@enbox/dwn-server 0.0.7 → 0.0.9

package/src/storage.ts

@@ -20,6 +20,7 @@ import { Kysely } from 'kysely';
 
 import { createBunSqliteDatabase } from '@enbox/dwn-sql-store';
 import { PluginLoader } from './plugin-loader.js';
+import { runServerMigrations } from './server-migration-runner.js';
 
 import {
   DataStoreLevel,
@@ -55,26 +56,27 @@ export enum BackendTypes {
 export type DwnStore = DataStore | StateIndex | MessageStore | ResumableTaskStore;
 
 /**
- * Cache of shared PostgreSQL dialects keyed by connection URL. When multiple
- * DWN stores share the same Postgres URL, they reuse a single dialect (and
- * thus a single `pg.Pool`) instead of each creating their own. This reduces
- * connection count from 4 × pool_max to 1 × pool_max per DWN process.
+ * Returns a (potentially cached) dialect for the given connection URL. For
+ * Postgres, creates a pool with configurable sizing from the server config.
+ * For other backends, delegates to `getDialectFromUrl()` which handles its
+ * own caching (critical for in-memory SQLite).
+ *
+ * All Postgres dialects are cached in a separate map keyed by URL so that
+ * multiple DWN stores sharing the same Postgres URL reuse a single
+ * `pg.Pool`, reducing connection count from 4 × pool_max to 1 × pool_max.
  */
-const sharedDialectCache: Map<string, Dialect> = new Map();
+const postgresDialectCache: Map<string, Dialect> = new Map();
 
-/**
- * Returns a (potentially cached) dialect for the given Postgres connection URL.
- * Non-Postgres URLs always return a fresh dialect (no caching).
- */
 function getOrCreateDialect(connectionUrl: URL, config: DwnServerConfig): Dialect {
   const protocol = connectionUrl.protocol.slice(0, -1);
 
   if (protocol !== BackendTypes.POSTGRES) {
+    // getDialectFromUrl handles its own caching for SQLite/MySQL.
     return getDialectFromUrl(connectionUrl);
   }
 
   const key = connectionUrl.toString();
-  const cached = sharedDialectCache.get(key);
+  const cached = postgresDialectCache.get(key);
   if (cached !== undefined) {
     return cached;
   }
@@ -92,7 +94,7 @@ function getOrCreateDialect(connectionUrl: URL, config: DwnServerConfig): Dialec
     cursor : Cursor,
   });
 
-  sharedDialectCache.set(key, dialect);
+  postgresDialectCache.set(key, dialect);
   return dialect;
 }
 
