@forklaunch/core 0.11.0 → 0.11.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/lib/http/index.d.mts +29 -6
  2. package/lib/http/index.d.ts +29 -6
  3. package/lib/http/index.js +42 -17
  4. package/lib/http/index.js.map +1 -1
  5. package/lib/http/index.mjs +42 -17
  6. package/lib/http/index.mjs.map +1 -1
  7. package/package.json +3 -3
package/lib/http/index.d.mts CHANGED
@@ -6,6 +6,7 @@ import { CorsOptions } from 'cors';
6
6
  import { Counter, Gauge, Histogram, UpDownCounter, ObservableCounter, ObservableGauge, ObservableUpDownCounter, Span } from '@opentelemetry/api';
7
7
  import { LevelWithSilentOrString, LevelWithSilent, Logger } from 'pino';
8
8
  export { LevelWithSilent, LevelWithSilentOrString, Logger } from 'pino';
9
+ import { JWTPayload } from 'jose';
9
10
  import { Readable } from 'stream';
10
11
  import { ZodSchemaValidator } from '@forklaunch/validator/zod';
11
12
  import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
@@ -221,6 +222,7 @@ type JwtAuthMethods = {
221
222
  type AuthMethodsBase = {
222
223
  readonly tokenPrefix?: string;
223
224
  readonly headerName?: string;
225
+ readonly decodeResource?: (token: string) => JWTPayload | Promise<JWTPayload>;
224
226
  } & (BasicAuthMethods | JwtAuthMethods);
225
227
  type PermissionSet = {
226
228
  readonly allowedPermissions: Set<string>;
@@ -240,10 +242,10 @@ type SchemaAuthMethods<SV extends AnySchemaValidator, ParamsSchema extends Param
240
242
  } & PermissionSet) | ({
241
243
  readonly mapRoles: ExpressLikeSchemaAuthMapper<SV, ParamsSchema, ReqBody, QuerySchema, ReqHeaders, BaseRequest>;
242
244
  } & RoleSet));
243
- type AuthMethods<SV extends AnySchemaValidator, P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>, BaseRequest> = AuthMethodsBase & (({
244
- readonly mapPermissions: ExpressLikeAuthMapper<SV, P, ReqBody, ReqQuery, ReqHeaders, BaseRequest>;
245
+ type AuthMethods<P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>, BaseRequest> = AuthMethodsBase & (({
246
+ readonly mapPermissions: ExpressLikeAuthMapper<P, ReqBody, ReqQuery, ReqHeaders, BaseRequest>;
245
247
  } & PermissionSet) | ({
246
- readonly mapRoles: ExpressLikeAuthMapper<SV, P, ReqBody, ReqQuery, ReqHeaders, BaseRequest>;
248
+ readonly mapRoles: ExpressLikeAuthMapper<P, ReqBody, ReqQuery, ReqHeaders, BaseRequest>;
247
249
  } & RoleSet));
248
250
  /**
249
251
  * Type representing a mapped schema.
@@ -380,6 +382,24 @@ interface RequestContext {
380
382
  /** Active OpenTelemetry Span */
381
383
  span?: Span;
382
384
  }
385
+ interface ForklaunchBaseRequest<P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>> {
386
+ /** Request parameters */
387
+ params: P;
388
+ /** Request headers */
389
+ headers: ReqHeaders;
390
+ /** Request body */
391
+ body: ReqBody;
392
+ /** Request query */
393
+ query: ReqQuery;
394
+ /** Method */
395
+ method: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE' | 'OPTIONS' | 'HEAD' | 'CONNECT' | 'TRACE';
396
+ /** Request path */
397
+ path: string;
398
+ /** Original path */
399
+ originalPath: string;
400
+ /** OpenTelemetry Collector */
401
+ openTelemetryCollector: OpenTelemetryCollector<MetricsDefinition>;
402
+ }
383
403
  /**
384
404
  * Interface representing a Forklaunch request.
