@toa.io/extensions.exposition 1.0.0-alpha.19 → 1.0.0-alpha.190

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (844) hide show
  1. package/components/context.toa.yaml +2 -2
  2. package/components/identity.bans/operations/tsconfig.tsbuildinfo +1 -1
  3. package/components/identity.basic/manifest.toa.yaml +65 -13
  4. package/components/identity.basic/operations/add.d.ts +3 -0
  5. package/components/identity.basic/operations/add.js +16 -0
  6. package/components/identity.basic/operations/add.js.map +1 -0
  7. package/components/identity.basic/operations/authenticate.d.ts +5 -1
  8. package/components/identity.basic/operations/authenticate.js +7 -4
  9. package/components/identity.basic/operations/authenticate.js.map +1 -1
  10. package/components/identity.basic/operations/check.d.ts +7 -0
  11. package/components/identity.basic/operations/check.js +15 -0
  12. package/components/identity.basic/operations/check.js.map +1 -0
  13. package/components/identity.basic/operations/incept.d.ts +12 -0
  14. package/components/identity.basic/operations/incept.js +26 -0
  15. package/components/identity.basic/operations/incept.js.map +1 -0
  16. package/components/identity.basic/operations/transit.d.ts +4 -4
  17. package/components/identity.basic/operations/transit.js +13 -7
  18. package/components/identity.basic/operations/transit.js.map +1 -1
  19. package/components/identity.basic/operations/tsconfig.tsbuildinfo +1 -1
  20. package/components/identity.basic/operations/types.d.ts +14 -4
  21. package/components/identity.basic/source/add.ts +14 -0
  22. package/components/identity.basic/source/authenticate.ts +18 -7
  23. package/components/identity.basic/source/check.ts +20 -0
  24. package/components/identity.basic/source/incept.ts +38 -0
  25. package/components/identity.basic/source/transit.ts +16 -10
  26. package/components/identity.basic/source/types.ts +15 -4
  27. package/components/identity.federation/manifest.toa.yaml +80 -38
  28. package/components/identity.federation/operations/authenticate.d.ts +16 -3
  29. package/components/identity.federation/operations/authenticate.js +25 -15
  30. package/components/identity.federation/operations/authenticate.js.map +1 -1
  31. package/components/identity.federation/operations/decode.d.ts +3 -0
  32. package/components/identity.federation/operations/decode.js +12 -0
  33. package/components/identity.federation/operations/decode.js.map +1 -0
  34. package/components/identity.federation/operations/incept.d.ts +11 -0
  35. package/components/identity.federation/operations/incept.js +23 -0
  36. package/components/identity.federation/operations/incept.js.map +1 -0
  37. package/components/identity.federation/operations/lib/Configuration.d.ts +39 -0
  38. package/components/identity.federation/operations/lib/Configuration.js +3 -0
  39. package/components/identity.federation/operations/lib/Configuration.js.map +1 -0
  40. package/components/identity.federation/operations/lib/Context.d.ts +7 -0
  41. package/{transpiled/directives/vary/embeddings/Embedding.js → components/identity.federation/operations/lib/Context.js} +1 -1
  42. package/components/identity.federation/operations/lib/Context.js.map +1 -0
  43. package/components/identity.federation/operations/lib/Ctx.d.ts +6 -0
  44. package/components/identity.federation/operations/lib/Ctx.js +3 -0
  45. package/components/identity.federation/operations/lib/Ctx.js.map +1 -0
  46. package/components/identity.federation/operations/lib/Payload.d.ts +5 -0
  47. package/components/identity.federation/operations/lib/Payload.js +3 -0
  48. package/components/identity.federation/operations/lib/Payload.js.map +1 -0
  49. package/components/identity.federation/operations/lib/decode.d.ts +3 -0
  50. package/components/identity.federation/operations/lib/{assertions-as-values.js → decode.js} +19 -19
  51. package/components/identity.federation/operations/lib/decode.js.map +1 -0
  52. package/components/identity.federation/operations/lib/discovery.d.ts +4 -0
  53. package/components/identity.federation/operations/lib/discovery.js +49 -0
  54. package/components/identity.federation/operations/lib/discovery.js.map +1 -0
  55. package/components/identity.federation/operations/lib/errors.d.ts +11 -0
  56. package/components/identity.federation/operations/lib/errors.js +15 -0
  57. package/components/identity.federation/operations/lib/errors.js.map +1 -0
  58. package/components/identity.federation/operations/lib/exchange.d.ts +3 -0
  59. package/components/identity.federation/operations/lib/exchange.js +107 -0
  60. package/components/identity.federation/operations/lib/exchange.js.map +1 -0
  61. package/components/identity.federation/operations/lib/index.d.ts +3 -0
  62. package/components/identity.federation/operations/lib/index.js +8 -0
  63. package/components/identity.federation/operations/lib/index.js.map +1 -0
  64. package/components/identity.federation/operations/tsconfig.tsbuildinfo +1 -1
  65. package/components/identity.federation/operations/types/Scheme.d.ts +1 -0
  66. package/components/identity.federation/operations/types/Scheme.js +3 -0
  67. package/components/identity.federation/operations/types/Scheme.js.map +1 -0
  68. package/components/identity.federation/operations/types/configuration.d.ts +20 -0
  69. package/components/identity.federation/operations/types/configuration.js +3 -0
  70. package/components/identity.federation/operations/types/configuration.js.map +1 -0
  71. package/components/identity.federation/operations/types/context.d.ts +36 -0
  72. package/components/identity.federation/operations/types/context.js +3 -0
  73. package/components/identity.federation/operations/types/context.js.map +1 -0
  74. package/components/identity.federation/operations/types/entity.d.ts +6 -0
  75. package/components/identity.federation/operations/types/entity.js +3 -0
  76. package/components/identity.federation/operations/types/entity.js.map +1 -0
  77. package/components/identity.federation/operations/types/index.d.ts +4 -0
  78. package/components/identity.federation/operations/types/index.js +21 -0
  79. package/components/identity.federation/operations/types/index.js.map +1 -0
  80. package/components/identity.federation/source/authenticate.ts +44 -19
  81. package/components/identity.federation/source/decode.ts +10 -0
  82. package/components/identity.federation/source/incept.ts +37 -0
  83. package/components/identity.federation/source/lib/Configuration.ts +39 -0
  84. package/components/identity.federation/source/lib/Ctx.ts +7 -0
  85. package/components/identity.federation/source/lib/Payload.ts +6 -0
  86. package/components/identity.federation/source/lib/decode.ts +28 -0
  87. package/components/identity.federation/source/lib/discovery.ts +30 -0
  88. package/components/identity.federation/source/lib/errors.ts +12 -0
  89. package/components/identity.federation/source/lib/exchange.ts +116 -0
  90. package/components/identity.federation/source/lib/index.ts +3 -0
  91. package/components/identity.federation/source/types/Scheme.ts +1 -0
  92. package/components/identity.federation/source/types/configuration.ts +21 -0
  93. package/components/identity.federation/source/types/context.ts +40 -0
  94. package/components/identity.federation/source/types/entity.ts +6 -0
  95. package/components/identity.federation/source/types/index.ts +4 -0
  96. package/components/identity.federation/tsconfig.json +5 -4
  97. package/components/identity.keys/manifest.toa.yaml +57 -0
  98. package/components/identity.keys/operations/create.d.ts +22 -0
  99. package/components/identity.keys/operations/create.js +16 -0
  100. package/components/identity.keys/operations/create.js.map +1 -0
  101. package/components/identity.keys/operations/tsconfig.tsbuildinfo +1 -0
  102. package/components/identity.keys/source/create.ts +35 -0
  103. package/components/identity.keys/tsconfig.json +9 -0
  104. package/components/identity.otp/manifest.toa.yaml +54 -0
  105. package/components/identity.otp/operations/authenticate.d.ts +12 -0
  106. package/components/identity.otp/operations/authenticate.js +30 -0
  107. package/components/identity.otp/operations/authenticate.js.map +1 -0
  108. package/components/identity.otp/operations/issue.d.ts +12 -0
  109. package/components/identity.otp/operations/issue.js +22 -0
  110. package/components/identity.otp/operations/issue.js.map +1 -0
  111. package/components/identity.otp/operations/lib/Context.d.ts +13 -0
  112. package/components/identity.otp/operations/lib/Context.js +3 -0
  113. package/components/identity.otp/operations/lib/Context.js.map +1 -0
  114. package/components/identity.otp/operations/lib/Entity.d.ts +5 -0
  115. package/components/identity.otp/operations/lib/Entity.js +3 -0
  116. package/components/identity.otp/operations/lib/Entity.js.map +1 -0
  117. package/components/identity.otp/operations/lib/index.d.ts +1 -0
  118. package/components/identity.otp/operations/lib/index.js +3 -0
  119. package/components/identity.otp/operations/lib/index.js.map +1 -0
  120. package/components/identity.otp/operations/tsconfig.tsbuildinfo +1 -0
  121. package/components/identity.otp/source/authenticate.ts +46 -0
  122. package/components/identity.otp/source/issue.ts +35 -0
  123. package/components/identity.otp/source/lib/Context.ts +14 -0
  124. package/components/identity.otp/source/lib/Entity.ts +5 -0
  125. package/components/identity.otp/source/lib/index.ts +1 -0
  126. package/components/identity.otp/tsconfig.json +9 -0
  127. package/components/identity.passkeys/manifest.toa.yaml +268 -0
  128. package/components/identity.passkeys/operations/authenticate.d.ts +16 -0
  129. package/components/identity.passkeys/operations/authenticate.js +34 -0
  130. package/components/identity.passkeys/operations/authenticate.js.map +1 -0
  131. package/components/identity.passkeys/operations/challenge.d.ts +35 -0
  132. package/components/identity.passkeys/operations/challenge.js +73 -0
  133. package/components/identity.passkeys/operations/challenge.js.map +1 -0
  134. package/components/identity.passkeys/operations/create.d.ts +19 -0
  135. package/components/identity.passkeys/operations/create.js +58 -0
  136. package/components/identity.passkeys/operations/create.js.map +1 -0
  137. package/components/identity.passkeys/operations/delete.d.ts +8 -0
  138. package/components/identity.passkeys/operations/delete.js +12 -0
  139. package/components/identity.passkeys/operations/delete.js.map +1 -0
  140. package/components/identity.passkeys/operations/lib/const.d.ts +1 -0
  141. package/components/identity.passkeys/operations/lib/const.js +5 -0
