samlesa 2.18.1 → 2.18.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of samlesa might be problematic. Click here for more details.
- package/build/src/binding-artifact.js +1 -1
- package/build/src/flow.js +19 -101
- package/build/src/libsaml.js +87 -214
- package/package.json +77 -77
- package/types/api.d.ts +15 -0
- package/types/api.d.ts.map +1 -0
- package/types/binding-post.d.ts +48 -0
- package/types/binding-post.d.ts.map +1 -0
- package/types/binding-redirect.d.ts +54 -0
- package/types/binding-redirect.d.ts.map +1 -0
- package/types/binding-simplesign.d.ts +41 -0
- package/types/binding-simplesign.d.ts.map +1 -0
- package/types/entity-idp.d.ts +38 -0
- package/types/entity-idp.d.ts.map +1 -0
- package/types/entity-sp.d.ts +38 -0
- package/types/entity-sp.d.ts.map +1 -0
- package/types/entity.d.ts +100 -0
- package/types/entity.d.ts.map +1 -0
- package/types/extractor.d.ts +26 -0
- package/types/extractor.d.ts.map +1 -0
- package/types/flow.d.ts +7 -0
- package/types/flow.d.ts.map +1 -0
- package/types/libsaml.d.ts +208 -0
- package/types/libsaml.d.ts.map +1 -0
- package/types/metadata-idp.d.ts +25 -0
- package/types/metadata-idp.d.ts.map +1 -0
- package/types/metadata-sp.d.ts +37 -0
- package/types/metadata-sp.d.ts.map +1 -0
- package/types/metadata.d.ts +58 -0
- package/types/metadata.d.ts.map +1 -0
- package/types/src/flow.d.ts.map +1 -1
- package/types/src/libsaml.d.ts +12 -20
- package/types/src/libsaml.d.ts.map +1 -1
- package/types/src/utility.d.ts +1 -1
- package/types/src/utility.d.ts.map +1 -1
- package/types/types.d.ts +128 -0
- package/types/types.d.ts.map +1 -0
- package/types/urn.d.ts +195 -0
- package/types/urn.d.ts.map +1 -0
- package/types/utility.d.ts +133 -0
- package/types/utility.d.ts.map +1 -0
- package/types/validator.d.ts +4 -0
- package/types/validator.d.ts.map +1 -0
|
@@ -0,0 +1,208 @@
|
|
|
1
|
+
import type { MetadataInterface } from './metadata.js';
|
|
2
|
+
/**
|
|
3
|
+
* 生成 SAML Attribute 元素(不带 XML 声明头)
|
|
4
|
+
* @param {Array} attributeData - 属性配置数据
|
|
5
|
+
* @returns {string} SAML Attribute XML 字符串
|
|
6
|
+
*/
|
|
7
|
+
export interface SignatureConstructor {
|
|
8
|
+
rawSamlMessage: string;
|
|
9
|
+
referenceTagXPath?: string;
|
|
10
|
+
privateKey: string;
|
|
11
|
+
privateKeyPass?: string;
|
|
12
|
+
signatureAlgorithm: string;
|
|
13
|
+
signingCert: string | Buffer;
|
|
14
|
+
isBase64Output?: boolean;
|
|
15
|
+
signatureConfig?: any;
|
|
16
|
+
isMessageSigned?: boolean;
|
|
17
|
+
transformationAlgorithms?: string[];
|
|
18
|
+
}
|
|
19
|
+
export interface SignatureVerifierOptions {
|
|
20
|
+
metadata?: MetadataInterface;
|
|
21
|
+
keyFile?: string;
|
|
22
|
+
signatureAlgorithm?: string;
|
|
23
|
+
}
|
|
24
|
+
export interface ExtractorResult {
|
|
25
|
+
[key: string]: any;
|
|
26
|
+
signature?: string | string[];
|
|
27
|
+
issuer?: string | string[];
|
|
28
|
+
nameID?: string;
|
|
29
|
+
notexist?: boolean;
|
|
30
|
+
}
|
|
31
|
+
export interface LoginResponseAttribute {
|
|
32
|
+
name: string;
|
|
33
|
+
nameFormat: string;
|
|
34
|
+
valueXsiType: string;
|
|
35
|
+
valueTag: string;
|
|
36
|
+
valueXmlnsXs?: string;
|
|
37
|
+
valueXmlnsXsi?: string;
|
|
38
|
+
type?: string | string[];
|
|
39
|
+
}
|
|
40
|
+
export interface LoginResponseAdditionalTemplates {
|
|
41
|
+
attributeStatementTemplate?: AttributeStatementTemplate;
|
|
42
|
+
attributeTemplate?: AttributeTemplate;
|
|
43
|
+
}
|
|
44
|
+
export interface BaseSamlTemplate {
|
|
45
|
+
context: string;
|
|
46
|
+
}
|
|
47
|
+
export interface LoginResponseTemplate extends BaseSamlTemplate {
|
|
48
|
+
attributes?: LoginResponseAttribute[];
|
|
49
|
+
additionalTemplates?: LoginResponseAdditionalTemplates;
|
|
50
|
+
}
|
|
51
|
+
export interface AttributeStatementTemplate extends BaseSamlTemplate {
|
|
52
|
+
}
|
|
53
|
+
export interface AttributeTemplate extends BaseSamlTemplate {
|
|
54
|
+
}
|
|
55
|
+
export interface LoginRequestTemplate extends BaseSamlTemplate {
|
|
56
|
+
}
|
|
57
|
+
export interface LogoutRequestTemplate extends BaseSamlTemplate {
|
|
58
|
+
}
|
|
59
|
+
export interface LogoutResponseTemplate extends BaseSamlTemplate {
|
|
60
|
+
}
|
|
61
|
+
export type KeyUse = 'signing' | 'encryption';
|
|
62
|
+
export interface KeyComponent {
|
|
63
|
+
[key: string]: any;
|
|
64
|
+
}
|
|
65
|
+
export interface LibSamlInterface {
|
|
66
|
+
getQueryParamByType: (type: string) => string;
|
|
67
|
+
createXPath: (local: any, isExtractAll?: boolean) => string;
|
|
68
|
+
replaceTagsByValue: (rawXML: string, tagValues: any) => string;
|
|
69
|
+
attributeStatementBuilder: (attributes: LoginResponseAttribute[], attributeTemplate: AttributeTemplate, attributeStatementTemplate: AttributeStatementTemplate) => string;
|
|
70
|
+
constructSAMLSignature: (opts: SignatureConstructor) => string;
|
|
71
|
+
verifySignature: (xml: string, opts: SignatureVerifierOptions) => [boolean, any];
|
|
72
|
+
createKeySection: (use: KeyUse, cert: string | Buffer) => {};
|
|
73
|
+
constructMessageSignature: (octetString: string, key: string, passphrase?: string, isBase64?: boolean, signingAlgorithm?: string) => string;
|
|
74
|
+
verifyMessageSignature: (metadata: any, octetString: string, signature: string | Buffer, verifyAlgorithm?: string) => boolean;
|
|
75
|
+
getKeyInfo: (x509Certificate: string, signatureConfig?: any) => void;
|
|
76
|
+
encryptAssertion: (sourceEntity: any, targetEntity: any, entireXML: string) => Promise<string>;
|
|
77
|
+
decryptAssertion: (here: any, entireXML: string) => Promise<[string, any]>;
|
|
78
|
+
getSigningScheme: (sigAlg: string) => string | null;
|
|
79
|
+
getDigestMethod: (sigAlg: string) => string | null;
|
|
80
|
+
nrsaAliasMapping: any;
|
|
81
|
+
defaultLoginRequestTemplate: LoginRequestTemplate;
|
|
82
|
+
defaultLoginResponseTemplate: LoginResponseTemplate;
|
