@twin.org/web 0.0.1-next.1

package/dist/esm/index.mjs

@@ -0,0 +1,1046 @@
+import { BaseError, StringHelper, Guards, Is, AsyncCache, ObjectHelper, Converter, GeneralError, ArrayHelper } from '@twin.org/core';
+import { HmacSha256, Ed25519 } from '@twin.org/crypto';
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * Class to represent errors from fetch.
+ */
+class FetchError extends BaseError {
+    /**
+     * Runtime name for the class.
+     */
+    static CLASS_NAME = "FetchError";
+    /**
+     * Create a new instance of FetchError.
+     * @param source The source of the error.
+     * @param message The message as a code.
+     * @param httpStatus The http status code.
+     * @param properties Any additional information for the error.
+     * @param inner The inner error if we have wrapped another error.
+     */
+    constructor(source, message, httpStatus, properties, inner) {
+        super(FetchError.CLASS_NAME, source, message, {
+            httpStatus,
+            ...properties
+        }, inner);
+    }
+}
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * Common http header types.
+ */
+// eslint-disable-next-line @typescript-eslint/naming-convention
+const HeaderTypes = {
+    /**
+     * Content Type.
+     */
+    ContentType: "Content-Type",
+    /**
+     * Content Length.
+     */
+    ContentLength: "Content-Length",
+    /**
+     * Content Disposition.
+     */
+    ContentDisposition: "Content-Disposition",
+    /**
+     * Accept.
+     */
+    Accept: "Accept",
+    /**
+     * Authorization.
+     */
+    Authorization: "Authorization",
+    /**
+     * Cookie.
+     */
+    Cookie: "Cookie",
+    /**
+     * Set Cookie.
+     */
+    SetCookie: "Set-Cookie",
+    /**
+     * Location
+     */
+    Location: "Location"
+};
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * The names of the HTTP Methods.
+ */
+// eslint-disable-next-line @typescript-eslint/naming-convention
+const HttpMethod = {
+    GET: "GET",
+    POST: "POST",
+    PUT: "PUT",
+    PATCH: "PATCH",
+    DELETE: "DELETE",
+    OPTIONS: "OPTIONS",
+    HEAD: "HEAD",
+    CONNECT: "CONNECT",
+    TRACE: "TRACE"
+};
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * Standard HTTP status codes.
+ */
+// eslint-disable-next-line @typescript-eslint/naming-convention
+const HttpStatusCode = {
+    /**
+     * Continue status code.
+     */
+    continue: 100,
+    /**
+     * Switching Protocols status code.
+     */
+    switchingProtocols: 101,
+    /**
+     * Processing status code.
+     */
+    processing: 102,
+    /**
+     * Early Hints status code.
+     */
+    earlyHints: 103,
+    /**
+     * OK status code.
+     */
+    ok: 200,
+    /**
+     * Created status code.
+     */
+    created: 201,
+    /**
+     * Accepted status code.
+     */
+    accepted: 202,
+    /**
+     * Non-Authoritative Information status code.
+     */
+    nonAuthoritativeInformation: 203,
+    /**
+     * No Content status code.
+     */
+    noContent: 204,
+    /**
+     * Reset Content status code.
+     */
+    resetContent: 205,
+    /**
+     * Partial Content status code.
+     */
+    partialContent: 206,
+    /**
+     * Multi-Status status code.
+     */
+    multiStatus: 207,
+    /**
+     * Already Reported status code.
+     */
+    alreadyReported: 208,
+    /**
+     * IM Used status code.
+     */
+    imUsed: 226,
+    /**
+     * Multiple Choices status code.
+     */
+    multipleChoices: 300,
+    /**
+     * Moved Permanently status code.
+     */
+    movedPermanently: 301,
+    /**
+     * Found status code.
+     */
+    found: 302,
+    /**
+     * See Other status code.
+     */
+    seeOther: 303,
+    /**
+     * Not Modified status code.
+     */
+    notModified: 304,
+    /**
+     * Use Proxy status code.
+     */
+    useProxy: 305,
+    /**
+     * Temporary Redirect status code.
+     */
+    temporaryRedirect: 307,
+    /**
+     * Permanent Redirect status code.
+     */
+    permanentRedirect: 308,
+    /**
+     * Bad Request status code.
+     */
+    badRequest: 400,
+    /**
+     * Unauthorized status code.
