@qlever-llc/trellis 0.8.4 → 0.9.0-rc.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (693) hide show
  1. package/README.md +1 -1
  2. package/bin/trellis-generate.js +0 -0
  3. package/esm/auth/browser/login.d.ts.map +1 -1
  4. package/esm/auth/browser/login.js +46 -3
  5. package/esm/auth/browser/portal.d.ts.map +1 -1
  6. package/esm/auth/browser/portal.js +5 -1
  7. package/esm/auth/browser/session.d.ts +18 -7
  8. package/esm/auth/browser/session.d.ts.map +1 -1
  9. package/esm/auth/browser/session.js +47 -11
  10. package/esm/auth/browser/storage.d.ts +6 -1
  11. package/esm/auth/browser/storage.d.ts.map +1 -1
  12. package/esm/auth/browser/storage.js +15 -3
  13. package/esm/auth/browser.d.ts +2 -2
  14. package/esm/auth/browser.d.ts.map +1 -1
  15. package/esm/auth/browser.js +1 -1
  16. package/esm/auth/device_activation.d.ts +36 -33
  17. package/esm/auth/device_activation.d.ts.map +1 -1
  18. package/esm/auth/device_activation.js +26 -22
  19. package/esm/auth/mod.d.ts +4 -4
  20. package/esm/auth/mod.d.ts.map +1 -1
  21. package/esm/auth/mod.js +2 -2
  22. package/esm/auth/proof.d.ts +3 -1
  23. package/esm/auth/proof.d.ts.map +1 -1
  24. package/esm/auth/proof.js +21 -15
  25. package/esm/auth/protocol.d.ts +2457 -941
  26. package/esm/auth/protocol.d.ts.map +1 -1
  27. package/esm/auth/protocol.js +747 -375
  28. package/esm/auth/schemas.d.ts +25 -4
  29. package/esm/auth/schemas.d.ts.map +1 -1
  30. package/esm/auth/schemas.js +14 -4
  31. package/esm/auth/session_auth.d.ts +1 -1
  32. package/esm/auth/session_auth.d.ts.map +1 -1
  33. package/esm/auth/session_auth.js +7 -1
  34. package/esm/client_connect.d.ts +2 -0
  35. package/esm/client_connect.d.ts.map +1 -1
  36. package/esm/client_connect.js +76 -15
  37. package/esm/contract.d.ts +3 -0
  38. package/esm/contract.d.ts.map +1 -1
  39. package/esm/contract_support/mod.d.ts +422 -43
  40. package/esm/contract_support/mod.d.ts.map +1 -1
  41. package/esm/contract_support/mod.js +734 -33
  42. package/esm/contract_support/protocol.d.ts +20 -5
  43. package/esm/contract_support/protocol.d.ts.map +1 -1
  44. package/esm/contract_support/protocol.js +18 -10
  45. package/esm/contract_support/runtime.d.ts +11 -0
  46. package/esm/contract_support/runtime.d.ts.map +1 -1
  47. package/esm/contract_support/schema_pointers.d.ts.map +1 -1
  48. package/esm/contract_support/schema_pointers.js +32 -14
  49. package/esm/device.d.ts +2 -0
  50. package/esm/device.d.ts.map +1 -1
  51. package/esm/device.js +3 -0
  52. package/esm/errors/AuthError.d.ts +2 -1
  53. package/esm/errors/AuthError.d.ts.map +1 -1
  54. package/esm/errors/AuthError.js +8 -3
  55. package/esm/errors/index.d.ts +4 -4
  56. package/esm/errors/index.d.ts.map +1 -1
  57. package/esm/errors/index.js +1 -0
  58. package/esm/generated-sdk/auth/api.d.ts +27 -9
  59. package/esm/generated-sdk/auth/api.d.ts.map +1 -1
  60. package/esm/generated-sdk/auth/api.js +16 -590
  61. package/esm/generated-sdk/auth/client.d.ts +91 -85
  62. package/esm/generated-sdk/auth/client.d.ts.map +1 -1
  63. package/esm/generated-sdk/auth/contract.d.ts +1 -1
  64. package/esm/generated-sdk/auth/contract.d.ts.map +1 -1
  65. package/esm/generated-sdk/auth/contract.js +4 -2
  66. package/esm/generated-sdk/auth/mod.d.ts +1 -0
  67. package/esm/generated-sdk/auth/mod.d.ts.map +1 -1
  68. package/esm/generated-sdk/auth/owned_api.d.ts +3 -0
  69. package/esm/generated-sdk/auth/owned_api.d.ts.map +1 -0
  70. package/esm/generated-sdk/auth/owned_api.js +594 -0
  71. package/esm/generated-sdk/auth/schemas.d.ts +9959 -5160
  72. package/esm/generated-sdk/auth/schemas.d.ts.map +1 -1
  73. package/esm/generated-sdk/auth/schemas.js +136 -137
  74. package/esm/generated-sdk/auth/types.d.ts +2418 -1557
  75. package/esm/generated-sdk/auth/types.d.ts.map +1 -1
  76. package/esm/generated-sdk/auth/types.js +1 -1
  77. package/esm/generated-sdk/health/api.d.ts +24 -9
  78. package/esm/generated-sdk/health/api.d.ts.map +1 -1
  79. package/esm/generated-sdk/health/api.js +12 -20
  80. package/esm/generated-sdk/health/client.d.ts +2 -1
  81. package/esm/generated-sdk/health/client.d.ts.map +1 -1
  82. package/esm/generated-sdk/health/contract.d.ts.map +1 -1
  83. package/esm/generated-sdk/health/contract.js +2 -0
  84. package/esm/generated-sdk/health/owned_api.d.ts +3 -0
  85. package/esm/generated-sdk/health/owned_api.d.ts.map +1 -0
  86. package/esm/generated-sdk/health/owned_api.js +16 -0
  87. package/esm/generated-sdk/health/types.d.ts +2 -0
  88. package/esm/generated-sdk/health/types.d.ts.map +1 -1
  89. package/esm/generated-sdk/jobs/api.d.ts +33 -9
  90. package/esm/generated-sdk/jobs/api.d.ts.map +1 -1
  91. package/esm/generated-sdk/jobs/api.js +22 -87
  92. package/esm/generated-sdk/jobs/client.d.ts +9 -2
  93. package/esm/generated-sdk/jobs/client.d.ts.map +1 -1
  94. package/esm/generated-sdk/jobs/contract.d.ts +1 -1
  95. package/esm/generated-sdk/jobs/contract.d.ts.map +1 -1
  96. package/esm/generated-sdk/jobs/contract.js +4 -2
  97. package/esm/generated-sdk/jobs/owned_api.d.ts +3 -0
  98. package/esm/generated-sdk/jobs/owned_api.d.ts.map +1 -0
  99. package/esm/generated-sdk/jobs/owned_api.js +118 -0
  100. package/esm/generated-sdk/jobs/schemas.d.ts +336 -123
  101. package/esm/generated-sdk/jobs/schemas.d.ts.map +1 -1
  102. package/esm/generated-sdk/jobs/schemas.js +17 -15
  103. package/esm/generated-sdk/jobs/types.d.ts +144 -34
  104. package/esm/generated-sdk/jobs/types.d.ts.map +1 -1
  105. package/esm/generated-sdk/jobs/types.js +36 -1
  106. package/esm/generated-sdk/state/api.d.ts +27 -9
  107. package/esm/generated-sdk/state/api.d.ts.map +1 -1
  108. package/esm/generated-sdk/state/api.js +16 -71
  109. package/esm/generated-sdk/state/client.d.ts +4 -2
  110. package/esm/generated-sdk/state/client.d.ts.map +1 -1
  111. package/esm/generated-sdk/state/contract.d.ts +1 -1
  112. package/esm/generated-sdk/state/contract.d.ts.map +1 -1
  113. package/esm/generated-sdk/state/contract.js +4 -2
  114. package/esm/generated-sdk/state/owned_api.d.ts +3 -0
  115. package/esm/generated-sdk/state/owned_api.d.ts.map +1 -0
  116. package/esm/generated-sdk/state/owned_api.js +66 -0
  117. package/esm/generated-sdk/state/schemas.d.ts +264 -284
  118. package/esm/generated-sdk/state/schemas.d.ts.map +1 -1
  119. package/esm/generated-sdk/state/schemas.js +6 -6
  120. package/esm/generated-sdk/state/types.d.ts +24 -23
  121. package/esm/generated-sdk/state/types.d.ts.map +1 -1
  122. package/esm/generated-sdk/state/types.js +1 -1
  123. package/esm/generated-sdk/trellis-core/api.d.ts +27 -9
  124. package/esm/generated-sdk/trellis-core/api.d.ts.map +1 -1
  125. package/esm/generated-sdk/trellis-core/api.js +16 -39
  126. package/esm/generated-sdk/trellis-core/client.d.ts +5 -2
  127. package/esm/generated-sdk/trellis-core/client.d.ts.map +1 -1
  128. package/esm/generated-sdk/trellis-core/contract.d.ts +1 -1
  129. package/esm/generated-sdk/trellis-core/contract.d.ts.map +1 -1
  130. package/esm/generated-sdk/trellis-core/contract.js +4 -2
  131. package/esm/generated-sdk/trellis-core/owned_api.d.ts +3 -0
  132. package/esm/generated-sdk/trellis-core/owned_api.d.ts.map +1 -0
  133. package/esm/generated-sdk/trellis-core/owned_api.js +42 -0
  134. package/esm/generated-sdk/trellis-core/schemas.d.ts +259 -11
  135. package/esm/generated-sdk/trellis-core/schemas.d.ts.map +1 -1
  136. package/esm/generated-sdk/trellis-core/schemas.js +5 -3
  137. package/esm/generated-sdk/trellis-core/types.d.ts +56 -1
  138. package/esm/generated-sdk/trellis-core/types.d.ts.map +1 -1
  139. package/esm/generated-sdk/trellis-core/types.js +1 -1
  140. package/esm/helpers.d.ts.map +1 -1
  141. package/esm/index.d.ts +4 -3
  142. package/esm/index.d.ts.map +1 -1
  143. package/esm/index.js +1 -0
  144. package/esm/jobs.d.ts +10 -1
  145. package/esm/jobs.d.ts.map +1 -1
  146. package/esm/jobs.js +16 -1
  147. package/esm/kv.d.ts.map +1 -1
  148. package/esm/kv.js +10 -4
  149. package/esm/models/auth/rpc/Logout.d.ts +4 -4
  150. package/esm/models/auth/rpc/Logout.d.ts.map +1 -1
  151. package/esm/models/auth/rpc/Logout.js +2 -2
  152. package/esm/models/trellis/Page.d.ts +2 -0
  153. package/esm/models/trellis/Page.d.ts.map +1 -0
  154. package/esm/models/trellis/Page.js +1 -0
  155. package/esm/models/trellis/State.d.ts +1 -0
  156. package/esm/models/trellis/State.d.ts.map +1 -1
  157. package/esm/models/trellis/State.js +1 -0
  158. package/esm/models/trellis/rpc/StateList.d.ts +9 -12
  159. package/esm/models/trellis/rpc/StateList.d.ts.map +1 -1
  160. package/esm/models/trellis/rpc/StateList.js +16 -18
  161. package/esm/npm/src/auth/browser/login.d.ts.map +1 -1
  162. package/esm/npm/src/auth/browser/login.js +46 -3
  163. package/esm/npm/src/auth/browser/portal.d.ts.map +1 -1
  164. package/esm/npm/src/auth/browser/portal.js +5 -1
  165. package/esm/npm/src/auth/browser/session.d.ts +18 -7
  166. package/esm/npm/src/auth/browser/session.d.ts.map +1 -1
  167. package/esm/npm/src/auth/browser/session.js +47 -11
  168. package/esm/npm/src/auth/browser/storage.d.ts +6 -1
  169. package/esm/npm/src/auth/browser/storage.d.ts.map +1 -1
  170. package/esm/npm/src/auth/browser/storage.js +15 -3
  171. package/esm/npm/src/auth/browser.d.ts +2 -2
  172. package/esm/npm/src/auth/browser.d.ts.map +1 -1
  173. package/esm/npm/src/auth/browser.js +1 -1
  174. package/esm/npm/src/auth/device_activation.d.ts +36 -33
  175. package/esm/npm/src/auth/device_activation.d.ts.map +1 -1
  176. package/esm/npm/src/auth/device_activation.js +26 -22
  177. package/esm/npm/src/auth/mod.d.ts +4 -4
  178. package/esm/npm/src/auth/mod.d.ts.map +1 -1
  179. package/esm/npm/src/auth/mod.js +2 -2
  180. package/esm/npm/src/auth/proof.d.ts +3 -1
  181. package/esm/npm/src/auth/proof.d.ts.map +1 -1
  182. package/esm/npm/src/auth/proof.js +21 -15
  183. package/esm/npm/src/auth/protocol.d.ts +2457 -941
  184. package/esm/npm/src/auth/protocol.d.ts.map +1 -1
  185. package/esm/npm/src/auth/protocol.js +747 -375
  186. package/esm/npm/src/auth/schemas.d.ts +25 -4
  187. package/esm/npm/src/auth/schemas.d.ts.map +1 -1
  188. package/esm/npm/src/auth/schemas.js +14 -4
  189. package/esm/npm/src/auth/session_auth.d.ts +1 -1
  190. package/esm/npm/src/auth/session_auth.d.ts.map +1 -1
  191. package/esm/npm/src/auth/session_auth.js +7 -1
  192. package/esm/npm/src/client_connect.d.ts +2 -0
  193. package/esm/npm/src/client_connect.d.ts.map +1 -1
  194. package/esm/npm/src/client_connect.js +76 -15
  195. package/esm/npm/src/contract.d.ts +3 -0
  196. package/esm/npm/src/contract.d.ts.map +1 -1
  197. package/esm/npm/src/contract_support/mod.d.ts +422 -43
  198. package/esm/npm/src/contract_support/mod.d.ts.map +1 -1
  199. package/esm/npm/src/contract_support/mod.js +734 -33
  200. package/esm/npm/src/contract_support/protocol.d.ts +20 -5
  201. package/esm/npm/src/contract_support/protocol.d.ts.map +1 -1
  202. package/esm/npm/src/contract_support/protocol.js +18 -10
  203. package/esm/npm/src/contract_support/runtime.d.ts +11 -0
  204. package/esm/npm/src/contract_support/runtime.d.ts.map +1 -1
  205. package/esm/npm/src/contract_support/schema_pointers.d.ts.map +1 -1
  206. package/esm/npm/src/contract_support/schema_pointers.js +32 -14
  207. package/esm/npm/src/device/deno.d.ts.map +1 -1
  208. package/esm/npm/src/device/deno.js +6 -0
  209. package/esm/npm/src/device.d.ts +2 -0
  210. package/esm/npm/src/device.d.ts.map +1 -1
  211. package/esm/npm/src/device.js +3 -0
  212. package/esm/npm/src/errors/AuthError.d.ts +2 -1
  213. package/esm/npm/src/errors/AuthError.d.ts.map +1 -1
  214. package/esm/npm/src/errors/AuthError.js +8 -3
  215. package/esm/npm/src/errors/index.d.ts +4 -4
  216. package/esm/npm/src/errors/index.d.ts.map +1 -1
  217. package/esm/npm/src/errors/index.js +1 -0
  218. package/esm/npm/src/generate.js +39 -26
  219. package/esm/npm/src/helpers.d.ts.map +1 -1
  220. package/esm/npm/src/index.d.ts +4 -3
  221. package/esm/npm/src/index.d.ts.map +1 -1
  222. package/esm/npm/src/index.js +1 -0
  223. package/esm/npm/src/jobs.d.ts +10 -1
  224. package/esm/npm/src/jobs.d.ts.map +1 -1
  225. package/esm/npm/src/jobs.js +16 -1
  226. package/esm/npm/src/kv.d.ts.map +1 -1
  227. package/esm/npm/src/kv.js +10 -4
  228. package/esm/npm/src/models/auth/rpc/Logout.d.ts +4 -4
  229. package/esm/npm/src/models/auth/rpc/Logout.d.ts.map +1 -1
  230. package/esm/npm/src/models/auth/rpc/Logout.js +2 -2
  231. package/esm/npm/src/models/trellis/Page.d.ts +2 -0
  232. package/esm/npm/src/models/trellis/Page.d.ts.map +1 -0
  233. package/esm/npm/src/models/trellis/Page.js +1 -0
  234. package/esm/npm/src/models/trellis/State.d.ts +1 -0
  235. package/esm/npm/src/models/trellis/State.d.ts.map +1 -1
  236. package/esm/npm/src/models/trellis/State.js +1 -0
  237. package/esm/npm/src/models/trellis/rpc/StateList.d.ts +9 -12
  238. package/esm/npm/src/models/trellis/rpc/StateList.d.ts.map +1 -1
  239. package/esm/npm/src/models/trellis/rpc/StateList.js +16 -18
  240. package/esm/npm/src/operations.d.ts +16 -7
  241. package/esm/npm/src/operations.d.ts.map +1 -1
  242. package/esm/npm/src/operations.js +84 -19
  243. package/esm/npm/src/runtime_transport.d.ts +2 -0
  244. package/esm/npm/src/runtime_transport.d.ts.map +1 -1
  245. package/esm/npm/src/runtime_transport.js +1 -0
  246. package/esm/npm/src/server/internal_jobs/active-job.d.ts +2 -1
  247. package/esm/npm/src/server/internal_jobs/active-job.d.ts.map +1 -1
  248. package/esm/npm/src/server/internal_jobs/active-job.js +3 -0
  249. package/esm/npm/src/server/internal_jobs/job-manager.d.ts +4 -1
  250. package/esm/npm/src/server/internal_jobs/job-manager.d.ts.map +1 -1
  251. package/esm/npm/src/server/internal_jobs/job-manager.js +61 -1
  252. package/esm/npm/src/server/internal_jobs/projection.js +1 -0
  253. package/esm/npm/src/server/internal_jobs/runtime-worker.d.ts +13 -1
  254. package/esm/npm/src/server/internal_jobs/runtime-worker.d.ts.map +1 -1
  255. package/esm/npm/src/server/internal_jobs/runtime-worker.js +73 -13