|
83
|
+
defaultAttributeStatementTemplate: AttributeStatementTemplate;
|
|
84
|
+
defaultAttributeTemplate: AttributeTemplate;
|
|
85
|
+
defaultLogoutRequestTemplate: LogoutRequestTemplate;
|
|
86
|
+
defaultLogoutResponseTemplate: LogoutResponseTemplate;
|
|
87
|
+
}
|
|
88
|
+
declare const _default: {
|
|
89
|
+
createXPath: (local: any, isExtractAll?: boolean) => string;
|
|
90
|
+
getQueryParamByType: (type: string) => "SAMLRequest" | "SAMLResponse";
|
|
91
|
+
defaultLoginRequestTemplate: {
|
|
92
|
+
context: string;
|
|
93
|
+
};
|
|
94
|
+
defaultLoginResponseTemplate: {
|
|
95
|
+
context: string;
|
|
96
|
+
attributes: never[];
|
|
97
|
+
additionalTemplates: {
|
|
98
|
+
attributeStatementTemplate: {
|
|
99
|
+
context: string;
|
|
100
|
+
};
|
|
101
|
+
attributeTemplate: {
|
|
102
|
+
context: string;
|
|
103
|
+
};
|
|
104
|
+
};
|
|
105
|
+
};
|
|
106
|
+
defaultAttributeStatementTemplate: {
|
|
107
|
+
context: string;
|
|
108
|
+
};
|
|
109
|
+
defaultAttributeTemplate: {
|
|
110
|
+
context: string;
|
|
111
|
+
};
|
|
112
|
+
defaultLogoutRequestTemplate: {
|
|
113
|
+
context: string;
|
|
114
|
+
};
|
|
115
|
+
defaultLogoutResponseTemplate: {
|
|
116
|
+
context: string;
|
|
117
|
+
};
|
|
118
|
+
defaultAttributeValueTemplate: {
|
|
119
|
+
context: string;
|
|
120
|
+
};
|
|
121
|
+
/**
|
|
122
|
+
* @desc Replace the tag (e.g. {tag}) inside the raw XML
|
|
123
|
+
* @param {string} rawXML raw XML string used to do keyword replacement
|
|
124
|
+
* @param {array} tagValues tag values
|
|
125
|
+
* @return {string}
|
|
126
|
+
*/
|
|
127
|
+
replaceTagsByValue(rawXML: string, tagValues: Record<string, unknown>): string;
|
|
128
|
+
/**
|
|
129
|
+
* @desc Helper function to build the AttributeStatement tag
|
|
130
|
+
* @param {LoginResponseAttribute} attributes an array of attribute configuration
|
|
131
|
+
* @param {AttributeTemplate} attributeTemplate the attribute tag template to be used
|
|
132
|
+
* @param {AttributeStatementTemplate} attributeStatementTemplate the attributeStatement tag template to be used
|
|
133
|
+
* @return {string}
|
|
134
|
+
*/
|
|
135
|
+
/** For Test */
|
|
136
|
+
attributeStatementBuilder(attributeData: any[]): string;
|
|
137
|
+
/**
|
|
138
|
+
* @desc Construct the XML signature for POST binding
|
|
139
|
+
* @param {string} rawSamlMessage request/response xml string
|
|
140
|
+
* @param {string} referenceTagXPath reference uri
|
|
141
|
+
* @param {string} privateKey declares the private key
|
|
142
|
+
* @param {string} passphrase passphrase of the private key [optional]
|
|
143
|
+
* @param {string|buffer} signingCert signing certificate
|
|
144
|
+
* @param {string} signatureAlgorithm signature algorithm
|
|
145
|
+
* @param {string[]} transformationAlgorithms canonicalization and transformation Algorithms
|
|
146
|
+
* @return {string} base64 encoded string
|
|
147
|
+
*/
|
|
148
|
+
constructSAMLSignature(opts: SignatureConstructor): string;
|
|
149
|
+
/**
|
|
150
|
+
* @desc Verify the XML signature
|
|
151
|
+
* @param {string} xml xml
|
|
152
|
+
* @param {SignatureVerifierOptions} opts cert declares the X509 certificate
|
|
153
|
+
* @return {[boolean, string | null]} - A tuple where:
|
|
154
|
+
* - The first element is `true` if the signature is valid, `false` otherwise.
|
|
155
|
+
* - The second element is the cryptographically authenticated assertion node as a string, or `null` if not found.
|
|
156
|
+
*/
|
|
157
|
+
verifySignature(xml: string, opts: SignatureVerifierOptions): (string | boolean)[] | (boolean | null)[];
|
|
158
|
+
/**
|
|
159
|
+
* @desc Helper function to create the key section in metadata (abstraction for signing and encrypt use)
|
|
160
|
+
* @param {string} use type of certificate (e.g. signing, encrypt)
|
|
161
|
+
* @param {string} certString declares the certificate String
|
|
162
|
+
* @return {object} object used in xml module
|
|
163
|
+
*/
|
|
164
|
+
createKeySection(use: KeyUse, certString: string | Buffer): KeyComponent;
|
|
165
|
+
/**
|
|
166
|
+
* SAML 消息签名 (符合 SAML V2.0 绑定规范)
|
|
167
|
+
* @param octetString - 要签名的原始数据 (OCTET STRING)
|
|
168
|
+
* @param key - PEM 格式私钥
|
|
169
|
+
* @param passphrase - 私钥密码 (如果有加密)
|
|
170
|
+
* @param isBase64 - 是否返回 base64 编码 (默认 true)
|
|
171
|
+
* @param signingAlgorithm - 签名算法 (默认 'rsa-sha256')
|
|
172
|
+
* @returns 消息签名
|
|
173
|
+
*/
|
|
174
|
+
constructMessageSignature(octetString: string | Buffer, key: string | Buffer, passphrase?: string, isBase64?: boolean, signingAlgorithm?: string): string | Buffer;
|
|
175
|
+
verifyMessageSignature(metadata: any, octetString: string, signature: string | Buffer, verifyAlgorithm?: string): boolean;
|
|
176
|
+
/**
|
|
177
|
+
* @desc Get the public key in string format
|
|
178
|
+
* @param {string} x509Certificate certificate
|
|
179
|
+
* @return {string} public key
|
|
180
|
+
*/
|
|
181
|
+
getKeyInfo(x509Certificate: string, signatureConfig?: any): {
|
|
182
|
+
getKeyInfo: () => string;
|
|
183
|
+
getKey: () => string;
|
|
184
|
+
};
|
|
185
|
+
/**
|
|
186
|
+
* @desc Encrypt the assertion section in Response
|
|
187
|
+
* @param {Entity} sourceEntity source entity
|
|
188
|
+
* @param {Entity} targetEntity target entity
|
|
189
|
+
* @param {string} xml response in xml string format
|
|
190
|
+
* @return {Promise} a promise to resolve the finalized xml
|
|
191
|
+
*/
|
|
192
|
+
encryptAssertion(sourceEntity: any, targetEntity: any, xml?: string): Promise<string>;
|
|
193
|
+
/**
|
|
194
|
+
* @desc Decrypt the assertion section in Response
|
|
195
|
+
* @param {string} type only accept SAMLResponse to proceed decryption
|
|
196
|
+
* @param {Entity} here this entity
|
|
197
|
+
* @param {Entity} from from the entity where the message is sent
|
|
198
|
+
* @param {string} entireXML response in xml string format
|
|
199
|
+
