@clioplaylists/clio 0.1.5 → 0.1.7

package/dist/.env

@@ -0,0 +1,7 @@
+NODE_ENV='development'
+CLIO_VERSION=v0.1.0
+CLIO_PORT=8000
+DID_PLC_URL='https://plc.directory'
+LOG_ENABLED=true
+LOG_DESTINATION=
+LEG_LEVEL=debug

package/dist/api/com/clioplaylists/alpha/actor/getProfile.js

@@ -0,0 +1,37 @@
+"use strict";
+// import AppContext from '../../../../../context'
+// import { Server } from '../../../../../lexicons'
+// import { OutputSchema } from '../../../../../lexicons/types/com/clioplaylists/alpha/feed/getSongs'
+// import { Record as SongRecord } from '../../../../../lexicons/types/com/clioplaylists/alpha/feed/song'
+// import { parseRecord } from '../../../../../util'
+// import { resHeaders } from '../../../../util'
+// export default function (server: Server, ctx: AppContext) {
+//   server.com.clioplaylists.alpha.feed.getSongs({
+//     handler: async ({ params, auth, req }) => {
+//       const res = await ctx.dataplane.getSongRecords({})
+//       let results: OutputSchema = {
+//         songs: []
+//       }
+//       res.records.forEach((recordWrapper) => {
+//         const recordRes = parseRecord<SongRecord>(recordWrapper, false)
+//         if (!recordRes) {
+//           console.log("Could not deserialize SongRecord")
+//           return
+//         }
+//         results.songs.push({
+//           trackName: recordRes.record.trackName,
+//           trackMbId: recordRes.record.trackMbId,
+//           artistNames: recordRes.record.artistNames,
+//           artistMbIds: recordRes.record.artistMbIds,
+//           albumArtwork: recordRes.record.albumArtwork,
+//           createdAt: recordRes.record.createdAt
+//         })
+//       })
+//       return {
+//         encoding: 'application/json',
+//         body: results,
+//         headers: resHeaders({}),
+//       }
+//     }
+//   })
+// }

package/dist/api/com/clioplaylists/alpha/feed/getSongs.js

@@ -0,0 +1,37 @@
+"use strict";
+// import AppContext from '../../../../../context'
+// import { Server } from '../../../../../lexicons'
+// import { OutputSchema } from '../../../../../lexicons/types/com/clioplaylists/alpha/feed/getSongs'
+// import { Record as SongRecord } from '../../../../../lexicons/types/com/clioplaylists/alpha/feed/song'
+// import { parseRecord } from '../../../../../util'
+// import { resHeaders } from '../../../../util'
+// export default function (server: Server, ctx: AppContext) {
+//   server.com.clioplaylists.alpha.feed.getSongs({
+//     handler: async ({ params, auth, req }) => {
+//       const res = await ctx.dataplane.getSongRecords({})
+//       let results: OutputSchema = {
+//         songs: []
+//       }
+//       res.records.forEach((recordWrapper) => {
+//         const recordRes = parseRecord<SongRecord>(recordWrapper, false)
+//         if (!recordRes) {
+//           console.log("Could not deserialize SongRecord")
+//           return
+//         }
+//         results.songs.push({
+//           trackName: recordRes.record.trackName,
+//           trackMbId: recordRes.record.trackMbId,
+//           artistNames: recordRes.record.artistNames,
+//           artistMbIds: recordRes.record.artistMbIds,
+//           albumArtwork: recordRes.record.albumArtwork,
+//           createdAt: recordRes.record.createdAt
+//         })
+//       })
+//       return {
+//         encoding: 'application/json',
+//         body: results,
+//         headers: resHeaders({}),
+//       }
+//     }
+//   })
+// }

package/dist/api/health.d.ts

@@ -0,0 +1,3 @@
+import express from 'express';
+import AppContext from '../context';
+export declare const createRouter: (ctx: AppContext) => express.Router;

package/dist/api/health.js

@@ -0,0 +1,25 @@
+import express from 'express';
+export const createRouter = (ctx) => {
+    const router = express.Router();
+    router.get('/', function (req, res) {
+        res.type('text/plain');
+        res.send(`
+  ___  __    ____  _____ 
+ / __)(  )  (_  _)(  _  )
+( (__  )(__  _)(_  )(_)( 
+ \___)(____)(____)(_____)
+
+This is an AT Protocol Application View (AppView) for the "clioplaylists.com" application.
+
+Most API routes are under /xrpc/
+
+      Code: https://github.com/Hoid/clio-api
+  Protocol: https://atproto.com
+`);
+    });
+    router.get('/xrpc/_health', async function (req, res) {
+        const { version } = ctx.cfg;
+        res.send({ version });
+    });
+    return router;
+};

