@edge-base/server 0.2.6 → 0.2.7

package/src/lib/openapi.ts

@@ -47,10 +47,7 @@ const USER_BEARER_PATHS = new Set([
   '/api/push/topic/unsubscribe',
 ]);
 
-const USER_BEARER_PREFIXES = [
-  '/api/room/media/realtime/',
-  '/api/room/media/cloudflare_realtimekit/',
-];
+const USER_BEARER_PREFIXES: string[] = [];
 
 const SERVICE_KEY_ONLY_PATHS = new Set([
   '/api/db/broadcast',

package/src/routes/room.ts

@@ -65,109 +65,6 @@ const roomSummaryCollectionSchema = z.object({
   deniedIds: z.array(z.string()),
   updatedAt: z.string(),
 });
-const roomRealtimeSessionDescriptionSchema = z.object({
-  sdp: z.string().openapi({ description: 'WebRTC session description payload' }),
-  type: z.enum(['offer', 'answer']).openapi({ description: 'Session description type' }),
-});
-const roomRealtimeTrackSchema = z.object({
-  location: z.enum(['local', 'remote']).openapi({ description: 'Track direction relative to the caller' }),
-  mid: z.string().optional().openapi({ description: 'WebRTC media ID' }),
-  sessionId: z.string().optional().openapi({ description: 'Provider session ID associated with this track' }),
-  trackName: z.string().optional().openapi({ description: 'Track name used by the provider' }),
-  bidirectionalMediaStream: z.boolean().optional().openapi({ description: 'Whether the track should be bidirectional' }),
-  kind: z.string().optional().openapi({ description: 'Track kind reported by the provider' }),
-  simulcast: z.object({
-    preferredRid: z.string().optional(),
-    priorityOrdering: z.enum(['none', 'asciibetical']).optional(),
-    ridNotAvailable: z.enum(['none', 'asciibetical']).optional(),
-  }).optional().openapi({ description: 'Optional simulcast preferences' }),
-  errorCode: z.string().optional().openapi({ description: 'Provider-level error code for this track' }),
-  errorDescription: z.string().optional().openapi({ description: 'Provider-level error description for this track' }),
-});
-const roomRealtimeCreateSessionBodySchema = z.object({
-  connectionId: z.string().optional().openapi({ description: 'Specific room connection ID to bind the realtime session to' }),
-  correlationId: z.string().optional().openapi({ description: 'Optional provider correlation ID' }),
-  thirdparty: z.boolean().optional().openapi({ description: 'Forward Cloudflare Realtime thirdparty mode' }),
-  sessionDescription: roomRealtimeSessionDescriptionSchema.optional(),
-});
-const roomCloudflareRealtimeKitCreateSessionBodySchema = z.object({
-  connectionId: z.string().optional().openapi({ description: 'Specific room connection ID to bind the Cloudflare RealtimeKit participant to' }),
-  customParticipantId: z.string().optional().openapi({ description: 'Optional custom participant identifier for the provisioned RealtimeKit participant' }),
-  name: z.string().optional().openapi({ description: 'Optional display name for the provisioned RealtimeKit participant' }),
-  picture: z.string().optional().openapi({ description: 'Optional avatar URL for the provisioned RealtimeKit participant' }),
-});
-const roomRealtimeCreateSessionResponseSchema = z.object({
-  sessionId: z.string().openapi({ description: 'Realtime provider session ID' }),
-  sessionDescription: roomRealtimeSessionDescriptionSchema.optional(),
-  errorCode: z.string().optional(),
-  errorDescription: z.string().optional(),
-  connectionId: z.string().optional().openapi({ description: 'Room connection ID associated with the session' }),
-  reused: z.boolean().optional().openapi({ description: 'Whether an existing provider session was reused' }),
-});
-const roomCloudflareRealtimeKitCreateSessionResponseSchema = z.object({
-  sessionId: z.string().openapi({ description: 'Cloudflare RealtimeKit participant ID' }),
-  meetingId: z.string().openapi({ description: 'Cloudflare RealtimeKit meeting ID backing the room session' }),
-  participantId: z.string().openapi({ description: 'Cloudflare RealtimeKit participant ID' }),
-  authToken: z.string().openapi({ description: 'RealtimeKit auth token for the provisioned participant' }),
-  presetName: z.string().optional().openapi({ description: 'RealtimeKit preset used for the provisioned participant' }),
-  connectionId: z.string().optional().openapi({ description: 'Room connection ID associated with the session' }),
-  reused: z.boolean().optional().openapi({ description: 'Whether an existing provider participant was reused' }),
