react-native-dpop 0.3.0 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +143 -53
- package/ReactNativeDPoP.podspec +1 -1
- package/android/src/main/java/com/reactnativedpop/DPoPKeyStore.kt +23 -2
- package/android/src/main/java/com/reactnativedpop/DPoPModule.kt +79 -33
- package/android/src/main/java/com/reactnativedpop/DPoPPackage.kt +7 -7
- package/android/src/main/java/com/reactnativedpop/DPoPUtils.kt +6 -6
- package/ios/DPoPKeyStore.swift +11 -2
- package/ios/DPoPModule.swift +96 -31
- package/ios/DPoPModuleBridge.mm +7 -6
- package/ios/DPoPUtils.swift +5 -5
- package/lib/module/NativeReactNativeDPoP.js +4 -2
- package/lib/module/NativeReactNativeDPoP.js.map +1 -1
- package/lib/module/index.js +33 -22
- package/lib/module/index.js.map +1 -1
- package/lib/typescript/examples/shared/DPoPExampleContent.d.ts +2 -0
- package/lib/typescript/examples/shared/DPoPExampleContent.d.ts.map +1 -0
- package/lib/typescript/examples/v0.75/App.d.ts +2 -0
- package/lib/typescript/examples/v0.75/App.d.ts.map +1 -0
- package/lib/typescript/examples/v0.83/App.d.ts +2 -0
- package/lib/typescript/examples/v0.83/App.d.ts.map +1 -0
- package/lib/typescript/src/NativeReactNativeDPoP.d.ts +3 -3
- package/lib/typescript/src/NativeReactNativeDPoP.d.ts.map +1 -1
- package/lib/typescript/src/index.d.ts +34 -24
- package/lib/typescript/src/index.d.ts.map +1 -1
- package/package.json +8 -4
- package/src/NativeReactNativeDPoP.ts +15 -13
- package/src/index.tsx +66 -45
package/ios/DPoPModule.swift
CHANGED
|
@@ -7,6 +7,9 @@ final class DPoPModule {
|
|
|
7
7
|
|
|
8
8
|
private let keyStore = DPoPKeyStore()
|
|
9
9
|
private let defaultAlias = "react-native-dpop"
|
|
10
|
+
private let reservedDPoPClaims = Set(["ath", "htm", "htu", "iat", "jti", "nonce"])
|
|
11
|
+
private let unknownSecureEnclaveFallbackReason = "UNKNOWN"
|
|
12
|
+
private let unavailableSecureEnclaveFallbackReason = "UNAVAILABLE"
|
|
10
13
|
|
|
11
14
|
private init() {}
|
|
12
15
|
|
|
@@ -17,6 +20,24 @@ final class DPoPModule {
|
|
|
17
20
|
return alias
|
|
18
21
|
}
|
|
19
22
|
|
|
23
|
+
func ensureKeyPair(alias: String, requireHardwareBacked: Bool) throws {
|
|
24
|
+
var generatedInThisCall = false
|
|
25
|
+
|
|
26
|
+
if !keyStore.hasKeyPair(alias: alias) {
|
|
27
|
+
try keyStore.generateKeyPair(alias: alias)
|
|
28
|
+
generatedInThisCall = true
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
let isHardwareBacked = keyStore.isHardwareBacked(alias: alias)
|
|
32
|
+
|
|
33
|
+
if requireHardwareBacked && !isHardwareBacked {
|
|
34
|
+
if generatedInThisCall {
|
|
35
|
+
try? keyStore.deleteKeyPair(alias: alias)
|
|
36
|
+
}
|
|
37
|
+
throw DPoPError.notHardwareBacked(alias: alias)
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
|
|
20
41
|
func assertHardwareBacked(alias: String?) throws {
|
|
21
42
|
let effectiveAlias = resolveAlias(alias)
|
|
22
43
|
guard keyStore.hasKeyPair(alias: effectiveAlias) else {
|
|
@@ -28,16 +49,6 @@ final class DPoPModule {
|
|
|
28
49
|
}
|
|
29
50
|
}
|
|
30
51
|
|
|
31
|
-
func calculateThumbprint(alias: String?) throws -> String {
|
|
32
|
-
let effectiveAlias = resolveAlias(alias)
|
|
33
|
-
if !keyStore.hasKeyPair(alias: effectiveAlias) {
|
|
34
|
-
try keyStore.generateKeyPair(alias: effectiveAlias)
|
|
35
|
-
}
|
|
36
|
-
let keyPair = try keyStore.getKeyPair(alias: effectiveAlias)
|
|
37
|
-
let coordinates = try DPoPUtils.getPublicCoordinates(fromRawPublicKey: try DPoPUtils.toRawPublicKey(keyPair.publicKey))
|
|
38
|
-
return DPoPUtils.calculateThumbprint(kty: "EC", crv: "P-256", x: coordinates.x, y: coordinates.y)
|
|
39
|
-
}
|
|
40
|
-
|
|
41
52
|
func deleteKeyPair(alias: String?) throws {
|
|
42
53
|
try keyStore.deleteKeyPair(alias: resolveAlias(alias))
|
|
43
54
|
}
|
|
@@ -45,9 +56,15 @@ final class DPoPModule {
|
|
|
45
56
|
func getKeyInfo(alias: String?) -> [String: Any] {
|
|
46
57
|
let effectiveAlias = resolveAlias(alias)
