@tinycloud/sdk-core 2.0.4 → 2.1.0-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +453 -0
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +436 -63
- package/dist/index.d.ts +436 -63
- package/dist/index.js +428 -0
- package/dist/index.js.map +1 -1
- package/package.json +4 -2
package/dist/index.d.cts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { z } from 'zod';
|
|
2
|
-
import { InvokeFunction, ServiceError, Result as Result$1, ServiceSession, FetchFunction, ServiceConstructor, RetryPolicy, IServiceContext, IService, IKVService, ISQLService, IDuckDbService, IDataVaultService } from '@tinycloud/sdk-services';
|
|
3
|
-
export { BatchOptions, BatchResponse, ColumnInfo, DataVaultConfig, DataVaultService, DatabaseHandle, DuckDbAction, DuckDbActionType, DuckDbBatchOptions, DuckDbBatchResponse, DuckDbDatabaseHandle, DuckDbExecuteOptions, DuckDbExecuteResponse, DuckDbOptions, DuckDbQueryOptions, DuckDbQueryResponse, DuckDbService, DuckDbServiceConfig, DuckDbStatement, DuckDbValue, ErrorCode, ErrorCodes, ExecuteOptions, ExecuteResponse, FetchFunction, IDataVaultService, IDatabaseHandle, IDuckDbDatabaseHandle, IDuckDbService, IKVService, IPrefixedKVService, ISQLService, IService, IServiceContext, InvokeFunction, KVDeleteOptions, KVGetOptions, KVHeadOptions, KVListOptions, KVListResponse, KVPutOptions, KVResponse, KVResponseHeaders, KVService, KVServiceConfig, PrefixedKVService, QueryOptions, QueryResponse, Result, RetryPolicy, SQLAction, SQLActionType, SQLService, SQLServiceConfig, SchemaInfo, ServiceContext, ServiceContextConfig, ServiceError, ServiceSession, SqlStatement, SqlValue, TableInfo, VaultCrypto, VaultEntry, VaultError, VaultGetOptions, VaultGrantOptions, VaultHeaders, VaultListOptions, VaultPublicSpaceKVActions, VaultPutOptions, ViewInfo, WasmVaultFunctions, createVaultCrypto, defaultRetryPolicy, err, ok, serviceError } from '@tinycloud/sdk-services';
|
|
2
|
+
import { InvokeFunction, InvokeAnyFunction, ServiceError, Result as Result$1, ServiceSession, FetchFunction, ServiceConstructor, RetryPolicy, IServiceContext, IService, IKVService, ISQLService, IDuckDbService, IHooksService, IDataVaultService } from '@tinycloud/sdk-services';
|
|
3
|
+
export { BatchOptions, BatchResponse, ColumnInfo, DataVaultConfig, DataVaultService, DatabaseHandle, DuckDbAction, DuckDbActionType, DuckDbBatchOptions, DuckDbBatchResponse, DuckDbDatabaseHandle, DuckDbExecuteOptions, DuckDbExecuteResponse, DuckDbOptions, DuckDbQueryOptions, DuckDbQueryResponse, DuckDbService, DuckDbServiceConfig, DuckDbStatement, DuckDbValue, ErrorCode, ErrorCodes, ExecuteOptions, ExecuteResponse, FetchFunction, HookEvent, HookServiceName, HookStreamEvent, HookSubscription, HookWebhookListOptions, HookWebhookRecord, HookWebhookRegistration, HookWebhookScope, HookWebhookUnregisterOptions, HooksService, HooksServiceConfig, IDataVaultService, IDatabaseHandle, IDuckDbDatabaseHandle, IDuckDbService, IHooksService, IKVService, IPrefixedKVService, ISQLService, IService, IServiceContext, InvokeAnyEntry, InvokeAnyFunction, InvokeFunction, KVDeleteOptions, KVGetOptions, KVHeadOptions, KVListOptions, KVListResponse, KVPutOptions, KVResponse, KVResponseHeaders, KVService, KVServiceConfig, PrefixedKVService, QueryOptions, QueryResponse, Result, RetryPolicy, SQLAction, SQLActionType, SQLService, SQLServiceConfig, SchemaInfo, ServiceContext, ServiceContextConfig, ServiceError, ServiceSession, SqlStatement, SqlValue, SubscribeOptions, TableInfo, VaultCrypto, VaultEntry, VaultError, VaultGetOptions, VaultGrantOptions, VaultHeaders, VaultListOptions, VaultPublicSpaceKVActions, VaultPutOptions, ViewInfo, WasmVaultFunctions, createVaultCrypto, defaultRetryPolicy, err, ok, serviceError } from '@tinycloud/sdk-services';
|
|
4
4
|
export { SiweMessage } from 'siwe';
|
|
5
5
|
|
|
6
6
|
/**
|
|
@@ -179,6 +179,359 @@ interface IENSResolver {
|
|
|
179
179
|
resolveAvatar?(ensName: string): Promise<string | null>;
|
|
180
180
|
}
|
|
181
181
|
|
|
182
|
+
/**
|
|
183
|
+
* TinyCloud App Manifest
|
|
184
|
+
*
|
|
185
|
+
* A declarative description of an app's identity and the capabilities it
|
|
186
|
+
* needs. The manifest drives the SIWE recap at sign-in time, enabling a
|
|
187
|
+
* single wallet prompt that covers the app's own permissions plus any
|
|
188
|
+
* pre-declared delegations.
|
|
189
|
+
*
|
|
190
|
+
* The SDK does NOT fetch external manifests. Apps compose their own manifest
|
|
191
|
+
* (optionally including backend or agent addenda) before handing it to the
|
|
192
|
+
* SDK.
|
|
193
|
+
*
|
|
194
|
+
* Canonical spec: `.claude/specs/manifest.md`.
|
|
195
|
+
*
|
|
196
|
+
* @packageDocumentation
|
|
197
|
+
*/
|
|
198
|
+
/**
|
|
199
|
+
* A single permission entry inside a manifest. This is the shape apps write
|
|
200
|
+
* in their `manifest.json` and the shape we compare against when performing
|
|
201
|
+
* the capability-subset derivability check in the delegation flow.
|
|
202
|
+
*
|
|
203
|
+
* `service` uses the long form (e.g. `"tinycloud.kv"`, `"tinycloud.sql"`)
|
|
204
|
+
* which matches the ability-namespace half of the full action URN.
|
|
205
|
+
*/
|
|
206
|
+
interface PermissionEntry {
|
|
207
|
+
/** Service namespace, e.g. "tinycloud.kv", "tinycloud.sql", "tinycloud.duckdb", "tinycloud.capabilities". */
|
|
208
|
+
service: string;
|
|
209
|
+
/** "default" for the user's personal space, or a specific space id. */
|
|
210
|
+
space: string;
|
|
211
|
+
/**
|
|
212
|
+
* Service-specific path.
|
|
213
|
+
* - tinycloud.kv: hierarchical prefix. "/" = all, "foo/" = prefix match, "foo" = exact key
|
|
214
|
+
* - tinycloud.sql: database name/file (e.g. "data.sqlite") or "/" for all
|
|
215
|
+
* - tinycloud.duckdb: database name/file
|
|
216
|
+
* - tinycloud.capabilities: capability key URI or "/" for all
|
|
217
|
+
*/
|
|
218
|
+
path: string;
|
|
219
|
+
/**
|
|
220
|
+
* Short action names (e.g. "get", "put", "read", "ddl"). The SDK expands
|
|
221
|
+
* these to full URNs (e.g. `tinycloud.kv/get`) during resolution.
