aquaman-core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (47) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +51 -0
  3. package/dist/audit/index.d.ts +5 -0
  4. package/dist/audit/index.d.ts.map +1 -0
  5. package/dist/audit/index.js +5 -0
  6. package/dist/audit/index.js.map +1 -0
  7. package/dist/audit/logger.d.ts +48 -0
  8. package/dist/audit/logger.d.ts.map +1 -0
  9. package/dist/audit/logger.js +237 -0
  10. package/dist/audit/logger.js.map +1 -0
  11. package/dist/credentials/backends/onepassword.d.ts +38 -0
  12. package/dist/credentials/backends/onepassword.d.ts.map +1 -0
  13. package/dist/credentials/backends/onepassword.js +218 -0
  14. package/dist/credentials/backends/onepassword.js.map +1 -0
  15. package/dist/credentials/backends/vault.d.ts +56 -0
  16. package/dist/credentials/backends/vault.d.ts.map +1 -0
  17. package/dist/credentials/backends/vault.js +206 -0
  18. package/dist/credentials/backends/vault.js.map +1 -0
  19. package/dist/credentials/index.d.ts +7 -0
  20. package/dist/credentials/index.d.ts.map +1 -0
  21. package/dist/credentials/index.js +7 -0
  22. package/dist/credentials/index.js.map +1 -0
  23. package/dist/credentials/store.d.ts +88 -0
  24. package/dist/credentials/store.d.ts.map +1 -0
  25. package/dist/credentials/store.js +221 -0
  26. package/dist/credentials/store.js.map +1 -0
  27. package/dist/index.d.ts +14 -0
  28. package/dist/index.d.ts.map +1 -0
  29. package/dist/index.js +18 -0
  30. package/dist/index.js.map +1 -0
  31. package/dist/types.d.ts +85 -0
  32. package/dist/types.d.ts.map +1 -0
  33. package/dist/types.js +11 -0
  34. package/dist/types.js.map +1 -0
  35. package/dist/utils/config.d.ts +18 -0
  36. package/dist/utils/config.d.ts.map +1 -0
  37. package/dist/utils/config.js +115 -0
  38. package/dist/utils/config.js.map +1 -0
  39. package/dist/utils/hash.d.ts +27 -0
  40. package/dist/utils/hash.d.ts.map +1 -0
  41. package/dist/utils/hash.js +348 -0
  42. package/dist/utils/hash.js.map +1 -0
  43. package/dist/utils/index.d.ts +6 -0
  44. package/dist/utils/index.d.ts.map +1 -0
  45. package/dist/utils/index.js +6 -0
  46. package/dist/utils/index.js.map +1 -0
  47. package/package.json +63 -0
package/dist/credentials/backends/onepassword.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"onepassword.js","sourceRoot":"","sources":["../../../src/credentials/backends/onepassword.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAQ/C,MAAM,aAAa,GAAG,SAAS,CAAC;AAChC,MAAM,WAAW,GAAG,SAAS,CAAC;AAE9B,MAAM,OAAO,gBAAgB;IACnB,KAAK,CAAS;IACd,OAAO,CAAU;IACjB,MAAM,GAAkB,IAAI,CAAC;IAErC,YAAY,OAAiC;QAC3C,IAAI,CAAC,KAAK,GAAG,OAAO,EAAE,KAAK,IAAI,aAAa,CAAC;QAC7C,IAAI,CAAC,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC;QAChC,IAAI,CAAC,aAAa,EAAE,CAAC;IACvB,CAAC;IAEO,aAAa;QACnB,+BAA+B;QAC/B,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;YACjE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACxB,MAAM,IAAI,KAAK,CAAC,2FAA2F,CAAC,CAAC;YAC/G,CAAC;YACD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACrC,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CAAC,2FAA2F,CAAC,CAAC;QAC/G,CAAC;QAED,qBAAqB;QACrB,IAAI,CAAC;YACH,IAAI,CAAC,KAAK,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC;QACjC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,IAAc,EAAE,KAAc;QAC1C,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACpE,MAAM,QAAQ,GAAG,CAAC,GAAG,IAAI,EAAE,GAAG,WAAW,CAAC,CAAC;QAE3C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,EAAE,QAAQ,EAAE;gBACvC,QAAQ,EAAE,OAAO;gBACjB,KAAK;gBACL,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI;aAC5B,CAAC,CAAC;YAEH,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACxB,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,IAAI,eAAe,CAAC;gBAChE,MAAM,IAAI,KAAK,CAAC,sBAAsB,KAAK,EAAE,CAAC,CAAC;YACjD,CAAC;YAED,OAAO,MAAM,CAAC,MAAM,CAAC;QACvB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,CAAC;gBAC1E,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,6BAA6B,KAAK,EAAE,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAEO,WAAW,CAAC,OAAe,EAAE,GAAW;QAC9C,OAAO,GAAG,WAAW,IAAI,OAAO,IAAI,GAAG,EAAE,CAAC;IAC5C,CAAC;IAEO,aAAa,CAAC,QAAgB;QACpC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,WAAW,GAAG,CAAC,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAChE,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,mEAAmE;QACnE,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACzB,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACrC,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;IAC1B,CAAC;IAEO,iBAAiB;QACvB,IAAI,CAAC;YACH,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,iCAAiC;YACjC,IAAI,CAAC;gBACH,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC5C,OAAO,CAAC,GAAG,CAAC,4BAA4B,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;YACxD,CAAC;YAAC,OAAO,WAAW,EAAE,CAAC;gBACrB,MAAM,IAAI,KAAK,CAAC,2BAA2B,IAAI,CAAC,KAAK,MAAM,WAAW,EAAE,CAAC,CAAC;YAC5E,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,OAAe,EAAE,GAAW;QACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAEhD,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC;gBACxB,MAAM,EAAE,KAAK,EAAE,QAAQ;gBACvB,SAAS,EAAE,IAAI,CAAC,KAAK;gBACrB,UAAU,EAAE,YAAY;gBACxB,UAAU,EAAE,MAAM;aACnB,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YAClC,OAAO,MAAM,CAAC,KAAK,IAAI,IAAI,CAAC;QAC9B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,iCAAiC;YACjC,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBAClE,OAAO,IAAI,CAAC;YACd,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,OAAe,EAAE,GAAW,EAAE,KAAa,EAAE,QAAiC;QACtF,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAEzB,