@twin.org/blob-storage-service 0.0.1-next.33 → 0.0.1-next.35

package/dist/cjs/index.cjs

@@ -98,7 +98,7 @@ function generateRestRoutesBlobStorage(baseRouteName, componentName, options) {
                             id: "blob-memory:c57d94b088f4c6d2cb32ded014813d0c786aa00134c8ee22f84b1e2545602a70"
                         },
                         query: {
-                            includeContent: true
+                            includeContent: "true"
                         }
                     }
                 }
@@ -188,7 +188,7 @@ function generateRestRoutesBlobStorage(baseRouteName, componentName, options) {
                             id: "blob-memory:c57d94b088f4c6d2cb32ded014813d0c786aa00134c8ee22f84b1e2545602a70"
                         },
                         query: {
-                            download: true,
+                            download: "true",
                             filename: "my-file.pdf"
                         }
                     }
@@ -277,7 +277,7 @@ function generateRestRoutesBlobStorage(baseRouteName, componentName, options) {
         ]
     };
     const blobStorageListRoute = {
-        operationId: `${camelTypeName}Get`,
+        operationId: `${camelTypeName}Query`,
         summary: `Query the items from ${lowerName}`,
         tag: options?.tagName ?? tagsBlobStorage[0].name,
         method: "GET",
@@ -400,7 +400,11 @@ async function blobStorageCreate(httpRequestContext, componentName, request) {
     core.Guards.object(ROUTES_SOURCE, "request.body", request.body);
     core.Guards.stringBase64(ROUTES_SOURCE, "request.body.blob", request.body.blob);
     const component = core.ComponentFactory.get(componentName);
-    const id = await component.create(request.body.blob, request.body.encodingFormat, request.body.fileExtension, request.body.metadata, request.body.namespace, httpRequestContext.userIdentity, httpRequestContext.nodeIdentity);
+    const id = await component.create(request.body.blob, request.body.encodingFormat, request.body.fileExtension, request.body.metadata, {
+        disableEncryption: request.body.disableEncryption,
+        overrideVaultKeyId: request.body.overrideVaultKeyId,
+        namespace: request.body.namespace
+    }, httpRequestContext.userIdentity, httpRequestContext.nodeIdentity);
     return {
         statusCode: web.HttpStatusCode.created,
         headers: {
@@ -421,7 +425,11 @@ async function blobStorageGet(httpRequestContext, componentName, request) {
     core.Guards.stringValue(ROUTES_SOURCE, "request.pathParams.id", request.pathParams.id);
     const mimeType = request.headers?.[web.HeaderTypes.Accept] === web.MimeTypes.JsonLd ? "jsonld" : "json";
     const component = core.ComponentFactory.get(componentName);
-    const result = await component.get(request.pathParams.id, request.query?.includeContent ?? false, httpRequestContext.userIdentity, httpRequestContext.nodeIdentity);
+    const result = await component.get(request.pathParams.id, {
+        includeContent: core.Coerce.boolean(request.query?.includeContent),
+        disableDecryption: core.Coerce.boolean(request.query?.disableDecryption),
+        overrideVaultKeyId: request.query?.overrideVaultKeyId
+    }, httpRequestContext.userIdentity, httpRequestContext.nodeIdentity);
     return {
         headers: {
             [web.HeaderTypes.ContentType]: mimeType === "json" ? web.MimeTypes.Json : web.MimeTypes.JsonLd
@@ -441,7 +449,11 @@ async function blobStorageGetContent(httpRequestContext, componentName, request)
     core.Guards.object(ROUTES_SOURCE, "request.pathParams", request.pathParams);
     core.Guards.stringValue(ROUTES_SOURCE, "request.pathParams.id", request.pathParams.id);
     const component = core.ComponentFactory.get(componentName);
-    const result = await component.get(request.pathParams.id, true, httpRequestContext.userIdentity, httpRequestContext.nodeIdentity);
+    const result = await component.get(request.pathParams.id, {
+        includeContent: true,
+        disableDecryption: core.Coerce.boolean(request.query?.disableDecryption),
+        overrideVaultKeyId: request.query?.overrideVaultKeyId
+    }, httpRequestContext.userIdentity, httpRequestContext.nodeIdentity);
