@vaultsandbox/client 0.6.1 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +190 -21
- package/README.md +2 -2
- package/dist/client.d.ts +11 -3
- package/dist/client.js +74 -26
- package/dist/client.js.map +1 -1
- package/dist/email.d.ts +2 -2
- package/dist/email.js +24 -12
- package/dist/email.js.map +1 -1
- package/dist/http/api-client.d.ts +80 -3
- package/dist/http/api-client.js +114 -4
- package/dist/http/api-client.js.map +1 -1
- package/dist/inbox.d.ts +58 -5
- package/dist/inbox.js +131 -15
- package/dist/inbox.js.map +1 -1
- package/dist/index.d.ts +3 -2
- package/dist/index.js +3 -1
- package/dist/index.js.map +1 -1
- package/dist/strategies/delivery-strategy.d.ts +4 -4
- package/dist/strategies/polling-strategy.d.ts +4 -4
- package/dist/strategies/polling-strategy.js +10 -6
- package/dist/strategies/polling-strategy.js.map +1 -1
- package/dist/strategies/sse-strategy.d.ts +2 -2
- package/dist/strategies/sse-strategy.js +9 -5
- package/dist/strategies/sse-strategy.js.map +1 -1
- package/dist/types/index.d.ts +224 -14
- package/dist/types/index.js +10 -0
- package/dist/types/index.js.map +1 -1
- package/dist/utils/email-utils.d.ts +14 -3
- package/dist/utils/email-utils.js +39 -1
- package/dist/utils/email-utils.js.map +1 -1
- package/package.json +5 -5
package/dist/types/index.d.ts
CHANGED
|
@@ -36,6 +36,10 @@ export interface CreateInboxOptions {
|
|
|
36
36
|
ttl?: number;
|
|
37
37
|
/** A specific email address to request for the inbox. */
|
|
38
38
|
emailAddress?: string;
|
|
39
|
+
/** Enable or disable email authentication checks (SPF, DKIM, DMARC, PTR). Omit to use server default. */
|
|
40
|
+
emailAuth?: boolean;
|
|
41
|
+
/** Request encrypted or plain inbox. Omit to use server default based on encryptionPolicy. */
|
|
42
|
+
encryption?: 'encrypted' | 'plain';
|
|
39
43
|
}
|
|
40
44
|
/**
|
|
41
45
|
* Exported inbox data structure for sharing or backup purposes.
|
|
@@ -51,10 +55,12 @@ export interface ExportedInboxData {
|
|
|
51
55
|
expiresAt: string;
|
|
52
56
|
/** Unique hash identifier for the inbox */
|
|
53
57
|
inboxHash: string;
|
|
54
|
-
/**
|
|
55
|
-
|
|
56
|
-
/** ML-
|
|
57
|
-
|
|
58
|
+
/** Whether this inbox uses encryption. */
|
|
59
|
+
encrypted: boolean;
|
|
60
|
+
/** Server's ML-DSA-65 public key (base64url encoded, 1952 bytes decoded). Only present for encrypted inboxes. */
|
|
61
|
+
serverSigPk?: string;
|
|
62
|
+
/** ML-KEM-768 secret key (base64url encoded, 2400 bytes decoded). Only present for encrypted inboxes. */
|
|
63
|
+
secretKey?: string;
|
|
58
64
|
/** ISO 8601 timestamp when the export was created */
|
|
59
65
|
exportedAt: string;
|
|
60
66
|
}
|
|
@@ -70,8 +76,12 @@ export interface InboxData {
|
|
|
70
76
|
expiresAt: string;
|
|
71
77
|
/** Base64URL-encoded SHA-256 hash of the client KEM public key, used for SSE subscriptions and API references. */
|
|
72
78
|
inboxHash: string;
|
|
73
|
-
/**
|
|
74
|
-
|
|
79
|
+
/** Whether this inbox uses encryption. */
|
|
80
|
+
encrypted: boolean;
|
|
81
|
+
/** Base64URL-encoded server signing public key for verifying server signatures. Only present for encrypted inboxes. */
|
|
82
|
+
serverSigPk?: string;
|
|
83
|
+
/** Whether email authentication checks (SPF, DKIM, DMARC, PTR) are enabled for this inbox. */
|
|
84
|
+
emailAuth?: boolean;
|
|
75
85
|
}
|
|
76
86
|
/**
|
|
77
87
|
* The synchronization status of an inbox.
