npm - @enbox/dwn-server - Versions diffs - 0.1.2 → 0.1.3 - Mend

@enbox/dwn-server 0.1.2 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (70) hide show

package/dist/esm/src/admin/admin-api.js +2 -2
package/dist/esm/src/admin/admin-api.js.map +1 -1
package/dist/esm/src/admin/admin-auth.js +1 -1
package/dist/esm/src/admin/admin-auth.js.map +1 -1
package/dist/esm/src/admin/admin-passkey-store.js.map +1 -1
package/dist/esm/src/admin/admin-session.js.map +1 -1
package/dist/esm/src/admin/admin-store.d.ts +2 -2
package/dist/esm/src/admin/admin-store.d.ts.map +1 -1
package/dist/esm/src/admin/admin-store.js +1 -1
package/dist/esm/src/admin/admin-store.js.map +1 -1
package/dist/esm/src/admin/audit-log.js.map +1 -1
package/dist/esm/src/admin/webhook-manager.js.map +1 -1
package/dist/esm/src/connect/connect-server.d.ts +1 -1
package/dist/esm/src/connect/connect-server.d.ts.map +1 -1
package/dist/esm/src/connect/connect-server.js.map +1 -1
package/dist/esm/src/connect/sql-ttl-cache.d.ts +1 -1
package/dist/esm/src/connect/sql-ttl-cache.d.ts.map +1 -1
package/dist/esm/src/connect/sql-ttl-cache.js.map +1 -1
package/dist/esm/src/connection/connection-manager.d.ts +9 -9
package/dist/esm/src/connection/connection-manager.d.ts.map +1 -1
package/dist/esm/src/connection/connection-manager.js.map +1 -1
package/dist/esm/src/connection/socket-connection.d.ts +13 -13
package/dist/esm/src/connection/socket-connection.d.ts.map +1 -1
package/dist/esm/src/connection/socket-connection.js.map +1 -1
package/dist/esm/src/delivery-service.d.ts.map +1 -1
package/dist/esm/src/delivery-service.js +15 -7
package/dist/esm/src/delivery-service.js.map +1 -1
package/dist/esm/src/dwn-server.js.map +1 -1
package/dist/esm/src/http-api.js +18 -18
package/dist/esm/src/http-api.js.map +1 -1
package/dist/esm/src/plugins/event-log-nats.js +16 -16
package/dist/esm/src/plugins/event-log-nats.js.map +1 -1
package/dist/esm/src/rate-limiter.js.map +1 -1
package/dist/esm/src/registration/jwt-provider-auth-plugin.js.map +1 -1
package/dist/esm/src/registration/open-auth-handler.js.map +1 -1
package/dist/esm/src/registration/proof-of-work-manager.d.ts +5 -5
package/dist/esm/src/registration/proof-of-work-manager.d.ts.map +1 -1
package/dist/esm/src/registration/proof-of-work-manager.js +12 -10
package/dist/esm/src/registration/proof-of-work-manager.js.map +1 -1
package/dist/esm/src/registration/registration-manager.js +6 -6
package/dist/esm/src/registration/registration-manager.js.map +1 -1
package/dist/esm/src/registration/registration-store.d.ts +1 -1
package/dist/esm/src/registration/registration-store.d.ts.map +1 -1
package/dist/esm/src/registration/registration-store.js.map +1 -1
package/dist/esm/src/server-migration-runner.js.map +1 -1
package/dist/esm/src/ws-api.js.map +1 -1
package/package.json +5 -5
package/src/admin/admin-api.ts +5 -5
package/src/admin/admin-auth.ts +1 -1
package/src/admin/admin-passkey-store.ts +1 -1
package/src/admin/admin-session.ts +2 -2
package/src/admin/admin-store.ts +3 -3
package/src/admin/audit-log.ts +1 -1
package/src/admin/webhook-manager.ts +1 -1
package/src/connect/connect-server.ts +1 -1
package/src/connect/sql-ttl-cache.ts +1 -1
package/src/connection/connection-manager.ts +9 -9
package/src/connection/socket-connection.ts +13 -13
package/src/delivery-service.ts +16 -7
package/src/dwn-server.ts +3 -3
package/src/http-api.ts +15 -15
package/src/plugins/event-log-nats.ts +14 -14
package/src/rate-limiter.ts +1 -1
package/src/registration/jwt-provider-auth-plugin.ts +3 -3
package/src/registration/open-auth-handler.ts +5 -5
package/src/registration/proof-of-work-manager.ts +17 -15
package/src/registration/registration-manager.ts +6 -6
package/src/registration/registration-store.ts +1 -1
package/src/server-migration-runner.ts +1 -1
package/src/ws-api.ts +1 -1