@@ -152,13 +154,99 @@ async function runSqlMigrationsIfNeeded(config: DwnServerConfig): Promise<void>
       console.log(`DWN migrations applied: ${applied.join(', ')}`);
     }
   } finally {
-    // Don't destroy the Kysely instance if using a shared Postgres pool —
-    // the pool is cached in sharedDialectCache and will be reused by stores.
-    // Only destroy for non-cached dialects (SQLite, MySQL).
-    if (protocol !== BackendTypes.POSTGRES) {
-      await db.destroy();
+    // Do NOT destroy the Kysely instance — the dialect is cached and will be
+    // reused by stores. For in-memory SQLite, destroying would close the
+    // database and lose all migrated schema. For Postgres, the pool is shared.
+  }
+}
+
+/**
+ * Runs DWN server schema migrations (admin stores, registration, TTL cache)
+ * if the given URL points to a SQL backend. Uses the `registrationStoreUrl`
+ * (or the TTL cache URL) as the target database.
+ *
+ * Server migrations use a separate tracking table (`dwn_server_migration`)
+ * so they do not conflict with the DWN store migrations.
+ *
+ * Call this once during server startup, before creating admin stores.
+ *
+ * @returns The dialect used for the target database (so the caller can reuse
+ *          it for the TTL cache and admin stores), or `undefined` if no SQL
+ *          backend was configured or needed.
+ */
+export async function runServerMigrationsIfNeeded(config: DwnServerConfig): Promise<Dialect | undefined> {
+  const sqlBackends: string[] = [BackendTypes.SQLITE, BackendTypes.MYSQL, BackendTypes.POSTGRES];
+
+  // Determine the target URL for server migrations. Prefer registrationStoreUrl
+  // since admin stores and the TTL cache share that database. Fall back to
+  // ttlCacheUrl when no registration store is configured (the cacheEntries
+  // table still needs a schema).
+  const targetUrl = config.registrationStoreUrl ?? config.ttlCacheUrl;
+  if (!targetUrl) {
+    return undefined;
+  }
+
+  if (isFilePath(targetUrl)) {
+    return undefined;
+  }
+
+  let parsedUrl: URL;
+  try {
+    parsedUrl = new URL(targetUrl);
+  } catch {
+    return undefined;
+  }
+
+  const protocol = parsedUrl.protocol.slice(0, -1);
+  if (!sqlBackends.includes(protocol)) {
+    return undefined;
+  }
+
+  // When both registrationStoreUrl and ttlCacheUrl are set and differ,
+  // validate they point at the same database — the cacheEntries table is
+  // included in the server migration so it must live alongside the other
+  // server tables.
+  if (config.registrationStoreUrl && config.ttlCacheUrl
+    && config.ttlCacheUrl !== config.registrationStoreUrl) {
+    let ttlUrl: URL | undefined;
+    try {
+      ttlUrl = new URL(config.ttlCacheUrl);
+    } catch { /* not a URL */ }
+
+    if (ttlUrl) {
+      const ttlProtocol = ttlUrl.protocol.slice(0, -1);
+      if (sqlBackends.includes(ttlProtocol)) {
+        throw new Error(
+          'DWN server misconfiguration: DWN_TTL_CACHE_URL must point to the same database as ' +
+          'DWN_REGISTRATION_STORE_URL (or DWN_STORAGE) because the cacheEntries table is managed ' +
+          'by the server migration system. ' +
+          `Got registrationStoreUrl="${config.registrationStoreUrl}", ttlCacheUrl="${config.ttlCacheUrl}".`
+        );
+      }
+    }
+  }
+
+  const dialect = getOrCreateDialect(parsedUrl, config);
+  const db = new Kysely<Record<string, unknown>>({ dialect });
+  try {
+    const applied = await runServerMigrations(db, dialect);
+    if (applied.length > 0) {
+      console.log(`Server migrations applied: ${applied.join(', ')}`);
+    }
+  } finally {
+    // For Postgres, don't destroy — the pool is cached in sharedDialectCache.
+    // For SQLite/MySQL, we also keep the Kysely instance alive so the caller
+    // can reuse the same dialect (critical for in-memory SQLite).
+    if (protocol === BackendTypes.POSTGRES) {
+      // Pool stays alive via sharedDialectCache.
     }
+    // NOTE: We intentionally do NOT destroy the Kysely instance for any
+    // backend. The dialect is returned to the caller for reuse (e.g. by the
+    // TTL cache and admin stores). For in-memory SQLite, destroying would
+    // lose the database.
   }
+
+  return dialect;
 }
 
 function getLevelStore(
@@ -264,6 +352,21 @@ async function loadStoreFromFilePath(
   }
 }
 
+/**
+ * Cache for the in-memory SQLite dialect. Since every call to
+ * `createBunSqliteDatabase(':memory:')` creates a separate, empty database,
+ * we must ensure that `getDialectFromUrl(new URL('sqlite://'))` always
+ * returns the same dialect (and thus the same underlying database) within a
+ * process. This is critical for the DWN server startup flow where migrations,
+ * the registration store, and the TTL cache all need to share the same
+ * in-memory database.
+ *
+ * File-based SQLite and other backends are NOT cached here — file-based SQLite
+ * connections naturally share state through the filesystem, and caching would
+ * break test isolation when multiple test files run in the same process.
+ */
+let inMemorySqliteDialect: Dialect | undefined;
+
 export function getDialectFromUrl(connectionUrl: URL): Dialect {
   switch (connectionUrl.protocol.slice(0, -1)) {
     case BackendTypes.SQLITE: {
@@ -275,9 +378,32 @@ export function getDialectFromUrl(connectionUrl: URL): Dialect {
         fs.mkdirSync(connectionUrl.host, { recursive: true });
       }
 
-      // Use in-memory database if no path is provided (for tests)
+      // Use in-memory database if no path is provided (for tests).
       const dbPath = path || ':memory:';
 
