npm - b23-lib - Versions diffs - 1.7.0 → 1.7.2 - Mend

b23-lib 1.7.0 → 1.7.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (127) hide show

package/dist/Auth/index.d.mts +130 -0
package/dist/Auth/index.d.ts +130 -0
package/dist/Auth/index.js +2 -0
package/dist/Auth/index.js.map +1 -0
package/dist/Auth/index.mjs +2 -0
package/dist/Auth/index.mjs.map +1 -0
package/dist/Classes/Address.d.mts +142 -0
package/dist/Classes/Address.d.ts +142 -0
package/dist/Classes/Address.js +2 -0
package/dist/Classes/Address.js.map +1 -0
package/dist/Classes/Address.mjs +2 -0
package/dist/Classes/Address.mjs.map +1 -0
package/dist/Classes/Base.d.mts +98 -0
package/dist/Classes/Base.d.ts +98 -0
package/dist/Classes/Base.js +2 -0
package/dist/Classes/Base.js.map +1 -0
package/dist/Classes/Base.mjs +2 -0
package/dist/Classes/Base.mjs.map +1 -0
package/dist/Classes/Cart.d.mts +68 -0
package/dist/Classes/Cart.d.ts +68 -0
package/dist/Classes/Cart.js +2 -0
package/dist/Classes/Cart.js.map +1 -0
package/dist/Classes/Cart.mjs +2 -0
package/dist/Classes/Cart.mjs.map +1 -0
package/dist/Classes/Common.d.mts +75 -0
package/dist/Classes/Common.d.ts +75 -0
package/dist/Classes/Common.js +2 -0
package/dist/Classes/Common.js.map +1 -0
package/dist/Classes/Common.mjs +2 -0
package/dist/Classes/Common.mjs.map +1 -0
package/dist/Classes/Coupon.d.mts +142 -0
package/dist/Classes/Coupon.d.ts +142 -0
package/dist/Classes/Coupon.js +2 -0
package/dist/Classes/Coupon.js.map +1 -0
package/dist/Classes/Coupon.mjs +2 -0
package/dist/Classes/Coupon.mjs.map +1 -0
package/dist/Classes/Customer.d.mts +97 -0
package/dist/Classes/Customer.d.ts +97 -0
package/dist/Classes/Customer.js +2 -0
package/dist/Classes/Customer.js.map +1 -0
package/dist/Classes/Customer.mjs +2 -0
package/dist/Classes/Customer.mjs.map +1 -0
package/dist/Classes/CustomerAddress.d.mts +71 -0
package/dist/Classes/CustomerAddress.d.ts +71 -0
package/dist/Classes/CustomerAddress.js +2 -0
package/dist/Classes/CustomerAddress.js.map +1 -0
package/dist/Classes/CustomerAddress.mjs +2 -0
package/dist/Classes/CustomerAddress.mjs.map +1 -0
package/dist/Classes/Enum.d.mts +34 -0
package/dist/Classes/Enum.d.ts +34 -0
package/dist/Classes/Enum.js +2 -0
package/dist/Classes/Enum.js.map +1 -0
package/dist/Classes/Enum.mjs +2 -0
package/dist/Classes/Enum.mjs.map +1 -0
package/dist/Classes/ImageInfo.d.mts +92 -0
package/dist/Classes/ImageInfo.d.ts +92 -0
package/dist/Classes/ImageInfo.js +2 -0
package/dist/Classes/ImageInfo.js.map +1 -0
package/dist/Classes/ImageInfo.mjs +2 -0
package/dist/Classes/ImageInfo.mjs.map +1 -0
package/dist/Classes/LineItem.d.mts +124 -0
package/dist/Classes/LineItem.d.ts +124 -0
package/dist/Classes/LineItem.js +2 -0
package/dist/Classes/LineItem.js.map +1 -0
package/dist/Classes/LineItem.mjs +2 -0
package/dist/Classes/LineItem.mjs.map +1 -0
package/dist/Classes/Order.d.mts +83 -0
package/dist/Classes/Order.d.ts +83 -0
package/dist/Classes/Order.js +2 -0
package/dist/Classes/Order.js.map +1 -0
package/dist/Classes/Order.mjs +2 -0
package/dist/Classes/Order.mjs.map +1 -0
package/dist/Classes/Payment.d.mts +161 -0
package/dist/Classes/Payment.d.ts +161 -0
package/dist/Classes/Payment.js +2 -0
package/dist/Classes/Payment.js.map +1 -0
package/dist/Classes/Payment.mjs +2 -0
package/dist/Classes/Payment.mjs.map +1 -0
package/dist/Classes/Price.d.mts +70 -0
package/dist/Classes/Price.d.ts +70 -0
package/dist/Classes/Price.js +2 -0
package/dist/Classes/Price.js.map +1 -0
package/dist/Classes/Price.mjs +2 -0
package/dist/Classes/Price.mjs.map +1 -0
package/dist/Classes/Product.d.mts +209 -0
package/dist/Classes/Product.d.ts +209 -0
package/dist/Classes/Product.js +2 -0
package/dist/Classes/Product.js.map +1 -0
package/dist/Classes/Product.mjs +2 -0
package/dist/Classes/Product.mjs.map +1 -0
package/dist/Classes/ShoppingContainer.d.mts +194 -0
package/dist/Classes/ShoppingContainer.d.ts +194 -0
package/dist/Classes/ShoppingContainer.js +2 -0
package/dist/Classes/ShoppingContainer.js.map +1 -0
package/dist/Classes/ShoppingContainer.mjs +2 -0
package/dist/Classes/ShoppingContainer.mjs.map +1 -0
package/dist/Dynamodb/index.d.mts +58 -0
package/dist/Dynamodb/index.d.ts +58 -0
package/dist/Dynamodb/index.js +2 -0
package/dist/Dynamodb/index.js.map +1 -0
package/dist/Dynamodb/index.mjs +2 -0
package/dist/Dynamodb/index.mjs.map +1 -0
package/dist/chunk-4H4LJ3UL.mjs +2 -0
package/dist/chunk-4H4LJ3UL.mjs.map +1 -0
package/dist/chunk-65X54TKF.mjs +2 -0
package/dist/chunk-65X54TKF.mjs.map +1 -0
package/dist/chunk-763MN5XV.mjs +2 -0
package/dist/chunk-763MN5XV.mjs.map +1 -0
package/dist/chunk-CWKGR4AF.mjs +2 -0
package/dist/chunk-CWKGR4AF.mjs.map +1 -0
package/dist/chunk-DKI6BDWK.mjs +2 -0
package/dist/chunk-DKI6BDWK.mjs.map +1 -0
package/dist/chunk-SPLTJRHG.mjs +2 -0
package/dist/chunk-SPLTJRHG.mjs.map +1 -0
package/dist/chunk-T6IVHYQQ.mjs +2 -0
package/dist/chunk-T6IVHYQQ.mjs.map +1 -0
package/dist/chunk-T6YCHB3K.mjs +2 -0
package/dist/chunk-T6YCHB3K.mjs.map +1 -0
package/dist/chunk-WU6FFDBS.mjs +2 -0
package/dist/chunk-WU6FFDBS.mjs.map +1 -0
package/dist/index.d.mts +1 -624
package/dist/index.d.ts +1 -624
package/dist/index.js +2 -1
package/dist/index.js.map +1 -1
package/dist/index.mjs +2 -1
package/dist/index.mjs.map +1 -1
package/package.json +163 -1

package/dist/Auth/index.d.mts ADDED Viewed

@@ -0,0 +1,130 @@
+import * as jose from 'jose';
+type StringifiedJSONArray = string;
+interface AuthUtilityConfig {
+    maxTokenAge: string;
+    userPrivateKeys: StringifiedJSONArray;
+    userPublicKeys: StringifiedJSONArray;
+    anonymousPrivateKeys: StringifiedJSONArray;
+    anonymousPublicKeys: StringifiedJSONArray;
+    systemPrivateKeys: StringifiedJSONArray;
+    systemPublicKeys: StringifiedJSONArray;
+    adminPrivateKeys: StringifiedJSONArray;
+    adminPublicKeys: StringifiedJSONArray;
+}
+declare const DefaultAuthUtilityConfig: Readonly<AuthUtilityConfig>;
+type AuthTokenType = 'Anon' | 'User' | 'System' | 'Admin' | 'CDN';
+interface AuthMiddlewareConfig {
+    allowAnonymous: boolean;
+    allowSystem: boolean;
+    allowUser: boolean;
+    allowCDN: boolean;
+}
+declare const DefaultAuthMiddlewareConfig: Readonly<AuthMiddlewareConfig>;
+/**
+ * A utility class for JWT authentication and authorization.
+ */
+declare class AuthUtility {
+    private maxTokenAge;
+    private userPrivateKeys;
+    private userPublicKeys;
+    private anonymousPrivateKeys;
+    private anonymousPublicKeys;
+    private systemPrivateKeys;
+    private systemPublicKeys;
+    private adminPrivateKeys;
+    private adminPublicKeys;
+    /**
+     * Initializes the AuthUtility class with a configuration.
+     * @param config The configuration for the utility (optional).
+     */
+    constructor(config?: Partial<AuthUtilityConfig>);
+    /**
+     * Logs warnings if the number of keys exceeds recommended limits.
+     */
+    private logWarnings;
+    private createSignedJWT;
+    private verifySignedJWT;
+    /**
+     * Creates an anonymous token with the given ID and additional data.
+     *
+     * @param id - The unique identifier for the token. Must be a valid UUID.
+     * @param additionalData - Optional additional data to include in the token payload.
+     * @returns A promise that resolves to the signed JWT as a string.
+     * @throws Will throw an error if no anonymous private keys are found or if the ID is not a valid UUID.
+     */
+    createAnonymousToken(id: string, additionalData?: object): Promise<string>;
+    /**
+     * Verifies an anonymous token by checking its signature and payload type.
+     *
+     * @param token - The JWT token to be verified.
+     * @returns The payload of the verified token.
+     * @throws Will throw an error if no anonymous public keys are found or if the token type is invalid.
+     */
+    verifyAnonymousToken(token: string): Promise<jose.JWTPayload>;
+    /**
+     * Creates a signed JWT token for a user.
+     *
+     * @param id - The UUID of the user.
+     * @param additionalData - Optional additional data to include in the token payload.
+     * @returns A promise that resolves to the signed JWT token as a string.
+     * @throws Will throw an error if no user private keys are found or if the provided id is not a valid UUID.
+     */
+    createUserToken(id: string, additionalData?: object): Promise<string>;
+    /**
+     * Verifies the provided user token by checking its signature and payload.
+     *
+     * @param token - The JWT token to be verified.
+     * @returns The payload of the verified token if valid.
+     * @throws Will throw an error if no user public keys are found or if the token type is invalid.
+     */
+    verifyUserToken(token: string): Promise<jose.JWTPayload>;
+    /**
+     * Creates a signed JWT (JSON Web Token) for a system with the given ID and optional additional data.
+     *
+     * @param id - The unique identifier for the system.
+     * @param additionalData - Optional additional data to include in the token payload.
+     * @returns A promise that resolves to the signed JWT as a string.
+     * @throws Will throw an error if no system private keys are found.
+     */
+    createSystemToken(id: string, additionalData?: object): Promise<string>;
+    /**
+     * Verifies a system token by checking its signature and payload type.
+     *
+     * @param token - The JWT token to be verified.
+     * @returns The payload of the verified token.
+     * @throws Will throw an error if no system public keys are found or if the token type is not 'System'.
+     */
+    verifySystemToken(token: string): Promise<jose.JWTPayload>;
+    /**
+     * Creates a signed JWT token for an admin user.
+     *
+     * @param email - The email of the admin user.
+     * @param additionalData - Optional additional data to include in the token payload.
+     * @returns A promise that resolves to the signed JWT token string.
+     * @throws Will throw an error if no admin private keys are found or if the provided id is not a valid UUID.
+     */
+    createAdminToken(email: string, verifier: string, additionalData?: object): Promise<string>;
+    /**
+     * Verifies the provided admin token by checking its signature and payload.
+     * Ensures that the token is signed with one of the known admin public keys
+     * and that the payload type is 'Admin'.
+     *
+     * @param token - The JWT token to be verified.
+     * @param permissions - The permissions required for the admin user.
+     * @param authenticate - Whether to authenticate the token with the verifier.
+     * @returns The payload of the verified token.
+     * @throws Will throw an error if no admin public keys are found or if the token is invalid or if the admin doesn't have proper permissions.
+     */
+    verifyAdminToken(token: string, permissions: string[], authenticate: boolean): Promise<jose.JWTPayload>;
+    /**
+     * Middleware function to handle authentication based on different token types.
+     * It verifies the token and sets the authentication details in the response locals.
+     *
+     * @param {Partial<AuthMiddlewareConfig>} [config=DefaultAuthMiddlewareConfig] - Configuration object to customize the middleware behavior.
+     * @returns Middleware function to handle authentication.
+     */
+    AuthMiddleware(config?: Partial<AuthMiddlewareConfig>, permissions?: string[]): (req: any, res: any, next: any) => Promise<void>;
+}
+export { type AuthMiddlewareConfig, type AuthTokenType, type AuthUtilityConfig, DefaultAuthMiddlewareConfig, DefaultAuthUtilityConfig, AuthUtility as default };

package/dist/Auth/index.d.ts ADDED Viewed

@@ -0,0 +1,130 @@
+import * as jose from 'jose';
+type StringifiedJSONArray = string;
+interface AuthUtilityConfig {
+    maxTokenAge: string;
+    userPrivateKeys: StringifiedJSONArray;
+    userPublicKeys: StringifiedJSONArray;
+    anonymousPrivateKeys: StringifiedJSONArray;
+    anonymousPublicKeys: StringifiedJSONArray;
+    systemPrivateKeys: StringifiedJSONArray;
+    systemPublicKeys: StringifiedJSONArray;
+    adminPrivateKeys: StringifiedJSONArray;
+    adminPublicKeys: StringifiedJSONArray;
+}
+declare const DefaultAuthUtilityConfig: Readonly<AuthUtilityConfig>;
+type AuthTokenType = 'Anon' | 'User' | 'System' | 'Admin' | 'CDN';
+interface AuthMiddlewareConfig {
+    allowAnonymous: boolean;
+    allowSystem: boolean;
+    allowUser: boolean;
+    allowCDN: boolean;
+}
+declare const DefaultAuthMiddlewareConfig: Readonly<AuthMiddlewareConfig>;
+/**
+ * A utility class for JWT authentication and authorization.
+ */
+declare class AuthUtility {
+    private maxTokenAge;
+    private userPrivateKeys;
+    private userPublicKeys;
+    private anonymousPrivateKeys;
+    private anonymousPublicKeys;
+    private systemPrivateKeys;
+    private systemPublicKeys;
+    private adminPrivateKeys;
+    private adminPublicKeys;
+    /**
+     * Initializes the AuthUtility class with a configuration.
+     * @param config The configuration for the utility (optional).
+     */
+    constructor(config?: Partial<AuthUtilityConfig>);
+    /**
+     * Logs warnings if the number of keys exceeds recommended limits.
+     */
+    private logWarnings;
+    private createSignedJWT;
+    private verifySignedJWT;
+    /**
+     * Creates an anonymous token with the given ID and additional data.
+     *
+     * @param id - The unique identifier for the token. Must be a valid UUID.
+     * @param additionalData - Optional additional data to include in the token payload.
+     * @returns A promise that resolves to the signed JWT as a string.
+     * @throws Will throw an error if no anonymous private keys are found or if the ID is not a valid UUID.
+     */
+    createAnonymousToken(id: string, additionalData?: object): Promise<string>;
+    /**
+     * Verifies an anonymous token by checking its signature and payload type.
+     *
+     * @param token - The JWT token to be verified.
+     * @returns The payload of the verified token.
+     * @throws Will throw an error if no anonymous public keys are found or if the token type is invalid.
+     */
+    verifyAnonymousToken(token: string): Promise<jose.JWTPayload>;
+    /**
+     * Creates a signed JWT token for a user.
+     *
+     * @param id - The UUID of the user.
+     * @param additionalData - Optional additional data to include in the token payload.
+     * @returns A promise that resolves to the signed JWT token as a string.
+     * @throws Will throw an error if no user private keys are found or if the provided id is not a valid UUID.
+     */
+    createUserToken(id: string, additionalData?: object): Promise<string>;
+    /**
+     * Verifies the provided user token by checking its signature and payload.
+     *
+     * @param token - The JWT token to be verified.
+     * @returns The payload of the verified token if valid.
+     * @throws Will throw an error if no user public keys are found or if the token type is invalid.
+     */
+    verifyUserToken(token: string): Promise<jose.JWTPayload>;
+    /**
+     * Creates a signed JWT (JSON Web Token) for a system with the given ID and optional additional data.
+     *
+     * @param id - The unique identifier for the system.
+     * @param additionalData - Optional additional data to include in the token payload.
+     * @returns A promise that resolves to the signed JWT as a string.
+     * @throws Will throw an error if no system private keys are found.
+     */
+    createSystemToken(id: string, additionalData?: object): Promise<string>;
+    /**
+     * Verifies a system token by checking its signature and payload type.
+     *
+     * @param token - The JWT token to be verified.
+     * @returns The payload of the verified token.
+     * @throws Will throw an error if no system public keys are found or if the token type is not 'System'.
+     */
+    verifySystemToken(token: string): Promise<jose.JWTPayload>;
+    /**
+     * Creates a signed JWT token for an admin user.
+     *
+     * @param email - The email of the admin user.
+     * @param additionalData - Optional additional data to include in the token payload.
+     * @returns A promise that resolves to the signed JWT token string.
+     * @throws Will throw an error if no admin private keys are found or if the provided id is not a valid UUID.
+     */
+    createAdminToken(email: string, verifier: string, additionalData?: object): Promise<string>;
+    /**
+     * Verifies the provided admin token by checking its signature and payload.
+     * Ensures that the token is signed with one of the known admin public keys
+     * and that the payload type is 'Admin'.
+     *
+     * @param token - The JWT token to be verified.
+     * @param permissions - The permissions required for the admin user.
+     * @param authenticate - Whether to authenticate the token with the verifier.
+     * @returns The payload of the verified token.
+     * @throws Will throw an error if no admin public keys are found or if the token is invalid or if the admin doesn't have proper permissions.
+     */
+    verifyAdminToken(token: string, permissions: string[], authenticate: boolean): Promise<jose.JWTPayload>;
+    /**
+     * Middleware function to handle authentication based on different token types.
+     * It verifies the token and sets the authentication details in the response locals.
+     *
+     * @param {Partial<AuthMiddlewareConfig>} [config=DefaultAuthMiddlewareConfig] - Configuration object to customize the middleware behavior.
+     * @returns Middleware function to handle authentication.
