@tidecloak/js 0.9.11

package/dist/esm/modules/tide-js/index.js

@@ -0,0 +1,27 @@
+// 
+// Tide Protocol - Infrastructure for a TRUE Zero-Trust paradigm
+// Copyright (C) 2022 Tide Foundation Ltd
+// 
+// This program is free software and is subject to the terms of 
+// the Tide Community Open Code License as published by the 
+// Tide Foundation Limited. You may modify it and redistribute 
+// it in accordance with and subject to the terms of that License.
+// This program is distributed WITHOUT WARRANTY of any kind, 
+// including without any implied warranty of MERCHANTABILITY or 
+// FITNESS FOR A PARTICULAR PURPOSE.
+// See the Tide Community Open Code License for more details.
+// You should have received a copy of the Tide Community Open 
+// Code License along with this program.
+// If not, see https://tide.org/licenses_tcoc2-0-0-en
+//
+// discord - @mpz
+export { default as NodeClient } from './Clients/NodeClient.js';
+export { default as SimClient } from './Clients/NetworkClient.js';
+export { default as SimulatorFlow } from './Flow/SimulatorFlow.js';
+export { default as OrkInfo } from "./Models/Infos/OrkInfo.js";
+export { default as dKeyGenerationFlow } from './Flow/dKeyGenerationFlow.js';
+import * as Utils from './Tools/Utils.js';
+export { Utils };
+const TideJSVersion = "0.0.1";
+export { TideJSVersion };
+//# sourceMappingURL=index.js.map

package/dist/esm/modules/tide-js/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../modules/tide-js/index.js"],"names":[],"mappings":"AAAA,GAAG;AACH,gEAAgE;AAChE,yCAAyC;AACzC,GAAG;AACH,gEAAgE;AAChE,4DAA4D;AAC5D,+DAA+D;AAC/D,kEAAkE;AAClE,6DAA6D;AAC7D,gEAAgE;AAChE,oCAAoC;AACpC,6DAA6D;AAC7D,8DAA8D;AAC9D,wCAAwC;AACxC,qDAAqD;AACrD,EAAE;AACF,iBAAiB;AAEjB,OAAO,EAAE,OAAO,IAAI,UAAU,EAAE,MAAM,yBAAyB,CAAA;AAC/D,OAAO,EAAE,OAAO,IAAI,SAAS,EAAE,MAAM,4BAA4B,CAAA;AACjE,OAAO,EAAE,OAAO,IAAI,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACnE,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,MAAM,2BAA2B,CAAA;AAC9D,OAAO,EAAE,OAAO,IAAI,kBAAkB,EAAE,MAAM,8BAA8B,CAAA;AAE5E,OAAO,KAAK,KAAK,MAAM,kBAAkB,CAAC;AAC1C,OAAO,EAAE,KAAK,EAAE,CAAC;AAEjB,MAAM,aAAa,GAAG,OAAO,CAAC;AAC9B,OAAO,EAAE,aAAa,EAAE,CAAC"}