     const encodingFormat = result?.encodingFormat ?? web.MimeTypes.OctetStream;
     let filename = request.query?.filename;
     if (!core.Is.stringValue(filename)) {
@@ -566,10 +578,10 @@ class BlobStorageService {
         }
         this._entryEntityStorage = entityStorageModels.EntityStorageConnectorFactory.get(options?.entryEntityStorageType ?? "blob-storage-entry");
         if (core.Is.stringValue(options?.vaultConnectorType)) {
-            this._vaultConnector = vaultModels.VaultConnectorFactory.getIfExists(options.vaultConnectorType);
+            this._vaultConnector = vaultModels.VaultConnectorFactory.get(options.vaultConnectorType);
         }
         this._defaultNamespace = options?.config?.defaultNamespace ?? names[0];
-        this._vaultKeyId = options?.config?.vaultKeyId ?? "blob-storage";
+        this._vaultKeyId = options?.config?.vaultKeyId;
         this._includeNodeIdentity = options?.config?.includeNodeIdentity ?? true;
         this._includeUserIdentity = options?.config?.includeUserIdentity ?? true;
         standardsSchemaOrg.SchemaOrgDataTypes.registerRedirects();
@@ -580,21 +592,27 @@ class BlobStorageService {
      * @param encodingFormat Mime type for the blob, will be detected if left undefined.
      * @param fileExtension Extension for the blob, will be detected if left undefined.
      * @param metadata Data for the custom metadata as JSON-LD.
-     * @param namespace The namespace to use for storing, defaults to component configured namespace.
+     * @param options Optional options for the creation of the blob.
+     * @param options.disableEncryption Disables encryption if enabled by default.
+     * @param options.overrideVaultKeyId Use a different vault key id for encryption, if not provided the default vault key id will be used.
+     * @param options.namespace The namespace to use for storing, defaults to component configured namespace.
      * @param userIdentity The user identity to use with storage operations.
      * @param nodeIdentity The node identity to use with storage operations.
      * @returns The id of the stored blob in urn format.
      */
-    async create(blob, encodingFormat, fileExtension, metadata, namespace, userIdentity, nodeIdentity) {
+    async create(blob, encodingFormat, fileExtension, metadata, options, userIdentity, nodeIdentity) {
         core.Guards.stringBase64(this.CLASS_NAME, "blob", blob);
         if (this._includeUserIdentity) {
             core.Guards.stringValue(this.CLASS_NAME, "userIdentity", userIdentity);
         }
-        if (this._includeNodeIdentity || core.Is.notEmpty(this._vaultConnector)) {
+        const disableEncryption = options?.disableEncryption ?? false;
+        const vaultKeyId = options?.overrideVaultKeyId ?? this._vaultKeyId;
+        const encryptionEnabled = !disableEncryption && core.Is.stringValue(vaultKeyId);
+        if (this._includeNodeIdentity || encryptionEnabled) {
             core.Guards.stringValue(this.CLASS_NAME, "nodeIdentity", nodeIdentity);
         }
         try {
-            const connectorNamespace = namespace ?? this._defaultNamespace;
+            const connectorNamespace = options?.namespace ?? this._defaultNamespace;
             const blobStorageConnector = blobStorageModels.BlobStorageConnectorFactory.get(connectorNamespace);
             // Convert the base64 data into bytes
             let storeBlob = core.Converter.base64ToBytes(blob);
@@ -615,8 +633,11 @@ class BlobStorageService {
             }
             const blobHash = `sha256:${core.Converter.bytesToBase64(crypto.Sha256.sum256(storeBlob))}`;
             // If we have a vault connector then encrypt the data.
-            if (this._vaultConnector) {
-                storeBlob = await this._vaultConnector.encrypt(`${nodeIdentity}/${this._vaultKeyId}`, vaultModels.VaultEncryptionType.ChaCha20Poly1305, storeBlob);
+            if (encryptionEnabled) {
+                if (core.Is.empty(this._vaultConnector)) {
+                    throw new core.GeneralError(this.CLASS_NAME, "vaultConnectorNotConfigured");
+                }
+                storeBlob = await this._vaultConnector.encrypt(`${nodeIdentity}/${vaultKeyId}`, vaultModels.VaultEncryptionType.ChaCha20Poly1305, storeBlob);
             }
