@workos-inc/node 8.7.0 → 8.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/factory-ClnPnWTz.mjs +4729 -0
- package/lib/factory-ClnPnWTz.mjs.map +1 -0
- package/lib/factory-DlHvKYOI.cjs +4914 -0
- package/lib/factory-DlHvKYOI.cjs.map +1 -0
- package/lib/index.cjs +33 -74
- package/lib/index.cjs.map +1 -1
- package/lib/index.d.cts +19 -156
- package/lib/index.d.mts +34 -0
- package/lib/index.mjs +39 -0
- package/lib/index.mjs.map +1 -0
- package/lib/index.worker.cjs +32 -71
- package/lib/index.worker.cjs.map +1 -1
- package/lib/index.worker.d.cts +2 -135
- package/lib/index.worker.d.mts +2 -0
- package/lib/index.worker.mjs +34 -0
- package/lib/index.worker.mjs.map +1 -0
- package/lib/webapi-DoOhnR2U.cjs +3336 -0
- package/lib/webapi-DoOhnR2U.cjs.map +1 -0
- package/lib/webapi-oTg8yaNv.mjs +3289 -0
- package/lib/webapi-oTg8yaNv.mjs.map +1 -0
- package/lib/workos-CcjPGl_n.d.cts +4973 -0
- package/lib/workos-DYZ38_bk.d.mts +4973 -0
- package/package.json +51 -74
- package/lib/access-token.interface-Buok__jV.d.cts +0 -18
- package/lib/access-token.serializer-tYgOvBoN.cjs +0 -20
- package/lib/access-token.serializer-tYgOvBoN.cjs.map +0 -1
- package/lib/action.interface-CuR159eL.cjs +0 -0
- package/lib/action.interface-TVBOqlx0.d.cts +0 -63
- package/lib/action.serializer-DAcb-o-1.cjs +0 -47
- package/lib/action.serializer-DAcb-o-1.cjs.map +0 -1
- package/lib/actions/actions.cjs +0 -3
- package/lib/actions/actions.d.cts +0 -2
- package/lib/actions/actions.d.ts +0 -41
- package/lib/actions/actions.js +0 -53
- package/lib/actions/actions.js.map +0 -1
- package/lib/actions/interfaces/action.interface.cjs +0 -0
- package/lib/actions/interfaces/action.interface.d.cts +0 -2
- package/lib/actions/interfaces/action.interface.d.ts +0 -63
- package/lib/actions/interfaces/action.interface.js +0 -1
- package/lib/actions/interfaces/index.cjs +0 -0
- package/lib/actions/interfaces/index.d.cts +0 -3
- package/lib/actions/interfaces/index.d.ts +0 -3
- package/lib/actions/interfaces/index.js +0 -1
- package/lib/actions/interfaces/response-payload.interface.cjs +0 -0
- package/lib/actions/interfaces/response-payload.interface.d.cts +0 -2
- package/lib/actions/interfaces/response-payload.interface.d.ts +0 -26
- package/lib/actions/interfaces/response-payload.interface.js +0 -1
- package/lib/actions/serializers/action.serializer.cjs +0 -3
- package/lib/actions/serializers/action.serializer.d.cts +0 -7
- package/lib/actions/serializers/action.serializer.d.ts +0 -7
- package/lib/actions/serializers/action.serializer.js +0 -42
- package/lib/actions/serializers/action.serializer.js.map +0 -1
- package/lib/actions-BjKImREg.d.cts +0 -41
- package/lib/actions-DRojhekm.cjs +0 -58
- package/lib/actions-DRojhekm.cjs.map +0 -1
- package/lib/add-environment-role-permission-options.interface-DPQPMlMJ.d.cts +0 -7
- package/lib/add-environment-role-permission-options.interface-SgWJ1ky5.cjs +0 -0
- package/lib/add-flag-target-options.interface-5g9jOlv2.cjs +0 -0
- package/lib/add-flag-target-options.interface-9IQ0-3hu.d.cts +0 -8
- package/lib/add-organization-role-permission-options.interface-DjcIZCA2.d.cts +0 -7
- package/lib/add-organization-role-permission-options.interface-vB_dUo4U.cjs +0 -0
- package/lib/api-key-required.exception-DUX_xJyw.d.cts +0 -10
- package/lib/api-key-required.exception-hy_QT4YB.cjs +0 -20
- package/lib/api-key-required.exception-hy_QT4YB.cjs.map +0 -1
- package/lib/api-key.interface-CiHEJPea.d.cts +0 -32
- package/lib/api-key.interface-D9M-QfXG.cjs +0 -0
- package/lib/api-key.serializer-384tUKDU.cjs +0 -24
- package/lib/api-key.serializer-384tUKDU.cjs.map +0 -1
- package/lib/api-key.serializer-DM6_cVFr.d.cts +0 -7
- package/lib/api-keys/api-keys.cjs +0 -3
- package/lib/api-keys/api-keys.d.cts +0 -2
- package/lib/api-keys/api-keys.d.ts +0 -13
- package/lib/api-keys/api-keys.js +0 -19
- package/lib/api-keys/api-keys.js.map +0 -1
- package/lib/api-keys/interfaces/api-key.interface.cjs +0 -0
- package/lib/api-keys/interfaces/api-key.interface.d.cts +0 -2
- package/lib/api-keys/interfaces/api-key.interface.d.ts +0 -32
- package/lib/api-keys/interfaces/api-key.interface.js +0 -1
- package/lib/api-keys/interfaces/create-organization-api-key-options.interface.cjs +0 -0
- package/lib/api-keys/interfaces/create-organization-api-key-options.interface.d.cts +0 -2
- package/lib/api-keys/interfaces/create-organization-api-key-options.interface.d.ts +0 -16
- package/lib/api-keys/interfaces/create-organization-api-key-options.interface.js +0 -1
- package/lib/api-keys/interfaces/created-api-key.interface.cjs +0 -0
- package/lib/api-keys/interfaces/created-api-key.interface.d.cts +0 -2
- package/lib/api-keys/interfaces/created-api-key.interface.d.ts +0 -34
- package/lib/api-keys/interfaces/created-api-key.interface.js +0 -1
- package/lib/api-keys/interfaces/index.cjs +0 -0
- package/lib/api-keys/interfaces/index.d.cts +0 -6
- package/lib/api-keys/interfaces/index.d.ts +0 -6
- package/lib/api-keys/interfaces/index.js +0 -1
- package/lib/api-keys/interfaces/list-organization-api-keys-options.interface.cjs +0 -0
- package/lib/api-keys/interfaces/list-organization-api-keys-options.interface.d.cts +0 -2
- package/lib/api-keys/interfaces/list-organization-api-keys-options.interface.d.ts +0 -9
- package/lib/api-keys/interfaces/list-organization-api-keys-options.interface.js +0 -1
- package/lib/api-keys/interfaces/validate-api-key.interface.cjs +0 -0
- package/lib/api-keys/interfaces/validate-api-key.interface.d.cts +0 -2
- package/lib/api-keys/interfaces/validate-api-key.interface.d.ts +0 -15
- package/lib/api-keys/interfaces/validate-api-key.interface.js +0 -1
- package/lib/api-keys/serializers/api-key.serializer.cjs +0 -3
- package/lib/api-keys/serializers/api-key.serializer.d.cts +0 -2
- package/lib/api-keys/serializers/api-key.serializer.d.ts +0 -7
- package/lib/api-keys/serializers/api-key.serializer.js +0 -18
- package/lib/api-keys/serializers/api-key.serializer.js.map +0 -1
- package/lib/api-keys/serializers/create-organization-api-key-options.serializer.cjs +0 -3
- package/lib/api-keys/serializers/create-organization-api-key-options.serializer.d.cts +0 -2
- package/lib/api-keys/serializers/create-organization-api-key-options.serializer.d.ts +0 -7
- package/lib/api-keys/serializers/create-organization-api-key-options.serializer.js +0 -11
- package/lib/api-keys/serializers/create-organization-api-key-options.serializer.js.map +0 -1
- package/lib/api-keys/serializers/created-api-key.serializer.cjs +0 -3
- package/lib/api-keys/serializers/created-api-key.serializer.d.cts +0 -2
- package/lib/api-keys/serializers/created-api-key.serializer.d.ts +0 -7
- package/lib/api-keys/serializers/created-api-key.serializer.js +0 -19
- package/lib/api-keys/serializers/created-api-key.serializer.js.map +0 -1
- package/lib/api-keys/serializers/index.cjs +0 -9
- package/lib/api-keys/serializers/index.d.cts +0 -5
- package/lib/api-keys/serializers/index.d.ts +0 -5
- package/lib/api-keys/serializers/index.js +0 -6
- package/lib/api-keys/serializers/validate-api-key.serializer.cjs +0 -3
- package/lib/api-keys/serializers/validate-api-key.serializer.d.cts +0 -2
- package/lib/api-keys/serializers/validate-api-key.serializer.d.ts +0 -7
- package/lib/api-keys/serializers/validate-api-key.serializer.js +0 -10
- package/lib/api-keys/serializers/validate-api-key.serializer.js.map +0 -1
- package/lib/api-keys-DpNACVjB.cjs +0 -24
- package/lib/api-keys-DpNACVjB.cjs.map +0 -1
- package/lib/api-keys-FoD7rQEa.d.cts +0 -779
- package/lib/app-info.interface-DXCu_oOm.d.cts +0 -8
- package/lib/assign-role-options.interface-CoMCEKhg.cjs +0 -0
- package/lib/assign-role-options.interface-EodzUpo8.d.cts +0 -19
- package/lib/assign-role-options.serializer-B2EB0RUA.d.cts +0 -7
- package/lib/assign-role-options.serializer-Bt2btRso.cjs +0 -19
- package/lib/assign-role-options.serializer-Bt2btRso.cjs.map +0 -1
- package/lib/audit-log-export-options.interface-DFCYxLnl.d.cts +0 -22
- package/lib/audit-log-export-options.interface-mof1h-Fh.cjs +0 -0
- package/lib/audit-log-export-options.serializer-BTNHRx_Y.d.cts +0 -7
- package/lib/audit-log-export-options.serializer-DAwtL9MV.cjs +0 -20
- package/lib/audit-log-export-options.serializer-DAwtL9MV.cjs.map +0 -1
- package/lib/audit-log-export.interface-DdSK_HSO.d.cts +0 -20
- package/lib/audit-log-export.interface-ndtjUpSz.cjs +0 -0
- package/lib/audit-log-export.serializer-DyItrRKD.cjs +0 -19
- package/lib/audit-log-export.serializer-DyItrRKD.cjs.map +0 -1
- package/lib/audit-log-export.serializer-pz3S0J_1.d.cts +0 -7
- package/lib/audit-logs/audit-logs.cjs +0 -3
- package/lib/audit-logs/audit-logs.d.cts +0 -2
- package/lib/audit-logs/audit-logs.d.ts +0 -18
- package/lib/audit-logs/audit-logs.js +0 -38
- package/lib/audit-logs/audit-logs.js.map +0 -1
- package/lib/audit-logs/interfaces/audit-log-export-options.interface.cjs +0 -0
- package/lib/audit-logs/interfaces/audit-log-export-options.interface.d.cts +0 -2
- package/lib/audit-logs/interfaces/audit-log-export-options.interface.d.ts +0 -22
- package/lib/audit-logs/interfaces/audit-log-export-options.interface.js +0 -1
- package/lib/audit-logs/interfaces/audit-log-export.interface.cjs +0 -0
- package/lib/audit-logs/interfaces/audit-log-export.interface.d.cts +0 -2
- package/lib/audit-logs/interfaces/audit-log-export.interface.d.ts +0 -20
- package/lib/audit-logs/interfaces/audit-log-export.interface.js +0 -1
- package/lib/audit-logs/interfaces/create-audit-log-event-options.interface.cjs +0 -0
- package/lib/audit-logs/interfaces/create-audit-log-event-options.interface.d.cts +0 -2
- package/lib/audit-logs/interfaces/create-audit-log-event-options.interface.d.ts +0 -43
- package/lib/audit-logs/interfaces/create-audit-log-event-options.interface.js +0 -1
- package/lib/audit-logs/interfaces/create-audit-log-schema-options.interface.cjs +0 -0
- package/lib/audit-logs/interfaces/create-audit-log-schema-options.interface.d.cts +0 -2
- package/lib/audit-logs/interfaces/create-audit-log-schema-options.interface.d.ts +0 -67
- package/lib/audit-logs/interfaces/create-audit-log-schema-options.interface.js +0 -1
- package/lib/audit-logs/interfaces/index.cjs +0 -0
- package/lib/audit-logs/interfaces/index.d.cts +0 -5
- package/lib/audit-logs/interfaces/index.d.ts +0 -5
- package/lib/audit-logs/interfaces/index.js +0 -1
- package/lib/audit-logs/serializers/audit-log-export-options.serializer.cjs +0 -3
- package/lib/audit-logs/serializers/audit-log-export-options.serializer.d.cts +0 -2
- package/lib/audit-logs/serializers/audit-log-export-options.serializer.d.ts +0 -7
- package/lib/audit-logs/serializers/audit-log-export-options.serializer.js +0 -14
- package/lib/audit-logs/serializers/audit-log-export-options.serializer.js.map +0 -1
- package/lib/audit-logs/serializers/audit-log-export.serializer.cjs +0 -3
- package/lib/audit-logs/serializers/audit-log-export.serializer.d.cts +0 -2
- package/lib/audit-logs/serializers/audit-log-export.serializer.d.ts +0 -7
- package/lib/audit-logs/serializers/audit-log-export.serializer.js +0 -13
- package/lib/audit-logs/serializers/audit-log-export.serializer.js.map +0 -1
- package/lib/audit-logs/serializers/create-audit-log-event-options.serializer.cjs +0 -3
- package/lib/audit-logs/serializers/create-audit-log-event-options.serializer.d.cts +0 -2
- package/lib/audit-logs/serializers/create-audit-log-event-options.serializer.d.ts +0 -7
- package/lib/audit-logs/serializers/create-audit-log-event-options.serializer.js +0 -17
- package/lib/audit-logs/serializers/create-audit-log-event-options.serializer.js.map +0 -1
- package/lib/audit-logs/serializers/create-audit-log-schema-options.serializer.cjs +0 -3
- package/lib/audit-logs/serializers/create-audit-log-schema-options.serializer.d.cts +0 -2
- package/lib/audit-logs/serializers/create-audit-log-schema-options.serializer.d.ts +0 -7
- package/lib/audit-logs/serializers/create-audit-log-schema-options.serializer.js +0 -32
- package/lib/audit-logs/serializers/create-audit-log-schema-options.serializer.js.map +0 -1
- package/lib/audit-logs/serializers/create-audit-log-schema.serializer.cjs +0 -3
- package/lib/audit-logs/serializers/create-audit-log-schema.serializer.d.cts +0 -2
- package/lib/audit-logs/serializers/create-audit-log-schema.serializer.d.ts +0 -7
- package/lib/audit-logs/serializers/create-audit-log-schema.serializer.js +0 -26
- package/lib/audit-logs/serializers/create-audit-log-schema.serializer.js.map +0 -1
- package/lib/audit-logs/serializers/index.cjs +0 -11
- package/lib/audit-logs/serializers/index.d.cts +0 -6
- package/lib/audit-logs/serializers/index.d.ts +0 -6
- package/lib/audit-logs/serializers/index.js +0 -7
- package/lib/audit-logs-BXPMHkYl.cjs +0 -43
- package/lib/audit-logs-BXPMHkYl.cjs.map +0 -1
- package/lib/authenticate-with-code-and-verifier-options.interface-DHpnQj2w.cjs +0 -0
- package/lib/authenticate-with-code-and-verifier-options.interface-DW8HBYmR.d.cts +0 -17
- package/lib/authenticate-with-code-and-verifier-options.serializer-BEILlMya.cjs +0 -20
- package/lib/authenticate-with-code-and-verifier-options.serializer-BEILlMya.cjs.map +0 -1
- package/lib/authenticate-with-code-and-verifier-options.serializer-CqSRBDhV.d.cts +0 -8
- package/lib/authenticate-with-code-options.interface-D_91NAcH.cjs +0 -0
- package/lib/authenticate-with-code-options.interface-H0yfsHxj.d.cts +0 -20
- package/lib/authenticate-with-code-options.serializer-59xsqmhD.d.cts +0 -8
- package/lib/authenticate-with-code-options.serializer-BMz_1tBW.cjs +0 -21
- package/lib/authenticate-with-code-options.serializer-BMz_1tBW.cjs.map +0 -1
- package/lib/authenticate-with-email-verification-options.interface-C9ZJu4jT.cjs +0 -0
- package/lib/authenticate-with-email-verification-options.interface-bntD5tLo.d.cts +0 -18
- package/lib/authenticate-with-email-verification.serializer-BcGBk2xZ.cjs +0 -20
- package/lib/authenticate-with-email-verification.serializer-BcGBk2xZ.cjs.map +0 -1
- package/lib/authenticate-with-magic-auth-options.interface-DKiBkjxK.d.cts +0 -22
- package/lib/authenticate-with-magic-auth-options.interface-Dv3BRcaM.cjs +0 -0
- package/lib/authenticate-with-magic-auth-options.serializer-9MhQMc3z.d.cts +0 -8
- package/lib/authenticate-with-magic-auth-options.serializer-CYU4H_5p.cjs +0 -22
- package/lib/authenticate-with-magic-auth-options.serializer-CYU4H_5p.cjs.map +0 -1
- package/lib/authenticate-with-options-base.interface-C3xH9pmi.d.cts +0 -41
- package/lib/authenticate-with-options-base.interface-CytZiAfd.cjs +0 -0
- package/lib/authenticate-with-organization-selection-options.serializer-DY4N430u.cjs +0 -20
- package/lib/authenticate-with-organization-selection-options.serializer-DY4N430u.cjs.map +0 -1
- package/lib/authenticate-with-organization-selection.interface-BjNOboud.d.cts +0 -18
- package/lib/authenticate-with-organization-selection.interface-C6L-ADkz.cjs +0 -0
- package/lib/authenticate-with-password-options.interface-CBzERAqt.d.cts +0 -20
- package/lib/authenticate-with-password-options.interface-CSJGrQ5X.cjs +0 -0
- package/lib/authenticate-with-password-options.serializer-DPYtf-9Q.cjs +0 -21
- package/lib/authenticate-with-password-options.serializer-DPYtf-9Q.cjs.map +0 -1
- package/lib/authenticate-with-password-options.serializer-KtTlJKNW.d.cts +0 -8
- package/lib/authenticate-with-refresh-token-options.interface-Bc0KcSmQ.d.cts +0 -18
- package/lib/authenticate-with-refresh-token-options.interface-D3XfeTmP.cjs +0 -0
- package/lib/authenticate-with-refresh-token-public-client-options.interface-BUR1ShKn.d.cts +0 -16
- package/lib/authenticate-with-refresh-token-public-client-options.interface-DVfBzMNm.cjs +0 -0
- package/lib/authenticate-with-refresh-token-public-client-options.serializer-BKRVqmNa.d.cts +0 -8
- package/lib/authenticate-with-refresh-token-public-client-options.serializer-BUO_bMxj.cjs +0 -19
- package/lib/authenticate-with-refresh-token-public-client-options.serializer-BUO_bMxj.cjs.map +0 -1
- package/lib/authenticate-with-refresh-token.options.serializer-Ba3QVuMY.cjs +0 -20
- package/lib/authenticate-with-refresh-token.options.serializer-Ba3QVuMY.cjs.map +0 -1
- package/lib/authenticate-with-refresh-token.options.serializer-CXsmQ8PX.d.cts +0 -9
- package/lib/authenticate-with-session-cookie.interface--Ugw1Meh.d.cts +0 -45
- package/lib/authenticate-with-session-cookie.interface-jDv8x_VH.cjs +0 -17
- package/lib/authenticate-with-session-cookie.interface-jDv8x_VH.cjs.map +0 -1
- package/lib/authenticate-with-totp-options.interface-BTIYdseY.cjs +0 -0
- package/lib/authenticate-with-totp-options.interface-CBZmKTjf.d.cts +0 -20
- package/lib/authenticate-with-totp-options.serializer-D9zV4n4M.d.cts +0 -8
- package/lib/authenticate-with-totp-options.serializer-Dv5iQHm4.cjs +0 -21
- package/lib/authenticate-with-totp-options.serializer-Dv5iQHm4.cjs.map +0 -1
- package/lib/authentication-event.interface-Bf03cz-8.d.cts +0 -28
- package/lib/authentication-event.interface-DCzKFcA6.cjs +0 -0
- package/lib/authentication-event.serializer-CNGLraV3.d.cts +0 -7
- package/lib/authentication-event.serializer-CqD91u8L.cjs +0 -20
- package/lib/authentication-event.serializer-CqD91u8L.cjs.map +0 -1
- package/lib/authentication-radar-risk-detected-event.interface-B4L-0H-B.d.cts +0 -24
- package/lib/authentication-radar-risk-detected-event.interface-ChSqAcxc.cjs +0 -0
- package/lib/authentication-radar-risk-event-serializer-CDBrk7yn.cjs +0 -21
- package/lib/authentication-radar-risk-event-serializer-CDBrk7yn.cjs.map +0 -1
- package/lib/authentication-response.interface-B5XOTdYu.d.cts +0 -28
- package/lib/authentication-response.interface-Bm9zyZ7t.cjs +0 -0
- package/lib/authentication-response.serializer-DCSj_OPJ.cjs +0 -26
- package/lib/authentication-response.serializer-DCSj_OPJ.cjs.map +0 -1
- package/lib/authentication-response.serializer-DbD9-wIb.d.cts +0 -7
- package/lib/authorization/authorization.cjs +0 -3
- package/lib/authorization/authorization.d.cts +0 -2
- package/lib/authorization/authorization.d.ts +0 -77
- package/lib/authorization/authorization.js +0 -223
- package/lib/authorization/authorization.js.map +0 -1
- package/lib/authorization/index.cjs +0 -4
- package/lib/authorization/index.d.cts +0 -32
- package/lib/authorization/index.d.ts +0 -32
- package/lib/authorization/index.js +0 -3
- package/lib/authorization/interfaces/add-environment-role-permission-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/add-environment-role-permission-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/add-environment-role-permission-options.interface.d.ts +0 -7
- package/lib/authorization/interfaces/add-environment-role-permission-options.interface.js +0 -1
- package/lib/authorization/interfaces/add-organization-role-permission-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/add-organization-role-permission-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/add-organization-role-permission-options.interface.d.ts +0 -7
- package/lib/authorization/interfaces/add-organization-role-permission-options.interface.js +0 -1
- package/lib/authorization/interfaces/assign-role-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/assign-role-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/assign-role-options.interface.d.ts +0 -19
- package/lib/authorization/interfaces/assign-role-options.interface.js +0 -1
- package/lib/authorization/interfaces/authorization-resource-check.interface.cjs +0 -0
- package/lib/authorization/interfaces/authorization-resource-check.interface.d.cts +0 -2
- package/lib/authorization/interfaces/authorization-resource-check.interface.d.ts +0 -22
- package/lib/authorization/interfaces/authorization-resource-check.interface.js +0 -1
- package/lib/authorization/interfaces/authorization-resource-identifier.interface.cjs +0 -0
- package/lib/authorization/interfaces/authorization-resource-identifier.interface.d.cts +0 -2
- package/lib/authorization/interfaces/authorization-resource-identifier.interface.d.ts +0 -11
- package/lib/authorization/interfaces/authorization-resource-identifier.interface.js +0 -1
- package/lib/authorization/interfaces/authorization-resource.interface.cjs +0 -0
- package/lib/authorization/interfaces/authorization-resource.interface.d.cts +0 -2
- package/lib/authorization/interfaces/authorization-resource.interface.d.ts +0 -78
- package/lib/authorization/interfaces/authorization-resource.interface.js +0 -1
- package/lib/authorization/interfaces/create-environment-role-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/create-environment-role-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/create-environment-role-options.interface.d.ts +0 -16
- package/lib/authorization/interfaces/create-environment-role-options.interface.js +0 -1
- package/lib/authorization/interfaces/create-organization-role-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/create-organization-role-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/create-organization-role-options.interface.d.ts +0 -14
- package/lib/authorization/interfaces/create-organization-role-options.interface.js +0 -1
- package/lib/authorization/interfaces/create-permission-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/create-permission-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/create-permission-options.interface.d.ts +0 -16
- package/lib/authorization/interfaces/create-permission-options.interface.js +0 -1
- package/lib/authorization/interfaces/delete-authorization-resource-by-external-id-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/delete-authorization-resource-by-external-id-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/delete-authorization-resource-by-external-id-options.interface.d.ts +0 -10
- package/lib/authorization/interfaces/delete-authorization-resource-by-external-id-options.interface.js +0 -1
- package/lib/authorization/interfaces/delete-authorization-resource-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/delete-authorization-resource-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/delete-authorization-resource-options.interface.d.ts +0 -8
- package/lib/authorization/interfaces/delete-authorization-resource-options.interface.js +0 -1
- package/lib/authorization/interfaces/environment-role.interface.cjs +0 -0
- package/lib/authorization/interfaces/environment-role.interface.d.cts +0 -2
- package/lib/authorization/interfaces/environment-role.interface.d.ts +0 -36
- package/lib/authorization/interfaces/environment-role.interface.js +0 -1
- package/lib/authorization/interfaces/get-authorization-resource-by-external-id-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/get-authorization-resource-by-external-id-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/get-authorization-resource-by-external-id-options.interface.d.ts +0 -9
- package/lib/authorization/interfaces/get-authorization-resource-by-external-id-options.interface.js +0 -1
- package/lib/authorization/interfaces/index.cjs +0 -0
- package/lib/authorization/interfaces/index.d.cts +0 -31
- package/lib/authorization/interfaces/index.d.ts +0 -31
- package/lib/authorization/interfaces/index.js +0 -1
- package/lib/authorization/interfaces/list-authorization-resources-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/list-authorization-resources-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/list-authorization-resources-options.interface.d.ts +0 -22
- package/lib/authorization/interfaces/list-authorization-resources-options.interface.js +0 -1
- package/lib/authorization/interfaces/list-memberships-for-resource-by-external-id-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/list-memberships-for-resource-by-external-id-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/list-memberships-for-resource-by-external-id-options.interface.d.ts +0 -13
- package/lib/authorization/interfaces/list-memberships-for-resource-by-external-id-options.interface.js +0 -1
- package/lib/authorization/interfaces/list-memberships-for-resource-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/list-memberships-for-resource-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/list-memberships-for-resource-options.interface.d.ts +0 -11
- package/lib/authorization/interfaces/list-memberships-for-resource-options.interface.js +0 -1
- package/lib/authorization/interfaces/list-permissions-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/list-permissions-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/list-permissions-options.interface.d.ts +0 -7
- package/lib/authorization/interfaces/list-permissions-options.interface.js +0 -1
- package/lib/authorization/interfaces/list-resources-for-membership-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/list-resources-for-membership-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/list-resources-for-membership-options.interface.d.ts +0 -24
- package/lib/authorization/interfaces/list-resources-for-membership-options.interface.js +0 -1
- package/lib/authorization/interfaces/list-role-assignments-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/list-role-assignments-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/list-role-assignments-options.interface.d.ts +0 -9
- package/lib/authorization/interfaces/list-role-assignments-options.interface.js +0 -1
- package/lib/authorization/interfaces/organization-role.interface.cjs +0 -0
- package/lib/authorization/interfaces/organization-role.interface.d.cts +0 -2
- package/lib/authorization/interfaces/organization-role.interface.d.ts +0 -16
- package/lib/authorization/interfaces/organization-role.interface.js +0 -1
- package/lib/authorization/interfaces/permission.interface.cjs +0 -0
- package/lib/authorization/interfaces/permission.interface.d.cts +0 -2
- package/lib/authorization/interfaces/permission.interface.d.ts +0 -42
- package/lib/authorization/interfaces/permission.interface.js +0 -1
- package/lib/authorization/interfaces/remove-organization-role-permission-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/remove-organization-role-permission-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/remove-organization-role-permission-options.interface.d.ts +0 -7
- package/lib/authorization/interfaces/remove-organization-role-permission-options.interface.js +0 -1
- package/lib/authorization/interfaces/remove-role-assignment-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/remove-role-assignment-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/remove-role-assignment-options.interface.d.ts +0 -8
- package/lib/authorization/interfaces/remove-role-assignment-options.interface.js +0 -1
- package/lib/authorization/interfaces/remove-role-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/remove-role-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/remove-role-options.interface.d.ts +0 -19
- package/lib/authorization/interfaces/remove-role-options.interface.js +0 -1
- package/lib/authorization/interfaces/role-assignment.interface.cjs +0 -0
- package/lib/authorization/interfaces/role-assignment.interface.d.cts +0 -2
- package/lib/authorization/interfaces/role-assignment.interface.d.ts +0 -49
- package/lib/authorization/interfaces/role-assignment.interface.js +0 -1
- package/lib/authorization/interfaces/set-environment-role-permissions-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/set-environment-role-permissions-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/set-environment-role-permissions-options.interface.d.ts +0 -7
- package/lib/authorization/interfaces/set-environment-role-permissions-options.interface.js +0 -1
- package/lib/authorization/interfaces/set-organization-role-permissions-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/set-organization-role-permissions-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/set-organization-role-permissions-options.interface.d.ts +0 -7
- package/lib/authorization/interfaces/set-organization-role-permissions-options.interface.js +0 -1
- package/lib/authorization/interfaces/update-authorization-resource-by-external-id-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/update-authorization-resource-by-external-id-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/update-authorization-resource-by-external-id-options.interface.d.ts +0 -11
- package/lib/authorization/interfaces/update-authorization-resource-by-external-id-options.interface.js +0 -1
- package/lib/authorization/interfaces/update-environment-role-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/update-environment-role-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/update-environment-role-options.interface.d.ts +0 -12
- package/lib/authorization/interfaces/update-environment-role-options.interface.js +0 -1
- package/lib/authorization/interfaces/update-organization-role-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/update-organization-role-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/update-organization-role-options.interface.d.ts +0 -12
- package/lib/authorization/interfaces/update-organization-role-options.interface.js +0 -1
- package/lib/authorization/interfaces/update-permission-options.interface.cjs +0 -0
- package/lib/authorization/interfaces/update-permission-options.interface.d.cts +0 -2
- package/lib/authorization/interfaces/update-permission-options.interface.d.ts +0 -12
- package/lib/authorization/interfaces/update-permission-options.interface.js +0 -1
- package/lib/authorization/serializers/assign-role-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/assign-role-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/assign-role-options.serializer.d.ts +0 -7
- package/lib/authorization/serializers/assign-role-options.serializer.js +0 -13
- package/lib/authorization/serializers/assign-role-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/authorization-check-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/authorization-check-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/authorization-check-options.serializer.d.ts +0 -7
- package/lib/authorization/serializers/authorization-check-options.serializer.js +0 -13
- package/lib/authorization/serializers/authorization-check-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/authorization-resource.serializer.cjs +0 -3
- package/lib/authorization/serializers/authorization-resource.serializer.d.cts +0 -2
- package/lib/authorization/serializers/authorization-resource.serializer.d.ts +0 -7
- package/lib/authorization/serializers/authorization-resource.serializer.js +0 -17
- package/lib/authorization/serializers/authorization-resource.serializer.js.map +0 -1
- package/lib/authorization/serializers/create-authorization-resource-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/create-authorization-resource-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/create-authorization-resource-options.serializer.d.ts +0 -7
- package/lib/authorization/serializers/create-authorization-resource-options.serializer.js +0 -17
- package/lib/authorization/serializers/create-authorization-resource-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/create-environment-role-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/create-environment-role-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/create-environment-role-options.serializer.d.ts +0 -7
- package/lib/authorization/serializers/create-environment-role-options.serializer.js +0 -11
- package/lib/authorization/serializers/create-environment-role-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/create-organization-role-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/create-organization-role-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/create-organization-role-options.serializer.d.ts +0 -7
- package/lib/authorization/serializers/create-organization-role-options.serializer.js +0 -10
- package/lib/authorization/serializers/create-organization-role-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/create-permission-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/create-permission-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/create-permission-options.serializer.d.ts +0 -7
- package/lib/authorization/serializers/create-permission-options.serializer.js +0 -11
- package/lib/authorization/serializers/create-permission-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/environment-role.serializer.cjs +0 -3
- package/lib/authorization/serializers/environment-role.serializer.d.cts +0 -2
- package/lib/authorization/serializers/environment-role.serializer.d.ts +0 -7
- package/lib/authorization/serializers/environment-role.serializer.js +0 -17
- package/lib/authorization/serializers/environment-role.serializer.js.map +0 -1
- package/lib/authorization/serializers/index.cjs +0 -43
- package/lib/authorization/serializers/index.d.cts +0 -21
- package/lib/authorization/serializers/index.d.ts +0 -21
- package/lib/authorization/serializers/index.js +0 -22
- package/lib/authorization/serializers/list-authorization-resources-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/list-authorization-resources-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/list-authorization-resources-options.serializer.d.ts +0 -7
- package/lib/authorization/serializers/list-authorization-resources-options.serializer.js +0 -16
- package/lib/authorization/serializers/list-authorization-resources-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/list-memberships-for-resource-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/list-memberships-for-resource-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/list-memberships-for-resource-options.serializer.d.ts +0 -9
- package/lib/authorization/serializers/list-memberships-for-resource-options.serializer.js +0 -12
- package/lib/authorization/serializers/list-memberships-for-resource-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/list-resources-for-membership-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/list-resources-for-membership-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/list-resources-for-membership-options.serializer.d.ts +0 -7
- package/lib/authorization/serializers/list-resources-for-membership-options.serializer.js +0 -16
- package/lib/authorization/serializers/list-resources-for-membership-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/organization-role.serializer.cjs +0 -5
- package/lib/authorization/serializers/organization-role.serializer.d.cts +0 -2
- package/lib/authorization/serializers/organization-role.serializer.d.ts +0 -10
- package/lib/authorization/serializers/organization-role.serializer.js +0 -40
- package/lib/authorization/serializers/organization-role.serializer.js.map +0 -1
- package/lib/authorization/serializers/permission.serializer.cjs +0 -3
- package/lib/authorization/serializers/permission.serializer.d.cts +0 -2
- package/lib/authorization/serializers/permission.serializer.d.ts +0 -7
- package/lib/authorization/serializers/permission.serializer.js +0 -16
- package/lib/authorization/serializers/permission.serializer.js.map +0 -1
- package/lib/authorization/serializers/remove-role-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/remove-role-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/remove-role-options.serializer.d.ts +0 -7
- package/lib/authorization/serializers/remove-role-options.serializer.js +0 -13
- package/lib/authorization/serializers/remove-role-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/role-assignment.serializer.cjs +0 -3
- package/lib/authorization/serializers/role-assignment.serializer.d.cts +0 -2
- package/lib/authorization/serializers/role-assignment.serializer.d.ts +0 -7
- package/lib/authorization/serializers/role-assignment.serializer.js +0 -17
- package/lib/authorization/serializers/role-assignment.serializer.js.map +0 -1
- package/lib/authorization/serializers/update-authorization-resource-by-external-id-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/update-authorization-resource-by-external-id-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/update-authorization-resource-by-external-id-options.serializer.d.ts +0 -8
- package/lib/authorization/serializers/update-authorization-resource-by-external-id-options.serializer.js +0 -9
- package/lib/authorization/serializers/update-authorization-resource-by-external-id-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/update-authorization-resource-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/update-authorization-resource-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/update-authorization-resource-options.serializer.d.ts +0 -7
- package/lib/authorization/serializers/update-authorization-resource-options.serializer.js +0 -9
- package/lib/authorization/serializers/update-authorization-resource-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/update-environment-role-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/update-environment-role-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/update-environment-role-options.serializer.d.ts +0 -7
- package/lib/authorization/serializers/update-environment-role-options.serializer.js +0 -9
- package/lib/authorization/serializers/update-environment-role-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/update-organization-role-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/update-organization-role-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/update-organization-role-options.serializer.d.ts +0 -7
- package/lib/authorization/serializers/update-organization-role-options.serializer.js +0 -9
- package/lib/authorization/serializers/update-organization-role-options.serializer.js.map +0 -1
- package/lib/authorization/serializers/update-permission-options.serializer.cjs +0 -3
- package/lib/authorization/serializers/update-permission-options.serializer.d.cts +0 -2
- package/lib/authorization/serializers/update-permission-options.serializer.d.ts +0 -7
- package/lib/authorization/serializers/update-permission-options.serializer.js +0 -9
- package/lib/authorization/serializers/update-permission-options.serializer.js.map +0 -1
- package/lib/authorization-CFjcVm0f.cjs +0 -228
- package/lib/authorization-CFjcVm0f.cjs.map +0 -1
- package/lib/authorization-check-options.serializer-BD_SSghP.cjs +0 -19
- package/lib/authorization-check-options.serializer-BD_SSghP.cjs.map +0 -1
- package/lib/authorization-check-options.serializer-Bf0LA_aB.d.cts +0 -7
- package/lib/authorization-resource-check.interface-BPaHa5zy.cjs +0 -0
- package/lib/authorization-resource-check.interface-BTZ0DC-5.d.cts +0 -22
- package/lib/authorization-resource-identifier.interface-BxMAEe4m.d.cts +0 -11
- package/lib/authorization-resource.interface-DIAEcvVn.d.cts +0 -78
- package/lib/authorization-resource.interface-DoncaLia.cjs +0 -0
- package/lib/authorization-resource.serializer-B5pMimLt.cjs +0 -23
- package/lib/authorization-resource.serializer-B5pMimLt.cjs.map +0 -1
- package/lib/authorization-resource.serializer-DuD1RYA6.d.cts +0 -7
- package/lib/authorization-url-options.interface-DbdK4xoe.d.cts +0 -45
- package/lib/authorization-url-options.interface-DmZLjxDG.cjs +0 -0
- package/lib/authorization-url-options.interface-gjezKDx0.cjs +0 -0
- package/lib/authorization-url-options.interface-jpmqnJeg.d.cts +0 -55
- package/lib/bad-request.exception-BmjHrQEZ.cjs +0 -26
- package/lib/bad-request.exception-BmjHrQEZ.cjs.map +0 -1
- package/lib/bad-request.exception-CvMc1eG9.d.cts +0 -25
- package/lib/base64-DtRxstGt.cjs +0 -44
- package/lib/base64-DtRxstGt.cjs.map +0 -1
- package/lib/batch-write-resources-options.serializer-D9yfiBPL.d.cts +0 -7
- package/lib/batch-write-resources-options.serializer-JVsYFsRR.cjs +0 -23
- package/lib/batch-write-resources-options.serializer-JVsYFsRR.cjs.map +0 -1
- package/lib/challenge-factor-options-CpnZRyry.d.cts +0 -10
- package/lib/challenge.interface-Dm34-dD_.d.cts +0 -22
- package/lib/challenge.serializer-B3MYXnw3.cjs +0 -20
- package/lib/challenge.serializer-B3MYXnw3.cjs.map +0 -1
- package/lib/challenge.serializer-SFcuZrJh.d.cts +0 -7
- package/lib/check-op.enum-BTWiIyiU.d.cts +0 -8
- package/lib/check-op.enum-C-8dV-An.cjs +0 -16
- package/lib/check-op.enum-C-8dV-An.cjs.map +0 -1
- package/lib/check-options.serializer-DUP1MOAn.cjs +0 -69
- package/lib/check-options.serializer-DUP1MOAn.cjs.map +0 -1
- package/lib/check-options.serializer-hi-dJNM4.d.cts +0 -9