package/src/dwn-server.ts CHANGED Viewed

@@ -101,9 +101,9 @@ export class DwnServer {
   #auditLog: AuditLog | undefined;
   #passkeyStore: AdminPasskeyStore | undefined;
   #sessionManager: AdminSessionManager | undefined;
-  #externalHooks: MessageProcessedHook[];
-  #externalRegistrationManager: RegistrationManager | undefined;
-  #externalOpenAuthHandler: OpenAuthHandler | undefined;
+  readonly #externalHooks: MessageProcessedHook[];
+  readonly #externalRegistrationManager: RegistrationManager | undefined;
+  readonly #externalOpenAuthHandler: OpenAuthHandler | undefined;
   /**
    * @param options.dwn - Dwn instance to use as an override.

package/src/http-api.ts CHANGED Viewed

@@ -800,11 +800,11 @@ export class HttpApi {
         return Response.json({ success: true }, { status: 200 });
       } catch (error) {
         const dwnServerError = error as DwnServerError;
-        if (dwnServerError.code !== undefined) {
-          return Response.json(dwnServerError, { status: 400 });
-        } else {
+        if (dwnServerError.code === undefined) {
           log.info('Error handling registration request:', error);
           return Response.json({ success: false }, { status: 500 });
+        } else {
+          return Response.json(dwnServerError, { status: 400 });
         }
       }
     }
@@ -850,18 +850,18 @@ export class HttpApi {
         log.info(`Retrieving Connect Request object of ID: ${requestId}...`);
         const requestObjectJwt = await this.connectServer.getConnectRequest(requestId);
-        if (!requestObjectJwt) {
-          return Response.json({
-            ok     : false,
-            status : { code: 404, message: 'Not Found' },
-          }, { status: 404 });
-        } else {
+        if (requestObjectJwt) {
           const body = typeof requestObjectJwt === 'string'
             ? requestObjectJwt
             : JSON.stringify(requestObjectJwt);
           return new Response(body, {
             headers: { 'content-type': 'application/jwt' },
           });
+        } else {
+          return Response.json({
+            ok     : false,
+            status : { code: 404, message: 'Not Found' },
+          }, { status: 404 });
         }
       }
     }
@@ -910,16 +910,16 @@ export class HttpApi {
         log.info(`Retrieving ID token for state: ${state}...`);
         const idToken = await this.connectServer.getConnectResponse(state);
-        if (!idToken) {
-          return Response.json({
-            ok     : false,
-            status : { code: 404, message: 'Not Found' },
-          }, { status: 404 });
-        } else {
+        if (idToken) {
           const body = typeof idToken === 'string' ? idToken : JSON.stringify(idToken);
           return new Response(body, {
             headers: { 'content-type': 'application/jwt' },
           });
+        } else {
+          return Response.json({
+            ok     : false,
+            status : { code: 404, message: 'Not Found' },
+          }, { status: 404 });
         }
       }
     }

