npm - @absolutejs/auth - Versions diffs - 0.28.0 → 0.29.0-beta.0 - Mend

@absolutejs/auth 0.28.0 → 0.29.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/index.d.ts +2 -0
package/dist/index.js +228 -35
package/dist/index.js.map +8 -6
package/dist/webhooks/config.d.ts +14 -1
package/dist/webhooks/dispatcher.d.ts +1 -1
package/dist/webhooks/inMemoryStore.d.ts +2 -0
package/dist/webhooks/postgresStore.d.ts +136 -0
package/dist/webhooks/types.d.ts +14 -0
package/package.json +1 -1

package/dist/index.d.ts CHANGED Viewed

@@ -14892,6 +14892,8 @@ export { createNeonPasswordlessTokenStore, createPostgresPasswordlessTokenStore,
 export * from './webhooks/config';
 export * from './webhooks/types';
 export { createWebhookDispatcher } from './webhooks/dispatcher';
+export { createInMemoryWebhookDeliveryStore } from './webhooks/inMemoryStore';
+export { createNeonWebhookDeliveryStore, createPostgresWebhookDeliveryStore, webhookDeliveriesTable } from './webhooks/postgresStore';
 export { signWebhook, verifyWebhookSignature } from './webhooks/sign';
 export * from './portal/config';
 export * from './portal/types';

