@adgenit/shared 0.1.0

package/lib/auth/AuthenticatedRequest.d.ts

@@ -0,0 +1,20 @@
+import type { Request } from 'express';
+export interface UserContext {
+    userId: string;
+    email: string;
+    plan: string;
+}
+export interface IntrospectedUser extends UserContext {
+    fullName: string;
+    emailVerified: boolean;
+}
+export interface ServiceTokenPayload {
+    type: 'service';
+    serviceId: string;
+    scopes?: string[];
+}
+export interface AuthenticatedRequest extends Request {
+    user?: UserContext;
+    service?: ServiceTokenPayload;
+}
+//# sourceMappingURL=AuthenticatedRequest.d.ts.map

package/lib/auth/AuthenticatedRequest.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthenticatedRequest.d.ts","sourceRoot":"","sources":["../../src/auth/AuthenticatedRequest.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAEvC,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,gBAAiB,SAAQ,WAAW;IACnD,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,SAAS,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,MAAM,WAAW,oBAAqB,SAAQ,OAAO;IACnD,IAAI,CAAC,EAAE,WAAW,CAAC;IACnB,OAAO,CAAC,EAAE,mBAAmB,CAAC;CAC/B"}

package/lib/auth/AuthenticatedRequest.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=AuthenticatedRequest.js.map

package/lib/auth/AuthenticatedRequest.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthenticatedRequest.js","sourceRoot":"","sources":["../../src/auth/AuthenticatedRequest.ts"],"names":[],"mappings":""}

package/lib/auth/ServiceAuthMiddleware.d.ts

@@ -0,0 +1,4 @@
+import type { Request, Response, NextFunction } from 'express';
+import { ServiceTokenVerifier } from './ServiceTokenVerifier.js';
+export declare function serviceAuthMiddleware(verifier: ServiceTokenVerifier): (req: Request, res: Response, next: NextFunction) => void;
+//# sourceMappingURL=ServiceAuthMiddleware.d.ts.map

package/lib/auth/ServiceAuthMiddleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ServiceAuthMiddleware.d.ts","sourceRoot":"","sources":["../../src/auth/ServiceAuthMiddleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC/D,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAGjE,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,oBAAoB,IAC1D,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,KAAG,IAAI,CAkB/D"}

package/lib/auth/ServiceAuthMiddleware.js

@@ -0,0 +1,19 @@
+export function serviceAuthMiddleware(verifier) {
+    return (req, res, next) => {
+        const authHeader = req.headers.authorization;
+        if (authHeader === undefined || !authHeader.startsWith('Bearer ')) {
+            res.status(401).json({ error: 'Missing or invalid service authorization header' });
+            return;
+        }
+        const token = authHeader.slice(7);
+        try {
+            const payload = verifier.verify(token);
+            req.service = payload;
+            next();
+        }
+        catch {
+            res.status(403).json({ error: 'Invalid or expired service token' });
+        }
+    };
+}
+//# sourceMappingURL=ServiceAuthMiddleware.js.map

package/lib/auth/ServiceAuthMiddleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ServiceAuthMiddleware.js","sourceRoot":"","sources":["../../src/auth/ServiceAuthMiddleware.ts"],"names":[],"mappings":"AAIA,MAAM,UAAU,qBAAqB,CAAC,QAA8B;IAClE,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAQ,EAAE;QAC/D,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;QAE7C,IAAI,UAAU,KAAK,SAAS,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAClE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iDAAiD,EAAE,CAAC,CAAC;YACnF,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAElC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACtC,GAA4B,CAAC,OAAO,GAAG,OAAO,CAAC;YAChD,IAAI,EAAE,CAAC;QACT,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kCAAkC,EAAE,CAAC,CAAC;QACtE,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}

package/lib/auth/ServiceTokenProvider.d.ts

@@ -0,0 +1,11 @@
+export interface ServiceTokenPayload {
+    type: 'service';
+    serviceId: string;
+    scopes?: string[];
+}
+export declare class ServiceTokenProvider {
+    private readonly secret;
+    constructor(secret: string);
+    sign(serviceId: string, scopes?: string[], expiresIn?: string | number): string;
+}
+//# sourceMappingURL=ServiceTokenProvider.d.ts.map

package/lib/auth/ServiceTokenProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ServiceTokenProvider.d.ts","sourceRoot":"","sources":["../../src/auth/ServiceTokenProvider.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,SAAS,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,qBAAa,oBAAoB;IACnB,OAAO,CAAC,QAAQ,CAAC,MAAM;gBAAN,MAAM,EAAE,MAAM;IAE3C,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,EAAE,SAAS,GAAE,MAAM,GAAG,MAAa,GAAG,MAAM;CAOtF"}

package/lib/auth/ServiceTokenProvider.js

@@ -0,0 +1,11 @@
+import jwt from 'jsonwebtoken';
+export class ServiceTokenProvider {
+    secret;
+    constructor(secret) {
+        this.secret = secret;
+    }
+    sign(serviceId, scopes, expiresIn = '1h') {
+        return jwt.sign({ type: 'service', serviceId, scopes }, this.secret, { expiresIn });
+    }
+}
+//# sourceMappingURL=ServiceTokenProvider.js.map

