@hubspot/app-connect-sdk 1.0.0-alpha.3 → 1.0.0-alpha.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.turbo/turbo-tsdown.log +20 -492
- package/build/tsconfig.browser.tsbuildinfo +1 -1
- package/build/tsconfig.server.tsbuildinfo +1 -1
- package/dist/browser/{create-crdncXsh.js → create-hzqjIhmO.js} +2 -2
- package/dist/browser/create-hzqjIhmO.js.map +1 -0
- package/dist/browser/index.js +1 -1
- package/dist/browser/react/lovable.js +1 -1
- package/dist/server/api-client.d.ts +60625 -197
- package/dist/server/api-client.js +5826 -100
- package/dist/server/api-client.js.map +1 -0
- package/dist/server/{api-client-core/client.js → binary-data-BOalJzKu.js} +58 -3
- package/dist/server/binary-data-BOalJzKu.js.map +1 -0
- package/dist/server/lovable.d.ts +117 -6
- package/dist/server/lovable.js +1458 -3
- package/dist/server/lovable.js.map +1 -0
- package/dist/server/oauth.d.ts +128 -6
- package/dist/server/oauth.js +1 -4
- package/dist/server/sha256-B7y8GBFB.js +228 -0
- package/dist/server/sha256-B7y8GBFB.js.map +1 -0
- package/dist/server/{types.d.ts → types-5gfN91Fq.d.ts} +2 -2
- package/dist/server/{api-client-core/types.d.ts → types-DEOUH4wE.d.ts} +2 -2
- package/package.json +5 -11
- package/src/browser/app-connect-controller/connect-start.ts +2 -1
- package/tsdown.config.ts +1 -1
- package/.turbo/turbo-format$colon$check.log +0 -4
- package/.turbo/turbo-lint.log +0 -2
- package/.turbo/turbo-test.log +0 -78
- package/dist/browser/create-crdncXsh.js.map +0 -1
- package/dist/server/api-client-core/apis/account/account-info-types.generated.d.ts +0 -111
- package/dist/server/api-client-core/apis/account/account-info.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/account/account-info.generated.js +0 -9
- package/dist/server/api-client-core/apis/account/account-info.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/account/audit-logs-types.generated.d.ts +0 -247
- package/dist/server/api-client-core/apis/account/audit-logs.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/account/audit-logs.generated.js +0 -28
- package/dist/server/api-client-core/apis/account/audit-logs.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/auth/oauth-types.generated.d.ts +0 -121
- package/dist/server/api-client-core/apis/auth/oauth.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/auth/oauth.generated.js +0 -19
- package/dist/server/api-client-core/apis/auth/oauth.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/automation/actions-types.generated.d.ts +0 -933
- package/dist/server/api-client-core/apis/automation/actions.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/automation/actions.generated.js +0 -121
- package/dist/server/api-client-core/apis/automation/actions.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/automation/sequences-types.generated.d.ts +0 -422
- package/dist/server/api-client-core/apis/automation/sequences.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/automation/sequences.generated.js +0 -22
- package/dist/server/api-client-core/apis/automation/sequences.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/business-units-types.generated.d.ts +0 -75
- package/dist/server/api-client-core/apis/business-units.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/business-units.generated.js +0 -12
- package/dist/server/api-client-core/apis/business-units.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/cms/authors-types.generated.d.ts +0 -551
- package/dist/server/api-client-core/apis/cms/authors.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/cms/authors.generated.js +0 -163
- package/dist/server/api-client-core/apis/cms/authors.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/cms/blog-settings-types.generated.d.ts +0 -366
- package/dist/server/api-client-core/apis/cms/blog-settings.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/cms/blog-settings.generated.js +0 -43
- package/dist/server/api-client-core/apis/cms/blog-settings.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/cms/cms-content-audit-types.generated.d.ts +0 -157
- package/dist/server/api-client-core/apis/cms/cms-content-audit.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/cms/cms-content-audit.generated.js +0 -18
- package/dist/server/api-client-core/apis/cms/cms-content-audit.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/cms/domains-types.generated.d.ts +0 -193
- package/dist/server/api-client-core/apis/cms/domains.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/cms/domains.generated.js +0 -20
- package/dist/server/api-client-core/apis/cms/domains.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/cms/hubdb-types.generated.d.ts +0 -1097
- package/dist/server/api-client-core/apis/cms/hubdb.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/cms/hubdb.generated.js +0 -192
- package/dist/server/api-client-core/apis/cms/hubdb.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/cms/media-bridge-types.generated.d.ts +0 -1780
- package/dist/server/api-client-core/apis/cms/media-bridge.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/cms/media-bridge.generated.js +0 -185
- package/dist/server/api-client-core/apis/cms/media-bridge.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/cms/pages-types.generated.d.ts +0 -1768
- package/dist/server/api-client-core/apis/cms/pages.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/cms/pages.generated.js +0 -331
- package/dist/server/api-client-core/apis/cms/pages.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/cms/posts-types.generated.d.ts +0 -1090
- package/dist/server/api-client-core/apis/cms/posts.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/cms/posts.generated.js +0 -201
- package/dist/server/api-client-core/apis/cms/posts.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/cms/site-search-types.generated.d.ts +0 -200
- package/dist/server/api-client-core/apis/cms/site-search.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/cms/site-search.generated.js +0 -32
- package/dist/server/api-client-core/apis/cms/site-search.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/cms/source-code-types.generated.d.ts +0 -218
- package/dist/server/api-client-core/apis/cms/source-code.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/cms/source-code.generated.js +0 -52
- package/dist/server/api-client-core/apis/cms/source-code.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/cms/tags-types.generated.d.ts +0 -515
- package/dist/server/api-client-core/apis/cms/tags.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/cms/tags.generated.js +0 -163
- package/dist/server/api-client-core/apis/cms/tags.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/cms/url-mappings-types.generated.d.ts +0 -177
- package/dist/server/api-client-core/apis/cms/url-mappings.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/cms/url-mappings.generated.js +0 -14
- package/dist/server/api-client-core/apis/cms/url-mappings.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/cms/url-redirects-types.generated.d.ts +0 -226
- package/dist/server/api-client-core/apis/cms/url-redirects.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/cms/url-redirects.generated.js +0 -26
- package/dist/server/api-client-core/apis/cms/url-redirects.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/communication-preferences/subscriptions-types.generated.d.ts +0 -802
- package/dist/server/api-client-core/apis/communication-preferences/subscriptions.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/communication-preferences/subscriptions.generated.js +0 -74
- package/dist/server/api-client-core/apis/communication-preferences/subscriptions.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/conversations/custom-channels-types.generated.d.ts +0 -551
- package/dist/server/api-client-core/apis/conversations/custom-channels.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/conversations/custom-channels.generated.js +0 -80
- package/dist/server/api-client-core/apis/conversations/custom-channels.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/conversations/visitor-identification-types.generated.d.ts +0 -60
- package/dist/server/api-client-core/apis/conversations/visitor-identification.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/conversations/visitor-identification.generated.js +0 -6
- package/dist/server/api-client-core/apis/conversations/visitor-identification.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/conversations-types.generated.d.ts +0 -908
- package/dist/server/api-client-core/apis/conversations.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/conversations.generated.js +0 -108
- package/dist/server/api-client-core/apis/conversations.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/app-uninstalls-types.generated.d.ts +0 -37
- package/dist/server/api-client-core/apis/crm/app-uninstalls.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/app-uninstalls.generated.js +0 -6
- package/dist/server/api-client-core/apis/crm/app-uninstalls.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/appointments-types.generated.d.ts +0 -989
- package/dist/server/api-client-core/apis/crm/appointments.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/appointments.generated.js +0 -118
- package/dist/server/api-client-core/apis/crm/appointments.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/associations-schema-types.generated.d.ts +0 -329
- package/dist/server/api-client-core/apis/crm/associations-schema.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/associations-schema.generated.js +0 -60
- package/dist/server/api-client-core/apis/crm/associations-schema.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/associations-types.generated.d.ts +0 -661
- package/dist/server/api-client-core/apis/crm/associations.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/associations.generated.js +0 -83
- package/dist/server/api-client-core/apis/crm/associations.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/calling-extensions-types.generated.d.ts +0 -466
- package/dist/server/api-client-core/apis/crm/calling-extensions.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/calling-extensions.generated.js +0 -42
- package/dist/server/api-client-core/apis/crm/calling-extensions.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/calls-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/calls.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/calls.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/calls.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/carts-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/carts.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/carts.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/carts.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/commerce-payments-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/commerce-payments.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/commerce-payments.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/commerce-payments.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/commerce-subscriptions-types.generated.d.ts +0 -847
- package/dist/server/api-client-core/apis/crm/commerce-subscriptions.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/commerce-subscriptions.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/commerce-subscriptions.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/communications-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/communications.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/communications.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/communications.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/companies-types.generated.d.ts +0 -884
- package/dist/server/api-client-core/apis/crm/companies.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/companies.generated.js +0 -67
- package/dist/server/api-client-core/apis/crm/companies.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/contacts-types.generated.d.ts +0 -899
- package/dist/server/api-client-core/apis/crm/contacts.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/contacts.generated.js +0 -70
- package/dist/server/api-client-core/apis/crm/contacts.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/contracts-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/contracts.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/contracts.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/contracts.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/courses-types.generated.d.ts +0 -853
- package/dist/server/api-client-core/apis/crm/courses.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/courses.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/courses.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/crm-owners-types.generated.d.ts +0 -140
- package/dist/server/api-client-core/apis/crm/crm-owners.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/crm-owners.generated.js +0 -20
- package/dist/server/api-client-core/apis/crm/crm-owners.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/custom-objects-types.generated.d.ts +0 -934
- package/dist/server/api-client-core/apis/crm/custom-objects.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/custom-objects.generated.js +0 -101
- package/dist/server/api-client-core/apis/crm/custom-objects.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/deal-splits-types.generated.d.ts +0 -196
- package/dist/server/api-client-core/apis/crm/deal-splits.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/deal-splits.generated.js +0 -9
- package/dist/server/api-client-core/apis/crm/deal-splits.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/deals-types.generated.d.ts +0 -872
