@cubist-labs/cubesigner-sdk 0.1.50 → 0.2.2

package/dist/src/signer_session.d.ts

@@ -1,31 +1,31 @@
-import { CubeSigner, Key, KeyInfo } from ".";
-import { components, paths } from "./client";
-import { NewSessionResponse, SignerSessionManager, SignerSessionStorage } from "./session/signer_session_manager";
-export type EvmSignRequest = paths["/v1/org/{org_id}/eth1/sign/{pubkey}"]["post"]["requestBody"]["content"]["application/json"];
-export type Eth2SignRequest = paths["/v1/org/{org_id}/eth2/sign/{pubkey}"]["post"]["requestBody"]["content"]["application/json"];
-export type Eth2StakeRequest = paths["/v1/org/{org_id}/eth2/stake"]["post"]["requestBody"]["content"]["application/json"];
-export type Eth2UnstakeRequest = paths["/v1/org/{org_id}/eth2/unstake/{pubkey}"]["post"]["requestBody"]["content"]["application/json"];
-export type BlobSignRequest = paths["/v1/org/{org_id}/blob/sign/{key_id}"]["post"]["requestBody"]["content"]["application/json"];
-export type BtcSignRequest = paths["/v0/org/{org_id}/btc/sign/{pubkey}"]["post"]["requestBody"]["content"]["application/json"];
-export type SolanaSignRequest = paths["/v1/org/{org_id}/solana/sign/{pubkey}"]["post"]["requestBody"]["content"]["application/json"];
-export type EvmSignResponse = components["responses"]["Eth1SignResponse"]["content"]["application/json"];
-export type Eth2SignResponse = components["responses"]["Eth2SignResponse"]["content"]["application/json"];
-export type Eth2StakeResponse = components["responses"]["StakeResponse"]["content"]["application/json"];
-export type Eth2UnstakeResponse = components["responses"]["UnstakeResponse"]["content"]["application/json"];
-export type BlobSignResponse = components["responses"]["BlobSignResponse"]["content"]["application/json"];
-export type BtcSignResponse = components["responses"]["BtcSignResponse"]["content"]["application/json"];
-export type SolanaSignResponse = components["responses"]["SolanaSignResponse"]["content"]["application/json"];
-export type MfaRequestInfo = components["responses"]["MfaRequestInfo"]["content"]["application/json"];
-export type AcceptedResponse = components["schemas"]["AcceptedResponse"];
-export type ErrorResponse = components["schemas"]["ErrorResponse"];
-export type BtcSignatureKind = components["schemas"]["BtcSignatureKind"];
-/** MFA request kind */
-export type MfaType = components["schemas"]["MfaType"];
-type SignFn<U> = (headers?: HeadersInit) => Promise<U | AcceptedResponse>;
+import { CubeSigner, MfaReceipt, KeyInfo } from ".";
+import { CubeSignerClient } from "./client";
+import { AcceptedResponse, NewSessionResponse } from "./schema_types";
+import { SignerSessionManager, SignerSessionStorage } from "./session/signer_session_manager";
+type Response<U> = U | AcceptedResponse;
+type RequestFn<U> = (headers?: HeadersInit) => Promise<Response<U>>;
+type MapFn<U, V> = (u: U) => V;
+/**
+ * Takes a {@link Response<U>} and a {@link MapFn<U, V>} function and returns
+ * a {@link Response<V>} that maps the value of the original response when its status code is 200.
+ *
+ * @param {Response<U>} resp Original response
+ * @param {Map<U, V>} mapFn Map to apply to the response value when its status code is 200.
+ * @return {Response<V>} Response whose value for status code 200 is mapped from U to V
+ */
+export declare function mapResponse<U, V>(resp: Response<U>, mapFn: MapFn<U, V>): Response<V>;
+export interface MfaRequired {
+    /** Org id */
+    org_id: string;
+    /** MFA request id */
+    id: string;
+    /** Optional MFA session */
+    session?: NewSessionResponse | null;
+}
 /**
  * A response of a CubeSigner request.