package/dist/api/index.d.ts

@@ -0,0 +1,4 @@
+import AppContext from '../context';
+import { Server } from '../lexicons';
+export * as health from './health';
+export default function (server: Server, ctx: AppContext): Server;

package/dist/api/index.js

@@ -0,0 +1,6 @@
+// import getSongs from './com/clioplaylists/alpha/feed/getSongs'
+export * as health from './health';
+export default function (server, ctx) {
+    // getSongs(server, ctx)
+    return server;
+}

package/dist/api/util.d.ts

@@ -0,0 +1,9 @@
+import { ParsedLabelers } from '../util';
+export declare const ATPROTO_CONTENT_LABELERS = "Atproto-Content-Labelers";
+export declare const ATPROTO_REPO_REV = "Atproto-Repo-Rev";
+type ResHeaderOpts = {
+    labelers: ParsedLabelers;
+    repoRev: string | null;
+};
+export declare const resHeaders: (opts: Partial<ResHeaderOpts>) => Record<string, string>;
+export {};

package/dist/api/util.js

@@ -0,0 +1,13 @@
+import { formatLabelerHeader } from '../util';
+export const ATPROTO_CONTENT_LABELERS = 'Atproto-Content-Labelers';
+export const ATPROTO_REPO_REV = 'Atproto-Repo-Rev';
+export const resHeaders = (opts) => {
+    const headers = {};
+    if (opts.labelers) {
+        headers[ATPROTO_CONTENT_LABELERS] = formatLabelerHeader(opts.labelers);
+    }
+    if (opts.repoRev) {
+        headers[ATPROTO_REPO_REV] = opts.repoRev;
+    }
+    return headers;
+};

package/dist/auth-verifier.d.ts

@@ -0,0 +1,92 @@
+import { VerifySignatureWithKeyFn } from '@atproto/xrpc-server';
+import express from 'express';
+import { KeyObject } from 'node:crypto';
+import { DataPlaneClient } from './client';
+type ReqCtx = {
+    req: express.Request;
+};
+type StandardAuthOpts = {
+    skipAudCheck?: boolean;
+    lxmCheck?: (method?: string) => boolean;
+};
+export declare enum RoleStatus {
+    Valid = 0,
+    Invalid = 1,
+    Missing = 2
+}
+type NullOutput = {
+    credentials: {
+        type: 'none';
+        iss: null;
+    };
+};
+type StandardOutput = {
+    credentials: {
+        type: 'standard';
+        aud: string;
+        iss: string;
+    };
+};
+type RoleOutput = {
+    credentials: {
+        type: 'role';
+        admin: boolean;
+    };
+};
+type ModServiceOutput = {
+    credentials: {
+        type: 'mod_service';
+        aud: string;
+        iss: string;
+    };
+};
+export type AuthVerifierOpts = {
+    ownDid: string;
+    alternateAudienceDids: string[];
+    modServiceDid: string;
+    adminPasses: string[];
+    entrywayJwtPublicKey?: KeyObject;
+};
+export declare class AuthVerifier {
+    dataplane: DataPlaneClient;
+    ownDid: string;
+    standardAudienceDids: Set<string>;
+    modServiceDid: string;
+    private adminPasses;
+    private entrywayJwtPublicKey?;
+    constructor(dataplane: DataPlaneClient, opts: AuthVerifierOpts);
+    standardOptionalParameterized: (opts: StandardAuthOpts) => (ctx: ReqCtx) => Promise<StandardOutput | NullOutput>;
+    standardOptional: (ctx: ReqCtx) => Promise<StandardOutput | NullOutput>;
+    standard: (ctx: ReqCtx) => Promise<StandardOutput>;
+    role: (ctx: ReqCtx) => RoleOutput;
+    standardOrRole: (ctx: ReqCtx) => Promise<StandardOutput | RoleOutput>;
+    optionalStandardOrRole: (ctx: ReqCtx) => Promise<StandardOutput | RoleOutput | NullOutput>;
+    entrywaySession: (reqCtx: ReqCtx) => Promise<StandardOutput>;
+    parseRoleCreds(req: express.Request): {
+        status: RoleStatus;
+        admin: boolean;
+        moderator: boolean;
+        triage: boolean;
+    } | {
+        status: RoleStatus;
+        admin: boolean;
+        moderator?: undefined;
+        triage?: undefined;
+    };
+    isModService(iss: string): boolean;
+    nullCreds(): NullOutput;
+    parseCreds(creds: StandardOutput | RoleOutput | ModServiceOutput | NullOutput): {
+        viewer: string | null;
+        includeTakedowns: boolean;
+        include3pBlocks: boolean;
+        canPerformTakedown: boolean;
+    };
+}
+export declare const parseBasicAuth: (token: string) => {
+    username: string;
+    password: string;
+} | null;
+export declare const buildBasicAuth: (username: string, password: string) => string;
+export declare const createPublicKeyObject: (publicKeyHex: string) => KeyObject;
+export declare const verifySignatureWithKey: VerifySignatureWithKeyFn;
+export {};

