@protontech/drive-sdk 0.3.0 → 0.3.1

package/dist/internal/sharingPublic/session/apiService.js

@@ -0,0 +1,55 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SharingPublicSessionAPIService = void 0;
+/**
+ * Provides API communication for managing public link session (not data).
+ *
+ * The service is responsible for transforming local objects to API payloads
+ * and vice versa. It should not contain any business logic.
+ */
+class SharingPublicSessionAPIService {
+    apiService;
+    constructor(apiService) {
+        this.apiService = apiService;
+        this.apiService = apiService;
+    }
+    /**
+     * Start a SRP handshake for public link session.
+     */
+    async initPublicLinkSession(token) {
+        const response = await this.apiService.get(`drive/urls/${token}/info`);
+        return {
+            srp: {
+                version: response.Version,
+                modulus: response.Modulus,
+                serverEphemeral: response.ServerEphemeral,
+                salt: response.UrlPasswordSalt,
+                srpSession: response.SRPSession,
+            },
+            isCustomPasswordProtected: (response.Flags & 1) === 1,
+            isLegacy: response.Flags === 0 || response.Flags === 1,
+            vendorType: response.VendorType,
+        };
+    }
+    /**
+     * Authenticate a public link session.
+     *
+     * It returns the server proof that must be validated, and the session uid
+     * with an optional access token. The access token is only returned if
+     * the session is newly created.
+     */
+    async authPublicLinkSession(token, srp) {
+        const response = await this.apiService.post(`drive/urls/${token}/auth`, {
+            ClientProof: srp.clientProof,
+            ClientEphemeral: srp.clientEphemeral,
+            SRPSession: srp.srpSession,
+        });
+        return {
+            serverProof: response.ServerProof,
+            sessionUid: response.UID,
+            sessionAccessToken: response.AccessToken,
+        };
+    }
+}
+exports.SharingPublicSessionAPIService = SharingPublicSessionAPIService;
+//# sourceMappingURL=apiService.js.map

package/dist/internal/sharingPublic/session/apiService.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"apiService.js","sourceRoot":"","sources":["../../../../src/internal/sharingPublic/session/apiService.ts"],"names":[],"mappings":";;;AAaA;;;;;GAKG;AACH,MAAa,8BAA8B;IACnB;IAApB,YAAoB,UAA2B;QAA3B,eAAU,GAAV,UAAU,CAAiB;QAC3C,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IACjC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,qBAAqB,CAAC,KAAa;QACrC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAA4B,cAAc,KAAK,OAAO,CAAC,CAAC;QAClG,OAAO;YACH,GAAG,EAAE;gBACD,OAAO,EAAE,QAAQ,CAAC,OAAO;gBACzB,OAAO,EAAE,QAAQ,CAAC,OAAO;gBACzB,eAAe,EAAE,QAAQ,CAAC,eAAe;gBACzC,IAAI,EAAE,QAAQ,CAAC,eAAe;gBAC9B,UAAU,EAAE,QAAQ,CAAC,UAAU;aAClC;YACD,yBAAyB,EAAE,CAAC,QAAQ,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;YACrD,QAAQ,EAAE,QAAQ,CAAC,KAAK,KAAK,CAAC,IAAI,QAAQ,CAAC,KAAK,KAAK,CAAC;YACtD,UAAU,EAAE,QAAQ,CAAC,UAAU;SAClC,CAAC;IACN,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,qBAAqB,CACvB,KAAa,EACb,GAAsB;QAMtB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,CACvC,cAAc,KAAK,OAAO,EAC1B;YACI,WAAW,EAAE,GAAG,CAAC,WAAW;YAC5B,eAAe,EAAE,GAAG,CAAC,eAAe;YACpC,UAAU,EAAE,GAAG,CAAC,UAAU;SAC7B,CACJ,CAAC;QAEF,OAAO;YACH,WAAW,EAAE,QAAQ,CAAC,WAAW;YACjC,UAAU,EAAE,QAAQ,CAAC,GAAG;YACxB,kBAAkB,EAAE,QAAQ,CAAC,WAAW;SAC3C,CAAC;IACN,CAAC;CACJ;AAtDD,wEAsDC"}

