@c15t/backend 1.2.0-canary.13 → 1.2.0-canary.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.turbo/turbo-build.log +20 -22
- package/.turbo/turbo-fmt.log +4 -4
- package/.turbo/turbo-test.log +531 -0
- package/coverage/coverage-final.json +84 -0
- package/coverage/coverage-summary.json +85 -0
- package/coverage/html/backend/index.html +116 -0
- package/coverage/html/backend/rslib.config.ts.html +415 -0
- package/coverage/html/backend/src/contracts/consent/index.html +161 -0
- package/coverage/html/backend/src/contracts/consent/index.ts.html +112 -0
- package/coverage/html/backend/src/contracts/consent/post.contract.ts.html +559 -0
- package/coverage/html/backend/src/contracts/consent/show-banner.contract.ts.html +220 -0
- package/coverage/html/backend/src/contracts/consent/verify.contract.ts.html +463 -0
- package/coverage/html/backend/src/contracts/index.html +116 -0
- package/coverage/html/backend/src/contracts/index.ts.html +139 -0
- package/coverage/html/backend/src/contracts/meta/index.html +131 -0
- package/coverage/html/backend/src/contracts/meta/index.ts.html +100 -0
- package/coverage/html/backend/src/contracts/meta/status.contract.ts.html +196 -0
- package/coverage/html/backend/src/contracts/shared/index.html +116 -0
- package/coverage/html/backend/src/contracts/shared/jurisdiction.schema.ts.html +175 -0
- package/coverage/html/backend/src/core.ts.html +1624 -0
- package/coverage/html/backend/src/handlers/consent/index.html +161 -0
- package/coverage/html/backend/src/handlers/consent/index.ts.html +112 -0
- package/coverage/html/backend/src/handlers/consent/post.handler.ts.html +889 -0
- package/coverage/html/backend/src/handlers/consent/show-banner.handler.ts.html +535 -0
- package/coverage/html/backend/src/handlers/consent/verify.handler.ts.html +1000 -0
- package/coverage/html/backend/src/handlers/meta/index.html +131 -0
- package/coverage/html/backend/src/handlers/meta/index.ts.html +100 -0
- package/coverage/html/backend/src/handlers/meta/status.handler.ts.html +226 -0
- package/coverage/html/backend/src/index.html +161 -0
- package/coverage/html/backend/src/init.ts.html +1018 -0
- package/coverage/html/backend/src/pkgs/api-router/hooks/index.html +116 -0
- package/coverage/html/backend/src/pkgs/api-router/hooks/processor.ts.html +544 -0
- package/coverage/html/backend/src/pkgs/api-router/index.html +116 -0
- package/coverage/html/backend/src/pkgs/api-router/telemetry.ts.html +334 -0
- package/coverage/html/backend/src/pkgs/api-router/utils/cors.ts.html +304 -0
- package/coverage/html/backend/src/pkgs/api-router/utils/index.html +131 -0
- package/coverage/html/backend/src/pkgs/api-router/utils/ip.ts.html +361 -0
- package/coverage/html/backend/src/pkgs/data-model/fields/field-factory.ts.html +709 -0
- package/coverage/html/backend/src/pkgs/data-model/fields/id-generator.ts.html +256 -0
- package/coverage/html/backend/src/pkgs/data-model/fields/index.html +161 -0
- package/coverage/html/backend/src/pkgs/data-model/fields/superjson-utils.ts.html +136 -0
- package/coverage/html/backend/src/pkgs/data-model/fields/zod-fields.ts.html +496 -0
- package/coverage/html/backend/src/pkgs/data-model/hooks/create-hooks.ts.html +349 -0
- package/coverage/html/backend/src/pkgs/data-model/hooks/index.html +176 -0
- package/coverage/html/backend/src/pkgs/data-model/hooks/update-hooks.ts.html +358 -0
- package/coverage/html/backend/src/pkgs/data-model/hooks/update-many-hooks.ts.html +613 -0
- package/coverage/html/backend/src/pkgs/data-model/hooks/utils.ts.html +538 -0