  142. package/components/identity.passkeys/operations/lib/const.js.map +1 -0
  143. package/components/identity.passkeys/operations/list.d.ts +7 -0
  144. package/components/identity.passkeys/operations/list.js +15 -0
  145. package/components/identity.passkeys/operations/list.js.map +1 -0
  146. package/components/identity.passkeys/operations/tsconfig.tsbuildinfo +1 -0
  147. package/components/identity.passkeys/operations/types/Configuration.d.ts +6 -0
  148. package/components/identity.passkeys/operations/types/Configuration.js +3 -0
  149. package/components/identity.passkeys/operations/types/Configuration.js.map +1 -0
  150. package/components/identity.passkeys/operations/types/Context.d.ts +15 -0
  151. package/components/identity.passkeys/operations/types/Context.js +3 -0
  152. package/components/identity.passkeys/operations/types/Context.js.map +1 -0
  153. package/components/identity.passkeys/operations/types/Passkey.d.ts +13 -0
  154. package/components/identity.passkeys/operations/types/Passkey.js +3 -0
  155. package/components/identity.passkeys/operations/types/Passkey.js.map +1 -0
  156. package/components/identity.passkeys/operations/types/index.d.ts +2 -0
  157. package/components/identity.passkeys/operations/types/index.js +3 -0
  158. package/components/identity.passkeys/operations/types/index.js.map +1 -0
  159. package/components/identity.passkeys/operations/use.d.ts +16 -0
  160. package/components/identity.passkeys/operations/use.js +57 -0
  161. package/components/identity.passkeys/operations/use.js.map +1 -0
  162. package/components/identity.passkeys/source/authenticate.ts +48 -0
  163. package/components/identity.passkeys/source/challenge.ts +115 -0
  164. package/components/identity.passkeys/source/create.ts +77 -0
  165. package/components/identity.passkeys/source/delete.ts +15 -0
  166. package/components/identity.passkeys/source/lib/const.ts +1 -0
  167. package/components/identity.passkeys/source/list.ts +17 -0
  168. package/components/identity.passkeys/source/types/Configuration.ts +6 -0
  169. package/components/identity.passkeys/source/types/Context.ts +16 -0
  170. package/components/identity.passkeys/source/types/Passkey.ts +14 -0
  171. package/components/identity.passkeys/source/types/index.ts +2 -0
  172. package/components/identity.passkeys/source/use.ts +75 -0
  173. package/components/identity.passkeys/tsconfig.json +9 -0
  174. package/components/identity.roles/manifest.toa.yaml +4 -2
  175. package/components/identity.roles/operations/grant.js +2 -2
  176. package/components/identity.roles/operations/grant.js.map +1 -1
  177. package/components/identity.roles/operations/tsconfig.tsbuildinfo +1 -1
  178. package/components/identity.roles/source/grant.ts +2 -2
  179. package/components/identity.tokens/manifest.toa.yaml +95 -12
  180. package/components/identity.tokens/operations/authenticate.d.ts +3 -3
  181. package/components/identity.tokens/operations/authenticate.js +15 -11
  182. package/components/identity.tokens/operations/authenticate.js.map +1 -1
  183. package/components/identity.tokens/operations/decrypt.d.ts +13 -3
  184. package/components/identity.tokens/operations/decrypt.js +65 -17
  185. package/components/identity.tokens/operations/decrypt.js.map +1 -1
  186. package/components/identity.tokens/operations/encrypt.d.ts +3 -3
  187. package/components/identity.tokens/operations/encrypt.js +24 -7
  188. package/components/identity.tokens/operations/encrypt.js.map +1 -1
  189. package/components/identity.tokens/operations/issue.d.ts +24 -0
  190. package/components/identity.tokens/operations/issue.js +59 -0
  191. package/components/identity.tokens/operations/issue.js.map +1 -0
  192. package/components/identity.tokens/operations/lib/index.d.ts +2 -0
  193. package/components/identity.tokens/operations/lib/index.js +19 -0
  194. package/components/identity.tokens/operations/lib/index.js.map +1 -0
  195. package/components/identity.tokens/operations/lib/pad.d.ts +1 -0
  196. package/components/identity.tokens/operations/lib/pad.js +5 -0
  197. package/components/identity.tokens/operations/lib/pad.js.map +1 -0
  198. package/components/identity.tokens/operations/lib/types.d.ts +75 -0
  199. package/components/identity.tokens/operations/lib/types.js.map +1 -0
  200. package/components/identity.tokens/operations/revoke.d.ts +2 -2
  201. package/components/identity.tokens/operations/revoke.js.map +1 -1
  202. package/components/identity.tokens/operations/tsconfig.tsbuildinfo +1 -1
  203. package/components/identity.tokens/source/authenticate.test.ts +22 -9
  204. package/components/identity.tokens/source/authenticate.ts +18 -13
  205. package/components/identity.tokens/source/decrypt.test.ts +33 -18
  206. package/components/identity.tokens/source/decrypt.ts +95 -20
  207. package/components/identity.tokens/source/encrypt.test.ts +51 -13
  208. package/components/identity.tokens/source/encrypt.ts +36 -11
  209. package/components/identity.tokens/source/issue.ts +82 -0
  210. package/components/identity.tokens/source/lib/index.ts +2 -0
  211. package/components/identity.tokens/source/lib/pad.ts +1 -0
  212. package/components/identity.tokens/source/lib/paseto.test.ts +16 -0
  213. package/components/identity.tokens/source/lib/types.ts +86 -0
  214. package/components/identity.tokens/source/revoke.ts +2 -2
  215. package/components/octets.storage/manifest.toa.yaml +13 -11
  216. package/components/octets.storage/operations/get.js +3 -3
  217. package/components/octets.storage/operations/head.js +7 -0
  218. package/components/octets.storage/operations/put.js +135 -0
  219. package/documentation/access.md +78 -27
  220. package/documentation/authorities.md +48 -0
  221. package/documentation/components.md +117 -42
  222. package/documentation/dev.md +30 -0
  223. package/documentation/flow.md +44 -0
  224. package/documentation/identity.md +129 -24
  225. package/documentation/introspection.md +82 -0
  226. package/documentation/io.md +42 -2
  227. package/documentation/map.md +96 -0
  228. package/documentation/notes/desync.jpg +0 -0
  229. package/documentation/notes/peers.md +59 -0
  230. package/documentation/notes/throttling.md +82 -0
  231. package/documentation/octets.md +122 -69
  232. package/documentation/passkeys.md +4 -0
  233. package/documentation/protocol.md +11 -4
  234. package/documentation/query.md +51 -4
  235. package/documentation/require.md +15 -0
  236. package/documentation/tree.md +13 -0
  237. package/features/access.feature +122 -9
  238. package/features/annotation.feature +1 -0
  239. package/features/auth.assert.feature +57 -0
  240. package/features/auth.claims.feature +170 -0
  241. package/features/auth.incept.feature +120 -0
  242. package/features/auth.input.feature +59 -0
  243. package/features/auth.issue.feature +32 -0
  244. package/features/authorities.basic.feature +141 -0
  245. package/features/authorities.feature +32 -0
  246. package/features/authorities.federation.feature +99 -0
  247. package/features/authorities.tokens.feature +117 -0
  248. package/features/body.feature +2 -0
  249. package/features/cache.feature +131 -8
  250. package/features/cors.feature +32 -7
  251. package/features/debug.feature +34 -0
  252. package/features/dev.feature +56 -0
  253. package/features/directives.feature +3 -0
  254. package/features/dynamic.feature +48 -0
  255. package/features/errors.feature +29 -6
  256. package/features/etag.feature +140 -1
  257. package/features/flow.feature +148 -0
  258. package/features/identity.bans.feature +12 -3
  259. package/features/identity.basic.feature +154 -21
  260. package/features/identity.feature +18 -6
  261. package/features/identity.federation.feature +134 -44
  262. package/features/identity.otp.feature +71 -0
  263. package/features/identity.roles.feature +81 -20
  264. package/features/identity.tokens.feature +11 -97
  265. package/features/identtiy.tokens.custom.feature +247 -0
  266. package/features/interruptions.feature +19 -0
  267. package/features/introspection.feature +153 -0
  268. package/features/io.feature +9 -1
  269. package/features/io.throttle.feature +40 -0
  270. package/features/map.feature +328 -0
  271. package/features/methods.feature +47 -0
  272. package/features/octets.cloudinary.feature +223 -0
  273. package/features/octets.download.feature +189 -0
  274. package/features/octets.entries.feature +13 -55
  275. package/features/octets.feature +70 -114
  276. package/features/octets.head.feature +40 -0
  277. package/features/octets.location.feature +83 -0
  278. package/features/octets.meta.feature +65 -15
  279. package/features/octets.workflows.feature +344 -66
  280. package/features/passkeys.feature +66 -0
  281. package/features/probes.feature +14 -0
  282. package/features/{queries.feature → query.feature} +142 -2
  283. package/features/realtime.feature +34 -0
  284. package/features/require.feature +67 -0
  285. package/features/response.feature +34 -2
  286. package/features/routes.feature +93 -2
  287. package/features/server.feature +21 -0
  288. package/features/steps/.env.example +5 -0
  289. package/features/steps/Common.ts +4 -0
  290. package/features/steps/Gateway.ts +26 -7
  291. package/features/steps/HTTP.ts +26 -3
  292. package/features/steps/IDP.ts +334 -0
  293. package/features/steps/Identity.ts +51 -0
  294. package/features/steps/OTP.ts +39 -0
  295. package/features/steps/Parameters.ts +88 -2
  296. package/features/steps/Realtime.ts +151 -0
  297. package/features/steps/components/echo/manifest.toa.yaml +12 -0
  298. package/features/steps/components/echo/operations/echo.js +7 -0
  299. package/features/steps/components/echo/operations/parameters.js +7 -0
  300. package/features/steps/components/echo/operations/ping.js +7 -0
  301. package/features/steps/components/echo.beacon/manifest.toa.yaml +2 -0
  302. package/features/steps/components/echo.beacon/operations/hello.js +5 -0
  303. package/features/steps/components/greeter/manifest.toa.yaml +0 -1
  304. package/features/steps/components/octets.tester/manifest.toa.yaml +26 -3
  305. package/features/steps/components/octets.tester/operations/authority.js +7 -0
  306. package/features/steps/components/octets.tester/operations/bar.js +0 -1
  307. package/features/steps/components/octets.tester/operations/baz.js +1 -1
  308. package/features/steps/components/octets.tester/operations/echo.js +1 -1
  309. package/features/steps/components/octets.tester/operations/foo.js +2 -2
  310. package/features/steps/components/octets.tester/operations/id.js +7 -0
  311. package/features/steps/components/octets.tester/operations/identity.js +7 -0