package/dist/esm/src/IAMService.js

@@ -0,0 +1,272 @@
+import TideCloak from "../lib/tidecloak";
+/**
+ * Singleton IAMService wrapping the TideCloak client.
+ *
+ * Usage A: pass an onReady callback directly
+ * ```js
+ * import { IAMService } from 'tidecloak-js';
+ * import config from './tidecloak.config.json';
+ *
+ * IAMService.initIAM(config, authenticated => {
+ *   if (!authenticated) IAMService.doLogin();
+ * }).catch(console.error);
+ * ```
+ *
+ * Usage B: attach multiple listeners, then init
+ * ```js
+ * IAMService
+ *   .on('ready', auth => console.log('ready', auth))
+ *   .on('authError', err => console.error('Auth failed', err));
+ *
+ * await IAMService.initIAM(config);
+ * ```
+ */
+class IAMService {
+    constructor() {
+        this._tc = null;
+        this._config = null;
+        this._listeners = {};
+    }
+    /**
+     * Register an event listener.
+     * @param {'ready'|'initError'|'authSuccess'|'authError'|'authRefreshSuccess'|'authRefreshError'|'logout'|'tokenExpired'} event
+     * @param {Function} handler
+     * @returns {this}
+     */
+    on(event, handler) {
+        if (!this._listeners[event])
+            this._listeners[event] = [];
+        this._listeners[event].push(handler);
+        return this;
+    }
+    /**
+     * Unregister an event listener.
+     * @param {string} event
+     * @param {Function} handler
+     * @returns {this}
+     */
+    off(event, handler) {
+        if (this._listeners[event]) {
+            this._listeners[event] = this._listeners[event].filter(fn => fn !== handler);
+        }
+        return this;
+    }
+    /** @private */
+    _emit(event, ...args) {
+        (this._listeners[event] || []).forEach(fn => {
+            try {
+                fn(event, ...args);
+            }
+            catch (e) {
+                console.error(`Error in "${event}" handler:`, e);
+            }
+        });
+    }
+    /**
+     * Load TideCloak configuration and instantiate the client once.
+     * @param {Object} config - TideCloak configuration object.
+     * @returns {Promise<Object|null>} The loaded config, or null on failure.
+     */
+    async loadConfig(config) {
+        if (this._tc)
+            return this._config;
+        if (!config || Object.keys(config).length === 0) {
+            console.warn("[loadConfig] empty config");
+            return null;
+        }
+        this._config = config;
+        try {
+            this._tc = new TideCloak({
+                url: config["auth-server-url"],
+                realm: config.realm,
+                clientId: config.resource,
+                vendorId: config.vendorId,
+                homeOrkUrl: config.homeOrkUrl,
+                clientOriginAuth: config['client-origin-auth-' + window.location.origin]
+            });
+        }
+        catch (err) {
+            console.error("[loadConfig] Failed to initialize TideCloak client:", err);
+            return null;
+        }
+        // wire Keycloak callbacks → our emitter
+        this._tc.onReady = auth => this._emit("ready", auth);
+        this._tc.onAuthSuccess = () => this._emit("authSuccess");
+        this._tc.onAuthError = err => this._emit("authError", err);
+        this._tc.onAuthRefreshSuccess = () => this._emit("authRefreshSuccess");
+        this._tc.onAuthRefreshError = err => this._emit("authRefreshError", err);
+        this._tc.onAuthLogout = () => this._emit("logout");
+        this._tc.onTokenExpired = () => this._emit("tokenExpired");
+        return this._config;
+    }
+    /**
+     * Initialize the TideCloak SSO client with silent SSO check.
+     * @param {Object} config - TideCloak configuration object.
+     * @param {Function} [onReady] - Optional callback for the 'ready' event.
+     * @returns {Promise<boolean>} true if authenticated, else false.
+     */
+    async initIAM(config, onReady) {
+        console.debug("[IAMService] Initializing IAM...");
+        // register callback on "ready" if provided
+        if (typeof onReady === "function") {
+            this.on("ready", onReady);
+        }
+        // no-op on server
+        if (typeof window === "undefined") {
+            this._emit("initError", new Error("SSR context: cannot initIAM on server"));
+            return false;
+        }
+        // load IAM config
+        const loaded = await this.loadConfig(config);
+        if (!loaded) {
+            this._emit("initError", new Error("Failed to load config"));
+            return false;
+        }
+        if (!this._tc) {
+            const err = new Error("TideCloak client not available");
+            this._emit("initError", err);
+            return false;
+        }
+        if (this._tc.didInitialize) {
+            console.debug("[IAMService] IAM Already initialized once.");
+            return this._tc.isLoggedIn();
+        }
+        let authenticated = false;
+        try {
+            authenticated = await this._tc.init({
+                onLoad: "check-sso",
+                silentCheckSsoRedirectUri: `${window.location.origin}/silent-check-sso.html`,
+                pkceMethod: "S256",
+            });
+            // if successful, store token for middleware
