@lumeweb/pinner 0.1.15 → 0.1.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/esm/auth/key-exchange.js +7 -1
  2. package/dist/esm/auth/key-exchange.js.map +1 -1
  3. package/package.json +2 -2
package/dist/esm/auth/key-exchange.js CHANGED
@@ -21,7 +21,13 @@ var KeyExchangeAuthManager = class extends JwtAuthManager {
21
21
  sdk;
22
22
  constructor(jwt, endpoint) {
23
23
  super(jwt);
24
- this.sdk = new Sdk(endpoint);
24
+ const url = new URL(endpoint);
25
+ const parts = url.hostname.split(".");
26
+ if (parts.length > 2) {
27
+ parts.shift();
28
+ url.hostname = parts.join(".");
29
+ }
30
+ this.sdk = new Sdk(url.toString());
25
31
  }
26
32
  /**
27
33
  * Decode the JWT audience without verification.
package/dist/esm/auth/key-exchange.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"key-exchange.js","names":[],"sources":["../../../src/auth/key-exchange.ts"],"sourcesContent":["import { jwtDecode } from \"jwt-decode\";\nimport { Sdk } from \"@lumeweb/portal-sdk\";\nimport { JwtAuthManager } from \"./manager\";\nimport { JwtPurpose } from \"./types\";\nimport { ConfigurationError } from \"@/errors\";\n\n/**\n * AuthManager that exchanges an API key JWT for a login JWT when needed.\n *\n * Mirrors the Go SDK's AuthServiceDefault.GetLoginToken():\n * 1. Decode the JWT audience without verification\n * 2. If aud === JwtPurpose.API, call POST /api/auth/key to exchange for a login JWT\n * 3. Use the login JWT for all subsequent requests\n *\n * The exchange happens lazily on first access (getAuthToken/getAuthHeaders)\n * and is cached for the lifetime of the instance.\n */\nexport class KeyExchangeAuthManager extends JwtAuthManager {\n private resolvedToken = \"\";\n private exchangePromise?: Promise<string>;\n private readonly sdk: Sdk;\n\n constructor(jwt: string, endpoint: string) {\n super(jwt);\n this.sdk = new Sdk(endpoint);\n }\n\n /**\n * Decode the JWT audience without verification.\n * Returns undefined if the token can't be decoded or has no audience.\n */\n private getAudience(): string | undefined {\n try {\n const decoded = jwtDecode(this.token);\n const aud = decoded.aud;\n if (Array.isArray(aud)) {\n return aud[0];\n }\n return typeof aud === \"string\" ? aud : undefined;\n } catch {\n return undefined;\n }\n }\n\n /**\n * Exchange the API key JWT for a login JWT if needed.\n * Returns the login JWT, or the original token if no exchange is necessary.\n */\n private resolveToken(): Promise<string> {\n if (this.resolvedToken) {\n return Promise.resolve(this.resolvedToken);\n }\n\n if (this.exchangePromise) {\n return this.exchangePromise;\n }\n\n const aud = this.getAudience();\n\n if (aud !