1 -0
  109. package/esm/telemetry/nats.js +6 -0
  110. package/esm/telemetry/result.d.ts +2 -0
  111. package/esm/telemetry/result.d.ts.map +1 -0
  112. package/esm/telemetry/result.js +18 -0
  113. package/esm/telemetry/runtime.d.ts +2 -0
  114. package/esm/telemetry/runtime.d.ts.map +1 -0
  115. package/esm/telemetry/runtime.js +53 -0
  116. package/esm/telemetry/trace.d.ts +5 -0
  117. package/esm/telemetry/trace.d.ts.map +1 -0
  118. package/esm/telemetry/trace.js +26 -0
  119. package/esm/telemetry/trellis.d.ts +3 -0
  120. package/esm/telemetry/trellis.d.ts.map +1 -0
  121. package/esm/telemetry/trellis.js +7 -0
  122. package/esm/trellis/_sdk/activity/_dnt.polyfills.d.ts +12 -0
  123. package/esm/trellis/_sdk/activity/_dnt.polyfills.d.ts.map +1 -0
  124. package/esm/trellis/_sdk/activity/_dnt.polyfills.js +15 -0
  125. package/esm/trellis/_sdk/activity/api.d.ts +10 -0
  126. package/esm/trellis/_sdk/activity/api.d.ts.map +1 -0
  127. package/esm/trellis/_sdk/activity/api.js +43 -0
  128. package/esm/trellis/_sdk/activity/contract.d.ts +8 -0
  129. package/esm/trellis/_sdk/activity/contract.d.ts.map +1 -0
  130. package/esm/trellis/_sdk/activity/contract.js +59 -0
  131. package/esm/trellis/_sdk/activity/mod.d.ts +7 -0
  132. package/esm/trellis/_sdk/activity/mod.d.ts.map +1 -0
  133. package/esm/trellis/_sdk/activity/mod.js +5 -0
  134. package/esm/trellis/_sdk/activity/package.json +3 -0
  135. package/esm/trellis/_sdk/activity/schemas.d.ts +607 -0
  136. package/esm/trellis/_sdk/activity/schemas.d.ts.map +1 -0
  137. package/esm/trellis/_sdk/activity/schemas.js +33 -0
  138. package/esm/trellis/_sdk/activity/types.d.ts +96 -0
  139. package/esm/trellis/_sdk/activity/types.d.ts.map +1 -0
  140. package/esm/trellis/_sdk/activity/types.js +3 -0
  141. package/esm/trellis/_sdk/auth/_dnt.polyfills.d.ts +12 -0
  142. package/esm/trellis/_sdk/auth/_dnt.polyfills.d.ts.map +1 -0
  143. package/esm/trellis/_sdk/auth/_dnt.polyfills.js +15 -0
  144. package/esm/trellis/_sdk/auth/api.d.ts +10 -0
  145. package/esm/trellis/_sdk/auth/api.d.ts.map +1 -0
  146. package/esm/trellis/_sdk/auth/api.js +354 -0
  147. package/esm/trellis/_sdk/auth/contract.d.ts +28 -0
  148. package/esm/trellis/_sdk/auth/contract.d.ts.map +1 -0
  149. package/esm/trellis/_sdk/auth/contract.js +83 -0
  150. package/esm/trellis/_sdk/auth/mod.d.ts +7 -0
  151. package/esm/trellis/_sdk/auth/mod.d.ts.map +1 -0
  152. package/esm/trellis/_sdk/auth/mod.js +5 -0
  153. package/esm/trellis/_sdk/auth/package.json +3 -0
  154. package/esm/trellis/_sdk/auth/schemas.d.ts +8967 -0
  155. package/esm/trellis/_sdk/auth/schemas.d.ts.map +1 -0
  156. package/esm/trellis/_sdk/auth/schemas.js +306 -0
  157. package/esm/trellis/_sdk/auth/types.d.ts +1232 -0
  158. package/esm/trellis/_sdk/auth/types.d.ts.map +1 -0
  159. package/esm/trellis/_sdk/auth/types.js +3 -0
  160. package/esm/trellis/_sdk/core/_dnt.polyfills.d.ts +12 -0
  161. package/esm/trellis/_sdk/core/_dnt.polyfills.d.ts.map +1 -0
  162. package/esm/trellis/_sdk/core/_dnt.polyfills.js +15 -0
  163. package/esm/trellis/_sdk/core/api.d.ts +10 -0
  164. package/esm/trellis/_sdk/core/api.d.ts.map +1 -0
  165. package/esm/trellis/_sdk/core/api.js +36 -0
  166. package/esm/trellis/_sdk/core/contract.d.ts +8 -0
  167. package/esm/trellis/_sdk/core/contract.d.ts.map +1 -0
  168. package/esm/trellis/_sdk/core/contract.js +59 -0
  169. package/esm/trellis/_sdk/core/mod.d.ts +7 -0
  170. package/esm/trellis/_sdk/core/mod.d.ts.map +1 -0
  171. package/esm/trellis/_sdk/core/mod.js +5 -0
  172. package/esm/trellis/_sdk/core/package.json +3 -0
  173. package/esm/trellis/_sdk/core/schemas.d.ts +1144 -0
  174. package/esm/trellis/_sdk/core/schemas.d.ts.map +1 -0
  175. package/esm/trellis/_sdk/core/schemas.js +28 -0
  176. package/esm/trellis/_sdk/core/types.d.ts +176 -0
  177. package/esm/trellis/_sdk/core/types.d.ts.map +1 -0
  178. package/esm/trellis/_sdk/core/types.js +3 -0
  179. package/esm/trellis/auth/browser.d.ts +3 -0
  180. package/esm/trellis/auth/browser.d.ts.map +1 -0
  181. package/esm/trellis/auth/browser.js +2 -0
  182. package/esm/trellis/auth.d.ts +3 -0
  183. package/esm/trellis/auth.d.ts.map +1 -0
  184. package/esm/trellis/auth.js +2 -0
  185. package/esm/trellis/browser.d.ts +2 -7
  186. package/esm/trellis/browser.d.ts.map +1 -1
  187. package/esm/trellis/browser.js +2 -7
  188. package/esm/trellis/client.d.ts +6 -4
  189. package/esm/trellis/client.d.ts.map +1 -1
  190. package/esm/trellis/client.js +28 -1
  191. package/esm/trellis/codec.d.ts +4 -3
  192. package/esm/trellis/codec.d.ts.map +1 -1
  193. package/esm/trellis/codec.js +15 -2
  194. package/esm/trellis/contract.d.ts +11 -0
  195. package/esm/trellis/contract.d.ts.map +1 -0
  196. package/esm/trellis/contract.js +15 -0
  197. package/esm/trellis/contracts.d.ts +5 -0
  198. package/esm/trellis/contracts.d.ts.map +1 -0
  199. package/esm/trellis/contracts.js +3 -0
  200. package/esm/trellis/env.d.ts +1 -1
  201. package/esm/trellis/env.d.ts.map +1 -1
  202. package/esm/trellis/env.js +1 -1
  203. package/esm/trellis/errors/AuthError.d.ts +1 -1
  204. package/esm/trellis/errors/AuthError.d.ts.map +1 -1
  205. package/esm/trellis/errors/AuthError.js +11 -0
  206. package/esm/trellis/errors/RemoteError.d.ts +3 -3
  207. package/esm/trellis/errors/RemoteError.d.ts.map +1 -1
  208. package/esm/trellis/errors/RemoteError.js +3 -3
  209. package/esm/trellis/errors/TrellisError.d.ts +1 -1
  210. package/esm/trellis/errors/TrellisError.js +1 -1
  211. package/esm/trellis/errors/index.d.ts +2 -1
  212. package/esm/trellis/errors/index.d.ts.map +1 -1
  213. package/esm/trellis/errors/index.js +3 -2
  214. package/esm/trellis/globals.d.ts +9 -1
  215. package/esm/trellis/globals.d.ts.map +1 -1
  216. package/esm/trellis/globals.js +16 -8
  217. package/esm/trellis/helpers.d.ts +2 -1
  218. package/esm/trellis/helpers.d.ts.map +1 -1
  219. package/esm/trellis/helpers.js +1 -0
  220. package/esm/trellis/index.d.ts +13 -5
  221. package/esm/trellis/index.d.ts.map +1 -1
  222. package/esm/trellis/index.js +8 -3
  223. package/esm/trellis/kv.d.ts +10 -7
  224. package/esm/trellis/kv.d.ts.map +1 -1
  225. package/esm/trellis/kv.js +57 -34
  226. package/esm/trellis/models/trellis/TrellisError.d.ts +1 -1
  227. package/esm/trellis/models/trellis/TrellisError.js +1 -1
  228. package/esm/trellis/operations.d.ts +81 -0
  229. package/esm/trellis/operations.d.ts.map +1 -0
  230. package/esm/trellis/operations.js +206 -0
  231. package/esm/trellis/sdk/activity.d.ts +3 -0
  232. package/esm/trellis/sdk/activity.d.ts.map +1 -0
  233. package/esm/trellis/sdk/activity.js +2 -0
  234. package/esm/trellis/sdk/auth.d.ts +4 -0
  235. package/esm/trellis/sdk/auth.d.ts.map +1 -0
  236. package/esm/trellis/sdk/auth.js +3 -0
  237. package/esm/trellis/sdk/core.d.ts +4 -0
  238. package/esm/trellis/sdk/core.d.ts.map +1 -0
  239. package/esm/trellis/sdk/core.js +3 -0
  240. package/esm/trellis/server/deno.d.ts +3 -0
  241. package/esm/trellis/server/deno.d.ts.map +1 -0
  242. package/esm/trellis/server/deno.js +2 -0
  243. package/esm/trellis/server/health.d.ts +5 -0
  244. package/esm/trellis/server/health.d.ts.map +1 -0
  245. package/esm/trellis/server/health.js +3 -0
  246. package/esm/trellis/server/mod.d.ts +3 -0
  247. package/esm/trellis/server/mod.d.ts.map +1 -0
  248. package/esm/trellis/server/mod.js +2 -0
  249. package/esm/trellis/server/node.d.ts +3 -0
  250. package/esm/trellis/server/node.d.ts.map +1 -0
  251. package/esm/trellis/server/node.js +2 -0
  252. package/esm/trellis/server/runtime.d.ts +4 -0
  253. package/esm/trellis/server/runtime.d.ts.map +1 -0
  254. package/esm/trellis/server/runtime.js +2 -0
  255. package/esm/trellis/server.d.ts +21 -0
  256. package/esm/trellis/server.d.ts.map +1 -0
  257. package/esm/trellis/server.js +536 -0
  258. package/esm/trellis/server_logger.d.ts +3 -0
