@blocklet/did-space-js 1.1.0 → 1.1.2

package/dist/client/index.d.ts

@@ -15,6 +15,7 @@ export declare class SpaceClient {
      */
     putNftObject(command: PutNftObjectCommand): Promise<PutNftObjectCommandOutput>;
     send<Input extends CommandInput, Output extends CommandOutput>(command: CommandProtocol<Input, Output>): Promise<Output>;
+    private getOptionsUrl;
     /**
      *
      *

package/dist/client/index.js

@@ -4,6 +4,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.SpaceClient = void 0;
+const axios_1 = __importDefault(require("axios"));
 const is_url_1 = __importDefault(require("is-url"));
 const ufo_1 = require("ufo");
 const debug_1 = __importDefault(require("debug"));
@@ -15,7 +16,9 @@ class SpaceClient {
     options;
     constructor(options) {
         this.options = options;
-        this.options.endpoint = this.normalizeEndpoint(this.options.endpoint);
+        this.options.endpoint = this.options.endpoint
+            ? this.normalizeEndpoint(this.options.endpoint)
+            : this.options.endpoint;
     }
     /**
      *
@@ -39,6 +42,7 @@ class SpaceClient {
     }
     async send(command) {
         try {
+            this.options.url = await this.getOptionsUrl();
             command.context = {
                 ...command.context,
                 ...this.options,
@@ -58,6 +62,18 @@ class SpaceClient {
             };
         }
     }
+    async getOptionsUrl() {
+        const url = this.options.url || 'https://www.didspaces.com';
+        const u = new URL(url);
+        const { data: blockletMeta } = await axios_1.default.get((0, ufo_1.joinURL)(u.origin, '/__blocklet__.js?type=json'), {
+            timeout: 5000,
+        });
+        const mountPoint = blockletMeta.componentMountPoints.find((x) => x.did === 'z8iZnaYxnkMD5AKRjTKiCb8pQr1ut8UantAcf')?.mountPoint;
+        if (!mountPoint) {
+            throw new Error(`MountPoint(${mountPoint}) not found in ${url}`);
+        }
+        return (0, ufo_1.joinURL)(u.origin, mountPoint);
+    }
     /**
      *
      *

package/dist/commands/audit-log/post-objects-sync-command.js

@@ -20,7 +20,8 @@ class PostObjectsSyncCommand extends base_1.BaseCommand {
         return Promise.resolve(null);
     }
     async resolveMiddleware() {
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'audit-log');
+        const endpoint = this.getEndpoint();
+        const url = (0, ufo_1.joinURL)(endpoint, 'audit-log');
         const data = {
             actionType: constants_1.AuditLogAction.APP_OBJECTS_SYNC,
             data: {

package/dist/commands/audit-log/put-objects-sync-command.js

@@ -20,7 +20,8 @@ class PutObjectsSyncCommand extends base_1.BaseCommand {
         return Promise.resolve(null);
     }
     async resolveMiddleware() {
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'audit-log');
+        const endpoint = this.getEndpoint();
+        const url = (0, ufo_1.joinURL)(endpoint, 'audit-log');
         const { id, status, reason, ...rest } = this.input;
         const body = {
             id,

package/dist/commands/backup/backup-blocklet.js

@@ -24,7 +24,8 @@ class BackupBlockletCommand extends base_1.BaseCommand {
         let appBackup = null;
         try {
             // @note: 备份还原的时候我们希望使用 service url 来完成，不希望走 CDN
-            this.context.endpoint = await (0, space_1.getSpaceServiceEndpoint)(this.context.endpoint);
+            const endpoint = this.getEndpoint();
+            this.context.endpoint = await (0, space_1.getSpaceServiceEndpoint)(endpoint);
             appBackup = (await new post_app_backup_1.PostAppBackupCommand({
                 userDid: this.input.userDid,
                 referrer: this.input.referrer,

package/dist/commands/backup/post-app-backup.js

@@ -21,7 +21,8 @@ class PostAppBackupCommand extends base_1.BaseCommand {
         return Promise.resolve(null);
     }
     async resolveMiddleware() {
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'backup');
+        const endpoint = this.getEndpoint();
+        const url = (0, ufo_1.joinURL)(endpoint, 'backup');
         const data = this.input;
         const method = 'POST';
         const { headers } = await (0, security_1.signRequest)({

