@tinycloud/node-sdk 2.2.1-beta.1 → 2.3.0-beta.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{core-CWdCZ8q6.d.cts → core-CNyXnUx9.d.cts} +0 -1
- package/dist/{core-CWdCZ8q6.d.ts → core-CNyXnUx9.d.ts} +0 -1
- package/dist/core.cjs +67 -39
- package/dist/core.cjs.map +1 -1
- package/dist/core.d.cts +2 -2
- package/dist/core.d.ts +2 -2
- package/dist/core.js +76 -42
- package/dist/core.js.map +1 -1
- package/dist/index.cjs +67 -39
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +2 -2
- package/dist/index.d.ts +2 -2
- package/dist/index.js +76 -42
- package/dist/index.js.map +1 -1
- package/package.json +2 -2
package/dist/core.d.cts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { ACCOUNT_REGISTRY_PATH, ACCOUNT_REGISTRY_SPACE, AutoApproveSpaceCreationHandler, AutoRejectStrategy, AutoSignStrategy, BatchOptions, BatchResponse, CallbackStrategy, CapabilityEntry, CapabilityKeyRegistry, CapabilityKeyRegistryErrorCode, CapabilityKeyRegistryErrorCodes, ClientSession, ColumnInfo, ComposeManifestOptions, ComposedManifestRequest, CreateDelegationParams, DEFAULT_MANIFEST_SPACE, DEFAULT_MANIFEST_VERSION, DEFAULT_SIGNED_READ_URL_EXPIRY_MS, DataVaultConfig, DataVaultService, DatabaseHandle, Delegation, DelegationChain, DelegationChainV2, DelegationDirection, DelegationError, DelegationErrorCode, DelegationErrorCodes, DelegationFilters, DelegationManager, DelegationManagerConfig, DelegationRecord, DelegationResult, DuckDbAction, DuckDbActionType, DuckDbBatchOptions, DuckDbBatchResponse, DuckDbDatabaseHandle, DuckDbExecuteOptions, DuckDbExecuteResponse, DuckDbOptions, DuckDbQueryOptions, DuckDbQueryResponse, DuckDbService, DuckDbServiceConfig, DuckDbStatement, DuckDbValue, EncodedShareData, ExecuteOptions, ExecuteResponse, Extension, FetchFunction, GenerateShareParams, ICapabilityKeyRegistry, IDataVaultService, IDatabaseHandle, IDuckDbDatabaseHandle, IDuckDbService, IENSResolver, IKVService, INotificationHandler, IPrefixedKVService, ISQLService, ISecretsService, ISessionManager, ISessionStorage, ISharingService, ISigner, ISpace, ISpaceCreationHandler, ISpaceScopedDelegations, ISpaceScopedSharing, ISpaceService, IUserAuthorization, IWasmBindings, IngestOptions, InvokeFunction, JWK, KVCreateSignedReadUrlOptions, KVResponse, KVService, KVServiceConfig, KVSignedReadUrlResponse, KeyInfo, KeyProvider, KeyType, Manifest, ManifestDefaults, ManifestRegistryRecord, ManifestSecretActions, ManifestValidationError, PermissionEntry, PermissionNotInManifestError, PersistedSessionData, PrefixedKVService, ProtocolMismatchError, QueryOptions, QueryResponse, ReceiveOptions, ResolvedCapabilities, ResolvedDelegate, ResolvedSecretPath, ResourceCapability, SECRET_NAME_RE, SQLAction, SQLActionType, SQLService, SQLServiceConfig, SchemaInfo, SecretPayload, SecretScopeOptions, SecretsError, SecretsService, ServiceContext, ServiceContextConfig, ServiceSession, SessionExpiredError, ShareAccess, ShareLink, ShareLinkData, ShareSchema, SharingService, SharingServiceConfig, SignCallback, SignInOptions, SignRequest, SignResponse, SilentNotificationHandler, Space, SpaceAbilitiesMap, SpaceConfig, SpaceCreationContext, SpaceErrorCode, SpaceErrorCodes, SpaceInfo, SpaceOwnership, SpaceService, SpaceServiceConfig, SqlStatement, SqlValue, StoredDelegationChain, TableInfo, TinyCloud, TinyCloudConfig, TinyCloudSession, UnsupportedFeatureError, VAULT_PERMISSION_SERVICE, VaultCrypto, VaultEntry, VaultError, VaultGetOptions, VaultGrantOptions, VaultHeaders, VaultListOptions, VaultPublicSpaceKVActions, VaultPutOptions, VersionCheckError, ViewInfo, WasmVaultFunctions, buildSpaceUri, canonicalizeSecretScope, checkNodeInfo, composeManifestRequest, createCapabilityKeyRegistry, createSharingService, createSpaceService, createVaultCrypto, defaultSpaceCreationHandler, expandActionShortNames, expandPermissionEntries, expandPermissionEntry, isCapabilitySubset, loadManifest, makePublicSpaceId, parseExpiry, parseSpaceUri, resolveManifest, resolveSecretListPrefix, resolveSecretPath, resourceCapabilitiesToSpaceAbilitiesMap, validateManifest } from '@tinycloud/sdk-core';
|
|
2
|
-