|
|
222
|
+
* Already-expanded URNs are passed through unchanged.
|
|
223
|
+
*/
|
|
224
|
+
actions: string[];
|
|
225
|
+
/** When true, the manifest prefix is NOT prepended to `path`. Default false. */
|
|
226
|
+
skipPrefix?: boolean;
|
|
227
|
+
/** Per-entry expiry override, ms-format. */
|
|
228
|
+
expiry?: string;
|
|
229
|
+
}
|
|
230
|
+
/**
|
|
231
|
+
* A pre-declared delegation that will be included in the main SIWE recap as
|
|
232
|
+
* an additional audience.
|
|
233
|
+
*/
|
|
234
|
+
interface ManifestDelegation {
|
|
235
|
+
/** DID of the delegate (e.g. a backend's wallet DID). */
|
|
236
|
+
to: string;
|
|
237
|
+
/** Informational display name. Optional. */
|
|
238
|
+
name?: string;
|
|
239
|
+
/** Expiry override for this delegation, ms-format. Optional. */
|
|
240
|
+
expiry?: string;
|
|
241
|
+
/**
|
|
242
|
+
* Permissions to delegate. Same shape as the top-level `permissions`, and
|
|
243
|
+
* the manifest prefix is inherited identically (unless `skipPrefix: true`).
|
|
244
|
+
*/
|
|
245
|
+
permissions: PermissionEntry[];
|
|
246
|
+
}
|
|
247
|
+
/**
|
|
248
|
+
* The valid values for `Manifest.defaults`.
|
|
249
|
+
*
|
|
250
|
+
* - `false` → no auto-included permissions
|
|
251
|
+
* - `true` → standard tier (KV + SQL read/write + capabilities:read)
|
|
252
|
+
* - `"admin"` → standard + SQL ddl + capabilities:admin
|
|
253
|
+
* - `"all"` → everything the SDK supports (including DuckDB)
|
|
254
|
+
*
|
|
255
|
+
* Unknown string values silently fall back to `true`. Values are normalized
|
|
256
|
+
* (lowercase + trim) before matching.
|
|
257
|
+
*/
|
|
258
|
+
type ManifestDefaults = boolean | "admin" | "all";
|
|
259
|
+
/**
|
|
260
|
+
* The raw manifest shape an app declares. See `.claude/specs/manifest.md`.
|
|
261
|
+
*/
|
|
262
|
+
interface Manifest {
|
|
263
|
+
/** Schema version. Optional, defaults to 1. */
|
|
264
|
+
version?: number;
|
|
265
|
+
/** Bundle identifier — reverse DNS. Required. */
|
|
266
|
+
id: string;
|
|
267
|
+
/** Display name. Required. */
|
|
268
|
+
name: string;
|
|
269
|
+
/** One-line description. Optional. */
|
|
270
|
+
description?: string;
|
|
271
|
+
/** URL to app icon. Optional. */
|
|
272
|
+
icon?: string;
|
|
273
|
+
/** App version string. Optional. */
|
|
274
|
+
appVersion?: string;
|
|
275
|
+
/** Default expiry for permissions. ms-format ("30d", "2h", "1y"). Default "30d". */
|
|
276
|
+
expiry?: string;
|
|
277
|
+
/**
|
|
278
|
+
* Path prefix auto-prepended to permission paths. Optional, defaults to
|
|
279
|
+
* `id`. Set to `""` to disable entirely. Individual permissions can opt
|
|
280
|
+
* out with `skipPrefix: true`.
|
|
281
|
+
*/
|
|
282
|
+
prefix?: string;
|
|
283
|
+
/**
|
|
284
|
+
* Default permission set to auto-include. Optional, defaults to `true`.
|
|
285
|
+
* See {@link ManifestDefaults}.
|
|
286
|
+
*/
|
|
287
|
+
defaults?: ManifestDefaults | string;
|
|
288
|
+
/** Whether to include the public-space companion delegation. Default `true`. */
|
|
289
|
+
includePublicSpace?: boolean;
|
|
290
|
+
/**
|
|
291
|
+
* Additional permissions beyond the defaults. Use for cross-space access,
|
|
292
|
+
* DuckDB (opt-in), or `skipPrefix: true` entries.
|
|
293
|
+
*/
|
|
294
|
+
permissions?: PermissionEntry[];
|
|
295
|
+
/** Pre-delegations to other DIDs at sign-in. */
|
|
296
|
+
delegations?: ManifestDelegation[];
|
|
297
|
+
}
|
|
298
|
+
/**
|
|
299
|
+
* A resolved permission entry with fully-expanded paths and action URNs.
|
|
300
|
+
* This is the shape the delegation flow compares against parsed recap
|
|
301
|
+
* capabilities, and the shape the session-key delegation path actually uses.
|
|
302
|
+
*/
|
|
303
|
+
interface ResourceCapability {
|
|
304
|
+
/** Long-form service, e.g. "tinycloud.kv". */
|
|
305
|
+
service: string;
|
|
306
|
+
/** Space id — "default" stays as-is here; the caller resolves it to a full SpaceId at sign-in time. */
|
|
307
|
+
space: string;
|
|
308
|
+
/** Path with the manifest prefix applied (or skipped per `skipPrefix`). */
|
|
309
|
+
path: string;
|
|
310
|
+
/** Full-URN actions, e.g. ["tinycloud.kv/get", "tinycloud.kv/put"]. */
|
|
311
|
+
actions: string[];
|
|
312
|
+
/** Per-entry expiry override in milliseconds. */
|
|
313
|
+
expiryMs?: number;
|
|
314
|
+
}
|
|
315
|
+
/**
|
|
316
|
+
* A resolved delegation entry with fully-expanded permissions.
|
|
317
|
+
*/
|
|
318
|
+
interface ResolvedDelegate {
|
|
319
|
+
/** DID of the delegate. */
|
|
320
|
+
did: string;
|
|
321
|
+
/** Informational display name. Optional. */
|
|
322
|
+
name?: string;
|
|
323
|
+
/** Expiry in milliseconds (per-delegation > manifest default > 30 days). */
|
|
324
|
+
expiryMs: number;
|
|
325
|
+
/** Fully resolved permissions. */
|
|
326
|
+
permissions: ResourceCapability[];
|
|
327
|
+
}
|
|
328
|
+
/**
|
|
329
|
+
* The output of {@link resolveManifest}: a fully-expanded capability set
|
|
330
|
+
* ready to drive the SIWE recap.
|
|
331
|
+
*/
|
|
332
|
+
interface ResolvedCapabilities {
|
|
333
|
+
/** Bundle identifier copied from manifest.id. */
|
|
334
|
+
id: string;
|
|
335
|
+
/** All session-key resources with paths fully resolved (prefix applied). */
|
|
336
|
+
resources: ResourceCapability[];
|
|
337
|
+
/** Default expiry for the session, in milliseconds. */
|
|
338
|
+
expiryMs: number;
|
|
339
|
+
/** Whether to include the public-space companion. */
|
|
340
|
+
includePublicSpace: boolean;
|
|
341
|
+
/** Additional delegate targets with resolved paths. */
|
|
342
|
+
additionalDelegates: ResolvedDelegate[];
|
|
343
|
+
}
|
|
344
|
+
/**
|
|
345
|
+
* Thrown when the manifest fails validation (missing id/name, bad expiry,
|
|
346
|
+
* empty actions on a permission, etc).
