@toa.io/extensions.exposition 1.0.0-alpha.21 → 1.0.0-alpha.211
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/components/context.toa.yaml +2 -2
- package/components/identity.bans/operations/tsconfig.tsbuildinfo +1 -1
- package/components/identity.basic/manifest.toa.yaml +84 -15
- package/components/identity.basic/operations/add.d.ts +3 -0
- package/components/identity.basic/operations/add.js +16 -0
- package/components/identity.basic/operations/add.js.map +1 -0
- package/components/identity.basic/operations/authenticate.d.ts +5 -1
- package/components/identity.basic/operations/authenticate.js +7 -4
- package/components/identity.basic/operations/authenticate.js.map +1 -1
- package/components/identity.basic/operations/check.d.ts +7 -0
- package/components/identity.basic/operations/check.js +15 -0
- package/components/identity.basic/operations/check.js.map +1 -0
- package/components/identity.basic/operations/incept.d.ts +12 -0
- package/components/identity.basic/operations/incept.js +26 -0
- package/components/identity.basic/operations/incept.js.map +1 -0
- package/components/identity.basic/operations/transit.d.ts +4 -4
- package/components/identity.basic/operations/transit.js +14 -9
- package/components/identity.basic/operations/transit.js.map +1 -1
- package/components/identity.basic/operations/tsconfig.tsbuildinfo +1 -1
- package/components/identity.basic/operations/types.d.ts +16 -6
- package/components/identity.basic/source/add.ts +14 -0
- package/components/identity.basic/source/authenticate.ts +18 -7
- package/components/identity.basic/source/check.ts +20 -0
- package/components/identity.basic/source/incept.ts +38 -0
- package/components/identity.basic/source/transit.ts +17 -13
- package/components/identity.basic/source/types.ts +17 -6
- package/components/identity.federation/manifest.toa.yaml +80 -38
- package/components/identity.federation/operations/authenticate.d.ts +16 -3
- package/components/identity.federation/operations/authenticate.js +25 -15
- package/components/identity.federation/operations/authenticate.js.map +1 -1
- package/components/identity.federation/operations/decode.d.ts +3 -0
- package/components/identity.federation/operations/decode.js +12 -0
- package/components/identity.federation/operations/decode.js.map +1 -0
- package/components/identity.federation/operations/incept.d.ts +11 -0
- package/components/identity.federation/operations/incept.js +22 -0
- package/components/identity.federation/operations/incept.js.map +1 -0
- package/components/identity.federation/operations/lib/Configuration.d.ts +39 -0
- package/components/identity.federation/operations/lib/Configuration.js +3 -0
- package/components/identity.federation/operations/lib/Configuration.js.map +1 -0
- package/components/identity.federation/operations/lib/Context.d.ts +7 -0
- package/{transpiled/directives/vary/embeddings/Embedding.js → components/identity.federation/operations/lib/Context.js} +1 -1
- package/components/identity.federation/operations/lib/Context.js.map +1 -0
- package/components/identity.federation/operations/lib/Ctx.d.ts +6 -0
- package/components/identity.federation/operations/lib/Ctx.js +3 -0
- package/components/identity.federation/operations/lib/Ctx.js.map +1 -0
- package/components/identity.federation/operations/lib/Payload.d.ts +5 -0
- package/components/identity.federation/operations/lib/Payload.js +3 -0
- package/components/identity.federation/operations/lib/Payload.js.map +1 -0
- package/components/identity.federation/operations/lib/decode.d.ts +3 -0
- package/components/identity.federation/operations/lib/{assertions-as-values.js → decode.js} +19 -19
- package/components/identity.federation/operations/lib/decode.js.map +1 -0
- package/components/identity.federation/operations/lib/discovery.d.ts +4 -0
- package/components/identity.federation/operations/lib/discovery.js +49 -0
- package/components/identity.federation/operations/lib/discovery.js.map +1 -0
- package/components/identity.federation/operations/lib/errors.d.ts +11 -0
- package/components/identity.federation/operations/lib/errors.js +15 -0
- package/components/identity.federation/operations/lib/errors.js.map +1 -0
- package/components/identity.federation/operations/lib/exchange.d.ts +3 -0
- package/components/identity.federation/operations/lib/exchange.js +107 -0
- package/components/identity.federation/operations/lib/exchange.js.map +1 -0
- package/components/identity.federation/operations/lib/index.d.ts +3 -0
- package/components/identity.federation/operations/lib/index.js +8 -0
- package/components/identity.federation/operations/lib/index.js.map +1 -0
- package/components/identity.federation/operations/tsconfig.tsbuildinfo +1 -1
- package/components/identity.federation/operations/types/Scheme.d.ts +1 -0
- package/components/identity.federation/operations/types/Scheme.js +3 -0
- package/components/identity.federation/operations/types/Scheme.js.map +1 -0
- package/components/identity.federation/operations/types/configuration.d.ts +20 -0
- package/components/identity.federation/operations/types/configuration.js +3 -0
- package/components/identity.federation/operations/types/configuration.js.map +1 -0
- package/components/identity.federation/operations/types/context.d.ts +36 -0
- package/components/identity.federation/operations/types/context.js +3 -0
- package/components/identity.federation/operations/types/context.js.map +1 -0
- package/components/identity.federation/operations/types/entity.d.ts +6 -0
- package/components/identity.federation/operations/types/entity.js +3 -0
- package/components/identity.federation/operations/types/entity.js.map +1 -0
- package/components/identity.federation/operations/types/index.d.ts +4 -0
- package/components/identity.federation/operations/types/index.js +21 -0
- package/components/identity.federation/operations/types/index.js.map +1 -0
- package/components/identity.federation/source/authenticate.ts +44 -19
- package/components/identity.federation/source/decode.ts +10 -0
- package/components/identity.federation/source/incept.ts +36 -0
- package/components/identity.federation/source/lib/Configuration.ts +39 -0
- package/components/identity.federation/source/lib/Ctx.ts +7 -0
- package/components/identity.federation/source/lib/Payload.ts +6 -0
- package/components/identity.federation/source/lib/decode.ts +28 -0
- package/components/identity.federation/source/lib/discovery.ts +30 -0
- package/components/identity.federation/source/lib/errors.ts +12 -0
- package/components/identity.federation/source/lib/exchange.ts +116 -0
- package/components/identity.federation/source/lib/index.ts +3 -0
- package/components/identity.federation/source/types/Scheme.ts +1 -0
- package/components/identity.federation/source/types/configuration.ts +21 -0
- package/components/identity.federation/source/types/context.ts +40 -0
- package/components/identity.federation/source/types/entity.ts +6 -0
- package/components/identity.federation/source/types/index.ts +4 -0
- package/components/identity.federation/tsconfig.json +5 -4
- package/components/identity.keys/manifest.toa.yaml +57 -0
- package/components/identity.keys/operations/create.d.ts +22 -0
- package/components/identity.keys/operations/create.js +16 -0
- package/components/identity.keys/operations/create.js.map +1 -0
- package/components/identity.keys/operations/tsconfig.tsbuildinfo +1 -0
- package/components/identity.keys/source/create.ts +35 -0
- package/components/identity.keys/tsconfig.json +9 -0
- package/components/identity.otp/manifest.toa.yaml +55 -0
- package/components/identity.otp/operations/authenticate.d.ts +12 -0
- package/components/identity.otp/operations/authenticate.js +31 -0
- package/components/identity.otp/operations/authenticate.js.map +1 -0
- package/components/identity.otp/operations/issue.d.ts +12 -0
- package/components/identity.otp/operations/issue.js +22 -0
- package/components/identity.otp/operations/issue.js.map +1 -0
- package/components/identity.otp/operations/lib/Context.d.ts +13 -0
- package/components/identity.otp/operations/lib/Context.js +3 -0
- package/components/identity.otp/operations/lib/Context.js.map +1 -0
- package/components/identity.otp/operations/lib/Entity.d.ts +6 -0
- package/components/identity.otp/operations/lib/Entity.js +3 -0
- package/components/identity.otp/operations/lib/Entity.js.map +1 -0
- package/components/identity.otp/operations/lib/index.d.ts +1 -0
- package/components/identity.otp/operations/lib/index.js +3 -0
- package/components/identity.otp/operations/lib/index.js.map +1 -0
- package/components/identity.otp/operations/tsconfig.tsbuildinfo +1 -0
- package/components/identity.otp/source/authenticate.ts +48 -0
- package/components/identity.otp/source/issue.ts +34 -0
- package/components/identity.otp/source/lib/Context.ts +14 -0
- package/components/identity.otp/source/lib/Entity.ts +6 -0
- package/components/identity.otp/source/lib/index.ts +1 -0
- package/components/identity.otp/tsconfig.json +9 -0
- package/components/identity.passkeys/manifest.toa.yaml +276 -0
- package/components/identity.passkeys/operations/authenticate.d.ts +16 -0
- package/components/identity.passkeys/operations/authenticate.js +34 -0
- package/components/identity.passkeys/operations/authenticate.js.map +1 -0
- package/components/identity.passkeys/operations/challenge.d.ts +35 -0
- package/components/identity.passkeys/operations/challenge.js +73 -0
- package/components/identity.passkeys/operations/challenge.js.map +1 -0
- package/components/identity.passkeys/operations/create.d.ts +19 -0
- package/components/identity.passkeys/operations/create.js +58 -0
- package/components/identity.passkeys/operations/create.js.map +1 -0
- package/components/identity.passkeys/operations/delete.d.ts +8 -0