export { D as DelegateToOptions, a as DelegateToResult, b as DelegatedAccess, F as FileSessionStorage, M as MemorySessionStorage, N as NodeEventEmitterStrategy, c as NodeUserAuthorization, d as NodeUserAuthorizationConfig, P as PortableDelegation, e as RuntimePermissionGrantOptions, S as SignStrategy, T as TinyCloudNode, f as TinyCloudNodeConfig, W as WasmKeyProvider, g as WasmKeyProviderConfig, h as createWasmKeyProvider, i as defaultSignStrategy, j as deserializeDelegation, s as serializeDelegation } from './core-
|
|
1
|
+
export { ACCOUNT_REGISTRY_PATH, ACCOUNT_REGISTRY_SPACE, AutoApproveSpaceCreationHandler, AutoRejectStrategy, AutoSignStrategy, BatchOptions, BatchResponse, CallbackStrategy, CanonicalAddress, CapabilityEntry, CapabilityKeyRegistry, CapabilityKeyRegistryErrorCode, CapabilityKeyRegistryErrorCodes, ClientSession, ColumnInfo, ComposeManifestOptions, ComposedManifestRequest, CreateDelegationParams, DEFAULT_MANIFEST_SPACE, DEFAULT_MANIFEST_VERSION, DEFAULT_SIGNED_READ_URL_EXPIRY_MS, DataVaultConfig, DataVaultService, DatabaseHandle, Delegation, DelegationChain, DelegationChainV2, DelegationDirection, DelegationError, DelegationErrorCode, DelegationErrorCodes, DelegationFilters, DelegationManager, DelegationManagerConfig, DelegationRecord, DelegationResult, DidCacheKeyOptions, DidEqualsOptions, DuckDbAction, DuckDbActionType, DuckDbBatchOptions, DuckDbBatchResponse, DuckDbDatabaseHandle, DuckDbExecuteOptions, DuckDbExecuteResponse, DuckDbOptions, DuckDbQueryOptions, DuckDbQueryResponse, DuckDbService, DuckDbServiceConfig, DuckDbStatement, DuckDbValue, EncodedShareData, ExecuteOptions, ExecuteResponse, Extension, FetchFunction, GenerateShareParams, ICapabilityKeyRegistry, IDataVaultService, IDatabaseHandle, IDuckDbDatabaseHandle, IDuckDbService, IENSResolver, IKVService, INotificationHandler, IPrefixedKVService, ISQLService, ISecretsService, ISessionManager, ISessionStorage, ISharingService, ISigner, ISpace, ISpaceCreationHandler, ISpaceScopedDelegations, ISpaceScopedSharing, ISpaceService, IUserAuthorization, IWasmBindings, IdentityParseError, IngestOptions, InvokeFunction, JWK, KVCreateSignedReadUrlOptions, KVResponse, KVService, KVServiceConfig, KVSignedReadUrlResponse, KeyInfo, KeyProvider, KeyType, Manifest, ManifestDefaults, ManifestRegistryRecord, ManifestSecretActions, ManifestValidationError, PermissionEntry, PermissionNotInManifestError, PersistedSessionData, PkhDidParts, PrefixedKVService, ProtocolMismatchError, QueryOptions, QueryResponse, ReceiveOptions, ResolvedCapabilities, ResolvedDelegate, ResolvedSecretPath, ResourceCapability, SECRET_NAME_RE, SQLAction, SQLActionType, SQLService, SQLServiceConfig, SchemaInfo, SecretPayload, SecretScopeOptions, SecretsError, SecretsService, ServiceContext, ServiceContextConfig, ServiceSession, SessionExpiredError, ShareAccess, ShareLink, ShareLinkData, ShareSchema, SharingService, SharingServiceConfig, SignCallback, SignInOptions, SignRequest, SignResponse, SilentNotificationHandler, Space, SpaceAbilitiesMap, SpaceConfig, SpaceCreationContext, SpaceErrorCode, SpaceErrorCodes, SpaceInfo, SpaceOwnership, SpaceService, SpaceServiceConfig, SqlStatement, SqlValue, StoredDelegationChain, TableInfo, TinyCloud, TinyCloudConfig, TinyCloudSession, UnsupportedFeatureError, VAULT_PERMISSION_SERVICE, VaultCrypto, VaultEntry, VaultError, VaultGetOptions, VaultGrantOptions, VaultHeaders, VaultListOptions, VaultPublicSpaceKVActions, VaultPutOptions, VersionCheckError, ViewInfo, WasmVaultFunctions, addressStorageKey, buildSpaceUri, canonicalizeAddress, canonicalizeDid, canonicalizeDidUrl, canonicalizeSecretScope, checkNodeInfo, composeManifestRequest, createCapabilityKeyRegistry, createSharingService, createSpaceService, createVaultCrypto, defaultSpaceCreationHandler, didCacheKey, didEquals, expandActionShortNames, expandPermissionEntries, expandPermissionEntry, isCapabilitySubset, isEvmAddress, loadManifest, makePkhSpaceId, makePublicSpaceId, parseExpiry, parsePkhDid, parseSpaceUri, pkhDid, principalDid, principalDidEquals, resolveManifest, resolveSecretListPrefix, resolveSecretPath, resourceCapabilitiesToSpaceAbilitiesMap, validateManifest } from '@tinycloud/sdk-core';
|
|
2
|
+