             // Set the blob in the storage connector, which may now be encrypted
             const blobId = await blobStorageConnector.set(storeBlob);
@@ -628,7 +649,8 @@ class BlobStorageService {
                 blobHash,
                 encodingFormat,
                 fileExtension,
-                metadata
+                metadata,
+                isEncrypted: encryptionEnabled
             };
             const conditions = [];
             if (this._includeUserIdentity) {
@@ -649,14 +671,21 @@ class BlobStorageService {
     /**
      * Get the blob entry.
      * @param id The id of the blob to get in urn format.
-     * @param includeContent Include the content, or just get the metadata.
+     * @param options Optional options for the retrieval of the blob.
+     * @param options.includeContent Include the content, or just get the metadata.
+     * @param options.disableDecryption Disables decryption if enabled by default.
+     * @param options.overrideVaultKeyId Use a different vault key id for decryption, if not provided the default vault key id will be used.
      * @param userIdentity The user identity to use with storage operations.
      * @param nodeIdentity The node identity to use with storage operations.
      * @returns The entry and data for the blob if it can be found.
      * @throws Not found error if the blob cannot be found.
      */
-    async get(id, includeContent, userIdentity, nodeIdentity) {
+    async get(id, options, userIdentity, nodeIdentity) {
         core.Urn.guard(this.CLASS_NAME, "id", id);
+        const includeContent = options?.includeContent ?? false;
+        const disableEncryption = options?.disableDecryption ?? false;
+        const vaultKeyId = options?.overrideVaultKeyId ?? this._vaultKeyId;
+        const decryptionEnabled = !disableEncryption && core.Is.stringValue(vaultKeyId);
         const conditions = [];
         if (this._includeUserIdentity) {
             core.Guards.stringValue(this.CLASS_NAME, "userIdentity", userIdentity);
@@ -684,8 +713,11 @@ class BlobStorageService {
                     throw new core.NotFoundError(this.CLASS_NAME, "blobNotFound", id);
                 }
                 // If we have a vault connector then decrypt the data.
-                if (this._vaultConnector) {
-                    returnBlob = await this._vaultConnector.decrypt(`${nodeIdentity}/${this._vaultKeyId}`, vaultModels.VaultEncryptionType.ChaCha20Poly1305, returnBlob);
+                if (decryptionEnabled) {
+                    if (core.Is.empty(this._vaultConnector)) {
+                        throw new core.GeneralError(this.CLASS_NAME, "vaultConnectorNotConfigured");
+                    }
+                    returnBlob = await this._vaultConnector.decrypt(`${nodeIdentity}/${vaultKeyId}`, vaultModels.VaultEncryptionType.ChaCha20Poly1305, returnBlob);
                 }
             }
             const jsonLd = this.entryToJsonLd(blobEntry, returnBlob);
@@ -733,7 +765,8 @@ class BlobStorageService {
                 blobHash: blobEntry.blobHash,
                 encodingFormat: encodingFormat ?? blobEntry.encodingFormat,
                 fileExtension: fileExtension ?? blobEntry.fileExtension,
-                metadata: metadata ?? blobEntry.metadata
+                metadata: metadata ?? blobEntry.metadata,
+                isEncrypted: blobEntry.isEncrypted
             };
             const conditions = [];
             if (this._includeUserIdentity) {
@@ -984,6 +1017,10 @@ exports.BlobStorageEntry = class BlobStorageEntry {
      * The metadata for the blob as JSON-LD.
      */
     metadata;
+    /**
+     * Is the entry encrypted.
+     */
+    isEncrypted;
     /**
      * The user identity that created the blob.
      */
@@ -1030,6 +1067,10 @@ __decorate([
     entity.property({ type: "object", itemTypeRef: "IJsonLdNodeObject", optional: true }),
     __metadata("design:type", Object)
 ], exports.BlobStorageEntry.prototype, "metadata", void 0);
+__decorate([
+    entity.property({ type: "boolean" }),
+    __metadata("design:type", Boolean)
+], exports.BlobStorageEntry.prototype, "isEncrypted", void 0);
 __decorate([
     entity.property({ type: "string", optional: true }),
     __metadata("design:type", String)