385
405
  *
@@ -559,6 +579,9 @@ type ForklaunchNextFunction = (err?: unknown) => void;
559
579
  type ResolvedForklaunchRequest<SV extends AnySchemaValidator, P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>, BaseRequest> = unknown extends BaseRequest ? ForklaunchRequest<SV, P, ReqBody, ReqQuery, ReqHeaders> : {
560
580
  [key in keyof BaseRequest]: key extends keyof ForklaunchRequest<SV, P, ReqBody, ReqQuery, ReqHeaders> ? ForklaunchRequest<SV, P, ReqBody, ReqQuery, ReqHeaders>[key] : key extends keyof BaseRequest ? BaseRequest[key] : never;
561
581
  };
582
+ type ResolvedForklaunchAuthRequest<P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>, BaseRequest> = unknown extends BaseRequest ? ForklaunchBaseRequest<P, ReqBody, ReqQuery, ReqHeaders> : {
583
+ [key in keyof BaseRequest]: key extends keyof ForklaunchBaseRequest<P, ReqBody, ReqQuery, ReqHeaders> ? ForklaunchBaseRequest<P, ReqBody, ReqQuery, ReqHeaders>[key] : key extends keyof BaseRequest ? BaseRequest[key] : never;
584
+ };
562
585
  /**
563
586
  * Represents a middleware handler with schema validation.
564
587
  *
@@ -612,8 +635,8 @@ type ExpressLikeSchemaHandler<SV extends AnySchemaValidator, P extends ParamsObj
612
635
  * @param {ForklaunchRequest<SV, P, ReqBody, ReqQuery, ReqHeaders>} req - The request object with schema validation.
613
636
  * @returns {Set<string> | Promise<Set<string>>} - A set of authorization strings or a promise that resolves to it.
614
637
  */
615
- type ExpressLikeSchemaAuthMapper<SV extends AnySchemaValidator, P extends ParamsObject<SV>, ReqBody extends Body<SV>, ReqQuery extends QueryObject<SV>, ReqHeaders extends HeadersObject<SV>, BaseRequest> = ExpressLikeAuthMapper<SV, P extends infer UnmappedParams ? UnmappedParams extends ParamsObject<SV> ? MapParamsSchema<SV, UnmappedParams> : never : never, ReqBody extends infer UnmappedReqBody ? UnmappedReqBody extends Body<SV> ? MapReqBodySchema<SV, UnmappedReqBody> : never : never, ReqQuery extends infer UnmappedReqQuery ? UnmappedReqQuery extends QueryObject<SV> ? MapReqQuerySchema<SV, UnmappedReqQuery> : never : never, ReqHeaders extends infer UnmappedReqHeaders ? UnmappedReqHeaders extends HeadersObject<SV> ? MapReqHeadersSchema<SV, UnmappedReqHeaders> : never : never, BaseRequest>;
616
- type ExpressLikeAuthMapper<SV extends AnySchemaValidator, P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>, BaseRequest> = (sub: string, req?: ResolvedForklaunchRequest<SV, P, ReqBody, ReqQuery, ReqHeaders, BaseRequest>) => Set<string> | Promise<Set<string>>;
638
+ type ExpressLikeSchemaAuthMapper<SV extends AnySchemaValidator, P extends ParamsObject<SV>, ReqBody extends Body<SV>, ReqQuery extends QueryObject<SV>, ReqHeaders extends HeadersObject<SV>, BaseRequest> = ExpressLikeAuthMapper<P extends infer UnmappedParams ? UnmappedParams extends ParamsObject<SV> ? MapParamsSchema<SV, UnmappedParams> : never : never, ReqBody extends infer UnmappedReqBody ? UnmappedReqBody extends Body<SV> ? MapReqBodySchema<SV, UnmappedReqBody> : never : never, ReqQuery extends infer UnmappedReqQuery ? UnmappedReqQuery extends QueryObject<SV> ? MapReqQuerySchema<SV, UnmappedReqQuery> : never : never, ReqHeaders extends infer UnmappedReqHeaders ? UnmappedReqHeaders extends HeadersObject<SV> ? MapReqHeadersSchema<SV, UnmappedReqHeaders> : never : never, BaseRequest>;
639
+ type ExpressLikeAuthMapper<P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>, BaseRequest> = (payload: JWTPayload, req?: ResolvedForklaunchAuthRequest<P, ReqBody, ReqQuery, ReqHeaders, BaseRequest>) => Set<string> | Promise<Set<string>>;
617
640
  type TokenPrefix<Auth extends AuthMethodsBase> = undefined extends Auth['tokenPrefix'] ? Auth extends BasicAuthMethods ? 'Basic ' : 'Bearer ' : `${Auth['tokenPrefix']} `;
618
641
  type AuthHeaders<Auth extends AuthMethodsBase> = undefined extends Auth['headerName'] ? {
619
642
  authorization: `${TokenPrefix<Auth>}${string}`;
