@ar.io/sdk 3.12.0-beta.5 → 3.12.0-beta.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. package/bundles/web.bundle.min.js +130 -130
  2. package/lib/cjs/common/wayfinder/verification/strategies/data-root-verifier.js +17 -46
  3. package/lib/cjs/common/wayfinder/verification/strategies/hash-verifier.js +7 -30
  4. package/lib/cjs/common/wayfinder/verification/trusted.js +26 -10
  5. package/lib/cjs/common/wayfinder/wayfinder.js +99 -185
  6. package/lib/cjs/utils/hash.js +83 -31
  7. package/lib/cjs/version.js +1 -1
  8. package/lib/esm/common/wayfinder/verification/strategies/data-root-verifier.js +15 -43
  9. package/lib/esm/common/wayfinder/verification/strategies/hash-verifier.js +8 -31
  10. package/lib/esm/common/wayfinder/verification/trusted.js +26 -10
  11. package/lib/esm/common/wayfinder/wayfinder.js +96 -180
  12. package/lib/esm/utils/hash.js +74 -27
  13. package/lib/esm/version.js +1 -1
  14. package/lib/types/common/wayfinder/verification/strategies/data-root-verifier.d.ts +4 -8
  15. package/lib/types/common/wayfinder/verification/strategies/hash-verifier.d.ts +2 -3
  16. package/lib/types/common/wayfinder/wayfinder.d.ts +44 -58
  17. package/lib/types/types/wayfinder.d.ts +2 -2
  18. package/lib/types/utils/hash.d.ts +8 -4
  19. package/lib/types/version.d.ts +1 -1
  20. package/package.json +2 -1
package/lib/cjs/common/wayfinder/verification/strategies/data-root-verifier.js CHANGED
@@ -3,8 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
3
3
  return (mod && mod.__esModule) ? mod : { "default": mod };
4
4
  };
5
5
  Object.defineProperty(exports, "__esModule", { value: true });
6
- exports.DataRootVerificationStrategy = exports.convertReadableToDataRoot = void 0;
7
- exports.convertBufferToDataRoot = convertBufferToDataRoot;
6
+ exports.DataRootVerificationStrategy = exports.convertDataStreamToDataRoot = void 0;
8
7
  /**
9
8
  * Copyright (C) 2022-2024 Permanent Data Solutions, Inc.
10
9
  *
@@ -22,39 +21,16 @@ exports.convertBufferToDataRoot = convertBufferToDataRoot;
22
21
  */
23
22
  const arweave_1 = __importDefault(require("arweave"));
24
23
  const merkle_js_1 = require("arweave/node/lib/merkle.js");
25
- const node_stream_1 = require("node:stream");
26
24
  const base64_js_1 = require("../../../../utils/base64.js");
27
- async function convertBufferToDataRoot({ buffer, }) {
28
- const chunks = [];
29
- let cursor = 0;
30
- let offset = 0;
31
- while (offset < buffer.byteLength) {
32
- let chunkSize = Math.min(merkle_js_1.MAX_CHUNK_SIZE, buffer.byteLength - offset);
33
- const remainder = buffer.byteLength - offset - chunkSize;
34
- if (remainder > 0 && remainder < merkle_js_1.MIN_CHUNK_SIZE) {
35
- chunkSize = Math.ceil((buffer.byteLength - offset) / 2);
36
- }
37
- // subarray does not exist on web Buffer type
38
- const slice = buffer.subarray(offset, offset + chunkSize);
39
- const hash = await crypto.subtle.digest('SHA-256', slice);
40
- const hashArray = new Uint8Array(hash);
41
- chunks.push({
42
- dataHash: hashArray,
43
- minByteRange: cursor,
44
- maxByteRange: cursor + chunkSize,
45
- });
46
- cursor += chunkSize;
47
- offset += chunkSize;
48
- }
49
- const leaves = await (0, merkle_js_1.generateLeaves)(chunks);
50