package/dist/esm/index.mjs

@@ -1,6 +1,6 @@
 import { HttpParameterHelper } from '@twin.org/api-models';
 import { BlobStorageTypes, BlobStorageContexts, BlobStorageConnectorFactory } from '@twin.org/blob-storage-models';
-import { StringHelper, Guards, ComponentFactory, Is, Converter, Coerce, GeneralError, Validation, ObjectHelper, Urn, NotFoundError } from '@twin.org/core';
+import { StringHelper, Guards, ComponentFactory, Coerce, Is, Converter, GeneralError, Validation, ObjectHelper, Urn, NotFoundError } from '@twin.org/core';
 import { SchemaOrgContexts, SchemaOrgTypes, SchemaOrgDataTypes } from '@twin.org/standards-schema-org';
 import { HttpStatusCode, HeaderTypes, MimeTypes, MimeTypeHelper } from '@twin.org/web';
 import { Sha256 } from '@twin.org/crypto';
@@ -96,7 +96,7 @@ function generateRestRoutesBlobStorage(baseRouteName, componentName, options) {
                             id: "blob-memory:c57d94b088f4c6d2cb32ded014813d0c786aa00134c8ee22f84b1e2545602a70"
                         },
                         query: {
-                            includeContent: true
+                            includeContent: "true"
                         }
                     }
                 }
@@ -186,7 +186,7 @@ function generateRestRoutesBlobStorage(baseRouteName, componentName, options) {
                             id: "blob-memory:c57d94b088f4c6d2cb32ded014813d0c786aa00134c8ee22f84b1e2545602a70"
                         },
                         query: {
-                            download: true,
+                            download: "true",
                             filename: "my-file.pdf"
                         }
                     }
@@ -275,7 +275,7 @@ function generateRestRoutesBlobStorage(baseRouteName, componentName, options) {
         ]
     };
     const blobStorageListRoute = {
-        operationId: `${camelTypeName}Get`,
+        operationId: `${camelTypeName}Query`,
         summary: `Query the items from ${lowerName}`,
         tag: options?.tagName ?? tagsBlobStorage[0].name,
         method: "GET",
@@ -398,7 +398,11 @@ async function blobStorageCreate(httpRequestContext, componentName, request) {
     Guards.object(ROUTES_SOURCE, "request.body", request.body);
     Guards.stringBase64(ROUTES_SOURCE, "request.body.blob", request.body.blob);
     const component = ComponentFactory.get(componentName);
-    const id = await component.create(request.body.blob, request.body.encodingFormat, request.body.fileExtension, request.body.metadata, request.body.namespace, httpRequestContext.userIdentity, httpRequestContext.nodeIdentity);
+    const id = await component.create(request.body.blob, request.body.encodingFormat, request.body.fileExtension, request.body.metadata, {
+        disableEncryption: request.body.disableEncryption,
+        overrideVaultKeyId: request.body.overrideVaultKeyId,
+        namespace: request.body.namespace
+    }, httpRequestContext.userIdentity, httpRequestContext.nodeIdentity);
     return {
         statusCode: HttpStatusCode.created,
         headers: {
@@ -419,7 +423,11 @@ async function blobStorageGet(httpRequestContext, componentName, request) {
     Guards.stringValue(ROUTES_SOURCE, "request.pathParams.id", request.pathParams.id);
     const mimeType = request.headers?.[HeaderTypes.Accept] === MimeTypes.JsonLd ? "jsonld" : "json";
     const component = ComponentFactory.get(componentName);
-    const result = await component.get(request.pathParams.id, request.query?.includeContent ?? false, httpRequestContext.userIdentity, httpRequestContext.nodeIdentity);
+    const result = await component.get(request.pathParams.id, {
+        includeContent: Coerce.boolean(request.query?.includeContent),
+        disableDecryption: Coerce.boolean(request.query?.disableDecryption),
+        overrideVaultKeyId: request.query?.overrideVaultKeyId
+    }, httpRequestContext.userIdentity, httpRequestContext.nodeIdentity);
     return {
         headers: {
             [HeaderTypes.ContentType]: mimeType === "json" ? MimeTypes.Json : MimeTypes.JsonLd
@@ -439,7 +447,11 @@ async function blobStorageGetContent(httpRequestContext, componentName, request)
     Guards.object(ROUTES_SOURCE, "request.pathParams", request.pathParams);
     Guards.stringValue(ROUTES_SOURCE, "request.pathParams.id", request.pathParams.id);
     const component = ComponentFactory.get(componentName);
