@raytio/core 10.1.0 → 11.1.0

package/dist/accessApplication/createAA.js

@@ -1,71 +1,71 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createAA = void 0;
-const util_1 = require("../util");
-/** @internal */
-const createApplication = ({ apiUrl, apiToken, application, }) => fetch(`${apiUrl}/share/v2/access_application`, {
-    method: "POST",
-    body: JSON.stringify(application),
-    headers: { Authorization: `Bearer ${apiToken}` },
-}).then(util_1.handleResponse);
-/** @internal */
-const createApplicationPublicKey = async ({ apiUrl, apiToken, aId, publicKey, }) => {
-    const PO = await fetch(`${apiUrl}/share/v2/access_application/${aId}/public_key`, {
-        method: "POST",
-        body: JSON.stringify({ a_id: aId, key: publicKey }),
-        headers: { Authorization: `Bearer ${apiToken}` },
-    }).then(util_1.handleResponse);
-    return { publicKeyNId: PO.n_id };
-};
-/** @internal */
-const createApplicationEncryptedPrivateKey = ({ apiUrl, apiToken, publicKeyNId, encryptedPrivateKey, }) => fetch(`${apiUrl}/share/v2/access_application/public_key/${publicKeyNId}/private_key`, {
-    method: "POST",
-    body: JSON.stringify({ n_id: publicKeyNId, key: encryptedPrivateKey }),
-    headers: { Authorization: `Bearer ${apiToken}` },
-}).then(util_1.handleResponse);
-/** @internal */
-async function createApplicationEncryptor(userDoc, maxcryptor) {
-    const applicationEncryptor = await maxcryptor.createApplicationEncryptor();
-    // The exported public key should be available for everyone
-    const publicKey = await applicationEncryptor.exportPublicKey();
-    // Encrypt the private key for the current user
-    const encryptedPrivateKey = await applicationEncryptor.encryptPrivateKey(userDoc.encryption_key_pair.public_key);
-    return {
-        applicationEncryptor,
-        publicKey,
-        encryptedPrivateKey,
-    };
-}
-/**
- * Creates an Access Application and associated public+private keys.
- *
- * The user must be part of an organization, and you need to include the `orgId`.
- *
- * You must also supply an apiToken and an instance of the maxcryptor for that user,
- * as well as the `userDoc` data which is stored in the user's cognito attributes.
- */
-async function createAA({ apiUrl, apiToken, userDoc, maxcryptor, application, }) {
-    if (!application.org_id) {
-        throw new Error("Cannot create an AA without an org_id");
-    }
-    const newApp = await createApplication({
-        apiUrl,
-        apiToken,
-        application,
-    });
-    const { publicKey, encryptedPrivateKey } = await createApplicationEncryptor(userDoc, maxcryptor);
-    const { publicKeyNId } = await createApplicationPublicKey({
-        apiUrl,
-        apiToken,
-        aId: newApp.a_id,
-        publicKey,
-    });
-    await createApplicationEncryptedPrivateKey({
-        apiUrl,
-        apiToken,
-        publicKeyNId,
-        encryptedPrivateKey,
-    });
-    return newApp;
-}
-exports.createAA = createAA;
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createAA = void 0;
+const util_1 = require("../util");
+/** @internal */
+const createApplication = ({ apiUrl, apiToken, application, }) => fetch(`${apiUrl}/share/v2/access_application`, {
+    method: "POST",
+    body: JSON.stringify(application),
+    headers: { Authorization: `Bearer ${apiToken}` },
+}).then(util_1.handleResponse);
+/** @internal */
+const createApplicationPublicKey = async ({ apiUrl, apiToken, aId, publicKey, }) => {
+    const PO = await fetch(`${apiUrl}/share/v2/access_application/${aId}/public_key`, {
+        method: "POST",
+        body: JSON.stringify({ a_id: aId, key: publicKey }),
+        headers: { Authorization: `Bearer ${apiToken}` },
+    }).then(util_1.handleResponse);
+    return { publicKeyNId: PO.n_id };
+};
+/** @internal */
+const createApplicationEncryptedPrivateKey = ({ apiUrl, apiToken, publicKeyNId, encryptedPrivateKey, }) => fetch(`${apiUrl}/share/v2/access_application/public_key/${publicKeyNId}/private_key`, {
+    method: "POST",
+    body: JSON.stringify({ n_id: publicKeyNId, key: encryptedPrivateKey }),
+    headers: { Authorization: `Bearer ${apiToken}` },
+}).then(util_1.handleResponse);
+/** @internal */
+async function createApplicationEncryptor(userDoc, maxcryptor) {
+    const applicationEncryptor = await maxcryptor.createApplicationEncryptor();
+    // The exported public key should be available for everyone
+    const publicKey = await applicationEncryptor.exportPublicKey();
+    // Encrypt the private key for the current user
+    const encryptedPrivateKey = await applicationEncryptor.encryptPrivateKey(userDoc.encryption_key_pair.public_key);
+    return {
+        applicationEncryptor,
+        publicKey,
+        encryptedPrivateKey,
+    };
+}
+/**
+ * Creates an Access Application and associated public+private keys.
+ *
+ * The user must be part of an organization, and you need to include the `orgId`.
+ *
+ * You must also supply an apiToken and an instance of the maxcryptor for that user,
+ * as well as the `userDoc` data which is stored in the user's cognito attributes.
+ */
+async function createAA({ apiUrl, apiToken, userDoc, maxcryptor, application, }) {
+    if (!application.org_id) {
+        throw new Error("Cannot create an AA without an org_id");
+    }
+    const newApp = await createApplication({
+        apiUrl,
+        apiToken,
+        application,
+    });
+    const { publicKey, encryptedPrivateKey } = await createApplicationEncryptor(userDoc, maxcryptor);
+    const { publicKeyNId } = await createApplicationPublicKey({
+        apiUrl,
+        apiToken,
+        aId: newApp.a_id,
+        publicKey,
+    });
+    await createApplicationEncryptedPrivateKey({
+        apiUrl,
+        apiToken,
+        publicKeyNId,
+        encryptedPrivateKey,
+    });
+    return newApp;
+}
+exports.createAA = createAA;