package/dist/commands/backup/put-app-backup.js

@@ -21,7 +21,8 @@ class PutAppBackupCommand extends base_1.BaseCommand {
         return Promise.resolve(null);
     }
     async resolveMiddleware() {
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'backup');
+        const endpoint = this.getEndpoint();
+        const url = (0, ufo_1.joinURL)(endpoint, 'backup');
         const data = this.input;
         const method = 'PUT';
         const { headers } = await (0, security_1.signRequest)({

package/dist/commands/base.d.ts

@@ -15,7 +15,14 @@ export declare abstract class BaseCommand<BaseCommandInput extends CommandInput,
     readonly context: SpaceClientOptions;
     constructor(input: BaseCommandInput, context?: SpaceClientOptions);
     abstract getAxiosRequestConfig(): Promise<AxiosRequestConfig | null>;
+    isAccessKeyVisit(): boolean;
     getKey(key: string, options?: GetKeyOptions): string;
+    protected assertEndpointRequired(): void;
+    protected getEndpoint({ strict }?: {
+        strict?: true | false;
+    }): string;
+    protected getRequestUrl(key: string, type?: string): string;
+    getRequestHeaders(extraHeaders?: Record<string, string>): Record<string, string>;
     request(): Promise<BaseCommandOutput>;
     resolveMiddleware(res?: AxiosResponse<BaseCommandOutput['data'], any>): Promise<BaseCommandOutput>;
     abort(): void;

package/dist/commands/base.js

@@ -9,6 +9,8 @@ const ufo_1 = require("ufo");
 const did_1 = require("@arcblock/did");
 const constants_1 = require("@did-space/constants");
 const stream_1 = require("stream");
+const node_path_1 = require("node:path");
+const wallet_1 = require("@ocap/wallet");
 const libs_1 = require("../libs");
 class BaseCommand extends stream_1.EventEmitter {
     input = {};
@@ -22,12 +24,78 @@ class BaseCommand extends stream_1.EventEmitter {
         }
         this.context.abortController = this.context.abortController ?? this.input.abortController ?? new AbortController();
     }
+    isAccessKeyVisit() {
+        return Boolean(this.context.auth && ('secretKey' in this.context.auth || 'authorization' in this.context.auth));
+    }
     getKey(key, options = { encode: true }) {
-        const path = (0, isEmpty_1.default)(this.context.componentDid)
+        const path = (0, isEmpty_1.default)(this.context.componentDid) || this.isAccessKeyVisit()
             ? key
-            : (0, ufo_1.joinURL)(constants_1.APP.COMPONENT.FOLDER_PREFIX, this.context.componentDid, key);
+            : (0, node_path_1.join)(constants_1.APP.COMPONENT.FOLDER_PREFIX, this.context.componentDid, key);
         return options.encode ? (0, libs_1.encode)(path) : path;
     }
+    assertEndpointRequired() {
+        const endpoint = this.context.endpoint || this.context?.auth?.endpoint;
+        if (!endpoint) {
+            if (this.context.auth || this.context.url) {
+                throw new Error('This interface requires endpoint authentication and cannot be accessed through auth and url parameters');
+            }
+            throw new Error('Endpoint is required for this operation');
+        }
+    }
+    getEndpoint({ strict } = {
+        strict: true,
+    }) {
+        const endpoint = this.context.endpoint || this.context?.auth?.endpoint;
+        if (endpoint) {
+            return endpoint;
+        }
+        if (strict) {
+            if (this.context.auth || this.context.url) {
+                throw new Error('This interface requires endpoint authentication and cannot be accessed through auth and url parameters');
+            }
+            throw new Error('Endpoint is required for this operation');
+        }
+        if (this.context.auth && this.context.url) {
+            return (0, ufo_1.joinURL)(this.context.url, '/api/space/default/app/default');
+        }
+        throw new Error('Please provide either an "endpoint" or both "auth" and "url" parameters to initialize the space client');
+    }
+    getRequestUrl(key, type = 'object') {
+        // 优先使用 context.endpoint
+        if (this.context.endpoint) {
+            return (0, ufo_1.joinURL)(this.context.endpoint, type, this.getKey(key));
+        }
+        // 检查 auth 中是否有 endpoint（类型安全检查）
+        if (this.context.auth && 'endpoint' in this.context.auth && this.context.auth.endpoint) {
+            return (0, ufo_1.joinURL)(this.context.auth.endpoint, type, this.getKey(key));
+        }
+        // 使用 auth + url 组合
+        if (this.context.auth && this.context.url) {
+            if ('secretKey' in this.context.auth) {
+                this.context.wallet = (0, wallet_1.fromSecretKey)(this.context.auth.secretKey);
+            }
+            return (0, ufo_1.joinURL)(this.context.url, '/api/space/default/app/default', type, this.getKey(key));
+        }
+        throw new Error('Please provide either an "endpoint" or both "auth" and "url" parameters to initialize the space client');
+    }
+    getRequestHeaders(extraHeaders = {}) {
+        const headers = {
+            [constants_1.HEADERS.X_SIGNATURE_VERSION]: '2',
+        };
+        if (this.context.auth && 'authorization' in this.context.auth) {
+            headers[constants_1.HEADERS.X_AUTHORIZATION] = this.context.auth.authorization;
+            // 此处为了兼容标准的认证方式
+            headers.authorization = this.context.auth.authorization;
+        }
+        if (this.context.auth && 'secretKey' in this.context.auth) {
+            const accessWallet = (0, wallet_1.fromSecretKey)(this.context.auth.secretKey);
+            headers[constants_1.HEADERS.X_ACCESS_KEY] = accessWallet.address;
+        }
+        return {
+            ...headers,
+            ...extraHeaders,
+        };
+    }
     async request() {
         const axiosRequestConfig = await this.getAxiosRequestConfig();
         if (!axiosRequestConfig) {

