npm - @cubist-labs/cubesigner-sdk - Versions diffs - 0.1.77 → 0.2.2 - Mend

@cubist-labs/cubesigner-sdk 0.1.77 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (36) hide show

package/dist/src/client.d.ts +434 -7
package/dist/src/client.js +1022 -18
package/dist/src/ethers/index.d.ts +2 -4
package/dist/src/ethers/index.js +5 -8
package/dist/src/index.d.ts +41 -65
package/dist/src/index.js +58 -231
package/dist/src/key.d.ts +9 -45
package/dist/src/key.js +18 -89
package/dist/src/mfa.d.ts +85 -14
package/dist/src/mfa.js +158 -40
package/dist/src/org.d.ts +217 -127
package/dist/src/org.js +94 -232
package/dist/src/role.d.ts +76 -74
package/dist/src/role.js +79 -136
package/dist/src/schema.d.ts +345 -13
package/dist/src/schema.js +1 -1
package/dist/src/schema_types.d.ts +103 -0
package/dist/src/schema_types.js +3 -0
package/dist/src/session/session_manager.js +1 -1
package/dist/src/session/signer_session_manager.d.ts +14 -29
package/dist/src/session/signer_session_manager.js +26 -79
package/dist/src/signer_session.d.ts +212 -191
package/dist/src/signer_session.js +120 -313
package/package.json +6 -6
package/src/client.ts +1217 -7
package/src/ethers/index.ts +5 -17
package/src/index.ts +69 -262
package/src/key.ts +19 -121
package/src/{fido.ts → mfa.ts} +62 -26
package/src/org.ts +96 -292
package/src/role.ts +108 -181
package/src/schema.ts +345 -13
package/src/schema_types.ts +103 -0
package/src/session/session_manager.ts +1 -1
package/src/session/signer_session_manager.ts +35 -109
package/src/signer_session.ts +115 -442

