@twin.org/node-core 0.0.3-next.3 → 0.0.3-next.31

package/dist/es/commands/userCreate.js

@@ -0,0 +1,212 @@
+import { CLIDisplay, CLIUtils } from "@twin.org/cli-core";
+import { ComponentFactory, GeneralError, Guards, I18n, Is } from "@twin.org/core";
+import { PasswordGenerator } from "@twin.org/crypto";
+import { Did, IdentityProfileConnectorFactory } from "@twin.org/identity-models";
+const COMMAND_NAME = "user-create";
+/**
+ * Get the command definition parameters.
+ * @param commandDefinitions The registered command definitions.
+ */
+export function getCommandDefinitionUserCreate(commandDefinitions) {
+    commandDefinitions[COMMAND_NAME] = {
+        command: COMMAND_NAME,
+        description: I18n.formatMessage("node.cli.commands.user-create.description"),
+        example: I18n.formatMessage("node.cli.commands.user-create.example"),
+        params: [
+            {
+                key: "env-prefix",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-create.params.env-prefix.description"),
+                required: false
+            },
+            {
+                key: "user-identity",
+                type: "string",
+                extendedType: "DID",
+                description: I18n.formatMessage("node.cli.commands.user-create.params.user-identity.description")
+            },
+            {
+                key: "organization-identity",
+                type: "string",
+                extendedType: "DID",
+                description: I18n.formatMessage("node.cli.commands.user-create.params.organization-identity.description")
+            },
+            {
+                key: "email",
+                type: "string",
+                extendedType: "email",
+                description: I18n.formatMessage("node.cli.commands.user-create.params.email.description")
+            },
+            {
+                key: "password",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-create.params.password.description"),
+                required: false
+            },
+            {
+                key: "scope",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-create.params.scope.description"),
+                required: false
+            },
+            {
+                key: "given-name",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-create.params.given-name.description"),
+                required: false
+            },
+            {
+                key: "family-name",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-create.params.family-name.description"),
+                required: false
+            },
+            {
+                key: "overwrite-mode",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-create.params.overwrite-mode.description"),
+                options: ["skip", "overwrite", "error"],
+                defaultValue: "skip",
+                required: false
+            },
+            {
+                key: "load-env",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-create.params.load-env.description"),
+                required: false
+            },
+            {
+                key: "output-json",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-create.params.output-json.description"),
+                required: false
+            },
+            {
+                key: "output-env",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-create.params.output-env.description"),
+                required: false
+            },
+            {
+                key: "output-env-prefix",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-create.params.output-env-prefix.description"),
+                required: false
+            }
+        ],
+        action: async (engineCore, envVars, params) => userCreate(engineCore, envVars, params)
+    };
+}
+/**
+ * Command for creating a user.
+ * @param engineCore The engine core.
+ * @param envVars The environment variables for the node.
+ * @param params The parameters for the command.
+ * @param params.userIdentity The DID for the user.
+ * @param params.organizationIdentity The organization DID for the user.
+ * @param params.email The email for the user.
+ * @param params.password The password for the user.
+ * @param params.scope The scope for the user.
+ * @param params.givenName The given name for the user.
+ * @param params.familyName The family name for the user.
+ * @param params.overwriteMode The mode to use when a user with the same identity already exists.
+ * @param params.outputJson The output .json file to store the command output.
+ * @param params.outputEnv The output .env file to store the command output.
+ * @param params.outputEnvPrefix The prefix to use for variables in the output .env file.
+ * @returns The created user details or undefined if skipped.
+ */
+export async function userCreate(engineCore, envVars, params) {
+    Guards.email("userCreate", "email", params.email);
+    Did.guard("userCreate", "user-identity", params.userIdentity);
+    Did.guard("userCreate", "organization-identity", params.organizationIdentity);
+    if (Is.stringValue(params.password) && params.password.length < 16) {
+        throw new GeneralError("userCreate", "passwordTooShort", { minLength: 16 });
+    }
+    const defaultIdentityProfileConnectorType = engineCore.getRegisteredInstanceType("identityProfileConnector");
+    const identityProfileConnector = IdentityProfileConnectorFactory.get(defaultIdentityProfileConnectorType);
+    const defaultAuthenticationAdminComponentType = engineCore.getRegisteredInstanceType("authenticationAdminComponent");
+    const authenticationAdminComponent = ComponentFactory.get(defaultAuthenticationAdminComponentType);
+    let createUser = true;
+    let existingUser;
+    try {
+        existingUser = await authenticationAdminComponent.get(params.email);
+    }
+    catch { }
+    if (!Is.empty(existingUser)) {
+        if (params.overwriteMode === "error") {
+            throw new GeneralError("userCreate", "userAlreadyExists");
+        }
+        else if (params.overwriteMode === "skip") {
+            createUser = false;
+            CLIDisplay.task(I18n.formatMessage("node.cli.commands.user-create.labels.skipping"));
+        }
+        else if (params.overwriteMode === "overwrite") {
+            CLIDisplay.task(I18n.formatMessage("node.cli.commands.user-create.labels.overwriting"));
+            await authenticationAdminComponent.remove(existingUser.email);
+            await identityProfileConnector.remove(existingUser.userIdentity);
+        }
+    }
+    let json;
+    if (createUser) {
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.user-create.labels.creating"));
+        const user = {
+            email: params.email,
+            password: params.password ?? PasswordGenerator.generate(16),
+            userIdentity: params.userIdentity,
+            organizationIdentity: params.organizationIdentity,
+            scope: params.scope?.split(",").map(s => s.trim()) ?? []
+        };
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.user-create.labels.storingUser"));
+        if (existingUser) {
+            await authenticationAdminComponent.update(user);
+        }
+        else {
+            await authenticationAdminComponent.create(user);
+        }
+        const name = `${params.givenName ?? ""} ${params.familyName ?? ""}`.trim();
+        const publicProfile = {
+            "@context": "https://schema.org",
+            "@type": "Person",
+            name: name.length > 0 ? name : undefined
+        };
+        const privateProfile = {
+            "@context": "https://schema.org",
+            "@type": "Person",
+            givenName: params.givenName,
+            familyName: params.familyName,
+            email: params.email
+        };
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.user-create.labels.storingProfile"));
+        await identityProfileConnector.create(params.userIdentity, publicProfile, privateProfile);
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.user-create.labels.userCreated"));
+        CLIDisplay.value(I18n.formatMessage("node.cli.commands.user-create.labels.email"), user.email);
+        CLIDisplay.value(I18n.formatMessage("node.cli.commands.user-create.labels.password"), user.password);
+        CLIDisplay.break();
+        json = {
+            did: params.userIdentity,
+            organizationDid: params.organizationIdentity,
+            email: params.email,
+            password: user.password,
+            scope: params.scope?.split(",").map(s => s.trim()) ?? [],
+            givenName: params.givenName ?? "",
+            familyName: params.familyName ?? ""
+        };
+        if (Is.stringValue(params.outputJson)) {
+            await CLIUtils.writeJsonFile(params.outputJson, json, false);
+        }
+        if (Is.stringValue(params.outputEnv)) {
