@guardcore/fastify 1.0.0

package/dist/index.cjs

@@ -0,0 +1,254 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  BaseSecurityDecorator: () => import_core2.BaseSecurityDecorator,
+  BehaviorRule: () => import_core2.BehaviorRule,
+  FastifyGuardRequest: () => FastifyGuardRequest,
+  FastifyGuardResponse: () => FastifyGuardResponse,
+  FastifyResponseFactory: () => FastifyResponseFactory,
+  RouteConfig: () => import_core2.RouteConfig,
+  SecurityConfigSchema: () => import_core2.SecurityConfigSchema,
+  SecurityDecorator: () => import_core2.SecurityDecorator,
+  configureCors: () => configureCors,
+  defaultLogger: () => import_core2.defaultLogger,
+  guardPlugin: () => guardPlugin
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/plugin.ts
+var import_core = require("@guardcore/core");
+
+// src/adapters.ts
+var FastifyGuardRequest = class {
+  constructor(req) {
+    this.req = req;
+  }
+  _state = {};
+  get urlPath() {
+    return this.req.url.split("?")[0];
+  }
+  get urlScheme() {
+    return this.req.protocol;
+  }
+  get urlFull() {
+    return `${this.req.protocol}://${this.req.hostname}${this.req.url}`;
+  }
+  urlReplaceScheme(scheme) {
+    return this.urlFull.replace(/^https?/, scheme);
+  }
+  get method() {
+    return this.req.method;
+  }
+  get clientHost() {
+    return this.req.ip ?? null;
+  }
+  get headers() {
+    return this.req.headers;
+  }
+  get queryParams() {
+    return this.req.query ?? {};
+  }
+  async body() {
+    const raw = this.req.body;
+    if (raw instanceof Buffer) return new Uint8Array(raw);
+    if (typeof raw === "string") return new TextEncoder().encode(raw);
+    if (raw !== void 0 && raw !== null) return new TextEncoder().encode(JSON.stringify(raw));
+    return new Uint8Array(0);
+  }
+  get state() {
+    return this._state;
+  }
+  get scope() {
+    return {};
+  }
+};
+var FastifyGuardResponse = class {
+  constructor(statusCode, content) {
+    this.statusCode = statusCode;
+    this._body = new TextEncoder().encode(content);
+    this._headers["content-type"] = "application/json";
+  }
+  _headers = {};
+  _body;
+  get headers() {
+    return this._headers;
+  }
+  setHeader(name, value) {
+    this._headers[name] = value;
+  }
+  get body() {
+    return this._body;
+  }
+  get bodyText() {
+    return this._body ? new TextDecoder().decode(this._body) : null;
+  }
+};
+var FastifyResponseFactory = class {
+  createResponse(content, statusCode) {
+    return new FastifyGuardResponse(statusCode, JSON.stringify({ detail: content }));
+  }
+  createRedirectResponse(url, statusCode) {
+    const resp = new FastifyGuardResponse(statusCode, "");
+    resp.setHeader("location", url);
+    return resp;
+  }
+};
+
+// src/plugin.ts
+async function guardPlugin(fastify, options) {
+  const resolved = import_core.SecurityConfigSchema.parse(options.config);
+  const logger = resolved.logger ?? import_core.defaultLogger;
+  const responseFactory = new FastifyResponseFactory();
+  const components = await (0, import_core.initializeSecurityMiddleware)(
+    resolved,
+    logger,
+    responseFactory,
+    options.agentHandler,
+    options.geoIpHandler,
+    options.guardDecorator
+  );
+  logger.info("Guard security plugin initialized");
+  fastify.addHook("onRequest", async (request, reply) => {
+    const guardReq = new FastifyGuardRequest(request);
+    const passthrough = await components.bypassHandler.handlePassthrough(
+      guardReq,
+      async () => createPassthroughResponse()
+    );
+    if (passthrough) {
+      sendFastifyResponse(reply, passthrough);
+      return;
+    }
+    const routeConfig = components.routeResolver.getRouteConfig(guardReq);
+    const bypass = await components.bypassHandler.handleSecurityBypass(
+      guardReq,
+      async () => createPassthroughResponse(),
+      routeConfig
+    );
+    if (bypass) {
+      sendFastifyResponse(reply, bypass);
+      return;
+    }
+    const blockResponse = await components.pipeline.execute(guardReq);
+    if (blockResponse) {
+      sendFastifyResponse(reply, blockResponse);
+      return;
+    }
+    if (routeConfig && routeConfig.behaviorRules.length > 0) {
+      const clientIp = guardReq.clientHost ?? "unknown";
+      await components.behavioralProcessor.processUsageRules(guardReq, clientIp, routeConfig);
+    }
+    request["_guardRequest"] = guardReq;
+    request["_guardRouteConfig"] = routeConfig;
+    request["_guardStartTime"] = performance.now();
+  });
+  fastify.addHook("onSend", async (request, reply, payload) => {
+    const guardReq = request["_guardRequest"];
+    const routeConfig = request["_guardRouteConfig"];
+    const startTime = request["_guardStartTime"];
+    if (!guardReq || startTime === void 0) return payload;
+    const responseTime = (performance.now() - startTime) / 1e3;
+    const bodyText = typeof payload === "string" ? payload : null;
+    const capturedResponse = {
+      statusCode: reply.statusCode,
+      headers: Object.fromEntries(
+        Object.entries(reply.getHeaders()).map(([k, v]) => [k, String(v)])
+      ),
+      setHeader(name, value) {
+        reply.header(name, value);
+      },
+      body: bodyText ? new TextEncoder().encode(bodyText) : null,
+      bodyText
+    };
+    await components.errorResponseFactory.processResponse(
+      guardReq,
+      capturedResponse,
+      responseTime,
+      routeConfig ?? null,
+      routeConfig ? async (req, res, clientIp, rc) => {
+        await components.behavioralProcessor.processReturnRules(req, res, clientIp, rc);