+     */
+    unauthorized: 401,
+    /**
+     * Payment Required status code.
+     */
+    paymentRequired: 402,
+    /**
+     * Forbidden status code.
+     */
+    forbidden: 403,
+    /**
+     * Not Found status code.
+     */
+    notFound: 404,
+    /**
+     * Method Not Allowed status code.
+     */
+    methodNotAllowed: 405,
+    /**
+     * Not Acceptable status code.
+     */
+    notAcceptable: 406,
+    /**
+     * Proxy Authentication Required status code.
+     */
+    proxyAuthenticationRequired: 407,
+    /**
+     * Request Timeout status code.
+     */
+    requestTimeout: 408,
+    /**
+     * Conflict status code.
+     */
+    conflict: 409,
+    /**
+     * Gone status code.
+     */
+    gone: 410,
+    /**
+     * Length Required status code.
+     */
+    lengthRequired: 411,
+    /**
+     * Precondition Failed status code.
+     */
+    preconditionFailed: 412,
+    /**
+     * Payload Too Large status code.
+     */
+    payloadTooLarge: 413,
+    /**
+     * URI Too Long status code.
+     */
+    uriTooLong: 414,
+    /**
+     * Unsupported Media Type status code.
+     */
+    unsupportedMediaType: 415,
+    /**
+     * Range Not Satisfiable status code.
+     */
+    rangeNotSatisfiable: 416,
+    /**
+     * Expectation Failed status code.
+     */
+    expectationFailed: 417,
+    /**
+     * I'm a Teapot status code.
+     */
+    imATeapot: 418,
+    /**
+     * Misdirected Request status code.
+     */
+    misdirectedRequest: 421,
+    /**
+     * Unprocessable Entity status code.
+     */
+    unprocessableEntity: 422,
+    /**
+     * Locked status code.
+     */
+    locked: 423,
+    /**
+     * Failed Dependency status code.
+     */
+    failedDependency: 424,
+    /**
+     * Too Early status code.
+     */
+    tooEarly: 425,
+    /**
+     * Upgrade Required status code.
+     */
+    upgradeRequired: 426,
+    /**
+     * Precondition Required status code.
+     */
+    preconditionRequired: 428,
+    /**
+     * Too Many Requests status code.
+     */
+    tooManyRequests: 429,
+    /**
+     * Request Header Fields Too Large status code.
+     */
+    requestHeaderFieldsTooLarge: 431,
+    /**
+     * Unavailable For Legal Reasons status code.
+     */
+    unavailableForLegalReasons: 451,
+    /**
+     * Internal Server Error status code.
+     */
+    internalServerError: 500,
+    /**
+     * Not Implemented status code.
+     */
+    notImplemented: 501,
+    /**
+     * Bad Gateway status code.
+     */
+    badGateway: 502,
+    /**
+     * Service Unavailable status code.
+     */
+    serviceUnavailable: 503,
+    /**
+     * Gateway Timeout status code.
+     */
+    gatewayTimeout: 504,
+    /**
+     * HTTP Version Not Supported status code.
+     */
+    httpVersionNotSupported: 505,
+    /**
+     * Variant Also Negotiates status code.
+     */
+    variantAlsoNegotiates: 506,
+    /**
+     * Insufficient Storage status code.
+     */
+    insufficientStorage: 507,
+    /**
+     * Loop Detected status code.
+     */
+    loopDetected: 508,
+    /**
+     * Not Extended status code.
+     */
+    notExtended: 510,
+    /**
+     * Network Authentication Required status code.
+     */
+    networkAuthenticationRequired: 511
+};
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * The cryptographic algorithms supported for JSON Web Tokens and JSON Web Keys.
+ */
+// eslint-disable-next-line @typescript-eslint/naming-convention
+const JwtAlgorithms = {
+    /**
+     * HMAC using SHA-256.
+     */
+    HS256: "HS256",
+    /**
+     * EdDSA using Ed25519.
+     */
+    EdDSA: "EdDSA"
+};
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * Common mime types.