|
|
47
58
|
let secureEnclaveAvailable = keyStore.isSecureEnclaveAvailable()
|
|
48
|
-
let fallbackReason = keyStore.getSecureEnclaveFallbackReason(alias: effectiveAlias)
|
|
49
|
-
let secureEnclaveFallbackReason: Any = fallbackReason ?? NSNull()
|
|
50
59
|
let keyInfo = keyStore.getKeyInfo(alias: effectiveAlias)
|
|
60
|
+
let secureEnclaveBacked = secureEnclaveAvailable && keyInfo.insideSecureHardware
|
|
61
|
+
let fallbackReason = resolveSecureEnclaveFallbackReason(
|
|
62
|
+
secureEnclaveAvailable: secureEnclaveAvailable,
|
|
63
|
+
secureEnclaveBacked: secureEnclaveBacked,
|
|
64
|
+
hasKeyPair: keyInfo.hasKeyPair,
|
|
65
|
+
fallbackReason: keyStore.getSecureEnclaveFallbackReason(alias: effectiveAlias)
|
|
66
|
+
)
|
|
67
|
+
let secureEnclaveFallbackReason: Any = fallbackReason ?? NSNull()
|
|
51
68
|
|
|
52
69
|
if !keyInfo.hasKeyPair {
|
|
53
70
|
return [
|
|
@@ -58,14 +75,15 @@ final class DPoPModule {
|
|
|
58
75
|
"secureEnclaveAvailable": secureEnclaveAvailable,
|
|
59
76
|
"secureEnclaveBacked": false,
|
|
60
77
|
"securityLevel": NSNull(),
|
|
78
|
+
"securityLevelName": "SOFTWARE",
|
|
61
79
|
"secureEnclaveFallbackReason": secureEnclaveFallbackReason
|
|
62
80
|
]
|
|
63
81
|
]
|
|
64
82
|
]
|
|
65
83
|
}
|
|
66
84
|
|
|
67
|
-
let secureEnclaveBacked = secureEnclaveAvailable && keyInfo.insideSecureHardware
|
|
68
85
|
let securityLevel = secureEnclaveBacked ? 2 : 1
|
|
86
|
+
let securityLevelName = secureEnclaveBacked ? "SECURE_ENCLAVE" : "SOFTWARE"
|
|
69
87
|
|
|
70
88
|
return [
|
|
71
89
|
"alias": keyInfo.alias,
|
|
@@ -78,12 +96,34 @@ final class DPoPModule {
|
|
|
78
96
|
"secureEnclaveAvailable": secureEnclaveAvailable,
|
|
79
97
|
"secureEnclaveBacked": secureEnclaveBacked,
|
|
80
98
|
"securityLevel": securityLevel,
|
|
99
|
+
"securityLevelName": securityLevelName,
|
|
81
100
|
"secureEnclaveFallbackReason": secureEnclaveFallbackReason
|
|
82
101
|
]
|
|
83
102
|
]
|
|
84
103
|
]
|
|
85
104
|
}
|
|
86
105
|
|
|
106
|
+
private func resolveSecureEnclaveFallbackReason(
|
|
107
|
+
secureEnclaveAvailable: Bool,
|
|
108
|
+
secureEnclaveBacked: Bool,
|
|
109
|
+
hasKeyPair: Bool,
|
|
110
|
+
fallbackReason: String?
|
|
111
|
+
) -> String? {
|
|
112
|
+
if let fallbackReason {
|
|
113
|
+
return fallbackReason
|
|
114
|
+
}
|
|
115
|
+
|
|
116
|
+
if hasKeyPair && !secureEnclaveAvailable {
|
|
117
|
+
return unavailableSecureEnclaveFallbackReason
|
|
118
|
+
}
|
|
119
|
+
|
|
120
|
+
if hasKeyPair && !secureEnclaveBacked {
|
|
121
|
+
return unknownSecureEnclaveFallbackReason
|
|
122
|
+
}
|
|
123
|
+
|
|
124
|
+
return nil
|
|
125
|
+
}
|
|
126
|
+
|
|
87
127
|
func getPublicKeyDer(alias: String?) throws -> String {
|
|
88
128
|
let effectiveAlias = resolveAlias(alias)
|
|
89
129
|
if !keyStore.hasKeyPair(alias: effectiveAlias) {
|
|
@@ -117,6 +157,16 @@ final class DPoPModule {
|
|
|
117
157
|
return DPoPUtils.base64UrlEncode(try DPoPUtils.toRawPublicKey(keyPair.publicKey))
|
|
118
158
|
}
|
|
119
159
|
|
|
160
|
+
func getPublicKeyThumbprint(alias: String?) throws -> String {
|
|
161
|
+
let effectiveAlias = resolveAlias(alias)
|
|
162
|
+
if !keyStore.hasKeyPair(alias: effectiveAlias) {
|
|
163
|
+
try keyStore.generateKeyPair(alias: effectiveAlias)
|
|
164
|
+
}
|
|
165
|
+
let keyPair = try keyStore.getKeyPair(alias: effectiveAlias)
|
|
166
|
+
let coordinates = try DPoPUtils.getPublicCoordinates(fromRawPublicKey: try DPoPUtils.toRawPublicKey(keyPair.publicKey))
|
|
167
|
+
return DPoPUtils.getPublicKeyThumbprint(kty: "EC", crv: "P-256", x: coordinates.x, y: coordinates.y)
|
|
168
|
+
}
|
|
169
|
+
|
|
120
170
|
func hasKeyPair(alias: String?) -> Bool {
|
|
121
171
|
keyStore.hasKeyPair(alias: resolveAlias(alias))
|
|
122
172
|
}
|
|
@@ -134,7 +184,7 @@ final class DPoPModule {
|
|
|
134
184
|
try keyStore.generateKeyPair(alias: resolveAlias(alias))
|
|
135
185
|
}
|
|
136
186
|
|
|
137
|
-
func
|
|
187
|
+
