npm - @cubist-labs/cubesigner-sdk - Versions diffs - 0.4.254 → 0.4.259 - Mend

@cubist-labs/cubesigner-sdk 0.4.254 → 0.4.259

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

package/dist/package.json +1 -1
package/dist/src/audit_log.d.ts +5 -5
package/dist/src/client/api_client.d.ts +18 -3
package/dist/src/client/api_client.d.ts.map +1 -1
package/dist/src/client/api_client.js +27 -4
package/dist/src/key.d.ts +5 -8
package/dist/src/key.d.ts.map +1 -1
package/dist/src/key.js +6 -2
package/dist/src/org.d.ts +463 -25
package/dist/src/org.d.ts.map +1 -1
package/dist/src/org.js +66 -26
package/dist/src/schema.d.ts +531 -13
package/dist/src/schema.d.ts.map +1 -1
package/dist/src/schema.js +1 -1
package/dist/src/schema_types.d.ts +7 -0
package/dist/src/schema_types.d.ts.map +1 -1
package/dist/src/schema_types.js +23 -3
package/dist/src/scopes.d.ts.map +1 -1
package/dist/src/scopes.js +10 -1
package/package.json +1 -1
package/src/client/api_client.ts +36 -4
package/src/key.ts +8 -8
package/src/org.ts +82 -28
package/src/schema.ts +581 -9
package/src/schema_types.ts +30 -2
package/src/scopes.ts +9 -0

package/src/client/api_client.ts CHANGED Viewed

@@ -50,6 +50,7 @@ import type {
   Empty,
   UserOrgsResponse,
   CreateKeyImportKeyResponse,
+  CreatePolicyImportKeyResponse,
   ImportKeyRequest,
   UpdatePolicyRequest,
   ListPoliciesResponse,
@@ -147,6 +148,7 @@ import {
   type InvokePolicyRequest,
   type PolicySecretsInfo,
   type SetPolicySecretRequest,
+  type UpdatePolicySecretsRequest,
   type UploadWasmPolicyRequest,
   type UploadWasmPolicyResponse,
   type LoginRequest,
@@ -535,12 +537,16 @@ export class ApiClient extends BaseClient {
    * Update the org.
    *
    * @param request The JSON request to send to the API server.
+   * @param mfaReceipt Optional MFA receipt(s)
    * @returns Updated org information.
    */
-  async orgUpdate(request: UpdateOrgRequest): Promise<UpdateOrgResponse> {
+  async orgUpdate(
+    request: UpdateOrgRequest,
+    mfaReceipt?: MfaReceipts,
+  ): Promise<CubeSignerResponse<UpdateOrgResponse>> {
     const o = op("/v0/org/{org_id}", "patch");
-    return this.exec(o, { body: request });
+    const reqFn = (headers?: HeadersInit) => this.exec(o, { body: request, headers });
+    return await CubeSignerResponse.create(this.env, reqFn, mfaReceipt);
   }
   /**
@@ -1540,7 +1546,17 @@ export class ApiClient extends BaseClient {
   // #endregion
-  // #region POLICY: policy(Create|Get|List|Update|Delete|Invoke), policySecret(Set|Delete), policySecretsGet
+  // #region POLICY: policyImportKeyCreate, policy(Create|Get|List|Update|Delete|Invoke), policySecret(Set|Delete), policySecrets(Get|Update)
+  /**
+   * Request a fresh policy import key.
+   *
+   * @returns A fresh policy import key
+   */
+  async policyImportKeyCreate(): Promise<CreatePolicyImportKeyResponse> {
+    const o = op("/v0/org/{org_id}/policy/import_key", "get");
+    return await this.exec(o, {});
+  }
   /**
    * Create a new named policy.
@@ -1698,6 +1714,22 @@ export class ApiClient extends BaseClient {
     return this.exec(o, {});
   }
+  /**
+   * Update org-level policy secrets metadata (e.g., the edit policy).
+   *
+   * @param request The update request.
+   * @param mfaReceipt Optional MFA receipt(s).
+   * @returns The updated policy secrets info.
+   */
+  async policySecretsUpdate(
+    request: UpdatePolicySecretsRequest,
+    mfaReceipt?: MfaReceipts,
+  ): Promise<CubeSignerResponse<PolicySecretsInfo>> {
+    const o = op("/v0/org/{org_id}/policy/secrets", "patch");
+    const reqFn = async (headers?: HeadersInit) => this.exec(o, { body: request, headers });
+    return await CubeSignerResponse.create(this.env, reqFn, mfaReceipt);
+  }
   /**
    * Delete an org-level policy secret.
    *