+ */
+// eslint-disable-next-line @typescript-eslint/naming-convention
+const MimeTypes = {
+    /**
+     * Plaint Text - text/plain
+     */
+    PlainText: "text/plain",
+    /**
+     * HTML - text/html
+     */
+    Html: "text/html",
+    /**
+     * Javascript - text/javascript
+     */
+    Javascript: "text/javascript",
+    /**
+     * JSON - application/json
+     */
+    Json: "application/json",
+    /**
+     * JSON-LD - application/ld+json
+     */
+    JsonLd: "application/ld+json",
+    /**
+     * XML - application/xml
+     */
+    Xml: "application/xml",
+    /**
+     * Application Octet Stream, arbitrary binary - application/octet-stream
+     */
+    OctetStream: "application/octet-stream",
+    /**
+     * Application GZIP - application/gzip
+     */
+    Gzip: "application/gzip",
+    /**
+     * Application BZIP2 - application/x-bzip2
+     */
+    Bzip2: "application/x-bzip2",
+    /**
+     * Application ZIP - application/zip
+     */
+    Zip: "application/zip",
+    /**
+     * Application PDF - application/pdf
+     */
+    Pdf: "application/pdf",
+    /**
+     * Image GIF - image/gif
+     */
+    Gif: "image/gif",
+    /**
+     * Image BMP - image/bmp
+     */
+    Bmp: "image/bmp",
+    /**
+     * Image JPEG - image/jpeg
+     */
+    Jpeg: "image/jpeg",
+    /**
+     * Image PNG - image/png
+     */
+    Png: "image/png",
+    /**
+     * Image Tiff - image/tiff
+     */
+    Tiff: "image/tiff",
+    /**
+     * Image SVG - image/svg+xml
+     */
+    Svg: "image/svg+xml",
+    /**
+     * Image WEBP - image/webp
+     */
+    WebP: "image/webp",
+    /**
+     * Video MP4 - video/mp4
+     */
+    Mp4: "video/mp4",
+    /**
+     * Audio/Video MPEG - video/mpeg
+     */
+    Mpeg: "video/mpeg",
+    /**
+     * Video WEBM - video/webm
+     */
+    Webm: "video/webm"
+};
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * Class to helper with fetch operations.
+ */
+class FetchHelper {
+    /**
+     * Runtime name for the class.
+     * @internal
+     */
+    static _CLASS_NAME = "FetchHelper";
+    /**
+     * Prefix to use for cache entries.
+     * @internal
+     */
+    static _CACHE_PREFIX = "fetch_";
+    /**
+     * Runtime name for the class.
+     * @internal
+     */
+    static _CLASS_NAME_CAMEL_CASE = StringHelper.camelCase("FetchHelper");
+    /**
+     * Perform a fetch request.
+     * @param source The source for the request.
+     * @param url The url for the request.
+     * @param method The http method.
+     * @param body Request to send to the endpoint.
+     * @param options Options for sending the requests.
+     * @returns The response.
+     */
+    static async fetch(source, url, method, body, options) {
+        Guards.string(FetchHelper._CLASS_NAME, "source", source);
+        Guards.string(FetchHelper._CLASS_NAME, "url", url);
+        Guards.arrayOneOf(FetchHelper._CLASS_NAME, "method", method, Object.values(HttpMethod));
+        if (!Is.undefined(body) && !Is.uint8Array(body)) {
+            Guards.string(FetchHelper._CLASS_NAME, "body", body);
+        }
+        if (!Is.undefined(options)) {
+            Guards.object(FetchHelper._CLASS_NAME, "options", options);
+            if (!Is.undefined(options.headers)) {
+                Guards.object(FetchHelper._CLASS_NAME, "options.headers", options.headers);
+            }
+            if (!Is.undefined(options.timeoutMs)) {
+                Guards.integer(FetchHelper._CLASS_NAME, "options.timeoutMs", options.timeoutMs);
+            }
+            if (!Is.undefined(options.includeCredentials)) {
+                Guards.boolean(FetchHelper._CLASS_NAME, "options.includeCredentials", options.includeCredentials);
+            }
+            if (!Is.undefined(options.retryCount)) {
+                Guards.integer(FetchHelper._CLASS_NAME, "options.retryCount", options.retryCount);
+            }
+            if (!Is.undefined(options.retryDelayMs)) {
+                Guards.integer(FetchHelper._CLASS_NAME, "options.retryDelayMs", options.retryDelayMs);
+            }
+        }
+        let controller;
+        let timerId;
+        const retryCount = options?.retryCount ?? 1;
+        const baseDelayMilliseconds = options?.retryDelayMs ?? 3000;
+        let lastError;
+        let attempt;
+        for (attempt = 0; attempt < retryCount; attempt++) {