  */
-export declare class SignResponse<U> {
+export declare class CubeSignerResponse<U> {
     #private;
     /** @return {string} The MFA id associated with this request */
     mfaId(): string;
@@ -36,137 +36,253 @@ export declare class SignResponse<U> {
      * @return {ClientSessionInfo | undefined}
      */
     mfaSessionInfo(): NewSessionResponse | undefined;
-    /** @return {U} The signed data */
+    /** @return {U} The response data, if no MFA is required */
     data(): U;
     /**
      * Approves the MFA request using a given session and a TOTP code.
      *
      * @param {SignerSession} session Signer session to use
      * @param {string} code 6-digit TOTP code
-     * @return {SignResponse<U>} The result of signing with the approval
+     * @return {CubeSignerResponse<U>} The result of signing with the approval
      */
-    approveTotp(session: SignerSession, code: string): Promise<SignResponse<U>>;
+    approveTotp(session: SignerSession, code: string): Promise<CubeSignerResponse<U>>;
     /**
-     * Approves the MFA request using a given `CubeSigner` instance (i.e., its management session).
+     * Approves the MFA request using a given `CubeSignerClient` instance (i.e., its session).
      *
      * @param {CubeSigner} cs CubeSigner whose session to use
-     * @return {SignResponse<U>} The result of signing with the approval
+     * @return {CubeSignerResponse<U>} The result of signing with the approval
      */
-    approve(cs: CubeSigner): Promise<SignResponse<U>>;
+    approve(cs: CubeSigner): Promise<CubeSignerResponse<U>>;
     /**
-     * @param {MfaRequestInfo} mfaInfo The MFA request info with the approval
-     * @return {Promise<SignResponse<U>>} The result of signing after MFA approval
+     * @param {MfaReceipt} mfaReceipt The MFA receipt
+     * @return {Promise<CubeSignerResponse<U>>} The result of signing after MFA approval
      */
-    signWithMfaApproval(mfaInfo: MfaRequestInfo): Promise<SignResponse<U>>;
+    signWithMfaApproval(mfaReceipt: MfaReceipt): Promise<CubeSignerResponse<U>>;
     /**
      * Constructor.
      *
-     * @param {string} orgId The org id of the corresponding signing request
-     * @param {SignFn} signFn The signing function that this response is from.
-     *                        This argument is used to resend requests with
-     *                        different headers if needed.
-     * @param {U | AcceptedResponse} resp The response as returned by the OpenAPI
-     *                                    client.
+     * @param {RequestFn} requestFn
+     *    The signing function that this response is from.
+     *    This argument is used to resend requests with different headers if needed.
+     * @param {U | AcceptedResponse} resp The response as returned by the OpenAPI client.
      */
-    constructor(orgId: string, signFn: SignFn<U>, resp: U | AcceptedResponse);
+    constructor(requestFn: RequestFn<U>, resp: U | AcceptedResponse);
     /**
-     * MFA receipt to attach.
+     * Static constructor.
+     * @param {RequestFn} requestFn
+     *    The request function that this response is from.
+     *    This argument is used to resend requests with different headers if needed.
+     * @param {MfaReceipt} mfaReceipt Optional MFA receipt
+     * @return {Promise<CubeSignerResponse<U>>} New instance of this class.
+     */
+    static create<U>(requestFn: RequestFn<U>, mfaReceipt?: MfaReceipt): Promise<CubeSignerResponse<U>>;
+    /**
+     * Returns HTTP headers containing a given MFA receipt.
