@qlever-llc/trellis 0.8.3 → 0.9.0-rc.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/bin/trellis-generate.js +132 -0
- package/esm/auth/browser/login.d.ts.map +1 -1
- package/esm/auth/browser/login.js +46 -3
- package/esm/auth/browser/portal.d.ts.map +1 -1
- package/esm/auth/browser/portal.js +5 -1
- package/esm/auth/browser/session.d.ts +18 -7
- package/esm/auth/browser/session.d.ts.map +1 -1
- package/esm/auth/browser/session.js +47 -11
- package/esm/auth/browser/storage.d.ts +6 -1
- package/esm/auth/browser/storage.d.ts.map +1 -1
- package/esm/auth/browser/storage.js +15 -3
- package/esm/auth/browser.d.ts +2 -2
- package/esm/auth/browser.d.ts.map +1 -1
- package/esm/auth/browser.js +1 -1
- package/esm/auth/device_activation.d.ts +36 -33
- package/esm/auth/device_activation.d.ts.map +1 -1
- package/esm/auth/device_activation.js +26 -22
- package/esm/auth/mod.d.ts +4 -4
- package/esm/auth/mod.d.ts.map +1 -1
- package/esm/auth/mod.js +2 -2
- package/esm/auth/proof.d.ts +3 -1
- package/esm/auth/proof.d.ts.map +1 -1
- package/esm/auth/proof.js +21 -15
- package/esm/auth/protocol.d.ts +2457 -941
- package/esm/auth/protocol.d.ts.map +1 -1
- package/esm/auth/protocol.js +747 -375
- package/esm/auth/schemas.d.ts +25 -4
- package/esm/auth/schemas.d.ts.map +1 -1
- package/esm/auth/schemas.js +14 -4
- package/esm/auth/session_auth.d.ts +1 -1
- package/esm/auth/session_auth.d.ts.map +1 -1
- package/esm/auth/session_auth.js +7 -1
- package/esm/client_connect.d.ts +2 -0
- package/esm/client_connect.d.ts.map +1 -1
- package/esm/client_connect.js +76 -15
- package/esm/contract.d.ts +3 -0
- package/esm/contract.d.ts.map +1 -1
- package/esm/contract_support/mod.d.ts +422 -43
- package/esm/contract_support/mod.d.ts.map +1 -1
- package/esm/contract_support/mod.js +734 -33
- package/esm/contract_support/protocol.d.ts +20 -5
- package/esm/contract_support/protocol.d.ts.map +1 -1
- package/esm/contract_support/protocol.js +18 -10
- package/esm/contract_support/runtime.d.ts +11 -0
- package/esm/contract_support/runtime.d.ts.map +1 -1
- package/esm/contract_support/schema_pointers.d.ts.map +1 -1
- package/esm/contract_support/schema_pointers.js +32 -14
- package/esm/device.d.ts +2 -0
- package/esm/device.d.ts.map +1 -1
- package/esm/device.js +3 -0
- package/esm/errors/AuthError.d.ts +1 -1
- package/esm/errors/AuthError.d.ts.map +1 -1
- package/esm/errors/AuthError.js +5 -1
- package/esm/errors/index.d.ts +4 -4
- package/esm/generated-sdk/auth/api.d.ts +27 -9
- package/esm/generated-sdk/auth/api.d.ts.map +1 -1
- package/esm/generated-sdk/auth/api.js +16 -590
- package/esm/generated-sdk/auth/client.d.ts +91 -85
- package/esm/generated-sdk/auth/client.d.ts.map +1 -1
- package/esm/generated-sdk/auth/contract.d.ts +1 -1
- package/esm/generated-sdk/auth/contract.d.ts.map +1 -1
- package/esm/generated-sdk/auth/contract.js +4 -2
- package/esm/generated-sdk/auth/mod.d.ts +1 -0
- package/esm/generated-sdk/auth/mod.d.ts.map +1 -1
- package/esm/generated-sdk/auth/owned_api.d.ts +3 -0
- package/esm/generated-sdk/auth/owned_api.d.ts.map +1 -0
- package/esm/generated-sdk/auth/owned_api.js +594 -0
- package/esm/generated-sdk/auth/schemas.d.ts +9959 -5160
- package/esm/generated-sdk/auth/schemas.d.ts.map +1 -1
- package/esm/generated-sdk/auth/schemas.js +136 -137
- package/esm/generated-sdk/auth/types.d.ts +2418 -1557
- package/esm/generated-sdk/auth/types.d.ts.map +1 -1
- package/esm/generated-sdk/auth/types.js +1 -1
- package/esm/generated-sdk/health/api.d.ts +24 -9
- package/esm/generated-sdk/health/api.d.ts.map +1 -1
- package/esm/generated-sdk/health/api.js +12 -20
- package/esm/generated-sdk/health/client.d.ts +2 -1
- package/esm/generated-sdk/health/client.d.ts.map +1 -1
- package/esm/generated-sdk/health/contract.d.ts.map +1 -1
- package/esm/generated-sdk/health/contract.js +2 -0
- package/esm/generated-sdk/health/owned_api.d.ts +3 -0
- package/esm/generated-sdk/health/owned_api.d.ts.map +1 -0
- package/esm/generated-sdk/health/owned_api.js +16 -0
- package/esm/generated-sdk/health/types.d.ts +2 -0
- package/esm/generated-sdk/health/types.d.ts.map +1 -1
- package/esm/generated-sdk/jobs/api.d.ts +33 -9
- package/esm/generated-sdk/jobs/api.d.ts.map +1 -1
- package/esm/generated-sdk/jobs/api.js +22 -87
- package/esm/generated-sdk/jobs/client.d.ts +9 -2
- package/esm/generated-sdk/jobs/client.d.ts.map +1 -1
- package/esm/generated-sdk/jobs/contract.d.ts +1 -1
- package/esm/generated-sdk/jobs/contract.d.ts.map +1 -1
- package/esm/generated-sdk/jobs/contract.js +4 -2
- package/esm/generated-sdk/jobs/owned_api.d.ts +3 -0
- package/esm/generated-sdk/jobs/owned_api.d.ts.map +1 -0
- package/esm/generated-sdk/jobs/owned_api.js +118 -0
- package/esm/generated-sdk/jobs/schemas.d.ts +336 -123
- package/esm/generated-sdk/jobs/schemas.d.ts.map +1 -1
- package/esm/generated-sdk/jobs/schemas.js +17 -15
- package/esm/generated-sdk/jobs/types.d.ts +144 -34
- package/esm/generated-sdk/jobs/types.d.ts.map +1 -1
- package/esm/generated-sdk/jobs/types.js +36 -1
- package/esm/generated-sdk/state/api.d.ts +27 -9
- package/esm/generated-sdk/state/api.d.ts.map +1 -1
- package/esm/generated-sdk/state/api.js +16 -71
- package/esm/generated-sdk/state/client.d.ts +4 -2
- package/esm/generated-sdk/state/client.d.ts.map +1 -1
- package/esm/generated-sdk/state/contract.d.ts +1 -1
- package/esm/generated-sdk/state/contract.d.ts.map +1 -1
- package/esm/generated-sdk/state/contract.js +4 -2
- package/esm/generated-sdk/state/owned_api.d.ts +3 -0
- package/esm/generated-sdk/state/owned_api.d.ts.map +1 -0
- package/esm/generated-sdk/state/owned_api.js +66 -0
- package/esm/generated-sdk/state/schemas.d.ts +264 -284
- package/esm/generated-sdk/state/schemas.d.ts.map +1 -1
- package/esm/generated-sdk/state/schemas.js +6 -6
- package/esm/generated-sdk/state/types.d.ts +24 -23
- package/esm/generated-sdk/state/types.d.ts.map +1 -1
- package/esm/generated-sdk/state/types.js +1 -1
- package/esm/generated-sdk/trellis-core/api.d.ts +27 -9
- package/esm/generated-sdk/trellis-core/api.d.ts.map +1 -1
- package/esm/generated-sdk/trellis-core/api.js +16 -39
- package/esm/generated-sdk/trellis-core/client.d.ts +5 -2
- package/esm/generated-sdk/trellis-core/client.d.ts.map +1 -1
- package/esm/generated-sdk/trellis-core/contract.d.ts +1 -1
- package/esm/generated-sdk/trellis-core/contract.d.ts.map +1 -1
- package/esm/generated-sdk/trellis-core/contract.js +4 -2
- package/esm/generated-sdk/trellis-core/owned_api.d.ts +3 -0
- package/esm/generated-sdk/trellis-core/owned_api.d.ts.map +1 -0
- package/esm/generated-sdk/trellis-core/owned_api.js +42 -0
- package/esm/generated-sdk/trellis-core/schemas.d.ts +259 -11
- package/esm/generated-sdk/trellis-core/schemas.d.ts.map +1 -1
- package/esm/generated-sdk/trellis-core/schemas.js +5 -3
- package/esm/generated-sdk/trellis-core/types.d.ts +56 -1
- package/esm/generated-sdk/trellis-core/types.d.ts.map +1 -1
- package/esm/generated-sdk/trellis-core/types.js +1 -1
- package/esm/helpers.d.ts.map +1 -1
- package/esm/index.d.ts +4 -3
- package/esm/index.d.ts.map +1 -1
- package/esm/index.js +1 -0
- package/esm/jobs.d.ts +10 -1
- package/esm/jobs.d.ts.map +1 -1
- package/esm/jobs.js +16 -1
- package/esm/kv.d.ts.map +1 -1
- package/esm/kv.js +10 -4
- package/esm/models/auth/rpc/Logout.d.ts +4 -4
- package/esm/models/auth/rpc/Logout.d.ts.map +1 -1
- package/esm/models/auth/rpc/Logout.js +2 -2
- package/esm/models/trellis/Page.d.ts +2 -0
- package/esm/models/trellis/Page.d.ts.map +1 -0
- package/esm/models/trellis/Page.js +1 -0
- package/esm/models/trellis/State.d.ts +1 -0
- package/esm/models/trellis/State.d.ts.map +1 -1
- package/esm/models/trellis/State.js +1 -0
- package/esm/models/trellis/rpc/StateList.d.ts +9 -12
- package/esm/models/trellis/rpc/StateList.d.ts.map +1 -1
- package/esm/models/trellis/rpc/StateList.js +16 -18
- package/esm/npm/src/auth/browser/login.d.ts.map +1 -1
- package/esm/npm/src/auth/browser/login.js +46 -3
- package/esm/npm/src/auth/browser/portal.d.ts.map +1 -1
- package/esm/npm/src/auth/browser/portal.js +5 -1
- package/esm/npm/src/auth/browser/session.d.ts +18 -7
- package/esm/npm/src/auth/browser/session.d.ts.map +1 -1
- package/esm/npm/src/auth/browser/session.js +47 -11
- package/esm/npm/src/auth/browser/storage.d.ts +6 -1
- package/esm/npm/src/auth/browser/storage.d.ts.map +1 -1
- package/esm/npm/src/auth/browser/storage.js +15 -3
- package/esm/npm/src/auth/browser.d.ts +2 -2
- package/esm/npm/src/auth/browser.d.ts.map +1 -1
- package/esm/npm/src/auth/browser.js +1 -1
- package/esm/npm/src/auth/device_activation.d.ts +36 -33
- package/esm/npm/src/auth/device_activation.d.ts.map +1 -1
- package/esm/npm/src/auth/device_activation.js +26 -22
- package/esm/npm/src/auth/mod.d.ts +4 -4
- package/esm/npm/src/auth/mod.d.ts.map +1 -1
- package/esm/npm/src/auth/mod.js +2 -2
- package/esm/npm/src/auth/proof.d.ts +3 -1
- package/esm/npm/src/auth/proof.d.ts.map +1 -1
- package/esm/npm/src/auth/proof.js +21 -15
- package/esm/npm/src/auth/protocol.d.ts +2457 -941
- package/esm/npm/src/auth/protocol.d.ts.map +1 -1
- package/esm/npm/src/auth/protocol.js +747 -375
- package/esm/npm/src/auth/schemas.d.ts +25 -4
- package/esm/npm/src/auth/schemas.d.ts.map +1 -1
- package/esm/npm/src/auth/schemas.js +14 -4
- package/esm/npm/src/auth/session_auth.d.ts +1 -1
- package/esm/npm/src/auth/session_auth.d.ts.map +1 -1
- package/esm/npm/src/auth/session_auth.js +7 -1
- package/esm/npm/src/client_connect.d.ts +2 -0
- package/esm/npm/src/client_connect.d.ts.map +1 -1
- package/esm/npm/src/client_connect.js +76 -15
- package/esm/npm/src/contract.d.ts +3 -0
- package/esm/npm/src/contract.d.ts.map +1 -1
- package/esm/npm/src/contract_support/mod.d.ts +422 -43
- package/esm/npm/src/contract_support/mod.d.ts.map +1 -1
- package/esm/npm/src/contract_support/mod.js +734 -33
- package/esm/npm/src/contract_support/protocol.d.ts +20 -5
- package/esm/npm/src/contract_support/protocol.d.ts.map +1 -1
- package/esm/npm/src/contract_support/protocol.js +18 -10
- package/esm/npm/src/contract_support/runtime.d.ts +11 -0
- package/esm/npm/src/contract_support/runtime.d.ts.map +1 -1
- package/esm/npm/src/contract_support/schema_pointers.d.ts.map +1 -1
- package/esm/npm/src/contract_support/schema_pointers.js +32 -14
- package/esm/npm/src/device/deno.d.ts.map +1 -1
- package/esm/npm/src/device/deno.js +6 -0
- package/esm/npm/src/device.d.ts +2 -0
- package/esm/npm/src/device.d.ts.map +1 -1
- package/esm/npm/src/device.js +3 -0
- package/esm/npm/src/errors/AuthError.d.ts +1 -1
- package/esm/npm/src/errors/AuthError.d.ts.map +1 -1
- package/esm/npm/src/errors/AuthError.js +5 -1
- package/esm/npm/src/errors/index.d.ts +4 -4
