@metamask-previews/profile-sync-controller 28.0.2-preview-02f91c63c → 28.0.2-preview-6ce5d58fa

package/dist/sdk/user-storage.cjs

@@ -83,6 +83,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
     const entropySourceId = options?.entropySourceId;
     try {
         const headers = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getAuthorizationHeader).call(this, entropySourceId);
+        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId, options?.useCanonicalScope);
         const storageKey = await this.getStorageKey(entropySourceId);
         const encryptedData = await encryption_1.default.encryptString(data, storageKey, options?.nativeScryptCrypto);
         const encryptedPath = (0, storage_schema_1.createEntryPath)(path, storageKey);
@@ -92,6 +93,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
             headers: {
                 'Content-Type': 'application/json',
                 ...headers,
+                ...profileScopeHeader,
             },
             body: JSON.stringify({ data: encryptedData }),
         });
@@ -115,6 +117,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
             return;
         }
         const headers = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getAuthorizationHeader).call(this, entropySourceId);
+        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId, options?.useCanonicalScope);
         const storageKey = await this.getStorageKey(entropySourceId);
         const encryptedData = await Promise.all(data.map(async (d) => {
             return [
@@ -128,6 +131,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
             headers: {
                 'Content-Type': 'application/json',
                 ...headers,
+                ...profileScopeHeader,
             },
             body: JSON.stringify({ data: Object.fromEntries(encryptedData) }),
         });
@@ -144,15 +148,17 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
         const errorMessage = e instanceof Error ? e.message : JSON.stringify(e ?? '');
         throw new errors_1.UserStorageError(`failed to batch upsert user storage for path '${path}'. ${errorMessage}`);
     }
-}, _UserStorage_batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries = async function _UserStorage_batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries(path, encryptedData, entropySourceId) {
+}, _UserStorage_batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries = async function _UserStorage_batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries(path, encryptedData, entropySourceId, useCanonicalScope) {
     try {
         const headers = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getAuthorizationHeader).call(this, entropySourceId);
+        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId, useCanonicalScope);
         const url = new URL((0, exports.STORAGE_URL)(this.env, path));
         const response = await fetch(url.toString(), {
             method: 'PUT',
             headers: {
                 'Content-Type': 'application/json',
                 ...headers,
+                ...profileScopeHeader,
             },
             body: JSON.stringify({ data: Object.fromEntries(encryptedData) }),
         });
@@ -213,7 +219,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
     const entropySourceId = options?.entropySourceId;
     try {
         const headers = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getAuthorizationHeader).call(this, entropySourceId);
-        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId);
+        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId, options?.useCanonicalScope);
         const storageKey = await this.getStorageKey(entropySourceId);
         const url = new URL((0, exports.STORAGE_URL)(this.env, path));
         const response = await fetch(url.toString(), {
@@ -258,7 +264,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
         }
         // Re-upload the re-encrypted entries
         if (reEncryptedEntries.length) {
-            await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries).call(this, path, reEncryptedEntries, entropySourceId);
+            await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries).call(this, path, reEncryptedEntries, entropySourceId, options?.useCanonicalScope);
         }
         return decryptedData;
     }
@@ -301,7 +307,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
     try {
         const entropySourceId = options?.entropySourceId;
         const headers = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getAuthorizationHeader).call(this, entropySourceId);
-        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId);
+        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId, options?.useCanonicalScope);
         const url = new URL((0, exports.STORAGE_URL)(this.env, path));
         const response = await fetch(url.toString(), {
             method: 'DELETE',
@@ -363,7 +369,10 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
 }, _UserStorage_getAuthorizationHeader = async function _UserStorage_getAuthorizationHeader(entropySourceId) {
     const accessToken = await this.config.auth.getAccessToken(entropySourceId);
     return { Authorization: `Bearer ${accessToken}` };
-}, _UserStorage_getProfileScopeHeader = async function _UserStorage_getProfileScopeHeader(entropySourceId) {
+}, _UserStorage_getProfileScopeHeader = async function _UserStorage_getProfileScopeHeader(entropySourceId, useCanonicalScope) {
+    if (useCanonicalScope) {
+        return {};
+    }
     const profile = await this.config.auth.getUserProfile(entropySourceId);
     if (profile.profileId !== profile.canonicalProfileId) {
         return { 'x-profile-id': profile.profileId };

package/dist/sdk/user-storage.cjs.map

@@ -1 +1 @@
-{"version":3,"file":"user-storage.cjs","sourceRoot":"","sources":["../../src/sdk/user-storage.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6EAAoE;AACpE,kEAA6D;AAE7D,2CAA2C;AAO3C,iEAA2D;AAG3D,yCAA2D;AAEpD,MAAM,WAAW,GAAG,CAAC,GAAQ,EAAE,aAAqB,EAAE,EAAE,CAC7D,GAAG,IAAA,gBAAU,EAAC,GAAG,CAAC,CAAC,iBAAiB,uBAAuB,aAAa,EAAE,CAAC;AADhE,QAAA,WAAW,eACqD;AAgC7E,MAAa,WAAW;IAOtB,YAAY,MAAyB,EAAE,OAA2B;;QAChE,IAAI,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC;QACtB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,OAAO,CACX,IAA6C,EAC7C,KAAa,EACb,OAAkC;QAElC,MAAM,uBAAA,IAAI,8DAAmB,MAAvB,IAAI,EAAoB,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;IACtD,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,IAAmC,EACnC,MAAgD,EAChD,OAAkC;QAElC,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5D,CAAC;IAED,KAAK,CAAC,OAAO,CACX,IAA6C,EAC7C,OAAkC;QAElC,OAAO,uBAAA,IAAI,2DAAgB,MAApB,IAAI,EAAiB,IAAI,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAED,KAAK,CAAC,kBAAkB,CACtB,IAAmC,EACnC,OAAkC;QAElC,OAAO,uBAAA,IAAI,4EAAiC,MAArC,IAAI,EAAkC,IAAI,EAAE,OAAO,CAAC,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,UAAU,CACd,IAA6C,EAC7C,OAAkC;QAElC,OAAO,uBAAA,IAAI,8DAAmB,MAAvB,IAAI,EAAoB,IAAI,EAAE,OAAO,CAAC,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,IAAmC,EACnC,OAAkC;QAElC,OAAO,uBAAA,IAAI,+EAAoC,MAAxC,IAAI,EAAqC,IAAI,EAAE,OAAO,CAAC,CAAC;IACjE,CAAC;IAED,KAAK,CAAC,gBAAgB,CACpB,IAAmC,EACnC,MAAsC,EACtC,OAAkC;QAElC,OAAO,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,eAAwB;QAC1C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;QAC3E,MAAM,OAAO,GAAG,YAAY,WAAW,CAAC,SAAS,EAAW,CAAC;QAE7D,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,CAAC;QACtE,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,UAAU,CAAC;QACpB,CAAC;QAED,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAC5D,OAAO,EACP,eAAe,CAChB,CAAC;QACF,MAAM,yBAAyB,GAAG,IAAA,6BAAgB,EAAC,mBAAmB,CAAC,CAAC;QACxE,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,aAAa,CACvC,OAAO,EACP,yBAAyB,CAC1B,CAAC;QACF,OAAO,yBAAyB,CAAC;IACnC,CAAC;CA6cF;AAjiBD,kCAiiBC;yEA3cC,KAAK,yCACH,IAA6C,EAC7C,IAAY,EACZ,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,MAAM,oBAAU,CAAC,aAAa,CAClD,IAAI,EACJ,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B,CAAC;QACF,MAAM,aAAa,GAAG,IAAA,gCAAe,EAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAExD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;SAC9C,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,IAAI,yBAAgB,CACxB,2CAA2C,IAAI,MAAM,YAAY,EAAE,CACpE,CAAC;IACJ,CAAC;AACH,CAAC,wCAED,KAAK,8CACH,IAA2C,EAC3C,IAAwB,EACxB,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAE7D,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,GAAG,CACrC,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;YACnB,OAAO;gBACL,uBAAA,IAAI,2DAAgB,MAApB,IAAI,EAAiB,CAAC,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC;gBACtC,MAAM,oBAAU,CAAC,aAAa,CAC5B,CAAC,CAAC,CAAC,CAAC,EACJ,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B;aACF,CAAC;QACJ,CAAC,CAAC,CACH,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;SAClE,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,IAAI,yBAAgB,CACxB,iDAAiD,IAAI,MAAM,YAAY,EAAE,CAC1E,CAAC;IACJ,CAAC;AACH,CAAC,4EAED,KAAK,kFACH,IAA2C,EAC3C,aAAiC,EACjC,eAAwB;IAExB,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QAEpE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;SAClE,CAAC,CAAC;QAEH,uBAAuB;QACvB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,uBAAuB;QACvB,MAAM,IAAI,yBAAgB,CACxB,iDAAiD,IAAI,MAAM,YAAY,EAAE,CAC1E,CAAC;IACJ,CAAC;AACH,CAAC,gCAED,KAAK,sCACH,IAA6C,EAC7C,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,IAAA,gCAAe,EAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAExD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC1C,MAAM,aAAa,GAAG,WAAW,EAAE,IAAI,IAAI,IAAI,CAAC;QAEhD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,oBAAU,CAAC,aAAa,CAClD,aAAa,EACb,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B,CAAC;QAEF,8DAA8D;QAC9D,MAAM,IAAI,GAAG,oBAAU,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;QAC/C,IAAI,IAAI,CAAC,QAAQ,EAAE,KAAK,uBAAW,CAAC,QAAQ,EAAE,EAAE,CAAC;YAC/C,MAAM,uBAAA,IAAI,8DAAmB,MAAvB,IAAI,EAAoB,IAAI,EAAE,aAAa,EAAE,OAAO,CAAC,CAAC;QAC9D,CAAC;QAED,OAAO,aAAa,CAAC;IACvB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,yBAAgB,CACxB,wCAAwC,IAAI,MAAM,YAAY,EAAE,CACjE,CAAC;IACJ,CAAC;AACH,CAAC,iDAED,KAAK,uDACH,IAA2C,EAC3C,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GACtB,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EAAwB,eAAe,CAAC,CAAC;QACrD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAE7D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GACf,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAExB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,aAAa,GAAa,EAAE,CAAC;QACnC,MAAM,kBAAkB,GAAuB,EAAE,CAAC;QAElD,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE,CAAC;YAChC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;gBAChB,SAAS;YACX,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,oBAAU,CAAC,aAAa,CACzC,KAAK,CAAC,IAAI,EACV,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B,CAAC;gBACF,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEzB,wDAAwD;gBACxD,MAAM,IAAI,GAAG,oBAAU,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC5C,IAAI,IAAI,CAAC,QAAQ,EAAE,KAAK,uBAAW,CAAC,QAAQ,EAAE,EAAE,CAAC;oBAC/C,kBAAkB,CAAC,IAAI,CAAC;wBACtB,KAAK,CAAC,SAAS;wBACf,MAAM,oBAAU,CAAC,aAAa,CAC5B,IAAI,EACJ,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,aAAa;YACf,CAAC;QACH,CAAC;QAED,qCAAqC;QACrC,IAAI,kBAAkB,CAAC,MAAM,EAAE,CAAC;YAC9B,MAAM,uBAAA,IAAI,uGAA4D,MAAhE,IAAI,EACR,IAAI,EACJ,kBAAkB,EAClB,eAAe,CAChB,CAAC;QACJ,CAAC;QAED,OAAO,aAAa,CAAC;IACvB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,yBAAgB,CACxB,wCAAwC,IAAI,MAAM,YAAY,EAAE,CACjE,CAAC;IACJ,CAAC;AACH,CAAC,mCAED,KAAK,yCACH,IAA6C,EAC7C,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,IAAA,gCAAe,EAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAExD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAI,sBAAa,CACrB,uCAAuC,IAAI,IAAI,CAChD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,CAAC,YAAY,sBAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,CAAC;QACV,CAAC;QAED,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,yBAAgB,CACxB,2CAA2C,IAAI,MAAM,YAAY,EAAE,CACpE,CAAC;IACJ,CAAC;AACH,CAAC,oDAED,KAAK,0DACH,IAA2C,EAC3C,OAAkC;IAElC,IAAI,CAAC;QACH,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;QACjD,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GACtB,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EAAwB,eAAe,CAAC,CAAC;QAErD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAI,sBAAa,CAAC,+BAA+B,IAAI,IAAI,CAAC,CAAC;QACnE,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,CAAC,YAAY,sBAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,CAAC;QACV,CAAC;QAED,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,yBAAgB,CACxB,2CAA2C,IAAI,MAAM,YAAY,EAAE,CACpE,CAAC;IACJ,CAAC;AACH,CAAC,wCAED,KAAK,8CACH,IAA2C,EAC3C,YAAsB,EACtB,OAAkC;IAElC,IAAI,CAAC;QACH,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;YACzB,OAAO;QACT,CAAC;QAED,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;QACjD,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAE7D,MAAM,YAAY,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAC1C,uBAAA,IAAI,2DAAgB,MAApB,IAAI,EAAiB,CAAC,EAAE,UAAU,CAAC,CACpC,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;YAED,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,YAAY,EAAE,YAAY,EAAE,CAAC;SACrD,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,IAAI,yBAAgB,CACxB,iDAAiD,IAAI,MAAM,YAAY,EAAE,CAC1E,CAAC;IACJ,CAAC;AACH,CAAC,qEAEe,GAAW,EAAE,UAAkB;IAC7C,OAAO,IAAA,6BAAgB,EAAC,GAAG,GAAG,UAAU,CAAC,CAAC;AAC5C,CAAC,wCAED,KAAK,8CACH,eAAwB;IAExB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IAC3E,OAAO,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE,CAAC;AACpD,CAAC,uCAED,KAAK,6CACH,eAAwB;IAExB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IACvE,IAAI,OAAO,CAAC,SAAS,KAAK,OAAO,CAAC,kBAAkB,EAAE,CAAC;QACrD,OAAO,EAAE,cAAc,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC;IAC/C,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC","sourcesContent":["import