+     */
+    AuthMiddleware(config?: Partial<AuthMiddlewareConfig>, permissions?: string[]): (req: any, res: any, next: any) => Promise<void>;
+}
+export { type AuthMiddlewareConfig, type AuthTokenType, type AuthUtilityConfig, DefaultAuthMiddlewareConfig, DefaultAuthUtilityConfig, AuthUtility as default };

package/dist/Auth/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ 'use strict';Object.defineProperty(exports,'__esModule',{value:true});var jose=require('jose'),V=require('util'),C=require('crypto'),y=require('assert');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}var V__default=/#__PURE__/_interopDefault(V);var C__default=/#__PURE__/_interopDefault(C);var y__default=/#__PURE__/_interopDefault(y);var i=Object.freeze({INVALID_UUID:"Invalid UUID",INVALID_EMAIL:"Invalid Email",INVALID_TOKEN:"Invalid Token",TOKEN_EXPIRED:"Token Expired",INVALID_VERIFIER:"Invalid Verifier",INVALID_PERMISSIONS:"Invalid Permissions",INVALID_AUTH_TYPE:"Invalid Authorization Type",USER_PRIVATE_KEY_NOT_FOUND:"User Private Key Not Found",USER_PUBLIC_KEY_NOT_FOUND:"User Public Key Not Found",ANONYMOUS_PRIVATE_KEY_NOT_FOUND:"Anonymous Private Key Not Found",ANONYMOUS_PUBLIC_KEY_NOT_FOUND:"Anonymous Public Key Not Found",SYSTEM_PRIVATE_KEY_NOT_FOUND:"System Private Key Not Found",SYSTEM_PUBLIC_KEY_NOT_FOUND:"System Public Key Not Found",ADMIN_PRIVATE_KEY_NOT_FOUND:"Admin Private Key Not Found",ADMIN_PUBLIC_KEY_NOT_FOUND:"Admin Public Key Not Found",SECRET_TOKEN_NOT_FOUND:"Secret Token Not Found",ANONYMOUS_SESSION_NOT_ALLOWED:"Anonymous Session Not Allowed",USER_SESSION_NOT_ALLOWED:"User Session Not Allowed",SYSTEM_SESSION_NOT_ALLOWED:"System Session Not Allowed",CDN_SESSION_NOT_ALLOWED:"CDN Session Not Allowed",INTERNAL_SERVER_ERROR:"Internal Server Error",SOMETHING_WENT_WRONG:"Something went wrong"});var E={logException:(t,e)=>{console.error(`Exception Occurred in Function: ${t}, Error: ${E.inspect(e)}`);},logError:(t,e)=>{console.error(`Error Occurred in Function: ${t}, Error: ${E.inspect(e)}`);},logWarning:(t,e)=>{console.warn(`Warning in Function: ${t} - ${E.inspect(e)}`);},logMessage:(t,e)=>{console.log(`Message in Function: ${t} - ${E.inspect(e)}`);},logInvalidPayload:(t,e)=>{console.error(`Invalid Payload received for Function: ${t}, Error: ${E.inspect(e)}`);},inspect:t=>typeof t=="string"?t:V__default.default.inspect(t)},m=E;var A=new Uint8Array(256),h=A.length;function I(){return h>A.length-16&&(C__default.default.randomFillSync(A),h=0),A.slice(h,h+=16)}var x=/^(?:[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}\|00000000-0000-0000-0000-000000000000)$/i;function Y(t){return typeof t=="string"&&x.test(t)}var D=Y;var l=[];for(let t=0;t<256;++t)l.push((t+256).toString(16).slice(1));function _(t,e=0){return l[t[e+0]]+l[t[e+1]]+l[t[e+2]]+l[t[e+3]]+"-"+l[t[e+4]]+l[t[e+5]]+"-"+l[t[e+6]]+l[t[e+7]]+"-"+l[t[e+8]]+l[t[e+9]]+"-"+l[t[e+10]]+l[t[e+11]]+l[t[e+12]]+l[t[e+13]]+l[t[e+14]]+l[t[e+15]]}function J(t){if(!D(t))throw TypeError("Invalid UUID");let e,r=new Uint8Array(16);return r[0]=(e=parseInt(t.slice(0,8),16))>>>24,r[1]=e>>>16&255,r[2]=e>>>8&255,r[3]=e&255,r[4]=(e=parseInt(t.slice(9,13),16))>>>8,r[5]=e&255,r[6]=(e=parseInt(t.slice(14,18),16))>>>8,r[7]=e&255,r[8]=(e=parseInt(t.slice(19,23),16))>>>8,r[9]=e&255,r[10]=(e=parseInt(t.slice(24,36),16))/1099511627776&255,r[11]=e/4294967296&255,r[12]=e>>>24&255,r[13]=e>>>16&255,r[14]=e>>>8&255,r[15]=e&255,r}var w=J;function W(t){t=unescape(encodeURIComponent(t));let e=[];for(let r=0;r<t.length;++r)e.push(t.charCodeAt(r));return e}var $="6ba7b810-9dad-11d1-80b4-00c04fd430c8",j="6ba7b811-9dad-11d1-80b4-00c04fd430c8";function P(t,e,r){function s(n,o,g,a){var p;if(typeof n=="string"&&(n=W(n)),typeof o=="string"&&(o=w(o)),((p=o)===null\|\|p===void 0?void 0:p.length)!==16)throw TypeError("Namespace must be array-like (16 iterable integer values, 0-255)");let u=new Uint8Array(16+n.length);if(u.set(o),u.set(n,o.length),u=r(u),u[6]=u[6]&15\|e,u[8]=u[8]&63\|128,g){a=a\|\|0;for(let d=0;d<16;++d)g[a+d]=u[d];return g}return _(u)}try{s.name=t;}catch{}return s.DNS=$,s.URL=j,s}var O={randomUUID:C__default.default.randomUUID};function H(t,e,r){if(O.randomUUID&&!e&&!t)return O.randomUUID();t=t\|\|{};let s=t.random\|\|(t.rng\|\|I)();if(s[6]=s[6]&15\|64,s[8]=s[8]&63\|128,e){r=r\|\|0;for(let n=0;n<16;++n)e[r+n]=s[n];return e}return _(s)}var K=H;function z(t){return Array.isArray(t)?t=Buffer.from(t):typeof t=="string"&&(t=Buffer.from(t,"utf8")),C__default.default.createHash("sha1").update(t).digest()}var R=z;var X=P("v5",80,R),U=X;var Z={isUUID:t=>/^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(t),isEmail:t=>/^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/.test(t),isURL:t=>/^(http\|https):\/\/[^ "]+$/.test(t),generateUUID:(t,e)=>e&&t?U(t,e):K(),generateSearchId:(t,e)=>`${t}#${e}`,getKeyfromSearchId:t=>{let[e,r]=t.split("#");return {key:e,variantId:r}}},S=Z;var q={handleException:(t,e,r)=>{e.knownError?(e.logError&&m.logError(t,e),r.status(e.status).json({status:e.status,error:e.error})):e.status&&e.error?(m.logException(t,e),r.status(e.status).json({...e.error,status:e.status})):(m.logException(t,e),r.status(500).json({status:500,error:i.INTERNAL_SERVER_ERROR}));},generateResponse:(t,e,r)=>({status:t,data:e,error:r}),generateError:(t,e,r=!0,s=!1)=>({status:t,error:e,knownError:r,logError:s})},f=q;var Q=async(t,e,r="GET",s={},n)=>{let o={method:r,headers:{"Content-Type":"application/json",...s}};r!=="GET"&&n&&(o.body=JSON.stringify(n));let g=`${t}${e?"/"+e:""}`;try{let a=await fetch(g,o);if(!a.ok){let u=await a.json().catch(()=>a.text());throw {status:a.status,statusText:a.statusText,error:u\|\|{status:a.status,error:a.statusText}}}let p=await a.json();return m.logMessage("Fetch",`API call successful: URL-${g}, Status- ${a.status}`),{status:a.status,statusText:a.statusText,data:p.data}}catch(a){throw m.logError("Fetch",`API call failed: URL-${g}, Status- ${a.status\|\|500}, Error- ${m.inspect(a.error\|\|a)}`),{status:a.status\|\|500,statusText:a.statusText\|\|i.INTERNAL_SERVER_ERROR,error:a.error\|\|{status:a.status\|\|500,error:a.statusText\|\|i.SOMETHING_WENT_WRONG}}}},b=Q;var F={maxTokenAge:"30 days",userPrivateKeys:"[]",userPublicKeys:"[]",anonymousPrivateKeys:"[]",anonymousPublicKeys:"[]",systemPrivateKeys:"[]",systemPublicKeys:"[]",adminPrivateKeys:"[]",adminPublicKeys:"[]"},M={allowAnonymous:!1,allowSystem:!0,allowUser:!0,allowCDN:!1},v=class{maxTokenAge;userPrivateKeys;userPublicKeys;anonymousPrivateKeys;anonymousPublicKeys;systemPrivateKeys;systemPublicKeys;adminPrivateKeys;adminPublicKeys;constructor(e=F){let{maxTokenAge:r,userPrivateKeys:s,userPublicKeys:n,anonymousPrivateKeys:o,anonymousPublicKeys:g,systemPrivateKeys:a,systemPublicKeys:p,adminPrivateKeys:u,adminPublicKeys:d}={...F,...e};this.maxTokenAge=r,this.userPrivateKeys=JSON.parse(s),this.userPublicKeys=JSON.parse(n),this.anonymousPrivateKeys=JSON.parse(o),this.anonymousPublicKeys=JSON.parse(g),this.systemPrivateKeys=JSON.parse(a),this.systemPublicKeys=JSON.parse(p),this.adminPrivateKeys=JSON.parse(u),this.adminPublicKeys=JSON.parse(d),this.logWarnings();}logWarnings(){let e=(r,s,n)=>s.length>n&&m.logWarning("AuthUtility",`More than ${n} ${r} keys provided. This is not recommended.`);e("user private",this.userPrivateKeys,3),e("user public",this.userPublicKeys,3),e("anonymous private",this.anonymousPrivateKeys,1),e("anonymous public",this.anonymousPublicKeys,3),e("system private",this.systemPrivateKeys,1),e("system public",this.systemPublicKeys,3),e("admin private",this.adminPrivateKeys,1),e("admin public",this.adminPublicKeys,3);}async createSignedJWT(e,r,s){let n=await jose.importPKCS8(r,"RS256");return await new jose.SignJWT(e).setProtectedHeader({alg:"RS256"}).setExpirationTime(s).setIssuedAt().sign(n)}async verifySignedJWT(e,r,s){for(let g=r.length-1;g>0;g--)try{let a=await jose.importSPKI(r[g],"RS256");return (await jose.jwtVerify(e,a,{clockTolerance:30,maxTokenAge:s})).payload}catch{continue}let n=await jose.importSPKI(r[0],"RS256");return (await jose.jwtVerify(e,n,{clockTolerance:30,maxTokenAge:s})).payload}async createAnonymousToken(e,r){y__default.default(this.anonymousPrivateKeys.length,i.ANONYMOUS_PRIVATE_KEY_NOT_FOUND),y__default.default(S.isUUID(e),i.INVALID_UUID);let s={id:e,type:"Anon",...r};return await this.createSignedJWT(s,this.anonymousPrivateKeys[this.anonymousPrivateKeys.length-1],this.maxTokenAge)}async verifyAnonymousToken(e){y__default.default(this.anonymousPublicKeys.length,i.ANONYMOUS_PUBLIC_KEY_NOT_FOUND);let r=await this.verifySignedJWT(e,this.anonymousPublicKeys,this.maxTokenAge);return y__default.default(r.type==="Anon",i.INVALID_AUTH_TYPE),r}async createUserToken(e,r){y__default.default(this.userPrivateKeys.length,i.USER_PRIVATE_KEY_NOT_FOUND),y__default.default(S.isUUID(e),i.INVALID_UUID);let s={id:e,type:"User",...r};return await this.createSignedJWT(s,this.userPrivateKeys[this.userPrivateKeys.length-1],this.maxTokenAge)}async verifyUserToken(e){y__default.default(this.userPublicKeys.length,i.USER_PUBLIC_KEY_NOT_FOUND);let r=await this.verifySignedJWT(e,this.userPublicKeys,this.maxTokenAge);return y__default.default(r.type==="User",i.INVALID_AUTH_TYPE),r}async createSystemToken(e,r){y__default.default(this.systemPrivateKeys.length,i.SYSTEM_PRIVATE_KEY_NOT_FOUND);let s={id:e,type:"System",...r};return await this.createSignedJWT(s,this.systemPrivateKeys[this.systemPrivateKeys.length-1],"5 min")}async verifySystemToken(e){y__default.default(this.systemPublicKeys.length,i.USER_PUBLIC_KEY_NOT_FOUND);let r=await this.verifySignedJWT(e,this.systemPublicKeys,"5 min");return y__default.default(r.type==="System",i.INVALID_AUTH_TYPE),r}async createAdminToken(e,r,s){y__default.default(this.adminPrivateKeys.length,i.ADMIN_PRIVATE_KEY_NOT_FOUND),y__default.default(S.isEmail(e),i.INVALID_EMAIL),y__default.default(S.isURL(r),i.INVALID_VERIFIER);let n={email:e,type:"Admin",verifier:r,...s};return await this.createSignedJWT(n,this.adminPrivateKeys[this.adminPrivateKeys.length-1],this.maxTokenAge)}async verifyAdminToken(e,r,s){y__default.default(this.adminPublicKeys.length,i.ADMIN_PUBLIC_KEY_NOT_FOUND);let n=await this.verifySignedJWT(e,this.adminPublicKeys,this.maxTokenAge);if(y__default.default(n.type==="Admin",i.INVALID_AUTH_TYPE),s){let o=await b(n.verifier,"","POST",{},{token:e,permissions:r});if(y__default.default(o.data.isTokenValid===!0,i.INVALID_TOKEN),o.data.hasPermissions!==!0)throw f.generateError(403,i.INVALID_PERMISSIONS)}return n}AuthMiddleware(e=M,r=[]){let{allowAnonymous:s,allowSystem:n,allowUser:o,allowCDN:g}={...M,...e};return async(a,p,u)=>{try{let[d,N]=a.get("Authorization")?.split(" ")\|\|[];if(!N)throw new Error(i.INVALID_TOKEN);let T;switch(d){case"Anon":if(!s)throw f.generateError(403,i.ANONYMOUS_SESSION_NOT_ALLOWED);T=await this.verifyAnonymousToken(N);break;case"User":if(!o)throw f.generateError(403,i.USER_SESSION_NOT_ALLOWED);T=await this.verifyUserToken(N);break;case"System":if(!n)throw f.generateError(403,i.SYSTEM_SESSION_NOT_ALLOWED);T=await this.verifySystemToken(N),m.logMessage("AuthMiddleware",`System Name - ${T.id}`);break;case"Admin":T=await this.verifyAdminToken(N,r,!0),m.logMessage("AuthMiddleware",`Admin - ${T.email}`);break;case"CDN":if(!g)throw f.generateError(403,i.CDN_SESSION_NOT_ALLOWED);y__default.default(["E3CQMOP5FX6KD1","E3TNCKKZ3FOX9W"].includes(N),i.INVALID_TOKEN),m.logMessage("AuthMiddleware",`CDN DistributionId - ${N}`);break;default:throw f.generateError(403,i.INVALID_AUTH_TYPE)}p.locals.auth={authType:d,token:N,...T},u();}catch(d){m.logError("AuthMiddleware",d),f.handleException("AuthMiddleware",f.generateError(401,d.error\|\|i.TOKEN_EXPIRED,!0),p);}}}},ot=v;exports.DefaultAuthMiddlewareConfig=M;exports.DefaultAuthUtilityConfig=F;exports.default=ot;//# sourceMappingURL=index.js.map
2	+ //# sourceMappingURL=index.js.map

