@the-ai-company/cbio-node-runtime 1.63.7 → 1.64.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +11 -5
- package/dist/clients/agent/client.d.ts +2 -2
- package/dist/clients/agent/client.js +46 -49
- package/dist/clients/agent/client.js.map +1 -1
- package/dist/clients/agent/contracts.d.ts +5 -5
- package/dist/clients/owner/client.js +209 -195
- package/dist/clients/owner/client.js.map +1 -1
- package/dist/clients/owner/contracts.d.ts +47 -48
- package/dist/protocol/childSecretNaming.d.ts +1 -1
- package/dist/protocol/childSecretNaming.js +2 -2
- package/dist/protocol/childSecretNaming.js.map +1 -1
- package/dist/protocol/crypto.d.ts +4 -4
- package/dist/protocol/crypto.js +14 -14
- package/dist/protocol/crypto.js.map +1 -1
- package/dist/protocol/identity.d.ts +2 -2
- package/dist/protocol/identity.js +4 -4
- package/dist/protocol/identity.js.map +1 -1
- package/dist/public-types.d.ts +1 -1
- package/dist/public-types.js +1 -1
- package/dist/public-types.js.map +1 -1
- package/dist/runtime/bootstrap.d.ts +6 -6
- package/dist/runtime/bootstrap.js +26 -26
- package/dist/runtime/bootstrap.js.map +1 -1
- package/dist/runtime/identity.d.ts +6 -6
- package/dist/runtime/identity.js +14 -12
- package/dist/runtime/identity.js.map +1 -1
- package/dist/runtime/index.d.ts +1 -1
- package/dist/runtime/index.js +1 -1
- package/dist/runtime/index.js.map +1 -1
- package/dist/runtime/owner-session.d.ts +1 -5
- package/dist/runtime/owner-session.js +4 -5
- package/dist/runtime/owner-session.js.map +1 -1
- package/dist/runtime/vault-metadata.d.ts +2 -2
- package/dist/runtime/vault-metadata.js +2 -2
- package/dist/runtime/vault-metadata.js.map +1 -1
- package/dist/vault-core/contracts.d.ts +235 -238
- package/dist/vault-core/contracts.js +25 -34
- package/dist/vault-core/contracts.js.map +1 -1
- package/dist/vault-core/core.d.ts +41 -42
- package/dist/vault-core/core.js +251 -274
- package/dist/vault-core/core.js.map +1 -1
- package/dist/vault-core/defaults.d.ts +25 -25
- package/dist/vault-core/defaults.js +95 -95
- package/dist/vault-core/defaults.js.map +1 -1
- package/dist/vault-core/errors.d.ts +1 -1
- package/dist/vault-core/errors.js.map +1 -1
- package/dist/vault-core/index.d.ts +2 -2
- package/dist/vault-core/index.js +2 -2
- package/dist/vault-core/index.js.map +1 -1
- package/dist/vault-core/persistence.d.ts +19 -19
- package/dist/vault-core/persistence.js +78 -67
- package/dist/vault-core/persistence.js.map +1 -1
- package/dist/vault-core/ports.d.ts +23 -23
- package/dist/vault-core/tool-metadata.js +6 -6
- package/dist/vault-core/tool-metadata.js.map +1 -1
- package/dist/vault-ingress/defaults.d.ts +2 -2
- package/dist/vault-ingress/defaults.js +10 -10
- package/dist/vault-ingress/defaults.js.map +1 -1
- package/dist/vault-ingress/index.d.ts +46 -47
- package/dist/vault-ingress/index.js +34 -37
- package/dist/vault-ingress/index.js.map +1 -1
