@qnsp/storage-sdk 0.1.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +103 -0
- package/README.md +2 -2
- package/dist/event-envelope.d.ts.map +1 -1
- package/dist/event-envelope.js +1 -2
- package/dist/event-envelope.js.map +1 -1
- package/dist/events.d.ts.map +1 -1
- package/dist/events.js +0 -1
- package/dist/events.js.map +1 -1
- package/dist/index.d.ts +26 -6
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +189 -22
- package/dist/index.js.map +1 -1
- package/dist/validation.d.ts +10 -0
- package/dist/validation.d.ts.map +1 -0
- package/dist/validation.js +20 -0
- package/dist/validation.js.map +1 -0
- package/package.json +9 -9
- package/src/event-envelope.ts +1 -2
- package/src/events.ts +0 -2
- package/src/index.test.ts +43 -25
- package/src/index.ts +242 -32
- package/src/validation.ts +21 -0
- package/tsconfig.tsbuildinfo +1 -1
- package/.turbo/turbo-build.log +0 -5
- package/.turbo/turbo-lint.log +0 -6
- package/.turbo/turbo-test.log +0 -41
- package/.turbo/turbo-typecheck.log +0 -5
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,108 @@
|
|
|
1
1
|
# @qnsp/storage-sdk
|
|
2
2
|
|
|
3
|
+
## 0.3.0
|
|
4
|
+
|
|
5
|
+
### Minor Changes
|
|
6
|
+
|
|
7
|
+
- Enforce mandatory API key at SDK construction time (BREAKING)
|
|
8
|
+
|
|
9
|
+
- All SDK clients (except @qnsp/browser-sdk) now require `apiKey` at
|
|
10
|
+
construction time. Constructors throw a clear error with signup URL,
|
|
11
|
+
free tier details, and documentation link if apiKey is missing or empty.
|
|
12
|
+
- Removed runtime 401 no-apiKey checks — validation is now fail-fast at
|
|
13
|
+
construction, not at request time.
|
|
14
|
+
- Removed conditional `if (apiKey)` guards on Authorization headers —
|
|
15
|
+
headers are always set since apiKey is guaranteed non-empty.
|
|
16
|
+
- @qnsp/kms-client: `apiToken` parameter is now required in the string
|
|
17
|
+
overload of `HttpKmsServiceClient` constructor.
|
|
18
|
+
- @qnsp/browser-sdk: Added opt-in telemetry module (`configureTelemetry`,
|
|
19
|
+
`recordTelemetryEvent`, `flushTelemetry`) for usage analytics without
|
|
20
|
+
collecting PII or cryptographic material. No API key required (local-only
|
|
21
|
+
PQC crypto).
|
|
22
|
+
- Updated cloud portal SDK factory functions to always pass apiKey.
|
|
23
|
+
- Updated crypto-inventory-service internal callers to always pass apiKey.
|
|
24
|
+
- Updated all SDK documentation examples to include apiKey.
|
|
25
|
+
- Updated developer hub quickstart code examples.
|
|
26
|
+
|
|
27
|
+
### Patch Changes
|
|
28
|
+
|
|
29
|
+
- a0ccc65: feat: implement @qnsp/browser-sdk with browser-side PQC encryption
|
|
30
|
+
|
|
31
|
+
Phase 1-2 of browser-side PQC encryption implementation:
|
|
32
|
+
|
|
33
|
+
- Noble PQC provider (packages/cryptography/src/providers/noble.ts): pure JS implementation
|
|
34
|
+
supporting 18 FIPS algorithms (ML-KEM, ML-DSA, SLH-DSA) via @noble/post-quantum
|
|
35
|
+
- Browser SDK (packages/browser-sdk): client-side encryption (CSE) with ML-KEM + AES-256-GCM,
|
|
36
|
+
digital signatures with ML-DSA/SLH-DSA, CSE envelope serialization, runtime auto-detection
|
|
37
|
+
- Storage SDK browser compatibility: removed node: imports for cross-environment support
|
|
38
|
+
- 39 browser-sdk tests + 29 noble provider tests, all passing
|
|
39
|
+
|
|
40
|
+
- ad6d0d4: Automated changeset generated for staged code updates to keep release workflows fully synchronized.
|
|
41
|
+
- b7599c7: Automated changeset generated for staged code updates to keep release workflows fully synchronized.
|
|
42
|
+
- be1dd80: Automated changeset generated for staged code updates to keep release workflows fully synchronized.
|
|
43
|
+
- Enterprise-grade SDK hardening across all API-calling SDKs:
|
|
44
|
+
|
|
45
|
+
1. **Constructor validation**: Runtime guards for required API key/token with developer-friendly error messages
|
|
46
|
+
2. **HTTPS enforcement**: All SDKs reject non-HTTPS baseUrl in production (HTTP allowed only for localhost in development/test)
|
|
47
|
+
3. **Rate limiting with retry**: 429 handling with Retry-After header support, exponential backoff (2^attempt \* baseDelay, capped 30s), configurable maxRetries (default 3) and retryDelayMs (default 1000)
|
|
48
|
+
4. **Error message sanitization**: HTTP error responses no longer leak server error body text; errors report status code and status text only
|
|
49
|
+
5. **Input validation**: UUID validation via Zod for all tenant/resource ID parameters (storage-sdk, search-sdk, kms-client, ai-sdk)
|
|
50
|
+
6. **Telemetry hooks**: OpenTelemetry-based observability with configurable OTLP export, request counters, failure counters, and duration histograms (auth-sdk, crypto-inventory-sdk, kms-client, ai-sdk, search-sdk)
|
|
51
|
+
|
|
52
|
+
## 0.2.1
|
|
53
|
+
|
|
54
|
+
### Patch Changes
|
|
55
|
+
|
|
56
|
+
- 4077458: Automated changeset generated for staged code updates to keep release workflows fully synchronized.
|
|
57
|
+
|
|
58
|
+
## 0.2.0
|
|
59
|
+
|
|
60
|
+
### Minor Changes
|
|
61
|
+
|
|
62
|
+
- Add tenant crypto policy integration and PQC algorithm utilities to all SDKs.