- package/lib/check.interface-DPdIqzqP.d.cts +0 -88
- package/lib/check.interface-DatRG9HP.cjs +0 -33
- package/lib/check.interface-DatRG9HP.cjs.map +0 -1
- package/lib/common/crypto/crypto-provider.cjs +0 -3
- package/lib/common/crypto/crypto-provider.d.cts +0 -2
- package/lib/common/crypto/crypto-provider.d.ts +0 -75
- package/lib/common/crypto/crypto-provider.js +0 -12
- package/lib/common/crypto/crypto-provider.js.map +0 -1
- package/lib/common/crypto/seal.cjs +0 -4
- package/lib/common/crypto/seal.d.cts +0 -16
- package/lib/common/crypto/seal.d.ts +0 -16
- package/lib/common/crypto/seal.js +0 -43
- package/lib/common/crypto/seal.js.map +0 -1
- package/lib/common/crypto/signature-provider.cjs +0 -3
- package/lib/common/crypto/signature-provider.d.cts +0 -23
- package/lib/common/crypto/signature-provider.d.ts +0 -23
- package/lib/common/crypto/signature-provider.js +0 -33
- package/lib/common/crypto/signature-provider.js.map +0 -1
- package/lib/common/crypto/subtle-crypto-provider.cjs +0 -3
- package/lib/common/crypto/subtle-crypto-provider.d.cts +0 -29
- package/lib/common/crypto/subtle-crypto-provider.d.ts +0 -29
- package/lib/common/crypto/subtle-crypto-provider.js +0 -94
- package/lib/common/crypto/subtle-crypto-provider.js.map +0 -1
- package/lib/common/exceptions/api-key-required.exception.cjs +0 -3
- package/lib/common/exceptions/api-key-required.exception.d.cts +0 -2
- package/lib/common/exceptions/api-key-required.exception.d.ts +0 -10
- package/lib/common/exceptions/api-key-required.exception.js +0 -14
- package/lib/common/exceptions/api-key-required.exception.js.map +0 -1
- package/lib/common/exceptions/bad-request.exception.cjs +0 -3
- package/lib/common/exceptions/bad-request.exception.d.cts +0 -2
- package/lib/common/exceptions/bad-request.exception.d.ts +0 -25
- package/lib/common/exceptions/bad-request.exception.js +0 -20
- package/lib/common/exceptions/bad-request.exception.js.map +0 -1
- package/lib/common/exceptions/conflict.exception.cjs +0 -3
- package/lib/common/exceptions/conflict.exception.d.cts +0 -20
- package/lib/common/exceptions/conflict.exception.d.ts +0 -20
- package/lib/common/exceptions/conflict.exception.js +0 -17
- package/lib/common/exceptions/conflict.exception.js.map +0 -1
- package/lib/common/exceptions/generic-server.exception.cjs +0 -3
- package/lib/common/exceptions/generic-server.exception.d.cts +0 -2
- package/lib/common/exceptions/generic-server.exception.d.ts +0 -14
- package/lib/common/exceptions/generic-server.exception.js +0 -16
- package/lib/common/exceptions/generic-server.exception.js.map +0 -1
- package/lib/common/exceptions/index.cjs +0 -21
- package/lib/common/exceptions/index.d.cts +0 -11
- package/lib/common/exceptions/index.d.ts +0 -11
- package/lib/common/exceptions/index.js +0 -12
- package/lib/common/exceptions/no-api-key-provided.exception.cjs +0 -3
- package/lib/common/exceptions/no-api-key-provided.exception.d.cts +0 -2
- package/lib/common/exceptions/no-api-key-provided.exception.d.ts +0 -9
- package/lib/common/exceptions/no-api-key-provided.exception.js +0 -10
- package/lib/common/exceptions/no-api-key-provided.exception.js.map +0 -1
- package/lib/common/exceptions/not-found.exception.cjs +0 -3
- package/lib/common/exceptions/not-found.exception.d.cts +0 -2
- package/lib/common/exceptions/not-found.exception.d.ts +0 -24
- package/lib/common/exceptions/not-found.exception.js +0 -18
- package/lib/common/exceptions/not-found.exception.js.map +0 -1
- package/lib/common/exceptions/oauth.exception.cjs +0 -3
- package/lib/common/exceptions/oauth.exception.d.cts +0 -2
- package/lib/common/exceptions/oauth.exception.d.ts +0 -15
- package/lib/common/exceptions/oauth.exception.js +0 -19
- package/lib/common/exceptions/oauth.exception.js.map +0 -1
- package/lib/common/exceptions/parse-error.cjs +0 -3
- package/lib/common/exceptions/parse-error.d.cts +0 -24
- package/lib/common/exceptions/parse-error.d.ts +0 -24
- package/lib/common/exceptions/parse-error.js +0 -18
- package/lib/common/exceptions/parse-error.js.map +0 -1
- package/lib/common/exceptions/rate-limit-exceeded.exception.cjs +0 -3
- package/lib/common/exceptions/rate-limit-exceeded.exception.d.cts +0 -2
- package/lib/common/exceptions/rate-limit-exceeded.exception.d.ts +0 -18
- package/lib/common/exceptions/rate-limit-exceeded.exception.js +0 -14
- package/lib/common/exceptions/rate-limit-exceeded.exception.js.map +0 -1
- package/lib/common/exceptions/signature-verification.exception.cjs +0 -3
- package/lib/common/exceptions/signature-verification.exception.d.cts +0 -2
- package/lib/common/exceptions/signature-verification.exception.d.ts +0 -8
- package/lib/common/exceptions/signature-verification.exception.js +0 -11
- package/lib/common/exceptions/signature-verification.exception.js.map +0 -1
- package/lib/common/exceptions/unauthorized.exception.cjs +0 -3
- package/lib/common/exceptions/unauthorized.exception.d.cts +0 -2
- package/lib/common/exceptions/unauthorized.exception.d.ts +0 -13
- package/lib/common/exceptions/unauthorized.exception.js +0 -15
- package/lib/common/exceptions/unauthorized.exception.js.map +0 -1
- package/lib/common/exceptions/unprocessable-entity.exception.cjs +0 -3
- package/lib/common/exceptions/unprocessable-entity.exception.d.cts +0 -2
- package/lib/common/exceptions/unprocessable-entity.exception.d.ts +0 -25
- package/lib/common/exceptions/unprocessable-entity.exception.js +0 -22
- package/lib/common/exceptions/unprocessable-entity.exception.js.map +0 -1
- package/lib/common/interfaces/app-info.interface.cjs +0 -0
- package/lib/common/interfaces/app-info.interface.d.cts +0 -2
- package/lib/common/interfaces/app-info.interface.d.ts +0 -8
- package/lib/common/interfaces/app-info.interface.js +0 -1
- package/lib/common/interfaces/event.interface.cjs +0 -0
- package/lib/common/interfaces/event.interface.d.cts +0 -2
- package/lib/common/interfaces/event.interface.d.ts +0 -573
- package/lib/common/interfaces/event.interface.js +0 -1
- package/lib/common/interfaces/get-options.interface.cjs +0 -0
- package/lib/common/interfaces/get-options.interface.d.cts +0 -2
- package/lib/common/interfaces/get-options.interface.d.ts +0 -11
- package/lib/common/interfaces/get-options.interface.js +0 -1
- package/lib/common/interfaces/http-client.interface.cjs +0 -0
- package/lib/common/interfaces/http-client.interface.d.cts +0 -2
- package/lib/common/interfaces/http-client.interface.d.ts +0 -24
- package/lib/common/interfaces/http-client.interface.js +0 -1
- package/lib/common/interfaces/index.cjs +0 -0
- package/lib/common/interfaces/index.d.cts +0 -12
- package/lib/common/interfaces/index.d.ts +0 -12
- package/lib/common/interfaces/index.js +0 -1
- package/lib/common/interfaces/list.interface.cjs +0 -0
- package/lib/common/interfaces/list.interface.d.cts +0 -2
- package/lib/common/interfaces/list.interface.d.ts +0 -20
- package/lib/common/interfaces/list.interface.js +0 -1
- package/lib/common/interfaces/pagination-options.interface.cjs +0 -0
- package/lib/common/interfaces/pagination-options.interface.d.cts +0 -2
- package/lib/common/interfaces/pagination-options.interface.d.ts +0 -10
- package/lib/common/interfaces/pagination-options.interface.js +0 -1
- package/lib/common/interfaces/patch-options.interface.cjs +0 -0
- package/lib/common/interfaces/patch-options.interface.d.cts +0 -2
- package/lib/common/interfaces/patch-options.interface.d.ts +0 -12
- package/lib/common/interfaces/patch-options.interface.js +0 -1
- package/lib/common/interfaces/post-options.interface.cjs +0 -0
- package/lib/common/interfaces/post-options.interface.d.cts +0 -2
- package/lib/common/interfaces/post-options.interface.d.ts +0 -13
- package/lib/common/interfaces/post-options.interface.js +0 -1
- package/lib/common/interfaces/put-options.interface.cjs +0 -0
- package/lib/common/interfaces/put-options.interface.d.cts +0 -2
- package/lib/common/interfaces/put-options.interface.d.ts +0 -12
- package/lib/common/interfaces/put-options.interface.js +0 -1
- package/lib/common/interfaces/request-exception.interface.cjs +0 -0
- package/lib/common/interfaces/request-exception.interface.d.cts +0 -2
- package/lib/common/interfaces/request-exception.interface.d.ts +0 -9
- package/lib/common/interfaces/request-exception.interface.js +0 -1
- package/lib/common/interfaces/unknown-record.interface.cjs +0 -0
- package/lib/common/interfaces/unknown-record.interface.d.cts +0 -2
- package/lib/common/interfaces/unknown-record.interface.d.ts +0 -5
- package/lib/common/interfaces/unknown-record.interface.js +0 -1
- package/lib/common/interfaces/unprocessable-entity-error.interface.cjs +0 -0
- package/lib/common/interfaces/unprocessable-entity-error.interface.d.cts +0 -2
- package/lib/common/interfaces/unprocessable-entity-error.interface.d.ts +0 -8
- package/lib/common/interfaces/unprocessable-entity-error.interface.js +0 -1
- package/lib/common/interfaces/workos-options.interface.cjs +0 -0
- package/lib/common/interfaces/workos-options.interface.d.cts +0 -2
- package/lib/common/interfaces/workos-options.interface.d.ts +0 -17
- package/lib/common/interfaces/workos-options.interface.js +0 -1
- package/lib/common/interfaces/workos-response-error.interface.cjs +0 -0
- package/lib/common/interfaces/workos-response-error.interface.d.cts +0 -2
- package/lib/common/interfaces/workos-response-error.interface.d.ts +0 -13
- package/lib/common/interfaces/workos-response-error.interface.js +0 -1
- package/lib/common/net/fetch-client.cjs +0 -4
- package/lib/common/net/fetch-client.d.cts +0 -34
- package/lib/common/net/fetch-client.d.ts +0 -34
- package/lib/common/net/fetch-client.js +0 -189
- package/lib/common/net/fetch-client.js.map +0 -1
- package/lib/common/net/http-client.cjs +0 -5
- package/lib/common/net/http-client.d.cts +0 -2
- package/lib/common/net/http-client.d.ts +0 -56
- package/lib/common/net/http-client.js +0 -78
- package/lib/common/net/http-client.js.map +0 -1
- package/lib/common/serializers/event.serializer.cjs +0 -3
- package/lib/common/serializers/event.serializer.d.cts +0 -2
- package/lib/common/serializers/event.serializer.d.ts +0 -7
- package/lib/common/serializers/event.serializer.js +0 -200
- package/lib/common/serializers/event.serializer.js.map +0 -1
- package/lib/common/serializers/index.cjs +0 -7
- package/lib/common/serializers/index.d.cts +0 -4
- package/lib/common/serializers/index.d.ts +0 -4
- package/lib/common/serializers/index.js +0 -5
- package/lib/common/serializers/list.serializer.cjs +0 -3
- package/lib/common/serializers/list.serializer.d.cts +0 -2
- package/lib/common/serializers/list.serializer.d.ts +0 -7
- package/lib/common/serializers/list.serializer.js +0 -10
- package/lib/common/serializers/list.serializer.js.map +0 -1
- package/lib/common/serializers/pagination-options.serializer.cjs +0 -3
- package/lib/common/serializers/pagination-options.serializer.d.cts +0 -2
- package/lib/common/serializers/pagination-options.serializer.d.ts +0 -7
- package/lib/common/serializers/pagination-options.serializer.js +0 -11
- package/lib/common/serializers/pagination-options.serializer.js.map +0 -1
- package/lib/common/utils/base64.cjs +0 -4
- package/lib/common/utils/base64.d.cts +0 -16
- package/lib/common/utils/base64.d.ts +0 -16
- package/lib/common/utils/base64.js +0 -32
- package/lib/common/utils/base64.js.map +0 -1
- package/lib/common/utils/env.cjs +0 -4
- package/lib/common/utils/env.d.cts +0 -22
- package/lib/common/utils/env.d.ts +0 -22
- package/lib/common/utils/env.js +0 -50
- package/lib/common/utils/env.js.map +0 -1
- package/lib/common/utils/fetch-and-deserialize.cjs +0 -3
- package/lib/common/utils/fetch-and-deserialize.d.cts +0 -10
- package/lib/common/utils/fetch-and-deserialize.d.ts +0 -10
- package/lib/common/utils/fetch-and-deserialize.js +0 -20
- package/lib/common/utils/fetch-and-deserialize.js.map +0 -1
- package/lib/common/utils/fetch-error.cjs +0 -16
- package/lib/common/utils/fetch-error.cjs.map +0 -1
- package/lib/common/utils/fetch-error.d.cts +0 -20
- package/lib/common/utils/fetch-error.d.ts +0 -20
- package/lib/common/utils/fetch-error.js +0 -15
- package/lib/common/utils/fetch-error.js.map +0 -1
- package/lib/common/utils/leb128.cjs +0 -4
- package/lib/common/utils/leb128.d.cts +0 -26
- package/lib/common/utils/leb128.d.ts +0 -26
- package/lib/common/utils/leb128.js +0 -70
- package/lib/common/utils/leb128.js.map +0 -1
- package/lib/common/utils/pagination.cjs +0 -3
- package/lib/common/utils/pagination.d.cts +0 -2
- package/lib/common/utils/pagination.d.ts +0 -25
- package/lib/common/utils/pagination.js +0 -42
- package/lib/common/utils/pagination.js.map +0 -1
- package/lib/common/utils/query-string.cjs +0 -3
- package/lib/common/utils/query-string.d.cts +0 -13
- package/lib/common/utils/query-string.d.ts +0 -13
- package/lib/common/utils/query-string.js +0 -34
- package/lib/common/utils/query-string.js.map +0 -1
- package/lib/common/utils/runtime-info.cjs +0 -3
- package/lib/common/utils/runtime-info.d.cts +0 -24
- package/lib/common/utils/runtime-info.d.ts +0 -24
- package/lib/common/utils/runtime-info.js +0 -51
- package/lib/common/utils/runtime-info.js.map +0 -1
- package/lib/common/utils/unreachable.cjs +0 -3
- package/lib/common/utils/unreachable.d.cts +0 -14
- package/lib/common/utils/unreachable.d.ts +0 -14
- package/lib/common/utils/unreachable.js +0 -17
- package/lib/common/utils/unreachable.js.map +0 -1
- package/lib/common/utils/workos-mock-response.cjs +0 -13
- package/lib/common/utils/workos-mock-response.cjs.map +0 -1
- package/lib/common/utils/workos-mock-response.d.cts +0 -11
- package/lib/common/utils/workos-mock-response.d.ts +0 -11
- package/lib/common/utils/workos-mock-response.js +0 -12
- package/lib/common/utils/workos-mock-response.js.map +0 -1
- package/lib/conflict.exception-DNThkhe4.cjs +0 -23
- package/lib/conflict.exception-DNThkhe4.cjs.map +0 -1
- package/lib/connection-type.enum-5NICh5Uu.d.cts +0 -41
- package/lib/connection-type.enum-blH7z4Tf.cjs +0 -49
- package/lib/connection-type.enum-blH7z4Tf.cjs.map +0 -1
- package/lib/connection.interface-CYEbF9mD.d.cts +0 -33
- package/lib/connection.interface-CoV0tCTn.cjs +0 -0
- package/lib/connection.serializer-CGJCBj9L.d.cts +0 -7
- package/lib/connection.serializer-sFgaPd28.cjs +0 -22
- package/lib/connection.serializer-sFgaPd28.cjs.map +0 -1
- package/lib/create-audit-log-event-options.interface-AUzJbhUa.d.cts +0 -43
- package/lib/create-audit-log-event-options.interface-D99OX2xL.cjs +0 -0
- package/lib/create-audit-log-event-options.serializer-CPNm7TaF.cjs +0 -23
- package/lib/create-audit-log-event-options.serializer-CPNm7TaF.cjs.map +0 -1
- package/lib/create-audit-log-event-options.serializer-DGww7GcD.d.cts +0 -7
- package/lib/create-audit-log-schema-options.interface-CtvgGRaa.cjs +0 -0
- package/lib/create-audit-log-schema-options.interface-Df-CtTwA.d.cts +0 -67
- package/lib/create-audit-log-schema-options.serializer-BmI7ebQD.cjs +0 -38
- package/lib/create-audit-log-schema-options.serializer-BmI7ebQD.cjs.map +0 -1
- package/lib/create-audit-log-schema-options.serializer-CaSOIAav.d.cts +0 -7
- package/lib/create-audit-log-schema.serializer-BdNu3wTv.d.cts +0 -7
- package/lib/create-audit-log-schema.serializer-_Ku0Ixdh.cjs +0 -32
- package/lib/create-audit-log-schema.serializer-_Ku0Ixdh.cjs.map +0 -1
- package/lib/create-authorization-resource-options.serializer-BIbK4rxC.cjs +0 -23
- package/lib/create-authorization-resource-options.serializer-BIbK4rxC.cjs.map +0 -1
- package/lib/create-authorization-resource-options.serializer-CQtLzCwY.d.cts +0 -7
- package/lib/create-data-key.interface-CfdPFOII.d.cts +0 -15
- package/lib/create-data-key.interface-DUVzxo7g.cjs +0 -0
- package/lib/create-environment-role-options.interface-CLZHV12e.cjs +0 -0
- package/lib/create-environment-role-options.interface-D11JXavu.d.cts +0 -16
- package/lib/create-environment-role-options.serializer-D20r9n5i.cjs +0 -17
- package/lib/create-environment-role-options.serializer-D20r9n5i.cjs.map +0 -1
- package/lib/create-environment-role-options.serializer-D9jwEbsi.d.cts +0 -7
- package/lib/create-magic-auth-options.interface-B5PJndA3.cjs +0 -0
- package/lib/create-magic-auth-options.interface-Ducd6OEm.d.cts +0 -12
- package/lib/create-magic-auth-options.serializer-AED3cEHj.d.cts +0 -7
- package/lib/create-magic-auth-options.serializer-DN24SZEy.cjs +0 -15
- package/lib/create-magic-auth-options.serializer-DN24SZEy.cjs.map +0 -1
- package/lib/create-object.interface-BEWdAoAU.d.cts +0 -16
- package/lib/create-object.interface-VxKjDrqH.cjs +0 -0
- package/lib/create-organization-api-key-options.interface-BaxESpuJ.cjs +0 -0
- package/lib/create-organization-api-key-options.serializer-CEub4G8x.cjs +0 -17
- package/lib/create-organization-api-key-options.serializer-CEub4G8x.cjs.map +0 -1
- package/lib/create-organization-api-key-options.serializer-DHP7Y1L-.d.cts +0 -7
- package/lib/create-organization-domain-options.interface-BA0FNfqD.d.cts +0 -12
- package/lib/create-organization-domain-options.interface-SaQ1dv2w.cjs +0 -0
- package/lib/create-organization-domain-options.serializer-CmbATv0L.cjs +0 -15
- package/lib/create-organization-domain-options.serializer-CmbATv0L.cjs.map +0 -1
- package/lib/create-organization-membership-options.interface-BTNw3jC9.cjs +0 -0
- package/lib/create-organization-membership-options.interface-Ce6O3qzL.d.cts +0 -16
- package/lib/create-organization-membership-options.serializer-BdcjvCRS.cjs +0 -17
- package/lib/create-organization-membership-options.serializer-BdcjvCRS.cjs.map +0 -1
- package/lib/create-organization-options.interface-DtcOzvcJ.cjs +0 -0
- package/lib/create-organization-options.serializer-Bg38u3Y_.cjs +0 -17
- package/lib/create-organization-options.serializer-Bg38u3Y_.cjs.map +0 -1
- package/lib/create-organization-options.serializer-CvtIYKO8.d.cts +0 -7
- package/lib/create-organization-role-options.interface-Cl-_2QsZ.d.cts +0 -14
- package/lib/create-organization-role-options.interface-Dy65PU52.cjs +0 -0
- package/lib/create-organization-role-options.serializer-BSk0I9Yx.cjs +0 -16
- package/lib/create-organization-role-options.serializer-BSk0I9Yx.cjs.map +0 -1
- package/lib/create-organization-role-options.serializer-Dn8Za-db.d.cts +0 -7
- package/lib/create-password-reset-options.interface-CAxwaM5z.cjs +0 -0
- package/lib/create-password-reset-options.interface-_azhiyDG.d.cts +0 -10
- package/lib/create-password-reset-options.serializer-C9rwv-Gj.cjs +0 -12
- package/lib/create-password-reset-options.serializer-C9rwv-Gj.cjs.map +0 -1
- package/lib/create-password-reset-options.serializer-uVAM5C0R.d.cts +0 -7
- package/lib/create-passwordless-session-options.interface-Br1VMTUt.d.cts +0 -20
- package/lib/create-passwordless-session-options.interface-CmYSl_hB.cjs +0 -0
- package/lib/create-permission-options.interface-862O5uvJ.cjs +0 -0
- package/lib/create-permission-options.interface-y-mOu7Hr.d.cts +0 -16
- package/lib/create-permission-options.serializer-BEHbKULX.d.cts +0 -7
- package/lib/create-permission-options.serializer-CsTRgSuq.cjs +0 -17
- package/lib/create-permission-options.serializer-CsTRgSuq.cjs.map +0 -1
- package/lib/create-resource-options.serializer-BykgeGKC.cjs +0 -17
- package/lib/create-resource-options.serializer-BykgeGKC.cjs.map +0 -1
- package/lib/create-resource-options.serializer-CFYaAMS-.d.cts +0 -7
- package/lib/create-user-options.interface-BKkeTnvf.cjs +0 -0
- package/lib/create-user-options.interface-C5A9ZFXJ.d.cts +0 -28
- package/lib/create-user-options.serializer-CphvVoaV.cjs +0 -22
- package/lib/create-user-options.serializer-CphvVoaV.cjs.map +0 -1
- package/lib/create-user-options.serializer-emvIoxXk.d.cts +0 -7
- package/lib/created-api-key.interface-C1aPiShv.cjs +0 -0
- package/lib/created-api-key.interface-Dskf-Dpu.d.cts +0 -34
- package/lib/created-api-key.serializer-4hpzVn79.d.cts +0 -7
- package/lib/created-api-key.serializer-BPumuXR6.cjs +0 -25
- package/lib/created-api-key.serializer-BPumuXR6.cjs.map +0 -1
- package/lib/crypto-provider-Bhd3lKp3.cjs +0 -18
- package/lib/crypto-provider-Bhd3lKp3.cjs.map +0 -1
- package/lib/crypto-provider-EnxiazDt.d.cts +0 -75
- package/lib/decrypt-data-key.interface-COPJw2aD.d.cts +0 -11
- package/lib/decrypt-data-key.interface-D69Vb3ft.cjs +0 -0
- package/lib/delete-authorization-resource-by-external-id-options.interface-BiQ32Cns.cjs +0 -0
- package/lib/delete-authorization-resource-by-external-id-options.interface-BvZqYnwY.d.cts +0 -10
- package/lib/delete-authorization-resource-options.interface-BADx9Ibk.d.cts +0 -8
- package/lib/delete-authorization-resource-options.interface-BP6KZ1gG.cjs +0 -0
- package/lib/delete-object.interface-C9gnNWU-.d.cts +0 -7
- package/lib/delete-object.interface-DZ-xHmQu.cjs +0 -0
- package/lib/delete-resource-options.serializer-BNUcqHfb.d.cts +0 -7
- package/lib/delete-resource-options.serializer-DhOS6WiW.cjs +0 -16
- package/lib/delete-resource-options.serializer-DhOS6WiW.cjs.map +0 -1
- package/lib/directory-group.interface-Ds7hJJCb.d.cts +0 -24
- package/lib/directory-group.interface-Gjrl6Za6.cjs +0 -0
- package/lib/directory-group.serializer-BVxAKXJj.d.cts +0 -8
- package/lib/directory-group.serializer-DbTTdVPB.cjs +0 -38
- package/lib/directory-group.serializer-DbTTdVPB.cjs.map +0 -1
- package/lib/directory-sync/directory-sync.cjs +0 -3
- package/lib/directory-sync/directory-sync.d.cts +0 -2
- package/lib/directory-sync/directory-sync.d.ts +0 -24
- package/lib/directory-sync/directory-sync.js +0 -41
- package/lib/directory-sync/directory-sync.js.map +0 -1
- package/lib/directory-sync/interfaces/directory-group.interface.cjs +0 -0
- package/lib/directory-sync/interfaces/directory-group.interface.d.cts +0 -2
- package/lib/directory-sync/interfaces/directory-group.interface.d.ts +0 -24
- package/lib/directory-sync/interfaces/directory-group.interface.js +0 -1
- package/lib/directory-sync/interfaces/directory-user.interface.cjs +0 -0
- package/lib/directory-sync/interfaces/directory-user.interface.d.cts +0 -2
- package/lib/directory-sync/interfaces/directory-user.interface.d.ts +0 -48
- package/lib/directory-sync/interfaces/directory-user.interface.js +0 -1
- package/lib/directory-sync/interfaces/directory.interface.cjs +0 -0
- package/lib/directory-sync/interfaces/directory.interface.d.cts +0 -2
- package/lib/directory-sync/interfaces/directory.interface.d.ts +0 -60
- package/lib/directory-sync/interfaces/directory.interface.js +0 -1
- package/lib/directory-sync/interfaces/index.cjs +0 -0
- package/lib/directory-sync/interfaces/index.d.cts +0 -7
- package/lib/directory-sync/interfaces/index.d.ts +0 -7
- package/lib/directory-sync/interfaces/index.js +0 -1
- package/lib/directory-sync/interfaces/list-directories-options.interface.cjs +0 -0
- package/lib/directory-sync/interfaces/list-directories-options.interface.d.cts +0 -2
- package/lib/directory-sync/interfaces/list-directories-options.interface.d.ts +0 -14
- package/lib/directory-sync/interfaces/list-directories-options.interface.js +0 -1
- package/lib/directory-sync/interfaces/list-directory-users-options.interface.cjs +0 -0
- package/lib/directory-sync/interfaces/list-directory-users-options.interface.d.cts +0 -2
- package/lib/directory-sync/interfaces/list-directory-users-options.interface.d.ts +0 -10
- package/lib/directory-sync/interfaces/list-directory-users-options.interface.js +0 -1
- package/lib/directory-sync/interfaces/list-groups-options.interface.cjs +0 -0
- package/lib/directory-sync/interfaces/list-groups-options.interface.d.cts +0 -2
- package/lib/directory-sync/interfaces/list-groups-options.interface.d.ts +0 -10
- package/lib/directory-sync/interfaces/list-groups-options.interface.js +0 -1
- package/lib/directory-sync/serializers/directory-group.serializer.cjs +0 -4
- package/lib/directory-sync/serializers/directory-group.serializer.d.cts +0 -2
- package/lib/directory-sync/serializers/directory-group.serializer.d.ts +0 -8
- package/lib/directory-sync/serializers/directory-group.serializer.js +0 -26
- package/lib/directory-sync/serializers/directory-group.serializer.js.map +0 -1
- package/lib/directory-sync/serializers/directory-user.serializer.cjs +0 -5
- package/lib/directory-sync/serializers/directory-user.serializer.d.cts +0 -2
- package/lib/directory-sync/serializers/directory-user.serializer.d.ts +0 -9
- package/lib/directory-sync/serializers/directory-user.serializer.js +0 -46
- package/lib/directory-sync/serializers/directory-user.serializer.js.map +0 -1
- package/lib/directory-sync/serializers/directory.serializer.cjs +0 -6
- package/lib/directory-sync/serializers/directory.serializer.d.cts +0 -2
- package/lib/directory-sync/serializers/directory.serializer.d.ts +0 -10
- package/lib/directory-sync/serializers/directory.serializer.js +0 -44
- package/lib/directory-sync/serializers/directory.serializer.js.map +0 -1
- package/lib/directory-sync/serializers/index.cjs +0 -15
- package/lib/directory-sync/serializers/index.d.cts +0 -5
- package/lib/directory-sync/serializers/index.d.ts +0 -5
- package/lib/directory-sync/serializers/index.js +0 -6
- package/lib/directory-sync/serializers/list-directories-options.serializer.cjs +0 -3
- package/lib/directory-sync/serializers/list-directories-options.serializer.d.cts +0 -2
- package/lib/directory-sync/serializers/list-directories-options.serializer.d.ts +0 -7
- package/lib/directory-sync/serializers/list-directories-options.serializer.js +0 -13
- package/lib/directory-sync/serializers/list-directories-options.serializer.js.map +0 -1
- package/lib/directory-sync-DShb6WkQ.cjs +0 -46
- package/lib/directory-sync-DShb6WkQ.cjs.map +0 -1
- package/lib/directory-user.interface-jIKY1oa_.cjs +0 -0
- package/lib/directory-user.serializer-BSflXAKm.cjs +0 -63
- package/lib/directory-user.serializer-BSflXAKm.cjs.map +0 -1
- package/lib/directory-user.serializer-DdiSNHu_.d.cts +0 -9
- package/lib/directory.interface-Cx8RYw6k.cjs +0 -0
- package/lib/directory.interface-oSn1IaAq.d.cts +0 -60
- package/lib/directory.serializer-0ObI8z0b.d.cts +0 -10
- package/lib/directory.serializer-j1RV_J7z.cjs +0 -68
- package/lib/directory.serializer-j1RV_J7z.cjs.map +0 -1
- package/lib/domain-data.interface-D9PEhuHc.d.cts +0 -12
- package/lib/domain-data.interface-kHXPqpDJ.cjs +0 -16
- package/lib/domain-data.interface-kHXPqpDJ.cjs.map +0 -1
- package/lib/email-verification.interface-DoXRDBkX.d.cts +0 -42
- package/lib/email-verification.interface-eQIbonny.cjs +0 -0
- package/lib/email-verification.serializer-D3lfBeXl.d.cts +0 -8
- package/lib/email-verification.serializer-e6Mbvjvd.cjs +0 -36
- package/lib/email-verification.serializer-e6Mbvjvd.cjs.map +0 -1
- package/lib/enroll-auth-factor-options.serializer-BBfKN5IU.cjs +0 -17
- package/lib/enroll-auth-factor-options.serializer-BBfKN5IU.cjs.map +0 -1
- package/lib/enroll-auth-factor-options.serializer-h49b6m0i.d.cts +0 -7
- package/lib/enroll-auth-factor.interface-B3iA0f5-.cjs +0 -0
- package/lib/enroll-auth-factor.interface-BsXY6399.d.cts +0 -17
- package/lib/enroll-factor-options-BcgxXHrj.d.cts +0 -14
- package/lib/env-CFSscuz_.cjs +0 -62
- package/lib/env-CFSscuz_.cjs.map +0 -1
- package/lib/environment-role.interface-CF223Nhw.d.cts +0 -36
- package/lib/environment-role.interface-vp39mbJG.cjs +0 -0
- package/lib/environment-role.serializer-DbhO-b6n.cjs +0 -23
- package/lib/environment-role.serializer-DbhO-b6n.cjs.map +0 -1
- package/lib/environment-role.serializer-wsFAqA2X.d.cts +0 -7
- package/lib/event.interface-DTEEUV0a.cjs +0 -0
- package/lib/event.serializer-DQe8qLHH.cjs +0 -205
- package/lib/event.serializer-DQe8qLHH.cjs.map +0 -1
- package/lib/event.serializer-DxvBsrGU.d.cts +0 -7
- package/lib/events/events.cjs +0 -3
- package/lib/events/events.d.cts +0 -2
- package/lib/events/events.d.ts +0 -14
- package/lib/events/events.js +0 -18
- package/lib/events/events.js.map +0 -1
- package/lib/events/interfaces/index.cjs +0 -0
- package/lib/events/interfaces/index.d.cts +0 -2
- package/lib/events/interfaces/index.d.ts +0 -2
- package/lib/events/interfaces/index.js +0 -1
- package/lib/events/interfaces/list-events-options.interface.cjs +0 -0
- package/lib/events/interfaces/list-events-options.interface.d.cts +0 -2
- package/lib/events/interfaces/list-events-options.interface.d.ts +0 -22
- package/lib/events/interfaces/list-events-options.interface.js +0 -1
- package/lib/events/serializers/index.cjs +0 -3
- package/lib/events/serializers/index.d.cts +0 -2
- package/lib/events/serializers/index.d.ts +0 -2
- package/lib/events/serializers/index.js +0 -3
- package/lib/events/serializers/list-event-options.serializer.cjs +0 -3
- package/lib/events/serializers/list-event-options.serializer.d.cts +0 -2
- package/lib/events/serializers/list-event-options.serializer.d.ts +0 -7
- package/lib/events/serializers/list-event-options.serializer.js +0 -13
- package/lib/events/serializers/list-event-options.serializer.js.map +0 -1
- package/lib/events-CPdcLR1v.cjs +0 -23
- package/lib/events-CPdcLR1v.cjs.map +0 -1
- package/lib/exceptions-DHjMOdn0.cjs +0 -0
- package/lib/factor.interface-BhhyEdaN.d.cts +0 -44
- package/lib/factor.interface-Cr3vEd_Q.cjs +0 -0
- package/lib/factor.interface-TCY5UjaZ.d.cts +0 -42
- package/lib/factor.serializer-BTeTtrWD.d.cts +0 -8
- package/lib/factor.serializer-CRMo_hH_.d.cts +0 -8
- package/lib/factor.serializer-CiRgOFhH.cjs +0 -36
- package/lib/factor.serializer-CiRgOFhH.cjs.map +0 -1
- package/lib/factor.serializer-jvpYENTq.cjs +0 -37
- package/lib/factor.serializer-jvpYENTq.cjs.map +0 -1
- package/lib/factory-UI_uCpNc.cjs +0 -15
- package/lib/factory-UI_uCpNc.cjs.map +0 -1
- package/lib/factory.cjs +0 -8
- package/lib/factory.d.cts +0 -2
- package/lib/factory.d.ts +0 -83
- package/lib/factory.js +0 -10
- package/lib/factory.js.map +0 -1
- package/lib/feature-flag.interface-4Ikij0w0.d.cts +0 -28
- package/lib/feature-flag.interface-Bn_Jcnb4.cjs +0 -0
- package/lib/feature-flag.serializer-D6oOUHys.d.cts +0 -7
- package/lib/feature-flag.serializer-DqXUiZd4.cjs +0 -23
- package/lib/feature-flag.serializer-DqXUiZd4.cjs.map +0 -1
- package/lib/feature-flags/feature-flags.cjs +0 -3
- package/lib/feature-flags/feature-flags.d.cts +0 -2
- package/lib/feature-flags/feature-flags.d.ts +0 -21
- package/lib/feature-flags/feature-flags.js +0 -37
- package/lib/feature-flags/feature-flags.js.map +0 -1
- package/lib/feature-flags/interfaces/add-flag-target-options.interface.cjs +0 -0
- package/lib/feature-flags/interfaces/add-flag-target-options.interface.d.cts +0 -2
- package/lib/feature-flags/interfaces/add-flag-target-options.interface.d.ts +0 -8
- package/lib/feature-flags/interfaces/add-flag-target-options.interface.js +0 -1
- package/lib/feature-flags/interfaces/feature-flag.interface.cjs +0 -0
- package/lib/feature-flags/interfaces/feature-flag.interface.d.cts +0 -2
- package/lib/feature-flags/interfaces/feature-flag.interface.d.ts +0 -28
- package/lib/feature-flags/interfaces/feature-flag.interface.js +0 -1
- package/lib/feature-flags/interfaces/index.cjs +0 -0
- package/lib/feature-flags/interfaces/index.d.cts +0 -5
- package/lib/feature-flags/interfaces/index.d.ts +0 -5
- package/lib/feature-flags/interfaces/index.js +0 -1
- package/lib/feature-flags/interfaces/list-feature-flags-options.interface.cjs +0 -0
- package/lib/feature-flags/interfaces/list-feature-flags-options.interface.d.cts +0 -2
- package/lib/feature-flags/interfaces/list-feature-flags-options.interface.d.ts +0 -7
- package/lib/feature-flags/interfaces/list-feature-flags-options.interface.js +0 -1
- package/lib/feature-flags/interfaces/remove-flag-target-options.interface.cjs +0 -0
- package/lib/feature-flags/interfaces/remove-flag-target-options.interface.d.cts +0 -2
- package/lib/feature-flags/interfaces/remove-flag-target-options.interface.d.ts +0 -8
- package/lib/feature-flags/interfaces/remove-flag-target-options.interface.js +0 -1
- package/lib/feature-flags/serializers/feature-flag.serializer.cjs +0 -3
- package/lib/feature-flags/serializers/feature-flag.serializer.d.cts +0 -2
- package/lib/feature-flags/serializers/feature-flag.serializer.d.ts +0 -7
- package/lib/feature-flags/serializers/feature-flag.serializer.js +0 -17
- package/lib/feature-flags/serializers/feature-flag.serializer.js.map +0 -1
- package/lib/feature-flags/serializers/index.cjs +0 -3
- package/lib/feature-flags/serializers/index.d.cts +0 -2
- package/lib/feature-flags/serializers/index.d.ts +0 -2
- package/lib/feature-flags/serializers/index.js +0 -3
- package/lib/feature-flags-2wzyH7on.cjs +0 -42
- package/lib/feature-flags-2wzyH7on.cjs.map +0 -1
- package/lib/fetch-and-deserialize-list-DRAoVbMj.cjs +0 -19
- package/lib/fetch-and-deserialize-list-DRAoVbMj.cjs.map +0 -1
- package/lib/fetch-and-deserialize-wAuupni3.cjs +0 -25
- package/lib/fetch-and-deserialize-wAuupni3.cjs.map +0 -1
- package/lib/fetch-client-BGoo0snw.cjs +0 -200
- package/lib/fetch-client-BGoo0snw.cjs.map +0 -1
- package/lib/fga/fga.cjs +0 -3
- package/lib/fga/fga.d.cts +0 -2
- package/lib/fga/fga.d.ts +0 -33
- package/lib/fga/fga.js +0 -82
- package/lib/fga/fga.js.map +0 -1
- package/lib/fga/interfaces/check-op.enum.cjs +0 -3
- package/lib/fga/interfaces/check-op.enum.d.cts +0 -2
- package/lib/fga/interfaces/check-op.enum.d.ts +0 -8
- package/lib/fga/interfaces/check-op.enum.js +0 -10
- package/lib/fga/interfaces/check-op.enum.js.map +0 -1
- package/lib/fga/interfaces/check.interface.cjs +0 -3
- package/lib/fga/interfaces/check.interface.d.cts +0 -2
- package/lib/fga/interfaces/check.interface.d.ts +0 -88
- package/lib/fga/interfaces/check.interface.js +0 -28
- package/lib/fga/interfaces/check.interface.js.map +0 -1
- package/lib/fga/interfaces/index.cjs +0 -9
- package/lib/fga/interfaces/index.d.cts +0 -9
- package/lib/fga/interfaces/index.d.ts +0 -9
- package/lib/fga/interfaces/index.js +0 -6
- package/lib/fga/interfaces/list.interface.cjs +0 -0
- package/lib/fga/interfaces/list.interface.d.cts +0 -2
- package/lib/fga/interfaces/list.interface.d.ts +0 -13
- package/lib/fga/interfaces/list.interface.js +0 -1
- package/lib/fga/interfaces/query.interface.cjs +0 -0
- package/lib/fga/interfaces/query.interface.d.cts +0 -2
- package/lib/fga/interfaces/query.interface.d.ts +0 -35
- package/lib/fga/interfaces/query.interface.js +0 -1
- package/lib/fga/interfaces/resource-op.enum.cjs +0 -3
- package/lib/fga/interfaces/resource-op.enum.d.cts +0 -2
- package/lib/fga/interfaces/resource-op.enum.d.ts +0 -8
- package/lib/fga/interfaces/resource-op.enum.js +0 -10
- package/lib/fga/interfaces/resource-op.enum.js.map +0 -1
- package/lib/fga/interfaces/resource.interface.cjs +0 -0
- package/lib/fga/interfaces/resource.interface.d.cts +0 -2
- package/lib/fga/interfaces/resource.interface.d.ts +0 -77
- package/lib/fga/interfaces/resource.interface.js +0 -1
- package/lib/fga/interfaces/warning.interface.cjs +0 -0
- package/lib/fga/interfaces/warning.interface.d.cts +0 -2
- package/lib/fga/interfaces/warning.interface.d.ts +0 -13
- package/lib/fga/interfaces/warning.interface.js +0 -1
- package/lib/fga/interfaces/warrant-op.enum.cjs +0 -3
- package/lib/fga/interfaces/warrant-op.enum.d.cts +0 -2
- package/lib/fga/interfaces/warrant-op.enum.d.ts +0 -8
- package/lib/fga/interfaces/warrant-op.enum.js +0 -10
- package/lib/fga/interfaces/warrant-op.enum.js.map +0 -1
- package/lib/fga/interfaces/warrant-token.interface.cjs +0 -0
- package/lib/fga/interfaces/warrant-token.interface.d.cts +0 -2
- package/lib/fga/interfaces/warrant-token.interface.d.ts +0 -10
- package/lib/fga/interfaces/warrant-token.interface.js +0 -1
- package/lib/fga/interfaces/warrant.interface.cjs +0 -0
- package/lib/fga/interfaces/warrant.interface.d.cts +0 -2
- package/lib/fga/interfaces/warrant.interface.d.ts +0 -71
- package/lib/fga/interfaces/warrant.interface.js +0 -1
- package/lib/fga/serializers/batch-write-resources-options.serializer.cjs +0 -3
- package/lib/fga/serializers/batch-write-resources-options.serializer.d.cts +0 -2
- package/lib/fga/serializers/batch-write-resources-options.serializer.d.ts +0 -7
- package/lib/fga/serializers/batch-write-resources-options.serializer.js +0 -18
- package/lib/fga/serializers/batch-write-resources-options.serializer.js.map +0 -1
- package/lib/fga/serializers/check-options.serializer.cjs +0 -5
- package/lib/fga/serializers/check-options.serializer.d.cts +0 -2
- package/lib/fga/serializers/check-options.serializer.d.ts +0 -9
- package/lib/fga/serializers/check-options.serializer.js +0 -52
- package/lib/fga/serializers/check-options.serializer.js.map +0 -1
- package/lib/fga/serializers/create-resource-options.serializer.cjs +0 -3
- package/lib/fga/serializers/create-resource-options.serializer.d.cts +0 -2
- package/lib/fga/serializers/create-resource-options.serializer.d.ts +0 -7
- package/lib/fga/serializers/create-resource-options.serializer.js +0 -12
- package/lib/fga/serializers/create-resource-options.serializer.js.map +0 -1
- package/lib/fga/serializers/delete-resource-options.serializer.cjs +0 -3
- package/lib/fga/serializers/delete-resource-options.serializer.d.cts +0 -2
- package/lib/fga/serializers/delete-resource-options.serializer.d.ts +0 -7
- package/lib/fga/serializers/delete-resource-options.serializer.js +0 -11
- package/lib/fga/serializers/delete-resource-options.serializer.js.map +0 -1
- package/lib/fga/serializers/index.cjs +0 -30
- package/lib/fga/serializers/index.d.cts +0 -14
- package/lib/fga/serializers/index.d.ts +0 -14
- package/lib/fga/serializers/index.js +0 -15
- package/lib/fga/serializers/list-resources-options.serializer.cjs +0 -3
- package/lib/fga/serializers/list-resources-options.serializer.d.cts +0 -2
- package/lib/fga/serializers/list-resources-options.serializer.d.ts +0 -7
- package/lib/fga/serializers/list-resources-options.serializer.js +0 -13
- package/lib/fga/serializers/list-resources-options.serializer.js.map +0 -1
- package/lib/fga/serializers/list-warrants-options.serializer.cjs +0 -3
- package/lib/fga/serializers/list-warrants-options.serializer.d.cts +0 -2
- package/lib/fga/serializers/list-warrants-options.serializer.d.ts +0 -7
- package/lib/fga/serializers/list-warrants-options.serializer.js +0 -15
- package/lib/fga/serializers/list-warrants-options.serializer.js.map +0 -1
- package/lib/fga/serializers/list.serializer.cjs +0 -3
- package/lib/fga/serializers/list.serializer.d.cts +0 -2
- package/lib/fga/serializers/list.serializer.d.ts +0 -10
- package/lib/fga/serializers/list.serializer.js +0 -11
- package/lib/fga/serializers/list.serializer.js.map +0 -1
- package/lib/fga/serializers/query-options.serializer.cjs +0 -3
- package/lib/fga/serializers/query-options.serializer.d.cts +0 -2
- package/lib/fga/serializers/query-options.serializer.d.ts +0 -7
- package/lib/fga/serializers/query-options.serializer.js +0 -13
- package/lib/fga/serializers/query-options.serializer.js.map +0 -1
- package/lib/fga/serializers/query-result.serializer.cjs +0 -3
- package/lib/fga/serializers/query-result.serializer.d.cts +0 -2
- package/lib/fga/serializers/query-result.serializer.d.ts +0 -12
- package/lib/fga/serializers/query-result.serializer.js +0 -22
- package/lib/fga/serializers/query-result.serializer.js.map +0 -1
- package/lib/fga/serializers/resource.serializer.cjs +0 -4
- package/lib/fga/serializers/resource.serializer.d.cts +0 -2
- package/lib/fga/serializers/resource.serializer.d.ts +0 -8
- package/lib/fga/serializers/resource.serializer.js +0 -13
- package/lib/fga/serializers/resource.serializer.js.map +0 -1
- package/lib/fga/serializers/warrant-token.serializer.cjs +0 -3
- package/lib/fga/serializers/warrant-token.serializer.d.cts +0 -2
- package/lib/fga/serializers/warrant-token.serializer.d.ts +0 -7
- package/lib/fga/serializers/warrant-token.serializer.js +0 -6
- package/lib/fga/serializers/warrant-token.serializer.js.map +0 -1
- package/lib/fga/serializers/warrant.serializer.cjs +0 -3
- package/lib/fga/serializers/warrant.serializer.d.cts +0 -2
- package/lib/fga/serializers/warrant.serializer.d.ts +0 -7
- package/lib/fga/serializers/warrant.serializer.js +0 -16
- package/lib/fga/serializers/warrant.serializer.js.map +0 -1
- package/lib/fga/serializers/write-warrant-options.serializer.cjs +0 -3
- package/lib/fga/serializers/write-warrant-options.serializer.d.cts +0 -2
- package/lib/fga/serializers/write-warrant-options.serializer.d.ts +0 -7