|
|
@@ -105,10 +115,10 @@ export interface WaitForCountOptions {
|
|
|
105
115
|
timeout?: number;
|
|
106
116
|
}
|
|
107
117
|
/**
|
|
108
|
-
*
|
|
118
|
+
* Encrypted email data returned from the API.
|
|
109
119
|
* @internal
|
|
110
120
|
*/
|
|
111
|
-
export interface
|
|
121
|
+
export interface EncryptedEmailData {
|
|
112
122
|
id: string;
|
|
113
123
|
inboxId: string;
|
|
114
124
|
receivedAt: string;
|
|
@@ -116,6 +126,26 @@ export interface EmailData {
|
|
|
116
126
|
encryptedMetadata: EncryptedData;
|
|
117
127
|
encryptedParsed?: EncryptedData;
|
|
118
128
|
}
|
|
129
|
+
/**
|
|
130
|
+
* Plain (unencrypted) email data returned from the API.
|
|
131
|
+
* @internal
|
|
132
|
+
*/
|
|
133
|
+
export interface PlainEmailData {
|
|
134
|
+
id: string;
|
|
135
|
+
inboxId: string;
|
|
136
|
+
receivedAt: string;
|
|
137
|
+
isRead: boolean;
|
|
138
|
+
/** Base64-encoded JSON metadata */
|
|
139
|
+
metadata: string;
|
|
140
|
+
/** Base64-encoded JSON parsed content */
|
|
141
|
+
parsed?: string;
|
|
142
|
+
}
|
|
143
|
+
/**
|
|
144
|
+
* Raw email data returned from the API (encrypted or plain).
|
|
145
|
+
* Use `isEncryptedEmailData()` type guard to discriminate.
|
|
146
|
+
* @internal
|
|
147
|
+
*/
|
|
148
|
+
export type EmailData = EncryptedEmailData | PlainEmailData;
|
|
119
149
|
/**
|
|
120
150
|
* The structure of encrypted data returned from the server.
|
|
121
151
|
* @internal
|
|
@@ -186,17 +216,21 @@ export interface RawEmail {
|
|
|
186
216
|
raw: string;
|
|
187
217
|
}
|
|
188
218
|
/**
|
|
219
|
+
* Raw email data from the API (encrypted or plain).
|
|
189
220
|
* @internal
|
|
190
221
|
*/
|
|
191
222
|
export interface RawEmailData {
|
|
192
223
|
id: string;
|
|
193
|
-
|
|
224
|
+
/** Encrypted raw email content. Present for encrypted inboxes. */
|
|
225
|
+
encryptedRaw?: EncryptedData;
|
|
226
|
+
/** Base64-encoded raw email content. Present for plain inboxes. */
|
|
227
|
+
raw?: string;
|
|
194
228
|
}
|
|
195
229
|
/**
|
|
196
230
|
* The result of an SPF (Sender Policy Framework) validation check.
|
|
197
231
|
*/
|
|
198
232
|
export interface SPFResult {
|
|
199
|
-
result: 'pass' | 'fail' | 'softfail' | 'neutral' | 'none' | 'temperror' | 'permerror';
|
|
233
|
+
result: 'pass' | 'fail' | 'softfail' | 'neutral' | 'none' | 'temperror' | 'permerror' | 'skipped';
|
|
200
234
|
domain?: string;
|
|
201
235
|
ip?: string;
|
|
202
236
|
details?: string;
|
|
@@ -205,7 +239,7 @@ export interface SPFResult {
|
|
|
205
239
|
* The result of a DKIM (DomainKeys Identified Mail) validation check.
|
|
206
240
|
*/
|
|
207
241
|
export interface DKIMResult {
|
|
208
|
-
result: 'pass' | 'fail' | 'none';
|
|
242
|
+
result: 'pass' | 'fail' | 'none' | 'skipped';
|
|
209
243
|
domain?: string;
|
|
210
244
|
selector?: string;
|
|
211
245
|
signature?: string;
|
|
@@ -214,7 +248,7 @@ export interface DKIMResult {
|
|
|
214
248
|
* The result of a DMARC (Domain-based Message Authentication, Reporting, and Conformance) validation check.