- package/dist/server/api-client-core/apis/crm/deals.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/deals.generated.js +0 -67
- package/dist/server/api-client-core/apis/crm/deals.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/discounts-types.generated.d.ts +0 -846
- package/dist/server/api-client-core/apis/crm/discounts.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/discounts.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/discounts.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/emails-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/emails.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/emails.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/emails.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/exports-types.generated.d.ts +0 -281
- package/dist/server/api-client-core/apis/crm/exports.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/exports.generated.js +0 -12
- package/dist/server/api-client-core/apis/crm/exports.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/feedback-submissions-types.generated.d.ts +0 -616
- package/dist/server/api-client-core/apis/crm/feedback-submissions.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/feedback-submissions.generated.js +0 -55
- package/dist/server/api-client-core/apis/crm/feedback-submissions.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/fees-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/fees.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/fees.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/fees.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/goal-targets-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/goal-targets.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/goal-targets.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/goal-targets.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/imports-types.generated.d.ts +0 -371
- package/dist/server/api-client-core/apis/crm/imports.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/imports.generated.js +0 -30
- package/dist/server/api-client-core/apis/crm/imports.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/invoices-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/invoices.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/invoices.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/invoices.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/leads-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/leads.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/leads.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/leads.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/limits-tracking-types.generated.d.ts +0 -331
- package/dist/server/api-client-core/apis/crm/limits-tracking.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/limits-tracking.generated.js +0 -22
- package/dist/server/api-client-core/apis/crm/limits-tracking.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/line-items-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/line-items.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/line-items.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/line-items.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/listings-types.generated.d.ts +0 -853
- package/dist/server/api-client-core/apis/crm/listings.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/listings.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/listings.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/lists-types.generated.d.ts +0 -2265
- package/dist/server/api-client-core/apis/crm/lists.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/lists.generated.js +0 -105
- package/dist/server/api-client-core/apis/crm/lists.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/meetings-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/meetings.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/meetings.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/meetings.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/notes-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/notes.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/notes.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/notes.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/object-library-types.generated.d.ts +0 -60
- package/dist/server/api-client-core/apis/crm/object-library.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/object-library.generated.js +0 -9
- package/dist/server/api-client-core/apis/crm/object-library.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/objects-types.generated.d.ts +0 -712
- package/dist/server/api-client-core/apis/crm/objects.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/objects.generated.js +0 -76
- package/dist/server/api-client-core/apis/crm/objects.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/orders-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/orders.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/orders.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/orders.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/partner-clients-types.generated.d.ts +0 -725
- package/dist/server/api-client-core/apis/crm/partner-clients.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/partner-clients.generated.js +0 -71
- package/dist/server/api-client-core/apis/crm/partner-clients.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/partner-services-types.generated.d.ts +0 -725
- package/dist/server/api-client-core/apis/crm/partner-services.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/partner-services.generated.js +0 -71
- package/dist/server/api-client-core/apis/crm/partner-services.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/pipelines-types.generated.d.ts +0 -430
- package/dist/server/api-client-core/apis/crm/pipelines.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/pipelines.generated.js +0 -94
- package/dist/server/api-client-core/apis/crm/pipelines.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/postal-mail-types.generated.d.ts +0 -844
- package/dist/server/api-client-core/apis/crm/postal-mail.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/postal-mail.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/postal-mail.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/products-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/products.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/products.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/products.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/projects-types.generated.d.ts +0 -881
- package/dist/server/api-client-core/apis/crm/projects.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/projects.generated.js +0 -67
- package/dist/server/api-client-core/apis/crm/projects.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/properties-types.generated.d.ts +0 -603
- package/dist/server/api-client-core/apis/crm/properties.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/properties.generated.js +0 -86
- package/dist/server/api-client-core/apis/crm/properties.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/property-validations-types.generated.d.ts +0 -121
- package/dist/server/api-client-core/apis/crm/property-validations.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/property-validations.generated.js +0 -25
- package/dist/server/api-client-core/apis/crm/property-validations.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/public-app-crm-cards-types.generated.d.ts +0 -486
- package/dist/server/api-client-core/apis/crm/public-app-crm-cards.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/public-app-crm-cards.generated.js +0 -34
- package/dist/server/api-client-core/apis/crm/public-app-crm-cards.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/public-app-feature-flags-types.generated.d.ts +0 -247
- package/dist/server/api-client-core/apis/crm/public-app-feature-flags.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/public-app-feature-flags.generated.js +0 -69
- package/dist/server/api-client-core/apis/crm/public-app-feature-flags.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/quotes-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/quotes.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/quotes.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/quotes.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/schemas-types.generated.d.ts +0 -669
- package/dist/server/api-client-core/apis/crm/schemas.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/schemas.generated.js +0 -41
- package/dist/server/api-client-core/apis/crm/schemas.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/services-types.generated.d.ts +0 -853
- package/dist/server/api-client-core/apis/crm/services.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/services.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/services.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/tasks-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/tasks.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/tasks.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/tasks.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/taxes-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/taxes.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/taxes.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/taxes.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/tickets-types.generated.d.ts +0 -884
- package/dist/server/api-client-core/apis/crm/tickets.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/tickets.generated.js +0 -67
- package/dist/server/api-client-core/apis/crm/tickets.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/timeline-types.generated.d.ts +0 -187
- package/dist/server/api-client-core/apis/crm/timeline.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/timeline.generated.js +0 -12
- package/dist/server/api-client-core/apis/crm/timeline.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/transcriptions-types.generated.d.ts +0 -152
- package/dist/server/api-client-core/apis/crm/transcriptions.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/transcriptions.generated.js +0 -15
- package/dist/server/api-client-core/apis/crm/transcriptions.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/users-types.generated.d.ts +0 -850
- package/dist/server/api-client-core/apis/crm/users.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/users.generated.js +0 -66
- package/dist/server/api-client-core/apis/crm/users.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/crm/video-conferencing-extension-types.generated.d.ts +0 -72
- package/dist/server/api-client-core/apis/crm/video-conferencing-extension.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/crm/video-conferencing-extension.generated.js +0 -13
- package/dist/server/api-client-core/apis/crm/video-conferencing-extension.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/events/manage-event-definitions-types.generated.d.ts +0 -1005
- package/dist/server/api-client-core/apis/events/manage-event-definitions.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/events/manage-event-definitions.generated.js +0 -39
- package/dist/server/api-client-core/apis/events/manage-event-definitions.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/events/send-event-completions-types.generated.d.ts +0 -94
- package/dist/server/api-client-core/apis/events/send-event-completions.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/events/send-event-completions.generated.js +0 -9
- package/dist/server/api-client-core/apis/events/send-event-completions.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/events-types.generated.d.ts +0 -137
- package/dist/server/api-client-core/apis/events.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/events.generated.js +0 -23
- package/dist/server/api-client-core/apis/events.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/files-types.generated.d.ts +0 -791
- package/dist/server/api-client-core/apis/files.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/files.generated.js +0 -119
- package/dist/server/api-client-core/apis/files.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/marketing/campaigns-public-api-types.generated.d.ts +0 -989
- package/dist/server/api-client-core/apis/marketing/campaigns-public-api.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/marketing/campaigns-public-api.generated.js +0 -139
- package/dist/server/api-client-core/apis/marketing/campaigns-public-api.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/marketing/marketing-emails-types.generated.d.ts +0 -883
- package/dist/server/api-client-core/apis/marketing/marketing-emails.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/marketing/marketing-emails.generated.js +0 -108
- package/dist/server/api-client-core/apis/marketing/marketing-emails.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/marketing/marketing-events-types.generated.d.ts +0 -1788
- package/dist/server/api-client-core/apis/marketing/marketing-events.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/marketing/marketing-events.generated.js +0 -176
- package/dist/server/api-client-core/apis/marketing/marketing-events.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/marketing/single-send-types.generated.d.ts +0 -123
- package/dist/server/api-client-core/apis/marketing/single-send.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/marketing/single-send.generated.js +0 -6
- package/dist/server/api-client-core/apis/marketing/single-send.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/marketing/transactional-single-send-types.generated.d.ts +0 -257
