@tinycloud/node-sdk 2.4.1-beta.0 → 2.5.0-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{core-D01sn2vf.d.cts → core-ojeY-wet.d.cts} +24 -3
- package/dist/{core-D01sn2vf.d.ts → core-ojeY-wet.d.ts} +24 -3
- package/dist/core.cjs +79 -15
- package/dist/core.cjs.map +1 -1
- package/dist/core.d.cts +1 -1
- package/dist/core.d.ts +1 -1
- package/dist/core.js +79 -15
- package/dist/core.js.map +1 -1
- package/dist/index.cjs +79 -15
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.js +79 -15
- package/dist/index.js.map +1 -1
- package/package.json +2 -2
package/dist/core.d.cts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
export { ACCOUNT_REGISTRY_PATH, ACCOUNT_REGISTRY_SPACE, AccountApplication, AccountApplicationListOptions, AccountDelegation, AccountDelegationListOptions, AccountDelegationRevokeOptions, AccountIndexEnsureResult, AccountIndexRebuildResult, AccountIndexStatus, AccountIndexedReadOptions, AccountService, AccountServiceConfig, AccountSpace, AccountSpaceListOptions, AccountStatus, AutoApproveSpaceCreationHandler, AutoRejectStrategy, AutoSignStrategy, BatchOptions, BatchResponse, CallbackStrategy, CanonicalAddress, CanonicalParsedNetworkId, CapabilityEntry, CapabilityKeyRegistry, CapabilityKeyRegistryErrorCode, CapabilityKeyRegistryErrorCodes, ClientSession, ColumnInfo, ComposeManifestOptions, ComposedManifestRequest, CreateDelegationParams, DEFAULT_MANIFEST_SPACE, DEFAULT_MANIFEST_VERSION, DEFAULT_SIGNED_READ_URL_EXPIRY_MS, DataVaultConfig, DataVaultService, DatabaseHandle, Delegation, DelegationChain, DelegationChainV2, DelegationDirection, DelegationError, DelegationErrorCode, DelegationErrorCodes, DelegationFilters, DelegationManager, DelegationManagerConfig, DelegationRecord, DelegationResult, DidCacheKeyOptions, DidEqualsOptions, DuckDbAction, DuckDbActionType, DuckDbBatchOptions, DuckDbBatchResponse, DuckDbDatabaseHandle, DuckDbExecuteOptions, DuckDbExecuteResponse, DuckDbOptions, DuckDbQueryOptions, DuckDbQueryResponse, DuckDbService, DuckDbServiceConfig, DuckDbStatement, DuckDbValue, EncodedShareData, ExecuteOptions, ExecuteResponse, Extension, FetchFunction, GenerateShareParams, ICapabilityKeyRegistry, IDataVaultService, IDatabaseHandle, IDuckDbDatabaseHandle, IDuckDbService, IENSResolver, IKVService, INotificationHandler, IPrefixedKVService, ISQLService, ISecretsService, ISessionManager, ISessionStorage, ISharingService, ISigner, ISpace, ISpaceCreationHandler, ISpaceScopedDelegations, ISpaceScopedSharing, ISpaceService, IUserAuthorization, IWasmBindings, IdentityParseError, IngestOptions, InvokeFunction, JWK, KVCreateSignedReadUrlOptions, KVResponse, KVService, KVServiceConfig, KVSignedReadUrlResponse, KeyInfo, KeyProvider, KeyType, Manifest, ManifestDefaults, ManifestRegistryRecord, ManifestSecretActions, ManifestValidationError, OpenKeyCallbackStrategy, OpenKeySigningRequestBody, OpenKeySigningResponseBody, OpenKeySigningStrategyOptions, PermissionEntry, PermissionNotInManifestError, PersistedSessionData, PkhDidParts, PrefixedKVService, ProtocolMismatchError, QueryOptions, QueryResponse, ReceiveOptions, ResolvedCapabilities, ResolvedDelegate, ResolvedSecretPath, ResourceCapability, SECRET_NAME_RE, SQLAction, SQLActionType, SQLService, SQLServiceConfig, SchemaInfo, SecretPayload, SecretScopeOptions, SecretsError, SecretsService, ServiceContext, ServiceContextConfig, ServiceSession, SessionExpiredError, ShareAccess, ShareLink, ShareLinkData, ShareSchema, SharingService, SharingServiceConfig, SignCallback, SignInOptions, SignRequest, SignResponse, SilentNotificationHandler, Space, SpaceAbilitiesMap, SpaceConfig, SpaceCreationContext, SpaceErrorCode, SpaceErrorCodes, SpaceInfo, SpaceOwnership, SpaceService, SpaceServiceConfig, SqlStatement, SqlValue, StoredDelegationChain, TableInfo, TelemetryConfig, TelemetryEventHandler, TinyCloud, TinyCloudConfig, TinyCloudDebugEnableOptions, TinyCloudDebugEvent, TinyCloudDebugLevel, TinyCloudDebugLogger, TinyCloudDebugTimer, TinyCloudSession, UnsupportedFeatureError, VAULT_PERMISSION_SERVICE, VaultCrypto, VaultEntry, VaultError, VaultGetOptions, VaultGrantOptions, VaultHeaders, VaultListOptions, VaultPublicSpaceKVActions, VaultPutOptions, VersionCheckError, ViewInfo, WasmVaultFunctions, addressStorageKey, buildSpaceUri, canonicalizeAddress, canonicalizeDid, canonicalizeDidUrl, canonicalizeNetworkId, canonicalizeSecretScope, checkNodeInfo, clearTinyCloudDebugLogs, composeManifestRequest, createCapabilityKeyRegistry, createOpenKeyCallbackSigningStrategy, createSharingService, createSpaceService, createVaultCrypto, defaultSpaceCreationHandler, didCacheKey, didEquals, disableTinyCloudDebug, enableTinyCloudDebug, expandActionShortNames, expandPermissionEntries, expandPermissionEntry, getTinyCloudDebugLogs, installTinyCloudDebugGlobals, isCapabilitySubset, isEvmAddress, loadManifest, makePkhSpaceId, makePublicSpaceId, parseCanonicalNetworkId, parseExpiry, parsePkhDid, parseSpaceUri, pkhDid, principalDid, principalDidEquals, resolveManifest, resolveSecretListPrefix, resolveSecretPath, resourceCapabilitiesToSpaceAbilitiesMap, tinyCloudDebugLogger, validateManifest } from '@tinycloud/sdk-core';
|
|
2
|
-
export { D as DelegateToOptions, b as DelegateToResult, c as DelegatedAccess, F as FileSessionStorage, M as MemorySessionStorage, N as NodeEventEmitterStrategy, e as NodeUserAuthorization, f as NodeUserAuthorizationConfig, P as PortableDelegation, g as RuntimePermissionGrantOptions, S as SignStrategy, T as TinyCloudNode, h as TinyCloudNodeConfig, W as WasmKeyProvider, i as WasmKeyProviderConfig, j as createWasmKeyProvider, k as defaultSignStrategy, l as deserializeDelegation, s as serializeDelegation } from './core-
|
|
2
|
+
export { D as DelegateToOptions, b as DelegateToResult, c as DelegatedAccess, F as FileSessionStorage, M as MemorySessionStorage, N as NodeEventEmitterStrategy, e as NodeUserAuthorization, f as NodeUserAuthorizationConfig, P as PortableDelegation, g as RuntimePermissionGrantOptions, S as SignStrategy, T as TinyCloudNode, h as TinyCloudNodeConfig, W as WasmKeyProvider, i as WasmKeyProviderConfig, j as createWasmKeyProvider, k as defaultSignStrategy, l as deserializeDelegation, s as serializeDelegation } from './core-ojeY-wet.cjs';
|
|
3
3
|
import 'events';
|
|
4
4
|
import '@tinycloud/sdk-services';
|
package/dist/core.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
export { ACCOUNT_REGISTRY_PATH, ACCOUNT_REGISTRY_SPACE, AccountApplication, AccountApplicationListOptions, AccountDelegation, AccountDelegationListOptions, AccountDelegationRevokeOptions, AccountIndexEnsureResult, AccountIndexRebuildResult, AccountIndexStatus, AccountIndexedReadOptions, AccountService, AccountServiceConfig, AccountSpace, AccountSpaceListOptions, AccountStatus, AutoApproveSpaceCreationHandler, AutoRejectStrategy, AutoSignStrategy, BatchOptions, BatchResponse, CallbackStrategy, CanonicalAddress, CanonicalParsedNetworkId, CapabilityEntry, CapabilityKeyRegistry, CapabilityKeyRegistryErrorCode, CapabilityKeyRegistryErrorCodes, ClientSession, ColumnInfo, ComposeManifestOptions, ComposedManifestRequest, CreateDelegationParams, DEFAULT_MANIFEST_SPACE, DEFAULT_MANIFEST_VERSION, DEFAULT_SIGNED_READ_URL_EXPIRY_MS, DataVaultConfig, DataVaultService, DatabaseHandle, Delegation, DelegationChain, DelegationChainV2, DelegationDirection, DelegationError, DelegationErrorCode, DelegationErrorCodes, DelegationFilters, DelegationManager, DelegationManagerConfig, DelegationRecord, DelegationResult, DidCacheKeyOptions, DidEqualsOptions, DuckDbAction, DuckDbActionType, DuckDbBatchOptions, DuckDbBatchResponse, DuckDbDatabaseHandle, DuckDbExecuteOptions, DuckDbExecuteResponse, DuckDbOptions, DuckDbQueryOptions, DuckDbQueryResponse, DuckDbService, DuckDbServiceConfig, DuckDbStatement, DuckDbValue, EncodedShareData, ExecuteOptions, ExecuteResponse, Extension, FetchFunction, GenerateShareParams, ICapabilityKeyRegistry, IDataVaultService, IDatabaseHandle, IDuckDbDatabaseHandle, IDuckDbService, IENSResolver, IKVService, INotificationHandler, IPrefixedKVService, ISQLService, ISecretsService, ISessionManager, ISessionStorage, ISharingService, ISigner, ISpace, ISpaceCreationHandler, ISpaceScopedDelegations, ISpaceScopedSharing, ISpaceService, IUserAuthorization, IWasmBindings, IdentityParseError, IngestOptions, InvokeFunction, JWK, KVCreateSignedReadUrlOptions, KVResponse, KVService, KVServiceConfig, KVSignedReadUrlResponse, KeyInfo, KeyProvider, KeyType, Manifest, ManifestDefaults, ManifestRegistryRecord, ManifestSecretActions, ManifestValidationError, OpenKeyCallbackStrategy, OpenKeySigningRequestBody, OpenKeySigningResponseBody, OpenKeySigningStrategyOptions, PermissionEntry, PermissionNotInManifestError, PersistedSessionData, PkhDidParts, PrefixedKVService, ProtocolMismatchError, QueryOptions, QueryResponse, ReceiveOptions, ResolvedCapabilities, ResolvedDelegate, ResolvedSecretPath, ResourceCapability, SECRET_NAME_RE, SQLAction, SQLActionType, SQLService, SQLServiceConfig, SchemaInfo, SecretPayload, SecretScopeOptions, SecretsError, SecretsService, ServiceContext, ServiceContextConfig, ServiceSession, SessionExpiredError, ShareAccess, ShareLink, ShareLinkData, ShareSchema, SharingService, SharingServiceConfig, SignCallback, SignInOptions, SignRequest, SignResponse, SilentNotificationHandler, Space, SpaceAbilitiesMap, SpaceConfig, SpaceCreationContext, SpaceErrorCode, SpaceErrorCodes, SpaceInfo, SpaceOwnership, SpaceService, SpaceServiceConfig, SqlStatement, SqlValue, StoredDelegationChain, TableInfo, TelemetryConfig, TelemetryEventHandler, TinyCloud, TinyCloudConfig, TinyCloudDebugEnableOptions, TinyCloudDebugEvent, TinyCloudDebugLevel, TinyCloudDebugLogger, TinyCloudDebugTimer, TinyCloudSession, UnsupportedFeatureError, VAULT_PERMISSION_SERVICE, VaultCrypto, VaultEntry, VaultError, VaultGetOptions, VaultGrantOptions, VaultHeaders, VaultListOptions, VaultPublicSpaceKVActions, VaultPutOptions, VersionCheckError, ViewInfo, WasmVaultFunctions, addressStorageKey, buildSpaceUri, canonicalizeAddress, canonicalizeDid, canonicalizeDidUrl, canonicalizeNetworkId, canonicalizeSecretScope, checkNodeInfo, clearTinyCloudDebugLogs, composeManifestRequest, createCapabilityKeyRegistry, createOpenKeyCallbackSigningStrategy, createSharingService, createSpaceService, createVaultCrypto, defaultSpaceCreationHandler, didCacheKey, didEquals, disableTinyCloudDebug, enableTinyCloudDebug, expandActionShortNames, expandPermissionEntries, expandPermissionEntry, getTinyCloudDebugLogs, installTinyCloudDebugGlobals, isCapabilitySubset, isEvmAddress, loadManifest, makePkhSpaceId, makePublicSpaceId, parseCanonicalNetworkId, parseExpiry, parsePkhDid, parseSpaceUri, pkhDid, principalDid, principalDidEquals, resolveManifest, resolveSecretListPrefix, resolveSecretPath, resourceCapabilitiesToSpaceAbilitiesMap, tinyCloudDebugLogger, validateManifest } from '@tinycloud/sdk-core';