  312. package/features/steps/components/octets.tester/operations/redirect.js +12 -0
  313. package/features/steps/components/octets.tester/operations/yex.js +16 -0
  314. package/features/steps/components/octets.tester/operations/yield.js +13 -0
  315. package/features/steps/components/pots/manifest.toa.yaml +15 -4
  316. package/features/steps/components/sequences/manifest.toa.yaml +0 -1
  317. package/features/steps/components/users/manifest.toa.yaml +4 -2
  318. package/features/steps/components/users/operations/create.js +15 -0
  319. package/features/steps/components/users.properties/manifest.toa.yaml +0 -1
  320. package/features/streams.feature +5 -0
  321. package/features/timestamps.feature +41 -0
  322. package/features/timing.feature +4 -1
  323. package/package.json +30 -18
  324. package/readme.md +19 -14
  325. package/schemas/annotation.cos.yaml +8 -1
  326. package/schemas/io/throttle.cos.yaml +36 -0
  327. package/schemas/method.cos.yaml +2 -1
  328. package/schemas/node.cos.yaml +2 -0
  329. package/schemas/octets/put.cos.yaml +28 -0
  330. package/schemas/query.cos.yaml +6 -10
  331. package/schemas/querystring.cos.yaml +1 -0
  332. package/source/Annotation.ts +6 -3
  333. package/source/Branch.ts +1 -0
  334. package/source/Composition.ts +0 -6
  335. package/source/Context.ts +1 -0
  336. package/source/Directive.test.ts +5 -3
  337. package/source/Directive.ts +30 -6
  338. package/source/Endpoint.ts +89 -24
  339. package/source/Factory.ts +22 -13
  340. package/source/Gateway.ts +75 -19
  341. package/source/HTTP/Context.ts +32 -7
  342. package/source/HTTP/Server.ts +153 -56
  343. package/source/HTTP/exceptions.ts +25 -7
  344. package/source/HTTP/formats/index.ts +3 -4
  345. package/source/HTTP/formats/json.ts +0 -2
  346. package/source/HTTP/formats/msgpack.ts +0 -1
  347. package/source/HTTP/formats/text.ts +0 -2
  348. package/source/HTTP/formats/yaml.ts +0 -1
  349. package/source/HTTP/messages.test.ts +46 -2
  350. package/source/HTTP/messages.ts +94 -9
  351. package/source/Introspection.ts +11 -0
  352. package/source/Mapping.ts +69 -21
  353. package/source/Query.test.ts +3 -3
  354. package/source/Query.ts +131 -33
  355. package/source/RTD/Context.ts +1 -1
  356. package/source/RTD/Directives.ts +4 -0
  357. package/source/RTD/Endpoint.ts +3 -0
  358. package/source/RTD/Method.ts +16 -0
  359. package/source/RTD/Node.ts +29 -13
  360. package/source/RTD/Route.ts +12 -5
  361. package/source/RTD/Tree.ts +6 -2
  362. package/source/RTD/factory.ts +4 -1
  363. package/source/RTD/segment.ts +2 -0
  364. package/source/RTD/syntax/parse.test.ts +1 -1
  365. package/source/RTD/syntax/parse.ts +37 -24
  366. package/source/RTD/syntax/types.ts +8 -4
  367. package/source/Remotes.ts +7 -6
  368. package/source/Tenant.ts +6 -12
  369. package/source/deployment.ts +34 -24
  370. package/source/directives/auth/Anonymous.ts +3 -3
  371. package/source/directives/auth/Anyone.ts +13 -0
  372. package/source/directives/auth/Assert.ts +35 -0
  373. package/source/directives/auth/Authorization.ts +69 -26
  374. package/source/directives/auth/Delegate.ts +9 -5
  375. package/source/directives/auth/Echo.ts +16 -6
  376. package/source/directives/auth/Federation.ts +84 -0
  377. package/source/directives/auth/Id.ts +1 -1
  378. package/source/directives/auth/Incept.ts +68 -24
  379. package/source/directives/auth/Input.ts +72 -0
  380. package/source/directives/auth/Role.test.ts +1 -1
  381. package/source/directives/auth/Role.ts +5 -9
  382. package/source/directives/auth/Rule.ts +3 -5
  383. package/source/directives/auth/Scheme.ts +5 -5
  384. package/source/directives/auth/create.ts +11 -0
  385. package/source/directives/auth/schemes.ts +5 -2
  386. package/source/directives/auth/split.ts +1 -1
  387. package/source/directives/auth/types.ts +12 -7
  388. package/source/directives/cache/Cache.ts +15 -6
  389. package/source/directives/cache/Control.ts +16 -16
  390. package/source/directives/cors/CORS.ts +9 -9
  391. package/source/directives/dev/Development.ts +12 -7
  392. package/source/directives/dev/Sleep.ts +55 -0
  393. package/source/directives/dev/types.ts +1 -1
  394. package/source/directives/flow/Compose.ts +92 -0
  395. package/source/directives/flow/Fetch.ts +86 -0
  396. package/source/directives/flow/Flow.ts +42 -0
  397. package/source/directives/flow/index.ts +3 -0
  398. package/source/directives/flow/types.ts +7 -0
  399. package/source/directives/index.ts +4 -2
  400. package/source/directives/io/Directive.ts +5 -2
  401. package/source/directives/io/IO.ts +18 -6
  402. package/source/directives/io/Input.ts +9 -6
  403. package/source/directives/io/Output.ts +6 -5
  404. package/source/directives/io/Throttle.ts +32 -0
  405. package/source/directives/io/lib/throttle/Configuration.test.ts +40 -0
  406. package/source/directives/io/lib/throttle/Configuration.ts +58 -0
  407. package/source/directives/io/lib/throttle/Interval.ts +31 -0
  408. package/source/directives/io/lib/throttle/Keys.ts +40 -0
  409. package/source/directives/io/lib/throttle/Quota.ts +22 -0
  410. package/source/directives/io/lib/throttle/Quotas.test.ts +136 -0
  411. package/source/directives/io/lib/throttle/Quotas.ts +83 -0
  412. package/source/directives/io/lib/throttle/components/Component.ts +5 -0
  413. package/source/directives/io/lib/throttle/components/IP.ts +40 -0
  414. package/source/directives/io/lib/throttle/components/Path.ts +8 -0
  415. package/source/directives/io/lib/throttle/components/index.ts +13 -0
  416. package/source/directives/io/lib/throttle/conditions/Condition.ts +5 -0
  417. package/source/directives/io/lib/throttle/conditions/Status.ts +17 -0
  418. package/source/directives/io/lib/throttle/conditions/index.ts +11 -0
  419. package/source/directives/io/lib/throttle/index.ts +2 -0
  420. package/source/directives/io/schemas.test.ts +9 -0
  421. package/source/directives/io/schemas.ts +3 -0
  422. package/source/directives/map/Authority.ts +15 -0
  423. package/source/directives/map/Claims.ts +58 -0
  424. package/source/directives/map/Directive.ts +4 -0
  425. package/source/directives/map/Headers.ts +38 -0
  426. package/source/directives/map/Language.ts +42 -0
  427. package/source/directives/map/Languages.ts +11 -0
  428. package/source/directives/map/Map.ts +61 -0
  429. package/source/directives/map/Mapping.ts +19 -0
  430. package/source/directives/{vary → map}/Properties.ts +2 -4
  431. package/source/directives/map/Segments.ts +33 -0
  432. package/source/directives/map/index.ts +3 -0
  433. package/source/directives/octets/Context.ts +3 -2
  434. package/source/directives/octets/Delete.ts +21 -17
  435. package/source/directives/octets/Get.ts +96 -0
  436. package/source/directives/octets/Octets.ts +9 -12
  437. package/source/directives/octets/{Store.ts → Put.ts} +52 -38
  438. package/source/directives/octets/Workflow.ts +9 -3
  439. package/source/directives/octets/bytes.test.ts +30 -0
  440. package/source/directives/octets/bytes.ts +18 -0
  441. package/source/directives/octets/schemas.ts +4 -8
  442. package/source/directives/octets/types.ts +2 -0
  443. package/source/directives/octets/workflows/Execution.ts +62 -8
  444. package/source/directives/octets/workflows/Workflow.ts +18 -7
  445. package/source/directives/octets/workflows/index.ts +1 -1
  446. package/source/directives/require/Directive.ts +5 -0
  447. package/source/directives/require/Headers.ts +20 -0
  448. package/source/directives/require/Require.ts +28 -0
  449. package/source/directives/require/index.ts +3 -0
  450. package/source/exceptions.ts +16 -4
  451. package/source/manifest.ts +10 -11
  452. package/source/root.ts +16 -1
  453. package/source/schemas.ts +1 -1
  454. package/transpiled/Annotation.d.ts +5 -3
  455. package/transpiled/Branch.d.ts +1 -0
  456. package/transpiled/Composition.d.ts +0 -1
  457. package/transpiled/Composition.js +0 -4
  458. package/transpiled/Composition.js.map +1 -1
  459. package/transpiled/Context.d.ts +1 -0
  460. package/transpiled/Directive.d.ts +3 -0
  461. package/transpiled/Directive.js +24 -6
  462. package/transpiled/Directive.js.map +1 -1
  463. package/transpiled/Endpoint.d.ts +6 -4
  464. package/transpiled/Endpoint.js +64 -16
  465. package/transpiled/Endpoint.js.map +1 -1
  466. package/transpiled/Factory.d.ts +3 -2
  467. package/transpiled/Factory.js +18 -10
  468. package/transpiled/Factory.js.map +1 -1
  469. package/transpiled/Gateway.d.ts +3 -0
  470. package/transpiled/Gateway.js +56 -12
  471. package/transpiled/Gateway.js.map +1 -1
  472. package/transpiled/HTTP/Context.d.ts +10 -2
  473. package/transpiled/HTTP/Context.js +22 -6
  474. package/transpiled/HTTP/Context.js.map +1 -1
  475. package/transpiled/HTTP/Server.d.ts +15 -4
  476. package/transpiled/HTTP/Server.js +116 -45
  477. package/transpiled/HTTP/Server.js.map +1 -1
  478. package/transpiled/HTTP/exceptions.d.ts +13 -4
  479. package/transpiled/HTTP/exceptions.js +28 -10
  480. package/transpiled/HTTP/exceptions.js.map +1 -1
  481. package/transpiled/HTTP/formats/index.d.ts +1 -1
  482. package/transpiled/HTTP/formats/index.js +3 -3
  483. package/transpiled/HTTP/formats/index.js.map +1 -1
  484. package/transpiled/HTTP/formats/json.d.ts +1 -1
  485. package/transpiled/HTTP/formats/json.js +1 -2
  486. package/transpiled/HTTP/formats/json.js.map +1 -1
  487. package/transpiled/HTTP/formats/msgpack.d.ts +1 -1
  488. package/transpiled/HTTP/formats/msgpack.js.map +1 -1
  489. package/transpiled/HTTP/formats/text.d.ts +1 -1
  490. package/transpiled/HTTP/formats/text.js +1 -2
  491. package/transpiled/HTTP/formats/text.js.map +1 -1
  492. package/transpiled/HTTP/formats/yaml.d.ts +1 -1
  493. package/transpiled/HTTP/formats/yaml.js +1 -2
  494. package/transpiled/HTTP/formats/yaml.js.map +1 -1
  495. package/transpiled/HTTP/messages.d.ts +4 -1
  496. package/transpiled/HTTP/messages.js +65 -8
  497. package/transpiled/HTTP/messages.js.map +1 -1
  498. package/transpiled/Introspection.d.ts +9 -0
  499. package/transpiled/Introspection.js +3 -0
  500. package/transpiled/Introspection.js.map +1 -0
  501. package/transpiled/Mapping.d.ts +11 -2
  502. package/transpiled/Mapping.js +51 -19
  503. package/transpiled/Mapping.js.map +1 -1
  504. package/transpiled/Query.d.ts +12 -1
  505. package/transpiled/Query.js +93 -30
  506. package/transpiled/Query.js.map +1 -1
  507. package/transpiled/RTD/Context.d.ts +1 -1
  508. package/transpiled/RTD/Directives.d.ts +3 -0
  509. package/transpiled/RTD/Endpoint.d.ts +1 -0
  510. package/transpiled/RTD/Method.d.ts +4 -0
  511. package/transpiled/RTD/Method.js +11 -0