  259. package/esm/trellis/server_logger.d.ts.map +1 -0
  260. package/esm/trellis/server_logger.js +7 -0
  261. package/esm/trellis/tasks.d.ts +3 -3
  262. package/esm/trellis/tasks.d.ts.map +1 -1
  263. package/esm/trellis/tasks.js +1 -1
  264. package/esm/trellis/tracing.d.ts +2 -2
  265. package/esm/trellis/tracing.d.ts.map +1 -1
  266. package/esm/trellis/tracing.js +2 -2
  267. package/esm/trellis/trellis.d.ts +167 -78
  268. package/esm/trellis/trellis.d.ts.map +1 -1
  269. package/esm/trellis/trellis.js +281 -87
  270. package/esm/trellis/workload.d.ts +45 -0
  271. package/esm/trellis/workload.d.ts.map +1 -0
  272. package/esm/trellis/workload.js +144 -0
  273. package/package.json +63 -4
  274. package/script/auth/browser/login.d.ts +27 -0
  275. package/script/auth/browser/login.d.ts.map +1 -0
  276. package/script/auth/browser/login.js +100 -0
  277. package/script/auth/browser/portal.d.ts +11 -0
  278. package/script/auth/browser/portal.d.ts.map +1 -0
  279. package/script/auth/browser/portal.js +40 -0
  280. package/script/auth/browser/session.d.ts +19 -0
  281. package/script/auth/browser/session.d.ts.map +1 -0
  282. package/script/auth/browser/session.js +79 -0
  283. package/script/auth/browser/storage.d.ts +12 -0
  284. package/script/auth/browser/storage.d.ts.map +1 -0
  285. package/script/auth/browser/storage.js +67 -0
  286. package/script/auth/browser.d.ts +13 -0
  287. package/script/auth/browser.d.ts.map +1 -0
  288. package/script/auth/browser.js +46 -0
  289. package/script/auth/keys.d.ts +5 -0
  290. package/script/auth/keys.d.ts.map +1 -0
  291. package/script/auth/keys.js +56 -0
  292. package/script/auth/mod.d.ts +18 -0
  293. package/script/auth/mod.d.ts.map +1 -0
  294. package/script/auth/mod.js +172 -0
  295. package/script/auth/proof.d.ts +9 -0
  296. package/script/auth/proof.d.ts.map +1 -0
  297. package/script/auth/proof.js +48 -0
  298. package/script/auth/protocol.d.ts +1212 -0
  299. package/script/auth/protocol.d.ts.map +1 -0
  300. package/script/auth/protocol.js +687 -0
  301. package/script/auth/schemas.d.ts +93 -0
  302. package/script/auth/schemas.d.ts.map +1 -0
  303. package/script/auth/schemas.js +67 -0
  304. package/script/auth/session_auth.d.ts +20 -0
  305. package/script/auth/session_auth.d.ts.map +1 -0
  306. package/script/auth/session_auth.js +45 -0
  307. package/script/auth/trellis_id.d.ts +2 -0
  308. package/script/auth/trellis_id.d.ts.map +1 -0
  309. package/script/auth/trellis_id.js +8 -0
  310. package/script/auth/types.d.ts +8 -0
  311. package/script/auth/types.d.ts.map +1 -0
  312. package/script/auth/utils.d.ts +11 -0
  313. package/script/auth/utils.d.ts.map +1 -0
  314. package/script/auth/utils.js +77 -0
  315. package/script/auth/workload_activation.d.ts +192 -0
  316. package/script/auth/workload_activation.d.ts.map +1 -0
  317. package/script/auth/workload_activation.js +308 -0
  318. package/script/contracts/canonical.d.ts +14 -0
  319. package/script/contracts/canonical.d.ts.map +1 -0
  320. package/script/contracts/canonical.js +144 -0
  321. package/script/contracts/mod.d.ts +462 -0
  322. package/script/contracts/mod.d.ts.map +1 -0
  323. package/script/contracts/mod.js +555 -0
  324. package/script/contracts/protocol.d.ts +301 -0
  325. package/script/contracts/protocol.d.ts.map +1 -0
  326. package/script/contracts/protocol.js +136 -0
  327. package/script/contracts/runtime.d.ts +48 -0
  328. package/script/contracts/runtime.d.ts.map +1 -0
  329. package/script/contracts/runtime.js +13 -0
  330. package/script/contracts/schema_pointers.d.ts +18 -0
  331. package/script/contracts/schema_pointers.d.ts.map +1 -0
  332. package/script/contracts/schema_pointers.js +63 -0
  333. package/script/telemetry/carrier.d.ts +9 -0
  334. package/script/telemetry/carrier.d.ts.map +1 -0
  335. package/script/telemetry/carrier.js +25 -0
  336. package/script/telemetry/core.d.ts +8 -0
  337. package/script/telemetry/core.d.ts.map +1 -0
  338. package/script/telemetry/core.js +24 -0
  339. package/script/telemetry/env.d.ts +2 -0
  340. package/script/telemetry/env.d.ts.map +1 -0
  341. package/script/telemetry/env.js +12 -0
  342. package/script/telemetry/mod.d.ts +11 -0
  343. package/script/telemetry/mod.d.ts.map +1 -0
  344. package/script/telemetry/mod.js +29 -0
  345. package/script/telemetry/nats.d.ts +7 -0
  346. package/script/telemetry/nats.d.ts.map +1 -0
  347. package/script/telemetry/nats.js +9 -0
  348. package/script/telemetry/result.d.ts +2 -0
  349. package/script/telemetry/result.d.ts.map +1 -0
  350. package/script/telemetry/result.js +21 -0
  351. package/script/telemetry/runtime.d.ts +2 -0
  352. package/script/telemetry/runtime.d.ts.map +1 -0
  353. package/script/telemetry/runtime.js +79 -0
  354. package/script/telemetry/trace.d.ts +5 -0
  355. package/script/telemetry/trace.d.ts.map +1 -0
  356. package/script/telemetry/trace.js +31 -0
  357. package/script/telemetry/trellis.d.ts +3 -0
  358. package/script/telemetry/trellis.d.ts.map +1 -0
  359. package/script/telemetry/trellis.js +14 -0
  360. package/script/trellis/_sdk/activity/_dnt.polyfills.d.ts +12 -0
  361. package/script/trellis/_sdk/activity/_dnt.polyfills.d.ts.map +1 -0
  362. package/script/trellis/_sdk/activity/_dnt.polyfills.js +16 -0
  363. package/script/trellis/_sdk/activity/api.d.ts +10 -0
  364. package/script/trellis/_sdk/activity/api.d.ts.map +1 -0
  365. package/script/trellis/_sdk/activity/api.js +46 -0
  366. package/script/trellis/_sdk/activity/contract.d.ts +8 -0
  367. package/script/trellis/_sdk/activity/contract.d.ts.map +1 -0
  368. package/script/trellis/_sdk/activity/contract.js +62 -0
  369. package/script/trellis/_sdk/activity/mod.d.ts +7 -0
  370. package/script/trellis/_sdk/activity/mod.d.ts.map +1 -0
  371. package/script/trellis/_sdk/activity/mod.js +30 -0
  372. package/script/trellis/_sdk/activity/package.json +3 -0
  373. package/script/trellis/_sdk/activity/schemas.d.ts +607 -0
  374. package/script/trellis/_sdk/activity/schemas.d.ts.map +1 -0
  375. package/script/trellis/_sdk/activity/schemas.js +36 -0
  376. package/script/trellis/_sdk/activity/types.d.ts +96 -0
  377. package/script/trellis/_sdk/activity/types.d.ts.map +1 -0
  378. package/script/trellis/_sdk/activity/types.js +6 -0
  379. package/script/trellis/_sdk/auth/_dnt.polyfills.d.ts +12 -0
  380. package/script/trellis/_sdk/auth/_dnt.polyfills.d.ts.map +1 -0
  381. package/script/trellis/_sdk/auth/_dnt.polyfills.js +16 -0
  382. package/script/trellis/_sdk/auth/api.d.ts +10 -0
  383. package/script/trellis/_sdk/auth/api.d.ts.map +1 -0
  384. package/script/trellis/_sdk/auth/api.js +357 -0
  385. package/script/trellis/_sdk/auth/contract.d.ts +28 -0
  386. package/script/trellis/_sdk/auth/contract.d.ts.map +1 -0
  387. package/script/trellis/_sdk/auth/contract.js +86 -0
  388. package/script/trellis/_sdk/auth/mod.d.ts +7 -0
  389. package/script/trellis/_sdk/auth/mod.d.ts.map +1 -0
  390. package/script/trellis/_sdk/auth/mod.js +31 -0
  391. package/script/trellis/_sdk/auth/package.json +3 -0
  392. package/script/trellis/_sdk/auth/schemas.d.ts +8967 -0
  393. package/script/trellis/_sdk/auth/schemas.d.ts.map +1 -0
  394. package/script/trellis/_sdk/auth/schemas.js +309 -0
  395. package/script/trellis/_sdk/auth/types.d.ts +1232 -0
  396. package/script/trellis/_sdk/auth/types.d.ts.map +1 -0
  397. package/script/trellis/_sdk/auth/types.js +6 -0
  398. package/script/trellis/_sdk/core/_dnt.polyfills.d.ts +12 -0
  399. package/script/trellis/_sdk/core/_dnt.polyfills.d.ts.map +1 -0
  400. package/script/trellis/_sdk/core/_dnt.polyfills.js +16 -0
  401. package/script/trellis/_sdk/core/api.d.ts +10 -0
  402. package/script/trellis/_sdk/core/api.d.ts.map +1 -0
  403. package/script/trellis/_sdk/core/api.js +39 -0
  404. package/script/trellis/_sdk/core/contract.d.ts +8 -0
  405. package/script/trellis/_sdk/core/contract.d.ts.map +1 -0
