@lightsparkdev/core 0.2.5 → 0.3.1

package/CHANGELOG.md

@@ -1,5 +1,17 @@
 # @lightsparkdev/core
 
+## 0.3.1
+
+### Patch Changes
+
+- b21bf7b: Release
+
+## 0.3.0
+
+### Minor Changes
+
+- d14f64e: Release
+
 ## 0.2.5
 
 ### Patch Changes

package/dist/index.cjs

@@ -31,6 +31,7 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 var src_exports = {};
 __export(src_exports, {
   DefaultCrypto: () => DefaultCrypto,
+  KeyOrAlias: () => KeyOrAlias,
   LightsparkAuthException: () => LightsparkAuthException_default,
   LightsparkException: () => LightsparkException_default,
   LightsparkSigningException: () => LightsparkSigningException_default,
@@ -279,22 +280,27 @@ var getNonce = async () => {
   const nonceSt = await getRandomValues32(new Uint32Array(1));
   return Number(nonceSt);
 };
-var sign = async (key, data) => {
+var sign = async (keyOrAlias, data) => {
+  if (typeof keyOrAlias === "string") {
+    throw new LightsparkSigningException_default(
+      "Key alias not supported for default crypto."
+    );
+  }
   const cryptoImpl = await getCrypto();
   return await cryptoImpl.subtle.sign(
     {
       name: "RSA-PSS",
       saltLength: 32
     },
-    key,
+    keyOrAlias,
     data
   );
 };
-var importPrivateSigningKey = async (keyData, format) => {
+var importPrivateSigningKey = async (keyData) => {
   const cryptoImpl = await getCrypto();
   return await cryptoImpl.subtle.importKey(
     /*format*/
-    format,
+    "pkcs8",
     /*keyData*/
     keyData,
     /*algorithm*/
@@ -317,6 +323,12 @@ var DefaultCrypto = {
   importPrivateSigningKey
 };
 
+// src/crypto/KeyOrAlias.ts
+var KeyOrAlias = {
+  key: (key) => ({ key }),
+  alias: (alias) => ({ alias })
+};
+
 // src/crypto/NodeKeyCache.ts
 var import_auto_bind = __toESM(require("auto-bind"), 1);
 var NodeKeyCache = class {
@@ -326,13 +338,14 @@ var NodeKeyCache = class {
     (0, import_auto_bind.default)(this);
   }
   idToKey;
-  async loadKey(id, rawKey, format = "pkcs8") {
-    const decoded = b64decode(this.stripPemTags(rawKey));
+  async loadKey(id, keyOrAlias) {
+    if (keyOrAlias.alias !== void 0) {
+      this.idToKey.set(id, keyOrAlias.alias);
+      return keyOrAlias.alias;
+    }
+    const decoded = b64decode(this.stripPemTags(keyOrAlias.key));
     try {
-      const key = await this.cryptoImpl.importPrivateSigningKey(
-        decoded,
-        format
-      );
+      const key = await this.cryptoImpl.importPrivateSigningKey(decoded);
       this.idToKey.set(id, key);
       return key;
     } catch (e) {
@@ -393,7 +406,8 @@ var Requester = class {
     const data = await this.makeRawRequest(
       query.queryPayload,
       query.variables || {},
-      query.signingNodeId
+      query.signingNodeId,
+      !!query.skipAuth
     );
     return query.constructObject(data);
   }
@@ -429,7 +443,7 @@ var Requester = class {
       })
     );
   }
-  async makeRawRequest(queryPayload, variables = {}, signingNodeId = void 0) {
+  async makeRawRequest(queryPayload, variables = {}, signingNodeId = void 0, skipAuth = false) {
     const operationNameRegex = /^\s*(query|mutation|subscription)\s+(\w+)/i;
     const operationMatch = queryPayload.match(operationNameRegex);
     if (!operationMatch || operationMatch.length < 3) {
@@ -455,12 +469,13 @@ var Requester = class {
     };
     const browserUserAgent = typeof navigator !== "undefined" ? navigator.userAgent : "";
     const sdkUserAgent = this.getSdkUserAgent();
-    const headers = await this.authProvider.addAuthHeaders({
+    const baseHeaders = {
       "Content-Type": "application/json",
       [LIGHTSPARK_BETA_HEADER_KEY]: LIGHTSPARK_BETA_HEADER_VALUE,
       "X-Lightspark-SDK": sdkUserAgent,
       "User-Agent": browserUserAgent || sdkUserAgent
-    });
+    };
+    const headers = skipAuth ? baseHeaders : await this.authProvider.addAuthHeaders(baseHeaders);
     bodyData = await this.addSigningDataIfNeeded(
       bodyData,
       headers,
@@ -622,6 +637,7 @@ var isType = (typename) => (node) => {
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   DefaultCrypto,
+  KeyOrAlias,
   LightsparkAuthException,
   LightsparkException,
   LightsparkSigningException,