- package/dist/vault-ingress/remote-transport.d.ts +2 -2
- package/dist/vault-ingress/remote-transport.js +27 -27
- package/dist/vault-ingress/remote-transport.js.map +1 -1
- package/docs/ARCHITECTURE.md +1 -1
- package/docs/CUSTODY_MODEL.md +3 -3
- package/docs/IDENTITY_MODEL.md +4 -4
- package/docs/REFERENCE.md +27 -2
- package/docs/api/README.md +3 -4
- package/docs/api/classes/IdentityError.md +1 -1
- package/docs/api/classes/OwnerClientError.md +1 -1
- package/docs/api/classes/PersistentVaultAgentIdentityRegistry.md +6 -6
- package/docs/api/classes/PersistentVaultAgentSecretGrantRegistry.md +12 -12
- package/docs/api/classes/PersistentVaultAuditLog.md +1 -1
- package/docs/api/classes/PersistentVaultSecretCustody.md +7 -7
- package/docs/api/classes/PersistentVaultSecretDestinationGrantRegistry.md +12 -12
- package/docs/api/classes/PersistentVaultSecretRepository.md +7 -7
- package/docs/api/classes/VaultCore.md +53 -69
- package/docs/api/classes/VaultCoreError.md +1 -1
- package/docs/api/enumerations/AuditOperation.md +137 -0
- package/docs/api/enumerations/DispatchStatus.md +1 -1
- package/docs/api/enumerations/IdentityErrorCode.md +1 -1
- package/docs/api/enumerations/OwnerClientErrorCode.md +1 -1
- package/docs/api/functions/createAgentClient.md +1 -1
- package/docs/api/functions/createIdentity.md +2 -2
- package/docs/api/functions/createOwnerClient.md +1 -1
- package/docs/api/functions/createOwnerSession.md +1 -1
- package/docs/api/functions/createPersistentVaultCoreDependencies.md +3 -3
- package/docs/api/functions/createVault.md +1 -1
- package/docs/api/functions/createVaultCore.md +1 -1
- package/docs/api/functions/createVaultCoreDependencies.md +1 -1
- package/docs/api/functions/createVaultService.md +1 -1
- package/docs/api/functions/createWorkspaceStorage.md +1 -1
- package/docs/api/functions/deriveRootAgentId.md +3 -3
- package/docs/api/functions/deriveVaultWorkingKeyFromPassword.md +4 -4
- package/docs/api/functions/getDefaultWorkspaceDir.md +1 -1
- package/docs/api/functions/handleVaultAgentControlHttp.md +1 -1
- package/docs/api/functions/handleVaultHttpDispatch.md +1 -1
- package/docs/api/functions/initializeVaultCustody.md +1 -1
- package/docs/api/functions/listVaults.md +1 -1
- package/docs/api/functions/readVaultProfile.md +3 -3
- package/docs/api/functions/recoverVault.md +4 -4
- package/docs/api/functions/recoverVaultWorkingKey.md +1 -1
- package/docs/api/functions/restoreIdentity.md +3 -3
- package/docs/api/functions/updateVaultMetadata.md +1 -1
- package/docs/api/functions/writeVaultProfile.md +3 -3
- package/docs/api/interfaces/AgentClient.md +3 -3
- package/docs/api/interfaces/AgentDispatchIntent.md +7 -7
- package/docs/api/interfaces/AgentDispatchTransport.md +1 -1
- package/docs/api/interfaces/AgentIdentity.md +3 -3
- package/docs/api/interfaces/AgentIdentityRecord.md +11 -11