+      // For in-memory SQLite, return a cached dialect so that all callers
+      // (migrations, registration store, TTL cache) share the same database.
+      // The wrapper makes close() a no-op so that individual consumers (e.g.
+      // DwnServer.stop() → Dwn.close() → store.close()) cannot destroy the
+      // shared database out from under other consumers.
+      if (dbPath === ':memory:') {
+        if (inMemorySqliteDialect === undefined) {
+          const sharedDb = createBunSqliteDatabase(':memory:');
+          const nonCloseableDb = {
+            close(): void {
+              // no-op — shared instance must survive the process
+            },
+            prepare(sql: string): ReturnType<typeof sharedDb.prepare> {
+              return sharedDb.prepare(sql);
+            },
+          };
+          inMemorySqliteDialect = new SqliteDialect({
+            database: async (): Promise<typeof nonCloseableDb> => nonCloseableDb,
+          });
+        }
+        return inMemorySqliteDialect;
+      }
+
       return new SqliteDialect({
         database: async () => createBunSqliteDatabase(dbPath),
       });
@@ -291,6 +417,8 @@ export function getDialectFromUrl(connectionUrl: URL): Dialect {
         pool   : async () => new pg.Pool({ connectionString: connectionUrl.toString() }),
         cursor : Cursor,
       });
+    default:
+      throw new Error(`Unsupported database protocol: ${connectionUrl.protocol}`);
   }
 }
 

package/dist/esm/src/web5-connect/sql-ttl-cache.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"sql-ttl-cache.d.ts","sourceRoot":"","sources":["../../../../src/web5-connect/sql-ttl-cache.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAGpD;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAkB;IACxD,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,wBAAwB,CAAM;IAEtD,OAAO,CAAC,UAAU,CAAU;IAC5B,OAAO,CAAC,EAAE,CAAwB;IAClC,OAAO,CAAC,YAAY,CAAiB;IAErC,OAAO;IAKP;;OAEG;WACiB,MAAM,CAAC,UAAU,EAAE,OAAO,GAAG,OAAO,CAAC,WAAW,CAAC;YAQvD,UAAU;IA0BxB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAMzB;;;OAGG;IACU,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAW3E;;OAEG;IACU,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IA+B1D;;OAEG;IACU,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAO/C;;OAEG;IACU,qBAAqB,IAAI,OAAO,CAAC,IAAI,CAAC;CAMpD"}

package/dist/esm/src/web5-connect/sql-ttl-cache.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"sql-ttl-cache.js","sourceRoot":"","sources":["../../../../src/web5-connect/sql-ttl-cache.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAEhC;;GAEG;AACH,MAAM,OAAO,WAAW;IACd,MAAM,CAAU,cAAc,GAAG,cAAc,CAAC;IAChD,MAAM,CAAU,wBAAwB,GAAG,EAAE,CAAC;IAE9C,UAAU,CAAU;IACpB,EAAE,CAAwB;IAC1B,YAAY,CAAiB;IAErC,YAAoB,UAAmB;QACrC,IAAI,CAAC,EAAE,GAAG,IAAI,MAAM,CAAgB,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC,CAAC;QAC7D,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAmB;QAC5C,MAAM,YAAY,GAAG,IAAI,WAAW,CAAC,UAAU,CAAC,CAAC;QAEjD,MAAM,YAAY,CAAC,UAAU,EAAE,CAAC;QAEhC,OAAO,YAAY,CAAC;IACtB,CAAC;IAEO,KAAK,CAAC,UAAU;QAEtB,mCAAmC;QACnC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,WAAW,CAAC,cAAc,CAAC,CAAC;QACxF,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM;iBACjB,WAAW,CAAC,WAAW,CAAC,cAAc,CAAC;iBACvC,WAAW,EAAE,CAAC,8HAA8H;gBAC7I,0EAA0E;iBACzE,SAAS,CAAC,KAAK,EAAE,cAAc,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;iBACjE,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;iBACxD,SAAS,CAAC,QAAQ,EAAE,QAAQ,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;iBAC3D,OAAO,EAAE,CAAC;YAEb,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM;iBACjB,WAAW,CAAC,cAAc,CAAC;gBAC5B,uHAAuH;iBACtH,EAAE,CAAC,WAAW,CAAC,cAAc,CAAC;iBAC9B,MAAM,CAAC,QAAQ,CAAC;iBAChB,OAAO,EAAE,CAAC;QACf,CAAC;QAED,0BAA0B;QAC1B,IAAI,CAAC,iBAAiB,EAAE,CAAC;IAC3B,CAAC;IAED;;OAEG;IACK,iBAAiB;QACvB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;YACzC,MAAM,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACrC,CAAC,EAAE,WAAW,CAAC,wBAAwB,GAAG,IAAI,CAAC,CAAC;IAClD,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,MAAM,CAAC,GAAW,EAAE,KAAa,EAAE,GAAW;QACzD,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;QAEzC,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAE3C,MAAM,IAAI,CAAC,EAAE;aACV,UAAU,CAAC,WAAW,CAAC,cAAc,CAAC;aACtC,MAAM,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC;aAC5C,OAAO,EAAE,CAAC;IACf,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,GAAG,CAAC,GAAW;QAC1B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,EAAE;aACzB,UAAU,CAAC,WAAW,CAAC,cAAc,CAAC;aACtC,MAAM,CAAC,KAAK,CAAC;aACb,MAAM,CAAC,OAAO,CAAC;aACf,MAAM,CAAC,QAAQ,CAAC;aAChB,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;aACtB,OAAO,EAAE,CAAC;QAEb,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QAExB,yDAAyD;QACzD,MAAM,MAAM,GAAG,OAAO,KAAK,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC;QAC5F,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,MAAM,EAAE,CAAC;YACzB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,mBAAmB;YACrC,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACjC,CAAC;QAAC,MAAM,CAAC;YACP,kDAAkD;YAClD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,mBAAmB;YACrC,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,MAAM,CAAC,GAAW;QAC7B,MAAM,IAAI,CAAC,EAAE;aACV,UAAU,CAAC,WAAW,CAAC,cAAc,CAAC;aACtC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;aACtB,OAAO,EAAE,CAAC;IACf,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,qBAAqB;QAChC,MAAM,IAAI,CAAC,EAAE;aACV,UAAU,CAAC,WAAW,CAAC,cAAc,CAAC;aACtC,KAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;aAChC,OAAO,EAAE,CAAC;IACf,CAAC"}