- package/esm/npm/src/helpers.d.ts.map +1 -1
- package/esm/npm/src/index.d.ts +4 -3
- package/esm/npm/src/index.d.ts.map +1 -1
- package/esm/npm/src/index.js +1 -0
- package/esm/npm/src/jobs.d.ts +10 -1
- package/esm/npm/src/jobs.d.ts.map +1 -1
- package/esm/npm/src/jobs.js +16 -1
- package/esm/npm/src/kv.d.ts.map +1 -1
- package/esm/npm/src/kv.js +10 -4
- package/esm/npm/src/models/auth/rpc/Logout.d.ts +4 -4
- package/esm/npm/src/models/auth/rpc/Logout.d.ts.map +1 -1
- package/esm/npm/src/models/auth/rpc/Logout.js +2 -2
- package/esm/npm/src/models/trellis/Page.d.ts +2 -0
- package/esm/npm/src/models/trellis/Page.d.ts.map +1 -0
- package/esm/npm/src/models/trellis/Page.js +1 -0
- package/esm/npm/src/models/trellis/State.d.ts +1 -0
- package/esm/npm/src/models/trellis/State.d.ts.map +1 -1
- package/esm/npm/src/models/trellis/State.js +1 -0
- package/esm/npm/src/models/trellis/rpc/StateList.d.ts +9 -12
- package/esm/npm/src/models/trellis/rpc/StateList.d.ts.map +1 -1
- package/esm/npm/src/models/trellis/rpc/StateList.js +16 -18
- package/esm/npm/src/operations.d.ts +16 -7
- package/esm/npm/src/operations.d.ts.map +1 -1
- package/esm/npm/src/operations.js +84 -19
- package/esm/npm/src/runtime_transport.d.ts +2 -0
- package/esm/npm/src/runtime_transport.d.ts.map +1 -1
- package/esm/npm/src/runtime_transport.js +1 -0
- package/esm/npm/src/server/internal_jobs/active-job.d.ts +2 -1
- package/esm/npm/src/server/internal_jobs/active-job.d.ts.map +1 -1
- package/esm/npm/src/server/internal_jobs/active-job.js +3 -0
- package/esm/npm/src/server/internal_jobs/job-manager.d.ts +4 -1
- package/esm/npm/src/server/internal_jobs/job-manager.d.ts.map +1 -1
- package/esm/npm/src/server/internal_jobs/job-manager.js +61 -1
- package/esm/npm/src/server/internal_jobs/projection.js +1 -0
- package/esm/npm/src/server/internal_jobs/runtime-worker.d.ts +13 -1
- package/esm/npm/src/server/internal_jobs/runtime-worker.d.ts.map +1 -1
- package/esm/npm/src/server/internal_jobs/runtime-worker.js +73 -13
- package/esm/npm/src/server/internal_jobs/types.d.ts +19 -0
- package/esm/npm/src/server/internal_jobs/types.d.ts.map +1 -1
- package/esm/npm/src/server/internal_jobs/types.js +10 -0
- package/esm/npm/src/server/runtime.d.ts +1 -0
- package/esm/npm/src/server/runtime.d.ts.map +1 -1
- package/esm/npm/src/server/service.d.ts +10 -1
- package/esm/npm/src/server/service.d.ts.map +1 -1
- package/esm/npm/src/server/service.js +190 -64
- package/esm/npm/src/server/transfer.d.ts.map +1 -1
- package/esm/npm/src/server/transfer.js +4 -0
- package/esm/npm/src/server.d.ts.map +1 -1
- package/esm/npm/src/server.js +337 -34
- package/esm/npm/src/store.d.ts +8 -1
- package/esm/npm/src/store.d.ts.map +1 -1
- package/esm/npm/src/store.js +46 -8
- package/esm/npm/src/transfer.d.ts +3 -0
- package/esm/npm/src/transfer.d.ts.map +1 -1
- package/esm/npm/src/transfer.js +20 -30
- package/esm/npm/src/trellis.d.ts +85 -22
- package/esm/npm/src/trellis.d.ts.map +1 -1
- package/esm/npm/src/trellis.js +525 -61
- package/esm/operations.d.ts +16 -7
- package/esm/operations.d.ts.map +1 -1
- package/esm/operations.js +84 -19
- package/esm/runtime_transport.d.ts +2 -0
- package/esm/runtime_transport.d.ts.map +1 -1
- package/esm/runtime_transport.js +1 -0
- package/esm/store.d.ts +8 -1
- package/esm/store.d.ts.map +1 -1
- package/esm/store.js +46 -8
- package/esm/transfer.d.ts +3 -0
- package/esm/transfer.d.ts.map +1 -1
- package/esm/transfer.js +20 -30
- package/esm/trellis.d.ts +85 -22
- package/esm/trellis.d.ts.map +1 -1
- package/esm/trellis.js +525 -61
- package/package.json +6 -4
- package/script/auth/browser/login.d.ts.map +1 -1
- package/script/auth/browser/login.js +46 -3
- package/script/auth/browser/portal.d.ts.map +1 -1
- package/script/auth/browser/portal.js +5 -1
- package/script/auth/browser/session.d.ts +18 -7
- package/script/auth/browser/session.d.ts.map +1 -1
- package/script/auth/browser/session.js +47 -11
- package/script/auth/browser/storage.d.ts +6 -1
- package/script/auth/browser/storage.d.ts.map +1 -1
- package/script/auth/browser/storage.js +15 -3
- package/script/auth/browser.d.ts +2 -2
- package/script/auth/browser.d.ts.map +1 -1
- package/script/auth/browser.js +2 -1
- package/script/auth/device_activation.d.ts +36 -33
- package/script/auth/device_activation.d.ts.map +1 -1
- package/script/auth/device_activation.js +25 -21
- package/script/auth/mod.d.ts +4 -4
- package/script/auth/mod.d.ts.map +1 -1
- package/script/auth/mod.js +132 -137
- package/script/auth/proof.d.ts +3 -1
- package/script/auth/proof.d.ts.map +1 -1
- package/script/auth/proof.js +21 -15
- package/script/auth/protocol.d.ts +2457 -941
- package/script/auth/protocol.d.ts.map +1 -1
- package/script/auth/protocol.js +749 -377
- package/script/auth/schemas.d.ts +25 -4
- package/script/auth/schemas.d.ts.map +1 -1
- package/script/auth/schemas.js +16 -5
- package/script/auth/session_auth.d.ts +1 -1
- package/script/auth/session_auth.d.ts.map +1 -1
- package/script/auth/session_auth.js +7 -1
- package/script/client_connect.d.ts +2 -0
- package/script/client_connect.d.ts.map +1 -1
- package/script/client_connect.js +76 -15
- package/script/contract.d.ts +3 -0
- package/script/contract.d.ts.map +1 -1
- package/script/contract_support/mod.d.ts +422 -43
- package/script/contract_support/mod.d.ts.map +1 -1
- package/script/contract_support/mod.js +757 -51
- package/script/contract_support/protocol.d.ts +20 -5
- package/script/contract_support/protocol.d.ts.map +1 -1
- package/script/contract_support/protocol.js +20 -11
- package/script/contract_support/runtime.d.ts +11 -0
- package/script/contract_support/runtime.d.ts.map +1 -1
- package/script/contract_support/schema_pointers.d.ts.map +1 -1
- package/script/contract_support/schema_pointers.js +32 -14
- package/script/device.d.ts +2 -0
- package/script/device.d.ts.map +1 -1
- package/script/device.js +3 -0
- package/script/errors/AuthError.d.ts +1 -1
- package/script/errors/AuthError.d.ts.map +1 -1
- package/script/errors/AuthError.js +5 -1
- package/script/errors/index.d.ts +4 -4
- package/script/generated-sdk/auth/api.d.ts +27 -9
- package/script/generated-sdk/auth/api.d.ts.map +1 -1
- package/script/generated-sdk/auth/api.js +17 -591
- package/script/generated-sdk/auth/client.d.ts +91 -85
- package/script/generated-sdk/auth/client.d.ts.map +1 -1
- package/script/generated-sdk/auth/contract.d.ts +1 -1
- package/script/generated-sdk/auth/contract.d.ts.map +1 -1
- package/script/generated-sdk/auth/contract.js +4 -2
- package/script/generated-sdk/auth/mod.d.ts +1 -0
- package/script/generated-sdk/auth/mod.d.ts.map +1 -1
- package/script/generated-sdk/auth/owned_api.d.ts +3 -0
- package/script/generated-sdk/auth/owned_api.d.ts.map +1 -0
- package/script/generated-sdk/auth/owned_api.js +597 -0
- package/script/generated-sdk/auth/schemas.d.ts +9959 -5160
- package/script/generated-sdk/auth/schemas.d.ts.map +1 -1
- package/script/generated-sdk/auth/schemas.js +139 -140
- package/script/generated-sdk/auth/types.d.ts +2418 -1557
- package/script/generated-sdk/auth/types.d.ts.map +1 -1
- package/script/generated-sdk/auth/types.js +1 -1
- package/script/generated-sdk/health/api.d.ts +24 -9
- package/script/generated-sdk/health/api.d.ts.map +1 -1
- package/script/generated-sdk/health/api.js +13 -21
- package/script/generated-sdk/health/client.d.ts +2 -1
- package/script/generated-sdk/health/client.d.ts.map +1 -1
- package/script/generated-sdk/health/contract.d.ts.map +1 -1
- package/script/generated-sdk/health/contract.js +2 -0
- package/script/generated-sdk/health/owned_api.d.ts +3 -0
- package/script/generated-sdk/health/owned_api.d.ts.map +1 -0
- package/script/generated-sdk/health/owned_api.js +19 -0
- package/script/generated-sdk/health/types.d.ts +2 -0
- package/script/generated-sdk/health/types.d.ts.map +1 -1
- package/script/generated-sdk/jobs/api.d.ts +33 -9
- package/script/generated-sdk/jobs/api.d.ts.map +1 -1
- package/script/generated-sdk/jobs/api.js +23 -88
- package/script/generated-sdk/jobs/client.d.ts +9 -2
- package/script/generated-sdk/jobs/client.d.ts.map +1 -1
- package/script/generated-sdk/jobs/contract.d.ts +1 -1
- package/script/generated-sdk/jobs/contract.d.ts.map +1 -1
- package/script/generated-sdk/jobs/contract.js +4 -2
- package/script/generated-sdk/jobs/owned_api.d.ts +3 -0
- package/script/generated-sdk/jobs/owned_api.d.ts.map +1 -0
- package/script/generated-sdk/jobs/owned_api.js +154 -0
- package/script/generated-sdk/jobs/schemas.d.ts +336 -123
- package/script/generated-sdk/jobs/schemas.d.ts.map +1 -1
- package/script/generated-sdk/jobs/schemas.js +18 -16
- package/script/generated-sdk/jobs/types.d.ts +144 -34
- package/script/generated-sdk/jobs/types.d.ts.map +1 -1
- package/script/generated-sdk/jobs/types.js +38 -2
- package/script/generated-sdk/state/api.d.ts +27 -9
- package/script/generated-sdk/state/api.d.ts.map +1 -1
- package/script/generated-sdk/state/api.js +17 -72
- package/script/generated-sdk/state/client.d.ts +4 -2
- package/script/generated-sdk/state/client.d.ts.map +1 -1
- package/script/generated-sdk/state/contract.d.ts +1 -1
- package/script/generated-sdk/state/contract.d.ts.map +1 -1
- package/script/generated-sdk/state/contract.js +4 -2
- package/script/generated-sdk/state/owned_api.d.ts +3 -0
- package/script/generated-sdk/state/owned_api.d.ts.map +1 -0
- package/script/generated-sdk/state/owned_api.js +69 -0
- package/script/generated-sdk/state/schemas.d.ts +264 -284
- package/script/generated-sdk/state/schemas.d.ts.map +1 -1
- package/script/generated-sdk/state/schemas.js +6 -6
- package/script/generated-sdk/state/types.d.ts +24 -23
- package/script/generated-sdk/state/types.d.ts.map +1 -1
- package/script/generated-sdk/state/types.js +1 -1
- package/script/generated-sdk/trellis-core/api.d.ts +27 -9
- package/script/generated-sdk/trellis-core/api.d.ts.map +1 -1
- package/script/generated-sdk/trellis-core/api.js +17 -40
- package/script/generated-sdk/trellis-core/client.d.ts +5 -2
- package/script/generated-sdk/trellis-core/client.d.ts.map +1 -1
- package/script/generated-sdk/trellis-core/contract.d.ts +1 -1
- package/script/generated-sdk/trellis-core/contract.d.ts.map +1 -1
- package/script/generated-sdk/trellis-core/contract.js +4 -2
- package/script/generated-sdk/trellis-core/owned_api.d.ts +3 -0
- package/script/generated-sdk/trellis-core/owned_api.d.ts.map +1 -0
- package/script/generated-sdk/trellis-core/owned_api.js +45 -0
- package/script/generated-sdk/trellis-core/schemas.d.ts +259 -11
- package/script/generated-sdk/trellis-core/schemas.d.ts.map +1 -1
- package/script/generated-sdk/trellis-core/schemas.js +6 -4