package/dist/internal/sharingPublic/session/httpClient.d.ts

@@ -0,0 +1,16 @@
+import { ProtonDriveHTTPClient, ProtonDriveHTTPClientBlobRequest, ProtonDriveHTTPClientJsonRequest } from '../../../interface';
+import { SharingPublicLinkSession } from './session';
+/**
+ * HTTP client to get access to public link of given session.
+ *
+ * It is responsible for adding the session headers to the request if the session
+ * is authenticated, and re-authenticating the session if the session is expired.
+ */
+export declare class SharingPublicSessionHttpClient implements ProtonDriveHTTPClient {
+    private httpClient;
+    private session;
+    constructor(httpClient: ProtonDriveHTTPClient, session: SharingPublicLinkSession);
+    fetchJson(options: ProtonDriveHTTPClientJsonRequest): Promise<Response>;
+    fetchBlob(options: ProtonDriveHTTPClientBlobRequest): Promise<Response>;
+    private getOptionsWithSessionHeaders;
+}

package/dist/internal/sharingPublic/session/httpClient.js

@@ -0,0 +1,41 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SharingPublicSessionHttpClient = void 0;
+/**
+ * HTTP client to get access to public link of given session.
+ *
+ * It is responsible for adding the session headers to the request if the session
+ * is authenticated, and re-authenticating the session if the session is expired.
+ */
+class SharingPublicSessionHttpClient {
+    httpClient;
+    session;
+    constructor(httpClient, session) {
+        this.httpClient = httpClient;
+        this.session = session;
+        this.httpClient = httpClient;
+        this.session = session;
+    }
+    async fetchJson(options) {
+        const response = await this.httpClient.fetchJson(this.getOptionsWithSessionHeaders(options));
+        if (response.status === 401 /* HTTPErrorCode.UNAUTHORIZED */) {
+            await this.session.reauth();
+            return this.httpClient.fetchJson(this.getOptionsWithSessionHeaders(options));
+        }
+        return response;
+    }
+    async fetchBlob(options) {
+        return this.httpClient.fetchBlob(this.getOptionsWithSessionHeaders(options));
+    }
+    getOptionsWithSessionHeaders(options) {
+        // Set headers if the session is newly created.
+        // This is needed only if the user is not logged in.
+        if (this.session.session.accessToken) {
+            options.headers.set('x-pm-uid', this.session.session.uid);
+            options.headers.set('Authorization', `Bearer ${this.session.session.accessToken}`);
+        }
+        return options;
+    }
+}
+exports.SharingPublicSessionHttpClient = SharingPublicSessionHttpClient;
+//# sourceMappingURL=httpClient.js.map

package/dist/internal/sharingPublic/session/httpClient.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"httpClient.js","sourceRoot":"","sources":["../../../../src/internal/sharingPublic/session/httpClient.ts"],"names":[],"mappings":";;;AAQA;;;;;GAKG;AACH,MAAa,8BAA8B;IAE3B;IACA;IAFZ,YACY,UAAiC,EACjC,OAAiC;QADjC,eAAU,GAAV,UAAU,CAAuB;QACjC,YAAO,GAAP,OAAO,CAA0B;QAEzC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,OAAyC;QACrD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,4BAA4B,CAAC,OAAO,CAAC,CAAC,CAAC;QAE7F,IAAI,QAAQ,CAAC,MAAM,yCAA+B,EAAE,CAAC;YACjD,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,4BAA4B,CAAC,OAAO,CAAC,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,QAAQ,CAAC;IACpB,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,OAAyC;QACrD,OAAO,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,4BAA4B,CAAC,OAAO,CAAC,CAAC,CAAC;IACjF,CAAC;IAEO,4BAA4B,CAAC,OAAyC;QAC1E,+CAA+C;QAC/C,oDAAoD;QACpD,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YACnC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC1D,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;QACvF,CAAC;QACD,OAAO,OAAO,CAAC;IACnB,CAAC;CACJ;AAjCD,wEAiCC"}

package/dist/internal/sharingPublic/session/index.d.ts

@@ -0,0 +1 @@
+export { SharingPublicSessionManager } from './manager';

package/dist/internal/sharingPublic/session/index.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SharingPublicSessionManager = void 0;
+var manager_1 = require("./manager");
+Object.defineProperty(exports, "SharingPublicSessionManager", { enumerable: true, get: function () { return manager_1.SharingPublicSessionManager; } });
+//# sourceMappingURL=index.js.map

package/dist/internal/sharingPublic/session/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/internal/sharingPublic/session/index.ts"],"names":[],"mappings":";;;AAAA,qCAAwD;AAA/C,sHAAA,2BAA2B,OAAA"}