package/dist/esm/src/web5-connect/web5-connect-server.d.ts

@@ -1,58 +0,0 @@
-/**
- * The Web5 Connect Request object.
- */
-export type Web5ConnectRequest = any;
-/**
- * The Web5 Connect Response object, which is also an OIDC ID token
- */
-export type Web5ConnectResponse = any;
-/**
- * The result of the setWeb5ConnectRequest() method.
- */
-export type SetWeb5ConnectRequestResult = {
-    /**
-     * The Request URI that the wallet should use to retrieve the request object.
-     */
-    request_uri: string;
-    /**
-     * The time in seconds that the Request URI is valid for.
-     */
-    expires_in: number;
-};
-/**
- * The Web5 Connect Server is responsible for handling the Web5 Connect flow.
- */
-export declare class Web5ConnectServer {
-    static readonly ttlInSeconds = 600;
-    private baseUrl;
-    private cache;
-    /**
-     * Creates a new instance of the Web5 Connect Server.
-     * @param params.baseUrl The the base URL of the connect server including the port.
-     *                       This is given to the Identity Provider (wallet) to fetch the Web5 Connect Request object.
-     * @param params.sqlTtlCacheUrl The URL of the SQL database to use as the TTL cache.
-     */
-    static create({ baseUrl, sqlTtlCacheUrl }: {
-        baseUrl: string;
-        sqlTtlCacheUrl: string;
-    }): Promise<Web5ConnectServer>;
-    private constructor();
-    /**
-     * Stores the given Web5 Connect Request object, which is also an OAuth 2 Pushed Authorization Request (PAR) object.
-     * This is the initial call to the connect server to start the Web5 Connect flow.
-     */
-    setWeb5ConnectRequest(request: Web5ConnectRequest): Promise<SetWeb5ConnectRequestResult>;
-    /**
-     * Returns the Web5 Connect Request object. The request ID can only be used once.
-     */
-    getWeb5ConnectRequest(requestId: string): Promise<Web5ConnectRequest | undefined>;
-    /**
-     * Sets the Web5 Connect Response object, which is also an OIDC ID token.
-     */
-    setWeb5ConnectResponse(state: string, response: Web5ConnectResponse): Promise<any>;
-    /**
-     * Gets the Web5 Connect Response object. The `state` string can only be used once.
-     */
-    getWeb5ConnectResponse(state: string): Promise<Web5ConnectResponse | undefined>;
-}
-//# sourceMappingURL=web5-connect-server.d.ts.map

