@atcute/xrpc-server 1.0.0 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (106) hide show
  1. package/dist/auth/index.d.ts +0 -1
  2. package/dist/auth/index.js +0 -1
  3. package/dist/auth/jwt-creator.d.ts +0 -1
  4. package/dist/auth/jwt-creator.js +0 -1
  5. package/dist/auth/jwt-verifier.d.ts +24 -33
  6. package/dist/auth/jwt-verifier.js +8 -10
  7. package/dist/auth/jwt.d.ts +0 -1
  8. package/dist/auth/jwt.js +22 -26
  9. package/dist/auth/types.d.ts +0 -1
  10. package/dist/auth/types.js +0 -1
  11. package/dist/main/index.d.ts +0 -1
  12. package/dist/main/index.js +0 -1
  13. package/dist/main/response.d.ts +0 -1
  14. package/dist/main/response.js +0 -1
  15. package/dist/main/router.d.ts +7 -14
  16. package/dist/main/router.js +3 -12
  17. package/dist/main/types/operation.d.ts +3 -5
  18. package/dist/main/types/operation.js +1 -1
  19. package/dist/main/types/websocket.d.ts +3 -5
  20. package/dist/main/types/websocket.js +0 -1
  21. package/dist/main/utils/frames.d.ts +0 -1
  22. package/dist/main/utils/frames.js +0 -1
  23. package/dist/main/utils/middlewares.d.ts +0 -1
  24. package/dist/main/utils/middlewares.js +1 -1
  25. package/dist/main/utils/namespaced.d.ts +0 -1
  26. package/dist/main/utils/namespaced.js +0 -1
  27. package/dist/main/utils/request-input.d.ts +3 -5
  28. package/dist/main/utils/request-input.js +3 -5
  29. package/dist/main/utils/request-params.d.ts +0 -1
  30. package/dist/main/utils/request-params.js +4 -3
  31. package/dist/main/utils/response.d.ts +0 -1
  32. package/dist/main/utils/response.js +0 -1
  33. package/dist/main/utils/websocket-mock.d.ts +0 -1
  34. package/dist/main/utils/websocket-mock.js +0 -1
  35. package/dist/main/xrpc-error.d.ts +16 -18
  36. package/dist/main/xrpc-error.js +9 -10
  37. package/dist/main/xrpc-handler.d.ts +1 -3
  38. package/dist/main/xrpc-handler.js +0 -1
  39. package/dist/middlewares/cors.d.ts +0 -1
  40. package/dist/middlewares/cors.js +0 -1
  41. package/dist/types/misc.d.ts +0 -1
  42. package/dist/types/misc.js +0 -1
  43. package/package.json +17 -20
  44. package/dist/auth/index.d.ts.map +0 -1
  45. package/dist/auth/index.js.map +0 -1
  46. package/dist/auth/jwt-creator.d.ts.map +0 -1
  47. package/dist/auth/jwt-creator.js.map +0 -1
  48. package/dist/auth/jwt-verifier.d.ts.map +0 -1
  49. package/dist/auth/jwt-verifier.js.map +0 -1
  50. package/dist/auth/jwt.d.ts.map +0 -1
  51. package/dist/auth/jwt.js.map +0 -1
  52. package/dist/auth/types.d.ts.map +0 -1
  53. package/dist/auth/types.js.map +0 -1
  54. package/dist/main/index.d.ts.map +0 -1
  55. package/dist/main/index.js.map +0 -1
  56. package/dist/main/response.d.ts.map +0 -1
  57. package/dist/main/response.js.map +0 -1
  58. package/dist/main/router.d.ts.map +0 -1
  59. package/dist/main/router.js.map +0 -1
  60. package/dist/main/types/operation.d.ts.map +0 -1
  61. package/dist/main/types/operation.js.map +0 -1
  62. package/dist/main/types/websocket.d.ts.map +0 -1
  63. package/dist/main/types/websocket.js.map +0 -1
  64. package/dist/main/utils/frames.d.ts.map +0 -1
  65. package/dist/main/utils/frames.js.map +0 -1
  66. package/dist/main/utils/middlewares.d.ts.map +0 -1
  67. package/dist/main/utils/middlewares.js.map +0 -1
  68. package/dist/main/utils/namespaced.d.ts.map +0 -1
  69. package/dist/main/utils/namespaced.js.map +0 -1
  70. package/dist/main/utils/request-input.d.ts.map +0 -1
  71. package/dist/main/utils/request-input.js.map +0 -1
  72. package/dist/main/utils/request-params.d.ts.map +0 -1
  73. package/dist/main/utils/request-params.js.map +0 -1
  74. package/dist/main/utils/response.d.ts.map +0 -1
  75. package/dist/main/utils/response.js.map +0 -1
  76. package/dist/main/utils/websocket-mock.d.ts.map +0 -1
  77. package/dist/main/utils/websocket-mock.js.map +0 -1
  78. package/dist/main/xrpc-error.d.ts.map +0 -1
  79. package/dist/main/xrpc-error.js.map +0 -1
  80. package/dist/main/xrpc-handler.d.ts.map +0 -1