== JwtPurpose.API) {\n this.resolvedToken = this.token;\n return Promise.resolve(this.resolvedToken);\n }\n\n this.exchangePromise = (async () => {\n try {\n const result = await this.sdk.account().loginWithApiKey(this.token);\n\n if (!result.success || !result.data?.token) {\n throw new ConfigurationError(\n \"Failed to exchange API key for login JWT\",\n );\n }\n\n this.resolvedToken = result.data.token;\n return this.resolvedToken;\n } catch (err) {\n this.exchangePromise = undefined;\n throw err;\n }\n })();\n\n return this.exchangePromise;\n }\n\n async getAuthToken(): Promise<string> {\n return this.resolveToken();\n }\n\n async getAuthHeaders(): Promise<Record<string, string>> {\n const token = await this.resolveToken();\n return { Authorization: `Bearer ${token}` };\n }\n\n async getAccessToken(): Promise<string> {\n return this.resolveToken();\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AAiBA,IAAa,yBAAb,cAA4C,eAAe;CACzD,AAAQ,gBAAgB;CACxB,AAAQ;CACR,AAAiB;CAEjB,YAAY,KAAa,UAAkB;AACzC,QAAM,IAAI;AACV,OAAK,MAAM,IAAI,IAAI,SAAS;;;;;;CAO9B,AAAQ,cAAkC;AACxC,MAAI;GAEF,MAAM,MADU,UAAU,KAAK,MACZ,CAAC;AACpB,OAAI,MAAM,QAAQ,IAAI,CACpB,QAAO,IAAI;AAEb,UAAO,OAAO,QAAQ,WAAW,MAAM;UACjC;AACN;;;;;;;CAQJ,AAAQ,eAAgC;AACtC,MAAI,KAAK,cACP,QAAO,QAAQ,QAAQ,KAAK,cAAc;AAG5C,MAAI,KAAK,gBACP,QAAO,KAAK;AAKd,MAFY,KAAK,aAEV,YAAqB;AAC1B,QAAK,gBAAgB,KAAK;AAC1B,UAAO,QAAQ,QAAQ,KAAK,cAAc;;AAG5C,OAAK,mBAAmB,YAAY;AAClC,OAAI;IACF,MAAM,SAAS,MAAM,KAAK,IAAI,SAAS,CAAC,gBAAgB,KAAK,MAAM;AAEnE,QAAI,CAAC,OAAO,WAAW,CAAC,OAAO,MAAM,MACnC,OAAM,IAAI,mBACR,2CACD;AAGH,SAAK,gBAAgB,OAAO,KAAK;AACjC,WAAO,KAAK;YACL,KAAK;AACZ,SAAK,kBAAkB;AACvB,UAAM;;MAEN;AAEJ,SAAO,KAAK;;CAGd,MAAM,eAAgC;AACpC,SAAO,KAAK,cAAc;;CAG5B,MAAM,iBAAkD;AAEtD,SAAO,EAAE,eAAe,UAAU,MADd,KAAK,cAAc,IACI;;CAG7C,MAAM,iBAAkC;AACtC,SAAO,KAAK,cAAc"}
1
+ {"version":3,"file":"key-exchange.js","names":[],"sources":["../../../src/auth/key-exchange.ts"],"sourcesContent":["import { jwtDecode } from \"jwt-decode\";\nimport { Sdk } from \"@lumeweb/portal-sdk\";\nimport { JwtAuthManager } from \"./manager\";\nimport { JwtPurpose } from \"./types\";\nimport { ConfigurationError } from \"@/errors\";\n\n/**\n * AuthManager that exchanges an API key JWT for a login JWT when needed.\n *\n * Mirrors the Go SDK's AuthServiceDefault.GetLoginToken():\n * 1. Decode the JWT audience without verification\n * 2. If aud === JwtPurpose.API, call POST /api/auth/key to exchange for a login JWT\n * 3. Use the login JWT for all subsequent requests\n *\n * The exchange happens lazily on first access (getAuthToken/getAuthHeaders)\n * and is cached for the lifetime of the instance.\n */\nexport class KeyExchangeAuthManager extends JwtAuthManager {\n private resolvedToken = \"\";\n private exchangePromise?: Promise<string>;\n private readonly sdk: Sdk;\n\n constructor(jwt: string, endpoint: string) {\n super(jwt);\n // Derive the account endpoint from the pinner endpoint.\n // Go SDK uses hardcoded DefaultEndpoint = \"account.pinner.xyz\".\n // AccountApi constructor prepends \"account.\" to the hostname,\n // so we strip the first subdomain (e.g. ipfs.pinner.xyz → pinner.xyz)\n // and let AccountApi add \"account.\" → account.pinner.xyz.\n // Mutate hostname in-place to preserve port, path, and other URL components.\n const url = new URL(endpoint);\n const parts = url.hostname.split(\".\");\n if (parts.length > 2) {\n parts.shift(); // Remove first subdomain (e.g. \"ipfs\")\n url.hostname = parts.join(\".\");\n }\n this.sdk = new Sdk(url.toString());\n }\n\n /**\n * Decode the JWT audience without verification.