feat(sdk): Export AttributeObject and others (#487)

dmihalcik-virtru · web-flow · commit 3d45ecfa07f2 · 2025-03-21T15:09:34.000-04:00
- Remove duplicate AttributeObject interface, replacing with type
- Removes unnecessary constructor function
- Exports the type
- Refactor of similar duplication with policy:
   - NanoTDF code `Policy` becomes `PolicyBuilder`
   - The Nano code's `PolicyObject` is removed in favor of the `tdf3.Policy` type
- adds missing `mimeType` field to `Payload` type
diff --git a/lib/src/index.ts b/lib/src/index.ts
@@ -4,3 +4,4 @@ export { attributeFQNsAsValues } from './policy/api.js';
 export { version, clientType, tdfSpecVersion } from './version.js';
 export * from './opentdf.js';
 export * from './seekable.js';
+export * from '../tdf3/src/models/index.js';
diff --git a/lib/src/nanoclients.ts b/lib/src/nanoclients.ts
@@ -9,11 +9,11 @@ import {
   DefaultParams,
 } from './nanotdf/index.js';
 import { keyAgreement } from './nanotdf-crypto/index.js';
-import { Policy } from './tdf/Policy.js';
-import { createAttribute } from './tdf/AttributeObject.js';
+import { PolicyBuilder } from './tdf/Policy.js';
 import { fetchECKasPubKey } from './access.js';
-import { ClientConfig } from './nanotdf/Client.js';
+import { type ClientConfig } from './nanotdf/Client.js';
 import { ConfigurationError } from './errors.js';
+import { type AttributeObject } from '../tdf3/src/models/attribute.js';
 
 // Define the EncryptOptions type
 export type EncryptOptions = {
@@ -112,11 +112,15 @@ export class NanoTDFClient extends Client {
     }
 
     // Create a policy for the tdf
-    const policy = new Policy();
+    const policy = new PolicyBuilder();
 
     // Add data attributes.
     for (const dataAttribute of this.dataAttributes) {
-      const attribute = await createAttribute(dataAttribute, this.kasPubKey, this.kasUrl);
+      const attribute: AttributeObject = {
+        attribute: dataAttribute,
+        pubKey: this.kasPubKey.publicKey,
+        kasUrl: this.kasUrl,
+      };
       policy.addAttribute(attribute);
     }
 
@@ -243,11 +247,15 @@ export class NanoTDFDatasetClient extends Client {
       }
 
       // Create a policy for the tdf
-      const policy = new Policy();
+      const policy = new PolicyBuilder();
 
       // Add data attributes.
       for (const dataAttribute of this.dataAttributes) {
-        const attribute = await createAttribute(dataAttribute, this.kasPubKey, this.kasUrl);
+        const attribute = {
+          attribute: dataAttribute,
+          kasPubKey: this.kasPubKey.publicKey,
+          kasUrl: this.kasUrl,
+        };
         policy.addAttribute(attribute);
       }
 
diff --git a/lib/src/opentdf.ts b/lib/src/opentdf.ts
@@ -29,8 +29,8 @@ import {
   type IntegrityAlgorithm,
 } from '../tdf3/src/tdf.js';
 import { base64 } from './encodings/index.js';
-import { PolicyObject } from './tdf/PolicyObject.js';
 import PolicyType from './nanotdf/enum/PolicyTypeEnum.js';
+import { Policy } from '../tdf3/src/models/policy.js';
 
 export {
   type Assertion,
@@ -525,8 +525,8 @@ class NanoTDFReader {
       throw new Error('unsupported policy type');
     }
     const policyString = new TextDecoder().decode(nanotdf.header.policy.content);
-    const policy = JSON.parse(policyString) as PolicyObject;
-    return policy.body.dataAttributes.map((a) => a.attribute);
+    const policy = JSON.parse(policyString) as Policy;
+    return policy?.body?.dataAttributes.map((a) => a.attribute) || [];
   }
 }
 
@@ -593,8 +593,8 @@ class ZTDFReader {
   async attributes(): Promise<string[]> {
     const manifest = await this.manifest();
     const policyJSON = base64.decode(manifest.encryptionInformation.policy);
-    const policy = JSON.parse(policyJSON) as PolicyObject;
-    return policy.body.dataAttributes.map((a) => a.attribute);
+    const policy = JSON.parse(policyJSON) as Policy;
+    return policy?.body?.dataAttributes.map((a) => a.attribute) || [];
   }
 }
 
diff --git a/lib/src/tdf/Policy.ts b/lib/src/tdf/Policy.ts
@@ -1,7 +1,9 @@
-import { type AttributeObject } from './AttributeObject.js';
 import { v4 as uuid } from 'uuid';
 
