@sphereon/ssi-sdk.kms-rest-client 0.34.1-feature.SSISDK.78.306 → 0.34.1-feature.SSISDK.82.and.SSISDK.70.345

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/dist/index.cjs +125 -191
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +28 -52
  4. package/dist/index.d.ts +28 -52
  5. package/dist/index.js +125 -191
  6. package/dist/index.js.map +1 -1
  7. package/package.json +3 -3
  8. package/plugin.schema.json +43 -172
  9. package/src/agent/KmsRestClient.ts +59 -47
  10. package/src/types/IKmsRestClient.ts +44 -61
package/dist/index.cjs CHANGED
@@ -351,10 +351,7 @@ var plugin_schema_default = {
351
351
  type: "string"
352
352
  }
353
353
  },
354
- required: [
355
- "input",
356
- "keyInfo"
357
- ]
354
+ required: ["input", "keyInfo"]
358
355
  },
359
356
  KeyInfo: {
360
357
  type: "object",
@@ -495,56 +492,28 @@ var plugin_schema_default = {
495
492
  description: "X.509 certificate SHA-256 thumbprint (base64url-encoded)."
496
493
  }
497
494
  },
498
- required: [
499
- "kty"
500
- ],
495
+ required: ["kty"],
501
496
  additionalProperties: false,
502
497
  description: "Represents a JSON Web Key (JWK) as defined by the JSON Web Key specification."
503
498
  },
504
499
  JwkKeyType: {
505
500
  type: "string",
506
- enum: [
507
- "EC",
508
- "RSA",
509
- "OKP",
510
- "oct"
511
- ],
501
+ enum: ["EC", "RSA", "OKP", "oct"],
512
502
  description: "JSON Web Key (JWK) key type parameter identifying the cryptographic algorithm family."
513
503
  },
514
504
  JwkUse: {
515
505
  type: "string",
516
- enum: [
517
- "sig",
518
- "enc"
519
- ],
506
+ enum: ["sig", "enc"],
520
507
  description: "Intended use of the key (signing or encryption)."
521
508
  },
522
509
  KeyOperations: {
523
510
  type: "string",
524
- enum: [
525
- "sign",
526
- "verify",
527
- "encrypt",
528
- "decrypt",
529
- "wrapKey",
530
- "unwrapKey",
531
- "deriveKey",
532
- "deriveBits"
533
- ],
511
+ enum: ["sign", "verify", "encrypt", "decrypt", "wrapKey", "unwrapKey", "deriveKey", "deriveBits"],
534
512
  description: "Specific operations the key is intended for."
535
513
  },
536
514
  Curve: {
537
515
  type: "string",
538
- enum: [
539
- "P-256",
540
- "P-384",
541
- "P-521",
542
- "secp256k1",
543
- "Ed25519",
544
- "Ed448",
545
- "X25519",
546
- "X448"
547
- ],
516
+ enum: ["P-256", "P-384", "P-521", "secp256k1", "Ed25519", "Ed448", "X25519", "X448"],
548
517
  description: "Elliptic curve identifier."
549
518
  },
550
519
  SignatureAlgorithm: {
@@ -567,27 +536,17 @@ var plugin_schema_default = {
567
536
  },
568
537
  KeyVisibility: {
569
538
  type: "string",
570
- enum: [
571
- "PUBLIC",
572
- "PRIVATE"
573
- ],
539
+ enum: ["PUBLIC", "PRIVATE"],
574
540
  description: "Indicates the visibility status of a cryptographic key."
575
541
  },
576
542
  KeyType: {
577
543
  type: "string",
578
- enum: [
579
- "OKP",
580
- "EC",
581
- "RSA"
582
- ],
544
+ enum: ["OKP", "EC", "RSA"],
583
545
  description: "Cryptographic key type identifier."
584
546
  },
585
547
  KeyEncoding: {
586
548
  type: "string",
587
- enum: [
588
- "COSE",
589
- "JOSE"
590
- ],
549
+ enum: ["COSE", "JOSE"],
591
550
  description: "The encoding format of the cryptographic key."
592
551
  },
593
552
  CreateRawSignatureResponse: {
@@ -598,9 +557,7 @@ var plugin_schema_default = {
598
557
  description: "The created signature encoded as a base64 string."