|
|
347
|
+
*/
|
|
348
|
+
declare class ManifestValidationError extends Error {
|
|
349
|
+
constructor(message: string);
|
|
350
|
+
}
|
|
351
|
+
/**
|
|
352
|
+
* Default expiry when neither the manifest, delegation, nor permission
|
|
353
|
+
* specifies one. Spec: 30 days.
|
|
354
|
+
*/
|
|
355
|
+
declare const DEFAULT_EXPIRY = "30d";
|
|
356
|
+
/**
|
|
357
|
+
* Default `defaults` value when the manifest omits it. Spec: standard tier.
|
|
358
|
+
*/
|
|
359
|
+
declare const DEFAULT_DEFAULTS: ManifestDefaults;
|
|
360
|
+
/**
|
|
361
|
+
* Known services and their short-form (recap URI) names. The TinyCloud
|
|
362
|
+
* node encodes the recap resource URI with the short service name, while
|
|
363
|
+
* action URNs and manifest entries use the long `tinycloud.<short>` form.
|
|
364
|
+
* This table is the canonical bridge between the two.
|
|
365
|
+
*/
|
|
366
|
+
declare const SERVICE_SHORT_TO_LONG: Readonly<Record<string, string>>;
|
|
367
|
+
/**
|
|
368
|
+
* Inverse of {@link SERVICE_SHORT_TO_LONG}.
|
|
369
|
+
*/
|
|
370
|
+
declare const SERVICE_LONG_TO_SHORT: Readonly<Record<string, string>>;
|
|
371
|
+
/**
|
|
372
|
+
* Parse an ms-format duration string (e.g. "30d", "2h", "1y") into
|
|
373
|
+
* milliseconds.
|
|
374
|
+
*
|
|
375
|
+
* @throws {ManifestValidationError} on empty string, non-string input, or
|
|
376
|
+
* any input `ms()` cannot parse.
|
|
377
|
+
*/
|
|
378
|
+
declare function parseExpiry(duration: string): number;
|
|
379
|
+
/**
|
|
380
|
+
* Expand a list of action short names (or already-expanded URNs) into full
|
|
381
|
+
* ability URNs of the form `<service>/<action>`.
|
|
382
|
+
*
|
|
383
|
+
* Examples:
|
|
384
|
+
* `expandActionShortNames("tinycloud.kv", ["get", "put"])`
|
|
385
|
+
* → `["tinycloud.kv/get", "tinycloud.kv/put"]`
|
|
386
|
+
* `expandActionShortNames("tinycloud.kv", ["tinycloud.kv/get"])`
|
|
387
|
+
* → `["tinycloud.kv/get"]` (passed through unchanged)
|
|
388
|
+
*/
|
|
389
|
+
declare function expandActionShortNames(service: string, actions: readonly string[]): string[];
|
|
390
|
+
/**
|
|
391
|
+
* Apply the manifest prefix to a permission path per the spec rules.
|
|
392
|
+
*
|
|
393
|
+
* - `skipPrefix: true` → path is returned as-is
|
|
394
|
+
* - `prefix === ""` → path is returned as-is
|
|
395
|
+
* - path starts with "/" → `prefix + path` (e.g. "com.listen.app" + "/" → "com.listen.app/")
|
|
396
|
+
* - otherwise → `prefix + "/" + path` (e.g. "com.listen.app" + "data.sqlite" → "com.listen.app/data.sqlite")
|
|
397
|
+
*/
|
|
398
|
+
declare function applyPrefix(prefix: string, path: string, skipPrefix: boolean): string;
|
|
399
|
+
/**
|
|
400
|
+
* Fetch and parse a manifest from a URL (browser) or file path (node).
|
|
401
|
+
* The runtime decides the fetch strategy via `globalThis.fetch`; this is
|
|
402
|
+
* platform-agnostic. Callers that want custom loading should JSON.parse a
|
|
403
|
+
* Manifest themselves and skip this helper.
|
|
404
|
+
*
|
|
405
|
+
* @throws if the fetch fails, the JSON is invalid, or the manifest fails
|
|
406
|
+
* validation.
|
|
407
|
+
*/
|
|
408
|
+
declare function loadManifest(url: string): Promise<Manifest>;
|
|
409
|
+
/**
|
|
410
|
+
* Validate a manifest-shaped object and return it strongly-typed.
|
|
411
|
+
* Throws {@link ManifestValidationError} on any hard failure.
|
|
412
|
+
*/
|
|
413
|
+
declare function validateManifest(input: unknown): Manifest;
|
|
414
|
+
/**
|
|
415
|
+
* Normalize a `defaults` value: lowercase + trim, then match against known
|
|
416
|
+
* tiers. Unknown string values silently fall back to `true` (standard).
|
|
417
|
+
* Boolean values pass through.
|
|
418
|
+
*/
|
|
419
|
+
declare function normalizeDefaults(value: Manifest["defaults"] | undefined): ManifestDefaults;
|
|
420
|
+
/**
|
|
421
|
+
* Resolve a raw manifest into a {@link ResolvedCapabilities} object: expand
|
|
422
|
+
* shortform actions, apply the prefix, merge defaults, and compute effective
|
|
423
|
+
* expiries. Pure function — does no I/O.
|
|
424
|
+
*
|
|
425
|
+
* Resolution semantics (spec):
|
|
426
|
+
* - `prefix` defaults to `id`; set to `""` to disable prefix application entirely.
|
|
427
|
+
* - `defaults` defaults to `true` (standard tier); unknown string values fall back to `true`.
|
|
428
|
+
* - Per-entry expiry overrides per-delegation overrides manifest > `DEFAULT_EXPIRY`.
|
|
429
|
+
* - Default entries use `skipPrefix: false` so they inherit the manifest prefix.
|
|
430
|
+
* - Prefix inheritance applies identically to `permissions` and `delegations[*].permissions`.
|
|
431
|
+
*/
|
|
432
|
+
declare function resolveManifest(input: Manifest): ResolvedCapabilities;
|
|
433
|
+
|
|
434
|
+
/**
|
|
435
|
+
* Capability subset checking and recap parsing.
|
|
436
|
+
*
|
|
437
|
+
* This module powers the capability-chain delegation flow. The key decision
|
|
438
|
+
* a `delegateTo` call has to make is: "are the requested capabilities a
|
|
439
|
+
* subset of what the current session already grants?"
|
|
440
|
+
*
|
|
441
|
+
* - If yes → issue the delegation via the session-key UCAN path (no wallet prompt).
|
|
442
|
+
* - If no → raise {@link PermissionNotInManifestError} so the caller can
|
|
443
|
+
* trigger an escalation flow via `requestPermissions`.
|
|
444
|
+
*
|
|
445
|
+
* Canonical spec: `.claude/specs/capability-chain.md`.
|
|
446
|
+
*
|
|
447
|
+
* @packageDocumentation
|
|
448
|
+
*/
|
|
449
|
+
|
|
450
|
+
/**
|
|
451
|
+
* Thrown when a `delegateTo` call requests capabilities that the current
|
|
452
|
+
* session does not already grant. The caller can catch this and trigger
|
|
453
|
+
* `requestPermissions(missing)` to show an escalation modal.
|
|
454
|
+
*/
|
|
455
|
+
declare class PermissionNotInManifestError extends Error {
|
|
456
|
+
readonly missing: PermissionEntry[];
|
|
457
|
+
readonly granted: PermissionEntry[];
|
|
458
|
+
constructor(missing: PermissionEntry[], granted: PermissionEntry[]);
|
|
459
|
+
}
|
|
460
|
+
/**
|
|
461
|
+
* Thrown when the current session has expired (or will expire within the
|
|
462
|
+
* safety margin). The caller should trigger a fresh sign-in.