- package/docs/api/interfaces/AgentRequestResult.md +9 -9
- package/docs/api/interfaces/AgentRuntimeManifest.md +13 -13
- package/docs/api/interfaces/AgentSecretGrant.md +11 -11
- package/docs/api/interfaces/AgentSigner.md +1 -1
- package/docs/api/interfaces/AgentVisibleRequestRecord.md +13 -13
- package/docs/api/interfaces/AgentVisibleSecretRecord.md +13 -13
- package/docs/api/interfaces/AuditEntry.md +45 -25
- package/docs/api/interfaces/CbioRuntime.md +10 -10
- package/docs/api/interfaces/CreateAgentClientOptions.md +1 -1
- package/docs/api/interfaces/CreateIdentityOptions.md +1 -1
- package/docs/api/interfaces/CreateOwnerClientOptions.md +3 -13
- package/docs/api/interfaces/CreateOwnerSessionOptions.md +4 -10
- package/docs/api/interfaces/CreatePersistentVaultCoreDependenciesOptions.md +3 -3
- package/docs/api/interfaces/CreateVaultOptions.md +2 -2
- package/docs/api/interfaces/CreatedVault.md +1 -1
- package/docs/api/interfaces/DefaultPolicyEngineOptions.md +9 -9
- package/docs/api/interfaces/DispatchAuthorization.md +11 -11
- package/docs/api/interfaces/DispatchInstruction.md +9 -9
- package/docs/api/interfaces/DispatchRequest.md +11 -11
- package/docs/api/interfaces/DispatchResult.md +11 -11
- package/docs/api/interfaces/IStorageProvider.md +1 -1
- package/docs/api/interfaces/InitializeVaultCustodyOptions.md +1 -1
- package/docs/api/interfaces/InitializedVaultCustody.md +1 -1
- package/docs/api/interfaces/OwnerAgentProvisionResult.md +3 -3
- package/docs/api/interfaces/OwnerClient.md +43 -11
- package/docs/api/interfaces/OwnerCreateSecretInput.md +3 -3
- package/docs/api/interfaces/OwnerRemoveSecretInput.md +3 -3
- package/docs/api/interfaces/OwnerRequestRecord.md +19 -19
- package/docs/api/interfaces/OwnerSensitiveActionConfirmation.md +1 -1
- package/docs/api/interfaces/OwnerSensitiveActionContext.md +1 -1
- package/docs/api/interfaces/OwnerSession.md +3 -3
- package/docs/api/interfaces/OwnerUpdateSecretInput.md +3 -3
- package/docs/api/interfaces/OwnerVisibleRequestRecord.md +21 -21
- package/docs/api/interfaces/RecoverVaultOptions.md +4 -4
- package/docs/api/interfaces/RecoveredVault.md +1 -1
- package/docs/api/interfaces/RequestRecord.md +19 -19
- package/docs/api/interfaces/RestoreIdentityOptions.md +1 -1
- package/docs/api/interfaces/SecretAlias.md +1 -1
- package/docs/api/interfaces/SecretDestinationGrant.md +11 -11
- package/docs/api/interfaces/SecretId.md +1 -1
- package/docs/api/interfaces/SecretRecord.md +13 -13
- package/docs/api/interfaces/Signer.md +1 -1
- package/docs/api/interfaces/VaultApproveDispatchInput.md +5 -5
- package/docs/api/interfaces/VaultAuditQueryInput.md +7 -7
- package/docs/api/interfaces/VaultCoreDependenciesOptions.md +5 -5
- package/docs/api/interfaces/VaultCreateAgentInput.md +3 -3
- package/docs/api/interfaces/VaultExportSecretInput.md +3 -3
- package/docs/api/interfaces/VaultGetRequestInput.md +5 -5