+            await CLIUtils.writeEnvFile(params.outputEnv, [
+                `${params.outputEnvPrefix}DID="${params.userIdentity}"`,
+                `${params.outputEnvPrefix}ORGANIZATION_DID="${params.organizationIdentity}"`,
+                `${params.outputEnvPrefix}EMAIL="${params.email}"`,
+                `${params.outputEnvPrefix}PASSWORD="${user.password}"`,
+                `${params.outputEnvPrefix}SCOPE="${params.scope ?? ""}"`,
+                `${params.outputEnvPrefix}GIVEN_NAME="${params.givenName ?? ""}"`,
+                `${params.outputEnvPrefix}FAMILY_NAME="${params.familyName ?? ""}"`
+            ], false);
+        }
+    }
+    CLIDisplay.done();
+    return json;
+}
+//# sourceMappingURL=userCreate.js.map

package/dist/es/commands/userCreate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"userCreate.js","sourceRoot":"","sources":["../../../src/commands/userCreate.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAC;AAClF,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAErD,OAAO,EAAE,GAAG,EAAE,+BAA+B,EAAE,MAAM,2BAA2B,CAAC;AAKjF,MAAM,YAAY,GAAG,aAAa,CAAC;AAEnC;;;GAGG;AACH,MAAM,UAAU,8BAA8B,CAAC,kBAE9C;IACA,kBAAkB,CAAC,YAAY,CAAC,GAAG;QAClC,OAAO,EAAE,YAAY;QACrB,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,2CAA2C,CAAC;QAC5E,OAAO,EAAE,IAAI,CAAC,aAAa,CAAC,uCAAuC,CAAC;QACpE,MAAM,EAAE;YACP;gBACC,GAAG,EAAE,YAAY;gBACjB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,6DAA6D,CAC7D;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,eAAe;gBACpB,IAAI,EAAE,QAAQ;gBACd,YAAY,EAAE,KAAK;gBACnB,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,gEAAgE,CAChE;aACD;YACD;gBACC,GAAG,EAAE,uBAAuB;gBAC5B,IAAI,EAAE,QAAQ;gBACd,YAAY,EAAE,KAAK;gBACnB,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,wEAAwE,CACxE;aACD;YACD;gBACC,GAAG,EAAE,OAAO;gBACZ,IAAI,EAAE,QAAQ;gBACd,YAAY,EAAE,OAAO;gBACrB,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,wDAAwD,CAAC;aACzF;YACD;gBACC,GAAG,EAAE,UAAU;gBACf,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,2DAA2D,CAC3D;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,OAAO;gBACZ,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,wDAAwD,CAAC;gBACzF,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,YAAY;gBACjB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,6DAA6D,CAC7D;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,aAAa;gBAClB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,8DAA8D,CAC9D;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,gBAAgB;gBACrB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,iEAAiE,CACjE;gBACD,OAAO,EAAE,CAAC,MAAM,EAAE,WAAW,EAAE,OAAO,CAAC;gBACvC,YAAY,EAAE,MAAM;gBACpB,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,UAAU;gBACf,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,2DAA2D,CAC3D;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,aAAa;gBAClB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,8DAA8D,CAC9D;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,YAAY;gBACjB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,6DAA6D,CAC7D;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,mBAAmB;gBACxB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,oEAAoE,CACpE;gBACD,QAAQ,EAAE,KAAK;aACf;SACD;QACD,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;KACtF,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC/B,UAAuB,EACvB,OAAkC,EAClC,MAYC;IAaD,MAAM,CAAC,KAAK,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAClD,GAAG,CAAC,KAAK,CAAC,YAAY,EAAE,eAAe,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IAC9D,GAAG,CAAC,KAAK,CAAC,YAAY,EAAE,uBAAuB,EAAE,MAAM,CAAC,oBAAoB,CAAC,CAAC;IAE9E,IAAI,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACpE,MAAM,IAAI,YAAY,CAAC,YAAY,EAAE,kBAAkB,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,mCAAmC,GAAG,UAAU,CAAC,yBAAyB,CAC/E,0BAA0B,CAC1B,CAAC;IACF,MAAM,wBAAwB,GAAG,+BAA+B,CAAC,GAAG,CACnE,mCAAmC,CACnC,CAAC;IAEF,MAAM,uCAAuC,GAAG,UAAU,CAAC,yBAAyB,CACnF,8BAA8B,CAC9B,CAAC;IACF,MAAM,4BAA4B,GAAG,gBAAgB,CAAC,GAAG,CACxD,uCAAuC,CACvC,CAAC;IAEF,IAAI,UAAU,GAAG,IAAI,CAAC;IAEtB,IAAI,YAAY,CAAC;IACjB,IAAI,CAAC;QACJ,YAAY,GAAG,MAAM,4BAA4B,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACrE,CAAC;IAAC,MAAM,CAAC,CAAA,CAAC;IAEV,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,YAAY,CAAC,EAAE,CAAC;QAC7B,IAAI,MAAM,CAAC,aAAa,KAAK,OAAO,EAAE,CAAC;YACtC,MAAM,IAAI,YAAY,CAAC,YAAY,EAAE,mBAAmB,CAAC,CAAC;QAC3D,CAAC;aAAM,IAAI,MAAM,CAAC,aAAa,KAAK,MAAM,EAAE,CAAC;YAC5C,UAAU,GAAG,KAAK,CAAC;YACnB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,+CAA+C,CAAC,CAAC,CAAC;QACtF,CAAC;aAAM,IAAI,MAAM,CAAC,aAAa,KAAK,WAAW,EAAE,CAAC;YACjD,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,kDAAkD,CAAC,CAAC,CAAC;YACxF,MAAM,4BAA4B,CAAC,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;YAC9D,MAAM,wBAAwB,CAAC,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;QAClE,CAAC;IACF,CAAC;IAED,IAAI,IAAI,CAAC;IACT,IAAI,UAAU,EAAE,CAAC;QAChB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,+CAA+C,CAAC,CAAC,CAAC;QAErF,MAAM,IAAI,GAAsC;YAC/C,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3D,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,oBAAoB,EAAE,MAAM,CAAC,oBAAoB;YACjD,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE;SACxD,CAAC;QAEF,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,kDAAkD,CAAC,CAAC,CAAC;QAExF,IAAI,YAAY,EAAE,CAAC;YAClB,MAAM,4BAA4B,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACjD,CAAC;aAAM,CAAC;YACP,MAAM,4BAA4B,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACjD,CAAC;QAED,MAAM,IAAI,GAAG,GAAG,MAAM,CAAC,SAAS,IAAI,EAAE,IAAI,MAAM,CAAC,UAAU,IAAI,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC;QAC3E,MAAM,aAAa,GAAwB;YAC1C,UAAU,EAAE,oBAAoB;YAChC,OAAO,EAAE,QAAQ;YACjB,IAAI,EAAE,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;SACxC,CAAC;QACF,MAAM,cAAc,GAAwB;YAC3C,UAAU,EAAE,oBAAoB;YAChC,OAAO,EAAE,QAAQ;YACjB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,KAAK,EAAE,MAAM,CAAC,KAAK;SACnB,CAAC;QAEF,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,qDAAqD,CAAC,CAAC,CAAC;QAC3F,MAAM,wBAAwB,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,aAAa,EAAE,cAAc,CAAC,CAAC;QAE1F,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,kDAAkD,CAAC,CAAC,CAAC;QAExF,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,4CAA4C,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QAE/F,UAAU,CAAC,KAAK,CACf,IAAI,CAAC,aAAa,CAAC,+CAA+C,CAAC,EACnE,IAAI,CAAC,QAAQ,CACb,CAAC;QAEF,UAAU,CAAC,KAAK,EAAE,CAAC;QAEnB,IAAI,GAAG;YACN,GAAG,EAAE,MAAM,CAAC,YAAY;YACxB,eAAe,EAAE,MAAM,CAAC,oBAAoB;YAC5C,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE;YACxD,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,EAAE;YACjC,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,EAAE;SACnC,CAAC;QAEF,IAAI,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;YACvC,MAAM,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;YACtC,MAAM,QAAQ,CAAC,YAAY,CAC1B,MAAM,CAAC,SAAS,EAChB;gBACC,GAAG,MAAM,CAAC,eAAe,QAAQ,MAAM,CAAC,YAAY,GAAG;gBACvD,GAAG,MAAM,CAAC,eAAe,qBAAqB,MAAM,CAAC,oBAAoB,GAAG;gBAC5E,GAAG,MAAM,CAAC,eAAe,UAAU,MAAM,CAAC,KAAK,GAAG;gBAClD,GAAG,MAAM,CAAC,eAAe,aAAa,IAAI,CAAC,QAAQ,GAAG;gBACtD,GAAG,MAAM,CAAC,eAAe,UAAU,MAAM,CAAC,KAAK,IAAI,EAAE,GAAG;gBACxD,GAAG,MAAM,CAAC,eAAe,eAAe,MAAM,CAAC,SAAS,IAAI,EAAE,GAAG;gBACjE,GAAG,MAAM,CAAC,eAAe,gBAAgB,MAAM,CAAC,UAAU,IAAI,EAAE,GAAG;aACnE,EACD,KAAK,CACL,CAAC;QACH,CAAC;IACF,CAAC;IAED,UAAU,CAAC,IAAI,EAAE,CAAC;IAElB,OAAO,IAAI,CAAC;AACb,CAAC","sourcesContent":["// Copyright 2026 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport type {\n\tIAuthenticationAdminComponent,\n\tIAuthenticationUser\n} from \"@twin.org/api-auth-entity-storage-models\";\nimport { CLIDisplay, CLIUtils } from \"@twin.org/cli-core\";\nimport { ComponentFactory, GeneralError, Guards, I18n, Is } from \"@twin.org/core\";\nimport { PasswordGenerator } from \"@twin.org/crypto\";\nimport type { IEngineCore } from \"@twin.org/engine-models\";\nimport { Did, IdentityProfileConnectorFactory } from \"@twin.org/identity-models\";\nimport type { Person, WithContext } from \"schema-dts\";\nimport type { ICliCommandDefinition } from \"../models/ICliCommandDefinition.js\";\nimport type { INodeEnvironmentVariables } from \"../models/INodeEnvironmentVariables.js\";\n\nconst COMMAND_NAME = \"user-create\";\n\n/**\n * Get the command definition parameters.\n * @param commandDefinitions The registered command definitions.\n */\nexport function getCommandDefinitionUserCreate(commandDefinitions: {\n\t[id: string]: ICliCommandDefinition;\n}): void {\n\tcommandDefinitions[COMMAND_NAME] = {\n\t\tcommand: COMMAND_NAME,\n\t\tdescription: I18n.formatMessage(\"node.cli.commands.user-create.description\"),\n\t\texample: I18n.formatMessage(\"node.cli.commands.user-create.example\"),\n\t\tparams: [\n\t\t\t{\n\t\t\t\tkey: \"env-prefix\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-create.params.env-prefix.