+      } : void 0
+    );
+    return payload;
+  });
+}
+function sendFastifyResponse(reply, response) {
+  for (const [name, value] of Object.entries(response.headers)) {
+    reply.header(name, value);
+  }
+  if (response.headers["location"]) {
+    reply.redirect(response.headers["location"]);
+    return;
+  }
+  reply.status(response.statusCode).send(response.bodyText ?? "");
+}
+function createPassthroughResponse() {
+  return { statusCode: 200, headers: {}, setHeader() {
+  }, body: null, bodyText: null };
+}
+
+// src/cors.ts
+async function configureCors(fastify, config) {
+  if (!config.enableCors) return;
+  try {
+    const fastifyCors = await import("@fastify/cors");
+    await fastify.register(fastifyCors.default ?? fastifyCors, {
+      origin: config.corsAllowOrigins,
+      methods: config.corsAllowMethods,
+      allowedHeaders: config.corsAllowHeaders,
+      credentials: config.corsAllowCredentials,
+      exposedHeaders: config.corsExposeHeaders,
+      maxAge: config.corsMaxAge
+    });
+  } catch {
+    throw new Error(
+      '@guardcore/fastify: CORS is enabled but "@fastify/cors" is not installed. Run: pnpm add @fastify/cors'
+    );
+  }
+}
+
+// src/index.ts
+var import_core2 = require("@guardcore/core");
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  BaseSecurityDecorator,
+  BehaviorRule,
+  FastifyGuardRequest,
+  FastifyGuardResponse,
+  FastifyResponseFactory,
+  RouteConfig,
+  SecurityConfigSchema,
+  SecurityDecorator,
+  configureCors,
+  defaultLogger,
+  guardPlugin
+});
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/index.ts","../src/plugin.ts","../src/adapters.ts","../src/cors.ts"],"sourcesContent":["export { guardPlugin } from './plugin.js';\nexport type { GuardPluginOptions } from './plugin.js';\nexport { configureCors } from './cors.js';\nexport { FastifyGuardRequest, FastifyGuardResponse, FastifyResponseFactory } from './adapters.js';\n\nexport {\n  SecurityConfigSchema,\n  BaseSecurityDecorator,\n  SecurityDecorator,\n  RouteConfig,\n  BehaviorRule,\n  defaultLogger,\n} from '@guardcore/core';\n\nexport type {\n  SecurityConfig,\n  ResolvedSecurityConfig,\n  GuardRequest,\n  GuardResponse,\n  Logger,\n} from '@guardcore/core';\n","import type { FastifyInstance, FastifyReply } from 'fastify';\nimport type {\n  SecurityConfig,\n  GuardRequest,\n  GuardResponse,\n  Logger,\n  AgentHandlerProtocol,\n  GeoIPHandler,\n  SecurityMiddlewareComponents,\n  RouteConfig,\n} from '@guardcore/core';\nimport { SecurityConfigSchema, defaultLogger, initializeSecurityMiddleware } from '@guardcore/core';\nimport { FastifyGuardRequest, FastifyResponseFactory } from './adapters.js';\n\nexport interface GuardPluginOptions {\n  config: SecurityConfig;\n  agentHandler?: AgentHandlerProtocol;\n  geoIpHandler?: GeoIPHandler;\n  guardDecorator?: unknown;\n}\n\nexport async function guardPlugin(fastify: FastifyInstance, options: GuardPluginOptions): Promise<void> {\n  const resolved = SecurityConfigSchema.parse(options.config);\n  const logger: Logger = resolved.logger ?? defaultLogger;\n  const responseFactory = new FastifyResponseFactory();\n\n  const components: SecurityMiddlewareComponents = await initializeSecurityMiddleware(\n    resolved, logger, responseFactory,\n    options.agentHandler, options.geoIpHandler, options.guardDecorator,\n  );\n\n  logger.info('Guard security plugin initialized');\n\n  fastify.addHook('onRequest', async (request, reply) => {\n    const guardReq = new FastifyGuardRequest(request);\n\n    const passthrough = await components.bypassHandler.handlePassthrough(\n      guardReq, async () => createPassthroughResponse(),\n    );\n    if (passthrough) {\n      sendFastifyResponse(reply, passthrough);\n      return;\n    }\n\n    const routeConfig = components.routeResolver.getRouteConfig(guardReq);\n\n    const bypass = await components.bypassHandler.handleSecurityBypass(\n      guardReq, async () => createPassthroughResponse(), routeConfig,\n    );\n    if (bypass) {\n      sendFastifyResponse(reply, bypass);\n      return;\n    }\n\n    const blockResponse = await components.pipeline.execute(guardReq);\n    if (blockResponse) {\n      sendFastifyResponse(reply, blockResponse);\n      return;\n    }\n\n    if (routeConfig && routeConfig.behaviorRules.length > 0) {\n      const clientIp = guardReq.clientHost ?? 'unknown';\n      await components.behavioralProcessor.processUsageRules(guardReq, clientIp, routeConfig);\n    }\n\n    (request as unknown as Record<string, unknown>)['_guardRequest'] = guardReq;\n    (request as unknown as Record<string, unknown>)['_guardRouteConfig'] = routeConfig;\n    (request as unknown as Record<string, unknown>)['_guardStartTime'] = performance.now();\n  });\n\n  fastify.addHook('onSend', async (request, reply, payload) => {\n    const guardReq = (request as unknown as Record<string, unknown>)['_guardRequest'] as FastifyGuardRequest | undefined;\n    const routeConfig = (request as unknown as Record<string, unknown>)['_guardRouteConfig'] as RouteConfig | null | undefined;\n    const startTime = (request as unknown as Record<string, unknown>)['_guardStartTime'] as number | undefined;\n\n    if (!guardReq || startTime === undefined) return payload;\n\n    const responseTime = (performance.now() - startTime) / 1000;\n    const bodyText = typeof payload === 'string' ? payload : null;\n    const capturedResponse: GuardResponse = {\n      statusCode: reply.statusCode,\n      headers: Object.fromEntries(\n        