@cubist-labs/cubesigner-sdk 0.2.24 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (147) hide show
  1. package/README.md +30 -28
  2. package/dist/cjs/package.json +41 -0
  3. package/dist/cjs/spec/env/beta.json +9 -0
  4. package/dist/cjs/spec/env/gamma.json +9 -0
  5. package/dist/cjs/spec/env/prod.json +9 -0
  6. package/dist/cjs/src/api.d.ts +634 -0
  7. package/dist/cjs/src/api.js +1309 -0
  8. package/dist/cjs/src/client.d.ts +575 -0
  9. package/dist/cjs/src/client.js +378 -0
  10. package/dist/cjs/src/env.d.ts +15 -0
  11. package/dist/cjs/src/env.js +35 -0
  12. package/dist/cjs/src/error.d.ts +29 -0
  13. package/dist/cjs/src/error.js +36 -0
  14. package/dist/cjs/src/events.d.ts +84 -0
  15. package/dist/cjs/src/events.js +195 -0
  16. package/dist/cjs/src/index.d.ts +203 -0
  17. package/dist/cjs/src/index.js +298 -0
  18. package/dist/cjs/src/key.d.ts +152 -0
  19. package/dist/cjs/src/key.js +242 -0
  20. package/dist/{src/fido.d.ts → cjs/src/mfa.d.ts} +33 -15
  21. package/dist/cjs/src/mfa.js +169 -0
  22. package/dist/cjs/src/org.d.ts +99 -0
  23. package/dist/cjs/src/org.js +95 -0
  24. package/dist/cjs/src/paginator.d.ts +76 -0
  25. package/dist/cjs/src/paginator.js +99 -0
  26. package/dist/cjs/src/response.d.ts +101 -0
  27. package/dist/cjs/src/response.js +164 -0
  28. package/dist/cjs/src/role.d.ts +283 -0
  29. package/dist/cjs/src/role.js +253 -0
  30. package/dist/cjs/src/schema.d.ts +6209 -0
  31. package/dist/cjs/src/schema.js +7 -0
  32. package/dist/cjs/src/schema_types.d.ts +113 -0
  33. package/dist/cjs/src/schema_types.js +3 -0
  34. package/dist/cjs/src/session/session_storage.d.ts +27 -0
  35. package/dist/cjs/src/session/session_storage.js +47 -0
  36. package/dist/cjs/src/session/signer_session_manager.d.ts +125 -0
  37. package/dist/cjs/src/session/signer_session_manager.js +239 -0
  38. package/dist/cjs/src/signer_session.d.ts +41 -0
  39. package/dist/cjs/src/signer_session.js +77 -0
  40. package/dist/cjs/src/user_export.d.ts +52 -0
  41. package/dist/cjs/src/user_export.js +129 -0
  42. package/dist/cjs/src/util.d.ts +56 -0
  43. package/dist/cjs/src/util.js +86 -0
  44. package/dist/esm/package.json +41 -0
  45. package/dist/esm/spec/env/beta.json +9 -0
  46. package/dist/esm/spec/env/gamma.json +9 -0
  47. package/dist/esm/spec/env/prod.json +9 -0
  48. package/dist/esm/src/api.d.ts +634 -0
  49. package/dist/esm/src/api.js +1299 -0
  50. package/dist/esm/src/client.d.ts +575 -0
  51. package/dist/esm/src/client.js +374 -0
  52. package/dist/esm/src/env.d.ts +15 -0
  53. package/dist/esm/src/env.js +9 -0
  54. package/dist/esm/src/error.d.ts +29 -0
  55. package/dist/esm/src/error.js +31 -0
  56. package/dist/esm/src/events.d.ts +84 -0
  57. package/dist/esm/src/events.js +189 -0
  58. package/dist/esm/src/index.d.ts +203 -0
  59. package/dist/esm/src/index.js +276 -0
  60. package/dist/esm/src/key.d.ts +152 -0
  61. package/dist/esm/src/key.js +236 -0
  62. package/dist/esm/src/mfa.d.ts +94 -0
  63. package/dist/esm/src/mfa.js +163 -0
  64. package/dist/esm/src/org.d.ts +99 -0
  65. package/dist/esm/src/org.js +91 -0
  66. package/dist/esm/src/paginator.d.ts +76 -0
  67. package/dist/esm/src/paginator.js +94 -0
  68. package/dist/esm/src/response.d.ts +101 -0
  69. package/dist/esm/src/response.js +159 -0
  70. package/dist/esm/src/role.d.ts +283 -0
  71. package/dist/esm/src/role.js +248 -0
  72. package/dist/esm/src/schema.d.ts +6209 -0
  73. package/dist/esm/src/schema.js +6 -0
  74. package/dist/esm/src/schema_types.d.ts +113 -0
  75. package/dist/esm/src/schema_types.js +2 -0
  76. package/dist/esm/src/session/session_storage.d.ts +27 -0
  77. package/dist/esm/src/session/session_storage.js +43 -0
  78. package/dist/esm/src/session/signer_session_manager.d.ts +125 -0
  79. package/dist/esm/src/session/signer_session_manager.js +235 -0
  80. package/dist/esm/src/signer_session.d.ts +41 -0
  81. package/dist/esm/src/signer_session.js +72 -0
  82. package/dist/esm/src/user_export.d.ts +52 -0
  83. package/dist/esm/src/user_export.js +99 -0
  84. package/dist/esm/src/util.d.ts +56 -0
  85. package/dist/esm/src/util.js +76 -0
  86. package/dist/package.json +13 -45
  87. package/dist/src/api.d.ts +29 -18
  88. package/dist/src/api.js +70 -17
  89. package/dist/src/client.d.ts +35 -14
  90. package/dist/src/client.js +12 -8
  91. package/dist/src/error.d.ts +29 -0
  92. package/dist/src/error.js +36 -0
  93. package/dist/src/events.d.ts +1 -1
  94. package/dist/src/events.js +1 -1
  95. package/dist/src/index.d.ts +8 -11
  96. package/dist/src/index.js +11 -25
  97. package/dist/src/key.d.ts +18 -7
  98. package/dist/src/key.js +52 -19
  99. package/dist/src/role.d.ts +46 -3
  100. package/dist/src/role.js +60 -8
  101. package/dist/src/schema.d.ts +206 -72
  102. package/dist/src/schema.js +1 -1
  103. package/dist/src/schema_types.d.ts +3 -0
  104. package/dist/src/schema_types.js +1 -1
  105. package/dist/src/session/signer_session_manager.d.ts +49 -13
  106. package/dist/src/session/signer_session_manager.js +104 -26
  107. package/dist/src/util.d.ts +14 -0
  108. package/dist/src/util.js +24 -27
  109. package/package.json +19 -46
  110. package/src/api.ts +81 -23
  111. package/src/client.ts +12 -8
  112. package/src/error.ts +42 -0
  113. package/src/events.ts +3 -1
  114. package/src/index.ts +12 -24
  115. package/src/key.ts +36 -18
  116. package/src/role.ts +78 -7
  117. package/src/schema.ts +269 -110
  118. package/src/schema_types.ts +3 -0
  119. package/src/session/session_storage.ts +0 -32