599
558
  }
600
559
  },
601
- required: [
602
- "signature"
603
- ],
560
+ required: ["signature"],
604
561
  additionalProperties: false,
605
562
  description: "Response body containing the created signature."
606
563
  },
@@ -614,9 +571,7 @@ var plugin_schema_default = {
614
571
  type: "string"
615
572
  }
616
573
  },
617
- required: [
618
- "aliasOrKid"
619
- ],
574
+ required: ["aliasOrKid"],
620
575
  additionalProperties: false
621
576
  },
622
577
  KmsClientGenerateKeyArgs: {
@@ -655,9 +610,7 @@ var plugin_schema_default = {
655
610
  $ref: "#/components/schemas/ManagedKeyPair"
656
611
  }
657
612
  },
658
- required: [
659
- "keyPair"
660
- ],
613
+ required: ["keyPair"],
661
614
  additionalProperties: false,
662
615
  description: "Response body containing a generated key pair."
663
616
  },
@@ -683,12 +636,7 @@ var plugin_schema_default = {
683
636
  $ref: "#/components/schemas/JoseKeyPair"
684
637
  }
685
638
  },
686
- required: [
687
- "providerId",
688
- "alias",
689
- "cose",
690
- "jose"
691
- ],
639
+ required: ["providerId", "alias", "cose", "jose"],
692
640
  additionalProperties: false,
693
641
  description: "Represents a key pair used by a crypto provider, encapsulating both JOSE and COSE key pairs."
694
642
  },
@@ -702,9 +650,7 @@ var plugin_schema_default = {
702
650
  $ref: "#/components/schemas/CoseKey"
703
651
  }
704
652
  },
705
- required: [
706
- "publicCoseKey"
707
- ],
653
+ required: ["publicCoseKey"],
708
654
  additionalProperties: false,
709
655
  description: "Represents a cryptographic key pair for COSE (CBOR Object Signing and Encryption) operations."
710
656
  },
@@ -757,20 +703,13 @@ var plugin_schema_default = {
757
703
  description: "X.509 certificate chain as base64-encoded certificates."
758
704
  }
759
705
  },
760
- required: [
761
- "kty"
762
- ],
706
+ required: ["kty"],
763
707
  additionalProperties: false,
764
708
  description: "Represents a COSE (CBOR Object Signing and Encryption) key in JSON format."
765
709
  },
766
710
  CoseKeyType: {
767
711
  type: "number",
768
- enum: [
769
- 1,
770
- 2,
771
- 3,
772
- 4
773
- ],
712
+ enum: [1, 2, 3, 4],
774
713
  description: "COSE key type parameter. 1=OKP (Octet Key Pair), 2=EC2 (Elliptic Curve), 3=RSA, 4=Symmetric."
775
714
  },
776
715
  JoseKeyPair: {
@@ -783,9 +722,7 @@ var plugin_schema_default = {
783
722
  $ref: "#/components/schemas/Jwk"
784
723
  }
785
724
  },
786
- required: [
787
- "publicJwk"
788
- ],
725
+ required: ["publicJwk"],
789
726
  additionalProperties: false,
790
727
  description: "Data class representing a cryptographic key pair used with JOSE (JSON Object Signing and Encryption)."
791
728
  },
@@ -799,9 +736,7 @@ var plugin_schema_default = {
799
736
  type: "string"
800
737
  }
801
738
  },
802
- required: [
803
- "aliasOrKid"
804
- ],
739
+ required: ["aliasOrKid"],
805
740
  additionalProperties: false
806
741
  },
807
742
  GetKeyResponse: {
@@ -811,9 +746,7 @@ var plugin_schema_default = {
811
746
  $ref: "#/components/schemas/ManagedKeyInfo"
812
747
  }
813
748
  },
814
- required: [
815
- "keyInfo"
816
- ],
749
+ required: ["keyInfo"],
817
750
  additionalProperties: false,
818
751
  description: "Response body containing a managed key."
819
752
  },
@@ -862,11 +795,7 @@ var plugin_schema_default = {
862
795
  description: "Additional configuration options as key-value pairs."
