[PB-5714] Add mail API to the sdk

[TamaraFinogina]

This PR adds functions needed for implementing Mail

[larryrider]

Is the workspaceToken or the desktopToken going to be needed for the meet server api?
If not, maybe its better to remove them from here 🤔

[TamaraFinogina]

You are right, I took this part from drive I think

[TamaraFinogina]

nope, copied headersWithToken from meet

[larryrider]

maybe they should be removed from there too haha

[TamaraFinogina]

@larryrider Fixed

[larryrider]

If you are going to do a new release, remember to update the package.json version

[sg-gs]

What is pk and why it contains the publicKeys while other object (keys) contains the private ones? I feel this confusing unless the pk name is clearer

[TamaraFinogina]

pk is the public key of the sender. To decrypt the email, we need both the public key of the person who sent the email and the private key of the receiver. I can rename pk to senderPublicKeys

[sg-gs]

This path is not following REST. Something like /users/keys with a body would be better

[sg-gs]

Same here

[sg-gs]

And here:

POST /keys

Would be better

[sg-gs]

Same here

POST /mails

Would be more correct

[sg-gs]

Same here

[sg-gs]

Same here

[sg-gs]

Same here

GET /keys

[TamaraFinogina]

@sg-gs I've changed the paths, now they are:

• uploadKeystoreToServer → /keystore
• downloadKeystoreFromServer → /user/keystore
• getUserWithPublicKeys → /user/public-keys
• getSeveralUsersWithPublicKeys → /users/public-keys
• sendEncryptedEmail → /email/encrypted
• sendEncryptedEmailToMultipleRecipients → /emails/encrypted
• sendPasswordProtectedEmail → /email/password-protected

1. I've used public-keys instead of keys because there are also private keys, and it might be confusing
2. The email can be encrypted with Kyber + ECC or protected with a shared password, which results in different encrypted email types (HybridEncryptedEmail and PwdProtectedEmail) - hence 2 different post methods
3. The email can be encrypted for several recipients, in which case the encrypted emails HybridEncryptedEmail are different for each recipient because recipientEmail and encryptedKey will be different based on who the exact recipient is, the rest of the HybridEncryptedEmail will be the same. I can adjust the type if necessary

 `HybridEncryptedEmail = {
    encryptedKey: HybridEncKey;
    enc: EmailBodyEncrypted;
    recipientEmail: string;
    params: EmailPublicParameters;
    id: string;
    isSubjectEncrypted: boolean;
}

[sg-gs]

@sg-gs I've changed the paths, now they are:

• uploadKeystoreToServer → /keystore
• downloadKeystoreFromServer → /user/keystore
• getUserWithPublicKeys → /user/public-keys
• getSeveralUsersWithPublicKeys → /users/public-keys
• sendEncryptedEmail → /email/encrypted
• sendEncryptedEmailToMultipleRecipients → /emails/encrypted
• sendPasswordProtectedEmail → /email/password-protected

1. I've used public-keys instead of keys because there are also private keys, and it might be confusing
2. The email can be encrypted with Kyber + ECC or protected with a shared password, which results in different encrypted email types (HybridEncryptedEmail and PwdProtectedEmail) - hence 2 different post methods
3. The email can be encrypted for several recipients, in which case the encrypted emails HybridEncryptedEmail are different for each recipient because recipientEmail and encryptedKey will be different based on who the exact recipient is, the rest of the HybridEncryptedEmail will be the same. I can adjust the type if necessary

 `HybridEncryptedEmail = {
    encryptedKey: HybridEncKey;
    enc: EmailBodyEncrypted;
    recipientEmail: string;
    params: EmailPublicParameters;
    id: string;
    isSubjectEncrypted: boolean;
}

@TamaraFinogina
I see some potential improvements on the paths like entities should be always in plural and the duplication of EPs that should be under the same path. Thus I suggest you the following routes which I am pretty sure @jzunigax2 will almost agree:

• uploadKeystoreToServer → POST /keystore
• downloadKeystoreFromServer → GET /keystore
• getUserWithPublicKeys → GET /users/public-keys?emails=<one_email_or_more>
• getSeveralUsersWithPublicKeys → idem ⬆️
• sendEncryptedEmail → POST /emails
• sendEncryptedEmailToMultipleRecipients → idem ⬆️ (but different body)
• sendPasswordProtectedEmail → idem ⬆️ (but different body)

Idea: Same action but additional params → same route (generally)

[jzunigax2]

@sg-gs I've changed the paths, now they are:

• uploadKeystoreToServer → /keystore
• downloadKeystoreFromServer → /user/keystore
• getUserWithPublicKeys → /user/public-keys
• getSeveralUsersWithPublicKeys → /users/public-keys
• sendEncryptedEmail → /email/encrypted
• sendEncryptedEmailToMultipleRecipients → /emails/encrypted
• sendPasswordProtectedEmail → /email/password-protected

1. I've used public-keys instead of keys because there are also private keys, and it might be confusing
2. The email can be encrypted with Kyber + ECC or protected with a shared password, which results in different encrypted email types (HybridEncryptedEmail and PwdProtectedEmail) - hence 2 different post methods
3. The email can be encrypted for several recipients, in which case the encrypted emails HybridEncryptedEmail are different for each recipient because recipientEmail and encryptedKey will be different based on who the exact recipient is, the rest of the HybridEncryptedEmail will be the same. I can adjust the type if necessary

 `HybridEncryptedEmail = {
    encryptedKey: HybridEncKey;
    enc: EmailBodyEncrypted;
    recipientEmail: string;
    params: EmailPublicParameters;
    id: string;
    isSubjectEncrypted: boolean;
}

@TamaraFinogina I see some potential improvements on the paths like entities should be always in plural and the duplication of EPs that should be under the same path. Thus I suggest you the following routes which I am pretty sure @jzunigax2 will almost agree:

* uploadKeystoreToServer → POST /keystore

* downloadKeystoreFromServer → GET /keystore

* getUserWithPublicKeys → GET /users/public-keys?emails=<one_email_or_more>

* getSeveralUsersWithPublicKeys → idem ⬆️

* sendEncryptedEmail → POST /emails

* sendEncryptedEmailToMultipleRecipients → idem ⬆️ (but different body)

* sendPasswordProtectedEmail → idem ⬆️ (but different body)

Idea: Same action but additional params → same route (generally)

yeah agreed, only the get keys requests seem like a POST to me, so we avoid sending the emails in query params as I know there is a max url limit (though I have no clue how big or small this limit is) or avoid possiby exposing recipients in a server request log

[TamaraFinogina]

@sg-gs @jzunigax2, functions now are the following:

• uploadKeystoreToServer → /keystore
• downloadKeystoreFromServer → /user/keystore
• getUserWithPublicKeys →/users/public-keys with parameter emails: [userEmail]
• getSeveralUsersWithPublicKeys → /users/public-keys with parameter emails
• sendEncryptedEmail → /emails with parameter emails: [encryptedEmail]
• sendEncryptedEmailToMultipleRecipients → /emails with parameter emails
• sendPasswordProtectedEmail → /emails with parameter email

All of them are currently POST because getSeveralUsersWithPublicKeys and downloadKeystoreFromServer have user emails/email as parameters. I'm not sure we should expose them as part of the URL

P.S. I'm not sure if sendPasswordProtectedEmail should have emails, email, or something like pwd-email as input

[CandelR]

singleResponse.publicKeys will throw if the server returns an empty array
Consider adding a guard:
if (!response[0]) throw new Error(No public keys found for ${userEmail});

[TamaraFinogina]

Done, check is added

[CandelR]

Need to create a task to release this package to npm

[TamaraFinogina]

Yes, I'm preparing the release

[TamaraFinogina]

Done, it uses version 0.0.13 now

[sg-gs]

Use when-then

[TamaraFinogina]

something like:

'When a keystore upload is requested, then it should successfully upload the keystore.'?

[TamaraFinogina]

@sg-gs Done