- const result = await (0, merkle_js_1.buildLayers)(leaves);
51
- return Buffer.from(result.id).toString('base64url');
52
- }
53
- const convertReadableToDataRoot = async ({ iterable, }) => {
25
+ const hash_js_1 = require("../../../../utils/hash.js");
26
+ const convertDataStreamToDataRoot = async ({ dataStream, }) => {
54
27
  const chunks = [];
55
28
  let leftover = new Uint8Array(0);
56
29
  let cursor = 0;
57
- for await (const data of iterable) {
30
+ const asyncIterable = (0, hash_js_1.isAsyncIterable)(dataStream)
31
+ ? dataStream
32
+ : (0, hash_js_1.readableStreamToAsyncIterable)(dataStream);
33
+ for await (const data of asyncIterable) {
58
34
  const inputChunk = new Uint8Array(data.buffer, data.byteOffset, data.byteLength);
59
35
  const combined = new Uint8Array(leftover.length + inputChunk.length);
60
36
  combined.set(leftover, 0);
@@ -79,6 +55,7 @@ const convertReadableToDataRoot = async ({ iterable, }) => {
79
55
  leftover = combined.slice(startIndex);
80
56
  }
81
57
  if (leftover.length > 0) {
58
+ // TODO: ensure a web friendly crypto hash function is used in web
82
59
  const dataHash = await arweave_1.default.crypto.hash(leftover);
83
60
  chunks.push({
84
61
  dataHash,
@@ -90,27 +67,21 @@ const convertReadableToDataRoot = async ({ iterable, }) => {
90
67
  const root = await (0, merkle_js_1.buildLayers)(leaves);
91
68
  return (0, base64_js_1.toB64Url)(Buffer.from(root.id));
92
69
  };
93
- exports.convertReadableToDataRoot = convertReadableToDataRoot;
70
+ exports.convertDataStreamToDataRoot = convertDataStreamToDataRoot;
94
71
  class DataRootVerificationStrategy {
95
72
  trustedDataRootProvider;
96
73
  constructor({ trustedDataRootProvider, }) {
97
74
  this.trustedDataRootProvider = trustedDataRootProvider;
98
75
  }
99
76
  async verifyData({ data, txId, }) {
100
- const trustedDataRootPromise = this.trustedDataRootProvider.getDataRoot({
101
- txId,
102
- });
103
- let computedDataRoot;
104
- if (Buffer.isBuffer(data)) {
105
- computedDataRoot = await convertBufferToDataRoot({ buffer: data });
106
- }
107
- else if (data instanceof node_stream_1.Readable || data instanceof ReadableStream) {
108
- computedDataRoot = await (0, exports.convertReadableToDataRoot)({ iterable: data });
109
- }
110
- if (computedDataRoot === undefined) {
111
- throw new Error('Data root could not be computed');
112
- }
113
- const trustedDataRoot = await trustedDataRootPromise;
77
+ const [computedDataRoot, trustedDataRoot] = await Promise.all([
78
+ (0, exports.convertDataStreamToDataRoot)({
79
+ dataStream: data,
80
+ }),
81
+ this.trustedDataRootProvider.getDataRoot({
82
+ txId,
83
+ }),
84
+ ]);
114
85
  if (computedDataRoot !== trustedDataRoot) {
115
86
  throw new Error('Data root does not match', {
116
87
  cause: { computedDataRoot, trustedDataRoot },
package/lib/cjs/common/wayfinder/verification/strategies/hash-verifier.js CHANGED
@@ -1,22 +1,6 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.HashVerificationStrategy = void 0;
4
- /**
5
- * Copyright (C) 2022-2024 Permanent Data Solutions, Inc.
6
- *
7
- * Licensed under the Apache License, Version 2.0 (the "License");
8
- * you may not use this file except in compliance with the License.