|
|
215
249
|
*/
|
|
216
250
|
export interface DMARCResult {
|
|
217
|
-
result: 'pass' | 'fail' | 'none';
|
|
251
|
+
result: 'pass' | 'fail' | 'none' | 'skipped';
|
|
218
252
|
policy?: 'none' | 'quarantine' | 'reject';
|
|
219
253
|
aligned?: boolean;
|
|
220
254
|
domain?: string;
|
|
@@ -223,7 +257,7 @@ export interface DMARCResult {
|
|
|
223
257
|
* The result of a reverse DNS validation check.
|
|
224
258
|
*/
|
|
225
259
|
export interface ReverseDNSResult {
|
|
226
|
-
|
|
260
|
+
result: 'pass' | 'fail' | 'none' | 'skipped';
|
|
227
261
|
ip?: string;
|
|
228
262
|
hostname?: string;
|
|
229
263
|
}
|
|
@@ -290,12 +324,22 @@ export interface IEmail {
|
|
|
290
324
|
export interface AuthResults extends AuthResultsData {
|
|
291
325
|
validate(): AuthValidation;
|
|
292
326
|
}
|
|
327
|
+
/**
|
|
328
|
+
* The server's encryption policy for inboxes.
|
|
329
|
+
* - `always`: All inboxes are encrypted, no override allowed
|
|
330
|
+
* - `enabled`: Inboxes are encrypted by default, can request plain
|
|
331
|
+
* - `disabled`: Inboxes are plain by default, can request encrypted
|
|
332
|
+
* - `never`: All inboxes are plain, no override allowed
|
|
333
|
+
*/
|
|
334
|
+
export type EncryptionPolicy = 'always' | 'enabled' | 'disabled' | 'never';
|
|
293
335
|
/**
|
|
294
336
|
* Information about the VaultSandbox server.
|
|
295
337
|
*/
|
|
296
338
|
export interface ServerInfo {
|
|
297
339
|
/** Base64URL-encoded server signing public key for ML-DSA-65. */
|
|
298
340
|
serverSigPk: string;
|
|
341
|
+
/** The server's encryption policy for inboxes. */
|
|
342
|
+
encryptionPolicy: EncryptionPolicy;
|
|
299
343
|
/** Cryptographic algorithms supported by the server. */
|
|
300
344
|
algs: {
|
|
301
345
|
/** Key encapsulation mechanism algorithm (e.g., 'ML-KEM-768'). */
|
|
@@ -336,12 +380,16 @@ export interface SSEConfig {
|
|
|
336
380
|
backoffMultiplier?: number;
|
|
337
381
|
}
|
|
338
382
|
/**
|
|
383
|
+
* SSE message data for new email notifications.
|
|
339
384
|
* @internal
|
|
340
385
|
*/
|
|
341
386
|
export interface SSEMessageData {
|
|
342
387
|
inboxId: string;
|
|
343
388
|
emailId: string;
|
|
344
|
-
|
|
389
|
+
/** Encrypted metadata. Present for encrypted inboxes. */
|
|
390
|
+
encryptedMetadata?: EncryptedData;
|
|
391
|
+
/** Base64-encoded JSON metadata. Present for plain inboxes. */
|
|
392
|
+
metadata?: string;
|
|
345
393
|
}
|
|
346
394
|
/**
|
|
347
395
|
* A quantum-safe keypair used for encryption and decryption.
|
|
@@ -432,3 +480,165 @@ export declare class InvalidImportDataError extends VaultSandboxError {
|
|
|
432
480
|
export declare class StrategyError extends VaultSandboxError {
|
|
433
481
|
constructor(message: string);
|
|
434
482
|
}
|
|
483
|
+
/**
|
|
484
|
+
* An error thrown when a webhook is not found.
|
|
485
|
+
*/
|
|
486
|
+
export declare class WebhookNotFoundError extends VaultSandboxError {
|
|
487
|
+
constructor(message: string);
|
|
488
|
+
}
|
|
489
|
+
/**
|
|
490
|
+
* Webhook event types.
|
|
491
|
+
*/
|
|
492
|
+
export type WebhookEventType = 'email.received' | 'email.stored' | 'email.deleted';
|
|
493
|
+
/**
|
|
494
|
+
* A single filter rule for webhook filtering.