encryption, { createSHA256Hash } from '../shared/encryption';\nimport { SHARED_SALT } from '../shared/encryption/constants';\nimport type { Env } from '../shared/env';\nimport { getEnvUrls } from '../shared/env';\nimport type {\n  UserStorageGenericFeatureKey,\n  UserStorageGenericFeatureName,\n  UserStorageGenericPathWithFeatureAndKey,\n  UserStorageGenericPathWithFeatureOnly,\n} from '../shared/storage-schema';\nimport { createEntryPath } from '../shared/storage-schema';\nimport type { NativeScrypt } from '../shared/types/encryption';\nimport type { IBaseAuth } from './authentication-jwt-bearer/types';\nimport { NotFoundError, UserStorageError } from './errors';\n\nexport const STORAGE_URL = (env: Env, encryptedPath: string) =>\n  `${getEnvUrls(env).userStorageApiUrl}/api/v1/userstorage/${encryptedPath}`;\n\nexport type UserStorageConfig = {\n  env: Env;\n  auth: Pick<IBaseAuth, 'getAccessToken' | 'getUserProfile' | 'signMessage'>;\n};\n\nexport type StorageOptions = {\n  getStorageKey: (message: `metamask:${string}`) => Promise<string | null>;\n  setStorageKey: (message: `metamask:${string}`, val: string) => Promise<void>;\n};\n\nexport type UserStorageOptions = {\n  storage?: StorageOptions;\n};\n\nexport type GetUserStorageAllFeatureEntriesResponse = {\n  HashedKey: string;\n\n  Data: string;\n}[];\n\nexport type UserStorageMethodOptions = {\n  nativeScryptCrypto?: NativeScrypt;\n  entropySourceId?: string;\n};\n\ntype ErrorMessage = {\n  message: string;\n  error: string;\n};\n\nexport class UserStorage {\n  protected config: UserStorageConfig;\n\n  public options: UserStorageOptions;\n\n  protected env: Env;\n\n  constructor(config: UserStorageConfig, options: UserStorageOptions) {\n    this.env = config.env;\n    this.config = config;\n    this.options = options;\n  }\n\n  async setItem(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    value: string,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    await this.#upsertUserStorage(path, value, options);\n  }\n\n  async batchSetItems(\n    path: UserStorageGenericFeatureName,\n    values: [UserStorageGenericFeatureKey, string][],\n    options?: UserStorageMethodOptions,\n  ) {\n    await this.#batchUpsertUserStorage(path, values, options);\n  }\n\n  async getItem(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<string | null> {\n    return this.#getUserStorage(path, options);\n  }\n\n  async getAllFeatureItems(\n    path: UserStorageGenericFeatureName,\n    options?: UserStorageMethodOptions,\n  ): Promise<string[] | null> {\n    return this.#getUserStorageAllFeatureEntries(path, options);\n  }\n\n  async deleteItem(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    return this.#deleteUserStorage(path, options);\n  }\n\n  async deleteAllFeatureItems(\n    path: UserStorageGenericFeatureName,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    return this.#deleteUserStorageAllFeatureEntries(path, options);\n  }\n\n  async batchDeleteItems(\n    path: UserStorageGenericFeatureName,\n    values: UserStorageGenericFeatureKey[],\n    options?: UserStorageMethodOptions,\n  ) {\n    return this.#batchDeleteUserStorage(path, values, options);\n  }\n\n  async getStorageKey(entropySourceId?: string): Promise<string> {\n    const userProfile = await this.config.auth.getUserProfile(entropySourceId);\n    const message = `metamask:${userProfile.profileId}` as const;\n\n    const storageKey = await this.options.storage?.getStorageKey(message);\n    if (storageKey) {\n      return storageKey;\n    }\n\n    const storageKeySignature = await this.config.auth.signMessage(\n      message,\n      entropySourceId,\n    );\n    const hashedStorageKeySignature = createSHA256Hash(storageKeySignature);\n    await this.options.storage?.setStorageKey(\n      message,\n      hashedStorageKeySignature,\n    );\n    return hashedStorageKeySignature;\n  }\n\n  async #upsertUserStorage(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    data: string,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n      const encryptedData = await encryption.encryptString(\n        data,\n        storageKey,\n        options?.nativeScryptCrypto,\n      );\n      const encryptedPath = createEntryPath(path, storageKey);\n\n      const url = new URL(STORAGE_URL(this.env, encryptedPath));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n        body: JSON.stringify({ data: encryptedData }),\n      });\n\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      throw new UserStorageError(\n        `failed to upsert user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #batchUpsertUserStorage(\n    path: UserStorageGenericPathWithFeatureOnly,\n    data: [string, string][],\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      if (!data.length) {\n        return;\n      }\n\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n\n      const encryptedData = await Promise.all(\n        data.map(async (d) => {\n          return [\n            this.#createEntryKey(d[0], storageKey),\n            await encryption.encryptString(\n              d[1],\n              storageKey,\n              options?.nativeScryptCrypto,\n            ),\n          ];\n        }),\n      );\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n        body: JSON.stringify({ data: Object.fromEntries(encryptedData) }),\n      });\n\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      throw new UserStorageError(\n        `failed to batch upsert user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries(\n    path: UserStorageGenericPathWithFeatureOnly,\n    encryptedData: [string, string][],\n    entropySourceId?: string,\n  ): Promise<void> {\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n        body: JSON.stringify({ data: Object.fromEntries(encryptedData) }),\n      });\n\n      // istanbul ignore next\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      // istanbul ignore next\n      throw new UserStorageError(\n        `failed to batch upsert user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #getUserStorage(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<string | null> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n      const encryptedPath = createEntryPath(path, storageKey);\n\n      const url = new URL(STORAGE_URL(this.env, encryptedPath));\n\n      const response = await fetch(url.toString(), {\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n      });\n\n      if (response.status === 404) {\n        return null;\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n\n      const userStorage = await response.json();\n      const encryptedData = userStorage?.Data ?? null;\n\n      if (!encryptedData) {\n        return null;\n      }\n\n      const decryptedData = await encryption.decryptString(\n        encryptedData,\n        storageKey,\n        options?.nativeScryptCrypto,\n      );\n\n      // Re-encrypt the entry if it was encrypted with a random salt\n      const salt = encryption.getSalt(encryptedData);\n      if (salt.toString() !== SHARED_SALT.toString()) {\n        await this.#upsertUserStorage(path, decryptedData, options);\n      }\n\n      return decryptedData;\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to get user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #getUserStorageAllFeatureEntries(\n    path: UserStorageGenericPathWithFeatureOnly,\n    options?: UserStorageMethodOptions,\n  ): Promise<string[] | null> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader =\n        await this.#getProfileScopeHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n      });\n\n      if (response.status === 404) {\n        return null;\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n\n      const userStorage: GetUserStorageAllFeatureEntriesResponse | null =\n        await response.json();\n\n      if (!Array.isArray(userStorage)) {\n        return null;\n      }\n\n      const decryptedData: string[] = [];\n      const reEncryptedEntries: [string, string][] = [];\n\n      for (const entry of userStorage) {\n        if (!entry.Data) {\n          continue;\n        }\n\n        try {\n          const data = await encryption.decryptString(\n            entry.Data,\n            storageKey,\n            options?.nativeScryptCrypto,\n          );\n          decryptedData.push(data);\n\n          // Re-encrypt the entry was encrypted with a random salt\n          const salt = encryption.getSalt(entry.Data);\n          if (salt.toString() !== SHARED_SALT.toString()) {\n            reEncryptedEntries.push([\n              entry.HashedKey,\n              await encryption.encryptString(\n                data,\n                storageKey,\n                options?.nativeScryptCrypto,\n              ),\n            ]);\n          }\n        } catch {\n          // do nothing\n        }\n      }\n\n      // Re-upload the re-encrypted entries\n      if (reEncryptedEntries.length) {\n        await this.#batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries(\n          path,\n          reEncryptedEntries,\n          entropySourceId,\n        );\n      }\n\n      return decryptedData;\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to get user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #deleteUserStorage(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n      const encryptedPath = createEntryPath(path, storageKey);\n\n      const url = new URL(STORAGE_URL(this.env, encryptedPath));\n\n      const response = await fetch(url.toString(), {\n        method: 'DELETE',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n      });\n\n      if (response.status === 404) {\n        throw new NotFoundError(\n          `feature/key set not found for path '${path}'.`,\n        );\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      if (e instanceof NotFoundError) {\n        throw e;\n      }\n\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to delete user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #deleteUserStorageAllFeatureEntries(\n    path: UserStorageGenericPathWithFeatureOnly,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    try {\n      const entropySourceId = options?.entropySourceId;\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader =\n        await this.#getProfileScopeHeader(entropySourceId);\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'DELETE',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n      });\n\n      if (response.status === 404) {\n        throw new NotFoundError(`feature not found for path '${path}'.`);\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      if (e instanceof NotFoundError) {\n        throw e;\n      }\n\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to delete user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #batchDeleteUserStorage(\n    path: UserStorageGenericPathWithFeatureOnly,\n    keysToDelete: string[],\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    try {\n      if (!keysToDelete.length) {\n        return;\n      }\n\n      const entropySourceId = options?.entropySourceId;\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n\n      const rawEntryKeys = keysToDelete.map((d) =>\n        this.#createEntryKey(d, storageKey),\n      );\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n\n        body: JSON.stringify({ batch_delete: rawEntryKeys }),\n      });\n\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      throw new UserStorageError(\n        `failed to batch delete user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  #createEntryKey(key: string, storageKey: string): string {\n    return createSHA256Hash(key + storageKey);\n  }\n\n  async #getAuthorizationHeader(\n    entropySourceId?: string,\n  ): Promise<{ Authorization: string }> {\n    const accessToken = await this.config.auth.getAccessToken(entropySourceId);\n    return { Authorization: `Bearer ${accessToken}` };\n  }\n\n  async #getProfileScopeHeader(\n    entropySourceId?: string,\n  ): Promise<Record<string, string>> {\n    const profile = await this.config.auth.getUserProfile(entropySourceId);\n    if (profile.profileId !== profile.canonicalProfileId) {\n      return { 'x-profile-id': profile.profileId };\n    }\n    return {};\n  }\n}\n"]}