Object.entries(reply.getHeaders()).map(([k, v]) => [k, String(v)]),\n      ),\n      setHeader(name: string, value: string) { reply.header(name, value); },\n      body: bodyText ? new TextEncoder().encode(bodyText) : null,\n      bodyText,\n    };\n\n    await components.errorResponseFactory.processResponse(\n      guardReq, capturedResponse, responseTime, routeConfig ?? null,\n      routeConfig ? async (req: GuardRequest, res: GuardResponse, clientIp: string, rc: RouteConfig) => {\n        await components.behavioralProcessor.processReturnRules(req, res, clientIp, rc);\n      } : undefined,\n    );\n\n    return payload;\n  });\n}\n\nfunction sendFastifyResponse(reply: FastifyReply, response: GuardResponse): void {\n  for (const [name, value] of Object.entries(response.headers)) {\n    reply.header(name, value);\n  }\n\n  if (response.headers['location']) {\n    reply.redirect(response.headers['location']);\n    return;\n  }\n\n  reply.status(response.statusCode).send(response.bodyText ?? '');\n}\n\nfunction createPassthroughResponse(): GuardResponse {\n  return { statusCode: 200, headers: {}, setHeader() {}, body: null, bodyText: null };\n}\n","import type { FastifyRequest } from 'fastify';\nimport type { GuardRequest, GuardRequestState, GuardResponse, GuardResponseFactory } from '@guardcore/core';\n\nexport class FastifyGuardRequest implements GuardRequest {\n  private _state: GuardRequestState = {};\n\n  constructor(private readonly req: FastifyRequest) {}\n\n  get urlPath(): string { return this.req.url.split('?')[0]; }\n  get urlScheme(): string { return this.req.protocol; }\n  get urlFull(): string { return `${this.req.protocol}://${this.req.hostname}${this.req.url}`; }\n  urlReplaceScheme(scheme: string): string { return this.urlFull.replace(/^https?/, scheme); }\n  get method(): string { return this.req.method; }\n  get clientHost(): string | null { return this.req.ip ?? null; }\n  get headers(): Readonly<Record<string, string>> { return this.req.headers as Record<string, string>; }\n  get queryParams(): Readonly<Record<string, string>> { return (this.req.query ?? {}) as Record<string, string>; }\n  async body(): Promise<Uint8Array> {\n    const raw = this.req.body;\n    if (raw instanceof Buffer) return new Uint8Array(raw);\n    if (typeof raw === 'string') return new TextEncoder().encode(raw);\n    if (raw !== undefined && raw !== null) return new TextEncoder().encode(JSON.stringify(raw));\n    return new Uint8Array(0);\n  }\n  get state(): GuardRequestState { return this._state; }\n  get scope(): Readonly<Record<string, unknown>> { return {}; }\n}\n\nexport class FastifyGuardResponse implements GuardResponse {\n  private _headers: Record<string, string> = {};\n  private _body: Uint8Array | null;\n\n  constructor(readonly statusCode: number, content: string) {\n    this._body = new TextEncoder().encode(content);\n    this._headers['content-type'] = 'application/json';\n  }\n\n  get headers(): Record<string, string> { return this._headers; }\n  setHeader(name: string, value: string): void { this._headers[name] = value; }\n  get body(): Uint8Array | null { return this._body; }\n  get bodyText(): string | null { return this._body ? new TextDecoder().decode(this._body) : null; }\n}\n\nexport class FastifyResponseFactory implements GuardResponseFactory {\n  createResponse(content: string, statusCode: number): GuardResponse {\n    return new FastifyGuardResponse(statusCode, JSON.stringify({ detail: content }));\n  }\n\n  createRedirectResponse(url: string, statusCode: number): GuardResponse {\n    const resp = new FastifyGuardResponse(statusCode, '');\n    resp.setHeader('location', url);\n    return resp;\n  }\n}\n","import type { FastifyInstance } from 'fastify';\nimport type { ResolvedSecurityConfig } from '@guardcore/core';\n\nexport async function configureCors(fastify: FastifyInstance, config: ResolvedSecurityConfig): Promise<void> {\n  if (!config.enableCors) return;\n\n  try {\n    const fastifyCors = await import('@fastify/cors');\n    await fastify.register(fastifyCors.default ?? fastifyCors, {\n      origin: config.corsAllowOrigins,\n      methods: config.corsAllowMethods,\n      allowedHeaders: config.corsAllowHeaders,\n      credentials: config.corsAllowCredentials,\n      exposedHeaders: config.corsExposeHeaders,\n      maxAge: config.corsMaxAge,\n    });\n  } catch {\n    throw new Error(\n      '@guardcore/fastify: CORS is enabled but \"@fastify/cors\" is not installed. ' +\n      'Run: pnpm add @fastify/cors',\n    );\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACWA,kBAAkF;;;ACR3E,IAAM,sBAAN,MAAkD;AAAA,EAGvD,YAA6B,KAAqB;AAArB;AAAA,EAAsB;AAAA,EAF3C,SAA4B,CAAC;AAAA,EAIrC,IAAI,UAAkB;AAAE,WAAO,KAAK,IAAI,IAAI,MAAM,GAAG,EAAE,CAAC;AAAA,EAAG;AAAA,EAC3D,IAAI,YAAoB;AAAE,WAAO,KAAK,IAAI;AAAA,EAAU;AAAA,EACpD,IAAI,UAAkB;AAAE,WAAO,GAAG,KAAK,IAAI,QAAQ,MAAM,KAAK,IAAI,QAAQ,GAAG,KAAK,IAAI,GAAG;AAAA,EAAI;AAAA,EAC7F,iBAAiB,QAAwB;AAAE,WAAO,KAAK,QAAQ,QAAQ,WAAW,MAAM;AAAA,EAAG;AAAA,EAC3F,IAAI,SAAiB;AAAE,WAAO,KAAK,IAAI;AAAA,EAAQ;AAAA,EAC/C,IAAI,aAA4B;AAAE,WAAO,KAAK,IAAI,MAAM;AAAA,EAAM;AAAA,EAC9D,IAAI,UAA4C;AAAE,WAAO,KAAK,IAAI;AAAA,EAAmC;AAAA,EACrG,IAAI,cAAgD;AAAE,WAAQ,KAAK,IAAI,SAAS,CAAC;AAAA,EAA8B;AAAA,EAC/G,MAAM,OAA4B;AAChC,UAAM,MAAM,KAAK,IAAI;AACrB,QAAI,eAAe,OAAQ,QAAO,IAAI,WAAW,GAAG;AACpD,QAAI,OAAO,QAAQ,SAAU,QAAO,IAAI,YAAY,EAAE,OAAO,GAAG;AAChE,QAAI,QAAQ,UAAa,QAAQ,KAAM,QAAO,IAAI,YAAY,EAAE,OAAO,KAAK,UAAU,GAAG,CAAC;AAC1F,WAAO,IAAI,WAAW,CAAC;AAAA,EACzB;AAAA,EACA,IAAI,QAA2B;AAAE,WAAO,KAAK;AAAA,EAAQ;AAAA,EACrD,IAAI,QAA2C;AAAE,WAAO,CAAC;AAAA,EAAG;AAC9D;AAEO,IAAM,uBAAN,MAAoD;AAAA,EAIzD,YAAqB,YAAoB,SAAiB;AAArC;AACnB,SAAK,QAAQ,IAAI,YAAY,EAAE,OAAO,OAAO;AAC7C,SAAK,SAAS,cAAc,IAAI;AAAA,EAClC;AAAA,EANQ,WAAmC,CAAC;AAAA,EACpC;AAAA,EAOR,IAAI,UAAkC;AAAE,WAAO,KAAK;AAAA,EAAU;AAAA,EAC9D,UAAU,MAAc,OAAqB;AAAE,SAAK,SAAS,IAAI,IAAI;AAAA,EAAO;AAAA,EAC5E,IAAI,OAA0B;AAAE,WAAO,KAAK;AAAA,EAAO;AAAA,EACnD,IAAI,WAA0B;AAAE,WAAO,KAAK,QAAQ,IAAI,YAAY,EAAE,OAAO,KAAK,KAAK,IAAI;AAAA,EAAM;AACnG;AAEO,IAAM,yBAAN,MAA6D;AAAA,EAClE,eAAe,SAAiB,YAAmC;AACjE,WAAO,IAAI,qBAAqB,YAAY,KAAK,UAAU,EAAE,QAAQ,QAAQ,CAAC,CAAC;AAAA,EACjF;AAAA,EAEA,uBAAuB,KAAa,YAAmC;AACrE,UAAM,OAAO,IAAI,qBAAqB,YAAY,EAAE;AACpD,SAAK,UAAU,YAAY,GAAG;AAC9B,WAAO;AAAA,EACT;AACF;;;AD/BA,eAAsB,YAAY,SAA0B,SAA4C;AACtG,QAAM,WAAW,iCAAqB,MAAM,QAAQ,MAAM;AAC1D,QAAM,SAAiB,SAAS,UAAU;AAC1C,QAAM,kBAAkB,IAAI,uBAAuB;AAEnD,QAAM,aAA2C,UAAM;AAAA,IACrD;AAAA,IAAU;AAAA,IAAQ;AAAA,IAClB,QAAQ;AAAA,IAAc,QAAQ;AAAA,IAAc,QAAQ;AAAA,EACtD;AAEA,SAAO,KAAK,mCAAmC;AAE/C,UAAQ,QAAQ,aAAa,OAAO,SAAS,UAAU;AACrD,UAAM,WAAW,IAAI,oBAAoB,OAAO;AAEhD,UAAM,cAAc,MAAM,WAAW,cAAc;AAAA,MACjD;AAAA,MAAU,YAAY,0BAA0B;AAAA,IAClD;AACA,QAAI,aAAa;AACf,0BAAoB,OAAO,WAAW;AACtC;AAAA,IACF;AAEA,UAAM,cAAc,WAAW,cAAc,eAAe,QAAQ;AAEpE,UAAM,SAAS,MAAM,WAAW,cAAc;AAAA,MAC5C;AAAA,MAAU,YAAY,0BAA0B;AAAA,MAAG;AAAA,IACrD;AACA,QAAI,QAAQ;AACV,0BAAoB,OAAO,MAAM;AACjC;AAAA,IACF;AAEA,UAAM,gBAAgB,MAAM,WAAW,SAAS,QAAQ,QAAQ;AAChE,QAAI,eAAe;AACjB,0BAAoB,OAAO,aAAa;AACxC;AAAA,IACF;AAEA,QAAI,eAAe,YAAY,cAAc,SAAS,GAAG;AACvD,YAAM,WAAW,SAAS,cAAc;AACxC,YAAM,WAAW,oBAAoB,kBAAkB,UAAU,UAAU,WAAW;AAAA,IACxF;AAEA,IAAC,QAA+C,eAAe,IAAI;AACnE,IAAC,QAA+C,mBAAmB,IAAI;AACvE,IAAC,QAA+C,iBAAiB,IAAI,YAAY,IAAI;AAAA,EACvF,CAAC;AAED,UAAQ,QAAQ,UAAU,OAAO,SAAS,OAAO,YAAY;AAC3D,UAAM,WAAY,QAA+C,eAAe;AAChF,UAAM,cAAe,QAA+C,mBAAmB;AACvF,UAAM,YAAa,QAA+C,iBAAiB;AAEnF,QAAI,CAAC,YAAY,cAAc,OAAW,QAAO;AAEjD,UAAM,gBAAgB,YAAY,IAAI,IAAI,aAAa;AACvD,UAAM,WAAW,OAAO,YAAY,WAAW,UAAU;AACzD,UAAM,mBAAkC;AAAA,MACtC,YAAY,MAAM;AAAA,MAClB,SAAS,OAAO;AAAA,QACd,OAAO,QAAQ,MAAM,WAAW,CAAC,EAAE,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;AAAA,MACnE;AAAA,MACA,UAAU,MAAc,OAAe;AAAE,cAAM,OAAO,MAAM,KAAK;AAAA,MAAG;AAAA,MACpE,MAAM,WAAW,IAAI,YAAY,EAAE,OAAO,QAAQ,IAAI;AAAA,MACtD;AAAA,IACF;AAEA,UAAM,WAAW,qBAAqB;AAAA,MACpC;AAAA,MAAU;AAAA,MAAkB;AAAA,MAAc,eAAe;AAAA,MACzD,cAAc,OAAO,KAAmB,KAAoB,UAAkB,OAAoB;AAChG,cAAM,WAAW,oBAAoB,mBAAmB,KAAK,KAAK,UAAU,EAAE;AAAA,MAChF,IAAI;AAAA,IACN;AAEA,WAAO;AAAA,EACT,CAAC;AACH;AAEA,SAAS,oBAAoB,OAAqB,UAA+B;AAC/E,aAAW,CAAC,MAAM,KAAK,KAAK,OAAO,QAAQ,SAAS,OAAO,GAAG;AAC5D,UAAM,OAAO,MAAM,KAAK;AAAA,EAC1B;AAEA,MAAI,SAAS,QAAQ,UAAU,GAAG;AAChC,UAAM,SAAS,SAAS,QAAQ,UAAU,CAAC;AAC3C;AAAA,EACF;AAEA,QAAM,OAAO,SAAS,UAAU,EAAE,KAAK,SAAS,YAAY,EAAE;AAChE;AAEA,SAAS,4BAA2C;AAClD,SAAO,EAAE,YAAY,KAAK,SAAS,CAAC,GAAG,YAAY;AAAA,EAAC,GAAG,MAAM,MAAM,UAAU,KAAK;AACpF;;;AEhHA,eAAsB,cAAc,SAA0B,QAA+C;AAC3G,MAAI,CAAC,OAAO,WAAY;AAExB,MAAI;AACF,UAAM,cAAc,MAAM,OAAO,eAAe;AAChD,UAAM,QAAQ,SAAS,YAAY,WAAW,aAAa;AAAA,MACzD,QAAQ,OAAO;AAAA,MACf,SAAS,OAAO;AAAA,MAChB,gBAAgB,OAAO;AAAA,MACvB,aAAa,OAAO;AAAA,MACpB,gBAAgB,OAAO;AAAA,MACvB,QAAQ,OAAO;AAAA,IACjB,CAAC;AAAA,EACH,QAAQ;AACN,UAAM,IAAI;AAAA,MACR;AAAA,IAEF;AAAA,EACF;AACF;;;AHjBA,IAAAA,eAOO;","names":["import_core"]}

package/dist/index.d.cts

@@ -0,0 +1,46 @@
+import { FastifyInstance, FastifyRequest } from 'fastify';
+import { SecurityConfig, AgentHandlerProtocol, GeoIPHandler, ResolvedSecurityConfig, GuardRequest, GuardRequestState, GuardResponse, GuardResponseFactory } from '@guardcore/core';
+export { BaseSecurityDecorator, BehaviorRule, GuardRequest, GuardResponse, Logger, ResolvedSecurityConfig, RouteConfig, SecurityConfig, SecurityConfigSchema, SecurityDecorator, defaultLogger } from '@guardcore/core';
+
+interface GuardPluginOptions {
+    config: SecurityConfig;
+    agentHandler?: AgentHandlerProtocol;
+    geoIpHandler?: GeoIPHandler;
+    guardDecorator?: unknown;
+}
+declare function guardPlugin(fastify: FastifyInstance, options: GuardPluginOptions): Promise<void>;
+
+declare function configureCors(fastify: FastifyInstance, config: ResolvedSecurityConfig): Promise<void>;
+
+declare class FastifyGuardRequest implements GuardRequest {
+    private readonly req;
+    private _state;
+    constructor(req: FastifyRequest);
+    get urlPath(): string;
+    get urlScheme(): string;
+    get urlFull(): string;
+    urlReplaceScheme(scheme: string): string;
+    get method(): string;
+    get clientHost(): string | null;
+    get headers(): Readonly<Record<string, string>>;
+    get queryParams(): Readonly<Record<string, string>>;
+    body(): Promise<Uint8Array>;
+    get state(): GuardRequestState;
+    get scope(): Readonly<Record<string, unknown>>;
+}
+declare class FastifyGuardResponse implements GuardResponse {
+    readonly statusCode: number;
+    private _headers;
+    private _body;
+    constructor(statusCode: number, content: string);
+    get headers(): Record<string, string>;
+    setHeader(name: string, value: string): void;
+    get body(): Uint8Array | null;
+    get bodyText(): string | null;
+}
+declare class FastifyResponseFactory implements GuardResponseFactory {
+    createResponse(content: string, statusCode: number): GuardResponse;
+    createRedirectResponse(url: string, statusCode: number): GuardResponse;
+}
+
+export { FastifyGuardRequest, FastifyGuardResponse, FastifyResponseFactory, type GuardPluginOptions, configureCors, guardPlugin };

package/dist/index.d.ts

@@ -0,0 +1,46 @@
+import { FastifyInstance, FastifyRequest } from 'fastify';
+import { SecurityConfig, AgentHandlerProtocol, GeoIPHandler, ResolvedSecurityConfig, GuardRequest, GuardRequestState, GuardResponse, GuardResponseFactory } from '@guardcore/core';