  512. package/transpiled/RTD/Method.js.map +1 -1
  513. package/transpiled/RTD/Node.d.ts +4 -1
  514. package/transpiled/RTD/Node.js +23 -12
  515. package/transpiled/RTD/Node.js.map +1 -1
  516. package/transpiled/RTD/Route.d.ts +2 -1
  517. package/transpiled/RTD/Route.js +7 -3
  518. package/transpiled/RTD/Route.js.map +1 -1
  519. package/transpiled/RTD/Tree.d.ts +2 -1
  520. package/transpiled/RTD/Tree.js +3 -0
  521. package/transpiled/RTD/Tree.js.map +1 -1
  522. package/transpiled/RTD/factory.js +4 -1
  523. package/transpiled/RTD/factory.js.map +1 -1
  524. package/transpiled/RTD/segment.d.ts +1 -0
  525. package/transpiled/RTD/segment.js +2 -0
  526. package/transpiled/RTD/segment.js.map +1 -1
  527. package/transpiled/RTD/syntax/parse.js +34 -22
  528. package/transpiled/RTD/syntax/parse.js.map +1 -1
  529. package/transpiled/RTD/syntax/types.d.ts +7 -3
  530. package/transpiled/RTD/syntax/types.js +1 -1
  531. package/transpiled/RTD/syntax/types.js.map +1 -1
  532. package/transpiled/Remotes.d.ts +4 -4
  533. package/transpiled/Remotes.js +6 -5
  534. package/transpiled/Remotes.js.map +1 -1
  535. package/transpiled/Tenant.d.ts +5 -4
  536. package/transpiled/Tenant.js +2 -7
  537. package/transpiled/Tenant.js.map +1 -1
  538. package/transpiled/deployment.d.ts +1 -1
  539. package/transpiled/deployment.js +29 -21
  540. package/transpiled/deployment.js.map +1 -1
  541. package/transpiled/directives/auth/Anonymous.d.ts +2 -2
  542. package/transpiled/directives/auth/Anonymous.js +2 -2
  543. package/transpiled/directives/auth/Anonymous.js.map +1 -1
  544. package/transpiled/directives/auth/Anyone.d.ts +6 -0
  545. package/transpiled/directives/auth/Anyone.js +14 -0
  546. package/transpiled/directives/auth/Anyone.js.map +1 -0
  547. package/transpiled/directives/auth/Assert.d.ts +7 -0
  548. package/transpiled/directives/auth/Assert.js +57 -0
  549. package/transpiled/directives/auth/Assert.js.map +1 -0
  550. package/transpiled/directives/auth/Authorization.d.ts +4 -3
  551. package/transpiled/directives/auth/Authorization.js +53 -23
  552. package/transpiled/directives/auth/Authorization.js.map +1 -1
  553. package/transpiled/directives/auth/Delegate.d.ts +5 -4
  554. package/transpiled/directives/auth/Delegate.js +7 -3
  555. package/transpiled/directives/auth/Delegate.js.map +1 -1
  556. package/transpiled/directives/auth/Echo.d.ts +4 -4
  557. package/transpiled/directives/auth/Echo.js +11 -4
  558. package/transpiled/directives/auth/Echo.js.map +1 -1
  559. package/transpiled/directives/auth/Federation.d.ts +16 -0
  560. package/transpiled/directives/auth/Federation.js +57 -0
  561. package/transpiled/directives/auth/Federation.js.map +1 -0
  562. package/transpiled/directives/auth/Id.d.ts +1 -1
  563. package/transpiled/directives/auth/Id.js.map +1 -1
  564. package/transpiled/directives/auth/Incept.d.ts +7 -5
  565. package/transpiled/directives/auth/Incept.js +52 -18
  566. package/transpiled/directives/auth/Incept.js.map +1 -1
  567. package/transpiled/directives/auth/Input.d.ts +13 -0
  568. package/transpiled/directives/auth/Input.js +49 -0
  569. package/transpiled/directives/auth/Input.js.map +1 -0
  570. package/transpiled/directives/auth/Role.d.ts +1 -1
  571. package/transpiled/directives/auth/Role.js +4 -6
  572. package/transpiled/directives/auth/Role.js.map +1 -1
  573. package/transpiled/directives/auth/Rule.d.ts +2 -4
  574. package/transpiled/directives/auth/Rule.js +2 -2
  575. package/transpiled/directives/auth/Rule.js.map +1 -1
  576. package/transpiled/directives/auth/Scheme.d.ts +2 -2
  577. package/transpiled/directives/auth/Scheme.js +4 -4
  578. package/transpiled/directives/auth/Scheme.js.map +1 -1
  579. package/transpiled/directives/auth/create.d.ts +2 -0
  580. package/transpiled/directives/auth/create.js +14 -0
  581. package/transpiled/directives/auth/create.js.map +1 -0
  582. package/transpiled/directives/auth/schemes.d.ts +2 -1
  583. package/transpiled/directives/auth/schemes.js +5 -2
  584. package/transpiled/directives/auth/schemes.js.map +1 -1
  585. package/transpiled/directives/auth/split.js +1 -1
  586. package/transpiled/directives/auth/split.js.map +1 -1
  587. package/transpiled/directives/auth/types.d.ts +10 -7
  588. package/transpiled/directives/cache/Cache.d.ts +3 -3
  589. package/transpiled/directives/cache/Cache.js +12 -4
  590. package/transpiled/directives/cache/Cache.js.map +1 -1
  591. package/transpiled/directives/cache/Control.d.ts +2 -2
  592. package/transpiled/directives/cache/Control.js +12 -12
  593. package/transpiled/directives/cache/Control.js.map +1 -1
  594. package/transpiled/directives/cors/CORS.js +7 -7
  595. package/transpiled/directives/cors/CORS.js.map +1 -1
  596. package/transpiled/directives/dev/Development.d.ts +1 -1
  597. package/transpiled/directives/dev/Development.js +13 -7
  598. package/transpiled/directives/dev/Development.js.map +1 -1
  599. package/transpiled/directives/dev/Sleep.d.ts +9 -0
  600. package/transpiled/directives/dev/Sleep.js +48 -0
  601. package/transpiled/directives/dev/Sleep.js.map +1 -0
  602. package/transpiled/directives/dev/types.d.ts +1 -1
  603. package/transpiled/directives/flow/Compose.d.ts +9 -0
  604. package/transpiled/directives/flow/Compose.js +94 -0
  605. package/transpiled/directives/flow/Compose.js.map +1 -0
  606. package/transpiled/directives/flow/Fetch.d.ts +12 -0
  607. package/transpiled/directives/flow/Fetch.js +58 -0
  608. package/transpiled/directives/flow/Fetch.js.map +1 -0
  609. package/transpiled/directives/flow/Flow.d.ts +10 -0
  610. package/transpiled/directives/flow/Flow.js +33 -0
  611. package/transpiled/directives/flow/Flow.js.map +1 -0
  612. package/transpiled/directives/flow/index.d.ts +2 -0
  613. package/transpiled/directives/flow/index.js +6 -0
  614. package/transpiled/directives/flow/index.js.map +1 -0
  615. package/transpiled/directives/flow/types.d.ts +6 -0
  616. package/transpiled/directives/flow/types.js.map +1 -0
  617. package/transpiled/directives/index.js +4 -2
  618. package/transpiled/directives/index.js.map +1 -1
  619. package/transpiled/directives/io/Directive.d.ts +5 -2
  620. package/transpiled/directives/io/IO.d.ts +4 -2
  621. package/transpiled/directives/io/IO.js +14 -4
  622. package/transpiled/directives/io/IO.js.map +1 -1
  623. package/transpiled/directives/io/Input.d.ts +1 -1
  624. package/transpiled/directives/io/Input.js +5 -3
  625. package/transpiled/directives/io/Input.js.map +1 -1
  626. package/transpiled/directives/io/Output.d.ts +1 -1
  627. package/transpiled/directives/io/Output.js +3 -3
  628. package/transpiled/directives/io/Output.js.map +1 -1
  629. package/transpiled/directives/io/Throttle.d.ts +11 -0
  630. package/transpiled/directives/{octets/Permute.js → io/Throttle.js} +21 -28
  631. package/transpiled/directives/io/Throttle.js.map +1 -0
  632. package/transpiled/directives/io/lib/throttle/Configuration.d.ts +23 -0
  633. package/transpiled/directives/io/lib/throttle/Configuration.js +27 -0
  634. package/transpiled/directives/io/lib/throttle/Configuration.js.map +1 -0
  635. package/transpiled/directives/io/lib/throttle/Interval.d.ts +9 -0
  636. package/transpiled/directives/io/lib/throttle/Interval.js +31 -0
  637. package/transpiled/directives/io/lib/throttle/Interval.js.map +1 -0
  638. package/transpiled/directives/io/lib/throttle/Keys.d.ts +12 -0
  639. package/transpiled/directives/io/lib/throttle/Keys.js +34 -0
  640. package/transpiled/directives/io/lib/throttle/Keys.js.map +1 -0
  641. package/transpiled/directives/io/lib/throttle/Quota.d.ts +8 -0
  642. package/transpiled/directives/io/lib/throttle/Quota.js +22 -0
  643. package/transpiled/directives/io/lib/throttle/Quota.js.map +1 -0
  644. package/transpiled/directives/io/lib/throttle/Quotas.d.ts +26 -0
  645. package/transpiled/directives/io/lib/throttle/Quotas.js +61 -0
  646. package/transpiled/directives/io/lib/throttle/Quotas.js.map +1 -0
  647. package/transpiled/directives/io/lib/throttle/components/Component.d.ts +4 -0
  648. package/transpiled/directives/io/lib/throttle/components/Component.js +3 -0
  649. package/transpiled/directives/io/lib/throttle/components/Component.js.map +1 -0
  650. package/transpiled/directives/io/lib/throttle/components/IP.d.ts +6 -0
  651. package/transpiled/directives/io/lib/throttle/components/IP.js +33 -0
  652. package/transpiled/directives/io/lib/throttle/components/IP.js.map +1 -0
  653. package/transpiled/directives/io/lib/throttle/components/Path.d.ts +5 -0
  654. package/transpiled/directives/io/lib/throttle/components/Path.js +10 -0
  655. package/transpiled/directives/io/lib/throttle/components/Path.js.map +1 -0
  656. package/transpiled/directives/io/lib/throttle/components/index.d.ts +5 -0
  657. package/transpiled/directives/io/lib/throttle/components/index.js +10 -0
  658. package/transpiled/directives/io/lib/throttle/components/index.js.map +1 -0
  659. package/transpiled/directives/io/lib/throttle/conditions/Condition.d.ts +4 -0
  660. package/transpiled/directives/io/lib/throttle/conditions/Condition.js +3 -0
  661. package/transpiled/directives/io/lib/throttle/conditions/Condition.js.map +1 -0
  662. package/transpiled/directives/io/lib/throttle/conditions/Status.d.ts +7 -0
  663. package/transpiled/directives/io/lib/throttle/conditions/Status.js +19 -0
  664. package/transpiled/directives/io/lib/throttle/conditions/Status.js.map +1 -0
  665. package/transpiled/directives/io/lib/throttle/conditions/index.d.ts +5 -0
  666. package/transpiled/directives/io/lib/throttle/conditions/index.js +8 -0
  667. package/transpiled/directives/io/lib/throttle/conditions/index.js.map +1 -0
  668. package/transpiled/directives/io/lib/throttle/index.d.ts +2 -0
  669. package/transpiled/directives/io/lib/throttle/index.js +8 -0
  670. package/transpiled/directives/io/lib/throttle/index.js.map +1 -0
  671. package/transpiled/directives/io/schemas.d.ts +2 -0
  672. package/transpiled/directives/io/schemas.js +2 -1
  673. package/transpiled/directives/io/schemas.js.map +1 -1
  674. package/transpiled/directives/map/Authority.d.ts +6 -0
  675. package/transpiled/directives/map/Authority.js +19 -0
  676. package/transpiled/directives/map/Authority.js.map +1 -0
  677. package/transpiled/directives/map/Claims.d.ts +10 -0
  678. package/transpiled/directives/map/Claims.js +44 -0
  679. package/transpiled/directives/map/Claims.js.map +1 -0
  680. package/transpiled/directives/map/Directive.d.ts +3 -0
  681. package/transpiled/directives/map/Directive.js.map +1 -0
  682. package/transpiled/directives/map/Headers.d.ts +7 -0