-});
-const roomRealtimeSessionStateSchema = z.object({
-  sessionId: z.string().openapi({ description: 'Realtime provider session ID' }),
-  connectionId: z.string().optional().openapi({ description: 'Room connection ID associated with the session' }),
-  createdAt: z.number().openapi({ description: 'Unix epoch milliseconds when the session was created' }),
-  updatedAt: z.number().openapi({ description: 'Unix epoch milliseconds when the session was last updated' }),
-});
-const roomRealtimeIceServerSchema = z.object({
-  urls: z.union([z.array(z.string()), z.string()]).openapi({ description: 'ICE server URL or URL list' }),
-  username: z.string().optional(),
-  credential: z.string().optional(),
-});
-const roomRealtimeIceServersBodySchema = z.object({
-  ttl: z.number().optional().openapi({ description: 'Requested TURN credential TTL in seconds' }),
-});
-const roomRealtimeIceServersResponseSchema = z.object({
-  iceServers: z.array(roomRealtimeIceServerSchema).openapi({ description: 'ICE servers returned by Cloudflare TURN' }),
-});
-const roomRealtimeTracksResponseSchema = z.object({
-  errorCode: z.string().optional(),
-  errorDescription: z.string().optional(),
-  requiresImmediateRenegotiation: z.boolean().optional(),
-  sessionDescription: roomRealtimeSessionDescriptionSchema.optional(),
-  tracks: z.array(roomRealtimeTrackSchema).optional(),
-});
-const roomRealtimeTracksBodySchema = z.object({
-  sessionId: z.string().openapi({ description: 'Realtime provider session ID' }),
-  connectionId: z.string().optional().openapi({ description: 'Specific room connection ID to bind the track operation to' }),
-  sessionDescription: roomRealtimeSessionDescriptionSchema.optional(),
-  tracks: z.array(roomRealtimeTrackSchema).min(1).openapi({ description: 'Tracks to create or subscribe to' }),
-  autoDiscover: z.boolean().optional().openapi({ description: 'Ask the provider to auto-discover remote tracks' }),
-  publish: z.object({
-    kind: z.enum(['audio', 'video', 'screen']).optional(),
-    trackId: z.string().optional(),
-    deviceId: z.string().optional(),
-    muted: z.boolean().optional(),
-  }).optional().openapi({ description: 'Optional room media state updates to apply after track creation' }),
-});
-const roomRealtimeRenegotiateBodySchema = z.object({
-  sessionId: z.string().openapi({ description: 'Realtime provider session ID' }),
-  connectionId: z.string().optional().openapi({ description: 'Specific room connection ID to bind the renegotiation to' }),
-  sessionDescription: roomRealtimeSessionDescriptionSchema,
-});
-const roomRealtimeCloseTracksBodySchema = z.object({
-  sessionId: z.string().openapi({ description: 'Realtime provider session ID' }),
-  connectionId: z.string().optional().openapi({ description: 'Specific room connection ID to bind the close operation to' }),
-  sessionDescription: roomRealtimeSessionDescriptionSchema.optional(),
-  tracks: z.array(z.object({
-    mid: z.string().openapi({ description: 'Track MID to close' }),
-  })).min(1).openapi({ description: 'Tracks to close' }),
-  force: z.boolean().optional().openapi({ description: 'Force close even if the provider reports the track as active' }),
-  unpublish: z.object({
-    kind: z.enum(['audio', 'video', 'screen']).optional(),
-  }).optional().openapi({ description: 'Optional room media state cleanup after closing tracks' }),
-});
-
 function isRoomOperationPublic(
   namespaceConfig: RoomNamespaceConfig | null | undefined,
   operation: 'metadata' | 'join' | 'action',
@@ -705,185 +602,3 @@ roomRoute.openapi(getRoomSummaries, async (c) => {
     updatedAt: new Date().toISOString(),
   });
 });
-
-const getRoomRealtimeSession = createRoute({
-  operationId: 'getRoomRealtimeSession',
-  method: 'get',
-  path: '/media/realtime/session',
-  tags: ['client'],
-  summary: 'Get the active room realtime media session',
-  description: 'Returns the provider session currently bound to the authenticated room member.',
-  request: {
-    query: roomQuerySchema.extend({
-      connectionId: z.string().optional().openapi({ description: 'Optional room connection ID override' }),
-    }),
-  },
-  responses: {
-    200: { description: 'Active room realtime session', content: { 'application/json': { schema: roomRealtimeSessionStateSchema } } },
