@bleedingdev/modern-js-bff-core 3.2.0-ultramodern.12 → 3.2.0-ultramodern.121

package/dist/esm/rslib-runtime.mjs

@@ -0,0 +1,18 @@
+var __webpack_modules__ = {};
+var __webpack_module_cache__ = {};
+function __webpack_require__(moduleId) {
+    var cachedModule = __webpack_module_cache__[moduleId];
+    if (void 0 !== cachedModule) return cachedModule.exports;
+    var module = __webpack_module_cache__[moduleId] = {
+        exports: {}
+    };
+    __webpack_modules__[moduleId](module, module.exports, __webpack_require__);
+    return module.exports;
+}
+__webpack_require__.m = __webpack_modules__;
+(()=>{
+    __webpack_require__.add = function(modules) {
+        Object.assign(__webpack_require__.m, modules);
+    };
+})();
+export { __webpack_require__ };

package/dist/esm/security/crossProjectPolicy.mjs

@@ -49,10 +49,18 @@ const evaluateCrossProjectPolicy = (headers, policy)=>{
     }
     const requestId = String(envelope.requestId || '').trim();
     if (!requestId) return createViolation('missing_request_id', 'Cross-project envelope does not include a valid requestId', status);
+    const claimedNamespace = extractNamespace(requestId);
+    let effectiveNamespace = claimedNamespace;
+    if ('function' == typeof policy.verifyProducerIdentity) {
+        const verifiedNamespaceRaw = policy.verifyProducerIdentity(headers);
+        const verifiedNamespace = 'string' == typeof verifiedNamespaceRaw ? verifiedNamespaceRaw.trim().toLowerCase() : void 0;
+        if (!verifiedNamespace) return createViolation('producer_identity_mismatch', 'Producer identity could not be verified for this request', status);
+        if (verifiedNamespace !== claimedNamespace) return createViolation('producer_identity_mismatch', `Envelope namespace "${claimedNamespace || 'unknown'}" does not match verified producer identity "${verifiedNamespace}"`, status);
+        effectiveNamespace = verifiedNamespace;
+    }
     const namespaces = (policy.allowedNamespaces || []).map((item)=>item.trim().toLowerCase()).filter(Boolean);
     if (namespaces.length > 0) {
-        const namespace = extractNamespace(requestId);
-        if (!namespace || !namespaces.includes(namespace)) return createViolation('namespace_not_allowed', `Producer namespace "${namespace || 'unknown'}" is not allowed`, status);
+        if (!effectiveNamespace || !namespaces.includes(effectiveNamespace)) return createViolation('namespace_not_allowed', `Producer namespace "${effectiveNamespace || 'unknown'}" is not allowed`, status);
     }
     if (requireOperationContext) {
         const operationContext = readHeader(headers, operationContextHeader);