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAChD,MAAM,IAAI,GAAG,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAEpC,+BAA+B;QAC/B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAE9C,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;YACtB,uBAAuB;YACvB,IAAI,CAAC,KAAK,CAAC;gBACT,MAAM,EAAE,MAAM,EAAE,QAAQ;gBACxB,SAAS,EAAE,IAAI,CAAC,KAAK;gBACrB,cAAc,KAAK,EAAE;aACtB,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,kBAAkB;YAClB,MAAM,UAAU,GAAG;gBACjB,MAAM,EAAE,QAAQ;gBAChB,YAAY,EAAE,gBAAgB;gBAC9B,SAAS,EAAE,IAAI,CAAC,KAAK;gBACrB,SAAS,EAAE,QAAQ;gBACnB,cAAc,KAAK,EAAE;gBACrB,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;aACzB,CAAC;YAEF,yBAAyB;YACzB,IAAI,QAAQ,EAAE,CAAC;gBACb,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC9C,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAC/B,CAAC;YACH,CAAC;YAED,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACzB,CAAC;IACH,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,GAAW;QACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAEhD,IAAI,CAAC;YACH,IAAI,CAAC,KAAK,CAAC;gBACT,MAAM,EAAE,QAAQ,EAAE,QAAQ;gBAC1B,SAAS,EAAE,IAAI,CAAC,KAAK;aACtB,CAAC,CAAC;YACH,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBAClE,OAAO,KAAK,CAAC;YACf,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,OAAgB;QACzB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG;gBACf,MAAM,EAAE,MAAM;gBACd,SAAS,EAAE,IAAI,CAAC,KAAK;gBACrB,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,WAAW,IAAI,OAAO,EAAE,CAAC,CAAC,CAAC,WAAW;gBAC7D,UAAU,EAAE,MAAM;aACnB,CAAC;YAEF,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YACpC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAA6B,CAAC;YAE7D,MAAM,WAAW,GAA4C,EAAE,CAAC;YAEhE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAC9C,IAAI,MAAM,EAAE,CAAC;oBACX,IAAI,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO,KAAK,OAAO,EAAE,CAAC;wBAC3C,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;oBAC3B,CAAC;gBACH,CAAC;YACH,CAAC;YAED,OAAO,WAAW,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,4BAA4B;YAC5B,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBAClE,OAAO,EAAE,CAAC;YACZ,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,GAAW;QACvC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC3C,OAAO,KAAK,KAAK,IAAI,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,WAAW;QAChB,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;YACtE,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC7B,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,EAAE,CAAC,SAAS,EAAE,KAAK,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;YACjF,OAAO,aAAa,CAAC,MAAM,KAAK,CAAC,CAAC;QACpC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF;AAED,MAAM,UAAU,sBAAsB,CAAC,OAAiC;IACtE,OAAO,IAAI,gBAAgB,CAAC,OAAO,CAAC,CAAC;AACvC,CAAC"}
package/dist/credentials/backends/vault.d.ts ADDED
@@ -0,0 +1,56 @@
1
+ /**
2
+ * HashiCorp Vault credential backend using KV v2 API
3
+ * Requires: Vault server accessible and valid token
4
+ */
5
+ import type { CredentialStore } from '../store.js';
6
+ export interface VaultStoreOptions {
7
+ address: string;
8
+ token?: string;
9
+ namespace?: string;
10
+ mountPath?: string;
11
+ }
12
+ export declare class VaultStore implements CredentialStore {
13
+ private address;
14
+ private token;
15
+ private namespace?;
16
+ private mountPath;
17
+ constructor(options: VaultStoreOptions);
18
+ private getPath;
19
+ private getHeaders;
20
+ private request;
21
+ /**
22
+ * KV v2 uses data/ prefix for read/write and metadata/ prefix for metadata
23
+ */
24
+ private getDataPath;
25
+ private getMetadataPath;
26
+ private getListPath;
27
+ get(service: string, key: string): Promise<string | null>;
28
+ set(service: string, key: string, value: string, metadata?: Record<string, string>): Promise<void>;
29
+ delete(service: string, key: string): Promise<boolean>;
30
+ list(service?: string): Promise<Array<{
31
+ service: string;
32
+ key: string;
33
+ }>>;
34
+ exists(service: string, key: string): Promise<boolean>;
35
+ /**
36
+ * Get the Vault address being used
37
+ */
38
+ getAddress(): string;
39
+ /**
40
+ * Get the mount path being used
41
+ */
42
+ getMountPath(): string;
43
+ /**
44
+ * Check if Vault is reachable and token is valid
45
+ */
46
+ healthCheck(): Promise<{
47
+ healthy: boolean;
48
+ error?: string;
49
+ }>;
50
+ /**
51
+ * Check if Vault is available with given options
52
+ */
53
+ static isAvailable(options: VaultStoreOptions): Promise<boolean>;
54
+ }
55
+ export declare function createVaultStore(options: VaultStoreOptions): VaultStore;
56
+ //# sourceMappingURL=vault.d.ts.map
package/dist/credentials/backends/vault.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"vault.d.ts","sourceRoot":"","sources":["../../../src/credentials/backends/vault.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEnD,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAKD,qBAAa,UAAW,YAAW,eAAe;IAChD,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,SAAS,CAAC,CAAS;IAC3B,OAAO,CAAC,SAAS,CAAS;gBAEd,OAAO,EAAE,iBAAiB;IAetC,OAAO,CAAC,OAAO;IAIf,OAAO,CAAC,UAAU;YAaJ,OAAO;IA+BrB;;OAEG;IACH,OAAO,CAAC,WAAW;IAInB,OAAO,CAAC,eAAe;IAIvB,OAAO,CAAC,WAAW;IAOb,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAmBzD,GAAG,CACP,OAAO,EAAE,MAAM,EACf,GAAG,EAAE,MAAM,EACX,KAAK,EAAE,MAAM,EACb,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAChC,OAAO,CAAC,IAAI,CAAC;IAiBV,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAatD,IAAI,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IA0CxE,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAK5D;;OAEG;IACH,UAAU,IAAI,MAAM;IAIpB;;OAEG;IACH,YAAY,IAAI,MAAM;IAItB;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAiBlE;;OAEG;WACU,WAAW,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,OAAO,CAAC;CASvE;AAED,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,iBAAiB,GAAG,UAAU,CAEvE"}