  81. package/dist/main/xrpc-handler.js.map +0 -1
  82. package/dist/middlewares/cors.d.ts.map +0 -1
  83. package/dist/middlewares/cors.js.map +0 -1
  84. package/dist/types/misc.d.ts.map +0 -1
  85. package/dist/types/misc.js.map +0 -1
  86. package/lib/auth/index.ts +0 -2
  87. package/lib/auth/jwt-creator.ts +0 -53
  88. package/lib/auth/jwt-verifier.ts +0 -395
  89. package/lib/auth/jwt.ts +0 -146
  90. package/lib/auth/types.ts +0 -4
  91. package/lib/main/index.ts +0 -17
  92. package/lib/main/response.ts +0 -9
  93. package/lib/main/router.ts +0 -464
  94. package/lib/main/types/operation.ts +0 -130
  95. package/lib/main/types/websocket.ts +0 -22
  96. package/lib/main/utils/frames.ts +0 -71
  97. package/lib/main/utils/middlewares.ts +0 -13
  98. package/lib/main/utils/namespaced.ts +0 -5
  99. package/lib/main/utils/request-input.ts +0 -89
  100. package/lib/main/utils/request-params.ts +0 -108
  101. package/lib/main/utils/response.ts +0 -14
  102. package/lib/main/utils/websocket-mock.ts +0 -118
  103. package/lib/main/xrpc-error.ts +0 -201
  104. package/lib/main/xrpc-handler.ts +0 -53
  105. package/lib/middlewares/cors.ts +0 -104
  106. package/lib/types/misc.ts +0 -4
@@ -1,3 +1,2 @@
1
1
  export * from './jwt-creator.ts';
2
2
  export * from './jwt-verifier.ts';
3
- //# sourceMappingURL=index.d.ts.map
@@ -1,3 +1,2 @@
1
1
  export * from './jwt-creator.js';
2
2
  export * from './jwt-verifier.js';
3
- //# sourceMappingURL=index.js.map
@@ -11,4 +11,3 @@ export interface CreateServiceJwtOptions {
11
11
  expiresIn?: number;
12
12
  }
13
13
  export declare const createServiceJwt: (options: CreateServiceJwtOptions) => Promise<string>;
14
- //# sourceMappingURL=jwt-creator.d.ts.map
@@ -27,4 +27,3 @@ export const createServiceJwt = async (options) => {
27
27
  const encodeJwtPortion = (data) => {
28
28
  return toBase64Url(encodeUtf8(JSON.stringify(data)));
29
29
  };
30
- //# sourceMappingURL=jwt-creator.js.map
@@ -2,20 +2,17 @@ import { type DidDocumentResolver } from '@atcute/identity-resolver';
2
2
  import type { Did, Nsid } from '@atcute/lexicons';
3
3
  import type { AtprotoAudience } from '@atcute/lexicons/syntax';
4
4
  /**
5
- * replay-protection store for service JWTs. when configured on a verifier,
6
- * tokens must carry a `jti` claim and the verifier consults this store to
7
- * reject duplicates.
5
+ * replay-protection store for service JWTs. when configured on a verifier, tokens must carry a `jti` claim
6
+ * and the verifier consults this store to reject duplicates.
8
7
  */
9
8
  export interface ReplayStore {
10
9
  /**
11
10
  * record a `(iss, jti)` pair seen now.
12
11
  *
13
- * @param key issuer + token identifier; implementations decide how to
14
- * encode this into a storage key.
15
- * @param ttlSeconds how long the entry must be retained. implementations
16
- * are free to retain it for longer.
17
- * @returns `true` if the pair was previously unseen (token is unique),
18
- * `false` if the pair has been recorded before (replay).
12
+ * @param key issuer + token identifier; implementations decide how to encode this into a storage key.
13
+ * @param ttlSeconds how long the entry must be retained. implementations are free to retain it for longer.
14
+ * @returns `true` if the pair was previously unseen (token is unique), `false` if the pair has been
15
+ * recorded before (replay).
19
16
  */
20
17
  check(key: {
21
18
  iss: Did;
@@ -24,29 +21,25 @@ export interface ReplayStore {
24
21
  }
25
22
  export interface ServiceJwtVerifierOptions {
26
23
  /**
27
- * list of `aud` values accepted by this service; each entry is a bare DID or a DID with
28
- * service fragment (e.g. `did:web:x.example#svc`), and incoming tokens must exact-match any entry.
24
+ * list of `aud` values accepted by this service; each entry is a bare DID or a DID with service fragment
25
+ * (e.g. `did:web:x.example#svc`), and incoming tokens must exact-match any entry.