- package/lib/fga/serializers/write-warrant-options.serializer.js +0 -21
- package/lib/fga/serializers/write-warrant-options.serializer.js.map +0 -1
- package/lib/fga/utils/fetch-and-deserialize-list.cjs +0 -3
- package/lib/fga/utils/fetch-and-deserialize-list.d.cts +0 -10
- package/lib/fga/utils/fetch-and-deserialize-list.d.ts +0 -10
- package/lib/fga/utils/fetch-and-deserialize-list.js +0 -14
- package/lib/fga/utils/fetch-and-deserialize-list.js.map +0 -1
- package/lib/fga/utils/fga-paginatable.cjs +0 -3
- package/lib/fga/utils/fga-paginatable.d.cts +0 -2
- package/lib/fga/utils/fga-paginatable.d.ts +0 -14
- package/lib/fga/utils/fga-paginatable.js +0 -17
- package/lib/fga/utils/fga-paginatable.js.map +0 -1
- package/lib/fga/utils/interface-check.cjs +0 -4
- package/lib/fga/utils/interface-check.d.cts +0 -9
- package/lib/fga/utils/interface-check.d.ts +0 -9
- package/lib/fga/utils/interface-check.js +0 -11
- package/lib/fga/utils/interface-check.js.map +0 -1
- package/lib/fga-BPfLQ33S.cjs +0 -87
- package/lib/fga-BPfLQ33S.cjs.map +0 -1
- package/lib/fga-paginatable-C0a-1wD-.cjs +0 -22
- package/lib/fga-paginatable-C0a-1wD-.cjs.map +0 -1
- package/lib/fga-paginatable-DXVZwFzX.d.cts +0 -14
- package/lib/generate-portal-link-intent.interface-C2mac0-y.d.cts +0 -13
- package/lib/generate-portal-link-intent.interface-K2TgL9nP.cjs +0 -21
- package/lib/generate-portal-link-intent.interface-K2TgL9nP.cjs.map +0 -1
- package/lib/generic-server.exception-CQ1bI6ng.cjs +0 -22
- package/lib/generic-server.exception-CQ1bI6ng.cjs.map +0 -1
- package/lib/generic-server.exception-oSIJnqHy.d.cts +0 -14
- package/lib/get-access-token.interface-CC9W-m-U.d.cts +0 -32
- package/lib/get-access-token.serializer-BkuD5POO.cjs +0 -34
- package/lib/get-access-token.serializer-BkuD5POO.cjs.map +0 -1
- package/lib/get-authorization-resource-by-external-id-options.interface-DHwlk2AT.cjs +0 -0
- package/lib/get-authorization-resource-by-external-id-options.interface-Qnp6DQk8.d.cts +0 -9
- package/lib/get-options.interface-BsU2gWu0.d.cts +0 -11
- package/lib/get-options.interface-DjHw29Gw.cjs +0 -0
- package/lib/get-profile-and-token-options.interface-BTmM6245.d.cts +0 -14
- package/lib/get-profile-and-token-options.interface-D-t_N_S4.cjs +0 -0
- package/lib/get-profile-options.interface-BJLekz2p.d.cts +0 -7
- package/lib/get-profile-options.interface-CHz99jzH.cjs +0 -0
- package/lib/get-token-CVW25jmW.cjs +0 -23
- package/lib/get-token-CVW25jmW.cjs.map +0 -1
- package/lib/get-token-YoisQSFe.d.cts +0 -23
- package/lib/http-client-COq13zAE.d.cts +0 -56
- package/lib/http-client-DTfNcqaR.cjs +0 -96
- package/lib/http-client-DTfNcqaR.cjs.map +0 -1
- package/lib/http-client.interface-6Fw3v3Tg.d.cts +0 -24
- package/lib/http-client.interface-f2mgwQFE.cjs +0 -0
- package/lib/identity.interface-BwHBiRFv.d.cts +0 -14
- package/lib/identity.interface-CE-TyJpI.cjs +0 -0
- package/lib/identity.serializer-B-QbTGfi.cjs +0 -20
- package/lib/identity.serializer-B-QbTGfi.cjs.map +0 -1
- package/lib/impersonator.interface-CGlMZ9vr.d.cts +0 -12
- package/lib/impersonator.interface-DVfPFpHv.cjs +0 -0
- package/lib/index-1uLygO4P.d.cts +0 -1
- package/lib/index-C2USAKUY.d.cts +0 -1
- package/lib/index-CNyG9oqt.d.cts +0 -1
- package/lib/index-CTeAtTHc.d.cts +0 -1
- package/lib/index-CYPjsxnw.d.cts +0 -1
- package/lib/index-CgPSnPe-.d.cts +0 -1
- package/lib/index-ChDktAOS.d.cts +0 -1
- package/lib/index-Cj2mBhkk.d.cts +0 -1
- package/lib/index-DA_5qJSj.d.cts +0 -1
- package/lib/index-DITken1Q.d.cts +0 -1
- package/lib/index-zd2lGEmr.d.cts +0 -851
- package/lib/index.d.ts +0 -185
- package/lib/index.js +0 -68
- package/lib/index.js.map +0 -1
- package/lib/index.worker.d.ts +0 -167
- package/lib/index.worker.js +0 -63
- package/lib/index.worker.js.map +0 -1
- package/lib/interface-check-DXnd6tn3.cjs +0 -23
- package/lib/interface-check-DXnd6tn3.cjs.map +0 -1
- package/lib/interfaces-2RIrb9eZ.cjs +0 -0
- package/lib/interfaces-BhsLvV2I.cjs +0 -0
- package/lib/interfaces-Bo2cVn99.cjs +0 -0
- package/lib/interfaces-CMcTAErf.cjs +0 -0
- package/lib/interfaces-CQzl9vB6.cjs +0 -0
- package/lib/interfaces-CZMLFhDN.cjs +0 -0
- package/lib/invitation.interface-BwZhU4Nq.d.cts +0 -64
- package/lib/invitation.interface-CknczPqq.cjs +0 -0
- package/lib/invitation.serializer-B8q8nnmR.d.cts +0 -8
- package/lib/invitation.serializer-BEVUkLP9.cjs +0 -47
- package/lib/invitation.serializer-BEVUkLP9.cjs.map +0 -1
- package/lib/jose-BhyqkBqW.cjs +0 -27
- package/lib/jose-BhyqkBqW.cjs.map +0 -1
- package/lib/key.interface-CC2uD6p4.cjs +0 -0
- package/lib/key.interface-YLV_plqn.d.cts +0 -16
- package/lib/leb128-DvqSoSLE.cjs +0 -82
- package/lib/leb128-DvqSoSLE.cjs.map +0 -1
- package/lib/list-auth-factors-options.interface-BaWRr4HX.cjs +0 -0
- package/lib/list-authorization-resources-options.interface-B3sf3hOh.cjs +0 -0
- package/lib/list-authorization-resources-options.interface-Bi7-RuXa.d.cts +0 -22
- package/lib/list-authorization-resources-options.serializer-B2GBZjY-.d.cts +0 -7
- package/lib/list-authorization-resources-options.serializer-DvKRcWey.cjs +0 -21
- package/lib/list-authorization-resources-options.serializer-DvKRcWey.cjs.map +0 -1
- package/lib/list-connections-options.interface-B4o7Dg7E.cjs +0 -0
- package/lib/list-connections-options.interface-DMjyCQNt.d.cts +0 -17
- package/lib/list-connections-options.serializer-B9jyhBCh.cjs +0 -20
- package/lib/list-connections-options.serializer-B9jyhBCh.cjs.map +0 -1
- package/lib/list-connections-options.serializer-C2ETSFny.d.cts +0 -7
- package/lib/list-directories-options.interface-BQt9KBRx.d.cts +0 -14
- package/lib/list-directories-options.interface-CQga5gNx.cjs +0 -0
- package/lib/list-directories-options.serializer-C9gqK1ls.d.cts +0 -7
- package/lib/list-directories-options.serializer-DIkuNuJB.cjs +0 -19
- package/lib/list-directories-options.serializer-DIkuNuJB.cjs.map +0 -1
- package/lib/list-directory-users-options.interface-DoyU-KHK.d.cts +0 -10
- package/lib/list-directory-users-options.interface-bRKoi3uh.cjs +0 -0
- package/lib/list-event-options.serializer-BMuLbsuv.cjs +0 -19
- package/lib/list-event-options.serializer-BMuLbsuv.cjs.map +0 -1
- package/lib/list-event-options.serializer-URqDPrTi.d.cts +0 -7
- package/lib/list-events-options.interface-CT1WzVzZ.d.cts +0 -22
- package/lib/list-events-options.interface-DlD8hbg-.cjs +0 -0
- package/lib/list-feature-flags-options.interface-BuAGocb_.cjs +0 -0
- package/lib/list-groups-options.interface-BkzhnP23.cjs +0 -0
- package/lib/list-groups-options.interface-b3GVqSII.d.cts +0 -10
- package/lib/list-invitations-options.interface-ANMijoDj.cjs +0 -0
- package/lib/list-invitations-options.serializer-BjpU4ZDR.cjs +0 -19
- package/lib/list-invitations-options.serializer-BjpU4ZDR.cjs.map +0 -1
- package/lib/list-memberships-for-resource-by-external-id-options.interface-DVmCOuB-.cjs +0 -0
- package/lib/list-memberships-for-resource-by-external-id-options.interface-J1_qZirj.d.cts +0 -13
- package/lib/list-memberships-for-resource-options.interface-9ATHNNdH.cjs +0 -0
- package/lib/list-memberships-for-resource-options.interface-WKyR83kP.d.cts +0 -11
- package/lib/list-memberships-for-resource-options.serializer-aQpL3LF9.d.cts +0 -9
- package/lib/list-memberships-for-resource-options.serializer-iaykx8Lw.cjs +0 -17
- package/lib/list-memberships-for-resource-options.serializer-iaykx8Lw.cjs.map +0 -1
- package/lib/list-object-versions.interface-7bMXekXS.cjs +0 -0
- package/lib/list-object-versions.interface-CbrhRrmz.d.cts +0 -12
- package/lib/list-objects.interface-CtunUutg.d.cts +0 -9
- package/lib/list-objects.interface-Df3gsh5f.cjs +0 -0
- package/lib/list-organization-api-keys-options.interface-7oL0NhBo.cjs +0 -0
- package/lib/list-organization-api-keys-options.interface-CsxRRYj6.d.cts +0 -9
- package/lib/list-organization-feature-flags-options.interface-CS56ReAC.cjs +0 -0
- package/lib/list-organization-feature-flags-options.interface-PoBPTz4g.d.cts +0 -9
- package/lib/list-organization-memberships-options.interface-2VAVS67L.cjs +0 -0
- package/lib/list-organization-memberships-options.serializer-CLDG_9Kn.cjs +0 -20
- package/lib/list-organization-memberships-options.serializer-CLDG_9Kn.cjs.map +0 -1
- package/lib/list-organization-roles-options.interface-DejI9E8H.d.cts +0 -7
- package/lib/list-organizations-options.interface-B1M5Od_m.cjs +0 -0
- package/lib/list-organizations-options.interface-Bwx3In4U.d.cts +0 -9
- package/lib/list-permissions-options.interface-CgVHKqiN.cjs +0 -0
- package/lib/list-resources-for-membership-options.interface-1dSllzkH.cjs +0 -0
- package/lib/list-resources-for-membership-options.interface-CCuX2l-i.d.cts +0 -24
- package/lib/list-resources-for-membership-options.serializer-01hwgS6y.d.cts +0 -7
- package/lib/list-resources-for-membership-options.serializer-6TItLFPj.cjs +0 -21
- package/lib/list-resources-for-membership-options.serializer-6TItLFPj.cjs.map +0 -1
- package/lib/list-resources-options.serializer-DGVmkcZe.d.cts +0 -7
- package/lib/list-resources-options.serializer-iHnbemUA.cjs +0 -19
- package/lib/list-resources-options.serializer-iHnbemUA.cjs.map +0 -1
- package/lib/list-role-assignments-options.interface-DF9W0Crg.cjs +0 -0
- package/lib/list-role-assignments-options.interface-G1byAUOU.d.cts +0 -9
- package/lib/list-sessions-options.interface-BR3oWxBU.cjs +0 -0
- package/lib/list-sessions-options.interface-CZdBtY49.d.cts +0 -8
- package/lib/list-sessions-options.serializer-Cx_PvDl8.d.cts +0 -7
- package/lib/list-sessions-options.serializer-DXI2uV_8.cjs +0 -12
- package/lib/list-sessions-options.serializer-DXI2uV_8.cjs.map +0 -1
- package/lib/list-user-feature-flags-options.interface-BjORmo6E.cjs +0 -0
- package/lib/list-users-options.interface-BGH7eAhH.cjs +0 -0
- package/lib/list-users-options.interface-Bmgojx_R.d.cts +0 -14
- package/lib/list-users-options.serializer-4-_RN0tZ.cjs +0 -19
- package/lib/list-users-options.serializer-4-_RN0tZ.cjs.map +0 -1
- package/lib/list-warrants-options.serializer-CQnwwLKg.cjs +0 -21
- package/lib/list-warrants-options.serializer-CQnwwLKg.cjs.map +0 -1
- package/lib/list-warrants-options.serializer-DDlu-iU1.d.cts +0 -7
- package/lib/list.interface-Bbp2ZBpM.d.cts +0 -13
- package/lib/list.interface-Ch7SsnDq.cjs +0 -0
- package/lib/list.interface-I2r4xhuH.d.cts +0 -20
- package/lib/list.serializer-C0xM3Q5_.d.cts +0 -10
- package/lib/list.serializer-DIHSqY98.cjs +0 -17
- package/lib/list.serializer-DIHSqY98.cjs.map +0 -1
- package/lib/list.serializer-DILm4JiZ.d.cts +0 -7
- package/lib/list.serializer-DMdl1FBx.cjs +0 -16
- package/lib/list.serializer-DMdl1FBx.cjs.map +0 -1
- package/lib/locale.interface-BDuI7VXX.d.cts +0 -5
- package/lib/locale.interface-DwCivlkF.cjs +0 -0
- package/lib/logout-url-options.interface-BOLd7ZRi.d.cts +0 -8
- package/lib/logout-url-options.interface-CW7A-s1Y.cjs +0 -0
- package/lib/magic-auth.interface-CtOudjuJ.cjs +0 -0
- package/lib/magic-auth.interface-DGn4_Ctk.d.cts +0 -42
- package/lib/magic-auth.serializer-By4HyvgZ.cjs +0 -36
- package/lib/magic-auth.serializer-By4HyvgZ.cjs.map +0 -1
- package/lib/magic-auth.serializer-Cmv0WqFM.d.cts +0 -8
- package/lib/mfa/interfaces/challenge-factor-options.cjs +0 -0
- package/lib/mfa/interfaces/challenge-factor-options.d.cts +0 -2
- package/lib/mfa/interfaces/challenge-factor-options.d.ts +0 -10
- package/lib/mfa/interfaces/challenge-factor-options.js +0 -1
- package/lib/mfa/interfaces/challenge.interface.cjs +0 -0
- package/lib/mfa/interfaces/challenge.interface.d.cts +0 -2
- package/lib/mfa/interfaces/challenge.interface.d.ts +0 -22
- package/lib/mfa/interfaces/challenge.interface.js +0 -1
- package/lib/mfa/interfaces/enroll-factor-options.cjs +0 -0
- package/lib/mfa/interfaces/enroll-factor-options.d.cts +0 -2
- package/lib/mfa/interfaces/enroll-factor-options.d.ts +0 -14
- package/lib/mfa/interfaces/enroll-factor-options.js +0 -1
- package/lib/mfa/interfaces/factor.interface.cjs +0 -0
- package/lib/mfa/interfaces/factor.interface.d.cts +0 -2
- package/lib/mfa/interfaces/factor.interface.d.ts +0 -44
- package/lib/mfa/interfaces/factor.interface.js +0 -1
- package/lib/mfa/interfaces/index.cjs +0 -8
- package/lib/mfa/interfaces/index.d.cts +0 -9
- package/lib/mfa/interfaces/index.d.ts +0 -9
- package/lib/mfa/interfaces/index.js +0 -1
- package/lib/mfa/interfaces/sms.interface.cjs +0 -0
- package/lib/mfa/interfaces/sms.interface.d.cts +0 -2
- package/lib/mfa/interfaces/sms.interface.d.ts +0 -10
- package/lib/mfa/interfaces/sms.interface.js +0 -1
- package/lib/mfa/interfaces/totp.interface.cjs +0 -0
- package/lib/mfa/interfaces/totp.interface.d.cts +0 -2
- package/lib/mfa/interfaces/totp.interface.d.ts +0 -22
- package/lib/mfa/interfaces/totp.interface.js +0 -1
- package/lib/mfa/interfaces/verify-challenge-options.cjs +0 -0
- package/lib/mfa/interfaces/verify-challenge-options.d.cts +0 -2
- package/lib/mfa/interfaces/verify-challenge-options.d.ts +0 -8
- package/lib/mfa/interfaces/verify-challenge-options.js +0 -1
- package/lib/mfa/interfaces/verify-challenge-response.cjs +0 -0
- package/lib/mfa/interfaces/verify-challenge-response.d.cts +0 -2
- package/lib/mfa/interfaces/verify-challenge-response.d.ts +0 -14
- package/lib/mfa/interfaces/verify-challenge-response.js +0 -1
- package/lib/mfa/mfa.cjs +0 -3
- package/lib/mfa/mfa.d.cts +0 -2
- package/lib/mfa/mfa.d.ts +0 -21
- package/lib/mfa/mfa.js +0 -45
- package/lib/mfa/mfa.js.map +0 -1
- package/lib/mfa/serializers/challenge.serializer.cjs +0 -3
- package/lib/mfa/serializers/challenge.serializer.d.cts +0 -2
- package/lib/mfa/serializers/challenge.serializer.d.ts +0 -7
- package/lib/mfa/serializers/challenge.serializer.js +0 -14
- package/lib/mfa/serializers/challenge.serializer.js.map +0 -1
- package/lib/mfa/serializers/factor.serializer.cjs +0 -4
- package/lib/mfa/serializers/factor.serializer.d.cts +0 -2
- package/lib/mfa/serializers/factor.serializer.d.ts +0 -8
- package/lib/mfa/serializers/factor.serializer.js +0 -26
- package/lib/mfa/serializers/factor.serializer.js.map +0 -1
- package/lib/mfa/serializers/index.cjs +0 -8
- package/lib/mfa/serializers/index.d.cts +0 -4
- package/lib/mfa/serializers/index.d.ts +0 -4
- package/lib/mfa/serializers/index.js +0 -5
- package/lib/mfa/serializers/sms.serializer.cjs +0 -3
- package/lib/mfa/serializers/sms.serializer.d.cts +0 -7
- package/lib/mfa/serializers/sms.serializer.d.ts +0 -7
- package/lib/mfa/serializers/sms.serializer.js +0 -6
- package/lib/mfa/serializers/sms.serializer.js.map +0 -1
- package/lib/mfa/serializers/totp.serializer.cjs +0 -4
- package/lib/mfa/serializers/totp.serializer.d.cts +0 -8
- package/lib/mfa/serializers/totp.serializer.d.ts +0 -8
- package/lib/mfa/serializers/totp.serializer.js +0 -20
- package/lib/mfa/serializers/totp.serializer.js.map +0 -1
- package/lib/mfa/serializers/verify-response.serializer.cjs +0 -3
- package/lib/mfa/serializers/verify-response.serializer.d.cts +0 -2
- package/lib/mfa/serializers/verify-response.serializer.d.ts +0 -7
- package/lib/mfa/serializers/verify-response.serializer.js +0 -11
- package/lib/mfa/serializers/verify-response.serializer.js.map +0 -1
- package/lib/mfa-Ck3-dTm_.cjs +0 -50
- package/lib/mfa-Ck3-dTm_.cjs.map +0 -1
- package/lib/no-api-key-provided.exception-CAJnPlPr.cjs +0 -16
- package/lib/no-api-key-provided.exception-CAJnPlPr.cjs.map +0 -1
- package/lib/no-api-key-provided.exception-D4MBm8QH.d.cts +0 -9
- package/lib/not-found.exception-BcKq0hWv.cjs +0 -24
- package/lib/not-found.exception-BcKq0hWv.cjs.map +0 -1
- package/lib/not-found.exception-CTDvvvLQ.d.cts +0 -24
- package/lib/oauth-tokens.interface--rFwkKXb.d.cts +0 -16
- package/lib/oauth-tokens.interface-CxNP7L-L.cjs +0 -0
- package/lib/oauth-tokens.serializer-BmyyKwrh.cjs +0 -17
- package/lib/oauth-tokens.serializer-BmyyKwrh.cjs.map +0 -1
- package/lib/oauth.exception-BJAv3tg-.cjs +0 -25
- package/lib/oauth.exception-BJAv3tg-.cjs.map +0 -1
- package/lib/oauth.exception-DsPKFu_J.d.cts +0 -15
- package/lib/object.interface-CBgtGtyU.cjs +0 -0
- package/lib/object.interface-Do9xg7Zv.d.cts +0 -35
- package/lib/organization-domain.interface-D9DJtORe.cjs +0 -28
- package/lib/organization-domain.interface-D9DJtORe.cjs.map +0 -1
- package/lib/organization-domain.interface-DCWcsWrJ.d.cts +0 -35
- package/lib/organization-domain.serializer-DVylNcLm.cjs +0 -22
- package/lib/organization-domain.serializer-DVylNcLm.cjs.map +0 -1
- package/lib/organization-domains/interfaces/create-organization-domain-options.interface.cjs +0 -0
- package/lib/organization-domains/interfaces/create-organization-domain-options.interface.d.cts +0 -2
- package/lib/organization-domains/interfaces/create-organization-domain-options.interface.d.ts +0 -12
- package/lib/organization-domains/interfaces/create-organization-domain-options.interface.js +0 -1
- package/lib/organization-domains/interfaces/index.cjs +0 -4
- package/lib/organization-domains/interfaces/index.d.cts +0 -3
- package/lib/organization-domains/interfaces/index.d.ts +0 -3
- package/lib/organization-domains/interfaces/index.js +0 -3
- package/lib/organization-domains/interfaces/organization-domain.interface.cjs +0 -4
- package/lib/organization-domains/interfaces/organization-domain.interface.d.cts +0 -2
- package/lib/organization-domains/interfaces/organization-domain.interface.d.ts +0 -35
- package/lib/organization-domains/interfaces/organization-domain.interface.js +0 -16
- package/lib/organization-domains/interfaces/organization-domain.interface.js.map +0 -1
- package/lib/organization-domains/organization-domains.cjs +0 -3
- package/lib/organization-domains/organization-domains.d.cts +0 -2
- package/lib/organization-domains/organization-domains.d.ts +0 -16
- package/lib/organization-domains/organization-domains.js +0 -28
- package/lib/organization-domains/organization-domains.js.map +0 -1
- package/lib/organization-domains/serializers/create-organization-domain-options.serializer.cjs +0 -3
- package/lib/organization-domains/serializers/create-organization-domain-options.serializer.d.cts +0 -7
- package/lib/organization-domains/serializers/create-organization-domain-options.serializer.d.ts +0 -7
- package/lib/organization-domains/serializers/create-organization-domain-options.serializer.js +0 -9
- package/lib/organization-domains/serializers/create-organization-domain-options.serializer.js.map +0 -1
- package/lib/organization-domains/serializers/organization-domain.serializer.cjs +0 -3
- package/lib/organization-domains/serializers/organization-domain.serializer.d.cts +0 -7
- package/lib/organization-domains/serializers/organization-domain.serializer.d.ts +0 -7
- package/lib/organization-domains/serializers/organization-domain.serializer.js +0 -16
- package/lib/organization-domains/serializers/organization-domain.serializer.js.map +0 -1
- package/lib/organization-domains-DhcxuHzd.cjs +0 -33
- package/lib/organization-domains-DhcxuHzd.cjs.map +0 -1
- package/lib/organization-membership.interface-CUF7HzwC.cjs +0 -0
- package/lib/organization-membership.serializer-CgjS5BwK.cjs +0 -40
- package/lib/organization-membership.serializer-CgjS5BwK.cjs.map +0 -1
- package/lib/organization-role.interface-B3bzv4On.d.cts +0 -16
- package/lib/organization-role.interface-HnEQVE0J.cjs +0 -0
- package/lib/organization-role.serializer-6bXBqqj5.cjs +0 -58
- package/lib/organization-role.serializer-6bXBqqj5.cjs.map +0 -1
- package/lib/organization-role.serializer-hZNZRrOm.d.cts +0 -10
- package/lib/organization.interface-B_xvfP51.cjs +0 -0
- package/lib/organization.interface-Dxz3SLtZ.d.cts +0 -30
- package/lib/organization.serializer-CVNQSfQH.cjs +0 -24
- package/lib/organization.serializer-CVNQSfQH.cjs.map +0 -1
- package/lib/organization.serializer-DS1-IEd8.d.cts +0 -7
- package/lib/organizations/interfaces/create-organization-options.interface.cjs +0 -0
- package/lib/organizations/interfaces/create-organization-options.interface.d.cts +0 -2
- package/lib/organizations/interfaces/create-organization-options.interface.d.ts +0 -20
- package/lib/organizations/interfaces/create-organization-options.interface.js +0 -1
- package/lib/organizations/interfaces/domain-data.interface.cjs +0 -3
- package/lib/organizations/interfaces/domain-data.interface.d.cts +0 -2
- package/lib/organizations/interfaces/domain-data.interface.d.ts +0 -12
- package/lib/organizations/interfaces/domain-data.interface.js +0 -10
- package/lib/organizations/interfaces/domain-data.interface.js.map +0 -1
- package/lib/organizations/interfaces/index.cjs +0 -3
- package/lib/organizations/interfaces/index.d.cts +0 -7
- package/lib/organizations/interfaces/index.d.ts +0 -7
- package/lib/organizations/interfaces/index.js +0 -3
- package/lib/organizations/interfaces/list-organization-feature-flags-options.interface.cjs +0 -0
- package/lib/organizations/interfaces/list-organization-feature-flags-options.interface.d.cts +0 -2
- package/lib/organizations/interfaces/list-organization-feature-flags-options.interface.d.ts +0 -9
- package/lib/organizations/interfaces/list-organization-feature-flags-options.interface.js +0 -1
- package/lib/organizations/interfaces/list-organization-roles-options.interface.cjs +0 -0
- package/lib/organizations/interfaces/list-organization-roles-options.interface.d.cts +0 -2
- package/lib/organizations/interfaces/list-organization-roles-options.interface.d.ts +0 -7
- package/lib/organizations/interfaces/list-organization-roles-options.interface.js +0 -1
- package/lib/organizations/interfaces/list-organizations-options.interface.cjs +0 -0
- package/lib/organizations/interfaces/list-organizations-options.interface.d.cts +0 -2
- package/lib/organizations/interfaces/list-organizations-options.interface.d.ts +0 -9
- package/lib/organizations/interfaces/list-organizations-options.interface.js +0 -1
- package/lib/organizations/interfaces/organization.interface.cjs +0 -0
- package/lib/organizations/interfaces/organization.interface.d.cts +0 -2
- package/lib/organizations/interfaces/organization.interface.d.ts +0 -30
- package/lib/organizations/interfaces/organization.interface.js +0 -1
- package/lib/organizations/interfaces/update-organization-options.interface.cjs +0 -0
- package/lib/organizations/interfaces/update-organization-options.interface.d.cts +0 -2
- package/lib/organizations/interfaces/update-organization-options.interface.d.ts +0 -21
- package/lib/organizations/interfaces/update-organization-options.interface.js +0 -1
- package/lib/organizations/organizations.cjs +0 -3
- package/lib/organizations/organizations.d.cts +0 -2
- package/lib/organizations/organizations.d.ts +0 -33
- package/lib/organizations/organizations.js +0 -65
- package/lib/organizations/organizations.js.map +0 -1
- package/lib/organizations/serializers/create-organization-options.serializer.cjs +0 -3
- package/lib/organizations/serializers/create-organization-options.serializer.d.cts +0 -2
- package/lib/organizations/serializers/create-organization-options.serializer.d.ts +0 -7
- package/lib/organizations/serializers/create-organization-options.serializer.js +0 -11
- package/lib/organizations/serializers/create-organization-options.serializer.js.map +0 -1
- package/lib/organizations/serializers/index.cjs +0 -7
- package/lib/organizations/serializers/index.d.cts +0 -4
- package/lib/organizations/serializers/index.d.ts +0 -4
- package/lib/organizations/serializers/index.js +0 -5
- package/lib/organizations/serializers/organization.serializer.cjs +0 -3
- package/lib/organizations/serializers/organization.serializer.d.cts +0 -2
- package/lib/organizations/serializers/organization.serializer.d.ts +0 -7
- package/lib/organizations/serializers/organization.serializer.js +0 -19
- package/lib/organizations/serializers/organization.serializer.js.map +0 -1
- package/lib/organizations/serializers/update-organization-options.serializer.cjs +0 -3
- package/lib/organizations/serializers/update-organization-options.serializer.d.cts +0 -2
- package/lib/organizations/serializers/update-organization-options.serializer.d.ts +0 -7
- package/lib/organizations/serializers/update-organization-options.serializer.js +0 -12
- package/lib/organizations/serializers/update-organization-options.serializer.js.map +0 -1
- package/lib/organizations-Cj9rLRWq.cjs +0 -70
- package/lib/organizations-Cj9rLRWq.cjs.map +0 -1
- package/lib/package.js +0 -6
- package/lib/package.js.map +0 -1
- package/lib/pagination-B70j26ip.d.cts +0 -25
- package/lib/pagination-BG1uBuL4.cjs +0 -48
- package/lib/pagination-BG1uBuL4.cjs.map +0 -1
- package/lib/pagination-options.interface-865FT6y0.cjs +0 -0
- package/lib/pagination-options.interface-BzIEA3yY.d.cts +0 -10
- package/lib/pagination-options.serializer-1IbIwtWv.d.cts +0 -7
- package/lib/pagination-options.serializer-BpBYvO9v.cjs +0 -17
- package/lib/pagination-options.serializer-BpBYvO9v.cjs.map +0 -1
- package/lib/parse-error-Dr-zK4Ai.cjs +0 -24
- package/lib/parse-error-Dr-zK4Ai.cjs.map +0 -1
- package/lib/password-hash-type.interface-DjrfV612.d.cts +0 -5
- package/lib/password-reset.interface-5Hk5_t85.d.cts +0 -40
- package/lib/password-reset.interface-Cx8n6T9V.cjs +0 -0
- package/lib/password-reset.serializer-C_NzVwDv.d.cts +0 -8
- package/lib/password-reset.serializer-D8Kbnirv.cjs +0 -35
- package/lib/password-reset.serializer-D8Kbnirv.cjs.map +0 -1
- package/lib/passwordless/interfaces/create-passwordless-session-options.interface.cjs +0 -0
- package/lib/passwordless/interfaces/create-passwordless-session-options.interface.d.cts +0 -2
- package/lib/passwordless/interfaces/create-passwordless-session-options.interface.d.ts +0 -20
- package/lib/passwordless/interfaces/create-passwordless-session-options.interface.js +0 -1
- package/lib/passwordless/interfaces/index.cjs +0 -0
- package/lib/passwordless/interfaces/index.d.cts +0 -4
- package/lib/passwordless/interfaces/index.d.ts +0 -4
- package/lib/passwordless/interfaces/index.js +0 -1
- package/lib/passwordless/interfaces/passwordless-session.interface.cjs +0 -0
- package/lib/passwordless/interfaces/passwordless-session.interface.d.cts +0 -2
- package/lib/passwordless/interfaces/passwordless-session.interface.d.ts +0 -18
- package/lib/passwordless/interfaces/passwordless-session.interface.js +0 -1
- package/lib/passwordless/interfaces/send-session-response.interface.cjs +0 -0
- package/lib/passwordless/interfaces/send-session-response.interface.d.cts +0 -2
- package/lib/passwordless/interfaces/send-session-response.interface.d.ts +0 -8
- package/lib/passwordless/interfaces/send-session-response.interface.js +0 -1
- package/lib/passwordless/passwordless.cjs +0 -3
- package/lib/passwordless/passwordless.d.cts +0 -2
- package/lib/passwordless/passwordless.d.ts +0 -19
- package/lib/passwordless/passwordless.js +0 -24
- package/lib/passwordless/passwordless.js.map +0 -1
- package/lib/passwordless/serializers/index.cjs +0 -0
- package/lib/passwordless/serializers/index.d.cts +0 -1
- package/lib/passwordless/serializers/index.d.ts +0 -1
- package/lib/passwordless/serializers/index.js +0 -1
- package/lib/passwordless/serializers/passwordless-session.serializer.cjs +0 -3
- package/lib/passwordless/serializers/passwordless-session.serializer.d.cts +0 -7
- package/lib/passwordless/serializers/passwordless-session.serializer.d.ts +0 -7
- package/lib/passwordless/serializers/passwordless-session.serializer.js +0 -12
- package/lib/passwordless/serializers/passwordless-session.serializer.js.map +0 -1
- package/lib/passwordless-Cbbfvvgq.cjs +0 -29
- package/lib/passwordless-Cbbfvvgq.cjs.map +0 -1
- package/lib/passwordless-session.interface-BPmUhUA4.cjs +0 -0
- package/lib/passwordless-session.interface-BPynm7tz.d.cts +0 -18
- package/lib/passwordless-session.serializer-Buh50Btt.cjs +0 -18
- package/lib/passwordless-session.serializer-Buh50Btt.cjs.map +0 -1
- package/lib/patch-options.interface-CgLPAxTh.cjs +0 -0
- package/lib/patch-options.interface-sduP5vFr.d.cts +0 -12
- package/lib/permission.interface-D9G_Tf6C.cjs +0 -0
- package/lib/permission.interface-OPWiA8hK.d.cts +0 -42
- package/lib/permission.serializer-Bw7vv2Ur.d.cts +0 -7
- package/lib/permission.serializer-Cxa376w7.cjs +0 -22
- package/lib/permission.serializer-Cxa376w7.cjs.map +0 -1
- package/lib/pipes/interfaces/access-token.interface.cjs +0 -0
- package/lib/pipes/interfaces/access-token.interface.d.cts +0 -2
- package/lib/pipes/interfaces/access-token.interface.d.ts +0 -18
- package/lib/pipes/interfaces/access-token.interface.js +0 -1
- package/lib/pipes/interfaces/get-access-token.interface.cjs +0 -0
- package/lib/pipes/interfaces/get-access-token.interface.d.cts +0 -2
- package/lib/pipes/interfaces/get-access-token.interface.d.ts +0 -32
- package/lib/pipes/interfaces/get-access-token.interface.js +0 -1
- package/lib/pipes/pipes.cjs +0 -3
- package/lib/pipes/pipes.d.cts +0 -2
- package/lib/pipes/pipes.d.ts +0 -17
- package/lib/pipes/pipes.js +0 -16
- package/lib/pipes/pipes.js.map +0 -1
- package/lib/pipes/serializers/access-token.serializer.cjs +0 -3
- package/lib/pipes/serializers/access-token.serializer.d.cts +0 -7
- package/lib/pipes/serializers/access-token.serializer.d.ts +0 -7
- package/lib/pipes/serializers/access-token.serializer.js +0 -14
- package/lib/pipes/serializers/access-token.serializer.js.map +0 -1
- package/lib/pipes/serializers/get-access-token.serializer.cjs +0 -4
- package/lib/pipes/serializers/get-access-token.serializer.d.cts +0 -8
- package/lib/pipes/serializers/get-access-token.serializer.d.ts +0 -8
- package/lib/pipes/serializers/get-access-token.serializer.js +0 -23
- package/lib/pipes/serializers/get-access-token.serializer.js.map +0 -1
- package/lib/pipes-C6PJAgY4.cjs +0 -21
- package/lib/pipes-C6PJAgY4.cjs.map +0 -1
- package/lib/pkce/pkce.cjs +0 -3
- package/lib/pkce/pkce.d.cts +0 -2
- package/lib/pkce/pkce.d.ts +0 -38
- package/lib/pkce/pkce.js +0 -53
- package/lib/pkce/pkce.js.map +0 -1
- package/lib/pkce-BNs390-T.d.cts +0 -38
- package/lib/pkce-Bu_KcDMw.cjs +0 -59
- package/lib/pkce-Bu_KcDMw.cjs.map +0 -1
- package/lib/portal/interfaces/generate-portal-link-intent.interface.cjs +0 -3
- package/lib/portal/interfaces/generate-portal-link-intent.interface.d.cts +0 -2
- package/lib/portal/interfaces/generate-portal-link-intent.interface.d.ts +0 -13
- package/lib/portal/interfaces/generate-portal-link-intent.interface.js +0 -15
- package/lib/portal/interfaces/generate-portal-link-intent.interface.js.map +0 -1
- package/lib/portal/interfaces/index.cjs +0 -3
- package/lib/portal/interfaces/index.d.cts +0 -2
- package/lib/portal/interfaces/index.d.ts +0 -2
- package/lib/portal/interfaces/index.js +0 -3
- package/lib/portal/portal.cjs +0 -3
- package/lib/portal/portal.d.cts +0 -2
- package/lib/portal/portal.d.ts +0 -24
- package/lib/portal/portal.js +0 -19
- package/lib/portal/portal.js.map +0 -1
- package/lib/portal-Bw4FWwRi.cjs +0 -25
- package/lib/portal-Bw4FWwRi.cjs.map +0 -1
- package/lib/post-options.interface-8YBGzFMW.cjs +0 -0
- package/lib/post-options.interface-BR5jQA4x.d.cts +0 -13
- package/lib/profile-and-token.interface-B7LtTM4T.cjs +0 -0
- package/lib/profile-and-token.serializer-DfWI_L92.cjs +0 -18
- package/lib/profile-and-token.serializer-DfWI_L92.cjs.map +0 -1
- package/lib/profile-and-token.serializer-Zr1vKJjC.d.cts +0 -8
- package/lib/profile.interface-Ikyg1dXV.cjs +0 -0
- package/lib/profile.serializer-BjxW-2CT.d.cts +0 -8
- package/lib/profile.serializer-DM0Zpbrc.cjs +0 -26
- package/lib/profile.serializer-DM0Zpbrc.cjs.map +0 -1
- package/lib/put-options.interface-DyDiwQjk.cjs +0 -0
- package/lib/put-options.interface-VXax1_sR.d.cts +0 -12
- package/lib/query-options.serializer-B3PH3QRw.cjs +0 -19
- package/lib/query-options.serializer-B3PH3QRw.cjs.map +0 -1
- package/lib/query-options.serializer-DffmenXK.d.cts +0 -7
- package/lib/query-result.serializer-DFKCaIAe.d.cts +0 -12
- package/lib/query-result.serializer-DvOD-ib6.cjs +0 -28
- package/lib/query-result.serializer-DvOD-ib6.cjs.map +0 -1
- package/lib/query-string-DJDFy7sp.cjs +0 -40
- package/lib/query-string-DJDFy7sp.cjs.map +0 -1
- package/lib/query.interface-Bn03fUFS.d.cts +0 -35
- package/lib/query.interface-DtqCj1pM.cjs +0 -0
- package/lib/rate-limit-exceeded.exception-BkM54IsX.d.cts +0 -18
- package/lib/rate-limit-exceeded.exception-DwIKSjgt.cjs +0 -19
- package/lib/rate-limit-exceeded.exception-DwIKSjgt.cjs.map +0 -1
- package/lib/read-object.interface-DxLLeoRt.cjs +0 -0
- package/lib/read-object.interface-iqgpJxLj.d.cts +0 -25
- package/lib/refresh-and-seal-session-data.interface-BQRY5jDN.cjs +0 -19
- package/lib/refresh-and-seal-session-data.interface-BQRY5jDN.cjs.map +0 -1
- package/lib/refresh-and-seal-session-data.interface-CfKqrf2N.d.cts +0 -24
- package/lib/remove-flag-target-options.interface-D4j_miMD.d.cts +0 -8
- package/lib/remove-flag-target-options.interface-DyBUaupv.cjs +0 -0
- package/lib/remove-organization-role-permission-options.interface-B5nIrOvq.cjs +0 -0
- package/lib/remove-organization-role-permission-options.interface-wLcPXpuW.d.cts +0 -7
- package/lib/remove-role-assignment-options.interface-Bdsr91u1.cjs +0 -0
- package/lib/remove-role-assignment-options.interface-D0qpb2wr.d.cts +0 -8
- package/lib/remove-role-options.interface-C05Tjj04.d.cts +0 -19
- package/lib/remove-role-options.interface-aSK65AAy.cjs +0 -0
- package/lib/remove-role-options.serializer-D_YKoTt5.cjs +0 -19
- package/lib/remove-role-options.serializer-D_YKoTt5.cjs.map +0 -1
- package/lib/remove-role-options.serializer-MXH-zTEQ.d.cts +0 -7
- package/lib/request-exception.interface-CuuezHgg.d.cts +0 -9
- package/lib/resend-invitation-options.interface-5-DjRWwi.d.cts +0 -12
- package/lib/resend-invitation-options.interface-CRNqm7lR.cjs +0 -0
- package/lib/resend-invitation-options.serializer-Bm4mW-1L.cjs +0 -12
- package/lib/resend-invitation-options.serializer-Bm4mW-1L.cjs.map +0 -1
- package/lib/reset-password-options.interface-DAmF6JPe.cjs +0 -0
- package/lib/reset-password-options.interface-DR1PHcVr.d.cts +0 -12
- package/lib/reset-password-options.serializer-6VTahIzL.cjs +0 -15
- package/lib/reset-password-options.serializer-6VTahIzL.cjs.map +0 -1
- package/lib/reset-password-options.serializer-B-yKukZL.d.cts +0 -7
- package/lib/resource-op.enum-DpcuVeOX.d.cts +0 -8
- package/lib/resource-op.enum-lyCNZOG-.cjs +0 -16
- package/lib/resource-op.enum-lyCNZOG-.cjs.map +0 -1
- package/lib/resource.interface-1aq4-7ME.cjs +0 -0
- package/lib/resource.interface-DdilIYi7.d.cts +0 -77
- package/lib/resource.serializer-C3woPtVQ.cjs +0 -25
- package/lib/resource.serializer-C3woPtVQ.cjs.map +0 -1
- package/lib/resource.serializer-Das8RBBH.d.cts +0 -8
- package/lib/response-payload.interface-BxqIcrma.d.cts +0 -26
- package/lib/response-payload.interface-vwwiY4s6.cjs +0 -0
- package/lib/revoke-session-options.interface-BW7f0pb7.d.cts +0 -11
- package/lib/revoke-session-options.interface-DWpnqU2p.cjs +0 -12
- package/lib/revoke-session-options.interface-DWpnqU2p.cjs.map +0 -1
- package/lib/role-assignment.interface-CQVAgfeO.cjs +0 -0
- package/lib/role-assignment.interface-ChR_OANy.d.cts +0 -49
- package/lib/role-assignment.serializer-CNEsj7hN.d.cts +0 -7
- package/lib/role-assignment.serializer-D7MAb-zC.cjs +0 -23
- package/lib/role-assignment.serializer-D7MAb-zC.cjs.map +0 -1
- package/lib/role.interface-Bjkku_tB.cjs +0 -0
- package/lib/role.serializer-BmSjBq3i.cjs +0 -22
- package/lib/role.serializer-BmSjBq3i.cjs.map +0 -1
- package/lib/role.serializer-yTKLys-u.cjs +0 -18
- package/lib/role.serializer-yTKLys-u.cjs.map +0 -1
- package/lib/roles/interfaces/index.cjs +0 -0
- package/lib/roles/interfaces/index.d.cts +0 -2
- package/lib/roles/interfaces/index.d.ts +0 -2
- package/lib/roles/interfaces/index.js +0 -1
- package/lib/roles/interfaces/role.interface.cjs +0 -0
- package/lib/roles/interfaces/role.interface.d.cts +0 -2
- package/lib/roles/interfaces/role.interface.d.ts +0 -67
- package/lib/roles/interfaces/role.interface.js +0 -1
- package/lib/roles/serializers/role.serializer.cjs +0 -3
- package/lib/roles/serializers/role.serializer.d.cts +0 -7
- package/lib/roles/serializers/role.serializer.d.ts +0 -7
- package/lib/roles/serializers/role.serializer.js +0 -16
- package/lib/roles/serializers/role.serializer.js.map +0 -1
- package/lib/runtime-info-D11Gtx8I.cjs +0 -56
- package/lib/runtime-info-D11Gtx8I.cjs.map +0 -1
- package/lib/seal-BDnUayLx.cjs +0 -315
- package/lib/seal-BDnUayLx.cjs.map +0 -1
- package/lib/send-invitation-options.interface-CmHj_ls3.cjs +0 -0
- package/lib/send-invitation-options.interface-DtIC4uoS.d.cts +0 -22
- package/lib/send-invitation-options.serializer-DoSLFoca.cjs +0 -19
- package/lib/send-invitation-options.serializer-DoSLFoca.cjs.map +0 -1
- package/lib/send-session-response.interface-CnYzQ75X.cjs +0 -0
- package/lib/send-session-response.interface-DrY_UidP.d.cts +0 -8
- package/lib/send-verification-email-options.interface-IMaY7OHw.d.cts +0 -7
- package/lib/send-verification-email-options.interface-KE6HXoGl.cjs +0 -0
- package/lib/serializers-1DJGR2Bq.cjs +0 -0
- package/lib/serializers-AObKGeJ9.cjs +0 -0
- package/lib/serializers-BdASmY_9.cjs +0 -0
- package/lib/serializers-C_P8R3U5.cjs +0 -0
- package/lib/serializers-Cg02bBkh.cjs +0 -0
- package/lib/serializers-CzTjSkin.cjs +0 -0
- package/lib/serializers-D7IALzFJ.cjs +0 -0
- package/lib/serializers-DGbHryl9.cjs +0 -0
- package/lib/serializers-DMjnDh0k.cjs +0 -0
- package/lib/serializers-mApGhp2E.cjs +0 -0
- package/lib/serializers-trBM15Pj.cjs +0 -0
- package/lib/serializers-xzNg-6UC.cjs +0 -0
- package/lib/session-Beigw6Nc.cjs +0 -144
- package/lib/session-Beigw6Nc.cjs.map +0 -1
- package/lib/session-handler-options.interface-i1Q3y3CN.d.cts +0 -9
- package/lib/session.interface-DEkXnpLu.d.cts +0 -38
- package/lib/session.interface-DTlTOZpJ.cjs +0 -0
- package/lib/session.serializer-B63NxvRH.cjs +0 -26
- package/lib/session.serializer-B63NxvRH.cjs.map +0 -1
- package/lib/session.serializer-Cw08JZKf.d.cts +0 -7
- package/lib/set-environment-role-permissions-options.interface-BZKVKr61.d.cts +0 -7
- package/lib/set-environment-role-permissions-options.interface-DkP1-5Qw.cjs +0 -0
- package/lib/set-organization-role-permissions-options.interface-B5ETA0fj.d.cts +0 -7
- package/lib/set-organization-role-permissions-options.interface-C6GsAkHc.cjs +0 -0
- package/lib/signature-provider-DBHzmT8N.cjs +0 -38
- package/lib/signature-provider-DBHzmT8N.cjs.map +0 -1
- package/lib/signature-verification.exception-BGEX3tOK.d.cts +0 -8
- package/lib/signature-verification.exception-Dc1gSCYD.cjs +0 -17
- package/lib/signature-verification.exception-Dc1gSCYD.cjs.map +0 -1
- package/lib/sms.interface-CmOBSCNB.d.cts +0 -10
- package/lib/sms.serializer-D2a3LAEN.cjs +0 -12
- package/lib/sms.serializer-D2a3LAEN.cjs.map +0 -1
- package/lib/sso/interfaces/authorization-url-options.interface.cjs +0 -0
- package/lib/sso/interfaces/authorization-url-options.interface.d.cts +0 -2
- package/lib/sso/interfaces/authorization-url-options.interface.d.ts +0 -55
- package/lib/sso/interfaces/authorization-url-options.interface.js +0 -1
- package/lib/sso/interfaces/connection-type.enum.cjs +0 -3
- package/lib/sso/interfaces/connection-type.enum.d.cts +0 -2
- package/lib/sso/interfaces/connection-type.enum.d.ts +0 -41
- package/lib/sso/interfaces/connection-type.enum.js +0 -43
- package/lib/sso/interfaces/connection-type.enum.js.map +0 -1
- package/lib/sso/interfaces/connection.interface.cjs +0 -0
- package/lib/sso/interfaces/connection.interface.d.cts +0 -2
- package/lib/sso/interfaces/connection.interface.d.ts +0 -33
- package/lib/sso/interfaces/connection.interface.js +0 -1
- package/lib/sso/interfaces/get-profile-and-token-options.interface.cjs +0 -0
- package/lib/sso/interfaces/get-profile-and-token-options.interface.d.cts +0 -2
- package/lib/sso/interfaces/get-profile-and-token-options.interface.d.ts +0 -14
- package/lib/sso/interfaces/get-profile-and-token-options.interface.js +0 -1
- package/lib/sso/interfaces/get-profile-options.interface.cjs +0 -0
- package/lib/sso/interfaces/get-profile-options.interface.d.cts +0 -2
- package/lib/sso/interfaces/get-profile-options.interface.d.ts +0 -7
- package/lib/sso/interfaces/get-profile-options.interface.js +0 -1
- package/lib/sso/interfaces/index.cjs +0 -3
- package/lib/sso/interfaces/index.d.cts +0 -8
- package/lib/sso/interfaces/index.d.ts +0 -9
- package/lib/sso/interfaces/index.js +0 -3
