@toa.io/extensions.exposition 0.24.0-alpha.9 → 1.0.0-alpha.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (444) hide show
  1. package/components/context.toa.yaml +12 -0
  2. package/components/identity.bans/manifest.toa.yaml +2 -1
  3. package/components/identity.basic/manifest.toa.yaml +5 -1
  4. package/components/identity.basic/operations/authenticate.js +1 -2
  5. package/components/identity.basic/operations/authenticate.js.map +1 -1
  6. package/components/identity.basic/operations/transit.js.map +1 -1
  7. package/components/identity.basic/operations/tsconfig.tsbuildinfo +1 -1
  8. package/components/identity.basic/source/authenticate.ts +0 -1
  9. package/components/identity.federation/events/principal.js +22 -0
  10. package/components/identity.federation/manifest.toa.yaml +94 -0
  11. package/components/identity.federation/operations/authenticate.d.ts +3 -0
  12. package/components/identity.federation/operations/authenticate.js +20 -0
  13. package/components/identity.federation/operations/authenticate.js.map +1 -0
  14. package/components/identity.federation/operations/create.d.ts +10 -0
  15. package/components/identity.federation/operations/create.js +15 -0
  16. package/components/identity.federation/operations/create.js.map +1 -0
  17. package/components/identity.federation/operations/lib/assertions-as-values.d.ts +4 -0
  18. package/components/identity.federation/operations/lib/assertions-as-values.js +45 -0
  19. package/components/identity.federation/operations/lib/assertions-as-values.js.map +1 -0
  20. package/components/identity.federation/operations/lib/jwt.d.ts +20 -0
  21. package/components/identity.federation/operations/lib/jwt.js +136 -0
  22. package/components/identity.federation/operations/lib/jwt.js.map +1 -0
  23. package/components/identity.federation/operations/schemas.d.ts +59 -0
  24. package/components/identity.federation/operations/schemas.js +9 -0
  25. package/components/identity.federation/operations/schemas.js.map +1 -0
  26. package/components/identity.federation/operations/tsconfig.tsbuildinfo +1 -0
  27. package/components/identity.federation/operations/types.d.ts +51 -0
  28. package/components/identity.federation/operations/types.js +3 -0
  29. package/components/identity.federation/operations/types.js.map +1 -0
  30. package/components/identity.federation/source/authenticate.ts +28 -0
  31. package/components/identity.federation/source/create.ts +26 -0
  32. package/components/identity.federation/source/lib/assertions-as-values.ts +19 -0
  33. package/components/identity.federation/source/lib/jwt.test.ts +56 -0
  34. package/components/identity.federation/source/lib/jwt.ts +171 -0
  35. package/components/identity.federation/source/schemas.ts +61 -0
  36. package/components/identity.federation/source/types.ts +56 -0
  37. package/components/identity.federation/tsconfig.json +9 -0
  38. package/components/identity.roles/manifest.toa.yaml +17 -5
  39. package/components/identity.roles/operations/grant.d.ts +10 -0
  40. package/components/identity.roles/operations/grant.js +20 -0
  41. package/components/identity.roles/operations/grant.js.map +1 -0
  42. package/components/identity.roles/operations/lib/Entity.d.ts +5 -0
  43. package/components/identity.roles/operations/lib/Entity.js +3 -0
  44. package/components/identity.roles/operations/lib/Entity.js.map +1 -0
  45. package/components/identity.roles/operations/list.d.ts +1 -4
  46. package/components/identity.roles/operations/list.js.map +1 -1
  47. package/components/identity.roles/operations/principal.d.ts +4 -6
  48. package/components/identity.roles/operations/principal.js +6 -1
  49. package/components/identity.roles/operations/principal.js.map +1 -1
  50. package/components/identity.roles/operations/tsconfig.tsbuildinfo +1 -1
  51. package/components/identity.roles/source/grant.ts +31 -0
  52. package/components/identity.roles/source/lib/Entity.ts +5 -0
  53. package/components/identity.roles/source/list.ts +2 -4
  54. package/components/identity.roles/source/principal.ts +10 -8
  55. package/components/identity.tokens/manifest.toa.yaml +1 -1
  56. package/components/identity.tokens/operations/authenticate.js.map +1 -1
  57. package/components/identity.tokens/operations/decrypt.js.map +1 -1
  58. package/components/identity.tokens/operations/tsconfig.tsbuildinfo +1 -1
  59. package/components/octets.storage/manifest.toa.yaml +1 -0
  60. package/components/octets.storage/operations/store.js +3 -3
  61. package/cucumber.js +0 -1
  62. package/documentation/access.md +11 -11
  63. package/documentation/components.md +48 -12
  64. package/documentation/identity.md +14 -7
  65. package/documentation/io.md +56 -0
  66. package/documentation/octets.md +102 -37
  67. package/documentation/protocol.md +21 -1
  68. package/documentation/query.md +51 -6
  69. package/documentation/tree.md +22 -4
  70. package/documentation/vary.md +69 -0
  71. package/features/access.feature +13 -2
  72. package/features/annotation.feature +1 -0
  73. package/features/body.feature +3 -1
  74. package/features/cache.feature +3 -0
  75. package/features/cors.feature +72 -0
  76. package/features/directives.feature +2 -0
  77. package/features/dynamic.feature +14 -7
  78. package/features/errors.feature +4 -3