package/dist/auth-verifier.js

@@ -0,0 +1,365 @@
+import { AuthRequiredError, cryptoVerifySignatureWithKey, } from '@atproto/xrpc-server';
+import * as jose from 'jose';
+import KeyEncoder from 'key-encoder';
+import crypto from 'node:crypto';
+import * as ui8 from 'uint8arrays';
+// import { GetIdentityByDidResponse } from './proto/bsky_pb'
+import { parseDidKey, SECP256K1_JWT_ALG } from '@atproto/crypto';
+export var RoleStatus;
+(function (RoleStatus) {
+    RoleStatus[RoleStatus["Valid"] = 0] = "Valid";
+    RoleStatus[RoleStatus["Invalid"] = 1] = "Invalid";
+    RoleStatus[RoleStatus["Missing"] = 2] = "Missing";
+})(RoleStatus || (RoleStatus = {}));
+const ALLOWED_AUTH_SCOPES = new Set([
+    'com.atproto.access',
+    'com.atproto.appPass',
+    'com.atproto.appPassPrivileged',
+]);
+export class AuthVerifier {
+    dataplane;
+    ownDid;
+    standardAudienceDids;
+    modServiceDid;
+    adminPasses;
+    entrywayJwtPublicKey;
+    constructor(dataplane, opts) {
+        this.dataplane = dataplane;
+        this.ownDid = opts.ownDid;
+        this.standardAudienceDids = new Set([
+            opts.ownDid,
+            ...opts.alternateAudienceDids,
+        ]);
+        this.modServiceDid = opts.modServiceDid;
+        this.adminPasses = new Set(opts.adminPasses);
+        this.entrywayJwtPublicKey = opts.entrywayJwtPublicKey;
+    }
+    // verifiers (arrow fns to preserve scope)
+    standardOptionalParameterized = (opts) => async (ctx) => {
+        // @TODO remove! basic auth + did supported just for testing.
+        if (isBasicToken(ctx.req)) {
+            const aud = this.ownDid;
+            const iss = ctx.req.headers['appview-as-did'];
+            if (typeof iss !== 'string' || !iss.startsWith('did:')) {
+                throw new AuthRequiredError('bad issuer');
+            }
+            if (!this.parseRoleCreds(ctx.req).admin) {
+                throw new AuthRequiredError('bad credentials');
+            }
+            return {
+                credentials: { type: 'standard', iss, aud },
+            };
+        }
+        else if (isBearerToken(ctx.req)) {
+            // @NOTE temporarily accept entryway session tokens to shed load from PDS instances
+            const token = bearerTokenFromReq(ctx.req);
+            const header = token ? jose.decodeProtectedHeader(token) : undefined;
+            if (header?.typ === 'at+jwt') {
+                // we should never use entryway session tokens in the case of flexible auth audiences (namely in the case of getFeed)
+                if (opts.skipAudCheck) {
+                    throw new AuthRequiredError('Malformed token', 'InvalidToken');
+                }
+                return this.entrywaySession(ctx);
+            }
+            // const { iss, aud } = await this.verifyServiceJwt(ctx, {
+            //   lxmCheck: opts.lxmCheck,
+            //   iss: null,
+            //   aud: null,
+            // })
+            const { aud } = {
+                // iss: '',
+                aud: '',
+            };
+            if (!opts.skipAudCheck && !this.standardAudienceDids.has(aud)) {
+                throw new AuthRequiredError('jwt audience does not match service did', 'BadJwtAudience');
+            }
+            return {
+                credentials: {
+                    type: 'standard',
+                    iss: '',
+                    aud: '',
+                },
+            };
+        }
+        else {
+            return this.nullCreds();
+        }
+    };
+    standardOptional = this.standardOptionalParameterized({});
+    standard = async (ctx) => {
+        const output = await this.standardOptional(ctx);
+        if (output.credentials.type === 'none') {
+            throw new AuthRequiredError(undefined, 'AuthMissing');
+        }
+        return output;
+    };
+    role = (ctx) => {
+        const creds = this.parseRoleCreds(ctx.req);
+        if (creds.status !== RoleStatus.Valid) {
+            throw new AuthRequiredError();
+        }
+        return {
+            credentials: {
+                ...creds,
+                type: 'role',
+            },
+        };
+    };
+    standardOrRole = async (ctx) => {
+        if (isBearerToken(ctx.req)) {
+            return this.standard(ctx);
+        }
+        else {
+            return this.role(ctx);
+        }
+    };
+    optionalStandardOrRole = async (ctx) => {
+        if (isBearerToken(ctx.req)) {
+            return await this.standard(ctx);
+        }
+        else {
+            const creds = this.parseRoleCreds(ctx.req);
+            if (creds.status === RoleStatus.Valid) {
+                return {
