@vess-id/ai-identity 0.3.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent/agent-did-manager.d.ts +50 -0
- package/dist/agent/agent-did-manager.d.ts.map +1 -0
- package/dist/auth/auth-provider.d.ts +51 -0
- package/dist/auth/auth-provider.d.ts.map +1 -0
- package/dist/auth/index.d.ts +2 -0
- package/dist/auth/index.d.ts.map +1 -0
- package/dist/client.d.ts +80 -0
- package/dist/client.d.ts.map +1 -0
- package/dist/config/index.d.ts +30 -0
- package/dist/config/index.d.ts.map +1 -0
- package/dist/constraint/__tests__/fixtures/constraint.fixtures.d.ts +56 -0
- package/dist/constraint/__tests__/fixtures/constraint.fixtures.d.ts.map +1 -0
- package/dist/constraint/constraint-evaluator.d.ts +72 -0
- package/dist/constraint/constraint-evaluator.d.ts.map +1 -0
- package/dist/constraint/index.d.ts +5 -0
- package/dist/constraint/index.d.ts.map +1 -0
- package/dist/did/agent.d.ts +52 -0
- package/dist/did/agent.d.ts.map +1 -0
- package/dist/did/did-utils.d.ts +75 -0
- package/dist/did/did-utils.d.ts.map +1 -0
- package/dist/did/key-manager.d.ts +19 -0
- package/dist/did/key-manager.d.ts.map +1 -0
- package/dist/gateway/gateway-client.d.ts +103 -0
- package/dist/gateway/gateway-client.d.ts.map +1 -0
- package/dist/gateway/index.d.ts +2 -0
- package/dist/gateway/index.d.ts.map +1 -0
- package/dist/grant/grant-manager.d.ts +140 -0
- package/dist/grant/grant-manager.d.ts.map +1 -0
- package/dist/grant/index.d.ts +2 -0
- package/dist/grant/index.d.ts.map +1 -0
- package/dist/identity/device-enroll-manager.d.ts +111 -0
- package/dist/identity/device-enroll-manager.d.ts.map +1 -0
- package/dist/identity/user-identity-manager.d.ts +69 -0
- package/dist/identity/user-identity-manager.d.ts.map +1 -0
- package/dist/identity/user-key-pair-manager.d.ts +22 -0
- package/dist/identity/user-key-pair-manager.d.ts.map +1 -0
- package/dist/index.d.ts +32 -3077
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +350 -45
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +350 -49
- package/dist/index.mjs.map +1 -1
- package/dist/memory/memory-manager.d.ts +71 -0
- package/dist/memory/memory-manager.d.ts.map +1 -0
- package/dist/monitoring/metrics-manager.d.ts +74 -0
- package/dist/monitoring/metrics-manager.d.ts.map +1 -0
- package/dist/organization/disclosure-config-manager.d.ts +61 -0
- package/dist/organization/disclosure-config-manager.d.ts.map +1 -0
- package/dist/organization/key-rotation-manager.d.ts +63 -0
- package/dist/organization/key-rotation-manager.d.ts.map +1 -0
- package/dist/organization/organization-manager.d.ts +38 -0
- package/dist/organization/organization-manager.d.ts.map +1 -0
- package/dist/registry/access-orchestrator.d.ts +183 -0
- package/dist/registry/access-orchestrator.d.ts.map +1 -0
- package/dist/registry/action-registry-json.d.ts +1363 -0
- package/dist/registry/action-registry-json.d.ts.map +1 -0
- package/dist/registry/action-registry.d.ts +65 -0
- package/dist/registry/action-registry.d.ts.map +1 -0
- package/dist/registry/index.d.ts +4 -0
- package/dist/registry/index.d.ts.map +1 -0
- package/dist/revocation/revocation-manager.d.ts +98 -0
- package/dist/revocation/revocation-manager.d.ts.map +1 -0
- package/dist/state/index.d.ts +3 -0
- package/dist/state/index.d.ts.map +1 -0
- package/dist/state/json-state-store.d.ts +24 -0
- package/dist/state/json-state-store.d.ts.map +1 -0
- package/dist/state/state-store.interface.d.ts +37 -0
- package/dist/state/state-store.interface.d.ts.map +1 -0
- package/dist/storage/filesystem-key-storage.d.ts +16 -0
- package/dist/storage/filesystem-key-storage.d.ts.map +1 -0
- package/dist/storage/index.d.ts +4 -0
- package/dist/storage/index.d.ts.map +1 -0
- package/dist/storage/key-storage.interface.d.ts +42 -0
- package/dist/storage/key-storage.interface.d.ts.map +1 -0
- package/dist/storage/memory-key-storage.d.ts +17 -0
- package/dist/storage/memory-key-storage.d.ts.map +1 -0
- package/dist/tool/tool-manager.d.ts +44 -0
- package/dist/tool/tool-manager.d.ts.map +1 -0
- package/dist/utils/crypto.d.ts +22 -0
- package/dist/utils/crypto.d.ts.map +1 -0
- package/dist/utils/sdjwt-client.d.ts +168 -0
- package/dist/utils/sdjwt-client.d.ts.map +1 -0
- package/dist/vc/api-vc-manager.d.ts +40 -0
- package/dist/vc/api-vc-manager.d.ts.map +1 -0
- package/dist/vc/vc-manager.d.ts +55 -0
- package/dist/vc/vc-manager.d.ts.map +1 -0
- package/dist/vp/vp-manager.d.ts +40 -0
- package/dist/vp/vp-manager.d.ts.map +1 -0
- package/package.json +2 -2
- package/dist/index.d.mts +0 -3078
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
