@tideorg/js 0.13.19

package/dist/Clients/NodeClient.js

@@ -0,0 +1,191 @@
+// 
+// Tide Protocol - Infrastructure for a TRUE Zero-Trust paradigm
+// Copyright (C) 2022 Tide Foundation Ltd
+// 
+// This program is free software and is subject to the terms of 
+// the Tide Community Open Code License as published by the 
+// Tide Foundation Limited. You may modify it and redistribute 
+// it in accordance with and subject to the terms of that License.
+// This program is distributed WITHOUT WARRANTY of any kind, 
+// including without any implied warranty of MERCHANTABILITY or 
+// FITNESS FOR A PARTICULAR PURPOSE.
+// See the Tide Community Open Code License for more details.
+// You should have received a copy of the Tide Community Open 
+// Code License along with this program.
+// If not, see https://tide.org/licenses_tcoc2-0-0-en
+//
+import { Encryption } from "../Cryptide/index";
+import ClientBase from "./ClientBase";
+import { BigIntFromByteArray, ConcatUint8Arrays, CreateTideMemoryFromArray, GetValue, base64ToBytes, bytesToBase64 } from "../Cryptide/Serialization";
+import { Point } from "../Cryptide/Ed25519";
+export default class NodeClient extends ClientBase {
+    constructor(url) {
+        super(url);
+        this.enabledTideDH = false;
+    }
+    async isActive() {
+        const response = await this._get("/active", 3000);
+        const responseData = await this._handleError(response, "Is Active");
+        return responseData;
+    }
+    async EnableTideDH(orkPublic, gSessKey, sessKey) {
+        if (!this.sessionKeyPrivateRaw)
+            throw Error("Add a session key to the client first");
+        this.enabledTideDH = true;
+        this.DHKey = await Encryption.DH.computeSharedKey(orkPublic, this.sessionKeyPrivateRaw);
+        return this;
+    }
+    async PreSign(index, vuid, request, voucher) {
+        if (!this.enabledTideDH)
+            throw Error("TideDH must be enabled");
+        const encrypted = await Encryption.AES.encryptData(CreateTideMemoryFromArray([request.encode()]), this.DHKey);
+        const data = this._createFormData({
+            'encrypted': encrypted,
+            'voucher': voucher
+        });
+        if (!this.token)
+            data.append("gSessKey", this.sessionKeyPublicEncoded);
+        const response = await this._post(`/Authentication/Key/v1/PreSign?vuid=${vuid}`, data);
+        const responseData = await this._handleError(response, 'PreSign');
+        const decrypted = await Encryption.AES.decryptDataRawOutput(base64ToBytes(responseData), this.DHKey);
+        const GRSection = GetValue(decrypted, 0);
+        if (GRSection.length % 32 != 0)
+            throw new Error("Unexpected response legnth. Must be divisible by 32");
+        let GRis = [];
+        for (let i = 0; i < GRSection.length; i += 32) {
+            GRis.push(Point.fromBytes(GRSection.slice(i, i + 32)));
+        }
+        this.orkCacheId = GetValue(decrypted, 2);
+        return {
+            index,
+            data: {
+                GRis,
+                AdditionalData: GetValue(decrypted, 1)
+            }
+        };
+    }
+    async Sign(vuid, request, GRs, bitwise, sessId) {
+        if (!this.enabledTideDH)
+            throw Error("TideDH must be enabled");
+        if (!this.orkCacheId)
+            throw Error("Call PreSign first");
+        const payload = CreateTideMemoryFromArray([
+            request.encode(),
+            ConcatUint8Arrays([new Uint8Array([GRs.length]), ...GRs.map(r => r.toRawBytes())]),
+            this.orkCacheId
+        ]);
+        const encrypted = await Encryption.AES.encryptData(payload, this.DHKey);
+        const data = this._createFormData({
+            'encrypted': encrypted,
+            'bitwise': bytesToBase64(bitwise)
+        });
+        if (!this.token)
+            data.append("gSessKey", this.sessionKeyPublicEncoded);
+        const response = await this._post(`/Authentication/Key/v1/Sign?vuid=${vuid}`, data);
+        const responseData = await this._handleError(response, 'Sign');
+        const decrypted = await Encryption.AES.decryptDataRawOutput(base64ToBytes(responseData), this.DHKey);
+        const signatureSection = GetValue(decrypted, 0);
+        let Sij = [];
+        for (let i = 0; i < signatureSection.length; i += 32) {
+            Sij.push(BigIntFromByteArray(signatureSection.slice(i, i + 32)));
+        }
+        delete this.orkCacheId;