  683. package/transpiled/directives/map/Headers.js +34 -0
  684. package/transpiled/directives/map/Headers.js.map +1 -0
  685. package/transpiled/directives/map/Language.d.ts +10 -0
  686. package/transpiled/directives/map/Language.js +38 -0
  687. package/transpiled/directives/map/Language.js.map +1 -0
  688. package/transpiled/directives/map/Languages.d.ts +4 -0
  689. package/transpiled/directives/map/Languages.js +17 -0
  690. package/transpiled/directives/map/Languages.js.map +1 -0
  691. package/transpiled/directives/map/Map.d.ts +13 -0
  692. package/transpiled/directives/map/Map.js +46 -0
  693. package/transpiled/directives/map/Map.js.map +1 -0
  694. package/transpiled/directives/map/Mapping.d.ts +13 -0
  695. package/transpiled/directives/map/Mapping.js +13 -0
  696. package/transpiled/directives/map/Mapping.js.map +1 -0
  697. package/transpiled/directives/{vary → map}/Properties.d.ts +2 -2
  698. package/transpiled/directives/{vary → map}/Properties.js +1 -3
  699. package/transpiled/directives/map/Properties.js.map +1 -0
  700. package/transpiled/directives/map/Segments.d.ts +6 -0
  701. package/transpiled/directives/map/Segments.js +30 -0
  702. package/transpiled/directives/map/Segments.js.map +1 -0
  703. package/transpiled/directives/map/index.d.ts +2 -0
  704. package/transpiled/directives/map/index.js +6 -0
  705. package/transpiled/directives/map/index.js.map +1 -0
  706. package/transpiled/directives/octets/Context.js +4 -24
  707. package/transpiled/directives/octets/Context.js.map +1 -1
  708. package/transpiled/directives/octets/Delete.js +15 -12
  709. package/transpiled/directives/octets/Delete.js.map +1 -1
  710. package/transpiled/directives/octets/{Fetch.d.ts → Get.d.ts} +5 -6
  711. package/transpiled/directives/octets/{Fetch.js → Get.js} +34 -30
  712. package/transpiled/directives/octets/Get.js.map +1 -0
  713. package/transpiled/directives/octets/Octets.js +9 -12
  714. package/transpiled/directives/octets/Octets.js.map +1 -1
  715. package/transpiled/directives/octets/{Store.d.ts → Put.d.ts} +8 -2
  716. package/transpiled/directives/octets/{Store.js → Put.js} +33 -27
  717. package/transpiled/directives/octets/Put.js.map +1 -0
  718. package/transpiled/directives/octets/Workflow.js +7 -2
  719. package/transpiled/directives/octets/Workflow.js.map +1 -1
  720. package/transpiled/directives/octets/bytes.d.ts +1 -0
  721. package/transpiled/directives/octets/bytes.js +21 -0
  722. package/transpiled/directives/octets/bytes.js.map +1 -0
  723. package/transpiled/directives/octets/schemas.d.ts +4 -8
  724. package/transpiled/directives/octets/schemas.js +3 -6
  725. package/transpiled/directives/octets/schemas.js.map +1 -1
  726. package/transpiled/directives/octets/types.d.ts +2 -0
  727. package/transpiled/directives/octets/workflows/Execution.d.ts +7 -1
  728. package/transpiled/directives/octets/workflows/Execution.js +44 -9
  729. package/transpiled/directives/octets/workflows/Execution.js.map +1 -1
  730. package/transpiled/directives/octets/workflows/Workflow.d.ts +8 -3
  731. package/transpiled/directives/octets/workflows/Workflow.js +10 -4
  732. package/transpiled/directives/octets/workflows/Workflow.js.map +1 -1
  733. package/transpiled/directives/octets/workflows/index.d.ts +1 -1
  734. package/transpiled/directives/octets/workflows/index.js.map +1 -1
  735. package/transpiled/directives/require/Directive.d.ts +4 -0
  736. package/transpiled/directives/require/Directive.js +3 -0
  737. package/transpiled/directives/require/Directive.js.map +1 -0
  738. package/transpiled/directives/require/Headers.d.ts +7 -0
  739. package/transpiled/directives/require/Headers.js +19 -0
  740. package/transpiled/directives/require/Headers.js.map +1 -0
  741. package/transpiled/directives/require/Require.d.ts +9 -0
  742. package/transpiled/directives/require/Require.js +27 -0
  743. package/transpiled/directives/require/Require.js.map +1 -0
  744. package/transpiled/directives/require/index.d.ts +2 -0
  745. package/transpiled/directives/require/index.js +6 -0
  746. package/transpiled/directives/require/index.js.map +1 -0
  747. package/transpiled/exceptions.js +11 -2
  748. package/transpiled/exceptions.js.map +1 -1
  749. package/transpiled/manifest.js +10 -11
  750. package/transpiled/manifest.js.map +1 -1
  751. package/transpiled/root.js +16 -1
  752. package/transpiled/root.js.map +1 -1
  753. package/transpiled/schemas.d.ts +1 -1
  754. package/transpiled/schemas.js +2 -2
  755. package/transpiled/schemas.js.map +1 -1
  756. package/transpiled/tsconfig.tsbuildinfo +1 -1
  757. package/components/identity.basic/operations/create.d.ts +0 -10
  758. package/components/identity.basic/operations/create.js +0 -10
  759. package/components/identity.basic/operations/create.js.map +0 -1
  760. package/components/identity.basic/source/create.ts +0 -18
  761. package/components/identity.federation/operations/create.d.ts +0 -10
  762. package/components/identity.federation/operations/create.js +0 -15
  763. package/components/identity.federation/operations/create.js.map +0 -1
  764. package/components/identity.federation/operations/lib/assertions-as-values.d.ts +0 -4
  765. package/components/identity.federation/operations/lib/assertions-as-values.js.map +0 -1
  766. package/components/identity.federation/operations/lib/jwt.d.ts +0 -20
  767. package/components/identity.federation/operations/lib/jwt.js +0 -136
  768. package/components/identity.federation/operations/lib/jwt.js.map +0 -1
  769. package/components/identity.federation/operations/schemas.d.ts +0 -59
  770. package/components/identity.federation/operations/schemas.js +0 -9
  771. package/components/identity.federation/operations/schemas.js.map +0 -1
  772. package/components/identity.federation/operations/types.d.ts +0 -51
  773. package/components/identity.federation/operations/types.js.map +0 -1
  774. package/components/identity.federation/source/create.ts +0 -26
  775. package/components/identity.federation/source/lib/assertions-as-values.ts +0 -19
  776. package/components/identity.federation/source/lib/jwt.test.ts +0 -56
  777. package/components/identity.federation/source/lib/jwt.ts +0 -171
  778. package/components/identity.federation/source/schemas.ts +0 -61
  779. package/components/identity.federation/source/types.ts +0 -56
  780. package/components/identity.tokens/operations/types.d.ts +0 -39
  781. package/components/identity.tokens/operations/types.js.map +0 -1
  782. package/components/identity.tokens/source/types.ts +0 -47
  783. package/components/octets.storage/operations/fetch.js +0 -46
  784. package/components/octets.storage/operations/list.js +0 -7
  785. package/components/octets.storage/operations/permute.js +0 -7
  786. package/components/octets.storage/operations/store.js +0 -11
  787. package/documentation/vary.md +0 -75
  788. package/features/steps/IdP.ts +0 -154
  789. package/features/steps/components/octets.tester/operations/diversify.js +0 -14
  790. package/features/vary.feature +0 -203
  791. package/schemas/octets/context.cos.yaml +0 -1
  792. package/schemas/octets/fetch.cos.yaml +0 -3
  793. package/schemas/octets/permute.cos.yaml +0 -1
  794. package/schemas/octets/store.cos.yaml +0 -3
  795. package/source/HTTP/Server.test.ts +0 -126
  796. package/source/directives/octets/Fetch.ts +0 -100
  797. package/source/directives/octets/List.ts +0 -72
  798. package/source/directives/octets/Permute.ts +0 -44
  799. package/source/directives/vary/Directive.ts +0 -7
  800. package/source/directives/vary/Embed.ts +0 -68
  801. package/source/directives/vary/Vary.ts +0 -50
  802. package/source/directives/vary/embeddings/Embedding.ts +0 -7
  803. package/source/directives/vary/embeddings/Header.ts +0 -32
  804. package/source/directives/vary/embeddings/Language.ts +0 -31
  805. package/source/directives/vary/embeddings/Parameter.ts +0 -14
  806. package/source/directives/vary/embeddings/index.ts +0 -11
  807. package/source/directives/vary/index.ts +0 -3
  808. package/transpiled/directives/octets/Fetch.js.map +0 -1
  809. package/transpiled/directives/octets/List.d.ts +0 -16
  810. package/transpiled/directives/octets/List.js +0 -74
  811. package/transpiled/directives/octets/List.js.map +0 -1
  812. package/transpiled/directives/octets/Permute.d.ts +0 -11
  813. package/transpiled/directives/octets/Permute.js.map +0 -1
  814. package/transpiled/directives/octets/Store.js.map +0 -1
  815. package/transpiled/directives/vary/Directive.d.ts +0 -6
  816. package/transpiled/directives/vary/Directive.js.map +0 -1
  817. package/transpiled/directives/vary/Embed.d.ts +0 -11
  818. package/transpiled/directives/vary/Embed.js +0 -51
  819. package/transpiled/directives/vary/Embed.js.map +0 -1
  820. package/transpiled/directives/vary/Properties.js.map +0 -1
  821. package/transpiled/directives/vary/Vary.d.ts +0 -10
  822. package/transpiled/directives/vary/Vary.js +0 -36
  823. package/transpiled/directives/vary/Vary.js.map +0 -1
  824. package/transpiled/directives/vary/embeddings/Embedding.d.ts +0 -6
  825. package/transpiled/directives/vary/embeddings/Embedding.js.map +0 -1
  826. package/transpiled/directives/vary/embeddings/Header.d.ts +0 -7
  827. package/transpiled/directives/vary/embeddings/Header.js +0 -28
  828. package/transpiled/directives/vary/embeddings/Header.js.map +0 -1
  829. package/transpiled/directives/vary/embeddings/Language.d.ts +0 -7
  830. package/transpiled/directives/vary/embeddings/Language.js +0 -28
  831. package/transpiled/directives/vary/embeddings/Language.js.map +0 -1
  832. package/transpiled/directives/vary/embeddings/Parameter.d.ts +0 -7
  833. package/transpiled/directives/vary/embeddings/Parameter.js +0 -14
  834. package/transpiled/directives/vary/embeddings/Parameter.js.map +0 -1
  835. package/transpiled/directives/vary/embeddings/index.d.ts +0 -5
  836. package/transpiled/directives/vary/embeddings/index.js +0 -12
  837. package/transpiled/directives/vary/embeddings/index.js.map +0 -1
  838. package/transpiled/directives/vary/index.d.ts +0 -2
  839. package/transpiled/directives/vary/index.js +0 -6
  840. package/transpiled/directives/vary/index.js.map +0 -1
  841. /package/components/{identity.federation/operations → identity.tokens/operations/lib}/types.js +0 -0
  842. /package/schemas/octets/{list.cos.yaml → get.cos.yaml} +0 -0
  843. /package/{components/identity.tokens/operations → transpiled/directives/flow}/types.js +0 -0
  844. /package/transpiled/directives/{vary → map}/Directive.js +0 -0
package/components/identity.basic/operations/create.d.ts DELETED
@@ -1,10 +0,0 @@
1
- import { type Context } from './types';