package/src/plugins/event-log-nats.ts CHANGED Viewed

@@ -161,13 +161,13 @@ function tenantToSubjectToken(tenant: string): string {
  * Must be a default export with a no-arg constructor.
  */
 export default class NatsEventLog implements EventLog {
-  #config: NatsEventLogConfig;
+  readonly #config: NatsEventLogConfig;
   #nc: NatsConnection | undefined;
   #js: JetStreamClient | undefined;
   #jsm: JetStreamManager | undefined;
   /** Active subscription consumers, keyed by consumer name. */
-  #activeConsumers: Map<string, { messages?: ConsumerMessages; stopped: boolean }> = new Map();
+  readonly #activeConsumers: Map<string, { messages?: ConsumerMessages; stopped: boolean }> = new Map();
   /**
    * Epoch for this EventLog instance. Stable as long as the JetStream stream exists.
@@ -252,13 +252,13 @@ export default class NatsEventLog implements EventLog {
     let reason: ProgressGapReason;
     if (cursor.streamId !== expectedStreamId) {
       reason = 'stream_mismatch';
-    } else if (cursor.epoch !== this.#epoch) {
-      reason = 'epoch_mismatch';
-    } else {
+    } else if (cursor.epoch === this.#epoch) {
       // Check if position is within replay bounds using BigInt
       // for safe handling of NATS sequences beyond Number.MAX_SAFE_INTEGER.
       const bounds = await this.getReplayBounds(tenant);
-      if (bounds !== undefined) {
+      if (bounds === undefined) {
+        return; // No events — vacuously valid.
+      } else {
         const cursorSeq = BigInt(cursor.position);
         const oldestSeq = BigInt(bounds.oldest.position);
         if (cursorSeq < oldestSeq - 1n) {
@@ -266,9 +266,9 @@ export default class NatsEventLog implements EventLog {
         } else {
           return; // Valid.
         }
-      } else {
-        return; // No events — vacuously valid.
       }
+    } else {
+      reason = 'epoch_mismatch';
     }
     const bounds = await this.getReplayBounds(tenant);
@@ -315,11 +315,11 @@ export default class NatsEventLog implements EventLog {
       ack_policy     : AckPolicy.None, // ordered consumers use AckNone
     };
-    if (cursor !== undefined) {
+    if (cursor === undefined) {
+      consumerOpts.deliver_policy = DeliverPolicy.All;
+    } else {
       consumerOpts.deliver_policy = DeliverPolicy.StartSequence;
       consumerOpts.opt_start_seq = Number(cursor.position) + 1;
-    } else {
-      consumerOpts.deliver_policy = DeliverPolicy.All;
     }
     const consumer = await this.#jsm!.consumers.add(this.#config.streamName, consumerOpts);
@@ -405,11 +405,11 @@ export default class NatsEventLog implements EventLog {
       inactive_threshold : 60_000_000_000, // 60 seconds in nanos
     };
-    if (cursor !== undefined) {
+    if (cursor === undefined) {
+      consumerOpts.deliver_policy = DeliverPolicy.New;
+    } else {
       consumerOpts.deliver_policy = DeliverPolicy.StartSequence;
       consumerOpts.opt_start_seq = Number(cursor.position) + 1;
-    } else {
-      consumerOpts.deliver_policy = DeliverPolicy.New;
     }
     await this.#jsm!.consumers.add(this.#config.streamName, consumerOpts);

package/src/rate-limiter.ts CHANGED Viewed

@@ -25,7 +25,7 @@ type Bucket = {
 export class RateLimiter {
   #refillRate: number;
   #maxTokens: number;
-  #buckets: Map<string, Bucket> = new Map();
+  readonly #buckets: Map<string, Bucket> = new Map();
   #cleanupInterval: ReturnType<typeof setInterval> | undefined;
   /** Stale buckets older than 5 minutes are purged. */

package/src/registration/jwt-provider-auth-plugin.ts CHANGED Viewed

@@ -36,9 +36,9 @@ export type JwtProviderAuthPluginOptions = {
  * {@link ProviderAuthPlugin} instead.
  */
 export class JwtProviderAuthPlugin implements ProviderAuthPlugin {
-  #getKey: Uint8Array | jose.JWTVerifyGetKey;
-  #issuer: string | undefined;
-  #audience: string | undefined;
+  readonly #getKey: Uint8Array | jose.JWTVerifyGetKey;
+  readonly #issuer: string | undefined;
+  readonly #audience: string | undefined;
   private constructor(
     getKey: Uint8Array | jose.JWTVerifyGetKey,

