@cubist-labs/cubesigner-sdk 0.3.13 → 0.3.23

package/README.md

@@ -205,7 +205,7 @@ import { ethers } from "ethers";
 
 // Create new Signer
 const ethersSigner = new Signer(secpKey.materialId, session);
-assert((await ethersSigner.getAddress()) === secpKey.materialId);
+assert((await ethersSigner.getAddress()) === ethers.getAddress(secpKey.materialId));
 // sign transaction as usual:
 console.log(
   "ethers.js signature:",

package/dist/cjs/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@cubist-labs/cubesigner-sdk",
-    "version": "0.3.13",
+    "version": "0.3.23",
     "description": "CubeSigner TypeScript SDK",
     "license": "MIT OR Apache-2.0",
     "author": "Cubist, Inc.",
@@ -30,7 +30,7 @@
         "openapi-fetch": "0.6.1"
     },
     "optionalDependencies": {
-        "@hpke/core": "^1.2.5"
+        "@hpke/core": "^1.2.7"
     },
     "engines": {
         "node": ">=18.0.0"

package/dist/cjs/spec/env/beta.json

@@ -4,6 +4,7 @@
         "LongLivedClientId": "6he1bnm17s0dv8bb4hjim6fs6i",
         "Region": "us-east-1",
         "UserPoolId": "us-east-1_79ljlRRfX",
-        "SignerApiRoot": "https://beta.signer.cubist.dev"
+        "SignerApiRoot": "https://beta.signer.cubist.dev",
+        "OrgEventsTopicArn": "arn:aws:sns:us-east-1:819335423237:Beta-CubeSignerStack-OrgEventsTopic4416298A-beobtbku2Wa8"
     }
 }

package/dist/cjs/spec/env/gamma.json

@@ -4,6 +4,7 @@
         "LongLivedClientId": "4jiuai7mtl5164of3drmvej234",
         "Region": "us-east-1",
         "UserPoolId": "us-east-1_RU7HEslOW",
-        "SignerApiRoot": "https://gamma.signer.cubist.dev"
+        "SignerApiRoot": "https://gamma.signer.cubist.dev",
+        "OrgEventsTopicArn": "arn:aws:sns:us-east-1:453904756570:Gamma-CubeSignerStack-OrgEventsTopic4416298A-MpV66OYPFQV0"
     }
 }

package/dist/cjs/spec/env/prod.json

@@ -4,6 +4,7 @@
         "LongLivedClientId": "79qoe43lbiphd7jv0emqadtoia",
         "Region": "us-east-1",
         "UserPoolId": "us-east-1_lLLal8vGd",
-        "SignerApiRoot": "https://prod.signer.cubist.dev"
+        "SignerApiRoot": "https://prod.signer.cubist.dev",
+        "OrgEventsTopicArn": "arn:aws:sns:us-east-1:120601948649:Production-0-us-east-1-CubeSignerStack-OrgEventsTopic4416298A-Zf6LzKIIDrvV"
     }
 }