+export { BaseSecurityDecorator, BehaviorRule, GuardRequest, GuardResponse, Logger, ResolvedSecurityConfig, RouteConfig, SecurityConfig, SecurityConfigSchema, SecurityDecorator, defaultLogger } from '@guardcore/core';
+
+interface GuardPluginOptions {
+    config: SecurityConfig;
+    agentHandler?: AgentHandlerProtocol;
+    geoIpHandler?: GeoIPHandler;
+    guardDecorator?: unknown;
+}
+declare function guardPlugin(fastify: FastifyInstance, options: GuardPluginOptions): Promise<void>;
+
+declare function configureCors(fastify: FastifyInstance, config: ResolvedSecurityConfig): Promise<void>;
+
+declare class FastifyGuardRequest implements GuardRequest {
+    private readonly req;
+    private _state;
+    constructor(req: FastifyRequest);
+    get urlPath(): string;
+    get urlScheme(): string;
+    get urlFull(): string;
+    urlReplaceScheme(scheme: string): string;
+    get method(): string;
+    get clientHost(): string | null;
+    get headers(): Readonly<Record<string, string>>;
+    get queryParams(): Readonly<Record<string, string>>;
+    body(): Promise<Uint8Array>;
+    get state(): GuardRequestState;
+    get scope(): Readonly<Record<string, unknown>>;
+}
+declare class FastifyGuardResponse implements GuardResponse {
+    readonly statusCode: number;
+    private _headers;
+    private _body;
+    constructor(statusCode: number, content: string);
+    get headers(): Record<string, string>;
+    setHeader(name: string, value: string): void;
+    get body(): Uint8Array | null;
+    get bodyText(): string | null;
+}
+declare class FastifyResponseFactory implements GuardResponseFactory {
+    createResponse(content: string, statusCode: number): GuardResponse;
+    createRedirectResponse(url: string, statusCode: number): GuardResponse;
+}
+
+export { FastifyGuardRequest, FastifyGuardResponse, FastifyResponseFactory, type GuardPluginOptions, configureCors, guardPlugin };

package/dist/index.js

@@ -0,0 +1,214 @@
+// src/plugin.ts
+import { SecurityConfigSchema, defaultLogger, initializeSecurityMiddleware } from "@guardcore/core";
+
+// src/adapters.ts
+var FastifyGuardRequest = class {
+  constructor(req) {
+    this.req = req;
+  }
+  _state = {};
+  get urlPath() {
+    return this.req.url.split("?")[0];
+  }
+  get urlScheme() {
+    return this.req.protocol;
+  }
+  get urlFull() {
+    return `${this.req.protocol}://${this.req.hostname}${this.req.url}`;
+  }
+  urlReplaceScheme(scheme) {
+    return this.urlFull.replace(/^https?/, scheme);
+  }
+  get method() {
+    return this.req.method;
+  }
+  get clientHost() {
+    return this.req.ip ?? null;
+  }
+  get headers() {
+    return this.req.headers;
+  }
+  get queryParams() {
+    return this.req.query ?? {};
+  }
+  async body() {
+    const raw = this.req.body;
+    if (raw instanceof Buffer) return new Uint8Array(raw);
+    if (typeof raw === "string") return new TextEncoder().encode(raw);
+    if (raw !== void 0 && raw !== null) return new TextEncoder().encode(JSON.stringify(raw));
+    return new Uint8Array(0);
+  }
+  get state() {
+    return this._state;
+  }
+  get scope() {
+    return {};
+  }
+};
+var FastifyGuardResponse = class {
+  constructor(statusCode, content) {
+    this.statusCode = statusCode;
+    this._body = new TextEncoder().encode(content);
+    this._headers["content-type"] = "application/json";
+  }
+  _headers = {};
+  _body;
+  get headers() {
+    return this._headers;
+  }
+  setHeader(name, value) {
+    this._headers[name] = value;
+  }
+  get body() {
+    return this._body;
+  }
+  get bodyText() {
+    return this._body ? new TextDecoder().decode(this._body) : null;
+  }
+};
+var FastifyResponseFactory = class {
+  createResponse(content, statusCode) {
+    return new FastifyGuardResponse(statusCode, JSON.stringify({ detail: content }));
+  }
+  createRedirectResponse(url, statusCode) {
+    const resp = new FastifyGuardResponse(statusCode, "");
+    resp.setHeader("location", url);
+    return resp;
+  }
+};
+
+// src/plugin.ts
+async function guardPlugin(fastify, options) {
+  const resolved = SecurityConfigSchema.parse(options.config);
+  const logger = resolved.logger ?? defaultLogger;
+  const responseFactory = new FastifyResponseFactory();
+  const components = await initializeSecurityMiddleware(
+    resolved,
+    logger,
+    responseFactory,
+    options.agentHandler,
+    options.geoIpHandler,
+    options.guardDecorator
+  );
+  logger.info("Guard security plugin initialized");
+  fastify.addHook("onRequest", async (request, reply) => {
+    const guardReq = new FastifyGuardRequest(request);
+    const passthrough = await components.bypassHandler.handlePassthrough(
+      guardReq,
+      async () => createPassthroughResponse()
+    );
+    if (passthrough) {
+      sendFastifyResponse(reply, passthrough);
+      return;
+    }
+    const routeConfig = components.routeResolver.getRouteConfig(guardReq);
+    const bypass = await components.bypassHandler.handleSecurityBypass(
+      guardReq,
+      async () => createPassthroughResponse(),
+      routeConfig
+    );
+    if (bypass) {
+      sendFastifyResponse(reply, bypass);
+      return;
+    }
+    const blockResponse = await components.pipeline.execute(guardReq);
+    if (blockResponse) {
+      sendFastifyResponse(reply, blockResponse);
+      return;
+    }
+    if (routeConfig && routeConfig.behaviorRules.length > 0) {
+      const clientIp = guardReq.clientHost ?? "unknown";
