@opentdf/sdk 0.4.0-beta.13 → 0.4.0-beta.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/src/access.js +16 -1
- package/dist/cjs/src/auth/oidc-refreshtoken-provider.js +15 -1
- package/dist/cjs/src/index.js +4 -2
- package/dist/cjs/src/opentdf.js +64 -12
- package/dist/cjs/src/platform.js +14 -3
- package/dist/cjs/src/seekable.js +32 -1
- package/dist/cjs/src/utils.js +57 -3
- package/dist/types/src/access.d.ts +15 -0
- package/dist/types/src/access.d.ts.map +1 -1
- package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts +14 -0
- package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts.map +1 -1
- package/dist/types/src/index.d.ts +1 -0
- package/dist/types/src/index.d.ts.map +1 -1
- package/dist/types/src/opentdf.d.ts +126 -6
- package/dist/types/src/opentdf.d.ts.map +1 -1
- package/dist/types/src/platform.d.ts +16 -0
- package/dist/types/src/platform.d.ts.map +1 -1
- package/dist/types/src/seekable.d.ts +31 -0
- package/dist/types/src/seekable.d.ts.map +1 -1
- package/dist/types/src/utils.d.ts +56 -2
- package/dist/types/src/utils.d.ts.map +1 -1
- package/dist/web/src/access.js +16 -1
- package/dist/web/src/auth/oidc-refreshtoken-provider.js +15 -1
- package/dist/web/src/index.js +2 -1
- package/dist/web/src/opentdf.js +64 -12
- package/dist/web/src/platform.js +14 -3
- package/dist/web/src/seekable.js +32 -1
- package/dist/web/src/utils.js +57 -3
- package/package.json +5 -3
- package/src/access.ts +15 -0
- package/src/auth/oidc-refreshtoken-provider.ts +14 -0
- package/src/index.ts +1 -0
- package/src/opentdf.ts +147 -71
- package/src/platform.ts +17 -5
- package/src/seekable.ts +31 -0
- package/src/utils.ts +56 -2
package/dist/web/src/utils.js
CHANGED
|
@@ -32,15 +32,32 @@ export function validateSecureUrl(url) {
|
|
|
32
32
|
}
|
|
33
33
|
return true;
|
|
34
34
|
}
|
|
35
|
+
/**
|
|
36
|
+
* Pads a URL with a trailing slash if it does not already have one.
|
|
37
|
+
* This is useful for ensuring that URLs are in a consistent format.
|
|
38
|
+
* @param u The URL to pad.
|
|
39
|
+
* @returns The padded URL.
|
|
40
|
+
*/
|
|
35
41
|
export function padSlashToUrl(u) {
|
|
36
42
|
if (u.endsWith('/')) {
|
|
37
43
|
return u;
|
|
38
44
|
}
|
|
39
45
|
return `${u}/`;
|
|
40
46
|
}
|
|
47
|
+
/**
|
|
48
|
+
* Checks if the current environment is a browser.
|
|
49
|
+
* This is useful for determining if certain APIs or features are available.
|
|
50
|
+
* @returns true if running in a browser, false otherwise.
|
|
51
|
+
*/
|
|
41
52
|
export function isBrowser() {
|
|
42
53
|
return typeof window !== 'undefined'; // eslint-disable-line
|
|
43
54
|
}
|
|
55
|
+
/**
|
|
56
|
+
* Removes trailing characters from a string.
|
|
57
|
+
* @param str The string to trim.
|
|
58
|
+
* @param suffix The suffix to remove (default is a single space).
|
|
59
|
+
* @returns The trimmed string.
|
|
60
|
+
*/
|
|
44
61
|
export const rstrip = (str, suffix = ' ') => {
|
|
45
62
|
while (str && suffix && str.endsWith(suffix)) {
|
|
46
63
|
str = str.slice(0, -suffix.length);
|
|
@@ -81,6 +98,15 @@ export const estimateSkewFromHeaders = (headers, dateNowBefore) => {
|
|
|
81
98
|
const deltaAfter = serverUnixTime - localUnixTimeAfter;
|
|
82
99
|
return Math.round((deltaBefore + deltaAfter) / 2);
|
|
83
100
|
};
|
|
101
|
+
/**
|
|
102
|
+
* Adds new lines to a string every 64 characters.
|
|
103
|
+
* @param str A string to add new lines to.
|
|
104
|
+
* This function takes a string and adds new lines every 64 characters.