-    const result = await component.get(request.pathParams.id, true, httpRequestContext.userIdentity, httpRequestContext.nodeIdentity);
+    const result = await component.get(request.pathParams.id, {
+        includeContent: true,
+        disableDecryption: Coerce.boolean(request.query?.disableDecryption),
+        overrideVaultKeyId: request.query?.overrideVaultKeyId
+    }, httpRequestContext.userIdentity, httpRequestContext.nodeIdentity);
     const encodingFormat = result?.encodingFormat ?? MimeTypes.OctetStream;
     let filename = request.query?.filename;
     if (!Is.stringValue(filename)) {
@@ -564,10 +576,10 @@ class BlobStorageService {
         }
         this._entryEntityStorage = EntityStorageConnectorFactory.get(options?.entryEntityStorageType ?? "blob-storage-entry");
         if (Is.stringValue(options?.vaultConnectorType)) {
-            this._vaultConnector = VaultConnectorFactory.getIfExists(options.vaultConnectorType);
+            this._vaultConnector = VaultConnectorFactory.get(options.vaultConnectorType);
         }
         this._defaultNamespace = options?.config?.defaultNamespace ?? names[0];
-        this._vaultKeyId = options?.config?.vaultKeyId ?? "blob-storage";
+        this._vaultKeyId = options?.config?.vaultKeyId;
         this._includeNodeIdentity = options?.config?.includeNodeIdentity ?? true;
         this._includeUserIdentity = options?.config?.includeUserIdentity ?? true;
         SchemaOrgDataTypes.registerRedirects();
@@ -578,21 +590,27 @@ class BlobStorageService {
      * @param encodingFormat Mime type for the blob, will be detected if left undefined.
      * @param fileExtension Extension for the blob, will be detected if left undefined.
      * @param metadata Data for the custom metadata as JSON-LD.
-     * @param namespace The namespace to use for storing, defaults to component configured namespace.
+     * @param options Optional options for the creation of the blob.
+     * @param options.disableEncryption Disables encryption if enabled by default.
+     * @param options.overrideVaultKeyId Use a different vault key id for encryption, if not provided the default vault key id will be used.
+     * @param options.namespace The namespace to use for storing, defaults to component configured namespace.
      * @param userIdentity The user identity to use with storage operations.
      * @param nodeIdentity The node identity to use with storage operations.
      * @returns The id of the stored blob in urn format.
      */
-    async create(blob, encodingFormat, fileExtension, metadata, namespace, userIdentity, nodeIdentity) {
+    async create(blob, encodingFormat, fileExtension, metadata, options, userIdentity, nodeIdentity) {
         Guards.stringBase64(this.CLASS_NAME, "blob", blob);
         if (this._includeUserIdentity) {
             Guards.stringValue(this.CLASS_NAME, "userIdentity", userIdentity);
         }
-        if (this._includeNodeIdentity || Is.notEmpty(this._vaultConnector)) {
+        const disableEncryption = options?.disableEncryption ?? false;
+        const vaultKeyId = options?.overrideVaultKeyId ?? this._vaultKeyId;
+        const encryptionEnabled = !disableEncryption && Is.stringValue(vaultKeyId);
+        if (this._includeNodeIdentity || encryptionEnabled) {
             Guards.stringValue(this.CLASS_NAME, "nodeIdentity", nodeIdentity);
         }
         try {
-            const connectorNamespace = namespace ?? this._defaultNamespace;
+            const connectorNamespace = options?.namespace ?? this._defaultNamespace;
             const blobStorageConnector = BlobStorageConnectorFactory.get(connectorNamespace);
             // Convert the base64 data into bytes
             let storeBlob = Converter.base64ToBytes(blob);
@@ -613,8 +631,11 @@ class BlobStorageService {
             }
             const blobHash = `sha256:${Converter.bytesToBase64(Sha256.sum256(storeBlob))}`;
             // If we have a vault connector then encrypt the data.
-            if (this._vaultConnector) {
-                storeBlob = await this._vaultConnector.encrypt(`${nodeIdentity}/${this._vaultKeyId}`, VaultEncryptionType.ChaCha20Poly1305, storeBlob);
+            if (encryptionEnabled) {
+                if (Is.empty(this._vaultConnector)) {
+                    throw new GeneralError(this.CLASS_NAME, "vaultConnectorNotConfigured");