package/dist/credentials/backends/vault.js ADDED
@@ -0,0 +1,206 @@
1
+ /**
2
+ * HashiCorp Vault credential backend using KV v2 API
3
+ * Requires: Vault server accessible and valid token
4
+ */
5
+ const DEFAULT_MOUNT_PATH = 'secret';
6
+ const AQUAMAN_PATH_PREFIX = 'aquaman';
7
+ export class VaultStore {
8
+ address;
9
+ token;
10
+ namespace;
11
+ mountPath;
12
+ constructor(options) {
13
+ this.address = options.address.replace(/\/$/, ''); // Remove trailing slash
14
+ this.token = options.token || process.env['VAULT_TOKEN'] || '';
15
+ this.namespace = options.namespace || process.env['VAULT_NAMESPACE'];
16
+ this.mountPath = options.mountPath || DEFAULT_MOUNT_PATH;
17
+ if (!this.token) {
18
+ throw new Error('Vault token required. Provide via options.token or VAULT_TOKEN env var.');
19
+ }
20
+ if (!this.address) {
21
+ throw new Error('Vault address required. Provide via options.address or VAULT_ADDR env var.');
22
+ }
23
+ }
24
+ getPath(service, key) {
25
+ return `${AQUAMAN_PATH_PREFIX}/${service}/${key}`;
26
+ }
27
+ getHeaders() {
28
+ const headers = {
29
+ 'X-Vault-Token': this.token,
30
+ 'Content-Type': 'application/json'
31
+ };
32
+ if (this.namespace) {
33
+ headers['X-Vault-Namespace'] = this.namespace;
34
+ }
35
+ return headers;
36
+ }
37
+ async request(method, path, body) {
38
+ const url = `${this.address}/v1/${path}`;
39
+ const headers = this.getHeaders();
40
+ const response = await fetch(url, {
41
+ method,
42
+ headers,
43
+ body: body ? JSON.stringify(body) : undefined
44
+ });
45
+ if (response.status === 404) {
46
+ return { status: 404 };
47
+ }
48
+ if (!response.ok && response.status !== 204) {
49
+ const errorText = await response.text();
50
+ throw new Error(`Vault API error (${response.status}): ${errorText}`);
51
+ }
52
+ if (response.status === 204) {
53
+ return { status: 204 };
54
+ }
55
+ const data = await response.json();
56
+ return { data: data.data, status: response.status };
57
+ }
58
+ /**
59
+ * KV v2 uses data/ prefix for read/write and metadata/ prefix for metadata
60
+ */
61
+ getDataPath(service, key) {
62
+ return `${this.mountPath}/data/${this.getPath(service, key)}`;
63
+ }
64
+ getMetadataPath(service, key) {
65
+ return `${this.mountPath}/metadata/${this.getPath(service, key)}`;
66
+ }
67
+ getListPath(service) {
68
+ if (service) {
69
+ return `${this.mountPath}/metadata/${AQUAMAN_PATH_PREFIX}/${service}`;
70
+ }
71
+ return `${this.mountPath}/metadata/${AQUAMAN_PATH_PREFIX}`;
72
+ }
73
+ async get(service, key) {
74
+ try {
75
+ const result = await this.request('GET', this.getDataPath(service, key));
76
+ if (result.status === 404) {
77
+ return null;
78
+ }
79
+ // KV v2 wraps data in another data object
80
+ const kvData = result.data;
81
+ return kvData?.data?.credential || null;
82
+ }
83
+ catch (error) {
84
+ if (error instanceof Error && error.message.includes('404')) {
85
+ return null;
86
+ }
87
+ throw error;
88
+ }
89
+ }
90
+ async set(service, key, value, metadata) {
91
+ const data = {
92
+ credential: value
93
+ };
94
+ // Add metadata to the secret data (Vault stores metadata separately but we can include it in data too)
95
+ if (metadata) {
96
+ for (const [k, v] of Object.entries(metadata)) {
97
+ data[`meta_${k}`] = v;
98
+ }
99
+ }
100
+ await this.request('POST', this.getDataPath(service, key), {
101
+ data
102
+ });
103
+ }
104
+ async delete(service, key) {
105
+ try {
106
+ // For KV v2, we need to delete the metadata to fully remove the secret
107
+ const result = await this.request('DELETE', this.getMetadataPath(service, key));
108
+ return result.status === 204 || result.status === 200;
109
+ }
110
+ catch (error) {
111
+ if (error instanceof Error && error.message.includes('404')) {
112
+ return false;
113
+ }
114
+ throw error;
115
+ }
116
+ }
117
+ async list(service) {
118
+ const credentials = [];
119
+ try {
120
+ if (service) {
121
+ // List keys for a specific service
122
+ const result = await this.request('LIST', this.getListPath(service));
123
+ if (result.status === 404) {
124
+ return [];
125
+ }
126
+ const keys = result.data?.keys || [];
127
+ for (const key of keys) {
128
+ // Remove trailing slash if present (indicates directory)
129
+ const cleanKey = key.replace(/\/$/, '');
130
+ credentials.push({ service, key: cleanKey });
131
+ }
132
+ }
133
+ else {
134
+ // List all services first, then keys for each
135
+ const servicesResult = await this.request('LIST', this.getListPath());
136
+ if (servicesResult.status === 404) {
137
+ return [];
138
+ }
139
+ const services = servicesResult.data?.keys || [];
140
+ for (const svc of services) {
141
+ const cleanService = svc.replace(/\/$/, '');
142
+ const serviceCredentials = await this.list(cleanService);
143
+ credentials.push(...serviceCredentials);
144
+ }
145
+ }
146
+ return credentials;
147
+ }
148
+ catch (error) {
149
+ if (error instanceof Error && error.message.includes('404')) {
150
+ return [];
151
+ }
152
+ throw error;
153
+ }
154
+ }
155
+ async exists(service, key) {
156
+ const value = await this.get(service, key);
157
+ return value !== null;
158
+ }
159
+ /**
160
+ * Get the Vault address being used
161
+ */
162
+ getAddress() {
163
+ return this.address;
164
+ }
165
+ /**
166
+ * Get the mount path being used
167
+ */
168
+ getMountPath() {
169
+ return this.mountPath;
170
+ }
171
+ /**
172
+ * Check if Vault is reachable and token is valid
173