package/dist/accessApplication/index.d.ts

@@ -1 +1 @@
-export * from "./createAA";
+export * from "./createAA";

package/dist/accessApplication/index.js

@@ -1,17 +1,17 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./createAA"), exports);
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./createAA"), exports);

package/dist/crypto/cognitoAttributes.d.ts

@@ -1,15 +1,15 @@
-import { UserDoc } from "@raytio/maxcryptor";
-import type { ICognitoUserAttributeData } from "amazon-cognito-identity-js";
-/**
- * Given a `UserDoc` from the maxcryptor, this returns an object
- * which you can provide to `Auth.updateUserAttributes()`. It is
- * an object of stringified Json.
- */
-export declare const toCognitoAttributes: (userDoc: UserDoc) => {
-    [customCognitoName: string]: string;
-};
-/**
- * This function converts Cognito's userAttributes into a maxcryptor UserDoc.
- * The userAttributes come from `const attributes = await Auth.userAttributes(user)`
- */
-export declare const fromCognitoAttributes: (attributes: ICognitoUserAttributeData[]) => UserDoc;
+import { UserDoc } from "@raytio/maxcryptor";
+import type { ICognitoUserAttributeData } from "amazon-cognito-identity-js";
+/**
+ * Given a `UserDoc` from the maxcryptor, this returns an object
+ * which you can provide to `Auth.updateUserAttributes()`. It is
+ * an object of stringified Json.
+ */
+export declare const toCognitoAttributes: (userDoc: UserDoc) => {
+    [customCognitoName: string]: string;
+};
+/**
+ * This function converts Cognito's userAttributes into a maxcryptor UserDoc.
+ * The userAttributes come from `const attributes = await Auth.userAttributes(user)`
+ */
+export declare const fromCognitoAttributes: (attributes: ICognitoUserAttributeData[]) => UserDoc;