|
|
105
|
+
* If the string is empty or undefined, it returns the original string.
|
|
106
|
+
* This is useful for formatting long strings, such as public keys or certificates,
|
|
107
|
+
* to ensure they are properly formatted for PEM encoding.
|
|
108
|
+
* @returns The formatted string with new lines added.
|
|
109
|
+
*/
|
|
84
110
|
export function addNewLines(str) {
|
|
85
111
|
if (!str) {
|
|
86
112
|
return str;
|
|
@@ -93,6 +119,11 @@ export function addNewLines(str) {
|
|
|
93
119
|
}
|
|
94
120
|
return finalString;
|
|
95
121
|
}
|
|
122
|
+
/**
|
|
123
|
+
* Creates a PEM-encoded string from a public key.
|
|
124
|
+
* @param publicKey The public key to convert.
|
|
125
|
+
* @returns A promise that resolves to a PEM-encoded string.
|
|
126
|
+
*/
|
|
96
127
|
export async function cryptoPublicToPem(publicKey) {
|
|
97
128
|
if (publicKey.type !== 'public') {
|
|
98
129
|
throw new ConfigurationError('incorrect key type');
|
|
@@ -102,6 +133,11 @@ export async function cryptoPublicToPem(publicKey) {
|
|
|
102
133
|
const pem = addNewLines(b64);
|
|
103
134
|
return `-----BEGIN PUBLIC KEY-----\r\n${pem}-----END PUBLIC KEY-----`;
|
|
104
135
|
}
|
|
136
|
+
/**
|
|
137
|
+
* Converts a PEM-encoded public key to a CryptoKey.
|
|
138
|
+
* @param pem The PEM-encoded public key.
|
|
139
|
+
* @returns A promise that resolves to a CryptoKey.
|
|
140
|
+
*/
|
|
105
141
|
export async function pemToCryptoPublicKey(pem) {
|
|
106
142
|
if (/-----BEGIN PUBLIC KEY-----/.test(pem)) {
|
|
107
143
|
return pemPublicToCrypto(pem);
|
|
@@ -114,6 +150,15 @@ export async function pemToCryptoPublicKey(pem) {
|
|
|
114
150
|
// - When converting between PEM and CryptoKey formats for user provided session keys (e.g. for DPoP)
|
|
115
151
|
throw new TypeError(`unsupported pem type [${pem}]`);
|
|
116
152
|
}
|
|
153
|
+
/**
|
|
154
|
+
* Extracts the PEM-encoded public key from a key string.
|
|
155
|
+
* @param keyString A string containing a public key or certificate.
|
|
156
|
+
* This function extracts the PEM-encoded public key from a given key string.
|
|
157
|
+
* If the key string contains a certificate, it imports the certificate and exports
|
|
158
|
+
* the public key in PEM format. If the key string is already in PEM format, it returns
|
|
159
|
+
* the key string as is.
|
|
160
|
+
* @returns A promise that resolves to a PEM-encoded public key.
|
|
161
|
+
*/
|
|
117
162
|
export async function extractPemFromKeyString(keyString) {
|
|
118
163
|
let pem = keyString;
|
|
119
164
|
// Skip the public key extraction if we find that the KAS url provides a
|
|
@@ -126,6 +171,12 @@ export async function extractPemFromKeyString(keyString) {
|
|
|
126
171
|
}
|
|
127
172
|
/**
|
|
128
173
|
* Extracts the error message from an RPC catch error.
|
|
174
|
+
* @param error An error object, typically from a network request.
|
|
175
|
+
* This function extracts the error message from a ConnectError or a generic Error.
|
|
176
|
+
* If the error is a ConnectError or a standard Error, it returns the message.
|
|
177
|
+
* If the error is of an unknown type, it returns a default message indicating
|
|
178
|
+
* that an unknown network error occurred.
|
|
179
|
+
* @returns The extracted error message.
|
|
129
180
|
*/
|
|
130
181
|
export function extractRpcErrorMessage(error) {
|
|
131
182
|
if (error instanceof ConnectError || error instanceof Error) {
|
|
@@ -135,8 +186,11 @@ export function extractRpcErrorMessage(error) {
|
|
|
135
186
|
}
|
|
136
187
|
/**
|
|
137
188
|
* Converts a KAS endpoint URL to a platform URL.
|
|
138
|
-
*
|
|
139
|
-
*
|
|
189
|
+
* @param endpoint The KAS endpoint URL to extract the platform URL from.
