npm - @protontech/drive-sdk - Versions diffs - 0.6.2 → 0.7.0 - Mend

@protontech/drive-sdk 0.6.2 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (99) hide show

package/dist/internal/apiService/apiService.d.ts +2 -2
package/dist/internal/apiService/apiService.js.map +1 -1
package/dist/internal/apiService/errors.js +4 -3
package/dist/internal/apiService/errors.js.map +1 -1
package/dist/internal/download/cryptoService.js +8 -6
package/dist/internal/download/cryptoService.js.map +1 -1
package/dist/internal/download/fileDownloader.d.ts +2 -1
package/dist/internal/download/fileDownloader.js +6 -3
package/dist/internal/download/fileDownloader.js.map +1 -1
package/dist/internal/download/index.d.ts +1 -1
package/dist/internal/download/index.js +3 -3
package/dist/internal/download/index.js.map +1 -1
package/dist/internal/nodes/apiService.d.ts +9 -8
package/dist/internal/nodes/apiService.js +14 -5
package/dist/internal/nodes/apiService.js.map +1 -1
package/dist/internal/nodes/apiService.test.js +5 -5
package/dist/internal/nodes/apiService.test.js.map +1 -1
package/dist/internal/nodes/cryptoReporter.d.ts +3 -3
package/dist/internal/nodes/cryptoReporter.js.map +1 -1
package/dist/internal/nodes/cryptoService.d.ts +12 -21
package/dist/internal/nodes/cryptoService.js +45 -14
package/dist/internal/nodes/cryptoService.js.map +1 -1
package/dist/internal/nodes/cryptoService.test.js +262 -17
package/dist/internal/nodes/cryptoService.test.js.map +1 -1
package/dist/internal/nodes/interface.d.ts +13 -3
package/dist/internal/nodes/nodesAccess.d.ts +8 -1
package/dist/internal/nodes/nodesAccess.js +13 -0
package/dist/internal/nodes/nodesAccess.js.map +1 -1
package/dist/internal/nodes/nodesManagement.d.ts +4 -4
package/dist/internal/nodes/nodesManagement.js +16 -20
package/dist/internal/nodes/nodesManagement.js.map +1 -1
package/dist/internal/nodes/nodesManagement.test.js +21 -10
package/dist/internal/nodes/nodesManagement.test.js.map +1 -1
package/dist/internal/photos/upload.d.ts +2 -2
package/dist/internal/photos/upload.js.map +1 -1
package/dist/internal/sharingPublic/index.d.ts +6 -6
package/dist/internal/sharingPublic/index.js +8 -7
package/dist/internal/sharingPublic/index.js.map +1 -1
package/dist/internal/sharingPublic/nodes.d.ts +16 -3
package/dist/internal/sharingPublic/nodes.js +34 -2
package/dist/internal/sharingPublic/nodes.js.map +1 -1
package/dist/internal/sharingPublic/unauthApiService.d.ts +17 -0
package/dist/internal/sharingPublic/unauthApiService.js +31 -0
package/dist/internal/sharingPublic/unauthApiService.js.map +1 -0
package/dist/internal/sharingPublic/unauthApiService.test.d.ts +1 -0
package/dist/internal/sharingPublic/unauthApiService.test.js +27 -0
package/dist/internal/sharingPublic/unauthApiService.test.js.map +1 -0
package/dist/internal/upload/apiService.d.ts +4 -3
package/dist/internal/upload/apiService.js.map +1 -1
package/dist/internal/upload/cryptoService.d.ts +8 -3
package/dist/internal/upload/cryptoService.js +45 -9
package/dist/internal/upload/cryptoService.js.map +1 -1
package/dist/internal/upload/fileUploader.test.js +1 -1
package/dist/internal/upload/fileUploader.test.js.map +1 -1
package/dist/internal/upload/interface.d.ts +25 -13
package/dist/internal/upload/manager.js +7 -4
package/dist/internal/upload/manager.js.map +1 -1
package/dist/internal/upload/manager.test.js +5 -4
package/dist/internal/upload/manager.test.js.map +1 -1
package/dist/internal/upload/streamUploader.js +9 -4
package/dist/internal/upload/streamUploader.js.map +1 -1
package/dist/internal/upload/streamUploader.test.js +8 -5
package/dist/internal/upload/streamUploader.test.js.map +1 -1
package/dist/protonDriveClient.d.ts +1 -1
package/dist/protonDriveClient.js +2 -1
package/dist/protonDriveClient.js.map +1 -1
package/dist/protonDrivePublicLinkClient.d.ts +2 -1
package/dist/protonDrivePublicLinkClient.js +7 -5
package/dist/protonDrivePublicLinkClient.js.map +1 -1
package/package.json +1 -1
package/src/internal/apiService/apiService.ts +2 -2
package/src/internal/apiService/errors.ts +5 -4
package/src/internal/download/cryptoService.ts +13 -6
package/src/internal/download/fileDownloader.ts +4 -2
package/src/internal/download/index.ts +3 -0
package/src/internal/nodes/apiService.test.ts +5 -5
package/src/internal/nodes/apiService.ts +23 -10
package/src/internal/nodes/cryptoReporter.ts +3 -3
package/src/internal/nodes/cryptoService.test.ts +370 -18
package/src/internal/nodes/cryptoService.ts +73 -32
package/src/internal/nodes/interface.ts +16 -2
package/src/internal/nodes/nodesAccess.ts +17 -0
package/src/internal/nodes/nodesManagement.test.ts +21 -10
package/src/internal/nodes/nodesManagement.ts +20 -24
package/src/internal/photos/upload.ts +3 -3
package/src/internal/sharingPublic/index.ts +7 -3
package/src/internal/sharingPublic/nodes.ts +43 -2
package/src/internal/sharingPublic/unauthApiService.test.ts +29 -0
package/src/internal/sharingPublic/unauthApiService.ts +32 -0
package/src/internal/upload/apiService.ts +4 -3
package/src/internal/upload/cryptoService.ts +73 -12
package/src/internal/upload/fileUploader.test.ts +1 -1
package/src/internal/upload/interface.ts +24 -13
package/src/internal/upload/manager.test.ts +5 -4
package/src/internal/upload/manager.ts +7 -4
package/src/internal/upload/streamUploader.test.ts +8 -5
package/src/internal/upload/streamUploader.ts +10 -4
package/src/protonDriveClient.ts +7 -2
package/src/protonDrivePublicLinkClient.ts +8 -3