export { D as DelegateToOptions, a as DelegateToResult, b as DelegatedAccess, F as FileSessionStorage, M as MemorySessionStorage, N as NodeEventEmitterStrategy, c as NodeUserAuthorization, d as NodeUserAuthorizationConfig, P as PortableDelegation, e as RuntimePermissionGrantOptions, S as SignStrategy, T as TinyCloudNode, f as TinyCloudNodeConfig, W as WasmKeyProvider, g as WasmKeyProviderConfig, h as createWasmKeyProvider, i as defaultSignStrategy, j as deserializeDelegation, s as serializeDelegation } from './core-CNyXnUx9.cjs';
|
|
3
3
|
import 'events';
|
|
4
4
|
import '@tinycloud/sdk-services';
|
package/dist/core.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { ACCOUNT_REGISTRY_PATH, ACCOUNT_REGISTRY_SPACE, AutoApproveSpaceCreationHandler, AutoRejectStrategy, AutoSignStrategy, BatchOptions, BatchResponse, CallbackStrategy, CapabilityEntry, CapabilityKeyRegistry, CapabilityKeyRegistryErrorCode, CapabilityKeyRegistryErrorCodes, ClientSession, ColumnInfo, ComposeManifestOptions, ComposedManifestRequest, CreateDelegationParams, DEFAULT_MANIFEST_SPACE, DEFAULT_MANIFEST_VERSION, DEFAULT_SIGNED_READ_URL_EXPIRY_MS, DataVaultConfig, DataVaultService, DatabaseHandle, Delegation, DelegationChain, DelegationChainV2, DelegationDirection, DelegationError, DelegationErrorCode, DelegationErrorCodes, DelegationFilters, DelegationManager, DelegationManagerConfig, DelegationRecord, DelegationResult, DuckDbAction, DuckDbActionType, DuckDbBatchOptions, DuckDbBatchResponse, DuckDbDatabaseHandle, DuckDbExecuteOptions, DuckDbExecuteResponse, DuckDbOptions, DuckDbQueryOptions, DuckDbQueryResponse, DuckDbService, DuckDbServiceConfig, DuckDbStatement, DuckDbValue, EncodedShareData, ExecuteOptions, ExecuteResponse, Extension, FetchFunction, GenerateShareParams, ICapabilityKeyRegistry, IDataVaultService, IDatabaseHandle, IDuckDbDatabaseHandle, IDuckDbService, IENSResolver, IKVService, INotificationHandler, IPrefixedKVService, ISQLService, ISecretsService, ISessionManager, ISessionStorage, ISharingService, ISigner, ISpace, ISpaceCreationHandler, ISpaceScopedDelegations, ISpaceScopedSharing, ISpaceService, IUserAuthorization, IWasmBindings, IngestOptions, InvokeFunction, JWK, KVCreateSignedReadUrlOptions, KVResponse, KVService, KVServiceConfig, KVSignedReadUrlResponse, KeyInfo, KeyProvider, KeyType, Manifest, ManifestDefaults, ManifestRegistryRecord, ManifestSecretActions, ManifestValidationError, PermissionEntry, PermissionNotInManifestError, PersistedSessionData, PrefixedKVService, ProtocolMismatchError, QueryOptions, QueryResponse, ReceiveOptions, ResolvedCapabilities, ResolvedDelegate, ResolvedSecretPath, ResourceCapability, SECRET_NAME_RE, SQLAction, SQLActionType, SQLService, SQLServiceConfig, SchemaInfo, SecretPayload, SecretScopeOptions, SecretsError, SecretsService, ServiceContext, ServiceContextConfig, ServiceSession, SessionExpiredError, ShareAccess, ShareLink, ShareLinkData, ShareSchema, SharingService, SharingServiceConfig, SignCallback, SignInOptions, SignRequest, SignResponse, SilentNotificationHandler, Space, SpaceAbilitiesMap, SpaceConfig, SpaceCreationContext, SpaceErrorCode, SpaceErrorCodes, SpaceInfo, SpaceOwnership, SpaceService, SpaceServiceConfig, SqlStatement, SqlValue, StoredDelegationChain, TableInfo, TinyCloud, TinyCloudConfig, TinyCloudSession, UnsupportedFeatureError, VAULT_PERMISSION_SERVICE, VaultCrypto, VaultEntry, VaultError, VaultGetOptions, VaultGrantOptions, VaultHeaders, VaultListOptions, VaultPublicSpaceKVActions, VaultPutOptions, VersionCheckError, ViewInfo, WasmVaultFunctions, buildSpaceUri, canonicalizeSecretScope, checkNodeInfo, composeManifestRequest, createCapabilityKeyRegistry, createSharingService, createSpaceService, createVaultCrypto, defaultSpaceCreationHandler, expandActionShortNames, expandPermissionEntries, expandPermissionEntry, isCapabilitySubset, loadManifest, makePublicSpaceId, parseExpiry, parseSpaceUri, resolveManifest, resolveSecretListPrefix, resolveSecretPath, resourceCapabilitiesToSpaceAbilitiesMap, validateManifest } from '@tinycloud/sdk-core';
|
|
2
|
-