|
|
63
|
+
|
|
64
|
+
### @qnsp/tenant-sdk
|
|
65
|
+
|
|
66
|
+
- Added crypto policy management APIs: `getTenantCryptoPolicy()`, `upsertTenantCryptoPolicy()`
|
|
67
|
+
- Added algorithm query methods: `getAllowedKemAlgorithms()`, `getAllowedSignatureAlgorithms()`, `getDefaultKemAlgorithm()`, `getDefaultSignatureAlgorithm()`
|
|
68
|
+
- Added `CRYPTO_POLICY_ALGORITHMS` tier configurations
|
|
69
|
+
- Added `toNistAlgorithmName()` and `ALGORITHM_TO_NIST` utilities
|
|
70
|
+
|
|
71
|
+
### @qnsp/storage-sdk
|
|
72
|
+
|
|
73
|
+
- Added `PqcMetadata` interface with `algorithmNist` field
|
|
74
|
+
- `initiateUpload()` now returns NIST algorithm name
|
|
75
|
+
- Added `toNistAlgorithmName()` utility
|
|
76
|
+
|
|
77
|
+
### @qnsp/auth-sdk
|
|
78
|
+
|
|
79
|
+
- Added `PqcSignatureMetadata` interface
|
|
80
|
+
- Added `toNistAlgorithmName()` and `ALGORITHM_TO_NIST` for signature algorithms
|
|
81
|
+
|
|
82
|
+
### @qnsp/vault-sdk
|
|
83
|
+
|
|
84
|
+
- Enhanced `VaultSecretPqcMetadata` with `algorithmNist` field
|
|
85
|
+
- Added `toNistAlgorithmName()` utility
|
|
86
|
+
|
|
87
|
+
### @qnsp/kms-client
|
|
88
|
+
|
|
89
|
+
- Added `KmsPqcMetadata` interface
|
|
90
|
+
- `wrapKey()` now returns `algorithmNist` field
|
|
91
|
+
- Added `toNistAlgorithmName()` utility
|
|
92
|
+
|
|
93
|
+
### @qnsp/audit-sdk
|
|
94
|
+
|
|
95
|
+
- Added `toNistAlgorithmName()` and `ALGORITHM_TO_NIST` for signature algorithms
|
|
96
|
+
|
|
97
|
+
### @qnsp/access-control-sdk
|
|
98
|
+
|
|
99
|
+
- Added `toNistAlgorithmName()` and `ALGORITHM_TO_NIST` for signature algorithms
|
|
100
|
+
|
|
101
|
+
### Documentation
|
|
102
|
+
|
|
103
|
+
- Updated all SDK documentation with crypto policy integration examples
|
|
104
|
+
- Added algorithm naming conventions (internal vs NIST)
|
|
105
|
+
|
|
3
106
|
## 0.1.0
|
|
4
107
|
|
|
5
108
|
### Minor Changes
|
package/README.md
CHANGED
|
@@ -18,8 +18,8 @@ pass it to `apiKey`. Set `tenantId` to scope quotas and telemetry labels.
|
|
|
18
18
|
import { StorageClient, createStorageClientTelemetry } from "@qnsp/storage-sdk";
|
|
19
19
|
|
|
20
20
|
const storage = new StorageClient({
|
|
21
|
-
baseUrl: "https://
|
|
22
|
-
apiKey: process.env.QNSP_SERVICE_TOKEN
|
|
21
|
+
baseUrl: "https://api.qnsp.cuilabs.io/proxy/storage",
|
|
22
|
+
apiKey: process.env.QNSP_SERVICE_TOKEN,
|
|
23
23
|
tenantId: "tenant_123",
|
|
24
24
|
telemetry: createStorageClientTelemetry({
|
|
25
25
|
serviceName: "storage-uploader",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"event-envelope.d.ts","sourceRoot":"","sources":["../src/event-envelope.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"event-envelope.d.ts","sourceRoot":"","sources":["../src/event-envelope.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,eAAO,MAAM,mBAAmB;;;;;;;;;;iBAa9B,CAAC;AAEH,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;iBAe9B,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAChE,MAAM,MAAM,aAAa,CAAC,QAAQ,GAAG,OAAO,IAAI,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,GAAG;IACrF,OAAO,EAAE,QAAQ,CAAC;CAClB,CAAC;AAEF,MAAM,WAAW,0BAA0B,CAAC,QAAQ;IACnD,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,QAAQ,CAAC,EAAE,aAAa,CAAC;IAClC,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC;CAC3B;AAED,wBAAgB,mBAAmB,CAAC,QAAQ,EAC3C,OAAO,EAAE,0BAA0B,CAAC,QAAQ,CAAC,GAC3C,aAAa,CAAC,QAAQ,CAAC,CASzB"}
|
package/dist/event-envelope.js
CHANGED
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
import { randomUUID } from "node:crypto";
|
|
2
1
|
import { z } from "zod";
|
|
3
2
|
export const eventMetadataSchema = z.object({
|
|
4
3
|
correlationId: z.string().uuid().optional(),
|
|
@@ -18,7 +17,7 @@ export const eventEnvelopeSchema = z.object({
|
|
|
18
17
|
id: z
|
|
19
18
|
.string()
|
|
20
19
|
.uuid()
|
|
21
|
-
.default(() => randomUUID()),
|
|
20
|
+
.default(() => crypto.randomUUID()),
|
|
22
21
|
topic: z.string().min(1),
|
|
23
22
|
version: z.string().min(1).default("1"),
|
|
24
23
|
occuredAt: z
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"event-envelope.js","sourceRoot":"","sources":["../src/event-envelope.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"event-envelope.js","sourceRoot":"","sources":["../src/event-envelope.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC,QAAQ,EAAE;IAC3C,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC,QAAQ,EAAE;IACzC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC/B,SAAS,EAAE,CAAC;SACV,MAAM,EAAE;SACR,QAAQ,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;SAC1B,OAAO,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACzC,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAChC,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACpC,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC9B,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC7B,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAC7B,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,EAAE,EAAE,CAAC;SACH,MAAM,EAAE;SACR,IAAI,EAAE;SACN,OAAO,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;IACpC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACxB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IACvC,SAAS,EAAE,CAAC;SACV,MAAM,EAAE;SACR,QAAQ,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;SAC1B,OAAO,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACzC,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE;IACpB,QAAQ,EAAE,mBAAmB,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;QAC5C,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACnC,CAAC,CAAC;CACH,CAAC,CAAC;AAcH,MAAM,UAAU,mBAAmB,CAClC,OAA6C;IAE7C,MAAM,QAAQ,GAAG,mBAAmB,CAAC,KAAK,CAAC;QAC1C,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,QAAQ,EAAE,OAAO,CAAC,QAAQ;KAC1B,CAAC,CAAC;IAEH,OAAO,QAAmC,CAAC;AAC5C,CAAC"}
|
