@casual-simulation/aux-records 2.0.22-alpha.1651045562

package/MemoryFileRecordsStore.d.ts

@@ -0,0 +1,9 @@
+import { AddFileResult, FileRecordsStore, GetFileRecordResult, MarkFileRecordAsUploadedResult, PresignFileUploadRequest, PresignFileUploadResult } from './FileRecordsStore';
+export declare class MemoryFileRecordsStore implements FileRecordsStore {
+    private _files;
+    presignFileUpload(request: PresignFileUploadRequest): Promise<PresignFileUploadResult>;
+    getFileRecord(recordName: string, fileName: string): Promise<GetFileRecordResult>;
+    addFileRecord(recordName: string, fileName: string, publisherId: string, subjectId: string, sizeInBytes: number, description: string): Promise<AddFileResult>;
+    setFileRecordAsUploaded(recordName: string, fileName: string): Promise<MarkFileRecordAsUploadedResult>;
+}
+//# sourceMappingURL=MemoryFileRecordsStore.d.ts.map

package/MemoryFileRecordsStore.js

@@ -0,0 +1,83 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+export class MemoryFileRecordsStore {
+    constructor() {
+        this._files = new Map();
+    }
+    presignFileUpload(request) {
+        throw new Error('Method not implemented.');
+    }
+    getFileRecord(recordName, fileName) {
+        return __awaiter(this, void 0, void 0, function* () {
+            let file = this._files.get(fileName);
+            if (file) {
+                return {
+                    success: true,
+                    fileName: file.fileName,
+                    recordName: file.recordName,
+                    publisherId: file.publisherId,
+                    subjectId: file.subjectId,
+                    sizeInBytes: file.sizeInBytes,
+                    uploaded: file.uploaded,
+                    description: file.description,
+                    url: `${file.recordName}/${file.fileName}`,
+                };
+            }
+            else {
+                return {
+                    success: false,
+                    errorCode: 'file_not_found',
+                    errorMessage: 'The file was not found in the store.',
+                };
+            }
+        });
+    }
+    addFileRecord(recordName, fileName, publisherId, subjectId, sizeInBytes, description) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (this._files.has(fileName)) {
+                return {
+                    success: false,
+                    errorCode: 'file_already_exists',
+                    errorMessage: 'The file already exists in the store.',
+                };
+            }
+            let file = {
+                fileName: fileName,
+                recordName: recordName,
+                publisherId,
+                subjectId,
+                sizeInBytes,
+                description,
+                uploaded: false,
+            };
+            this._files.set(fileName, file);
+            return {
+                success: true,
+            };
+        });
+    }
+    setFileRecordAsUploaded(recordName, fileName) {
+        return __awaiter(this, void 0, void 0, function* () {
+            let file = this._files.get(fileName);
+            if (!file) {
+                return {
+                    success: false,
+                    errorCode: 'file_not_found',
+                    errorMessage: 'The file was not found in the store.',
+                };
+            }
+            file.uploaded = true;
+            return {
+                success: true,
+            };
+        });
+    }
+}
+//# sourceMappingURL=MemoryFileRecordsStore.js.map