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"user-identity\",\n\t\t\t\ttype: \"string\",\n\t\t\t\textendedType: \"DID\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-create.params.user-identity.description\"\n\t\t\t\t)\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"organization-identity\",\n\t\t\t\ttype: \"string\",\n\t\t\t\textendedType: \"DID\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-create.params.organization-identity.description\"\n\t\t\t\t)\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"email\",\n\t\t\t\ttype: \"string\",\n\t\t\t\textendedType: \"email\",\n\t\t\t\tdescription: I18n.formatMessage(\"node.cli.commands.user-create.params.email.description\")\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"password\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-create.params.password.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"scope\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\"node.cli.commands.user-create.params.scope.description\"),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"given-name\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-create.params.given-name.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"family-name\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-create.params.family-name.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"overwrite-mode\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-create.params.overwrite-mode.description\"\n\t\t\t\t),\n\t\t\t\toptions: [\"skip\", \"overwrite\", \"error\"],\n\t\t\t\tdefaultValue: \"skip\",\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"load-env\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-create.params.load-env.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"output-json\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-create.params.output-json.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"output-env\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-create.params.output-env.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"output-env-prefix\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-create.params.output-env-prefix.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t}\n\t\t],\n\t\taction: async (engineCore, envVars, params) => userCreate(engineCore, envVars, params)\n\t};\n}\n\n/**\n * Command for creating a user.\n * @param engineCore The engine core.\n * @param envVars The environment variables for the node.\n * @param params The parameters for the command.\n * @param params.userIdentity The DID for the user.\n * @param params.organizationIdentity The organization DID for the user.\n * @param params.email The email for the user.\n * @param params.password The password for the user.\n * @param params.scope The scope for the user.\n * @param params.givenName The given name for the user.\n * @param params.familyName The family name for the user.\n * @param params.overwriteMode The mode to use when a user with the same identity already exists.\n * @param params.outputJson The output .json file to store the command output.\n * @param params.outputEnv The output .env file to store the command output.\n * @param params.outputEnvPrefix The prefix to use for variables in the output .env file.\n * @returns The created user details or undefined if skipped.\n */\nexport async function userCreate(\n\tengineCore: IEngineCore,\n\tenvVars: INodeEnvironmentVariables,\n\tparams: {\n\t\tuserIdentity?: string;\n\t\torganizationIdentity?: string;\n\t\temail?: string;\n\t\tpassword?: string;\n\t\tscope?: string;\n\t\tgivenName?: string;\n\t\tfamilyName?: string;\n\t\toverwriteMode?: \"skip\" | \"overwrite\" | \"error\";\n\t\toutputJson?: string;\n\t\toutputEnv?: string;\n\t\toutputEnvPrefix?: string;\n\t}\n): Promise<\n\t| {\n\t\t\tdid: string;\n\t\t\torganizationDid: string;\n\t\t\temail: string;\n\t\t\tpassword: string;\n\t\t\tscope: string[];\n\t\t\tgivenName: string;\n\t\t\tfamilyName: string;\n\t  }\n\t| undefined\n> {\n\tGuards.email(\"userCreate\", \"email\", params.email);\n\tDid.guard(\"userCreate\", \"user-identity\", params.userIdentity);\n\tDid.guard(\"userCreate\", \"organization-identity\", params.organizationIdentity);\n\n\tif (Is.stringValue(params.password) && params.password.length < 16) {\n\t\tthrow new GeneralError(\"userCreate\", \"passwordTooShort\", { minLength: 16 });\n\t}\n\n\tconst defaultIdentityProfileConnectorType = engineCore.getRegisteredInstanceType(\n\t\t\"identityProfileConnector\"\n\t);\n\tconst identityProfileConnector = IdentityProfileConnectorFactory.get(\n\t\tdefaultIdentityProfileConnectorType\n\t);\n\n\tconst defaultAuthenticationAdminComponentType = engineCore.getRegisteredInstanceType(\n\t\t\"authenticationAdminComponent\"\n\t);\n\tconst authenticationAdminComponent = ComponentFactory.get<IAuthenticationAdminComponent>(\n\t\tdefaultAuthenticationAdminComponentType\n\t);\n\n\tlet createUser = true;\n\n\tlet existingUser;\n\ttry {\n\t\texistingUser = await authenticationAdminComponent.get(params.email);\n\t} catch {}\n\n\tif (!Is.empty(existingUser)) {\n\t\tif (params.overwriteMode === \"error\") {\n\t\t\tthrow new GeneralError(\"userCreate\", \"userAlreadyExists\");\n\t\t} else if (params.overwriteMode === \"skip\") {\n\t\t\tcreateUser = false;\n\t\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.user-create.labels.skipping\"));\n\t\t} else if (params.overwriteMode === \"overwrite\") {\n\t\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.user-create.labels.overwriting\"));\n\t\t\tawait authenticationAdminComponent.remove(existingUser.email);\n\t\t\tawait identityProfileConnector.remove(existingUser.userIdentity);\n\t\t}\n\t}\n\n\tlet json;\n\tif (createUser) {\n\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.user-create.labels.creating\"));\n\n\t\tconst user: Omit<IAuthenticationUser, \"salt\"> = {\n\t\t\temail: params.email,\n\t\t\tpassword: params.password ?? PasswordGenerator.generate(16),\n\t\t\tuserIdentity: params.userIdentity,\n\t\t\torganizationIdentity: params.organizationIdentity,\n\t\t\tscope: params.scope?.split(\",\").map(s => s.trim()) ?? []\n\t\t};\n\n\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.user-create.labels.storingUser\"));\n\n\t\tif (existingUser) {\n\t\t\tawait authenticationAdminComponent.update(user);\n\t\t} else {\n\t\t\tawait authenticationAdminComponent.create(user);\n\t\t}\n\n\t\tconst name = `${params.givenName ?? \"\"} ${params.familyName ?? \"\"}`.trim();\n\t\tconst publicProfile: WithContext<Person> = {\n\t\t\t\"@context\": \"https://schema.org\",\n\t\t\t\"@type\": \"Person\",\n\t\t\tname: name.length > 0 ? name : undefined\n\t\t};\n\t\tconst privateProfile: WithContext<Person> = {\n\t\t\t\"@context\": \"https://schema.org\",\n\t\t\t\"@type\": \"Person\",\n\t\t\tgivenName: params.givenName,\n\t\t\tfamilyName: params.familyName,\n\t\t\temail: params.email\n\t\t};\n\n\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.user-create.labels.storingProfile\"));\n\t\tawait identityProfileConnector.create(params.userIdentity, publicProfile, privateProfile);\n\n\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.user-create.labels.userCreated\"));\n\n\t\tCLIDisplay.value(I18n.formatMessage(\"node.cli.commands.user-create.labels.email\"), user.email);\n\n\t\tCLIDisplay.value(\n\t\t\tI18n.formatMessage(\"node.cli.commands.user-create.labels.password\"),\n\t\t\tuser.password\n\t\t);\n\n\t\tCLIDisplay.break();\n\n\t\tjson = {\n\t\t\tdid: params.userIdentity,\n\t\t\torganizationDid: params.organizationIdentity,\n\t\t\temail: params.email,\n\t\t\tpassword: user.password,\n\t\t\tscope: params.scope?.split(\",\").map(s => s.trim()) ?? [],\n\t\t\tgivenName: params.givenName ?? \"\",\n\t\t\tfamilyName: params.familyName ?? \"\"\n\t\t};\n\n\t\tif (Is.stringValue(params.outputJson)) {\n\t\t\tawait CLIUtils.writeJsonFile(params.outputJson, json, false);\n\t\t}\n\n\t\tif (Is.stringValue(params.outputEnv)) {\n\t\t\tawait CLIUtils.writeEnvFile(\n\t\t\t\tparams.outputEnv,\n\t\t\t\t[\n\t\t\t\t\t`${params.outputEnvPrefix}DID=\"${params.userIdentity}\"`,\n\t\t\t\t\t`${params.outputEnvPrefix}ORGANIZATION_DID=\"${params.organizationIdentity}\"`,\n\t\t\t\t\t`${params.outputEnvPrefix}EMAIL=\"${params.email}\"`,\n\t\t\t\t\t`${params.outputEnvPrefix}PASSWORD=\"${user.password}\"`,\n\t\t\t\t\t`${params.outputEnvPrefix}SCOPE=\"${params.scope ?? \"\"}\"`,\n\t\t\t\t\t`${params.outputEnvPrefix}GIVEN_NAME=\"${params.givenName ?? \"\"}\"`,\n\t\t\t\t\t`${params.outputEnvPrefix}FAMILY_NAME=\"${params.familyName ?? \"\"}\"`\n\t\t\t\t],\n\t\t\t\tfalse\n\t\t\t);\n\t\t}\n\t}\n\n\tCLIDisplay.done();\n\n\treturn json;\n}\n"]}

package/dist/es/commands/userUpdate.js

@@ -0,0 +1,132 @@
+import { CLIDisplay } from "@twin.org/cli-core";
+import { ComponentFactory, Guards, I18n, Is } from "@twin.org/core";
+import { Did, IdentityProfileConnectorFactory } from "@twin.org/identity-models";
+const COMMAND_NAME = "user-update";
+/**
+ * Get the command definition parameters.