import { VPManager } from '../vp/vp-manager';
|
|
2
|
+
export interface MemoryDocument {
|
|
3
|
+
id: string;
|
|
4
|
+
namespace: string;
|
|
5
|
+
content: string;
|
|
6
|
+
metadata?: Record<string, any>;
|
|
7
|
+
embedding?: number[];
|
|
8
|
+
createdAt: string;
|
|
9
|
+
updatedAt: string;
|
|
10
|
+
}
|
|
11
|
+
export interface MemoryQuery {
|
|
12
|
+
query: string;
|
|
13
|
+
namespace?: string;
|
|
14
|
+
limit?: number;
|
|
15
|
+
filter?: Record<string, any>;
|
|
16
|
+
includeEmbedding?: boolean;
|
|
17
|
+
}
|
|
18
|
+
export interface MemoryQueryResult {
|
|
19
|
+
documents: MemoryDocument[];
|
|
20
|
+
scores?: number[];
|
|
21
|
+
total: number;
|
|
22
|
+
}
|
|
23
|
+
export declare class MemoryManager {
|
|
24
|
+
private vpManager;
|
|
25
|
+
private proxyApiUrl;
|
|
26
|
+
constructor(vpManager?: VPManager);
|
|
27
|
+
/**
|
|
28
|
+
* Write a document to memory
|
|
29
|
+
*/
|
|
30
|
+
write(content: string, options: {
|
|
31
|
+
namespace: string;
|
|
32
|
+
metadata?: Record<string, any>;
|
|
33
|
+
vcs: string[];
|
|
34
|
+
holderDid: string;
|
|
35
|
+
}): Promise<MemoryDocument>;
|
|
36
|
+
/**
|
|
37
|
+
* Query memory with vector search
|
|
38
|
+
*/
|
|
39
|
+
query(query: string, options: {
|
|
40
|
+
namespace?: string;
|
|
41
|
+
limit?: number;
|
|
42
|
+
filter?: Record<string, any>;
|
|
43
|
+
vcs: string[];
|
|
44
|
+
holderDid: string;
|
|
45
|
+
}): Promise<MemoryQueryResult>;
|
|
46
|
+
/**
|
|
47
|
+
* Delete a document from memory
|
|
48
|
+
*/
|
|
49
|
+
delete(documentId: string, options: {
|
|
50
|
+
namespace: string;
|
|
51
|
+
vcs: string[];
|
|
52
|
+
holderDid: string;
|
|
53
|
+
}): Promise<void>;
|
|
54
|
+
/**
|
|
55
|
+
* List documents in a namespace
|
|
56
|
+
*/
|
|
57
|
+
list(options: {
|
|
58
|
+
namespace: string;
|
|
59
|
+
limit?: number;
|
|
60
|
+
offset?: number;
|
|
61
|
+
vcs: string[];
|
|
62
|
+
holderDid: string;
|
|
63
|
+
}): Promise<MemoryQueryResult>;
|
|
64
|
+
/**
|
|
65
|
+
* Check if VCs authorize memory access
|
|
66
|
+
*/
|
|
67
|
+
checkAuthorization(vcs: string[], action: 'read' | 'write' | 'delete', resource: string): Promise<boolean>;
|
|
68
|
+
private matchResource;
|
|
69
|
+
private generateChallenge;
|
|
70
|
+
}
|
|
71
|
+
//# sourceMappingURL=memory-manager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"memory-manager.d.ts","sourceRoot":"","sources":["../../src/memory/memory-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAA;AAG5C,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAA;IACV,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IAC9B,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;IACpB,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,MAAM,CAAA;IACb,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IAC5B,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B;AAED,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,cAAc,EAAE,CAAA;IAC3B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;IACjB,KAAK,EAAE,MAAM,CAAA;CACd;AAED,qBAAa,aAAa;IACxB,OAAO,CAAC,SAAS,CAAW;IAC5B,OAAO,CAAC,WAAW,CAAQ;gBAEf,SAAS,CAAC,EAAE,SAAS;IAMjC;;OAEG;IACG,KAAK,CACT,OAAO,EAAE,MAAM,EACf,OAAO,EAAE;QACP,SAAS,EAAE,MAAM,CAAA;QACjB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;QAC9B,GAAG,EAAE,MAAM,EAAE,CAAA;QACb,SAAS,EAAE,MAAM,CAAA;KAClB,GACA,OAAO,CAAC,cAAc,CAAC;IAkC1B;;OAEG;IACG,KAAK,CACT,KAAK,EAAE,MAAM,EACb,OAAO,EAAE;QACP,SAAS,CAAC,EAAE,MAAM,CAAA;QAClB,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;QAC5B,GAAG,EAAE,MAAM,EAAE,CAAA;QACb,SAAS,EAAE,MAAM,CAAA;KAClB,GACA,OAAO,CAAC,iBAAiB,CAAC;IA0C7B;;OAEG;IACG,MAAM,CACV,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE;QACP,SAAS,EAAE,MAAM,CAAA;QACjB,GAAG,EAAE,MAAM,EAAE,CAAA;QACb,SAAS,EAAE,MAAM,CAAA;KAClB,GACA,OAAO,CAAC,IAAI,CAAC;IA8BhB;;OAEG;IACG,IAAI,CAAC,OAAO,EAAE;QAClB,SAAS,EAAE,MAAM,CAAA;QACjB,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,GAAG,EAAE,MAAM,EAAE,CAAA;QACb,SAAS,EAAE,MAAM,CAAA;KAClB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAoC9B;;OAEG;IACG,kBAAkB,CACtB,GAAG,EAAE,MAAM,EAAE,EACb,MAAM,EAAE,MAAM,GAAG,OAAO,GAAG,QAAQ,EACnC,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,OAAO,CAAC;IAwBnB,OAAO,CAAC,aAAa;IASrB,OAAO,CAAC,iBAAiB;CAG1B"}
|
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
export interface SDJWTMetrics {
|
|
2
|
+
issuanceCount: number;
|
|
3
|
+
verificationCount: number;
|
|
4
|
+
failedIssuances: number;
|
|
5
|
+
failedVerifications: number;
|
|
6
|
+
averageIssuanceTime: number;
|
|
7
|
+
averageVerificationTime: number;
|
|
8
|
+
cacheHitRate: number;
|
|