9
- * You may obtain a copy of the License at
10
- *
11
- * http://www.apache.org/licenses/LICENSE-2.0
12
- *
13
- * Unless required by applicable law or agreed to in writing, software
14
- * distributed under the License is distributed on an "AS IS" BASIS,
15
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16
- * See the License for the specific language governing permissions and
17
- * limitations under the License.
18
- */
19
- const node_stream_1 = require("node:stream");
20
4
  const hash_js_1 = require("../../../../utils/hash.js");
21
5
  class HashVerificationStrategy {
22
6
  trustedHashProvider;
@@ -24,25 +8,18 @@ class HashVerificationStrategy {
24
8
  this.trustedHashProvider = trustedHashProvider;
25
9
  }
26
10
  async verifyData({ data, txId, }) {
27
- const hashPromise = this.trustedHashProvider.getHash({ txId });
28
- let computedHash;
29
- if (Buffer.isBuffer(data)) {
30
- computedHash = (0, hash_js_1.hashBufferToB64Url)(data);
31
- }
32
- else if (data instanceof node_stream_1.Readable) {
33
- computedHash = await (0, hash_js_1.hashReadableToB64Url)(data);
34
- }
35
- else if (data instanceof ReadableStream) {
36
- computedHash = await (0, hash_js_1.hashReadableStreamToB64Url)(data);
37
- }
11
+ // kick off the hash computation, but don't wait for it until we compute our own hash
12
+ const [computedHash, fetchedHash] = await Promise.all([
13
+ (0, hash_js_1.hashDataStreamToB64Url)(data),
14
+ this.trustedHashProvider.getHash({ txId }),
15
+ ]);
38
16
  // await on the hash promise and compare to get a little concurrency when computing hashes over larger data
39
- const { hash } = await hashPromise;
40
17
  if (computedHash === undefined) {
41
18
  throw new Error('Hash could not be computed');
42
19
  }
43
- if (computedHash !== hash) {
20
+ if (computedHash !== fetchedHash.hash) {
44
21
  throw new Error('Hash does not match', {
45
- cause: { computedHash, trustedHash: hash },
22
+ cause: { computedHash, trustedHash: fetchedHash },
46
23
  });
47
24
  }
48
25
  }
package/lib/cjs/common/wayfinder/verification/trusted.js CHANGED
@@ -1,6 +1,7 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.TrustedGatewaysHashProvider = void 0;
4
+ const wayfinder_js_1 = require("../wayfinder.js");
4
5
  const arioGatewayHeaders = {
5
6
  digest: 'x-ar-io-digest',
6
7
  verified: 'x-ar-io-verified',
@@ -25,17 +26,32 @@ class TrustedGatewaysHashProvider {
25
26
  const hashResults = [];
26
27
  const gateways = await this.gatewaysProvider.getGateways();
27
28
  const hashes = await Promise.all(gateways.map(async (gateway) => {
28
- const response = await fetch(`${gateway.toString()}${txId}`, {
29
- method: 'HEAD',
30
- redirect: 'follow',
31
- });
32
- if (!response.ok) {
33
- // skip this gateway
34
- return undefined;
29
+ const sandbox = (0, wayfinder_js_1.sandboxFromId)(txId);
30
+ const urlWithSandbox = `${gateway.protocol}//${sandbox}.${gateway.hostname}/${txId}/`;
31
+ let txIdHash;
32
+ /**
33
+ * This is a problem because we're not able to verify the hash of the data item if the gateway doesn't have the data in its cache.
34
+ * We should add the ability to send a HEAD request to trigger a GET request to hydrate the cache on the trusted gateway via a header.
35
+ * For now, we'll just do a GET request to hydrate the cache if the HEAD request doesn't contain the digest.