+ * @param commandDefinitions The registered command definitions.
+ */
+export function getCommandDefinitionUserUpdate(commandDefinitions) {
+    commandDefinitions[COMMAND_NAME] = {
+        command: COMMAND_NAME,
+        description: I18n.formatMessage("node.cli.commands.user-update.description"),
+        example: I18n.formatMessage("node.cli.commands.user-update.example"),
+        params: [
+            {
+                key: "env-prefix",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-update.params.env-prefix.description"),
+                required: false
+            },
+            {
+                key: "user-identity",
+                type: "string",
+                extendedType: "DID",
+                description: I18n.formatMessage("node.cli.commands.user-update.params.user-identity.description"),
+                required: false
+            },
+            {
+                key: "organization-identity",
+                type: "string",
+                extendedType: "DID",
+                description: I18n.formatMessage("node.cli.commands.user-update.params.organization-identity.description"),
+                required: false
+            },
+            {
+                key: "email",
+                type: "string",
+                extendedType: "email",
+                description: I18n.formatMessage("node.cli.commands.user-update.params.email.description")
+            },
+            {
+                key: "scope",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-update.params.scope.description"),
+                required: false
+            },
+            {
+                key: "given-name",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-update.params.given-name.description"),
+                required: false
+            },
+            {
+                key: "family-name",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-update.params.family-name.description"),
+                required: false
+            },
+            {
+                key: "load-env",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.user-update.params.load-env.description"),
+                required: false
+            }
+        ],
+        action: async (engineCore, envVars, params) => userUpdate(engineCore, envVars, params)
+    };
+}
+/**
+ * Command for creating a user.
+ * @param engineCore The engine core.
+ * @param envVars The environment variables for the node.
+ * @param params The parameters for the command.
+ * @param params.userIdentity The DID for the user.
+ * @param params.organizationIdentity The organization DID for the user.
+ * @param params.email The email for the user.
+ * @param params.scope The scope for the user.
+ * @param params.givenName The given name for the user.
+ * @param params.familyName The family name for the user.
+ * @returns The updated user details or undefined if skipped.
+ */
+export async function userUpdate(engineCore, envVars, params) {
+    Guards.email("userUpdate", "email", params.email);
+    if (Is.stringValue(params.userIdentity)) {
+        Did.guard("userUpdate", "user-identity", params.userIdentity);
+    }
+    if (Is.stringValue(params.organizationIdentity)) {
+        Did.guard("userUpdate", "organization-identity", params.organizationIdentity);
+    }
+    const defaultIdentityProfileConnectorType = engineCore.getRegisteredInstanceType("identityProfileConnector");
+    const identityProfileConnector = IdentityProfileConnectorFactory.get(defaultIdentityProfileConnectorType);
+    const defaultAuthenticationAdminComponentType = engineCore.getRegisteredInstanceType("authenticationAdminComponent");
+    const authenticationAdminComponent = ComponentFactory.get(defaultAuthenticationAdminComponentType);
+    CLIDisplay.task(I18n.formatMessage("node.cli.commands.user-update.labels.updating"));
+    const user = {
+        email: params.email,
+        userIdentity: params.userIdentity,
+        organizationIdentity: params.organizationIdentity,
+        scope: params.scope?.split(",").map(s => s.trim())
+    };
+    CLIDisplay.task(I18n.formatMessage("node.cli.commands.user-update.labels.storingUser"));
+    const existingUser = await authenticationAdminComponent.get(params.email);
+    await authenticationAdminComponent.update(user);
+    const name = `${params.givenName ?? ""} ${params.familyName ?? ""}`.trim();
+    const publicProfile = {
+        "@context": "https://schema.org",
+        "@type": "Person",
+        name: name.length > 0 ? name : undefined
+    };
+    const privateProfile = {
+        "@context": "https://schema.org",
+        "@type": "Person",
+        givenName: params.givenName,
+        familyName: params.familyName,
+        email: params.email
+    };
+    CLIDisplay.task(I18n.formatMessage("node.cli.commands.user-update.labels.storingProfile"));
+    await identityProfileConnector.update(existingUser.userIdentity, publicProfile, privateProfile);
+    CLIDisplay.task(I18n.formatMessage("node.cli.commands.user-update.labels.userUpdated"));
+    CLIDisplay.break();
+    const json = {
+        did: params.userIdentity ?? existingUser.userIdentity,
+        organizationDid: params.organizationIdentity ?? existingUser.organizationIdentity,
+        email: params.email,
+        scope: params.scope?.split(",").map(s => s.trim()) ?? existingUser.scope,
+        givenName: params.givenName ?? "",
+        familyName: params.familyName ?? ""
+    };
+    CLIDisplay.done();
+    return json;
+}
+//# sourceMappingURL=userUpdate.js.map

package/dist/es/commands/userUpdate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"userUpdate.js","sourceRoot":"","sources":["../../../src/commands/userUpdate.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,gBAAgB,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAC;AAEpE,OAAO,EAAE,GAAG,EAAE,+BAA+B,EAAE,MAAM,2BAA2B,CAAC;AAKjF,MAAM,YAAY,GAAG,aAAa,CAAC;AAEnC;;;GAGG;AACH,MAAM,UAAU,8BAA8B,CAAC,kBAE9C;IACA,kBAAkB,CAAC,YAAY,CAAC,GAAG;QAClC,OAAO,EAAE,YAAY;QACrB,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,2CAA2C,CAAC;QAC5E,OAAO,EAAE,IAAI,CAAC,aAAa,CAAC,uCAAuC,CAAC;QACpE,MAAM,EAAE;YACP;gBACC,GAAG,EAAE,YAAY;gBACjB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,6DAA6D,CAC7D;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,eAAe;gBACpB,IAAI,EAAE,QAAQ;gBACd,YAAY,EAAE,KAAK;gBACnB,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,gEAAgE,CAChE;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,uBAAuB;gBAC5B,IAAI,EAAE,QAAQ;gBACd,YAAY,EAAE,KAAK;gBACnB,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,wEAAwE,CACxE;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,OAAO;gBACZ,IAAI,EAAE,QAAQ;gBACd,YAAY,EAAE,OAAO;gBACrB,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,wDAAwD,CAAC;aACzF;YACD;gBACC,GAAG,EAAE,OAAO;gBACZ,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,wDAAwD,CAAC;gBACzF,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,YAAY;gBACjB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,6DAA6D,CAC7D;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,aAAa;gBAClB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,8DAA8D,CAC9D;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,UAAU;gBACf,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,2DAA2D,CAC3D;gBACD,QAAQ,EAAE,KAAK;aACf;SACD;QACD,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;KACtF,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC/B,UAAuB,EACvB,OAAkC,EAClC,MAOC;IAYD,MAAM,CAAC,KAAK,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAElD,IAAI,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC;QACzC,GAAG,CAAC,KAAK,CAAC,YAAY,EAAE,eAAe,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IAC/D,CAAC;IACD,IAAI,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAE,CAAC;QACjD,GAAG,CAAC,KAAK,CAAC,YAAY,EAAE,uBAAuB,EAAE,MAAM,CAAC,oBAAoB,CAAC,CAAC;IAC/E,CAAC;IAED,MAAM,mCAAmC,GAAG,UAAU,CAAC,yBAAyB,CAC/E,0BAA0B,CAC1B,CAAC;IACF,MAAM,wBAAwB,GAAG,+BAA+B,CAAC,GAAG,CACnE,mCAAmC,CACnC,CAAC;IAEF,MAAM,uCAAuC,GAAG,UAAU,CAAC,yBAAyB,CACnF,8BAA8B,CAC9B,CAAC;IACF,MAAM,4BAA4B,GAAG,gBAAgB,CAAC,GAAG,CACxD,uCAAuC,CACvC,CAAC;IAEF,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,+CAA+C,CAAC,CAAC,CAAC;IAErF,MAAM,IAAI,GAA4D;QACrE,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,YAAY,EAAE,MAAM,CAAC,YAAY;QACjC,oBAAoB,EAAE,MAAM,CAAC,oBAAoB;QACjD,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;KAClD,CAAC;IAEF,