  79. package/features/etag.feature +97 -0
  80. package/features/identity.basic.feature +68 -0
  81. package/features/identity.feature +19 -3
  82. package/features/identity.federation.feature +153 -0
  83. package/features/identity.roles.feature +151 -0
  84. package/features/identity.tokens.feature +3 -0
  85. package/features/io.feature +167 -0
  86. package/features/octets.entries.feature +123 -0
  87. package/features/octets.feature +4 -28
  88. package/features/octets.meta.feature +66 -0
  89. package/features/octets.workflows.feature +177 -4
  90. package/features/queries.feature +9 -1
  91. package/features/response.feature +68 -0
  92. package/features/routes.feature +54 -10
  93. package/features/steps/Captures.ts +6 -0
  94. package/features/steps/Components.ts +18 -6
  95. package/features/steps/Database.ts +1 -1
  96. package/features/steps/Gateway.ts +4 -2
  97. package/features/steps/HTTP.ts +34 -6
  98. package/features/steps/IdP.ts +149 -0
  99. package/features/steps/Parameters.ts +8 -2
  100. package/features/steps/Workspace.ts +5 -7
  101. package/features/steps/components/echo/manifest.toa.yaml +1 -0
  102. package/features/steps/components/echo/operations/error.js +11 -0
  103. package/features/steps/components/greeter/manifest.toa.yaml +1 -0
  104. package/features/steps/components/octets.tester/manifest.toa.yaml +4 -0
  105. package/features/steps/components/octets.tester/operations/concat.js +7 -0
  106. package/features/steps/components/octets.tester/operations/echo.js +7 -0
  107. package/features/steps/components/pots/manifest.toa.yaml +12 -3
  108. package/features/steps/components/sequences/manifest.toa.yaml +1 -0
  109. package/features/steps/components/users/manifest.toa.yaml +4 -0
  110. package/features/steps/components/users.properties/manifest.toa.yaml +14 -0
  111. package/features/steps/tsconfig.json +1 -1
  112. package/features/timing.feature +66 -0
  113. package/features/vary.feature +180 -0
  114. package/package.json +16 -20
  115. package/readme.md +7 -6
  116. package/schemas/annotation.cos.yaml +1 -0
  117. package/schemas/io/input.cos.yaml +3 -0
  118. package/schemas/io/message.cos.yaml +5 -0
  119. package/schemas/io/output.cos.yaml +5 -0
  120. package/schemas/octets/delete.cos.yaml +2 -1
  121. package/schemas/octets/list.cos.yaml +2 -1
  122. package/schemas/octets/workflow.cos.yaml +12 -0
  123. package/schemas/querystring.cos.yaml +1 -0
  124. package/source/Annotation.ts +1 -0
  125. package/source/Context.ts +6 -4
  126. package/source/Directive.test.ts +14 -8
  127. package/source/Directive.ts +26 -49
  128. package/source/Endpoint.ts +53 -6
  129. package/source/Factory.ts +23 -12
  130. package/source/Gateway.ts +45 -42
  131. package/source/HTTP/Context.ts +67 -0
  132. package/source/HTTP/Server.test.ts +61 -134
  133. package/source/HTTP/Server.ts +83 -87
  134. package/source/HTTP/Timing.ts +40 -0
  135. package/source/HTTP/formats/msgpack.ts +9 -6
  136. package/source/HTTP/formats/text.ts +1 -1
  137. package/source/HTTP/formats/yaml.ts +1 -1
  138. package/source/HTTP/index.ts +1 -0
  139. package/source/HTTP/messages.test.ts +27 -8
  140. package/source/HTTP/messages.ts +38 -42
  141. package/source/Interception.ts +24 -0
  142. package/source/Mapping.ts +7 -8
  143. package/source/RTD/Context.ts +7 -10
  144. package/source/RTD/Directives.ts +28 -4
  145. package/source/RTD/Endpoint.ts +6 -4
  146. package/source/RTD/Match.ts +2 -7
  147. package/source/RTD/Method.ts +7 -13
  148. package/source/RTD/Node.ts +13 -14
  149. package/source/RTD/Tree.ts +19 -15
  150. package/source/RTD/factory.ts +2 -5
  151. package/source/RTD/syntax/parse.ts +6 -6
  152. package/source/RTD/syntax/types.ts +1 -1
  153. package/source/deployment.ts +7 -2
  154. package/source/directives/auth/Anonymous.ts +3 -2
  155. package/source/directives/auth/{Family.ts → Authorization.ts} +39 -40
  156. package/source/directives/auth/Delegate.ts +32 -0
  157. package/source/directives/auth/Incept.ts +11 -6
  158. package/source/directives/auth/Role.ts +5 -3
  159. package/source/directives/auth/Rule.ts +2 -2
  160. package/source/directives/auth/Scheme.ts +2 -2
  161. package/source/directives/auth/index.ts +2 -2
  162. package/source/directives/auth/schemes.ts +2 -1
  163. package/source/directives/auth/types.ts +9 -6
  164. package/source/directives/cache/{Family.ts → Cache.ts} +6 -7
  165. package/source/directives/cache/Control.ts +5 -5
  166. package/source/directives/cache/index.ts +2 -2
  167. package/source/directives/cache/types.ts +2 -2
  168. package/source/directives/cors/CORS.ts +62 -0
  169. package/source/directives/cors/index.ts +3 -0
  170. package/source/directives/dev/{Family.ts → Development.ts} +4 -5
  171. package/source/directives/dev/Stub.ts +4 -4
  172. package/source/directives/dev/Throw.ts +4 -4
  173. package/source/directives/dev/index.ts +2 -2
  174. package/source/directives/dev/types.ts +1 -1
  175. package/source/directives/index.ts +11 -6
  176. package/source/directives/io/Directive.ts +11 -0
  177. package/source/directives/io/IO.ts +43 -0
  178. package/source/directives/io/Input.ts +50 -0
  179. package/source/directives/io/Message.ts +1 -0
  180. package/source/directives/io/Output.ts +69 -0
  181. package/source/directives/io/index.ts +3 -0