+        return {
+            Sij,
+            AdditionalData: GetValue(decrypted, 1)
+        };
+    }
+    async Decrypt(index, vuid, request, voucher) {
+        if (!this.enabledTideDH)
+            throw Error("TideDH must be enabled");
+        const encrypted = await Encryption.AES.encryptData(CreateTideMemoryFromArray([request.encode()]), this.DHKey);
+        const data = this._createFormData({
+            'encrypted': encrypted,
+            'voucher': voucher
+        });
+        if (!this.token)
+            data.append("gSessKey", this.sessionKeyPublicEncoded);
+        const response = await this._post(`/Authentication/Key/v1/Decrypt?vuid=${vuid}`, data);
+        const responseData = await this._handleError(response, 'Decrypt');
+        const decrypted = await Encryption.AES.decryptDataRawOutput(base64ToBytes(responseData), this.DHKey);
+        if (decrypted.length % 32 != 0)
+            throw new Error("Unexpected response legnth. Must be divisible by 32");
+        let appliedC1s = [];
+        for (let i = 0; i < decrypted.length; i += 32) {
+            appliedC1s.push(Point.fromBytes(decrypted.slice(i, i + 32)));
+        }
+        return {
+            index,
+            appliedC1s
+        };
+    }
+    async CreateCheckoutSession(vendorData, redirectUrl, licensingTier) {
+        const licenseRequest = {
+            VendorData: vendorData,
+            RedirectUri: redirectUrl,
+            LicensingTier: licensingTier
+        };
+        return await this._postJSON(`/Payer/License/CreateCheckoutSession`, licenseRequest);
+    }
+    async IsLicenseActive(vendorId) {
+        const response = await this._getSilent(`/Payer/License/IsLicenseActive?obfGVVK=${vendorId}`);
+        const text = await response.text();
+        const isActive = text.trim().toLowerCase() === 'true';
+        return isActive;
+    }
+    async GetLicenseDetails(vendorId, timestamp, timestampSig) {
+        const data = this._createFormData({
+            "timestamp": timestamp,
+            "timestampSig": timestampSig
+        });
+        const response = await this._postSilent(`/Payer/License/getLicenseDetails?obfGVVK=${vendorId}`, data);
+        const responseData = await response.text();
+        if (responseData.startsWith("--FAILED--")) {
+            console.log("Error getting license details: " + responseData);
+            return;
+        }
+        return responseData;
+    }
+    async GetSubscriptionStatus(vendorId, initialSessionId, timestamp, timestampSig) {
+        const data = this._createFormData({
+            "initialSessionId": initialSessionId,
+            "timestamp": timestamp,
+            "timestampSig": timestampSig
+        });
+        const response = await this._postSilent(`/Payer/License/GetSubscriptionStatus?obfGVVK=${vendorId}`, data);
+        const responseData = await response.text();
+        if (responseData.startsWith("--FAILED--")) {
+            console.log("Error getting license details: " + responseData);
+            return;
+        }
+        const status = responseData.toLowerCase() === "active" ? "upcoming renewal" : responseData.toLowerCase();
+        return status;
+    }
+    async CreateCustomerPortalSession(vendorId, redirectUrl, timestamp, timestampSig) {
+        const data = this._createFormData({
+            "vendorId": vendorId,
+            "timestamp": timestamp,
+            "timestampSig": timestampSig,
+            "redirectUrl": redirectUrl
+        });
+        return await this._postSilent(`/Payer/License/CreateCustomerPortalSession?obfGVVK=${vendorId}`, data);
+    }
+    async UpdateSubscription(updateRequest, licenseId, timestamp, timestampSig) {
+        const data = this._createFormData({
+            "updateRequest": JSON.stringify(updateRequest),
+            "licenseId": licenseId,
+            "timestamp": timestamp,
+            "timestampSig": timestampSig
+        });
+        return await this._postSilent(`/Payer/License/updateSubscription`, data);
+    }
+    async CancelSubscription(licenseId, initialSessionId, timestamp, timestampSig) {
+        const data = this._createFormData({
+            "licenseId": licenseId,
+            "initialSessionId": initialSessionId,
+            "timestamp": timestamp,
+            "timestampSig": timestampSig
+        });
+        return await this._postSilent(`/Payer/License/CancelSubscription`, data);
+    }
+}