package/dist/Auth/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../src/enums/ErrorTypes.ts","../../src/Logger/index.ts","../../node_modules/uuid/dist/esm-node/rng.js","../../node_modules/uuid/dist/esm-node/regex.js","../../node_modules/uuid/dist/esm-node/validate.js","../../node_modules/uuid/dist/esm-node/stringify.js","../../node_modules/uuid/dist/esm-node/parse.js","../../node_modules/uuid/dist/esm-node/v35.js","../../node_modules/uuid/dist/esm-node/native.js","../../node_modules/uuid/dist/esm-node/v4.js","../../node_modules/uuid/dist/esm-node/sha1.js","../../node_modules/uuid/dist/esm-node/v5.js","../../src/Utils/index.ts","../../src/Utils/response.ts","../../src/Auth/index.ts","../../src/Utils/fetch.ts"],"names":["ErrorTypes_default","Logger","functionName","error","message","errorMessage","context","util","Logger_default","rnds8Pool","poolPtr","rng","crypto","regex_default","validate","uuid","validate_default","byteToHex","i","unsafeStringify","arr","offset","parse","v","parse_default","stringToBytes","str","bytes","DNS","URL","v35","name","version","hashfunc","generateUUID","value","namespace","buf","_namespace","native_default","v4","options","rnds","v4_default","sha1","sha1_default","v5","v5_default","Utils","key","variantId","searchId","Utils_default","ResponseUtility","res","status","data","knownError","logError","response_default","Fetch","baseURL","endpoint","method","headers","payload","completeURL","response","errorBody","body","err","fetch_default","DefaultAuthUtilityConfig","DefaultAuthMiddlewareConfig","AuthUtility","config","maxTokenAge","userPrivateKeys","userPublicKeys","anonymousPrivateKeys","anonymousPublicKeys","systemPrivateKeys","systemPublicKeys","adminPrivateKeys","adminPublicKeys","warn","type","keys","limit","privateKeyString","expiration","privateKey","importPKCS8","SignJWT","token","publicKeyString","publicKey","importSPKI","jwtVerify","id","additionalData","assert","email","verifier","permissions","authenticate","allowAnonymous","allowSystem","allowUser","allowCDN","req","next","authType","Auth_default"],"mappings":"uWAAA,IAAOA,CAAAA,CAAQ,MAAO,CAAA,MAAA,CAAO,CACzB,YAAA,CAAc,cACd,CAAA,aAAA,CAAe,eACf,CAAA,aAAA,CAAe,eACf,CAAA,aAAA,CAAe,eACf,CAAA,gBAAA,CAAkB,kBAClB,CAAA,mBAAA,CAAqB,qBACrB,CAAA,iBAAA,CAAmB,4BACnB,CAAA,0BAAA,CAA4B,4BAC5B,CAAA,yBAAA,CAA2B,2BAC3B,CAAA,+BAAA,CAAiC,iCACjC,CAAA,8BAAA,CAAgC,gCAChC,CAAA,4BAAA,CAA8B,8BAC9B,CAAA,2BAAA,CAA6B,6BAC7B,CAAA,2BAAA,CAA6B,6BAC7B,CAAA,0BAAA,CAA4B,4BAC5B,CAAA,sBAAA,CAAwB,wBACxB,CAAA,6BAAA,CAA+B,+BAC/B,CAAA,wBAAA,CAA0B,0BAC1B,CAAA,0BAAA,CAA4B,4BAC5B,CAAA,uBAAA,CAAyB,yBACzB,CAAA,qBAAA,CAAuB,uBACvB,CAAA,oBAAA,CAAsB,sBAC1B,CAAC,CCvBD,CACA,IAAMC,CAAS,CAAA,CACb,YAAc,CAAA,CAACC,CAAsBC,CAAAA,CAAAA,GAAe,CAClD,OAAA,CAAQ,KAAM,CAAA,CAAA,gCAAA,EAAmCD,CAAY,CAAA,SAAA,EAAYD,CAAO,CAAA,OAAA,CAAQE,CAAK,CAAC,CAAE,CAAA,EAClG,CAEA,CAAA,QAAA,CAAU,CAACD,CAAAA,CAAsBC,CAAe,GAAA,CAC9C,OAAQ,CAAA,KAAA,CAAM,CAA+BD,4BAAAA,EAAAA,CAAY,CAAYD,SAAAA,EAAAA,CAAAA,CAAO,OAAQE,CAAAA,CAAK,CAAC,CAAA,CAAE,EAC9F,CAAA,CAEA,UAAY,CAAA,CAACD,CAAsBE,CAAAA,CAAAA,GAAiB,CAClD,OAAA,CAAQ,IAAK,CAAA,CAAA,qBAAA,EAAwBF,CAAY,CAAA,GAAA,EAAMD,CAAO,CAAA,OAAA,CAAQG,CAAO,CAAC,CAAE,CAAA,EAClF,CAEA,CAAA,UAAA,CAAY,CAACF,CAAAA,CAAsBE,CAAiB,GAAA,CAClD,OAAQ,CAAA,GAAA,CAAI,wBAAwBF,CAAY,CAAA,GAAA,EAAMD,CAAO,CAAA,OAAA,CAAQG,CAAO,CAAC,CAAE,CAAA,EACjF,CAEA,CAAA,iBAAA,CAAmB,CAACF,CAAAA,CAAsBG,CAAyB,GAAA,CACjE,OAAQ,CAAA,KAAA,CAAM,CAA0CH,uCAAAA,EAAAA,CAAY,CAAYD,SAAAA,EAAAA,CAAAA,CAAO,OAAQI,CAAAA,CAAY,CAAC,CAAA,CAAE,EAChH,CAAA,CAEA,OAAUC,CAAAA,CAAAA,EACA,OAAOA,CAAAA,EAAY,QAAWA,CAAAA,CAAAA,CAAUC,kBAAK,CAAA,OAAA,CAAQD,CAAO,CAExE,CAEOE,CAAAA,CAAAA,CAAQP,CC3Bf,CACA,IAAMQ,CAAAA,CAAY,IAAI,UAAA,CAAW,GAAG,CAAA,CAEhCC,CAAUD,CAAAA,CAAAA,CAAU,MACT,CAAA,SAARE,CAAuB,EAAA,CAC5B,OAAID,CAAAA,CAAUD,CAAU,CAAA,MAAA,CAAS,EAC/BG,GAAAA,kBAAAA,CAAO,cAAeH,CAAAA,CAAS,CAC/BC,CAAAA,CAAAA,CAAU,CAGLD,CAAAA,CAAAA,CAAAA,CAAU,KAAMC,CAAAA,CAAAA,CAASA,CAAW,EAAA,EAAE,CAC/C,CCXA,IAAOG,CAAAA,CAAQ,qHCEf,CAAA,SAASC,CAASC,CAAAA,CAAAA,CAAM,CACtB,OAAO,OAAOA,CAAAA,EAAS,QAAYF,EAAAA,CAAAA,CAAM,IAAKE,CAAAA,CAAI,CACpD,CAEA,IAAOC,CAAAA,CAAQF,CCAf,CAAA,IAAMG,CAAY,CAAA,EAElB,CAAA,IAAA,IAASC,CAAI,CAAA,CAAA,CAAGA,CAAI,CAAA,GAAA,CAAK,EAAEA,CAAAA,CACzBD,CAAU,CAAA,IAAA,CAAA,CAAMC,CAAI,CAAA,GAAA,EAAO,QAAS,CAAA,EAAE,CAAE,CAAA,KAAA,CAAM,CAAC,CAAC,CAG3C,CAAA,SAASC,CAAgBC,CAAAA,CAAAA,CAAKC,CAAS,CAAA,CAAA,CAAG,CAG/C,OAAOJ,CAAUG,CAAAA,CAAAA,CAAIC,CAAS,CAAA,CAAC,CAAC,CAAA,CAAIJ,EAAUG,CAAIC,CAAAA,CAAAA,CAAS,CAAC,CAAC,CAAIJ,CAAAA,CAAAA,CAAUG,CAAIC,CAAAA,CAAAA,CAAS,CAAC,CAAC,CAAIJ,CAAAA,CAAAA,CAAUG,CAAIC,CAAAA,CAAAA,CAAS,CAAC,CAAC,CAAI,CAAA,GAAA,CAAMJ,CAAUG,CAAAA,CAAAA,CAAIC,CAAS,CAAA,CAAC,CAAC,CAAA,CAAIJ,CAAUG,CAAAA,CAAAA,CAAIC,CAAS,CAAA,CAAC,CAAC,CAAA,CAAI,GAAMJ,CAAAA,CAAAA,CAAUG,CAAIC,CAAAA,CAAAA,CAAS,CAAC,CAAC,CAAIJ,CAAAA,CAAAA,CAAUG,CAAIC,CAAAA,CAAAA,CAAS,CAAC,CAAC,CAAI,CAAA,GAAA,CAAMJ,CAAUG,CAAAA,CAAAA,CAAIC,CAAS,CAAA,CAAC,CAAC,CAAA,CAAIJ,CAAUG,CAAAA,CAAAA,CAAIC,CAAS,CAAA,CAAC,CAAC,CAAA,CAAI,GAAMJ,CAAAA,CAAAA,CAAUG,CAAIC,CAAAA,CAAAA,CAAS,EAAE,CAAC,EAAIJ,CAAUG,CAAAA,CAAAA,CAAIC,CAAS,CAAA,EAAE,CAAC,CAAA,CAAIJ,CAAUG,CAAAA,CAAAA,CAAIC,CAAS,CAAA,EAAE,CAAC,CAAA,CAAIJ,CAAUG,CAAAA,CAAAA,CAAIC,CAAS,CAAA,EAAE,CAAC,CAAA,CAAIJ,CAAUG,CAAAA,CAAAA,CAAIC,CAAS,CAAA,EAAE,CAAC,CAAA,CAAIJ,CAAUG,CAAAA,CAAAA,CAAIC,CAAS,CAAA,EAAE,CAAC,CACnf,CCdA,SAASC,CAAMP,CAAAA,CAAAA,CAAM,CACnB,GAAI,CAACC,CAAAA,CAASD,CAAI,CAAA,CAChB,MAAM,SAAA,CAAU,cAAc,CAAA,CAGhC,IAAIQ,CAAAA,CACEH,CAAM,CAAA,IAAI,UAAW,CAAA,EAAE,CAE7B,CAAA,OAAAA,CAAI,CAAA,CAAC,CAAKG,CAAAA,CAAAA,CAAAA,CAAI,QAASR,CAAAA,CAAAA,CAAK,KAAM,CAAA,CAAA,CAAG,CAAC,CAAA,CAAG,EAAE,CAAO,IAAA,EAAA,CAClDK,CAAI,CAAA,CAAC,CAAIG,CAAAA,CAAAA,GAAM,EAAK,CAAA,GAAA,CACpBH,CAAI,CAAA,CAAC,CAAIG,CAAAA,CAAAA,GAAM,CAAI,CAAA,GAAA,CACnBH,CAAI,CAAA,CAAC,CAAIG,CAAAA,CAAAA,CAAI,GAEbH,CAAAA,CAAAA,CAAI,CAAC,CAAA,CAAA,CAAKG,CAAI,CAAA,QAAA,CAASR,CAAK,CAAA,KAAA,CAAM,CAAG,CAAA,EAAE,CAAG,CAAA,EAAE,CAAO,IAAA,CAAA,CACnDK,CAAI,CAAA,CAAC,CAAIG,CAAAA,CAAAA,CAAI,GAEbH,CAAAA,CAAAA,CAAI,CAAC,CAAA,CAAA,CAAKG,CAAI,CAAA,QAAA,CAASR,CAAK,CAAA,KAAA,CAAM,EAAI,CAAA,EAAE,CAAG,CAAA,EAAE,CAAO,IAAA,CAAA,CACpDK,CAAI,CAAA,CAAC,CAAIG,CAAAA,CAAAA,CAAI,GAEbH,CAAAA,CAAAA,CAAI,CAAC,CAAA,CAAA,CAAKG,CAAI,CAAA,QAAA,CAASR,CAAK,CAAA,KAAA,CAAM,EAAI,CAAA,EAAE,CAAG,CAAA,EAAE,CAAO,IAAA,CAAA,CACpDK,CAAI,CAAA,CAAC,CAAIG,CAAAA,CAAAA,CAAI,GAGbH,CAAAA,CAAAA,CAAI,EAAE,CAAA,CAAA,CAAKG,CAAI,CAAA,QAAA,CAASR,CAAK,CAAA,KAAA,CAAM,EAAI,CAAA,EAAE,CAAG,CAAA,EAAE,CAAK,EAAA,aAAA,CAAgB,GACnEK,CAAAA,CAAAA,CAAI,EAAE,CAAA,CAAIG,CAAI,CAAA,UAAA,CAAc,GAC5BH,CAAAA,CAAAA,CAAI,EAAE,CAAA,CAAIG,CAAM,GAAA,EAAA,CAAK,GACrBH,CAAAA,CAAAA,CAAI,EAAE,CAAA,CAAIG,CAAM,GAAA,EAAA,CAAK,GACrBH,CAAAA,CAAAA,CAAI,EAAE,CAAA,CAAIG,CAAM,GAAA,CAAA,CAAI,GACpBH,CAAAA,CAAAA,CAAI,EAAE,CAAA,CAAIG,CAAI,CAAA,GAAA,CACPH,CACT,CAEA,IAAOI,CAAAA,CAAQF,CC/Bf,CAAA,SAASG,CAAcC,CAAAA,CAAAA,CAAK,CAC1BA,CAAAA,CAAM,SAAS,kBAAmBA,CAAAA,CAAG,CAAC,CAAA,CAEtC,IAAMC,CAAAA,CAAQ,EAAC,CAEf,IAAST,IAAAA,CAAAA,CAAI,CAAGA,CAAAA,CAAAA,CAAIQ,CAAI,CAAA,MAAA,CAAQ,EAAER,CAAAA,CAChCS,CAAM,CAAA,IAAA,CAAKD,CAAI,CAAA,UAAA,CAAWR,CAAC,CAAC,CAG9B,CAAA,OAAOS,CACT,CAEO,IAAMC,CAAAA,CAAM,sCACNC,CAAAA,CAAAA,CAAM,sCACJ,CAAA,SAARC,CAAqBC,CAAAA,CAAAA,CAAMC,CAASC,CAAAA,CAAAA,CAAU,CACnD,SAASC,CAAaC,CAAAA,CAAAA,CAAOC,CAAWC,CAAAA,CAAAA,CAAKhB,CAAQ,CAAA,CACnD,IAAIiB,CAAAA,CAUJ,GARI,OAAOH,CAAU,EAAA,QAAA,GACnBA,CAAQV,CAAAA,CAAAA,CAAcU,CAAK,CAAA,CAAA,CAGzB,OAAOC,CAAAA,EAAc,QACvBA,GAAAA,CAAAA,CAAYZ,CAAMY,CAAAA,CAAS,CAGvBE,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAaF,KAAe,IAAQE,EAAAA,CAAAA,GAAe,KAAS,CAAA,CAAA,KAAA,CAAA,CAASA,CAAW,CAAA,MAAA,IAAY,EAChG,CAAA,MAAM,SAAU,CAAA,kEAAkE,CAMpF,CAAA,IAAIX,CAAQ,CAAA,IAAI,UAAW,CAAA,EAAA,CAAKQ,CAAM,CAAA,MAAM,CAO5C,CAAA,GANAR,CAAM,CAAA,GAAA,CAAIS,CAAS,CAAA,CACnBT,CAAM,CAAA,GAAA,CAAIQ,CAAOC,CAAAA,CAAAA,CAAU,MAAM,CAAA,CACjCT,CAAQM,CAAAA,CAAAA,CAASN,CAAK,CAAA,CACtBA,CAAM,CAAA,CAAC,CAAIA,CAAAA,CAAAA,CAAM,CAAC,CAAA,CAAI,EAAOK,CAAAA,CAAAA,CAC7BL,CAAM,CAAA,CAAC,CAAIA,CAAAA,CAAAA,CAAM,CAAC,CAAA,CAAI,EAAO,CAAA,GAAA,CAEzBU,CAAK,CAAA,CACPhB,CAASA,CAAAA,CAAAA,EAAU,CAEnB,CAAA,IAAA,IAASH,CAAI,CAAA,CAAA,CAAGA,CAAI,CAAA,EAAA,CAAI,EAAEA,CAAAA,CACxBmB,EAAIhB,CAASH,CAAAA,CAAC,CAAIS,CAAAA,CAAAA,CAAMT,CAAC,CAAA,CAG3B,OAAOmB,CACT,CAEA,OAAOlB,CAAgBQ,CAAAA,CAAK,CAC9B,CAGA,GAAI,CACFO,CAAa,CAAA,IAAA,CAAOH,EACtB,CAAA,KAAc,EAGd,OAAAG,CAAAA,CAAa,GAAMN,CAAAA,CAAAA,CACnBM,CAAa,CAAA,GAAA,CAAML,CACZK,CAAAA,CACT,CChEA,IAAOK,CAAAA,CAAQ,CACb,UAAA,CAAY3B,kBAAO,CAAA,UACrB,CCCA,CAAA,SAAS4B,CAAGC,CAAAA,CAAAA,CAASJ,CAAKhB,CAAAA,CAAAA,CAAQ,CAChC,GAAIkB,CAAO,CAAA,UAAA,EAAc,CAACF,CAAAA,EAAO,CAACI,CAAAA,CAChC,OAAOF,CAAAA,CAAO,UAAW,EAAA,CAG3BE,CAAUA,CAAAA,CAAAA,EAAW,EAAC,CACtB,IAAMC,CAAAA,CAAOD,CAAQ,CAAA,MAAA,EAAA,CAAWA,CAAQ,CAAA,GAAA,EAAO9B,CAAK,GAAA,CAKpD,GAHA+B,CAAAA,CAAK,CAAC,CAAA,CAAIA,CAAK,CAAA,CAAC,CAAI,CAAA,EAAA,CAAO,EAC3BA,CAAAA,CAAAA,CAAK,CAAC,CAAA,CAAIA,CAAK,CAAA,CAAC,CAAI,CAAA,EAAA,CAAO,GAEvBL,CAAAA,CAAAA,CAAK,CACPhB,CAAAA,CAASA,CAAU,EAAA,CAAA,CAEnB,IAASH,IAAAA,CAAAA,CAAI,CAAGA,CAAAA,CAAAA,CAAI,EAAI,CAAA,EAAEA,CACxBmB,CAAAA,CAAAA,CAAIhB,CAASH,CAAAA,CAAC,CAAIwB,CAAAA,CAAAA,CAAKxB,CAAC,CAAA,CAG1B,OAAOmB,CACT,CAEA,OAAOlB,CAAgBuB,CAAAA,CAAI,CAC7B,CAEA,IAAOC,CAAAA,CAAQH,CC5Bf,CAEA,SAASI,CAAAA,CAAKjB,CAAO,CAAA,CACnB,OAAI,KAAA,CAAM,QAAQA,CAAK,CAAA,CACrBA,CAAQ,CAAA,MAAA,CAAO,IAAKA,CAAAA,CAAK,CAChB,CAAA,OAAOA,CAAU,EAAA,QAAA,GAC1BA,CAAQ,CAAA,MAAA,CAAO,IAAKA,CAAAA,CAAAA,CAAO,MAAM,CAAA,CAAA,CAG5Bf,kBAAO,CAAA,UAAA,CAAW,MAAM,CAAA,CAAE,MAAOe,CAAAA,CAAK,CAAE,CAAA,MAAA,EACjD,CAEA,IAAOkB,CAAAA,CAAQD,CCVf,CAAA,IAAME,CAAKhB,CAAAA,CAAAA,CAAI,IAAM,CAAA,EAAA,CAAMe,CAAI,CAAA,CACxBE,CAAQD,CAAAA,CAAAA,CCDf,IAAME,CAAAA,CAAQ,CACZ,MAAA,CAASb,CACW,EAAA,4EAAA,CACD,IAAKA,CAAAA,CAAK,CAG7B,CAAA,OAAA,CAAUA,CACW,EAAA,kDAAA,CACD,IAAKA,CAAAA,CAAK,CAG9B,CAAA,KAAA,CAAQA,CACW,EAAA,2BAAA,CACD,IAAKA,CAAAA,CAAK,CAG5B,CAAA,YAAA,CAAc,CAACA,CAAAA,CAAgBC,IAC1BA,CAAaD,EAAAA,CAAAA,CACPY,CAAOZ,CAAAA,CAAAA,CAAOC,CAAS,CAAA,CAEzBO,CAAO,EAAA,CAGhB,gBAAkB,CAAA,CAACM,CAAaC,CAAAA,CAAAA,GACvB,CAAGD,EAAAA,CAAG,CAAIC,CAAAA,EAAAA,CAAS,CAG5B,CAAA,CAAA,kBAAA,CAAqBC,CAAqB,EAAA,CACxC,GAAM,CAACF,CAAKC,CAAAA,CAAS,CAAIC,CAAAA,CAAAA,CAAS,KAAM,CAAA,GAAG,CAC3C,CAAA,OAAO,CACL,GAAA,CAAAF,CACA,CAAA,SAAA,CAAAC,CACF,CACF,CACF,CAAA,CAEOE,CAAQJ,CAAAA,CAAAA,CCnCR,IAAMK,CAAAA,CAAkB,CAC7B,eAAA,CAAiB,CAACnD,CAAAA,CAAsBC,CAAYmD,CAAAA,CAAAA,GAAa,CAC3DnD,CAAAA,CAAM,UACRA,EAAAA,CAAAA,CAAM,QAAYK,EAAAA,CAAAA,CAAO,QAASN,CAAAA,CAAAA,CAAcC,CAAK,CAAA,CACrDmD,CAAI,CAAA,MAAA,CAAOnD,CAAM,CAAA,MAAM,EAAE,IAAK,CAAA,CAC5B,MAAQA,CAAAA,CAAAA,CAAM,MACd,CAAA,KAAA,CAAOA,CAAM,CAAA,KACf,CAAC,CAAA,EACOA,CAAM,CAAA,MAAA,EAAUA,CAAM,CAAA,KAAA,EAC9BK,CAAO,CAAA,YAAA,CAAaN,CAAcC,CAAAA,CAAK,CACvCmD,CAAAA,CAAAA,CAAI,MAAOnD,CAAAA,CAAAA,CAAM,MAAM,CAAA,CAAE,IAAK,CAAA,CAC5B,GAAGA,CAAAA,CAAM,KACT,CAAA,MAAA,CAAQA,CAAM,CAAA,MAChB,CAAC,CAAA,GAEDK,CAAO,CAAA,YAAA,CAAaN,CAAcC,CAAAA,CAAK,CACvCmD,CAAAA,CAAAA,CAAI,MAAO,CAAA,GAAG,CAAE,CAAA,IAAA,CAAK,CACnB,MAAA,CAAQ,GACR,CAAA,KAAA,CAAOtD,CAAW,CAAA,qBACpB,CAAC,CAAA,EAEL,CAEA,CAAA,gBAAA,CAAkB,CAACuD,CAAAA,CAAgBC,CAAYrD,CAAAA,CAAAA,IACtC,CACL,MAAA,CAAAoD,CACA,CAAA,IAAA,CAAAC,CACA,CAAA,KAAA,CAAArD,CACF,CAAA,CAAA,CAGF,aAAe,CAAA,CAACoD,CAAgBpD,CAAAA,CAAAA,CAAesD,CAAsB,CAAA,CAAA,CAAA,CAAMC,CAAoB,CAAA,CAAA,CAAA,IACtF,CACL,MAAA,CAAAH,CACA,CAAA,KAAA,CAAApD,CACA,CAAA,UAAA,CAAAsD,CACA,CAAA,QAAA,CAAAC,CACF,CAAA,CAEJ,CAEOC,CAAAA,CAAAA,CAAQN,CCvCf,CCuBA,IAAMO,CAAAA,CAAQ,MACZC,CAAAA,CACAC,CACAC,CAAAA,CAAAA,CAA8C,KAC9CC,CAAAA,CAAAA,CAAkC,EAAC,CACnCC,CACyB,GAAA,CACzB,IAAMxB,CAAAA,CAAuB,CAC3B,MAAA,CAAAsB,CACA,CAAA,OAAA,CAAS,CACP,cAAA,CAAgB,kBAChB,CAAA,GAAGC,CACL,CACF,CAEID,CAAAA,CAAAA,GAAW,KAASE,EAAAA,CAAAA,GACtBxB,CAAQ,CAAA,IAAA,CAAO,IAAK,CAAA,SAAA,CAAUwB,CAAO,CAAA,CAAA,CAGvC,IAAMC,CAAAA,CAAc,GAAGL,CAAO,CAAA,EAAGC,CAAY,CAAA,GAAA,CAAMA,CAAY,CAAA,EAAE,CACjE,CAAA,CAAA,GAAI,CACF,IAAMK,CAAgB,CAAA,MAAM,KAAMD,CAAAA,CAAAA,CAAazB,CAAO,CAAA,CAEtD,GAAI,CAAC0B,CAAS,CAAA,EAAA,CAAI,CAChB,IAAMC,CAAiB,CAAA,MAAMD,CAAS,CAAA,IAAA,EAAO,CAAA,KAAA,CAAM,IAAMA,CAAAA,CAAS,IAAK,EAAC,CAExE,CAAA,MAAM,CACJ,MAAA,CAAQA,CAAS,CAAA,MAAA,CACjB,UAAYA,CAAAA,CAAAA,CAAS,UACrB,CAAA,KAAA,CAAOC,CAAwB,EAAA,CAC7B,MAAQD,CAAAA,CAAAA,CAAS,MACjB,CAAA,KAAA,CAAOA,CAAS,CAAA,UAClB,CACF,CACF,CAEA,IAAME,CAAO,CAAA,MAAMF,CAAS,CAAA,IAAA,EAE5B,CAAA,OAAA3D,CAAO,CAAA,UAAA,CAAW,QAAS,CAA4B0D,yBAAAA,EAAAA,CAAW,CAAaC,UAAAA,EAAAA,CAAAA,CAAS,MAAM,CAAA,CAAE,CACzF,CAAA,CACL,MAAQA,CAAAA,CAAAA,CAAS,MACjB,CAAA,UAAA,CAAYA,CAAS,CAAA,UAAA,CACrB,IAAME,CAAAA,CAAAA,CAAK,IACb,CACF,CAASC,MAAAA,CAAAA,CAAU,CAEjB,MAAA9D,CAAO,CAAA,QAAA,CAAS,OAAS,CAAA,CAAA,qBAAA,EAAwB0D,CAAW,CAAA,UAAA,EAAaI,CAAI,CAAA,MAAA,EAAU,GAAG,CAAA,SAAA,EAAY9D,CAAO,CAAA,OAAA,CAAQ8D,CAAI,CAAA,KAAA,EAASA,CAAG,CAAC,CAAE,CAAA,CAAA,CAClI,CACJ,MAAA,CAAQA,CAAI,CAAA,MAAA,EAAU,GACtB,CAAA,UAAA,CAAYA,CAAI,CAAA,UAAA,EAActE,CAAW,CAAA,qBAAA,CACzC,KAAOsE,CAAAA,CAAAA,CAAI,KAAS,EAAA,CAClB,MAAQA,CAAAA,CAAAA,CAAI,MAAU,EAAA,GAAA,CACtB,KAAOA,CAAAA,CAAAA,CAAI,UAActE,EAAAA,CAAAA,CAAW,oBACtC,CACF,CACF,CACF,CAAA,CAEOuE,CAAQX,CAAAA,CAAAA,CDhEFY,IAAAA,CAAAA,CAAwD,CACnE,WAAA,CAAa,SACb,CAAA,eAAA,CAAiB,IACjB,CAAA,cAAA,CAAgB,IAChB,CAAA,oBAAA,CAAsB,IACtB,CAAA,mBAAA,CAAqB,IACrB,CAAA,iBAAA,CAAmB,IACnB,CAAA,gBAAA,CAAkB,IAClB,CAAA,gBAAA,CAAkB,IAClB,CAAA,eAAA,CAAiB,IACnB,CAAA,CAWaC,CAA8D,CAAA,CACzE,cAAgB,CAAA,CAAA,CAAA,CAChB,WAAa,CAAA,CAAA,CAAA,CACb,SAAW,CAAA,CAAA,CAAA,CACX,QAAU,CAAA,CAAA,CACZ,CAKMC,CAAAA,CAAAA,CAAN,KAAkB,CACR,WACA,CAAA,eAAA,CACA,cACA,CAAA,oBAAA,CACA,mBACA,CAAA,iBAAA,CACA,gBACA,CAAA,gBAAA,CACA,eAMR,CAAA,WAAA,CAAYC,CAAqCH,CAAAA,CAAAA,CAA0B,CACzE,GAAM,CACJ,WAAA,CAAAI,CACA,CAAA,eAAA,CAAAC,CACA,CAAA,cAAA,CAAAC,CACA,CAAA,oBAAA,CAAAC,CACA,CAAA,mBAAA,CAAAC,CACA,CAAA,iBAAA,CAAAC,CACA,CAAA,gBAAA,CAAAC,CACA,CAAA,gBAAA,CAAAC,CACA,CAAA,eAAA,CAAAC,CACF,CAAA,CAAI,CAAE,GAAGZ,CAA0B,CAAA,GAAGG,CAAO,CAAA,CAE7C,IAAK,CAAA,WAAA,CAAcC,CAEnB,CAAA,IAAA,CAAK,eAAkB,CAAA,IAAA,CAAK,KAAMC,CAAAA,CAAe,CACjD,CAAA,IAAA,CAAK,cAAiB,CAAA,IAAA,CAAK,KAAMC,CAAAA,CAAc,CAE/C,CAAA,IAAA,CAAK,oBAAuB,CAAA,IAAA,CAAK,KAAMC,CAAAA,CAAoB,CAC3D,CAAA,IAAA,CAAK,mBAAsB,CAAA,IAAA,CAAK,KAAMC,CAAAA,CAAmB,CAEzD,CAAA,IAAA,CAAK,iBAAoB,CAAA,IAAA,CAAK,KAAMC,CAAAA,CAAiB,CACrD,CAAA,IAAA,CAAK,gBAAmB,CAAA,IAAA,CAAK,KAAMC,CAAAA,CAAgB,CAEnD,CAAA,IAAA,CAAK,gBAAmB,CAAA,IAAA,CAAK,KAAMC,CAAAA,CAAgB,EACnD,IAAK,CAAA,eAAA,CAAkB,IAAK,CAAA,KAAA,CAAMC,CAAe,CAAA,CAEjD,IAAK,CAAA,WAAA,GACP,CAKQ,WAAc,EAAA,CACpB,IAAMC,CAAAA,CAAO,CAACC,CAAAA,CAAcC,CAAgBC,CAAAA,CAAAA,GAC1CD,CAAK,CAAA,MAAA,CAASC,CACdhF,EAAAA,CAAAA,CAAO,UACL,CAAA,aAAA,CACA,CAAagF,UAAAA,EAAAA,CAAK,CAAIF,CAAAA,EAAAA,CAAI,CAC5B,wCAAA,CAAA,CAAA,CAEFD,CAAK,CAAA,cAAA,CAAgB,IAAK,CAAA,eAAA,CAAiB,CAAC,CAAA,CAC5CA,CAAK,CAAA,aAAA,CAAe,IAAK,CAAA,cAAA,CAAgB,CAAC,CAAA,CAC1CA,CAAK,CAAA,mBAAA,CAAqB,IAAK,CAAA,oBAAA,CAAsB,CAAC,CAAA,CACtDA,CAAK,CAAA,kBAAA,CAAoB,IAAK,CAAA,mBAAA,CAAqB,CAAC,CAAA,CACpDA,CAAK,CAAA,gBAAA,CAAkB,IAAK,CAAA,iBAAA,CAAmB,CAAC,CAAA,CAChDA,CAAK,CAAA,eAAA,CAAiB,KAAK,gBAAkB,CAAA,CAAC,CAC9CA,CAAAA,CAAAA,CAAK,eAAiB,CAAA,IAAA,CAAK,gBAAkB,CAAA,CAAC,CAC9CA,CAAAA,CAAAA,CAAK,cAAgB,CAAA,IAAA,CAAK,eAAiB,CAAA,CAAC,EAC9C,CAEA,MAAc,eAAA,CAAgBpB,CAAcwB,CAAAA,CAAAA,CAA0BC,CAAmB,CAAA,CACvF,IAAMC,CAAAA,CAAa,MAAMC,gBAAAA,CAAYH,CAAkB,CAAA,OAAO,CAO9D,CAAA,OANc,MAAM,IAAII,YAAQ5B,CAAAA,CAAO,CAClC,CAAA,kBAAA,CAAmB,CAAE,GAAA,CAAK,OAAQ,CAAC,CACnC,CAAA,iBAAA,CAAkByB,CAAU,CAAA,CAC5B,WAAY,EAAA,CACZ,IAAKC,CAAAA,CAAU,CAGtB,CAEA,MAAc,eAAA,CAAgBG,CAAeC,CAAAA,CAAAA,CAA2BL,CAAmB,CAAA,CACzF,IAAQxE,IAAAA,CAAAA,CAAI6E,CAAgB,CAAA,MAAA,CAAS,CAAG7E,CAAAA,CAAAA,CAAI,EAAIA,CAC9C,EAAA,CAAA,GAAI,CACF,IAAM8E,CAAY,CAAA,MAAMC,eAAWF,CAAAA,CAAAA,CAAgB7E,CAAC,CAAA,CAAG,OAAO,CAAA,CAE9D,OADY,CAAA,MAAMgF,cAAUJ,CAAAA,CAAAA,CAAOE,CAAW,CAAA,CAAG,cAAgB,CAAA,EAAA,CAAI,WAAaN,CAAAA,CAAW,CAAC,CAAA,EACnF,OACb,CAAA,KAAgB,CAEd,QACF,CAGF,IAAMM,CAAY,CAAA,MAAMC,eAAWF,CAAAA,CAAAA,CAAgB,CAAC,CAAA,CAAG,OAAO,CAAA,CAE9D,OADY,CAAA,MAAMG,cAAUJ,CAAAA,CAAAA,CAAOE,CAAW,CAAA,CAAG,cAAgB,CAAA,EAAA,CAAI,WAAaN,CAAAA,CAAW,CAAC,CAAA,EACnF,OACb,CAWA,MAAM,oBAAA,CAAqBS,CAAYC,CAAAA,CAAAA,CAA0C,CAC/EC,kBAAAA,CAAO,IAAK,CAAA,oBAAA,CAAqB,MAAQrG,CAAAA,CAAAA,CAAW,+BAA+B,CAAA,CAEnFqG,kBAAOjD,CAAAA,CAAAA,CAAM,MAAO+C,CAAAA,CAAE,CAAGnG,CAAAA,CAAAA,CAAW,YAAY,CAAA,CAChD,IAAMiE,CAAAA,CAAU,CACZ,EAAA,CAAAkC,CACA,CAAA,IAAA,CAAM,MACN,CAAA,GAAGC,CACP,CAAA,CAEA,OAAO,MAAM,IAAK,CAAA,eAAA,CAAgBnC,CAAS,CAAA,IAAA,CAAK,oBAAqB,CAAA,IAAA,CAAK,oBAAqB,CAAA,MAAA,CAAS,CAAC,CAAA,CAAG,IAAK,CAAA,WAAW,CAC9H,CASA,MAAM,oBAAA,CAAqB6B,CAAc,CAAA,CACvCO,kBAAO,CAAA,IAAA,CAAK,mBAAoB,CAAA,MAAA,CAAQrG,CAAW,CAAA,8BAA8B,CACjF,CAAA,IAAMiE,CAAU,CAAA,MAAM,IAAK,CAAA,eAAA,CAAgB6B,CAAO,CAAA,IAAA,CAAK,mBAAqB,CAAA,IAAA,CAAK,WAAW,CAAA,CAC5F,OAAAO,kBAAAA,CAAOpC,CAAQ,CAAA,IAAA,GAAS,MAAQjE,CAAAA,CAAAA,CAAW,iBAAiB,CACrDiE,CAAAA,CACT,CAUA,MAAM,eAAgBkC,CAAAA,CAAAA,CAAYC,CAA0C,CAAA,CAC1EC,kBAAO,CAAA,IAAA,CAAK,eAAgB,CAAA,MAAA,CAAQrG,CAAW,CAAA,0BAA0B,CACzEqG,CAAAA,kBAAAA,CAAOjD,CAAM,CAAA,MAAA,CAAO+C,CAAE,CAAA,CAAGnG,CAAW,CAAA,YAAY,CAEhD,CAAA,IAAMiE,CAAU,CAAA,CACZ,EAAAkC,CAAAA,CAAAA,CACA,IAAM,CAAA,MAAA,CACN,GAAGC,CACP,CACA,CAAA,OAAO,MAAM,IAAA,CAAK,eAAgBnC,CAAAA,CAAAA,CAAS,IAAK,CAAA,eAAA,CAAgB,IAAK,CAAA,eAAA,CAAgB,MAAS,CAAA,CAAC,CAAG,CAAA,IAAA,CAAK,WAAW,CACpH,CASA,MAAM,eAAgB6B,CAAAA,CAAAA,CAAc,CAClCO,kBAAAA,CAAO,IAAK,CAAA,cAAA,CAAe,MAAQrG,CAAAA,CAAAA,CAAW,yBAAyB,CAAA,CACvE,IAAMiE,CAAAA,CAAS,MAAM,IAAK,CAAA,eAAA,CAAgB6B,CAAO,CAAA,IAAA,CAAK,cAAgB,CAAA,IAAA,CAAK,WAAW,CAAA,CACtF,OAAAO,kBAAAA,CAAOpC,CAAQ,CAAA,IAAA,GAAS,MAAQjE,CAAAA,CAAAA,CAAW,iBAAiB,CAAA,CACrDiE,CACT,CAUA,MAAM,iBAAA,CAAkBkC,CAAYC,CAAAA,CAAAA,CAA0C,CAC5EC,kBAAAA,CAAO,IAAK,CAAA,iBAAA,CAAkB,MAAQrG,CAAAA,CAAAA,CAAW,4BAA4B,CAAA,CAE7E,IAAMiE,CAAAA,CAAU,CACZ,EAAA,CAAAkC,CACA,CAAA,IAAA,CAAM,QACN,CAAA,GAAGC,CACP,CAAA,CACA,OAAO,MAAM,IAAK,CAAA,eAAA,CAAgBnC,CAAS,CAAA,IAAA,CAAK,iBAAkB,CAAA,IAAA,CAAK,iBAAkB,CAAA,MAAA,CAAS,CAAC,CAAA,CAAG,OAAO,CAC/G,CASA,MAAM,iBAAkB6B,CAAAA,CAAAA,CAAc,CACpCO,kBAAAA,CAAO,IAAK,CAAA,gBAAA,CAAiB,OAAQrG,CAAW,CAAA,yBAAyB,CACzE,CAAA,IAAMiE,CAAU,CAAA,MAAM,IAAK,CAAA,eAAA,CAAgB6B,CAAO,CAAA,IAAA,CAAK,gBAAkB,CAAA,OAAO,CAChF,CAAA,OAAAO,kBAAOpC,CAAAA,CAAAA,CAAQ,IAAS,GAAA,QAAA,CAAUjE,CAAW,CAAA,iBAAiB,CACvDiE,CAAAA,CACT,CAUA,MAAM,gBAAiBqC,CAAAA,CAAAA,CAAeC,CAAkBH,CAAAA,CAAAA,CAA0C,CAChGC,kBAAAA,CAAO,IAAK,CAAA,gBAAA,CAAiB,MAAQrG,CAAAA,CAAAA,CAAW,2BAA2B,CAAA,CAE3EqG,kBAAOjD,CAAAA,CAAAA,CAAM,OAAQkD,CAAAA,CAAK,CAAGtG,CAAAA,CAAAA,CAAW,aAAa,CAAA,CACrDqG,kBAAOjD,CAAAA,CAAAA,CAAM,KAAMmD,CAAAA,CAAQ,CAAGvG,CAAAA,CAAAA,CAAW,gBAAgB,CAAA,CACzD,IAAMiE,CAAAA,CAAU,CACZ,KAAA,CAAAqC,CACA,CAAA,IAAA,CAAM,OACN,CAAA,QAAA,CAAUC,CACV,CAAA,GAAGH,CACP,CAAA,CACA,OAAO,MAAM,IAAK,CAAA,eAAA,CAAgBnC,CAAS,CAAA,IAAA,CAAK,gBAAiB,CAAA,IAAA,CAAK,gBAAiB,CAAA,MAAA,CAAS,CAAC,CAAA,CAAG,IAAK,CAAA,WAAW,CACtH,CAaA,MAAM,gBAAA,CAAiB6B,CAAeU,CAAAA,CAAAA,CAAuBC,CAAsB,CAAA,CACjFJ,kBAAO,CAAA,IAAA,CAAK,eAAgB,CAAA,MAAA,CAAQrG,CAAW,CAAA,0BAA0B,CACzE,CAAA,IAAMiE,CAAU,CAAA,MAAM,IAAK,CAAA,eAAA,CAAgB6B,CAAO,CAAA,IAAA,CAAK,eAAiB,CAAA,IAAA,CAAK,WAAW,CAAA,CAGxF,GAFAO,kBAAAA,CAAOpC,CAAQ,CAAA,IAAA,GAAS,OAASjE,CAAAA,CAAAA,CAAW,iBAAiB,CAAA,CAE1DyG,CAAc,CAAA,CACf,IAAMtC,CAAAA,CAAW,MAAMI,CAAAA,CAAMN,CAAQ,CAAA,QAAA,CAAoB,EAAI,CAAA,MAAA,CAAQ,EAAC,CAAG,CAAE,KAAA,CAAA6B,EAAO,WAAAU,CAAAA,CAAY,CAAC,CAAA,CAG/F,GAFAH,kBAAAA,CAAOlC,CAAS,CAAA,IAAA,CAAK,YAAiB,GAAA,CAAA,CAAA,CAAMnE,CAAW,CAAA,aAAa,CAEjEmE,CAAAA,CAAAA,CAAS,IAAK,CAAA,cAAA,GAAmB,CAClC,CAAA,CAAA,MAAMR,CAAgB,CAAA,aAAA,CAAc,GAAK3D,CAAAA,CAAAA,CAAW,mBAAmB,CAE3E,CAEA,OAAOiE,CACT,CASA,cAAeU,CAAAA,CAAAA,CAAwCF,CAA6B+B,CAAAA,CAAAA,CAAwB,EAAC,CAAG,CAC9G,GAAM,CAAE,cAAA,CAAAE,CAAgB,CAAA,WAAA,CAAAC,CAAa,CAAA,SAAA,CAAAC,CAAW,CAAA,QAAA,CAAAC,CAAS,CAAA,CAAI,CAAE,GAAGpC,CAA6B,CAAA,GAAGE,CAAO,CAAA,CACzG,OAAO,MAAOmC,CAAUxD,CAAAA,CAAAA,CAAUyD,CAAc,GAAA,CAC9C,GAAI,CACF,GAAM,CAACC,CAAUlB,CAAAA,CAAK,CAAIgB,CAAAA,CAAAA,CAAI,GAAI,CAAA,eAAe,CAAG,EAAA,KAAA,CAAM,GAAG,CAAA,EAAK,EAAC,CACnE,GAAI,CAAChB,CAAO,CAAA,MAAM,IAAI,KAAA,CAAM9F,CAAW,CAAA,aAAa,CAEpD,CAAA,IAAIiE,CACJ,CAAA,OAAQ+C,CAA2B,EACjC,IAAK,MAAA,CACH,GAAI,CAACN,CAAgB,CAAA,MAAM/C,CAAgB,CAAA,aAAA,CAAc,GAAK3D,CAAAA,CAAAA,CAAW,6BAA6B,CAAA,CACtGiE,CAAU,CAAA,MAAM,IAAK,CAAA,oBAAA,CAAqB6B,CAAK,CAAA,CAC/C,MACF,IAAK,MACH,CAAA,GAAI,CAACc,CAAAA,CAAW,MAAMjD,CAAAA,CAAgB,aAAc,CAAA,GAAA,CAAK3D,CAAW,CAAA,wBAAwB,CAC5FiE,CAAAA,CAAAA,CAAU,MAAM,IAAA,CAAK,eAAgB6B,CAAAA,CAAK,CAC1C,CAAA,MACF,IAAK,QACH,CAAA,GAAI,CAACa,CAAAA,CAAa,MAAMhD,CAAAA,CAAgB,aAAc,CAAA,GAAA,CAAK3D,CAAW,CAAA,0BAA0B,CAChGiE,CAAAA,CAAAA,CAAU,MAAM,IAAA,CAAK,iBAAkB6B,CAAAA,CAAK,CAC5CtF,CAAAA,CAAAA,CAAO,UAAW,CAAA,gBAAA,CAAkB,CAAiByD,cAAAA,EAAAA,CAAAA,CAAQ,EAAE,CAAA,CAAE,CACjE,CAAA,MACF,IAAK,OAAA,CACHA,CAAU,CAAA,MAAM,IAAK,CAAA,gBAAA,CAAiB6B,CAAOU,CAAAA,CAAAA,CAAa,CAAI,CAAA,CAAA,CAC9DhG,CAAO,CAAA,UAAA,CAAW,gBAAkB,CAAA,CAAA,QAAA,EAAWyD,CAAQ,CAAA,KAAK,CAAE,CAAA,CAAA,CAC9D,MACF,IAAK,KACH,CAAA,GAAI,CAAC4C,CAAAA,CAAU,MAAMlD,CAAAA,CAAgB,aAAc,CAAA,GAAA,CAAK3D,CAAW,CAAA,uBAAuB,CAC1FqG,CAAAA,kBAAAA,CAAO,CAAC,gBAAA,CAAkB,gBAAgB,CAAA,CAAE,QAASP,CAAAA,CAAK,CAAG9F,CAAAA,CAAAA,CAAW,aAAa,CAAA,CACrFQ,CAAO,CAAA,UAAA,CAAW,gBAAkB,CAAA,CAAA,qBAAA,EAAwBsF,CAAK,CAAA,CAAE,CACnE,CAAA,MACF,QACE,MAAMnC,CAAgB,CAAA,aAAA,CAAc,GAAK3D,CAAAA,CAAAA,CAAW,iBAAiB,CACzE,CAEAsD,CAAAA,CAAI,MAAO,CAAA,IAAA,CAAO,CAAE,QAAA,CAAA0D,CAAU,CAAA,KAAA,CAAAlB,CAAO,CAAA,GAAG7B,CAAQ,CAAA,CAChD8C,CAAK,GACP,CAAS5G,MAAAA,CAAAA,CAAY,CACnBK,CAAAA,CAAO,QAAS,CAAA,gBAAA,CAAkBL,CAAK,CAAA,CACvCwD,CAAgB,CAAA,eAAA,CACd,gBACAA,CAAAA,CAAAA,CAAgB,aAAc,CAAA,GAAA,CAAKxD,CAAM,CAAA,KAAA,EAASH,CAAW,CAAA,aAAA,CAAe,CAAI,CAAA,CAAA,CAChFsD,CACF,EACF,CACF,CACF,CACF,CAAA,CAEO2D,EAAQvC,CAAAA","file":"index.js","sourcesContent":["export default Object.freeze({\r\n INVALID_UUID: \"Invalid UUID\",\r\n INVALID_EMAIL: \"Invalid Email\",\r\n INVALID_TOKEN: \"Invalid Token\",\r\n TOKEN_EXPIRED: \"Token Expired\",\r\n INVALID_VERIFIER: \"Invalid Verifier\",\r\n INVALID_PERMISSIONS: \"Invalid Permissions\",\r\n INVALID_AUTH_TYPE: \"Invalid Authorization Type\",\r\n USER_PRIVATE_KEY_NOT_FOUND: \"User Private Key Not Found\",\r\n USER_PUBLIC_KEY_NOT_FOUND: \"User Public Key Not Found\",\r\n ANONYMOUS_PRIVATE_KEY_NOT_FOUND: \"Anonymous Private Key Not Found\",\r\n ANONYMOUS_PUBLIC_KEY_NOT_FOUND: \"Anonymous Public Key Not Found\",\r\n SYSTEM_PRIVATE_KEY_NOT_FOUND: \"System Private Key Not Found\",\r\n SYSTEM_PUBLIC_KEY_NOT_FOUND: \"System Public Key Not Found\",\r\n ADMIN_PRIVATE_KEY_NOT_FOUND: \"Admin Private Key Not Found\",\r\n ADMIN_PUBLIC_KEY_NOT_FOUND: \"Admin Public Key Not Found\",\r\n SECRET_TOKEN_NOT_FOUND: \"Secret Token Not Found\",\r\n ANONYMOUS_SESSION_NOT_ALLOWED: \"Anonymous Session Not Allowed\",\r\n USER_SESSION_NOT_ALLOWED: \"User Session Not Allowed\",\r\n SYSTEM_SESSION_NOT_ALLOWED: \"System Session Not Allowed\",\r\n CDN_SESSION_NOT_ALLOWED: \"CDN Session Not Allowed\",\r\n INTERNAL_SERVER_ERROR: \"Internal Server Error\",\r\n SOMETHING_WENT_WRONG: 'Something went wrong'\r\n})","import util from 'node:util';\r\nconst Logger = {\r\n logException: (functionName: string, error: any) => {\r\n console.error(`Exception Occurred in Function: ${functionName}, Error: ${Logger.inspect(error)}`);\r\n },\r\n\r\n logError: (functionName: string, error: any) => {\r\n console.error(`Error Occurred in Function: ${functionName}, Error: ${Logger.inspect(error)}`);\r\n },\r\n\r\n logWarning: (functionName: string, message: any) => {\r\n console.warn(`Warning in Function: ${functionName} - ${Logger.inspect(message)}`);\r\n },\r\n\r\n logMessage: (functionName: string, message: any) => {\r\n console.log(`Message in Function: ${functionName} - ${Logger.inspect(message)}`);\r\n },\r\n\r\n logInvalidPayload: (functionName: string, errorMessage: string) => {\r\n console.error(`Invalid Payload received for Function: ${functionName}, Error: ${Logger.inspect(errorMessage)}`);\r\n },\r\n\r\n inspect: (context: any) => {\r\n return (typeof context === \"string\" ? context : util.inspect(context));\r\n }\r\n}\r\n\r\nexport default Logger;","import crypto from 'crypto';\nconst rnds8Pool = new Uint8Array(256); // # of random values to pre-allocate\n\nlet poolPtr = rnds8Pool.length;\nexport default function rng() {\n if (poolPtr > rnds8Pool.length - 16) {\n crypto.randomFillSync(rnds8Pool);\n poolPtr = 0;\n }\n\n return rnds8Pool.slice(poolPtr, poolPtr += 16);\n}","export default /^(?:[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}|00000000-0000-0000-0000-000000000000)$/i;","import REGEX from './regex.js';\n\nfunction validate(uuid) {\n return typeof uuid === 'string' && REGEX.test(uuid);\n}\n\nexport default validate;","import validate from './validate.js';\n/**\n * Convert array of 16 byte values to UUID string format of the form:\n * XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX\n */\n\nconst byteToHex = [];\n\nfor (let i = 0; i < 256; ++i) {\n byteToHex.push((i + 0x100).toString(16).slice(1));\n}\n\nexport function unsafeStringify(arr, offset = 0) {\n // Note: Be careful editing this code! It's been tuned for performance\n // and works in ways you may not expect. See https://github.com/uuidjs/uuid/pull/434\n return byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + '-' + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + '-' + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + '-' + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + '-' + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]];\n}\n\nfunction stringify(arr, offset = 0) {\n const uuid = unsafeStringify(arr, offset); // Consistency check for valid UUID. If this throws, it's likely due to one\n // of the following:\n // - One or more input array values don't map to a hex octet (leading to\n // \"undefined\" in the uuid)\n // - Invalid input values for the RFC `version` or `variant` fields\n\n if (!validate(uuid)) {\n throw TypeError('Stringified UUID is invalid');\n }\n\n return uuid;\n}\n\nexport default stringify;","import validate from './validate.js';\n\nfunction parse(uuid) {\n if (!validate(uuid)) {\n throw TypeError('Invalid UUID');\n }\n\n let v;\n const arr = new Uint8Array(16); // Parse ########-....-....-....-............\n\n arr[0] = (v = parseInt(uuid.slice(0, 8), 16)) >>> 24;\n arr[1] = v >>> 16 & 0xff;\n arr[2] = v >>> 8 & 0xff;\n arr[3] = v & 0xff; // Parse ........-####-....-....-............\n\n arr[4] = (v = parseInt(uuid.slice(9, 13), 16)) >>> 8;\n arr[5] = v & 0xff; // Parse ........-....-####-....-............\n\n arr[6] = (v = parseInt(uuid.slice(14, 18), 16)) >>> 8;\n arr[7] = v & 0xff; // Parse ........-....-....-####-............\n\n arr[8] = (v = parseInt(uuid.slice(19, 23), 16)) >>> 8;\n arr[9] = v & 0xff; // Parse ........-....-....-....-############\n // (Use \"/\" to avoid 32-bit truncation when bit-shifting high-order bytes)\n\n arr[10] = (v = parseInt(uuid.slice(24, 36), 16)) / 0x10000000000 & 0xff;\n arr[11] = v / 0x100000000 & 0xff;\n arr[12] = v >>> 24 & 0xff;\n arr[13] = v >>> 16 & 0xff;\n arr[14] = v >>> 8 & 0xff;\n arr[15] = v & 0xff;\n return arr;\n}\n\nexport default parse;","import { unsafeStringify } from './stringify.js';\nimport parse from './parse.js';\n\nfunction stringToBytes(str) {\n str = unescape(encodeURIComponent(str)); // UTF8 escape\n\n const bytes = [];\n\n for (let i = 0; i < str.length; ++i) {\n bytes.push(str.charCodeAt(i));\n }\n\n return bytes;\n}\n\nexport const DNS = '6ba7b810-9dad-11d1-80b4-00c04fd430c8';\nexport const URL = '6ba7b811-9dad-11d1-80b4-00c04fd430c8';\nexport default function v35(name, version, hashfunc) {\n function generateUUID(value, namespace, buf, offset) {\n var _namespace;\n\n if (typeof value === 'string') {\n value = stringToBytes(value);\n }\n\n if (typeof namespace === 'string') {\n namespace = parse(namespace);\n }\n\n if (((_namespace = namespace) === null || _namespace === void 0 ? void 0 : _namespace.length) !