  406. package/script/trellis/_sdk/core/contract.js +62 -0
  407. package/script/trellis/_sdk/core/mod.d.ts +7 -0
  408. package/script/trellis/_sdk/core/mod.d.ts.map +1 -0
  409. package/script/trellis/_sdk/core/mod.js +30 -0
  410. package/script/trellis/_sdk/core/package.json +3 -0
  411. package/script/trellis/_sdk/core/schemas.d.ts +1144 -0
  412. package/script/trellis/_sdk/core/schemas.d.ts.map +1 -0
  413. package/script/trellis/_sdk/core/schemas.js +31 -0
  414. package/script/trellis/_sdk/core/types.d.ts +176 -0
  415. package/script/trellis/_sdk/core/types.d.ts.map +1 -0
  416. package/script/trellis/_sdk/core/types.js +6 -0
  417. package/script/trellis/auth.d.ts +2 -0
  418. package/script/trellis/auth.d.ts.map +1 -0
  419. package/script/trellis/auth.js +17 -0
  420. package/script/trellis/client.d.ts +8 -6
  421. package/script/trellis/client.d.ts.map +1 -1
  422. package/script/trellis/client.js +54 -3
  423. package/script/trellis/codec.d.ts +5 -4
  424. package/script/trellis/codec.d.ts.map +1 -1
  425. package/script/trellis/codec.js +31 -17
  426. package/script/trellis/contract.d.ts +11 -0
  427. package/script/trellis/contract.d.ts.map +1 -0
  428. package/script/trellis/contract.js +18 -0
  429. package/script/trellis/contracts.d.ts +4 -0
  430. package/script/trellis/contracts.d.ts.map +1 -0
  431. package/script/trellis/contracts.js +20 -0
  432. package/script/trellis/errors/AuthError.d.ts +2 -2
  433. package/script/trellis/errors/AuthError.d.ts.map +1 -1
  434. package/script/trellis/errors/AuthError.js +13 -2
  435. package/script/trellis/errors/KVError.d.ts +1 -1
  436. package/script/trellis/errors/KVError.d.ts.map +1 -1
  437. package/script/trellis/errors/KVError.js +2 -2
  438. package/script/trellis/errors/RemoteError.d.ts +4 -4
  439. package/script/trellis/errors/RemoteError.d.ts.map +1 -1
  440. package/script/trellis/errors/RemoteError.js +11 -11
  441. package/script/trellis/errors/TrellisError.d.ts +1 -1
  442. package/script/trellis/errors/TrellisError.d.ts.map +1 -1
  443. package/script/trellis/errors/TrellisError.js +2 -2
  444. package/script/trellis/errors/ValidationError.d.ts +1 -1
  445. package/script/trellis/errors/ValidationError.d.ts.map +1 -1
  446. package/script/trellis/errors/ValidationError.js +2 -2
  447. package/script/trellis/errors/index.d.ts +14 -14
  448. package/script/trellis/errors/index.d.ts.map +1 -1
  449. package/script/trellis/errors/index.js +31 -31
  450. package/script/trellis/globals.d.ts +9 -1
  451. package/script/trellis/globals.d.ts.map +1 -1
  452. package/script/trellis/globals.js +16 -8
  453. package/script/trellis/helpers.d.ts +1 -1
  454. package/script/trellis/helpers.d.ts.map +1 -1
  455. package/script/trellis/index.d.ts +17 -10
  456. package/script/trellis/index.d.ts.map +1 -1
  457. package/script/trellis/index.js +57 -22
  458. package/script/trellis/kv.d.ts +11 -8
  459. package/script/trellis/kv.d.ts.map +1 -1
  460. package/script/trellis/kv.js +91 -68
  461. package/script/trellis/models/trellis/TrellisError.d.ts +1 -1
  462. package/script/trellis/models/trellis/TrellisError.d.ts.map +1 -1
  463. package/script/trellis/models/trellis/TrellisError.js +8 -8
  464. package/script/trellis/operations.d.ts +81 -0
  465. package/script/trellis/operations.d.ts.map +1 -0
  466. package/script/trellis/operations.js +212 -0
  467. package/script/trellis/sdk/core.d.ts +3 -0
  468. package/script/trellis/sdk/core.d.ts.map +1 -0
  469. package/script/trellis/sdk/core.js +20 -0
  470. package/script/trellis/tasks.d.ts +3 -3
  471. package/script/trellis/tasks.d.ts.map +1 -1
  472. package/script/trellis/tasks.js +5 -5
  473. package/script/trellis/tracing.d.ts +2 -3
  474. package/script/trellis/tracing.d.ts.map +1 -1
  475. package/script/trellis/tracing.js +17 -20
  476. package/script/trellis/trellis.d.ts +169 -80
  477. package/script/trellis/trellis.d.ts.map +1 -1
  478. package/script/trellis/trellis.js +379 -177
  479. package/script/trellis/workload.d.ts +45 -0
  480. package/script/trellis/workload.d.ts.map +1 -0
  481. package/script/trellis/workload.js +172 -0
  482. package/script/_dnt.polyfills.d.ts +0 -7
  483. package/script/_dnt.polyfills.d.ts.map +0 -1
  484. package/script/trellis/browser.d.ts +0 -11
  485. package/script/trellis/browser.d.ts.map +0 -1
  486. package/script/trellis/browser.js +0 -21
  487. package/script/trellis/env.d.ts +0 -2
  488. package/script/trellis/env.d.ts.map +0 -1
  489. package/script/trellis/env.js +0 -5
  490. /package/script/{_dnt.polyfills.js → auth/types.js} +0 -0
package/script/auth/browser.js ADDED
@@ -0,0 +1,46 @@
1
+ "use strict";
2
+ /**
3
+ * @module
4
+ * Browser-based authentication utilities for session-key based authentication.
5
+ * Uses WebCrypto API and IndexedDB for secure key storage.
6
+ */
7
+ Object.defineProperty(exports, "__esModule", { value: true });
8
+ exports.utf8 = exports.toArrayBuffer = exports.sha256 = exports.base64urlEncode = exports.base64urlDecode = exports.SentinelCredsSchema = exports.ApprovalDecisionSchema = exports.NatsAuthTokenV1Schema = exports.ContractApprovalSchema = exports.BindSuccessResponseSchema = exports.BindResponseSchema = exports.hasKeyPair = exports.deleteKeyPair = exports.signBytes = exports.natsConnectSigForBindingToken = exports.loadSessionKey = exports.hasSessionKey = exports.getPublicSessionKey = exports.getOrCreateSessionKey = exports.generateSessionKey = exports.createRpcProof = exports.clearSessionKey = exports.bindFlowSig = exports.submitPortalApproval = exports.portalRedirectLocation = exports.portalProviderLoginUrl = exports.portalFlowIdFromUrl = exports.fetchPortalFlowState = exports.isBindSuccessResponse = exports.buildLoginUrl = exports.bindSession = exports.bindFlow = void 0;
9
+ var login_ts_1 = require("./browser/login.ts");
10
+ Object.defineProperty(exports, "bindFlow", { enumerable: true, get: function () { return login_ts_1.bindFlow; } });
11
+ Object.defineProperty(exports, "bindSession", { enumerable: true, get: function () { return login_ts_1.bindSession; } });
12
+ Object.defineProperty(exports, "buildLoginUrl", { enumerable: true, get: function () { return login_ts_1.buildLoginUrl; } });
13
+ Object.defineProperty(exports, "isBindSuccessResponse", { enumerable: true, get: function () { return login_ts_1.isBindSuccessResponse; } });
14
+ var portal_ts_1 = require("./browser/portal.ts");
15
+ Object.defineProperty(exports, "fetchPortalFlowState", { enumerable: true, get: function () { return portal_ts_1.fetchPortalFlowState; } });
16
+ Object.defineProperty(exports, "portalFlowIdFromUrl", { enumerable: true, get: function () { return portal_ts_1.portalFlowIdFromUrl; } });
17
+ Object.defineProperty(exports, "portalProviderLoginUrl", { enumerable: true, get: function () { return portal_ts_1.portalProviderLoginUrl; } });
18
+ Object.defineProperty(exports, "portalRedirectLocation", { enumerable: true, get: function () { return portal_ts_1.portalRedirectLocation; } });
19
+ Object.defineProperty(exports, "submitPortalApproval", { enumerable: true, get: function () { return portal_ts_1.submitPortalApproval; } });
20
+ var session_ts_1 = require("./browser/session.ts");
21
+ Object.defineProperty(exports, "bindFlowSig", { enumerable: true, get: function () { return session_ts_1.bindFlowSig; } });
22
+ Object.defineProperty(exports, "clearSessionKey", { enumerable: true, get: function () { return session_ts_1.clearSessionKey; } });
23
+ Object.defineProperty(exports, "createRpcProof", { enumerable: true, get: function () { return session_ts_1.createRpcProof; } });
24
+ Object.defineProperty(exports, "generateSessionKey", { enumerable: true, get: function () { return session_ts_1.generateSessionKey; } });
25
+ Object.defineProperty(exports, "getOrCreateSessionKey", { enumerable: true, get: function () { return session_ts_1.getOrCreateSessionKey; } });