36
+ */
37
+ for (const method of ['HEAD', 'GET']) {
38
+ const response = await fetch(urlWithSandbox, {
39
+ method,
40
+ redirect: 'follow',
41
+ mode: 'cors',
42
+ });
43
+ if (!response.ok) {
44
+ // skip this gateway if the request failed
45
+ break;
46
+ }
47
+ const fetchedTxIdHash = response.headers.get(arioGatewayHeaders.digest);
48
+ if (fetchedTxIdHash !== null && fetchedTxIdHash !== undefined) {
49
+ txIdHash = fetchedTxIdHash;
50
+ break;
51
+ }
35
52
  }
36
- const txIdHash = response.headers.get(arioGatewayHeaders.digest);
37
- if (txIdHash === null || txIdHash === undefined) {
38
- // skip this gateway
53
+ if (txIdHash === undefined) {
54
+ // skip this gateway if we didn't get a hash
39
55
  return undefined;
40
56
  }
41
57
  hashResults.push({
package/lib/cjs/common/wayfinder/wayfinder.js CHANGED
@@ -1,10 +1,8 @@
1
1
  "use strict";
2
- var __importDefault = (this && this.__importDefault) || function (mod) {
3
- return (mod && mod.__esModule) ? mod : { "default": mod };
4
- };
5
2
  Object.defineProperty(exports, "__esModule", { value: true });
6
3
  exports.Wayfinder = exports.createWayfinderClient = exports.WayfinderEmitter = exports.resolveWayfinderUrl = exports.txIdRegex = exports.arnsRegex = void 0;
7
- exports.tapAndVerifyStream = tapAndVerifyStream;
4
+ exports.tapAndVerifyReadableStream = tapAndVerifyReadableStream;
5
+ exports.sandboxFromId = sandboxFromId;
8
6
  /**
9
7
  * Copyright (C) 2022-2024 Permanent Data Solutions, Inc.
10
8
  *
@@ -20,8 +18,8 @@ exports.tapAndVerifyStream = tapAndVerifyStream;
20
18
  * See the License for the specific language governing permissions and
21
19
  * limitations under the License.
22
20
  */
23
- const node_events_1 = __importDefault(require("node:events"));
24
- const node_stream_1 = require("node:stream");
21
+ const eventemitter3_1 = require("eventemitter3");
22
+ const rfc4648_1 = require("rfc4648");
25
23
  const io_js_1 = require("../io.js");
26
24
  const logger_js_1 = require("../logger.js");
27
25
  const network_js_1 = require("./gateways/network.js");
@@ -57,7 +55,8 @@ const resolveWayfinderUrl = ({ originalUrl, selectedGateway, logger, }) => {
57
55
  const [firstPart, ...rest] = path.split('/');
58
56
  // TODO: this breaks 43 character named arns names - we should check a a local name cache list before resolving raw transaction ids
59
57
  if (exports.txIdRegex.test(firstPart)) {
60
- return new URL(`${firstPart}${rest.length > 0 ? '/' + rest.join('/') : ''}`, selectedGateway);
58
+ const sandbox = sandboxFromId(firstPart);
59
+ return new URL(`${firstPart}${rest.length > 0 ? '/' + rest.join('/') : ''}`, `${selectedGateway.protocol}//${sandbox}.${selectedGateway.hostname}`);
61
60
  }
62
61
  if (exports.arnsRegex.test(firstPart)) {
63
62
  // TODO: tests to ensure arns names support query params and paths
@@ -69,22 +68,20 @@ const resolveWayfinderUrl = ({ originalUrl, selectedGateway, logger, }) => {
69
68
  return new URL(rest.length > 0 ? rest.join('/') : '', arnsUrl);
70
69
  }
71
70
  // TODO: support .eth addresses
72
- // TODO: "gasless" routing via DNS TXT records (e.g. ar://gatewaypie.com -> TXT record lookup for TX ID and redirect to that gateway)
71
+ // TODO: "gasless" routing via DNS TXT records
73
72
  }
74
73
  logger?.debug('No wayfinder routing protocol applied', {
75
74
  originalUrl,
76
75
  });
77
- // return the original url if it's not a wayfinder url (allows you to use the wayfinder client with non-wayfinder urls)
76
+ // return the original url if it's not a wayfinder url
78
77
  return new URL(originalUrl);
79
78
  };
80
79
  exports.resolveWayfinderUrl = resolveWayfinderUrl;
81
- class WayfinderEmitter extends node_events_1.default {
82
- constructor({ onVerificationPassed, onVerificationFailed, onVerificationProgress,
83
- // TODO: continue this pattern for all events
84
- } = {}) {
80
+ class WayfinderEmitter extends eventemitter3_1.EventEmitter {
81