29
26
  *
30
- * pass `null` to skip audience validation (accept any audience). an empty array rejects every
31
- * audience, which is useful when a service wants to fail closed until configured.
27
+ * pass `null` to skip audience validation (accept any audience). an empty array rejects every audience,
28
+ * which is useful when a service wants to fail closed until configured.
32
29
  */
33
30
  acceptAudiences: (Did | AtprotoAudience)[] | null;
34
31
  resolver: DidDocumentResolver;
35
32
  /**
36
- * maximum token lifetime window in seconds. rejects tokens whose `exp` is
37
- * more than this far in the future or whose `iat` is more than this far in
38
- * the past. defaults to 300 (5 minutes), matching atproto convention.
33
+ * maximum token lifetime window in seconds. rejects tokens whose `exp` is more than this far in the future
34
+ * or whose `iat` is more than this far in the past. defaults to 300 (5 minutes), matching atproto
35
+ * convention.
39
36
  */
40
37
  maxAge?: number;
41
- /**
42
- * clock-skew leeway in seconds applied to `exp` and `nbf` comparisons.
43
- * defaults to 5 seconds.
44
- */
38
+ /** clock-skew leeway in seconds applied to `exp` and `nbf` comparisons. defaults to 5 seconds. */
45
39
  clockLeeway?: number;
46
40
  /**
47
- * optional replay-protection store. when provided, tokens must carry a
48
- * `jti` claim and the verifier rejects any `(iss, jti)` the store reports
49
- * as previously seen.
41
+ * optional replay-protection store. when provided, tokens must carry a `jti` claim and the verifier rejects
42
+ * any `(iss, jti)` the store reports as previously seen.
50
43
  */
51
44
  replayStore?: ReplayStore;
52
45
  }
@@ -69,17 +62,15 @@ export declare class ServiceJwtVerifier {
69
62
  replayStore?: ReplayStore;
70
63
  constructor(options: ServiceJwtVerifierOptions);
71
64
  /**
72
- * parse the Authorization header, verify the bearer token, and return the
73
- * validated claims. throws {@link AuthRequiredError} with a populated
74
- * `WWW-Authenticate: Bearer` challenge on every failure path.
65
+ * parse the Authorization header, verify the bearer token, and return the validated claims. throws
66
+ * {@link AuthRequiredError} with a populated `WWW-Authenticate: Bearer` challenge on every failure path.
75
67
  *
76
- * @param request incoming request; `request.signal` is forwarded to DID
77
- * resolution unless `options.signal` overrides it.
78
- * @param options verification options; `lxm` restricts which lexicon
79
- * methods the token is allowed to invoke.
80
- * @throws {AuthRequiredError} on missing header, malformed token,
81
- * signature mismatch, audience/lxm rejection, replay, or expiry.
68
+ * @param request incoming request; `request.signal` is forwarded to DID resolution unless `options.signal`
69
+ * overrides it.
70
+ * @param options verification options; `lxm` restricts which lexicon methods the token is allowed to
71
+ * invoke.
72
+ * @throws {AuthRequiredError} on missing header, malformed token, signature mismatch, audience/lxm
73
+ * rejection, replay, or expiry.
82
74
  */
83
75
  verifyRequest(request: Request, options: VerifyJwtOptions): Promise<VerifiedJwt>;
84
76
  }
85
- //# sourceMappingURL=jwt-verifier.d.ts.map
@@ -21,16 +21,15 @@ export class ServiceJwtVerifier {
21
21
  this.replayStore = options.replayStore;
22
22
  }
23
23
  /**
24
- * parse the Authorization header, verify the bearer token, and return the
25
- * validated claims. throws {@link AuthRequiredError} with a populated
26
- * `WWW-Authenticate: Bearer` challenge on every failure path.
24
+ * parse the Authorization header, verify the bearer token, and return the validated claims. throws
25
+ * {@link AuthRequiredError} with a populated `WWW-Authenticate: Bearer` challenge on every failure path.
27
26
  *
28
- * @param request incoming request; `request.signal` is forwarded to DID
29
- * resolution unless `options.signal` overrides it.
30
- * @param options verification options; `lxm` restricts which lexicon
31
- * methods the token is allowed to invoke.
32
- * @throws {AuthRequiredError} on missing header, malformed token,
33
- * signature mismatch, audience/lxm rejection, replay, or expiry.
27
+ * @param request incoming request; `request.signal` is forwarded to DID resolution unless `options.signal`
28
+ * overrides it.
29
+ * @param options verification options; `lxm` restricts which lexicon methods the token is allowed to
30
+ * invoke.
31
+ * @throws {AuthRequiredError} on missing header, malformed token, signature mismatch, audience/lxm
32
+ * rejection, replay, or expiry.