+            if (authenticated && this._tc.token) {
+                document.cookie = `kcToken=${this._tc.token}; path=/;`;
+            }
+        }
+        catch (err) {
+            console.error("[IAMService] TideCloak init error:", err);
+            this._emit("initError", err);
+        }
+        this._emit("ready", authenticated);
+        return authenticated;
+    }
+    /** @private */
+    getTideCloakClient() {
+        if (!this._tc) {
+            throw new Error("TideCloak client not initialized — call initIAM() first");
+        }
+        return this._tc;
+    }
+    /** @returns {Object} Loaded config */
+    getConfig() {
+        if (!this._config) {
+            throw new Error("Config not loaded — call initIAM() first");
+        }
+        return this._config;
+    }
+    /** @returns {boolean} Whether there's a valid token */
+    isLoggedIn() {
+        return !!this.getTideCloakClient().token;
+    }
+    /** @returns {Promise<string>} Valid token (refreshing if needed) */
+    async getToken() {
+        const exp = this.getTokenExp();
+        if (exp < 3)
+            await this.updateIAMToken();
+        return this.getTideCloakClient().token;
+    }
+    /** Seconds until token expiry */
+    getTokenExp() {
+        const kc = this.getTideCloakClient();
+        return Math.round(kc.tokenParsed.exp + kc.timeSkew - Date.now() / 1000);
+    }
+    /** @returns {string} ID token */
+    getIDToken() {
+        return this.getTideCloakClient().idToken;
+    }
+    /** @returns {string} Username (preferred_username claim) */
+    getName() {
+        return this.getTideCloakClient().tokenParsed.preferred_username;
+    }
+    /**
+     *  @param {string} role - the name of the role to check
+     *  @returns {boolean} Whether the user has a given realm role */
+    hasRealmRole(role) {
+        return this.getTideCloakClient().hasRealmRole(role);
+    }
+    /**
+     * @param {string} role - the name of the role to check
+     * @param {string} [client] - optional client-ID (defaults to the configured adapter resource)
+     * @returns {boolean} - whether the user has that role
+     */
+    hasClientRole(role, client) {
+        return this.getTideCloakClient().hasResourceRole(role, client);
+    }
+    /**
+     * @param {string} key - The name of the claim to retrieve from the Access token's payload.
+     * @returns {*} Custom claim from access token */
+    getValueFromToken(key) {
+        var _a;
+        return (_a = this.getTideCloakClient().tokenParsed[key]) !== null && _a !== void 0 ? _a : null;
+    }
+    /**
+     * @param {string} key - The name of the claim to retrieve from the ID token's payload.
+     * @returns {*} Custom claim from access token */
+    getValueFromIDToken(key) {
+        var _a;
+        return (_a = this.getTideCloakClient().idTokenParsed[key]) !== null && _a !== void 0 ? _a : null;
+    }
+    /** Refreshes token if expired or about to expire */
+    async updateIAMToken() {
+        const kc = this.getTideCloakClient();
+        const refreshed = await kc.updateToken();
+        const expiresIn = this.getTokenExp();
+        console.debug(refreshed
+            ? `[updateIAMToken] Refreshed: ${expiresIn}s`
+            : `[updateIAMToken] Still valid: ${expiresIn}s`);
+        document.cookie = `kcToken=${kc.token}; path=/;`;
+        return refreshed;
+    }
+    /** Force immediate refresh (min validity = -1) */
+    async forceUpdateToken() {
+        document.cookie = 'kcToken=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT';
+        const kc = this.getTideCloakClient();
+        const refreshed = await kc.updateToken(-1);
+        const expiresIn = this.getTokenExp();
+        console.debug(refreshed
+            ? `[updateToken] Immediately refreshed: ${expiresIn}s`
+            : `[updateToken] No refresh needed: ${expiresIn}s`);
+        document.cookie = `kcToken=${kc.token}; path=/;`;
+        return refreshed;
+    }
+    /** Start login redirect */
+    doLogin() {
+        this.getTideCloakClient().login({
+            redirectUri: `${window.location.origin}/auth/redirect`
+        });
+    }
+    /** Encrypt data via adapter */
+    async doEncrypt(data) {
+        return this.getTideCloakClient().encrypt(data);
+    }
+    /** Decrypt data via adapter */
+    async doDecrypt(data) {
+        return this.getTideCloakClient().decrypt(data);
+    }
+    /** Logout, clear cookie, then redirect */
+    doLogout() {
+        document.cookie = 'kcToken=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT';
+        this.getTideCloakClient().logout({
+            redirectUri: `${window.location.origin}/auth/redirect`
+        });
+    }
+    /** Base URL for Keycloak realm (no trailing slash) */
+    getBaseUrl() {
+        var _a, _b;
+        return ((_b = (_a = this._config) === null || _a === void 0 ? void 0 : _a["auth-server-url"]) === null || _b === void 0 ? void 0 : _b.replace(/\/$/, "")) || "";
+    }
+}
+const IAMServiceInstance = new IAMService();
+export { IAMServiceInstance as IAMService };
+export default IAMServiceInstance;
+//# sourceMappingURL=IAMService.js.map