|
|
190
|
+
* This function extracts the base URL from a KAS endpoint URL.
|
|
191
|
+
* It removes any trailing slashes and specific path segments related to rewrap or kas.
|
|
192
|
+
* This is useful for obtaining the base URL for further API requests.
|
|
193
|
+
* @returns The base URL of the platform.
|
|
140
194
|
*/
|
|
141
195
|
export function getPlatformUrlFromKasEndpoint(endpoint) {
|
|
142
196
|
let result = endpoint || '';
|
|
@@ -151,4 +205,4 @@ export function getPlatformUrlFromKasEndpoint(endpoint) {
|
|
|
151
205
|
}
|
|
152
206
|
return result;
|
|
153
207
|
}
|
|
154
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
208
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXRpbHMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvdXRpbHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLFVBQVUsRUFBRSxVQUFVLEVBQUUsTUFBTSxNQUFNLENBQUM7QUFFOUMsT0FBTyxFQUFFLE1BQU0sRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQzlDLE9BQU8sRUFBRSxlQUFlLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSx1Q0FBdUMsQ0FBQztBQUMzRixPQUFPLEVBQUUsa0JBQWtCLEVBQUUsTUFBTSxhQUFhLENBQUM7QUFDakQsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLHFCQUFxQixDQUFDO0FBRW5EOzs7Ozs7Ozs7Ozs7O0dBYUc7QUFDSCxNQUFNLFVBQVUsaUJBQWlCLENBQUMsR0FBVztJQUMzQyxNQUFNLFVBQVUsR0FBRyxTQUFTLENBQUM7SUFDN0IsSUFBSSx3REFBd0QsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztRQUN2RSxPQUFPLENBQUMsSUFBSSxDQUFDLDhCQUE4QixHQUFHLEdBQUcsQ0FBQyxDQUFDO0lBQ3JELENBQUM7U0FBTSxJQUNMLHNEQUFzRCxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUM7UUFDaEUseURBQXlELENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUNuRSxDQUFDO1FBQ0QsT0FBTyxDQUFDLElBQUksQ0FBQywyQkFBMkIsR0FBRyxHQUFHLENBQUMsQ0FBQztJQUNsRCxDQUFDO1NBQU0sSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztRQUNqQyxPQUFPLENBQUMsS0FBSyxDQUFDLHNFQUFzRSxHQUFHLEdBQUcsQ0FBQyxDQUFDO1FBQzVGLE9BQU8sS0FBSyxDQUFDO0lBQ2YsQ0FBQztJQUNELE9BQU8sSUFBSSxDQUFDO0FBQ2QsQ0FBQztBQUVEOzs7OztHQUtHO0FBQ0gsTUFBTSxVQUFVLGFBQWEsQ0FBQyxDQUFTO0lBQ3JDLElBQUksQ0FBQyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDO1FBQ3BCLE9BQU8sQ0FBQyxDQUFDO0lBQ1gsQ0FBQztJQUNELE9BQU8sR0FBRyxDQUFDLEdBQUcsQ0FBQztBQUNqQixDQUFDO0FBRUQ7Ozs7R0FJRztBQUNILE1BQU0sVUFBVSxTQUFTO0lBQ3ZCLE9BQU8sT0FBTyxNQUFNLEtBQUssV0FBVyxDQUFDLENBQUMsc0JBQXNCO0FBQzlELENBQUM7QUFFRDs7Ozs7R0FLRztBQUNILE1BQU0sQ0FBQyxNQUFNLE1BQU0sR0FBRyxDQUFDLEdBQVcsRUFBRSxNQUFNLEdBQUcsR0FBRyxFQUFVLEVBQUU7SUFDMUQsT0FBTyxHQUFHLElBQUksTUFBTSxJQUFJLEdBQUcsQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQztRQUM3QyxHQUFHLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQUUsQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLENBQUM7SUFDckMsQ0FBQztJQUNELE9BQU8sR0FBRyxDQUFDO0FBQ2IsQ0FBQyxDQUFDO0FBRUY7Ozs7OztHQU1HO0FBQ0gsTUFBTSxDQUFDLE1BQU0sWUFBWSxHQUFHLEtBQUssRUFBRSxjQUFjLEdBQUcsTUFBTSxDQUFDLE1BQU0sRUFBbUIsRUFBRTtJQUNwRixNQUFNLG1CQUFtQixHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQztJQUN2QyxNQUFNLFFBQVEsR0FBRyxNQUFNLEtBQUssQ0FBQyxjQUFjLENBQUMsQ0FBQztJQUM3QyxPQUFPLHVCQUF1QixDQUFDLFFBQVEsQ0FBQyxPQUFPLEVBQUUsbUJBQW1CLENBQUMsQ0FBQztBQUN4RSxDQUFDLENBQUM7QUFJRjs7Ozs7Ozs7O0dBU0c7QUFDSCxNQUFNLENBQUMsTUFBTSx1QkFBdUIsR0FBRyxDQUFDLE9BQW1CLEVBQUUsYUFBc0IsRUFBVSxFQUFFO0lBQzdGLE1BQU0sbUJBQW1CLEdBQUcsQ0FBQyxhQUFhLElBQUksSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDLEdBQUcsSUFBSSxDQUFDO0lBQ2pFLE1BQU0sZ0JBQWdCLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUM3QyxJQUFJLGdCQUFnQixLQUFLLElBQUksRUFBRSxDQUFDO1FBQzlCLE1BQU0sS0FBSyxDQUFDLG1DQUFtQyxDQUFDLENBQUM7SUFDbkQsQ0FBQztJQUNELE1BQU0sY0FBYyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsZ0JBQWdCLENBQUMsR0FBRyxJQUFJLENBQUM7SUFDM0QsTUFBTSxrQkFBa0IsR0FBRyxJQUFJLENBQUMsR0FBRyxFQUFFLEdBQUcsSUFBSSxDQUFDO0lBQzdDLE1BQU0sV0FBVyxHQUFHLGNBQWMsR0FBRyxtQkFBbUIsQ0FBQztJQUN6RCxNQUFNLFVBQVUsR0FBRyxjQUFjLEdBQUcsa0JBQWtCLENBQUM7SUFFdkQsT0FBTyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsV0FBVyxHQUFHLFVBQVUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO0FBQ3BELENBQUMsQ0FBQztBQUVGOzs7Ozs7OztHQVFHO0FBQ0gsTUFBTSxVQUFVLFdBQVcsQ0FBQyxHQUFXO0lBQ3JDLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUNULE9BQU8sR0FBRyxDQUFDO0lBQ2IsQ0FBQztJQUNELElBQUksV0FBVyxHQUFHLEdBQUcsQ0FBQztJQUN0QixJQUFJLFdBQVcsR0FBRyxFQUFFLENBQUM7SUFDckIsT0FBTyxXQUFXLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO1FBQzlCLFdBQVcsSUFBSSxXQUFXLENBQUMsU0FBUyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsR0FBRyxNQUFNLENBQUM7UUFDckQsV0FBVyxHQUFHLFdBQVcsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUNELE9BQU8sV0FBVyxDQUFDO0FBQ3JCLENBQUM7QUFFRDs7OztHQUlHO0FBQ0gsTUFBTSxDQUFDLEtBQUssVUFBVSxpQkFBaUIsQ0FBQyxTQUFvQjtJQUMxRCxJQUFJLFNBQVMsQ0FBQyxJQUFJLEtBQUssUUFBUSxFQUFFLENBQUM7UUFDaEMsTUFBTSxJQUFJLGtCQUFrQixDQUFDLG9CQUFvQixDQUFDLENBQUM7SUFDckQsQ0FBQztJQUVELE1BQU0saUJBQWlCLEdBQUcsTUFBTSxNQUFNLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxNQUFNLEVBQUUsU0FBUyxDQUFDLENBQUM7SUFDM0UsTUFBTSxHQUFHLEdBQUcsTUFBTSxDQUFDLGlCQUFpQixDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFDeEQsTUFBTSxHQUFHLEdBQUcsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQzdCLE9BQU8saUNBQWlDLEdBQUcsMEJBQTBCLENBQUM7QUFDeEUsQ0FBQztBQUVEOzs7O0dBSUc7QUFDSCxNQUFNLENBQUMsS0FBSyxVQUFVLG9CQUFvQixDQUFDLEdBQVc7SUFDcEQsSUFBSSw0QkFBNEIsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztRQUMzQyxPQUFPLGlCQUFpQixDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7U0FBTSxJQUFJLDZCQUE2QixDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDO1FBQ25ELE9BQU8sZUFBZSxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQzlCLENBQUM7SUFDRCw0Q0FBNEM7SUFDNUMsNkNBQTZDO0lBQzdDLHFHQUFxRztJQUNyRyxNQUFNLElBQUksU0FBUyxDQUFDLHlCQUF5QixHQUFHLEdBQUcsQ0FBQyxDQUFDO0FBQ3ZELENBQUM7QUFFRDs7Ozs7Ozs7R0FRRztBQUNILE1BQU0sQ0FBQyxLQUFLLFVBQVUsdUJBQXVCLENBQUMsU0FBaUI7SUFDN0QsSUFBSSxHQUFHLEdBQVcsU0FBUyxDQUFDO0lBRTVCLHdFQUF3RTtJQUN4RSx5Q0FBeUM7SUFDekMsSUFBSSxTQUFTLENBQUMsUUFBUSxDQUFDLGFBQWEsQ0FBQyxFQUFFLENBQUM7UUFDdEMsTUFBTSxJQUFJLEdBQUcsTUFBTSxVQUFVLENBQUMsU0FBUyxFQUFFLE9BQU8sRUFBRSxFQUFFLFdBQVcsRUFBRSxJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBQ3pFLEdBQUcsR0FBRyxNQUFNLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUMvQixDQUFDO0lBRUQsT0FBTyxHQUFHLENBQUM7QUFDYixDQUFDO0FBRUQ7Ozs7Ozs7O0dBUUc7QUFDSCxNQUFNLFVBQVUsc0JBQXNCLENBQUMsS0FBYztJQUNuRCxJQUFJLEtBQUssWUFBWSxZQUFZLElBQUksS0FBSyxZQUFZLEtBQUssRUFBRSxDQUFDO1FBQzVELE9BQU8sS0FBSyxDQUFDLE9BQU8sQ0FBQztJQUN2QixDQUFDO0lBQ0QsT0FBTyxnQ0FBZ0MsQ0FBQztBQUMxQyxDQUFDO0FBRUQ7Ozs7Ozs7R0FPRztBQUNILE1BQU0sVUFBVSw2QkFBNkIsQ0FBQyxRQUFnQjtJQUM1RCxJQUFJLE1BQU0sR0FBRyxRQUFRLElBQUksRUFBRSxDQUFDO0lBQzVCLElBQUksTUFBTSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDO1FBQ3pCLE1BQU0sR0FBRyxNQUFNLENBQUMsTUFBTSxFQUFFLEdBQUcsQ0FBQyxDQUFDO0lBQy9CLENBQUM7SUFDRCxJQUFJLE1BQU0sQ0FBQyxRQUFRLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FBQztRQUNsQyxNQUFNLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBQ0QsSUFBSSxNQUFNLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUM7UUFDNUIsTUFBTSxHQUFHLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDL0IsQ0FBQztJQUNELE9BQU8sTUFBTSxDQUFDO0FBQ2hCLENBQUMifQ==
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@opentdf/sdk",
|
|
3
|
-
"version": "0.4.0-beta.
|
|
3
|
+
"version": "0.4.0-beta.15",
|
|
4
4
|
"description": "OpenTDF for the Web",
|
|
5
5
|
"homepage": "https://github.com/opentdf/web-sdk",
|
|
6
6
|
"bugs": {
|
|
@@ -69,7 +69,8 @@
|
|
|
69
69
|
"build:watch": "tsc --watch",
|
|
70
70
|
"clean": "rm -rf {build,coverage,dist,tests/mocha/dist}",
|
|
71
71
|
"coverage:merge": "for x in mocha wtr; do cp coverage/$x/coverage-final.json coverage/$x.json; done; nyc report --reporter text --reporter lcov -t coverage --lines 75 --statements 75 --branches 70 --functions 65 --check-coverage >coverage/coverage.txt",
|
|
72
|
-
"doc": "typedoc --out dist/docs src/index.ts",
|
|
72
|
+
"doc": "typedoc --out dist/docs src/index.ts --customCss ./typedoc-theme.css",
|
|
73
|
+
"doc:md": "typedoc --plugin typedoc-plugin-markdown --out dist/docs-md src/index.ts",
|
|
73
74
|
"format": "prettier --write \"{src,tdf3,tests}/**/*.ts\"",
|
|
74
75
|
"license-check": "license-checker-rseidelsohn --production --onlyAllow 'Apache-2.0; BSD; CC-BY-4.0; ISC; MIT'",
|
|
75
76
|
"lint": "eslint ./src/**/*.ts ./tdf3/**/*.ts ./tests/**/*.ts",
|
|
@@ -133,7 +134,8 @@
|
|
|
133
134
|
"process": "^0.11.10",
|
|
134
135
|
"sinon": "~19.0.2",
|
|
135
136
|
"tsconfig-paths": "^4.2.0",
|
|
136
|
-
"typedoc": "^0.
