@contractspec/lib.contracts-runtime-server-rest 2.0.0

package/dist/rest-express.js

@@ -0,0 +1,162 @@
+// @bun
+// src/rest-generic.ts
+import { defaultRestPath } from "@contractspec/lib.contracts-spec/jsonschema";
+function corsHeaders(opt) {
+  const h = {};
+  const origin = typeof opt === "object" ? opt.origin ?? "*" : "*";
+  h["access-control-allow-origin"] = origin;
+  h["vary"] = "Origin";
+  if (typeof opt === "object") {
+    if (opt.methods)
+      h["access-control-allow-methods"] = opt.methods.join(", ");
+    if (opt.headers)
+      h["access-control-allow-headers"] = opt.headers.join(", ");
+    if (opt.credentials)
+      h["access-control-allow-credentials"] = "true";
+    if (typeof opt.maxAge === "number") {
+      h["access-control-max-age"] = String(opt.maxAge);
+    }
+  } else {
+    h["access-control-allow-methods"] = "GET,POST,OPTIONS";
+    h["access-control-allow-headers"] = "content-type,x-idempotency-key,x-trace-id";
+  }
+  return h;
+}
+function joinPath(a, b) {
+  const left = (a ?? "").replace(/\/+$/g, "");
+  const right = b.replace(/^\/+/g, "");
+  return `${left}/${right}`.replace(/\/{2,}/g, "/");
+}
+function createFetchHandler(reg, ctxFactory, options) {
+  const opts = {
+    basePath: options?.basePath ?? "",
+    cors: options?.cors ?? false,
+    prettyJson: options?.prettyJson ?? false,
+    onError: options?.onError
+  };
+  const routes = reg.list().map((spec) => ({
+    method: spec.transport?.rest?.method ?? (spec.meta.kind === "query" ? "GET" : "POST"),
+    path: joinPath(opts.basePath, spec.transport?.rest?.path ?? defaultRestPath(spec.meta.key, spec.meta.version)),
+    name: spec.meta.key,
+    version: spec.meta.version
+  }));
+  const routeTable = new Map;
+  for (const r of routes)
+    routeTable.set(`${r.method} ${r.path}`, r);
+  const makeJson = (status, data, extraHeaders) => {
+    const body = opts.prettyJson ? JSON.stringify(data, null, opts.prettyJson) : JSON.stringify(data);
+    const base = {
+      "content-type": "application/json; charset=utf-8"
+    };
+    return new Response(body, {
+      status,
+      headers: extraHeaders ? { ...base, ...extraHeaders } : base
+    });
+  };
+  return async function handle(req) {
+    const url = new URL(req.url);
+    const key = `${req.method.toUpperCase()} ${url.pathname}`;
+    if (opts.cors && req.method.toUpperCase() === "OPTIONS") {
+      const h = corsHeaders(opts.cors === true ? {} : opts.cors);
+      return new Response(null, {
+        status: 204,
+        headers: { ...h, "content-length": "0" }
+      });
+    }
+    const route = routeTable.get(key);
+    if (!route) {
+      const headers = {};
+      if (opts.cors)
+        Object.assign(headers, corsHeaders(opts.cors === true ? {} : opts.cors));
+      return makeJson(404, { error: "NotFound", path: url.pathname }, headers);
+    }
+    try {
+      let input = {};
+      if (route.method === "GET") {
+        if (url.searchParams.has("input")) {
+          const raw = url.searchParams.get("input");
+          input = raw ? JSON.parse(raw) : {};
+        } else {
+          const obj = {};
+          for (const [k, v] of url.searchParams.entries())