-    400: { description: 'Bad request', content: { 'application/json': { schema: errorResponseSchema } } },
-    401: { description: 'Authentication required', content: { 'application/json': { schema: errorResponseSchema } } },
-    403: { description: 'Forbidden', content: { 'application/json': { schema: errorResponseSchema } } },
-    404: { description: 'No active session or runtime not found', content: { 'application/json': { schema: errorResponseSchema } } },
-  },
-});
-
-const createRoomRealtimeSession = createRoute({
-  operationId: 'createRoomRealtimeSession',
-  method: 'post',
-  path: '/media/realtime/session',
-  tags: ['client'],
-  summary: 'Create a room realtime media session',
-  description: 'Creates a Cloudflare Realtime session for the authenticated room member.',
-  request: {
-    query: roomQuerySchema,
-    body: { content: { 'application/json': { schema: roomRealtimeCreateSessionBodySchema } }, required: false },
-  },
-  responses: {
-    200: { description: 'Realtime session created', content: { 'application/json': { schema: roomRealtimeCreateSessionResponseSchema } } },
-    400: { description: 'Bad request', content: { 'application/json': { schema: errorResponseSchema } } },
-    401: { description: 'Authentication required', content: { 'application/json': { schema: errorResponseSchema } } },
-    403: { description: 'Forbidden', content: { 'application/json': { schema: errorResponseSchema } } },
-    404: { description: 'Room runtime not found', content: { 'application/json': { schema: errorResponseSchema } } },
-    409: { description: 'Conflicting existing published media', content: { 'application/json': { schema: errorResponseSchema } } },
-  },
-});
-
-const createRoomCloudflareRealtimeKitSession = createRoute({
-  operationId: 'createRoomCloudflareRealtimeKitSession',
-  method: 'post',
-  path: '/media/cloudflare_realtimekit/session',
-  tags: ['client'],
-  summary: 'Create a room Cloudflare RealtimeKit session',
-  description: 'Creates a Cloudflare RealtimeKit session for the authenticated room member.',
-  request: {
-    query: roomQuerySchema,
-    body: { content: { 'application/json': { schema: roomCloudflareRealtimeKitCreateSessionBodySchema } }, required: false },
-  },
-  responses: {
-    200: { description: 'Cloudflare RealtimeKit session created', content: { 'application/json': { schema: roomCloudflareRealtimeKitCreateSessionResponseSchema } } },
-    400: { description: 'Bad request', content: { 'application/json': { schema: errorResponseSchema } } },
-    401: { description: 'Authentication required', content: { 'application/json': { schema: errorResponseSchema } } },
-    403: { description: 'Forbidden', content: { 'application/json': { schema: errorResponseSchema } } },
-    404: { description: 'Room runtime not found', content: { 'application/json': { schema: errorResponseSchema } } },
-    409: { description: 'Conflicting existing published media', content: { 'application/json': { schema: errorResponseSchema } } },
-  },
-});
-
-const createRoomRealtimeIceServers = createRoute({
-  operationId: 'createRoomRealtimeIceServers',
-  method: 'post',
-  path: '/media/realtime/turn',
-  tags: ['client'],
-  summary: 'Generate TURN / ICE credentials for room realtime media',
-  description: 'Generates ICE server credentials for the authenticated room member.',
-  request: {
-    query: roomQuerySchema,
-    body: { content: { 'application/json': { schema: roomRealtimeIceServersBodySchema } }, required: false },
-  },
-  responses: {
-    200: { description: 'ICE servers generated', content: { 'application/json': { schema: roomRealtimeIceServersResponseSchema } } },
-    400: { description: 'Bad request', content: { 'application/json': { schema: errorResponseSchema } } },
-    401: { description: 'Authentication required', content: { 'application/json': { schema: errorResponseSchema } } },
-    403: { description: 'Forbidden', content: { 'application/json': { schema: errorResponseSchema } } },
-    404: { description: 'Room runtime not found', content: { 'application/json': { schema: errorResponseSchema } } },
-  },
-});
-
-const addRoomRealtimeTracks = createRoute({
-  operationId: 'addRoomRealtimeTracks',
-  method: 'post',
-  path: '/media/realtime/tracks/new',
-  tags: ['client'],
-  summary: 'Add realtime media tracks to a room session',
-  description: 'Creates or subscribes realtime tracks for the authenticated room member.',