- package/coverage/html/backend/src/pkgs/data-model/hooks/with-hooks-factory.ts.html +289 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapter-factory.ts.html +289 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapters/drizzle-adapter/drizzle-adapter.ts.html +2203 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapters/drizzle-adapter/index.html +116 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapters/index.html +116 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapters/kysely-adapter/dialect.ts.html +670 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapters/kysely-adapter/index.html +131 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapters/kysely-adapter/kysely-adapter.ts.html +3634 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapters/kysely-adapter/tests/index.html +116 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapters/kysely-adapter/tests/test-utils.ts.html +1417 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapters/memory-adapter/index.html +116 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapters/memory-adapter/memory-adapter.ts.html +2071 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapters/prisma-adapter/index.html +116 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapters/prisma-adapter/prisma-adapter.ts.html +1834 -0
- package/coverage/html/backend/src/pkgs/db-adapters/adapters/test.ts.html +316 -0
- package/coverage/html/backend/src/pkgs/db-adapters/index.html +131 -0
- package/coverage/html/backend/src/pkgs/db-adapters/utils.ts.html +238 -0
- package/coverage/html/backend/src/pkgs/migrations/get-migration.ts.html +343 -0
- package/coverage/html/backend/src/pkgs/migrations/get-schema/get-schema.ts.html +217 -0
- package/coverage/html/backend/src/pkgs/migrations/get-schema/index.html +146 -0
- package/coverage/html/backend/src/pkgs/migrations/get-schema/process-fields.ts.html +280 -0
- package/coverage/html/backend/src/pkgs/migrations/get-schema/process-tables.ts.html +289 -0
- package/coverage/html/backend/src/pkgs/migrations/index.html +176 -0
- package/coverage/html/backend/src/pkgs/migrations/migration-builders.ts.html +595 -0
- package/coverage/html/backend/src/pkgs/migrations/migration-execution.ts.html +301 -0
- package/coverage/html/backend/src/pkgs/migrations/schema-comparison.ts.html +694 -0
- package/coverage/html/backend/src/pkgs/migrations/type-mapping.ts.html +817 -0
- package/coverage/html/backend/src/pkgs/results/core/error-class.ts.html +976 -0
- package/coverage/html/backend/src/pkgs/results/core/error-codes.ts.html +703 -0
- package/coverage/html/backend/src/pkgs/results/core/index.html +146 -0
- package/coverage/html/backend/src/pkgs/results/core/tracing.ts.html +280 -0
- package/coverage/html/backend/src/pkgs/results/create-telemetry-options.ts.html +271 -0
- package/coverage/html/backend/src/pkgs/results/index.html +131 -0
- package/coverage/html/backend/src/pkgs/results/orpc-error-handler.ts.html +496 -0
- package/coverage/html/backend/src/pkgs/results/results/index.html +131 -0
- package/coverage/html/backend/src/pkgs/results/results/recovery-utils.ts.html +628 -0
- package/coverage/html/backend/src/pkgs/results/results/result-helpers.ts.html +1234 -0
- package/coverage/html/backend/src/pkgs/utils/env.ts.html +337 -0
- package/coverage/html/backend/src/pkgs/utils/index.html +146 -0
- package/coverage/html/backend/src/pkgs/utils/logger.ts.html +199 -0
- package/coverage/html/backend/src/pkgs/utils/url.ts.html +400 -0
- package/coverage/html/backend/src/router.ts.html +109 -0
- package/coverage/html/backend/src/schema/audit-log/index.html +146 -0
- package/coverage/html/backend/src/schema/audit-log/registry.ts.html +436 -0
- package/coverage/html/backend/src/schema/audit-log/schema.ts.html +223 -0
- package/coverage/html/backend/src/schema/audit-log/table.ts.html +640 -0
- package/coverage/html/backend/src/schema/consent/index.html +146 -0
- package/coverage/html/backend/src/schema/consent/registry.ts.html +616 -0
- package/coverage/html/backend/src/schema/consent/schema.ts.html +238 -0
- package/coverage/html/backend/src/schema/consent/table.ts.html +748 -0
- package/coverage/html/backend/src/schema/consent-policy/index.html +146 -0
- package/coverage/html/backend/src/schema/consent-policy/registry.ts.html +1063 -0
- package/coverage/html/backend/src/schema/consent-policy/schema.ts.html +265 -0