package/dist/index.d.ts

@@ -27,36 +27,49 @@ declare class LightsparkSigningException extends LightsparkException {
     constructor(message: string, extraInfo?: any);
 }
 
+type GeneratedKeyPair = {
+    publicKey: CryptoKey | string;
+    privateKey: CryptoKey | string;
+    keyAlias?: string;
+};
 type CryptoInterface = {
     decryptSecretWithNodePassword: (cipher: string, encryptedSecret: string, nodePassword: string) => Promise<ArrayBuffer | null>;
-    generateSigningKeyPair: () => Promise<{
-        publicKey: CryptoKey | string;
-        privateKey: CryptoKey | string;
-    }>;
+    generateSigningKeyPair: () => Promise<GeneratedKeyPair>;
     serializeSigningKey: (key: CryptoKey | string, format: "pkcs8" | "spki") => Promise<ArrayBuffer>;
     getNonce: () => Promise<number>;
-    sign: (key: CryptoKey | Uint8Array, data: Uint8Array) => Promise<ArrayBuffer>;
-    importPrivateSigningKey: (keyData: Uint8Array, format: "pkcs8" | "spki") => Promise<CryptoKey | Uint8Array>;
+    sign: (keyOrAlias: CryptoKey | string, data: Uint8Array) => Promise<ArrayBuffer>;
+    importPrivateSigningKey: (keyData: Uint8Array) => Promise<CryptoKey | string>;
 };
 declare function decryptSecretWithNodePassword(cipher: string, encryptedSecret: string, nodePassword: string): Promise<ArrayBuffer | null>;
 declare const DefaultCrypto: {
     decryptSecretWithNodePassword: typeof decryptSecretWithNodePassword;
-    generateSigningKeyPair: () => Promise<CryptoKeyPair | {
-        publicKey: string;
-        privateKey: string;
-    }>;
+    generateSigningKeyPair: () => Promise<GeneratedKeyPair>;
     serializeSigningKey: (key: CryptoKey | string, format: "pkcs8" | "spki") => Promise<ArrayBuffer>;
     getNonce: () => Promise<number>;
-    sign: (key: CryptoKey | Uint8Array, data: Uint8Array) => Promise<ArrayBuffer>;
-    importPrivateSigningKey: (keyData: Uint8Array, format: "pkcs8" | "spki") => Promise<CryptoKey | Uint8Array>;
+    sign: (keyOrAlias: CryptoKey | string, data: Uint8Array) => Promise<ArrayBuffer>;
+    importPrivateSigningKey: (keyData: Uint8Array) => Promise<CryptoKey | string>;
+};
+
+type OnlyKey = {
+    key: string;
+    alias?: never;
+};
+type OnlyAlias = {
+    key?: never;
+    alias: string;
+};
+type KeyOrAliasType = OnlyKey | OnlyAlias;
+declare const KeyOrAlias: {
+    key: (key: string) => OnlyKey;
+    alias: (alias: string) => OnlyAlias;
 };
 
