@plolink/sdk 0.0.5 → 0.0.8

package/dist/common/index.cjs

@@ -1,61 +1,65 @@
 'use strict';
 
-var chunkNS3DJP2O_cjs = require('../chunk-NS3DJP2O.cjs');
+var chunkWFBN23AH_cjs = require('../chunk-WFBN23AH.cjs');
 var chunkJR4HYYQI_cjs = require('../chunk-JR4HYYQI.cjs');
 
 
 
 Object.defineProperty(exports, "EventEmitter", {
   enumerable: true,
-  get: function () { return chunkNS3DJP2O_cjs.EventEmitter; }
+  get: function () { return chunkWFBN23AH_cjs.EventEmitter; }
+});
+Object.defineProperty(exports, "InfoSyncSignature", {
+  enumerable: true,
+  get: function () { return chunkWFBN23AH_cjs.InfoSyncSignature; }
 });
 Object.defineProperty(exports, "TypedEventEmitter", {
   enumerable: true,
-  get: function () { return chunkNS3DJP2O_cjs.TypedEventEmitter; }
+  get: function () { return chunkWFBN23AH_cjs.TypedEventEmitter; }
 });
 Object.defineProperty(exports, "assertEnvironment", {
   enumerable: true,
-  get: function () { return chunkNS3DJP2O_cjs.assertEnvironment; }
+  get: function () { return chunkWFBN23AH_cjs.assertEnvironment; }
 });
 Object.defineProperty(exports, "environmentInfo", {
   enumerable: true,
-  get: function () { return chunkNS3DJP2O_cjs.environmentInfo; }
+  get: function () { return chunkWFBN23AH_cjs.environmentInfo; }
 });
 Object.defineProperty(exports, "features", {
   enumerable: true,
-  get: function () { return chunkNS3DJP2O_cjs.features; }
+  get: function () { return chunkWFBN23AH_cjs.features; }
 });
 Object.defineProperty(exports, "getEnvironment", {
   enumerable: true,
-  get: function () { return chunkNS3DJP2O_cjs.getEnvironment; }
+  get: function () { return chunkWFBN23AH_cjs.getEnvironment; }
 });
 Object.defineProperty(exports, "getFileName", {
   enumerable: true,
-  get: function () { return chunkNS3DJP2O_cjs.getFileName; }
+  get: function () { return chunkWFBN23AH_cjs.getFileName; }
 });
 Object.defineProperty(exports, "getFileSize", {
   enumerable: true,
-  get: function () { return chunkNS3DJP2O_cjs.getFileSize; }
+  get: function () { return chunkWFBN23AH_cjs.getFileSize; }
 });
 Object.defineProperty(exports, "isBrowser", {
   enumerable: true,
-  get: function () { return chunkNS3DJP2O_cjs.isBrowser; }
+  get: function () { return chunkWFBN23AH_cjs.isBrowser; }
 });
 Object.defineProperty(exports, "isNode", {
   enumerable: true,
-  get: function () { return chunkNS3DJP2O_cjs.isNode; }
+  get: function () { return chunkWFBN23AH_cjs.isNode; }
 });
 Object.defineProperty(exports, "isValidFileInput", {
   enumerable: true,
-  get: function () { return chunkNS3DJP2O_cjs.isValidFileInput; }
+  get: function () { return chunkWFBN23AH_cjs.isValidFileInput; }
 });
 Object.defineProperty(exports, "isWebWorker", {
   enumerable: true,
-  get: function () { return chunkNS3DJP2O_cjs.isWebWorker; }
+  get: function () { return chunkWFBN23AH_cjs.isWebWorker; }
 });
 Object.defineProperty(exports, "safeDynamicImport", {
   enumerable: true,
-  get: function () { return chunkNS3DJP2O_cjs.safeDynamicImport; }
+  get: function () { return chunkWFBN23AH_cjs.safeDynamicImport; }
 });
 Object.defineProperty(exports, "Poller", {
   enumerable: true,

package/dist/common/index.d.cts

@@ -419,4 +419,129 @@ declare function assertEnvironment(expectedEnv: 'node' | 'browser' | 'worker', m
  */
 declare function safeDynamicImport<T = unknown>(moduleName: string): Promise<T>;
 