|
|
463
|
+
*/
|
|
464
|
+
declare class SessionExpiredError extends Error {
|
|
465
|
+
readonly expiredAt: Date;
|
|
466
|
+
constructor(expiredAt: Date);
|
|
467
|
+
}
|
|
468
|
+
interface SubsetCheckResult {
|
|
469
|
+
/** True when every requested entry is covered by a granted entry. */
|
|
470
|
+
subset: boolean;
|
|
471
|
+
/** Entries the granted set does not cover (empty when `subset` is true). */
|
|
472
|
+
missing: PermissionEntry[];
|
|
473
|
+
}
|
|
474
|
+
/**
|
|
475
|
+
* Check whether `requested` is a strict subset of `granted`.
|
|
476
|
+
*
|
|
477
|
+
* Matching rules for each `requested[i]`:
|
|
478
|
+
* - `service` matches exactly.
|
|
479
|
+
* - `space` matches exactly.
|
|
480
|
+
* - Path containment:
|
|
481
|
+
* - If `granted.path` ends with `/`, it covers any `requested.path` that
|
|
482
|
+
* starts with `granted.path`.
|
|
483
|
+
* - Otherwise, the paths must match exactly.
|
|
484
|
+
* - Action containment: every URN in `requested.actions` must appear in
|
|
485
|
+
* `granted.actions` (set subset).
|
|
486
|
+
*
|
|
487
|
+
* Any `requested` entry that does not find a matching `granted` entry is
|
|
488
|
+
* added to `missing` and the overall result is non-subset.
|
|
489
|
+
*
|
|
490
|
+
* Both sides are expected to be in the canonical long-form shape (service
|
|
491
|
+
* starts with `tinycloud.`, actions are full URNs). Use {@link parseRecapCapabilities}
|
|
492
|
+
* or `expandActionShortNames` to normalize inputs first.
|
|
493
|
+
*/
|
|
494
|
+
declare function isCapabilitySubset(requested: readonly PermissionEntry[], granted: readonly PermissionEntry[]): SubsetCheckResult;
|
|
495
|
+
/**
|
|
496
|
+
* The raw shape returned from the WASM `parseRecapFromSiwe` export. The
|
|
497
|
+
* Rust layer encodes the service in the short form (e.g. `"kv"`) because
|
|
498
|
+
* that is what the SIWE recap resource URI actually contains. We normalize
|
|
499
|
+
* to the manifest long form (`"tinycloud.kv"`) in {@link parseRecapCapabilities}.
|
|
500
|
+
*
|
|
501
|
+
* @internal
|
|
502
|
+
*/
|
|
503
|
+
interface WasmRecapEntry {
|
|
504
|
+
service: string;
|
|
505
|
+
space: string;
|
|
506
|
+
path: string;
|
|
507
|
+
actions: string[];
|
|
508
|
+
}
|
|
509
|
+
/**
|
|
510
|
+
* Signature of the WASM `parseRecapFromSiwe` export. Accepts the signed
|
|
511
|
+
* SIWE message string and returns an array of raw recap entries. Throws if
|
|
512
|
+
* the SIWE is malformed or the recap statement has been tampered.
|
|
513
|
+
*
|
|
514
|
+
* Exposed as an interface so the SDK can inject the web or node binding
|
|
515
|
+
* without `capabilities.ts` needing to know which.
|
|
516
|
+
*/
|
|
517
|
+
type ParseRecapFromSiwe = (siweString: string) => WasmRecapEntry[];
|
|
518
|
+
/**
|
|
519
|
+
* Parse a signed SIWE message into an array of {@link PermissionEntry}
|
|
520
|
+
* objects in the canonical long-form manifest shape.
|
|
521
|
+
*
|
|
522
|
+
* This is a thin wrapper around the WASM `parseRecapFromSiwe` export that:
|
|
523
|
+
* 1. Normalizes short-form services (`"kv"`) to long-form (`"tinycloud.kv"`).
|
|
524
|
+
* 2. Returns entries in a deterministic order (sorted by space, then service,
|
|
525
|
+
* then path) so downstream equality checks are stable.
|
|
526
|
+
*
|
|
527
|
+
* Returns an empty array when the SIWE has no recap resource (plain auth
|
|
528
|
+
* SIWE); this matches the WASM function's behavior and the spec.
|
|
529
|
+
*
|
|
530
|
+
* @param parseWasm The WASM `parseRecapFromSiwe` binding.
|
|
531
|
+
* @param siwe The signed SIWE message string (exactly what `session.siwe` stores).
|
|
532
|
+
*/
|
|
533
|
+
declare function parseRecapCapabilities(parseWasm: ParseRecapFromSiwe, siwe: string): PermissionEntry[];
|
|
534
|
+
|
|
182
535
|
/**
|
|
183
536
|
* WASM binding abstraction for TinyCloud SDK.
|
|
184
537
|
*
|
|
@@ -198,6 +551,8 @@ interface IENSResolver {
|
|
|
198
551
|
interface IWasmBindings {
|
|
199
552
|
/** Invoke a TinyCloud action */
|
|
200
553
|
invoke: InvokeFunction;
|
|
554
|
+
/** Invoke multiple TinyCloud capabilities in one authorization header */
|
|
555
|
+
invokeAny?: InvokeAnyFunction;
|
|
201
556
|
/** Prepare a session (generate session key, build SIWE message) */
|
|
202
557
|
prepareSession: (params: any) => any;
|
|
203
558
|
/** Complete session setup (create delegation) */
|
|
@@ -208,6 +563,15 @@ interface IWasmBindings {
|
|
|
208
563
|
makeSpaceId: (address: string, chainId: number, prefix: string) => string;
|
|
209
564
|
/** Create a delegation */
|
|
210
565
|
createDelegation: (...args: any[]) => any;
|
|
566
|
+
/**
|
|
567
|
+
* Parse the recap resource of a signed SIWE message into structured
|
|
568
|
+
* permission entries. Used by the capability-chain delegation flow to
|
|
569
|
+
* decide whether a requested delegation is derivable from the current
|
|
570
|
+
* session without a fresh wallet prompt.
|
|
571
|
+
*
|
|
572
|
+
* Returns an empty array when the SIWE has no recap resource.