- package/coverage/html/backend/src/schema/consent-policy/table.ts.html +535 -0
- package/coverage/html/backend/src/schema/consent-purpose/index.html +146 -0
- package/coverage/html/backend/src/schema/consent-purpose/registry.ts.html +589 -0
- package/coverage/html/backend/src/schema/consent-purpose/schema.ts.html +259 -0
- package/coverage/html/backend/src/schema/consent-purpose/table.ts.html +547 -0
- package/coverage/html/backend/src/schema/consent-record/index.html +131 -0
- package/coverage/html/backend/src/schema/consent-record/schema.ts.html +211 -0
- package/coverage/html/backend/src/schema/consent-record/table.ts.html +457 -0
- package/coverage/html/backend/src/schema/create-registry.ts.html +148 -0
- package/coverage/html/backend/src/schema/definition.ts.html +685 -0
- package/coverage/html/backend/src/schema/domain/index.html +146 -0
- package/coverage/html/backend/src/schema/domain/registry.ts.html +973 -0
- package/coverage/html/backend/src/schema/domain/schema.ts.html +214 -0
- package/coverage/html/backend/src/schema/domain/table.ts.html +496 -0
- package/coverage/html/backend/src/schema/index.html +146 -0
- package/coverage/html/backend/src/schema/schemas.ts.html +166 -0
- package/coverage/html/backend/src/schema/subject/index.html +146 -0
- package/coverage/html/backend/src/schema/subject/registry.ts.html +973 -0
- package/coverage/html/backend/src/schema/subject/schema.ts.html +208 -0
- package/coverage/html/backend/src/schema/subject/table.ts.html +499 -0
- package/coverage/html/backend/src/server.ts.html +475 -0
- package/coverage/html/backend/src/testing/contract-testing.ts.html +1348 -0
- package/coverage/html/backend/src/testing/index.html +116 -0
- package/coverage/html/base.css +224 -0
- package/coverage/html/block-navigation.js +87 -0
- package/coverage/html/favicon.png +0 -0
- package/coverage/html/index.html +626 -0
- package/coverage/html/prettify.css +1 -0
- package/coverage/html/prettify.js +2 -0
- package/coverage/html/sort-arrow-sprite.png +0 -0
- package/coverage/html/sorter.js +196 -0
- package/dist/contracts/consent/index.d.ts +2 -2
- package/dist/contracts/consent/post.contract.d.ts +2 -2
- package/dist/contracts/consent/post.contract.d.ts.map +1 -1
- package/dist/contracts/index.d.ts +5 -5
- package/dist/contracts/index.d.ts.map +1 -1
- package/dist/core.cjs +244 -388
- package/dist/core.d.ts +5 -3
- package/dist/core.d.ts.map +1 -1
- package/dist/core.js +244 -388
- package/dist/handlers/consent/index.d.ts +2 -2
- package/dist/handlers/consent/post.handler.d.ts +2 -2
- package/dist/handlers/consent/show-banner.handler.d.ts.map +1 -1
- package/dist/pkgs/api-router/utils/core.test.d.ts +2 -0
- package/dist/pkgs/api-router/utils/core.test.d.ts.map +1 -0
- package/dist/pkgs/api-router/utils/cors.d.ts +14 -0
- package/dist/pkgs/api-router/utils/cors.d.ts.map +1 -0
- package/dist/pkgs/data-model/fields/zod-fields.d.ts +32 -32
- package/dist/pkgs/data-model/index.cjs +39 -59
- package/dist/pkgs/data-model/index.js +39 -59
- package/dist/pkgs/data-model/schema/index.cjs +39 -59
- package/dist/pkgs/data-model/schema/index.js +39 -59
- package/dist/pkgs/db-adapters/adapters/drizzle-adapter/index.cjs +1 -0
- package/dist/pkgs/db-adapters/adapters/drizzle-adapter/index.js +1 -0
- package/dist/pkgs/db-adapters/adapters/kysely-adapter/index.cjs +1 -0
- package/dist/pkgs/db-adapters/adapters/kysely-adapter/index.js +1 -0
- package/dist/pkgs/db-adapters/adapters/memory-adapter/index.cjs +1 -0
- package/dist/pkgs/db-adapters/adapters/memory-adapter/index.js +1 -0
- package/dist/pkgs/db-adapters/adapters/prisma-adapter/index.cjs +1 -0
- package/dist/pkgs/db-adapters/adapters/prisma-adapter/index.js +1 -0
- package/dist/pkgs/db-adapters/index.cjs +1 -0
- package/dist/pkgs/db-adapters/index.js +1 -0
- package/dist/pkgs/migrations/index.cjs +1 -0
- package/dist/pkgs/migrations/index.js +1 -0
- package/dist/router.cjs +5 -3