+{"version":3,"file":"user-storage.cjs","sourceRoot":"","sources":["../../src/sdk/user-storage.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6EAAoE;AACpE,kEAA6D;AAE7D,2CAA2C;AAO3C,iEAA2D;AAG3D,yCAA2D;AAEpD,MAAM,WAAW,GAAG,CAAC,GAAQ,EAAE,aAAqB,EAAE,EAAE,CAC7D,GAAG,IAAA,gBAAU,EAAC,GAAG,CAAC,CAAC,iBAAiB,uBAAuB,aAAa,EAAE,CAAC;AADhE,QAAA,WAAW,eACqD;AAuC7E,MAAa,WAAW;IAOtB,YAAY,MAAyB,EAAE,OAA2B;;QAChE,IAAI,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC;QACtB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,OAAO,CACX,IAA6C,EAC7C,KAAa,EACb,OAAkC;QAElC,MAAM,uBAAA,IAAI,8DAAmB,MAAvB,IAAI,EAAoB,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;IACtD,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,IAAmC,EACnC,MAAgD,EAChD,OAAkC;QAElC,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5D,CAAC;IAED,KAAK,CAAC,OAAO,CACX,IAA6C,EAC7C,OAAkC;QAElC,OAAO,uBAAA,IAAI,2DAAgB,MAApB,IAAI,EAAiB,IAAI,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAED,KAAK,CAAC,kBAAkB,CACtB,IAAmC,EACnC,OAAkC;QAElC,OAAO,uBAAA,IAAI,4EAAiC,MAArC,IAAI,EAAkC,IAAI,EAAE,OAAO,CAAC,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,UAAU,CACd,IAA6C,EAC7C,OAAkC;QAElC,OAAO,uBAAA,IAAI,8DAAmB,MAAvB,IAAI,EAAoB,IAAI,EAAE,OAAO,CAAC,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,IAAmC,EACnC,OAAkC;QAElC,OAAO,uBAAA,IAAI,+EAAoC,MAAxC,IAAI,EAAqC,IAAI,EAAE,OAAO,CAAC,CAAC;IACjE,CAAC;IAED,KAAK,CAAC,gBAAgB,CACpB,IAAmC,EACnC,MAAsC,EACtC,OAAkC;QAElC,OAAO,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,eAAwB;QAC1C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;QAC3E,MAAM,OAAO,GAAG,YAAY,WAAW,CAAC,SAAS,EAAW,CAAC;QAE7D,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,CAAC;QACtE,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,UAAU,CAAC;QACpB,CAAC;QAED,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAC5D,OAAO,EACP,eAAe,CAChB,CAAC;QACF,MAAM,yBAAyB,GAAG,IAAA,6BAAgB,EAAC,mBAAmB,CAAC,CAAC;QACxE,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,aAAa,CACvC,OAAO,EACP,yBAAyB,CAC1B,CAAC;QACF,OAAO,yBAAyB,CAAC;IACnC,CAAC;CAseF;AA1jBD,kCA0jBC;yEApeC,KAAK,yCACH,IAA6C,EAC7C,IAAY,EACZ,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GAAG,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EACnC,eAAe,EACf,OAAO,EAAE,iBAAiB,CAC3B,CAAC;QACF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,MAAM,oBAAU,CAAC,aAAa,CAClD,IAAI,EACJ,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B,CAAC;QACF,MAAM,aAAa,GAAG,IAAA,gCAAe,EAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAExD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;SAC9C,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,IAAI,yBAAgB,CACxB,2CAA2C,IAAI,MAAM,YAAY,EAAE,CACpE,CAAC;IACJ,CAAC;AACH,CAAC,wCAED,KAAK,8CACH,IAA2C,EAC3C,IAAwB,EACxB,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GAAG,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EACnC,eAAe,EACf,OAAO,EAAE,iBAAiB,CAC3B,CAAC;QACF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAE7D,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,GAAG,CACrC,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;YACnB,OAAO;gBACL,uBAAA,IAAI,2DAAgB,MAApB,IAAI,EAAiB,CAAC,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC;gBACtC,MAAM,oBAAU,CAAC,aAAa,CAC5B,CAAC,CAAC,CAAC,CAAC,EACJ,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B;aACF,CAAC;QACJ,CAAC,CAAC,CACH,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;SAClE,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,IAAI,yBAAgB,CACxB,iDAAiD,IAAI,MAAM,YAAY,EAAE,CAC1E,CAAC;IACJ,CAAC;AACH,CAAC,4EAED,KAAK,kFACH,IAA2C,EAC3C,aAAiC,EACjC,eAAwB,EACxB,iBAA2B;IAE3B,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GAAG,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EACnC,eAAe,EACf,iBAAiB,CAClB,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;SAClE,CAAC,CAAC;QAEH,uBAAuB;QACvB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,uBAAuB;QACvB,MAAM,IAAI,yBAAgB,CACxB,iDAAiD,IAAI,MAAM,YAAY,EAAE,CAC1E,CAAC;IACJ,CAAC;AACH,CAAC,gCAED,KAAK,sCACH,IAA6C,EAC7C,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,IAAA,gCAAe,EAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAExD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC1C,MAAM,aAAa,GAAG,WAAW,EAAE,IAAI,IAAI,IAAI,CAAC;QAEhD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,oBAAU,CAAC,aAAa,CAClD,aAAa,EACb,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B,CAAC;QAEF,8DAA8D;QAC9D,MAAM,IAAI,GAAG,oBAAU,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;QAC/C,IAAI,IAAI,CAAC,QAAQ,EAAE,KAAK,uBAAW,CAAC,QAAQ,EAAE,EAAE,CAAC;YAC/C,MAAM,uBAAA,IAAI,8DAAmB,MAAvB,IAAI,EAAoB,IAAI,EAAE,aAAa,EAAE,OAAO,CAAC,CAAC;QAC9D,CAAC;QAED,OAAO,aAAa,CAAC;IACvB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,yBAAgB,CACxB,wCAAwC,IAAI,MAAM,YAAY,EAAE,CACjE,CAAC;IACJ,CAAC;AACH,CAAC,iDAED,KAAK,uDACH,IAA2C,EAC3C,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GAAG,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EACnC,eAAe,EACf,OAAO,EAAE,iBAAiB,CAC3B,CAAC;QACF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAE7D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GACf,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAExB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,aAAa,GAAa,EAAE,CAAC;QACnC,MAAM,kBAAkB,GAAuB,EAAE,CAAC;QAElD,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE,CAAC;YAChC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;gBAChB,SAAS;YACX,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,oBAAU,CAAC,aAAa,CACzC,KAAK,CAAC,IAAI,EACV,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B,CAAC;gBACF,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEzB,wDAAwD;gBACxD,MAAM,IAAI,GAAG,oBAAU,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC5C,IAAI,IAAI,CAAC,QAAQ,EAAE,KAAK,uBAAW,CAAC,QAAQ,EAAE,EAAE,CAAC;oBAC/C,kBAAkB,CAAC,IAAI,CAAC;wBACtB,KAAK,CAAC,SAAS;wBACf,MAAM,oBAAU,CAAC,aAAa,CAC5B,IAAI,EACJ,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,aAAa;YACf,CAAC;QACH,CAAC;QAED,qCAAqC;QACrC,IAAI,kBAAkB,CAAC,MAAM,EAAE,CAAC;YAC9B,MAAM,uBAAA,IAAI,uGAA4D,MAAhE,IAAI,EACR,IAAI,EACJ,kBAAkB,EAClB,eAAe,EACf,OAAO,EAAE,iBAAiB,CAC3B,CAAC;QACJ,CAAC;QAED,OAAO,aAAa,CAAC;IACvB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,yBAAgB,CACxB,wCAAwC,IAAI,MAAM,YAAY,EAAE,CACjE,CAAC;IACJ,CAAC;AACH,CAAC,mCAED,KAAK,yCACH,IAA6C,EAC7C,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,IAAA,gCAAe,EAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAExD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAI,sBAAa,CACrB,uCAAuC,IAAI,IAAI,CAChD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,CAAC,YAAY,sBAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,CAAC;QACV,CAAC;QAED,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,yBAAgB,CACxB,2CAA2C,IAAI,MAAM,YAAY,EAAE,CACpE,CAAC;IACJ,CAAC;AACH,CAAC,oDAED,KAAK,0DACH,IAA2C,EAC3C,OAAkC;IAElC,IAAI,CAAC;QACH,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;QACjD,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GAAG,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EACnC,eAAe,EACf,OAAO,EAAE,iBAAiB,CAC3B,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAI,sBAAa,CAAC,+BAA+B,IAAI,IAAI,CAAC,CAAC;QACnE,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,CAAC,YAAY,sBAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,CAAC;QACV,CAAC;QAED,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,yBAAgB,CACxB,2CAA2C,IAAI,MAAM,YAAY,EAAE,CACpE,CAAC;IACJ,CAAC;AACH,CAAC,wCAED,KAAK,8CACH,IAA2C,EAC3C,YAAsB,EACtB,OAAkC;IAElC,IAAI,CAAC;QACH,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;YACzB,OAAO;QACT,CAAC;QAED,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;QACjD,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAE7D,MAAM,YAAY,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAC1C,uBAAA,IAAI,2DAAgB,MAApB,IAAI,EAAiB,CAAC,EAAE,UAAU,CAAC,CACpC,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAA,mBAAW,EAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;YAED,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,YAAY,EAAE,YAAY,EAAE,CAAC;SACrD,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,IAAI,yBAAgB,CACxB,iDAAiD,IAAI,MAAM,YAAY,EAAE,CAC1E,CAAC;IACJ,CAAC;AACH,CAAC,qEAEe,GAAW,EAAE,UAAkB;IAC7C,OAAO,IAAA,6BAAgB,EAAC,GAAG,GAAG,UAAU,CAAC,CAAC;AAC5C,CAAC,wCAED,KAAK,8CACH,eAAwB;IAExB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IAC3E,OAAO,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE,CAAC;AACpD,CAAC,uCAED,KAAK,6CACH,eAAwB,EACxB,iBAA2B;IAE3B,IAAI,iBAAiB,EAAE,CAAC;QACtB,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IACvE,IAAI,OAAO,CAAC,SAAS,KAAK,OAAO,CAAC,kBAAkB,EAAE,CAAC;QACrD,OAAO,EAAE,cAAc,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC;IAC/C,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC","sourcesContent":["import encryption, { createSHA256Hash } from '../shared/encryption';\nimport { SHARED_SALT } from '../shared/encryption/constants';\nimport type { Env } from '../shared/env';\nimport { getEnvUrls } from '../shared/env';\nimport type {\n  UserStorageGenericFeatureKey,\n  UserStorageGenericFeatureName,\n  UserStorageGenericPathWithFeatureAndKey,\n  UserStorageGenericPathWithFeatureOnly,\n} from '../shared/storage-schema';\nimport { createEntryPath } from '../shared/storage-schema';\nimport type { NativeScrypt } from '../shared/types/encryption';\nimport type { IBaseAuth } from './authentication-jwt-bearer/types';\nimport { NotFoundError, UserStorageError } from './errors';\n\nexport const STORAGE_URL = (env: Env, encryptedPath: string) =>\n  `${getEnvUrls(env).userStorageApiUrl}/api/v1/userstorage/${encryptedPath}`;\n\nexport type UserStorageConfig = {\n  env: Env;\n  auth: Pick<IBaseAuth, 'getAccessToken' | 'getUserProfile' | 'signMessage'>;\n};\n\nexport type StorageOptions = {\n  getStorageKey: (message: `metamask:${string}`) => Promise<string | null>;\n  setStorageKey: (message: `metamask:${string}`, val: string) => Promise<void>;\n};\n\nexport type UserStorageOptions = {\n  storage?: StorageOptions;\n};\n\nexport type GetUserStorageAllFeatureEntriesResponse = {\n  HashedKey: string;\n\n  Data: string;\n}[];\n\nexport type UserStorageMethodOptions = {\n  nativeScryptCrypto?: NativeScrypt;\n  entropySourceId?: string;\n  /**\n   * When true, skip the `x-profile-id` header on feature-scoped requests,\n   * letting the server default to the JWT `sub` (canonical profile ID).\n   * Useful during canonical storage migration (ADR 0005) to read/verify\n   * data stored under the canonical key.\n   */\n  useCanonicalScope?: boolean;\n};\n\ntype ErrorMessage = {\n  message: string;\n  error: string;\n};\n\nexport class UserStorage {\n  protected config: UserStorageConfig;\n\n  public options: UserStorageOptions;\n\n  protected env: Env;\n\n  constructor(config: UserStorageConfig, options: UserStorageOptions) {\n    this.env = config.env;\n    this.config = config;\n    this.options = options;\n  }\n\n  async setItem(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    value: string,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    await this.#upsertUserStorage(path, value, options);\n  }\n\n  async batchSetItems(\n    path: UserStorageGenericFeatureName,\n    values: [UserStorageGenericFeatureKey, string][],\n    options?: UserStorageMethodOptions,\n  ) {\n    await this.#batchUpsertUserStorage(path, values, options);\n  }\n\n  async getItem(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<string | null> {\n    return this.#getUserStorage(path, options);\n  }\n\n  async getAllFeatureItems(\n    path: UserStorageGenericFeatureName,\n    options?: UserStorageMethodOptions,\n  ): Promise<string[] | null> {\n    return this.#getUserStorageAllFeatureEntries(path, options);\n  }\n\n  async deleteItem(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    return this.#deleteUserStorage(path, options);\n  }\n\n  async deleteAllFeatureItems(\n    path: UserStorageGenericFeatureName,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    return this.#deleteUserStorageAllFeatureEntries(path, options);\n  }\n\n  async batchDeleteItems(\n    path: UserStorageGenericFeatureName,\n    values: UserStorageGenericFeatureKey[],\n    options?: UserStorageMethodOptions,\n  ) {\n    return this.#batchDeleteUserStorage(path, values, options);\n  }\n\n  async getStorageKey(entropySourceId?: string): Promise<string> {\n    const userProfile = await this.config.auth.getUserProfile(entropySourceId);\n    const message = `metamask:${userProfile.profileId}` as const;\n\n    const storageKey = await this.options.storage?.getStorageKey(message);\n    if (storageKey) {\n      return storageKey;\n    }\n\n    const storageKeySignature = await this.config.auth.signMessage(\n      message,\n      entropySourceId,\n    );\n    const hashedStorageKeySignature = createSHA256Hash(storageKeySignature);\n    await this.options.storage?.setStorageKey(\n      message,\n      hashedStorageKeySignature,\n    );\n    return hashedStorageKeySignature;\n  }\n\n  async #upsertUserStorage(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    data: string,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader = await this.#getProfileScopeHeader(\n        entropySourceId,\n        options?.useCanonicalScope,\n      );\n      const storageKey = await this.getStorageKey(entropySourceId);\n      const encryptedData = await encryption.encryptString(\n        data,\n        storageKey,\n        options?.nativeScryptCrypto,\n      );\n      const encryptedPath = createEntryPath(path, storageKey);\n\n      const url = new URL(STORAGE_URL(this.env, encryptedPath));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n        body: JSON.stringify({ data: encryptedData }),\n      });\n\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      throw new UserStorageError(\n        `failed to upsert user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #batchUpsertUserStorage(\n    path: UserStorageGenericPathWithFeatureOnly,\n    data: [string, string][],\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      if (!data.length) {\n        return;\n      }\n\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader = await this.