|
|
573
|
+
*/
|
|
574
|
+
parseRecapFromSiwe: (siweString: string) => WasmRecapEntry[];
|
|
211
575
|
/** Generate a host SIWE message for space activation */
|
|
212
576
|
generateHostSIWEMessage: (params: any) => string;
|
|
213
577
|
/** Convert a signed SIWE message to delegation headers */
|
|
@@ -835,11 +1199,11 @@ declare const DelegationSchema: z.ZodObject<{
|
|
|
835
1199
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
836
1200
|
}, "strip", z.ZodTypeAny, {
|
|
837
1201
|
path: string;
|
|
1202
|
+
actions: string[];
|
|
1203
|
+
expiry: Date;
|
|
838
1204
|
spaceId: string;
|
|
839
1205
|
cid: string;
|
|
840
1206
|
delegateDID: string;
|
|
841
|
-
actions: string[];
|
|
842
|
-
expiry: Date;
|
|
843
1207
|
isRevoked: boolean;
|
|
844
1208
|
createdAt?: Date | undefined;
|
|
845
1209
|
delegatorDID?: string | undefined;
|
|
@@ -848,11 +1212,11 @@ declare const DelegationSchema: z.ZodObject<{
|
|
|
848
1212
|
authHeader?: string | undefined;
|
|
849
1213
|
}, {
|
|
850
1214
|
path: string;
|
|
1215
|
+
actions: string[];
|
|
1216
|
+
expiry: Date;
|
|
851
1217
|
spaceId: string;
|
|
852
1218
|
cid: string;
|
|
853
1219
|
delegateDID: string;
|
|
854
|
-
actions: string[];
|
|
855
|
-
expiry: Date;
|
|
856
1220
|
isRevoked: boolean;
|
|
857
1221
|
createdAt?: Date | undefined;
|
|
858
1222
|
delegatorDID?: string | undefined;
|
|
@@ -993,11 +1357,11 @@ declare const CapabilityEntrySchema: z.ZodObject<{
|
|
|
993
1357
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
994
1358
|
}, "strip", z.ZodTypeAny, {
|
|
995
1359
|
path: string;
|
|
1360
|
+
actions: string[];
|
|
1361
|
+
expiry: Date;
|
|
996
1362
|
spaceId: string;
|
|
997
1363
|
cid: string;
|
|
998
1364
|
delegateDID: string;
|
|
999
|
-
actions: string[];
|
|
1000
|
-
expiry: Date;
|
|
1001
1365
|
isRevoked: boolean;
|
|
1002
1366
|
createdAt?: Date | undefined;
|
|
1003
1367
|
delegatorDID?: string | undefined;
|
|
@@ -1006,11 +1370,11 @@ declare const CapabilityEntrySchema: z.ZodObject<{
|
|
|
1006
1370
|
authHeader?: string | undefined;
|
|
1007
1371
|
}, {
|
|
1008
1372
|
path: string;
|
|
1373
|
+
actions: string[];
|
|
1374
|
+
expiry: Date;
|
|
1009
1375
|
spaceId: string;
|
|
1010
1376
|
cid: string;
|
|
1011
1377
|
delegateDID: string;
|
|
1012
|
-
actions: string[];
|
|
1013
|
-
expiry: Date;
|
|
1014
1378
|
isRevoked: boolean;
|
|
1015
1379
|
createdAt?: Date | undefined;
|
|
1016
1380
|
delegatorDID?: string | undefined;
|
|
@@ -1042,11 +1406,11 @@ declare const CapabilityEntrySchema: z.ZodObject<{
|
|
|
1042
1406
|
}[];
|
|
1043
1407
|
delegation: {
|
|
1044
1408
|
path: string;
|
|
1409
|
+
actions: string[];
|
|
1410
|
+
expiry: Date;
|
|
1045
1411
|
spaceId: string;
|
|
1046
1412
|
cid: string;
|
|
1047
1413
|
delegateDID: string;
|
|
1048
|
-
actions: string[];
|
|
1049
|
-
expiry: Date;
|
|
1050
1414
|
isRevoked: boolean;
|
|
1051
1415
|
createdAt?: Date | undefined;
|
|
1052
1416
|
delegatorDID?: string | undefined;
|
|
@@ -1079,11 +1443,11 @@ declare const CapabilityEntrySchema: z.ZodObject<{
|
|
|
1079
1443
|
}[];
|
|
1080
1444
|
delegation: {
|
|
1081
1445
|
path: string;
|
|
1446
|
+
actions: string[];
|
|
1447
|
+
expiry: Date;
|
|
1082
1448
|
spaceId: string;
|
|
1083
1449
|
cid: string;
|
|
1084
1450
|
delegateDID: string;
|
|
1085
|
-
actions: string[];
|
|
1086
|
-
expiry: Date;
|
|
1087
1451
|
isRevoked: boolean;
|
|
1088
1452
|
createdAt?: Date | undefined;
|
|
1089
1453
|
delegatorDID?: string | undefined;
|
|
@@ -1126,10 +1490,10 @@ declare const DelegationRecordSchema: z.ZodObject<{
|
|
|
1126
1490
|
parentCid: z.ZodOptional<z.ZodString>;
|
|
1127
1491
|
}, "strip", z.ZodTypeAny, {
|
|
1128
1492
|
path: string;
|
|
1493
|
+
actions: string[];
|
|
1129
1494
|
spaceId: string;
|
|
1130
1495
|
createdAt: Date;
|
|
1131
1496
|
cid: string;
|
|
1132
|
-
actions: string[];
|
|
1133
1497
|
isRevoked: boolean;
|
|
1134
1498
|
delegator: string;
|
|
1135
1499
|
delegatee: string;
|
|
@@ -1139,10 +1503,10 @@ declare const DelegationRecordSchema: z.ZodObject<{
|
|
|
1139
1503
|
keyId?: string | undefined;
|
|
1140
1504
|
}, {
|
|
1141
1505
|
path: string;
|
|
1506
|
+
actions: string[];
|
|
1142
1507
|
spaceId: string;
|
|
1143
1508
|
createdAt: Date;
|
|
1144
1509
|
cid: string;
|
|
1145
|
-
actions: string[];
|
|
1146
1510
|
isRevoked: boolean;
|
|
1147
1511
|
delegator: string;
|
|
1148
1512
|
delegatee: string;
|
|
@@ -1170,15 +1534,15 @@ declare const CreateDelegationParamsSchema: z.ZodObject<{
|
|
|
1170
1534
|
statement: z.ZodOptional<z.ZodString>;
|
|
1171
1535
|
}, "strip", z.ZodTypeAny, {
|
|
1172
1536
|
path: string;
|
|
1173
|
-
delegateDID: string;
|
|
1174
1537
|
actions: string[];
|
|
1538
|
+
delegateDID: string;
|
|
1175
1539
|
statement?: string | undefined;
|
|
1176
1540
|
expiry?: Date | undefined;
|
|
1177
1541
|
disableSubDelegation?: boolean | undefined;
|
|
1178
1542
|
}, {
|
|
1179
1543
|
path: string;
|
|
1180
|
-
delegateDID: string;
|
|
1181
1544
|
actions: string[];
|
|
1545
|
+
delegateDID: string;
|
|
1182
1546
|
statement?: string | undefined;
|
|
1183
1547
|
expiry?: Date | undefined;
|
|
1184
1548
|
disableSubDelegation?: boolean | undefined;
|
|
@@ -1214,11 +1578,11 @@ declare const DelegationChainSchema: z.ZodArray<z.ZodObject<{
|
|
|
1214
1578
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
1215
1579
|
}, "strip", z.ZodTypeAny, {
|
|
1216
1580
|
path: string;
|
|
1581
|
+
actions: string[];
|
|
1582
|
+
expiry: Date;
|
|
1217
1583
|
spaceId: string;
|
|
1218
1584
|
cid: string;
|
|
1219
1585
|
delegateDID: string;
|
|
1220
|
-
actions: string[];
|
|
1221
|
-
expiry: Date;
|
|
1222
1586
|
isRevoked: boolean;
|
|
1223
1587
|
createdAt?: Date | undefined;
|
|
1224
1588
|
delegatorDID?: string | undefined;
|
|