- package/components/identity.passkeys/operations/delete.js +12 -0
- package/components/identity.passkeys/operations/delete.js.map +1 -0
- package/components/identity.passkeys/operations/lib/const.d.ts +1 -0
- package/components/identity.passkeys/operations/lib/const.js +5 -0
- package/components/identity.passkeys/operations/lib/const.js.map +1 -0
- package/components/identity.passkeys/operations/list.d.ts +7 -0
- package/components/identity.passkeys/operations/list.js +15 -0
- package/components/identity.passkeys/operations/list.js.map +1 -0
- package/components/identity.passkeys/operations/tsconfig.tsbuildinfo +1 -0
- package/components/identity.passkeys/operations/types/Configuration.d.ts +6 -0
- package/components/identity.passkeys/operations/types/Configuration.js +3 -0
- package/components/identity.passkeys/operations/types/Configuration.js.map +1 -0
- package/components/identity.passkeys/operations/types/Context.d.ts +15 -0
- package/components/identity.passkeys/operations/types/Context.js +3 -0
- package/components/identity.passkeys/operations/types/Context.js.map +1 -0
- package/components/identity.passkeys/operations/types/Passkey.d.ts +13 -0
- package/components/identity.passkeys/operations/types/Passkey.js +3 -0
- package/components/identity.passkeys/operations/types/Passkey.js.map +1 -0
- package/components/identity.passkeys/operations/types/index.d.ts +2 -0
- package/components/identity.passkeys/operations/types/index.js +3 -0
- package/components/identity.passkeys/operations/types/index.js.map +1 -0
- package/components/identity.passkeys/operations/use.d.ts +16 -0
- package/components/identity.passkeys/operations/use.js +57 -0
- package/components/identity.passkeys/operations/use.js.map +1 -0
- package/components/identity.passkeys/source/authenticate.ts +48 -0
- package/components/identity.passkeys/source/challenge.ts +115 -0
- package/components/identity.passkeys/source/create.ts +77 -0
- package/components/identity.passkeys/source/delete.ts +15 -0
- package/components/identity.passkeys/source/lib/const.ts +1 -0
- package/components/identity.passkeys/source/list.ts +17 -0
- package/components/identity.passkeys/source/types/Configuration.ts +6 -0
- package/components/identity.passkeys/source/types/Context.ts +16 -0
- package/components/identity.passkeys/source/types/Passkey.ts +14 -0
- package/components/identity.passkeys/source/types/index.ts +2 -0
- package/components/identity.passkeys/source/use.ts +75 -0
- package/components/identity.passkeys/tsconfig.json +9 -0
- package/components/identity.roles/manifest.toa.yaml +4 -2
- package/components/identity.roles/operations/grant.js +2 -2
- package/components/identity.roles/operations/grant.js.map +1 -1
- package/components/identity.roles/operations/tsconfig.tsbuildinfo +1 -1
- package/components/identity.roles/source/grant.ts +2 -2
- package/components/identity.tokens/manifest.toa.yaml +98 -12
- package/components/identity.tokens/operations/authenticate.d.ts +3 -3
- package/components/identity.tokens/operations/authenticate.js +15 -11
- package/components/identity.tokens/operations/authenticate.js.map +1 -1
- package/components/identity.tokens/operations/decrypt.d.ts +13 -3
- package/components/identity.tokens/operations/decrypt.js +65 -17
- package/components/identity.tokens/operations/decrypt.js.map +1 -1
- package/components/identity.tokens/operations/encrypt.d.ts +3 -3
- package/components/identity.tokens/operations/encrypt.js +24 -7
- package/components/identity.tokens/operations/encrypt.js.map +1 -1
- package/components/identity.tokens/operations/issue.d.ts +24 -0
- package/components/identity.tokens/operations/issue.js +59 -0
- package/components/identity.tokens/operations/issue.js.map +1 -0
- package/components/identity.tokens/operations/lib/index.d.ts +2 -0
- package/components/identity.tokens/operations/lib/index.js +19 -0
- package/components/identity.tokens/operations/lib/index.js.map +1 -0
- package/components/identity.tokens/operations/lib/pad.d.ts +1 -0
- package/components/identity.tokens/operations/lib/pad.js +5 -0
- package/components/identity.tokens/operations/lib/pad.js.map +1 -0
- package/components/identity.tokens/operations/lib/types.d.ts +75 -0
- package/components/identity.tokens/operations/lib/types.js.map +1 -0
- package/components/identity.tokens/operations/revoke.d.ts +2 -2
- package/components/identity.tokens/operations/revoke.js.map +1 -1
- package/components/identity.tokens/operations/tsconfig.tsbuildinfo +1 -1
- package/components/identity.tokens/source/authenticate.test.ts +22 -9
- package/components/identity.tokens/source/authenticate.ts +18 -13
- package/components/identity.tokens/source/decrypt.test.ts +33 -18
- package/components/identity.tokens/source/decrypt.ts +95 -20
- package/components/identity.tokens/source/encrypt.test.ts +51 -13
- package/components/identity.tokens/source/encrypt.ts +36 -11
- package/components/identity.tokens/source/issue.ts +82 -0
- package/components/identity.tokens/source/lib/index.ts +2 -0
- package/components/identity.tokens/source/lib/pad.ts +1 -0
- package/components/identity.tokens/source/lib/paseto.test.ts +16 -0
- package/components/identity.tokens/source/lib/types.ts +86 -0
- package/components/identity.tokens/source/revoke.ts +2 -2
- package/components/octets.storage/manifest.toa.yaml +13 -11
- package/components/octets.storage/operations/get.js +3 -3
- package/components/octets.storage/operations/head.js +7 -0
- package/components/octets.storage/operations/put.js +135 -0
- package/documentation/access.md +78 -27
- package/documentation/authorities.md +48 -0
- package/documentation/components.md +117 -42
- package/documentation/dev.md +30 -0
- package/documentation/flow.md +44 -0
- package/documentation/identity.md +129 -24
- package/documentation/introspection.md +82 -0
- package/documentation/io.md +42 -2
- package/documentation/map.md +96 -0
- package/documentation/notes/desync.jpg +0 -0
- package/documentation/notes/peers.md +59 -0
- package/documentation/notes/throttling.md +82 -0
- package/documentation/octets.md +122 -69
- package/documentation/passkeys.md +4 -0
- package/documentation/protocol.md +11 -4
- package/documentation/query.md +51 -4
- package/documentation/tree.md +13 -0
- package/features/access.feature +122 -9
- package/features/annotation.feature +1 -0
- package/features/auth.assert.feature +57 -0
- package/features/auth.claims.feature +170 -0
- package/features/auth.incept.feature +120 -0
- package/features/auth.input.feature +59 -0
- package/features/auth.issue.feature +32 -0
- package/features/authorities.basic.feature +141 -0
- package/features/authorities.feature +32 -0
- package/features/authorities.federation.feature +99 -0
- package/features/authorities.tokens.feature +117 -0
- package/features/body.feature +2 -0
- package/features/cache.feature +131 -8
- package/features/cors.feature +32 -7
- package/features/debug.feature +34 -0
- package/features/dev.feature +87 -0
- package/features/directives.feature +3 -0
- package/features/dynamic.feature +48 -0
- package/features/errors.feature +29 -6
- package/features/etag.feature +140 -1
- package/features/flow.feature +148 -0
- package/features/identity.bans.feature +12 -3
- package/features/identity.basic.feature +154 -21
- package/features/identity.feature +18 -6
- package/features/identity.federation.feature +134 -44
- package/features/identity.otp.feature +71 -0
- package/features/identity.roles.feature +81 -20
- package/features/identity.tokens.feature +11 -97
- package/features/identtiy.tokens.custom.feature +247 -0
- package/features/interruptions.feature +19 -0
- package/features/introspection.feature +153 -0
- package/features/io.feature +9 -1
- package/features/io.throttle.feature +40 -0
- package/features/map.feature +328 -0
- package/features/methods.feature +47 -0
- package/features/octets.cloudinary.feature +223 -0
- package/features/octets.download.feature +189 -0
- package/features/octets.entries.feature +13 -55
- package/features/octets.feature +70 -114
- package/features/octets.head.feature +40 -0
- package/features/octets.location.feature +83 -0
- package/features/octets.meta.feature +65 -15
- package/features/octets.workflows.feature +344 -66
- package/features/passkeys.feature +66 -0
- package/features/probes.feature +14 -0
- package/features/{queries.feature → query.feature} +142 -2
- package/features/realtime.feature +34 -0
- package/features/require.feature +3 -0
- package/features/response.feature +34 -2
- package/features/routes.feature +93 -2
- package/features/server.feature +21 -0
- package/features/steps/.env.example +5 -0
- package/features/steps/Common.ts +4 -0
- package/features/steps/Gateway.ts +26 -7
- package/features/steps/HTTP.ts +26 -3
- package/features/steps/IDP.ts +334 -0
- package/features/steps/Identity.ts +51 -0
- package/features/steps/OTP.ts +39 -0
- package/features/steps/Parameters.ts +88 -2
- package/features/steps/Realtime.ts +151 -0
- package/features/steps/Workspace.ts +1 -2
- package/features/steps/components/echo/manifest.toa.yaml +12 -0
- package/features/steps/components/echo/operations/echo.js +7 -0
- package/features/steps/components/echo/operations/parameters.js +7 -0
- package/features/steps/components/echo/operations/ping.js +7 -0
- package/features/steps/components/echo.beacon/manifest.toa.yaml +2 -0
- package/features/steps/components/echo.beacon/operations/hello.js +5 -0
- package/features/steps/components/greeter/manifest.toa.yaml +0 -1
- package/features/steps/components/octets.tester/manifest.toa.yaml +26 -3
- package/features/steps/components/octets.tester/operations/authority.js +7 -0
- package/features/steps/components/octets.tester/operations/bar.js +0 -1