- package/lib/sso/interfaces/list-connections-options.interface.cjs +0 -0
- package/lib/sso/interfaces/list-connections-options.interface.d.cts +0 -2
- package/lib/sso/interfaces/list-connections-options.interface.d.ts +0 -17
- package/lib/sso/interfaces/list-connections-options.interface.js +0 -1
- package/lib/sso/interfaces/profile-and-token.interface.cjs +0 -0
- package/lib/sso/interfaces/profile-and-token.interface.d.cts +0 -2
- package/lib/sso/interfaces/profile-and-token.interface.d.ts +0 -18
- package/lib/sso/interfaces/profile-and-token.interface.js +0 -1
- package/lib/sso/interfaces/profile.interface.cjs +0 -0
- package/lib/sso/interfaces/profile.interface.d.cts +0 -2
- package/lib/sso/interfaces/profile.interface.d.ts +0 -42
- package/lib/sso/interfaces/profile.interface.js +0 -1
- package/lib/sso/serializers/connection.serializer.cjs +0 -3
- package/lib/sso/serializers/connection.serializer.d.cts +0 -2
- package/lib/sso/serializers/connection.serializer.d.ts +0 -7
- package/lib/sso/serializers/connection.serializer.js +0 -16
- package/lib/sso/serializers/connection.serializer.js.map +0 -1
- package/lib/sso/serializers/index.cjs +0 -9
- package/lib/sso/serializers/index.d.cts +0 -5
- package/lib/sso/serializers/index.d.ts +0 -5
- package/lib/sso/serializers/index.js +0 -6
- package/lib/sso/serializers/list-connections-options.serializer.cjs +0 -3
- package/lib/sso/serializers/list-connections-options.serializer.d.cts +0 -2
- package/lib/sso/serializers/list-connections-options.serializer.d.ts +0 -7
- package/lib/sso/serializers/list-connections-options.serializer.js +0 -14
- package/lib/sso/serializers/list-connections-options.serializer.js.map +0 -1
- package/lib/sso/serializers/profile-and-token.serializer.cjs +0 -3
- package/lib/sso/serializers/profile-and-token.serializer.d.cts +0 -2
- package/lib/sso/serializers/profile-and-token.serializer.d.ts +0 -8
- package/lib/sso/serializers/profile-and-token.serializer.js +0 -13
- package/lib/sso/serializers/profile-and-token.serializer.js.map +0 -1
- package/lib/sso/serializers/profile.serializer.cjs +0 -3
- package/lib/sso/serializers/profile.serializer.d.cts +0 -2
- package/lib/sso/serializers/profile.serializer.d.ts +0 -8
- package/lib/sso/serializers/profile.serializer.js +0 -20
- package/lib/sso/serializers/profile.serializer.js.map +0 -1
- package/lib/sso/sso.cjs +0 -3
- package/lib/sso/sso.d.cts +0 -2
- package/lib/sso/sso.d.ts +0 -69
- package/lib/sso/sso.js +0 -130
- package/lib/sso/sso.js.map +0 -1
- package/lib/sso-D_9tMqlC.cjs +0 -135
- package/lib/sso-D_9tMqlC.cjs.map +0 -1
- package/lib/subtle-crypto-provider-RQC7QPlf.cjs +0 -99
- package/lib/subtle-crypto-provider-RQC7QPlf.cjs.map +0 -1
- package/lib/totp.interface-DPRsa_Dc.d.cts +0 -22
- package/lib/totp.serializer-DlQAVrBt.cjs +0 -32
- package/lib/totp.serializer-DlQAVrBt.cjs.map +0 -1
- package/lib/unauthorized.exception-D6PAzuDw.d.cts +0 -13
- package/lib/unauthorized.exception-hTKkIjP4.cjs +0 -21
- package/lib/unauthorized.exception-hTKkIjP4.cjs.map +0 -1
- package/lib/unknown-record.interface-KDwjwNHM.d.cts +0 -5
- package/lib/unprocessable-entity-error.interface-BYalF3nu.cjs +0 -0
- package/lib/unprocessable-entity-error.interface-sHivwO3Z.d.cts +0 -8
- package/lib/unprocessable-entity.exception-B6blaqq0.d.cts +0 -25
- package/lib/unprocessable-entity.exception-BdCyQCYX.cjs +0 -28
- package/lib/unprocessable-entity.exception-BdCyQCYX.cjs.map +0 -1
- package/lib/unreachable-BxbjIt8H.cjs +0 -23
- package/lib/unreachable-BxbjIt8H.cjs.map +0 -1
- package/lib/update-authorization-resource-by-external-id-options.interface-VdkOB-85.d.cts +0 -11
- package/lib/update-authorization-resource-by-external-id-options.interface-mN_nsHCu.cjs +0 -0
- package/lib/update-authorization-resource-by-external-id-options.serializer-CKKinNuy.d.cts +0 -8
- package/lib/update-authorization-resource-by-external-id-options.serializer-CY2Lbl7g.cjs +0 -15
- package/lib/update-authorization-resource-by-external-id-options.serializer-CY2Lbl7g.cjs.map +0 -1
- package/lib/update-authorization-resource-options.serializer-BGRYW1ci.d.cts +0 -7
- package/lib/update-authorization-resource-options.serializer-D-xkj_s1.cjs +0 -15
- package/lib/update-authorization-resource-options.serializer-D-xkj_s1.cjs.map +0 -1
- package/lib/update-environment-role-options.interface-B9n2iznD.cjs +0 -0
- package/lib/update-environment-role-options.interface-DmxJlvJj.d.cts +0 -12
- package/lib/update-environment-role-options.serializer-2Ov89Yww.d.cts +0 -7
- package/lib/update-environment-role-options.serializer-BQtOkLrr.cjs +0 -15
- package/lib/update-environment-role-options.serializer-BQtOkLrr.cjs.map +0 -1
- package/lib/update-object.interface-EhYczOkX.d.cts +0 -13
- package/lib/update-object.interface-nhE3xAFf.cjs +0 -0
- package/lib/update-organization-membership-options.interface-CBFTtRh2.d.cts +0 -12
- package/lib/update-organization-membership-options.interface-CjgSH1bc.cjs +0 -0
- package/lib/update-organization-membership-options.serializer-BlMg2vFm.cjs +0 -15
- package/lib/update-organization-membership-options.serializer-BlMg2vFm.cjs.map +0 -1
- package/lib/update-organization-options.interface-CL0f4NZm.cjs +0 -0
- package/lib/update-organization-options.interface-Dz9Iuz5W.d.cts +0 -21
- package/lib/update-organization-options.serializer-DWh4RlX3.cjs +0 -18
- package/lib/update-organization-options.serializer-DWh4RlX3.cjs.map +0 -1
- package/lib/update-organization-options.serializer-vLJg7x0x.d.cts +0 -7
- package/lib/update-organization-role-options.interface-B7y-X0Wq.cjs +0 -0
- package/lib/update-organization-role-options.interface-DmZR0gHw.d.cts +0 -12
- package/lib/update-organization-role-options.serializer-CCFmpMNA.cjs +0 -15
- package/lib/update-organization-role-options.serializer-CCFmpMNA.cjs.map +0 -1
- package/lib/update-organization-role-options.serializer-CbdE5-dZ.d.cts +0 -7
- package/lib/update-permission-options.interface-BUmoAwcY.d.cts +0 -12
- package/lib/update-permission-options.interface-DCG5a3S7.cjs +0 -0
- package/lib/update-permission-options.serializer-B2xClQjZ.cjs +0 -15
- package/lib/update-permission-options.serializer-B2xClQjZ.cjs.map +0 -1
- package/lib/update-permission-options.serializer-CvF0WPcI.d.cts +0 -7
- package/lib/update-user-options.interface-628EegED.cjs +0 -0
- package/lib/update-user-options.interface-CzrbRCX7.d.cts +0 -31
- package/lib/update-user-options.serializer-C7da_R08.d.cts +0 -7
- package/lib/update-user-options.serializer-H11lRdjH.cjs +0 -23
- package/lib/update-user-options.serializer-H11lRdjH.cjs.map +0 -1
- package/lib/update-user-password-options.interface-CN6_YJse.d.cts +0 -11
- package/lib/update-user-password-options.interface-MkvrPqTk.cjs +0 -0
- package/lib/update-user-password-options.serializer-CY9Ckmqw.cjs +0 -12
- package/lib/update-user-password-options.serializer-CY9Ckmqw.cjs.map +0 -1
- package/lib/update-user-password-options.serializer-D67Lr4m1.d.cts +0 -7
- package/lib/user-management/interfaces/authenticate-with-code-and-verifier-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/authenticate-with-code-and-verifier-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authenticate-with-code-and-verifier-options.interface.d.ts +0 -17
- package/lib/user-management/interfaces/authenticate-with-code-and-verifier-options.interface.js +0 -1
- package/lib/user-management/interfaces/authenticate-with-code-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/authenticate-with-code-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authenticate-with-code-options.interface.d.ts +0 -20
- package/lib/user-management/interfaces/authenticate-with-code-options.interface.js +0 -1
- package/lib/user-management/interfaces/authenticate-with-email-verification-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/authenticate-with-email-verification-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authenticate-with-email-verification-options.interface.d.ts +0 -18
- package/lib/user-management/interfaces/authenticate-with-email-verification-options.interface.js +0 -1
- package/lib/user-management/interfaces/authenticate-with-magic-auth-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/authenticate-with-magic-auth-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authenticate-with-magic-auth-options.interface.d.ts +0 -22
- package/lib/user-management/interfaces/authenticate-with-magic-auth-options.interface.js +0 -1
- package/lib/user-management/interfaces/authenticate-with-options-base.interface.cjs +0 -0
- package/lib/user-management/interfaces/authenticate-with-options-base.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authenticate-with-options-base.interface.d.ts +0 -41
- package/lib/user-management/interfaces/authenticate-with-options-base.interface.js +0 -1
- package/lib/user-management/interfaces/authenticate-with-organization-selection.interface.cjs +0 -0
- package/lib/user-management/interfaces/authenticate-with-organization-selection.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authenticate-with-organization-selection.interface.d.ts +0 -18
- package/lib/user-management/interfaces/authenticate-with-organization-selection.interface.js +0 -1
- package/lib/user-management/interfaces/authenticate-with-password-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/authenticate-with-password-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authenticate-with-password-options.interface.d.ts +0 -20
- package/lib/user-management/interfaces/authenticate-with-password-options.interface.js +0 -1
- package/lib/user-management/interfaces/authenticate-with-refresh-token-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/authenticate-with-refresh-token-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authenticate-with-refresh-token-options.interface.d.ts +0 -18
- package/lib/user-management/interfaces/authenticate-with-refresh-token-options.interface.js +0 -1
- package/lib/user-management/interfaces/authenticate-with-refresh-token-public-client-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/authenticate-with-refresh-token-public-client-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authenticate-with-refresh-token-public-client-options.interface.d.ts +0 -16
- package/lib/user-management/interfaces/authenticate-with-refresh-token-public-client-options.interface.js +0 -1
- package/lib/user-management/interfaces/authenticate-with-session-cookie.interface.cjs +0 -3
- package/lib/user-management/interfaces/authenticate-with-session-cookie.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authenticate-with-session-cookie.interface.d.ts +0 -45
- package/lib/user-management/interfaces/authenticate-with-session-cookie.interface.js +0 -11
- package/lib/user-management/interfaces/authenticate-with-session-cookie.interface.js.map +0 -1
- package/lib/user-management/interfaces/authenticate-with-totp-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/authenticate-with-totp-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authenticate-with-totp-options.interface.d.ts +0 -20
- package/lib/user-management/interfaces/authenticate-with-totp-options.interface.js +0 -1
- package/lib/user-management/interfaces/authentication-event.interface.cjs +0 -0
- package/lib/user-management/interfaces/authentication-event.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authentication-event.interface.d.ts +0 -28
- package/lib/user-management/interfaces/authentication-event.interface.js +0 -1
- package/lib/user-management/interfaces/authentication-radar-risk-detected-event.interface.cjs +0 -0
- package/lib/user-management/interfaces/authentication-radar-risk-detected-event.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authentication-radar-risk-detected-event.interface.d.ts +0 -24
- package/lib/user-management/interfaces/authentication-radar-risk-detected-event.interface.js +0 -1
- package/lib/user-management/interfaces/authentication-response.interface.cjs +0 -0
- package/lib/user-management/interfaces/authentication-response.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authentication-response.interface.d.ts +0 -28
- package/lib/user-management/interfaces/authentication-response.interface.js +0 -1
- package/lib/user-management/interfaces/authorization-url-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/authorization-url-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/authorization-url-options.interface.d.ts +0 -45
- package/lib/user-management/interfaces/authorization-url-options.interface.js +0 -1
- package/lib/user-management/interfaces/create-magic-auth-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/create-magic-auth-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/create-magic-auth-options.interface.d.ts +0 -12
- package/lib/user-management/interfaces/create-magic-auth-options.interface.js +0 -1
- package/lib/user-management/interfaces/create-organization-membership-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/create-organization-membership-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/create-organization-membership-options.interface.d.ts +0 -16
- package/lib/user-management/interfaces/create-organization-membership-options.interface.js +0 -1
- package/lib/user-management/interfaces/create-password-reset-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/create-password-reset-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/create-password-reset-options.interface.d.ts +0 -10
- package/lib/user-management/interfaces/create-password-reset-options.interface.js +0 -1
- package/lib/user-management/interfaces/create-user-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/create-user-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/create-user-options.interface.d.ts +0 -28
- package/lib/user-management/interfaces/create-user-options.interface.js +0 -1
- package/lib/user-management/interfaces/email-verification.interface.cjs +0 -0
- package/lib/user-management/interfaces/email-verification.interface.d.cts +0 -2
- package/lib/user-management/interfaces/email-verification.interface.d.ts +0 -42
- package/lib/user-management/interfaces/email-verification.interface.js +0 -1
- package/lib/user-management/interfaces/enroll-auth-factor.interface.cjs +0 -0
- package/lib/user-management/interfaces/enroll-auth-factor.interface.d.cts +0 -2
- package/lib/user-management/interfaces/enroll-auth-factor.interface.d.ts +0 -17
- package/lib/user-management/interfaces/enroll-auth-factor.interface.js +0 -1
- package/lib/user-management/interfaces/factor.interface.cjs +0 -0
- package/lib/user-management/interfaces/factor.interface.d.cts +0 -2
- package/lib/user-management/interfaces/factor.interface.d.ts +0 -42
- package/lib/user-management/interfaces/factor.interface.js +0 -1
- package/lib/user-management/interfaces/identity.interface.cjs +0 -0
- package/lib/user-management/interfaces/identity.interface.d.cts +0 -2
- package/lib/user-management/interfaces/identity.interface.d.ts +0 -14
- package/lib/user-management/interfaces/identity.interface.js +0 -1
- package/lib/user-management/interfaces/impersonator.interface.cjs +0 -0
- package/lib/user-management/interfaces/impersonator.interface.d.cts +0 -2
- package/lib/user-management/interfaces/impersonator.interface.d.ts +0 -12
- package/lib/user-management/interfaces/impersonator.interface.js +0 -1
- package/lib/user-management/interfaces/index.cjs +0 -7
- package/lib/user-management/interfaces/index.d.cts +0 -46
- package/lib/user-management/interfaces/index.d.ts +0 -50
- package/lib/user-management/interfaces/index.js +0 -5
- package/lib/user-management/interfaces/invitation.interface.cjs +0 -0
- package/lib/user-management/interfaces/invitation.interface.d.cts +0 -2
- package/lib/user-management/interfaces/invitation.interface.d.ts +0 -64
- package/lib/user-management/interfaces/invitation.interface.js +0 -1
- package/lib/user-management/interfaces/list-auth-factors-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/list-auth-factors-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/list-auth-factors-options.interface.d.ts +0 -9
- package/lib/user-management/interfaces/list-auth-factors-options.interface.js +0 -1
- package/lib/user-management/interfaces/list-invitations-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/list-invitations-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/list-invitations-options.interface.d.ts +0 -14
- package/lib/user-management/interfaces/list-invitations-options.interface.js +0 -1
- package/lib/user-management/interfaces/list-organization-memberships-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/list-organization-memberships-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/list-organization-memberships-options.interface.d.ts +0 -21
- package/lib/user-management/interfaces/list-organization-memberships-options.interface.js +0 -1
- package/lib/user-management/interfaces/list-sessions-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/list-sessions-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/list-sessions-options.interface.d.ts +0 -8
- package/lib/user-management/interfaces/list-sessions-options.interface.js +0 -1
- package/lib/user-management/interfaces/list-user-feature-flags-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/list-user-feature-flags-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/list-user-feature-flags-options.interface.d.ts +0 -9
- package/lib/user-management/interfaces/list-user-feature-flags-options.interface.js +0 -1
- package/lib/user-management/interfaces/list-users-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/list-users-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/list-users-options.interface.d.ts +0 -14
- package/lib/user-management/interfaces/list-users-options.interface.js +0 -1
- package/lib/user-management/interfaces/locale.interface.cjs +0 -0
- package/lib/user-management/interfaces/locale.interface.d.cts +0 -2
- package/lib/user-management/interfaces/locale.interface.d.ts +0 -5
- package/lib/user-management/interfaces/locale.interface.js +0 -1
- package/lib/user-management/interfaces/logout-url-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/logout-url-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/logout-url-options.interface.d.ts +0 -8
- package/lib/user-management/interfaces/logout-url-options.interface.js +0 -1
- package/lib/user-management/interfaces/magic-auth.interface.cjs +0 -0
- package/lib/user-management/interfaces/magic-auth.interface.d.cts +0 -2
- package/lib/user-management/interfaces/magic-auth.interface.d.ts +0 -42
- package/lib/user-management/interfaces/magic-auth.interface.js +0 -1
- package/lib/user-management/interfaces/oauth-tokens.interface.cjs +0 -0
- package/lib/user-management/interfaces/oauth-tokens.interface.d.cts +0 -2
- package/lib/user-management/interfaces/oauth-tokens.interface.d.ts +0 -16
- package/lib/user-management/interfaces/oauth-tokens.interface.js +0 -1
- package/lib/user-management/interfaces/organization-membership.interface.cjs +0 -0
- package/lib/user-management/interfaces/organization-membership.interface.d.cts +0 -2
- package/lib/user-management/interfaces/organization-membership.interface.d.ts +0 -55
- package/lib/user-management/interfaces/organization-membership.interface.js +0 -1
- package/lib/user-management/interfaces/password-hash-type.interface.cjs +0 -0
- package/lib/user-management/interfaces/password-hash-type.interface.d.cts +0 -2
- package/lib/user-management/interfaces/password-hash-type.interface.d.ts +0 -5
- package/lib/user-management/interfaces/password-hash-type.interface.js +0 -1
- package/lib/user-management/interfaces/password-reset.interface.cjs +0 -0
- package/lib/user-management/interfaces/password-reset.interface.d.cts +0 -2
- package/lib/user-management/interfaces/password-reset.interface.d.ts +0 -40
- package/lib/user-management/interfaces/password-reset.interface.js +0 -1
- package/lib/user-management/interfaces/refresh-and-seal-session-data.interface.cjs +0 -3
- package/lib/user-management/interfaces/refresh-and-seal-session-data.interface.d.cts +0 -2
- package/lib/user-management/interfaces/refresh-and-seal-session-data.interface.d.ts +0 -24
- package/lib/user-management/interfaces/refresh-and-seal-session-data.interface.js +0 -13
- package/lib/user-management/interfaces/refresh-and-seal-session-data.interface.js.map +0 -1
- package/lib/user-management/interfaces/resend-invitation-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/resend-invitation-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/resend-invitation-options.interface.d.ts +0 -12
- package/lib/user-management/interfaces/resend-invitation-options.interface.js +0 -1
- package/lib/user-management/interfaces/reset-password-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/reset-password-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/reset-password-options.interface.d.ts +0 -12
- package/lib/user-management/interfaces/reset-password-options.interface.js +0 -1
- package/lib/user-management/interfaces/revoke-session-options.interface.cjs +0 -3
- package/lib/user-management/interfaces/revoke-session-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/revoke-session-options.interface.d.ts +0 -11
- package/lib/user-management/interfaces/revoke-session-options.interface.js +0 -6
- package/lib/user-management/interfaces/revoke-session-options.interface.js.map +0 -1
- package/lib/user-management/interfaces/send-invitation-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/send-invitation-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/send-invitation-options.interface.d.ts +0 -22
- package/lib/user-management/interfaces/send-invitation-options.interface.js +0 -1
- package/lib/user-management/interfaces/send-verification-email-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/send-verification-email-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/send-verification-email-options.interface.d.ts +0 -7
- package/lib/user-management/interfaces/send-verification-email-options.interface.js +0 -1
- package/lib/user-management/interfaces/session-handler-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/session-handler-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/session-handler-options.interface.d.ts +0 -9
- package/lib/user-management/interfaces/session-handler-options.interface.js +0 -1
- package/lib/user-management/interfaces/session.interface.cjs +0 -0
- package/lib/user-management/interfaces/session.interface.d.cts +0 -2
- package/lib/user-management/interfaces/session.interface.d.ts +0 -38
- package/lib/user-management/interfaces/session.interface.js +0 -1
- package/lib/user-management/interfaces/update-organization-membership-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/update-organization-membership-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/update-organization-membership-options.interface.d.ts +0 -12
- package/lib/user-management/interfaces/update-organization-membership-options.interface.js +0 -1
- package/lib/user-management/interfaces/update-user-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/update-user-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/update-user-options.interface.d.ts +0 -31
- package/lib/user-management/interfaces/update-user-options.interface.js +0 -1
- package/lib/user-management/interfaces/update-user-password-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/update-user-password-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/update-user-password-options.interface.d.ts +0 -11
- package/lib/user-management/interfaces/update-user-password-options.interface.js +0 -1
- package/lib/user-management/interfaces/user.interface.cjs +0 -0
- package/lib/user-management/interfaces/user.interface.d.cts +0 -2
- package/lib/user-management/interfaces/user.interface.d.ts +0 -34
- package/lib/user-management/interfaces/user.interface.js +0 -1
- package/lib/user-management/interfaces/verify-email-options.interface.cjs +0 -0
- package/lib/user-management/interfaces/verify-email-options.interface.d.cts +0 -2
- package/lib/user-management/interfaces/verify-email-options.interface.d.ts +0 -11
- package/lib/user-management/interfaces/verify-email-options.interface.js +0 -1
- package/lib/user-management/serializers/authenticate-with-code-and-verifier-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/authenticate-with-code-and-verifier-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/authenticate-with-code-and-verifier-options.serializer.d.ts +0 -8
- package/lib/user-management/serializers/authenticate-with-code-and-verifier-options.serializer.js +0 -14
- package/lib/user-management/serializers/authenticate-with-code-and-verifier-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/authenticate-with-code-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/authenticate-with-code-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/authenticate-with-code-options.serializer.d.ts +0 -8
- package/lib/user-management/serializers/authenticate-with-code-options.serializer.js +0 -15
- package/lib/user-management/serializers/authenticate-with-code-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/authenticate-with-email-verification.serializer.cjs +0 -3
- package/lib/user-management/serializers/authenticate-with-email-verification.serializer.d.cts +0 -8
- package/lib/user-management/serializers/authenticate-with-email-verification.serializer.d.ts +0 -8
- package/lib/user-management/serializers/authenticate-with-email-verification.serializer.js +0 -14
- package/lib/user-management/serializers/authenticate-with-email-verification.serializer.js.map +0 -1
- package/lib/user-management/serializers/authenticate-with-magic-auth-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/authenticate-with-magic-auth-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/authenticate-with-magic-auth-options.serializer.d.ts +0 -8
- package/lib/user-management/serializers/authenticate-with-magic-auth-options.serializer.js +0 -16
- package/lib/user-management/serializers/authenticate-with-magic-auth-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/authenticate-with-organization-selection-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/authenticate-with-organization-selection-options.serializer.d.cts +0 -8
- package/lib/user-management/serializers/authenticate-with-organization-selection-options.serializer.d.ts +0 -8
- package/lib/user-management/serializers/authenticate-with-organization-selection-options.serializer.js +0 -14
- package/lib/user-management/serializers/authenticate-with-organization-selection-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/authenticate-with-password-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/authenticate-with-password-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/authenticate-with-password-options.serializer.d.ts +0 -8
- package/lib/user-management/serializers/authenticate-with-password-options.serializer.js +0 -15
- package/lib/user-management/serializers/authenticate-with-password-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/authenticate-with-refresh-token-public-client-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/authenticate-with-refresh-token-public-client-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/authenticate-with-refresh-token-public-client-options.serializer.d.ts +0 -8
- package/lib/user-management/serializers/authenticate-with-refresh-token-public-client-options.serializer.js +0 -13
- package/lib/user-management/serializers/authenticate-with-refresh-token-public-client-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/authenticate-with-refresh-token.options.serializer.cjs +0 -3
- package/lib/user-management/serializers/authenticate-with-refresh-token.options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/authenticate-with-refresh-token.options.serializer.d.ts +0 -9
- package/lib/user-management/serializers/authenticate-with-refresh-token.options.serializer.js +0 -14
- package/lib/user-management/serializers/authenticate-with-refresh-token.options.serializer.js.map +0 -1
- package/lib/user-management/serializers/authenticate-with-totp-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/authenticate-with-totp-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/authenticate-with-totp-options.serializer.d.ts +0 -8
- package/lib/user-management/serializers/authenticate-with-totp-options.serializer.js +0 -15
- package/lib/user-management/serializers/authenticate-with-totp-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/authentication-event.serializer.cjs +0 -3
- package/lib/user-management/serializers/authentication-event.serializer.d.cts +0 -2
- package/lib/user-management/serializers/authentication-event.serializer.d.ts +0 -7
- package/lib/user-management/serializers/authentication-event.serializer.js +0 -14
- package/lib/user-management/serializers/authentication-event.serializer.js.map +0 -1
- package/lib/user-management/serializers/authentication-radar-risk-event-serializer.cjs +0 -3
- package/lib/user-management/serializers/authentication-radar-risk-event-serializer.d.cts +0 -7
- package/lib/user-management/serializers/authentication-radar-risk-event-serializer.d.ts +0 -7
- package/lib/user-management/serializers/authentication-radar-risk-event-serializer.js +0 -15
- package/lib/user-management/serializers/authentication-radar-risk-event-serializer.js.map +0 -1
- package/lib/user-management/serializers/authentication-response.serializer.cjs +0 -3
- package/lib/user-management/serializers/authentication-response.serializer.d.cts +0 -2
- package/lib/user-management/serializers/authentication-response.serializer.d.ts +0 -7
- package/lib/user-management/serializers/authentication-response.serializer.js +0 -21
- package/lib/user-management/serializers/authentication-response.serializer.js.map +0 -1
- package/lib/user-management/serializers/create-magic-auth-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/create-magic-auth-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/create-magic-auth-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/create-magic-auth-options.serializer.js +0 -9
- package/lib/user-management/serializers/create-magic-auth-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/create-organization-membership-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/create-organization-membership-options.serializer.d.cts +0 -7
- package/lib/user-management/serializers/create-organization-membership-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/create-organization-membership-options.serializer.js +0 -11
- package/lib/user-management/serializers/create-organization-membership-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/create-password-reset-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/create-password-reset-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/create-password-reset-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/create-password-reset-options.serializer.js +0 -6
- package/lib/user-management/serializers/create-password-reset-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/create-user-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/create-user-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/create-user-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/create-user-options.serializer.js +0 -16
- package/lib/user-management/serializers/create-user-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/email-verification.serializer.cjs +0 -4
- package/lib/user-management/serializers/email-verification.serializer.d.cts +0 -2
- package/lib/user-management/serializers/email-verification.serializer.d.ts +0 -8
- package/lib/user-management/serializers/email-verification.serializer.js +0 -24
- package/lib/user-management/serializers/email-verification.serializer.js.map +0 -1
- package/lib/user-management/serializers/enroll-auth-factor-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/enroll-auth-factor-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/enroll-auth-factor-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/enroll-auth-factor-options.serializer.js +0 -11
- package/lib/user-management/serializers/enroll-auth-factor-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/factor.serializer.cjs +0 -4
- package/lib/user-management/serializers/factor.serializer.d.cts +0 -2
- package/lib/user-management/serializers/factor.serializer.d.ts +0 -8
- package/lib/user-management/serializers/factor.serializer.js +0 -25
- package/lib/user-management/serializers/factor.serializer.js.map +0 -1
- package/lib/user-management/serializers/identity.serializer.cjs +0 -3
- package/lib/user-management/serializers/identity.serializer.d.cts +0 -7
- package/lib/user-management/serializers/identity.serializer.d.ts +0 -7
- package/lib/user-management/serializers/identity.serializer.js +0 -14
- package/lib/user-management/serializers/identity.serializer.js.map +0 -1
- package/lib/user-management/serializers/index.cjs +0 -54
- package/lib/user-management/serializers/index.d.cts +0 -25
- package/lib/user-management/serializers/index.d.ts +0 -25
- package/lib/user-management/serializers/index.js +0 -26
- package/lib/user-management/serializers/invitation.serializer.cjs +0 -4
- package/lib/user-management/serializers/invitation.serializer.d.cts +0 -2
- package/lib/user-management/serializers/invitation.serializer.d.ts +0 -8
- package/lib/user-management/serializers/invitation.serializer.js +0 -35
- package/lib/user-management/serializers/invitation.serializer.js.map +0 -1
- package/lib/user-management/serializers/list-invitations-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/list-invitations-options.serializer.d.cts +0 -7
- package/lib/user-management/serializers/list-invitations-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/list-invitations-options.serializer.js +0 -13
- package/lib/user-management/serializers/list-invitations-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/list-organization-memberships-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/list-organization-memberships-options.serializer.d.cts +0 -7
- package/lib/user-management/serializers/list-organization-memberships-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/list-organization-memberships-options.serializer.js +0 -14
- package/lib/user-management/serializers/list-organization-memberships-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/list-sessions-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/list-sessions-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/list-sessions-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/list-sessions-options.serializer.js +0 -6
- package/lib/user-management/serializers/list-sessions-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/list-users-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/list-users-options.serializer.d.cts +0 -7
- package/lib/user-management/serializers/list-users-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/list-users-options.serializer.js +0 -13
- package/lib/user-management/serializers/list-users-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/magic-auth.serializer.cjs +0 -4
- package/lib/user-management/serializers/magic-auth.serializer.d.cts +0 -2
- package/lib/user-management/serializers/magic-auth.serializer.d.ts +0 -8
- package/lib/user-management/serializers/magic-auth.serializer.js +0 -24
- package/lib/user-management/serializers/magic-auth.serializer.js.map +0 -1
- package/lib/user-management/serializers/oauth-tokens.serializer.cjs +0 -3
- package/lib/user-management/serializers/oauth-tokens.serializer.d.cts +0 -7
- package/lib/user-management/serializers/oauth-tokens.serializer.d.ts +0 -7
- package/lib/user-management/serializers/oauth-tokens.serializer.js +0 -11
- package/lib/user-management/serializers/oauth-tokens.serializer.js.map +0 -1
- package/lib/user-management/serializers/organization-membership.serializer.cjs +0 -4
- package/lib/user-management/serializers/organization-membership.serializer.d.cts +0 -8
- package/lib/user-management/serializers/organization-membership.serializer.d.ts +0 -8
- package/lib/user-management/serializers/organization-membership.serializer.js +0 -28
- package/lib/user-management/serializers/organization-membership.serializer.js.map +0 -1
- package/lib/user-management/serializers/password-reset.serializer.cjs +0 -4
- package/lib/user-management/serializers/password-reset.serializer.d.cts +0 -2
- package/lib/user-management/serializers/password-reset.serializer.d.ts +0 -8
- package/lib/user-management/serializers/password-reset.serializer.js +0 -23
- package/lib/user-management/serializers/password-reset.serializer.js.map +0 -1
- package/lib/user-management/serializers/resend-invitation-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/resend-invitation-options.serializer.d.cts +0 -7
- package/lib/user-management/serializers/resend-invitation-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/resend-invitation-options.serializer.js +0 -6
- package/lib/user-management/serializers/resend-invitation-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/reset-password-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/reset-password-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/reset-password-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/reset-password-options.serializer.js +0 -9
- package/lib/user-management/serializers/reset-password-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/role.serializer.cjs +0 -3
- package/lib/user-management/serializers/role.serializer.d.cts +0 -7
- package/lib/user-management/serializers/role.serializer.d.ts +0 -7
- package/lib/user-management/serializers/role.serializer.js +0 -12
- package/lib/user-management/serializers/role.serializer.js.map +0 -1
- package/lib/user-management/serializers/send-invitation-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/send-invitation-options.serializer.d.cts +0 -7
- package/lib/user-management/serializers/send-invitation-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/send-invitation-options.serializer.js +0 -13
- package/lib/user-management/serializers/send-invitation-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/session.serializer.cjs +0 -3
- package/lib/user-management/serializers/session.serializer.d.cts +0 -2
- package/lib/user-management/serializers/session.serializer.d.ts +0 -7
- package/lib/user-management/serializers/session.serializer.js +0 -20
- package/lib/user-management/serializers/session.serializer.js.map +0 -1
- package/lib/user-management/serializers/update-organization-membership-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/update-organization-membership-options.serializer.d.cts +0 -7
- package/lib/user-management/serializers/update-organization-membership-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/update-organization-membership-options.serializer.js +0 -9
- package/lib/user-management/serializers/update-organization-membership-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/update-user-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/update-user-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/update-user-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/update-user-options.serializer.js +0 -17
- package/lib/user-management/serializers/update-user-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/update-user-password-options.serializer.cjs +0 -3
- package/lib/user-management/serializers/update-user-password-options.serializer.d.cts +0 -2
- package/lib/user-management/serializers/update-user-password-options.serializer.d.ts +0 -7
- package/lib/user-management/serializers/update-user-password-options.serializer.js +0 -6
- package/lib/user-management/serializers/update-user-password-options.serializer.js.map +0 -1
- package/lib/user-management/serializers/user.serializer.cjs +0 -3
- package/lib/user-management/serializers/user.serializer.d.cts +0 -2
- package/lib/user-management/serializers/user.serializer.d.ts +0 -7
- package/lib/user-management/serializers/user.serializer.js +0 -20
- package/lib/user-management/serializers/user.serializer.js.map +0 -1