export { D as DelegateToOptions, a as DelegateToResult, b as DelegatedAccess, F as FileSessionStorage, M as MemorySessionStorage, N as NodeEventEmitterStrategy, c as NodeUserAuthorization, d as NodeUserAuthorizationConfig, P as PortableDelegation, e as RuntimePermissionGrantOptions, S as SignStrategy, T as TinyCloudNode, f as TinyCloudNodeConfig, W as WasmKeyProvider, g as WasmKeyProviderConfig, h as createWasmKeyProvider, i as defaultSignStrategy, j as deserializeDelegation, s as serializeDelegation } from './core-
|
|
1
|
+
export { ACCOUNT_REGISTRY_PATH, ACCOUNT_REGISTRY_SPACE, AutoApproveSpaceCreationHandler, AutoRejectStrategy, AutoSignStrategy, BatchOptions, BatchResponse, CallbackStrategy, CanonicalAddress, CapabilityEntry, CapabilityKeyRegistry, CapabilityKeyRegistryErrorCode, CapabilityKeyRegistryErrorCodes, ClientSession, ColumnInfo, ComposeManifestOptions, ComposedManifestRequest, CreateDelegationParams, DEFAULT_MANIFEST_SPACE, DEFAULT_MANIFEST_VERSION, DEFAULT_SIGNED_READ_URL_EXPIRY_MS, DataVaultConfig, DataVaultService, DatabaseHandle, Delegation, DelegationChain, DelegationChainV2, DelegationDirection, DelegationError, DelegationErrorCode, DelegationErrorCodes, DelegationFilters, DelegationManager, DelegationManagerConfig, DelegationRecord, DelegationResult, DidCacheKeyOptions, DidEqualsOptions, DuckDbAction, DuckDbActionType, DuckDbBatchOptions, DuckDbBatchResponse, DuckDbDatabaseHandle, DuckDbExecuteOptions, DuckDbExecuteResponse, DuckDbOptions, DuckDbQueryOptions, DuckDbQueryResponse, DuckDbService, DuckDbServiceConfig, DuckDbStatement, DuckDbValue, EncodedShareData, ExecuteOptions, ExecuteResponse, Extension, FetchFunction, GenerateShareParams, ICapabilityKeyRegistry, IDataVaultService, IDatabaseHandle, IDuckDbDatabaseHandle, IDuckDbService, IENSResolver, IKVService, INotificationHandler, IPrefixedKVService, ISQLService, ISecretsService, ISessionManager, ISessionStorage, ISharingService, ISigner, ISpace, ISpaceCreationHandler, ISpaceScopedDelegations, ISpaceScopedSharing, ISpaceService, IUserAuthorization, IWasmBindings, IdentityParseError, IngestOptions, InvokeFunction, JWK, KVCreateSignedReadUrlOptions, KVResponse, KVService, KVServiceConfig, KVSignedReadUrlResponse, KeyInfo, KeyProvider, KeyType, Manifest, ManifestDefaults, ManifestRegistryRecord, ManifestSecretActions, ManifestValidationError, PermissionEntry, PermissionNotInManifestError, PersistedSessionData, PkhDidParts, PrefixedKVService, ProtocolMismatchError, QueryOptions, QueryResponse, ReceiveOptions, ResolvedCapabilities, ResolvedDelegate, ResolvedSecretPath, ResourceCapability, SECRET_NAME_RE, SQLAction, SQLActionType, SQLService, SQLServiceConfig, SchemaInfo, SecretPayload, SecretScopeOptions, SecretsError, SecretsService, ServiceContext, ServiceContextConfig, ServiceSession, SessionExpiredError, ShareAccess, ShareLink, ShareLinkData, ShareSchema, SharingService, SharingServiceConfig, SignCallback, SignInOptions, SignRequest, SignResponse, SilentNotificationHandler, Space, SpaceAbilitiesMap, SpaceConfig, SpaceCreationContext, SpaceErrorCode, SpaceErrorCodes, SpaceInfo, SpaceOwnership, SpaceService, SpaceServiceConfig, SqlStatement, SqlValue, StoredDelegationChain, TableInfo, TinyCloud, TinyCloudConfig, TinyCloudSession, UnsupportedFeatureError, VAULT_PERMISSION_SERVICE, VaultCrypto, VaultEntry, VaultError, VaultGetOptions, VaultGrantOptions, VaultHeaders, VaultListOptions, VaultPublicSpaceKVActions, VaultPutOptions, VersionCheckError, ViewInfo, WasmVaultFunctions, addressStorageKey, buildSpaceUri, canonicalizeAddress, canonicalizeDid, canonicalizeDidUrl, canonicalizeSecretScope, checkNodeInfo, composeManifestRequest, createCapabilityKeyRegistry, createSharingService, createSpaceService, createVaultCrypto, defaultSpaceCreationHandler, didCacheKey, didEquals, expandActionShortNames, expandPermissionEntries, expandPermissionEntry, isCapabilitySubset, isEvmAddress, loadManifest, makePkhSpaceId, makePublicSpaceId, parseExpiry, parsePkhDid, parseSpaceUri, pkhDid, principalDid, principalDidEquals, resolveManifest, resolveSecretListPrefix, resolveSecretPath, resourceCapabilitiesToSpaceAbilitiesMap, validateManifest } from '@tinycloud/sdk-core';
|
|
2
|
+