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,kDAAkD,CAAC,CAAC,CAAC;IAExF,MAAM,YAAY,GAAG,MAAM,4BAA4B,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAE1E,MAAM,4BAA4B,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAEhD,MAAM,IAAI,GAAG,GAAG,MAAM,CAAC,SAAS,IAAI,EAAE,IAAI,MAAM,CAAC,UAAU,IAAI,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC;IAC3E,MAAM,aAAa,GAAwB;QAC1C,UAAU,EAAE,oBAAoB;QAChC,OAAO,EAAE,QAAQ;QACjB,IAAI,EAAE,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;KACxC,CAAC;IACF,MAAM,cAAc,GAAwB;QAC3C,UAAU,EAAE,oBAAoB;QAChC,OAAO,EAAE,QAAQ;QACjB,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,KAAK,EAAE,MAAM,CAAC,KAAK;KACnB,CAAC;IAEF,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,qDAAqD,CAAC,CAAC,CAAC;IAC3F,MAAM,wBAAwB,CAAC,MAAM,CAAC,YAAY,CAAC,YAAY,EAAE,aAAa,EAAE,cAAc,CAAC,CAAC;IAEhG,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,kDAAkD,CAAC,CAAC,CAAC;IAExF,UAAU,CAAC,KAAK,EAAE,CAAC;IAEnB,MAAM,IAAI,GAAG;QACZ,GAAG,EAAE,MAAM,CAAC,YAAY,IAAI,YAAY,CAAC,YAAY;QACrD,eAAe,EAAE,MAAM,CAAC,oBAAoB,IAAI,YAAY,CAAC,oBAAoB;QACjF,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,YAAY,CAAC,KAAK;QACxE,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,EAAE;QACjC,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,EAAE;KACnC,CAAC;IAEF,UAAU,CAAC,IAAI,EAAE,CAAC;IAElB,OAAO,IAAI,CAAC;AACb,CAAC","sourcesContent":["// Copyright 2026 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport type {\n\tIAuthenticationAdminComponent,\n\tIAuthenticationUser\n} from \"@twin.org/api-auth-entity-storage-models\";\nimport { CLIDisplay } from \"@twin.org/cli-core\";\nimport { ComponentFactory, Guards, I18n, Is } from \"@twin.org/core\";\nimport type { IEngineCore } from \"@twin.org/engine-models\";\nimport { Did, IdentityProfileConnectorFactory } from \"@twin.org/identity-models\";\nimport type { Person, WithContext } from \"schema-dts\";\nimport type { ICliCommandDefinition } from \"../models/ICliCommandDefinition.js\";\nimport type { INodeEnvironmentVariables } from \"../models/INodeEnvironmentVariables.js\";\n\nconst COMMAND_NAME = \"user-update\";\n\n/**\n * Get the command definition parameters.\n * @param commandDefinitions The registered command definitions.\n */\nexport function getCommandDefinitionUserUpdate(commandDefinitions: {\n\t[id: string]: ICliCommandDefinition;\n}): void {\n\tcommandDefinitions[COMMAND_NAME] = {\n\t\tcommand: COMMAND_NAME,\n\t\tdescription: I18n.formatMessage(\"node.cli.commands.user-update.description\"),\n\t\texample: I18n.formatMessage(\"node.cli.commands.user-update.example\"),\n\t\tparams: [\n\t\t\t{\n\t\t\t\tkey: \"env-prefix\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-update.params.env-prefix.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"user-identity\",\n\t\t\t\ttype: \"string\",\n\t\t\t\textendedType: \"DID\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-update.params.user-identity.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"organization-identity\",\n\t\t\t\ttype: \"string\",\n\t\t\t\textendedType: \"DID\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-update.params.organization-identity.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"email\",\n\t\t\t\ttype: \"string\",\n\t\t\t\textendedType: \"email\",\n\t\t\t\tdescription: I18n.formatMessage(\"node.cli.commands.user-update.params.email.description\")\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"scope\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\"node.cli.commands.user-update.params.scope.description\"),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"given-name\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-update.params.given-name.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"family-name\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-update.params.family-name.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"load-env\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.user-update.params.load-env.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t}\n\t\t],\n\t\taction: async (engineCore, envVars, params) => userUpdate(engineCore, envVars, params)\n\t};\n}\n\n/**\n * Command for creating a user.\n * @param engineCore The engine core.\n * @param envVars The environment variables for the node.\n * @param params The parameters for the command.\n * @param params.userIdentity The DID for the user.\n * @param params.organizationIdentity The organization DID for the user.\n * @param params.email The email for the user.\n * @param params.scope The scope for the user.\n * @param params.givenName The given name for the user.\n * @param params.familyName The family name for the user.\n * @returns The updated user details or undefined if skipped.\n */\nexport async function userUpdate(\n\tengineCore: IEngineCore,\n\tenvVars: INodeEnvironmentVariables,\n\tparams: {\n\t\tuserIdentity?: string;\n\t\torganizationIdentity?: string;\n\t\temail?: string;\n\t\tscope?: string;\n\t\tgivenName?: string;\n\t\tfamilyName?: string;\n\t}\n): Promise<\n\t| {\n\t\t\tdid: string;\n\t\t\torganizationDid: string;\n\t\t\temail: string;\n\t\t\tscope: string[];\n\t\t\tgivenName: string;\n\t\t\tfamilyName: string;\n\t  }\n\t| undefined\n> {\n\tGuards.email(\"userUpdate\", \"email\", params.email);\n\n\tif (Is.stringValue(params.userIdentity)) {\n\t\tDid.guard(\"userUpdate\", \"user-identity\", params.userIdentity);\n\t}\n\tif (Is.stringValue(params.organizationIdentity)) {\n\t\tDid.guard(\"userUpdate\", \"organization-identity\", params.organizationIdentity);\n\t}\n\n\tconst defaultIdentityProfileConnectorType = engineCore.getRegisteredInstanceType(\n\t\t\"identityProfileConnector\"\n\t);\n\tconst identityProfileConnector = IdentityProfileConnectorFactory.get(\n\t\tdefaultIdentityProfileConnectorType\n\t);\n\n\tconst defaultAuthenticationAdminComponentType = engineCore.getRegisteredInstanceType(\n\t\t\"authenticationAdminComponent\"\n\t);\n\tconst authenticationAdminComponent = ComponentFactory.get<IAuthenticationAdminComponent>(\n\t\tdefaultAuthenticationAdminComponentType\n\t);\n\n\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.user-update.labels.updating\"));\n\n\tconst user: Partial<Omit<IAuthenticationUser, \"password\" | \"salt\">> = {\n\t\temail: params.email,\n\t\tuserIdentity: params.userIdentity,\n\t\torganizationIdentity: params.organizationIdentity,\n\t\tscope: params.scope?.split(\",\").map(s => s.trim())\n\t};\n\n\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.user-update.labels.storingUser\"));\n\n\tconst existingUser = await authenticationAdminComponent.get(params.email);\n\n\tawait authenticationAdminComponent.update(user);\n\n\tconst name = `${params.givenName ?? \"\"} ${params.familyName ?? \"\"}`.trim();\n\tconst publicProfile: WithContext<Person> = {\n\t\t\"@context\": \"https://schema.org\",\n\t\t\"@type\": \"Person\",\n\t\tname: name.length > 0 ? name : undefined\n\t};\n\tconst privateProfile: WithContext<Person> = {\n\t\t\"@context\": \"https://schema.org\",\n\t\t\"@type\": \"Person\",\n\t\tgivenName: params.givenName,\n\t\tfamilyName: params.familyName,\n\t\temail: params.email\n\t};\n\n\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.user-update.labels.storingProfile\"));\n\tawait identityProfileConnector.update(existingUser.userIdentity, publicProfile, privateProfile);\n\n\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.user-update.labels.userUpdated\"));\n\n\tCLIDisplay.break();\n\n\tconst json = {\n\t\tdid: params.userIdentity ?? existingUser.userIdentity,\n\t\torganizationDid: params.organizationIdentity ?? existingUser.organizationIdentity,\n\t\temail: params.email,\n\t\tscope: params.scope?.split(\",\").map(s => s.trim()) ?? existingUser.scope,\n\t\tgivenName: params.givenName ?? \"\",\n\t\tfamilyName: params.familyName ?? \"\"\n\t};\n\n\tCLIDisplay.done();\n\n\treturn json;\n}\n"]}

package/dist/es/commands/vaultKeyCreate.js

@@ -0,0 +1,191 @@
+// Copyright 2026 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+import { CLIDisplay, CLIUtils } from "@twin.org/cli-core";
+import { Converter, GeneralError, Guards, I18n, Is } from "@twin.org/core";
+import { Did } from "@twin.org/identity-models";
+import { VaultConnectorFactory, VaultKeyType } from "@twin.org/vault-models";
+const COMMAND_NAME = "vault-key-create";
+/**
+ * Get the command definition parameters.
+ * @param commandDefinitions The registered command definitions.