- package/features/steps/components/octets.tester/operations/baz.js +1 -1
- package/features/steps/components/octets.tester/operations/echo.js +1 -1
- package/features/steps/components/octets.tester/operations/foo.js +2 -2
- package/features/steps/components/octets.tester/operations/id.js +7 -0
- package/features/steps/components/octets.tester/operations/identity.js +7 -0
- package/features/steps/components/octets.tester/operations/redirect.js +12 -0
- package/features/steps/components/octets.tester/operations/yex.js +16 -0
- package/features/steps/components/octets.tester/operations/yield.js +13 -0
- package/features/steps/components/pots/manifest.toa.yaml +15 -4
- package/features/steps/components/sequences/manifest.toa.yaml +0 -1
- package/features/steps/components/users/manifest.toa.yaml +4 -2
- package/features/steps/components/users/operations/create.js +15 -0
- package/features/steps/components/users.properties/manifest.toa.yaml +0 -1
- package/features/streams.feature +5 -0
- package/features/timestamps.feature +41 -0
- package/features/timing.feature +4 -1
- package/package.json +32 -21
- package/readme.md +19 -14
- package/schemas/annotation.cos.yaml +8 -1
- package/schemas/io/throttle.cos.yaml +36 -0
- package/schemas/method.cos.yaml +2 -1
- package/schemas/node.cos.yaml +2 -0
- package/schemas/octets/put.cos.yaml +28 -0
- package/schemas/query.cos.yaml +7 -10
- package/schemas/querystring.cos.yaml +1 -0
- package/source/Annotation.ts +6 -3
- package/source/Branch.ts +1 -0
- package/source/Composition.ts +0 -6
- package/source/Context.ts +1 -0
- package/source/Directive.test.ts +5 -3
- package/source/Directive.ts +30 -6
- package/source/Endpoint.ts +89 -24
- package/source/Factory.ts +22 -12
- package/source/Gateway.ts +77 -19
- package/source/HTTP/Context.ts +33 -8
- package/source/HTTP/Server.ts +168 -56
- package/source/HTTP/Timing.ts +1 -1
- package/source/HTTP/exceptions.ts +31 -7
- package/source/HTTP/formats/index.ts +3 -4
- package/source/HTTP/formats/json.ts +0 -2
- package/source/HTTP/formats/msgpack.ts +0 -1
- package/source/HTTP/formats/text.ts +0 -2
- package/source/HTTP/formats/yaml.ts +0 -1
- package/source/HTTP/messages.test.ts +47 -4
- package/source/HTTP/messages.ts +94 -14
- package/source/Introspection.ts +11 -0
- package/source/Mapping.ts +69 -21
- package/source/Query.test.ts +3 -3
- package/source/Query.ts +134 -33
- package/source/RTD/Context.ts +1 -1
- package/source/RTD/Directives.ts +4 -0
- package/source/RTD/Endpoint.ts +3 -0
- package/source/RTD/Method.ts +16 -0
- package/source/RTD/Node.ts +30 -15
- package/source/RTD/Route.ts +12 -5
- package/source/RTD/Tree.ts +7 -5
- package/source/RTD/factory.ts +4 -1
- package/source/RTD/segment.ts +2 -0
- package/source/RTD/syntax/parse.test.ts +1 -1
- package/source/RTD/syntax/parse.ts +37 -24
- package/source/RTD/syntax/types.ts +9 -4
- package/source/Remotes.ts +7 -6
- package/source/Tenant.ts +6 -12
- package/source/deployment.ts +34 -24
- package/source/directives/auth/Anonymous.ts +3 -3
- package/source/directives/auth/Anyone.ts +13 -0
- package/source/directives/auth/Assert.ts +35 -0
- package/source/directives/auth/Authorization.ts +72 -26
- package/source/directives/auth/Delegate.ts +9 -5
- package/source/directives/auth/Echo.ts +16 -6
- package/source/directives/auth/Federation.ts +84 -0
- package/source/directives/auth/Id.ts +1 -1
- package/source/directives/auth/Incept.ts +76 -23
- package/source/directives/auth/Input.ts +71 -0
- package/source/directives/auth/Role.test.ts +2 -3
- package/source/directives/auth/Role.ts +6 -11
- package/source/directives/auth/Rule.ts +3 -6
- package/source/directives/auth/Scheme.ts +5 -5
- package/source/directives/auth/create.ts +11 -0
- package/source/directives/auth/schemes.ts +5 -2
- package/source/directives/auth/split.ts +1 -1
- package/source/directives/auth/types.ts +12 -7
- package/source/directives/cache/Cache.ts +20 -7
- package/source/directives/cache/Control.ts +16 -16
- package/source/directives/cors/CORS.ts +9 -9
- package/source/directives/dev/Development.ts +14 -7
- package/source/directives/dev/Faulty.ts +26 -0
- package/source/directives/dev/Sleep.ts +55 -0
- package/source/directives/dev/types.ts +1 -1
- package/source/directives/flow/Compose.ts +92 -0
- package/source/directives/flow/Fetch.ts +86 -0
- package/source/directives/flow/Flow.ts +42 -0
- package/source/directives/flow/index.ts +3 -0
- package/source/directives/flow/types.ts +7 -0
- package/source/directives/index.ts +3 -2
- package/source/directives/io/Directive.ts +5 -2
- package/source/directives/io/IO.ts +18 -6
- package/source/directives/io/Input.ts +9 -6
- package/source/directives/io/Output.ts +6 -5
- package/source/directives/io/Throttle.ts +32 -0
- package/source/directives/io/lib/throttle/Configuration.test.ts +40 -0
- package/source/directives/io/lib/throttle/Configuration.ts +58 -0
- package/source/directives/io/lib/throttle/Interval.ts +31 -0
- package/source/directives/io/lib/throttle/Keys.ts +40 -0
- package/source/directives/io/lib/throttle/Quota.ts +22 -0
- package/source/directives/io/lib/throttle/Quotas.test.ts +136 -0
- package/source/directives/io/lib/throttle/Quotas.ts +83 -0
- package/source/directives/io/lib/throttle/components/Component.ts +5 -0
- package/source/directives/io/lib/throttle/components/IP.ts +40 -0
- package/source/directives/io/lib/throttle/components/Path.ts +8 -0
- package/source/directives/io/lib/throttle/components/index.ts +13 -0
- package/source/directives/io/lib/throttle/conditions/Condition.ts +5 -0
- package/source/directives/io/lib/throttle/conditions/Status.ts +17 -0
- package/source/directives/io/lib/throttle/conditions/index.ts +11 -0
- package/source/directives/io/lib/throttle/index.ts +2 -0
- package/source/directives/io/schemas.test.ts +9 -0
- package/source/directives/io/schemas.ts +3 -0
- package/source/directives/map/Authority.ts +15 -0
- package/source/directives/map/Claims.ts +58 -0
- package/source/directives/map/Directive.ts +4 -0
- package/source/directives/map/Headers.ts +38 -0
- package/source/directives/map/Language.ts +42 -0
- package/source/directives/map/Languages.ts +11 -0
- package/source/directives/map/Map.ts +61 -0
- package/source/directives/map/Mapping.ts +19 -0
- package/source/directives/{vary → map}/Properties.ts +2 -4
- package/source/directives/map/Segments.ts +33 -0
- package/source/directives/map/index.ts +3 -0
- package/source/directives/octets/Context.ts +3 -2
- package/source/directives/octets/Delete.ts +22 -19
- package/source/directives/octets/Get.ts +96 -0
- package/source/directives/octets/Octets.ts +10 -14
- package/source/directives/octets/Put.ts +138 -0
- package/source/directives/octets/Workflow.ts +9 -3
- package/source/directives/octets/bytes.test.ts +30 -0
- package/source/directives/octets/bytes.ts +18 -0
- package/source/directives/octets/schemas.ts +4 -8
- package/source/directives/octets/types.ts +2 -0
- package/source/directives/octets/workflows/Execution.ts +62 -8
- package/source/directives/octets/workflows/Workflow.ts +18 -7
- package/source/directives/octets/workflows/index.ts +1 -1
- package/source/exceptions.ts +16 -4
- package/source/manifest.ts +10 -11
- package/source/root.ts +16 -1
- package/source/schemas.ts +1 -1
- package/transpiled/Annotation.d.ts +5 -3
- package/transpiled/Branch.d.ts +1 -0
- package/transpiled/Composition.d.ts +0 -1
- package/transpiled/Composition.js +0 -4
- package/transpiled/Composition.js.map +1 -1
- package/transpiled/Context.d.ts +1 -0
- package/transpiled/Directive.d.ts +3 -0
- package/transpiled/Directive.js +24 -6
- package/transpiled/Directive.js.map +1 -1
- package/transpiled/Endpoint.d.ts +6 -4
- package/transpiled/Endpoint.js +64 -16
- package/transpiled/Endpoint.js.map +1 -1
- package/transpiled/Factory.d.ts +1 -1
- package/transpiled/Factory.js +19 -9
- package/transpiled/Factory.js.map +1 -1
- package/transpiled/Gateway.d.ts +3 -0
- package/transpiled/Gateway.js +57 -12
- package/transpiled/Gateway.js.map +1 -1
- package/transpiled/HTTP/Context.d.ts +10 -2
- package/transpiled/HTTP/Context.js +22 -6
- package/transpiled/HTTP/Context.js.map +1 -1
- package/transpiled/HTTP/Server.d.ts +15 -4
- package/transpiled/HTTP/Server.js +128 -45
- package/transpiled/HTTP/Server.js.map +1 -1
- package/transpiled/HTTP/Timing.js.map +1 -1
- package/transpiled/HTTP/exceptions.d.ts +16 -4
- package/transpiled/HTTP/exceptions.js +34 -10
- package/transpiled/HTTP/exceptions.js.map +1 -1
- package/transpiled/HTTP/formats/index.d.ts +1 -1
- package/transpiled/HTTP/formats/index.js +3 -3
- package/transpiled/HTTP/formats/index.js.map +1 -1
- package/transpiled/HTTP/formats/json.d.ts +1 -1
- package/transpiled/HTTP/formats/json.js +1 -2
- package/transpiled/HTTP/formats/json.js.map +1 -1
- package/transpiled/HTTP/formats/msgpack.d.ts +1 -1
- package/transpiled/HTTP/formats/msgpack.js.map +1 -1
- package/transpiled/HTTP/formats/text.d.ts +1 -1
- package/transpiled/HTTP/formats/text.js +1 -2
- package/transpiled/HTTP/formats/text.js.map +1 -1
- package/transpiled/HTTP/formats/yaml.d.ts +1 -1
- package/transpiled/HTTP/formats/yaml.js +1 -2
- package/transpiled/HTTP/formats/yaml.js.map +1 -1
- package/transpiled/HTTP/messages.d.ts +4 -1
- package/transpiled/HTTP/messages.js +65 -8
- package/transpiled/HTTP/messages.js.map +1 -1
- package/transpiled/Introspection.d.ts +9 -0
- package/transpiled/Introspection.js +3 -0
- package/transpiled/Introspection.js.map +1 -0
- package/transpiled/Mapping.d.ts +11 -2
- package/transpiled/Mapping.js +51 -19
- package/transpiled/Mapping.js.map +1 -1
- package/transpiled/Query.d.ts +12 -1
- package/transpiled/Query.js +95 -30
- package/transpiled/Query.js.map +1 -1
- package/transpiled/RTD/Context.d.ts +1 -1