  256. package/esm/npm/src/server/internal_jobs/types.d.ts +19 -0
  257. package/esm/npm/src/server/internal_jobs/types.d.ts.map +1 -1
  258. package/esm/npm/src/server/internal_jobs/types.js +10 -0
  259. package/esm/npm/src/server/runtime.d.ts +1 -0
  260. package/esm/npm/src/server/runtime.d.ts.map +1 -1
  261. package/esm/npm/src/server/service.d.ts +10 -1
  262. package/esm/npm/src/server/service.d.ts.map +1 -1
  263. package/esm/npm/src/server/service.js +210 -64
  264. package/esm/npm/src/server/transfer.d.ts.map +1 -1
  265. package/esm/npm/src/server/transfer.js +4 -0
  266. package/esm/npm/src/server.d.ts.map +1 -1
  267. package/esm/npm/src/server.js +337 -34
  268. package/esm/npm/src/store.d.ts +8 -1
  269. package/esm/npm/src/store.d.ts.map +1 -1
  270. package/esm/npm/src/store.js +46 -8
  271. package/esm/npm/src/transfer.d.ts +3 -0
  272. package/esm/npm/src/transfer.d.ts.map +1 -1
  273. package/esm/npm/src/transfer.js +20 -30
  274. package/esm/npm/src/trellis.d.ts +85 -22
  275. package/esm/npm/src/trellis.d.ts.map +1 -1
  276. package/esm/npm/src/trellis.js +525 -61
  277. package/esm/operations.d.ts +16 -7
  278. package/esm/operations.d.ts.map +1 -1
  279. package/esm/operations.js +84 -19
  280. package/esm/runtime_transport.d.ts +2 -0
  281. package/esm/runtime_transport.d.ts.map +1 -1
  282. package/esm/runtime_transport.js +1 -0
  283. package/esm/store.d.ts +8 -1
  284. package/esm/store.d.ts.map +1 -1
  285. package/esm/store.js +46 -8
  286. package/esm/transfer.d.ts +3 -0
  287. package/esm/transfer.d.ts.map +1 -1
  288. package/esm/transfer.js +20 -30
  289. package/esm/trellis.d.ts +85 -22
  290. package/esm/trellis.d.ts.map +1 -1
  291. package/esm/trellis.js +525 -61
  292. package/package.json +6 -3
  293. package/script/auth/browser/login.d.ts.map +1 -1
  294. package/script/auth/browser/login.js +46 -3
  295. package/script/auth/browser/portal.d.ts.map +1 -1
  296. package/script/auth/browser/portal.js +5 -1
  297. package/script/auth/browser/session.d.ts +18 -7
  298. package/script/auth/browser/session.d.ts.map +1 -1
  299. package/script/auth/browser/session.js +47 -11
  300. package/script/auth/browser/storage.d.ts +6 -1
  301. package/script/auth/browser/storage.d.ts.map +1 -1
  302. package/script/auth/browser/storage.js +15 -3
  303. package/script/auth/browser.d.ts +2 -2
  304. package/script/auth/browser.d.ts.map +1 -1
  305. package/script/auth/browser.js +2 -1
  306. package/script/auth/device_activation.d.ts +36 -33
  307. package/script/auth/device_activation.d.ts.map +1 -1
  308. package/script/auth/device_activation.js +25 -21
  309. package/script/auth/mod.d.ts +4 -4
  310. package/script/auth/mod.d.ts.map +1 -1
  311. package/script/auth/mod.js +132 -137
  312. package/script/auth/proof.d.ts +3 -1
  313. package/script/auth/proof.d.ts.map +1 -1
  314. package/script/auth/proof.js +21 -15
  315. package/script/auth/protocol.d.ts +2457 -941
  316. package/script/auth/protocol.d.ts.map +1 -1
  317. package/script/auth/protocol.js +749 -377
  318. package/script/auth/schemas.d.ts +25 -4
  319. package/script/auth/schemas.d.ts.map +1 -1
  320. package/script/auth/schemas.js +16 -5
  321. package/script/auth/session_auth.d.ts +1 -1
  322. package/script/auth/session_auth.d.ts.map +1 -1
  323. package/script/auth/session_auth.js +7 -1
  324. package/script/client_connect.d.ts +2 -0
  325. package/script/client_connect.d.ts.map +1 -1
  326. package/script/client_connect.js +76 -15
  327. package/script/contract.d.ts +3 -0
  328. package/script/contract.d.ts.map +1 -1
  329. package/script/contract_support/mod.d.ts +422 -43
  330. package/script/contract_support/mod.d.ts.map +1 -1
  331. package/script/contract_support/mod.js +757 -51
  332. package/script/contract_support/protocol.d.ts +20 -5
  333. package/script/contract_support/protocol.d.ts.map +1 -1
  334. package/script/contract_support/protocol.js +20 -11
  335. package/script/contract_support/runtime.d.ts +11 -0
  336. package/script/contract_support/runtime.d.ts.map +1 -1
  337. package/script/contract_support/schema_pointers.d.ts.map +1 -1
  338. package/script/contract_support/schema_pointers.js +32 -14
  339. package/script/device.d.ts +2 -0
  340. package/script/device.d.ts.map +1 -1
  341. package/script/device.js +3 -0
  342. package/script/errors/AuthError.d.ts +2 -1
  343. package/script/errors/AuthError.d.ts.map +1 -1
  344. package/script/errors/AuthError.js +8 -3
  345. package/script/errors/index.d.ts +4 -4
  346. package/script/errors/index.d.ts.map +1 -1
  347. package/script/errors/index.js +1 -0
  348. package/script/generated-sdk/auth/api.d.ts +27 -9
  349. package/script/generated-sdk/auth/api.d.ts.map +1 -1
  350. package/script/generated-sdk/auth/api.js +17 -591
  351. package/script/generated-sdk/auth/client.d.ts +91 -85
  352. package/script/generated-sdk/auth/client.d.ts.map +1 -1
  353. package/script/generated-sdk/auth/contract.d.ts +1 -1
  354. package/script/generated-sdk/auth/contract.d.ts.map +1 -1
  355. package/script/generated-sdk/auth/contract.js +4 -2
  356. package/script/generated-sdk/auth/mod.d.ts +1 -0
  357. package/script/generated-sdk/auth/mod.d.ts.map +1 -1
  358. package/script/generated-sdk/auth/owned_api.d.ts +3 -0
  359. package/script/generated-sdk/auth/owned_api.d.ts.map +1 -0
  360. package/script/generated-sdk/auth/owned_api.js +597 -0
  361. package/script/generated-sdk/auth/schemas.d.ts +9959 -5160
  362. package/script/generated-sdk/auth/schemas.d.ts.map +1 -1
  363. package/script/generated-sdk/auth/schemas.js +139 -140
  364. package/script/generated-sdk/auth/types.d.ts +2418 -1557
  365. package/script/generated-sdk/auth/types.d.ts.map +1 -1
  366. package/script/generated-sdk/auth/types.js +1 -1
  367. package/script/generated-sdk/health/api.d.ts +24 -9
  368. package/script/generated-sdk/health/api.d.ts.map +1 -1
  369. package/script/generated-sdk/health/api.js +13 -21
  370. package/script/generated-sdk/health/client.d.ts +2 -1
  371. package/script/generated-sdk/health/client.d.ts.map +1 -1
  372. package/script/generated-sdk/health/contract.d.ts.map +1 -1
  373. package/script/generated-sdk/health/contract.js +2 -0
  374. package/script/generated-sdk/health/owned_api.d.ts +3 -0
  375. package/script/generated-sdk/health/owned_api.d.ts.map +1 -0
  376. package/script/generated-sdk/health/owned_api.js +19 -0
  377. package/script/generated-sdk/health/types.d.ts +2 -0
  378. package/script/generated-sdk/health/types.d.ts.map +1 -1
  379. package/script/generated-sdk/jobs/api.d.ts +33 -9
  380. package/script/generated-sdk/jobs/api.d.ts.map +1 -1
  381. package/script/generated-sdk/jobs/api.js +23 -88
  382. package/script/generated-sdk/jobs/client.d.ts +9 -2
  383. package/script/generated-sdk/jobs/client.d.ts.map +1 -1
  384. package/script/generated-sdk/jobs/contract.d.ts +1 -1
  385. package/script/generated-sdk/jobs/contract.d.ts.map +1 -1
  386. package/script/generated-sdk/jobs/contract.js +4 -2
  387. package/script/generated-sdk/jobs/owned_api.d.ts +3 -0
  388. package/script/generated-sdk/jobs/owned_api.d.ts.map +1 -0
  389. package/script/generated-sdk/jobs/owned_api.js +154 -0
  390. package/script/generated-sdk/jobs/schemas.d.ts +336 -123
  391. package/script/generated-sdk/jobs/schemas.d.ts.map +1 -1
  392. package/script/generated-sdk/jobs/schemas.js +18 -16
  393. package/script/generated-sdk/jobs/types.d.ts +144 -34
  394. package/script/generated-sdk/jobs/types.d.ts.map +1 -1
  395. package/script/generated-sdk/jobs/types.js +38 -2
  396. package/script/generated-sdk/state/api.d.ts +27 -9
  397. package/script/generated-sdk/state/api.d.ts.map +1 -1
  398. package/script/generated-sdk/state/api.js +17 -72
  399. package/script/generated-sdk/state/client.d.ts +4 -2
  400. package/script/generated-sdk/state/client.d.ts.map +1 -1
  401. package/script/generated-sdk/state/contract.d.ts +1 -1
  402. package/script/generated-sdk/state/contract.d.ts.map +1 -1
  403. package/script/generated-sdk/state/contract.js +4 -2
  404. package/script/generated-sdk/state/owned_api.d.ts +3 -0
  405. package/script/generated-sdk/state/owned_api.d.ts.map +1 -0
  406. package/script/generated-sdk/state/owned_api.js +69 -0
  407. package/script/generated-sdk/state/schemas.d.ts +264 -284
  408. package/script/generated-sdk/state/schemas.d.ts.map +1 -1
  409. package/script/generated-sdk/state/schemas.js +6 -6
  410. package/script/generated-sdk/state/types.d.ts +24 -23
  411. package/script/generated-sdk/state/types.d.ts.map +1 -1
  412. package/script/generated-sdk/state/types.js +1 -1
  413. package/script/generated-sdk/trellis-core/api.d.ts +27 -9
  414. package/script/generated-sdk/trellis-core/api.d.ts.map +1 -1
  415. package/script/generated-sdk/trellis-core/api.js +17 -40
  416. package/script/generated-sdk/trellis-core/client.d.ts +5 -2
  417. package/script/generated-sdk/trellis-core/client.d.ts.map +1 -1
  418. package/script/generated-sdk/trellis-core/contract.d.ts +1 -1
  419. package/script/generated-sdk/trellis-core/contract.d.ts.map +1 -1
  420. package/script/generated-sdk/trellis-core/contract.js +4 -2
  421. package/script/generated-sdk/trellis-core/owned_api.d.ts +3 -0
  422. package/script/generated-sdk/trellis-core/owned_api.d.ts.map +1 -0
  423. package/script/generated-sdk/trellis-core/owned_api.js +45 -0
  424. package/script/generated-sdk/trellis-core/schemas.d.ts +259 -11
  425. package/script/generated-sdk/trellis-core/schemas.d.ts.map +1 -1
  426. package/script/generated-sdk/trellis-core/schemas.js +6 -4
  427. package/script/generated-sdk/trellis-core/types.d.ts +56 -1
  428. package/script/generated-sdk/trellis-core/types.d.ts.map +1 -1
  429. package/script/generated-sdk/trellis-core/types.js +1 -1
  430. package/script/helpers.d.ts.map +1 -1
  431. package/script/index.d.ts +4 -3
  432. package/script/index.d.ts.map +1 -1
  433. package/script/index.js +5 -2
  434. package/script/jobs.d.ts +10 -1
  435. package/script/jobs.d.ts.map +1 -1
  436. package/script/jobs.js +17 -2
  437. package/script/kv.d.ts.map +1 -1
  438. package/script/kv.js +10 -4
  439. package/script/models/auth/rpc/Logout.d.ts +4 -4
  440. package/script/models/auth/rpc/Logout.d.ts.map +1 -1
  441. package/script/models/auth/rpc/Logout.js +3 -3
  442. package/script/models/trellis/Page.d.ts +2 -0
  443. package/script/models/trellis/Page.d.ts.map +1 -0
  444. package/script/models/trellis/Page.js +6 -0
  445. package/script/models/trellis/State.d.ts +1 -0
  446. package/script/models/trellis/State.d.ts.map +1 -1
  447. package/script/models/trellis/State.js +1 -0
  448. package/script/models/trellis/rpc/StateList.d.ts +9 -12
  449. package/script/models/trellis/rpc/StateList.d.ts.map +1 -1
  450. package/script/models/trellis/rpc/StateList.js +16 -18
  451. package/script/npm/src/auth/browser/login.d.ts.map +1 -1
  452. package/script/npm/src/auth/browser/login.js +46 -3
  453. package/script/npm/src/auth/browser/portal.d.ts.map +1 -1
  454. package/script/npm/src/auth/browser/portal.js +5 -1
  455. package/script/npm/src/auth/browser/session.d.ts +18 -7
  456. package/script/npm/src/auth/browser/session.d.ts.map +1 -1
  457. package/script/npm/src/auth/browser/session.js +47 -11
  458. package/script/npm/src/auth/browser/storage.d.ts +6 -1
  459. package/script/npm/src/auth/browser/storage.d.ts.map +1 -1
  460. package/script/npm/src/auth/browser/storage.js +15 -3
  461. package/script/npm/src/auth/browser.d.ts +2 -2
  462. package/script/npm/src/auth/browser.d.ts.map +1 -1
  463. package/script/npm/src/auth/browser.js +2 -1
  464. package/script/npm/src/auth/device_activation.d.ts +36 -33
  465. package/script/npm/src/auth/device_activation.d.ts.map +1 -1
  466. package/script/npm/src/auth/device_activation.js +25 -21
  467. package/script/npm/src/auth/mod.d.ts +4 -4
  468. package/script/npm/src/auth/mod.d.ts.map +1 -1
  469. package/script/npm/src/auth/mod.js +132 -137
  470. package/script/npm/src/auth/proof.d.ts +3 -1
  471. package/script/npm/src/auth/proof.d.ts.map +1 -1
  472. package/script/npm/src/auth/proof.js +21 -15
  473. package/script/npm/src/auth/protocol.d.ts +2457 -941
  474. package/script/npm/src/auth/protocol.d.ts.map +1 -1
  475. package/script/npm/src/auth/protocol.js +749 -377
  476. package/script/npm/src/auth/schemas.d.ts +25 -4
  477. package/script/npm/src/auth/schemas.d.ts.map +1 -1
  478. package/script/npm/src/auth/schemas.js +16 -5
  479. package/script/npm/src/auth/session_auth.d.ts +1 -1
  480. package/script/npm/src/auth/session_auth.d.ts.map +1 -1
  481. package/script/npm/src/auth/session_auth.js +7 -1
  482. package/script/npm/src/client_connect.d.ts +2 -0
  483. package/script/npm/src/client_connect.d.ts.map +1 -1
  484. package/script/npm/src/client_connect.js +76 -15
  485. package/script/npm/src/contract.d.ts +3 -0
  486. package/script/npm/src/contract.d.ts.map +1 -1
  487. package/script/npm/src/contract_support/mod.d.ts +422 -43
  488. package/script/npm/src/contract_support/mod.d.ts.map +1 -1
  489. package/script/npm/src/contract_support/mod.js +757 -51
  490. package/script/npm/src/contract_support/protocol.d.ts +20 -5
  491. package/script/npm/src/contract_support/protocol.d.ts.map +1 -1
  492. package/script/npm/src/contract_support/protocol.js +20 -11
  493. package/script/npm/src/contract_support/runtime.d.ts +11 -0
  494. package/script/npm/src/contract_support/runtime.d.ts.map +1 -1
  495. package/script/npm/src/contract_support/schema_pointers.d.ts.map +1 -1
  496. package/script/npm/src/contract_support/schema_pointers.js +32 -14
  497. package/script/npm/src/device/deno.d.ts.map +1 -1
  498. package/script/npm/src/device/deno.js +6 -0
  499. package/script/npm/src/device.d.ts +2 -0
  500. package/script/npm/src/device.d.ts.map +1 -1
  501. package/script/npm/src/device.js +3 -0
  502. package/script/npm/src/errors/AuthError.d.ts +2 -1
  503. package/script/npm/src/errors/AuthError.d.ts.map +1 -1
  504. package/script/npm/src/errors/AuthError.js +8 -3