== 16) {\n throw TypeError('Namespace must be array-like (16 iterable integer values, 0-255)');\n } // Compute hash of namespace and value, Per 4.3\n // Future: Use spread syntax when supported on all platforms, e.g. `bytes =\n // hashfunc([...namespace, ... value])`\n\n\n let bytes = new Uint8Array(16 + value.length);\n bytes.set(namespace);\n bytes.set(value, namespace.length);\n bytes = hashfunc(bytes);\n bytes[6] = bytes[6] & 0x0f | version;\n bytes[8] = bytes[8] & 0x3f | 0x80;\n\n if (buf) {\n offset = offset || 0;\n\n for (let i = 0; i < 16; ++i) {\n buf[offset + i] = bytes[i];\n }\n\n return buf;\n }\n\n return unsafeStringify(bytes);\n } // Function#name is not settable on some platforms (#270)\n\n\n try {\n generateUUID.name = name; // eslint-disable-next-line no-empty\n } catch (err) {} // For CommonJS default export support\n\n\n generateUUID.DNS = DNS;\n generateUUID.URL = URL;\n return generateUUID;\n}","import crypto from 'crypto';\nexport default {\n randomUUID: crypto.randomUUID\n};","import native from './native.js';\nimport rng from './rng.js';\nimport { unsafeStringify } from './stringify.js';\n\nfunction v4(options, buf, offset) {\n if (native.randomUUID && !buf && !options) {\n return native.randomUUID();\n }\n\n options = options || {};\n const rnds = options.random || (options.rng || rng)(); // Per 4.4, set bits for version and `clock_seq_hi_and_reserved`\n\n rnds[6] = rnds[6] & 0x0f | 0x40;\n rnds[8] = rnds[8] & 0x3f | 0x80; // Copy bytes to buffer, if provided\n\n if (buf) {\n offset = offset || 0;\n\n for (let i = 0; i < 16; ++i) {\n buf[offset + i] = rnds[i];\n }\n\n return buf;\n }\n\n return unsafeStringify(rnds);\n}\n\nexport default v4;","import crypto from 'crypto';\n\nfunction sha1(bytes) {\n if (Array.isArray(bytes)) {\n bytes = Buffer.from(bytes);\n } else if (typeof bytes === 'string') {\n bytes = Buffer.from(bytes, 'utf8');\n }\n\n return crypto.createHash('sha1').update(bytes).digest();\n}\n\nexport default sha1;","import v35 from './v35.js';\nimport sha1 from './sha1.js';\nconst v5 = v35('v5', 0x50, sha1);\nexport default v5;","import { v4 as uuidv4, v5 as uuidv5 } from 'uuid';\r\n\r\nconst Utils = {\r\n isUUID: (value: string): boolean => {\r\n const uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i;\r\n return uuidRegex.test(value);\r\n },\r\n\r\n isEmail: (value: string): boolean => {\r\n const emailRegex = /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$/;\r\n return emailRegex.test(value);\r\n },\r\n\r\n isURL: (value: string): boolean => {\r\n const urlRegex = /^(http|https):\\/\\/[^ \"]+$/;\r\n return urlRegex.test(value);\r\n },\r\n \r\n generateUUID: (value?: string, namespace?: string) => {\r\n if(namespace && value){\r\n return uuidv5(value, namespace);\r\n }\r\n return uuidv4();\r\n },\r\n\r\n generateSearchId: (key: string, variantId: string) => {\r\n return `${key}#${variantId}`;\r\n },\r\n\r\n getKeyfromSearchId: (searchId: string) => {\r\n const [key, variantId] = searchId.split('#');\r\n return {\r\n key,\r\n variantId\r\n }\r\n },\r\n}\r\n\r\nexport default Utils;\r\n","import ErrorTypes from \"../enums/ErrorTypes\";\r\nimport Logger from \"../Logger\";\r\n\r\nexport const ResponseUtility = {\r\n handleException: (functionName: string, error: any, res: any) => {\r\n if (error.knownError) {\r\n error.logError && Logger.logError(functionName, error);\r\n res.status(error.status).json({\r\n status: error.status,\r\n error: error.error\r\n });\r\n } else if(error.status && error.error) {\r\n Logger.logException(functionName, error);\r\n res.status(error.status).json({\r\n ...error.error,\r\n status: error.status,\r\n });\r\n } else {\r\n Logger.logException(functionName, error);\r\n res.status(500).json({\r\n status: 500,\r\n error: ErrorTypes.INTERNAL_SERVER_ERROR\r\n })\r\n }\r\n },\r\n\r\n generateResponse: (status: number, data?: any, error?: string) => {\r\n return {\r\n status,\r\n data,\r\n error\r\n }\r\n },\r\n\r\n generateError: (status: number, error: string, knownError: Boolean = true, logError: boolean = false) => {\r\n return {\r\n status,\r\n error,\r\n knownError,\r\n logError\r\n }\r\n }\r\n}\r\n\r\nexport default ResponseUtility;","import { importPKCS8, importSPKI, jwtVerify, SignJWT} from 'jose';\r\nimport ErrorTypes from '../enums/ErrorTypes';\r\nimport Logger from '../Logger';\r\nimport Utils from '../Utils';\r\nimport ResponseUtility from '../Utils/response';\r\nimport assert from 'assert';\r\nimport Fetch from '../Utils/fetch';\r\n\r\ntype StringifiedJSONArray = string;\r\n\r\nexport interface AuthUtilityConfig {\r\n maxTokenAge: string;\r\n userPrivateKeys: StringifiedJSONArray;\r\n userPublicKeys: StringifiedJSONArray;\r\n anonymousPrivateKeys: StringifiedJSONArray;\r\n anonymousPublicKeys: StringifiedJSONArray;\r\n systemPrivateKeys: StringifiedJSONArray;\r\n systemPublicKeys: StringifiedJSONArray;\r\n adminPrivateKeys: StringifiedJSONArray;\r\n adminPublicKeys: StringifiedJSONArray;\r\n}\r\n\r\nexport const DefaultAuthUtilityConfig: Readonly<AuthUtilityConfig> = {\r\n maxTokenAge: '30 days',\r\n userPrivateKeys: '[]',\r\n userPublicKeys: '[]',\r\n anonymousPrivateKeys: '[]',\r\n anonymousPublicKeys: '[]',\r\n systemPrivateKeys: '[]',\r\n systemPublicKeys: '[]',\r\n adminPrivateKeys: '[]',\r\n adminPublicKeys: '[]',\r\n};\r\n\r\nexport type AuthTokenType = 'Anon' | 'User' | 'System' | 'Admin' | 'CDN';\r\n\r\nexport interface AuthMiddlewareConfig {\r\n allowAnonymous: boolean;\r\n allowSystem: boolean;\r\n allowUser: boolean;\r\n allowCDN: boolean;\r\n}\r\n\r\nexport const DefaultAuthMiddlewareConfig: Readonly<AuthMiddlewareConfig> = {\r\n allowAnonymous: false,\r\n allowSystem: true,\r\n allowUser: true,\r\n allowCDN: false\r\n};\r\n\r\n/**\r\n * A utility class for JWT authentication and authorization.\r\n */\r\nclass AuthUtility {\r\n private maxTokenAge: string;\r\n private userPrivateKeys: string[];\r\n private userPublicKeys: string[];\r\n private anonymousPrivateKeys: string[];\r\n private anonymousPublicKeys: string[];\r\n private systemPrivateKeys: string[];\r\n private systemPublicKeys: string[];\r\n private adminPrivateKeys: string[];\r\n private adminPublicKeys: string[];\r\n\r\n /**\r\n * Initializes the AuthUtility class with a configuration.\r\n * @param config The configuration for the utility (optional).\r\n */\r\n constructor(config: Partial<AuthUtilityConfig> = DefaultAuthUtilityConfig) {\r\n const {\r\n maxTokenAge,\r\n userPrivateKeys,\r\n userPublicKeys,\r\n anonymousPrivateKeys,\r\n anonymousPublicKeys,\r\n systemPrivateKeys,\r\n systemPublicKeys,\r\n adminPrivateKeys,\r\n adminPublicKeys,\r\n } = { ...DefaultAuthUtilityConfig, ...config };\r\n\r\n this.maxTokenAge = maxTokenAge;\r\n\r\n this.userPrivateKeys = JSON.parse(userPrivateKeys);\r\n this.userPublicKeys = JSON.parse(userPublicKeys);\r\n\r\n this.anonymousPrivateKeys = JSON.parse(anonymousPrivateKeys);\r\n this.anonymousPublicKeys = JSON.parse(anonymousPublicKeys);\r\n\r\n this.systemPrivateKeys = JSON.parse(systemPrivateKeys);\r\n this.systemPublicKeys = JSON.parse(systemPublicKeys);\r\n\r\n this.adminPrivateKeys = JSON.parse(adminPrivateKeys);\r\n this.adminPublicKeys = JSON.parse(adminPublicKeys);\r\n\r\n this.logWarnings();\r\n }\r\n\r\n /**\r\n * Logs warnings if the number of keys exceeds recommended limits.\r\n */\r\n private logWarnings() {\r\n const warn = (type: string, keys: string[], limit: number) =>\r\n keys.length > limit &&\r\n Logger.logWarning(\r\n 'AuthUtility',\r\n `More than ${limit} ${type} keys provided. This is not recommended.`\r\n );\r\n\r\n warn('user private', this.userPrivateKeys, 3);\r\n warn('user public', this.userPublicKeys, 3);\r\n warn('anonymous private', this.anonymousPrivateKeys, 1);\r\n warn('anonymous public', this.anonymousPublicKeys, 3);\r\n warn('system private', this.systemPrivateKeys, 1);\r\n warn('system public', this.systemPublicKeys, 3);\r\n warn('admin private', this.adminPrivateKeys, 1);\r\n warn('admin public', this.adminPublicKeys, 3);\r\n }\r\n\r\n private async createSignedJWT(payload: any, privateKeyString: string, expiration: string){\r\n const privateKey = await importPKCS8(privateKeyString, 'RS256');\r\n const token = await new SignJWT(payload)\r\n .setProtectedHeader({ alg: 'RS256' })\r\n .setExpirationTime(expiration)\r\n .setIssuedAt()\r\n .sign(privateKey);\r\n\r\n return token;\r\n }\r\n\r\n private async verifySignedJWT(token: string, publicKeyString: string[], expiration: string){\r\n for(let i = publicKeyString.length - 1; i > 0 ; i--){\r\n try { \r\n const publicKey = await importSPKI(publicKeyString[i], 'RS256')\r\n const jwt = await jwtVerify(token, publicKey, { clockTolerance: 30, maxTokenAge: expiration });\r\n return jwt.payload;\r\n } catch (error) {\r\n // Try with the next oldest key\r\n continue;\r\n }\r\n }\r\n\r\n const publicKey = await importSPKI(publicKeyString[0], 'RS256')\r\n const jwt = await jwtVerify(token, publicKey, { clockTolerance: 30, maxTokenAge: expiration });\r\n return jwt.payload;\r\n }\r\n\r\n \r\n /**\r\n * Creates an anonymous token with the given ID and additional data.\r\n *\r\n * @param id - The unique identifier for the token. Must be a valid UUID.\r\n * @param additionalData - Optional additional data to include in the token payload.\r\n * @returns A promise that resolves to the signed JWT as a string.\r\n * @throws Will throw an error if no anonymous private keys are found or if the ID is not a valid UUID.\r\n */\r\n async createAnonymousToken(id: string, additionalData?: object): Promise<string> {\r\n assert(this.anonymousPrivateKeys.length, ErrorTypes.ANONYMOUS_PRIVATE_KEY_NOT_FOUND);\r\n\r\n assert(Utils.isUUID(id), ErrorTypes.INVALID_UUID);\r\n const payload = {\r\n id,\r\n type: 'Anon',\r\n ...additionalData\r\n };\r\n\r\n return await this.createSignedJWT(payload, this.anonymousPrivateKeys[this.anonymousPrivateKeys.length - 1], this.maxTokenAge);\r\n }\r\n\r\n /**\r\n * Verifies an anonymous token by checking its signature and payload type.\r\n *\r\n * @param token - The JWT token to be verified.\r\n * @returns The payload of the verified token.\r\n * @throws Will throw an error if no anonymous public keys are found or if the token type is invalid.\r\n */\r\n async verifyAnonymousToken(token: string){\r\n assert(this.anonymousPublicKeys.length, ErrorTypes.ANONYMOUS_PUBLIC_KEY_NOT_FOUND);\r\n const payload = await this.verifySignedJWT(token, this.anonymousPublicKeys, this.maxTokenAge);\r\n assert(payload.type === 'Anon', ErrorTypes.INVALID_AUTH_TYPE);\r\n return payload;\r\n }\r\n\r\n /**\r\n * Creates a signed JWT token for a user.\r\n *\r\n * @param id - The UUID of the user.\r\n * @param additionalData - Optional additional data to include in the token payload.\r\n * @returns A promise that resolves to the signed JWT token as a string.\r\n * @throws Will throw an error if no user private keys are found or if the provided id is not a valid UUID.\r\n */\r\n async createUserToken(id: string, additionalData?: object): Promise<string> {\r\n assert(this.userPrivateKeys.length, ErrorTypes.USER_PRIVATE_KEY_NOT_FOUND);\r\n assert(Utils.isUUID(id), ErrorTypes.INVALID_UUID);\r\n\r\n const payload = {\r\n id,\r\n type: 'User',\r\n ...additionalData\r\n };\r\n return await this.createSignedJWT(payload, this.userPrivateKeys[this.userPrivateKeys.length - 1], this.maxTokenAge);\r\n }\r\n\r\n /**\r\n * Verifies the provided user token by checking its signature and payload.\r\n *\r\n * @param token - The JWT token to be verified.\r\n * @returns The payload of the verified token if valid.\r\n * @throws Will throw an error if no user public keys are found or if the token type is invalid.\r\n */\r\n async verifyUserToken(token: string){\r\n assert(this.userPublicKeys.length, ErrorTypes.USER_PUBLIC_KEY_NOT_FOUND);\r\n const payload =await this.verifySignedJWT(token, this.userPublicKeys, this.maxTokenAge);\r\n assert(payload.type === 'User', ErrorTypes.INVALID_AUTH_TYPE);\r\n return payload;\r\n }\r\n\r\n /**\r\n * Creates a signed JWT (JSON Web Token) for a system with the given ID and optional additional data.\r\n *\r\n * @param id - The unique identifier for the system.\r\n * @param additionalData - Optional additional data to include in the token payload.\r\n * @returns A promise that resolves to the signed JWT as a string.\r\n * @throws Will throw an error if no system private keys are found.\r\n */\r\n async createSystemToken(id: string, additionalData?: object): Promise<string> {\r\n assert(this.systemPrivateKeys.length, ErrorTypes.SYSTEM_PRIVATE_KEY_NOT_FOUND);\r\n\r\n const payload = {\r\n id,\r\n type: 'System',\r\n ...additionalData\r\n };\r\n return await this.createSignedJWT(payload, this.systemPrivateKeys[this.systemPrivateKeys.length - 1], '5 min');\r\n }\r\n\r\n /**\r\n * Verifies a system token by checking its signature and payload type.\r\n *\r\n * @param token - The JWT token to be verified.\r\n * @returns The payload of the verified token.\r\n * @throws Will throw an error if no system public keys are found or if the token type is not 'System'.\r\n */\r\n async verifySystemToken(token: string){\r\n assert(this.systemPublicKeys.length, ErrorTypes.USER_PUBLIC_KEY_NOT_FOUND);\r\n const payload = await this.verifySignedJWT(token, this.systemPublicKeys, '5 min');\r\n assert(payload.type === 'System', ErrorTypes.INVALID_AUTH_TYPE);\r\n return payload;\r\n }\r\n\r\n /**\r\n * Creates a signed JWT token for an admin user.\r\n *\r\n * @param email - The email of the admin user.\r\n * @param additionalData - Optional additional data to include in the token payload.\r\n * @returns A promise that resolves to the signed JWT token string.\r\n * @throws Will throw an error if no admin private keys are found or if the provided id is not a valid UUID.