@@ -1424,4 +1447,4 @@ type DocsConfiguration = ({
1424
1447
  type: 'swagger';
1425
1448
  };
1426
1449
 
1427
- export { ATTR_API_NAME, ATTR_CORRELATION_ID, type AuthMethods, type AuthMethodsBase, type BasicAuthMethods, type Body, type BodyObject, type ConstrainedForklaunchRouter, type ContractDetails, type ContractDetailsExpressLikeSchemaHandler, type ContractDetailsOrMiddlewareOrTypedHandler, type DocsConfiguration, type ErrorContainer, type ExpressLikeAuthMapper, type ExpressLikeHandler, type ExpressLikeRouter, type ExpressLikeSchemaAuthMapper, type ExpressLikeSchemaHandler, type ExpressLikeTypedHandler, type ExtractBody, type ExtractContentType, type ExtractResponseBody, type ExtractedParamsObject, type FetchFunction, type FileBody, ForklaunchExpressLikeApplication, ForklaunchExpressLikeRouter, type ForklaunchNextFunction, type ForklaunchRequest, type ForklaunchResErrors, type ForklaunchResHeaders, type ForklaunchResponse, type ForklaunchRoute, type ForklaunchRouter, type ForklaunchSendableData, type ForklaunchStatusResponse, HTTPStatuses, type HeadersObject, type HttpContractDetails, type HttpMethod, type JsonBody, type JwtAuthMethods, type LiveSdkFunction, type LiveTypeFunction, type LiveTypeFunctionRequestInit, type LiveTypeRouteDefinition, type LogFn, type LoggerMeta, type MapParamsSchema, type MapReqBodySchema, type MapReqHeadersSchema, type MapReqQuerySchema, type MapResBodyMapSchema, type MapResHeadersSchema, type MapSchema, type Method, type MetricType, type MetricsDefinition, type MiddlewareContractDetails, type MiddlewareOrMiddlewareWithTypedHandler, type MultipartForm, type NestableRouterBasedHandler, type NumberOnlyObject, OpenTelemetryCollector, type ParamsDictionary, type ParamsObject, type PathBasedHandler, type PathMatch, type PathOrMiddlewareBasedHandler, type PathParamHttpContractDetails, type PathParamMethod, type QueryObject, type RawTypedResponseBody, type RequestContext, type ResolvedForklaunchRequest, type ResponseBody, type ResponseCompiledSchema, type ResponseShape, type ResponsesObject, type SchemaAuthMethods, type SdkClient, type ServerSentEventBody, type StatusCode, type StringOnlyObject, type TelemetryOptions, type TextBody, type TypedBody, type TypedHandler, type TypedMiddlewareDefinition, type TypedNestableMiddlewareDefinition, type TypedResponseBody, type UnionedFetchMap, type UnknownBody, type UnknownResponseBody, type UrlEncodedForm, delete_, discriminateBody, discriminateResponseBodies, enrichExpressLikeSend, evaluateTelemetryOptions, generateMcpServer, generateSwaggerDocument, get, getCodeForStatus, head, httpRequestsTotalCounter, httpServerDurationHistogram, isClientError, isForklaunchRequest, isForklaunchRouter, isInformational, isRedirection, isServerError, isSuccessful, isValidStatusCode, logger, meta, metricsDefinitions, middleware, options, patch, post, put, recordMetric, trace, typedAuthHandler, typedHandler };
1450
+ export { ATTR_API_NAME, ATTR_CORRELATION_ID, type AuthMethods, type AuthMethodsBase, type BasicAuthMethods, type Body, type BodyObject, type ConstrainedForklaunchRouter, type ContractDetails, type ContractDetailsExpressLikeSchemaHandler, type ContractDetailsOrMiddlewareOrTypedHandler, type DocsConfiguration, type ErrorContainer, type ExpressLikeAuthMapper, type ExpressLikeHandler, type ExpressLikeRouter, type ExpressLikeSchemaAuthMapper, type ExpressLikeSchemaHandler, type ExpressLikeTypedHandler, type ExtractBody, type ExtractContentType, type ExtractResponseBody, type ExtractedParamsObject, type FetchFunction, type FileBody, type ForklaunchBaseRequest, ForklaunchExpressLikeApplication, ForklaunchExpressLikeRouter, type ForklaunchNextFunction, type ForklaunchRequest, type ForklaunchResErrors, type ForklaunchResHeaders, type ForklaunchResponse, type ForklaunchRoute, type ForklaunchRouter, type ForklaunchSendableData, type ForklaunchStatusResponse, HTTPStatuses, type HeadersObject, type