-export { EventEmitter, type FileInput, TypedEventEmitter, assertEnvironment, environmentInfo, features, getEnvironment, getFileName, getFileSize, isBrowser, isNode, isValidFileInput, isWebWorker, safeDynamicImport };
+/**
+ * 信息同步签名工具
+ *
+ * 用于生成和验证 Webhook 请求的 HMAC-SHA256 签名
+ *
+ * @example
+ * ```typescript
+ * // 验证 Webhook 签名
+ * const timestamp = parseInt(req.headers['x-sync-timestamp']);
+ * const signature = req.headers['x-sync-signature'];
+ * const payload = JSON.stringify(req.body);
+ *
+ * const isValid = InfoSyncSignature.verifySignature(
+ *   secretKey,
+ *   timestamp,
+ *   payload,
+ *   signature
+ * );
+ *
+ * if (!isValid) {
+ *   return res.status(401).json({ error: 'Invalid signature' });
+ * }
+ * ```
+ */
+declare class InfoSyncSignature {
+    /**
+     * 生成 HMAC-SHA256 签名
+     *
+     * 签名算法:
+     * - message = `${timestamp}.${payload}`
+     * - signature = HMAC-SHA256(secretKey, message)
+     *
+     * @param secretKey - 密钥（从创建 Webhook 配置时获得）
+     * @param timestamp - 时间戳（毫秒）
+     * @param payload - 负载字符串（通常是 JSON.stringify 后的请求体）
+     * @returns 签名（hex 格式）
+     *
+     * @example
+     * ```typescript
+     * const timestamp = Date.now();
+     * const payload = JSON.stringify({ foo: 'bar' });
+     * const signature = InfoSyncSignature.generateSignature(
+     *   'your-secret-key',
+     *   timestamp,
+     *   payload
+     * );
+     * ```
+     */
+    static generateSignature(secretKey: string, timestamp: number, payload: string): string;
+    /**
+     * 验证 HMAC-SHA256 签名
+     *
+     * @param secretKey - 密钥
+     * @param timestamp - 时间戳（毫秒）
+     * @param payload - 负载字符串
+     * @param signature - 待验证的签名
+     * @returns 签名是否有效
+     *
+     * @example
+     * ```typescript
+     * const isValid = InfoSyncSignature.verifySignature(
+     *   secretKey,
+     *   timestamp,
+     *   payload,
+     *   signature
+     * );
+     *
+     * if (!isValid) {
+     *   throw new Error('Invalid signature');
+     * }
+     * ```
+     */
+    static verifySignature(secretKey: string, timestamp: number, payload: string, signature: string): boolean;
+    /**
+     * 验证时间戳是否在有效期内
+     *
+     * 用于防止重放攻击，确保请求是最近发送的
+     *
+     * @param timestamp - 时间戳（毫秒）
+     * @param maxAge - 最大有效期（毫秒），默认 5 分钟
+     * @returns 时间戳是否有效
+     *
+     * @example
+     * ```typescript
+     * const timestamp = parseInt(req.headers['x-sync-timestamp']);
+     *
+     * // 验证时间戳是否在 5 分钟内
+     * if (!InfoSyncSignature.verifyTimestamp(timestamp, 5 * 60 * 1000)) {
+     *   return res.status(401).json({ error: 'Timestamp expired' });
+     * }
+     * ```
+     */
+    static verifyTimestamp(timestamp: number, maxAge?: number): boolean;
+    /**
+     * 完整的 Webhook 请求验证
+     *
+     * 同时验证签名和时间戳，是推荐的验证方式
+     *
+     * @param secretKey - 密钥
+     * @param timestamp - 时间戳（毫秒）
+     * @param payload - 负载字符串
+     * @param signature - 待验证的签名
+     * @param maxAge - 最大有效期（毫秒），默认 5 分钟
+     * @returns 验证结果
+     *
+     * @example
+     * ```typescript
+     * const result = InfoSyncSignature.verifyWebhookRequest(
+     *   secretKey,
+     *   timestamp,
+     *   payload,
+     *   signature
+     * );
+     *
+     * if (!result.valid) {
+     *   return res.status(401).json({ error: result.error });
+     * }
+     * ```
+     */
+    static verifyWebhookRequest(secretKey: string, timestamp: number, payload: string, signature: string, maxAge?: number): {
+        valid: boolean;
+        error?: string;
+    };
+}
+
+export { EventEmitter, type FileInput, InfoSyncSignature, TypedEventEmitter, assertEnvironment, environmentInfo, features, getEnvironment, getFileName, getFileSize, isBrowser, isNode, isValidFileInput, isWebWorker, safeDynamicImport };

package/dist/common/index.d.ts

@@ -419,4 +419,129 @@ declare function assertEnvironment(expectedEnv: 'node' | 'browser' | 'worker', m
  */
 declare function safeDynamicImport<T = unknown>(moduleName: string): Promise<T>;
 