- package/docs/api/interfaces/VaultGrantAgentSecretInput.md +7 -7
- package/docs/api/interfaces/VaultGrantSecretDestinationInput.md +7 -7
- package/docs/api/interfaces/VaultId.md +1 -1
- package/docs/api/interfaces/VaultImportAgentInput.md +5 -5
- package/docs/api/interfaces/VaultIssueSessionTokenInput.md +5 -5
- package/docs/api/interfaces/VaultListAgentsInput.md +3 -3
- package/docs/api/interfaces/VaultListGrantsInput.md +7 -7
- package/docs/api/interfaces/VaultListRequestsInput.md +5 -5
- package/docs/api/interfaces/VaultListSecretsInput.md +3 -3
- package/docs/api/interfaces/VaultMetadata.md +1 -1
- package/docs/api/interfaces/VaultObject.md +1 -1
- package/docs/api/interfaces/VaultPrincipal.md +1 -1
- package/docs/api/interfaces/VaultProfile.md +1 -1
- package/docs/api/interfaces/VaultReadAgentPrivateKeyInput.md +5 -5
- package/docs/api/interfaces/VaultReadSecretPlaintextInput.md +3 -3
- package/docs/api/interfaces/VaultRevokeAgentSecretInput.md +7 -7
- package/docs/api/interfaces/VaultRevokeSecretDestinationInput.md +7 -7
- package/docs/api/interfaces/VaultRevokeSessionTokenInput.md +1 -1
- package/docs/api/interfaces/VaultService.md +8 -24
- package/docs/api/interfaces/VaultUpdateAgentInput.md +5 -5
- package/docs/api/type-aliases/AgentId.md +1 -1
- package/docs/api/type-aliases/CbioRuntimeModule.md +1 -1
- package/docs/api/type-aliases/DispatchApprovalDecision.md +1 -1
- package/docs/api/type-aliases/GrantStatus.md +1 -1
- package/docs/api/type-aliases/SecretLifecycleStatus.md +1 -1
- package/docs/api/type-aliases/VaultPrincipalKind.md +1 -1
- package/docs/api/variables/DEFAULT_VAULT_KEY_CUSTODY_BLOB_KEY.md +1 -1
- package/docs/zh/README.md +9 -3
- package/examples/process-isolation.ts +21 -21
- package/package.json +2 -2
- package/docs/api/enumerations/AuditAction.md +0 -143
- package/docs/api/enumerations/AuditOutcome.md +0 -35
|
@@ -6,38 +6,29 @@ export var DispatchStatus;
|
|
|
6
6
|
DispatchStatus["PENDING"] = "PENDING";
|
|
7
7
|
DispatchStatus["STALLED"] = "STALLED";
|
|
8
8
|
})(DispatchStatus || (DispatchStatus = {}));
|
|
9
|
-
export var
|
|
10
|
-
(function (
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
})(AuditAction || (AuditAction = {}));
|
|
35
|
-
export var AuditOutcome;
|
|
36
|
-
(function (AuditOutcome) {
|
|
37
|
-
AuditOutcome["ALLOWED"] = "ALLOWED";
|
|
38
|
-
AuditOutcome["DENIED"] = "DENIED";
|
|
39
|
-
AuditOutcome["SUCCEEDED"] = "SUCCEEDED";
|
|
40
|
-
AuditOutcome["FAILED"] = "FAILED";
|
|
41
|
-
AuditOutcome["PENDING"] = "PENDING";
|
|
42
|
-
})(AuditOutcome || (AuditOutcome = {}));
|
|
9
|
+
export var AuditOperation;
|
|
10
|
+
(function (AuditOperation) {
|
|
11
|
+
AuditOperation["IDENTITY_REGISTER"] = "identity.register";
|
|
12
|
+
AuditOperation["IDENTITY_UPDATE"] = "identity.update";
|
|
13
|
+
AuditOperation["IDENTITY_ISSUE_TOKEN"] = "identity.issue_token";
|
|
14
|
+
