npm - @abraca/dabra - Versions diffs - 1.0.20 → 1.0.21 - Mend

@abraca/dabra 1.0.20 → 1.0.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/abracadabra-provider.cjs +293 -4
package/dist/abracadabra-provider.cjs.map +1 -1
package/dist/abracadabra-provider.esm.js +293 -5
package/dist/abracadabra-provider.esm.js.map +1 -1
package/dist/index.d.ts +104 -1
package/package.json +1 -1
package/src/AbracadabraClient.ts +27 -0
package/src/types.ts +3 -0
package/src/webrtc/AbracadabraWebRTC.ts +8 -4
package/src/webrtc/DevicePairingChannel.ts +384 -0
package/src/webrtc/index.ts +2 -0

package/dist/abracadabra-provider.cjs CHANGED Viewed

@@ -3228,10 +3228,30 @@ var AbracadabraClient = class {
 	async listKeys() {
 		return (await this.request("GET", "/auth/keys")).keys;
 	}
+	/** Rename a registered device key. */
+	async renameKey(keyId, deviceName) {
+		await this.request("PATCH", `/auth/keys/${encodeURIComponent(keyId)}`, { body: { deviceName } });
+	}
 	/** Revoke a public key by its ID. */
 	async revokeKey(keyId) {
 		await this.request("DELETE", `/auth/keys/${encodeURIComponent(keyId)}`);
 	}
+	/** Create a single-use device invite code for pairing a new device to this account. */
+	async createDeviceInvite(opts) {
+		return this.request("POST", "/auth/device-invite", { body: opts?.expiresIn != null ? { expiresIn: opts.expiresIn } : {} });
+	}
+	/** Redeem a device invite code to register a new device key. Returns a JWT token. */
+	async redeemDeviceInvite(opts) {
+		return this.request("POST", "/auth/device-redeem", {
+			body: {
+				code: opts.code,
+				publicKey: opts.publicKey,
+				x25519Key: opts.x25519Key,
+				deviceName: opts.deviceName
+			},
+			auth: false
+		});
+	}
 	/** Get encryption info for a document. */
 	async getDocEncryption(docId) {
 		return this.request("GET", `/docs/${encodeURIComponent(docId)}/encryption`);
@@ -9949,19 +9969,23 @@ var AbracadabraWebRTC = class AbracadabraWebRTC extends EventEmitter {
 	}
 	/**
 	* Send a custom string message to a specific peer via a data channel.
+	* When E2EE is active, the message is encrypted through the router.
 	*/
 	sendCustomMessage(peerId, payload) {
 		const pc = this.peerConnections.get(peerId);
 		if (!pc) return;
-		let channel = pc.router.getChannel("custom");
+		const channelName = "custom";
+		let channel = pc.router.getChannel(channelName);
 		if (!channel || channel.readyState !== "open") {
-			channel = pc.router.createChannel("custom", { ordered: true });
+			channel = pc.router.createChannel(channelName, { ordered: true });
 			channel.onopen = () => {
-				channel.send(payload);
+				const data = new TextEncoder().encode(payload);
+				pc.router.send(channelName, data);
 			};
 			return;
 		}
-		channel.send(payload);
+		const data = new TextEncoder().encode(payload);
+		pc.router.send(channelName, data);
 	}
 	/**
 	* Send a custom string message to all connected peers.
@@ -10308,6 +10332,270 @@ var ManualSignaling = class extends EventEmitter {
 	}
 };
+//#endregion
+//#region packages/provider/src/webrtc/DevicePairingChannel.ts
+/**
+* DevicePairingChannel
+*
+* Enables cross-device identity pairing over an E2EE WebRTC data channel.
+* Device A (approver) creates a pairing session with a short code. Device B
+* (requester) joins with the code. After E2EE is established, Device B sends
+* its public key and Device A registers it via `addKey()`.
+*
+* Reuses the existing WebRTC stack: SignalingSocket, PeerConnection,
+* DataChannelRouter, and E2EEChannel (X25519 ECDH + AES-256-GCM).