* @return {function} a promise to get back the entire xml with decrypted assertion
|
|
200
|
+
*/
|
|
201
|
+
decryptAssertion(here: any, entireXML: string): Promise<[string, any]>;
|
|
202
|
+
/**
|
|
203
|
+
* @desc Check if the xml string is valid and bounded
|
|
204
|
+
*/
|
|
205
|
+
isValidXml(input: string): Promise<any>;
|
|
206
|
+
};
|
|
207
|
+
export default _default;
|
|
208
|
+
//# sourceMappingURL=libsaml.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"libsaml.d.ts","sourceRoot":"","sources":["../src/libsaml.ts"],"names":[],"mappings":"AAUA,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAiCrD;;;;GAIG;AAGH,MAAM,WAAW,oBAAoB;IACnC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,GAAG,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACrC;AAED,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,eAAe;IAC9B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;IAEnB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,gCAAgC;IAC/C,0BAA0B,CAAC,EAAE,0BAA0B,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACvC;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC7D,UAAU,CAAC,EAAE,sBAAsB,EAAE,CAAC;IACtC,mBAAmB,CAAC,EAAE,gCAAgC,CAAC;CACxD;AAED,MAAM,WAAW,0BAA2B,SAAQ,gBAAgB;CACnE;AAED,MAAM,WAAW,iBAAkB,SAAQ,gBAAgB;CAC1D;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;CAC7D;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAC9D;AAED,MAAM,WAAW,sBAAuB,SAAQ,gBAAgB;CAC/D;AAED,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,YAAY,CAAC;AAE9C,MAAM,WAAW,YAAY;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,mBAAmB,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;IAC9C,WAAW,EAAE,CAAC,KAAK,KAAA,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACvD,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,MAAM,CAAC;IAC/D,yBAAyB,EAAE,CAAC,UAAU,EAAE,sBAAsB,EAAE,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,0BAA0B,KAAK,MAAM,CAAC;IAC1K,sBAAsB,EAAE,CAAC,IAAI,EAAE,oBAAoB,KAAK,MAAM,CAAC;IAC/D,eAAe,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACjF,gBAAgB,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,KAAK,EAAE,CAAC;IAC7D,yBAAyB,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IAE5I,sBAAsB,EAAE,CAAC,QAAQ,KAAA,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC;IACzH,UAAU,EAAE,CAAC,eAAe,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,GAAG,KAAK,IAAI,CAAC;IACrE,gBAAgB,EAAE,CAAC,YAAY,KAAA,EAAE,YAAY,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACrF,gBAAgB,EAAE,CAAC,IAAI,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAEtE,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IACpD,eAAe,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAEnD,gBAAgB,EAAE,GAAG,CAAC;IACtB,2BAA2B,EAAE,oBAAoB,CAAC;IAClD,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,iCAAiC,EAAE,0BAA0B,CAAC;IAC9D,wBAAwB,EAAE,iBAAiB,CAAC;IAC5C,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,6BAA6B,EAAE,sBAAsB,CAAC;CACvD;;6CAoH4C,OAAO,KAAG,MAAM;gCA5GxB,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAmJvC;;;;;OAKG;+BACwB,MAAM,aAAa,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM;IAS9E;;;;;;OAMG;IAmCH,eAAe;6CAC0B,GAAG,EAAE,GAAG,MAAM;IAyCvD;;;;;;;;;;OAUG;iCAC0B,oBAAoB;IA+CjD;;;;;;;OAOG;yBAEkB,MAAM,QAAQ,wBAAwB;IAyL3D;;;;;OAKG;0BACmB,MAAM,cAAc,MAAM,GAAG,MAAM,GAAG,YAAY;IAuBxE;;;;;;;;OAQG;2CAGY,MAAM,GAAG,MAAM,OACvB,MAAM,GAAG,MAAM,eACP,MAAM,aACT,OAAO,qBACC,MAAM,GACvB,MAAM,GAAG,MAAM;uDA8BH,MAAM,aACR,MAAM,GAAG,MAAM,oBACR,MAAM;IAc1B;;;;OAIG;gCACyB,MAAM,oBAAmB,GAAG;;;;IAWxD;;;;;;OAMG;iEAEgD,MAAM;IAqDzD;;;;;;;OAOG;2CAC+B,MAAM;IAkCxC;;OAEG;sBACqB,MAAM;;AA4BlC,wBAAyB"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @file metadata-idp.ts
|
|
3
|
+
* @author tngan
|
|
4
|
+
* @desc Metadata of identity provider
|
|
5
|
+
*/
|
|
6
|
+
import Metadata, { type MetadataInterface } from './metadata.js';
|
|
7
|
+
import type { MetadataIdpConstructor } from './types.js';
|
|
8
|
+
export interface IdpMetadataInterface extends MetadataInterface {
|
|
9
|
+
}
|
|
10
|
+
export default function (meta: MetadataIdpConstructor): IdpMetadata;
|
|
11
|
+
export declare class IdpMetadata extends Metadata {
|
|
12
|
+
constructor(meta: MetadataIdpConstructor);
|
|
13
|
+
/**
|
|
14
|
+
* @desc Get the preference whether it wants a signed request
|
|
15
|
+
* @return {boolean} WantAuthnRequestsSigned
|
|
16
|
+
*/
|
|
17
|
+
isWantAuthnRequestsSigned(): boolean;
|
|
18
|
+
/**
|
|
19
|
+
* @desc Get the entity endpoint for single sign on service
|
|
20
|
+
* @param {string} binding protocol binding (e.g. redirect, post)
|
|
21
|
+
* @return {string/object} location
|
|
22
|
+
*/
|
|
23
|
+
getSingleSignOnService(binding: string): string | object;
|
|
24
|
+
}
|
|
25
|
+
//# sourceMappingURL=metadata-idp.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"metadata-idp.d.ts","sourceRoot":"","sources":["../src/metadata-idp.ts"],"names":[],"mappings":"AAAA;;;;EAIE;AACF,OAAO,QAAQ,EAAE,EAAE,KAAM,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAClE,OAAQ,KAAK,EAAsB,sBAAsB,EAAE,MAAM,YAAY,CAAC;AAM9E,MAAM,WAAW,oBAAqB,SAAQ,iBAAiB;CAE9D;AAKD,MAAM,CAAC,OAAO,WAAU,IAAI,EAAE,sBAAsB,eAEnD;AAED,qBAAa,WAAY,SAAQ,QAAQ;gBAE3B,IAAI,EAAE,sBAAsB;IA6FxC;;;MAGE;IACF,yBAAyB,IAAI,OAAO;IAQpC;;;;MAIE;IACF,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM;CAUzD"}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @file metadata-sp.ts
|
|
3
|
+
* @author tngan
|
|
4
|
+
* @desc Metadata of service provider
|
|
5
|
+
*/
|
|
6
|
+
import Metadata, { type MetadataInterface } from './metadata.js';
|
|
7
|
+
import type { MetadataSpConstructor } from './types.js';
|
|
8
|
+
export interface SpMetadataInterface extends MetadataInterface {
|
|
9
|
+
}
|
|
10
|
+
export default function (meta: MetadataSpConstructor): SpMetadata;
|
|
11
|
+
/**
|
|
12
|
+
* @desc SP Metadata is for creating Service Provider, provides a set of API to manage the actions in SP.