package/src/registration/open-auth-handler.ts CHANGED Viewed

@@ -28,14 +28,14 @@ const MAX_PENDING_CODES = 10_000;
 const CLEANUP_INTERVAL_MS = 60_000;
 export class OpenAuthHandler {
-  #secret: Uint8Array;
-  #issuer: string;
+  readonly #secret: Uint8Array;
+  readonly #issuer: string;
   /** Pending authorization codes. Maps code → { redirectUri, expiresAt }. */
-  #pendingCodes: Map<string, { redirectUri: string; expiresAt: number }>;
+  readonly #pendingCodes: Map<string, { redirectUri: string; expiresAt: number }>;
   /** Registration token TTL in seconds. Default: 1 year. */
-  #tokenTtlSeconds: number;
+  readonly #tokenTtlSeconds: number;
   /** Periodic cleanup timer for expired codes. */
-  #cleanupTimer: ReturnType<typeof setInterval>;
+  readonly #cleanupTimer: ReturnType<typeof setInterval>;
   private constructor(secret: Uint8Array, issuer: string, tokenTtlSeconds: number) {
     this.#secret = secret;

package/src/registration/proof-of-work-manager.ts CHANGED Viewed

@@ -20,14 +20,14 @@ export class ProofOfWorkManager {
   // There is opportunity to improve implementation here.
   // TODO: https://github.com/enboxorg/enbox/issues/101
-  private proofOfWorkOfLastMinute: Map<string, number> = new Map(); // proofOfWorkId -> timestamp of proof-of-work
+  private readonly proofOfWorkOfLastMinute: Map<string, number> = new Map(); // proofOfWorkId -> timestamp of proof-of-work
   // Seed to generate the challenge nonce from, this allows all DWN instances in a cluster to generate the same challenge.
-  private challengeSeed?: string;
-  private difficultyIncreaseMultiplier: number;
+  private readonly challengeSeed?: string;
+  private readonly difficultyIncreaseMultiplier: number;
   private currentMaximumAllowedHashValueAsBigInt: bigint;
-  private initialMaximumAllowedHashValueAsBigInt: bigint;
-  private desiredSolveCountPerMinute: number;
+  private readonly initialMaximumAllowedHashValueAsBigInt: bigint;
+  private readonly desiredSolveCountPerMinute: number;
   /**
    * How often the challenge nonce is refreshed.
@@ -183,17 +183,19 @@ export class ProofOfWorkManager {
     } catch (error) {
       console.error(`Encountered error while refreshing challenge nonce: ${error}`);
     } finally {
-      setTimeout(async () => this.periodicallyRefreshChallengeNonce(), this.challengeRefreshFrequencyInSeconds * 1000);
+      setTimeout(() => this.periodicallyRefreshChallengeNonce(), this.challengeRefreshFrequencyInSeconds * 1000);
     }
   }
-  private periodicallyRefreshProofOfWorkDifficulty (): void {
+  private async periodicallyRefreshProofOfWorkDifficulty (): Promise<void> {
     try {
-      this.refreshMaximumAllowedHashValue();
+      await this.refreshMaximumAllowedHashValue();
     } catch (error) {
       console.error(`Encountered error while updating proof of work difficulty: ${error}`);
     } finally {
-      setTimeout(async () => this.periodicallyRefreshProofOfWorkDifficulty(), this.difficultyReevaluationFrequencyInSeconds * 1000);
+      setTimeout(() => {
+        void this.periodicallyRefreshProofOfWorkDifficulty();
+      }, this.difficultyReevaluationFrequencyInSeconds * 1000);
     }
   }
@@ -208,7 +210,12 @@ export class ProofOfWorkManager {
   private refreshChallengeNonce(): void {
     // If challenge seed is supplied, use it to deterministically generate the challenge nonces.
-    if (this.challengeSeed !== undefined) {
+    if (this.challengeSeed === undefined) {
+      const newChallengeNonce = ProofOfWork.generateNonce();
+      this.challengeNonces.previousChallengeNonce = this.challengeNonces.currentChallengeNonce;
+      this.challengeNonces.currentChallengeNonce = newChallengeNonce;
+    } else {
       const currentRefreshIntervalId = Math.floor(Date.now() / (this.challengeRefreshFrequencyInSeconds * 1000));
       const previousRefreshIntervalId = currentRefreshIntervalId - 1;
       const nextRefreshIntervalId = currentRefreshIntervalId + 1;
@@ -218,11 +225,6 @@ export class ProofOfWorkManager {
       const nextChallengeNonce = ProofOfWork.hashAsHexString([this.challengeSeed, nextRefreshIntervalId.toString(), this.challengeSeed]);
       this.challengeNonces = { previousChallengeNonce, currentChallengeNonce, nextChallengeNonce };
-    } else {
-      const newChallengeNonce = ProofOfWork.generateNonce();
-      this.challengeNonces.previousChallengeNonce = this.challengeNonces.currentChallengeNonce;
-      this.challengeNonces.currentChallengeNonce = newChallengeNonce;
     }
   }