|
|
495
|
+
*/
|
|
496
|
+
export interface FilterRule {
|
|
497
|
+
/** The field to filter on. */
|
|
498
|
+
field: string;
|
|
499
|
+
/** The operator to use for matching. */
|
|
500
|
+
operator: 'equals' | 'contains' | 'starts_with' | 'ends_with' | 'domain' | 'regex' | 'exists';
|
|
501
|
+
/** The value to match against. */
|
|
502
|
+
value: string;
|
|
503
|
+
/** Whether the match should be case sensitive. */
|
|
504
|
+
caseSensitive?: boolean;
|
|
505
|
+
}
|
|
506
|
+
/**
|
|
507
|
+
* Filter configuration for webhooks.
|
|
508
|
+
*/
|
|
509
|
+
export interface FilterConfig {
|
|
510
|
+
/** The filter rules to apply. */
|
|
511
|
+
rules: FilterRule[];
|
|
512
|
+
/** How to combine the rules: 'all' (AND) or 'any' (OR). */
|
|
513
|
+
mode: 'all' | 'any';
|
|
514
|
+
/** Whether to require email authentication to pass. */
|
|
515
|
+
requireAuth?: boolean;
|
|
516
|
+
}
|
|
517
|
+
/**
|
|
518
|
+
* A custom webhook template.
|
|
519
|
+
*/
|
|
520
|
+
export interface CustomTemplate {
|
|
521
|
+
/** Template type, must be 'custom'. */
|
|
522
|
+
type: 'custom';
|
|
523
|
+
/** The template body. */
|
|
524
|
+
body: string;
|
|
525
|
+
/** The content type for the webhook payload. */
|
|
526
|
+
contentType?: string;
|
|
527
|
+
}
|
|
528
|
+
/**
|
|
529
|
+
* Options for creating a webhook.
|
|
530
|
+
*/
|
|
531
|
+
export interface CreateWebhookOptions {
|
|
532
|
+
/** The URL to send webhook requests to. */
|
|
533
|
+
url: string;
|
|
534
|
+
/** The events that trigger the webhook. */
|
|
535
|
+
events: WebhookEventType[];
|
|
536
|
+
/** The template to use for formatting the webhook payload. */
|
|
537
|
+
template?: 'slack' | 'discord' | 'teams' | 'simple' | 'notification' | 'zapier' | 'default' | CustomTemplate;
|
|
538
|
+
/** Filter configuration to control which emails trigger the webhook. */
|
|
539
|
+
filter?: FilterConfig;
|
|
540
|
+
/** A description of the webhook. */
|
|
541
|
+
description?: string;
|
|
542
|
+
}
|
|
543
|
+
/**
|
|
544
|
+
* Options for updating a webhook.
|
|
545
|
+
*/
|
|
546
|
+
export interface UpdateWebhookOptions {
|
|
547
|
+
/** The URL to send webhook requests to. */
|
|
548
|
+
url?: string;
|
|
549
|
+
/** The events that trigger the webhook. */
|
|
550
|
+
events?: WebhookEventType[];
|
|
551
|
+
/** The template to use for formatting the webhook payload. Set to null to remove. */
|
|
552
|
+
template?: string | CustomTemplate | null;
|
|
553
|
+
/** Filter configuration to control which emails trigger the webhook. Set to null to remove. */
|
|
554
|
+
filter?: FilterConfig | null;
|
|
555
|
+
/** A description of the webhook. */
|
|
556
|
+
description?: string;
|
|
557
|
+
/** Whether the webhook is enabled. */
|
|
558
|
+
enabled?: boolean;
|
|
559
|
+
}
|
|
560
|
+
/**
|
|
561
|
+
* Webhook delivery statistics.
|
|
562
|
+
*/
|
|
563
|
+
export interface WebhookStats {
|
|
564
|
+
/** Total number of delivery attempts. */
|
|
565
|
+
totalDeliveries: number;
|
|
566
|
+
/** Number of successful deliveries. */
|
|
567
|
+
successfulDeliveries: number;
|
|
568
|
+
/** Number of failed deliveries. */
|
|
569
|
+
failedDeliveries: number;
|
|
570
|
+
}
|
|
571
|
+
/**
|
|
572
|
+
* Webhook data returned from the API.