+*/
+/** Ambiguity-free charset (no 0/O/1/I). */
+const CODE_CHARSET = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789";
+const CODE_LENGTH = 6;
+const PAIRING_TIMEOUT_MS = 300 * 1e3;
+function generatePairingCode() {
+	const bytes = crypto.getRandomValues(new Uint8Array(CODE_LENGTH));
+	return Array.from(bytes).map((b) => CODE_CHARSET[b % 32]).join("");
+}
+function codeToRoomId(code) {
+	const hash = sha256(new TextEncoder().encode(code.toUpperCase()));
+	return `__pairing_${Array.from(hash.slice(0, 8)).map((b) => b.toString(16).padStart(2, "0")).join("")}`;
+}
+var DevicePairingChannel = class DevicePairingChannel extends EventEmitter {
+	constructor(role, pairingCode, config) {
+		super();
+		this.config = config;
+		this.webrtc = null;
+		this.timeoutHandle = null;
+		this._destroyed = false;
+		this._pendingRequest = null;
+		this._connectedPeerId = null;
+		this.role = role;
+		this.pairingCode = pairingCode;
+	}
+	/**
+	* Create an approver session (Device A). Returns the channel and a
+	* 6-character pairing code to share with Device B.
+	*/
+	static createApprover(config) {
+		const code = generatePairingCode();
+		const channel = new DevicePairingChannel("approver", code, config);
+		channel.start();
+		return {
+			channel,
+			pairingCode: code
+		};
+	}
+	/**
+	* Create a requester session (Device B). Joins with a pairing code
+	* obtained from Device A.
+	*/
+	static createRequester(config, pairingCode) {
+		const channel = new DevicePairingChannel("requester", pairingCode.toUpperCase().replace(/[^A-Z2-9]/g, ""), config);
+		channel.start();
+		return channel;
+	}
+	/**
+	* Approve the pending pairing request. Calls `client.addKey()` to
+	* register Device B's public key, then notifies Device B.
+	*/
+	async approve(client) {
+		if (this.role !== "approver") return {
+			success: false,
+			error: "Only the approver can approve"
+		};
+		if (!this._pendingRequest) return {
+			success: false,
+			error: "No pending pairing request"
+		};
+		if (!this._connectedPeerId) return {
+			success: false,
+			error: "Peer not connected"
+		};
+		const req = this._pendingRequest;
+		try {
+			await client.addKey({
+				publicKey: req.publicKey,
+				deviceName: req.deviceName,
+				x25519Key: req.x25519Key
+			});
+			this.sendMessage({ type: "pair-approved" });
+			this._pendingRequest = null;
+			this.emit("pairingComplete", { success: true });
+			return { success: true };
+		} catch (err) {
+			const error = err?.message ?? "Failed to register device key";
+			this.sendMessage({
+				type: "pair-rejected",
+				reason: error
+			});
+			this._pendingRequest = null;
+			const result = {
+				success: false,
+				error
+			};
+			this.emit("pairingComplete", result);
+			return result;
+		}
+	}
+	/**
+	* Approve via server-side device invite. Creates a single-use invite code
+	* and sends it to Device B over the E2EE channel. Device B redeems it
+	* independently via HTTP — Device A can go offline after this.
+	*/
+	async approveWithInvite(client) {
+		if (this.role !== "approver") return {
+			success: false,
+			error: "Only the approver can approve"
+		};
+		if (!this._pendingRequest) return {
+			success: false,
+			error: "No pending pairing request"
+		};
+		if (!this._connectedPeerId) return {
+			success: false,
+			error: "Peer not connected"
+		};
+		try {
+			const { code } = await client.createDeviceInvite();
+			this.sendMessage({
+				type: "pair-invite-code",
+				code
+			});
+			this._pendingRequest = null;
+			this.emit("pairingComplete", { success: true });
+			return { success: true };
+		} catch (err) {
+			const error = err?.message ?? "Failed to create device invite";
+			this.sendMessage({
+				type: "pair-rejected",
+				reason: error
+			});
+			this._pendingRequest = null;
+			const result = {
+				success: false,
+				error
+			};
+			this.emit("pairingComplete", result);
+			return result;
+		}
+	}
+	/**
+	* Reject the pending pairing request.
+	*/
+	reject(reason = "Rejected by user") {
+		if (this.role !== "approver" || !this._pendingRequest) return;
+		this.sendMessage({
+			type: "pair-rejected",
+			reason
+		});
+		this._pendingRequest = null;
+		this.emit("pairingComplete", {
+			success: false,
+			error: reason
+		});
+	}
+	/**
+	* Send a pairing request to Device A. Call this after the "connected"
+	* event fires.