- package/transpiled/RTD/Directives.d.ts +3 -0
- package/transpiled/RTD/Endpoint.d.ts +1 -0
- package/transpiled/RTD/Method.d.ts +4 -0
- package/transpiled/RTD/Method.js +11 -0
- package/transpiled/RTD/Method.js.map +1 -1
- package/transpiled/RTD/Node.d.ts +4 -1
- package/transpiled/RTD/Node.js +23 -12
- package/transpiled/RTD/Node.js.map +1 -1
- package/transpiled/RTD/Route.d.ts +2 -1
- package/transpiled/RTD/Route.js +7 -3
- package/transpiled/RTD/Route.js.map +1 -1
- package/transpiled/RTD/Tree.d.ts +2 -1
- package/transpiled/RTD/Tree.js +3 -0
- package/transpiled/RTD/Tree.js.map +1 -1
- package/transpiled/RTD/factory.js +4 -1
- package/transpiled/RTD/factory.js.map +1 -1
- package/transpiled/RTD/segment.d.ts +1 -0
- package/transpiled/RTD/segment.js +2 -0
- package/transpiled/RTD/segment.js.map +1 -1
- package/transpiled/RTD/syntax/parse.js +34 -22
- package/transpiled/RTD/syntax/parse.js.map +1 -1
- package/transpiled/RTD/syntax/types.d.ts +8 -3
- package/transpiled/RTD/syntax/types.js +1 -1
- package/transpiled/RTD/syntax/types.js.map +1 -1
- package/transpiled/Remotes.d.ts +4 -4
- package/transpiled/Remotes.js +6 -5
- package/transpiled/Remotes.js.map +1 -1
- package/transpiled/Tenant.d.ts +5 -4
- package/transpiled/Tenant.js +2 -7
- package/transpiled/Tenant.js.map +1 -1
- package/transpiled/deployment.d.ts +1 -1
- package/transpiled/deployment.js +29 -21
- package/transpiled/deployment.js.map +1 -1
- package/transpiled/directives/auth/Anonymous.d.ts +2 -2
- package/transpiled/directives/auth/Anonymous.js +2 -2
- package/transpiled/directives/auth/Anonymous.js.map +1 -1
- package/transpiled/directives/auth/Anyone.d.ts +6 -0
- package/transpiled/directives/auth/Anyone.js +14 -0
- package/transpiled/directives/auth/Anyone.js.map +1 -0
- package/transpiled/directives/auth/Assert.d.ts +7 -0
- package/transpiled/directives/auth/Assert.js +57 -0
- package/transpiled/directives/auth/Assert.js.map +1 -0
- package/transpiled/directives/auth/Authorization.d.ts +4 -3
- package/transpiled/directives/auth/Authorization.js +55 -23
- package/transpiled/directives/auth/Authorization.js.map +1 -1
- package/transpiled/directives/auth/Delegate.d.ts +5 -4
- package/transpiled/directives/auth/Delegate.js +7 -3
- package/transpiled/directives/auth/Delegate.js.map +1 -1
- package/transpiled/directives/auth/Echo.d.ts +4 -4
- package/transpiled/directives/auth/Echo.js +11 -4
- package/transpiled/directives/auth/Echo.js.map +1 -1
- package/transpiled/directives/auth/Federation.d.ts +16 -0
- package/transpiled/directives/auth/Federation.js +57 -0
- package/transpiled/directives/auth/Federation.js.map +1 -0
- package/transpiled/directives/auth/Id.d.ts +1 -1
- package/transpiled/directives/auth/Id.js.map +1 -1
- package/transpiled/directives/auth/Incept.d.ts +8 -5
- package/transpiled/directives/auth/Incept.js +57 -18
- package/transpiled/directives/auth/Incept.js.map +1 -1
- package/transpiled/directives/auth/Input.d.ts +13 -0
- package/transpiled/directives/auth/Input.js +49 -0
- package/transpiled/directives/auth/Input.js.map +1 -0
- package/transpiled/directives/auth/Role.d.ts +1 -1
- package/transpiled/directives/auth/Role.js +4 -6
- package/transpiled/directives/auth/Role.js.map +1 -1
- package/transpiled/directives/auth/Rule.d.ts +2 -4
- package/transpiled/directives/auth/Rule.js +2 -2
- package/transpiled/directives/auth/Rule.js.map +1 -1
- package/transpiled/directives/auth/Scheme.d.ts +2 -2
- package/transpiled/directives/auth/Scheme.js +4 -4
- package/transpiled/directives/auth/Scheme.js.map +1 -1
- package/transpiled/directives/auth/create.d.ts +2 -0
- package/transpiled/directives/auth/create.js +14 -0
- package/transpiled/directives/auth/create.js.map +1 -0
- package/transpiled/directives/auth/schemes.d.ts +2 -1
- package/transpiled/directives/auth/schemes.js +5 -2
- package/transpiled/directives/auth/schemes.js.map +1 -1
- package/transpiled/directives/auth/split.js +1 -1
- package/transpiled/directives/auth/split.js.map +1 -1
- package/transpiled/directives/auth/types.d.ts +10 -7
- package/transpiled/directives/cache/Cache.d.ts +3 -3
- package/transpiled/directives/cache/Cache.js +15 -4
- package/transpiled/directives/cache/Cache.js.map +1 -1
- package/transpiled/directives/cache/Control.d.ts +2 -2
- package/transpiled/directives/cache/Control.js +12 -12
- package/transpiled/directives/cache/Control.js.map +1 -1
- package/transpiled/directives/cors/CORS.js +7 -7
- package/transpiled/directives/cors/CORS.js.map +1 -1
- package/transpiled/directives/dev/Development.d.ts +1 -1
- package/transpiled/directives/dev/Development.js +15 -7
- package/transpiled/directives/dev/Development.js.map +1 -1
- package/transpiled/directives/dev/Faulty.d.ts +8 -0
- package/transpiled/directives/dev/Faulty.js +26 -0
- package/transpiled/directives/dev/Faulty.js.map +1 -0
- package/transpiled/directives/dev/Sleep.d.ts +9 -0
- package/transpiled/directives/dev/Sleep.js +48 -0
- package/transpiled/directives/dev/Sleep.js.map +1 -0
- package/transpiled/directives/dev/types.d.ts +1 -1
- package/transpiled/directives/flow/Compose.d.ts +9 -0
- package/transpiled/directives/flow/Compose.js +94 -0
- package/transpiled/directives/flow/Compose.js.map +1 -0
- package/transpiled/directives/flow/Fetch.d.ts +12 -0
- package/transpiled/directives/flow/Fetch.js +58 -0
- package/transpiled/directives/flow/Fetch.js.map +1 -0
- package/transpiled/directives/flow/Flow.d.ts +10 -0
- package/transpiled/directives/flow/Flow.js +33 -0
- package/transpiled/directives/flow/Flow.js.map +1 -0
- package/transpiled/directives/flow/index.d.ts +2 -0
- package/transpiled/directives/flow/index.js +6 -0
- package/transpiled/directives/flow/index.js.map +1 -0
- package/transpiled/directives/flow/types.d.ts +6 -0
- package/transpiled/directives/flow/types.js.map +1 -0
- package/transpiled/directives/index.js +3 -2
- package/transpiled/directives/index.js.map +1 -1
- package/transpiled/directives/io/Directive.d.ts +5 -2
- package/transpiled/directives/io/IO.d.ts +4 -2
- package/transpiled/directives/io/IO.js +14 -4
- package/transpiled/directives/io/IO.js.map +1 -1
- package/transpiled/directives/io/Input.d.ts +1 -1
- package/transpiled/directives/io/Input.js +5 -3
- package/transpiled/directives/io/Input.js.map +1 -1
- package/transpiled/directives/io/Output.d.ts +1 -1
- package/transpiled/directives/io/Output.js +3 -3
- package/transpiled/directives/io/Output.js.map +1 -1
- package/transpiled/directives/io/Throttle.d.ts +11 -0
- package/transpiled/directives/{octets/Permute.js → io/Throttle.js} +21 -28
- package/transpiled/directives/io/Throttle.js.map +1 -0
- package/transpiled/directives/io/lib/throttle/Configuration.d.ts +23 -0
- package/transpiled/directives/io/lib/throttle/Configuration.js +27 -0
- package/transpiled/directives/io/lib/throttle/Configuration.js.map +1 -0
- package/transpiled/directives/io/lib/throttle/Interval.d.ts +9 -0
- package/transpiled/directives/io/lib/throttle/Interval.js +31 -0
- package/transpiled/directives/io/lib/throttle/Interval.js.map +1 -0
- package/transpiled/directives/io/lib/throttle/Keys.d.ts +12 -0
- package/transpiled/directives/io/lib/throttle/Keys.js +34 -0
- package/transpiled/directives/io/lib/throttle/Keys.js.map +1 -0
- package/transpiled/directives/io/lib/throttle/Quota.d.ts +8 -0
- package/transpiled/directives/io/lib/throttle/Quota.js +22 -0
- package/transpiled/directives/io/lib/throttle/Quota.js.map +1 -0
- package/transpiled/directives/io/lib/throttle/Quotas.d.ts +26 -0
- package/transpiled/directives/io/lib/throttle/Quotas.js +61 -0
- package/transpiled/directives/io/lib/throttle/Quotas.js.map +1 -0
- package/transpiled/directives/io/lib/throttle/components/Component.d.ts +4 -0
- package/transpiled/directives/io/lib/throttle/components/Component.js +3 -0
- package/transpiled/directives/io/lib/throttle/components/Component.js.map +1 -0
- package/transpiled/directives/io/lib/throttle/components/IP.d.ts +6 -0
- package/transpiled/directives/io/lib/throttle/components/IP.js +33 -0
- package/transpiled/directives/io/lib/throttle/components/IP.js.map +1 -0
- package/transpiled/directives/io/lib/throttle/components/Path.d.ts +5 -0
- package/transpiled/directives/io/lib/throttle/components/Path.js +10 -0
- package/transpiled/directives/io/lib/throttle/components/Path.js.map +1 -0
- package/transpiled/directives/io/lib/throttle/components/index.d.ts +5 -0
- package/transpiled/directives/io/lib/throttle/components/index.js +10 -0
- package/transpiled/directives/io/lib/throttle/components/index.js.map +1 -0
- package/transpiled/directives/io/lib/throttle/conditions/Condition.d.ts +4 -0
- package/transpiled/directives/io/lib/throttle/conditions/Condition.js +3 -0
- package/transpiled/directives/io/lib/throttle/conditions/Condition.js.map +1 -0
- package/transpiled/directives/io/lib/throttle/conditions/Status.d.ts +7 -0
- package/transpiled/directives/io/lib/throttle/conditions/Status.js +19 -0
- package/transpiled/directives/io/lib/throttle/conditions/Status.js.map +1 -0
- package/transpiled/directives/io/lib/throttle/conditions/index.d.ts +5 -0
- package/transpiled/directives/io/lib/throttle/conditions/index.js +8 -0
- package/transpiled/directives/io/lib/throttle/conditions/index.js.map +1 -0
- package/transpiled/directives/io/lib/throttle/index.d.ts +2 -0
- package/transpiled/directives/io/lib/throttle/index.js +8 -0
- package/transpiled/directives/io/lib/throttle/index.js.map +1 -0
- package/transpiled/directives/io/schemas.d.ts +2 -0
- package/transpiled/directives/io/schemas.js +2 -1
- package/transpiled/directives/io/schemas.js.map +1 -1
- package/transpiled/directives/map/Authority.d.ts +6 -0
- package/transpiled/directives/map/Authority.js +19 -0
