@forge/realtime 0.4.2-next.0 → 0.5.0-next.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/CHANGELOG.md +6 -0
  2. package/out/publish.d.ts.map +1 -1
  3. package/out/publish.js +15 -2
  4. package/out/signRealtimeToken.d.ts +2 -1
  5. package/out/signRealtimeToken.d.ts.map +1 -1
  6. package/out/utils.d.ts +7 -0
  7. package/out/utils.d.ts.map +1 -1
  8. package/out/utils.js +29 -1
  9. package/package.json +2 -2
package/CHANGELOG.md CHANGED
@@ -1,5 +1,11 @@
1
1
  # @forge/realtime
2
2
 
3
+ ## 0.5.0-next.1
4
+
5
+ ### Minor Changes
6
+
7
+ - 68e1229: Adds pre validation for the forge realtime token in publish methods
8
+
3
9
  ## 0.4.2-next.0
4
10
 
5
11
  ### Patch Changes
package/out/publish.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"publish.d.ts","sourceRoot":"","sources":["../src/publish.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AA2BlD,UAAU,cAAc;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gBAAgB,CAAC,EAAE,cAAc,EAAE,CAAC;CACrC;AAED,eAAO,MAAM,OAAO,mDACL,MAAM,sCAET,cAAc;;;;;;;;EA4EzB,CAAC;AAEF,eAAO,MAAM,aAAa,mDACX,MAAM,sCAET,cAAc;;;;;;;;EAgEzB,CAAC"}
1
+ {"version":3,"file":"publish.d.ts","sourceRoot":"","sources":["../src/publish.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AA2BlD,UAAU,cAAc;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gBAAgB,CAAC,EAAE,cAAc,EAAE,CAAC;CACrC;AAED,eAAO,MAAM,OAAO,mDACL,MAAM,sCAET,cAAc;;;;;;;;EAmFzB,CAAC;AAEF,eAAO,MAAM,aAAa,mDACX,MAAM,sCAET,cAAc;;;;;;;;EAyEzB,CAAC"}
package/out/publish.js CHANGED
@@ -31,6 +31,12 @@ const publish = async (channelName, eventPayload, options) => {
31
31
  if (contextOverrides && !Array.isArray(contextOverrides)) {
32
32
  throw new Error('Invalid value for contextOverrides. Please provide an array of valid context properties.');
33
33
  }
34
+ if (token) {
35
+ const { valid, error } = (0, utils_1.validateToken)(token, channelName);
36
+ if (!valid) {
37
+ return { eventId: null, eventTimestamp: null, errors: [`Realtime token validation failed: ${error}`] };
38
+ }
39
+ }
34
40
  const channelContext = contextOverrides
35
41
  ? JSON.stringify({
36
42
  contextOverrides
@@ -48,7 +54,7 @@ const publish = async (channelName, eventPayload, options) => {
48
54
  context: channelContext,
49
55
  payload: JSON.stringify(eventPayload),
50
56
  isGlobal: false,
51
- token: token
57
+ token
52
58
  }
53
59
  }),
54
60
  errors: [],
@@ -89,6 +95,13 @@ const publish = async (channelName, eventPayload, options) => {
89
95
  exports.publish = publish;
90
96
  const publishGlobal = async (channelName, eventPayload, options) => {
91
97
  const { appContext, realtime } = (0, runtime_1.__getRuntime)();
98
+ const { token } = options || {};
99
+ if (token) {
100
+ const { valid, error } = (0, utils_1.validateToken)(token, channelName);
101
+ if (!valid) {
102
+ return { eventId: null, eventTimestamp: null, errors: [`Realtime token validation failed: ${error}`] };
103
+ }
104
+ }
92
105
  const response = await global.__forge_fetch__({
93
106
  type: 'realtime'
94
107
  }, '/', {
@@ -100,7 +113,7 @@ const publishGlobal = async (channelName, eventPayload, options) => {
100
113
  name: channelName,
101
114
  payload: JSON.stringify(eventPayload),
102
115
  isGlobal: true,
103
- token: options?.token
116
+ token
104
117
  }
105
118
  }),
106
119
  errors: [],
package/out/signRealtimeToken.d.ts CHANGED
@@ -1,4 +1,5 @@
1
- declare type RealtimeTokenPermissions = ['subscribe'] | ['publish'] | ['subscribe', 'publish'] | ['publish', 'subscribe'];
1
+ declare type TokenPermissions = 'subscribe' | 'publish';
2
+ export declare type RealtimeTokenPermissions = [TokenPermissions, ...TokenPermissions[]];
2
3
  export declare const signRealtimeToken: (channelName: string, claims: any, permissions?: RealtimeTokenPermissions) => Promise<{
3
4