package/MemoryFileRecordsStore.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"MemoryFileRecordsStore.js","sourceRoot":"","sources":["MemoryFileRecordsStore.ts"],"names":[],"mappings":";;;;;;;;;AASA,MAAM,OAAO,sBAAsB;IAAnC;QACY,WAAM,GAA4B,IAAI,GAAG,EAAE,CAAC;IAuFxD,CAAC;IArFG,iBAAiB,CACb,OAAiC;QAEjC,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC/C,CAAC;IAEK,aAAa,CACf,UAAkB,EAClB,QAAgB;;YAEhB,IAAI,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAErC,IAAI,IAAI,EAAE;gBACN,OAAO;oBACH,OAAO,EAAE,IAAI;oBACb,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,UAAU,EAAE,IAAI,CAAC,UAAU;oBAC3B,WAAW,EAAE,IAAI,CAAC,WAAW;oBAC7B,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,WAAW,EAAE,IAAI,CAAC,WAAW;oBAC7B,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,WAAW,EAAE,IAAI,CAAC,WAAW;oBAC7B,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,QAAQ,EAAE;iBAC7C,CAAC;aACL;iBAAM;gBACH,OAAO;oBACH,OAAO,EAAE,KAAK;oBACd,SAAS,EAAE,gBAAgB;oBAC3B,YAAY,EAAE,sCAAsC;iBACvD,CAAC;aACL;QACL,CAAC;KAAA;IAEK,aAAa,CACf,UAAkB,EAClB,QAAgB,EAChB,WAAmB,EACnB,SAAiB,EACjB,WAAmB,EACnB,WAAmB;;YAEnB,IAAI,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE;gBAC3B,OAAO;oBACH,OAAO,EAAE,KAAK;oBACd,SAAS,EAAE,qBAAqB;oBAChC,YAAY,EAAE,uCAAuC;iBACxD,CAAC;aACL;YAED,IAAI,IAAI,GAAe;gBACnB,QAAQ,EAAE,QAAQ;gBAClB,UAAU,EAAE,UAAU;gBACtB,WAAW;gBACX,SAAS;gBACT,WAAW;gBACX,WAAW;gBACX,QAAQ,EAAE,KAAK;aAClB,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;YAEhC,OAAO;gBACH,OAAO,EAAE,IAAI;aAChB,CAAC;QACN,CAAC;KAAA;IAEK,uBAAuB,CACzB,UAAkB,EAClB,QAAgB;;YAEhB,IAAI,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAErC,IAAI,CAAC,IAAI,EAAE;gBACP,OAAO;oBACH,OAAO,EAAE,KAAK;oBACd,SAAS,EAAE,gBAAgB;oBAC3B,YAAY,EAAE,sCAAsC;iBACvD,CAAC;aACL;YAED,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;YACrB,OAAO;gBACH,OAAO,EAAE,IAAI;aAChB,CAAC;QACN,CAAC;KAAA;CACJ"}

package/MemoryRecordsStore.d.ts

@@ -0,0 +1,8 @@
+import { Record, RecordsStore } from './RecordsStore';
+export declare class MemoryRecordsStore implements RecordsStore {
+    private _records;
+    getRecordByName(name: string): Promise<Record>;
+    updateRecord(record: Record): Promise<void>;
+    addRecord(record: Record): Promise<void>;
+}
+//# sourceMappingURL=MemoryRecordsStore.d.ts.map

package/MemoryRecordsStore.js

@@ -0,0 +1,37 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+export class MemoryRecordsStore {
+    constructor() {
+        this._records = [];
+    }
+    getRecordByName(name) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const record = this._records.find((r) => r.name === name);
+            return record;
+        });
+    }
+    updateRecord(record) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const existingRecordIndex = this._records.findIndex((r) => r.name === record.name);
+            if (existingRecordIndex >= 0) {
+                this._records[existingRecordIndex] = record;
+            }
+        });
+    }
+    addRecord(record) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const existingRecordIndex = this._records.findIndex((r) => r.name === record.name);
+            if (existingRecordIndex < 0) {
+                this._records.push(record);
+            }
+        });
+    }
+}
+//# sourceMappingURL=MemoryRecordsStore.js.map

package/MemoryRecordsStore.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"MemoryRecordsStore.js","sourceRoot":"","sources":["MemoryRecordsStore.ts"],"names":[],"mappings":";;;;;;;;;AAEA,MAAM,OAAO,kBAAkB;IAA/B;QACY,aAAQ,GAAa,EAAE,CAAC;IAwBpC,CAAC;IAtBS,eAAe,CAAC,IAAY;;YAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;YAC1D,OAAO,MAAM,CAAC;QAClB,CAAC;KAAA;IAEK,YAAY,CAAC,MAAc;;YAC7B,MAAM,mBAAmB,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAC/C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,IAAI,CAChC,CAAC;YACF,IAAI,mBAAmB,IAAI,CAAC,EAAE;gBAC1B,IAAI,CAAC,QAAQ,CAAC,mBAAmB,CAAC,GAAG,MAAM,CAAC;aAC/C;QACL,CAAC;KAAA;IAEK,SAAS,CAAC,MAAc;;YAC1B,MAAM,mBAAmB,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAC/C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,IAAI,CAChC,CAAC;YACF,IAAI,mBAAmB,GAAG,CAAC,EAAE;gBACzB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;aAC9B;QACL,CAAC;KAAA;CACJ"}

package/README.md

@@ -0,0 +1,3 @@
+# Records
+
+A set of helpers and managers for the CasualOS records system.