34
33
  */
35
34
  async verifyRequest(request, options) {
36
35
  const authorization = request.headers.get('authorization');
@@ -281,4 +280,3 @@ const authError = (err) => {
281
280
  wwwAuthenticate: { scheme: 'Bearer', params: { error: err.error } },
282
281
  });
283
282
  };
284
- //# sourceMappingURL=jwt-verifier.js.map
@@ -25,4 +25,3 @@ export interface ParsedJwt {
25
25
  signature: Uint8Array<ArrayBuffer>;
26
26
  }
27
27
  export declare const parseJwt: (jwtString: string) => Result<ParsedJwt, AuthError>;
28
- //# sourceMappingURL=jwt.d.ts.map
package/dist/auth/jwt.js CHANGED
@@ -2,20 +2,17 @@ import { isAtprotoAudience } from '@atcute/identity';
2
2
  import { isDid, isNsid } from '@atcute/lexicons/syntax';
3
3
  import { fromBase64Url } from '@atcute/multibase';
4
4
  import { decodeUtf8From, encodeUtf8 } from '@atcute/uint8array';
5
- import * as v from '@badrap/valita';
6
- const didString = v.string().assert(isDid, `must be a did`);
7
- const audienceString = v
8
- .string()
9
- .assert((input) => isAtprotoAudience(input) || isDid(input), `must be a did or atproto audience`);
10
- const nsidString = v.string().assert(isNsid, `must be an nsid`);
11
- const integer = v.number().assert((input) => input >= 0 && Number.isSafeInteger(input), `must be an integer`);
12
- const jwtHeader = v.object({
13
- typ: v.string().optional(),
5
+ import * as v from 'valibot';
6
+ const didString = v.custom(isDid, `must be a did`);
7
+ const audienceString = v.custom((input) => isAtprotoAudience(input) || isDid(input), `must be a did or atproto audience`);
8
+ const nsidString = v.custom(isNsid, `must be an nsid`);
9
+ const integer = v.pipe(v.number(), v.safeInteger(), v.minValue(0));
10
+ const jwtHeader = v.looseObject({
11
+ typ: v.optional(v.string()),
14
12
  alg: v.string(),
15
- kid: v.string().optional(),
13
+ kid: v.optional(v.string()),
16
14
  });
17
- const jwtPayload = v
18
- .object({
15
+ const jwtPayload = v.pipe(v.looseObject({
19
16
  /** issuer */
20
17
  iss: didString,
21
18
  /** target audience; a bare DID or a DID with service fragment (e.g. `did:web:x.example#svc`) */
@@ -23,28 +20,26 @@ const jwtPayload = v
23
20
  /** expiration time */
24
21
  exp: integer,
25
22
  /** creation time */
26
- iat: integer.optional(),
23
+ iat: v.optional(integer),
27
24
  /** not-before time */
28
- nbf: integer.optional(),
25
+ nbf: v.optional(integer),
29
26
  /** xrpc operation being invoked; required per atproto service auth spec */
30
27
  lxm: nsidString,
31
28
  /** unique identifier */
32
- jti: v.string().optional(),
33
- })
34
- .assert(({ iat, exp }) => iat === undefined || exp > iat, {
35
- message: `expiry time must be greater than issued time`,
36
- path: ['exp'],
37
- });
29
+ jti: v.optional(v.string()),
30
+ }), v.forward(v.check(({ iat, exp }) => iat === undefined || exp > iat, `expiry time must be greater than issued time`), ['exp']));
38
31
  const readJwtPortion = (schema, input) => {
39
32
  try {
40
33
  const raw = decodeUtf8From(fromBase64Url(input));
41
34
  const json = JSON.parse(raw);
42
- const result = schema.try(json, { mode: 'passthrough' });
43
- if (result.ok) {
44
- return result;
35
+ const result = v.safeParse(schema, json);
36
+ if (result.success) {
37
+ return { ok: true, value: result.output };
45
38
  }
46
39
  }
47
- catch { }
40
+ catch {
41
+ /* empty */
42
+ }
48
43
  return {
49
44
  ok: false,
50
45
  error: {
@@ -57,7 +52,9 @@ const readJwtSignature = (input) => {
57
52
  try {
58
53
  return { ok: true, value: fromBase64Url(input) };
59
54
  }
60
- catch { }
55
+ catch {
56
+ /* empty */
57
+ }
61
58
  return {
62
59
  ok: false,
63
60
  error: {
@@ -100,4 +97,3 @@ export const parseJwt = (jwtString) => {
100
97
  },
101
98
  };
102
99
  };
103
- //# sourceMappingURL=jwt.js.map
@@ -2,4 +2,3 @@ export type AuthError = {