+ */
+export function getCommandDefinitionVaultKeyCreate(commandDefinitions) {
+    commandDefinitions[COMMAND_NAME] = {
+        command: COMMAND_NAME,
+        description: I18n.formatMessage("node.cli.commands.vault-key-create.description"),
+        example: I18n.formatMessage("node.cli.commands.vault-key-create.example"),
+        requiresNodeIdentity: false,
+        requiresTenantId: false,
+        params: [
+            {
+                key: "env-prefix",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.vault-key-create.params.env-prefix.description"),
+                required: false
+            },
+            {
+                key: "identity",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.vault-key-create.params.identity.description"),
+                extendedType: "did",
+                required: true
+            },
+            {
+                key: "key-id",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.vault-key-create.params.key-id.description"),
+                required: true
+            },
+            {
+                key: "key-type",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.vault-key-create.params.key-type.description"),
+                options: ["Ed25519", "Secp256k1", "ChaCha20Poly1305"],
+                defaultValue: "Ed25519",
+                required: false
+            },
+            {
+                key: "overwrite-mode",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.vault-key-create.params.overwrite-mode.description"),
+                options: ["skip", "overwrite", "error"],
+                defaultValue: "skip",
+                required: false
+            },
+            {
+                key: "load-env",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.vault-key-create.params.load-env.description"),
+                required: false
+            },
+            {
+                key: "output-json",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.vault-key-create.params.output-json.description"),
+                required: false
+            },
+            {
+                key: "output-env",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.vault-key-create.params.output-env.description"),
+                required: false
+            },
+            {
+                key: "output-env-prefix",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.vault-key-create.params.output-env-prefix.description"),
+                required: false
+            }
+        ],
+        action: async (engineCore, envVars, params) => vaultKeyCreate(engineCore, envVars, params)
+    };
+}
+/**
+ * Command for creating a vault key.
+ * @param engineCore The engine core.
+ * @param envVars The environment variables for the node.
+ * @param params The parameters for the command.
+ * @param params.identity The DID to create the vault key for.
+ * @param params.keyId The ID of the key to create.
+ * @param params.keyType The type of key to create.
+ * @param params.overwriteMode The mode to use when a user with the same identity already exists.
+ * @param params.outputJson The output .json file to store the command output.
+ * @param params.outputEnv The output .env file to store the command output.
+ * @param params.outputEnvPrefix The prefix to use for variables in the output .env file.
+ * @returns The created vault key details or undefined if skipped.
+ */
+export async function vaultKeyCreate(engineCore, envVars, params) {
+    Did.guard("vaultKeyCreate", "identity", params.identity);
+    Guards.stringValue("vaultKeyCreate", "key-id", params.keyId);
+    Guards.arrayOneOf("vaultKeyCreate", "key-type", params.keyType, [
+        "Ed25519",
+        "Secp256k1",
+        "ChaCha20Poly1305"
+    ]);
+    const defaultVaultConnectorType = engineCore.getRegisteredInstanceType("vaultConnector");
+    const vaultConnector = VaultConnectorFactory.get(defaultVaultConnectorType);
+    let createVaultKey = true;
+    const fullKeyId = `${params.identity}/${params.keyId}`;
+    let existingKey;
+    try {
+        existingKey = await vaultConnector.getKey(fullKeyId);
+    }
+    catch { }
+    if (!Is.empty(existingKey)) {
+        if (params.overwriteMode === "error") {
+            throw new GeneralError("vaultKeyCreate", "vaultKeyAlreadyExists");
+        }
+        else if (params.overwriteMode === "skip") {
+            createVaultKey = false;
+            CLIDisplay.task(I18n.formatMessage("node.cli.commands.vault-key-create.labels.skipping"));
+        }
+        else if (params.overwriteMode === "overwrite") {
+            CLIDisplay.task(I18n.formatMessage("node.cli.commands.vault-key-create.labels.overwriting"));
+            await vaultConnector.removeKey(fullKeyId);
+        }
+    }
+    let json;
+    if (createVaultKey) {
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.vault-key-create.labels.creating"));
+        CLIDisplay.spinnerStart();
+        await vaultConnector.createKey(fullKeyId, VaultKeyType[params.keyType]);
+        const key = await vaultConnector.getKey(fullKeyId);
+        CLIDisplay.spinnerStop();
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.vault-key-create.labels.created"));
+        const privateKeyBase64 = key.privateKey ? Converter.bytesToBase64(key.privateKey) : undefined;
+        const publicKeyBase64 = key.publicKey ? Converter.bytesToBase64(key.publicKey) : undefined;
+        const privateKeyHex = key.privateKey ? Converter.bytesToHex(key.privateKey, true) : undefined;
+        const publicKeyHex = key.publicKey ? Converter.bytesToHex(key.publicKey, true) : undefined;
+        CLIDisplay.break();
+        CLIDisplay.value(I18n.formatMessage("node.cli.commands.vault-key-create.labels.keyId"), params.keyId);
+        CLIDisplay.value(I18n.formatMessage("node.cli.commands.vault-key-create.labels.keyType"), params.keyType);
+        if (Is.stringValue(privateKeyBase64)) {
+            CLIDisplay.value(I18n.formatMessage("node.cli.commands.vault-key-create.labels.privateKeyBase64"), privateKeyBase64);
+        }
+        if (Is.stringValue(publicKeyBase64)) {
+            CLIDisplay.value(I18n.formatMessage("node.cli.commands.vault-key-create.labels.publicKeyBase64"), publicKeyBase64);
+        }
+        if (Is.stringValue(privateKeyHex)) {
+            CLIDisplay.value(I18n.formatMessage("node.cli.commands.vault-key-create.labels.privateKeyHex"), privateKeyHex);
+        }
+        if (Is.stringValue(publicKeyHex)) {
+            CLIDisplay.value(I18n.formatMessage("node.cli.commands.vault-key-create.labels.publicKeyHex"), publicKeyHex);
+        }
+        CLIDisplay.break();
+        json = {
+            identity: params.identity,
+            keyId: params.keyId,
+            keyType: params.keyType,
+            privateKeyBase64,
+            publicKeyBase64,
+            privateKeyHex,
+            publicKeyHex
+        };
+        if (Is.stringValue(params.outputJson)) {
+            await CLIUtils.writeJsonFile(params.outputJson, json, false);
+        }
+        if (Is.stringValue(params.outputEnv)) {
+            const outputParams = [
+                `${params.outputEnvPrefix}IDENTITY="${params.identity}"`,
+                `${params.outputEnvPrefix}KEY_ID="${params.keyId}"`,
+                `${params.outputEnvPrefix}KEY_TYPE="${params.keyType}"`
+            ];
+            if (Is.stringValue(privateKeyBase64)) {
+                outputParams.push(`${params.outputEnvPrefix}PRIVATE_KEY_BASE64="${privateKeyBase64}"`);
+            }
+            if (Is.stringValue(publicKeyBase64)) {
+                outputParams.push(`${params.outputEnvPrefix}PUBLIC_KEY_BASE64="${publicKeyBase64}"`);
+            }
+            if (Is.stringValue(privateKeyHex)) {
+                outputParams.push(`${params.outputEnvPrefix}PRIVATE_KEY_HEX="${privateKeyHex}"`);
+            }
+            if (Is.stringValue(publicKeyHex)) {
+                outputParams.push(`${params.outputEnvPrefix}PUBLIC_KEY_HEX="${publicKeyHex}"`);