#getProfileScopeHeader(\n        entropySourceId,\n        options?.useCanonicalScope,\n      );\n      const storageKey = await this.getStorageKey(entropySourceId);\n\n      const encryptedData = await Promise.all(\n        data.map(async (d) => {\n          return [\n            this.#createEntryKey(d[0], storageKey),\n            await encryption.encryptString(\n              d[1],\n              storageKey,\n              options?.nativeScryptCrypto,\n            ),\n          ];\n        }),\n      );\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n        body: JSON.stringify({ data: Object.fromEntries(encryptedData) }),\n      });\n\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      throw new UserStorageError(\n        `failed to batch upsert user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries(\n    path: UserStorageGenericPathWithFeatureOnly,\n    encryptedData: [string, string][],\n    entropySourceId?: string,\n    useCanonicalScope?: boolean,\n  ): Promise<void> {\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader = await this.#getProfileScopeHeader(\n        entropySourceId,\n        useCanonicalScope,\n      );\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n        body: JSON.stringify({ data: Object.fromEntries(encryptedData) }),\n      });\n\n      // istanbul ignore next\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      // istanbul ignore next\n      throw new UserStorageError(\n        `failed to batch upsert user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #getUserStorage(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<string | null> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n      const encryptedPath = createEntryPath(path, storageKey);\n\n      const url = new URL(STORAGE_URL(this.env, encryptedPath));\n\n      const response = await fetch(url.toString(), {\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n      });\n\n      if (response.status === 404) {\n        return null;\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n\n      const userStorage = await response.json();\n      const encryptedData = userStorage?.Data ?? null;\n\n      if (!encryptedData) {\n        return null;\n      }\n\n      const decryptedData = await encryption.decryptString(\n        encryptedData,\n        storageKey,\n        options?.nativeScryptCrypto,\n      );\n\n      // Re-encrypt the entry if it was encrypted with a random salt\n      const salt = encryption.getSalt(encryptedData);\n      if (salt.toString() !== SHARED_SALT.toString()) {\n        await this.#upsertUserStorage(path, decryptedData, options);\n      }\n\n      return decryptedData;\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to get user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #getUserStorageAllFeatureEntries(\n    path: UserStorageGenericPathWithFeatureOnly,\n    options?: UserStorageMethodOptions,\n  ): Promise<string[] | null> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader = await this.#getProfileScopeHeader(\n        entropySourceId,\n        options?.useCanonicalScope,\n      );\n      const storageKey = await this.getStorageKey(entropySourceId);\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n      });\n\n      if (response.status === 404) {\n        return null;\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n\n      const userStorage: GetUserStorageAllFeatureEntriesResponse | null =\n        await response.json();\n\n      if (!Array.isArray(userStorage)) {\n        return null;\n      }\n\n      const decryptedData: string[] = [];\n      const reEncryptedEntries: [string, string][] = [];\n\n      for (const entry of userStorage) {\n        if (!entry.Data) {\n          continue;\n        }\n\n        try {\n          const data = await encryption.decryptString(\n            entry.Data,\n            storageKey,\n            options?.nativeScryptCrypto,\n          );\n          decryptedData.push(data);\n\n          // Re-encrypt the entry was encrypted with a random salt\n          const salt = encryption.getSalt(entry.Data);\n          if (salt.toString() !== SHARED_SALT.toString()) {\n            reEncryptedEntries.push([\n              entry.HashedKey,\n              await encryption.encryptString(\n                data,\n                storageKey,\n                options?.nativeScryptCrypto,\n              ),\n            ]);\n          }\n        } catch {\n          // do nothing\n        }\n      }\n\n      // Re-upload the re-encrypted entries\n      if (reEncryptedEntries.length) {\n        await this.#batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries(\n          path,\n          reEncryptedEntries,\n          entropySourceId,\n          options?.useCanonicalScope,\n        );\n      }\n\n      return decryptedData;\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to get user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #deleteUserStorage(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n      const encryptedPath = createEntryPath(path, storageKey);\n\n      const url = new URL(STORAGE_URL(this.env, encryptedPath));\n\n      const response = await fetch(url.toString(), {\n        method: 'DELETE',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n      });\n\n      if (response.status === 404) {\n        throw new NotFoundError(\n          `feature/key set not found for path '${path}'.`,\n        );\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      if (e instanceof NotFoundError) {\n        throw e;\n      }\n\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to delete user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #deleteUserStorageAllFeatureEntries(\n    path: UserStorageGenericPathWithFeatureOnly,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    try {\n      const entropySourceId = options?.entropySourceId;\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader = await this.#getProfileScopeHeader(\n        entropySourceId,\n        options?.useCanonicalScope,\n      );\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'DELETE',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n      });\n\n      if (response.status === 404) {\n        throw new NotFoundError(`feature not found for path '${path}'.`);\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      if (e instanceof NotFoundError) {\n        throw e;\n      }\n\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to delete user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #batchDeleteUserStorage(\n    path: UserStorageGenericPathWithFeatureOnly,\n    keysToDelete: string[],\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    try {\n      if (!keysToDelete.length) {\n        return;\n      }\n\n      const entropySourceId = options?.entropySourceId;\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n\n      const rawEntryKeys = keysToDelete.map((d) =>\n        this.#createEntryKey(d, storageKey),\n      );\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n\n        body: JSON.stringify({ batch_delete: rawEntryKeys }),\n      });\n\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      throw new UserStorageError(\n        `failed to batch delete user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  #createEntryKey(key: string, storageKey: string): string {\n    return createSHA256Hash(key + storageKey);\n  }\n\n  async #getAuthorizationHeader(\n    entropySourceId?: string,\n  ): Promise<{ Authorization: string }> {\n    const accessToken = await this.config.auth.getAccessToken(entropySourceId);\n    return { Authorization: `Bearer ${accessToken}` };\n  }\n\n  async #getProfileScopeHeader(\n    entropySourceId?: string,\n    useCanonicalScope?: boolean,\n  ): Promise<Record<string, string>> {\n    if (useCanonicalScope) {\n      return {};\n    }\n    const profile = await this.config.auth.getUserProfile(entropySourceId);\n    if (profile.profileId !== profile.canonicalProfileId) {\n      return { 'x-profile-id': profile.profileId };\n    }\n    return {};\n  }\n}\n"]}

package/dist/sdk/user-storage.d.cts

@@ -21,6 +21,13 @@ export type GetUserStorageAllFeatureEntriesResponse = {
 export type UserStorageMethodOptions = {
     nativeScryptCrypto?: NativeScrypt;
     entropySourceId?: string;
+    /**
+     * When true, skip the `x-profile-id` header on feature-scoped requests,
+     * letting the server default to the JWT `sub` (canonical profile ID).
+     * Useful during canonical storage migration (ADR 0005) to read/verify
+     * data stored under the canonical key.
+     */
+    useCanonicalScope?: boolean;
 };
 export declare class UserStorage {
     #private;

package/dist/sdk/user-storage.d.cts.map

@@ -1 +1 @@
-{"version":3,"file":"user-storage.d.cts","sourceRoot":"","sources":["../../src/sdk/user-storage.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,GAAG,EAAE,0BAAsB;AAEzC,OAAO,KAAK,EACV,4BAA4B,EAC5B,6BAA6B,EAC7B,uCAAuC,EAExC,qCAAiC;AAElC,OAAO,KAAK,EAAE,YAAY,EAAE,uCAAmC;AAC/D,OAAO,KAAK,EAAE,SAAS,EAAE,8CAA0C;AAGnE,eAAO,MAAM,WAAW,QAAS,GAAG,iBAAiB,MAAM,WACiB,CAAC;AAE7E,MAAM,MAAM,iBAAiB,GAAG;IAC9B,GAAG,EAAE,GAAG,CAAC;IACT,IAAI,EAAE,IAAI,CAAC,SAAS,EAAE,gBAAgB,GAAG,gBAAgB,GAAG,aAAa,CAAC,CAAC;CAC5E,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,aAAa,EAAE,CAAC,OAAO,EAAE,YAAY,MAAM,EAAE,KAAK,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzE,aAAa,EAAE,CAAC,OAAO,EAAE,YAAY,MAAM,EAAE,EAAE,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9E,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,CAAC,EAAE,cAAc,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,uCAAuC,GAAG;IACpD,SAAS,EAAE,MAAM,CAAC;IAElB,IAAI,EAAE,MAAM,CAAC;CACd,EAAE,CAAC;AAEJ,MAAM,MAAM,wBAAwB,GAAG;IACrC,kBAAkB,CAAC,EAAE,YAAY,CAAC;IAClC,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B,CAAC;AAOF,qBAAa,WAAW;;IACtB,SAAS,CAAC,MAAM,EAAE,iBAAiB,CAAC;IAE7B,OAAO,EAAE,kBAAkB,CAAC;IAEnC,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC;gBAEP,MAAM,EAAE,iBAAiB,EAAE,OAAO,EAAE,kBAAkB;IAM5D,OAAO,CACX,IAAI,EAAE,uCAAuC,EAC7C,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,IAAI,CAAC;IAIV,aAAa,CACjB,IAAI,EAAE,6BAA6B,EACnC,MAAM,EAAE,CAAC,4BAA4B,EAAE,MAAM,CAAC,EAAE,EAChD,OAAO,CAAC,EAAE,wBAAwB;IAK9B,OAAO,CACX,IAAI,EAAE,uCAAuC,EAC7C,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAInB,kBAAkB,CACtB,IAAI,EAAE,6BAA6B,EACnC,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC;IAIrB,UAAU,CACd,IAAI,EAAE,uCAAuC,EAC7C,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,IAAI,CAAC;IAIV,qBAAqB,CACzB,IAAI,EAAE,6BAA6B,EACnC,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,IAAI,CAAC;IAIV,gBAAgB,CACpB,IAAI,EAAE,6BAA6B,EACnC,MAAM,EAAE,4BAA4B,EAAE,EACtC,OAAO,CAAC,EAAE,wBAAwB;IAK9B,aAAa,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAge/D"}
+{"version":3,"file":"user-storage.d.cts","sourceRoot":"","sources":["../../src/sdk/user-storage.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,GAAG,EAAE,0BAAsB;AAEzC,OAAO,KAAK,EACV,4BAA4B,EAC5B,6BAA6B,EAC7B,uCAAuC,EAExC,qCAAiC;AAElC,OAAO,KAAK,EAAE,YAAY,EAAE,uCAAmC;AAC/D,OAAO,KAAK,EAAE,SAAS,EAAE,8CAA0C;AAGnE,eAAO,MAAM,WAAW,QAAS,GAAG,iBAAiB,MAAM,WACiB,CAAC;AAE7E,MAAM,MAAM,iBAAiB,GAAG;IAC9B,GAAG,EAAE,GAAG,CAAC;IACT,IAAI,EAAE,IAAI,CAAC,SAAS,EAAE,gBAAgB,GAAG,gBAAgB,GAAG,aAAa,CAAC,CAAC;CAC5E,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,aAAa,EAAE,CAAC,OAAO,EAAE,YAAY,MAAM,EAAE,KAAK,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzE,aAAa,EAAE,CAAC,OAAO,EAAE,YAAY,MAAM,EAAE,EAAE,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9E,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,CAAC,EAAE,cAAc,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,uCAAuC,GAAG;IACpD,SAAS,EAAE,MAAM,CAAC;IAElB,IAAI,EAAE,MAAM,CAAC;CACd,EAAE,CAAC;AAEJ,MAAM,MAAM,wBAAwB,GAAG;IACrC,kBAAkB,CAAC,EAAE,YAAY,CAAC;IAClC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,OAAO,CAAC;CAC7B,CAAC;AAOF,qBAAa,WAAW;;IACtB,SAAS,CAAC,MAAM,EAAE,iBAAiB,CAAC;IAE7B,OAAO,EAAE,kBAAkB,CAAC;IAEnC,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC;gBAEP,MAAM,EAAE,iBAAiB,EAAE,OAAO,EAAE,kBAAkB;IAM5D,OAAO,CACX,IAAI,EAAE,uCAAuC,EAC7C,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,IAAI,CAAC;IAIV,aAAa,CACjB,IAAI,EAAE,6BAA6B,EACnC,MAAM,EAAE,CAAC,4BAA4B,EAAE,MAAM,CAAC,EAAE,EAChD,OAAO,CAAC,EAAE,wBAAwB;IAK9B,OAAO,CACX,IAAI,EAAE,uCAAuC,EAC7C,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAInB,kBAAkB,CACtB,IAAI,EAAE,6BAA6B,EACnC,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC;IAIrB,UAAU,CACd,IAAI,EAAE,uCAAuC,EAC7C,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,IAAI,CAAC;IAIV,qBAAqB,CACzB,IAAI,EAAE,6BAA6B,EACnC,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,IAAI,CAAC;IAIV,gBAAgB,CACpB,IAAI,EAAE,6BAA6B,EACnC,MAAM,EAAE,4BAA4B,EAAE,EACtC,OAAO,CAAC,EAAE,wBAAwB;IAK9B,aAAa,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAyf/D"}

package/dist/sdk/user-storage.d.mts

@@ -21,6 +21,13 @@ export type GetUserStorageAllFeatureEntriesResponse = {
 export type UserStorageMethodOptions = {
     nativeScryptCrypto?: NativeScrypt;
     entropySourceId?: string;
+    /**
+     * When true, skip the `x-profile-id` header on feature-scoped requests,
+     * letting the server default to the JWT `sub` (canonical profile ID).
+     * Useful during canonical storage migration (ADR 0005) to read/verify
+     * data stored under the canonical key.