func signWithDPoPPrivateKey(payload: String, alias: String?) throws -> String {
|
|
138
188
|
let effectiveAlias = resolveAlias(alias)
|
|
139
189
|
if !keyStore.hasKeyPair(alias: effectiveAlias) {
|
|
140
190
|
try keyStore.generateKeyPair(alias: effectiveAlias)
|
|
@@ -162,12 +212,11 @@ final class DPoPModule {
|
|
|
162
212
|
kid: String?,
|
|
163
213
|
jti: String?,
|
|
164
214
|
iat: NSNumber?,
|
|
165
|
-
alias: String
|
|
215
|
+
alias: String?,
|
|
216
|
+
requireHardwareBacked: Bool
|
|
166
217
|
) throws -> [String: Any] {
|
|
167
218
|
let effectiveAlias = resolveAlias(alias)
|
|
168
|
-
|
|
169
|
-
try keyStore.generateKeyPair(alias: effectiveAlias)
|
|
170
|
-
}
|
|
219
|
+
try ensureKeyPair(alias: effectiveAlias, requireHardwareBacked: requireHardwareBacked)
|
|
171
220
|
let keyPair = try keyStore.getKeyPair(alias: effectiveAlias)
|
|
172
221
|
let coordinates = try DPoPUtils.getPublicCoordinates(fromRawPublicKey: try DPoPUtils.toRawPublicKey(keyPair.publicKey))
|
|
173
222
|
|
|
@@ -208,6 +257,13 @@ final class DPoPModule {
|
|
|
208
257
|
|
|
209
258
|
if let additional {
|
|
210
259
|
for (key, value) in additional {
|
|
260
|
+
if reservedDPoPClaims.contains(key) {
|
|
261
|
+
throw NSError(
|
|
262
|
+
domain: "ReactNativeDPoP",
|
|
263
|
+
code: 0,
|
|
264
|
+
userInfo: [NSLocalizedDescriptionKey: "additional must not override reserved DPoP claim: \(key)"]
|
|
265
|
+
)
|
|
266
|
+
}
|
|
211
267
|
payload[key] = value
|
|
212
268
|
}
|
|
213
269
|
}
|
|
@@ -265,14 +321,6 @@ final class DPoPModule {
|
|
|
265
321
|
}
|
|
266
322
|
}
|
|
267
323
|
|
|
268
|
-
func calculateThumbprint(_ alias: String?, resolve: @escaping RCTPromiseResolveBlock, reject: @escaping RCTPromiseRejectBlock) {
|
|
269
|
-
do {
|
|
270
|
-
resolve(try DPoPModule.shared.calculateThumbprint(alias: alias))
|
|
271
|
-
} catch {
|
|
272
|
-
reject("ERR_DPOP_CALCULATE_THUMBPRINT", error.localizedDescription, error)
|
|
273
|
-
}
|
|
274
|
-
}
|
|
275
|
-
|
|
276
324
|
func deleteKeyPair(_ alias: String?, resolve: @escaping RCTPromiseResolveBlock, reject: @escaping RCTPromiseRejectBlock) {
|
|
277
325
|
do {
|
|
278
326
|
try DPoPModule.shared.deleteKeyPair(alias: alias)
|
|
@@ -310,6 +358,14 @@ final class DPoPModule {
|
|
|
310
358
|
}
|
|
311
359
|
}
|
|
312
360
|
|
|
361
|
+
func getPublicKeyThumbprint(_ alias: String?, resolve: @escaping RCTPromiseResolveBlock, reject: @escaping RCTPromiseRejectBlock) {
|
|
362
|
+
do {
|
|
363
|
+
resolve(try DPoPModule.shared.getPublicKeyThumbprint(alias: alias))
|
|
364
|
+
} catch {
|
|
365
|
+
reject("ERR_DPOP_CALCULATE_THUMBPRINT", error.localizedDescription, error)
|
|
366
|
+
}
|
|
367
|
+
}
|
|
368
|
+
|
|
313
369
|
func hasKeyPair(_ alias: String?, resolve: @escaping RCTPromiseResolveBlock, reject: @escaping RCTPromiseRejectBlock) {
|
|
314
370
|
resolve(DPoPModule.shared.hasKeyPair(alias: alias))
|
|
315
371
|
}
|
|
@@ -331,9 +387,9 @@ final class DPoPModule {
|
|
|
331
387
|
}
|
|
332
388
|
}
|
|
333
389
|
|
|
334
|
-
func
|
|
390
|
+
func signWithDPoPPrivateKey(_ payload: String, alias: String?, resolve: @escaping RCTPromiseResolveBlock, reject: @escaping RCTPromiseRejectBlock) {
|
|
335
391
|
do {
|
|
336
|
-
resolve(try DPoPModule.shared.
|
|
392
|
+
resolve(try DPoPModule.shared.signWithDPoPPrivateKey(payload: payload, alias: alias))
|
|
337
393
|
} catch {
|
|
338
394
|
reject("ERR_DPOP_SIGN_WITH_PRIVATE_KEY", error.localizedDescription, error)
|
|
339
395
|
}
|
|
@@ -347,12 +403,20 @@ final class DPoPModule {
|
|
|
347
403
|
additional: [String: Any]?,
|
|
348
404
|
kid: String?,
|
|
349
405
|
jti: String?,
|
|
350
|
-
iat:
|
|
406
|
+
iat: Any?,
|
|
351
407
|
alias: String?,
|
|
408
|
+
requireHardwareBacked: Bool,
|
|
352
409
|
resolve: @escaping RCTPromiseResolveBlock,
|
|
353
410
|
reject: @escaping RCTPromiseRejectBlock
|
|
354
411
|
) {
|
|
355
412
|
do {
|
|
413
|
+
let normalizedIat: NSNumber?