package/src/session/signer_session_manager.ts CHANGED Viewed

@@ -1,16 +1,13 @@
-import { CubeSigner, EnvInterface } from "..";
-import { assertOk } from "../util";
-import { components, paths, Client } from "../client";
+import { EnvInterface } from "..";
+import {
+  ClientSessionInfo,
+  NewSessionResponse,
+  RefreshSignerSessionRequest,
+} from "../schema_types";
+import { Client } from "../client";
 import { HasEnv, OrgSessionManager } from "./session_manager";
 import { MemorySessionStorage, SessionStorage } from "./session_storage";
-export type ClientSessionInfo = components["schemas"]["ClientSessionInfo"];
-export type NewSessionResponse = components["schemas"]["NewSessionResponse"];
-export type CreateSignerSessionRequest =
-  paths["/v0/org/{org_id}/roles/{role_id}/tokens"]["post"]["requestBody"]["content"]["application/json"];
-export type RefreshSignerSessionRequest =
-  paths["/v1/org/{org_id}/token/refresh"]["patch"]["requestBody"]["content"]["application/json"];
+import { assertOk } from "../util";
 /** JSON representation of our "signer session" file format */
 export interface SignerSessionObject {
@@ -42,16 +39,8 @@ export interface SignerSessionLifetime {
   grace?: number;
 }
-const defaultSignerSessionLifetime: SignerSessionLifetime = {
-  session: 604800,
-  auth: 300,
-  refresh: 86400,
-  grace: 30,
-};
 /** Manager for signer sessions. */
 export class SignerSessionManager extends OrgSessionManager<SignerSessionData> {
-  readonly cs?: CubeSigner;
   #client: Client;
   /**
@@ -64,29 +53,27 @@ export class SignerSessionManager extends OrgSessionManager<SignerSessionData> {
   }
   /**
-   * Returns a client with the current session and refreshes the current
-   * session. May **UPDATE/MUTATE** self.
+   * Refreshes the current session if needed, then returns a client using the current session.
+   *
+   * May **UPDATE/MUTATE** self.
    */
   async client(): Promise<Client> {
     await this.refreshIfNeeded();
     return this.#client;
   }
+  /**
+   * @return {Client} A client using the current session (without attempting to refresh it).
+   */
+  clientNoRefresh(): Client {
+    return this.#client;
+  }
   /** Revokes the session. */
   async revoke(): Promise<void> {
-    if (!this.cs) {
-      throw new Error("No management session available");
-    }
-    const session = await this.storage.retrieve();
-    const resp = await (
-      await this.cs.management()
-    ).del("/v0/org/{org_id}/session/{session_id}", {
-      params: {
-        path: {
-          org_id: session.org_id,
-          session_id: session.session_info.session_id,
-        },
-      },
+    const client = await this.client();
+    const resp = await client.del("/v0/org/{org_id}/session/self", {
+      params: { path: { org_id: this.orgId } },
       parseAs: "json",
     });
     assertOk(resp);
@@ -106,10 +93,11 @@ export class SignerSessionManager extends OrgSessionManager<SignerSessionData> {
    * Refreshes the session and **UPDATES/MUTATES** self.
    */
   async refresh(): Promise<void> {
-    const session = await this.storage.retrieve();
-    const csi = session.session_info;
+    const currSession = await this.storage.retrieve();
+    const csi = currSession.session_info;
     const resp = await this.#client.patch("/v1/org/{org_id}/token/refresh", {
-      params: { path: { org_id: session.org_id } },
+      params: { path: { org_id: this.orgId } },
       body: <RefreshSignerSessionRequest>{
         epoch_num: csi.epoch,
         epoch_token: csi.epoch_token,
@@ -118,63 +106,14 @@ export class SignerSessionManager extends OrgSessionManager<SignerSessionData> {
       parseAs: "json",
     });
     const data = assertOk(resp);
-    await this.storage.save(<SignerSessionData>{
-      ...session,
+    const newSession = <SignerSessionData>{
+      ...currSession,
       session_info: data.session_info,
       token: data.token,
-    });
-    this.#client = this.createClient(data.token);
-  }
-  /**
-   * Create a new signer session.
-   * @param {CubeSigner} cs The CubeSigner instance
-   * @param {SignerSessionStorage} storage The session storage to use
-   * @param {string} orgId Org ID
-   * @param {string} roleId Role ID
-   * @param {string} purpose The purpose of the session
-   * @param {SignerSessionLifetime} ttl Lifetime settings
-   * @return {Promise<SignerSessionManager>} New signer session
-   */
-  static async create(
-    cs: CubeSigner,
-    storage: SignerSessionStorage,
-    orgId: string,
-    roleId: string,
-    purpose: string,
-    ttl?: SignerSessionLifetime,
-  ): Promise<SignerSessionManager> {
-    const resp = await (
-      await cs.management()
-    ).post("/v0/org/{org_id}/roles/{role_id}/tokens", {
-      params: { path: { org_id: orgId, role_id: roleId } },
-      body: {
-        purpose,
-        auth_lifetime: ttl?.auth || defaultSignerSessionLifetime.auth,
-        refresh_lifetime: ttl?.refresh || defaultSignerSessionLifetime.refresh,
-        session_lifetime: ttl?.session || defaultSignerSessionLifetime.session,
-        grace_lifetime: ttl?.grace || defaultSignerSessionLifetime.grace,
-      },
-      parseAs: "json",
-    });
-    const data = assertOk(resp);
-    const session_info = data.session_info;
-    if (!session_info) {
-      throw new Error("Signer session info missing");
-    }
-    const sessionData = {
-      org_id: orgId,
-      role_id: roleId,
-      purpose,
-      token: data.token,
-      session_info,
-      // Keep compatibility with tokens produced by CLI
-      env: {
-        ["Dev-CubeSignerStack"]: cs.env,
-      },
     };
-    await storage.save(sessionData);
-    return new SignerSessionManager(sessionData, storage, cs);
+    await this.storage.save(newSession);
+    this.#client = this.createClient(newSession.token);
   }
   /**
@@ -206,36 +145,23 @@ export class SignerSessionManager extends OrgSessionManager<SignerSessionData> {
   /**
    * Uses an existing session to create a new signer session manager.
+   *
    * @param {SignerSessionStorage} storage The session storage to use
-   * @param {CubeSigner} cs Optional CubeSigner instance.
-   *    Currently used for token revocation; will be completely removed
-   *    since token revocation should not require management session.
    * @return {Promise<SingerSession>} New signer session manager
    */
-  static async loadFromStorage(
-    storage: SignerSessionStorage,
-    cs?: CubeSigner,
-  ): Promise<SignerSessionManager> {
+  static async loadFromStorage(storage: SignerSessionStorage): Promise<SignerSessionManager> {
     const session = await storage.retrieve();
-    return new SignerSessionManager(session, storage, cs);
+    return new SignerSessionManager(session, storage);
   }
   /**
    * Constructor.
+   *
    * @param {SignerSessionData} sessionData Session data
    * @param {SignerSessionStorage} storage The session storage to use
-   * @param {CubeSigner} cs Optional CubeSigner instance.
-   *    Currently used for token revocation; will be completely removed
-   *    since token revocation should not require management session.
-   * @internal
    */
-  private constructor(
-    sessionData: SignerSessionData,
-    storage: SignerSessionStorage,
-    cs?: CubeSigner,
-  ) {
+  constructor(sessionData: SignerSessionData, storage: SignerSessionStorage) {
     super(sessionData.env["Dev-CubeSignerStack"], sessionData.org_id, storage);
-    this.cs = cs;
     this.#client = this.createClient(sessionData.token);
   }
 }