package/RecordsController.d.ts

@@ -0,0 +1,121 @@
+import { RecordsStore } from './RecordsStore';
+import { ServerError } from './Errors';
+/**
+ * Defines a class that manages records and their keys.
+ */
+export declare class RecordsController {
+    private _store;
+    constructor(store: RecordsStore);
+    /**
+     * Creates a new public record key for the given bucket name.
+     * @param name The name of the record.
+     * @param userId The ID of the user that is creating the public record.
+     * @returns
+     */
+    createPublicRecordKey(name: string, userId: string): Promise<CreatePublicRecordKeyResult>;
+    /**
+     * Validates the given record key. Returns success if the key is valid and can be used to publish things to its bucket.
+     * @param key The key that should be validated.
+     * @returns
+     */
+    validatePublicRecordKey(key: string): Promise<ValidatePublicRecordKeyResult>;
+}
+export declare type ValidatePublicRecordKeyResult = ValidatePublicRecordKeySuccess | ValidatePublicRecordKeyFailure;
+/**
+ * Defines an interface that represents the result of a "validate public record key" operation.
+ */
+export interface ValidatePublicRecordKeySuccess {
+    success: true;
+    /**
+     * The name of the record that the key is for.
+     */
+    recordName: string;
+    /**
+     * The ID of the user that owns the record.
+     */
+    ownerId: string;
+}
+/**
+ * Defines an interface that represents a failed "validate public record key" result.
+ */
+export interface ValidatePublicRecordKeyFailure {
+    /**
+     * Whether the operation was successful.
+     */
+    success: false;
+    /**
+     * The type of error that occurred.
+     */
+    errorCode: InvalidRecordKey | ServerError | 'record_not_found';
+    /**
+     * The error message.
+     */
+    errorMessage: string;
+}
+/**
+ * Defines an interface that represents the result of a "create public record key" operation.
+ */
+export declare type CreatePublicRecordKeyResult = CreatePublicRecordKeySuccess | CreatePublicRecordKeyFailure;
+/**
+ * Defines an interface that represents a successful "create public record key" result.
+ */
+export interface CreatePublicRecordKeySuccess {
+    /**
+     * Whether the operation was successful.
+     */
+    success: true;
+    /**
+     * The key that was created.
+     */
+    recordKey: string;
+    /**
+     * The name of the record the key was created for.
+     */
+    recordName: string;
+}
+/**
+ * Defines an interface that represents a failed "create public record key" result.
+ */
+export interface CreatePublicRecordKeyFailure {
+    /**
+     * Whether the operation was successful.
+     */
+    success: false;
+    /**
+     * The type of error that occurred.
+     */
+    errorCode: UnauthorizedToCreateRecordKeyError | ServerError;
+    /**
+     * The error message.
+     */
+    errorMessage: string;
+}
+/**
+ * Defines an error that occurs when a user is not authorized to create a key for the public record.
+ * This may happen when the user is not the owner of the record.
+ */
+export declare type UnauthorizedToCreateRecordKeyError = 'unauthorized_to_create_record_key';
+/**
+ * Defines an error that occurs when an unspecified error occurs while creating a public record key.
+ */
+export declare type InvalidRecordKey = 'invalid_record_key';
+/**
+ * Formats the given record name and record secret into a record key.
+ * @param recordName The name of the record.
+ * @param recordSecret The secret that is used to access the record.
+ */
+export declare function formatRecordKey(recordName: string, recordSecret: string): string;
+/**
+ * Parses the given record key into a name and password pair.
+ * Returns null if the key cannot be parsed.
+ * @param key The key to parse.
+ * @returns
+ */
+export declare function parseRecordKey(key: string): [name: string, password: string];
+/**
+ * Determines if the given value is a record key.
+ * @param key The value to check.
+ * @returns
+ */
+export declare function isRecordKey(key: unknown): key is string;
+//# sourceMappingURL=RecordsController.d.ts.map