|
|
13
|
+
*/
|
|
14
|
+
export declare class SpMetadata extends Metadata {
|
|
15
|
+
/**
|
|
16
|
+
* @param {object/string} meta (either xml string or configuration in object)
|
|
17
|
+
* @return {object} prototypes including public functions
|
|
18
|
+
*/
|
|
19
|
+
constructor(meta: MetadataSpConstructor);
|
|
20
|
+
/**
|
|
21
|
+
* @desc Get the preference whether it wants a signed assertion response
|
|
22
|
+
* @return {boolean} Wantassertionssigned
|
|
23
|
+
*/
|
|
24
|
+
isWantAssertionsSigned(): boolean;
|
|
25
|
+
/**
|
|
26
|
+
* @desc Get the preference whether it signs request
|
|
27
|
+
* @return {boolean} Authnrequestssigned
|
|
28
|
+
*/
|
|
29
|
+
isAuthnRequestSigned(): boolean;
|
|
30
|
+
/**
|
|
31
|
+
* @desc Get the entity endpoint for assertion consumer service
|
|
32
|
+
* @param {string} binding protocol binding (e.g. redirect, post)
|
|
33
|
+
* @return {string/[string]} URL of endpoint(s)
|
|
34
|
+
*/
|
|
35
|
+
getAssertionConsumerService(binding: string): string | string[];
|
|
36
|
+
}
|
|
37
|
+
//# sourceMappingURL=metadata-sp.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"metadata-sp.d.ts","sourceRoot":"","sources":["../src/metadata-sp.ts"],"names":[],"mappings":"AAAA;;;;EAIE;AACF,OAAO,QAAQ,EAAE,EAAC,KAAK,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAE/D,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAMxD,MAAM,WAAW,mBAAoB,SAAQ,iBAAiB;CAE7D;AAcD,MAAM,CAAC,OAAO,WAAU,IAAI,EAAE,qBAAqB,cAElD;AAED;;EAEE;AACF,qBAAa,UAAW,SAAQ,QAAQ;IAEtC;;;MAGE;gBACU,IAAI,EAAE,qBAAqB;IA2LvC;;;MAGE;IACK,sBAAsB,IAAI,OAAO;IAGxC;;;MAGE;IACK,oBAAoB,IAAI,OAAO;IAGtC;;;;MAIE;IACK,2BAA2B,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,EAAE;CAoBvE"}
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
export interface MetadataInterface {
|
|
2
|
+
xmlString: string;
|
|
3
|
+
getMetadata: () => string;
|
|
4
|
+
exportMetadata: (exportFile: string) => void;
|
|
5
|
+
getEntityID: () => string;
|
|
6
|
+
getX509Certificate: (certType: string) => string | string[];
|
|
7
|
+
getNameIDFormat: () => any[];
|
|
8
|
+
getSingleLogoutService: (binding: string | undefined) => string | object;
|
|
9
|
+
getSupportBindings: (services: string[]) => string[];
|
|
10
|
+
}
|
|
11
|
+
export default class Metadata implements MetadataInterface {
|
|
12
|
+
xmlString: string;
|
|
13
|
+
meta: any;
|
|
14
|
+
/**
|
|
15
|
+
* @param {string | Buffer} xml
|
|
16
|
+
* @param {object} extraParse for custom metadata extractor
|
|
17
|
+
*/
|
|
18
|
+
constructor(xml: string | Buffer, extraParse?: any);
|
|
19
|
+
/**
|
|
20
|
+
* @desc Get the metadata in xml format
|
|
21
|
+
* @return {string} metadata in xml format
|
|
22
|
+
*/
|
|
23
|
+
getMetadata(): string;
|
|
24
|
+
/**
|
|
25
|
+
* @desc Export the metadata to specific file
|
|
26
|
+
* @param {string} exportFile is the output file path
|
|
27
|
+
*/
|
|
28
|
+
exportMetadata(exportFile: string): void;
|
|
29
|
+
/**
|
|
30
|
+
* @desc Get the entityID in metadata
|
|
31
|
+
* @return {string} entityID
|
|
32
|
+
*/
|
|
33
|
+
getEntityID(): string;
|
|
34
|
+
/**
|
|
35
|
+
* @desc Get the x509 certificate declared in entity metadata
|
|
36
|
+
* @param {string} use declares the type of certificate
|
|
37
|
+
* @return {string} certificate in string format
|
|
38
|
+
*/
|
|
39
|
+
getX509Certificate(use: string): any;
|
|
40
|
+
/**
|
|
41
|
+
* @desc Get the support NameID format declared in entity metadata
|
|
42
|
+
* @return {array} support NameID format
|
|
43
|
+
*/
|
|
44
|
+
getNameIDFormat(): any;
|
|
45
|
+
/**
|
|
46
|
+
* @desc Get the entity endpoint for single logout service
|
|
47
|
+
* @param {string} binding e.g. redirect, post
|
|
48
|
+
* @return {string/object} location
|
|
49
|
+
*/
|
|
50
|
+
getSingleLogoutService(binding: string | undefined): string | object;
|
|
51
|
+
/**
|
|
52
|
+
* @desc Get the support bindings
|
|
53
|
+
* @param {[string]} services
|
|
54
|
+
* @return {[string]} support bindings
|
|
55
|
+
*/
|
|
56
|
+
getSupportBindings(services: string[]): string[];
|
|
57
|
+
}
|
|
58
|
+
//# sourceMappingURL=metadata.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"metadata.d.ts","sourceRoot":"","sources":["../src/metadata.ts"],"names":[],"mappings":"AAUA,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,MAAM,CAAC;IAC1B,cAAc,EAAE,CAAC,UAAU,EAAE,MAAM,KAAK,IAAI,CAAC;IAC7C,WAAW,EAAE,MAAM,MAAM,CAAC;IAC1B,kBAAkB,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,MAAM,GAAG,MAAM,EAAE,CAAC;IAC5D,eAAe,EAAE,MAAM,GAAG,EAAE,CAAC;IAC7B,sBAAsB,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,KAAK,MAAM,GAAG,MAAM,CAAC;IACzE,kBAAkB,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,MAAM,EAAE,CAAC;CACtD;AAED,MAAM,CAAC,OAAO,OAAO,QAAS,YAAW,iBAAiB;IAExD,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,GAAG,CAAC;IAEV;;;MAGE;gBACU,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,UAAU,GAAE,GAAQ;IA2DtD;;;MAGE;IACK,WAAW,IAAI,MAAM;IAI5B;;;MAGE;IACK,cAAc,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;IAI/C;;;MAGE;IACK,WAAW,IAAI,MAAM;IAI5B;;;;MAIE;IACK,kBAAkB,CAAC,GAAG,EAAE,MAAM;IAIrC;;;MAGE;IACK,eAAe,IAAI,GAAG;IAI7B;;;;MAIE;IACK,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,GAAG,MAAM,GAAG,MAAM;IAe3E;;;;MAIE;IACK,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE;CAUxD"}
|
package/types/src/flow.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"flow.d.ts","sourceRoot":"","sources":["../../src/flow.ts"],"names":[],"mappings":"AAyBA,MAAM,WAAW,UAAU;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,GAAG,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;
|
|
1
|
+
{"version":3,"file":"flow.d.ts","sourceRoot":"","sources":["../../src/flow.ts"],"names":[],"mappings":"AAyBA,MAAM,WAAW,UAAU;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,GAAG,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AA+mBD,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CA6BhG;AAED,wBAAgB,IAAI,CAAC,OAAO,KAAA,GAAG,OAAO,CAAC,UAAU,CAAC,CA0BjD"}
|
package/types/src/libsaml.d.ts
CHANGED
|
@@ -136,6 +136,10 @@ declare const _default: {
|
|
|
136
136
|
xml: string;
|
|
137
137
|
error: null;
|
|
138
138
|
};
|
|
139
|
+
checkUnsafeSignatureAlgorithm: (signatureAlgorithm: string) => {
|
|
140
|
+
hasUnsafeSignatureAlgorithm: boolean;
|
|
141
|
+
unsafeSignatureAlgorithm: string | null;
|
|
142
|
+
};
|
|
139
143
|
/**
|
|
140
144
|
* @desc Replace the tag (e.g. {tag}) inside the raw XML
|
|
141
145
|
* @param {string} rawXML raw XML string used to do keyword replacement
|
|
@@ -168,7 +172,7 @@ declare const _default: {
|
|
|
168
172
|
isValid: boolean;
|
|
169
173
|
subject: string;
|
|
170
174
|
issuer: string;
|
|
171
|
-
publicKey: import("crypto").KeyObject;
|
|
175
|
+
publicKey: import("node:crypto").KeyObject;
|
|
172
176
|
error?: undefined;
|
|
173
177
|
} | {
|
|
174
178
|
isValid: boolean;
|
|
@@ -177,15 +181,6 @@ declare const _default: {
|
|
|
177
181
|
issuer?: undefined;
|
|
178
182
|
publicKey?: undefined;
|
|
179
183
|
};
|
|
180
|
-
/**
|
|
181
|
-
* @desc Verify the XML signature
|
|
182
|
-
* @param {string} xml xml
|
|
183
|
-
* @param {SignatureVerifierOptions} opts cert declares the X509 certificate
|
|
184
|
-
* @return {[boolean, string | null]} - A tuple where:
|
|
185
|
-
* - The first element is `true` if the signature is valid, `false` otherwise.