export { D as DelegateToOptions, a as DelegateToResult, b as DelegatedAccess, F as FileSessionStorage, M as MemorySessionStorage, N as NodeEventEmitterStrategy, c as NodeUserAuthorization, d as NodeUserAuthorizationConfig, P as PortableDelegation, e as RuntimePermissionGrantOptions, S as SignStrategy, T as TinyCloudNode, f as TinyCloudNodeConfig, W as WasmKeyProvider, g as WasmKeyProviderConfig, h as createWasmKeyProvider, i as defaultSignStrategy, j as deserializeDelegation, s as serializeDelegation } from './core-CNyXnUx9.js';
|
|
3
3
|
import 'events';
|
|
4
4
|
import '@tinycloud/sdk-services';
|
package/dist/core.js
CHANGED
|
@@ -3,7 +3,20 @@ import { TinyCloud as TinyCloud2 } from "@tinycloud/sdk-core";
|
|
|
3
3
|
import {
|
|
4
4
|
SilentNotificationHandler as SilentNotificationHandler2,
|
|
5
5
|
AutoApproveSpaceCreationHandler as AutoApproveSpaceCreationHandler2,
|
|
6
|
-
defaultSpaceCreationHandler
|
|
6
|
+
defaultSpaceCreationHandler,
|
|
7
|
+
IdentityParseError,
|
|
8
|
+
addressStorageKey,
|
|
9
|
+
canonicalizeAddress as canonicalizeAddress3,
|
|
10
|
+
canonicalizeDid,
|
|
11
|
+
canonicalizeDidUrl,
|
|
12
|
+
didCacheKey,
|
|
13
|
+
didEquals,
|
|
14
|
+
isEvmAddress,
|
|
15
|
+
makePkhSpaceId as makePkhSpaceId2,
|
|
16
|
+
parsePkhDid,
|
|
17
|
+
pkhDid as pkhDid3,
|
|
18
|
+
principalDid,
|
|
19
|
+
principalDidEquals as principalDidEquals2
|
|
7
20
|
} from "@tinycloud/sdk-core";
|
|
8
21
|
|
|
9
22
|
// src/storage/MemorySessionStorage.ts
|
|
@@ -210,7 +223,10 @@ import {
|
|
|
210
223
|
resourceCapabilitiesToAbilitiesMap,
|
|
211
224
|
resourceCapabilitiesToSpaceAbilitiesMap,
|
|
212
225
|
resolveTinyCloudHosts,
|
|
213
|
-
EXPIRY
|
|
226
|
+
EXPIRY,
|
|
227
|
+
canonicalizeAddress,
|
|
228
|
+
makePkhSpaceId,
|
|
229
|
+
pkhDid
|
|
214
230
|
} from "@tinycloud/sdk-core";
|
|
215
231
|
|
|
216
232
|
// src/authorization/strategies.ts
|
|
@@ -336,15 +352,16 @@ var NodeUserAuthorization = class {
|
|
|
336
352
|
* expired-at-epoch-zero.
|
|
337
353
|
*/
|
|
338
354
|
setRestoredTinyCloudSession(session) {
|
|
339
|
-
|
|
340
|
-
this.
|
|
355
|
+
const address = canonicalizeAddress(session.address);
|
|
356
|
+
this._tinyCloudSession = { ...session, address };
|
|
357
|
+
this._address = address;
|
|
341
358
|
this._chainId = session.chainId;
|
|
342
359
|
}
|
|
343
360
|
async resolveTinyCloudHostsForSignIn(address, chainId) {
|
|
344
361
|
if (this.tinycloudHosts && this.tinycloudHosts.length > 0) {
|
|
345
362
|
return;
|
|
346
363
|
}
|
|
347
|
-
const subject =
|
|
364
|
+
const subject = pkhDid(address, chainId);
|
|
348
365
|
const resolved = await resolveTinyCloudHosts(subject, {
|
|
349
366
|
registryUrl: this.tinycloudRegistryUrl,
|
|
350
367
|
fallbackHosts: this.tinycloudFallbackHosts
|
|
@@ -408,19 +425,19 @@ var NodeUserAuthorization = class {
|
|
|
408
425
|
if (space.startsWith("tinycloud:")) {
|
|
409
426
|
return space;
|
|
410
427
|
}
|
|
411
|
-
return
|
|
428
|
+
return makePkhSpaceId(address, chainId, space);
|
|
412
429
|
}
|
|
413
430
|
defaultEncryptionNetworkId(address, chainId) {
|
|
414
|
-
return `urn:tinycloud:encryption
|
|
431
|
+
return `urn:tinycloud:encryption:${pkhDid(address, chainId)}:default`;
|
|
415
432
|
}
|
|
416
433
|
resolveSignInCapabilities(address, chainId) {
|
|
417
434
|
const request = this.getCapabilityRequest();
|
|
418
435
|
if (request === void 0) {
|
|
419
436
|
const defaultNetworkId = this.defaultEncryptionNetworkId(address, chainId);
|
|
420
|
-
const secretsSpaceId =
|
|
437
|
+
const secretsSpaceId = makePkhSpaceId(address, chainId, "secrets");
|
|
421
438
|
return {
|
|
422
439
|
abilities: this.defaultActions,
|
|
423
|
-
spaceId:
|
|
440
|
+
spaceId: makePkhSpaceId(address, chainId, this.spacePrefix),
|
|
424
441
|
spaceAbilities: {
|
|
425
442
|
[secretsSpaceId]: {
|
|
426
443
|
kv: {
|
|
@@ -682,9 +699,9 @@ var NodeUserAuthorization = class {
|
|
|
682
699
|
* @param options - Optional per-call SIWE overrides for this sign-in only
|
|
683
700
|
*/
|
|
684
701
|
async signIn(options) {
|
|
685
|
-
this._address = await this.signer.getAddress();
|
|
702
|
+
this._address = canonicalizeAddress(await this.signer.getAddress());
|
|
686
703
|
this._chainId = await this.signer.getChainId();
|
|
687
|
-
const address = this.