package/RecordsController.js

@@ -0,0 +1,178 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { toBase64String, fromBase64String } from './Utils';
+import { hashPasswordWithSalt, verifyPasswordAgainstHashes, } from '@casual-simulation/crypto';
+import { randomBytes } from 'tweetnacl';
+import { fromByteArray } from 'base64-js';
+/**
+ * Defines a class that manages records and their keys.
+ */
+export class RecordsController {
+    constructor(store) {
+        this._store = store;
+    }
+    /**
+     * Creates a new public record key for the given bucket name.
+     * @param name The name of the record.
+     * @param userId The ID of the user that is creating the public record.
+     * @returns
+     */
+    createPublicRecordKey(name, userId) {
+        return __awaiter(this, void 0, void 0, function* () {
+            try {
+                const record = yield this._store.getRecordByName(name);
+                if (record) {
+                    if (record.ownerId !== userId) {
+                        return {
+                            success: false,
+                            errorCode: 'unauthorized_to_create_record_key',
+                            errorMessage: 'Another user has already created this record.',
+                        };
+                    }
+                    const passwordBytes = randomBytes(16);
+                    const password = fromByteArray(passwordBytes); // convert to human-readable string
+                    const salt = record.secretSalt;
+                    const passwordHash = hashPasswordWithSalt(password, salt);
+                    yield this._store.updateRecord(Object.assign(Object.assign({}, record), { secretHashes: [...record.secretHashes, passwordHash] }));
+                    return {
+                        success: true,
+                        recordKey: formatRecordKey(name, password),
+                        recordName: name,
+                    };
+                }
+                else {
+                    const passwordBytes = randomBytes(16);
+                    const password = fromByteArray(passwordBytes); // convert to human-readable string
+                    const salt = fromByteArray(randomBytes(16));
+                    const passwordHash = hashPasswordWithSalt(password, salt);
+                    yield this._store.addRecord({
+                        name,
+                        ownerId: userId,
+                        secretHashes: [passwordHash],
+                        secretSalt: salt,
+                    });
+                    return {
+                        success: true,
+                        recordKey: formatRecordKey(name, password),
+                        recordName: name,
+                    };
+                }
+            }
+            catch (err) {
+                console.error(err);
+                return {
+                    success: false,
+                    errorCode: 'server_error',
+                    errorMessage: err.toString(),
+                };
+            }
+        });
+    }
+    /**
+     * Validates the given record key. Returns success if the key is valid and can be used to publish things to its bucket.
+     * @param key The key that should be validated.
+     * @returns
+     */
+    validatePublicRecordKey(key) {
+        return __awaiter(this, void 0, void 0, function* () {
+            try {
+                const parseResult = parseRecordKey(key);
+                if (!parseResult) {
+                    return {
+                        success: false,
+                        errorCode: 'invalid_record_key',
+                        errorMessage: 'Invalid record key.',
+                    };
+                }
+                const [name, password] = parseResult;
+                const record = yield this._store.getRecordByName(name);
+                if (!record) {
+                    return {
+                        success: false,
+                        errorCode: 'record_not_found',
+                        errorMessage: 'Record not found.',
+                    };
+                }
+                const result = verifyPasswordAgainstHashes(password, record.secretSalt, record.secretHashes);
+                if (result) {
+                    return {
+                        success: true,
+                        recordName: name,
+                        ownerId: record.ownerId,
+                    };
+                }
+                else {
+                    return {
+                        success: false,
+                        errorCode: 'invalid_record_key',
+                        errorMessage: 'Invalid record key.',
+                    };
+                }
+            }
+            catch (err) {
+                console.error(err);
+                return {
+                    success: false,
+                    errorCode: 'server_error',
+                    errorMessage: err.toString(),
+                };
+            }
+        });
+    }
+}
+/**
+ * Formats the given record name and record secret into a record key.
+ * @param recordName The name of the record.
+ * @param recordSecret The secret that is used to access the record.
+ */
+export function formatRecordKey(recordName, recordSecret) {
+    return `vRK1.${toBase64String(recordName)}.${toBase64String(recordSecret)}`;
+}
+/**
+ * Parses the given record key into a name and password pair.
+ * Returns null if the key cannot be parsed.
+ * @param key The key to parse.
+ * @returns
+ */
+export function parseRecordKey(key) {
+    if (!key) {
+        return null;
+    }
+    if (!key.startsWith('vRK1.')) {
+        return null;
+    }
+    const withoutVersion = key.slice('vRK1.'.length);
+    let nextPeriod = withoutVersion.indexOf('.');
+    if (nextPeriod < 0) {
+        return null;
+    }
+    const nameBase64 = withoutVersion.slice(0, nextPeriod);
+    const passwordBase64 = withoutVersion.slice(nextPeriod + 1);
+    if (nameBase64.length <= 0 || passwordBase64.length <= 0) {
+        return null;
+    }
+    try {
+        const name = fromBase64String(nameBase64);
+        const password = fromBase64String(passwordBase64);
+        return [name, password];
+    }
+    catch (err) {
+        return null;
+    }
+}
+/**
+ * Determines if the given value is a record key.
+ * @param key The value to check.
+ * @returns
+ */
+export function isRecordKey(key) {
+    return typeof key === 'string' && parseRecordKey(key) !== null;
+}
+//# sourceMappingURL=RecordsController.js.map