+ */
174
+ async healthCheck() {
175
+ try {
176
+ // Check token validity by looking up self
177
+ const response = await fetch(`${this.address}/v1/auth/token/lookup-self`, {
178
+ headers: this.getHeaders()
179
+ });
180
+ if (response.ok) {
181
+ return { healthy: true };
182
+ }
183
+ return { healthy: false, error: `Token lookup failed: ${response.status}` };
184
+ }
185
+ catch (error) {
186
+ return { healthy: false, error: `Connection failed: ${error}` };
187
+ }
188
+ }
189
+ /**
190
+ * Check if Vault is available with given options
191
+ */
192
+ static async isAvailable(options) {
193
+ try {
194
+ const store = new VaultStore(options);
195
+ const health = await store.healthCheck();
196
+ return health.healthy;
197
+ }
198
+ catch {
199
+ return false;
200
+ }
201
+ }
202
+ }
203
+ export function createVaultStore(options) {
204
+ return new VaultStore(options);
205
+ }
206
+ //# sourceMappingURL=vault.js.map
package/dist/credentials/backends/vault.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"vault.js","sourceRoot":"","sources":["../../../src/credentials/backends/vault.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAWH,MAAM,kBAAkB,GAAG,QAAQ,CAAC;AACpC,MAAM,mBAAmB,GAAG,SAAS,CAAC;AAEtC,MAAM,OAAO,UAAU;IACb,OAAO,CAAS;IAChB,KAAK,CAAS;IACd,SAAS,CAAU;IACnB,SAAS,CAAS;IAE1B,YAAY,OAA0B;QACpC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,wBAAwB;QAC3E,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;QAC/D,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QACrE,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,kBAAkB,CAAC;QAEzD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;QAC7F,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CAAC,4EAA4E,CAAC,CAAC;QAChG,CAAC;IACH,CAAC;IAEO,OAAO,CAAC,OAAe,EAAE,GAAW;QAC1C,OAAO,GAAG,mBAAmB,IAAI,OAAO,IAAI,GAAG,EAAE,CAAC;IACpD,CAAC;IAEO,UAAU;QAChB,MAAM,OAAO,GAA2B;YACtC,eAAe,EAAE,IAAI,CAAC,KAAK;YAC3B,cAAc,EAAE,kBAAkB;SACnC,CAAC;QAEF,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,OAAO,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC;QAChD,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,KAAK,CAAC,OAAO,CACnB,MAAc,EACd,IAAY,EACZ,IAA8B;QAE9B,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,OAAO,IAAI,EAAE,CAAC;QACzC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAElC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM;YACN,OAAO;YACP,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;SAC9C,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;QACzB,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5C,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACxC,MAAM,IAAI,KAAK,CAAC,oBAAoB,QAAQ,CAAC,MAAM,MAAM,SAAS,EAAE,CAAC,CAAC;QACxE,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;QACzB,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAwC,CAAC;QACzE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC;IACtD,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,OAAe,EAAE,GAAW;QAC9C,OAAO,GAAG,IAAI,CAAC,SAAS,SAAS,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC;IAChE,CAAC;IAEO,eAAe,CAAC,OAAe,EAAE,GAAW;QAClD,OAAO,GAAG,IAAI,CAAC,SAAS,aAAa,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC;IACpE,CAAC;IAEO,WAAW,CAAC,OAAgB;QAClC,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,GAAG,IAAI,CAAC,SAAS,aAAa,mBAAmB,IAAI,OAAO,EAAE,CAAC;QACxE,CAAC;QACD,OAAO,GAAG,IAAI,CAAC,SAAS,aAAa,mBAAmB,EAAE,CAAC;IAC7D,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,OAAe,EAAE,GAAW;QACpC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;YAEzE,IAAI,MAAM,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC;YACd,CAAC;YAED,0CAA0C;YAC1C,MAAM,MAAM,GAAG,MAAM,CAAC,IAAyC,CAAC;YAChE,OAAO,MAAM,EAAE,IAAI,EAAE,UAAU,IAAI,IAAI,CAAC;QAC1C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC5D,OAAO,IAAI,CAAC;YACd,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,GAAG,CACP,OAAe,EACf,GAAW,EACX,KAAa,EACb,QAAiC;QAEjC,MAAM,IAAI,GAA2B;YACnC,UAAU,EAAE,KAAK;SAClB,CAAC;QAEF,uGAAuG;QACvG,IAAI,QAAQ,EAAE,CAAC;YACb,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC9C,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;QAED,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE;YACzD,IAAI;SACL,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,GAAW;QACvC,IAAI,CAAC;YACH,uEAAuE;YACvE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;YAChF,OAAO,MAAM,CAAC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,MAAM,KAAK,GAAG,CAAC;QACxD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC5D,OAAO,KAAK,CAAC;YACf,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,OAAgB;QACzB,MAAM,WAAW,GAA4C,EAAE,CAAC;QAEhE,IAAI,CAAC;YACH,IAAI,OAAO,EAAE,CAAC;gBACZ,mCAAmC;gBACnC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC;gBACrE,IAAI,MAAM,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBAC1B,OAAO,EAAE,CAAC;gBACZ,CAAC;gBAED,MAAM,IAAI,GAAI,MAAM,CAAC,IAA4B,EAAE,IAAI,IAAI,EAAE,CAAC;gBAC9D,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;oBACvB,yDAAyD;oBACzD,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;oBACxC,WAAW,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,CAAC;gBAC/C,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,8CAA8C;gBAC9C,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;gBACtE,IAAI,cAAc,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBAClC,OAAO,EAAE,CAAC;gBACZ,CAAC;gBAED,MAAM,QAAQ,GAAI,cAAc,CAAC,IAA4B,EAAE,IAAI,IAAI,EAAE,CAAC;gBAE1E,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;oBAC3B,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;oBAC5C,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;oBACzD,WAAW,CAAC,IAAI,CAAC,GAAG,kBAAkB,CAAC,CAAC;gBAC1C,CAAC;YACH,CAAC;YAED,OAAO,WAAW,