package/dist/internal/sharingPublic/session/interface.d.ts

@@ -0,0 +1,18 @@
+export type PublicLinkInfo = {
+    srp: PublicLinkSrpInfo;
+    isCustomPasswordProtected: boolean;
+    isLegacy: boolean;
+    vendorType: number;
+};
+export type PublicLinkSrpInfo = {
+    version: number;
+    modulus: string;
+    serverEphemeral: string;
+    salt: string;
+    srpSession: string;
+};
+export type PublicLinkSrpAuth = {
+    clientProof: string;
+    clientEphemeral: string;
+    srpSession: string;
+};

package/dist/internal/sharingPublic/session/interface.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=interface.js.map

package/dist/internal/sharingPublic/session/interface.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"interface.js","sourceRoot":"","sources":["../../../../src/internal/sharingPublic/session/interface.ts"],"names":[],"mappings":""}

package/dist/internal/sharingPublic/session/manager.d.ts

@@ -0,0 +1,49 @@
+import { ProtonDriveHTTPClient } from '../../../interface';
+import { SRPModule } from '../../../crypto';
+import { DriveAPIService } from '../../apiService';
+import { SharingPublicSessionHttpClient } from './httpClient';
+/**
+ * Manages sessions for public links.
+ *
+ * It can be used to get access to multiple public links.
+ */
+export declare class SharingPublicSessionManager {
+    private httpClient;
+    private srpModule;
+    private api;
+    private infosPerToken;
+    constructor(httpClient: ProtonDriveHTTPClient, apiService: DriveAPIService, srpModule: SRPModule);
+    /**
+     * Get the info for a public link.
+     *
+     * It returns the info for the public link, including if it is custom
+     * password protected, if it is legacy (not supported anymore), and
+     * the vendor type (whether it is Proton Docs, for example, and should
+     * be redirected to the public Docs app).
+     *
+     * @param url - The URL of the public link.
+     */
+    getInfo(url: string): Promise<{
+        isCustomPasswordProtected: boolean;
+        isLegacy: boolean;
+        vendorType: number;
+    }>;
+    /**
+     * Authenticate a public link session.
+     *
+     * It returns HTTP client that must be used for the endpoints to access the
+     * public link data.
+     *
+     * It returnes parsed token and full password (password from the URL +
+     * custom password) that can be used for decrypting the share key.
+     *
+     * @param url - The URL of the public link.
+     * @param customPassword - The custom password for the public link, if it is
+     * custom password protected.
+     */
+    auth(url: string, customPassword?: string): Promise<{
+        token: string;
+        password: string;
+        httpClient: SharingPublicSessionHttpClient;
+    }>;
+}

package/dist/internal/sharingPublic/session/manager.js

@@ -0,0 +1,75 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SharingPublicSessionManager = void 0;
+const apiService_1 = require("./apiService");
+const httpClient_1 = require("./httpClient");
+const session_1 = require("./session");
+const url_1 = require("./url");
+/**
+ * Manages sessions for public links.
+ *
+ * It can be used to get access to multiple public links.
+ */
+class SharingPublicSessionManager {
+    httpClient;
+    srpModule;
+    api;
+    infosPerToken = new Map();
+    constructor(httpClient, apiService, srpModule) {
+        this.httpClient = httpClient;
+        this.srpModule = srpModule;
+        this.httpClient = httpClient;
+        this.srpModule = srpModule;
+        this.api = new apiService_1.SharingPublicSessionAPIService(apiService);
+    }
+    /**
+     * Get the info for a public link.
+     *
+     * It returns the info for the public link, including if it is custom
+     * password protected, if it is legacy (not supported anymore), and
+     * the vendor type (whether it is Proton Docs, for example, and should
+     * be redirected to the public Docs app).
+     *
+     * @param url - The URL of the public link.
+     */
+    async getInfo(url) {
+        const { token } = (0, url_1.getTokenAndPasswordFromUrl)(url);
+        const info = await this.api.initPublicLinkSession(token);
+        this.infosPerToken.set(token, info);
+        return {
+            isCustomPasswordProtected: info.isCustomPasswordProtected,
+            isLegacy: info.isLegacy,
+            vendorType: info.vendorType,
+        };
+    }
+    /**
+     * Authenticate a public link session.
+     *
+     * It returns HTTP client that must be used for the endpoints to access the
+     * public link data.
+     *
+     * It returnes parsed token and full password (password from the URL +
+     * custom password) that can be used for decrypting the share key.
+     *
+     * @param url - The URL of the public link.
+     * @param customPassword - The custom password for the public link, if it is
+     * custom password protected.
+     */
+    async auth(url, customPassword) {
+        const { token, password: urlPassword } = (0, url_1.getTokenAndPasswordFromUrl)(url);
+        let info = this.infosPerToken.get(token);
+        if (!info) {
+            info = await this.api.initPublicLinkSession(token);
+        }
+        const password = `${urlPassword}${customPassword || ''}`;
+        const session = new session_1.SharingPublicLinkSession(this.api, this.srpModule, token, password);
+        await session.auth(info.srp);
+        return {
+            token,
+            password,
+            httpClient: new httpClient_1.SharingPublicSessionHttpClient(this.httpClient, session),
+        };
+    }
+}
+exports.SharingPublicSessionManager = SharingPublicSessionManager;
+//# sourceMappingURL=manager.js.map