package/lib/auth/ServiceTokenProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ServiceTokenProvider.js","sourceRoot":"","sources":["../../src/auth/ServiceTokenProvider.ts"],"names":[],"mappings":"AAAA,OAAO,GAAyB,MAAM,cAAc,CAAC;AAQrD,MAAM,OAAO,oBAAoB;IACF;IAA7B,YAA6B,MAAc;QAAd,WAAM,GAAN,MAAM,CAAQ;IAAG,CAAC;IAE/C,IAAI,CAAC,SAAiB,EAAE,MAAiB,EAAE,YAA6B,IAAI;QAC1E,OAAO,GAAG,CAAC,IAAI,CACb,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,EAAyB,EAC7D,IAAI,CAAC,MAAM,EACX,EAAE,SAAS,EAAiB,CAC7B,CAAC;IACJ,CAAC;CACF"}

package/lib/auth/ServiceTokenVerifier.d.ts

@@ -0,0 +1,7 @@
+import type { ServiceTokenPayload } from './AuthenticatedRequest.js';
+export declare class ServiceTokenVerifier {
+    private readonly secret;
+    constructor(secret: string);
+    verify(token: string): ServiceTokenPayload;
+}
+//# sourceMappingURL=ServiceTokenVerifier.d.ts.map

package/lib/auth/ServiceTokenVerifier.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ServiceTokenVerifier.d.ts","sourceRoot":"","sources":["../../src/auth/ServiceTokenVerifier.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAErE,qBAAa,oBAAoB;IACnB,OAAO,CAAC,QAAQ,CAAC,MAAM;gBAAN,MAAM,EAAE,MAAM;IAE3C,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,mBAAmB;CAc3C"}

package/lib/auth/ServiceTokenVerifier.js

@@ -0,0 +1,18 @@
+import jwt from 'jsonwebtoken';
+export class ServiceTokenVerifier {
+    secret;
+    constructor(secret) {
+        this.secret = secret;
+    }
+    verify(token) {
+        const decoded = jwt.verify(token, this.secret);
+        if (typeof decoded !== 'object' ||
+            decoded === null ||
+            decoded.type !== 'service' ||
+            typeof decoded.serviceId !== 'string') {
+            throw new Error('Invalid service token payload');
+        }
+        return decoded;
+    }
+}
+//# sourceMappingURL=ServiceTokenVerifier.js.map

package/lib/auth/ServiceTokenVerifier.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ServiceTokenVerifier.js","sourceRoot":"","sources":["../../src/auth/ServiceTokenVerifier.ts"],"names":[],"mappings":"AAAA,OAAO,GAAG,MAAM,cAAc,CAAC;AAG/B,MAAM,OAAO,oBAAoB;IACF;IAA7B,YAA6B,MAAc;QAAd,WAAM,GAAN,MAAM,CAAQ;IAAG,CAAC;IAE/C,MAAM,CAAC,KAAa;QAClB,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QAE/C,IACE,OAAO,OAAO,KAAK,QAAQ;YAC3B,OAAO,KAAK,IAAI;YAChB,OAAO,CAAC,IAAI,KAAK,SAAS;YAC1B,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,EACrC,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QACnD,CAAC;QAED,OAAO,OAA8B,CAAC;IACxC,CAAC;CACF"}

package/lib/auth/UserContextClient.d.ts

@@ -0,0 +1,23 @@
+import type { UserContext, IntrospectedUser } from './AuthenticatedRequest.js';
+export interface UserContextClientOptions {
+    baseUrl: string;
+    serviceToken: string;
+    fetchImpl?: typeof fetch;
+}
+export interface VerifyResponse {
+    valid: boolean;
+    user?: UserContext;
+}
+export interface IntrospectResponse {
+    active: boolean;
+    user?: IntrospectedUser;
+}
+export declare class UserContextClient {
+    private readonly baseUrl;
+    private readonly serviceToken;
+    private readonly fetchImpl;
+    constructor(options: UserContextClientOptions);
+    verify(token: string): Promise<UserContext | null>;
+    introspect(token: string): Promise<IntrospectResponse | null>;
+}
+//# sourceMappingURL=UserContextClient.d.ts.map

package/lib/auth/UserContextClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"UserContextClient.d.ts","sourceRoot":"","sources":["../../src/auth/UserContextClient.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAE/E,MAAM,WAAW,wBAAwB;IACvC,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,OAAO,KAAK,CAAC;CAC1B;AAED,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,OAAO,CAAC;IACf,IAAI,CAAC,EAAE,WAAW,CAAC;CACpB;AAED,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,OAAO,CAAC;IAChB,IAAI,CAAC,EAAE,gBAAgB,CAAC;CACzB;AAED,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;IACtC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAe;gBAE7B,OAAO,EAAE,wBAAwB;IAMvC,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAkBlD,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC;CAgBpE"}