-  request: {
-    query: roomQuerySchema,
-    body: { content: { 'application/json': { schema: roomRealtimeTracksBodySchema } }, required: true },
-  },
-  responses: {
-    200: { description: 'Realtime tracks updated', content: { 'application/json': { schema: roomRealtimeTracksResponseSchema } } },
-    400: { description: 'Bad request', content: { 'application/json': { schema: errorResponseSchema } } },
-    401: { description: 'Authentication required', content: { 'application/json': { schema: errorResponseSchema } } },
-    403: { description: 'Forbidden', content: { 'application/json': { schema: errorResponseSchema } } },
-    404: { description: 'Room runtime not found', content: { 'application/json': { schema: errorResponseSchema } } },
-  },
-});
-
-const renegotiateRoomRealtimeSession = createRoute({
-  operationId: 'renegotiateRoomRealtimeSession',
-  method: 'put',
-  path: '/media/realtime/renegotiate',
-  tags: ['client'],
-  summary: 'Renegotiate a room realtime media session',
-  description: 'Submits a new session description for an existing room realtime media session.',
-  request: {
-    query: roomQuerySchema,
-    body: { content: { 'application/json': { schema: roomRealtimeRenegotiateBodySchema } }, required: true },
-  },
-  responses: {
-    200: { description: 'Realtime session renegotiated', content: { 'application/json': { schema: roomRealtimeTracksResponseSchema } } },
-    400: { description: 'Bad request', content: { 'application/json': { schema: errorResponseSchema } } },
-    401: { description: 'Authentication required', content: { 'application/json': { schema: errorResponseSchema } } },
-    403: { description: 'Forbidden', content: { 'application/json': { schema: errorResponseSchema } } },
-    404: { description: 'Room runtime not found', content: { 'application/json': { schema: errorResponseSchema } } },
-  },
-});
-
-const closeRoomRealtimeTracks = createRoute({
-  operationId: 'closeRoomRealtimeTracks',
-  method: 'put',
-  path: '/media/realtime/tracks/close',
-  tags: ['client'],
-  summary: 'Close room realtime media tracks',
-  description: 'Closes provider tracks for the authenticated room member and optionally unpublishes room media state.',
-  request: {
-    query: roomQuerySchema,
-    body: { content: { 'application/json': { schema: roomRealtimeCloseTracksBodySchema } }, required: true },
-  },
-  responses: {
-    200: { description: 'Realtime tracks closed', content: { 'application/json': { schema: roomRealtimeTracksResponseSchema } } },
-    400: { description: 'Bad request', content: { 'application/json': { schema: errorResponseSchema } } },
-    401: { description: 'Authentication required', content: { 'application/json': { schema: errorResponseSchema } } },
-    403: { description: 'Forbidden', content: { 'application/json': { schema: errorResponseSchema } } },
-    404: { description: 'Room runtime not found', content: { 'application/json': { schema: errorResponseSchema } } },
-  },
-});
-
-roomRoute.openapi(getRoomRealtimeSession, async (c) =>
-  proxyRoomDoRequest(c, '/media/realtime/session', 'GET', { requireAuth: true }));
-
-roomRoute.openapi(createRoomRealtimeSession, async (c) =>
-  proxyRoomDoRequest(c, '/media/realtime/session', 'POST', {
-    requireAuth: true,
-    validatedJson: c.req.valid('json'),
-  }));
-
-roomRoute.openapi(createRoomRealtimeIceServers, async (c) =>
-  proxyRoomDoRequest(c, '/media/realtime/turn', 'POST', {
-    requireAuth: true,
-    validatedJson: c.req.valid('json'),
-  }));
-
-roomRoute.openapi(addRoomRealtimeTracks, async (c) =>
-  proxyRoomDoRequest(c, '/media/realtime/tracks/new', 'POST', {
-    requireAuth: true,
-    validatedJson: c.req.valid('json'),
-  }));
-
-roomRoute.openapi(renegotiateRoomRealtimeSession, async (c) =>
-  proxyRoomDoRequest(c, '/media/realtime/renegotiate', 'PUT', {
-    requireAuth: true,
-    validatedJson: c.req.valid('json'),
-  }));
-
-roomRoute.openapi(closeRoomRealtimeTracks, async (c) =>
-  proxyRoomDoRequest(c, '/media/realtime/tracks/close', 'PUT', {
-    requireAuth: true,
-    validatedJson: c.req.valid('json'),
-  }));
-
-roomRoute.openapi(createRoomCloudflareRealtimeKitSession, async (c) =>
-  proxyRoomDoRequest(c, '/media/cloudflare_realtimekit/session', 'POST', {
-    requireAuth: true,
-    validatedJson: c.req.valid('json'),
-  }));

