@rine-network/core 0.5.1 → 0.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js
CHANGED
|
@@ -1857,6 +1857,50 @@ async function fetchAndIngestPendingSKDistributions(client, configDir, agentId,
|
|
|
1857
1857
|
return ingested;
|
|
1858
1858
|
}
|
|
1859
1859
|
//#endregion
|
|
1860
|
+
//#region src/group-invite-ops.ts
|
|
1861
|
+
/**
|
|
1862
|
+
* Message type for the best-effort group-invite notification DM.
|
|
1863
|
+
*
|
|
1864
|
+
* Underscore-namespaced like `rine.v1.sender_key_distribution`. Sealed by the
|
|
1865
|
+
* inviter and delivered to the invitee's normal inbox; it is a convenience
|
|
1866
|
+
* nudge — `GET /groups/invites` is the authoritative source of truth.
|
|
1867
|
+
*/
|
|
1868
|
+
const GROUP_INVITE_TYPE = "rine.v1.group_invite";
|
|
1869
|
+
/**
|
|
1870
|
+
* Seal a `rine.v1.group_invite` notification to the invitee and POST it.
|
|
1871
|
+
*
|
|
1872
|
+
* Reuses the 1:1 DM crypto path (`fetchRecipientKeys` + `encryptMessage`), so
|
|
1873
|
+
* hybrid PQ is auto-negotiated when the invitee publishes an ML-KEM key. The
|
|
1874
|
+
* sealed payload carries `invited_by = inviterAgentId` (also cryptographically
|
|
1875
|
+
* bound via the sender signature). `X-Rine-Agent` selects the inviter as sender.
|
|
1876
|
+
*
|
|
1877
|
+
* Best-effort by contract: callers wrap this so a failure (e.g. groups_only
|
|
1878
|
+
* 403, missing keys) warns but never fails the invite.
|
|
1879
|
+
*/
|
|
1880
|
+
async function sendGroupInviteNotification(client, configDir, inviterAgentId, inviteeAgentId, invite) {
|
|
1881
|
+
const recipientKeys = await fetchRecipientKeys(client, inviteeAgentId);
|
|
1882
|
+
const payload = {
|
|
1883
|
+
group_id: invite.group_id,
|
|
1884
|
+
group_handle: invite.group_handle,
|
|
1885
|
+
invited_by: inviterAgentId,
|
|
1886
|
+
message: invite.message
|
|
1887
|
+
};
|
|
1888
|
+
const encrypted = await encryptMessage(configDir, inviterAgentId, recipientKeys.encryption, payload, recipientKeys.pqEncryption);
|
|
1889
|
+
await client.post("/messages", {
|
|
1890
|
+
to_agent_id: inviteeAgentId,
|
|
1891
|
+
type: GROUP_INVITE_TYPE,
|
|
1892
|
+
...encrypted
|
|
1893
|
+
}, { "X-Rine-Agent": inviterAgentId });
|
|
1894
|
+
}
|
|
1895
|
+
/**
|
|
1896
|
+
* List the calling agent's open group invites via the authoritative pull
|
|
1897
|
+
* endpoint `GET /groups/invites`. `extraHeaders` lets multi-agent orgs pass
|
|
1898
|
+
* `X-Rine-Agent` to disambiguate which agent's invites to list.
|
|
1899
|
+
*/
|
|
1900
|
+
async function listMyInvites(client, extraHeaders) {
|
|
1901
|
+
return (await client.get("/groups/invites", void 0, extraHeaders)).items;
|
|
1902
|
+
}
|
|
1903
|
+
//#endregion
|
|
1860
1904
|
//#region src/mls-ops.ts
|
|
1861
1905
|
/**
|
|
1862
1906
|
* Generate and upload MLS key packages for an agent, enabling other agents
|
|
@@ -2039,4 +2083,4 @@ async function performAgentCreation(client, configDir, profile, params) {
|
|
|
2039
2083
|
return agent;
|
|
2040
2084
|
}
|
|
2041
2085
|
//#endregion
|
|
2042
|
-
export { DEFAULT_API_URL, HttpClient, MLKEM_CT_SIZE, MLS_CIPHER_SUITE_ID, RineApiError, UUID_RE, VERSION_HYBRID, VERSION_MLS, addMemberToMlsGroup, addMlsGroupMember, advanceChain, agentIdFromKid, agentKeysExist, bytesToUuid, cacheMlsSelfRead, cacheToken, claimKeyPackages, createMlsGroup, decodeEnvelope, decryptGroupMessage, decryptMessage, decryptMlsAppMessage, deleteMlsState, deletePrivateKeyPackage, deriveMessageKey, distributeSenderKey, encodeEnvelope, encryptGroupMessage, encryptMessage, encryptMlsAppMessage, encryptMlsGroupMessage, encryptionPublicKeyToJWK, externalJoinMlsGroup, fetchAgents, fetchAndIngestPendingSKDistributions, fetchGroupInfo, fetchHandshakes, fetchOAuthToken, fetchRecipientKeys, fetchWelcomes, formatError, fromBase64Url, generateAgentKeys, generateEncryptionKeyPair, generateMlsKeyPackage, generatePqKeyPair, generateSenderKey, generateSigningKeyPair, getAgentPublicKeys, getCredentialEntry, getMlsCipherSuite, getMlsContext, getOrCreateSenderKey, getOrRefreshToken, ingestSenderKeyDistribution, initMlsGroup, isBareAgentName, jwkToPqPublicKey, jwkToPublicKey, listPrivateKeyPackages, loadAgentKeys, loadCredentials, loadMlsState, loadPrivateKeyPackage, loadSenderKeyStates, loadTokenCache, lookupMlsSelfRead, mlsAck, mlsCommit, fromBase64 as mlsFromBase64, mlsInit, mlsNack, toBase64 as mlsToBase64, needsRotation, normalizeHandle, open, openGroup, openHybrid, performAgentCreation, performRegistration, pqPublicKeyToJWK, processMlsCommit, processMlsWelcome, processMlsWelcomes, publishMlsKeyPackages, removeMemberFromMlsGroup, removeMlsGroupMember, resolveAgent, resolveApiUrl, resolveConfigDir, resolveHandleViaWebFinger, resolveToUuid, saveAgentKeys, saveCredentials, saveMlsState, savePqEncryptionKey, savePrivateKeyPackages, saveSenderKeyState, saveTokenCache, seal, sealGroup, sealHybrid, signPayload, signingPublicKeyToJWK, solveTimeLock, solveTimeLockWithProgress, submitProposal, syncMlsGroup, toBase64Url, uploadKeyPackages, uuidToBytes, validateEncryptionKey, validatePathId, validateSigningKey, validateSlug, verifySignature };
|
|
2086
|
+
export { DEFAULT_API_URL, GROUP_INVITE_TYPE, HttpClient, MLKEM_CT_SIZE, MLS_CIPHER_SUITE_ID, RineApiError, UUID_RE, VERSION_HYBRID, VERSION_MLS, addMemberToMlsGroup, addMlsGroupMember, advanceChain, agentIdFromKid, agentKeysExist, bytesToUuid, cacheMlsSelfRead, cacheToken, claimKeyPackages, createMlsGroup, decodeEnvelope, decryptGroupMessage, decryptMessage, decryptMlsAppMessage, deleteMlsState, deletePrivateKeyPackage, deriveMessageKey, distributeSenderKey, encodeEnvelope, encryptGroupMessage, encryptMessage, encryptMlsAppMessage, encryptMlsGroupMessage, encryptionPublicKeyToJWK, externalJoinMlsGroup, fetchAgents, fetchAndIngestPendingSKDistributions, fetchGroupInfo, fetchHandshakes, fetchOAuthToken, fetchRecipientKeys, fetchWelcomes, formatError, fromBase64Url, generateAgentKeys, generateEncryptionKeyPair, generateMlsKeyPackage, generatePqKeyPair, generateSenderKey, generateSigningKeyPair, getAgentPublicKeys, getCredentialEntry, getMlsCipherSuite, getMlsContext, getOrCreateSenderKey, getOrRefreshToken, ingestSenderKeyDistribution, initMlsGroup, isBareAgentName, jwkToPqPublicKey, jwkToPublicKey, listMyInvites, listPrivateKeyPackages, loadAgentKeys, loadCredentials, loadMlsState, loadPrivateKeyPackage, loadSenderKeyStates, loadTokenCache, lookupMlsSelfRead, mlsAck, mlsCommit, fromBase64 