package/src/internal/sharingPublic/unauthApiService.test.ts ADDED Viewed

@@ -0,0 +1,29 @@
+import { getUnauthEndpoint } from './unauthApiService';
+describe('getUnauthEndpoint', () => {
+    it('should not change urls endpoints', () => {
+        expect(getUnauthEndpoint('drive/urls/anything')).toBe('drive/urls/anything');
+        expect(getUnauthEndpoint('drive/urls/drive/anything')).toBe('drive/urls/drive/anything');
+        expect(getUnauthEndpoint('drive/urls/drive/v2/anything')).toBe('drive/urls/drive/v2/anything');
+    });
+    it('should not change v2/urls endpoints', () => {
+        expect(getUnauthEndpoint('drive/v2/urls/anything')).toBe('drive/v2/urls/anything');
+        expect(getUnauthEndpoint('drive/v2/urls/drive/anything')).toBe('drive/v2/urls/drive/anything');
+        expect(getUnauthEndpoint('drive/v2/urls/drive/v2/anything')).toBe('drive/v2/urls/drive/v2/anything');
+    });
+    it('should put unauth prefix for v2 endpoints', () => {
+        expect(getUnauthEndpoint('drive/v2/anything')).toBe('drive/unauth/v2/anything');
+        expect(getUnauthEndpoint('drive/v2/drive/anything')).toBe('drive/unauth/v2/drive/anything');
+        expect(getUnauthEndpoint('drive/v2/drive/v2/anything')).toBe('drive/unauth/v2/drive/v2/anything');
+    });
+    it('should put unauth prefix for non-v2 endpoints', () => {
+        expect(getUnauthEndpoint('drive/anything')).toBe('drive/unauth/anything');
+        expect(getUnauthEndpoint('drive/anything/v2/anything')).toBe('drive/unauth/anything/v2/anything');
+        expect(getUnauthEndpoint('drive/anything/drive/anything')).toBe('drive/unauth/anything/drive/anything');
+        expect(getUnauthEndpoint('drive/anything/drive/v2/anything')).toBe('drive/unauth/anything/drive/v2/anything');
+    });
+});