\n * Returns undefined if the token can't be decoded or has no audience.\n */\n private getAudience(): string | undefined {\n try {\n const decoded = jwtDecode(this.token);\n const aud = decoded.aud;\n if (Array.isArray(aud)) {\n return aud[0];\n }\n return typeof aud === \"string\" ? aud : undefined;\n } catch {\n return undefined;\n }\n }\n\n /**\n * Exchange the API key JWT for a login JWT if needed.\n * Returns the login JWT, or the original token if no exchange is necessary.\n */\n private resolveToken(): Promise<string> {\n if (this.resolvedToken) {\n return Promise.resolve(this.resolvedToken);\n }\n\n if (this.exchangePromise) {\n return this.exchangePromise;\n }\n\n const aud = this.getAudience();\n\n if (aud !== JwtPurpose.API) {\n this.resolvedToken = this.token;\n return Promise.resolve(this.resolvedToken);\n }\n\n this.exchangePromise = (async () => {\n try {\n const result = await this.sdk.account().loginWithApiKey(this.token);\n\n if (!result.success || !result.data?.token) {\n throw new ConfigurationError(\n \"Failed to exchange API key for login JWT\",\n );\n }\n\n this.resolvedToken = result.data.token;\n return this.resolvedToken;\n } catch (err) {\n this.exchangePromise = undefined;\n throw err;\n }\n })();\n\n return this.exchangePromise;\n }\n\n async getAuthToken(): Promise<string> {\n return this.resolveToken();\n }\n\n async getAuthHeaders(): Promise<Record<string, string>> {\n const token = await this.resolveToken();\n return { Authorization: `Bearer ${token}` };\n }\n\n async getAccessToken(): Promise<string> {\n return this.resolveToken();\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AAiBA,IAAa,yBAAb,cAA4C,eAAe;CACzD,AAAQ,gBAAgB;CACxB,AAAQ;CACR,AAAiB;CAEjB,YAAY,KAAa,UAAkB;AACzC,QAAM,IAAI;EAOV,MAAM,MAAM,IAAI,IAAI,SAAS;EAC7B,MAAM,QAAQ,IAAI,SAAS,MAAM,IAAI;AACrC,MAAI,MAAM,SAAS,GAAG;AACpB,SAAM,OAAO;AACb,OAAI,WAAW,MAAM,KAAK,IAAI;;AAEhC,OAAK,MAAM,IAAI,IAAI,IAAI,UAAU,CAAC;;;;;;CAOpC,AAAQ,cAAkC;AACxC,MAAI;GAEF,MAAM,MADU,UAAU,KAAK,MACZ,CAAC;AACpB,OAAI,MAAM,QAAQ,IAAI,CACpB,QAAO,IAAI;AAEb,UAAO,OAAO,QAAQ,WAAW,MAAM;UACjC;AACN;;;;;;;CAQJ,AAAQ,eAAgC;AACtC,MAAI,KAAK,cACP,QAAO,QAAQ,QAAQ,KAAK,cAAc;AAG5C,MAAI,KAAK,gBACP,QAAO,KAAK;AAKd,MAFY,KAAK,aAEV,YAAqB;AAC1B,QAAK,gBAAgB,KAAK;AAC1B,UAAO,QAAQ,QAAQ,KAAK,cAAc;;AAG5C,OAAK,mBAAmB,YAAY;AAClC,OAAI;IACF,MAAM,SAAS,MAAM,KAAK,IAAI,SAAS,CAAC,gBAAgB,KAAK,MAAM;AAEnE,QAAI,CAAC,OAAO,WAAW,CAAC,OAAO,MAAM,MACnC,OAAM,IAAI,mBACR,2CACD;AAGH,SAAK,gBAAgB,OAAO,KAAK;AACjC,WAAO,KAAK;YACL,KAAK;AACZ,SAAK,kBAAkB;AACvB,UAAM;;MAEN;AAEJ,SAAO,KAAK;;CAGd,MAAM,eAAgC;AACpC,SAAO,KAAK,cAAc;;CAG5B,MAAM,iBAAkD;AAEtD,SAAO,EAAE,eAAe,UAAU,MADd,KAAK,cAAc,IACI;;CAG7C,MAAM,iBAAkC;AACtC,SAAO,KAAK,cAAc"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lumeweb/pinner",
3
- "version": "0.1.15",
3
+ "version": "0.1.16",
4
4
  "type": "module",
5
5
  "files": [
6
6
  "dist",
@@ -64,7 +64,7 @@
64
64
  "progress-events": "^1.1.0",
65
65
  "tus-js-client": "4.3.1",
66
66
  "unstorage": "^1.17.5",
67
- "@lumeweb/portal-sdk": "0.1.7",
67
+ "@lumeweb/portal-sdk": "0.1.8",
68
68
  "@lumeweb/query-builder": "0.1.1",
69
69
  "@lumeweb/uppy-post-upload": "0.1.2"
70
70
  },