package/dist/commands/incremental-backup/backup-blocklet.js

@@ -24,7 +24,8 @@ class IncrementalBackupBlockletCommand extends base_1.BaseCommand {
         let incrementalSyncPushInstance = null;
         try {
             // @note: 备份还原的时候我们希望使用 service url 来完成，不希望走 CDN
-            this.context.endpoint = await (0, space_1.getSpaceServiceEndpoint)(this.context.endpoint);
+            const endpoint = this.getEndpoint();
+            this.context.endpoint = await (0, space_1.getSpaceServiceEndpoint)(endpoint);
             appBackup = (await new backup_1.PostAppBackupCommand({
                 userDid: this.input.userDid,
                 referrer: this.input.referrer,

package/dist/commands/nft/put-nft-object.js

@@ -25,7 +25,7 @@ class PutNftObjectCommand extends base_1.BaseCommand {
         (0, fs_extra_1.ensureDirSync)((0, path_1.dirname)(this.tempCacheObjectKey));
     }
     getUrl() {
-        const { endpoint } = this.context;
+        const endpoint = this.getEndpoint();
         const didObjectUrl = (0, ufo_1.joinURL)(endpoint, 'did-objects', (0, libs_1.encode)(this.input.display.key));
         const didObjectURL = new URL(didObjectUrl);
         didObjectURL.searchParams.set('did', this.input.did);
@@ -100,6 +100,9 @@ class PutNftObjectCommand extends base_1.BaseCommand {
             const method = 'PUT';
             const { streamForUpload, streamForHash } = await this.getStreams();
             const didDocument = await this.getDidDocument(streamForHash);
+            const requestHeaders = this.getRequestHeaders({
+                [constants_1.HEADERS.X_HASH]: this.tempCacheObjectHash,
+            });
             const formData = new form_data_1.default();
             formData.append('data', streamForUpload);
             formData.append('didDocument', JSON.stringify(didDocument));
@@ -107,10 +110,7 @@ class PutNftObjectCommand extends base_1.BaseCommand {
                 url,
                 method,
                 data: formData,
-                headers: {
-                    [constants_1.HEADERS.X_HASH]: this.tempCacheObjectHash,
-                    [constants_1.HEADERS.X_SIGNATURE_VERSION]: '2',
-                },
+                headers: requestHeaders,
                 wallet: this.context.wallet,
                 delegation: this.context.delegation,
             });

package/dist/commands/object/delete-object.js

@@ -1,23 +1,21 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.DeleteObjectCommand = void 0;
-const ufo_1 = require("ufo");
-const constants_1 = require("@did-space/constants");
 const base_1 = require("../base");
 const security_1 = require("../../security");
 class DeleteObjectCommand extends base_1.BaseCommand {
     async getAxiosRequestConfig() {
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'object', this.getKey(this.input.key));
+        const url = this.getRequestUrl(this.input.key);
+        const requestHeaders = await this.getRequestHeaders();
         const method = 'DELETE';
         const { headers } = await (0, security_1.signRequest)({
             url,
             method,
             data: {},
-            headers: {
-                [constants_1.HEADERS.X_SIGNATURE_VERSION]: '2',
-            },
+            headers: requestHeaders,
             wallet: this.context.wallet,
             delegation: this.context.delegation,
+            throwError: false,
         });
         const axiosRequestConfig = {
             url,