package/src/internal/sharingPublic/unauthApiService.ts ADDED Viewed

@@ -0,0 +1,32 @@
+import { DriveAPIService } from '../apiService';
+/**
+ * Drive API Service for public links.
+ *
+ * This service is used to make requests to the Drive API without
+ * authentication. The unauth context uses the same endpoint, but
+ * with an `unauth` prefix. The goal is to avoid the need to use
+ * different path and use the exact endpoint for both contexts.
+ * However, API has global logic for handling expired sessions that
+ * is not compatible with the unauth context. For this reason, this
+ * service is used to make requests to the Drive API for public
+ * link context in the mean time.
+ */
+export class UnauthDriveAPIService extends DriveAPIService {
+    protected async makeRequest<RequestPayload, ResponsePayload>(
+        url: string,
+        method = 'GET',
+        data?: RequestPayload,
+        signal?: AbortSignal,
+    ): Promise<ResponsePayload> {
+        const unauthUrl = getUnauthEndpoint(url);
+        return super.makeRequest(unauthUrl, method, data, signal);
+    }
+}
+export function getUnauthEndpoint(url: string): string {
+    if (url.startsWith('drive/urls/') || url.startsWith('drive/v2/urls/')) {
+        return url;
+    }
+    return url.replace(/^drive\//, 'drive/unauth/');
+}

package/src/internal/upload/apiService.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import { c } from 'ttag';
 import { base64StringToUint8Array, uint8ArrayToBase64String } from '../../crypto';
+import { AnonymousUser } from '../../interface';
 import { APICodeError, DriveAPIService, drivePaths, isCodeOk } from '../apiService';
 import { splitNodeUid, makeNodeUid, splitNodeRevisionUid, makeNodeRevisionUid } from '../uids';
 import { UploadTokens } from './interface';
@@ -65,7 +66,7 @@ export class UploadAPIService {
             armoredNodePassphraseSignature: string;
             base64ContentKeyPacket: string;
             armoredContentKeyPacketSignature: string;
-            signatureEmail: string;
+            signatureEmail: string | AnonymousUser;
         },
     ): Promise<{
         nodeUid: string;
@@ -150,7 +151,7 @@ export class UploadAPIService {
     async requestBlockUpload(
         draftNodeRevisionUid: string,
-        addressId: string,
+        addressId: string | AnonymousUser,
         blocks: {
             contentBlocks: {
                 index: number;
@@ -211,7 +212,7 @@ export class UploadAPIService {
         draftNodeRevisionUid: string,
         options: {
             armoredManifestSignature: string;
-            signatureEmail: string;
+            signatureEmail: string | AnonymousUser;
             armoredExtendedAttributes?: string;
         },
     ): Promise<void> {