863
796
  }
864
797
  },
865
- required: [
866
- "key",
867
- "alias",
868
- "providerId"
869
- ],
798
+ required: ["key", "alias", "providerId"],
870
799
  additionalProperties: false,
871
800
  description: "Represents a managed cryptographic key information that is guaranteed to be present and resolved, part of a KMS providing concrete access to the key."
872
801
  },
@@ -880,9 +809,7 @@ var plugin_schema_default = {
880
809
  type: "string"
881
810
  }
882
811
  },
883
- required: [
884
- "providerId"
885
- ],
812
+ required: ["providerId"],
886
813
  additionalProperties: false
887
814
  },
888
815
  KeyProviderResponse: {
@@ -896,20 +823,13 @@ var plugin_schema_default = {
896
823
  $ref: "#/components/schemas/KeyProviderType"
897
824
  }
898
825
  },
899
- required: [
900
- "providerId",
901
- "type"
902
- ],
826
+ required: ["providerId", "type"],
903
827
  additionalProperties: false,
904
828
  description: "Response body containing the details of a Key Provider instance."
905
829
  },
906
830
  KeyProviderType: {
907
831
  type: "string",
908
- enum: [
909
- "SOFTWARE",
910
- "AZURE_KEYVAULT",
911
- "AWS_KMS"
912
- ],
832
+ enum: ["SOFTWARE", "AZURE_KEYVAULT", "AWS_KMS"],
913
833
  description: "The type of Key Provider. Determines the required configuration settings. - AZURE_KEYVAULT: Microsoft Azure Key Vault or Managed HSM. - AWS_KMS: Amazon Web Services Key Management Service."
914
834
  },
915
835
  kmsClientGetResolverArgs: {
@@ -922,9 +842,7 @@ var plugin_schema_default = {
922
842
  type: "string"
923
843
  }
924
844
  },
925
- required: [
926
- "resolverId"
927
- ],
845
+ required: ["resolverId"],
928
846
  additionalProperties: false
929
847
  },
930
848
  Resolver: {
@@ -949,21 +867,13 @@ var plugin_schema_default = {
949
867
  description: "List of key types supported by this resolver."
950
868
  }
951
869
  },
952
- required: [
953
- "resolverId"
954
- ],
870
+ required: ["resolverId"],
955
871
  additionalProperties: false,
956
872
  description: "Represents a key resolver configuration."
957
873
  },
958
874
  IdentifierMethod: {
959
875
  type: "string",
960
- enum: [
961
- "JWK",
962
- "KID",
963
- "COSE_KEY",
964
- "X5C",
965
- "DID"
966
- ],
876
+ enum: ["JWK", "KID", "COSE_KEY", "X5C", "DID"],
967
877
  description: "Method used to identify cryptographic keys."
968
878
  },
969
879
  KmsClientIsValidRawSignatureArgs: {
@@ -983,11 +893,7 @@ var plugin_schema_default = {
983
893
  type: "string"
984
894
  }
985
895
  },
986
- required: [
987
- "input",
988
- "keyInfo",
989
- "signature"
990
- ]
896
+ required: ["input", "keyInfo", "signature"]
991
897
  },
992
898
  VerifyRawSignatureResponse: {
993
899
  type: "object",
@@ -997,9 +903,7 @@ var plugin_schema_default = {
997
903
  description: "Indicates whether the signature is valid or not."
998
904
  }
999
905
  },
1000
- required: [
1001
- "isValid"
1002
- ],
906
+ required: ["isValid"],
1003
907
  additionalProperties: false,
1004
908
  description: "Response body containing the details of the signature verification."
1005
909
  },
@@ -1022,9 +926,7 @@ var plugin_schema_default = {
1022
926
  }
1023
927
  }
1024
928
  },
1025
- required: [
1026
- "providers"
1027
- ],
929
+ required: ["providers"],
1028
930
  additionalProperties: false,
1029
931
  description: "Response body containing the details of a Key Provider instance."
1030
932
  },
@@ -1039,10 +941,7 @@ var plugin_schema_default = {
1039
941
  $ref: "#/components/schemas/KeyProviderType"
1040
942
  }
1041
943
  },
1042
- required: [
1043
- "providerId",
1044
- "type"
1045
- ],
944
+ required: ["providerId", "type"],
1046
945
  additionalProperties: false,
1047
946
  description: "Response body containing the details of a Key Provider instance."
