@hiliosai/sdk 0.1.0 → 0.1.1

package/src/service/define-integration.ts

@@ -1,10 +1,12 @@
-import type {Context, ServiceSchema} from 'moleculer';
+import crypto from 'crypto';
 
+import {defineService} from './define-service';
 import type {AppContext} from '../types/context';
 import type {IntegrationConfig} from '../types/integration';
 import type {
   NormalizedMessage,
   PlatformMessage,
+  SendResult,
   WebhookEvent,
 } from '../types/message';
 import type {
@@ -12,18 +14,83 @@ import type {
   IntegrationServiceSchema,
 } from '../types/service';
 
+/**
+ * Security helpers for webhook validation
+ */
+const SecurityHelpers = {
+  /**
+   * Secure comparison using Node.js crypto.timingSafeEqual
+   */
+  secureCompare(a: string, b: string): boolean {
+    try {
+      return crypto.timingSafeEqual(
+        Buffer.from(a, 'utf8'),
+        Buffer.from(b, 'utf8')
+      );
+    } catch {
+      return false;
+    }
+  },
+
+  /**
+   * Validate webhook timestamp to prevent replay attacks
+   */
+  validateTimestamp(timestamp: number, maxAgeMs = 5 * 60 * 1000): boolean {
+    return Date.now() - timestamp <= maxAgeMs;
+  },
+
+  /**
+   * Generate correlation ID for request tracking
+   */
+  generateCorrelationId(): string {
+    return crypto.randomUUID();
+  },
+};
+
+/**
+ * Retry mechanism with exponential backoff
+ */
+async function executeWithRetry<T>(
+  operation: () => Promise<T>,
+  maxRetries = 3,
+  baseDelayMs = 1000,
+  context = 'operation'
+): Promise<T> {
+  for (let attempt = 0; attempt <= maxRetries; attempt++) {
+    try {
+      return await operation();
+    } catch (error: unknown) {
+      if (attempt === maxRetries) {
+        const err = error instanceof Error ? error : new Error(String(error));
+        throw new Error(
+          `${context} failed after ${maxRetries} retries: ${err.message}`
+        );
+      }
+
+      const delay = baseDelayMs * Math.pow(2, attempt);
+      const jitter = Math.random() * 1000;
+      await new Promise((resolve) => setTimeout(resolve, delay + jitter));
+    }
+  }
+  throw new Error('Retry logic error');
+}
+
 export function defineIntegration<
   TPlatformMessage extends PlatformMessage = PlatformMessage,
   TSettings = unknown,
-  TContext extends AppContext = AppContext
+  TDatasources = unknown
 >(
-  config: IntegrationServiceConfig<TPlatformMessage, TSettings, TContext>
+  config: IntegrationServiceConfig<
+    TPlatformMessage,
+    TSettings,
+    AppContext<TDatasources>
+  >
 ): IntegrationServiceSchema<TPlatformMessage, TSettings> {
   // Create actions from integration methods
-  const actions: ServiceSchema['actions'] = {
-    'webhook.receive': {
+  const actions = {
+    i_receiveWebhook: {
       rest: {
-        method: 'POST',
+        method: 'POST' as const,
         path: '/webhook',
       },
       params: {
@@ -36,14 +103,25 @@ export function defineIntegration<
         headers: 'object',
         timestamp: 'number',
       },
-      async handler(ctx: Context<WebhookEvent>) {
+      async handler(
+        ctx: AppContext<TDatasources, WebhookEvent>
+      ): Promise<{success: boolean; messages: number}> {
         const webhook = ctx.params;
+        const correlationId = SecurityHelpers.generateCorrelationId();
+
+        // Add correlation ID to context for tracking
+        ctx.meta.correlationId = correlationId;
+
+        // Validate timestamp to prevent replay attacks
+        if (!SecurityHelpers.validateTimestamp(webhook.timestamp)) {
+          throw new Error('Webhook timestamp too old - possible replay attack');
+        }
 
         // Validate webhook if method exists
         if (config.validateWebhook) {
           const isValid = await config.validateWebhook(webhook);
           if (!isValid) {
-            throw new Error('Invalid webhook');
+            throw new Error('Invalid webhook payload format');
           }
         }
 
@@ -51,22 +129,26 @@ export function defineIntegration<
         if (config.validateSignature) {
           const isValidSignature = config.validateSignature(webhook);
           if (!isValidSignature) {
-            throw new Error('Invalid webhook signature');
+            throw new Error('Webhook signature validation failed');
           }
         }
 