as mlsFromBase64, mlsInit, mlsNack, toBase64 as mlsToBase64, needsRotation, normalizeHandle, open, openGroup, openHybrid, performAgentCreation, performRegistration, pqPublicKeyToJWK, processMlsCommit, processMlsWelcome, processMlsWelcomes, publishMlsKeyPackages, removeMemberFromMlsGroup, removeMlsGroupMember, resolveAgent, resolveApiUrl, resolveConfigDir, resolveHandleViaWebFinger, resolveToUuid, saveAgentKeys, saveCredentials, saveMlsState, savePqEncryptionKey, savePrivateKeyPackages, saveSenderKeyState, saveTokenCache, seal, sealGroup, sealHybrid, sendGroupInviteNotification, signPayload, signingPublicKeyToJWK, solveTimeLock, solveTimeLockWithProgress, submitProposal, syncMlsGroup, toBase64Url, uploadKeyPackages, uuidToBytes, validateEncryptionKey, validatePathId, validateSigningKey, validateSlug, verifySignature };
|
package/dist/src/api-types.d.ts
CHANGED
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
import type { JoinRequestRead } from "./api-types.js";
|
|
2
|
+
import type { HttpClient } from "./http.js";
|
|
3
|
+
/**
|
|
4
|
+
* Message type for the best-effort group-invite notification DM.
|
|
5
|
+
*
|
|
6
|
+
* Underscore-namespaced like `rine.v1.sender_key_distribution`. Sealed by the
|
|
7
|
+
* inviter and delivered to the invitee's normal inbox; it is a convenience
|
|
8
|
+
* nudge — `GET /groups/invites` is the authoritative source of truth.
|
|
9
|
+
*/
|
|
10
|
+
export declare const GROUP_INVITE_TYPE = "rine.v1.group_invite";
|
|
11
|
+
/** Cleartext fields the inviter supplies for the sealed invite payload. */
|
|
12
|
+
export interface GroupInvitePayload {
|
|
13
|
+
group_id: string;
|
|
14
|
+
group_handle: string;
|
|
15
|
+
message: string | null;
|
|
16
|
+
}
|
|
17
|
+
/**
|
|
18
|
+
* Seal a `rine.v1.group_invite` notification to the invitee and POST it.
|
|
19
|
+
*
|
|
20
|
+
* Reuses the 1:1 DM crypto path (`fetchRecipientKeys` + `encryptMessage`), so
|
|
21
|
+
* hybrid PQ is auto-negotiated when the invitee publishes an ML-KEM key. The
|
|
22
|
+
* sealed payload carries `invited_by = inviterAgentId` (also cryptographically
|
|
23
|
+
* bound via the sender signature). `X-Rine-Agent` selects the inviter as sender.
|
|
24
|
+
*
|
|
25
|
+
* Best-effort by contract: callers wrap this so a failure (e.g. groups_only
|
|
26
|
+
* 403, missing keys) warns but never fails the invite.
|
|
27
|
+
*/
|
|
28
|
+
export declare function sendGroupInviteNotification(client: HttpClient, configDir: string, inviterAgentId: string, inviteeAgentId: string, invite: GroupInvitePayload): Promise<void>;
|
|
29
|
+
/**
|
|
30
|
+
* List the calling agent's open group invites via the authoritative pull
|
|
31
|
+
* endpoint `GET /groups/invites`. `extraHeaders` lets multi-agent orgs pass
|
|
32
|
+
* `X-Rine-Agent` to disambiguate which agent's invites to list.
|
|
33
|
+
*/
|
|
34
|
+
export declare function listMyInvites(client: HttpClient, extraHeaders?: Record<string, string>): Promise<JoinRequestRead[]>;
|
package/dist/src/index.d.ts
CHANGED
|
@@ -7,6 +7,7 @@ export * from "./resolve-handle.js";
|
|
|
7
7
|
export * from "./resolve-agent.js";
|
|
8
8
|
export * from "./timelock.js";
|
|
9
9
|
export * from "./sender-key-ops.js";
|
|
10
|
+
export * from "./group-invite-ops.js";
|
|
10
11
|
export * from "./crypto/index.js";
|
|
11
12
|
export * from "./mls-ops.js";
|
|
12
13
|
export { externalJoinMlsGroup } from "./mls-ops.js";
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export {};
|