+	*/
+	requestPairing(request) {
+		if (this.role !== "requester") return;
+		this.sendMessage({
+			type: "pair-request",
+			publicKey: request.publicKey,
+			x25519Key: request.x25519Key,
+			deviceName: request.deviceName
+		});
+	}
+	get isDestroyed() {
+		return this._destroyed;
+	}
+	destroy() {
+		if (this._destroyed) return;
+		this._destroyed = true;
+		if (this.timeoutHandle) {
+			clearTimeout(this.timeoutHandle);
+			this.timeoutHandle = null;
+		}
+		if (this.webrtc) {
+			this.webrtc.destroy();
+			this.webrtc = null;
+		}
+		this.removeAllListeners();
+	}
+	start() {
+		this.webrtc = new AbracadabraWebRTC({
+			docId: codeToRoomId(this.pairingCode),
+			url: this.config.serverUrl,
+			token: this.config.token,
+			iceServers: this.config.iceServers,
+			e2ee: this.config.e2ee,
+			enableDocSync: false,
+			enableAwarenessSync: false,
+			enableFileTransfer: false,
+			autoConnect: false,
+			WebSocketPolyfill: this.config.WebSocketPolyfill
+		});
+		this.webrtc.on("e2eeEstablished", ({ peerId }) => {
+			this._connectedPeerId = peerId;
+			this.emit("connected");
+		});
+		this.webrtc.on("customMessage", ({ peerId, payload }) => {
+			this.handleMessage(peerId, payload);
+		});
+		this.webrtc.on("peerLeft", () => {
+			if (!this._destroyed) this.emit("error", /* @__PURE__ */ new Error("Peer disconnected"));
+		});
+		this.webrtc.on("signalingError", (err) => {
+			this.emit("error", /* @__PURE__ */ new Error(`Signaling: ${err.message}`));
+		});
+		this.timeoutHandle = setTimeout(() => {
+			if (!this._destroyed) {
+				this.emit("error", /* @__PURE__ */ new Error("Pairing timed out"));
+				this.destroy();
+			}
+		}, PAIRING_TIMEOUT_MS);
+		this.webrtc.connect();
+	}
+	sendMessage(msg) {
+		if (!this.webrtc || !this._connectedPeerId) return;
+		this.webrtc.sendCustomMessage(this._connectedPeerId, JSON.stringify(msg));
+	}
+	handleMessage(peerId, payload) {
+		let msg;
+		try {
+			msg = JSON.parse(payload);
+		} catch {
+			return;
+		}
+		switch (msg.type) {
+			case "pair-request":
+				if (this.role !== "approver") return;
+				this._pendingRequest = {
+					publicKey: msg.publicKey,
+					x25519Key: msg.x25519Key,
+					deviceName: msg.deviceName
+				};
+				this.emit("pairingRequest", this._pendingRequest);
+				break;
+			case "pair-approved":
+				if (this.role !== "requester") return;
+				this.emit("approved");
+				this.emit("pairingComplete", { success: true });
+				break;
+			case "pair-rejected":
+				if (this.role !== "requester") return;
+				this.emit("rejected", msg.reason);
+				this.emit("pairingComplete", {
+					success: false,
+					error: msg.reason
+				});
+				break;
+			case "pair-invite-code":
+				if (this.role !== "requester") return;
+				this.emit("inviteCode", msg.code);
+				break;
+		}
+	}
+};
 //#endregion
 //#region packages/provider/src/sync/BroadcastChannelSync.ts
 /**
@@ -10476,6 +10764,7 @@ exports.CryptoIdentityKeystore = CryptoIdentityKeystore;
 exports.DEFAULT_FILE_CHUNK_SIZE = DEFAULT_FILE_CHUNK_SIZE;
 exports.DEFAULT_ICE_SERVERS = DEFAULT_ICE_SERVERS;
 exports.DataChannelRouter = DataChannelRouter;
+exports.DevicePairingChannel = DevicePairingChannel;
 exports.DocKeyManager = DocKeyManager;
 exports.DocumentCache = DocumentCache;
 exports.E2EAbracadabraProvider = E2EAbracadabraProvider;