package/src/types.ts

@@ -7,7 +7,7 @@ export interface Env {
   DATABASE: DurableObjectNamespace;
   AUTH: DurableObjectNamespace;
   DATABASE_LIVE: DurableObjectNamespace;
-  /** Room DO — per-room state synchronization, members, signals, media */
+  /** Room DO — per-room state synchronization, members, and signals */
   ROOMS: DurableObjectNamespace;
 
   // ─── R2 Storage ───
@@ -66,19 +66,6 @@ export interface Env {
   TURNSTILE_SECRET?: string;
   /** Turnstile site key — public, returned to clients via GET /api/config (§34) */
   CAPTCHA_SITE_KEY?: string;
-  /** Cloudflare Realtime app ID for SFU session control. */
-  CF_REALTIME_APP_ID?: string;
-  /** Cloudflare RealtimeKit preset name used when creating participant tokens. */
-  CF_REALTIME_PRESET_NAME?: string;
-  /** Cloudflare Realtime app secret for SFU session control. */
-  CF_REALTIME_APP_SECRET?: string;
-  /** Optional override for the Cloudflare Realtime API base URL. */
-  CF_REALTIME_BASE_URL?: string;
-  /** Cloudflare TURN key ID used to mint short-lived ICE credentials. */
-  CF_REALTIME_TURN_KEY_ID?: string;
-  /** Cloudflare TURN API token returned when the TURN key is created. */
-  CF_REALTIME_TURN_API_TOKEN?: string;
-
   // ─── Environment Identification ───
   /** Server environment name for Service Key constraints.env evaluation */
   ENVIRONMENT?: string;

package/admin-build/_app/immutable/entry/start.DY6YakU0.js

@@ -1 +0,0 @@
-import{a as r}from"../chunks/SQVAC3Cv.js";import{w as t}from"../chunks/Q3vAxeY-.js";export{t as load_css,r as start};

package/admin-build/_app/immutable/nodes/21.UVKBDvp4.js

@@ -1 +0,0 @@
-import{_ as m}from"../chunks/DemDWbs-.js";export{m as component};