2
2
  error: string;
3
3
  description: string;
4
4
  };
5
- //# sourceMappingURL=types.d.ts.map
@@ -1,2 +1 @@
1
1
  export {};
2
- //# sourceMappingURL=types.js.map
@@ -4,4 +4,3 @@ export * from './xrpc-error.ts';
4
4
  export * from './xrpc-handler.ts';
5
5
  export type { ProcedureConfig, ProcedureContext, ProcedureHandler, QueryConfig, QueryContext, QueryHandler, SubscriptionConfig, SubscriptionContext, SubscriptionHandler, } from './types/operation.ts';
6
6
  export * from './types/websocket.ts';
7
- //# sourceMappingURL=index.d.ts.map
@@ -3,4 +3,3 @@ export * from './router.js';
3
3
  export * from './xrpc-error.js';
4
4
  export * from './xrpc-handler.js';
5
5
  export * from './types/websocket.js';
6
- //# sourceMappingURL=index.js.map
@@ -6,4 +6,3 @@ export declare const json: {
6
6
  <TData>(data: NoInfer<TData>, init?: ResponseInit): JSONResponse<TData>;
7
7
  };
8
8
  export {};
9
- //# sourceMappingURL=response.d.ts.map
@@ -1,4 +1,3 @@
1
1
  export const json = (data, init) => {
2
2
  return Response.json(data, init);
3
3
  };
4
- //# sourceMappingURL=response.js.map
@@ -24,24 +24,21 @@ export interface XRPCRouterOptions {
24
24
  middlewares?: FetchMiddleware[];
25
25
  handleNotFound?: NotFoundHandler;
26
26
  /**
27
- * optional handler for `/xrpc/_health`. when provided, the router answers
28
- * health-check requests by invoking this handler; when absent, the path
29
- * falls through to `handleNotFound`. `_health` is not part of the atproto
30
- * XRPC spec, so callers opt in explicitly.
27
+ * optional handler for `/xrpc/_health`. when provided, the router answers health-check requests by invoking
28
+ * this handler; when absent, the path falls through to `handleNotFound`. `_health` is not part of the
29
+ * atproto XRPC spec, so callers opt in explicitly.
31
30
  */
32
31
  handleHealthCheck?: HealthCheckHandler;
33
32
  /** translates a thrown error into an HTTP response. */
34
33
  handleException?: ExceptionHandler;
35
34
  /**
36
- * fire-and-forget telemetry hook for unexpected HTTP errors. not invoked for
37
- * client-induced errors (aborted requests, `XRPCError` subclasses, thrown
38
- * `Response` objects).
35
+ * fire-and-forget telemetry hook for unexpected HTTP errors. not invoked for client-induced errors (aborted
36
+ * requests, `XRPCError` subclasses, thrown `Response` objects).
39
37
  */
40
38
  onError?: ErrorObserver;
41
39
  /**
42
- * fire-and-forget telemetry hook for unexpected subscription errors. not
43
- * invoked for aborted signals or `XRPCSubscriptionError` (which is
44
- * translated to an error frame).
40
+ * fire-and-forget telemetry hook for unexpected subscription errors. not invoked for aborted signals or
41
+ * `XRPCSubscriptionError` (which is translated to an error frame).
45
42
  */
46
43
  onSocketError?: SocketErrorObserver;
47
44
  websocket?: WebSocketAdapter;
@@ -50,11 +47,7 @@ export declare class XRPCRouter {
50
47
  #private;
51
48
  fetch: (request: Request) => Promise<Response>;
52
49
  constructor({ middlewares, handleException, handleNotFound, handleHealthCheck, onError, onSocketError, websocket, }?: XRPCRouterOptions);
53
- /** @deprecated use `addQuery` and `addProcedure` instead */
54
- add<TQuery extends XRPCQueryMetadata>(query: TQuery | Namespaced<TQuery>, config: QueryConfig<TQuery>): void;
55
- add<TProcedure extends XRPCProcedureMetadata>(procedure: TProcedure | Namespaced<TProcedure>, config: ProcedureConfig<TProcedure>): void;
56
50
  addQuery<TQuery extends XRPCQueryMetadata, TConfig extends QueryConfig<TQuery>>(query: TQuery | Namespaced<TQuery>, config: TConfig): void;
57
51
  addProcedure<TProcedure extends XRPCProcedureMetadata, TConfig extends ProcedureConfig<TProcedure>>(procedure: TProcedure | Namespaced<TProcedure>, config: TConfig): void;
58
52
