{"version":3,"sources":["../../src/identify/index.ts","../../../utils/logger/index.ts"],"sourcesContent":["import { logger } from '../../../utils/logger'\n\nexport type CtsRegions = 'ap-southeast-2'\n\nexport type IdentifyOptions = {\n  fetchFromCts?: boolean\n}\n\nexport type CtsToken = {\n  accessToken: string\n  expiry: number\n}\n\nexport type Context = {\n  identityClaim: string[]\n}\n\nexport type LockContextOptions = {\n  context?: Context\n  ctsToken?: CtsToken\n}\n\nexport type GetLockContextResponse =\n  | {\n      success: boolean\n      error: string\n      ctsToken?: never\n      context?: never\n    }\n  | {\n      success: boolean\n      error?: never\n      ctsToken: CtsToken\n      context: Context\n    }\n\nexport class LockContext {\n  private ctsToken: CtsToken | undefined\n  private workspaceId: string\n  private context: Context\n\n  constructor({\n    context = { identityClaim: ['sub'] },\n    ctsToken,\n  }: LockContextOptions = {}) {\n    if (!process.env.CS_WORKSPACE_ID) {\n      const errorMessage =\n        'CS_WORKSPACE_ID environment variable is not set, and is required to initialize a LockContext.'\n      logger.error(errorMessage)\n      throw new Error(`[jseql]: ${errorMessage}`)\n    }\n\n    if (ctsToken) {\n      this.ctsToken = ctsToken\n    }\n\n    this.workspaceId = process.env.CS_WORKSPACE_ID\n    this.context = context\n    logger.debug('Successfully initialized the EQL lock context.')\n  }\n\n  async identify(jwtToken: string): Promise<LockContext> {\n    const workspaceId = this.workspaceId\n\n    const ctsEndoint =\n      process.env.CS_CTS_ENDPOINT ||\n      'https://ap-southeast-2.aws.auth.viturhosted.net'\n\n    const ctsResponse = await fetch(`${ctsEndoint}/api/authorize`, {\n      method: 'POST',\n      headers: {\n        'Content-Type': 'application/json',\n      },\n      body: JSON.stringify({\n        workspaceId,\n        oidcToken: jwtToken,\n      }),\n    })\n\n    if (!ctsResponse.ok) {\n      throw new Error(\n        `[jseql]: Failed to fetch CTS token: ${ctsResponse.statusText}`,\n      )\n    }\n\n    const ctsToken = (await ctsResponse.json()) as CtsToken\n\n    if (!ctsToken.accessToken) {\n      const errorMessage =\n        'The response from the CipherStash API did not contain an access token. Please contact support.'\n      logger.error(errorMessage)\n      throw new Error(errorMessage)\n    }\n\n    this.ctsToken = ctsToken\n    return this\n  }\n\n  getLockContext(): GetLockContextResponse {\n    if (!this.ctsToken?.accessToken && !this.ctsToken?.expiry) {\n      return {\n        success: false,\n        error:\n          'The CTS token is not set. Please call identify() with a users JWT token, or pass an existing CTS token to the LockContext