@tinycloud/sdk-core 2.2.0-beta.9 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +274 -57
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +98 -34
- package/dist/index.d.ts +98 -34
- package/dist/index.js +243 -31
- package/dist/index.js.map +1 -1
- package/package.json +2 -2
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { z } from 'zod';
|
|
2
|
-
import { InvokeFunction, InvokeAnyFunction, ServiceError, Result as Result$1, ServiceSession, FetchFunction, ServiceConstructor, RetryPolicy, IServiceContext, IService, IKVService, ISQLService, IDuckDbService, IHooksService, IDataVaultService } from '@tinycloud/sdk-services';
|
|
3
|
-
export { BatchOptions, BatchResponse, ColumnInfo, DataVaultConfig, DataVaultService, DatabaseHandle, DuckDbAction, DuckDbActionType, DuckDbBatchOptions, DuckDbBatchResponse, DuckDbDatabaseHandle, DuckDbExecuteOptions, DuckDbExecuteResponse, DuckDbOptions, DuckDbQueryOptions, DuckDbQueryResponse, DuckDbService, DuckDbServiceConfig, DuckDbStatement, DuckDbValue, ErrorCode, ErrorCodes, ExecuteOptions, ExecuteResponse, FetchFunction, HookEvent, HookServiceName, HookStreamEvent, HookSubscription, HookWebhookListOptions, HookWebhookRecord, HookWebhookRegistration, HookWebhookScope, HookWebhookUnregisterOptions, HooksService, HooksServiceConfig, IDataVaultService, IDatabaseHandle, IDuckDbDatabaseHandle, IDuckDbService, IHooksService, IKVService, IPrefixedKVService, ISQLService, ISecretsService, IService, IServiceContext, InvokeAnyEntry, InvokeAnyFunction, InvokeFunction, KVDeleteOptions, KVGetOptions, KVHeadOptions, KVListOptions, KVListResponse, KVPutOptions, KVResponse, KVResponseHeaders, KVService, KVServiceConfig, PrefixedKVService, QueryOptions, QueryResponse, Result, RetryPolicy, SQLAction, SQLActionType, SQLService, SQLServiceConfig, SchemaInfo, SecretPayload, SecretsError, SecretsService, ServiceContext, ServiceContextConfig, ServiceError, ServiceSession, SqlStatement, SqlValue, SubscribeOptions, TableInfo, VaultCrypto, VaultEntry, VaultError, VaultGetOptions, VaultGrantOptions, VaultHeaders, VaultListOptions, VaultPublicSpaceKVActions, VaultPutOptions, ViewInfo, WasmVaultFunctions, createVaultCrypto, defaultRetryPolicy, err, ok, serviceError } from '@tinycloud/sdk-services';
|
|
2
|
+
import { InvokeFunction, InvokeAnyFunction, ServiceError, Result as Result$1, ServiceSession, FetchFunction, ServiceConstructor, RetryPolicy, IServiceContext, IService, IKVService, ISQLService, IDuckDbService, IHooksService, IDataVaultService, IEncryptionService } from '@tinycloud/sdk-services';
|
|
3
|
+
export { BatchOptions, BatchResponse, BuildCanonicalDecryptRequestInput, BuildDecryptFactsInput, BuildDecryptInvocationInput, BuiltDecryptInvocation, CanonicalDecryptRequest, CanonicalJson, ColumnInfo, DECRYPT_ACTION, DECRYPT_FACT_TYPE, DECRYPT_RESULT_TYPE, DEFAULT_ENCRYPTION_ALG, DEFAULT_KEY_VERSION, DataVaultConfig, DataVaultService, DatabaseHandle, DecryptCapabilityProof, DecryptEnvelopeOptions, DecryptInvocationFact, DecryptInvocationSigner, DecryptRequestBody, DecryptResponseBody, DecryptTransport, DiscoverNetworkInput, DiscoveredNetwork, DiscoverySource, DuckDbAction, DuckDbActionType, DuckDbBatchOptions, DuckDbBatchResponse, DuckDbDatabaseHandle, DuckDbExecuteOptions, DuckDbExecuteResponse, DuckDbOptions, DuckDbQueryOptions, DuckDbQueryResponse, DuckDbService, DuckDbServiceConfig, DuckDbStatement, DuckDbValue, ENCRYPTION_NETWORK_URN_PREFIX, ENCRYPTION_SERVICE, ENCRYPTION_SERVICE_SHORT, ENVELOPE_VERSION, EncryptToNetworkInput, EncryptToNetworkOptions, EncryptToNetworkResult, EncryptionCrypto, EncryptionError, EncryptionErrorInput, EncryptionService, EncryptionServiceConfig, ErrorCode, ErrorCodes, ExecuteOptions, ExecuteResponse, FetchFunction, HookEvent, HookServiceName, HookStreamEvent, HookSubscription, HookWebhookListOptions, HookWebhookRecord, HookWebhookRegistration, HookWebhookScope, HookWebhookUnregisterOptions, HooksService, HooksServiceConfig, IDataVaultService, IDatabaseHandle, IDuckDbDatabaseHandle, IDuckDbService, IEncryptionService, IHooksService, IKVService, IPrefixedKVService, ISQLService, ISecretsService, IService, IServiceContext, InlineEncryptedEnvelope, InvokeAnyEntry, InvokeAnyFunction, InvokeFunction, KVCreateSignedReadUrlOptions, KVDeleteOptions, KVGetOptions, KVHeadOptions, KVListOptions, KVListResponse, KVPutOptions, KVResponse, KVResponseHeaders, KVService, KVServiceConfig, KVSignedReadUrlResponse, NETWORK_NAME_PATTERN, NetworkDescriptor, NetworkIdError, NodeDescriptorFetcher, ParsedNetworkId, PrefixedKVService, QueryOptions, QueryResponse, RandomReceiverKeyInput, ReceiverKeyPair, ReceiverKeySigner, ResolvedSecretPath, Result, RetryPolicy, SECRET_NAME_RE, SQLAction, SQLActionType, SQLService, SQLServiceConfig, SchemaInfo, SecretPayload, SecretScopeOptions, SecretsError, SecretsService, ServiceContext, ServiceContextConfig, ServiceError, ServiceSession, SignedReceiverKeyInput, SqlStatement, SqlValue, SubscribeOptions, TableInfo, VaultCrypto, VaultEntry, VaultError, VaultGetOptions, VaultGrantOptions, VaultHeaders, VaultListOptions, VaultPublicSpaceKVActions, VaultPutOptions, VerifyDecryptResponseInput, ViewInfo, WasmVaultFunctions, WellKnownDescriptorFetcher, buildCanonicalDecryptRequest, buildDecryptAttenuation, buildDecryptFacts, buildDecryptInvocation, buildNetworkId, canonicalHashHex, canonicalSignedResponse, canonicalizeEncryptionJson, canonicalizeSecretScope, checkDecryptInvocationInput, createVaultCrypto, decryptEnvelopeWithKey, defaultRetryPolicy, deriveSignedReceiverKey, discoverNetwork, encryptToNetwork, base64Decode as encryptionBase64Decode, base64Encode as encryptionBase64Encode, encryptionError, utf8Decode as encryptionUtf8Decode, utf8Encode as encryptionUtf8Encode, ensureNetworkUsableForDecrypt, err, generateRandomReceiverKey, hexDecode, hexEncode, isNetworkId, networkDiscoveryKey, ok, openWrappedKey, parseNetworkId, resolveSecretListPrefix, resolveSecretPath, serviceError, validateEnvelope, verifyDecryptResponse } from '@tinycloud/sdk-services';
|
|
4
4
|
export { SiweMessage } from 'siwe';
|
|
5
5
|
|
|
6
6
|
/**
|
|
@@ -231,6 +231,10 @@ interface PermissionEntry {
|
|
|
231
231
|
description?: string;
|
|
232
232
|
}
|
|
233
233
|
type ManifestSecretActions = true | string | string[] | {
|
|
234
|
+
/** Actual vault secret name. Defaults to the manifest object key. */
|
|
235
|
+
name?: string;
|
|
236
|
+
/** Optional scoped secret namespace. Omit for global secrets. */
|
|
237
|
+
scope?: string;
|
|
234
238
|
actions?: string | string[];
|
|
235
239
|
expiry?: string;
|
|
236
240
|
description?: string;
|
|
@@ -380,7 +384,12 @@ declare class ManifestValidationError extends Error {
|
|
|
380
384
|
}
|
|
381
385
|
/**
|
|
382
386
|
* Default expiry when neither the manifest, delegation, nor permission
|
|
383
|
-
* specifies one. Spec: 30 days.
|
|
387
|
+
* specifies one. APP tier — see `expiry.ts`. Spec: 30 days.
|
|
388
|
+
*
|
|
389
|
+
* Kept as an ms-format string because the manifest schema stores expiry
|
|
390
|
+
* as a string and the parser is shared between this default and
|
|
391
|
+
* caller-provided values; converting `EXPIRY.APP_MS` back to a string
|
|
392
|
+
* here would duplicate that same `30d` literal in another form.
|
|
384
393
|
*/
|
|
385
394
|
declare const DEFAULT_EXPIRY = "30d";
|
|
386
395
|
/**
|
|
@@ -404,6 +413,22 @@ declare const VAULT_PERMISSION_SERVICE = "tinycloud.vault";
|
|
|
404
413
|
* This table is the canonical bridge between the two.
|
|
405
414
|
*/
|
|
406
415
|
declare const SERVICE_SHORT_TO_LONG: Readonly<Record<string, string>>;
|
|
416
|
+
/**
|
|
417
|
+
* Manifest service identifier for TinyCloud encryption network grants.
|
|
418
|
+
*
|
|
419
|
+
* Encryption permissions live on a network id URN
|
|
420
|
+
* (`urn:tinycloud:encryption:<principal>:<network>`), not on a space.