  120. package/src/session/signer_session_manager.ts +137 -28
  121. package/src/util.ts +19 -10
  122. package/tsconfig.json +1 -21
  123. package/LICENSE-APACHE +0 -177
  124. package/LICENSE-MIT +0 -25
  125. package/NOTICE +0 -13
  126. package/dist/examples/ethers.d.ts +0 -1
  127. package/dist/examples/ethers.js +0 -142
  128. package/dist/src/ethers/index.d.ts +0 -95
  129. package/dist/src/ethers/index.js +0 -208
  130. package/dist/src/fido.js +0 -148
  131. package/dist/src/session/cognito_manager.d.ts +0 -71
  132. package/dist/src/session/cognito_manager.js +0 -129
  133. package/dist/src/session/generic.d.ts +0 -47
  134. package/dist/src/session/generic.js +0 -3
  135. package/dist/src/session/management_session_manager.d.ts +0 -59
  136. package/dist/src/session/management_session_manager.js +0 -111
  137. package/dist/src/session/oidc_session_manager.d.ts +0 -78
  138. package/dist/src/session/oidc_session_manager.js +0 -142
  139. package/dist/src/session/session_manager.d.ts +0 -99
  140. package/dist/src/session/session_manager.js +0 -136
  141. package/dist/src/sign.d.ts +0 -114
  142. package/dist/src/sign.js +0 -248
  143. package/dist/test/sessions.d.ts +0 -35
  144. package/dist/test/sessions.js +0 -56
  145. package/src/ethers/index.ts +0 -249
  146. package/src/session/cognito_manager.ts +0 -161
  147. package/src/session/session_manager.ts +0 -165
package/dist/cjs/src/events.js ADDED
@@ -0,0 +1,195 @@
1
+ "use strict";
2
+ var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
3
+ if (kind === "m") throw new TypeError("Private method is not writable");
4
+ if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
5
+ if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
6
+ return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
7
+ };
8
+ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
9
+ if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
10
+ if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
11
+ return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
12
+ };
13
+ var _EventDispatcher_handlers, _Events_onError, _Events_onSessionExpired, _EventEmitter_events;
14
+ Object.defineProperty(exports, "__esModule", { value: true });
15
+ exports.GlobalEvents = exports.EventEmitter = exports.Events = exports.messageMatchesSessionExpired = void 0;
16
+ /**
17
+ * Dispatcher for a single event type.
18
+ *
19
+ * Provides methods for registering and unregistering handlers,
20
+ * as well as dispatching events to all registered handlers.
21
+ */
22
+ class EventDispatcher {
23
+ /**
24
+ * Constructor.
25
+ */
26
+ constructor() {
27
+ _EventDispatcher_handlers.set(this, void 0);
28
+ __classPrivateFieldSet(this, _EventDispatcher_handlers, [], "f");
29
+ }
30
+ /**
31
+ * Register a new handler.
32
+ *
33
+ * @param {EventHandler<T>} handler Event handler to register
34
+ * @return {EventDispatcher<T>} This instance to allow for chaining.
35
+ */
36
+ register(handler) {
37
+ __classPrivateFieldGet(this, _EventDispatcher_handlers, "f").push(handler);
38
+ return this;
39
+ }
40
+ /**
41
+ * Unregister a handler. If {@link handler} is not already registered, it's a no-op.
42
+ *
43
+ * @param {EventHandler<T>} handler Event handler to unregister
44
+ * @return {boolean} Whether the handler was found (and unregistered).
45
+ */
46
+ unregister(handler) {
47
+ const idx = __classPrivateFieldGet(this, _EventDispatcher_handlers, "f").indexOf(handler);
48
+ if (idx >= 0) {
49
+ __classPrivateFieldGet(this, _EventDispatcher_handlers, "f").splice(idx, 1);
50
+ return true;
51
+ }
52
+ else {
53
+ return false;
54
+ }
55
+ }
56
+ /**
57
+ * Dispatch an event to all registered handlers.
58
+ * @param {T} event Event to dispatch.
59
+ */
60
+ async dispatch(event) {
61
+ await Promise.all(__classPrivateFieldGet(this, _EventDispatcher_handlers, "f").map((h) => h(event)));
62
+ }
63
+ }
64
+ _EventDispatcher_handlers = new WeakMap();
65
+ const SessionExpiredRegexes = [
66
+ /^Session '(?<purpose>[^']*)' for '(?<identity>[^']*)' has expired$/,
67
+ /^Session '(?<purpose>[^']*)' for '(?<identity>[^']*)' has been revoked$/,
68
+ /^Auth token for epoch (?<epoch>\d+) has expired$/,
69
+ /^Refresh token for epoch (?<epoch_num>\d+) has expired$/,
70
+ /^Outdated session$/,
71
+ ];
72
+ /**
73
+ * Whether an error message matches one of several different "session expired" responses.
74
+ *
75
+ * @param {string} msg The string to test.
76
+ * @return {boolean} Whether the string matches.
77
+ * @internal Exported only so that it can be called from a unit test
78
+ */
79
+ function messageMatchesSessionExpired(msg) {
80
+ return SessionExpiredRegexes.some((re) => re.test(msg));
81
+ }
82
+ exports.messageMatchesSessionExpired = messageMatchesSessionExpired;
83
+ /**
84
+ * Class for registering and unregistering event handlers.
85
+ */
86
+ class Events {
87
+ constructor() {
88
+ _Events_onError.set(this, new EventDispatcher());
89
+ _Events_onSessionExpired.set(this, new EventDispatcher());
90
+ }
91
+ /**
92
+ * Register a handler for {@link ErrorEvent}: triggered every time a request to
93
+ * a CubeSigner API endpoint returns a non-success response.
94
+ *
95
+ * @param {EventHandler<ErrorEvent>} handler The handler to register.
96
+ */
97
+ onError(handler) {
98
+ __classPrivateFieldGet(this, _Events_onError, "f").register(handler);
99
+ }
100
+ /**
101
+ * Register a handler for {@link SessionExpiredEvent}: triggered every time a
102
+ * request to a CubeSigner API endpoint fails because of an expired session.