  182. package/source/directives/io/schemas.ts +12 -0
  183. package/source/directives/octets/Context.ts +6 -5
  184. package/source/directives/octets/Delete.ts +64 -11
  185. package/source/directives/octets/Directive.ts +10 -0
  186. package/source/directives/octets/Fetch.ts +44 -29
  187. package/source/directives/octets/List.ts +50 -10
  188. package/source/directives/octets/{Family.ts → Octets.ts} +14 -9
  189. package/source/directives/octets/Permute.ts +18 -11
  190. package/source/directives/octets/Store.ts +70 -102
  191. package/source/directives/octets/Workflow.ts +48 -0
  192. package/source/directives/octets/index.ts +2 -2
  193. package/source/directives/octets/schemas.test.ts +21 -0
  194. package/source/directives/octets/schemas.ts +13 -6
  195. package/source/directives/octets/types.ts +2 -8
  196. package/source/directives/octets/workflows/Execution.ts +76 -0
  197. package/source/directives/octets/workflows/Workflow.ts +37 -0
  198. package/source/directives/octets/workflows/index.ts +1 -0
  199. package/source/directives/vary/Directive.ts +6 -0
  200. package/source/directives/vary/Embed.ts +62 -0
  201. package/source/directives/vary/Properties.ts +17 -0
  202. package/source/directives/vary/Vary.ts +48 -0
  203. package/source/directives/vary/embeddings/Embedding.ts +6 -0
  204. package/source/directives/vary/embeddings/Header.ts +32 -0
  205. package/source/directives/vary/embeddings/Language.ts +31 -0
  206. package/source/directives/vary/embeddings/index.ts +11 -0
  207. package/source/directives/vary/index.ts +3 -0
  208. package/source/exceptions.ts +13 -9
  209. package/source/io.ts +4 -0
  210. package/source/manifest.test.ts +6 -14
  211. package/source/manifest.ts +9 -6
  212. package/source/root.ts +5 -0
  213. package/source/schemas.ts +7 -3
  214. package/transpiled/Annotation.d.ts +1 -0
  215. package/transpiled/Composition.js.map +1 -1
  216. package/transpiled/Context.d.ts +6 -4
  217. package/transpiled/Directive.d.ts +11 -25
  218. package/transpiled/Directive.js +17 -18
  219. package/transpiled/Directive.js.map +1 -1
  220. package/transpiled/Endpoint.d.ts +7 -5
  221. package/transpiled/Endpoint.js +58 -2
  222. package/transpiled/Endpoint.js.map +1 -1
  223. package/transpiled/Factory.d.ts +0 -1
  224. package/transpiled/Factory.js +14 -7
  225. package/transpiled/Factory.js.map +1 -1
  226. package/transpiled/Gateway.d.ts +7 -8
  227. package/transpiled/Gateway.js +25 -25
  228. package/transpiled/Gateway.js.map +1 -1
  229. package/transpiled/HTTP/Context.d.ts +24 -0
  230. package/transpiled/HTTP/Context.js +47 -0
  231. package/transpiled/HTTP/Context.js.map +1 -0
  232. package/transpiled/HTTP/Server.d.ts +10 -7
  233. package/transpiled/HTTP/Server.js +80 -70
  234. package/transpiled/HTTP/Server.js.map +1 -1
  235. package/transpiled/HTTP/Timing.d.ts +10 -0
  236. package/transpiled/HTTP/Timing.js +29 -0
  237. package/transpiled/HTTP/Timing.js.map +1 -0
  238. package/transpiled/HTTP/formats/msgpack.d.ts +2 -2
  239. package/transpiled/HTTP/formats/msgpack.js +8 -29
  240. package/transpiled/HTTP/formats/msgpack.js.map +1 -1
  241. package/transpiled/HTTP/formats/text.d.ts +3 -1
  242. package/transpiled/HTTP/formats/text.js.map +1 -1
  243. package/transpiled/HTTP/formats/yaml.js +1 -1
  244. package/transpiled/HTTP/formats/yaml.js.map +1 -1
  245. package/transpiled/HTTP/index.d.ts +1 -0
  246. package/transpiled/HTTP/index.js +1 -0
  247. package/transpiled/HTTP/index.js.map +1 -1
  248. package/transpiled/HTTP/messages.d.ts +7 -16
  249. package/transpiled/HTTP/messages.js +28 -25
  250. package/transpiled/HTTP/messages.js.map +1 -1
  251. package/transpiled/Interception.d.ts +9 -0
  252. package/transpiled/Interception.js +19 -0
  253. package/transpiled/Interception.js.map +1 -0
  254. package/transpiled/Mapping.js +7 -7
  255. package/transpiled/Mapping.js.map +1 -1
  256. package/transpiled/Query.js.map +1 -1
  257. package/transpiled/RTD/Context.d.ts +7 -6
  258. package/transpiled/RTD/Directives.d.ts +19 -4
  259. package/transpiled/RTD/Endpoint.d.ts +6 -4
  260. package/transpiled/RTD/Match.d.ts +2 -4
  261. package/transpiled/RTD/Method.d.ts +7 -7
  262. package/transpiled/RTD/Method.js.map +1 -1
  263. package/transpiled/RTD/Node.d.ts +4 -6
  264. package/transpiled/RTD/Node.js +2 -1
  265. package/transpiled/RTD/Node.js.map +1 -1
  266. package/transpiled/RTD/Route.js.map +1 -1
  267. package/transpiled/RTD/Tree.d.ts +6 -6
  268. package/transpiled/RTD/Tree.js +5 -0
  269. package/transpiled/RTD/Tree.js.map +1 -1
  270. package/transpiled/RTD/factory.d.ts +2 -4
  271. package/transpiled/RTD/factory.js.map +1 -1
  272. package/transpiled/RTD/syntax/parse.js +1 -1
  273. package/transpiled/RTD/syntax/parse.js.map +1 -1
  274. package/transpiled/RTD/syntax/types.js +1 -1
  275. package/transpiled/RTD/syntax/types.js.map +1 -1
  276. package/transpiled/deployment.js +6 -2
  277. package/transpiled/deployment.js.map +1 -1
  278. package/transpiled/directives/auth/Anonymous.js +3 -4
  279. package/transpiled/directives/auth/Anonymous.js.map +1 -1
  280. package/transpiled/directives/auth/{Family.d.ts → Authorization.d.ts} +4 -5
  281. package/transpiled/directives/auth/{Family.js → Authorization.js} +22 -13