@@ -1227,11 +1591,11 @@ declare const DelegationChainSchema: z.ZodArray<z.ZodObject<{
|
|
|
1227
1591
|
authHeader?: string | undefined;
|
|
1228
1592
|
}, {
|
|
1229
1593
|
path: string;
|
|
1594
|
+
actions: string[];
|
|
1595
|
+
expiry: Date;
|
|
1230
1596
|
spaceId: string;
|
|
1231
1597
|
cid: string;
|
|
1232
1598
|
delegateDID: string;
|
|
1233
|
-
actions: string[];
|
|
1234
|
-
expiry: Date;
|
|
1235
1599
|
isRevoked: boolean;
|
|
1236
1600
|
createdAt?: Date | undefined;
|
|
1237
1601
|
delegatorDID?: string | undefined;
|
|
@@ -1272,11 +1636,11 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1272
1636
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
1273
1637
|
}, "strip", z.ZodTypeAny, {
|
|
1274
1638
|
path: string;
|
|
1639
|
+
actions: string[];
|
|
1640
|
+
expiry: Date;
|
|
1275
1641
|
spaceId: string;
|
|
1276
1642
|
cid: string;
|
|
1277
1643
|
delegateDID: string;
|
|
1278
|
-
actions: string[];
|
|
1279
|
-
expiry: Date;
|
|
1280
1644
|
isRevoked: boolean;
|
|
1281
1645
|
createdAt?: Date | undefined;
|
|
1282
1646
|
delegatorDID?: string | undefined;
|
|
@@ -1285,11 +1649,11 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1285
1649
|
authHeader?: string | undefined;
|
|
1286
1650
|
}, {
|
|
1287
1651
|
path: string;
|
|
1652
|
+
actions: string[];
|
|
1653
|
+
expiry: Date;
|
|
1288
1654
|
spaceId: string;
|
|
1289
1655
|
cid: string;
|
|
1290
1656
|
delegateDID: string;
|
|
1291
|
-
actions: string[];
|
|
1292
|
-
expiry: Date;
|
|
1293
1657
|
isRevoked: boolean;
|
|
1294
1658
|
createdAt?: Date | undefined;
|
|
1295
1659
|
delegatorDID?: string | undefined;
|
|
@@ -1325,11 +1689,11 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1325
1689
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
1326
1690
|
}, "strip", z.ZodTypeAny, {
|
|
1327
1691
|
path: string;
|
|
1692
|
+
actions: string[];
|
|
1693
|
+
expiry: Date;
|
|
1328
1694
|
spaceId: string;
|
|
1329
1695
|
cid: string;
|
|
1330
1696
|
delegateDID: string;
|
|
1331
|
-
actions: string[];
|
|
1332
|
-
expiry: Date;
|
|
1333
1697
|
isRevoked: boolean;
|
|
1334
1698
|
createdAt?: Date | undefined;
|
|
1335
1699
|
delegatorDID?: string | undefined;
|
|
@@ -1338,11 +1702,11 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1338
1702
|
authHeader?: string | undefined;
|
|
1339
1703
|
}, {
|
|
1340
1704
|
path: string;
|
|
1705
|
+
actions: string[];
|
|
1706
|
+
expiry: Date;
|
|
1341
1707
|
spaceId: string;
|
|
1342
1708
|
cid: string;
|
|
1343
1709
|
delegateDID: string;
|
|
1344
|
-
actions: string[];
|
|
1345
|
-
expiry: Date;
|
|
1346
1710
|
isRevoked: boolean;
|
|
1347
1711
|
createdAt?: Date | undefined;
|
|
1348
1712
|
delegatorDID?: string | undefined;
|
|
@@ -1378,11 +1742,11 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1378
1742
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
1379
1743
|
}, "strip", z.ZodTypeAny, {
|
|
1380
1744
|
path: string;
|
|
1745
|
+
actions: string[];
|
|
1746
|
+
expiry: Date;
|
|
1381
1747
|
spaceId: string;
|
|
1382
1748
|
cid: string;
|
|
1383
1749
|
delegateDID: string;
|
|
1384
|
-
actions: string[];
|
|
1385
|
-
expiry: Date;
|
|
1386
1750
|
isRevoked: boolean;
|
|
1387
1751
|
createdAt?: Date | undefined;
|
|
1388
1752
|
delegatorDID?: string | undefined;
|
|
@@ -1391,11 +1755,11 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1391
1755
|
authHeader?: string | undefined;
|
|
1392
1756
|
}, {
|
|
1393
1757
|
path: string;
|
|
1758
|
+
actions: string[];
|
|
1759
|
+
expiry: Date;
|
|
1394
1760
|
spaceId: string;
|
|
1395
1761
|
cid: string;
|
|
1396
1762
|
delegateDID: string;
|
|
1397
|
-
actions: string[];
|
|
1398
|
-
expiry: Date;
|
|
1399
1763
|
isRevoked: boolean;
|
|
1400
1764
|
createdAt?: Date | undefined;
|
|
1401
1765
|
delegatorDID?: string | undefined;
|
|
@@ -1406,11 +1770,11 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1406
1770
|
}, "strip", z.ZodTypeAny, {
|
|
1407
1771
|
root: {
|
|
1408
1772
|
path: string;
|
|
1773
|
+
actions: string[];
|
|
1774
|
+
expiry: Date;
|
|
1409
1775
|
spaceId: string;
|
|
1410
1776
|
cid: string;
|
|
1411
1777
|
delegateDID: string;
|
|
1412
|
-
actions: string[];
|
|
1413
|
-
expiry: Date;
|
|
1414
1778
|
isRevoked: boolean;
|
|
1415
1779
|
createdAt?: Date | undefined;
|
|
1416
1780
|
delegatorDID?: string | undefined;
|
|
@@ -1420,11 +1784,11 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1420
1784
|
};
|
|
1421
1785
|
chain: {
|
|
1422
1786
|
path: string;
|
|
1787
|
+
actions: string[];
|
|
1788
|
+
expiry: Date;
|
|
1423
1789
|
spaceId: string;
|
|
1424
1790
|
cid: string;
|
|
1425
1791
|
delegateDID: string;
|
|
1426
|
-
actions: string[];
|
|
1427
|
-
expiry: Date;
|
|
1428
1792
|
isRevoked: boolean;
|
|
1429
1793
|
createdAt?: Date | undefined;
|
|
1430
1794
|
delegatorDID?: string | undefined;
|
|
@@ -1434,11 +1798,11 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1434
1798
|
}[];
|
|
1435
1799
|
leaf: {
|
|
1436
1800
|
path: string;
|
|
1801
|
+
actions: string[];
|
|
1802
|
+
expiry: Date;
|
|
1437
1803
|
spaceId: string;
|
|
1438
1804
|
cid: string;
|
|
1439
1805
|
delegateDID: string;
|
|
1440
|
-
actions: string[];
|
|
1441
|
-
expiry: Date;
|
|
1442
1806
|
isRevoked: boolean;
|
|
1443
1807
|
createdAt?: Date | undefined;
|
|
1444
1808
|
delegatorDID?: string | undefined;
|
|
@@ -1449,11 +1813,11 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1449
1813
|
}, {
|
|
1450
1814
|
root: {
|
|
1451
1815
|
path: string;
|
|
1816
|
+
actions: string[];
|
|
1817
|
+
expiry: Date;
|
|
1452
1818
|
spaceId: string;
|
|
1453
1819
|
cid: string;
|
|
1454
1820
|
delegateDID: string;
|
|
1455
|
-
actions: string[];
|
|
1456
|
-
expiry: Date;
|
|
1457
1821
|
isRevoked: boolean;
|
|
1458
1822
|
createdAt?: Date | undefined;
|
|
1459
1823
|
delegatorDID?: string | undefined;
|
|
