@juit/pgproxy-server 1.0.0

package/dist/server.mjs

@@ -0,0 +1,355 @@
+// server.ts
+import assert from "node:assert";
+import { randomUUID } from "node:crypto";
+import { createServer, STATUS_CODES } from "node:http";
+import { resolve } from "node:path";
+import { parse as parseQueryString } from "node:querystring";
+import { ConnectionPool } from "@juit/pgproxy-pool";
+import { WebSocketServer } from "ws";
+import { verifyToken } from "./token.mjs";
+var ServerImpl = class {
+  /* Keep those as private class members, they contain auth data... */
+  #tokens = {};
+  #pool;
+  #secret;
+  _server;
+  _logger;
+  _healthCheck;
+  _backlog;
+  _address;
+  _port;
+  _started = false;
+  _stopped = false;
+  constructor(logger, options) {
+    const { address, port, backlog, secret, healthCheck, pool, ...serverOptions } = options;
+    this.#pool = new ConnectionPool(logger, pool);
+    this.#secret = secret;
+    this._healthCheck = healthCheck ? resolve("/", healthCheck) : null;
+    this._backlog = backlog;
+    this._address = address;
+    this._logger = logger;
+    this._port = port;
+    this._server = createServer(serverOptions);
+    const wss = new WebSocketServer({ noServer: true });
+    this._server.on("request", (req, res) => this._requestHandler(req, res));
+    this._server.on("upgrade", (req, sock, head) => this._upgradeHandler(req, sock, head, wss));
+    this._server.on("close", () => {
+      wss.close((wssError) => {
+        if (wssError)
+          logger.error("Error closing WebSocket server:", wssError);
+        try {
+          this.#pool.stop();
+        } catch (poolError) {
+          logger.error("Error closing connection pool:", poolError);
+        } finally {
+          this._logger.info("DB proxy server stopped");
+        }
+      });
+    });
+  }
+  _catchError(message) {
+    return (error) => this._logger.error(message, error);
+  }
+  /* ======================================================================== *
+   * PROPERTIES                                                               *
+   * ======================================================================== */
+  get address() {
+    const address = this._server?.address();
+    assert(address, "Server not started");
+    return address;
+  }
+  /* coverage ignore next */
+  get url() {
+    const { address, family, port } = this.address;
+    if (family === "IPv6")
+      return new URL(`http://[${address}]:${port}/`);
+    if (family === "IPv4")
+      return new URL(`http://${address}:${port}/`);
+    throw new Error(`Unsupported address family "${family}"`);
+  }
+  get stats() {
+    return this.#pool.stats;
+  }
+  /* ======================================================================== *
+   * LIFECYCLE METHODS                                                        *
+   * ======================================================================== */
+  async start() {
+    assert(!this._started, "Server already started");
+    this._started = true;
+    this._logger.debug("Starting server");
+    await this.#pool.start();
+    await new Promise((resolve2, reject) => {
+      this._server.on("error", reject);
+      this._server.listen(this._port, this._address, this._backlog, () => {
+        this._server.off("error", reject);
+        resolve2();
+      });
+    });
+    this._server.on(
+      "error",
+      /* coverage ignore next */
+      (error) => {
+        this._logger.error("Server Error:", error);
+        this.stop().catch(this._catchError("Error stopping server")).finally(() => process.exit(1));
+      }
+    );
+    setInterval(() => {
+      const now = Date.now();
+      for (const [token, expiry] of Object.entries(this.#tokens)) {
+        if (expiry < now)
+          delete this.#tokens[token];
+      }
+    }).unref();
