@abtnode/core 1.16.43-beta-20250425-130658-8da18f4d → 1.16.43-beta-20250427-132304-6da95c55

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/lib/blocklet/migration-dist/migration.cjs +8 -4
  2. package/lib/router/helper.js +11 -1
  3. package/lib/router/index.js +18 -3
  4. package/lib/states/audit-log.js +1 -1
  5. package/lib/validators/node.js +22 -4
  6. package/package.json +23 -23
package/lib/blocklet/migration-dist/migration.cjs CHANGED
@@ -548,6 +548,7 @@ module.exports = Object.freeze({
548
548
  WELLKNOWN_ACME_CHALLENGE_PREFIX: '/.well-known/acme-challenge',
549
549
  WELLKNOWN_DID_RESOLVER_PREFIX: '/.well-known/did.json', // server wellknown endpoint
550
550
  WELLKNOWN_OAUTH_SERVER: '/.well-known/oauth-authorization-server',
551
+ WELLKNOWN_OPENID_SERVER: '/.well-known/openid-configuration',
551
552
  WELLKNOWN_BLACKLIST_PREFIX: '/.well-known/blacklist',
552
553
  WELLKNOWN_PING_PREFIX: '/.well-known/ping',
553
554
  WELLKNOWN_ANALYTICS_PREFIX: '/.well-known/analytics',
@@ -616,10 +617,10 @@ module.exports = Object.freeze({
616
617
  WHO_CAN_ACCESS,
617
618
  WHO_CAN_ACCESS_PREFIX_ROLES: 'roles:',
618
619
 
619
- GATEWAY_REQ_LIMIT: Object.freeze({
620
- min: 10,
621
- max: 100,
622
- }),
620
+ GATEWAY_RATE_LIMIT: { min: 5, max: 500 },
621
+ GATEWAY_RATE_LIMIT_BURST_FACTOR: { min: 1, max: 10 },
622
+ GATEWAY_RATE_LIMIT_GLOBAL: { min: 100, max: 5000 },
623
+ GATEWAY_RATE_LIMIT_METHODS: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS', 'HEAD'],
623
624
 
624
625
  // Store
625
626
  STORE_DETAIL_PAGE_PATH_PREFIX: '/blocklets',
@@ -817,6 +818,9 @@ module.exports = Object.freeze({
817
818
  TOKEN: '/token',
818
819
  REGISTRATION: '/register',
819
820
  REVOCATION: '/revoke',
821
+ USERINFO: '/userinfo',
822
+ JWKS: '/jwks',
823
+ LOGOUT: '/logout',
820
824
  },
821
825
  OAUTH_CODE_TTL: 10 * 60, // 10 minutes
822
826
  OAUTH_ACCESS_TOKEN_TTL: 24 * 60 * 60, // 1 day
package/lib/router/helper.js CHANGED
@@ -45,6 +45,7 @@ const {
45
45
  WELLKNOWN_ACME_CHALLENGE_PREFIX,
46
46
  WELLKNOWN_DID_RESOLVER_PREFIX,
47
47
  WELLKNOWN_OAUTH_SERVER,
48
+ WELLKNOWN_OPENID_SERVER,
48
49
  WELLKNOWN_PING_PREFIX,
49
50
  WELLKNOWN_ANALYTICS_PREFIX,
50
51
  LOG_RETAIN_IN_DAYS,
@@ -941,6 +942,12 @@ module.exports = function getRouterHelpers({
941
942
  to: proxyTarget,
942
943
  };
943
944
 