  282. package/transpiled/directives/auth/Authorization.js.map +1 -0
  283. package/transpiled/directives/auth/Delegate.d.ts +8 -0
  284. package/transpiled/directives/auth/Delegate.js +27 -0
  285. package/transpiled/directives/auth/Delegate.js.map +1 -0
  286. package/transpiled/directives/auth/Incept.d.ts +1 -1
  287. package/transpiled/directives/auth/Incept.js +11 -6
  288. package/transpiled/directives/auth/Incept.js.map +1 -1
  289. package/transpiled/directives/auth/Role.js +5 -3
  290. package/transpiled/directives/auth/Role.js.map +1 -1
  291. package/transpiled/directives/auth/Rule.d.ts +2 -2
  292. package/transpiled/directives/auth/Rule.js.map +1 -1
  293. package/transpiled/directives/auth/Scheme.js +2 -2
  294. package/transpiled/directives/auth/Scheme.js.map +1 -1
  295. package/transpiled/directives/auth/index.d.ts +2 -2
  296. package/transpiled/directives/auth/index.js +4 -5
  297. package/transpiled/directives/auth/index.js.map +1 -1
  298. package/transpiled/directives/auth/schemes.js +2 -1
  299. package/transpiled/directives/auth/schemes.js.map +1 -1
  300. package/transpiled/directives/auth/types.d.ts +4 -4
  301. package/transpiled/directives/cache/Cache.d.ts +11 -0
  302. package/transpiled/directives/cache/{Family.js → Cache.js} +6 -4
  303. package/transpiled/directives/cache/Cache.js.map +1 -0
  304. package/transpiled/directives/cache/Control.d.ts +3 -3
  305. package/transpiled/directives/cache/Control.js +3 -3
  306. package/transpiled/directives/cache/Control.js.map +1 -1
  307. package/transpiled/directives/cache/index.d.ts +2 -2
  308. package/transpiled/directives/cache/index.js +4 -5
  309. package/transpiled/directives/cache/index.js.map +1 -1
  310. package/transpiled/directives/cache/types.d.ts +2 -2
  311. package/transpiled/directives/cors/CORS.d.ts +10 -0
  312. package/transpiled/directives/cors/CORS.js +51 -0
  313. package/transpiled/directives/cors/CORS.js.map +1 -0
  314. package/transpiled/directives/cors/index.d.ts +2 -0
  315. package/transpiled/directives/cors/index.js +6 -0
  316. package/transpiled/directives/cors/index.js.map +1 -0
  317. package/transpiled/directives/dev/Development.d.ts +9 -0
  318. package/transpiled/directives/dev/{Family.js → Development.js} +4 -2
  319. package/transpiled/directives/dev/Development.js.map +1 -0
  320. package/transpiled/directives/dev/Stub.d.ts +3 -3
  321. package/transpiled/directives/dev/Stub.js.map +1 -1
  322. package/transpiled/directives/dev/Throw.d.ts +3 -3
  323. package/transpiled/directives/dev/Throw.js.map +1 -1
  324. package/transpiled/directives/dev/index.d.ts +2 -2
  325. package/transpiled/directives/dev/index.js +4 -5
  326. package/transpiled/directives/dev/index.js.map +1 -1
  327. package/transpiled/directives/dev/types.d.ts +1 -1
  328. package/transpiled/directives/index.d.ts +4 -2
  329. package/transpiled/directives/index.js +10 -9
  330. package/transpiled/directives/index.js.map +1 -1
  331. package/transpiled/directives/io/Directive.d.ts +8 -0
  332. package/transpiled/directives/io/Directive.js +3 -0
  333. package/transpiled/directives/io/Directive.js.map +1 -0
  334. package/transpiled/directives/io/IO.d.ts +9 -0
  335. package/transpiled/directives/io/IO.js +33 -0
  336. package/transpiled/directives/io/IO.js.map +1 -0
  337. package/transpiled/directives/io/Input.d.ts +11 -0
  338. package/transpiled/directives/io/Input.js +63 -0
  339. package/transpiled/directives/io/Input.js.map +1 -0
  340. package/transpiled/directives/io/Message.d.ts +1 -0
  341. package/transpiled/directives/io/Message.js +3 -0
  342. package/transpiled/directives/io/Message.js.map +1 -0
  343. package/transpiled/directives/io/Output.d.ts +13 -0
  344. package/transpiled/directives/io/Output.js +76 -0
  345. package/transpiled/directives/io/Output.js.map +1 -0
  346. package/transpiled/directives/io/index.d.ts +2 -0
  347. package/transpiled/directives/io/index.js +6 -0
  348. package/transpiled/directives/io/index.js.map +1 -0
  349. package/transpiled/directives/io/schemas.d.ts +7 -0
  350. package/transpiled/directives/io/schemas.js +14 -0
  351. package/transpiled/directives/io/schemas.js.map +1 -0
  352. package/transpiled/directives/octets/Context.d.ts +5 -5
  353. package/transpiled/directives/octets/Context.js +4 -2
  354. package/transpiled/directives/octets/Context.js.map +1 -1
  355. package/transpiled/directives/octets/Delete.d.ts +15 -5
  356. package/transpiled/directives/octets/Delete.js +45 -8
  357. package/transpiled/directives/octets/Delete.js.map +1 -1
  358. package/transpiled/directives/octets/Directive.d.ts +8 -0
  359. package/transpiled/directives/octets/Directive.js +8 -0
  360. package/transpiled/directives/octets/Directive.js.map +1 -0
  361. package/transpiled/directives/octets/Fetch.d.ts +9 -9
  362. package/transpiled/directives/octets/Fetch.js +36 -21
  363. package/transpiled/directives/octets/Fetch.js.map +1 -1
  364. package/transpiled/directives/octets/List.d.ts +11 -5
  365. package/transpiled/directives/octets/List.js +34 -7
  366. package/transpiled/directives/octets/List.js.map +1 -1
  367. package/transpiled/directives/octets/Octets.d.ts +12 -0
  368. package/transpiled/directives/octets/{Family.js → Octets.js} +12 -6
  369. package/transpiled/directives/octets/Octets.js.map +1 -0