+            obj[k] = v;
+          input = obj;
+        }
+      } else {
+        const contentType = req.headers.get("content-type") || "";
+        if (contentType.includes("application/json")) {
+          input = await req.json();
+        } else if (contentType.includes("application/x-www-form-urlencoded")) {
+          const form = await req.formData();
+          input = Object.fromEntries(form.entries());
+        } else if (!contentType) {
+          input = {};
+        } else {
+          return makeJson(415, { error: "UnsupportedMediaType", contentType });
+        }
+      }
+      const ctx = ctxFactory(req);
+      const result = await reg.execute(route.name, route.version, input, ctx);
+      const headers = {};
+      if (opts.cors)
+        Object.assign(headers, corsHeaders(opts.cors === true ? {} : opts.cors));
+      return makeJson(200, result, headers);
+    } catch (err) {
+      if (opts.onError) {
+        const mapped = opts.onError(err);
+        const headers2 = {};
+        if (opts.cors)
+          Object.assign(headers2, corsHeaders(opts.cors === true ? {} : opts.cors));
+        return makeJson(mapped.status, mapped.body, headers2);
+      }
+      const headers = {};
+      if (opts.cors)
+        Object.assign(headers, corsHeaders(opts.cors === true ? {} : opts.cors));
+      if (err?.issues) {
+        return makeJson(400, {
+          error: "ValidationError",
+          issues: err.issues
+        }, headers);
+      }
+      if (typeof err?.message === "string" && err.message.startsWith("PolicyDenied")) {
+        return makeJson(403, { error: "PolicyDenied" }, headers);
+      }
+      return makeJson(500, { error: "InternalError" }, headers);
+    }
+  };
+}
+
+// src/rest-express.ts
+function expressRouter(express, reg, ctxFactory, options) {
+  const router = express.Router();
+  for (const spec of reg.list()) {
+    const method = spec.transport?.rest?.method ?? (spec.meta.kind === "query" ? "GET" : "POST");
+    const path = (options?.basePath ?? "") + (spec.transport?.rest?.path ?? `/${spec.meta.key.replace(/\./g, "/")}/v${spec.meta.version}`);
+    router[method.toLowerCase()](path, async (req, res) => {
+      const url = new URL(`${req.protocol}://${req.get("host")}${req.originalUrl}`);
+      const request = new Request(url.toString(), {
+        method,
+        headers: Object.fromEntries(Object.entries(req.headers).map(([k, v]) => [k, String(v)])),
+        body: method === "POST" ? JSON.stringify(req.body ?? {}) : undefined
+      });
+      const handler = createFetchHandler(reg, () => ctxFactory(req), options);
+      const response = await handler(request);
+      res.status(response.status);
+      response.headers.forEach((v, k) => res.setHeader(k, v));
+      const text = await response.text();
+      res.send(text);
+    });
+  }
+  if (options?.cors) {
+    router.options("*", (_req, res) => {
+      const h = new Headers;
+      const resp = new Response(null, { status: 204 });
+      resp.headers.forEach((v, k) => h.set(k, v));
+      res.status(204).send();
+    });
+  }
+  return router;
+}
+export {
+  expressRouter
+};