9
|
+
lastActivity: Date;
|
|
10
|
+
}
|
|
11
|
+
export interface OperationMetric {
|
|
12
|
+
operation: 'issue' | 'verify';
|
|
13
|
+
startTime: number;
|
|
14
|
+
endTime: number;
|
|
15
|
+
success: boolean;
|
|
16
|
+
error?: string;
|
|
17
|
+
issuerDid?: string;
|
|
18
|
+
credentialType?: string;
|
|
19
|
+
}
|
|
20
|
+
export declare class MetricsManager {
|
|
21
|
+
private metrics;
|
|
22
|
+
private operations;
|
|
23
|
+
private maxOperationHistory;
|
|
24
|
+
/**
|
|
25
|
+
* Start tracking an operation
|
|
26
|
+
*/
|
|
27
|
+
startOperation(operation: 'issue' | 'verify', metadata?: Record<string, any>): string;
|
|
28
|
+
/**
|
|
29
|
+
* End tracking an operation
|
|
30
|
+
*/
|
|
31
|
+
endOperation(_operationId: string, success: boolean, error?: string): void;
|
|
32
|
+
/**
|
|
33
|
+
* Update aggregated metrics
|
|
34
|
+
*/
|
|
35
|
+
private updateMetrics;
|
|
36
|
+
/**
|
|
37
|
+
* Get metrics for a specific issuer or global
|
|
38
|
+
*/
|
|
39
|
+
getMetrics(issuerDid?: string): SDJWTMetrics | null;
|
|
40
|
+
/**
|
|
41
|
+
* Get all metrics
|
|
42
|
+
*/
|
|
43
|
+
getAllMetrics(): Map<string, SDJWTMetrics>;
|
|
44
|
+
/**
|
|
45
|
+
* Get recent operations
|
|
46
|
+
*/
|
|
47
|
+
getRecentOperations(limit?: number): OperationMetric[];
|
|
48
|
+
/**
|
|
49
|
+
* Get operation statistics
|
|
50
|
+
*/
|
|
51
|
+
getOperationStats(): {
|
|
52
|
+
totalOperations: number;
|
|
53
|
+
successRate: number;
|
|
54
|
+
averageResponseTime: number;
|
|
55
|
+
operationsPerMinute: number;
|
|
56
|
+
};
|
|
57
|
+
/**
|
|
58
|
+
* Update cache hit rate
|
|
59
|
+
*/
|
|
60
|
+
updateCacheHitRate(issuerDid: string, hit: boolean): void;
|
|
61
|
+
/**
|
|
62
|
+
* Reset metrics
|
|
63
|
+
*/
|
|
64
|
+
resetMetrics(issuerDid?: string): void;
|
|
65
|
+
/**
|
|
66
|
+
* Export metrics as JSON
|
|
67
|
+
*/
|
|
68
|
+
exportMetrics(): {
|
|
69
|
+
aggregatedMetrics: Record<string, SDJWTMetrics>;
|
|
70
|
+
recentOperations: OperationMetric[];
|
|
71
|
+
summary: ReturnType<any>;
|
|
72
|
+
};
|
|
73
|
+
}
|
|
74
|
+
//# sourceMappingURL=metrics-manager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"metrics-manager.d.ts","sourceRoot":"","sources":["../../src/monitoring/metrics-manager.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,YAAY;IAC3B,aAAa,EAAE,MAAM,CAAA;IACrB,iBAAiB,EAAE,MAAM,CAAA;IACzB,eAAe,EAAE,MAAM,CAAA;IACvB,mBAAmB,EAAE,MAAM,CAAA;IAC3B,mBAAmB,EAAE,MAAM,CAAA;IAC3B,uBAAuB,EAAE,MAAM,CAAA;IAC/B,YAAY,EAAE,MAAM,CAAA;IACpB,YAAY,EAAE,IAAI,CAAA;CACnB;AAED,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,OAAO,GAAG,QAAQ,CAAA;IAC7B,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,OAAO,EAAE,OAAO,CAAA;IAChB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,cAAc,CAAC,EAAE,MAAM,CAAA;CACxB;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,OAAO,CAAuC;IACtD,OAAO,CAAC,UAAU,CAAwB;IAC1C,OAAO,CAAC,mBAAmB,CAAO;IAElC;;OAEG;IACH,cAAc,CAAC,SAAS,EAAE,OAAO,GAAG,QAAQ,EAAE,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM;IAgBrF;;OAEG;IACH,YAAY,CAAC,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI;IAmB1E;;OAEG;IACH,OAAO,CAAC,aAAa;IA2CrB;;OAEG;IACH,UAAU,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,YAAY,GAAG,IAAI;IAKnD;;OAEG;IACH,aAAa,IAAI,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC;IAI1C;;OAEG;IACH,mBAAmB,CAAC,KAAK,SAAM,GAAG,eAAe,EAAE;IAInD;;OAEG;IACH,iBAAiB,IAAI;QACnB,eAAe,EAAE,MAAM,CAAA;QACvB,WAAW,EAAE,MAAM,CAAA;QACnB,mBAAmB,EAAE,MAAM,CAAA;QAC3B,mBAAmB,EAAE,MAAM,CAAA;KAC5B;IAiBD;;OAEG;IACH,kBAAkB,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,GAAG,IAAI;IA0BzD;;OAEG;IACH,YAAY,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI;IAStC;;OAEG;IACH,aAAa,IAAI;QACf,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,YAAY,CAAC,CAAA;QAC/C,gBAAgB,EAAE,eAAe,EAAE,CAAA;QACnC,OAAO,EAAE,UAAU,CAAC,GAAG,CAAC,CAAA;KACzB;CAOF"}
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
import { CredentialType } from '@vess-id/ai-identity-types';
|
|
2
|
+
export interface OrganizationDisclosureConfig {
|
|
3
|
+
organizationDid: string;
|
|
4
|
+
defaultFields: string[];
|
|
5
|
+
credentialTypeConfigs: Map<CredentialType, CredentialDisclosureConfig>;
|
|
6
|
+
createdAt: Date;
|
|
7
|
+
updatedAt: Date;
|
|
8
|
+
}
|
|
9
|
+
export interface CredentialDisclosureConfig {
|
|
10
|
+
type: CredentialType;
|
|
11
|
+
mandatoryFields: string[];
|
|
12
|
+
selectiveFields: string[];
|
|
13
|
+
neverDisclose: string[];
|
|
14
|
+
decoyFields?: number;
|
|
15
|
+
}
|
|
16
|
+
export declare class DisclosureConfigManager {
|
|
17
|