AuditOperation["IDENTITY_REVOKE_TOKEN"] = "identity.revoke_token";
|
|
15
|
+
AuditOperation["GRANT_SECRET"] = "grant.grant_secret";
|
|
16
|
+
AuditOperation["GRANT_DESTINATION"] = "grant.grant_destination";
|
|
17
|
+
AuditOperation["REVOKE_SECRET"] = "grant.revoke_secret";
|
|
18
|
+
AuditOperation["REVOKE_DESTINATION"] = "grant.revoke_destination";
|
|
19
|
+
AuditOperation["SECRET_WRITE"] = "secret.write";
|
|
20
|
+
AuditOperation["SECRET_EXPORT"] = "secret.export";
|
|
21
|
+
AuditOperation["SECRET_DELETE"] = "secret.delete";
|
|
22
|
+
AuditOperation["POLICY_EVALUATE"] = "policy.evaluate_dispatch";
|
|
23
|
+
AuditOperation["SECRET_DISPATCH"] = "secret.dispatch";
|
|
24
|
+
AuditOperation["DISPATCH_APPROVE"] = "dispatch.approve";
|
|
25
|
+
AuditOperation["DISPATCH_REJECT"] = "dispatch.reject";
|
|
26
|
+
AuditOperation["DISPATCH_HOLD"] = "dispatch.pending_approval";
|
|
27
|
+
AuditOperation["MANAGEMENT_LIST_AGENTS"] = "management.list_agents";
|
|
28
|
+
AuditOperation["MANAGEMENT_LIST_GRANTS"] = "management.list_grants";
|
|
29
|
+
AuditOperation["MANAGEMENT_LIST_REQUESTS"] = "management.list_requests";
|
|
30
|
+
AuditOperation["MANAGEMENT_READ_REQUEST"] = "management.read_request";
|
|
31
|
+
AuditOperation["MANAGEMENT_READ_AUDIT"] = "management.read_audit";
|
|
32
|
+
AuditOperation["MANAGEMENT_LIST_SECRETS"] = "management.list_secrets";
|
|
33
|
+
})(AuditOperation || (AuditOperation = {}));
|
|
43
34
|
//# sourceMappingURL=contracts.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"contracts.js","sourceRoot":"","sources":["../../src/vault-core/contracts.ts"],"names":[],"mappings":"AA+aA,MAAM,CAAN,IAAY,cAMX;AAND,WAAY,cAAc;IACxB,yCAAuB,CAAA;IACvB,mCAAiB,CAAA;IACjB,mCAAiB,CAAA;IACjB,qCAAmB,CAAA;IACnB,qCAAmB,CAAA;AACrB,CAAC,EANW,cAAc,KAAd,cAAc,QAMzB;AA6BD,MAAM,CAAN,IAAY,
|
|
1
|
+
{"version":3,"file":"contracts.js","sourceRoot":"","sources":["../../src/vault-core/contracts.ts"],"names":[],"mappings":"AA+aA,MAAM,CAAN,IAAY,cAMX;AAND,WAAY,cAAc;IACxB,yCAAuB,CAAA;IACvB,mCAAiB,CAAA;IACjB,mCAAiB,CAAA;IACjB,qCAAmB,CAAA;IACnB,qCAAmB,CAAA;AACrB,CAAC,EANW,cAAc,KAAd,cAAc,QAMzB;AA6BD,MAAM,CAAN,IAAY,cA4BX;AA5BD,WAAY,cAAc;IACxB,yDAAuC,CAAA;IACvC,qDAAmC,CAAA;IACnC,+DAA6C,CAAA;IAC7C,iEAA+C,CAAA;IAE/C,qDAAmC,CAAA;IACnC,+DAA6C,CAAA;IAC7C,uDAAqC,CAAA;IACrC,iEAA+C,CAAA;IAE/C,+CAA6B,CAAA;IAC7B,iDAA+B,CAAA;IAC/B,iDAA+B,CAAA;IAE/B,8DAA4C,CAAA;IAC5C,qDAAmC,CAAA;IAEnC,uDAAqC,CAAA;IACrC,qDAAmC,CAAA;IACnC,6DAA2C,CAAA;IAE3C,mEAAiD,CAAA;IACjD,mEAAiD,CAAA;IACjD,uEAAqD,CAAA;IACrD,qEAAmD,CAAA;IACnD,iEAA+C,CAAA;IAC/C,qEAAmD,CAAA;AACrD,CAAC,EA5BW,cAAc,KAAd,cAAc,QA4BzB"}
|
|
@@ -3,101 +3,100 @@ import type { VaultCoreDependencies } from "./ports.js";
|
|
|
3
3
|
export declare class VaultCore {
|
|
4
4
|
private readonly _deps;
|
|
5
5
|
constructor(deps: VaultCoreDependencies);
|
|
6
|
-
get
|
|
6
|
+
get vault_id(): VaultId;
|
|
7
7
|
private _assertOwnerPrincipal;
|
|
8
8
|