1048
947
  },
@@ -1068,9 +967,7 @@ var plugin_schema_default = {
1068
967
  }
1069
968
  }
1070
969
  },
1071
- required: [
1072
- "keyInfos"
1073
- ],
970
+ required: ["keyInfos"],
1074
971
  additionalProperties: false,
1075
972
  description: "Response body containing all the managed keys."
1076
973
  },
@@ -1093,9 +990,7 @@ var plugin_schema_default = {
1093
990
  }
1094
991
  }
1095
992
  },
1096
- required: [
1097
- "resolvers"
1098
- ],
993
+ required: ["resolvers"],
1099
994
  additionalProperties: false,
1100
995
  description: "Response body containing all the resolvers."
1101
996
  },
@@ -1112,10 +1007,7 @@ var plugin_schema_default = {
1112
1007
  type: "string"
1113
1008
  }
1114
1009
  },
1115
- required: [
1116
- "providerId",
1117
- "aliasOrKid"
1118
- ],
1010
+ required: ["providerId", "aliasOrKid"],
1119
1011
  additionalProperties: false
1120
1012
  },
1121
1013
  KmsClientProviderGenerateKeyArgs: {
@@ -1145,9 +1037,7 @@ var plugin_schema_default = {
1145
1037
  type: "string"
1146
1038
  }
1147
1039
  },
1148
- required: [
1149
- "providerId"
1150
- ]
1040
+ required: ["providerId"]
1151
1041
  },
1152
1042
  KmsClientProviderGetKeyArgs: {
1153
1043
  type: "object",
@@ -1162,10 +1052,7 @@ var plugin_schema_default = {
1162
1052
  type: "string"
1163
1053
  }
1164
1054
  },
1165
- required: [
1166
- "providerId",
1167
- "aliasOrKid"
1168
- ],
1055
+ required: ["providerId", "aliasOrKid"],
1169
1056
  additionalProperties: false
1170
1057
  },
1171
1058
  KmsClientProviderListKeysArgs: {
@@ -1178,9 +1065,7 @@ var plugin_schema_default = {
1178
1065
  type: "string"
1179
1066
  }
1180
1067
  },
1181
- required: [
1182
- "providerId"
1183
- ],
1068
+ required: ["providerId"],
1184
1069
  additionalProperties: false
1185
1070
  },
1186
1071
  KmsClientProviderStoreKeyArgs: {
@@ -1204,10 +1089,7 @@ var plugin_schema_default = {
1204
1089
  type: "string"
1205
1090
  }
1206
1091
  },
1207
- required: [
1208
- "keyInfo",
1209
- "providerId"
1210
- ]
1092
+ required: ["keyInfo", "providerId"]
1211
1093
  },
1212
1094
  ResolvedKeyInfo: {
1213
1095
  type: "object",
@@ -1254,9 +1136,7 @@ var plugin_schema_default = {
1254
1136
  description: "Additional configuration options as key-value pairs."
1255
1137
  }
1256
1138
  },
1257
- required: [
1258
- "key"
1259
- ],
1139
+ required: ["key"],
1260
1140
  additionalProperties: false,
1261
1141
  description: "Represents a resolved cryptographic key information where the key is guaranteed to be present and resolved, providing concrete access to the key."
1262
1142
  },
@@ -1267,9 +1147,7 @@ var plugin_schema_default = {
1267
1147
  $ref: "#/components/schemas/ManagedKeyInfo"
1268
1148
  }
1269
1149
  },
1270
- required: [
1271
- "keyInfo"
1272
- ],
1150
+ required: ["keyInfo"],
1273
1151
  additionalProperties: false,
1274
1152
  description: "Response body containing a stored key."