103
+ *
104
+ * @param {EventHandler<SessionExpiredEvent>} handler The handler to register.
105
+ */
106
+ onSessionExpired(handler) {
107
+ __classPrivateFieldGet(this, _Events_onSessionExpired, "f").register(handler);
108
+ }
109
+ /**
110
+ * Unregister a handler for {@link ErrorEvent}.
111
+ *
112
+ * @param {EventHandler<ErrorEvent>} handler The handler to unregister.
113
+ * @return {boolean} Whether the handler was found (and unregistered).
114
+ */
115
+ unregisterOnError(handler) {
116
+ return __classPrivateFieldGet(this, _Events_onError, "f").unregister(handler);
117
+ }
118
+ /**
119
+ * Unregister a handler for {@link SessionExpiredEvent}.
120
+ *
121
+ * @param {EventHandler<SessionExpiredEvent>} handler The handler to unregister.
122
+ * @return {boolean} Whether the handler was found (and unregistered).
123
+ */
124
+ unregisterOnSessionExpired(handler) {
125
+ return __classPrivateFieldGet(this, _Events_onSessionExpired, "f").unregister(handler);
126
+ }
127
+ /** @internal */
128
+ async triggerSessionExpired() {
129
+ await __classPrivateFieldGet(this, _Events_onSessionExpired, "f").dispatch({});
130
+ }
131
+ /**
132
+ * @param {ErrorEvent} event Event to trigger
133
+ * @internal
134
+ */
135
+ async triggerErrorEvent(event) {
136
+ await __classPrivateFieldGet(this, _Events_onError, "f").dispatch(event);
137
+ }
138
+ }
139
+ exports.Events = Events;
140
+ _Events_onError = new WeakMap(), _Events_onSessionExpired = new WeakMap();
141
+ /**
142
+ * Used to classify and emit events to one or more {@link Events} instances.
143
+ */
144
+ class EventEmitter {
145
+ /**
146
+ *
147
+ * @param {Events[]} events Instances to which to emit events
148
+ * @param {boolean} skipGlobal Whether to include the global events instance {@link GlobalEvents}
149
+ */
150
+ constructor(events, skipGlobal) {
151
+ _EventEmitter_events.set(this, void 0);
152
+ skipGlobal ??= false;
153
+ __classPrivateFieldSet(this, _EventEmitter_events, events, "f");
154
+ if (!skipGlobal) {
155
+ __classPrivateFieldGet(this, _EventEmitter_events, "f").push(exports.GlobalEvents);
156
+ }
157
+ }
158
+ /**
159
+ * Called by {@link CubeSignerApi} when an API response indicates an error.
160
+ *
161
+ * @param {ErrorEvent} err The error to dispatch.
162
+ * @internal
163
+ */
164
+ async classifyAndEmitError(err) {
165
+ for (const ev of __classPrivateFieldGet(this, _EventEmitter_events, "f")) {
166
+ await ev.triggerErrorEvent(err);
167
+ }
168
+ // if status is 403 and error matches one of the SessionExpiredRegexes trigger onSessionExpired
169
+ //
170
+ // TODO: because errors returned by the authorizer lambda are not forwarded to the client
171
+ // we also trigger onSessionExpired when "signerSessionRefresh" fails
172
+ if (err.status === 403 &&
173
+ (messageMatchesSessionExpired(err.message) || err.operation == "signerSessionRefresh")) {
174
+ await this.emitSessionExpired();
175
+ }
176
+ }
177
+ /**
178
+ * Called by {@link SignerSessionManager} to notify that the session is expired
179
+ * beyond the possibility of refreshing, meaning that full re-login is required.
180
+ *
181
+ * @internal
182
+ */
183
+ async emitSessionExpired() {
184
+ for (const e of __classPrivateFieldGet(this, _EventEmitter_events, "f")) {
185
+ await e.triggerSessionExpired();
186
+ }
187
+ }
188
+ }
189
+ exports.EventEmitter = EventEmitter;
190
+ _EventEmitter_events = new WeakMap();
191
+ /**
192
+ * Global events.
193
+ */
194
+ exports.GlobalEvents = new Events();
195