- package/transpiled/directives/map/Authority.js.map +1 -0
- package/transpiled/directives/map/Claims.d.ts +10 -0
- package/transpiled/directives/map/Claims.js +44 -0
- package/transpiled/directives/map/Claims.js.map +1 -0
- package/transpiled/directives/map/Directive.d.ts +3 -0
- package/transpiled/directives/map/Directive.js.map +1 -0
- package/transpiled/directives/map/Headers.d.ts +7 -0
- package/transpiled/directives/map/Headers.js +34 -0
- package/transpiled/directives/map/Headers.js.map +1 -0
- package/transpiled/directives/map/Language.d.ts +10 -0
- package/transpiled/directives/map/Language.js +38 -0
- package/transpiled/directives/map/Language.js.map +1 -0
- package/transpiled/directives/map/Languages.d.ts +4 -0
- package/transpiled/directives/map/Languages.js +17 -0
- package/transpiled/directives/map/Languages.js.map +1 -0
- package/transpiled/directives/map/Map.d.ts +13 -0
- package/transpiled/directives/map/Map.js +46 -0
- package/transpiled/directives/map/Map.js.map +1 -0
- package/transpiled/directives/map/Mapping.d.ts +13 -0
- package/transpiled/directives/map/Mapping.js +13 -0
- package/transpiled/directives/map/Mapping.js.map +1 -0
- package/transpiled/directives/{vary → map}/Properties.d.ts +2 -2
- package/transpiled/directives/{vary → map}/Properties.js +1 -3
- package/transpiled/directives/map/Properties.js.map +1 -0
- package/transpiled/directives/map/Segments.d.ts +6 -0
- package/transpiled/directives/map/Segments.js +30 -0
- package/transpiled/directives/map/Segments.js.map +1 -0
- package/transpiled/directives/map/index.d.ts +2 -0
- package/transpiled/directives/map/index.js +6 -0
- package/transpiled/directives/map/index.js.map +1 -0
- package/transpiled/directives/octets/Context.js +4 -24
- package/transpiled/directives/octets/Context.js.map +1 -1
- package/transpiled/directives/octets/Delete.js +15 -12
- package/transpiled/directives/octets/Delete.js.map +1 -1
- package/transpiled/directives/octets/{Fetch.d.ts → Get.d.ts} +5 -6
- package/transpiled/directives/octets/{Fetch.js → Get.js} +34 -30
- package/transpiled/directives/octets/Get.js.map +1 -0
- package/transpiled/directives/octets/Octets.js +9 -12
- package/transpiled/directives/octets/Octets.js.map +1 -1
- package/transpiled/directives/octets/{Store.d.ts → Put.d.ts} +8 -2
- package/transpiled/directives/octets/{Store.js → Put.js} +33 -27
- package/transpiled/directives/octets/Put.js.map +1 -0
- package/transpiled/directives/octets/Workflow.js +7 -2
- package/transpiled/directives/octets/Workflow.js.map +1 -1
- package/transpiled/directives/octets/bytes.d.ts +1 -0
- package/transpiled/directives/octets/bytes.js +21 -0
- package/transpiled/directives/octets/bytes.js.map +1 -0
- package/transpiled/directives/octets/schemas.d.ts +4 -8
- package/transpiled/directives/octets/schemas.js +3 -6
- package/transpiled/directives/octets/schemas.js.map +1 -1
- package/transpiled/directives/octets/types.d.ts +2 -0
- package/transpiled/directives/octets/workflows/Execution.d.ts +7 -1
- package/transpiled/directives/octets/workflows/Execution.js +44 -9
- package/transpiled/directives/octets/workflows/Execution.js.map +1 -1
- package/transpiled/directives/octets/workflows/Workflow.d.ts +8 -3
- package/transpiled/directives/octets/workflows/Workflow.js +10 -4
- package/transpiled/directives/octets/workflows/Workflow.js.map +1 -1
- package/transpiled/directives/octets/workflows/index.d.ts +1 -1
- package/transpiled/directives/octets/workflows/index.js.map +1 -1
- package/transpiled/exceptions.js +11 -2
- package/transpiled/exceptions.js.map +1 -1
- package/transpiled/manifest.js +10 -11
- package/transpiled/manifest.js.map +1 -1
- package/transpiled/root.js +16 -1
- package/transpiled/root.js.map +1 -1
- package/transpiled/schemas.d.ts +1 -1
- package/transpiled/schemas.js +2 -2
- package/transpiled/schemas.js.map +1 -1
- package/transpiled/tsconfig.tsbuildinfo +1 -1
- package/components/identity.basic/operations/create.d.ts +0 -10
- package/components/identity.basic/operations/create.js +0 -10
- package/components/identity.basic/operations/create.js.map +0 -1
- package/components/identity.basic/source/create.ts +0 -18
- package/components/identity.federation/operations/create.d.ts +0 -10
- package/components/identity.federation/operations/create.js +0 -15
- package/components/identity.federation/operations/create.js.map +0 -1
- package/components/identity.federation/operations/lib/assertions-as-values.d.ts +0 -4
- package/components/identity.federation/operations/lib/assertions-as-values.js.map +0 -1
- package/components/identity.federation/operations/lib/jwt.d.ts +0 -20
- package/components/identity.federation/operations/lib/jwt.js +0 -136
- package/components/identity.federation/operations/lib/jwt.js.map +0 -1
- package/components/identity.federation/operations/schemas.d.ts +0 -59
- package/components/identity.federation/operations/schemas.js +0 -9
- package/components/identity.federation/operations/schemas.js.map +0 -1
- package/components/identity.federation/operations/types.d.ts +0 -51
- package/components/identity.federation/operations/types.js.map +0 -1
- package/components/identity.federation/source/create.ts +0 -26
- package/components/identity.federation/source/lib/assertions-as-values.ts +0 -19
- package/components/identity.federation/source/lib/jwt.test.ts +0 -56
- package/components/identity.federation/source/lib/jwt.ts +0 -171
- package/components/identity.federation/source/schemas.ts +0 -61
- package/components/identity.federation/source/types.ts +0 -56
- package/components/identity.tokens/operations/types.d.ts +0 -39
- package/components/identity.tokens/operations/types.js.map +0 -1
- package/components/identity.tokens/source/types.ts +0 -47
- package/components/octets.storage/operations/fetch.js +0 -46
- package/components/octets.storage/operations/list.js +0 -7
- package/components/octets.storage/operations/permute.js +0 -7
- package/components/octets.storage/operations/store.js +0 -11
- package/documentation/vary.md +0 -75
- package/features/steps/IdP.ts +0 -154
- package/features/steps/components/octets.tester/operations/diversify.js +0 -14
- package/features/vary.feature +0 -203
- package/schemas/octets/context.cos.yaml +0 -1
- package/schemas/octets/fetch.cos.yaml +0 -3
- package/schemas/octets/permute.cos.yaml +0 -1
- package/schemas/octets/store.cos.yaml +0 -3
- package/source/HTTP/Server.test.ts +0 -126
- package/source/directives/octets/Fetch.ts +0 -100
- package/source/directives/octets/List.ts +0 -72
- package/source/directives/octets/Permute.ts +0 -44
- package/source/directives/octets/Store.ts +0 -126
- package/source/directives/vary/Directive.ts +0 -7
- package/source/directives/vary/Embed.ts +0 -68
- package/source/directives/vary/Vary.ts +0 -50
- package/source/directives/vary/embeddings/Embedding.ts +0 -7
- package/source/directives/vary/embeddings/Header.ts +0 -32
- package/source/directives/vary/embeddings/Language.ts +0 -31
- package/source/directives/vary/embeddings/Parameter.ts +0 -14
- package/source/directives/vary/embeddings/index.ts +0 -11
- package/source/directives/vary/index.ts +0 -3
- package/transpiled/directives/octets/Fetch.js.map +0 -1
- package/transpiled/directives/octets/List.d.ts +0 -16
- package/transpiled/directives/octets/List.js +0 -74
- package/transpiled/directives/octets/List.js.map +0 -1
- package/transpiled/directives/octets/Permute.d.ts +0 -11
- package/transpiled/directives/octets/Permute.js.map +0 -1
- package/transpiled/directives/octets/Store.js.map +0 -1
- package/transpiled/directives/vary/Directive.d.ts +0 -6
- package/transpiled/directives/vary/Directive.js.map +0 -1
- package/transpiled/directives/vary/Embed.d.ts +0 -11
- package/transpiled/directives/vary/Embed.js +0 -51
- package/transpiled/directives/vary/Embed.js.map +0 -1
- package/transpiled/directives/vary/Properties.js.map +0 -1
- package/transpiled/directives/vary/Vary.d.ts +0 -10
- package/transpiled/directives/vary/Vary.js +0 -36
- package/transpiled/directives/vary/Vary.js.map +0 -1
- package/transpiled/directives/vary/embeddings/Embedding.d.ts +0 -6
- package/transpiled/directives/vary/embeddings/Embedding.js.map +0 -1
- package/transpiled/directives/vary/embeddings/Header.d.ts +0 -7
- package/transpiled/directives/vary/embeddings/Header.js +0 -28
- package/transpiled/directives/vary/embeddings/Header.js.map +0 -1
- package/transpiled/directives/vary/embeddings/Language.d.ts +0 -7
- package/transpiled/directives/vary/embeddings/Language.js +0 -28
- package/transpiled/directives/vary/embeddings/Language.js.map +0 -1
- package/transpiled/directives/vary/embeddings/Parameter.d.ts +0 -7
- package/transpiled/directives/vary/embeddings/Parameter.js +0 -14
- package/transpiled/directives/vary/embeddings/Parameter.js.map +0 -1
- package/transpiled/directives/vary/embeddings/index.d.ts +0 -5
- package/transpiled/directives/vary/embeddings/index.js +0 -12
- package/transpiled/directives/vary/embeddings/index.js.map +0 -1
- package/transpiled/directives/vary/index.d.ts +0 -2
- package/transpiled/directives/vary/index.js +0 -6
- package/transpiled/directives/vary/index.js.map +0 -1
- /package/components/{identity.federation/operations → identity.tokens/operations/lib}/types.js +0 -0
- /package/schemas/octets/{list.cos.yaml → get.cos.yaml} +0 -0
- /package/{components/identity.tokens/operations → transpiled/directives/flow}/types.js +0 -0
- /package/transpiled/directives/{vary → map}/Directive.js +0 -0
|
@@ -1,14 +1,20 @@
|
|
|
1
1
|
import assert from 'node:assert'
|
|
2
2
|
import { match } from 'matchacho'
|
|
3
|
+
import { console } from 'openspan'
|
|
4
|
+
import { minimatch } from 'minimatch'
|
|
3
5
|
import * as http from '../../HTTP'
|
|
4
6
|
import { Anonymous } from './Anonymous'