package/dist/Clients/VoucherClient.d.ts

@@ -0,0 +1,8 @@
+import ClientBase from "./ClientBase";
+import VoucherResponse from "../Models/Responses/Vendor/VoucherResponse";
+import { Point } from "../Cryptide/Ed25519";
+export default class VoucherClient extends ClientBase {
+    constructor(url: string);
+    GetVouchers(blurPORKi: Point[], actionRequest: string, blurerK: Point): Promise<VoucherResponse>;
+}
+//# sourceMappingURL=VoucherClient.d.ts.map

package/dist/Clients/VoucherClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"VoucherClient.d.ts","sourceRoot":"","sources":["../../Clients/VoucherClient.ts"],"names":[],"mappings":"AAiBA,OAAO,UAAU,MAAM,cAAc,CAAC;AACtC,OAAO,eAAe,MAAM,4CAA4C,CAAC;AACzE,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAE5C,MAAM,CAAC,OAAO,OAAO,aAAc,SAAQ,UAAU;gBACrC,GAAG,EAAE,MAAM;IAIjB,WAAW,CAAC,SAAS,EAAE,KAAK,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK;CAgB9E"}

package/dist/Clients/VoucherClient.js

@@ -0,0 +1,36 @@
+// 
+// Tide Protocol - Infrastructure for a TRUE Zero-Trust paradigm
+// Copyright (C) 2022 Tide Foundation Ltd
+// 
+// This program is free software and is subject to the terms of 
+// the Tide Community Open Code License as published by the 
+// Tide Foundation Limited. You may modify it and redistribute 
+// it in accordance with and subject to the terms of that License.
+// This program is distributed WITHOUT WARRANTY of any kind, 
+// including without any implied warranty of MERCHANTABILITY or 
+// FITNESS FOR A PARTICULAR PURPOSE.
+// See the Tide Community Open Code License for more details.
+// You should have received a copy of the Tide Community Open 
+// Code License along with this program.
+// If not, see https://tide.org/licenses_tcoc2-0-0-en
+//
+import ClientBase from "./ClientBase";
+import VoucherResponse from "../Models/Responses/Vendor/VoucherResponse";
+export default class VoucherClient extends ClientBase {
+    constructor(url) {
+        super(url);
+    }
+    async GetVouchers(blurPORKi, actionRequest, blurerK) {
+        const request = JSON.stringify({
+            BlurPORKi: blurPORKi.map(blur => blur.toBase64()),
+            ActionRequest: actionRequest,
+            BlurerK: blurerK.toBase64()
+        });
+        const data = this._createFormData({
+            'voucherRequest': request
+        });
+        const response = await this._post(``, data);
+        const respondeData = await this._handleError(response, "Get Vouchers", true);
+        return VoucherResponse.from(respondeData, blurerK.toBase64());
+    }
+}

package/dist/Clients/index.d.ts

@@ -0,0 +1,5 @@
+export { default as ClientBase } from './ClientBase';
+export { default as NetworkClient } from './NetworkClient';
+export { default as NodeClient } from './NodeClient';
+export { default as VoucherClient } from './VoucherClient';
+//# sourceMappingURL=index.d.ts.map

package/dist/Clients/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../Clients/index.ts"],"names":[],"mappings":"AAiBA,OAAO,EAAE,OAAO,IAAI,UAAU,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,EAAE,OAAO,IAAI,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC3D,OAAO,EAAE,OAAO,IAAI,UAAU,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,EAAE,OAAO,IAAI,aAAa,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/Clients/index.js