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXZlbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2V2ZW50cy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7QUFRQTs7Ozs7R0FLRztBQUNILE1BQU0sZUFBZTtJQUduQjs7T0FFRztJQUNIO1FBTFMsNENBQTZCO1FBTXBDLHVCQUFBLElBQUksNkJBQWEsRUFBRSxNQUFBLENBQUM7SUFDdEIsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0gsUUFBUSxDQUFDLE9BQXdCO1FBQy9CLHVCQUFBLElBQUksaUNBQVUsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDN0IsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSCxVQUFVLENBQUMsT0FBd0I7UUFDakMsTUFBTSxHQUFHLEdBQUcsdUJBQUEsSUFBSSxpQ0FBVSxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUM1QyxJQUFJLEdBQUcsSUFBSSxDQUFDLEVBQUUsQ0FBQztZQUNiLHVCQUFBLElBQUksaUNBQVUsQ0FBQyxNQUFNLENBQUMsR0FBRyxFQUFFLENBQUMsQ0FBQyxDQUFDO1lBQzlCLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQzthQUFNLENBQUM7WUFDTixPQUFPLEtBQUssQ0FBQztRQUNmLENBQUM7SUFDSCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0gsS0FBSyxDQUFDLFFBQVEsQ0FBQyxLQUFRO1FBQ3JCLE1BQU0sT0FBTyxDQUFDLEdBQUcsQ0FBQyx1QkFBQSxJQUFJLGlDQUFVLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ3pELENBQUM7Q0FDRjs7QUFFRCxNQUFNLHFCQUFxQixHQUFHO0lBQzVCLG9FQUFvRTtJQUNwRSx5RUFBeUU7SUFDekUsa0RBQWtEO0lBQ2xELHlEQUF5RDtJQUN6RCxvQkFBb0I7Q0FDckIsQ0FBQztBQUVGOzs7Ozs7R0FNRztBQUNILFNBQWdCLDRCQUE0QixDQUFDLEdBQVc7SUFDdEQsT0FBTyxxQkFBcUIsQ0FBQyxJQUFJLENBQUMsQ0FBQyxFQUFFLEVBQUUsRUFBRSxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztBQUMxRCxDQUFDO0FBRkQsb0VBRUM7QUFFRDs7R0FFRztBQUNILE1BQWEsTUFBTTtJQUFuQjtRQUNXLDBCQUFXLElBQUksZUFBZSxFQUFjLEVBQUM7UUFDN0MsbUNBQW9CLElBQUksZUFBZSxFQUF1QixFQUFDO0lBc0QxRSxDQUFDO0lBcERDOzs7OztPQUtHO0lBQ0gsT0FBTyxDQUFDLE9BQWlDO1FBQ3ZDLHVCQUFBLElBQUksdUJBQVMsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDbEMsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0gsZ0JBQWdCLENBQUMsT0FBMEM7UUFDekQsdUJBQUEsSUFBSSxnQ0FBa0IsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDM0MsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0gsaUJBQWlCLENBQUMsT0FBaUM7UUFDakQsT0FBTyx1QkFBQSxJQUFJLHVCQUFTLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQzNDLENBQUM7SUFFRDs7Ozs7T0FLRztJQUNILDBCQUEwQixDQUFDLE9BQTBDO1FBQ25FLE9BQU8sdUJBQUEsSUFBSSxnQ0FBa0IsQ0FBQyxVQUFVLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDcEQsQ0FBQztJQUVELGdCQUFnQjtJQUNoQixLQUFLLENBQUMscUJBQXFCO1FBQ3pCLE1BQU0sdUJBQUEsSUFBSSxnQ0FBa0IsQ0FBQyxRQUFRLENBQXNCLEVBQUUsQ0FBQyxDQUFDO0lBQ2pFLENBQUM7SUFFRDs7O09BR0c7SUFDSCxLQUFLLENBQUMsaUJBQWlCLENBQUMsS0FBaUI7UUFDdkMsTUFBTSx1QkFBQSxJQUFJLHVCQUFTLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDO0lBQ3RDLENBQUM7Q0FDRjtBQXhERCx3QkF3REM7O0FBRUQ7O0dBRUc7QUFDSCxNQUFhLFlBQVk7SUFHdkI7Ozs7T0FJRztJQUNILFlBQVksTUFBZ0IsRUFBRSxVQUFvQjtRQVB6Qyx1Q0FBa0I7UUFRekIsVUFBVSxLQUFLLEtBQUssQ0FBQztRQUNyQix1QkFBQSxJQUFJLHdCQUFXLE1BQU0sTUFBQSxDQUFDO1FBQ3RCLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztZQUNoQix1QkFBQSxJQUFJLDRCQUFRLENBQUMsSUFBSSxDQUFDLG9CQUFZLENBQUMsQ0FBQztRQUNsQyxDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0gsS0FBSyxDQUFDLG9CQUFvQixDQUFDLEdBQWU7UUFDeEMsS0FBSyxNQUFNLEVBQUUsSUFBSSx1QkFBQSxJQUFJLDRCQUFRLEVBQUUsQ0FBQztZQUM5QixNQUFNLEVBQUUsQ0FBQyxpQkFBaUIsQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUNsQyxDQUFDO1FBRUQsK0ZBQStGO1FBQy9GLEVBQUU7UUFDRix5RkFBeUY7UUFDekYsMkVBQTJFO1FBQzNFLElBQ0UsR0FBRyxDQUFDLE1BQU0sS0FBSyxHQUFHO1lBQ2xCLENBQUMsNEJBQTRCLENBQUMsR0FBRyxDQUFDLE9BQU8sQ0FBQyxJQUFJLEdBQUcsQ0FBQyxTQUFTLElBQUksc0JBQXNCLENBQUMsRUFDdEYsQ0FBQztZQUNELE1BQU0sSUFBSSxDQUFDLGtCQUFrQixFQUFFLENBQUM7UUFDbEMsQ0FBQztJQUNILENBQUM7SUFFRDs7Ozs7T0FLRztJQUNILEtBQUssQ0FBQyxrQkFBa0I7UUFDdEIsS0FBSyxNQUFNLENBQUMsSUFBSSx1QkFBQSxJQUFJLDRCQUFRLEVBQUUsQ0FBQztZQUM3QixNQUFNLENBQUMsQ0FBQyxxQkFBcUIsRUFBRSxDQUFDO1FBQ2xDLENBQUM7SUFDSCxDQUFDO0NBQ0Y7QUFsREQsb0NBa0RDOztBQUVEOztHQUVHO0FBQ1UsUUFBQSxZQUFZLEdBQUcsSUFBSSxNQUFNLEVBQUUsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEVyclJlc3BvbnNlIH0gZnJvbSBcIi4vZXJyb3JcIjtcblxuZXhwb3J0IHR5cGUgRXZlbnRIYW5kbGVyPFQ+ID0gKGV2ZW50OiBUKSA9PiBQcm9taXNlPHZvaWQ+O1xuZXhwb3J0IHR5cGUgRXJyb3JFdmVudCA9IEVyclJlc3BvbnNlO1xuXG4vKiBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgQHR5cGVzY3JpcHQtZXNsaW50L25vLWVtcHR5LWludGVyZmFjZSAqL1xuZXhwb3J0IGludGVyZmFjZSBTZXNzaW9uRXhwaXJlZEV2ZW50IHt9XG5cbi8qKlxuICogRGlzcGF0Y2hlciBmb3IgYSBzaW5nbGUgZXZlbnQgdHlwZS5cbiAqXG4gKiBQcm92aWRlcyBtZXRob2RzIGZvciByZWdpc3RlcmluZyBhbmQgdW5yZWdpc3RlcmluZyBoYW5kbGVycyxcbiAqIGFzIHdlbGwgYXMgZGlzcGF0Y2hpbmcgZXZlbnRzIHRvIGFsbCByZWdpc3RlcmVkIGhhbmRsZXJzLlxuICovXG5jbGFzcyBFdmVudERpc3BhdGNoZXI8VD4ge1xuICByZWFkb25seSAjaGFuZGxlcnM6IEV2ZW50SGFuZGxlcjxUPltdO1xuXG4gIC8qKlxuICAgKiBDb25zdHJ1Y3Rvci5cbiAgICovXG4gIGNvbnN0cnVjdG9yKCkge1xuICAgIHRoaXMuI2hhbmRsZXJzID0gW107XG4gIH1cblxuICAvKipcbiAgICogUmVnaXN0ZXIgYSBuZXcgaGFuZGxlci5cbiAgICpcbiAgICogQHBhcmFtIHtFdmVudEhhbmRsZXI8VD59IGhhbmRsZXIgRXZlbnQgaGFuZGxlciB0byByZWdpc3RlclxuICAgKiBAcmV0dXJuIHtFdmVudERpc3BhdGNoZXI8VD59IFRoaXMgaW5zdGFuY2UgdG8gYWxsb3cgZm9yIGNoYWluaW5nLlxuICAgKi9cbiAgcmVnaXN0ZXIoaGFuZGxlcjogRXZlbnRIYW5kbGVyPFQ+KTogRXZlbnREaXNwYXRjaGVyPFQ+IHtcbiAgICB0aGlzLiNoYW5kbGVycy5wdXNoKGhhbmRsZXIpO1xuICAgIHJldHVybiB0aGlzO1xuICB9XG5cbiAgLyoqXG4gICAqIFVucmVnaXN0ZXIgYSBoYW5kbGVyLiBJZiB7QGxpbmsgaGFuZGxlcn0gaXMgbm90IGFscmVhZHkgcmVnaXN0ZXJlZCwgaXQncyBhIG5vLW9wLlxuICAgKlxuICAgKiBAcGFyYW0ge0V2ZW50SGFuZGxlcjxUPn0gaGFuZGxlciBFdmVudCBoYW5kbGVyIHRvIHVucmVnaXN0ZXJcbiAgICogQHJldHVybiB7Ym9vbGVhbn0gV2hldGhlciB0aGUgaGFuZGxlciB3YXMgZm91bmQgKGFuZCB1bnJlZ2lzdGVyZWQpLlxuICAgKi9cbiAgdW5yZWdpc3RlcihoYW5kbGVyOiBFdmVudEhhbmRsZXI8VD4pOiBib29sZWFuIHtcbiAgICBjb25zdCBpZHggPSB0aGlzLiNoYW5kbGVycy5pbmRleE9mKGhhbmRsZXIpO1xuICAgIGlmIChpZHggPj0gMCkge1xuICAgICAgdGhpcy4jaGFuZGxlcnMuc3BsaWNlKGlkeCwgMSk7XG4gICAgICByZXR1cm4gdHJ1ZTtcbiAgICB9IGVsc2Uge1xuICAgICAgcmV0dXJuIGZhbHNlO1xuICAgIH1cbiAgfVxuXG4gIC8qKlxuICAgKiBEaXNwYXRjaCBhbiBldmVudCB0byBhbGwgcmVnaXN0ZXJlZCBoYW5kbGVycy5cbiAgICogQHBhcmFtIHtUfSBldmVudCBFdmVudCB0byBkaXNwYXRjaC5cbiAgICovXG4gIGFzeW5jIGRpc3BhdGNoKGV2ZW50OiBUKTogUHJvbWlzZTx2b2lkPiB7XG4gICAgYXdhaXQgUHJvbWlzZS5hbGwodGhpcy4jaGFuZGxlcnMubWFwKChoKSA9PiBoKGV2ZW50KSkpO1xuICB9XG59XG5cbmNvbnN0IFNlc3Npb25FeHBpcmVkUmVnZXhlcyA9IFtcbiAgL15TZXNzaW9uICcoPzxwdXJwb3NlPlteJ10qKScgZm9yICcoPzxpZGVudGl0eT5bXiddKiknIGhhcyBleHBpcmVkJC8sXG4gIC9eU2Vzc2lvbiAnKD88cHVycG9zZT5bXiddKiknIGZvciAnKD88aWRlbnRpdHk+W14nXSopJyBoYXMgYmVlbiByZXZva2VkJC8sXG4gIC9eQXV0aCB0b2tlbiBmb3IgZXBvY2ggKD88ZXBvY2g+XFxkKykgaGFzIGV4cGlyZWQkLyxcbiAgL15SZWZyZXNoIHRva2VuIGZvciBlcG9jaCAoPzxlcG9jaF9udW0+XFxkKykgaGFzIGV4cGlyZWQkLyxcbiAgL15PdXRkYXRlZCBzZXNzaW9uJC8sXG5dO1xuXG4vKipcbiAqIFdoZXRoZXIgYW4gZXJyb3IgbWVzc2FnZSBtYXRjaGVzIG9uZSBvZiBzZXZlcmFsIGRpZmZlcmVudCBcInNlc3Npb24gZXhwaXJlZFwiIHJlc3BvbnNlcy5cbiAqXG4gKiBAcGFyYW0ge3N0cmluZ30gbXNnIFRoZSBzdHJpbmcgdG8gdGVzdC5cbiAqIEByZXR1cm4ge2Jvb2xlYW59IFdoZXRoZXIgdGhlIHN0cmluZyBtYXRjaGVzLlxuICogQGludGVybmFsIEV4cG9ydGVkIG9ubHkgc28gdGhhdCBpdCBjYW4gYmUgY2FsbGVkIGZyb20gYSB1bml0IHRlc3RcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIG1lc3NhZ2VNYXRjaGVzU2Vzc2lvbkV4cGlyZWQobXNnOiBzdHJpbmcpOiBib29sZWFuIHtcbiAgcmV0dXJuIFNlc3Npb25FeHBpcmVkUmVnZXhlcy5zb21lKChyZSkgPT4gcmUudGVzdChtc2cpKTtcbn1cblxuLyoqXG4gKiBDbGFzcyBmb3IgcmVnaXN0ZXJpbmcgYW5kIHVucmVnaXN0ZXJpbmcgZXZlbnQgaGFuZGxlcnMuXG4gKi9cbmV4cG9ydCBjbGFzcyBFdmVudHMge1xuICByZWFkb25seSAjb25FcnJvciA9IG5ldyBFdmVudERpc3BhdGNoZXI8RXJyb3JFdmVudD4oKTtcbiAgcmVhZG9ubHkgI29uU2Vzc2lvbkV4cGlyZWQgPSBuZXcgRXZlbnREaXNwYXRjaGVyPFNlc3Npb25FeHBpcmVkRXZlbnQ+KCk7XG5cbiAgLyoqXG4gICAqIFJlZ2lzdGVyIGEgaGFuZGxlciBmb3Ige0BsaW5rIEVycm9yRXZlbnR9OiB0cmlnZ2VyZWQgZXZlcnkgdGltZSBhIHJlcXVlc3QgdG9cbiAgICogYSBDdWJlU2lnbmVyIEFQSSBlbmRwb2ludCByZXR1cm5zIGEgbm9uLXN1Y2Nlc3MgcmVzcG9uc2UuXG4gICAqXG4gICAqIEBwYXJhbSB7RXZlbnRIYW5kbGVyPEVycm9yRXZlbnQ+fSBoYW5kbGVyIFRoZSBoYW5kbGVyIHRvIHJlZ2lzdGVyLlxuICAgKi9cbiAgb25FcnJvcihoYW5kbGVyOiBFdmVudEhhbmRsZXI8RXJyb3JFdmVudD4pIHtcbiAgICB0aGlzLiNvbkVycm9yLnJlZ2lzdGVyKGhhbmRsZXIpO1xuICB9XG5cbiAgLyoqXG4gICAqIFJlZ2lzdGVyIGEgaGFuZGxlciBmb3Ige0BsaW5rIFNlc3Npb25FeHBpcmVkRXZlbnR9OiB0cmlnZ2VyZWQgZXZlcnkgdGltZSBhXG4gICAqIHJlcXVlc3QgdG8gYSBDdWJlU2lnbmVyIEFQSSBlbmRwb2ludCBmYWlscyBiZWNhdXNlIG9mIGFuIGV4cGlyZWQgc2Vzc2lvbi5cbiAgICpcbiAgICogQHBhcmFtIHtFdmVudEhhbmRsZXI8U2Vzc2lvbkV4cGlyZWRFdmVudD59IGhhbmRsZXIgVGhlIGhhbmRsZXIgdG8gcmVnaXN0ZXIuXG4gICAqL1xuICBvblNlc3Npb25FeHBpcmVkKGhhbmRsZXI6IEV2ZW50SGFuZGxlcjxTZXNzaW9uRXhwaXJlZEV2ZW50Pikge1xuICAgIHRoaXMuI29uU2Vzc2lvbkV4cGlyZWQucmVnaXN0ZXIoaGFuZGxlcik7XG4gIH1cblxuICAvKipcbiAgICogVW5yZWdpc3RlciBhIGhhbmRsZXIgZm9yIHtAbGluayBFcnJvckV2ZW50fS5cbiAgICpcbiAgICogQHBhcmFtIHtFdmVudEhhbmRsZXI8RXJyb3JFdmVudD59IGhhbmRsZXIgVGhlIGhhbmRsZXIgdG8gdW5yZWdpc3Rlci5cbiAgICogQHJldHVybiB7Ym9vbGVhbn0gV2hldGhlciB0aGUgaGFuZGxlciB3YXMgZm91bmQgKGFuZCB1bnJlZ2lzdGVyZWQpLlxuICAgKi9cbiAgdW5yZWdpc3Rlck9uRXJyb3IoaGFuZGxlcjogRXZlbnRIYW5kbGVyPEVycm9yRXZlbnQ+KTogYm9vbGVhbiB7XG4gICAgcmV0dXJuIHRoaXMuI29uRXJyb3IudW5yZWdpc3RlcihoYW5kbGVyKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBVbnJlZ2lzdGVyIGEgaGFuZGxlciBmb3Ige0BsaW5rIFNlc3Npb25FeHBpcmVkRXZlbnR9LlxuICAgKlxuICAgKiBAcGFyYW0ge0V2ZW50SGFuZGxlcjxTZXNzaW9uRXhwaXJlZEV2ZW50Pn0gaGFuZGxlciBUaGUgaGFuZGxlciB0byB1bnJlZ2lzdGVyLlxuICAgKiBAcmV0dXJuIHtib29sZWFufSBXaGV0aGVyIHRoZSBoYW5kbGVyIHdhcyBmb3VuZCAoYW5kIHVucmVnaXN0ZXJlZCkuXG4gICAqL1xuICB1bnJlZ2lzdGVyT25TZXNzaW9uRXhwaXJlZChoYW5kbGVyOiBFdmVudEhhbmRsZXI8U2Vzc2lvbkV4cGlyZWRFdmVudD4pOiBib29sZWFuIHtcbiAgICByZXR1cm4gdGhpcy4jb25TZXNzaW9uRXhwaXJlZC51bnJlZ2lzdGVyKGhhbmRsZXIpO1xuICB9XG5cbiAgLyoqIEBpbnRlcm5hbCAqL1xuICBhc3luYyB0cmlnZ2VyU2Vzc2lvbkV4cGlyZWQoKSB7XG4gICAgYXdhaXQgdGhpcy4jb25TZXNzaW9uRXhwaXJlZC5kaXNwYXRjaCg8U2Vzc2lvbkV4cGlyZWRFdmVudD57fSk7XG4gIH1cblxuICAvKipcbiAgICogQHBhcmFtIHtFcnJvckV2ZW50fSBldmVudCBFdmVudCB0byB0cmlnZ2VyXG4gICAqIEBpbnRlcm5hbFxuICAgKi9cbiAgYXN5bmMgdHJpZ2dlckVycm9yRXZlbnQoZXZlbnQ6IEVycm9yRXZlbnQpIHtcbiAgICBhd2FpdCB0aGlzLiNvbkVycm9yLmRpc3BhdGNoKGV2ZW50KTtcbiAgfVxufVxuXG4vKipcbiAqIFVzZWQgdG8gY2xhc3NpZnkgYW5kIGVtaXQgZXZlbnRzIHRvIG9uZSBvciBtb3JlIHtAbGluayBFdmVudHN9IGluc3RhbmNlcy5cbiAqL1xuZXhwb3J0IGNsYXNzIEV2ZW50RW1pdHRlciB7XG4gIHJlYWRvbmx5ICNldmVudHM6IEV2ZW50c1tdO1xuXG4gIC8qKlxuICAgKlxuICAgKiBAcGFyYW0ge0V2ZW50c1tdfSBldmVudHMgSW5zdGFuY2VzIHRvIHdoaWNoIHRvIGVtaXQgZXZlbnRzXG4gICAqIEBwYXJhbSB7Ym9vbGVhbn0gc2tpcEdsb2JhbCBXaGV0aGVyIHRvIGluY2x1ZGUgdGhlIGdsb2JhbCBldmVudHMgaW5zdGFuY2Uge0BsaW5rIEdsb2JhbEV2ZW50c31cbiAgICovXG4gIGNvbnN0cnVjdG9yKGV2ZW50czogRXZlbnRzW10sIHNraXBHbG9iYWw/OiBib29sZWFuKSB7XG4gICAgc2tpcEdsb2JhbCA/Pz0gZmFsc2U7XG4gICAgdGhpcy4jZXZlbnRzID0gZXZlbnRzO1xuICAgIGlmICghc2tpcEdsb2JhbCkge1xuICAgICAgdGhpcy4jZXZlbnRzLnB1c2goR2xvYmFsRXZlbnRzKTtcbiAgICB9XG4gIH1cblxuICAvKipcbiAgICogQ2FsbGVkIGJ5IHtAbGluayBDdWJlU2lnbmVyQXBpfSB3aGVuIGFuIEFQSSByZXNwb25zZSBpbmRpY2F0ZXMgYW4gZXJyb3IuXG4gICAqXG4gICAqIEBwYXJhbSB7RXJyb3JFdmVudH0gZXJyIFRoZSBlcnJvciB0byBkaXNwYXRjaC5cbiAgICogQGludGVybmFsXG4gICAqL1xuICBhc3luYyBjbGFzc2lmeUFuZEVtaXRFcnJvcihlcnI6IEVycm9yRXZlbnQpIHtcbiAgICBmb3IgKGNvbnN0IGV2IG9mIHRoaXMuI2V2ZW50cykge1xuICAgICAgYXdhaXQgZXYudHJpZ2dlckVycm9yRXZlbnQoZXJyKTtcbiAgICB9XG5cbiAgICAvLyBpZiBzdGF0dXMgaXMgNDAzIGFuZCBlcnJvciBtYXRjaGVzIG9uZSBvZiB0aGUgU2Vzc2lvbkV4cGlyZWRSZWdleGVzIHRyaWdnZXIgb25TZXNzaW9uRXhwaXJlZFxuICAgIC8vXG4gICAgLy8gVE9ETzogYmVjYXVzZSBlcnJvcnMgcmV0dXJuZWQgYnkgdGhlIGF1dGhvcml6ZXIgbGFtYmRhIGFyZSBub3QgZm9yd2FyZGVkIHRvIHRoZSBjbGllbnRcbiAgICAvLyAgICAgICB3ZSBhbHNvIHRyaWdnZXIgb25TZXNzaW9uRXhwaXJlZCB3aGVuIFwic2lnbmVyU2Vzc2lvblJlZnJlc2hcIiBmYWlsc1xuICAgIGlmIChcbiAgICAgIGVyci5zdGF0dXMgPT09IDQwMyAmJlxuICAgICAgKG1lc3NhZ2VNYXRjaGVzU2Vzc2lvbkV4cGlyZWQoZXJyLm1lc3NhZ2UpIHx8IGVyci5vcGVyYXRpb24gPT0gXCJzaWduZXJTZXNzaW9uUmVmcmVzaFwiKVxuICAgICkge1xuICAgICAgYXdhaXQgdGhpcy5lbWl0U2Vzc2lvbkV4cGlyZWQoKTtcbiAgICB9XG4gIH1cblxuICAvKipcbiAgICogQ2FsbGVkIGJ5IHtAbGluayBTaWduZXJTZXNzaW9uTWFuYWdlcn0gdG8gbm90aWZ5IHRoYXQgdGhlIHNlc3Npb24gaXMgZXhwaXJlZFxuICAgKiBiZXlvbmQgdGhlIHBvc3NpYmlsaXR5IG9mIHJlZnJlc2hpbmcsIG1lYW5pbmcgdGhhdCBmdWxsIHJlLWxvZ2luIGlzIHJlcXVpcmVkLlxuICAgKlxuICAgKiBAaW50ZXJuYWxcbiAgICovXG4gIGFzeW5jIGVtaXRTZXNzaW9uRXhwaXJlZCgpIHtcbiAgICBmb3IgKGNvbnN0IGUgb2YgdGhpcy4jZXZlbnRzKSB7XG4gICAgICBhd2FpdCBlLnRyaWdnZXJTZXNzaW9uRXhwaXJlZCgpO1xuICAgIH1cbiAgfVxufVxuXG4vKipcbiAqIEdsb2JhbCBldmVudHMuXG4gKi9cbmV4cG9ydCBjb25zdCBHbG9iYWxFdmVudHMgPSBuZXcgRXZlbnRzKCk7XG4iXX0=
package/dist/cjs/src/index.d.ts ADDED
@@ -0,0 +1,203 @@
1
+ import { EnvInterface } from "./env";
2
+ import { Client } from "./api";
3
+ import { CubeSignerClient } from "./client";
4
+ import { Org } from "./org";
5
+ import { SignerSessionStorage, SignerSessionManager, SignerSessionData } from "./session/signer_session_manager";
6
+ import { CubeSignerResponse } from "./response";
7
+ import { SignerSession } from "./signer_session";
8
+ import { MfaReceipt } from "./mfa";
9
+ import { IdentityProof, MfaRequestInfo, RatchetConfig, UserInfo } from "./schema_types";
10
+ /** CubeSigner constructor options */
11
+ export interface CubeSignerOptions {
12
+ /** The environment to use */
13
+ env?: EnvInterface;
14
+ /** The management authorization token */
15
+ sessionMgr?: SignerSessionManager;
16
+ /** Optional organization id */
17
+ orgId?: string;
18
+ }
19
+ /**
20
+ * CubeSigner client
21
+ *
22
+ * @deprecated Use {@link Org} or {@link CubeSignerClient} instead.
23
+ */
24
+ export declare class CubeSigner {
25
+ #private;
26
+ readonly sessionMgr?: SignerSessionManager;
27
+ /**
28
+ * Underlying {@link CubeSignerClient} instance, if set; otherwise throws.
29
+ * @internal
30
+ */
31
+ get csc(): CubeSignerClient;
32
+ /** @return {EnvInterface} The CubeSigner environment of this client */
33
+ get env(): EnvInterface;
34
+ /** Organization ID */
35
+ get orgId(): string;
36
+ /**
37
+ * Set the organization ID
38
+ * @param {string} orgId The new organization id.
39
+ */
40
+ setOrgId(orgId: string): void;
41
+ /**
42
+ * Loads an existing management session and creates a CubeSigner instance.
43
+ *
44
+ * @param {SignerSessionStorage} storage Session storage to load the session from.
45
+ * @return {Promise<CubeSigner>} New CubeSigner instance
46
+ */
47
+ static loadManagementSession(storage: SignerSessionStorage): Promise<CubeSigner>;
48
+ /**
49
+ * Loads a signer session from a session storage (e.g., session file).
50
+ * @param {SignerSessionStorage} storage Session storage to load the session from.
51
+ * @return {Promise<SignerSession>} New signer session
52
+ */
53
+ static loadSignerSession(storage: SignerSessionStorage): Promise<SignerSession>;
54
+ /**
55
+ * Create a new CubeSigner instance.
56
+ * @param {CubeSignerOptions} options The optional configuration options for the CubeSigner instance.
57
+ */
58
+ constructor(options?: CubeSignerOptions);
59
+ /**
60
+ * Authenticate an OIDC user and create a new session manager for them.
61
+ *
62
+ * @param {string} oidcToken The OIDC token
63
+ * @param {string} orgId The id of the organization that the user is in
64
+ * @param {List<string>} scopes The scopes of the resulting session
65
+ * @param {RatchetConfig} lifetimes Lifetimes of the new session.