package/RecordsController.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"RecordsController.js","sourceRoot":"","sources":["RecordsController.ts"],"names":[],"mappings":";;;;;;;;;AACA,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAC;AAC3D,OAAO,EAEH,oBAAoB,EACpB,2BAA2B,GAC9B,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AACxC,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAG1C;;GAEG;AACH,MAAM,OAAO,iBAAiB;IAG1B,YAAY,KAAmB;QAC3B,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC;IACxB,CAAC;IAED;;;;;OAKG;IACG,qBAAqB,CACvB,IAAY,EACZ,MAAc;;YAEd,IAAI;gBACA,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;gBAEvD,IAAI,MAAM,EAAE;oBACR,IAAI,MAAM,CAAC,OAAO,KAAK,MAAM,EAAE;wBAC3B,OAAO;4BACH,OAAO,EAAE,KAAK;4BACd,SAAS,EAAE,mCAAmC;4BAC9C,YAAY,EACR,+CAA+C;yBACtD,CAAC;qBACL;oBAED,MAAM,aAAa,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;oBACtC,MAAM,QAAQ,GAAG,aAAa,CAAC,aAAa,CAAC,CAAC,CAAC,mCAAmC;oBAClF,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC;oBAC/B,MAAM,YAAY,GAAG,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;oBAE1D,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,iCACvB,MAAM,KACT,YAAY,EAAE,CAAC,GAAG,MAAM,CAAC,YAAY,EAAE,YAAY,CAAC,IACtD,CAAC;oBAEH,OAAO;wBACH,OAAO,EAAE,IAAI;wBACb,SAAS,EAAE,eAAe,CAAC,IAAI,EAAE,QAAQ,CAAC;wBAC1C,UAAU,EAAE,IAAI;qBACnB,CAAC;iBACL;qBAAM;oBACH,MAAM,aAAa,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;oBACtC,MAAM,QAAQ,GAAG,aAAa,CAAC,aAAa,CAAC,CAAC,CAAC,mCAAmC;oBAClF,MAAM,IAAI,GAAG,aAAa,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;oBAC5C,MAAM,YAAY,GAAG,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;oBAE1D,MAAM,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;wBACxB,IAAI;wBACJ,OAAO,EAAE,MAAM;wBACf,YAAY,EAAE,CAAC,YAAY,CAAC;wBAC5B,UAAU,EAAE,IAAI;qBACnB,CAAC,CAAC;oBAEH,OAAO;wBACH,OAAO,EAAE,IAAI;wBACb,SAAS,EAAE,eAAe,CAAC,IAAI,EAAE,QAAQ,CAAC;wBAC1C,UAAU,EAAE,IAAI;qBACnB,CAAC;iBACL;aACJ;YAAC,OAAO,GAAG,EAAE;gBACV,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACnB,OAAO;oBACH,OAAO,EAAE,KAAK;oBACd,SAAS,EAAE,cAAc;oBACzB,YAAY,EAAE,GAAG,CAAC,QAAQ,EAAE;iBAC/B,CAAC;aACL;QACL,CAAC;KAAA;IAED;;;;OAIG;IACG,uBAAuB,CACzB,GAAW;;YAEX,IAAI;gBACA,MAAM,WAAW,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