|
|
137
|
+
"typedoc": "^0.28.5",
|
|
138
|
+
"typedoc-plugin-markdown": "^4.7.0",
|
|
137
139
|
"typescript": "^5.8.2",
|
|
138
140
|
"typescript-eslint": "^8.26.0",
|
|
139
141
|
"webpack": "^5.98.0",
|
package/src/access.ts
CHANGED
|
@@ -136,6 +136,12 @@ export async function noteInvalidPublicKey(url: URL, r: Promise<CryptoKey>): Pro
|
|
|
136
136
|
}
|
|
137
137
|
}
|
|
138
138
|
|
|
139
|
+
/**
|
|
140
|
+
* Fetches the key access servers for a given platform URL.
|
|
141
|
+
* @param platformUrl The platform URL to fetch key access servers for.
|
|
142
|
+
* @param authProvider The authentication provider to use for the request.
|
|
143
|
+
* @returns A promise that resolves to an OriginAllowList.
|
|
144
|
+
*/
|
|
139
145
|
export async function fetchKeyAccessServers(
|
|
140
146
|
platformUrl: string,
|
|
141
147
|
authProvider: AuthProvider
|
|
@@ -190,6 +196,15 @@ const origin = (u: string): string => {
|
|
|
190
196
|
}
|
|
191
197
|
};
|
|
192
198
|
|
|
199
|
+
/**
|
|
200
|
+
* Manages a list of origins that are allowed to access the Key Access Server (KAS).
|
|
201
|
+
* @origins A list of origins that are allowed to access the KAS.
|
|
202
|
+
* @allowAll If true, all origins are allowed to access the KAS.
|
|
203
|
+
* If false, only the origins in the list are allowed to access the KAS.
|
|
204
|
+
* @description This class is used to manage a list of origins that are allowed to access the KAS.
|
|
205
|
+
* It validates the URLs and provides a method to check if a given URL is allowed.
|
|
206
|
+
* It is used to ensure that only authorized origins can access the KAS.
|
|
207
|
+
*/
|
|
193
208
|
export class OriginAllowList {
|
|
194
209
|
origins: string[];
|
|
195
210
|
allowAll: boolean;
|
|
@@ -2,6 +2,20 @@ import { ConfigurationError } from '../errors.js';
|
|
|
2
2
|
import { type AuthProvider, type HttpRequest } from './auth.js';
|
|
3
3
|
import { AccessToken, type RefreshTokenCredentials } from './oidc.js';
|
|
4
4
|
|
|
5
|
+
/**
|
|
6
|
+
* An AuthProvider that uses an OIDC refresh token to obtain an access token.
|
|
7
|
+
* It exchanges the refresh token for an access token and uses that to augment HTTP requests with credentials.
|
|
8
|
+
* @example
|
|
9
|
+
* ```ts
|
|
10
|
+
* import { OIDCRefreshTokenProvider } from '@opentdf/sdk';
|
|
11
|
+
* await AuthProviders.refreshAuthProvider({
|
|
12
|
+
clientId: 'my-client-id',
|
|
13
|
+
exchange: 'refresh',
|
|
14
|
+
refreshToken: 'refresh-token-from-oidc-provider',
|
|
15
|
+
oidcOrigin: 'https://example.oidc.provider.com',
|
|
16
|
+
});
|
|
17
|
+
```
|
|
18
|
+
*/
|
|
5
19
|
export class OIDCRefreshTokenProvider implements AuthProvider {
|
|
6
20
|
oidcAuth: AccessToken;
|
|
7
21
|
refreshToken?: string;
|
package/src/index.ts
CHANGED
|
@@ -2,6 +2,7 @@ export { type AuthProvider, type HttpMethod, HttpRequest, withHeaders } from './
|
|
|
2
2
|
export * as AuthProviders from './auth/providers.js';
|
|
3
3
|
export { attributeFQNsAsValues } from './policy/api.js';
|
|
4
4
|
export { version, clientType, tdfSpecVersion } from './version.js';
|
|
5
|
+
export { PlatformClient, type PlatformClientOptions, type PlatformServices } from './platform.js';
|
|
5
6
|
export * from './opentdf.js';
|
|
6
7
|
export * from './seekable.js';
|
|
7
8
|
export * from '../tdf3/src/models/index.js';
|