package/dist/rest-generic.d.ts

@@ -0,0 +1,18 @@
+import type { OperationSpecRegistry } from '@contractspec/lib.contracts-spec/operations/registry';
+import type { HandlerCtx } from '@contractspec/lib.contracts-spec/types';
+export interface RestOptions {
+    basePath?: string;
+    cors?: boolean | {
+        origin?: string | '*';
+        methods?: string[];
+        headers?: string[];
+        credentials?: boolean;
+        maxAge?: number;
+    };
+    prettyJson?: number | false;
+    onError?: (err: unknown) => {
+        status: number;
+        body: unknown;
+    };
+}
+export declare function createFetchHandler(reg: OperationSpecRegistry, ctxFactory: (req: Request) => HandlerCtx, options?: RestOptions): (req: Request) => Promise<Response>;

package/dist/rest-generic.js

@@ -0,0 +1,130 @@
+// @bun
+// src/rest-generic.ts
+import { defaultRestPath } from "@contractspec/lib.contracts-spec/jsonschema";
+function corsHeaders(opt) {
+  const h = {};
+  const origin = typeof opt === "object" ? opt.origin ?? "*" : "*";
+  h["access-control-allow-origin"] = origin;
+  h["vary"] = "Origin";
+  if (typeof opt === "object") {
+    if (opt.methods)
+      h["access-control-allow-methods"] = opt.methods.join(", ");
+    if (opt.headers)
+      h["access-control-allow-headers"] = opt.headers.join(", ");
+    if (opt.credentials)
+      h["access-control-allow-credentials"] = "true";
+    if (typeof opt.maxAge === "number") {
+      h["access-control-max-age"] = String(opt.maxAge);
+    }
+  } else {
+    h["access-control-allow-methods"] = "GET,POST,OPTIONS";
+    h["access-control-allow-headers"] = "content-type,x-idempotency-key,x-trace-id";
+  }
+  return h;
+}
+function joinPath(a, b) {
+  const left = (a ?? "").replace(/\/+$/g, "");
+  const right = b.replace(/^\/+/g, "");
+  return `${left}/${right}`.replace(/\/{2,}/g, "/");
+}
+function createFetchHandler(reg, ctxFactory, options) {
+  const opts = {
+    basePath: options?.basePath ?? "",
+    cors: options?.cors ?? false,
+    prettyJson: options?.prettyJson ?? false,
+    onError: options?.onError
+  };
+  const routes = reg.list().map((spec) => ({
+    method: spec.transport?.rest?.method ?? (spec.meta.kind === "query" ? "GET" : "POST"),
+    path: joinPath(opts.basePath, spec.transport?.rest?.path ?? defaultRestPath(spec.meta.key, spec.meta.version)),
+    name: spec.meta.key,
+    version: spec.meta.version
+  }));
+  const routeTable = new Map;
+  for (const r of routes)
+    routeTable.set(`${r.method} ${r.path}`, r);
+  const makeJson = (status, data, extraHeaders) => {
+    const body = opts.prettyJson ? JSON.stringify(data, null, opts.prettyJson) : JSON.stringify(data);
+    const base = {
+      "content-type": "application/json; charset=utf-8"
+    };
+    return new Response(body, {
+      status,
+      headers: extraHeaders ? { ...base, ...extraHeaders } : base
+    });
+  };
+  return async function handle(req) {
+    const url = new URL(req.url);
+    const key = `${req.method.toUpperCase()} ${url.pathname}`;
+    if (opts.cors && req.method.toUpperCase() === "OPTIONS") {
+      const h = corsHeaders(opts.cors === true ? {} : opts.cors);
+      return new Response(null, {
+        status: 204,
+        headers: { ...h, "content-length": "0" }
+      });
+    }
+    const route = routeTable.get(key);
+    if (!route) {
+      const headers = {};
+      if (opts.cors)
+        Object.assign(headers, corsHeaders(opts.cors === true ? {} : opts.cors));
+      return makeJson(404, { error: "NotFound", path: url.pathname }, headers);
+    }
+    try {
+      let input = {};
+      if (route.method === "GET") {
+        if (url.searchParams.has("input")) {
+          const raw = url.searchParams.get("input");
+          input = raw ? JSON.parse(raw) : {};
+        } else {
+          const obj = {};
+          for (const [k, v] of url.searchParams.entries())
+            obj[k] = v;
+          input = obj;
+        }
+      } else {
+        const contentType = req.headers.get("content-type") || "";
+        if (contentType.includes("application/json")) {
+          input = await req.json();
+        } else if (contentType.includes("application/x-www-form-urlencoded")) {
+          const form = await req.formData();
+          input = Object.fromEntries(form.entries());
+        } else if (!contentType) {
+          input = {};
+        } else {
+          return makeJson(415, { error: "UnsupportedMediaType", contentType });
+        }
+      }
+      const ctx = ctxFactory(req);
+      const result = await reg.execute(route.name, route.version, input, ctx);
+      const headers = {};
+      if (opts.cors)
+        Object.assign(headers, corsHeaders(opts.cors === true ? {} : opts.cors));
+      return makeJson(200, result, headers);
+    } catch (err) {
+      if (opts.onError) {
+        const mapped = opts.onError(err);
+        const headers2 = {};
+        if (opts.cors)
+          Object.assign(headers2, corsHeaders(opts.cors === true ? {} : opts.cors));
+        return makeJson(mapped.status, mapped.body, headers2);
+      }
+      const headers = {};
+      if (opts.cors)
+        Object.assign(headers, corsHeaders(opts.cors === true ? {} : opts.cors));
+      if (err?.issues) {
+        return makeJson(400, {
+          error: "ValidationError",
+          issues: err.issues
+        }, headers);
+      }
+      if (typeof err?.message === "string" && err.message.startsWith("PolicyDenied")) {
+        return makeJson(403, { error: "PolicyDenied" }, headers);
+      }
+      return makeJson(500, { error: "InternalError" }, headers);
+    }
+  };
+}
+export {
+  createFetchHandler
+};