- package/dist/server/api-client-core/apis/marketing/transactional-single-send.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/marketing/transactional-single-send.generated.js +0 -20
- package/dist/server/api-client-core/apis/marketing/transactional-single-send.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/meta/origins-types.generated.d.ts +0 -77
- package/dist/server/api-client-core/apis/meta/origins.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/meta/origins.generated.js +0 -15
- package/dist/server/api-client-core/apis/meta/origins.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/scheduler/meetings-types.generated.d.ts +0 -913
- package/dist/server/api-client-core/apis/scheduler/meetings.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/scheduler/meetings.generated.js +0 -34
- package/dist/server/api-client-core/apis/scheduler/meetings.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/settings/multicurrency-types.generated.d.ts +0 -404
- package/dist/server/api-client-core/apis/settings/multicurrency.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/settings/multicurrency.generated.js +0 -38
- package/dist/server/api-client-core/apis/settings/multicurrency.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/settings/tax-rates-types.generated.d.ts +0 -111
- package/dist/server/api-client-core/apis/settings/tax-rates.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/settings/tax-rates.generated.js +0 -13
- package/dist/server/api-client-core/apis/settings/tax-rates.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/settings/user-provisioning-types.generated.d.ts +0 -297
- package/dist/server/api-client-core/apis/settings/user-provisioning.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/settings/user-provisioning.generated.js +0 -31
- package/dist/server/api-client-core/apis/settings/user-provisioning.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/webhooks-journal-types.generated.d.ts +0 -643
- package/dist/server/api-client-core/apis/webhooks-journal.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/webhooks-journal.generated.js +0 -75
- package/dist/server/api-client-core/apis/webhooks-journal.generated.js.map +0 -1
- package/dist/server/api-client-core/apis/webhooks-types.generated.d.ts +0 -1016
- package/dist/server/api-client-core/apis/webhooks.generated.d.ts +0 -7
- package/dist/server/api-client-core/apis/webhooks.generated.js +0 -105
- package/dist/server/api-client-core/apis/webhooks.generated.js.map +0 -1
- package/dist/server/api-client-core/binary-data.d.ts +0 -33
- package/dist/server/api-client-core/binary-data.js +0 -29
- package/dist/server/api-client-core/binary-data.js.map +0 -1
- package/dist/server/api-client-core/client.d.ts +0 -14
- package/dist/server/api-client-core/client.js.map +0 -1
- package/dist/server/api-client-core/codegen-helpers/file-op-wrappers.js +0 -25
- package/dist/server/api-client-core/codegen-helpers/file-op-wrappers.js.map +0 -1
- package/dist/server/api-client-core/errors.d.ts +0 -27
- package/dist/server/api-client-core/errors.js +0 -33
- package/dist/server/api-client-core/errors.js.map +0 -1
- package/dist/server/api-client-core/op.d.ts +0 -37
- package/dist/server/api-client-core/op.js +0 -44
- package/dist/server/api-client-core/op.js.map +0 -1
- package/dist/server/api-client-core/pagination.d.ts +0 -60
- package/dist/server/api-client-core/pagination.js +0 -103
- package/dist/server/api-client-core/pagination.js.map +0 -1
- package/dist/server/api-client-core/plugins/fetch-transport.js +0 -76
- package/dist/server/api-client-core/plugins/fetch-transport.js.map +0 -1
- package/dist/server/constants.js +0 -73
- package/dist/server/constants.js.map +0 -1
- package/dist/server/deno/start.d.ts +0 -12
- package/dist/server/deno/start.js +0 -21
- package/dist/server/deno/start.js.map +0 -1
- package/dist/server/hono/hono-request-handler.js +0 -59
- package/dist/server/hono/hono-request-handler.js.map +0 -1
- package/dist/server/hono/hubspot-connect-routes/auth-complete.js +0 -154
- package/dist/server/hono/hubspot-connect-routes/auth-complete.js.map +0 -1
- package/dist/server/hono/hubspot-connect-routes/auth-init-session.js +0 -101
- package/dist/server/hono/hubspot-connect-routes/auth-init-session.js.map +0 -1
- package/dist/server/hono/hubspot-connect-routes/auth-logout.js +0 -114
- package/dist/server/hono/hubspot-connect-routes/auth-logout.js.map +0 -1
- package/dist/server/hono/hubspot-connect-routes/auth-refresh.js +0 -107
- package/dist/server/hono/hubspot-connect-routes/auth-refresh.js.map +0 -1
- package/dist/server/hono/hubspot-connect-routes/cimd-client-metadata-types.d.ts +0 -16
- package/dist/server/hono/hubspot-connect-routes/cimd-client-metadata-types.js +0 -13
- package/dist/server/hono/hubspot-connect-routes/cimd-client-metadata-types.js.map +0 -1
- package/dist/server/hono/hubspot-connect-routes/cimd-public-routes.js +0 -42
- package/dist/server/hono/hubspot-connect-routes/cimd-public-routes.js.map +0 -1
- package/dist/server/hono/hubspot-connect-routes/constants.js +0 -8
- package/dist/server/hono/hubspot-connect-routes/constants.js.map +0 -1
- package/dist/server/hono/hubspot-connect-routes/fetch-hubspot-client-metadata.js +0 -43
- package/dist/server/hono/hubspot-connect-routes/fetch-hubspot-client-metadata.js.map +0 -1
- package/dist/server/hono/hubspot-connect-routes/hubspot-connect-routes.js +0 -37
- package/dist/server/hono/hubspot-connect-routes/hubspot-connect-routes.js.map +0 -1
- package/dist/server/hono/hubspot-connect-routes/load-hubspot-connect-routes-env.js +0 -34
- package/dist/server/hono/hubspot-connect-routes/load-hubspot-connect-routes-env.js.map +0 -1
- package/dist/server/hono/hubspot-connect-routes/oauth-client.js +0 -104
- package/dist/server/hono/hubspot-connect-routes/oauth-client.js.map +0 -1
- package/dist/server/hono/hubspot-connect-routes/utils.js +0 -120
- package/dist/server/hono/hubspot-connect-routes/utils.js.map +0 -1
- package/dist/server/hono/index.js +0 -4
- package/dist/server/hono/types.d.ts +0 -32
- package/dist/server/hono/utils/cookie-utils.js +0 -30
- package/dist/server/hono/utils/cookie-utils.js.map +0 -1
- package/dist/server/hono/utils/cors-middleware.js +0 -85
- package/dist/server/hono/utils/cors-middleware.js.map +0 -1
- package/dist/server/import-app-keys.js +0 -42
- package/dist/server/import-app-keys.js.map +0 -1
- package/dist/server/lovable/create-app-function-start.d.ts +0 -26
- package/dist/server/lovable/create-app-function-start.js +0 -28
- package/dist/server/lovable/create-app-function-start.js.map +0 -1
- package/dist/server/lovable/hubspot-connect/index.d.ts +0 -15
- package/dist/server/lovable/hubspot-connect/index.js +0 -20
- package/dist/server/lovable/hubspot-connect/index.js.map +0 -1
- package/dist/server/lovable/hubspot-connect/run-hubspot-connect-lovable-server.js +0 -29
- package/dist/server/lovable/hubspot-connect/run-hubspot-connect-lovable-server.js.map +0 -1
- package/dist/server/proxy.js +0 -68
- package/dist/server/proxy.js.map +0 -1
- package/dist/server/sanitize-request.js +0 -55
- package/dist/server/sanitize-request.js.map +0 -1
- package/dist/server/secure-start-core.d.ts +0 -23
- package/dist/server/secure-start-core.js +0 -28
- package/dist/server/secure-start-core.js.map +0 -1
- package/dist/server/shared/constants.js +0 -30
- package/dist/server/shared/constants.js.map +0 -1
- package/dist/server/shared/encoding/base64.js +0 -45
- package/dist/server/shared/encoding/base64.js.map +0 -1
- package/dist/server/shared/encoding/sha256.d.ts +0 -10
- package/dist/server/shared/encoding/sha256.js +0 -15
- package/dist/server/shared/encoding/sha256.js.map +0 -1
- package/dist/server/shared/logger.d.ts +0 -15
- package/dist/server/shared/logger.js +0 -16
- package/dist/server/shared/logger.js.map +0 -1
- package/dist/server/utils/cookie-utils.js +0 -21
- package/dist/server/utils/cookie-utils.js.map +0 -1
- package/dist/server/utils/dpop-utils.d.ts +0 -67
- package/dist/server/utils/dpop-utils.js +0 -75
- package/dist/server/utils/dpop-utils.js.map +0 -1
- package/dist/server/utils/env-utils.js +0 -54
- package/dist/server/utils/env-utils.js.map +0 -1
- package/dist/server/utils/jwk-utils.d.ts +0 -16
- package/dist/server/utils/jwk-utils.js +0 -24
- package/dist/server/utils/jwk-utils.js.map +0 -1
- package/dist/server/utils/jwt-utils.d.ts +0 -39
- package/dist/server/utils/jwt-utils.js +0 -87
- package/dist/server/utils/jwt-utils.js.map +0 -1
|
@@ -1,120 +0,0 @@
|
|
|
1
|
-
import { HUBSPOT_FRONTEND_CALLBACK_PATH } from "../../shared/constants.js";
|
|
2
|
-
import { serializeCookie } from "../utils/cookie-utils.js";
|
|
3
|
-
//#region src/server/hono/hubspot-connect-routes/utils.ts
|
|
4
|
-
function clearTempCookie(name) {
|
|
5
|
-
return serializeCookie({
|
|
6
|
-
name,
|
|
7
|
-
value: "",
|
|
8
|
-
path: "/",
|
|
9
|
-
sameSite: "None",
|
|
10
|
-
maxAge: 0,
|
|
11
|
-
partitioned: true
|
|
12
|
-
});
|
|
13
|
-
}
|
|
14
|
-
/**
|
|
15
|
-
* Parses the request `Origin` header into the canonical origin
|
|
16
|
-
* string (`URL.origin`) or returns `null` when the header is
|
|
17
|
-
* missing, malformed, or carries a scheme/host the SDK does not
|
|
18
|
-
* accept.
|
|
19
|
-
*
|
|
20
|
-
* Accepted shapes:
|
|
21
|
-
*
|
|
22
|
-
* - `https://<host>` for production deployments.
|
|
23
|
-
* - `http://localhost[:<port>]` and `http://127.0.0.1[:<port>]`
|
|
24
|
-
* for local development; browsers exempt these from the `Secure`
|
|
25
|
-
* cookie restriction.
|
|
26
|
-
*
|
|
27
|
-
* Rejects values with a path/query/hash component (the request
|
|
28
|
-
* `Origin` header is by spec a bare origin, so anything else
|
|
29
|
-
* indicates a malformed or hostile request).
|
|
30
|
-
*/
|
|
31
|
-
function parseAppOriginHeader(originHeader) {
|
|
32
|
-
if (!originHeader) return null;
|
|
33
|
-
let parsed;
|
|
34
|
-
try {
|
|
35
|
-
parsed = new URL(originHeader);
|
|
36
|
-
} catch {
|
|
37
|
-
return null;
|
|
38
|
-
}
|
|
39
|
-
if (parsed.pathname !== "/" && parsed.pathname !== "") return null;
|
|
40
|
-
if (parsed.search !== "" || parsed.hash !== "") return null;
|
|
41
|
-
if (parsed.protocol === "https:") return parsed.origin;
|
|
42
|
-
if (parsed.protocol === "http:" && (parsed.hostname === "localhost" || parsed.hostname === "127.0.0.1")) return parsed.origin;
|
|
43
|
-
return null;
|
|
44
|
-
}
|
|
45
|
-
/**
|
|
46
|
-
* OAuth `redirect_uri` for the cross-origin app shape: the OAuth
|
|
47
|
-
* callback lands on the **frontend** origin (not the SDK's edge
|
|
48
|
-
* function host), so all cookies set by `init-session` and read by
|
|
49
|
-
* `auth/complete` live in the same `(frontend, edge)` CHIPS
|
|
50
|
-
* partition.
|
|
51
|
-
*
|
|
52
|
-
* Used by `auth/init-session` (when building `authorization_url`)
|
|
53
|
-
* and `auth/complete` (which must rebuild the same value to satisfy
|
|
54
|
-
* the OAuth token endpoint's `redirect_uri` check).
|
|
55
|
-
*/
|
|
56
|
-
function buildFrontendOAuthRedirectUri(appOrigin) {
|
|
57
|
-
return `${appOrigin}${HUBSPOT_FRONTEND_CALLBACK_PATH}`;
|
|
58
|
-
}
|
|
59
|
-
function isSafeReturnPath(rawPath) {
|
|
60
|
-
if (!rawPath.startsWith("/")) return false;
|
|
61
|
-
if (rawPath.includes("\0")) return false;
|
|
62
|
-
let decoded;
|
|
63
|
-
try {
|
|
64
|
-
decoded = decodeURIComponent(rawPath);
|
|
65
|
-
} catch {
|
|
66
|
-
return false;
|
|
67
|
-
}
|
|
68
|
-
if (!decoded.startsWith("/")) return false;
|
|
69
|
-
const second = decoded.charAt(1);
|
|
70
|
-
if (second === "/" || second === "\\") return false;
|
|
71
|
-
return true;
|
|
72
|
-
}
|
|
73
|
-
function normalizeHubSpotConnectBasePath(basePath) {
|
|
74
|
-
return basePath.endsWith("/") && basePath.length > 1 ? basePath.slice(0, -1) : basePath;
|
|
75
|
-
}
|
|
76
|
-
/**
|
|
77
|
-
* Public origin for hubspot-connect URLs (`redirect_uri`, CIMD `client_id`,
|
|
78
|
-
* `jwks_uri`). Matches the host/proto rules used for the OAuth callback.
|
|
79
|
-
*/
|
|
80
|
-
function buildHubSpotConnectRequestOrigin(options) {
|
|
81
|
-
const { requestUrl, xForwardedProto, xForwardedHost, requestHostHeader } = options;
|
|
82
|
-
const proto = xForwardedProto?.split(",")[0]?.trim();
|
|
83
|
-
if (proto && (proto === "http" || proto === "https")) {
|
|
84
|
-
const forwardedHost = xForwardedHost?.split(",")[0]?.trim();
|
|
85
|
-
const hostHeader = requestHostHeader?.split(",")[0]?.trim();
|
|
86
|
-
return `${proto}://${forwardedHost || hostHeader || new URL(requestUrl).host}`;
|
|
87
|
-
}
|
|
88
|
-
return new URL(requestUrl).origin;
|
|
89
|
-
}
|
|
90
|
-
/**
|
|
91
|
-
* OAuth `redirect_uri` for the hubspot-connect callback. Uses
|
|
92
|
-
* `X-Forwarded-Proto` with `X-Forwarded-Host`, then `Host`, then the request URL
|
|
93
|
-
* host when the proto is forwarded (reverse proxy); otherwise the request URL
|
|
94
|
-
* origin.
|
|
95
|
-
*/
|
|
96
|
-
function buildOAuthRedirectUriFromRequest(options) {
|
|
97
|
-
const trimmed = normalizeHubSpotConnectBasePath(options.basePath);
|
|
98
|
-
return `${buildHubSpotConnectRequestOrigin(options)}${trimmed}/auth/callback`;
|
|
99
|
-
}
|
|
100
|
-
/**
|
|
101
|
-
* CIMD `client_id` URL: `{origin}{basePath}/client.json`.
|
|
102
|
-
*/
|
|
103
|
-
function buildCimdClientIdUrlFromRequest(options) {
|
|
104
|
-
const trimmed = normalizeHubSpotConnectBasePath(options.basePath);
|
|
105
|
-
return `${buildHubSpotConnectRequestOrigin(options)}${trimmed}/client.json`;
|
|
106
|
-
}
|
|
107
|
-
/**
|
|
108
|
-
* App JWKS URL published in CIMD: `{origin}{basePath}/jwks.json`.