package/dist/esm/src/IAMService.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"IAMService.js","sourceRoot":"","sources":["../../../src/IAMService.js"],"names":[],"mappings":"AAAA,OAAO,SAAS,MAAM,kBAAkB,CAAC;AAEzC;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,UAAU;IACd;QACE,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC;QAChB,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACpB,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;IACvB,CAAC;IAED;;;;;OAKG;IACH,EAAE,CAAC,KAAK,EAAE,OAAO;QACf,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC;YAAE,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;QACzD,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACrC,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;OAKG;IACH,GAAG,CAAC,KAAK,EAAE,OAAO;QAChB,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3B,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,OAAO,CAAC,CAAC;QAC/E,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,eAAe;IACf,KAAK,CAAC,KAAK,EAAE,GAAG,IAAI;QAClB,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE;YAC1C,IAAI,CAAC;gBAAC,EAAE,CAAC,KAAK,EAAE,GAAG,IAAI,CAAC,CAAC;YAAC,CAAC;YAC3B,OAAO,CAAC,EAAE,CAAC;gBAAC,OAAO,CAAC,KAAK,CAAC,aAAa,KAAK,YAAY,EAAE,CAAC,CAAC,CAAC;YAAC,CAAC;QACjE,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,UAAU,CAAC,MAAM;QACrB,IAAI,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC,OAAO,CAAC;QAElC,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAChD,OAAO,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;YAC1C,OAAO,IAAI,CAAC;QACd,CAAC;QACD,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC;QAEtB,IAAI,CAAC;YACH,IAAI,CAAC,GAAG,GAAG,IAAI,SAAS,CAAC;gBACvB,GAAG,EAAE,MAAM,CAAC,iBAAiB,CAAC;gBAC9B,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,gBAAgB,EAAE,MAAM,CAAC,qBAAqB,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;aACzE,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,qDAAqD,EAAE,GAAG,CAAC,CAAC;YAC1E,OAAO,IAAI,CAAC;QACd,CAAC;QAED,wCAAwC;QACxC,IAAI,CAAC,GAAG,CAAC,OAAO,GAAG,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QACrD,IAAI,CAAC,GAAG,CAAC,aAAa,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;QACzD,IAAI,CAAC,GAAG,CAAC,WAAW,GAAG,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;QAC3D,IAAI,CAAC,GAAG,CAAC,oBAAoB,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;QACvE,IAAI,CAAC,GAAG,CAAC,kBAAkB,GAAG,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC;QACzE,IAAI,CAAC,GAAG,CAAC,YAAY,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACnD,IAAI,CAAC,GAAG,CAAC,cAAc,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;QAE3D,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO;QAC3B,OAAO,CAAC,KAAK,CAAC,kCAAkC,CAAC,CAAA;QACjD,2CAA2C;QAC3C,IAAI,OAAO,OAAO,KAAK,UAAU,EAAE,CAAC;YAClC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC5B,CAAC;QAED,kBAAkB;QAClB,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;YAClC,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC,CAAC;YAC5E,OAAO,KAAK,CAAC;QACf,CAAC;QAED,kBAAkB;QAClB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC;YAC5D,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;YACd,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;YACxD,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;YAC7B,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC;YAC3B,OAAO,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAA;YAC3D,OAAO,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC;QAC/B,CAAC;QAED,IAAI,aAAa,GAAG,KAAK,CAAC;QAC1B,IAAI,CAAC;YACH,aAAa,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;gBAClC,MAAM,EAAE,WAAW;gBACnB,yBAAyB,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,wBAAwB;gBAC5E,UAAU,EAAE,MAAM;aACnB,CAAC,CAAC;YAEH,4CAA4C;YAC5C,IAAI,aAAa,IAAI,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;gBACpC,QAAQ,CAAC,MAAM,GAAG,WAAW,IAAI,CAAC,GAAG,CAAC,KAAK,WAAW,CAAC;YACzD,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,oCAAoC,EAAE,GAAG,CAAC,CAAC;YACzD,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;QAC/B,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QACnC,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,eAAe;IACf,kBAAkB;QAChB,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;QAC7E,CAAC;QACD,OAAO,IAAI,CAAC,GAAG,CAAC;IAClB,CAAC;IAED,sCAAsC;IACtC,SAAS;QACP,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC9D,CAAC;QACD,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED,uDAAuD;IACvD,UAAU;QACR,OAAO,CAAC,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC,KAAK,CAAC;IAC3C,CAAC;IAED,oEAAoE;IACpE,KAAK,CAAC,QAAQ;QACZ,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QAC/B,IAAI,GAAG,GAAG,CAAC;YAAE,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QACzC,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAC,KAAK,CAAC;IACzC,CAAC;IAED,iCAAiC;IACjC,WAAW;QACT,MAAM,EAAE,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACrC,OAAO,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,WAAW,CAAC,GAAG,GAAG,EAAE,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1E,CAAC;IAED,iCAAiC;IACjC,UAAU;QACR,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAC,OAAO,CAAC;IAC3C,CAAC;IAED,4DAA4D;IAC5D,OAAO;QACL,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAC,WAAW,CAAC,kBAAkB,CAAC;IAClE,CAAC;IAED;;qEAEiE;IACjE,YAAY,CAAC,IAAI;QACf,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;IACtD,CAAC;IAED;;;;OAIG;IACH,aAAa,CAAC,IAAI,EAAE,MAAM;QACxB,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAC,eAAe,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACjE,CAAC;IAED;;qDAEiD;IACjD,iBAAiB,CAAC,GAAG;;QACnB,OAAO,MAAA,IAAI,CAAC,kBAAkB,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,mCAAI,IAAI,CAAC;IAC5D,CAAC;IAED;;qDAEiD;IACjD,mBAAmB,CAAC,GAAG;;QACrB,OAAO,MAAA,IAAI,CAAC,kBAAkB,EAAE,CAAC,aAAa,CAAC,GAAG,CAAC,mCAAI,IAAI,CAAC;IAC9D,CAAC;IAED,oDAAoD;IACpD,KAAK,CAAC,cAAc;QAClB,MAAM,EAAE,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACrC,MAAM,SAAS,GAAG,MAAM,EAAE,CAAC,WAAW,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACrC,OAAO,CAAC,KAAK,CACX,SAAS;YACP,CAAC,CAAC,+BAA+B,SAAS,GAAG;YAC7C,CAAC,CAAC,iCAAiC,SAAS,GAAG,CAClD,CAAC;QACF,QAAQ,CAAC,MAAM,GAAG,WAAW,EAAE,CAAC,KAAK,WAAW,CAAC;QACjD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,kDAAkD;IAClD,KAAK,CAAC,gBAAgB;QACpB,QAAQ,CAAC,MAAM,GAAG,yDAAyD,CAAC;QAC5E,MAAM,EAAE,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACrC,MAAM,SAAS,GAAG,MAAM,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3C,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACrC,OAAO,CAAC,KAAK,CACX,SAAS;YACP,CAAC,CAAC,wCAAwC,SAAS,GAAG;YACtD,CAAC,CAAC,oCAAoC,SAAS,GAAG,CACrD,CAAC;QACF,QAAQ,CAAC,MAAM,GAAG,WAAW,EAAE,CAAC,KAAK,WAAW,CAAC;QACjD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,2BAA2B;IAC3B,OAAO;QACL,IAAI,CAAC,kBAAkB,EAAE,CAAC,KAAK,CAAC;YAC9B,WAAW,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,gBAAgB;SACvD,CAAC,CAAC;IACL,CAAC;IAED,+BAA+B;IAC/B,KAAK,CAAC,SAAS,CAAC,IAAI;QAClB,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC;IAED,+BAA+B;IAC/B,KAAK,CAAC,SAAS,CAAC,IAAI;QAClB,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC;IAED,0CAA0C;IAC1C,QAAQ;QACN,QAAQ,CAAC,MAAM,GAAG,yDAAyD,CAAC;QAC5E,IAAI,CAAC,kBAAkB,EAAE,CAAC,MAAM,CAAC;YAC/B,WAAW,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,gBAAgB;SACvD,CAAC,CAAC;IACL,CAAC;IAED,sDAAsD;IACtD,UAAU;;QACR,OAAO,CAAA,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAG,iBAAiB,CAAC,0CAAE,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,KAAI,EAAE,CAAC;IACrE,CAAC;CACF;AAED,MAAM,kBAAkB,GAAG,IAAI,UAAU,EAAE,CAAC;AAC5C,OAAO,EAAE,kBAAkB,IAAI,UAAU,EAAE,CAAC;AAC5C,eAAe,kBAAkB,CAAC"}

