@atcute/xrpc-server 0.1.0

package/lib/main/utils/request-input.ts

@@ -0,0 +1,64 @@
+import type { XRPCBlobBodyParam, XRPCLexBodyParam } from '@atcute/lexicons/validations';
+
+import type { Result } from '../../types/misc.js';
+
+const jsonMimeValidator = (() => {
+	const JSON_RE = /^\s*application\/json\s*(?:$|;)/;
+
+	return (request: Request): Result<void, string> => {
+		const type = request.headers.get('content-type');
+		if (type === null) {
+			return { ok: false, error: `missing input content type (expected application/json)` };
+		}
+
+		if (!JSON_RE.test(type)) {
+			return { ok: false, error: `invalid input content type (expected application/json)` };
+		}
+
+		return { ok: true, value: undefined };
+	};
+})();
+
+export const constructMimeValidator = (param: XRPCLexBodyParam | XRPCBlobBodyParam) => {
+	if (param.type === 'lex') {
+		return jsonMimeValidator;
+	}
+
+	const mimes = param.encoding;
+	if (mimes === undefined || mimes.length === 0) {
+		return null;
+	}
+
+	const pattern = new RegExp(`^\\s*(?:${mimes.map(escapeRegexp).join('|')})\\s*(?:$|;)`);
+
+	return (request: Request): Result<void, string> => {
+		const type = request.headers.get('content-type');
+		if (type === null) {
+			return { ok: false, error: `missing input content type (expected ${separatedList(mimes, 'or')})` };
+		}
+
+		if (!pattern.test(type)) {
+			return { ok: false, error: `invalid input content type (expected ${separatedList(mimes, 'or')})` };
+		}
+
+		return { ok: true, value: undefined };
+	};
+};
+
+const separatedList = (list: string[], sep: 'or' | 'and'): string => {
+	switch (list.length) {
+		case 0: {
+			return `nothing`;
+		}
+		case 1: {
+			return list[0];
+		}
+		default: {
+			return `${list.slice(0, -1).join(', ')} ${sep} ${list[list.length - 1]}`;
+		}
+	}
+};
+
+const escapeRegexp = (input: string): string => {
+	return input.replace(/[-[\]{}()*+?.,\\^$|#\s]/g, '\\$&');
+};

package/lib/main/utils/request-params.ts

@@ -0,0 +1,108 @@
+import {
+	safeParse,
+	type ArraySchema,
+	type BaseSchema,
+	type ObjectSchema,
+	type OptionalSchema,
+	type ValidationResult,
+} from '@atcute/lexicons/validations';
+
+import type { Literal } from '../../types/misc.js';
+
+type MaybeArray<T> = T | T[];
+
+const isArraySchema = (schema: BaseSchema): schema is ArraySchema => {
+	return schema.type === 'array';
+};
+
+const isOptionalSchema = (schema: BaseSchema): schema is OptionalSchema => {
+	return schema.type === 'optional';
+};
+
+const unwrapOptional = (schema: BaseSchema): BaseSchema => {
+	return isOptionalSchema(schema) ? schema.wrapped : schema;
+};
+
+const unwrapArray = (schema: BaseSchema): BaseSchema => {
+	return isArraySchema(schema) ? schema.item : schema;
+};
+
+const coerceBoolean = (str: string): boolean | null => {
+	switch (str) {
+		case 'true':
+			return true;
+		case 'false':
+			return false;
+	}
+
+	return null;
+};
+
+const coerceInteger = (str: string): number => {
+	return Number(str);
+};
+
+export const constructParamsHandler = <TSchema extends ObjectSchema>(schema: TSchema) => {
+	const entries = Object.entries(schema.shape).map(([key, schema]) => {
+		const nonnullable = unwrapOptional(schema);
+		const singular = unwrapArray(nonnullable);
+
+		let coerce: ((x: string) => Literal | null) | undefined;
+		switch (singular.type) {
+			case 'boolean': {
+				coerce = coerceBoolean;
+				break;
+			}
+			case 'integer': {
+				coerce = coerceInteger;
+				break;
+			}
+		}
+
+		return {
+			key: key,
+			coerce: coerce,
+			multiple: isArraySchema(nonnullable),
+			optional: isOptionalSchema(schema) && schema.default === undefined,
+		};
+	});
+
+	const len = entries.length;
+
+	return (searchParams: URLSearchParams): ValidationResult<Record<string, MaybeArray<Literal>>> => {
+		const input: Record<string, MaybeArray<Literal | null>> = {};
+
+		for (let idx = 0; idx < len; idx++) {
+			const entry = entries[idx];
+			const key = entry.key;
+			const coerce = entry.coerce;
+
+			const raw = searchParams.getAll(key);
+			const count = raw.length;
+
+			let value: MaybeArray<Literal | null>;
+
+			if (entry.multiple || count > 1) {
+				value = coerce !== undefined ? raw.map(coerce) : raw;
+			} else {
+				if (count === 0) {
+					continue;
+				}
+
+				value = coerce !== undefined ? coerce(raw[0]) : raw[0];
+			}
+
+			/*#__INLINE__*/ set(input, key, value);
+		}
+
+		return safeParse(schema, input);
+	};
+};
+
+const set = <K extends PropertyKey, V>(obj: Record<K, V>, key: NoInfer<K>, value: NoInfer<V>): void => {
+	if (key === '__proto__') {
+		Object.defineProperty(obj, key, { value });
+	} else {
+		obj[key] = value;
+	}
+};