26
+ Object.defineProperty(exports, "getPublicSessionKey", { enumerable: true, get: function () { return session_ts_1.getPublicSessionKey; } });
27
+ Object.defineProperty(exports, "hasSessionKey", { enumerable: true, get: function () { return session_ts_1.hasSessionKey; } });
28
+ Object.defineProperty(exports, "loadSessionKey", { enumerable: true, get: function () { return session_ts_1.loadSessionKey; } });
29
+ Object.defineProperty(exports, "natsConnectSigForBindingToken", { enumerable: true, get: function () { return session_ts_1.natsConnectSigForBindingToken; } });
30
+ Object.defineProperty(exports, "signBytes", { enumerable: true, get: function () { return session_ts_1.signBytes; } });
31
+ var storage_ts_1 = require("./browser/storage.ts");
32
+ Object.defineProperty(exports, "deleteKeyPair", { enumerable: true, get: function () { return storage_ts_1.deleteKeyPair; } });
33
+ Object.defineProperty(exports, "hasKeyPair", { enumerable: true, get: function () { return storage_ts_1.hasKeyPair; } });
34
+ var schemas_ts_1 = require("./schemas.ts");
35
+ Object.defineProperty(exports, "BindResponseSchema", { enumerable: true, get: function () { return schemas_ts_1.BindResponseSchema; } });
36
+ Object.defineProperty(exports, "BindSuccessResponseSchema", { enumerable: true, get: function () { return schemas_ts_1.BindSuccessResponseSchema; } });
37
+ Object.defineProperty(exports, "ContractApprovalSchema", { enumerable: true, get: function () { return schemas_ts_1.ContractApprovalSchema; } });
38
+ Object.defineProperty(exports, "NatsAuthTokenV1Schema", { enumerable: true, get: function () { return schemas_ts_1.NatsAuthTokenV1Schema; } });
39
+ Object.defineProperty(exports, "ApprovalDecisionSchema", { enumerable: true, get: function () { return schemas_ts_1.ApprovalDecisionSchema; } });
40
+ Object.defineProperty(exports, "SentinelCredsSchema", { enumerable: true, get: function () { return schemas_ts_1.SentinelCredsSchema; } });
41
+ var utils_ts_1 = require("./utils.ts");
42
+ Object.defineProperty(exports, "base64urlDecode", { enumerable: true, get: function () { return utils_ts_1.base64urlDecode; } });
43
+ Object.defineProperty(exports, "base64urlEncode", { enumerable: true, get: function () { return utils_ts_1.base64urlEncode; } });
44
+ Object.defineProperty(exports, "sha256", { enumerable: true, get: function () { return utils_ts_1.sha256; } });
45
+ Object.defineProperty(exports, "toArrayBuffer", { enumerable: true, get: function () { return utils_ts_1.toArrayBuffer; } });
46
+ Object.defineProperty(exports, "utf8", { enumerable: true, get: function () { return utils_ts_1.utf8; } });
package/script/auth/keys.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ export declare function pkcs8FromEd25519Seed(seed32: Uint8Array): Uint8Array;
2
+ export declare function importEd25519PrivateKeyFromSeedBase64url(seedBase64url: string): Promise<CryptoKey>;
3
+ export declare function publicKeyBase64urlFromPrivateKey(privateKey: CryptoKey): Promise<string>;
4
+ export declare function importEd25519PublicKeyFromBase64url(publicKeyBase64url: string): Promise<CryptoKey>;
5
+ //# sourceMappingURL=keys.d.ts.map
package/script/auth/keys.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"keys.d.ts","sourceRoot":"","sources":["../../../../auth/keys.ts"],"names":[],"mappings":"AAqBA,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,UAAU,GAAG,UAAU,CAQnE;AAED,wBAAsB,wCAAwC,CAC5D,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,SAAS,CAAC,CAapB;AAED,wBAAsB,gCAAgC,CACpD,UAAU,EAAE,SAAS,GACpB,OAAO,CAAC,MAAM,CAAC,CAMjB;AAED,wBAAsB,mCAAmC,CACvD,kBAAkB,EAAE,MAAM,GACzB,OAAO,CAAC,SAAS,CAAC,CAYpB"}
package/script/auth/keys.js ADDED
@@ -0,0 +1,56 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.pkcs8FromEd25519Seed = pkcs8FromEd25519Seed;
4
+ exports.importEd25519PrivateKeyFromSeedBase64url = importEd25519PrivateKeyFromSeedBase64url;
5
+ exports.publicKeyBase64urlFromPrivateKey = publicKeyBase64urlFromPrivateKey;
6
+ exports.importEd25519PublicKeyFromBase64url = importEd25519PublicKeyFromBase64url;
7
+ const utils_ts_1 = require("./utils.ts");
8
+ const ED25519_PKCS8_PREFIX = Uint8Array.from([
9
+ 0x30,
10
+ 0x2e,
11
+ 0x02,
12
+ 0x01,
13
+ 0x00,
14
+ 0x30,
15
+ 0x05,
16
+ 0x06,
17
+ 0x03,
18
+ 0x2b,
19
+ 0x65,
20
+ 0x70,
21
+ 0x04,
22
+ 0x22,
23
+ 0x04,
24
+ 0x20,
25
+ ]);
26
+ function pkcs8FromEd25519Seed(seed32) {
27
+ if (seed32.length !== 32) {
28
+ throw new Error(`Invalid Ed25519 seed length: ${seed32.length} (expected 32)`);
29
+ }
30
+ const pkcs8 = new Uint8Array(ED25519_PKCS8_PREFIX.length + seed32.length);
31
+ pkcs8.set(ED25519_PKCS8_PREFIX, 0);
32
+ pkcs8.set(seed32, ED25519_PKCS8_PREFIX.length);
33
+ return pkcs8;
34
+ }
35
+ async function importEd25519PrivateKeyFromSeedBase64url(seedBase64url) {
36
+ const seed = (0, utils_ts_1.base64urlDecode)(seedBase64url);
37
+ if (seed.length !== 32) {
38
+ throw new Error(`Invalid Ed25519 seed length: ${seed.length} (expected 32)`);
39
+ }
40
+ const pkcs8 = pkcs8FromEd25519Seed(seed);
41
+ return await crypto.subtle.importKey("pkcs8", (0, utils_ts_1.toArrayBuffer)(pkcs8), { name: "Ed25519" }, true, ["sign"]);
42
+ }
43
+ async function publicKeyBase64urlFromPrivateKey(privateKey) {
44
+ const jwk = await crypto.subtle.exportKey("jwk", privateKey);
45
+ if (typeof jwk.x !== "string" || jwk.x.length === 0) {
46
+ throw new Error("Failed to derive Ed25519 public key (missing JWK.x)");
47
+ }
48
+ return jwk.x;
49
+ }
50
+ async function importEd25519PublicKeyFromBase64url(publicKeyBase64url) {
51
+ const raw = (0, utils_ts_1.base64urlDecode)(publicKeyBase64url);
52
+ if (raw.length !== 32) {
53
+ throw new Error(`Invalid Ed25519 public key length: ${raw.length} (expected 32)`);
54
+ }
55
+ return await crypto.subtle.importKey("raw", (0, utils_ts_1.toArrayBuffer)(raw), { name: "Ed25519" }, true, ["verify"]);
56
+ }
package/script/auth/mod.d.ts ADDED
@@ -0,0 +1,18 @@
1
+ /**
2
+ * @module
3
+ *
4
+ * Trellis server-side authentication library for session-key based authentication.
5
+ *
6
+ * - Session keys are Ed25519 keys represented as base64url (32-byte raw public key).
7
+ * - Proofs are Ed25519 signatures over SHA-256(buildProofInput(...)).
8
+ * - Services load their session key seed from `TRELLIS_SESSION_KEY_SEED`.
9
+ */
10
+ export { buildWorkloadActivationPayload, buildWorkloadActivationUrl, buildWorkloadWaitProofInput, createWorkloadNatsAuthToken, createWorkloadActivationClient, deriveWorkloadConfirmationCode, deriveWorkloadIdentity, deriveWorkloadQrMac, encodeWorkloadActivationPayload, getWorkloadConnectInfo, parseWorkloadActivationPayload, signWorkloadWaitRequest, verifyWorkloadConfirmationCode, verifyWorkloadWaitSignature, waitForWorkloadActivation, type AuthActivateWorkloadInput, type AuthActivateWorkloadOutput, type AuthListWorkloadActivationsInput, type AuthListWorkloadActivationsOutput, type AuthRevokeWorkloadActivationInput, type AuthRevokeWorkloadActivationResponse, type GetWorkloadConnectInfoInput, type GetWorkloadConnectInfoOutput, type WaitForWorkloadActivationResponse, type WorkloadActivationPayload, type WorkloadActivationTransport, type WorkloadActivationWaitRequest, type WorkloadIdentity, } from "./workload_activation.ts";
11
+ export { type AuthConfig, bindFlow, bindSession, buildLoginUrl, clearSessionKey, createRpcProof, fetchPortalFlowState, generateSessionKey, getOrCreateSessionKey, getPublicSessionKey, hasSessionKey, isBindSuccessResponse, loadSessionKey, natsConnectSigForBindingToken, portalFlowIdFromUrl, portalProviderLoginUrl, portalRedirectLocation, type SessionKeyHandle, signBytes, submitPortalApproval, } from "./browser.ts";
12
+ export { buildProofInput, createProof, type ProofParams, verifyProof, } from "./proof.ts";
13