|
|
421
|
+
* The `path` field is the literal networkId; `actions` are
|
|
422
|
+
* `["decrypt"]` (expanded to `["tinycloud.encryption/decrypt"]`).
|
|
423
|
+
*
|
|
424
|
+
* Apps should omit `space` for encryption permissions. The SDK may emit
|
|
425
|
+
* an internal `"encryption"` compatibility label after expansion so the
|
|
426
|
+
* older `PermissionEntry`/`ResourceCapability` shape can still carry the
|
|
427
|
+
* raw network URN through subset checks.
|
|
428
|
+
*/
|
|
429
|
+
declare const ENCRYPTION_PERMISSION_SERVICE = "tinycloud.encryption";
|
|
430
|
+
/** Synthetic space label used by encryption manifest entries. */
|
|
431
|
+
declare const ENCRYPTION_MANIFEST_SPACE = "encryption";
|
|
407
432
|
/**
|
|
408
433
|
* Inverse of {@link SERVICE_SHORT_TO_LONG}.
|
|
409
434
|
*/
|
|
@@ -430,10 +455,11 @@ declare function expandActionShortNames(service: string, actions: readonly strin
|
|
|
430
455
|
/**
|
|
431
456
|
* Expand SDK virtual permission services into concrete recap-capable services.
|
|
432
457
|
*
|
|
433
|
-
* Today this handles `"tinycloud.vault"`, which is backed by
|
|
434
|
-
* -
|
|
435
|
-
* -
|
|
436
|
-
* -
|
|
458
|
+
* Today this handles `"tinycloud.vault"`, which is backed by inline
|
|
459
|
+
* network-encrypted KV records:
|
|
460
|
+
* - read/get: `vault/<path>` with `tinycloud.kv/get`
|
|
461
|
+
* - write/put: `vault/<path>` with `tinycloud.kv/put`
|
|
462
|
+
* - delete/del: `vault/<path>` with `tinycloud.kv/del`
|
|
437
463
|
* - list: `vault/<path>` with `tinycloud.kv/list`
|
|
438
464
|
* - head: `vault/<path>` with `tinycloud.kv/get`
|
|
439
465
|
* - metadata: `vault/<path>` with `tinycloud.kv/metadata`
|
|
@@ -686,6 +712,8 @@ interface IWasmBindings {
|
|
|
686
712
|
invoke: InvokeFunction;
|
|
687
713
|
/** Invoke multiple TinyCloud capabilities in one authorization header */
|
|
688
714
|
invokeAny?: InvokeAnyFunction;
|
|
715
|
+
/** Compute a CID for signed invocation bytes. */
|
|
716
|
+
computeCid?: (data: Uint8Array, codec: bigint) => string;
|
|
689
717
|
/** Prepare a session (generate session key, build SIWE message) */
|
|
690
718
|
prepareSession: (params: any) => any;
|
|
691
719
|
/** Complete session setup (create delegation) */
|
|
@@ -1332,8 +1360,8 @@ declare const DelegationSchema: z.ZodObject<{
|
|
|
1332
1360
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
1333
1361
|
}, "strip", z.ZodTypeAny, {
|
|
1334
1362
|
path: string;
|
|
1335
|
-
actions: string[];
|
|
1336
1363
|
expiry: Date;
|
|
1364
|
+
actions: string[];
|
|
1337
1365
|
spaceId: string;
|
|
1338
1366
|
cid: string;
|
|
1339
1367
|
delegateDID: string;
|
|
@@ -1345,8 +1373,8 @@ declare const DelegationSchema: z.ZodObject<{
|
|
|
1345
1373
|
authHeader?: string | undefined;
|
|
1346
1374
|
}, {
|
|
1347
1375
|
path: string;
|
|
1348
|
-
actions: string[];
|
|
1349
1376
|
expiry: Date;
|
|
1377
|
+
actions: string[];
|
|
1350
1378
|
spaceId: string;
|
|
1351
1379
|
cid: string;
|
|
1352
1380
|
delegateDID: string;
|
|
@@ -1490,8 +1518,8 @@ declare const CapabilityEntrySchema: z.ZodObject<{
|
|
|
1490
1518
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
1491
1519
|
}, "strip", z.ZodTypeAny, {
|
|
1492
1520
|
path: string;
|
|
1493
|
-
actions: string[];
|
|
1494
1521
|
expiry: Date;
|
|
1522
|
+
actions: string[];
|
|
1495
1523
|
spaceId: string;
|
|
1496
1524
|
cid: string;
|
|
1497
1525
|
delegateDID: string;
|
|
@@ -1503,8 +1531,8 @@ declare const CapabilityEntrySchema: z.ZodObject<{
|
|
|
1503
1531
|
authHeader?: string | undefined;
|
|
1504
1532
|
}, {
|
|
1505
1533
|
path: string;
|
|
1506
|