package/dist/crypto/cognitoAttributes.js

@@ -1,33 +1,33 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.fromCognitoAttributes = exports.toCognitoAttributes = void 0;
-const ramda_1 = require("ramda");
-const ATTRIBUTE_MAP = {
-    "custom:kek_derivation": ["kek_derivation_config"],
-    "custom:dek_encryption": ["private_key_encryption_config"],
-    "custom:aek_public": ["encryption_key_pair", "public_key"],
-    "custom:aek_private": ["encryption_key_pair", "private_key"],
-    "custom:ask_public": ["signing_key_pair", "public_key"],
-    "custom:ask_private": ["signing_key_pair", "private_key"],
-};
-/**
- * Given a `UserDoc` from the maxcryptor, this returns an object
- * which you can provide to `Auth.updateUserAttributes()`. It is
- * an object of stringified Json.
- */
-const toCognitoAttributes = (userDoc) => Object.fromEntries(Object.entries(ATTRIBUTE_MAP).map(([cognitoKey, deepPath]) => [
-    cognitoKey,
-    JSON.stringify((0, ramda_1.path)(deepPath, userDoc)),
-]));
-exports.toCognitoAttributes = toCognitoAttributes;
-/**
- * This function converts Cognito's userAttributes into a maxcryptor UserDoc.
- * The userAttributes come from `const attributes = await Auth.userAttributes(user)`
- */
-const fromCognitoAttributes = (attributes) => attributes.reduce((ac, { Name, Value }) => {
-    const maybePath = ATTRIBUTE_MAP[Name];
-    if (!maybePath)
-        return ac; // we don't know about this attribute
-    return (0, ramda_1.assocPath)(maybePath, JSON.parse(Value), ac);
-}, {});
-exports.fromCognitoAttributes = fromCognitoAttributes;
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.fromCognitoAttributes = exports.toCognitoAttributes = void 0;
+const ramda_1 = require("ramda");
+const ATTRIBUTE_MAP = {
+    "custom:kek_derivation": ["kek_derivation_config"],
+    "custom:dek_encryption": ["private_key_encryption_config"],
+    "custom:aek_public": ["encryption_key_pair", "public_key"],
+    "custom:aek_private": ["encryption_key_pair", "private_key"],
+    "custom:ask_public": ["signing_key_pair", "public_key"],
+    "custom:ask_private": ["signing_key_pair", "private_key"],
+};
+/**
+ * Given a `UserDoc` from the maxcryptor, this returns an object
+ * which you can provide to `Auth.updateUserAttributes()`. It is
+ * an object of stringified Json.
+ */
+const toCognitoAttributes = (userDoc) => Object.fromEntries(Object.entries(ATTRIBUTE_MAP).map(([cognitoKey, deepPath]) => [
+    cognitoKey,
+    JSON.stringify((0, ramda_1.path)(deepPath, userDoc)),
+]));
+exports.toCognitoAttributes = toCognitoAttributes;
+/**
+ * This function converts Cognito's userAttributes into a maxcryptor UserDoc.
+ * The userAttributes come from `const attributes = await Auth.userAttributes(user)`
+ */
+const fromCognitoAttributes = (attributes) => attributes.reduce((ac, { Name, Value }) => {
+    const maybePath = ATTRIBUTE_MAP[Name];
+    if (!maybePath)
+        return ac; // we don't know about this attribute
+    return (0, ramda_1.assocPath)(maybePath, JSON.parse(Value), ac);
+}, {});
+exports.fromCognitoAttributes = fromCognitoAttributes;

package/dist/crypto/decryptKeys.d.ts

@@ -1 +1 @@
-export {};
+export {};