package/dist/esm/src/index.js

@@ -0,0 +1,8 @@
+import { ModelRegistry } from '../modules/tide-js/Models/ModelRegistry.js';
+export { default as IAMService } from './IAMService.js';
+export { default as TideCloak } from "../lib/tidecloak.js";
+export { bytesToBase64, base64ToBytes } from "../modules/tide-js/Cryptide/Serialization.js";
+export function getHumanReadableObject(modelId, data, expiry) {
+    return ModelRegistry.getHumanReadableModelBuilder(modelId, data, expiry).getHumanReadableObject();
+}
+//# sourceMappingURL=index.js.map

package/dist/esm/src/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/index.js"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,4CAA4C,CAAC;AAE3E,OAAO,EAAE,OAAO,IAAI,UAAU,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAE,OAAO,IAAI,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,8CAA8C,CAAC;AAE5F,MAAM,UAAU,sBAAsB,CAAC,OAAO,EAAE,IAAI,EAAE,MAAM;IACxD,OAAO,aAAa,CAAC,4BAA4B,CAAC,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC,sBAAsB,EAAE,CAAC;AACtG,CAAC"}

package/dist/silent-check-sso.html

@@ -0,0 +1 @@
+<html><body><script>parent.postMessage(location.href, location.origin)</script></body></html>