\r\n */\r\n async createAdminToken(email: string, verifier: string, additionalData?: object): Promise<string> {\r\n assert(this.adminPrivateKeys.length, ErrorTypes.ADMIN_PRIVATE_KEY_NOT_FOUND);\r\n\r\n assert(Utils.isEmail(email), ErrorTypes.INVALID_EMAIL);\r\n assert(Utils.isURL(verifier), ErrorTypes.INVALID_VERIFIER);\r\n const payload = {\r\n email,\r\n type: 'Admin',\r\n verifier: verifier,\r\n ...additionalData\r\n };\r\n return await this.createSignedJWT(payload, this.adminPrivateKeys[this.adminPrivateKeys.length - 1], this.maxTokenAge);\r\n }\r\n\r\n /**\r\n * Verifies the provided admin token by checking its signature and payload.\r\n * Ensures that the token is signed with one of the known admin public keys\r\n * and that the payload type is 'Admin'.\r\n *\r\n * @param token - The JWT token to be verified.\r\n * @param permissions - The permissions required for the admin user.\r\n * @param authenticate - Whether to authenticate the token with the verifier.\r\n * @returns The payload of the verified token.\r\n * @throws Will throw an error if no admin public keys are found or if the token is invalid or if the admin doesn't have proper permissions.\r\n */\r\n async verifyAdminToken(token: string, permissions: string[], authenticate: boolean){\r\n assert(this.adminPublicKeys.length, ErrorTypes.ADMIN_PUBLIC_KEY_NOT_FOUND);\r\n const payload = await this.verifySignedJWT(token, this.adminPublicKeys, this.maxTokenAge);\r\n assert(payload.type === 'Admin', ErrorTypes.INVALID_AUTH_TYPE);\r\n\r\n if(authenticate) {\r\n const response = await Fetch(payload.verifier as string, '', 'POST', {}, { token, permissions });\r\n assert(response.data.isTokenValid === true, ErrorTypes.INVALID_TOKEN);\r\n \r\n if(response.data.hasPermissions !== true){\r\n throw ResponseUtility.generateError(403, ErrorTypes.INVALID_PERMISSIONS)\r\n }\r\n }\r\n\r\n return payload;\r\n }\r\n\r\n /**\r\n * Middleware function to handle authentication based on different token types.\r\n * It verifies the token and sets the authentication details in the response locals.\r\n *\r\n * @param {Partial<AuthMiddlewareConfig>} [config=DefaultAuthMiddlewareConfig] - Configuration object to customize the middleware behavior.\r\n * @returns Middleware function to handle authentication.\r\n */\r\n AuthMiddleware(config: Partial<AuthMiddlewareConfig> = DefaultAuthMiddlewareConfig, permissions: string[] = []) {\r\n const { allowAnonymous, allowSystem, allowUser, allowCDN } = { ...DefaultAuthMiddlewareConfig, ...config };\r\n return async (req: any, res: any, next: any) => {\r\n try {\r\n const [authType, token] = req.get('Authorization')?.split(' ') || [];\r\n if (!token) throw new Error(ErrorTypes.INVALID_TOKEN);\r\n\r\n let payload;\r\n switch (authType as AuthTokenType) {\r\n case 'Anon':\r\n if (!allowAnonymous) throw ResponseUtility.generateError(403, ErrorTypes.ANONYMOUS_SESSION_NOT_ALLOWED);\r\n payload = await this.verifyAnonymousToken(token);\r\n break;\r\n case 'User':\r\n if (!allowUser) throw ResponseUtility.generateError(403, ErrorTypes.USER_SESSION_NOT_ALLOWED);\r\n payload = await this.verifyUserToken(token);\r\n break;\r\n case 'System':\r\n if (!allowSystem) throw ResponseUtility.generateError(403, ErrorTypes.SYSTEM_SESSION_NOT_ALLOWED);\r\n payload = await this.verifySystemToken(token);\r\n Logger.logMessage('AuthMiddleware', `System Name - ${payload.id}`);\r\n break;\r\n case 'Admin':\r\n payload = await this.verifyAdminToken(token, permissions, true);\r\n Logger.logMessage('AuthMiddleware', `Admin - ${payload.email}`);\r\n break;\r\n case 'CDN':\r\n if (!allowCDN) throw ResponseUtility.generateError(403, ErrorTypes.CDN_SESSION_NOT_ALLOWED);\r\n assert(['E3CQMOP5FX6KD1', 'E3TNCKKZ3FOX9W'].includes(token), ErrorTypes.INVALID_TOKEN);\r\n Logger.logMessage('AuthMiddleware', `CDN DistributionId - ${token}`);\r\n break;\r\n default:\r\n throw ResponseUtility.generateError(403, ErrorTypes.INVALID_AUTH_TYPE);\r\n }\r\n\r\n res.locals.auth = { authType, token, ...payload };\r\n next();\r\n } catch (error: any) {\r\n Logger.logError('AuthMiddleware', error);\r\n ResponseUtility.handleException(\r\n 'AuthMiddleware',\r\n ResponseUtility.generateError(401, error.error || ErrorTypes.TOKEN_EXPIRED, true),\r\n res\r\n );\r\n }\r\n };\r\n }\r\n}\r\n\r\nexport default AuthUtility;\r\n\r\n","\"use client\";\r\n\r\nimport ErrorTypes from \"../enums/ErrorTypes\";\r\nimport Logger from \"../Logger\";\r\n\r\nexport type ErrorType = {\r\n status: number;\r\n statusText: string;\r\n error: any;\r\n};\r\n\r\nexport type SuccessType = {\r\n status: number;\r\n statusText: string;\r\n data: any;\r\n};\r\n\r\n/**\r\n * Makes an HTTP request to the specified endpoint using the provided parameters.\r\n *\r\n * @param {string} baseURL - The base URL of the API.\r\n * @param {string} endpoint - The specific endpoint to call.\r\n * @param {'GET' | 'POST' | 'PATCH' | 'DELETE'} [method='GET'] - The HTTP method to use for the request.\r\n * @param {Record<string, string>} [headers={}] - Additional headers to include in the request.\r\n * @param {any} [payload] - The payload to send with the request, if applicable.\r\n * @returns {Promise<SuccessType>} - A promise that resolves to the response data if the request is successful.\r\n * @throws {ErrorType} - Throws an error if the request fails.\r\n */\r\nconst Fetch = async (\r\n baseURL: string,\r\n endpoint: string,\r\n method: 'GET' | 'POST' | 'PATCH' | 'DELETE' = 'GET',\r\n headers: Record<string, string> = {},\r\n payload?: any,\r\n): Promise<SuccessType> => {\r\n const options: RequestInit = {\r\n method,\r\n headers: {\r\n 'Content-Type': 'application/json',\r\n ...headers,\r\n },\r\n };\r\n\r\n if (method !== 'GET' && payload) {\r\n options.body = JSON.stringify(payload);\r\n }\r\n\r\n const completeURL = `${baseURL}${endpoint ? ('/' + endpoint) : ''}`\r\n try {\r\n const response: any = await fetch(completeURL, options);\r\n\r\n if (!response.ok) {\r\n const errorBody: any = await response.json().catch(() => response.text());\r\n\r\n throw {\r\n status: response.status,\r\n statusText: response.statusText,\r\n error: errorBody ? errorBody : {\r\n status: response.status,\r\n error: response.statusText,\r\n }\r\n } as ErrorType;\r\n }\r\n\r\n const body = await response.json();\r\n\r\n Logger.logMessage('Fetch', `API call successful: URL-${completeURL}, Status- ${response.status}`);\r\n return {\r\n status: response.status,\r\n statusText: response.statusText,\r\n data: body.data,\r\n } as SuccessType;\r\n } catch (err: any) {\r\n \r\n Logger.logError('Fetch', `API call failed: URL-${completeURL}, Status- ${err.status || 500}, Error- ${Logger.inspect(err.error || err)}`);\r\n throw {\r\n status: err.status || 500,\r\n statusText: err.statusText || ErrorTypes.INTERNAL_SERVER_ERROR,\r\n error: err.error || {\r\n status: err.status || 500,\r\n error: err.statusText || ErrorTypes.SOMETHING_WENT_WRONG,\r\n }\r\n } as ErrorType;\r\n }\r\n};\r\n\r\nexport default Fetch;\r\n"]}

package/dist/Auth/index.mjs ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import {b,a,e,d,c}from'../chunk-T6YCHB3K.mjs';import {importPKCS8,SignJWT,importSPKI,jwtVerify}from'jose';import r from'assert';var N={maxTokenAge:"30 days",userPrivateKeys:"[]",userPublicKeys:"[]",anonymousPrivateKeys:"[]",anonymousPublicKeys:"[]",systemPrivateKeys:"[]",systemPublicKeys:"[]",adminPrivateKeys:"[]",adminPublicKeys:"[]"},p={allowAnonymous:!1,allowSystem:!0,allowUser:!0,allowCDN:!1},A=class{maxTokenAge;userPrivateKeys;userPublicKeys;anonymousPrivateKeys;anonymousPublicKeys;systemPrivateKeys;systemPublicKeys;adminPrivateKeys;adminPublicKeys;constructor(e=N){let{maxTokenAge:t,userPrivateKeys:s,userPublicKeys:a,anonymousPrivateKeys:o,anonymousPublicKeys:l,systemPrivateKeys:g,systemPublicKeys:h,adminPrivateKeys:d,adminPublicKeys:u}={...N,...e};this.maxTokenAge=t,this.userPrivateKeys=JSON.parse(s),this.userPublicKeys=JSON.parse(a),this.anonymousPrivateKeys=JSON.parse(o),this.anonymousPublicKeys=JSON.parse(l),this.systemPrivateKeys=JSON.parse(g),this.systemPublicKeys=JSON.parse(h),this.adminPrivateKeys=JSON.parse(d),this.adminPublicKeys=JSON.parse(u),this.logWarnings();}logWarnings(){let e=(t,s,a)=>s.length>a&&c.logWarning("AuthUtility",`More than ${a} ${t} keys provided. This is not recommended.`);e("user private",this.userPrivateKeys,3),e("user public",this.userPublicKeys,3),e("anonymous private",this.anonymousPrivateKeys,1),e("anonymous public",this.anonymousPublicKeys,3),e("system private",this.systemPrivateKeys,1),e("system public",this.systemPublicKeys,3),e("admin private",this.adminPrivateKeys,1),e("admin public",this.adminPublicKeys,3);}async createSignedJWT(e,t,s){let a=await importPKCS8(t,"RS256");return await new SignJWT(e).setProtectedHeader({alg:"RS256"}).setExpirationTime(s).setIssuedAt().sign(a)}async verifySignedJWT(e,t,s){for(let l=t.length-1;l>0;l--)try{let g=await importSPKI(t[l],"RS256");return (await jwtVerify(e,g,{clockTolerance:30,maxTokenAge:s})).payload}catch{continue}let a=await importSPKI(t[0],"RS256");return (await jwtVerify(e,a,{clockTolerance:30,maxTokenAge:s})).payload}async createAnonymousToken(e,t){r(this.anonymousPrivateKeys.length,b.ANONYMOUS_PRIVATE_KEY_NOT_FOUND),r(a.isUUID(e),b.INVALID_UUID);let s={id:e,type:"Anon",...t};return await this.createSignedJWT(s,this.anonymousPrivateKeys[this.anonymousPrivateKeys.length-1],this.maxTokenAge)}async verifyAnonymousToken(e){r(this.anonymousPublicKeys.length,b.ANONYMOUS_PUBLIC_KEY_NOT_FOUND);let t=await this.verifySignedJWT(e,this.anonymousPublicKeys,this.maxTokenAge);return r(t.type==="Anon",b.INVALID_AUTH_TYPE),t}async createUserToken(e,t){r(this.userPrivateKeys.length,b.USER_PRIVATE_KEY_NOT_FOUND),r(a.isUUID(e),b.INVALID_UUID);let s={id:e,type:"User",...t};return await this.createSignedJWT(s,this.userPrivateKeys[this.userPrivateKeys.length-1],this.maxTokenAge)}async verifyUserToken(e){r(this.userPublicKeys.length,b.USER_PUBLIC_KEY_NOT_FOUND);let t=await this.verifySignedJWT(e,this.userPublicKeys,this.maxTokenAge);return r(t.type==="User",b.INVALID_AUTH_TYPE),t}async createSystemToken(e,t){r(this.systemPrivateKeys.length,b.SYSTEM_PRIVATE_KEY_NOT_FOUND);let s={id:e,type:"System",...t};return await this.createSignedJWT(s,this.systemPrivateKeys[this.systemPrivateKeys.length-1],"5 min")}async verifySystemToken(e){r(this.systemPublicKeys.length,b.USER_PUBLIC_KEY_NOT_FOUND);let t=await this.verifySignedJWT(e,this.systemPublicKeys,"5 min");return r(t.type==="System",b.INVALID_AUTH_TYPE),t}async createAdminToken(e,t,s){r(this.adminPrivateKeys.length,b.ADMIN_PRIVATE_KEY_NOT_FOUND),r(a.isEmail(e),b.INVALID_EMAIL),r(a.isURL(t),b.INVALID_VERIFIER);let a$1={email:e,type:"Admin",verifier:t,...s};return await this.createSignedJWT(a$1,this.adminPrivateKeys[this.adminPrivateKeys.length-1],this.maxTokenAge)}async verifyAdminToken(e$1,t,s){r(this.adminPublicKeys.length,b.ADMIN_PUBLIC_KEY_NOT_FOUND);let a=await this.verifySignedJWT(e$1,this.adminPublicKeys,this.maxTokenAge);if(r(a.type==="Admin",b.INVALID_AUTH_TYPE),s){let o=await e(a.verifier,"","POST",{},{token:e$1,permissions:t});if(r(o.data.isTokenValid===!0,b.INVALID_TOKEN),o.data.hasPermissions!==!0)throw d.generateError(403,b.INVALID_PERMISSIONS)}return a}AuthMiddleware(e=p,t=[]){let{allowAnonymous:s,allowSystem:a,allowUser:o,allowCDN:l}={...p,...e};return async(g,h,d$1)=>{try{let[u,y]=g.get("Authorization")?.split(" ")\|\|[];if(!y)throw new Error(b.INVALID_TOKEN);let m;switch(u){case"Anon":if(!s)throw d.generateError(403,b.ANONYMOUS_SESSION_NOT_ALLOWED);m=await this.verifyAnonymousToken(y);break;case"User":if(!o)throw d.generateError(403,b.USER_SESSION_NOT_ALLOWED);m=await this.verifyUserToken(y);break;case"System":if(!a)throw d.generateError(403,b.SYSTEM_SESSION_NOT_ALLOWED);m=await this.verifySystemToken(y),c.logMessage("AuthMiddleware",`System Name - ${m.id}`);break;case"Admin":m=await this.verifyAdminToken(y,t,!0),c.logMessage("AuthMiddleware",`Admin - ${m.email}`);break;case"CDN":if(!l)throw d.generateError(403,b.CDN_SESSION_NOT_ALLOWED);r(["E3CQMOP5FX6KD1","E3TNCKKZ3FOX9W"].includes(y),b.INVALID_TOKEN),c.logMessage("AuthMiddleware",`CDN DistributionId - ${y}`);break;default:throw d.generateError(403,b.INVALID_AUTH_TYPE)}h.locals.auth={authType:u,token:y,...m},d$1();}catch(u){c.logError("AuthMiddleware",u),d.handleException("AuthMiddleware",d.generateError(401,u.error\|\|b.TOKEN_EXPIRED,!0),h);}}}},L=A;export{p as DefaultAuthMiddlewareConfig,N as DefaultAuthUtilityConfig,L as default};//# sourceMappingURL=index.mjs.map
2	+ //# sourceMappingURL=index.mjs.map