+
private configs;
|
|
18
|
+
/**
|
|
19
|
+
* Set disclosure configuration for an organization
|
|
20
|
+
*/
|
|
21
|
+
setOrganizationConfig(organizationDid: string, config: Partial<OrganizationDisclosureConfig>): Promise<void>;
|
|
22
|
+
/**
|
|
23
|
+
* Get disclosure configuration for an organization
|
|
24
|
+
*/
|
|
25
|
+
getOrganizationConfig(organizationDid: string): Promise<OrganizationDisclosureConfig | null>;
|
|
26
|
+
/**
|
|
27
|
+
* Set credential type specific disclosure configuration
|
|
28
|
+
*/
|
|
29
|
+
setCredentialTypeConfig(organizationDid: string, credentialType: CredentialType, config: CredentialDisclosureConfig): Promise<void>;
|
|
30
|
+
/**
|
|
31
|
+
* Get selective disclosure fields for a specific credential type and organization
|
|
32
|
+
*/
|
|
33
|
+
getSelectiveDisclosureFields(organizationDid: string, credentialType: CredentialType, requestedFields?: string[]): Promise<{
|
|
34
|
+
selectiveFields: string[];
|
|
35
|
+
mandatoryFields: string[];
|
|
36
|
+
neverDisclose: string[];
|
|
37
|
+
decoyCount: number;
|
|
38
|
+
}>;
|
|
39
|
+
/**
|
|
40
|
+
* Get default configuration for credential types
|
|
41
|
+
*/
|
|
42
|
+
private getDefaultConfiguration;
|
|
43
|
+
/**
|
|
44
|
+
* Validate disclosure request against organization policy
|
|
45
|
+
*/
|
|
46
|
+
validateDisclosureRequest(organizationDid: string, credentialType: CredentialType, requestedFields: string[]): Promise<{
|
|
47
|
+
valid: boolean;
|
|
48
|
+
allowedFields: string[];
|
|
49
|
+
rejectedFields: string[];
|
|
50
|
+
errors: string[];
|
|
51
|
+
}>;
|
|
52
|
+
/**
|
|
53
|
+
* Get all organization configurations (for admin purposes)
|
|
54
|
+
*/
|
|
55
|
+
getAllConfigurations(): Promise<OrganizationDisclosureConfig[]>;
|
|
56
|
+
/**
|
|
57
|
+
* Delete organization configuration
|
|
58
|
+
*/
|
|
59
|
+
deleteOrganizationConfig(organizationDid: string): Promise<boolean>;
|
|
60
|
+
}
|
|
61
|
+
//# sourceMappingURL=disclosure-config-manager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"disclosure-config-manager.d.ts","sourceRoot":"","sources":["../../src/organization/disclosure-config-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAA;AAE3D,MAAM,WAAW,4BAA4B;IAC3C,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,EAAE,CAAA;IACvB,qBAAqB,EAAE,GAAG,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAA;IACtE,SAAS,EAAE,IAAI,CAAA;IACf,SAAS,EAAE,IAAI,CAAA;CAChB;AAED,MAAM,WAAW,0BAA0B;IACzC,IAAI,EAAE,cAAc,CAAA;IACpB,eAAe,EAAE,MAAM,EAAE,CAAA;IACzB,eAAe,EAAE,MAAM,EAAE,CAAA;IACzB,aAAa,EAAE,MAAM,EAAE,CAAA;IACvB,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB;AAED,qBAAa,uBAAuB;IAClC,OAAO,CAAC,OAAO,CAAuD;IAEtE;;OAEG;IACG,qBAAqB,CACzB,eAAe,EAAE,MAAM,EACvB,MAAM,EAAE,OAAO,CAAC,4BAA4B,CAAC,GAC5C,OAAO,CAAC,IAAI,CAAC;IAehB;;OAEG;IACG,qBAAqB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC,4BAA4B,GAAG,IAAI,CAAC;IAIlG;;OAEG;IACG,uBAAuB,CAC3B,eAAe,EAAE,MAAM,EACvB,cAAc,EAAE,cAAc,EAC9B,MAAM,EAAE,0BAA0B,GACjC,OAAO,CAAC,IAAI,CAAC;IAoBhB;;OAEG;IACG,4BAA4B,CAChC,eAAe,EAAE,MAAM,EACvB,cAAc,EAAE,cAAc,EAC9B,eAAe,CAAC,EAAE,MAAM,EAAE,GACzB,OAAO,CAAC;QACT,eAAe,EAAE,MAAM,EAAE,CAAA;QACzB,eAAe,EAAE,MAAM,EAAE,CAAA;QACzB,aAAa,EAAE,MAAM,EAAE,CAAA;QACvB,UAAU,EAAE,MAAM,CAAA;KACnB,CAAC;IAoCF;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAoD/B;;OAEG;IACG,yBAAyB,CAC7B,eAAe,EAAE,MAAM,EACvB,cAAc,EAAE,cAAc,EAC9B,eAAe,EAAE,MAAM,EAAE,GACxB,OAAO,CAAC;QACT,KAAK,EAAE,OAAO,CAAA;QACd,aAAa,EAAE,MAAM,EAAE,CAAA;QACvB,cAAc,EAAE,MAAM,EAAE,CAAA;QACxB,MAAM,EAAE,MAAM,EAAE,CAAA;KACjB,CAAC;IA2BF;;OAEG;IACG,oBAAoB,IAAI,OAAO,CAAC,4BAA4B,EAAE,CAAC;IAIrE;;OAEG;IACG,wBAAwB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAG1E"}
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
import { KeyManager } from '../did/key-manager';
|
|
2
|
+
export interface KeyRotationConfig {
|
|
3
|
+
/** How often keys should be rotated (in hours) */
|
|
4
|
+
rotationInterval: number;
|
|
5
|
+
/** How many old keys to keep for verification */
|
|
6
|
+
keepOldKeys: number;
|
|
7
|
+
/** Warning threshold before rotation (in hours) */
|
|
8
|
+
warningThreshold: number;
|
|
9
|
+
}
|
|
10
|
+
export interface KeyRotationInfo {
|
|
11
|
+
currentKeyId: string;
|
|
12
|
+
nextRotationDate: Date;
|
|
13
|
+
oldKeys: Array<{
|
|
14
|
+
keyId: string;
|
|
15
|
+
rotatedAt: Date;
|
|
16
|
+
expiresAt: Date;
|
|
17
|
+
}>;
|
|
18
|
+
needsRotation: boolean;
|
|
19
|
+
warningActive: boolean;
|
|
20
|
+
}
|
|
21
|
+
export declare class KeyRotationManager {
|
|
22
|
+
private keyManager;
|
|
23
|
+
private config;