+ export { ApprovalRecordViewSchema, AuthActivateWorkloadResponseSchema, AuthActivateWorkloadSchema, AuthClearLoginPortalSelectionResponseSchema, AuthClearLoginPortalSelectionSchema, AuthClearWorkloadPortalSelectionResponseSchema, AuthClearWorkloadPortalSelectionSchema, AuthCreatePortalResponseSchema, AuthCreatePortalSchema, AuthCreateWorkloadProfileResponseSchema, AuthCreateWorkloadProfileSchema, type PortalFlowApp, type PortalFlowApproval, type PortalFlowApprovalDeniedState, type PortalFlowApprovalRequiredState, type PortalFlowChooseProviderState, type PortalFlowExpiredState, type PortalFlowInsufficientCapabilitiesState, type PortalFlowProvider, type PortalFlowRedirectState, type PortalFlowState, type PortalFlowUser, AuthDisablePortalResponseSchema, AuthDisablePortalSchema, AuthGetLoginPortalDefaultResponseSchema, AuthGetLoginPortalDefaultSchema, AuthDisableWorkloadInstanceResponseSchema, AuthDisableWorkloadInstanceSchema, AuthDisableWorkloadProfileResponseSchema, AuthDisableWorkloadProfileSchema, AuthGetWorkloadConnectInfoResponseSchema, AuthGetWorkloadConnectInfoSchema, AuthGetWorkloadPortalDefaultResponseSchema, AuthGetWorkloadPortalDefaultSchema, AuthListLoginPortalSelectionsResponseSchema, AuthListLoginPortalSelectionsSchema, AuthListPortalsResponseSchema, AuthListPortalsSchema, AuthListWorkloadPortalSelectionsResponseSchema, AuthListWorkloadPortalSelectionsSchema, AuthListWorkloadActivationReviewsResponseSchema, AuthListWorkloadActivationReviewsSchema, AuthListWorkloadActivationsResponseSchema, AuthListWorkloadActivationsSchema, AuthGetWorkloadActivationStatusResponseSchema, AuthGetWorkloadActivationStatusSchema, AuthListWorkloadInstancesResponseSchema, AuthListWorkloadInstancesSchema, AuthListWorkloadProfilesResponseSchema, AuthListWorkloadProfilesSchema, AuthProvisionWorkloadInstanceResponseSchema, AuthProvisionWorkloadInstanceSchema, AuthDecideWorkloadActivationReviewResponseSchema, AuthDecideWorkloadActivationReviewSchema, AuthWorkloadActivationReviewRequestedEventSchema, AuthRevokeWorkloadActivationResponseSchema, AuthRevokeWorkloadActivationSchema, AuthSetLoginPortalDefaultResponseSchema, AuthSetLoginPortalDefaultSchema, AuthSetLoginPortalSelectionResponseSchema, AuthSetLoginPortalSelectionSchema, AuthSetWorkloadPortalDefaultResponseSchema, AuthSetWorkloadPortalDefaultSchema, AuthSetWorkloadPortalSelectionResponseSchema, AuthSetWorkloadPortalSelectionSchema, AuthGetInstalledContractResponseSchema, AuthGetInstalledContractSchema, AuthInstallServiceResponseSchema, AuthInstallServiceSchema, AuthListApprovalsResponseSchema, AuthListApprovalsSchema, AuthListInstalledContractsResponseSchema, AuthListInstalledContractsSchema, AuthListServicesResponseSchema, AuthListServicesSchema, AuthListUsersResponseSchema, AuthListUsersSchema, AuthMeResponseSchema, AuthMeSchema, type AuthMeResponse, AuthRevokeApprovalResponseSchema, AuthRevokeApprovalSchema, AuthUpdateUserResponseSchema, AuthUpdateUserSchema, AuthUpgradeServiceContractResponseSchema, AuthUpgradeServiceContractSchema, AuthValidateRequestResponseSchema, AuthValidateRequestSchema, type AuthenticatedService, type AuthenticatedUser, type AuthenticatedWorkload, AuthenticatedWorkloadSchema, CallerViewSchema, ContractAnalysisSchema, ContractAnalysisSummarySchema, DigestSchema, InstalledContractDetailSchema, InstalledContractSchema, LoginPortalDefaultSchema, LoginPortalSelectionSchema, OpenObjectSchema, PortalSchema, PortalFlowStateSchema, ServiceViewSchema, UserViewSchema, WaitForWorkloadActivationResponseSchema, WorkloadActivationReviewSchema, WorkloadPortalDefaultSchema, WorkloadPortalSelectionSchema, WorkloadActivationRecordSchema, type WorkloadActivationRecord, WorkloadConnectInfoSchema, WorkloadProfileSchema, WorkloadSchema, } from "./protocol.ts";
14
+ export { type ApprovalDecision, ApprovalDecisionSchema, type BindRequest, BindRequestSchema, type BindResponse, BindResponseSchema, type BindSuccessResponse, BindSuccessResponseSchema, type ContractApproval, ContractApprovalSchema, type LoginQuery, LoginQuerySchema, type NatsAuthTokenV1, NatsAuthTokenV1Schema, type SentinelCreds, SentinelCredsSchema, } from "./schemas.ts";
15
+ export { createAuth, type NatsConnectOptions, type TrellisAuth, } from "./session_auth.ts";
16
+ export { trellisIdFromOriginId } from "./trellis_id.ts";
17
+ export { base64urlDecode, base64urlEncode, canonicalizeJsonValue, sha256, toArrayBuffer, utf8, } from "./utils.ts";
18
+ //# sourceMappingURL=mod.d.ts.map
package/script/auth/mod.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../../../auth/mod.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EACL,8BAA8B,EAC9B,0BAA0B,EAC1B,2BAA2B,EAC3B,2BAA2B,EAC3B,8BAA8B,EAC9B,8BAA8B,EAC9B,sBAAsB,EACtB,mBAAmB,EACnB,+BAA+B,EAC/B,sBAAsB,EACtB,8BAA8B,EAC9B,uBAAuB,EACvB,8BAA8B,EAC9B,2BAA2B,EAC3B,yBAAyB,EACzB,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,EAC/B,KAAK,gCAAgC,EACrC,KAAK,iCAAiC,EACtC,KAAK,iCAAiC,EACtC,KAAK,oCAAoC,EACzC,KAAK,2BAA2B,EAChC,KAAK,4BAA4B,EACjC,KAAK,iCAAiC,EACtC,KAAK,yBAAyB,EAC9B,KAAK,2BAA2B,EAChC,KAAK,6BAA6B,EAClC,KAAK,gBAAgB,GACtB,MAAM,0BAA0B,CAAC;AAClC,OAAO,EACL,KAAK,UAAU,EACf,QAAQ,EACR,WAAW,EACX,aAAa,EACb,eAAe,EACf,cAAc,EACd,oBAAoB,EACpB,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,aAAa,EACb,qBAAqB,EACrB,cAAc,EACd,6BAA6B,EAC7B,mBAAmB,EACnB,sBAAsB,EACtB,sBAAsB,EACtB,KAAK,gBAAgB,EACrB,SAAS,EACT,oBAAoB,GACrB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,eAAe,EACf,WAAW,EACX,KAAK,WAAW,EAChB,WAAW,GACZ,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,wBAAwB,EACxB,kCAAkC,EAClC,0BAA0B,EAC1B,2CAA2C,EAC3C,mCAAmC,EACnC,8CAA8C,EAC9C,sCAAsC,EACtC,8BAA8B,EAC9B,sBAAsB,EACtB,uCAAuC,EACvC,+BAA+B,EAC/B,KAAK,aAAa,EAClB,KAAK,kBAAkB,EACvB,KAAK,6BAA6B,EAClC,KAAK,+BAA+B,EACpC,KAAK,6BAA6B,EAClC,KAAK,sBAAsB,EAC3B,KAAK,uCAAuC,EAC5C,KAAK,kBAAkB,EACvB,KAAK,uBAAuB,EAC5B,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,+BAA+B,EAC/B,uBAAuB,EACvB,uCAAuC,EACvC,+BAA+B,EAC/B,yCAAyC,EACzC,iCAAiC,EACjC,wCAAwC,EACxC,gCAAgC,EAChC,wCAAwC,EACxC,gCAAgC,EAChC,0CAA0C,EAC1C,kCAAkC,EAClC,2CAA2C,EAC3C,mCAAmC,EACnC,6BAA6B,EAC7B,qBAAqB,EACpB,8CAA8C,EAC9C,sCAAsC,EACtC,+CAA+C,EAC/C,uCAAuC,EACvC,yCAAyC,EACzC,iCAAiC,EACjC,6CAA6C,EAC7C,qCAAqC,EACrC,uCAAuC,EACvC,+BAA+B,EAC/B,sCAAsC,EACtC,8BAA8B,EAC9B,2CAA2C,EAC3C,mCAAmC,EACpC,gDAAgD,EAChD,wCAAwC,EACxC,gDAAgD,EAChD,0CAA0C,EACzC,kCAAkC,EACnC,uCAAuC,EACvC,+BAA+B,EAC/B,yCAAyC,EACzC,iCAAiC,EACjC,0CAA0C,EAC1C,kCAAkC,EAClC,4CAA4C,EAC5C,oCAAoC,EACpC,sCAAsC,EACtC,8BAA8B,EAC9B,gCAAgC,EAChC,wBAAwB,EACxB,+BAA+B,EAC/B,uBAAuB,EACvB,wCAAwC,EACxC,gCAAgC,EAChC,8BAA8B,EAC9B,sBAAsB,EACtB,2BAA2B,EAC3B,mBAAmB,EACnB,oBAAoB,EACpB,YAAY,EACZ,KAAK,cAAc,EACnB,gCAAgC,EAChC,wBAAwB,EACxB,4BAA4B,EAC5B,oBAAoB,EACpB,wCAAwC,EACxC,gCAAgC,EAChC,iCAAiC,EACjC,yBAAyB,EACzB,KAAK,oBAAoB,EACzB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,EAC1B,2BAA2B,EAC3B,gBAAgB,EAChB,sBAAsB,EACtB,6BAA6B,EAC7B,YAAY,EACZ,6BAA6B,EAC7B,uBAAuB,EACvB,wBAAwB,EACxB,0BAA0B,EAC1B,gBAAgB,EAChB,YAAY,EACZ,qBAAqB,EACrB,iBAAiB,EACjB,cAAc,EACb,uCAAuC,EACxC,8BAA8B,EAC9B,2BAA2B,EAC3B,6BAA6B,EAC7B,8BAA8B,EAC9B,KAAK,wBAAwB,EAC7B,yBAAyB,EACzB,qBAAqB,EACrB,cAAc,GACf,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,WAAW,EAChB,iBAAiB,EACjB,KAAK,YAAY,EACjB,kBAAkB,EAClB,KAAK,mBAAmB,EACxB,yBAAyB,EACzB,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,UAAU,EACf,gBAAgB,EAChB,KAAK,eAAe,EACpB,qBAAqB,EACrB,KAAK,aAAa,EAClB,mBAAmB,GACpB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,UAAU,EACV,KAAK,kBAAkB,EACvB,KAAK,WAAW,GACjB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EACL,eAAe,EACf,eAAe,EACf,qBAAqB,EACrB,MAAM,EACN,aAAa,EACb,IAAI,GACL,MAAM,YAAY,CAAC"}
package/script/auth/mod.js ADDED
@@ -0,0 +1,172 @@
1
+ "use strict";
2
+ /**
3
+ * @module
4
+ *
5
+ * Trellis server-side authentication library for session-key based authentication.
6
+ *
7
+ * - Session keys are Ed25519 keys represented as base64url (32-byte raw public key).
8
+ * - Proofs are Ed25519 signatures over SHA-256(buildProofInput(...)).
9
+ * - Services load their session key seed from `TRELLIS_SESSION_KEY_SEED`.
