@internxt/sdk 1.11.11 → 1.11.13

package/dist/auth/index.d.ts

@@ -1,7 +1,8 @@
 import { ApiSecurity, ApiUrl, AppDetails } from '../shared';
 import { TeamsSettings } from '../shared/types/teams';
 import { UserSettings, UUID } from '../shared/types/userSettings';
-import { ChangePasswordWithLinkPayload, CryptoProvider, Keys, LoginDetails, PrivateKeys, RegisterDetails, RegisterPreCreatedUser, RegisterPreCreatedUserResponse, SecurityDetails, Token, TwoFactorAuthQR } from './types';
+import { ChangePasswordWithLinkPayload, CryptoProvider, Keys, LoginDetails, PrivateKeys, RegisterDetails, RegisterOpaqueDetails, RegisterPreCreatedUser, RegisterPreCreatedUserResponse, SecurityDetails, Token, TwoFactorAuthQR } from './types';
+import { paths } from '../schema';
 export * from './types';
 export declare class Auth {
     private readonly client;
@@ -10,6 +11,25 @@ export declare class Auth {
     private readonly apiUrl;
     static client(apiUrl: ApiUrl, appDetails: AppDetails, apiSecurity?: ApiSecurity): Auth;
     private constructor();
+    /**
+     * Runs the first phase (out of 2) of opaque registation of a new user
+     * @param email - The user email.
+     * @param registrationRequest - The opaque registration request.
+     * @returns The opaque sign up response.
+     */
+    registerOpaqueStart(email: string, registrationRequest: string): Promise<{
+        signUpResponse: string;
+    }>;
+    /**
+     * Runs the second phase (out of 2) of opaque registation of a new user
+     * @param registrationRecord - The opaque registration record.
+     * @param registerDetails - The user registration details.
+     * @param startLoginRequest - The opaque start login request.
+     * @returns The opaque login response.
+     */
+    registerOpaqueFinish(registrationRecord: string, registerDetails: RegisterOpaqueDetails, startLoginRequest: string): Promise<{
+        loginResponse: string;
+    }>;
     /**
      * Tries to register a new user
      * @param registerDetails
@@ -60,6 +80,25 @@ export declare class Auth {
      * @returns {Promise<void>} - Resolves successfuly when account is unblocked
      */
     unblockAccount(token: string): Promise<void>;
+    /**
+     * Runs the first phase (out of 2) of opaque log for the given user
+     * @param email - The user email.
+     * @param startLoginRequest - The opaque start login request.
+     * @param tfa - The two factor auth code.
+     * @returns The opaque login response.
+     */
+    loginOpaqueStart(email: string, startLoginRequest: string, tfa: string | undefined): Promise<{
+        loginResponse: string;
+    }>;
+    /**
+     * Runs the second phase (out of 2) of opaque log for the given user
+     * @param email
+     * @param finishLoginRequest
+     */
+    loginOpaqueFinish(email: string, finishLoginRequest: string): Promise<{
+        sessionID: string;
+        user: UserSettings;
+    }>;
     /**
      * Tries to log in a user given its login details
      * @param details
@@ -71,6 +110,12 @@ export declare class Auth {
         user: UserSettings;
         userTeam: TeamsSettings | null;
     }>;
+    /**
+     * Tries to log in a user given its cli login details
+     * @param details
+     * @param cryptoProvider
+     */
+    loginAccess(details: LoginDetails, cryptoProvider: CryptoProvider): Promise<paths['/auth/cli/login/access']['post']['responses']['200']['content']['application/json']>;
     /**
      * Tries to log in a user given its login details without sending keys
      * @param details

