f
approvalCapabilityKeys(approval: ContractApproval): string[]
Returns the raw global capability keys required by an approval.
f
buildNatsConnectSignaturePayload(): string
iat: number,
contractDigest: string
Builds the canonical value signed for NATS runtime-auth tokens.
f
f
f
T
T
T
SessionKeyOptions = { persistence?: SessionKeyPersistenceMode; expiresAt?: number | Date; ttlMs?: number; }
-
expiresAt: number | Date
Expiry for remembered keys, as epoch milliseconds or a Date.
-
persistence: SessionKeyPersistenceMode
Defaults to remembered IndexedDB storage.
-
ttlMs: number
Relative expiry for remembered keys. Ignored when expiresAt is set.
T
TrellisAuth = { sessionKey: string; sign: (data: Uint8Array) => Promise<Uint8Array>; currentIat: () => number; setServerClockOffsetMs: (clockOffsetMs: number) => void; oauthInitSig: () => Promise<string>; bindFlowSig: (flowId: string) => Promise<string>; natsConnectSigForIat: () => Promise<string>; createProof: () => Promise<string>; natsConnectOptions: (opts: { contractDigest: string; }) => Promise<NatsConnectOptions>; }
redirectTo: string,
context?: unknown,
provider?: string,
contract?: Record<string, unknown>
iat: number,
contractDigest: string
subject: string,
payloadHash: Uint8Array,
requestId?: string,
iat?: number
- bindFlowSig: (flowId: string) => Promise<string>
-
createProof: () => Promise<string>subject: string,payloadHash: Uint8Array,requestId?: string,iat?: number
- currentIat: () => number
- natsConnectOptions: (opts: { contractDigest: string; }) => Promise<NatsConnectOptions>
-
natsConnectSigForIat: () => Promise<string>iat: number,contractDigest: string
-
oauthInitSig: () => Promise<string>redirectTo: string,context?: unknown,provider?: string,contract?: Record<string, unknown>
- sessionKey: string
- setServerClockOffsetMs: (clockOffsetMs: number) => void
- sign: (data: Uint8Array) => Promise<Uint8Array>
Usage
import * as mod from "trellis/auth.ts";