  505. package/script/npm/src/errors/index.d.ts +4 -4
  506. package/script/npm/src/errors/index.d.ts.map +1 -1
  507. package/script/npm/src/errors/index.js +1 -0
  508. package/script/npm/src/generate.js +39 -59
  509. package/script/npm/src/helpers.d.ts.map +1 -1
  510. package/script/npm/src/index.d.ts +4 -3
  511. package/script/npm/src/index.d.ts.map +1 -1
  512. package/script/npm/src/index.js +5 -2
  513. package/script/npm/src/jobs.d.ts +10 -1
  514. package/script/npm/src/jobs.d.ts.map +1 -1
  515. package/script/npm/src/jobs.js +17 -2
  516. package/script/npm/src/kv.d.ts.map +1 -1
  517. package/script/npm/src/kv.js +10 -4
  518. package/script/npm/src/models/auth/rpc/Logout.d.ts +4 -4
  519. package/script/npm/src/models/auth/rpc/Logout.d.ts.map +1 -1
  520. package/script/npm/src/models/auth/rpc/Logout.js +3 -3
  521. package/script/npm/src/models/trellis/Page.d.ts +2 -0
  522. package/script/npm/src/models/trellis/Page.d.ts.map +1 -0
  523. package/script/npm/src/models/trellis/Page.js +6 -0
  524. package/script/npm/src/models/trellis/State.d.ts +1 -0
  525. package/script/npm/src/models/trellis/State.d.ts.map +1 -1
  526. package/script/npm/src/models/trellis/State.js +1 -0
  527. package/script/npm/src/models/trellis/rpc/StateList.d.ts +9 -12
  528. package/script/npm/src/models/trellis/rpc/StateList.d.ts.map +1 -1
  529. package/script/npm/src/models/trellis/rpc/StateList.js +16 -18
  530. package/script/npm/src/operations.d.ts +16 -7
  531. package/script/npm/src/operations.d.ts.map +1 -1
  532. package/script/npm/src/operations.js +84 -19
  533. package/script/npm/src/runtime_transport.d.ts +2 -0
  534. package/script/npm/src/runtime_transport.d.ts.map +1 -1
  535. package/script/npm/src/runtime_transport.js +2 -1
  536. package/script/npm/src/server/internal_jobs/active-job.d.ts +2 -1
  537. package/script/npm/src/server/internal_jobs/active-job.d.ts.map +1 -1
  538. package/script/npm/src/server/internal_jobs/active-job.js +3 -0
  539. package/script/npm/src/server/internal_jobs/job-manager.d.ts +4 -1
  540. package/script/npm/src/server/internal_jobs/job-manager.d.ts.map +1 -1
  541. package/script/npm/src/server/internal_jobs/job-manager.js +61 -1
  542. package/script/npm/src/server/internal_jobs/projection.js +1 -0
  543. package/script/npm/src/server/internal_jobs/runtime-worker.d.ts +13 -1
  544. package/script/npm/src/server/internal_jobs/runtime-worker.d.ts.map +1 -1
  545. package/script/npm/src/server/internal_jobs/runtime-worker.js +74 -13
  546. package/script/npm/src/server/internal_jobs/types.d.ts +19 -0
  547. package/script/npm/src/server/internal_jobs/types.d.ts.map +1 -1
  548. package/script/npm/src/server/internal_jobs/types.js +11 -1
  549. package/script/npm/src/server/runtime.d.ts +1 -0
  550. package/script/npm/src/server/runtime.d.ts.map +1 -1
  551. package/script/npm/src/server/service.d.ts +10 -1
  552. package/script/npm/src/server/service.d.ts.map +1 -1
  553. package/script/npm/src/server/service.js +208 -62
  554. package/script/npm/src/server/transfer.d.ts.map +1 -1
  555. package/script/npm/src/server/transfer.js +4 -0
  556. package/script/npm/src/server.d.ts.map +1 -1
  557. package/script/npm/src/server.js +336 -33
  558. package/script/npm/src/store.d.ts +8 -1
  559. package/script/npm/src/store.d.ts.map +1 -1
  560. package/script/npm/src/store.js +46 -8
  561. package/script/npm/src/transfer.d.ts +3 -0
  562. package/script/npm/src/transfer.d.ts.map +1 -1
  563. package/script/npm/src/transfer.js +19 -29
  564. package/script/npm/src/trellis.d.ts +85 -22
  565. package/script/npm/src/trellis.d.ts.map +1 -1
  566. package/script/npm/src/trellis.js +525 -61
  567. package/script/operations.d.ts +16 -7
  568. package/script/operations.d.ts.map +1 -1
  569. package/script/operations.js +84 -19
  570. package/script/runtime_transport.d.ts +2 -0
  571. package/script/runtime_transport.d.ts.map +1 -1
  572. package/script/runtime_transport.js +2 -1
  573. package/script/store.d.ts +8 -1
  574. package/script/store.d.ts.map +1 -1
  575. package/script/store.js +46 -8
  576. package/script/transfer.d.ts +3 -0
  577. package/script/transfer.d.ts.map +1 -1
  578. package/script/transfer.js +19 -29
  579. package/script/trellis.d.ts +85 -22
  580. package/script/trellis.d.ts.map +1 -1
  581. package/script/trellis.js +525 -61
  582. package/src/_dnt.polyfills.ts +274 -0
  583. package/src/_dnt.shims.ts +64 -0
  584. package/src/auth/browser/login.ts +295 -0
  585. package/src/auth/browser/portal.ts +75 -0
  586. package/src/auth/browser/session.ts +197 -0
  587. package/src/auth/browser/storage.ts +105 -0
  588. package/src/auth/browser.ts +82 -0
  589. package/src/auth/device_activation.ts +715 -0
  590. package/src/auth/keys.ts +116 -0
  591. package/src/auth/mod.ts +298 -0
  592. package/src/auth/proof.ts +111 -0
  593. package/src/auth/protocol.ts +1629 -0
  594. package/src/auth/schemas.ts +145 -0
  595. package/src/auth/session_auth.ts +167 -0
  596. package/src/auth/time.ts +15 -0
  597. package/src/auth/trellis_id.ts +9 -0
  598. package/src/auth/types.ts +4 -0
  599. package/src/auth/utils.ts +87 -0
  600. package/src/auth.ts +2 -0
  601. package/src/browser.ts +8 -0
  602. package/src/client.ts +164 -0
  603. package/src/client_connect.ts +1328 -0
  604. package/src/codec.ts +107 -0
  605. package/src/connection.ts +466 -0
  606. package/src/contract.ts +84 -0
  607. package/src/contract_support/canonical.ts +217 -0
  608. package/src/contract_support/mod.ts +5079 -0
  609. package/src/contract_support/protocol.ts +213 -0
  610. package/src/contract_support/runtime.ts +129 -0
  611. package/src/contract_support/schema_pointers.ts +161 -0
  612. package/src/contracts.ts +9 -0
  613. package/src/device/deno.ts +941 -0
  614. package/src/device.ts +989 -0
  615. package/src/env.ts +1 -0
  616. package/src/errors/AuthError.ts +82 -0
  617. package/src/errors/KVError.ts +47 -0
  618. package/src/errors/RemoteError.ts +111 -0
  619. package/src/errors/StoreError.ts +43 -0
  620. package/src/errors/TransferError.ts +43 -0
  621. package/src/errors/TransportError.ts +48 -0
  622. package/src/errors/TrellisError.ts +20 -0
  623. package/src/errors/ValidationError.ts +80 -0
  624. package/src/errors/index.ts +195 -0
  625. package/src/generate.ts +329 -0
  626. package/src/globals.ts +26 -0
  627. package/src/health.ts +28 -0
  628. package/src/helpers.ts +63 -0
  629. package/src/host/mod.ts +9 -0
  630. package/src/host/node.ts +9 -0
  631. package/src/index.ts +233 -0
  632. package/src/jobs.ts +344 -0
  633. package/src/kv.ts +564 -0
  634. package/src/models/auth/rpc/Logout.ts +15 -0
  635. package/src/models/trellis/Page.ts +6 -0
  636. package/src/models/trellis/State.ts +55 -0
  637. package/src/models/trellis/TrellisError.ts +21 -0
  638. package/src/models/trellis/rpc/StateDelete.ts +13 -0
  639. package/src/models/trellis/rpc/StateGet.ts +25 -0
  640. package/src/models/trellis/rpc/StateList.ts +26 -0
  641. package/src/models/trellis/rpc/StatePut.ts +42 -0
  642. package/src/operations.ts +1508 -0
  643. package/src/runtime_transport.ts +132 -0
  644. package/src/sdk/auth.ts +2 -0
  645. package/src/sdk/core.ts +2 -0
  646. package/src/sdk/health.ts +2 -0
  647. package/src/sdk/jobs.ts +2 -0
  648. package/src/sdk/state.ts +2 -0
  649. package/src/server/health.ts +379 -0
  650. package/src/server/health_rpc.ts +51 -0
  651. package/src/server/health_schemas.ts +61 -0
  652. package/src/server/internal_jobs/active-job.ts +115 -0
  653. package/src/server/internal_jobs/bindings.ts +26 -0
  654. package/src/server/internal_jobs/cancellation-registry.ts +71 -0
  655. package/src/server/internal_jobs/heartbeat.ts +120 -0
  656. package/src/server/internal_jobs/job-manager.ts +456 -0
  657. package/src/server/internal_jobs/projection.ts +48 -0
  658. package/src/server/internal_jobs/runtime-worker.ts +741 -0
  659. package/src/server/internal_jobs/types.ts +124 -0
  660. package/src/server/runtime.ts +27 -0
  661. package/src/server/service.ts +2377 -0
  662. package/src/server/subscription.ts +143 -0
  663. package/src/server/transfer.ts +962 -0
  664. package/src/server.ts +1725 -0
  665. package/src/server_logger.ts +10 -0
  666. package/src/service/deno.ts +18 -0
  667. package/src/service/mod.ts +68 -0
  668. package/src/service/node.ts +18 -0
  669. package/src/store.ts +658 -0
  670. package/src/tasks.ts +34 -0
  671. package/src/telemetry/carrier.ts +35 -0
  672. package/src/telemetry/core.ts +31 -0
  673. package/src/telemetry/env.ts +23 -0
  674. package/src/telemetry/mod.ts +26 -0
  675. package/src/telemetry/nats.ts +15 -0
  676. package/src/telemetry/result.ts +20 -0
  677. package/src/telemetry/trace.ts +39 -0
  678. package/src/telemetry/trellis.ts +1 -0
  679. package/src/tracing.ts +28 -0
  680. package/src/transfer.ts +602 -0
  681. package/src/trellis.ts +3650 -0
  682. package/esm/models/trellis/Paginate.d.ts +0 -7
  683. package/esm/models/trellis/Paginate.d.ts.map +0 -1
  684. package/esm/models/trellis/Paginate.js +0 -5
  685. package/esm/npm/src/models/trellis/Paginate.d.ts +0 -7
  686. package/esm/npm/src/models/trellis/Paginate.d.ts.map +0 -1
  687. package/esm/npm/src/models/trellis/Paginate.js +0 -5
  688. package/script/models/trellis/Paginate.d.ts +0 -7
  689. package/script/models/trellis/Paginate.d.ts.map +0 -1
  690. package/script/models/trellis/Paginate.js +0 -11
  691. package/script/npm/src/models/trellis/Paginate.d.ts +0 -7
  692. package/script/npm/src/models/trellis/Paginate.d.ts.map +0 -1
  693. package/script/npm/src/models/trellis/Paginate.js +0 -11
package/esm/npm/src/auth/browser.d.ts CHANGED
@@ -6,9 +6,9 @@
6
6
  import "../_dnt.polyfills.js";
7
7
  export { type AuthConfig, type AuthStartFlowResponse, type AuthStartRequest, type AuthStartResponse, bindFlow, type BindResponse, type BindSuccessResponse, buildLoginUrl, isBindSuccessResponse, type SentinelCreds, startAuthRequest, } from "./browser/login.js";
8
8
  export { type ApprovalDecision, fetchPortalFlowState, portalFlowIdFromUrl, type PortalFlowState, type PortalFlowState as BrowserPortalFlowState, portalProviderLoginUrl, portalRedirectLocation, submitPortalApproval, } from "./browser/portal.js";
9
- export { bindFlowSig, clearSessionKey, createRpcProof, generateSessionKey, getOrCreateSessionKey, getPublicSessionKey, hasSessionKey, loadSessionKey, natsConnectSigForIat, type SessionKeyHandle, signBytes, } from "./browser/session.js";
9
+ export { bindFlowSig, clearSessionKey, createRpcProof, generateSessionKey, getOrCreateSessionKey, getPublicSessionKey, hasSessionKey, loadSessionKey, natsConnectSigForIat, type SessionKeyHandle, type SessionKeyOptions, type SessionKeyPersistenceMode, signBytes, } from "./browser/session.js";
10
10
  export { deleteKeyPair, hasKeyPair } from "./browser/storage.js";
11
- export { type ApprovalDecision as ApprovalDecisionData, ApprovalDecisionSchema, type AuthStartFlowResponse as AuthStartFlowResponseData, AuthStartFlowResponseSchema, type AuthStartRequest as AuthStartRequestData, AuthStartRequestSchema, type AuthStartResponse as AuthStartResponseData, AuthStartResponseSchema, type BindResponse as BindResponseData, BindResponseSchema, type BindSuccessResponse as BindSuccessResponseData, BindSuccessResponseSchema, type ClientTransportEndpoints as ClientTransportEndpointsData, ClientTransportEndpointsSchema, type ClientTransports as ClientTransportsData, ClientTransportsSchema, type ContractApproval as ContractApprovalData, ContractApprovalSchema, type NatsAuthTokenV1 as NatsAuthTokenV1Data, NatsAuthTokenV1Schema, type SentinelCreds as SentinelCredsData, SentinelCredsSchema, } from "./schemas.js";
11
+ export { approvalCapabilityKeys, type ApprovalDecision as ApprovalDecisionData, ApprovalDecisionSchema, type AuthStartFlowResponse as AuthStartFlowResponseData, AuthStartFlowResponseSchema, type AuthStartRequest as AuthStartRequestData, AuthStartRequestSchema, type AuthStartResponse as AuthStartResponseData, AuthStartResponseSchema, type BindResponse as BindResponseData, BindResponseSchema, type BindSuccessResponse as BindSuccessResponseData, BindSuccessResponseSchema, type ClientTransportEndpoints as ClientTransportEndpointsData, ClientTransportEndpointsSchema, type ClientTransports as ClientTransportsData, ClientTransportsSchema, type ContractApproval as ContractApprovalData, type ContractApprovalCapability as ContractApprovalCapabilityData, ContractApprovalSchema, type NatsAuthTokenV1 as NatsAuthTokenV1Data, NatsAuthTokenV1Schema, type SentinelCreds as SentinelCredsData, SentinelCredsSchema, } from "./schemas.js";
12
12
  export type { NatsAuthTokenV1 } from "./types.js";
13
13
  export { base64urlDecode, base64urlEncode, sha256, toArrayBuffer, utf8, } from "./utils.js";
14
14
  //# sourceMappingURL=browser.d.ts.map
package/esm/npm/src/auth/browser.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"browser.d.ts","sourceRoot":"","sources":["../../../../src/auth/browser.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,sBAAsB,CAAC;AAG9B,OAAO,EACL,KAAK,UAAU,EACf,KAAK,qBAAqB,EAC1B,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,QAAQ,EACR,KAAK,YAAY,EACjB,KAAK,mBAAmB,EACxB,aAAa,EACb,qBAAqB,EACrB,KAAK,aAAa,EAClB,gBAAgB,GACjB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,KAAK,gBAAgB,EACrB,oBAAoB,EACpB,mBAAmB,EACnB,KAAK,eAAe,EACpB,KAAK,eAAe,IAAI,sBAAsB,EAC9C,sBAAsB,EACtB,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EACL,WAAW,EACX,eAAe,EACf,cAAc,EACd,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,aAAa,EACb,cAAc,EACd,oBAAoB,EACpB,KAAK,gBAAgB,EACrB,SAAS,GACV,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AACjE,OAAO,EACL,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,qBAAqB,IAAI,yBAAyB,EACvD,2BAA2B,EAC3B,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,iBAAiB,IAAI,qBAAqB,EAC/C,uBAAuB,EACvB,KAAK,YAAY,IAAI,gBAAgB,EACrC,kBAAkB,EAClB,KAAK,mBAAmB,IAAI,uBAAuB,EACnD,yBAAyB,EACzB,KAAK,wBAAwB,IAAI,4BAA4B,EAC7D,8BAA8B,EAC9B,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,eAAe,IAAI,mBAAmB,EAC3C,qBAAqB,EACrB,KAAK,aAAa,IAAI,iBAAiB,EACvC,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAEtB,YAAY,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,EACL,eAAe,EACf,eAAe,EACf,MAAM,EACN,aAAa,EACb,IAAI,GACL,MAAM,YAAY,CAAC"}