+     */
+    useCanonicalScope?: boolean;
 };
 export declare class UserStorage {
     #private;

package/dist/sdk/user-storage.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"user-storage.d.mts","sourceRoot":"","sources":["../../src/sdk/user-storage.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,GAAG,EAAE,0BAAsB;AAEzC,OAAO,KAAK,EACV,4BAA4B,EAC5B,6BAA6B,EAC7B,uCAAuC,EAExC,qCAAiC;AAElC,OAAO,KAAK,EAAE,YAAY,EAAE,uCAAmC;AAC/D,OAAO,KAAK,EAAE,SAAS,EAAE,8CAA0C;AAGnE,eAAO,MAAM,WAAW,QAAS,GAAG,iBAAiB,MAAM,WACiB,CAAC;AAE7E,MAAM,MAAM,iBAAiB,GAAG;IAC9B,GAAG,EAAE,GAAG,CAAC;IACT,IAAI,EAAE,IAAI,CAAC,SAAS,EAAE,gBAAgB,GAAG,gBAAgB,GAAG,aAAa,CAAC,CAAC;CAC5E,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,aAAa,EAAE,CAAC,OAAO,EAAE,YAAY,MAAM,EAAE,KAAK,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzE,aAAa,EAAE,CAAC,OAAO,EAAE,YAAY,MAAM,EAAE,EAAE,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9E,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,CAAC,EAAE,cAAc,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,uCAAuC,GAAG;IACpD,SAAS,EAAE,MAAM,CAAC;IAElB,IAAI,EAAE,MAAM,CAAC;CACd,EAAE,CAAC;AAEJ,MAAM,MAAM,wBAAwB,GAAG;IACrC,kBAAkB,CAAC,EAAE,YAAY,CAAC;IAClC,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B,CAAC;AAOF,qBAAa,WAAW;;IACtB,SAAS,CAAC,MAAM,EAAE,iBAAiB,CAAC;IAE7B,OAAO,EAAE,kBAAkB,CAAC;IAEnC,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC;gBAEP,MAAM,EAAE,iBAAiB,EAAE,OAAO,EAAE,kBAAkB;IAM5D,OAAO,CACX,IAAI,EAAE,uCAAuC,EAC7C,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,IAAI,CAAC;IAIV,aAAa,CACjB,IAAI,EAAE,6BAA6B,EACnC,MAAM,EAAE,CAAC,4BAA4B,EAAE,MAAM,CAAC,EAAE,EAChD,OAAO,CAAC,EAAE,wBAAwB;IAK9B,OAAO,CACX,IAAI,EAAE,uCAAuC,EAC7C,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAInB,kBAAkB,CACtB,IAAI,EAAE,6BAA6B,EACnC,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC;IAIrB,UAAU,CACd,IAAI,EAAE,uCAAuC,EAC7C,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,IAAI,CAAC;IAIV,qBAAqB,CACzB,IAAI,EAAE,6BAA6B,EACnC,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,IAAI,CAAC;IAIV,gBAAgB,CACpB,IAAI,EAAE,6BAA6B,EACnC,MAAM,EAAE,4BAA4B,EAAE,EACtC,OAAO,CAAC,EAAE,wBAAwB;IAK9B,aAAa,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAge/D"}
+{"version":3,"file":"user-storage.d.mts","sourceRoot":"","sources":["../../src/sdk/user-storage.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,GAAG,EAAE,0BAAsB;AAEzC,OAAO,KAAK,EACV,4BAA4B,EAC5B,6BAA6B,EAC7B,uCAAuC,EAExC,qCAAiC;AAElC,OAAO,KAAK,EAAE,YAAY,EAAE,uCAAmC;AAC/D,OAAO,KAAK,EAAE,SAAS,EAAE,8CAA0C;AAGnE,eAAO,MAAM,WAAW,QAAS,GAAG,iBAAiB,MAAM,WACiB,CAAC;AAE7E,MAAM,MAAM,iBAAiB,GAAG;IAC9B,GAAG,EAAE,GAAG,CAAC;IACT,IAAI,EAAE,IAAI,CAAC,SAAS,EAAE,gBAAgB,GAAG,gBAAgB,GAAG,aAAa,CAAC,CAAC;CAC5E,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,aAAa,EAAE,CAAC,OAAO,EAAE,YAAY,MAAM,EAAE,KAAK,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzE,aAAa,EAAE,CAAC,OAAO,EAAE,YAAY,MAAM,EAAE,EAAE,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9E,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,CAAC,EAAE,cAAc,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,uCAAuC,GAAG;IACpD,SAAS,EAAE,MAAM,CAAC;IAElB,IAAI,EAAE,MAAM,CAAC;CACd,EAAE,CAAC;AAEJ,MAAM,MAAM,wBAAwB,GAAG;IACrC,kBAAkB,CAAC,EAAE,YAAY,CAAC;IAClC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,OAAO,CAAC;CAC7B,CAAC;AAOF,qBAAa,WAAW;;IACtB,SAAS,CAAC,MAAM,EAAE,iBAAiB,CAAC;IAE7B,OAAO,EAAE,kBAAkB,CAAC;IAEnC,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC;gBAEP,MAAM,EAAE,iBAAiB,EAAE,OAAO,EAAE,kBAAkB;IAM5D,OAAO,CACX,IAAI,EAAE,uCAAuC,EAC7C,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,IAAI,CAAC;IAIV,aAAa,CACjB,IAAI,EAAE,6BAA6B,EACnC,MAAM,EAAE,CAAC,4BAA4B,EAAE,MAAM,CAAC,EAAE,EAChD,OAAO,CAAC,EAAE,wBAAwB;IAK9B,OAAO,CACX,IAAI,EAAE,uCAAuC,EAC7C,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAInB,kBAAkB,CACtB,IAAI,EAAE,6BAA6B,EACnC,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC;IAIrB,UAAU,CACd,IAAI,EAAE,uCAAuC,EAC7C,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,IAAI,CAAC;IAIV,qBAAqB,CACzB,IAAI,EAAE,6BAA6B,EACnC,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,IAAI,CAAC;IAIV,gBAAgB,CACpB,IAAI,EAAE,6BAA6B,EACnC,MAAM,EAAE,4BAA4B,EAAE,EACtC,OAAO,CAAC,EAAE,wBAAwB;IAK9B,aAAa,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAyf/D"}

package/dist/sdk/user-storage.mjs

@@ -55,6 +55,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
     const entropySourceId = options?.entropySourceId;
     try {
         const headers = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getAuthorizationHeader).call(this, entropySourceId);
+        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId, options?.useCanonicalScope);
         const storageKey = await this.getStorageKey(entropySourceId);
         const encryptedData = await encryption.encryptString(data, storageKey, options?.nativeScryptCrypto);
         const encryptedPath = createEntryPath(path, storageKey);
@@ -64,6 +65,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
             headers: {
                 'Content-Type': 'application/json',
                 ...headers,
+                ...profileScopeHeader,
             },
             body: JSON.stringify({ data: encryptedData }),
         });
@@ -87,6 +89,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
             return;
         }
         const headers = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getAuthorizationHeader).call(this, entropySourceId);
+        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId, options?.useCanonicalScope);
         const storageKey = await this.getStorageKey(entropySourceId);
         const encryptedData = await Promise.all(data.map(async (d) => {
             return [
@@ -100,6 +103,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
             headers: {
                 'Content-Type': 'application/json',
                 ...headers,
+                ...profileScopeHeader,
             },
             body: JSON.stringify({ data: Object.fromEntries(encryptedData) }),
         });
@@ -116,15 +120,17 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
         const errorMessage = e instanceof Error ? e.message : JSON.stringify(e ?? '');
         throw new UserStorageError(`failed to batch upsert user storage for path '${path}'. ${errorMessage}`);
     }
-}, _UserStorage_batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries = async function _UserStorage_batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries(path, encryptedData, entropySourceId) {
+}, _UserStorage_batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries = async function _UserStorage_batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries(path, encryptedData, entropySourceId, useCanonicalScope) {
     try {
         const headers = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getAuthorizationHeader).call(this, entropySourceId);
+        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId, useCanonicalScope);
         const url = new URL(STORAGE_URL(this.env, path));
         const response = await fetch(url.toString(), {
             method: 'PUT',
             headers: {
                 'Content-Type': 'application/json',
                 ...headers,
+                ...profileScopeHeader,
             },
             body: JSON.stringify({ data: Object.fromEntries(encryptedData) }),
         });
@@ -185,7 +191,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
     const entropySourceId = options?.entropySourceId;
     try {
         const headers = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getAuthorizationHeader).call(this, entropySourceId);
-        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId);
+        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId, options?.useCanonicalScope);
         const storageKey = await this.getStorageKey(entropySourceId);
         const url = new URL(STORAGE_URL(this.env, path));
         const response = await fetch(url.toString(), {
@@ -230,7 +236,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
         }
         // Re-upload the re-encrypted entries
         if (reEncryptedEntries.length) {
-            await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries).call(this, path, reEncryptedEntries, entropySourceId);
+            await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries).call(this, path, reEncryptedEntries, entropySourceId, options?.useCanonicalScope);
         }
         return decryptedData;
     }
@@ -273,7 +279,7 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
     try {
         const entropySourceId = options?.entropySourceId;
         const headers = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getAuthorizationHeader).call(this, entropySourceId);
-        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId);
+        const profileScopeHeader = await __classPrivateFieldGet(this, _UserStorage_instances, "m", _UserStorage_getProfileScopeHeader).call(this, entropySourceId, options?.useCanonicalScope);
         const url = new URL(STORAGE_URL(this.env, path));
         const response = await fetch(url.toString(), {
             method: 'DELETE',
@@ -335,7 +341,10 @@ _UserStorage_instances = new WeakSet(), _UserStorage_upsertUserStorage = async f
 }, _UserStorage_getAuthorizationHeader = async function _UserStorage_getAuthorizationHeader(entropySourceId) {
     const accessToken = await this.config.auth.getAccessToken(entropySourceId);
     return { Authorization: `Bearer ${accessToken}` };
-}, _UserStorage_getProfileScopeHeader = async function _UserStorage_getProfileScopeHeader(entropySourceId) {
+}, _UserStorage_getProfileScopeHeader = async function _UserStorage_getProfileScopeHeader(entropySourceId, useCanonicalScope) {
+    if (useCanonicalScope) {
+        return {};
+    }
     const profile = await this.config.auth.getUserProfile(entropySourceId);
     if (profile.profileId !== profile.canonicalProfileId) {
         return { 'x-profile-id': profile.profileId };

package/dist/sdk/user-storage.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"user-storage.mjs","sourceRoot":"","sources":["../../src/sdk/user-storage.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,UAAU,EAAE,EAAE,gBAAgB,EAAE,uCAA6B;AACpE,OAAO,EAAE,WAAW,EAAE,2CAAuC;AAE7D,OAAO,EAAE,UAAU,EAAE,0BAAsB;AAO3C,OAAO,EAAE,eAAe,EAAE,qCAAiC;AAG3D,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,qBAAiB;AAE3D,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,GAAQ,EAAE,aAAqB,EAAE,EAAE,CAC7D,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,iBAAiB,uBAAuB,aAAa,EAAE,CAAC;AAgC7E,MAAM,OAAO,WAAW;IAOtB,YAAY,MAAyB,EAAE,OAA2B;;QAChE,IAAI,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC;QACtB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,OAAO,CACX,IAA6C,EAC7C,KAAa,EACb,OAAkC;QAElC,MAAM,uBAAA,IAAI,8DAAmB,MAAvB,IAAI,EAAoB,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;IACtD,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,IAAmC,EACnC,MAAgD,EAChD,OAAkC;QAElC,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5D,CAAC;IAED,KAAK,CAAC,OAAO,CACX,IAA6C,EAC7C,OAAkC;QAElC,OAAO,uBAAA,IAAI,2DAAgB,MAApB,IAAI,EAAiB,IAAI,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAED,KAAK,CAAC,kBAAkB,CACtB,IAAmC,EACnC,OAAkC;QAElC,OAAO,uBAAA,IAAI,4EAAiC,MAArC,IAAI,EAAkC,IAAI,EAAE,OAAO,CAAC,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,UAAU,CACd,IAA6C,EAC7C,OAAkC;QAElC,OAAO,uBAAA,IAAI,8DAAmB,MAAvB,IAAI,EAAoB,IAAI,EAAE,OAAO,CAAC,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,IAAmC,EACnC,OAAkC;QAElC,OAAO,uBAAA,IAAI,+EAAoC,MAAxC,IAAI,EAAqC,IAAI,EAAE,OAAO,CAAC,CAAC;IACjE,CAAC;IAED,KAAK,CAAC,gBAAgB,CACpB,IAAmC,EACnC,MAAsC,EACtC,OAAkC;QAElC,OAAO,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,eAAwB;QAC1C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;QAC3E,MAAM,OAAO,GAAG,YAAY,WAAW,CAAC,SAAS,EAAW,CAAC;QAE7D,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,CAAC;QACtE,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,UAAU,CAAC;QACpB,CAAC;QAED,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAC5D,OAAO,EACP,eAAe,CAChB,CAAC;QACF,MAAM,yBAAyB,GAAG,gBAAgB,CAAC,mBAAmB,CAAC,CAAC;QACxE,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,aAAa,CACvC,OAAO,EACP,yBAAyB,CAC1B,CAAC;QACF,OAAO,yBAAyB,CAAC;IACnC,CAAC;CA6cF;yEA3cC,KAAK,yCACH,IAA6C,EAC7C,IAAY,EACZ,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,aAAa,CAClD,IAAI,EACJ,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B,CAAC;QACF,MAAM,aAAa,GAAG,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAExD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;SAC9C,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,IAAI,gBAAgB,CACxB,2CAA2C,IAAI,MAAM,YAAY,EAAE,CACpE,CAAC;IACJ,CAAC;AACH,CAAC,wCAED,KAAK,8CACH,IAA2C,EAC3C,IAAwB,EACxB,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAE7D,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,GAAG,CACrC,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;YACnB,OAAO;gBACL,uBAAA,IAAI,2DAAgB,MAApB,IAAI,EAAiB,CAAC,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC;gBACtC,MAAM,UAAU,CAAC,aAAa,CAC5B,CAAC,CAAC,CAAC,CAAC,EACJ,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B;aACF,CAAC;QACJ,CAAC,CAAC,CACH,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;SAClE,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,IAAI,gBAAgB,CACxB,iDAAiD,IAAI,MAAM,YAAY,EAAE,CAC1E,CAAC;IACJ,CAAC;AACH,CAAC,4EAED,KAAK,kFACH,IAA2C,EAC3C,aAAiC,EACjC,eAAwB;IAExB,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QAEpE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;SAClE,CAAC,CAAC;QAEH,uBAAuB;QACvB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,uBAAuB;QACvB,MAAM,IAAI,gBAAgB,CACxB,iDAAiD,IAAI,MAAM,