@jitar-plugins/http 0.0.1

package/README.md

@@ -0,0 +1,44 @@
+
+# HTTP | Jitar Plugins
+
+This package provides plugins for integrating the HTTP protocol in Jitar applications.
+
+It contains a single middleware for ensuring the avaiability of the origin header.
+
+## Installation
+
+```bash
+npm install @jitar-plugins/http
+```
+
+## Usage
+
+Follow the following steps to configure and use the provided middleware.
+
+### Step 1 - Configure the middleware
+
+```ts
+// src/middleware/originMiddleware.ts
+
+import OriginMiddleware from '@jitar-plugins/http';
+
+export default new OriginMiddleware();
+```
+
+### Step 2 - Activate the middleware
+
+With the health check in place, it needs to be activated by registering it to the proxy / standalone / worker service.
+
+```json
+/* services/proxy.json */
+{
+    "url": "http://example.com:3000",
+    "middleware": [ /* add middleware here */
+        "./middleware/originMiddleware"
+    ],
+    "proxy":
+    {
+        /* service configuration */
+    }
+}
+```

package/dist/OriginMiddleware.d.ts

@@ -0,0 +1,5 @@
+import type { Middleware, NextHandler, Request, Response } from 'jitar';
+export default class OriginMiddleware implements Middleware {
+    #private;
+    handle(request: Request, next: NextHandler): Promise<Response>;
+}

package/dist/OriginMiddleware.js

@@ -0,0 +1,53 @@
+import { BadRequest } from 'jitar';
+import validator from '@theshelf/validation';
+const ORIGIN_COOKIE_NAME = 'x-client-origin';
+const schema = {
+    origin: {
+        message: 'Invalid origin',
+        URL: {
+            required: true
+        }
+    }
+};
+export default class OriginMiddleware {
+    async handle(request, next) {
+        let fromCookie = true;
+        let origin = this.#getOriginFromCookie(request);
+        if (origin === undefined) {
+            fromCookie = false;
+            origin = this.#getOriginFromHeader(request);
+        }
+        this.#validateOriginValue(origin);
+        // The origin header is validated and set here for use in other middlewares
+        request.setHeader('origin', origin);
+        const response = await next();
+        if (fromCookie === false) {
+            this.#setOriginCookie(response, origin);
+        }
+        return response;
+    }
+    #getOriginFromHeader(request) {
+        return request.getHeader('origin');
+    }
+    #getOriginFromCookie(request) {
+        const header = request.getHeader('cookie');
+        if (header === undefined) {
+            return;
+        }
+        for (const cookie of header.split(';')) {
+            const [key, value] = cookie.split('=');
+            if (key.trim() === ORIGIN_COOKIE_NAME) {
+                return value?.trim();
+            }
+        }
+    }
+    #validateOriginValue(value) {
+        const result = validator.validate({ origin: value }, schema);
+        if (result.invalid) {
+            throw new BadRequest('Invalid origin');
+        }
+    }
+    #setOriginCookie(response, origin) {
+        response.setHeader('Set-Cookie', `${ORIGIN_COOKIE_NAME}=${origin}; Path=/; HttpOnly=true; SameSite=None; Secure`);
+    }
+}

package/dist/index.js

@@ -0,0 +1 @@
+"use strict";

package/package.json

@@ -0,0 +1,23 @@
+{
+  "name": "@jitar-plugins/http",
+  "private": false,
+  "version": "0.0.1",
+  "type": "module",
+  "scripts": {
+    "build": "tsc",
+    "clean": "rimraf dist",
+    "lint": "eslint",
+    "review": "npm run build && npm run lint",
+    "prepublishOnly": "npm run build"
+  },
+  "files": [
+    "README.md",
+    "dist"
+  ],
+  "types": "dist/index.d.ts",
+  "exports": "./dist/index.js",
+  "peerDependencies": {
+    "@theshelf/validation": "^0.0.2",
+    "jitar": "^0.10.3"
+  }
+}