package/src/registration/registration-manager.ts CHANGED Viewed

@@ -108,13 +108,13 @@ export class RegistrationManager implements TenantGate {
   public async handleRegistrationRequest(registrationRequest: RegistrationRequest): Promise<void> {
     if (registrationRequest.providerAuth?.registrationToken !== undefined) {
       await this.handleProviderAuthRegistration(registrationRequest);
-    } else if (registrationRequest.proofOfWork !== undefined) {
-      await this.handleProofOfWorkRegistration(registrationRequest);
-    } else {
+    } else if (registrationRequest.proofOfWork === undefined) {
       throw new DwnServerError(
         DwnServerErrorCode.RegistrationRequestMissingCredentials,
         'Registration request must include either providerAuth or proofOfWork credentials.',
       );
+    } else {
+      await this.handleProofOfWorkRegistration(registrationRequest);
     }
   }
@@ -154,9 +154,9 @@ export class RegistrationManager implements TenantGate {
       termsOfServiceHash : registrationRequest.registrationData.termsOfServiceHash,
       accountId          : validationResult.accountId,
       registrationType   : 'provider-auth',
-      metadata           : validationResult.metadata !== undefined
-        ? JSON.stringify(validationResult.metadata)
-        : undefined,
+      metadata           : validationResult.metadata === undefined
+        ? undefined
+        : JSON.stringify(validationResult.metadata),
     });
   }

package/src/registration/registration-store.ts CHANGED Viewed

@@ -12,7 +12,7 @@ export class RegistrationStore {
   private static readonly registeredTenantTableName = 'registeredTenants';
   private static readonly tenantQuotasTableName = 'tenantQuotas';
-  private db: Kysely<RegistrationDatabase>;
+  private readonly db: Kysely<RegistrationDatabase>;
   private constructor (sqlDialect: Dialect) {
     this.db = new Kysely<RegistrationDatabase>({ dialect: sqlDialect });

package/src/server-migration-runner.ts CHANGED Viewed

@@ -11,7 +11,7 @@ import { Migrator } from 'kysely';
  * dialect, producing the concrete Kysely {@link Migration} objects.
  */
 class ServerMigrationProvider implements MigrationProvider {
-  #dialect: Dialect;
+  readonly #dialect: Dialect;
   #factories: ReadonlyArray<readonly [name: string, factory: ServerMigrationFactory]>;
   constructor(

package/src/ws-api.ts CHANGED Viewed

@@ -14,7 +14,7 @@ import { InMemoryConnectionManager } from './connection/connection-manager.js';
 export class WsApi {
   dwn: Dwn;
-  #connectionManager: ConnectionManager;
+  readonly #connectionManager: ConnectionManager;
   constructor(
     httpApi: HttpApi, dwn: Dwn, connectionManager?: ConnectionManager,