 declare class NodeKeyCache {
     private readonly cryptoImpl;
     private idToKey;
     constructor(cryptoImpl?: CryptoInterface);
-    loadKey(id: string, rawKey: string, format?: "pkcs8" | "spki"): Promise<CryptoKey | Uint8Array | null>;
-    getKey(id: string): CryptoKey | Uint8Array | undefined;
+    loadKey(id: string, keyOrAlias: KeyOrAliasType): Promise<CryptoKey | string | null>;
+    getKey(id: string): CryptoKey | string | undefined;
     hasKey(id: string): boolean;
     private stripPemTags;
 }
@@ -72,6 +85,8 @@ type Query<T> = {
     constructObject: (rawData: any) => T;
     /** The id of the node that will be used to sign the query. **/
     signingNodeId?: string;
+    /** True if auth headers should be omitted for this query. **/
+    skipAuth?: boolean;
 };
 
 declare class Requester {
@@ -89,7 +104,7 @@ declare class Requester {
     }): Observable<any>;
     makeRawRequest(queryPayload: string, variables?: {
         [key: string]: any;
-    }, signingNodeId?: string | undefined): Promise<any | null>;
+    }, signingNodeId?: string | undefined, skipAuth?: boolean): Promise<any | null>;
     private getSdkUserAgent;
     private addSigningDataIfNeeded;
 }
@@ -163,4 +178,4 @@ declare const isType: <T extends string>(typename: T) => <N extends {
     __typename: T;
 }>;
 
-export { AuthProvider, ById, CryptoInterface, DefaultCrypto, ExpandRecursively, LightsparkAuthException, LightsparkException, LightsparkSigningException, Maybe, NodeKeyCache, OmitTypename, Query, Requester, ServerEnvironment, StubAuthProvider, apiDomainForEnvironment, b64decode, b64encode, convertCurrencyAmount, isBrowser, isNode, isType, urlsafe_b64decode };
+export { AuthProvider, ById, CryptoInterface, DefaultCrypto, ExpandRecursively, GeneratedKeyPair, KeyOrAlias, KeyOrAliasType, LightsparkAuthException, LightsparkException, LightsparkSigningException, Maybe, NodeKeyCache, OmitTypename, Query, Requester, ServerEnvironment, StubAuthProvider, apiDomainForEnvironment, b64decode, b64encode, convertCurrencyAmount, isBrowser, isNode, isType, urlsafe_b64decode };

package/dist/index.js

@@ -228,22 +228,27 @@ var getNonce = async () => {
   const nonceSt = await getRandomValues32(new Uint32Array(1));
   return Number(nonceSt);
 };
-var sign = async (key, data) => {
+var sign = async (keyOrAlias, data) => {
+  if (typeof keyOrAlias === "string") {
+    throw new LightsparkSigningException_default(
+      "Key alias not supported for default crypto."
+    );
+  }
   const cryptoImpl = await getCrypto();
   return await cryptoImpl.subtle.sign(
     {
       name: "RSA-PSS",
       saltLength: 32
     },
-    key,
+    keyOrAlias,
     data
   );
 };
-var importPrivateSigningKey = async (keyData, format) => {
+var importPrivateSigningKey = async (keyData) => {
   const cryptoImpl = await getCrypto();
   return await cryptoImpl.subtle.importKey(
     /*format*/
-    format,
+    "pkcs8",
     /*keyData*/
     keyData,
     /*algorithm*/
@@ -266,6 +271,12 @@ var DefaultCrypto = {
   importPrivateSigningKey
 };
 