|
|
573
|
+
*/
|
|
574
|
+
export interface WebhookData {
|
|
575
|
+
/** Unique identifier for the webhook. */
|
|
576
|
+
id: string;
|
|
577
|
+
/** The URL to send webhook requests to. */
|
|
578
|
+
url: string;
|
|
579
|
+
/** The events that trigger the webhook. */
|
|
580
|
+
events: WebhookEventType[];
|
|
581
|
+
/** The scope of the webhook. */
|
|
582
|
+
scope: 'global' | 'inbox';
|
|
583
|
+
/** The email address of the inbox (for inbox-scoped webhooks). */
|
|
584
|
+
inboxEmail?: string;
|
|
585
|
+
/** The hash of the inbox (for inbox-scoped webhooks). */
|
|
586
|
+
inboxHash?: string;
|
|
587
|
+
/** Whether the webhook is enabled. */
|
|
588
|
+
enabled: boolean;
|
|
589
|
+
/** The webhook secret for signature verification. Only included on creation. */
|
|
590
|
+
secret?: string;
|
|
591
|
+
/** The template configuration. */
|
|
592
|
+
template?: unknown;
|
|
593
|
+
/** The filter configuration. */
|
|
594
|
+
filter?: FilterConfig;
|
|
595
|
+
/** A description of the webhook. */
|
|
596
|
+
description?: string;
|
|
597
|
+
/** ISO 8601 timestamp when the webhook was created. */
|
|
598
|
+
createdAt: string;
|
|
599
|
+
/** ISO 8601 timestamp when the webhook was last updated. */
|
|
600
|
+
updatedAt?: string;
|
|
601
|
+
/** ISO 8601 timestamp of the last delivery attempt. */
|
|
602
|
+
lastDeliveryAt?: string;
|
|
603
|
+
/** The status of the last delivery attempt. */
|
|
604
|
+
lastDeliveryStatus?: 'success' | 'failed';
|
|
605
|
+
/** Delivery statistics. */
|
|
606
|
+
stats?: WebhookStats;
|
|
607
|
+
}
|
|
608
|
+
/**
|
|
609
|
+
* Response from listing webhooks.
|
|
610
|
+
*/
|
|
611
|
+
export interface WebhookListResponse {
|
|
612
|
+
/** The list of webhooks. */
|
|
613
|
+
webhooks: WebhookData[];
|
|
614
|
+
/** Total number of webhooks. */
|
|
615
|
+
total: number;
|
|
616
|
+
}
|
|
617
|
+
/**
|
|
618
|
+
* Response from testing a webhook.
|
|
619
|
+
*/
|
|
620
|
+
export interface TestWebhookResponse {
|
|
621
|
+
/** Whether the test was successful. */
|
|
622
|
+
success: boolean;
|
|
623
|
+
/** The HTTP status code returned by the webhook endpoint. */
|
|
624
|
+
statusCode?: number;
|
|
625
|
+
/** The response time in milliseconds. */
|
|
626
|
+
responseTime?: number;
|
|
627
|
+
/** The response body from the webhook endpoint. */
|
|
628
|
+
responseBody?: string;
|
|
629
|
+
/** Error message if the test failed. */
|
|
630
|
+
error?: string;
|
|
631
|
+
/** The payload that was sent to the webhook endpoint. */
|
|
632
|
+
payloadSent?: unknown;
|
|
633
|
+
}
|
|
634
|
+
/**
|
|
635
|
+
* Response from rotating a webhook secret.
|
|
636
|
+
*/
|
|
637
|
+
export interface RotateSecretResponse {
|
|
638
|
+
/** The webhook ID. */
|
|
639
|
+
id: string;
|
|
640
|
+
/** The new webhook secret. */
|
|
641
|
+
secret: string;
|
|
642
|
+
/** ISO 8601 timestamp until which the previous secret remains valid. */
|
|
643
|
+
previousSecretValidUntil: string;
|
|
644
|
+
}
|
package/dist/types/index.js
CHANGED
|
@@ -124,4 +124,14 @@ export class StrategyError extends VaultSandboxError {
|
|
|
124
124
|
Object.setPrototypeOf(this, StrategyError.prototype);
|
|
125
125
|
}
|
|
126
126
|
}
|
|
127
|
+
/**
|
|
128
|
+
* An error thrown when a webhook is not found.