-
actions: string[];
|
|
1507
1534
|
expiry: Date;
|
|
1535
|
+
actions: string[];
|
|
1508
1536
|
spaceId: string;
|
|
1509
1537
|
cid: string;
|
|
1510
1538
|
delegateDID: string;
|
|
@@ -1539,8 +1567,8 @@ declare const CapabilityEntrySchema: z.ZodObject<{
|
|
|
1539
1567
|
}[];
|
|
1540
1568
|
delegation: {
|
|
1541
1569
|
path: string;
|
|
1542
|
-
actions: string[];
|
|
1543
1570
|
expiry: Date;
|
|
1571
|
+
actions: string[];
|
|
1544
1572
|
spaceId: string;
|
|
1545
1573
|
cid: string;
|
|
1546
1574
|
delegateDID: string;
|
|
@@ -1576,8 +1604,8 @@ declare const CapabilityEntrySchema: z.ZodObject<{
|
|
|
1576
1604
|
}[];
|
|
1577
1605
|
delegation: {
|
|
1578
1606
|
path: string;
|
|
1579
|
-
actions: string[];
|
|
1580
1607
|
expiry: Date;
|
|
1608
|
+
actions: string[];
|
|
1581
1609
|
spaceId: string;
|
|
1582
1610
|
cid: string;
|
|
1583
1611
|
delegateDID: string;
|
|
@@ -1711,8 +1739,8 @@ declare const DelegationChainSchema: z.ZodArray<z.ZodObject<{
|
|
|
1711
1739
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
1712
1740
|
}, "strip", z.ZodTypeAny, {
|
|
1713
1741
|
path: string;
|
|
1714
|
-
actions: string[];
|
|
1715
1742
|
expiry: Date;
|
|
1743
|
+
actions: string[];
|
|
1716
1744
|
spaceId: string;
|
|
1717
1745
|
cid: string;
|
|
1718
1746
|
delegateDID: string;
|
|
@@ -1724,8 +1752,8 @@ declare const DelegationChainSchema: z.ZodArray<z.ZodObject<{
|
|
|
1724
1752
|
authHeader?: string | undefined;
|
|
1725
1753
|
}, {
|
|
1726
1754
|
path: string;
|
|
1727
|
-
actions: string[];
|
|
1728
1755
|
expiry: Date;
|
|
1756
|
+
actions: string[];
|
|
1729
1757
|
spaceId: string;
|
|
1730
1758
|
cid: string;
|
|
1731
1759
|
delegateDID: string;
|
|
@@ -1769,8 +1797,8 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1769
1797
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
1770
1798
|
}, "strip", z.ZodTypeAny, {
|
|
1771
1799
|
path: string;
|
|
1772
|
-
actions: string[];
|
|
1773
1800
|
expiry: Date;
|
|
1801
|
+
actions: string[];
|
|
1774
1802
|
spaceId: string;
|
|
1775
1803
|
cid: string;
|
|
1776
1804
|
delegateDID: string;
|
|
@@ -1782,8 +1810,8 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1782
1810
|
authHeader?: string | undefined;
|
|
1783
1811
|
}, {
|
|
1784
1812
|
path: string;
|
|
1785
|
-
actions: string[];
|
|
1786
1813
|
expiry: Date;
|
|
1814
|
+
actions: string[];
|
|
1787
1815
|
spaceId: string;
|
|
1788
1816
|
cid: string;
|
|
1789
1817
|
delegateDID: string;
|
|
@@ -1822,8 +1850,8 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1822
1850
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
1823
1851
|
}, "strip", z.ZodTypeAny, {
|
|
1824
1852
|
path: string;
|
|
1825
|
-
actions: string[];
|
|
1826
1853
|
expiry: Date;
|
|
1854
|
+
actions: string[];
|
|
1827
1855
|
spaceId: string;
|
|
1828
1856
|
cid: string;
|
|
1829
1857
|
delegateDID: string;
|
|
@@ -1835,8 +1863,8 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1835
1863
|
authHeader?: string | undefined;
|
|
1836
1864
|
}, {
|
|
1837
1865
|
path: string;
|
|
1838
|
-
actions: string[];
|
|
1839
1866
|
expiry: Date;
|
|
1867
|
+
actions: string[];
|
|
1840
1868
|
spaceId: string;
|
|
1841
1869
|
cid: string;
|
|
1842
1870
|
delegateDID: string;
|
|
@@ -1875,8 +1903,8 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1875
1903
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
1876
1904
|
}, "strip", z.ZodTypeAny, {
|
|
1877
1905
|
path: string;
|
|
1878
|
-
actions: string[];
|
|
1879
1906
|
expiry: Date;
|
|
1907
|
+
actions: string[];
|
|
1880
1908
|
spaceId: string;
|
|
1881
1909
|
cid: string;
|
|
1882
1910
|