|
|
2
|
-
export { D as DelegateToOptions, b as DelegateToResult, c as DelegatedAccess, F as FileSessionStorage, M as MemorySessionStorage, N as NodeEventEmitterStrategy, e as NodeUserAuthorization, f as NodeUserAuthorizationConfig, P as PortableDelegation, g as RuntimePermissionGrantOptions, S as SignStrategy, T as TinyCloudNode, h as TinyCloudNodeConfig, W as WasmKeyProvider, i as WasmKeyProviderConfig, j as createWasmKeyProvider, k as defaultSignStrategy, l as deserializeDelegation, s as serializeDelegation } from './core-
|
|
2
|
+
export { D as DelegateToOptions, b as DelegateToResult, c as DelegatedAccess, F as FileSessionStorage, M as MemorySessionStorage, N as NodeEventEmitterStrategy, e as NodeUserAuthorization, f as NodeUserAuthorizationConfig, P as PortableDelegation, g as RuntimePermissionGrantOptions, S as SignStrategy, T as TinyCloudNode, h as TinyCloudNodeConfig, W as WasmKeyProvider, i as WasmKeyProviderConfig, j as createWasmKeyProvider, k as defaultSignStrategy, l as deserializeDelegation, s as serializeDelegation } from './core-ojeY-wet.js';
|
|
3
3
|
import 'events';
|
|
4
4
|
import '@tinycloud/sdk-services';
|
package/dist/core.js
CHANGED
|
@@ -620,7 +620,7 @@ var NodeUserAuthorization = class {
|
|
|
620
620
|
* Create the space on the TinyCloud server (host delegation).
|
|
621
621
|
* This registers the user as the owner of the space.
|
|
622
622
|
*/
|
|
623
|
-
async hostSpace(targetSpaceId) {
|
|
623
|
+
async hostSpace(targetSpaceId, purpose) {
|
|
624
624
|
if (!this._tinyCloudSession || !this._address || !this._chainId) {
|
|
625
625
|
throw new Error("Must be signed in to host space");
|
|
626
626
|
}
|
|
@@ -636,7 +636,7 @@ var NodeUserAuthorization = class {
|
|
|
636
636
|
spaceId,
|
|
637
637
|
peerId
|
|
638
638
|
});
|
|
639
|
-
const signature = await this.signMessage(siwe);
|
|
639
|
+
const signature = await this.signMessage(siwe, purpose);
|
|
640
640
|
const headers = this.wasm.siweToDelegationHeaders({ siwe, signature });
|
|
641
641
|
const result = await submitHostDelegation(host, headers);
|
|
642
642
|
return result.success;
|
|
@@ -652,8 +652,8 @@ var NodeUserAuthorization = class {
|
|
|
652
652
|
* Create a specific owned space on the server via host delegation.
|
|
653
653
|
* Used by manifest registry setup for the account space.
|
|
654
654
|
*/
|
|
655
|
-
async hostOwnedSpace(spaceId) {
|
|
656
|
-
return this.hostSpace(spaceId);
|
|
655
|
+
async hostOwnedSpace(spaceId, purpose) {
|
|
656
|
+
return this.hostSpace(spaceId, purpose);
|
|
657
657
|
}
|
|
658
658
|
/**
|
|
659
659
|
* Ensure the user's space exists on the TinyCloud server.
|
|
@@ -803,7 +803,8 @@ var NodeUserAuthorization = class {
|
|
|
803
803
|
address,
|
|
804
804
|
chainId,
|
|
805
805
|
message: prepared.siwe,
|
|
806
|
-
type: "siwe"
|
|
806
|
+
type: "siwe",
|
|
807
|
+
purpose: "bootstrap-session"
|
|
807
808
|
});
|
|
808
809
|
const session = this.wasm.completeSessionSetup({
|
|
809
810
|
...prepared,
|
|
@@ -867,7 +868,8 @@ var NodeUserAuthorization = class {
|
|
|
867
868
|
address,
|
|
868
869
|
chainId,
|
|
869
870
|
message: prepared.siwe,
|
|
870
|
-
type: "siwe"
|
|
871
|
+
type: "siwe",
|
|
872
|
+
purpose: "sign-in"
|
|
871
873
|
});
|
|
872
874
|
const session = this.wasm.completeSessionSetup({
|
|
873
875
|
...prepared,
|
|
@@ -955,7 +957,7 @@ var NodeUserAuthorization = class {
|
|
|
955
957
|
/**
|
|
956
958
|
* Sign a message with the connected signer.