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC5D,OAAO,EAAE,CAAC;YACZ,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,GAAW;QACvC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC3C,OAAO,KAAK,KAAK,IAAI,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,UAAU;QACR,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,YAAY;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW;QACf,IAAI,CAAC;YACH,0CAA0C;YAC1C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,4BAA4B,EAAE;gBACxE,OAAO,EAAE,IAAI,CAAC,UAAU,EAAE;aAC3B,CAAC,CAAC;YAEH,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;gBAChB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YAC3B,CAAC;YAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,wBAAwB,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;QAC9E,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,sBAAsB,KAAK,EAAE,EAAE,CAAC;QAClE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,OAA0B;QACjD,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;YACtC,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,CAAC;YACzC,OAAO,MAAM,CAAC,OAAO,CAAC;QACxB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF;AAED,MAAM,UAAU,gBAAgB,CAAC,OAA0B;IACzD,OAAO,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;AACjC,CAAC"}
package/dist/credentials/index.d.ts ADDED
@@ -0,0 +1,7 @@
1
+ /**
2
+ * Credential storage module
3
+ */
4
+ export { type Credential, type CredentialStore, type CredentialStoreOptions, KeychainStore, EncryptedFileStore, MemoryStore, createCredentialStore } from './store.js';
5
+ export { type OnePasswordStoreOptions, OnePasswordStore, createOnePasswordStore } from './backends/onepassword.js';
6
+ export { type VaultStoreOptions, VaultStore, createVaultStore } from './backends/vault.js';
7
+ //# sourceMappingURL=index.d.ts.map
package/dist/credentials/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/credentials/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EACL,KAAK,UAAU,EACf,KAAK,eAAe,EACpB,KAAK,sBAAsB,EAC3B,aAAa,EACb,kBAAkB,EAClB,WAAW,EACX,qBAAqB,EACtB,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,KAAK,uBAAuB,EAC5B,gBAAgB,EAChB,sBAAsB,EACvB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EACL,KAAK,iBAAiB,EACtB,UAAU,EACV,gBAAgB,EACjB,MAAM,qBAAqB,CAAC"}
package/dist/credentials/index.js ADDED
@@ -0,0 +1,7 @@
1
+ /**
2
+ * Credential storage module
3
+ */
4
+ export { KeychainStore, EncryptedFileStore, MemoryStore, createCredentialStore } from './store.js';
5
+ export { OnePasswordStore, createOnePasswordStore } from './backends/onepassword.js';
6
+ export { VaultStore, createVaultStore } from './backends/vault.js';
7
+ //# sourceMappingURL=index.js.map
package/dist/credentials/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/credentials/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAIL,aAAa,EACb,kBAAkB,EAClB,WAAW,EACX,qBAAqB,EACtB,MAAM,YAAY,CAAC;AAEpB,OAAO,EAEL,gBAAgB,EAChB,sBAAsB,EACvB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAEL,UAAU,EACV,gBAAgB,EACjB,MAAM,qBAAqB,CAAC"}
package/dist/credentials/store.d.ts ADDED
@@ -0,0 +1,88 @@
1
+ /**
2
+ * Credential storage interface with multiple backend support
3
+ * Supports: macOS Keychain, 1Password, HashiCorp Vault, encrypted file
4
+ */
5
+ import type { CredentialBackend } from '../types.js';
6
+ export interface Credential {
7
+ service: string;
8
+ key: string;
9
+ value: string;
10
+ metadata?: Record<string, string>;
11
+ createdAt: Date;
12
+ lastUsed?: Date;
13
+ rotateAfter?: Date;
14
+ }
15
+ export interface CredentialStore {
16
+ get(service: string, key: string): Promise<string | null>;
17
+ set(service: string, key: string, value: string, metadata?: Record<string, string>): Promise<void>;
18
+ delete(service: string, key: string): Promise<boolean>;
19
+ list(service?: string): Promise<Array<{
20
+ service: string;
21
+ key: string;
22
+ }>>;
23
+ exists(service: string, key: string): Promise<boolean>;
24
+ }
25
+ export interface CredentialStoreOptions {
26
+ backend: CredentialBackend;
27
+ encryptionPassword?: string;
28
+ vaultAddress?: string;
29
+ vaultToken?: string;
30
+ vaultNamespace?: string;
31
+ vaultMountPath?: string;
32
+ onePasswordVault?: string;
33
+ onePasswordAccount?: string;
34
+ }
35
+ /**
36
+ * macOS Keychain backend using the keytar library
37
+ */
38
+ export declare class KeychainStore implements CredentialStore {
39
+ private keytar;
40
+ private serviceName;
41
+ private getKeytar;
42
+ get(service: string, key: string): Promise<string | null>;
43
+ set(service: string, key: string, value: string): Promise<void>;
44
+ delete(service: string, key: string): Promise<boolean>;
45
+ list(): Promise<Array<{
46
+ service: string;
47
+ key: string;
48
+ }>>;
49
+ exists(service: string, key: string): Promise<boolean>;
50
+ }
51
+ /**
52
+ * Encrypted file backend - fallback option
53
+ */
54
+ export declare class EncryptedFileStore implements CredentialStore {
55
+ private filePath;
56
+ private password;
57
+ private cache;
58
+ constructor(password: string, filePath?: string);
59
+ private getKey;
60
+ private load;
61
+ private save;
62
+ get(service: string, key: string): Promise<string | null>;
63
+ set(service: string, key: string, value: string, metadata?: Record<string, string>): Promise<void>;
64
+ delete(service: string, key: string): Promise<boolean>;
65
+ list(service?: string): Promise<Array<{
66
+ service: string;
67
+ key: string;
68
+ }>>;
69
+ exists(service: string, key: string): Promise<boolean>;
70
+ }
71
+ /**
72
+ * In-memory store for testing
73
+ */
74
+ export declare class MemoryStore implements CredentialStore {
