npm - @tinycloud/node-sdk - Versions diffs - 2.2.0-beta.11 → 2.2.0-beta.12 - Mend

@tinycloud/node-sdk 2.2.0-beta.11 → 2.2.0-beta.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist/{core-BSqBtkg3.d.cts → core-M5RMfMIi.d.cts} +41 -0
package/dist/{core-BSqBtkg3.d.ts → core-M5RMfMIi.d.ts} +41 -0
package/dist/core.cjs +50 -4
package/dist/core.cjs.map +1 -1
package/dist/core.d.cts +2 -2
package/dist/core.d.ts +2 -2
package/dist/core.js +54 -5
package/dist/core.js.map +1 -1
package/dist/index.cjs +50 -4
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +2 -2
package/dist/index.d.ts +2 -2
package/dist/index.js +54 -5
package/dist/index.js.map +1 -1
package/package.json +3 -3

package/dist/{core-BSqBtkg3.d.cts → core-M5RMfMIi.d.cts} RENAMED Viewed

@@ -321,6 +321,19 @@ declare class NodeUserAuthorization implements IUserAuthorization {
      * Includes spaceId, delegationHeader, and delegationCid.
      */
     get tinyCloudSession(): TinyCloudSession | undefined;
+    /**
+     * Rehydrate the auth-layer session from previously-persisted delegation
+     * data. Used by {@link TinyCloudNode.restoreSession} so that downstream
+     * surfaces that read from `tinyCloudSession` (notably
+     * `grantRuntimePermissions`, which extracts the SIWE expiry from it) work
+     * without re-running the full sign-in flow.
+     *
+     * Caller must supply the same fields that `signIn` would have written —
+     * `siwe` is the load-bearing one because `extractSiweExpiration` returns
+     * undefined for missing SIWEs and the SDK then treats the session as
+     * expired-at-epoch-zero.
+     */
+    setRestoredTinyCloudSession(session: TinyCloudSession): void;
     private resolveTinyCloudHostsForSignIn;
     private requireTinyCloudHosts;
     private get primaryTinyCloudHost();
@@ -793,6 +806,13 @@ declare class TinyCloudNode {
     private _delegationManager?;
     private _spaceService?;
     private runtimePermissionGrants;
+    /**
+     * TinyCloudSession captured by {@link restoreSession} when there's no
+     * auth-layer signer available (session-only mode used by OpenKey-backed
+     * CLI restores, public-space replays, …). Read by
+     * {@link currentTinyCloudSession} as a fallback for `auth.tinyCloudSession`.
+     */
+    private _restoredTcSession?;
     private get nodeFeatures();
     /** SIWE domain — uses config override or defaults to app.tinycloud.xyz */
     private get siweDomain();
@@ -909,7 +929,28 @@ declare class TinyCloudNode {
         verificationMethod: string;
         address?: string;
         chainId?: number;
+        /**
+         * The SIWE message that authorized this session. Required for
+         * downstream operations that need the session's expiry (e.g.
+         * {@link grantRuntimePermissions}). When omitted the SDK can still
+         * invoke services with the existing delegation, but anything that
+         * reads `auth.tinyCloudSession.siwe` will treat the session as
+         * expired-at-epoch-zero.
+         */
+        siwe?: string;
+        /**
+         * The wallet/OpenKey signature over `siwe`. Optional because the
+         * runtime doesn't re-verify it — it's persisted alongside the SIWE
+         * for callers that need to round-trip the full session shape.
+         */
+        signature?: string;
     }): Promise<void>;
+    /**
+     * Resolve the currently-active TinyCloudSession, preferring the auth
+     * layer's value (wallet mode) and falling back to the node-level
+     * rehydration set by {@link restoreSession} (session-only mode).
+     */
+    private currentTinyCloudSession;
     /**
      * Connect a wallet to upgrade from session-only mode to wallet mode.
      *