package/dist/rest-next-app.d.ts

@@ -0,0 +1,4 @@
+import { type RestOptions } from './rest-generic';
+import type { OperationSpecRegistry } from '@contractspec/lib.contracts-spec/operations/registry';
+import type { HandlerCtx } from '@contractspec/lib.contracts-spec/types';
+export declare function makeNextAppHandler(reg: OperationSpecRegistry, ctxFactory: (req: Request) => HandlerCtx, options?: RestOptions): (req: Request) => Promise<Response>;

package/dist/rest-next-app.js

@@ -0,0 +1,138 @@
+// @bun
+// src/rest-generic.ts
+import { defaultRestPath } from "@contractspec/lib.contracts-spec/jsonschema";
+function corsHeaders(opt) {
+  const h = {};
+  const origin = typeof opt === "object" ? opt.origin ?? "*" : "*";
+  h["access-control-allow-origin"] = origin;
+  h["vary"] = "Origin";
+  if (typeof opt === "object") {
+    if (opt.methods)
+      h["access-control-allow-methods"] = opt.methods.join(", ");
+    if (opt.headers)
+      h["access-control-allow-headers"] = opt.headers.join(", ");
+    if (opt.credentials)
+      h["access-control-allow-credentials"] = "true";
+    if (typeof opt.maxAge === "number") {
+      h["access-control-max-age"] = String(opt.maxAge);
+    }
+  } else {
+    h["access-control-allow-methods"] = "GET,POST,OPTIONS";
+    h["access-control-allow-headers"] = "content-type,x-idempotency-key,x-trace-id";
+  }
+  return h;
+}
+function joinPath(a, b) {
+  const left = (a ?? "").replace(/\/+$/g, "");
+  const right = b.replace(/^\/+/g, "");
+  return `${left}/${right}`.replace(/\/{2,}/g, "/");
+}
+function createFetchHandler(reg, ctxFactory, options) {
+  const opts = {
+    basePath: options?.basePath ?? "",
+    cors: options?.cors ?? false,
+    prettyJson: options?.prettyJson ?? false,
+    onError: options?.onError
+  };
+  const routes = reg.list().map((spec) => ({
+    method: spec.transport?.rest?.method ?? (spec.meta.kind === "query" ? "GET" : "POST"),
+    path: joinPath(opts.basePath, spec.transport?.rest?.path ?? defaultRestPath(spec.meta.key, spec.meta.version)),
+    name: spec.meta.key,
+    version: spec.meta.version
+  }));
+  const routeTable = new Map;
+  for (const r of routes)
+    routeTable.set(`${r.method} ${r.path}`, r);
+  const makeJson = (status, data, extraHeaders) => {
+    const body = opts.prettyJson ? JSON.stringify(data, null, opts.prettyJson) : JSON.stringify(data);
+    const base = {
+      "content-type": "application/json; charset=utf-8"
+    };
+    return new Response(body, {
+      status,
+      headers: extraHeaders ? { ...base, ...extraHeaders } : base
+    });
+  };
+  return async function handle(req) {
+    const url = new URL(req.url);
+    const key = `${req.method.toUpperCase()} ${url.pathname}`;
+    if (opts.cors && req.method.toUpperCase() === "OPTIONS") {
+      const h = corsHeaders(opts.cors === true ? {} : opts.cors);
+      return new Response(null, {
+        status: 204,
+        headers: { ...h, "content-length": "0" }
+      });
+    }
+    const route = routeTable.get(key);
+    if (!route) {
+      const headers = {};
+      if (opts.cors)
+        Object.assign(headers, corsHeaders(opts.cors === true ? {} : opts.cors));
+      return makeJson(404, { error: "NotFound", path: url.pathname }, headers);
+    }
+    try {
+      let input = {};
+      if (route.method === "GET") {
+        if (url.searchParams.has("input")) {
+          const raw = url.searchParams.get("input");
+          input = raw ? JSON.parse(raw) : {};
+        } else {
+          const obj = {};
+          for (const [k, v] of url.searchParams.entries())
+            obj[k] = v;
+          input = obj;
+        }
+      } else {
+        const contentType = req.headers.get("content-type") || "";
+        if (contentType.includes("application/json")) {
+          input = await req.json();
+        } else if (contentType.includes("application/x-www-form-urlencoded")) {
+          const form = await req.formData();
+          input = Object.fromEntries(form.entries());
+        } else if (!contentType) {
+          input = {};
+        } else {
+          return makeJson(415, { error: "UnsupportedMediaType", contentType });
+        }
+      }
+      const ctx = ctxFactory(req);
+      const result = await reg.execute(route.name, route.version, input, ctx);
+      const headers = {};
+      if (opts.cors)
+        Object.assign(headers, corsHeaders(opts.cors === true ? {} : opts.cors));
+      return makeJson(200, result, headers);
+    } catch (err) {
+      if (opts.onError) {
+        const mapped = opts.onError(err);
+        const headers2 = {};
+        if (opts.cors)
+          Object.assign(headers2, corsHeaders(opts.cors === true ? {} : opts.cors));
+        return makeJson(mapped.status, mapped.body, headers2);
+      }
+      const headers = {};
+      if (opts.cors)
+        Object.assign(headers, corsHeaders(opts.cors === true ? {} : opts.cors));
+      if (err?.issues) {
+        return makeJson(400, {
+          error: "ValidationError",
+          issues: err.issues
+        }, headers);
+      }
+      if (typeof err?.message === "string" && err.message.startsWith("PolicyDenied")) {
+        return makeJson(403, { error: "PolicyDenied" }, headers);
+      }
+      return makeJson(500, { error: "InternalError" }, headers);
+    }
+  };
+}
+
+// src/rest-next-app.ts
+function makeNextAppHandler(reg, ctxFactory, options) {
+  const handler = createFetchHandler(reg, ctxFactory, options);
+  return async function requestHandler(req) {
+    return handler(req);
+  };
+}
+export {
+  makeNextAppHandler
+};