package/src/key.ts CHANGED Viewed

@@ -29,8 +29,7 @@ import type {
   DiffieHellmanResponse,
   KeyInfoJwt,
   KeyAttestationQuery,
-  BinanceApiProperties,
-  CoinbaseApiProperties,
+  KeyPropertiesPatch,
 } from "./schema_types";
 import type {
   ApiClient,
@@ -118,6 +117,10 @@ export enum P256 {
 export const Mnemonic = "Mnemonic" as const;
 export type Mnemonic = typeof Mnemonic;
+/** HmacSha256 key type */
+export const HmacSha256 = "HmacSha256" as const;
+export type HmacSha256 = typeof HmacSha256;
 /** Stark key type */
 export const Stark = "Stark" as const;
 export type Stark = typeof Stark;
@@ -127,12 +130,7 @@ export const BabyJubjub = "BabyJubjub" as const;
 export type BabyJubjub = typeof BabyJubjub;
 /** Key type */
-export type KeyType = Secp256k1 | Bls | Ed25519 | Mnemonic | Stark | P256 | BabyJubjub;
-/** The type representing all different kinds of key properties. */
-export type KeyPropertiesPatch =
-  | ({ kind: "BinanceApi" } & BinanceApiProperties)
-  | ({ kind: "CoinbaseApi" } & CoinbaseApiProperties);
+export type KeyType = Secp256k1 | Bls | Ed25519 | Mnemonic | HmacSha256 | Stark | P256 | BabyJubjub;
 /**
  * A representation of a signing key.
@@ -852,6 +850,8 @@ export function fromSchemaKeyType(ty: SchemaKeyType): KeyType {
       return Ed25519.CoinbaseApi;
     case "Stark":
       return Stark;
+    case "HmacSha256":
+      return HmacSha256;
     case "Mnemonic":
       return Mnemonic;
     case "P256CosmosAddr":