package/dist/esm/src/web5-connect/web5-connect-server.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"web5-connect-server.d.ts","sourceRoot":"","sources":["../../../../src/web5-connect/web5-connect-server.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,GAAG,CAAC;AAErC;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG,GAAG,CAAC;AAEtC;;GAEG;AACH,MAAM,MAAM,2BAA2B,GAAG;IACxC;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF;;GAEG;AACH,qBAAa,iBAAiB;IAC5B,gBAAuB,YAAY,OAAO;IAE1C,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,KAAK,CAAc;IAE3B;;;;;OAKG;WACiB,MAAM,CAAC,EAAE,OAAO,EAAE,cAAc,EAAE,EAAE;QACtD,OAAO,EAAE,MAAM,CAAC;QAChB,cAAc,EAAE,MAAM,CAAC;KACxB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAU9B,OAAO;IAMP;;;OAGG;IACU,qBAAqB,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,2BAA2B,CAAC;IAcrG;;OAEG;IACU,qBAAqB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,GAAG,SAAS,CAAC;IAc9F;;OAEG;IACU,sBAAsB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,mBAAmB,GAAG,OAAO,CAAC,GAAG,CAAC;IAI/F;;OAEG;IACU,sBAAsB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,GAAG,SAAS,CAAC;CAa7F"}

package/dist/esm/src/web5-connect/web5-connect-server.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"web5-connect-server.js","sourceRoot":"","sources":["../../../../src/web5-connect/web5-connect-server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAE5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAClD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AA2BjD;;GAEG;AACH,MAAM,OAAO,iBAAiB;IACrB,MAAM,CAAU,YAAY,GAAG,GAAG,CAAC;IAElC,OAAO,CAAS;IAChB,KAAK,CAAc;IAE3B;;;;;OAKG;IACI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,OAAO,EAAE,cAAc,EAGnD;QACC,MAAM,iBAAiB,GAAG,IAAI,iBAAiB,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;QAE7D,wBAAwB;QACxB,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC;QAC9D,iBAAiB,CAAC,KAAK,GAAG,MAAM,WAAW,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAE/D,OAAO,iBAAiB,CAAC;IAC3B,CAAC;IAED,YAAoB,EAAE,OAAO,EAE5B;QACC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,qBAAqB,CAAC,OAA2B;QAC5D,yBAAyB;QACzB,MAAM,SAAS,GAAG,WAAW,CAAC,UAAU,EAAE,CAAC;QAC3C,MAAM,WAAW,GAAG,GAAG,IAAI,CAAC,OAAO,sBAAsB,SAAS,MAAM,CAAC;QAEzE,4BAA4B;QAC5B,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,WAAW,SAAS,EAAE,EAAE,OAAO,EAAE,iBAAiB,CAAC,YAAY,CAAC,CAAC;QAEnF,OAAO;YACL,WAAW;YACX,UAAU,EAAE,iBAAiB,CAAC,YAAY;SAC3C,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,qBAAqB,CAAC,SAAiB;QAClD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,SAAS,EAAE,CAAC,CAAC;QAE7D,mEAAmE;QACnE,yFAAyF;QACzF,wFAAwF;QACxF,mEAAmE;QACnE,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,WAAW,SAAS,EAAE,CAAC,CAAC;QAC5C,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,sBAAsB,CAAC,KAAa,EAAE,QAA6B;QAC9E,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,YAAY,KAAK,EAAE,EAAE,QAAQ,EAAE,iBAAiB,CAAC,YAAY,CAAC,CAAC;IACnF,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,sBAAsB,CAAC,KAAa;QAC/C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,KAAK,EAAE,CAAC,CAAC;QAE3D,wEAAwE;QACxE,yFAAyF;QACzF,wFAAwF;QACxF,mEAAmE;QACnE,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,YAAY,KAAK,EAAE,CAAC,CAAC;QACzC,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC"}