;gBAExC,IAAI,CAAC,WAAW,EAAE;oBACd,OAAO;wBACH,OAAO,EAAE,KAAK;wBACd,SAAS,EAAE,oBAAoB;wBAC/B,YAAY,EAAE,qBAAqB;qBACtC,CAAC;iBACL;gBAED,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,WAAW,CAAC;gBAErC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;gBAEvD,IAAI,CAAC,MAAM,EAAE;oBACT,OAAO;wBACH,OAAO,EAAE,KAAK;wBACd,SAAS,EAAE,kBAAkB;wBAC7B,YAAY,EAAE,mBAAmB;qBACpC,CAAC;iBACL;gBAED,MAAM,MAAM,GAAG,2BAA2B,CACtC,QAAQ,EACR,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,YAAY,CACtB,CAAC;gBAEF,IAAI,MAAM,EAAE;oBACR,OAAO;wBACH,OAAO,EAAE,IAAI;wBACb,UAAU,EAAE,IAAI;wBAChB,OAAO,EAAE,MAAM,CAAC,OAAO;qBAC1B,CAAC;iBACL;qBAAM;oBACH,OAAO;wBACH,OAAO,EAAE,KAAK;wBACd,SAAS,EAAE,oBAAoB;wBAC/B,YAAY,EAAE,qBAAqB;qBACtC,CAAC;iBACL;aACJ;YAAC,OAAO,GAAG,EAAE;gBACV,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACnB,OAAO;oBACH,OAAO,EAAE,KAAK;oBACd,SAAS,EAAE,cAAc;oBACzB,YAAY,EAAE,GAAG,CAAC,QAAQ,EAAE;iBAC/B,CAAC;aACL;QACL,CAAC;KAAA;CACJ;AAsGD;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAC3B,UAAkB,EAClB,YAAoB;IAEpB,OAAO,QAAQ,cAAc,CAAC,UAAU,CAAC,IAAI,cAAc,CAAC,YAAY,CAAC,EAAE,CAAC;AAChF,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,GAAW;IACtC,IAAI,CAAC,GAAG,EAAE;QACN,OAAO,IAAI,CAAC;KACf;IAED,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE;QAC1B,OAAO,IAAI,CAAC;KACf;IAED,MAAM,cAAc,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACjD,IAAI,UAAU,GAAG,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC7C,IAAI,UAAU,GAAG,CAAC,EAAE;QAChB,OAAO,IAAI,CAAC;KACf;IAED,MAAM,UAAU,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IACvD,MAAM,cAAc,GAAG,cAAc,CAAC,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC;IAE5D,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,IAAI,cAAc,CAAC,MAAM,IAAI,CAAC,EAAE;QACtD,OAAO,IAAI,CAAC;KACf;IAED,IAAI;QACA,MAAM,IAAI,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,QAAQ,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;QAElD,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;KAC3B;IAAC,OAAO,GAAG,EAAE;QACV,OAAO,IAAI,CAAC;KACf;AACL,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,WAAW,CAAC,GAAY;IACpC,OAAO,OAAO,GAAG,KAAK,QAAQ,IAAI,cAAc,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC;AACnE,CAAC"}