package/dist/events.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"events.d.ts","sourceRoot":"","sources":["../src/events.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"events.d.ts","sourceRoot":"","sources":["../src/events.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEzD,OAAO,KAAK,EACX,sBAAsB,EACtB,4BAA4B,EAE5B,MAAM,oBAAoB,CAAC;AAG5B,KAAK,mBAAmB,GAAG,aAAa,CAAC;IACxC,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;CACnB,CAAC,CAAC;AAEH,KAAK,UAAU,GAAG,aAAa,CAAC;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,QAAQ,GAAG,UAAU,CAAC;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B,CAAC,CAAC;AAEH,KAAK,YAAY,GAAG,aAAa,CAAC;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,SAAS,GAAG,QAAQ,GAAG,UAAU,GAAG,MAAM,CAAC;IACtD,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,UAAU,EAAE,MAAM,CAAC;CACnB,CAAC,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,mBAAmB,GAAG,UAAU,GAAG,YAAY,CAAC;AAE3E,MAAM,WAAW,mBAAmB;IACnC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,SAAS,CAAC,EAAE,sBAAsB,GAAG,4BAA4B,CAAC;CAC3E;AAQD,qBAAa,mBAAmB;IAC/B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA8B;IACrD,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAgC;IAC1D,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;gBAE3B,MAAM,EAAE,mBAAmB;IAoBjC,WAAW,CAChB,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,GAC1C,OAAO,CAAC,YAAY,EAAE,CAAC;IAuG1B,OAAO,CAAC,oBAAoB;CAM5B"}
|
package/dist/events.js
CHANGED
package/dist/events.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"events.js","sourceRoot":"","sources":["../src/events.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"events.js","sourceRoot":"","sources":["../src/events.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAM1D,OAAO,EAAE,4BAA4B,EAAE,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AA6C5F,MAAM,OAAO,mBAAmB;IACd,MAAM,CAA8B;IACpC,SAAS,CAAgC;IACzC,aAAa,CAAS;IAEvC,YAAY,MAA2B;QACtC,IAAI,CAAC,MAAM,GAAG;YACb,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;YAC1C,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE;YAC3B,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM;SACrC,CAAC;QAEF,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS;YAChC,CAAC,CAAC,wBAAwB,CAAC,MAAM,CAAC,SAAS,CAAC;gBAC3C,CAAC,CAAC,MAAM,CAAC,SAAS;gBAClB,CAAC,CAAC,4BAA4B,CAAC,MAAM,CAAC,SAAS,CAAC;YACjD,CAAC,CAAC,IAAI,CAAC;QAER,IAAI,CAAC;YACJ,IAAI,CAAC,aAAa,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC;QACxD,CAAC;QAAC,MAAM,CAAC;YACR,IAAI,CAAC,aAAa,GAAG,iBAAiB,CAAC;QACxC,CAAC;IACF,CAAC;IAED,KAAK,CAAC,WAAW,CAChB,KAAa,EACb,OAA4C;QAE5C,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;QACrC,IAAI,OAAO,EAAE,KAAK;YAAE,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;QACvD,IAAI,OAAO,EAAE,KAAK;YAAE,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QAElE,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,4BAA4B,kBAAkB,CAAC,KAAK,CAAC,GACtF,MAAM,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC,CAAC,EAClC,EAAE,CAAC;QACH,MAAM,OAAO,GAA2B;YACvC,MAAM,EAAE,kBAAkB;SAC1B,CAAC;QACF,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACxB,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC3D,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC9E,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QAChC,IAAI,MAAM,GAAmB,IAAI,CAAC;QAClC,IAAI,UAA8B,CAAC;QACnC,IAAI,YAAgC,CAAC;QACrC,IAAI,aAAiC,CAAC;QACtC,MAAM,KAAK,GAAG,iCAAiC,CAAC;QAEhD,IAAI,CAAC;YACJ,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBACjC,MAAM,EAAE,KAAK;gBACb,OAAO;gBACP,MAAM,EAAE,UAAU,CAAC,MAAM;aACzB,CAAC,CAAC;YACH,YAAY,CAAC,SAAS,CAAC,CAAC;YACxB,UAAU,GAAG,QAAQ,CAAC,MAAM,CAAC;YAC7B,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBAClB,MAAM,GAAG,OAAO,CAAC;gBACjB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,CAAC;gBACrE,YAAY,GAAG,SAAS,CAAC;gBACzB,MAAM,IAAI,KAAK,CACd,uBAAuB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,MAAM,SAAS,EAAE,CAC9E,CAAC;YACH,CAAC;YACD,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;YACnF,MAAM,OAAO,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAKpC,CAAC;YACH,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;gBAC5B,MAAM,cAAc,GACnB,KAAK,CAAC,QAAQ,IAAI,OAAO,KAAK,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;gBACnF,MAAM,kBAAkB,GACvB,cAAc,KAAK,SAAS;oBAC3B,CAAC,CAAC;wBACA,SAAS,EACR,OAAO,cAAc,CAAC,WAAW,CAAC,KAAK,QAAQ;4BAC9C,CAAC,CAAE,cAAc,CAAC,WAAW,CAAY;4BACzC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;wBAC5B,GAAG,CAAC,OAAO,cAAc,CAAC,eAAe,CAAC,KAAK,QAAQ;4BACtD,CAAC,CAAC,EAAE,aAAa,EAAE,cAAc,CAAC,eAAe,CAAW,EAAE;4BAC9D,CAAC,CAAC,EAAE,CAAC;wBACN,GAAG,CAAC,OAAO,cAAc,CAAC,aAAa,CAAC,KAAK,QAAQ;4BACpD,CAAC,CAAC,EAAE,WAAW,EAAE,cAAc,CAAC,aAAa,CAAW,EAAE;4BAC1D,CAAC,CAAC,EAAE,CAAC;wBACN,GAAG,CAAC,OAAO,cAAc,CAAC,UAAU,CAAC,KAAK,QAAQ;4BACjD,CAAC,CAAC,EAAE,QAAQ,EAAE,cAAc,CAAC,UAAU,CAAW,EAAE;4BACpD,CAAC,CAAC,EAAE,CAAC;qBACN;oBACF,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;gBAC5C,OAAO,mBAAmB,CAAC;oBAC1B,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,OAAO,EAAE,KAAK,CAAC,OAAO;oBACtB,OAAO,EAAE,KAAK,CAAC,OAAO;oBACtB,QAAQ,EAAE,kBAAkB;iBAC5B,CAAiB,CAAC;YACpB,CAAC,CAAC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAChB,YAAY,CAAC,SAAS,CAAC,CAAC;YACxB,MAAM,GAAG,OAAO,CAAC;YACjB,IAAI,CAAC,YAAY,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC7C,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC;YAC9B,CAAC;YACD,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC3D,YAAY,GAAG,iBAAiB,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,CAAC;gBAC1D,MAAM,IAAI,KAAK,CAAC,+BAA+B,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,CAAC,CAAC;YAC3E,CAAC;YACD,MAAM,KAAK,CAAC;QACb,CAAC;gBAAS,CAAC;YACV,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;YAC7C,MAAM,KAAK,GAAgC;gBAC1C,SAAS,EAAE,eAAe,KAAK,GAAG;gBAClC,MAAM,EAAE,KAAK;gBACb,KAAK;gBACL,MAAM,EAAE,IAAI,CAAC,aAAa;gBAC1B,MAAM;gBACN,UAAU;gBACV,GAAG,CAAC,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACzD,GAAG,CAAC,MAAM,KAAK,OAAO,IAAI,YAAY,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtE,GAAG,CAAC,OAAO,aAAa,KAAK,QAAQ,IAAI,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACpF,CAAC;YACF,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC;QAClC,CAAC;IACF,CAAC;IAEO,oBAAoB,CAAC,KAAkC;QAC9D,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACrB,OAAO;QACR,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B,CAAC;CACD"}
|
package/dist/index.d.ts
CHANGED
|
@@ -4,12 +4,34 @@ import type { StorageClientTelemetry, StorageClientTelemetryConfig } from "./obs
|
|
|
4
4
|
*
|
|
5
5
|
* TypeScript SDK client for the QNSP storage-service API.