  token: null;
4
5
  expiresAt: null;
package/out/signRealtimeToken.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"signRealtimeToken.d.ts","sourceRoot":"","sources":["../src/signRealtimeToken.ts"],"names":[],"mappings":"AA6BA,aAAK,wBAAwB,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,EAAE,SAAS,CAAC,GAAG,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;AAElH,eAAO,MAAM,iBAAiB,gBACf,MAAM,UAEX,GAAG,gBACG,wBAAwB;;;;;;;;EAyDvC,CAAC"}
1
+ {"version":3,"file":"signRealtimeToken.d.ts","sourceRoot":"","sources":["../src/signRealtimeToken.ts"],"names":[],"mappings":"AA6BA,aAAK,gBAAgB,GAAG,WAAW,GAAG,SAAS,CAAC;AAChD,oBAAY,wBAAwB,GAAG,CAAC,gBAAgB,EAAE,GAAG,gBAAgB,EAAE,CAAC,CAAC;AAEjF,eAAO,MAAM,iBAAiB,gBACf,MAAM,UAEX,GAAG,gBACG,wBAAwB;;;;;;;;EAyDvC,CAAC"}
package/out/utils.d.ts CHANGED
@@ -1,2 +1,9 @@
1
1
  export declare const handleProxyResponseErrors: (response: Response) => void;
2
+ declare type RealtimeTokenValidationError = 'INVALID_TOKEN' | 'TOKEN_EXPIRED' | 'MISSING_PERMISSION' | 'CHANNEL_NAME_MISMATCH';
3
+ interface RealtimeTokenValidationResult {
4
+ error?: RealtimeTokenValidationError;
5
+ valid: boolean;
6
+ }
7
+ export declare const validateToken: (token: string, channelName: string) => RealtimeTokenValidationResult;
8
+ export {};
2
9
  //# sourceMappingURL=utils.d.ts.map
package/out/utils.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAGA,eAAO,MAAM,yBAAyB,aAAc,QAAQ,KAAG,IAK9D,CAAC"}
1
+ {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAIA,eAAO,MAAM,yBAAyB,aAAc,QAAQ,KAAG,IAK9D,CAAC;AAeF,aAAK,4BAA4B,GAAG,eAAe,GAAG,eAAe,GAAG,oBAAoB,GAAG,uBAAuB,CAAC;AAEvH,UAAU,6BAA6B;IACrC,KAAK,CAAC,EAAE,4BAA4B,CAAC;IACrC,KAAK,EAAE,OAAO,CAAC;CAChB;AAuBD,eAAO,MAAM,aAAa,UAAW,MAAM,eAAe,MAAM,KAAG,6BAqBlE,CAAC"}
package/out/utils.js CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.handleProxyResponseErrors = void 0;
3
+ exports.validateToken = exports.handleProxyResponseErrors = void 0;
4
4
  const api_1 = require("@forge/api");
5
5
  const getForgeProxyError = (response) => response.headers.get('forge-proxy-error');
6
6
  const handleProxyResponseErrors = (response) => {
@@ -10,3 +10,31 @@ const handleProxyResponseErrors = (response) => {
10
10
  }
11
11
  };
12
12
  exports.handleProxyResponseErrors = handleProxyResponseErrors;
13
+ const decodeTokenPayload = (token) => {
14
+ const parts = token.split('.');
15
+ if (parts.length !== 3) {
16
+ throw new Error('Invalid token format.');
17
+ }
18
+ const base64 = parts[1].replace(/-/g, '+').replace(/_/g, '/');
19
+ return JSON.parse(Buffer.from(base64, 'base64').toString('utf-8'));
20
+ };
21
+ const validateToken = (token, channelName) => {
22
+ let decodedToken;
23
+ try {
24
+ decodedToken = decodeTokenPayload(token);
25
+ }
26
+ catch {
27
+ return { valid: false, error: 'INVALID_TOKEN' };
28
+ }
29
+ if (typeof decodedToken.exp === 'number' && Date.now() / 1000 >= decodedToken.exp) {
30
+ return { valid: false, error: 'TOKEN_EXPIRED' };
31
+ }
32
+ if (decodedToken.channel.name !== channelName) {
33
+ return { valid: false, error: 'CHANNEL_NAME_MISMATCH' };
34
+ }
35
+ if (decodedToken.permissions && !decodedToken.permissions?.includes('publish')) {
36
+ return { valid: false, error: 'MISSING_PERMISSION' };
37
+ }
38
+ return { valid: true };
39
+ };
40
+ exports.validateToken = validateToken;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@forge/realtime",
3
- "version": "0.4.2-next.0",
3
+ "version": "0.5.0-next.1",
4
4
  "description": "Forge realtime",
5
5
  "main": "out/index.js",
6
6
  "types": "out/index.d.ts",
@@ -14,7 +14,7 @@
14
14
  },
15
15
  "devDependencies": {
16
16
  "@atlassian/metrics-interface": "4.0.0",
17
- "@forge/api": "^7.2.1",
17
+ "@forge/api": "^7.2.2-next.0",
18
18
  "@types/node": "20.19.1"
19
19
  },
20
20
  "publishConfig": {