- package/lib/user-management/session.cjs +0 -4
- package/lib/user-management/session.d.cts +0 -2
- package/lib/user-management/session.d.ts +0 -44
- package/lib/user-management/session.js +0 -139
- package/lib/user-management/session.js.map +0 -1
- package/lib/user-management/user-management.cjs +0 -5
- package/lib/user-management/user-management.d.cts +0 -2
- package/lib/user-management/user-management.d.ts +0 -211
- package/lib/user-management/user-management.js +0 -534
- package/lib/user-management/user-management.js.map +0 -1
- package/lib/user-management-CJj1rMco.cjs +0 -539
- package/lib/user-management-CJj1rMco.cjs.map +0 -1
- package/lib/user.interface-CSksrToF.d.cts +0 -34
- package/lib/user.interface-v7V0JLDQ.cjs +0 -0
- package/lib/user.serializer-BFpDaajW.d.cts +0 -7
- package/lib/user.serializer-Y5EM8MeK.cjs +0 -26
- package/lib/user.serializer-Y5EM8MeK.cjs.map +0 -1
- package/lib/utils/jose.cjs +0 -3
- package/lib/utils/jose.d.cts +0 -20
- package/lib/utils/jose.d.ts +0 -20
- package/lib/utils/jose.js +0 -21
- package/lib/utils/jose.js.map +0 -1
- package/lib/validate-api-key.interface-BGq76tsL.cjs +0 -0
- package/lib/validate-api-key.interface-D_WJOvPm.d.cts +0 -15
- package/lib/validate-api-key.serializer-Cwpx9odk.cjs +0 -15
- package/lib/validate-api-key.serializer-Cwpx9odk.cjs.map +0 -1
- package/lib/validate-api-key.serializer-D5zYUCcH.d.cts +0 -7
- package/lib/vault/interfaces/index.cjs +0 -0
- package/lib/vault/interfaces/index.d.cts +0 -11
- package/lib/vault/interfaces/index.d.ts +0 -11
- package/lib/vault/interfaces/index.js +0 -1
- package/lib/vault/interfaces/key/create-data-key.interface.cjs +0 -0
- package/lib/vault/interfaces/key/create-data-key.interface.d.cts +0 -2
- package/lib/vault/interfaces/key/create-data-key.interface.d.ts +0 -15
- package/lib/vault/interfaces/key/create-data-key.interface.js +0 -1
- package/lib/vault/interfaces/key/decrypt-data-key.interface.cjs +0 -0
- package/lib/vault/interfaces/key/decrypt-data-key.interface.d.cts +0 -2
- package/lib/vault/interfaces/key/decrypt-data-key.interface.d.ts +0 -11
- package/lib/vault/interfaces/key/decrypt-data-key.interface.js +0 -1
- package/lib/vault/interfaces/key.interface.cjs +0 -0
- package/lib/vault/interfaces/key.interface.d.cts +0 -2
- package/lib/vault/interfaces/key.interface.d.ts +0 -16
- package/lib/vault/interfaces/key.interface.js +0 -1
- package/lib/vault/interfaces/object/create-object.interface.cjs +0 -0
- package/lib/vault/interfaces/object/create-object.interface.d.cts +0 -2
- package/lib/vault/interfaces/object/create-object.interface.d.ts +0 -16
- package/lib/vault/interfaces/object/create-object.interface.js +0 -1
- package/lib/vault/interfaces/object/delete-object.interface.cjs +0 -0
- package/lib/vault/interfaces/object/delete-object.interface.d.cts +0 -2
- package/lib/vault/interfaces/object/delete-object.interface.d.ts +0 -7
- package/lib/vault/interfaces/object/delete-object.interface.js +0 -1
- package/lib/vault/interfaces/object/list-object-versions.interface.cjs +0 -0
- package/lib/vault/interfaces/object/list-object-versions.interface.d.cts +0 -2
- package/lib/vault/interfaces/object/list-object-versions.interface.d.ts +0 -12
- package/lib/vault/interfaces/object/list-object-versions.interface.js +0 -1
- package/lib/vault/interfaces/object/list-objects.interface.cjs +0 -0
- package/lib/vault/interfaces/object/list-objects.interface.d.cts +0 -2
- package/lib/vault/interfaces/object/list-objects.interface.d.ts +0 -9
- package/lib/vault/interfaces/object/list-objects.interface.js +0 -1
- package/lib/vault/interfaces/object/read-object.interface.cjs +0 -0
- package/lib/vault/interfaces/object/read-object.interface.d.cts +0 -2
- package/lib/vault/interfaces/object/read-object.interface.d.ts +0 -25
- package/lib/vault/interfaces/object/read-object.interface.js +0 -1
- package/lib/vault/interfaces/object/update-object.interface.cjs +0 -0
- package/lib/vault/interfaces/object/update-object.interface.d.cts +0 -2
- package/lib/vault/interfaces/object/update-object.interface.d.ts +0 -13
- package/lib/vault/interfaces/object/update-object.interface.js +0 -1
- package/lib/vault/interfaces/object.interface.cjs +0 -0
- package/lib/vault/interfaces/object.interface.d.cts +0 -2
- package/lib/vault/interfaces/object.interface.d.ts +0 -35
- package/lib/vault/interfaces/object.interface.js +0 -1
- package/lib/vault/serializers/vault-key.serializer.cjs +0 -4
- package/lib/vault/serializers/vault-key.serializer.d.cts +0 -10
- package/lib/vault/serializers/vault-key.serializer.d.ts +0 -10
- package/lib/vault/serializers/vault-key.serializer.js +0 -17
- package/lib/vault/serializers/vault-key.serializer.js.map +0 -1
- package/lib/vault/serializers/vault-object.serializer.cjs +0 -8
- package/lib/vault/serializers/vault-object.serializer.d.cts +0 -18
- package/lib/vault/serializers/vault-object.serializer.d.ts +0 -18
- package/lib/vault/serializers/vault-object.serializer.js +0 -48
- package/lib/vault/serializers/vault-object.serializer.js.map +0 -1
- package/lib/vault/vault.cjs +0 -3
- package/lib/vault/vault.d.cts +0 -2
- package/lib/vault/vault.d.ts +0 -35
- package/lib/vault/vault.js +0 -101
- package/lib/vault/vault.js.map +0 -1
- package/lib/vault-BR8gbCEq.cjs +0 -106
- package/lib/vault-BR8gbCEq.cjs.map +0 -1
- package/lib/vault-key.serializer-D5WVcdFV.cjs +0 -29
- package/lib/vault-key.serializer-D5WVcdFV.cjs.map +0 -1
- package/lib/vault-object.serializer-Cx7rAuca.cjs +0 -84
- package/lib/vault-object.serializer-Cx7rAuca.cjs.map +0 -1
- package/lib/verify-challenge-options-CkbCUSJv.d.cts +0 -8
- package/lib/verify-challenge-response-Dlb5HPTC.d.cts +0 -14
- package/lib/verify-email-options.interface-6ZR-BxLC.cjs +0 -0
- package/lib/verify-email-options.interface-B8NOVqLy.d.cts +0 -11
- package/lib/verify-response.serializer-B_xSg0qN.cjs +0 -16
- package/lib/verify-response.serializer-B_xSg0qN.cjs.map +0 -1
- package/lib/verify-response.serializer-CFug_fb9.d.cts +0 -7
- package/lib/warning.interface-9qt63wBc.d.cts +0 -13
- package/lib/warrant-op.enum-CYwLWhRz.d.cts +0 -8
- package/lib/warrant-op.enum-CdLsJJCt.cjs +0 -16
- package/lib/warrant-op.enum-CdLsJJCt.cjs.map +0 -1
- package/lib/warrant-token.interface-BhaSf4pQ.d.cts +0 -10
- package/lib/warrant-token.interface-Ce-WGK9E.cjs +0 -0
- package/lib/warrant-token.serializer-DIzg-CmP.cjs +0 -12
- package/lib/warrant-token.serializer-DIzg-CmP.cjs.map +0 -1
- package/lib/warrant-token.serializer-ron-g41a.d.cts +0 -7
- package/lib/warrant.interface-5GMD1PlN.d.cts +0 -71
- package/lib/warrant.interface-Dv6nrxc-.cjs +0 -0
- package/lib/warrant.serializer-OpTafbUe.d.cts +0 -7
- package/lib/warrant.serializer-_TqpbD4I.cjs +0 -22
- package/lib/warrant.serializer-_TqpbD4I.cjs.map +0 -1
- package/lib/webhooks/webhooks.cjs +0 -3
- package/lib/webhooks/webhooks.d.cts +0 -2
- package/lib/webhooks/webhooks.d.ts +0 -35
- package/lib/webhooks/webhooks.js +0 -33
- package/lib/webhooks/webhooks.js.map +0 -1
- package/lib/webhooks-D2t2W-Z_.d.cts +0 -35
- package/lib/webhooks-wNAbF-1o.cjs +0 -38
- package/lib/webhooks-wNAbF-1o.cjs.map +0 -1
- package/lib/widgets/interfaces/get-token.cjs +0 -4
- package/lib/widgets/interfaces/get-token.d.cts +0 -2
- package/lib/widgets/interfaces/get-token.d.ts +0 -23
- package/lib/widgets/interfaces/get-token.js +0 -11
- package/lib/widgets/interfaces/get-token.js.map +0 -1
- package/lib/widgets/widgets.cjs +0 -3
- package/lib/widgets/widgets.d.cts +0 -2
- package/lib/widgets/widgets.d.ts +0 -12
- package/lib/widgets/widgets.js +0 -16
- package/lib/widgets/widgets.js.map +0 -1
- package/lib/widgets-BckzS1Py.cjs +0 -21
- package/lib/widgets-BckzS1Py.cjs.map +0 -1
- package/lib/workos-2uUDl0FZ.cjs +0 -347
- package/lib/workos-2uUDl0FZ.cjs.map +0 -1
- package/lib/workos-options.interface-BJncPCQs.d.cts +0 -17
- package/lib/workos-options.interface-Cszzjn_W.cjs +0 -0
- package/lib/workos-response-error.interface-D4GX2qD0.d.cts +0 -13
- package/lib/workos-response-error.interface-Div6tr1y.cjs +0 -0
- package/lib/workos.cjs +0 -7
- package/lib/workos.d.cts +0 -2
- package/lib/workos.d.ts +0 -108
- package/lib/workos.js +0 -339
- package/lib/workos.js.map +0 -1
- package/lib/write-warrant-options.serializer-BQP-4p5X.d.cts +0 -7
- package/lib/write-warrant-options.serializer-C4p0DqUx.cjs +0 -26
- package/lib/write-warrant-options.serializer-C4p0DqUx.cjs.map +0 -1
|
@@ -0,0 +1,3289 @@
|
|
|
1
|
+
//#region \0rolldown/runtime.js
|
|
2
|
+
var __defProp = Object.defineProperty;
|
|
3
|
+
var __exportAll = (all, no_symbols) => {
|
|
4
|
+
let target = {};
|
|
5
|
+
for (var name in all) __defProp(target, name, {
|
|
6
|
+
get: all[name],
|
|
7
|
+
enumerable: true
|
|
8
|
+
});
|
|
9
|
+
if (!no_symbols) __defProp(target, Symbol.toStringTag, { value: "Module" });
|
|
10
|
+
return target;
|
|
11
|
+
};
|
|
12
|
+
//#endregion
|
|
13
|
+
//#region node_modules/jose/dist/webapi/lib/buffer_utils.js
|
|
14
|
+
const encoder = new TextEncoder();
|
|
15
|
+
const decoder = new TextDecoder();
|
|
16
|
+
const MAX_INT32 = 2 ** 32;
|
|
17
|
+
function concat(...buffers) {
|
|
18
|
+
const size = buffers.reduce((acc, { length }) => acc + length, 0);
|
|
19
|
+
const buf = new Uint8Array(size);
|
|
20
|
+
let i = 0;
|
|
21
|
+
for (const buffer of buffers) {
|
|
22
|
+
buf.set(buffer, i);
|
|
23
|
+
i += buffer.length;
|
|
24
|
+
}
|
|
25
|
+
return buf;
|
|
26
|
+
}
|
|
27
|
+
function writeUInt32BE(buf, value, offset) {
|
|
28
|
+
if (value < 0 || value >= MAX_INT32) throw new RangeError(`value must be >= 0 and <= ${MAX_INT32 - 1}. Received ${value}`);
|
|
29
|
+
buf.set([
|
|
30
|
+
value >>> 24,
|
|
31
|
+
value >>> 16,
|
|
32
|
+
value >>> 8,
|
|
33
|
+
value & 255
|
|
34
|
+
], offset);
|
|
35
|
+
}
|
|
36
|
+
function uint64be(value) {
|
|
37
|
+
const high = Math.floor(value / MAX_INT32);
|
|
38
|
+
const low = value % MAX_INT32;
|
|
39
|
+
const buf = new Uint8Array(8);
|
|
40
|
+
writeUInt32BE(buf, high, 0);
|
|
41
|
+
writeUInt32BE(buf, low, 4);
|
|
42
|
+
return buf;
|
|
43
|
+
}
|
|
44
|
+
function uint32be(value) {
|
|
45
|
+
const buf = new Uint8Array(4);
|
|
46
|
+
writeUInt32BE(buf, value);
|
|
47
|
+
return buf;
|
|
48
|
+
}
|
|
49
|
+
function encode$1(string) {
|
|
50
|
+
const bytes = new Uint8Array(string.length);
|
|
51
|
+
for (let i = 0; i < string.length; i++) {
|
|
52
|
+
const code = string.charCodeAt(i);
|
|
53
|
+
if (code > 127) throw new TypeError("non-ASCII string encountered in encode()");
|
|
54
|
+
bytes[i] = code;
|
|
55
|
+
}
|
|
56
|
+
return bytes;
|
|
57
|
+
}
|
|
58
|
+
//#endregion
|
|
59
|
+
//#region node_modules/jose/dist/webapi/lib/base64.js
|
|
60
|
+
function encodeBase64(input) {
|
|
61
|
+
if (Uint8Array.prototype.toBase64) return input.toBase64();
|
|
62
|
+
const CHUNK_SIZE = 32768;
|
|
63
|
+
const arr = [];
|
|
64
|
+
for (let i = 0; i < input.length; i += CHUNK_SIZE) arr.push(String.fromCharCode.apply(null, input.subarray(i, i + CHUNK_SIZE)));
|
|
65
|
+
return btoa(arr.join(""));
|
|
66
|
+
}
|
|
67
|
+
function decodeBase64(encoded) {
|
|
68
|
+
if (Uint8Array.fromBase64) return Uint8Array.fromBase64(encoded);
|
|
69
|
+
const binary = atob(encoded);
|
|
70
|
+
const bytes = new Uint8Array(binary.length);
|
|
71
|
+
for (let i = 0; i < binary.length; i++) bytes[i] = binary.charCodeAt(i);
|
|
72
|
+
return bytes;
|
|
73
|
+
}
|
|
74
|
+
//#endregion
|
|
75
|
+
//#region node_modules/jose/dist/webapi/util/base64url.js
|
|
76
|
+
var base64url_exports = /* @__PURE__ */ __exportAll({
|
|
77
|
+
decode: () => decode,
|
|
78
|
+
encode: () => encode
|
|
79
|
+
});
|
|
80
|
+
function decode(input) {
|
|
81
|
+
if (Uint8Array.fromBase64) return Uint8Array.fromBase64(typeof input === "string" ? input : decoder.decode(input), { alphabet: "base64url" });
|
|
82
|
+
let encoded = input;
|
|
83
|
+
if (encoded instanceof Uint8Array) encoded = decoder.decode(encoded);
|
|
84
|
+
encoded = encoded.replace(/-/g, "+").replace(/_/g, "/");
|
|
85
|
+
try {
|
|
86
|
+
return decodeBase64(encoded);
|
|
87
|
+
} catch {
|
|
88
|
+
throw new TypeError("The input to be decoded is not correctly encoded.");
|
|
89
|
+
}
|
|
90
|
+
}
|
|
91
|
+
function encode(input) {
|
|
92
|
+
let unencoded = input;
|
|
93
|
+
if (typeof unencoded === "string") unencoded = encoder.encode(unencoded);
|
|
94
|
+
if (Uint8Array.prototype.toBase64) return unencoded.toBase64({
|
|
95
|
+
alphabet: "base64url",
|
|
96
|
+
omitPadding: true
|
|
97
|
+
});
|
|
98
|
+
return encodeBase64(unencoded).replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_");
|
|
99
|
+
}
|
|
100
|
+
//#endregion
|
|
101
|
+
//#region node_modules/jose/dist/webapi/util/errors.js
|
|
102
|
+
var errors_exports = /* @__PURE__ */ __exportAll({
|
|
103
|
+
JOSEAlgNotAllowed: () => JOSEAlgNotAllowed,
|
|
104
|
+
JOSEError: () => JOSEError,
|
|
105
|
+
JOSENotSupported: () => JOSENotSupported,
|
|
106
|
+
JWEDecryptionFailed: () => JWEDecryptionFailed,
|
|
107
|
+
JWEInvalid: () => JWEInvalid,
|
|
108
|
+
JWKInvalid: () => JWKInvalid,
|
|
109
|
+
JWKSInvalid: () => JWKSInvalid,
|
|
110
|
+
JWKSMultipleMatchingKeys: () => JWKSMultipleMatchingKeys,
|
|
111
|
+
JWKSNoMatchingKey: () => JWKSNoMatchingKey,
|
|
112
|
+
JWKSTimeout: () => JWKSTimeout,
|
|
113
|
+
JWSInvalid: () => JWSInvalid,
|
|
114
|
+
JWSSignatureVerificationFailed: () => JWSSignatureVerificationFailed,
|
|
115
|
+
JWTClaimValidationFailed: () => JWTClaimValidationFailed,
|
|
116
|
+
JWTExpired: () => JWTExpired,
|
|
117
|
+
JWTInvalid: () => JWTInvalid
|
|
118
|
+
});
|
|
119
|
+
var JOSEError = class extends Error {
|
|
120
|
+
static code = "ERR_JOSE_GENERIC";
|
|
121
|
+
code = "ERR_JOSE_GENERIC";
|
|
122
|
+
constructor(message, options) {
|
|
123
|
+
super(message, options);
|
|
124
|
+
this.name = this.constructor.name;
|
|
125
|
+
Error.captureStackTrace?.(this, this.constructor);
|
|
126
|
+
}
|
|
127
|
+
};
|
|
128
|
+
var JWTClaimValidationFailed = class extends JOSEError {
|
|
129
|
+
static code = "ERR_JWT_CLAIM_VALIDATION_FAILED";
|
|
130
|
+
code = "ERR_JWT_CLAIM_VALIDATION_FAILED";
|
|
131
|
+
claim;
|
|
132
|
+
reason;
|
|
133
|
+
payload;
|
|
134
|
+
constructor(message, payload, claim = "unspecified", reason = "unspecified") {
|
|
135
|
+
super(message, { cause: {
|
|
136
|
+
claim,
|
|
137
|
+
reason,
|
|
138
|
+
payload
|
|
139
|
+
} });
|
|
140
|
+
this.claim = claim;
|
|
141
|
+
this.reason = reason;
|
|
142
|
+
this.payload = payload;
|
|
143
|
+
}
|
|
144
|
+
};
|
|
145
|
+
var JWTExpired = class extends JOSEError {
|
|
146
|
+
static code = "ERR_JWT_EXPIRED";
|
|
147
|
+
code = "ERR_JWT_EXPIRED";
|
|
148
|
+
claim;
|
|
149
|
+
reason;
|
|
150
|
+
payload;
|
|
151
|
+
constructor(message, payload, claim = "unspecified", reason = "unspecified") {
|
|
152
|
+
super(message, { cause: {
|
|
153
|
+
claim,
|
|
154
|
+
reason,
|
|
155
|
+
payload
|
|
156
|
+
} });
|
|
157
|
+
this.claim = claim;
|
|
158
|
+
this.reason = reason;
|
|
159
|
+
this.payload = payload;
|
|
160
|
+
}
|
|
161
|
+
};
|
|
162
|
+
var JOSEAlgNotAllowed = class extends JOSEError {
|
|
163
|
+
static code = "ERR_JOSE_ALG_NOT_ALLOWED";
|
|
164
|
+
code = "ERR_JOSE_ALG_NOT_ALLOWED";
|
|
165
|
+
};
|
|
166
|
+
var JOSENotSupported = class extends JOSEError {
|
|
167
|
+
static code = "ERR_JOSE_NOT_SUPPORTED";
|
|
168
|
+
code = "ERR_JOSE_NOT_SUPPORTED";
|
|
169
|
+
};
|
|
170
|
+
var JWEDecryptionFailed = class extends JOSEError {
|
|
171
|
+
static code = "ERR_JWE_DECRYPTION_FAILED";
|
|
172
|
+
code = "ERR_JWE_DECRYPTION_FAILED";
|
|
173
|
+
constructor(message = "decryption operation failed", options) {
|
|
174
|
+
super(message, options);
|
|
175
|
+
}
|
|
176
|
+
};
|
|
177
|
+
var JWEInvalid = class extends JOSEError {
|
|
178
|
+
static code = "ERR_JWE_INVALID";
|
|
179
|
+
code = "ERR_JWE_INVALID";
|
|
180
|
+
};
|
|
181
|
+
var JWSInvalid = class extends JOSEError {
|
|
182
|
+
static code = "ERR_JWS_INVALID";
|
|
183
|
+
code = "ERR_JWS_INVALID";
|
|
184
|
+
};
|
|
185
|
+
var JWTInvalid = class extends JOSEError {
|
|
186
|
+
static code = "ERR_JWT_INVALID";
|
|
187
|
+
code = "ERR_JWT_INVALID";
|
|
188
|
+
};
|
|
189
|
+
var JWKInvalid = class extends JOSEError {
|
|
190
|
+
static code = "ERR_JWK_INVALID";
|
|
191
|
+
code = "ERR_JWK_INVALID";
|
|
192
|
+
};
|
|
193
|
+
var JWKSInvalid = class extends JOSEError {
|
|
194
|
+
static code = "ERR_JWKS_INVALID";
|
|
195
|
+
code = "ERR_JWKS_INVALID";
|
|
196
|
+
};
|
|
197
|
+
var JWKSNoMatchingKey = class extends JOSEError {
|
|
198
|
+
static code = "ERR_JWKS_NO_MATCHING_KEY";
|
|
199
|
+
code = "ERR_JWKS_NO_MATCHING_KEY";
|
|
200
|
+
constructor(message = "no applicable key found in the JSON Web Key Set", options) {
|
|
201
|
+
super(message, options);
|
|
202
|
+
}
|
|
203
|
+
};
|
|
204
|
+
var JWKSMultipleMatchingKeys = class extends JOSEError {
|
|
205
|
+
[Symbol.asyncIterator];
|
|
206
|
+
static code = "ERR_JWKS_MULTIPLE_MATCHING_KEYS";
|
|
207
|
+
code = "ERR_JWKS_MULTIPLE_MATCHING_KEYS";
|
|
208
|
+
constructor(message = "multiple matching keys found in the JSON Web Key Set", options) {
|
|
209
|
+
super(message, options);
|
|
210
|
+
}
|
|
211
|
+
};
|
|
212
|
+
var JWKSTimeout = class extends JOSEError {
|
|
213
|
+
static code = "ERR_JWKS_TIMEOUT";
|
|
214
|
+
code = "ERR_JWKS_TIMEOUT";
|
|
215
|
+
constructor(message = "request timed out", options) {
|
|
216
|
+
super(message, options);
|
|
217
|
+
}
|
|
218
|
+
};
|
|
219
|
+
var JWSSignatureVerificationFailed = class extends JOSEError {
|
|
220
|
+
static code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
|
|
221
|
+
code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
|
|
222
|
+
constructor(message = "signature verification failed", options) {
|
|
223
|
+
super(message, options);
|
|
224
|
+
}
|
|
225
|
+
};
|
|
226
|
+
//#endregion
|
|
227
|
+
//#region node_modules/jose/dist/webapi/lib/iv.js
|
|
228
|
+
function bitLength(alg) {
|
|
229
|
+
switch (alg) {
|
|
230
|
+
case "A128GCM":
|
|
231
|
+
case "A128GCMKW":
|
|
232
|
+
case "A192GCM":
|
|
233
|
+
case "A192GCMKW":
|
|
234
|
+
case "A256GCM":
|
|
235
|
+
case "A256GCMKW": return 96;
|
|
236
|
+
case "A128CBC-HS256":
|
|
237
|
+
case "A192CBC-HS384":
|
|
238
|
+
case "A256CBC-HS512": return 128;
|
|
239
|
+
default: throw new JOSENotSupported(`Unsupported JWE Algorithm: ${alg}`);
|
|
240
|
+
}
|
|
241
|
+
}
|
|
242
|
+
const generateIv = (alg) => crypto.getRandomValues(new Uint8Array(bitLength(alg) >> 3));
|
|
243
|
+
//#endregion
|
|
244
|
+
//#region node_modules/jose/dist/webapi/lib/check_iv_length.js
|
|
245
|
+
function checkIvLength(enc, iv) {
|
|
246
|
+
if (iv.length << 3 !== bitLength(enc)) throw new JWEInvalid("Invalid Initialization Vector length");
|
|
247
|
+
}
|
|
248
|
+
//#endregion
|
|
249
|
+
//#region node_modules/jose/dist/webapi/lib/check_cek_length.js
|
|
250
|
+
function checkCekLength(cek, expected) {
|
|
251
|
+
const actual = cek.byteLength << 3;
|
|
252
|
+
if (actual !== expected) throw new JWEInvalid(`Invalid Content Encryption Key length. Expected ${expected} bits, got ${actual} bits`);
|
|
253
|
+
}
|
|
254
|
+
//#endregion
|
|
255
|
+
//#region node_modules/jose/dist/webapi/lib/crypto_key.js
|
|
256
|
+
const unusable = (name, prop = "algorithm.name") => /* @__PURE__ */ new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);
|
|
257
|
+
const isAlgorithm = (algorithm, name) => algorithm.name === name;
|
|
258
|
+
function getHashLength(hash) {
|
|
259
|
+
return parseInt(hash.name.slice(4), 10);
|
|
260
|
+
}
|
|
261
|
+
function getNamedCurve(alg) {
|
|
262
|
+
switch (alg) {
|
|
263
|
+
case "ES256": return "P-256";
|
|
264
|
+
case "ES384": return "P-384";
|
|
265
|
+
case "ES512": return "P-521";
|
|
266
|
+
default: throw new Error("unreachable");
|
|
267
|
+
}
|
|
268
|
+
}
|
|
269
|
+
function checkUsage(key, usage) {
|
|
270
|
+
if (usage && !key.usages.includes(usage)) throw new TypeError(`CryptoKey does not support this operation, its usages must include ${usage}.`);
|
|
271
|
+
}
|
|
272
|
+
function checkSigCryptoKey(key, alg, usage) {
|
|
273
|
+
switch (alg) {
|
|
274
|
+
case "HS256":
|
|
275
|
+
case "HS384":
|
|
276
|
+
case "HS512": {
|
|
277
|
+
if (!isAlgorithm(key.algorithm, "HMAC")) throw unusable("HMAC");
|
|
278
|
+
const expected = parseInt(alg.slice(2), 10);
|
|
279
|
+
if (getHashLength(key.algorithm.hash) !== expected) throw unusable(`SHA-${expected}`, "algorithm.hash");
|
|
280
|
+
break;
|
|
281
|
+
}
|
|
282
|
+
case "RS256":
|
|
283
|
+
case "RS384":
|
|
284
|
+
case "RS512": {
|
|
285
|
+
if (!isAlgorithm(key.algorithm, "RSASSA-PKCS1-v1_5")) throw unusable("RSASSA-PKCS1-v1_5");
|
|
286
|
+
const expected = parseInt(alg.slice(2), 10);
|
|
287
|
+
if (getHashLength(key.algorithm.hash) !== expected) throw unusable(`SHA-${expected}`, "algorithm.hash");
|
|
288
|
+
break;
|
|
289
|
+
}
|
|
290
|
+
case "PS256":
|
|
291
|
+
case "PS384":
|
|
292
|
+
case "PS512": {
|
|
293
|
+
if (!isAlgorithm(key.algorithm, "RSA-PSS")) throw unusable("RSA-PSS");
|
|
294
|
+
const expected = parseInt(alg.slice(2), 10);
|
|
295
|
+
if (getHashLength(key.algorithm.hash) !== expected) throw unusable(`SHA-${expected}`, "algorithm.hash");
|
|
296
|
+
break;
|
|
297
|
+
}
|
|
298
|
+
case "Ed25519":
|
|
299
|
+
case "EdDSA":
|
|
300
|
+
if (!isAlgorithm(key.algorithm, "Ed25519")) throw unusable("Ed25519");
|
|
301
|
+
break;
|
|
302
|
+
case "ML-DSA-44":
|
|
303
|
+
case "ML-DSA-65":
|
|
304
|
+
case "ML-DSA-87":
|
|
305
|
+
if (!isAlgorithm(key.algorithm, alg)) throw unusable(alg);
|
|
306
|
+
break;
|
|
307
|
+
case "ES256":
|
|
308
|
+
case "ES384":
|
|
309
|
+
case "ES512": {
|
|
310
|
+
if (!isAlgorithm(key.algorithm, "ECDSA")) throw unusable("ECDSA");
|
|
311
|
+
const expected = getNamedCurve(alg);
|
|
312
|
+
if (key.algorithm.namedCurve !== expected) throw unusable(expected, "algorithm.namedCurve");
|
|
313
|
+
break;
|
|
314
|
+
}
|
|
315
|
+
default: throw new TypeError("CryptoKey does not support this operation");
|
|
316
|
+
}
|
|
317
|
+
checkUsage(key, usage);
|
|
318
|
+
}
|
|
319
|
+
function checkEncCryptoKey(key, alg, usage) {
|
|
320
|
+
switch (alg) {
|
|
321
|
+
case "A128GCM":
|
|
322
|
+
case "A192GCM":
|
|
323
|
+
case "A256GCM": {
|
|
324
|
+
if (!isAlgorithm(key.algorithm, "AES-GCM")) throw unusable("AES-GCM");
|
|
325
|
+
const expected = parseInt(alg.slice(1, 4), 10);
|
|
326
|
+
if (key.algorithm.length !== expected) throw unusable(expected, "algorithm.length");
|
|
327
|
+
break;
|
|
328
|
+
}
|
|
329
|
+
case "A128KW":
|
|
330
|
+
case "A192KW":
|
|
331
|
+
case "A256KW": {
|
|
332
|
+
if (!isAlgorithm(key.algorithm, "AES-KW")) throw unusable("AES-KW");
|
|
333
|
+
const expected = parseInt(alg.slice(1, 4), 10);
|
|
334
|
+
if (key.algorithm.length !== expected) throw unusable(expected, "algorithm.length");
|
|
335
|
+
break;
|
|
336
|
+
}
|
|
337
|
+
case "ECDH":
|
|
338
|
+
switch (key.algorithm.name) {
|
|
339
|
+
case "ECDH":
|
|
340
|
+
case "X25519": break;
|
|
341
|
+
default: throw unusable("ECDH or X25519");
|
|
342
|
+
}
|
|
343
|
+
break;
|
|
344
|
+
case "PBES2-HS256+A128KW":
|
|
345
|
+
case "PBES2-HS384+A192KW":
|
|
346
|
+
case "PBES2-HS512+A256KW":
|
|
347
|
+
if (!isAlgorithm(key.algorithm, "PBKDF2")) throw unusable("PBKDF2");
|
|
348
|
+
break;
|
|
349
|
+
case "RSA-OAEP":
|
|
350
|
+
case "RSA-OAEP-256":
|
|
351
|
+
case "RSA-OAEP-384":
|
|
352
|
+
case "RSA-OAEP-512": {
|
|
353
|
+
if (!isAlgorithm(key.algorithm, "RSA-OAEP")) throw unusable("RSA-OAEP");
|
|
354
|
+
const expected = parseInt(alg.slice(9), 10) || 1;
|
|
355
|
+
if (getHashLength(key.algorithm.hash) !== expected) throw unusable(`SHA-${expected}`, "algorithm.hash");
|
|
356
|
+
break;
|
|
357
|
+
}
|
|
358
|
+
default: throw new TypeError("CryptoKey does not support this operation");
|
|
359
|
+
}
|
|
360
|
+
checkUsage(key, usage);
|
|
361
|
+
}
|
|
362
|
+
//#endregion
|
|
363
|
+
//#region node_modules/jose/dist/webapi/lib/invalid_key_input.js
|
|
364
|
+
function message(msg, actual, ...types) {
|
|
365
|
+
types = types.filter(Boolean);
|
|
366
|
+
if (types.length > 2) {
|
|
367
|
+
const last = types.pop();
|
|
368
|
+
msg += `one of type ${types.join(", ")}, or ${last}.`;
|
|
369
|
+
} else if (types.length === 2) msg += `one of type ${types[0]} or ${types[1]}.`;
|
|
370
|
+
else msg += `of type ${types[0]}.`;
|
|
371
|
+
if (actual == null) msg += ` Received ${actual}`;
|
|
372
|
+
else if (typeof actual === "function" && actual.name) msg += ` Received function ${actual.name}`;
|
|
373
|
+
else if (typeof actual === "object" && actual != null) {
|
|
374
|
+
if (actual.constructor?.name) msg += ` Received an instance of ${actual.constructor.name}`;
|
|
375
|
+
}
|
|
376
|
+
return msg;
|
|
377
|
+
}
|
|
378
|
+
const invalidKeyInput = (actual, ...types) => message("Key must be ", actual, ...types);
|
|
379
|
+
const withAlg = (alg, actual, ...types) => message(`Key for the ${alg} algorithm must be `, actual, ...types);
|
|
380
|
+
//#endregion
|
|
381
|
+
//#region node_modules/jose/dist/webapi/lib/is_key_like.js
|
|
382
|
+
function assertCryptoKey(key) {
|
|
383
|
+
if (!isCryptoKey(key)) throw new Error("CryptoKey instance expected");
|
|
384
|
+
}
|
|
385
|
+
const isCryptoKey = (key) => {
|
|
386
|
+
if (key?.[Symbol.toStringTag] === "CryptoKey") return true;
|
|
387
|
+
try {
|
|
388
|
+
return key instanceof CryptoKey;
|
|
389
|
+
} catch {
|
|
390
|
+
return false;
|
|
391
|
+
}
|
|
392
|
+
};
|
|
393
|
+
const isKeyObject = (key) => key?.[Symbol.toStringTag] === "KeyObject";
|
|
394
|
+
const isKeyLike = (key) => isCryptoKey(key) || isKeyObject(key);
|
|
395
|
+
//#endregion
|
|
396
|
+
//#region node_modules/jose/dist/webapi/lib/decrypt.js
|
|
397
|
+
async function timingSafeEqual(a, b) {
|
|
398
|
+
if (!(a instanceof Uint8Array)) throw new TypeError("First argument must be a buffer");
|
|
399
|
+
if (!(b instanceof Uint8Array)) throw new TypeError("Second argument must be a buffer");
|
|
400
|
+
const algorithm = {
|
|
401
|
+
name: "HMAC",
|
|
402
|
+
hash: "SHA-256"
|
|
403
|
+
};
|
|
404
|
+
const key = await crypto.subtle.generateKey(algorithm, false, ["sign"]);
|
|
405
|
+
const aHmac = new Uint8Array(await crypto.subtle.sign(algorithm, key, a));
|
|
406
|
+
const bHmac = new Uint8Array(await crypto.subtle.sign(algorithm, key, b));
|
|
407
|
+
let out = 0;
|
|
408
|
+
let i = -1;
|
|
409
|
+
while (++i < 32) out |= aHmac[i] ^ bHmac[i];
|
|
410
|
+
return out === 0;
|
|
411
|
+
}
|
|
412
|
+
async function cbcDecrypt(enc, cek, ciphertext, iv, tag, aad) {
|
|
413
|
+
if (!(cek instanceof Uint8Array)) throw new TypeError(invalidKeyInput(cek, "Uint8Array"));
|
|
414
|
+
const keySize = parseInt(enc.slice(1, 4), 10);
|
|
415
|
+
const encKey = await crypto.subtle.importKey("raw", cek.subarray(keySize >> 3), "AES-CBC", false, ["decrypt"]);
|
|
416
|
+
const macKey = await crypto.subtle.importKey("raw", cek.subarray(0, keySize >> 3), {
|
|
417
|
+
hash: `SHA-${keySize << 1}`,
|
|
418
|
+
name: "HMAC"
|
|
419
|
+
}, false, ["sign"]);
|
|
420
|
+
const macData = concat(aad, iv, ciphertext, uint64be(aad.length << 3));
|
|
421
|
+
const expectedTag = new Uint8Array((await crypto.subtle.sign("HMAC", macKey, macData)).slice(0, keySize >> 3));
|
|
422
|
+
let macCheckPassed;
|
|
423
|
+
try {
|
|
424
|
+
macCheckPassed = await timingSafeEqual(tag, expectedTag);
|
|
425
|
+
} catch {}
|
|
426
|
+
if (!macCheckPassed) throw new JWEDecryptionFailed();
|
|
427
|
+
let plaintext;
|
|
428
|
+
try {
|
|
429
|
+
plaintext = new Uint8Array(await crypto.subtle.decrypt({
|
|
430
|
+
iv,
|
|
431
|
+
name: "AES-CBC"
|
|
432
|
+
}, encKey, ciphertext));
|
|
433
|
+
} catch {}
|
|
434
|
+
if (!plaintext) throw new JWEDecryptionFailed();
|
|
435
|
+
return plaintext;
|
|
436
|
+
}
|
|
437
|
+
async function gcmDecrypt(enc, cek, ciphertext, iv, tag, aad) {
|
|
438
|
+
let encKey;
|
|
439
|
+
if (cek instanceof Uint8Array) encKey = await crypto.subtle.importKey("raw", cek, "AES-GCM", false, ["decrypt"]);
|
|
440
|
+
else {
|
|
441
|
+
checkEncCryptoKey(cek, enc, "decrypt");
|
|
442
|
+
encKey = cek;
|
|
443
|
+
}
|
|
444
|
+
try {
|
|
445
|
+
return new Uint8Array(await crypto.subtle.decrypt({
|
|
446
|
+
additionalData: aad,
|
|
447
|
+
iv,
|
|
448
|
+
name: "AES-GCM",
|
|
449
|
+
tagLength: 128
|
|
450
|
+
}, encKey, concat(ciphertext, tag)));
|
|
451
|
+
} catch {
|
|
452
|
+
throw new JWEDecryptionFailed();
|
|
453
|
+
}
|
|
454
|
+
}
|
|
455
|
+
async function decrypt$1(enc, cek, ciphertext, iv, tag, aad) {
|
|
456
|
+
if (!isCryptoKey(cek) && !(cek instanceof Uint8Array)) throw new TypeError(invalidKeyInput(cek, "CryptoKey", "KeyObject", "Uint8Array", "JSON Web Key"));
|
|
457
|
+
if (!iv) throw new JWEInvalid("JWE Initialization Vector missing");
|
|
458
|
+
if (!tag) throw new JWEInvalid("JWE Authentication Tag missing");
|
|
459
|
+
checkIvLength(enc, iv);
|
|
460
|
+
switch (enc) {
|
|
461
|
+
case "A128CBC-HS256":
|
|
462
|
+
case "A192CBC-HS384":
|
|
463
|
+
case "A256CBC-HS512":
|
|
464
|
+
if (cek instanceof Uint8Array) checkCekLength(cek, parseInt(enc.slice(-3), 10));
|
|
465
|
+
return cbcDecrypt(enc, cek, ciphertext, iv, tag, aad);
|
|
466
|
+
case "A128GCM":
|
|
467
|
+
case "A192GCM":
|
|
468
|
+
case "A256GCM":
|
|
469
|
+
if (cek instanceof Uint8Array) checkCekLength(cek, parseInt(enc.slice(1, 4), 10));
|
|
470
|
+
return gcmDecrypt(enc, cek, ciphertext, iv, tag, aad);
|
|
471
|
+
default: throw new JOSENotSupported("Unsupported JWE Content Encryption Algorithm");
|
|
472
|
+
}
|
|
473
|
+
}
|
|
474
|
+
//#endregion
|
|
475
|
+
//#region node_modules/jose/dist/webapi/lib/is_disjoint.js
|
|
476
|
+
function isDisjoint(...headers) {
|
|
477
|
+
const sources = headers.filter(Boolean);
|
|
478
|
+
if (sources.length === 0 || sources.length === 1) return true;
|
|
479
|
+
let acc;
|
|
480
|
+
for (const header of sources) {
|
|
481
|
+
const parameters = Object.keys(header);
|
|
482
|
+
if (!acc || acc.size === 0) {
|
|
483
|
+
acc = new Set(parameters);
|
|
484
|
+
continue;
|
|
485
|
+
}
|
|
486
|
+
for (const parameter of parameters) {
|
|
487
|
+
if (acc.has(parameter)) return false;
|
|
488
|
+
acc.add(parameter);
|
|
489
|
+
}
|
|
490
|
+
}
|
|
491
|
+
return true;
|
|
492
|
+
}
|
|
493
|
+
//#endregion
|
|
494
|
+
//#region node_modules/jose/dist/webapi/lib/is_object.js
|
|
495
|
+
const isObjectLike = (value) => typeof value === "object" && value !== null;
|
|
496
|
+
function isObject(input) {
|
|
497
|
+
if (!isObjectLike(input) || Object.prototype.toString.call(input) !== "[object Object]") return false;
|
|
498
|
+
if (Object.getPrototypeOf(input) === null) return true;
|
|
499
|
+
let proto = input;
|
|
500
|
+
while (Object.getPrototypeOf(proto) !== null) proto = Object.getPrototypeOf(proto);
|
|
501
|
+
return Object.getPrototypeOf(input) === proto;
|
|
502
|
+
}
|
|
503
|
+
//#endregion
|
|
504
|
+
//#region node_modules/jose/dist/webapi/lib/aeskw.js
|
|
505
|
+
function checkKeySize(key, alg) {
|
|
506
|
+
if (key.algorithm.length !== parseInt(alg.slice(1, 4), 10)) throw new TypeError(`Invalid key size for alg: ${alg}`);
|
|
507
|
+
}
|
|
508
|
+
function getCryptoKey$1(key, alg, usage) {
|
|
509
|
+
if (key instanceof Uint8Array) return crypto.subtle.importKey("raw", key, "AES-KW", true, [usage]);
|
|
510
|
+
checkEncCryptoKey(key, alg, usage);
|
|
511
|
+
return key;
|
|
512
|
+
}
|
|
513
|
+
async function wrap$2(alg, key, cek) {
|
|
514
|
+
const cryptoKey = await getCryptoKey$1(key, alg, "wrapKey");
|
|
515
|
+
checkKeySize(cryptoKey, alg);
|
|
516
|
+
const cryptoKeyCek = await crypto.subtle.importKey("raw", cek, {
|
|
517
|
+
hash: "SHA-256",
|
|
518
|
+
name: "HMAC"
|
|
519
|
+
}, true, ["sign"]);
|
|
520
|
+
return new Uint8Array(await crypto.subtle.wrapKey("raw", cryptoKeyCek, cryptoKey, "AES-KW"));
|
|
521
|
+
}
|
|
522
|
+
async function unwrap$2(alg, key, encryptedKey) {
|
|
523
|
+
const cryptoKey = await getCryptoKey$1(key, alg, "unwrapKey");
|
|
524
|
+
checkKeySize(cryptoKey, alg);
|
|
525
|
+
const cryptoKeyCek = await crypto.subtle.unwrapKey("raw", encryptedKey, cryptoKey, "AES-KW", {
|
|
526
|
+
hash: "SHA-256",
|
|
527
|
+
name: "HMAC"
|
|
528
|
+
}, true, ["sign"]);
|
|
529
|
+
return new Uint8Array(await crypto.subtle.exportKey("raw", cryptoKeyCek));
|
|
530
|
+
}
|
|
531
|
+
//#endregion
|
|
532
|
+
//#region node_modules/jose/dist/webapi/lib/digest.js
|
|
533
|
+
async function digest(algorithm, data) {
|
|
534
|
+
const subtleDigest = `SHA-${algorithm.slice(-3)}`;
|
|
535
|
+
return new Uint8Array(await crypto.subtle.digest(subtleDigest, data));
|
|
536
|
+
}
|
|
537
|
+
//#endregion
|
|
538
|
+
//#region node_modules/jose/dist/webapi/lib/ecdhes.js
|
|
539
|
+
function lengthAndInput(input) {
|
|
540
|
+
return concat(uint32be(input.length), input);
|
|
541
|
+
}
|
|
542
|
+
async function concatKdf(Z, L, OtherInfo) {
|
|
543
|
+
const dkLen = L >> 3;
|
|
544
|
+
const hashLen = 32;
|
|
545
|
+
const reps = Math.ceil(dkLen / hashLen);
|
|
546
|
+
const dk = new Uint8Array(reps * hashLen);
|
|
547
|
+
for (let i = 1; i <= reps; i++) {
|
|
548
|
+
const hashInput = new Uint8Array(4 + Z.length + OtherInfo.length);
|
|
549
|
+
hashInput.set(uint32be(i), 0);
|
|
550
|
+
hashInput.set(Z, 4);
|
|
551
|
+
hashInput.set(OtherInfo, 4 + Z.length);
|
|
552
|
+
const hashResult = await digest("sha256", hashInput);
|
|
553
|
+
dk.set(hashResult, (i - 1) * hashLen);
|
|
554
|
+
}
|
|
555
|
+
return dk.slice(0, dkLen);
|
|
556
|
+
}
|
|
557
|
+
async function deriveKey$1(publicKey, privateKey, algorithm, keyLength, apu = new Uint8Array(), apv = new Uint8Array()) {
|
|
558
|
+
checkEncCryptoKey(publicKey, "ECDH");
|
|
559
|
+
checkEncCryptoKey(privateKey, "ECDH", "deriveBits");
|
|
560
|
+
const otherInfo = concat(lengthAndInput(encode$1(algorithm)), lengthAndInput(apu), lengthAndInput(apv), uint32be(keyLength), new Uint8Array());
|
|
561
|
+
return concatKdf(new Uint8Array(await crypto.subtle.deriveBits({
|
|
562
|
+
name: publicKey.algorithm.name,
|
|
563
|
+
public: publicKey
|
|
564
|
+
}, privateKey, getEcdhBitLength(publicKey))), keyLength, otherInfo);
|
|
565
|
+
}
|
|
566
|
+
function getEcdhBitLength(publicKey) {
|
|
567
|
+
if (publicKey.algorithm.name === "X25519") return 256;
|
|
568
|
+
return Math.ceil(parseInt(publicKey.algorithm.namedCurve.slice(-3), 10) / 8) << 3;
|
|
569
|
+
}
|
|
570
|
+
function allowed(key) {
|
|
571
|
+
switch (key.algorithm.namedCurve) {
|
|
572
|
+
case "P-256":
|
|
573
|
+
case "P-384":
|
|
574
|
+
case "P-521": return true;
|
|
575
|
+
default: return key.algorithm.name === "X25519";
|
|
576
|
+
}
|
|
577
|
+
}
|
|
578
|
+
//#endregion
|
|
579
|
+
//#region node_modules/jose/dist/webapi/lib/pbes2kw.js
|
|
580
|
+
function getCryptoKey(key, alg) {
|
|
581
|
+
if (key instanceof Uint8Array) return crypto.subtle.importKey("raw", key, "PBKDF2", false, ["deriveBits"]);
|
|
582
|
+
checkEncCryptoKey(key, alg, "deriveBits");
|
|
583
|
+
return key;
|
|
584
|
+
}
|
|
585
|
+
const concatSalt = (alg, p2sInput) => concat(encode$1(alg), Uint8Array.of(0), p2sInput);
|
|
586
|
+
async function deriveKey(p2s, alg, p2c, key) {
|
|
587
|
+
if (!(p2s instanceof Uint8Array) || p2s.length < 8) throw new JWEInvalid("PBES2 Salt Input must be 8 or more octets");
|
|
588
|
+
const salt = concatSalt(alg, p2s);
|
|
589
|
+
const keylen = parseInt(alg.slice(13, 16), 10);
|
|
590
|
+
const subtleAlg = {
|
|
591
|
+
hash: `SHA-${alg.slice(8, 11)}`,
|
|
592
|
+
iterations: p2c,
|
|
593
|
+
name: "PBKDF2",
|
|
594
|
+
salt
|
|
595
|
+
};
|
|
596
|
+
const cryptoKey = await getCryptoKey(key, alg);
|
|
597
|
+
return new Uint8Array(await crypto.subtle.deriveBits(subtleAlg, cryptoKey, keylen));
|
|
598
|
+
}
|
|
599
|
+
async function wrap$1(alg, key, cek, p2c = 2048, p2s = crypto.getRandomValues(new Uint8Array(16))) {
|
|
600
|
+
const derived = await deriveKey(p2s, alg, p2c, key);
|
|
601
|
+
return {
|
|
602
|
+
encryptedKey: await wrap$2(alg.slice(-6), derived, cek),
|
|
603
|
+
p2c,
|
|
604
|
+
p2s: encode(p2s)
|
|
605
|
+
};
|
|
606
|
+
}
|
|
607
|
+
async function unwrap$1(alg, key, encryptedKey, p2c, p2s) {
|
|
608
|
+
const derived = await deriveKey(p2s, alg, p2c, key);
|
|
609
|
+
return unwrap$2(alg.slice(-6), derived, encryptedKey);
|
|
610
|
+
}
|
|
611
|
+
//#endregion
|
|
612
|
+
//#region node_modules/jose/dist/webapi/lib/check_key_length.js
|
|
613
|
+
function checkKeyLength(alg, key) {
|
|
614
|
+
if (alg.startsWith("RS") || alg.startsWith("PS")) {
|
|
615
|
+
const { modulusLength } = key.algorithm;
|
|
616
|
+
if (typeof modulusLength !== "number" || modulusLength < 2048) throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`);
|
|
617
|
+
}
|
|
618
|
+
}
|
|
619
|
+
//#endregion
|
|
620
|
+
//#region node_modules/jose/dist/webapi/lib/rsaes.js
|
|
621
|
+
const subtleAlgorithm$1 = (alg) => {
|
|
622
|
+
switch (alg) {
|
|
623
|
+
case "RSA-OAEP":
|
|
624
|
+
case "RSA-OAEP-256":
|
|
625
|
+
case "RSA-OAEP-384":
|
|
626
|
+
case "RSA-OAEP-512": return "RSA-OAEP";
|
|
627
|
+
default: throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);
|
|
628
|
+
}
|
|
629
|
+
};
|
|
630
|
+
async function encrypt$1(alg, key, cek) {
|
|
631
|
+
checkEncCryptoKey(key, alg, "encrypt");
|
|
632
|
+
checkKeyLength(alg, key);
|
|
633
|
+
return new Uint8Array(await crypto.subtle.encrypt(subtleAlgorithm$1(alg), key, cek));
|
|
634
|
+
}
|
|
635
|
+
async function decrypt(alg, key, encryptedKey) {
|
|
636
|
+
checkEncCryptoKey(key, alg, "decrypt");
|
|
637
|
+
checkKeyLength(alg, key);
|
|
638
|
+
return new Uint8Array(await crypto.subtle.decrypt(subtleAlgorithm$1(alg), key, encryptedKey));
|
|
639
|
+
}
|
|
640
|
+
//#endregion
|
|
641
|
+
//#region node_modules/jose/dist/webapi/lib/cek.js
|
|
642
|
+
function cekLength(alg) {
|
|
643
|
+
switch (alg) {
|
|
644
|
+
case "A128GCM": return 128;
|
|
645
|
+
case "A192GCM": return 192;
|
|
646
|
+
case "A256GCM":
|
|
647
|
+
case "A128CBC-HS256": return 256;
|
|
648
|
+
case "A192CBC-HS384": return 384;
|
|
649
|
+
case "A256CBC-HS512": return 512;
|
|
650
|
+
default: throw new JOSENotSupported(`Unsupported JWE Algorithm: ${alg}`);
|
|
651
|
+
}
|
|
652
|
+
}
|
|
653
|
+
const generateCek = (alg) => crypto.getRandomValues(new Uint8Array(cekLength(alg) >> 3));
|
|
654
|
+
//#endregion
|
|
655
|
+
//#region node_modules/jose/dist/webapi/lib/asn1.js
|
|
656
|
+
const formatPEM = (b64, descriptor) => {
|
|
657
|
+
return `-----BEGIN ${descriptor}-----\n${(b64.match(/.{1,64}/g) || []).join("\n")}\n-----END ${descriptor}-----`;
|
|
658
|
+
};
|
|
659
|
+
const genericExport = async (keyType, keyFormat, key) => {
|
|
660
|
+
if (isKeyObject(key)) {
|
|
661
|
+
if (key.type !== keyType) throw new TypeError(`key is not a ${keyType} key`);
|
|
662
|
+
return key.export({
|
|
663
|
+
format: "pem",
|
|
664
|
+
type: keyFormat
|
|
665
|
+
});
|
|
666
|
+
}
|
|
667
|
+
if (!isCryptoKey(key)) throw new TypeError(invalidKeyInput(key, "CryptoKey", "KeyObject"));
|
|
668
|
+
if (!key.extractable) throw new TypeError("CryptoKey is not extractable");
|
|
669
|
+
if (key.type !== keyType) throw new TypeError(`key is not a ${keyType} key`);
|
|
670
|
+
return formatPEM(encodeBase64(new Uint8Array(await crypto.subtle.exportKey(keyFormat, key))), `${keyType.toUpperCase()} KEY`);
|
|
671
|
+
};
|
|
672
|
+
const toSPKI = (key) => genericExport("public", "spki", key);
|
|
673
|
+
const toPKCS8 = (key) => genericExport("private", "pkcs8", key);
|
|
674
|
+
const bytesEqual = (a, b) => {
|
|
675
|
+
if (a.byteLength !== b.length) return false;
|
|
676
|
+
for (let i = 0; i < a.byteLength; i++) if (a[i] !== b[i]) return false;
|
|
677
|
+
return true;
|
|
678
|
+
};
|
|
679
|
+
const createASN1State = (data) => ({
|
|
680
|
+
data,
|
|
681
|
+
pos: 0
|
|
682
|
+
});
|
|
683
|
+
const parseLength = (state) => {
|
|
684
|
+
const first = state.data[state.pos++];
|
|
685
|
+
if (first & 128) {
|
|
686
|
+
const lengthOfLen = first & 127;
|
|
687
|
+
let length = 0;
|
|
688
|
+
for (let i = 0; i < lengthOfLen; i++) length = length << 8 | state.data[state.pos++];
|
|
689
|
+
return length;
|
|
690
|
+
}
|
|
691
|
+
return first;
|
|
692
|
+
};
|
|
693
|
+
const skipElement = (state, count = 1) => {
|
|
694
|
+
if (count <= 0) return;
|
|
695
|
+
state.pos++;
|
|
696
|
+