package/src/internal/upload/cryptoService.ts CHANGED Viewed

@@ -2,8 +2,15 @@ import { c } from 'ttag';
 import { DriveCrypto, PrivateKey, SessionKey } from '../../crypto';
 import { IntegrityError } from '../../errors';
-import { Thumbnail } from '../../interface';
-import { EncryptedBlock, EncryptedThumbnail, NodeCrypto, NodeRevisionDraftKeys, NodesService } from './interface';
+import { Thumbnail, AnonymousUser } from '../../interface';
+import {
+    EncryptedBlock,
+    EncryptedThumbnail,
+    NodeCrypto,
+    NodeCryptoSigningKeys,
+    NodeRevisionDraftKeys,
+    NodesService,
+} from './interface';
 export class UploadCryptoService {
     constructor(
@@ -19,11 +26,15 @@ export class UploadCryptoService {
         parentKeys: { key: PrivateKey; hashKey: Uint8Array },
         name: string,
     ): Promise<NodeCrypto> {
-        const signatureAddress = await this.nodesService.getRootNodeEmailKey(parentUid);
+        const signingKeys = await this.getSigningKeys({ parentNodeUid: parentUid });
+        if (!signingKeys.nameAndPassphraseSigningKey) {
+            throw new Error('Cannot create new node without a name and passphrase signing key');
+        }
         const [nodeKeys, { armoredNodeName }, hash] = await Promise.all([
-            this.driveCrypto.generateKey([parentKeys.key], signatureAddress.addressKey),
-            this.driveCrypto.encryptNodeName(name, undefined, parentKeys.key, signatureAddress.addressKey),
+            this.driveCrypto.generateKey([parentKeys.key], signingKeys.nameAndPassphraseSigningKey),
+            this.driveCrypto.encryptNodeName(name, undefined, parentKeys.key, signingKeys.nameAndPassphraseSigningKey),
             this.driveCrypto.generateLookupHash(name, parentKeys.hashKey),
         ]);
@@ -36,7 +47,57 @@ export class UploadCryptoService {
                 encryptedName: armoredNodeName,
                 hash,
             },
-            signatureAddress,
+            signingKeys: {
+                email: signingKeys.email,
+                addressId: signingKeys.addressId,
+                nameAndPassphraseSigningKey: signingKeys.nameAndPassphraseSigningKey,
+                contentSigningKey: signingKeys.contentSigningKey || nodeKeys.decrypted.key,
+            },
+        };
+    }
+    async getSigningKeysForExistingNode(uids: {
+        nodeUid: string;
+        parentNodeUid?: string;
+    }): Promise<NodeCryptoSigningKeys> {
+        const signingKeys = await this.getSigningKeys(uids);
+        if (!signingKeys.nameAndPassphraseSigningKey) {
+            throw new Error('Cannot get name and passphrase signing key for existing node');
+        }
+        if (!signingKeys.contentSigningKey) {
+            throw new Error('Cannot get content signing key for existing node');
+        }
+        return {
+            email: signingKeys.email,
+            addressId: signingKeys.addressId,
+            nameAndPassphraseSigningKey: signingKeys.nameAndPassphraseSigningKey,
+            contentSigningKey: signingKeys.contentSigningKey,
+        };
+    }
+    private async getSigningKeys(
+        uids: { nodeUid: string; parentNodeUid?: string } | { nodeUid?: string; parentNodeUid: string },
+    ): Promise<
+        Omit<NodeCryptoSigningKeys, 'nameAndPassphraseSigningKey' | 'contentSigningKey'> & {
+            nameAndPassphraseSigningKey?: PrivateKey;
+            contentSigningKey?: PrivateKey;
+        }
+    > {
+        const signingKeys = await this.nodesService.getNodeSigningKeys(uids);
+        const email = signingKeys.type === 'userAddress' ? signingKeys.email : null;
+        const addressId = signingKeys.type === 'userAddress' ? signingKeys.addressId : null;
+        const nameAndPassphraseSigningKey =
+            signingKeys.type === 'userAddress' ? signingKeys.key : signingKeys.parentNodeKey;
+        const contentSigningKey = signingKeys.type === 'userAddress' ? signingKeys.key : signingKeys.nodeKey;
+        return {
+            email,
+            addressId,
+            nameAndPassphraseSigningKey,
+            contentSigningKey,
         };
     }
@@ -47,7 +108,7 @@ export class UploadCryptoService {
         const { encryptedData } = await this.driveCrypto.encryptThumbnailBlock(
             thumbnail.thumbnail,
             nodeRevisionDraftKeys.contentKeyPacketSessionKey,
-            nodeRevisionDraftKeys.signatureAddress.addressKey,
+            nodeRevisionDraftKeys.signingKeys.contentSigningKey,
         );
         const digest = await crypto.subtle.digest('SHA-256', encryptedData);
@@ -71,7 +132,7 @@ export class UploadCryptoService {
             block,
             nodeRevisionDraftKeys.key,
             nodeRevisionDraftKeys.contentKeyPacketSessionKey,
-            nodeRevisionDraftKeys.signatureAddress.addressKey,
+            nodeRevisionDraftKeys.signingKeys.contentSigningKey,
         );
         const digest = await crypto.subtle.digest('SHA-256', encryptedData);
@@ -94,25 +155,25 @@ export class UploadCryptoService {
         extendedAttributes?: string,
     ): Promise<{
         armoredManifestSignature: string;
-        signatureEmail: string;
+        signatureEmail: string | AnonymousUser;
         armoredExtendedAttributes?: string;
     }> {
         const { armoredManifestSignature } = await this.driveCrypto.signManifest(
             manifest,
-            nodeRevisionDraftKeys.signatureAddress.addressKey,
+            nodeRevisionDraftKeys.signingKeys.contentSigningKey,
         );
         const { armoredExtendedAttributes } = extendedAttributes
             ? await this.driveCrypto.encryptExtendedAttributes(
                   extendedAttributes,
                   nodeRevisionDraftKeys.key,
-                  nodeRevisionDraftKeys.signatureAddress.addressKey,
+                  nodeRevisionDraftKeys.signingKeys.contentSigningKey,
               )
             : { armoredExtendedAttributes: undefined };
         return {
             armoredManifestSignature,
-            signatureEmail: nodeRevisionDraftKeys.signatureAddress.email,
+            signatureEmail: nodeRevisionDraftKeys.signingKeys.email,
             armoredExtendedAttributes,
         };
     }