HttpContractDetails, type HttpMethod, type JsonBody, type JwtAuthMethods, type LiveSdkFunction, type LiveTypeFunction, type LiveTypeFunctionRequestInit, type LiveTypeRouteDefinition, type LogFn, type LoggerMeta, type MapParamsSchema, type MapReqBodySchema, type MapReqHeadersSchema, type MapReqQuerySchema, type MapResBodyMapSchema, type MapResHeadersSchema, type MapSchema, type Method, type MetricType, type MetricsDefinition, type MiddlewareContractDetails, type MiddlewareOrMiddlewareWithTypedHandler, type MultipartForm, type NestableRouterBasedHandler, type NumberOnlyObject, OpenTelemetryCollector, type ParamsDictionary, type ParamsObject, type PathBasedHandler, type PathMatch, type PathOrMiddlewareBasedHandler, type PathParamHttpContractDetails, type PathParamMethod, type QueryObject, type RawTypedResponseBody, type RequestContext, type ResolvedForklaunchAuthRequest, type ResolvedForklaunchRequest, type ResponseBody, type ResponseCompiledSchema, type ResponseShape, type ResponsesObject, type SchemaAuthMethods, type SdkClient, type ServerSentEventBody, type StatusCode, type StringOnlyObject, type TelemetryOptions, type TextBody, type TypedBody, type TypedHandler, type TypedMiddlewareDefinition, type TypedNestableMiddlewareDefinition, type TypedResponseBody, type UnionedFetchMap, type UnknownBody, type UnknownResponseBody, type UrlEncodedForm, delete_, discriminateBody, discriminateResponseBodies, enrichExpressLikeSend, evaluateTelemetryOptions, generateMcpServer, generateSwaggerDocument, get, getCodeForStatus, head, httpRequestsTotalCounter, httpServerDurationHistogram, isClientError, isForklaunchRequest, isForklaunchRouter, isInformational, isRedirection, isServerError, isSuccessful, isValidStatusCode, logger, meta, metricsDefinitions, middleware, options, patch, post, put, recordMetric, trace, typedAuthHandler, typedHandler };
package/lib/http/index.d.ts CHANGED
@@ -6,6 +6,7 @@ import { CorsOptions } from 'cors';
6
6
  import { Counter, Gauge, Histogram, UpDownCounter, ObservableCounter, ObservableGauge, ObservableUpDownCounter, Span } from '@opentelemetry/api';
7
7
  import { LevelWithSilentOrString, LevelWithSilent, Logger } from 'pino';
8
8
  export { LevelWithSilent, LevelWithSilentOrString, Logger } from 'pino';
9
+ import { JWTPayload } from 'jose';
9
10
  import { Readable } from 'stream';
10
11
  import { ZodSchemaValidator } from '@forklaunch/validator/zod';
11
12
  import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
@@ -221,6 +222,7 @@ type JwtAuthMethods = {
221
222
  type AuthMethodsBase = {
222
223
  readonly tokenPrefix?: string;
223
224
  readonly headerName?: string;
225
+ readonly decodeResource?: (token: string) => JWTPayload | Promise<JWTPayload>;
224
226
  } & (BasicAuthMethods | JwtAuthMethods);
225
227
  type PermissionSet = {
226
228
  readonly allowedPermissions: Set<string>;
@@ -240,10 +242,10 @@ type SchemaAuthMethods<SV extends AnySchemaValidator, ParamsSchema extends Param
240
242
  } & PermissionSet) | ({
241
243
  readonly mapRoles: ExpressLikeSchemaAuthMapper<SV, ParamsSchema, ReqBody, QuerySchema, ReqHeaders, BaseRequest>;
242
244
  } & RoleSet));
243
- type AuthMethods<SV extends AnySchemaValidator, P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>, BaseRequest> = AuthMethodsBase & (({
244
- readonly mapPermissions: ExpressLikeAuthMapper<SV, P, ReqBody, ReqQuery, ReqHeaders, BaseRequest>;
245
+ type AuthMethods<P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>, BaseRequest> = AuthMethodsBase & (({
246
+ readonly mapPermissions: ExpressLikeAuthMapper<P, ReqBody, ReqQuery, ReqHeaders, BaseRequest>;
245
247
  } & PermissionSet) | ({
246
- readonly mapRoles: ExpressLikeAuthMapper<SV, P, ReqBody, ReqQuery, ReqHeaders, BaseRequest>;
248
+ readonly mapRoles: ExpressLikeAuthMapper<P, ReqBody, ReqQuery, ReqHeaders, BaseRequest>;
247
249
  } & RoleSet));
248
250
  /**
249
251
  * Type representing a mapped schema.