+// src/crypto/KeyOrAlias.ts
+var KeyOrAlias = {
+  key: (key) => ({ key }),
+  alias: (alias) => ({ alias })
+};
+
 // src/crypto/NodeKeyCache.ts
 import autoBind from "auto-bind";
 var NodeKeyCache = class {
@@ -275,13 +286,14 @@ var NodeKeyCache = class {
     autoBind(this);
   }
   idToKey;
-  async loadKey(id, rawKey, format = "pkcs8") {
-    const decoded = b64decode(this.stripPemTags(rawKey));
+  async loadKey(id, keyOrAlias) {
+    if (keyOrAlias.alias !== void 0) {
+      this.idToKey.set(id, keyOrAlias.alias);
+      return keyOrAlias.alias;
+    }
+    const decoded = b64decode(this.stripPemTags(keyOrAlias.key));
     try {
-      const key = await this.cryptoImpl.importPrivateSigningKey(
-        decoded,
-        format
-      );
+      const key = await this.cryptoImpl.importPrivateSigningKey(decoded);
       this.idToKey.set(id, key);
       return key;
     } catch (e) {
@@ -342,7 +354,8 @@ var Requester = class {
     const data = await this.makeRawRequest(
       query.queryPayload,
       query.variables || {},
-      query.signingNodeId
+      query.signingNodeId,
+      !!query.skipAuth
     );
     return query.constructObject(data);
   }
@@ -378,7 +391,7 @@ var Requester = class {
       })
     );
   }
-  async makeRawRequest(queryPayload, variables = {}, signingNodeId = void 0) {
+  async makeRawRequest(queryPayload, variables = {}, signingNodeId = void 0, skipAuth = false) {
     const operationNameRegex = /^\s*(query|mutation|subscription)\s+(\w+)/i;
     const operationMatch = queryPayload.match(operationNameRegex);
     if (!operationMatch || operationMatch.length < 3) {
@@ -404,12 +417,13 @@ var Requester = class {
     };
     const browserUserAgent = typeof navigator !== "undefined" ? navigator.userAgent : "";
     const sdkUserAgent = this.getSdkUserAgent();
-    const headers = await this.authProvider.addAuthHeaders({
+    const baseHeaders = {
       "Content-Type": "application/json",
       [LIGHTSPARK_BETA_HEADER_KEY]: LIGHTSPARK_BETA_HEADER_VALUE,
       "X-Lightspark-SDK": sdkUserAgent,
       "User-Agent": browserUserAgent || sdkUserAgent
-    });
+    };
+    const headers = skipAuth ? baseHeaders : await this.authProvider.addAuthHeaders(baseHeaders);
     bodyData = await this.addSigningDataIfNeeded(
       bodyData,
       headers,
@@ -570,6 +584,7 @@ var isType = (typename) => (node) => {
 };
 export {
   DefaultCrypto,
+  KeyOrAlias,
   LightsparkAuthException_default as LightsparkAuthException,
   LightsparkException_default as LightsparkException,
   LightsparkSigningException_default as LightsparkSigningException,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lightsparkdev/core",
-  "version": "0.2.5",
+  "version": "0.3.1",
   "description": "Lightspark JS SDK",
   "author": "Lightspark Inc.",
   "keywords": [
@@ -58,7 +58,6 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
-    "@openid/appauth": "^1.3.1",
     "auto-bind": "^5.0.1",
     "crypto": "^1.0.1",
     "crypto-browserify": "^3.12.0",
@@ -73,10 +72,8 @@
     "@types/crypto-js": "^4.1.1",
     "@types/ws": "^8.5.4",
     "jest": "^29.4.1",
-    "prettier": "^2.8.4",
-    "prettier-plugin-organize-imports": "^3.2.2",
     "ts-jest": "^29.0.5",
     "tsup": "^6.7.0",
-    "typescript": "^4.9.5"
+    "tsconfig": "*"
   }
 }

package/src/crypto/KeyOrAlias.ts

@@ -0,0 +1,18 @@
+// Copyright ©, 2023-present, Lightspark Group, Inc. - All Rights Reserved
+
+type OnlyKey = {
+  key: string;
+  alias?: never;
+};
+
+type OnlyAlias = {
+  key?: never;
+  alias: string;
+};
+
+export type KeyOrAliasType = OnlyKey | OnlyAlias;
+
+export const KeyOrAlias = {
+  key: (key: string): OnlyKey => ({ key }),
+  alias: (alias: string): OnlyAlias => ({ alias }),
+};