|
|
5
7
|
import { Id } from './Id'
|
|
6
8
|
import { Role } from './Role'
|
|
7
9
|
import { Rule } from './Rule'
|
|
8
10
|
import { Incept } from './Incept'
|
|
11
|
+
import { Assert } from './Assert'
|
|
9
12
|
import { Echo } from './Echo'
|
|
10
13
|
import { Scheme } from './Scheme'
|
|
11
14
|
import { Delegate } from './Delegate'
|
|
15
|
+
import { Federation } from './Federation'
|
|
16
|
+
import { Anyone } from './Anyone'
|
|
17
|
+
import { Input, type Declaration } from './Input'
|
|
12
18
|
import { split } from './split'
|
|
13
19
|
import { PRIMARY, PROVIDERS } from './schemes'
|
|
14
20
|
import type { Output } from '../../io'
|
|
@@ -22,7 +28,7 @@ import type {
|
|
|
22
28
|
Discovery,
|
|
23
29
|
Extension,
|
|
24
30
|
Identity,
|
|
25
|
-
|
|
31
|
+
Context,
|
|
26
32
|
Remote,
|
|
27
33
|
Schemes
|
|
28
34
|
} from './types'
|
|
@@ -39,7 +45,7 @@ export class Authorization implements DirectiveFamily<Directive, Extension> {
|
|
|
39
45
|
|
|
40
46
|
public create (name: string, value: any, remotes: Remotes): Directive {
|
|
41
47
|
assert.ok(name in constructors,
|
|
42
|
-
`Directive 'auth:${name}' is not implemented
|
|
48
|
+
`Directive 'auth:${name}' is not implemented`)
|
|
43
49
|
|
|
44
50
|
const Class = constructors[name]
|
|
45
51
|
|
|
@@ -49,70 +55,94 @@ export class Authorization implements DirectiveFamily<Directive, Extension> {
|
|
|
49
55
|
return match(Class,
|
|
50
56
|
Role, () => new Role(value as string | string[], this.discovery.roles),
|
|
51
57
|
Rule, () => new Rule(value as Record<string, string>, this.create.bind(this)),
|
|
58
|
+
Input, () => new Input(value as Declaration[], this.create.bind(this)),
|
|
52
59
|
Incept, () => new Incept(value as string, this.discovery),
|
|
60
|
+
Delegate, () => new Delegate(value as string, this.discovery.roles),
|
|
53
61
|
() => new Class(value))
|
|
54
62
|
}
|
|
55
63
|
|
|
56
64
|
public async preflight (directives: Directive[],
|
|
57
|
-
|
|
65
|
+
context: Context,
|
|
58
66
|
parameters: Parameter[]): Promise<Output> {
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
input.identity = identity
|
|
67
|
+
context.identity = await this.resolve(context.authority, context.request.headers.authorization)
|
|
68
|
+
directives.sort((a, b) => (a.priority ?? 1) - (b.priority ?? 1))
|
|
62
69
|
|
|
63
70
|
for (const directive of directives) {
|
|
64
|
-
const allow = await directive.authorize(identity,
|
|
71
|
+
const allow = await directive.authorize(context.identity, context, parameters)
|
|
65
72
|
|
|
66
73
|
if (allow)
|
|
67
|
-
|
|
74
|
+
if (this.permitted(context))
|
|
75
|
+
return directive.reply?.(context) ?? null
|
|
76
|
+
else
|
|
77
|
+
throw new http.Forbidden()
|
|
68
78
|
}
|
|
69
79
|
|
|
70
|
-
if (identity === null)
|
|
80
|
+
if (context.identity === null)
|
|
71
81
|
throw new http.Unauthorized()
|
|
72
82
|
else
|
|
73
83
|
throw new http.Forbidden()
|
|
74
84
|
}
|
|
75
85
|
|
|
76
86
|
public async settle (directives: Directive[],
|
|
77
|
-
|
|
87
|
+
context: Context,
|
|
78
88
|
response: http.OutgoingMessage): Promise<void> {
|
|
79
|
-
|
|
89
|
+
await Promise.all(directives.map(async (directive) =>
|
|
90
|
+
directive.settle?.(context, response)))
|
|
80
91
|
|
|
81
|
-
const identity =
|
|
92
|
+
const identity = context.identity
|
|
82
93
|
|
|
83
|
-
if (identity === null)
|
|
94
|
+
if (identity === null)
|
|
95
|
+
return
|
|
84
96
|
|
|
85
|
-
if (identity.scheme === PRIMARY && !identity.refresh)
|
|
97
|
+
if (identity.scheme === PRIMARY && !identity.refresh)
|
|
98
|
+
return
|
|
86
99
|
|
|
87
|
-
|
|
88
|
-
|
|
100
|
+
if (await this.banned(identity))
|
|
101
|
+
throw new http.Unauthorized()
|
|
89
102
|
|
|
103
|
+
// Role directive may have already set the value
|
|
104
|
+
identity.roles ??= await Role.get(identity, this.discovery.roles)
|
|
90
105
|
this.tokens ??= await this.discovery.tokens
|
|
91
106
|
|
|
92
|
-
const token = await this.tokens.invoke<string>('encrypt', {
|
|
107
|
+
const token = await this.tokens.invoke<string>('encrypt', {
|
|
108
|
+
input: { authority: context.authority, identity }
|
|
109
|
+
})
|
|
110
|
+
|
|
93
111
|
const authorization = `Token ${token}`
|
|
94
112
|
|
|
95
113
|
response.headers ??= new Headers()
|
|
96
114
|
response.headers.set('authorization', authorization)
|
|
97
|
-
response.headers.
|
|
115
|
+
response.headers.set('cache-control', 'no-store')
|
|
98
116
|
}
|
|
99
117
|
|
|
100
|
-
private async resolve (authorization: string | undefined): Promise<Identity | null> {
|
|
101
|
-
if (authorization === undefined)
|
|
118
|
+
private async resolve (authority: string, authorization: string | undefined): Promise<Identity | null> {
|
|
119
|
+
if (authorization === undefined)
|
|
120
|
+
return null
|
|
102
121
|
|
|
103
122
|
const [scheme, credentials] = split(authorization)
|
|
104
123
|
const provider = PROVIDERS[scheme]
|
|
105
124
|
|
|
106
|
-
if (
|
|
107
|
-
throw new http.Unauthorized(`Unknown authentication scheme '${scheme}'
|
|
125
|
+
if (provider === undefined)
|
|
126
|
+
throw new http.Unauthorized(`Unknown authentication scheme '${scheme}'`)
|
|
108
127
|
|
|
109
128
|
this.schemes[scheme] ??= await this.discovery[provider]
|
|
110
129
|
|
|
111
130
|
const result = await this.schemes[scheme].invoke<AuthenticationResult>('authenticate', {
|
|
112
|
-
input:
|
|
131
|
+
input: {
|
|
132
|
+
scheme,
|
|
133
|
+
authority,
|
|
134
|
+
credentials
|
|
135
|
+
}
|
|
113
136
|
})
|
|
114
137
|
|
|
115
|
-
if (result instanceof Error)
|
|
138
|
+
if (result instanceof Error) {
|
|
139
|
+
const code: string | unknown = (result as unknown as { code: string }).code
|
|
140
|
+
|
|
141
|
+
if (typeof code === 'string')
|
|
142
|
+
console.info('Authentication failed', { code })
|
|
143
|
+
|
|
144
|
+
return null
|
|
145
|
+
}
|
|
116
146
|
|
|
117
147
|
const identity = result.identity
|
|
118
148
|
|
|
@@ -124,6 +154,18 @@ export class Authorization implements DirectiveFamily<Directive, Extension> {
|
|
|
124
154
|
return identity
|
|
125
155
|
}
|
|
126
156
|
|
|
157
|
+
private permitted (context: Context): boolean {
|
|
158
|
+
const permissions = context.identity?.permissions
|
|
159
|
+
|
|
160
|
+
if (permissions === undefined)
|
|
161
|
+
return true
|
|
162
|
+
|
|
163
|
+
return Object.entries(permissions).some(([pattern, methods]) => {
|
|
164
|
+
return methods.some((method) => method === '*' || method === context.request.method) &&
|
|
165
|
+
minimatch(context.request.url, pattern)
|
|
166
|
+
})
|
|
167
|
+
}
|
|
168
|
+
|
|
127
169
|
private async banned (identity: Identity): Promise<boolean> {
|
|
128
170
|
this.bans ??= await this.discovery.bans
|
|
129
171
|
|
|
@@ -135,13 +177,17 @@ export class Authorization implements DirectiveFamily<Directive, Extension> {
|
|
|
135
177
|
|
|
136
178
|
const constructors: Record<string, new (value: any, argument?: any) => Directive> = {
|
|
137
179
|
anonymous: Anonymous,
|
|
180
|
+
anyone: Anyone,
|
|
138
181
|
id: Id,
|
|
139
182
|
role: Role,
|
|
140
183
|
rule: Rule,
|
|
141
184
|
incept: Incept,
|
|
185
|
+
assert: Assert,
|
|
142
186
|
scheme: Scheme,
|
|
143
187
|
echo: Echo,
|
|
144
|
-
delegate: Delegate
|
|
188
|
+
delegate: Delegate,
|
|
189
|
+
claims: Federation,
|
|
190
|
+
input: Input
|
|
145
191
|
}
|
|
146
192
|
|
|
147
|
-
const REMOTES: Remote[] = ['basic', 'federation', 'tokens', 'roles', 'bans']
|
|
193
|
+
const REMOTES: Remote[] = ['basic', 'federation', 'tokens', 'roles', 'bans', 'otp']
|
|
@@ -1,18 +1,22 @@
|
|
|
1
1
|
import { BadRequest } from '../../HTTP'
|
|
2
|
-
import {
|
|
3
|
-
import type {
|
|
2
|
+
import { Role } from './Role'
|
|
3
|
+
import type { Context, Directive, Identity } from './types'
|
|
4
|
+
import type { Component } from '@toa.io/core'
|
|
4
5
|
|
|
5
6
|
export class Delegate implements Directive {
|
|
6
7
|
private readonly property: string
|
|
8
|
+
private readonly discovery: Promise<Component>
|
|
7
9
|
|
|
8
|
-
public constructor (property: string) {
|
|
10
|
+
public constructor (property: string, discovery: Promise<Component>) {
|
|
9
11
|
this.property = property
|
|
12
|
+
this.discovery = discovery
|
|
10
13
|
}
|
|
11
14
|
|
|
12
|
-
public authorize (identity: Identity | null, context:
|
|
15
|
+
public async authorize (identity: Identity | null, context: Context): Promise<boolean> {
|
|
13
16
|
if (identity === null)
|
|
14
17
|
return false
|
|
15
18
|
|
|
19
|
+
identity.roles ??= await Role.get(identity, this.discovery)
|
|
16
20
|
context.pipelines.body.push((body) => this.embed(body, identity))
|
|
17
21
|
|
|
18
22
|
return true
|
|
@@ -23,7 +27,7 @@ export class Delegate implements Directive {
|
|
|
23
27
|
body = {}
|
|
24
28
|
|
|
25
29
|
check(body)
|
|
26
|
-
body[this.property] = identity
|
|
30
|
+
body[this.property] = structuredClone(identity)
|
|
27
31
|
|
|
28
32
|
return body
|
|
29
33
|
}
|
|
@@ -1,12 +1,22 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import
|
|
1
|
+
import { create } from './create'
|
|
2
|
+
import type { OutgoingMessage } from '../../HTTP'
|
|
3
|
+
import type { Directive, Identity, Context } from './types'
|
|
3
4
|
|
|
4
5
|
export class Echo implements Directive {
|
|
5
|
-
public authorize (identity: Identity | null): boolean {
|
|
6
|
-
|
|
6
|
+
public authorize (identity: Identity | null, context: Context): boolean {
|
|
7
|
+
if (identity === null && 'authorization' in context.request.headers)
|
|
8
|
+
return false
|
|
9
|
+
|
|
10
|
+
context.identity ??= create()
|
|
11
|
+
|
|
12
|
+
return true
|
|
7
13
|
}
|
|
8
14
|
|
|
9
|
-
public reply (
|
|
10
|
-
|
|
15
|
+
public reply (context: Context): OutgoingMessage {
|
|
16
|
+
const body = context.identity!