package/dist/internal/sharingPublic/session/manager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"manager.js","sourceRoot":"","sources":["../../../../src/internal/sharingPublic/session/manager.ts"],"names":[],"mappings":";;;AAGA,6CAA8D;AAC9D,6CAA8D;AAE9D,uCAAqD;AACrD,+BAAmD;AAEnD;;;;GAIG;AACH,MAAa,2BAA2B;IAMxB;IAEA;IAPJ,GAAG,CAAiC;IAEpC,aAAa,GAAgC,IAAI,GAAG,EAAE,CAAC;IAE/D,YACY,UAAiC,EACzC,UAA2B,EACnB,SAAoB;QAFpB,eAAU,GAAV,UAAU,CAAuB;QAEjC,cAAS,GAAT,SAAS,CAAW;QAE5B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAE3B,IAAI,CAAC,GAAG,GAAG,IAAI,2CAA8B,CAAC,UAAU,CAAC,CAAC;IAC9D,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,OAAO,CAAC,GAAW;QAKrB,MAAM,EAAE,KAAK,EAAE,GAAG,IAAA,gCAA0B,EAAC,GAAG,CAAC,CAAC;QAElD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QACzD,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAEpC,OAAO;YACH,yBAAyB,EAAE,IAAI,CAAC,yBAAyB;YACzD,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,UAAU,EAAE,IAAI,CAAC,UAAU;SAC9B,CAAC;IACN,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,IAAI,CACN,GAAW,EACX,cAAuB;QAMvB,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,GAAG,IAAA,gCAA0B,EAAC,GAAG,CAAC,CAAC;QAEzE,IAAI,IAAI,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACzC,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,IAAI,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QACvD,CAAC;QAED,MAAM,QAAQ,GAAG,GAAG,WAAW,GAAG,cAAc,IAAI,EAAE,EAAE,CAAC;QAEzD,MAAM,OAAO,GAAG,IAAI,kCAAwB,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC;QACxF,MAAM,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAE7B,OAAO;YACH,KAAK;YACL,QAAQ;YACR,UAAU,EAAE,IAAI,2CAA8B,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC;SAC3E,CAAC;IACN,CAAC;CACJ;AAlFD,kEAkFC"}

package/dist/internal/sharingPublic/session/session.d.ts

@@ -0,0 +1,34 @@
+import { SRPModule } from "../../../crypto";
+import { SharingPublicSessionAPIService } from "./apiService";
+import { PublicLinkInfo, PublicLinkSrpInfo } from "./interface";
+/**
+ * Session for a public link.
+ *
+ * It is responsible for initializing and authenticating the public link session
+ * with the SRP handshake. It also can re-authenticate the session if it is expired.
+ */
+export declare class SharingPublicLinkSession {
+    private apiService;
+    private srpModule;
+    private token;
+    private password;
+    private sessionUid?;
+    private sessionAccessToken?;
+    constructor(apiService: SharingPublicSessionAPIService, srpModule: SRPModule, token: string, password: string);
+    reauth(): Promise<void>;
+    init(): Promise<PublicLinkInfo>;
+    auth(srp: PublicLinkSrpInfo): Promise<void>;
+    /**
+     * Get the session uid and access token.
+     *
+     * The access token is only returned if the session is newly created.
+     * If the access token is not available, it means the existing session
+     * can be used to access the public link.
+     *
+     * @throws If the session is not initialized.
+     */
+    get session(): {
+        uid: string;
+        accessToken: string | undefined;
+    };
+}