+                }
+                storeBlob = await this._vaultConnector.encrypt(`${nodeIdentity}/${vaultKeyId}`, VaultEncryptionType.ChaCha20Poly1305, storeBlob);
             }
             // Set the blob in the storage connector, which may now be encrypted
             const blobId = await blobStorageConnector.set(storeBlob);
@@ -626,7 +647,8 @@ class BlobStorageService {
                 blobHash,
                 encodingFormat,
                 fileExtension,
-                metadata
+                metadata,
+                isEncrypted: encryptionEnabled
             };
             const conditions = [];
             if (this._includeUserIdentity) {
@@ -647,14 +669,21 @@ class BlobStorageService {
     /**
      * Get the blob entry.
      * @param id The id of the blob to get in urn format.
-     * @param includeContent Include the content, or just get the metadata.
+     * @param options Optional options for the retrieval of the blob.
+     * @param options.includeContent Include the content, or just get the metadata.
+     * @param options.disableDecryption Disables decryption if enabled by default.
+     * @param options.overrideVaultKeyId Use a different vault key id for decryption, if not provided the default vault key id will be used.
      * @param userIdentity The user identity to use with storage operations.
      * @param nodeIdentity The node identity to use with storage operations.
      * @returns The entry and data for the blob if it can be found.
      * @throws Not found error if the blob cannot be found.
      */
-    async get(id, includeContent, userIdentity, nodeIdentity) {
+    async get(id, options, userIdentity, nodeIdentity) {
         Urn.guard(this.CLASS_NAME, "id", id);
+        const includeContent = options?.includeContent ?? false;
+        const disableEncryption = options?.disableDecryption ?? false;
+        const vaultKeyId = options?.overrideVaultKeyId ?? this._vaultKeyId;
+        const decryptionEnabled = !disableEncryption && Is.stringValue(vaultKeyId);
         const conditions = [];
         if (this._includeUserIdentity) {
             Guards.stringValue(this.CLASS_NAME, "userIdentity", userIdentity);
@@ -682,8 +711,11 @@ class BlobStorageService {
                     throw new NotFoundError(this.CLASS_NAME, "blobNotFound", id);
                 }
                 // If we have a vault connector then decrypt the data.
-                if (this._vaultConnector) {
-                    returnBlob = await this._vaultConnector.decrypt(`${nodeIdentity}/${this._vaultKeyId}`, VaultEncryptionType.ChaCha20Poly1305, returnBlob);
+                if (decryptionEnabled) {
+                    if (Is.empty(this._vaultConnector)) {
+                        throw new GeneralError(this.CLASS_NAME, "vaultConnectorNotConfigured");
+                    }
+                    returnBlob = await this._vaultConnector.decrypt(`${nodeIdentity}/${vaultKeyId}`, VaultEncryptionType.ChaCha20Poly1305, returnBlob);
                 }
             }
             const jsonLd = this.entryToJsonLd(blobEntry, returnBlob);
@@ -731,7 +763,8 @@ class BlobStorageService {
                 blobHash: blobEntry.blobHash,
                 encodingFormat: encodingFormat ?? blobEntry.encodingFormat,
                 fileExtension: fileExtension ?? blobEntry.fileExtension,
-                metadata: metadata ?? blobEntry.metadata
+                metadata: metadata ?? blobEntry.metadata,
+                isEncrypted: blobEntry.isEncrypted
             };
             const conditions = [];
             if (this._includeUserIdentity) {
@@ -982,6 +1015,10 @@ let BlobStorageEntry = class BlobStorageEntry {
      * The metadata for the blob as JSON-LD.
      */
     metadata;
+    /**
+     * Is the entry encrypted.
+     */
+    isEncrypted;
     /**
      * The user identity that created the blob.
      */
@@ -1028,6 +1065,10 @@ __decorate([
     property({ type: "object", itemTypeRef: "IJsonLdNodeObject", optional: true }),
     __metadata("design:type", Object)
 ], BlobStorageEntry.prototype, "metadata", void 0);
+__decorate([
+    property({ type: "boolean" }),
+    __metadata("design:type", Boolean)
+], BlobStorageEntry.prototype, "isEncrypted", void 0);
 __decorate([
     property({ type: "string", optional: true }),
     __metadata("design:type", String)