package/lib/auth/UserContextClient.js

@@ -0,0 +1,40 @@
+export class UserContextClient {
+    baseUrl;
+    serviceToken;
+    fetchImpl;
+    constructor(options) {
+        this.baseUrl = options.baseUrl.replace(/\/$/, '');
+        this.serviceToken = options.serviceToken;
+        this.fetchImpl = options.fetchImpl ?? fetch;
+    }
+    async verify(token) {
+        const res = await this.fetchImpl(`${this.baseUrl}/internal/auth/verify`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                Authorization: `Bearer ${this.serviceToken}`,
+            },
+            body: JSON.stringify({ token }),
+        });
+        if (!res.ok) {
+            return null;
+        }
+        const body = (await res.json());
+        return body.valid && body.user !== undefined ? body.user : null;
+    }
+    async introspect(token) {
+        const res = await this.fetchImpl(`${this.baseUrl}/internal/auth/introspect`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                Authorization: `Bearer ${this.serviceToken}`,
+            },
+            body: JSON.stringify({ token }),
+        });
+        if (!res.ok) {
+            return null;
+        }
+        return (await res.json());
+    }
+}
+//# sourceMappingURL=UserContextClient.js.map

package/lib/auth/UserContextClient.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"UserContextClient.js","sourceRoot":"","sources":["../../src/auth/UserContextClient.ts"],"names":[],"mappings":"AAkBA,MAAM,OAAO,iBAAiB;IACX,OAAO,CAAS;IAChB,YAAY,CAAS;IACrB,SAAS,CAAe;IAEzC,YAAY,OAAiC;QAC3C,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAClD,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,KAAK,CAAC;IAC9C,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAAa;QACxB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,OAAO,uBAAuB,EAAE;YACvE,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,IAAI,CAAC,YAAY,EAAE;aAC7C;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,CAAC;SAChC,CAAC,CAAC;QAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAmB,CAAC;QAClD,OAAO,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;IAClE,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,KAAa;QAC5B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,OAAO,2BAA2B,EAAE;YAC3E,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,IAAI,CAAC,YAAY,EAAE;aAC7C;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,CAAC;SAChC,CAAC,CAAC;QAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAuB,CAAC;IAClD,CAAC;CACF"}

package/lib/auth/UserContextMiddleware.d.ts

@@ -0,0 +1,4 @@
+import type { Request, Response, NextFunction } from 'express';
+import { UserContextClient } from './UserContextClient.js';
+export declare function userContextMiddleware(client: UserContextClient): (req: Request, res: Response, next: NextFunction) => Promise<void>;
+//# sourceMappingURL=UserContextMiddleware.d.ts.map

package/lib/auth/UserContextMiddleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"UserContextMiddleware.d.ts","sourceRoot":"","sources":["../../src/auth/UserContextMiddleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAG3D,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,iBAAiB,IAC/C,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,KAAG,OAAO,CAAC,IAAI,CAAC,CAwB9E"}

package/lib/auth/UserContextMiddleware.js

@@ -0,0 +1,23 @@
+export function userContextMiddleware(client) {
+    return async (req, res, next) => {
+        const authHeader = req.headers.authorization;
+        if (authHeader === undefined || !authHeader.startsWith('Bearer ')) {
+            res.status(401).json({ error: 'Missing or invalid authorization header' });
+            return;
+        }
+        const token = authHeader.slice(7);
+        try {
+            const context = await client.verify(token);
+            if (context === null) {
+                res.status(401).json({ error: 'Invalid or expired token' });
+                return;
+            }
+            req.user = context;
+            next();
+        }
+        catch {
+            res.status(401).json({ error: 'Invalid or expired token' });
+        }
+    };
+}
+//# sourceMappingURL=UserContextMiddleware.js.map

package/lib/auth/UserContextMiddleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"UserContextMiddleware.js","sourceRoot":"","sources":["../../src/auth/UserContextMiddleware.ts"],"names":[],"mappings":"AAIA,MAAM,UAAU,qBAAqB,CAAC,MAAyB;IAC7D,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAiB,EAAE;QAC9E,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;QAE7C,IAAI,UAAU,KAAK,SAAS,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAClE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yCAAyC,EAAE,CAAC,CAAC;YAC3E,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAElC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAE3C,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;gBACrB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC,CAAC;gBAC5D,OAAO;YACT,CAAC;YAEA,GAA4B,CAAC,IAAI,GAAG,OAAO,CAAC;YAC7C,IAAI,EAAE,CAAC;QACT,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}

package/lib/auth/index.d.ts

@@ -0,0 +1,8 @@
+export { UserContextClient } from './UserContextClient.js';
+export { userContextMiddleware } from './UserContextMiddleware.js';
+export { ServiceTokenProvider } from './ServiceTokenProvider.js';
+export { ServiceTokenVerifier } from './ServiceTokenVerifier.js';
+export { serviceAuthMiddleware } from './ServiceAuthMiddleware.js';
+export type { UserContext, IntrospectedUser, ServiceTokenPayload, AuthenticatedRequest, } from './AuthenticatedRequest.js';
+export type { UserContextClientOptions, VerifyResponse, IntrospectResponse } from './UserContextClient.js';
+//# sourceMappingURL=index.d.ts.map

package/lib/auth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACjE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACjE,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACnE,YAAY,EACV,WAAW,EACX,gBAAgB,EAChB,mBAAmB,EACnB,oBAAoB,GACrB,MAAM,2BAA2B,CAAC;AACnC,YAAY,EAAE,wBAAwB,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC"}