|
|
17
|
+
|
|
18
|
+
return body.scheme === null
|
|
19
|
+
? { status: 201, body }
|
|
20
|
+
: { body }
|
|
11
21
|
}
|
|
12
22
|
}
|
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
import assert from 'node:assert'
|
|
2
|
+
import type { Directive, Identity, Context } from './types'
|
|
3
|
+
import type { Parameter } from '../../RTD'
|
|
4
|
+
|
|
5
|
+
export class Federation implements Directive {
|
|
6
|
+
private readonly matchers: Array<[keyof Claims, Matcher]>
|
|
7
|
+
|
|
8
|
+
public constructor (options: Options) {
|
|
9
|
+
this.matchers = (Object.entries(options) as Array<[keyof Claims, string]>)
|
|
10
|
+
.map(([key, value]) => [key, toMatcher(value)])
|
|
11
|
+
|
|
12
|
+
assert.ok(this.matchers.length > 0, '`auth:claims` requires at least one property defined')
|
|
13
|
+
}
|
|
14
|
+
|
|
15
|
+
public authorize (identity: Identity | null, context: Context, parameters: Parameter[]): boolean {
|
|
16
|
+
if (identity === null || !('claims' in identity))
|
|
17
|
+
return false
|
|
18
|
+
|
|
19
|
+
const claims = (identity as FederatedIdentity).claims
|
|
20
|
+
|
|
21
|
+
for (const [key, match] of this.matchers)
|
|
22
|
+
if (!match(claims[key], context, parameters))
|
|
23
|
+
return false
|
|
24
|
+
|
|
25
|
+
return true
|
|
26
|
+
}
|
|
27
|
+
}
|
|
28
|
+
|
|
29
|
+
function toMatcher (expression: string): Matcher {
|
|
30
|
+
if (expression.startsWith(':')) {
|
|
31
|
+
const key = expression.slice(1) as 'authority'
|
|
32
|
+
|
|
33
|
+
if (key === 'authority')
|
|
34
|
+
return (value, context) => matches(value, context[key])
|
|
35
|
+
|
|
36
|
+
if (key === 'domain')
|
|
37
|
+
return (value, context) => {
|
|
38
|
+
return Array.isArray(value)
|
|
39
|
+
? value.some((iss) => codomain(iss, context))
|
|
40
|
+
: codomain(value, context)
|
|
41
|
+
}
|
|
42
|
+
|
|
43
|
+
throw new Error('Unknown `auth:claims` syntax: ' + expression)
|
|
44
|
+
}
|
|
45
|
+
|
|
46
|
+
if (expression.startsWith('/:')) {
|
|
47
|
+
const name = expression.slice(2)
|
|
48
|
+
|
|
49
|
+
return (value, _, parameters) => parameters
|
|
50
|
+
.some((parameter) => parameter.name === name && matches(value, parameter.value))
|
|
51
|
+
}
|
|
52
|
+
|
|
53
|
+
return (value) => matches(value, expression)
|
|
54
|
+
}
|
|
55
|
+
|
|
56
|
+
function matches (value: string | string[], reference: string): boolean {
|
|
57
|
+
return Array.isArray(value)
|
|
58
|
+
? value.includes(reference)
|
|
59
|
+
: value === reference
|
|
60
|
+
}
|
|
61
|
+
|
|
62
|
+
function codomain (iss: string, context: Context): boolean {
|
|
63
|
+
const hostname = new URL(iss).hostname
|
|
64
|
+
const dot = hostname.indexOf('.')
|
|
65
|
+
const basename = dot === -1 ? hostname : hostname.slice(dot)
|
|
66
|
+
|
|
67
|
+
return context.authority.slice(-basename.length) === basename
|
|
68
|
+
}
|
|
69
|
+
|
|
70
|
+
type Matcher = (value: string | string[], context: Context, parameters: Parameter[]) => boolean
|
|
71
|
+
|
|
72
|
+
interface Claims {
|
|
73
|
+
iss: string
|
|
74
|
+
sub: string
|
|
75
|
+
aud: string | string[]
|
|
76
|
+
}
|
|
77
|
+
|
|
78
|
+
interface Options extends Partial<Claims> {
|
|
79
|
+
iss: string
|
|
80
|
+
}
|
|
81
|
+
|
|
82
|
+
interface FederatedIdentity extends Identity {
|
|
83
|
+
claims: Claims
|
|
84
|
+
}
|
|
@@ -8,7 +8,7 @@ export class Id implements Directive {
|
|
|
8
8
|
this.parameter = parameter
|
|
9
9
|
}
|
|
10
10
|
|
|
11
|
-
public authorize (identity: Identity | null, _:
|
|
11
|
+
public authorize (identity: Identity | null, _: unknown, parameters: Parameter[]): boolean {
|
|
12
12
|
if (identity === null)
|
|
13
13
|
return false
|
|
14
14
|
|
|
@@ -1,47 +1,100 @@
|
|
|
1
|
-
import
|
|
1
|
+
import assert from 'node:assert'
|
|
2
|
+
import { console } from 'openspan'
|
|
2
3
|
import * as http from '../../HTTP'
|
|
3
|
-
import { type Directive, type Discovery, type Identity, type Input, type Schemes } from './types'
|
|
4
4
|
import { split } from './split'
|
|
5
|
-
import {
|
|
5
|
+
import { create } from './create'
|
|
6
|
+
import { PROVIDERS, INCEPTION } from './schemes'
|
|
7
|
+
import { Role } from './Role'
|
|
8
|
+
import type { Component } from '@toa.io/core'
|
|
9
|
+
import type { Maybe } from '@toa.io/types'
|
|
10
|
+
import type { Directive, Discovery, Identity, Context, Schemes, Ban } from './types'
|
|
6
11
|
|
|
7
12
|
export class Incept implements Directive {
|
|
8
|
-
private readonly
|
|
9
|
-
private
|
|
10
|
-
private
|
|
13
|
+
private static readonly schemes: Schemes = {} as unknown as Schemes
|
|
14
|
+
private static discovery: Discovery
|
|
15
|
+
private static bans: Component | null = null
|
|
16
|
+
|
|
17
|
+
private readonly property: string | null
|
|
11
18
|
|
|
12
19
|
public constructor (property: string, discovery: Discovery) {
|
|
20
|
+
assert.ok(property === null || typeof property === 'string',
|
|
21
|
+
'`auth:incept` value must be a string or null')
|
|
22
|
+
|
|
13
23
|
this.property = property
|
|
14
|
-
|
|
24
|
+
Incept.discovery ??= discovery
|
|
15
25
|
}
|
|
16
26
|
|
|
17
|
-
public
|
|
18
|
-
|
|
19
|
-
|
|
27
|
+
public static async incept (context: Context, id: string): Promise<Identity> {
|
|
28
|
+
const [scheme, credentials] = split(context.request.headers.authorization!)
|
|
29
|
+
const provider = PROVIDERS[scheme]
|
|
20
30
|
|
|
21
|
-
|
|
22
|
-
|
|
31
|
+
if (provider === undefined)
|
|
32
|
+
throw new http.BadRequest('Authentication scheme is not supported')
|
|
23
33
|
|
|
24
|
-
if (
|
|
25
|
-
throw new http.
|
|
26
|
-
` does not contain the '${this.property}' property.`)
|
|
34
|
+
if (!INCEPTION.includes(provider))
|
|
35
|
+
throw new http.Unauthorized()
|
|
27
36
|
|
|
28
|
-
|
|
29
|
-
|
|
37
|
+
Incept.bans ??= await Incept.discovery.bans
|
|
38
|
+
|
|
39
|
+
const ban = await Incept.bans.invoke<Ban>('observe', { query: { id } })
|
|
30
40
|
|
|
31
|
-
|
|
41
|
+
if (ban.banned)
|
|
42
|
+
throw new http.Unauthorized()
|
|
32
43
|
|
|
33
|
-
|
|
34
|
-
|
|
44
|
+
Incept.schemes[scheme] ??= await Incept.discovery[provider]
|
|
45
|
+
|
|
46
|
+
const identity = await Incept.schemes[scheme].invoke<Maybe<Identity>>('incept', {
|
|
35
47
|
input: {
|
|
48
|
+
scheme,
|
|
49
|
+
authority: context.authority,
|
|
36
50
|
id,
|
|
37
51
|
credentials
|
|
38
52
|
}
|
|
39
53
|
})
|
|
40
54
|
|
|
41
55
|
if (identity instanceof Error)
|
|
42
|
-
throw new http.