@@ -0,0 +1,20 @@
+//
+// Tide Protocol - Infrastructure for a TRUE Zero-Trust paradigm
+// Copyright (C) 2022 Tide Foundation Ltd
+//
+// This program is free software and is subject to the terms of
+// the Tide Community Open Code License as published by the
+// Tide Foundation Limited. You may modify it and redistribute
+// it in accordance with and subject to the terms of that License.
+// This program is distributed WITHOUT WARRANTY of any kind,
+// including without any implied warranty of MERCHANTABILITY or
+// FITNESS FOR A PARTICULAR PURPOSE.
+// See the Tide Community Open Code License for more details.
+// You should have received a copy of the Tide Community Open
+// Code License along with this program.
+// If not, see https://tide.org/licenses_tcoc2-0-0-en
+//
+export { default as ClientBase } from './ClientBase';
+export { default as NetworkClient } from './NetworkClient';
+export { default as NodeClient } from './NodeClient';
+export { default as VoucherClient } from './VoucherClient';

package/dist/Contracts/BaseContract.d.ts

@@ -0,0 +1,47 @@
+import { Policy } from "../Models/Policy";
+import BaseTideRequest from "../Models/BaseTideRequest";
+import { TideMemory } from "../Tools/TideMemory";
+interface PolicyRunResult {
+    failed?: unknown;
+    success: boolean;
+}
+export declare abstract class BaseContract {
+    abstract id: string;
+    private tideRequest;
+    private dokens;
+    protected authorizedRequestPayload: TideMemory;
+    protected informationalRequestPayload: TideMemory;
+    /**
+     * Inheritors must implement this
+     * @param policy Policy object
+     */
+    protected abstract validateData(policy: Policy): Promise<void>;
+    /**
+     * Inheritors must implement this if the policy has set it's approvalType to EXPLICIT
+     * @param policy Policy object
+     * @param approverDokens Approver Dokens
+     */
+    protected validateApprovers(policy: Policy, approverDokens: Doken[]): Promise<void>;
+    /**
+     * Inheritors must implement this if the policy has set it's executionType to PRIVATE
+     * @param policy Policy object
+     * @param executorDoken Executor Doken
+     */
+    protected validateExecutor(policy: Policy, executorDoken: Doken): Promise<void>;
+    /**
+     * To help with clients testing if their Tide Request will pass their contract's specified contract
+     * @param policy Serialized policy from Tide
+     * @returns
+     */
+    testPolicy(policy: Uint8Array | Policy, executorDoken?: string | undefined): Promise<PolicyRunResult>;
+    constructor(tideRequest: Uint8Array | BaseTideRequest);
+}
+export declare class Doken {
+    private payload;
+    constructor(d: Uint8Array | string);
+    hasResourceAccessRole(role: string, client: string): boolean;
+    hasRealmAccessRole(role: string): boolean;
+    hasVuid(vuid: string): boolean;
+}
+export {};
+//# sourceMappingURL=BaseContract.d.ts.map

package/dist/Contracts/BaseContract.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"BaseContract.d.ts","sourceRoot":"","sources":["../../Contracts/BaseContract.ts"],"names":[],"mappings":"AAAA,OAAO,EAA+B,MAAM,EAAE,MAAM,kBAAkB,CAAC;AACvE,OAAO,eAAe,MAAM,2BAA2B,CAAC;AAExD,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD,UAAU,eAAe;IACrB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,OAAO,CAAA;CACnB;AAED,8BAAsB,YAAY;IAC9B,SAAgB,EAAE,EAAE,MAAM,CAAC;IAC3B,OAAO,CAAC,WAAW,CAAkB;IACrC,OAAO,CAAC,MAAM,CAAe;IAC7B,SAAS,CAAC,wBAAwB,EAAE,UAAU,CAAC;IAC/C,SAAS,CAAC,2BAA2B,EAAE,UAAU,CAAC;IAElD;;;OAGG;IACH,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAE9D;;;;OAIG;IACH,SAAS,CAAC,iBAAiB,CAAC,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAInF;;;;OAIG;IACH,SAAS,CAAC,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC;IAI/E;;;;OAIG;IACG,UAAU,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,EAAE,aAAa,GAAG,MAAM,GAAG,SAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;gBAsBtG,WAAW,EAAE,UAAU,GAAG,eAAe;CAaxD;AAKD,qBAAa,KAAK;IACd,OAAO,CAAC,OAAO,CAAM;gBACT,CAAC,EAAE,UAAU,GAAG,MAAM;IAuBlC,qBAAqB,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO;IAkB5D,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAazC,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;CAKjC"}