|
|
704
|
+
const address = this._address;
|
|
688
705
|
const chainId = this._chainId;
|
|
689
706
|
await this.resolveTinyCloudHostsForSignIn(address, chainId);
|
|
690
707
|
const keyId = `session-${Date.now()}`;
|
|
@@ -729,7 +746,7 @@ var NodeUserAuthorization = class {
|
|
|
729
746
|
siwe: prepared.siwe,
|
|
730
747
|
signature
|
|
731
748
|
};
|
|
732
|
-
const spacesMetadata = this.enablePublicSpace ? { public:
|
|
749
|
+
const spacesMetadata = this.enablePublicSpace ? { public: makePkhSpaceId(address, chainId, "public") } : void 0;
|
|
733
750
|
const tinyCloudSession = {
|
|
734
751
|
address,
|
|
735
752
|
chainId,
|
|
@@ -804,7 +821,7 @@ var NodeUserAuthorization = class {
|
|
|
804
821
|
*/
|
|
805
822
|
async signMessage(message) {
|
|
806
823
|
if (!this._address) {
|
|
807
|
-
this._address = await this.signer.getAddress();
|
|
824
|
+
this._address = canonicalizeAddress(await this.signer.getAddress());
|
|
808
825
|
}
|
|
809
826
|
if (!this._chainId) {
|
|
810
827
|
this._chainId = await this.signer.getChainId();
|
|
@@ -831,7 +848,7 @@ var NodeUserAuthorization = class {
|
|
|
831
848
|
* ```
|
|
832
849
|
*/
|
|
833
850
|
async prepareSessionForSigning() {
|
|
834
|
-
const address =
|
|
851
|
+
const address = canonicalizeAddress(await this.signer.getAddress());
|
|
835
852
|
const chainId = await this.signer.getChainId();
|
|
836
853
|
const keyId = `session-${Date.now()}`;
|
|
837
854
|
this.sessionManager.renameSessionKeyId("default", keyId);
|
|
@@ -881,7 +898,7 @@ var NodeUserAuthorization = class {
|
|
|
881
898
|
...prepared,
|
|
882
899
|
signature
|
|
883
900
|
});
|
|
884
|
-
const address =
|
|
901
|
+
const address = canonicalizeAddress(await this.signer.getAddress());
|
|
885
902
|
const chainId = await this.signer.getChainId();
|
|
886
903
|
await this.resolveTinyCloudHostsForSignIn(address, chainId);
|
|
887
904
|
const clientSession = {
|
|
@@ -892,7 +909,7 @@ var NodeUserAuthorization = class {
|
|
|
892
909
|
siwe: prepared.siwe,
|
|
893
910
|
signature
|
|
894
911
|
};
|
|
895
|
-
const spacesMetadata = this.enablePublicSpace ? { public:
|
|
912
|
+
const spacesMetadata = this.enablePublicSpace ? { public: makePkhSpaceId(address, chainId, "public") } : void 0;
|
|
896
913
|
const tinyCloudSession = {
|
|
897
914
|
address,
|
|
898
915
|
chainId,
|
|
@@ -1046,7 +1063,10 @@ import {
|
|
|
1046
1063
|
EXPIRY as EXPIRY3,
|
|
1047
1064
|
canonicalHashHex,
|
|
1048
1065
|
canonicalizeEncryptionJson,
|
|
1049
|
-
verifyDidKeyEd25519Signature
|
|
1066
|
+
verifyDidKeyEd25519Signature,
|
|
1067
|
+
canonicalizeAddress as canonicalizeAddress2,
|
|
1068
|
+
pkhDid as pkhDid2,
|
|
1069
|
+
principalDidEquals
|
|
1050
1070
|
} from "@tinycloud/sdk-core";
|
|
1051
1071
|
|
|
1052
1072
|
// src/DelegatedAccess.ts
|
|
@@ -1469,6 +1489,13 @@ var NETWORK_CREATE_ACTION = "tinycloud.encryption/network.create";
|
|
|
1469
1489
|
var DECRYPT_ACTION = "tinycloud.encryption/decrypt";
|
|
1470
1490
|
var NETWORK_ADMIN_TYPE = "tinycloud.encryption.network-admin/v1";
|
|
1471
1491
|
var DEFAULT_SESSION_EXPIRATION_MS = EXPIRY3.SESSION_MS;
|
|
1492
|
+
function didPrincipalMatches(actual, expected) {
|
|
1493
|
+
try {
|
|
1494
|
+
return principalDidEquals(actual, expected);
|
|
1495
|
+
} catch {
|
|
1496
|
+
return actual === expected;
|
|
1497
|
+
}
|
|
1498
|
+
}
|
|
1472
1499
|
function base64UrlEncode(bytes) {
|
|
1473
1500
|
const alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
|
|
1474
1501
|
let output = "";
|
|
@@ -1765,7 +1792,7 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
1765
1792
|
*/
|
|
1766
1793
|
get did() {
|
|
1767
1794
|
if (this._address) {
|
|
1768
|
-
return
|
|
1795
|
+
return pkhDid2(this._address, this._chainId);
|
|
1769
1796
|
}
|
|
1770
1797
|
return this.sessionManager.getDID(this.sessionKeyId);
|
|
1771
1798
|
}
|
|
@@ -1782,7 +1809,7 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
1782
1809
|
* Get the Ethereum address for this user.