+    this._logger.info(`DB proxy server started at ${this.url}`);
+    if (this._healthCheck) {
+      this._logger.info(`Unauthenticated health check available at "${this._healthCheck}"`);
+    }
+    this._logger.info("Connection pool options");
+    for (const [key, value] of Object.entries(this.#pool.configuration)) {
+      const name = key.replaceAll(/[A-Z]/g, (c) => ` ${c.toLowerCase()}`);
+      this._logger.info(`- ${name}: ${value}`);
+    }
+    return this;
+  }
+  async stop() {
+    assert(this._started, "Server never started");
+    assert(!this._stopped, "Server already stopped");
+    this._stopped = true;
+    this._logger.info(`Stopping DB proxy server at "${this.url}"`);
+    await new Promise(
+      /* coverage ignore next */
+      (resolve2, reject) => {
+        this._server.close((error) => error ? reject(error) : resolve2());
+      }
+    );
+  }
+  /* ======================================================================== *
+   * REQUEST HANDLING                                                         *
+   * ======================================================================== */
+  _sendResponse(object, statusCode, request, response) {
+    new Promise((resolve2, reject) => {
+      try {
+        const json = JSON.stringify(object);
+        const buffer = Buffer.from(json, "utf-8");
+        response.statusCode = statusCode;
+        response.setHeader("content-type", "application/json");
+        response.setHeader("content-length", buffer.length);
+        response.write(buffer, (error) => {
+          if (error)
+            reject(error);
+          else
+            resolve2();
+        });
+      } catch (error) {
+        reject(error);
+      }
+    }).catch(
+      /* coverage ignore next */
+      (error) => {
+        this._logger.error(`Error handling request "${request.url}"`, error);
+        response.statusCode = 500;
+      }
+    ).finally(() => response.end());
+  }
+  _healthCheckHandler(request, response) {
+    if (request.url !== this._healthCheck) {
+      response.statusCode = 404;
+      return void response.end();
+    }
+    void Promise.resolve().then(async () => {
+      const stats = { ...this.stats };
+      const start = process.hrtime.bigint();
+      const connection = await this.#pool.acquire();
+      const queryStart = process.hrtime.bigint();
+      try {
+        await connection.query("SELECT now()");
+      } finally {
+        this.#pool.release(connection);
+      }
+      const queryEnd = process.hrtime.bigint();
+      const latency = Math.floor(Number(queryEnd - start) / 1e4) / 100;
+      const connTime = Math.floor(Number(queryStart - start) / 1e4) / 100;
+      const queryTime = Math.floor(Number(queryEnd - queryStart) / 1e4) / 100;
+      return { ...stats, latency, connTime, queryTime };
+    }).then((data) => {
+      const { connTime, queryTime, ...stats } = data;
+      this._sendResponse(stats, 200, request, response);
+      this._logger.info(`Handled Health check with latency of ${data.latency} ms (connection ${connTime} ms, query ${queryTime} ms)`);
+    });
+  }
+  _requestHandler(request, response) {
+    if (request.method === "GET")
+      return this._healthCheckHandler(request, response);
+    const statusCode = this._validateAuth(request);
+    if (statusCode !== 200) {
+      response.statusCode = statusCode;
+      return void response.end();
+    }
+    if (request.method !== "POST") {
+      response.statusCode = 405;
+      return void response.end();
+    }
+    if (request.headers["content-type"] !== "application/json") {
+      response.statusCode = 415;
+      return void response.end();
+    }
+    const now = process.hrtime.bigint();
+    void Promise.resolve().then(async () => {
+      const string = await this._readRequest(request);
+      const payload = this._validatePayload(string);