- package/script/generated-sdk/trellis-core/types.d.ts +56 -1
- package/script/generated-sdk/trellis-core/types.d.ts.map +1 -1
- package/script/generated-sdk/trellis-core/types.js +1 -1
- package/script/helpers.d.ts.map +1 -1
- package/script/index.d.ts +4 -3
- package/script/index.d.ts.map +1 -1
- package/script/index.js +5 -2
- package/script/jobs.d.ts +10 -1
- package/script/jobs.d.ts.map +1 -1
- package/script/jobs.js +17 -2
- package/script/kv.d.ts.map +1 -1
- package/script/kv.js +10 -4
- package/script/models/auth/rpc/Logout.d.ts +4 -4
- package/script/models/auth/rpc/Logout.d.ts.map +1 -1
- package/script/models/auth/rpc/Logout.js +3 -3
- package/script/models/trellis/Page.d.ts +2 -0
- package/script/models/trellis/Page.d.ts.map +1 -0
- package/script/models/trellis/Page.js +6 -0
- package/script/models/trellis/State.d.ts +1 -0
- package/script/models/trellis/State.d.ts.map +1 -1
- package/script/models/trellis/State.js +1 -0
- package/script/models/trellis/rpc/StateList.d.ts +9 -12
- package/script/models/trellis/rpc/StateList.d.ts.map +1 -1
- package/script/models/trellis/rpc/StateList.js +16 -18
- package/script/npm/src/auth/browser/login.d.ts.map +1 -1
- package/script/npm/src/auth/browser/login.js +46 -3
- package/script/npm/src/auth/browser/portal.d.ts.map +1 -1
- package/script/npm/src/auth/browser/portal.js +5 -1
- package/script/npm/src/auth/browser/session.d.ts +18 -7
- package/script/npm/src/auth/browser/session.d.ts.map +1 -1
- package/script/npm/src/auth/browser/session.js +47 -11
- package/script/npm/src/auth/browser/storage.d.ts +6 -1
- package/script/npm/src/auth/browser/storage.d.ts.map +1 -1
- package/script/npm/src/auth/browser/storage.js +15 -3
- package/script/npm/src/auth/browser.d.ts +2 -2
- package/script/npm/src/auth/browser.d.ts.map +1 -1
- package/script/npm/src/auth/browser.js +2 -1
- package/script/npm/src/auth/device_activation.d.ts +36 -33
- package/script/npm/src/auth/device_activation.d.ts.map +1 -1
- package/script/npm/src/auth/device_activation.js +25 -21
- package/script/npm/src/auth/mod.d.ts +4 -4
- package/script/npm/src/auth/mod.d.ts.map +1 -1
- package/script/npm/src/auth/mod.js +132 -137
- package/script/npm/src/auth/proof.d.ts +3 -1
- package/script/npm/src/auth/proof.d.ts.map +1 -1
- package/script/npm/src/auth/proof.js +21 -15
- package/script/npm/src/auth/protocol.d.ts +2457 -941
- package/script/npm/src/auth/protocol.d.ts.map +1 -1
- package/script/npm/src/auth/protocol.js +749 -377
- package/script/npm/src/auth/schemas.d.ts +25 -4
- package/script/npm/src/auth/schemas.d.ts.map +1 -1
- package/script/npm/src/auth/schemas.js +16 -5
- package/script/npm/src/auth/session_auth.d.ts +1 -1
- package/script/npm/src/auth/session_auth.d.ts.map +1 -1
- package/script/npm/src/auth/session_auth.js +7 -1
- package/script/npm/src/client_connect.d.ts +2 -0
- package/script/npm/src/client_connect.d.ts.map +1 -1
- package/script/npm/src/client_connect.js +76 -15
- package/script/npm/src/contract.d.ts +3 -0
- package/script/npm/src/contract.d.ts.map +1 -1
- package/script/npm/src/contract_support/mod.d.ts +422 -43
- package/script/npm/src/contract_support/mod.d.ts.map +1 -1
- package/script/npm/src/contract_support/mod.js +757 -51
- package/script/npm/src/contract_support/protocol.d.ts +20 -5
- package/script/npm/src/contract_support/protocol.d.ts.map +1 -1
- package/script/npm/src/contract_support/protocol.js +20 -11
- package/script/npm/src/contract_support/runtime.d.ts +11 -0
- package/script/npm/src/contract_support/runtime.d.ts.map +1 -1
- package/script/npm/src/contract_support/schema_pointers.d.ts.map +1 -1
- package/script/npm/src/contract_support/schema_pointers.js +32 -14
- package/script/npm/src/device/deno.d.ts.map +1 -1
- package/script/npm/src/device/deno.js +6 -0
- package/script/npm/src/device.d.ts +2 -0
- package/script/npm/src/device.d.ts.map +1 -1
- package/script/npm/src/device.js +3 -0
- package/script/npm/src/errors/AuthError.d.ts +1 -1
- package/script/npm/src/errors/AuthError.d.ts.map +1 -1
- package/script/npm/src/errors/AuthError.js +5 -1
- package/script/npm/src/errors/index.d.ts +4 -4
- package/script/npm/src/helpers.d.ts.map +1 -1
- package/script/npm/src/index.d.ts +4 -3
- package/script/npm/src/index.d.ts.map +1 -1
- package/script/npm/src/index.js +5 -2
- package/script/npm/src/jobs.d.ts +10 -1
- package/script/npm/src/jobs.d.ts.map +1 -1
- package/script/npm/src/jobs.js +17 -2
- package/script/npm/src/kv.d.ts.map +1 -1
- package/script/npm/src/kv.js +10 -4
- package/script/npm/src/models/auth/rpc/Logout.d.ts +4 -4
- package/script/npm/src/models/auth/rpc/Logout.d.ts.map +1 -1
- package/script/npm/src/models/auth/rpc/Logout.js +3 -3
- package/script/npm/src/models/trellis/Page.d.ts +2 -0
- package/script/npm/src/models/trellis/Page.d.ts.map +1 -0
- package/script/npm/src/models/trellis/Page.js +6 -0
- package/script/npm/src/models/trellis/State.d.ts +1 -0
- package/script/npm/src/models/trellis/State.d.ts.map +1 -1
- package/script/npm/src/models/trellis/State.js +1 -0
- package/script/npm/src/models/trellis/rpc/StateList.d.ts +9 -12
- package/script/npm/src/models/trellis/rpc/StateList.d.ts.map +1 -1
- package/script/npm/src/models/trellis/rpc/StateList.js +16 -18
- package/script/npm/src/operations.d.ts +16 -7
- package/script/npm/src/operations.d.ts.map +1 -1
- package/script/npm/src/operations.js +84 -19
- package/script/npm/src/runtime_transport.d.ts +2 -0
- package/script/npm/src/runtime_transport.d.ts.map +1 -1
- package/script/npm/src/runtime_transport.js +2 -1
- package/script/npm/src/server/internal_jobs/active-job.d.ts +2 -1
- package/script/npm/src/server/internal_jobs/active-job.d.ts.map +1 -1
- package/script/npm/src/server/internal_jobs/active-job.js +3 -0
- package/script/npm/src/server/internal_jobs/job-manager.d.ts +4 -1
- package/script/npm/src/server/internal_jobs/job-manager.d.ts.map +1 -1
- package/script/npm/src/server/internal_jobs/job-manager.js +61 -1
- package/script/npm/src/server/internal_jobs/projection.js +1 -0
- package/script/npm/src/server/internal_jobs/runtime-worker.d.ts +13 -1
- package/script/npm/src/server/internal_jobs/runtime-worker.d.ts.map +1 -1
- package/script/npm/src/server/internal_jobs/runtime-worker.js +74 -13
- package/script/npm/src/server/internal_jobs/types.d.ts +19 -0
- package/script/npm/src/server/internal_jobs/types.d.ts.map +1 -1
- package/script/npm/src/server/internal_jobs/types.js +11 -1
- package/script/npm/src/server/runtime.d.ts +1 -0
- package/script/npm/src/server/runtime.d.ts.map +1 -1
- package/script/npm/src/server/service.d.ts +10 -1
- package/script/npm/src/server/service.d.ts.map +1 -1
- package/script/npm/src/server/service.js +188 -62
- package/script/npm/src/server/transfer.d.ts.map +1 -1
- package/script/npm/src/server/transfer.js +4 -0
- package/script/npm/src/server.d.ts.map +1 -1
- package/script/npm/src/server.js +336 -33
- package/script/npm/src/store.d.ts +8 -1
- package/script/npm/src/store.d.ts.map +1 -1
- package/script/npm/src/store.js +46 -8
- package/script/npm/src/transfer.d.ts +3 -0
- package/script/npm/src/transfer.d.ts.map +1 -1
- package/script/npm/src/transfer.js +19 -29
- package/script/npm/src/trellis.d.ts +85 -22
- package/script/npm/src/trellis.d.ts.map +1 -1
- package/script/npm/src/trellis.js +525 -61
- package/script/operations.d.ts +16 -7
- package/script/operations.d.ts.map +1 -1
- package/script/operations.js +84 -19
- package/script/runtime_transport.d.ts +2 -0
- package/script/runtime_transport.d.ts.map +1 -1
- package/script/runtime_transport.js +2 -1
- package/script/store.d.ts +8 -1
- package/script/store.d.ts.map +1 -1
- package/script/store.js +46 -8
- package/script/transfer.d.ts +3 -0
- package/script/transfer.d.ts.map +1 -1
- package/script/transfer.js +19 -29
- package/script/trellis.d.ts +85 -22
- package/script/trellis.d.ts.map +1 -1
- package/script/trellis.js +525 -61
- package/esm/models/trellis/Paginate.d.ts +0 -7
- package/esm/models/trellis/Paginate.d.ts.map +0 -1
- package/esm/models/trellis/Paginate.js +0 -5
- package/esm/npm/src/models/trellis/Paginate.d.ts +0 -7
- package/esm/npm/src/models/trellis/Paginate.d.ts.map +0 -1
- package/esm/npm/src/models/trellis/Paginate.js +0 -5
- package/script/models/trellis/Paginate.d.ts +0 -7
- package/script/models/trellis/Paginate.d.ts.map +0 -1
- package/script/models/trellis/Paginate.js +0 -11
- package/script/npm/src/models/trellis/Paginate.d.ts +0 -7
- package/script/npm/src/models/trellis/Paginate.d.ts.map +0 -1
- package/script/npm/src/models/trellis/Paginate.js +0 -11
|
@@ -6,9 +6,9 @@
|
|
|
6
6
|
import "../_dnt.polyfills.js";
|
|
7
7
|
export { type AuthConfig, type AuthStartFlowResponse, type AuthStartRequest, type AuthStartResponse, bindFlow, type BindResponse, type BindSuccessResponse, buildLoginUrl, isBindSuccessResponse, type SentinelCreds, startAuthRequest, } from "./browser/login.js";
|
|
8
8
|
export { type ApprovalDecision, fetchPortalFlowState, portalFlowIdFromUrl, type PortalFlowState, type PortalFlowState as BrowserPortalFlowState, portalProviderLoginUrl, portalRedirectLocation, submitPortalApproval, } from "./browser/portal.js";
|
|
9
|
-
export { bindFlowSig, clearSessionKey, createRpcProof, generateSessionKey, getOrCreateSessionKey, getPublicSessionKey, hasSessionKey, loadSessionKey, natsConnectSigForIat, type SessionKeyHandle, signBytes, } from "./browser/session.js";
|
|
9
|
+
export { bindFlowSig, clearSessionKey, createRpcProof, generateSessionKey, getOrCreateSessionKey, getPublicSessionKey, hasSessionKey, loadSessionKey, natsConnectSigForIat, type SessionKeyHandle, type SessionKeyOptions, type SessionKeyPersistenceMode, signBytes, } from "./browser/session.js";
|
|
10
10
|
export { deleteKeyPair, hasKeyPair } from "./browser/storage.js";
|
|
11
|
-
export { type ApprovalDecision as ApprovalDecisionData, ApprovalDecisionSchema, type AuthStartFlowResponse as AuthStartFlowResponseData, AuthStartFlowResponseSchema, type AuthStartRequest as AuthStartRequestData, AuthStartRequestSchema, type AuthStartResponse as AuthStartResponseData, AuthStartResponseSchema, type BindResponse as BindResponseData, BindResponseSchema, type BindSuccessResponse as BindSuccessResponseData, BindSuccessResponseSchema, type ClientTransportEndpoints as ClientTransportEndpointsData, ClientTransportEndpointsSchema, type ClientTransports as ClientTransportsData, ClientTransportsSchema, type ContractApproval as ContractApprovalData, ContractApprovalSchema, type NatsAuthTokenV1 as NatsAuthTokenV1Data, NatsAuthTokenV1Schema, type SentinelCreds as SentinelCredsData, SentinelCredsSchema, } from "./schemas.js";
|
|
11
|
+