10
+ */
11
+ Object.defineProperty(exports, "__esModule", { value: true });
12
+ exports.AuthGetLoginPortalDefaultResponseSchema = exports.AuthDisablePortalSchema = exports.AuthDisablePortalResponseSchema = exports.AuthCreateWorkloadProfileSchema = exports.AuthCreateWorkloadProfileResponseSchema = exports.AuthCreatePortalSchema = exports.AuthCreatePortalResponseSchema = exports.AuthClearWorkloadPortalSelectionSchema = exports.AuthClearWorkloadPortalSelectionResponseSchema = exports.AuthClearLoginPortalSelectionSchema = exports.AuthClearLoginPortalSelectionResponseSchema = exports.AuthActivateWorkloadSchema = exports.AuthActivateWorkloadResponseSchema = exports.ApprovalRecordViewSchema = exports.verifyProof = exports.createProof = exports.buildProofInput = exports.submitPortalApproval = exports.signBytes = exports.portalRedirectLocation = exports.portalProviderLoginUrl = exports.portalFlowIdFromUrl = exports.natsConnectSigForBindingToken = exports.loadSessionKey = exports.isBindSuccessResponse = exports.hasSessionKey = exports.getPublicSessionKey = exports.getOrCreateSessionKey = exports.generateSessionKey = exports.fetchPortalFlowState = exports.createRpcProof = exports.clearSessionKey = exports.buildLoginUrl = exports.bindSession = exports.bindFlow = exports.waitForWorkloadActivation = exports.verifyWorkloadWaitSignature = exports.verifyWorkloadConfirmationCode = exports.signWorkloadWaitRequest = exports.parseWorkloadActivationPayload = exports.getWorkloadConnectInfo = exports.encodeWorkloadActivationPayload = exports.deriveWorkloadQrMac = exports.deriveWorkloadIdentity = exports.deriveWorkloadConfirmationCode = exports.createWorkloadActivationClient = exports.createWorkloadNatsAuthToken = exports.buildWorkloadWaitProofInput = exports.buildWorkloadActivationUrl = exports.buildWorkloadActivationPayload = void 0;
13
+ exports.AuthListServicesSchema = exports.AuthListServicesResponseSchema = exports.AuthListInstalledContractsSchema = exports.AuthListInstalledContractsResponseSchema = exports.AuthListApprovalsSchema = exports.AuthListApprovalsResponseSchema = exports.AuthInstallServiceSchema = exports.AuthInstallServiceResponseSchema = exports.AuthGetInstalledContractSchema = exports.AuthGetInstalledContractResponseSchema = exports.AuthSetWorkloadPortalSelectionSchema = exports.AuthSetWorkloadPortalSelectionResponseSchema = exports.AuthSetWorkloadPortalDefaultSchema = exports.AuthSetWorkloadPortalDefaultResponseSchema = exports.AuthSetLoginPortalSelectionSchema = exports.AuthSetLoginPortalSelectionResponseSchema = exports.AuthSetLoginPortalDefaultSchema = exports.AuthSetLoginPortalDefaultResponseSchema = exports.AuthRevokeWorkloadActivationSchema = exports.AuthRevokeWorkloadActivationResponseSchema = exports.AuthWorkloadActivationReviewRequestedEventSchema = exports.AuthDecideWorkloadActivationReviewSchema = exports.AuthDecideWorkloadActivationReviewResponseSchema = exports.AuthProvisionWorkloadInstanceSchema = exports.AuthProvisionWorkloadInstanceResponseSchema = exports.AuthListWorkloadProfilesSchema = exports.AuthListWorkloadProfilesResponseSchema = exports.AuthListWorkloadInstancesSchema = exports.AuthListWorkloadInstancesResponseSchema = exports.AuthGetWorkloadActivationStatusSchema = exports.AuthGetWorkloadActivationStatusResponseSchema = exports.AuthListWorkloadActivationsSchema = exports.AuthListWorkloadActivationsResponseSchema = exports.AuthListWorkloadActivationReviewsSchema = exports.AuthListWorkloadActivationReviewsResponseSchema = exports.AuthListWorkloadPortalSelectionsSchema = exports.AuthListWorkloadPortalSelectionsResponseSchema = exports.AuthListPortalsSchema = exports.AuthListPortalsResponseSchema = exports.AuthListLoginPortalSelectionsSchema = exports.AuthListLoginPortalSelectionsResponseSchema = exports.AuthGetWorkloadPortalDefaultSchema = exports.AuthGetWorkloadPortalDefaultResponseSchema = exports.AuthGetWorkloadConnectInfoSchema = exports.AuthGetWorkloadConnectInfoResponseSchema = exports.AuthDisableWorkloadProfileSchema = exports.AuthDisableWorkloadProfileResponseSchema = exports.AuthDisableWorkloadInstanceSchema = exports.AuthDisableWorkloadInstanceResponseSchema = exports.AuthGetLoginPortalDefaultSchema = void 0;
14
+ exports.utf8 = exports.toArrayBuffer = exports.sha256 = exports.canonicalizeJsonValue = exports.base64urlEncode = exports.base64urlDecode = exports.trellisIdFromOriginId = exports.createAuth = exports.SentinelCredsSchema = exports.NatsAuthTokenV1Schema = exports.LoginQuerySchema = exports.ContractApprovalSchema = exports.BindSuccessResponseSchema = exports.BindResponseSchema = exports.BindRequestSchema = exports.ApprovalDecisionSchema = exports.WorkloadSchema = exports.WorkloadProfileSchema = exports.WorkloadConnectInfoSchema = exports.WorkloadActivationRecordSchema = exports.WorkloadPortalSelectionSchema = exports.WorkloadPortalDefaultSchema = exports.WorkloadActivationReviewSchema = exports.WaitForWorkloadActivationResponseSchema = exports.UserViewSchema = exports.ServiceViewSchema = exports.PortalFlowStateSchema = exports.PortalSchema = exports.OpenObjectSchema = exports.LoginPortalSelectionSchema = exports.LoginPortalDefaultSchema = exports.InstalledContractSchema = exports.InstalledContractDetailSchema = exports.DigestSchema = exports.ContractAnalysisSummarySchema = exports.ContractAnalysisSchema = exports.CallerViewSchema = exports.AuthenticatedWorkloadSchema = exports.AuthValidateRequestSchema = exports.AuthValidateRequestResponseSchema = exports.AuthUpgradeServiceContractSchema = exports.AuthUpgradeServiceContractResponseSchema = exports.AuthUpdateUserSchema = exports.AuthUpdateUserResponseSchema = exports.AuthRevokeApprovalSchema = exports.AuthRevokeApprovalResponseSchema = exports.AuthMeSchema = exports.AuthMeResponseSchema = exports.AuthListUsersSchema = exports.AuthListUsersResponseSchema = void 0;
15
+ var workload_activation_ts_1 = require("./workload_activation.ts");
16
+ Object.defineProperty(exports, "buildWorkloadActivationPayload", { enumerable: true, get: function () { return workload_activation_ts_1.buildWorkloadActivationPayload; } });
17
+ Object.defineProperty(exports, "buildWorkloadActivationUrl", { enumerable: true, get: function () { return workload_activation_ts_1.buildWorkloadActivationUrl; } });
18
+ Object.defineProperty(exports, "buildWorkloadWaitProofInput", { enumerable: true, get: function () { return workload_activation_ts_1.buildWorkloadWaitProofInput; } });
19
+ Object.defineProperty(exports, "createWorkloadNatsAuthToken", { enumerable: true, get: function () { return workload_activation_ts_1.createWorkloadNatsAuthToken; } });
20
+ Object.defineProperty(exports, "createWorkloadActivationClient", { enumerable: true, get: function () { return workload_activation_ts_1.createWorkloadActivationClient; } });
21
+ Object.defineProperty(exports, "deriveWorkloadConfirmationCode", { enumerable: true, get: function () { return workload_activation_ts_1.deriveWorkloadConfirmationCode; } });
22
+ Object.defineProperty(exports, "deriveWorkloadIdentity", { enumerable: true, get: function () { return workload_activation_ts_1.deriveWorkloadIdentity; } });
23
+ Object.defineProperty(exports, "deriveWorkloadQrMac", { enumerable: true, get: function () { return workload_activation_ts_1.deriveWorkloadQrMac; } });
24
+ Object.defineProperty(exports, "encodeWorkloadActivationPayload", { enumerable: true, get: function () { return workload_activation_ts_1.encodeWorkloadActivationPayload; } });
25
+ Object.defineProperty(exports, "getWorkloadConnectInfo", { enumerable: true, get: function () { return workload_activation_ts_1.getWorkloadConnectInfo; } });
26
+ Object.defineProperty(exports, "parseWorkloadActivationPayload", { enumerable: true, get: function () { return workload_activation_ts_1.parseWorkloadActivationPayload; } });
27
+ Object.defineProperty(exports, "signWorkloadWaitRequest", { enumerable: true, get: function () { return workload_activation_ts_1.signWorkloadWaitRequest; } });
28
+ Object.defineProperty(exports, "verifyWorkloadConfirmationCode", { enumerable: true, get: function () { return workload_activation_ts_1.verifyWorkloadConfirmationCode; } });
29
+ Object.defineProperty(exports, "verifyWorkloadWaitSignature", { enumerable: true, get: function () { return workload_activation_ts_1.verifyWorkloadWaitSignature; } });
30
+ Object.defineProperty(exports, "waitForWorkloadActivation", { enumerable: true, get: function () { return workload_activation_ts_1.waitForWorkloadActivation; } });
31
+ var browser_ts_1 = require("./browser.ts");
32
+ Object.defineProperty(exports, "bindFlow", { enumerable: true, get: function () { return browser_ts_1.bindFlow; } });
33
+ Object.defineProperty(exports, "bindSession", { enumerable: true, get: function () { return browser_ts_1.bindSession; } });
34
+ Object.defineProperty(exports, "buildLoginUrl", { enumerable: true, get: function () { return browser_ts_1.buildLoginUrl; } });
35
+ Object.defineProperty(exports, "clearSessionKey", { enumerable: true, get: function () { return browser_ts_1.clearSessionKey; } });
36
+ Object.defineProperty(exports, "createRpcProof", { enumerable: true, get: function () { return browser_ts_1.createRpcProof; } });
37
+ Object.defineProperty(exports, "fetchPortalFlowState", { enumerable: true, get: function () { return browser_ts_1.fetchPortalFlowState; } });
38
+ Object.defineProperty(exports, "generateSessionKey", { enumerable: true, get: function () { return browser_ts_1.generateSessionKey; } });
39
+ Object.defineProperty(exports, "getOrCreateSessionKey", { enumerable: true, get: function () { return browser_ts_1.getOrCreateSessionKey; } });
40
+ Object.defineProperty(exports, "getPublicSessionKey", { enumerable: true, get: function () { return browser_ts_1.getPublicSessionKey; } });
41
+ Object.defineProperty(exports, "hasSessionKey", { enumerable: true, get: function () { return browser_ts_1.hasSessionKey; } });
42
+ Object.defineProperty(exports, "isBindSuccessResponse", { enumerable: true, get: function () { return browser_ts_1.isBindSuccessResponse; } });
43
+ Object.defineProperty(exports, "loadSessionKey", { enumerable: true, get: function () { return browser_ts_1.loadSessionKey; } });
44
+ Object.defineProperty(exports, "natsConnectSigForBindingToken", { enumerable: true, get: function () { return browser_ts_1.natsConnectSigForBindingToken; } });
45
+ Object.defineProperty(exports, "portalFlowIdFromUrl", { enumerable: true, get: function () { return browser_ts_1.portalFlowIdFromUrl; } });
46
+ Object.defineProperty(exports, "portalProviderLoginUrl", { enumerable: true, get: function () { return browser_ts_1.portalProviderLoginUrl; } });
47
+ Object.defineProperty(exports, "portalRedirectLocation", { enumerable: true, get: function () { return browser_ts_1.portalRedirectLocation; } });
48