  addSubscription<TSubscription extends XRPCSubscriptionMetadata, TConfig extends SubscriptionConfig<TSubscription>>(subscription: TSubscription | Namespaced<TSubscription>, config: TConfig): void;
59
53
  }
60
- //# sourceMappingURL=router.d.ts.map
@@ -113,17 +113,6 @@ export class XRPCRouter {
113
113
  return this.#handleException(err, request);
114
114
  }
115
115
  }
116
- add(operation, config) {
117
- const schema = unwrapLxm(operation);
118
- switch (schema.type) {
119
- case 'xrpc_query': {
120
- return this.addQuery(schema, config);
121
- }
122
- case 'xrpc_procedure': {
123
- return this.addProcedure(schema, config);
124
- }
125
- }
126
- }
127
116
  addQuery(query, config) {
128
117
  const querySchema = unwrapLxm(query);
129
118
  const handleParams = querySchema.params ? constructParamsHandler(querySchema.params) : null;
@@ -147,6 +136,7 @@ export class XRPCRouter {
147
136
  signal: request.signal,
148
137
  params: params,
149
138
  };
139
+ // oxlint-disable-next-line typescript/no-explicit-any
150
140
  const output = await handler(context);
151
141
  if (output instanceof Response) {
152
142
  return output;
@@ -188,6 +178,7 @@ export class XRPCRouter {
188
178
  }
189
179
  }
190
180
  if (inputSchema !== null) {
181
+ // oxlint-disable-next-line typescript/no-explicit-any
191
182
  let raw;
192
183
  try {
193
184
  raw = await request.json();
@@ -213,6 +204,7 @@ export class XRPCRouter {
213
204
  params: params,
214
205
  input: input,
215
206
  };
207
+ // oxlint-disable-next-line typescript/no-explicit-any
216
208
  const output = await handler(context);
217
209
  if (output instanceof Response) {
218
210
  return output;
@@ -301,4 +293,3 @@ export class XRPCRouter {
301
293
  };
302
294
  }
303
295
  }
304
- //# sourceMappingURL=router.js.map
@@ -4,10 +4,9 @@ import type { JSONResponse } from '../response.ts';
4
4
  /**
5
5
  * untyped variant of {@link QueryContext} / {@link ProcedureContext}.
6
6
  *
7
- * `input` is set only when the lexicon declares a `lex` input body and the
8
- * request JSON parsed successfully. for blob inputs (and for procedures that
9
- * declare no input at all) it is `undefined`; handlers that expect a blob
10
- * should stream from `request.body` directly.
7
+ * `input` is set only when the lexicon declares a `lex` input body and the request JSON parsed successfully.
8
+ * for blob inputs (and for procedures that declare no input at all) it is `undefined`; handlers that expect a
9
+ * blob should stream from `request.body` directly.
11
10
  */
12
11
  export type UnknownOperationContext = {
13
12
  request: Request;
@@ -61,4 +60,3 @@ export type SubscriptionHandler<TSubscription extends XRPCSubscriptionMetadata>
61
60
  export type SubscriptionConfig<TSubscription extends XRPCSubscriptionMetadata = XRPCSubscriptionMetadata> = {
62
61
  handler: SubscriptionHandler<TSubscription>;
63
62
  };
64
- //# sourceMappingURL=operation.d.ts.map
@@ -1,2 +1,2 @@
1
+ // oxlint-disable typescript/no-explicit-any
1
2
  export {};
2
- //# sourceMappingURL=operation.js.map
@@ -3,10 +3,9 @@ export interface WebSocketConnection {
3
3
  signal: AbortSignal;
4
4
  send(data: Uint8Array): void | Promise<void>;
5
5
  /**
6
- * backpressure hook invoked by the router after every frame it sends.
7
- * adapters that can observe the outgoing send buffer (Node `ws`, Bun, Deno)
8
- * should resolve only once the buffer has drained below a healthy threshold.
9
- * adapters without that visibility (e.g. Cloudflare Workers) should return
6
+ * backpressure hook invoked by the router after every frame it sends. adapters that can observe the
7
+ * outgoing send buffer (Node `ws`, Bun, Deno) should resolve only once the buffer has drained below a
8
+ * healthy threshold. adapters without that visibility (e.g. Cloudflare Workers) should return
10
9
  * synchronously.