package/dist/commands/object/get-object.js

@@ -1,23 +1,21 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GetObjectCommand = void 0;
-const ufo_1 = require("ufo");
-const constants_1 = require("@did-space/constants");
 const base_1 = require("../base");
 const security_1 = require("../../security");
 class GetObjectCommand extends base_1.BaseCommand {
     async getAxiosRequestConfig() {
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'object', this.getKey(this.input.key));
+        const url = this.getRequestUrl(this.input.key);
+        const requestHeaders = this.getRequestHeaders();
         const method = 'GET';
         const { headers } = await (0, security_1.signRequest)({
             url,
             method,
             data: {},
-            headers: {
-                [constants_1.HEADERS.X_SIGNATURE_VERSION]: '2',
-            },
+            headers: requestHeaders,
             wallet: this.context.wallet,
             delegation: this.context.delegation,
+            throwError: false,
         });
         const config = {
             url,

package/dist/commands/object/list-object.js

@@ -1,23 +1,21 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ListObjectCommand = void 0;
-const constants_1 = require("@did-space/constants");
-const ufo_1 = require("ufo");
 const base_1 = require("../base");
 const security_1 = require("../../security");
 class ListObjectCommand extends base_1.BaseCommand {
     async getAxiosRequestConfig() {
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'list', this.getKey(this.input.key));
+        const url = this.getRequestUrl(this.input.key, 'list/');
+        const requestHeaders = await this.getRequestHeaders();
         const method = 'GET';
         const { headers } = await (0, security_1.signRequest)({
             url,
             method,
             data: {},
-            headers: {
-                [constants_1.HEADERS.X_SIGNATURE_VERSION]: '2',
-            },
+            headers: requestHeaders,
             wallet: this.context.wallet,
             delegation: this.context.delegation,
+            throwError: false,
         });
         const config = {
             url,

package/dist/commands/object/list-objects.js

@@ -4,12 +4,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ListObjectsCommand = void 0;
-const constants_1 = require("@did-space/constants");
 const ufo_1 = require("ufo");
 const debug_1 = __importDefault(require("debug"));
 const pick_1 = __importDefault(require("lodash/pick"));
-const querystring_1 = __importDefault(require("querystring"));
-const isEmpty_1 = __importDefault(require("lodash/isEmpty"));
 const base_1 = require("../base");
 const security_1 = require("../../security");
 const { name, version } = require('../../../package.json');
@@ -18,19 +15,18 @@ class ListObjectsCommand extends base_1.BaseCommand {
     async getAxiosRequestConfig() {
         // TODO: 此处应该有 joi 校验
         const options = (0, pick_1.default)(this.input, ['recursive', 'ignoreDirectories']);
-        const queryParams = (0, isEmpty_1.default)(options) ? '' : `?${querystring_1.default.stringify(options)}`;
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'lists', this.getKey(this.input.key), queryParams);
+        const url = (0, ufo_1.withQuery)(await this.getRequestUrl(this.input.key, 'lists/'), options);
+        const requestHeaders = this.getRequestHeaders();
         const method = 'GET';
         debug('getAxiosRequestConfig.$url', url);
         const { headers } = await (0, security_1.signRequest)({
             url,
             method,
             data: {},
-            headers: {
-                [constants_1.HEADERS.X_SIGNATURE_VERSION]: '2',
-            },
+            headers: requestHeaders,
             wallet: this.context.wallet,
             delegation: this.context.delegation,
+            throwError: false,
         });
         const config = {
             url,

package/dist/commands/object/put-object.js

@@ -4,10 +4,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.PutObjectCommand = void 0;
-const constants_1 = require("@did-space/constants");
 const form_data_1 = __importDefault(require("form-data"));
 const isEmpty_1 = __importDefault(require("lodash/isEmpty"));
-const ufo_1 = require("ufo");
 const libs_1 = require("../../libs");
 const security_1 = require("../../security");
 const base_1 = require("../base");
@@ -16,7 +14,8 @@ class PutObjectCommand extends base_1.BaseCommand {
         return Promise.resolve(null);
     }
     async resolveMiddleware() {
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'object', this.getKey(this.input.key));
+        const url = this.getRequestUrl(this.input.key);
+        const requestHeaders = this.getRequestHeaders();
         const method = 'PUT';
         const body = new form_data_1.default();
         if (!(0, isEmpty_1.default)(this.input.data)) {
@@ -32,11 +31,10 @@ class PutObjectCommand extends base_1.BaseCommand {
             url,
             method,
             data: body,
-            headers: {
-                [constants_1.HEADERS.X_SIGNATURE_VERSION]: '2',
-            },
+            headers: requestHeaders,
             wallet: this.context.wallet,
             delegation: this.context.delegation,
+            throwError: false,
         });
         const optionsOfTextResponseBody = {
             method,