|
|
6
6
|
* Provides a high-level interface for document upload, download, and management operations.
|
|
7
|
+
* All cryptographic operations use tenant-specific PQC algorithms based on crypto policy.
|
|
7
8
|
*/
|
|
9
|
+
/**
|
|
10
|
+
* PQC metadata for cryptographic operations.
|
|
11
|
+
*/
|
|
12
|
+
export interface PqcMetadata {
|
|
13
|
+
readonly provider: string;
|
|
14
|
+
readonly algorithm: string;
|
|
15
|
+
readonly algorithmNist?: string;
|
|
16
|
+
readonly keyId: string;
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Mapping from internal algorithm names to NIST/standards display names.
|
|
20
|
+
* Covers all 90 PQC algorithms supported by QNSP.
|
|
21
|
+
* Canonical source: @qnsp/cryptography pqc-standards.ts ALGORITHM_NIST_NAMES
|
|
22
|
+
*/
|
|
23
|
+
export declare const ALGORITHM_TO_NIST: Record<string, string>;
|
|
24
|
+
/**
|
|
25
|
+
* Convert internal algorithm name to NIST standardized name.
|
|
26
|
+
*/
|
|
27
|
+
export declare function toNistAlgorithmName(algorithm: string): string;
|
|
8
28
|
export interface StorageClientConfig {
|
|
9
29
|
readonly baseUrl: string;
|
|
10
|
-
readonly apiKey
|
|
30
|
+
readonly apiKey: string;
|
|
11
31
|
readonly tenantId: string;
|
|
12
32
|
readonly timeoutMs?: number;
|
|
33
|
+
readonly maxRetries?: number;
|
|
34
|
+
readonly retryDelayMs?: number;
|
|
13
35
|
readonly telemetry?: StorageClientTelemetry | StorageClientTelemetryConfig;
|
|
14
36
|
}
|
|
15
37
|
export interface InitiateUploadOptions {
|
|
@@ -119,6 +141,7 @@ export declare class StorageClient {
|
|
|
119
141
|
private readonly targetService;
|
|
120
142
|
constructor(config: StorageClientConfig);
|
|
121
143
|
private request;
|
|
144
|
+
private requestWithRetry;
|
|
122
145
|
initiateUpload(options: InitiateUploadOptions): Promise<{
|
|
123
146
|
readonly uploadId: string;
|
|
124
147
|
readonly documentId: string;
|
|
@@ -128,11 +151,7 @@ export declare class StorageClient {
|
|
|
128
151
|
readonly totalParts: number;
|
|
129
152
|
readonly expiresAt: string;
|
|
130
153
|
readonly resumeToken: string | null;
|
|
131
|
-
readonly pqc:
|
|
132
|
-
readonly provider: string;
|
|
133
|
-
readonly algorithm: string;
|
|
134
|
-
readonly keyId: string;
|
|
135
|
-
};
|
|
154
|
+
readonly pqc: PqcMetadata;
|
|
136
155
|
}>;
|
|
137
156
|
uploadPart(uploadId: string, partId: number, data: ReadableStream<Uint8Array> | Buffer | Uint8Array): Promise<UploadPartResult>;
|
|
138
157
|
getUploadStatus(uploadId: string): Promise<UploadStatus>;
|
|
@@ -199,4 +218,5 @@ export declare class StorageClient {
|
|
|
199
218
|
}
|
|
200
219
|
export * from "./events.js";
|
|
201
220
|
export * from "./observability.js";
|
|
221
|
+
export * from "./validation.js";
|
|
202
222
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACX,sBAAsB,EACtB,4BAA4B,EAE5B,MAAM,oBAAoB,CAAC;AAI5B;;;;;;GAMG;AAEH;;GAEG;AACH,MAAM,WAAW,WAAW;IAC3B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;CACvB;AAED;;;;GAIG;AACH,eAAO,MAAM,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CA0GpD,CAAC;AAEF;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAE7D;AAED,MAAM,WAAW,mBAAmB;IACnC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,SAAS,CAAC,EAAE,sBAAsB,GAAG,4BAA4B,CAAC;CAC3E;AAWD,MAAM,WAAW,qBAAqB;IACrC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5C,QAAQ,CAAC,IAAI,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAClC,QAAQ,CAAC,eAAe,CAAC,EAAE;QAC1B,QAAQ,CAAC,IAAI,CAAC,EAAE,YAAY,GAAG,YAAY,GAAG,IAAI,CAAC;QACnD,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACrC,QAAQ,CAAC,UAAU,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;KACxC,CAAC;CACF;AAED,MAAM,WAAW,gBAAgB;IAChC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC,QAAQ,CAAC,IAAI,CAAC,EAAE;QACf,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;QACxB,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;QAClC,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;KAC/B,CAAC;CACF;AAED,MAAM,WAAW,oBAAoB;IACpC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,KAAK,EAAE,SAAS;QACxB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;QACxB,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;QAC9B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;KAC3B,EAAE,CAAC;IACJ,QAAQ,CAAC,gBAAgB,EAAE,OAAO,CAAC;IACnC,QAAQ,CAAC,WAAW,CAAC,EAAE;QACtB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;QACrB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;QAC3B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;KACvB,GAAG,IAAI,CAAC;CACT;AAED,MAAM,WAAW,kBAAkB;IAClC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;CAC3B;AAED,MAAM,WAAW,YAAY;IAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,SAAS,GAAG,WAAW,GAAG,SAAS,GAAG,aAAa,CAAC;IACrE,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,gBAAgB;IAChC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,UAAU,EAAE;QACpB,QAAQ,CAAC,aAAa,EAAE,YAAY,GAAG,YAAY,GAAG,IAAI,CAAC;QAC3D,QAAQ,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;QACpC,QAAQ,CAAC,UAAU,EAAE,SAAS,MAAM,EAAE,CAAC;QACvC,QAAQ,CAAC,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;KAC1C,CAAC;IACF,QAAQ,CAAC,SAAS,CAAC,EAAE;QACpB,QAAQ,CAAC,WAAW,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,MAAM,GAAG,QAAQ,CAAC;QAC1D,QAAQ,CAAC,UAAU,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,MAAM,GAAG,QAAQ,GAAG,IAAI,CAAC;QAChE,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;KACzC,CAAC;CACF;AAED,MAAM,WAAW,qBAAqB;IACrC,QAAQ,CAAC,aAAa,CAAC,EAAE,YAAY,GAAG,YAAY,CAAC;IACrD,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,UAAU,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACxC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;CACpC;AAED,MAAM,WAAW,qBAAqB;IACrC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,yBAAyB;IACzC,QAAQ,CAAC,UAAU,EAAE,KAAK,GAAG,MAAM,GAAG,MAAM,GAAG,QAAQ,CAAC;IACxD,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;CACjC;AAWD,qBAAa,aAAa;IACzB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA8B;IACrD,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAgC;IAC1D,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;gBAE3B,MAAM,EAAE,mBAAmB;YA+CzB,OAAO;YAIP,gBAAgB;IAyGxB,cAAc,CAAC,OAAO,EAAE,qBAAqB,GAAG,OAAO,CAAC;QAC7D,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;QAC1B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;QAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;QAC1B,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;QAChC,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;QAChC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;QAC5B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;QAC3B,QAAQ,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;QACpC,QAAQ,CAAC,GAAG,EAAE,WAAW,CAAC;KAC1B,CAAC;IAsCI,UAAU,CACf,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,cAAc,CAAC,UAAU,CAAC,GAAG,MAAM,GAAG,UAAU,GACpD,OAAO,CAAC,gBAAgB,CAAC;IAkFtB,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IASxD,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAQ/D,qBAAqB,CAC1B,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE;QACT,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAC/B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACnC,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;KACnC,GACC,OAAO,CAAC,kBAAkB,CAAC;IAyBxB,cAAc,CACnB,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE;QACT,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAC/B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACnC,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACnC,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;KAC/B,GACC,OAAO,CAAC;QACV,QAAQ,CAAC,MAAM,EAAE,cAAc,CAAC,UAAU,CAAC,CAAC;QAC5C,QAAQ,CAAC,UAAU,EAAE,GAAG,GAAG,GAAG,CAAC;QAC/B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;QAC3B,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;QAC/B,QAAQ,CAAC,KAAK,CAAC,EAAE;YAAE,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;YAAC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAA;SAAE,CAAC;QAClE,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;KAC9B,CAAC;IAuHF;;;OAGG;IACG,mBAAmB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAWxE;;;OAGG;IACG,sBAAsB,CAC3B,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,qBAAqB,GAC1B,OAAO,CAAC,gBAAgB,CAAC;IAY5B;;;OAGG;IACG,cAAc,CACnB,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,qBAAqB,GAC5B,OAAO,CAAC;QACV,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;QAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;QAC1B,QAAQ,CAAC,UAAU,EAAE,SAAS,MAAM,EAAE,CAAC;KACvC,CAAC;IAYF;;;OAGG;IACG,gBAAgB,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAWzE;;;OAGG;IACG,2BAA2B,CAChC,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,yBAAyB,GAChC,OAAO,CAAC;QACV,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;QAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;QAC1B,QAAQ,CAAC,SAAS,EAAE;YACnB,QAAQ,CAAC,WAAW,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,MAAM,GAAG,QAAQ,CAAC;YAC1D,QAAQ,CAAC,UAAU,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,MAAM,GAAG,QAAQ,GAAG,IAAI,CAAC;YAChE,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;SACzC,CAAC;KACF,CAAC;IAYF,OAAO,CAAC,oBAAoB;CAM5B;AAED,cAAc,aAAa,CAAC;AAC5B,cAAc,oBAAoB,CAAC;AACnC,cAAc,iBAAiB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -1,15 +1,150 @@
|
|
|
1
|
-
import { performance } from "node:perf_hooks";
|
|
2
1
|
import { createStorageClientTelemetry, isStorageClientTelemetry } from "./observability.js";
|
|
2
|
+
import { validateUUID } from "./validation.js";
|
|
3
|
+
/**
|
|
4
|
+
* Mapping from internal algorithm names to NIST/standards display names.
|
|
5
|
+
* Covers all 90 PQC algorithms supported by QNSP.
|
|
6
|
+
* Canonical source: @qnsp/cryptography pqc-standards.ts ALGORITHM_NIST_NAMES
|
|
7
|
+
*/
|
|
8
|
+
export const ALGORITHM_TO_NIST = {
|
|
9
|
+
// FIPS 203 — ML-KEM
|
|
10
|
+
"kyber-512": "ML-KEM-512",
|
|
11
|
+
"kyber-768": "ML-KEM-768",
|
|
12
|
+
"kyber-1024": "ML-KEM-1024",
|
|
13
|
+
// FIPS 204 — ML-DSA
|
|
14
|
+
"dilithium-2": "ML-DSA-44",
|
|
15
|
+
"dilithium-3": "ML-DSA-65",