package/dist/internal/sharingPublic/session/session.js

@@ -0,0 +1,67 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SharingPublicLinkSession = void 0;
+/**
+ * Session for a public link.
+ *
+ * It is responsible for initializing and authenticating the public link session
+ * with the SRP handshake. It also can re-authenticate the session if it is expired.
+ */
+class SharingPublicLinkSession {
+    apiService;
+    srpModule;
+    token;
+    password;
+    sessionUid;
+    sessionAccessToken;
+    constructor(apiService, srpModule, token, password) {
+        this.apiService = apiService;
+        this.srpModule = srpModule;
+        this.token = token;
+        this.password = password;
+        this.apiService = apiService;
+        this.srpModule = srpModule;
+        this.token = token;
+        this.password = password;
+    }
+    async reauth() {
+        const info = await this.init();
+        await this.auth(info.srp);
+    }
+    async init() {
+        return this.apiService.initPublicLinkSession(this.token);
+    }
+    async auth(srp) {
+        const { expectedServerProof, clientProof, clientEphemeral } = await this.srpModule.getSrp(srp.version, srp.modulus, srp.serverEphemeral, srp.salt, this.password);
+        const auth = await this.apiService.authPublicLinkSession(this.token, {
+            clientProof,
+            clientEphemeral,
+            srpSession: srp.srpSession,
+        });
+        if (auth.serverProof !== expectedServerProof) {
+            throw new Error('Invalid server proof');
+        }
+        this.sessionUid = auth.sessionUid;
+        this.sessionAccessToken = auth.sessionAccessToken;
+    }
+    /**
+     * Get the session uid and access token.
+     *
+     * The access token is only returned if the session is newly created.
+     * If the access token is not available, it means the existing session
+     * can be used to access the public link.
+     *
+     * @throws If the session is not initialized.
+     */
+    get session() {
+        if (!this.sessionUid) {
+            throw new Error('Session not initialized');
+        }
+        return {
+            uid: this.sessionUid,
+            accessToken: this.sessionAccessToken,
+        };
+    }
+}
+exports.SharingPublicLinkSession = SharingPublicLinkSession;
+//# sourceMappingURL=session.js.map

package/dist/internal/sharingPublic/session/session.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.js","sourceRoot":"","sources":["../../../../src/internal/sharingPublic/session/session.ts"],"names":[],"mappings":";;;AAIA;;;;;GAKG;AACH,MAAa,wBAAwB;IAKrB;IACA;IACA;IACA;IAPJ,UAAU,CAAU;IACpB,kBAAkB,CAAU;IAEpC,YACY,UAA0C,EAC1C,SAAoB,EACpB,KAAa,EACb,QAAgB;QAHhB,eAAU,GAAV,UAAU,CAAgC;QAC1C,cAAS,GAAT,SAAS,CAAW;QACpB,UAAK,GAAL,KAAK,CAAQ;QACb,aAAQ,GAAR,QAAQ,CAAQ;QAExB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,MAAM;QACR,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAC/B,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC9B,CAAC;IAED,KAAK,CAAC,IAAI;QACN,OAAO,IAAI,CAAC,UAAU,CAAC,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC7D,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,GAAsB;QAC7B,MAAM,EAAE,mBAAmB,EAAE,WAAW,EAAE,eAAe,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,CACrF,GAAG,CAAC,OAAO,EACX,GAAG,CAAC,OAAO,EACX,GAAG,CAAC,eAAe,EACnB,GAAG,CAAC,IAAI,EACR,IAAI,CAAC,QAAQ,CAChB,CAAC;QAEF,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,qBAAqB,CAAC,IAAI,CAAC,KAAK,EAAE;YACjE,WAAW;YACX,eAAe;YACf,UAAU,EAAE,GAAG,CAAC,UAAU;SAC7B,CAAC,CAAC;QAEH,IAAI,IAAI,CAAC,WAAW,KAAK,mBAAmB,EAAE,CAAC;YAC3C,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC5C,CAAC;QAED,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QAClC,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,kBAAkB,CAAC;IACtD,CAAC;IAED;;;;;;;;OAQG;IACH,IAAI,OAAO;QACP,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC/C,CAAC;QAED,OAAO;YACH,GAAG,EAAE,IAAI,CAAC,UAAU;YACpB,WAAW,EAAE,IAAI,CAAC,kBAAkB;SACvC,CAAC;IACN,CAAC;CACJ;AAnED,4DAmEC"}

package/dist/internal/sharingPublic/session/url.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Parse the token and password from the URL.
+ *
+ * The URL format is: https://drive.proton.me/urls/token#password
+ *
+ * @param url - The URL of the public link.
+ * @returns The token and password.
+ */
+export declare function getTokenAndPasswordFromUrl(url: string): {
+    token: string;
+    password: string;
+};