1
+ {"version":3,"file":"browser.d.ts","sourceRoot":"","sources":["../../../../src/auth/browser.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,sBAAsB,CAAC;AAG9B,OAAO,EACL,KAAK,UAAU,EACf,KAAK,qBAAqB,EAC1B,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,QAAQ,EACR,KAAK,YAAY,EACjB,KAAK,mBAAmB,EACxB,aAAa,EACb,qBAAqB,EACrB,KAAK,aAAa,EAClB,gBAAgB,GACjB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,KAAK,gBAAgB,EACrB,oBAAoB,EACpB,mBAAmB,EACnB,KAAK,eAAe,EACpB,KAAK,eAAe,IAAI,sBAAsB,EAC9C,sBAAsB,EACtB,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EACL,WAAW,EACX,eAAe,EACf,cAAc,EACd,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,aAAa,EACb,cAAc,EACd,oBAAoB,EACpB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,yBAAyB,EAC9B,SAAS,GACV,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AACjE,OAAO,EACL,sBAAsB,EACtB,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,qBAAqB,IAAI,yBAAyB,EACvD,2BAA2B,EAC3B,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,iBAAiB,IAAI,qBAAqB,EAC/C,uBAAuB,EACvB,KAAK,YAAY,IAAI,gBAAgB,EACrC,kBAAkB,EAClB,KAAK,mBAAmB,IAAI,uBAAuB,EACnD,yBAAyB,EACzB,KAAK,wBAAwB,IAAI,4BAA4B,EAC7D,8BAA8B,EAC9B,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,sBAAsB,EACtB,KAAK,gBAAgB,IAAI,oBAAoB,EAC7C,KAAK,0BAA0B,IAAI,8BAA8B,EACjE,sBAAsB,EACtB,KAAK,eAAe,IAAI,mBAAmB,EAC3C,qBAAqB,EACrB,KAAK,aAAa,IAAI,iBAAiB,EACvC,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAEtB,YAAY,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,EACL,eAAe,EACf,eAAe,EACf,MAAM,EACN,aAAa,EACb,IAAI,GACL,MAAM,YAAY,CAAC"}
package/esm/npm/src/auth/browser.js CHANGED
@@ -8,5 +8,5 @@ export { bindFlow, buildLoginUrl, isBindSuccessResponse, startAuthRequest, } fro
8
8
  export { fetchPortalFlowState, portalFlowIdFromUrl, portalProviderLoginUrl, portalRedirectLocation, submitPortalApproval, } from "./browser/portal.js";
9
9
  export { bindFlowSig, clearSessionKey, createRpcProof, generateSessionKey, getOrCreateSessionKey, getPublicSessionKey, hasSessionKey, loadSessionKey, natsConnectSigForIat, signBytes, } from "./browser/session.js";
10
10
  export { deleteKeyPair, hasKeyPair } from "./browser/storage.js";
11
- export { ApprovalDecisionSchema, AuthStartFlowResponseSchema, AuthStartRequestSchema, AuthStartResponseSchema, BindResponseSchema, BindSuccessResponseSchema, ClientTransportEndpointsSchema, ClientTransportsSchema, ContractApprovalSchema, NatsAuthTokenV1Schema, SentinelCredsSchema, } from "./schemas.js";
11
+ export { approvalCapabilityKeys, ApprovalDecisionSchema, AuthStartFlowResponseSchema, AuthStartRequestSchema, AuthStartResponseSchema, BindResponseSchema, BindSuccessResponseSchema, ClientTransportEndpointsSchema, ClientTransportsSchema, ContractApprovalSchema, NatsAuthTokenV1Schema, SentinelCredsSchema, } from "./schemas.js";
12
12
  export { base64urlDecode, base64urlEncode, sha256, toArrayBuffer, utf8, } from "./utils.js";
package/esm/npm/src/auth/device_activation.d.ts CHANGED
@@ -4,7 +4,7 @@ import type { BaseError } from "@qlever-llc/result";
4
4
  import { AsyncResult } from "@qlever-llc/result";
5
5
  import type { OperationRef } from "../operations.js";
6
6
  import type { NatsAuthTokenV1 } from "./schemas.js";
7
- import { AuthActivateDeviceProgressSchema, AuthActivateDeviceResponseSchema, AuthActivateDeviceSchema, AuthGetDeviceConnectInfoResponseSchema, AuthGetDeviceConnectInfoSchema, AuthListDeviceActivationsResponseSchema, AuthListDeviceActivationsSchema, AuthRevokeDeviceActivationResponseSchema, AuthRevokeDeviceActivationSchema, WaitForDeviceActivationResponseSchema } from "./protocol.js";
7
+ import { AuthDevicesConnectInfoGetResponseSchema, AuthDevicesConnectInfoGetSchema, AuthDeviceUserAuthoritiesListResponseSchema, AuthDeviceUserAuthoritiesListSchema, AuthDeviceUserAuthoritiesRevokeResponseSchema, AuthDeviceUserAuthoritiesRevokeSchema, AuthResolveDeviceUserAuthoritiesProgressSchema, AuthResolveDeviceUserAuthoritiesResponseSchema, AuthResolveDeviceUserAuthoritiesSchema, WaitForDeviceActivationResponseSchema } from "./protocol.js";
8
8
  export declare const DeviceActivationPayloadSchema: Type.TObject<{
9
9
  v: Type.TLiteral<1>;
10
10
  publicIdentityKey: Type.TString;
@@ -12,24 +12,25 @@ export declare const DeviceActivationPayloadSchema: Type.TObject<{
12
12
  qrMac: Type.TString;
13
13
  }>;
14
14
  export declare const DeviceActivationWaitRequestSchema: Type.TObject<{
15
+ flowId: Type.TString;
15
16
  publicIdentityKey: Type.TString;
16
17
  nonce: Type.TString;
17
- contractDigest: Type.TOptional<Type.TString>;
18
+ contractDigest: Type.TString;
18
19
  iat: Type.TNumber;
19
20
  sig: Type.TString;
20
21
  }>;
21
22
  export type DeviceActivationPayload = StaticDecode<typeof DeviceActivationPayloadSchema>;
22
23
  export type DeviceActivationWaitRequest = StaticDecode<typeof DeviceActivationWaitRequestSchema>;
23
24
  export type WaitForDeviceActivationResponse = StaticDecode<typeof WaitForDeviceActivationResponseSchema>;
24
- export type AuthActivateDeviceInput = StaticDecode<typeof AuthActivateDeviceSchema>;
25
- export type AuthActivateDeviceProgress = StaticDecode<typeof AuthActivateDeviceProgressSchema>;
26
- export type AuthActivateDeviceOutput = StaticDecode<typeof AuthActivateDeviceResponseSchema>;
27
- export type AuthListDeviceActivationsInput = StaticDecode<typeof AuthListDeviceActivationsSchema>;
28
- export type AuthListDeviceActivationsOutput = StaticDecode<typeof AuthListDeviceActivationsResponseSchema>;
29
- export type AuthRevokeDeviceActivationInput = StaticDecode<typeof AuthRevokeDeviceActivationSchema>;
30
- export type AuthRevokeDeviceActivationResponse = StaticDecode<typeof AuthRevokeDeviceActivationResponseSchema>;
31
- export type GetDeviceConnectInfoInput = StaticDecode<typeof AuthGetDeviceConnectInfoSchema>;
32
- export type GetDeviceConnectInfoOutput = StaticDecode<typeof AuthGetDeviceConnectInfoResponseSchema>;
25
+ export type AuthResolveDeviceUserAuthoritiesInput = StaticDecode<typeof AuthResolveDeviceUserAuthoritiesSchema>;
26
+ export type AuthResolveDeviceUserAuthoritiesProgress = StaticDecode<typeof AuthResolveDeviceUserAuthoritiesProgressSchema>;
27
+ export type AuthResolveDeviceUserAuthoritiesOutput = StaticDecode<typeof AuthResolveDeviceUserAuthoritiesResponseSchema>;
28
+ export type AuthDeviceUserAuthoritiesListInput = StaticDecode<typeof AuthDeviceUserAuthoritiesListSchema>;
29
+ export type AuthDeviceUserAuthoritiesListOutput = StaticDecode<typeof AuthDeviceUserAuthoritiesListResponseSchema>;
30
+ export type AuthDeviceUserAuthoritiesRevokeInput = StaticDecode<typeof AuthDeviceUserAuthoritiesRevokeSchema>;
31
+ export type AuthDeviceUserAuthoritiesRevokeResponse = StaticDecode<typeof AuthDeviceUserAuthoritiesRevokeResponseSchema>;
32
+ export type GetDeviceConnectInfoInput = StaticDecode<typeof AuthDevicesConnectInfoGetSchema>;
33
+ export type GetDeviceConnectInfoOutput = StaticDecode<typeof AuthDevicesConnectInfoGetResponseSchema>;
33
34
  export type DeviceIdentity = {
34
35
  identitySeed: Uint8Array;
35
36
  identitySeedBase64url: string;
@@ -37,35 +38,35 @@ export type DeviceIdentity = {
37
38
  activationKey: Uint8Array;
38
39
  activationKeyBase64url: string;
39
40
  };
40
- type DeviceActivationRpcMethod = "Auth.ListDeviceActivations" | "Auth.RevokeDeviceActivation" | "Auth.GetDeviceConnectInfo";
41
- type AuthActivateDeviceOperationShape = {
41
+ type DeviceActivationRpcMethod = "Auth.DeviceUserAuthorities.List" | "Auth.DeviceUserAuthorities.Revoke" | "Auth.Devices.ConnectInfo.Get";
42
+ type AuthResolveDeviceUserAuthoritiesOperationShape = {
42
43
  subject: string;
43
- input: typeof AuthActivateDeviceSchema;
44
- progress: typeof AuthActivateDeviceProgressSchema;
45
- output: typeof AuthActivateDeviceResponseSchema;
44
+ input: typeof AuthResolveDeviceUserAuthoritiesSchema;
45
+ progress: typeof AuthResolveDeviceUserAuthoritiesProgressSchema;
46
+ output: typeof AuthResolveDeviceUserAuthoritiesResponseSchema;
46
47
  };
47
- export type AuthActivateDeviceOperation = OperationRef<AuthActivateDeviceOperationShape, AuthActivateDeviceProgress, AuthActivateDeviceOutput>;
48
+ export type AuthResolveDeviceUserAuthoritiesOperation = OperationRef<AuthResolveDeviceUserAuthoritiesOperationShape, AuthResolveDeviceUserAuthoritiesProgress, AuthResolveDeviceUserAuthoritiesOutput>;
48
49
  type DeviceActivationRpcInputMap = {
49
- "Auth.ListDeviceActivations": AuthListDeviceActivationsInput;
50
- "Auth.RevokeDeviceActivation": AuthRevokeDeviceActivationInput;
51
- "Auth.GetDeviceConnectInfo": GetDeviceConnectInfoInput;
50
+ "Auth.DeviceUserAuthorities.List": AuthDeviceUserAuthoritiesListInput;
51
+ "Auth.DeviceUserAuthorities.Revoke": AuthDeviceUserAuthoritiesRevokeInput;
52
+ "Auth.Devices.ConnectInfo.Get": GetDeviceConnectInfoInput;
52
53
  };
53
54
  type DeviceActivationRpcOutputMap = {
54
- "Auth.ListDeviceActivations": AuthListDeviceActivationsOutput;
55
- "Auth.RevokeDeviceActivation": AuthRevokeDeviceActivationResponse;
56
- "Auth.GetDeviceConnectInfo": GetDeviceConnectInfoOutput;
55
+ "Auth.DeviceUserAuthorities.List": AuthDeviceUserAuthoritiesListOutput;
56
+ "Auth.DeviceUserAuthorities.Revoke": AuthDeviceUserAuthoritiesRevokeResponse;
57
+ "Auth.Devices.ConnectInfo.Get": GetDeviceConnectInfoOutput;
57
58
  };
58
59
  type RequestClient = {
59
60
  request<M extends DeviceActivationRpcMethod>(method: M, input: DeviceActivationRpcInputMap[M], opts?: unknown): AsyncResult<DeviceActivationRpcOutputMap[M], BaseError>;
60
61
  };
61
- type ActivateDeviceOperationClient = {
62
- operation(method: "Auth.ActivateDevice"): {
63
- input(input: AuthActivateDeviceInput): {
64
- start(): AsyncResult<AuthActivateDeviceOperation, BaseError>;
62
+ type ResolveDeviceUserAuthoritiesOperationClient = {
63
+ operation(method: "Auth.DeviceUserAuthorities.Resolve"): {
64
+ input(input: AuthResolveDeviceUserAuthoritiesInput): {
65
+ start(): AsyncResult<AuthResolveDeviceUserAuthoritiesOperation, BaseError>;
65
66
  };
66
67
  };
67
68
  };
68
- export type DeviceActivationTransport = RequestClient & ActivateDeviceOperationClient;
69
+ export type DeviceActivationTransport = RequestClient & ResolveDeviceUserAuthoritiesOperationClient;
69
70
  export declare function deriveDeviceIdentity(deviceRootSecret: Uint8Array): Promise<DeviceIdentity>;
70
71
  export declare function deriveDeviceQrMac(input: {
71
72
  activationKey: Uint8Array | string;
@@ -99,12 +100,13 @@ export declare function verifyDeviceConfirmationCode(input: {
99
100
  nonce: string;
100
101
  confirmationCode: string;
101
102
  }): Promise<boolean>;
102
- export declare function buildDeviceWaitProofInput(publicIdentityKey: string, nonce: string, iat: number, contractDigest?: string): Uint8Array;
103
+ export declare function buildDeviceWaitProofInput(flowId: string, publicIdentityKey: string, nonce: string, iat: number, contractDigest: string): Uint8Array;
103
104
  export declare function signDeviceWaitRequest(args: {
105
+ flowId: string;
104
106
  publicIdentityKey: string;
105
107
  nonce: string;
106
108
  identitySeed: Uint8Array | string;
107
- contractDigest?: string;
109
+ contractDigest: string;
108
110
  iat?: number;
109
111
  }): Promise<DeviceActivationWaitRequest>;
110
112
  export declare function createDeviceNatsAuthToken(args: {
@@ -117,6 +119,7 @@ export declare function createDeviceNatsAuthToken(args: {
117
119
  }>;
118
120
  export declare function waitForDeviceActivation(args: {
119
121
  trellisUrl: string;
122
+ flowId: string;
120
123
  publicIdentityKey: string;
121
124
  nonce: string;
122
125
  identitySeed: Uint8Array | string;
@@ -134,9 +137,9 @@ export declare function getDeviceConnectInfo(args: {
134
137
  iat?: number;
135
138
  }): Promise<GetDeviceConnectInfoOutput>;
136
139
  export declare function createDeviceActivationClient(client: DeviceActivationTransport): {
137
- activateDevice(input: AuthActivateDeviceInput): any;
138
- listDeviceActivations(input?: AuthListDeviceActivationsInput): any;
139
- revokeDeviceActivation(input: AuthRevokeDeviceActivationInput): any;
140
+ resolveDeviceUserAuthorities(input: AuthResolveDeviceUserAuthoritiesInput): any;
141
+ listDeviceActivations(input: AuthDeviceUserAuthoritiesListInput): any;
142
+ revokeDeviceActivation(input: AuthDeviceUserAuthoritiesRevokeInput): any;
140
143
  getDeviceConnectInfo(input: GetDeviceConnectInfoInput): any;
141
144
  };
142
145
  export declare function verifyDeviceWaitSignature(input: DeviceActivationWaitRequest): Promise<boolean>;