package/dist/types/lib/tidecloak.d.ts

@@ -0,0 +1,36 @@
+export function getHumanReadableObject(modelId: any, data: any, expiry: any): void;
+export default TideCloak;
+declare function TideCloak(config: any): void;
+declare class TideCloak {
+    constructor(config: any);
+    didInitialize: boolean;
+    init: (initOptions?: {}) => any;
+    login: (options: any) => any;
+    ensureTokenReady: () => Promise<void>;
+    encrypt: (toEncrypt: any) => Promise<any>;
+    initEnclave: () => void;
+    decrypt: (toDecrypt: any) => Promise<any>;
+    createLoginUrl: (options: any) => Promise<string>;
+    logout: (options: any) => any;
+    createLogoutUrl: (options: any) => any;
+    register: (options: any) => any;
+    createRegisterUrl: (options: any) => Promise<string>;
+    createAccountUrl: (options: any) => string | undefined;
+    accountManagement: () => any;
+    hasRealmRole: (role: any) => boolean;
+    hasResourceRole: (role: any, resource: any) => boolean;
+    loadUserProfile: () => any;
+    loadUserInfo: () => any;
+    isTokenExpired: (minValidity: any) => boolean;
+    updateToken: (minValidity: any) => any;
+    clearToken: () => void;
+    checkThresholdRule: (key: any, idSubstring: any, outputKey: any, ruleSettings: any, draftJson: any) => {
+        roles: string[];
+        threshold: number;
+    };
+    createCardanoTxDraft: (txBody: any) => string;
+    sign: (signModel: any, authFlow: any, draft: any, authorizers: any, ruleSetting: any, expiry: any) => Promise<Uint8Array<ArrayBuffer>[]>;
+    signCardanoTx: (txBody: any, authorizers: any, ruleSettings: any, expiry: any) => Promise<string>;
+    createRuleSettingsDraft: (ruleSettings: any, previousRuleSetting: any, previousRuleSettingCert: any) => string;
+}
+export { bytesToBase64, base64ToBytes } from "../modules/tide-js/Cryptide/Serialization.js";

package/dist/types/modules/tide-js/Clients/ClientBase.d.ts

@@ -0,0 +1,72 @@
+export default class ClientBase {
+    /**
+    * @param {string} url
+    */
+    constructor(url: string);
+    url: string;
+    /**
+     * @param {Object} form
+     * @returns {FormData}
+     */
+    _createFormData(form: Object): FormData;
+    /**
+     * @param {string} endpoint
+     * @param {number} timeout
+     * @returns {Promise<Response>}
+     */
+    _get(endpoint: string, timeout?: number, signal?: null): Promise<Response>;
+    /**
+    * Silent get, makes a returns a response without handling response errors.
+    * @param {string} endpoint
+    * @param {number} timeout
+    * @returns {Promise<Response>}
+    */
+    _getSilent(endpoint: string, timeout?: number, signal?: null): Promise<Response>;
+    /**
+     * @param {string} endpoint
+     * @param {FormData} data
+     * @returns {Promise<Response>}
+     */
+    _post(endpoint: string, data: FormData, timeout?: number): Promise<Response>;
+    /**
+     * @param {string} endpoint
+     * @param {FormData} data
+     * @returns {Promise<Response>}
+     */
+    _put(endpoint: string, data: FormData): Promise<Response>;
+    /**
+     * @param {string} endpoint
+     * @param {Object} data
+     * @returns {Promise<Response>}
+     */
+    _postJSON(endpoint: string, data: Object): Promise<Response>;
+    /**
+     * Post silent returns the response without handling response errors.
+     * @param {string} endpoint
+     * @param {FormData} data
+     * @returns {Promise<Response>}
+     */
+    _postSilent(endpoint: string, data: FormData, timeout?: number): Promise<Response>;
+    /**
+     * @param {Response} response
+     * @param {string} functionName
+     * @param {boolean} throwError
+     * @returns {Promise<string>}
+     */
+    _handleError(response: Response, functionName?: string, throwError?: boolean): Promise<string>;
+    /**
+    * @param {Response} response
+    * @returns {Promise<string>}
+    */
+    _handleErrorSimulator(response: Response): Promise<string>;
+    /**
+     * @param {Uint8Array} sessionKeyPrivate
+     * @param {string} sessionKeyPublicEncoded
+     * @param {string} token
+     * @returns
+     */
+    AddBearerAuthorization(sessionKeyPrivate: Uint8Array, sessionKeyPublicEncoded: string, token: string): this;
+    sessionKeyPrivateRaw: Uint8Array<ArrayBufferLike> | undefined;
+    sessionKeyPublicEncoded: string | undefined;
+    token: string | undefined;
+}