package/dist/internal/sharingPublic/session/url.js

@@ -0,0 +1,23 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getTokenAndPasswordFromUrl = getTokenAndPasswordFromUrl;
+const ttag_1 = require("ttag");
+const errors_1 = require("../../../errors");
+/**
+ * Parse the token and password from the URL.
+ *
+ * The URL format is: https://drive.proton.me/urls/token#password
+ *
+ * @param url - The URL of the public link.
+ * @returns The token and password.
+ */
+function getTokenAndPasswordFromUrl(url) {
+    const urlObj = new URL(url);
+    const token = urlObj.pathname.split('/').pop();
+    const password = urlObj.hash.slice(1);
+    if (!token || !password) {
+        throw new errors_1.ValidationError((0, ttag_1.c)('Error').t `Invalid URL`);
+    }
+    return { token, password };
+}
+//# sourceMappingURL=url.js.map

package/dist/internal/sharingPublic/session/url.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"url.js","sourceRoot":"","sources":["../../../../src/internal/sharingPublic/session/url.ts"],"names":[],"mappings":";;AAYA,gEAUC;AAtBD,+BAAyB;AAEzB,4CAAkD;AAElD;;;;;;;GAOG;AACH,SAAgB,0BAA0B,CAAC,GAAW;IAClD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,KAAK,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;IAC/C,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEtC,IAAI,CAAC,KAAK,IAAI,CAAC,QAAQ,EAAE,CAAC;QACtB,MAAM,IAAI,wBAAe,CAAC,IAAA,QAAC,EAAC,OAAO,CAAC,CAAC,CAAC,CAAA,aAAa,CAAC,CAAC;IACzD,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;AAC/B,CAAC"}

package/dist/internal/sharingPublic/session/url.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/internal/sharingPublic/session/url.test.js

@@ -0,0 +1,59 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const errors_1 = require("../../../errors");
+const url_1 = require("./url");
+describe('getTokenAndPasswordFromUrl', () => {
+    describe('valid URLs', () => {
+        it('should extract token and password from a valid URL', () => {
+            const url = 'https://drive.proton.me/urls/abc123#def456';
+            const result = (0, url_1.getTokenAndPasswordFromUrl)(url);
+            expect(result).toEqual({
+                token: 'abc123',
+                password: 'def456'
+            });
+        });
+        it('should handle URLs with different domains', () => {
+            const url = 'https://example.com/urls/mytoken#mypassword';
+            const result = (0, url_1.getTokenAndPasswordFromUrl)(url);
+            expect(result).toEqual({
+                token: 'mytoken',
+                password: 'mypassword'
+            });
+        });
+        it('should handle URLs with query parameters', () => {
+            const url = 'https://drive.proton.me/urls/token123?param=value#password456';
+            const result = (0, url_1.getTokenAndPasswordFromUrl)(url);
+            expect(result).toEqual({
+                token: 'token123',
+                password: 'password456'
+            });
+        });
+    });
+    describe('should throw ValidationError', () => {
+        it('when token is missing (no path)', () => {
+            const url = 'https://drive.proton.me/#password123';
+            expect(() => (0, url_1.getTokenAndPasswordFromUrl)(url)).toThrow(errors_1.ValidationError);
+        });
+        it('when token is missing (empty path segment)', () => {
+            const url = 'https://drive.proton.me/urls/#password123';
+            expect(() => (0, url_1.getTokenAndPasswordFromUrl)(url)).toThrow(errors_1.ValidationError);
+        });
+        it('when password is missing (no hash)', () => {
+            const url = 'https://drive.proton.me/urls/token123';
+            expect(() => (0, url_1.getTokenAndPasswordFromUrl)(url)).toThrow(errors_1.ValidationError);
+            expect(() => (0, url_1.getTokenAndPasswordFromUrl)(url)).toThrow('Invalid URL');
+        });
+        it('when password is empty (empty hash)', () => {
+            const url = 'https://drive.proton.me/urls/token123#';
+            expect(() => (0, url_1.getTokenAndPasswordFromUrl)(url)).toThrow(errors_1.ValidationError);
+            expect(() => (0, url_1.getTokenAndPasswordFromUrl)(url)).toThrow('Invalid URL');
+        });
+        it('for empty string', () => {
+            expect(() => (0, url_1.getTokenAndPasswordFromUrl)('')).toThrow();
+        });
+        it('for invalid URL format', () => {
+            expect(() => (0, url_1.getTokenAndPasswordFromUrl)('not-a-url')).toThrow();
+        });
+    });
+});
+//# sourceMappingURL=url.test.js.map