1275
1153
  },
@@ -1301,10 +1179,7 @@ var plugin_schema_default = {
1301
1179
  $ref: "#/components/schemas/String"
1302
1180
  }
1303
1181
  },
1304
- required: [
1305
- "keyInfo",
1306
- "resolverId"
1307
- ]
1182
+ required: ["keyInfo", "resolverId"]
1308
1183
  },
1309
1184
  String: {
1310
1185
  type: "object",
@@ -1313,9 +1188,7 @@ var plugin_schema_default = {
1313
1188
  type: "number"
1314
1189
  }
1315
1190
  },
1316
- required: [
1317
- "length"
1318
- ],
1191
+ required: ["length"],
1319
1192
  additionalProperties: {
1320
1193
  type: "string"
1321
1194
  }
@@ -1338,9 +1211,7 @@ var plugin_schema_default = {
1338
1211
  type: "string"
1339
1212
  }
1340
1213
  },
1341
- required: [
1342
- "keyInfo"
1343
- ]
1214
+ required: ["keyInfo"]
1344
1215
  }
1345
1216
  },
1346
1217
  methods: {
@@ -3767,7 +3638,11 @@ var KmsRestClient = class _KmsRestClient {
3767
3638
  const baseUrl = this.assertedAgentBaseUrl(args.baseUrl);
3768
3639
  const url = _KmsRestClient.urlWithBase(`/resolvers/${args.resolverId}`, baseUrl);
3769
3640
  const response = await (0, import_cross_fetch.fetch)(url, {
3770
- method: "GET"
3641
+ method: "GET",
3642
+ headers: await this.createHeaders({
3643
+ tenantId: args.tenantId,
3644
+ userId: args.userId
3645
+ })
3771
3646
  });
3772
3647
  logger.debug(`get resolver response: ${response}`);
3773
3648
  if (!response.ok) {
@@ -3780,7 +3655,11 @@ var KmsRestClient = class _KmsRestClient {
3780
3655
  const baseUrl = this.assertedAgentBaseUrl(args?.baseUrl);
3781
3656
  const url = _KmsRestClient.urlWithBase("/resolvers", baseUrl);
3782
3657
  const response = await (0, import_cross_fetch.fetch)(url, {
3783
- method: "GET"
3658
+ method: "GET",
3659
+ headers: await this.createHeaders({
3660
+ tenantId: args?.tenantId,
3661
+ userId: args?.userId
3662
+ })
3784
3663
  });
3785
3664
  logger.debug(`list resolvers response: ${response}`);
3786
3665
  if (!response.ok) {
@@ -3801,7 +3680,9 @@ var KmsRestClient = class _KmsRestClient {
3801
3680
  const response = await (0, import_cross_fetch.fetch)(url, {
3802
3681
  method: "POST",
3803
3682
  headers: await this.createHeaders({
3804
- "Content-Type": "application/json"
3683
+ contentType: "application/json",
3684
+ tenantId: args.tenantId,
3685
+ userId: args.userId
3805
3686
  }),
3806
3687
  body: JSON.stringify(ResolvePublicKeyToJSONTyped(body))
3807
3688
  });
@@ -3822,7 +3703,9 @@ var KmsRestClient = class _KmsRestClient {
3822
3703
  const response = await (0, import_cross_fetch.fetch)(url, {
3823
3704
  method: "POST",
3824
3705
  headers: await this.createHeaders({
3825
- "Content-Type": "application/json"
3706
+ contentType: "application/json",
3707
+ tenantId: args.tenantId,
3708
+ userId: args.userId
3826
3709
  }),
3827
3710
  body: JSON.stringify(CreateRawSignatureToJSONTyped(body))
3828
3711
  });
@@ -3844,7 +3727,9 @@ var KmsRestClient = class _KmsRestClient {
3844
3727
  const response = await (0, import_cross_fetch.fetch)(url, {
3845
3728
  method: "POST",
3846
3729
  headers: await this.createHeaders({
3847
- "Content-Type": "application/json"
3730
+ contentType: "application/json",
3731
+ tenantId: args.tenantId,
3732
+ userId: args.userId
3848
3733
  }),
3849
3734
  body: JSON.stringify(VerifyRawSignatureToJSONTyped(body))
3850
3735
  });
@@ -3859,7 +3744,11 @@ var KmsRestClient = class _KmsRestClient {
3859
3744
  const baseUrl = this.assertedAgentBaseUrl(args.baseUrl);
3860
3745