|
|
24
|
+
constructor(keyManager: KeyManager, config?: Partial<KeyRotationConfig>);
|
|
25
|
+
/**
|
|
26
|
+
* Check if organization keys need rotation
|
|
27
|
+
*/
|
|
28
|
+
checkRotationStatus(organizationDid: string): Promise<KeyRotationInfo>;
|
|
29
|
+
/**
|
|
30
|
+
* Rotate organization keys
|
|
31
|
+
* NOTE: Currently not implemented for did:jwk
|
|
32
|
+
*/
|
|
33
|
+
rotateOrganizationKeys(organizationDid: string): Promise<{
|
|
34
|
+
newDid: string;
|
|
35
|
+
newPrivateKey: any;
|
|
36
|
+
rotationDate: Date;
|
|
37
|
+
}>;
|
|
38
|
+
/**
|
|
39
|
+
* Get old keys for verification (useful for grace periods)
|
|
40
|
+
*/
|
|
41
|
+
getOldKeysForVerification(organizationDid: string): Promise<Array<{
|
|
42
|
+
keyId: string;
|
|
43
|
+
publicKey: any;
|
|
44
|
+
validUntil: Date;
|
|
45
|
+
}>>;
|
|
46
|
+
/**
|
|
47
|
+
* Plan future key rotation (for did:web or other mutable DID methods)
|
|
48
|
+
*/
|
|
49
|
+
planKeyRotation(organizationDid: string): Promise<{
|
|
50
|
+
plannedRotationDate: Date;
|
|
51
|
+
currentKeyAge: number;
|
|
52
|
+
recommendedAction: 'none' | 'prepare' | 'rotate_now' | 'urgent';
|
|
53
|
+
}>;
|
|
54
|
+
/**
|
|
55
|
+
* Update rotation configuration
|
|
56
|
+
*/
|
|
57
|
+
updateConfig(newConfig: Partial<KeyRotationConfig>): void;
|
|
58
|
+
/**
|
|
59
|
+
* Get current configuration
|
|
60
|
+
*/
|
|
61
|
+
getConfig(): KeyRotationConfig;
|
|
62
|
+
}
|
|
63
|
+
//# sourceMappingURL=key-rotation-manager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"key-rotation-manager.d.ts","sourceRoot":"","sources":["../../src/organization/key-rotation-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAA;AAG/C,MAAM,WAAW,iBAAiB;IAChC,kDAAkD;IAClD,gBAAgB,EAAE,MAAM,CAAA;IACxB,iDAAiD;IACjD,WAAW,EAAE,MAAM,CAAA;IACnB,mDAAmD;IACnD,gBAAgB,EAAE,MAAM,CAAA;CACzB;AAED,MAAM,WAAW,eAAe;IAC9B,YAAY,EAAE,MAAM,CAAA;IACpB,gBAAgB,EAAE,IAAI,CAAA;IACtB,OAAO,EAAE,KAAK,CAAC;QACb,KAAK,EAAE,MAAM,CAAA;QACb,SAAS,EAAE,IAAI,CAAA;QACf,SAAS,EAAE,IAAI,CAAA;KAChB,CAAC,CAAA;IACF,aAAa,EAAE,OAAO,CAAA;IACtB,aAAa,EAAE,OAAO,CAAA;CACvB;AAED,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,UAAU,CAAY;IAC9B,OAAO,CAAC,MAAM,CAAmB;gBAErB,UAAU,EAAE,UAAU,EAAE,MAAM,CAAC,EAAE,OAAO,CAAC,iBAAiB,CAAC;IAUvE;;OAEG;IACG,mBAAmB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC;IAe5E;;;OAGG;IACG,sBAAsB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC;QAC7D,MAAM,EAAE,MAAM,CAAA;QACd,aAAa,EAAE,GAAG,CAAA;QAClB,YAAY,EAAE,IAAI,CAAA;KACnB,CAAC;IAQF;;OAEG;IACG,yBAAyB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC;QACtE,KAAK,EAAE,MAAM,CAAA;QACb,SAAS,EAAE,GAAG,CAAA;QACd,UAAU,EAAE,IAAI,CAAA;KACjB,CAAC,CAAC;IAKH;;OAEG;IACG,eAAe,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC;QACtD,mBAAmB,EAAE,IAAI,CAAA;QACzB,aAAa,EAAE,MAAM,CAAA;QACrB,iBAAiB,EAAE,MAAM,GAAG,SAAS,GAAG,YAAY,GAAG,QAAQ,CAAA;KAChE,CAAC;IAcF;;OAEG;IACH,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,iBAAiB,CAAC,GAAG,IAAI;IAOzD;;OAEG;IACH,SAAS,IAAI,iBAAiB;CAG/B"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
import { VPManager } from '../vp/vp-manager';
|
|
2
|
+
import { VCManager } from '../vc/vc-manager';
|
|
3
|
+
import { ToolPermissionRequest, OrganizationConfig } from '@vess-id/ai-identity-types';
|
|
4
|
+
export declare class OrganizationManager {
|
|
5
|
+
private vpManager;
|
|
6
|
+
private vcManager;
|
|
7
|
+
private apiBaseUrl;
|
|
8
|
+
constructor(vpManager?: VPManager, vcManager?: VCManager);
|
|
9
|
+
/**
|
|
10
|
+
* Request tool permissions using employee VC
|
|
11
|
+
*/
|
|
12
|
+
requestToolPermissions(employeeVCJWT: string, requestedTools: ToolPermissionRequest[], holderDid: string): Promise<{
|
|
13
|
+
permittedPermissions: ToolPermissionRequest[];
|
|
14
|
+
employee: any;
|
|
15
|
+
}>;
|
|
16
|
+
/**
|
|
17
|
+
* Issue tool permissions to AI Agent based on organization approval
|
|
18
|
+
*/
|
|
19
|
+
issueOrganizationDelegatedPermissions(agentDid: string, employeeVCJWT: string, requestedTools: ToolPermissionRequest[], issuerDid: string): Promise<string[]>;
|
|
20
|
+
/**
|
|
21
|
+
* Create simplified workflow for employee to AI Agent delegation
|
|
22
|
+
*/
|
|
23
|
+
delegateToAIAgent(employeeVCJWT: string, agentDid: string, tools: string[], // ['slack', 'gmail', 'github']
|
|
24
|
+
issuerDid: string, options?: {
|
|
25
|
+
duration?: string;
|
|
26
|
+
justification?: string;
|
|
27
|
+
}): Promise<{
|
|
28
|
+
issuedVCs: string[];
|
|
29
|
+
permissionSummary: Record<string, string[]>;
|
|
30
|
+
}>;
|
|
31
|
+
/**
|
|
32
|
+
* Register organization with AIdentity