package/lib/auth/index.js

@@ -0,0 +1,6 @@
+export { UserContextClient } from './UserContextClient.js';
+export { userContextMiddleware } from './UserContextMiddleware.js';
+export { ServiceTokenProvider } from './ServiceTokenProvider.js';
+export { ServiceTokenVerifier } from './ServiceTokenVerifier.js';
+export { serviceAuthMiddleware } from './ServiceAuthMiddleware.js';
+//# sourceMappingURL=index.js.map

package/lib/auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACjE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACjE,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC"}

package/lib/errors/AdGenError.d.ts

@@ -0,0 +1,21 @@
+export type ErrorCode = 'BAD_REQUEST' | 'UNAUTHORIZED' | 'FORBIDDEN' | 'NOT_FOUND' | 'CONFLICT' | 'RATE_LIMITED' | 'INTERNAL_ERROR' | 'SERVICE_UNAVAILABLE';
+export interface ErrorDetails {
+    field?: string;
+    message: string;
+}
+export declare class AdGenError extends Error {
+    readonly statusCode: number;
+    readonly code: ErrorCode;
+    readonly details?: ErrorDetails[];
+    readonly isOperational: boolean;
+    constructor(statusCode: number, code: ErrorCode, message: string, details?: ErrorDetails[], isOperational?: boolean);
+    static badRequest(message: string, details?: ErrorDetails[]): AdGenError;
+    static unauthorized(message?: string): AdGenError;
+    static forbidden(message?: string): AdGenError;
+    static notFound(message?: string): AdGenError;
+    static conflict(message: string): AdGenError;
+    static rateLimited(message?: string): AdGenError;
+    static internal(message?: string): AdGenError;
+    static unavailable(message?: string): AdGenError;
+}
+//# sourceMappingURL=AdGenError.d.ts.map

package/lib/errors/AdGenError.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AdGenError.d.ts","sourceRoot":"","sources":["../../src/errors/AdGenError.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,SAAS,GACjB,aAAa,GACb,cAAc,GACd,WAAW,GACX,WAAW,GACX,UAAU,GACV,cAAc,GACd,gBAAgB,GAChB,qBAAqB,CAAC;AAE1B,MAAM,WAAW,YAAY;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,qBAAa,UAAW,SAAQ,KAAK;IACnC,SAAgB,UAAU,EAAE,MAAM,CAAC;IACnC,SAAgB,IAAI,EAAE,SAAS,CAAC;IAChC,SAAgB,OAAO,CAAC,EAAE,YAAY,EAAE,CAAC;IACzC,SAAgB,aAAa,EAAE,OAAO,CAAC;gBAGrC,UAAU,EAAE,MAAM,EAClB,IAAI,EAAE,SAAS,EACf,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,YAAY,EAAE,EACxB,aAAa,UAAO;IAUtB,MAAM,CAAC,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,YAAY,EAAE,GAAG,UAAU;IAIxE,MAAM,CAAC,YAAY,CAAC,OAAO,SAAiB,GAAG,UAAU;IAIzD,MAAM,CAAC,SAAS,CAAC,OAAO,SAAc,GAAG,UAAU;IAInD,MAAM,CAAC,QAAQ,CAAC,OAAO,SAAc,GAAG,UAAU;IAIlD,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU;IAI5C,MAAM,CAAC,WAAW,CAAC,OAAO,SAAsB,GAAG,UAAU;IAI7D,MAAM,CAAC,QAAQ,CAAC,OAAO,SAA0B,GAAG,UAAU;IAI9D,MAAM,CAAC,WAAW,CAAC,OAAO,SAAwB,GAAG,UAAU;CAGhE"}

package/lib/errors/AdGenError.js

@@ -0,0 +1,39 @@
+export class AdGenError extends Error {
+    statusCode;
+    code;
+    details;
+    isOperational;
+    constructor(statusCode, code, message, details, isOperational = true) {
+        super(message);
+        this.statusCode = statusCode;
+        this.code = code;
+        this.details = details;
+        this.isOperational = isOperational;
+        Object.setPrototypeOf(this, AdGenError.prototype);
+    }
+    static badRequest(message, details) {
+        return new AdGenError(400, 'BAD_REQUEST', message, details);
+    }
+    static unauthorized(message = 'Unauthorized') {
+        return new AdGenError(401, 'UNAUTHORIZED', message);
+    }
+    static forbidden(message = 'Forbidden') {
+        return new AdGenError(403, 'FORBIDDEN', message);
+    }
+    static notFound(message = 'Not found') {
+        return new AdGenError(404, 'NOT_FOUND', message);
+    }
+    static conflict(message) {
+        return new AdGenError(409, 'CONFLICT', message);
+    }
+    static rateLimited(message = 'Too many requests') {
+        return new AdGenError(429, 'RATE_LIMITED', message);
+    }
+    static internal(message = 'Internal server error') {
+        return new AdGenError(500, 'INTERNAL_ERROR', message, undefined, false);
+    }
+    static unavailable(message = 'Service unavailable') {
+        return new AdGenError(503, 'SERVICE_UNAVAILABLE', message);
+    }
+}
+//# sourceMappingURL=AdGenError.js.map