package/src/__tests__/cloudflare-realtime.test.ts

@@ -1,113 +0,0 @@
-import { afterEach, describe, expect, it, vi } from 'vitest';
-import {
-  CloudflareRealtimeClient,
-  assertCloudflareRealtimeConfig,
-  createCloudflareRealtimeClient,
-  hasCloudflareRealtimeConfig,
-} from '../lib/cloudflare-realtime.js';
-
-describe('cloudflare realtime helpers', () => {
-  afterEach(() => {
-    vi.restoreAllMocks();
-    vi.unstubAllGlobals();
-  });
-
-  it('detects whether the required realtime config is present', () => {
-    expect(hasCloudflareRealtimeConfig({})).toBe(false);
-    expect(hasCloudflareRealtimeConfig({
-      CF_REALTIME_APP_ID: ' app-123 ',
-      CF_REALTIME_APP_SECRET: ' secret-456 ',
-    })).toBe(true);
-  });
-
-  it('normalizes realtime config and defaults the base URL', () => {
-    expect(assertCloudflareRealtimeConfig({
-      CF_REALTIME_APP_ID: ' app-123 ',
-      CF_REALTIME_APP_SECRET: ' secret-456 ',
-      CF_REALTIME_TURN_KEY_ID: ' key-1 ',
-      CF_REALTIME_TURN_API_TOKEN: ' token-1 ',
-    })).toEqual({
-      appId: 'app-123',
-      appSecret: 'secret-456',
-      baseUrl: 'https://rtc.live.cloudflare.com/v1',
-      turnKeyId: 'key-1',
-      turnApiToken: 'token-1',
-    });
-
-    expect(() => assertCloudflareRealtimeConfig({
-      CF_REALTIME_APP_ID: 'missing-secret',
-    })).toThrow('Cloudflare Realtime is not configured');
-  });
-
-  it('creates a realtime client and sends authenticated session requests', async () => {
-    const fetchMock = vi.fn(async (_input: RequestInfo | URL, _init?: RequestInit) =>
-      new Response(JSON.stringify({ sessionId: 'sess-1' }), {
-        status: 200,
-        headers: { 'Content-Type': 'application/json' },
-      }));
-    vi.stubGlobal('fetch', fetchMock);
-
-    const client = createCloudflareRealtimeClient({
-      CF_REALTIME_APP_ID: 'app-123',
-      CF_REALTIME_APP_SECRET: 'secret-456',
-    } as never);
-
-    expect(client).toBeInstanceOf(CloudflareRealtimeClient);
-    await expect(client.createSession({
-      sessionDescription: {
-        sdp: 'offer-sdp',
-        type: 'offer',
-      },
-    }, {
-      thirdparty: true,
-      correlationId: 'corr-1',
-    })).resolves.toEqual({ sessionId: 'sess-1' });
-
-    expect(fetchMock).toHaveBeenCalledTimes(1);
-    expect(fetchMock.mock.calls[0]?.[0]).toBe(
-      'https://rtc.live.cloudflare.com/v1/apps/app-123/sessions/new?thirdparty=true&correlationId=corr-1',
-    );
-    expect(fetchMock.mock.calls[0]?.[1]).toMatchObject({
-      method: 'POST',
-      headers: {
-        Authorization: 'Bearer secret-456',
-        'Content-Type': 'application/json',
-      },
-    });
-  });
-
-  it('uses TURN credentials when generating ICE servers', async () => {
-    const fetchMock = vi.fn(async () =>
-      new Response(JSON.stringify({
-        iceServers: [{ urls: 'turn:global.example.com', username: 'user', credential: 'pass' }],
-      }), {
-        status: 200,
-        headers: { 'Content-Type': 'application/json' },
-      }));
-    vi.stubGlobal('fetch', fetchMock);
-
-    const client = new CloudflareRealtimeClient({
-      CF_REALTIME_APP_ID: 'app-123',
-      CF_REALTIME_APP_SECRET: 'secret-456',
-      CF_REALTIME_BASE_URL: 'https://rtc.example.com/base/',
-      CF_REALTIME_TURN_KEY_ID: 'turn-key',
-      CF_REALTIME_TURN_API_TOKEN: 'turn-token',
-    });
-
-    await expect(client.generateIceServers(120)).resolves.toEqual({
-      iceServers: [{ urls: 'turn:global.example.com', username: 'user', credential: 'pass' }],
-    });
-
-    expect(fetchMock).toHaveBeenCalledWith(
-      'https://rtc.example.com/base/turn/keys/turn-key/credentials/generate-ice-servers',
-      {
-        method: 'POST',
-        headers: {
-          Authorization: 'Bearer turn-token',
-          'Content-Type': 'application/json',
-        },
-        body: JSON.stringify({ ttl: 120 }),
-      },
-    );
-  });
-});