75
+ private store;
76
+ private getKey;
77
+ get(service: string, key: string): Promise<string | null>;
78
+ set(service: string, key: string, value: string, metadata?: Record<string, string>): Promise<void>;
79
+ delete(service: string, key: string): Promise<boolean>;
80
+ list(service?: string): Promise<Array<{
81
+ service: string;
82
+ key: string;
83
+ }>>;
84
+ exists(service: string, key: string): Promise<boolean>;
85
+ clear(): void;
86
+ }
87
+ export declare function createCredentialStore(options: CredentialStoreOptions): CredentialStore;
88
+ //# sourceMappingURL=store.d.ts.map
package/dist/credentials/store.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"store.d.ts","sourceRoot":"","sources":["../../src/credentials/store.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAErD,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAClC,SAAS,EAAE,IAAI,CAAC;IAChB,QAAQ,CAAC,EAAE,IAAI,CAAC;IAChB,WAAW,CAAC,EAAE,IAAI,CAAC;CACpB;AAED,MAAM,WAAW,eAAe;IAC9B,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAC1D,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACnG,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACvD,IAAI,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC,CAAC;IACzE,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CACxD;AAED,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,iBAAiB,CAAC;IAC3B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED;;GAEG;AACH,qBAAa,aAAc,YAAW,eAAe;IACnD,OAAO,CAAC,MAAM,CAAa;IAC3B,OAAO,CAAC,WAAW,CAAa;YAElB,SAAS;IAYjB,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAMzD,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAM/D,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAMtD,IAAI,IAAI,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IASxD,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAI7D;AAED;;GAEG;AACH,qBAAa,kBAAmB,YAAW,eAAe;IACxD,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,KAAK,CAAwC;gBAEzC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM;IAK/C,OAAO,CAAC,MAAM;YAIA,IAAI;YAsBJ,IAAI;IAmBZ,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAMzD,GAAG,CACP,OAAO,EAAE,MAAM,EACf,GAAG,EAAE,MAAM,EACX,KAAK,EAAE,MAAM,EACb,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAChC,OAAO,CAAC,IAAI,CAAC;IAaV,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAStD,IAAI,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAaxE,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAI7D;AAED;;GAEG;AACH,qBAAa,WAAY,YAAW,eAAe;IACjD,OAAO,CAAC,KAAK,CAAiC;IAE9C,OAAO,CAAC,MAAM;IAIR,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAIzD,GAAG,CACP,OAAO,EAAE,MAAM,EACf,GAAG,EAAE,MAAM,EACX,KAAK,EAAE,MAAM,EACb,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAChC,OAAO,CAAC,IAAI,CAAC;IAUV,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAItD,IAAI,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAUxE,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAI5D,KAAK,IAAI,IAAI;CAGd;AAED,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,sBAAsB,GAAG,eAAe,CA2CtF"}
package/dist/credentials/store.js ADDED
@@ -0,0 +1,221 @@
1
+ /**
2
+ * Credential storage interface with multiple backend support
3
+ * Supports: macOS Keychain, 1Password, HashiCorp Vault, encrypted file
4
+ */
5
+ import * as fs from 'node:fs';
6
+ import * as path from 'node:path';
7
+ import * as os from 'node:os';
8
+ import { encryptWithPassword, decryptWithPassword } from '../utils/hash.js';
9
+ /**
10
+ * macOS Keychain backend using the keytar library
11
+ */
12
+ export class KeychainStore {
13
+ keytar = null;
14
+ serviceName = 'aquaman';
15
+ async getKeytar() {
16
+ if (!this.keytar) {
17
+ try {
18
+ const mod = await import('keytar');
19
+ this.keytar = mod.default || mod;
20
+ }
21
+ catch {
22
+ throw new Error('keytar not available - install with: npm install keytar');
23
+ }
24
+ }
25
+ return this.keytar;
26
+ }
27
+ async get(service, key) {
28
+ const keytar = await this.getKeytar();
29
+ const account = `${service}:${key}`;
30
+ return keytar.getPassword(this.serviceName, account);
31
+ }
32
+ async set(service, key, value) {
33
+ const keytar = await this.getKeytar();
34
+ const account = `${service}:${key}`;
35
+ await keytar.setPassword(this.serviceName, account, value);
36
+ }
37
+ async delete(service, key) {
38
+ const keytar = await this.getKeytar();
39
+ const account = `${service}:${key}`;
40
+ return keytar.deletePassword(this.serviceName, account);
41
+ }
42
+ async list() {
43
+ const keytar = await this.getKeytar();
44
+ const credentials = await keytar.findCredentials(this.serviceName);
45
+ return credentials.map(cred => {
46
+ const [service, key] = cred.account.split(':');
47
+ return { service: service || cred.account, key: key || '' };
48
+ });
49
+ }
50
+ async exists(service, key) {
51
+ const value = await this.get(service, key);
52
+ return value !== null;
53
+ }
54
+ }
55
+ /**
56
+ * Encrypted file backend - fallback option
57
+ */
58
+ export class EncryptedFileStore {
59
+ filePath;
60
+ password;
61
+ cache = null;
62
+ constructor(password, filePath) {
63
+ this.password = password;
64
+ this.filePath = filePath || path.join(os.homedir(), '.aquaman', 'credentials.enc');
65
+ }
66
+ getKey(service, key) {
67
+ return `${service}:${key}`;
68
+ }
69
+ async load() {
70
+ if (this.cache) {
71
+ return this.cache;
72
+ }
73
+ if (!fs.existsSync(this.filePath)) {
74
+ this.cache = new Map();
75
+ return this.cache;
76
+ }
77
+ try {
78
+ const encrypted = fs.readFileSync(this.filePath, 'utf-8');
79
+ const decrypted = decryptWithPassword(encrypted, this.password);
80
+ const data = JSON.parse(decrypted);
81