package/esm/npm/src/auth/device_activation.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"device_activation.d.ts","sourceRoot":"","sources":["../../../../src/auth/device_activation.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAE/B,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAOrD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EACL,gCAAgC,EAChC,gCAAgC,EAChC,wBAAwB,EACxB,sCAAsC,EACtC,8BAA8B,EAC9B,uCAAuC,EACvC,+BAA+B,EAC/B,wCAAwC,EACxC,gCAAgC,EAChC,qCAAqC,EACtC,MAAM,eAAe,CAAC;AAiBvB,eAAO,MAAM,6BAA6B;;;;;EAKP,CAAC;AAEpC,eAAO,MAAM,iCAAiC;;;;;;EAMX,CAAC;AAEpC,MAAM,MAAM,uBAAuB,GAAG,YAAY,CAChD,OAAO,6BAA6B,CACrC,CAAC;AACF,MAAM,MAAM,2BAA2B,GAAG,YAAY,CACpD,OAAO,iCAAiC,CACzC,CAAC;AACF,MAAM,MAAM,+BAA+B,GAAG,YAAY,CACxD,OAAO,qCAAqC,CAC7C,CAAC;AACF,MAAM,MAAM,uBAAuB,GAAG,YAAY,CAChD,OAAO,wBAAwB,CAChC,CAAC;AACF,MAAM,MAAM,0BAA0B,GAAG,YAAY,CACnD,OAAO,gCAAgC,CACxC,CAAC;AACF,MAAM,MAAM,wBAAwB,GAAG,YAAY,CACjD,OAAO,gCAAgC,CACxC,CAAC;AACF,MAAM,MAAM,8BAA8B,GAAG,YAAY,CACvD,OAAO,+BAA+B,CACvC,CAAC;AACF,MAAM,MAAM,+BAA+B,GAAG,YAAY,CACxD,OAAO,uCAAuC,CAC/C,CAAC;AACF,MAAM,MAAM,+BAA+B,GAAG,YAAY,CACxD,OAAO,gCAAgC,CACxC,CAAC;AACF,MAAM,MAAM,kCAAkC,GAAG,YAAY,CAC3D,OAAO,wCAAwC,CAChD,CAAC;AACF,MAAM,MAAM,yBAAyB,GAAG,YAAY,CAClD,OAAO,8BAA8B,CACtC,CAAC;AACF,MAAM,MAAM,0BAA0B,GAAG,YAAY,CACnD,OAAO,sCAAsC,CAC9C,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,YAAY,EAAE,UAAU,CAAC;IACzB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,aAAa,EAAE,UAAU,CAAC;IAC1B,sBAAsB,EAAE,MAAM,CAAC;CAChC,CAAC;AAEF,KAAK,yBAAyB,GAC1B,4BAA4B,GAC5B,6BAA6B,GAC7B,2BAA2B,CAAC;AAEhC,KAAK,gCAAgC,GAAG;IACtC,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,OAAO,wBAAwB,CAAC;IACvC,QAAQ,EAAE,OAAO,gCAAgC,CAAC;IAClD,MAAM,EAAE,OAAO,gCAAgC,CAAC;CACjD,CAAC;AAEF,MAAM,MAAM,2BAA2B,GAAG,YAAY,CACpD,gCAAgC,EAChC,0BAA0B,EAC1B,wBAAwB,CACzB,CAAC;AAEF,KAAK,2BAA2B,GAAG;IACjC,4BAA4B,EAAE,8BAA8B,CAAC;IAC7D,6BAA6B,EAAE,+BAA+B,CAAC;IAC/D,2BAA2B,EAAE,yBAAyB,CAAC;CACxD,CAAC;AAEF,KAAK,4BAA4B,GAAG;IAClC,4BAA4B,EAAE,+BAA+B,CAAC;IAC9D,6BAA6B,EAAE,kCAAkC,CAAC;IAClE,2BAA2B,EAAE,0BAA0B,CAAC;CACzD,CAAC;AAEF,KAAK,aAAa,GAAG;IACnB,OAAO,CAAC,CAAC,SAAS,yBAAyB,EACzC,MAAM,EAAE,CAAC,EACT,KAAK,EAAE,2BAA2B,CAAC,CAAC,CAAC,EACrC,IAAI,CAAC,EAAE,OAAO,GACb,WAAW,CAAC,4BAA4B,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;CAC5D,CAAC;AAEF,KAAK,6BAA6B,GAAG;IACnC,SAAS,CAAC,MAAM,EAAE,qBAAqB,GAAG;QACxC,KAAK,CACH,KAAK,EAAE,uBAAuB,GAC7B;YACD,KAAK,IAAI,WAAW,CAAC,2BAA2B,EAAE,SAAS,CAAC,CAAC;SAC9D,CAAC;KACH,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,yBAAyB,GACjC,aAAa,GACb,6BAA6B,CAAC;AAyIlC,wBAAsB,oBAAoB,CACxC,gBAAgB,EAAE,UAAU,GAC3B,OAAO,CAAC,cAAc,CAAC,CA8BzB;AAED,wBAAsB,iBAAiB,CAAC,KAAK,EAAE;IAC7C,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,MAAM,CAAC,CAclB;AAED,wBAAsB,4BAA4B,CAAC,KAAK,EAAE;IACxD,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAQnC;AAED,wBAAgB,6BAA6B,CAC3C,OAAO,EAAE,uBAAuB,GAC/B,MAAM,CAER;AAED,wBAAgB,4BAA4B,CAC1C,KAAK,EAAE,MAAM,GACZ,uBAAuB,CAOzB;AAED,wBAAsB,4BAA4B,CAAC,IAAI,EAAE;IACvD,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,uBAAuB,CAAC;CAClC,GAAG,OAAO,CACT;IACE,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;CACvB,CACF,CAkCA;AAED,wBAAsB,4BAA4B,CAAC,KAAK,EAAE;IACxD,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,MAAM,CAAC,CAclB;AAED,wBAAsB,4BAA4B,CAAC,KAAK,EAAE;IACxD,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,gBAAgB,EAAE,MAAM,CAAC;CAC1B,GAAG,OAAO,CAAC,OAAO,CAAC,CAInB;AAED,wBAAgB,yBAAyB,CACvC,iBAAiB,EAAE,MAAM,EACzB,KAAK,EAAE,MAAM,EACb,GAAG,EAAE,MAAM,EACX,cAAc,CAAC,EAAE,MAAM,GACtB,UAAU,CA8BZ;AAED,wBAAsB,qBAAqB,CAAC,IAAI,EAAE;IAChD,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,2BAA2B,CAAC,CA2BvC;AAED,wBAAsB,yBAAyB,CAAC,IAAI,EAAE;IACpD,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,eAAe,GAAG;IAAE,cAAc,EAAE,MAAM,CAAA;CAAE,CAAC,CA0BxD;AAED,wBAAsB,uBAAuB,CAAC,IAAI,EAAE;IAClD,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,GAAG,OAAO,CACT,OAAO,CAAC,+BAA+B,EAAE;IAAE,MAAM,EAAE,WAAW,CAAA;CAAE,CAAC,CAClE,CAuDA;AAED,wBAAsB,oBAAoB,CAAC,IAAI,EAAE;IAC/C,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,0BAA0B,CAAC,CA8BtC;AAED,wBAAgB,4BAA4B,CAC1C,MAAM,EAAE,yBAAyB;0BAGT,uBAAuB;kCAIhB,8BAA8B;kCAG7B,+BAA+B;gCAGjC,yBAAyB;EAIxD;AAED,wBAAsB,yBAAyB,CAC7C,KAAK,EAAE,2BAA2B,GACjC,OAAO,CAAC,OAAO,CAAC,CAkBlB"}
1
+ {"version":3,"file":"device_activation.d.ts","sourceRoot":"","sources":["../../../../src/auth/device_activation.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAE/B,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAOrD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EACL,uCAAuC,EACvC,+BAA+B,EAC/B,2CAA2C,EAC3C,mCAAmC,EACnC,6CAA6C,EAC7C,qCAAqC,EACrC,8CAA8C,EAC9C,8CAA8C,EAC9C,sCAAsC,EAEtC,qCAAqC,EACtC,MAAM,eAAe,CAAC;AAiBvB,eAAO,MAAM,6BAA6B;;;;;EAKxC,CAAC;AAEH,eAAO,MAAM,iCAAiC;;;;;;;EACR,CAAC;AAEvC,MAAM,MAAM,uBAAuB,GAAG,YAAY,CAChD,OAAO,6BAA6B,CACrC,CAAC;AACF,MAAM,MAAM,2BAA2B,GAAG,YAAY,CACpD,OAAO,iCAAiC,CACzC,CAAC;AACF,MAAM,MAAM,+BAA+B,GAAG,YAAY,CACxD,OAAO,qCAAqC,CAC7C,CAAC;AACF,MAAM,MAAM,qCAAqC,GAAG,YAAY,CAC9D,OAAO,sCAAsC,CAC9C,CAAC;AACF,MAAM,MAAM,wCAAwC,GAAG,YAAY,CACjE,OAAO,8CAA8C,CACtD,CAAC;AACF,MAAM,MAAM,sCAAsC,GAAG,YAAY,CAC/D,OAAO,8CAA8C,CACtD,CAAC;AACF,MAAM,MAAM,kCAAkC,GAAG,YAAY,CAC3D,OAAO,mCAAmC,CAC3C,CAAC;AACF,MAAM,MAAM,mCAAmC,GAAG,YAAY,CAC5D,OAAO,2CAA2C,CACnD,CAAC;AACF,MAAM,MAAM,oCAAoC,GAAG,YAAY,CAC7D,OAAO,qCAAqC,CAC7C,CAAC;AACF,MAAM,MAAM,uCAAuC,GAAG,YAAY,CAChE,OAAO,6CAA6C,CACrD,CAAC;AACF,MAAM,MAAM,yBAAyB,GAAG,YAAY,CAClD,OAAO,+BAA+B,CACvC,CAAC;AACF,MAAM,MAAM,0BAA0B,GAAG,YAAY,CACnD,OAAO,uCAAuC,CAC/C,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,YAAY,EAAE,UAAU,CAAC;IACzB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,aAAa,EAAE,UAAU,CAAC;IAC1B,sBAAsB,EAAE,MAAM,CAAC;CAChC,CAAC;AAEF,KAAK,yBAAyB,GAC1B,iCAAiC,GACjC,mCAAmC,GACnC,8BAA8B,CAAC;AAEnC,KAAK,8CAA8C,GAAG;IACpD,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,OAAO,sCAAsC,CAAC;IACrD,QAAQ,EAAE,OAAO,8CAA8C,CAAC;IAChE,MAAM,EAAE,OAAO,8CAA8C,CAAC;CAC/D,CAAC;AAEF,MAAM,MAAM,yCAAyC,GAAG,YAAY,CAClE,8CAA8C,EAC9C,wCAAwC,EACxC,sCAAsC,CACvC,CAAC;AAEF,KAAK,2BAA2B,GAAG;IACjC,iCAAiC,EAAE,kCAAkC,CAAC;IACtE,mCAAmC,EAAE,oCAAoC,CAAC;IAC1E,8BAA8B,EAAE,yBAAyB,CAAC;CAC3D,CAAC;AAEF,KAAK,4BAA4B,GAAG;IAClC,iCAAiC,EAAE,mCAAmC,CAAC;IACvE,mCAAmC,EAAE,uCAAuC,CAAC;IAC7E,8BAA8B,EAAE,0BAA0B,CAAC;CAC5D,CAAC;AAEF,KAAK,aAAa,GAAG;IACnB,OAAO,CAAC,CAAC,SAAS,yBAAyB,EACzC,MAAM,EAAE,CAAC,EACT,KAAK,EAAE,2BAA2B,CAAC,CAAC,CAAC,EACrC,IAAI,CAAC,EAAE,OAAO,GACb,WAAW,CAAC,4BAA4B,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;CAC5D,CAAC;AAEF,KAAK,2CAA2C,GAAG;IACjD,SAAS,CAAC,MAAM,EAAE,oCAAoC,GAAG;QACvD,KAAK,CACH,KAAK,EAAE,qCAAqC,GAC3C;YACD,KAAK,IAAI,WAAW,CAClB,yCAAyC,EACzC,SAAS,CACV,CAAC;SACH,CAAC;KACH,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,yBAAyB,GACjC,aAAa,GACb,2CAA2C,CAAC;AAyIhD,wBAAsB,oBAAoB,CACxC,gBAAgB,EAAE,UAAU,GAC3B,OAAO,CAAC,cAAc,CAAC,CA8BzB;AAED,wBAAsB,iBAAiB,CAAC,KAAK,EAAE;IAC7C,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,MAAM,CAAC,CAclB;AAED,wBAAsB,4BAA4B,CAAC,KAAK,EAAE;IACxD,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAQnC;AAED,wBAAgB,6BAA6B,CAC3C,OAAO,EAAE,uBAAuB,GAC/B,MAAM,CAER;AAED,wBAAgB,4BAA4B,CAC1C,KAAK,EAAE,MAAM,GACZ,uBAAuB,CAOzB;AAED,wBAAsB,4BAA4B,CAAC,IAAI,EAAE;IACvD,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,uBAAuB,CAAC;CAClC,GAAG,OAAO,CACT;IACE,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;CACvB,CACF,CAkCA;AAED,wBAAsB,4BAA4B,CAAC,KAAK,EAAE;IACxD,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,MAAM,CAAC,CAclB;AAED,wBAAsB,4BAA4B,CAAC,KAAK,EAAE;IACxD,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,gBAAgB,EAAE,MAAM,CAAC;CAC1B,GAAG,OAAO,CAAC,OAAO,CAAC,CAInB;AAED,wBAAgB,yBAAyB,CACvC,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,MAAM,EACzB,KAAK,EAAE,MAAM,EACb,GAAG,EAAE,MAAM,EACX,cAAc,EAAE,MAAM,GACrB,UAAU,CAoCZ;AAED,wBAAsB,qBAAqB,CAAC,IAAI,EAAE;IAChD,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,2BAA2B,CAAC,CA6BvC;AAED,wBAAsB,yBAAyB,CAAC,IAAI,EAAE;IACpD,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,eAAe,GAAG;IAAE,cAAc,EAAE,MAAM,CAAA;CAAE,CAAC,CA0BxD;AAED,wBAAsB,uBAAuB,CAAC,IAAI,EAAE;IAClD,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,GAAG,OAAO,CACT,OAAO,CAAC,+BAA+B,EAAE;IAAE,MAAM,EAAE,WAAW,CAAA;CAAE,CAAC,CAClE,CAuDA;AAED,wBAAsB,oBAAoB,CAAC,IAAI,EAAE;IAC/C,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,0BAA0B,CAAC,CA+BtC;AAED,wBAAgB,4BAA4B,CAC1C,MAAM,EAAE,yBAAyB;wCAGK,qCAAqC;iCAK5C,kCAAkC;kCAGjC,oCAAoC;gCAItC,yBAAyB;EAIxD;AAED,wBAAsB,yBAAyB,CAC7C,KAAK,EAAE,2BAA2B,GACjC,OAAO,CAAC,OAAO,CAAC,CAmBlB"}
package/esm/npm/src/auth/device_activation.js CHANGED
@@ -1,7 +1,7 @@
1
1
  import { Type } from "typebox";
2
2
  import { Value } from "typebox/value";
3
3
  import { importEd25519PrivateKeyFromSeedBase64url, importEd25519PublicKeyFromBase64url, publicKeyBase64urlFromPrivateKey, } from "./keys.js";
4
- import { AuthGetDeviceConnectInfoResponseSchema, WaitForDeviceActivationResponseSchema, } from "./protocol.js";
4
+ import { AuthDevicesConnectInfoGetResponseSchema, WaitForDeviceActivationRequestSchema, WaitForDeviceActivationResponseSchema, } from "./protocol.js";
5
5
  import { base64urlDecode, base64urlEncode, sha256, toArrayBuffer, utf8, } from "./utils.js";
6
6
  import { buildNatsConnectSignaturePayload } from "./session_auth.js";
7
7
  const DEVICE_IDENTITY_HKDF_INFO = "trellis/device-identity/v1";
@@ -15,14 +15,8 @@ export const DeviceActivationPayloadSchema = Type.Object({
15
15
  publicIdentityKey: Type.String({ minLength: 1 }),
16
16
  nonce: Type.String({ minLength: 1 }),
17
17
  qrMac: Type.String({ minLength: 1 }),
18
- }, { additionalProperties: false });
19
- export const DeviceActivationWaitRequestSchema = Type.Object({
20
- publicIdentityKey: Type.String({ minLength: 1 }),
21
- nonce: Type.String({ minLength: 1 }),
22
- contractDigest: Type.Optional(Type.String({ minLength: 1 })),
23
- iat: Type.Number(),
24
- sig: Type.String({ minLength: 1 }),
25
- }, { additionalProperties: false });
18
+ });
19
+ export const DeviceActivationWaitRequestSchema = WaitForDeviceActivationRequestSchema;
26
20
  function concatBytes(parts) {
27
21
  const size = parts.reduce((total, part) => total + part.length, 0);
28
22
  const bytes = new Uint8Array(size);
@@ -208,18 +202,24 @@ export async function verifyDeviceConfirmationCode(input) {
208
202
  return normalizeCrockford(expected) ===
209
203
  normalizeCrockford(input.confirmationCode);
210
204
  }
211
- export function buildDeviceWaitProofInput(publicIdentityKey, nonce, iat, contractDigest) {
205
+ export function buildDeviceWaitProofInput(flowId, publicIdentityKey, nonce, iat, contractDigest) {
212
206
  const enc = new TextEncoder();
207
+ const flowIdBytes = enc.encode(flowId);
213
208
  const publicIdentityKeyBytes = enc.encode(publicIdentityKey);
214
209
  const nonceBytes = enc.encode(nonce);
215
210
  const iatBytes = enc.encode(String(iat));
216
- const contractDigestBytes = enc.encode(contractDigest ?? "");
217
- const buf = new Uint8Array(4 + publicIdentityKeyBytes.length +
211
+ const contractDigestBytes = enc.encode(contractDigest);
212
+ const buf = new Uint8Array(4 + flowIdBytes.length +
213
+ 4 + publicIdentityKeyBytes.length +
218
214
  4 + nonceBytes.length +
219
215
  4 + iatBytes.length +
220
216
  4 + contractDigestBytes.length);
221
217
  const view = new DataView(buf.buffer);
222
218
  let offset = 0;
219
+ view.setUint32(offset, flowIdBytes.length);
220
+ offset += 4;
221
+ buf.set(flowIdBytes, offset);
222
+ offset += flowIdBytes.length;
223
223
  view.setUint32(offset, publicIdentityKeyBytes.length);
224
224
  offset += 4;
225
225
  buf.set(publicIdentityKeyBytes, offset);
@@ -241,13 +241,14 @@ export async function signDeviceWaitRequest(args) {
241
241
  const identitySeed = normalizeSecretBytes(args.identitySeed, "identitySeed");
242
242
  const identityPrivateKey = await importEd25519PrivateKeyFromSeedBase64url(base64urlEncode(identitySeed));
243
243
  const iat = args.iat ?? Math.floor(Date.now() / 1_000);
244
- const proofInput = buildDeviceWaitProofInput(args.publicIdentityKey, args.nonce, iat, args.contractDigest);
244
+ const proofInput = buildDeviceWaitProofInput(args.flowId, args.publicIdentityKey, args.nonce, iat, args.contractDigest);
245
245
  const proofHash = await sha256(proofInput);
246
246
  const signature = new Uint8Array(await crypto.subtle.sign("Ed25519", identityPrivateKey, toArrayBuffer(proofHash)));
247
247
  return {
248
+ flowId: args.flowId,
248
249
  publicIdentityKey: args.publicIdentityKey,
249
250
  nonce: args.nonce,
250
- ...(args.contractDigest ? { contractDigest: args.contractDigest } : {}),
251
+ contractDigest: args.contractDigest,
251
252
  iat,
252
253
  sig: base64urlEncode(signature),
253
254
  };
@@ -315,6 +316,7 @@ export async function waitForDeviceActivation(args) {
315
316
  }
316
317
  export async function getDeviceConnectInfo(args) {
317
318
  const request = await signDeviceWaitRequest({
319
+ flowId: "connect-info",
318
320
  publicIdentityKey: args.publicIdentityKey,
319
321
  identitySeed: args.identitySeed,
320
322
  contractDigest: args.contractDigest,
@@ -336,30 +338,32 @@ export async function getDeviceConnectInfo(args) {
336
338
  throw new Error(`device connect info failed: ${response.status}`);
337
339
  }
338
340
  const body = await response.json();
339
- if (!Value.Check(AuthGetDeviceConnectInfoResponseSchema, body)) {
341
+ if (!Value.Check(AuthDevicesConnectInfoGetResponseSchema, body)) {
340
342
  throw new Error("Invalid device connect info response");
341
343
  }
342
344
  return body;
343
345
  }
344
346
  export function createDeviceActivationClient(client) {
345
347
  return {
346
- activateDevice(input) {
347
- return client.operation("Auth.ActivateDevice").input(input).start()
348
+ resolveDeviceUserAuthorities(input) {
349
+ return client.operation("Auth.DeviceUserAuthorities.Resolve").input(input)
350
+ .start()
348
351
  .orThrow();
349
352
  },
350
- listDeviceActivations(input = {}) {
351
- return client.request("Auth.ListDeviceActivations", input).orThrow();
353
+ listDeviceActivations(input) {
354
+ return client.request("Auth.DeviceUserAuthorities.List", input).orThrow();
352
355
  },
353
356
  revokeDeviceActivation(input) {
354
- return client.request("Auth.RevokeDeviceActivation", input).orThrow();
357
+ return client.request("Auth.DeviceUserAuthorities.Revoke", input)
358
+ .orThrow();
355
359
  },
356
360
  getDeviceConnectInfo(input) {
357
- return client.request("Auth.GetDeviceConnectInfo", input).orThrow();
361
+ return client.request("Auth.Devices.ConnectInfo.Get", input).orThrow();
358
362
  },
359
363
  };
360
364
  }
361
365
  export async function verifyDeviceWaitSignature(input) {
362
366
  const publicKey = await importEd25519PublicKeyFromBase64url(input.publicIdentityKey);
363
- const proofHash = await sha256(buildDeviceWaitProofInput(input.publicIdentityKey, input.nonce, input.iat, input.contractDigest));
367
+ const proofHash = await sha256(buildDeviceWaitProofInput(input.flowId, input.publicIdentityKey, input.nonce, input.iat, input.contractDigest));
364
368
  return await crypto.subtle.verify("Ed25519", publicKey, toArrayBuffer(base64urlDecode(input.sig)), toArrayBuffer(proofHash));
365
369
  }
package/esm/npm/src/auth/mod.d.ts CHANGED
@@ -7,11 +7,11 @@
7
7
  * - Proofs are Ed25519 signatures over SHA-256(buildProofInput(...)).
8
8
  * - Services load their session key seed from `TRELLIS_SESSION_KEY_SEED`.