+                    credentials: {
+                        ...creds,
+                        type: 'role',
+                    },
+                };
+            }
+            else if (creds.status === RoleStatus.Missing) {
+                return this.nullCreds();
+            }
+            else {
+                throw new AuthRequiredError();
+            }
+        }
+    };
+    // @NOTE this auth verifier method is not recommended to be implemented by most appviews
+    // this is a short term fix to remove proxy load from Bluesky's PDS and in line with possible
+    // future plans to have the client talk directly with the appview
+    entrywaySession = async (reqCtx) => {
+        const token = bearerTokenFromReq(reqCtx.req);
+        if (!token) {
+            throw new AuthRequiredError(undefined, 'AuthMissing');
+        }
+        // if entryway jwt key not configured then do not parsed these tokens
+        if (!this.entrywayJwtPublicKey) {
+            throw new AuthRequiredError('Malformed token', 'InvalidToken');
+        }
+        const res = await jose
+            .jwtVerify(token, this.entrywayJwtPublicKey)
+            .catch((err) => {
+            if (err?.['code'] === 'ERR_JWT_EXPIRED') {
+                throw new AuthRequiredError('Token has expired', 'ExpiredToken');
+            }
+            throw new AuthRequiredError('Token could not be verified', 'InvalidToken');
+        });
+        const { sub, aud, scope } = res.payload;
+        if (typeof sub !== 'string' || !sub.startsWith('did:')) {
+            throw new AuthRequiredError('Malformed token', 'InvalidToken');
+        }
+        else if (typeof aud !== 'string' ||
+            !aud.startsWith('did:web:') ||
+            !aud.endsWith('.bsky.network')) {
+            throw new AuthRequiredError('Bad token aud', 'InvalidToken');
+        }
+        else if (typeof scope !== 'string' || !ALLOWED_AUTH_SCOPES.has(scope)) {
+            throw new AuthRequiredError('Bad token scope', 'InvalidToken');
+        }
+        return {
+            credentials: {
+                type: 'standard',
+                aud: this.ownDid,
+                iss: sub,
+            },
+        };
+    };
+    // modService = async (reqCtx: ReqCtx): Promise<ModServiceOutput> => {
+    //   const { iss, aud } = await this.verifyServiceJwt(reqCtx, {
+    //     aud: this.ownDid,
+    //     iss: [this.modServiceDid, `${this.modServiceDid}#atproto_labeler`],
+    //   })
+    //   return { credentials: { type: 'mod_service', aud, iss } }
+    // }
+    // roleOrModService = async (
+    //   reqCtx: ReqCtx,
+    // ): Promise<RoleOutput | ModServiceOutput> => {
+    //   if (isBearerToken(reqCtx.req)) {
+    //     return this.modService(reqCtx)
+    //   } else {
+    //     return this.role(reqCtx)
+    //   }
+    // }
+    parseRoleCreds(req) {
+        const parsed = parseBasicAuth(req.headers.authorization || '');
+        const { Missing, Valid, Invalid } = RoleStatus;
+        if (!parsed) {
+            return { status: Missing, admin: false, moderator: false, triage: false };
+        }
+        const { username, password } = parsed;
+        if (username === 'admin' && this.adminPasses.has(password)) {
+            return { status: Valid, admin: true };
+        }
+        return { status: Invalid, admin: false };
+    }
+    // async verifyServiceJwt(
+    //   reqCtx: ReqCtx,
+    //   opts: {
+    //     iss: string[] | null
+    //     aud: string | null
+    //     lxmCheck?: (method?: string) => boolean
+    //   },
+    // ) {
+    //   const getSigningKey = async (
+    //     iss: string,
+    //     _forceRefresh: boolean, // @TODO consider propagating to dataplane
+    //   ): Promise<string> => {
+    //     if (opts.iss !== null && !opts.iss.includes(iss)) {
+    //       throw new AuthRequiredError('Untrusted issuer', 'UntrustedIss')
+    //     }
+    //     const [did, serviceId] = iss.split('#')
+    //     const keyId =
+    //       serviceId === 'atproto_labeler' ? 'atproto_label' : 'atproto'
+    //     let identity: GetIdentityByDidResponse
+    //     try {
+    //       identity = await this.dataplane.getIdentityByDid({ did })
+    //     } catch (err) {
+    //       if (isDataplaneError(err, Code.NotFound)) {
+    //         throw new AuthRequiredError('identity unknown')
+    //       }
+    //       throw err
+    //     }
+    //     const keys = unpackIdentityKeys(identity.keys)
+    //     const didKey = getKeyAsDidKey(keys, { id: keyId })
+    //     if (!didKey) {
+    //       throw new AuthRequiredError('missing or bad key')
+    //     }
+    //     return didKey
+    //   }