         // Normalize the message
-        const normalizedMessages = await config.normalize(webhook);
+        const normalizedMessages: NormalizedMessage[] = await config.normalize(
+          webhook
+        );
 
         // Process each message
         for (const message of normalizedMessages) {
-          // Emit event for further processing
+          // Emit event for further processing with correlation ID
           ctx.emit('integration.message.received', {
+            correlationId,
             tenantId: webhook.tenantId,
             channelId: webhook.channelId,
             integrationId: webhook.integrationId,
             platform: webhook.platform,
             message,
+            timestamp: Date.now(),
           });
         }
 
@@ -74,16 +156,16 @@ export function defineIntegration<
       },
     },
 
-    'message.send': {
+    i_sendMessage: {
       rest: {
-        method: 'POST',
+        method: 'POST' as const,
         path: '/send',
       },
       params: {
         message: 'object',
         config: 'object',
       },
-      async handler(ctx: Context) {
+      async handler(ctx: AppContext<TDatasources>): Promise<unknown> {
         const {message, config: integrationConfig} = ctx.params as {
           message: NormalizedMessage;
           config: IntegrationConfig;
@@ -94,11 +176,12 @@ export function defineIntegration<
           await config.transform(message, integrationConfig);
         }
 
-        // Send the message - cast ctx to expected type
-        const result = await config.sendMessage(
-          ctx as TContext,
-          message,
-          integrationConfig
+        // Send the message with retry mechanism
+        const result: SendResult = await executeWithRetry(
+          () => config.sendMessage(ctx, message, integrationConfig),
+          3,
+          1000,
+          `Send message via ${config.integration.platform}`
         );
 
         // Emit event based on result
@@ -120,31 +203,52 @@ export function defineIntegration<
       },
     },
 
-    'health.check': {
+    i_healthCheck: {
       rest: {
-        method: 'GET',
+        method: 'GET' as const,
         path: '/health',
       },
       params: {
         config: {type: 'object', optional: true},
       },
-      async handler(ctx: Context<{config?: IntegrationConfig}>) {
-        if (config.checkHealth) {
-          const integrationConfig = ctx.params.config;
-          if (integrationConfig) {
-            return await config.checkHealth(ctx as TContext, integrationConfig);
+      async handler(
+        ctx: AppContext<TDatasources, {config?: IntegrationConfig}>
+      ): Promise<unknown> {
+        try {
+          if (config.checkHealth) {
+            const integrationConfig = ctx.params.config;
+            if (integrationConfig) {
+              return await config.checkHealth(ctx, integrationConfig);
+            }
           }
+
+          return {
+            status: 'healthy',
+            message: `${config.integration.name} integration is running`,
+            details: {
+              integration: config.integration.id,
+              version: config.integration.version,
+              timestamp: new Date().toISOString(),
+              capabilities: config.integration.capabilities,
+            },
+          };
+        } catch (error: unknown) {
+          const err = error instanceof Error ? error : new Error(String(error));
+          return {
+            status: 'unhealthy',
+            message: err.message,
+            details: {
+              integration: config.integration.id,
+              timestamp: new Date().toISOString(),
+            },
+          };
         }
-        return {
-          status: 'healthy',
-          message: 'Integration is running',
-        };
       },
     },
 
-    'webhook.verify': {
+    i_verifyWebhook: {
       rest: {
-        method: 'GET',
+        method: 'GET' as const,
         path: '/webhook',
       },
       params: {
@@ -152,21 +256,26 @@ export function defineIntegration<
         token: 'string',
         challenge: 'string',
       },
-      handler(ctx: Context<{mode: string; token: string; challenge: string}>) {
+      handler(
+        ctx: AppContext<
+          TDatasources,
+          {mode: string; token: string; challenge: string}
+        >
+      ): string {
         if (config.verifyWebhook) {
-          const result = config.verifyWebhook(ctx.params);
+          const result: string | null = config.verifyWebhook(ctx.params);
           return result ?? '';
         }
         return ctx.params.challenge;
       },
     },
 
-    'integration.status': {
+    i_status: {
       rest: {
-        method: 'GET',
+        method: 'GET' as const,
         path: '/status',
       },
-      handler() {
+      handler(): object {
         return {
           id: config.integration.id,
           name: config.integration.name,
@@ -178,11 +287,13 @@ export function defineIntegration<
       },
     },
 