export { approvalCapabilityKeys, type ApprovalDecision as ApprovalDecisionData, ApprovalDecisionSchema, type AuthStartFlowResponse as AuthStartFlowResponseData, AuthStartFlowResponseSchema, type AuthStartRequest as AuthStartRequestData, AuthStartRequestSchema, type AuthStartResponse as AuthStartResponseData, AuthStartResponseSchema, type BindResponse as BindResponseData, BindResponseSchema, type BindSuccessResponse as BindSuccessResponseData, BindSuccessResponseSchema, type ClientTransportEndpoints as ClientTransportEndpointsData, ClientTransportEndpointsSchema, type ClientTransports as ClientTransportsData, ClientTransportsSchema, type ContractApproval as ContractApprovalData, type ContractApprovalCapability as ContractApprovalCapabilityData, ContractApprovalSchema, type NatsAuthTokenV1 as NatsAuthTokenV1Data, NatsAuthTokenV1Schema, type SentinelCreds as SentinelCredsData, SentinelCredsSchema, } from "./schemas.js";
|
|
12
12
|
export type { NatsAuthTokenV1 } from "./types.js";
|
|
13
13
|
export { base64urlDecode, base64urlEncode, sha256, toArrayBuffer, utf8, } from "./utils.js";
|
|
14
14
|
//# sourceMappingURL=browser.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"browser.d.ts","sourceRoot":"","sources":["../../../../src/auth/browser.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,sBAAsB,CAAC;AAG9B,OAAO,EACL,KAAK,UAAU,EACf,KAAK,qBAAqB,EAC1B,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,QAAQ,EACR,KAAK,YAAY,EACjB,KAAK,mBAAmB,EACxB,aAAa,EACb,qBAAqB,EACrB,KAAK,aAAa,EAClB,gBAAgB,GACjB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,KAAK,gBAAgB,EACrB,oBAAoB,EACpB,mBAAmB,EACnB,KAAK,eAAe,EACpB,KAAK,eAAe,IAAI,sBAAsB,EAC9C,sBAAsB,EACtB,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EACL,WAAW,EACX,eAAe,EACf,cAAc,EACd,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,aAAa,EACb,cAAc,EACd,oBAAoB,EACpB,KAAK,gBAAgB,EACrB,SAAS,GACV,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AACjE,OAAO,EACL,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,qBAAqB,IAAI,yBAAyB,EACvD,2BAA2B,EAC3B,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,iBAAiB,IAAI,qBAAqB,EAC/C,uBAAuB,EACvB,KAAK,YAAY,IAAI,gBAAgB,EACrC,kBAAkB,EAClB,KAAK,mBAAmB,IAAI,uBAAuB,EACnD,yBAAyB,EACzB,KAAK,wBAAwB,IAAI,4BAA4B,EAC7D,8BAA8B,EAC9B,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,eAAe,IAAI,mBAAmB,EAC3C,qBAAqB,EACrB,KAAK,aAAa,IAAI,iBAAiB,EACvC,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAEtB,YAAY,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,EACL,eAAe,EACf,eAAe,EACf,MAAM,EACN,aAAa,EACb,IAAI,GACL,MAAM,YAAY,CAAC"}
|
|
1
|
+
{"version":3,"file":"browser.d.ts","sourceRoot":"","sources":["../../../../src/auth/browser.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,sBAAsB,CAAC;AAG9B,OAAO,EACL,KAAK,UAAU,EACf,KAAK,qBAAqB,EAC1B,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,QAAQ,EACR,KAAK,YAAY,EACjB,KAAK,mBAAmB,EACxB,aAAa,EACb,qBAAqB,EACrB,KAAK,aAAa,EAClB,gBAAgB,GACjB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,KAAK,gBAAgB,EACrB,oBAAoB,EACpB,mBAAmB,EACnB,KAAK,eAAe,EACpB,KAAK,eAAe,IAAI,sBAAsB,EAC9C,sBAAsB,EACtB,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EACL,WAAW,EACX,eAAe,EACf,cAAc,EACd,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,aAAa,EACb,cAAc,EACd,oBAAoB,EACpB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,yBAAyB,EAC9B,SAAS,GACV,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AACjE,OAAO,EACL,sBAAsB,EACtB,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,qBAAqB,IAAI,yBAAyB,EACvD,2BAA2B,EAC3B,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,iBAAiB,IAAI,qBAAqB,EAC/C,uBAAuB,EACvB,KAAK,YAAY,IAAI,gBAAgB,EACrC,kBAAkB,EAClB,KAAK,mBAAmB,IAAI,uBAAuB,EACnD,yBAAyB,EACzB,KAAK,wBAAwB,IAAI,4BAA4B,EAC7D,8BAA8B,EAC9B,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,KAAK,0BAA0B,IAAI,8BAA8B,EACjE,sBAAsB,EACtB,KAAK,eAAe,IAAI,mBAAmB,EAC3C,qBAAqB,EACrB,KAAK,aAAa,IAAI,iBAAiB,EACvC,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAEtB,YAAY,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,EACL,eAAe,EACf,eAAe,EACf,MAAM,EACN,aAAa,EACb,IAAI,GACL,MAAM,YAAY,CAAC"}
|
|
@@ -8,5 +8,5 @@ export { bindFlow, buildLoginUrl, isBindSuccessResponse, startAuthRequest, } fro
|
|
|
8
8
|
export { fetchPortalFlowState, portalFlowIdFromUrl, portalProviderLoginUrl, portalRedirectLocation, submitPortalApproval, } from "./browser/portal.js";
|
|
9
9
|
export { bindFlowSig, clearSessionKey, createRpcProof, generateSessionKey, getOrCreateSessionKey, getPublicSessionKey, hasSessionKey, loadSessionKey, natsConnectSigForIat, signBytes, } from "./browser/session.js";
|
|
10
10
|
export { deleteKeyPair, hasKeyPair } from "./browser/storage.js";
|
|
11
|
-
export { ApprovalDecisionSchema, AuthStartFlowResponseSchema, AuthStartRequestSchema, AuthStartResponseSchema, BindResponseSchema, BindSuccessResponseSchema, ClientTransportEndpointsSchema, ClientTransportsSchema, ContractApprovalSchema, NatsAuthTokenV1Schema, SentinelCredsSchema, } from "./schemas.js";
|
|
11
|
+
export { approvalCapabilityKeys, ApprovalDecisionSchema, AuthStartFlowResponseSchema, AuthStartRequestSchema, AuthStartResponseSchema, BindResponseSchema, BindSuccessResponseSchema, ClientTransportEndpointsSchema, ClientTransportsSchema, ContractApprovalSchema, NatsAuthTokenV1Schema, SentinelCredsSchema, } from "./schemas.js";
|
|
12
12
|
export { base64urlDecode, base64urlEncode, sha256, toArrayBuffer, utf8, } from "./utils.js";
|
|
@@ -4,7 +4,7 @@ import type { BaseError } from "@qlever-llc/result";
|
|
|
4
4
|
import { AsyncResult } from "@qlever-llc/result";
|
|
5
5
|
import type { OperationRef } from "../operations.js";
|
|
6
6
|
import type { NatsAuthTokenV1 } from "./schemas.js";
|
|
7
|
-
import {
|
|
7
|
+
import { AuthDevicesConnectInfoGetResponseSchema, AuthDevicesConnectInfoGetSchema, AuthDeviceUserAuthoritiesListResponseSchema, AuthDeviceUserAuthoritiesListSchema, AuthDeviceUserAuthoritiesRevokeResponseSchema, AuthDeviceUserAuthoritiesRevokeSchema, AuthResolveDeviceUserAuthoritiesProgressSchema, AuthResolveDeviceUserAuthoritiesResponseSchema, AuthResolveDeviceUserAuthoritiesSchema, WaitForDeviceActivationResponseSchema } from "./protocol.js";
|
|
8
8
|
export declare const DeviceActivationPayloadSchema: Type.TObject<{
|
|
9
9
|
v: Type.TLiteral<1>;
|
|
10
10
|
publicIdentityKey: Type.TString;
|
|
@@ -12,24 +12,25 @@ export declare const DeviceActivationPayloadSchema: Type.TObject<{
|
|
|
12
12
|
qrMac: Type.TString;
|
|
13
13
|
}>;
|
|
14
14
|
export declare const DeviceActivationWaitRequestSchema: Type.TObject<{
|
|
15
|
+
flowId: Type.TString;
|
|
15
16
|
publicIdentityKey: Type.TString;
|
|
16
17
|
nonce: Type.TString;
|
|
17
|
-
contractDigest: Type.
|
|
18
|
+
contractDigest: Type.TString;
|
|
18
19
|
iat: Type.TNumber;
|
|
19
20
|
sig: Type.TString;
|
|
20
21
|
}>;
|
|
21
22
|
export type DeviceActivationPayload = StaticDecode<typeof DeviceActivationPayloadSchema>;
|
|
22
23
|
export type DeviceActivationWaitRequest = StaticDecode<typeof DeviceActivationWaitRequestSchema>;
|
|
23
24
|
export type WaitForDeviceActivationResponse = StaticDecode<typeof WaitForDeviceActivationResponseSchema>;
|
|
24
|
-
export type
|
|
25
|
-
export type
|
|
26
|
-
export type
|
|
27
|
-
export type
|
|
28
|
-
export type
|
|
29
|
-
export type
|
|
30
|
-
export type
|
|
31
|
-
export type GetDeviceConnectInfoInput = StaticDecode<typeof
|
|
32
|
-
export type GetDeviceConnectInfoOutput = StaticDecode<typeof
|
|
25
|
+
export type AuthResolveDeviceUserAuthoritiesInput = StaticDecode<typeof AuthResolveDeviceUserAuthoritiesSchema>;
|
|
26
|
+
export type AuthResolveDeviceUserAuthoritiesProgress = StaticDecode<typeof AuthResolveDeviceUserAuthoritiesProgressSchema>;
|
|
27
|
+
export type AuthResolveDeviceUserAuthoritiesOutput = StaticDecode<typeof AuthResolveDeviceUserAuthoritiesResponseSchema>;
|
|
28
|
+
export type AuthDeviceUserAuthoritiesListInput = StaticDecode<typeof AuthDeviceUserAuthoritiesListSchema>;
|
|
29
|
+
export type AuthDeviceUserAuthoritiesListOutput = StaticDecode<typeof AuthDeviceUserAuthoritiesListResponseSchema>;
|
|
30
|
+
export type AuthDeviceUserAuthoritiesRevokeInput = StaticDecode<typeof AuthDeviceUserAuthoritiesRevokeSchema>;
|
|
31
|
+
export type AuthDeviceUserAuthoritiesRevokeResponse = StaticDecode<typeof AuthDeviceUserAuthoritiesRevokeResponseSchema>;
|
|
32
|
+
export type GetDeviceConnectInfoInput = StaticDecode<typeof AuthDevicesConnectInfoGetSchema>;
|
|
33
|
+
export type GetDeviceConnectInfoOutput = StaticDecode<typeof AuthDevicesConnectInfoGetResponseSchema>;
|
|
33
34
|
export type DeviceIdentity = {
|
|
34
35
|
identitySeed: Uint8Array;
|
|
35
36
|
identitySeedBase64url: string;
|
|
@@ -37,35 +38,35 @@ export type DeviceIdentity = {
|
|
|
37
38
|
activationKey: Uint8Array;
|
|
38
39
|
activationKeyBase64url: string;
|
|
39
40
|
};
|
|
40
|
-
type DeviceActivationRpcMethod = "Auth.
|
|
41
|
-
type
|
|
41
|
+
type DeviceActivationRpcMethod = "Auth.DeviceUserAuthorities.List" | "Auth.DeviceUserAuthorities.Revoke" | "Auth.Devices.ConnectInfo.Get";
|
|
42
|
+
type AuthResolveDeviceUserAuthoritiesOperationShape = {
|
|
42
43
|
subject: string;
|
|
43
|
-
input: typeof
|
|
44
|
-
progress: typeof
|
|
45
|
-
output: typeof
|
|
44
|
+
input: typeof AuthResolveDeviceUserAuthoritiesSchema;
|
|
45
|
+
progress: typeof AuthResolveDeviceUserAuthoritiesProgressSchema;
|
|
46
|
+
output: typeof AuthResolveDeviceUserAuthoritiesResponseSchema;
|
|
46
47
|
};
|
|
47
|
-
export type
|
|
48
|
+
export type AuthResolveDeviceUserAuthoritiesOperation = OperationRef<AuthResolveDeviceUserAuthoritiesOperationShape, AuthResolveDeviceUserAuthoritiesProgress, AuthResolveDeviceUserAuthoritiesOutput>;
|
|
48
49
|
type DeviceActivationRpcInputMap = {
|
|
49
|
-
"Auth.
|
|
50
|
-
"Auth.
|
|
51
|
-
"Auth.
|
|
50
|
+
"Auth.DeviceUserAuthorities.List": AuthDeviceUserAuthoritiesListInput;
|
|
51
|
+
"Auth.DeviceUserAuthorities.Revoke": AuthDeviceUserAuthoritiesRevokeInput;
|
|
52
|
+
"Auth.Devices.ConnectInfo.Get": GetDeviceConnectInfoInput;
|
|
52
53
|
};
|
|
53
54
|
type DeviceActivationRpcOutputMap = {
|
|
54
|
-
"Auth.
|
|
55
|
-
"Auth.
|
|
56
|
-
"Auth.
|
|
55
|
+
"Auth.DeviceUserAuthorities.List": AuthDeviceUserAuthoritiesListOutput;
|
|
56
|
+
"Auth.DeviceUserAuthorities.Revoke": AuthDeviceUserAuthoritiesRevokeResponse;
|
|
57
|
+
"Auth.Devices.ConnectInfo.Get": GetDeviceConnectInfoOutput;
|
|
57
58
|
};
|
|
58
59
|
type RequestClient = {
|
|
59
60
|
request<M extends DeviceActivationRpcMethod>(method: M, input: DeviceActivationRpcInputMap[M], opts?: unknown): AsyncResult<DeviceActivationRpcOutputMap[M], BaseError>;
|
|
60
61
|
};
|
|
61
|
-
type
|
|
62
|
-
operation(method: "Auth.