2
- export declare function effect(input: CreateInput, context: Context): Promise<CreateOutput>;
3
- interface CreateInput {
4
- id: string;
5
- credentials: string;
6
- }
7
- interface CreateOutput {
8
- id: string;
9
- }
10
- export {};
package/components/identity.basic/operations/create.js DELETED
@@ -1,10 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.effect = void 0;
4
- async function effect(input, context) {
5
- const [username, password] = atob(input.credentials).split(':');
6
- const request = { input: { username, password }, query: { id: input.id } };
7
- return await context.local.transit(request);
8
- }
9
- exports.effect = effect;
10
- //# sourceMappingURL=create.js.map
package/components/identity.basic/operations/create.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"create.js","sourceRoot":"","sources":["../source/create.ts"],"names":[],"mappings":";;;AAEO,KAAK,UAAU,MAAM,CAC3B,KAAkB,EAAE,OAAgB;IACnC,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC/D,MAAM,OAAO,GAAG,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE,EAAE,CAAA;IAE1E,OAAO,MAAM,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;AAC7C,CAAC;AAND,wBAMC"}
package/components/identity.basic/source/create.ts DELETED
@@ -1,18 +0,0 @@
1
- import { type Context } from './types'
2
-
3
- export async function effect
4
- (input: CreateInput, context: Context): Promise<CreateOutput> {
5
- const [username, password] = atob(input.credentials).split(':')
6
- const request = { input: { username, password }, query: { id: input.id } }
7
-
8
- return await context.local.transit(request)
9
- }
10
-
11
- interface CreateInput {
12
- id: string
13
- credentials: string
14
- }
15
-
16
- interface CreateOutput {
17
- id: string
18
- }
package/components/identity.federation/operations/create.d.ts DELETED
@@ -1,10 +0,0 @@
1
- import type { Context } from './types';
2
- interface CreateInput {
3
- id: string;
4
- credentials: string;
5
- }
6
- interface CreateOutput {
7
- id: string;
8
- }
9
- export declare const effect: (input: CreateInput, context: Context) => Promise<Error | Promise<CreateOutput>>;
10
- export {};
package/components/identity.federation/operations/create.js DELETED
@@ -1,15 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.effect = void 0;
4
- const assertions_as_values_js_1 = require("./lib/assertions-as-values.js");
5
- const jwt_1 = require("./lib/jwt");
6
- async function create(input, context) {
7
- const { iss, sub } = await (0, jwt_1.validateIdToken)(input.credentials, context.configuration.trust);
8
- const request = {
9
- input: { iss, sub },
10
- query: { id: input.id }
11
- };
12
- return await context.local.transit(request);
13
- }
14
- exports.effect = (0, assertions_as_values_js_1.assertionsAsValues)(create);
15
- //# sourceMappingURL=create.js.map
package/components/identity.federation/operations/create.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"create.js","sourceRoot":"","sources":["../source/create.ts"],"names":[],"mappings":";;;AAAA,2EAAkE;AAClE,mCAA2C;AAI3C,KAAK,UAAU,MAAM,CAAE,KAAkB,EAAE,OAAgB;IACzD,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,MAAM,IAAA,qBAAe,EAAC,KAAK,CAAC,WAAW,EAAE,OAAO,CAAC,aAAa,CAAC,KAAK,CAAC,CAAA;IAE1F,MAAM,OAAO,GAAY;QACvB,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,EAA+B;QAChD,KAAK,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE;KACxB,CAAA;IAED,OAAO,MAAM,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;AAC7C,CAAC;AAWY,QAAA,MAAM,GAAG,IAAA,4CAAkB,EAAC,MAAM,CAAC,CAAA"}
package/components/identity.federation/operations/lib/assertions-as-values.d.ts DELETED
@@ -1,4 +0,0 @@
1
- /**
2
- * Wrapping function that returns assertion errors as function return value
3
- */
4
- export declare function assertionsAsValues<T extends (...args: any[]) => Promise<any>>(fn: T): (...args: Parameters<T>) => Promise<ReturnType<T> | Error>;
package/components/identity.federation/operations/lib/assertions-as-values.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"assertions-as-values.js","sourceRoot":"","sources":["../../source/lib/assertions-as-values.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAqC;AAErC;;GAEG;AACH,SAAgB,kBAAkB,CAChC,EAAK;IACL,OAAO,KAAK,EAAE,GAAG,IAAmB,EAAkC,EAAE;QACtE,IAAI,CAAC;YACH,OAAO,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC,CAAA;QAC1B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAElB,IAAI,GAAG,YAAY,MAAM,CAAC,cAAc;gBAAE,OAAO,GAAG,CAAA;YAEpD,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC,CAAA;AACH,CAAC;AAbD,gDAaC"}
package/components/identity.federation/operations/lib/jwt.d.ts DELETED
@@ -1,20 +0,0 @@
1
- import { type JwtHeader, type IdToken } from '../types';
2
- import { type TrustConfiguration } from '../schemas';
3
- export declare function decodeJwt(token: string): {
4
- header: unknown;
5
- payload: unknown;
6
- rawHeader: string;
7
- rawPayload: string;
8
- signature: string;
9
- };
10
- export declare function validateJwtHeader(header: unknown): asserts header is JwtHeader;
11
- export declare function validateJwtPayload(payload: unknown, trusted: TrustConfiguration[] | undefined, header: JwtHeader): asserts payload is IdToken;
12
- export declare function validateSignature({ header: { kid, alg }, payload: { iss }, rawHeader, rawPayload, signature, trusted }: {
13
- readonly header: JwtHeader;
14
- rawHeader: string;
15
- readonly payload: IdToken;
16
- rawPayload: string;
17
- signature: string;
18
- trusted?: TrustConfiguration[];
19
- }): Promise<void>;
20
- export declare function validateIdToken(token: string, trusted?: TrustConfiguration[]): Promise<IdToken>;
package/components/identity.federation/operations/lib/jwt.js DELETED
@@ -1,136 +0,0 @@
1
- "use strict";
2
- var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
- if (k2 === undefined) k2 = k;
4
- var desc = Object.getOwnPropertyDescriptor(m, k);
5
- if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
- desc = { enumerable: true, get: function() { return m[k]; } };
7
- }
8
- Object.defineProperty(o, k2, desc);
9
- }) : (function(o, m, k, k2) {
10
- if (k2 === undefined) k2 = k;
11
- o[k2] = m[k];
12
- }));
13
- var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
- Object.defineProperty(o, "default", { enumerable: true, value: v });
15
- }) : function(o, v) {
16
- o["default"] = v;
17
- });
18
- var __importStar = (this && this.__importStar) || function (mod) {
19
- if (mod && mod.__esModule) return mod;
20
- var result = {};
21
- if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
- __setModuleDefault(result, mod);
23
- return result;
24
- };
25
- var __importDefault = (this && this.__importDefault) || function (mod) {
26
- return (mod && mod.__esModule) ? mod : { "default": mod };
27
- };
28
- Object.defineProperty(exports, "__esModule", { value: true });
29
- exports.validateIdToken = exports.validateSignature = exports.validateJwtPayload = exports.validateJwtHeader = exports.decodeJwt = void 0;
30
- const node_crypto_1 = __importDefault(require("node:crypto"));
31
- const assert = __importStar(require("node:assert"));
32
- function decodeJwt(token) {
33
- const [rawHeader, rawPayload, signature] = token.split('.', 3);
34
- const header = JSON.parse(Buffer.from(rawHeader, 'base64url').toString());
35
- const payload = JSON.parse(Buffer.from(rawPayload, 'base64url').toString());
36
- return { header, payload, rawHeader, rawPayload, signature };
37
- }
38
- exports.decodeJwt = decodeJwt;
39
- function validateJwtHeader(header) {
40
- assert.ok(header !== null && typeof header === 'object', 'Header is not an object');
41
- assert.ok('alg' in header, 'Header is missing alg');
42
- assert.ok(typeof header.alg === 'string', 'Header alg is not a string');
43
- assert.match(header.alg, /^RS256|HS\d{3}$/, `Unknown algorithm ${header.alg}`);
44
- assert.ok(!('kid' in header) || typeof header.kid === 'string', 'kid must be a string if present');
45
- }
46
- exports.validateJwtHeader = validateJwtHeader;
47
- function validateJwtPayload(payload, trusted = [], header) {
48
- assert.ok(trusted.length > 0, 'No trusted issuers provided');
49
- // full list of validations is
50
- // at https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation
51
- assert.ok(payload !== null && typeof payload === 'object', 'Payload is not an object');
52
- assert.ok('iss' in payload, 'Payload is missing iss');
53
- assert.ok(typeof payload.iss === 'string', 'Payload iss is not a string');
54
- assert.ok('aud' in payload, 'Payload is missing aud');
55
- assert.ok(typeof payload.aud === 'string', 'Payload aud is not a string');
56
- const issuer = trusted.find((config) => config.issuer === payload.iss);
57
- assert.ok(issuer !== undefined &&
58
- (issuer.audience === undefined || issuer.audience.some((a) => a === payload.aud),
59
- `Unknown issuer / audience: ${payload.iss} / ${payload.aud}`));
60
- if (header.alg.startsWith('HS')) {
61
- const secrets = issuer.secrets;
62
- assert.ok(secrets, `We don't have known secrets for ${payload.iss}`);
63
- const keys = secrets[header.alg];
64
- assert.ok(keys, `No known secrets for ${header.alg}`);
65
- if (typeof header.kid === 'string')
66
- assert.ok(header.kid in keys, `No secret ${header.kid} provided for ${header.alg}`);
67
- }
68
- assert.ok('sub' in payload, 'Payload is missing sub');
69
- assert.ok(typeof payload.sub === 'string', 'Payload sub is not a string');
70
- assert.ok('exp' in payload, 'Payload is missing exp');
71
- assert.ok(typeof payload.exp === 'number', 'Payload exp is not a number');
72
- assert.ok(Date.now() < payload.exp * 1000, 'Token is expired');
73
- assert.ok('iat' in payload, 'Payload is missing iat');
74
- assert.ok(typeof payload.iat === 'number', 'Payload iat is not a number');
75
- assert.ok(Date.now() >= payload.iat * 1000, 'Token was issued in the future');
76
- assert.ok(payload.exp >= payload.iat, 'Payload exp is before iat');
77
- if ('nbf' in payload) {
78
- assert.ok(typeof payload.nbf === 'number', 'Payload nbf is not a number');
79
- assert.ok(Date.now() >= payload.nbf * 1000, 'Token is not valid yet');
80
- }
81
- }
82
- exports.validateJwtPayload = validateJwtPayload;
83
- async function validateSignature({ header: { kid, alg }, payload: { iss }, rawHeader, rawPayload, signature, trusted = [] }) {
84
- if (alg.startsWith('HS')) {
85
- // symmetric algorithm, issuer is validated at this point
86
- // eslint-disable-next-line @typescript-eslint/no-non-null-assertion -- `kid` is validated
87
- const secrets = trusted.find((c) => c.issuer === iss).secrets[alg];
88
- const secret = kid !== undefined ? secrets[kid] : Object.values(secrets)[0];
89