package/dist/crypto/decryptKeys.js

@@ -1,33 +1,33 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.decryptKeys = void 0;
-const helpers_1 = require("./helpers");
-/** @internal */
-const decryptKeys = async ({ applicationDecryptor, keys, data, onCorruptedData, }) => {
-    const KVPairs = await Promise.all(Object.entries(data).map(async ([key, value]) => {
-        var _a;
-        if (!(0, helpers_1.isEncrypted)(value))
-            return [key, value];
-        const encryptedDecryptionKey = (_a = keys === null || keys === void 0 ? void 0 : keys[key]) === null || _a === void 0 ? void 0 : _a.data;
-        if (!encryptedDecryptionKey) {
-            const error = new Error(`Can't decrypt shared data because there are no keys for ${key}`);
-            if (onCorruptedData)
-                return [key, onCorruptedData(key, value, error)];
-            throw error;
-        }
-        try {
-            return [
-                key,
-                await applicationDecryptor.decrypt(value, encryptedDecryptionKey),
-            ];
-        }
-        catch (_ex) {
-            const error = _ex instanceof Error ? _ex : new Error(`${_ex}`);
-            if (onCorruptedData)
-                return [key, onCorruptedData(key, value, error)];
-            throw error;
-        }
-    }));
-    return Object.fromEntries(KVPairs);
-};
-exports.decryptKeys = decryptKeys;
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.decryptKeys = void 0;
+const helpers_1 = require("./helpers");
+/** @internal */
+const decryptKeys = async ({ applicationDecryptor, keys, data, onCorruptedData, }) => {
+    const KVPairs = await Promise.all(Object.entries(data).map(async ([key, value]) => {
+        var _a;
+        if (!(0, helpers_1.isEncrypted)(value))
+            return [key, value];
+        const encryptedDecryptionKey = (_a = keys === null || keys === void 0 ? void 0 : keys[key]) === null || _a === void 0 ? void 0 : _a.data;
+        if (!encryptedDecryptionKey) {
+            const error = new Error(`Can't decrypt shared data because there are no keys for ${key}`);
+            if (onCorruptedData)
+                return [key, onCorruptedData(key, value, error)];
+            throw error;
+        }
+        try {
+            return [
+                key,
+                await applicationDecryptor.decrypt(value, encryptedDecryptionKey),
+            ];
+        }
+        catch (_ex) {
+            const error = _ex instanceof Error ? _ex : new Error(`${_ex}`);
+            if (onCorruptedData)
+                return [key, onCorruptedData(key, value, error)];
+            throw error;
+        }
+    }));
+    return Object.fromEntries(KVPairs);
+};
+exports.decryptKeys = decryptKeys;

package/dist/crypto/decryptSharedData.d.ts

@@ -1,26 +1,26 @@
-import { Maxcryptor, ApplicationEncryptor } from "@raytio/maxcryptor";
-import { Encrypted, Instance } from "@raytio/types";
-/**
- * Decrypts any encrypted properties included in the supplied `instanceData`.
- * If nothing is encrypted the supplied `instanceData` is returned.
- *
- * It will reject if there are keys missing for any encrypted properties, or
- * if the encrypted data is invalid. If you don't want it to reject, you can
- * supply a `onCorruptedData` function which returns a value to use instead.
- *
- * @returns a copy of `instanceData` with all properties decrypted.
- */
-export declare const decryptSharedData: ({ instanceData, maxcryptor, apiUrl, apiToken, onCorruptedData, }: {
-    instanceData: Instance;
-    maxcryptor: Maxcryptor;
-    apiUrl: string;
-    apiToken: string;
-    /**
-     * If you supply a function, it will be called instead of throwing an error,
-     * and the value you return will be used instead of the corrupted field value.
-     */
-    onCorruptedData?: ((fieldName: string, fieldValue: Encrypted, error: Error) => any) | undefined;
-}) => Promise<{
-    instance: Instance;
-    applicationDecryptor: ApplicationEncryptor;
-}>;
+import { Maxcryptor, ApplicationEncryptor } from "@raytio/maxcryptor";
+import { Encrypted, Instance } from "@raytio/types";
+/**
+ * Decrypts any encrypted properties included in the supplied `instanceData`.
+ * If nothing is encrypted the supplied `instanceData` is returned.
+ *
+ * It will reject if there are keys missing for any encrypted properties, or
+ * if the encrypted data is invalid. If you don't want it to reject, you can
+ * supply a `onCorruptedData` function which returns a value to use instead.
+ *
+ * @returns a copy of `instanceData` with all properties decrypted.
+ */
+export declare const decryptSharedData: ({ instanceData, maxcryptor, apiUrl, apiToken, onCorruptedData, }: {
+    instanceData: Instance;
+    maxcryptor: Maxcryptor;
+    apiUrl: string;
+    apiToken: string;
+    /**
+     * If you supply a function, it will be called instead of throwing an error,
+     * and the value you return will be used instead of the corrupted field value.
+     */
+    onCorruptedData?: ((fieldName: string, fieldValue: Encrypted, error: Error) => any) | undefined;
+}) => Promise<{
+    instance: Instance;
+    applicationDecryptor: ApplicationEncryptor;
+}>;