+      if (!payload.valid) {
+        return { id: payload.id, statusCode: 400, error: payload.error };
+      }
+      let connection;
+      try {
+        const now2 = process.hrtime.bigint();
+        connection = await this.#pool.acquire();
+        const ms = Number(process.hrtime.bigint() - now2) / 1e6;
+        this._logger.debug(`Acquired connection ${connection.id} in ${ms} ms`);
+      } catch (error) {
+        this._logger.error("Error acquiring connection:", error);
+        return { id: payload.id, statusCode: 500, error: "Error acquiring connection" };
+      }
+      try {
+        const result = await connection.query(payload.query, payload.params);
+        return { ...result, statusCode: 200, id: payload.id };
+      } catch (error) {
+        return { id: payload.id, statusCode: 400, error: error.message };
+      } finally {
+        this.#pool.release(connection);
+      }
+    }).then((data) => {
+      this._sendResponse(data, data.statusCode, request, response);
+      const ms = Math.floor(Number(process.hrtime.bigint() - now) / 1e4) / 100;
+      this._logger.info(`Handled "${data.command}" HTTP request in ${ms} ms`);
+    });
+  }
+  _upgradeHandler(request, socket, head, wss) {
+    const statusCode = this._validateAuth(request);
+    if (statusCode !== 200) {
+      const onSocketError = (error) => {
+        this._logger.error("Socket error", error);
+        socket.destroy();
+      };
+      socket.on("error", onSocketError);
+      socket.write(`HTTP/1.1 ${statusCode} ${STATUS_CODES[statusCode]}\r
+\r
+`);
+      socket.destroy();
+      socket.off("error", onSocketError);
+      return;
+    }
+    wss.handleUpgrade(request, socket, head, (ws) => {
+      const promise = this.#pool.acquire().catch(
+        /* coverage ignore next */
+        (error) => {
+          this._logger.error("Error acquiring connection for WebSocket:", error);
+          ws.close();
+        }
+      );
+      const release = () => void promise.then((connection) => connection && this.#pool.release(connection)).catch(this._catchError("Error releasing connection for WebSocket:"));
+      const send = (data) => {
+        const message = JSON.stringify(data);
+        ws.send(message, (error) => {
+          if (error) {
+            this._logger.error("Error sending WebSocket response:", error);
+            ws.close();
+          }
+        });
+      };
+      ws.on(
+        "error",
+        /* coverage ignore next */
+        (error) => {
+          this._logger.error("WebSocket error", error);
+          release();
+        }
+      );
+      ws.on("close", (code, reason) => {
+        const extra = reason.toString("utf-8");
+        extra ? this._logger.info(`WebSocket closed (${code}):`, extra) : this._logger.info(`WebSocket closed (${code}):`);
+        release();
+      });
+      ws.on("message", (data) => {
+        const now = process.hrtime.bigint();
+        const payload = this._validatePayload(data.toString("utf-8"));
+        if (!payload.valid) {
+          send({ id: payload.id, statusCode: 400, error: payload.error });
+        } else {
+          promise.then(async (connection) => {
+            if (!connection)
+              return;
+            try {
+              const result = await connection.query(payload.query, payload.params);
+              const ms = Math.floor(Number(process.hrtime.bigint() - now) / 1e4) / 100;
+              this._logger.info(`Handled "${result.command}" WebSocket request in ${ms} ms`);
+              return send({ ...result, statusCode: 200, id: payload.id });
+            } catch (error) {
+              return send({ id: payload.id, statusCode: 400, error: error.message });
+            }
+          }).catch(this._catchError("Error querying in websocket"));
+        }
+      });
+    });
+  }