|
|
129
|
+
*/
|
|
130
|
+
export class WebhookNotFoundError extends VaultSandboxError {
|
|
131
|
+
constructor(message) {
|
|
132
|
+
super(message);
|
|
133
|
+
this.name = 'WebhookNotFoundError';
|
|
134
|
+
Object.setPrototypeOf(this, WebhookNotFoundError.prototype);
|
|
135
|
+
}
|
|
136
|
+
}
|
|
127
137
|
//# sourceMappingURL=index.js.map
|
package/dist/types/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA;;GAEG;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAkdH,qBAAqB;AAErB;;GAEG;AACH,MAAM,OAAO,iBAAkB,SAAQ,KAAK;IAC1C,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,mBAAmB,CAAC;QAChC,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAC3D,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,QAAS,SAAQ,iBAAiB;IAEpC;IADT,YACS,UAAkB,EACzB,OAAe;QAEf,KAAK,CAAC,OAAO,CAAC,CAAC;QAHR,eAAU,GAAV,UAAU,CAAQ;QAIzB,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC;QACvB,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC;IAClD,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,YAAa,SAAQ,iBAAiB;IACjD,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,cAAc,CAAC;QAC3B,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,SAAS,CAAC,CAAC;IACtD,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,YAAa,SAAQ,iBAAiB;IACjD,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,cAAc,CAAC;QAC3B,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,SAAS,CAAC,CAAC;IACtD,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,eAAgB,SAAQ,iBAAiB;IACpD,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;QAC9B,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,SAAS,CAAC,CAAC;IACzD,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,0BAA2B,SAAQ,iBAAiB;IAC/D,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,4BAA4B,CAAC;QACzC,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,0BAA0B,CAAC,SAAS,CAAC,CAAC;IACpE,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,kBAAmB,SAAQ,iBAAiB;IACvD,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;QACjC,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,kBAAkB,CAAC,SAAS,CAAC,CAAC;IAC5D,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,kBAAmB,SAAQ,iBAAiB;IACvD,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;QACjC,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,kBAAkB,CAAC,SAAS,CAAC,CAAC;IAC5D,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,QAAS,SAAQ,iBAAiB;IAC7C,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC;QACvB,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC;IAClD,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,uBAAwB,SAAQ,iBAAiB;IAC5D,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,yBAAyB,CAAC;QACtC,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,uBAAuB,CAAC,SAAS,CAAC,CAAC;IACjE,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,sBAAuB,SAAQ,iBAAiB;IAC3D,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;QACrC,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,sBAAsB,CAAC,SAAS,CAAC,CAAC;IAChE,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,aAAc,SAAQ,iBAAiB;IAClD,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,eAAe,CAAC;QAC5B,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC;IACvD,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,oBAAqB,SAAQ,iBAAiB;IACzD,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;QACnC,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,SAAS,CAAC,CAAC;IAC9D,CAAC;CACF"}
|
|
@@ -1,14 +1,25 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Shared email utilities for decryption and filtering
|
|
3
3
|
*/
|
|
4
|
-
import type { Keypair, EmailData, IEmail, WaitOptions } from '../types/index.js';
|
|
4
|
+
import type { Keypair, EmailData, EncryptedEmailData, PlainEmailData, IEmail, WaitOptions } from '../types/index.js';
|
|
5
5
|
import type { ApiClient } from '../http/api-client.js';
|
|
6
6
|
/**
|
|
7
|
-
*
|
|
7
|
+
* Type guard to determine if email data is encrypted.
|
|
8
|
+
* @param email - The email data to check
|
|
9
|
+
* @returns true if the email has encryptedMetadata (encrypted format)
|
|
10
|
+
*/
|
|
11
|
+
export declare function isEncryptedEmailData(email: EmailData): email is EncryptedEmailData;
|
|
12
|
+
/**
|
|
13
|
+
* Decrypts an EncryptedEmailData object into an Email instance.
|
|
8
14
|
* Expects full email data with encryptedParsed content.
|
|
9
15
|
* IMPORTANT: Signature verification happens BEFORE decryption for security
|
|
10
16
|
*/
|
|
11
|
-
export declare function decryptEmailData(emailData:
|
|
17
|
+
export declare function decryptEmailData(emailData: EncryptedEmailData, keypair: Keypair, emailAddress: string, apiClient: ApiClient): Promise<IEmail>;
|
|
18
|
+
/**
|
|
19
|
+
* Decodes a PlainEmailData object into an Email instance.
|
|
20
|
+
* Plain emails have base64-encoded metadata and parsed content.