@@ -380,6 +382,24 @@ interface RequestContext {
380
382
  /** Active OpenTelemetry Span */
381
383
  span?: Span;
382
384
  }
385
+ interface ForklaunchBaseRequest<P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>> {
386
+ /** Request parameters */
387
+ params: P;
388
+ /** Request headers */
389
+ headers: ReqHeaders;
390
+ /** Request body */
391
+ body: ReqBody;
392
+ /** Request query */
393
+ query: ReqQuery;
394
+ /** Method */
395
+ method: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE' | 'OPTIONS' | 'HEAD' | 'CONNECT' | 'TRACE';
396
+ /** Request path */
397
+ path: string;
398
+ /** Original path */
399
+ originalPath: string;
400
+ /** OpenTelemetry Collector */
401
+ openTelemetryCollector: OpenTelemetryCollector<MetricsDefinition>;
402
+ }
383
403
  /**
384
404
  * Interface representing a Forklaunch request.
385
405
  *
@@ -559,6 +579,9 @@ type ForklaunchNextFunction = (err?: unknown) => void;
559
579
  type ResolvedForklaunchRequest<SV extends AnySchemaValidator, P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>, BaseRequest> = unknown extends BaseRequest ? ForklaunchRequest<SV, P, ReqBody, ReqQuery, ReqHeaders> : {
560
580
  [key in keyof BaseRequest]: key extends keyof ForklaunchRequest<SV, P, ReqBody, ReqQuery, ReqHeaders> ? ForklaunchRequest<SV, P, ReqBody, ReqQuery, ReqHeaders>[key] : key extends keyof BaseRequest ? BaseRequest[key] : never;
561
581
  };
582
+ type ResolvedForklaunchAuthRequest<P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>, BaseRequest> = unknown extends BaseRequest ? ForklaunchBaseRequest<P, ReqBody, ReqQuery, ReqHeaders> : {
583
+ [key in keyof BaseRequest]: key extends keyof ForklaunchBaseRequest<P, ReqBody, ReqQuery, ReqHeaders> ? ForklaunchBaseRequest<P, ReqBody, ReqQuery, ReqHeaders>[key] : key extends keyof BaseRequest ? BaseRequest[key] : never;
584
+ };
562
585
  /**
563
586
  * Represents a middleware handler with schema validation.
564
587
  *
@@ -612,8 +635,8 @@ type ExpressLikeSchemaHandler<SV extends AnySchemaValidator, P extends ParamsObj
612
635
  * @param {ForklaunchRequest<SV, P, ReqBody, ReqQuery, ReqHeaders>} req - The request object with schema validation.
613
636
  * @returns {Set<string> | Promise<Set<string>>} - A set of authorization strings or a promise that resolves to it.