11
10
  */
12
11
  drain(): void | Promise<void>;
@@ -15,4 +14,3 @@ export interface WebSocketConnection {
15
14
  export interface WebSocketAdapter {
16
15
  upgrade(request: Request, handler: (ws: WebSocketConnection) => Promisable<void>): Promisable<Response | undefined>;
17
16
  }
18
- //# sourceMappingURL=websocket.d.ts.map
@@ -1,2 +1 @@
1
1
  export {};
2
- //# sourceMappingURL=websocket.js.map
@@ -2,4 +2,3 @@ export declare const encodeMessageFrame: (body: unknown, type?: string) => Uint8
2
2
  export declare const encodeErrorFrame: (error: string, message?: string) => Uint8Array;
3
3
  export declare const extractMessageType: (message: unknown, nsid: string) => string | undefined;
4
4
  export declare const omitMessageType: (message: unknown) => unknown;
5
- //# sourceMappingURL=frames.d.ts.map
@@ -42,4 +42,3 @@ export const omitMessageType = (message) => {
42
42
  const { $type: _type, ...rest } = obj;
43
43
  return rest;
44
44
  };
45
- //# sourceMappingURL=frames.js.map
@@ -1,3 +1,2 @@
1
1
  export type Middleware<TParams extends any[], TReturn> = (...params: [...TParams, next: (...params: TParams) => TReturn]) => TReturn;
2
2
  export declare const createAsyncMiddlewareRunner: <TParams extends any[], TReturn>(middlewares: [...Middleware<TParams, Promise<TReturn>>[], Middleware<TParams, Promise<TReturn>>]) => (...params: TParams) => Promise<TReturn>;
3
- //# sourceMappingURL=middlewares.d.ts.map
@@ -1,5 +1,5 @@
1
+ // oxlint-disable typescript/no-explicit-any
1
2
  export const createAsyncMiddlewareRunner = (middlewares) => {
2
3
  // prettier-ignore
3
4
  return middlewares.reduceRight((next, run) => (...args) => run(...args, next), () => Promise.reject(new Error(`middleware chain exhausted`)));
4
5
  };
5
- //# sourceMappingURL=middlewares.js.map
@@ -2,4 +2,3 @@ export type Namespaced<T> = {
2
2
  mainSchema: T;
3
3
  };
4
4
  export declare const unwrapLxm: <T extends object>(schema: T | Namespaced<T>) => T;
5
- //# sourceMappingURL=namespaced.d.ts.map
@@ -1,4 +1,3 @@
1
1
  export const unwrapLxm = (schema) => {
2
2
  return 'mainSchema' in schema ? schema.mainSchema : schema;
3
3
  };
4
- //# sourceMappingURL=namespaced.js.map
@@ -3,14 +3,12 @@ import type { Result } from '../../types/misc.ts';
3
3
  /**
4
4
  * checks whether a request has a meaningful body.
5
5
  *
6
- * Node.js HTTP-to-fetch adapters always provide a `ReadableStream` for
7
- * `request.body`, even when no body content was sent. this function
8
- * uses `content-length` to handle that case while still respecting the
9
- * web `Request` API where `body === null` signals no body.
6
+ * Node.js HTTP-to-fetch adapters always provide a `ReadableStream` for `request.body`, even when no body
7
+ * content was sent. this function uses `content-length` to handle that case while still respecting the web
8
+ * `Request` API where `body === null` signals no body.
10
9
  *
11
10
  * @param request incoming request to check
12
11
  * @returns whether the request has body content
13
12
  */
14
13
  export declare const hasRequestBody: (request: Request) => boolean;
15
14
  export declare const constructMimeValidator: (param: XRPCLexBodyParam | XRPCBlobBodyParam) => ((request: Request) => Result<void, string>) | null;
16
- //# sourceMappingURL=request-input.d.ts.map
@@ -1,10 +1,9 @@
1
1
  /**
2
2
  * checks whether a request has a meaningful body.
3
3
  *
4
- * Node.js HTTP-to-fetch adapters always provide a `ReadableStream` for
5
- * `request.body`, even when no body content was sent. this function
6
- * uses `content-length` to handle that case while still respecting the
7
- * web `Request` API where `body === null` signals no body.
4
+ * Node.js HTTP-to-fetch adapters always provide a `ReadableStream` for `request.body`, even when no body
5
+ * content was sent. this function uses `content-length` to handle that case while still respecting the web
6
+ * `Request` API where `body === null` signals no body.
8
7
  *
9
8
  * @param request incoming request to check
10
9
  * @returns whether the request has body content
@@ -69,4 +68,3 @@ const separatedList = (list, sep) => {
69
68
  const escapeRegexp = (input) => {
70
69
  return input.replace(/[-[\]{}()*+?.,\\^$|#\s]/g, '\\$&');
71
70
  };
72
- //# sourceMappingURL=request-input.js.map
@@ -3,4 +3,3 @@ import type { Literal } from '../../types/misc.ts';
3
3
  type MaybeArray<T> = T | T[];
4
4
  export declare const constructParamsHandler: <TSchema extends ObjectSchema>(schema: TSchema) => (searchParams: URLSearchParams) => ValidationResult<Record<string, MaybeArray<Literal>>>;
5
5
  export {};
6
- //# sourceMappingURL=request-params.d.ts.map
@@ -13,10 +13,12 @@ const unwrapArray = (schema) => {
13
13
  };
14
14
  const coerceBoolean = (str) => {
15
15
  switch (str) {
16
- case 'true':
16
+ case 'true': {
17
17
  return true;
18
- case 'false':
18
+ }
19
+ case 'false': {
19
20
  return false;
21
+ }
20
22
  }
21
23
  return null;
22
24
  };
@@ -77,4 +79,3 @@ const set = (obj, key, value) => {
77
79
  obj[key] = value;
78
80
  }
79
81
  };
80
- //# sourceMappingURL=request-params.js.map
@@ -1,4 +1,3 @@
1
1
  import type { Err } from '@atcute/lexicons/validations';
2
2
  export declare const invalidRequest: (message: string) => Response;
3
3
  export declare const validationError: (kind: 'params' | 'input', err: Err) => Response;
4
- //# sourceMappingURL=response.d.ts.map
@@ -5,4 +5,3 @@ export const validationError = (kind, err) => {
5
5
  const message = `invalid ${kind}: ${err.message}`;
6
6
  return Response.json({ error: 'InvalidRequest', message: message, 'net.kelinci.atcute.issues': err.issues }, { status: 400 });
7
7
  };
8
- //# sourceMappingURL=response.js.map
@@ -20,4 +20,3 @@ export declare class MockWebSocketAdapter implements WebSocketAdapter {
20
20
  upgrade(_request: Request, handler: (ws: WebSocketConnection) => Promisable<void>): Promisable<Response | undefined>;
21
21
  attach(router: XRPCRouter): SubscriptionMock;
22
22
  }
23
- //# sourceMappingURL=websocket-mock.d.ts.map
@@ -73,4 +73,3 @@ export class MockWebSocketAdapter {
73
73
  };
74
74
  }
75
75
  }
76
- //# sourceMappingURL=websocket-mock.js.map
@@ -1,7 +1,6 @@
1
1
  /**
2
- * a single WWW-Authenticate challenge. exactly one of `params` or `token68` may
3
- * be provided. a bare scheme (no params, no token) is valid and renders as just
4
- * the scheme name.