package/dist/commands/preview/delete-preview-object.js

@@ -2,8 +2,6 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.DeletePreviewObjectCommand = void 0;
 const path_1 = require("path");
-const ufo_1 = require("ufo");
-const constants_1 = require("@did-space/constants");
 const meta_1 = require("../../meta");
 const base_1 = require("../base");
 const security_1 = require("../../security");
@@ -13,16 +11,16 @@ class DeletePreviewObjectCommand extends base_1.BaseCommand {
         return Promise.resolve(null);
     }
     async resolveMiddleware() {
+        this.assertEndpointRequired();
         Object.assign(this.input, await meta_1.GetPreviewObjectCommandInputSchema.parseAsync(this.input));
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'object', this.getKey((0, path_1.join)(this.input.key, '.meta/preview.yml')));
+        const url = this.getRequestUrl((0, path_1.join)(this.input.key, '.meta/preview.yml'));
+        const requestHeaders = this.getRequestHeaders();
         const method = 'DELETE';
         const { headers } = await (0, security_1.signRequest)({
             url,
             method,
             data: {},
-            headers: {
-                [constants_1.HEADERS.X_SIGNATURE_VERSION]: '2',
-            },
+            headers: requestHeaders,
             wallet: this.context.wallet,
             delegation: this.context.delegation,
         });

package/dist/commands/preview/get-preview-object.js

@@ -6,8 +6,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.GetPreviewObjectCommand = void 0;
 const js_yaml_1 = __importDefault(require("js-yaml"));
 const path_1 = require("path");
-const ufo_1 = require("ufo");
-const constants_1 = require("@did-space/constants");
 const meta_1 = require("../../meta");
 const base_1 = require("../base");
 const security_1 = require("../../security");
@@ -17,16 +15,16 @@ class GetPreviewObjectCommand extends base_1.BaseCommand {
         return Promise.resolve(null);
     }
     async resolveMiddleware() {
+        this.assertEndpointRequired();
         Object.assign(this.input, await meta_1.GetPreviewObjectCommandInputSchema.parseAsync(this.input));
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'object', this.getKey((0, path_1.join)(this.input.key, '.meta/preview.yml')));
+        const url = this.getRequestUrl((0, path_1.join)(this.input.key, '.meta/preview.yml'));
+        const requestHeaders = this.getRequestHeaders();
         const method = 'GET';
         const { headers } = await (0, security_1.signRequest)({
             url,
             method,
             data: {},
-            headers: {
-                [constants_1.HEADERS.X_SIGNATURE_VERSION]: '2',
-            },
+            headers: requestHeaders,
             wallet: this.context.wallet,
             delegation: this.context.delegation,
         });

package/dist/commands/preview/put-preview-object.js

@@ -4,10 +4,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.PutPreviewObjectCommand = void 0;
-const constants_1 = require("@did-space/constants");
 const form_data_1 = __importDefault(require("form-data"));
 const isEmpty_1 = __importDefault(require("lodash/isEmpty"));
-const ufo_1 = require("ufo");
 const js_yaml_1 = __importDefault(require("js-yaml"));
 const path_1 = require("path");
 const p_all_1 = __importDefault(require("p-all"));
@@ -30,8 +28,10 @@ class PutPreviewObjectCommand extends base_1.BaseCommand {
         }
     }
     async resolveMiddleware() {
+        this.assertEndpointRequired();
         await this.normalize();
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'object', this.getKey((0, path_1.join)(this.input.key, '.meta/preview.yml')));
+        const url = this.getRequestUrl((0, path_1.join)(this.input.key, '.meta/preview.yml'));
+        const requestHeaders = this.getRequestHeaders();
         const method = 'PUT';
         const data = new form_data_1.default();
         // @see: https://stackoverflow.com/a/43914175
@@ -45,9 +45,7 @@ class PutPreviewObjectCommand extends base_1.BaseCommand {
             url,
             method,
             data,
-            headers: {
-                [constants_1.HEADERS.X_SIGNATURE_VERSION]: '2',
-            },
+            headers: requestHeaders,
             wallet: this.context.wallet,
             delegation: this.context.delegation,
         });