-    'credentials.validate': {
+    i_validateCredentials: {
       params: {
         credentials: 'object',
       },
-      async handler(ctx: Context<{credentials: Record<string, string>}>) {
+      async handler(
+        ctx: AppContext<TDatasources, {credentials: Record<string, string>}>
+      ): Promise<boolean> {
         if (config.validateCredentials) {
           return await config.validateCredentials(ctx.params.credentials);
         }
@@ -196,42 +307,47 @@ export function defineIntegration<
     Object.assign(actions, config.actions);
   }
 
-  // Create the service schema
-  const serviceSchema: IntegrationServiceSchema<TPlatformMessage, TSettings> = {
+  // Use defineService to get all the mixins and proper setup
+  const baseService = defineService<TDatasources, TSettings>({
     name: config.name,
     version: config.version,
     settings: config.settings as TSettings,
     dependencies: config.dependencies,
+    datasources: config.datasources,
     metadata: {
       ...config.metadata,
       integration: config.integration,
     },
     actions,
     events: config.events ?? {},
-    methods: config.methods ?? {},
+    methods: {
+      ...(config.methods ?? {}),
+      // Add integration-specific methods to the service methods (filter out undefined)
+      // normalize is required, no need for conditional
+      normalize: config.normalize,
+      ...(config.transform && {transform: config.transform}),
+      ...(config.validateWebhook && {validateWebhook: config.validateWebhook}),
+      // sendMessage is required, no need for conditional
+      sendMessage: config.sendMessage,
+      ...(config.verifyWebhook && {verifyWebhook: config.verifyWebhook}),
+      ...(config.checkHealth && {checkHealth: config.checkHealth}),
+      ...(config.validateCredentials && {
+        validateCredentials: config.validateCredentials,
+      }),
+      ...(config.validateSignature && {
+        validateSignature: config.validateSignature,
+      }),
+    },
     hooks: config.hooks ?? {},
     created: config.created,
     started: config.started,
     stopped: config.stopped,
-
-    // Integration-specific methods
-    integration: config.integration,
-    normalize: config.normalize,
-    transform: config.transform,
-    validateWebhook: config.validateWebhook,
-    sendMessage: config.sendMessage,
-    verifyWebhook: config.verifyWebhook,
-    checkHealth: config.checkHealth,
-    validateCredentials: config.validateCredentials,
-    validateSignature: config.validateSignature,
-  };
-
-  // Remove undefined properties
-  Object.keys(serviceSchema).forEach((key) => {
-    if (serviceSchema[key as keyof typeof serviceSchema] === undefined) {
-      delete serviceSchema[key as keyof typeof serviceSchema];
-    }
   });
 
-  return serviceSchema;
+  // Return the service schema - integration methods are available via service methods
+  return {
+    ...baseService,
+    // Only add the integration metadata
+    integration: config.integration,
+  } as IntegrationServiceSchema<TPlatformMessage, TSettings>;
 }

package/src/service/define-service.ts

@@ -1,13 +1,8 @@
 import omit from 'lodash/omit';
 import type {ServiceSchema as MoleculerServiceSchema} from 'moleculer';
 
-import {
-  ContextHelpersMiddleware,
-  MemoizeMixin,
-  PermissionsMiddleware,
-  createDatasourceMiddleware,
-  createCacheMiddleware,
-} from '../middlewares';
+import {MemoizeMixin} from '../middlewares';
+import {DatasourceMixin} from '../mixins';
 import type {ServiceConfig} from '../types/service';
 
 /**
@@ -18,13 +13,6 @@ import type {ServiceConfig} from '../types/service';
  * export default defineService({
  *   name: 'user',
  *
- *   // Per-service cache configuration
- *   cache: {
- *     redisUrl: 'redis://localhost:6379',
- *     ttl: 10 * 60 * 1000, // 10 minutes
- *     namespace: 'user-service',
- *   },
- *
  *   actions: {
  *     // Action with schema
  *     getUser: {
@@ -32,19 +20,14 @@ import type {ServiceConfig} from '../types/service';
  *         id: 'string'
  *       },
  *       handler(ctx) {
- *         // ctx is typed as AppContext with cache helpers
  *         const { tenantId } = ctx.meta;
- *         
- *         // Use cache helpers
- *         return ctx.cache.wrap(`user:${ctx.params.id}`, async () => {
- *           return { id: ctx.params.id, tenantId };
- *         });
+ *
+ *         return { id: ctx.params.id, tenantId };
  *       }
  *     },
  *
  *     // Direct handler
  *     listUsers(ctx) {
- *       // ctx is typed as AppContext
  *       return [];
  *     }
  *   }
@@ -54,23 +37,20 @@ import type {ServiceConfig} from '../types/service';
 export function defineService<TDatasources = unknown, TSettings = unknown>(
   config: ServiceConfig<TSettings, TDatasources>
 ): MoleculerServiceSchema<TSettings> {
-  const serviceSchema = omit(config, [
-    'datasources',
-    'cache',
-  ]) as unknown as MoleculerServiceSchema<TSettings>;
+  const propsToOmit = ['datasources'];
+  const serviceSchema = omit(
+    config,
+    propsToOmit
+  ) as unknown as MoleculerServiceSchema<TSettings>;
 
   const datasources = config.datasources ?? {};
-  const cacheOptions = config.cache;
 