+ Object.defineProperty(exports, "signBytes", { enumerable: true, get: function () { return browser_ts_1.signBytes; } });
49
+ Object.defineProperty(exports, "submitPortalApproval", { enumerable: true, get: function () { return browser_ts_1.submitPortalApproval; } });
50
+ var proof_ts_1 = require("./proof.ts");
51
+ Object.defineProperty(exports, "buildProofInput", { enumerable: true, get: function () { return proof_ts_1.buildProofInput; } });
52
+ Object.defineProperty(exports, "createProof", { enumerable: true, get: function () { return proof_ts_1.createProof; } });
53
+ Object.defineProperty(exports, "verifyProof", { enumerable: true, get: function () { return proof_ts_1.verifyProof; } });
54
+ var protocol_ts_1 = require("./protocol.ts");
55
+ Object.defineProperty(exports, "ApprovalRecordViewSchema", { enumerable: true, get: function () { return protocol_ts_1.ApprovalRecordViewSchema; } });
56
+ Object.defineProperty(exports, "AuthActivateWorkloadResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthActivateWorkloadResponseSchema; } });
57
+ Object.defineProperty(exports, "AuthActivateWorkloadSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthActivateWorkloadSchema; } });
58
+ Object.defineProperty(exports, "AuthClearLoginPortalSelectionResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthClearLoginPortalSelectionResponseSchema; } });
59
+ Object.defineProperty(exports, "AuthClearLoginPortalSelectionSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthClearLoginPortalSelectionSchema; } });
60
+ Object.defineProperty(exports, "AuthClearWorkloadPortalSelectionResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthClearWorkloadPortalSelectionResponseSchema; } });
61
+ Object.defineProperty(exports, "AuthClearWorkloadPortalSelectionSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthClearWorkloadPortalSelectionSchema; } });
62
+ Object.defineProperty(exports, "AuthCreatePortalResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthCreatePortalResponseSchema; } });
63
+ Object.defineProperty(exports, "AuthCreatePortalSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthCreatePortalSchema; } });
64
+ Object.defineProperty(exports, "AuthCreateWorkloadProfileResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthCreateWorkloadProfileResponseSchema; } });
65
+ Object.defineProperty(exports, "AuthCreateWorkloadProfileSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthCreateWorkloadProfileSchema; } });
66
+ Object.defineProperty(exports, "AuthDisablePortalResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthDisablePortalResponseSchema; } });
67
+ Object.defineProperty(exports, "AuthDisablePortalSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthDisablePortalSchema; } });
68
+ Object.defineProperty(exports, "AuthGetLoginPortalDefaultResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthGetLoginPortalDefaultResponseSchema; } });
69
+ Object.defineProperty(exports, "AuthGetLoginPortalDefaultSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthGetLoginPortalDefaultSchema; } });
70
+ Object.defineProperty(exports, "AuthDisableWorkloadInstanceResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthDisableWorkloadInstanceResponseSchema; } });
71
+ Object.defineProperty(exports, "AuthDisableWorkloadInstanceSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthDisableWorkloadInstanceSchema; } });
72
+ Object.defineProperty(exports, "AuthDisableWorkloadProfileResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthDisableWorkloadProfileResponseSchema; } });
73
+ Object.defineProperty(exports, "AuthDisableWorkloadProfileSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthDisableWorkloadProfileSchema; } });
74
+ Object.defineProperty(exports, "AuthGetWorkloadConnectInfoResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthGetWorkloadConnectInfoResponseSchema; } });
75
+ Object.defineProperty(exports, "AuthGetWorkloadConnectInfoSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthGetWorkloadConnectInfoSchema; } });
76
+ Object.defineProperty(exports, "AuthGetWorkloadPortalDefaultResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthGetWorkloadPortalDefaultResponseSchema; } });
77
+ Object.defineProperty(exports, "AuthGetWorkloadPortalDefaultSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthGetWorkloadPortalDefaultSchema; } });
78
+ Object.defineProperty(exports, "AuthListLoginPortalSelectionsResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListLoginPortalSelectionsResponseSchema; } });
79
+ Object.defineProperty(exports, "AuthListLoginPortalSelectionsSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListLoginPortalSelectionsSchema; } });
80
+ Object.defineProperty(exports, "AuthListPortalsResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListPortalsResponseSchema; } });
81
+ Object.defineProperty(exports, "AuthListPortalsSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListPortalsSchema; } });
82
+ Object.defineProperty(exports, "AuthListWorkloadPortalSelectionsResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListWorkloadPortalSelectionsResponseSchema; } });
83
+ Object.defineProperty(exports, "AuthListWorkloadPortalSelectionsSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListWorkloadPortalSelectionsSchema; } });
84
+ Object.defineProperty(exports, "AuthListWorkloadActivationReviewsResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListWorkloadActivationReviewsResponseSchema; } });
85
+ Object.defineProperty(exports, "AuthListWorkloadActivationReviewsSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListWorkloadActivationReviewsSchema; } });
86
+ Object.defineProperty(exports, "AuthListWorkloadActivationsResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListWorkloadActivationsResponseSchema; } });
87
+ Object.defineProperty(exports, "AuthListWorkloadActivationsSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListWorkloadActivationsSchema; } });
88
+ Object.defineProperty(exports, "AuthGetWorkloadActivationStatusResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthGetWorkloadActivationStatusResponseSchema; } });
89
+ Object.defineProperty(exports, "AuthGetWorkloadActivationStatusSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthGetWorkloadActivationStatusSchema; } });
90
+ Object.defineProperty(exports, "AuthListWorkloadInstancesResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListWorkloadInstancesResponseSchema; } });
91
+ Object.defineProperty(exports, "AuthListWorkloadInstancesSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListWorkloadInstancesSchema; } });
92
+ Object.defineProperty(exports, "AuthListWorkloadProfilesResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListWorkloadProfilesResponseSchema; } });
93
+ Object.defineProperty(exports, "AuthListWorkloadProfilesSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListWorkloadProfilesSchema; } });
94
+ Object.defineProperty(exports, "AuthProvisionWorkloadInstanceResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthProvisionWorkloadInstanceResponseSchema; } });
95
+ Object.defineProperty(exports, "AuthProvisionWorkloadInstanceSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthProvisionWorkloadInstanceSchema; } });
96
+ Object.defineProperty(exports, "AuthDecideWorkloadActivationReviewResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthDecideWorkloadActivationReviewResponseSchema; } });
97
+ Object.defineProperty(exports, "AuthDecideWorkloadActivationReviewSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthDecideWorkloadActivationReviewSchema; } });
98
+ Object.defineProperty(exports, "AuthWorkloadActivationReviewRequestedEventSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthWorkloadActivationReviewRequestedEventSchema; } });
99
+ Object.defineProperty(exports, "AuthRevokeWorkloadActivationResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthRevokeWorkloadActivationResponseSchema; } });
100
+ Object.defineProperty(exports, "AuthRevokeWorkloadActivationSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthRevokeWorkloadActivationSchema; } });
101
+ Object.defineProperty(exports, "AuthSetLoginPortalDefaultResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthSetLoginPortalDefaultResponseSchema; } });
102
+ Object.defineProperty(exports, "AuthSetLoginPortalDefaultSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthSetLoginPortalDefaultSchema; } });
103
+ Object.defineProperty(exports, "AuthSetLoginPortalSelectionResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthSetLoginPortalSelectionResponseSchema; } });
104
+ Object.defineProperty(exports, "AuthSetLoginPortalSelectionSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthSetLoginPortalSelectionSchema; } });
105
+ Object.defineProperty(exports, "AuthSetWorkloadPortalDefaultResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthSetWorkloadPortalDefaultResponseSchema; } });
106
+ Object.defineProperty(exports, "AuthSetWorkloadPortalDefaultSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthSetWorkloadPortalDefaultSchema; } });
107
+ Object.defineProperty(exports, "AuthSetWorkloadPortalSelectionResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthSetWorkloadPortalSelectionResponseSchema; } });
108
+ Object.defineProperty(exports, "AuthSetWorkloadPortalSelectionSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthSetWorkloadPortalSelectionSchema; } });
109
+ Object.defineProperty(exports, "AuthGetInstalledContractResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthGetInstalledContractResponseSchema; } });
110
+ Object.defineProperty(exports, "AuthGetInstalledContractSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthGetInstalledContractSchema; } });
111
+ Object.defineProperty(exports, "AuthInstallServiceResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthInstallServiceResponseSchema; } });
112
+ Object.defineProperty(exports, "AuthInstallServiceSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthInstallServiceSchema; } });
113
+ Object.defineProperty(exports, "AuthListApprovalsResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListApprovalsResponseSchema; } });
114
+ Object.defineProperty(exports, "AuthListApprovalsSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListApprovalsSchema; } });
115
+ Object.defineProperty(exports, "AuthListInstalledContractsResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListInstalledContractsResponseSchema; } });
116
+ Object.defineProperty(exports, "AuthListInstalledContractsSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListInstalledContractsSchema; } });
117
+ Object.defineProperty(exports, "AuthListServicesResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListServicesResponseSchema; } });
118
+ Object.defineProperty(exports, "AuthListServicesSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListServicesSchema; } });
119