package/dist/auth/index.js

@@ -64,6 +64,44 @@ var Auth = /** @class */ (function () {
     Auth.client = function (apiUrl, appDetails, apiSecurity) {
         return new Auth(apiUrl, appDetails, apiSecurity);
     };
+    /**
+     * Runs the first phase (out of 2) of opaque registation of a new user
+     * @param email - The user email.
+     * @param registrationRequest - The opaque registration request.
+     * @returns The opaque sign up response.
+     */
+    Auth.prototype.registerOpaqueStart = function (email, registrationRequest) {
+        return this.client.post('/register-opaque/start', {
+            email: email,
+            registrationRequest: registrationRequest,
+        }, this.basicHeaders());
+    };
+    /**
+     * Runs the second phase (out of 2) of opaque registation of a new user
+     * @param registrationRecord - The opaque registration record.
+     * @param registerDetails - The user registration details.
+     * @param startLoginRequest - The opaque start login request.
+     * @returns The opaque login response.
+     */
+    Auth.prototype.registerOpaqueFinish = function (registrationRecord, registerDetails, startLoginRequest) {
+        return this.client.post('/register-opaque/finish', {
+            name: registerDetails.name,
+            lastname: registerDetails.lastname,
+            email: registerDetails.email,
+            registrationRecord: registrationRecord,
+            keys: {
+                ecc: {
+                    publicKey: registerDetails.keys.ecc.publicKey,
+                    privateKey: registerDetails.keys.ecc.privateKey,
+                },
+                kyber: {
+                    publicKey: registerDetails.keys.kyber.publicKey,
+                    privateKey: registerDetails.keys.kyber.privateKey,
+                },
+            },
+            startLoginRequest: startLoginRequest,
+        }, this.basicHeaders());
+    };
     /**
      * Tries to register a new user
      * @param registerDetails
@@ -189,6 +227,39 @@ var Auth = /** @class */ (function () {
     Auth.prototype.unblockAccount = function (token) {
         return this.client.put('users/unblock-account', { token: token }, this.basicHeaders());
     };
+    /**
+     * Runs the first phase (out of 2) of opaque log for the given user
+     * @param email - The user email.
+     * @param startLoginRequest - The opaque start login request.
+     * @param tfa - The two factor auth code.
+     * @returns The opaque login response.
+     */
+    Auth.prototype.loginOpaqueStart = function (email, startLoginRequest, tfa) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                return [2 /*return*/, this.client.post('/auth/login-opaque/start', {
+                        email: email,
+                        startLoginRequest: startLoginRequest,
+                        tfa: tfa,
+                    }, this.basicHeaders())];
+            });
+        });
+    };
+    /**
+     * Runs the second phase (out of 2) of opaque log for the given user
+     * @param email
+     * @param finishLoginRequest
+     */
+    Auth.prototype.loginOpaqueFinish = function (email, finishLoginRequest) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                return [2 /*return*/, this.client.post('/auth/login-opaque/finish', {
+                        email: email,
+                        finishLoginRequest: finishLoginRequest,
+                    }, this.basicHeaders())];
+            });
+        });
+    };
     /**
      * Tries to log in a user given its login details
      * @param details
@@ -239,6 +310,43 @@ var Auth = /** @class */ (function () {
             });
         });
     };
+    /**
+     * Tries to log in a user given its cli login details
+     * @param details
+     * @param cryptoProvider
+     */
+    Auth.prototype.loginAccess = function (details, cryptoProvider) {
+        return __awaiter(this, void 0, void 0, function () {
+            var securityDetails, encryptedSalt, encryptedPasswordHash, keys;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.securityDetails(details.email)];
+                    case 1:
+                        securityDetails = _a.sent();
+                        encryptedSalt = securityDetails.encryptedSalt;
+                        encryptedPasswordHash = cryptoProvider.encryptPasswordHash(details.password, encryptedSalt);
+                        return [4 /*yield*/, cryptoProvider.generateKeys(details.password)];
+                    case 2:
+                        keys = _a.sent();
+                        return [2 /*return*/, this.client.post('/auth/cli/login/access', {
+                                email: details.email,
+                                password: encryptedPasswordHash,
+                                tfa: details.tfaCode,
+                                keys: {
+                                    ecc: {
+                                        publicKey: keys.ecc.publicKey,
+                                        privateKey: keys.ecc.privateKeyEncrypted,
+                                    },
+                                    kyber: {
+                                        publicKey: keys.kyber.publicKey,
+                                        privateKey: keys.kyber.privateKeyEncrypted,
+                                    },
+                                },
+                            }, this.basicHeaders())];
+                }
+            });
+        });
+    };
     /**
      * Tries to log in a user given its login details without sending keys
      * @param details
@@ -306,6 +414,7 @@ var Auth = /** @class */ (function () {
             return {
                 encryptedSalt: data.sKey,
                 tfaEnabled: data.tfa === true,
+                useOpaqueLogin: data.useOpaqueLogin === true,
             };
         });
     };