package/dist/crypto/decryptSharedData.js

@@ -1,38 +1,38 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.decryptSharedData = void 0;
-const getAADecryptor_1 = require("./getAADecryptor");
-const decryptKeys_1 = require("./decryptKeys");
-/**
- * Decrypts any encrypted properties included in the supplied `instanceData`.
- * If nothing is encrypted the supplied `instanceData` is returned.
- *
- * It will reject if there are keys missing for any encrypted properties, or
- * if the encrypted data is invalid. If you don't want it to reject, you can
- * supply a `onCorruptedData` function which returns a value to use instead.
- *
- * @returns a copy of `instanceData` with all properties decrypted.
- */
-const decryptSharedData = async ({ instanceData, maxcryptor, apiUrl, apiToken, onCorruptedData, }) => {
-    const { decryptor: applicationDecryptor } = await (0, getAADecryptor_1.getAADecryptor)({
-        aId: instanceData.a_id,
-        maxcryptor,
-        apiUrl,
-        apiToken,
-    });
-    const instance = Object.assign(Object.assign({}, instanceData), { profile_objects: await Promise.all(instanceData.profile_objects.map(async (PO) => {
-            const realNId = PO.n_id.startsWith("HASHED::")
-                ? PO.n_id.split("::")[1]
-                : PO.n_id;
-            const keys = instanceData.keys[realNId];
-            const decryptedProperties = await (0, decryptKeys_1.decryptKeys)({
-                applicationDecryptor,
-                keys,
-                data: PO.properties,
-                onCorruptedData,
-            });
-            return Object.assign(Object.assign({}, PO), { properties: decryptedProperties });
-        })) });
-    return { instance, applicationDecryptor };
-};
-exports.decryptSharedData = decryptSharedData;
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.decryptSharedData = void 0;
+const getAADecryptor_1 = require("./getAADecryptor");
+const decryptKeys_1 = require("./decryptKeys");
+/**
+ * Decrypts any encrypted properties included in the supplied `instanceData`.
+ * If nothing is encrypted the supplied `instanceData` is returned.
+ *
+ * It will reject if there are keys missing for any encrypted properties, or
+ * if the encrypted data is invalid. If you don't want it to reject, you can
+ * supply a `onCorruptedData` function which returns a value to use instead.
+ *
+ * @returns a copy of `instanceData` with all properties decrypted.
+ */
+const decryptSharedData = async ({ instanceData, maxcryptor, apiUrl, apiToken, onCorruptedData, }) => {
+    const { decryptor: applicationDecryptor } = await (0, getAADecryptor_1.getAADecryptor)({
+        aId: instanceData.a_id,
+        maxcryptor,
+        apiUrl,
+        apiToken,
+    });
+    const instance = Object.assign(Object.assign({}, instanceData), { profile_objects: await Promise.all(instanceData.profile_objects.map(async (PO) => {
+            const realNId = PO.n_id.startsWith("HASHED::")
+                ? PO.n_id.split("::")[1]
+                : PO.n_id;
+            const keys = instanceData.keys[realNId];
+            const decryptedProperties = await (0, decryptKeys_1.decryptKeys)({
+                applicationDecryptor,
+                keys,
+                data: PO.properties,
+                onCorruptedData,
+            });
+            return Object.assign(Object.assign({}, PO), { properties: decryptedProperties });
+        })) });
+    return { instance, applicationDecryptor };
+};
+exports.decryptSharedData = decryptSharedData;

package/dist/crypto/getAADecryptor.d.ts

@@ -1,16 +1,16 @@
-import { ApplicationEncryptor, Maxcryptor } from "@raytio/maxcryptor";
-import { NId, AId } from "@raytio/types";
-/**
- * Fetchs the public and private keys for an Access Application, then initializes
- * the {@link https://npm.im/@raytio/maxcryptor|Maxcryptor}'s `ApplicationEncryptor`.
- * @returns an `ApplicationEncryptor` and the public key of the Access Application
- */
-export declare function getAADecryptor({ aId, apiUrl, maxcryptor, apiToken, }: {
-    aId: AId;
-    apiUrl: string;
-    maxcryptor: Maxcryptor;
-    apiToken: string;
-}): Promise<{
-    decryptor: ApplicationEncryptor;
-    publicKeyNId: NId;
-}>;
+import { ApplicationEncryptor, Maxcryptor } from "@raytio/maxcryptor";
+import { NId, AId } from "@raytio/types";
+/**
+ * Fetchs the public and private keys for an Access Application, then initializes
+ * the {@link https://npm.im/@raytio/maxcryptor|Maxcryptor}'s `ApplicationEncryptor`.
+ * @returns an `ApplicationEncryptor` and the public key of the Access Application
+ */
+export declare function getAADecryptor({ aId, apiUrl, maxcryptor, apiToken, }: {
+    aId: AId;
+    apiUrl: string;
+    maxcryptor: Maxcryptor;
+    apiToken: string;
+}): Promise<{
+    decryptor: ApplicationEncryptor;
+    publicKeyNId: NId;
+}>;