|
|
186
|
-
* - The second element is the cryptographically authenticated assertion node as a string, or `null` if not found.
|
|
187
|
-
*/
|
|
188
|
-
verifySignature1(xml: string, opts: SignatureVerifierOptions): (boolean | null)[] | (string | boolean)[];
|
|
189
184
|
/**
|
|
190
185
|
* 改进的SAML签名验证函数,支持多种签名和加密组合场景
|
|
191
186
|
* @param xml SAML XML内容
|
|
@@ -193,14 +188,7 @@ declare const _default: {
|
|
|
193
188
|
* @param self
|
|
194
189
|
* @returns 验证结果对象
|
|
195
190
|
*/
|
|
196
|
-
|
|
197
|
-
* 改进的SAML签名验证函数,支持多种签名和加密组合场景
|
|
198
|
-
* @param xml SAML XML内容
|
|
199
|
-
* @param opts 验证选项
|
|
200
|
-
* @param self
|
|
201
|
-
* @returns 验证结果对象
|
|
202
|
-
*/
|
|
203
|
-
verifySignature(xml: string, opts: SignatureVerifierOptions, self: any): {
|
|
191
|
+
verifySignature(xml: string, opts: SignatureVerifierOptions, self: any): Promise<{
|
|
204
192
|
isMessageSigned: boolean;
|
|
205
193
|
MessageSignatureStatus: boolean;
|
|
206
194
|
isAssertionSigned: boolean;
|
|
@@ -211,8 +199,10 @@ declare const _default: {
|
|
|
211
199
|
status: boolean;
|
|
212
200
|
samlContent: string;
|
|
213
201
|
assertionContent: null;
|
|
214
|
-
|
|
215
|
-
|
|
202
|
+
hasUnsafeSignatureAlgorithm: boolean;
|
|
203
|
+
unsafeSignatureAlgorithm: string;
|
|
204
|
+
}>;
|
|
205
|
+
verifySignatureSoap(xml: string, opts: SignatureVerifierOptions): (string | boolean | null)[];
|
|
216
206
|
/**
|
|
217
207
|
* @desc Helper function to create the key section in metadata (abstraction for signing and encrypt use)
|
|
218
208
|
* @param {string} use type of certificate (e.g. signing, encrypt)
|
|
@@ -274,6 +264,8 @@ declare const _default: {
|
|
|
274
264
|
decryptAssertionSync(here: any, entireXML: string, opts?: SignatureVerifierOptions): (string | {
|
|
275
265
|
isAssertionSigned: boolean;
|
|
276
266
|
AssertionSignatureStatus: boolean;
|
|
267
|
+
hasUnsafeSignatureAlgorithm: boolean;
|
|
268
|
+
unsafeSignatureAlgorithm: string;
|
|
277
269
|
})[];
|
|
278
270
|
/**
|
|
279
271
|
* 解密 SOAP 响应中的加密断言
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"libsaml.d.ts","sourceRoot":"","sources":["../../src/libsaml.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAerD;;;;GAIG;AAGH,MAAM,WAAW,oBAAoB;IACjC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,GAAG,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACvC;AAED,MAAM,WAAW,wBAAwB;IACrC,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED,MAAM,WAAW,eAAe;IAC5B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;IAEnB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,sBAAsB;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,gCAAgC;IAC7C,0BAA0B,CAAC,EAAE,0BAA0B,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACzC;AAED,MAAM,WAAW,gBAAgB;IAC7B,OAAO,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC3D,UAAU,CAAC,EAAE,sBAAsB,EAAE,CAAC;IACtC,mBAAmB,CAAC,EAAE,gCAAgC,CAAC;CAC1D;AAED,MAAM,WAAW,0BAA2B,SAAQ,gBAAgB;CACnE;AAED,MAAM,WAAW,iBAAkB,SAAQ,gBAAgB;CAC1D;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;CAC7D;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAC9D;AAED,MAAM,WAAW,sBAAuB,SAAQ,gBAAgB;CAC/D;AAED,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,YAAY,CAAC;AAE9C,MAAM,WAAW,YAAY;IACzB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACtB;AAED,MAAM,WAAW,gBAAgB;IAC7B,mBAAmB,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;IAC9C,WAAW,EAAE,CAAC,KAAK,KAAA,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACvD,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,MAAM,CAAC;IAC/D,yBAAyB,EAAE,CAAC,UAAU,EAAE,sBAAsB,EAAE,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,0BAA0B,KAAK,MAAM,CAAC;IAC1K,sBAAsB,EAAE,CAAC,IAAI,EAAE,oBAAoB,KAAK,MAAM,CAAC;IAC/D,eAAe,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACjF,gBAAgB,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,KAAK,EAAE,CAAC;IAC7D,yBAAyB,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IAE5I,sBAAsB,EAAE,CAAC,QAAQ,KAAA,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC;IACzH,UAAU,EAAE,CAAC,eAAe,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,GAAG,KAAK,IAAI,CAAC;IACrE,gBAAgB,EAAE,CAAC,YAAY,KAAA,EAAE,YAAY,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACrF,gBAAgB,EAAE,CAAC,IAAI,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAEtE,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IACpD,eAAe,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAEnD,gBAAgB,EAAE,GAAG,CAAC;IACtB,2BAA2B,EAAE,oBAAoB,CAAC;IAClD,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,iCAAiC,EAAE,0BAA0B,CAAC;IAC9D,wBAAwB,EAAE,iBAAiB,CAAC;IAC5C,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,6BAA6B,EAAE,sBAAsB,CAAC;CACzD;;
|
|
1
|
+