|
|
414
|
+
if iat is NSNull {
|
|
415
|
+
normalizedIat = nil
|
|
416
|
+
} else {
|
|
417
|
+
normalizedIat = iat as? NSNumber
|
|
418
|
+
}
|
|
419
|
+
|
|
356
420
|
resolve(
|
|
357
421
|
try DPoPModule.shared.generateProof(
|
|
358
422
|
htu: htu,
|
|
@@ -362,8 +426,9 @@ final class DPoPModule {
|
|
|
362
426
|
additional: additional,
|
|
363
427
|
kid: kid,
|
|
364
428
|
jti: jti,
|
|
365
|
-
iat:
|
|
366
|
-
alias: alias
|
|
429
|
+
iat: normalizedIat,
|
|
430
|
+
alias: alias,
|
|
431
|
+
requireHardwareBacked: requireHardwareBacked
|
|
367
432
|
)
|
|
368
433
|
)
|
|
369
434
|
} catch {
|
package/ios/DPoPModuleBridge.mm
CHANGED
|
@@ -21,10 +21,6 @@ RCT_EXTERN_METHOD(assertHardwareBacked:(NSString * _Nullable)alias
|
|
|
21
21
|
resolve:(RCTPromiseResolveBlock)resolve
|
|
22
22
|
reject:(RCTPromiseRejectBlock)reject)
|
|
23
23
|
|
|
24
|
-
RCT_EXTERN_METHOD(calculateThumbprint:(NSString * _Nullable)alias
|
|
25
|
-
resolve:(RCTPromiseResolveBlock)resolve
|
|
26
|
-
reject:(RCTPromiseRejectBlock)reject)
|
|
27
|
-
|
|
28
24
|
RCT_EXTERN_METHOD(deleteKeyPair:(NSString * _Nullable)alias
|
|
29
25
|
resolve:(RCTPromiseResolveBlock)resolve
|
|
30
26
|
reject:(RCTPromiseRejectBlock)reject)
|
|
@@ -45,6 +41,10 @@ RCT_EXTERN_METHOD(getPublicKeyRaw:(NSString * _Nullable)alias
|
|
|
45
41
|
resolve:(RCTPromiseResolveBlock)resolve
|
|
46
42
|
reject:(RCTPromiseRejectBlock)reject)
|
|
47
43
|
|
|
44
|
+
RCT_EXTERN_METHOD(getPublicKeyThumbprint:(NSString * _Nullable)alias
|
|
45
|
+
resolve:(RCTPromiseResolveBlock)resolve
|
|
46
|
+
reject:(RCTPromiseRejectBlock)reject)
|
|
47
|
+
|
|
48
48
|
RCT_EXTERN_METHOD(hasKeyPair:(NSString * _Nullable)alias
|
|
49
49
|
resolve:(RCTPromiseResolveBlock)resolve
|
|
50
50
|
reject:(RCTPromiseRejectBlock)reject)
|
|
@@ -58,7 +58,7 @@ RCT_EXTERN_METHOD(rotateKeyPair:(NSString * _Nullable)alias
|
|
|
58
58
|
resolve:(RCTPromiseResolveBlock)resolve
|
|
59
59
|
reject:(RCTPromiseRejectBlock)reject)
|
|
60
60
|
|
|
61
|
-
RCT_EXTERN_METHOD(
|
|
61
|
+
RCT_EXTERN_METHOD(signWithDPoPPrivateKey:(NSString *)payload
|
|
62
62
|
alias:(NSString * _Nullable)alias
|
|
63
63
|
resolve:(RCTPromiseResolveBlock)resolve
|
|
64
64
|
reject:(RCTPromiseRejectBlock)reject)
|
|
@@ -70,8 +70,9 @@ RCT_EXTERN_METHOD(generateProof:(NSString *)htu
|
|
|
70
70
|
additional:(NSDictionary * _Nullable)additional
|
|
71
71
|
kid:(NSString * _Nullable)kid
|
|
72
72
|
jti:(NSString * _Nullable)jti
|
|
73
|
-
iat:(
|
|
73
|
+
iat:(id _Nullable)iat
|
|
74
74
|
alias:(NSString * _Nullable)alias
|
|
75
|
+
requireHardwareBacked:(BOOL)requireHardwareBacked
|
|
75
76
|
resolve:(RCTPromiseResolveBlock)resolve
|
|
76
77
|
reject:(RCTPromiseRejectBlock)reject)
|
|
77
78
|
|
package/ios/DPoPUtils.swift
CHANGED
|
@@ -28,11 +28,6 @@ enum DPoPUtils {
|
|
|
28
28
|
return base64UrlEncode(sha256(data))
|
|
29
29
|
}
|
|
30
30
|
|
|
31
|
-
static func calculateThumbprint(kty: String, crv: String, x: String, y: String) -> String {
|
|
32
|
-
let canonical = "{\"crv\":\"\(crv)\",\"kty\":\"\(kty)\",\"x\":\"\(x)\",\"y\":\"\(y)\"}"
|
|
33
|
-
return base64UrlEncode(sha256(Data(canonical.utf8)))
|
|
34
|
-
}
|
|
35
|
-
|
|
36
31
|
static func jsonData(_ object: Any) throws -> Data {
|
|
37
32
|
if #available(iOS 11.0, *) {
|
|
38
33
|
return try JSONSerialization.data(withJSONObject: object, options: [.sortedKeys])
|
|
@@ -92,6 +87,11 @@ enum DPoPUtils {
|
|
|
92
87
|
return (base64UrlEncode(x), base64UrlEncode(y))
|
|
93
88
|
}
|
|
94
89
|
|
|
90
|
+
static func getPublicKeyThumbprint(kty: String, crv: String, x: String, y: String) -> String {
|
|
91
|
+
let canonical = "{\"crv\":\"\(crv)\",\"kty\":\"\(kty)\",\"x\":\"\(x)\",\"y\":\"\(y)\"}"
|
|
92
|
+
return base64UrlEncode(sha256(Data(canonical.utf8)))
|
|
93
|
+
}
|
|
94
|
+
|
|
95
95
|
static func toRawPublicKey(_ publicKey: SecKey) throws -> Data {
|
|
96
96
|
var error: Unmanaged<CFError>?