|
|
109
|
-
*/
|
|
110
|
-
function buildHubSpotAppJwksUrlFromRequest(options) {
|
|
111
|
-
const trimmed = normalizeHubSpotConnectBasePath(options.basePath);
|
|
112
|
-
return `${buildHubSpotConnectRequestOrigin(options)}${trimmed}/jwks.json`;
|
|
113
|
-
}
|
|
114
|
-
function isPositiveFiniteNumber(value) {
|
|
115
|
-
return typeof value === "number" && Number.isFinite(value) && value > 0;
|
|
116
|
-
}
|
|
117
|
-
//#endregion
|
|
118
|
-
export { buildCimdClientIdUrlFromRequest, buildFrontendOAuthRedirectUri, buildHubSpotAppJwksUrlFromRequest, buildOAuthRedirectUriFromRequest, clearTempCookie, isPositiveFiniteNumber, isSafeReturnPath, parseAppOriginHeader };
|
|
119
|
-
|
|
120
|
-
//# sourceMappingURL=utils.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"utils.js","names":[],"sources":["../../../../src/server/hono/hubspot-connect-routes/utils.ts"],"sourcesContent":["import { HUBSPOT_FRONTEND_CALLBACK_PATH } from '../../../shared/constants.ts';\nimport { serializeCookie } from '../utils/cookie-utils.ts';\n\nexport function clearTempCookie(name: string): string {\n return serializeCookie({\n name,\n value: '',\n path: '/',\n sameSite: 'None',\n maxAge: 0,\n partitioned: true,\n });\n}\n\n/**\n * Parses the request `Origin` header into the canonical origin\n * string (`URL.origin`) or returns `null` when the header is\n * missing, malformed, or carries a scheme/host the SDK does not\n * accept.\n *\n * Accepted shapes:\n *\n * - `https://<host>` for production deployments.\n * - `http://localhost[:<port>]` and `http://127.0.0.1[:<port>]`\n * for local development; browsers exempt these from the `Secure`\n * cookie restriction.\n *\n * Rejects values with a path/query/hash component (the request\n * `Origin` header is by spec a bare origin, so anything else\n * indicates a malformed or hostile request).\n */\nexport function parseAppOriginHeader(\n originHeader: string | undefined\n): string | null {\n if (!originHeader) return null;\n let parsed: URL;\n try {\n parsed = new URL(originHeader);\n } catch {\n return null;\n }\n if (parsed.pathname !== '/' && parsed.pathname !== '') return null;\n if (parsed.search !== '' || parsed.hash !== '') return null;\n if (parsed.protocol === 'https:') return parsed.origin;\n if (\n parsed.protocol === 'http:' &&\n (parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1')\n ) {\n return parsed.origin;\n }\n return null;\n}\n\n/**\n * OAuth `redirect_uri` for the cross-origin app shape: the OAuth\n * callback lands on the **frontend** origin (not the SDK's edge\n * function host), so all cookies set by `init-session` and read by\n * `auth/complete` live in the same `(frontend, edge)` CHIPS\n * partition.\n *\n * Used by `auth/init-session` (when building `authorization_url`)\n * and `auth/complete` (which must rebuild the same value to satisfy\n * the OAuth token endpoint's `redirect_uri` check).\n */\nexport function buildFrontendOAuthRedirectUri(appOrigin: string): string {\n return `${appOrigin}${HUBSPOT_FRONTEND_CALLBACK_PATH}`;\n}\n\nexport function isSafeReturnPath(rawPath: string): boolean {\n if (!rawPath.startsWith('/')) return false;\n if (rawPath.includes('\\0')) return false;\n let decoded: string;\n try {\n decoded = decodeURIComponent(rawPath);\n } catch {\n return false;\n }\n if (!decoded.startsWith('/')) return false;\n const second = decoded.charAt(1);\n if (second === '/' || second === '\\\\') return false;\n return true;\n}\n\nexport function getRequestHost(requestUrl: string): string {\n return new URL(requestUrl).host;\n}\n\nexport interface GetRequestHostForHubspotConnectOptions {\n requestUrl: string;\n xForwardedHost?: string | undefined;\n /** `Host` when `X-Forwarded-Host` is absent (some proxies only set `X-Forwarded-Proto`). */\n requestHostHeader?: string | undefined;\n}\n\n/**\n * Host for CIMD `client_id` URLs when hubspot-connect sits behind a reverse\n * proxy (e.g. Vite → Deno): prefers `X-Forwarded-Host`, then `Host`, then the\n * request URL host.\n */\nexport function getRequestHostForHubspotConnect(\n options: GetRequestHostForHubspotConnectOptions\n): string {\n const rawForwarded = options.xForwardedHost?.split(',')[0]?.trim();\n if (rawForwarded) {\n try {\n return new URL(`https://${rawForwarded}`).host;\n } catch {\n /* invalid forwarded host */\n }\n }\n const rawHost = options.requestHostHeader?.split(',')[0]?.trim();\n if (rawHost) {\n try {\n return new URL(`https://${rawHost}`).host;\n } catch {\n /* invalid host header */\n }\n }\n return getRequestHost(options.requestUrl);\n}\n\nexport interface BuildOAuthRedirectUriFromRequestOptions {\n requestUrl: string;\n basePath: string;\n xForwardedProto?: string | undefined;\n xForwardedHost?: string | undefined;\n /** `Host` when `X-Forwarded-Host` is absent but `X-Forwarded-Proto` is set. */\n requestHostHeader?: string | undefined;\n}\n\nfunction normalizeHubSpotConnectBasePath(basePath: string): string {\n return basePath.endsWith('/') && basePath.length > 1\n ? basePath.slice(0, -1)\n : basePath;\n}\n\n/**\n * Public origin for hubspot-connect URLs (`redirect_uri`, CIMD `client_id`,\n * `jwks_uri`). Matches the host/proto rules used for the OAuth callback.\n */\nexport function buildHubSpotConnectRequestOrigin(\n options: BuildOAuthRedirectUriFromRequestOptions\n): string {\n const { requestUrl, xForwardedProto, xForwardedHost, requestHostHeader } =\n options;\n const proto = xForwardedProto?.split(',')[0]?.trim();\n if (proto && (proto === 'http' || proto === 'https')) {\n const forwardedHost = xForwardedHost?.split(',')[0]?.trim();\n const hostHeader = requestHostHeader?.split(',')[0]?.trim();\n const hostPart = forwardedHost || hostHeader || new URL(requestUrl).host;\n return `${proto}://${hostPart}`;\n }\n return new URL(requestUrl).origin;\n}\n\n/**\n * OAuth `redirect_uri` for the hubspot-connect callback. Uses\n * `X-Forwarded-Proto` with `X-Forwarded-Host`, then `Host`, then the request URL\n * host when the proto is forwarded (reverse proxy); otherwise the request URL\n * origin.\n */\nexport function buildOAuthRedirectUriFromRequest(\n options: BuildOAuthRedirectUriFromRequestOptions\n): string {\n const trimmed = normalizeHubSpotConnectBasePath(options.basePath);\n const origin = buildHubSpotConnectRequestOrigin(options);\n return `${origin}${trimmed}/auth/callback`;\n}\n\n/**\n * CIMD `client_id` URL: `{origin}{basePath}/client.json`.\n */\nexport function buildCimdClientIdUrlFromRequest(\n options: BuildOAuthRedirectUriFromRequestOptions\n): string {\n const trimmed = normalizeHubSpotConnectBasePath(options.basePath);\n const origin = buildHubSpotConnectRequestOrigin(options);\n return `${origin}${trimmed}/client.json`;\n}\n\n/**\n * App JWKS URL published in CIMD: `{origin}{basePath}/jwks.json`.\n */\nexport function buildHubSpotAppJwksUrlFromRequest(\n options: BuildOAuthRedirectUriFromRequestOptions\n): string {\n const trimmed = normalizeHubSpotConnectBasePath(options.basePath);\n const origin = buildHubSpotConnectRequestOrigin(options);\n return `${origin}${trimmed}/jwks.json`;\n}\n\nexport function isPositiveFiniteNumber(value: unknown): value is number {\n return typeof value === 'number' && Number.isFinite(value) && value > 0;\n}\n"],"mappings":";;;AAGA,SAAgB,gBAAgB,MAAsB;CACpD,OAAO,gBAAgB;EACrB;EACA,OAAO;EACP,MAAM;EACN,UAAU;EACV,QAAQ;EACR,aAAa;EACd,CAAC;;;;;;;;;;;;;;;;;;;AAoBJ,SAAgB,qBACd,cACe;CACf,IAAI,CAAC,cAAc,OAAO;CAC1B,IAAI;CACJ,IAAI;EACF,SAAS,IAAI,IAAI,aAAa;SACxB;EACN,OAAO;;CAET,IAAI,OAAO,aAAa,OAAO,OAAO,aAAa,IAAI,OAAO;CAC9D,IAAI,OAAO,WAAW,MAAM,OAAO,SAAS,IAAI,OAAO;CACvD,IAAI,OAAO,aAAa,UAAU,OAAO,OAAO;CAChD,IACE,OAAO,aAAa,YACnB,OAAO,aAAa,eAAe,OAAO,aAAa,cAExD,OAAO,OAAO;CAEhB,OAAO;;;;;;;;;;;;;AAcT,SAAgB,8BAA8B,WAA2B;CACvE,OAAO,GAAG,YAAY;;AAGxB,SAAgB,iBAAiB,SAA0B;CACzD,IAAI,CAAC,QAAQ,WAAW,IAAI,EAAE,OAAO;CACrC,IAAI,QAAQ,SAAS,KAAK,EAAE,OAAO;CACnC,IAAI;CACJ,IAAI;EACF,UAAU,mBAAmB,QAAQ;SAC/B;EACN,OAAO;;CAET,IAAI,CAAC,QAAQ,WAAW,IAAI,EAAE,OAAO;CACrC,MAAM,SAAS,QAAQ,OAAO,EAAE;CAChC,IAAI,WAAW,OAAO,WAAW,MAAM,OAAO;CAC9C,OAAO;;AAkDT,SAAS,gCAAgC,UAA0B;CACjE,OAAO,SAAS,SAAS,IAAI,IAAI,SAAS,SAAS,IAC/C,SAAS,MAAM,GAAG,GAAG,GACrB;;;;;;AAON,SAAgB,iCACd,SACQ;CACR,MAAM,EAAE,YAAY,iBAAiB,gBAAgB,sBACnD;CACF,MAAM,QAAQ,iBAAiB,MAAM,IAAI,CAAC,IAAI,MAAM;CACpD,IAAI,UAAU,UAAU,UAAU,UAAU,UAAU;EACpD,MAAM,gBAAgB,gBAAgB,MAAM,IAAI,CAAC,IAAI,MAAM;EAC3D,MAAM,aAAa,mBAAmB,MAAM,IAAI,CAAC,IAAI,MAAM;EAE3D,OAAO,GAAG,MAAM,KADC,iBAAiB,cAAc,IAAI,IAAI,WAAW,CAAC;;CAGtE,OAAO,IAAI,IAAI,WAAW,CAAC;;;;;;;;AAS7B,SAAgB,iCACd,SACQ;CACR,MAAM,UAAU,gCAAgC,QAAQ,SAAS;CAEjE,OAAO,GADQ,iCAAiC,QAChC,GAAG,QAAQ;;;;;AAM7B,SAAgB,gCACd,SACQ;CACR,MAAM,UAAU,gCAAgC,QAAQ,SAAS;CAEjE,OAAO,GADQ,iCAAiC,QAChC,GAAG,QAAQ;;;;;AAM7B,SAAgB,kCACd,SACQ;CACR,MAAM,UAAU,gCAAgC,QAAQ,SAAS;CAEjE,OAAO,GADQ,iCAAiC,QAChC,GAAG,QAAQ;;AAG7B,SAAgB,uBAAuB,OAAiC;CACtE,OAAO,OAAO,UAAU,YAAY,OAAO,SAAS,MAAM,IAAI,QAAQ"}
|
|
@@ -1,32 +0,0 @@
|
|
|
1
|
-
import { HubSpotClient } from "../api-client-core/types.js";
|
|
2
|
-
import { HubSpotProxy } from "../types.js";
|
|
3
|
-
|
|
4
|
-
//#region src/server/hono/types.d.ts
|
|
5
|
-
interface AppConnectRequestContext {
|
|
6
|
-
/**
|
|
7
|
-
* HubSpot API proxy.
|
|
8
|
-
*/
|
|
9
|
-
proxy: HubSpotProxy;
|
|
10
|
-
/**
|
|
11
|
-
* HubSpot API client.
|
|
12
|
-
*/
|
|
13
|
-
client: HubSpotClient;
|
|
14
|
-
/**
|
|
15
|
-
* Whether the browser session is authenticated.
|
|
16
|
-
*/
|
|
17
|
-
authenticated: boolean;
|
|
18
|
-
}
|
|
19
|
-
interface AppConnectHonoBindings {
|
|
20
|
-
hubSpot: AppConnectRequestContext;
|
|
21
|
-
}
|
|
22
|
-
/**
|
|
23
|
-
* Hono environment shape used by handlers running inside a hubspot-
|
|
24
|
-
* connect request handler. Exposes the per-request
|
|
25
|
-
* {@link AppConnectRequestContext} as `c.env.hubSpot`.
|
|
26
|
-
*/
|
|
27
|
-
interface AppConnectHonoEnv {
|
|
28
|
-
Bindings: AppConnectHonoBindings;
|
|
29
|
-
}
|
|
30
|
-
//#endregion
|
|
31
|
-
export { AppConnectHonoEnv };
|
|
32
|
-
//# sourceMappingURL=types.d.ts.map
|
|
@@ -1,30 +0,0 @@
|
|
|
1
|
-
//#region src/server/hono/utils/cookie-utils.ts
|
|
2
|
-
/**
|
|
3
|
-
* Appends a `Set-Cookie` header to the response. Hono replaces single
|
|
4
|
-
* headers by default, so this uses `{ append: true }` to emit multiple
|
|
5
|
-
* cookies on the same response.
|
|
6
|
-
*/
|
|
7
|
-
function setResponseCookie(options) {
|
|
8
|
-
const { c, value } = options;
|
|
9
|
-
c.header("Set-Cookie", value, { append: true });
|
|
10
|
-
}
|
|
11
|
-
/**
|
|
12
|
-
* Builds a `Set-Cookie` header value with HubSpot's default attributes
|
|
13
|
-
* (HttpOnly, Secure, SameSite). Centralizes the serialization so all
|
|
14
|
-
* cookies share the same policy.