package/src/org.ts CHANGED Viewed

@@ -29,6 +29,7 @@ import type {
   OrgExtData,
   AuditLogEntry,
   AuditLogRequest,
+  MfaReceipts,
 } from ".";
 import { Contact } from "./contact";
 import { C2FFunction, Key, MfaRequest, Role } from ".";
@@ -307,14 +308,26 @@ export class Org {
     return data.enabled;
   }
-  /** Enable the org. */
-  async enable() {
-    await this.update({ enabled: true });
+  /**
+   * Enable the org.
+   *
+   * @param opts Optional parameters
+   * @param opts.mfaReceipt Optional MFA receipts
+   * @returns Org info
+   */
+  async enable(opts?: { mfaReceipt?: MfaReceipts }) {
+    return await this.update({ enabled: true }, opts?.mfaReceipt);
   }
-  /** Disable the org. */
-  async disable() {
-    await this.update({ enabled: false });
+  /**
+   * Disable the org.
+   *
+   * @param opts Optional parameters
+   * @param opts.mfaReceipt Optional MFA receipts
+   * @returns Org info
+   */
+  async disable(opts?: { mfaReceipt?: MfaReceipts }) {
+    return await this.update({ enabled: false }, opts?.mfaReceipt);
   }
   /** @returns the policy for the org. */
@@ -333,10 +346,25 @@ export class Org {
    * Set the policy for the org.
    *
    * @param policy The new policy for the org.
+   * @param opts Optional parameters
+   * @param opts.mfaReceipt Optional MFA receipts
+   * @returns Org info
    */
-  async setPolicy(policy: OrgPolicy[]) {
+  async setPolicy(policy: OrgPolicy[], opts?: { mfaReceipt?: MfaReceipts }) {
     const p = policy as unknown as Record<string, never>[];
-    await this.update({ policy: p });
+    return await this.update({ policy: p }, opts?.mfaReceipt);
+  }
+  /**
+   * Set the edit policy for the org.
+   *
+   * @param editPolicy The new edit policy for the org.
+   * @param opts Optional parameters
+   * @param opts.mfaReceipt Optional MFA receipts
+   * @returns Org info
+   */
+  async setEditPolicy(editPolicy: EditPolicy, opts?: { mfaReceipt?: MfaReceipts }) {
+    return await this.update({ edit_policy: editPolicy }, opts?.mfaReceipt);
   }
   /**
@@ -346,9 +374,12 @@ export class Org {
    * It is analogous to how role policies apply to all sign requests performed by the corresponding role sessions.
    *
    * @param policy The new policy for the org.
+   * @param opts Optional parameters
+   * @param opts.mfaReceipt Optional MFA receipts
+   * @returns Org info
    */
-  async setSignPolicy(policy: RolePolicy) {
-    await this.update({ sign_policy: policy });
+  async setSignPolicy(policy: RolePolicy, opts?: { mfaReceipt?: MfaReceipts }) {
+    return await this.update({ sign_policy: policy }, opts?.mfaReceipt);
   }
   /**
@@ -365,9 +396,12 @@ export class Org {
    * Update the organization's extended properties (uncommon features not used by most users).
    *
    * @param props The new properties.
+   * @param opts Optional parameters
+   * @param opts.mfaReceipt Optional MFA receipts
+   * @returns Org info
    */
-  async setExtendedProperties(props: OrgExtProps) {
-    await this.update({ ext_props: props });
+  async setExtendedProperties(props: OrgExtProps, opts?: { mfaReceipt?: MfaReceipts }) {
+    return await this.update({ ext_props: props }, opts?.mfaReceipt);
   }
   /**
@@ -377,8 +411,14 @@ export class Org {
    * In other words, org admins can still assign unlimited number of keys to their alien users.
    *
    * @param alienKeyCountThreshold The new key count threshold.
-   */
-  async setAlienKeyCountThreshold(alienKeyCountThreshold: number) {
+   * @param opts Optional parameters
+   * @param opts.mfaReceipt Optional MFA receipts
+   * @returns Org info
+   */
+  async setAlienKeyCountThreshold(
+    alienKeyCountThreshold: number,
+    opts?: { mfaReceipt?: MfaReceipts },
+  ) {
     const data = { ...((await this.getExtendedProperties()) ?? {}) };
     // erase the metadata that cannot be updated
@@ -388,29 +428,37 @@ export class Org {
     // update 'alien_key_count_threshold' and keep everything else the same
     data.alien_key_count_threshold = alienKeyCountThreshold;
-    await this.update({ ext_props: data });
+    return await this.update({ ext_props: data }, opts?.mfaReceipt);
   }
   /**
    * Set the notification endpoints for the org.
    *
    * @param notification_endpoints Endpoints.
+   * @param opts Optional parameters
+   * @param opts.mfaReceipt Optional MFA receipts
+   * @returns Org info
    */
-  async setNotificationEndpoints(notification_endpoints: NotificationEndpointConfiguration[]) {
-    await this.update({
-      notification_endpoints,
-    });
+  async setNotificationEndpoints(
+    notification_endpoints: NotificationEndpointConfiguration[],
+    opts?: { mfaReceipt?: MfaReceipts },
+  ) {
+    return await this.update({ notification_endpoints }, opts?.mfaReceipt);
   }
   /**
    * Set required MFA types for actions implicitly requiring MFA (see {@link MfaProtectedAction}).
    *
    * @param allowed_mfa_types Assignment of MFA types to actions that implicitly require MFA.
+   * @param opts Optional parameters
+   * @param opts.mfaReceipt Optional MFA receipts
+   * @returns Org info
    */
-  async setAllowedMfaTypes(allowed_mfa_types: Partial<Record<MfaProtectedAction, MfaType[]>>) {
-    await this.update({
-      allowed_mfa_types,
-    });
+  async setAllowedMfaTypes(
+    allowed_mfa_types: Partial<Record<MfaProtectedAction, MfaType[]>>,
+    opts?: { mfaReceipt?: MfaReceipts },
+  ) {
+    return await this.update({ allowed_mfa_types }, opts?.mfaReceipt);
   }
   /**
@@ -723,11 +771,17 @@ export class Org {
    * Note that this overwrites any existing configuration.
    *
    * @param configs Confidential Cloud Functions configuration.
-   */
-  async setC2FConfiguration(configs: C2FConfiguration) {
-    await this.update({
-      policy_engine_configuration: configs,
-    });
+   * @param opts Optional parameters
+   * @param opts.mfaReceipt Optional MFA receipts
+   * @returns Org info
+   */
+  async setC2FConfiguration(configs: C2FConfiguration, opts?: { mfaReceipt?: MfaReceipts }) {
+    return await this.update(
+      {
+        policy_engine_configuration: configs,
+      },
+      opts?.mfaReceipt,
+    );
   }
   /**