delegateDID: string;
|
|
@@ -1888,8 +1916,8 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1888
1916
|
authHeader?: string | undefined;
|
|
1889
1917
|
}, {
|
|
1890
1918
|
path: string;
|
|
1891
|
-
actions: string[];
|
|
1892
1919
|
expiry: Date;
|
|
1920
|
+
actions: string[];
|
|
1893
1921
|
spaceId: string;
|
|
1894
1922
|
cid: string;
|
|
1895
1923
|
delegateDID: string;
|
|
@@ -1903,8 +1931,8 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1903
1931
|
}, "strip", z.ZodTypeAny, {
|
|
1904
1932
|
root: {
|
|
1905
1933
|
path: string;
|
|
1906
|
-
actions: string[];
|
|
1907
1934
|
expiry: Date;
|
|
1935
|
+
actions: string[];
|
|
1908
1936
|
spaceId: string;
|
|
1909
1937
|
cid: string;
|
|
1910
1938
|
delegateDID: string;
|
|
@@ -1917,8 +1945,8 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1917
1945
|
};
|
|
1918
1946
|
chain: {
|
|
1919
1947
|
path: string;
|
|
1920
|
-
actions: string[];
|
|
1921
1948
|
expiry: Date;
|
|
1949
|
+
actions: string[];
|
|
1922
1950
|
spaceId: string;
|
|
1923
1951
|
cid: string;
|
|
1924
1952
|
delegateDID: string;
|
|
@@ -1931,8 +1959,8 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1931
1959
|
}[];
|
|
1932
1960
|
leaf: {
|
|
1933
1961
|
path: string;
|
|
1934
|
-
actions: string[];
|
|
1935
1962
|
expiry: Date;
|
|
1963
|
+
actions: string[];
|
|
1936
1964
|
spaceId: string;
|
|
1937
1965
|
cid: string;
|
|
1938
1966
|
delegateDID: string;
|
|
@@ -1946,8 +1974,8 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1946
1974
|
}, {
|
|
1947
1975
|
root: {
|
|
1948
1976
|
path: string;
|
|
1949
|
-
actions: string[];
|
|
1950
1977
|
expiry: Date;
|
|
1978
|
+
actions: string[];
|
|
1951
1979
|
spaceId: string;
|
|
1952
1980
|
cid: string;
|
|
1953
1981
|
delegateDID: string;
|
|
@@ -1960,8 +1988,8 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1960
1988
|
};
|
|
1961
1989
|
chain: {
|
|
1962
1990
|
path: string;
|
|
1963
|
-
actions: string[];
|
|
1964
1991
|
expiry: Date;
|
|
1992
|
+
actions: string[];
|
|
1965
1993
|
spaceId: string;
|
|
1966
1994
|
cid: string;
|
|
1967
1995
|
delegateDID: string;
|
|
@@ -1974,8 +2002,8 @@ declare const DelegationChainV2Schema: z.ZodObject<{
|
|
|
1974
2002
|
}[];
|
|
1975
2003
|
leaf: {
|
|
1976
2004
|
path: string;
|
|
1977
|
-
actions: string[];
|
|
1978
2005
|
expiry: Date;
|
|
2006
|
+
actions: string[];
|
|
1979
2007
|
spaceId: string;
|
|
1980
2008
|
cid: string;
|
|
1981
2009
|
delegateDID: string;
|
|
@@ -2115,8 +2143,8 @@ declare const ShareLinkSchema: z.ZodObject<{
|
|
|
2115
2143
|
authHeader: z.ZodOptional<z.ZodString>;
|
|
2116
2144
|
}, "strip", z.ZodTypeAny, {
|
|
2117
2145
|
path: string;
|
|
2118
|
-
actions: string[];
|
|
2119
2146
|
expiry: Date;
|
|
2147
|
+
actions: string[];
|
|
2120
2148
|
spaceId: string;
|
|
2121
2149
|
cid: string;
|
|
2122
2150
|
delegateDID: string;
|
|
@@ -2128,8 +2156,8 @@ declare const ShareLinkSchema: z.ZodObject<{
|
|
|
2128
2156
|
authHeader?: string | undefined;
|
|
2129
2157
|
}, {
|
|
2130
2158
|
path: string;
|
|
2131
|
-
actions: string[];
|
|
2132
2159
|
expiry: Date;
|
|
2160
|
+
actions: string[];
|
|
2133
2161
|
spaceId: string;
|
|
2134
2162
|
cid: string;
|
|
2135
2163
|
delegateDID: string;
|
|
@@ -2150,8 +2178,8 @@ declare const ShareLinkSchema: z.ZodObject<{
|
|
|
2150
2178
|
url: string;
|
|
2151
2179
|
delegation: {
|
|
2152
2180
|
path: string;
|
|
2153
|
-
actions: string[];
|
|
2154
2181
|
expiry: Date;
|
|
2182
|
+
actions: string[];
|
|
2155
2183
|
spaceId: string;
|
|
2156
2184
|
cid: string;
|
|
2157
2185
|
delegateDID: string;
|
|