{"version":3,"file":"libsaml.d.ts","sourceRoot":"","sources":["../../src/libsaml.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,eAAe,CAAC;AAerD;;;;GAIG;AAGH,MAAM,WAAW,oBAAoB;IACjC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,GAAG,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;CACvC;AAED,MAAM,WAAW,wBAAwB;IACrC,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED,MAAM,WAAW,eAAe;IAC5B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;IAEnB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC9B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,sBAAsB;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,gCAAgC;IAC7C,0BAA0B,CAAC,EAAE,0BAA0B,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACzC;AAED,MAAM,WAAW,gBAAgB;IAC7B,OAAO,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC3D,UAAU,CAAC,EAAE,sBAAsB,EAAE,CAAC;IACtC,mBAAmB,CAAC,EAAE,gCAAgC,CAAC;CAC1D;AAED,MAAM,WAAW,0BAA2B,SAAQ,gBAAgB;CACnE;AAED,MAAM,WAAW,iBAAkB,SAAQ,gBAAgB;CAC1D;AAED,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;CAC7D;AAED,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAC9D;AAED,MAAM,WAAW,sBAAuB,SAAQ,gBAAgB;CAC/D;AAED,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,YAAY,CAAC;AAE9C,MAAM,WAAW,YAAY;IACzB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACtB;AAED,MAAM,WAAW,gBAAgB;IAC7B,mBAAmB,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAAC;IAC9C,WAAW,EAAE,CAAC,KAAK,KAAA,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACvD,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,MAAM,CAAC;IAC/D,yBAAyB,EAAE,CAAC,UAAU,EAAE,sBAAsB,EAAE,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,0BAA0B,KAAK,MAAM,CAAC;IAC1K,sBAAsB,EAAE,CAAC,IAAI,EAAE,oBAAoB,KAAK,MAAM,CAAC;IAC/D,eAAe,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACjF,gBAAgB,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,KAAK,EAAE,CAAC;IAC7D,yBAAyB,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;IAE5I,sBAAsB,EAAE,CAAC,QAAQ,KAAA,EAAE,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC;IACzH,UAAU,EAAE,CAAC,eAAe,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,GAAG,KAAK,IAAI,CAAC;IACrE,gBAAgB,EAAE,CAAC,YAAY,KAAA,EAAE,YAAY,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACrF,gBAAgB,EAAE,CAAC,IAAI,KAAA,EAAE,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAEtE,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IACpD,eAAe,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IAEnD,gBAAgB,EAAE,GAAG,CAAC;IACtB,2BAA2B,EAAE,oBAAoB,CAAC;IAClD,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,iCAAiC,EAAE,0BAA0B,CAAC;IAC9D,wBAAwB,EAAE,iBAAiB,CAAC;IAC5C,4BAA4B,EAAE,qBAAqB,CAAC;IACpD,6BAA6B,EAAE,sBAAsB,CAAC;CACzD;;6CAoN8C,OAAO,KAAG,MAAM;gCA5MxB,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;wDA8BkB,MAAM;;;;IA0N7D;;;;;OAKG;+BACwB,MAAM,aAAa,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM;IAS9E;;;;;;OAMG;IACH,eAAe;6CAC0B,GAAG,EAAE,GAAG,MAAM;IA0CvD;;;;;;;;;;OAUG;iCAC0B,oBAAoB;2CAiDV,MAAM,mBAAmB,MAAM;;;;;;;;;;;;;IAoCtE;;;;;;OAMG;yBACwB,MAAM,QAAQ,wBAAwB,QAAQ,GAAG;;;;;;;;;;;;;;6BAoYnD,MAAM,QAAQ,wBAAwB;IAoK/D;;;;;OAKG;0BACmB,MAAM,cAAc,MAAM,GAAG,MAAM,GAAG,YAAY;IAsBxE;;;;;;;;OAQG;2CAEc,MAAM,OACd,MAAM,eACE,MAAM,aACR,OAAO,qBACC,MAAM;IA8B7B;;;;;;;OAOG;uDAGc,MAAM,aACR,MAAM,GAAG,MAAM,oBACR,MAAM;IAO5B;;;;OAIG;gCACyB,MAAM,oBAAmB,GAAG;;;;IAWxD;;;;;;OAMG;iEAEgD,MAAM;IAsDzD;;;;;;;OAOG;2CAC+B,MAAM;IAoCxC;;OAEG;IACH;;OAEG;+CACmC,MAAM,SAAS,wBAAwB;;;;;;IAsH7E;;;;;OAKG;+BAC8B,GAAG,aAAa,MAAM,GAAG,OAAO,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAuEnF;;OAEG;sBACqB,MAAM,SAAQ,OAAO;;AA8BrD,wBAAyB"}
|
package/types/src/utility.d.ts
CHANGED
|
@@ -101,7 +101,7 @@ declare function applyDefault(obj1: any, obj2: any): any;
|
|
|
101
101
|
* @param {string} x509 certificate
|
|
102
102
|
* @return {string} public key fetched from the certificate
|
|
103
103
|
*/
|
|
104
|
-
declare function getPublicKeyPemFromCertificate(x509CertificateString: string): string
|
|
104
|
+
declare function getPublicKeyPemFromCertificate(x509CertificateString: string): string;
|
|
105
105
|
export declare function readPrivateKey(keyString: string | Buffer, passphrase?: string, isOutputString?: boolean): string | Buffer;
|
|
106
106
|
/**
|
|
107
107
|
* @desc Inline syntax sugar
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utility.d.ts","sourceRoot":"","sources":["../../src/utility.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AASH;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,cAAc,UAAO,MAmB3E;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,OAIvC;AAED;;;;GAIG;AACH,wBAAgB,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,OAEhC;AAED;;;;GAIG;AACH,wBAAgB,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,YAGnC;AAED;;;;;;GAMG;AACH,wBAAgB,GAAG,CAAC,GAAG,KAAA,EAAE,IAAI,KAAA,EAAE,YAAY,KAAA,OAG1C;AAED;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,KAAK,EAAE,GAAG,mBAElC;AAED;;;;GAIG;AACH,iBAAS,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,UAE/C;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,aAAa,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,CAGtF;AAED;;;;GAIG;AACH,iBAAS,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAIhD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,gBAAgB,EAAE,MAAM,GAAG,MAAM,CAa9D;AAYD;;;;GAIG;AACH,iBAAS,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,UAEtD;AAED;;;;GAIG;AACH,iBAAS,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,UAErD;AAED;;;;GAIG;AACH,iBAAS,UAAU,CAAC,GAAG,KAAA,UAEtB;AAED;;;;GAIG;AACH,iBAAS,WAAW,CAAC,GAAG,KAAA,EAAE,YAAY,SAAK,OAE1C;AAED;;;;;GAKG;AACH,iBAAS,YAAY,CAAC,IAAI,KAAA,EAAE,IAAI,KAAA,OAE/B;AAED;;;;GAIG;AACH,iBAAS,8BAA8B,CAAC,qBAAqB,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"utility.d.ts","sourceRoot":"","sources":["../../src/utility.