package/lib/main/utils/response.ts

@@ -0,0 +1,14 @@
+import type { Err } from '@atcute/lexicons/validations';
+
+export const invalidRequest = (message: string) => {
+	return Response.json({ error: 'InvalidRequest', message }, { status: 400 });
+};
+
+export const validationError = (kind: 'params' | 'input', err: Err): Response => {
+	const message = `invalid ${kind}: ${err.message}`;
+
+	return Response.json(
+		{ error: 'InvalidRequest', message: message, 'net.kelinci.atcute.issues': err.issues },
+		{ status: 400 },
+	);
+};

package/lib/main/xrpc-error.ts

@@ -0,0 +1,80 @@
+export interface XRPCErrorOptions {
+	status: number;
+	error: string;
+	description?: string;
+}
+
+export class XRPCError extends Error {
+	/** response status */
+	readonly status: number;
+
+	/** error name */
+	readonly error: string;
+	/** error message */
+	readonly description?: string;
+
+	constructor({ status, error, description }: XRPCErrorOptions) {
+		super(`${error} > ${description ?? '(unspecified description)'}`);
+
+		this.status = status;
+
+		this.error = error;
+		this.description = description;
+	}
+
+	toResponse(): Response {
+		return Response.json({ error: this.error, message: this.description }, { status: this.status });
+	}
+}
+
+export class InvalidRequestError extends XRPCError {
+	constructor({ status = 400, error = 'InvalidRequest', description }: Partial<XRPCErrorOptions> = {}) {
+		super({ status, error, description });
+	}
+}
+
+export class AuthRequiredError extends XRPCError {
+	constructor({
+		status = 401,
+		error = 'AuthenticationRequired',
+		description,
+	}: Partial<XRPCErrorOptions> = {}) {
+		super({ status, error, description });
+	}
+}
+
+export class ForbiddenError extends XRPCError {
+	constructor({ status = 403, error = 'Forbidden', description }: Partial<XRPCErrorOptions> = {}) {
+		super({ status, error, description });
+	}
+}
+
+export class RateLimitExceededError extends XRPCError {
+	constructor({ status = 429, error = 'RateLimitExceeded', description }: Partial<XRPCErrorOptions> = {}) {
+		super({ status, error, description });
+	}
+}
+
+export class InternalServerError extends XRPCError {
+	constructor({ status = 500, error = 'InternalServerError', description }: Partial<XRPCErrorOptions> = {}) {
+		super({ status, error, description });
+	}
+}
+
+export class UpstreamFailureError extends XRPCError {
+	constructor({ status = 502, error = 'UpstreamFailure', description }: Partial<XRPCErrorOptions> = {}) {
+		super({ status, error, description });
+	}
+}
+
+export class NotEnoughResourcesError extends XRPCError {
+	constructor({ status = 503, error = 'NotEnoughResources', description }: Partial<XRPCErrorOptions> = {}) {
+		super({ status, error, description });
+	}
+}
+
+export class UpstreamTimeoutError extends XRPCError {
+	constructor({ status = 504, error = 'UpstreamTimeout', description }: Partial<XRPCErrorOptions> = {}) {
+		super({ status, error, description });
+	}
+}

