@drakkar.software/starfish-client 3.0.0-alpha.2 → 3.0.0-alpha.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (55) hide show
  1. package/dist/_crypto_helpers.d.ts +4 -0
  2. package/dist/bindings/zustand.js +37 -12
  3. package/dist/bindings/zustand.js.map +2 -2
  4. package/dist/cap-mint.d.ts +20 -0
  5. package/dist/cap-mint.js +12 -0
  6. package/dist/cap-mint.js.map +7 -0
  7. package/dist/client.d.ts +13 -0
  8. package/dist/directory.d.ts +9 -0
  9. package/dist/directory.js +24 -0
  10. package/dist/directory.js.map +7 -0
  11. package/dist/identity.d.ts +4 -82
  12. package/dist/identity.js +2 -354
  13. package/dist/identity.js.map +4 -4
  14. package/dist/index.js +37 -12
  15. package/dist/index.js.map +2 -2
  16. package/dist/keyring.d.ts +6 -0
  17. package/dist/keyring.js +26 -0
  18. package/dist/keyring.js.map +7 -0
  19. package/dist/pairing.d.ts +6 -0
  20. package/dist/pairing.js +26 -0
  21. package/dist/pairing.js.map +7 -0
  22. package/dist/recipients.d.ts +6 -0
  23. package/dist/recipients.js +16 -0
  24. package/dist/recipients.js.map +7 -0
  25. package/dist/types.d.ts +28 -1
  26. package/package.json +2 -2
  27. package/dist/append.d.ts +0 -50
  28. package/dist/background-sync.js +0 -29
  29. package/dist/bindings/broadcast.d.ts +0 -19
  30. package/dist/bindings/broadcast.js +0 -65
  31. package/dist/bindings/react.d.ts +0 -12
  32. package/dist/bindings/react.js +0 -25
  33. package/dist/bindings/suspense.js +0 -49
  34. package/dist/client.js +0 -112
  35. package/dist/config.js +0 -18
  36. package/dist/crypto.js +0 -49
  37. package/dist/debounced-sync.js +0 -120
  38. package/dist/dedup.js +0 -35
  39. package/dist/entitlements.js +0 -41
  40. package/dist/export.js +0 -115
  41. package/dist/group-crypto.d.ts +0 -111
  42. package/dist/group-crypto.js +0 -205
  43. package/dist/group-crypto.js.map +0 -7
  44. package/dist/history.js +0 -61
  45. package/dist/logger.js +0 -80
  46. package/dist/migrate.js +0 -38
  47. package/dist/mobile-lifecycle.js +0 -55
  48. package/dist/multi-store.js +0 -92
  49. package/dist/polling.js +0 -52
  50. package/dist/resolvers.js +0 -223
  51. package/dist/service-worker.js +0 -55
  52. package/dist/storage/indexeddb.js +0 -59
  53. package/dist/sync.js +0 -127
  54. package/dist/types.js +0 -18
  55. package/dist/validate.js +0 -28
package/dist/index.js CHANGED
@@ -5,6 +5,7 @@ import { buildRevocationList, revocationListCanonicalSigningInput } from "@drakk
5
5
 
6
6
  // src/client.ts
7
7
  import {
8
+ DEFAULT_ALG,
8
9
  signRequest,
9
10
  stableStringify
10
11
  } from "@drakkar.software/starfish-protocol";
@@ -38,6 +39,7 @@ function encodeCapAuth(cap) {
38
39
  }
39
40
  var StarfishClient = class {
40
41
  baseUrl;
42
+ namespace;
41
43
  capProvider;
42
44
  fetch;
43
45
  /**
@@ -47,6 +49,7 @@ var StarfishClient = class {
47
49
  plugins;
48
50
  constructor(options) {
49
51
  this.baseUrl = options.baseUrl.replace(/\/$/, "");
52
+ this.namespace = options.namespace || void 0;
50
53
  this.capProvider = options.capProvider;
51
54
  this.fetch = options.fetch ?? globalThis.fetch.bind(globalThis);
52
55
  this.plugins = options.plugins ? [...options.plugins] : [];
@@ -70,6 +73,20 @@ var StarfishClient = class {
70
73
  return "";
71
74
  }
72
75
  }
76
+ /**
77
+ * Rewrite a request path for the configured namespace. A no-op when no
78
+ * namespace is set; otherwise `/{action}/…` becomes `/v1/{namespace}/{action}/…`
79
+ * (the `/v1` protocol-version segment is part of the namespaced route, matching
80
+ * the Python client and the server's namespace mount).
81
+ *
82
+ * Applied to the path used for BOTH the signature and the URL so the canonical
83
+ * path the client signs equals the path the server reconstructs from the URL.
84
+ * Covers SDK-helper-built paths too — that's the point: a namespace-unaware
85
+ * helper passing `/push/spaces/x/_keyring` reaches `/v1/{ns}/push/spaces/x/_keyring`.