+            if (attempt > 0) {
+                const exponentialBackoffDelay = baseDelayMilliseconds * Math.pow(2, attempt - 1);
+                await new Promise(resolve => globalThis.setTimeout(resolve, exponentialBackoffDelay));
+            }
+            if (options?.timeoutMs !== undefined) {
+                controller = new AbortController();
+                timerId = globalThis.setTimeout(() => {
+                    if (controller) {
+                        controller.abort();
+                    }
+                }, options?.timeoutMs);
+            }
+            try {
+                const requestOptions = {
+                    method,
+                    headers: options?.headers,
+                    body: method === HttpMethod.POST || method === HttpMethod.PUT ? body : undefined,
+                    signal: controller ? controller.signal : undefined
+                };
+                if (Is.boolean(options?.includeCredentials)) {
+                    requestOptions.credentials = "include";
+                }
+                const response = await fetch(url, requestOptions);
+                if (!response.ok && retryCount > 1) {
+                    lastError = new FetchError(source, `${FetchHelper._CLASS_NAME_CAMEL_CASE}.general`, response.status ?? HttpStatusCode.internalServerError, {
+                        url,
+                        statusText: response.statusText
+                    });
+                }
+                else {
+                    return response;
+                }
+            }
+            catch (err) {
+                const isErr = Is.object(err);
+                if (isErr && Is.stringValue(err.message) && err.message.includes("Failed to fetch")) {
+                    lastError = new FetchError(source, `${FetchHelper._CLASS_NAME_CAMEL_CASE}.connectivity`, HttpStatusCode.serviceUnavailable, {
+                        url
+                    });
+                }
+                else {
+                    const isAbort = isErr && err.name === "AbortError";
+                    const props = { url };
+                    let httpStatus = HttpStatusCode.internalServerError;
+                    if (isAbort) {
+                        httpStatus = HttpStatusCode.requestTimeout;
+                    }
+                    else if (isErr && "httpStatus" in err) {
+                        httpStatus = err.httpStatus;
+                    }
+                    if (isErr && "statusText" in err) {
+                        props.statusText = err.statusText;
+                    }
+                    lastError = new FetchError(source, `${FetchHelper._CLASS_NAME_CAMEL_CASE}.${isAbort ? "timeout" : "general"}`, httpStatus, props);
+                }
+            }
+            finally {
+                if (timerId) {
+                    globalThis.clearTimeout(timerId);
+                }
+            }
+        }
+        if (retryCount > 1 && attempt === retryCount) {
+            // False positive as FetchError is derived from Error
+            // eslint-disable-next-line @typescript-eslint/only-throw-error
+            throw new FetchError(source, `${FetchHelper._CLASS_NAME_CAMEL_CASE}.retryLimitExceeded`, HttpStatusCode.internalServerError, { url }, lastError);
+        }
+        throw lastError;
+    }
+    /**
+     * Perform a request in json format.
+     * @param source The source for the request.
+     * @param url The url for the request.
+     * @param method The http method.
+     * @param requestData Request to send to the endpoint.
+     * @param options Options for sending the requests.
+     * @returns The response.
+     */
+    static async fetchJson(source, url, method, requestData, options) {
+        if (Is.integer(options?.cacheTtlMs) && options.cacheTtlMs >= 0) {
+            // The cache option is set, so call the same method again but without
+            // the cache option to get the result and cache it.
+            const cacheResponse = AsyncCache.exec(`${FetchHelper._CACHE_PREFIX}${url}`, options.cacheTtlMs, async () => FetchHelper.fetchJson(source, url, method, requestData, ObjectHelper.omit(options, ["cacheTtlMs"])));
+            // If the return value is a promise return it, otherwise continue
+            // with the regular processing.