|
|
33
|
+
*/
|
|
34
|
+
registerOrganization(config: OrganizationConfig): Promise<void>;
|
|
35
|
+
private generateChallenge;
|
|
36
|
+
private extractActionFromVC;
|
|
37
|
+
}
|
|
38
|
+
//# sourceMappingURL=organization-manager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"organization-manager.d.ts","sourceRoot":"","sources":["../../src/organization/organization-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAA;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAA;AAE5C,OAAO,EAGL,qBAAqB,EACrB,kBAAkB,EACnB,MAAM,4BAA4B,CAAA;AAEnC,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,SAAS,CAAW;IAC5B,OAAO,CAAC,SAAS,CAAW;IAC5B,OAAO,CAAC,UAAU,CAAQ;gBAEd,SAAS,CAAC,EAAE,SAAS,EAAE,SAAS,CAAC,EAAE,SAAS;IAOxD;;OAEG;IACG,sBAAsB,CAC1B,aAAa,EAAE,MAAM,EACrB,cAAc,EAAE,qBAAqB,EAAE,EACvC,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC;QACT,oBAAoB,EAAE,qBAAqB,EAAE,CAAA;QAC7C,QAAQ,EAAE,GAAG,CAAA;KACd,CAAC;IAmCF;;OAEG;IACG,qCAAqC,CACzC,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,EACrB,cAAc,EAAE,qBAAqB,EAAE,EACvC,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,MAAM,EAAE,CAAC;IAmCpB;;OAEG;IACG,iBAAiB,CACrB,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EAAE,EAAE,+BAA+B;IAChD,SAAS,EAAE,MAAM,EACjB,OAAO,CAAC,EAAE;QACR,QAAQ,CAAC,EAAE,MAAM,CAAA;QACjB,aAAa,CAAC,EAAE,MAAM,CAAA;KACvB,GACA,OAAO,CAAC;QACT,SAAS,EAAE,MAAM,EAAE,CAAA;QACnB,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAA;KAC5C,CAAC;IA8BF;;OAEG;IACG,oBAAoB,CAAC,MAAM,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;IAYrE,OAAO,CAAC,iBAAiB;IAIzB,OAAO,CAAC,mBAAmB;CAU5B"}
|
|
@@ -0,0 +1,183 @@
|
|
|
1
|
+
import { ActionRegistry, Relation, ResourceType } from './action-registry';
|
|
2
|
+
/** ReBAC: 関係性チェック(SpiceDB/Zanzibar想定)。OR解釈で複数relationのいずれか成立でtrue */
|
|
3
|
+
export interface ReBACChecker {
|
|
4
|
+
check(subjectDid: string, // User DID or Agent DID
|
|
5
|
+
relations: Relation[], // ["editor","act_as"] など
|
|
6
|
+
resourceRef: ResourceRef): Promise<boolean>;
|
|
7
|
+
}
|
|
8
|
+
/** ABAC: 条件判定(Cerbos/OPA想定)。trueなら許可。 */
|
|
9
|
+
export interface ABACPolicyEngine {
|
|
10
|
+
evaluate(input: AbacInput): Promise<AbacDecision>;
|
|
11
|
+
}
|
|
12
|
+
export interface AbacInput {
|
|
13
|
+
principal: {
|
|
14
|
+
id: string;
|
|
15
|
+
roles?: string[];
|
|
16
|
+
claims?: Record<string, unknown>;
|
|
17
|
+
};
|
|
18
|
+
resource: {
|
|
19
|
+
kind: ResourceType;
|
|
20
|
+
id: string;
|
|
21
|
+
attr?: Record<string, unknown>;
|
|
22
|
+
};
|
|
23
|
+
action: string;
|
|
24
|
+
context?: Record<string, unknown>;
|
|
25
|
+
}
|
|
26
|
+
export interface AbacDecision {
|
|
27
|
+
allow: boolean;
|
|
28
|
+
ruleId?: string;
|
|
29
|
+
reason?: string;
|
|
30
|
+
}
|
|
31
|
+
/** Credential選択:最小スコープを満たす外部トークンを取得(Bot/Installation/OAuth) */
|
|
32
|
+
export interface CredentialStore {
|
|
33
|
+
pickMinimal(provider: Provider, // "slack" | "github" | "google"
|
|
34
|
+
iaId: string, // IntegrationAccount ID
|
|
35
|
+
requiredScopes: string[], subjectDid: string): Promise<CredentialRef | null>;
|
|
36
|
+
}
|
|
37
|
+
export type Provider = 'slack' | 'github' | 'google';
|
|
38
|
+
export interface CredentialRef {
|
|
39
|
+
id: string;
|
|
40
|
+
provider: Provider;
|
|
41
|
+
scopes: string[];
|
|
42
|
+
}
|
|
43
|
+
/** VP検証(SD-JWT/ISO 23220/mdoc/OID4VP):成功時にVCクレームを返す */
|
|
44
|
+
export interface VpVerifier {
|
|
45
|
+
verifyAndExtractClaims(vpToken: string): Promise<VerifiedVcClaims>;
|
|
46
|
+
}
|
|
47
|
+
/** 発行した Delegation VC に含めることを想定した最小構造 */
|
|
48
|
+
export interface VerifiedVcClaims {
|
|
49
|
+
allowed_actions: string[];
|
|
50
|
+
resource_scope: ResourceScope[];
|
|
51
|
+
expires_at?: string;
|
|
52
|
+
actor?: string;
|
|
53
|
+
assurance_level?: number;
|
|
54
|
+
cnf?: {
|
|
55
|
+
jwk_thumbprint?: string;
|
|
56
|
+
};
|
|
57
|
+
[k: string]: unknown;
|
|
58
|
+
}
|
|
59
|
+
export interface ResourceRef {
|
|
60
|
+
/** プロバイダ別のリソース識別子(例:Slack channel id, GitHub repo full_name, Drive file id) */
|
|
61
|
+
id: string;
|
|
62
|
+
type: ResourceType;
|
|
63
|
+
/** 紐づくIntegrationAccountのID(どのSlackワークスペース/どのGitHub Orgか) */
|
|
64
|
+
iaId: string;
|
|
65
|
+
/** 追加属性(機密度など) */
|
|
66
|
+
attr?: Record<string, unknown>;
|
|
67
|
+
}
|
|
68
|
+
/** VCに刻む「スコープ」表現の一例(最小定義) */
|
|
69
|
+
export type ResourceScope = {
|
|
70
|
+
kind: 'Workspace';
|
|
71
|
+
id: string;
|
|
72
|
+
} | {
|
|
73
|
+
kind: 'IntegrationAccount';
|
|
74
|
+
id: string;
|
|
75
|
+
} | {
|
|
76
|
+
kind: 'Resource';
|
|
77
|
+
type: ResourceType;
|
|
78
|
+
id: string;
|
|
79