+      await components.behavioralProcessor.processUsageRules(guardReq, clientIp, routeConfig);
+    }
+    request["_guardRequest"] = guardReq;
+    request["_guardRouteConfig"] = routeConfig;
+    request["_guardStartTime"] = performance.now();
+  });
+  fastify.addHook("onSend", async (request, reply, payload) => {
+    const guardReq = request["_guardRequest"];
+    const routeConfig = request["_guardRouteConfig"];
+    const startTime = request["_guardStartTime"];
+    if (!guardReq || startTime === void 0) return payload;
+    const responseTime = (performance.now() - startTime) / 1e3;
+    const bodyText = typeof payload === "string" ? payload : null;
+    const capturedResponse = {
+      statusCode: reply.statusCode,
+      headers: Object.fromEntries(
+        Object.entries(reply.getHeaders()).map(([k, v]) => [k, String(v)])
+      ),
+      setHeader(name, value) {
+        reply.header(name, value);
+      },
+      body: bodyText ? new TextEncoder().encode(bodyText) : null,
+      bodyText
+    };
+    await components.errorResponseFactory.processResponse(
+      guardReq,
+      capturedResponse,
+      responseTime,
+      routeConfig ?? null,
+      routeConfig ? async (req, res, clientIp, rc) => {
+        await components.behavioralProcessor.processReturnRules(req, res, clientIp, rc);
+      } : void 0
+    );
+    return payload;
+  });
+}
+function sendFastifyResponse(reply, response) {
+  for (const [name, value] of Object.entries(response.headers)) {
+    reply.header(name, value);
+  }
+  if (response.headers["location"]) {
+    reply.redirect(response.headers["location"]);
+    return;
+  }
+  reply.status(response.statusCode).send(response.bodyText ?? "");
+}
+function createPassthroughResponse() {
+  return { statusCode: 200, headers: {}, setHeader() {
+  }, body: null, bodyText: null };
+}
+
+// src/cors.ts
+async function configureCors(fastify, config) {
+  if (!config.enableCors) return;
+  try {
+    const fastifyCors = await import("@fastify/cors");
+    await fastify.register(fastifyCors.default ?? fastifyCors, {
+      origin: config.corsAllowOrigins,
+      methods: config.corsAllowMethods,
+      allowedHeaders: config.corsAllowHeaders,
+      credentials: config.corsAllowCredentials,
+      exposedHeaders: config.corsExposeHeaders,
+      maxAge: config.corsMaxAge
+    });
+  } catch {
+    throw new Error(
+      '@guardcore/fastify: CORS is enabled but "@fastify/cors" is not installed. Run: pnpm add @fastify/cors'
+    );
+  }
+}
+
+// src/index.ts
+import {
+  SecurityConfigSchema as SecurityConfigSchema2,
+  BaseSecurityDecorator,
+  SecurityDecorator,
+  RouteConfig,
+  BehaviorRule,
+  defaultLogger as defaultLogger2
+} from "@guardcore/core";
+export {
+  BaseSecurityDecorator,
+  BehaviorRule,
+  FastifyGuardRequest,
+  FastifyGuardResponse,
+  FastifyResponseFactory,
+  RouteConfig,
+  SecurityConfigSchema2 as SecurityConfigSchema,
+  SecurityDecorator,
+  configureCors,
+  defaultLogger2 as defaultLogger,
+  guardPlugin
+};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/plugin.ts","../src/adapters.ts","../src/cors.ts","../src/index.ts"],"sourcesContent":["import type { FastifyInstance, FastifyReply } from 'fastify';\nimport type {\n  SecurityConfig,\n  GuardRequest,\n  GuardResponse,\n  Logger,\n  AgentHandlerProtocol,\n  GeoIPHandler,\n  SecurityMiddlewareComponents,\n  RouteConfig,\n} from '@guardcore/core';\nimport { SecurityConfigSchema, defaultLogger, initializeSecurityMiddleware } from '@guardcore/core';\nimport { FastifyGuardRequest, FastifyResponseFactory } from './adapters.js';\n\nexport interface GuardPluginOptions {\n  config: SecurityConfig;\n  agentHandler?: AgentHandlerProtocol;\n  geoIpHandler?: GeoIPHandler;\n  guardDecorator?: unknown;\n}\n\nexport async function guardPlugin(fastify: FastifyInstance, options: GuardPluginOptions): Promise<void> {\n  const resolved = SecurityConfigSchema.parse(options.config);\n  const logger: Logger = resolved.logger ?? defaultLogger;\n  const responseFactory = new FastifyResponseFactory();\n\n  const components: SecurityMiddlewareComponents = await initializeSecurityMiddleware(\n    resolved, logger, responseFactory,\n    options.agentHandler, options.geoIpHandler, options.guardDecorator,\n  );\n\n  logger.info('Guard security plugin initialized');\n\n  fastify.addHook('onRequest', async (request, reply) => {\n    const guardReq = new FastifyGuardRequest(request);\n\n    const passthrough = await components.bypassHandler.handlePassthrough(\n      guardReq, async () => createPassthroughResponse(),\n    );\n    if (passthrough) {\n      sendFastifyResponse(reply, passthrough);\n      return;\n    }\n\n    const routeConfig = components.routeResolver.getRouteConfig(guardReq);\n\n    const bypass = await components.bypassHandler.handleSecurityBypass(\n      guardReq, async () => createPassthroughResponse(), routeConfig,\n    );\n    if (bypass) {\n      sendFastifyResponse(reply, bypass);\n      return;\n    }\n\n    const blockResponse = await components.pipeline.execute(guardReq);\n    if (blockResponse) {\n      sendFastifyResponse(reply, blockResponse);\n      return;\n    }\n\n    if (routeConfig && routeConfig.behaviorRules.length > 0) {\n      const clientIp = guardReq.clientHost ?? 