614
637
  */
615
- type ExpressLikeSchemaAuthMapper<SV extends AnySchemaValidator, P extends ParamsObject<SV>, ReqBody extends Body<SV>, ReqQuery extends QueryObject<SV>, ReqHeaders extends HeadersObject<SV>, BaseRequest> = ExpressLikeAuthMapper<SV, P extends infer UnmappedParams ? UnmappedParams extends ParamsObject<SV> ? MapParamsSchema<SV, UnmappedParams> : never : never, ReqBody extends infer UnmappedReqBody ? UnmappedReqBody extends Body<SV> ? MapReqBodySchema<SV, UnmappedReqBody> : never : never, ReqQuery extends infer UnmappedReqQuery ? UnmappedReqQuery extends QueryObject<SV> ? MapReqQuerySchema<SV, UnmappedReqQuery> : never : never, ReqHeaders extends infer UnmappedReqHeaders ? UnmappedReqHeaders extends HeadersObject<SV> ? MapReqHeadersSchema<SV, UnmappedReqHeaders> : never : never, BaseRequest>;
616
- type ExpressLikeAuthMapper<SV extends AnySchemaValidator, P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>, BaseRequest> = (sub: string, req?: ResolvedForklaunchRequest<SV, P, ReqBody, ReqQuery, ReqHeaders, BaseRequest>) => Set<string> | Promise<Set<string>>;
638
+ type ExpressLikeSchemaAuthMapper<SV extends AnySchemaValidator, P extends ParamsObject<SV>, ReqBody extends Body<SV>, ReqQuery extends QueryObject<SV>, ReqHeaders extends HeadersObject<SV>, BaseRequest> = ExpressLikeAuthMapper<P extends infer UnmappedParams ? UnmappedParams extends ParamsObject<SV> ? MapParamsSchema<SV, UnmappedParams> : never : never, ReqBody extends infer UnmappedReqBody ? UnmappedReqBody extends Body<SV> ? MapReqBodySchema<SV, UnmappedReqBody> : never : never, ReqQuery extends infer UnmappedReqQuery ? UnmappedReqQuery extends QueryObject<SV> ? MapReqQuerySchema<SV, UnmappedReqQuery> : never : never, ReqHeaders extends infer UnmappedReqHeaders ? UnmappedReqHeaders extends HeadersObject<SV> ? MapReqHeadersSchema<SV, UnmappedReqHeaders> : never : never, BaseRequest>;
639
+ type ExpressLikeAuthMapper<P extends ParamsDictionary, ReqBody extends Record<string, unknown>, ReqQuery extends ParsedQs, ReqHeaders extends Record<string, string>, BaseRequest> = (payload: JWTPayload, req?: ResolvedForklaunchAuthRequest<P, ReqBody, ReqQuery, ReqHeaders, BaseRequest>) => Set<string> | Promise<Set<string>>;
617
640
  type TokenPrefix<Auth extends AuthMethodsBase> = undefined extends Auth['tokenPrefix'] ? Auth extends BasicAuthMethods ? 'Basic ' : 'Bearer ' : `${Auth['tokenPrefix']} `;
618
641
  type AuthHeaders<Auth extends AuthMethodsBase> = undefined extends Auth['headerName'] ? {
619
642
  authorization: `${TokenPrefix<Auth>}${string}`;
@@ -1424,4 +1447,4 @@ type DocsConfiguration = ({
1424
1447
  type: 'swagger';
1425
1448
  };
1426
1449
 
1427
- export { ATTR_API_NAME, ATTR_CORRELATION_ID, type AuthMethods, type AuthMethodsBase, type BasicAuthMethods, type Body, type BodyObject, type ConstrainedForklaunchRouter, type ContractDetails, type ContractDetailsExpressLikeSchemaHandler, type ContractDetailsOrMiddlewareOrTypedHandler, type DocsConfiguration, type ErrorContainer, type ExpressLikeAuthMapper, type ExpressLikeHandler, type ExpressLikeRouter, type ExpressLikeSchemaAuthMapper, type ExpressLikeSchemaHandler, type ExpressLikeTypedHandler, type ExtractBody, type ExtractContentType, type ExtractResponseBody, type ExtractedParamsObject, type FetchFunction, type FileBody, ForklaunchExpressLikeApplication, ForklaunchExpressLikeRouter, type ForklaunchNextFunction, type ForklaunchRequest, type ForklaunchResErrors, type ForklaunchResHeaders, type ForklaunchResponse, type ForklaunchRoute, type ForklaunchRouter, type ForklaunchSendableData, type ForklaunchStatusResponse, HTTPStatuses, type HeadersObject, type HttpContractDetails, type HttpMethod, type JsonBody, type JwtAuthMethods, type LiveSdkFunction, type LiveTypeFunction, type LiveTypeFunctionRequestInit, type LiveTypeRouteDefinition, type