- package/dist/router.d.ts +2 -2
- package/dist/router.js +5 -3
- package/dist/schema/consent-policy/registry.d.ts +4 -4
- package/dist/schema/consent-policy/registry.d.ts.map +1 -1
- package/dist/schema/consent-policy/schema.d.ts +2 -2
- package/dist/schema/consent-policy/table.d.ts +2 -2
- package/dist/schema/consent-purpose/registry.d.ts +2 -2
- package/dist/schema/consent-purpose/schema.d.ts +2 -2
- package/dist/schema/consent-purpose/table.d.ts +2 -2
- package/dist/schema/create-registry.d.ts +6 -6
- package/dist/schema/create-registry.d.ts.map +1 -1
- package/dist/schema/definition.d.ts +4 -4
- package/dist/schema/index.cjs +39 -59
- package/dist/schema/index.js +39 -59
- package/dist/schema/schemas.d.ts +4 -4
- package/package.json +2 -8
- package/rslib.config.ts +0 -1
- package/src/contracts/consent/post.contract.ts +6 -1
- package/src/contracts/index.ts +0 -2
- package/src/core.ts +195 -96
- package/src/handlers/consent/show-banner.handler.test.ts +1 -1
- package/src/handlers/consent/show-banner.handler.ts +2 -1
- package/src/{middleware/cors/is-origin-trusted.test.ts → pkgs/api-router/utils/core.test.ts} +1 -1
- package/src/pkgs/api-router/utils/cors.ts +73 -0
- package/src/schema/consent-policy/registry.ts +50 -76
- package/src/server.ts +5 -1
- package/dist/__tests__/server.test.d.ts +0 -2
- package/dist/__tests__/server.test.d.ts.map +0 -1
- package/dist/contracts.cjs +0 -708
- package/dist/contracts.js +0 -661
- package/dist/middleware/cors/cors.d.ts +0 -37
- package/dist/middleware/cors/cors.d.ts.map +0 -1
- package/dist/middleware/cors/cors.test.d.ts +0 -2
- package/dist/middleware/cors/cors.test.d.ts.map +0 -1
- package/dist/middleware/cors/index.d.ts +0 -30
- package/dist/middleware/cors/index.d.ts.map +0 -1
- package/dist/middleware/cors/is-origin-trusted.d.ts +0 -49
- package/dist/middleware/cors/is-origin-trusted.d.ts.map +0 -1
- package/dist/middleware/cors/is-origin-trusted.test.d.ts +0 -2
- package/dist/middleware/cors/is-origin-trusted.test.d.ts.map +0 -1
- package/dist/middleware/cors/process-cors.d.ts +0 -31
- package/dist/middleware/cors/process-cors.d.ts.map +0 -1
- package/dist/middleware/openapi/config.d.ts +0 -28
- package/dist/middleware/openapi/config.d.ts.map +0 -1
- package/dist/middleware/openapi/handlers.d.ts +0 -29
- package/dist/middleware/openapi/handlers.d.ts.map +0 -1
- package/dist/middleware/openapi/index.d.ts +0 -11
- package/dist/middleware/openapi/index.d.ts.map +0 -1
- package/src/__tests__/server.test.ts +0 -96
- package/src/middleware/cors/cors.test.ts +0 -419
- package/src/middleware/cors/cors.ts +0 -192
- package/src/middleware/cors/index.ts +0 -30
- package/src/middleware/cors/is-origin-trusted.ts +0 -126
- package/src/middleware/cors/process-cors.ts +0 -91
- package/src/middleware/openapi/config.ts +0 -28
- package/src/middleware/openapi/handlers.ts +0 -132
- package/src/middleware/openapi/index.ts +0 -11
|
@@ -1,37 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* CORS middleware utility for c15t that handles origin validation and CORS headers
|
|
3
|
-
*
|
|
4
|
-
* @packageDocumentation
|
|
5
|
-
*/
|
|
6
|
-
/**
|
|
7
|
-
* CORS configuration options type
|
|
8
|
-
*/
|
|
9
|
-
export interface CORSConfig {
|
|
10
|
-
/** Origin validation function */
|
|
11
|
-
origin: (origin: string) => Promise<string | null>;
|
|
12
|
-
/** Whether to allow credentials */
|
|
13
|
-
credentials: boolean;
|
|
14
|
-
/** Allowed headers */
|
|
15
|
-
allowHeaders: readonly string[];
|
|
16
|
-
/** Max age for preflight requests */
|
|
17
|
-
maxAge: number;
|
|
18
|
-
/** Allowed HTTP methods */
|
|
19
|
-
methods: readonly string[];
|
|
20
|
-
}
|
|
21
|
-
/**
|
|
22
|
-
* Creates CORS options configuration for the c15t middleware
|
|
23
|
-
*
|
|
24
|
-
* @param trustedOrigins - Array of allowed origin patterns or single string. Can include wildcards ('*').
|
|
25
|
-
* If undefined, defaults to allowing all origins without credentials.