|
|
97
97
|
guard let publicKeyData = SecKeyCopyExternalRepresentation(publicKey, &error) as Data? else {
|
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
3
|
import { NativeModules, TurboModuleRegistry } from 'react-native';
|
|
4
|
-
const
|
|
5
|
-
|
|
4
|
+
const nativeDPoPModule =
|
|
5
|
+
// eslint-disable-next-line dot-notation -- required by noPropertyAccessFromIndexSignature from @tsconfig/strictest
|
|
6
|
+
TurboModuleRegistry.get('ReactNativeDPoP') ?? NativeModules['ReactNativeDPoP'];
|
|
7
|
+
export default nativeDPoPModule;
|
|
6
8
|
//# sourceMappingURL=NativeReactNativeDPoP.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["NativeModules","TurboModuleRegistry","
|
|
1
|
+
{"version":3,"names":["NativeModules","TurboModuleRegistry","nativeDPoPModule","get"],"sourceRoot":"../../src","sources":["NativeReactNativeDPoP.ts"],"mappings":";;AACA,SAASA,aAAa,EAAEC,mBAAmB,QAAQ,cAAc;AA6BjE,MAAMC,gBAAgB;AACpB;AACAD,mBAAmB,CAACE,GAAG,CAAO,iBAAiB,CAAC,IAAKH,aAAa,CAAC,iBAAiB,CAAsB;AAE5G,eAAeE,gBAAgB","ignoreList":[]}
|
package/lib/module/index.js
CHANGED
|
@@ -7,34 +7,27 @@ export class DPoP {
|
|
|
7
7
|
this.proofContext = proofContext;
|
|
8
8
|
this.alias = alias;
|
|
9
9
|
}
|
|
10
|
-
async calculateThumbprint() {
|
|
11
|
-
return NativeReactNativeDPoP.calculateThumbprint(this.alias ?? null);
|
|
12
|
-
}
|
|
13
|
-
async getPublicKey(format) {
|
|
14
|
-
if (format === 'DER') {
|
|
15
|
-
return NativeReactNativeDPoP.getPublicKeyDer(this.alias ?? null);
|
|
16
|
-
}
|
|
17
|
-
if (format === 'RAW') {
|
|
18
|
-
return NativeReactNativeDPoP.getPublicKeyRaw(this.alias ?? null);
|
|
19
|
-
}
|
|
20
|
-
return NativeReactNativeDPoP.getPublicKeyJwk(this.alias ?? null);
|
|
21
|
-
}
|
|
22
|
-
async signWithDpopPrivateKey(payload) {
|
|
23
|
-
return NativeReactNativeDPoP.signWithDpopPrivateKey(payload, this.alias ?? null);
|
|
24
|
-
}
|
|
25
|
-
async isBoundToAlias(alias) {
|
|
26
|
-
return NativeReactNativeDPoP.isBoundToAlias(this.proof, alias ?? this.alias ?? null);
|
|
27
|
-
}
|
|
28
|
-
static async generateProof(input) {
|
|
29
|
-
const result = await NativeReactNativeDPoP.generateProof(input.htu, input.htm, input.nonce ?? null, input.accessToken ?? null, input.additional ?? null, input.kid ?? null, input.jti ?? null, input.iat ?? null, input.alias ?? null);
|
|
30
|
-
return new DPoP(result.proof, result.proofContext, input.alias);
|
|
31
|
-
}
|
|
32
10
|
static async assertHardwareBacked(alias) {
|
|
33
11
|
await NativeReactNativeDPoP.assertHardwareBacked(alias ?? null);
|
|
34
12
|
}
|
|
13
|
+
static async buildDPoPHeaders(input) {
|
|
14
|
+
const dPoP = await DPoP.generateProof(input);
|
|
15
|
+
return {
|
|
16
|
+
DPoP: dPoP.proof,
|
|
17
|
+
...(input.accessToken ? {
|
|
18
|
+
Authorization: `DPoP ${input.accessToken}`
|
|
19
|
+
} : {})
|
|
20
|
+
};
|
|
21
|
+
}
|
|
35
22
|
static async deleteKeyPair(alias) {
|
|
36
23
|
await NativeReactNativeDPoP.deleteKeyPair(alias ?? null);
|
|
37
24
|
}
|
|
25
|
+
static async generateProof(input) {
|
|
26
|
+
const result = await NativeReactNativeDPoP.generateProof(input.htu, input.htm, input.nonce ?? null, input.accessToken ?? null, input.additional ?? null, input.kid ?? null, input.jti ?? null,
|
|
27
|
+
// RN 0.75 Android bridge can crash when a nullable Double arrives as null.
|
|
28
|
+
input.iat ?? Math.floor(Date.now() / 1000), input.alias ?? null, input.requireHardwareBacked ?? false);
|
|
29
|
+
return new DPoP(result.proof, result.proofContext, input.alias);
|
|
30
|
+
}
|
|
38
31
|
static async getKeyInfo(alias) {
|
|
39
32
|
return NativeReactNativeDPoP.getKeyInfo(alias ?? null);
|
|
40
33
|
}
|
|
@@ -44,5 +37,23 @@ export class DPoP {
|
|
|
44
37
|
static async rotateKeyPair(alias) {
|
|
45
38
|
await NativeReactNativeDPoP.rotateKeyPair(alias ?? null);
|
|
46
39
|
}
|
|
40
|
+
async getPublicKey(format) {
|
|
41
|
+
if (format === 'DER') {
|
|
42
|
+
return NativeReactNativeDPoP.getPublicKeyDer(this.alias ?? null);
|
|
43
|
+
}
|
|
44
|
+
if (format === 'RAW') {
|
|
45
|
+
return NativeReactNativeDPoP.getPublicKeyRaw(this.alias ?? null);
|
|
46
|
+
}
|
|
47
|
+
return NativeReactNativeDPoP.getPublicKeyJwk(this.alias ?? null);
|
|
48
|
+
}
|
|
49
|
+
async getPublicKeyThumbprint() {
|
|
50
|
+
return NativeReactNativeDPoP.getPublicKeyThumbprint(this.alias ?? null);
|
|
51
|
+
}
|
|
52
|
+
async isBoundToAlias(alias) {
|
|
53
|
+
return NativeReactNativeDPoP.isBoundToAlias(this.proof, alias ?? this.alias ?? null);
|
|
54
|
+
}
|
|
55
|
+
async signWithDPoPPrivateKey(payload) {
|
|
56
|
+
