@terminal3/t3n-sdk 0.12.1 → 0.13.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/demo.d.ts +1 -1
- package/dist/index.d.ts +41 -4
- package/dist/index.esm.js +1 -1
- package/dist/index.js +1 -1
- package/dist/src/client/config.d.ts +1 -3
- package/dist/src/client/t3n-client.d.ts +31 -2
- package/dist/src/client/transport.d.ts +10 -0
- package/dist/wasm/generated/session.core.wasm +0 -0
- package/package.json +1 -1
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
* Configuration types for T3n Client
|
|
3
3
|
*/
|
|
4
4
|
import { WasmComponent } from "../wasm";
|
|
5
|
-
import {
|
|
5
|
+
import { GuestToHostHandlers } from "../types";
|
|
6
6
|
import { Logger, LogLevel } from "../utils/logger";
|
|
7
7
|
import { Transport } from "./transport";
|
|
8
8
|
/**
|
|
@@ -15,8 +15,6 @@ export interface T3nClientConfig {
|
|
|
15
15
|
wasmComponent: WasmComponent;
|
|
16
16
|
/** Optional transport layer - if not provided, uses HttpTransport with baseUrl */
|
|
17
17
|
transport?: Transport;
|
|
18
|
-
/** Optional session ID - will be generated if not provided */
|
|
19
|
-
sessionId?: SessionId;
|
|
20
18
|
/** Optional request timeout in milliseconds (default: 30000) - used for HttpTransport */
|
|
21
19
|
timeout?: number;
|
|
22
20
|
/** Optional custom headers to include in requests */
|
|
@@ -12,7 +12,22 @@ import { SessionId, Did, SessionStatus, AuthInput, HandshakeResult } from "../ty
|
|
|
12
12
|
export declare class T3nClient {
|
|
13
13
|
private readonly config;
|
|
14
14
|
private readonly transport;
|
|
15
|
-
|
|
15
|
+
/**
|
|
16
|
+
* Server-minted session ID, set by {@link handshake} from the
|
|
17
|
+
* `Session-Id` response header (pentest M-1 / MAT-983). `null`
|
|
18
|
+
* until the handshake completes. Client code cannot set it — the
|
|
19
|
+
* former `config.sessionId` hook was the session-fixation vector
|
|
20
|
+
* this fix closes.
|
|
21
|
+
*/
|
|
22
|
+
private sessionId;
|
|
23
|
+
/**
|
|
24
|
+
* Set by {@link sendRpcRequest} when an `auth.handshake` RPC is
|
|
25
|
+
* actually issued. Decouples the "flow completed without talking
|
|
26
|
+
* to a server" case (unit-test mocks that only exercise handler
|
|
27
|
+
* delegation) from the real "server must mint the id" invariant:
|
|
28
|
+
* we only enforce the mint requirement when a round-trip happened.
|
|
29
|
+
*/
|
|
30
|
+
private handshakeSentRpc;
|
|
16
31
|
private readonly logger;
|
|
17
32
|
private readonly encryption;
|
|
18
33
|
private status;
|
|
@@ -71,7 +86,11 @@ export declare class T3nClient {
|
|
|
71
86
|
* Execute an action on the T3n node
|
|
72
87
|
*/
|
|
73
88
|
execute(payload: unknown): Promise<string>;
|
|
74
|
-
|
|
89
|
+
/**
|
|
90
|
+
* The server-minted session ID once handshake has completed, or
|
|
91
|
+
* `null` beforehand (pentest M-1 / MAT-983).
|
|
92
|
+
*/
|
|
93
|
+
getSessionId(): SessionId | null;
|
|
75
94
|
getStatus(): SessionStatus;
|
|
76
95
|
getDid(): Did | null;
|
|
77
96
|
getLastSetCookie(): string | null;
|
|
@@ -129,6 +148,16 @@ export declare class T3nClient {
|
|
|
129
148
|
* Send an RPC request with automatic encryption/decryption
|
|
130
149
|
*/
|
|
131
150
|
private sendRpcRequest;
|
|
151
|
+
/**
|
|
152
|
+
* Capture the server-minted `Session-Id` from the last handshake
|
|
153
|
+
* response headers (pentest M-1 / MAT-983). Validates shape so a
|
|
154
|
+
* broken or MITM'd response fails loudly instead of leaving a
|
|
155
|
+
* garbage value in the client. Idempotent: only the first valid
|
|
156
|
+
* mint per session is honoured — subsequent handshake RPC legs
|
|
157
|
+
* (none exist today, but the state-machine loop can iterate) do
|
|
158
|
+
* not overwrite an already-set value.
|
|
159
|
+
*/
|
|
160
|
+
private captureMintedSessionId;
|
|
132
161
|
/**
|
|
133
162
|
* Get the finalized session blob (for `session.encrypt` calls).
|
|
134
163
|
* Populated by `tryFinalize` once the handshake state machine
|
|
@@ -76,15 +76,25 @@ export declare class HttpTransport implements Transport {
|
|
|
76
76
|
*/
|
|
77
77
|
export declare class MockTransport implements Transport {
|
|
78
78
|
private responses;
|
|
79
|
+
private responseHeaders;
|
|
80
|
+
private lastResponseHeaders;
|
|
79
81
|
private requests;
|
|
80
82
|
/**
|
|
81
83
|
* Mock a response for a specific method
|
|
82
84
|
*/
|
|
83
85
|
mockResponse(method: string, response: Partial<JsonRpcResponse>): void;
|
|
86
|
+
/**
|
|
87
|
+
* Mock response headers for a specific method. Used by tests to
|
|
88
|
+
* simulate the server-minted `Session-Id` header the SDK picks up
|
|
89
|
+
* from the `auth.handshake` response (MAT-983). Unset methods
|
|
90
|
+
* default to no headers.
|
|
91
|
+
*/
|
|
92
|
+
mockResponseHeaders(method: string, headers: Record<string, string>): void;
|
|
84
93
|
/**
|
|
85
94
|
* Mock an error response for a specific method
|
|
86
95
|
*/
|
|
87
96
|
mockError(method: string, code: number, message: string, data?: unknown): void;
|
|
97
|
+
getLastResponseHeaders(): Record<string, string>;
|
|
88
98
|
/**
|
|
89
99
|
* Get all requests that were sent
|
|
90
100
|
*/
|
|
Binary file
|