constructor before calling getLockContext().',\n      }\n    }\n\n    return {\n      success: true,\n      context: this.context,\n      ctsToken: this.ctsToken,\n    }\n  }\n}\n","function getLevelValue(level: string): number {\n  switch (level) {\n    case 'debug':\n      return 10\n    case 'info':\n      return 20\n    case 'error':\n      return 30\n    default:\n      return 30 // default to error level\n  }\n}\n\nconst envLogLevel = process.env.JSEQL_LOG_LEVEL || 'info'\nconst currentLevel = getLevelValue(envLogLevel)\n\nfunction debug(...args: unknown[]): void {\n  if (currentLevel <= getLevelValue('debug')) {\n    console.debug('[jseql] DEBUG', ...args)\n  }\n}\n\nfunction info(...args: unknown[]): void {\n  if (currentLevel <= getLevelValue('info')) {\n    console.info('[jseql] INFO', ...args)\n  }\n}\n\nfunction error(...args: unknown[]): void {\n  if (currentLevel <= getLevelValue('error')) {\n    console.error('[jseql] ERROR', ...args)\n  }\n}\n\nexport const logger = {\n  debug,\n  info,\n  error,\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,SAAS,cAAc,OAAuB;AAC5C,UAAQ,OAAO;AAAA,IACb,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT;AACE,aAAO;AAAA,EACX;AACF;AAEA,IAAM,cAAc,QAAQ,IAAI,mBAAmB;AACnD,IAAM,eAAe,cAAc,WAAW;AAE9C,SAAS,SAAS,MAAuB;AACvC,MAAI,gBAAgB,cAAc,OAAO,GAAG;AAC1C,YAAQ,MAAM,iBAAiB,GAAG,IAAI;AAAA,EACxC;AACF;AAEA,SAAS,QAAQ,MAAuB;AACtC,MAAI,gBAAgB,cAAc,MAAM,GAAG;AACzC,YAAQ,KAAK,gBAAgB,GAAG,IAAI;AAAA,EACtC;AACF;AAEA,SAAS,SAAS,MAAuB;AACvC,MAAI,gBAAgB,cAAc,OAAO,GAAG;AAC1C,YAAQ,MAAM,iBAAiB,GAAG,IAAI;AAAA,EACxC;AACF;AAEO,IAAM,SAAS;AAAA,EACpB;AAAA,EACA;AAAA,EACA;AACF;;;ADFO,IAAM,cAAN,MAAkB;AAAA,EACf;AAAA,EACA;AAAA,EACA;AAAA,EAER,YAAY;AAAA,IACV,UAAU,EAAE,eAAe,CAAC,KAAK,EAAE;AAAA,IACnC;AAAA,EACF,IAAwB,CAAC,GAAG;AAC1B,QAAI,CAAC,QAAQ,IAAI,iBAAiB;AAChC,YAAM,eACJ;AACF,aAAO,MAAM,YAAY;AACzB,YAAM,IAAI,MAAM,YAAY,YAAY,EAAE;AAAA,IAC5C;AAEA,QAAI,UAAU;AACZ,WAAK,WAAW;AAAA,IAClB;AAEA,SAAK,cAAc,QAAQ,IAAI;AAC/B,SAAK,UAAU;AACf,WAAO,MAAM,gDAAgD;AAAA,EAC/D;AAAA,EAEA,MAAM,SAAS,UAAwC;AACrD,UAAM,cAAc,KAAK;AAEzB,UAAM,aACJ,QAAQ,IAAI,mBACZ;AAEF,UAAM,cAAc,MAAM,MAAM,GAAG,UAAU,kBAAkB;AAAA,MAC7D,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,KAAK,UAAU;AAAA,QACnB;AAAA,QACA,WAAW;AAAA,MACb,CAAC;AAAA,IACH,CAAC;AAED,QAAI,CAAC,YAAY,IAAI;AACnB,YAAM,IAAI;AAAA,QACR,uCAAuC,YAAY,UAAU;AAAA,MAC/D;AAAA,IACF;AAEA,UAAM,WAAY,MAAM,YAAY,KAAK;AAEzC,QAAI,CAAC,SAAS,aAAa;AACzB,YAAM,eACJ;AACF,aAAO,MAAM,YAAY;AACzB,YAAM,IAAI,MAAM,YAAY;AAAA,IAC9B;AAEA,SAAK,WAAW;AAChB,WAAO;AAAA,EACT;AAAA,EAEA,iBAAyC;AACvC,QAAI,CAAC,KAAK,UAAU,eAAe,CAAC,KAAK,UAAU,QAAQ;AACzD,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OACE;AAAA,MACJ;AAAA,IACF;AAEA,WAAO;AAAA,MACL,SAAS;AAAA,MACT,SAAS,KAAK;AAAA,MACd,UAAU,KAAK;AAAA,IACjB;AAAA,EACF;AACF;","names":[]}