+ this.cache = new Map(Object.entries(data));
82
+ return this.cache;
83
+ }
84
+ catch {
85
+ throw new Error('Failed to decrypt credentials file - wrong password?');
86
+ }
87
+ }
88
+ async save() {
89
+ if (!this.cache)
90
+ return;
91
+ const data = {};
92
+ for (const [key, cred] of this.cache.entries()) {
93
+ data[key] = cred;
94
+ }
95
+ const json = JSON.stringify(data, null, 2);
96
+ const encrypted = encryptWithPassword(json, this.password);
97
+ const dir = path.dirname(this.filePath);
98
+ if (!fs.existsSync(dir)) {
99
+ fs.mkdirSync(dir, { recursive: true });
100
+ }
101
+ fs.writeFileSync(this.filePath, encrypted, { mode: 0o600 });
102
+ }
103
+ async get(service, key) {
104
+ const store = await this.load();
105
+ const cred = store.get(this.getKey(service, key));
106
+ return cred?.value ?? null;
107
+ }
108
+ async set(service, key, value, metadata) {
109
+ const store = await this.load();
110
+ const credential = {
111
+ service,
112
+ key,
113
+ value,
114
+ metadata,
115
+ createdAt: new Date()
116
+ };
117
+ store.set(this.getKey(service, key), credential);
118
+ await this.save();
119
+ }
120
+ async delete(service, key) {
121
+ const store = await this.load();
122
+ const deleted = store.delete(this.getKey(service, key));
123
+ if (deleted) {
124
+ await this.save();
125
+ }
126
+ return deleted;
127
+ }
128
+ async list(service) {
129
+ const store = await this.load();
130
+ const results = [];
131
+ for (const cred of store.values()) {
132
+ if (!service || cred.service === service) {
133
+ results.push({ service: cred.service, key: cred.key });
134
+ }
135
+ }
136
+ return results;
137
+ }
138
+ async exists(service, key) {
139
+ const store = await this.load();
140
+ return store.has(this.getKey(service, key));
141
+ }
142
+ }
143
+ /**
144
+ * In-memory store for testing
145
+ */
146
+ export class MemoryStore {
147
+ store = new Map();
148
+ getKey(service, key) {
149
+ return `${service}:${key}`;
150
+ }
151
+ async get(service, key) {
152
+ return this.store.get(this.getKey(service, key))?.value ?? null;
153
+ }
154
+ async set(service, key, value, metadata) {
155
+ this.store.set(this.getKey(service, key), {
156
+ service,
157
+ key,
158
+ value,
159
+ metadata,
160
+ createdAt: new Date()
161
+ });
162
+ }
163
+ async delete(service, key) {
164
+ return this.store.delete(this.getKey(service, key));
165
+ }
166
+ async list(service) {
167
+ const results = [];
168
+ for (const cred of this.store.values()) {
169
+ if (!service || cred.service === service) {
170
+ results.push({ service: cred.service, key: cred.key });
171
+ }
172
+ }
173
+ return results;
174
+ }
175
+ async exists(service, key) {
176
+ return this.store.has(this.getKey(service, key));
177
+ }
178
+ clear() {
179
+ this.store.clear();
180
+ }
181
+ }
182
+ export function createCredentialStore(options) {
183
+ switch (options.backend) {
184
+ case 'keychain':
185
+ return new KeychainStore();
186
+ case 'encrypted-file':
187
+ if (!options.encryptionPassword) {
188
+ throw new Error('encryptionPassword required for encrypted-file backend');
189
+ }
190
+ return new EncryptedFileStore(options.encryptionPassword);
191
+ case '1password': {
192
+ // Dynamically import to avoid loading if not used
193
+ const { OnePasswordStore } = require('./backends/onepassword.js');
194
+ return new OnePasswordStore({
195
+ vault: options.onePasswordVault,
196
+ account: options.onePasswordAccount
197
+ });
198
+ }
199
+ case 'vault': {
200
+ if (!options.vaultAddress) {
201
+ // Try env var
202
+ const envAddress = process.env['VAULT_ADDR'];
203
+ if (!envAddress) {
204
+ throw new Error('vaultAddress required for vault backend. Set via config or VAULT_ADDR env var.');
205
+ }
206
+ options.vaultAddress = envAddress;
207
+ }
208
+ // Dynamically import to avoid loading if not used
209
+ const { VaultStore } = require('./backends/vault.js');
210
+ return new VaultStore({
211
+ address: options.vaultAddress,
212
+ token: options.vaultToken,
213
+ namespace: options.vaultNamespace,
214
+ mountPath: options.vaultMountPath
215
+ });
216
+ }
217
+ default:
218
+ throw new Error(`Unknown credential backend: ${options.backend}`);
219
+ }
220
+ }
221
+ //# sourceMappingURL=store.js.map
package/dist/credentials/store.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"store.js","sourceRoot":"","sources":["../../src/credentials/store.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAkC5E;;GAEG;AACH,MAAM,OAAO,aAAa;IAChB,MAAM,GAAQ,IAAI,CAAC;IACnB,WAAW,GAAG,SAAS,CAAC;IAExB,KAAK,CAAC,SAAS;QACrB,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,IAAI,CAAC;gBACH,MAAM,GAAG,GAAQ,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;gBACxC,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC;YACnC,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;YAC7E,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,OAAe,EAAE,GAAW;QACpC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,GAAG,OAAO,IAAI,GAAG,EAAE,CAAC;QACpC,OAAO,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACvD,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,OAAe,EAAE,GAAW,EAAE,KAAa;QACnD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,GAAG,OAAO,IAAI,GAAG,EAAE,CAAC;QACpC,MAAM,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;IAC7D,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,GAAW;QACvC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,GAAG,OAAO,IAAI,GAAG,EAAE,CAAC;QACpC,OAAO,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IAC1D,CAAC;IAED,KAAK,CAAC,IAAI;QACR,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;QACtC,