|
|
1783
1810
|
*/
|
|
1784
1811
|
get address() {
|
|
1785
|
-
return this._address;
|
|
1812
|
+
return this.auth?.address() ?? this._address;
|
|
1786
1813
|
}
|
|
1787
1814
|
/**
|
|
1788
1815
|
* Check if this instance is in session-only mode (no wallet).
|
|
@@ -1820,7 +1847,7 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
1820
1847
|
);
|
|
1821
1848
|
}
|
|
1822
1849
|
await this.wasmBindings.ensureInitialized?.();
|
|
1823
|
-
this._address = await this.signer.getAddress();
|
|
1850
|
+
this._address = canonicalizeAddress2(await this.signer.getAddress());
|
|
1824
1851
|
this._chainId = await this.signer.getChainId();
|
|
1825
1852
|
this._kv = void 0;
|
|
1826
1853
|
this._sql = void 0;
|
|
@@ -1927,8 +1954,9 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
1927
1954
|
this._spaceService = void 0;
|
|
1928
1955
|
this._serviceContext = void 0;
|
|
1929
1956
|
this.runtimePermissionGrants = [];
|
|
1930
|
-
|
|
1931
|
-
|
|
1957
|
+
const restoredAddress = sessionData.address ? canonicalizeAddress2(sessionData.address) : void 0;
|
|
1958
|
+
if (restoredAddress) {
|
|
1959
|
+
this._address = restoredAddress;
|
|
1932
1960
|
}
|
|
1933
1961
|
if (sessionData.chainId) {
|
|
1934
1962
|
this._chainId = sessionData.chainId;
|
|
@@ -1963,9 +1991,9 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
1963
1991
|
this._vault.initialize(this._serviceContext);
|
|
1964
1992
|
this._serviceContext.registerService("vault", this._vault);
|
|
1965
1993
|
this.initializeV2Services(serviceSession);
|
|
1966
|
-
if (sessionData.siwe &&
|
|
1994
|
+
if (sessionData.siwe && restoredAddress && sessionData.chainId) {
|
|
1967
1995
|
const tcSession = {
|
|
1968
|
-
address:
|
|
1996
|
+
address: restoredAddress,
|
|
1969
1997
|
chainId: sessionData.chainId,
|
|
1970
1998
|
sessionKey: JSON.stringify(sessionData.jwk),
|
|
1971
1999
|
spaceId: sessionData.spaceId,
|
|
@@ -2305,7 +2333,7 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
2305
2333
|
},
|
|
2306
2334
|
wellKnown: {
|
|
2307
2335
|
fetchWellKnown: async (principal, discoveryKey) => {
|
|
2308
|
-
if (!this._address || principal
|
|
2336
|
+
if (!this._address || !didPrincipalMatches(principal, this.did)) {
|
|
2309
2337
|
return null;
|
|
2310
2338
|
}
|
|
2311
2339
|
if (!this.config.host) {
|
|
@@ -2629,7 +2657,7 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
2629
2657
|
return {
|
|
2630
2658
|
cid: delegationSession.delegationCid,
|
|
2631
2659
|
delegateDID: params.shareKeyDID,
|
|
2632
|
-
delegatorDID:
|
|
2660
|
+
delegatorDID: pkhDid2(session.address, session.chainId),
|
|
2633
2661
|
spaceId: params.spaceId,
|
|
2634
2662
|
path: params.path,
|
|
2635
2663
|
actions: params.actions,
|
|
@@ -2767,11 +2795,11 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
2767
2795
|
}
|
|
2768
2796
|
async createEncryptionNetwork(name = DEFAULT_ENCRYPTION_NETWORK_NAME) {
|
|
2769
2797
|
const targetNode = await this.fetchNodeId();
|
|
2770
|
-
const
|
|
2798
|
+
const ownerDid = this.did;
|
|
2771
2799
|
const networkId = this.getDefaultEncryptionNetworkId(name);
|
|
2772
2800
|
const body = {
|
|
2773
2801
|
name,
|
|
2774
|
-
|
|
2802
|
+
ownerDid,
|
|
2775
2803
|
threshold: { n: 1, t: 1 }
|
|
2776
2804
|
};
|
|
2777
2805
|
const crypto = this.createEncryptionCrypto();
|
|
@@ -2961,13 +2989,8 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
2961
2989
|
if (delegation.expiry.getTime() <= Date.now()) {
|
|
2962
2990
|
throw new SessionExpiredError(delegation.expiry);
|
|
2963
2991
|
}
|
|
2964
|
-
const expectedDids =
|
|
2965
|
-
|
|
2966
|
-
this.didWithoutFragment(session.verificationMethod),
|
|
2967
|
-
this.sessionDid,
|
|
2968
|
-
this.didWithoutFragment(this.sessionDid)
|
|
2969
|
-
]);
|
|
2970
|
-
if (!expectedDids.has(delegation.delegateDID)) {
|
|
2992
|
+
const expectedDids = [session.verificationMethod, this.sessionDid];
|
|
2993
|
+
if (!expectedDids.some((did) => didPrincipalMatches(delegation.delegateDID, did))) {
|
|
2971
2994
|
throw new Error(
|
|
2972
2995
|