package/dist/index.js CHANGED Viewed

@@ -7920,6 +7920,14 @@ var webauthnRoutes = ({
 // src/webhooks/config.ts
 var DEFAULT_TIMEOUT_SECONDS = 5;
+var DEFAULT_RETRY_ATTEMPTS = 3;
+var DEFAULT_RETRY_INITIAL_DELAY_MS = MILLISECONDS_IN_A_SECOND;
+var DEFAULT_RETRY_BACKOFF_MULTIPLIER = 2;
+var DEFAULT_WEBHOOK_RETRY = {
+  attempts: DEFAULT_RETRY_ATTEMPTS,
+  backoffMultiplier: DEFAULT_RETRY_BACKOFF_MULTIPLIER,
+  initialDelayMs: DEFAULT_RETRY_INITIAL_DELAY_MS
+};
 var DEFAULT_WEBHOOK_TIMEOUT_MS = MILLISECONDS_IN_A_SECOND * DEFAULT_TIMEOUT_SECONDS;
 // src/webhooks/sign.ts
@@ -7952,12 +7960,145 @@ var verifyWebhookSignature = async ({
 };
 // src/webhooks/dispatcher.ts
+var defaultSleep = (delayMs) => new Promise((resolve) => setTimeout(resolve, delayMs));
+var attemptOnce = async ({
+  envelope,
+  endpoint,
+  fetchImpl,
+  payload,
+  signature,
+  timeoutMs,
+  timestamp
+}) => {
+  const response = await fetchImpl(endpoint.url, {
+    body: payload,
+    headers: {
+      "content-type": "application/json",
+      "webhook-id": envelope.id,
+      "webhook-signature": signature,
+      "webhook-timestamp": timestamp
+    },
+    method: "POST",
+    signal: AbortSignal.timeout(timeoutMs)
+  });
+  if (!response.ok) {
+    throw new Error(`Webhook delivery returned ${response.status}`);
+  }
+  return response.status;
+};
+var errorMessage = (error) => error instanceof Error ? error.message : String(error);
+var statusFromError = (error) => {
+  if (!(error instanceof Error))
+    return;
+  const match = /returned (\d+)/.exec(error.message);
+  return match?.[1] === undefined ? undefined : Number(match[1]);
+};
+var persistFailure = async ({
+  attempts,
+  deliveryStore,
+  endpoint,
+  envelope,
+  lastError
+}) => {
+  if (deliveryStore === undefined)
+    return;
+  const record = {
+    attempts,
+    createdAt: Date.now(),
+    endpointUrl: endpoint.url,
+    envelope,
+    lastError: errorMessage(lastError),
+    lastStatus: statusFromError(lastError)
+  };
+  await deliveryStore.recordFailure(record);
+};
+var tryDeliverThenBackoff = async ({
+  attempt,
+  endpoint,
+  envelope,
+  fetchImpl,
+  payload,
+  retry,
+  signature,
+  sleep,
+  timeoutMs,
+  timestamp
+}) => {
+  try {
+    await attemptOnce({
+      endpoint,
+      envelope,
+      fetchImpl,
+      payload,
+      signature,
+      timeoutMs,
+      timestamp
+    });
+    return;
+  } catch (error) {
+    const isLastAttempt = attempt >= retry.attempts - 1;
+    await (isLastAttempt ? Promise.resolve() : sleep(retry.initialDelayMs * retry.backoffMultiplier ** attempt));
+    return error;
+  }
+};
+var deliverToEndpoint = async ({
+  deliveryStore,
+  endpoint,
+  envelope,
+  fetchImpl,
+  onDeliveryError,
+  payload,
+  retry,
+  signature,
+  sleep,
+  timeoutMs,
+  timestamp
+}) => {
+  let lastError;
+  for (let attempt = 0;attempt < retry.attempts; attempt++) {
+    const error = await tryDeliverThenBackoff({
+      attempt,
+      endpoint,
+      envelope,
+      fetchImpl,
+      payload,
+      retry,
+      signature,
+      sleep,
+      timeoutMs,
+      timestamp
+    });
+    if (error === undefined)
+      return;
+    lastError = error;
+  }
+  await onDeliveryError?.({
+    endpoint,
+    error: lastError,
+    event: envelope
+  });
+  await persistFailure({
+    attempts: retry.attempts,
+    deliveryStore,
+    endpoint,
+    envelope,
+    lastError
+  });
+};
 var createWebhookDispatcher = ({
+  deliveryStore,
   endpoints,
   fetch: fetchImpl = globalThis.fetch,
   onDeliveryError,
+  retry,
+  sleep = defaultSleep,
   timeoutMs = DEFAULT_WEBHOOK_TIMEOUT_MS
 }) => {
+  const effectiveRetry = {
+    attempts: retry?.attempts ?? DEFAULT_WEBHOOK_RETRY.attempts,
+    backoffMultiplier: retry?.backoffMultiplier ?? DEFAULT_WEBHOOK_RETRY.backoffMultiplier,
+    initialDelayMs: retry?.initialDelayMs ?? DEFAULT_WEBHOOK_RETRY.initialDelayMs
+  };
   const dispatch = async (event) => {
     const envelope = {
       createdAt: Date.now(),
@@ -7967,35 +8108,26 @@ var createWebhookDispatcher = ({
     };
     const payload = JSON.stringify(envelope);
     const timestamp = Math.floor(Date.now() / MILLISECONDS_IN_A_SECOND).toString();
-    await Promise.all(endpoints.map(async (endpoint) => {
-      try {
-        const signature = await signWebhook({
-          id: envelope.id,
-          payload,
-          secret: endpoint.secret,
-          timestamp
-        });
-        const response = await fetchImpl(endpoint.url, {
-          body: payload,
-          headers: {
-            "content-type": "application/json",
-            "webhook-id": envelope.id,
-            "webhook-signature": signature,
-            "webhook-timestamp": timestamp
-          },
-          method: "POST",
-          signal: AbortSignal.timeout(timeoutMs)
-        });
-        if (!response.ok) {
-          throw new Error(`Webhook delivery returned ${response.status}`);
-        }
-      } catch (error) {
-        await onDeliveryError?.({
-          endpoint,
-          error,
-          event: envelope
-        });
-      }
+    await Promise.all(endpoints.filter((endpoint) => endpoint.events === undefined || endpoint.events.includes(event.type)).map(async (endpoint) => {
+      const signature = await signWebhook({
+        id: envelope.id,
+        payload,
+        secret: endpoint.secret,