|
+
};
|
|
80
|
+
/** 監査用の判定理由 */
|
|
81
|
+
export interface DecisionTrace {
|
|
82
|
+
rebac?: {
|
|
83
|
+
ok: boolean;
|
|
84
|
+
relations: Relation[];
|
|
85
|
+
};
|
|
86
|
+
delegation?: {
|
|
87
|
+
ok: boolean;
|
|
88
|
+
matched_action?: boolean;
|
|
89
|
+
in_scope?: boolean;
|
|
90
|
+
notExpired?: boolean;
|
|
91
|
+
};
|
|
92
|
+
abac?: {
|
|
93
|
+
ok: boolean;
|
|
94
|
+
ruleId?: string;
|
|
95
|
+
reason?: string;
|
|
96
|
+
};
|
|
97
|
+
scope?: {
|
|
98
|
+
ok: boolean;
|
|
99
|
+
required: string[];
|
|
100
|
+
chosenCredentialId?: string;
|
|
101
|
+
};
|
|
102
|
+
}
|
|
103
|
+
/** Capability名やAction名(混在OK)から、実アクション配列に解決 */
|
|
104
|
+
export declare function resolveActionsFromSelection(registry: ActionRegistry, selection: string[]): string[];
|
|
105
|
+
export interface PlanDelegationInput {
|
|
106
|
+
registry: ActionRegistry;
|
|
107
|
+
issuerUserDid: string;
|
|
108
|
+
delegateAgentDid: string;
|
|
109
|
+
/** ユーザーが UI 等で選んだアクション/ケイパビリティ */
|
|
110
|
+
requested: string[];
|
|
111
|
+
/** この委任が及ぶスコープ(Workspace/IA/Resource) */
|
|
112
|
+
resourceScope: ResourceScope[];
|
|
113
|
+
/** 有効期限(ISO) */
|
|
114
|
+
expiresAt?: string;
|
|
115
|
+
/** ABAC前提で要求する最小アシュアランス等(必要なら) */
|
|
116
|
+
minAssuranceLevel?: number;
|
|
117
|
+
/** ABAC/Cerbos用のruntime context(時間帯/場所/リスク等) */
|
|
118
|
+
context?: Record<string, unknown>;
|
|
119
|
+
/** Provider 推測のためのヒント(Credential選択時に使う) */
|
|
120
|
+
providerByIa?: Record<string, Provider>;
|
|
121
|
+
/** 実行時に用いるReBAC/ABAC/Credentialのハンドラ */
|
|
122
|
+
rebac: ReBACChecker;
|
|
123
|
+
abac: ABACPolicyEngine;
|
|
124
|
+
creds: CredentialStore;
|
|
125
|
+
}
|
|
126
|
+
export interface PlanDelegationResult {
|
|
127
|
+
granted_actions: string[];
|
|
128
|
+
rejected_actions: string[];
|
|
129
|
+
traceByAction: Record<string, DecisionTrace>;
|
|
130
|
+
}
|
|
131
|
+
/**
|
|
132
|
+
* VC発行前に、リクエストされたアクション群を
|
|
133
|
+
* - Registryに存在
|
|
134
|
+
* - ReBAC(委任元=issuerUserDid が十分な関係を持つ)
|
|
135
|
+
* - ABACポリシー適合
|
|
136
|
+
* - 必要スコープを満たすクレデンシャルが存在
|
|
137
|
+
* の観点で絞り込み、発行して良いものだけ返す。
|
|
138
|
+
*/
|
|
139
|
+
export declare function planDelegationForVC(input: PlanDelegationInput): Promise<PlanDelegationResult>;
|
|
140
|
+
export interface CheckPermissionInput {
|
|
141
|
+
registry: ActionRegistry;
|
|
142
|
+
actorDid: string;
|
|
143
|
+
onBehalfOfDid?: string;
|
|
144
|
+
action: string;
|
|
145
|
+
resource: ResourceRef;
|
|
146
|
+
vpToken: string;
|
|
147
|
+
context?: Record<string, unknown>;
|
|
148
|
+
rebac: ReBACChecker;
|
|
149
|
+
abac: ABACPolicyEngine;
|
|
150
|
+
creds: CredentialStore;
|
|
151
|
+
vpVerifier: VpVerifier;
|
|
152
|
+
}
|
|
153
|
+
export interface CheckPermissionResult {
|
|
154
|
+
allow: boolean;
|
|
155
|
+
reason?: string;
|
|
156
|
+
trace: DecisionTrace;
|
|
157
|
+
credential?: CredentialRef | null;
|
|
158
|
+
}
|
|
159
|
+
/**
|
|
160
|
+
* 実行直前のフル判定。
|
|
161
|
+
* 1) ReBAC: actor がresourceに対する 基本関係/act_as を満たすか
|
|
162
|
+
* 2) Delegation(VC): actionがallowedか / resourceがscope内か / 期限内か
|
|
163
|
+
* 3) ABAC: コンテキストやassurance levelに適合するか
|
|
164
|
+
* 4) Scope/Credential: 必要スコープを満たすクレデンシャルが取得できるか
|
|
165
|
+
*/
|
|
166
|
+
export declare function checkPermissionWithVP(input: CheckPermissionInput): Promise<CheckPermissionResult>;
|
|
167
|
+
export declare class AllowAllAbac implements ABACPolicyEngine {
|
|
168
|
+
evaluate(): Promise<AbacDecision>;
|
|
169
|
+
}
|
|
170
|
+
export declare class SimpleRebac implements ReBACChecker {
|
|
171
|
+
private allowRelations;
|
|
172
|
+
constructor(allowRelations?: Relation[]);
|
|
173
|
+
check(_sub: string, relations: Relation[]): Promise<boolean>;
|
|
174
|
+
}
|
|
175
|
+
export declare class DummyCreds implements CredentialStore {
|
|
176
|
+
pickMinimal(provider: Provider, _iaId: string, requiredScopes: string[]): Promise<CredentialRef | null>;
|
|
177
|
+
}
|
|
178
|
+
export declare class DummyVpVerifier implements VpVerifier {
|
|
179
|
+
private vc;
|
|
180
|
+
constructor(vc: VerifiedVcClaims);
|
|
181
|
+
verifyAndExtractClaims(): Promise<VerifiedVcClaims>;
|
|
182
|
+
}
|
|
183
|
+