return NativeReactNativeDPoP.signWithDPoPPrivateKey(payload, this.alias ?? null);
|
|
57
|
+
}
|
|
47
58
|
}
|
|
48
59
|
//# sourceMappingURL=index.js.map
|
package/lib/module/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["NativeReactNativeDPoP","DPoP","constructor","proof","proofContext","alias","
|
|
1
|
+
{"version":3,"names":["NativeReactNativeDPoP","DPoP","constructor","proof","proofContext","alias","assertHardwareBacked","buildDPoPHeaders","input","dPoP","generateProof","accessToken","Authorization","deleteKeyPair","result","htu","htm","nonce","additional","kid","jti","iat","Math","floor","Date","now","requireHardwareBacked","getKeyInfo","hasKeyPair","rotateKeyPair","getPublicKey","format","getPublicKeyDer","getPublicKeyRaw","getPublicKeyJwk","getPublicKeyThumbprint","isBoundToAlias","signWithDPoPPrivateKey","payload"],"sourceRoot":"../../src","sources":["index.tsx"],"mappings":";;AAAA,OAAOA,qBAAqB,MAAM,4BAAyB;AA2E3D,OAAO,MAAMC,IAAI,CAAC;EAKRC,WAAWA,CAACC,KAAa,EAAEC,YAA8B,EAAEC,KAAc,EAAE;IACjF,IAAI,CAACF,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACC,YAAY,GAAGA,YAAY;IAChC,IAAI,CAACC,KAAK,GAAGA,KAAK;EACpB;EAEA,aAAoBC,oBAAoBA,CAACD,KAAc,EAAiB;IACtE,MAAML,qBAAqB,CAACM,oBAAoB,CAACD,KAAK,IAAI,IAAI,CAAC;EACjE;EAEA,aAAoBE,gBAAgBA,CAACC,KAAyB,EAAwB;IACpF,MAAMC,IAAI,GAAG,MAAMR,IAAI,CAACS,aAAa,CAACF,KAAK,CAAC;IAE5C,OAAO;MACLP,IAAI,EAAEQ,IAAI,CAACN,KAAK;MAChB,IAAIK,KAAK,CAACG,WAAW,GAAG;QAAEC,aAAa,EAAE,QAAQJ,KAAK,CAACG,WAAW;MAAG,CAAC,GAAG,CAAC,CAAC;IAC7E,CAAC;EACH;EAEA,aAAoBE,aAAaA,CAACR,KAAc,EAAiB;IAC/D,MAAML,qBAAqB,CAACa,aAAa,CAACR,KAAK,IAAI,IAAI,CAAC;EAC1D;EAEA,aAAoBK,aAAaA,CAACF,KAAyB,EAAiB;IAC1E,MAAMM,MAAM,GAAI,MAAMd,qBAAqB,CAACU,aAAa,CACvDF,KAAK,CAACO,GAAG,EACTP,KAAK,CAACQ,GAAG,EACTR,KAAK,CAACS,KAAK,IAAI,IAAI,EACnBT,KAAK,CAACG,WAAW,IAAI,IAAI,EACzBH,KAAK,CAACU,UAAU,IAAI,IAAI,EACxBV,KAAK,CAACW,GAAG,IAAI,IAAI,EACjBX,KAAK,CAACY,GAAG,IAAI,IAAI;IACjB;IACAZ,KAAK,CAACa,GAAG,IAAIC,IAAI,CAACC,KAAK,CAACC,IAAI,CAACC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,EAC1CjB,KAAK,CAACH,KAAK,IAAI,IAAI,EACnBG,KAAK,CAACkB,qBAAqB,IAAI,KACjC,CAAyB;IAEzB,OAAO,IAAIzB,IAAI,CAACa,MAAM,CAACX,KAAK,EAAEW,MAAM,CAACV,YAAY,EAAEI,KAAK,CAACH,KAAK,CAAC;EACjE;EAEA,aAAoBsB,UAAUA,CAACtB,KAAc,EAAwB;IACnE,OAAOL,qBAAqB,CAAC2B,UAAU,CAACtB,KAAK,IAAI,IAAI,CAAC;EACxD;EAEA,aAAoBuB,UAAUA,CAACvB,KAAc,EAAoB;IAC/D,OAAOL,qBAAqB,CAAC4B,UAAU,CAACvB,KAAK,IAAI,IAAI,CAAC;EACxD;EAEA,aAAoBwB,aAAaA,CAACxB,KAAc,EAAiB;IAC/D,MAAML,qBAAqB,CAAC6B,aAAa,CAACxB,KAAK,IAAI,IAAI,CAAC;EAC1D;EAEA,MAAayB,YAAYA,CAACC,MAAuB,EAA+B;IAC9E,IAAIA,MAAM,KAAK,KAAK,EAAE;MACpB,OAAO/B,qBAAqB,CAACgC,eAAe,CAAC,IAAI,CAAC3B,KAAK,IAAI,IAAI,CAAC;IAClE;IACA,IAAI0B,MAAM,KAAK,KAAK,EAAE;MACpB,OAAO/B,qBAAqB,CAACiC,eAAe,CAAC,IAAI,CAAC5B,KAAK,IAAI,IAAI,CAAC;IAClE;IAEA,OAAOL,qBAAqB,CAACkC,eAAe,CAAC,IAAI,CAAC7B,KAAK,IAAI,IAAI,CAAC;EAClE;EAEA,MAAa8B,sBAAsBA,CAAA,EAAoB;IACrD,OAAOnC,qBAAqB,CAACmC,sBAAsB,CAAC,IAAI,CAAC9B,KAAK,IAAI,IAAI,CAAC;EACzE;EAEA,MAAa+B,cAAcA,CAAC/B,KAAc,EAAoB;IAC5D,OAAOL,qBAAqB,CAACoC,cAAc,CAAC,IAAI,CAACjC,KAAK,EAAEE,KAAK,IAAI,IAAI,CAACA,KAAK,IAAI,IAAI,CAAC;EACtF;EAEA,MAAagC,sBAAsBA,CAACC,OAAe,EAAmB;IACpE,OAAOtC,qBAAqB,CAACqC,sBAAsB,CAACC,OAAO,EAAE,IAAI,CAACjC,KAAK,IAAI,IAAI,CAAC;EAClF;AACF","ignoreList":[]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"DPoPExampleContent.d.ts","sourceRoot":"","sources":["../../../../examples/shared/DPoPExampleContent.tsx"],"names":[],"mappings":"AAIA,MAAM,CAAC,OAAO,UAAU,kBAAkB,IAAI,GAAG,CAAC,OAAO,CA2BxD"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"App.d.ts","sourceRoot":"","sources":["../../../../examples/v0.75/App.tsx"],"names":[],"mappings":"AAIA,MAAM,CAAC,OAAO,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAMzC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"App.d.ts","sourceRoot":"","sources":["../../../../examples/v0.83/App.tsx"],"names":[],"mappings":"AAKA,MAAM,CAAC,OAAO,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAMzC"}
|
|
@@ -2,17 +2,17 @@ import type { TurboModule } from 'react-native';
|
|
|
2
2
|
import type { UnsafeObject } from 'react-native/Libraries/Types/CodegenTypes';
|
|
3
3
|
export interface Spec extends TurboModule {
|
|
4
4
|
assertHardwareBacked(alias: string | null): Promise<void>;
|
|
5
|
-
calculateThumbprint(alias: string | null): Promise<string>;
|
|
6
5
|
deleteKeyPair(alias: string | null): Promise<void>;
|
|
6
|
+
generateProof(htu: string, htm: string, nonce: string | null, accessToken: string | null, additional: UnsafeObject | null, kid: string | null, jti: string | null, iat: number | null, alias: string | null, requireHardwareBacked: boolean): Promise<UnsafeObject>;
