@tinycloud/sdk-services 2.3.0-beta.2 → 2.3.0-beta.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{BaseService-C_iXlTeN.d.cts → BaseService-DZ2hBJeD.d.cts} +1 -1
- package/dist/{BaseService-C_iXlTeN.d.ts → BaseService-DZ2hBJeD.d.ts} +1 -1
- package/dist/encryption/index.cjs +46 -3
- package/dist/encryption/index.cjs.map +1 -1
- package/dist/encryption/index.d.cts +1 -1
- package/dist/encryption/index.d.ts +1 -1
- package/dist/encryption/index.js +46 -3
- package/dist/encryption/index.js.map +1 -1
- package/dist/index.cjs +212 -3
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +3 -3
- package/dist/index.d.ts +3 -3
- package/dist/index.js +212 -3
- package/dist/index.js.map +1 -1
- package/dist/kv/index.cjs +166 -0
- package/dist/kv/index.cjs.map +1 -1
- package/dist/kv/index.d.cts +79 -2
- package/dist/kv/index.d.ts +79 -2
- package/dist/kv/index.js +166 -0
- package/dist/kv/index.js.map +1 -1
- package/dist/sql/index.cjs.map +1 -1
- package/dist/sql/index.d.cts +1 -1
- package/dist/sql/index.d.ts +1 -1
- package/dist/sql/index.js.map +1 -1
- package/package.json +2 -2
package/dist/encryption/index.js
CHANGED
|
@@ -387,6 +387,7 @@ function canonicalHashHex(sha256, value) {
|
|
|
387
387
|
// src/encryption/networkId.ts
|
|
388
388
|
var URN_PREFIX = "urn:tinycloud:encryption:";
|
|
389
389
|
var NETWORK_NAME_RE = /^[a-z0-9][a-z0-9-]*$/;
|
|
390
|
+
var PKH_EIP155_DID_RE = /^did:pkh:eip155:(\d+):(0x[a-fA-F0-9]{40})$/;
|
|
390
391
|
var NetworkIdError = class extends Error {
|
|
391
392
|
constructor(message) {
|
|
392
393
|
super(message);
|
|
@@ -453,6 +454,22 @@ function isNetworkId(networkId) {
|
|
|
453
454
|
return false;
|
|
454
455
|
}
|
|
455
456
|
}
|
|
457
|
+
function parsePkhOwnerDid(ownerDid) {
|
|
458
|
+
const match = ownerDid.match(PKH_EIP155_DID_RE);
|
|
459
|
+
if (!match) return null;
|
|
460
|
+
return {
|
|
461
|
+
chainId: match[1],
|
|
462
|
+
address: match[2].toLowerCase()
|
|
463
|
+
};
|
|
464
|
+
}
|
|
465
|
+
function ownerDidMatches(a, b) {
|
|
466
|
+
const aPkh = parsePkhOwnerDid(a);
|
|
467
|
+
const bPkh = parsePkhOwnerDid(b);
|
|
468
|
+
if (aPkh && bPkh) {
|
|
469
|
+
return aPkh.chainId === bPkh.chainId && aPkh.address === bPkh.address;
|
|
470
|
+
}
|
|
471
|
+
return a === b;
|
|
472
|
+
}
|
|
456
473
|
function networkDiscoveryKey(name) {
|
|
457
474
|
if (!NETWORK_NAME_RE.test(name)) {
|
|
458
475
|
throw new NetworkIdError(
|
|
@@ -588,7 +605,19 @@ async function discoverNetwork(input) {
|
|
|
588
605
|
};
|
|
589
606
|
}
|
|
590
607
|
function validateDescriptor(descriptor, networkId, ownerDid, name) {
|
|
591
|
-
|
|
608
|
+
let descriptorNetwork;
|
|
609
|
+
try {
|
|
610
|
+
descriptorNetwork = parseNetworkId(descriptor.networkId);
|
|
611
|
+
} catch (err2) {
|
|
612
|
+
return {
|
|
613
|
+
ok: false,
|
|
614
|
+
error: encryptionError({
|
|
615
|
+
code: "INVALID_NETWORK_ID",
|
|
616
|
+
message: `descriptor networkId is malformed: ${err2 instanceof Error ? err2.message : String(err2)}`
|
|
617
|
+
})
|
|
618
|
+
};
|
|
619
|
+
}
|
|
620
|
+
if (descriptorNetwork.name !== name || !ownerDidMatches(descriptorNetwork.ownerDid, ownerDid)) {
|
|
592
621
|
return {
|
|
593
622
|
ok: false,
|
|
594
623
|
error: encryptionError({
|
|
@@ -597,7 +626,8 @@ function validateDescriptor(descriptor, networkId, ownerDid, name) {
|
|
|
597
626
|
})
|
|
598
627
|
};
|
|
599
628
|
}
|
|
600
|
-
|
|
629
|
+
const descriptorOwnerDid = descriptorOwner(descriptor);
|
|
630
|
+
if (descriptorOwnerDid === void 0 || !ownerDidMatches(descriptorOwnerDid, ownerDid) || !ownerDidMatches(descriptorOwnerDid, descriptorNetwork.ownerDid)) {
|
|
601
631
|
return {
|
|
602
632
|
ok: false,
|
|
603
633
|
error: encryptionError({
|
|
@@ -624,7 +654,20 @@ function validateDescriptor(descriptor, networkId, ownerDid, name) {
|
|
|
624
654
|
})
|
|
625
655
|
};
|
|
626
656
|
}
|
|
627
|
-
return {
|
|
657
|
+
return {
|
|
658
|
+
ok: true,
|
|
659
|
+
data: {
|
|
660
|
+
...descriptor,
|
|
661
|
+
ownerDid: descriptorOwnerDid
|
|
662
|
+
}
|
|
663
|
+
};
|
|
664
|
+
}
|
|
665
|
+
function descriptorOwner(descriptor) {
|
|
666
|
+
if (typeof descriptor.ownerDid === "string" && descriptor.ownerDid.length > 0) {
|
|
667
|
+
return descriptor.ownerDid;
|
|
668
|
+
}
|
|
669
|
+
const legacyDescriptor = descriptor;
|
|
670
|
+
return typeof legacyDescriptor.principal === "string" && legacyDescriptor.principal.length > 0 ? legacyDescriptor.principal : void 0;
|
|
628
671
|
}
|
|
629
672
|
function ensureNetworkUsableForDecrypt(descriptor) {
|
|
630
673
|
if (descriptor.state === "active" || descriptor.state === "rotating") {
|