package/dist/Contracts/BaseContract.js

@@ -0,0 +1,153 @@
+import { ApprovalType, ExecutionType, Policy } from "../Models/Policy";
+import BaseTideRequest from "../Models/BaseTideRequest";
+import { StringFromUint8Array } from "../Cryptide/Serialization";
+export class BaseContract {
+    /**
+     * Inheritors must implement this if the policy has set it's approvalType to EXPLICIT
+     * @param policy Policy object
+     * @param approverDokens Approver Dokens
+     */
+    validateApprovers(policy, approverDokens) {
+        throw `validateApprovers not implemented`;
+    }
+    /**
+     * Inheritors must implement this if the policy has set it's executionType to PRIVATE
+     * @param policy Policy object
+     * @param executorDoken Executor Doken
+     */
+    validateExecutor(policy, executorDoken) {
+        throw `validateExecutor not implemented`;
+    }
+    /**
+     * To help with clients testing if their Tide Request will pass their contract's specified contract
+     * @param policy Serialized policy from Tide
+     * @returns
+     */
+    async testPolicy(policy, executorDoken = null) {
+        const p = policy instanceof Uint8Array ? Policy.from(policy) : policy;
+        if (p.contractId !== this.id)
+            throw `Mismatch between policy provided's contract (${p.contractId}) and this contract's id (${this.id})`;
+        if (!p.modelIds.includes(this.tideRequest.id()) && p.modelIds[0] !== "any")
+            throw `Mismatch between policy provided model id (${p.modelIds}) and tide request id (${this.tideRequest.id()})`;
+        try {
+            await this.validateData(p);
+            if (p.approvalType == ApprovalType.EXPLICIT)
+                await this.validateApprovers(p, this.dokens);
+            if (p.executionType == ExecutionType.PRIVATE) {
+                if (!executorDoken)
+                    throw `Policy as set it's execution type to PRIVATE. You must test this with the doken of the executor`;
+                await this.validateExecutor(p, new Doken(executorDoken));
+            }
+            return {
+                success: true
+            };
+        }
+        catch (ex) {
+            return {
+                success: false,
+                failed: ex
+            };
+        }
+    }
+    constructor(tideRequest) {
+        this.dokens = []; // change to Doken type
+        this.tideRequest = tideRequest instanceof Uint8Array ? BaseTideRequest.decode(tideRequest) : tideRequest;
+        this.authorizedRequestPayload = this.tideRequest.draft;
+        this.informationalRequestPayload = this.tideRequest.dyanmicData;
+        // deserialize dokens
+        let res = { result: new Uint8Array() };
+        let i = 0;
+        while (this.tideRequest.authorizer.TryGetValue(i, res)) {
+            this.dokens.push(new Doken(res.result));
+            i++;
+        }
+    }
+}
+export class Doken {
+    constructor(d) {
+        if (!d || d.length === 0) {
+            throw new Error('Doken constructor: received empty or null Uint8Array');
+        }
+        const tokenString = typeof d === "string" ? d : StringFromUint8Array(d);
+        const s = tokenString.split(".");
+        if (s.length !== 3) {
+            throw new Error(`Doken constructor: invalid token format. Expected 3 parts (header.payload.signature) but got ${s.length} parts in: "${tokenString.substring(0, 50)}..."`);
+        }
+        try {
+            const decodedPayload = base64UrlDecode(s[1]);
+            this.payload = JSON.parse(decodedPayload);
+        }
+        catch (error) {
+            throw new Error(`Doken constructor: failed to parse token payload. ${error instanceof Error ? error.message : String(error)}. Raw payload part: "${s[1].substring(0, 50)}..."`);
+        }
+        if (!this.payload || typeof this.payload !== 'object') {
+            throw new Error(`Doken constructor: parsed payload is not a valid object. Got type: ${typeof this.payload}`);
+        }
+    }
+    hasResourceAccessRole(role, client) {
+        if (!role)
+            throw new Error('hasResourceAccessRole: role parameter is empty or undefined');
+        if (!client)
+            throw new Error('hasResourceAccessRole: client parameter is empty or undefined');
+        if (!this.payload.resource_access) {
+            return false;
+        }
+        if (!this.payload.resource_access[client]) {
+            return false;
+        }
+        if (!Array.isArray(this.payload.resource_access[client].roles)) {
+            return false;
+        }
+        return this.payload.resource_access[client].roles.includes(role);
+    }
+    hasRealmAccessRole(role) {
+        if (!role)
+            throw new Error('hasRealmAccessRole: role parameter is empty or undefined');
+        if (!this.payload.realm_access) {
+            return false;
+        }
+        if (!Array.isArray(this.payload.realm_access.roles)) {
+            return false;
+        }
+        return this.payload.realm_access.roles.includes(role);
+    }
+    hasVuid(vuid) {
+        if (!vuid)
+            throw new Error('hasVuid: vuid cannot be null');
+        if (!this.payload.vuid)
+            throw new Error("hasVuid: cannot find vuid in paylod");
+        return this.payload.vuid === vuid;
+    }
+}
+function base64UrlDecode(input) {
+    let output = input
+        .replaceAll("-", "+")
+        .replaceAll("_", "/");
+    switch (output.length % 4) {
+        case 0:
+            break;
+        case 2:
+            output += "==";
+            break;
+        case 3:
+            output += "=";
+            break;
+        default:
+            throw new Error("Input is not of the correct length.");
+    }
+    try {
+        return b64DecodeUnicode(output);
+    }
+    catch (error) {
+        return atob(output);
+    }
+}
+function b64DecodeUnicode(input) {
+    return decodeURIComponent(atob(input).replace(/(.)/g, (m, p) => {
+        let code = p.charCodeAt(0).toString(16).toUpperCase();
+        if (code.length < 2) {
+            code = "0" + code;
+        }
+        return "%" + code;
+    }));
+}