  370. package/transpiled/directives/octets/Permute.d.ts +5 -4
  371. package/transpiled/directives/octets/Permute.js +15 -8
  372. package/transpiled/directives/octets/Permute.js.map +1 -1
  373. package/transpiled/directives/octets/Store.d.ts +14 -23
  374. package/transpiled/directives/octets/Store.js +41 -70
  375. package/transpiled/directives/octets/Store.js.map +1 -1
  376. package/transpiled/directives/octets/Workflow.d.ts +15 -0
  377. package/transpiled/directives/octets/Workflow.js +59 -0
  378. package/transpiled/directives/octets/Workflow.js.map +1 -0
  379. package/transpiled/directives/octets/index.d.ts +2 -2
  380. package/transpiled/directives/octets/index.js +4 -5
  381. package/transpiled/directives/octets/index.js.map +1 -1
  382. package/transpiled/directives/octets/schemas.d.ts +13 -6
  383. package/transpiled/directives/octets/schemas.js +2 -1
  384. package/transpiled/directives/octets/schemas.js.map +1 -1
  385. package/transpiled/directives/octets/types.d.ts +2 -6
  386. package/transpiled/directives/octets/workflows/Execution.d.ts +25 -0
  387. package/transpiled/directives/octets/workflows/Execution.js +54 -0
  388. package/transpiled/directives/octets/workflows/Execution.js.map +1 -0
  389. package/transpiled/directives/octets/workflows/Workflow.d.ts +12 -0
  390. package/transpiled/directives/octets/workflows/Workflow.js +25 -0
  391. package/transpiled/directives/octets/workflows/Workflow.js.map +1 -0
  392. package/transpiled/directives/octets/workflows/index.d.ts +1 -0
  393. package/transpiled/directives/octets/workflows/index.js +6 -0
  394. package/transpiled/directives/octets/workflows/index.js.map +1 -0
  395. package/transpiled/directives/vary/Directive.d.ts +5 -0
  396. package/transpiled/directives/vary/Directive.js +3 -0
  397. package/transpiled/directives/vary/Directive.js.map +1 -0
  398. package/transpiled/directives/vary/Embed.d.ts +10 -0
  399. package/transpiled/directives/vary/Embed.js +49 -0
  400. package/transpiled/directives/vary/Embed.js.map +1 -0
  401. package/transpiled/directives/vary/Properties.d.ts +9 -0
  402. package/transpiled/directives/vary/Properties.js +16 -0
  403. package/transpiled/directives/vary/Properties.js.map +1 -0
  404. package/transpiled/directives/vary/Vary.d.ts +10 -0
  405. package/transpiled/directives/vary/Vary.js +36 -0
  406. package/transpiled/directives/vary/Vary.js.map +1 -0
  407. package/transpiled/directives/vary/embeddings/Embedding.d.ts +5 -0
  408. package/transpiled/directives/vary/embeddings/Embedding.js +3 -0
  409. package/transpiled/directives/vary/embeddings/Embedding.js.map +1 -0
  410. package/transpiled/directives/vary/embeddings/Header.d.ts +7 -0
  411. package/transpiled/directives/vary/embeddings/Header.js +28 -0
  412. package/transpiled/directives/vary/embeddings/Header.js.map +1 -0
  413. package/transpiled/directives/vary/embeddings/Language.d.ts +7 -0
  414. package/transpiled/directives/vary/embeddings/Language.js +28 -0
  415. package/transpiled/directives/vary/embeddings/Language.js.map +1 -0
  416. package/transpiled/directives/vary/embeddings/index.d.ts +5 -0
  417. package/transpiled/directives/vary/embeddings/index.js +10 -0
  418. package/transpiled/directives/vary/embeddings/index.js.map +1 -0
  419. package/transpiled/directives/vary/index.d.ts +2 -0
  420. package/transpiled/directives/vary/index.js +6 -0
  421. package/transpiled/directives/vary/index.js.map +1 -0
  422. package/transpiled/exceptions.js +7 -7
  423. package/transpiled/exceptions.js.map +1 -1
  424. package/transpiled/io.d.ts +3 -0
  425. package/transpiled/io.js +3 -0
  426. package/transpiled/io.js.map +1 -0
  427. package/transpiled/manifest.js +10 -5
  428. package/transpiled/manifest.js.map +1 -1
  429. package/transpiled/root.js +5 -0
  430. package/transpiled/root.js.map +1 -1
  431. package/transpiled/schemas.d.ts +7 -3
  432. package/transpiled/schemas.js.map +1 -1
  433. package/transpiled/tsconfig.tsbuildinfo +1 -1
  434. package/source/HTTP/Server.fixtures.ts +0 -41
  435. package/transpiled/HTTP/Server.fixtures.d.ts +0 -11
  436. package/transpiled/HTTP/Server.fixtures.js +0 -32
  437. package/transpiled/HTTP/Server.fixtures.js.map +0 -1
  438. package/transpiled/directives/auth/Family.js.map +0 -1
  439. package/transpiled/directives/cache/Family.d.ts +0 -12
  440. package/transpiled/directives/cache/Family.js.map +0 -1
  441. package/transpiled/directives/dev/Family.d.ts +0 -10
  442. package/transpiled/directives/dev/Family.js.map +0 -1
  443. package/transpiled/directives/octets/Family.d.ts +0 -12
  444. package/transpiled/directives/octets/Family.js.map +0 -1
package/components/identity.federation/source/lib/jwt.ts ADDED
@@ -0,0 +1,171 @@
1
+ import crypto from 'node:crypto'
2
+ import * as assert from 'node:assert'
3
+ import { type JwtHeader, type IdToken } from '../types'
4
+ import { type TrustConfiguration } from '../schemas'
5
+
6
+ export function decodeJwt (token: string): {
7
+ header: unknown
8
+ payload: unknown
9
+ rawHeader: string
10
+ rawPayload: string
11
+ signature: string
12
+ } {
13
+ const [rawHeader, rawPayload, signature] = token.split('.', 3)
14
+
15
+ const header = JSON.parse(Buffer.from(rawHeader, 'base64url').toString())
16