private _appendAudit;
|
|
9
9
|
private _verifyAgentControlProof;
|
|
10
10
|
ownerGrantAgentSecret(actor: VaultPrincipal & {
|
|
11
11
|
kind: "owner";
|
|
12
|
-
},
|
|
13
|
-
|
|
12
|
+
}, root_agent_id: string, secret_alias: string, request?: {
|
|
13
|
+
request_id?: string;
|
|
14
14
|
}): Promise<AgentSecretGrant>;
|
|
15
15
|
ownerGrantSecretDestination(actor: VaultPrincipal & {
|
|
16
16
|
kind: "owner";
|
|
17
|
-
},
|
|
18
|
-
|
|
17
|
+
}, secret_alias: string, site_id: string, request?: {
|
|
18
|
+
request_id?: string;
|
|
19
19
|
}): Promise<SecretDestinationGrant>;
|
|
20
20
|
ownerRevokeAgentSecret(actor: VaultPrincipal & {
|
|
21
21
|
kind: "owner";
|
|
22
|
-
},
|
|
23
|
-
|
|
22
|
+
}, root_agent_id: string, secret_alias: string, request?: {
|
|
23
|
+
request_id?: string;
|
|
24
24
|
}): Promise<void>;
|
|
25
25
|
ownerRevokeSecretDestination(actor: VaultPrincipal & {
|
|
26
26
|
kind: "owner";
|
|
27
|
-
},
|
|
28
|
-
|
|
27
|
+
}, secret_alias: string, site_id: string, request?: {
|
|
28
|
+
request_id?: string;
|
|
29
29
|
}): Promise<void>;
|
|
30
30
|
ownerListGrants(actor: VaultPrincipal & {
|
|
31
31
|
kind: "owner";
|
|
32
|
-
},
|
|
33
|
-
|
|
34
|
-
|
|
32
|
+
}, root_agent_id?: string, secret_alias?: string): Promise<{
|
|
33
|
+
agent_secrets: readonly AgentSecretGrant[];
|
|
34
|
+
secret_destinations: readonly SecretDestinationGrant[];
|
|
35
35
|
}>;
|
|
36
36
|
agentAuthorizeDispatch(request: DispatchRequest): Promise<DispatchAuthorization>;
|
|
37
37
|
agentDispatchSecret(request: DispatchRequest): Promise<DispatchResult>;
|
|
38
38
|
ownerApproveDispatch(actor: VaultPrincipal & {
|
|
39
39
|
kind: "owner";
|
|
40
|
-
},
|
|
40
|
+
}, request_id: string, decision: DispatchApprovalDecision): Promise<DispatchResult | null>;
|
|
41
41
|
agentGetRuntimeManifest(command: {
|
|
42
42
|
agent: VaultPrincipal & {
|
|
43
43
|
kind: "agent";
|
|
44
44
|
};
|
|
45
45
|
proof: any;
|
|
46
|
-
|
|
47
|
-
|
|
46
|
+
request_id: string;
|
|
47
|
+
requested_at: string;
|
|
48
48
|
}): Promise<AgentRuntimeManifest>;
|
|
49
49
|
agentListSecrets(command: {
|
|
50
50
|
agent: VaultPrincipal & {
|
|
51
51
|
kind: "agent";
|
|
52
52
|
};
|
|
53
53
|
proof: any;
|
|
54
|
-
|
|
55
|
-
|
|
54
|
+
request_id: string;
|
|
55
|
+
requested_at: string;
|
|
56
56
|
}): Promise<readonly AgentVisibleSecretRecord[]>;
|
|
57
57
|
agentListRequests(command: {
|
|
58
58
|
agent: VaultPrincipal & {
|
|
59
59
|
kind: "agent";
|
|
60
60
|
};
|
|
61
61
|
proof: any;
|
|
62
|
-
|
|
63
|
-
|
|
62
|
+
request_id: string;
|
|
63
|
+
requested_at: string;
|
|
64
64
|
}): Promise<readonly AgentVisibleRequestRecord[]>;
|
|
65
65
|
agentGetRequest(command: {
|
|
66
66
|
agent: VaultPrincipal & {
|
|
67
67
|
kind: "agent";
|
|
68
68
|
};
|
|
69
69
|
proof: any;
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
70
|
+
request_id: string;
|
|