package/dist/esm/security/operationContracts.mjs

@@ -1,5 +1,84 @@
 import { createHash } from "crypto";
+import "reflect-metadata";
+import { HttpMetadata } from "../types.mjs";
+import { __webpack_require__ } from "../rslib-runtime.mjs";
+import * as __rspack_external_zod from "zod";
+__webpack_require__.add({
+    zod (module) {
+        module.exports = __rspack_external_zod;
+    }
+});
 const DEFAULT_OPERATION_VERSION = 1;
+const deriveOperationVersion = (packageVersion)=>{
+    if ('string' != typeof packageVersion) return DEFAULT_OPERATION_VERSION;
+    const match = packageVersion.trim().match(/^v?(\d+)\./);
+    if (!match) return DEFAULT_OPERATION_VERSION;
+    const major = Number.parseInt(match[1], 10);
+    return Number.isInteger(major) && major >= 0 ? major : DEFAULT_OPERATION_VERSION;
+};
+const stableStringify = (value)=>{
+    if (Array.isArray(value)) return `[${value.map((item)=>stableStringify(item)).join(',')}]`;
+    if (value && 'object' == typeof value) {
+        const entries = Object.entries(value).filter(([, entryValue])=>void 0 !== entryValue).sort(([a], [b])=>a.localeCompare(b)).map(([key, entryValue])=>`${JSON.stringify(key)}:${stableStringify(entryValue)}`);
+        return `{${entries.join(',')}}`;
+    }
+    return JSON.stringify(value) ?? 'null';
+};
+const sha256 = (text)=>createHash('sha256').update(text).digest('hex');
+let cachedZodToJSONSchema;
+const resolveZodToJSONSchema = ()=>{
+    if (void 0 !== cachedZodToJSONSchema) return cachedZodToJSONSchema;
+    try {
+        const zod = __webpack_require__("zod");
+        const candidate = zod?.toJSONSchema ?? zod?.z?.toJSONSchema;
+        cachedZodToJSONSchema = 'function' == typeof candidate ? candidate : null;
+    } catch  {
+        cachedZodToJSONSchema = null;
+    }
+    return cachedZodToJSONSchema;
+};
+const INPUT_SCHEMA_METADATA_KEYS = [
+    HttpMetadata.Data,
+    HttpMetadata.Query,
+    HttpMetadata.Params,
+    HttpMetadata.Headers,
+    HttpMetadata.Files
+];
+const serializeSchema = (schema)=>{
+    const toJSONSchema = resolveZodToJSONSchema();
+    if (toJSONSchema) try {
+        return toJSONSchema(schema, {
+            io: 'input',
+            unrepresentable: 'any'
+        });
+    } catch  {}
+    return {
+        __unserializableSchema: true
+    };
+};
+const serializeOperationSchemas = (handler)=>{
+    if ('function' != typeof handler) return;
+    const serialized = {};
+    for (const metadataKey of INPUT_SCHEMA_METADATA_KEYS){
+        let schema;
+        try {
+            schema = Reflect.getMetadata(metadataKey, handler);
+        } catch  {
+            schema = void 0;
+        }
+        if (null != schema) serialized[metadataKey] = serializeSchema(schema);
+    }
+    return Object.keys(serialized).length > 0 ? serialized : void 0;
+};
+const createOperationContractHash = (operation, requestId)=>sha256(stableStringify({
+        httpMethod: String(operation.httpMethod || '').toUpperCase(),
+        name: operation.name,
+        requestId,
+        routePath: operation.routePath,
+        ...operation.schemas ? {
+            schemas: operation.schemas
+        } : {}
+    }));
 const createOperationEntries = (handlers)=>handlers.map((item)=>({
             name: item.name,
             httpMethod: String(item.httpMethod || '').toUpperCase(),
@@ -9,49 +88,44 @@ const createOperationEntries = (handlers)=>handlers.map((item)=>({
         const keyB = `${b.routePath}:${b.httpMethod}:${b.name}`;
         return keyA.localeCompare(keyB);
     });
-const createOperationSchemaHash = (operationEntries, requestId)=>createHash('sha256').update(JSON.stringify({
-        operations: operationEntries.map((item)=>({
-                name: item.name,
-                httpMethod: item.httpMethod,
-                routePath: item.routePath
-            })),
+const createOperationSchemaHash = (operationEntries, requestId)=>sha256(stableStringify({
+        operations: [
+            ...operationEntries
+        ].map((item)=>({
+                hash: item.schemaHash ?? createOperationContractHash({
+                    name: item.name,
+                    httpMethod: item.httpMethod,
+                    routePath: item.routePath
+                }, requestId)
+            })).sort((a, b)=>a.hash.localeCompare(b.hash)),
         requestId
-    })).digest('hex');
-const buildOperationContractMap = ({ handlers, requestId })=>{
+    }));
+const buildOperationContractMap = ({ handlers, requestId, operationVersion })=>{
     const normalizedRequestId = 'string' == typeof requestId && requestId.trim().length > 0 ? requestId.trim() : 'default';
-    const byModule = new Map();
+    const normalizedOperationVersion = 'number' == typeof operationVersion && Number.isInteger(operationVersion) ? operationVersion : DEFAULT_OPERATION_VERSION;
+    const contracts = {};
     handlers.forEach((item)=>{
-        const moduleId = 'string' == typeof item.filename && item.filename.length > 0 ? item.filename : '__anonymous__';
-        const group = byModule.get(moduleId) || [];
-        group.push({
+        const httpMethod = String(item.httpMethod || '').toUpperCase();
+        const schemaHash = createOperationContractHash({
             name: item.name,
-            httpMethod: item.httpMethod.toUpperCase(),
+            httpMethod,
+            routePath: item.routePath,
+            schemas: serializeOperationSchemas(item.handler)
+        }, normalizedRequestId);
+        const operationId = `${normalizedRequestId}:${item.name}`;
+        const contract = {
+            requestId: normalizedRequestId,
+            operationVersion: normalizedOperationVersion,
+            schemaHash,
+            method: httpMethod,
             routePath: item.routePath,
+            operationId,
+            handlerName: item.name,
             filename: item.filename
-        });
-        byModule.set(moduleId, group);
-    });
-    const contracts = {};
-    byModule.forEach((moduleEntries)=>{
-        const entries = createOperationEntries(moduleEntries);
-        const schemaHash = createOperationSchemaHash(entries, normalizedRequestId);
-        const filename = moduleEntries[0]?.filename;
-        entries.forEach((entry)=>{
-            const operationId = `${normalizedRequestId}:${entry.name}`;
-            const contract = {
-                requestId: normalizedRequestId,
-                operationVersion: DEFAULT_OPERATION_VERSION,
-                schemaHash,
-                method: entry.httpMethod,
-                routePath: entry.routePath,
-                operationId,
-                handlerName: entry.name,
-                filename
-            };
-            contracts[`${entry.httpMethod}:${entry.routePath}`] = contract;
-            contracts[`operation:${operationId}`] = contract;
-        });
+        };
+        contracts[`${httpMethod}:${item.routePath}`] = contract;
+        contracts[`operation:${operationId}`] = contract;
     });
     return contracts;
 };
-export { DEFAULT_OPERATION_VERSION, buildOperationContractMap, createOperationEntries, createOperationSchemaHash };
+export { DEFAULT_OPERATION_VERSION, buildOperationContractMap, createOperationContractHash, createOperationEntries, createOperationSchemaHash, deriveOperationVersion, serializeOperationSchemas };