package/src/internal/upload/fileUploader.test.ts CHANGED Viewed

@@ -110,7 +110,7 @@ describe('FileUploader', () => {
             nodeRevisionUid: 'revisionUid',
             nodeUid: 'nodeUid',
             nodeKeys: {
-                signatureAddress: { addressId: 'addressId' },
+                signingKeys: { addressId: 'addressId' },
             },
         } as NodeRevisionDraft;

package/src/internal/upload/interface.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { PrivateKey, SessionKey } from '../../crypto';
-import { MetricVolumeType, ThumbnailType, Result, Revision } from '../../interface';
+import { MetricVolumeType, ThumbnailType, Result, Revision, AnonymousUser } from '../../interface';
 import { DecryptedNode } from '../nodes';
 export type NodeRevisionDraft = {
@@ -22,7 +22,7 @@ export type NodeRevisionDraft = {
 export type NodeRevisionDraftKeys = {
     key: PrivateKey;
     contentKeyPacketSessionKey: SessionKey;
-    signatureAddress: NodeCryptoSignatureAddress;
+    signingKeys: NodeCryptoSigningKeys;
 };
 export type NodeCrypto = {
@@ -51,13 +51,14 @@ export type NodeCrypto = {
         encryptedName: string;
         hash: string;
     };
-    signatureAddress: NodeCryptoSignatureAddress;
+    signingKeys: NodeCryptoSigningKeys;
 };
-export type NodeCryptoSignatureAddress = {
-    email: string;
-    addressId: string;
-    addressKey: PrivateKey;
+export type NodeCryptoSigningKeys = {
+    email: string | AnonymousUser;
+    addressId: string | AnonymousUser;
+    nameAndPassphraseSigningKey: PrivateKey;
+    contentSigningKey: PrivateKey;
 };
 export type EncryptedBlockMetadata = {
@@ -102,12 +103,9 @@ export interface NodesService {
         contentKeyPacketSessionKey?: SessionKey;
         hashKey?: Uint8Array;
     }>;
-    getRootNodeEmailKey(nodeUid: string): Promise<{
-        email: string;
-        addressId: string;
-        addressKey: PrivateKey;
-        addressKeyId: string;
-    }>;
+    getNodeSigningKeys(
+        uids: { nodeUid: string; parentNodeUid?: string } | { nodeUid?: string; parentNodeUid: string },
+    ): Promise<NodeSigningKeys>;
     notifyChildCreated(nodeUid: string): Promise<void>;
     notifyNodeChanged(nodeUid: string): Promise<void>;
 }
@@ -126,6 +124,19 @@ export interface NodesServiceNode {
     activeRevision?: Result<Revision, Error>;
 }
+export type NodeSigningKeys =
+    | {
+          type: 'userAddress';
+          email: string;
+          addressId: string;
+          key: PrivateKey;
+      }
+    | {
+          type: 'nodeKey';
+          nodeKey?: PrivateKey;
+          parentNodeKey?: PrivateKey;
+      };
 /**
  * Interface describing the dependencies to the shares module.
  */