package/dist/crypto/getAADecryptor.js

@@ -1,20 +1,20 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getAADecryptor = void 0;
-const util_1 = require("../util");
-/**
- * Fetchs the public and private keys for an Access Application, then initializes
- * the {@link https://npm.im/@raytio/maxcryptor|Maxcryptor}'s `ApplicationEncryptor`.
- * @returns an `ApplicationEncryptor` and the public key of the Access Application
- */
-async function getAADecryptor({ aId, apiUrl, maxcryptor, apiToken, }) {
-    const { n_id: publicKeyNId, properties: publicKey } = (await fetch(`${apiUrl}/share/v2/access_application/${aId}/public_key`, {
-        headers: { Authorization: `Bearer ${apiToken}` },
-    }).then(util_1.handleResponse));
-    const privateKey = await fetch(`${apiUrl}/share/v2/access_application/public_key/${publicKeyNId}/private_key`, { headers: { Authorization: `Bearer ${apiToken}` } }).then(util_1.handleResponse);
-    return {
-        decryptor: await maxcryptor.loadApplicationEncryptorForDecryption(publicKey, privateKey),
-        publicKeyNId,
-    };
-}
-exports.getAADecryptor = getAADecryptor;
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getAADecryptor = void 0;
+const util_1 = require("../util");
+/**
+ * Fetchs the public and private keys for an Access Application, then initializes
+ * the {@link https://npm.im/@raytio/maxcryptor|Maxcryptor}'s `ApplicationEncryptor`.
+ * @returns an `ApplicationEncryptor` and the public key of the Access Application
+ */
+async function getAADecryptor({ aId, apiUrl, maxcryptor, apiToken, }) {
+    const { n_id: publicKeyNId, properties: publicKey } = (await fetch(`${apiUrl}/share/v2/access_application/${aId}/public_key`, {
+        headers: { Authorization: `Bearer ${apiToken}` },
+    }).then(util_1.handleResponse));
+    const privateKey = await fetch(`${apiUrl}/share/v2/access_application/public_key/${publicKeyNId}/private_key`, { headers: { Authorization: `Bearer ${apiToken}` } }).then(util_1.handleResponse);
+    return {
+        decryptor: await maxcryptor.loadApplicationEncryptorForDecryption(publicKey, privateKey),
+        publicKeyNId,
+    };
+}
+exports.getAADecryptor = getAADecryptor;

package/dist/crypto/helpers.d.ts

@@ -1,18 +1,18 @@
-import { Encrypted } from "@raytio/types";
-/**
- * Determines where the input is an encrypted Raytio object
- * @param value anything
- * @returns true or false depending on whether the input is an encrypted Raytio object
- */
-export declare const isEncrypted: (value: unknown) => value is Encrypted<string>;
-/**
- * Determines where the input is an encrypted Raytio file
- * @param value anything
- * @returns true or false depending on whether the input is an encrypted Raytio file
- */
-export declare const isEncryptedFile: (value: unknown) => value is Encrypted<string>;
-/**
- * Given a profile object's properties, returns the number
- * of properties that are encryted.
- */
-export declare const someEncrypted: <T extends object, K extends keyof T>(obj: T) => number;
+import { Encrypted } from "@raytio/types";
+/**
+ * Determines where the input is an encrypted Raytio object
+ * @param value anything
+ * @returns true or false depending on whether the input is an encrypted Raytio object
+ */
+export declare const isEncrypted: (value: unknown) => value is Encrypted;
+/**
+ * Determines where the input is an encrypted Raytio file
+ * @param value anything
+ * @returns true or false depending on whether the input is an encrypted Raytio file
+ */
+export declare const isEncryptedFile: (value: unknown) => value is Encrypted;
+/**
+ * Given a profile object's properties, returns the number
+ * of properties that are encryted.
+ */
+export declare const someEncrypted: <T extends object, K extends keyof T>(obj: T) => number;