package/dist/Contracts/GenericRealmAccessThresholdRoleContract.d.ts

@@ -0,0 +1,8 @@
+import { Policy } from "../Models/Policy";
+import { BaseContract, Doken } from "./BaseContract";
+export declare class GenericRealmAccessThresholdRoleContract extends BaseContract {
+    protected validateData(policy: Policy): Promise<void>;
+    id: string;
+    protected validateApprovers(policy: Policy, approverDokens: Doken[]): Promise<void>;
+}
+//# sourceMappingURL=GenericRealmAccessThresholdRoleContract.d.ts.map

package/dist/Contracts/GenericRealmAccessThresholdRoleContract.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"GenericRealmAccessThresholdRoleContract.d.ts","sourceRoot":"","sources":["../../Contracts/GenericRealmAccessThresholdRoleContract.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAC1C,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAC;AAErD,qBAAa,uCAAwC,SAAQ,YAAY;IACrE,SAAS,CAAC,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9C,EAAE,EAAE,MAAM,CAAuC;cACxC,iBAAiB,CAAC,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;CAQ5F"}

package/dist/Contracts/GenericRealmAccessThresholdRoleContract.js

@@ -0,0 +1,21 @@
+import { BaseContract } from "./BaseContract";
+export class GenericRealmAccessThresholdRoleContract extends BaseContract {
+    constructor() {
+        super(...arguments);
+        this.id = "GenericRealmAccessThresholdRole:1";
+    }
+    validateData(policy) {
+        console.warn("Validate Data not implemented!");
+        return;
+    }
+    async validateApprovers(policy, approverDokens) {
+        let successfulDokens = 0;
+        approverDokens.forEach(d => {
+            if (d.hasRealmAccessRole(policy.params.getParameter("role")))
+                successfulDokens++;
+        });
+        const threshold = policy.params.getParameter("threshold");
+        if (successfulDokens < threshold)
+            throw 'Not enough successful dokens with requires roles/clients';
+    }
+}

package/dist/Contracts/GenericResourceAccessThresholdRoleContract.d.ts

@@ -0,0 +1,8 @@
+import { Policy } from "../Models/Policy";
+import { BaseContract, Doken } from "./BaseContract";
+export declare class GenericResourceAccessThresholdRoleContract extends BaseContract {
+    id: string;
+    protected validateData(policy: Policy): Promise<void>;
+    protected validateApprovers(policy: Policy, approverDokens: Doken[]): Promise<void>;
+}
+//# sourceMappingURL=GenericResourceAccessThresholdRoleContract.d.ts.map