package/src/crypto/NodeKeyCache.ts

@@ -4,9 +4,10 @@ import autoBind from "auto-bind";
 
 import { b64decode } from "../utils/base64.js";
 import { CryptoInterface, DefaultCrypto } from "./crypto.js";
+import { KeyOrAliasType } from "./KeyOrAlias.js";
 
 class NodeKeyCache {
-  private idToKey: Map<string, CryptoKey | Uint8Array>;
+  private idToKey: Map<string, CryptoKey | string>;
   constructor(private readonly cryptoImpl: CryptoInterface = DefaultCrypto) {
     this.idToKey = new Map();
     autoBind(this);
@@ -14,15 +15,15 @@ class NodeKeyCache {
 
   public async loadKey(
     id: string,
-    rawKey: string,
-    format: "pkcs8" | "spki" = "pkcs8"
-  ): Promise<CryptoKey | Uint8Array | null> {
-    const decoded = b64decode(this.stripPemTags(rawKey));
+    keyOrAlias: KeyOrAliasType
+  ): Promise<CryptoKey | string | null> {
+    if (keyOrAlias.alias !== undefined) {
+      this.idToKey.set(id, keyOrAlias.alias);
+      return keyOrAlias.alias;
+    }
+    const decoded = b64decode(this.stripPemTags(keyOrAlias.key));
     try {
-      const key = await this.cryptoImpl.importPrivateSigningKey(
-        decoded,
-        format
-      );
+      const key = await this.cryptoImpl.importPrivateSigningKey(decoded);
       this.idToKey.set(id, key);
       return key;
     } catch (e) {
@@ -31,7 +32,7 @@ class NodeKeyCache {
     return null;
   }
 
-  public getKey(id: string): CryptoKey | Uint8Array | undefined {
+  public getKey(id: string): CryptoKey | string | undefined {
     return this.idToKey.get(id);
   }
 

package/src/crypto/crypto.ts

@@ -2,6 +2,13 @@
 import LightsparkException from "../LightsparkException.js";
 
 import { b64decode } from "../utils/base64.js";
+import LightsparkSigningException from "./LightsparkSigningException.js";
+
+export type GeneratedKeyPair = {
+  publicKey: CryptoKey | string;
+  privateKey: CryptoKey | string;
+  keyAlias?: string;
+};
 
 export type CryptoInterface = {
   decryptSecretWithNodePassword: (
@@ -10,10 +17,7 @@ export type CryptoInterface = {
     nodePassword: string
   ) => Promise<ArrayBuffer | null>;
 
-  generateSigningKeyPair: () => Promise<{
-    publicKey: CryptoKey | string;
-    privateKey: CryptoKey | string;
-  }>;
+  generateSigningKeyPair: () => Promise<GeneratedKeyPair>;
 
   serializeSigningKey: (
     key: CryptoKey | string,
@@ -22,12 +26,12 @@ export type CryptoInterface = {
 
   getNonce: () => Promise<number>;
 
-  sign: (key: CryptoKey | Uint8Array, data: Uint8Array) => Promise<ArrayBuffer>;
+  sign: (
+    keyOrAlias: CryptoKey | string,
+    data: Uint8Array
+  ) => Promise<ArrayBuffer>;
 
-  importPrivateSigningKey: (
-    keyData: Uint8Array,
-    format: "pkcs8" | "spki"
-  ) => Promise<CryptoKey | Uint8Array>;
+  importPrivateSigningKey: (keyData: Uint8Array) => Promise<CryptoKey | string>;
 };
 
 const getCrypto = () => {
@@ -175,9 +179,7 @@ async function decryptSecretWithNodePassword(
   return decryptedValue;
 }
 