  const url = _KmsRestClient.urlWithBase(`/keys/${args.aliasOrKid}`, baseUrl);
3861
3746
  const response = await (0, import_cross_fetch.fetch)(url, {
3862
- method: "GET"
3747
+ method: "GET",
3748
+ headers: await this.createHeaders({
3749
+ tenantId: args.tenantId,
3750
+ userId: args.userId
3751
+ })
3863
3752
  });
3864
3753
  logger.debug(`get key response: ${response}`);
3865
3754
  if (!response.ok) {
@@ -3876,7 +3765,11 @@ var KmsRestClient = class _KmsRestClient {
3876
3765
  }
3877
3766
  });
3878
3767
  const response = await (0, import_cross_fetch.fetch)(url, {
3879
- method: "GET"
3768
+ method: "GET",
3769
+ headers: await this.createHeaders({
3770
+ tenantId: args?.tenantId,
3771
+ userId: args?.userId
3772
+ })
3880
3773
  });
3881
3774
  logger.debug(`list keys response: ${response}`);
3882
3775
  if (!response.ok) {
@@ -3895,7 +3788,9 @@ var KmsRestClient = class _KmsRestClient {
3895
3788
  const response = await (0, import_cross_fetch.fetch)(url, {
3896
3789
  method: "POST",
3897
3790
  headers: await this.createHeaders({
3898
- "Content-Type": "application/json"
3791
+ contentType: "application/json",
3792
+ tenantId: args.tenantId,
3793
+ userId: args.userId
3899
3794
  }),
3900
3795
  body: JSON.stringify(StoreKeyToJSONTyped(body))
3901
3796
  });
@@ -3918,7 +3813,9 @@ var KmsRestClient = class _KmsRestClient {
3918
3813
  const response = await (0, import_cross_fetch.fetch)(url, {
3919
3814
  method: "POST",
3920
3815
  headers: await this.createHeaders({
3921
- "Content-Type": "application/json"
3816
+ contentType: "application/json",
3817
+ tenantId: args.tenantId,
3818
+ userId: args.userId
3922
3819
  }),
3923
3820
  body: JSON.stringify(GenerateKeyGlobalToJSONTyped(body))
3924
3821
  });
@@ -3933,7 +3830,11 @@ var KmsRestClient = class _KmsRestClient {
3933
3830
  const baseUrl = this.assertedAgentBaseUrl(args.baseUrl);
3934
3831
  const url = _KmsRestClient.urlWithBase(`/keys/${args.aliasOrKid}`, baseUrl);
3935
3832
  const response = await (0, import_cross_fetch.fetch)(url, {
3936
- method: "DELETE"
3833
+ method: "DELETE",
3834
+ headers: await this.createHeaders({
3835
+ tenantId: args.tenantId,
3836
+ userId: args.userId
3837
+ })
3937
3838
  });
3938
3839
  logger.debug(`delete key response: ${response}`);
3939
3840
  if (!response.ok) {
@@ -3946,7 +3847,11 @@ var KmsRestClient = class _KmsRestClient {
3946
3847
  const baseUrl = this.assertedAgentBaseUrl(args.baseUrl);
3947
3848
  const url = _KmsRestClient.urlWithBase(`/providers/${args.providerId}`, baseUrl);
3948
3849
  const response = await (0, import_cross_fetch.fetch)(url, {
3949
- method: "GET"
3850
+ method: "GET",
3851
+ headers: await this.createHeaders({
3852
+ tenantId: args.tenantId,
3853
+ userId: args.userId
3854
+ })
3950
3855
  });
3951
3856
  logger.debug(`get provider response: ${response}`);
3952
3857
  if (!response.ok) {
@@ -3959,7 +3864,11 @@ var KmsRestClient = class _KmsRestClient {
3959
3864
  const baseUrl = this.assertedAgentBaseUrl(args?.baseUrl);
3960
3865
  const url = _KmsRestClient.urlWithBase("/providers", baseUrl);
3961
3866
  const response = await (0, import_cross_fetch.fetch)(url, {
3962
- method: "GET"
3867
+ method: "GET",
3868
+ headers: await this.createHeaders({
3869
+ tenantId: args?.tenantId,
3870
+ userId: args?.userId
3871
+ })
3963
3872
  });
3964
3873
  logger.debug(`list providers response: ${response}`);
3965
3874
  if (!response.ok) {