@@ -2170,8 +2198,8 @@ declare const ShareLinkSchema: z.ZodObject<{
|
|
|
2170
2198
|
url: string;
|
|
2171
2199
|
delegation: {
|
|
2172
2200
|
path: string;
|
|
2173
|
-
actions: string[];
|
|
2174
2201
|
expiry: Date;
|
|
2202
|
+
actions: string[];
|
|
2175
2203
|
spaceId: string;
|
|
2176
2204
|
cid: string;
|
|
2177
2205
|
delegateDID: string;
|
|
@@ -2240,16 +2268,16 @@ declare const GenerateShareParamsSchema: z.ZodObject<{
|
|
|
2240
2268
|
baseUrl: z.ZodOptional<z.ZodString>;
|
|
2241
2269
|
}, "strip", z.ZodTypeAny, {
|
|
2242
2270
|
path: string;
|
|
2243
|
-
actions?: string[] | undefined;
|
|
2244
2271
|
expiry?: Date | undefined;
|
|
2245
2272
|
description?: string | undefined;
|
|
2273
|
+
actions?: string[] | undefined;
|
|
2246
2274
|
schema?: "base64" | "compact" | "ipfs" | undefined;
|
|
2247
2275
|
baseUrl?: string | undefined;
|
|
2248
2276
|
}, {
|
|
2249
2277
|
path: string;
|
|
2250
|
-
actions?: string[] | undefined;
|
|
2251
2278
|
expiry?: Date | undefined;
|
|
2252
2279
|
description?: string | undefined;
|
|
2280
|
+
actions?: string[] | undefined;
|
|
2253
2281
|
schema?: "base64" | "compact" | "ipfs" | undefined;
|
|
2254
2282
|
baseUrl?: string | undefined;
|
|
2255
2283
|
}>;
|
|
@@ -3312,6 +3340,11 @@ declare class TinyCloud {
|
|
|
3312
3340
|
* @throws Error if services are not initialized or vault service is not registered
|
|
3313
3341
|
*/
|
|
3314
3342
|
get vault(): IDataVaultService;
|
|
3343
|
+
/**
|
|
3344
|
+
* Get the Encryption service.
|
|
3345
|
+
* @throws Error if services are not initialized or encryption service is not registered
|
|
3346
|
+
*/
|
|
3347
|
+
get encryption(): IEncryptionService;
|
|
3315
3348
|
/**
|
|
3316
3349
|
* Notify services of session change.
|
|
3317
3350
|
* Called internally after sign-in and sign-out.
|
|
@@ -4482,6 +4515,7 @@ declare class UnsupportedFeatureError extends Error {
|
|
|
4482
4515
|
}
|
|
4483
4516
|
interface NodeInfo {
|
|
4484
4517
|
features: string[];
|
|
4518
|
+
nodeId?: string;
|
|
4485
4519
|
quotaUrl?: string;
|
|
4486
4520
|
}
|
|
4487
4521
|
declare function checkNodeInfo(host: string, sdkProtocol: number, fetchFn?: typeof globalThis.fetch): Promise<NodeInfo>;
|
|
@@ -4584,5 +4618,35 @@ declare function resolveCloudLocation(subject: string, options?: ResolveCloudLoc
|
|
|
4584
4618
|
declare function resolveTinyCloudHosts(subject: string, options?: ResolveTinyCloudHostsOptions): Promise<ResolvedTinyCloudHosts>;
|
|
4585
4619
|
declare function multiaddrToHttpUrl(input: string): string;
|
|
4586
4620
|
declare function httpUrlToMultiaddr(input: string): string;
|
|
4621
|
+
declare function verifyDidKeyEd25519Signature(did: string, payload: Uint8Array, signature: Uint8Array): boolean;
|
|
4622
|
+
|
|
4623
|
+
/**
|
|
4624
|
+
* Default lifetimes for the various delegation shapes the SDK mints.
|
|
4625
|
+
*
|
|
4626
|
+
* The SDK has many delegation flows (session sign-in, runtime grants,
|
|
4627
|
+
* share links, manifest installs, public-space sub-delegations, …) and
|
|
4628
|
+
* each one used to pick its own number freehand. That made it hard to
|
|
4629
|
+
* tell whether a chosen value was deliberate or copy-pasted, and made
|
|
4630
|
+
* silent inconsistencies easy to ship.
|
|
4631
|
+
*
|
|
4632
|
+
* Every default below answers two questions:
|
|
4633
|
+
* - Who recovers if the delegation leaks? (re-auth, revocation, no one)
|
|
4634
|
+
* - Who is the principal at use time? (issuer, third party)
|
|
4635
|
+
*
|
|
4636
|
+
* The five tiers fall out of those answers. Pick a tier, not a number,
|
|
4637
|
+
* when introducing a new delegation surface.