package/dist/rest-next-pages.d.ts

@@ -0,0 +1,5 @@
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { type RestOptions } from './rest-generic';
+import type { OperationSpecRegistry } from '@contractspec/lib.contracts-spec/operations/registry';
+import type { HandlerCtx } from '@contractspec/lib.contracts-spec/types';
+export declare function makeNextPagesHandler(reg: OperationSpecRegistry, ctxFactory: (req: NextApiRequest) => HandlerCtx, options?: RestOptions): (req: NextApiRequest, res: NextApiResponse) => Promise<void>;

package/dist/rest-next-pages.js

@@ -0,0 +1,149 @@
+// @bun
+// src/rest-generic.ts
+import { defaultRestPath } from "@contractspec/lib.contracts-spec/jsonschema";
+function corsHeaders(opt) {
+  const h = {};
+  const origin = typeof opt === "object" ? opt.origin ?? "*" : "*";
+  h["access-control-allow-origin"] = origin;
+  h["vary"] = "Origin";
+  if (typeof opt === "object") {
+    if (opt.methods)
+      h["access-control-allow-methods"] = opt.methods.join(", ");
+    if (opt.headers)
+      h["access-control-allow-headers"] = opt.headers.join(", ");
+    if (opt.credentials)
+      h["access-control-allow-credentials"] = "true";
+    if (typeof opt.maxAge === "number") {
+      h["access-control-max-age"] = String(opt.maxAge);
+    }
+  } else {
+    h["access-control-allow-methods"] = "GET,POST,OPTIONS";
+    h["access-control-allow-headers"] = "content-type,x-idempotency-key,x-trace-id";
+  }
+  return h;
+}
+function joinPath(a, b) {
+  const left = (a ?? "").replace(/\/+$/g, "");
+  const right = b.replace(/^\/+/g, "");
+  return `${left}/${right}`.replace(/\/{2,}/g, "/");
+}
+function createFetchHandler(reg, ctxFactory, options) {
+  const opts = {
+    basePath: options?.basePath ?? "",
+    cors: options?.cors ?? false,
+    prettyJson: options?.prettyJson ?? false,
+    onError: options?.onError
+  };
+  const routes = reg.list().map((spec) => ({
+    method: spec.transport?.rest?.method ?? (spec.meta.kind === "query" ? "GET" : "POST"),
+    path: joinPath(opts.basePath, spec.transport?.rest?.path ?? defaultRestPath(spec.meta.key, spec.meta.version)),
+    name: spec.meta.key,
+    version: spec.meta.version
+  }));
+  const routeTable = new Map;
+  for (const r of routes)
+    routeTable.set(`${r.method} ${r.path}`, r);
+  const makeJson = (status, data, extraHeaders) => {
+    const body = opts.prettyJson ? JSON.stringify(data, null, opts.prettyJson) : JSON.stringify(data);
+    const base = {
+      "content-type": "application/json; charset=utf-8"
+    };
+    return new Response(body, {
+      status,
+      headers: extraHeaders ? { ...base, ...extraHeaders } : base
+    });
+  };
+  return async function handle(req) {
+    const url = new URL(req.url);
+    const key = `${req.method.toUpperCase()} ${url.pathname}`;
+    if (opts.cors && req.method.toUpperCase() === "OPTIONS") {
+      const h = corsHeaders(opts.cors === true ? {} : opts.cors);
+      return new Response(null, {
+        status: 204,
+        headers: { ...h, "content-length": "0" }
+      });
+    }
+    const route = routeTable.get(key);
+    if (!route) {