+    //   const assertLxmCheck = () => {
+    //     const lxm = parseReqNsid(reqCtx.req)
+    //     if (
+    //       (opts.lxmCheck && !opts.lxmCheck(payload.lxm)) ||
+    //       (!opts.lxmCheck && payload.lxm !== lxm)
+    //     ) {
+    //       throw new AuthRequiredError(
+    //         payload.lxm !== undefined
+    //           ? `bad jwt lexicon method ("lxm"). must match: ${lxm}`
+    //           : `missing jwt lexicon method ("lxm"). must match: ${lxm}`,
+    //         'BadJwtLexiconMethod',
+    //       )
+    //     }
+    //   }
+    //   const jwtStr = bearerTokenFromReq(reqCtx.req)
+    //   if (!jwtStr) {
+    //     throw new AuthRequiredError('missing jwt', 'MissingJwt')
+    //   }
+    //   // if validating additional scopes, skip scope check in initial validation & follow up afterwards
+    //   const payload = await verifyServiceJwt(
+    //     jwtStr,
+    //     opts.aud,
+    //     null,
+    //     getSigningKey,
+    //     verifySignatureWithKey,
+    //   )
+    //   if (
+    //     !payload.iss.endsWith('#atproto_labeler') ||
+    //     payload.lxm !== undefined
+    //   ) {
+    //     // @TODO currently permissive of labelers who dont set lxm yet.
+    //     // we'll allow ozone self-hosters to upgrade before removing this condition.
+    //     assertLxmCheck()
+    //   }
+    //   return { iss: payload.iss, aud: payload.aud }
+    // }
+    isModService(iss) {
+        return [
+            this.modServiceDid,
+            `${this.modServiceDid}#atproto_labeler`,
+        ].includes(iss);
+    }
+    nullCreds() {
+        return {
+            credentials: {
+                type: 'none',
+                iss: null,
+            },
+        };
+    }
+    parseCreds(creds) {
+        const viewer = creds.credentials.type === 'standard' ? creds.credentials.iss : null;
+        const includeTakedownsAnd3pBlocks = (creds.credentials.type === 'role' && creds.credentials.admin) ||
+            creds.credentials.type === 'mod_service' ||
+            (creds.credentials.type === 'standard' &&
+                this.isModService(creds.credentials.iss));
+        const canPerformTakedown = (creds.credentials.type === 'role' && creds.credentials.admin) ||
+            creds.credentials.type === 'mod_service';
+        return {
+            viewer,
+            includeTakedowns: includeTakedownsAnd3pBlocks,
+            include3pBlocks: includeTakedownsAnd3pBlocks,
+            canPerformTakedown,
+        };
+    }
+}
+// HELPERS
+// ---------
+const BEARER = 'Bearer ';
+const BASIC = 'Basic ';
+const isBearerToken = (req) => {
+    return req.headers.authorization?.startsWith(BEARER) ?? false;
+};
+const isBasicToken = (req) => {
+    return req.headers.authorization?.startsWith(BASIC) ?? false;
+};
+const bearerTokenFromReq = (req) => {
+    const header = req.headers.authorization || '';
+    if (!header.startsWith(BEARER))
+        return null;
+    return header.slice(BEARER.length).trim();
+};
+export const parseBasicAuth = (token) => {
+    if (!token.startsWith(BASIC))
+        return null;
+    const b64 = token.slice(BASIC.length);
+    let parsed;
+    try {
+        parsed = ui8.toString(ui8.fromString(b64, 'base64pad'), 'utf8').split(':');
+    }
+    catch (err) {
+        return null;
+    }
+    const [username, password] = parsed;
+    if (!username || !password)
+        return null;
+    return { username, password };
+};
+export const buildBasicAuth = (username, password) => {
+    return (BASIC +
+        ui8.toString(ui8.fromString(`${username}:${password}`, 'utf8'), 'base64pad'));
+};
+const keyEncoder = new KeyEncoder('secp256k1');
+export const createPublicKeyObject = (publicKeyHex) => {
+    const key = keyEncoder.encodePublic(publicKeyHex, 'raw', 'pem');
+    return crypto.createPublicKey({ format: 'pem', key });
+};
+const verifySig = (publicKey, data, sig) => {
+    const keyEncoder = new KeyEncoder('secp256k1');
+    const pemKey = keyEncoder.encodePublic(ui8.toString(publicKey, 'hex'), 'raw', 'pem');
+    const key = crypto.createPublicKey({ format: 'pem', key: pemKey });
+    return crypto.verify('sha256', data, {
+        key,
+        dsaEncoding: 'ieee-p1363',
+    }, sig);
+};
+export const verifySignatureWithKey = async (didKey, msgBytes, sigBytes, alg) => {
+    if (alg === SECP256K1_JWT_ALG) {
+        const parsed = parseDidKey(didKey);
+        if (alg !== parsed.jwtAlg) {
+            throw new Error(`Expected key alg ${alg}, got ${parsed.jwtAlg}`);
+        }
+        return verifySig(parsed.keyBytes, msgBytes, sigBytes);
+    }
+    return cryptoVerifySignatureWithKey(didKey, msgBytes, sigBytes, alg);
+};