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AASH;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,cAAc,UAAO,MAmB3E;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,OAIvC;AAED;;;;GAIG;AACH,wBAAgB,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,OAEhC;AAED;;;;GAIG;AACH,wBAAgB,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,YAGnC;AAED;;;;;;GAMG;AACH,wBAAgB,GAAG,CAAC,GAAG,KAAA,EAAE,IAAI,KAAA,EAAE,YAAY,KAAA,OAG1C;AAED;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,KAAK,EAAE,GAAG,mBAElC;AAED;;;;GAIG;AACH,iBAAS,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,UAE/C;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,aAAa,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,CAGtF;AAED;;;;GAIG;AACH,iBAAS,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAIhD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,gBAAgB,EAAE,MAAM,GAAG,MAAM,CAa9D;AAYD;;;;GAIG;AACH,iBAAS,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,UAEtD;AAED;;;;GAIG;AACH,iBAAS,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,UAErD;AAED;;;;GAIG;AACH,iBAAS,UAAU,CAAC,GAAG,KAAA,UAEtB;AAED;;;;GAIG;AACH,iBAAS,WAAW,CAAC,GAAG,KAAA,EAAE,YAAY,SAAK,OAE1C;AAED;;;;;GAKG;AACH,iBAAS,YAAY,CAAC,IAAI,KAAA,EAAE,IAAI,KAAA,OAE/B;AAED;;;;GAIG;AACH,iBAAS,8BAA8B,CAAC,qBAAqB,EAAE,MAAM,UAWpE;AAqCD,wBAAgB,cAAc,CAC5B,SAAS,EAAE,MAAM,GAAG,MAAM,EAC1B,UAAU,CAAC,EAAE,MAAM,EACnB,cAAc,GAAE,OAAc,GAC7B,MAAM,GAAG,MAAM,CA4BjB;AAGD;;GAEG;AACH,iBAAS,eAAe,CAAC,KAAK,KAAA,EAAE,cAAc,KAAA,OAE7C;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,CAAC,EAAE,GAAG,WAErC;AAED,wBAAgB,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,EAAE,CAGhD;AAED,wBAAgB,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,KAAK,IAAI,MAAM,CAElF;AAED,QAAA,MAAM,OAAO;;;;;;;;;;;;;;;CAeZ,CAAC;AAEF,eAAe,OAAO,CAAC"}
|
package/types/types.d.ts
ADDED
|
@@ -0,0 +1,128 @@
|
|
|
1
|
+
import type { LoginResponseTemplate } from './libsaml.js';
|
|
2
|
+
export { IdentityProvider as IdentityProviderConstructor } from './entity-idp.js';
|
|
3
|
+
export { IdpMetadata as IdentityProviderMetadata } from './metadata-idp.js';
|
|
4
|
+
export { ServiceProvider as ServiceProviderConstructor } from './entity-sp.js';
|
|
5
|
+
export { SpMetadata as ServiceProviderMetadata } from './metadata-sp.js';
|
|
6
|
+
export type MetadataFile = string | Buffer;
|
|
7
|
+
type SSOService = {
|
|
8
|
+
isDefault?: boolean;
|
|
9
|
+
Binding: string;
|
|
10
|
+
Location: string;
|
|
11
|
+
};
|
|
12
|
+
export type ServiceName = {
|
|
13
|
+
value: string;
|
|
14
|
+
/** @description 语言标识符(如 en/zh-CN) */
|
|
15
|
+
lang?: string;
|
|
16
|
+
};
|
|
17
|
+
export type RequestedAttribute = {
|
|
18
|
+
name: string;
|
|
19
|
+
friendlyName?: string;
|
|
20
|
+
isRequired?: boolean;
|
|
21
|
+
nameFormat?: string;
|
|
22
|
+
attributeValue?: string[];
|
|
23
|
+
};
|
|
24
|
+
export type AttributeConsumingService = {
|
|
25
|
+
isDefault: boolean;
|
|
26
|
+
serviceName: ServiceName[];
|
|
27
|
+
serviceDescription: ServiceName[];
|
|
28
|
+
requestedAttributes: RequestedAttribute[];
|
|
29
|
+
};
|
|
30
|
+
export type AttrService = AttributeConsumingService[];
|
|
31
|
+
export interface MetadataIdpOptions {
|
|
32
|
+
entityID?: string;
|
|
33
|
+
signingCert?: string | Buffer | (string | Buffer)[];
|
|
34
|
+
encryptCert?: string | Buffer | (string | Buffer)[];
|
|
35
|
+
wantAuthnRequestsSigned?: boolean;
|
|
36
|
+
nameIDFormat?: string[];
|
|
37
|
+
singleSignOnService?: SSOService[];
|
|
38
|
+
singleLogoutService?: SSOService[];
|
|
39
|
+
requestSignatureAlgorithm?: string;
|
|
40
|
+
}
|
|
41
|
+
export type MetadataIdpConstructor = MetadataIdpOptions | MetadataFile;
|
|
42
|
+
export interface MetadataSpOptions {
|
|
43
|
+
entityID?: string;
|
|
44
|
+
signingCert?: string | Buffer | (string | Buffer)[];
|
|
45
|
+
encryptCert?: string | Buffer | (string | Buffer)[];
|
|
46
|
+
authnRequestsSigned?: boolean;
|
|
47
|
+
wantAssertionsSigned?: boolean;
|
|
48
|
+
wantMessageSigned?: boolean;
|
|
49
|
+
signatureConfig?: {
|
|
50
|
+
[key: string]: any;
|
|
51
|
+
};
|
|
52
|
+
nameIDFormat?: string[];
|
|
53
|
+
singleSignOnService?: SSOService[];
|
|
54
|
+
singleLogoutService?: SSOService[];
|
|
55
|
+
assertionConsumerService?: SSOService[];
|
|
56
|
+
attributeConsumingService?: AttributeConsumingService[];
|
|
57
|
+
elementsOrder?: string[];
|
|
58
|
+
}
|
|
59
|
+
export type MetadataSpConstructor = MetadataSpOptions | MetadataFile;
|
|
60
|
+
export type EntitySetting = ServiceProviderSettings & IdentityProviderSettings;
|
|
61
|
+
export interface SignatureConfig {
|
|
62
|
+
prefix?: string;
|
|
63
|
+
location?: {
|
|
64
|
+
reference?: string;
|
|
65
|
+
action?: 'append' | 'prepend' | 'before' | 'after';
|
|
66
|
+
};
|
|
67
|
+
}
|
|
68
|
+
export interface SAMLDocumentTemplate {
|
|
69
|
+
context?: string;
|
|
70
|
+
}
|
|
71
|
+
export type ServiceProviderSettings = {
|
|
72
|
+
metadata?: string | Buffer;
|
|
73
|
+
entityID?: string;
|
|
74
|
+
authnRequestsSigned?: boolean;
|
|
75
|
+
wantAssertionsSigned?: boolean;
|
|
76
|
+
wantMessageSigned?: boolean;
|
|
77
|
+
wantLogoutResponseSigned?: boolean;
|
|
78
|
+
wantLogoutRequestSigned?: boolean;
|
|
79
|
+
privateKey?: string | Buffer;
|
|
80
|
+
privateKeyPass?: string;
|
|
81
|
+
isAssertionEncrypted?: boolean;
|
|
82
|
+
requestSignatureAlgorithm?: string;
|
|
83
|
+
encPrivateKey?: string | Buffer;
|
|
84
|
+
encPrivateKeyPass?: string | Buffer;
|
|
85
|
+
assertionConsumerService?: SSOService[];
|
|
86
|
+
singleLogoutService?: SSOService[];
|
|
87
|
+
signatureConfig?: SignatureConfig;
|
|
88
|
+
loginRequestTemplate?: SAMLDocumentTemplate;
|
|
89
|
+
logoutRequestTemplate?: SAMLDocumentTemplate;
|
|
90
|
+
signingCert?: string | Buffer | (string | Buffer)[];
|
|
91
|
+
encryptCert?: string | Buffer | (string | Buffer)[];
|
|
92
|
+