//# sourceMappingURL=access-orchestrator.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"access-orchestrator.d.ts","sourceRoot":"","sources":["../../src/registry/access-orchestrator.ts"],"names":[],"mappings":"AAMA,OAAO,EACL,cAAc,EAGd,QAAQ,EACR,YAAY,EAKb,MAAM,mBAAmB,CAAA;AAI1B,qEAAqE;AACrE,MAAM,WAAW,YAAY;IAC3B,KAAK,CACH,UAAU,EAAE,MAAM,EAAE,wBAAwB;IAC5C,SAAS,EAAE,QAAQ,EAAE,EAAE,yBAAyB;IAChD,WAAW,EAAE,WAAW,GACvB,OAAO,CAAC,OAAO,CAAC,CAAA;CACpB;AAED,yCAAyC;AACzC,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,KAAK,EAAE,SAAS,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;CAClD;AACD,MAAM,WAAW,SAAS;IACxB,SAAS,EAAE;QACT,EAAE,EAAE,MAAM,CAAA;QACV,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;QAChB,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KACjC,CAAA;IACD,QAAQ,EAAE;QACR,IAAI,EAAE,YAAY,CAAA;QAClB,EAAE,EAAE,MAAM,CAAA;QACV,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAC/B,CAAA;IACD,MAAM,EAAE,MAAM,CAAA;IACd,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAClC;AACD,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,OAAO,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB;AAED,+DAA+D;AAC/D,MAAM,WAAW,eAAe;IAC9B,WAAW,CACT,QAAQ,EAAE,QAAQ,EAAE,gCAAgC;IACpD,IAAI,EAAE,MAAM,EAAE,wBAAwB;IACtC,cAAc,EAAE,MAAM,EAAE,EACxB,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAA;CACjC;AACD,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAA;AACpD,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAA;IACV,QAAQ,EAAE,QAAQ,CAAA;IAClB,MAAM,EAAE,MAAM,EAAE,CAAA;CAEjB;AAED,uDAAuD;AACvD,MAAM,WAAW,UAAU;IACzB,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAA;CACnE;AACD,yCAAyC;AACzC,MAAM,WAAW,gBAAgB;IAE/B,eAAe,EAAE,MAAM,EAAE,CAAA;IACzB,cAAc,EAAE,aAAa,EAAE,CAAA;IAC/B,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,eAAe,CAAC,EAAE,MAAM,CAAA;IAExB,GAAG,CAAC,EAAE;QAAE,cAAc,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;IAEjC,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;CACrB;AAID,MAAM,WAAW,WAAW;IAC1B,+EAA+E;IAC/E,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,YAAY,CAAA;IAClB,6DAA6D;IAC7D,IAAI,EAAE,MAAM,CAAA;IACZ,kBAAkB;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAC/B;AAED,6BAA6B;AAC7B,MAAM,MAAM,aAAa,GACrB;IAAE,IAAI,EAAE,WAAW,CAAC;IAAC,EAAE,EAAE,MAAM,CAAA;CAAE,GACjC;IAAE,IAAI,EAAE,oBAAoB,CAAC;IAAC,EAAE,EAAE,MAAM,CAAA;CAAE,GAC1C;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,IAAI,EAAE,YAAY,CAAC;IAAC,EAAE,EAAE,MAAM,CAAA;CAAE,CAAA;AAExD,eAAe;AACf,MAAM,WAAW,aAAa;IAC5B,KAAK,CAAC,EAAE;QAAE,EAAE,EAAE,OAAO,CAAC;QAAC,SAAS,EAAE,QAAQ,EAAE,CAAA;KAAE,CAAA;IAC9C,UAAU,CAAC,EAAE;QACX,EAAE,EAAE,OAAO,CAAA;QACX,cAAc,CAAC,EAAE,OAAO,CAAA;QACxB,QAAQ,CAAC,EAAE,OAAO,CAAA;QAClB,UAAU,CAAC,EAAE,OAAO,CAAA;KACrB,CAAA;IACD,IAAI,CAAC,EAAE;QAAE,EAAE,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;IACxD,KAAK,CAAC,EAAE;QAAE,EAAE,EAAE,OAAO,CAAC;QAAC,QAAQ,EAAE,MAAM,EAAE,CAAC;QAAC,kBAAkB,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;CACzE;AAID,8CAA8C;AAC9C,wBAAgB,2BAA2B,CACzC,QAAQ,EAAE,cAAc,EACxB,SAAS,EAAE,MAAM,EAAE,GAClB,MAAM,EAAE,CAkBV;AAID,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,cAAc,CAAA;IACxB,aAAa,EAAE,MAAM,CAAA;IACrB,gBAAgB,EAAE,MAAM,CAAA;IACxB,kCAAkC;IAClC,SAAS,EAAE,MAAM,EAAE,CAAA;IACnB,yCAAyC;IACzC,aAAa,EAAE,aAAa,EAAE,CAAA;IAC9B,gBAAgB;IAChB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,kCAAkC;IAClC,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,gDAAgD;IAChD,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IACjC,2CAA2C;IAC3C,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;IACvC,wCAAwC;IACxC,KAAK,EAAE,YAAY,CAAA;IACnB,IAAI,EAAE,gBAAgB,CAAA;IACtB,KAAK,EAAE,eAAe,CAAA;CACvB;AAED,MAAM,WAAW,oBAAoB;IACnC,eAAe,EAAE,MAAM,EAAE,CAAA;IACzB,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,CAAA;CAC7C;AAED;;;;;;;GAOG;AACH,wBAAsB,mBAAmB,CACvC,KAAK,EAAE,mBAAmB,GACzB,OAAO,CAAC,oBAAoB,CAAC,CA6G/B;AAeD,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,cAAc,CAAA;IACxB,QAAQ,EAAE,MAAM,CAAA;IAChB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,EAAE,WAAW,CAAA;IACrB,OAAO,EAAE,MAAM,CAAA;IACf,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IACjC,KAAK,EAAE,YAAY,CAAA;IACnB,IAAI,EAAE,gBAAgB,CAAA;IACtB,KAAK,EAAE,eAAe,CAAA;IACtB,UAAU,EAAE,UAAU,CAAA;CACvB;AAED,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,OAAO,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,KAAK,EAAE,aAAa,CAAA;IACpB,UAAU,CAAC,EAAE,aAAa,GAAG,IAAI,CAAA;CAClC;AAED;;;;;;GAMG;AACH,wBAAsB,qBAAqB,CACzC,KAAK,EAAE,oBAAoB,GAC1B,OAAO,CAAC,qBAAqB,CAAC,CA2EhC;AAsBD,qBAAa,YAAa,YAAW,gBAAgB;IAC7C,QAAQ,IAAI,OAAO,CAAC,YAAY,CAAC;CAGxC;AACD,qBAAa,WAAY,YAAW,YAAY;IAE5C,OAAO,CAAC,cAAc;gBAAd,cAAc,GAAE,QAAQ,EAAqD;IAEjF,KAAK,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;CAGnE;AACD,qBAAa,UAAW,YAAW,eAAe;IAC1C,WAAW,CACf,QAAQ,EAAE,QAAQ,EAClB,KAAK,EAAE,MAAM,EACb,cAAc,EAAE,MAAM,EAAE,GACvB,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;CAKjC;AACD,qBAAa,eAAgB,YAAW,UAAU;IACpC,OAAO,CAAC,EAAE;gBAAF,EAAE,EAAE,gBAAgB;IAClC,sBAAsB,IAAI,OAAO,CAAC,gBAAgB,CAAC;CAG1D"}
|