+      const headers = {};
+      if (opts.cors)
+        Object.assign(headers, corsHeaders(opts.cors === true ? {} : opts.cors));
+      return makeJson(404, { error: "NotFound", path: url.pathname }, headers);
+    }
+    try {
+      let input = {};
+      if (route.method === "GET") {
+        if (url.searchParams.has("input")) {
+          const raw = url.searchParams.get("input");
+          input = raw ? JSON.parse(raw) : {};
+        } else {
+          const obj = {};
+          for (const [k, v] of url.searchParams.entries())
+            obj[k] = v;
+          input = obj;
+        }
+      } else {
+        const contentType = req.headers.get("content-type") || "";
+        if (contentType.includes("application/json")) {
+          input = await req.json();
+        } else if (contentType.includes("application/x-www-form-urlencoded")) {
+          const form = await req.formData();
+          input = Object.fromEntries(form.entries());
+        } else if (!contentType) {
+          input = {};
+        } else {
+          return makeJson(415, { error: "UnsupportedMediaType", contentType });
+        }
+      }
+      const ctx = ctxFactory(req);
+      const result = await reg.execute(route.name, route.version, input, ctx);
+      const headers = {};
+      if (opts.cors)
+        Object.assign(headers, corsHeaders(opts.cors === true ? {} : opts.cors));
+      return makeJson(200, result, headers);
+    } catch (err) {
+      if (opts.onError) {
+        const mapped = opts.onError(err);
+        const headers2 = {};
+        if (opts.cors)
+          Object.assign(headers2, corsHeaders(opts.cors === true ? {} : opts.cors));
+        return makeJson(mapped.status, mapped.body, headers2);
+      }
+      const headers = {};
+      if (opts.cors)
+        Object.assign(headers, corsHeaders(opts.cors === true ? {} : opts.cors));
+      if (err?.issues) {
+        return makeJson(400, {
+          error: "ValidationError",
+          issues: err.issues
+        }, headers);
+      }
+      if (typeof err?.message === "string" && err.message.startsWith("PolicyDenied")) {
+        return makeJson(403, { error: "PolicyDenied" }, headers);
+      }
+      return makeJson(500, { error: "InternalError" }, headers);
+    }
+  };
+}
+
+// src/rest-next-pages.ts
+function makeNextPagesHandler(reg, ctxFactory, options) {
+  return async function handler(req, res) {
+    const url = `${req.headers["x-forwarded-proto"] ?? "http"}://${req.headers.host}${req.url}`;
+    const method = req.method?.toUpperCase() || "GET";
+    const request = new Request(url, {
+      method,
+      headers: Object.fromEntries(Object.entries(req.headers).map(([k, v]) => [k, String(v)])),
+      body: method === "POST" ? JSON.stringify(req.body ?? {}) : undefined
+    });
+    const perReqHandler = createFetchHandler(reg, () => ctxFactory(req), options);
+    const response = await perReqHandler(request);
+    res.status(response.status);
+    response.headers.forEach((v, k) => res.setHeader(k, v));
+    const text = await response.text();
+    res.send(text);
+  };
+}
+export {
+  makeNextPagesHandler
+};