|
|
16
|
+
"dilithium-5": "ML-DSA-87",
|
|
17
|
+
// FIPS 205 — SLH-DSA (SHA-2 variants)
|
|
18
|
+
"sphincs-sha2-128f-simple": "SLH-DSA-SHA2-128f",
|
|
19
|
+
"sphincs-sha2-128s-simple": "SLH-DSA-SHA2-128s",
|
|
20
|
+
"sphincs-sha2-192f-simple": "SLH-DSA-SHA2-192f",
|
|
21
|
+
"sphincs-sha2-192s-simple": "SLH-DSA-SHA2-192s",
|
|
22
|
+
"sphincs-sha2-256f-simple": "SLH-DSA-SHA2-256f",
|
|
23
|
+
"sphincs-sha2-256s-simple": "SLH-DSA-SHA2-256s",
|
|
24
|
+
// FIPS 205 — SLH-DSA (SHAKE variants)
|
|
25
|
+
"sphincs-shake-128f-simple": "SLH-DSA-SHAKE-128f",
|
|
26
|
+
"sphincs-shake-128s-simple": "SLH-DSA-SHAKE-128s",
|
|
27
|
+
"sphincs-shake-192f-simple": "SLH-DSA-SHAKE-192f",
|
|
28
|
+
"sphincs-shake-192s-simple": "SLH-DSA-SHAKE-192s",
|
|
29
|
+
"sphincs-shake-256f-simple": "SLH-DSA-SHAKE-256f",
|
|
30
|
+
"sphincs-shake-256s-simple": "SLH-DSA-SHAKE-256s",
|
|
31
|
+
// FN-DSA (FIPS 206 draft)
|
|
32
|
+
"falcon-512": "FN-DSA-512",
|
|
33
|
+
"falcon-1024": "FN-DSA-1024",
|
|
34
|
+
// HQC (NIST selected March 2025)
|
|
35
|
+
"hqc-128": "HQC-128",
|
|
36
|
+
"hqc-192": "HQC-192",
|
|
37
|
+
"hqc-256": "HQC-256",
|
|
38
|
+
// BIKE (NIST Round 4)
|
|
39
|
+
"bike-l1": "BIKE-L1",
|
|
40
|
+
"bike-l3": "BIKE-L3",
|
|
41
|
+
"bike-l5": "BIKE-L5",
|
|
42
|
+
// Classic McEliece (ISO standard)
|
|
43
|
+
"mceliece-348864": "Classic-McEliece-348864",
|
|
44
|
+
"mceliece-460896": "Classic-McEliece-460896",
|
|
45
|
+
"mceliece-6688128": "Classic-McEliece-6688128",
|
|
46
|
+
"mceliece-6960119": "Classic-McEliece-6960119",
|
|
47
|
+
"mceliece-8192128": "Classic-McEliece-8192128",
|
|
48
|
+
// FrodoKEM (ISO standard)
|
|
49
|
+
"frodokem-640-aes": "FrodoKEM-640-AES",
|
|
50
|
+
"frodokem-640-shake": "FrodoKEM-640-SHAKE",
|
|
51
|
+
"frodokem-976-aes": "FrodoKEM-976-AES",
|
|
52
|
+
"frodokem-976-shake": "FrodoKEM-976-SHAKE",
|
|
53
|
+
"frodokem-1344-aes": "FrodoKEM-1344-AES",
|
|
54
|
+
"frodokem-1344-shake": "FrodoKEM-1344-SHAKE",
|
|
55
|
+
// NTRU (lattice-based, re-added in liboqs 0.15)
|
|
56
|
+
"ntru-hps-2048-509": "NTRU-HPS-2048-509",
|
|
57
|
+
"ntru-hps-2048-677": "NTRU-HPS-2048-677",
|
|
58
|
+
"ntru-hps-4096-821": "NTRU-HPS-4096-821",
|
|
59
|
+
"ntru-hps-4096-1229": "NTRU-HPS-4096-1229",
|
|
60
|
+
"ntru-hrss-701": "NTRU-HRSS-701",
|
|
61
|
+
"ntru-hrss-1373": "NTRU-HRSS-1373",
|
|
62
|
+
// NTRU-Prime
|
|
63
|
+
sntrup761: "sntrup761",
|
|
64
|
+
// MAYO (NIST Additional Signatures Round 2)
|
|
65
|
+
"mayo-1": "MAYO-1",
|
|
66
|
+
"mayo-2": "MAYO-2",
|
|
67
|
+
"mayo-3": "MAYO-3",
|
|
68
|
+
"mayo-5": "MAYO-5",
|
|
69
|
+
// CROSS (NIST Additional Signatures Round 2)
|
|
70
|
+
"cross-rsdp-128-balanced": "CROSS-RSDP-128-balanced",
|
|
71
|
+
"cross-rsdp-128-fast": "CROSS-RSDP-128-fast",
|
|
72
|
+
"cross-rsdp-128-small": "CROSS-RSDP-128-small",
|
|
73
|
+
"cross-rsdp-192-balanced": "CROSS-RSDP-192-balanced",
|
|
74
|
+
"cross-rsdp-192-fast": "CROSS-RSDP-192-fast",
|
|
75
|
+
"cross-rsdp-192-small": "CROSS-RSDP-192-small",
|
|
76
|
+
"cross-rsdp-256-balanced": "CROSS-RSDP-256-balanced",
|
|
77
|
+
"cross-rsdp-256-fast": "CROSS-RSDP-256-fast",
|
|
78
|
+
"cross-rsdp-256-small": "CROSS-RSDP-256-small",
|
|
79
|
+
"cross-rsdpg-128-balanced": "CROSS-RSDPG-128-balanced",
|
|
80
|
+
"cross-rsdpg-128-fast": "CROSS-RSDPG-128-fast",
|
|
81
|
+
"cross-rsdpg-128-small": "CROSS-RSDPG-128-small",
|
|
82
|
+
"cross-rsdpg-192-balanced": "CROSS-RSDPG-192-balanced",
|
|
83
|
+
"cross-rsdpg-192-fast": "CROSS-RSDPG-192-fast",
|
|
84
|
+
"cross-rsdpg-192-small": "CROSS-RSDPG-192-small",
|
|
85
|
+
"cross-rsdpg-256-balanced": "CROSS-RSDPG-256-balanced",
|
|
86
|
+
"cross-rsdpg-256-fast": "CROSS-RSDPG-256-fast",
|
|
87
|
+
"cross-rsdpg-256-small": "CROSS-RSDPG-256-small",
|
|
88
|
+
// UOV (NIST Additional Signatures Round 2)
|
|
89
|
+
"ov-Is": "UOV-Is",
|
|
90
|
+
"ov-Ip": "UOV-Ip",
|
|
91
|
+
"ov-III": "UOV-III",
|
|
92
|
+
"ov-V": "UOV-V",
|
|
93
|
+
"ov-Is-pkc": "UOV-Is-pkc",
|
|
94
|
+
"ov-Ip-pkc": "UOV-Ip-pkc",
|
|
95
|
+
"ov-III-pkc": "UOV-III-pkc",
|
|
96
|
+
"ov-V-pkc": "UOV-V-pkc",
|
|
97
|
+
"ov-Is-pkc-skc": "UOV-Is-pkc-skc",
|
|
98
|
+
"ov-Ip-pkc-skc": "UOV-Ip-pkc-skc",
|
|
99
|
+
"ov-III-pkc-skc": "UOV-III-pkc-skc",
|
|
100
|
+
"ov-V-pkc-skc": "UOV-V-pkc-skc",
|
|
101
|
+
// SNOVA (NIST Additional Signatures Round 2, liboqs 0.14+)
|
|
102
|
+
"snova-24-5-4": "SNOVA-24-5-4",
|
|
103
|
+
"snova-24-5-4-shake": "SNOVA-24-5-4-SHAKE",
|
|
104
|
+
"snova-24-5-4-esk": "SNOVA-24-5-4-ESK",
|
|
105
|
+
"snova-24-5-4-shake-esk": "SNOVA-24-5-4-SHAKE-ESK",
|
|
106
|
+
"snova-25-8-3": "SNOVA-25-8-3",
|
|
107
|
+
"snova-37-17-2": "SNOVA-37-17-2",
|
|
108
|
+
"snova-37-8-4": "SNOVA-37-8-4",
|
|
109
|
+
"snova-24-5-5": "SNOVA-24-5-5",
|
|
110
|
+
"snova-56-25-2": "SNOVA-56-25-2",
|
|
111
|
+
"snova-49-11-3": "SNOVA-49-11-3",
|
|
112
|
+
"snova-60-10-4": "SNOVA-60-10-4",
|
|
113
|
+
"snova-29-6-5": "SNOVA-29-6-5",
|
|
114
|
+
};
|
|
115
|
+
/**
|
|
116
|
+
* Convert internal algorithm name to NIST standardized name.