@@ -3972,7 +3881,11 @@ var KmsRestClient = class _KmsRestClient {
3972
3881
  const baseUrl = this.assertedAgentBaseUrl(args.baseUrl);
3973
3882
  const url = _KmsRestClient.urlWithBase(`/providers/${args.providerId}/keys`, baseUrl);
3974
3883
  const response = await (0, import_cross_fetch.fetch)(url, {
3975
- method: "GET"
3884
+ method: "GET",
3885
+ headers: await this.createHeaders({
3886
+ tenantId: args.tenantId,
3887
+ userId: args.userId
3888
+ })
3976
3889
  });
3977
3890
  logger.debug(`list provider keys response: ${response}`);
3978
3891
  if (!response.ok) {
@@ -3991,7 +3904,9 @@ var KmsRestClient = class _KmsRestClient {
3991
3904
  const response = await (0, import_cross_fetch.fetch)(url, {
3992
3905
  method: "POST",
3993
3906
  headers: await this.createHeaders({
3994
- "Content-Type": "application/json"
3907
+ contentType: "application/json",
3908
+ tenantId: args.tenantId,
3909
+ userId: args.userId
3995
3910
  }),
3996
3911
  body: JSON.stringify(StoreKeyToJSONTyped(body))
3997
3912
  });
@@ -4008,12 +3923,15 @@ var KmsRestClient = class _KmsRestClient {
4008
3923
  const body = {
4009
3924
  alg: args.alg,
4010
3925
  keyOperations: args.keyOperations,
4011
- use: args.use
3926
+ use: args.use,
3927
+ alias: args.alias
4012
3928
  };
4013
3929
  const response = await (0, import_cross_fetch.fetch)(url, {
4014
3930
  method: "POST",
4015
3931
  headers: await this.createHeaders({
4016
- "Content-Type": "application/json"
3932
+ contentType: "application/json",
3933
+ tenantId: args.tenantId,
3934
+ userId: args.userId
4017
3935
  }),
4018
3936
  body: JSON.stringify(GenerateKeyToJSONTyped(body))
4019
3937
  });
@@ -4028,7 +3946,11 @@ var KmsRestClient = class _KmsRestClient {
4028
3946
  const baseUrl = this.assertedAgentBaseUrl(args.baseUrl);
4029
3947
  const url = _KmsRestClient.urlWithBase(`/providers/${args.providerId}/keys/${args.aliasOrKid}`, baseUrl);
4030
3948
  const response = await (0, import_cross_fetch.fetch)(url, {
4031
- method: "GET"
3949
+ method: "GET",
3950
+ headers: await this.createHeaders({
3951
+ tenantId: args.tenantId,
3952
+ userId: args.userId
3953
+ })
4032
3954
  });
4033
3955
  logger.debug(`get provider key response: ${response}`);
4034
3956
  if (!response.ok) {
@@ -4041,7 +3963,11 @@ var KmsRestClient = class _KmsRestClient {
4041
3963
  const baseUrl = this.assertedAgentBaseUrl(args.baseUrl);
4042
3964
  const url = _KmsRestClient.urlWithBase(`providers/${args.providerId}/keys/${args.aliasOrKid}`, baseUrl);
4043
3965
  const response = await (0, import_cross_fetch.fetch)(url, {
4044
- method: "DELETE"
3966
+ method: "DELETE",
3967
+ headers: await this.createHeaders({
3968
+ tenantId: args.tenantId,
3969
+ userId: args.userId
3970
+ })
4045
3971
  });
4046
3972
  logger.debug(`delete key response: ${response}`);
4047
3973
  if (!response.ok) {
@@ -4057,9 +3983,17 @@ var KmsRestClient = class _KmsRestClient {
4057
3983
  }
4058
3984
  throw new Error("No base url has been provided");
4059
3985
  }
4060
- async createHeaders(existing) {
3986
+ async createHeaders(args) {
4061
3987
  const headers = {
4062
- ...existing,
3988
+ ...args?.contentType ? {
3989
+ "Content-Type": args.contentType
3990
+ } : {},
3991
+ ...args?.tenantId ? {
3992
+ "X-Tenant-ID": args.tenantId
3993
+ } : {},
3994
+ ...args?.userId ? {
3995
+ "X-User-ID": args.userId
3996
+ } : {},
4063
3997
  Accept: "application/json"
4064
3998
  };
4065
3999
  if (this.authOpts?.enabled === true) {