package/dist/Contracts/GenericResourceAccessThresholdRoleContract.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"GenericResourceAccessThresholdRoleContract.d.ts","sourceRoot":"","sources":["../../Contracts/GenericResourceAccessThresholdRoleContract.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAC1C,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAC;AAErD,qBAAa,0CAA2C,SAAQ,YAAY;IACjE,EAAE,EAAE,MAAM,CAA0C;IAC3D,SAAS,CAAC,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;cAIrC,iBAAiB,CAAC,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;CAQ5F"}

package/dist/Contracts/GenericResourceAccessThresholdRoleContract.js

@@ -0,0 +1,21 @@
+import { BaseContract } from "./BaseContract";
+export class GenericResourceAccessThresholdRoleContract extends BaseContract {
+    constructor() {
+        super(...arguments);
+        this.id = "GenericResourceAccessThresholdRole:1";
+    }
+    validateData(policy) {
+        console.warn("Validate Data not implemented!");
+        return;
+    }
+    async validateApprovers(policy, approverDokens) {
+        let successfulDokens = 0;
+        approverDokens.forEach(d => {
+            if (d.hasResourceAccessRole(policy.params.getParameter("role"), policy.params.getParameter("resource")))
+                successfulDokens++;
+        });
+        const threshold = policy.params.getParameter("threshold");
+        if (successfulDokens < threshold)
+            throw 'Not enough successful dokens with requires roles/clients';
+    }
+}

package/dist/Contracts/index.d.ts

@@ -0,0 +1,4 @@
+export { BaseContract, Doken } from './BaseContract';
+export { GenericRealmAccessThresholdRoleContract } from './GenericRealmAccessThresholdRoleContract';
+export { GenericResourceAccessThresholdRoleContract } from './GenericResourceAccessThresholdRoleContract';
+//# sourceMappingURL=index.d.ts.map

package/dist/Contracts/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../Contracts/index.ts"],"names":[],"mappings":"AAiBA,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAC;AACrD,OAAO,EAAE,uCAAuC,EAAE,MAAM,2CAA2C,CAAC;AACpG,OAAO,EAAE,0CAA0C,EAAE,MAAM,8CAA8C,CAAC"}

package/dist/Contracts/index.js

@@ -0,0 +1,19 @@
+//
+// Tide Protocol - Infrastructure for a TRUE Zero-Trust paradigm
+// Copyright (C) 2022 Tide Foundation Ltd
+//
+// This program is free software and is subject to the terms of
+// the Tide Community Open Code License as published by the
+// Tide Foundation Limited. You may modify it and redistribute
+// it in accordance with and subject to the terms of that License.
+// This program is distributed WITHOUT WARRANTY of any kind,
+// including without any implied warranty of MERCHANTABILITY or
+// FITNESS FOR A PARTICULAR PURPOSE.
+// See the Tide Community Open Code License for more details.
+// You should have received a copy of the Tide Community Open
+// Code License along with this program.
+// If not, see https://tide.org/licenses_tcoc2-0-0-en
+//
+export { BaseContract, Doken } from './BaseContract';
+export { GenericRealmAccessThresholdRoleContract } from './GenericRealmAccessThresholdRoleContract';
+export { GenericResourceAccessThresholdRoleContract } from './GenericResourceAccessThresholdRoleContract';

package/dist/Cryptide/Components/BaseComponent.d.ts

@@ -0,0 +1,56 @@
+export declare class BaseComponent {
+    constructor();
+    static Name: any;
+    static Version: any;
+    Add(component: any): BaseComponent;
+    Multiply(component: any): BaseComponent;
+    Minus(component: any): BaseComponent;
+    Equals(component: any): never;
+    Mod(): BaseComponent;
+    ModInv(): BaseComponent;
+    AddComponent(component: any): void;
+    MultiplyComponent(component: any): void;
+    MinusComponent(component: any): void;
+    EqualsComponent(component: any): void;
+    ModComponent(): void;
+    ModInvComponent(): void;
+    SerializeComponent(): Uint8Array;
+    /**@returns {BaseScheme} */
+    get Scheme(): any;
+    /**@returns {string} */
+    get ComponentType(): string;
+    Serialize(): SerializedComponent;
+    static DeserializeComponent(serialized: Uint8Array | string): BaseComponent;
+}
+export declare class BaseSeedComponent extends BaseComponent {
+    get ComponentType(): string;
+    static New(): void;
+    GetPublic(): BasePublicComponent;
+    GetPrivate(): BasePrivateComponent;
+    get rawBytes(): Uint8Array;
+}
+export declare class BasePrivateComponent extends BaseComponent {
+    get ComponentType(): string;
+    static New(): void;
+    GetPublic(): BasePublicComponent;
+    get priv(): bigint;
+    get rawBytes(): Uint8Array;
+}
+export declare class BasePublicComponent extends BaseComponent {
+    get ComponentType(): string;
+    get public(): any;
+}
+export declare class SerializedComponent {
+    Bytes: any;
+    ComponentType: any;
+    constructor(bytes: Uint8Array, compentType: string);
+    ToBytes(): any;
+    ToString(): string;
+}
+export declare const Seed = "Seed";
+export declare const Private = "Private";
+export declare const Public = "Public";
+export declare const Symmetric = "Symmetric";
+export declare const QuantumPrivate = "QuantumPrivate";
+export declare const QuantumPublic = "QuantumPublic";
+//# sourceMappingURL=BaseComponent.d.ts.map