package/dist/cjs/src/api.d.ts

@@ -1,7 +1,7 @@
 import createClient, { FetchOptions, FetchResponse, FilterKeys, HttpMethod, PathsWith } from "openapi-fetch";
 import { paths, operations } from "./schema";
 import { SignerSessionData, SignerSessionLifetime, SignerSessionManager } from "./session/signer_session_manager";
-import { CreateOidcUserOptions, IdentityProof, KeyInRoleInfo, KeyInfoApi, ListKeysResponse, ListKeyRolesResponse, ListRoleKeysResponse, ListRoleUsersResponse, ListRolesResponse, OidcIdentity, SessionsResponse, PublicKeyCredential, RoleInfo, UpdateKeyRequest, UpdateOrgRequest, UpdateOrgResponse, UpdateRoleRequest, UserIdInfo, UserInRoleInfo, UserInfo, SessionInfo, OrgInfo, RatchetConfig, Eip191SignRequest, Eip712SignRequest, Eip191Or712SignResponse, EvmSignRequest, EvmSignResponse, Eth2SignRequest, Eth2SignResponse, Eth2StakeRequest, Eth2StakeResponse, Eth2UnstakeRequest, Eth2UnstakeResponse, BlobSignRequest, BlobSignResponse, BtcSignResponse, BtcSignRequest, SolanaSignRequest, SolanaSignResponse, AvaSignResponse, AvaTx, MfaRequestInfo, MfaVote, MemberRole, UserExportCompleteResponse, UserExportInitResponse, UserExportListResponse, Empty } from "./schema_types";
+import { CreateOidcUserOptions, IdentityProof, KeyInRoleInfo, KeyInfoApi, ListKeysResponse, ListKeyRolesResponse, ListRoleKeysResponse, ListRoleUsersResponse, ListRolesResponse, OidcIdentity, SessionsResponse, PublicKeyCredential, RoleInfo, UpdateKeyRequest, UpdateOrgRequest, UpdateOrgResponse, UpdateRoleRequest, UserInOrgInfo, UserInRoleInfo, UserInfo, SessionInfo, OrgInfo, RatchetConfig, Eip191SignRequest, Eip712SignRequest, Eip191Or712SignResponse, EvmSignRequest, EvmSignResponse, Eth2SignRequest, Eth2SignResponse, Eth2StakeRequest, Eth2StakeResponse, Eth2UnstakeRequest, Eth2UnstakeResponse, BlobSignRequest, BlobSignResponse, BtcSignResponse, BtcSignRequest, SolanaSignRequest, SolanaSignResponse, AvaSignResponse, AvaTx, MfaRequestInfo, MfaVote, MemberRole, UserExportCompleteResponse, UserExportInitResponse, UserExportListResponse, Empty } from "./schema_types";
 import { AddFidoChallenge, MfaFidoChallenge, MfaReceipt, TotpChallenge } from "./mfa";
 import { CubeSignerResponse } from "./response";
 import { Key, KeyType } from "./key";
@@ -9,6 +9,7 @@ import { PageOpts, Paginator } from "./paginator";
 import { KeyPolicy } from "./role";
 import { EnvInterface } from "./env";
 import { EventEmitter } from "./events";
+import { UpdateKeyProperties } from "./index";
 /** @internal */
 export type Client = ReturnType<typeof createClient<paths>>;
 export { paths, operations };
@@ -38,6 +39,22 @@ export type FetchClient<Op extends keyof operations> = ReturnType<typeof createC
  * {@link FetchResponse<T>}) when that response is successful.
  */
 export type FetchResponseSuccessData<T> = Required<FetchResponse<T>>["data"];
+/**
+ * Internal type for a function that returns a promise of a fetch response.
+ */
+type ReqFn<T> = () => Promise<FetchResponse<T>>;
+/**
+ * Retry settings.
+ *
+ * By default, {@link OpClient} retries on 5xx codes with delays of
+ * 100ms, 200ms, and 400ms between retries.
+ */
+export interface RetrySettings {
+    /** HTTP status codes on which to retry */
+    codes: number[];
+    /** Delays in milliseconds between retries */
+    delaysMs: number[];
+}
 /**
  * Wrapper around an open-fetch client restricted to a single operation.
  * The restriction applies only when type checking, the actual
@@ -50,8 +67,10 @@ export declare class OpClient<Op extends keyof operations> {
      * @param {Op} op The operation this client should be restricted to
      * @param {FetchClient<Op> | Client} client open-fetch client (either restricted to {@link Op} or not)
      * @param {EventEmitter} eventEmitter The client-local event dispatcher.
+     * @param {number[]} retrySettings Retry settings. By default, retries 3 times, sleeping 100ms
+     *  after the first failed attempt, 200ms after the second, and finally 400ms after the third,
      */
-    constructor(op: Op, client: FetchClient<Op> | Client, eventEmitter: EventEmitter);