package/dist/{core-BSqBtkg3.d.ts → core-M5RMfMIi.d.ts} RENAMED Viewed

@@ -321,6 +321,19 @@ declare class NodeUserAuthorization implements IUserAuthorization {
      * Includes spaceId, delegationHeader, and delegationCid.
      */
     get tinyCloudSession(): TinyCloudSession | undefined;
+    /**
+     * Rehydrate the auth-layer session from previously-persisted delegation
+     * data. Used by {@link TinyCloudNode.restoreSession} so that downstream
+     * surfaces that read from `tinyCloudSession` (notably
+     * `grantRuntimePermissions`, which extracts the SIWE expiry from it) work
+     * without re-running the full sign-in flow.
+     *
+     * Caller must supply the same fields that `signIn` would have written —
+     * `siwe` is the load-bearing one because `extractSiweExpiration` returns
+     * undefined for missing SIWEs and the SDK then treats the session as
+     * expired-at-epoch-zero.
+     */
+    setRestoredTinyCloudSession(session: TinyCloudSession): void;
     private resolveTinyCloudHostsForSignIn;
     private requireTinyCloudHosts;
     private get primaryTinyCloudHost();
@@ -793,6 +806,13 @@ declare class TinyCloudNode {
     private _delegationManager?;
     private _spaceService?;
     private runtimePermissionGrants;
+    /**
+     * TinyCloudSession captured by {@link restoreSession} when there's no
+     * auth-layer signer available (session-only mode used by OpenKey-backed
+     * CLI restores, public-space replays, …). Read by
+     * {@link currentTinyCloudSession} as a fallback for `auth.tinyCloudSession`.
+     */
+    private _restoredTcSession?;
     private get nodeFeatures();
     /** SIWE domain — uses config override or defaults to app.tinycloud.xyz */
     private get siweDomain();
@@ -909,7 +929,28 @@ declare class TinyCloudNode {
         verificationMethod: string;
         address?: string;
         chainId?: number;
+        /**
+         * The SIWE message that authorized this session. Required for
+         * downstream operations that need the session's expiry (e.g.
+         * {@link grantRuntimePermissions}). When omitted the SDK can still
+         * invoke services with the existing delegation, but anything that
+         * reads `auth.tinyCloudSession.siwe` will treat the session as
+         * expired-at-epoch-zero.
+         */
+        siwe?: string;
+        /**
+         * The wallet/OpenKey signature over `siwe`. Optional because the
+         * runtime doesn't re-verify it — it's persisted alongside the SIWE
+         * for callers that need to round-trip the full session shape.
+         */
+        signature?: string;
     }): Promise<void>;
+    /**
+     * Resolve the currently-active TinyCloudSession, preferring the auth
+     * layer's value (wallet mode) and falling back to the node-level
+     * rehydration set by {@link restoreSession} (session-only mode).
+     */
+    private currentTinyCloudSession;
     /**
      * Connect a wallet to upgrade from session-only mode to wallet mode.
      *