LogFn, type LoggerMeta, type MapParamsSchema, type MapReqBodySchema, type MapReqHeadersSchema, type MapReqQuerySchema, type MapResBodyMapSchema, type MapResHeadersSchema, type MapSchema, type Method, type MetricType, type MetricsDefinition, type MiddlewareContractDetails, type MiddlewareOrMiddlewareWithTypedHandler, type MultipartForm, type NestableRouterBasedHandler, type NumberOnlyObject, OpenTelemetryCollector, type ParamsDictionary, type ParamsObject, type PathBasedHandler, type PathMatch, type PathOrMiddlewareBasedHandler, type PathParamHttpContractDetails, type PathParamMethod, type QueryObject, type RawTypedResponseBody, type RequestContext, type ResolvedForklaunchRequest, type ResponseBody, type ResponseCompiledSchema, type ResponseShape, type ResponsesObject, type SchemaAuthMethods, type SdkClient, type ServerSentEventBody, type StatusCode, type StringOnlyObject, type TelemetryOptions, type TextBody, type TypedBody, type TypedHandler, type TypedMiddlewareDefinition, type TypedNestableMiddlewareDefinition, type TypedResponseBody, type UnionedFetchMap, type UnknownBody, type UnknownResponseBody, type UrlEncodedForm, delete_, discriminateBody, discriminateResponseBodies, enrichExpressLikeSend, evaluateTelemetryOptions, generateMcpServer, generateSwaggerDocument, get, getCodeForStatus, head, httpRequestsTotalCounter, httpServerDurationHistogram, isClientError, isForklaunchRequest, isForklaunchRouter, isInformational, isRedirection, isServerError, isSuccessful, isValidStatusCode, logger, meta, metricsDefinitions, middleware, options, patch, post, put, recordMetric, trace, typedAuthHandler, typedHandler };
1450
+ export { ATTR_API_NAME, ATTR_CORRELATION_ID, type AuthMethods, type AuthMethodsBase, type BasicAuthMethods, type Body, type BodyObject, type ConstrainedForklaunchRouter, type ContractDetails, type ContractDetailsExpressLikeSchemaHandler, type ContractDetailsOrMiddlewareOrTypedHandler, type DocsConfiguration, type ErrorContainer, type ExpressLikeAuthMapper, type ExpressLikeHandler, type ExpressLikeRouter, type ExpressLikeSchemaAuthMapper, type ExpressLikeSchemaHandler, type ExpressLikeTypedHandler, type ExtractBody, type ExtractContentType, type ExtractResponseBody, type ExtractedParamsObject, type FetchFunction, type FileBody, type ForklaunchBaseRequest, ForklaunchExpressLikeApplication, ForklaunchExpressLikeRouter, type ForklaunchNextFunction, type ForklaunchRequest, type ForklaunchResErrors, type ForklaunchResHeaders, type ForklaunchResponse, type ForklaunchRoute, type ForklaunchRouter, type ForklaunchSendableData, type ForklaunchStatusResponse, HTTPStatuses, type HeadersObject, type HttpContractDetails, type HttpMethod, type JsonBody, type JwtAuthMethods, type LiveSdkFunction, type LiveTypeFunction, type LiveTypeFunctionRequestInit, type LiveTypeRouteDefinition, type LogFn, type LoggerMeta, type MapParamsSchema, type MapReqBodySchema, type MapReqHeadersSchema, type MapReqQuerySchema, type MapResBodyMapSchema, type MapResHeadersSchema, type MapSchema, type Method, type MetricType, type MetricsDefinition, type MiddlewareContractDetails, type MiddlewareOrMiddlewareWithTypedHandler, type MultipartForm, type NestableRouterBasedHandler, type NumberOnlyObject, OpenTelemetryCollector, type ParamsDictionary, type ParamsObject, type PathBasedHandler, type PathMatch, type PathOrMiddlewareBasedHandler, type PathParamHttpContractDetails, type PathParamMethod, type QueryObject, type RawTypedResponseBody, type RequestContext, type ResolvedForklaunchAuthRequest, type ResolvedForklaunchRequest, type ResponseBody, type ResponseCompiledSchema, type ResponseShape, type ResponsesObject, type SchemaAuthMethods, type SdkClient, type ServerSentEventBody, type StatusCode, type StringOnlyObject, type TelemetryOptions, type TextBody, type TypedBody, type