- const algorithm = alg.replace(/^HS(\d{3})$/, 'sha$1'); // HS256 -> sha256
90
- const hmac = node_crypto_1.default.createHmac(algorithm, secret);
91
- hmac.update(rawHeader);
92
- hmac.update('.');
93
- hmac.update(rawPayload);
94
- assert.strictEqual(signature, hmac.digest('base64url'), 'Signature does not match');
95
- return;
96
- }
97
- // Getting issuer public keys
98
- const oidcRequest = await fetch(`${iss}/.well-known/openid-configuration`, {
99
- cache: 'default'
100
- });
101
- assert.ok(oidcRequest.ok, `Failed to fetch OpenID configuration: ${oidcRequest.statusText}`);
102
- const { jwks_uri: jwksUri } = (await oidcRequest.json());
103
- const jwkRequest = await fetch(jwksUri, { cache: 'default' });
104
- assert.ok(jwkRequest.ok, `Failed to fetch issuer keys: ${jwkRequest.statusText}`);
105
- const { keys } = (await jwkRequest.json());
106
- // getting corresponding signing key
107
- const signingKeys = keys.filter((k) => k.use === 'sig' && k.alg === alg);
108
- assert.ok(signingKeys.length > 0, 'No acceptable signing keys found');
109
- assert.ok(kid === undefined || signingKeys.length === 1, 'Signing key selection is not deterministic');
110
- const signingKey = kid === undefined ? signingKeys.find((k) => k.kid === kid) : keys[0];
111
- assert.ok(signingKey, 'Signing key was not found in issuer keys');
112
- const verifyFunction = node_crypto_1.default.createVerify('RSA-SHA256');
113
- verifyFunction.write(rawHeader);
114
- verifyFunction.write('.');
115
- verifyFunction.write(rawPayload);
116
- verifyFunction.end();
117
- const signatureValid = verifyFunction.verify({ format: 'jwk', key: signingKey }, signature, 'base64url');
118
- assert.ok(signatureValid, 'Failed to validate signature');
119
- }
120
- exports.validateSignature = validateSignature;
121
- async function validateIdToken(token, trusted) {
122
- const { header, payload, rawHeader, rawPayload, signature } = decodeJwt(token);
123
- validateJwtHeader(header);
124
- validateJwtPayload(payload, trusted, header);
125
- await validateSignature({
126
- header,
127
- rawHeader,
128
- payload,
129
- rawPayload,
130
- signature,
131
- trusted
132
- });
133
- return payload;
134
- }
135
- exports.validateIdToken = validateIdToken;
136
- //# sourceMappingURL=jwt.js.map
package/components/identity.federation/operations/lib/jwt.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"jwt.js","sourceRoot":"","sources":["../../source/lib/jwt.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8DAAgC;AAChC,oDAAqC;AAIrC,SAAgB,SAAS,CAAE,KAAa;IAOtC,MAAM,CAAC,SAAS,EAAE,UAAU,EAAE,SAAS,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAA;IAE9D,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAA;IACzE,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAA;IAE3E,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,CAAA;AAC9D,CAAC;AAbD,8BAaC;AAED,SAAgB,iBAAiB,CAAE,MAAe;IAChD,MAAM,CAAC,EAAE,CAAC,MAAM,KAAK,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,yBAAyB,CAAC,CAAA;IACnF,MAAM,CAAC,EAAE,CAAC,KAAK,IAAI,MAAM,EAAE,uBAAuB,CAAC,CAAA;IACnD,MAAM,CAAC,EAAE,CAAC,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ,EAAE,4BAA4B,CAAC,CAAA;IACvE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,iBAAiB,EAAE,qBAAqB,MAAM,CAAC,GAAG,EAAE,CAAC,CAAA;IAC9E,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,IAAI,MAAM,CAAC,IAAI,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ,EAAE,iCAAiC,CAAC,CAAA;AACpG,CAAC;AAND,8CAMC;AAED,SAAgB,kBAAkB,CAAE,OAAgB,EAClD,UAAgC,EAAE,EAClC,MAAiB;IACjB,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,6BAA6B,CAAC,CAAA;IAE5D,8BAA8B;IAC9B,6EAA6E;IAC7E,MAAM,CAAC,EAAE,CAAC,OAAO,KAAK,IAAI,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,0BAA0B,CAAC,CAAA;IAEtF,MAAM,CAAC,EAAE,CAAC,KAAK,IAAI,OAAO,EAAE,wBAAwB,CAAC,CAAA;IACrD,MAAM,CAAC,EAAE,CAAC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,6BAA6B,CAAC,CAAA;IACzE,MAAM,CAAC,EAAE,CAAC,KAAK,IAAI,OAAO,EAAE,wBAAwB,CAAC,CAAA;IACrD,MAAM,CAAC,EAAE,CAAC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,6BAA6B,CAAC,CAAA;IAEzE,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,KAAK,OAAO,CAAC,GAAG,CAAC,CAAA;IAEtE,MAAM,CAAC,EAAE,CAAC,MAAM,KAAK,SAAS;QAC1B,CAAC,MAAM,CAAC,QAAQ,KAAK,SAAS,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,OAAO,CAAC,GAAG,CAAC;YAChF,8BAA8B,OAAO,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAA;IAElE,IAAI,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAChC,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAA;QAE9B,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,mCAAmC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAA;QAEpE,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;QAEhC,MAAM,CAAC,EAAE,CAAC,IAAI,EAAE,wBAAwB,MAAM,CAAC,GAAG,EAAE,CAAC,CAAA;QAErD,IAAI,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ;YAChC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,IAAI,IAAI,EAAE,aAAa,MAAM,CAAC,GAAG,iBAAiB,MAAM,CAAC,GAAG,EAAE,CAAC,CAAA;IACvF,CAAC;IAED,MAAM,CAAC,EAAE,CAAC,KAAK,IAAI,OAAO,EAAE,wBAAwB,CAAC,CAAA;IACrD,MAAM,CAAC,EAAE,CAAC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,6BAA6B,CAAC,CAAA;IAEzE,MAAM,CAAC,EAAE,CAAC,KAAK,IAAI,OAAO,EAAE,wBAAwB,CAAC,CAAA;IACrD,MAAM,CAAC,EAAE,CAAC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,6BAA6B,CAAC,CAAA;IACzE,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,GAAG,IAAI,EAAE,kBAAkB,CAAC,CAAA;IAE9D,MAAM,CAAC,EAAE,CAAC,KAAK,IAAI,OAAO,EAAE,wBAAwB,CAAC,CAAA;IACrD,MAAM,CAAC,EAAE,CAAC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,6BAA6B,CAAC,CAAA;IACzE,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,OAAO,CAAC,GAAG,GAAG,IAAI,EAAE,gCAAgC,CAAC,CAAA;IAC7E,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,2BAA2B,CAAC,CAAA;IAElE,IAAI,KAAK,IAAI,OAAO,EAAE,CAAC;QACrB,MAAM,CAAC,EAAE,CAAC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,6BAA6B,CAAC,CAAA;QACzE,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,OAAO,CAAC,GAAG,GAAG,IAAI,EAAE,wBAAwB,CAAC,CAAA;IACvE,CAAC;AACH,CAAC;AAjDD,gDAiDC;AAEM,KAAK,UAAU,iBAAiB,CAAE,EACvC,MAAM,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,EACpB,OAAO,EAAE,EAAE,GAAG,EAAE,EAChB,SAAS,EACT,UAAU,EACV,SAAS,EACT,OAAO,GAAG,EAAE,EAQb;IACC,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACzB,yDAAyD;QACzD,0FAA0F;QAC1F,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,GAAG,CAAE,CAAC,OAAQ,CAAC,GAAG,CAAC,CAAA;QACpE,MAAM,MAAM,GAAG,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAA;QAC3E,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,CAAA,CAAC,kBAAkB;QACxE,MAAM,IAAI,GAAG,qBAAM,CAAC,UAAU,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;QAEjD,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;QACtB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;QAChB,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAA;QACvB,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,0BAA0B,CAAC,CAAA;QAEnF,OAAM;IACR,CAAC;IAED,6BAA6B;IAC7B,MAAM,WAAW,GAAG,MAAM,KAAK,CAAC,GAAG,GAAG,mCAAmC,EAAE;QACzE,KAAK,EAAE,SAAS;KACjB,CAAC,CAAA;IAEF,MAAM,CAAC,EAAE,CAAC,WAAW,CAAC,EAAE,EACtB,yCAAyC,WAAW,CAAC,UAAU,EAAE,CAAC,CAAA;IAEpE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,CAAC,MAAM,WAAW,CAAC,IAAI,EAAE,CAAyB,CAAA;IAEhF,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAA;IAE7D,MAAM,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,EAAE,gCAAgC,UAAU,CAAC,UAAU,EAAE,CAAC,CAAA;IAEjF,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,MAAM,UAAU,CAAC,IAAI,EAAE,CAExC,CAAA;IAED,oCAAoC;IACpC,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,KAAK,IAAI,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAA;IAExE,MAAM,CAAC,EAAE,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,kCAAkC,CAAC,CAAA;IAErE,MAAM,CAAC,EAAE,CAAC,GAAG,KAAK,SAAS,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EACrD,4CAA4C,CAAC,CAAA;IAE/C,MAAM,UAAU,GAAG,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IAEvF,MAAM,CAAC,EAAE,CAAC,UAAU,EAAE,0CAA0C,CAAC,CAAA;IAEjE,MAAM,cAAc,GAAG,qBAAM,CAAC,YAAY,CAAC,YAAY,CAAC,CAAA;IAExD,cAAc,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;IAC/B,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACzB,cAAc,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;IAChC,cAAc,CAAC,GAAG,EAAE,CAAA;IAEpB,MAAM,cAAc,GAAG,cAAc,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,UAAU,EAAE,EAC7E,SAAS,EACT,WAAW,CAAC,CAAA;IAEd,MAAM,CAAC,EAAE,CAAC,cAAc,EAAE,8BAA8B,CAAC,CAAA;AAC3D,CAAC;AAzED,8CAyEC;AAEM,KAAK,UAAU,eAAe,CAAE,KAAa,EAClD,OAA8B;IAC9B,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,CAAA;IAE9E,iBAAiB,CAAC,MAAM,CAAC,CAAA;IACzB,kBAAkB,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAA;IAC5C,MAAM,iBAAiB,CAAC;QACtB,MAAM;QACN,SAAS;QACT,OAAO;QACP,UAAU;QACV,SAAS;QACT,OAAO;KACR,CAAC,CAAA;IAEF,OAAO,OAAO,CAAA;AAChB,CAAC;AAhBD,0CAgBC"}
package/components/identity.federation/operations/schemas.d.ts DELETED
@@ -1,59 +0,0 @@
1
- /**
2
- * This file was automatically generated by json-schema-to-typescript.
3
- * DO NOT MODIFY IT BY HAND. Instead, modify the source JSONSchema file,
4
- * and run json-schema-to-typescript to regenerate this file.
5
- */
6
- export interface Schemas {
7
- configuration?: {
8
- trust?: TrustConfiguration[];
9
- /**
10
- * Force identities to be explicitly created or incept before being used in authentication
11
- */
12
- explicit_identity_creation?: boolean;
13
- /**
14
- * The value of `sub` of an identity token that will be assigned the `system` Role
15
- */
16
- principal?: {
17
- iss: string;
18
- sub: string;
19
- };
20
- };
21
- entity?: {
22
- /**
23
- * The issuer, or signer, of the token, URI like `https://accounts.google.com`
24
- */
25
- iss: string;
26
- /**
27
- * the ID that represents the principal making the request
28
- */
29
- sub: string;
30
- };
31
- }
32
- export interface TrustConfiguration {
33
- /**
34
- * Allowed origins for a token `iss` field
35
- */
36
- issuer: string;
37
- /**
38
- * Acceptable `aud` value(s)
39
- *
40
- * @minItems 1
41
- */
42
- audience?: [string, ...string[]];
43
- /**
44
- * Symmetric encryption secrets
45
- */
46
- secrets?: {
47
- /**
48
- * This interface was referenced by `undefined`'s JSON-Schema definition
49
- * via the `patternProperty` "^HS\d{3}$".
50
- */
51
- [k: string]: {
52
- /**
53
- * This interface was referenced by `undefined`'s JSON-Schema definition
54
- * via the `patternProperty` "^\w+$".
55
- */
56
- [k: string]: string;
57
- };
58
- };
59
- }
package/components/identity.federation/operations/schemas.js DELETED
@@ -1,9 +0,0 @@
1
- "use strict";
2
- /* eslint-disable */
3
- /**
4
- * This file was automatically generated by json-schema-to-typescript.
5
- * DO NOT MODIFY IT BY HAND. Instead, modify the source JSONSchema file,
6
- * and run json-schema-to-typescript to regenerate this file.