|
|
63
|
-
input(input:
|
|
64
|
-
start(): AsyncResult<
|
|
62
|
+
type ResolveDeviceUserAuthoritiesOperationClient = {
|
|
63
|
+
operation(method: "Auth.DeviceUserAuthorities.Resolve"): {
|
|
64
|
+
input(input: AuthResolveDeviceUserAuthoritiesInput): {
|
|
65
|
+
start(): AsyncResult<AuthResolveDeviceUserAuthoritiesOperation, BaseError>;
|
|
65
66
|
};
|
|
66
67
|
};
|
|
67
68
|
};
|
|
68
|
-
export type DeviceActivationTransport = RequestClient &
|
|
69
|
+
export type DeviceActivationTransport = RequestClient & ResolveDeviceUserAuthoritiesOperationClient;
|
|
69
70
|
export declare function deriveDeviceIdentity(deviceRootSecret: Uint8Array): Promise<DeviceIdentity>;
|
|
70
71
|
export declare function deriveDeviceQrMac(input: {
|
|
71
72
|
activationKey: Uint8Array | string;
|
|
@@ -99,12 +100,13 @@ export declare function verifyDeviceConfirmationCode(input: {
|
|
|
99
100
|
nonce: string;
|
|
100
101
|
confirmationCode: string;
|
|
101
102
|
}): Promise<boolean>;
|
|
102
|
-
export declare function buildDeviceWaitProofInput(publicIdentityKey: string, nonce: string, iat: number, contractDigest
|
|
103
|
+
export declare function buildDeviceWaitProofInput(flowId: string, publicIdentityKey: string, nonce: string, iat: number, contractDigest: string): Uint8Array;
|
|
103
104
|
export declare function signDeviceWaitRequest(args: {
|
|
105
|
+
flowId: string;
|
|
104
106
|
publicIdentityKey: string;
|
|
105
107
|
nonce: string;
|
|
106
108
|
identitySeed: Uint8Array | string;
|
|
107
|
-
contractDigest
|
|
109
|
+
contractDigest: string;
|
|
108
110
|
iat?: number;
|
|
109
111
|
}): Promise<DeviceActivationWaitRequest>;
|
|
110
112
|
export declare function createDeviceNatsAuthToken(args: {
|
|
@@ -117,6 +119,7 @@ export declare function createDeviceNatsAuthToken(args: {
|
|
|
117
119
|
}>;
|
|
118
120
|
export declare function waitForDeviceActivation(args: {
|
|
119
121
|
trellisUrl: string;
|
|
122
|
+
flowId: string;
|
|
120
123
|
publicIdentityKey: string;
|
|
121
124
|
nonce: string;
|
|
122
125
|
identitySeed: Uint8Array | string;
|
|
@@ -134,9 +137,9 @@ export declare function getDeviceConnectInfo(args: {
|
|
|
134
137
|
iat?: number;
|
|
135
138
|
}): Promise<GetDeviceConnectInfoOutput>;
|
|
136
139
|
export declare function createDeviceActivationClient(client: DeviceActivationTransport): {
|
|
137
|
-
|
|
138
|
-
listDeviceActivations(input
|
|
139
|
-
revokeDeviceActivation(input:
|
|
140
|
+
resolveDeviceUserAuthorities(input: AuthResolveDeviceUserAuthoritiesInput): any;
|
|
141
|
+
listDeviceActivations(input: AuthDeviceUserAuthoritiesListInput): any;
|
|
142
|
+
revokeDeviceActivation(input: AuthDeviceUserAuthoritiesRevokeInput): any;
|
|
140
143
|
getDeviceConnectInfo(input: GetDeviceConnectInfoInput): any;
|
|
141
144
|
};
|
|
142
145
|
export declare function verifyDeviceWaitSignature(input: DeviceActivationWaitRequest): Promise<boolean>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"device_activation.d.ts","sourceRoot":"","sources":["../../../../src/auth/device_activation.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAE/B,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAOrD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EACL,
|
|
1
|
+
{"version":3,"file":"device_activation.d.ts","sourceRoot":"","sources":["../../../../src/auth/device_activation.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAE/B,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAOrD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EACL,uCAAuC,EACvC,+BAA+B,EAC/B,2CAA2C,EAC3C,mCAAmC,EACnC,6CAA6C,EAC7C,qCAAqC,EACrC,8CAA8C,EAC9C,8CAA8C,EAC9C,sCAAsC,EAEtC,qCAAqC,EACtC,MAAM,eAAe,CAAC;AAiBvB,eAAO,MAAM,6BAA6B;;;;;EAKxC,CAAC;AAEH,eAAO,MAAM,iCAAiC;;;;;;;EACR,CAAC;AAEvC,MAAM,MAAM,uBAAuB,GAAG,YAAY,CAChD,OAAO,6BAA6B,CACrC,CAAC;AACF,MAAM,MAAM,2BAA2B,GAAG,YAAY,CACpD,OAAO,iCAAiC,CACzC,CAAC;AACF,MAAM,MAAM,+BAA+B,GAAG,YAAY,CACxD,OAAO,qCAAqC,CAC7C,CAAC;AACF,MAAM,MAAM,qCAAqC,GAAG,YAAY,CAC9D,OAAO,sCAAsC,CAC9C,CAAC;AACF,MAAM,MAAM,wCAAwC,GAAG,YAAY,CACjE,OAAO,8CAA8C,CACtD,CAAC;AACF,MAAM,MAAM,sCAAsC,GAAG,YAAY,CAC/D,OAAO,8CAA8C,CACtD,CAAC;AACF,MAAM,MAAM,kCAAkC,GAAG,YAAY,CAC3D,OAAO,mCAAmC,CAC3C,CAAC;AACF,MAAM,MAAM,mCAAmC,GAAG,YAAY,CAC5D,OAAO,2CAA2C,CACnD,CAAC;AACF,MAAM,MAAM,oCAAoC,GAAG,YAAY,CAC7D,OAAO,qCAAqC,CAC7C,CAAC;AACF,MAAM,MAAM,uCAAuC,GAAG,YAAY,CAChE,OAAO,6CAA6C,CACrD,CAAC;AACF,MAAM,MAAM,yBAAyB,GAAG,YAAY,CAClD,OAAO,+BAA+B,CACvC,CAAC;AACF,MAAM,MAAM,0BAA0B,GAAG,YAAY,CACnD,OAAO,uCAAuC,CAC/C,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,YAAY,EAAE,UAAU,CAAC;IACzB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,aAAa,EAAE,UAAU,CAAC;IAC1B,sBAAsB,EAAE,MAAM,CAAC;CAChC,CAAC;AAEF,KAAK,yBAAyB,GAC1B,iCAAiC,GACjC,mCAAmC,GACnC,8BAA8B,CAAC;AAEnC,KAAK,8CAA8C,GAAG;IACpD,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,OAAO,sCAAsC,CAAC;IACrD,QAAQ,EAAE,OAAO,8CAA8C,CAAC;IAChE,MAAM,EAAE,OAAO,8CAA8C,CAAC;CAC/D,CAAC;AAEF,MAAM,MAAM,yCAAyC,GAAG,YAAY,CAClE,8CAA8C,EAC9C,wCAAwC,EACxC,sCAAsC,CACvC,CAAC;AAEF,KAAK,2BAA2B,GAAG;IACjC,iCAAiC,EAAE,kCAAkC,CAAC;IACtE,mCAAmC,EAAE,oCAAoC,CAAC;IAC1E,8BAA8B,EAAE,yBAAyB,CAAC;CAC3D,CAAC;AAEF,KAAK,4BAA4B,GAAG;IAClC,iCAAiC,EAAE,mCAAmC,CAAC;IACvE,mCAAmC,EAAE,uCAAuC,CAAC;IAC7E,8BAA8B,EAAE,0BAA0B,CAAC;CAC5D,CAAC;AAEF,KAAK,aAAa,GAAG;IACnB,OAAO,CAAC,CAAC,SAAS,yBAAyB,EACzC,MAAM,EAAE,CAAC,EACT,KAAK,EAAE,2BAA2B,CAAC,CAAC,CAAC,EACrC,IAAI,CAAC,EAAE,OAAO,GACb,WAAW,CAAC,4BAA4B,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;CAC5D,CAAC;AAEF,KAAK,2CAA2C,GAAG;IACjD,SAAS,CAAC,MAAM,EAAE,oCAAoC,GAAG;QACvD,KAAK,CACH,KAAK,EAAE,qCAAqC,GAC3C;YACD,KAAK,IAAI,WAAW,CAClB,yCAAyC,EACzC,SAAS,CACV,CAAC;SACH,CAAC;KACH,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,yBAAyB,GACjC,aAAa,GACb,2CAA2C,CAAC;AAyIhD,wBAAsB,oBAAoB,CACxC,gBAAgB,EAAE,UAAU,GAC3B,OAAO,CAAC,cAAc,CAAC,CA8BzB;AAED,wBAAsB,iBAAiB,CAAC,KAAK,EAAE;IAC7C,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,MAAM,CAAC,CAclB;AAED,wBAAsB,4BAA4B,CAAC,KAAK,EAAE;IACxD,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAQnC;AAED,wBAAgB,6BAA6B,CAC3C,OAAO,EAAE,uBAAuB,GAC/B,MAAM,CAER;AAED,wBAAgB,4BAA4B,CAC1C,KAAK,EAAE,MAAM,GACZ,uBAAuB,CAOzB;AAED,wBAAsB,4BAA4B,CAAC,IAAI,EAAE;IACvD,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,uBAAuB,CAAC;CAClC,GAAG,OAAO,CACT;IACE,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;CACvB,CACF,CAkCA;AAED,wBAAsB,4BAA4B,CAAC,KAAK,EAAE;IACxD,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,MAAM,CAAC,CAclB;AAED,wBAAsB,4BAA4B,CAAC,KAAK,EAAE;IACxD,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,gBAAgB,EAAE,MAAM,CAAC;CAC1B,GAAG,OAAO,CAAC,OAAO,CAAC,CAInB;AAED,wBAAgB,yBAAyB,CACvC,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,MAAM,EACzB,KAAK,EAAE,MAAM,EACb,GAAG,EAAE,MAAM,EACX,cAAc,EAAE,MAAM,GACrB,UAAU,CAoCZ;AAED,wBAAsB,qBAAqB,CAAC,IAAI,EAAE;IAChD,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,2BAA2B,CAAC,CA6BvC;AAED,wBAAsB,yBAAyB,CAAC,IAAI,EAAE;IACpD,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,eAAe,GAAG;IAAE,cAAc,EAAE,MAAM,CAAA;CAAE,CAAC,CA0BxD;AAED,wBAAsB,uBAAuB,CAAC,IAAI,EAAE;IAClD,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,GAAG,OAAO,CACT,OAAO,CAAC,+BAA+B,EAAE;IAAE,MAAM,EAAE,WAAW,CAAA;CAAE,CAAC,CAClE,CAuDA;AAED,wBAAsB,oBAAoB,CAAC,IAAI,EAAE;IAC/C,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,0BAA0B,CAAC,CA+BtC;AAED,wBAAgB,4BAA4B,CAC1C,MAAM,EAAE,yBAAyB;wCAGK,qCAAqC;iCAK5C,kCAAkC;kCAGjC,oCAAoC;gCAItC,yBAAyB;EAIxD;AAED,wBAAsB,yBAAyB,CAC7C,KAAK,EAAE,2BAA2B,GACjC,OAAO,CAAC,OAAO,CAAC,CAmBlB"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { Type } from "typebox";
|
|
2
2
|
import { Value } from "typebox/value";
|
|
3
3
|
import { importEd25519PrivateKeyFromSeedBase64url, importEd25519PublicKeyFromBase64url, publicKeyBase64urlFromPrivateKey, } from "./keys.js";
|
|
4
|
-
import {
|
|
4
|
+
import { AuthDevicesConnectInfoGetResponseSchema, WaitForDeviceActivationRequestSchema, WaitForDeviceActivationResponseSchema, } from "./protocol.js";
|
|
5
5
|
import { base64urlDecode, base64urlEncode, sha256, toArrayBuffer, utf8, } from "./utils.js";
|
|
6
6
|
import { buildNatsConnectSignaturePayload } from "./session_auth.js";
|
|
7
7
|
const DEVICE_IDENTITY_HKDF_INFO = "trellis/device-identity/v1";
|
|
@@ -15,14 +15,8 @@ export const DeviceActivationPayloadSchema = Type.Object({
|
|
|
15
15
|
publicIdentityKey: Type.String({ minLength: 1 }),
|
|
16
16
|
nonce: Type.String({ minLength: 1 }),
|
|
17
17
|
qrMac: Type.String({ minLength: 1 }),
|
|
18
|
-
}
|
|
19
|
-
export const DeviceActivationWaitRequestSchema =
|
|
20
|
-
publicIdentityKey: Type.String({ minLength: 1 }),
|
|
21
|
-
nonce: Type.String({ minLength: 1 }),
|
|
22
|
-
contractDigest: Type.Optional(Type.String({ minLength: 1 })),
|
|
23
|
-
iat: Type.Number(),
|
|
24
|
-
sig: Type.String({ minLength: 1 }),
|
|
25
|
-
}, { additionalProperties: false });
|
|
18
|
+
});
|
|
19
|
+
export const DeviceActivationWaitRequestSchema = WaitForDeviceActivationRequestSchema;
|
|
26
20
|
function concatBytes(parts) {
|
|
27
21
|
const size = parts.reduce((total, part) => total + part.length, 0);
|
|
28
22
|
const bytes = new Uint8Array(size);
|
|
@@ -208,18 +202,24 @@ export async function verifyDeviceConfirmationCode(input) {
|
|
|
208
202
|
return normalizeCrockford(expected) ===
|
|
209
203
|
normalizeCrockford(input.confirmationCode);
|
|
210
204
|
}
|
|
211
|
-
export function buildDeviceWaitProofInput(publicIdentityKey, nonce, iat, contractDigest) {
|
|
205
|
+
export function buildDeviceWaitProofInput(flowId, publicIdentityKey, nonce, iat, contractDigest) {
|
|
212
206
|
const enc = new TextEncoder();
|
|
207
|
+
const flowIdBytes = enc.encode(flowId);
|
|
213
208
|
const publicIdentityKeyBytes = enc.encode(publicIdentityKey);
|
|
214
209
|
const nonceBytes = enc.encode(nonce);
|
|
215
210
|
const iatBytes = enc.encode(String(iat));
|
|
216
|
-
const contractDigestBytes = enc.encode(contractDigest
|
|
217
|
-
const buf = new Uint8Array(4 +
|
|
211
|
+
const contractDigestBytes = enc.encode(contractDigest);
|
|
212
|
+
const buf = new Uint8Array(4 + flowIdBytes.length +
|
|
213
|
+
4 + publicIdentityKeyBytes.length +
|
|
218
214
|
4 + nonceBytes.length +
|
|
219
215
|
4 + iatBytes.length +
|
|
220
216
|
4 + contractDigestBytes.length);
|
|
221
217
|
const view = new DataView(buf.buffer);
|
|
222
218
|
let offset = 0;
|
|
219
|
+
view.setUint32(offset, flowIdBytes.length);
|
|
220
|
+
offset += 4;
|
|
221
|
+
buf.set(flowIdBytes, offset);
|
|
222
|
+
offset += flowIdBytes.length;
|
|
223
223
|
view.setUint32(offset, publicIdentityKeyBytes.length);
|
|
224
224
|
offset += 4;
|
|
225
225
|
buf.set(publicIdentityKeyBytes, offset);
|
|
@@ -241,13 +241,14 @@ export async function signDeviceWaitRequest(args) {
|
|
|
241
241
|
const identitySeed = normalizeSecretBytes(args.identitySeed, "identitySeed");
|
|
242
242
|
const identityPrivateKey = await importEd25519PrivateKeyFromSeedBase64url(base64urlEncode(identitySeed));
|
|
243
243
|
const iat = args.iat ?? Math.floor(Date.now() / 1_000);
|
|
244
|
-
const proofInput = buildDeviceWaitProofInput(args.publicIdentityKey, args.nonce, iat, args.contractDigest);
|
|
244
|
+
const proofInput = buildDeviceWaitProofInput(args.flowId, args.publicIdentityKey, args.nonce, iat, args.contractDigest);
|
|
245
245
|
const proofHash = await sha256(proofInput);
|
|
246
246
|
const signature = new Uint8Array(await crypto.subtle.sign("Ed25519", identityPrivateKey, toArrayBuffer(proofHash)));
|
|
247
247
|
return {
|
|
248
|
+
flowId: args.flowId,
|
|
248
249
|
publicIdentityKey: args.publicIdentityKey,
|
|
249
250
|
nonce: args.nonce,
|
|
250
|
-
|
|
251
|
+
contractDigest: args.contractDigest,
|
|
251
252
|
iat,
|
|
252
253
|
sig: base64urlEncode(signature),
|
|
253
254
|
};
|
|
@@ -315,6 +316,7 @@ export async function waitForDeviceActivation(args) {
|
|
|
315
316
|
}
|
|
316
317
|
export async function getDeviceConnectInfo(args) {
|
|
317
318
|
const request = await signDeviceWaitRequest({
|
|
319
|
+
flowId: "connect-info",
|
|
318
320
|
publicIdentityKey: args.publicIdentityKey,
|
|
319
321
|
identitySeed: args.identitySeed,
|
|
320
322
|
contractDigest: args.contractDigest,
|
|
@@ -336,30 +338,32 @@ export async function getDeviceConnectInfo(args) {
|
|
|
336
338
|
throw new Error(`device connect info failed: ${response.status}`);
|
|
337
339
|
}
|
|
338
340
|
const body = await response.json();
|
|
339
|
-
if (!Value.Check(
|
|
341
|
+
if (!Value.Check(AuthDevicesConnectInfoGetResponseSchema, body)) {
|
|
340
342
|
throw new Error("Invalid device connect info response");
|
|
341
343
|
}
|
|
342
344
|
return body;
|
|
343
345
|
}
|
|
344
346
|
export function createDeviceActivationClient(client) {
|
|
345
347
|
return {
|
|
346
|
-
|
|
347
|
-
return client.operation("Auth.