TypedHandler, type TypedMiddlewareDefinition, type TypedNestableMiddlewareDefinition, type TypedResponseBody, type UnionedFetchMap, type UnknownBody, type UnknownResponseBody, type UrlEncodedForm, delete_, discriminateBody, discriminateResponseBodies, enrichExpressLikeSend, evaluateTelemetryOptions, generateMcpServer, generateSwaggerDocument, get, getCodeForStatus, head, httpRequestsTotalCounter, httpServerDurationHistogram, isClientError, isForklaunchRequest, isForklaunchRouter, isInformational, isRedirection, isServerError, isSuccessful, isValidStatusCode, logger, meta, metricsDefinitions, middleware, options, patch, post, put, recordMetric, trace, typedAuthHandler, typedHandler };
package/lib/http/index.js CHANGED
@@ -147,16 +147,24 @@ function discriminateAuthMethod(auth) {
147
147
  if ("basic" in auth) {
148
148
  return {
149
149
  type: "basic",
150
- auth: auth.basic
150
+ auth: {
151
+ decodeResource: auth.decodeResource,
152
+ login: auth.basic.login
153
+ }
151
154
  };
152
155
  } else if ("jwt" in auth) {
153
156
  return {
154
157
  type: "jwt",
155
- auth: auth.jwt
158
+ auth: {
159
+ decodeResource: auth.decodeResource
160
+ }
156
161
  };
157
162
  } else {
158
163
  return {
159
- type: "jwt"
164
+ type: "jwt",
165
+ auth: {
166
+ decodeResource: auth.decodeResource
167
+ }
160
168
  };
161
169
  }
162
170
  }
@@ -209,32 +217,38 @@ async function checkAuthorizationToken(authorizationMethod, authorizationToken,
209
217
  return invalidAuthorizationTokenFormat;
210
218
  }
211
219
  try {
212
- const decodedJwt = await (0, import_jose.jwtVerify)(
220
+ const decodedJwt = await auth?.decodeResource?.(token) ?? (await (0, import_jose.jwtVerify)(
213
221
  token,
214
222
  new TextEncoder().encode(process.env.JWT_SECRET)
215
- );
216
- if (!decodedJwt.payload.sub) {
223
+ )).payload;
224
+ if (!decodedJwt) {
217
225
  return invalidAuthorizationSubject;
218
226
  }
219
- resourceId = decodedJwt.payload.sub;
227
+ resourceId = decodedJwt;
220
228
  } catch (error) {
221
- req.openTelemetryCollector.error(error);
229
+ req?.openTelemetryCollector.error(error);
222
230
  return invalidAuthorizationToken;
223
231
  }
224
232
  break;
225
233
  }
226
234
  case "basic": {
227
- if (authorizationToken !== (authorizationMethod.tokenPrefix ?? "Basic")) {
228
- return invalidAuthorizationTokenFormat;
229
- }
230
- const [username, password] = Buffer.from(token, "base64").toString("utf-8").split(":");
231
- if (!username || !password) {
235
+ if (tokenPrefix !== (authorizationMethod.tokenPrefix ?? "Basic")) {
232
236
  return invalidAuthorizationTokenFormat;
233
237
  }
234
- if (!auth.login(username, password)) {
235
- return invalidAuthorizationLogin;
238
+ if (auth.decodeResource) {
239
+ resourceId = await auth.decodeResource(token);
240
+ } else {
241
+ const [username, password] = Buffer.from(token, "base64").toString("utf-8").split(":");
242
+ if (!username || !password) {
243
+ return invalidAuthorizationTokenFormat;
244
+ }
245
+ if (!auth.login(username, password)) {
246
+ return invalidAuthorizationLogin;
247
+ }
248
+ resourceId = {
249
+ sub: username
250
+ };
236
251
  }
237
- resourceId = username;
238
252
  break;
239
253
  }
240
254
  default:
@@ -629,7 +643,18 @@ function parse(req, res, next) {
629
643
  enumerable: true,
630
644
  configurable: false
631
645
  });
632
- req.headers = parsedRequest.value.headers ?? {};
646
+ const parsedHeaders = parsedRequest.value.headers ?? {};
647
+ req.headers = Object.keys(req.headers).reduce(
648
+ (acc, key) => {
649
+ if (parsedHeaders?.[key]) {
650
+ acc[key] = parsedHeaders[key];
651
+ } else {
652
+ acc[key] = req.headers[key];
653
+ }
654
+ return acc;
655
+ },
656
+ {}
657
+ );
633
658
  }
634
659
  if (!parsedRequest.ok) {
635
660
  switch (req.contractDetails.options?.requestValidation) {