|
|
7
7
|
getKeyInfo(alias: string | null): Promise<UnsafeObject>;
|
|
8
8
|
getPublicKeyDer(alias: string | null): Promise<string>;
|
|
9
9
|
getPublicKeyJwk(alias: string | null): Promise<UnsafeObject>;
|
|
10
10
|
getPublicKeyRaw(alias: string | null): Promise<string>;
|
|
11
|
+
getPublicKeyThumbprint(alias: string | null): Promise<string>;
|
|
11
12
|
hasKeyPair(alias: string | null): Promise<boolean>;
|
|
12
13
|
isBoundToAlias(proof: string, alias: string | null): Promise<boolean>;
|
|
13
14
|
rotateKeyPair(alias: string | null): Promise<void>;
|
|
14
|
-
|
|
15
|
-
generateProof(htu: string, htm: string, nonce: string | null, accessToken: string | null, additional: UnsafeObject | null, kid: string | null, jti: string | null, iat: number | null, alias: string | null): Promise<UnsafeObject>;
|
|
15
|
+
signWithDPoPPrivateKey(payload: string, alias: string | null): Promise<string>;
|
|
16
16
|
}
|
|
17
17
|
declare const _default: Spec;
|
|
18
18
|
export default _default;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"NativeReactNativeDPoP.d.ts","sourceRoot":"","sources":["../../../src/NativeReactNativeDPoP.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAEhD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,2CAA2C,CAAC;AAE9E,MAAM,WAAW,IAAK,SAAQ,WAAW;IACvC,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1D,
|
|
1
|
+
{"version":3,"file":"NativeReactNativeDPoP.d.ts","sourceRoot":"","sources":["../../../src/NativeReactNativeDPoP.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAEhD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,2CAA2C,CAAC;AAE9E,MAAM,WAAW,IAAK,SAAQ,WAAW;IACvC,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1D,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACnD,aAAa,CACX,GAAG,EAAE,MAAM,EACX,GAAG,EAAE,MAAM,EACX,KAAK,EAAE,MAAM,GAAG,IAAI,EACpB,WAAW,EAAE,MAAM,GAAG,IAAI,EAC1B,UAAU,EAAE,YAAY,GAAG,IAAI,EAC/B,GAAG,EAAE,MAAM,GAAG,IAAI,EAClB,GAAG,EAAE,MAAM,GAAG,IAAI,EAClB,GAAG,EAAE,MAAM,GAAG,IAAI,EAClB,KAAK,EAAE,MAAM,GAAG,IAAI,EACpB,qBAAqB,EAAE,OAAO,GAC7B,OAAO,CAAC,YAAY,CAAC,CAAC;IACzB,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACxD,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACvD,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IAC7D,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACvD,sBAAsB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC9D,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACnD,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACtE,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACnD,sBAAsB,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CAChF;wBAMkC,IAAI;AAAvC,wBAAwC"}
|
|
@@ -1,69 +1,79 @@
|
|
|
1
1
|
type AdditionalClaims = Record<string, unknown>;
|
|
2
2
|
export type PublicJwk = {
|
|
3
|
-
kty: 'EC';
|
|
4
3
|
crv: 'P-256';
|
|
4
|
+
kty: 'EC';
|
|
5
5
|
x: string;
|
|
6
6
|
y: string;
|
|
7
7
|
};
|
|
8
8
|
export type PublicKeyFormat = 'JWK' | 'DER' | 'RAW';
|
|
9
9
|
export type SecureHardwareFallbackReason = 'UNAVAILABLE' | 'PROVIDER_ERROR' | 'POLICY_REJECTED' | 'UNKNOWN';
|
|
10
|
+
export type AndroidSecurityLevelName = 'SOFTWARE' | 'TRUSTED_ENVIRONMENT' | 'STRONGBOX';
|
|
11
|
+
export type IOSSecurityLevelName = 'SOFTWARE' | 'SECURE_ENCLAVE';
|
|
10
12
|
export type DPoPKeyInfo = {
|
|
11
|
-
alias: string;
|
|
12
|
-
hasKeyPair: boolean;
|
|
13
13
|
algorithm?: string;
|
|
14
|
+
alias: string;
|
|
14
15
|
curve?: string;
|
|
15
|
-
insideSecureHardware?: boolean;
|
|
16
16
|
hardware?: {
|
|
17
17
|
android?: {
|
|
18
|
+
securityLevel?: number;
|
|
19
|
+
securityLevelName?: AndroidSecurityLevelName;
|
|
18
20
|
strongBoxAvailable: boolean;
|
|
19
21
|
strongBoxBacked: boolean;
|
|
20
|
-
securityLevel?: number;
|
|
21
22
|
strongBoxFallbackReason?: SecureHardwareFallbackReason | null;
|
|
22
23
|
};
|
|
23
24
|
ios?: {
|
|
24
25
|
secureEnclaveAvailable: boolean;
|
|
25
26
|
secureEnclaveBacked: boolean;
|
|
26
|
-
securityLevel?: number | null;
|
|
27
27
|
secureEnclaveFallbackReason?: SecureHardwareFallbackReason | null;
|
|
28
|
+
securityLevel?: number | null;
|
|
29
|
+
securityLevelName?: IOSSecurityLevelName;
|
|
28
30
|
};
|
|
29
31
|
};
|
|
32
|
+
hasKeyPair: boolean;
|
|
33
|
+
insideSecureHardware?: boolean;
|
|
30
34
|
};
|
|
31
35
|
export type GenerateProofInput = {
|
|
32
|
-
htu: string;
|
|
33
|
-
htm: string;
|
|
34
|
-
nonce?: string;
|
|
35
36
|
accessToken?: string;
|
|
36
37
|
additional?: AdditionalClaims;
|
|
37
|
-
kid?: string;
|
|
38
|
-
jti?: string;
|
|
39
|
-
iat?: number;
|
|
40
38
|
alias?: string;
|
|
39
|
+