|
|
348
|
+
resolveDeviceUserAuthorities(input) {
|
|
349
|
+
return client.operation("Auth.DeviceUserAuthorities.Resolve").input(input)
|
|
350
|
+
.start()
|
|
348
351
|
.orThrow();
|
|
349
352
|
},
|
|
350
|
-
listDeviceActivations(input
|
|
351
|
-
return client.request("Auth.
|
|
353
|
+
listDeviceActivations(input) {
|
|
354
|
+
return client.request("Auth.DeviceUserAuthorities.List", input).orThrow();
|
|
352
355
|
},
|
|
353
356
|
revokeDeviceActivation(input) {
|
|
354
|
-
return client.request("Auth.
|
|
357
|
+
return client.request("Auth.DeviceUserAuthorities.Revoke", input)
|
|
358
|
+
.orThrow();
|
|
355
359
|
},
|
|
356
360
|
getDeviceConnectInfo(input) {
|
|
357
|
-
return client.request("Auth.
|
|
361
|
+
return client.request("Auth.Devices.ConnectInfo.Get", input).orThrow();
|
|
358
362
|
},
|
|
359
363
|
};
|
|
360
364
|
}
|
|
361
365
|
export async function verifyDeviceWaitSignature(input) {
|
|
362
366
|
const publicKey = await importEd25519PublicKeyFromBase64url(input.publicIdentityKey);
|
|
363
|
-
const proofHash = await sha256(buildDeviceWaitProofInput(input.publicIdentityKey, input.nonce, input.iat, input.contractDigest));
|
|
367
|
+
const proofHash = await sha256(buildDeviceWaitProofInput(input.flowId, input.publicIdentityKey, input.nonce, input.iat, input.contractDigest));
|
|
364
368
|
return await crypto.subtle.verify("Ed25519", publicKey, toArrayBuffer(base64urlDecode(input.sig)), toArrayBuffer(proofHash));
|
|
365
369
|
}
|
|
@@ -7,11 +7,11 @@
|
|
|
7
7
|
* - Proofs are Ed25519 signatures over SHA-256(buildProofInput(...)).
|
|
8
8
|
* - Services load their session key seed from `TRELLIS_SESSION_KEY_SEED`.
|
|
9
9
|
*/
|
|
10
|
-
export { type
|
|
11
|
-
export { type AuthConfig, bindFlow, buildLoginUrl, clearSessionKey, createRpcProof, fetchPortalFlowState, generateSessionKey, getOrCreateSessionKey, getPublicSessionKey, hasSessionKey, isBindSuccessResponse, loadSessionKey, natsConnectSigForIat, portalFlowIdFromUrl, portalProviderLoginUrl, portalRedirectLocation, type SessionKeyHandle, signBytes, startAuthRequest, submitPortalApproval, } from "./browser.js";
|
|
10
|
+
export { type AuthDeviceUserAuthoritiesListInput, type AuthDeviceUserAuthoritiesListOutput, type AuthDeviceUserAuthoritiesRevokeInput, type AuthDeviceUserAuthoritiesRevokeResponse, type AuthResolveDeviceUserAuthoritiesInput, type AuthResolveDeviceUserAuthoritiesOperation, type AuthResolveDeviceUserAuthoritiesOutput, type AuthResolveDeviceUserAuthoritiesProgress, buildDeviceActivationPayload, buildDeviceWaitProofInput, createDeviceActivationClient, createDeviceNatsAuthToken, deriveDeviceConfirmationCode, deriveDeviceIdentity, deriveDeviceQrMac, type DeviceActivationPayload, type DeviceActivationTransport, type DeviceActivationWaitRequest, type DeviceIdentity, encodeDeviceActivationPayload, getDeviceConnectInfo, type GetDeviceConnectInfoInput, type GetDeviceConnectInfoOutput, parseDeviceActivationPayload, signDeviceWaitRequest, startDeviceActivationRequest, verifyDeviceConfirmationCode, verifyDeviceWaitSignature, waitForDeviceActivation, type WaitForDeviceActivationResponse, } from "./device_activation.js";
|
|
11
|
+
export { type AuthConfig, bindFlow, buildLoginUrl, clearSessionKey, createRpcProof, fetchPortalFlowState, generateSessionKey, getOrCreateSessionKey, getPublicSessionKey, hasSessionKey, isBindSuccessResponse, loadSessionKey, natsConnectSigForIat, portalFlowIdFromUrl, portalProviderLoginUrl, portalRedirectLocation, type SessionKeyHandle, type SessionKeyOptions, type SessionKeyPersistenceMode, signBytes, startAuthRequest, submitPortalApproval, } from "./browser.js";
|
|
12
12
|
export { buildProofInput, createProof, type ProofParams, verifyProof, } from "./proof.js";
|
|
13
|
-
export { ApprovalRecordViewSchema,
|
|
14
|
-
export { type ApprovalDecision, ApprovalDecisionSchema, type AuthStartFlowResponse, AuthStartFlowResponseSchema, type AuthStartRequest, AuthStartRequestSchema, type AuthStartResponse, AuthStartResponseSchema, type BindResponse, BindResponseSchema, type BindSuccessResponse, BindSuccessResponseSchema, type ClientTransportEndpoints, ClientTransportEndpointsSchema, type ClientTransports, ClientTransportsSchema, type ContractApproval, ContractApprovalSchema, type NatsAuthTokenV1, NatsAuthTokenV1Schema, type SentinelCreds, SentinelCredsSchema, type UserParticipantKind, UserParticipantKindSchema, } from "./schemas.js";
|
|
13
|
+
export { ApprovalRecordViewSchema, AuthCapabilitiesListResponseSchema, AuthCapabilitiesListSchema, AuthCapabilityGroupsDeleteResponseSchema, AuthCapabilityGroupsDeleteSchema, AuthCapabilityGroupsGetResponseSchema, AuthCapabilityGroupsGetSchema, AuthCapabilityGroupsListResponseSchema, AuthCapabilityGroupsListSchema, AuthCapabilityGroupsPutResponseSchema, AuthCapabilityGroupsPutSchema, type AuthDeployment, type AuthDeploymentKind, AuthDeploymentKindSchema, AuthDeploymentSchema, AuthDeploymentsCreateResponseSchema, AuthDeploymentsCreateSchema, AuthDeploymentsDisableResponseSchema, AuthDeploymentsDisableSchema, AuthDeploymentsEnableResponseSchema, AuthDeploymentsEnableSchema, AuthDeploymentsListResponseSchema, AuthDeploymentsListSchema, AuthDeploymentsRemoveResponseSchema, AuthDeploymentsRemoveSchema, AuthDevicesConnectInfoGetResponseSchema, AuthDevicesConnectInfoGetSchema, AuthDevicesDisableResponseSchema, AuthDevicesDisableSchema, AuthDevicesEnableResponseSchema, AuthDevicesEnableSchema, AuthDevicesListResponseSchema, AuthDevicesListSchema, AuthDevicesProvisionResponseSchema, AuthDevicesProvisionSchema, AuthDevicesRemoveResponseSchema, AuthDevicesRemoveSchema, AuthDeviceUserAuthoritiesApprovedEventSchema, AuthDeviceUserAuthoritiesListResponseSchema, AuthDeviceUserAuthoritiesListSchema, AuthDeviceUserAuthoritiesRequestedEventSchema, AuthDeviceUserAuthoritiesResolvedEventSchema, AuthDeviceUserAuthoritiesReviewRequestedEventSchema, AuthDeviceUserAuthoritiesReviewsDecideResponseSchema, AuthDeviceUserAuthoritiesReviewsDecideSchema, AuthDeviceUserAuthoritiesReviewsListResponseSchema, AuthDeviceUserAuthoritiesReviewsListSchema, AuthDeviceUserAuthoritiesRevokeResponseSchema, AuthDeviceUserAuthoritiesRevokeSchema, type AuthenticatedDevice, AuthenticatedDeviceSchema, type AuthenticatedService, type AuthenticatedUser, type AuthEnvelopeExpansionsListResponse, AuthEnvelopeExpansionsListResponseSchema, AuthEnvelopeExpansionsListSchema, type AuthEnvelopesApproveRequestResponse, AuthEnvelopesApproveRequestResponseSchema, AuthEnvelopesApproveRequestSchema, type AuthEnvelopesExpandResponse, AuthEnvelopesExpandResponseSchema, AuthEnvelopesExpandSchema, type AuthEnvelopesGetResponse, AuthEnvelopesGetResponseSchema, AuthEnvelopesGetSchema, type AuthEnvelopesGrantOverridesListResponse, AuthEnvelopesGrantOverridesListResponseSchema, AuthEnvelopesGrantOverridesListSchema, AuthEnvelopesGrantOverridesPutSchema, AuthEnvelopesGrantOverridesRemoveSchema, type AuthEnvelopesGrantOverridesResponse, AuthEnvelopesGrantOverridesResponseSchema, type AuthEnvelopesListResponse, AuthEnvelopesListResponseSchema, AuthEnvelopesListSchema, type AuthEnvelopesShrinkResponse, AuthEnvelopesShrinkResponseSchema, AuthEnvelopesShrinkSchema, AuthIdentitiesGrantsListResponseSchema, AuthIdentitiesGrantsListSchema, AuthIdentitiesListResponseSchema, AuthIdentitiesListSchema, AuthIdentityEnvelopesRevokeResponseSchema, AuthIdentityEnvelopesRevokeSchema, AuthPortalsGetResponseSchema, AuthPortalsGetSchema, AuthPortalsListResponseSchema, AuthPortalsListSchema, AuthPortalsLoginSettingsGetSchema, AuthPortalsLoginSettingsResponseSchema, AuthPortalsLoginSettingsUpdateSchema, AuthPortalsRoutesPutResponseSchema, AuthPortalsRoutesPutSchema, AuthPortalsRoutesRemoveResponseSchema, AuthPortalsRoutesRemoveSchema, AuthRequestsValidateResponseSchema, AuthRequestsValidateSchema, AuthResolveDeviceUserAuthoritiesProgressSchema, AuthResolveDeviceUserAuthoritiesResponseSchema, AuthResolveDeviceUserAuthoritiesSchema, AuthServiceInstancesDisableResponseSchema, AuthServiceInstancesDisableSchema, AuthServiceInstancesEnableResponseSchema, AuthServiceInstancesEnableSchema, AuthServiceInstancesListResponseSchema, AuthServiceInstancesListSchema, AuthServiceInstancesProvisionResponseSchema, AuthServiceInstancesProvisionSchema, AuthServiceInstancesRemoveResponseSchema, AuthServiceInstancesRemoveSchema, type AuthSessionsMeResponse, AuthSessionsMeResponseSchema, AuthSessionsMeSchema, AuthUserIdentitiesListResponseSchema, AuthUserIdentitiesListSchema, AuthUserIdentitiesUnlinkResponseSchema, AuthUserIdentitiesUnlinkSchema, AuthUsersAccountFlowCreateResponseSchema, AuthUsersCreateResponseSchema, AuthUsersCreateSchema, AuthUsersGetResponseSchema, AuthUsersGetSchema, AuthUsersIdentityLinkCreateSchema, AuthUsersListResponseSchema, AuthUsersListSchema, AuthUsersPasswordChangeResponseSchema, AuthUsersPasswordChangeSchema, AuthUsersPasswordResetCreateSchema, AuthUsersUpdateResponseSchema, AuthUsersUpdateSchema, CallerViewSchema, ContractAnalysisSchema, ContractAnalysisSummarySchema, DeploymentContractEvidenceSchema, type DeploymentEnvelope, type DeploymentGrantOverride, DeploymentGrantOverrideSchema, DeploymentPortalRouteSchema, DeploymentResourceBindingSchema, type DeviceActivationRecord, DeviceActivationRecordSchema, DeviceActivationReviewSchema, DeviceConnectInfoSchema, DeviceDeploymentSchema, DeviceSchema, DigestSchema, type EnvelopeBoundary, EnvelopeBoundarySchema, EnvelopeExpansionRequestSchema, type FlowRegistrationAvailability, FlowRegistrationAvailabilitySchema, type LoginPortalRecord, LoginPortalRecordSchema, type LoginPortalRoute, LoginPortalRouteSchema, type LoginPortalSettings, LoginPortalSettingsSchema, type LoginPortalSummary, LoginPortalSummarySchema, OpenObjectSchema, type ParticipantKind, ParticipantKindSchema, type PortalFlowApp, type PortalFlowApproval, type PortalFlowApprovalDeniedState, type PortalFlowApprovalRequiredState, type PortalFlowChooseProviderState, type PortalFlowExpiredState, type PortalFlowInsufficientCapabilitiesState, type PortalFlowProvider, type PortalFlowRedirectState, type PortalFlowState, PortalFlowStateSchema, type PortalFlowUser, ServiceDeploymentSchema, ServiceInstanceSchema, UserGrantViewSchema, UserViewSchema, WaitForDeviceActivationRequestSchema, WaitForDeviceActivationResponseSchema, } from "./protocol.js";