      *
-     * @param {string} mfaId MFA request id
-     * @param {string} mfaConf MFA receipt confirmation code
-     * @return {HeadersInit} Headers
+     * @param {MfaReceipt} mfaReceipt MFA receipt
+     * @return {HeadersInit} Headers including that receipt
      */
-    static getMfaHeaders(mfaId: string, mfaConf: string): HeadersInit;
+    static getMfaHeaders(mfaReceipt?: MfaReceipt): HeadersInit | undefined;
 }
 /** Signer session info. Can only be used to revoke a token, but not for authentication. */
 export declare class SignerSessionInfo {
     #private;
     readonly purpose: string;
-    /** Revoke this token */
+    /** Revoke this session */
     revoke(): Promise<void>;
     /**
      * Internal constructor.
-     * @param {CubeSigner} cs CubeSigner instance to use when calling `revoke`
-     * @param {string} orgId Organization ID
-     * @param {string} roleId Role ID
-     * @param {string} hash The hash of the token; can be used for revocation but not for auth
+     * @param {CubeSignerClient} cs CubeSigner instance to use when calling `revoke`
+     * @param {string} sessionId The ID of the session; can be used for revocation but not for auth
      * @param {string} purpose Session purpose
      * @internal
      */
-    constructor(cs: CubeSigner, orgId: string, roleId: string, hash: string, purpose: string);
+    constructor(cs: CubeSignerClient, sessionId: string, purpose: string);
 }
-/** Signer session. */
+/**
+ * Signer session.
+ *
+ * @deprecated Use {@link CubeSignerClient} instead.
+ */
 export declare class SignerSession {
     #private;
-    sessionMgr: SignerSessionManager;
+    /** Deprecated */
+    get sessionMgr(): SignerSessionManager;
+    /** Org id */
+    get orgId(): string;
     /**
      * Returns the list of keys that this token grants access to.
-     * @return {Key[]} The list of keys.
+     * @return {KeyInfo[]} The list of keys.
      */
     keys(): Promise<KeyInfo[]>;
+    /** Approve a pending MFA request using TOTP. */
+    get totpApprove(): (mfaId: string, code: string) => Promise<{
+        expires_at: number;
+        id: string;
+        receipt?: {
+            confirmation: string;
+            final_approver: string;
+            timestamp: number;
+        } | null | undefined;
+        request: {
+            body?: Record<string, unknown> | null | undefined;
+            method: string;
+            path: string;
+        };
+        status: {
+            allowed_approvers: string[];
+            allowed_mfa_types?: ("CubeSigner" | "Totp" | "Fido")[] | null | undefined;
+            approved_by: {
+                [key: string]: {
+                    [key: string]: {
+                        timestamp: number;
+                    };
+                };
+            };
+            count: number;
+            num_auth_factors: number;
+        };
+    }>;
+    /** Initiate approval of an existing MFA request using FIDO. */
+    get fidoApproveStart(): (mfaId: string) => Promise<import("./mfa").MfaFidoChallenge>;
+    /** Get a pending MFA request by its id. */
+    get getMfaInfo(): (mfaId: string) => Promise<{
+        expires_at: number;
+        id: string;
+        receipt?: {
+            confirmation: string;
+            final_approver: string;
+            timestamp: number;
+        } | null | undefined;
+        request: {
+            body?: Record<string, unknown> | null | undefined;
+            method: string;
+            path: string;
+        };
+        status: {
+            allowed_approvers: string[];
+            allowed_mfa_types?: ("CubeSigner" | "Totp" | "Fido")[] | null | undefined;
+            approved_by: {
+                [key: string]: {
+                    [key: string]: {
+                        timestamp: number;
+                    };
+                };
+            };
+            count: number;
+            num_auth_factors: number;
+        };
+    }>;
+    /** Submit an EVM sign request. */
+    get signEvm(): (key: string | import("./key").Key, req: {
+        chain_id: number;
+        tx: Record<string, never>;