|
|
26
|
-
*
|
|
27
|
-
* @returns CORS configuration object with origin validation function and header settings
|
|
28
|
-
*
|
|
29
|
-
* @example
|
|
30
|
-
* ```ts
|
|
31
|
-
* const corsOptions = createCORSOptions(['http://localhost:3000', 'https://example.com']);
|
|
32
|
-
* ```
|
|
33
|
-
*
|
|
34
|
-
* @throws {TypeError} When URL parsing fails in origin validation
|
|
35
|
-
*/
|
|
36
|
-
export declare function createCORSOptions(trustedOrigins?: string[] | string): CORSConfig;
|
|
37
|
-
//# sourceMappingURL=cors.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"cors.d.ts","sourceRoot":"","sources":["../../../src/middleware/cors/cors.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AA6BH;;GAEG;AACH,MAAM,WAAW,UAAU;IAC1B,iCAAiC;IACjC,MAAM,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACnD,mCAAmC;IACnC,WAAW,EAAE,OAAO,CAAC;IACrB,sBAAsB;IACtB,YAAY,EAAE,SAAS,MAAM,EAAE,CAAC;IAChC,qCAAqC;IACrC,MAAM,EAAE,MAAM,CAAC;IACf,2BAA2B;IAC3B,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;CAC3B;AAgBD;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,iBAAiB,CAChC,cAAc,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,GAChC,UAAU,CA+GZ"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"cors.test.d.ts","sourceRoot":"","sources":["../../../src/middleware/cors/cors.test.ts"],"names":[],"mappings":""}
|
|
@@ -1,30 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* CORS middleware for c15t
|
|
3
|
-
*
|
|
4
|
-
* This module provides comprehensive CORS (Cross-Origin Resource Sharing) functionality including:
|
|
5
|
-
* - Origin validation with support for wildcards and subdomains
|
|
6
|
-
* - Flexible CORS options configuration
|
|
7
|
-
* - Context processing and enrichment
|
|
8
|
-
* - Protocol-agnostic matching
|
|
9
|
-
* - Support for www and non-www variants
|
|
10
|
-
*
|
|
11
|
-
* @example
|
|
12
|
-
* ```ts
|
|
13
|
-
* import { createCORSOptions, isOriginTrusted, processCors } from '@c15t/backend/middleware/cors';
|
|
14
|
-
*
|
|
15
|
-
* // Create CORS options with trusted origins
|
|
16
|
-
* const corsOptions = createCORSOptions(['https://example.com', '*.trusted-domain.com']);
|
|
17
|
-
*
|
|
18
|
-
* // Process CORS for a request
|
|
19
|
-
* const enrichedContext = processCors(request, context, trustedOrigins);
|
|
20
|
-
*
|
|
21
|
-
* // Validate an origin directly
|
|
22
|
-
* const isTrusted = isOriginTrusted('https://api.trusted-domain.com', trustedOrigins);
|
|
23
|
-
* ```
|
|
24
|
-
*
|
|
25
|
-
* @packageDocumentation
|
|
26
|
-
*/
|
|
27
|
-
export { createCORSOptions } from './cors';
|
|
28
|
-
export { isOriginTrusted } from './is-origin-trusted';
|
|
29
|
-
export { processCors } from './process-cors';
|
|
30
|
-
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/middleware/cors/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,EAAE,iBAAiB,EAAE,MAAM,QAAQ,CAAC;AAC3C,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC"}
|
|
@@ -1,49 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Origin validation utilities for CORS security
|
|
3
|
-
*
|
|
4
|
-
* @packageDocumentation
|
|
5
|
-
*/
|
|
6
|
-
import type { Logger } from '@doubletie/logger';
|
|
7
|
-
/**
|
|
8
|
-
* Regular expression to strip protocol, trailing slashes, and port numbers from URLs
|
|
9
|
-
* Matches:
|
|
10
|
-
* - http:// or https:// protocol
|
|
11
|
-
* - ws:// or wss:// protocol
|
|
12
|
-
* - trailing slashes
|
|
13
|
-
* - port numbers with colon
|
|
14
|
-
*
|
|
15
|
-
* @internal
|
|
16
|
-
*/
|
|
17
|
-
export declare const STRIP_REGEX: RegExp;
|
|
18
|
-
/**
|
|
19
|
-
* Validates if a given origin matches any of the trusted domain patterns
|
|
20
|
-
*
|
|
21
|
-
* Supports:
|
|
22
|
-