|
|
117
|
+
*/
|
|
118
|
+
export function toNistAlgorithmName(algorithm) {
|
|
119
|
+
return ALGORITHM_TO_NIST[algorithm] ?? algorithm;
|
|
120
|
+
}
|
|
3
121
|
export class StorageClient {
|
|
4
122
|
config;
|
|
5
123
|
telemetry;
|
|
6
124
|
targetService;
|
|
7
125
|
constructor(config) {
|
|
126
|
+
if (!config.apiKey || config.apiKey.trim().length === 0) {
|
|
127
|
+
throw new Error("QNSP Storage SDK: apiKey is required. " +
|
|
128
|
+
"Get your free API key at https://cloud.qnsp.cuilabs.io/signup — " +
|
|
129
|
+
"no credit card required (FREE tier: 5 GB storage, 2,000 API calls/month). " +
|
|
130
|
+
"Docs: https://docs.qnsp.cuilabs.io/sdk/storage-sdk");
|
|
131
|
+
}
|
|
132
|
+
const baseUrl = config.baseUrl.replace(/\/$/, "");
|
|
133
|
+
// Enforce HTTPS in production (allow HTTP only for localhost in development)
|
|
134
|
+
if (!baseUrl.startsWith("https://")) {
|
|
135
|
+
const isLocalhost = baseUrl.startsWith("http://localhost") || baseUrl.startsWith("http://127.0.0.1");
|
|
136
|
+
const isDevelopment = process.env["NODE_ENV"] === "development" || process.env["NODE_ENV"] === "test";
|
|
137
|
+
if (!isLocalhost || !isDevelopment) {
|
|
138
|
+
throw new Error("baseUrl must use HTTPS in production. HTTP is only allowed for localhost in development.");
|
|
139
|
+
}
|
|
140
|
+
}
|
|
8
141
|
this.config = {
|
|
9
|
-
baseUrl
|
|
10
|
-
apiKey: config.apiKey
|
|
142
|
+
baseUrl,
|
|
143
|
+
apiKey: config.apiKey,
|
|
11
144
|
tenantId: config.tenantId,
|
|
12
145
|
timeoutMs: config.timeoutMs ?? 30_000,
|
|
146
|
+
maxRetries: config.maxRetries ?? 3,
|
|
147
|
+
retryDelayMs: config.retryDelayMs ?? 1_000,
|
|
13
148
|
};
|
|
14
149
|
this.telemetry = config.telemetry
|
|
15
150
|
? isStorageClientTelemetry(config.telemetry)
|
|
@@ -24,14 +159,15 @@ export class StorageClient {
|
|
|
24
159
|
}
|
|
25
160
|
}
|
|
26
161
|
async request(method, path, options) {
|
|
162
|
+
return this.requestWithRetry(method, path, options, 0);
|
|
163
|
+
}
|
|
164
|
+
async requestWithRetry(method, path, options, attempt) {
|
|
27
165
|
const url = `${this.config.baseUrl}${path}`;
|
|
28
166
|
const headers = {
|
|
29
167
|
"Content-Type": "application/json",
|
|
30
168
|
...options?.headers,
|
|
31
169
|
};
|
|
32
|
-
|
|
33
|
-
headers["Authorization"] = `Bearer ${this.config.apiKey}`;
|
|
34
|
-
}
|
|
170
|
+
headers["Authorization"] = `Bearer ${this.config.apiKey}`;
|
|
35
171
|
const controller = new AbortController();
|
|
36
172
|
const timeoutId = setTimeout(() => controller.abort(), this.config.timeoutMs);
|
|
37
173
|
const signal = options?.signal ?? controller.signal;
|
|
@@ -53,11 +189,32 @@ export class StorageClient {
|
|
|
53
189
|
const response = await fetch(url, init);
|
|
54
190
|
clearTimeout(timeoutId);
|
|
55
191
|
httpStatus = response.status;
|
|
192
|
+
// Handle rate limiting (429) with retry logic
|
|
193
|
+
if (response.status === 429) {
|
|
194
|
+
if (attempt < this.config.maxRetries) {
|
|
195
|
+
const retryAfterHeader = response.headers.get("Retry-After");
|
|
196
|
+
let delayMs = this.config.retryDelayMs;
|
|
197
|
+
if (retryAfterHeader) {
|
|
198
|
+
const retryAfterSeconds = Number.parseInt(retryAfterHeader, 10);
|
|
199
|
+
if (!Number.isNaN(retryAfterSeconds) && retryAfterSeconds > 0) {
|
|
200
|
+
delayMs = retryAfterSeconds * 1_000;
|
|
201
|
+
}
|
|
202
|
+
}
|
|
203
|
+
else {
|
|
204
|
+
// Exponential backoff: 2^attempt * baseDelay, capped at 30 seconds
|
|
205
|
+
delayMs = Math.min(2 ** attempt * this.config.retryDelayMs, 30_000);
|
|
206
|
+
}
|
|
207
|
+
await new Promise((resolve) => setTimeout(resolve, delayMs));
|
|
208
|
+
return this.requestWithRetry(method, path, options, attempt + 1);
|
|
209
|
+
}
|
|
210
|
+
status = "error";
|
|
211
|
+
errorMessage = `HTTP ${response.status}`;
|
|
212
|
+
throw new Error(`Storage API error: Rate limit exceeded after ${this.config.maxRetries} retries`);
|
|
213
|
+
}
|
|
56
214
|
if (!response.ok) {
|
|
57
215
|
status = "error";
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
throw new Error(`Storage API error: ${response.status} ${response.statusText} - ${errorText}`);
|
|
216
|
+
errorMessage = `HTTP ${response.status}`;
|
|
217
|
+
throw new Error(`Storage API error: ${response.status} ${response.statusText}`);
|
|
61
218
|
}
|
|
62
219
|
if (response.status === 204) {
|
|
63
220
|
return undefined;
|
|
@@ -92,7 +249,7 @@ export class StorageClient {
|
|
|
92
249
|
}
|
|
93
250
|
}
|
|
94
251
|
async initiateUpload(options) {
|
|
95
|
-
|
|
252
|
+
const result = await this.request("POST", "/storage/v1/documents", {
|
|
96
253
|
body: {
|
|
97
254
|
name: options.name,
|
|
98
255
|
mimeType: options.mimeType,
|
|
@@ -104,15 +261,21 @@ export class StorageClient {
|
|
|
104
261
|
},
|
|
105
262
|
operation: "initiateUpload",
|
|
106
263
|
});
|
|
264
|
+
// Enrich PQC metadata with NIST algorithm name
|
|
265
|
+
return {
|
|
266
|
+
...result,
|
|
267
|
+
pqc: {
|
|
268
|
+
...result.pqc,
|
|
269
|
+
algorithmNist: toNistAlgorithmName(result.pqc.algorithm),
|
|
270
|
+
},
|
|
271
|
+
};
|
|
107
272
|
}
|
|
108
273
|
async uploadPart(uploadId, partId, data) {
|
|
109
274
|
const url = `${this.config.baseUrl}/storage/v1/uploads/${uploadId}/parts/${partId}`;
|
|
110
275
|
const headers = {
|
|
111
276
|