+            if (Is.promise(cacheResponse)) {
+                return cacheResponse;
+            }
+        }
+        options ??= {};
+        options.headers ??= {};
+        if (Is.undefined(options.headers[HeaderTypes.ContentType]) &&
+            (method === HttpMethod.POST || method === HttpMethod.PUT || method === HttpMethod.PATCH)) {
+            options.headers[HeaderTypes.ContentType] = MimeTypes.Json;
+        }
+        const response = await FetchHelper.fetch(source, url, method, requestData ? JSON.stringify(requestData) : undefined, options);
+        if (response.ok) {
+            if (response.status === HttpStatusCode.noContent) {
+                return {};
+            }
+            try {
+                return (await response.json());
+            }
+            catch (err) {
+                // False positive as FetchError is derived from Error
+                // eslint-disable-next-line @typescript-eslint/only-throw-error
+                throw new FetchError(source, `${FetchHelper._CLASS_NAME_CAMEL_CASE}.decodingJSON`, HttpStatusCode.badRequest, { url }, err);
+            }
+        }
+        const errorResponseData = await response.json();
+        // False positive as FetchError is derived from Error
+        // eslint-disable-next-line @typescript-eslint/only-throw-error
+        throw new FetchError(source, `${FetchHelper._CLASS_NAME_CAMEL_CASE}.failureStatusText`, response.status, {
+            statusText: response.statusText,
+            url
+        }, errorResponseData);
+    }
+    /**
+     * Perform a request for binary data.
+     * @param source The source for the request.
+     * @param url The url for the request.
+     * @param method The http method.
+     * @param requestData Request to send to the endpoint.
+     * @param options Options for sending the requests.
+     * @returns The response.
+     */
+    static async fetchBinary(source, url, method, requestData, options) {
+        if (Is.integer(options?.cacheTtlMs) && options.cacheTtlMs >= 0) {
+            // The cache option is set, so call the same method again but without
+            // the cache option to get the result and cache it.
+            const cacheResponse = AsyncCache.exec(`${FetchHelper._CACHE_PREFIX}${url}`, options.cacheTtlMs * 1000, async () => FetchHelper.fetchBinary(source, url, method, requestData, ObjectHelper.omit(options, ["cacheTtlMs"])));
+            // If the return value is a promise return it, otherwise continue
+            // with the regular processing.
+            if (Is.promise(cacheResponse)) {
+                return cacheResponse;
+            }
+        }
+        options ??= {};
+        options.headers ??= {};
+        if (Is.undefined(options.headers[HeaderTypes.ContentType])) {
+            options.headers[HeaderTypes.ContentType] = MimeTypes.OctetStream;
+        }
+        const response = await this.fetch(source, url, method, requestData, options);
+        if (response.ok) {
+            if (method === HttpMethod.GET) {
+                if (response.status === HttpStatusCode.noContent) {
+                    return new Uint8Array();
+                }
+                return new Uint8Array(await response.arrayBuffer());
+            }
+            try {
+                return (await response.json());
+            }
+            catch (err) {
+                // False positive as FetchError is derived from Error
+                // eslint-disable-next-line @typescript-eslint/only-throw-error
+                throw new FetchError(source, `${FetchHelper._CLASS_NAME_CAMEL_CASE}.decodingJSON`, HttpStatusCode.badRequest, { url }, err);
+            }
+        }
+        const errorResponseData = await response.json();
+        // False positive as FetchError is derived from Error
+        // eslint-disable-next-line @typescript-eslint/only-throw-error
+        throw new FetchError(source, `${FetchHelper._CLASS_NAME_CAMEL_CASE}.failureStatusText`, response.status, {
+            statusText: response.statusText,
+            url
+        }, errorResponseData);
+    }
+    /**
+     * Clears the cache.
+     */
+    static clearCache() {
+        AsyncCache.clearCache(FetchHelper._CACHE_PREFIX);
+    }
+    /**
+     * Get a cache entry.
+     * @param url The url for the request.
+     * @returns The cache entry if it exists.
+     */
+    static async getCacheEntry(url) {
+        return AsyncCache.get(`${FetchHelper._CACHE_PREFIX}${url}`);
+    }
+    /**
+     * Remove a cache entry.
+     * @param url The url for the request.
+     */
+    static removeCacheEntry(url) {
+        AsyncCache.remove(`${FetchHelper._CACHE_PREFIX}${url}`);
+    }
+}
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * Class to encode and decode JSON Web Tokens.
+ */
+class Jwt {
+    /**
+     * Runtime name for the class.
+     * @internal
+     */
+    static _CLASS_NAME = "Jwt";
+    /**
+     * Encode a token.
+     * @param header The header to encode.
+     * @param payload The payload to encode.
+     * @param key The key for signing the token, can be omitted if a signer is provided.
+     * @returns The encoded token.