transformationAlgorithms?: string[];
|
|
93
|
+
nameIDFormat?: string[];
|
|
94
|
+
allowCreate?: boolean;
|
|
95
|
+
relayState?: string;
|
|
96
|
+
clockDrifts?: [number, number];
|
|
97
|
+
};
|
|
98
|
+
export type IdentityProviderSettings = {
|
|
99
|
+
metadata?: string | Buffer;
|
|
100
|
+
/** signature algorithm */
|
|
101
|
+
requestSignatureAlgorithm?: string;
|
|
102
|
+
/** template of login response */
|
|
103
|
+
loginResponseTemplate?: LoginResponseTemplate;
|
|
104
|
+
/** template of logout request */
|
|
105
|
+
logoutRequestTemplate?: SAMLDocumentTemplate;
|
|
106
|
+
/** customized function used for generating request ID */
|
|
107
|
+
generateID?: () => string;
|
|
108
|
+
entityID?: string;
|
|
109
|
+
privateKey?: string | Buffer;
|
|
110
|
+
privateKeyPass?: string;
|
|
111
|
+
signingCert?: string | Buffer | (string | Buffer)[];
|
|
112
|
+
encryptCert?: string | Buffer | (string | Buffer)[];
|
|
113
|
+
nameIDFormat?: string[];
|
|
114
|
+
singleSignOnService?: SSOService[];
|
|
115
|
+
singleLogoutService?: SSOService[];
|
|
116
|
+
isAssertionEncrypted?: boolean;
|
|
117
|
+
encPrivateKey?: string | Buffer;
|
|
118
|
+
encPrivateKeyPass?: string;
|
|
119
|
+
messageSigningOrder?: string;
|
|
120
|
+
wantLogoutRequestSigned?: boolean;
|
|
121
|
+
wantLogoutResponseSigned?: boolean;
|
|
122
|
+
wantAuthnRequestsSigned?: boolean;
|
|
123
|
+
wantLogoutRequestSignedResponseSigned?: boolean;
|
|
124
|
+
tagPrefix?: {
|
|
125
|
+
[key: string]: string;
|
|
126
|
+
};
|
|
127
|
+
};
|
|
128
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAQ,KAAK,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAE3D,OAAO,EAAE,gBAAgB,IAAI,2BAA2B,EAAE,MAAM,iBAAiB,CAAC;AAClF,OAAO,EAAE,WAAW,IAAI,wBAAwB,EAAE,MAAM,mBAAmB,CAAC;AAE5E,OAAO,EAAE,eAAe,IAAI,0BAA0B,EAAE,MAAM,gBAAgB,CAAC;AAC/E,OAAO,EAAE,UAAU,IAAI,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AAEzE,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,MAAM,CAAC;AAE3C,KAAK,UAAU,GAAG;IAChB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB,KAAK,EAAE,MAAM,CAAC;IACd,qCAAqC;IACrC,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAAC;AAGF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;CAC3B,CAAC;AAGF,MAAM,MAAM,yBAAyB,GAAG;IACtC,SAAS,EAAE,OAAO,CAAC;IACnB,WAAW,EAAE,WAAW,EAAE,CAAC;IAC3B,kBAAkB,EAAE,WAAW,EAAE,CAAC;IAClC,mBAAmB,EAAE,kBAAkB,EAAE,CAAC;CAC3C,CAAC;AAGF,MAAM,MAAM,WAAW,GAAG,yBAAyB,EAAE,CAAC;AACtD,MAAM,WAAW,kBAAkB;IACjC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC;IACpD,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC;IACpD,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,mBAAmB,CAAC,EAAE,UAAU,EAAE,CAAC;IACnC,mBAAmB,CAAC,EAAE,UAAU,EAAE,CAAC;IACnC,yBAAyB,CAAC,EAAE,MAAM,CAAC;CACpC;AAED,MAAM,MAAM,sBAAsB,GAC9B,kBAAkB,GAClB,YAAY,CAAC;AAEjB,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC;IACpD,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC;IACpD,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,eAAe,CAAC,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAA;KAAE,CAAC;IACzC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,mBAAmB,CAAC,EAAE,UAAU,EAAE,CAAC;IACnC,mBAAmB,CAAC,EAAE,UAAU,EAAE,CAAC;IACnC,wBAAwB,CAAC,EAAE,UAAU,EAAE,CAAC;IACxC,yBAAyB,CAAC,EAAE,yBAAyB,EAAE,CAAC;IACxD,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,MAAM,qBAAqB,GAC7B,iBAAiB,GACjB,YAAY,CAAC;AAEjB,MAAM,MAAM,aAAa,GAAG,uBAAuB,GAAG,wBAAwB,CAAC;AAE/E,MAAM,WAAW,eAAe;IAC9B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE;QACT,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,MAAM,CAAC,EAAE,QAAQ,GAAG,SAAS,GAAG,QAAQ,GAAG,OAAO,CAAC;KACpD,CAAC;CACH;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,MAAM,uBAAuB,GAAG;IACpC,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,wBAAwB,CAAC,EAAE,OAAO,CAAC;IACnC,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,UAAU,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,yBAAyB,CAAC,EAAE,MAAM,CAAC;IACnC,aAAa,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAChC,iBAAiB,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IACpC,wBAAwB,CAAC,EAAE,UAAU,EAAE,CAAC;IACxC,mBAAmB,CAAC,EAAE,UAAU,EAAE,CAAC;IACnC,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,oBAAoB,CAAC,EAAE,oBAAoB,CAAC;IAC5C,qBAAqB,CAAC,EAAE,oBAAoB,CAAC;IAC7C,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC;IACpD,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC;IACpD,wBAAwB,CAAC,EAAE,MAAM,EAAE,CAAC;IACpC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,WAAW,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAChC,CAAC;AAEF,MAAM,MAAM,wBAAwB,GAAG;IACrC,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAE3B,0BAA0B;IAC1B,yBAAyB,CAAC,EAAE,MAAM,CAAC;IAEnC,iCAAiC;IACjC,qBAAqB,CAAC,EAAE,qBAAqB,CAAC;IAE9C,iCAAiC;IACjC,qBAAqB,CAAC,EAAE,oBAAoB,CAAC;IAE7C,yDAAyD;IACzD,UAAU,CAAC,EAAE,MAAM,MAAM,CAAC;IAE1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC;IACpD,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,CAAC;IACpD,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,mBAAmB,CAAC,EAAE,UAAU,EAAE,CAAC;IACnC,mBAAmB,CAAC,EAAE,UAAU,EAAE,CAAC;IACnC,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,aAAa,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAChC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,wBAAwB,CAAC,EAAE,OAAO,CAAC;IACnC,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,qCAAqC,CAAC,EAAE,OAAO,CAAC;IAChD,SAAS,CAAC,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE,CAAC;CACvC,CAAC"}
|