-export class Policy {
+import { type AttributeObject } from '../../tdf3/src/models/attribute.js';
+import { type Policy } from '../../tdf3/src/models/policy.js';
+
+export class PolicyBuilder {
   static CURRENT_VERSION = '1.1.0';
 
   private uuidStr = uuid();
@@ -33,18 +35,22 @@ export class Policy {
     this.dataAttributesList.push(attribute);
   }
 
+  toPolicy(): Policy {
+    return {
+      uuid: this.uuidStr,
+      body: {
+        dataAttributes: this.dataAttributesList,
+        dissem: this.dissemList,
+      },
+    };
+  }
+
   /**
    * Returns the JSON string of Policy object
    *
    * @return {string} [The constructed Policy object as JSON string]
    */
   toJSON(): string {
-    return JSON.stringify({
-      uuid: this.uuidStr,
-      body: {
-        dataAttributes: this.dataAttributesList,
-        dissem: this.dissemList,
-      },
-    });
+    return JSON.stringify(this.toPolicy());
   }
 }
diff --git a/lib/src/tdf/PolicyObject.ts b/lib/src/tdf/PolicyObject.ts
diff --git a/lib/tdf3/src/models/attribute-set.ts b/lib/tdf3/src/models/attribute-set.ts
@@ -1,14 +1,6 @@
 import { decodeJwt } from 'jose';
 
-export type AttributeObject = {
-  attribute: string;
-  kasUrl?: string;
-  kid?: string;
-  pubKey?: string;
-  displayName?: string;
-  isDefault?: boolean;
-  jwt?: string;
-};
+import { type AttributeObject } from './attribute.js';
 
 export class AttributeSet {
   attributes: AttributeObject[];
diff --git a/lib/tdf3/src/models/attribute.ts b/lib/tdf3/src/models/attribute.ts
@@ -0,0 +1,26 @@
+/**
+ * Information about a data or entity attribute, its meaning and interpretation.
+ * While usually we just refer to an attribute by its URL,
+ * we often need to store additional information about it,
+ * for display or analysis.
+ */
+export type AttributeObject = {
+  // The fully qualified name of the attribute, generally a URL
+  attribute: string;
+  // Optional descriptive name of the attribute
+  displayName?: string;
+  // Indicates a default attribute, usually for all policies associated with a KAS
+  isDefault?: boolean;
+
+  // Optional: A cryptographically bound version of the attribute. Deprecated: use a JWS with this as the payload.
+  jwt?: string;
+
+  // A KAS that is associated with the attribute.
+  kasUrl?: string;
+
+  // The preferred public key for the attribute
+  kid?: string;
+
+  // The public key value for the attribute
+  pubKey?: string;
+};
diff --git a/lib/tdf3/src/models/index.ts b/lib/tdf3/src/models/index.ts
@@ -1,3 +1,4 @@
+export * from './attribute.js';
 export * from './attribute-set.js';
 export * from './encryption-information.js';
 export * from './key-access.js';
diff --git a/lib/tdf3/src/models/payload.ts b/lib/tdf3/src/models/payload.ts
@@ -3,4 +3,5 @@ export type Payload = {
   url: string; // "0.payload"
   protocol: string; // "zip"
   isEncrypted: boolean; // true
+  mimeType?: string; // e.g. "text/plain"
 };
diff --git a/lib/tdf3/src/models/policy.ts b/lib/tdf3/src/models/policy.ts
@@ -1,5 +1,5 @@
 import { ConfigurationError } from '../../../src/errors.js';
-import { AttributeObject } from './attribute-set.js';
+import { type AttributeObject } from './attribute.js';
 
 export const CURRENT_VERSION = '1.1.0';
 
diff --git a/lib/tdf3/src/tdf.ts b/lib/tdf3/src/tdf.ts
@@ -24,7 +24,6 @@ import { generateKeyPair } from '../../src/nanotdf-crypto/generateKeyPair.js';
 import { keyAgreement } from '../../src/nanotdf-crypto/keyAgreement.js';
 import { pemPublicToCrypto } from '../../src/nanotdf-crypto/pemPublicToCrypto.js';
 import { type Chunker } from '../../src/seekable.js';
-import { PolicyObject } from '../../src/tdf/PolicyObject.js';
 import { tdfSpecVersion } from '../../src/version.js';
 import { AssertionConfig, AssertionKey, AssertionVerificationKeys } from './assertions.js';
 import * as assertions from './assertions.js';
@@ -55,6 +54,7 @@ import { unsigned } from './utils/buffer-crc32.js';
 import { ZipReader, ZipWriter, keyMerge, concatUint8 } from './utils/index.js';
 import { CentralDirectory } from './utils/zip-reader.js';
 import { ztdfSalt } from './crypto/salt.js';
+import { Payload } from './models/payload.js';
 