'unknown';\n      await components.behavioralProcessor.processUsageRules(guardReq, clientIp, routeConfig);\n    }\n\n    (request as unknown as Record<string, unknown>)['_guardRequest'] = guardReq;\n    (request as unknown as Record<string, unknown>)['_guardRouteConfig'] = routeConfig;\n    (request as unknown as Record<string, unknown>)['_guardStartTime'] = performance.now();\n  });\n\n  fastify.addHook('onSend', async (request, reply, payload) => {\n    const guardReq = (request as unknown as Record<string, unknown>)['_guardRequest'] as FastifyGuardRequest | undefined;\n    const routeConfig = (request as unknown as Record<string, unknown>)['_guardRouteConfig'] as RouteConfig | null | undefined;\n    const startTime = (request as unknown as Record<string, unknown>)['_guardStartTime'] as number | undefined;\n\n    if (!guardReq || startTime === undefined) return payload;\n\n    const responseTime = (performance.now() - startTime) / 1000;\n    const bodyText = typeof payload === 'string' ? payload : null;\n    const capturedResponse: GuardResponse = {\n      statusCode: reply.statusCode,\n      headers: Object.fromEntries(\n        Object.entries(reply.getHeaders()).map(([k, v]) => [k, String(v)]),\n      ),\n      setHeader(name: string, value: string) { reply.header(name, value); },\n      body: bodyText ? new TextEncoder().encode(bodyText) : null,\n      bodyText,\n    };\n\n    await components.errorResponseFactory.processResponse(\n      guardReq, capturedResponse, responseTime, routeConfig ?? null,\n      routeConfig ? async (req: GuardRequest, res: GuardResponse, clientIp: string, rc: RouteConfig) => {\n        await components.behavioralProcessor.processReturnRules(req, res, clientIp, rc);\n      } : undefined,\n    );\n\n    return payload;\n  });\n}\n\nfunction sendFastifyResponse(reply: FastifyReply, response: GuardResponse): void {\n  for (const [name, value] of Object.entries(response.headers)) {\n    reply.header(name, value);\n  }\n\n  if (response.headers['location']) {\n    reply.redirect(response.headers['location']);\n    return;\n  }\n\n  reply.status(response.statusCode).send(response.bodyText ?? '');\n}\n\nfunction createPassthroughResponse(): GuardResponse {\n  return { statusCode: 200, headers: {}, setHeader() {}, body: null, bodyText: null };\n}\n","import type { FastifyRequest } from 'fastify';\nimport type { GuardRequest, GuardRequestState, GuardResponse, GuardResponseFactory } from '@guardcore/core';\n\nexport class FastifyGuardRequest implements GuardRequest {\n  private _state: GuardRequestState = {};\n\n  constructor(private readonly req: FastifyRequest) {}\n\n  get urlPath(): string { return this.req.url.split('?')[0]; }\n  get urlScheme(): string { return this.req.protocol; }\n  get urlFull(): string { return `${this.req.protocol}://${this.req.hostname}${this.req.url}`; }\n  urlReplaceScheme(scheme: string): string { return this.urlFull.replace(/^https?/, scheme); }\n  get method(): string { return this.req.method; }\n  get clientHost(): string | null { return this.req.ip ?? null; }\n  get headers(): Readonly<Record<string, string>> { return this.req.headers as Record<string, string>; }\n  get queryParams(): Readonly<Record<string, string>> { return (this.req.query ?? {}) as Record<string, string>; }\n  async body(): Promise<Uint8Array> {\n    const raw = this.req.body;\n    if (raw instanceof Buffer) return new Uint8Array(raw);\n    if (typeof raw === 'string') return new TextEncoder().encode(raw);\n    if (raw !== undefined && raw !== null) return new TextEncoder().encode(JSON.stringify(raw));\n    return new Uint8Array(0);\n  }\n  get state(): GuardRequestState { return this._state; }\n  get scope(): Readonly<Record<string, unknown>> { return {}; }\n}\n\nexport class FastifyGuardResponse implements GuardResponse {\n  private _headers: Record<string, string> = {};\n  private _body: Uint8Array | null;\n\n  constructor(readonly statusCode: number, content: string) {\n    this._body = new TextEncoder().encode(content);\n    this._headers['content-type'] = 'application/json';\n  }\n\n  get headers(): Record<string, string> { return this._headers; }\n  setHeader(name: string, value: string): void { this._headers[name] = value; }\n  get body(): Uint8Array | null { return this._body; }\n  get bodyText(): string | null { return this._body ? new TextDecoder().decode(this._body) : null; }\n}\n\nexport class FastifyResponseFactory implements GuardResponseFactory {\n  createResponse(content: string, statusCode: number): GuardResponse {\n    return new FastifyGuardResponse(statusCode, JSON.stringify({ detail: content }));\n  }\n\n  createRedirectResponse(url: string, statusCode: number): GuardResponse {\n    const resp = new FastifyGuardResponse(statusCode, '');\n    resp.setHeader('location', url);\n    return resp;\n  }\n}\n","import type { FastifyInstance } from 'fastify';\nimport type { ResolvedSecurityConfig } from '@guardcore/core';\n\nexport async function configureCors(fastify: FastifyInstance, config: ResolvedSecurityConfig): Promise<void> {\n  if (!config.enableCors) return;\n\n  try {\n    const fastifyCors = await import('@fastify/cors');\n    await fastify.register(fastifyCors.default ?? fastifyCors, {\n      origin: config.corsAllowOrigins,\n      methods: config.corsAllowMethods,\n      allowedHeaders: config.corsAllowHeaders,\n      credentials: config.corsAllowCredentials,\n      exposedHeaders: config.corsExposeHeaders,\n      maxAge: config.corsMaxAge,\n    });\n  } catch {\n    throw new Error(\n      '@guardcore/fastify: CORS is enabled but \"@fastify/cors\" is not installed. ' +\n      'Run: pnpm add @fastify/cors',\n    );\n  }\n}\n","export { guardPlugin } from './plugin.js';\nexport type { GuardPluginOptions } from './plugin.js';\nexport { configureCors } from './cors.js';\nexport { FastifyGuardRequest, FastifyGuardResponse, FastifyResponseFactory } from './adapters.js';\n\nexport {\n  SecurityConfigSchema,\n  BaseSecurityDecorator,\n  SecurityDecorator,\n  RouteConfig,\n  BehaviorRule,\n  defaultLogger,\n} from '@guardcore/core';\n\nexport type {\n  SecurityConfig,\n  ResolvedSecurityConfig,\n  GuardRequest,\n  GuardResponse,\n  Logger,\n} from '@guardcore/core';\n"],"mappings":";AAWA,SAAS,sBAAsB,eAAe,oCAAoC;;;ACR3E,IAAM,sBAAN,MAAkD;AAAA,EAGvD,YAA6B,KAAqB;AAArB;AAAA,EAAsB;AAAA,EAF3C,SAA4B,CAAC;AAAA,EAIrC,IAAI,UAAkB;AAAE,WAAO,KAAK,IAAI,IAAI,MAAM,GAAG,EAAE,CAAC;AAAA,EAAG;AAAA,EAC3D,IAAI,YAAoB;AAAE,WAAO,KAAK,IAAI;AAAA,EAAU;AAAA,EACpD,IAAI,UAAkB;AAAE,WAAO,GAAG,KAAK,IAAI,QAAQ,MAAM,KAAK,IAAI,QAAQ,GAAG,KAAK,IAAI,GAAG;AAAA,EAAI;AAAA,EAC7F,iBAAiB,QAAwB;AAAE,WAAO,KAAK,QAAQ,QAAQ,WAAW,MAAM;AAAA,EAAG;AAAA,EAC3F,IAAI,SAAiB;AAAE,WAAO,KAAK,IAAI;AAAA,EAAQ;AAAA,EAC/C,IAAI,aAA4B;AAAE,WAAO,KAAK,IAAI,MAAM;AAAA,EAAM;AAAA,EAC9D,IAAI,UAA4C;AAAE,WAAO,KAAK,IAAI;AAAA,EAAmC;AAAA,EACrG,IAAI,cAAgD;AAAE,WAAQ,KAAK,IAAI,SAAS,CAAC;AAAA,EAA8B;AAAA,EAC/G,MAAM,OAA4B;AAChC,UAAM,MAAM,KAAK,IAAI;AACrB,QAAI,eAAe,OAAQ,QAAO,IAAI,WAAW,GAAG;AACpD,QAAI,OAAO,QAAQ,SAAU,QAAO,IAAI,YAAY,EAAE,OAAO,GAAG;AAChE,QAAI,QAAQ,UAAa,QAAQ,KAAM,QAAO,IAAI,YAAY,EAAE,OAAO,KAAK,UAAU,GAAG,CAAC;AAC1F,WAAO,IAAI,WAAW,CAAC;AAAA,EACzB;AAAA,EACA,IAAI,QAA2B;AAAE,WAAO,KAAK;AAAA,EAAQ;AAAA,EACrD,IAAI,QAA2C;AAAE,WAAO,CAAC;AAAA,EAAG;AAC9D;AAEO,IAAM,uBAAN,MAAoD;AAAA,EAIzD,YAAqB,YAAoB,SAAiB;AAArC;AACnB,SAAK,QAAQ,IAAI,YAAY,EAAE,OAAO,OAAO;AAC7C,SAAK,SAAS,cAAc,IAAI;AAAA,EAClC;AAAA,EANQ,WAAmC,CAAC;AAAA,EACpC;AAAA,EAOR,IAAI,UAAkC;AAAE,WAAO,KAAK;AAAA,EAAU;AAAA,EAC9D,UAAU,MAAc,OAAqB;AAAE,SAAK,SAAS,IAAI,IAAI;AAAA,EAAO;AAAA,EAC5E,IAAI,OAA0B;AAAE,WAAO,KAAK;AAAA,EAAO;AAAA,EACnD,IAAI,WAA0B;AAAE,WAAO,KAAK,QAAQ,IAAI,YAAY,EAAE,OAAO,KAAK,KAAK,IAAI;AAAA,EAAM;AACnG;AAEO,IAAM,yBAAN,MAA6D;AAAA,EAClE,eAAe,SAAiB,YAAmC;AACjE,WAAO,IAAI,qBAAqB,YAAY,KAAK,UAAU,EAAE,QAAQ,QAAQ,CAAC,CAAC;AAAA,EACjF;AAAA,EAEA,uBAAuB,KAAa,YAAmC;AACrE,UAAM,OAAO,IAAI,qBAAqB,YAAY,EAAE;AACpD,SAAK,UAAU,YAAY,GAAG;AAC9B,WAAO;AAAA,EACT;AACF;;;AD/BA,eAAsB,YAAY,SAA0B,SAA4C;AACtG,QAAM,WAAW,qBAAqB,MAAM,QAAQ,MAAM;AAC1D,QAAM,SAAiB,SAAS,UAAU;AAC1C,QAAM,kBAAkB,IAAI,uBAAuB;AAEnD,QAAM,aAA2C,MAAM;AAAA,IACrD;AAAA,IAAU;AAAA,IAAQ;AAAA,IAClB,QAAQ;AAAA,IAAc,QAAQ;AAAA,IAAc,QAAQ;AAAA,EACtD;AAEA,SAAO,KAAK,mCAAmC;AAE/C,UAAQ,QAAQ,aAAa,OAAO,SAAS,UAAU;AACrD,UAAM,WAAW,IAAI,oBAAoB,OAAO;AAEhD,UAAM,cAAc,MAAM,WAAW,cAAc;AAAA,MACjD;AAAA,MAAU,YAAY,0BAA0B;AAAA,IAClD;AACA,QAAI,aAAa;AACf,0BAAoB,OAAO,WAAW;AACtC;AAAA,IACF;AAEA,UAAM,cAAc,WAAW,cAAc,eAAe,QAAQ;AAEpE,UAAM,SAAS,MAAM,WAAW,cAAc;AAAA,MAC5C;AAAA,MAAU,YAAY,0BAA0B;AAAA,MAAG;AAAA,IACrD;AACA,QAAI,QAAQ;AACV,0BAAoB,OAAO,MAAM;AACjC;AAAA,IACF;AAEA,UAAM,gBAAgB,MAAM,WAAW,SAAS,QAAQ,QAAQ;AAChE,QAAI,eAAe;AACjB,0BAAoB,OAAO,aAAa;AACxC;AAAA,IACF;AAEA,QAAI,eAAe,YAAY,cAAc,SAAS,GAAG;AACvD,YAAM,WAAW,SAAS,cAAc;AACxC,YAAM,WAAW,oBAAoB,kBAAkB,UAAU,UAAU,WAAW;AAAA,IACxF;AAEA,IAAC,QAA+C,eAAe,IAAI;AACnE,IAAC,QAA+C,mBAAmB,IAAI;AACvE,IAAC,QAA+C,iBAAiB,IAAI,YAAY,IAAI;AAAA,EACvF,CAAC;AAED,UAAQ,QAAQ,UAAU,OAAO,SAAS,OAAO,YAAY;AAC3D,UAAM,WAAY,QAA+C,eAAe;AAChF,UAAM,cAAe,QAA+C,mBAAmB;AACvF,UAAM,YAAa,QAA+C,iBAAiB;AAEnF,QAAI,CAAC,YAAY,cAAc,OAAW,QAAO;AAEjD,UAAM,gBAAgB,YAAY,IAAI,IAAI,aAAa;AACvD,UAAM,WAAW,OAAO,YAAY,WAAW,UAAU;AACzD,UAAM,mBAAkC;AAAA,MACtC,YAAY,MAAM;AAAA,MAClB,SAAS,OAAO;AAAA,QACd,OAAO,QAAQ,MAAM,WAAW,CAAC,EAAE,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;AAAA,MACnE;AAAA,MACA,UAAU,MAAc,OAAe;AAAE,cAAM,OAAO,MAAM,KAAK;AAAA,MAAG;AAAA,MACpE,MAAM,WAAW,IAAI,YAAY,EAAE,OAAO,QAAQ,IAAI;AAAA,MACtD;AAAA,IACF;AAEA,UAAM,WAAW,qBAAqB;AAAA,MACpC;AAAA,MAAU;AAAA,MAAkB;AAAA,MAAc,eAAe;AAAA,MACzD,cAAc,OAAO,KAAmB,KAAoB,UAAkB,OAAoB;AAChG,cAAM,WAAW,oBAAoB,mBAAmB,KAAK,KAAK,UAAU,EAAE;AAAA,MAChF,IAAI;AAAA,IACN;AAEA,WAAO;AAAA,EACT,CAAC;AACH;AAEA,SAAS,oBAAoB,OAAqB,UAA+B;AAC/E,aAAW,CAAC,MAAM,KAAK,KAAK,OAAO,QAAQ,SAAS,OAAO,GAAG;AAC5D,UAAM,OAAO,MAAM,KAAK;AAAA,EAC1B;AAEA,MAAI,SAAS,QAAQ,UAAU,GAAG;AAChC,UAAM,SAAS,SAAS,QAAQ,UAAU,CAAC;AAC3C;AAAA,EACF;AAEA,QAAM,OAAO,SAAS,UAAU,EAAE,KAAK,SAAS,YAAY,EAAE;AAChE;AAEA,SAAS,4BAA2C;AAClD,SAAO,EAAE,YAAY,KAAK,SAAS,CAAC,GAAG,YAAY;AAAA,EAAC,GAAG,MAAM,MAAM,UAAU,KAAK;AACpF;;;AEhHA,eAAsB,cAAc,SAA0B,QAA+C;AAC3G,MAAI,CAAC,OAAO,WAAY;AAExB,MAAI;AACF,UAAM,cAAc,MAAM,OAAO,eAAe;AAChD,UAAM,QAAQ,SAAS,YAAY,WAAW,aAAa;AAAA,MACzD,QAAQ,OAAO;AAAA,MACf,SAAS,OAAO;AAAA,MAChB,gBAAgB,OAAO;AAAA,MACvB,aAAa,OAAO;AAAA,MACpB,gBAAgB,OAAO;AAAA,MACvB,QAAQ,OAAO;AAAA,IACjB,CAAC;AAAA,EACH,QAAQ;AACN,UAAM,IAAI;AAAA,MACR;AAAA,IAEF;AAAA,EACF;AACF;;;ACjBA;AAAA,EACE,wBAAAA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,iBAAAC;AAAA,OACK;","names":["SecurityConfigSchema","defaultLogger"]}

package/package.json

@@ -0,0 +1,55 @@
+{
+  "name": "@guardcore/fastify",
+  "version": "1.0.0",
+  "description": "Fastify adapter for @guardcore/core security middleware",
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsup",
+    "test": "vitest run",
+    "lint": "tsc --noEmit",
+    "clean": "rm -rf dist"
+  },
+  "dependencies": {
+    "@guardcore/core": "workspace:*"
+  },
+  "devDependencies": {
+    "tsup": "^8",
+    "vitest": "^4",
+    "typescript": "~5.9",
+    "fastify": "^5"
+  },
+  "peerDependencies": {
+    "fastify": "^5",
+    "@fastify/cors": "^9"
+  },
+  "peerDependenciesMeta": {
+    "@fastify/cors": {
+      "optional": true
+    }
+  },
+  "license": "MIT",
+  "engines": {
+    "node": ">=18"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/rennf93/guard-core-ts.git",
+    "directory": "packages/fastify"
+  },
+  "publishConfig": {
+    "access": "public"
+  }
+}