package/dist/client.d.ts

@@ -0,0 +1,9 @@
+import { Client } from '@connectrpc/connect';
+import { ClioService } from './rpc/clio_connect';
+export type DataPlaneClient = Client<typeof ClioService>;
+type HttpVersion = '1.1' | '2';
+export declare const createBaseClient: (baseUrl: string, opts: {
+    httpVersion?: HttpVersion;
+    rejectUnauthorized?: boolean;
+}) => DataPlaneClient;
+export {};

package/dist/client.js

@@ -0,0 +1,33 @@
+import { createClient } from '@connectrpc/connect';
+import { createGrpcTransport } from '@connectrpc/connect-node';
+import assert from 'node:assert';
+import { ClioService } from './rpc/clio_connect';
+export const createBaseClient = (baseUrl, opts) => {
+    const { httpVersion = '2', rejectUnauthorized = true } = opts;
+    const transport = createGrpcTransport({
+        baseUrl,
+        acceptCompression: [],
+        httpVersion,
+        nodeOptions: { rejectUnauthorized },
+    });
+    assert(validateUrl(baseUrl));
+    return createClient(ClioService, transport);
+};
+const validateUrl = (urlStr) => {
+    let url;
+    try {
+        url = new URL(urlStr);
+    }
+    catch {
+        return undefined;
+    }
+    if (!['http:', 'https:'].includes(url.protocol)) {
+        return undefined;
+    }
+    else if (!url.hostname) {
+        return undefined;
+    }
+    else {
+        return urlStr;
+    }
+};

package/dist/config.d.ts

@@ -0,0 +1,21 @@
+export interface ServerConfigValues {
+    version?: string;
+    debugMode?: boolean;
+    port?: number;
+    serverDid: string;
+    didPlcUrl: string;
+    handleResolverNameservers?: string[];
+}
+export declare class ServerConfig {
+    private cfg;
+    private assignedPort?;
+    constructor(cfg: ServerConfigValues);
+    static readEnv(overrides?: Partial<ServerConfigValues>): ServerConfig;
+    assignPort(port: number): void;
+    get version(): string | undefined;
+    get debugMode(): boolean;
+    get port(): number | undefined;
+    get localUrl(): string;
+    get serverDid(): string;
+    get didPlcUrl(): string;
+}