+ const payload = JSON.parse(Buffer.from(rawPayload, 'base64url').toString())
17
+
18
+ return { header, payload, rawHeader, rawPayload, signature }
19
+ }
20
+
21
+ export function validateJwtHeader (header: unknown): asserts header is JwtHeader {
22
+ assert.ok(header !== null && typeof header === 'object', 'Header is not an object')
23
+ assert.ok('alg' in header, 'Header is missing alg')
24
+ assert.ok(typeof header.alg === 'string', 'Header alg is not a string')
25
+ assert.match(header.alg, /^RS256|HS\d{3}$/, `Unknown algorithm ${header.alg}`)
26
+ assert.ok(!('kid' in header) || typeof header.kid === 'string', 'kid must be a string if present')
27
+ }
28
+
29
+ export function validateJwtPayload (payload: unknown,
30
+ trusted: TrustConfiguration[] = [],
31
+ header: JwtHeader): asserts payload is IdToken {
32
+ assert.ok(trusted.length > 0, 'No trusted issuers provided')
33
+
34
+ // full list of validations is
35
+ // at https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation
36
+ assert.ok(payload !== null && typeof payload === 'object', 'Payload is not an object')
37
+
38
+ assert.ok('iss' in payload, 'Payload is missing iss')
39
+ assert.ok(typeof payload.iss === 'string', 'Payload iss is not a string')
40
+ assert.ok('aud' in payload, 'Payload is missing aud')
41
+ assert.ok(typeof payload.aud === 'string', 'Payload aud is not a string')
42
+
43
+ const issuer = trusted.find((config) => config.issuer === payload.iss)
44
+
45
+ assert.ok(issuer !== undefined &&
46
+ (issuer.audience === undefined || issuer.audience.some((a) => a === payload.aud),
47
+ `Unknown issuer / audience: ${payload.iss} / ${payload.aud}`))
48
+
49
+ if (header.alg.startsWith('HS')) {
50
+ const secrets = issuer.secrets
51
+
52
+ assert.ok(secrets, `We don't have known secrets for ${payload.iss}`)
53
+
54
+ const keys = secrets[header.alg]
55
+
56
+ assert.ok(keys, `No known secrets for ${header.alg}`)
57
+
58
+ if (typeof header.kid === 'string')
59
+ assert.ok(header.kid in keys, `No secret ${header.kid} provided for ${header.alg}`)
60
+ }
61
+
62
+ assert.ok('sub' in payload, 'Payload is missing sub')
63
+ assert.ok(typeof payload.sub === 'string', 'Payload sub is not a string')
64
+
65
+ assert.ok('exp' in payload, 'Payload is missing exp')
66
+ assert.ok(typeof payload.exp === 'number', 'Payload exp is not a number')
67
+ assert.ok(Date.now() < payload.exp * 1000, 'Token is expired')
68
+
69
+ assert.ok('iat' in payload, 'Payload is missing iat')
70
+ assert.ok(typeof payload.iat === 'number', 'Payload iat is not a number')
71
+ assert.ok(Date.now() >= payload.iat * 1000, 'Token was issued in the future')
72
+ assert.ok(payload.exp >= payload.iat, 'Payload exp is before iat')
73
+
74
+ if ('nbf' in payload) {
75
+ assert.ok(typeof payload.nbf === 'number', 'Payload nbf is not a number')
76
+ assert.ok(Date.now() >= payload.nbf * 1000, 'Token is not valid yet')
77
+ }
78
+ }
79
+
80
+ export async function validateSignature ({
81
+ header: { kid, alg },
82
+ payload: { iss },
83
+ rawHeader,
84
+ rawPayload,
85
+ signature,
86
+ trusted = []
87
+ }: {
88
+ readonly header: JwtHeader
89
+ rawHeader: string
90
+ readonly payload: IdToken
91
+ rawPayload: string
92
+ signature: string
93
+ trusted?: TrustConfiguration[]
94
+ }): Promise<void> {
95
+ if (alg.startsWith('HS')) {
96
+ // symmetric algorithm, issuer is validated at this point
97
+ // eslint-disable-next-line @typescript-eslint/no-non-null-assertion -- `kid` is validated
98
+ const secrets = trusted.find((c) => c.issuer === iss)!.secrets![alg]
99
+ const secret = kid !== undefined ? secrets[kid] : Object.values(secrets)[0]
100
+ const algorithm = alg.replace(/^HS(\d{3})$/, 'sha$1') // HS256 -> sha256
101
+ const hmac = crypto.createHmac(algorithm, secret)
102
+
103
+ hmac.update(rawHeader)
104
+ hmac.update('.')
105
+ hmac.update(rawPayload)
106
+ assert.strictEqual(signature, hmac.digest('base64url'), 'Signature does not match')
107
+
108
+ return
109
+ }
110
+
111
+ // Getting issuer public keys
112
+ const oidcRequest = await fetch(`${iss}/.well-known/openid-configuration`, {
113
+ cache: 'default'
114
+ })
115
+
116
+ assert.ok(oidcRequest.ok,
117
+ `Failed to fetch OpenID configuration: ${oidcRequest.statusText}`)
118
+
119
+ const { jwks_uri: jwksUri } = (await oidcRequest.json()) as { jwks_uri: string }
120
+
121
+ const jwkRequest = await fetch(jwksUri, { cache: 'default' })
122
+
123
+ assert.ok(jwkRequest.ok, `Failed to fetch issuer keys: ${jwkRequest.statusText}`)
124
+
125
+ const { keys } = (await jwkRequest.json()) as {
126
+ keys: Array<{ use: string, kid?: string, alg?: string } & crypto.JsonWebKey>
127
+ }
128
+
129
+ // getting corresponding signing key
130
+ const signingKeys = keys.filter((k) => k.use === 'sig' && k.alg === alg)
131
+
132
+ assert.ok(signingKeys.length > 0, 'No acceptable signing keys found')
133
+
134
+ assert.ok(kid === undefined || signingKeys.length === 1,
135
+ 'Signing key selection is not deterministic')
136
+
137
+ const signingKey = kid === undefined ? signingKeys.find((k) => k.kid === kid) : keys[0]
138
+
139
+ assert.ok(signingKey, 'Signing key was not found in issuer keys')
140
+
141
+ const verifyFunction = crypto.createVerify('RSA-SHA256')
142
+
143
+ verifyFunction.write(rawHeader)
144
+ verifyFunction.write('.')