+    constructor(op: Op, client: FetchClient<Op> | Client, eventEmitter: EventEmitter, retrySettings?: RetrySettings);
     /** The operation this client is restricted to */
     get op(): Op;
     /**
@@ -62,6 +81,29 @@ export declare class OpClient<Op extends keyof operations> {
      * @return {FetchResponseSuccessData<T>} The response data corresponding to response type {@link T}.
      */
     private assertOk;
+    /**
+     * @param {number[]} delaysMs Delays in milliseconds between retries.
+     * @return {OpClient<Op>} Returns the same client as this except with different retry delays.
+     */
+    withRetries(delaysMs: number[]): OpClient<Op>;
+    /**
+     * @param {RetrySettings} retrySettings New retry settings
+     * @return {OpClient<Op>} Returns the same client as this except with different retry settings.
+     */
+    withRetrySettings(retrySettings: RetrySettings): OpClient<Op>;
+    /**
+     * Internal.
+     *
+     * Executes a given request, potentially retrying on 5xx errors. The
+     * retry configuration can be set via the constructor.
+     * On all other errors, throws {@link ErrResponse} (as well as after exhausting all retries).
+     * On success, returns the response body.
+     *
+     * @param {ReqFn<T>} req The request to execute and then retry on 5xx errors
+     * @return {Promise<FetchResponseSuccessData<T>>}
+     * @internal
+     */
+    execute<T>(req: ReqFn<T>): Promise<FetchResponseSuccessData<T>>;
     /**
      * Invoke HTTP GET
      */
@@ -107,8 +149,10 @@ export declare class CubeSignerApi {
      * Constructor.
      * @param {SignerSessionManager} sessionMgr The session manager to use
      * @param {string?} orgId Optional organization ID; if omitted, uses the org ID from the session manager.
+     * @param {RetrySettings} retrySettings Retry settings. By default, retries 3 times, sleeping 100ms
+     *   after the first failed attempt, 200ms after the second, and finally 400ms after the third,
      */
-    constructor(sessionMgr: SignerSessionManager, orgId?: string);
+    constructor(sessionMgr: SignerSessionManager, orgId?: string, retrySettings?: RetrySettings);
     /**
      * Returns a new instance of this class using the same session manager but targeting a different organization.
      *
@@ -218,7 +262,7 @@ export declare class CubeSignerApi {
      * List users.
      * @return {User[]} Org users.
      */
-    orgUsersList(): Promise<UserIdInfo[]>;
+    orgUsersList(): Promise<UserInOrgInfo[]>;
     /**
      * Create a new OIDC user. This can be a first-party "Member" or third-party "Alien".
      * @param {OidcIdentity} identity The identity of the OIDC user
@@ -268,9 +312,10 @@ export declare class CubeSignerApi {
      * @param {KeyType} keyType The type of key to create.
      * @param {number} count The number of keys to create.
      * @param {string?} ownerId The owner of the keys. Defaults to the session's user.
+     * @param {UpdateKeyProperties?} props Additional key properties
      * @return {KeyInfoApi[]} The new keys.
      */
-    keysCreate(keyType: KeyType, count: number, ownerId?: string): Promise<KeyInfoApi[]>;
+    keysCreate(keyType: KeyType, count: number, ownerId?: string, props?: UpdateKeyProperties): Promise<KeyInfoApi[]>;
     /**
      * Derive a set of keys of a specified type using a supplied derivation path and an existing long-lived mnemonic.
      *
@@ -626,8 +671,10 @@ export declare class OidcClient {
      * @param {EnvInterface} env CubeSigner deployment
      * @param {string} orgId Target organization ID
      * @param {string} oidcToken User's OIDC token
+     * @param {RetrySettings} retrySettings Retry settings. By default, retries 3 times, sleeping 100ms
+     *  after the first failed attempt, 200ms after the second, and finally 400ms after the third.
      */
-    constructor(env: EnvInterface, orgId: string, oidcToken: string);
+    constructor(env: EnvInterface, orgId: string, oidcToken: string, retrySettings?: RetrySettings);
     /**
      * HTTP client restricted to a single operation.
      *