|
|
14
|
+
export { approvalCapabilityKeys, type ApprovalDecision, ApprovalDecisionSchema, type AuthStartFlowResponse, AuthStartFlowResponseSchema, type AuthStartRequest, AuthStartRequestSchema, type AuthStartResponse, AuthStartResponseSchema, type BindResponse, BindResponseSchema, type BindSuccessResponse, BindSuccessResponseSchema, type ClientTransportEndpoints, ClientTransportEndpointsSchema, type ClientTransports, ClientTransportsSchema, type ContractApproval, type ContractApprovalCapability, ContractApprovalSchema, type NatsAuthTokenV1, NatsAuthTokenV1Schema, type SentinelCreds, SentinelCredsSchema, type UserParticipantKind, UserParticipantKindSchema, } from "./schemas.js";
|
|
15
15
|
export { buildNatsConnectSignaturePayload, createAuth, type NatsConnectOptions, type TrellisAuth, } from "./session_auth.js";
|
|
16
16
|
export { correctedIatSeconds, estimateMidpointClockOffsetMs } from "./time.js";
|
|
17
17
|
export { trellisIdFromOriginId } from "./trellis_id.js";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../../../src/auth/mod.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EACL,KAAK,
|
|
1
|
+
{"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../../../src/auth/mod.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EACL,KAAK,kCAAkC,EACvC,KAAK,mCAAmC,EACxC,KAAK,oCAAoC,EACzC,KAAK,uCAAuC,EAC5C,KAAK,qCAAqC,EAC1C,KAAK,yCAAyC,EAC9C,KAAK,sCAAsC,EAC3C,KAAK,wCAAwC,EAC7C,4BAA4B,EAC5B,yBAAyB,EACzB,4BAA4B,EAC5B,yBAAyB,EACzB,4BAA4B,EAC5B,oBAAoB,EACpB,iBAAiB,EACjB,KAAK,uBAAuB,EAC5B,KAAK,yBAAyB,EAC9B,KAAK,2BAA2B,EAChC,KAAK,cAAc,EACnB,6BAA6B,EAC7B,oBAAoB,EACpB,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,EAC/B,4BAA4B,EAC5B,qBAAqB,EACrB,4BAA4B,EAC5B,4BAA4B,EAC5B,yBAAyB,EACzB,uBAAuB,EACvB,KAAK,+BAA+B,GACrC,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,KAAK,UAAU,EACf,QAAQ,EACR,aAAa,EACb,eAAe,EACf,cAAc,EACd,oBAAoB,EACpB,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,aAAa,EACb,qBAAqB,EACrB,cAAc,EACd,oBAAoB,EACpB,mBAAmB,EACnB,sBAAsB,EACtB,sBAAsB,EACtB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,yBAAyB,EAC9B,SAAS,EACT,gBAAgB,EAChB,oBAAoB,GACrB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,eAAe,EACf,WAAW,EACX,KAAK,WAAW,EAChB,WAAW,GACZ,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,wBAAwB,EACxB,kCAAkC,EAClC,0BAA0B,EAC1B,wCAAwC,EACxC,gCAAgC,EAChC,qCAAqC,EACrC,6BAA6B,EAC7B,sCAAsC,EACtC,8BAA8B,EAC9B,qCAAqC,EACrC,6BAA6B,EAC7B,KAAK,cAAc,EACnB,KAAK,kBAAkB,EACvB,wBAAwB,EACxB,oBAAoB,EACpB,mCAAmC,EACnC,2BAA2B,EAC3B,oCAAoC,EACpC,4BAA4B,EAC5B,mCAAmC,EACnC,2BAA2B,EAC3B,iCAAiC,EACjC,yBAAyB,EACzB,mCAAmC,EACnC,2BAA2B,EAC3B,uCAAuC,EACvC,+BAA+B,EAC/B,gCAAgC,EAChC,wBAAwB,EACxB,+BAA+B,EAC/B,uBAAuB,EACvB,6BAA6B,EAC7B,qBAAqB,EACrB,kCAAkC,EAClC,0BAA0B,EAC1B,+BAA+B,EAC/B,uBAAuB,EACvB,4CAA4C,EAC5C,2CAA2C,EAC3C,mCAAmC,EACnC,6CAA6C,EAC7C,4CAA4C,EAC5C,mDAAmD,EACnD,oDAAoD,EACpD,4CAA4C,EAC5C,kDAAkD,EAClD,0CAA0C,EAC1C,6CAA6C,EAC7C,qCAAqC,EACrC,KAAK,mBAAmB,EACxB,yBAAyB,EACzB,KAAK,oBAAoB,EACzB,KAAK,iBAAiB,EACtB,KAAK,kCAAkC,EACvC,wCAAwC,EACxC,gCAAgC,EAChC,KAAK,mCAAmC,EACxC,yCAAyC,EACzC,iCAAiC,EACjC,KAAK,2BAA2B,EAChC,iCAAiC,EACjC,yBAAyB,EACzB,KAAK,wBAAwB,EAC7B,8BAA8B,EAC9B,sBAAsB,EACtB,KAAK,uCAAuC,EAC5C,6CAA6C,EAC7C,qCAAqC,EACrC,oCAAoC,EACpC,uCAAuC,EACvC,KAAK,mCAAmC,EACxC,yCAAyC,EACzC,KAAK,yBAAyB,EAC9B,+BAA+B,EAC/B,uBAAuB,EACvB,KAAK,2BAA2B,EAChC,iCAAiC,EACjC,yBAAyB,EACzB,sCAAsC,EACtC,8BAA8B,EAC9B,gCAAgC,EAChC,wBAAwB,EACxB,yCAAyC,EACzC,iCAAiC,EACjC,4BAA4B,EAC5B,oBAAoB,EACpB,6BAA6B,EAC7B,qBAAqB,EACrB,iCAAiC,EACjC,sCAAsC,EACtC,oCAAoC,EACpC,kCAAkC,EAClC,0BAA0B,EAC1B,qCAAqC,EACrC,6BAA6B,EAC7B,kCAAkC,EAClC,0BAA0B,EAC1B,8CAA8C,EAC9C,8CAA8C,EAC9C,sCAAsC,EACtC,yCAAyC,EACzC,iCAAiC,EACjC,wCAAwC,EACxC,gCAAgC,EAChC,sCAAsC,EACtC,8BAA8B,EAC9B,2CAA2C,EAC3C,mCAAmC,EACnC,wCAAwC,EACxC,gCAAgC,EAChC,KAAK,sBAAsB,EAC3B,4BAA4B,EAC5B,oBAAoB,EACpB,oCAAoC,EACpC,4BAA4B,EAC5B,sCAAsC,EACtC,8BAA8B,EAC9B,wCAAwC,EACxC,6BAA6B,EAC7B,qBAAqB,EACrB,0BAA0B,EAC1B,kBAAkB,EAClB,iCAAiC,EACjC,2BAA2B,EAC3B,mBAAmB,EACnB,qCAAqC,EACrC,6BAA6B,EAC7B,kCAAkC,EAClC,6BAA6B,EAC7B,qBAAqB,EACrB,gBAAgB,EAChB,sBAAsB,EACtB,6BAA6B,EAC7B,gCAAgC,EAChC,KAAK,kBAAkB,EACvB,KAAK,uBAAuB,EAC5B,6BAA6B,EAC7B,2BAA2B,EAC3B,+BAA+B,EAC/B,KAAK,sBAAsB,EAC3B,4BAA4B,EAC5B,4BAA4B,EAC5B,uBAAuB,EACvB,sBAAsB,EACtB,YAAY,EACZ,YAAY,EACZ,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,8BAA8B,EAC9B,KAAK,4BAA4B,EACjC,kCAAkC,EAClC,KAAK,iBAAiB,EACtB,uBAAuB,EACvB,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,mBAAmB,EACxB,yBAAyB,EACzB,KAAK,kBAAkB,EACvB,wBAAwB,EACxB,gBAAgB,EAChB,KAAK,eAAe,EACpB,qBAAqB,EACrB,KAAK,aAAa,EAClB,KAAK,kBAAkB,EACvB,KAAK,6BAA6B,EAClC,KAAK,+BAA+B,EACpC,KAAK,6BAA6B,EAClC,KAAK,sBAAsB,EAC3B,KAAK,uCAAuC,EAC5C,KAAK,kBAAkB,EACvB,KAAK,uBAAuB,EAC5B,KAAK,eAAe,EACpB,qBAAqB,EACrB,KAAK,cAAc,EACnB,uBAAuB,EACvB,qBAAqB,EACrB,mBAAmB,EACnB,cAAc,EACd,oCAAoC,EACpC,qCAAqC,GACtC,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,sBAAsB,EACtB,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,qBAAqB,EAC1B,2BAA2B,EAC3B,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,iBAAiB,EACtB,uBAAuB,EACvB,KAAK,YAAY,EACjB,kBAAkB,EAClB,KAAK,mBAAmB,EACxB,yBAAyB,EACzB,KAAK,wBAAwB,EAC7B,8BAA8B,EAC9B,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,gBAAgB,EACrB,KAAK,0BAA0B,EAC/B,sBAAsB,EACtB,KAAK,eAAe,EACpB,qBAAqB,EACrB,KAAK,aAAa,EAClB,mBAAmB,EACnB,KAAK,mBAAmB,EACxB,yBAAyB,GAC1B,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,gCAAgC,EAChC,UAAU,EACV,KAAK,kBAAkB,EACvB,KAAK,WAAW,GACjB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,mBAAmB,EAAE,6BAA6B,EAAE,MAAM,WAAW,CAAC;AAC/E,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EACL,eAAe,EACf,eAAe,EACf,qBAAqB,EACrB,MAAM,EACN,aAAa,EACb,IAAI,GACL,MAAM,YAAY,CAAC"}
|
package/esm/npm/src/auth/mod.js
CHANGED
|
@@ -10,8 +10,8 @@
|
|
|
10
10
|
export { buildDeviceActivationPayload, buildDeviceWaitProofInput, createDeviceActivationClient, createDeviceNatsAuthToken, deriveDeviceConfirmationCode, deriveDeviceIdentity, deriveDeviceQrMac, encodeDeviceActivationPayload, getDeviceConnectInfo, parseDeviceActivationPayload, signDeviceWaitRequest, startDeviceActivationRequest, verifyDeviceConfirmationCode, verifyDeviceWaitSignature, waitForDeviceActivation, } from "./device_activation.js";
|
|
11
11
|
export { bindFlow, buildLoginUrl, clearSessionKey, createRpcProof, fetchPortalFlowState, generateSessionKey, getOrCreateSessionKey, getPublicSessionKey, hasSessionKey, isBindSuccessResponse, loadSessionKey, natsConnectSigForIat, portalFlowIdFromUrl, portalProviderLoginUrl, portalRedirectLocation, signBytes, startAuthRequest, submitPortalApproval, } from "./browser.js";
|
|
12
12
|
export { buildProofInput, createProof, verifyProof, } from "./proof.js";
|
|
13
|
-
export { ApprovalRecordViewSchema,
|
|
14
|
-
export { ApprovalDecisionSchema, AuthStartFlowResponseSchema, AuthStartRequestSchema, AuthStartResponseSchema, BindResponseSchema, BindSuccessResponseSchema, ClientTransportEndpointsSchema, ClientTransportsSchema, ContractApprovalSchema, NatsAuthTokenV1Schema, SentinelCredsSchema, UserParticipantKindSchema, } from "./schemas.js";
|
|
13
|
+