|
|
4638
|
+
*
|
|
4639
|
+
* @packageDocumentation
|
|
4640
|
+
*/
|
|
4641
|
+
declare const EXPIRY: {
|
|
4642
|
+
readonly EPHEMERAL_MS: number;
|
|
4643
|
+
readonly SIGNED_READ_URL_MS: number;
|
|
4644
|
+
readonly SESSION_MS: number;
|
|
4645
|
+
readonly SHARE_MS: number;
|
|
4646
|
+
readonly APP_MS: number;
|
|
4647
|
+
readonly MAX_MS: number;
|
|
4648
|
+
};
|
|
4649
|
+
declare const DEFAULT_SIGNED_READ_URL_EXPIRY_MS: number;
|
|
4650
|
+
type ExpiryTier = keyof typeof EXPIRY;
|
|
4587
4651
|
|
|
4588
|
-
export { ACCOUNT_REGISTRY_PATH, ACCOUNT_REGISTRY_SPACE, type AbilitiesMap, AutoApproveSpaceCreationHandler, type AutoRejectStrategy, type AutoSignStrategy, type Bytes, type CallbackStrategy, type CapabilityEntry, CapabilityKeyRegistry, type CapabilityKeyRegistryErrorCode, CapabilityKeyRegistryErrorCodes, type ClientSession, ClientSessionSchema, CloudLocationResolutionError, type ComposeManifestOptions, type ComposedManifestRequest, type CreateDelegationFunction, type CreateDelegationParams, type CreateDelegationWasmParams, type CreateDelegationWasmResult, DEFAULT_DEFAULTS, DEFAULT_EXPIRY, DEFAULT_MANIFEST_SPACE, DEFAULT_MANIFEST_VERSION, DEFAULT_TINYCLOUD_FALLBACK_HOST, DEFAULT_TINYCLOUD_LOCATION_REGISTRY_URL, type DelegatedResource, type Delegation, type DelegationApiResponse, type DelegationChain, type DelegationChainV2, type DelegationDirection, type DelegationError, type DelegationErrorCode, DelegationErrorCodes, type DelegationFilters, DelegationManager, type DelegationManagerConfig, type DelegationRecord, type Result as DelegationResult, type EncodedShareData, type EnsData, EnsDataSchema, type EventEmitterStrategy, type Extension, type GenerateShareParams, type ICapabilityKeyRegistry, type IENSResolver, type INotificationHandler, type ISessionManager, type ISessionStorage, type ISharingService, type ISigner, type ISpace, type ISpaceCreationHandler, type ISpaceScopedDelegations, type ISpaceScopedSharing, type ISpaceService, type IUserAuthorization, type IWasmBindings, type IngestOptions, type JWK, type KeyInfo, type KeyProvider, type KeyType, type LocationCandidate, type LocationCandidateInput, type LocationRecord, type LocationRecordPayload, type LocationRecordSigner, LocationRecordValidationError, type LocationResolutionAttempt, type LocationSource, type Manifest, type ManifestDefaults, type ManifestRegistryRecord, type ManifestSecretActions, ManifestValidationError, type NodeInfo, type ParseRecapFromSiwe, type PartialSiweMessage, type PermissionEntry, PermissionNotInManifestError, type PersistedSessionData, type PersistedTinyCloudSession, ProtocolMismatchError, type ReceiveOptions, type ResolveCloudLocationOptions, type ResolveTinyCloudHostsOptions, type ResolvedCapabilities, type ResolvedCloudLocation, type ResolvedDelegate, type ResolvedTinyCloudHosts, type ResourceCapability, SERVICE_LONG_TO_SHORT, SERVICE_SHORT_TO_LONG, type ServerHost, SessionExpiredError, type ShareAccess, type ShareLink, type ShareLinkData, type ShareSchema, SharingService, type SharingServiceConfig, type SignCallback, type SignInOptions, type SignRequest, type SignResponse, type SignStrategy, SilentNotificationHandler, type SiweConfig, SiweConfigSchema, Space, type SpaceAbilitiesMap, type SpaceConfig, type SpaceCreationContext, type SpaceDelegationParams, type SpaceErrorCode, SpaceErrorCodes, type SpaceHostResult, type SpaceInfo, type SpaceOwnership, SpaceService, type SpaceServiceConfig, type StoredDelegationChain, type SubsetCheckResult, TinyCloud, type TinyCloudConfig, type TinyCloudSession, UnsupportedFeatureError, type UserAuthorizationConfig, VAULT_PERMISSION_SERVICE, type ValidationError, VersionCheckError, type WasmRecapEntry, activateSessionWithHost, applyPrefix, buildSpaceUri, canonicalLocationPayload, checkNodeInfo, composeManifestRequest, createCapabilityKeyRegistry, createSharingService, createSpaceService, defaultSignStrategy, defaultSpaceCreationHandler, expandActionShortNames, expandPermissionEntries, expandPermissionEntry, fetchLocationRecord, fetchPeerId, httpUrlToMultiaddr, isCapabilitySubset, loadManifest, locationPayloadForRecord, makePublicSpaceId, manifestAbilitiesUnion, multiaddrToHttpUrl, normalizeDefaults, parseExpiry, parseRecapCapabilities, parseSpaceUri, resolveCloudLocation, resolveManifest, resolveTinyCloudHosts, resourceCapabilitiesToAbilitiesMap, resourceCapabilitiesToSpaceAbilitiesMap, signLocationRecord, submitHostDelegation, validateClientSession, validateLocationRecord, validateLocationRecordPayload, validateManifest, validatePersistedSessionData, verifyLocationRecord };