945
+ const openidWellknownRule = {
946
+ isProtected: true,
947
+ from: { pathPrefix: WELLKNOWN_OPENID_SERVER },
948
+ to: proxyTarget,
949
+ };
950
+
944
951
  if (site) {
945
952
  const didResolverRuleUpdateRes = await upsertSiteRule({ site, rule: didResolverWellknownRule }, context);
946
953
  const acmeRuleUpdateRes = await upsertSiteRule({ site, rule: acmeChallengeWellknownRule }, context);
@@ -948,13 +955,15 @@ module.exports = function getRouterHelpers({
948
955
  const pingRuleRes = await upsertSiteRule({ site, rule: pingWellknownRule }, context);
949
956
  const analyticsRuleRes = await upsertSiteRule({ site, rule: analyticsWellknownRule }, context);
950
957
  const oauthServerRuleRes = await upsertSiteRule({ site, rule: oauthServerWellknownRule }, context);
958
+ const openidRuleRes = await upsertSiteRule({ site, rule: openidWellknownRule }, context);
951
959
  return (
952
960
  didResolverRuleUpdateRes ||
953
961
  acmeRuleUpdateRes ||
954
962
  blacklistUpdateRes ||
955
963
  pingRuleRes ||
956
964
  analyticsRuleRes ||
957
- oauthServerRuleRes
965
+ oauthServerRuleRes ||
966
+ openidRuleRes
958
967
  );
959
968
  }
960
969
 
@@ -971,6 +980,7 @@ module.exports = function getRouterHelpers({
971
980
  pingWellknownRule,
972
981
  analyticsWellknownRule,
973
982
  oauthServerWellknownRule,
983
+ openidWellknownRule,
974
984
  ],
975
985
  isProtected: true,
976
986
  },
package/lib/router/index.js CHANGED
@@ -11,7 +11,9 @@ const {
11
11
  DEFAULT_IP_DOMAIN,
12
12
  BLOCKLET_PROXY_PATH_PREFIX,
13
13
  BLOCKLET_SITE_GROUP_SUFFIX,
14
- GATEWAY_REQ_LIMIT,
14
+ GATEWAY_RATE_LIMIT,
15
+ GATEWAY_RATE_LIMIT_GLOBAL,
16
+ GATEWAY_RATE_LIMIT_METHODS,
15
17
  } = require('@abtnode/constant');
16
18
  const { BLOCKLET_UI_INTERFACES, BLOCKLET_MODES } = require('@blocklet/constant');
17
19
 
@@ -120,9 +122,22 @@ class Router {
120
122
 
121
123
  this.routingTable = getRoutingTable({ sites, nodeInfo });
122
124
 
123
- const requestLimit = nodeInfo.routing.requestLimit || { enabled: false, rate: GATEWAY_REQ_LIMIT.min };
125
+ const requestLimit = Object.assign(
126
+ {
127
+ enabled: false,
128
+ rate: GATEWAY_RATE_LIMIT.min,
129
+ global: GATEWAY_RATE_LIMIT_GLOBAL.min,
130
+ methods: GATEWAY_RATE_LIMIT_METHODS,
131
+ burstFactor: 2,
132
+ },
133
+ nodeInfo.routing.requestLimit
134
+ );
124
135
  if (requestLimit.enabled) {
125
- requestLimit.maxInstantRate = requestLimit.rate >= 20 ? 20 : requestLimit.rate + 20;
136
+ requestLimit.burst = Math.min(Math.round(requestLimit.rate * requestLimit.burstFactor), GATEWAY_RATE_LIMIT.max);
137
+ requestLimit.burstGlobal = Math.min(
138
+ Math.round(requestLimit.global * requestLimit.burstFactor),
139
+ GATEWAY_RATE_LIMIT_GLOBAL.max
140
+ );
126
141
  }
127
142
 