package/dist/Auth/index.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../src/Auth/index.ts"],"names":["DefaultAuthUtilityConfig","DefaultAuthMiddlewareConfig","AuthUtility","config","maxTokenAge","userPrivateKeys","userPublicKeys","anonymousPrivateKeys","anonymousPublicKeys","systemPrivateKeys","systemPublicKeys","adminPrivateKeys","adminPublicKeys","warn","type","keys","limit","Logger_default","payload","privateKeyString","expiration","privateKey","importPKCS8","SignJWT","token","publicKeyString","i","publicKey","importSPKI","jwtVerify","id","additionalData","assert","ErrorTypes_default","Utils_default","email","verifier","permissions","authenticate","response","fetch_default","response_default","allowAnonymous","allowSystem","allowUser","allowCDN","req","res","next","authType","error","Auth_default"],"mappings":"gIAsBaA,IAAAA,CAAAA,CAAwD,CACnE,WAAA,CAAa,SACb,CAAA,eAAA,CAAiB,KACjB,cAAgB,CAAA,IAAA,CAChB,oBAAsB,CAAA,IAAA,CACtB,mBAAqB,CAAA,IAAA,CACrB,kBAAmB,IACnB,CAAA,gBAAA,CAAkB,IAClB,CAAA,gBAAA,CAAkB,IAClB,CAAA,eAAA,CAAiB,IACnB,CAWaC,CAAAA,CAAAA,CAA8D,CACzE,cAAA,CAAgB,CAChB,CAAA,CAAA,WAAA,CAAa,GACb,SAAW,CAAA,CAAA,CAAA,CACX,QAAU,CAAA,CAAA,CACZ,CAKMC,CAAAA,CAAAA,CAAN,KAAkB,CACR,WAAA,CACA,eACA,CAAA,cAAA,CACA,oBACA,CAAA,mBAAA,CACA,kBACA,gBACA,CAAA,gBAAA,CACA,eAMR,CAAA,WAAA,CAAYC,CAAqCH,CAAAA,CAAAA,CAA0B,CACzE,GAAM,CACJ,WAAAI,CAAAA,CAAAA,CACA,eAAAC,CAAAA,CAAAA,CACA,eAAAC,CACA,CAAA,oBAAA,CAAAC,CACA,CAAA,mBAAA,CAAAC,CACA,CAAA,iBAAA,CAAAC,EACA,gBAAAC,CAAAA,CAAAA,CACA,gBAAAC,CAAAA,CAAAA,CACA,eAAAC,CAAAA,CACF,EAAI,CAAE,GAAGZ,CAA0B,CAAA,GAAGG,CAAO,CAAA,CAE7C,KAAK,WAAcC,CAAAA,CAAAA,CAEnB,IAAK,CAAA,eAAA,CAAkB,IAAK,CAAA,KAAA,CAAMC,CAAe,CACjD,CAAA,IAAA,CAAK,cAAiB,CAAA,IAAA,CAAK,KAAMC,CAAAA,CAAc,EAE/C,IAAK,CAAA,oBAAA,CAAuB,IAAK,CAAA,KAAA,CAAMC,CAAoB,CAAA,CAC3D,KAAK,mBAAsB,CAAA,IAAA,CAAK,KAAMC,CAAAA,CAAmB,CAEzD,CAAA,IAAA,CAAK,kBAAoB,IAAK,CAAA,KAAA,CAAMC,CAAiB,CAAA,CACrD,IAAK,CAAA,gBAAA,CAAmB,KAAK,KAAMC,CAAAA,CAAgB,CAEnD,CAAA,IAAA,CAAK,gBAAmB,CAAA,IAAA,CAAK,MAAMC,CAAgB,CAAA,CACnD,IAAK,CAAA,eAAA,CAAkB,IAAK,CAAA,KAAA,CAAMC,CAAe,CAEjD,CAAA,IAAA,CAAK,WAAY,GACnB,CAKQ,WAAA,EAAc,CACpB,IAAMC,CAAAA,CAAO,CAACC,CAAAA,CAAcC,CAAgBC,CAAAA,CAAAA,GAC1CD,EAAK,MAASC,CAAAA,CAAAA,EACdC,CAAO,CAAA,UAAA,CACL,aACA,CAAA,CAAA,UAAA,EAAaD,CAAK,CAAIF,CAAAA,EAAAA,CAAI,CAC5B,wCAAA,CAAA,CAAA,CAEFD,CAAK,CAAA,cAAA,CAAgB,KAAK,eAAiB,CAAA,CAAC,CAC5CA,CAAAA,CAAAA,CAAK,aAAe,CAAA,IAAA,CAAK,eAAgB,CAAC,CAAA,CAC1CA,CAAK,CAAA,mBAAA,CAAqB,IAAK,CAAA,oBAAA,CAAsB,CAAC,CACtDA,CAAAA,CAAAA,CAAK,kBAAoB,CAAA,IAAA,CAAK,mBAAqB,CAAA,CAAC,EACpDA,CAAK,CAAA,gBAAA,CAAkB,IAAK,CAAA,iBAAA,CAAmB,CAAC,CAAA,CAChDA,EAAK,eAAiB,CAAA,IAAA,CAAK,gBAAkB,CAAA,CAAC,CAC9CA,CAAAA,CAAAA,CAAK,gBAAiB,IAAK,CAAA,gBAAA,CAAkB,CAAC,CAAA,CAC9CA,CAAK,CAAA,cAAA,CAAgB,KAAK,eAAiB,CAAA,CAAC,EAC9C,CAEA,MAAc,eAAA,CAAgBK,EAAcC,CAA0BC,CAAAA,CAAAA,CAAmB,CACvF,IAAMC,CAAa,CAAA,MAAMC,YAAYH,CAAkB,CAAA,OAAO,CAO9D,CAAA,OANc,MAAM,IAAII,QAAQL,CAAO,CAAA,CAClC,kBAAmB,CAAA,CAAE,GAAK,CAAA,OAAQ,CAAC,CACnC,CAAA,iBAAA,CAAkBE,CAAU,CAAA,CAC5B,WAAY,EAAA,CACZ,KAAKC,CAAU,CAGtB,CAEA,MAAc,eAAgBG,CAAAA,CAAAA,CAAeC,EAA2BL,CAAmB,CAAA,CACzF,IAAQM,IAAAA,CAAAA,CAAID,CAAgB,CAAA,MAAA,CAAS,EAAGC,CAAI,CAAA,CAAA,CAAIA,CAC9C,EAAA,CAAA,GAAI,CACF,IAAMC,EAAY,MAAMC,UAAAA,CAAWH,CAAgBC,CAAAA,CAAC,CAAG,CAAA,OAAO,EAE9D,OADY,CAAA,MAAMG,SAAUL,CAAAA,CAAAA,CAAOG,CAAW,CAAA,CAAG,eAAgB,EAAI,CAAA,WAAA,CAAaP,CAAW,CAAC,CACnF,EAAA,OACb,MAAgB,CAEd,QACF,CAGF,IAAMO,CAAY,CAAA,MAAMC,WAAWH,CAAgB,CAAA,CAAC,CAAG,CAAA,OAAO,CAE9D,CAAA,OAAA,CADY,MAAMI,SAAUL,CAAAA,CAAAA,CAAOG,CAAW,CAAA,CAAG,cAAgB,CAAA,EAAA,CAAI,YAAaP,CAAW,CAAC,CACnF,EAAA,OACb,CAWA,MAAM,qBAAqBU,CAAYC,CAAAA,CAAAA,CAA0C,CAC/EC,CAAAA,CAAO,IAAK,CAAA,oBAAA,CAAqB,OAAQC,CAAW,CAAA,+BAA+B,CAEnFD,CAAAA,CAAAA,CAAOE,CAAM,CAAA,MAAA,CAAOJ,CAAE,CAAGG,CAAAA,CAAAA,CAAW,YAAY,CAAA,CAChD,IAAMf,CAAAA,CAAU,CACZ,EAAAY,CAAAA,CAAAA,CACA,IAAM,CAAA,MAAA,CACN,GAAGC,CACP,EAEA,OAAO,MAAM,IAAK,CAAA,eAAA,CAAgBb,CAAS,CAAA,IAAA,CAAK,qBAAqB,IAAK,CAAA,oBAAA,CAAqB,MAAS,CAAA,CAAC,CAAG,CAAA,IAAA,CAAK,WAAW,CAC9H,CASA,MAAM,oBAAA,CAAqBM,CAAc,CAAA,CACvCQ,EAAO,IAAK,CAAA,mBAAA,CAAoB,MAAQC,CAAAA,CAAAA,CAAW,8BAA8B,CAAA,CACjF,IAAMf,CAAU,CAAA,MAAM,IAAK,CAAA,eAAA,CAAgBM,CAAO,CAAA,IAAA,CAAK,oBAAqB,IAAK,CAAA,WAAW,CAC5F,CAAA,OAAAQ,CAAOd,CAAAA,CAAAA,CAAQ,OAAS,MAAQe,CAAAA,CAAAA,CAAW,iBAAiB,CAAA,CACrDf,CACT,CAUA,MAAM,eAAgBY,CAAAA,CAAAA,CAAYC,CAA0C,CAAA,CAC1EC,CAAO,CAAA,IAAA,CAAK,gBAAgB,MAAQC,CAAAA,CAAAA,CAAW,0BAA0B,CAAA,CACzED,CAAOE,CAAAA,CAAAA,CAAM,OAAOJ,CAAE,CAAA,CAAGG,CAAW,CAAA,YAAY,CAEhD,CAAA,IAAMf,EAAU,CACZ,EAAA,CAAAY,CACA,CAAA,IAAA,CAAM,MACN,CAAA,GAAGC,CACP,CACA,CAAA,OAAO,MAAM,IAAA,CAAK,eAAgBb,CAAAA,CAAAA,CAAS,KAAK,eAAgB,CAAA,IAAA,CAAK,eAAgB,CAAA,MAAA,CAAS,CAAC,CAAA,CAAG,KAAK,WAAW,CACpH,CASA,MAAM,eAAgBM,CAAAA,CAAAA,CAAc,CAClCQ,CAAO,CAAA,IAAA,CAAK,cAAe,CAAA,MAAA,CAAQC,CAAW,CAAA,yBAAyB,EACvE,IAAMf,CAAAA,CAAS,MAAM,IAAK,CAAA,eAAA,CAAgBM,EAAO,IAAK,CAAA,cAAA,CAAgB,IAAK,CAAA,WAAW,CACtF,CAAA,OAAAQ,EAAOd,CAAQ,CAAA,IAAA,GAAS,MAAQe,CAAAA,CAAAA,CAAW,iBAAiB,CAAA,CACrDf,CACT,CAUA,MAAM,iBAAkBY,CAAAA,CAAAA,CAAYC,CAA0C,CAAA,CAC5EC,EAAO,IAAK,CAAA,iBAAA,CAAkB,MAAQC,CAAAA,CAAAA,CAAW,4BAA4B,CAAA,CAE7E,IAAMf,CAAU,CAAA,CACZ,EAAAY,CAAAA,CAAAA,CACA,IAAM,CAAA,QAAA,CACN,GAAGC,CACP,CAAA,CACA,OAAO,MAAM,IAAK,CAAA,eAAA,CAAgBb,EAAS,IAAK,CAAA,iBAAA,CAAkB,IAAK,CAAA,iBAAA,CAAkB,MAAS,CAAA,CAAC,EAAG,OAAO,CAC/G,CASA,MAAM,iBAAkBM,CAAAA,CAAAA,CAAc,CACpCQ,CAAO,CAAA,IAAA,CAAK,gBAAiB,CAAA,MAAA,CAAQC,CAAW,CAAA,yBAAyB,EACzE,IAAMf,CAAAA,CAAU,MAAM,IAAA,CAAK,eAAgBM,CAAAA,CAAAA,CAAO,KAAK,gBAAkB,CAAA,OAAO,CAChF,CAAA,OAAAQ,CAAOd,CAAAA,CAAAA,CAAQ,OAAS,QAAUe,CAAAA,CAAAA,CAAW,iBAAiB,CAAA,CACvDf,CACT,CAUA,MAAM,gBAAiBiB,CAAAA,CAAAA,CAAeC,CAAkBL,CAAAA,CAAAA,CAA0C,CAChGC,CAAAA,CAAO,KAAK,gBAAiB,CAAA,MAAA,CAAQC,CAAW,CAAA,2BAA2B,CAE3ED,CAAAA,CAAAA,CAAOE,EAAM,OAAQC,CAAAA,CAAK,CAAGF,CAAAA,CAAAA,CAAW,aAAa,CAAA,CACrDD,EAAOE,CAAM,CAAA,KAAA,CAAME,CAAQ,CAAA,CAAGH,CAAW,CAAA,gBAAgB,EACzD,IAAMf,GAAAA,CAAU,CACZ,KAAA,CAAAiB,CACA,CAAA,IAAA,CAAM,QACN,QAAUC,CAAAA,CAAAA,CACV,GAAGL,CACP,CACA,CAAA,OAAO,MAAM,IAAK,CAAA,eAAA,CAAgBb,GAAS,CAAA,IAAA,CAAK,gBAAiB,CAAA,IAAA,CAAK,iBAAiB,MAAS,CAAA,CAAC,CAAG,CAAA,IAAA,CAAK,WAAW,CACtH,CAaA,MAAM,gBAAA,CAAiBM,GAAea,CAAAA,CAAAA,CAAuBC,CAAsB,CAAA,CACjFN,EAAO,IAAK,CAAA,eAAA,CAAgB,MAAQC,CAAAA,CAAAA,CAAW,0BAA0B,CAAA,CACzE,IAAMf,CAAU,CAAA,MAAM,IAAK,CAAA,eAAA,CAAgBM,GAAO,CAAA,IAAA,CAAK,gBAAiB,IAAK,CAAA,WAAW,CAGxF,CAAA,GAFAQ,CAAOd,CAAAA,CAAAA,CAAQ,OAAS,OAASe,CAAAA,CAAAA,CAAW,iBAAiB,CAAA,CAE1DK,CAAc,CAAA,CACf,IAAMC,CAAW,CAAA,MAAMC,CAAMtB,CAAAA,CAAAA,CAAQ,QAAoB,CAAA,EAAA,CAAI,OAAQ,EAAC,CAAG,CAAE,KAAA,CAAAM,GAAO,CAAA,WAAA,CAAAa,CAAY,CAAC,CAAA,CAG/F,GAFAL,CAAAA,CAAOO,CAAS,CAAA,IAAA,CAAK,eAAiB,CAAMN,CAAAA,CAAAA,CAAAA,CAAW,aAAa,CAAA,CAEjEM,CAAS,CAAA,IAAA,CAAK,iBAAmB,CAClC,CAAA,CAAA,MAAME,CAAgB,CAAA,aAAA,CAAc,GAAKR,CAAAA,CAAAA,CAAW,mBAAmB,CAE3E,CAEA,OAAOf,CACT,CASA,cAAA,CAAef,EAAwCF,CAA6BoC,CAAAA,CAAAA,CAAwB,EAAC,CAAG,CAC9G,GAAM,CAAE,cAAAK,CAAAA,CAAAA,CAAgB,WAAAC,CAAAA,CAAAA,CAAa,SAAAC,CAAAA,CAAAA,CAAW,SAAAC,CAAS,CAAA,CAAI,CAAE,GAAG5C,CAA6B,CAAA,GAAGE,CAAO,CACzG,CAAA,OAAc2C,MAAAA,CAAAA,CAAUC,CAAUC,CAAAA,GAAAA,GAAc,CAC9C,GAAI,CACF,GAAM,CAACC,CAAUzB,CAAAA,CAAK,EAAIsB,CAAI,CAAA,GAAA,CAAI,eAAe,CAAA,EAAG,KAAM,CAAA,GAAG,GAAK,EAAC,CACnE,GAAI,CAACtB,CAAO,CAAA,MAAM,IAAI,KAAMS,CAAAA,CAAAA,CAAW,aAAa,CAAA,CAEpD,IAAIf,CAAAA,CACJ,OAAQ+B,CAA2B,EACjC,IAAK,MAAA,CACH,GAAI,CAACP,EAAgB,MAAMD,CAAAA,CAAgB,aAAc,CAAA,GAAA,CAAKR,CAAW,CAAA,6BAA6B,EACtGf,CAAU,CAAA,MAAM,IAAK,CAAA,oBAAA,CAAqBM,CAAK,CAAA,CAC/C,MACF,IAAK,MAAA,CACH,GAAI,CAACoB,CAAW,CAAA,MAAMH,EAAgB,aAAc,CAAA,GAAA,CAAKR,CAAW,CAAA,wBAAwB,CAC5Ff,CAAAA,CAAAA,CAAU,MAAM,IAAK,CAAA,eAAA,CAAgBM,CAAK,CAAA,CAC1C,MACF,IAAK,SACH,GAAI,CAACmB,CAAa,CAAA,MAAMF,CAAgB,CAAA,aAAA,CAAc,IAAKR,CAAW,CAAA,0BAA0B,CAChGf,CAAAA,CAAAA,CAAU,MAAM,IAAA,CAAK,kBAAkBM,CAAK,CAAA,CAC5CP,CAAO,CAAA,UAAA,CAAW,gBAAkB,CAAA,CAAA,cAAA,EAAiBC,EAAQ,EAAE,CAAA,CAAE,CACjE,CAAA,MACF,IAAK,OAAA,CACHA,EAAU,MAAM,IAAA,CAAK,gBAAiBM,CAAAA,CAAAA,CAAOa,CAAa,CAAA,CAAA,CAAI,EAC9DpB,CAAO,CAAA,UAAA,CAAW,gBAAkB,CAAA,CAAA,QAAA,EAAWC,CAAQ,CAAA,KAAK,EAAE,CAC9D,CAAA,MACF,IAAK,KAAA,CACH,GAAI,CAAC2B,EAAU,MAAMJ,CAAAA,CAAgB,aAAc,CAAA,GAAA,CAAKR,CAAW,CAAA,uBAAuB,EAC1FD,CAAO,CAAA,CAAC,gBAAkB,CAAA,gBAAgB,CAAE,CAAA,QAAA,CAASR,CAAK,CAAGS,CAAAA,CAAAA,CAAW,aAAa,CAAA,CACrFhB,CAAO,CAAA,UAAA,CAAW,iBAAkB,CAAwBO,qBAAAA,EAAAA,CAAK,CAAE,CAAA,CAAA,CACnE,MACF,QACE,MAAMiB,CAAgB,CAAA,aAAA,CAAc,GAAKR,CAAAA,CAAAA,CAAW,iBAAiB,CACzE,CAEAc,CAAI,CAAA,MAAA,CAAO,IAAO,CAAA,CAAE,QAAAE,CAAAA,CAAAA,CAAU,MAAAzB,CAAO,CAAA,GAAGN,CAAQ,CAAA,CAChD8B,GAAK,GACP,OAASE,CAAY,CAAA,CACnBjC,CAAO,CAAA,QAAA,CAAS,gBAAkBiC,CAAAA,CAAK,EACvCT,CAAgB,CAAA,eAAA,CACd,gBACAA,CAAAA,CAAAA,CAAgB,aAAc,CAAA,GAAA,CAAKS,EAAM,KAASjB,EAAAA,CAAAA,CAAW,aAAe,CAAA,CAAA,CAAI,CAChFc,CAAAA,CACF,EACF,CACF,CACF,CACF,CAAA,CAEOI,CAAQjD,CAAAA","file":"index.mjs","sourcesContent":["import { importPKCS8, importSPKI, jwtVerify, SignJWT} from 'jose';\r\nimport ErrorTypes from '../enums/ErrorTypes';\r\nimport Logger from '../Logger';\r\nimport Utils from '../Utils';\r\nimport ResponseUtility from '../Utils/response';\r\nimport assert from 'assert';\r\nimport Fetch from '../Utils/fetch';\r\n\r\ntype StringifiedJSONArray = string;\r\n\r\nexport interface AuthUtilityConfig {\r\n maxTokenAge: string;\r\n userPrivateKeys: StringifiedJSONArray;\r\n userPublicKeys: StringifiedJSONArray;\r\n anonymousPrivateKeys: StringifiedJSONArray;\r\n anonymousPublicKeys: StringifiedJSONArray;\r\n systemPrivateKeys: StringifiedJSONArray;\r\n systemPublicKeys: StringifiedJSONArray;\r\n adminPrivateKeys: StringifiedJSONArray;\r\n adminPublicKeys: StringifiedJSONArray;\r\n}\r\n\r\nexport const DefaultAuthUtilityConfig: Readonly<AuthUtilityConfig> = {\r\n maxTokenAge: '30 days',\r\n userPrivateKeys: '[]',\r\n userPublicKeys: '[]',\r\n anonymousPrivateKeys: '[]',\r\n anonymousPublicKeys: '[]',\r\n systemPrivateKeys: '[]',\r\n systemPublicKeys: '[]',\r\n adminPrivateKeys: '[]',\r\n adminPublicKeys: '[]',\r\n};\r\n\r\nexport type AuthTokenType = 'Anon' | 'User' | 'System' | 'Admin' | 'CDN';\r\n\r\nexport interface AuthMiddlewareConfig {\r\n allowAnonymous: boolean;\r\n allowSystem: boolean;\r\n allowUser: boolean;\r\n allowCDN: boolean;\r\n}\r\n\r\nexport const DefaultAuthMiddlewareConfig: Readonly<AuthMiddlewareConfig> = {\r\n allowAnonymous: false,\r\n allowSystem: true,\r\n allowUser: true,\r\n allowCDN: false\r\n};\r\n\r\n/**\r\n * A utility class for JWT authentication and authorization.\r\n */\r\nclass AuthUtility {\r\n private maxTokenAge: string;\r\n private userPrivateKeys: string[];\r\n private userPublicKeys: string[];\r\n private anonymousPrivateKeys: string[];\r\n private anonymousPublicKeys: string[];\r\n private systemPrivateKeys: string[];\r\n private systemPublicKeys: string[];\r\n private adminPrivateKeys: string[];\r\n private adminPublicKeys: string[];\r\n\r\n /**\r\n * Initializes the AuthUtility class with a configuration.\r\n * @param config The configuration for the utility (optional).\r\n */\r\n constructor(config: Partial<AuthUtilityConfig> = DefaultAuthUtilityConfig) {\r\n const {\r\n maxTokenAge,\r\n userPrivateKeys,\r\n userPublicKeys,\r\n anonymousPrivateKeys,\r\n anonymousPublicKeys,\r\n systemPrivateKeys,\r\n systemPublicKeys,\r\n adminPrivateKeys,\r\n adminPublicKeys,\r\n } = { ...DefaultAuthUtilityConfig, ...config };\r\n\r\n this.maxTokenAge = maxTokenAge;\r\n\r\n this.userPrivateKeys = JSON.parse(userPrivateKeys);\r\n this.userPublicKeys = JSON.parse(userPublicKeys);\r\n\r\n this.anonymousPrivateKeys = JSON.parse(anonymousPrivateKeys);\r\n this.anonymousPublicKeys = JSON.parse(anonymousPublicKeys);\r\n\r\n this.systemPrivateKeys = JSON.parse(systemPrivateKeys);\r\n this.systemPublicKeys = JSON.parse(systemPublicKeys);\r\n\r\n this.adminPrivateKeys = JSON.parse(adminPrivateKeys);\r\n this.adminPublicKeys = JSON.parse(adminPublicKeys);\r\n\r\n this.logWarnings();\r\n }\r\n\r\n /**\r\n * Logs warnings if the number of keys exceeds recommended limits.\r\n */\r\n private logWarnings() {\r\n const warn = (type: string, keys: string[], limit: number) =>\r\n keys.length > limit &&\r\n Logger.logWarning(\r\n 'AuthUtility',\r\n `More than ${limit} ${type} keys provided. This is not recommended.`\r\n );\r\n\r\n warn('user private', this.userPrivateKeys, 3);\r\n warn('user public', this.userPublicKeys, 3);\r\n warn('anonymous private', this.anonymousPrivateKeys, 1);\r\n warn('anonymous public', this.anonymousPublicKeys, 3);\r\n warn('system private', this.systemPrivateKeys, 1);\r\n warn('system public', this.systemPublicKeys, 3);\r\n warn('admin private', this.adminPrivateKeys, 1);\r\n warn('admin public', this.adminPublicKeys, 3);\r\n }\r\n\r\n private async createSignedJWT(payload: any, privateKeyString: string, expiration: string){\r\n const privateKey = await importPKCS8(privateKeyString, 'RS256');\r\n const token = await new SignJWT(payload)\r\n .setProtectedHeader({ alg: 'RS256' })\r\n .setExpirationTime(expiration)\r\n .setIssuedAt()\r\n .sign(privateKey);\r\n\r\n return token;\r\n }\r\n\r\n private async verifySignedJWT(token: string, publicKeyString: string[], expiration: string){\r\n for(let i = publicKeyString.length - 1; i > 0 ; i--){\r\n try { \r\n const publicKey = await importSPKI(publicKeyString[i], 'RS256')\r\n const jwt = await jwtVerify(token, publicKey, { clockTolerance: 30, maxTokenAge: expiration });\r\n return jwt.payload;\r\n } catch (error) {\r\n // Try with the next oldest key\r\n continue;\r\n }\r\n }\r\n\r\n const publicKey = await importSPKI(publicKeyString[0], 'RS256')\r\n const jwt = await jwtVerify(token, publicKey, { clockTolerance: 30, maxTokenAge: expiration });\r\n return jwt.payload;\r\n }\r\n\r\n \r\n /**\r\n * Creates an anonymous token with the given ID and additional data.\r\n *\r\n * @param id - The unique identifier for the token. Must be a valid UUID.\r\n * @param additionalData - Optional additional data to include in the token payload.\r\n * @returns A promise that resolves to the signed JWT as a string.\r\n * @throws Will throw an error if no anonymous private keys are found or if the ID is not a valid UUID.