+ Object.defineProperty(exports, "AuthListUsersResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListUsersResponseSchema; } });
120
+ Object.defineProperty(exports, "AuthListUsersSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthListUsersSchema; } });
121
+ Object.defineProperty(exports, "AuthMeResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthMeResponseSchema; } });
122
+ Object.defineProperty(exports, "AuthMeSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthMeSchema; } });
123
+ Object.defineProperty(exports, "AuthRevokeApprovalResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthRevokeApprovalResponseSchema; } });
124
+ Object.defineProperty(exports, "AuthRevokeApprovalSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthRevokeApprovalSchema; } });
125
+ Object.defineProperty(exports, "AuthUpdateUserResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthUpdateUserResponseSchema; } });
126
+ Object.defineProperty(exports, "AuthUpdateUserSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthUpdateUserSchema; } });
127
+ Object.defineProperty(exports, "AuthUpgradeServiceContractResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthUpgradeServiceContractResponseSchema; } });
128
+ Object.defineProperty(exports, "AuthUpgradeServiceContractSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthUpgradeServiceContractSchema; } });
129
+ Object.defineProperty(exports, "AuthValidateRequestResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthValidateRequestResponseSchema; } });
130
+ Object.defineProperty(exports, "AuthValidateRequestSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthValidateRequestSchema; } });
131
+ Object.defineProperty(exports, "AuthenticatedWorkloadSchema", { enumerable: true, get: function () { return protocol_ts_1.AuthenticatedWorkloadSchema; } });
132
+ Object.defineProperty(exports, "CallerViewSchema", { enumerable: true, get: function () { return protocol_ts_1.CallerViewSchema; } });
133
+ Object.defineProperty(exports, "ContractAnalysisSchema", { enumerable: true, get: function () { return protocol_ts_1.ContractAnalysisSchema; } });
134
+ Object.defineProperty(exports, "ContractAnalysisSummarySchema", { enumerable: true, get: function () { return protocol_ts_1.ContractAnalysisSummarySchema; } });
135
+ Object.defineProperty(exports, "DigestSchema", { enumerable: true, get: function () { return protocol_ts_1.DigestSchema; } });
136
+ Object.defineProperty(exports, "InstalledContractDetailSchema", { enumerable: true, get: function () { return protocol_ts_1.InstalledContractDetailSchema; } });
137
+ Object.defineProperty(exports, "InstalledContractSchema", { enumerable: true, get: function () { return protocol_ts_1.InstalledContractSchema; } });
138
+ Object.defineProperty(exports, "LoginPortalDefaultSchema", { enumerable: true, get: function () { return protocol_ts_1.LoginPortalDefaultSchema; } });
139
+ Object.defineProperty(exports, "LoginPortalSelectionSchema", { enumerable: true, get: function () { return protocol_ts_1.LoginPortalSelectionSchema; } });
140
+ Object.defineProperty(exports, "OpenObjectSchema", { enumerable: true, get: function () { return protocol_ts_1.OpenObjectSchema; } });
141
+ Object.defineProperty(exports, "PortalSchema", { enumerable: true, get: function () { return protocol_ts_1.PortalSchema; } });
142
+ Object.defineProperty(exports, "PortalFlowStateSchema", { enumerable: true, get: function () { return protocol_ts_1.PortalFlowStateSchema; } });
143
+ Object.defineProperty(exports, "ServiceViewSchema", { enumerable: true, get: function () { return protocol_ts_1.ServiceViewSchema; } });
144
+ Object.defineProperty(exports, "UserViewSchema", { enumerable: true, get: function () { return protocol_ts_1.UserViewSchema; } });
145
+ Object.defineProperty(exports, "WaitForWorkloadActivationResponseSchema", { enumerable: true, get: function () { return protocol_ts_1.WaitForWorkloadActivationResponseSchema; } });
146
+ Object.defineProperty(exports, "WorkloadActivationReviewSchema", { enumerable: true, get: function () { return protocol_ts_1.WorkloadActivationReviewSchema; } });
147
+ Object.defineProperty(exports, "WorkloadPortalDefaultSchema", { enumerable: true, get: function () { return protocol_ts_1.WorkloadPortalDefaultSchema; } });
148
+ Object.defineProperty(exports, "WorkloadPortalSelectionSchema", { enumerable: true, get: function () { return protocol_ts_1.WorkloadPortalSelectionSchema; } });
149
+ Object.defineProperty(exports, "WorkloadActivationRecordSchema", { enumerable: true, get: function () { return protocol_ts_1.WorkloadActivationRecordSchema; } });
150
+ Object.defineProperty(exports, "WorkloadConnectInfoSchema", { enumerable: true, get: function () { return protocol_ts_1.WorkloadConnectInfoSchema; } });
151
+ Object.defineProperty(exports, "WorkloadProfileSchema", { enumerable: true, get: function () { return protocol_ts_1.WorkloadProfileSchema; } });
152
+ Object.defineProperty(exports, "WorkloadSchema", { enumerable: true, get: function () { return protocol_ts_1.WorkloadSchema; } });
153
+ var schemas_ts_1 = require("./schemas.ts");
154
+ Object.defineProperty(exports, "ApprovalDecisionSchema", { enumerable: true, get: function () { return schemas_ts_1.ApprovalDecisionSchema; } });
155
+ Object.defineProperty(exports, "BindRequestSchema", { enumerable: true, get: function () { return schemas_ts_1.BindRequestSchema; } });
156
+ Object.defineProperty(exports, "BindResponseSchema", { enumerable: true, get: function () { return schemas_ts_1.BindResponseSchema; } });
157
+ Object.defineProperty(exports, "BindSuccessResponseSchema", { enumerable: true, get: function () { return schemas_ts_1.BindSuccessResponseSchema; } });
158
+ Object.defineProperty(exports, "ContractApprovalSchema", { enumerable: true, get: function () { return schemas_ts_1.ContractApprovalSchema; } });
159
+ Object.defineProperty(exports, "LoginQuerySchema", { enumerable: true, get: function () { return schemas_ts_1.LoginQuerySchema; } });
160
+ Object.defineProperty(exports, "NatsAuthTokenV1Schema", { enumerable: true, get: function () { return schemas_ts_1.NatsAuthTokenV1Schema; } });
161
+ Object.defineProperty(exports, "SentinelCredsSchema", { enumerable: true, get: function () { return schemas_ts_1.SentinelCredsSchema; } });
162
+ var session_auth_ts_1 = require("./session_auth.ts");
163
+ Object.defineProperty(exports, "createAuth", { enumerable: true, get: function () { return session_auth_ts_1.createAuth; } });
164
+ var trellis_id_ts_1 = require("./trellis_id.ts");
165
+ Object.defineProperty(exports, "trellisIdFromOriginId", { enumerable: true, get: function () { return trellis_id_ts_1.trellisIdFromOriginId; } });
166
+ var utils_ts_1 = require("./utils.ts");
167
+ Object.defineProperty(exports, "base64urlDecode", { enumerable: true, get: function () { return utils_ts_1.base64urlDecode; } });
168
+ Object.defineProperty(exports, "base64urlEncode", { enumerable: true, get: function () { return utils_ts_1.base64urlEncode; } });
169
+ Object.defineProperty(exports, "canonicalizeJsonValue", { enumerable: true, get: function () { return utils_ts_1.canonicalizeJsonValue; } });
170
+ Object.defineProperty(exports, "sha256", { enumerable: true, get: function () { return utils_ts_1.sha256; } });
171
+ Object.defineProperty(exports, "toArrayBuffer", { enumerable: true, get: function () { return utils_ts_1.toArrayBuffer; } });
172
+ Object.defineProperty(exports, "utf8", { enumerable: true, get: function () { return utils_ts_1.utf8; } });
package/script/auth/proof.d.ts ADDED
@@ -0,0 +1,9 @@
1
+ export type ProofParams = {
2
+ sessionKey: string;
3
+ subject: string;
4
+ payloadHash: Uint8Array;
5
+ };
6
+ export declare function buildProofInput(sessionKey: string, subject: string, payloadHash: Uint8Array): Uint8Array;
7
+ export declare function createProof(privateKey: CryptoKey, params: ProofParams): Promise<string>;
8
+ export declare function verifyProof(publicSessionKey: string, params: ProofParams, proofBase64url: string): Promise<boolean>;
9
+ //# sourceMappingURL=proof.d.ts.map
package/script/auth/proof.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"proof.d.ts","sourceRoot":"","sources":["../../../../auth/proof.ts"],"names":[],"mappings":"AAUA,MAAM,MAAM,WAAW,GAAG;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,UAAU,CAAC;CACzB,CAAC;AAEF,wBAAgB,eAAe,CAC7B,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,EACf,WAAW,EAAE,UAAU,GACtB,UAAU,CA8BZ;AAED,wBAAsB,WAAW,CAC/B,UAAU,EAAE,SAAS,EACrB,MAAM,EAAE,WAAW,GAClB,OAAO,CAAC,MAAM,CAAC,CAajB;AAED,wBAAsB,WAAW,CAC/B,gBAAgB,EAAE,MAAM,EACxB,MAAM,EAAE,WAAW,EACnB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,OAAO,CAAC,CAkBlB"}
package/script/auth/proof.js ADDED
@@ -0,0 +1,48 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.buildProofInput = buildProofInput;
4
+ exports.createProof = createProof;
5
+ exports.verifyProof = verifyProof;
6
+ const utils_ts_1 = require("./utils.ts");
7
+ const keys_ts_1 = require("./keys.ts");
8
+ const result_1 = require("@qlever-llc/result");
9
+ function buildProofInput(sessionKey, subject, payloadHash) {
10
+ const sessionKeyBytes = (0, utils_ts_1.utf8)(sessionKey);
11
+ const subjectBytes = (0, utils_ts_1.utf8)(subject);
12
+ const buf = new Uint8Array(4 +
13
+ sessionKeyBytes.length +
14
+ 4 +
15
+ subjectBytes.length +
16
+ 4 +
17
+ payloadHash.length);
18
+ const view = new DataView(buf.buffer);
19
+ let offset = 0;
20
+ view.setUint32(offset, sessionKeyBytes.length);
21
+ offset += 4;
22
+ buf.set(sessionKeyBytes, offset);
23
+ offset += sessionKeyBytes.length;
24
+ view.setUint32(offset, subjectBytes.length);
25
+ offset += 4;
26
+ buf.set(subjectBytes, offset);
27
+ offset += subjectBytes.length;
28
+ view.setUint32(offset, payloadHash.length);
29
+ offset += 4;
30
+ buf.set(payloadHash, offset);
31
+ return buf;
32
+ }
33
+ async function createProof(privateKey, params) {
34
+ const input = buildProofInput(params.sessionKey, params.subject, params.payloadHash);
35
+ const digest = await (0, utils_ts_1.sha256)(input);
36
+ const sig = await crypto.subtle.sign({ name: "Ed25519" }, privateKey, (0, utils_ts_1.toArrayBuffer)(digest));
37
+ return (0, utils_ts_1.base64urlEncode)(new Uint8Array(sig));
38
+ }
39
+ async function verifyProof(publicSessionKey, params, proofBase64url) {
40
+ const result = await result_1.AsyncResult.try(async () => {
41
+ const input = buildProofInput(params.sessionKey, params.subject, params.payloadHash);
42
+ const digest = await (0, utils_ts_1.sha256)(input);
43
+ const signature = (0, utils_ts_1.base64urlDecode)(proofBase64url);
44
+ const pub = await (0, keys_ts_1.importEd25519PublicKeyFromBase64url)(publicSessionKey);
45
+ return crypto.subtle.verify({ name: "Ed25519" }, pub, (0, utils_ts_1.toArrayBuffer)(signature), (0, utils_ts_1.toArrayBuffer)(digest));
46
+ });
47
+ return result.unwrapOr(false);
48
+ }