-export { EventEmitter, type FileInput, TypedEventEmitter, assertEnvironment, environmentInfo, features, getEnvironment, getFileName, getFileSize, isBrowser, isNode, isValidFileInput, isWebWorker, safeDynamicImport };
+/**
+ * 信息同步签名工具
+ *
+ * 用于生成和验证 Webhook 请求的 HMAC-SHA256 签名
+ *
+ * @example
+ * ```typescript
+ * // 验证 Webhook 签名
+ * const timestamp = parseInt(req.headers['x-sync-timestamp']);
+ * const signature = req.headers['x-sync-signature'];
+ * const payload = JSON.stringify(req.body);
+ *
+ * const isValid = InfoSyncSignature.verifySignature(
+ *   secretKey,
+ *   timestamp,
+ *   payload,
+ *   signature
+ * );
+ *
+ * if (!isValid) {
+ *   return res.status(401).json({ error: 'Invalid signature' });
+ * }
+ * ```
+ */
+declare class InfoSyncSignature {
+    /**
+     * 生成 HMAC-SHA256 签名
+     *
+     * 签名算法:
+     * - message = `${timestamp}.${payload}`
+     * - signature = HMAC-SHA256(secretKey, message)
+     *
+     * @param secretKey - 密钥（从创建 Webhook 配置时获得）
+     * @param timestamp - 时间戳（毫秒）
+     * @param payload - 负载字符串（通常是 JSON.stringify 后的请求体）
+     * @returns 签名（hex 格式）
+     *
+     * @example
+     * ```typescript
+     * const timestamp = Date.now();
+     * const payload = JSON.stringify({ foo: 'bar' });
+     * const signature = InfoSyncSignature.generateSignature(
+     *   'your-secret-key',
+     *   timestamp,
+     *   payload
+     * );
+     * ```
+     */
+    static generateSignature(secretKey: string, timestamp: number, payload: string): string;
+    /**
+     * 验证 HMAC-SHA256 签名
+     *
+     * @param secretKey - 密钥
+     * @param timestamp - 时间戳（毫秒）
+     * @param payload - 负载字符串
+     * @param signature - 待验证的签名
+     * @returns 签名是否有效
+     *
+     * @example
+     * ```typescript
+     * const isValid = InfoSyncSignature.verifySignature(
+     *   secretKey,
+     *   timestamp,
+     *   payload,
+     *   signature
+     * );
+     *
+     * if (!isValid) {
+     *   throw new Error('Invalid signature');
+     * }
+     * ```
+     */
+    static verifySignature(secretKey: string, timestamp: number, payload: string, signature: string): boolean;
+    /**
+     * 验证时间戳是否在有效期内
+     *
+     * 用于防止重放攻击，确保请求是最近发送的
+     *
+     * @param timestamp - 时间戳（毫秒）
+     * @param maxAge - 最大有效期（毫秒），默认 5 分钟
+     * @returns 时间戳是否有效
+     *
+     * @example
+     * ```typescript
+     * const timestamp = parseInt(req.headers['x-sync-timestamp']);
+     *
+     * // 验证时间戳是否在 5 分钟内
+     * if (!InfoSyncSignature.verifyTimestamp(timestamp, 5 * 60 * 1000)) {
+     *   return res.status(401).json({ error: 'Timestamp expired' });
+     * }
+     * ```
+     */
+    static verifyTimestamp(timestamp: number, maxAge?: number): boolean;
+    /**
+     * 完整的 Webhook 请求验证
+     *
+     * 同时验证签名和时间戳，是推荐的验证方式
+     *
+     * @param secretKey - 密钥
+     * @param timestamp - 时间戳（毫秒）
+     * @param payload - 负载字符串
+     * @param signature - 待验证的签名
+     * @param maxAge - 最大有效期（毫秒），默认 5 分钟
+     * @returns 验证结果
+     *
+     * @example
+     * ```typescript
+     * const result = InfoSyncSignature.verifyWebhookRequest(
+     *   secretKey,
+     *   timestamp,
+     *   payload,
+     *   signature
+     * );
+     *
+     * if (!result.valid) {
+     *   return res.status(401).json({ error: result.error });
+     * }
+     * ```
+     */
+    static verifyWebhookRequest(secretKey: string, timestamp: number, payload: string, signature: string, maxAge?: number): {
+        valid: boolean;
+        error?: string;
+    };
+}
+
+export { EventEmitter, type FileInput, InfoSyncSignature, TypedEventEmitter, assertEnvironment, environmentInfo, features, getEnvironment, getFileName, getFileSize, isBrowser, isNode, isValidFileInput, isWebWorker, safeDynamicImport };

package/dist/common/index.js

@@ -1,4 +1,4 @@
-export { EventEmitter, TypedEventEmitter, assertEnvironment, environmentInfo, features, getEnvironment, getFileName, getFileSize, isBrowser, isNode, isValidFileInput, isWebWorker, safeDynamicImport } from '../chunk-4H4RACSE.js';
+export { EventEmitter, InfoSyncSignature, TypedEventEmitter, assertEnvironment, environmentInfo, features, getEnvironment, getFileName, getFileSize, isBrowser, isNode, isValidFileInput, isWebWorker, safeDynamicImport } from '../chunk-LHNCGCWW.js';
 export { Poller } from '../chunk-IHAAKFEJ.js';
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map