package/dist/commands/restore/post-app-restore.js

@@ -15,7 +15,8 @@ class PostAppRestoreCommand extends base_1.BaseCommand {
         if (error) {
             throw error;
         }
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'restore');
+        const endpoint = this.getEndpoint();
+        const url = (0, ufo_1.joinURL)(endpoint, 'restore');
         const data = this.input;
         const method = 'POST';
         const { headers } = await (0, security_1.signRequest)({

package/dist/commands/restore/put-app-restore.js

@@ -19,7 +19,8 @@ class PutAppRestoreCommand extends base_1.BaseCommand {
         return Promise.resolve(null);
     }
     async resolveMiddleware() {
-        const url = (0, ufo_1.joinURL)(this.context.endpoint, 'restore');
+        const endpoint = this.getEndpoint();
+        const url = (0, ufo_1.joinURL)(endpoint, 'restore');
         const data = this.input;
         const method = 'PUT';
         const { headers } = await (0, security_1.signRequest)({

package/dist/commands/restore/restore-blocklet.js

@@ -23,8 +23,9 @@ class RestoreBlockletCommand extends base_1.BaseCommand {
     async resolveMiddleware() {
         let appRestore = null;
         try {
+            const endpoint = this.getEndpoint();
             // @note: 备份还原的时候我们希望使用 service url 来完成，不希望走 CDN
-            this.context.endpoint = await (0, space_1.getSpaceServiceEndpoint)(this.context.endpoint);
+            this.context.endpoint = await (0, space_1.getSpaceServiceEndpoint)(endpoint);
             appRestore = (await new post_app_restore_1.PostAppRestoreCommand({
                 userDid: this.input.userDid,
                 referrer: this.input.referrer,

package/dist/commands/space/head.js

@@ -1,7 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.HeadSpaceCommand = void 0;
-const constants_1 = require("@did-space/constants");
 const ufo_1 = require("ufo");
 const libs_1 = require("../../libs");
 const security_1 = require("../../security");
@@ -12,25 +11,33 @@ class HeadSpaceCommand extends base_1.BaseCommand {
         return Promise.resolve(null);
     }
     getUrl() {
-        const array = this.context.endpoint.split('/');
-        const lastIndexOfApp = array.lastIndexOf('app');
-        const url = array.filter((_, i) => i < lastIndexOfApp).join('/');
-        return (0, ufo_1.withQuery)(url, {
-            ...this.input,
-        });
+        if (this.context.endpoint) {
+            const array = this.context.endpoint.split('/');
+            const lastIndexOfApp = array.lastIndexOf('app');
+            const url = array.filter((_, i) => i < lastIndexOfApp).join('/');
+            return (0, ufo_1.withQuery)(url, {
+                ...this.input,
+            });
+        }
+        if (this.context.auth && this.context.url) {
+            return (0, ufo_1.withQuery)((0, ufo_1.joinURL)(this.context.url, '/api/space/default'), {
+                ...this.input,
+            });
+        }
+        throw new Error('Invalid configuration: Please provide either "endpoint" or both "auth" and "url" parameters to initialize the space client');
     }
     async resolveMiddleware() {
         const url = this.getUrl();
+        const requestHeaders = this.getRequestHeaders();
         const method = 'HEAD';
         const { headers } = await (0, security_1.signRequest)({
             url,
             method,
             data: {},
-            headers: {
-                [constants_1.HEADERS.X_SIGNATURE_VERSION]: '2',
-            },
+            headers: requestHeaders,
             wallet: this.context.wallet,
             delegation: this.context.delegation,
+            throwError: false,
         });
         const optionsOfTextResponseBody = {
             method,

package/dist/commands/sync/sync-folder-push.js

@@ -46,7 +46,8 @@ class SyncFolderPushCommand extends sync_folder_base_1.SyncFolderBaseCommand {
     async request() {
         try {
             // @note: 备份还原的时候我们希望使用 service url 来完成，不希望走 CDN
-            this.context.endpoint = await (0, libs_1.getSpaceServiceEndpoint)(this.context.endpoint);
+            const endpoint = this.getEndpoint();
+            this.context.endpoint = await (0, libs_1.getSpaceServiceEndpoint)(endpoint);
             if (!this.objectsSync) {
                 this.objectsSync = await this.createObjectsSyncAuditLog();
             }