package/dist/Cryptide/Components/BaseComponent.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"BaseComponent.d.ts","sourceRoot":"","sources":["../../../Cryptide/Components/BaseComponent.ts"],"names":[],"mappings":"AAsBA,qBAAa,aAAa;;IAEtB,MAAM,CAAC,IAAI,EAAE,GAAG,CAAiD;IACjE,MAAM,CAAC,OAAO,EAAE,GAAG,CAAoD;IAEvE,GAAG,CAAC,SAAS,KAAA;IAOb,QAAQ,CAAC,SAAS,KAAA;IAOlB,KAAK,CAAC,SAAS,KAAA;IAOf,MAAM,CAAC,SAAS,KAAA;IAOhB,GAAG;IAKH,MAAM;IAMN,YAAY,CAAC,SAAS,KAAA;IACtB,iBAAiB,CAAC,SAAS,KAAA;IAC3B,cAAc,CAAC,SAAS,KAAA;IACxB,eAAe,CAAC,SAAS,KAAA;IACzB,YAAY;IACZ,eAAe;IACf,kBAAkB,IAAI,UAAU;IAChC,2BAA2B;IAC3B,IAAI,MAAM,IAAI,GAAG,CAAoC;IACrD,uBAAuB;IACvB,IAAI,aAAa,IAAI,MAAM,CAAoC;IAE/D,SAAS,IAAI,mBAAmB;IAYhC,MAAM,CAAC,oBAAoB,CAAC,UAAU,EAAE,UAAU,GAAG,MAAM,GAAG,aAAa;CAoB9E;AAED,qBAAa,iBAAkB,SAAQ,aAAa;IAChD,IAAI,aAAa,WAAmB;IACpC,MAAM,CAAC,GAAG;IACV,SAAS,IAAI,mBAAmB;IAChC,UAAU,IAAI,oBAAoB;IAClC,IAAI,QAAQ,IAAI,UAAU,CAAoC;CACjE;AAED,qBAAa,oBAAqB,SAAQ,aAAa;IACnD,IAAI,aAAa,WAAsB;IACvC,MAAM,CAAC,GAAG;IACV,SAAS,IAAI,mBAAmB;IAChC,IAAI,IAAI,IAAI,MAAM,CAAoC;IACtD,IAAI,QAAQ,IAAI,UAAU,CAAoC;CACjE;AAED,qBAAa,mBAAoB,SAAQ,aAAa;IAClD,IAAI,aAAa,WAAqB;IACtC,IAAI,MAAM,IAAI,GAAG,CAAoC;CACxD;AAED,qBAAa,mBAAmB;IAC5B,KAAK,MAAC;IACN,aAAa,MAAC;gBAEF,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM;IAKlD,OAAO;IAGP,QAAQ;CAkBX;AAUD,eAAO,MAAM,IAAI,SAAS,CAAC;AAC3B,eAAO,MAAM,OAAO,YAAY,CAAC;AACjC,eAAO,MAAM,MAAM,WAAW,CAAC;AAC/B,eAAO,MAAM,SAAS,cAAc,CAAC;AACrC,eAAO,MAAM,cAAc,mBAAmB,CAAC;AAC/C,eAAO,MAAM,aAAa,kBAAkB,CAAC"}