128
143
  const blockPolicy = nodeInfo.routing.blockPolicy || { enabled: false, blacklist: [] };
package/lib/states/audit-log.js CHANGED
@@ -350,7 +350,7 @@ const getLogContent = async (action, args, context, result, info, node) => {
350
350
  case 'switchPassport':
351
351
  return `${args?.provider ? `${args?.provider} ` : ''}${user} switched passport to ${args?.passport?.name}`;
352
352
  case 'login':
353
- return `${args?.provider ? `${args?.provider} ` : ''}${user} logged in with passport ${args?.passport?.name}`;
353
+ return `${args?.provider ? `${args?.provider} ` : ''}${user} logged in with passport ${args?.passport?.name || 'Guest'}`;
354
354
  case 'configPassportIssuance':
355
355
  return `${args.enabled ? 'enabled' : 'disabled'} passport issuance`;
356
356
  case 'createPassportIssuance':
package/lib/validators/node.js CHANGED
@@ -1,5 +1,10 @@
1
1
  /* eslint-disable newline-per-chained-call */
2
- const { GATEWAY_REQ_LIMIT } = require('@abtnode/constant');
2
+ const {
3
+ GATEWAY_RATE_LIMIT,
4
+ GATEWAY_RATE_LIMIT_GLOBAL,
5
+ GATEWAY_RATE_LIMIT_METHODS,
6
+ GATEWAY_RATE_LIMIT_BURST_FACTOR,
7
+ } = require('@abtnode/constant');
3
8
  const Joi = require('joi');
4
9
  const isIp = require('is-ip');
5
10
  const isUrl = require('is-url');
@@ -64,11 +69,24 @@ const nodeInfoSchema = Joi.object({
64
69
  const updateGatewaySchema = Joi.object({
65
70
  requestLimit: Joi.object({
66
71
  enabled: Joi.bool().required(),
72
+ global: Joi.number()
73
+ .min(GATEWAY_RATE_LIMIT_GLOBAL.min)
74
+ .max(GATEWAY_RATE_LIMIT_GLOBAL.max)
75
+ .when('requestLimit.enabled', { is: true, then: Joi.required() }),
76
+ burstFactor: Joi.number()
77
+ .min(GATEWAY_RATE_LIMIT_BURST_FACTOR.min)
78
+ .max(GATEWAY_RATE_LIMIT_BURST_FACTOR.max)
79
+ .default(2)
80
+ .when('requestLimit.enabled', { is: true, then: Joi.required() }),
67
81
  rate: Joi.number()
68
- .min(GATEWAY_REQ_LIMIT.min)
69
- .max(GATEWAY_REQ_LIMIT.max)
82
+ .min(GATEWAY_RATE_LIMIT.min)
83
+ .max(GATEWAY_RATE_LIMIT.max)
84
+ .when('requestLimit.enabled', { is: true, then: Joi.required() }),
85
+ methods: Joi.array()
86
+ .items(Joi.string().valid(...GATEWAY_RATE_LIMIT_METHODS))
87
+ .min(1)
88
+ .default(GATEWAY_RATE_LIMIT_METHODS)
70
89
  .when('requestLimit.enabled', { is: true, then: Joi.required() }),
71
- ipHeader: Joi.string().allow('').trim(),
72
90
  }),
73
91
  cacheEnabled: Joi.bool().optional().default(true),
74
92
  blockPolicy: Joi.object({
package/package.json CHANGED
@@ -3,7 +3,7 @@
3
3
  "publishConfig": {
4
4
  "access": "public"
5
5
  },
6
- "version": "1.16.43-beta-20250425-130658-8da18f4d",
6
+ "version": "1.16.43-beta-20250427-132304-6da95c55",
7
7
  "description": "",
8
8
  "main": "lib/index.js",
9
9
  "files": [
@@ -19,21 +19,21 @@
19
19
  "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
20
20
  "license": "Apache-2.0",
21
21
  "dependencies": {
22
- "@abtnode/analytics": "1.16.43-beta-20250425-130658-8da18f4d",
23
- "@abtnode/auth": "1.16.43-beta-20250425-130658-8da18f4d",
24
- "@abtnode/certificate-manager": "1.16.43-beta-20250425-130658-8da18f4d",
25
- "@abtnode/client": "1.16.43-beta-20250425-130658-8da18f4d",
26