|
|
4652
|
+
export { ACCOUNT_REGISTRY_PATH, ACCOUNT_REGISTRY_SPACE, type AbilitiesMap, AutoApproveSpaceCreationHandler, type AutoRejectStrategy, type AutoSignStrategy, type Bytes, type CallbackStrategy, type CapabilityEntry, CapabilityKeyRegistry, type CapabilityKeyRegistryErrorCode, CapabilityKeyRegistryErrorCodes, type ClientSession, ClientSessionSchema, CloudLocationResolutionError, type ComposeManifestOptions, type ComposedManifestRequest, type CreateDelegationFunction, type CreateDelegationParams, type CreateDelegationWasmParams, type CreateDelegationWasmResult, DEFAULT_DEFAULTS, DEFAULT_EXPIRY, DEFAULT_MANIFEST_SPACE, DEFAULT_MANIFEST_VERSION, DEFAULT_SIGNED_READ_URL_EXPIRY_MS, DEFAULT_TINYCLOUD_FALLBACK_HOST, DEFAULT_TINYCLOUD_LOCATION_REGISTRY_URL, type DelegatedResource, type Delegation, type DelegationApiResponse, type DelegationChain, type DelegationChainV2, type DelegationDirection, type DelegationError, type DelegationErrorCode, DelegationErrorCodes, type DelegationFilters, DelegationManager, type DelegationManagerConfig, type DelegationRecord, type Result as DelegationResult, ENCRYPTION_MANIFEST_SPACE, ENCRYPTION_PERMISSION_SERVICE, EXPIRY, type EncodedShareData, type EnsData, EnsDataSchema, type EventEmitterStrategy, type ExpiryTier, type Extension, type GenerateShareParams, type ICapabilityKeyRegistry, type IENSResolver, type INotificationHandler, type ISessionManager, type ISessionStorage, type ISharingService, type ISigner, type ISpace, type ISpaceCreationHandler, type ISpaceScopedDelegations, type ISpaceScopedSharing, type ISpaceService, type IUserAuthorization, type IWasmBindings, type IngestOptions, type JWK, type KeyInfo, type KeyProvider, type KeyType, type LocationCandidate, type LocationCandidateInput, type LocationRecord, type LocationRecordPayload, type LocationRecordSigner, LocationRecordValidationError, type LocationResolutionAttempt, type LocationSource, type Manifest, type ManifestDefaults, type ManifestRegistryRecord, type ManifestSecretActions, ManifestValidationError, type NodeInfo, type ParseRecapFromSiwe, type PartialSiweMessage, type PermissionEntry, PermissionNotInManifestError, type PersistedSessionData, type PersistedTinyCloudSession, ProtocolMismatchError, type ReceiveOptions, type ResolveCloudLocationOptions, type ResolveTinyCloudHostsOptions, type ResolvedCapabilities, type ResolvedCloudLocation, type ResolvedDelegate, type ResolvedTinyCloudHosts, type ResourceCapability, SERVICE_LONG_TO_SHORT, SERVICE_SHORT_TO_LONG, type ServerHost, SessionExpiredError, type ShareAccess, type ShareLink, type ShareLinkData, type ShareSchema, SharingService, type SharingServiceConfig, type SignCallback, type SignInOptions, type SignRequest, type SignResponse, type SignStrategy, SilentNotificationHandler, type SiweConfig, SiweConfigSchema, Space, type SpaceAbilitiesMap, type SpaceConfig, type SpaceCreationContext, type SpaceDelegationParams, type SpaceErrorCode, SpaceErrorCodes, type SpaceHostResult, type SpaceInfo, type SpaceOwnership, SpaceService, type SpaceServiceConfig, type StoredDelegationChain, type SubsetCheckResult, TinyCloud, type TinyCloudConfig, type TinyCloudSession, UnsupportedFeatureError, type UserAuthorizationConfig, VAULT_PERMISSION_SERVICE, type ValidationError, VersionCheckError, type WasmRecapEntry, activateSessionWithHost, applyPrefix, buildSpaceUri, canonicalLocationPayload, checkNodeInfo, composeManifestRequest, createCapabilityKeyRegistry, createSharingService, createSpaceService, defaultSignStrategy, defaultSpaceCreationHandler, expandActionShortNames, expandPermissionEntries, expandPermissionEntry, fetchLocationRecord, fetchPeerId, httpUrlToMultiaddr, isCapabilitySubset, loadManifest, locationPayloadForRecord, makePublicSpaceId, manifestAbilitiesUnion, multiaddrToHttpUrl, normalizeDefaults, parseExpiry, parseRecapCapabilities, parseSpaceUri, resolveCloudLocation, resolveManifest, resolveTinyCloudHosts, resourceCapabilitiesToAbilitiesMap, resourceCapabilitiesToSpaceAbilitiesMap, signLocationRecord, submitHostDelegation, validateClientSession, validateLocationRecord, validateLocationRecordPayload, validateManifest, validatePersistedSessionData, verifyDidKeyEd25519Signature, verifyLocationRecord };
|