2
+ * a single WWW-Authenticate challenge. exactly one of `params` or `token68` may be provided. a bare scheme
3
+ * (no params, no token) is valid and renders as just the scheme name.
5
4
  *
6
5
  * @see {@link https://datatracker.ietf.org/doc/html/rfc7235#section-4.1 | RFC 7235 §4.1}
7
6
  */
@@ -11,26 +10,26 @@ export interface WWWAuthenticateChallenge {
11
10
  /** auth-param pairs. entries whose value is `undefined` are omitted. */
12
11
  params?: Record<string, string | undefined>;
13
12
  /**
14
- * token68 value for schemes that carry one instead of auth-params (e.g.
15
- * `Basic`). mutually exclusive with `params`.
13
+ * token68 value for schemes that carry one instead of auth-params (e.g. `Basic`). mutually exclusive with
14
+ * `params`.
16
15
  */
17
16
  token68?: string;
18
17
  }
19
18
  /**
20
19
  * formats one or more WWW-Authenticate challenges into a single header value.
21
20
  *
22
- * each challenge is emitted as `<scheme>` followed by its params or token68.
23
- * multiple challenges are joined with `, `. auth-param values are quoted using
24
- * `JSON.stringify` (RFC 7230 quoted-string semantics for ASCII content).
21
+ * each challenge is emitted as `<scheme>` followed by its params or token68. multiple challenges are joined
22
+ * with `, `. auth-param values are quoted using `JSON.stringify` (RFC 7230 quoted-string semantics for ASCII
23
+ * content).
24
+ *
25
+ * @example
26
+ * ```ts
27
+ * formatWWWAuthenticate({ scheme: 'Bearer', params: { error: 'BadJwtSignature' } });
28
+ * // => `Bearer error="BadJwtSignature"`
29
+ * ```
25
30
  *
26
31
  * @param challenges one challenge, or an ordered array of challenges
27
32
  * @returns the formatted header value
28
- *
29
- * @example
30
- * ```ts
31
- * formatWWWAuthenticate({ scheme: 'Bearer', params: { error: 'BadJwtSignature' } })
32
- * // => `Bearer error="BadJwtSignature"`
33
- * ```
34
33
  */
35
34
  export declare const formatWWWAuthenticate: (challenges: WWWAuthenticateChallenge | WWWAuthenticateChallenge[]) => string;
36
35
  export interface XRPCErrorOptions {
@@ -54,9 +53,9 @@ export declare class InvalidRequestError extends XRPCError {
54
53
  }
55
54
  export interface AuthRequiredErrorOptions extends Partial<XRPCErrorOptions> {
56
55
  /**
57
- * WWW-Authenticate challenge(s) to attach to the response. the formatted
58
- * header is set on `headers` automatically, and `access-control-expose-headers`
59
- * is appended so browsers can read it from CORS responses.
56
+ * WWW-Authenticate challenge(s) to attach to the response. the formatted header is set on `headers`
57
+ * automatically, and `access-control-expose-headers` is appended so browsers can read it from CORS
58
+ * responses.
60
59
  */
61
60
  wwwAuthenticate?: WWWAuthenticateChallenge | WWWAuthenticateChallenge[];
62
61
  }
@@ -91,4 +90,3 @@ export declare class XRPCSubscriptionError extends Error {
91
90
  readonly error: string;
92
91
  constructor({ closeCode, error, message }: XRPCSubscriptionErrorOptions);
93
92
  }
94
- //# sourceMappingURL=xrpc-error.d.ts.map