-const generateSigningKeyPair = async (): Promise<
-  CryptoKeyPair | { publicKey: string; privateKey: string }
-> => {
+const generateSigningKeyPair = async (): Promise<GeneratedKeyPair> => {
   const cryptoImpl = await getCrypto();
   return await cryptoImpl.subtle.generateKey(
     /*algorithm:*/ {
@@ -209,27 +211,31 @@ const getNonce = async () => {
 };
 
 const sign = async (
-  key: CryptoKey | Uint8Array,
+  keyOrAlias: CryptoKey | string,
   data: Uint8Array
 ): Promise<ArrayBuffer> => {
+  if (typeof keyOrAlias === "string") {
+    throw new LightsparkSigningException(
+      "Key alias not supported for default crypto."
+    );
+  }
   const cryptoImpl = await getCrypto();
   return await cryptoImpl.subtle.sign(
     {
       name: "RSA-PSS",
       saltLength: 32,
     },
-    key as CryptoKey,
+    keyOrAlias as CryptoKey,
     data
   );
 };
 
 const importPrivateSigningKey = async (
-  keyData: Uint8Array,
-  format: "pkcs8" | "spki"
-): Promise<CryptoKey | Uint8Array> => {
+  keyData: Uint8Array
+): Promise<CryptoKey | string> => {
   const cryptoImpl = await getCrypto();
   return await cryptoImpl.subtle.importKey(
-    /*format*/ format,
+    /*format*/ "pkcs8",
     /*keyData*/ keyData,
     /*algorithm*/ {
       name: "RSA-PSS",

package/src/crypto/index.ts

@@ -1,5 +1,6 @@
 // Copyright ©, 2023-present, Lightspark Group, Inc. - All Rights Reserved
 
 export * from "./crypto.js";
+export * from "./KeyOrAlias.js";
 export { default as LightsparkSigningException } from "./LightsparkSigningException.js";
 export { default as NodeKeyCache } from "./NodeKeyCache.js";

package/src/requester/Query.ts

@@ -12,6 +12,9 @@ type Query<T> = {
 
   /** The id of the node that will be used to sign the query. **/
   signingNodeId?: string;
+
+  /** True if auth headers should be omitted for this query. **/
+  skipAuth?: boolean;
 };
 
 export default Query;

package/src/requester/Requester.ts

@@ -53,7 +53,8 @@ class Requester {
     const data = await this.makeRawRequest(
       query.queryPayload,
       query.variables || {},
-      query.signingNodeId
+      query.signingNodeId,
+      !!query.skipAuth
     );
     return query.constructObject(data);
   }
@@ -99,7 +100,8 @@ class Requester {
   public async makeRawRequest(
     queryPayload: string,
     variables: { [key: string]: any } = {},
-    signingNodeId: string | undefined = undefined
+    signingNodeId: string | undefined = undefined,
+    skipAuth: boolean = false
   ): Promise<any | null> {
     const operationNameRegex = /^\s*(query|mutation|subscription)\s+(\w+)/i;
     const operationMatch = queryPayload.match(operationNameRegex);
@@ -128,12 +130,15 @@ class Requester {
     const browserUserAgent =
       typeof navigator !== "undefined" ? navigator.userAgent : "";
     const sdkUserAgent = this.getSdkUserAgent();
-    const headers = await this.authProvider.addAuthHeaders({
+    const baseHeaders = {
       "Content-Type": "application/json",
       [LIGHTSPARK_BETA_HEADER_KEY]: LIGHTSPARK_BETA_HEADER_VALUE,
       "X-Lightspark-SDK": sdkUserAgent,
       "User-Agent": browserUserAgent || sdkUserAgent,
-    });
+    };
+    const headers = skipAuth
+      ? baseHeaders
+      : await this.authProvider.addAuthHeaders(baseHeaders);
     bodyData = await this.addSigningDataIfNeeded(
       bodyData,
       headers,