package/lib/middlewares/cors.ts

@@ -0,0 +1,68 @@
+import type { FetchMiddleware } from '../main/router.js';
+
+export interface CORSOptions {
+	/** Additional headers to expose to the client */
+	exposedHeaders?: string[];
+	/** Additional headers to allow */
+	allowedHeaders?: string[];
+}
+
+const DEFAULT_EXPOSED_HEADERS = [
+	'dpop-nonce',
+	'www-authenticate',
+
+	'ratelimit-limit',
+	'ratelimit-policy',
+	'ratelimit-remaining',
+	'ratelimit-reset',
+];
+
+const DEFAULT_ALLOWED_HEADERS = [
+	'content-type',
+
+	'authorization',
+	'dpop',
+
+	'atproto-accept-labelers',
+	'atproto-proxy',
+];
+
+export const cors = (options: CORSOptions = {}): FetchMiddleware => {
+	const exposedHeaders = Array.from(
+		new Set([...DEFAULT_EXPOSED_HEADERS, ...(options.exposedHeaders?.map((h) => h.toLowerCase()) || [])]),
+	).sort();
+
+	const allowedHeaders = Array.from(
+		new Set([...DEFAULT_ALLOWED_HEADERS, ...(options.allowedHeaders?.map((h) => h.toLowerCase()) || [])]),
+	)
+		.sort()
+		.join(',');
+
+	return async (request, next) => {
+		const origin = request.headers.get('origin') || '*';
+
+		// Handle preflight requests
+		if (request.method === 'OPTIONS') {
+			const headers = new Headers();
+			headers.set('access-control-max-age', '86400');
+			headers.set('access-control-allow-origin', origin);
+
+			if (allowedHeaders) {
+				headers.set('access-control-allow-headers', allowedHeaders);
+			}
+
+			return new Response(null, { status: 204, headers: headers });
+		}
+
+		const response = await next(request);
+
+		const expose = exposedHeaders.filter((h) => response.headers.has(h)).join(',');
+
+		response.headers.set('access-control-allow-origin', origin);
+		if (expose.length > 0) {
+			response.headers.append('access-control-expose-headers', expose);
+		}
+
+		return response;
+	};
+};

package/lib/types/misc.ts

@@ -0,0 +1,4 @@
+export type Promisable<T> = T | Promise<T>;
+export type Literal = string | number | boolean;
+
+export type Result<T, E> = { ok: true; value: T } | { ok: false; error: E };

package/package.json

@@ -0,0 +1,44 @@
+{
+  "type": "module",
+  "name": "@atcute/xrpc-server",
+  "version": "0.1.0",
+  "description": "xrpc server",
+  "license": "MIT",
+  "repository": {
+    "url": "https://github.com/mary-ext/atcute",
+    "directory": "packages/servers/xrpc-server"
+  },
+  "files": [
+    "dist/",
+    "lib/",
+    "!lib/**/*.bench.ts",
+    "!lib/**/*.test.ts"
+  ],
+  "exports": {
+    ".": "./dist/main/index.js",
+    "./auth": "./dist/auth/index.js",
+    "./middlewares/cors": "./dist/middlewares/cors.js"
+  },
+  "dependencies": {
+    "@badrap/valita": "^0.4.4",
+    "nanoid": "^5.1.5",
+    "@atcute/crypto": "^2.2.3",
+    "@atcute/identity": "^1.0.2",
+    "@atcute/identity-resolver": "^1.1.1",
+    "@atcute/lexicons": "^1.0.4",
+    "@atcute/multibase": "^1.1.4",
+    "@atcute/uint8array": "^1.0.3"
+  },
+  "devDependencies": {
+    "@atcute/xrpc-server": "file:",
+    "@vitest/coverage-v8": "^3.0.4",
+    "vitest": "^3.0.4",
+    "@atcute/atproto": "^3.0.3",
+    "@atcute/bluesky": "^3.0.4"
+  },
+  "scripts": {
+    "build": "tsc --project tsconfig.build.json",
+    "test": "vitest --coverage",
+    "prepublish": "rm -rf dist; pnpm run build"
+  }
+}