|
|
15
|
-
*/
|
|
16
|
-
function serializeCookie(options) {
|
|
17
|
-
const { name, value, path, sameSite = "Strict", maxAge, secure = true, httpOnly = true, partitioned = false } = options;
|
|
18
|
-
const parts = [`${name}=${value}`];
|
|
19
|
-
if (httpOnly) parts.push("HttpOnly");
|
|
20
|
-
if (secure) parts.push("Secure");
|
|
21
|
-
parts.push(`SameSite=${sameSite}`);
|
|
22
|
-
parts.push(`Path=${path}`);
|
|
23
|
-
parts.push(`Max-Age=${maxAge}`);
|
|
24
|
-
if (partitioned) parts.push("Partitioned");
|
|
25
|
-
return parts.join("; ");
|
|
26
|
-
}
|
|
27
|
-
//#endregion
|
|
28
|
-
export { serializeCookie, setResponseCookie };
|
|
29
|
-
|
|
30
|
-
//# sourceMappingURL=cookie-utils.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"cookie-utils.js","names":[],"sources":["../../../../src/server/hono/utils/cookie-utils.ts"],"sourcesContent":["import type { Context } from 'hono';\n\nexport interface SetResponseCookieOptions {\n c: Context;\n value: string;\n}\n\n/**\n * Appends a `Set-Cookie` header to the response. Hono replaces single\n * headers by default, so this uses `{ append: true }` to emit multiple\n * cookies on the same response.\n */\nexport function setResponseCookie(options: SetResponseCookieOptions): void {\n const { c, value } = options;\n c.header('Set-Cookie', value, { append: true });\n}\n\nexport interface SerializeCookieOptions {\n name: string;\n value: string;\n /** `__Host-` prefix requires `Path=/` and is recommended for session cookies. */\n path: string;\n /**\n * Defaults to `Strict`.\n *\n * - `Strict`: only sent on same-site requests. Default for self-hosted\n * same-origin deployments.\n * - `Lax`: also sent on top-level cross-site GET navigations. Use for\n * short-lived OAuth temp cookies that need to survive a redirect.\n * - `None`: sent on all cross-site requests; **requires `Secure=true`\n * and is typically combined with `Partitioned=true`** for the\n * cross-origin Lovable / Supabase deployment shape.\n */\n sameSite?: 'Strict' | 'Lax' | 'None';\n /** Lifetime in seconds. `0` deletes the cookie. */\n maxAge: number;\n /** Defaults to `true`; only set `false` for tests or non-HTTPS dev hosts. */\n secure?: boolean;\n /** Defaults to `true`. */\n httpOnly?: boolean;\n /**\n * When `true`, appends the `Partitioned` attribute (CHIPS — Cookies\n * Having Independent Partitioned State). The browser then keys the\n * cookie by `(top-level site, cookie host)` instead of by cookie\n * host alone, which is required for the cross-origin SDK shape\n * where the React app and the SDK's edge functions live on\n * different sites and third-party cookies are blocked.\n *\n * Defaults to `false`. Browsers ignore `Partitioned` on cookies\n * without `Secure=true` and reject it on cookies without\n * `SameSite=None`.\n */\n partitioned?: boolean;\n}\n\n/**\n * Builds a `Set-Cookie` header value with HubSpot's default attributes\n * (HttpOnly, Secure, SameSite). Centralizes the serialization so all\n * cookies share the same policy.\n */\nexport function serializeCookie(options: SerializeCookieOptions): string {\n const {\n name,\n value,\n path,\n sameSite = 'Strict',\n maxAge,\n secure = true,\n httpOnly = true,\n partitioned = false,\n } = options;\n const parts: string[] = [`${name}=${value}`];\n if (httpOnly) parts.push('HttpOnly');\n if (secure) parts.push('Secure');\n parts.push(`SameSite=${sameSite}`);\n parts.push(`Path=${path}`);\n parts.push(`Max-Age=${maxAge}`);\n if (partitioned) parts.push('Partitioned');\n return parts.join('; ');\n}\n"],"mappings":";;;;;;AAYA,SAAgB,kBAAkB,SAAyC;CACzE,MAAM,EAAE,GAAG,UAAU;CACrB,EAAE,OAAO,cAAc,OAAO,EAAE,QAAQ,MAAM,CAAC;;;;;;;AA8CjD,SAAgB,gBAAgB,SAAyC;CACvE,MAAM,EACJ,MACA,OACA,MACA,WAAW,UACX,QACA,SAAS,MACT,WAAW,MACX,cAAc,UACZ;CACJ,MAAM,QAAkB,CAAC,GAAG,KAAK,GAAG,QAAQ;CAC5C,IAAI,UAAU,MAAM,KAAK,WAAW;CACpC,IAAI,QAAQ,MAAM,KAAK,SAAS;CAChC,MAAM,KAAK,YAAY,WAAW;CAClC,MAAM,KAAK,QAAQ,OAAO;CAC1B,MAAM,KAAK,WAAW,SAAS;CAC/B,IAAI,aAAa,MAAM,KAAK,cAAc;CAC1C,OAAO,MAAM,KAAK,KAAK"}
|
|
@@ -1,85 +0,0 @@
|
|
|
1
|
-
import { HUBSPOT_APP_ORIGIN_COOKIE_NAME } from "../../constants.js";
|
|
2
|
-
import { parseCookies } from "../../utils/cookie-utils.js";
|
|
3
|
-
//#region src/server/hono/utils/cors-middleware.ts
|
|
4
|
-
/**
|
|
5
|
-
* Comma-separated list of request headers the SDK accepts on
|
|
6
|
-
* cross-site fetches. Mirrors the Supabase Edge Functions defaults
|
|
7
|
-
* the Lovable AI agent emits today, plus `content-type` for the
|
|
8
|
-
* `auth/complete` POST body and `accept` so JSON content negotiation
|
|
9
|
-
* works.
|
|
10
|
-
*/
|
|
11
|
-
const ALLOWED_HEADERS = [
|
|
12
|
-
"authorization",
|
|
13
|
-
"x-client-info",
|
|
14
|
-
"apikey",
|
|
15
|
-
"content-type",
|
|
16
|
-
"accept",
|
|
17
|
-
"x-supabase-client-platform",
|
|
18
|
-
"x-supabase-client-platform-version",
|
|
19
|
-
"x-supabase-client-runtime",
|
|
20
|
-
"x-supabase-client-runtime-version"
|
|
21
|
-
].join(", ");
|
|
22
|
-
const ALLOWED_METHODS = "GET, POST, OPTIONS";
|
|
23
|
-
const PREFLIGHT_MAX_AGE_SECONDS = "600";
|
|
24
|
-
/**
|
|
25
|
-
* Reads the persisted app-origin cookie from the request, falling
|
|
26
|
-
* back to the literal `Origin` request header. The cookie is the
|
|
27
|
-
* authoritative pin once `auth/init-session` has run; on the very
|
|
28
|
-
* first init-session call (no cookie yet) we just echo whatever
|
|
29
|
-
* `Origin` the caller sent — the actual access decision is enforced
|
|
30
|
-
* by cookie-based authentication on every other route, not by CORS.
|
|
31
|
-
*/
|
|
32
|
-
function resolveAllowedOrigin(c) {
|
|
33
|
-
const pinned = parseCookies(c.req.header("Cookie"))[HUBSPOT_APP_ORIGIN_COOKIE_NAME];
|
|
34
|
-
if (pinned) return pinned;
|
|
35
|
-
return c.req.header("Origin") ?? null;
|
|
36
|
-
}
|
|
37
|
-
function setSharedCorsHeaders(c, allowOrigin) {
|
|
38
|
-
c.res.headers.set("Access-Control-Allow-Origin", allowOrigin);
|
|
39
|
-
c.res.headers.set("Access-Control-Allow-Credentials", "true");
|
|
40
|
-
c.res.headers.set("Vary", "Origin, Cookie");
|
|
41
|
-
}
|
|
42
|
-
/**
|
|
43
|
-
* Hono middleware that emits credentialed CORS response headers for
|
|
44
|
-
* the cross-origin Lovable / Supabase deployment shape.
|
|
45
|
-
*
|
|
46
|
-
* - On `OPTIONS` preflight: short-circuits with a 204 carrying
|
|
47
|
-
* `Access-Control-Allow-*` headers. The browser will then send the
|
|
48
|
-
* real request with cookies attached.
|
|
49
|
-
* - On every other method: echoes the pinned `__Host-hs_app_origin`
|
|
50
|
-
* cookie value (or, before init-session has run, the request
|
|
51
|
-
* `Origin` header) as `Access-Control-Allow-Origin`, with
|
|
52
|
-
* `Access-Control-Allow-Credentials: true`. The wildcard `*` is
|
|
53
|
-
* forbidden by browsers when credentials are included, so the
|
|
54
|
-
* middleware always echoes a concrete origin.
|
|
55
|
-
*
|
|
56
|
-
* Skips header emission entirely when the request has no `Origin`
|
|
57
|
-
* (server-to-server calls, curl, etc.) so non-browser callers are
|
|
58
|
-
* left untouched.