9
9
  */
10
- export { type AuthActivateDeviceInput, type AuthActivateDeviceOperation, type AuthActivateDeviceOutput, type AuthActivateDeviceProgress, type AuthListDeviceActivationsInput, type AuthListDeviceActivationsOutput, type AuthRevokeDeviceActivationInput, type AuthRevokeDeviceActivationResponse, buildDeviceActivationPayload, buildDeviceWaitProofInput, createDeviceActivationClient, createDeviceNatsAuthToken, deriveDeviceConfirmationCode, deriveDeviceIdentity, deriveDeviceQrMac, type DeviceActivationPayload, type DeviceActivationTransport, type DeviceActivationWaitRequest, type DeviceIdentity, encodeDeviceActivationPayload, getDeviceConnectInfo, type GetDeviceConnectInfoInput, type GetDeviceConnectInfoOutput, parseDeviceActivationPayload, signDeviceWaitRequest, startDeviceActivationRequest, verifyDeviceConfirmationCode, verifyDeviceWaitSignature, waitForDeviceActivation, type WaitForDeviceActivationResponse, } from "./device_activation.js";
11
- export { type AuthConfig, bindFlow, buildLoginUrl, clearSessionKey, createRpcProof, fetchPortalFlowState, generateSessionKey, getOrCreateSessionKey, getPublicSessionKey, hasSessionKey, isBindSuccessResponse, loadSessionKey, natsConnectSigForIat, portalFlowIdFromUrl, portalProviderLoginUrl, portalRedirectLocation, type SessionKeyHandle, signBytes, startAuthRequest, submitPortalApproval, } from "./browser.js";
10
+ export { type AuthDeviceUserAuthoritiesListInput, type AuthDeviceUserAuthoritiesListOutput, type AuthDeviceUserAuthoritiesRevokeInput, type AuthDeviceUserAuthoritiesRevokeResponse, type AuthResolveDeviceUserAuthoritiesInput, type AuthResolveDeviceUserAuthoritiesOperation, type AuthResolveDeviceUserAuthoritiesOutput, type AuthResolveDeviceUserAuthoritiesProgress, buildDeviceActivationPayload, buildDeviceWaitProofInput, createDeviceActivationClient, createDeviceNatsAuthToken, deriveDeviceConfirmationCode, deriveDeviceIdentity, deriveDeviceQrMac, type DeviceActivationPayload, type DeviceActivationTransport, type DeviceActivationWaitRequest, type DeviceIdentity, encodeDeviceActivationPayload, getDeviceConnectInfo, type GetDeviceConnectInfoInput, type GetDeviceConnectInfoOutput, parseDeviceActivationPayload, signDeviceWaitRequest, startDeviceActivationRequest, verifyDeviceConfirmationCode, verifyDeviceWaitSignature, waitForDeviceActivation, type WaitForDeviceActivationResponse, } from "./device_activation.js";
11
+ export { type AuthConfig, bindFlow, buildLoginUrl, clearSessionKey, createRpcProof, fetchPortalFlowState, generateSessionKey, getOrCreateSessionKey, getPublicSessionKey, hasSessionKey, isBindSuccessResponse, loadSessionKey, natsConnectSigForIat, portalFlowIdFromUrl, portalProviderLoginUrl, portalRedirectLocation, type SessionKeyHandle, type SessionKeyOptions, type SessionKeyPersistenceMode, signBytes, startAuthRequest, submitPortalApproval, } from "./browser.js";
12
12
  export { buildProofInput, createProof, type ProofParams, verifyProof, } from "./proof.js";
13
- export { ApprovalRecordViewSchema, AuthActivateDeviceProgressSchema, AuthActivateDeviceResponseSchema, AuthActivateDeviceSchema, AuthApplyDeviceDeploymentContractResponseSchema, AuthApplyDeviceDeploymentContractSchema, AuthApplyServiceDeploymentContractResponseSchema, AuthApplyServiceDeploymentContractSchema, AuthClearDevicePortalSelectionResponseSchema, AuthClearDevicePortalSelectionSchema, AuthClearLoginPortalSelectionResponseSchema, AuthClearLoginPortalSelectionSchema, AuthCreateDeviceDeploymentResponseSchema, AuthCreateDeviceDeploymentSchema, AuthCreatePortalResponseSchema, AuthCreatePortalSchema, AuthCreateServiceDeploymentResponseSchema, AuthCreateServiceDeploymentSchema, AuthDecideDeviceActivationReviewResponseSchema, AuthDecideDeviceActivationReviewSchema, AuthDeviceActivatedEventSchema, AuthDeviceActivationApprovedEventSchema, AuthDeviceActivationRequestedEventSchema, AuthDeviceActivationReviewRequestedEventSchema, AuthDisableDeviceDeploymentResponseSchema, AuthDisableDeviceDeploymentSchema, AuthDisableDeviceInstanceResponseSchema, AuthDisableDeviceInstanceSchema, AuthDisableInstanceGrantPolicyResponseSchema, AuthDisableInstanceGrantPolicySchema, AuthDisablePortalProfileResponseSchema, AuthDisablePortalProfileSchema, AuthDisablePortalResponseSchema, AuthDisablePortalSchema, AuthDisableServiceDeploymentResponseSchema, AuthDisableServiceDeploymentSchema, AuthDisableServiceInstanceResponseSchema, AuthDisableServiceInstanceSchema, AuthEnableDeviceDeploymentResponseSchema, AuthEnableDeviceDeploymentSchema, AuthEnableDeviceInstanceResponseSchema, AuthEnableDeviceInstanceSchema, AuthEnableServiceDeploymentResponseSchema, AuthEnableServiceDeploymentSchema, AuthEnableServiceInstanceResponseSchema, AuthEnableServiceInstanceSchema, type AuthenticatedDevice, AuthenticatedDeviceSchema, type AuthenticatedService, type AuthenticatedUser, AuthGetDeviceConnectInfoResponseSchema, AuthGetDeviceConnectInfoSchema, AuthGetDevicePortalDefaultResponseSchema, AuthGetDevicePortalDefaultSchema, AuthGetInstalledContractResponseSchema, AuthGetInstalledContractSchema, AuthGetLoginPortalDefaultResponseSchema, AuthGetLoginPortalDefaultSchema, AuthListApprovalsResponseSchema, AuthListApprovalsSchema, AuthListDeviceActivationReviewsResponseSchema, AuthListDeviceActivationReviewsSchema, AuthListDeviceActivationsResponseSchema, AuthListDeviceActivationsSchema, AuthListDeviceDeploymentsResponseSchema, AuthListDeviceDeploymentsSchema, AuthListDeviceInstancesResponseSchema, AuthListDeviceInstancesSchema, AuthListDevicePortalSelectionsResponseSchema, AuthListDevicePortalSelectionsSchema, AuthListInstalledContractsResponseSchema, AuthListInstalledContractsSchema, AuthListInstanceGrantPoliciesResponseSchema, AuthListInstanceGrantPoliciesSchema, AuthListLoginPortalSelectionsResponseSchema, AuthListLoginPortalSelectionsSchema, AuthListPortalProfilesResponseSchema, AuthListPortalProfilesSchema, AuthListPortalsResponseSchema, AuthListPortalsSchema, AuthListServiceDeploymentsResponseSchema, AuthListServiceDeploymentsSchema, AuthListServiceInstancesResponseSchema, AuthListServiceInstancesSchema, AuthListUserGrantsResponseSchema, AuthListUserGrantsSchema, AuthListUsersResponseSchema, AuthListUsersSchema, type AuthMeResponse, AuthMeResponseSchema, AuthMeSchema, AuthProvisionDeviceInstanceResponseSchema, AuthProvisionDeviceInstanceSchema, AuthProvisionServiceInstanceResponseSchema, AuthProvisionServiceInstanceSchema, AuthRemoveDeviceDeploymentResponseSchema, AuthRemoveDeviceDeploymentSchema, AuthRemoveDeviceInstanceResponseSchema, AuthRemoveDeviceInstanceSchema, AuthRemoveServiceDeploymentResponseSchema, AuthRemoveServiceDeploymentSchema, AuthRemoveServiceInstanceResponseSchema, AuthRemoveServiceInstanceSchema, AuthRevokeApprovalResponseSchema, AuthRevokeApprovalSchema, AuthRevokeDeviceActivationResponseSchema, AuthRevokeDeviceActivationSchema, AuthRevokeUserGrantResponseSchema, AuthRevokeUserGrantSchema, AuthSetDevicePortalDefaultResponseSchema, AuthSetDevicePortalDefaultSchema, AuthSetDevicePortalSelectionResponseSchema, AuthSetDevicePortalSelectionSchema, AuthSetLoginPortalDefaultResponseSchema, AuthSetLoginPortalDefaultSchema, AuthSetLoginPortalSelectionResponseSchema, AuthSetLoginPortalSelectionSchema, AuthSetPortalProfileResponseSchema, AuthSetPortalProfileSchema, AuthUnapplyDeviceDeploymentContractResponseSchema, AuthUnapplyDeviceDeploymentContractSchema, AuthUnapplyServiceDeploymentContractResponseSchema, AuthUnapplyServiceDeploymentContractSchema, AuthUpdateUserResponseSchema, AuthUpdateUserSchema, AuthUpsertInstanceGrantPolicyResponseSchema, AuthUpsertInstanceGrantPolicySchema, AuthValidateRequestResponseSchema, AuthValidateRequestSchema, CallerViewSchema, ContractAnalysisSchema, ContractAnalysisSummarySchema, type DeviceActivationRecord, DeviceActivationRecordSchema, DeviceActivationReviewSchema, DeviceConnectInfoSchema, DeviceDeploymentSchema, type DevicePortalDefault, DevicePortalDefaultSchema, type DevicePortalSelection, DevicePortalSelectionSchema, DeviceSchema, DigestSchema, InstalledContractDetailSchema, InstalledContractSchema, type InstanceGrantPolicy, InstanceGrantPolicySchema, LoginPortalDefaultSchema, LoginPortalSelectionSchema, OpenObjectSchema, type ParticipantKind, ParticipantKindSchema, type PortalFlowApp, type PortalFlowApproval, type PortalFlowApprovalDeniedState, type PortalFlowApprovalRequiredState, type PortalFlowChooseProviderState, type PortalFlowExpiredState, type PortalFlowInsufficientCapabilitiesState, type PortalFlowProvider, type PortalFlowRedirectState, type PortalFlowState, PortalFlowStateSchema, type PortalFlowUser, type PortalProfile, PortalProfileSchema, PortalSchema, ServiceDeploymentSchema, ServiceInstanceSchema, UserGrantViewSchema, UserViewSchema, WaitForDeviceActivationResponseSchema, } from "./protocol.js";
14
- export { type ApprovalDecision, ApprovalDecisionSchema, type AuthStartFlowResponse, AuthStartFlowResponseSchema, type AuthStartRequest, AuthStartRequestSchema, type AuthStartResponse, AuthStartResponseSchema, type BindResponse, BindResponseSchema, type BindSuccessResponse, BindSuccessResponseSchema, type ClientTransportEndpoints, ClientTransportEndpointsSchema, type ClientTransports, ClientTransportsSchema, type ContractApproval, ContractApprovalSchema, type NatsAuthTokenV1, NatsAuthTokenV1Schema, type SentinelCreds, SentinelCredsSchema, type UserParticipantKind, UserParticipantKindSchema, } from "./schemas.js";
13
+ export { ApprovalRecordViewSchema, AuthCapabilitiesListResponseSchema, AuthCapabilitiesListSchema, AuthCapabilityGroupsDeleteResponseSchema, AuthCapabilityGroupsDeleteSchema, AuthCapabilityGroupsGetResponseSchema, AuthCapabilityGroupsGetSchema, AuthCapabilityGroupsListResponseSchema, AuthCapabilityGroupsListSchema, AuthCapabilityGroupsPutResponseSchema, AuthCapabilityGroupsPutSchema, type AuthDeployment, type AuthDeploymentKind, AuthDeploymentKindSchema, AuthDeploymentSchema, AuthDeploymentsCreateResponseSchema, AuthDeploymentsCreateSchema, AuthDeploymentsDisableResponseSchema, AuthDeploymentsDisableSchema, AuthDeploymentsEnableResponseSchema, AuthDeploymentsEnableSchema, AuthDeploymentsListResponseSchema, AuthDeploymentsListSchema, AuthDeploymentsRemoveResponseSchema, AuthDeploymentsRemoveSchema, AuthDevicesConnectInfoGetResponseSchema, AuthDevicesConnectInfoGetSchema, AuthDevicesDisableResponseSchema, AuthDevicesDisableSchema, AuthDevicesEnableResponseSchema, AuthDevicesEnableSchema, AuthDevicesListResponseSchema, AuthDevicesListSchema, AuthDevicesProvisionResponseSchema, AuthDevicesProvisionSchema, AuthDevicesRemoveResponseSchema, AuthDevicesRemoveSchema, AuthDeviceUserAuthoritiesApprovedEventSchema, AuthDeviceUserAuthoritiesListResponseSchema, AuthDeviceUserAuthoritiesListSchema, AuthDeviceUserAuthoritiesRequestedEventSchema, AuthDeviceUserAuthoritiesResolvedEventSchema, AuthDeviceUserAuthoritiesReviewRequestedEventSchema, AuthDeviceUserAuthoritiesReviewsDecideResponseSchema, AuthDeviceUserAuthoritiesReviewsDecideSchema, AuthDeviceUserAuthoritiesReviewsListResponseSchema, AuthDeviceUserAuthoritiesReviewsListSchema, AuthDeviceUserAuthoritiesRevokeResponseSchema, AuthDeviceUserAuthoritiesRevokeSchema, type AuthenticatedDevice, AuthenticatedDeviceSchema, type AuthenticatedService, type AuthenticatedUser, type AuthEnvelopeExpansionsListResponse, AuthEnvelopeExpansionsListResponseSchema, AuthEnvelopeExpansionsListSchema, type AuthEnvelopesApproveRequestResponse, AuthEnvelopesApproveRequestResponseSchema, AuthEnvelopesApproveRequestSchema, type AuthEnvelopesExpandResponse, AuthEnvelopesExpandResponseSchema, AuthEnvelopesExpandSchema, type AuthEnvelopesGetResponse, AuthEnvelopesGetResponseSchema, AuthEnvelopesGetSchema, type AuthEnvelopesGrantOverridesListResponse, AuthEnvelopesGrantOverridesListResponseSchema, AuthEnvelopesGrantOverridesListSchema, AuthEnvelopesGrantOverridesPutSchema, AuthEnvelopesGrantOverridesRemoveSchema, type AuthEnvelopesGrantOverridesResponse, AuthEnvelopesGrantOverridesResponseSchema, type AuthEnvelopesListResponse, AuthEnvelopesListResponseSchema, AuthEnvelopesListSchema, type AuthEnvelopesShrinkResponse, AuthEnvelopesShrinkResponseSchema, AuthEnvelopesShrinkSchema, AuthIdentitiesGrantsListResponseSchema, AuthIdentitiesGrantsListSchema, AuthIdentitiesListResponseSchema, AuthIdentitiesListSchema, AuthIdentityEnvelopesRevokeResponseSchema, AuthIdentityEnvelopesRevokeSchema, AuthPortalsGetResponseSchema, AuthPortalsGetSchema, AuthPortalsListResponseSchema, AuthPortalsListSchema, AuthPortalsLoginSettingsGetSchema, AuthPortalsLoginSettingsResponseSchema, AuthPortalsLoginSettingsUpdateSchema, AuthPortalsRoutesPutResponseSchema, AuthPortalsRoutesPutSchema, AuthPortalsRoutesRemoveResponseSchema, AuthPortalsRoutesRemoveSchema, AuthRequestsValidateResponseSchema, AuthRequestsValidateSchema, AuthResolveDeviceUserAuthoritiesProgressSchema, AuthResolveDeviceUserAuthoritiesResponseSchema, AuthResolveDeviceUserAuthoritiesSchema, AuthServiceInstancesDisableResponseSchema, AuthServiceInstancesDisableSchema, AuthServiceInstancesEnableResponseSchema, AuthServiceInstancesEnableSchema, AuthServiceInstancesListResponseSchema, AuthServiceInstancesListSchema, AuthServiceInstancesProvisionResponseSchema, AuthServiceInstancesProvisionSchema, AuthServiceInstancesRemoveResponseSchema, AuthServiceInstancesRemoveSchema, type AuthSessionsMeResponse, AuthSessionsMeResponseSchema, AuthSessionsMeSchema, AuthUserIdentitiesListResponseSchema, AuthUserIdentitiesListSchema, AuthUserIdentitiesUnlinkResponseSchema, AuthUserIdentitiesUnlinkSchema, AuthUsersAccountFlowCreateResponseSchema, AuthUsersCreateResponseSchema, AuthUsersCreateSchema, AuthUsersGetResponseSchema, AuthUsersGetSchema, AuthUsersIdentityLinkCreateSchema, AuthUsersListResponseSchema, AuthUsersListSchema, AuthUsersPasswordChangeResponseSchema, AuthUsersPasswordChangeSchema, AuthUsersPasswordResetCreateSchema, AuthUsersUpdateResponseSchema, AuthUsersUpdateSchema, CallerViewSchema, ContractAnalysisSchema, ContractAnalysisSummarySchema, DeploymentContractEvidenceSchema, type DeploymentEnvelope, type DeploymentGrantOverride, DeploymentGrantOverrideSchema, DeploymentPortalRouteSchema, DeploymentResourceBindingSchema, type DeviceActivationRecord, DeviceActivationRecordSchema, DeviceActivationReviewSchema, DeviceConnectInfoSchema, DeviceDeploymentSchema, DeviceSchema, DigestSchema, type EnvelopeBoundary, EnvelopeBoundarySchema, EnvelopeExpansionRequestSchema, type FlowRegistrationAvailability, FlowRegistrationAvailabilitySchema, type LoginPortalRecord, LoginPortalRecordSchema, type LoginPortalRoute, LoginPortalRouteSchema, type LoginPortalSettings, LoginPortalSettingsSchema, type LoginPortalSummary, LoginPortalSummarySchema, OpenObjectSchema, type ParticipantKind, ParticipantKindSchema, type PortalFlowApp, type PortalFlowApproval, type PortalFlowApprovalDeniedState, type PortalFlowApprovalRequiredState, type PortalFlowChooseProviderState, type PortalFlowExpiredState, type PortalFlowInsufficientCapabilitiesState, type PortalFlowProvider, type PortalFlowRedirectState, type PortalFlowState, PortalFlowStateSchema, type PortalFlowUser, ServiceDeploymentSchema, ServiceInstanceSchema, UserGrantViewSchema, UserViewSchema, WaitForDeviceActivationRequestSchema, WaitForDeviceActivationResponseSchema, } from "./protocol.js";