export { ApprovalRecordViewSchema, AuthCapabilitiesListResponseSchema, AuthCapabilitiesListSchema, AuthCapabilityGroupsDeleteResponseSchema, AuthCapabilityGroupsDeleteSchema, AuthCapabilityGroupsGetResponseSchema, AuthCapabilityGroupsGetSchema, AuthCapabilityGroupsListResponseSchema, AuthCapabilityGroupsListSchema, AuthCapabilityGroupsPutResponseSchema, AuthCapabilityGroupsPutSchema, AuthDeploymentKindSchema, AuthDeploymentSchema, AuthDeploymentsCreateResponseSchema, AuthDeploymentsCreateSchema, AuthDeploymentsDisableResponseSchema, AuthDeploymentsDisableSchema, AuthDeploymentsEnableResponseSchema, AuthDeploymentsEnableSchema, AuthDeploymentsListResponseSchema, AuthDeploymentsListSchema, AuthDeploymentsRemoveResponseSchema, AuthDeploymentsRemoveSchema, AuthDevicesConnectInfoGetResponseSchema, AuthDevicesConnectInfoGetSchema, AuthDevicesDisableResponseSchema, AuthDevicesDisableSchema, AuthDevicesEnableResponseSchema, AuthDevicesEnableSchema, AuthDevicesListResponseSchema, AuthDevicesListSchema, AuthDevicesProvisionResponseSchema, AuthDevicesProvisionSchema, AuthDevicesRemoveResponseSchema, AuthDevicesRemoveSchema, AuthDeviceUserAuthoritiesApprovedEventSchema, AuthDeviceUserAuthoritiesListResponseSchema, AuthDeviceUserAuthoritiesListSchema, AuthDeviceUserAuthoritiesRequestedEventSchema, AuthDeviceUserAuthoritiesResolvedEventSchema, AuthDeviceUserAuthoritiesReviewRequestedEventSchema, AuthDeviceUserAuthoritiesReviewsDecideResponseSchema, AuthDeviceUserAuthoritiesReviewsDecideSchema, AuthDeviceUserAuthoritiesReviewsListResponseSchema, AuthDeviceUserAuthoritiesReviewsListSchema, AuthDeviceUserAuthoritiesRevokeResponseSchema, AuthDeviceUserAuthoritiesRevokeSchema, AuthenticatedDeviceSchema, AuthEnvelopeExpansionsListResponseSchema, AuthEnvelopeExpansionsListSchema, AuthEnvelopesApproveRequestResponseSchema, AuthEnvelopesApproveRequestSchema, AuthEnvelopesExpandResponseSchema, AuthEnvelopesExpandSchema, AuthEnvelopesGetResponseSchema, AuthEnvelopesGetSchema, AuthEnvelopesGrantOverridesListResponseSchema, AuthEnvelopesGrantOverridesListSchema, AuthEnvelopesGrantOverridesPutSchema, AuthEnvelopesGrantOverridesRemoveSchema, AuthEnvelopesGrantOverridesResponseSchema, AuthEnvelopesListResponseSchema, AuthEnvelopesListSchema, AuthEnvelopesShrinkResponseSchema, AuthEnvelopesShrinkSchema, AuthIdentitiesGrantsListResponseSchema, AuthIdentitiesGrantsListSchema, AuthIdentitiesListResponseSchema, AuthIdentitiesListSchema, AuthIdentityEnvelopesRevokeResponseSchema, AuthIdentityEnvelopesRevokeSchema, AuthPortalsGetResponseSchema, AuthPortalsGetSchema, AuthPortalsListResponseSchema, AuthPortalsListSchema, AuthPortalsLoginSettingsGetSchema, AuthPortalsLoginSettingsResponseSchema, AuthPortalsLoginSettingsUpdateSchema, AuthPortalsRoutesPutResponseSchema, AuthPortalsRoutesPutSchema, AuthPortalsRoutesRemoveResponseSchema, AuthPortalsRoutesRemoveSchema, AuthRequestsValidateResponseSchema, AuthRequestsValidateSchema, AuthResolveDeviceUserAuthoritiesProgressSchema, AuthResolveDeviceUserAuthoritiesResponseSchema, AuthResolveDeviceUserAuthoritiesSchema, AuthServiceInstancesDisableResponseSchema, AuthServiceInstancesDisableSchema, AuthServiceInstancesEnableResponseSchema, AuthServiceInstancesEnableSchema, AuthServiceInstancesListResponseSchema, AuthServiceInstancesListSchema, AuthServiceInstancesProvisionResponseSchema, AuthServiceInstancesProvisionSchema, AuthServiceInstancesRemoveResponseSchema, AuthServiceInstancesRemoveSchema, AuthSessionsMeResponseSchema, AuthSessionsMeSchema, AuthUserIdentitiesListResponseSchema, AuthUserIdentitiesListSchema, AuthUserIdentitiesUnlinkResponseSchema, AuthUserIdentitiesUnlinkSchema, AuthUsersAccountFlowCreateResponseSchema, AuthUsersCreateResponseSchema, AuthUsersCreateSchema, AuthUsersGetResponseSchema, AuthUsersGetSchema, AuthUsersIdentityLinkCreateSchema, AuthUsersListResponseSchema, AuthUsersListSchema, AuthUsersPasswordChangeResponseSchema, AuthUsersPasswordChangeSchema, AuthUsersPasswordResetCreateSchema, AuthUsersUpdateResponseSchema, AuthUsersUpdateSchema, CallerViewSchema, ContractAnalysisSchema, ContractAnalysisSummarySchema, DeploymentContractEvidenceSchema, DeploymentGrantOverrideSchema, DeploymentPortalRouteSchema, DeploymentResourceBindingSchema, DeviceActivationRecordSchema, DeviceActivationReviewSchema, DeviceConnectInfoSchema, DeviceDeploymentSchema, DeviceSchema, DigestSchema, EnvelopeBoundarySchema, EnvelopeExpansionRequestSchema, FlowRegistrationAvailabilitySchema, LoginPortalRecordSchema, LoginPortalRouteSchema, LoginPortalSettingsSchema, LoginPortalSummarySchema, OpenObjectSchema, ParticipantKindSchema, PortalFlowStateSchema, ServiceDeploymentSchema, ServiceInstanceSchema, UserGrantViewSchema, UserViewSchema, WaitForDeviceActivationRequestSchema, WaitForDeviceActivationResponseSchema, } from "./protocol.js";
|
|
14
|
+
export { approvalCapabilityKeys, ApprovalDecisionSchema, AuthStartFlowResponseSchema, AuthStartRequestSchema, AuthStartResponseSchema, BindResponseSchema, BindSuccessResponseSchema, ClientTransportEndpointsSchema, ClientTransportsSchema, ContractApprovalSchema, NatsAuthTokenV1Schema, SentinelCredsSchema, UserParticipantKindSchema, } from "./schemas.js";
|
|
15
15
|
export { buildNatsConnectSignaturePayload, createAuth, } from "./session_auth.js";
|
|
16
16
|
export { correctedIatSeconds, estimateMidpointClockOffsetMs } from "./time.js";
|
|
17
17
|
export { trellisIdFromOriginId } from "./trellis_id.js";
|
|
@@ -2,8 +2,10 @@ export type ProofParams = {
|
|
|
2
2
|
sessionKey: string;
|
|
3
3
|
subject: string;
|
|
4
4
|
payloadHash: Uint8Array;
|
|
5
|
+
iat: number;
|
|
6
|
+
requestId: string;
|
|
5
7
|
};
|
|
6
|
-
export declare function buildProofInput(sessionKey: string, subject: string, payloadHash: Uint8Array): Uint8Array;
|
|
8
|
+
export declare function buildProofInput(sessionKey: string, subject: string, payloadHash: Uint8Array, iat: number, requestId: string): Uint8Array;
|
|
7
9
|
export declare function createProof(privateKey: CryptoKey, params: ProofParams): Promise<string>;
|
|
8
10
|
export declare function verifyProof(publicSessionKey: string, params: ProofParams, proofBase64url: string): Promise<boolean>;
|
|
9
11
|
//# sourceMappingURL=proof.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"proof.d.ts","sourceRoot":"","sources":["../../../../src/auth/proof.ts"],"names":[],"mappings":"AAUA,MAAM,MAAM,WAAW,GAAG;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,UAAU,CAAC;
|
|
1
|
+
{"version":3,"file":"proof.d.ts","sourceRoot":"","sources":["../../../../src/auth/proof.ts"],"names":[],"mappings":"AAUA,MAAM,MAAM,WAAW,GAAG;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,UAAU,CAAC;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;CACnB,CAAC;AAcF,wBAAgB,eAAe,CAC7B,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,EACf,WAAW,EAAE,UAAU,EACvB,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,MAAM,GAChB,UAAU,CA4BZ;AAED,wBAAsB,WAAW,CAC/B,UAAU,EAAE,SAAS,EACrB,MAAM,EAAE,WAAW,GAClB,OAAO,CAAC,MAAM,CAAC,CAejB;AAED,wBAAsB,WAAW,CAC/B,gBAAgB,EAAE,MAAM,EACxB,MAAM,EAAE,WAAW,EACnB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,OAAO,CAAC,CAoBlB"}
|
|
@@ -1,39 +1,45 @@
|
|
|
1
1
|
import { base64urlDecode, base64urlEncode, sha256, toArrayBuffer, utf8, } from "./utils.js";
|
|
2
2
|
import { importEd25519PublicKeyFromBase64url } from "./keys.js";
|
|
3
3
|
import { AsyncResult } from "@qlever-llc/result";
|
|
4
|
-
|
|
4
|
+
function appendLengthPrefixed(buf, view, offset, value) {
|
|
5
|
+
view.setUint32(offset, value.length);
|
|
6
|
+
offset += 4;
|
|
7
|
+
buf.set(value, offset);
|
|
8
|
+
return offset + value.length;
|
|
9
|
+
}
|
|
10
|
+
export function buildProofInput(sessionKey, subject, payloadHash, iat, requestId) {
|
|
5
11
|
const sessionKeyBytes = utf8(sessionKey);
|
|
6
12
|
const subjectBytes = utf8(subject);
|
|
13
|
+
const iatBytes = utf8(String(iat));
|
|
14
|
+
const requestIdBytes = utf8(requestId);
|
|
7
15
|
const buf = new Uint8Array(4 +
|
|
8
16
|
sessionKeyBytes.length +
|
|
9
17
|
4 +
|
|
10
18
|
subjectBytes.length +
|
|
11
19
|
4 +
|
|
12
|
-
payloadHash.length
|
|
20
|
+
payloadHash.length +
|
|
21
|
+
4 +
|
|
22
|
+
iatBytes.length +
|
|
23
|
+
4 +
|
|
24
|
+
requestIdBytes.length);
|
|
13
25
|
const view = new DataView(buf.buffer);
|
|
14
26
|
let offset = 0;
|
|
15
|
-
view
|
|
16
|
-
offset
|
|
17
|
-
buf
|
|
18
|
-
offset
|
|
19
|
-
view
|
|
20
|
-
offset += 4;
|
|
21
|
-
buf.set(subjectBytes, offset);
|
|
22
|
-
offset += subjectBytes.length;
|
|
23
|
-
view.setUint32(offset, payloadHash.length);
|
|
24
|
-
offset += 4;
|
|
25
|
-
buf.set(payloadHash, offset);
|
|
27
|
+
offset = appendLengthPrefixed(buf, view, offset, sessionKeyBytes);
|
|
28
|
+
offset = appendLengthPrefixed(buf, view, offset, subjectBytes);
|
|
29
|
+
offset = appendLengthPrefixed(buf, view, offset, payloadHash);
|
|
30
|
+
offset = appendLengthPrefixed(buf, view, offset, iatBytes);
|
|
31
|
+
appendLengthPrefixed(buf, view, offset, requestIdBytes);
|
|
26
32
|
return buf;
|
|
27
33
|
}
|
|
28
34
|
export async function createProof(privateKey, params) {
|
|
29
|
-
const input = buildProofInput(params.sessionKey, params.subject, params.payloadHash);
|
|
35
|
+
const input = buildProofInput(params.sessionKey, params.subject, params.payloadHash, params.iat, params.requestId);
|
|
30
36
|
const digest = await sha256(input);
|
|
31
37
|
const sig = await crypto.subtle.sign({ name: "Ed25519" }, privateKey, toArrayBuffer(digest));
|
|
32
38
|
return base64urlEncode(new Uint8Array(sig));
|
|
33
39
|
}
|
|
34
40
|
export async function verifyProof(publicSessionKey, params, proofBase64url) {
|
|
35
41
|
const result = await AsyncResult.try(async () => {
|
|
36
|
-
const input = buildProofInput(params.sessionKey, params.subject, params.payloadHash);
|
|
42
|
+
const input = buildProofInput(params.sessionKey, params.subject, params.payloadHash, params.iat, params.requestId);
|
|
37
43
|
const digest = await sha256(input);
|
|
38
44
|
const signature = base64urlDecode(proofBase64url);
|
|
39
45
|
const pub = await importEd25519PublicKeyFromBase64url(publicSessionKey);
|