+    }, mfaReceipt?: MfaReceipt | undefined) => Promise<CubeSignerResponse<{
+        rlp_signed_tx: string;
+    }>>;
+    /** Submit an 'eth2' sign request. */
+    get signEth2(): (key: string | import("./key").Key, req: {
+        eth2_sign_request: Record<string, never>;
+        network: "mainnet" | "prater" | "goerli" | "holesky";
+    }, mfaReceipt?: MfaReceipt | undefined) => Promise<CubeSignerResponse<{
+        signature: string;
+    }>>;
+    /** Sign a stake request. */
+    get stake(): (req: {
+        chain_id: number;
+        deposit_type: "Canonical" | "Wrapper";
+        staking_amount_gwei?: number | undefined;
+        unsafe_conf?: {
+            deposit_contract_addr?: string | null | undefined;
+            genesis_fork_version?: string | null | undefined;
+        } | null | undefined;
+        validator_key?: string | null | undefined;
+        withdrawal_addr: string;
+    }, mfaReceipt?: MfaReceipt | undefined) => Promise<CubeSignerResponse<{
+        created_validator_key_id: string;
+        deposit_tx: {
+            chain_id: number;
+            deposit_txn: Record<string, never>;
+            new_validator_pk: string;
+        };
+    }>>;
+    /** Sign an unstake request. */
+    get unstake(): (key: string | import("./key").Key, req: {
+        epoch?: string | null | undefined;
+        fork: {
+            current_version: string;
+            epoch: string;
+            previous_version: string;
+        };
+        genesis_data: {
+            genesis_fork_version: string;
+            genesis_time: string;
+            genesis_validators_root: string;
+        };
+        network: "mainnet" | "prater" | "goerli" | "holesky";
+        validator_index: string;
+    }, mfaReceipt?: MfaReceipt | undefined) => Promise<CubeSignerResponse<{
+        message: {
+            epoch: string;
+            validator_index: string;
+        };
+        signature: string;
+    }>>;
+    /** Sign a raw blob.*/
+    get signBlob(): (key: string | import("./key").Key, req: {
+        message_base64: string;
+    }, mfaReceipt?: MfaReceipt | undefined) => Promise<CubeSignerResponse<{
+        signature: string;
+    }>>;
+    /** Sign a bitcoin message. */
+    get signBtc(): (key: string | import("./key").Key, req: {
+        sig_kind: {
+            Segwit: {
+                input_index: number;
+                script_code: string;
+                sighash_type: "All" | "None" | "Single" | "AllPlusAnyoneCanPay" | "NonePlusAnyoneCanPay" | "SinglePlusAnyoneCanPay";
+                value: number;
+            };
+        };
+        tx: Record<string, never>;
+    }, mfaReceipt?: MfaReceipt | undefined) => Promise<CubeSignerResponse<{
+        signature: string;
+    }>>;
+    /** Sign a solana message. */
+    get signSolana(): (key: string | import("./key").Key, req: {
+        message_base64: string;
+    }, mfaReceipt?: MfaReceipt | undefined) => Promise<CubeSignerResponse<{
+        signature: string;
+    }>>;
+    /** Sign an Avalanche P- or X-chain message. */
+    get signAva(): (key: string | import("./key").Key, tx: import("./schema_types").AvaTx, mfaReceipt?: MfaReceipt | undefined) => Promise<CubeSignerResponse<{
+        signature: string;
+    }>>;
     /**
-     * Approve a pending MFA request using TOTP.
-     *
-     * @param {string} mfaId The MFA request to approve
-     * @param {string} code The TOTP code
-     * @return {Promise<MfaRequestInfo>} The current status of the MFA request
-     */
-    totpApprove(mfaId: string, code: string): Promise<MfaRequestInfo>;
-    /**
-     * Get a pending MFA request by its id.
-     * @param {CubeSigner} cs Management session to use (this argument will be removed in future versions)
-     * @param {string} mfaId The id of the MFA request.
-     * @return {Promise<MfaRequestInfo>} The MFA request.
-     */
-    getMfaInfo(cs: CubeSigner, mfaId: string): Promise<MfaRequestInfo>;
-    /**
-     * Submit an EVM sign request.
-     * @param {Key | string} key The key to sign with (either {@link Key} or its material ID).