145
+ verifyFunction.write(rawPayload)
146
+ verifyFunction.end()
147
+
148
+ const signatureValid = verifyFunction.verify({ format: 'jwk', key: signingKey },
149
+ signature,
150
+ 'base64url')
151
+
152
+ assert.ok(signatureValid, 'Failed to validate signature')
153
+ }
154
+
155
+ export async function validateIdToken (token: string,
156
+ trusted?: TrustConfiguration[]): Promise<IdToken> {
157
+ const { header, payload, rawHeader, rawPayload, signature } = decodeJwt(token)
158
+
159
+ validateJwtHeader(header)
160
+ validateJwtPayload(payload, trusted, header)
161
+ await validateSignature({
162
+ header,
163
+ rawHeader,
164
+ payload,
165
+ rawPayload,
166
+ signature,
167
+ trusted
168
+ })
169
+
170
+ return payload
171
+ }
package/components/identity.federation/source/schemas.ts ADDED
@@ -0,0 +1,61 @@
1
+ /* eslint-disable */
2
+ /**
3
+ * This file was automatically generated by json-schema-to-typescript.
4
+ * DO NOT MODIFY IT BY HAND. Instead, modify the source JSONSchema file,
5
+ * and run json-schema-to-typescript to regenerate this file.
6
+ */
7
+
8
+ export interface Schemas {
9
+ configuration?: {
10
+ trust?: TrustConfiguration[];
11
+ /**
12
+ * Force identities to be explicitly created or incept before being used in authentication
13
+ */
14
+ explicit_identity_creation?: boolean;
15
+ /**
16
+ * The value of `sub` of an identity token that will be assigned the `system` Role
17
+ */
18
+ principal?: {
19
+ iss: string;
20
+ sub: string;
21
+ };
22
+ };
23
+ entity?: {
24
+ /**
25
+ * The issuer, or signer, of the token, URI like `https://accounts.google.com`
26
+ */
27
+ iss: string;
28
+ /**
29
+ * the ID that represents the principal making the request
30
+ */
31
+ sub: string;
32
+ };
33
+ }
34
+ export interface TrustConfiguration {
35
+ /**
36
+ * Allowed origins for a token `iss` field
37
+ */
38
+ issuer: string;
39
+ /**
40
+ * Acceptable `aud` value(s)
41
+ *
42
+ * @minItems 1
43
+ */
44
+ audience?: [string, ...string[]];
45
+ /**
46
+ * Symmetric encryption secrets
47
+ */
48
+ secrets?: {
49
+ /**
50
+ * This interface was referenced by `undefined`'s JSON-Schema definition
51
+ * via the `patternProperty` "^HS\d{3}$".
52
+ */
53
+ [k: string]: {
54
+ /**
55
+ * This interface was referenced by `undefined`'s JSON-Schema definition
56
+ * via the `patternProperty` "^\w+$".
57
+ */
58
+ [k: string]: string;
59
+ };
60
+ };
61
+ }
package/components/identity.federation/source/types.ts ADDED
@@ -0,0 +1,56 @@
1
+ import { type Call, type Observation, type Query } from '@toa.io/types'
2
+ import type { Schemas } from './schemas'
3
+
4
+ export interface Context {
5
+ local: {
6
+ observe: Observation<Entity & { id: string }>
7
+ transit: Call<TransitOutput, TransitInput>
8
+ }
9
+ remote: {
10
+ identity: {
11
+ tokens: {
12
+ revoke: Call<void, IdentityTokensRevokeInput>
13
+ }
14
+ }
15
+ }
16
+ configuration: Required<Schemas>['configuration']
17
+ }
18
+
19
+ export type Entity = Required<Schemas>['entity']
20
+
21
+ export interface TransitInput {
22
+ readonly iss: string
23
+ readonly sub: string
24
+ }
25
+
26
+ export interface TransitOutput {
27
+ id: string
28
+ }
29
+
30
+ interface IdentityTokensRevokeInput {
31
+ query: Query
32
+ }
33
+
34
+ export interface JwtHeader {
35
+ typ?: string
36
+ alg: string
37
+ kid?: string
38
+ }
39
+
40
+ /**
41
+ * @see {@link https://openid.net/specs/openid-connect-core-1_0.html#IDToken}
42
+ */
43
+ export interface IdToken {
44
+ iss: string
45
+ sub: string
46
+ aud: string
47
+ exp: number
48
+ iat: number
49
+ nbf?: number
50
+ }
51
+
52
+ export interface AuthenticateOutput {
53
+ identity: {
54
+ id: string
55
+ }
56
+ }
package/components/identity.federation/tsconfig.json ADDED
@@ -0,0 +1,9 @@
1
+ {
2
+ "extends": "../../tsconfig.json",
3
+ "compilerOptions": {
4
+ "outDir": "./operations"
5
+ },
6
+ "include": [
7
+ "source"
8
+ ]
9
+ }
package/components/identity.roles/manifest.toa.yaml CHANGED
@@ -4,14 +4,20 @@ name: roles
4
4
  entity:
5
5
  schema:
6
6
  identity*: string
7
- role*: string
7
+ role*: /^[a-zA-Z0-9]{1,16}(:[a-zA-Z0-9]{1,16}){0,8}$/
8
+ delegator: string
9
+ unique:
10
+ unique: [identity, role]
8
11
 
9
12
  operations:
10
- transit:
13
+ grant:
11
14
  query: false
12
15
  input:
13
- identity*: string
14
- role*: string
16
+ identity*: .
17
+ role*: .