|
|
59
|
-
*/
|
|
60
|
-
function corsMiddleware() {
|
|
61
|
-
return async (c, next) => {
|
|
62
|
-
const allowOrigin = resolveAllowedOrigin(c);
|
|
63
|
-
if (c.req.method === "OPTIONS") {
|
|
64
|
-
const headers = new Headers();
|
|
65
|
-
if (allowOrigin) {
|
|
66
|
-
headers.set("Access-Control-Allow-Origin", allowOrigin);
|
|
67
|
-
headers.set("Access-Control-Allow-Credentials", "true");
|
|
68
|
-
headers.set("Vary", "Origin, Cookie");
|
|
69
|
-
}
|
|
70
|
-
headers.set("Access-Control-Allow-Methods", ALLOWED_METHODS);
|
|
71
|
-
headers.set("Access-Control-Allow-Headers", ALLOWED_HEADERS);
|
|
72
|
-
headers.set("Access-Control-Max-Age", PREFLIGHT_MAX_AGE_SECONDS);
|
|
73
|
-
return new Response(null, {
|
|
74
|
-
status: 204,
|
|
75
|
-
headers
|
|
76
|
-
});
|
|
77
|
-
}
|
|
78
|
-
await next();
|
|
79
|
-
if (allowOrigin) setSharedCorsHeaders(c, allowOrigin);
|
|
80
|
-
};
|
|
81
|
-
}
|
|
82
|
-
//#endregion
|
|
83
|
-
export { corsMiddleware };
|
|
84
|
-
|
|
85
|
-
//# sourceMappingURL=cors-middleware.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"cors-middleware.js","names":[],"sources":["../../../../src/server/hono/utils/cors-middleware.ts"],"sourcesContent":["import type { Context, MiddlewareHandler } from 'hono';\n\nimport { HUBSPOT_APP_ORIGIN_COOKIE_NAME } from '../../constants.ts';\nimport { parseCookies } from '../../utils/cookie-utils.ts';\n\n/**\n * Comma-separated list of request headers the SDK accepts on\n * cross-site fetches. Mirrors the Supabase Edge Functions defaults\n * the Lovable AI agent emits today, plus `content-type` for the\n * `auth/complete` POST body and `accept` so JSON content negotiation\n * works.\n */\nconst ALLOWED_HEADERS = [\n 'authorization',\n 'x-client-info',\n 'apikey',\n 'content-type',\n 'accept',\n 'x-supabase-client-platform',\n 'x-supabase-client-platform-version',\n 'x-supabase-client-runtime',\n 'x-supabase-client-runtime-version',\n].join(', ');\n\nconst ALLOWED_METHODS = 'GET, POST, OPTIONS';\n\nconst PREFLIGHT_MAX_AGE_SECONDS = '600';\n\n/**\n * Reads the persisted app-origin cookie from the request, falling\n * back to the literal `Origin` request header. The cookie is the\n * authoritative pin once `auth/init-session` has run; on the very\n * first init-session call (no cookie yet) we just echo whatever\n * `Origin` the caller sent — the actual access decision is enforced\n * by cookie-based authentication on every other route, not by CORS.\n */\nfunction resolveAllowedOrigin(c: Context): string | null {\n const cookies = parseCookies(c.req.header('Cookie'));\n const pinned = cookies[HUBSPOT_APP_ORIGIN_COOKIE_NAME];\n if (pinned) return pinned;\n return c.req.header('Origin') ?? null;\n}\n\nfunction setSharedCorsHeaders(c: Context, allowOrigin: string): void {\n c.res.headers.set('Access-Control-Allow-Origin', allowOrigin);\n c.res.headers.set('Access-Control-Allow-Credentials', 'true');\n // `Origin` so caches differentiate per-caller responses; `Cookie`\n // because the allowed origin is derived from the persisted\n // `__Host-hs_app_origin` cookie.\n c.res.headers.set('Vary', 'Origin, Cookie');\n}\n\n/**\n * Hono middleware that emits credentialed CORS response headers for\n * the cross-origin Lovable / Supabase deployment shape.\n *\n * - On `OPTIONS` preflight: short-circuits with a 204 carrying\n * `Access-Control-Allow-*` headers. The browser will then send the\n * real request with cookies attached.\n * - On every other method: echoes the pinned `__Host-hs_app_origin`\n * cookie value (or, before init-session has run, the request\n * `Origin` header) as `Access-Control-Allow-Origin`, with\n * `Access-Control-Allow-Credentials: true`. The wildcard `*` is\n * forbidden by browsers when credentials are included, so the\n * middleware always echoes a concrete origin.\n *\n * Skips header emission entirely when the request has no `Origin`\n * (server-to-server calls, curl, etc.) so non-browser callers are\n * left untouched.\n */\nexport function corsMiddleware(): MiddlewareHandler {\n return async (c, next) => {\n const allowOrigin = resolveAllowedOrigin(c);\n\n if (c.req.method === 'OPTIONS') {\n const headers = new Headers();\n if (allowOrigin) {\n headers.set('Access-Control-Allow-Origin', allowOrigin);\n headers.set('Access-Control-Allow-Credentials', 'true');\n headers.set('Vary', 'Origin, Cookie');\n }\n headers.set('Access-Control-Allow-Methods', ALLOWED_METHODS);\n headers.set('Access-Control-Allow-Headers', ALLOWED_HEADERS);\n headers.set('Access-Control-Max-Age', PREFLIGHT_MAX_AGE_SECONDS);\n return new Response(null, { status: 204, headers });\n }\n\n await next();\n\n if (allowOrigin) {\n setSharedCorsHeaders(c, allowOrigin);\n }\n return;\n };\n}\n"],"mappings":";;;;;;;;;;AAYA,MAAM,kBAAkB;CACtB;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD,CAAC,KAAK,KAAK;AAEZ,MAAM,kBAAkB;AAExB,MAAM,4BAA4B;;;;;;;;;AAUlC,SAAS,qBAAqB,GAA2B;CAEvD,MAAM,SADU,aAAa,EAAE,IAAI,OAAO,SAAS,CAC7B,CAAC;CACvB,IAAI,QAAQ,OAAO;CACnB,OAAO,EAAE,IAAI,OAAO,SAAS,IAAI;;AAGnC,SAAS,qBAAqB,GAAY,aAA2B;CACnE,EAAE,IAAI,QAAQ,IAAI,+BAA+B,YAAY;CAC7D,EAAE,IAAI,QAAQ,IAAI,oCAAoC,OAAO;CAI7D,EAAE,IAAI,QAAQ,IAAI,QAAQ,iBAAiB;;;;;;;;;;;;;;;;;;;;AAqB7C,SAAgB,iBAAoC;CAClD,OAAO,OAAO,GAAG,SAAS;EACxB,MAAM,cAAc,qBAAqB,EAAE;EAE3C,IAAI,EAAE,IAAI,WAAW,WAAW;GAC9B,MAAM,UAAU,IAAI,SAAS;GAC7B,IAAI,aAAa;IACf,QAAQ,IAAI,+BAA+B,YAAY;IACvD,QAAQ,IAAI,oCAAoC,OAAO;IACvD,QAAQ,IAAI,QAAQ,iBAAiB;;GAEvC,QAAQ,IAAI,gCAAgC,gBAAgB;GAC5D,QAAQ,IAAI,gCAAgC,gBAAgB;GAC5D,QAAQ,IAAI,0BAA0B,0BAA0B;GAChE,OAAO,IAAI,SAAS,MAAM;IAAE,QAAQ;IAAK;IAAS,CAAC;;EAGrD,MAAM,MAAM;EAEZ,IAAI,aACF,qBAAqB,GAAG,YAAY"}
|
|
@@ -1,42 +0,0 @@
|
|
|
1
|
-
import { base64StandardToArrayBuffer } from "./shared/encoding/base64.js";
|
|
2
|
-
//#region src/server/import-app-keys.ts
|
|
3
|
-
/**
|
|
4
|
-
* Imports a base64-encoded PKCS8 ES256 private key into the
|
|
5
|
-
* `AppKeys` shape used throughout the SDK.
|
|
6
|
-
*
|
|
7
|
-
* The function imports the key twice: once as **extractable** to
|
|
8
|
-
* derive the public JWK (via `crypto.subtle.exportKey`), and once
|
|
9
|
-
* as **non-extractable** so the long-lived `appPrivateKey` can never
|
|
10
|
-
* be exfiltrated.
|
|
11
|
-
*
|
|
12
|
-
* @throws {Error} When `envKey` is empty/undefined or when the key
|
|
13
|
-
* isn't an EC P-256 keypair.
|
|
14
|
-
*/
|
|
15
|
-
async function importAppKeys(envKey) {
|
|
16
|
-
const b64 = envKey?.trim() ?? "";
|
|
17
|
-
if (!b64) throw new Error("HUBSPOT_APP_PRIVATE_KEY is not set");
|
|
18
|
-
const pkcs8 = base64StandardToArrayBuffer(b64);
|
|
19
|
-
const tempPrivateKey = await crypto.subtle.importKey("pkcs8", pkcs8, {
|
|
20
|
-
name: "ECDSA",
|
|
21
|
-
namedCurve: "P-256"
|
|
22
|
-
}, true, ["sign"]);
|
|
23
|
-
const privateJwk = await crypto.subtle.exportKey("jwk", tempPrivateKey);
|
|
24
|
-
if (privateJwk.kty !== "EC" || privateJwk.crv !== "P-256" || typeof privateJwk.x !== "string" || typeof privateJwk.y !== "string") throw new Error("Expected P-256 EC private key JWK with x and y");
|
|
25
|
-
const appPublicKeyJwk = {
|
|
26
|
-
kty: "EC",
|
|
27
|
-
crv: "P-256",
|
|
28
|
-
x: privateJwk.x,
|
|
29
|
-
y: privateJwk.y
|
|
30
|
-
};
|
|
31
|
-
return {
|
|
32
|
-
appPrivateKey: await crypto.subtle.importKey("pkcs8", pkcs8, {
|
|
33
|
-
name: "ECDSA",
|
|
34
|
-
namedCurve: "P-256"
|
|
35
|
-
}, false, ["sign"]),
|
|
36
|
-
appPublicKeyJwk
|
|
37
|
-
};
|
|
38
|
-
}
|
|
39
|
-
//#endregion
|
|
40
|
-
export { importAppKeys };
|
|
41
|
-
|
|
42
|
-
//# sourceMappingURL=import-app-keys.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"import-app-keys.js","names":[],"sources":["../../src/server/import-app-keys.ts"],"sourcesContent":["import type { AppKeys } from './types.ts';\nimport { base64StandardToArrayBuffer } from './utils/base64-utils.ts';\n\n/**\n * Imports a base64-encoded PKCS8 ES256 private key into the\n * `AppKeys` shape used throughout the SDK.\n *\n * The function imports the key twice: once as **extractable** to\n * derive the public JWK (via `crypto.subtle.exportKey`), and once\n * as **non-extractable** so the long-lived `appPrivateKey` can never\n * be exfiltrated.\n *\n * @throws {Error} When `envKey` is empty/undefined or when the key\n * isn't an EC P-256 keypair.\n */\nexport async function importAppKeys(\n envKey: string | undefined\n): Promise<AppKeys> {\n const b64 = envKey?.trim() ?? '';\n if (!b64) {\n throw new Error('HUBSPOT_APP_PRIVATE_KEY is not set');\n }\n\n const pkcs8 = base64StandardToArrayBuffer(b64);\n const tempPrivateKey = await crypto.subtle.importKey(\n 'pkcs8',\n pkcs8,\n { name: 'ECDSA', namedCurve: 'P-256' },\n true,\n ['sign']\n );\n const privateJwk = await crypto.subtle.exportKey('jwk', tempPrivateKey);\n if (\n privateJwk.kty !== 'EC' ||\n privateJwk.crv !== 'P-256' ||\n typeof privateJwk.x !== 'string' ||\n typeof privateJwk.y !== 'string'\n ) {\n throw new Error('Expected P-256 EC private key JWK with x and y');\n }\n const appPublicKeyJwk: JsonWebKey = {\n kty: 'EC',\n crv: 'P-256',\n x: privateJwk.x,\n y: privateJwk.y,\n };\n const appPrivateKey = await crypto.subtle.importKey(\n 'pkcs8',\n pkcs8,\n { name: 'ECDSA', namedCurve: 'P-256' },\n false,\n ['sign']\n );\n return { appPrivateKey, appPublicKeyJwk };\n}\n"],"mappings":";;;;;;;;;;;;;;AAeA,eAAsB,cACpB,QACkB;CAClB,MAAM,MAAM,QAAQ,MAAM,IAAI;CAC9B,IAAI,CAAC,KACH,MAAM,IAAI,MAAM,qCAAqC;CAGvD,MAAM,QAAQ,4BAA4B,IAAI;CAC9C,MAAM,iBAAiB,MAAM,OAAO,OAAO,UACzC,SACA,OACA;EAAE,MAAM;EAAS,YAAY;EAAS,EACtC,MACA,CAAC,OAAO,CACT;CACD,MAAM,aAAa,MAAM,OAAO,OAAO,UAAU,OAAO,eAAe;CACvE,IACE,WAAW,QAAQ,QACnB,WAAW,QAAQ,WACnB,OAAO,WAAW,MAAM,YACxB,OAAO,WAAW,MAAM,UAExB,MAAM,IAAI,MAAM,iDAAiD;CAEnE,MAAM,kBAA8B;EAClC,KAAK;EACL,KAAK;EACL,GAAG,WAAW;EACd,GAAG,WAAW;EACf;CAQD,OAAO;EAAE,eAAA,MAPmB,OAAO,OAAO,UACxC,SACA,OACA;GAAE,MAAM;GAAS,YAAY;GAAS,EACtC,OACA,CAAC,OAAO,CACT;EACuB;EAAiB"}
|
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
import { SecureStartContext } from "../secure-start-core.js";
|
|
2
|
-
import { Logger } from "../shared/logger.js";
|
|
3
|
-
import { AppConnectHonoEnv } from "../hono/types.js";
|
|
4
|
-
import { Hono } from "hono";
|
|
5
|
-
|
|
6
|
-
//#region src/server/lovable/create-app-function-start.d.ts
|
|
7
|
-
type RegisterAppFunctionRoutesFunction = (app: Hono<AppConnectHonoEnv>) => void;
|
|
8
|
-
interface CreateAppFunctionStartOptions {
|
|
9
|
-
/** Base path the user's routes are mounted under (e.g. `/functions/v1/api`). */
|
|
10
|
-
basePath: string;
|
|
11
|
-
/** Attach app routes to the SDK-owned Hono instance. */
|
|
12
|
-
registerRoutes: RegisterAppFunctionRoutesFunction;
|
|
13
|
-
/** Optional logger forwarded to `createAppConnectRequestHandler`. */
|
|
14
|
-
logger?: Logger;
|
|
15
|
-
}
|
|
16
|
-
type AppFunctionStart = (context: SecureStartContext) => Promise<void>;
|
|
17
|
-
/**
|
|
18
|
-
* Builds a Deno-style `start({ appKeys })` entry point that boots a
|
|
19
|
-
* Hono app under `basePath`, wires the SDK's per-request HubSpot
|
|
20
|
-
* proxy via `createAppConnectRequestHandler`, and serves it with
|
|
21
|
-
* `Deno.serve` on `PORT`.