 // TODO: input validation on manifest JSON
 const DEFAULT_SEGMENT_SIZE = 1024 * 1024;
@@ -73,12 +73,7 @@ export type EncryptionOptions = {
 
 type KeyMiddleware = DecryptParams['keyMiddleware'];
 
-export type Metadata = {
-  connectOptions?: {
-    testUrl: string;
-  };
-  policyObject?: PolicyObject;
-};
+export type Metadata = unknown;
 
 export type BuildKeyAccess = {
   type: KeyAccessType;
@@ -292,7 +287,7 @@ async function _generateManifest(
   mimeType: string | undefined
 ): Promise<Manifest> {
   // (maybe) Fields are quoted to avoid renaming
-  const payload = {
+  const payload: Payload = {
     type: 'reference',
     url: '0.payload',
     protocol: 'zip',
diff --git a/lib/tests/mocha/unit/builders.spec.ts b/lib/tests/mocha/unit/builders.spec.ts
@@ -1,6 +1,6 @@
 import { expect } from 'chai';
 
-import { type AttributeObject } from '../../../src/tdf/AttributeObject.js';
+import { type AttributeObject } from '../../../tdf3/src/models/attribute.js';
 import { EncryptParamsBuilder } from '../../../tdf3/src/client/builders.js';
 
 const aex = {
diff --git a/lib/tests/mocks/index.ts b/lib/tests/mocks/index.ts
@@ -1,7 +1,7 @@
 import { SignJWT, importPKCS8, JWTPayload } from 'jose';
 import { v4 } from 'uuid';
 
-import { AttributeObject } from '../../src/tdf/AttributeObject.js';
+import { AttributeObject } from '../../tdf3/src/models/attribute.js';
 import { toCryptoKeyPair } from '../../tdf3/src/crypto/crypto-utils.js';
 import { AttributeSet } from '../../tdf3/src/models/attribute-set.js';
 import {

Original file line number	Diff line number	Diff line change
`@@ -29,8 +29,8 @@ import {`
`29`	`29`	`type IntegrityAlgorithm,`
`30`	`30`	`} from '../tdf3/src/tdf.js';`
`31`	`31`	`import { base64 } from './encodings/index.js';`
`32`		`-import { PolicyObject } from './tdf/PolicyObject.js';`
`33`	`32`	`import PolicyType from './nanotdf/enum/PolicyTypeEnum.js';`
	`33`	`+import { Policy } from '../tdf3/src/models/policy.js';`
`34`	`34`
`35`	`35`	`export {`
`36`	`36`	`type Assertion,`
`@@ -525,8 +525,8 @@ class NanoTDFReader {`
`525`	`525`	`throw new Error('unsupported policy type');`
`526`	`526`	`}`
`527`	`527`	`const policyString = new TextDecoder().decode(nanotdf.header.policy.content);`
`528`		`- const policy = JSON.parse(policyString) as PolicyObject;`
`529`		`- return policy.body.dataAttributes.map((a) => a.attribute);`
	`528`	`+ const policy = JSON.parse(policyString) as Policy;`
	`529`	`+ return policy?.body?.dataAttributes.map((a) => a.attribute) \|\| [];`
`530`	`530`	`}`
`531`	`531`	`}`
`532`	`532`
`@@ -593,8 +593,8 @@ class ZTDFReader {`
`593`	`593`	`async attributes(): Promise<string[]> {`
`594`	`594`	`const manifest = await this.manifest();`
`595`	`595`	`const policyJSON = base64.decode(manifest.encryptionInformation.policy);`
`596`		`- const policy = JSON.parse(policyJSON) as PolicyObject;`
`597`		`- return policy.body.dataAttributes.map((a) => a.attribute);`
	`596`	`+ const policy = JSON.parse(policyJSON) as Policy;`
	`597`	`+ return policy?.body?.dataAttributes.map((a) => a.attribute) \|\| [];`
`598`	`598`	`}`
`599`	`599`	`}`
`600`	`600`
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,4 @@`
	`1`	`+export * from './attribute.js';`
`1`	`2`	`export * from './attribute-set.js';`
`2`	`3`	`export * from './encryption-information.js';`
`3`	`4`	`export * from './key-access.js';`