package/lib/errors/AdGenError.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AdGenError.js","sourceRoot":"","sources":["../../src/errors/AdGenError.ts"],"names":[],"mappings":"AAeA,MAAM,OAAO,UAAW,SAAQ,KAAK;IACnB,UAAU,CAAS;IACnB,IAAI,CAAY;IAChB,OAAO,CAAkB;IACzB,aAAa,CAAU;IAEvC,YACE,UAAkB,EAClB,IAAe,EACf,OAAe,EACf,OAAwB,EACxB,aAAa,GAAG,IAAI;QAEpB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC;IACpD,CAAC;IAED,MAAM,CAAC,UAAU,CAAC,OAAe,EAAE,OAAwB;QACzD,OAAO,IAAI,UAAU,CAAC,GAAG,EAAE,aAAa,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,CAAC,YAAY,CAAC,OAAO,GAAG,cAAc;QAC1C,OAAO,IAAI,UAAU,CAAC,GAAG,EAAE,cAAc,EAAE,OAAO,CAAC,CAAC;IACtD,CAAC;IAED,MAAM,CAAC,SAAS,CAAC,OAAO,GAAG,WAAW;QACpC,OAAO,IAAI,UAAU,CAAC,GAAG,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAAO,GAAG,WAAW;QACnC,OAAO,IAAI,UAAU,CAAC,GAAG,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAAe;QAC7B,OAAO,IAAI,UAAU,CAAC,GAAG,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,CAAC,WAAW,CAAC,OAAO,GAAG,mBAAmB;QAC9C,OAAO,IAAI,UAAU,CAAC,GAAG,EAAE,cAAc,EAAE,OAAO,CAAC,CAAC;IACtD,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAAO,GAAG,uBAAuB;QAC/C,OAAO,IAAI,UAAU,CAAC,GAAG,EAAE,gBAAgB,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;IAC1E,CAAC;IAED,MAAM,CAAC,WAAW,CAAC,OAAO,GAAG,qBAAqB;QAChD,OAAO,IAAI,UAAU,CAAC,GAAG,EAAE,qBAAqB,EAAE,OAAO,CAAC,CAAC;IAC7D,CAAC;CACF"}

package/lib/errors/errorMiddleware.d.ts

@@ -0,0 +1,11 @@
+import type { Request, Response, NextFunction } from 'express';
+export interface ErrorResponse {
+    error: string;
+    code: string;
+    details?: Array<{
+        field?: string;
+        message: string;
+    }>;
+}
+export declare function errorMiddleware(err: Error, _req: Request, res: Response, _next: NextFunction): void;
+//# sourceMappingURL=errorMiddleware.d.ts.map

package/lib/errors/errorMiddleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errorMiddleware.d.ts","sourceRoot":"","sources":["../../src/errors/errorMiddleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAG/D,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,KAAK,CAAC;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CACtD;AAED,wBAAgB,eAAe,CAC7B,GAAG,EAAE,KAAK,EACV,IAAI,EAAE,OAAO,EACb,GAAG,EAAE,QAAQ,EACb,KAAK,EAAE,YAAY,GAClB,IAAI,CAiBN"}

package/lib/errors/errorMiddleware.js

@@ -0,0 +1,17 @@
+import { AdGenError } from './AdGenError.js';
+export function errorMiddleware(err, _req, res, _next) {
+    if (err instanceof AdGenError) {
+        const body = {
+            error: err.message,
+            code: err.code,
+        };
+        if (err.details !== undefined && err.details.length > 0) {
+            body.details = err.details;
+        }
+        res.status(err.statusCode).json(body);
+        return;
+    }
+    console.error('Unhandled error', err);
+    res.status(500).json({ error: 'Internal server error', code: 'INTERNAL_ERROR' });
+}
+//# sourceMappingURL=errorMiddleware.js.map

package/lib/errors/errorMiddleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errorMiddleware.js","sourceRoot":"","sources":["../../src/errors/errorMiddleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAQ7C,MAAM,UAAU,eAAe,CAC7B,GAAU,EACV,IAAa,EACb,GAAa,EACb,KAAmB;IAEnB,IAAI,GAAG,YAAY,UAAU,EAAE,CAAC;QAC9B,MAAM,IAAI,GAAkB;YAC1B,KAAK,EAAE,GAAG,CAAC,OAAO;YAClB,IAAI,EAAE,GAAG,CAAC,IAAI;SACf,CAAC;QAEF,IAAI,GAAG,CAAC,OAAO,KAAK,SAAS,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxD,IAAI,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC;QAC7B,CAAC;QAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtC,OAAO;IACT,CAAC;IAED,OAAO,CAAC,KAAK,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAAC;IACtC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,uBAAuB,EAAE,IAAI,EAAE,gBAAgB,EAAE,CAAC,CAAC;AACnF,CAAC"}