@@ -1463,11 +1827,11 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1463
1827
|
};
|
|
1464
1828
|
chain: {
|
|
1465
1829
|
path: string;
|
|
1830
|
+
actions: string[];
|
|
1831
|
+
expiry: Date;
|
|
1466
1832
|
spaceId: string;
|
|
1467
1833
|
cid: string;
|
|
1468
1834
|
delegateDID: string;
|
|
1469
|
-
actions: string[];
|
|
1470
|
-
expiry: Date;
|
|
1471
1835
|
isRevoked: boolean;
|
|
1472
1836
|
createdAt?: Date | undefined;
|
|
1473
1837
|
delegatorDID?: string | undefined;
|
|
@@ -1477,11 +1841,11 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1477
1841
|
}[];
|
|
1478
1842
|
leaf: {
|
|
1479
1843
|
path: string;
|
|
1844
|
+
actions: string[];
|
|
1845
|
+
expiry: Date;
|
|
1480
1846
|
spaceId: string;
|
|
1481
1847
|
cid: string;
|
|
1482
1848
|
delegateDID: string;
|
|
1483
|
-
actions: string[];
|
|
1484
|
-
expiry: Date;
|
|
1485
1849
|
isRevoked: boolean;
|
|
1486
1850
|
createdAt?: Date | undefined;
|
|
1487
1851
|
delegatorDID?: string | undefined;
|
|
@@ -1523,7 +1887,7 @@ declare const DelegationFiltersSchema: z.ZodObject<{
|
|
|
1523
1887
|
actions?: string[] | undefined;
|
|
1524
1888
|
delegator?: string | undefined;
|
|
1525
1889
|
delegatee?: string | undefined;
|
|
1526
|
-
direction?: "received" | "
|
|
1890
|
+
direction?: "received" | "all" | "granted" | undefined;
|
|
1527
1891
|
includeRevoked?: boolean | undefined;
|
|
1528
1892
|
validAt?: Date | undefined;
|
|
1529
1893
|
limit?: number | undefined;
|
|
@@ -1533,7 +1897,7 @@ declare const DelegationFiltersSchema: z.ZodObject<{
|
|
|
1533
1897
|
actions?: string[] | undefined;
|
|
1534
1898
|
delegator?: string | undefined;
|
|
1535
1899
|
delegatee?: string | undefined;
|
|
1536
|
-
direction?: "received" | "
|
|
1900
|
+
direction?: "received" | "all" | "granted" | undefined;
|
|
1537
1901
|
includeRevoked?: boolean | undefined;
|
|
1538
1902
|
validAt?: Date | undefined;
|
|
1539
1903
|
limit?: number | undefined;
|
|
@@ -1618,11 +1982,11 @@ declare const ShareLinkSchema: z.ZodObject<{
|
|
|
1618
1982
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
1619
1983
|
}, "strip", z.ZodTypeAny, {
|
|
1620
1984
|
path: string;
|
|
1985
|
+
actions: string[];
|
|
1986
|
+
expiry: Date;
|
|
1621
1987
|
spaceId: string;
|
|
1622
1988
|
cid: string;
|
|
1623
1989
|
delegateDID: string;
|
|
1624
|
-
actions: string[];
|
|
1625
|
-
expiry: Date;
|
|
1626
1990
|
isRevoked: boolean;
|
|
1627
1991
|
createdAt?: Date | undefined;
|
|
1628
1992
|
delegatorDID?: string | undefined;
|
|
@@ -1631,11 +1995,11 @@ declare const ShareLinkSchema: z.ZodObject<{
|
|
|
1631
1995
|
authHeader?: string | undefined;
|
|
1632
1996
|
}, {
|
|
1633
1997
|
path: string;
|
|
1998
|
+
actions: string[];
|
|
1999
|
+
expiry: Date;
|
|
1634
2000
|
spaceId: string;
|
|
1635
2001
|
cid: string;
|
|
1636
2002
|
delegateDID: string;
|
|
1637
|
-
actions: string[];
|
|
1638
|
-
expiry: Date;
|
|
1639
2003
|
isRevoked: boolean;
|
|
1640
2004
|
createdAt?: Date | undefined;
|
|
1641
2005
|
delegatorDID?: string | undefined;
|
|
@@ -1653,11 +2017,11 @@ declare const ShareLinkSchema: z.ZodObject<{
|
|
|
1653
2017
|
url: string;
|
|
1654
2018
|
delegation: {
|
|
1655
2019
|
path: string;
|
|
2020
|
+
actions: string[];
|
|
2021
|
+
expiry: Date;
|
|
1656
2022
|
spaceId: string;
|
|
1657
2023
|
cid: string;
|
|
1658
2024
|
delegateDID: string;
|
|
1659
|
-
actions: string[];
|
|
1660
|
-
expiry: Date;
|
|
1661
2025
|
isRevoked: boolean;
|
|
1662
2026
|
createdAt?: Date | undefined;
|
|
1663
2027
|
delegatorDID?: string | undefined;
|
|
@@ -1673,11 +2037,11 @@ declare const ShareLinkSchema: z.ZodObject<{
|
|
|
1673
2037
|
url: string;
|
|
1674
2038
|
delegation: {
|
|
1675
2039
|
path: string;
|
|
2040
|
+
actions: string[];
|
|
2041
|
+
expiry: Date;
|
|
1676
2042
|
spaceId: string;
|
|
1677
2043
|
cid: string;
|
|
1678
2044
|
delegateDID: string;
|
|
1679
|
-
actions: string[];
|
|
1680
|
-
expiry: Date;
|
|
1681
2045
|
isRevoked: boolean;
|
|
1682
2046
|
createdAt?: Date | undefined;
|
|
1683
2047
|
delegatorDID?: string | undefined;
|
|
@@ -1846,17 +2210,17 @@ declare const CreateDelegationWasmParamsSchema: z.ZodObject<{
|
|
|
1846
2210
|
notBeforeSecs: z.ZodOptional<z.ZodNumber>;
|
|
1847
2211
|
}, "strip", z.ZodTypeAny, {
|
|
1848
2212
|
path: string;
|
|
2213
|
+
actions: string[];
|
|
1849
2214
|
spaceId: string;
|
|
1850
2215
|
session: ServiceSession;
|
|
1851
2216
|
delegateDID: string;
|
|
1852
|
-
actions: string[];
|
|
1853
2217
|
expirationSecs: number;
|
|
1854
2218
|
notBeforeSecs?: number | undefined;
|
|
1855
2219
|
}, {
|
|
1856
2220
|
path: string;
|
|
2221
|
+
actions: string[];
|
|
1857
2222
|
spaceId: string;
|
|
1858
2223
|
delegateDID: string;
|
|
1859
|
-
actions: string[];
|
|
1860
2224
|
expirationSecs: number;
|
|
1861
2225
|
session?: unknown;
|
|
1862
2226
|
notBeforeSecs?: number | undefined;
|
|
@@ -1880,18 +2244,18 @@ declare const CreateDelegationWasmResultSchema: z.ZodObject<{
|
|
|
1880
2244
|
expiry: z.ZodDate;
|
|
1881
2245
|
}, "strip", z.ZodTypeAny, {
|
|
1882
2246
|
path: string;
|
|
2247
|
+
actions: string[];
|
|
2248
|
+
expiry: Date;
|
|
1883
2249
|
delegation: string;
|
|
1884
2250
|
cid: string;
|
|
1885
2251
|
delegateDID: string;
|
|
1886
|
-
actions: string[];
|
|
1887
|
-
expiry: Date;
|
|
1888
2252
|
}, {
|
|
1889
2253
|
path: string;
|
|
2254
|
+
actions: string[];
|
|
2255
|
+
expiry: Date;
|
|
1890
2256
|
delegation: string;
|
|
1891
2257
|
cid: string;
|
|
1892
2258
|
delegateDID: string;
|
|
1893
|
-
actions: string[];
|
|
1894
|
-
expiry: Date;
|
|
1895
2259
|
}>;
|
|
1896
2260
|
type CreateDelegationWasmResult = z.infer<typeof CreateDelegationWasmResultSchema>;
|
|
1897
2261
|
|
|
@@ -2569,6 +2933,10 @@ interface TinyCloudConfig {
|
|
|
2569
2933
|
* Required when using services.