+ constructor({ onVerificationSucceeded, onVerificationFailed, onVerificationProgress, } = {}) {
85
82
  super();
86
- if (onVerificationPassed) {
87
- this.on('verification-succeeded', onVerificationPassed);
83
+ if (onVerificationSucceeded) {
84
+ this.on('verification-succeeded', onVerificationSucceeded);
88
85
  }
89
86
  if (onVerificationFailed) {
90
87
  this.on('verification-failed', onVerificationFailed);
@@ -93,84 +90,18 @@ class WayfinderEmitter extends node_events_1.default {
93
90
  this.on('verification-progress', onVerificationProgress);
94
91
  }
95
92
  }
96
- emit(event, payload) {
97
- return super.emit(event, payload);
98
- }
99
- on(event, listener) {
100
- return super.on(event, listener);
101
- }
102
93
  }
103
94
  exports.WayfinderEmitter = WayfinderEmitter;
104
- function tapAndVerifyStream({ originalStream, contentLength, verifyData, txId, emitter, strict = false, }) {
105
- // taps node streams
106
- if (originalStream instanceof node_stream_1.Readable &&
107
- typeof originalStream.pipe === 'function') {
108
- const tappedClientStream = new node_stream_1.PassThrough();
109
- const streamToVerify = new node_stream_1.PassThrough();
110
- // kick off the verification promise, this will be awaited when the original stream ends
111
- const verificationPromise = verifyData({
112
- data: streamToVerify,
113
- txId,
114
- });
115
- let bytesProcessed = 0;
116
- // pipe the original stream to the verifier and the client stream
117
- originalStream.on('data', (chunk) => {
118
- streamToVerify.write(chunk);
119
- tappedClientStream.write(chunk);
120
- bytesProcessed += chunk.length;
121
- // only emit if contentLength is not 0
122
- if (contentLength !== 0) {
123
- emitter?.emit('verification-progress', {
124
- txId,
125
- totalBytes: contentLength,
126
- processedBytes: bytesProcessed,
127
- });
128
- }
129
- });
130
- originalStream.on('end', async () => {
131
- streamToVerify.end(); // triggers verifier completion and completes the verification promise
132
- if (strict) {
133
- // in strict mode, we wait for verification to complete before ending the client stream
134
- try {
135
- await verificationPromise;
136
- emitter?.emit('verification-succeeded', { txId });
137
- tappedClientStream.end();
138
- }
139
- catch (error) {
140
- emitter?.emit('verification-failed', { error, txId });
141
- // In strict mode, destroy the client stream with the error
142
- tappedClientStream.destroy(new Error('Verification failed', { cause: error }));
143
- }
144
- }
145
- else {
146
- // in non-strict mode, we end the client stream immediately and handle verification asynchronously
147
- tappedClientStream.end();
148
- // trigger the verification promise and emit events for the result
149
- verificationPromise
150
- .then(() => {
151
- emitter?.emit('verification-succeeded', { txId });
152
- })
153
- .catch((error) => {
154
- emitter?.emit('verification-failed', { error, txId });
155
- });
156
- }
157
- });
158
- originalStream.on('error', (err) => {
159
- // emit the verification failed event
160
- emitter?.emit('verification-failed', {
161
- error: err,
162
- txId,
163
- });
164
- // destroy both streams and propagate the original stream error
165
- streamToVerify.destroy(err);
166
- tappedClientStream.destroy(err);
167
- });
168
- // send the stream to the verify function and if it errors end the client stream
169
- return tappedClientStream;
170
- }
171
- // taps web readable streams
95
+ function tapAndVerifyReadableStream({ originalStream, contentLength, verifyData, txId, emitter, strict = false, }) {
172
96
  if (originalStream instanceof ReadableStream &&
173
97
  typeof originalStream.tee === 'function') {
98
+ /**
99
+ * NOTE: tee requires the streams both streams to be consumed, so we need to make sure we consume the client branch
100
+ * by the caller. This means when `request` is called, the client stream must be consumed by the caller via await request.text()
101
+ * for verification to complete.