`Runtime delegation targets ${delegation.delegateDID} but this session key is ${session.verificationMethod}.`
|
|
2973
2996
|
);
|
|
@@ -3494,7 +3517,9 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
3494
3517
|
"materializeDelegation requires a composed manifest request"
|
|
3495
3518
|
);
|
|
3496
3519
|
}
|
|
3497
|
-
const target = request.delegationTargets.find(
|
|
3520
|
+
const target = request.delegationTargets.find(
|
|
3521
|
+
(entry) => didPrincipalMatches(entry.did, did)
|
|
3522
|
+
);
|
|
3498
3523
|
if (!target) {
|
|
3499
3524
|
throw new Error(`No manifest delegation target found for DID ${did}`);
|
|
3500
3525
|
}
|
|
@@ -3802,10 +3827,6 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
3802
3827
|
expiresAt: delegation.expiry
|
|
3803
3828
|
};
|
|
3804
3829
|
}
|
|
3805
|
-
didWithoutFragment(did) {
|
|
3806
|
-
const fragment = did.indexOf("#");
|
|
3807
|
-
return fragment === -1 ? did : did.slice(0, fragment);
|
|
3808
|
-
}
|
|
3809
3830
|
installRuntimeGrantFromServiceSession(delegation, session, expiresAt) {
|
|
3810
3831
|
const operations = this.operationsFromDelegation(delegation);
|
|
3811
3832
|
if (operations.length === 0) {
|
|
@@ -4001,7 +4022,7 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
4001
4022
|
if (resolvedDelegateDID.endsWith(".eth") && this.config.ensResolver) {
|
|
4002
4023
|
const address = await this.config.ensResolver.resolveAddress(resolvedDelegateDID);
|
|
4003
4024
|
if (!address) throw new Error(`Could not resolve ENS name: ${resolvedDelegateDID}`);
|
|
4004
|
-
resolvedDelegateDID =
|
|
4025
|
+
resolvedDelegateDID = pkhDid2(address, 1);
|
|
4005
4026
|
}
|
|
4006
4027
|
const entries = legacyParamsToPermissionEntries(
|
|
4007
4028
|
params.actions,
|
|
@@ -4158,7 +4179,7 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
4158
4179
|
const targetHost = delegation.host ?? this.config.host;
|
|
4159
4180
|
if (this.isSessionOnly) {
|
|
4160
4181
|
const myDid = this.did;
|
|
4161
|
-
if (delegation.delegateDID
|
|
4182
|
+
if (!didPrincipalMatches(delegation.delegateDID, myDid)) {
|
|
4162
4183
|
throw new Error(
|
|
4163
4184
|
`Delegation targets ${delegation.delegateDID} but this user's DID is ${myDid}. The delegation must target this user's DID.`
|
|
4164
4185
|
);
|
|
@@ -4473,6 +4494,7 @@ export {
|
|
|
4473
4494
|
DuckDbDatabaseHandle,
|
|
4474
4495
|
DuckDbService3 as DuckDbService,
|
|
4475
4496
|
FileSessionStorage,
|
|
4497
|
+
IdentityParseError,
|
|
4476
4498
|
KVService3 as KVService,
|
|
4477
4499
|
ManifestValidationError,
|
|
4478
4500
|
MemorySessionStorage,
|
|
@@ -4499,7 +4521,11 @@ export {
|
|
|
4499
4521
|
VaultPublicSpaceKVActions,
|
|
4500
4522
|
VersionCheckError,
|
|
4501
4523
|
WasmKeyProvider,
|
|
4524
|
+
addressStorageKey,
|
|
4502
4525
|
buildSpaceUri,
|
|
4526
|
+
canonicalizeAddress3 as canonicalizeAddress,
|
|
4527
|
+
canonicalizeDid,
|
|
4528
|
+
canonicalizeDidUrl,
|
|
4503
4529
|
canonicalizeSecretScope,
|
|
4504
4530
|
checkNodeInfo2 as checkNodeInfo,
|
|
4505
4531
|
composeManifestRequest2 as composeManifestRequest,
|
|
@@ -4511,14 +4537,22 @@ export {
|
|
|
4511
4537
|
defaultSignStrategy,
|
|
4512
4538
|
defaultSpaceCreationHandler,
|
|
4513
4539
|
deserializeDelegation,
|
|
4540
|
+
didCacheKey,
|
|
4541
|
+
didEquals,
|
|
4514
4542
|
expandActionShortNames,
|
|
4515
4543
|
expandPermissionEntries2 as expandPermissionEntries,
|
|
4516
4544
|
expandPermissionEntry,
|
|
4517
4545
|
isCapabilitySubset2 as isCapabilitySubset,
|
|
4546
|
+
isEvmAddress,
|
|
4518
4547
|
loadManifest,
|
|
4548
|
+
makePkhSpaceId2 as makePkhSpaceId,
|
|
4519
4549
|
makePublicSpaceId2 as makePublicSpaceId,
|
|
4520
4550
|
parseExpiry2 as parseExpiry,
|
|
4551
|
+
parsePkhDid,
|
|
4521
4552
|
parseSpaceUri,
|
|
4553
|
+
pkhDid3 as pkhDid,
|
|
4554
|
+
principalDid,
|
|
4555
|
+
principalDidEquals2 as principalDidEquals,
|
|
4522
4556
|
resolveManifest2 as resolveManifest,
|
|
4523
4557
|
resolveSecretListPrefix2 as resolveSecretListPrefix,
|
|
4524
4558
|
resolveSecretPath2 as resolveSecretPath,
|