+            }
+            await CLIUtils.writeEnvFile(params.outputEnv, outputParams, false);
+        }
+    }
+    CLIDisplay.done();
+    return json;
+}
+//# sourceMappingURL=vaultKeyCreate.js.map

package/dist/es/commands/vaultKeyCreate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vaultKeyCreate.js","sourceRoot":"","sources":["../../../src/commands/vaultKeyCreate.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,uCAAuC;AACvC,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAC;AAE3E,OAAO,EAAE,GAAG,EAAE,MAAM,2BAA2B,CAAC;AAChD,OAAO,EAAE,qBAAqB,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAM7E,MAAM,YAAY,GAAG,kBAAkB,CAAC;AAExC;;;GAGG;AACH,MAAM,UAAU,kCAAkC,CAAC,kBAElD;IACA,kBAAkB,CAAC,YAAY,CAAC,GAAG;QAClC,OAAO,EAAE,YAAY;QACrB,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,gDAAgD,CAAC;QACjF,OAAO,EAAE,IAAI,CAAC,aAAa,CAAC,4CAA4C,CAAC;QACzE,oBAAoB,EAAE,KAAK;QAC3B,gBAAgB,EAAE,KAAK;QACvB,MAAM,EAAE;YACP;gBACC,GAAG,EAAE,YAAY;gBACjB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,kEAAkE,CAClE;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,UAAU;gBACf,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,gEAAgE,CAChE;gBACD,YAAY,EAAE,KAAK;gBACnB,QAAQ,EAAE,IAAI;aACd;YACD;gBACC,GAAG,EAAE,QAAQ;gBACb,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,8DAA8D,CAC9D;gBACD,QAAQ,EAAE,IAAI;aACd;YACD;gBACC,GAAG,EAAE,UAAU;gBACf,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,gEAAgE,CAChE;gBACD,OAAO,EAAE,CAAC,SAAS,EAAE,WAAW,EAAE,kBAAkB,CAAC;gBACrD,YAAY,EAAE,SAAS;gBACvB,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,gBAAgB;gBACrB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,sEAAsE,CACtE;gBACD,OAAO,EAAE,CAAC,MAAM,EAAE,WAAW,EAAE,OAAO,CAAC;gBACvC,YAAY,EAAE,MAAM;gBACpB,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,UAAU;gBACf,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,gEAAgE,CAChE;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,aAAa;gBAClB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,mEAAmE,CACnE;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,YAAY;gBACjB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,kEAAkE,CAClE;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,mBAAmB;gBACxB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,yEAAyE,CACzE;gBACD,QAAQ,EAAE,KAAK;aACf;SACD;QACD,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,CAAC,cAAc,CAAC,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;KAC1F,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CACnC,UAA4D,EAC5D,OAAkC,EAClC,MAQC;IAaD,GAAG,CAAC,KAAK,CAAC,gBAAgB,EAAE,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,CAAC,WAAW,CAAC,gBAAgB,EAAE,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;IAC7D,MAAM,CAAC,UAAU,CAAC,gBAAgB,EAAE,UAAU,EAAE,MAAM,CAAC,OAAO,EAAE;QAC/D,SAAS;QACT,WAAW;QACX,kBAAkB;KAClB,CAAC,CAAC;IAEH,MAAM,yBAAyB,GAAG,UAAU,CAAC,yBAAyB,CAAC,gBAAgB,CAAC,CAAC;IACzF,MAAM,cAAc,GAAG,qBAAqB,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;IAE5E,IAAI,cAAc,GAAG,IAAI,CAAC;IAC1B,MAAM,SAAS,GAAG,GAAG,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;IAEvD,IAAI,WAAW,CAAC;IAChB,IAAI,CAAC;QACJ,WAAW,GAAG,MAAM,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACtD,CAAC;IAAC,MAAM,CAAC,CAAA,CAAC;IAEV,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC;QAC5B,IAAI,MAAM,CAAC,aAAa,KAAK,OAAO,EAAE,CAAC;YACtC,MAAM,IAAI,YAAY,CAAC,gBAAgB,EAAE,uBAAuB,CAAC,CAAC;QACnE,CAAC;aAAM,IAAI,MAAM,CAAC,aAAa,KAAK,MAAM,EAAE,CAAC;YAC5C,cAAc,GAAG,KAAK,CAAC;YACvB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,oDAAoD,CAAC,CAAC,CAAC;QAC3F,CAAC;aAAM,IAAI,MAAM,CAAC,aAAa,KAAK,WAAW,EAAE,CAAC;YACjD,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,uDAAuD,CAAC,CAAC,CAAC;YAC7F,MAAM,cAAc,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAC3C,CAAC;IACF,CAAC;IAED,IAAI,IAAI,CAAC;IACT,IAAI,cAAc,EAAE,CAAC;QACpB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,oDAAoD,CAAC,CAAC,CAAC;QAC1F,UAAU,CAAC,YAAY,EAAE,CAAC;QAE1B,MAAM,cAAc,CAAC,SAAS,CAC7B,SAAS,EACT,YAAY,CAAC,MAAM,CAAC,OAAoC,CAAC,CACzD,CAAC;QAEF,MAAM,GAAG,GAAG,MAAM,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAEnD,UAAU,CAAC,WAAW,EAAE,CAAC;QACzB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,mDAAmD,CAAC,CAAC,CAAC;QAEzF,MAAM,gBAAgB,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAC9F,MAAM,eAAe,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAC3F,MAAM,aAAa,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAC9F,MAAM,YAAY,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE3F,UAAU,CAAC,KAAK,EAAE,CAAC;QACnB,UAAU,CAAC,KAAK,CACf,IAAI,CAAC,aAAa,CAAC,iDAAiD,CAAC,EACrE,MAAM,CAAC,KAAK,CACZ,CAAC;QACF,UAAU,CAAC,KAAK,CACf,IAAI,CAAC,aAAa,CAAC,mDAAmD,CAAC,EACvE,MAAM,CAAC,OAAO,CACd,CAAC;QACF,IAAI,EAAE,CAAC,WAAW,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACtC,UAAU,CAAC,KAAK,CACf,IAAI,CAAC,aAAa,CAAC,4DAA4D,CAAC,EAChF,gBAAgB,CAChB,CAAC;QACH,CAAC;QACD,IAAI,EAAE,CAAC,WAAW,CAAC,eAAe,CAAC,EAAE,CAAC;YACrC,UAAU,CAAC,KAAK,CACf,IAAI,CAAC,aAAa,CAAC,2DAA2D,CAAC,EAC/E,eAAe,CACf,CAAC;QACH,CAAC;QACD,IAAI,EAAE,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;YACnC,UAAU,CAAC,KAAK,CACf,IAAI,CAAC,aAAa,CAAC,yDAAyD,CAAC,EAC7E,aAAa,CACb,CAAC;QACH,CAAC;QACD,IAAI,EAAE,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;YAClC,UAAU,CAAC,KAAK,CACf,IAAI,CAAC,aAAa,CAAC,wDAAwD,CAAC,EAC5E,YAAY,CACZ,CAAC;QACH,CAAC;QAED,UAAU,CAAC,KAAK,EAAE,CAAC;QAEnB,IAAI,GAAG;YACN,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,gBAAgB;YAChB,eAAe;YACf,aAAa;YACb,YAAY;SACZ,CAAC;QACF,IAAI,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;YACvC,MAAM,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;YACtC,MAAM,YAAY,GAAG;gBACpB,GAAG,MAAM,CAAC,eAAe,aAAa,MAAM,CAAC,QAAQ,GAAG;gBACxD,GAAG,MAAM,CAAC,eAAe,WAAW,MAAM,CAAC,KAAK,GAAG;gBACnD,GAAG,MAAM,CAAC,eAAe,aAAa,MAAM,CAAC,OAAO,GAAG;aACvD,CAAC;YAEF,IAAI,EAAE,CAAC,WAAW,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBACtC,YAAY,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,eAAe,uBAAuB,gBAAgB,GAAG,CAAC,CAAC;YACxF,CAAC;YAED,IAAI,EAAE,CAAC,WAAW,CAAC,eAAe,CAAC,EAAE,CAAC;gBACrC,YAAY,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,eAAe,sBAAsB,eAAe,GAAG,CAAC,CAAC;YACtF,CAAC;YACD,IAAI,EAAE,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;gBACnC,YAAY,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,eAAe,oBAAoB,aAAa,GAAG,CAAC,CAAC;YAClF,CAAC;YACD,IAAI,EAAE,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;gBAClC,YAAY,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,eAAe,mBAAmB,YAAY,GAAG,CAAC,CAAC;YAChF,CAAC;YACD,MAAM,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,SAAS,EAAE,YAAY,EAAE,KAAK,CAAC,CAAC;QACpE,CAAC;IACF,CAAC;IAED,UAAU,CAAC,IAAI,EAAE,CAAC;IAElB,OAAO,IAAI,CAAC;AACb,CAAC","sourcesContent":["// Copyright 2026 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport { CLIDisplay, CLIUtils } from \"@twin.org/cli-core\";\nimport { Converter, GeneralError, Guards, I18n, Is } from \"@twin.org/core\";\nimport type { IEngineCore } from \"@twin.org/engine-models\";\nimport { Did } from \"@twin.org/identity-models\";\nimport { VaultConnectorFactory, VaultKeyType } from \"@twin.org/vault-models\";\nimport type { ICliCommandDefinition } from \"../models/ICliCommandDefinition.js\";\nimport type { INodeEngineConfig } from \"../models/INodeEngineConfig.js\";\nimport type { INodeEngineState } from \"../models/INodeEngineState.js\";\nimport type { INodeEnvironmentVariables } from \"../models/INodeEnvironmentVariables.js\";\n\nconst COMMAND_NAME = \"vault-key-create\";\n\n/**\n * Get the command definition parameters.\n * @param commandDefinitions The registered command definitions.\n */\nexport function getCommandDefinitionVaultKeyCreate(commandDefinitions: {\n\t[id: string]: ICliCommandDefinition;\n}): void {\n\tcommandDefinitions[COMMAND_NAME] = {\n\t\tcommand: COMMAND_NAME,\n\t\tdescription: I18n.formatMessage(\"node.cli.commands.vault-key-create.description\"),\n\t\texample: I18n.formatMessage(\"node.cli.commands.vault-key-create.example\"),\n\t\trequiresNodeIdentity: false,\n\t\trequiresTenantId: false,\n\t\tparams: [\n\t\t\t{\n\t\t\t\tkey: \"env-prefix\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.vault-key-create.params.env-prefix.