* - Exact domain matches
|
|
23
|
-
* - Wildcard subdomains (e.g. *.example.com)
|
|
24
|
-
* - Protocol-agnostic matching
|
|
25
|
-
* - Case-insensitive comparison
|
|
26
|
-
*
|
|
27
|
-
* @param origin - The origin URL to validate (e.g. https://example.com)
|
|
28
|
-
* @param trustedDomains - Array of trusted domain patterns. Can include wildcards (e.g. *.example.com)
|
|
29
|
-
* @param logger - Optional logger for debugging validation process
|
|
30
|
-
*
|
|
31
|
-
* @returns `true` if the origin matches any trusted domain pattern, `false` otherwise
|
|
32
|
-
*
|
|
33
|
-
* @throws {Error} When trustedDomains array is empty
|
|
34
|
-
* @throws {TypeError} When origin URL is invalid
|
|
35
|
-
*
|
|
36
|
-
* @example
|
|
37
|
-
* ```ts
|
|
38
|
-
* // Simple domain matching
|
|
39
|
-
* isOriginTrusted('https://example.com', ['example.com']); // true
|
|
40
|
-
*
|
|
41
|
-
* // Wildcard subdomain matching
|
|
42
|
-
* isOriginTrusted('https://api.example.com', ['*.example.com']); // true
|
|
43
|
-
*
|
|
44
|
-
* // Allow all origins
|
|
45
|
-
* isOriginTrusted('https://any-domain.com', ['*']); // true
|
|
46
|
-
* ```
|
|
47
|
-
*/
|
|
48
|
-
export declare function isOriginTrusted(origin: string, trustedDomains: string[], logger?: Logger): boolean;
|
|
49
|
-
//# sourceMappingURL=is-origin-trusted.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"is-origin-trusted.d.ts","sourceRoot":"","sources":["../../../src/middleware/cors/is-origin-trusted.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAEhD;;;;;;;;;GASG;AACH,eAAO,MAAM,WAAW,QAA4C,CAAC;AA4BrE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,wBAAgB,eAAe,CAC9B,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,MAAM,EAAE,EACxB,MAAM,CAAC,EAAE,MAAM,GACb,OAAO,CA6CT"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"is-origin-trusted.test.d.ts","sourceRoot":"","sources":["../../../src/middleware/cors/is-origin-trusted.test.ts"],"names":[],"mappings":""}
|
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* CORS processing middleware for c15t
|
|
3
|
-
* Handles origin validation and context enrichment
|
|
4
|
-
*
|
|
5
|
-
* @packageDocumentation
|
|
6
|
-
*/
|
|
7
|
-
import type { C15TContext } from '../../types/context';
|
|
8
|
-
/**
|
|
9
|
-
* Processes CORS validation for an incoming request and enriches the context
|
|
10
|
-
* with origin information. This middleware function validates the origin against
|
|
11
|
-
* trusted patterns and updates the context with the validation results.
|
|
12
|
-
*
|
|
13
|
-
* @param request - The incoming HTTP request to process
|
|
14
|
-
* @param context - The c15t middleware context to enrich
|
|
15
|
-
* @param trustedOrigins - Array of trusted origin patterns. Can include wildcards ('*')
|
|
16
|
-
*
|
|
17
|
-
* @returns The enriched context with origin validation results
|
|
18
|
-
*
|
|
19
|
-
* @example
|
|
20
|
-
* ```ts
|
|
21
|
-
* const enrichedContext = processCors(
|
|
22
|
-
* request,
|
|
23
|
-
* context,
|
|
24
|
-
* ['https://example.com', '*.trusted-domain.com']
|
|
25
|
-
* );
|
|
26
|
-
* ```
|
|
27
|
-
*
|
|
28
|
-
* @see {@link isOriginTrusted} for origin validation details
|
|
29
|
-
*/
|
|
30
|
-
export declare const processCors: (request: Request, context: C15TContext, trustedOrigins?: string[]) => C15TContext;
|
|
31
|
-
//# sourceMappingURL=process-cors.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"process-cors.d.ts","sourceRoot":"","sources":["../../../src/middleware/cors/process-cors.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AA4CnD;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,eAAO,MAAM,WAAW,GACvB,SAAS,OAAO,EAChB,SAAS,WAAW,EACpB,iBAAiB,MAAM,EAAE,KACvB,WAaF,CAAC"}