YAAY,EAAE,CAC1E,CAAC;IACJ,CAAC;AACH,CAAC,gCAED,KAAK,sCACH,IAA6C,EAC7C,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAExD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC1C,MAAM,aAAa,GAAG,WAAW,EAAE,IAAI,IAAI,IAAI,CAAC;QAEhD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,aAAa,CAClD,aAAa,EACb,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B,CAAC;QAEF,8DAA8D;QAC9D,MAAM,IAAI,GAAG,UAAU,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;QAC/C,IAAI,IAAI,CAAC,QAAQ,EAAE,KAAK,WAAW,CAAC,QAAQ,EAAE,EAAE,CAAC;YAC/C,MAAM,uBAAA,IAAI,8DAAmB,MAAvB,IAAI,EAAoB,IAAI,EAAE,aAAa,EAAE,OAAO,CAAC,CAAC;QAC9D,CAAC;QAED,OAAO,aAAa,CAAC;IACvB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,gBAAgB,CACxB,wCAAwC,IAAI,MAAM,YAAY,EAAE,CACjE,CAAC;IACJ,CAAC;AACH,CAAC,iDAED,KAAK,uDACH,IAA2C,EAC3C,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GACtB,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EAAwB,eAAe,CAAC,CAAC;QACrD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAE7D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GACf,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAExB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,aAAa,GAAa,EAAE,CAAC;QACnC,MAAM,kBAAkB,GAAuB,EAAE,CAAC;QAElD,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE,CAAC;YAChC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;gBAChB,SAAS;YACX,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,aAAa,CACzC,KAAK,CAAC,IAAI,EACV,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B,CAAC;gBACF,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEzB,wDAAwD;gBACxD,MAAM,IAAI,GAAG,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC5C,IAAI,IAAI,CAAC,QAAQ,EAAE,KAAK,WAAW,CAAC,QAAQ,EAAE,EAAE,CAAC;oBAC/C,kBAAkB,CAAC,IAAI,CAAC;wBACtB,KAAK,CAAC,SAAS;wBACf,MAAM,UAAU,CAAC,aAAa,CAC5B,IAAI,EACJ,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,aAAa;YACf,CAAC;QACH,CAAC;QAED,qCAAqC;QACrC,IAAI,kBAAkB,CAAC,MAAM,EAAE,CAAC;YAC9B,MAAM,uBAAA,IAAI,uGAA4D,MAAhE,IAAI,EACR,IAAI,EACJ,kBAAkB,EAClB,eAAe,CAChB,CAAC;QACJ,CAAC;QAED,OAAO,aAAa,CAAC;IACvB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,gBAAgB,CACxB,wCAAwC,IAAI,MAAM,YAAY,EAAE,CACjE,CAAC;IACJ,CAAC;AACH,CAAC,mCAED,KAAK,yCACH,IAA6C,EAC7C,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAExD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAI,aAAa,CACrB,uCAAuC,IAAI,IAAI,CAChD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,CAAC,YAAY,aAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,CAAC;QACV,CAAC;QAED,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,gBAAgB,CACxB,2CAA2C,IAAI,MAAM,YAAY,EAAE,CACpE,CAAC;IACJ,CAAC;AACH,CAAC,oDAED,KAAK,0DACH,IAA2C,EAC3C,OAAkC;IAElC,IAAI,CAAC;QACH,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;QACjD,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GACtB,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EAAwB,eAAe,CAAC,CAAC;QAErD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAI,aAAa,CAAC,+BAA+B,IAAI,IAAI,CAAC,CAAC;QACnE,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,CAAC,YAAY,aAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,CAAC;QACV,CAAC;QAED,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,gBAAgB,CACxB,2CAA2C,IAAI,MAAM,YAAY,EAAE,CACpE,CAAC;IACJ,CAAC;AACH,CAAC,wCAED,KAAK,8CACH,IAA2C,EAC3C,YAAsB,EACtB,OAAkC;IAElC,IAAI,CAAC;QACH,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;YACzB,OAAO;QACT,CAAC;QAED,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;QACjD,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAE7D,MAAM,YAAY,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAC1C,uBAAA,IAAI,2DAAgB,MAApB,IAAI,EAAiB,CAAC,EAAE,UAAU,CAAC,CACpC,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;YAED,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,YAAY,EAAE,YAAY,EAAE,CAAC;SACrD,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,IAAI,gBAAgB,CACxB,iDAAiD,IAAI,MAAM,YAAY,EAAE,CAC1E,CAAC;IACJ,CAAC;AACH,CAAC,qEAEe,GAAW,EAAE,UAAkB;IAC7C,OAAO,gBAAgB,CAAC,GAAG,GAAG,UAAU,CAAC,CAAC;AAC5C,CAAC,wCAED,KAAK,8CACH,eAAwB;IAExB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IAC3E,OAAO,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE,CAAC;AACpD,CAAC,uCAED,KAAK,6CACH,eAAwB;IAExB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IACvE,IAAI,OAAO,CAAC,SAAS,KAAK,OAAO,CAAC,kBAAkB,EAAE,CAAC;QACrD,OAAO,EAAE,cAAc,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC;IAC/C,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC","sourcesContent":["import encryption, { createSHA256Hash } from '../shared/encryption';\nimport { SHARED_SALT } from '../shared/encryption/constants';\nimport type { Env } from '../shared/env';\nimport { getEnvUrls } from '../shared/env';\nimport type {\n  UserStorageGenericFeatureKey,\n  UserStorageGenericFeatureName,\n  UserStorageGenericPathWithFeatureAndKey,\n  UserStorageGenericPathWithFeatureOnly,\n} from '../shared/storage-schema';\nimport { createEntryPath } from '../shared/storage-schema';\nimport type { NativeScrypt } from '../shared/types/encryption';\nimport type { IBaseAuth } from './authentication-jwt-bearer/types';\nimport { NotFoundError, UserStorageError } from './errors';\n\nexport const STORAGE_URL = (env: Env, encryptedPath: string) =>\n  `${getEnvUrls(env).userStorageApiUrl}/api/v1/userstorage/${encryptedPath}`;\n\nexport type UserStorageConfig = {\n  env: Env;\n  auth: Pick<IBaseAuth, 'getAccessToken' | 'getUserProfile' | 'signMessage'>;\n};\n\nexport type StorageOptions = {\n  getStorageKey: (message: `metamask:${string}`) => Promise<string | null>;\n  setStorageKey: (message: `metamask:${string}`, val: string) => Promise<void>;\n};\n\nexport type UserStorageOptions = {\n  storage?: StorageOptions;\n};\n\nexport type GetUserStorageAllFeatureEntriesResponse = {\n  HashedKey: string;\n\n  Data: string;\n}[];\n\nexport type UserStorageMethodOptions = {\n  nativeScryptCrypto?: NativeScrypt;\n  entropySourceId?: string;\n};\n\ntype ErrorMessage = {\n  message: string;\n  error: string;\n};\n\nexport class UserStorage {\n  protected config: UserStorageConfig;\n\n  public options: UserStorageOptions;\n\n  protected env: Env;\n\n  constructor(config: UserStorageConfig, options: UserStorageOptions) {\n    this.env = config.env;\n    this.config = config;\n    this.options = options;\n  }\n\n  async setItem(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    value: string,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    await this.#upsertUserStorage(path, value, options);\n  }\n\n  async batchSetItems(\n    path: UserStorageGenericFeatureName,\n    values: [UserStorageGenericFeatureKey, string][],\n    options?: UserStorageMethodOptions,\n  ) {\n    await this.#batchUpsertUserStorage(path, values, options);\n  }\n\n  async getItem(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<string | null> {\n    return this.#getUserStorage(path, options);\n  }\n\n  async getAllFeatureItems(\n    path: UserStorageGenericFeatureName,\n    options?: UserStorageMethodOptions,\n  ): Promise<string[] | null> {\n    return this.#getUserStorageAllFeatureEntries(path, options);\n  }\n\n  async deleteItem(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    return this.#deleteUserStorage(path, options);\n  }\n\n  async deleteAllFeatureItems(\n    path: UserStorageGenericFeatureName,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    return this.#deleteUserStorageAllFeatureEntries(path, options);\n  }\n\n  async batchDeleteItems(\n    path: UserStorageGenericFeatureName,\n    values: UserStorageGenericFeatureKey[],\n    options?: UserStorageMethodOptions,\n  ) {\n    return this.#batchDeleteUserStorage(path, values, options);\n  }\n\n  async getStorageKey(entropySourceId?: string): Promise<string> {\n    const userProfile = await this.config.auth.getUserProfile(entropySourceId);\n    const message = `metamask:${userProfile.profileId}` as const;\n\n    const storageKey = await this.options.storage?.getStorageKey(message);\n    if (storageKey) {\n      return storageKey;\n    }\n\n    const storageKeySignature = await this.config.auth.signMessage(\n      message,\n      entropySourceId,\n    );\n    const hashedStorageKeySignature = createSHA256Hash(storageKeySignature);\n    await this.options.storage?.setStorageKey(\n      message,\n      hashedStorageKeySignature,\n    );\n    return hashedStorageKeySignature;\n  }\n\n  async #upsertUserStorage(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    data: string,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n      const encryptedData = await encryption.encryptString(\n        data,\n        storageKey,\n        options?.nativeScryptCrypto,\n      );\n      const encryptedPath = createEntryPath(path, storageKey);\n\n      const url = new URL(STORAGE_URL(this.env, encryptedPath));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n        body: JSON.stringify({ data: encryptedData }),\n      });\n\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      throw new UserStorageError(\n        `failed to upsert user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #batchUpsertUserStorage(\n    path: UserStorageGenericPathWithFeatureOnly,\n    data: [string, string][],\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      if (!data.length) {\n        return;\n      }\n\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n\n      const encryptedData = await Promise.all(\n        data.map(async (d) => {\n          return [\n            this.#createEntryKey(d[0], storageKey),\n            await encryption.encryptString(\n              d[1],\n              storageKey,\n              options?.nativeScryptCrypto,\n            ),\n          ];\n        }),\n      );\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n        body: JSON.stringify({ data: Object.fromEntries(encryptedData) }),\n      });\n\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      throw new UserStorageError(\n        `failed to batch upsert user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries(\n    path: UserStorageGenericPathWithFeatureOnly,\n    encryptedData: [string, string][],\n    entropySourceId?: string,\n  ): Promise<void> {\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n        body: JSON.stringify({ data: Object.fromEntries(encryptedData) }),\n      });\n\n      // istanbul ignore next\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      // istanbul ignore next\n      throw new UserStorageError(\n        `failed to batch upsert user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #getUserStorage(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<string | null> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n      const encryptedPath = createEntryPath(path, storageKey);\n\n      const url = new URL(STORAGE_URL(this.env, encryptedPath));\n\n      const response = await fetch(url.toString(), {\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n      });\n\n      if (response.status === 404) {\n        return null;\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n\n      const userStorage = await response.json();\n      const encryptedData = userStorage?.Data ?? null;\n\n      if (!encryptedData) {\n        return null;\n      }\n\n      const decryptedData = await encryption.decryptString(\n        encryptedData,\n        storageKey,\n        options?.nativeScryptCrypto,\n      );\n\n      // Re-encrypt the entry if it was encrypted with a random salt\n      const salt = encryption.getSalt(encryptedData);\n      if (salt.toString() !== SHARED_SALT.toString()) {\n        await this.#upsertUserStorage(path, decryptedData, options);\n      }\n\n      return decryptedData;\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to get user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #getUserStorageAllFeatureEntries(\n    path: UserStorageGenericPathWithFeatureOnly,\n    options?: UserStorageMethodOptions,\n  ): Promise<string[] | null> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader =\n        await this.#getProfileScopeHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n      });\n\n      if (response.status === 404) {\n        return null;\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n\n      const userStorage: GetUserStorageAllFeatureEntriesResponse | null =\n        await response.json();\n\n      if (!Array.isArray(userStorage)) {\n        return null;\n      }\n\n      const decryptedData: string[] = [];\n      const reEncryptedEntries: [string, string][] = [];\n\n      for (const entry of userStorage) {\n        if (!entry.Data) {\n          continue;\n        }\n\n        try {\n          const data = await encryption.decryptString(\n            entry.Data,\n            storageKey,\n            options?.nativeScryptCrypto,\n          );\n          decryptedData.push(data);\n\n          // Re-encrypt the entry was encrypted with a random salt\n          const salt = encryption.getSalt(entry.Data);\n          if (salt.toString() !== SHARED_SALT.toString()) {\n            reEncryptedEntries.push([\n              entry.HashedKey,\n              await encryption.encryptString(\n                data,\n                storageKey,\n                options?.nativeScryptCrypto,\n              ),\n            ]);\n          }\n        } catch {\n          // do nothing\n        }\n      }\n\n      // Re-upload the re-encrypted entries\n      if (reEncryptedEntries.length) {\n        await this.#batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries(\n          path,\n          reEncryptedEntries,\n          entropySourceId,\n        );\n      }\n\n      return decryptedData;\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to get user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #deleteUserStorage(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n      const encryptedPath = createEntryPath(path, storageKey);\n\n      const url = new URL(STORAGE_URL(this.env, encryptedPath));\n\n      const response = await fetch(url.toString(), {\n        method: 'DELETE',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n      });\n\n      if (response.status === 404) {\n        throw new NotFoundError(\n          `feature/key set not found for path '${path}'.`,\n        );\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      if (e instanceof NotFoundError) {\n        throw e;\n      }\n\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to delete user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #deleteUserStorageAllFeatureEntries(\n    path: UserStorageGenericPathWithFeatureOnly,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    try {\n      const entropySourceId = options?.entropySourceId;\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader =\n        await this.#getProfileScopeHeader(entropySourceId);\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'DELETE',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n      });\n\n      if (response.status === 404) {\n        throw new NotFoundError(`feature not found for path '${path}'.`);\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      if (e instanceof NotFoundError) {\n        throw e;\n      }\n\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to delete user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #batchDeleteUserStorage(\n    path: UserStorageGenericPathWithFeatureOnly,\n    keysToDelete: string[],\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    try {\n      if (!keysToDelete.length) {\n        return;\n      }\n\n      const entropySourceId = options?.entropySourceId;\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n\n      const rawEntryKeys = keysToDelete.map((d) =>\n        this.#createEntryKey(d, storageKey),\n      );\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n\n        body: JSON.stringify({ batch_delete: rawEntryKeys }),\n      });\n\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      throw new UserStorageError(\n        `failed to batch delete user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  #createEntryKey(key: string, storageKey: string): string {\n    return createSHA256Hash(key + storageKey);\n  }\n\n  async #getAuthorizationHeader(\n    entropySourceId?: string,\n  ): Promise<{ Authorization: string }> {\n    const accessToken = await this.config.auth.getAccessToken(entropySourceId);\n    return { Authorization: `Bearer ${accessToken}` };\n  }\n\n  async #getProfileScopeHeader(\n    entropySourceId?: string,\n  ): Promise<Record<string, string>> {\n    const profile = await this.config.auth.getUserProfile(entropySourceId);\n    if (profile.profileId !== profile.canonicalProfileId) {\n      return { 'x-profile-id': profile.profileId };\n    }\n    return {};\n  }\n}\n"]}
+{"version":3,"file":"user-storage.mjs","sourceRoot":"","sources":["../../src/sdk/user-storage.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,UAAU,EAAE,EAAE,gBAAgB,EAAE,uCAA6B;AACpE,OAAO,EAAE,WAAW,EAAE,2CAAuC;AAE7D,OAAO,EAAE,UAAU,EAAE,0BAAsB;AAO3C,OAAO,EAAE,eAAe,EAAE,qCAAiC;AAG3D,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,qBAAiB;AAE3D,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,GAAQ,EAAE,aAAqB,EAAE,EAAE,CAC7D,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,iBAAiB,uBAAuB,aAAa,EAAE,CAAC;AAuC7E,MAAM,OAAO,WAAW;IAOtB,YAAY,MAAyB,EAAE,OAA2B;;QAChE,IAAI,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC;QACtB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,OAAO,CACX,IAA6C,EAC7C,KAAa,EACb,OAAkC;QAElC,MAAM,uBAAA,IAAI,8DAAmB,MAAvB,IAAI,EAAoB,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;IACtD,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,IAAmC,EACnC,MAAgD,EAChD,OAAkC;QAElC,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5D,CAAC;IAED,KAAK,CAAC,OAAO,CACX,IAA6C,EAC7C,OAAkC;QAElC,OAAO,uBAAA,IAAI,2DAAgB,MAApB,IAAI,EAAiB,IAAI,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAED,KAAK,CAAC,kBAAkB,CACtB,IAAmC,EACnC,OAAkC;QAElC,OAAO,uBAAA,IAAI,4EAAiC,MAArC,IAAI,EAAkC,IAAI,EAAE,OAAO,CAAC,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,UAAU,CACd,IAA6C,EAC7C,OAAkC;QAElC,OAAO,uBAAA,IAAI,8DAAmB,MAAvB,IAAI,EAAoB,IAAI,EAAE,OAAO,CAAC,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,IAAmC,EACnC,OAAkC;QAElC,OAAO,uBAAA,IAAI,+EAAoC,MAAxC,IAAI,EAAqC,IAAI,EAAE,OAAO,CAAC,CAAC;IACjE,CAAC;IAED,KAAK,CAAC,gBAAgB,CACpB,IAAmC,EACnC,MAAsC,EACtC,OAAkC;QAElC,OAAO,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,eAAwB;QAC1C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;QAC3E,MAAM,OAAO,GAAG,YAAY,WAAW,CAAC,SAAS,EAAW,CAAC;QAE7D,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,CAAC;QACtE,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,UAAU,CAAC;QACpB,CAAC;QAED,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAC5D,OAAO,EACP,eAAe,CAChB,CAAC;QACF,MAAM,yBAAyB,GAAG,gBAAgB,CAAC,mBAAmB,CAAC,CAAC;QACxE,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,aAAa,CACvC,OAAO,EACP,yBAAyB,CAC1B,CAAC;QACF,OAAO,yBAAyB,CAAC;IACnC,CAAC;CAseF;yEApeC,KAAK,yCACH,IAA6C,EAC7C,IAAY,EACZ,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GAAG,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EACnC,eAAe,EACf,OAAO,EAAE,iBAAiB,CAC3B,CAAC;QACF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,aAAa,CAClD,IAAI,EACJ,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B,CAAC;QACF,MAAM,aAAa,GAAG,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAExD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;SAC9C,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,IAAI,gBAAgB,CACxB,2CAA2C,IAAI,MAAM,YAAY,EAAE,CACpE,CAAC;IACJ,CAAC;AACH,CAAC,wCAED,KAAK,8CACH,IAA2C,EAC3C,IAAwB,EACxB,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GAAG,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EACnC,eAAe,EACf,OAAO,EAAE,iBAAiB,CAC3B,CAAC;QACF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAE7D,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,GAAG,CACrC,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;YACnB,OAAO;gBACL,uBAAA,IAAI,2DAAgB,MAApB,IAAI,EAAiB,CAAC,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC;gBACtC,MAAM,UAAU,CAAC,aAAa,CAC5B,CAAC,CAAC,CAAC,CAAC,EACJ,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B;aACF,CAAC;QACJ,CAAC,CAAC,CACH,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;SAClE,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,IAAI,gBAAgB,CACxB,iDAAiD,IAAI,MAAM,YAAY,EAAE,CAC1E,CAAC;IACJ,CAAC;AACH,CAAC,4EAED,KAAK,kFACH,IAA2C,EAC3C,aAAiC,EACjC,eAAwB,EACxB,iBAA2B;IAE3B,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GAAG,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EACnC,eAAe,EACf,iBAAiB,CAClB,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;SAClE,CAAC,CAAC;QAEH,uBAAuB;QACvB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,uBAAuB;QACvB,MAAM,IAAI,gBAAgB,CACxB,iDAAiD,IAAI,MAAM,YAAY,EAAE,CAC1E,CAAC;IACJ,CAAC;AACH,CAAC,gCAED,KAAK,sCACH,IAA6C,EAC7C,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAExD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC1C,MAAM,aAAa,GAAG,WAAW,EAAE,IAAI,IAAI,IAAI,CAAC;QAEhD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,aAAa,CAClD,aAAa,EACb,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B,CAAC;QAEF,8DAA8D;QAC9D,MAAM,IAAI,GAAG,UAAU,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;QAC/C,IAAI,IAAI,CAAC,QAAQ,EAAE,KAAK,WAAW,CAAC,QAAQ,EAAE,EAAE,CAAC;YAC/C,MAAM,uBAAA,IAAI,8DAAmB,MAAvB,IAAI,EAAoB,IAAI,EAAE,aAAa,EAAE,OAAO,CAAC,CAAC;QAC9D,CAAC;QAED,OAAO,aAAa,CAAC;IACvB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,gBAAgB,CACxB,wCAAwC,IAAI,MAAM,YAAY,EAAE,CACjE,CAAC;IACJ,CAAC;AACH,CAAC,iDAED,KAAK,uDACH,IAA2C,EAC3C,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GAAG,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EACnC,eAAe,EACf,OAAO,EAAE,iBAAiB,CAC3B,CAAC;QACF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAE7D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GACf,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAExB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,aAAa,GAAa,EAAE,CAAC;QACnC,MAAM,kBAAkB,GAAuB,EAAE,CAAC;QAElD,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE,CAAC;YAChC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;gBAChB,SAAS;YACX,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,aAAa,CACzC,KAAK,CAAC,IAAI,EACV,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B,CAAC;gBACF,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEzB,wDAAwD;gBACxD,MAAM,IAAI,GAAG,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC5C,IAAI,IAAI,CAAC,QAAQ,EAAE,KAAK,WAAW,CAAC,QAAQ,EAAE,EAAE,CAAC;oBAC/C,kBAAkB,CAAC,IAAI,CAAC;wBACtB,KAAK,CAAC,SAAS;wBACf,MAAM,UAAU,CAAC,aAAa,CAC5B,IAAI,EACJ,UAAU,EACV,OAAO,EAAE,kBAAkB,CAC5B;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,aAAa;YACf,CAAC;QACH,CAAC;QAED,qCAAqC;QACrC,IAAI,kBAAkB,CAAC,MAAM,EAAE,CAAC;YAC9B,MAAM,uBAAA,IAAI,uGAA4D,MAAhE,IAAI,EACR,IAAI,EACJ,kBAAkB,EAClB,eAAe,EACf,OAAO,EAAE,iBAAiB,CAC3B,CAAC;QACJ,CAAC;QAED,OAAO,aAAa,CAAC;IACvB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,gBAAgB,CACxB,wCAAwC,IAAI,MAAM,YAAY,EAAE,CACjE,CAAC;IACJ,CAAC;AACH,CAAC,mCAED,KAAK,yCACH,IAA6C,EAC7C,OAAkC;IAElC,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAExD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAI,aAAa,CACrB,uCAAuC,IAAI,IAAI,CAChD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,CAAC,YAAY,aAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,CAAC;QACV,CAAC;QAED,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,gBAAgB,CACxB,2CAA2C,IAAI,MAAM,YAAY,EAAE,CACpE,CAAC;IACJ,CAAC;AACH,CAAC,oDAED,KAAK,0DACH,IAA2C,EAC3C,OAAkC;IAElC,IAAI,CAAC;QACH,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;QACjD,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,kBAAkB,GAAG,MAAM,uBAAA,IAAI,kEAAuB,MAA3B,IAAI,EACnC,eAAe,EACf,OAAO,EAAE,iBAAiB,CAC3B,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;gBACV,GAAG,kBAAkB;aACtB;SACF,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAI,aAAa,CAAC,+BAA+B,IAAI,IAAI,CAAC,CAAC;QACnE,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,CAAC,YAAY,aAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,CAAC;QACV,CAAC;QAED,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,IAAI,gBAAgB,CACxB,2CAA2C,IAAI,MAAM,YAAY,EAAE,CACpE,CAAC;IACJ,CAAC;AACH,CAAC,wCAED,KAAK,8CACH,IAA2C,EAC3C,YAAsB,EACtB,OAAkC;IAElC,IAAI,CAAC;QACH,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;YACzB,OAAO;QACT,CAAC;QAED,MAAM,eAAe,GAAG,OAAO,EAAE,eAAe,CAAC;QACjD,MAAM,OAAO,GAAG,MAAM,uBAAA,IAAI,mEAAwB,MAA5B,IAAI,EAAyB,eAAe,CAAC,CAAC;QACpE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QAE7D,MAAM,YAAY,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAC1C,uBAAA,IAAI,2DAAgB,MAApB,IAAI,EAAiB,CAAC,EAAE,UAAU,CAAC,CACpC,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;QAEjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,OAAO;aACX;YAED,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,YAAY,EAAE,YAAY,EAAE,CAAC;SACrD,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,YAAY,GAAiB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpE,OAAO,EAAE,SAAS;gBAClB,KAAK,EAAE,SAAS;aACjB,CAAC,CAAC,CAAC;YACJ,MAAM,IAAI,KAAK,CACb,uBAAuB,YAAY,CAAC,OAAO,YAAY,YAAY,CAAC,KAAK,EAAE,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,0BAA0B;QAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,IAAI,gBAAgB,CACxB,iDAAiD,IAAI,MAAM,YAAY,EAAE,CAC1E,CAAC;IACJ,CAAC;AACH,CAAC,qEAEe,GAAW,EAAE,UAAkB;IAC7C,OAAO,gBAAgB,CAAC,GAAG,GAAG,UAAU,CAAC,CAAC;AAC5C,CAAC,wCAED,KAAK,8CACH,eAAwB;IAExB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IAC3E,OAAO,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE,CAAC;AACpD,CAAC,uCAED,KAAK,6CACH,eAAwB,EACxB,iBAA2B;IAE3B,IAAI,iBAAiB,EAAE,CAAC;QACtB,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IACvE,IAAI,OAAO,CAAC,SAAS,KAAK,OAAO,CAAC,kBAAkB,EAAE,CAAC;QACrD,OAAO,EAAE,cAAc,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC;IAC/C,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC","sourcesContent":["import encryption, { createSHA256Hash } from '../shared/encryption';\nimport { SHARED_SALT } from '../shared/encryption/constants';\nimport type { Env } from '../shared/env';\nimport { getEnvUrls } from '../shared/env';\nimport type {\n  UserStorageGenericFeatureKey,\n  UserStorageGenericFeatureName,\n  UserStorageGenericPathWithFeatureAndKey,\n  UserStorageGenericPathWithFeatureOnly,\n} from '../shared/storage-schema';\nimport { createEntryPath } from '../shared/storage-schema';\nimport type { NativeScrypt } from '../shared/types/encryption';\nimport type { IBaseAuth } from './authentication-jwt-bearer/types';\nimport { NotFoundError, UserStorageError } from './errors';\n\nexport const STORAGE_URL = (env: Env, encryptedPath: string) =>\n  `${getEnvUrls(env).userStorageApiUrl}/api/v1/userstorage/${encryptedPath}`;\n\nexport type UserStorageConfig = {\n  env: Env;\n  auth: Pick<IBaseAuth, 'getAccessToken' | 'getUserProfile' | 'signMessage'>;\n};\n\nexport type StorageOptions = {\n  getStorageKey: (message: `metamask:${string}`) => Promise<string | null>;\n  setStorageKey: (message: `metamask:${string}`, val: string) => Promise<void>;\n};\n\nexport type UserStorageOptions = {\n  storage?: StorageOptions;\n};\n\nexport type GetUserStorageAllFeatureEntriesResponse = {\n  HashedKey: string;\n\n  Data: string;\n}[];\n\nexport type UserStorageMethodOptions = {\n  nativeScryptCrypto?: NativeScrypt;\n  entropySourceId?: string;\n  /**\n   * When true, skip the `x-profile-id` header on feature-scoped requests,\n   * letting the server default to the JWT `sub` (canonical profile ID).