package/src/internal/upload/manager.test.ts CHANGED Viewed

@@ -50,7 +50,7 @@ describe('UploadManager', () => {
                     encryptedName: 'newNode:encryptedName',
                     hash: 'newNode:hash',
                 },
-                signatureAddress: {
+                signingKeys: {
                     email: 'signatureEmail',
                 },
             }),
@@ -69,7 +69,8 @@ describe('UploadManager', () => {
                 hashKey: 'parentNode:hashKey',
                 key: 'parentNode:nodekey',
             }),
-            getRootNodeEmailKey: jest.fn().mockResolvedValue({
+            getNodeSigningKeys: jest.fn().mockResolvedValue({
+                type: 'userAddress',
                 email: 'signatureEmail',
                 addressId: 'addressId',
             }),
@@ -100,7 +101,7 @@ describe('UploadManager', () => {
                 nodeKeys: {
                     key: 'newNode:key',
                     contentKeyPacketSessionKey: 'newNode:ContentKeyPacketSessionKey',
-                    signatureAddress: {
+                    signingKeys: {
                         email: 'signatureEmail',
                     },
                 },
@@ -153,7 +154,7 @@ describe('UploadManager', () => {
                 nodeKeys: {
                     key: 'newNode:key',
                     contentKeyPacketSessionKey: 'newNode:ContentKeyPacketSessionKey',
-                    signatureAddress: {
+                    signingKeys: {
                         email: 'signatureEmail',
                     },
                 },

package/src/internal/upload/manager.ts CHANGED Viewed

@@ -57,7 +57,7 @@ export class UploadManager {
             nodeKeys: {
                 key: generatedNodeCrypto.nodeKeys.decrypted.key,
                 contentKeyPacketSessionKey: generatedNodeCrypto.contentKey.decrypted.contentKeyPacketSessionKey,
-                signatureAddress: generatedNodeCrypto.signatureAddress,
+                signingKeys: generatedNodeCrypto.signingKeys,
             },
             parentNodeKeys: {
                 hashKey: parentKeys.hashKey,
@@ -93,7 +93,7 @@ export class UploadManager {
                 base64ContentKeyPacket: generatedNodeCrypto.contentKey.encrypted.base64ContentKeyPacket,
                 armoredContentKeyPacketSignature:
                     generatedNodeCrypto.contentKey.encrypted.armoredContentKeyPacketSignature,
-                signatureEmail: generatedNodeCrypto.signatureAddress.email,
+                signatureEmail: generatedNodeCrypto.signingKeys.email,
             });
             return result;
         } catch (error: unknown) {
@@ -192,7 +192,10 @@ export class UploadManager {
             throw new ValidationError(c('Error').t`Creating revisions in non-files is not allowed`);
         }
-        const signatureAddress = await this.nodesService.getRootNodeEmailKey(nodeUid);
+        const signingKeys = await this.cryptoService.getSigningKeysForExistingNode({
+            nodeUid,
+            parentNodeUid: node.parentUid,
+        });
         const { nodeRevisionUid } = await this.apiService.createDraftRevision(nodeUid, {
             currentRevisionUid: node.activeRevision.value.uid,
@@ -205,7 +208,7 @@ export class UploadManager {
             nodeKeys: {
                 key: nodeKeys.key,
                 contentKeyPacketSessionKey: nodeKeys.contentKeyPacketSessionKey,
-                signatureAddress: signatureAddress,
+                signingKeys,
             },
         };
     }