package/dist/types/modules/tide-js/Clients/NetworkClient.d.ts

@@ -0,0 +1,23 @@
+export default class NetworkClient extends ClientBase {
+    /**
+     * @param {string} url
+     */
+    constructor(url?: string);
+    /**
+     * @param {string} uid
+     * @returns {OrkInfo[]}
+     */
+    FindReservers(uid: string): OrkInfo[];
+    GetSomeORKs(): Promise<any>;
+    GetMaxORKs(): Promise<any>;
+    GetPayerUrl(payerPublic: any): Promise<any>;
+    /**
+     *
+     * @param {string} uid
+     * @returns
+     */
+    GetKeyInfo(uid: string): Promise<KeyInfo>;
+}
+import ClientBase from "./ClientBase.js";
+import OrkInfo from "../Models/Infos/OrkInfo.js";
+import KeyInfo from "../Models/Infos/KeyInfo.js";

package/dist/types/modules/tide-js/Clients/NodeClient.d.ts

@@ -0,0 +1,187 @@
+export default class NodeClient extends ClientBase {
+    enabledTideDH: boolean;
+    isActive(): Promise<string>;
+    /**
+     * @param {number} index
+     * @param {string} uid
+     * @param {string} sessId
+     * @param {string} voucher
+     * @param {Point} gSessKeyPub
+     * @returns
+     */
+    ReserveUID(index: number, uid: string, sessId: string, voucher: string, gSessKeyPub: Point): Promise<{
+        index: number;
+        resConf: ReservationConfirmation;
+    }>;
+    /**
+     * @param {number} index
+     * @param {string} uid
+     * @param {Point} gBlurPass
+     * @param {Ed25519PublicComponent} gSessKeyPub
+     * @param {boolean} rememberMe
+     * @param {boolean} cmkCommitted
+     * @param {boolean} prismCommitted
+     * @param {string} voucher
+     * @param {string} m
+     * @returns
+     */
+    Convert(index: number, uid: string, gBlurPass: Point, gSessKeyPub: Ed25519PublicComponent, rememberMe: boolean, voucher: string, m: string, cmkCommitted?: boolean, prismCommitted?: boolean): Promise<{
+        index: number;
+        returnObj: {
+            CMKConvertResponse: CMKConvertResponse;
+            PrismConvertResponse: PrismConvertResponse;
+        };
+    }>;
+    /**
+     * @param {number} index
+     * @param {string} uid
+     * @param {Point} gBlurPass
+     * @param {Ed25519PublicComponent} gSessKeyPub
+     * @param {string} voucher
+     * @param {string} m
+     */
+    ConvertPass(index: number, uid: string, gBlurPass: Point, gSessKeyPub: Ed25519PublicComponent, voucher: string, m: string): Promise<{
+        index: number;
+        ConvertPassResponse: PrismConvertResponse;
+    }>;
+    /**
+     * @param {number} index
+     * @param {string} uid
+     * @param {string} selfRequesti
+     * @param {string} voucher
+     * @returns
+     */
+    ConvertRemembered(index: number, uid: string, selfRequesti: string, voucher: string): Promise<{
+        index: number;
+        data: ConvertRememberedResponse;
+    }>;
+    /**
+     * @param {string} uid
+     * @param {string} selfRequesti
+     * @param {bigint} blurHCMKMul
+     * @param {Uint8Array} bitwise
+     * @param {boolean} cmkCommitted
+     * @param {boolean} prismCommitted
+     * @returns {Promise<string>}
+     */
+    Authenticate(uid: string, selfRequesti: string, blurHCMKMul: bigint, bitwise: Uint8Array, cmkCommitted?: boolean, prismCommitted?: boolean): Promise<string>;
+    /**
+     *
+     * @param {string} uid
+     * @param {bigint} blurHCMKMul
+     * @param {Uint8Array} ORKsBitwise
+     */
+    AuthenticateRemembered(uid: string, blurHCMKMul: bigint, ORKsBitwise: Uint8Array): Promise<string>;
+    /**
+     * @param {number} index
+     * @param {string} uid
+     * @param {string} voucher
+     * @param {string} reservationAuth
+     * @param {string} purpose
+     * @param {string[]} mIdORKij
+     * @param {number} numKeys
+     * @param {Point[]} gMultipliers
+     * @param {Point} gSessKeyPub
+     * @returns {Promise<GenShardResponse>}
+     */
+    GenShard(index: number, uid: string, voucher: string, reservationAuth: string, purpose: string, mIdORKij: string[], numKeys: number, gMultipliers: Point[], gSessKeyPub: Point): Promise<GenShardResponse>;
+    /**
+     * @param {string} uid
+     * @param {Point} gVRK
+     * @param {string} auth
+     * @param {string} authSig
+     * @param {string[]} mIdORKij
+     * @param {string} voucher