package/lib/index.d.ts

@@ -0,0 +1,13 @@
+export { AdGenError } from './errors/AdGenError.js';
+export { errorMiddleware } from './errors/errorMiddleware.js';
+export type { ErrorCode, ErrorDetails } from './errors/AdGenError.js';
+export type { ErrorResponse } from './errors/errorMiddleware.js';
+export { RateLimiter } from './rateLimit/RateLimiter.js';
+export { rateLimitMiddleware } from './rateLimit/rateLimitMiddleware.js';
+export type { RateLimitResult, RateLimiterOptions } from './rateLimit/RateLimiter.js';
+export type { RateLimitMiddlewareOptions } from './rateLimit/rateLimitMiddleware.js';
+export { UserContextClient, userContextMiddleware, ServiceTokenProvider, ServiceTokenVerifier, serviceAuthMiddleware, } from './auth/index.js';
+export type { UserContext, IntrospectedUser, ServiceTokenPayload, AuthenticatedRequest, UserContextClientOptions, VerifyResponse, IntrospectResponse, } from './auth/index.js';
+export { requestIdMiddleware, REQUEST_ID_HEADER } from './requestId/requestIdMiddleware.js';
+export { validate, ValidationTarget } from './validation/validate.js';
+//# sourceMappingURL=index.d.ts.map

package/lib/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,YAAY,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtE,YAAY,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAEjE,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AACzE,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AACtF,YAAY,EAAE,0BAA0B,EAAE,MAAM,oCAAoC,CAAC;AAErF,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,oBAAoB,EACpB,oBAAoB,EACpB,qBAAqB,GACtB,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,WAAW,EACX,gBAAgB,EAChB,mBAAmB,EACnB,oBAAoB,EACpB,wBAAwB,EACxB,cAAc,EACd,kBAAkB,GACnB,MAAM,iBAAiB,CAAC;AAEzB,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAE5F,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC"}

package/lib/index.js

@@ -0,0 +1,8 @@
+export { AdGenError } from './errors/AdGenError.js';
+export { errorMiddleware } from './errors/errorMiddleware.js';
+export { RateLimiter } from './rateLimit/RateLimiter.js';
+export { rateLimitMiddleware } from './rateLimit/rateLimitMiddleware.js';
+export { UserContextClient, userContextMiddleware, ServiceTokenProvider, ServiceTokenVerifier, serviceAuthMiddleware, } from './auth/index.js';
+export { requestIdMiddleware, REQUEST_ID_HEADER } from './requestId/requestIdMiddleware.js';
+export { validate, ValidationTarget } from './validation/validate.js';
+//# sourceMappingURL=index.js.map

package/lib/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAI9D,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AAIzE,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,oBAAoB,EACpB,oBAAoB,EACpB,qBAAqB,GACtB,MAAM,iBAAiB,CAAC;AAWzB,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAE5F,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC"}

package/lib/rateLimit/RateLimiter.d.ts

@@ -0,0 +1,22 @@
+import type { Redis as RedisType } from 'ioredis';
+export interface RateLimitResult {
+    allowed: boolean;
+    limit: number;
+    remaining: number;
+    resetAt: number;
+}
+export interface RateLimiterOptions {
+    redis: RedisType;
+    windowMs: number;
+    maxRequests: number;
+    keyPrefix?: string;
+}
+export declare class RateLimiter {
+    private readonly redis;
+    private readonly windowMs;
+    private readonly maxRequests;
+    private readonly keyPrefix;
+    constructor(options: RateLimiterOptions);
+    isAllowed(key: string): Promise<RateLimitResult>;
+}
+//# sourceMappingURL=RateLimiter.d.ts.map

package/lib/rateLimit/RateLimiter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"RateLimiter.d.ts","sourceRoot":"","sources":["../../src/rateLimit/RateLimiter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,KAAK,IAAI,SAAS,EAAE,MAAM,SAAS,CAAC;AAElD,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,SAAS,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAY;IAClC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;gBAEvB,OAAO,EAAE,kBAAkB;IAOjC,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC;CAiCvD"}

package/lib/rateLimit/RateLimiter.js

@@ -0,0 +1,40 @@
+export class RateLimiter {
+    redis;
+    windowMs;
+    maxRequests;
+    keyPrefix;
+    constructor(options) {
+        this.redis = options.redis;
+        this.windowMs = options.windowMs;
+        this.maxRequests = options.maxRequests;
+        this.keyPrefix = options.keyPrefix ?? 'ratelimit';
+    }
+    async isAllowed(key) {
+        const windowSeconds = Math.ceil(this.windowMs / 1000);
+        const now = Date.now();
+        const resetAt = Math.ceil((now + this.windowMs) / 1000);
+        const redisKey = `${this.keyPrefix}:${key}`;
+        const pipeline = this.redis.pipeline();
+        pipeline.incr(redisKey);
+        pipeline.ttl(redisKey);
+        const pipelineResult = await pipeline.exec();
+        if (pipelineResult === null) {
+            throw new Error('Redis pipeline failed');
+        }
+        const [incrResult, ttlResult] = pipelineResult;
+        const count = incrResult?.[1];
+        const ttl = ttlResult?.[1];
+        if (ttl === -1) {
+            await this.redis.expire(redisKey, windowSeconds);
+        }
+        const allowed = count <= this.maxRequests;
+        const remaining = Math.max(0, this.maxRequests - count);
+        return {
+            allowed,
+            limit: this.maxRequests,
+            remaining,
+            resetAt,
+        };
+    }
+}
+//# sourceMappingURL=RateLimiter.js.map