|
|
56
|
+
throw new http.UnprocessableEntity(identity)
|
|
57
|
+
|
|
58
|
+
identity.scheme = scheme
|
|
59
|
+
identity.roles = []
|
|
60
|
+
|
|
61
|
+
return identity
|
|
62
|
+
}
|
|
63
|
+
|
|
64
|
+
public authorize (identity: Identity | null): boolean {
|
|
65
|
+
return identity === null
|
|
66
|
+
}
|
|
67
|
+
|
|
68
|
+
public reply (context: Context): http.OutgoingMessage | null {
|
|
69
|
+
if (this.property !== null)
|
|
70
|
+
return null
|
|
71
|
+
|
|
72
|
+
const body = create(context.request.headers.authorization)
|
|
73
|
+
|
|
74
|
+
return { body }
|
|
75
|
+
}
|
|
76
|
+
|
|
77
|
+
public async settle (context: Context, response: http.OutgoingMessage): Promise<void> {
|
|
78
|
+
const id = response.body?.[this.property ?? 'id']
|
|
79
|
+
|
|
80
|
+
if (id === undefined) {
|
|
81
|
+
console.debug('Inception skipped: response does not contain expected property', {
|
|
82
|
+
property: this.property,
|
|
83
|
+
response
|
|
84
|
+
})
|
|
85
|
+
|
|
86
|
+
return
|
|
87
|
+
}
|
|
88
|
+
|
|
89
|
+
assert(typeof id === 'string', `Response body property "${this.property}" expected to be a string`)
|
|
90
|
+
|
|
91
|
+
if (context.request.headers.authorization !== undefined)
|
|
92
|
+
context.identity = await Incept.incept(context, id)
|
|
93
|
+
else {
|
|
94
|
+
const identity = { id, scheme: null, refresh: true }
|
|
95
|
+
const roles = await Role.get(identity, Incept.discovery.roles)
|
|
43
96
|
|
|
44
|
-
|
|
45
|
-
|
|
97
|
+
context.identity = { ...identity, roles }
|
|
98
|
+
}
|
|
46
99
|
}
|
|
47
100
|
}
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
import { Forbidden } from '../../HTTP'
|
|
2
|
+
import type { Parameter } from '../../RTD'
|
|
3
|
+
import type { Context, Directive, Identity, Create } from './types'
|
|
4
|
+
|
|
5
|
+
export class Input implements Directive {
|
|
6
|
+
public priority = 0
|
|
7
|
+
private readonly statements: Statement[] = []
|
|
8
|
+
|
|
9
|
+
public constructor (declarations: Declaration[], create: Create) {
|
|
10
|
+
this.statements = declarations.map((declaration) => new Statement(declaration, create))
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
public async authorize (identity: Identity | null, context: Context, parameters: Parameter[]): Promise<boolean> {
|
|
14
|
+
context.pipelines.body.push(async (body) => this.check(identity, context, parameters, body))
|
|
15
|
+
|
|
16
|
+
return false
|
|
17
|
+
}
|
|
18
|
+
|
|
19
|
+
// eslint-disable-next-line max-params
|
|
20
|
+
private async check (identity: Identity | null, context: Context, parameters: Parameter[], body: unknown): Promise<unknown> {
|
|
21
|
+
if (body === undefined || body === null || body.constructor !== Object)
|
|
22
|
+
return body
|
|
23
|
+
|
|
24
|
+
const settled = await Promise.allSettled(this.statements.map(async (statement) =>
|
|
25
|
+
statement.check(identity, context, parameters, body as Body)))
|
|
26
|
+
|
|
27
|
+
for (const result of settled)
|
|
28
|
+
if (result.status === 'rejected')
|
|
29
|
+
throw result.reason
|
|
30
|
+
|
|
31
|
+
return body
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
|
|
35
|
+
class Statement {
|
|
36
|
+
private readonly properties: string[]
|
|
37
|
+
private readonly directives: Directive[] = []
|
|
38
|
+
|
|
39
|
+
public constructor ({ prop, ...directives }: Declaration, create: Create) {
|
|
40
|
+
this.properties = typeof prop === 'string' ? [prop] : prop
|
|
41
|
+
|
|
42
|
+
for (const [name, value] of Object.entries(directives)) {
|
|
43
|
+
const directive = create(name, value)
|
|
44
|
+
|
|
45
|
+
this.directives.push(directive)
|
|
46
|
+
}
|
|
47
|
+
}
|
|
48
|
+
|
|
49
|
+
// eslint-disable-next-line max-params
|
|
50
|
+
public async check (identity: Identity | null, context: Context, parameters: Parameter[], body: Body): Promise<void> {
|
|
51
|
+
const match = this.properties.some((property) => property in body)
|
|
52
|
+
|
|
53
|
+
if (!match)
|
|
54
|
+
return
|
|
55
|
+
|
|
56
|
+
for (const directive of this.directives) {
|
|
57
|
+
const authorized = await directive.authorize(identity, context, parameters)
|
|
58
|
+
|
|
59
|
+
if (!authorized)
|
|
60
|
+
throw new Forbidden('Input property is not authorized')
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
}
|
|
64
|
+
|
|
65
|
+
export interface Declaration {
|
|
66
|
+
[key: Exclude<string, 'prop'>]: unknown
|
|
67
|
+
|
|
68
|
+
prop: string | string[]
|
|
69
|
+
}
|
|
70
|
+
|
|
71
|
+
type Body = Record<string, unknown>
|
|
@@ -31,7 +31,7 @@ it('should return false if not matched', async () => {
|
|
|
31
31
|
expect(result).toBe(false)
|
|
32
32
|
|
|
33
33
|
expect(remote.invoke)
|
|
34
|
-
.
|
|
34
|
+
.toHaveBeenCalledWith('list', {
|
|
35
35
|
query: {
|
|
36
36
|
criteria: `identity==${identity.id}`,
|
|
37
37
|
limit: 1024
|
|
@@ -93,8 +93,7 @@ it('should return false on mismatch with parameters', async () => {
|
|
|
93
93
|
expect(result).toBe(false)
|
|
94
94
|
})
|
|
95
95
|
|
|
96
|
-
async function match
|
|
97
|
-
(expected: string[], actual: string[], parameters: Parameter[] = []): Promise<boolean> {
|
|
96
|
+
async function match (expected: string[], actual: string[], parameters: Parameter[] = []): Promise<boolean> {
|
|
98
97
|
const directive = new Role(expected, discovery)
|
|
99
98
|
|
|
100
99
|
const identity: Identity = {
|
|
@@ -15,7 +15,7 @@ export class Role implements Directive {
|
|
|
15
15
|
this.dynamic = this.roles.some((role) => role.includes('{'))
|
|
16
16
|
}
|
|
17
17
|
|
|
18
|
-
public static async
|
|
18
|
+
public static async get (identity: Identity, discovery: Promise<Component>): Promise<string[]> {
|
|
19
19
|
this.remote ??= await discovery
|
|
20
20
|
|
|
21
21
|
const query: Query = {
|
|
@@ -23,21 +23,16 @@ export class Role implements Directive {
|
|
|
23
23
|
limit: 1024
|
|
24
24
|
}
|
|
25
25
|
|
|
26
|
-
|
|
26
|
+
return await this.remote.invoke('list', { query })
|
|
27
27
|
}
|
|
28
28
|
|
|
29
|
-
public async authorize
|
|
30
|
-
(identity: Identity | null, _: unknown, parameters: Parameter[]): Promise<boolean> {
|
|
29
|
+
public async authorize (identity: Identity | null, _: unknown, parameters: Parameter[]): Promise<boolean> {
|
|
31
30
|
if (identity === null)
|
|
32
31
|
return false
|
|
33
32
|
|
|
34
|
-
await Role.
|
|
33
|
+
identity.roles ??= await Role.get(identity, this.discovery)
|
|
35
34
|
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
return false
|
|
39
|
-
|
|
40
|
-
return this.match(identity.roles!, parameters)
|
|
35
|
+
return this.match(identity.roles, parameters)
|
|
41
36
|
}
|
|
42
37
|
|
|
43
38
|
private match (roles: string[], parameters: Parameter[]): boolean {
|
|
@@ -58,7 +53,7 @@ export class Role implements Directive {
|
|
|
58
53
|
const value = parameters.find((parameter) => parameter.name === key)?.value
|
|
59
54
|
|
|
60
55
|
assert.ok(value !== undefined,
|
|
61
|
-
`Role '${role}' requires '${key}' route parameter
|
|
56
|
+
`Role '${role}' requires '${key}' route parameter`)
|
|
62
57
|
|
|
63
58
|
return value
|
|
64
59
|
}))
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { type Parameter } from '../../RTD'
|
|
2
|
-
import type {
|
|
2
|
+
import type { Context, Directive, Identity, Create } from './types'
|
|
3
3
|
|
|
4
4
|
export class Rule implements Directive {
|
|
5
5
|
private readonly directives: Directive[] = []
|
|
@@ -12,10 +12,9 @@ export class Rule implements Directive {
|
|
|
12
12
|
}
|
|
13
13
|
}
|
|
14
14
|
|
|
15
|
-
public async authorize
|
|
16
|
-
(identity: Identity | null, input: Input, parameters: Parameter[]): Promise<boolean> {
|
|
15
|
+
public async authorize (identity: Identity | null, context: Context, parameters: Parameter[]): Promise<boolean> {
|
|
17
16
|
for (const directive of this.directives) {
|
|
18
|
-
const authorized = await directive.authorize(identity,
|
|
17
|
+
const authorized = await directive.authorize(identity, context, parameters)
|
|
19
18
|
|
|
20
19
|
if (!authorized)
|
|
21
20
|
return false
|
|
@@ -24,5 +23,3 @@ export class Rule implements Directive {
|
|
|
24
23
|
return true
|
|
25
24
|
}
|
|
26
25
|
}
|
|
27
|
-
|
|
28
|
-
type Create = (name: string, value: any, ...args: any[]) => Directive
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import * as http from '../../HTTP'
|
|
2
|
-
import { type Directive, type Identity, type
|
|
2
|
+
import { type Directive, type Identity, type Context } from './types'
|
|
3
3
|
import { split } from './split'
|
|
4
4
|
|
|
5
5
|
export class Scheme implements Directive {
|
|
@@ -11,15 +11,15 @@ export class Scheme implements Directive {
|
|
|
11
11
|
this.Scheme = scheme[0].toUpperCase() + scheme.substring(1)
|
|
12
12
|
}
|
|
13
13
|
|
|
14
|
-
public authorize (_: Identity | null,
|
|
15
|
-
if (
|
|
14
|
+
public authorize (_: Identity | null, context: Context): boolean {
|
|
15
|
+
if (context.request.headers.authorization === undefined)
|
|
16
16
|
return false
|
|
17
17
|
|
|
18
|
-
const [scheme] = split(
|
|
18
|
+
const [scheme] = split(context.request.headers.authorization)
|
|
19
19
|
|
|
20
20
|
if (scheme !== this.scheme)
|
|
21
21
|
throw new http.Forbidden(this.Scheme +
|
|
22
|
-
' authentication scheme is required to access this resource
|
|
22
|
+
' authentication scheme is required to access this resource')
|
|
23
23
|
|
|
24
24
|
return false
|
|
25
25
|
}
|