+     * @returns {Promise<GenShardResponse>}
+     */
+    GenVVKShard(uid: string, gVRK: Point, auth: string, authSig: string, mIdORKij: string[], voucher: string): Promise<GenShardResponse>;
+    /**
+     * @param {number} index
+     * @param {string} uid
+     * @param {string} purpose
+     * @param {Point[]} gMultipliers
+     * @param {string} auth
+     * @param {Point} gSessKeyPub
+     * @returns {Promise<GenShardResponse>}
+     */
+    UpdateShard(index: number, uid: string, purpose: string, gMultipliers: Point[], auth: string, gSessKeyPub: Point, tag: any): Promise<GenShardResponse>;
+    /**
+     * @param {string} uid
+     * @param {string[]} shares
+     * @param {string} encAuthi
+     * @param {Point} gSessKeyPub
+     * @param {string} keyType
+     */
+    SetShard(uid: string, shares: string[], encAuthi: string, gSessKeyPub: Point, keyType: string): Promise<SetShardResponse>;
+    /**
+     * @param {string} uid
+     * @param {bigint} S
+     * @param {Point} gSessKeyPub
+     */
+    Commit(uid: string, S: bigint, gSessKeyPub: Point): Promise<void>;
+    /**
+     * @param {Point} orkPublic
+     */
+    EnableTideDH(orkPublic: Point): Promise<this>;
+    DHKey: Uint8Array<ArrayBuffer> | undefined;
+    /**
+     * @param {number} index
+     * @param {string} vuid
+     * @param {BaseTideRequest} request
+     * @param {string} voucher
+     */
+    PreSign(index: number, vuid: string, request: BaseTideRequest, voucher: string): Promise<{
+        index: number;
+        GRis: Point[];
+    }>;
+    /**
+     *
+     * @param {string} vuid
+     * @param {BaseTideRequest} request
+     * @param {Point[]} GRs
+     * @param {Uint8Array} bitwise
+     */
+    Sign(vuid: string, request: BaseTideRequest, GRs: Point[], bitwise: Uint8Array): Promise<bigint[]>;
+    /**
+     * @param {number} index
+     * @param {string} vuid
+     * @param {BaseTideRequest} request
+     * @param {string} voucher
+     */
+    Decrypt(index: number, vuid: string, request: BaseTideRequest, voucher: string): Promise<{
+        index: number;
+        appliedC1s: Point[];
+    }>;
+    /**
+     * @param {number} i
+     * @param {string} uid
+     * @param {Point} gSessKeyPub
+     * @param {bigint} channelId
+     * @param {string} homeOrkUrl
+     * @param {string} voucher
+     */
+    RecoverAccount(i: number, uid: string, gSessKeyPub: Point, channelId: bigint, homeOrkUrl: string, voucher: string): Promise<{
+        index: number;
+        responseData: string;
+    }>;
+    FinalizeAccountRecovery(uid: any, channelId: any): Promise<{
+        responseData: string;
+    }>;
+    CreateCheckoutSession(vendorData: any, redirectUrl: any, licensingTier: any): Promise<Response>;
+    IsLicenseActive(vendorId: any): Promise<boolean>;
+    GetLicenseDetails(vendorId: any, timestamp: any, timestampSig: any): Promise<string | undefined>;
+    GetSubscriptionStatus(vendorId: any, initialSessionId: any, timestamp: any, timestampSig: any): Promise<string | undefined>;
+    CreateCustomerPortalSession(vendorId: any, redirectUrl: any, timestamp: any, timestampSig: any): Promise<Response>;
+    UpdateSubscription(updateRequest: any, licenseId: any, timestamp: any, timestampSig: any): Promise<Response>;
+    CancelSubscription(licenseId: any, initialSessionId: any, timestamp: any, timestampSig: any): Promise<Response>;
+}
+import ClientBase from "./ClientBase.js";
+import { Point } from "../Cryptide/Ed25519.js";
+import ReservationConfirmation from "../Models/Responses/Reservation/ReservationConfirmation.js";
+import { Ed25519PublicComponent } from "../Cryptide/Components/Schemes/Ed25519/Ed25519Components.js";
+import CMKConvertResponse from "../Models/Responses/KeyAuth/Convert/CMKConvertResponse.js";
+import PrismConvertResponse from "../Models/Responses/KeyAuth/Convert/PrismConvertResponse.js";
+import ConvertRememberedResponse from "../Models/Responses/KeyAuth/Convert/ConvertRememberedResponse.js";
+import GenShardResponse from "../Models/Responses/KeyGen/GenShard/GenShardResponse.js";
+import SetShardResponse from "../Models/Responses/KeyGen/SetShard/SetShardResponse.js";
+import BaseTideRequest from "../Models/BaseTideRequest.js";