+     */
+    static async encode(header, payload, key) {
+        Guards.object(Jwt._CLASS_NAME, "header", header);
+        Guards.arrayOneOf(Jwt._CLASS_NAME, "header.alg", header.alg, Object.values(JwtAlgorithms));
+        Guards.object(Jwt._CLASS_NAME, "payload", payload);
+        Guards.uint8Array(Jwt._CLASS_NAME, "key", key);
+        return Jwt.internalEncode(header, payload, key);
+    }
+    /**
+     * Encode a token.
+     * @param header The header to encode.
+     * @param payload The payload to encode.
+     * @param signer Custom signer method.
+     * @returns The encoded token.
+     */
+    static async encodeWithSigner(header, payload, signer) {
+        Guards.object(Jwt._CLASS_NAME, "header", header);
+        Guards.arrayOneOf(Jwt._CLASS_NAME, "header.alg", header.alg, Object.values(JwtAlgorithms));
+        Guards.object(Jwt._CLASS_NAME, "payload", payload);
+        Guards.function(Jwt._CLASS_NAME, "signer", signer);
+        return Jwt.internalEncode(header, payload, undefined, signer);
+    }
+    /**
+     * Decode a token.
+     * @param token The token to decode.
+     * @returns The decoded payload.
+     */
+    static async decode(token) {
+        Guards.stringValue(Jwt._CLASS_NAME, "token", token);
+        let header;
+        let payload;
+        let signature;
+        const segments = token.split(".");
+        if (segments.length > 0) {
+            try {
+                const bytesHeader = Converter.base64UrlToBytes(segments[0]);
+                header = JSON.parse(Converter.bytesToUtf8(bytesHeader));
+            }
+            catch { }
+        }
+        if (segments.length > 1) {
+            try {
+                const bytesPayload = Converter.base64UrlToBytes(segments[1]);
+                payload = JSON.parse(Converter.bytesToUtf8(bytesPayload));
+            }
+            catch { }
+        }
+        if (segments.length > 2) {
+            signature = Converter.base64UrlToBytes(segments[2]);
+        }
+        return {
+            header,
+            payload,
+            signature
+        };
+    }
+    /**
+     * Verify a token.
+     * @param token The token to verify.
+     * @param key The key for verifying the token
+     * @returns The decoded payload.
+     */
+    static async verify(token, key) {
+        Guards.stringValue(Jwt._CLASS_NAME, "token", token);
+        Guards.uint8Array(Jwt._CLASS_NAME, "key", key);
+        const decoded = await Jwt.decode(token);
+        const verified = await Jwt.verifySignature(decoded.header, decoded.payload, decoded.signature, key);
+        return {
+            verified,
+            ...decoded
+        };
+    }
+    /**
+     * Verify a token.
+     * @param token The token to verify.
+     * @param verifier Custom verification method.
+     * @returns The decoded payload.
+     */
+    static async verifyWithVerifier(token, verifier) {
+        Guards.stringValue(Jwt._CLASS_NAME, "token", token);
+        Guards.function(Jwt._CLASS_NAME, "verifier", verifier);
+        Guards.stringValue(Jwt._CLASS_NAME, "token", token);
+        const decoded = await Jwt.decode(token);
+        const verified = await Jwt.verifySignature(decoded.header, decoded.payload, decoded.signature, undefined, verifier);
+        return {
+            verified,
+            ...decoded
+        };
+    }
+    /**
+     * Verify a token by parts.
+     * @param header The header to verify.
+     * @param payload The payload to verify.
+     * @param signature The signature to verify.
+     * @param key The key for verifying the token, if not provided no verification occurs.
+     * @param verifier Custom verification method.
+     * @returns True if the parts are verified.
+     */
+    static async verifySignature(header, payload, signature, key, verifier) {
+        const hasKey = Is.notEmpty(key);
+        const hasVerifier = Is.notEmpty(verifier);
+        if (!hasKey && !hasVerifier) {
+            throw new GeneralError(Jwt._CLASS_NAME, "noKeyOrVerifier");
+        }
+        let verified = false;
+        if (Is.object(header) &&
+            Is.object(payload) &&
+            Is.uint8Array(signature) &&
+            Is.arrayOneOf(header.alg, Object.values(JwtAlgorithms))) {
+            const segments = [];
+            const headerBytes = Converter.utf8ToBytes(JSON.stringify(header));
+            segments.push(Converter.bytesToBase64Url(headerBytes));
+            const payloadBytes = Converter.utf8ToBytes(JSON.stringify(payload));
+            segments.push(Converter.bytesToBase64Url(payloadBytes));
+            const jwtHeaderAndPayload = Converter.utf8ToBytes(segments.join("."));
+            verifier ??= async (alg, k, p, s) => Jwt.defaultVerifier(alg, k, p, s);
+            verified = await verifier(header.alg, key, jwtHeaderAndPayload, signature);
+        }
+        return verified;
+    }
+    /**
+     * The default signer for the JWT.