+        timestamp
+      });
+      await deliverToEndpoint({
+        deliveryStore,
+        endpoint,
+        envelope,
+        fetchImpl,
+        onDeliveryError,
+        payload,
+        retry: effectiveRetry,
+        signature,
+        sleep,
+        timeoutMs,
+        timestamp
+      });
     }));
   };
   return dispatch;
@@ -21318,6 +21450,62 @@ var createPostgresPasswordlessTokenStore = (db) => ({
     });
   }
 });
+// src/webhooks/inMemoryStore.ts
+var DEFAULT_LIST_LIMIT = 100;
+var createInMemoryWebhookDeliveryStore = () => {
+  const failures = new Map;
+  return {
+    listFailed: async (limit = DEFAULT_LIST_LIMIT) => Array.from(failures.values()).sort((left, right) => right.createdAt - left.createdAt).slice(0, limit),
+    recordFailure: async (delivery) => {
+      failures.set(delivery.envelope.id, delivery);
+    },
+    removeFailure: async (envelopeId) => {
+      failures.delete(envelopeId);
+    }
+  };
+};
+// src/webhooks/postgresStore.ts
+var ID_LENGTH15 = 255;
+var URL_LENGTH = 2048;
+var DEFAULT_LIST_LIMIT2 = 100;
+var webhookDeliveriesTable = pgTable("auth_webhook_deliveries", {
+  attempts: bigint("attempts", { mode: "number" }).notNull(),
+  created_at_ms: bigint("created_at_ms", { mode: "number" }).notNull(),
+  endpoint_url: varchar("endpoint_url", { length: URL_LENGTH }).notNull(),
+  envelope_id: varchar("envelope_id", { length: ID_LENGTH15 }).primaryKey(),
+  envelope_json: jsonb("envelope_json").$type().notNull(),
+  last_error: text("last_error"),
+  last_status: bigint("last_status", { mode: "number" })
+});
+var toDelivery = (row) => ({
+  attempts: row.attempts,
+  createdAt: row.created_at_ms,
+  endpointUrl: row.endpoint_url,
+  envelope: row.envelope_json,
+  lastError: row.last_error ?? undefined,
+  lastStatus: row.last_status ?? undefined
+});
+var createNeonWebhookDeliveryStore = (databaseUrl) => createPostgresWebhookDeliveryStore(createNeonDatabase(databaseUrl));
+var createPostgresWebhookDeliveryStore = (db) => ({
+  listFailed: async (limit = DEFAULT_LIST_LIMIT2) => {
+    const rows = await db.select().from(webhookDeliveriesTable).orderBy(desc(webhookDeliveriesTable.created_at_ms)).limit(limit);
+    return rows.map(toDelivery);
+  },
+  recordFailure: async (delivery) => {
+    await db.insert(webhookDeliveriesTable).values({
+      attempts: delivery.attempts,
+      created_at_ms: delivery.createdAt,
+      endpoint_url: delivery.endpointUrl,
+      envelope_id: delivery.envelope.id,
+      envelope_json: delivery.envelope,
+      last_error: delivery.lastError ?? null,
+      last_status: delivery.lastStatus ?? null
+    });
+  },
+  removeFailure: async (envelopeId) => {
+    await db.delete(webhookDeliveriesTable).where(eq(webhookDeliveriesTable.envelope_id, envelopeId));
+  }
+});
 // src/portal/inMemorySetupSessionStore.ts
 var cloneSession = (value) => ({
   ...value,
@@ -21339,19 +21527,19 @@ var createInMemorySetupSessionStore = () => {
   };
 };
 // src/portal/postgresSetupSessionStore.ts
-var ID_LENGTH15 = 255;
+var ID_LENGTH16 = 255;
 var setupSessionsTable = pgTable("auth_setup_sessions", {
   capabilities: jsonb("capabilities").$type().notNull().default([]),
   created_at_ms: bigint("created_at_ms", { mode: "number" }).notNull(),
-  created_by: varchar("created_by", { length: ID_LENGTH15 }),
+  created_by: varchar("created_by", { length: ID_LENGTH16 }),
   expires_at_ms: bigint("expires_at_ms", { mode: "number" }).notNull(),
   organization_id: varchar("organization_id", {
-    length: ID_LENGTH15
+    length: ID_LENGTH16
   }).notNull(),
   setup_session_id: varchar("setup_session_id", {
-    length: ID_LENGTH15
+    length: ID_LENGTH16
   }).primaryKey(),
-  token_hash: varchar("token_hash", { length: ID_LENGTH15 }).notNull().unique()
+  token_hash: varchar("token_hash", { length: ID_LENGTH16 }).notNull().unique()
 });
 var toSession = (row) => ({
   capabilities: row.capabilities,
@@ -21542,6 +21730,7 @@ var auth = async ({
 };
 export {
   writeWarrant,
+  webhookDeliveriesTable,
   webauthnRoutes,
   webauthnCredentialsTable,
   warrantsTable,
@@ -21707,6 +21896,7 @@ export {
   createRiskEngine,
   createRedisLockoutStore,
   createRedisAuthSessionStore,
+  createPostgresWebhookDeliveryStore,
   createPostgresWebAuthnCredentialStore,
   createPostgresWarrantStore,
   createPostgresVaultStore,
@@ -21731,6 +21921,7 @@ export {
   createPostgresAccessTokenStore,
   createOrganization,
   createOAuthLinkedProviderCredentialResolver,
+  createNeonWebhookDeliveryStore,
   createNeonWebAuthnCredentialStore,
   createNeonWarrantStore,
   createNeonVaultStore,
@@ -21761,6 +21952,7 @@ export {
   createMembershipPermissionResolver,
   createLockoutGuard,
   createLinkedProviderCredentialResolver,
+  createInMemoryWebhookDeliveryStore,
   createInMemoryWebAuthnCredentialStore,
   createInMemoryWarrantStore,
   createInMemoryVaultStore,
@@ -21818,6 +22010,7 @@ export {
   acceptInvitation,
   WEBAUTHN_CHALLENGE_COOKIE,
   DEFAULT_WEBHOOK_TIMEOUT_MS,
+  DEFAULT_WEBHOOK_RETRY,
   DEFAULT_WEBAUTHN_SESSION_TTL_MS,
   DEFAULT_WEBAUTHN_ROUTE,
   DEFAULT_WEBAUTHN_CHALLENGE_TTL_MS,
@@ -21846,5 +22039,5 @@ export {
   AuthIdentityConflictError
 };
-//# debugId=E246ECC6A14E235864756E2164756E21
+//# debugId=451C9751C02E5E2164756E2164756E21
 //# sourceMappingURL=index.js.map