package/dist/types/blobStorageService.d.ts

@@ -25,22 +25,36 @@ export declare class BlobStorageService implements IBlobStorageComponent {
      * @param encodingFormat Mime type for the blob, will be detected if left undefined.
      * @param fileExtension Extension for the blob, will be detected if left undefined.
      * @param metadata Data for the custom metadata as JSON-LD.
-     * @param namespace The namespace to use for storing, defaults to component configured namespace.
+     * @param options Optional options for the creation of the blob.
+     * @param options.disableEncryption Disables encryption if enabled by default.
+     * @param options.overrideVaultKeyId Use a different vault key id for encryption, if not provided the default vault key id will be used.
+     * @param options.namespace The namespace to use for storing, defaults to component configured namespace.
      * @param userIdentity The user identity to use with storage operations.
      * @param nodeIdentity The node identity to use with storage operations.
      * @returns The id of the stored blob in urn format.
      */
-    create(blob: string, encodingFormat?: string, fileExtension?: string, metadata?: IJsonLdNodeObject, namespace?: string, userIdentity?: string, nodeIdentity?: string): Promise<string>;
+    create(blob: string, encodingFormat?: string, fileExtension?: string, metadata?: IJsonLdNodeObject, options?: {
+        disableEncryption?: boolean;
+        overrideVaultKeyId?: string;
+        namespace?: string;
+    }, userIdentity?: string, nodeIdentity?: string): Promise<string>;
     /**
      * Get the blob entry.
      * @param id The id of the blob to get in urn format.
-     * @param includeContent Include the content, or just get the metadata.
+     * @param options Optional options for the retrieval of the blob.
+     * @param options.includeContent Include the content, or just get the metadata.
+     * @param options.disableDecryption Disables decryption if enabled by default.
+     * @param options.overrideVaultKeyId Use a different vault key id for decryption, if not provided the default vault key id will be used.
      * @param userIdentity The user identity to use with storage operations.
      * @param nodeIdentity The node identity to use with storage operations.
      * @returns The entry and data for the blob if it can be found.
      * @throws Not found error if the blob cannot be found.
      */
-    get(id: string, includeContent: boolean, userIdentity?: string, nodeIdentity?: string): Promise<IBlobStorageEntry>;
+    get(id: string, options?: {
+        includeContent?: boolean;
+        disableDecryption?: boolean;
+        overrideVaultKeyId?: string;
+    }, userIdentity?: string, nodeIdentity?: string): Promise<IBlobStorageEntry>;
     /**
      * Update the blob with metadata.
      * @param id The id of the blob entry to update.