package/dist/auth/types.d.ts

@@ -7,6 +7,26 @@ export interface LoginDetails {
     password: Password;
     tfaCode: string | undefined;
 }
+export type UserKeys = {
+    ecc: {
+        publicKey: string;
+        privateKey: string;
+    };
+    kyber: {
+        publicKey: string;
+        privateKey: string;
+    };
+};
+export interface RegisterOpaqueDetails {
+    name: string;
+    lastname: string;
+    email: Email;
+    mnemonic: string;
+    keys: UserKeys;
+    captcha: string;
+    referrer?: string;
+    referral?: string;
+}
 export interface RegisterDetails {
     name: string;
     lastname: string;
@@ -52,6 +72,7 @@ export declare class UserAccessError extends Error {
 export interface SecurityDetails {
     encryptedSalt: string;
     tfaEnabled: boolean;
+    useOpaqueLogin: boolean;
 }
 export interface TwoFactorAuthQR {
     qr: string;

package/dist/drive/users/index.d.ts

@@ -2,6 +2,7 @@ import { paths } from '../../schema';
 import { ApiSecurity, ApiUrl, AppDetails } from '../../shared';
 import { UserSettings } from '../../shared/types/userSettings';
 import { ChangePasswordPayload, ChangePasswordPayloadNew, CheckChangeEmailExpirationResponse, FriendInvite, InitializeUserResponse, PreCreateUserResponse, Token, UpdateProfilePayload, UserPublicKeyResponse, UserPublicKeyWithCreationResponse, VerifyEmailChangeResponse } from './types';
+import { UserKeys } from '../../auth/types';
 export * as UserTypes from './types';
 export declare class Users {
     private readonly client;
@@ -67,6 +68,29 @@ export declare class Users {
         token: string;
         newToken: string;
     }>;
+    /**
+     * Runs the first phase (out of 2) of the password change.
+     * @param hmac - The HMAC to authenticate request.
+     * @param sessionID - The current session ID.
+     * @param registrationRequest - The opaque registration request.
+     * @returns {Promise<string>} A promise that returns opaque registration response.
+     */
+    changePwdOpaqueStart(hmac: string, sessionID: string, registrationRequest: string): Promise<{
+        registrationResponse: string;
+    }>;
+    /**
+     * Runs the second phase (out of 2) of the password change.
+     * @param hmac - The HMAC to authenticate request.
+     * @param sessionID - The current session ID.
+     * @param registrationRecord - The opaque registration record.
+     * @param mnemonic - The user's encrypted mnemonic.
+     * @param keys - The user's encrypted keys.
+     * @param startLoginRequest - The opaque start login request.
+     * @returns {Promise<string>} A promise that returns opaque login response.
+     */
+    changePwdOpaqueFinish(hmac: string, sessionID: string, registrationRecord: string, mnemonic: string, keys: UserKeys, startLoginRequest: string): Promise<{
+        loginResponse: string;
+    }>;
     /**
      * Pre registers an email
      * @param email

package/dist/drive/users/index.js

@@ -164,6 +164,40 @@ var Users = /** @class */ (function () {
             encryptVersion: payload.encryptVersion,
         }, this.headers());
     };
+    /**
+     * Runs the first phase (out of 2) of the password change.
+     * @param hmac - The HMAC to authenticate request.
+     * @param sessionID - The current session ID.
+     * @param registrationRequest - The opaque registration request.
+     * @returns {Promise<string>} A promise that returns opaque registration response.
+     */
+    Users.prototype.changePwdOpaqueStart = function (hmac, sessionID, registrationRequest) {
+        return this.client.patch('/users/password-opaque/start', {
+            hmac: hmac,
+            sessionID: sessionID,
+            registrationRequest: registrationRequest,
+        }, this.headers());
+    };
+    /**
+     * Runs the second phase (out of 2) of the password change.
+     * @param hmac - The HMAC to authenticate request.
+     * @param sessionID - The current session ID.
+     * @param registrationRecord - The opaque registration record.
+     * @param mnemonic - The user's encrypted mnemonic.
+     * @param keys - The user's encrypted keys.
+     * @param startLoginRequest - The opaque start login request.
+     * @returns {Promise<string>} A promise that returns opaque login response.
+     */
+    Users.prototype.changePwdOpaqueFinish = function (hmac, sessionID, registrationRecord, mnemonic, keys, startLoginRequest) {
+        return this.client.patch('/users/password-opaque/finish', {
+            hmac: hmac,
+            sessionID: sessionID,
+            keys: keys,
+            mnemonic: mnemonic,
+            registrationRecord: registrationRecord,
+            startLoginRequest: startLoginRequest,
+        }, this.headers());
+    };
     /**
      * Pre registers an email
      * @param email