package/src/internal/upload/streamUploader.test.ts CHANGED Viewed

@@ -110,7 +110,9 @@ describe('StreamUploader', () => {
             nodeRevisionUid: 'revisionUid',
             nodeUid: 'nodeUid',
             nodeKeys: {
-                signatureAddress: { addressId: 'addressId' },
+                signingKeys: {
+                    addressId: 'addressId',
+                },
             },
         } as NodeRevisionDraft;
@@ -312,8 +314,9 @@ describe('StreamUploader', () => {
                 throw new Error('Failed to encrypt block');
             });
-            // Encrypting thumbnails is before blocks, thus it can be uploaded before failure.
-            await verifyFailure('Failed to encrypt block', 1024);
+            // Thumbnail are uploaded with the first content block. If the
+            // content block fails to encrypt, nothing is uploaded.
+            await verifyFailure('Failed to encrypt block', 0);
             // 1 block + 1 retry, others are skipped
             expect(cryptoService.encryptBlock).toHaveBeenCalledTimes(2);
         });
@@ -415,7 +418,7 @@ describe('StreamUploader', () => {
             expect(apiService.requestBlockUpload).toHaveBeenCalledTimes(2);
             expect(apiService.requestBlockUpload).toHaveBeenCalledWith(
                 revisionDraft.nodeRevisionUid,
-                revisionDraft.nodeKeys.signatureAddress.addressId,
+                revisionDraft.nodeKeys.signingKeys.addressId,
                 {
                     contentBlocks: [
                         {
@@ -436,7 +439,7 @@ describe('StreamUploader', () => {
         describe('verifyIntegrity', () => {
             it('should report block verification error', async () => {
                 blockVerifier.verifyBlock = jest.fn().mockRejectedValue(new IntegrityError('Block verification error'));
-                await verifyFailure('Block verification error', 1024);
+                await verifyFailure('Block verification error', 0);
                 expect(telemetry.logBlockVerificationError).toHaveBeenCalledWith(false);
             });

package/src/internal/upload/streamUploader.ts CHANGED Viewed

@@ -319,7 +319,7 @@ export class StreamUploader {
         this.logger.info(`Requesting upload tokens for ${this.encryptedBlocks.size} blocks`);
         const uploadTokens = await this.apiService.requestBlockUpload(
             this.revisionDraft.nodeRevisionUid,
-            this.revisionDraft.nodeKeys.signatureAddress.addressId,
+            this.revisionDraft.nodeKeys.signingKeys.addressId,
             {
                 contentBlocks: Array.from(
                     this.encryptedBlocks.values().map((block) => ({
@@ -340,6 +340,12 @@ export class StreamUploader {
             },
         );
+        // If the upload was aborted while requesting next upload tokens,
+        // do not schedule any next upload.
+        if (this.isUploadAborted) {
+            throw this.error || new AbortError();
+        }
         for (const thumbnailToken of uploadTokens.thumbnailTokens) {
             let encryptedThumbnail = this.encryptedThumbnails.get(thumbnailToken.type);
             if (!encryptedThumbnail) {
@@ -418,7 +424,7 @@ export class StreamUploader {
                 break;
             } catch (error: unknown) {
                 // Do not retry or report anything if the upload was aborted.
-                if (error instanceof AbortError) {
+                if (error instanceof AbortError || this.isUploadAborted) {
                     throw error;
                 }
@@ -485,7 +491,7 @@ export class StreamUploader {
                 break;
             } catch (error: unknown) {
                 // Do not retry or report anything if the upload was aborted.
-                if (error instanceof AbortError) {
+                if (error instanceof AbortError || this.isUploadAborted) {
                     throw error;
                 }
@@ -501,7 +507,7 @@ export class StreamUploader {
                     logger.warn(`Token expired, fetching new token and retrying`);
                     const uploadTokens = await this.apiService.requestBlockUpload(
                         this.revisionDraft.nodeRevisionUid,
-                        this.revisionDraft.nodeKeys.signatureAddress.addressId,
+                        this.revisionDraft.nodeKeys.signingKeys.addressId,
                         {
                             contentBlocks: [
                                 {