const length = parseLength(state);
|
|
697
|
+
state.pos += length;
|
|
698
|
+
if (count > 1) skipElement(state, count - 1);
|
|
699
|
+
};
|
|
700
|
+
const expectTag = (state, expectedTag, errorMessage) => {
|
|
701
|
+
if (state.data[state.pos++] !== expectedTag) throw new Error(errorMessage);
|
|
702
|
+
};
|
|
703
|
+
const getSubarray = (state, length) => {
|
|
704
|
+
const result = state.data.subarray(state.pos, state.pos + length);
|
|
705
|
+
state.pos += length;
|
|
706
|
+
return result;
|
|
707
|
+
};
|
|
708
|
+
const parseAlgorithmOID = (state) => {
|
|
709
|
+
expectTag(state, 6, "Expected algorithm OID");
|
|
710
|
+
return getSubarray(state, parseLength(state));
|
|
711
|
+
};
|
|
712
|
+
function parsePKCS8Header(state) {
|
|
713
|
+
expectTag(state, 48, "Invalid PKCS#8 structure");
|
|
714
|
+
parseLength(state);
|
|
715
|
+
expectTag(state, 2, "Expected version field");
|
|
716
|
+
const verLen = parseLength(state);
|
|
717
|
+
state.pos += verLen;
|
|
718
|
+
expectTag(state, 48, "Expected algorithm identifier");
|
|
719
|
+
const algIdLen = parseLength(state);
|
|
720
|
+
return {
|
|
721
|
+
algIdStart: state.pos,
|
|
722
|
+
algIdLength: algIdLen
|
|
723
|
+
};
|
|
724
|
+
}
|
|
725
|
+
function parseSPKIHeader(state) {
|
|
726
|
+
expectTag(state, 48, "Invalid SPKI structure");
|
|
727
|
+
parseLength(state);
|
|
728
|
+
expectTag(state, 48, "Expected algorithm identifier");
|
|
729
|
+
const algIdLen = parseLength(state);
|
|
730
|
+
return {
|
|
731
|
+
algIdStart: state.pos,
|
|
732
|
+
algIdLength: algIdLen
|
|
733
|
+
};
|
|
734
|
+
}
|
|
735
|
+
const parseECAlgorithmIdentifier = (state) => {
|
|
736
|
+
const algOid = parseAlgorithmOID(state);
|
|
737
|
+
if (bytesEqual(algOid, [
|
|
738
|
+
43,
|
|
739
|
+
101,
|
|
740
|
+
110
|
|
741
|
+
])) return "X25519";
|
|
742
|
+
if (!bytesEqual(algOid, [
|
|
743
|
+
42,
|
|
744
|
+
134,
|
|
745
|
+
72,
|
|
746
|
+
206,
|
|
747
|
+
61,
|
|
748
|
+
2,
|
|
749
|
+
1
|
|
750
|
+
])) throw new Error("Unsupported key algorithm");
|
|
751
|
+
expectTag(state, 6, "Expected curve OID");
|
|
752
|
+
const curveOid = getSubarray(state, parseLength(state));
|
|
753
|
+
for (const { name, oid } of [
|
|
754
|
+
{
|
|
755
|
+
name: "P-256",
|
|
756
|
+
oid: [
|
|
757
|
+
42,
|
|
758
|
+
134,
|
|
759
|
+
72,
|
|
760
|
+
206,
|
|
761
|
+
61,
|
|
762
|
+
3,
|
|
763
|
+
1,
|
|
764
|
+
7
|
|
765
|
+
]
|
|
766
|
+
},
|
|
767
|
+
{
|
|
768
|
+
name: "P-384",
|
|
769
|
+
oid: [
|
|
770
|
+
43,
|
|
771
|
+
129,
|
|
772
|
+
4,
|
|
773
|
+
0,
|
|
774
|
+
34
|
|
775
|
+
]
|
|
776
|
+
},
|
|
777
|
+
{
|
|
778
|
+
name: "P-521",
|
|
779
|
+
oid: [
|
|
780
|
+
43,
|
|
781
|
+
129,
|
|
782
|
+
4,
|
|
783
|
+
0,
|
|
784
|
+
35
|
|
785
|
+
]
|
|
786
|
+
}
|
|
787
|
+
]) if (bytesEqual(curveOid, oid)) return name;
|
|
788
|
+
throw new Error("Unsupported named curve");
|
|
789
|
+
};
|
|
790
|
+
const genericImport = async (keyFormat, keyData, alg, options) => {
|
|
791
|
+
let algorithm;
|
|
792
|
+
let keyUsages;
|
|
793
|
+
const isPublic = keyFormat === "spki";
|
|
794
|
+
const getSigUsages = () => isPublic ? ["verify"] : ["sign"];
|
|
795
|
+
const getEncUsages = () => isPublic ? ["encrypt", "wrapKey"] : ["decrypt", "unwrapKey"];
|
|
796
|
+
switch (alg) {
|
|
797
|
+
case "PS256":
|
|
798
|
+
case "PS384":
|
|
799
|
+
case "PS512":
|
|
800
|
+
algorithm = {
|
|
801
|
+
name: "RSA-PSS",
|
|
802
|
+
hash: `SHA-${alg.slice(-3)}`
|
|
803
|
+
};
|
|
804
|
+
keyUsages = getSigUsages();
|
|
805
|
+
break;
|
|
806
|
+
case "RS256":
|
|
807
|
+
case "RS384":
|
|
808
|
+
case "RS512":
|
|
809
|
+
algorithm = {
|
|
810
|
+
name: "RSASSA-PKCS1-v1_5",
|
|
811
|
+
hash: `SHA-${alg.slice(-3)}`
|
|
812
|
+
};
|
|
813
|
+
keyUsages = getSigUsages();
|
|
814
|
+
break;
|
|
815
|
+
case "RSA-OAEP":
|
|
816
|
+
case "RSA-OAEP-256":
|
|
817
|
+
case "RSA-OAEP-384":
|
|
818
|
+
case "RSA-OAEP-512":
|
|
819
|
+
algorithm = {
|
|
820
|
+
name: "RSA-OAEP",
|
|
821
|
+
hash: `SHA-${parseInt(alg.slice(-3), 10) || 1}`
|
|
822
|
+
};
|
|
823
|
+
keyUsages = getEncUsages();
|
|
824
|
+
break;
|
|
825
|
+
case "ES256":
|
|
826
|
+
case "ES384":
|
|
827
|
+
case "ES512":
|
|
828
|
+
algorithm = {
|
|
829
|
+
name: "ECDSA",
|
|
830
|
+
namedCurve: {
|
|
831
|
+
ES256: "P-256",
|
|
832
|
+
ES384: "P-384",
|
|
833
|
+
ES512: "P-521"
|
|
834
|
+
}[alg]
|
|
835
|
+
};
|
|
836
|
+
keyUsages = getSigUsages();
|
|
837
|
+
break;
|
|
838
|
+
case "ECDH-ES":
|
|
839
|
+
case "ECDH-ES+A128KW":
|
|
840
|
+
case "ECDH-ES+A192KW":
|
|
841
|
+
case "ECDH-ES+A256KW":
|
|
842
|
+
try {
|
|
843
|
+
const namedCurve = options.getNamedCurve(keyData);
|
|
844
|
+
algorithm = namedCurve === "X25519" ? { name: "X25519" } : {
|
|
845
|
+
name: "ECDH",
|
|
846
|
+
namedCurve
|
|
847
|
+
};
|
|
848
|
+
} catch (cause) {
|
|
849
|
+
throw new JOSENotSupported("Invalid or unsupported key format");
|
|
850
|
+
}
|
|
851
|
+
keyUsages = isPublic ? [] : ["deriveBits"];
|
|
852
|
+
break;
|
|
853
|
+
case "Ed25519":
|
|
854
|
+
case "EdDSA":
|
|
855
|
+
algorithm = { name: "Ed25519" };
|
|
856
|
+
keyUsages = getSigUsages();
|
|
857
|
+
break;
|
|
858
|
+
case "ML-DSA-44":
|
|
859
|
+
case "ML-DSA-65":
|
|
860
|
+
case "ML-DSA-87":
|
|
861
|
+
algorithm = { name: alg };
|
|
862
|
+
keyUsages = getSigUsages();
|
|
863
|
+
break;
|
|
864
|
+
default: throw new JOSENotSupported("Invalid or unsupported \"alg\" (Algorithm) value");
|
|
865
|
+
}
|
|
866
|
+
return crypto.subtle.importKey(keyFormat, keyData, algorithm, options?.extractable ?? (isPublic ? true : false), keyUsages);
|
|
867
|
+
};
|
|
868
|
+
const processPEMData = (pem, pattern) => {
|
|
869
|
+
return decodeBase64(pem.replace(pattern, ""));
|
|
870
|
+
};
|
|
871
|
+
const fromPKCS8 = (pem, alg, options) => {
|
|
872
|
+
const keyData = processPEMData(pem, /(?:-----(?:BEGIN|END) PRIVATE KEY-----|\s)/g);
|
|
873
|
+
let opts = options;
|
|
874
|
+
if (alg?.startsWith?.("ECDH-ES")) {
|
|
875
|
+
opts ||= {};
|
|
876
|
+
opts.getNamedCurve = (keyData) => {
|
|
877
|
+
const state = createASN1State(keyData);
|
|
878
|
+
parsePKCS8Header(state);
|
|
879
|
+
return parseECAlgorithmIdentifier(state);
|
|
880
|
+
};
|
|
881
|
+
}
|
|
882
|
+
return genericImport("pkcs8", keyData, alg, opts);
|
|
883
|
+
};
|
|
884
|
+
const fromSPKI = (pem, alg, options) => {
|
|
885
|
+
const keyData = processPEMData(pem, /(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g);
|
|
886
|
+
let opts = options;
|
|
887
|
+
if (alg?.startsWith?.("ECDH-ES")) {
|
|
888
|
+
opts ||= {};
|
|
889
|
+
opts.getNamedCurve = (keyData) => {
|
|
890
|
+
const state = createASN1State(keyData);
|
|
891
|
+
parseSPKIHeader(state);
|
|
892
|
+
return parseECAlgorithmIdentifier(state);
|
|
893
|
+
};
|
|
894
|
+
}
|
|
895
|
+
return genericImport("spki", keyData, alg, opts);
|
|
896
|
+
};
|
|
897
|
+
function spkiFromX509(buf) {
|
|
898
|
+
const state = createASN1State(buf);
|
|
899
|
+
expectTag(state, 48, "Invalid certificate structure");
|
|
900
|
+
parseLength(state);
|
|
901
|
+
expectTag(state, 48, "Invalid tbsCertificate structure");
|
|
902
|
+
parseLength(state);
|
|
903
|
+
if (buf[state.pos] === 160) skipElement(state, 6);
|
|
904
|
+
else skipElement(state, 5);
|
|
905
|
+
const spkiStart = state.pos;
|
|
906
|
+
expectTag(state, 48, "Invalid SPKI structure");
|
|
907
|
+
const spkiContentLen = parseLength(state);
|
|
908
|
+
return buf.subarray(spkiStart, spkiStart + spkiContentLen + (state.pos - spkiStart));
|
|
909
|
+
}
|
|
910
|
+
function extractX509SPKI(x509) {
|
|
911
|
+
return spkiFromX509(processPEMData(x509, /(?:-----(?:BEGIN|END) CERTIFICATE-----|\s)/g));
|
|
912
|
+
}
|
|
913
|
+
const fromX509 = (pem, alg, options) => {
|
|
914
|
+
let spki;
|
|
915
|
+
try {
|
|
916
|
+
spki = extractX509SPKI(pem);
|
|
917
|
+
} catch (cause) {
|
|
918
|
+
throw new TypeError("Failed to parse the X.509 certificate", { cause });
|
|
919
|
+
}
|
|
920
|
+
return fromSPKI(formatPEM(encodeBase64(spki), "PUBLIC KEY"), alg, options);
|
|
921
|
+
};
|
|
922
|
+
//#endregion
|
|
923
|
+
//#region node_modules/jose/dist/webapi/lib/jwk_to_key.js
|
|
924
|
+
function subtleMapping(jwk) {
|
|
925
|
+
let algorithm;
|
|
926
|
+
let keyUsages;
|
|
927
|
+
switch (jwk.kty) {
|
|
928
|
+
case "AKP":
|
|
929
|
+
switch (jwk.alg) {
|
|
930
|
+
case "ML-DSA-44":
|
|
931
|
+
case "ML-DSA-65":
|
|
932
|
+
case "ML-DSA-87":
|
|
933
|
+
algorithm = { name: jwk.alg };
|
|
934
|
+
keyUsages = jwk.priv ? ["sign"] : ["verify"];
|
|
935
|
+
break;
|
|
936
|
+
default: throw new JOSENotSupported("Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value");
|
|
937
|
+
}
|
|
938
|
+
break;
|
|
939
|
+
case "RSA":
|
|
940
|
+
switch (jwk.alg) {
|
|
941
|
+
case "PS256":
|
|
942
|
+
case "PS384":
|
|
943
|
+
case "PS512":
|
|
944
|
+
algorithm = {
|
|
945
|
+
name: "RSA-PSS",
|
|
946
|
+
hash: `SHA-${jwk.alg.slice(-3)}`
|
|
947
|
+
};
|
|
948
|
+
keyUsages = jwk.d ? ["sign"] : ["verify"];
|
|
949
|
+
break;
|
|
950
|
+
case "RS256":
|
|
951
|
+
case "RS384":
|
|
952
|
+
case "RS512":
|
|
953
|
+
algorithm = {
|
|
954
|
+
name: "RSASSA-PKCS1-v1_5",
|
|
955
|
+
hash: `SHA-${jwk.alg.slice(-3)}`
|
|
956
|
+
};
|
|
957
|
+
keyUsages = jwk.d ? ["sign"] : ["verify"];
|
|
958
|
+
break;
|
|
959
|
+
case "RSA-OAEP":
|
|
960
|
+
case "RSA-OAEP-256":
|
|
961
|
+
case "RSA-OAEP-384":
|
|
962
|
+
case "RSA-OAEP-512":
|
|
963
|
+
algorithm = {
|
|
964
|
+
name: "RSA-OAEP",
|
|
965
|
+
hash: `SHA-${parseInt(jwk.alg.slice(-3), 10) || 1}`
|
|
966
|
+
};
|
|
967
|
+
keyUsages = jwk.d ? ["decrypt", "unwrapKey"] : ["encrypt", "wrapKey"];
|
|
968
|
+
break;
|
|
969
|
+
default: throw new JOSENotSupported("Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value");
|
|
970
|
+
}
|
|
971
|
+
break;
|
|
972
|
+
case "EC":
|
|
973
|
+
switch (jwk.alg) {
|
|
974
|
+
case "ES256":
|
|
975
|
+
algorithm = {
|
|
976
|
+
name: "ECDSA",
|
|
977
|
+
namedCurve: "P-256"
|
|
978
|
+
};
|
|
979
|
+
keyUsages = jwk.d ? ["sign"] : ["verify"];
|
|
980
|
+
break;
|
|
981
|
+
case "ES384":
|
|
982
|
+
algorithm = {
|
|
983
|
+
name: "ECDSA",
|
|
984
|
+
namedCurve: "P-384"
|
|
985
|
+
};
|
|
986
|
+
keyUsages = jwk.d ? ["sign"] : ["verify"];
|
|
987
|
+
break;
|
|
988
|
+
case "ES512":
|
|
989
|
+
algorithm = {
|
|
990
|
+
name: "ECDSA",
|
|
991
|
+
namedCurve: "P-521"
|
|
992
|
+
};
|
|
993
|
+
keyUsages = jwk.d ? ["sign"] : ["verify"];
|
|
994
|
+
break;
|
|
995
|
+
case "ECDH-ES":
|
|
996
|
+
case "ECDH-ES+A128KW":
|
|
997
|
+
case "ECDH-ES+A192KW":
|
|
998
|
+
case "ECDH-ES+A256KW":
|
|
999
|
+
algorithm = {
|
|
1000
|
+
name: "ECDH",
|
|
1001
|
+
namedCurve: jwk.crv
|
|
1002
|
+
};
|
|
1003
|
+
keyUsages = jwk.d ? ["deriveBits"] : [];
|
|
1004
|
+
break;
|
|
1005
|
+
default: throw new JOSENotSupported("Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value");
|
|
1006
|
+
}
|
|
1007
|
+
break;
|
|
1008
|
+
case "OKP":
|
|
1009
|
+
switch (jwk.alg) {
|
|
1010
|
+
case "Ed25519":
|
|
1011
|
+
case "EdDSA":
|
|
1012
|
+
algorithm = { name: "Ed25519" };
|
|
1013
|
+
keyUsages = jwk.d ? ["sign"] : ["verify"];
|
|
1014
|
+
break;
|
|
1015
|
+
case "ECDH-ES":
|
|
1016
|
+
case "ECDH-ES+A128KW":
|
|
1017
|
+
case "ECDH-ES+A192KW":
|
|
1018
|
+
case "ECDH-ES+A256KW":
|
|
1019
|
+
algorithm = { name: jwk.crv };
|
|
1020
|
+
keyUsages = jwk.d ? ["deriveBits"] : [];
|
|
1021
|
+
break;
|
|
1022
|
+
default: throw new JOSENotSupported("Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value");
|
|
1023
|
+
}
|
|
1024
|
+
break;
|
|
1025
|
+
default: throw new JOSENotSupported("Invalid or unsupported JWK \"kty\" (Key Type) Parameter value");
|
|
1026
|
+
}
|
|
1027
|
+
return {
|
|
1028
|
+
algorithm,
|
|
1029
|
+
keyUsages
|
|
1030
|
+
};
|
|
1031
|
+
}
|
|
1032
|
+
async function jwkToKey(jwk) {
|
|
1033
|
+
if (!jwk.alg) throw new TypeError("\"alg\" argument is required when \"jwk.alg\" is not present");
|
|
1034
|
+
const { algorithm, keyUsages } = subtleMapping(jwk);
|
|
1035
|
+
const keyData = { ...jwk };
|
|
1036
|
+
if (keyData.kty !== "AKP") delete keyData.alg;
|
|
1037
|
+
delete keyData.use;
|
|
1038
|
+
return crypto.subtle.importKey("jwk", keyData, algorithm, jwk.ext ?? (jwk.d || jwk.priv ? false : true), jwk.key_ops ?? keyUsages);
|
|
1039
|
+
}
|
|
1040
|
+
//#endregion
|
|
1041
|
+
//#region node_modules/jose/dist/webapi/key/import.js
|
|
1042
|
+
async function importSPKI(spki, alg, options) {
|
|
1043
|
+
if (typeof spki !== "string" || spki.indexOf("-----BEGIN PUBLIC KEY-----") !== 0) throw new TypeError("\"spki\" must be SPKI formatted string");
|
|
1044
|
+
return fromSPKI(spki, alg, options);
|
|
1045
|
+
}
|
|
1046
|
+
async function importX509(x509, alg, options) {
|
|
1047
|
+
if (typeof x509 !== "string" || x509.indexOf("-----BEGIN CERTIFICATE-----") !== 0) throw new TypeError("\"x509\" must be X.509 formatted string");
|
|
1048
|
+
return fromX509(x509, alg, options);
|
|
1049
|
+
}
|
|
1050
|
+
async function importPKCS8(pkcs8, alg, options) {
|
|
1051
|
+
if (typeof pkcs8 !== "string" || pkcs8.indexOf("-----BEGIN PRIVATE KEY-----") !== 0) throw new TypeError("\"pkcs8\" must be PKCS#8 formatted string");
|
|
1052
|
+
return fromPKCS8(pkcs8, alg, options);
|
|
1053
|
+
}
|
|
1054
|
+
async function importJWK(jwk, alg, options) {
|
|
1055
|
+
if (!isObject(jwk)) throw new TypeError("JWK must be an object");
|
|
1056
|
+
let ext;
|
|
1057
|
+
alg ??= jwk.alg;
|
|
1058
|
+
ext ??= options?.extractable ?? jwk.ext;
|
|
1059
|
+
switch (jwk.kty) {
|
|
1060
|
+
case "oct":
|
|
1061
|
+
if (typeof jwk.k !== "string" || !jwk.k) throw new TypeError("missing \"k\" (Key Value) Parameter value");
|
|
1062
|
+
return decode(jwk.k);
|
|
1063
|
+
case "RSA":
|
|
1064
|
+
if ("oth" in jwk && jwk.oth !== void 0) throw new JOSENotSupported("RSA JWK \"oth\" (Other Primes Info) Parameter value is not supported");
|
|
1065
|
+
return jwkToKey({
|
|
1066
|
+
...jwk,
|
|
1067
|
+
alg,
|
|
1068
|
+
ext
|
|
1069
|
+
});
|
|
1070
|
+
case "AKP":
|
|
1071
|
+
if (typeof jwk.alg !== "string" || !jwk.alg) throw new TypeError("missing \"alg\" (Algorithm) Parameter value");
|
|
1072
|
+
if (alg !== void 0 && alg !== jwk.alg) throw new TypeError("JWK alg and alg option value mismatch");
|
|
1073
|
+
return jwkToKey({
|
|
1074
|
+
...jwk,
|
|
1075
|
+
ext
|
|
1076
|
+
});
|
|
1077
|
+
case "EC":
|
|
1078
|
+
case "OKP": return jwkToKey({
|
|
1079
|
+
...jwk,
|
|
1080
|
+
alg,
|
|
1081
|
+
ext
|
|
1082
|
+
});
|
|
1083
|
+
default: throw new JOSENotSupported("Unsupported \"kty\" (Key Type) Parameter value");
|
|
1084
|
+
}
|
|
1085
|
+
}
|
|
1086
|
+
//#endregion
|
|
1087
|
+
//#region node_modules/jose/dist/webapi/lib/encrypt.js
|
|
1088
|
+
async function cbcEncrypt(enc, plaintext, cek, iv, aad) {
|
|
1089
|
+
if (!(cek instanceof Uint8Array)) throw new TypeError(invalidKeyInput(cek, "Uint8Array"));
|
|
1090
|
+
const keySize = parseInt(enc.slice(1, 4), 10);
|
|
1091
|
+
const encKey = await crypto.subtle.importKey("raw", cek.subarray(keySize >> 3), "AES-CBC", false, ["encrypt"]);
|
|
1092
|
+
const macKey = await crypto.subtle.importKey("raw", cek.subarray(0, keySize >> 3), {
|
|
1093
|
+
hash: `SHA-${keySize << 1}`,
|
|
1094
|
+
name: "HMAC"
|
|
1095
|
+
}, false, ["sign"]);
|
|
1096
|
+
const ciphertext = new Uint8Array(await crypto.subtle.encrypt({
|
|
1097
|
+
iv,
|
|
1098
|
+
name: "AES-CBC"
|
|
1099
|
+
}, encKey, plaintext));
|
|
1100
|
+
const macData = concat(aad, iv, ciphertext, uint64be(aad.length << 3));
|
|
1101
|
+
return {
|
|
1102
|
+
ciphertext,
|
|
1103
|
+
tag: new Uint8Array((await crypto.subtle.sign("HMAC", macKey, macData)).slice(0, keySize >> 3)),
|
|
1104
|
+
iv
|
|
1105
|
+
};
|
|
1106
|
+
}
|
|
1107
|
+
async function gcmEncrypt(enc, plaintext, cek, iv, aad) {
|
|
1108
|
+
let encKey;
|
|
1109
|
+
if (cek instanceof Uint8Array) encKey = await crypto.subtle.importKey("raw", cek, "AES-GCM", false, ["encrypt"]);
|
|
1110
|
+
else {
|
|
1111
|
+
checkEncCryptoKey(cek, enc, "encrypt");
|
|
1112
|
+
encKey = cek;
|
|
1113
|
+
}
|
|
1114
|
+
const encrypted = new Uint8Array(await crypto.subtle.encrypt({
|
|
1115
|
+
additionalData: aad,
|
|
1116
|
+
iv,
|
|
1117
|
+
name: "AES-GCM",
|
|
1118
|
+
tagLength: 128
|
|
1119
|
+
}, encKey, plaintext));
|
|
1120
|
+
const tag = encrypted.slice(-16);
|
|
1121
|
+
return {
|
|
1122
|
+
ciphertext: encrypted.slice(0, -16),
|
|
1123
|
+
tag,
|
|
1124
|
+
iv
|
|
1125
|
+
};
|
|
1126
|
+
}
|
|
1127
|
+
async function encrypt(enc, plaintext, cek, iv, aad) {
|
|
1128
|
+
if (!isCryptoKey(cek) && !(cek instanceof Uint8Array)) throw new TypeError(invalidKeyInput(cek, "CryptoKey", "KeyObject", "Uint8Array", "JSON Web Key"));
|
|
1129
|
+
if (iv) checkIvLength(enc, iv);
|
|
1130
|
+
else iv = generateIv(enc);
|
|
1131
|
+
switch (enc) {
|
|
1132
|
+
case "A128CBC-HS256":
|
|
1133
|
+
case "A192CBC-HS384":
|
|
1134
|
+
case "A256CBC-HS512":
|
|
1135
|
+
if (cek instanceof Uint8Array) checkCekLength(cek, parseInt(enc.slice(-3), 10));
|
|
1136
|
+
return cbcEncrypt(enc, plaintext, cek, iv, aad);
|
|
1137
|
+
case "A128GCM":
|
|
1138
|
+
case "A192GCM":
|
|
1139
|
+
case "A256GCM":
|
|
1140
|
+
if (cek instanceof Uint8Array) checkCekLength(cek, parseInt(enc.slice(1, 4), 10));
|
|
1141
|
+
return gcmEncrypt(enc, plaintext, cek, iv, aad);
|
|
1142
|
+
default: throw new JOSENotSupported("Unsupported JWE Content Encryption Algorithm");
|
|
1143
|
+
}
|
|
1144
|
+
}
|
|
1145
|
+
//#endregion
|
|
1146
|
+
//#region node_modules/jose/dist/webapi/lib/aesgcmkw.js
|
|
1147
|
+
async function wrap(alg, key, cek, iv) {
|
|
1148
|
+
const wrapped = await encrypt(alg.slice(0, 7), cek, key, iv, new Uint8Array());
|
|
1149
|
+
return {
|
|
1150
|
+
encryptedKey: wrapped.ciphertext,
|
|
1151
|
+
iv: encode(wrapped.iv),
|
|
1152
|
+
tag: encode(wrapped.tag)
|
|
1153
|
+
};
|
|
1154
|
+
}
|
|
1155
|
+
async function unwrap(alg, key, encryptedKey, iv, tag) {
|
|
1156
|
+
return decrypt$1(alg.slice(0, 7), key, encryptedKey, iv, tag, new Uint8Array());
|
|
1157
|
+
}
|
|
1158
|
+
//#endregion
|
|
1159
|
+
//#region node_modules/jose/dist/webapi/lib/decrypt_key_management.js
|
|
1160
|
+
async function decryptKeyManagement(alg, key, encryptedKey, joseHeader, options) {
|
|
1161
|
+
switch (alg) {
|
|
1162
|
+
case "dir":
|
|
1163
|
+
if (encryptedKey !== void 0) throw new JWEInvalid("Encountered unexpected JWE Encrypted Key");
|
|
1164
|
+
return key;
|
|
1165
|
+
case "ECDH-ES": if (encryptedKey !== void 0) throw new JWEInvalid("Encountered unexpected JWE Encrypted Key");
|
|
1166
|
+
case "ECDH-ES+A128KW":
|
|
1167
|
+
case "ECDH-ES+A192KW":
|
|
1168
|
+
case "ECDH-ES+A256KW": {
|
|
1169
|
+
if (!isObject(joseHeader.epk)) throw new JWEInvalid(`JOSE Header "epk" (Ephemeral Public Key) missing or invalid`);
|
|
1170
|
+
assertCryptoKey(key);
|
|
1171
|
+
if (!allowed(key)) throw new JOSENotSupported("ECDH with the provided key is not allowed or not supported by your javascript runtime");
|
|
1172
|
+
const epk = await importJWK(joseHeader.epk, alg);
|
|
1173
|
+
assertCryptoKey(epk);
|
|
1174
|
+
let partyUInfo;
|
|
1175
|
+
let partyVInfo;
|
|
1176
|
+
if (joseHeader.apu !== void 0) {
|
|
1177
|
+
if (typeof joseHeader.apu !== "string") throw new JWEInvalid(`JOSE Header "apu" (Agreement PartyUInfo) invalid`);
|
|
1178
|
+
try {
|
|
1179
|
+
partyUInfo = decode(joseHeader.apu);
|
|
1180
|
+
} catch {
|
|
1181
|
+
throw new JWEInvalid("Failed to base64url decode the apu");
|
|
1182
|
+
}
|
|
1183
|
+
}
|
|
1184
|
+
if (joseHeader.apv !== void 0) {
|
|
1185
|
+
if (typeof joseHeader.apv !== "string") throw new JWEInvalid(`JOSE Header "apv" (Agreement PartyVInfo) invalid`);
|
|
1186
|
+
try {
|
|
1187
|
+
partyVInfo = decode(joseHeader.apv);
|
|
1188
|
+
} catch {
|
|
1189
|
+
throw new JWEInvalid("Failed to base64url decode the apv");
|
|
1190
|
+
}
|
|
1191
|
+
}
|
|
1192
|
+
const sharedSecret = await deriveKey$1(epk, key, alg === "ECDH-ES" ? joseHeader.enc : alg, alg === "ECDH-ES" ? cekLength(joseHeader.enc) : parseInt(alg.slice(-5, -2), 10), partyUInfo, partyVInfo);
|
|
1193
|
+
if (alg === "ECDH-ES") return sharedSecret;
|
|
1194
|
+
if (encryptedKey === void 0) throw new JWEInvalid("JWE Encrypted Key missing");
|
|
1195
|
+
return unwrap$2(alg.slice(-6), sharedSecret, encryptedKey);
|
|
1196
|
+
}
|
|
1197
|
+
case "RSA-OAEP":
|
|
1198
|
+
case "RSA-OAEP-256":
|
|
1199
|
+
case "RSA-OAEP-384":
|
|
1200
|
+
case "RSA-OAEP-512":
|
|
1201
|
+
if (encryptedKey === void 0) throw new JWEInvalid("JWE Encrypted Key missing");
|
|
1202
|
+
assertCryptoKey(key);
|
|
1203
|
+
return decrypt(alg, key, encryptedKey);
|
|
1204
|
+
case "PBES2-HS256+A128KW":
|
|
1205
|
+
case "PBES2-HS384+A192KW":
|
|
1206
|
+
case "PBES2-HS512+A256KW": {
|
|
1207
|
+
if (encryptedKey === void 0) throw new JWEInvalid("JWE Encrypted Key missing");
|
|
1208
|
+
if (typeof joseHeader.p2c !== "number") throw new JWEInvalid(`JOSE Header "p2c" (PBES2 Count) missing or invalid`);
|
|
1209
|
+
const p2cLimit = options?.maxPBES2Count || 1e4;
|
|
1210
|
+
if (joseHeader.p2c > p2cLimit) throw new JWEInvalid(`JOSE Header "p2c" (PBES2 Count) out is of acceptable bounds`);
|
|
1211
|
+
if (typeof joseHeader.p2s !== "string") throw new JWEInvalid(`JOSE Header "p2s" (PBES2 Salt) missing or invalid`);
|
|
1212
|
+
let p2s;
|
|
1213
|
+
try {
|
|
1214
|
+
p2s = decode(joseHeader.p2s);
|
|
1215
|
+
} catch {
|
|
1216
|
+
throw new JWEInvalid("Failed to base64url decode the p2s");
|
|
1217
|
+
}
|
|
1218
|
+
return unwrap$1(alg, key, encryptedKey, joseHeader.p2c, p2s);
|
|
1219
|
+
}
|
|
1220
|
+
case "A128KW":
|
|
1221
|
+
case "A192KW":
|
|
1222
|
+
case "A256KW":
|
|
1223
|
+
if (encryptedKey === void 0) throw new JWEInvalid("JWE Encrypted Key missing");
|
|
1224
|
+
return unwrap$2(alg, key, encryptedKey);
|
|
1225
|
+
case "A128GCMKW":
|
|
1226
|
+
case "A192GCMKW":
|
|
1227
|
+
case "A256GCMKW": {
|
|
1228
|
+
if (encryptedKey === void 0) throw new JWEInvalid("JWE Encrypted Key missing");
|
|
1229
|
+
if (typeof joseHeader.iv !== "string") throw new JWEInvalid(`JOSE Header "iv" (Initialization Vector) missing or invalid`);
|
|
1230
|
+
if (typeof joseHeader.tag !== "string") throw new JWEInvalid(`JOSE Header "tag" (Authentication Tag) missing or invalid`);
|
|
1231
|
+
let iv;
|
|
1232
|
+
try {
|
|
1233
|
+
iv = decode(joseHeader.iv);
|
|
1234
|
+
} catch {
|
|
1235
|
+
throw new JWEInvalid("Failed to base64url decode the iv");
|
|
1236
|
+
}
|
|
1237
|
+
let tag;
|
|
1238
|
+
try {
|
|
1239
|
+
tag = decode(joseHeader.tag);
|
|
1240
|
+
} catch {
|
|
1241
|
+
throw new JWEInvalid("Failed to base64url decode the tag");
|
|
1242
|
+
}
|
|
1243
|
+
return unwrap(alg, key, encryptedKey, iv, tag);
|
|
1244
|
+
}
|
|
1245
|
+
default: throw new JOSENotSupported("Invalid or unsupported \"alg\" (JWE Algorithm) header value");
|
|
1246
|
+
}
|
|
1247
|
+
}
|
|
1248
|
+
//#endregion
|
|
1249
|
+
//#region node_modules/jose/dist/webapi/lib/validate_crit.js
|
|
1250
|
+
function validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) {
|
|
1251
|
+
if (joseHeader.crit !== void 0 && protectedHeader?.crit === void 0) throw new Err("\"crit\" (Critical) Header Parameter MUST be integrity protected");
|
|
1252
|
+
if (!protectedHeader || protectedHeader.crit === void 0) return /* @__PURE__ */ new Set();
|
|
1253
|
+
if (!Array.isArray(protectedHeader.crit) || protectedHeader.crit.length === 0 || protectedHeader.crit.some((input) => typeof input !== "string" || input.length === 0)) throw new Err("\"crit\" (Critical) Header Parameter MUST be an array of non-empty strings when present");
|
|
1254
|
+
let recognized;
|
|
1255
|
+
if (recognizedOption !== void 0) recognized = new Map([...Object.entries(recognizedOption), ...recognizedDefault.entries()]);
|
|
1256
|
+
else recognized = recognizedDefault;
|
|
1257
|
+
for (const parameter of protectedHeader.crit) {
|
|
1258
|
+
if (!recognized.has(parameter)) throw new JOSENotSupported(`Extension Header Parameter "${parameter}" is not recognized`);
|
|
1259
|
+
if (joseHeader[parameter] === void 0) throw new Err(`Extension Header Parameter "${parameter}" is missing`);
|
|
1260
|
+
if (recognized.get(parameter) && protectedHeader[parameter] === void 0) throw new Err(`Extension Header Parameter "${parameter}" MUST be integrity protected`);
|
|
1261
|
+
}
|
|
1262
|
+
return new Set(protectedHeader.crit);
|
|
1263
|
+
}
|
|
1264
|
+
//#endregion
|
|
1265
|
+
//#region node_modules/jose/dist/webapi/lib/validate_algorithms.js
|
|
1266
|
+
function validateAlgorithms(option, algorithms) {
|
|
1267
|
+
if (algorithms !== void 0 && (!Array.isArray(algorithms) || algorithms.some((s) => typeof s !== "string"))) throw new TypeError(`"${option}" option must be an array of strings`);
|
|
1268
|
+
if (!algorithms) return;
|
|
1269
|
+
return new Set(algorithms);
|
|
1270
|
+
}
|
|
1271
|
+
//#endregion
|
|
1272
|
+
//#region node_modules/jose/dist/webapi/lib/is_jwk.js
|
|
1273
|
+
const isJWK = (key) => isObject(key) && typeof key.kty === "string";
|
|
1274
|
+
const isPrivateJWK = (key) => key.kty !== "oct" && (key.kty === "AKP" && typeof key.priv === "string" || typeof key.d === "string");
|
|
1275
|
+
const isPublicJWK = (key) => key.kty !== "oct" && key.d === void 0 && key.priv === void 0;
|
|
1276
|
+
const isSecretJWK = (key) => key.kty === "oct" && typeof key.k === "string";
|
|
1277
|
+
//#endregion
|
|
1278
|
+
//#region node_modules/jose/dist/webapi/lib/normalize_key.js
|
|
1279
|
+
let cache;
|
|
1280
|
+
const handleJWK = async (key, jwk, alg, freeze = false) => {
|
|
1281
|
+
cache ||= /* @__PURE__ */ new WeakMap();
|
|
1282
|
+
let cached = cache.get(key);
|
|
1283
|
+
if (cached?.[alg]) return cached[alg];
|
|
1284
|
+
const cryptoKey = await jwkToKey({
|
|
1285
|
+
...jwk,
|
|
1286
|
+
alg
|
|
1287
|
+
});
|
|
1288
|
+
if (freeze) Object.freeze(key);
|
|
1289
|
+
if (!cached) cache.set(key, { [alg]: cryptoKey });
|
|
1290
|
+
else cached[alg] = cryptoKey;
|
|
1291
|
+
return cryptoKey;
|
|
1292
|
+
};
|
|
1293
|
+
const handleKeyObject = (keyObject, alg) => {
|
|
1294
|
+
cache ||= /* @__PURE__ */ new WeakMap();
|
|
1295
|
+
let cached = cache.get(keyObject);
|
|
1296
|
+
if (cached?.[alg]) return cached[alg];
|
|
1297
|
+
const isPublic = keyObject.type === "public";
|
|
1298
|
+
const extractable = isPublic ? true : false;
|
|
1299
|
+
let cryptoKey;
|
|
1300
|
+
if (keyObject.asymmetricKeyType === "x25519") {
|
|
1301
|
+
switch (alg) {
|
|
1302
|
+
case "ECDH-ES":
|
|
1303
|
+
case "ECDH-ES+A128KW":
|
|
1304
|
+
case "ECDH-ES+A192KW":
|
|
1305
|
+
case "ECDH-ES+A256KW": break;
|
|
1306
|
+
default: throw new TypeError("given KeyObject instance cannot be used for this algorithm");
|
|
1307
|
+
}
|
|
1308
|
+
cryptoKey = keyObject.toCryptoKey(keyObject.asymmetricKeyType, extractable, isPublic ? [] : ["deriveBits"]);
|
|
1309
|
+
}
|
|
1310
|
+
if (keyObject.asymmetricKeyType === "ed25519") {
|
|
1311
|
+
if (alg !== "EdDSA" && alg !== "Ed25519") throw new TypeError("given KeyObject instance cannot be used for this algorithm");
|
|
1312
|
+
cryptoKey = keyObject.toCryptoKey(keyObject.asymmetricKeyType, extractable, [isPublic ? "verify" : "sign"]);
|
|
1313
|
+
}
|
|
1314
|
+
switch (keyObject.asymmetricKeyType) {
|
|
1315
|
+
case "ml-dsa-44":
|
|
1316
|
+
case "ml-dsa-65":
|
|
1317
|
+
case "ml-dsa-87":
|
|
1318
|
+
if (alg !== keyObject.asymmetricKeyType.toUpperCase()) throw new TypeError("given KeyObject instance cannot be used for this algorithm");
|
|
1319
|
+
cryptoKey = keyObject.toCryptoKey(keyObject.asymmetricKeyType, extractable, [isPublic ? "verify" : "sign"]);
|
|
1320
|
+
}
|
|
1321
|
+
if (keyObject.asymmetricKeyType === "rsa") {
|
|
1322
|
+
let hash;
|
|
1323
|
+
switch (alg) {
|
|
1324
|
+
case "RSA-OAEP":
|
|
1325
|
+
hash = "SHA-1";
|
|
1326
|
+
break;
|
|
1327
|
+
case "RS256":
|
|
1328
|
+
case "PS256":
|
|
1329
|
+
case "RSA-OAEP-256":
|
|
1330
|
+
hash = "SHA-256";
|
|
1331
|
+
break;
|
|
1332
|
+
case "RS384":
|
|
1333
|
+
case "PS384":
|
|
1334
|
+
case "RSA-OAEP-384":
|
|
1335
|
+
hash = "SHA-384";
|
|
1336
|
+
break;
|
|
1337
|
+
case "RS512":
|
|
1338
|
+
case "PS512":
|
|
1339
|
+
case "RSA-OAEP-512":
|
|
1340
|
+
hash = "SHA-512";
|
|
1341
|
+
break;
|
|
1342
|
+
default: throw new TypeError("given KeyObject instance cannot be used for this algorithm");
|
|
1343
|
+
}
|
|
1344
|
+
if (alg.startsWith("RSA-OAEP")) return keyObject.toCryptoKey({
|
|
1345
|
+
name: "RSA-OAEP",
|
|
1346
|
+
hash
|
|
1347
|
+
}, extractable, isPublic ? ["encrypt"] : ["decrypt"]);
|
|
1348
|
+
cryptoKey = keyObject.toCryptoKey({
|
|
1349
|
+
name: alg.startsWith("PS") ? "RSA-PSS" : "RSASSA-PKCS1-v1_5",
|
|
1350
|
+
hash
|
|
1351
|
+
}, extractable, [isPublic ? "verify" : "sign"]);
|
|
1352
|
+
}
|
|
1353
|
+
if (keyObject.asymmetricKeyType === "ec") {
|
|
1354
|
+
const namedCurve = new Map([
|
|
1355
|
+
["prime256v1", "P-256"],
|
|
1356
|
+
["secp384r1", "P-384"],
|
|
1357
|
+
["secp521r1", "P-521"]
|
|
1358
|
+
]).get(keyObject.asymmetricKeyDetails?.namedCurve);
|
|
1359
|
+
if (!namedCurve) throw new TypeError("given KeyObject instance cannot be used for this algorithm");
|
|
1360
|
+
if (alg === "ES256" && namedCurve === "P-256") cryptoKey = keyObject.toCryptoKey({
|
|
1361
|
+
name: "ECDSA",
|
|
1362
|
+
namedCurve
|
|
1363
|
+
}, extractable, [isPublic ? "verify" : "sign"]);
|
|
1364
|
+
if (alg === "ES384" && namedCurve === "P-384") cryptoKey = keyObject.toCryptoKey({
|
|
1365
|
+
name: "ECDSA",
|
|
1366
|
+
namedCurve
|
|
1367
|
+
}, extractable, [isPublic ? "verify" : "sign"]);
|
|
1368
|
+
if (alg === "ES512" && namedCurve === "P-521") cryptoKey = keyObject.toCryptoKey({
|
|
1369
|
+
name: "ECDSA",
|
|
1370
|
+
namedCurve
|
|
1371
|
+
}, extractable, [isPublic ? "verify" : "sign"]);
|
|
1372
|
+
if (alg.startsWith("ECDH-ES")) cryptoKey = keyObject.toCryptoKey({
|
|
1373
|
+
name: "ECDH",
|
|
1374
|
+
namedCurve
|
|
1375
|
+
}, extractable, isPublic ? [] : ["deriveBits"]);
|
|
1376
|
+
}
|
|
1377
|
+
if (!cryptoKey) throw new TypeError("given KeyObject instance cannot be used for this algorithm");
|
|
1378
|
+
if (!cached) cache.set(keyObject, { [alg]: cryptoKey });
|
|
1379
|
+
else cached[alg] = cryptoKey;
|
|
1380
|
+
return cryptoKey;
|
|
1381
|
+
};
|
|
1382
|
+
async function normalizeKey(key, alg) {
|
|
1383
|
+
if (key instanceof Uint8Array) return key;
|
|
1384
|
+
if (isCryptoKey(key)) return key;
|
|
1385
|
+
if (isKeyObject(key)) {
|
|
1386
|
+
if (key.type === "secret") return key.export();
|
|
1387
|
+
if ("toCryptoKey" in key && typeof key.toCryptoKey === "function") try {
|
|
1388
|
+
return handleKeyObject(key, alg);
|
|
1389
|
+
} catch (err) {
|
|
1390
|
+
if (err instanceof TypeError) throw err;
|
|
1391
|
+
}
|
|
1392
|
+
return handleJWK(key, key.export({ format: "jwk" }), alg);
|
|
1393
|
+
}
|
|
1394
|
+
if (isJWK(key)) {
|
|
1395
|
+
if (key.k) return decode(key.k);
|
|
1396
|
+
return handleJWK(key, key, alg, true);
|
|
1397
|
+
}
|
|
1398
|
+
throw new Error("unreachable");
|
|
1399
|
+
}
|
|
1400
|
+
//#endregion
|
|
1401
|
+
//#region node_modules/jose/dist/webapi/lib/check_key_type.js
|
|
1402
|
+
const tag = (key) => key?.[Symbol.toStringTag];
|
|
1403
|
+
const jwkMatchesOp = (alg, key, usage) => {
|
|
1404
|
+
if (key.use !== void 0) {
|
|
1405
|
+
let expected;
|
|
1406
|
+
switch (usage) {
|
|
1407
|
+
case "sign":
|
|
1408
|
+
case "verify":
|
|
1409
|
+
expected = "sig";
|
|
1410
|
+
break;
|
|
1411
|
+
case "encrypt":
|
|
1412
|
+
case "decrypt":
|
|
1413
|
+
expected = "enc";
|
|
1414
|
+
break;
|
|
1415
|
+
}
|
|
1416
|
+
if (key.use !== expected) throw new TypeError(`Invalid key for this operation, its "use" must be "${expected}" when present`);
|
|
1417
|
+
}
|
|
1418
|
+
if (key.alg !== void 0 && key.alg !== alg) throw new TypeError(`Invalid key for this operation, its "alg" must be "${alg}" when present`);
|
|
1419
|
+
if (Array.isArray(key.key_ops)) {
|
|
1420
|
+
let expectedKeyOp;
|
|
1421
|
+
switch (true) {
|
|
1422
|
+
case usage === "sign" || usage === "verify":
|
|
1423
|
+
case alg === "dir":
|
|
1424
|
+
case alg.includes("CBC-HS"):
|
|
1425
|
+
expectedKeyOp = usage;
|
|
1426
|
+
break;
|
|
1427
|
+
case alg.startsWith("PBES2"):
|
|
1428
|
+
expectedKeyOp = "deriveBits";
|
|
1429
|
+
break;
|
|
1430
|
+
case /^A\d{3}(?:GCM)?(?:KW)?$/.test(alg):
|
|
1431
|
+
if (!alg.includes("GCM") && alg.endsWith("KW")) expectedKeyOp = usage === "encrypt" ? "wrapKey" : "unwrapKey";
|
|
1432
|
+
else expectedKeyOp = usage;
|
|
1433
|
+
break;
|
|
1434
|
+
case usage === "encrypt" && alg.startsWith("RSA"):
|
|
1435
|
+
expectedKeyOp = "wrapKey";
|
|
1436
|
+
break;
|
|
1437
|
+
case usage === "decrypt":
|
|
1438
|
+
expectedKeyOp = alg.startsWith("RSA") ? "unwrapKey" : "deriveBits";
|
|
1439
|
+
break;
|
|
1440
|
+
}
|
|
1441
|
+
if (expectedKeyOp && key.key_ops?.includes?.(expectedKeyOp) === false) throw new TypeError(`Invalid key for this operation, its "key_ops" must include "${expectedKeyOp}" when present`);
|
|
1442
|
+
}
|
|
1443
|
+
return true;
|
|
1444
|
+
};
|
|
1445
|
+
const symmetricTypeCheck = (alg, key, usage) => {
|
|
1446
|
+
if (key instanceof Uint8Array) return;
|
|
1447
|
+
if (isJWK(key)) {
|
|
1448
|
+
if (isSecretJWK(key) && jwkMatchesOp(alg, key, usage)) return;
|
|
1449
|
+
throw new TypeError(`JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present`);
|
|
1450
|
+
}
|
|
1451
|
+
if (!isKeyLike(key)) throw new TypeError(withAlg(alg, key, "CryptoKey", "KeyObject", "JSON Web Key", "Uint8Array"));
|
|
1452
|
+
if (key.type !== "secret") throw new TypeError(`${tag(key)} instances for symmetric algorithms must be of type "secret"`);
|
|
1453
|
+
};
|
|
1454
|
+
const asymmetricTypeCheck = (alg, key, usage) => {
|
|
1455
|
+
if (isJWK(key)) switch (usage) {
|
|
1456
|
+
case "decrypt":
|
|
1457
|
+
case "sign":
|
|
1458
|
+
if (isPrivateJWK(key) && jwkMatchesOp(alg, key, usage)) return;
|
|
1459
|
+
throw new TypeError(`JSON Web Key for this operation must be a private JWK`);
|
|
1460
|
+
case "encrypt":
|
|
1461
|
+
case "verify":
|
|
1462
|
+
if (isPublicJWK(key) && jwkMatchesOp(alg, key, usage)) return;
|
|
1463
|
+
throw new TypeError(`JSON Web Key for this operation must be a public JWK`);
|
|
1464
|
+
}
|
|
1465
|
+
if (!isKeyLike(key)) throw new TypeError(withAlg(alg, key, "CryptoKey", "KeyObject", "JSON Web Key"));
|
|
1466
|
+
if (key.type === "secret") throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type "secret"`);
|
|
1467
|
+
if (key.type === "public") switch (usage) {
|
|
1468
|
+
case "sign": throw new TypeError(`${tag(key)} instances for asymmetric algorithm signing must be of type "private"`);
|
|
1469
|
+
case "decrypt": throw new TypeError(`${tag(key)} instances for asymmetric algorithm decryption must be of type "private"`);
|
|
1470
|
+
}
|
|
1471
|
+
if (key.type === "private") switch (usage) {
|
|
1472
|
+
case "verify": throw new TypeError(`${tag(key)} instances for asymmetric algorithm verifying must be of type "public"`);
|
|
1473
|
+
case "encrypt": throw new TypeError(`${tag(key)} instances for asymmetric algorithm encryption must be of type "public"`);
|
|
1474
|
+
}
|
|
1475
|
+
};
|
|
1476
|
+
function checkKeyType(alg, key, usage) {
|
|
1477
|
+
switch (alg.substring(0, 2)) {
|
|
1478
|
+
case "A1":
|
|
1479
|
+
case "A2":
|
|
1480
|
+
case "di":
|
|
1481
|
+
case "HS":
|
|
1482
|
+
case "PB":
|
|
1483
|
+
symmetricTypeCheck(alg, key, usage);
|
|
1484
|
+
break;
|
|
1485
|
+
default: asymmetricTypeCheck(alg, key, usage);
|
|
1486
|
+
}
|
|
1487
|
+
}
|
|
1488
|
+
//#endregion
|
|
1489
|
+
//#region node_modules/jose/dist/webapi/lib/deflate.js
|
|
1490
|
+
function supported(name) {
|
|
1491
|
+
if (typeof globalThis[name] === "undefined") throw new JOSENotSupported(`JWE "zip" (Compression Algorithm) Header Parameter requires the ${name} API.`);
|
|
1492
|
+
}
|
|
1493
|
+
async function compress(input) {
|
|
1494
|
+
supported("CompressionStream");
|
|
1495
|
+
const cs = new CompressionStream("deflate-raw");
|
|
1496
|
+
const writer = cs.writable.getWriter();
|
|
1497
|
+
writer.write(input);
|
|
1498
|
+
writer.close();
|
|
1499
|
+
const chunks = [];
|
|
1500
|
+
const reader = cs.readable.getReader();
|
|
1501
|
+
for (;;) {
|
|
1502
|
+
const { value, done } = await reader.read();
|
|
1503
|
+
if (done) break;
|
|
1504
|
+
chunks.push(value);
|
|
1505
|
+
}
|
|
1506
|
+
return concat(...chunks);
|
|
1507
|
+
}
|
|
1508
|
+
async function decompress(input, maxLength) {
|
|
1509
|
+
supported("DecompressionStream");
|
|
1510
|
+
const ds = new DecompressionStream("deflate-raw");
|
|
1511
|
+
const writer = ds.writable.getWriter();
|
|
1512
|
+
writer.write(input);
|
|
1513
|
+
writer.close();
|
|
1514
|
+
const chunks = [];
|
|
1515
|
+
let length = 0;
|
|
1516
|
+
const reader = ds.readable.getReader();
|
|
1517
|
+
for (;;) {
|
|
1518
|
+
const { value, done } = await reader.read();
|
|
1519
|
+
if (done) break;
|
|
1520
|
+
chunks.push(value);
|
|
1521
|
+
length += value.byteLength;
|
|
1522
|
+
if (maxLength !== Infinity && length > maxLength) throw new JWEInvalid("Decompressed plaintext exceeded the configured limit");
|
|
1523
|
+
}
|
|
1524
|
+
return concat(...chunks);
|
|
1525
|
+
}
|
|
1526
|
+
//#endregion
|
|
1527
|
+
//#region node_modules/jose/dist/webapi/jwe/flattened/decrypt.js
|
|
1528
|
+
async function flattenedDecrypt(jwe, key, options) {
|
|
1529
|
+
if (!isObject(jwe)) throw new JWEInvalid("Flattened JWE must be an object");
|
|
1530
|
+
if (jwe.protected === void 0 && jwe.header === void 0 && jwe.unprotected === void 0) throw new JWEInvalid("JOSE Header missing");
|
|
1531
|
+
if (jwe.iv !== void 0 && typeof jwe.iv !== "string") throw new JWEInvalid("JWE Initialization Vector incorrect type");
|
|
1532
|
+
if (typeof jwe.ciphertext !== "string") throw new JWEInvalid("JWE Ciphertext missing or incorrect type");
|
|
1533
|
+
if (jwe.tag !== void 0 && typeof jwe.tag !== "string") throw new JWEInvalid("JWE Authentication Tag incorrect type");
|
|
1534
|
+
if (jwe.protected !== void 0 && typeof jwe.protected !== "string") throw new JWEInvalid("JWE Protected Header incorrect type");
|
|
1535
|
+
if (jwe.encrypted_key !== void 0 && typeof jwe.encrypted_key !== "string") throw new JWEInvalid("JWE Encrypted Key incorrect type");
|
|
1536
|
+
if (jwe.aad !== void 0 && typeof jwe.aad !== "string") throw new JWEInvalid("JWE AAD incorrect type");
|
|
1537
|
+
if (jwe.header !== void 0 && !isObject(jwe.header)) throw new JWEInvalid("JWE Shared Unprotected Header incorrect type");
|
|
1538
|
+
if (jwe.unprotected !== void 0 && !isObject(jwe.unprotected)) throw new JWEInvalid("JWE Per-Recipient Unprotected Header incorrect type");
|
|
1539
|
+
let parsedProt;
|
|
1540
|
+
if (jwe.protected) try {
|
|
1541
|
+
const protectedHeader = decode(jwe.protected);
|
|
1542
|
+
parsedProt = JSON.parse(decoder.decode(protectedHeader));
|
|
1543
|
+
} catch {
|
|
1544
|
+
throw new JWEInvalid("JWE Protected Header is invalid");
|
|
1545
|
+
}
|
|
1546
|
+
if (!isDisjoint(parsedProt, jwe.header, jwe.unprotected)) throw new JWEInvalid("JWE Protected, JWE Unprotected Header, and JWE Per-Recipient Unprotected Header Parameter names must be disjoint");
|
|
1547
|
+
const joseHeader = {
|
|
1548
|
+
...parsedProt,
|
|
1549
|
+
...jwe.header,
|
|
1550
|
+
...jwe.unprotected
|
|
1551
|
+
};
|
|
1552
|
+
validateCrit(JWEInvalid, /* @__PURE__ */ new Map(), options?.crit, parsedProt, joseHeader);
|
|
1553
|
+
if (joseHeader.zip !== void 0 && joseHeader.zip !== "DEF") throw new JOSENotSupported("Unsupported JWE \"zip\" (Compression Algorithm) Header Parameter value.");
|
|
1554
|
+
if (joseHeader.zip !== void 0 && !parsedProt?.zip) throw new JWEInvalid("JWE \"zip\" (Compression Algorithm) Header Parameter MUST be in a protected header.");
|
|
1555
|
+
const { alg, enc } = joseHeader;
|
|
1556
|
+
if (typeof alg !== "string" || !alg) throw new JWEInvalid("missing JWE Algorithm (alg) in JWE Header");
|
|
1557
|
+
if (typeof enc !== "string" || !enc) throw new JWEInvalid("missing JWE Encryption Algorithm (enc) in JWE Header");
|
|
1558
|
+
const keyManagementAlgorithms = options && validateAlgorithms("keyManagementAlgorithms", options.keyManagementAlgorithms);
|
|
1559
|
+