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"identity\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.vault-key-create.params.identity.description\"\n\t\t\t\t),\n\t\t\t\textendedType: \"did\",\n\t\t\t\trequired: true\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"key-id\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.vault-key-create.params.key-id.description\"\n\t\t\t\t),\n\t\t\t\trequired: true\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"key-type\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.vault-key-create.params.key-type.description\"\n\t\t\t\t),\n\t\t\t\toptions: [\"Ed25519\", \"Secp256k1\", \"ChaCha20Poly1305\"],\n\t\t\t\tdefaultValue: \"Ed25519\",\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"overwrite-mode\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.vault-key-create.params.overwrite-mode.description\"\n\t\t\t\t),\n\t\t\t\toptions: [\"skip\", \"overwrite\", \"error\"],\n\t\t\t\tdefaultValue: \"skip\",\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"load-env\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.vault-key-create.params.load-env.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"output-json\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.vault-key-create.params.output-json.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"output-env\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.vault-key-create.params.output-env.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"output-env-prefix\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.vault-key-create.params.output-env-prefix.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t}\n\t\t],\n\t\taction: async (engineCore, envVars, params) => vaultKeyCreate(engineCore, envVars, params)\n\t};\n}\n\n/**\n * Command for creating a vault key.\n * @param engineCore The engine core.\n * @param envVars The environment variables for the node.\n * @param params The parameters for the command.\n * @param params.identity The DID to create the vault key for.\n * @param params.keyId The ID of the key to create.\n * @param params.keyType The type of key to create.\n * @param params.overwriteMode The mode to use when a user with the same identity already exists.\n * @param params.outputJson The output .json file to store the command output.\n * @param params.outputEnv The output .env file to store the command output.\n * @param params.outputEnvPrefix The prefix to use for variables in the output .env file.\n * @returns The created vault key details or undefined if skipped.\n */\nexport async function vaultKeyCreate(\n\tengineCore: IEngineCore<INodeEngineConfig, INodeEngineState>,\n\tenvVars: INodeEnvironmentVariables,\n\tparams: {\n\t\tidentity?: string;\n\t\tkeyType?: string;\n\t\tkeyId?: string;\n\t\toverwriteMode?: \"skip\" | \"overwrite\" | \"error\";\n\t\toutputJson?: string;\n\t\toutputEnv?: string;\n\t\toutputEnvPrefix?: string;\n\t}\n): Promise<\n\t| {\n\t\t\tidentity: string;\n\t\t\tkeyId: string;\n\t\t\tkeyType?: string;\n\t\t\tprivateKeyBase64?: string;\n\t\t\tpublicKeyBase64?: string;\n\t\t\tprivateKeyHex?: string;\n\t\t\tpublicKeyHex?: string;\n\t  }\n\t| undefined\n> {\n\tDid.guard(\"vaultKeyCreate\", \"identity\", params.identity);\n\tGuards.stringValue(\"vaultKeyCreate\", \"key-id\", params.keyId);\n\tGuards.arrayOneOf(\"vaultKeyCreate\", \"key-type\", params.keyType, [\n\t\t\"Ed25519\",\n\t\t\"Secp256k1\",\n\t\t\"ChaCha20Poly1305\"\n\t]);\n\n\tconst defaultVaultConnectorType = engineCore.getRegisteredInstanceType(\"vaultConnector\");\n\tconst vaultConnector = VaultConnectorFactory.get(defaultVaultConnectorType);\n\n\tlet createVaultKey = true;\n\tconst fullKeyId = `${params.identity}/${params.keyId}`;\n\n\tlet existingKey;\n\ttry {\n\t\texistingKey = await vaultConnector.getKey(fullKeyId);\n\t} catch {}\n\n\tif (!Is.empty(existingKey)) {\n\t\tif (params.overwriteMode === \"error\") {\n\t\t\tthrow new GeneralError(\"vaultKeyCreate\", \"vaultKeyAlreadyExists\");\n\t\t} else if (params.overwriteMode === \"skip\") {\n\t\t\tcreateVaultKey = false;\n\t\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.vault-key-create.labels.skipping\"));\n\t\t} else if (params.overwriteMode === \"overwrite\") {\n\t\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.vault-key-create.labels.overwriting\"));\n\t\t\tawait vaultConnector.removeKey(fullKeyId);\n\t\t}\n\t}\n\n\tlet json;\n\tif (createVaultKey) {\n\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.vault-key-create.labels.creating\"));\n\t\tCLIDisplay.spinnerStart();\n\n\t\tawait vaultConnector.createKey(\n\t\t\tfullKeyId,\n\t\t\tVaultKeyType[params.keyType as keyof typeof VaultKeyType]\n\t\t);\n\n\t\tconst key = await vaultConnector.getKey(fullKeyId);\n\n\t\tCLIDisplay.spinnerStop();\n\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.vault-key-create.labels.created\"));\n\n\t\tconst privateKeyBase64 = key.privateKey ? Converter.bytesToBase64(key.privateKey) : undefined;\n\t\tconst publicKeyBase64 = key.publicKey ? Converter.bytesToBase64(key.publicKey) : undefined;\n\t\tconst privateKeyHex = key.privateKey ? Converter.bytesToHex(key.privateKey, true) : undefined;\n\t\tconst publicKeyHex = key.publicKey ? Converter.bytesToHex(key.publicKey, true) : undefined;\n\n\t\tCLIDisplay.break();\n\t\tCLIDisplay.value(\n\t\t\tI18n.formatMessage(\"node.cli.commands.vault-key-create.labels.keyId\"),\n\t\t\tparams.keyId\n\t\t);\n\t\tCLIDisplay.value(\n\t\t\tI18n.formatMessage(\"node.cli.commands.vault-key-create.labels.keyType\"),\n\t\t\tparams.keyType\n\t\t);\n\t\tif (Is.stringValue(privateKeyBase64)) {\n\t\t\tCLIDisplay.value(\n\t\t\t\tI18n.formatMessage(\"node.cli.commands.vault-key-create.labels.privateKeyBase64\"),\n\t\t\t\tprivateKeyBase64\n\t\t\t);\n\t\t}\n\t\tif (Is.stringValue(publicKeyBase64)) {\n\t\t\tCLIDisplay.value(\n\t\t\t\tI18n.formatMessage(\"node.cli.commands.vault-key-create.labels.publicKeyBase64\"),\n\t\t\t\tpublicKeyBase64\n\t\t\t);\n\t\t}\n\t\tif (Is.stringValue(privateKeyHex)) {\n\t\t\tCLIDisplay.value(\n\t\t\t\tI18n.formatMessage(\"node.cli.commands.vault-key-create.labels.privateKeyHex\"),\n\t\t\t\tprivateKeyHex\n\t\t\t);\n\t\t}\n\t\tif (Is.stringValue(publicKeyHex)) {\n\t\t\tCLIDisplay.value(\n\t\t\t\tI18n.formatMessage(\"node.cli.commands.vault-key-create.labels.publicKeyHex\"),\n\t\t\t\tpublicKeyHex\n\t\t\t);\n\t\t}\n\n\t\tCLIDisplay.break();\n\n\t\tjson = {\n\t\t\tidentity: params.identity,\n\t\t\tkeyId: params.keyId,\n\t\t\tkeyType: params.keyType,\n\t\t\tprivateKeyBase64,\n\t\t\tpublicKeyBase64,\n\t\t\tprivateKeyHex,\n\t\t\tpublicKeyHex\n\t\t};\n\t\tif (Is.stringValue(params.outputJson)) {\n\t\t\tawait CLIUtils.writeJsonFile(params.outputJson, json, false);\n\t\t}\n\n\t\tif (Is.stringValue(params.outputEnv)) {\n\t\t\tconst outputParams = [\n\t\t\t\t`${params.outputEnvPrefix}IDENTITY=\"${params.identity}\"`,\n\t\t\t\t`${params.outputEnvPrefix}KEY_ID=\"${params.keyId}\"`,\n\t\t\t\t`${params.outputEnvPrefix}KEY_TYPE=\"${params.keyType}\"`\n\t\t\t];\n\n\t\t\tif (Is.stringValue(privateKeyBase64)) {\n\t\t\t\toutputParams.push(`${params.outputEnvPrefix}PRIVATE_KEY_BASE64=\"${privateKeyBase64}\"`);\n\t\t\t}\n\n\t\t\tif (Is.stringValue(publicKeyBase64)) {\n\t\t\t\toutputParams.push(`${params.outputEnvPrefix}PUBLIC_KEY_BASE64=\"${publicKeyBase64}\"`);\n\t\t\t}\n\t\t\tif (Is.stringValue(privateKeyHex)) {\n\t\t\t\toutputParams.push(`${params.outputEnvPrefix}PRIVATE_KEY_HEX=\"${privateKeyHex}\"`);\n\t\t\t}\n\t\t\tif (Is.stringValue(publicKeyHex)) {\n\t\t\t\toutputParams.push(`${params.outputEnvPrefix}PUBLIC_KEY_HEX=\"${publicKeyHex}\"`);\n\t\t\t}\n\t\t\tawait CLIUtils.writeEnvFile(params.outputEnv, outputParams, false);\n\t\t}\n\t}\n\n\tCLIDisplay.done();\n\n\treturn json;\n}\n"]}