   // TODO: Add mixins config support
   return {
     ...serviceSchema,
     mixins: [
-      createDatasourceMiddleware(datasources),
-      ...(cacheOptions ? [createCacheMiddleware(cacheOptions)] : []),
+      DatasourceMixin(datasources),
       MemoizeMixin(),
-      PermissionsMiddleware,
-      ContextHelpersMiddleware,
       ...(serviceSchema.mixins ?? []),
     ],
   };

package/src/service/example-user/user.service.ts

@@ -8,11 +8,6 @@ export type GetUserActionInputParams = {
 export default defineService<UserDatasourceTypes>({
   name: 'test',
   datasources,
-  cache: {
-    redisUrl: process.env.USER_SERVICE_REDIS_URL,
-    ttl: 5 * 60 * 1000, // 5 minutes
-    namespace: 'user-service',
-  },
   actions: {
     user: {
       params: {
@@ -20,11 +15,8 @@ export default defineService<UserDatasourceTypes>({
       },
       handler(ctx) {
         const userDs = ctx.datasources.user;
-        
-        // Use cache with wrap pattern
-        return ctx.cache.wrap(`user:${ctx.params.id}`, async () => {
-          return userDs.getUser();
-        });
+
+        return userDs.getUser();
       },
     },
   },

package/src/types/context.ts

@@ -1,7 +1,6 @@
 import type {Context} from 'moleculer';
-import type {User} from './user';
 import type {Tenant} from './tenant';
-import type {CacheHelpers} from '../middlewares/cache.middleware';
+import type {User} from './user';
 
 export interface AppMeta {
   user?: User;
@@ -11,6 +10,7 @@ export interface AppMeta {
   integrationId?: string;
   channelId?: string;
   requestId?: string;
+  correlationId?: string;
   userAgent?: string;
   clientIP?: string;
   [key: string]: unknown;
@@ -25,7 +25,11 @@ export interface PermissionHelpers {
   ensureTenant(): Tenant;
   // New enhanced helpers
   getUserPermissions(): Promise<string[]>;
-  auditLog(action: string, resource?: unknown, metadata?: Record<string, unknown>): void;
+  auditLog(
+    action: string,
+    resource?: unknown,
+    metadata?: Record<string, unknown>
+  ): void;
   createError(message: string, code: string, statusCode?: number): Error;
 }
 
@@ -37,5 +41,4 @@ export type AppContext<
 > = Context<TParams, TMeta, TLocals> &
   PermissionHelpers & {
     datasources: TDatasources;
-    cache: CacheHelpers;
   };

package/src/types/message.ts

@@ -1,3 +1,4 @@
+/* eslint-disable @typescript-eslint/no-explicit-any */
 import type {IntegrationPlatform} from './platform';
 
 export interface MessageParticipant {

package/src/types/service.ts

@@ -8,7 +8,6 @@ import type {
 } from 'moleculer';
 
 import type {DatasourceConstructorRegistry} from '../middlewares/datasource.middleware';
-import type {CacheOptions} from '../middlewares/cache.middleware';
 import type {AppContext} from './context';
 import type {BaseIntegration, IntegrationConfig} from './integration';
 import type {
@@ -125,15 +124,15 @@ export type ServiceConfig<
   TDatasources = unknown
 > = ServiceSchema<TSettings, TDatasources> & {
   datasources?: DatasourceConstructorRegistry;
-  cache?: CacheOptions;
 };
 
 // Integration-specific types
 export interface IntegrationServiceConfig<
   TPlatformMessage extends PlatformMessage = PlatformMessage,
   TSettings = unknown,
-  TContext extends AppContext = AppContext
-> extends Omit<ServiceConfig<TSettings>, 'name'> {
+  TContext extends AppContext = AppContext,
+  TDatasources = unknown
+> extends ServiceConfig<TSettings, TDatasources> {
   name: string;
   integration: BaseIntegration;