|
|
2570
2934
|
*/
|
|
2571
2935
|
invoke?: InvokeFunction;
|
|
2936
|
+
/**
|
|
2937
|
+
* Optional multi-resource invoke function for aggregated capability requests.
|
|
2938
|
+
*/
|
|
2939
|
+
invokeAny?: InvokeAnyFunction;
|
|
2572
2940
|
/**
|
|
2573
2941
|
* Custom fetch implementation.
|
|
2574
2942
|
* Defaults to globalThis.fetch.
|
|
@@ -2706,6 +3074,11 @@ declare class TinyCloud {
|
|
|
2706
3074
|
* @throws Error if services are not initialized
|
|
2707
3075
|
*/
|
|
2708
3076
|
get duckdb(): IDuckDbService;
|
|
3077
|
+
/**
|
|
3078
|
+
* Get the Hooks service.
|
|
3079
|
+
* @throws Error if services are not initialized
|
|
3080
|
+
*/
|
|
3081
|
+
get hooks(): IHooksService;
|
|
2709
3082
|
/**
|
|
2710
3083
|
* Get the Data Vault service.
|
|
2711
3084
|
* @throws Error if services are not initialized or vault service is not registered
|
|
@@ -3864,4 +4237,4 @@ interface NodeInfo {
|
|
|
3864
4237
|
}
|
|
3865
4238
|
declare function checkNodeInfo(host: string, sdkProtocol: number, fetchFn?: typeof globalThis.fetch): Promise<NodeInfo>;
|
|
3866
4239
|
|
|
3867
|
-
export { AutoApproveSpaceCreationHandler, type AutoRejectStrategy, type AutoSignStrategy, type Bytes, type CallbackStrategy, type CapabilityEntry, CapabilityKeyRegistry, type CapabilityKeyRegistryErrorCode, CapabilityKeyRegistryErrorCodes, type ClientSession, ClientSessionSchema, type CreateDelegationFunction, type CreateDelegationParams, type CreateDelegationWasmParams, type CreateDelegationWasmResult, type Delegation, type DelegationApiResponse, type DelegationChain, type DelegationChainV2, type DelegationDirection, type DelegationError, type DelegationErrorCode, DelegationErrorCodes, type DelegationFilters, DelegationManager, type DelegationManagerConfig, type DelegationRecord, type Result as DelegationResult, type EncodedShareData, type EnsData, EnsDataSchema, type EventEmitterStrategy, type Extension, type GenerateShareParams, type ICapabilityKeyRegistry, type IENSResolver, type INotificationHandler, type ISessionManager, type ISessionStorage, type ISharingService, type ISigner, type ISpace, type ISpaceCreationHandler, type ISpaceScopedDelegations, type ISpaceScopedSharing, type ISpaceService, type IUserAuthorization, type IWasmBindings, type IngestOptions, type JWK, type KeyInfo, type KeyProvider, type KeyType, type NodeInfo, type PartialSiweMessage, type PersistedSessionData, type PersistedTinyCloudSession, ProtocolMismatchError, type ReceiveOptions, type ServerHost, type ShareAccess, type ShareLink, type ShareLinkData, type ShareSchema, SharingService, type SharingServiceConfig, type SignCallback, type SignRequest, type SignResponse, type SignStrategy, SilentNotificationHandler, type SiweConfig, SiweConfigSchema, Space, type SpaceConfig, type SpaceCreationContext, type SpaceDelegationParams, type SpaceErrorCode, SpaceErrorCodes, type SpaceHostResult, type SpaceInfo, type SpaceOwnership, SpaceService, type SpaceServiceConfig, type StoredDelegationChain, TinyCloud, type TinyCloudConfig, type TinyCloudSession, UnsupportedFeatureError, type UserAuthorizationConfig, type ValidationError, VersionCheckError, activateSessionWithHost, buildSpaceUri, checkNodeInfo, createCapabilityKeyRegistry, createSharingService, createSpaceService, defaultSignStrategy, defaultSpaceCreationHandler, fetchPeerId, makePublicSpaceId, parseSpaceUri, submitHostDelegation, validateClientSession, validatePersistedSessionData };
|
|
4240
|
+
export { AutoApproveSpaceCreationHandler, type AutoRejectStrategy, type AutoSignStrategy, type Bytes, type CallbackStrategy, type CapabilityEntry, CapabilityKeyRegistry, type CapabilityKeyRegistryErrorCode, CapabilityKeyRegistryErrorCodes, type ClientSession, ClientSessionSchema, type CreateDelegationFunction, type CreateDelegationParams, type CreateDelegationWasmParams, type CreateDelegationWasmResult, DEFAULT_DEFAULTS, DEFAULT_EXPIRY, type Delegation, type DelegationApiResponse, type DelegationChain, type DelegationChainV2, type DelegationDirection, type DelegationError, type DelegationErrorCode, DelegationErrorCodes, type DelegationFilters, DelegationManager, type DelegationManagerConfig, type DelegationRecord, type Result as DelegationResult, type EncodedShareData, type EnsData, EnsDataSchema, type EventEmitterStrategy, type Extension, type GenerateShareParams, type ICapabilityKeyRegistry, type IENSResolver, type INotificationHandler, type ISessionManager, type ISessionStorage, type ISharingService, type ISigner, type ISpace, type ISpaceCreationHandler, type ISpaceScopedDelegations, type ISpaceScopedSharing, type ISpaceService, type IUserAuthorization, type IWasmBindings, type IngestOptions, type JWK, type KeyInfo, type KeyProvider, type KeyType, type Manifest, type ManifestDefaults, type ManifestDelegation, ManifestValidationError, type NodeInfo, type ParseRecapFromSiwe, type PartialSiweMessage, type PermissionEntry, PermissionNotInManifestError, type PersistedSessionData, type PersistedTinyCloudSession, ProtocolMismatchError, type ReceiveOptions, type ResolvedCapabilities, type ResolvedDelegate, type ResourceCapability, SERVICE_LONG_TO_SHORT, SERVICE_SHORT_TO_LONG, type ServerHost, SessionExpiredError, type ShareAccess, type ShareLink, type ShareLinkData, type ShareSchema, SharingService, type SharingServiceConfig, type SignCallback, type SignRequest, type SignResponse, type SignStrategy, SilentNotificationHandler, type SiweConfig, SiweConfigSchema, Space, type SpaceConfig, type SpaceCreationContext, type SpaceDelegationParams, type SpaceErrorCode, SpaceErrorCodes, type SpaceHostResult, type SpaceInfo, type SpaceOwnership, SpaceService, type SpaceServiceConfig, type StoredDelegationChain, type SubsetCheckResult, TinyCloud, type TinyCloudConfig, type TinyCloudSession, UnsupportedFeatureError, type UserAuthorizationConfig, type ValidationError, VersionCheckError, type WasmRecapEntry, activateSessionWithHost, applyPrefix, buildSpaceUri, checkNodeInfo, createCapabilityKeyRegistry, createSharingService, createSpaceService, defaultSignStrategy, defaultSpaceCreationHandler, expandActionShortNames, fetchPeerId, isCapabilitySubset, loadManifest, makePublicSpaceId, normalizeDefaults, parseExpiry, parseRecapCapabilities, parseSpaceUri, resolveManifest, submitHostDelegation, validateClientSession, validateManifest, validatePersistedSessionData };
|