18
+ delegator:
19
+ id: string
20
+ roles: [string]
15
21
  list:
16
22
  output: [string]
17
23
  principal:
@@ -25,7 +31,13 @@ exposition:
25
31
  isolated: true
26
32
  /:identity:
27
33
  auth:role: system:identity:roles
28
- POST: transit
34
+ auth:rule:
35
+ delegate: delegator
36
+ role: system:identity:roles:delegation
37
+ POST:
38
+ io:output: [id]
39
+ endpoint: grant
29
40
  GET:
41
+ io:output: true # array of strings
30
42
  auth:id: identity
31
43
  endpoint: list
package/components/identity.roles/operations/grant.d.ts ADDED
@@ -0,0 +1,10 @@
1
+ import type { Entity } from './lib/Entity';
2
+ export declare function transition(input: Input, object: Entity): Promise<Entity | Error>;
3
+ export interface Input {
4
+ identity: string;
5
+ role: string;
6
+ delegator?: {
7
+ id: string;
8
+ roles: string[];
9
+ };
10
+ }
package/components/identity.roles/operations/grant.js ADDED
@@ -0,0 +1,20 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.transition = void 0;
4
+ const error_value_1 = require("error-value");
5
+ async function transition(input, object) {
6
+ if (input.delegator === undefined)
7
+ return Object.assign(object, input);
8
+ if (!allowed(input.role, input.delegator.roles))
9
+ return ERR_OUT_OF_SCOPE;
10
+ object.role = input.role;
11
+ object.identity = input.identity;
12
+ object.delegator = input.delegator.id;
13
+ return object;
14
+ }
15
+ exports.transition = transition;
16
+ function allowed(scope, roles) {
17
+ return roles.some((role) => scope.startsWith(role));
18
+ }
19
+ const ERR_OUT_OF_SCOPE = (0, error_value_1.Err)('OUT_OF_SCOPE');
20
+ //# sourceMappingURL=grant.js.map
package/components/identity.roles/operations/grant.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"grant.js","sourceRoot":"","sources":["../source/grant.ts"],"names":[],"mappings":";;;AAAA,6CAAiC;AAG1B,KAAK,UAAU,UAAU,CAAE,KAAY,EAAE,MAAc;IAC5D,IAAI,KAAK,CAAC,SAAS,KAAK,SAAS;QAC/B,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;IAErC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC;QAC7C,OAAO,gBAAgB,CAAA;IAEzB,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAA;IACxB,MAAM,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAA;IAChC,MAAM,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC,EAAE,CAAA;IAErC,OAAO,MAAM,CAAA;AACf,CAAC;AAZD,gCAYC;AAED,SAAS,OAAO,CAAE,KAAa,EAAE,KAAe;IAC9C,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAA;AACrD,CAAC;AAED,MAAM,gBAAgB,GAAG,IAAA,iBAAG,EAAC,cAAc,CAAC,CAAA"}
package/components/identity.roles/operations/lib/Entity.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ export interface Entity {
2
+ identity: string;
3
+ role: string;
4
+ delegator?: string;
5
+ }
package/components/identity.roles/operations/lib/Entity.js ADDED
@@ -0,0 +1,3 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ //# sourceMappingURL=Entity.js.map
package/components/identity.roles/operations/lib/Entity.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"Entity.js","sourceRoot":"","sources":["../../source/lib/Entity.ts"],"names":[],"mappings":""}
package/components/identity.roles/operations/list.d.ts CHANGED
@@ -1,5 +1,2 @@
1
+ import type { Entity } from './lib/Entity';
1
2
  export declare function observation(_: unknown, objects: Entity[]): string[];
2
- interface Entity {
3
- role: string;
4
- }
5
- export {};
package/components/identity.roles/operations/list.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"list.js","sourceRoot":"","sources":["../source/list.ts"],"names":[],"mappings":";;;AAAA,SAAgB,WAAW,CAAE,CAAU,EAAE,OAAiB;IACxD,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,CAAA;AACxC,CAAC;AAFD,kCAEC"}
1
+ {"version":3,"file":"list.js","sourceRoot":"","sources":["../source/list.ts"],"names":[],"mappings":";;;AAEA,SAAgB,WAAW,CAAE,CAAU,EAAE,OAAiB;IACxD,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,CAAA;AACxC,CAAC;AAFD,kCAEC"}
package/components/identity.roles/operations/principal.d.ts CHANGED
@@ -1,15 +1,13 @@
1
- import { type Call } from '@toa.io/types';
1
+ import type { Entity } from './lib/Entity';
2
+ import type { Call } from '@toa.io/types';
3
+ import type { Input as GrantInput } from './grant';
2
4
  export declare function effect(input: Identity, context: Context): Promise<void>;
3
5
  interface Identity {
4
6
  id: string;
5
7
  }
6
8
  export interface Context {
7
9
  local: {
8
- transit: Call<void, TransitInput>;
10
+ grant: Call<Entity, GrantInput>;
9
11
  };
10
12
  }
11
- interface TransitInput {
12
- identity: string;
13
- role: string;
14
- }
15
13
  export {};
package/components/identity.roles/operations/principal.js CHANGED
@@ -2,7 +2,12 @@
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.effect = void 0;
4
4
  async function effect(input, context) {
5
- await context.local.transit({ input: { identity: input.id, role: 'system' } });
5
+ await context.local.grant({
6
+ input: {
7
+ identity: input.id,
8
+ role: 'system'
9
+ }
10
+ });
6
11
  }
7
12
  exports.effect = effect;
8
13
  //# sourceMappingURL=principal.js.map
package/components/identity.roles/operations/principal.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"principal.js","sourceRoot":"","sources":["../source/principal.ts"],"names":[],"mappings":";;;AAEO,KAAK,UAAU,MAAM,CAAE,KAAe,EAAE,OAAgB;IAC7D,MAAM,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,KAAK,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAA;AAChF,CAAC;AAFD,wBAEC"}
1
+ {"version":3,"file":"principal.js","sourceRoot":"","sources":["../source/principal.ts"],"names":[],"mappings":";;;AAIO,KAAK,UAAU,MAAM,CAAE,KAAe,EAAE,OAAgB;IAC7D,MAAM,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC;QACxB,KAAK,EAAE;YACL,QAAQ,EAAE,KAAK,CAAC,EAAE;YAClB,IAAI,EAAE,QAAQ;SACf;KACF,CAAC,CAAA;AACJ,CAAC;AAPD,wBAOC"}