package/dist/schema.d.ts

@@ -2668,6 +2668,23 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
+    '/auth/cli/login/access': {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        get?: never;
+        put?: never;
+        /** CLI platform login access */
+        post: operations['AuthController_cliLoginAccess'];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
     '/links': {
         parameters: {
             query?: never;
@@ -3105,12 +3122,27 @@ export interface components {
              */
             plainNames: string[];
         };
-        ExistingFoldersDto: {
+        ExistentFoldersDto: {
             existentFolders: components['schemas']['FolderDto'][];
         };
+        FilesNameAndType: {
+            /**
+             * @description Type of file
+             * @example pdf
+             */
+            type?: string;
+            /**
+             * @description Plain name of file
+             * @example example
+             */
+            plainName: string;
+        };
         CheckFileExistenceInFolderDto: {
             /** @description Array of files with names and types */
-            files: string[];
+            files: components['schemas']['FilesNameAndType'][];
+        };
+        ExistentFilesDto: {
+            existentFiles: components['schemas']['FileDto'][];
         };
         GetFolderContentDto: {
             type: string;
@@ -4699,6 +4731,11 @@ export interface components {
              * @example 123456
              */
             maxSpaceBytes: number;
+            /**
+             * @description Tier ID to update user tier (optional)
+             * @example a1b2c3d4-e5f6-7890-abcd-ef1234567890
+             */
+            tierId?: string;
         };
     };
     responses: never;
@@ -5204,7 +5241,7 @@ export interface operations {
                     [name: string]: unknown;
                 };
                 content: {
-                    'application/json': components['schemas']['ExistingFoldersDto'];
+                    'application/json': components['schemas']['ExistentFoldersDto'];
                 };
             };
         };
@@ -5224,11 +5261,13 @@ export interface operations {
             };
         };
         responses: {
-            201: {
+            200: {
                 headers: {
                     [name: string]: unknown;
                 };
-                content?: never;
+                content: {
+                    'application/json': components['schemas']['ExistentFilesDto'];
+                };
             };
         };
     };
@@ -6433,12 +6472,12 @@ export interface operations {
     };
     WorkspacesController_getFiles: {
         parameters: {
-            query: {
+            query?: {
                 /** @description Items per page */
                 limit?: number;
                 /** @description Offset for pagination */
                 offset?: number;
-                status: string;
+                status?: 'EXISTS' | 'TRASHED' | 'DELETED' | 'ALL';
                 bucket?: string;
                 sort?: string;
                 order?: string;
@@ -6495,6 +6534,7 @@ export interface operations {
                 limit?: number;
                 /** @description Offset for pagination */
                 offset?: number;
+                status?: 'EXISTS' | 'TRASHED' | 'DELETED' | 'ALL';
             };
             header?: never;
             path: {
@@ -8869,6 +8909,37 @@ export interface operations {
             };
         };
     };
+    AuthController_cliLoginAccess: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        requestBody: {
+            content: {
+                'application/json': components['schemas']['LoginAccessDto'];
+            };
+        };
+        responses: {
+            /** @description CLI user successfully accessed their account */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    'application/json': components['schemas']['LoginAccessResponseDto'];
+                };
+            };
+            /** @description This user current tier does not allow CLI access */
+            402: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content?: never;
+            };
+        };
+    };
     SendController_createLinks: {
         parameters: {
             query?: never;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@internxt/sdk",
   "author": "Internxt <hello@internxt.com>",
-  "version": "1.11.11",
+  "version": "1.11.13",
   "description": "An sdk for interacting with Internxt's services",
   "repository": {
     "type": "git",
@@ -32,15 +32,15 @@
     "@types/jest": "30.0.0",
     "@types/sinon": "17.0.4",
     "@types/uuid": "10.0.0",
-    "eslint": "9.35.0",
+    "eslint": "9.36.0",
     "husky": "9.1.7",
-    "jest": "30.1.3",
-    "lint-staged": "16.1.6",
+    "jest": "30.2.0",
+    "lint-staged": "16.2.3",
     "openapi-typescript": "^7.9.1",
     "prettier": "3.6.2",
     "sinon": "21.0.0",
-    "ts-jest": "29.4.1",
-    "typescript": "5.9.2"
+    "ts-jest": "29.4.4",
+    "typescript": "5.9.3"
   },
   "dependencies": {
     "axios": "^1.12.2",