package/src/protonDriveClient.ts CHANGED Viewed

@@ -106,7 +106,11 @@ export class ProtonDriveClient {
          * Experimental feature to authenticate a public link and
          * return the client for the public link to access it.
          */
-        authPublicLink: (url: string, customPassword?: string) => Promise<ProtonDrivePublicLinkClient>;
+        authPublicLink: (
+            url: string,
+            customPassword?: string,
+            isAnonymousContext?: boolean,
+        ) => Promise<ProtonDrivePublicLinkClient>;
     };
     constructor({
@@ -222,7 +226,7 @@ export class ProtonDriveClient {
                 this.logger.info(`Getting info for public link ${url}`);
                 return this.publicSessionManager.getInfo(url);
             },
-            authPublicLink: async (url: string, customPassword?: string) => {
+            authPublicLink: async (url: string, customPassword?: string, isAnonymousContext: boolean = false) => {
                 this.logger.info(`Authenticating public link ${url}`);
                 const { httpClient, token, shareKey, rootUid } = await this.publicSessionManager.auth(
                     url,
@@ -239,6 +243,7 @@ export class ProtonDriveClient {
                     token,
                     publicShareKey: shareKey,
                     publicRootNodeUid: rootUid,
+                    isAnonymousContext,
                 });
             },
         };

package/src/protonDrivePublicLinkClient.ts CHANGED Viewed

@@ -27,10 +27,9 @@ import {
     convertInternalMissingNodeIterator,
     getUids,
 } from './transformers';
-import { DriveAPIService } from './internal/apiService';
 import { initDownloadModule } from './internal/download';
 import { SDKEvents } from './internal/sdkEvents';
-import { initSharingPublicModule } from './internal/sharingPublic';
+import { initSharingPublicModule, UnauthDriveAPIService } from './internal/sharingPublic';
 import { initUploadModule } from './internal/upload';
 /**
@@ -81,6 +80,7 @@ export class ProtonDrivePublicLinkClient {
         token,
         publicShareKey,
         publicRootNodeUid,
+        isAnonymousContext,
     }: {
         httpClient: ProtonDriveHTTPClient;
         account: ProtonDriveAccount;
@@ -92,6 +92,7 @@ export class ProtonDrivePublicLinkClient {
         token: string;
         publicShareKey: PrivateKey;
         publicRootNodeUid: string;
+        isAnonymousContext: boolean;
     }) {
         if (!telemetry) {
             telemetry = new Telemetry();
@@ -105,7 +106,7 @@ export class ProtonDrivePublicLinkClient {
         const fullConfig = getConfig(config);
         this.sdkEvents = new SDKEvents(telemetry);
-        const apiService = new DriveAPIService(
+        const apiService = new UnauthDriveAPIService(
             telemetry,
             this.sdkEvents,
             httpClient,
@@ -124,6 +125,7 @@ export class ProtonDrivePublicLinkClient {
             token,
             publicShareKey,
             publicRootNodeUid,
+            isAnonymousContext,
         );
         this.download = initDownloadModule(
             telemetry,
@@ -133,6 +135,9 @@ export class ProtonDrivePublicLinkClient {
             this.sharingPublic.shares,
             this.sharingPublic.nodes.access,
             this.sharingPublic.nodes.revisions,
+            // Ignore manifest integrity verifications for public links.
+            // Anonymous user on public page cannot load public keys of other users (yet).
+            true,
         );
         this.upload = initUploadModule(
             telemetry,