86
+ */
87
+ applyNamespace(path) {
88
+ return this.namespace ? `/v1/${this.namespace}${path}` : path;
89
+ }
73
90
  /**
74
91
  * Build auth headers for a request. When a `capProvider` is set, signs the
75
92
  * request with the device's Ed25519 private key and returns the v3 header
@@ -82,19 +99,23 @@ var StarfishClient = class {
82
99
  */
83
100
  async buildAuthHeaders(method, pathAndQuery, body) {
84
101
  if (this.capProvider) {
85
- const { cap, devEdPrivHex, pubHex } = await this.capProvider.getCap();
102
+ const { cap, devEdPrivHex, pubHex, presenterAlg } = await this.capProvider.getCap();
86
103
  const req = {
87
104
  method,
88
105
  pathAndQuery,
89
106
  body,
90
107
  host: this.signingHost()
91
108
  };
92
- const { sig, ts, nonce } = await signRequest(req, devEdPrivHex);
109
+ const signAlg = cap.kind === "audience" ? presenterAlg ?? DEFAULT_ALG : cap.subAlg ?? cap.issAlg;
110
+ const { alg, sig, ts, nonce } = await signRequest(req, devEdPrivHex, {
111
+ alg: signAlg
112
+ });
93
113
  const headers = {
94
114
  Authorization: `Cap ${encodeCapAuth(cap)}`,
95
115
  "X-Starfish-Sig": sig,
96
116
  "X-Starfish-Ts": String(ts),
97
- "X-Starfish-Nonce": nonce
117
+ "X-Starfish-Nonce": nonce,
118
+ "X-Starfish-Alg": alg
98
119
  };
99
120
  if (pubHex !== void 0) headers["X-Starfish-Pub"] = pubHex;
100
121
  return headers;
@@ -102,7 +123,7 @@ var StarfishClient = class {
102
123
  return {};
103
124
  }
104
125
  async pull(path, checkpointOrOptions) {
105
- let pathAndQuery = path;
126
+ let pathAndQuery = this.applyNamespace(path);
106
127
  let appendField;
107
128
  if (typeof checkpointOrOptions === "number") {
108
129
  if (checkpointOrOptions) pathAndQuery += `?checkpoint=${checkpointOrOptions}`;
@@ -161,8 +182,9 @@ var StarfishClient = class {
161
182
  data,
162
183
  baseHash
163
184
  });
164
- const authHeaders = await this.buildAuthHeaders("POST", path, body);
165
- const res = await this.fetch(`${this.baseUrl}${path}`, {
185
+ const sendPath = this.applyNamespace(path);
186
+ const authHeaders = await this.buildAuthHeaders("POST", sendPath, body);
187
+ const res = await this.fetch(`${this.baseUrl}${sendPath}`, {
166
188
  method: "POST",
167
189
  headers: {
168
190
  "Content-Type": "application/json",
@@ -200,8 +222,9 @@ var StarfishClient = class {
200
222
  const bodyObj = { data };
201
223
  if (opts.ts !== void 0) bodyObj["ts"] = opts.ts;
202
224
  const body = JSON.stringify(bodyObj);
203
- const authHeaders = await this.buildAuthHeaders("POST", path, body);
204
- const res = await this.fetch(`${this.baseUrl}${path}`, {
225
+ const sendPath = this.applyNamespace(path);
226
+ const authHeaders = await this.buildAuthHeaders("POST", sendPath, body);
227
+ const res = await this.fetch(`${this.baseUrl}${sendPath}`, {
205
228
  method: "POST",
206
229
  headers: {
207
230
  "Content-Type": "application/json",
@@ -220,8 +243,9 @@ var StarfishClient = class {
220
243
  * Returns raw bytes with the content hash from the ETag header.
221
244
  */
222
245
  async pullBlob(path) {
223
- const authHeaders = await this.buildAuthHeaders("GET", path, void 0);
224
- const res = await this.fetch(`${this.baseUrl}${path}`, {
246
+ const sendPath = this.applyNamespace(path);
247
+ const authHeaders = await this.buildAuthHeaders("GET", sendPath, void 0);
248
+ const res = await this.fetch(`${this.baseUrl}${sendPath}`, {
225
249
  method: "GET",
226
250
  headers: { Accept: "*/*", ...authHeaders }
227
251
  });
@@ -238,8 +262,9 @@ var StarfishClient = class {
238
262
  * Binary collections use last-write-wins (no conflict detection).
239
263
  */
240
264
  async pushBlob(path, data, contentType) {
241
- const authHeaders = await this.buildAuthHeaders("POST", path, void 0);
242
- const res = await this.fetch(`${this.baseUrl}${path}`, {
265
+ const sendPath = this.applyNamespace(path);
266
+ const authHeaders = await this.buildAuthHeaders("POST", sendPath, void 0);
267
+ const res = await this.fetch(`${this.baseUrl}${sendPath}`, {
243
268
  method: "POST",
244
269
  headers: {
245
270
  "Content-Type": contentType,