htm: string;
|
|
40
|
+
htu: string;
|
|
41
|
+
iat?: number;
|
|
42
|
+
jti?: string;
|
|
43
|
+
kid?: string;
|
|
44
|
+
nonce?: string;
|
|
45
|
+
requireHardwareBacked?: boolean;
|
|
46
|
+
};
|
|
47
|
+
export type DPoPHeaders = {
|
|
48
|
+
Authorization?: string;
|
|
49
|
+
DPoP: string;
|
|
41
50
|
};
|
|
42
51
|
export type DPoPProofContext = {
|
|
43
|
-
htu: string;
|
|
44
|
-
htm: string;
|
|
45
|
-
nonce: string | null;
|
|
46
|
-
ath: string | null;
|
|
47
52
|
additional: AdditionalClaims | null;
|
|
48
|
-
|
|
49
|
-
|
|
53
|
+
ath: string | null;
|
|
54
|
+
htm: string;
|
|
55
|
+
htu: string;
|
|
50
56
|
iat: number;
|
|
57
|
+
jti: string;
|
|
58
|
+
kid: string | null;
|
|
59
|
+
nonce: string | null;
|
|
51
60
|
};
|
|
52
61
|
export declare class DPoP {
|
|
62
|
+
readonly alias: string | undefined;
|
|
53
63
|
readonly proof: string;
|
|
54
|
-
readonly alias?: string;
|
|
55
64
|
readonly proofContext: DPoPProofContext;
|
|
56
65
|
private constructor();
|
|
57
|
-
calculateThumbprint(): Promise<string>;
|
|
58
|
-
getPublicKey(format: PublicKeyFormat): Promise<PublicJwk | string>;
|
|
59
|
-
signWithDpopPrivateKey(payload: string): Promise<string>;
|
|
60
|
-
isBoundToAlias(alias?: string): Promise<boolean>;
|
|
61
|
-
static generateProof(input: GenerateProofInput): Promise<DPoP>;
|
|
62
66
|
static assertHardwareBacked(alias?: string): Promise<void>;
|
|
67
|
+
static buildDPoPHeaders(input: GenerateProofInput): Promise<DPoPHeaders>;
|
|
63
68
|
static deleteKeyPair(alias?: string): Promise<void>;
|
|
69
|
+
static generateProof(input: GenerateProofInput): Promise<DPoP>;
|
|
64
70
|
static getKeyInfo(alias?: string): Promise<DPoPKeyInfo>;
|
|
65
71
|
static hasKeyPair(alias?: string): Promise<boolean>;
|
|
66
72
|
static rotateKeyPair(alias?: string): Promise<void>;
|
|
73
|
+
getPublicKey(format: PublicKeyFormat): Promise<PublicJwk | string>;
|
|
74
|
+
getPublicKeyThumbprint(): Promise<string>;
|
|
75
|
+
isBoundToAlias(alias?: string): Promise<boolean>;
|
|
76
|
+
signWithDPoPPrivateKey(payload: string): Promise<string>;
|
|
67
77
|
}
|
|
68
78
|
export {};
|
|
69
79
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.tsx"],"names":[],"mappings":"AAEA,KAAK,gBAAgB,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAEhD,MAAM,MAAM,SAAS,GAAG;IACtB,GAAG,EAAE,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.tsx"],"names":[],"mappings":"AAEA,KAAK,gBAAgB,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAEhD,MAAM,MAAM,SAAS,GAAG;IACtB,GAAG,EAAE,OAAO,CAAC;IACb,GAAG,EAAE,IAAI,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;CACX,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,CAAC;AAEpD,MAAM,MAAM,4BAA4B,GAAG,aAAa,GAAG,gBAAgB,GAAG,iBAAiB,GAAG,SAAS,CAAC;AAC5G,MAAM,MAAM,wBAAwB,GAAG,UAAU,GAAG,qBAAqB,GAAG,WAAW,CAAC;AACxF,MAAM,MAAM,oBAAoB,GAAG,UAAU,GAAG,gBAAgB,CAAC;AAEjE,MAAM,MAAM,WAAW,GAAG;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE;QACT,OAAO,CAAC,EAAE;YACR,aAAa,CAAC,EAAE,MAAM,CAAC;YACvB,iBAAiB,CAAC,EAAE,wBAAwB,CAAC;YAC7C,kBAAkB,EAAE,OAAO,CAAC;YAC5B,eAAe,EAAE,OAAO,CAAC;YACzB,uBAAuB,CAAC,EAAE,4BAA4B,GAAG,IAAI,CAAC;SAC/D,CAAC;QACF,GAAG,CAAC,EAAE;YACJ,sBAAsB,EAAE,OAAO,CAAC;YAChC,mBAAmB,EAAE,OAAO,CAAC;YAC7B,2BAA2B,CAAC,EAAE,4BAA4B,GAAG,IAAI,CAAC;YAClE,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;YAC9B,iBAAiB,CAAC,EAAE,oBAAoB,CAAC;SAC1C,CAAC;KACH,CAAC;IACF,UAAU,EAAE,OAAO,CAAC;IACpB,oBAAoB,CAAC,EAAE,OAAO,CAAC;CAChC,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,gBAAgB,CAAC;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,qBAAqB,CAAC,EAAE,OAAO,CAAC;CACjC,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,UAAU,EAAE,gBAAgB,GAAG,IAAI,CAAC;IACpC,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB,CAAC;AAOF,qBAAa,IAAI;IACf,SAAgB,KAAK,EAAE,MAAM,GAAG,SAAS,CAAC;IAC1C,SAAgB,KAAK,EAAE,MAAM,CAAC;IAC9B,SAAgB,YAAY,EAAE,gBAAgB,CAAC;IAE/C,OAAO;WAMa,oBAAoB,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;WAInD,gBAAgB,CAAC,KAAK,EAAE,kBAAkB,GAAG,OAAO,CAAC,WAAW,CAAC;WASjE,aAAa,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;WAI5C,aAAa,CAAC,KAAK,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;WAkBvD,UAAU,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;WAIhD,UAAU,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;WAI5C,aAAa,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAInD,YAAY,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,SAAS,GAAG,MAAM,CAAC;IAWlE,sBAAsB,IAAI,OAAO,CAAC,MAAM,CAAC;IAIzC,cAAc,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAIhD,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAGtE"}
|