14
+ export { approvalCapabilityKeys, type ApprovalDecision, ApprovalDecisionSchema, type AuthStartFlowResponse, AuthStartFlowResponseSchema, type AuthStartRequest, AuthStartRequestSchema, type AuthStartResponse, AuthStartResponseSchema, type BindResponse, BindResponseSchema, type BindSuccessResponse, BindSuccessResponseSchema, type ClientTransportEndpoints, ClientTransportEndpointsSchema, type ClientTransports, ClientTransportsSchema, type ContractApproval, type ContractApprovalCapability, ContractApprovalSchema, type NatsAuthTokenV1, NatsAuthTokenV1Schema, type SentinelCreds, SentinelCredsSchema, type UserParticipantKind, UserParticipantKindSchema, } from "./schemas.js";
15
15
  export { buildNatsConnectSignaturePayload, createAuth, type NatsConnectOptions, type TrellisAuth, } from "./session_auth.js";
16
16
  export { correctedIatSeconds, estimateMidpointClockOffsetMs } from "./time.js";
17
17
  export { trellisIdFromOriginId } from "./trellis_id.js";
package/esm/npm/src/auth/mod.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../../../src/auth/mod.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EACL,KAAK,uBAAuB,EAC5B,KAAK,2BAA2B,EAChC,KAAK,wBAAwB,EAC7B,KAAK,0BAA0B,EAC/B,KAAK,8BAA8B,EACnC,KAAK,+BAA+B,EACpC,KAAK,+BAA+B,EACpC,KAAK,kCAAkC,EACvC,4BAA4B,EAC5B,yBAAyB,EACzB,4BAA4B,EAC5B,yBAAyB,EACzB,4BAA4B,EAC5B,oBAAoB,EACpB,iBAAiB,EACjB,KAAK,uBAAuB,EAC5B,KAAK,yBAAyB,EAC9B,KAAK,2BAA2B,EAChC,KAAK,cAAc,EACnB,6BAA6B,EAC7B,oBAAoB,EACpB,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,EAC/B,4BAA4B,EAC5B,qBAAqB,EACrB,4BAA4B,EAC5B,4BAA4B,EAC5B,yBAAyB,EACzB,uBAAuB,EACvB,KAAK,+BAA+B,GACrC,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,KAAK,UAAU,EACf,QAAQ,EACR,aAAa,EACb,eAAe,EACf,cAAc,EACd,oBAAoB,EACpB,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,aAAa,EACb,qBAAqB,EACrB,cAAc,EACd,oBAAoB,EACpB,mBAAmB,EACnB,sBAAsB,EACtB,sBAAsB,EACtB,KAAK,gBAAgB,EACrB,SAAS,EACT,gBAAgB,EAChB,oBAAoB,GACrB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,eAAe,EACf,WAAW,EACX,KAAK,WAAW,EAChB,WAAW,GACZ,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,wBAAwB,EACxB,gCAAgC,EAChC,gCAAgC,EAChC,wBAAwB,EACxB,+CAA+C,EAC/C,uCAAuC,EACvC,gDAAgD,EAChD,wCAAwC,EACxC,4CAA4C,EAC5C,oCAAoC,EACpC,2CAA2C,EAC3C,mCAAmC,EACnC,wCAAwC,EACxC,gCAAgC,EAChC,8BAA8B,EAC9B,sBAAsB,EACtB,yCAAyC,EACzC,iCAAiC,EACjC,8CAA8C,EAC9C,sCAAsC,EACtC,8BAA8B,EAC9B,uCAAuC,EACvC,wCAAwC,EACxC,8CAA8C,EAC9C,yCAAyC,EACzC,iCAAiC,EACjC,uCAAuC,EACvC,+BAA+B,EAC/B,4CAA4C,EAC5C,oCAAoC,EACpC,sCAAsC,EACtC,8BAA8B,EAC9B,+BAA+B,EAC/B,uBAAuB,EACvB,0CAA0C,EAC1C,kCAAkC,EAClC,wCAAwC,EACxC,gCAAgC,EAChC,wCAAwC,EACxC,gCAAgC,EAChC,sCAAsC,EACtC,8BAA8B,EAC9B,yCAAyC,EACzC,iCAAiC,EACjC,uCAAuC,EACvC,+BAA+B,EAC/B,KAAK,mBAAmB,EACxB,yBAAyB,EACzB,KAAK,oBAAoB,EACzB,KAAK,iBAAiB,EACtB,sCAAsC,EACtC,8BAA8B,EAC9B,wCAAwC,EACxC,gCAAgC,EAChC,sCAAsC,EACtC,8BAA8B,EAC9B,uCAAuC,EACvC,+BAA+B,EAC/B,+BAA+B,EAC/B,uBAAuB,EACvB,6CAA6C,EAC7C,qCAAqC,EACrC,uCAAuC,EACvC,+BAA+B,EAC/B,uCAAuC,EACvC,+BAA+B,EAC/B,qCAAqC,EACrC,6BAA6B,EAC7B,4CAA4C,EAC5C,oCAAoC,EACpC,wCAAwC,EACxC,gCAAgC,EAChC,2CAA2C,EAC3C,mCAAmC,EACnC,2CAA2C,EAC3C,mCAAmC,EACnC,oCAAoC,EACpC,4BAA4B,EAC5B,6BAA6B,EAC7B,qBAAqB,EACrB,wCAAwC,EACxC,gCAAgC,EAChC,sCAAsC,EACtC,8BAA8B,EAC9B,gCAAgC,EAChC,wBAAwB,EACxB,2BAA2B,EAC3B,mBAAmB,EACnB,KAAK,cAAc,EACnB,oBAAoB,EACpB,YAAY,EACZ,yCAAyC,EACzC,iCAAiC,EACjC,0CAA0C,EAC1C,kCAAkC,EAClC,wCAAwC,EACxC,gCAAgC,EAChC,sCAAsC,EACtC,8BAA8B,EAC9B,yCAAyC,EACzC,iCAAiC,EACjC,uCAAuC,EACvC,+BAA+B,EAC/B,gCAAgC,EAChC,wBAAwB,EACxB,wCAAwC,EACxC,gCAAgC,EAChC,iCAAiC,EACjC,yBAAyB,EACzB,wCAAwC,EACxC,gCAAgC,EAChC,0CAA0C,EAC1C,kCAAkC,EAClC,uCAAuC,EACvC,+BAA+B,EAC/B,yCAAyC,EACzC,iCAAiC,EACjC,kCAAkC,EAClC,0BAA0B,EAC1B,iDAAiD,EACjD,yCAAyC,EACzC,kDAAkD,EAClD,0CAA0C,EAC1C,4BAA4B,EAC5B,oBAAoB,EACpB,2CAA2C,EAC3C,mCAAmC,EACnC,iCAAiC,EACjC,yBAAyB,EACzB,gBAAgB,EAChB,sBAAsB,EACtB,6BAA6B,EAC7B,KAAK,sBAAsB,EAC3B,4BAA4B,EAC5B,4BAA4B,EAC5B,uBAAuB,EACvB,sBAAsB,EACtB,KAAK,mBAAmB,EACxB,yBAAyB,EACzB,KAAK,qBAAqB,EAC1B,2BAA2B,EAC3B,YAAY,EACZ,YAAY,EACZ,6BAA6B,EAC7B,uBAAuB,EACvB,KAAK,mBAAmB,EACxB,yBAAyB,EACzB,wBAAwB,EACxB,0BAA0B,EAC1B,gBAAgB,EAChB,KAAK,eAAe,EACpB,qBAAqB,EACrB,KAAK,aAAa,EAClB,KAAK,kBAAkB,EACvB,KAAK,6BAA6B,EAClC,KAAK,+BAA+B,EACpC,KAAK,6BAA6B,EAClC,KAAK,sBAAsB,EAC3B,KAAK,uCAAuC,EAC5C,KAAK,kBAAkB,EACvB,KAAK,uBAAuB,EAC5B,KAAK,eAAe,EACpB,qBAAqB,EACrB,KAAK,cAAc,EACnB,KAAK,aAAa,EAClB,mBAAmB,EACnB,YAAY,EACZ,uBAAuB,EACvB,qBAAqB,EACrB,mBAAmB,EACnB,cAAc,EACd,qCAAqC,GACtC,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,qBAAqB,EAC1B,2BAA2B,EAC3B,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,iBAAiB,EACtB,uBAAuB,EACvB,KAAK,YAAY,EACjB,kBAAkB,EAClB,KAAK,mBAAmB,EACxB,yBAAyB,EACzB,KAAK,wBAAwB,EAC7B,8BAA8B,EAC9B,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,eAAe,EACpB,qBAAqB,EACrB,KAAK,aAAa,EAClB,mBAAmB,EACnB,KAAK,mBAAmB,EACxB,yBAAyB,GAC1B,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,gCAAgC,EAChC,UAAU,EACV,KAAK,kBAAkB,EACvB,KAAK,WAAW,GACjB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,mBAAmB,EAAE,6BAA6B,EAAE,MAAM,WAAW,CAAC;AAC/E,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EACL,eAAe,EACf,eAAe,EACf,qBAAqB,EACrB,MAAM,EACN,aAAa,EACb,IAAI,GACL,MAAM,YAAY,CAAC"}
1
+ {"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../../../src/auth/mod.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EACL,KAAK,kCAAkC,EACvC,KAAK,mCAAmC,EACxC,KAAK,oCAAoC,EACzC,KAAK,uCAAuC,EAC5C,KAAK,qCAAqC,EAC1C,KAAK,yCAAyC,EAC9C,KAAK,sCAAsC,EAC3C,KAAK,wCAAwC,EAC7C,4BAA4B,EAC5B,yBAAyB,EACzB,4BAA4B,EAC5B,yBAAyB,EACzB,4BAA4B,EAC5B,oBAAoB,EACpB,iBAAiB,EACjB,KAAK,uBAAuB,EAC5B,KAAK,yBAAyB,EAC9B,KAAK,2BAA2B,EAChC,KAAK,cAAc,EACnB,6BAA6B,EAC7B,oBAAoB,EACpB,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,EAC/B,4BAA4B,EAC5B,qBAAqB,EACrB,4BAA4B,EAC5B,4BAA4B,EAC5B,yBAAyB,EACzB,uBAAuB,EACvB,KAAK,+BAA+B,GACrC,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,KAAK,UAAU,EACf,QAAQ,EACR,aAAa,EACb,eAAe,EACf,cAAc,EACd,oBAAoB,EACpB,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,aAAa,EACb,qBAAqB,EACrB,cAAc,EACd,oBAAoB,EACpB,mBAAmB,EACnB,sBAAsB,EACtB,sBAAsB,EACtB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,yBAAyB,EAC9B,SAAS,EACT,gBAAgB,EAChB,oBAAoB,GACrB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,eAAe,EACf,WAAW,EACX,KAAK,WAAW,EAChB,WAAW,GACZ,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,wBAAwB,EACxB,kCAAkC,EAClC,0BAA0B,EAC1B,wCAAwC,EACxC,gCAAgC,EAChC,qCAAqC,EACrC,6BAA6B,EAC7B,sCAAsC,EACtC,8BAA8B,EAC9B,qCAAqC,EACrC,6BAA6B,EAC7B,KAAK,cAAc,EACnB,KAAK,kBAAkB,EACvB,wBAAwB,EACxB,oBAAoB,EACpB,mCAAmC,EACnC,2BAA2B,EAC3B,oCAAoC,EACpC,4BAA4B,EAC5B,mCAAmC,EACnC,2BAA2B,EAC3B,iCAAiC,EACjC,yBAAyB,EACzB,mCAAmC,EACnC,2BAA2B,EAC3B,uCAAuC,EACvC,+BAA+B,EAC/B,gCAAgC,EAChC,wBAAwB,EACxB,+BAA+B,EAC/B,uBAAuB,EACvB,6BAA6B,EAC7B,qBAAqB,EACrB,kCAAkC,EAClC,0BAA0B,EAC1B,+BAA+B,EAC/B,uBAAuB,EACvB,4CAA4C,EAC5C,2CAA2C,EAC3C,mCAAmC,EACnC,6CAA6C,EAC7C,4CAA4C,EAC5C,mDAAmD,EACnD,oDAAoD,EACpD,4CAA4C,EAC5C,kDAAkD,EAClD,0CAA0C,EAC1C,6CAA6C,EAC7C,qCAAqC,EACrC,KAAK,mBAAmB,EACxB,yBAAyB,EACzB,KAAK,oBAAoB,EACzB,KAAK,iBAAiB,EACtB,KAAK,kCAAkC,EACvC,wCAAwC,EACxC,gCAAgC,EAChC,KAAK,mCAAmC,EACxC,yCAAyC,EACzC,iCAAiC,EACjC,KAAK,2BAA2B,EAChC,iCAAiC,EACjC,yBAAyB,EACzB,KAAK,wBAAwB,EAC7B,8BAA8B,EAC9B,sBAAsB,EACtB,KAAK,uCAAuC,EAC5C,6CAA6C,EAC7C,qCAAqC,EACrC,oCAAoC,EACpC,uCAAuC,EACvC,KAAK,mCAAmC,EACxC,yCAAyC,EACzC,KAAK,yBAAyB,EAC9B,+BAA+B,EAC/B,uBAAuB,EACvB,KAAK,2BAA2B,EAChC,iCAAiC,EACjC,yBAAyB,EACzB,sCAAsC,EACtC,8BAA8B,EAC9B,gCAAgC,EAChC,wBAAwB,EACxB,yCAAyC,EACzC,iCAAiC,EACjC,4BAA4B,EAC5B,oBAAoB,EACpB,6BAA6B,EAC7B,qBAAqB,EACrB,iCAAiC,EACjC,sCAAsC,EACtC,oCAAoC,EACpC,kCAAkC,EAClC,0BAA0B,EAC1B,qCAAqC,EACrC,6BAA6B,EAC7B,kCAAkC,EAClC,0BAA0B,EAC1B,8CAA8C,EAC9C,8CAA8C,EAC9C,sCAAsC,EACtC,yCAAyC,EACzC,iCAAiC,EACjC,wCAAwC,EACxC,gCAAgC,EAChC,sCAAsC,EACtC,8BAA8B,EAC9B,2CAA2C,EAC3C,mCAAmC,EACnC,wCAAwC,EACxC,gCAAgC,EAChC,KAAK,sBAAsB,EAC3B,4BAA4B,EAC5B,oBAAoB,EACpB,oCAAoC,EACpC,4BAA4B,EAC5B,sCAAsC,EACtC,8BAA8B,EAC9B,wCAAwC,EACxC,6BAA6B,EAC7B,qBAAqB,EACrB,0BAA0B,EAC1B,kBAAkB,EAClB,iCAAiC,EACjC,2BAA2B,EAC3B,mBAAmB,EACnB,qCAAqC,EACrC,6BAA6B,EAC7B,kCAAkC,EAClC,6BAA6B,EAC7B,qBAAqB,EACrB,gBAAgB,EAChB,sBAAsB,EACtB,6BAA6B,EAC7B,gCAAgC,EAChC,KAAK,kBAAkB,EACvB,KAAK,uBAAuB,EAC5B,6BAA6B,EAC7B,2BAA2B,EAC3B,+BAA+B,EAC/B,KAAK,sBAAsB,EAC3B,4BAA4B,EAC5B,4BAA4B,EAC5B,uBAAuB,EACvB,sBAAsB,EACtB,YAAY,EACZ,YAAY,EACZ,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,8BAA8B,EAC9B,KAAK,4BAA4B,EACjC,kCAAkC,EAClC,KAAK,iBAAiB,EACtB,uBAAuB,EACvB,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,mBAAmB,EACxB,yBAAyB,EACzB,KAAK,kBAAkB,EACvB,wBAAwB,EACxB,gBAAgB,EAChB,KAAK,eAAe,EACpB,qBAAqB,EACrB,KAAK,aAAa,EAClB,KAAK,kBAAkB,EACvB,KAAK,6BAA6B,EAClC,KAAK,+BAA+B,EACpC,KAAK,6BAA6B,EAClC,KAAK,sBAAsB,EAC3B,KAAK,uCAAuC,EAC5C,KAAK,kBAAkB,EACvB,KAAK,uBAAuB,EAC5B,KAAK,eAAe,EACpB,qBAAqB,EACrB,KAAK,cAAc,EACnB,uBAAuB,EACvB,qBAAqB,EACrB,mBAAmB,EACnB,cAAc,EACd,oCAAoC,EACpC,qCAAqC,GACtC,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,sBAAsB,EACtB,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,qBAAqB,EAC1B,2BAA2B,EAC3B,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,iBAAiB,EACtB,uBAAuB,EACvB,KAAK,YAAY,EACjB,kBAAkB,EAClB,KAAK,mBAAmB,EACxB,yBAAyB,EACzB,KAAK,wBAAwB,EAC7B,8BAA8B,EAC9B,KAAK,gBAAgB,EACrB,sBAAsB,EACtB,KAAK,gBAAgB,EACrB,KAAK,0BAA0B,EAC/B,sBAAsB,EACtB,KAAK,eAAe,EACpB,qBAAqB,EACrB,KAAK,aAAa,EAClB,mBAAmB,EACnB,KAAK,mBAAmB,EACxB,yBAAyB,GAC1B,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,gCAAgC,EAChC,UAAU,EACV,KAAK,kBAAkB,EACvB,KAAK,WAAW,GACjB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,mBAAmB,EAAE,6BAA6B,EAAE,MAAM,WAAW,CAAC;AAC/E,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EACL,eAAe,EACf,eAAe,EACf,qBAAqB,EACrB,MAAM,EACN,aAAa,EACb,IAAI,GACL,MAAM,YAAY,CAAC"}
package/esm/npm/src/auth/mod.js CHANGED
@@ -10,8 +10,8 @@
10
10
  export { buildDeviceActivationPayload, buildDeviceWaitProofInput, createDeviceActivationClient, createDeviceNatsAuthToken, deriveDeviceConfirmationCode, deriveDeviceIdentity, deriveDeviceQrMac, encodeDeviceActivationPayload, getDeviceConnectInfo, parseDeviceActivationPayload, signDeviceWaitRequest, startDeviceActivationRequest, verifyDeviceConfirmationCode, verifyDeviceWaitSignature, waitForDeviceActivation, } from "./device_activation.js";
11
11
  export { bindFlow, buildLoginUrl, clearSessionKey, createRpcProof, fetchPortalFlowState, generateSessionKey, getOrCreateSessionKey, getPublicSessionKey, hasSessionKey, isBindSuccessResponse, loadSessionKey, natsConnectSigForIat, portalFlowIdFromUrl, portalProviderLoginUrl, portalRedirectLocation, signBytes, startAuthRequest, submitPortalApproval, } from "./browser.js";
12
12
  export { buildProofInput, createProof, verifyProof, } from "./proof.js";
13