package/dist/internal/sharingPublic/session/url.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"url.test.js","sourceRoot":"","sources":["../../../../src/internal/sharingPublic/session/url.test.ts"],"names":[],"mappings":";;AAAA,4CAAkD;AAClD,+BAAmD;AAEnD,QAAQ,CAAC,4BAA4B,EAAE,GAAG,EAAE;IACxC,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;QACxB,EAAE,CAAC,oDAAoD,EAAE,GAAG,EAAE;YAC1D,MAAM,GAAG,GAAG,4CAA4C,CAAC;YACzD,MAAM,MAAM,GAAG,IAAA,gCAA0B,EAAC,GAAG,CAAC,CAAC;YAE/C,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC;gBACnB,KAAK,EAAE,QAAQ;gBACf,QAAQ,EAAE,QAAQ;aACrB,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACjD,MAAM,GAAG,GAAG,6CAA6C,CAAC;YAC1D,MAAM,MAAM,GAAG,IAAA,gCAA0B,EAAC,GAAG,CAAC,CAAC;YAE/C,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC;gBACnB,KAAK,EAAE,SAAS;gBAChB,QAAQ,EAAE,YAAY;aACzB,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;YAChD,MAAM,GAAG,GAAG,+DAA+D,CAAC;YAC5E,MAAM,MAAM,GAAG,IAAA,gCAA0B,EAAC,GAAG,CAAC,CAAC;YAE/C,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC;gBACnB,KAAK,EAAE,UAAU;gBACjB,QAAQ,EAAE,aAAa;aAC1B,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;QAC1C,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACvC,MAAM,GAAG,GAAG,sCAAsC,CAAC;YAEnD,MAAM,CAAC,GAAG,EAAE,CAAC,IAAA,gCAA0B,EAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,wBAAe,CAAC,CAAC;QAC3E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;YAClD,MAAM,GAAG,GAAG,2CAA2C,CAAC;YAExD,MAAM,CAAC,GAAG,EAAE,CAAC,IAAA,gCAA0B,EAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,wBAAe,CAAC,CAAC;QAC3E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;YAC1C,MAAM,GAAG,GAAG,uCAAuC,CAAC;YAEpD,MAAM,CAAC,GAAG,EAAE,CAAC,IAAA,gCAA0B,EAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,wBAAe,CAAC,CAAC;YACvE,MAAM,CAAC,GAAG,EAAE,CAAC,IAAA,gCAA0B,EAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;QACzE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;YAC3C,MAAM,GAAG,GAAG,wCAAwC,CAAC;YAErD,MAAM,CAAC,GAAG,EAAE,CAAC,IAAA,gCAA0B,EAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,wBAAe,CAAC,CAAC;YACvE,MAAM,CAAC,GAAG,EAAE,CAAC,IAAA,gCAA0B,EAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;QACzE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kBAAkB,EAAE,GAAG,EAAE;YACxB,MAAM,CAAC,GAAG,EAAE,CAAC,IAAA,gCAA0B,EAAC,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;QAC3D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wBAAwB,EAAE,GAAG,EAAE;YAC9B,MAAM,CAAC,GAAG,EAAE,CAAC,IAAA,gCAA0B,EAAC,WAAW,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;QACpE,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;AACP,CAAC,CAAC,CAAC"}