+     * @param alg The algorithm to use.
+     * @param key The key to sign with.
+     * @param payload The payload to sign.
+     * @returns The signature.
+     */
+    static async defaultSigner(alg, key, payload) {
+        Guards.uint8Array(Jwt._CLASS_NAME, "key", key);
+        Guards.uint8Array(Jwt._CLASS_NAME, "payload", payload);
+        if (alg === "HS256") {
+            const algo = new HmacSha256(key);
+            return algo.update(payload).digest();
+        }
+        return Ed25519.sign(key, payload);
+    }
+    /**
+     * The default verifier for the JWT.
+     * @param alg The algorithm to use.
+     * @param key The key to verify with.
+     * @param payload The payload to verify.
+     * @param signature The signature to verify.
+     * @returns True if the signature was verified.
+     */
+    static async defaultVerifier(alg, key, payload, signature) {
+        Guards.uint8Array(Jwt._CLASS_NAME, "key", key);
+        Guards.uint8Array(Jwt._CLASS_NAME, "payload", payload);
+        Guards.uint8Array(Jwt._CLASS_NAME, "signature", signature);
+        if (alg === "HS256") {
+            const algo = new HmacSha256(key);
+            const sigBytes = algo.update(payload).digest();
+            return ArrayHelper.matches(sigBytes, signature);
+        }
+        return Ed25519.verify(key, payload, signature);
+    }
+    /**
+     * Encode a token.
+     * @param header The header to encode.
+     * @param payload The payload to encode.
+     * @param key The key for signing the token, can be omitted if a signer is provided.
+     * @param signer Custom signer method.
+     * @returns The encoded token.
+     * @internal
+     */
+    static async internalEncode(header, payload, key, signer) {
+        const hasKey = Is.notEmpty(key);
+        const hasSigner = Is.notEmpty(signer);
+        if (!hasKey && !hasSigner) {
+            throw new GeneralError(Jwt._CLASS_NAME, "noKeyOrSigner");
+        }
+        signer ??= async (alg, k, p) => Jwt.defaultSigner(alg, k, p);
+        if (Is.undefined(header.typ)) {
+            header.typ = "JWT";
+        }
+        const segments = [];
+        const headerBytes = Converter.utf8ToBytes(JSON.stringify(header));
+        segments.push(Converter.bytesToBase64Url(headerBytes));
+        const payloadBytes = Converter.utf8ToBytes(JSON.stringify(payload));
+        segments.push(Converter.bytesToBase64Url(payloadBytes));
+        const jwtHeaderAndPayload = Converter.utf8ToBytes(segments.join("."));
+        const sigBytes = await signer(header.alg, key, jwtHeaderAndPayload);
+        segments.push(Converter.bytesToBase64Url(sigBytes));
+        return segments.join(".");
+    }
+}
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * Class to help with mime types.
+ */
+class MimeTypeHelper {
+    /**
+     * Detect the mime type from a byte array.
+     * @param data The data to test.
+     * @returns The mime type if detected.