const contentEncryptionAlgorithms = options && validateAlgorithms("contentEncryptionAlgorithms", options.contentEncryptionAlgorithms);
|
|
1560
|
+
if (keyManagementAlgorithms && !keyManagementAlgorithms.has(alg) || !keyManagementAlgorithms && alg.startsWith("PBES2")) throw new JOSEAlgNotAllowed("\"alg\" (Algorithm) Header Parameter value not allowed");
|
|
1561
|
+
if (contentEncryptionAlgorithms && !contentEncryptionAlgorithms.has(enc)) throw new JOSEAlgNotAllowed("\"enc\" (Encryption Algorithm) Header Parameter value not allowed");
|
|
1562
|
+
let encryptedKey;
|
|
1563
|
+
if (jwe.encrypted_key !== void 0) try {
|
|
1564
|
+
encryptedKey = decode(jwe.encrypted_key);
|
|
1565
|
+
} catch {
|
|
1566
|
+
throw new JWEInvalid("Failed to base64url decode the encrypted_key");
|
|
1567
|
+
}
|
|
1568
|
+
let resolvedKey = false;
|
|
1569
|
+
if (typeof key === "function") {
|
|
1570
|
+
key = await key(parsedProt, jwe);
|
|
1571
|
+
resolvedKey = true;
|
|
1572
|
+
}
|
|
1573
|
+
checkKeyType(alg === "dir" ? enc : alg, key, "decrypt");
|
|
1574
|
+
const k = await normalizeKey(key, alg);
|
|
1575
|
+
let cek;
|
|
1576
|
+
try {
|
|
1577
|
+
cek = await decryptKeyManagement(alg, k, encryptedKey, joseHeader, options);
|
|
1578
|
+
} catch (err) {
|
|
1579
|
+
if (err instanceof TypeError || err instanceof JWEInvalid || err instanceof JOSENotSupported) throw err;
|
|
1580
|
+
cek = generateCek(enc);
|
|
1581
|
+
}
|
|
1582
|
+
let iv;
|
|
1583
|
+
let tag;
|
|
1584
|
+
if (jwe.iv !== void 0) try {
|
|
1585
|
+
iv = decode(jwe.iv);
|
|
1586
|
+
} catch {
|
|
1587
|
+
throw new JWEInvalid("Failed to base64url decode the iv");
|
|
1588
|
+
}
|
|
1589
|
+
if (jwe.tag !== void 0) try {
|
|
1590
|
+
tag = decode(jwe.tag);
|
|
1591
|
+
} catch {
|
|
1592
|
+
throw new JWEInvalid("Failed to base64url decode the tag");
|
|
1593
|
+
}
|
|
1594
|
+
const protectedHeader = jwe.protected !== void 0 ? encode$1(jwe.protected) : new Uint8Array();
|
|
1595
|
+
let additionalData;
|
|
1596
|
+
if (jwe.aad !== void 0) additionalData = concat(protectedHeader, encode$1("."), encode$1(jwe.aad));
|
|
1597
|
+
else additionalData = protectedHeader;
|
|
1598
|
+
let ciphertext;
|
|
1599
|
+
try {
|
|
1600
|
+
ciphertext = decode(jwe.ciphertext);
|
|
1601
|
+
} catch {
|
|
1602
|
+
throw new JWEInvalid("Failed to base64url decode the ciphertext");
|
|
1603
|
+
}
|
|
1604
|
+
const plaintext = await decrypt$1(enc, cek, ciphertext, iv, tag, additionalData);
|
|
1605
|
+
const result = { plaintext };
|
|
1606
|
+
if (joseHeader.zip === "DEF") {
|
|
1607
|
+
const maxDecompressedLength = options?.maxDecompressedLength ?? 25e4;
|
|
1608
|
+
if (maxDecompressedLength === 0) throw new JOSENotSupported("JWE \"zip\" (Compression Algorithm) Header Parameter is not supported.");
|
|
1609
|
+
if (maxDecompressedLength !== Infinity && (!Number.isSafeInteger(maxDecompressedLength) || maxDecompressedLength < 1)) throw new TypeError("maxDecompressedLength must be 0, a positive safe integer, or Infinity");
|
|
1610
|
+
result.plaintext = await decompress(plaintext, maxDecompressedLength);
|
|
1611
|
+
}
|
|
1612
|
+
if (jwe.protected !== void 0) result.protectedHeader = parsedProt;
|
|
1613
|
+
if (jwe.aad !== void 0) try {
|
|
1614
|
+
result.additionalAuthenticatedData = decode(jwe.aad);
|
|
1615
|
+
} catch {
|
|
1616
|
+
throw new JWEInvalid("Failed to base64url decode the aad");
|
|
1617
|
+
}
|
|
1618
|
+
if (jwe.unprotected !== void 0) result.sharedUnprotectedHeader = jwe.unprotected;
|
|
1619
|
+
if (jwe.header !== void 0) result.unprotectedHeader = jwe.header;
|
|
1620
|
+
if (resolvedKey) return {
|
|
1621
|
+
...result,
|
|
1622
|
+
key: k
|
|
1623
|
+
};
|
|
1624
|
+
return result;
|
|
1625
|
+
}
|
|
1626
|
+
//#endregion
|
|
1627
|
+
//#region node_modules/jose/dist/webapi/jwe/compact/decrypt.js
|
|
1628
|
+
async function compactDecrypt(jwe, key, options) {
|
|
1629
|
+
if (jwe instanceof Uint8Array) jwe = decoder.decode(jwe);
|
|
1630
|
+
if (typeof jwe !== "string") throw new JWEInvalid("Compact JWE must be a string or Uint8Array");
|
|
1631
|
+
const { 0: protectedHeader, 1: encryptedKey, 2: iv, 3: ciphertext, 4: tag, length } = jwe.split(".");
|
|
1632
|
+
if (length !== 5) throw new JWEInvalid("Invalid Compact JWE");
|
|
1633
|
+
const decrypted = await flattenedDecrypt({
|
|
1634
|
+
ciphertext,
|
|
1635
|
+
iv: iv || void 0,
|
|
1636
|
+
protected: protectedHeader,
|
|
1637
|
+
tag: tag || void 0,
|
|
1638
|
+
encrypted_key: encryptedKey || void 0
|
|
1639
|
+
}, key, options);
|
|
1640
|
+
const result = {
|
|
1641
|
+
plaintext: decrypted.plaintext,
|
|
1642
|
+
protectedHeader: decrypted.protectedHeader
|
|
1643
|
+
};
|
|
1644
|
+
if (typeof key === "function") return {
|
|
1645
|
+
...result,
|
|
1646
|
+
key: decrypted.key
|
|
1647
|
+
};
|
|
1648
|
+
return result;
|
|
1649
|
+
}
|
|
1650
|
+
//#endregion
|
|
1651
|
+
//#region node_modules/jose/dist/webapi/jwe/general/decrypt.js
|
|
1652
|
+
async function generalDecrypt(jwe, key, options) {
|
|
1653
|
+
if (!isObject(jwe)) throw new JWEInvalid("General JWE must be an object");
|
|
1654
|
+
if (!Array.isArray(jwe.recipients) || !jwe.recipients.every(isObject)) throw new JWEInvalid("JWE Recipients missing or incorrect type");
|
|
1655
|
+
if (!jwe.recipients.length) throw new JWEInvalid("JWE Recipients has no members");
|
|
1656
|
+
for (const recipient of jwe.recipients) try {
|
|
1657
|
+
return await flattenedDecrypt({
|
|
1658
|
+
aad: jwe.aad,
|
|
1659
|
+
ciphertext: jwe.ciphertext,
|
|
1660
|
+
encrypted_key: recipient.encrypted_key,
|
|
1661
|
+
header: recipient.header,
|
|
1662
|
+
iv: jwe.iv,
|
|
1663
|
+
protected: jwe.protected,
|
|
1664
|
+
tag: jwe.tag,
|
|
1665
|
+
unprotected: jwe.unprotected
|
|
1666
|
+
}, key, options);
|
|
1667
|
+
} catch {}
|
|
1668
|
+
throw new JWEDecryptionFailed();
|
|
1669
|
+
}
|
|
1670
|
+
//#endregion
|
|
1671
|
+
//#region node_modules/jose/dist/webapi/lib/private_symbols.js
|
|
1672
|
+
const unprotected = Symbol();
|
|
1673
|
+
//#endregion
|
|
1674
|
+
//#region node_modules/jose/dist/webapi/lib/key_to_jwk.js
|
|
1675
|
+
async function keyToJWK(key) {
|
|
1676
|
+
if (isKeyObject(key)) if (key.type === "secret") key = key.export();
|
|
1677
|
+
else return key.export({ format: "jwk" });
|
|
1678
|
+
if (key instanceof Uint8Array) return {
|
|
1679
|
+
kty: "oct",
|
|
1680
|
+
k: encode(key)
|
|
1681
|
+
};
|
|
1682
|
+
if (!isCryptoKey(key)) throw new TypeError(invalidKeyInput(key, "CryptoKey", "KeyObject", "Uint8Array"));
|
|
1683
|
+
if (!key.extractable) throw new TypeError("non-extractable CryptoKey cannot be exported as a JWK");
|
|
1684
|
+
const { ext, key_ops, alg, use, ...jwk } = await crypto.subtle.exportKey("jwk", key);
|
|
1685
|
+
if (jwk.kty === "AKP") jwk.alg = alg;
|
|
1686
|
+
return jwk;
|
|
1687
|
+
}
|
|
1688
|
+
//#endregion
|
|
1689
|
+
//#region node_modules/jose/dist/webapi/key/export.js
|
|
1690
|
+
async function exportSPKI(key) {
|
|
1691
|
+
return toSPKI(key);
|
|
1692
|
+
}
|
|
1693
|
+
async function exportPKCS8(key) {
|
|
1694
|
+
return toPKCS8(key);
|
|
1695
|
+
}
|
|
1696
|
+
async function exportJWK(key) {
|
|
1697
|
+
return keyToJWK(key);
|
|
1698
|
+
}
|
|
1699
|
+
//#endregion
|
|
1700
|
+
//#region node_modules/jose/dist/webapi/lib/encrypt_key_management.js
|
|
1701
|
+
async function encryptKeyManagement(alg, enc, key, providedCek, providedParameters = {}) {
|
|
1702
|
+
let encryptedKey;
|
|
1703
|
+
let parameters;
|
|
1704
|
+
let cek;
|
|
1705
|
+
switch (alg) {
|
|
1706
|
+
case "dir":
|
|
1707
|
+
cek = key;
|
|
1708
|
+
break;
|
|
1709
|
+
case "ECDH-ES":
|
|
1710
|
+
case "ECDH-ES+A128KW":
|
|
1711
|
+
case "ECDH-ES+A192KW":
|
|
1712
|
+
case "ECDH-ES+A256KW": {
|
|
1713
|
+
assertCryptoKey(key);
|
|
1714
|
+
if (!allowed(key)) throw new JOSENotSupported("ECDH with the provided key is not allowed or not supported by your javascript runtime");
|
|
1715
|
+
const { apu, apv } = providedParameters;
|
|
1716
|
+
let ephemeralKey;
|
|
1717
|
+
if (providedParameters.epk) ephemeralKey = await normalizeKey(providedParameters.epk, alg);
|
|
1718
|
+
else ephemeralKey = (await crypto.subtle.generateKey(key.algorithm, true, ["deriveBits"])).privateKey;
|
|
1719
|
+
const { x, y, crv, kty } = await exportJWK(ephemeralKey);
|
|
1720
|
+
const sharedSecret = await deriveKey$1(key, ephemeralKey, alg === "ECDH-ES" ? enc : alg, alg === "ECDH-ES" ? cekLength(enc) : parseInt(alg.slice(-5, -2), 10), apu, apv);
|
|
1721
|
+
parameters = { epk: {
|
|
1722
|
+
x,
|
|
1723
|
+
crv,
|
|
1724
|
+
kty
|
|
1725
|
+
} };
|
|
1726
|
+
if (kty === "EC") parameters.epk.y = y;
|
|
1727
|
+
if (apu) parameters.apu = encode(apu);
|
|
1728
|
+
if (apv) parameters.apv = encode(apv);
|
|
1729
|
+
if (alg === "ECDH-ES") {
|
|
1730
|
+
cek = sharedSecret;
|
|
1731
|
+
break;
|
|
1732
|
+
}
|
|
1733
|
+
cek = providedCek || generateCek(enc);
|
|
1734
|
+
encryptedKey = await wrap$2(alg.slice(-6), sharedSecret, cek);
|
|
1735
|
+
break;
|
|
1736
|
+
}
|
|
1737
|
+
case "RSA-OAEP":
|
|
1738
|
+
case "RSA-OAEP-256":
|
|
1739
|
+
case "RSA-OAEP-384":
|
|
1740
|
+
case "RSA-OAEP-512":
|
|
1741
|
+
cek = providedCek || generateCek(enc);
|
|
1742
|
+
assertCryptoKey(key);
|
|
1743
|
+
encryptedKey = await encrypt$1(alg, key, cek);
|
|
1744
|
+
break;
|
|
1745
|
+
case "PBES2-HS256+A128KW":
|
|
1746
|
+
case "PBES2-HS384+A192KW":
|
|
1747
|
+
case "PBES2-HS512+A256KW": {
|
|
1748
|
+
cek = providedCek || generateCek(enc);
|
|
1749
|
+
const { p2c, p2s } = providedParameters;
|
|
1750
|
+
({encryptedKey, ...parameters} = await wrap$1(alg, key, cek, p2c, p2s));
|
|
1751
|
+
break;
|
|
1752
|
+
}
|
|
1753
|
+
case "A128KW":
|
|
1754
|
+
case "A192KW":
|
|
1755
|
+
case "A256KW":
|
|
1756
|
+
cek = providedCek || generateCek(enc);
|
|
1757
|
+
encryptedKey = await wrap$2(alg, key, cek);
|
|
1758
|
+
break;
|
|
1759
|
+
case "A128GCMKW":
|
|
1760
|
+
case "A192GCMKW":
|
|
1761
|
+
case "A256GCMKW": {
|
|
1762
|
+
cek = providedCek || generateCek(enc);
|
|
1763
|
+
const { iv } = providedParameters;
|
|
1764
|
+
({encryptedKey, ...parameters} = await wrap(alg, key, cek, iv));
|
|
1765
|
+
break;
|
|
1766
|
+
}
|
|
1767
|
+
default: throw new JOSENotSupported("Invalid or unsupported \"alg\" (JWE Algorithm) header value");
|
|
1768
|
+
}
|
|
1769
|
+
return {
|
|
1770
|
+
cek,
|
|
1771
|
+
encryptedKey,
|
|
1772
|
+
parameters
|
|
1773
|
+
};
|
|
1774
|
+
}
|
|
1775
|
+
//#endregion
|
|
1776
|
+
//#region node_modules/jose/dist/webapi/jwe/flattened/encrypt.js
|
|
1777
|
+
var FlattenedEncrypt = class {
|
|
1778
|
+
#plaintext;
|
|
1779
|
+
#protectedHeader;
|
|
1780
|
+
#sharedUnprotectedHeader;
|
|
1781
|
+
#unprotectedHeader;
|
|
1782
|
+
#aad;
|
|
1783
|
+
#cek;
|
|
1784
|
+
#iv;
|
|
1785
|
+
#keyManagementParameters;
|
|
1786
|
+
constructor(plaintext) {
|
|
1787
|
+
if (!(plaintext instanceof Uint8Array)) throw new TypeError("plaintext must be an instance of Uint8Array");
|
|
1788
|
+
this.#plaintext = plaintext;
|
|
1789
|
+
}
|
|
1790
|
+
setKeyManagementParameters(parameters) {
|
|
1791
|
+
if (this.#keyManagementParameters) throw new TypeError("setKeyManagementParameters can only be called once");
|
|
1792
|
+
this.#keyManagementParameters = parameters;
|
|
1793
|
+
return this;
|
|
1794
|
+
}
|
|
1795
|
+
setProtectedHeader(protectedHeader) {
|
|
1796
|
+
if (this.#protectedHeader) throw new TypeError("setProtectedHeader can only be called once");
|
|
1797
|
+
this.#protectedHeader = protectedHeader;
|
|
1798
|
+
return this;
|
|
1799
|
+
}
|
|
1800
|
+
setSharedUnprotectedHeader(sharedUnprotectedHeader) {
|
|
1801
|
+
if (this.#sharedUnprotectedHeader) throw new TypeError("setSharedUnprotectedHeader can only be called once");
|
|
1802
|
+
this.#sharedUnprotectedHeader = sharedUnprotectedHeader;
|
|
1803
|
+
return this;
|
|
1804
|
+
}
|
|
1805
|
+
setUnprotectedHeader(unprotectedHeader) {
|
|
1806
|
+
if (this.#unprotectedHeader) throw new TypeError("setUnprotectedHeader can only be called once");
|
|
1807
|
+
this.#unprotectedHeader = unprotectedHeader;
|
|
1808
|
+
return this;
|
|
1809
|
+
}
|
|
1810
|
+
setAdditionalAuthenticatedData(aad) {
|
|
1811
|
+
this.#aad = aad;
|
|
1812
|
+
return this;
|
|
1813
|
+
}
|
|
1814
|
+
setContentEncryptionKey(cek) {
|
|
1815
|
+
if (this.#cek) throw new TypeError("setContentEncryptionKey can only be called once");
|
|
1816
|
+
this.#cek = cek;
|
|
1817
|
+
return this;
|
|
1818
|
+
}
|
|
1819
|
+
setInitializationVector(iv) {
|
|
1820
|
+
if (this.#iv) throw new TypeError("setInitializationVector can only be called once");
|
|
1821
|
+
this.#iv = iv;
|
|
1822
|
+
return this;
|
|
1823
|
+
}
|
|
1824
|
+
async encrypt(key, options) {
|
|
1825
|
+
if (!this.#protectedHeader && !this.#unprotectedHeader && !this.#sharedUnprotectedHeader) throw new JWEInvalid("either setProtectedHeader, setUnprotectedHeader, or sharedUnprotectedHeader must be called before #encrypt()");
|
|
1826
|
+
if (!isDisjoint(this.#protectedHeader, this.#unprotectedHeader, this.#sharedUnprotectedHeader)) throw new JWEInvalid("JWE Protected, JWE Shared Unprotected and JWE Per-Recipient Header Parameter names must be disjoint");
|
|
1827
|
+
const joseHeader = {
|
|
1828
|
+
...this.#protectedHeader,
|
|
1829
|
+
...this.#unprotectedHeader,
|
|
1830
|
+
...this.#sharedUnprotectedHeader
|
|
1831
|
+
};
|
|
1832
|
+
validateCrit(JWEInvalid, /* @__PURE__ */ new Map(), options?.crit, this.#protectedHeader, joseHeader);
|
|
1833
|
+
if (joseHeader.zip !== void 0 && joseHeader.zip !== "DEF") throw new JOSENotSupported("Unsupported JWE \"zip\" (Compression Algorithm) Header Parameter value.");
|
|
1834
|
+
if (joseHeader.zip !== void 0 && !this.#protectedHeader?.zip) throw new JWEInvalid("JWE \"zip\" (Compression Algorithm) Header Parameter MUST be in a protected header.");
|
|
1835
|
+
const { alg, enc } = joseHeader;
|
|
1836
|
+
if (typeof alg !== "string" || !alg) throw new JWEInvalid("JWE \"alg\" (Algorithm) Header Parameter missing or invalid");
|
|
1837
|
+
if (typeof enc !== "string" || !enc) throw new JWEInvalid("JWE \"enc\" (Encryption Algorithm) Header Parameter missing or invalid");
|
|
1838
|
+
let encryptedKey;
|
|
1839
|
+
if (this.#cek && (alg === "dir" || alg === "ECDH-ES")) throw new TypeError(`setContentEncryptionKey cannot be called with JWE "alg" (Algorithm) Header ${alg}`);
|
|
1840
|
+
checkKeyType(alg === "dir" ? enc : alg, key, "encrypt");
|
|
1841
|
+
let cek;
|
|
1842
|
+
{
|
|
1843
|
+
let parameters;
|
|
1844
|
+
const k = await normalizeKey(key, alg);
|
|
1845
|
+
({cek, encryptedKey, parameters} = await encryptKeyManagement(alg, enc, k, this.#cek, this.#keyManagementParameters));
|
|
1846
|
+
if (parameters) if (options && unprotected in options) if (!this.#unprotectedHeader) this.setUnprotectedHeader(parameters);
|
|
1847
|
+
else this.#unprotectedHeader = {
|
|
1848
|
+
...this.#unprotectedHeader,
|
|
1849
|
+
...parameters
|
|
1850
|
+
};
|
|
1851
|
+
else if (!this.#protectedHeader) this.setProtectedHeader(parameters);
|
|
1852
|
+
else this.#protectedHeader = {
|
|
1853
|
+
...this.#protectedHeader,
|
|
1854
|
+
...parameters
|
|
1855
|
+
};
|
|
1856
|
+
}
|
|
1857
|
+
let additionalData;
|
|
1858
|
+
let protectedHeaderS;
|
|
1859
|
+
let protectedHeaderB;
|
|
1860
|
+
let aadMember;
|
|
1861
|
+
if (this.#protectedHeader) {
|
|
1862
|
+
protectedHeaderS = encode(JSON.stringify(this.#protectedHeader));
|
|
1863
|
+
protectedHeaderB = encode$1(protectedHeaderS);
|
|
1864
|
+
} else {
|
|
1865
|
+
protectedHeaderS = "";
|
|
1866
|
+
protectedHeaderB = new Uint8Array();
|
|
1867
|
+
}
|
|
1868
|
+
if (this.#aad) {
|
|
1869
|
+
aadMember = encode(this.#aad);
|
|
1870
|
+
const aadMemberBytes = encode$1(aadMember);
|
|
1871
|
+
additionalData = concat(protectedHeaderB, encode$1("."), aadMemberBytes);
|
|
1872
|
+
} else additionalData = protectedHeaderB;
|
|
1873
|
+
let plaintext = this.#plaintext;
|
|
1874
|
+
if (joseHeader.zip === "DEF") plaintext = await compress(plaintext);
|
|
1875
|
+
const { ciphertext, tag, iv } = await encrypt(enc, plaintext, cek, this.#iv, additionalData);
|
|
1876
|
+
const jwe = { ciphertext: encode(ciphertext) };
|
|
1877
|
+
if (iv) jwe.iv = encode(iv);
|
|
1878
|
+
if (tag) jwe.tag = encode(tag);
|
|
1879
|
+
if (encryptedKey) jwe.encrypted_key = encode(encryptedKey);
|
|
1880
|
+
if (aadMember) jwe.aad = aadMember;
|
|
1881
|
+
if (this.#protectedHeader) jwe.protected = protectedHeaderS;
|
|
1882
|
+
if (this.#sharedUnprotectedHeader) jwe.unprotected = this.#sharedUnprotectedHeader;
|
|
1883
|
+
if (this.#unprotectedHeader) jwe.header = this.#unprotectedHeader;
|
|
1884
|
+
return jwe;
|
|
1885
|
+
}
|
|
1886
|
+
};
|
|
1887
|
+
//#endregion
|
|
1888
|
+
//#region node_modules/jose/dist/webapi/jwe/general/encrypt.js
|
|
1889
|
+
var IndividualRecipient = class {
|
|
1890
|
+
#parent;
|
|
1891
|
+
unprotectedHeader;
|
|
1892
|
+
keyManagementParameters;
|
|
1893
|
+
key;
|
|
1894
|
+
options;
|
|
1895
|
+
constructor(enc, key, options) {
|
|
1896
|
+
this.#parent = enc;
|
|
1897
|
+
this.key = key;
|
|
1898
|
+
this.options = options;
|
|
1899
|
+
}
|
|
1900
|
+
setUnprotectedHeader(unprotectedHeader) {
|
|
1901
|
+
if (this.unprotectedHeader) throw new TypeError("setUnprotectedHeader can only be called once");
|
|
1902
|
+
this.unprotectedHeader = unprotectedHeader;
|
|
1903
|
+
return this;
|
|
1904
|
+
}
|
|
1905
|
+
setKeyManagementParameters(parameters) {
|
|
1906
|
+
if (this.keyManagementParameters) throw new TypeError("setKeyManagementParameters can only be called once");
|
|
1907
|
+
this.keyManagementParameters = parameters;
|
|
1908
|
+
return this;
|
|
1909
|
+
}
|
|
1910
|
+
addRecipient(...args) {
|
|
1911
|
+
return this.#parent.addRecipient(...args);
|
|
1912
|
+
}
|
|
1913
|
+
encrypt(...args) {
|
|
1914
|
+
return this.#parent.encrypt(...args);
|
|
1915
|
+
}
|
|
1916
|
+
done() {
|
|
1917
|
+
return this.#parent;
|
|
1918
|
+
}
|
|
1919
|
+
};
|
|
1920
|
+
var GeneralEncrypt = class {
|
|
1921
|
+
#plaintext;
|
|
1922
|
+
#recipients = [];
|
|
1923
|
+
#protectedHeader;
|
|
1924
|
+
#unprotectedHeader;
|
|
1925
|
+
#aad;
|
|
1926
|
+
constructor(plaintext) {
|
|
1927
|
+
this.#plaintext = plaintext;
|
|
1928
|
+
}
|
|
1929
|
+
addRecipient(key, options) {
|
|
1930
|
+
const recipient = new IndividualRecipient(this, key, { crit: options?.crit });
|
|
1931
|
+
this.#recipients.push(recipient);
|
|
1932
|
+
return recipient;
|
|
1933
|
+
}
|
|
1934
|
+
setProtectedHeader(protectedHeader) {
|
|
1935
|
+
if (this.#protectedHeader) throw new TypeError("setProtectedHeader can only be called once");
|
|
1936
|
+
this.#protectedHeader = protectedHeader;
|
|
1937
|
+
return this;
|
|
1938
|
+
}
|
|
1939
|
+
setSharedUnprotectedHeader(sharedUnprotectedHeader) {
|
|
1940
|
+
if (this.#unprotectedHeader) throw new TypeError("setSharedUnprotectedHeader can only be called once");
|
|
1941
|
+
this.#unprotectedHeader = sharedUnprotectedHeader;
|
|
1942
|
+
return this;
|
|
1943
|
+
}
|
|
1944
|
+
setAdditionalAuthenticatedData(aad) {
|
|
1945
|
+
this.#aad = aad;
|
|
1946
|
+
return this;
|
|
1947
|
+
}
|
|
1948
|
+
async encrypt() {
|
|
1949
|
+
if (!this.#recipients.length) throw new JWEInvalid("at least one recipient must be added");
|
|
1950
|
+
if (this.#recipients.length === 1) {
|
|
1951
|
+
const [recipient] = this.#recipients;
|
|
1952
|
+
const flattened = await new FlattenedEncrypt(this.#plaintext).setAdditionalAuthenticatedData(this.#aad).setProtectedHeader(this.#protectedHeader).setSharedUnprotectedHeader(this.#unprotectedHeader).setUnprotectedHeader(recipient.unprotectedHeader).encrypt(recipient.key, { ...recipient.options });
|
|
1953
|
+
const jwe = {
|
|
1954
|
+
ciphertext: flattened.ciphertext,
|
|
1955
|
+
iv: flattened.iv,
|
|
1956
|
+
recipients: [{}],
|
|
1957
|
+
tag: flattened.tag
|
|
1958
|
+
};
|
|
1959
|
+
if (flattened.aad) jwe.aad = flattened.aad;
|
|
1960
|
+
if (flattened.protected) jwe.protected = flattened.protected;
|
|
1961
|
+
if (flattened.unprotected) jwe.unprotected = flattened.unprotected;
|
|
1962
|
+
if (flattened.encrypted_key) jwe.recipients[0].encrypted_key = flattened.encrypted_key;
|
|
1963
|
+
if (flattened.header) jwe.recipients[0].header = flattened.header;
|
|
1964
|
+
return jwe;
|
|
1965
|
+
}
|
|
1966
|
+
let enc;
|
|
1967
|
+
for (let i = 0; i < this.#recipients.length; i++) {
|
|
1968
|
+
const recipient = this.#recipients[i];
|
|
1969
|
+
if (!isDisjoint(this.#protectedHeader, this.#unprotectedHeader, recipient.unprotectedHeader)) throw new JWEInvalid("JWE Protected, JWE Shared Unprotected and JWE Per-Recipient Header Parameter names must be disjoint");
|
|
1970
|
+
const joseHeader = {
|
|
1971
|
+
...this.#protectedHeader,
|
|
1972
|
+
...this.#unprotectedHeader,
|
|
1973
|
+
...recipient.unprotectedHeader
|
|
1974
|
+
};
|
|
1975
|
+
const { alg } = joseHeader;
|
|
1976
|
+
if (typeof alg !== "string" || !alg) throw new JWEInvalid("JWE \"alg\" (Algorithm) Header Parameter missing or invalid");
|
|
1977
|
+
if (alg === "dir" || alg === "ECDH-ES") throw new JWEInvalid("\"dir\" and \"ECDH-ES\" alg may only be used with a single recipient");
|
|
1978
|
+
if (typeof joseHeader.enc !== "string" || !joseHeader.enc) throw new JWEInvalid("JWE \"enc\" (Encryption Algorithm) Header Parameter missing or invalid");
|
|
1979
|
+
if (!enc) enc = joseHeader.enc;
|
|
1980
|
+
else if (enc !== joseHeader.enc) throw new JWEInvalid("JWE \"enc\" (Encryption Algorithm) Header Parameter must be the same for all recipients");
|
|
1981
|
+
validateCrit(JWEInvalid, /* @__PURE__ */ new Map(), recipient.options.crit, this.#protectedHeader, joseHeader);
|
|
1982
|
+
if (joseHeader.zip !== void 0 && joseHeader.zip !== "DEF") throw new JOSENotSupported("Unsupported JWE \"zip\" (Compression Algorithm) Header Parameter value.");
|
|
1983
|
+
if (joseHeader.zip !== void 0 && !this.#protectedHeader?.zip) throw new JWEInvalid("JWE \"zip\" (Compression Algorithm) Header Parameter MUST be in a protected header.");
|
|
1984
|
+
}
|
|
1985
|
+
const cek = generateCek(enc);
|
|
1986
|
+
const jwe = {
|
|
1987
|
+
ciphertext: "",
|
|
1988
|
+
recipients: []
|
|
1989
|
+
};
|
|
1990
|
+
for (let i = 0; i < this.#recipients.length; i++) {
|
|
1991
|
+
const recipient = this.#recipients[i];
|
|
1992
|
+
const target = {};
|
|
1993
|
+
jwe.recipients.push(target);
|
|
1994
|
+
if (i === 0) {
|
|
1995
|
+
const flattened = await new FlattenedEncrypt(this.#plaintext).setAdditionalAuthenticatedData(this.#aad).setContentEncryptionKey(cek).setProtectedHeader(this.#protectedHeader).setSharedUnprotectedHeader(this.#unprotectedHeader).setUnprotectedHeader(recipient.unprotectedHeader).setKeyManagementParameters(recipient.keyManagementParameters).encrypt(recipient.key, {
|
|
1996
|
+
...recipient.options,
|
|
1997
|
+
[unprotected]: true
|
|
1998
|
+
});
|
|
1999
|
+
jwe.ciphertext = flattened.ciphertext;
|
|
2000
|
+
jwe.iv = flattened.iv;
|
|
2001
|
+
jwe.tag = flattened.tag;
|
|
2002
|
+
if (flattened.aad) jwe.aad = flattened.aad;
|
|
2003
|
+
if (flattened.protected) jwe.protected = flattened.protected;
|
|
2004
|
+
if (flattened.unprotected) jwe.unprotected = flattened.unprotected;
|
|
2005
|
+
target.encrypted_key = flattened.encrypted_key;
|
|
2006
|
+
if (flattened.header) target.header = flattened.header;
|
|
2007
|
+
continue;
|
|
2008
|
+
}
|
|
2009
|
+
const alg = recipient.unprotectedHeader?.alg || this.#protectedHeader?.alg || this.#unprotectedHeader?.alg;
|
|
2010
|
+
checkKeyType(alg === "dir" ? enc : alg, recipient.key, "encrypt");
|
|
2011
|
+
const k = await normalizeKey(recipient.key, alg);
|
|
2012
|
+
const { encryptedKey, parameters } = await encryptKeyManagement(alg, enc, k, cek, recipient.keyManagementParameters);
|
|
2013
|
+
target.encrypted_key = encode(encryptedKey);
|
|
2014
|
+
if (recipient.unprotectedHeader || parameters) target.header = {
|
|
2015
|
+
...recipient.unprotectedHeader,
|
|
2016
|
+
...parameters
|
|
2017
|
+
};
|
|
2018
|
+
}
|
|
2019
|
+
return jwe;
|
|
2020
|
+
}
|
|
2021
|
+
};
|
|
2022
|
+
//#endregion
|
|
2023
|
+
//#region node_modules/jose/dist/webapi/lib/subtle_dsa.js
|
|
2024
|
+
function subtleAlgorithm(alg, algorithm) {
|
|
2025
|
+
const hash = `SHA-${alg.slice(-3)}`;
|
|
2026
|
+
switch (alg) {
|
|
2027
|
+
case "HS256":
|
|
2028
|
+
case "HS384":
|
|
2029
|
+
case "HS512": return {
|
|
2030
|
+
hash,
|
|
2031
|
+
name: "HMAC"
|
|
2032
|
+
};
|
|
2033
|
+
case "PS256":
|
|
2034
|
+
case "PS384":
|
|
2035
|
+
case "PS512": return {
|
|
2036
|
+
hash,
|
|
2037
|
+
name: "RSA-PSS",
|
|
2038
|
+
saltLength: parseInt(alg.slice(-3), 10) >> 3
|
|
2039
|
+
};
|
|
2040
|
+
case "RS256":
|
|
2041
|
+
case "RS384":
|
|
2042
|
+
case "RS512": return {
|
|
2043
|
+
hash,
|
|
2044
|
+
name: "RSASSA-PKCS1-v1_5"
|
|
2045
|
+
};
|
|
2046
|
+
case "ES256":
|
|
2047
|
+
case "ES384":
|
|
2048
|
+
case "ES512": return {
|
|
2049
|
+
hash,
|
|
2050
|
+
name: "ECDSA",
|
|
2051
|
+
namedCurve: algorithm.namedCurve
|
|
2052
|
+
};
|
|
2053
|
+
case "Ed25519":
|
|
2054
|
+
case "EdDSA": return { name: "Ed25519" };
|
|
2055
|
+
case "ML-DSA-44":
|
|
2056
|
+
case "ML-DSA-65":
|
|
2057
|
+
case "ML-DSA-87": return { name: alg };
|
|
2058
|
+
default: throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);
|
|
2059
|
+
}
|
|
2060
|
+
}
|
|
2061
|
+
//#endregion
|
|
2062
|
+
//#region node_modules/jose/dist/webapi/lib/get_sign_verify_key.js
|
|
2063
|
+
async function getSigKey(alg, key, usage) {
|
|
2064
|
+
if (key instanceof Uint8Array) {
|
|
2065
|
+
if (!alg.startsWith("HS")) throw new TypeError(invalidKeyInput(key, "CryptoKey", "KeyObject", "JSON Web Key"));
|
|
2066
|
+
return crypto.subtle.importKey("raw", key, {
|
|
2067
|
+
hash: `SHA-${alg.slice(-3)}`,
|
|
2068
|
+
name: "HMAC"
|
|
2069
|
+
}, false, [usage]);
|
|
2070
|
+
}
|
|
2071
|
+
checkSigCryptoKey(key, alg, usage);
|
|
2072
|
+
return key;
|
|
2073
|
+
}
|
|
2074
|
+
//#endregion
|
|
2075
|
+
//#region node_modules/jose/dist/webapi/lib/verify.js
|
|
2076
|
+
async function verify(alg, key, signature, data) {
|
|
2077
|
+
const cryptoKey = await getSigKey(alg, key, "verify");
|
|
2078
|
+
checkKeyLength(alg, cryptoKey);
|
|
2079
|
+
const algorithm = subtleAlgorithm(alg, cryptoKey.algorithm);
|
|
2080
|
+
try {
|
|
2081
|
+
return await crypto.subtle.verify(algorithm, cryptoKey, signature, data);
|
|
2082
|
+
} catch {
|
|
2083
|
+
return false;
|
|
2084
|
+
}
|
|
2085
|
+
}
|
|
2086
|
+
//#endregion
|
|
2087
|
+
//#region node_modules/jose/dist/webapi/jws/flattened/verify.js
|
|
2088
|
+
async function flattenedVerify(jws, key, options) {
|
|
2089
|
+
if (!isObject(jws)) throw new JWSInvalid("Flattened JWS must be an object");
|
|
2090
|
+
if (jws.protected === void 0 && jws.header === void 0) throw new JWSInvalid("Flattened JWS must have either of the \"protected\" or \"header\" members");
|
|
2091
|
+
if (jws.protected !== void 0 && typeof jws.protected !== "string") throw new JWSInvalid("JWS Protected Header incorrect type");
|
|
2092
|
+
if (jws.payload === void 0) throw new JWSInvalid("JWS Payload missing");
|
|
2093
|
+
if (typeof jws.signature !== "string") throw new JWSInvalid("JWS Signature missing or incorrect type");
|
|
2094
|
+
if (jws.header !== void 0 && !isObject(jws.header)) throw new JWSInvalid("JWS Unprotected Header incorrect type");
|
|
2095
|
+
let parsedProt = {};
|
|
2096
|
+
if (jws.protected) try {
|
|
2097
|
+
const protectedHeader = decode(jws.protected);
|
|
2098
|
+
parsedProt = JSON.parse(decoder.decode(protectedHeader));
|
|
2099
|
+
} catch {
|
|
2100
|
+
throw new JWSInvalid("JWS Protected Header is invalid");
|
|
2101
|
+
}
|
|
2102
|
+
if (!isDisjoint(parsedProt, jws.header)) throw new JWSInvalid("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
|
|
2103
|
+
const joseHeader = {
|
|
2104
|
+
...parsedProt,
|
|
2105
|
+
...jws.header
|
|
2106
|
+
};
|
|
2107
|
+
const extensions = validateCrit(JWSInvalid, new Map([["b64", true]]), options?.crit, parsedProt, joseHeader);
|
|
2108
|
+
let b64 = true;
|
|
2109
|
+
if (extensions.has("b64")) {
|
|
2110
|
+
b64 = parsedProt.b64;
|
|
2111
|
+
if (typeof b64 !== "boolean") throw new JWSInvalid("The \"b64\" (base64url-encode payload) Header Parameter must be a boolean");
|
|
2112
|
+
}
|
|
2113
|
+
const { alg } = joseHeader;
|
|
2114
|
+
if (typeof alg !== "string" || !alg) throw new JWSInvalid("JWS \"alg\" (Algorithm) Header Parameter missing or invalid");
|
|
2115
|
+
const algorithms = options && validateAlgorithms("algorithms", options.algorithms);
|
|
2116
|
+
if (algorithms && !algorithms.has(alg)) throw new JOSEAlgNotAllowed("\"alg\" (Algorithm) Header Parameter value not allowed");
|
|
2117
|
+
if (b64) {
|
|
2118
|
+
if (typeof jws.payload !== "string") throw new JWSInvalid("JWS Payload must be a string");
|
|
2119
|
+
} else if (typeof jws.payload !== "string" && !(jws.payload instanceof Uint8Array)) throw new JWSInvalid("JWS Payload must be a string or an Uint8Array instance");
|
|
2120
|
+
let resolvedKey = false;
|
|
2121
|
+
if (typeof key === "function") {
|
|
2122
|
+
key = await key(parsedProt, jws);
|
|
2123
|
+
resolvedKey = true;
|
|
2124
|
+
}
|
|
2125
|
+
checkKeyType(alg, key, "verify");
|
|
2126
|
+
const data = concat(jws.protected !== void 0 ? encode$1(jws.protected) : new Uint8Array(), encode$1("."), typeof jws.payload === "string" ? b64 ? encode$1(jws.payload) : encoder.encode(jws.payload) : jws.payload);
|
|
2127
|
+
let signature;
|
|
2128
|
+
try {
|
|
2129
|
+
signature = decode(jws.signature);
|
|
2130
|
+
} catch {
|
|
2131
|
+
throw new JWSInvalid("Failed to base64url decode the signature");
|
|
2132
|
+
}
|
|
2133
|
+
const k = await normalizeKey(key, alg);
|
|
2134
|
+
if (!await verify(alg, k, signature, data)) throw new JWSSignatureVerificationFailed();
|
|
2135
|
+
let payload;
|
|
2136
|
+
if (b64) try {
|
|
2137
|
+
payload = decode(jws.payload);
|
|
2138
|
+
} catch {
|
|
2139
|
+
throw new JWSInvalid("Failed to base64url decode the payload");
|
|
2140
|
+
}
|
|
2141
|
+
else if (typeof jws.payload === "string") payload = encoder.encode(jws.payload);
|
|
2142
|
+
else payload = jws.payload;
|
|
2143
|
+
const result = { payload };
|
|
2144
|
+
if (jws.protected !== void 0) result.protectedHeader = parsedProt;
|
|
2145
|
+
if (jws.header !== void 0) result.unprotectedHeader = jws.header;
|
|
2146
|
+
if (resolvedKey) return {
|
|
2147
|
+
...result,
|
|
2148
|
+
key: k
|
|
2149
|
+
};
|
|
2150
|
+
return result;
|
|
2151
|
+
}
|
|
2152
|
+
//#endregion
|
|
2153
|
+
//#region node_modules/jose/dist/webapi/jws/compact/verify.js
|
|
2154
|
+
async function compactVerify(jws, key, options) {
|
|
2155
|
+
if (jws instanceof Uint8Array) jws = decoder.decode(jws);
|
|
2156
|
+
if (typeof jws !== "string") throw new JWSInvalid("Compact JWS must be a string or Uint8Array");
|
|
2157
|
+
const { 0: protectedHeader, 1: payload, 2: signature, length } = jws.split(".");
|
|
2158
|
+
if (length !== 3) throw new JWSInvalid("Invalid Compact JWS");
|
|
2159
|
+
const verified = await flattenedVerify({
|
|
2160
|
+
payload,
|
|
2161
|
+
protected: protectedHeader,
|
|
2162
|
+
signature
|
|
2163
|
+
}, key, options);
|
|
2164
|
+
const result = {
|
|
2165
|
+
payload: verified.payload,
|
|
2166
|
+
protectedHeader: verified.protectedHeader
|
|
2167
|
+
};
|
|
2168
|
+
if (typeof key === "function") return {
|
|
2169
|
+
...result,
|
|
2170
|
+
key: verified.key
|
|
2171
|
+
};
|
|
2172
|
+
return result;
|
|
2173
|
+
}
|
|
2174
|
+
//#endregion
|
|
2175
|
+
//#region node_modules/jose/dist/webapi/jws/general/verify.js
|
|
2176
|
+
async function generalVerify(jws, key, options) {
|
|
2177
|
+
if (!isObject(jws)) throw new JWSInvalid("General JWS must be an object");
|
|
2178
|
+
if (!Array.isArray(jws.signatures) || !jws.signatures.every(isObject)) throw new JWSInvalid("JWS Signatures missing or incorrect type");
|
|
2179
|
+
for (const signature of jws.signatures) try {
|
|
2180
|
+
return await flattenedVerify({
|
|
2181
|
+
header: signature.header,
|
|
2182
|
+
payload: jws.payload,
|
|
2183
|
+
protected: signature.protected,
|
|
2184
|
+
signature: signature.signature
|
|
2185
|
+
}, key, options);
|
|
2186
|
+
} catch {}
|
|
2187
|
+
throw new JWSSignatureVerificationFailed();
|
|
2188
|
+
}
|
|
2189
|
+
//#endregion
|
|
2190
|
+
//#region node_modules/jose/dist/webapi/lib/jwt_claims_set.js
|
|
2191
|
+
const epoch = (date) => Math.floor(date.getTime() / 1e3);
|
|
2192
|
+
const minute = 60;
|
|
2193
|
+
const hour = minute * 60;
|
|
2194
|
+
const day = hour * 24;
|
|
2195
|
+
const week = day * 7;
|
|
2196
|
+
const year = day * 365.25;
|
|
2197
|
+
const REGEX = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;
|
|
2198
|
+
function secs(str) {
|
|
2199
|
+
const matched = REGEX.exec(str);
|
|
2200
|
+
if (!matched || matched[4] && matched[1]) throw new TypeError("Invalid time period format");
|
|
2201
|
+
const value = parseFloat(matched[2]);
|
|
2202
|
+
const unit = matched[3].toLowerCase();
|
|
2203
|
+
let numericDate;
|
|
2204
|
+
switch (unit) {
|
|
2205
|
+
case "sec":
|
|
2206
|
+
case "secs":
|
|
2207
|
+
case "second":
|
|
2208
|
+
case "seconds":
|
|
2209
|
+
case "s":
|
|
2210
|
+
numericDate = Math.round(value);
|
|
2211
|
+
break;
|
|
2212
|
+
case "minute":
|
|
2213
|
+
case "minutes":
|
|
2214
|
+
case "min":
|
|
2215
|
+
case "mins":
|
|
2216
|
+
case "m":
|
|
2217
|
+
numericDate = Math.round(value * minute);
|
|
2218
|
+
break;
|
|
2219
|
+
case "hour":
|
|
2220
|
+
case "hours":
|
|
2221
|
+
case "hr":
|
|
2222
|
+
case "hrs":
|
|
2223
|
+
case "h":
|
|
2224
|
+
numericDate = Math.round(value * hour);
|
|
2225
|
+
break;
|
|
2226
|
+
case "day":
|
|
2227
|
+
case "days":
|
|
2228
|
+
case "d":
|
|
2229
|
+
numericDate = Math.round(value * day);
|
|
2230
|
+
break;
|
|
2231
|
+
case "week":
|
|
2232
|
+
case "weeks":
|
|
2233
|
+
case "w":
|
|
2234
|
+
numericDate = Math.round(value * week);
|
|
2235
|
+
break;
|
|
2236
|
+
default:
|
|
2237
|
+
numericDate = Math.round(value * year);
|
|
2238
|
+
break;
|
|
2239
|
+
}
|
|
2240
|
+
if (matched[1] === "-" || matched[4] === "ago") return -numericDate;
|
|
2241
|
+
return numericDate;
|
|
2242
|
+
}
|
|
2243
|
+
function validateInput(label, input) {
|
|
2244
|
+
if (!Number.isFinite(input)) throw new TypeError(`Invalid ${label} input`);
|
|
2245
|
+
return input;
|
|
2246
|
+
}
|
|
2247
|
+
const normalizeTyp = (value) => {
|
|
2248
|
+
if (value.includes("/")) return value.toLowerCase();
|
|
2249
|
+
return `application/${value.toLowerCase()}`;
|
|
2250
|
+
};
|
|
2251
|
+
const checkAudiencePresence = (audPayload, audOption) => {
|
|
2252
|
+
if (typeof audPayload === "string") return audOption.includes(audPayload);
|
|
2253
|
+
if (Array.isArray(audPayload)) return audOption.some(Set.prototype.has.bind(new Set(audPayload)));
|
|
2254
|
+
return false;
|
|
2255
|
+
};
|
|
2256
|
+
function validateClaimsSet(protectedHeader, encodedPayload, options = {}) {
|
|
2257
|
+
let payload;
|
|
2258
|
+
try {
|
|
2259
|
+
payload = JSON.parse(decoder.decode(encodedPayload));
|
|
2260
|
+
} catch {}
|
|
2261
|
+
if (!isObject(payload)) throw new JWTInvalid("JWT Claims Set must be a top-level JSON object");
|
|
2262
|
+
const { typ } = options;
|
|
2263
|
+
if (typ && (typeof protectedHeader.typ !== "string" || normalizeTyp(protectedHeader.typ) !== normalizeTyp(typ))) throw new JWTClaimValidationFailed("unexpected \"typ\" JWT header value", payload, "typ", "check_failed");
|
|
2264
|
+
const { requiredClaims = [], issuer, subject, audience, maxTokenAge } = options;
|
|
2265
|
+
const presenceCheck = [...requiredClaims];
|
|
2266
|
+
if (maxTokenAge !== void 0) presenceCheck.push("iat");
|
|
2267
|
+
if (audience !== void 0) presenceCheck.push("aud");
|
|
2268
|
+
if (subject !== void 0) presenceCheck.push("sub");
|
|
2269
|
+
if (issuer !== void 0) presenceCheck.push("iss");
|
|
2270
|
+
for (const claim of new Set(presenceCheck.reverse())) if (!(claim in payload)) throw new JWTClaimValidationFailed(`missing required "${claim}" claim`, payload, claim, "missing");
|
|
2271
|
+
if (issuer && !(Array.isArray(issuer) ? issuer : [issuer]).includes(payload.iss)) throw new JWTClaimValidationFailed("unexpected \"iss\" claim value", payload, "iss", "check_failed");
|
|
2272
|
+
if (subject && payload.sub !== subject) throw new JWTClaimValidationFailed("unexpected \"sub\" claim value", payload, "sub", "check_failed");
|
|
2273
|
+
if (audience && !checkAudiencePresence(payload.aud, typeof audience === "string" ? [audience] : audience)) throw new JWTClaimValidationFailed("unexpected \"aud\" claim value", payload, "aud", "check_failed");
|
|
2274
|
+
let tolerance;
|
|
2275
|
+
switch (typeof options.clockTolerance) {
|
|
2276
|
+
case "string":
|
|
2277
|
+
tolerance = secs(options.clockTolerance);
|
|
2278
|
+
break;
|
|
2279
|
+
case "number":
|
|
2280
|
+
tolerance = options.clockTolerance;
|
|
2281
|
+
break;
|
|
2282
|
+
case "undefined":
|
|
2283
|
+
tolerance = 0;
|
|
2284
|
+
break;
|
|
2285
|
+
default: throw new TypeError("Invalid clockTolerance option type");
|
|
2286
|
+
}
|
|
2287
|
+
const { currentDate } = options;
|
|
2288
|
+
const now = epoch(currentDate || /* @__PURE__ */ new Date());
|
|
2289
|
+
if ((payload.iat !== void 0 || maxTokenAge) && typeof payload.iat !== "number") throw new JWTClaimValidationFailed("\"iat\" claim must be a number", payload, "iat", "invalid");
|
|
2290
|
+
if (payload.nbf !== void 0) {
|
|
2291
|
+
if (typeof payload.nbf !== "number") throw new JWTClaimValidationFailed("\"nbf\" claim must be a number", payload, "nbf", "invalid");
|
|
2292
|
+
if (payload.nbf > now + tolerance) throw new JWTClaimValidationFailed("\"nbf\" claim timestamp check failed", payload, "nbf", "check_failed");
|
|
2293
|
+
}
|
|
2294
|
+
if (payload.exp !== void 0) {
|
|
2295
|
+
if (typeof payload.exp !== "number") throw new JWTClaimValidationFailed("\"exp\" claim must be a number", payload, "exp", "invalid");
|
|
2296
|
+
if (payload.exp <= now - tolerance) throw new JWTExpired("\"exp\" claim timestamp check failed", payload, "exp", "check_failed");
|
|
2297
|
+
}
|
|
2298
|
+
if (maxTokenAge) {
|
|
2299
|
+
const age = now - payload.iat;
|
|
2300
|
+
const max = typeof maxTokenAge === "number" ? maxTokenAge : secs(maxTokenAge);
|
|
2301
|
+
if (age - tolerance > max) throw new JWTExpired("\"iat\" claim timestamp check failed (too far in the past)", payload, "iat", "check_failed");
|
|
2302
|
+
if (age < 0 - tolerance) throw new JWTClaimValidationFailed("\"iat\" claim timestamp check failed (it should be in the past)", payload, "iat", "check_failed");
|
|
2303
|
+
}
|
|
2304
|
+
return payload;
|
|
2305
|
+
}
|
|
2306
|
+
var JWTClaimsBuilder = class {
|
|
2307
|
+
#payload;
|
|
2308
|
+
constructor(payload) {
|
|
2309
|
+
if (!isObject(payload)) throw new TypeError("JWT Claims Set MUST be an object");
|
|
2310
|
+
this.#payload = structuredClone(payload);
|
|
2311
|
+
}
|
|
2312
|
+
data() {
|
|
2313
|
+
return encoder.encode(JSON.stringify(this.#payload));
|
|
2314
|
+
}
|
|
2315
|
+
get iss() {
|
|
2316
|
+
return this.#payload.iss;
|
|
2317
|
+
}
|
|
2318
|
+
set iss(value) {
|
|
2319
|
+
this.#payload.iss = value;
|
|
2320
|
+
}
|
|
2321
|
+
get sub() {
|
|
2322
|
+
return this.#payload.sub;
|
|
2323
|
+
}
|
|
2324
|
+
set sub(value) {
|
|
2325
|
+
this.#payload.sub = value;
|
|
2326
|
+
}
|
|
2327
|
+
get aud() {
|
|
2328
|
+
return this.#payload.aud;
|
|
2329
|
+
}
|
|
2330
|
+
set aud(value) {
|
|
2331
|
+
this.#payload.aud = value;
|
|
2332
|
+
}
|
|
2333
|
+
set jti(value) {
|
|
2334
|
+
this.#payload.jti = value;
|
|
2335
|
+
}
|
|
2336
|
+
set nbf(value) {
|
|
2337
|
+
if (typeof value === "number") this.#payload.nbf = validateInput("setNotBefore", value);
|
|
2338
|
+
else if (value instanceof Date) this.#payload.nbf = validateInput("setNotBefore", epoch(value));
|
|
2339
|
+
else this.#payload.nbf = epoch(/* @__PURE__ */ new Date()) + secs(value);
|
|
2340
|
+
}
|
|
2341
|
+
set exp(value) {
|
|
2342
|
+
if (typeof value === "number") this.#payload.exp = validateInput("setExpirationTime", value);
|
|
2343
|
+
else if (value instanceof Date) this.#payload.exp = validateInput("setExpirationTime", epoch(value));
|
|
2344
|
+