package/lib/rateLimit/RateLimiter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"RateLimiter.js","sourceRoot":"","sources":["../../src/rateLimit/RateLimiter.ts"],"names":[],"mappings":"AAgBA,MAAM,OAAO,WAAW;IACL,KAAK,CAAY;IACjB,QAAQ,CAAS;IACjB,WAAW,CAAS;IACpB,SAAS,CAAS;IAEnC,YAAY,OAA2B;QACrC,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;QAC3B,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;QACvC,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,WAAW,CAAC;IACpD,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,GAAW;QACzB,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;QACtD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC;QACxD,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC;QAE5C,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;QACvC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACxB,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACvB,MAAM,cAAc,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAE7C,IAAI,cAAc,KAAK,IAAI,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC3C,CAAC;QAED,MAAM,CAAC,UAAU,EAAE,SAAS,CAAC,GAAG,cAAc,CAAC;QAC/C,MAAM,KAAK,GAAG,UAAU,EAAE,CAAC,CAAC,CAAW,CAAC;QACxC,MAAM,GAAG,GAAG,SAAS,EAAE,CAAC,CAAC,CAAW,CAAC;QAErC,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;YACf,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;QACnD,CAAC;QAED,MAAM,OAAO,GAAG,KAAK,IAAI,IAAI,CAAC,WAAW,CAAC;QAC1C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC,CAAC;QAExD,OAAO;YACL,OAAO;YACP,KAAK,EAAE,IAAI,CAAC,WAAW;YACvB,SAAS;YACT,OAAO;SACR,CAAC;IACJ,CAAC;CACF"}

package/lib/rateLimit/rateLimitMiddleware.d.ts

@@ -0,0 +1,9 @@
+import type { Request, Response, NextFunction } from 'express';
+import { RateLimiter } from './RateLimiter.js';
+export interface RateLimitMiddlewareOptions {
+    limiter: RateLimiter;
+    keyExtractor: (req: Request) => string;
+    skip?: (req: Request) => boolean;
+}
+export declare function rateLimitMiddleware(options: RateLimitMiddlewareOptions): (req: Request, res: Response, next: NextFunction) => Promise<void>;
+//# sourceMappingURL=rateLimitMiddleware.d.ts.map

package/lib/rateLimit/rateLimitMiddleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rateLimitMiddleware.d.ts","sourceRoot":"","sources":["../../src/rateLimit/rateLimitMiddleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAG/C,MAAM,WAAW,0BAA0B;IACzC,OAAO,EAAE,WAAW,CAAC;IACrB,YAAY,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,CAAC;IACvC,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,OAAO,CAAC;CAClC;AAED,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,0BAA0B,IAGvD,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,KAAG,OAAO,CAAC,IAAI,CAAC,CAoB9E"}

package/lib/rateLimit/rateLimitMiddleware.js

@@ -0,0 +1,21 @@
+import { AdGenError } from '../errors/AdGenError.js';
+export function rateLimitMiddleware(options) {
+    const { limiter, keyExtractor, skip } = options;
+    return async (req, res, next) => {
+        if (skip?.(req) === true) {
+            next();
+            return;
+        }
+        const key = keyExtractor(req);
+        const result = await limiter.isAllowed(key);
+        res.setHeader('X-RateLimit-Limit', String(result.limit));
+        res.setHeader('X-RateLimit-Remaining', String(result.remaining));
+        res.setHeader('X-RateLimit-Reset', String(result.resetAt));
+        if (!result.allowed) {
+            next(AdGenError.rateLimited('Too many requests'));
+            return;
+        }
+        next();
+    };
+}
+//# sourceMappingURL=rateLimitMiddleware.js.map

package/lib/rateLimit/rateLimitMiddleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rateLimitMiddleware.js","sourceRoot":"","sources":["../../src/rateLimit/rateLimitMiddleware.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAQrD,MAAM,UAAU,mBAAmB,CAAC,OAAmC;IACrE,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IAEhD,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAiB,EAAE;QAC9E,IAAI,IAAI,EAAE,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;YACzB,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QAED,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAE5C,GAAG,CAAC,SAAS,CAAC,mBAAmB,EAAE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACzD,GAAG,CAAC,SAAS,CAAC,uBAAuB,EAAE,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC;QACjE,GAAG,CAAC,SAAS,CAAC,mBAAmB,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;QAE3D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAAC,CAAC;YAClD,OAAO;QACT,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC"}

package/lib/requestId/requestIdMiddleware.d.ts

@@ -0,0 +1,4 @@
+import type { Request, Response, NextFunction } from 'express';
+export declare const REQUEST_ID_HEADER = "x-request-id";
+export declare function requestIdMiddleware(headerName?: string): (req: Request, res: Response, next: NextFunction) => void;
+//# sourceMappingURL=requestIdMiddleware.d.ts.map

package/lib/requestId/requestIdMiddleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"requestIdMiddleware.d.ts","sourceRoot":"","sources":["../../src/requestId/requestIdMiddleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAG/D,eAAO,MAAM,iBAAiB,iBAAiB,CAAC;AAEhD,wBAAgB,mBAAmB,CACjC,UAAU,GAAE,MAA0B,GACrC,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,KAAK,IAAI,CAO3D"}

package/lib/requestId/requestIdMiddleware.js

@@ -0,0 +1,11 @@
+import { randomUUID } from 'crypto';
+export const REQUEST_ID_HEADER = 'x-request-id';
+export function requestIdMiddleware(headerName = REQUEST_ID_HEADER) {
+    return (req, res, next) => {
+        const requestId = req.get(headerName) ?? randomUUID();
+        req.headers[headerName.toLowerCase()] = requestId;
+        res.setHeader(headerName, requestId);
+        next();
+    };
+}
+//# sourceMappingURL=requestIdMiddleware.js.map