- "@abtnode/constant": "1.16.43-beta-20250425-130658-8da18f4d",
27
- "@abtnode/cron": "1.16.43-beta-20250425-130658-8da18f4d",
28
- "@abtnode/docker-utils": "1.16.43-beta-20250425-130658-8da18f4d",
29
- "@abtnode/logger": "1.16.43-beta-20250425-130658-8da18f4d",
30
- "@abtnode/models": "1.16.43-beta-20250425-130658-8da18f4d",
31
- "@abtnode/queue": "1.16.43-beta-20250425-130658-8da18f4d",
32
- "@abtnode/rbac": "1.16.43-beta-20250425-130658-8da18f4d",
33
- "@abtnode/router-provider": "1.16.43-beta-20250425-130658-8da18f4d",
34
- "@abtnode/static-server": "1.16.43-beta-20250425-130658-8da18f4d",
35
- "@abtnode/timemachine": "1.16.43-beta-20250425-130658-8da18f4d",
36
- "@abtnode/util": "1.16.43-beta-20250425-130658-8da18f4d",
22
+ "@abtnode/analytics": "1.16.43-beta-20250427-132304-6da95c55",
23
+ "@abtnode/auth": "1.16.43-beta-20250427-132304-6da95c55",
24
+ "@abtnode/certificate-manager": "1.16.43-beta-20250427-132304-6da95c55",
25
+ "@abtnode/client": "1.16.43-beta-20250427-132304-6da95c55",
26
+ "@abtnode/constant": "1.16.43-beta-20250427-132304-6da95c55",
27
+ "@abtnode/cron": "1.16.43-beta-20250427-132304-6da95c55",
28
+ "@abtnode/docker-utils": "1.16.43-beta-20250427-132304-6da95c55",
29
+ "@abtnode/logger": "1.16.43-beta-20250427-132304-6da95c55",
30
+ "@abtnode/models": "1.16.43-beta-20250427-132304-6da95c55",
31
+ "@abtnode/queue": "1.16.43-beta-20250427-132304-6da95c55",
32
+ "@abtnode/rbac": "1.16.43-beta-20250427-132304-6da95c55",
33
+ "@abtnode/router-provider": "1.16.43-beta-20250427-132304-6da95c55",
34
+ "@abtnode/static-server": "1.16.43-beta-20250427-132304-6da95c55",
35
+ "@abtnode/timemachine": "1.16.43-beta-20250427-132304-6da95c55",
36
+ "@abtnode/util": "1.16.43-beta-20250427-132304-6da95c55",
37
37
  "@arcblock/did": "1.20.2",
38
38
  "@arcblock/did-auth": "1.20.2",
39
39
  "@arcblock/did-ext": "^1.20.2",
@@ -44,14 +44,14 @@
44
44
  "@arcblock/pm2-events": "^0.0.5",
45
45
  "@arcblock/validator": "^1.20.2",
46
46
  "@arcblock/vc": "1.20.2",
47
- "@blocklet/constant": "1.16.43-beta-20250425-130658-8da18f4d",
47
+ "@blocklet/constant": "1.16.43-beta-20250427-132304-6da95c55",
48
48
  "@blocklet/did-space-js": "^1.0.48",
49
- "@blocklet/env": "1.16.43-beta-20250425-130658-8da18f4d",
49
+ "@blocklet/env": "1.16.43-beta-20250427-132304-6da95c55",
50
50
  "@blocklet/error": "^0.2.4",
51
- "@blocklet/meta": "1.16.43-beta-20250425-130658-8da18f4d",
52
- "@blocklet/resolver": "1.16.43-beta-20250425-130658-8da18f4d",
53
- "@blocklet/sdk": "1.16.43-beta-20250425-130658-8da18f4d",
54
- "@blocklet/store": "1.16.43-beta-20250425-130658-8da18f4d",
51
+ "@blocklet/meta": "1.16.43-beta-20250427-132304-6da95c55",
52
+ "@blocklet/resolver": "1.16.43-beta-20250427-132304-6da95c55",
53
+ "@blocklet/sdk": "1.16.43-beta-20250427-132304-6da95c55",
54
+ "@blocklet/store": "1.16.43-beta-20250427-132304-6da95c55",
55
55
  "@blocklet/theme": "^2.13.12",
56
56
  "@fidm/x509": "^1.2.1",
57
57
  "@ocap/mcrypto": "1.20.2",
@@ -116,5 +116,5 @@
116
116
  "jest": "^29.7.0",
117
117
  "unzipper": "^0.10.11"
118
118
  },
119
- "gitHead": "b5195a0290d5ced00bb716a709548b1a56356134"
119
+ "gitHead": "9df10dcb3135a528912241e7fc1ed54171bfeb03"
120
120
  }