102
+ *
103
+ * It is feasible to make the verification stream not to depend on the client branch being consumed, should the DX not be obvious.
104
+ */
174
105
  const [verifyBranch, clientBranch] = originalStream.tee();
175
106
  // setup our promise to verify the data
176
107
  const verificationPromise = verifyData({
@@ -191,10 +122,8 @@ function tapAndVerifyStream({ originalStream, contentLength, verifyData, txId, e
191
122
  controller.close();
192
123
  }
193
124
  catch (err) {
194
- emitter?.emit('verification-failed', {
195
- txId,
196
- error: err,
197
- });
125
+ // emit the verification failed event
126
+ emitter?.emit('verification-failed', err);
198
127
  // In strict mode, we report the error to the client stream
199
128
  controller.error(new Error('Verification failed', { cause: err }));
200
129
  }
@@ -206,10 +135,7 @@ function tapAndVerifyStream({ originalStream, contentLength, verifyData, txId, e
206
135
  emitter?.emit('verification-succeeded', { txId });
207
136
  })
208
137
  .catch((error) => {
209
- emitter?.emit('verification-failed', {
210
- txId,
211
- error,
212
- });
138
+ emitter?.emit('verification-failed', error);
213
139
  });
214
140
  // in non-strict mode, we close the controller immediately and handle verification asynchronously
215
141
  controller.close();
@@ -237,14 +163,20 @@ function tapAndVerifyStream({ originalStream, contentLength, verifyData, txId, e
237
163
  },
238
164
  }),
239
165
  });
240
- // note: we don't block or throw errors here even in strict mode
241
- // since the stream is already being cancelled by the client
242
166
  },
243
167
  });
244
168
  return clientStreamWithVerification;
245
169
  }
246
170
  throw new Error('Unsupported body type for cloning');
247
171
  }
172
+ /**
173
+ * Gets the sandbox hash for a given transaction id
174
+ */
175
+ function sandboxFromId(id) {
176
+ return rfc4648_1.base32
177
+ .stringify(Buffer.from(id, 'base64'), { pad: false })
178
+ .toLowerCase();
179
+ }
248
180
  /**
249
181
  * Creates a wrapped fetch function that supports ar:// protocol
250
182
  *
@@ -257,146 +189,128 @@ function tapAndVerifyStream({ originalStream, contentLength, verifyData, txId, e
257
189
  * @returns a wrapped fetch function that supports ar:// protocol and always returns Response
258
190
  */
259
191
  const createWayfinderClient = ({ resolveUrl, verifyData, selectGateway, emitter = new WayfinderEmitter(), logger, strict = false, }) => {
260
- // Create a function that will handle the redirection logic for ar:// URLs
261
- const wayfinderRedirect = async (url, init) => {
262
- // If the url is not a string or URL (e.g., it's a Request object), extract the URL from it
263
- const originalUrl = url instanceof Request ? url.url : url.toString();
264
- // If it's not an ar:// URL, pass it directly to fetch
265
- if (!originalUrl.startsWith('ar://')) {
266
- logger?.debug('Not a wayfinder URL, passing to fetch directly', {
267
- originalUrl,
192
+ return async (url, init) => {
193
+ if (typeof url !== 'string') {
194
+ logger?.debug('URL is not a string, skipping routing', {
195
+ url,
268
196
  });
269
197
  emitter?.emit('routing-skipped', {
270
- originalUrl,
198
+ originalUrl: JSON.stringify(url),
271
199
  });
272
- // we don't do anything special with non-ar:// urls, just pass them through
273
200
  return fetch(url, init);
274
201
  }
275
- // Start the routing process
276
202
  emitter?.emit('routing-started', {
277
- originalUrl,
203
+ originalUrl: url.toString(),
278
204
  });
279
- // Retry logic for gateway selection