package/dist/esm/security/resolveCrossProjectPolicy.mjs

@@ -0,0 +1,27 @@
+import { buildOperationContractMap } from "./operationContracts.mjs";
+const resolveCrossProjectPolicy = (input)=>{
+    const { crossProjectPolicy, handlers, requestId, isCrossProjectServer, operationVersion } = input;
+    if (!crossProjectPolicy && !isCrossProjectServer) return;
+    const policy = crossProjectPolicy ?? {};
+    const effectiveRequestId = 'string' == typeof requestId && requestId.trim().length > 0 ? requestId : 'default';
+    const generatedContracts = buildOperationContractMap({
+        handlers,
+        requestId: effectiveRequestId,
+        operationVersion
+    });
+    return {
+        ...policy,
+        enabled: policy.enabled ?? Boolean(isCrossProjectServer),
+        requireEnvelope: policy.requireEnvelope ?? true,
+        requireOperationContext: policy.requireOperationContext ?? true,
+        requireOperationContextDetails: policy.requireOperationContextDetails ?? true,
+        requireOperationSchemaHash: policy.requireOperationSchemaHash ?? true,
+        requireOperationVersion: policy.requireOperationVersion ?? true,
+        allowUnknownOperations: policy.allowUnknownOperations ?? false,
+        expectedOperationContracts: {
+            ...policy.expectedOperationContracts ?? {},
+            ...generatedContracts
+        }
+    };
+};
+export { resolveCrossProjectPolicy };

package/dist/esm-node/adapter-kit/index.mjs

@@ -0,0 +1,76 @@
+import "node:module";
+import "reflect-metadata";
+import { evaluateCrossProjectPolicy } from "../security/crossProjectPolicy.mjs";
+import { HttpMetadata, HttpMethod } from "../types.mjs";
+import { isInputParamsDeciderHandler, isWithMetaHandler } from "../utils/index.mjs";
+const API_ROUTE_METHODS = {
+    [HttpMethod.Get]: 'get',
+    [HttpMethod.Post]: 'post',
+    [HttpMethod.Put]: 'put',
+    [HttpMethod.Delete]: 'delete',
+    [HttpMethod.Connect]: 'connect',
+    [HttpMethod.Trace]: 'trace',
+    [HttpMethod.Patch]: 'patch',
+    [HttpMethod.Options]: 'options',
+    [HttpMethod.Head]: 'head'
+};
+const toApiRouteMethod = (httpMethod)=>{
+    const method = API_ROUTE_METHODS[httpMethod];
+    if (!method) throw new Error(`[bff-core] Unsupported HTTP method "${String(httpMethod)}" in API handler info`);
+    return method;
+};
+const getRouteMiddlewares = (handler)=>{
+    const middlewares = Reflect.getMetadata('middleware', handler);
+    return Array.isArray(middlewares) ? middlewares : [];
+};
+const planApiRoutes = (handlerInfos)=>handlerInfos.map(({ routePath, handler, httpMethod })=>({
+            method: toApiRouteMethod(httpMethod),
+            routePath,
+            handler,
+            middlewares: getRouteMiddlewares(handler)
+        }));
+const HANDLER_WITH_SCHEMA = 'HANDLER_WITH_SCHEMA';
+const isSchemaApiHandler = (handler)=>{
+    if ('function' != typeof handler) return false;
+    const marked = handler;
+    return true === marked[HANDLER_WITH_SCHEMA];
+};
+const getApiHandlerMode = (handler)=>{
+    if (isWithMetaHandler(handler)) return 'meta';
+    if (isSchemaApiHandler(handler)) return 'schema';
+    if (isInputParamsDeciderHandler(handler)) return 'inputParamsDecider';
+    return 'plain';
+};
+const mapSchemaHandlerResult = (result)=>{
+    if ('HandleSuccess' === result.type) return {
+        success: true,
+        status: 200,
+        body: result.value
+    };
+    return {
+        success: false,
+        status: 'InputValidationError' === result.type ? 400 : 500,
+        body: result.message
+    };
+};
+const getResponseMetaList = (handler)=>{
+    const responseMeta = Reflect.getMetadata(HttpMetadata.Response, handler);
+    return Array.isArray(responseMeta) ? responseMeta : [];
+};
+const buildPositionalHandlerArgs = (input)=>[
+        ...Object.values(input.params),
+        input
+    ];
+const checkCrossProjectPolicy = (headers, policy)=>{
+    const violation = evaluateCrossProjectPolicy(headers, policy);
+    if (!violation) return null;
+    return {
+        status: violation.status,
+        body: {
+            code: violation.code,
+            reason: violation.reason,
+            message: violation.message
+        }
+    };
+};
+export { HANDLER_WITH_SCHEMA, buildPositionalHandlerArgs, checkCrossProjectPolicy, getApiHandlerMode, getResponseMetaList, getRouteMiddlewares, isSchemaApiHandler, mapSchemaHandlerResult, planApiRoutes, toApiRouteMethod };