package/dist/protonDriveClient.d.ts

@@ -1,7 +1,7 @@
-import { ProtonDriveClientContructorParameters, NodeOrUid, MaybeNode, MaybeMissingNode, NodeResult, Revision, RevisionOrUid, ShareNodeSettings, UnshareNodeSettings, ProtonInvitationOrUid, NonProtonInvitationOrUid, ProtonInvitationWithNode, MaybeBookmark, BookmarkOrUid, ShareResult, Device, DeviceType, DeviceOrUid, UploadMetadata, FileDownloader, FileUploader, FileRevisionUploader, ThumbnailType, ThumbnailResult, SDKEvent } from './interface';
 import { SessionKey } from './crypto';
-import { DriveListener } from './internal/events';
-import { EventSubscription } from './internal/events/interface';
+import { ProtonDriveClientContructorParameters, NodeOrUid, MaybeNode, MaybeMissingNode, NodeResult, Revision, RevisionOrUid, ShareNodeSettings, UnshareNodeSettings, ProtonInvitationOrUid, NonProtonInvitationOrUid, ProtonInvitationWithNode, MaybeBookmark, BookmarkOrUid, ShareResult, Device, DeviceType, DeviceOrUid, UploadMetadata, FileDownloader, FileUploader, FileRevisionUploader, ThumbnailType, ThumbnailResult, SDKEvent } from './interface';
+import { DriveListener, EventSubscription } from './internal/events';
+import { ProtonDrivePublicLinkClient } from './protonDrivePublicLinkClient';
 /**
  * ProtonDriveClient is the main interface for the ProtonDrive SDK.
  *
@@ -19,6 +19,7 @@ export declare class ProtonDriveClient {
     private download;
     private upload;
     private devices;
+    private sessionManager;
     experimental: {
         /**
          * Experimental feature to return the URL of the node.
@@ -34,6 +35,20 @@ export declare class ProtonDriveClient {
          * This is used by Docs app to encrypt and decrypt document updates.
          */
         getDocsKey: (nodeUid: NodeOrUid) => Promise<SessionKey>;
+        /**
+         * Experimental feature to get the info for a public link
+         * required to authenticate the public link.
+         */
+        getPublicLinkInfo: (url: string) => Promise<{
+            isCustomPasswordProtected: boolean;
+            isLegacy: boolean;
+            vendorType: number;
+        }>;
+        /**
+         * Experimental feature to authenticate a public link and
+         * return the client for the public link to access it.
+         */
+        authPublicLink: (url: string, customPassword?: string) => Promise<ProtonDrivePublicLinkClient>;
     };
     constructor({ httpClient, entitiesCache, cryptoCache, account, openPGPCryptoModule, srpModule, config, telemetry, latestEventIdProvider, }: ProtonDriveClientContructorParameters);
     /**

package/dist/protonDriveClient.js

@@ -1,20 +1,22 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ProtonDriveClient = void 0;
+const config_1 = require("./config");
 const crypto_1 = require("./crypto");
+const transformers_1 = require("./transformers");
+const telemetry_1 = require("./telemetry");
 const apiService_1 = require("./internal/apiService");
-const shares_1 = require("./internal/shares");
-const nodes_1 = require("./internal/nodes");
-const sharing_1 = require("./internal/sharing");
+const devices_1 = require("./internal/devices");
 const download_1 = require("./internal/download");
-const upload_1 = require("./internal/upload");
 const events_1 = require("./internal/events");
+const nodes_1 = require("./internal/nodes");
 const sdkEvents_1 = require("./internal/sdkEvents");
-const config_1 = require("./config");
-const transformers_1 = require("./transformers");
-const telemetry_1 = require("./telemetry");
-const devices_1 = require("./internal/devices");
+const shares_1 = require("./internal/shares");
+const sharing_1 = require("./internal/sharing");
+const sharingPublic_1 = require("./internal/sharingPublic");
+const upload_1 = require("./internal/upload");
 const uids_1 = require("./internal/uids");
+const protonDrivePublicLinkClient_1 = require("./protonDrivePublicLinkClient");
 /**
  * ProtonDriveClient is the main interface for the ProtonDrive SDK.
  *
@@ -32,6 +34,7 @@ class ProtonDriveClient {
     download;
     upload;
     devices;
+    sessionManager;
     experimental;
     constructor({ httpClient, entitiesCache, cryptoCache, account, openPGPCryptoModule, srpModule, config, telemetry, latestEventIdProvider, }) {
         if (!telemetry) {
@@ -54,6 +57,7 @@ class ProtonDriveClient {
             this.sharing.eventHandler.handleDriveEvent.bind(this.sharing.eventHandler),
         ];
         this.events = new events_1.DriveEventsService(telemetry, apiService, this.shares, cacheEventListeners, latestEventIdProvider);
+        this.sessionManager = new sharingPublic_1.SharingPublicSessionManager(httpClient, apiService, srpModule);
         this.experimental = {
             getNodeUrl: async (nodeUid) => {
                 this.logger.debug(`Getting node URL for ${(0, transformers_1.getUid)(nodeUid)}`);
@@ -67,6 +71,24 @@ class ProtonDriveClient {
                 }
                 return keys.contentKeyPacketSessionKey;
             },
+            getPublicLinkInfo: async (url) => {
+                this.logger.info(`Getting info for public link ${url}`);
+                return this.sessionManager.getInfo(url);
+            },
+            authPublicLink: async (url, customPassword) => {
+                this.logger.info(`Authenticating public link ${url}`);
+                const { httpClient, token, password } = await this.sessionManager.auth(url, customPassword);
+                return new protonDrivePublicLinkClient_1.ProtonDrivePublicLinkClient({
+                    httpClient,
+                    cryptoCache,
+                    openPGPCryptoModule,
+                    srpModule,
+                    config,
+                    telemetry,
+                    token,
+                    password,
+                });
+            },
         };
     }
     /**