|
|
@@ -1,28 +0,0 @@
|
|
|
1
|
-
import type { C15TOptions } from '../../types';
|
|
2
|
-
/**
|
|
3
|
-
* Default OpenAPI configuration
|
|
4
|
-
*/
|
|
5
|
-
export declare const createOpenAPIConfig: (options: C15TOptions) => {
|
|
6
|
-
enabled: boolean;
|
|
7
|
-
specPath: string;
|
|
8
|
-
docsPath: string;
|
|
9
|
-
options?: Partial<import("@orpc/openapi").OpenAPIGeneratorOptions>;
|
|
10
|
-
customUiTemplate?: string;
|
|
11
|
-
};
|
|
12
|
-
/**
|
|
13
|
-
* Default OpenAPI options
|
|
14
|
-
*/
|
|
15
|
-
export declare const createDefaultOpenAPIOptions: (options: C15TOptions) => {
|
|
16
|
-
info: {
|
|
17
|
-
title: string;
|
|
18
|
-
version: string;
|
|
19
|
-
description: string;
|
|
20
|
-
};
|
|
21
|
-
servers: {
|
|
22
|
-
url: {};
|
|
23
|
-
}[];
|
|
24
|
-
security: {
|
|
25
|
-
bearerAuth: never[];
|
|
26
|
-
}[];
|
|
27
|
-
};
|
|
28
|
-
//# sourceMappingURL=config.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../src/middleware/openapi/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAG3C;;GAEG;AACH,eAAO,MAAM,mBAAmB,GAAI,SAAS,WAAW;;;;;;CAQvD,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,2BAA2B,GAAI,SAAS,WAAW;;;;;;;;;;;;CAQ9D,CAAC"}
|
|
@@ -1,29 +0,0 @@
|
|
|
1
|
-
import type { C15TContext, C15TOptions } from '../../types';
|
|
2
|
-
/**
|
|
3
|
-
* Type for the memoized OpenAPI spec function
|
|
4
|
-
*/
|
|
5
|
-
type MemoizedSpecFunction = {
|
|
6
|
-
(): Promise<Record<string, unknown>>;
|
|
7
|
-
cached?: Record<string, unknown>;
|
|
8
|
-
};
|
|
9
|
-
/**
|
|
10
|
-
* Generate the OpenAPI specification document
|
|
11
|
-
*
|
|
12
|
-
* @param options - Configuration options for the OpenAPI spec generation
|
|
13
|
-
* @returns A memoized function that generates and caches the OpenAPI spec
|
|
14
|
-
*
|
|
15
|
-
* @throws {Error} When the OpenAPI generator fails to create a valid spec
|
|
16
|
-
*
|
|
17
|
-
* @example
|
|
18
|
-
* ```ts
|
|
19
|
-
* const getSpec = createOpenAPISpec(options);
|
|
20
|
-
* const spec = await getSpec();
|
|
21
|
-
* ```
|
|
22
|
-
*/
|
|
23
|
-
export declare const createOpenAPISpec: (context: C15TContext, options: C15TOptions) => MemoizedSpecFunction;
|
|
24
|
-
/**
|
|
25
|
-
* Generate the default UI for API documentation
|
|
26
|
-
*/
|
|
27
|
-
export declare const createDocsUI: (options: C15TOptions) => string;
|
|
28
|
-
export {};
|
|
29
|
-
//# sourceMappingURL=handlers.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"handlers.d.ts","sourceRoot":"","sources":["../../../src/middleware/openapi/handlers.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAGxD;;GAEG;AACH,KAAK,oBAAoB,GAAG;IAC3B,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IACrC,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC,CAAC;AA6BF;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,iBAAiB,GAC7B,SAAS,WAAW,EACpB,SAAS,WAAW,yBA0CpB,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,YAAY,GAAI,SAAS,WAAW,WA2BhD,CAAC"}
|
|
@@ -1,11 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* OpenAPI middleware for c15t
|
|
3
|
-
*
|
|
4
|
-
* This module provides OpenAPI functionality including:
|
|
5
|
-
* - Configuration management
|
|
6
|
-
* - Specification generation
|
|
7
|
-
* - Documentation UI
|
|
8
|
-
*/
|
|
9
|
-
export { createOpenAPIConfig, createDefaultOpenAPIOptions } from './config';
|
|
10
|
-
export { createOpenAPISpec, createDocsUI } from './handlers';
|
|
11
|
-
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/middleware/openapi/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,mBAAmB,EAAE,2BAA2B,EAAE,MAAM,UAAU,CAAC;AAC5E,OAAO,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC"}
|
|
@@ -1,96 +0,0 @@
|
|
|
1
|
-