|
|
957
959
|
*/
|
|
958
|
-
async signMessage(message) {
|
|
960
|
+
async signMessage(message, purpose) {
|
|
959
961
|
if (!this._address) {
|
|
960
962
|
this._address = canonicalizeAddress(await this.signer.getAddress());
|
|
961
963
|
}
|
|
@@ -966,7 +968,8 @@ var NodeUserAuthorization = class {
|
|
|
966
968
|
address: this._address,
|
|
967
969
|
chainId: this._chainId,
|
|
968
970
|
message,
|
|
969
|
-
type: "message"
|
|
971
|
+
type: "message",
|
|
972
|
+
...purpose ? { purpose } : {}
|
|
970
973
|
});
|
|
971
974
|
}
|
|
972
975
|
/**
|
|
@@ -1654,6 +1657,15 @@ var DEFAULT_SESSION_EXPIRATION_MS = EXPIRY3.SESSION_MS;
|
|
|
1654
1657
|
function isOpenKeyAutoSignStrategy(strategy) {
|
|
1655
1658
|
return strategy?.openKeyAutoSign === true;
|
|
1656
1659
|
}
|
|
1660
|
+
function isInteractiveSigner(config) {
|
|
1661
|
+
if (config.privateKey) {
|
|
1662
|
+
return false;
|
|
1663
|
+
}
|
|
1664
|
+
if (isOpenKeyAutoSignStrategy(config.signStrategy)) {
|
|
1665
|
+
return false;
|
|
1666
|
+
}
|
|
1667
|
+
return config.signer !== void 0;
|
|
1668
|
+
}
|
|
1657
1669
|
function didPrincipalMatches2(actual, expected) {
|
|
1658
1670
|
try {
|
|
1659
1671
|
return principalDidEquals2(actual, expected);
|
|
@@ -1790,6 +1802,21 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
1790
1802
|
this._baseSecrets = /* @__PURE__ */ new Map();
|
|
1791
1803
|
this._secrets = /* @__PURE__ */ new Map();
|
|
1792
1804
|
this.runtimePermissionGrants = [];
|
|
1805
|
+
/**
|
|
1806
|
+
* True when the last signIn() detected an interactive signer and skipped
|
|
1807
|
+
* client-side bootstrap. Apps can read this to know whether bootstrap was
|
|
1808
|
+
* deferred to the server (OpenKey) or requires a separate user action.
|
|
1809
|
+
*/
|
|
1810
|
+
this._bootstrapSkipped = false;
|
|
1811
|
+
/**
|
|
1812
|
+
* Outcome of the last signIn()'s account-bootstrap attempt. `skipped` is
|
|
1813
|
+
* true when bootstrap did not complete (interactive signer, auto-sign
|
|
1814
|
+
* denied, or a bootstrap step failed); `reason` carries the cause so apps
|
|
1815
|
+
* can surface a "finish account setup" call-to-action.
|
|
1816
|
+
*/
|
|
1817
|
+
this._bootstrapStatus = {
|
|
1818
|
+
skipped: false
|
|
1819
|
+
};
|
|
1793
1820
|
this.invokeWithRuntimePermissions = (session, service, path, action, facts) => {
|
|
1794
1821
|
return this.wasmBindings.invoke(
|
|
1795
1822
|
this.selectInvocationSession(session, service, path, action),
|
|
@@ -1882,6 +1909,15 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
1882
1909
|
static registerNodeDefaults(defaults) {
|
|
1883
1910
|
_TinyCloudNode.nodeDefaults = defaults;
|
|
1884
1911
|
}
|
|
1912
|
+
/** Whether the last signIn() skipped client-side bootstrap because the
|
|
1913
|
+
* signer is interactive (browser wallet / EIP-1193 provider). */
|
|
1914
|
+
get bootstrapSkipped() {
|
|
1915
|
+
return this._bootstrapSkipped;
|
|
1916
|
+
}
|
|
1917
|
+
/** Outcome of the last signIn()'s account-bootstrap attempt. */
|
|
1918
|
+
get bootstrapStatus() {
|
|
1919
|
+
return this._bootstrapStatus;
|
|
1920
|
+
}
|
|
1885
1921
|
get nodeFeatures() {
|
|
1886
1922
|
return this.auth?.nodeFeatures ?? [];
|
|
1887
1923
|
}
|
|
@@ -2105,17 +2141,38 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
2105
2141
|
return this.wasmBindings.makeSpaceId(this._address, this._chainId, name);
|
|
2106
2142
|
}
|
|
2107
2143
|
async bootstrapAccountIfNeeded() {
|
|
2144
|
+
this._bootstrapSkipped = false;
|
|
2145
|
+
this._bootstrapStatus = { skipped: false };
|
|
2108
2146
|
if (this.config.autoBootstrapAccount === false) {
|
|
2109
2147
|
return false;
|
|
2110
2148
|
}
|
|
2111
2149
|
if (!this.auth || !this._address) {
|
|
2112
2150
|
return false;
|
|
2113
2151
|
}
|
|
2152
|
+
if (isInteractiveSigner(this.config)) {
|
|
2153
|
+
console.debug(
|
|
2154
|
+
"[TinyCloudNode] bootstrap skipped: interactive signer detected. Server-side bootstrap (OpenKey) is expected to have provisioned the account."