- export { ApprovalRecordViewSchema, AuthActivateDeviceProgressSchema, AuthActivateDeviceResponseSchema, AuthActivateDeviceSchema, AuthApplyDeviceDeploymentContractResponseSchema, AuthApplyDeviceDeploymentContractSchema, AuthApplyServiceDeploymentContractResponseSchema, AuthApplyServiceDeploymentContractSchema, AuthClearDevicePortalSelectionResponseSchema, AuthClearDevicePortalSelectionSchema, AuthClearLoginPortalSelectionResponseSchema, AuthClearLoginPortalSelectionSchema, AuthCreateDeviceDeploymentResponseSchema, AuthCreateDeviceDeploymentSchema, AuthCreatePortalResponseSchema, AuthCreatePortalSchema, AuthCreateServiceDeploymentResponseSchema, AuthCreateServiceDeploymentSchema, AuthDecideDeviceActivationReviewResponseSchema, AuthDecideDeviceActivationReviewSchema, AuthDeviceActivatedEventSchema, AuthDeviceActivationApprovedEventSchema, AuthDeviceActivationRequestedEventSchema, AuthDeviceActivationReviewRequestedEventSchema, AuthDisableDeviceDeploymentResponseSchema, AuthDisableDeviceDeploymentSchema, AuthDisableDeviceInstanceResponseSchema, AuthDisableDeviceInstanceSchema, AuthDisableInstanceGrantPolicyResponseSchema, AuthDisableInstanceGrantPolicySchema, AuthDisablePortalProfileResponseSchema, AuthDisablePortalProfileSchema, AuthDisablePortalResponseSchema, AuthDisablePortalSchema, AuthDisableServiceDeploymentResponseSchema, AuthDisableServiceDeploymentSchema, AuthDisableServiceInstanceResponseSchema, AuthDisableServiceInstanceSchema, AuthEnableDeviceDeploymentResponseSchema, AuthEnableDeviceDeploymentSchema, AuthEnableDeviceInstanceResponseSchema, AuthEnableDeviceInstanceSchema, AuthEnableServiceDeploymentResponseSchema, AuthEnableServiceDeploymentSchema, AuthEnableServiceInstanceResponseSchema, AuthEnableServiceInstanceSchema, AuthenticatedDeviceSchema, AuthGetDeviceConnectInfoResponseSchema, AuthGetDeviceConnectInfoSchema, AuthGetDevicePortalDefaultResponseSchema, AuthGetDevicePortalDefaultSchema, AuthGetInstalledContractResponseSchema, AuthGetInstalledContractSchema, AuthGetLoginPortalDefaultResponseSchema, AuthGetLoginPortalDefaultSchema, AuthListApprovalsResponseSchema, AuthListApprovalsSchema, AuthListDeviceActivationReviewsResponseSchema, AuthListDeviceActivationReviewsSchema, AuthListDeviceActivationsResponseSchema, AuthListDeviceActivationsSchema, AuthListDeviceDeploymentsResponseSchema, AuthListDeviceDeploymentsSchema, AuthListDeviceInstancesResponseSchema, AuthListDeviceInstancesSchema, AuthListDevicePortalSelectionsResponseSchema, AuthListDevicePortalSelectionsSchema, AuthListInstalledContractsResponseSchema, AuthListInstalledContractsSchema, AuthListInstanceGrantPoliciesResponseSchema, AuthListInstanceGrantPoliciesSchema, AuthListLoginPortalSelectionsResponseSchema, AuthListLoginPortalSelectionsSchema, AuthListPortalProfilesResponseSchema, AuthListPortalProfilesSchema, AuthListPortalsResponseSchema, AuthListPortalsSchema, AuthListServiceDeploymentsResponseSchema, AuthListServiceDeploymentsSchema, AuthListServiceInstancesResponseSchema, AuthListServiceInstancesSchema, AuthListUserGrantsResponseSchema, AuthListUserGrantsSchema, AuthListUsersResponseSchema, AuthListUsersSchema, AuthMeResponseSchema, AuthMeSchema, AuthProvisionDeviceInstanceResponseSchema, AuthProvisionDeviceInstanceSchema, AuthProvisionServiceInstanceResponseSchema, AuthProvisionServiceInstanceSchema, AuthRemoveDeviceDeploymentResponseSchema, AuthRemoveDeviceDeploymentSchema, AuthRemoveDeviceInstanceResponseSchema, AuthRemoveDeviceInstanceSchema, AuthRemoveServiceDeploymentResponseSchema, AuthRemoveServiceDeploymentSchema, AuthRemoveServiceInstanceResponseSchema, AuthRemoveServiceInstanceSchema, AuthRevokeApprovalResponseSchema, AuthRevokeApprovalSchema, AuthRevokeDeviceActivationResponseSchema, AuthRevokeDeviceActivationSchema, AuthRevokeUserGrantResponseSchema, AuthRevokeUserGrantSchema, AuthSetDevicePortalDefaultResponseSchema, AuthSetDevicePortalDefaultSchema, AuthSetDevicePortalSelectionResponseSchema, AuthSetDevicePortalSelectionSchema, AuthSetLoginPortalDefaultResponseSchema, AuthSetLoginPortalDefaultSchema, AuthSetLoginPortalSelectionResponseSchema, AuthSetLoginPortalSelectionSchema, AuthSetPortalProfileResponseSchema, AuthSetPortalProfileSchema, AuthUnapplyDeviceDeploymentContractResponseSchema, AuthUnapplyDeviceDeploymentContractSchema, AuthUnapplyServiceDeploymentContractResponseSchema, AuthUnapplyServiceDeploymentContractSchema, AuthUpdateUserResponseSchema, AuthUpdateUserSchema, AuthUpsertInstanceGrantPolicyResponseSchema, AuthUpsertInstanceGrantPolicySchema, AuthValidateRequestResponseSchema, AuthValidateRequestSchema, CallerViewSchema, ContractAnalysisSchema, ContractAnalysisSummarySchema, DeviceActivationRecordSchema, DeviceActivationReviewSchema, DeviceConnectInfoSchema, DeviceDeploymentSchema, DevicePortalDefaultSchema, DevicePortalSelectionSchema, DeviceSchema, DigestSchema, InstalledContractDetailSchema, InstalledContractSchema, InstanceGrantPolicySchema, LoginPortalDefaultSchema, LoginPortalSelectionSchema, OpenObjectSchema, ParticipantKindSchema, PortalFlowStateSchema, PortalProfileSchema, PortalSchema, ServiceDeploymentSchema, ServiceInstanceSchema, UserGrantViewSchema, UserViewSchema, WaitForDeviceActivationResponseSchema, } from "./protocol.js";
14
- export { ApprovalDecisionSchema, AuthStartFlowResponseSchema, AuthStartRequestSchema, AuthStartResponseSchema, BindResponseSchema, BindSuccessResponseSchema, ClientTransportEndpointsSchema, ClientTransportsSchema, ContractApprovalSchema, NatsAuthTokenV1Schema, SentinelCredsSchema, UserParticipantKindSchema, } from "./schemas.js";
13
+ export { ApprovalRecordViewSchema, AuthCapabilitiesListResponseSchema, AuthCapabilitiesListSchema, AuthCapabilityGroupsDeleteResponseSchema, AuthCapabilityGroupsDeleteSchema, AuthCapabilityGroupsGetResponseSchema, AuthCapabilityGroupsGetSchema, AuthCapabilityGroupsListResponseSchema, AuthCapabilityGroupsListSchema, AuthCapabilityGroupsPutResponseSchema, AuthCapabilityGroupsPutSchema, AuthDeploymentKindSchema, AuthDeploymentSchema, AuthDeploymentsCreateResponseSchema, AuthDeploymentsCreateSchema, AuthDeploymentsDisableResponseSchema, AuthDeploymentsDisableSchema, AuthDeploymentsEnableResponseSchema, AuthDeploymentsEnableSchema, AuthDeploymentsListResponseSchema, AuthDeploymentsListSchema, AuthDeploymentsRemoveResponseSchema, AuthDeploymentsRemoveSchema, AuthDevicesConnectInfoGetResponseSchema, AuthDevicesConnectInfoGetSchema, AuthDevicesDisableResponseSchema, AuthDevicesDisableSchema, AuthDevicesEnableResponseSchema, AuthDevicesEnableSchema, AuthDevicesListResponseSchema, AuthDevicesListSchema, AuthDevicesProvisionResponseSchema, AuthDevicesProvisionSchema, AuthDevicesRemoveResponseSchema, AuthDevicesRemoveSchema, AuthDeviceUserAuthoritiesApprovedEventSchema, AuthDeviceUserAuthoritiesListResponseSchema, AuthDeviceUserAuthoritiesListSchema, AuthDeviceUserAuthoritiesRequestedEventSchema, AuthDeviceUserAuthoritiesResolvedEventSchema, AuthDeviceUserAuthoritiesReviewRequestedEventSchema, AuthDeviceUserAuthoritiesReviewsDecideResponseSchema, AuthDeviceUserAuthoritiesReviewsDecideSchema, AuthDeviceUserAuthoritiesReviewsListResponseSchema, AuthDeviceUserAuthoritiesReviewsListSchema, AuthDeviceUserAuthoritiesRevokeResponseSchema, AuthDeviceUserAuthoritiesRevokeSchema, AuthenticatedDeviceSchema, AuthEnvelopeExpansionsListResponseSchema, AuthEnvelopeExpansionsListSchema, AuthEnvelopesApproveRequestResponseSchema, AuthEnvelopesApproveRequestSchema, AuthEnvelopesExpandResponseSchema, AuthEnvelopesExpandSchema, AuthEnvelopesGetResponseSchema, AuthEnvelopesGetSchema, AuthEnvelopesGrantOverridesListResponseSchema, AuthEnvelopesGrantOverridesListSchema, AuthEnvelopesGrantOverridesPutSchema, AuthEnvelopesGrantOverridesRemoveSchema, AuthEnvelopesGrantOverridesResponseSchema, AuthEnvelopesListResponseSchema, AuthEnvelopesListSchema, AuthEnvelopesShrinkResponseSchema, AuthEnvelopesShrinkSchema, AuthIdentitiesGrantsListResponseSchema, AuthIdentitiesGrantsListSchema, AuthIdentitiesListResponseSchema, AuthIdentitiesListSchema, AuthIdentityEnvelopesRevokeResponseSchema, AuthIdentityEnvelopesRevokeSchema, AuthPortalsGetResponseSchema, AuthPortalsGetSchema, AuthPortalsListResponseSchema, AuthPortalsListSchema, AuthPortalsLoginSettingsGetSchema, AuthPortalsLoginSettingsResponseSchema, AuthPortalsLoginSettingsUpdateSchema, AuthPortalsRoutesPutResponseSchema, AuthPortalsRoutesPutSchema, AuthPortalsRoutesRemoveResponseSchema, AuthPortalsRoutesRemoveSchema, AuthRequestsValidateResponseSchema, AuthRequestsValidateSchema, AuthResolveDeviceUserAuthoritiesProgressSchema, AuthResolveDeviceUserAuthoritiesResponseSchema, AuthResolveDeviceUserAuthoritiesSchema, AuthServiceInstancesDisableResponseSchema, AuthServiceInstancesDisableSchema, AuthServiceInstancesEnableResponseSchema, AuthServiceInstancesEnableSchema, AuthServiceInstancesListResponseSchema, AuthServiceInstancesListSchema, AuthServiceInstancesProvisionResponseSchema, AuthServiceInstancesProvisionSchema, AuthServiceInstancesRemoveResponseSchema, AuthServiceInstancesRemoveSchema, AuthSessionsMeResponseSchema, AuthSessionsMeSchema, AuthUserIdentitiesListResponseSchema, AuthUserIdentitiesListSchema, AuthUserIdentitiesUnlinkResponseSchema, AuthUserIdentitiesUnlinkSchema, AuthUsersAccountFlowCreateResponseSchema, AuthUsersCreateResponseSchema, AuthUsersCreateSchema, AuthUsersGetResponseSchema, AuthUsersGetSchema, AuthUsersIdentityLinkCreateSchema, AuthUsersListResponseSchema, AuthUsersListSchema, AuthUsersPasswordChangeResponseSchema, AuthUsersPasswordChangeSchema, AuthUsersPasswordResetCreateSchema, AuthUsersUpdateResponseSchema, AuthUsersUpdateSchema, CallerViewSchema, ContractAnalysisSchema, ContractAnalysisSummarySchema, DeploymentContractEvidenceSchema, DeploymentGrantOverrideSchema, DeploymentPortalRouteSchema, DeploymentResourceBindingSchema, DeviceActivationRecordSchema, DeviceActivationReviewSchema, DeviceConnectInfoSchema, DeviceDeploymentSchema, DeviceSchema, DigestSchema, EnvelopeBoundarySchema, EnvelopeExpansionRequestSchema, FlowRegistrationAvailabilitySchema, LoginPortalRecordSchema, LoginPortalRouteSchema, LoginPortalSettingsSchema, LoginPortalSummarySchema, OpenObjectSchema, ParticipantKindSchema, PortalFlowStateSchema, ServiceDeploymentSchema, ServiceInstanceSchema, UserGrantViewSchema, UserViewSchema, WaitForDeviceActivationRequestSchema, WaitForDeviceActivationResponseSchema, } from "./protocol.js";
14
+ export { approvalCapabilityKeys, ApprovalDecisionSchema, AuthStartFlowResponseSchema, AuthStartRequestSchema, AuthStartResponseSchema, BindResponseSchema, BindSuccessResponseSchema, ClientTransportEndpointsSchema, ClientTransportsSchema, ContractApprovalSchema, NatsAuthTokenV1Schema, SentinelCredsSchema, UserParticipantKindSchema, } from "./schemas.js";
15
15
  export { buildNatsConnectSignaturePayload, createAuth, } from "./session_auth.js";
16
16
  export { correctedIatSeconds, estimateMidpointClockOffsetMs } from "./time.js";
17
17
  export { trellisIdFromOriginId } from "./trellis_id.js";
package/esm/npm/src/auth/proof.d.ts CHANGED
@@ -2,8 +2,10 @@ export type ProofParams = {
2
2
  sessionKey: string;
3
3
  subject: string;
4
4
  payloadHash: Uint8Array;
5
+ iat: number;
6
+ requestId: string;
5
7
  };
6
- export declare function buildProofInput(sessionKey: string, subject: string, payloadHash: Uint8Array): Uint8Array;
8
+ export declare function buildProofInput(sessionKey: string, subject: string, payloadHash: Uint8Array, iat: number, requestId: string): Uint8Array;
7
9
  export declare function createProof(privateKey: CryptoKey, params: ProofParams): Promise<string>;
8
10
  export declare function verifyProof(publicSessionKey: string, params: ProofParams, proofBase64url: string): Promise<boolean>;
9
11
  //# sourceMappingURL=proof.d.ts.map
package/esm/npm/src/auth/proof.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"proof.d.ts","sourceRoot":"","sources":["../../../../src/auth/proof.ts"],"names":[],"mappings":"AAUA,MAAM,MAAM,WAAW,GAAG;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,UAAU,CAAC;CACzB,CAAC;AAEF,wBAAgB,eAAe,CAC7B,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,EACf,WAAW,EAAE,UAAU,GACtB,UAAU,CA8BZ;AAED,wBAAsB,WAAW,CAC/B,UAAU,EAAE,SAAS,EACrB,MAAM,EAAE,WAAW,GAClB,OAAO,CAAC,MAAM,CAAC,CAajB;AAED,wBAAsB,WAAW,CAC/B,gBAAgB,EAAE,MAAM,EACxB,MAAM,EAAE,WAAW,EACnB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,OAAO,CAAC,CAkBlB"}
1
+ {"version":3,"file":"proof.d.ts","sourceRoot":"","sources":["../../../../src/auth/proof.ts"],"names":[],"mappings":"AAUA,MAAM,MAAM,WAAW,GAAG;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,UAAU,CAAC;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;CACnB,CAAC;AAcF,wBAAgB,eAAe,CAC7B,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,EACf,WAAW,EAAE,UAAU,EACvB,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,MAAM,GAChB,UAAU,CA4BZ;AAED,wBAAsB,WAAW,CAC/B,UAAU,EAAE,SAAS,EACrB,MAAM,EAAE,WAAW,GAClB,OAAO,CAAC,MAAM,CAAC,CAejB;AAED,wBAAsB,WAAW,CAC/B,gBAAgB,EAAE,MAAM,EACxB,MAAM,EAAE,WAAW,EACnB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,OAAO,CAAC,CAoBlB"}
package/esm/npm/src/auth/proof.js CHANGED
@@ -1,39 +1,45 @@
1
1
  import { base64urlDecode, base64urlEncode, sha256, toArrayBuffer, utf8, } from "./utils.js";
2
2
  import { importEd25519PublicKeyFromBase64url } from "./keys.js";
3
3
  import { AsyncResult } from "@qlever-llc/result";
4
- export function buildProofInput(sessionKey, subject, payloadHash) {
4
+ function appendLengthPrefixed(buf, view, offset, value) {
5
+ view.setUint32(offset, value.length);
6
+ offset += 4;
7
+ buf.set(value, offset);
8
+ return offset + value.length;
9
+ }
10
+ export function buildProofInput(sessionKey, subject, payloadHash, iat, requestId) {
5
11
  const sessionKeyBytes = utf8(sessionKey);
6
12
  const subjectBytes = utf8(subject);
13
+ const iatBytes = utf8(String(iat));
14
+ const requestIdBytes = utf8(requestId);
7
15
  const buf = new Uint8Array(4 +
8
16
  sessionKeyBytes.length +
9
17
  4 +
10
18
  subjectBytes.length +
11
19
  4 +
12
- payloadHash.length);
20
+ payloadHash.length +
21
+ 4 +
22
+ iatBytes.length +
23
+ 4 +
24
+ requestIdBytes.length);
13
25
  const view = new DataView(buf.buffer);
14
26
  let offset = 0;
15
- view.setUint32(offset, sessionKeyBytes.length);
16
- offset += 4;
17
- buf.set(sessionKeyBytes, offset);
18
- offset += sessionKeyBytes.length;
19
- view.setUint32(offset, subjectBytes.length);
20
- offset += 4;
21
- buf.set(subjectBytes, offset);
22
- offset += subjectBytes.length;
23
- view.setUint32(offset, payloadHash.length);
24
- offset += 4;
25
- buf.set(payloadHash, offset);
27
+ offset = appendLengthPrefixed(buf, view, offset, sessionKeyBytes);
28
+ offset = appendLengthPrefixed(buf, view, offset, subjectBytes);
29
+ offset = appendLengthPrefixed(buf, view, offset, payloadHash);
30
+ offset = appendLengthPrefixed(buf, view, offset, iatBytes);
31
+ appendLengthPrefixed(buf, view, offset, requestIdBytes);
26
32
  return buf;
27
33
  }
28
34
  export async function createProof(privateKey, params) {
29
- const input = buildProofInput(params.sessionKey, params.subject, params.payloadHash);
35
+ const input = buildProofInput(params.sessionKey, params.subject, params.payloadHash, params.iat, params.requestId);
30
36
  const digest = await sha256(input);
31
37
  const sig = await crypto.subtle.sign({ name: "Ed25519" }, privateKey, toArrayBuffer(digest));
32
38
  return base64urlEncode(new Uint8Array(sig));
33
39
  }
34
40
  export async function verifyProof(publicSessionKey, params, proofBase64url) {
35
41
  const result = await AsyncResult.try(async () => {
36
- const input = buildProofInput(params.sessionKey, params.subject, params.payloadHash);
42
+ const input = buildProofInput(params.sessionKey, params.subject, params.payloadHash, params.iat, params.requestId);
37
43
  const digest = await sha256(input);
38
44
  const signature = base64urlDecode(proofBase64url);
39
45
  const pub = await importEd25519PublicKeyFromBase64url(publicSessionKey);