import { describe, expect, it } from 'vitest';
|
|
2
|
-
import { type C15TOptions, c15tInstance } from '../core';
|
|
3
|
-
|
|
4
|
-
const mockOptions: C15TOptions = {
|
|
5
|
-
appName: 'Consent.io Dashboard',
|
|
6
|
-
basePath: '/api/c15t',
|
|
7
|
-
trustedOrigins: [
|
|
8
|
-
'localhost',
|
|
9
|
-
'vercel.app',
|
|
10
|
-
'consent.io',
|
|
11
|
-
'https://test.consent.io',
|
|
12
|
-
],
|
|
13
|
-
cors: true,
|
|
14
|
-
advanced: {
|
|
15
|
-
cors: {
|
|
16
|
-
allowHeaders: ['content-type', 'x-request-id'],
|
|
17
|
-
},
|
|
18
|
-
},
|
|
19
|
-
logger: {
|
|
20
|
-
level: 'debug',
|
|
21
|
-
},
|
|
22
|
-
};
|
|
23
|
-
|
|
24
|
-
const createTestRequest = (
|
|
25
|
-
path = '/api/c15t/status',
|
|
26
|
-
method = 'GET',
|
|
27
|
-
headers?: Record<string, string>
|
|
28
|
-
) => {
|
|
29
|
-
return new Request(`http://localhost${path}`, {
|
|
30
|
-
method,
|
|
31
|
-
headers: {
|
|
32
|
-
'content-type': 'application/json',
|
|
33
|
-
...(headers || {}),
|
|
34
|
-
},
|
|
35
|
-
});
|
|
36
|
-
};
|
|
37
|
-
|
|
38
|
-
describe('C15T /status endpoint', () => {
|
|
39
|
-
it('GET /api/c15t/status returns 200 and status payload', async () => {
|
|
40
|
-
const c15t = c15tInstance(mockOptions);
|
|
41
|
-
const request = createTestRequest();
|
|
42
|
-
const response = await c15t.handler(request);
|
|
43
|
-
expect(response.status).toBe(200);
|
|
44
|
-
const data = await response.json();
|
|
45
|
-
expect(data).toHaveProperty('status');
|
|
46
|
-
});
|
|
47
|
-
|
|
48
|
-
it('responds correctly to requests from allowed origins', async () => {
|
|
49
|
-
const c15t = c15tInstance(mockOptions);
|
|
50
|
-
const request = createTestRequest(undefined, undefined, {
|
|
51
|
-
origin: 'https://test.consent.io',
|
|
52
|
-
});
|
|
53
|
-
const response = await c15t.handler(request);
|
|
54
|
-
expect(response.status).toBe(200);
|
|
55
|
-
expect(response.headers.get('access-control-allow-origin')).toBe(
|
|
56
|
-
'https://test.consent.io'
|
|
57
|
-
);
|
|
58
|
-
});
|
|
59
|
-
|
|
60
|
-
it('rejects requests from disallowed origins', async () => {
|
|
61
|
-
const c15t = c15tInstance(mockOptions);
|
|
62
|
-
const request = createTestRequest(undefined, undefined, {
|
|
63
|
-
origin: 'https://malicious-site.com',
|
|
64
|
-
});
|
|
65
|
-
const response = await c15t.handler(request);
|
|
66
|
-
expect(response.headers.get('access-control-allow-origin')).toBeNull();
|
|
67
|
-
});
|
|
68
|
-
|
|
69
|
-
it('handles preflight requests correctly', async () => {
|
|
70
|
-
const c15t = c15tInstance(mockOptions);
|
|
71
|
-
const request = createTestRequest(undefined, 'OPTIONS', {
|
|
72
|
-
origin: 'https://test.consent.io',
|
|
73
|
-
'access-control-request-method': 'GET',
|
|
74
|
-
});
|
|
75
|
-
const response = await c15t.handler(request);
|
|
76
|
-
expect(response.status).toBe(204);
|
|
77
|
-
expect(response.headers.get('access-control-allow-origin')).toBe(
|
|
78
|
-
'https://test.consent.io'
|
|
79
|
-
);
|
|
80
|
-
expect(response.headers.get('access-control-allow-headers')).toContain(
|
|
81
|
-
'Content-Type, Authorization, x-request-id'
|
|
82
|
-
);
|
|
83
|
-
});
|
|
84
|
-
});
|
|
85
|
-
|
|
86
|
-
describe('C15T /docs endpoint', () => {
|
|
87
|
-
it('GET /api/c15t/docs returns 200 and HTML', async () => {
|
|
88
|
-
const c15t = c15tInstance(mockOptions);
|
|
89
|
-
const request = createTestRequest('/api/c15t/docs');
|
|
90
|
-
const response = await c15t.handler(request);
|
|
91
|
-
expect(response.status).toBe(200);
|
|
92
|
-
const text = await response.text();
|
|
93
|
-
expect(text).toContain('<!doctype html>');
|
|
94
|
-
expect(response.headers.get('content-type')).toContain('text/html');
|
|
95
|
-
});
|
|
96
|
-
});
|