|
|
21
|
+
*/
|
|
22
|
+
export declare function decodeBase64EmailData(emailData: PlainEmailData, emailAddress: string, apiClient: ApiClient): IEmail;
|
|
12
23
|
/**
|
|
13
24
|
* Finds the first email matching the specified criteria
|
|
14
25
|
*/
|
|
@@ -6,7 +6,15 @@ import { decryptMetadata, decryptParsed } from '../crypto/decrypt.js';
|
|
|
6
6
|
import { verifySignature } from '../crypto/signature.js';
|
|
7
7
|
import { fromBase64 } from '../crypto/utils.js';
|
|
8
8
|
/**
|
|
9
|
-
*
|
|
9
|
+
* Type guard to determine if email data is encrypted.
|
|
10
|
+
* @param email - The email data to check
|
|
11
|
+
* @returns true if the email has encryptedMetadata (encrypted format)
|
|
12
|
+
*/
|
|
13
|
+
export function isEncryptedEmailData(email) {
|
|
14
|
+
return 'encryptedMetadata' in email;
|
|
15
|
+
}
|
|
16
|
+
/**
|
|
17
|
+
* Decrypts an EncryptedEmailData object into an Email instance.
|
|
10
18
|
* Expects full email data with encryptedParsed content.
|
|
11
19
|
* IMPORTANT: Signature verification happens BEFORE decryption for security
|
|
12
20
|
*/
|
|
@@ -39,6 +47,36 @@ export async function decryptEmailData(emailData, keypair, emailAddress, apiClie
|
|
|
39
47
|
}
|
|
40
48
|
return new Email(emailData, metadata, parsed, emailAddress, apiClient, keypair);
|
|
41
49
|
}
|
|
50
|
+
/**
|
|
51
|
+
* Decodes a PlainEmailData object into an Email instance.
|
|
52
|
+
* Plain emails have base64-encoded metadata and parsed content.
|
|
53
|
+
*/
|
|
54
|
+
export function decodeBase64EmailData(emailData, emailAddress, apiClient) {
|
|
55
|
+
// Decode base64 metadata
|
|
56
|
+
const metadataJson = Buffer.from(emailData.metadata, 'base64').toString('utf-8');
|
|
57
|
+
const metadata = JSON.parse(metadataJson);
|
|
58
|
+
// Decode parsed content if available
|
|
59
|
+
let parsed = null;
|
|
60
|
+
if (emailData.parsed) {
|
|
61
|
+
const parsedJson = Buffer.from(emailData.parsed, 'base64').toString('utf-8');
|
|
62
|
+
parsed = JSON.parse(parsedJson);
|
|
63
|
+
// Transform attachment content from base64 strings to Uint8Array
|
|
64
|
+
// Same as encrypted path - server sends attachment content as base64
|
|
65
|
+
if (parsed?.attachments) {
|
|
66
|
+
parsed.attachments = parsed.attachments.map((att) => {
|
|
67
|
+
if (att.content && typeof att.content === 'string') {
|
|
68
|
+
return {
|
|
69
|
+
...att,
|
|
70
|
+
content: fromBase64(att.content),
|
|
71
|
+
};
|
|
72
|
+
}
|
|
73
|
+
return att;
|
|
74
|
+
});
|
|
75
|
+
}
|
|
76
|
+
}
|
|
77
|
+
// Pass null for keypair since plain emails don't need decryption
|
|
78
|
+
return new Email(emailData, metadata, parsed, emailAddress, apiClient, null);
|
|
79
|
+
}
|
|
42
80
|
/**
|
|
43
81
|
* Finds the first email matching the specified criteria
|
|
44
82
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"email-utils.js","sourceRoot":"","sources":["../../src/utils/email-utils.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACpC,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"email-utils.js","sourceRoot":"","sources":["../../src/utils/email-utils.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACpC,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAchD;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAAC,KAAgB;IACnD,OAAO,mBAAmB,IAAI,KAAK,CAAC;AACtC,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,SAA6B,EAC7B,OAAgB,EAChB,YAAoB,EACpB,SAAoB;IAEpB,oFAAoF;IACpF,eAAe,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;IAE7C,mBAAmB;IACnB,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAoB,SAAS,CAAC,iBAAiB,EAAE,OAAO,CAAC,CAAC;IAEhG,sCAAsC;IACtC,IAAI,MAAM,GAA2B,IAAI,CAAC;IAC1C,IAAI,SAAS,CAAC,eAAe,EAAE,CAAC;QAC9B,0CAA0C;QAC1C,eAAe,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QAC3C,MAAM,GAAG,MAAM,aAAa,CAAkB,SAAS,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAElF,iEAAiE;QACjE,mGAAmG;QACnG,IAAI,MAAM,EAAE,WAAW,EAAE,CAAC;YACxB,MAAM,