"Content-Type": "application/octet-stream",
|
|
112
277
|
};
|
|
113
|
-
|
|
114
|
-
headers["Authorization"] = `Bearer ${this.config.apiKey}`;
|
|
115
|
-
}
|
|
278
|
+
headers["Authorization"] = `Bearer ${this.config.apiKey}`;
|
|
116
279
|
const bytesSent = data instanceof Buffer || data instanceof Uint8Array ? data.byteLength : undefined;
|
|
117
280
|
const route = "/storage/v1/uploads/:uploadId/parts/:partId";
|
|
118
281
|
const start = performance.now();
|
|
@@ -147,9 +310,8 @@ export class StorageClient {
|
|
|
147
310
|
httpStatus = response.status;
|
|
148
311
|
if (!response.ok) {
|
|
149
312
|
status = "error";
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
throw new Error(`Upload part error: ${response.status} ${response.statusText} - ${errorText}`);
|
|
313
|
+
errorMessage = `HTTP ${response.status}`;
|
|
314
|
+
throw new Error(`Upload part error: ${response.status} ${response.statusText}`);
|
|
153
315
|
}
|
|
154
316
|
return (await response.json());
|
|
155
317
|
}
|
|
@@ -182,6 +344,7 @@ export class StorageClient {
|
|
|
182
344
|
}
|
|
183
345
|
}
|
|
184
346
|
async getUploadStatus(uploadId) {
|
|
347
|
+
validateUUID(uploadId, "uploadId");
|
|
185
348
|
// Use GET since we need the full status object
|
|
186
349
|
return this.request("GET", `/storage/v1/uploads/${uploadId}`, {
|
|
187
350
|
operation: "getUploadStatus",
|
|
@@ -189,6 +352,7 @@ export class StorageClient {
|
|
|
189
352
|
});
|
|
190
353
|
}
|
|
191
354
|
async completeUpload(uploadId) {
|
|
355
|
+
validateUUID(uploadId, "uploadId");
|
|
192
356
|
return this.request("POST", `/storage/v1/uploads/${uploadId}/complete`, {
|
|
193
357
|
operation: "completeUpload",
|
|
194
358
|
telemetryRoute: "/storage/v1/uploads/:uploadId/complete",
|
|
@@ -233,9 +397,7 @@ export class StorageClient {
|
|
|
233
397
|
if (options?.range) {
|
|
234
398
|
headers["Range"] = options.range;
|
|
235
399
|
}
|
|
236
|
-
|
|
237
|
-
headers["Authorization"] = `Bearer ${this.config.apiKey}`;
|
|
238
|
-
}
|
|
400
|
+
headers["Authorization"] = `Bearer ${this.config.apiKey}`;
|
|
239
401
|
const controller = new AbortController();
|
|
240
402
|
const timeoutId = setTimeout(() => controller.abort(), this.config.timeoutMs);
|
|
241
403
|
const route = "/storage/v1/documents/:documentId/versions/:version/content";
|
|
@@ -254,9 +416,8 @@ export class StorageClient {
|
|
|
254
416
|
httpStatus = response.status;
|
|
255
417
|
if (!response.ok) {
|
|
256
418
|
status = "error";
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
throw new Error(`Download error: ${response.status} ${response.statusText} - ${errorText}`);
|
|
419
|
+
errorMessage = `HTTP ${response.status}`;
|
|
420
|
+
throw new Error(`Download error: ${response.status} ${response.statusText}`);
|
|
260
421
|
}
|
|
261
422
|
const contentRange = response.headers.get("Content-Range");
|
|
262
423
|
const rangeMatch = contentRange?.startsWith("bytes ")
|
|
@@ -323,6 +484,7 @@ export class StorageClient {
|
|
|
323
484
|
* Requires x-tenant-id header.
|
|
324
485
|
*/
|
|
325
486
|
async getDocumentPolicies(documentId) {
|
|
487
|
+
validateUUID(documentId, "documentId");
|
|
326
488
|
return this.request("GET", `/storage/v1/documents/${documentId}/policies`, {
|
|
327
489
|
operation: "getDocumentPolicies",
|
|
328
490
|
telemetryRoute: "/storage/v1/documents/:documentId/policies",
|
|
@@ -336,6 +498,7 @@ export class StorageClient {
|
|
|
336
498
|
* Requires x-tenant-id header.
|
|
337
499
|
*/
|
|
338
500
|
async updateDocumentPolicies(documentId, input) {
|
|
501
|
+
validateUUID(documentId, "documentId");
|
|
339
502
|
return this.request("PATCH", `/storage/v1/documents/${documentId}/policies`, {
|
|
340
503
|
body: input,
|
|
341
504
|
operation: "updateDocumentPolicies",
|
|
@@ -350,6 +513,7 @@ export class StorageClient {
|
|
|
350
513
|
* Requires x-tenant-id header.
|
|
351
514
|
*/
|
|
352
515
|
async applyLegalHold(documentId, request) {
|
|
516
|
+
validateUUID(documentId, "documentId");
|
|
353
517
|
return this.request("POST", `/storage/v1/documents/${documentId}/legal-holds`, {
|
|
354
518
|
body: request,
|
|
355
519
|
operation: "applyLegalHold",
|
|
@@ -364,6 +528,7 @@ export class StorageClient {
|
|
|
364
528
|
* Requires x-tenant-id header.
|
|
365
529
|
*/
|
|
366
530
|
async releaseLegalHold(documentId, holdId) {
|
|
531
|
+
validateUUID(documentId, "documentId");
|
|
367
532
|
return this.request("DELETE", `/storage/v1/documents/${documentId}/legal-holds/${holdId}`, {
|
|
368
533
|
operation: "releaseLegalHold",
|
|
369
534
|
telemetryRoute: "/storage/v1/documents/:documentId/legal-holds/:holdId",
|
|
@@ -377,6 +542,7 @@ export class StorageClient {
|
|
|
377
542
|
* Requires x-tenant-id header.
|
|
378
543
|
*/
|
|
379
544
|
async scheduleLifecycleTransition(documentId, request) {
|
|
545
|
+
validateUUID(documentId, "documentId");
|
|
380
546
|
return this.request("POST", `/storage/v1/documents/${documentId}/lifecycle/transitions`, {
|
|
381
547
|
body: request,
|
|
382
548
|
operation: "scheduleLifecycleTransition",
|
|
@@ -395,4 +561,5 @@ export class StorageClient {
|
|
|
395
561
|
}
|
|
396
562
|
export * from "./events.js";
|
|
397
563
|
export * from "./observability.js";
|
|
564
|
+
export * from "./validation.js";
|
|
398
565
|
//# sourceMappingURL=index.js.map
|