package/RecordsStore.d.ts

@@ -0,0 +1,45 @@
+/**
+ * Defines an interface for objects that can store records.
+ */
+export interface RecordsStore {
+    /**
+     * Updates the given record.
+     * @param record The record that should be updated.
+     */
+    updateRecord(record: Record): Promise<void>;
+    /**
+     * Adds the given record to the store.
+     * @param record The record to add.
+     */
+    addRecord(record: Record): Promise<void>;
+    /**
+     * Gets the record with the given name.
+     * @param name The name of the record.
+     */
+    getRecordByName(name: string): Promise<Record>;
+}
+/**
+ * Defines an interface for record objects.
+ */
+export interface Record {
+    /**
+     * The name of the record.
+     */
+    name: string;
+    /**
+     * The ID of the user that created the record.
+     */
+    ownerId: string;
+    /**
+     * The scrypt hashes of the secrets that allow access to the record.
+     */
+    secretHashes: string[];
+    /**
+     * The salt that is used to hash the secrets.
+     *
+     * Normally it is bad to share a salt between multiple secrets but in this case
+     * it is fine because there are very few secrets per salt (i.e. not 1 salt per million users but 1 salt per couple record keys) and the secrets are randomly generated.
+     */
+    secretSalt: string;
+}
+//# sourceMappingURL=RecordsStore.d.ts.map

package/RecordsStore.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=RecordsStore.js.map

package/RecordsStore.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"RecordsStore.js","sourceRoot":"","sources":["RecordsStore.ts"],"names":[],"mappings":""}

package/Utils.d.ts

@@ -0,0 +1,68 @@
+/**
+ * Converts the given string into a base64 string.
+ * @param str The string to convert.
+ */
+export declare function toBase64String(str: string): string;
+/**
+ * Converts the given string from a base64 string.
+ * @param base64
+ */
+export declare function fromBase64String(base64: string): string;
+/**
+ * Signs the given request and adds the related headers to it.
+ * @param request The request to sign.
+ * @param secretAccessKey The secret access key to use.
+ * @param accessKeyId The ID of the access key that is being used.
+ * @param date The date to use for signing.
+ * @param region The AWS region.
+ * @param service The AWS service.
+ */
+export declare function signRequest(request: CanonicalRequest, secretAccessKey: string, accessKeyId: string, date: Date, region: string, service: string): CanonicalRequest;
+/**
+ * Constructs a string that can be signed from the given request, date, AWS region, and AWS Service.
+ * @param canonicalRequest The canonical request to include.
+ * @param date The date that the signature is happening on.
+ * @param region The region that the signature is for.
+ * @param service The service that the signature is for.
+ */
+export declare function createStringToSign(canonicalRequest: string, date: Date, region: string, service: string): string;
+/**
+ * Creates a signature using the given secret access key and additional info.
+ * @param stringToSign The string that should be signed.
+ * @param secretAccessKey The secret access key.
+ * @param date The date that the signature is happening on.
+ * @param region The AWS region.
+ * @param service The AWS Service.
+ */
+export declare function createAWS4Signature(stringToSign: string, secretAccessKey: string, date: Date, region: string, service: string): string;
+/**
+ * Creates a canonical request string that can be used to create a AWS Signature for the given request.
+ *
+ * See https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html
+ * @param request The request to create the canonical request for.
+ */
+export declare function createCanonicalRequest(request: CanonicalRequest): string;
+export interface CanonicalRequest {
+    method: 'GET' | 'POST' | 'PUT' | 'DELETE';
+    uri: string;
+    headers: {
+        [name: string]: string;
+    };
+    queryString: {
+        [name: string]: string;
+    };
+    payloadSha256Hex: string;
+}
+/**
+ * URI Encodes the given string according to AWS Signature Version 4.
+ * See https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html
+ * @param input The string to URI encode.
+ * @param encodeSlash Whether to encode slashes as %2F.
+ */
+export declare function canonicalUriEncode(input: string, encodeSlash: boolean): string;
+/**
+ * Encodes the given character code as a URI hex string.
+ * @param char The character to encode.
+ */
+export declare function encodeHexUtf8(char: number): string;
+//# sourceMappingURL=Utils.d.ts.map