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;gBAClD,2DAA2D;gBAC3D,IAAI,GAAG,CAAC,OAAO,IAAI,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;oBACnD,OAAO;wBACL,GAAG,GAAG;wBACN,OAAO,EAAE,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC;qBACjC,CAAC;gBACJ,CAAC;gBACD,6CAA6C;gBAC7C,OAAO,GAAG,CAAC;YACb,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,IAAI,KAAK,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;AAClF,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,qBAAqB,CAAC,SAAyB,EAAE,YAAoB,EAAE,SAAoB;IACzG,yBAAyB;IACzB,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACjF,MAAM,QAAQ,GAAsB,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;IAE7D,qCAAqC;IACrC,IAAI,MAAM,GAA2B,IAAI,CAAC;IAC1C,IAAI,SAAS,CAAC,MAAM,EAAE,CAAC;QACrB,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC7E,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAEhC,iEAAiE;QACjE,qEAAqE;QACrE,IAAI,MAAM,EAAE,WAAW,EAAE,CAAC;YACxB,MAAM,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,GAAuD,EAAE,EAAE;gBACtG,IAAI,GAAG,CAAC,OAAO,IAAI,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;oBACnD,OAAO;wBACL,GAAG,GAAG;wBACN,OAAO,EAAE,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC;qBACjC,CAAC;gBACJ,CAAC;gBACD,OAAO,GAAG,CAAC;YACb,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,iEAAiE;IACjE,OAAO,IAAI,KAAK,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;AAC/E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAAgB,EAAE,OAAoB;IACtE,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,CAAC;YACnC,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,KAAa,EAAE,OAAoB;IAChE,uBAAuB;IACvB,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,uEAAuE;QACvE,IAAI,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;YACxC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC7C,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;aAAM,IAAI,OAAO,CAAC,OAAO,YAAY,MAAM,EAAE,CAAC;YAC7C,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;gBACzC,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,uEAAuE;QACvE,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YACrC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvC,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;aAAM,IAAI,OAAO,CAAC,IAAI,YAAY,MAAM,EAAE,CAAC;YAC1C,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBACnC,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;IACH,CAAC;IAED,yBAAyB;IACzB,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;QACtB,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@vaultsandbox/client",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.8.0",
|
|
4
4
|
"description": "Node.js SDK for VaultSandbox Gateway — quantum-safe email testing with zero crypto knowledge required. Create isolated inboxes, validate SPF/DKIM/DMARC, and test your full email stack in CI/CD pipelines.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"homepage": "https://github.com/vaultsandbox/client-node",
|
|
@@ -38,7 +38,7 @@
|
|
|
38
38
|
"vaultsandbox"
|
|
39
39
|
],
|
|
40
40
|
"author": "Antero <antero@vaultsandbox.com>",
|
|
41
|
-
"license": "
|
|
41
|
+
"license": "Apache-2.0",
|
|
42
42
|
"publishConfig": {
|
|
43
43
|
"access": "public"
|
|
44
44
|
},
|
|
@@ -61,7 +61,7 @@
|
|
|
61
61
|
"prepublishOnly": "npm run clean && npm run build"
|
|
62
62
|
},
|
|
63
63
|
"dependencies": {
|
|
64
|
-
"@noble/post-quantum": "0.5.
|
|
64
|
+
"@noble/post-quantum": "0.5.4",
|
|
65
65
|
"axios": "1.13.2",
|
|
66
66
|
"debug": "4.4.3",
|
|
67
67
|
"eventsource": "4.1.0"
|
|
@@ -70,8 +70,8 @@
|
|
|
70
70
|
"@types/debug": "4.1.12",
|
|
71
71
|
"@types/jest": "30.0.0",
|
|
72
72
|
"@types/node": "24.10.2",
|
|
73
|
-
"@typescript-eslint/eslint-plugin": "8.
|
|
74
|
-
"@typescript-eslint/parser": "8.
|
|
73
|
+
"@typescript-eslint/eslint-plugin": "8.52.0",
|
|
74
|
+
"@typescript-eslint/parser": "8.52.0",
|
|
75
75
|
"dotenv": "17.2.3",
|
|
76
76
|
"eslint": "9.39.1",
|
|
77
77
|
"eslint-config-prettier": "10.1.8",
|