-     * @param {EvmSignRequest} req What to sign.
-     * @return {Promise<EvmSignResponse | AcceptedResponse>} Signature
-     */
-    signEvm(key: Key | string, req: EvmSignRequest): Promise<SignResponse<EvmSignResponse>>;
-    /**
-     * Submit an 'eth2' sign request.
-     * @param {Key | string} key The key to sign with (either {@link Key} or its material ID).
-     * @param {Eth2SignRequest} req What to sign.
-     * @return {Promise<Eth2SignResponse | AcceptedResponse>} Signature
+     * Obtain a proof of authentication.
      */
-    signEth2(key: Key | string, req: Eth2SignRequest): Promise<SignResponse<Eth2SignResponse>>;
-    /**
-     * Sign a stake request.
-     * @param {Eth2StakeRequest} req The request to sign.
-     * @return {Promise<Eth2StakeResponse | AcceptedResponse>} The response.
-     */
-    stake(req: Eth2StakeRequest): Promise<SignResponse<Eth2StakeResponse>>;
-    /**
-     * Sign an unstake request.
-     * @param {Key | string} key The key to sign with (either {@link Key} or its material ID).
-     * @param {Eth2UnstakeRequest} req The request to sign.
-     * @return {Promise<Eth2UnstakeResponse | AcceptedResponse>} The response.
-     */
-    unstake(key: Key | string, req: Eth2UnstakeRequest): Promise<SignResponse<Eth2UnstakeResponse>>;
-    /**
-     * Sign a raw blob.
-     * @param {Key | string} key The key to sign with (either {@link Key} or its ID).
-     * @param {BlobSignRequest} req What to sign
-     * @return {Promise<BlobSignResponse | AcceptedResponse>} The response.
-     */
-    signBlob(key: Key | string, req: BlobSignRequest): Promise<SignResponse<BlobSignResponse>>;
-    /**
-     * Sign a bitcoin message.
-     * @param {Key | string} key The key to sign with (either {@link Key} or its material ID).
-     * @param {BtcSignRequest} req What to sign
-     * @return {Promise<BtcSignResponse | AcceptedResponse>} The response.
-     */
-    signBtc(key: Key | string, req: BtcSignRequest): Promise<SignResponse<BtcSignResponse>>;
-    /**
-     * Sign a solana message.
-     * @param {Key | string} key The key to sign with (either {@link Key} or its material ID).
-     * @param {SolanaSignRequest} req What to sign
-     * @return {Promise<SolanaSignResponse | AcceptedResponse>} The response.
-     */
-    signSolana(key: Key | string, req: SolanaSignRequest): Promise<SignResponse<SolanaSignResponse>>;
+    get proveIdentity(): () => Promise<{
+        aud?: string | null | undefined;
+        email: string;
+        exp_epoch: number;
+        identity?: {
+            iss: string;
+            sub: string;
+        } | null | undefined;
+        user_info?: {
+            configured_mfa: ({
+                type: "totp";
+            } | {
+                id: string;
+                name: string;
+                type: "fido";
+            })[];
+            initialized: boolean;
+            user_id: string;
+        } | null | undefined;
+    } & {
+        id: string;
+    }>;
     /**
      * Loads an existing signer session from storage.
      * @param {SignerSessionStorage} storage The session storage to use
@@ -179,14 +295,5 @@ export declare class SignerSession {
      * @internal
      */
     constructor(sessionMgr: SignerSessionManager);
-    /**
-     * Static method for revoking a token (used both from {SignerSession} and {SignerSessionInfo}).
-     * @param {CubeSigner} cs CubeSigner instance
-     * @param {string} orgId Organization ID
-     * @param {string} roleId Role ID
-     * @param {string} sessionId Signer session ID
-     * @internal
-     */
-    static revoke(cs: CubeSigner, orgId: string, roleId: string, sessionId: string): Promise<void>;
 }
 export {};