\r\n */\r\n async createAnonymousToken(id: string, additionalData?: object): Promise<string> {\r\n assert(this.anonymousPrivateKeys.length, ErrorTypes.ANONYMOUS_PRIVATE_KEY_NOT_FOUND);\r\n\r\n assert(Utils.isUUID(id), ErrorTypes.INVALID_UUID);\r\n const payload = {\r\n id,\r\n type: 'Anon',\r\n ...additionalData\r\n };\r\n\r\n return await this.createSignedJWT(payload, this.anonymousPrivateKeys[this.anonymousPrivateKeys.length - 1], this.maxTokenAge);\r\n }\r\n\r\n /**\r\n * Verifies an anonymous token by checking its signature and payload type.\r\n *\r\n * @param token - The JWT token to be verified.\r\n * @returns The payload of the verified token.\r\n * @throws Will throw an error if no anonymous public keys are found or if the token type is invalid.\r\n */\r\n async verifyAnonymousToken(token: string){\r\n assert(this.anonymousPublicKeys.length, ErrorTypes.ANONYMOUS_PUBLIC_KEY_NOT_FOUND);\r\n const payload = await this.verifySignedJWT(token, this.anonymousPublicKeys, this.maxTokenAge);\r\n assert(payload.type === 'Anon', ErrorTypes.INVALID_AUTH_TYPE);\r\n return payload;\r\n }\r\n\r\n /**\r\n * Creates a signed JWT token for a user.\r\n *\r\n * @param id - The UUID of the user.\r\n * @param additionalData - Optional additional data to include in the token payload.\r\n * @returns A promise that resolves to the signed JWT token as a string.\r\n * @throws Will throw an error if no user private keys are found or if the provided id is not a valid UUID.\r\n */\r\n async createUserToken(id: string, additionalData?: object): Promise<string> {\r\n assert(this.userPrivateKeys.length, ErrorTypes.USER_PRIVATE_KEY_NOT_FOUND);\r\n assert(Utils.isUUID(id), ErrorTypes.INVALID_UUID);\r\n\r\n const payload = {\r\n id,\r\n type: 'User',\r\n ...additionalData\r\n };\r\n return await this.createSignedJWT(payload, this.userPrivateKeys[this.userPrivateKeys.length - 1], this.maxTokenAge);\r\n }\r\n\r\n /**\r\n * Verifies the provided user token by checking its signature and payload.\r\n *\r\n * @param token - The JWT token to be verified.\r\n * @returns The payload of the verified token if valid.\r\n * @throws Will throw an error if no user public keys are found or if the token type is invalid.\r\n */\r\n async verifyUserToken(token: string){\r\n assert(this.userPublicKeys.length, ErrorTypes.USER_PUBLIC_KEY_NOT_FOUND);\r\n const payload =await this.verifySignedJWT(token, this.userPublicKeys, this.maxTokenAge);\r\n assert(payload.type === 'User', ErrorTypes.INVALID_AUTH_TYPE);\r\n return payload;\r\n }\r\n\r\n /**\r\n * Creates a signed JWT (JSON Web Token) for a system with the given ID and optional additional data.\r\n *\r\n * @param id - The unique identifier for the system.\r\n * @param additionalData - Optional additional data to include in the token payload.\r\n * @returns A promise that resolves to the signed JWT as a string.\r\n * @throws Will throw an error if no system private keys are found.\r\n */\r\n async createSystemToken(id: string, additionalData?: object): Promise<string> {\r\n assert(this.systemPrivateKeys.length, ErrorTypes.SYSTEM_PRIVATE_KEY_NOT_FOUND);\r\n\r\n const payload = {\r\n id,\r\n type: 'System',\r\n ...additionalData\r\n };\r\n return await this.createSignedJWT(payload, this.systemPrivateKeys[this.systemPrivateKeys.length - 1], '5 min');\r\n }\r\n\r\n /**\r\n * Verifies a system token by checking its signature and payload type.\r\n *\r\n * @param token - The JWT token to be verified.\r\n * @returns The payload of the verified token.\r\n * @throws Will throw an error if no system public keys are found or if the token type is not 'System'.\r\n */\r\n async verifySystemToken(token: string){\r\n assert(this.systemPublicKeys.length, ErrorTypes.USER_PUBLIC_KEY_NOT_FOUND);\r\n const payload = await this.verifySignedJWT(token, this.systemPublicKeys, '5 min');\r\n assert(payload.type === 'System', ErrorTypes.INVALID_AUTH_TYPE);\r\n return payload;\r\n }\r\n\r\n /**\r\n * Creates a signed JWT token for an admin user.\r\n *\r\n * @param email - The email of the admin user.\r\n * @param additionalData - Optional additional data to include in the token payload.\r\n * @returns A promise that resolves to the signed JWT token string.\r\n * @throws Will throw an error if no admin private keys are found or if the provided id is not a valid UUID.\r\n */\r\n async createAdminToken(email: string, verifier: string, additionalData?: object): Promise<string> {\r\n assert(this.adminPrivateKeys.length, ErrorTypes.ADMIN_PRIVATE_KEY_NOT_FOUND);\r\n\r\n assert(Utils.isEmail(email), ErrorTypes.INVALID_EMAIL);\r\n assert(Utils.isURL(verifier), ErrorTypes.INVALID_VERIFIER);\r\n const payload = {\r\n email,\r\n type: 'Admin',\r\n verifier: verifier,\r\n ...additionalData\r\n };\r\n return await this.createSignedJWT(payload, this.adminPrivateKeys[this.adminPrivateKeys.length - 1], this.maxTokenAge);\r\n }\r\n\r\n /**\r\n * Verifies the provided admin token by checking its signature and payload.\r\n * Ensures that the token is signed with one of the known admin public keys\r\n * and that the payload type is 'Admin'.\r\n *\r\n * @param token - The JWT token to be verified.\r\n * @param permissions - The permissions required for the admin user.\r\n * @param authenticate - Whether to authenticate the token with the verifier.\r\n * @returns The payload of the verified token.\r\n * @throws Will throw an error if no admin public keys are found or if the token is invalid or if the admin doesn't have proper permissions.\r\n */\r\n async verifyAdminToken(token: string, permissions: string[], authenticate: boolean){\r\n assert(this.adminPublicKeys.length, ErrorTypes.ADMIN_PUBLIC_KEY_NOT_FOUND);\r\n const payload = await this.verifySignedJWT(token, this.adminPublicKeys, this.maxTokenAge);\r\n assert(payload.type === 'Admin', ErrorTypes.INVALID_AUTH_TYPE);\r\n\r\n if(authenticate) {\r\n const response = await Fetch(payload.verifier as string, '', 'POST', {}, { token, permissions });\r\n assert(response.data.isTokenValid === true, ErrorTypes.INVALID_TOKEN);\r\n \r\n if(response.data.hasPermissions !== true){\r\n throw ResponseUtility.generateError(403, ErrorTypes.INVALID_PERMISSIONS)\r\n }\r\n }\r\n\r\n return payload;\r\n }\r\n\r\n /**\r\n * Middleware function to handle authentication based on different token types.\r\n * It verifies the token and sets the authentication details in the response locals.\r\n *\r\n * @param {Partial<AuthMiddlewareConfig>} [config=DefaultAuthMiddlewareConfig] - Configuration object to customize the middleware behavior.\r\n * @returns Middleware function to handle authentication.\r\n */\r\n AuthMiddleware(config: Partial<AuthMiddlewareConfig> = DefaultAuthMiddlewareConfig, permissions: string[] = []) {\r\n const { allowAnonymous, allowSystem, allowUser, allowCDN } = { ...DefaultAuthMiddlewareConfig, ...config };\r\n return async (req: any, res: any, next: any) => {\r\n try {\r\n const [authType, token] = req.get('Authorization')?.split(' ') || [];\r\n if (!token) throw new Error(ErrorTypes.INVALID_TOKEN);\r\n\r\n let payload;\r\n switch (authType as AuthTokenType) {\r\n case 'Anon':\r\n if (!allowAnonymous) throw ResponseUtility.generateError(403, ErrorTypes.ANONYMOUS_SESSION_NOT_ALLOWED);\r\n payload = await this.verifyAnonymousToken(token);\r\n break;\r\n case 'User':\r\n if (!allowUser) throw ResponseUtility.generateError(403, ErrorTypes.USER_SESSION_NOT_ALLOWED);\r\n payload = await this.verifyUserToken(token);\r\n break;\r\n case 'System':\r\n if (!allowSystem) throw ResponseUtility.generateError(403, ErrorTypes.SYSTEM_SESSION_NOT_ALLOWED);\r\n payload = await this.verifySystemToken(token);\r\n Logger.logMessage('AuthMiddleware', `System Name - ${payload.id}`);\r\n break;\r\n case 'Admin':\r\n payload = await this.verifyAdminToken(token, permissions, true);\r\n Logger.logMessage('AuthMiddleware', `Admin - ${payload.email}`);\r\n break;\r\n case 'CDN':\r\n if (!allowCDN) throw ResponseUtility.generateError(403, ErrorTypes.CDN_SESSION_NOT_ALLOWED);\r\n assert(['E3CQMOP5FX6KD1', 'E3TNCKKZ3FOX9W'].includes(token), ErrorTypes.INVALID_TOKEN);\r\n Logger.logMessage('AuthMiddleware', `CDN DistributionId - ${token}`);\r\n break;\r\n default:\r\n throw ResponseUtility.generateError(403, ErrorTypes.INVALID_AUTH_TYPE);\r\n }\r\n\r\n res.locals.auth = { authType, token, ...payload };\r\n next();\r\n } catch (error: any) {\r\n Logger.logError('AuthMiddleware', error);\r\n ResponseUtility.handleException(\r\n 'AuthMiddleware',\r\n ResponseUtility.generateError(401, error.error || ErrorTypes.TOKEN_EXPIRED, true),\r\n res\r\n );\r\n }\r\n };\r\n }\r\n}\r\n\r\nexport default AuthUtility;\r\n\r\n"]}

package/dist/Classes/Address.d.mts ADDED Viewed

@@ -0,0 +1,142 @@
+import BaseModel, { BaseAttributes } from './Base.mjs';
+import './Common.mjs';
+import './Enum.mjs';
+declare enum AddressType {
+    BILLING = "billing",
+    SHIPPING = "shipping",
+    BILLING_AND_SHIPPING = "billing&shipping",
+    NONE = "none"
+}
+type AddressAttributes = BaseAttributes & {
+    id: string;
+    firstName: string;
+    lastName: string;
+    phone: string;
+    email: string;
+    addressLine1: string;
+    addressLine2?: string;
+    city: string;
+    postalCode: string;
+    state: string;
+    country: string;
+    isBillingAddress: boolean;
+    isShippingAddress: boolean;
+};
+type AddressData = Required<AddressAttributes>;
+/**
+ * Represents a physical address associated with a customer or order.
+ * Handles both billing and shipping address types.
+ */
+declare class AddressModel extends BaseModel {
+    protected id: string;
+    protected firstName: string;
+    protected lastName: string;
+    protected phone: string;
+    protected email: string;
+    protected addressLine1: string;
+    protected addressLine2: string;
+    protected city: string;
+    protected postalCode: string;
+    protected state: string;
+    protected country: string;
+    protected isBillingAddress: boolean;
+    protected isShippingAddress: boolean;
+    /**
+     * Creates an instance of AddressModel.
+     * @param data - The initial address attributes.
+     * @param date - Optional date for setting creation/modification times (defaults to now).
+     */
+    constructor(data: AddressAttributes, date?: Date);
+    /**
+     * Gets a plain data object representing the address's current state.
+     * Includes all address fields and base model fields.
+     * @returns AddressData object suitable for serialization or API responses.
+     */
+    getDetails(): AddressData;
+    /**
+    * Gets the unique identifier for the address.
+    * @returns The address ID.
+    */
+    getId(): string;
+    /**
+     * Gets the first name associated with the address.
+     * @returns The first name.
+     */
+    getFirstName(): string;
+    /**
+     * Gets the last name associated with the address.
+     * @returns The last name.
+     */
+    getLastName(): string;
+    /**
+     * Gets the phone number associated with the address.
+     * @returns The phone number.
+     */
+    getPhone(): string;
+    /**
+     * Gets the email address associated with the address.
+     * @returns The email address.
+     */
+    getEmail(): string;
+    /**
+     * Gets the primary address line (e.g., street address).
+     * @returns The first address line.
+     */
+    getAddressLine1(): string;
+    /**
+     * Gets the secondary address line (e.g., apartment, suite).
+     * Returns an empty string if not provided.
+     * @returns The second address line or an empty string.
+     */
+    getAddressLine2(): string;
+    /**
+     * Gets the city name.
+     * @returns The city.
+     */
+    getCity(): string;
+    /**
+     * Gets the postal code (e.g., ZIP code).
+     * @returns The postal code.
+     */
+    getPostalCode(): string;
+    /**
+     * Gets the state, province, or region.
+     * @returns The state.
+     */
+    getState(): string;
+    /**
+     * Gets the country name or code.
+     * @returns The country.
+     */
+    getCountry(): string;
+    /**
+     * Checks if this address is designated as a billing address.
+     * @returns True if it's a billing address, false otherwise.
+     */
+    getIsBillingAddress(): boolean;
+    /**
+     * Checks if this address is designated as a shipping address.
+     * @returns True if it's a shipping address, false otherwise.
+     */
+    getIsShippingAddress(): boolean;
+    /**
+     * Determines the type of the address based on its billing and shipping flags.
+     * @returns The AddressType enum value representing the address's role.
+     */
+    getAddressType(): AddressType;
+    /**
+     * Static method to check if a given AddressType includes shipping.
+     * @param addressType - The address type to check.
+     * @returns True if the type is SHIPPING or BILLING_AND_SHIPPING.
+     */
+    static checkIfShippingAddress(addressType: AddressType): boolean;
+    /**
+     * Static method to check if a given AddressType includes billing.
+     * @param addressType - The address type to check.
+     * @returns True if the type is BILLING or BILLING_AND_SHIPPING.
+     */
+    static checkIfBillingAddress(addressType: AddressType): boolean;
+}
+export { type AddressAttributes, type AddressData, AddressType, AddressModel as default };