|
|
22
|
-
*/
|
|
23
|
-
declare function createAppFunctionStart(options: CreateAppFunctionStartOptions): AppFunctionStart;
|
|
24
|
-
//#endregion
|
|
25
|
-
export { AppFunctionStart, CreateAppFunctionStartOptions, RegisterAppFunctionRoutesFunction, createAppFunctionStart };
|
|
26
|
-
//# sourceMappingURL=create-app-function-start.d.ts.map
|
|
@@ -1,28 +0,0 @@
|
|
|
1
|
-
import { createAppConnectRequestHandler } from "../hono/hono-request-handler.js";
|
|
2
|
-
//#region src/server/lovable/create-app-function-start.ts
|
|
3
|
-
const PORT = Deno.env.get("PORT");
|
|
4
|
-
const serveOptions = typeof PORT === "string" ? { port: parseInt(PORT, 10) } : {};
|
|
5
|
-
/**
|
|
6
|
-
* Builds a Deno-style `start({ appKeys })` entry point that boots a
|
|
7
|
-
* Hono app under `basePath`, wires the SDK's per-request HubSpot
|
|
8
|
-
* proxy via `createAppConnectRequestHandler`, and serves it with
|
|
9
|
-
* `Deno.serve` on `PORT`.
|
|
10
|
-
*/
|
|
11
|
-
function createAppFunctionStart(options) {
|
|
12
|
-
const { basePath, registerRoutes, logger } = options;
|
|
13
|
-
return ({ appKeys }) => {
|
|
14
|
-
Deno.serve(serveOptions, createAppConnectRequestHandler({
|
|
15
|
-
appKeys,
|
|
16
|
-
...logger !== void 0 ? { logger } : {},
|
|
17
|
-
registerRoutes: (app) => {
|
|
18
|
-
registerRoutes(app.basePath(basePath));
|
|
19
|
-
}
|
|
20
|
-
}));
|
|
21
|
-
console.log(`[app-function ${basePath}] Listening on http://localhost:${PORT}`);
|
|
22
|
-
return Promise.resolve();
|
|
23
|
-
};
|
|
24
|
-
}
|
|
25
|
-
//#endregion
|
|
26
|
-
export { createAppFunctionStart };
|
|
27
|
-
|
|
28
|
-
//# sourceMappingURL=create-app-function-start.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"create-app-function-start.js","names":[],"sources":["../../../src/server/lovable/create-app-function-start.ts"],"sourcesContent":["import type { Hono } from 'hono';\n\nimport type { Logger } from '../../shared/logger.ts';\nimport { createAppConnectRequestHandler } from '../hono/hono-request-handler.ts';\nimport type { AppConnectHonoEnv } from '../hono/types.ts';\nimport type { SecureStartContext } from '../secure-start-core.ts';\n\nconst PORT = Deno.env.get('PORT');\nconst serveOptions =\n typeof PORT === 'string' ? { port: parseInt(PORT, 10) } : {};\n\nexport type RegisterAppFunctionRoutesFunction = (\n app: Hono<AppConnectHonoEnv>\n) => void;\n\nexport interface CreateAppFunctionStartOptions {\n /** Base path the user's routes are mounted under (e.g. `/functions/v1/api`). */\n basePath: string;\n /** Attach app routes to the SDK-owned Hono instance. */\n registerRoutes: RegisterAppFunctionRoutesFunction;\n /** Optional logger forwarded to `createAppConnectRequestHandler`. */\n logger?: Logger;\n}\n\nexport type AppFunctionStart = (context: SecureStartContext) => Promise<void>;\n\n/**\n * Builds a Deno-style `start({ appKeys })` entry point that boots a\n * Hono app under `basePath`, wires the SDK's per-request HubSpot\n * proxy via `createAppConnectRequestHandler`, and serves it with\n * `Deno.serve` on `PORT`.\n */\nexport function createAppFunctionStart(\n options: CreateAppFunctionStartOptions\n): AppFunctionStart {\n const { basePath, registerRoutes, logger } = options;\n\n return ({ appKeys }) => {\n Deno.serve(\n serveOptions,\n createAppConnectRequestHandler({\n appKeys,\n ...(logger !== undefined ? { logger } : {}),\n registerRoutes: (app) => {\n registerRoutes(app.basePath(basePath));\n },\n })\n );\n\n console.log(\n `[app-function ${basePath}] Listening on http://localhost:${PORT}`\n );\n return Promise.resolve();\n };\n}\n"],"mappings":";;AAOA,MAAM,OAAO,KAAK,IAAI,IAAI,OAAO;AACjC,MAAM,eACJ,OAAO,SAAS,WAAW,EAAE,MAAM,SAAS,MAAM,GAAG,EAAE,GAAG,EAAE;;;;;;;AAuB9D,SAAgB,uBACd,SACkB;CAClB,MAAM,EAAE,UAAU,gBAAgB,WAAW;CAE7C,QAAQ,EAAE,cAAc;EACtB,KAAK,MACH,cACA,+BAA+B;GAC7B;GACA,GAAI,WAAW,KAAA,IAAY,EAAE,QAAQ,GAAG,EAAE;GAC1C,iBAAiB,QAAQ;IACvB,eAAe,IAAI,SAAS,SAAS,CAAC;;GAEzC,CAAC,CACH;EAED,QAAQ,IACN,iBAAiB,SAAS,kCAAkC,OAC7D;EACD,OAAO,QAAQ,SAAS"}
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
import { HubSpotConnectCimdClientMetadata } from "../../hono/hubspot-connect-routes/cimd-client-metadata-types.js";
|
|
2
|
-
|
|
3
|
-
//#region src/server/lovable/hubspot-connect/index.d.ts
|
|
4
|
-
interface StartHubSpotConnectFunctionOptions {
|
|
5
|
-
client: HubSpotConnectCimdClientMetadata;
|
|
6
|
-
}
|
|
7
|
-
/**
|
|
8
|
-
* Lovable-style entry point for the hubspot-connect Deno function.
|
|
9
|
-
* Loads `HUBSPOT_APP_PRIVATE_KEY` via `secureStart`, then serves OAuth
|
|
10
|
-
* and CIMD routes under `/functions/v1/hubspot-connect`.
|
|
11
|
-
*/
|
|
12
|
-
declare function startHubSpotConnectFunction(options: StartHubSpotConnectFunctionOptions): Promise<void>;
|
|
13
|
-
//#endregion
|
|
14
|
-
export { StartHubSpotConnectFunctionOptions, startHubSpotConnectFunction };
|
|
15
|
-
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1,20 +0,0 @@
|
|
|
1
|
-
import { secureStart } from "../../deno/start.js";
|
|
2
|
-
import { assertHubSpotConnectCimdClientMetadata } from "../../hono/hubspot-connect-routes/cimd-client-metadata-types.js";
|
|
3
|
-
import { runHubSpotConnectLovableServer } from "./run-hubspot-connect-lovable-server.js";
|
|
4
|
-
//#region src/server/lovable/hubspot-connect/index.ts
|
|
5
|
-
/**
|
|
6
|
-
* Lovable-style entry point for the hubspot-connect Deno function.
|
|
7
|
-
* Loads `HUBSPOT_APP_PRIVATE_KEY` via `secureStart`, then serves OAuth
|
|
8
|
-
* and CIMD routes under `/functions/v1/hubspot-connect`.
|
|
9
|
-
*/
|
|
10
|
-
async function startHubSpotConnectFunction(options) {
|
|
11
|
-
assertHubSpotConnectCimdClientMetadata(options.client);
|
|
12
|
-
await secureStart(async () => ({ start: (context) => runHubSpotConnectLovableServer({
|
|
13
|
-
...context,
|
|
14
|
-
cimdClientMetadata: options.client
|
|
15
|
-
}) }));
|
|
16
|
-
}
|
|
17
|
-
//#endregion
|
|
18
|
-
export { startHubSpotConnectFunction };
|
|
19
|
-
|
|
20
|
-
//# sourceMappingURL=index.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":[],"sources":["../../../../src/server/lovable/hubspot-connect/index.ts"],"sourcesContent":["import { secureStart } from '../../deno/start.ts';\nimport { assertHubSpotConnectCimdClientMetadata } from '../../hono/hubspot-connect-routes/cimd-client-metadata-types.ts';\nimport type { HubSpotConnectCimdClientMetadata } from '../../hono/hubspot-connect-routes/cimd-client-metadata-types.ts';\nimport { runHubSpotConnectLovableServer } from './run-hubspot-connect-lovable-server.ts';\n\nexport type { HubSpotConnectCimdClientMetadata } from '../../hono/hubspot-connect-routes/cimd-client-metadata-types.ts';\n\nexport interface StartHubSpotConnectFunctionOptions {\n client: HubSpotConnectCimdClientMetadata;\n}\n\n/**\n * Lovable-style entry point for the hubspot-connect Deno function.\n * Loads `HUBSPOT_APP_PRIVATE_KEY` via `secureStart`, then serves OAuth\n * and CIMD routes under `/functions/v1/hubspot-connect`.\n */\nexport async function startHubSpotConnectFunction(\n options: StartHubSpotConnectFunctionOptions\n): Promise<void> {\n assertHubSpotConnectCimdClientMetadata(options.client);\n await secureStart(async () => ({\n start: (context) =>\n runHubSpotConnectLovableServer({\n ...context,\n cimdClientMetadata: options.client,\n }),\n }));\n}\n"],"mappings":";;;;;;;;;AAgBA,eAAsB,4BACpB,SACe;CACf,uCAAuC,QAAQ,OAAO;CACtD,MAAM,YAAY,aAAa,EAC7B,QAAQ,YACN,+BAA+B;EAC7B,GAAG;EACH,oBAAoB,QAAQ;EAC7B,CAAC,EACL,EAAE"}
|
|
@@ -1,29 +0,0 @@
|
|
|
1
|
-
import { registerHubSpotConnectRoutes } from "../../hono/hubspot-connect-routes/hubspot-connect-routes.js";
|
|
2
|
-
import { loadHubSpotConnectRoutesEnv } from "../../hono/hubspot-connect-routes/load-hubspot-connect-routes-env.js";
|
|
3
|
-
import "../../hono/index.js";
|
|
4
|
-
import { Hono } from "hono";
|
|
5
|
-
//#region src/server/lovable/hubspot-connect/run-hubspot-connect-lovable-server.ts
|
|
6
|
-
const PORT = Deno.env.get("PORT");
|
|
7
|
-
const serveOptions = typeof PORT === "string" ? { port: parseInt(PORT, 10) } : {};
|
|
8
|
-
const HUBSPOT_CONNECT_BASE_PATH = "/functions/v1/hubspot-connect";
|
|
9
|
-
function runHubSpotConnectLovableServer(options) {
|
|
10
|
-
const { appKeys, cimdClientMetadata } = options;
|
|
11
|
-
const hubspotConnectEnv = loadHubSpotConnectRoutesEnv();
|
|
12
|
-
const result = Deno.serve(serveOptions, (request) => {
|
|
13
|
-
const app = new Hono();
|
|
14
|
-
registerHubSpotConnectRoutes({
|
|
15
|
-
app: app.basePath(HUBSPOT_CONNECT_BASE_PATH),
|
|
16
|
-
appKeys,
|
|
17
|
-
basePath: HUBSPOT_CONNECT_BASE_PATH,
|
|
18
|
-
hubspotConnectEnv,
|
|
19
|
-
cimdClientMetadata
|
|
20
|
-
});
|
|
21
|
-
return app.fetch(request);
|
|
22
|
-
});
|
|
23
|
-
console.log(`[hubspot-connect] Listening on ${result.addr.port}`);
|
|
24
|
-
return Promise.resolve();
|
|
25
|
-
}
|
|
26
|
-