7
- */
8
- Object.defineProperty(exports, "__esModule", { value: true });
9
- //# sourceMappingURL=schemas.js.map
package/components/identity.federation/operations/schemas.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"schemas.js","sourceRoot":"","sources":["../source/schemas.ts"],"names":[],"mappings":";AAAA,oBAAoB;AACpB;;;;GAIG"}
package/components/identity.federation/operations/types.d.ts DELETED
@@ -1,51 +0,0 @@
1
- import { type Call, type Observation, type Query } from '@toa.io/types';
2
- import type { Schemas } from './schemas';
3
- export interface Context {
4
- local: {
5
- observe: Observation<Entity & {
6
- id: string;
7
- }>;
8
- transit: Call<TransitOutput, TransitInput>;
9
- };
10
- remote: {
11
- identity: {
12
- tokens: {
13
- revoke: Call<void, IdentityTokensRevokeInput>;
14
- };
15
- };
16
- };
17
- configuration: Required<Schemas>['configuration'];
18
- }
19
- export type Entity = Required<Schemas>['entity'];
20
- export interface TransitInput {
21
- readonly iss: string;
22
- readonly sub: string;
23
- }
24
- export interface TransitOutput {
25
- id: string;
26
- }
27
- interface IdentityTokensRevokeInput {
28
- query: Query;
29
- }
30
- export interface JwtHeader {
31
- typ?: string;
32
- alg: string;
33
- kid?: string;
34
- }
35
- /**
36
- * @see {@link https://openid.net/specs/openid-connect-core-1_0.html#IDToken}
37
- */
38
- export interface IdToken {
39
- iss: string;
40
- sub: string;
41
- aud: string;
42
- exp: number;
43
- iat: number;
44
- nbf?: number;
45
- }
46
- export interface AuthenticateOutput {
47
- identity: {
48
- id: string;
49
- };
50
- }
51
- export {};
package/components/identity.federation/operations/types.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"types.js","sourceRoot":"","sources":["../source/types.ts"],"names":[],"mappings":""}
package/components/identity.federation/source/create.ts DELETED
@@ -1,26 +0,0 @@
1
- import { assertionsAsValues } from './lib/assertions-as-values.js'
2
- import { validateIdToken } from './lib/jwt'
3
- import type { Request } from '@toa.io/core'
4
- import type { Context, Entity } from './types'
5
-
6
- async function create (input: CreateInput, context: Context): Promise<CreateOutput> {
7
- const { iss, sub } = await validateIdToken(input.credentials, context.configuration.trust)
8
-
9
- const request: Request = {
10
- input: { iss, sub } satisfies Omit<Entity, 'id'>,
11
- query: { id: input.id }
12
- }
13
-
14
- return await context.local.transit(request)
15
- }
16
-
17
- interface CreateInput {
18
- id: string
19
- credentials: string
20
- }
21
-
22
- interface CreateOutput {
23
- id: string
24
- }
25
-
26
- export const effect = assertionsAsValues(create)
package/components/identity.federation/source/lib/assertions-as-values.ts DELETED
@@ -1,19 +0,0 @@
1
- import * as assert from 'node:assert'
2
-
3
- /**
4
- * Wrapping function that returns assertion errors as function return value
5
- */
6
- export function assertionsAsValues<T extends (...args: any[]) => Promise<any>> (
7
- fn: T) {
8
- return async (...args: Parameters<T>): Promise<ReturnType<T> | Error> => {
9
- try {
10
- return await fn(...args)
11
- } catch (err) {
12
- console.error(err)
13
-
14
- if (err instanceof assert.AssertionError) return err
15
-
16
- throw err
17
- }
18
- }
19
- }
package/components/identity.federation/source/lib/jwt.test.ts DELETED
@@ -1,56 +0,0 @@
1
- /* eslint-disable max-len */
2
- /* eslint-disable @typescript-eslint/consistent-type-assertions */
3
- import { validateSignature, decodeJwt } from './jwt'
4
-
5
- describe('jwt', () => {
6
- test('decode', () => {
7
- const { header, payload } = decodeJwt('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb21lIjoicGF5bG9hZCJ9.4twFt5NiznN84AWoo1d7KO1T_yoc0Z6XOpOVswacPZg')
8
-
9
- expect(header).toMatchObject({ alg: 'HS256' })
10
- expect(payload).toEqual({ some: 'payload' })
11
- })
12
-
13
- test('symmetric pass', async () => {
14
- // example from
15
- // https://pyjwt.readthedocs.io/en/latest/usage.html#encoding-decoding-tokens-with-hs256
16
-
17
- await expect(validateSignature({
18
- header: { alg: 'HS256', kid: 'k2' },
19
- payload: { iss: 'test-issuer', aud: 'test', sub: '0', exp: 0, iat: 0 },
20
- rawHeader: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9',
21
- rawPayload: 'eyJzb21lIjoicGF5bG9hZCJ9',
22
- signature: '4twFt5NiznN84AWoo1d7KO1T_yoc0Z6XOpOVswacPZg',
23
- trusted: [
24
- {
25
- issuer: 'test-issuer',
26
- secrets: {
27
- HS256: {
28
- k1: 'old-secret',
29
- k2: 'secret'
30
- }
31
- }
32
- }
33
- ]
34
- } as Parameters<typeof validateSignature>[0])).resolves.toBeUndefined()
35
- })
36
-
37
- test('symmetric fail', async () => {
38
- await expect(validateSignature({
39
- header: { alg: 'HS256' },
40
- payload: { iss: 'test-issuer', aud: 'test', sub: '0', exp: 0, iat: 0 },
41
- rawHeader: 'header',
42
- rawPayload: 'payload',
43
- signature: 'signature',
44
- trusted: [
45
- {
46
- issuer: 'test-issuer',
47
- secrets: {
48
- HS256: {
49
- theKey: 'secret'
50
- }
51
- }
52
- }
53
- ]
54
- } as Parameters<typeof validateSignature>[0])).rejects.toThrow('Signature does not match')
55
- })
56
- })
package/components/identity.federation/source/lib/jwt.ts DELETED
@@ -1,171 +0,0 @@
1
- import crypto from 'node:crypto'
2
- import * as assert from 'node:assert'
3
- import { type JwtHeader, type IdToken } from '../types'
4
- import { type TrustConfiguration } from '../schemas'
5
-
6
- export function decodeJwt (token: string): {
7
- header: unknown
8
- payload: unknown
9
- rawHeader: string
10
- rawPayload: string
11
- signature: string
12
- } {
13
- const [rawHeader, rawPayload, signature] = token.split('.', 3)
14
-
15
- const header = JSON.parse(Buffer.from(rawHeader, 'base64url').toString())
16
- const payload = JSON.parse(Buffer.from(rawPayload, 'base64url').toString())
17
-
18
- return { header, payload, rawHeader, rawPayload, signature }
19
- }
20
-
21
- export function validateJwtHeader (header: unknown): asserts header is JwtHeader {
22
- assert.ok(header !== null && typeof header === 'object', 'Header is not an object')
23
- assert.ok('alg' in header, 'Header is missing alg')
24
- assert.ok(typeof header.alg === 'string', 'Header alg is not a string')
25
- assert.match(header.alg, /^RS256|HS\d{3}$/, `Unknown algorithm ${header.alg}`)
26
- assert.ok(!('kid' in header) || typeof header.kid === 'string', 'kid must be a string if present')
27
- }
28
-
29
- export function validateJwtPayload (payload: unknown,
30
- trusted: TrustConfiguration[] = [],
31
- header: JwtHeader): asserts payload is IdToken {
32
- assert.ok(trusted.length > 0, 'No trusted issuers provided')
33
-
34
- // full list of validations is
35
- // at https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation
36
- assert.ok(payload !== null && typeof payload === 'object', 'Payload is not an object')
37
-
38
- assert.ok('iss' in payload, 'Payload is missing iss')
39
- assert.ok(typeof payload.iss === 'string', 'Payload iss is not a string')
40
- assert.ok('aud' in payload, 'Payload is missing aud')
41
- assert.ok(typeof payload.aud === 'string', 'Payload aud is not a string')
42
-
43
- const issuer = trusted.find((config) => config.issuer === payload.iss)
44
-
45
- assert.ok(issuer !== undefined &&
46
- (issuer.audience === undefined || issuer.audience.some((a) => a === payload.aud),
47
- `Unknown issuer / audience: ${payload.iss} / ${payload.aud}`))
48
-
49
- if (header.alg.startsWith('HS')) {
50
- const secrets = issuer.secrets
51
-
52
- assert.ok(secrets, `We don't have known secrets for ${payload.iss}`)
53
-
54
- const keys = secrets[header.alg]
55
-
56
- assert.ok(keys, `No known secrets for ${header.alg}`)
57
-
58
- if (typeof header.kid === 'string')
59
- assert.ok(header.kid in keys, `No secret ${header.kid} provided for ${header.alg}`)
60
- }
61
-
62
- assert.ok('sub' in payload, 'Payload is missing sub')
63
- assert.ok(typeof payload.sub === 'string', 'Payload sub is not a string')
64
-
65
- assert.ok('exp' in payload, 'Payload is missing exp')
66
- assert.ok(typeof payload.exp === 'number', 'Payload exp is not a number')
67
- assert.ok(Date.now() < payload.exp * 1000, 'Token is expired')
68
-
69
- assert.ok('iat' in payload, 'Payload is missing iat')
70
- assert.ok(typeof payload.iat === 'number', 'Payload iat is not a number')
71
- assert.ok(Date.now() >= payload.iat * 1000, 'Token was issued in the future')
72
- assert.ok(payload.exp >= payload.iat, 'Payload exp is before iat')
73
-
74
- if ('nbf' in payload) {
75
- assert.ok(typeof payload.nbf === 'number', 'Payload nbf is not a number')
76
- assert.ok(Date.now() >= payload.nbf * 1000, 'Token is not valid yet')
77
- }
78
- }
79
-
80
- export async function validateSignature ({
81
- header: { kid, alg },
82
- payload: { iss },
83
- rawHeader,
84
- rawPayload,
85
- signature,
86
- trusted = []
87
- }: {
88
- readonly header: JwtHeader
89
- rawHeader: string
90
- readonly payload: IdToken
91
- rawPayload: string
92
- signature: string
93
- trusted?: TrustConfiguration[]
94
- }): Promise<void> {
95
- if (alg.startsWith('HS')) {
96
- // symmetric algorithm, issuer is validated at this point
97
- // eslint-disable-next-line @typescript-eslint/no-non-null-assertion -- `kid` is validated
98
- const secrets = trusted.find((c) => c.issuer === iss)!.secrets![alg]
99
- const secret = kid !== undefined ? secrets[kid] : Object.values(secrets)[0]
100
- const algorithm = alg.replace(/^HS(\d{3})$/, 'sha$1') // HS256 -> sha256
101
- const hmac = crypto.createHmac(algorithm, secret)
102
-
103
- hmac.update(rawHeader)
104
- hmac.update('.')
105
- hmac.update(rawPayload)
106
- assert.strictEqual(signature, hmac.digest('base64url'), 'Signature does not match')
107
-
108
- return
109
- }
110
-
111
- // Getting issuer public keys
112
- const oidcRequest = await fetch(`${iss}/.well-known/openid-configuration`, {
113
- cache: 'default'
114
- })
115
-
116
- assert.ok(oidcRequest.ok,
117
- `Failed to fetch OpenID configuration: ${oidcRequest.statusText}`)
118
-
119
- const { jwks_uri: jwksUri } = (await oidcRequest.json()) as { jwks_uri: string }
120
-
121
- const jwkRequest = await fetch(jwksUri, { cache: 'default' })
122
-
123
- assert.ok(jwkRequest.ok, `Failed to fetch issuer keys: ${jwkRequest.statusText}`)
124
-
125
- const { keys } = (await jwkRequest.json()) as {
126
- keys: Array<{ use: string, kid?: string, alg?: string } & crypto.JsonWebKey>
127
- }
128
-
129
- // getting corresponding signing key
130
- const signingKeys = keys.filter((k) => k.use === 'sig' && k.alg === alg)
131
-
132
- assert.ok(signingKeys.length > 0, 'No acceptable signing keys found')
133
-
134
- assert.ok(kid === undefined || signingKeys.length === 1,
135
- 'Signing key selection is not deterministic')
136
-
137
- const signingKey = kid === undefined ? signingKeys.find((k) => k.kid === kid) : keys[0]
138
-
139
- assert.ok(signingKey, 'Signing key was not found in issuer keys')
140
-
141
- const verifyFunction = crypto.createVerify('RSA-SHA256')
142
-
143
- verifyFunction.write(rawHeader)
144
- verifyFunction.write('.')
145
- verifyFunction.write(rawPayload)
146
- verifyFunction.end()
147
-
148
- const signatureValid = verifyFunction.verify({ format: 'jwk', key: signingKey },
149
- signature,
150
- 'base64url')
151
-
152
- assert.ok(signatureValid, 'Failed to validate signature')
153
- }
154
-
155
- export async function validateIdToken (token: string,
156
- trusted?: TrustConfiguration[]): Promise<IdToken> {
157
- const { header, payload, rawHeader, rawPayload, signature } = decodeJwt(token)
158
-
159
- validateJwtHeader(header)
160
- validateJwtPayload(payload, trusted, header)
161
- await validateSignature({
162
- header,
163
- rawHeader,
164
- payload,
165
- rawPayload,
166
- signature,
167
- trusted
168
- })
169
-
170
- return payload
171
- }