package/dist/core.cjs CHANGED Viewed

@@ -27,6 +27,7 @@ __export(core_exports, {
   CapabilityKeyRegistryErrorCodes: () => import_sdk_core15.CapabilityKeyRegistryErrorCodes,
   DEFAULT_MANIFEST_SPACE: () => import_sdk_core9.DEFAULT_MANIFEST_SPACE,
   DEFAULT_MANIFEST_VERSION: () => import_sdk_core9.DEFAULT_MANIFEST_VERSION,
+  DEFAULT_SIGNED_READ_URL_EXPIRY_MS: () => import_sdk_core10.DEFAULT_SIGNED_READ_URL_EXPIRY_MS,
   DataVaultService: () => import_sdk_core13.DataVaultService,
   DatabaseHandle: () => import_sdk_core11.DatabaseHandle,
   DelegatedAccess: () => DelegatedAccess,
@@ -396,6 +397,23 @@ var NodeUserAuthorization = class {
   get tinyCloudSession() {
     return this._tinyCloudSession;
   }
+  /**
+   * Rehydrate the auth-layer session from previously-persisted delegation
+   * data. Used by {@link TinyCloudNode.restoreSession} so that downstream
+   * surfaces that read from `tinyCloudSession` (notably
+   * `grantRuntimePermissions`, which extracts the SIWE expiry from it) work
+   * without re-running the full sign-in flow.
+   *
+   * Caller must supply the same fields that `signIn` would have written —
+   * `siwe` is the load-bearing one because `extractSiweExpiration` returns
+   * undefined for missing SIWEs and the SDK then treats the session as
+   * expired-at-epoch-zero.
+   */
+  setRestoredTinyCloudSession(session) {
+    this._tinyCloudSession = session;
+    this._address = session.address;
+    this._chainId = session.chainId;
+  }
   async resolveTinyCloudHostsForSignIn(address, chainId) {
     if (this.tinycloudHosts && this.tinycloudHosts.length > 0) {
       return;
@@ -1813,6 +1831,33 @@ var _TinyCloudNode = class _TinyCloudNode {
     this._vault.initialize(this._serviceContext);
     this._serviceContext.registerService("vault", this._vault);
     this.initializeV2Services(serviceSession);
+    if (sessionData.siwe && sessionData.address && sessionData.chainId) {
+      const tcSession = {
+        address: sessionData.address,
+        chainId: sessionData.chainId,
+        sessionKey: JSON.stringify(sessionData.jwk),
+        spaceId: sessionData.spaceId,
+        delegationCid: sessionData.delegationCid,
+        delegationHeader: sessionData.delegationHeader,
+        verificationMethod: sessionData.verificationMethod,
+        jwk: sessionData.jwk,
+        siwe: sessionData.siwe,
+        signature: sessionData.signature ?? ""
+      };
+      if (this.auth) {
+        this.auth.setRestoredTinyCloudSession(tcSession);
+      } else {
+        this._restoredTcSession = tcSession;
+      }
+    }
+  }
+  /**
+   * Resolve the currently-active TinyCloudSession, preferring the auth
+   * layer's value (wallet mode) and falling back to the node-level
+   * rehydration set by {@link restoreSession} (session-only mode).
+   */
+  currentTinyCloudSession() {
+    return this.auth?.tinyCloudSession ?? this._restoredTcSession;
   }
   /**
    * Connect a wallet to upgrade from session-only mode to wallet mode.
@@ -2487,7 +2532,7 @@ var _TinyCloudNode = class _TinyCloudNode {
    * every requested permission.
    */
   hasRuntimePermissions(permissions) {
-    const session = this.auth?.tinyCloudSession;
+    const session = this.currentTinyCloudSession();
     if (!session || !Array.isArray(permissions) || permissions.length === 0) {
       return false;
     }
@@ -2507,7 +2552,7 @@ var _TinyCloudNode = class _TinyCloudNode {
     if (permissions === void 0) {
       return this.runtimePermissionGrants.map((grant) => grant.delegation);
     }
-    const session = this.auth?.tinyCloudSession;
+    const session = this.currentTinyCloudSession();
     if (!session || !Array.isArray(permissions) || permissions.length === 0) {
       return [];
     }
@@ -2521,7 +2566,7 @@ var _TinyCloudNode = class _TinyCloudNode {
    * matching service calls and downstream `delegateTo()` calls can use it.
    */
   async useRuntimeDelegation(delegation) {
-    const session = this.auth?.tinyCloudSession;
+    const session = this.currentTinyCloudSession();
     if (!session) {
       throw new import_sdk_core6.SessionExpiredError(/* @__PURE__ */ new Date(0));
     }
@@ -2560,7 +2605,7 @@ var _TinyCloudNode = class _TinyCloudNode {
     if (!Array.isArray(permissions) || permissions.length === 0) {
       throw new Error("grantRuntimePermissions requires a non-empty permissions array");
     }
-    const session = this.auth?.tinyCloudSession;
+    const session = this.currentTinyCloudSession();
     if (!session) {
       throw new import_sdk_core6.SessionExpiredError(/* @__PURE__ */ new Date(0));
     }
@@ -3847,6 +3892,7 @@ var import_sdk_core18 = require("@tinycloud/sdk-core");
   CapabilityKeyRegistryErrorCodes,
   DEFAULT_MANIFEST_SPACE,
   DEFAULT_MANIFEST_VERSION,
+  DEFAULT_SIGNED_READ_URL_EXPIRY_MS,
   DataVaultService,
   DatabaseHandle,
   DelegatedAccess,