else this.#payload.exp = epoch(/* @__PURE__ */ new Date()) + secs(value);
|
|
2345
|
+
}
|
|
2346
|
+
set iat(value) {
|
|
2347
|
+
if (value === void 0) this.#payload.iat = epoch(/* @__PURE__ */ new Date());
|
|
2348
|
+
else if (value instanceof Date) this.#payload.iat = validateInput("setIssuedAt", epoch(value));
|
|
2349
|
+
else if (typeof value === "string") this.#payload.iat = validateInput("setIssuedAt", epoch(/* @__PURE__ */ new Date()) + secs(value));
|
|
2350
|
+
else this.#payload.iat = validateInput("setIssuedAt", value);
|
|
2351
|
+
}
|
|
2352
|
+
};
|
|
2353
|
+
//#endregion
|
|
2354
|
+
//#region node_modules/jose/dist/webapi/jwt/verify.js
|
|
2355
|
+
async function jwtVerify(jwt, key, options) {
|
|
2356
|
+
const verified = await compactVerify(jwt, key, options);
|
|
2357
|
+
if (verified.protectedHeader.crit?.includes("b64") && verified.protectedHeader.b64 === false) throw new JWTInvalid("JWTs MUST NOT use unencoded payload");
|
|
2358
|
+
const result = {
|
|
2359
|
+
payload: validateClaimsSet(verified.protectedHeader, verified.payload, options),
|
|
2360
|
+
protectedHeader: verified.protectedHeader
|
|
2361
|
+
};
|
|
2362
|
+
if (typeof key === "function") return {
|
|
2363
|
+
...result,
|
|
2364
|
+
key: verified.key
|
|
2365
|
+
};
|
|
2366
|
+
return result;
|
|
2367
|
+
}
|
|
2368
|
+
//#endregion
|
|
2369
|
+
//#region node_modules/jose/dist/webapi/jwt/decrypt.js
|
|
2370
|
+
async function jwtDecrypt(jwt, key, options) {
|
|
2371
|
+
const decrypted = await compactDecrypt(jwt, key, options);
|
|
2372
|
+
const payload = validateClaimsSet(decrypted.protectedHeader, decrypted.plaintext, options);
|
|
2373
|
+
const { protectedHeader } = decrypted;
|
|
2374
|
+
if (protectedHeader.iss !== void 0 && protectedHeader.iss !== payload.iss) throw new JWTClaimValidationFailed("replicated \"iss\" claim header parameter mismatch", payload, "iss", "mismatch");
|
|
2375
|
+
if (protectedHeader.sub !== void 0 && protectedHeader.sub !== payload.sub) throw new JWTClaimValidationFailed("replicated \"sub\" claim header parameter mismatch", payload, "sub", "mismatch");
|
|
2376
|
+
if (protectedHeader.aud !== void 0 && JSON.stringify(protectedHeader.aud) !== JSON.stringify(payload.aud)) throw new JWTClaimValidationFailed("replicated \"aud\" claim header parameter mismatch", payload, "aud", "mismatch");
|
|
2377
|
+
const result = {
|
|
2378
|
+
payload,
|
|
2379
|
+
protectedHeader
|
|
2380
|
+
};
|
|
2381
|
+
if (typeof key === "function") return {
|
|
2382
|
+
...result,
|
|
2383
|
+
key: decrypted.key
|
|
2384
|
+
};
|
|
2385
|
+
return result;
|
|
2386
|
+
}
|
|
2387
|
+
//#endregion
|
|
2388
|
+
//#region node_modules/jose/dist/webapi/jwe/compact/encrypt.js
|
|
2389
|
+
var CompactEncrypt = class {
|
|
2390
|
+
#flattened;
|
|
2391
|
+
constructor(plaintext) {
|
|
2392
|
+
this.#flattened = new FlattenedEncrypt(plaintext);
|
|
2393
|
+
}
|
|
2394
|
+
setContentEncryptionKey(cek) {
|
|
2395
|
+
this.#flattened.setContentEncryptionKey(cek);
|
|
2396
|
+
return this;
|
|
2397
|
+
}
|
|
2398
|
+
setInitializationVector(iv) {
|
|
2399
|
+
this.#flattened.setInitializationVector(iv);
|
|
2400
|
+
return this;
|
|
2401
|
+
}
|
|
2402
|
+
setProtectedHeader(protectedHeader) {
|
|
2403
|
+
this.#flattened.setProtectedHeader(protectedHeader);
|
|
2404
|
+
return this;
|
|
2405
|
+
}
|
|
2406
|
+
setKeyManagementParameters(parameters) {
|
|
2407
|
+
this.#flattened.setKeyManagementParameters(parameters);
|
|
2408
|
+
return this;
|
|
2409
|
+
}
|
|
2410
|
+
async encrypt(key, options) {
|
|
2411
|
+
const jwe = await this.#flattened.encrypt(key, options);
|
|
2412
|
+
return [
|
|
2413
|
+
jwe.protected,
|
|
2414
|
+
jwe.encrypted_key,
|
|
2415
|
+
jwe.iv,
|
|
2416
|
+
jwe.ciphertext,
|
|
2417
|
+
jwe.tag
|
|
2418
|
+
].join(".");
|
|
2419
|
+
}
|
|
2420
|
+
};
|
|
2421
|
+
//#endregion
|
|
2422
|
+
//#region node_modules/jose/dist/webapi/lib/sign.js
|
|
2423
|
+
async function sign(alg, key, data) {
|
|
2424
|
+
const cryptoKey = await getSigKey(alg, key, "sign");
|
|
2425
|
+
checkKeyLength(alg, cryptoKey);
|
|
2426
|
+
const signature = await crypto.subtle.sign(subtleAlgorithm(alg, cryptoKey.algorithm), cryptoKey, data);
|
|
2427
|
+
return new Uint8Array(signature);
|
|
2428
|
+
}
|
|
2429
|
+
//#endregion
|
|
2430
|
+
//#region node_modules/jose/dist/webapi/jws/flattened/sign.js
|
|
2431
|
+
var FlattenedSign = class {
|
|
2432
|
+
#payload;
|
|
2433
|
+
#protectedHeader;
|
|
2434
|
+
#unprotectedHeader;
|
|
2435
|
+
constructor(payload) {
|
|
2436
|
+
if (!(payload instanceof Uint8Array)) throw new TypeError("payload must be an instance of Uint8Array");
|
|
2437
|
+
this.#payload = payload;
|
|
2438
|
+
}
|
|
2439
|
+
setProtectedHeader(protectedHeader) {
|
|
2440
|
+
if (this.#protectedHeader) throw new TypeError("setProtectedHeader can only be called once");
|
|
2441
|
+
this.#protectedHeader = protectedHeader;
|
|
2442
|
+
return this;
|
|
2443
|
+
}
|
|
2444
|
+
setUnprotectedHeader(unprotectedHeader) {
|
|
2445
|
+
if (this.#unprotectedHeader) throw new TypeError("setUnprotectedHeader can only be called once");
|
|
2446
|
+
this.#unprotectedHeader = unprotectedHeader;
|
|
2447
|
+
return this;
|
|
2448
|
+
}
|
|
2449
|
+
async sign(key, options) {
|
|
2450
|
+
if (!this.#protectedHeader && !this.#unprotectedHeader) throw new JWSInvalid("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");
|
|
2451
|
+
if (!isDisjoint(this.#protectedHeader, this.#unprotectedHeader)) throw new JWSInvalid("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
|
|
2452
|
+
const joseHeader = {
|
|
2453
|
+
...this.#protectedHeader,
|
|
2454
|
+
...this.#unprotectedHeader
|
|
2455
|
+
};
|
|
2456
|
+
const extensions = validateCrit(JWSInvalid, new Map([["b64", true]]), options?.crit, this.#protectedHeader, joseHeader);
|
|
2457
|
+
let b64 = true;
|
|
2458
|
+
if (extensions.has("b64")) {
|
|
2459
|
+
b64 = this.#protectedHeader.b64;
|
|
2460
|
+
if (typeof b64 !== "boolean") throw new JWSInvalid("The \"b64\" (base64url-encode payload) Header Parameter must be a boolean");
|
|
2461
|
+
}
|
|
2462
|
+
const { alg } = joseHeader;
|
|
2463
|
+
if (typeof alg !== "string" || !alg) throw new JWSInvalid("JWS \"alg\" (Algorithm) Header Parameter missing or invalid");
|
|
2464
|
+
checkKeyType(alg, key, "sign");
|
|
2465
|
+
let payloadS;
|
|
2466
|
+
let payloadB;
|
|
2467
|
+
if (b64) {
|
|
2468
|
+
payloadS = encode(this.#payload);
|
|
2469
|
+
payloadB = encode$1(payloadS);
|
|
2470
|
+
} else {
|
|
2471
|
+
payloadB = this.#payload;
|
|
2472
|
+
payloadS = "";
|
|
2473
|
+
}
|
|
2474
|
+
let protectedHeaderString;
|
|
2475
|
+
let protectedHeaderBytes;
|
|
2476
|
+
if (this.#protectedHeader) {
|
|
2477
|
+
protectedHeaderString = encode(JSON.stringify(this.#protectedHeader));
|
|
2478
|
+
protectedHeaderBytes = encode$1(protectedHeaderString);
|
|
2479
|
+
} else {
|
|
2480
|
+
protectedHeaderString = "";
|
|
2481
|
+
protectedHeaderBytes = new Uint8Array();
|
|
2482
|
+
}
|
|
2483
|
+
const data = concat(protectedHeaderBytes, encode$1("."), payloadB);
|
|
2484
|
+
const jws = {
|
|
2485
|
+
signature: encode(await sign(alg, await normalizeKey(key, alg), data)),
|
|
2486
|
+
payload: payloadS
|
|
2487
|
+
};
|
|
2488
|
+
if (this.#unprotectedHeader) jws.header = this.#unprotectedHeader;
|
|
2489
|
+
if (this.#protectedHeader) jws.protected = protectedHeaderString;
|
|
2490
|
+
return jws;
|
|
2491
|
+
}
|
|
2492
|
+
};
|
|
2493
|
+
//#endregion
|
|
2494
|
+
//#region node_modules/jose/dist/webapi/jws/compact/sign.js
|
|
2495
|
+
var CompactSign = class {
|
|
2496
|
+
#flattened;
|
|
2497
|
+
constructor(payload) {
|
|
2498
|
+
this.#flattened = new FlattenedSign(payload);
|
|
2499
|
+
}
|
|
2500
|
+
setProtectedHeader(protectedHeader) {
|
|
2501
|
+
this.#flattened.setProtectedHeader(protectedHeader);
|
|
2502
|
+
return this;
|
|
2503
|
+
}
|
|
2504
|
+
async sign(key, options) {
|
|
2505
|
+
const jws = await this.#flattened.sign(key, options);
|
|
2506
|
+
if (jws.payload === void 0) throw new TypeError("use the flattened module for creating JWS with b64: false");
|
|
2507
|
+
return `${jws.protected}.${jws.payload}.${jws.signature}`;
|
|
2508
|
+
}
|
|
2509
|
+
};
|
|
2510
|
+
//#endregion
|
|
2511
|
+
//#region node_modules/jose/dist/webapi/jws/general/sign.js
|
|
2512
|
+
var IndividualSignature = class {
|
|
2513
|
+
#parent;
|
|
2514
|
+
protectedHeader;
|
|
2515
|
+
unprotectedHeader;
|
|
2516
|
+
options;
|
|
2517
|
+
key;
|
|
2518
|
+
constructor(sig, key, options) {
|
|
2519
|
+
this.#parent = sig;
|
|
2520
|
+
this.key = key;
|
|
2521
|
+
this.options = options;
|
|
2522
|
+
}
|
|
2523
|
+
setProtectedHeader(protectedHeader) {
|
|
2524
|
+
if (this.protectedHeader) throw new TypeError("setProtectedHeader can only be called once");
|
|
2525
|
+
this.protectedHeader = protectedHeader;
|
|
2526
|
+
return this;
|
|
2527
|
+
}
|
|
2528
|
+
setUnprotectedHeader(unprotectedHeader) {
|
|
2529
|
+
if (this.unprotectedHeader) throw new TypeError("setUnprotectedHeader can only be called once");
|
|
2530
|
+
this.unprotectedHeader = unprotectedHeader;
|
|
2531
|
+
return this;
|
|
2532
|
+
}
|
|
2533
|
+
addSignature(...args) {
|
|
2534
|
+
return this.#parent.addSignature(...args);
|
|
2535
|
+
}
|
|
2536
|
+
sign(...args) {
|
|
2537
|
+
return this.#parent.sign(...args);
|
|
2538
|
+
}
|
|
2539
|
+
done() {
|
|
2540
|
+
return this.#parent;
|
|
2541
|
+
}
|
|
2542
|
+
};
|
|
2543
|
+
var GeneralSign = class {
|
|
2544
|
+
#payload;
|
|
2545
|
+
#signatures = [];
|
|
2546
|
+
constructor(payload) {
|
|
2547
|
+
this.#payload = payload;
|
|
2548
|
+
}
|
|
2549
|
+
addSignature(key, options) {
|
|
2550
|
+
const signature = new IndividualSignature(this, key, options);
|
|
2551
|
+
this.#signatures.push(signature);
|
|
2552
|
+
return signature;
|
|
2553
|
+
}
|
|
2554
|
+
async sign() {
|
|
2555
|
+
if (!this.#signatures.length) throw new JWSInvalid("at least one signature must be added");
|
|
2556
|
+
const jws = {
|
|
2557
|
+
signatures: [],
|
|
2558
|
+
payload: ""
|
|
2559
|
+
};
|
|
2560
|
+
for (let i = 0; i < this.#signatures.length; i++) {
|
|
2561
|
+
const signature = this.#signatures[i];
|
|
2562
|
+
const flattened = new FlattenedSign(this.#payload);
|
|
2563
|
+
flattened.setProtectedHeader(signature.protectedHeader);
|
|
2564
|
+
flattened.setUnprotectedHeader(signature.unprotectedHeader);
|
|
2565
|
+
const { payload, ...rest } = await flattened.sign(signature.key, signature.options);
|
|
2566
|
+
if (i === 0) jws.payload = payload;
|
|
2567
|
+
else if (jws.payload !== payload) throw new JWSInvalid("inconsistent use of JWS Unencoded Payload (RFC7797)");
|
|
2568
|
+
jws.signatures.push(rest);
|
|
2569
|
+
}
|
|
2570
|
+
return jws;
|
|
2571
|
+
}
|
|
2572
|
+
};
|
|
2573
|
+
//#endregion
|
|
2574
|
+
//#region node_modules/jose/dist/webapi/jwt/sign.js
|
|
2575
|
+
var SignJWT = class {
|
|
2576
|
+
#protectedHeader;
|
|
2577
|
+
#jwt;
|
|
2578
|
+
constructor(payload = {}) {
|
|
2579
|
+
this.#jwt = new JWTClaimsBuilder(payload);
|
|
2580
|
+
}
|
|
2581
|
+
setIssuer(issuer) {
|
|
2582
|
+
this.#jwt.iss = issuer;
|
|
2583
|
+
return this;
|
|
2584
|
+
}
|
|
2585
|
+
setSubject(subject) {
|
|
2586
|
+
this.#jwt.sub = subject;
|
|
2587
|
+
return this;
|
|
2588
|
+
}
|
|
2589
|
+
setAudience(audience) {
|
|
2590
|
+
this.#jwt.aud = audience;
|
|
2591
|
+
return this;
|
|
2592
|
+
}
|
|
2593
|
+
setJti(jwtId) {
|
|
2594
|
+
this.#jwt.jti = jwtId;
|
|
2595
|
+
return this;
|
|
2596
|
+
}
|
|
2597
|
+
setNotBefore(input) {
|
|
2598
|
+
this.#jwt.nbf = input;
|
|
2599
|
+
return this;
|
|
2600
|
+
}
|
|
2601
|
+
setExpirationTime(input) {
|
|
2602
|
+
this.#jwt.exp = input;
|
|
2603
|
+
return this;
|
|
2604
|
+
}
|
|
2605
|
+
setIssuedAt(input) {
|
|
2606
|
+
this.#jwt.iat = input;
|
|
2607
|
+
return this;
|
|
2608
|
+
}
|
|
2609
|
+
setProtectedHeader(protectedHeader) {
|
|
2610
|
+
this.#protectedHeader = protectedHeader;
|
|
2611
|
+
return this;
|
|
2612
|
+
}
|
|
2613
|
+
async sign(key, options) {
|
|
2614
|
+
const sig = new CompactSign(this.#jwt.data());
|
|
2615
|
+
sig.setProtectedHeader(this.#protectedHeader);
|
|
2616
|
+
if (Array.isArray(this.#protectedHeader?.crit) && this.#protectedHeader.crit.includes("b64") && this.#protectedHeader.b64 === false) throw new JWTInvalid("JWTs MUST NOT use unencoded payload");
|
|
2617
|
+
return sig.sign(key, options);
|
|
2618
|
+
}
|
|
2619
|
+
};
|
|
2620
|
+
//#endregion
|
|
2621
|
+
//#region node_modules/jose/dist/webapi/jwt/encrypt.js
|
|
2622
|
+
var EncryptJWT = class {
|
|
2623
|
+
#cek;
|
|
2624
|
+
#iv;
|
|
2625
|
+
#keyManagementParameters;
|
|
2626
|
+
#protectedHeader;
|
|
2627
|
+
#replicateIssuerAsHeader;
|
|
2628
|
+
#replicateSubjectAsHeader;
|
|
2629
|
+
#replicateAudienceAsHeader;
|
|
2630
|
+
#jwt;
|
|
2631
|
+
constructor(payload = {}) {
|
|
2632
|
+
this.#jwt = new JWTClaimsBuilder(payload);
|
|
2633
|
+
}
|
|
2634
|
+
setIssuer(issuer) {
|
|
2635
|
+
this.#jwt.iss = issuer;
|
|
2636
|
+
return this;
|
|
2637
|
+
}
|
|
2638
|
+
setSubject(subject) {
|
|
2639
|
+
this.#jwt.sub = subject;
|
|
2640
|
+
return this;
|
|
2641
|
+
}
|
|
2642
|
+
setAudience(audience) {
|
|
2643
|
+
this.#jwt.aud = audience;
|
|
2644
|
+
return this;
|
|
2645
|
+
}
|
|
2646
|
+
setJti(jwtId) {
|
|
2647
|
+
this.#jwt.jti = jwtId;
|
|
2648
|
+
return this;
|
|
2649
|
+
}
|
|
2650
|
+
setNotBefore(input) {
|
|
2651
|
+
this.#jwt.nbf = input;
|
|
2652
|
+
return this;
|
|
2653
|
+
}
|
|
2654
|
+
setExpirationTime(input) {
|
|
2655
|
+
this.#jwt.exp = input;
|
|
2656
|
+
return this;
|
|
2657
|
+
}
|
|
2658
|
+
setIssuedAt(input) {
|
|
2659
|
+
this.#jwt.iat = input;
|
|
2660
|
+
return this;
|
|
2661
|
+
}
|
|
2662
|
+
setProtectedHeader(protectedHeader) {
|
|
2663
|
+
if (this.#protectedHeader) throw new TypeError("setProtectedHeader can only be called once");
|
|
2664
|
+
this.#protectedHeader = protectedHeader;
|
|
2665
|
+
return this;
|
|
2666
|
+
}
|
|
2667
|
+
setKeyManagementParameters(parameters) {
|
|
2668
|
+
if (this.#keyManagementParameters) throw new TypeError("setKeyManagementParameters can only be called once");
|
|
2669
|
+
this.#keyManagementParameters = parameters;
|
|
2670
|
+
return this;
|
|
2671
|
+
}
|
|
2672
|
+
setContentEncryptionKey(cek) {
|
|
2673
|
+
if (this.#cek) throw new TypeError("setContentEncryptionKey can only be called once");
|
|
2674
|
+
this.#cek = cek;
|
|
2675
|
+
return this;
|
|
2676
|
+
}
|
|
2677
|
+
setInitializationVector(iv) {
|
|
2678
|
+
if (this.#iv) throw new TypeError("setInitializationVector can only be called once");
|
|
2679
|
+
this.#iv = iv;
|
|
2680
|
+
return this;
|
|
2681
|
+
}
|
|
2682
|
+
replicateIssuerAsHeader() {
|
|
2683
|
+
this.#replicateIssuerAsHeader = true;
|
|
2684
|
+
return this;
|
|
2685
|
+
}
|
|
2686
|
+
replicateSubjectAsHeader() {
|
|
2687
|
+
this.#replicateSubjectAsHeader = true;
|
|
2688
|
+
return this;
|
|
2689
|
+
}
|
|
2690
|
+
replicateAudienceAsHeader() {
|
|
2691
|
+
this.#replicateAudienceAsHeader = true;
|
|
2692
|
+
return this;
|
|
2693
|
+
}
|
|
2694
|
+
async encrypt(key, options) {
|
|
2695
|
+
const enc = new CompactEncrypt(this.#jwt.data());
|
|
2696
|
+
if (this.#protectedHeader && (this.#replicateIssuerAsHeader || this.#replicateSubjectAsHeader || this.#replicateAudienceAsHeader)) this.#protectedHeader = {
|
|
2697
|
+
...this.#protectedHeader,
|
|
2698
|
+
iss: this.#replicateIssuerAsHeader ? this.#jwt.iss : void 0,
|
|
2699
|
+
sub: this.#replicateSubjectAsHeader ? this.#jwt.sub : void 0,
|
|
2700
|
+
aud: this.#replicateAudienceAsHeader ? this.#jwt.aud : void 0
|
|
2701
|
+
};
|
|
2702
|
+
enc.setProtectedHeader(this.#protectedHeader);
|
|
2703
|
+
if (this.#iv) enc.setInitializationVector(this.#iv);
|
|
2704
|
+
if (this.#cek) enc.setContentEncryptionKey(this.#cek);
|
|
2705
|
+
if (this.#keyManagementParameters) enc.setKeyManagementParameters(this.#keyManagementParameters);
|
|
2706
|
+
return enc.encrypt(key, options);
|
|
2707
|
+
}
|
|
2708
|
+
};
|
|
2709
|
+
//#endregion
|
|
2710
|
+
//#region node_modules/jose/dist/webapi/jwk/thumbprint.js
|
|
2711
|
+
const check = (value, description) => {
|
|
2712
|
+
if (typeof value !== "string" || !value) throw new JWKInvalid(`${description} missing or invalid`);
|
|
2713
|
+
};
|
|
2714
|
+
async function calculateJwkThumbprint(key, digestAlgorithm) {
|
|
2715
|
+
let jwk;
|
|
2716
|
+
if (isJWK(key)) jwk = key;
|
|
2717
|
+
else if (isKeyLike(key)) jwk = await exportJWK(key);
|
|
2718
|
+
else throw new TypeError(invalidKeyInput(key, "CryptoKey", "KeyObject", "JSON Web Key"));
|
|
2719
|
+
digestAlgorithm ??= "sha256";
|
|
2720
|
+
if (digestAlgorithm !== "sha256" && digestAlgorithm !== "sha384" && digestAlgorithm !== "sha512") throw new TypeError("digestAlgorithm must one of \"sha256\", \"sha384\", or \"sha512\"");
|
|
2721
|
+
let components;
|
|
2722
|
+
switch (jwk.kty) {
|
|
2723
|
+
case "AKP":
|
|
2724
|
+
check(jwk.alg, "\"alg\" (Algorithm) Parameter");
|
|
2725
|
+
check(jwk.pub, "\"pub\" (Public key) Parameter");
|
|
2726
|
+
components = {
|
|
2727
|
+
alg: jwk.alg,
|
|
2728
|
+
kty: jwk.kty,
|
|
2729
|
+
pub: jwk.pub
|
|
2730
|
+
};
|
|
2731
|
+
break;
|
|
2732
|
+
case "EC":
|
|
2733
|
+
check(jwk.crv, "\"crv\" (Curve) Parameter");
|
|
2734
|
+
check(jwk.x, "\"x\" (X Coordinate) Parameter");
|
|
2735
|
+
check(jwk.y, "\"y\" (Y Coordinate) Parameter");
|
|
2736
|
+
components = {
|
|
2737
|
+
crv: jwk.crv,
|
|
2738
|
+
kty: jwk.kty,
|
|
2739
|
+
x: jwk.x,
|
|
2740
|
+
y: jwk.y
|
|
2741
|
+
};
|
|
2742
|
+
break;
|
|
2743
|
+
case "OKP":
|
|
2744
|
+
check(jwk.crv, "\"crv\" (Subtype of Key Pair) Parameter");
|
|
2745
|
+
check(jwk.x, "\"x\" (Public Key) Parameter");
|
|
2746
|
+
components = {
|
|
2747
|
+
crv: jwk.crv,
|
|
2748
|
+
kty: jwk.kty,
|
|
2749
|
+
x: jwk.x
|
|
2750
|
+
};
|
|
2751
|
+
break;
|
|
2752
|
+
case "RSA":
|
|
2753
|
+
check(jwk.e, "\"e\" (Exponent) Parameter");
|
|
2754
|
+
check(jwk.n, "\"n\" (Modulus) Parameter");
|
|
2755
|
+
components = {
|
|
2756
|
+
e: jwk.e,
|
|
2757
|
+
kty: jwk.kty,
|
|
2758
|
+
n: jwk.n
|
|
2759
|
+
};
|
|
2760
|
+
break;
|
|
2761
|
+
case "oct":
|
|
2762
|
+
check(jwk.k, "\"k\" (Key Value) Parameter");
|
|
2763
|
+
components = {
|
|
2764
|
+
k: jwk.k,
|
|
2765
|
+
kty: jwk.kty
|
|
2766
|
+
};
|
|
2767
|
+
break;
|
|
2768
|
+
default: throw new JOSENotSupported("\"kty\" (Key Type) Parameter missing or unsupported");
|
|
2769
|
+
}
|
|
2770
|
+
const data = encode$1(JSON.stringify(components));
|
|
2771
|
+
return encode(await digest(digestAlgorithm, data));
|
|
2772
|
+
}
|
|
2773
|
+
async function calculateJwkThumbprintUri(key, digestAlgorithm) {
|
|
2774
|
+
digestAlgorithm ??= "sha256";
|
|
2775
|
+
const thumbprint = await calculateJwkThumbprint(key, digestAlgorithm);
|
|
2776
|
+
return `urn:ietf:params:oauth:jwk-thumbprint:sha-${digestAlgorithm.slice(-3)}:${thumbprint}`;
|
|
2777
|
+
}
|
|
2778
|
+
//#endregion
|
|
2779
|
+
//#region node_modules/jose/dist/webapi/jwk/embedded.js
|
|
2780
|
+
async function EmbeddedJWK(protectedHeader, token) {
|
|
2781
|
+
const joseHeader = {
|
|
2782
|
+
...protectedHeader,
|
|
2783
|
+
...token?.header
|
|
2784
|
+
};
|
|
2785
|
+
if (!isObject(joseHeader.jwk)) throw new JWSInvalid("\"jwk\" (JSON Web Key) Header Parameter must be a JSON object");
|
|
2786
|
+
const key = await importJWK({
|
|
2787
|
+
...joseHeader.jwk,
|
|
2788
|
+
ext: true
|
|
2789
|
+
}, joseHeader.alg);
|
|
2790
|
+
if (key instanceof Uint8Array || key.type !== "public") throw new JWSInvalid("\"jwk\" (JSON Web Key) Header Parameter must be a public key");
|
|
2791
|
+
return key;
|
|
2792
|
+
}
|
|
2793
|
+
//#endregion
|
|
2794
|
+
//#region node_modules/jose/dist/webapi/jwks/local.js
|
|
2795
|
+
function getKtyFromAlg(alg) {
|
|
2796
|
+
switch (typeof alg === "string" && alg.slice(0, 2)) {
|
|
2797
|
+
case "RS":
|
|
2798
|
+
case "PS": return "RSA";
|
|
2799
|
+
case "ES": return "EC";
|
|
2800
|
+
case "Ed": return "OKP";
|
|
2801
|
+
case "ML": return "AKP";
|
|
2802
|
+
default: throw new JOSENotSupported("Unsupported \"alg\" value for a JSON Web Key Set");
|
|
2803
|
+
}
|
|
2804
|
+
}
|
|
2805
|
+
function isJWKSLike(jwks) {
|
|
2806
|
+
return jwks && typeof jwks === "object" && Array.isArray(jwks.keys) && jwks.keys.every(isJWKLike);
|
|
2807
|
+
}
|
|
2808
|
+
function isJWKLike(key) {
|
|
2809
|
+
return isObject(key);
|
|
2810
|
+
}
|
|
2811
|
+
var LocalJWKSet = class {
|
|
2812
|
+
#jwks;
|
|
2813
|
+
#cached = /* @__PURE__ */ new WeakMap();
|
|
2814
|
+
constructor(jwks) {
|
|
2815
|
+
if (!isJWKSLike(jwks)) throw new JWKSInvalid("JSON Web Key Set malformed");
|
|
2816
|
+
this.#jwks = structuredClone(jwks);
|
|
2817
|
+
}
|
|
2818
|
+
jwks() {
|
|
2819
|
+
return this.#jwks;
|
|
2820
|
+
}
|
|
2821
|
+
async getKey(protectedHeader, token) {
|
|
2822
|
+
const { alg, kid } = {
|
|
2823
|
+
...protectedHeader,
|
|
2824
|
+
...token?.header
|
|
2825
|
+
};
|
|
2826
|
+
const kty = getKtyFromAlg(alg);
|
|
2827
|
+
const candidates = this.#jwks.keys.filter((jwk) => {
|
|
2828
|
+
let candidate = kty === jwk.kty;
|
|
2829
|
+
if (candidate && typeof kid === "string") candidate = kid === jwk.kid;
|
|
2830
|
+
if (candidate && (typeof jwk.alg === "string" || kty === "AKP")) candidate = alg === jwk.alg;
|
|
2831
|
+
if (candidate && typeof jwk.use === "string") candidate = jwk.use === "sig";
|
|
2832
|
+
if (candidate && Array.isArray(jwk.key_ops)) candidate = jwk.key_ops.includes("verify");
|
|
2833
|
+
if (candidate) switch (alg) {
|
|
2834
|
+
case "ES256":
|
|
2835
|
+
candidate = jwk.crv === "P-256";
|
|
2836
|
+
break;
|
|
2837
|
+
case "ES384":
|
|
2838
|
+
candidate = jwk.crv === "P-384";
|
|
2839
|
+
break;
|
|
2840
|
+
case "ES512":
|
|
2841
|
+
candidate = jwk.crv === "P-521";
|
|
2842
|
+
break;
|
|
2843
|
+
case "Ed25519":
|
|
2844
|
+
case "EdDSA":
|
|
2845
|
+
candidate = jwk.crv === "Ed25519";
|
|
2846
|
+
break;
|
|
2847
|
+
}
|
|
2848
|
+
return candidate;
|
|
2849
|
+
});
|
|
2850
|
+
const { 0: jwk, length } = candidates;
|
|
2851
|
+
if (length === 0) throw new JWKSNoMatchingKey();
|
|
2852
|
+
if (length !== 1) {
|
|
2853
|
+
const error = new JWKSMultipleMatchingKeys();
|
|
2854
|
+
const _cached = this.#cached;
|
|
2855
|
+
error[Symbol.asyncIterator] = async function* () {
|
|
2856
|
+
for (const jwk of candidates) try {
|
|
2857
|
+
yield await importWithAlgCache(_cached, jwk, alg);
|
|
2858
|
+
} catch {}
|
|
2859
|
+
};
|
|
2860
|
+
throw error;
|
|
2861
|
+
}
|
|
2862
|
+
return importWithAlgCache(this.#cached, jwk, alg);
|
|
2863
|
+
}
|
|
2864
|
+
};
|
|
2865
|
+
async function importWithAlgCache(cache, jwk, alg) {
|
|
2866
|
+
const cached = cache.get(jwk) || cache.set(jwk, {}).get(jwk);
|
|
2867
|
+
if (cached[alg] === void 0) {
|
|
2868
|
+
const key = await importJWK({
|
|
2869
|
+
...jwk,
|
|
2870
|
+
ext: true
|
|
2871
|
+
}, alg);
|
|
2872
|
+
if (key instanceof Uint8Array || key.type !== "public") throw new JWKSInvalid("JSON Web Key Set members must be public keys");
|
|
2873
|
+
cached[alg] = key;
|
|
2874
|
+
}
|
|
2875
|
+
return cached[alg];
|
|
2876
|
+
}
|
|
2877
|
+
function createLocalJWKSet(jwks) {
|
|
2878
|
+
const set = new LocalJWKSet(jwks);
|
|
2879
|
+
const localJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token);
|
|
2880
|
+
Object.defineProperties(localJWKSet, { jwks: {
|
|
2881
|
+
value: () => structuredClone(set.jwks()),
|
|
2882
|
+
enumerable: false,
|
|
2883
|
+
configurable: false,
|
|
2884
|
+
writable: false
|
|
2885
|
+
} });
|
|
2886
|
+
return localJWKSet;
|
|
2887
|
+
}
|
|
2888
|
+
//#endregion
|
|
2889
|
+
//#region node_modules/jose/dist/webapi/jwks/remote.js
|
|
2890
|
+
function isCloudflareWorkers() {
|
|
2891
|
+
return typeof WebSocketPair !== "undefined" || typeof navigator !== "undefined" && navigator.userAgent === "Cloudflare-Workers" || typeof EdgeRuntime !== "undefined" && EdgeRuntime === "vercel";
|
|
2892
|
+
}
|
|
2893
|
+
let USER_AGENT;
|
|
2894
|
+
if (typeof navigator === "undefined" || !navigator.userAgent?.startsWith?.("Mozilla/5.0 ")) USER_AGENT = `jose/v6.2.0`;
|
|
2895
|
+
const customFetch = Symbol();
|
|
2896
|
+
async function fetchJwks(url, headers, signal, fetchImpl = fetch) {
|
|
2897
|
+
const response = await fetchImpl(url, {
|
|
2898
|
+
method: "GET",
|
|
2899
|
+
signal,
|
|
2900
|
+
redirect: "manual",
|
|
2901
|
+
headers
|
|
2902
|
+
}).catch((err) => {
|
|
2903
|
+
if (err.name === "TimeoutError") throw new JWKSTimeout();
|
|
2904
|
+
throw err;
|
|
2905
|
+
});
|
|
2906
|
+
if (response.status !== 200) throw new JOSEError("Expected 200 OK from the JSON Web Key Set HTTP response");
|
|
2907
|
+
try {
|
|
2908
|
+
return await response.json();
|
|
2909
|
+
} catch {
|
|
2910
|
+
throw new JOSEError("Failed to parse the JSON Web Key Set HTTP response as JSON");
|
|
2911
|
+
}
|
|
2912
|
+
}
|
|
2913
|
+
const jwksCache = Symbol();
|
|
2914
|
+
function isFreshJwksCache(input, cacheMaxAge) {
|
|
2915
|
+
if (typeof input !== "object" || input === null) return false;
|
|
2916
|
+
if (!("uat" in input) || typeof input.uat !== "number" || Date.now() - input.uat >= cacheMaxAge) return false;
|
|
2917
|
+
if (!("jwks" in input) || !isObject(input.jwks) || !Array.isArray(input.jwks.keys) || !Array.prototype.every.call(input.jwks.keys, isObject)) return false;
|
|
2918
|
+
return true;
|
|
2919
|
+
}
|
|
2920
|
+
var RemoteJWKSet = class {
|
|
2921
|
+
#url;
|
|
2922
|
+
#timeoutDuration;
|
|
2923
|
+
#cooldownDuration;
|
|
2924
|
+
#cacheMaxAge;
|
|
2925
|
+
#jwksTimestamp;
|
|
2926
|
+
#pendingFetch;
|
|
2927
|
+
#headers;
|
|
2928
|
+
#customFetch;
|
|
2929
|
+
#local;
|
|
2930
|
+
#cache;
|
|
2931
|
+
constructor(url, options) {
|
|
2932
|
+
if (!(url instanceof URL)) throw new TypeError("url must be an instance of URL");
|
|
2933
|
+
this.#url = new URL(url.href);
|
|
2934
|
+
this.#timeoutDuration = typeof options?.timeoutDuration === "number" ? options?.timeoutDuration : 5e3;
|
|
2935
|
+
this.#cooldownDuration = typeof options?.cooldownDuration === "number" ? options?.cooldownDuration : 3e4;
|
|
2936
|
+
this.#cacheMaxAge = typeof options?.cacheMaxAge === "number" ? options?.cacheMaxAge : 6e5;
|
|
2937
|
+
this.#headers = new Headers(options?.headers);
|
|
2938
|
+
if (USER_AGENT && !this.#headers.has("User-Agent")) this.#headers.set("User-Agent", USER_AGENT);
|
|
2939
|
+
if (!this.#headers.has("accept")) {
|
|
2940
|
+
this.#headers.set("accept", "application/json");
|
|
2941
|
+
this.#headers.append("accept", "application/jwk-set+json");
|
|
2942
|
+
}
|
|
2943
|
+
this.#customFetch = options?.[customFetch];
|
|
2944
|
+
if (options?.[jwksCache] !== void 0) {
|
|
2945
|
+
this.#cache = options?.[jwksCache];
|
|
2946
|
+
if (isFreshJwksCache(options?.[jwksCache], this.#cacheMaxAge)) {
|
|
2947
|
+
this.#jwksTimestamp = this.#cache.uat;
|
|
2948
|
+
this.#local = createLocalJWKSet(this.#cache.jwks);
|
|
2949
|
+
}
|
|
2950
|
+
}
|
|
2951
|
+
}
|
|
2952
|
+
pendingFetch() {
|
|
2953
|
+
return !!this.#pendingFetch;
|
|
2954
|
+
}
|
|
2955
|
+
coolingDown() {
|
|
2956
|
+
return typeof this.#jwksTimestamp === "number" ? Date.now() < this.#jwksTimestamp + this.#cooldownDuration : false;
|
|
2957
|
+
}
|
|
2958
|
+
fresh() {
|
|
2959
|
+
return typeof this.#jwksTimestamp === "number" ? Date.now() < this.#jwksTimestamp + this.#cacheMaxAge : false;
|
|
2960
|
+
}
|
|
2961
|
+
jwks() {
|
|
2962
|
+
return this.#local?.jwks();
|
|
2963
|
+
}
|
|
2964
|
+
async getKey(protectedHeader, token) {
|
|
2965
|
+
if (!this.#local || !this.fresh()) await this.reload();
|
|
2966
|
+
try {
|
|
2967
|
+
return await this.#local(protectedHeader, token);
|
|
2968
|
+
} catch (err) {
|
|
2969
|
+
if (err instanceof JWKSNoMatchingKey) {
|
|
2970
|
+
if (this.coolingDown() === false) {
|
|
2971
|
+
await this.reload();
|
|
2972
|
+
return this.#local(protectedHeader, token);
|
|
2973
|
+
}
|
|
2974
|
+
}
|
|
2975
|
+
throw err;
|
|
2976
|
+
}
|
|
2977
|
+
}
|
|
2978
|
+
async reload() {
|
|
2979
|
+
if (this.#pendingFetch && isCloudflareWorkers()) this.#pendingFetch = void 0;
|
|
2980
|
+
this.#pendingFetch ||= fetchJwks(this.#url.href, this.#headers, AbortSignal.timeout(this.#timeoutDuration), this.#customFetch).then((json) => {
|
|
2981
|
+
this.#local = createLocalJWKSet(json);
|
|
2982
|
+
if (this.#cache) {
|
|
2983
|
+
this.#cache.uat = Date.now();
|
|
2984
|
+
this.#cache.jwks = json;
|
|
2985
|
+
}
|
|
2986
|
+
this.#jwksTimestamp = Date.now();
|
|
2987
|
+
this.#pendingFetch = void 0;
|
|
2988
|
+
}).catch((err) => {
|
|
2989
|
+
this.#pendingFetch = void 0;
|
|
2990
|
+
throw err;
|
|
2991
|
+
});
|
|
2992
|
+
await this.#pendingFetch;
|
|
2993
|
+
}
|
|
2994
|
+
};
|
|
2995
|
+
function createRemoteJWKSet(url, options) {
|
|
2996
|
+
const set = new RemoteJWKSet(url, options);
|
|
2997
|
+
const remoteJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token);
|
|
2998
|
+
Object.defineProperties(remoteJWKSet, {
|
|
2999
|
+
coolingDown: {
|
|
3000
|
+
get: () => set.coolingDown(),
|
|
3001
|
+
enumerable: true,
|
|
3002
|
+
configurable: false
|
|
3003
|
+
},
|
|
3004
|
+
fresh: {
|
|
3005
|
+
get: () => set.fresh(),
|
|
3006
|
+
enumerable: true,
|
|
3007
|
+
configurable: false
|
|
3008
|
+
},
|
|
3009
|
+
reload: {
|
|
3010
|
+
value: () => set.reload(),
|
|
3011
|
+
enumerable: true,
|
|
3012
|
+
configurable: false,
|
|
3013
|
+
writable: false
|
|
3014
|
+
},
|
|
3015
|
+
reloading: {
|
|
3016
|
+
get: () => set.pendingFetch(),
|
|
3017
|
+
enumerable: true,
|
|
3018
|
+
configurable: false
|
|
3019
|
+
},
|
|
3020
|
+
jwks: {
|
|
3021
|
+
value: () => set.jwks(),
|
|
3022
|
+
enumerable: true,
|
|
3023
|
+
configurable: false,
|
|
3024
|
+
writable: false
|
|
3025
|
+
}
|
|
3026
|
+
});
|
|
3027
|
+
return remoteJWKSet;
|
|
3028
|
+
}
|
|
3029
|
+
//#endregion
|
|
3030
|
+
//#region node_modules/jose/dist/webapi/jwt/unsecured.js
|
|
3031
|
+
var UnsecuredJWT = class {
|
|
3032
|
+
#jwt;
|
|
3033
|
+
constructor(payload = {}) {
|
|
3034
|
+
this.#jwt = new JWTClaimsBuilder(payload);
|
|
3035
|
+
}
|
|
3036
|
+
encode() {
|
|
3037
|
+
return `${encode(JSON.stringify({ alg: "none" }))}.${encode(this.#jwt.data())}.`;
|
|
3038
|
+
}
|
|
3039
|
+
setIssuer(issuer) {
|
|
3040
|
+
this.#jwt.iss = issuer;
|
|
3041
|
+
return this;
|
|
3042
|
+
}
|
|
3043
|
+
setSubject(subject) {
|
|
3044
|
+
this.#jwt.sub = subject;
|
|
3045
|
+
return this;
|
|
3046
|
+
}
|
|
3047
|
+
setAudience(audience) {
|
|
3048
|
+
this.#jwt.aud = audience;
|
|
3049
|
+
return this;
|
|
3050
|
+
}
|
|
3051
|
+
setJti(jwtId) {
|
|
3052
|
+
this.#jwt.jti = jwtId;
|
|
3053
|
+
return this;
|
|
3054
|
+
}
|
|
3055
|
+
setNotBefore(input) {
|
|
3056
|
+
this.#jwt.nbf = input;
|
|
3057
|
+
return this;
|
|
3058
|
+
}
|
|
3059
|
+
setExpirationTime(input) {
|
|
3060
|
+
this.#jwt.exp = input;
|
|
3061
|
+
return this;
|
|
3062
|
+
}
|
|
3063
|
+
setIssuedAt(input) {
|
|
3064
|
+
this.#jwt.iat = input;
|
|
3065
|
+
return this;
|
|
3066
|
+
}
|
|
3067
|
+
static decode(jwt, options) {
|
|
3068
|
+
if (typeof jwt !== "string") throw new JWTInvalid("Unsecured JWT must be a string");
|
|
3069
|
+
const { 0: encodedHeader, 1: encodedPayload, 2: signature, length } = jwt.split(".");
|
|
3070
|
+
if (length !== 3 || signature !== "") throw new JWTInvalid("Invalid Unsecured JWT");
|
|
3071
|
+
let header;
|
|
3072
|
+
try {
|
|
3073
|
+
header = JSON.parse(decoder.decode(decode(encodedHeader)));
|
|
3074
|
+
if (header.alg !== "none") throw new Error();
|
|
3075
|
+
} catch {
|
|
3076
|
+
throw new JWTInvalid("Invalid Unsecured JWT");
|
|
3077
|
+
}
|
|
3078
|
+
return {
|
|
3079
|
+
payload: validateClaimsSet(header, decode(encodedPayload), options),
|
|
3080
|
+
header
|
|
3081
|
+
};
|
|
3082
|
+
}
|
|
3083
|
+
};
|
|
3084
|
+
//#endregion
|
|
3085
|
+
//#region node_modules/jose/dist/webapi/util/decode_protected_header.js
|
|
3086
|
+
function decodeProtectedHeader(token) {
|
|
3087
|
+
let protectedB64u;
|
|
3088
|
+
if (typeof token === "string") {
|
|
3089
|
+
const parts = token.split(".");
|
|
3090
|
+
if (parts.length === 3 || parts.length === 5) [protectedB64u] = parts;
|
|
3091
|
+
} else if (typeof token === "object" && token) if ("protected" in token) protectedB64u = token.protected;
|
|
3092
|
+
else throw new TypeError("Token does not contain a Protected Header");
|
|
3093
|
+
try {
|
|
3094
|
+
if (typeof protectedB64u !== "string" || !protectedB64u) throw new Error();
|
|
3095
|
+
const result = JSON.parse(decoder.decode(decode(protectedB64u)));
|
|
3096
|
+
if (!isObject(result)) throw new Error();
|
|
3097
|
+
return result;
|
|
3098
|
+
} catch {
|
|
3099
|
+
throw new TypeError("Invalid Token or Protected Header formatting");
|
|
3100
|
+
}
|
|
3101
|
+
}
|
|
3102
|
+
//#endregion
|
|
3103
|
+
//#region node_modules/jose/dist/webapi/util/decode_jwt.js
|
|
3104
|
+
function decodeJwt(jwt) {
|
|
3105
|
+
if (typeof jwt !== "string") throw new JWTInvalid("JWTs must use Compact JWS serialization, JWT must be a string");
|
|
3106
|
+
const { 1: payload, length } = jwt.split(".");
|
|
3107
|
+
if (length === 5) throw new JWTInvalid("Only JWTs using Compact JWS serialization can be decoded");
|
|
3108
|
+
if (length !== 3) throw new JWTInvalid("Invalid JWT");
|
|
3109
|
+
if (!payload) throw new JWTInvalid("JWTs must contain a payload");
|
|
3110
|
+
let decoded;
|
|
3111
|
+
try {
|
|
3112
|
+
decoded = decode(payload);
|
|
3113
|
+
} catch {
|
|
3114
|
+
throw new JWTInvalid("Failed to base64url decode the payload");
|
|
3115
|
+
}
|
|
3116
|
+
let result;
|
|
3117
|
+
try {
|
|
3118
|
+
result = JSON.parse(decoder.decode(decoded));
|
|
3119
|
+
} catch {
|
|
3120
|
+
throw new JWTInvalid("Failed to parse the decoded payload as JSON");
|
|
3121
|
+
}
|
|
3122
|
+
if (!isObject(result)) throw new JWTInvalid("Invalid JWT Claims Set");
|
|
3123
|
+
return result;
|
|
3124
|
+
}
|
|
3125
|
+
//#endregion
|
|
3126
|
+
//#region node_modules/jose/dist/webapi/key/generate_key_pair.js
|
|
3127
|
+
function getModulusLengthOption(options) {
|
|
3128
|
+
const modulusLength = options?.modulusLength ?? 2048;
|
|
3129
|
+
if (typeof modulusLength !== "number" || modulusLength < 2048) throw new JOSENotSupported("Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used");
|
|
3130
|
+
return modulusLength;
|
|
3131
|
+
}
|
|
3132
|
+
async function generateKeyPair(alg, options) {
|
|
3133
|
+
let algorithm;
|
|
3134
|
+
let keyUsages;
|
|
3135
|
+
switch (alg) {
|
|
3136
|
+
case "PS256":
|
|
3137
|
+
case "PS384":
|
|
3138
|
+
case "PS512":
|
|
3139
|
+
algorithm = {
|
|
3140
|
+
name: "RSA-PSS",
|
|
3141
|
+
hash: `SHA-${alg.slice(-3)}`,
|
|
3142
|
+
publicExponent: Uint8Array.of(1, 0, 1),
|
|
3143
|
+
modulusLength: getModulusLengthOption(options)
|
|
3144
|
+
};
|
|
3145
|
+
keyUsages = ["sign", "verify"];
|
|
3146
|
+
break;
|
|
3147
|
+
case "RS256":
|
|
3148
|
+
case "RS384":
|
|
3149
|
+
case "RS512":
|
|
3150
|
+
algorithm = {
|
|
3151
|
+
name: "RSASSA-PKCS1-v1_5",
|
|
3152
|
+
hash: `SHA-${alg.slice(-3)}`,
|
|
3153
|
+
publicExponent: Uint8Array.of(1, 0, 1),
|
|
3154
|
+
modulusLength: getModulusLengthOption(options)
|
|
3155
|
+
};
|
|
3156
|
+
keyUsages = ["sign", "verify"];
|
|
3157
|
+
break;
|
|
3158
|
+
case "RSA-OAEP":
|
|
3159
|
+
case "RSA-OAEP-256":
|
|
3160
|
+
case "RSA-OAEP-384":
|
|
3161
|
+
case "RSA-OAEP-512":
|
|
3162
|
+
algorithm = {
|
|
3163
|
+
name: "RSA-OAEP",
|
|
3164
|
+
hash: `SHA-${parseInt(alg.slice(-3), 10) || 1}`,
|
|
3165
|
+
publicExponent: Uint8Array.of(1, 0, 1),
|
|
3166
|
+
modulusLength: getModulusLengthOption(options)
|
|
3167
|
+
};
|
|
3168
|
+
keyUsages = [
|
|
3169
|
+
"decrypt",
|
|
3170
|
+
"unwrapKey",
|
|
3171
|
+
"encrypt",
|
|
3172
|
+
"wrapKey"
|
|
3173
|
+
];
|
|
3174
|
+
break;
|
|
3175
|
+
case "ES256":
|
|
3176
|
+
algorithm = {
|
|
3177
|
+
name: "ECDSA",
|
|
3178
|
+
namedCurve: "P-256"
|
|
3179
|
+
};
|
|
3180
|
+
keyUsages = ["sign", "verify"];
|
|
3181
|
+
break;
|
|
3182
|
+
case "ES384":
|
|
3183
|
+
algorithm = {
|
|
3184
|
+
name: "ECDSA",
|
|
3185
|
+
namedCurve: "P-384"
|
|
3186
|
+
};
|
|
3187
|
+
keyUsages = ["sign", "verify"];
|
|
3188
|
+
break;
|
|
3189
|
+
case "ES512":
|
|
3190
|
+
algorithm = {
|
|
3191
|
+
name: "ECDSA",
|
|
3192
|
+
namedCurve: "P-521"
|
|
3193
|
+
};
|
|
3194
|
+
keyUsages = ["sign", "verify"];
|
|
3195
|
+
break;
|
|
3196
|
+
case "Ed25519":
|
|
3197
|
+
case "EdDSA":
|
|
3198
|
+
keyUsages = ["sign", "verify"];
|
|
3199
|
+
algorithm = { name: "Ed25519" };
|
|
3200
|
+
break;
|
|
3201
|
+
case "ML-DSA-44":
|
|
3202
|
+
case "ML-DSA-65":
|
|
3203
|
+
case "ML-DSA-87":
|
|
3204
|
+
keyUsages = ["sign", "verify"];
|
|
3205
|
+
algorithm = { name: alg };
|
|
3206
|
+
break;
|
|
3207
|
+
case "ECDH-ES":
|
|
3208
|
+
case "ECDH-ES+A128KW":
|
|
3209
|
+
case "ECDH-ES+A192KW":
|
|
3210
|
+
case "ECDH-ES+A256KW": {
|
|
3211
|
+
keyUsages = ["deriveBits"];
|
|
3212
|
+
const crv = options?.crv ?? "P-256";
|
|
3213
|
+
switch (crv) {
|
|
3214
|
+
case "P-256":
|
|
3215
|
+
case "P-384":
|
|
3216
|
+
case "P-521":
|
|
3217
|
+
algorithm = {
|
|
3218
|
+
name: "ECDH",
|
|
3219
|
+
namedCurve: crv
|
|
3220
|
+
};
|
|
3221
|
+
break;
|
|
3222
|
+
case "X25519":
|
|
3223
|
+
algorithm = { name: "X25519" };
|
|
3224
|
+
break;
|
|
3225
|
+
default: throw new JOSENotSupported("Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, and X25519");
|
|
3226
|
+
}
|
|
3227
|
+
break;
|
|
3228
|
+
}
|
|
3229
|
+
default: throw new JOSENotSupported("Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value");
|
|
3230
|
+
}
|
|
3231
|
+
return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages);
|
|
3232
|
+
}
|
|
3233
|
+
//#endregion
|
|
3234
|
+
//#region node_modules/jose/dist/webapi/key/generate_secret.js
|
|
3235
|
+
async function generateSecret(alg, options) {
|
|
3236
|
+
let length;
|
|
3237
|
+
let algorithm;
|
|
3238
|
+
let keyUsages;
|
|
3239
|
+
switch (alg) {
|
|
3240
|
+
case "HS256":
|
|
3241
|
+
case "HS384":
|
|
3242
|
+
case "HS512":
|
|
3243
|
+
length = parseInt(alg.slice(-3), 10);
|
|
3244
|
+
algorithm = {
|
|
3245
|
+
name: "HMAC",
|
|
3246
|
+
hash: `SHA-${length}`,
|
|
3247
|
+
length
|
|
3248
|
+
};
|
|
3249
|
+
keyUsages = ["sign", "verify"];
|
|
3250
|
+
break;
|
|
3251
|
+
case "A128CBC-HS256":
|
|
3252
|
+
case "A192CBC-HS384":
|
|
3253
|
+
case "A256CBC-HS512":
|
|
3254
|
+
length = parseInt(alg.slice(-3), 10);
|
|
3255
|
+
return crypto.getRandomValues(new Uint8Array(length >> 3));
|
|
3256
|
+
case "A128KW":
|
|
3257
|
+
case "A192KW":
|
|
3258
|
+
case "A256KW":
|
|
3259
|
+
length = parseInt(alg.slice(1, 4), 10);
|
|
3260
|
+
algorithm = {
|
|
3261
|
+
name: "AES-KW",
|
|
3262
|
+
length
|
|
3263
|
+
};
|
|
3264
|
+
keyUsages = ["wrapKey", "unwrapKey"];
|
|
3265
|
+
break;
|
|
3266
|
+
case "A128GCMKW":
|
|
3267
|
+
case "A192GCMKW":
|
|
3268
|
+
case "A256GCMKW":
|
|
3269
|
+
case "A128GCM":
|
|
3270
|
+
case "A192GCM":
|
|
3271
|
+
case "A256GCM":
|
|
3272
|
+
length = parseInt(alg.slice(1, 4), 10);
|
|
3273
|
+
algorithm = {
|
|
3274
|
+
name: "AES-GCM",
|
|
3275
|
+
length
|
|
3276
|
+
};
|
|
3277
|
+
keyUsages = ["encrypt", "decrypt"];
|
|
3278
|
+
break;
|
|
3279
|
+
default: throw new JOSENotSupported("Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value");
|
|
3280
|
+
}
|
|
3281
|
+
return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages);
|
|
3282
|
+
}
|
|
3283
|
+
//#endregion
|
|
3284
|
+
//#region node_modules/jose/dist/webapi/index.js
|
|
3285
|
+
const cryptoRuntime = "WebCryptoAPI";
|
|
3286
|
+
//#endregion
|
|
3287
|
+
export { CompactEncrypt, CompactSign, EmbeddedJWK, EncryptJWT, FlattenedEncrypt, FlattenedSign, GeneralEncrypt, GeneralSign, SignJWT, UnsecuredJWT, base64url_exports as base64url, calculateJwkThumbprint, calculateJwkThumbprintUri, compactDecrypt, compactVerify, createLocalJWKSet, createRemoteJWKSet, cryptoRuntime, customFetch, decodeJwt, decodeProtectedHeader, errors_exports as errors, exportJWK, exportPKCS8, exportSPKI, flattenedDecrypt, flattenedVerify, generalDecrypt, generalVerify, generateKeyPair, generateSecret, importJWK, importPKCS8, importSPKI, importX509, jwksCache, jwtDecrypt, jwtVerify };
|
|
3288
|
+
|
|
3289
|
+
//# sourceMappingURL=webapi-oTg8yaNv.mjs.map
|