\n   * Useful during canonical storage migration (ADR 0005) to read/verify\n   * data stored under the canonical key.\n   */\n  useCanonicalScope?: boolean;\n};\n\ntype ErrorMessage = {\n  message: string;\n  error: string;\n};\n\nexport class UserStorage {\n  protected config: UserStorageConfig;\n\n  public options: UserStorageOptions;\n\n  protected env: Env;\n\n  constructor(config: UserStorageConfig, options: UserStorageOptions) {\n    this.env = config.env;\n    this.config = config;\n    this.options = options;\n  }\n\n  async setItem(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    value: string,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    await this.#upsertUserStorage(path, value, options);\n  }\n\n  async batchSetItems(\n    path: UserStorageGenericFeatureName,\n    values: [UserStorageGenericFeatureKey, string][],\n    options?: UserStorageMethodOptions,\n  ) {\n    await this.#batchUpsertUserStorage(path, values, options);\n  }\n\n  async getItem(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<string | null> {\n    return this.#getUserStorage(path, options);\n  }\n\n  async getAllFeatureItems(\n    path: UserStorageGenericFeatureName,\n    options?: UserStorageMethodOptions,\n  ): Promise<string[] | null> {\n    return this.#getUserStorageAllFeatureEntries(path, options);\n  }\n\n  async deleteItem(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    return this.#deleteUserStorage(path, options);\n  }\n\n  async deleteAllFeatureItems(\n    path: UserStorageGenericFeatureName,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    return this.#deleteUserStorageAllFeatureEntries(path, options);\n  }\n\n  async batchDeleteItems(\n    path: UserStorageGenericFeatureName,\n    values: UserStorageGenericFeatureKey[],\n    options?: UserStorageMethodOptions,\n  ) {\n    return this.#batchDeleteUserStorage(path, values, options);\n  }\n\n  async getStorageKey(entropySourceId?: string): Promise<string> {\n    const userProfile = await this.config.auth.getUserProfile(entropySourceId);\n    const message = `metamask:${userProfile.profileId}` as const;\n\n    const storageKey = await this.options.storage?.getStorageKey(message);\n    if (storageKey) {\n      return storageKey;\n    }\n\n    const storageKeySignature = await this.config.auth.signMessage(\n      message,\n      entropySourceId,\n    );\n    const hashedStorageKeySignature = createSHA256Hash(storageKeySignature);\n    await this.options.storage?.setStorageKey(\n      message,\n      hashedStorageKeySignature,\n    );\n    return hashedStorageKeySignature;\n  }\n\n  async #upsertUserStorage(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    data: string,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader = await this.#getProfileScopeHeader(\n        entropySourceId,\n        options?.useCanonicalScope,\n      );\n      const storageKey = await this.getStorageKey(entropySourceId);\n      const encryptedData = await encryption.encryptString(\n        data,\n        storageKey,\n        options?.nativeScryptCrypto,\n      );\n      const encryptedPath = createEntryPath(path, storageKey);\n\n      const url = new URL(STORAGE_URL(this.env, encryptedPath));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n        body: JSON.stringify({ data: encryptedData }),\n      });\n\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      throw new UserStorageError(\n        `failed to upsert user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #batchUpsertUserStorage(\n    path: UserStorageGenericPathWithFeatureOnly,\n    data: [string, string][],\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      if (!data.length) {\n        return;\n      }\n\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader = await this.#getProfileScopeHeader(\n        entropySourceId,\n        options?.useCanonicalScope,\n      );\n      const storageKey = await this.getStorageKey(entropySourceId);\n\n      const encryptedData = await Promise.all(\n        data.map(async (d) => {\n          return [\n            this.#createEntryKey(d[0], storageKey),\n            await encryption.encryptString(\n              d[1],\n              storageKey,\n              options?.nativeScryptCrypto,\n            ),\n          ];\n        }),\n      );\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n        body: JSON.stringify({ data: Object.fromEntries(encryptedData) }),\n      });\n\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      throw new UserStorageError(\n        `failed to batch upsert user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries(\n    path: UserStorageGenericPathWithFeatureOnly,\n    encryptedData: [string, string][],\n    entropySourceId?: string,\n    useCanonicalScope?: boolean,\n  ): Promise<void> {\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader = await this.#getProfileScopeHeader(\n        entropySourceId,\n        useCanonicalScope,\n      );\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n        body: JSON.stringify({ data: Object.fromEntries(encryptedData) }),\n      });\n\n      // istanbul ignore next\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      // istanbul ignore next\n      throw new UserStorageError(\n        `failed to batch upsert user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #getUserStorage(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<string | null> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n      const encryptedPath = createEntryPath(path, storageKey);\n\n      const url = new URL(STORAGE_URL(this.env, encryptedPath));\n\n      const response = await fetch(url.toString(), {\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n      });\n\n      if (response.status === 404) {\n        return null;\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n\n      const userStorage = await response.json();\n      const encryptedData = userStorage?.Data ?? null;\n\n      if (!encryptedData) {\n        return null;\n      }\n\n      const decryptedData = await encryption.decryptString(\n        encryptedData,\n        storageKey,\n        options?.nativeScryptCrypto,\n      );\n\n      // Re-encrypt the entry if it was encrypted with a random salt\n      const salt = encryption.getSalt(encryptedData);\n      if (salt.toString() !== SHARED_SALT.toString()) {\n        await this.#upsertUserStorage(path, decryptedData, options);\n      }\n\n      return decryptedData;\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to get user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #getUserStorageAllFeatureEntries(\n    path: UserStorageGenericPathWithFeatureOnly,\n    options?: UserStorageMethodOptions,\n  ): Promise<string[] | null> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader = await this.#getProfileScopeHeader(\n        entropySourceId,\n        options?.useCanonicalScope,\n      );\n      const storageKey = await this.getStorageKey(entropySourceId);\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n      });\n\n      if (response.status === 404) {\n        return null;\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n\n      const userStorage: GetUserStorageAllFeatureEntriesResponse | null =\n        await response.json();\n\n      if (!Array.isArray(userStorage)) {\n        return null;\n      }\n\n      const decryptedData: string[] = [];\n      const reEncryptedEntries: [string, string][] = [];\n\n      for (const entry of userStorage) {\n        if (!entry.Data) {\n          continue;\n        }\n\n        try {\n          const data = await encryption.decryptString(\n            entry.Data,\n            storageKey,\n            options?.nativeScryptCrypto,\n          );\n          decryptedData.push(data);\n\n          // Re-encrypt the entry was encrypted with a random salt\n          const salt = encryption.getSalt(entry.Data);\n          if (salt.toString() !== SHARED_SALT.toString()) {\n            reEncryptedEntries.push([\n              entry.HashedKey,\n              await encryption.encryptString(\n                data,\n                storageKey,\n                options?.nativeScryptCrypto,\n              ),\n            ]);\n          }\n        } catch {\n          // do nothing\n        }\n      }\n\n      // Re-upload the re-encrypted entries\n      if (reEncryptedEntries.length) {\n        await this.#batchUpsertUserStorageWithAlreadyHashedAndEncryptedEntries(\n          path,\n          reEncryptedEntries,\n          entropySourceId,\n          options?.useCanonicalScope,\n        );\n      }\n\n      return decryptedData;\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to get user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #deleteUserStorage(\n    path: UserStorageGenericPathWithFeatureAndKey,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    const entropySourceId = options?.entropySourceId;\n    try {\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n      const encryptedPath = createEntryPath(path, storageKey);\n\n      const url = new URL(STORAGE_URL(this.env, encryptedPath));\n\n      const response = await fetch(url.toString(), {\n        method: 'DELETE',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n      });\n\n      if (response.status === 404) {\n        throw new NotFoundError(\n          `feature/key set not found for path '${path}'.`,\n        );\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      if (e instanceof NotFoundError) {\n        throw e;\n      }\n\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to delete user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #deleteUserStorageAllFeatureEntries(\n    path: UserStorageGenericPathWithFeatureOnly,\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    try {\n      const entropySourceId = options?.entropySourceId;\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const profileScopeHeader = await this.#getProfileScopeHeader(\n        entropySourceId,\n        options?.useCanonicalScope,\n      );\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'DELETE',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n          ...profileScopeHeader,\n        },\n      });\n\n      if (response.status === 404) {\n        throw new NotFoundError(`feature not found for path '${path}'.`);\n      }\n\n      if (!response.ok) {\n        const responseBody = (await response.json()) as ErrorMessage;\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      if (e instanceof NotFoundError) {\n        throw e;\n      }\n\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n\n      throw new UserStorageError(\n        `failed to delete user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  async #batchDeleteUserStorage(\n    path: UserStorageGenericPathWithFeatureOnly,\n    keysToDelete: string[],\n    options?: UserStorageMethodOptions,\n  ): Promise<void> {\n    try {\n      if (!keysToDelete.length) {\n        return;\n      }\n\n      const entropySourceId = options?.entropySourceId;\n      const headers = await this.#getAuthorizationHeader(entropySourceId);\n      const storageKey = await this.getStorageKey(entropySourceId);\n\n      const rawEntryKeys = keysToDelete.map((d) =>\n        this.#createEntryKey(d, storageKey),\n      );\n\n      const url = new URL(STORAGE_URL(this.env, path));\n\n      const response = await fetch(url.toString(), {\n        method: 'PUT',\n        headers: {\n          'Content-Type': 'application/json',\n          ...headers,\n        },\n\n        body: JSON.stringify({ batch_delete: rawEntryKeys }),\n      });\n\n      if (!response.ok) {\n        const responseBody: ErrorMessage = await response.json().catch(() => ({\n          message: 'unknown',\n          error: 'unknown',\n        }));\n        throw new Error(\n          `HTTP error message: ${responseBody.message}, error: ${responseBody.error}`,\n        );\n      }\n    } catch (e) {\n      /* istanbul ignore next */\n      const errorMessage =\n        e instanceof Error ? e.message : JSON.stringify(e ?? '');\n      throw new UserStorageError(\n        `failed to batch delete user storage for path '${path}'. ${errorMessage}`,\n      );\n    }\n  }\n\n  #createEntryKey(key: string, storageKey: string): string {\n    return createSHA256Hash(key + storageKey);\n  }\n\n  async #getAuthorizationHeader(\n    entropySourceId?: string,\n  ): Promise<{ Authorization: string }> {\n    const accessToken = await this.config.auth.getAccessToken(entropySourceId);\n    return { Authorization: `Bearer ${accessToken}` };\n  }\n\n  async #getProfileScopeHeader(\n    entropySourceId?: string,\n    useCanonicalScope?: boolean,\n  ): Promise<Record<string, string>> {\n    if (useCanonicalScope) {\n      return {};\n    }\n    const profile = await this.config.auth.getUserProfile(entropySourceId);\n    if (profile.profileId !== profile.canonicalProfileId) {\n      return { 'x-profile-id': profile.profileId };\n    }\n    return {};\n  }\n}\n"]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@metamask-previews/profile-sync-controller",
-  "version": "28.0.2-preview-02f91c63c",
+  "version": "28.0.2-preview-6ce5d58fa",
   "description": "The profile sync helps developers synchronize data across multiple clients and devices in a privacy-preserving way. All data saved in the user storage database is encrypted client-side to preserve privacy. The user storage provides a modular design, giving developers the flexibility to construct and manage their storage spaces in a way that best suits their needs",
   "keywords": [
     "Ethereum",