package/dist/protocol/command.protocol.d.ts

@@ -37,6 +37,35 @@ export interface CommandOutput<D = any> {
     data: D;
     response?: Response;
 }
+export interface SpaceClientOptionsEndpointAuth {
+    /**
+     *
+     * @description spaces endpoint
+     * @example https://cedcaa27-znkomkclejcfbjaxw9knzzebmzmqrxjnn9bb.did.abtnet.io/api/space/z3T6EHN7sLhH5cty1PshDeSipeG7JNxEVaRFS/app/zNKabhhwdvVmXjtRTtSHk2YQz4pdDPStV289/
+     * @type {string}
+     * @memberof SpaceClientOptionsEndpointAuth
+     */
+    endpoint: string;
+}
+export interface SpaceClientOptionsAuthorizationAuth {
+    /**
+     *
+     * @description authorization token
+     * @type {string}
+     * @memberof SpaceClientOptionsAuthorizationAuth
+     */
+    authorization: string;
+}
+export interface SpaceClientOptionsAccessKeyAuth {
+    /**
+     *
+     * @description secret key
+     * @type {string}
+     * @memberof SpaceClientOptionsAccessKeyAuth
+     */
+    secretKey: string;
+}
+export type SpaceClientOptionsAuth = SpaceClientOptionsEndpointAuth | SpaceClientOptionsAuthorizationAuth | SpaceClientOptionsAccessKeyAuth;
 export interface SpaceClientOptions {
     /**
      *
@@ -46,13 +75,29 @@ export interface SpaceClientOptions {
      */
     wallet: WalletObject;
     /**
-     *
+     * @recommend use `auth` field instead
      * @description spaces endpoint
      * @example https://cedcaa27-znkomkclejcfbjaxw9knzzebmzmqrxjnn9bb.did.abtnet.io/api/space/z3T6EHN7sLhH5cty1PshDeSipeG7JNxEVaRFS/app/zNKabhhwdvVmXjtRTtSHk2YQz4pdDPStV289/
      * @type {string}
      * @memberof SpaceClientOptions
      */
-    endpoint: string;
+    endpoint?: string;
+    /**
+     *
+     * @description spaces 的访问地址，需要具体到 mount point
+     * @example https://www.didspaces.com/app
+     * @default https://www.didspaces.com/app
+     * @type {string}
+     * @memberof SpaceClientOptions
+     */
+    url?: string;
+    /**
+     *
+     * @description 认证信息
+     * @type {SpaceClientOptionsAuth}
+     * @memberof SpaceClientOptions
+     */
+    auth?: SpaceClientOptionsAuth;
     /**
      * A jwt token that certifies the requester is authorized to access the space
      * @description delegation token

package/dist/security/request-signature.d.ts

@@ -1,14 +1,15 @@
 import { WalletObject } from '@ocap/wallet';
 type Method = import('got/dist/source').Method;
 type Headers = {
-    'x-app-did': string;
-    'x-app-pk': string;
-    'x-app-token': string;
-    'x-app-delegation': string;
+    'x-app-did'?: string;
+    'x-app-pk'?: string;
+    'x-app-token'?: string;
+    'x-app-delegation'?: string;
     [key: string]: any;
 };
+export declare function isAccessKeyVisit(headers: Headers): boolean;
 declare function verifyDelegation(delegation: string, delegatee: WalletObject): Promise<string>;
-declare function signRequest({ url, method, data, headers, wallet, delegation, }: {
+declare function signRequest({ url, method, data, headers, wallet, delegation, throwError, }: {
     url: string;
     method: Method;
     data: any;
@@ -17,6 +18,7 @@ declare function signRequest({ url, method, data, headers, wallet, delegation, }
     };
     wallet: WalletObject;
     delegation?: string;
+    throwError?: true | false;
 }): Promise<{
     url: string;
     method: Method;