package/src/web5-connect/web5-connect-server.ts

@@ -1,123 +0,0 @@
-import { CryptoUtils } from '@enbox/crypto';
-
-import { getDialectFromUrl } from '../storage.js';
-import { SqlTtlCache } from './sql-ttl-cache.js';
-
-/**
- * The Web5 Connect Request object.
- */
-export type Web5ConnectRequest = any; // TODO: define type in common repo for reuse (https://github.com/enboxorg/enbox/issues/138)
-
-/**
- * The Web5 Connect Response object, which is also an OIDC ID token
- */
-export type Web5ConnectResponse = any; // TODO: define type in common repo for reuse (https://github.com/enboxorg/enbox/issues/138)
-
-/**
- * The result of the setWeb5ConnectRequest() method.
- */
-export type SetWeb5ConnectRequestResult = {
-  /**
-   * The Request URI that the wallet should use to retrieve the request object.
-   */
-  request_uri: string;
-
-  /**
-   * The time in seconds that the Request URI is valid for.
-   */
-  expires_in: number;
-};
-
-/**
- * The Web5 Connect Server is responsible for handling the Web5 Connect flow.
- */
-export class Web5ConnectServer {
-  public static readonly ttlInSeconds = 600;
-
-  private baseUrl: string;
-  private cache: SqlTtlCache;
-
-  /**
-   * Creates a new instance of the Web5 Connect Server.
-   * @param params.baseUrl The the base URL of the connect server including the port.
-   *                       This is given to the Identity Provider (wallet) to fetch the Web5 Connect Request object.
-   * @param params.sqlTtlCacheUrl The URL of the SQL database to use as the TTL cache.
-   */
-  public static async create({ baseUrl, sqlTtlCacheUrl }: {
-    baseUrl: string;
-    sqlTtlCacheUrl: string;
-  }): Promise<Web5ConnectServer> {
-    const web5ConnectServer = new Web5ConnectServer({ baseUrl });
-
-    // Initialize TTL cache.
-    const sqlDialect = getDialectFromUrl(new URL(sqlTtlCacheUrl));
-    web5ConnectServer.cache = await SqlTtlCache.create(sqlDialect);
-
-    return web5ConnectServer;
-  }
-
-  private constructor({ baseUrl }: {
-    baseUrl: string;
-  }) {
-    this.baseUrl = baseUrl;
-  }
-
-  /**
-   * Stores the given Web5 Connect Request object, which is also an OAuth 2 Pushed Authorization Request (PAR) object.
-   * This is the initial call to the connect server to start the Web5 Connect flow.
-   */
-  public async setWeb5ConnectRequest(request: Web5ConnectRequest): Promise<SetWeb5ConnectRequestResult> {
-    // Generate a request URI
-    const requestId = CryptoUtils.randomUuid();
-    const request_uri = `${this.baseUrl}/connect/authorize/${requestId}.jwt`;
-
-    // Store the Request Object.
-    this.cache.insert(`request:${requestId}`, request, Web5ConnectServer.ttlInSeconds);
-
-    return {
-      request_uri,
-      expires_in: Web5ConnectServer.ttlInSeconds,
-    };
-  }
-
-  /**
-   * Returns the Web5 Connect Request object. The request ID can only be used once.
-   */
-  public async getWeb5ConnectRequest(requestId: string): Promise<Web5ConnectRequest | undefined> {
-    const request = await this.cache.get(`request:${requestId}`);
-
-    // Delete the Request Object from cache once it has been retrieved.
-    // IMPORTANT: only delete if the object exists, otherwise there could be a race condition
-    // where the object does not exist in this call but becomes available immediately after,
-    // we would end up deleting it before it is successfully retrieved.
-    if (request !== undefined) {
-      this.cache.delete(`request:${requestId}`);
-    }
-
-    return request;
-  }
-
-  /**
-   * Sets the Web5 Connect Response object, which is also an OIDC ID token.
-   */
-  public async setWeb5ConnectResponse(state: string, response: Web5ConnectResponse): Promise<any> {
-    this.cache.insert(`response:${state}`, response, Web5ConnectServer.ttlInSeconds);
-  }
-
-  /**
-   * Gets the Web5 Connect Response object. The `state` string can only be used once.
-   */
-  public async getWeb5ConnectResponse(state: string): Promise<Web5ConnectResponse | undefined> {
-    const response = await this.cache.get(`response:${state}`);
-
-    // Delete the Response object from the cache once it has been retrieved.
-    // IMPORTANT: only delete if the object exists, otherwise there could be a race condition
-    // where the object does not exist in this call but becomes available immediately after,
-    // we would end up deleting it before it is successfully retrieved.
-    if (response !== undefined) {
-      this.cache.delete(`response:${state}`);
-    }
-
-    return response;
-  }
-}