//#endregion
|
|
27
|
-
export { runHubSpotConnectLovableServer };
|
|
28
|
-
|
|
29
|
-
//# sourceMappingURL=run-hubspot-connect-lovable-server.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"run-hubspot-connect-lovable-server.js","names":[],"sources":["../../../../src/server/lovable/hubspot-connect/run-hubspot-connect-lovable-server.ts"],"sourcesContent":["import { Hono } from 'hono';\n\nimport type { SecureStartContext } from '../../deno/start.ts';\nimport type { HubSpotConnectCimdClientMetadata } from '../../hono/hubspot-connect-routes/cimd-client-metadata-types.ts';\nimport {\n loadHubSpotConnectRoutesEnv,\n registerHubSpotConnectRoutes,\n} from '../../hono/index.ts';\n\nconst PORT = Deno.env.get('PORT');\nconst serveOptions =\n typeof PORT === 'string' ? { port: parseInt(PORT, 10) } : {};\nconst HUBSPOT_CONNECT_BASE_PATH = '/functions/v1/hubspot-connect';\n\nexport interface RunHubSpotConnectLovableServerOptions extends SecureStartContext {\n cimdClientMetadata: HubSpotConnectCimdClientMetadata;\n}\n\nexport function runHubSpotConnectLovableServer(\n options: RunHubSpotConnectLovableServerOptions\n): Promise<void> {\n const { appKeys, cimdClientMetadata } = options;\n const hubspotConnectEnv = loadHubSpotConnectRoutesEnv();\n const result = Deno.serve(serveOptions, (request) => {\n const app = new Hono();\n\n registerHubSpotConnectRoutes({\n app: app.basePath(HUBSPOT_CONNECT_BASE_PATH),\n appKeys,\n basePath: HUBSPOT_CONNECT_BASE_PATH,\n hubspotConnectEnv,\n cimdClientMetadata,\n });\n\n return app.fetch(request);\n });\n\n console.log(`[hubspot-connect] Listening on ${result.addr.port}`);\n return Promise.resolve();\n}\n"],"mappings":";;;;;AASA,MAAM,OAAO,KAAK,IAAI,IAAI,OAAO;AACjC,MAAM,eACJ,OAAO,SAAS,WAAW,EAAE,MAAM,SAAS,MAAM,GAAG,EAAE,GAAG,EAAE;AAC9D,MAAM,4BAA4B;AAMlC,SAAgB,+BACd,SACe;CACf,MAAM,EAAE,SAAS,uBAAuB;CACxC,MAAM,oBAAoB,6BAA6B;CACvD,MAAM,SAAS,KAAK,MAAM,eAAe,YAAY;EACnD,MAAM,MAAM,IAAI,MAAM;EAEtB,6BAA6B;GAC3B,KAAK,IAAI,SAAS,0BAA0B;GAC5C;GACA,UAAU;GACV;GACA;GACD,CAAC;EAEF,OAAO,IAAI,MAAM,QAAQ;GACzB;CAEF,QAAQ,IAAI,kCAAkC,OAAO,KAAK,OAAO;CACjE,OAAO,QAAQ,SAAS"}
|
package/dist/server/proxy.js
DELETED
|
@@ -1,68 +0,0 @@
|
|
|
1
|
-
import { signDpopProof } from "./utils/dpop-utils.js";
|
|
2
|
-
import { sha256base64url } from "./shared/encoding/sha256.js";
|
|
3
|
-
import { isHubspotDpopEnabled, requireEnv } from "./utils/env-utils.js";
|
|
4
|
-
import { noopLogger } from "./shared/logger.js";
|
|
5
|
-
//#region src/server/proxy.ts
|
|
6
|
-
const HUBSPOT_API_ORIGIN = requireEnv("HUBSPOT_API_ORIGIN");
|
|
7
|
-
const notAuthenticated = {
|
|
8
|
-
authenticated: false,
|
|
9
|
-
fetch: async () => {
|
|
10
|
-
return new Response(null, {
|
|
11
|
-
status: 401,
|
|
12
|
-
statusText: "Unauthorized",
|
|
13
|
-
headers: { "Content-Type": "application/json" }
|
|
14
|
-
});
|
|
15
|
-
}
|
|
16
|
-
};
|
|
17
|
-
const EMPTY_HEADERS = {};
|
|
18
|
-
function createHubSpotProxy(options) {
|
|
19
|
-
const { userCredentials, appKeys, logger = noopLogger } = options;
|
|
20
|
-
if (isHubspotDpopEnabled() && appKeys === null) throw new Error("createHubSpotProxy: appKeys is required when HUBSPOT_DPOP_ENABLED is not false");
|
|
21
|
-
const { accessToken, sessionId } = userCredentials;
|
|
22
|
-
if (!accessToken || !sessionId) {
|
|
23
|
-
logger.debug("createHubSpotProxy: returning unauthenticated proxy (missing cookies)");
|
|
24
|
-
return notAuthenticated;
|
|
25
|
-
}
|
|
26
|
-
async function proxyFetch(request) {
|
|
27
|
-
const { path, method = "GET", headers = EMPTY_HEADERS, body } = request;
|
|
28
|
-
const targetUrl = `${HUBSPOT_API_ORIGIN}${path}`;
|
|
29
|
-
const useDpop = isHubspotDpopEnabled();
|
|
30
|
-
let authorizationHeaders;
|
|
31
|
-
if (useDpop) {
|
|
32
|
-
const ath = await sha256base64url(accessToken);
|
|
33
|
-
const sid = await sha256base64url(sessionId);
|
|
34
|
-
const dpopProof = await signDpopProof({
|
|
35
|
-
appKeys,
|
|
36
|
-
claims: {
|
|
37
|
-
htm: method,
|
|
38
|
-
htu: targetUrl,
|
|
39
|
-
jti: crypto.randomUUID(),
|
|
40
|
-
iat: Math.floor(Date.now() / 1e3),
|
|
41
|
-
ath,
|
|
42
|
-
sid
|
|
43
|
-
}
|
|
44
|
-
});
|
|
45
|
-
authorizationHeaders = {
|
|
46
|
-
Authorization: `DPoP ${accessToken}`,
|
|
47
|
-
DPoP: dpopProof
|
|
48
|
-
};
|
|
49
|
-
} else authorizationHeaders = { Authorization: `Bearer ${accessToken}` };
|
|
50
|
-
const requestInit = {
|
|
51
|
-
headers: {
|
|
52
|
-
...headers,
|
|
53
|
-
...authorizationHeaders
|
|
54
|
-
},
|
|
55
|
-
method
|
|
56
|
-
};
|
|
57
|
-
if (body != null) requestInit.body = body;
|
|
58
|
-
return fetch(targetUrl, requestInit);
|
|
59
|
-
}
|
|
60
|
-
return {
|
|
61
|
-
authenticated: true,
|
|
62
|
-
fetch: proxyFetch
|
|
63
|
-
};
|
|
64
|
-
}
|
|
65
|
-
//#endregion
|
|
66
|
-
export { createHubSpotProxy };
|
|
67
|
-
|
|
68
|
-
//# sourceMappingURL=proxy.js.map
|
package/dist/server/proxy.js.map
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"proxy.js","names":[],"sources":["../../src/server/proxy.ts"],"sourcesContent":["import { noopLogger, type Logger } from '../shared/logger.ts';\nimport {\n type AppKeys,\n type HubSpotProxy,\n type HubSpotProxyRequest,\n type UserCredentials,\n} from './types.ts';\nimport { sha256base64url } from './utils/crypto-utils.ts';\nimport { signDpopProof } from './utils/dpop-utils.ts';\nimport { isHubspotDpopEnabled, requireEnv } from './utils/env-utils.ts';\n\nconst HUBSPOT_API_ORIGIN = requireEnv('HUBSPOT_API_ORIGIN');\n\n/**\n * Options accepted by {@link createHubSpotProxy}.\n */\nexport interface CreateHubSpotProxyOptions {\n /**\n * User session context from the incoming browser request.\n */\n userCredentials: UserCredentials;\n\n /**\n * Imported app keys from `secureStart`, or `null` when CIMD and DPoP\n * are both disabled.\n */\n appKeys: AppKeys | null;\n /** Optional logger. Defaults to a no-op logger. */\n logger?: Logger;\n}\n\nconst notAuthenticated: HubSpotProxy = {\n authenticated: false,\n fetch: async (): Promise<Response> => {\n return new Response(null, {\n status: 401,\n statusText: 'Unauthorized',\n headers: {\n 'Content-Type': 'application/json',\n },\n });\n },\n};\n\nconst EMPTY_HEADERS = {};\n\nexport function createHubSpotProxy(\n options: CreateHubSpotProxyOptions\n): HubSpotProxy {\n const { userCredentials, appKeys, logger = noopLogger } = options;\n\n if (isHubspotDpopEnabled() && appKeys === null) {\n throw new Error(\n 'createHubSpotProxy: appKeys is required when HUBSPOT_DPOP_ENABLED is not false'\n );\n }\n\n const { accessToken, sessionId } = userCredentials;\n\n if (!accessToken || !sessionId) {\n logger.debug(\n 'createHubSpotProxy: returning unauthenticated proxy (missing cookies)'\n );\n return notAuthenticated;\n }\n\n async function proxyFetch(request: HubSpotProxyRequest): Promise<Response> {\n const { path, method = 'GET', headers = EMPTY_HEADERS, body } = request;\n\n const targetUrl = `${HUBSPOT_API_ORIGIN}${path}`;\n const useDpop = isHubspotDpopEnabled();\n\n let authorizationHeaders: Record<string, string>;\n if (useDpop) {\n const ath = await sha256base64url(accessToken!);\n const sid = await sha256base64url(sessionId!);\n const dpopProof = await signDpopProof({\n appKeys: appKeys!,\n claims: {\n htm: method,\n htu: targetUrl,\n jti: crypto.randomUUID(),\n iat: Math.floor(Date.now() / 1000),\n ath,\n sid,\n },\n });\n authorizationHeaders = {\n Authorization: `DPoP ${accessToken}`,\n DPoP: dpopProof,\n };\n } else {\n authorizationHeaders = {\n Authorization: `Bearer ${accessToken}`,\n };\n }\n\n const finalHeaders = { ...headers, ...authorizationHeaders };\n\n const requestInit: RequestInit = {\n headers: finalHeaders,\n method,\n };\n\n if (body != null) {\n requestInit.body = body;\n }\n\n return fetch(targetUrl, requestInit);\n }\n\n return {\n authenticated: true,\n fetch: proxyFetch,\n };\n}\n"],"mappings":";;;;;AAWA,MAAM,qBAAqB,WAAW,qBAAqB;AAoB3D,MAAM,mBAAiC;CACrC,eAAe;CACf,OAAO,YAA+B;EACpC,OAAO,IAAI,SAAS,MAAM;GACxB,QAAQ;GACR,YAAY;GACZ,SAAS,EACP,gBAAgB,oBACjB;GACF,CAAC;;CAEL;AAED,MAAM,gBAAgB,EAAE;AAExB,SAAgB,mBACd,SACc;CACd,MAAM,EAAE,iBAAiB,SAAS,SAAS,eAAe;CAE1D,IAAI,sBAAsB,IAAI,YAAY,MACxC,MAAM,IAAI,MACR,iFACD;CAGH,MAAM,EAAE,aAAa,cAAc;CAEnC,IAAI,CAAC,eAAe,CAAC,WAAW;EAC9B,OAAO,MACL,wEACD;EACD,OAAO;;CAGT,eAAe,WAAW,SAAiD;EACzE,MAAM,EAAE,MAAM,SAAS,OAAO,UAAU,eAAe,SAAS;EAEhE,MAAM,YAAY,GAAG,qBAAqB;EAC1C,MAAM,UAAU,sBAAsB;EAEtC,IAAI;EACJ,IAAI,SAAS;GACX,MAAM,MAAM,MAAM,gBAAgB,YAAa;GAC/C,MAAM,MAAM,MAAM,gBAAgB,UAAW;GAC7C,MAAM,YAAY,MAAM,cAAc;IAC3B;IACT,QAAQ;KACN,KAAK;KACL,KAAK;KACL,KAAK,OAAO,YAAY;KACxB,KAAK,KAAK,MAAM,KAAK,KAAK,GAAG,IAAK;KAClC;KACA;KACD;IACF,CAAC;GACF,uBAAuB;IACrB,eAAe,QAAQ;IACvB,MAAM;IACP;SAED,uBAAuB,EACrB,eAAe,UAAU,eAC1B;EAKH,MAAM,cAA2B;GAC/B,SAAS;IAHY,GAAG;IAAS,GAAG;IAGf;GACrB;GACD;EAED,IAAI,QAAQ,MACV,YAAY,OAAO;EAGrB,OAAO,MAAM,WAAW,YAAY;;CAGtC,OAAO;EACL,eAAe;EACf,OAAO;EACR"}
|