66
+ * @param {SignerSessionStorage?} storage Optional signer session storage (defaults to in-memory storage)
67
+ * @return {Promise<SignerSessionManager>} The signer session manager
68
+ */
69
+ oidcAuth(oidcToken: string, orgId: string, scopes: Array<string>, lifetimes?: RatchetConfig, storage?: SignerSessionStorage): Promise<SignerSessionManager>;
70
+ /**
71
+ * Retrieves information about the current user.
72
+ *
73
+ * @return {Promise<UserInfo>} User information.
74
+ */
75
+ aboutMe(): Promise<UserInfo>;
76
+ /**
77
+ * Retrieves existing MFA request.
78
+ *
79
+ * @param {string} orgId Organization ID
80
+ * @param {string} mfaId MFA request ID
81
+ * @return {Promise<MfaRequestInfo>} MFA request information
82
+ */
83
+ mfaGet(orgId: string, mfaId: string): Promise<MfaRequestInfo>;
84
+ /**
85
+ * List pending MFA requests accessible to the current user.
86
+ * @param {string} orgId Organization ID
87
+ * @return {Promise<MfaRequestInfo[]>} The MFA requests.
88
+ */
89
+ mfaList(orgId: string): Promise<MfaRequestInfo[]>;
90
+ /**
91
+ * Approve a pending MFA request.
92
+ *
93
+ * @param {string} orgId The org id of the MFA request
94
+ * @param {string} mfaId The id of the MFA request
95
+ * @return {Promise<MfaRequestInfo>} The result of the MFA request
96
+ */
97
+ mfaApprove(orgId: string, mfaId: string): Promise<MfaRequestInfo>;
98
+ /** Initiate adding a new FIDO device. MFA may be required. */
99
+ get addFidoStart(): (name: string, mfaReceipt?: MfaReceipt | undefined) => Promise<CubeSignerResponse<import("./mfa").AddFidoChallenge>>;
100
+ /**
101
+ * Creates a request to change user's TOTP. This request returns a new TOTP challenge
102
+ * that must be answered by calling `resetTotpComplete`
103
+ */
104
+ get resetTotpStart(): (issuer?: string | undefined, mfaReceipt?: MfaReceipt | undefined) => Promise<CubeSignerResponse<import("./mfa").TotpChallenge>>;
105
+ /**
106
+ * Answer the TOTP challenge issued by `resetTotpStart`. If successful, user's
107
+ * TOTP configuration will be updated to that of the TOTP challenge.he TOTP configuration from the challenge.
108
+ */
109
+ get resetTotpComplete(): (totpId: string, code: string) => Promise<void>;
110
+ /**
111
+ * Verifies a given TOTP code against the current user's TOTP configuration.
112
+ * Throws an error if the verification fails.
113
+ */
114
+ get verifyTotp(): (code: string) => Promise<void>;
115
+ /**
116
+ * Retrieve information about an organization.
117
+ * @param {string} orgId The ID or name of the organization.
118
+ * @return {Org} The organization.
119
+ */
120
+ getOrg(orgId?: string): Promise<Org>;
121
+ /**
122
+ * Deletes a given key.
123
+ * @param {string} orgId - Organization id
124
+ * @param {string} keyId - Key id
125
+ */
126
+ deleteKey(orgId: string, keyId: string): Promise<void>;
127
+ /**
128
+ * Get the management client.
129
+ * @return {Client} The client.
130
+ * @internal
131
+ */
132
+ management(): Promise<Client>;
133
+ /**
134
+ * Obtain a proof of authentication.
135
+ *
136
+ * @param {string} orgId The id of the organization that the user is in
137
+ * @return {Promise<IdentityProof>} Proof of authentication
138
+ */
139
+ proveIdentity(orgId: string): Promise<IdentityProof>;
140
+ /**
141
+ * Exchange an OIDC token for a proof of authentication.
142
+ *
143
+ * @param {string} oidcToken The OIDC token
144
+ * @param {string} orgId The id of the organization that the user is in
145
+ * @return {Promise<IdentityProof>} Proof of authentication
146
+ */
147
+ oidcProveIdentity(oidcToken: string, orgId: string): Promise<IdentityProof>;
148
+ /**
149
+ * Checks if a given identity proof is valid.
150
+ *
151
+ * @param {string} orgId The id of the organization that the user is in.
152
+ * @param {IdentityProof} identityProof The proof of authentication.
153
+ */
154
+ verifyIdentity(orgId: string, identityProof: IdentityProof): Promise<void>;
155
+ /**
156
+ * Exchange an OIDC token for a CubeSigner session token.
157
+ * @param {string} oidcToken The OIDC token
158
+ * @param {string} orgId The id of the organization that the user is in
159
+ * @param {List<string>} scopes The scopes of the resulting session
160
+ * @param {RatchetConfig} lifetimes Lifetimes of the new session.
161
+ * @param {MfaReceipt} mfaReceipt Optional MFA receipt (id + confirmation code)
162
+ * @return {Promise<CubeSignerResponse<SignerSessionData>>} The session data.
163
+ */
164
+ oidcLogin(oidcToken: string, orgId: string, scopes: Array<string>, lifetimes?: RatchetConfig, mfaReceipt?: MfaReceipt): Promise<CubeSignerResponse<SignerSessionData>>;
165
+ }
166
+ /** Errors */
167
+ export * from "./error";
168
+ /** API */
169
+ export * from "./api";
170
+ /** Client */
171
+ export * from "./client";
172
+ /** Callbacks */
173
+ export { Events, EventHandler, ErrorEvent, GlobalEvents, SessionExpiredEvent } from "./events";
174
+ /** Organizations */
175
+ export * from "./org";
176
+ /** Keys */
177
+ export * from "./key";
178
+ /** Roles */
179
+ export * from "./role";
180
+ /** Env */
181
+ export * from "./env";
182
+ /** Fido */
183
+ export * from "./mfa";
184
+ /** Pagination */
185
+ export * from "./paginator";
186
+ /** Response */
187
+ export * from "./response";
188
+ /** Types */
189
+ export * from "./schema_types";
190
+ /** Sessions */
191
+ export * from "./signer_session";
192
+ /** Session storage */
193
+ export * from "./session/session_storage";
194
+ /** Signer session manager */
195
+ export * from "./session/signer_session_manager";
196
+ /** Utils */
197
+ export * from "./util";
198
+ /** User-export decryption helper */
199
+ export { userExportDecrypt, userExportKeygen } from "./user_export";
200
+ /** CubeSigner SDK package name */
201
+ export declare const NAME: string;
202
+ /** CubeSigner SDK version */
203
+ export declare const VERSION: string;