package/dist/types/entities/blobStorageEntry.d.ts

@@ -35,6 +35,10 @@ export declare class BlobStorageEntry {
      * The metadata for the blob as JSON-LD.
      */
     metadata?: IJsonLdNodeObject;
+    /**
+     * Is the entry encrypted.
+     */
+    isEncrypted: boolean;
     /**
      * The user identity that created the blob.
      */

package/dist/types/models/IBlobStorageServiceConfig.d.ts

@@ -3,8 +3,7 @@
  */
 export interface IBlobStorageServiceConfig {
     /**
-     * The name of the vault key to use for encryption if the service has a vault connector configured.
-     * @default blob-storage.
+     * The name of the vault key to use for encryption, if not configured no encryption will happen.
      */
     vaultKeyId?: string;
     /**

package/dist/types/models/IBlobStorageServiceConstructorOptions.d.ts

@@ -9,7 +9,7 @@ export interface IBlobStorageServiceConstructorOptions {
      */
     entryEntityStorageType?: string;
     /**
-     * The type of the vault connector for encryption, if undefined no encryption will be performed.
+     * The type of the vault connector for encryption.
      */
     vaultConnectorType?: string;
     /**

package/docs/changelog.md

@@ -1,5 +1,37 @@
 # @twin.org/blob-storage-service - Changelog
 
+## [0.0.1-next.35](https://github.com/twinfoundation/blob-storage/compare/blob-storage-service-v0.0.1-next.34...blob-storage-service-v0.0.1-next.35) (2025-06-17)
+
+
+### Features
+
+* additional encryption options on per item basis ([4b95a65](https://github.com/twinfoundation/blob-storage/commit/4b95a656d19e3b571cea905e36f29b679b13e1e8))
+
+
+### Dependencies
+
+* The following workspace dependencies were updated
+  * dependencies
+    * @twin.org/blob-storage-models bumped from 0.0.1-next.34 to 0.0.1-next.35
+  * devDependencies
+    * @twin.org/blob-storage-connector-memory bumped from 0.0.1-next.34 to 0.0.1-next.35
+
+## [0.0.1-next.34](https://github.com/twinfoundation/blob-storage/compare/blob-storage-service-v0.0.1-next.33...blob-storage-service-v0.0.1-next.34) (2025-06-12)
+
+
+### Features
+
+* update dependencies ([56f0094](https://github.com/twinfoundation/blob-storage/commit/56f0094b68d8bd22864cd899ac1b61d95540f719))
+
+
+### Dependencies
+
+* The following workspace dependencies were updated
+  * dependencies
+    * @twin.org/blob-storage-models bumped from 0.0.1-next.33 to 0.0.1-next.34
+  * devDependencies
+    * @twin.org/blob-storage-connector-memory bumped from 0.0.1-next.33 to 0.0.1-next.34
+
 ## [0.0.1-next.33](https://github.com/twinfoundation/blob-storage/compare/blob-storage-service-v0.0.1-next.32...blob-storage-service-v0.0.1-next.33) (2025-06-03)