package/dist/security/request-signature.js

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyDelegation = exports.verifyRequest = exports.signRequest = void 0;
+exports.verifyDelegation = exports.verifyRequest = exports.signRequest = exports.isAccessKeyVisit = void 0;
 const jwt_1 = require("@arcblock/jwt");
 const isEmpty_1 = __importDefault(require("lodash/isEmpty"));
 const isObject_1 = __importDefault(require("lodash/isObject"));
@@ -15,7 +15,12 @@ const mcrypto_1 = require("@ocap/mcrypto");
 const wallet_1 = require("@ocap/wallet");
 const is_url_1 = __importDefault(require("is-url"));
 const debug_1 = __importDefault(require("debug"));
+const constants_1 = require("@did-space/constants");
 const debug = (0, debug_1.default)('request-signature');
+function isAccessKeyVisit(headers) {
+    return Boolean(headers[constants_1.HEADERS.X_AUTHORIZATION] || headers[constants_1.HEADERS.X_ACCESS_KEY]);
+}
+exports.isAccessKeyVisit = isAccessKeyVisit;
 // verifyDelegation to get actual appDid
 async function verifyDelegation(delegation, delegatee) {
     const { from, to, userPk, permissions } = (0, jwt_1.decode)(delegation);
@@ -52,18 +57,32 @@ function getSignUrl({ url }) {
     }
     return signUrl;
 }
-async function signRequest({ url, method, data, headers, wallet, delegation, }) {
+async function signRequest({ url, method, data, headers, wallet, delegation, throwError = true, }) {
+    let error = null;
     if ((0, isEmpty_1.default)(url)) {
-        throw new Error(`url(${url}) cannot be empty`);
+        error = new Error(`url(${url}) cannot be empty`);
     }
     if (!(0, isObject_1.default)(data)) {
-        throw new Error(`data(${data}) is not an object`);
+        error = new Error(`data(${data}) is not an object`);
+    }
+    if (!wallet) {
+        error = new Error('wallet is required');
+    }
+    if (error) {
+        if (throwError) {
+            throw error;
+        }
+        return {
+            url,
+            method,
+            data,
+            headers,
+        };
     }
     if (delegation) {
         await verifyDelegation(delegation, wallet);
     }
     const signUrl = getSignUrl({ url });
-    // @ts-expect-error
     const signData = (0, isString_1.default)(data?.data) ? data : {};
     const token = (0, jwt_1.sign)(wallet.address, wallet.secretKey, {
         digest: mcrypto_1.Hasher.SHA3.hash256((0, json_stable_stringify_1.default)({
@@ -74,12 +93,13 @@ async function signRequest({ url, method, data, headers, wallet, delegation, })
         // 请求在一个小时内都是不过期的
         exp: String(Math.floor(Date.now() / 1000) + 60 * 60),
     });
+    const appDid = wallet.address;
     return {
         url,
         method,
         data,
         headers: Object.assign(headers ?? {}, {
-            'x-app-did': wallet.address,
+            'x-app-did': appDid,
             'x-app-pk': wallet.publicKey,
             'x-app-token': token,
             'x-app-delegation': delegation || '',
@@ -101,7 +121,7 @@ async function verifyRequest({ url, method, data, headers, }) {
     if ((0, isUndefined_1.default)(appToken)) {
         throw new Error('x-app-token must be present in request headers');
     }
-    if (!(0, did_1.isValid)(appDid)) {
+    if (!(0, did_1.isValid)(appDid) && !isAccessKeyVisit(headers)) {
         throw new Error(`appDid(${appDid}) must be a valid did`);
     }
     if (!(0, did_1.isFromPublicKey)(appDid, appPk)) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@blocklet/did-space-js",
-  "version": "1.1.0",
+  "version": "1.1.2",
   "publishConfig": {
     "access": "public"
   },
@@ -32,9 +32,9 @@
     "@arcblock/did": "^1.20.15",
     "@arcblock/jwt": "^1.20.15",
     "@arcblock/validator": "^1.20.15",
-    "@blocklet/env": "^1.16.44",
-    "@did-space/constants": "^1.1.0",
-    "@did-space/core": "^1.1.0",
+    "@blocklet/env": "^1.16.45",
+    "@did-space/constants": "^1.1.2",
+    "@did-space/core": "^1.1.2",
     "@ocap/mcrypto": "^1.20.15",
     "@ocap/util": "^1.20.15",
     "@ocap/wallet": "^1.20.15",
@@ -78,5 +78,5 @@
     "ts-jest": "^28.0.8",
     "typescript": "^4.9.5"
   },
-  "gitHead": "5b93f14e6011e4d81663549078127e4b927c5f12"
+  "gitHead": "922e4725da8965f66033b82f9ba28d1d691f9cc5"
 }