71
|
+
requested_at: string;
|
|
72
|
+
target_request_id: string;
|
|
73
73
|
}): Promise<any>;
|
|
74
74
|
ownerRegisterAgentIdentity(command: {
|
|
75
|
-
|
|
76
|
-
|
|
75
|
+
vault_id: VaultId;
|
|
76
|
+
request_id: string;
|
|
77
77
|
owner: VaultPrincipal;
|
|
78
78
|
agentRecord: AgentIdentityRecord;
|
|
79
|
-
|
|
79
|
+
requested_at: string;
|
|
80
80
|
}): Promise<void>;
|
|
81
81
|
ownerUpdateAgentIdentity(command: {
|
|
82
|
-
|
|
83
|
-
|
|
82
|
+
vault_id: VaultId;
|
|
83
|
+
request_id: string;
|
|
84
84
|
owner: VaultPrincipal;
|
|
85
|
-
|
|
85
|
+
root_agent_id: string;
|
|
86
86
|
nickname?: string;
|
|
87
87
|
metadata?: Record<string, any>;
|
|
88
|
-
|
|
88
|
+
requested_at: string;
|
|
89
89
|
}): Promise<AgentIdentityRecord>;
|
|
90
90
|
ownerCreateSecret(command: OwnerCreateSecretCommand): Promise<SecretRecord>;
|
|
91
91
|
ownerUpdateSecret(command: OwnerUpdateSecretCommand): Promise<SecretRecord>;
|
|
92
92
|
ownerRemoveSecret(command: {
|
|
93
93
|
kind: "owner.remove_secret";
|
|
94
|
-
|
|
95
|
-
|
|
94
|
+
vault_id: VaultId;
|
|
95
|
+
request_id: string;
|
|
96
96
|
owner: VaultPrincipal;
|
|
97
97
|
alias: string;
|
|
98
|
-
|
|
98
|
+
requested_at: string;
|
|
99
99
|
}): Promise<void>;
|
|
100
|
-
ownerWriteSecret(command: any): Promise<SecretRecord>;
|
|
101
100
|
ownerReadAudit(actor: VaultPrincipal & {
|
|
102
101
|
kind: "owner";
|
|
103
102
|
}, query: AuditQuery): Promise<readonly AuditEntry[]>;
|
|
@@ -109,31 +108,31 @@ export declare class VaultCore {
|
|
|
109
108
|
}): Promise<readonly AgentIdentityRecord[]>;
|
|
110
109
|
ownerListRequests(actor: VaultPrincipal & {
|
|
111
110
|
kind: "owner";
|
|
112
|
-
},
|
|
111
|
+
}, root_agent_id?: string): Promise<readonly OwnerVisibleRequestRecord[]>;
|
|
113
112
|
ownerGetRequest(actor: VaultPrincipal & {
|
|
114
113
|
kind: "owner";
|
|
115
|
-
},
|
|
114
|
+
}, request_id: string): Promise<OwnerRequestRecord>;
|
|
116
115
|
ownerListSecrets(actor: VaultPrincipal & {
|
|
117
116
|
kind: "owner";
|
|
118
117
|
}): Promise<readonly AgentVisibleSecretRecord[]>;
|
|
119
118
|
ownerIssueSessionToken(request: {
|
|
120
|
-
|
|
119
|
+
vault_id: VaultId;
|
|
121
120
|
actor: VaultPrincipal;
|
|
122
|
-
|
|
121
|
+
root_agent_id: string;
|
|
123
122
|
}): Promise<{
|
|
124
123
|
token: string;
|
|
125
|
-
|
|
126
|
-
|
|
124
|
+
root_agent_id: string;
|
|
125
|
+
issued_at: string;
|
|
127
126
|
}>;
|
|
128
127
|
ownerIssueAllAgentSessionTokens(actor: VaultPrincipal & {
|
|
129
128
|
kind: "owner";
|
|
130
129
|
}): Promise<{
|
|
131
130
|
token: string;
|
|
132
|
-
|
|
133
|
-
|
|
131
|
+
root_agent_id: string;
|
|
132
|
+
issued_at: string;
|
|
134
133
|
}[]>;
|
|
135
134
|
ownerRevokeSessionToken(request: {
|
|
136
|
-
|
|
135
|
+
vault_id: VaultId;
|
|
137
136
|
actor: VaultPrincipal;
|
|
138
137
|
token: string;
|
|
139
138
|
}): Promise<void>;
|