280
205
  const maxRetries = 3;
281
206
  const retryDelay = 1000;
282
207
  for (let i = 0; i < maxRetries; i++) {
283
208
  try {
284
209
  // select the target gateway
285
- // TODO: we may want to provide the `path` to select gateway so the HEAD checks in routers check the existence of the actual path/request
286
210
  const selectedGateway = await selectGateway();
287
211
  logger?.debug('Selected gateway', {
288
- originalUrl,
212
+ originalUrl: url,
289
213
  selectedGateway: selectedGateway.toString(),
290
214
  });
291
215
  // route the request to the target gateway
292
216
  const redirectUrl = resolveUrl({
293
- originalUrl,
217
+ originalUrl: url,
294
218
  selectedGateway,
295
219
  logger,
296
220
  });
297
221
  emitter?.emit('routing-succeeded', {
298
- originalUrl,
222
+ originalUrl: url,
299
223
  selectedGateway: selectedGateway.toString(),
300
224
  redirectUrl: redirectUrl.toString(),
301
225
  });
302
226
  logger?.debug(`Redirecting request`, {
303
- originalUrl,
227
+ originalUrl: url,
304
228
  redirectUrl: redirectUrl.toString(),
305
229
  });
306
- // Make the request to the target gateway
230
+ // make the request to the target gateway using the redirect url
307
231
  const response = await fetch(redirectUrl.toString(), {
308
- // follow redirects as gateways use sandboxing on /txId requests
232
+ // enforce CORS given we're likely going to a different origin, but always allow the client to override
309
233
  redirect: 'follow',
310
234
  mode: 'cors',
311
- // allow requestor to override and any additional request configuration
312
235
  ...init,
313
236
  });
314
- // TODO: update any caching we use for the request and gateway response
315
237
  logger?.debug(`Successfully routed request to gateway`, {
316
238
  redirectUrl: redirectUrl.toString(),
317
- originalUrl,
318
- });
319
- // return the response right away if no redirect was made
320
- if (redirectUrl.toString() === originalUrl) {
321
- return response;
322
- }
323
- // return the response right away if no verification is needed or if there is no body
324
- if (!verifyData) {
325
- return response;
326
- }
327
- // the txId is either in the response headers or the path of the request as the first parameter
328
- const txId = response.headers.get('x-arns-resolved-id') ??
329
- redirectUrl.pathname.split('/')[1];
330
- const contentLength = +(response.headers.get('content-length') ?? 0);
331
- if (!exports.txIdRegex.test(txId)) {
332
- // No transaction ID found, skip verification
333
- logger?.debug('No transaction ID found, skipping verification', {
334
- redirectUrl: redirectUrl.toString(),
335
- originalUrl,
336
- });
337
- emitter?.emit('verification-skipped', {
338
- originalUrl,
339
- });
340
- return response;
341
- }
342
- emitter?.emit('identified-transaction-id', {
343
- originalUrl,
344
- selectedGateway: redirectUrl.toString(),
345
- txId,
239
+ originalUrl: url.toString(),
346
240
  });
347
- if (!response.body) {
348
- logger?.debug('No body, skipping verification', {
349
- redirectUrl: redirectUrl.toString(),
350
- originalUrl,
351
- });
352
- emitter?.emit('verification-skipped', {
353
- originalUrl,
354
- });
355
- return response;
241
+ // only verify data if the redirect url is different from the original url
242
+ if (redirectUrl.toString() !== url.toString()) {
243
+ if (verifyData) {
244
+ const headers = response.headers;
245
+ // transaction id is either in the response headers or the path of the request as the first parameter
246
+ const txId = headers.get('x-arns-resolved-id') ??