package/lib/requestId/requestIdMiddleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"requestIdMiddleware.js","sourceRoot":"","sources":["../../src/requestId/requestIdMiddleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAEpC,MAAM,CAAC,MAAM,iBAAiB,GAAG,cAAc,CAAC;AAEhD,MAAM,UAAU,mBAAmB,CACjC,aAAqB,iBAAiB;IAEtC,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAQ,EAAE;QAC/D,MAAM,SAAS,GAAG,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,UAAU,EAAE,CAAC;QACtD,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC,GAAG,SAAS,CAAC;QAClD,GAAG,CAAC,SAAS,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;QACrC,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC"}

package/lib/validation/validate.d.ts

@@ -0,0 +1,9 @@
+import type { Request, Response, NextFunction } from 'express';
+import type { ZodSchema } from 'zod';
+export declare enum ValidationTarget {
+    Body = "body",
+    Query = "query",
+    Params = "params"
+}
+export declare function validate<T>(schema: ZodSchema<T>, target?: ValidationTarget): (req: Request, _res: Response, next: NextFunction) => void;
+//# sourceMappingURL=validate.d.ts.map

package/lib/validation/validate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../src/validation/validate.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC/D,OAAO,KAAK,EAAE,SAAS,EAAY,MAAM,KAAK,CAAC;AAG/C,oBAAY,gBAAgB;IAC1B,IAAI,SAAS;IACb,KAAK,UAAU;IACf,MAAM,WAAW;CAClB;AAED,wBAAgB,QAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,GAAE,gBAAwC,IACxF,KAAK,OAAO,EAAE,MAAM,QAAQ,EAAE,MAAM,YAAY,KAAG,IAAI,CAehE"}

package/lib/validation/validate.js

@@ -0,0 +1,23 @@
+import { AdGenError } from '../errors/AdGenError.js';
+export var ValidationTarget;
+(function (ValidationTarget) {
+    ValidationTarget["Body"] = "body";
+    ValidationTarget["Query"] = "query";
+    ValidationTarget["Params"] = "params";
+})(ValidationTarget || (ValidationTarget = {}));
+export function validate(schema, target = ValidationTarget.Body) {
+    return (req, _res, next) => {
+        const result = schema.safeParse(req[target]);
+        if (!result.success) {
+            const zodError = result.error;
+            const details = zodError.issues.map((issue) => ({
+                field: issue.path.join('.'),
+                message: issue.message,
+            }));
+            next(AdGenError.badRequest('Invalid input', details));
+            return;
+        }
+        next();
+    };
+}
+//# sourceMappingURL=validate.js.map

package/lib/validation/validate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate.js","sourceRoot":"","sources":["../../src/validation/validate.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAErD,MAAM,CAAN,IAAY,gBAIX;AAJD,WAAY,gBAAgB;IAC1B,iCAAa,CAAA;IACb,mCAAe,CAAA;IACf,qCAAiB,CAAA;AACnB,CAAC,EAJW,gBAAgB,KAAhB,gBAAgB,QAI3B;AAED,MAAM,UAAU,QAAQ,CAAI,MAAoB,EAAE,SAA2B,gBAAgB,CAAC,IAAI;IAChG,OAAO,CAAC,GAAY,EAAE,IAAc,EAAE,IAAkB,EAAQ,EAAE;QAChE,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;QAE7C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,QAAQ,GAAG,MAAM,CAAC,KAAiB,CAAC;YAC1C,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;gBAC9C,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;gBAC3B,OAAO,EAAE,KAAK,CAAC,OAAO;aACvB,CAAC,CAAC,CAAC;YACJ,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC,CAAC;YACtD,OAAO;QACT,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC"}

package/package.json

@@ -0,0 +1,38 @@
+{
+  "name": "@adgenit/shared",
+  "version": "0.1.0",
+  "description": "Shared utilities for AdGen microservices",
+  "license": "UNLICENSED",
+  "type": "module",
+  "main": "lib/index.js",
+  "types": "lib/index.d.ts",
+  "files": [
+    "lib"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json",
+    "lint": "eslint src",
+    "lint:fix": "eslint src --fix",
+    "prepublishOnly": "npm run build"
+  },
+  "peerDependencies": {
+    "express": "^4.19.2",
+    "ioredis": "^5.10.1",
+    "jsonwebtoken": "^9.0.2",
+    "reflect-metadata": "^0.2.2",
+    "tsyringe": "^4.8.0",
+    "zod": "^3.23.8"
+  },
+  "devDependencies": {
+    "@types/express": "^4.17.21",
+    "@types/jsonwebtoken": "^9.0.6",
+    "@types/node": "^20.14.12",
+    "express": "^4.19.2",
+    "ioredis": "^5.10.1",
+    "jsonwebtoken": "^9.0.2",
+    "reflect-metadata": "^0.2.2",
+    "tsyringe": "^4.8.0",
+    "typescript": "^5.5.4",
+    "zod": "^3.23.8"
+  }
+}