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACnE,OAAO,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;YAC5B,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC/C,OAAO,EAAE,OAAO,EAAE,OAAO,IAAI,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,EAAE,CAAC;QAC9D,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,GAAW;QACvC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC3C,OAAO,KAAK,KAAK,IAAI,CAAC;IACxB,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,kBAAkB;IACrB,QAAQ,CAAS;IACjB,QAAQ,CAAS;IACjB,KAAK,GAAmC,IAAI,CAAC;IAErD,YAAY,QAAgB,EAAE,QAAiB;QAC7C,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,QAAQ,GAAG,QAAQ,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,UAAU,EAAE,iBAAiB,CAAC,CAAC;IACrF,CAAC;IAEO,MAAM,CAAC,OAAe,EAAE,GAAW;QACzC,OAAO,GAAG,OAAO,IAAI,GAAG,EAAE,CAAC;IAC7B,CAAC;IAEO,KAAK,CAAC,IAAI;QAChB,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC,KAAK,CAAC;QACpB,CAAC;QAED,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAClC,IAAI,CAAC,KAAK,GAAG,IAAI,GAAG,EAAE,CAAC;YACvB,OAAO,IAAI,CAAC,KAAK,CAAC;QACpB,CAAC;QAED,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAC1D,MAAM,SAAS,GAAG,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;YAChE,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAA+B,CAAC;YAEjE,IAAI,CAAC,KAAK,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;YAC3C,OAAO,IAAI,CAAC,KAAK,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAC1E,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,IAAI;QAChB,IAAI,CAAC,IAAI,CAAC,KAAK;YAAE,OAAO;QAExB,MAAM,IAAI,GAA+B,EAAE,CAAC;QAC5C,KAAK,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC;YAC/C,IAAI,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;QACnB,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC3C,MAAM,SAAS,GAAG,mBAAmB,CAAC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;QAE3D,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACxC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACzC,CAAC;QAED,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,OAAe,EAAE,GAAW;QACpC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;QAClD,OAAO,IAAI,EAAE,KAAK,IAAI,IAAI,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,GAAG,CACP,OAAe,EACf,GAAW,EACX,KAAa,EACb,QAAiC;QAEjC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAChC,MAAM,UAAU,GAAe;YAC7B,OAAO;YACP,GAAG;YACH,KAAK;YACL,QAAQ;YACR,SAAS,EAAE,IAAI,IAAI,EAAE;SACtB,CAAC;QACF,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,UAAU,CAAC,CAAC;QACjD,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;IACpB,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,GAAW;QACvC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAChC,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;QACxD,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QACpB,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,OAAgB;QACzB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAChC,MAAM,OAAO,GAA4C,EAAE,CAAC;QAE5D,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;YAClC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,KAAK,OAAO,EAAE,CAAC;gBACzC,OAAO,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,GAAW;QACvC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAChC,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;IAC9C,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,WAAW;IACd,KAAK,GAAG,IAAI,GAAG,EAAsB,CAAC;IAEtC,MAAM,CAAC,OAAe,EAAE,GAAW;QACzC,OAAO,GAAG,OAAO,IAAI,GAAG,EAAE,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,OAAe,EAAE,GAAW;QACpC,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,EAAE,KAAK,IAAI,IAAI,CAAC;IAClE,CAAC;IAED,KAAK,CAAC,GAAG,CACP,OAAe,EACf,GAAW,EACX,KAAa,EACb,QAAiC;QAEjC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE;YACxC,OAAO;YACP,GAAG;YACH,KAAK;YACL,QAAQ;YACR,SAAS,EAAE,IAAI,IAAI,EAAE;SACtB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,GAAW;QACvC,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;IACtD,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,OAAgB;QACzB,MAAM,OAAO,GAA4C,EAAE,CAAC;QAC5D,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;YACvC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,KAAK,OAAO,EAAE,CAAC;gBACzC,OAAO,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,GAAW;QACvC,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;IACnD,CAAC;IAED,KAAK;QACH,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;CACF;AAED,MAAM,UAAU,qBAAqB,CAAC,OAA+B;IACnE,QAAQ,OAAO,CAAC,OAAO,EAAE,CAAC;QACxB,KAAK,UAAU;YACb,OAAO,IAAI,aAAa,EAAE,CAAC;QAE7B,KAAK,gBAAgB;YACnB,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE,CAAC;gBAChC,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;YAC5E,CAAC;YACD,OAAO,IAAI,kBAAkB,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAE5D,KAAK,WAAW,CAAC,CAAC,CAAC;YACjB,kDAAkD;YAClD,MAAM,EAAE,gBAAgB,EAAE,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAC;YAClE,OAAO,IAAI,gBAAgB,CAAC;gBAC1B,KAAK,EAAE,OAAO,CAAC,gBAAgB;gBAC/B,OAAO,EAAE,OAAO,CAAC,kBAAkB;aACpC,CAAC,CAAC;QACL,CAAC;QAED,KAAK,OAAO,CAAC,CAAC,CAAC;YACb,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;gBAC1B,cAAc;gBACd,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;gBAC7C,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,MAAM,IAAI,KAAK,CAAC,gFAAgF,CAAC,CAAC;gBACpG,CAAC;gBACD,OAAO,CAAC,YAAY,GAAG,UAAU,CAAC;YACpC,CAAC;YAED,kDAAkD;YAClD,MAAM,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAC;YACtD,OAAO,IAAI,UAAU,CAAC;gBACpB,OAAO,EAAE,OAAO,CAAC,YAAY;gBAC7B,KAAK,EAAE,OAAO,CAAC,UAAU;gBACzB,SAAS,EAAE,OAAO,CAAC,cAAc;gBACjC,SAAS,EAAE,OAAO,CAAC,cAAc;aAClC,CAAC,CAAC;QACL,CAAC;QAED;YACE,MAAM,IAAI,KAAK,CAAC,+BAA+B,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC;IACtE,CAAC;AACH,CAAC"}