247
+ redirectUrl.pathname.split('/')[1];
248
+ const contentLength = +(headers.get('content-length') ?? 0);
249
+ if (!exports.txIdRegex.test(txId)) {
250
+ // no transaction id found, skip verification
251
+ logger?.debug('No transaction id found, skipping verification', {
252
+ redirectUrl: redirectUrl.toString(),
253
+ originalUrl: url,
254
+ });
255
+ emitter?.emit('verification-skipped', {
256
+ originalUrl: url,
257
+ });
258
+ return response;
259
+ }
260
+ emitter?.emit('identified-transaction-id', {
261
+ originalUrl: url,
262
+ selectedGateway: redirectUrl.toString(),
263
+ txId,
264
+ });
265
+ // Check if the response has a body
266
+ if (response.body) {
267
+ const newClientStream = tapAndVerifyReadableStream({
268
+ originalStream: response.body,
269
+ contentLength,
270
+ verifyData,
271
+ txId,
272
+ emitter,
273
+ strict,
274
+ });
275
+ return new Response(newClientStream, {
276
+ status: response.status,
277
+ statusText: response.statusText,
278
+ headers: response.headers,
279
+ });
280
+ }
281
+ else {
282
+ // No response body to verify, skip verification
283
+ logger?.debug('No response body to verify', {
284
+ redirectUrl: redirectUrl.toString(),
285
+ originalUrl: url,
286
+ txId,
287
+ });
288
+ return response;
289
+ }
290
+ }
356
291
  }
357
- const verifiedStream = tapAndVerifyStream({
358
- originalStream: response.body,
359
- contentLength,
360
- verifyData,
361
- txId,
362
- emitter,
363
- strict,
364
- });
365
- // wrap the response with the verified stream
366
- return new Response(verifiedStream, {
367
- status: response.status,
368
- statusText: response.statusText,
369
- // TODO: we could add identified transaction id to the headers here, but it would be changing information from the original response
370
- headers: response.headers,
371
- });
292
+ return response;
372
293
  }
373
294
  catch (error) {
374
295
  logger?.debug('Failed to route request', {
375
296
  error: error.message,
376
297
  stack: error.stack,
377
- originalUrl,
298
+ originalUrl: url,
378
299
  attempt: i + 1,
379
300
  maxRetries,
380
301
  });
381
302
  if (i < maxRetries - 1) {
382
303
  await new Promise((resolve) => setTimeout(resolve, retryDelay));
383
304
  }
384
- else {
385
- emitter?.emit('routing-failed', {
386
- originalUrl,
387
- error,
388
- });
389
- }
390
305
  }
391
306
  }
392
307
  throw new Error('Failed to route request after max retries', {
393
308
  cause: {
394
- originalUrl,
309
+ originalUrl: url,
395
310
  maxRetries,
396
311
  },
397
312
  });
398
313
  };
399
- return wayfinderRedirect;
400
314
  };
401
315
  exports.createWayfinderClient = createWayfinderClient;
402
316
  /**
@@ -548,7 +462,7 @@ class Wayfinder {
548
462
  }),
549
463
  }),
550
464
  }), events = {
551
- onVerificationPassed: (event) => {
465
+ onVerificationSucceeded: (event) => {
552
466
  logger.debug('Verification passed!', event);
553
467
  },
554
468
  onVerificationFailed: (event) => {
@@ -557,7 +471,7 @@ class Wayfinder {
557
471
  onVerificationProgress: (event) => {
558
472
  logger.debug('Verification progress!', event);
559
473
  },
560
- }, strict = false, }) {
474
+ }, strict = false, } = {}) {
561
475
  this.routingStrategy = routingStrategy;
562
476
  this.gatewaysProvider = gatewaysProvider;
563
477
  this.emitter = new WayfinderEmitter(events);