+     */
+    static async detect(data) {
+        if (!Is.uint8Array(data)) {
+            return undefined;
+        }
+        // Image
+        if (MimeTypeHelper.checkBytes(data, [0x47, 0x49, 0x46])) {
+            return MimeTypes.Gif;
+        }
+        if (MimeTypeHelper.checkBytes(data, [0x42, 0x4d])) {
+            return MimeTypes.Bmp;
+        }
+        if (MimeTypeHelper.checkBytes(data, [0xff, 0xd8, 0xff])) {
+            return MimeTypes.Jpeg;
+        }
+        if (MimeTypeHelper.checkBytes(data, [0x89, 0x50, 0x4e, 0x47, 0x0d, 0x0a, 0x1a, 0x0a])) {
+            return MimeTypes.Png;
+        }
+        if (MimeTypeHelper.checkBytes(data, [0x49, 0x49, 0x2a, 0x00]) ||
+            MimeTypeHelper.checkBytes(data, [0x4d, 0x4d, 0x00, 0x2a])) {
+            return MimeTypes.Tiff;
+        }
+        // Compression
+        if (MimeTypeHelper.checkBytes(data, [0x1f, 0x8b, 0x8])) {
+            return MimeTypes.Gzip;
+        }
+        if (MimeTypeHelper.checkBytes(data, [0x42, 0x5a, 0x68])) {
+            return MimeTypes.Bzip2;
+        }
+        if (MimeTypeHelper.checkBytes(data, [0x50, 0x4b, 0x3, 0x4])) {
+            return MimeTypes.Zip;
+        }
+        // Documents
+        if (MimeTypeHelper.checkText(data, ["%PDF"])) {
+            return MimeTypes.Pdf;
+        }
+        // Lookup svg before xml, as svg are xml files as well
+        const asText = Converter.bytesToUtf8(data);
+        if (asText.includes("<svg")) {
+            return MimeTypes.Svg;
+        }
+        if (MimeTypeHelper.checkText(data, ["<?xml ", "<message"])) {
+            return MimeTypes.Xml;
+        }
+        if (MimeTypeHelper.checkBytes(data, [0xef, 0xbb, 0xbf]) &&
+            MimeTypeHelper.checkText(data, ["<?xml "], 3)) {
+            // UTF-8-BOM
+            return MimeTypes.Xml;
+        }
+        if (StringHelper.isUtf8(data)) {
+            try {
+                JSON.parse(new TextDecoder().decode(data));
+                return MimeTypes.Json;
+            }
+            catch {
+                return MimeTypes.PlainText;
+            }
+        }
+    }
+    /**
+     * Return the default extension for a mime type.
+     * @param mimeType The mimetype to get the extension for.
+     * @returns The extension for the mime type.
+     */
+    static defaultExtension(mimeType) {
+        if (!Is.stringValue(mimeType)) {
+            return undefined;
+        }
+        const lookup = {
+            [MimeTypes.PlainText]: "txt",
+            [MimeTypes.Html]: "html",
+            [MimeTypes.Javascript]: "js",
+            [MimeTypes.Json]: "json",
+            [MimeTypes.JsonLd]: "jsonld",
+            [MimeTypes.Xml]: "xml",
+            [MimeTypes.OctetStream]: "bin",
+            [MimeTypes.Gzip]: "gzip",
+            [MimeTypes.Bzip2]: "bz2",
+            [MimeTypes.Zip]: "zip",
+            [MimeTypes.Pdf]: "pfd",
+            [MimeTypes.Gif]: "gif",
+            [MimeTypes.Bmp]: "bmp",
+            [MimeTypes.Jpeg]: "jpeg",
+            [MimeTypes.Png]: "png",
+            [MimeTypes.Tiff]: "tif",
+            [MimeTypes.Svg]: "svg",
+            [MimeTypes.WebP]: "webp",
+            [MimeTypes.Mp4]: "mp4",
+            [MimeTypes.Mpeg]: "mpg",
+            [MimeTypes.Webm]: "webm"
+        };
+        return lookup[mimeType];
+    }
+    /**
+     * Check if the bytes match.
+     * @param data The data to look at.
+     * @param bytes The bytes to try and match.
+     * @param startOffset Start offset in the data.
+     * @returns True if the bytes match.
+     * @internal
+     */
+    static checkBytes(data, bytes, startOffset = 0) {
+        if (data.length - startOffset < bytes.length) {
+            return false;
+        }
+        for (let i = 0; i < bytes.length; i++) {
+            if (data[i + startOffset] !== bytes[i]) {
+                return false;
+            }
+        }
+        return true;
+    }
+    /**
+     * Check if the text matches.
+     * @param data The data to look at.
+     * @param texts The text to try and match.
+     * @param startOffset Start offset in the data.
+     * @returns True if the bytes match.
+     * @internal
+     */
+    static checkText(data, texts, startOffset = 0) {
+        return texts.some(text => MimeTypeHelper.checkBytes(data, Array.from(Converter.utf8ToBytes(text)), startOffset));
+    }
+}
+
+export { FetchError, FetchHelper, HeaderTypes, HttpMethod, HttpStatusCode, Jwt, JwtAlgorithms, MimeTypeHelper, MimeTypes };