|
|
2155
|
+
);
|
|
2156
|
+
this._bootstrapSkipped = true;
|
|
2157
|
+
this._bootstrapStatus = { skipped: true, reason: "interactive-signer" };
|
|
2158
|
+
return false;
|
|
2159
|
+
}
|
|
2114
2160
|
const steps = bootstrapSteps(this._address, this._chainId);
|
|
2115
2161
|
if (!await this.isFreshBootstrapAccount(steps)) {
|
|
2116
2162
|
return false;
|
|
2117
2163
|
}
|
|
2118
|
-
|
|
2164
|
+
try {
|
|
2165
|
+
await this.runAccountBootstrap(steps);
|
|
2166
|
+
} catch (err) {
|
|
2167
|
+
const reason = err instanceof Error ? err.message : String(err);
|
|
2168
|
+
this._bootstrapSkipped = true;
|
|
2169
|
+
this._bootstrapStatus = { skipped: true, reason };
|
|
2170
|
+
this.notificationHandler.warning(
|
|
2171
|
+
`Account bootstrap did not complete: ${reason}`
|
|
2172
|
+
);
|
|
2173
|
+
console.warn(`[TinyCloudNode] account bootstrap failed: ${reason}`);
|
|
2174
|
+
return false;
|
|
2175
|
+
}
|
|
2119
2176
|
return true;
|
|
2120
2177
|
}
|
|
2121
2178
|
async isFreshBootstrapAccount(steps) {
|
|
@@ -2167,16 +2224,23 @@ var _TinyCloudNode = class _TinyCloudNode {
|
|
|
2167
2224
|
if (rawAbilities) {
|
|
2168
2225
|
rawAbilitiesBySpace.set(step.space, rawAbilities);
|
|
2169
2226
|
}
|
|
2170
|
-
|
|
2171
|
-
|
|
2172
|
-
|
|
2173
|
-
|
|
2174
|
-
|
|
2227
|
+
let session;
|
|
2228
|
+
try {
|
|
2229
|
+
session = await auth.createBootstrapSession({
|
|
2230
|
+
spaceId: step.spaceId,
|
|
2231
|
+
capabilityRequest: step.request ?? BOOTSTRAP_SESSION_REQUESTS[step.space],
|
|
2232
|
+
rawAbilities
|
|
2233
|
+
});
|
|
2234
|
+
} catch (err) {
|
|
2235
|
+
throw new Error(
|
|
2236
|
+
`Account bootstrap aborted: signature rejected for space "${step.space}". Cause: ${err instanceof Error ? err.message : String(err)}`
|
|
2237
|
+
);
|
|
2238
|
+
}
|
|
2175
2239
|
sessions.set(step.space, session);
|
|
2176
2240
|
}
|
|
2177
2241
|
for (const step of steps) {
|
|
2178
2242
|
if (step.kind !== "host") continue;
|
|
2179
|
-
const hosted = await auth.hostOwnedSpace(step.spaceId);
|
|
2243
|
+
const hosted = await auth.hostOwnedSpace(step.spaceId, "bootstrap-host");
|
|
2180
2244
|
if (!hosted) {
|
|
2181
2245
|
throw new Error(`Failed to host bootstrap space: ${step.spaceId}`);
|
|
2182
2246
|
}
|