+  /* ======================================================================== *
+   * INTERNALS                                                                *
+   * ======================================================================== */
+  /**  Read the body of an HTTP request fully */
+  _readRequest(stream) {
+    return new Promise((resolve2, reject) => {
+      const buffers = [];
+      stream.on(
+        "error",
+        /* coverage ignore next */
+        (error) => reject(error)
+      );
+      stream.on("data", (buffer) => buffers.push(buffer));
+      stream.on("end", () => resolve2(Buffer.concat(buffers)));
+      if (stream.isPaused())
+        stream.resume();
+    }).then((buffer) => buffer.toString("utf-8"));
+  }
+  /** Parse a payload string as JSON and validate it */
+  _validatePayload(string) {
+    try {
+      const payload = JSON.parse(string || "{}");
+      const id = payload?.id ? `${payload.id}` : randomUUID();
+      if (!payload?.query) {
+        return { id, valid: false, error: "Invalid payload (or query missing)" };
+      }
+      if (typeof payload.query !== "string") {
+        return { id, valid: false, error: "Query is not a string" };
+      }
+      if (payload.params && !Array.isArray(payload.params)) {
+        return { id, valid: false, error: "Parameters are not an array" };
+      }
+      return { id, valid: true, query: payload.query, params: payload.params };
+    } catch (error) {
+      return { id: randomUUID(), valid: false, error: "Error parsing JSON" };
+    }
+  }
+  /** Validate a request (it must have an "auth" query parameter) */
+  _validateAuth(request) {
+    const auth = parseQueryString(request.url.split("?")[1] || "").auth;
+    if (typeof auth !== "string")
+      return 401;
+    try {
+      const token = verifyToken(auth, this.#secret);
+      if (token in this.#tokens) {
+        this._logger.error("Attempted to reuse an existing token");
+        return 403;
+      }
+      this.#tokens[token] = Date.now() + 6e4;
+      return 200;
+    } catch (error) {
+      this._logger.error(error);
+      return 403;
+    }
+  }
+};
+var Server = ServerImpl;
+export {
+  Server
+};
+//# sourceMappingURL=server.mjs.map

package/dist/server.mjs.map

@@ -0,0 +1,6 @@
+{
+  "version": 3,
+  "sources": ["../src/server.ts"],
+  "mappings": ";AAAA,OAAO,YAAY;AACnB,SAAS,kBAAkB;AAC3B,SAAS,cAAc,oBAAoB;AAC3C,SAAS,eAAe;AACxB,SAAS,SAAS,wBAAwB;AAE1C,SAAS,sBAAsB;AAC/B,SAAS,uBAAuB;AAEhC,SAAS,mBAAmB;AAuE5B,IAAM,aAAN,MAAmC;AAAA;AAAA,EAExB,UAAkC,CAAC;AAAA,EACnC;AAAA,EACA;AAAA,EAEQ;AAAA,EACA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAET,WAAoB;AAAA,EACpB,WAAoB;AAAA,EAE5B,YAAY,QAAgB,SAAwB;AAClD,UAAM,EAAE,SAAS,MAAM,SAAS,QAAQ,aAAa,MAAM,GAAG,cAAc,IAAI;AAEhF,SAAK,QAAQ,IAAI,eAAe,QAAQ,IAAI;AAC5C,SAAK,UAAU;AAEf,SAAK,eAAe,cAAc,QAAQ,KAAK,WAAW,IAAI;AAC9D,SAAK,WAAW;AAChB,SAAK,WAAW;AAChB,SAAK,UAAU;AACf,SAAK,QAAQ;AAGb,SAAK,UAAU,aAAa,aAAa;AACzC,UAAM,MAAM,IAAI,gBAAgB,EAAE,UAAU,KAAK,CAAC;AAGlD,SAAK,QAAQ,GAAG,WAAW,CAAC,KAAK,QAAQ,KAAK,gBAAgB,KAAK,GAAG,CAAC;AACvE,SAAK,QAAQ,GAAG,WAAW,CAAC,KAAK,MAAM,SAAS,KAAK,gBAAgB,KAAK,MAAM,MAAM,GAAG,CAAC;AAC1F,SAAK,QAAQ,GAAG,SAAS,MAAM;AAC7B,UAAI,MAAM,CAAC,aAAa;AAEtB,YAAI;AAAU,iBAAO,MAAM,mCAAmC,QAAQ;AAEtE,YAAI;AACF,eAAK,MAAM,KAAK;AAAA,QAClB,SAAS,WAAW;AAClB,iBAAO,MAAM,kCAAkC,SAAS;AAAA,QAC1D,UAAE;AACA,eAAK,QAAQ,KAAK,yBAAyB;AAAA,QAC7C;AAAA,MACF,CAAC;AAAA,IACH,CAAC;AAAA,EACH;AAAA,EAEQ,YAAY,SAAuC;AAEzD,WAAO,CAAC,UAAU,KAAK,QAAQ,MAAM,SAAS,KAAK;AAAA,EACrD;AAAA;AAAA;AAAA;AAAA,EAMA,IAAI,UAAuB;AACzB,UAAM,UAAU,KAAK,SAAS,QAAQ;AACtC,WAAO,SAAS,oBAAoB;AACpC,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,IAAI,MAAW;AACb,UAAM,EAAE,SAAS,QAAQ,KAAK,IAAI,KAAK;AACvC,QAAI,WAAW;AAAQ,aAAO,IAAI,IAAI,WAAW,OAAO,KAAK,IAAI,GAAG;AACpE,QAAI,WAAW;AAAQ,aAAO,IAAI,IAAI,UAAU,OAAO,IAAI,IAAI,GAAG;AAClE,UAAM,IAAI,MAAM,+BAA+B,MAAM,GAAG;AAAA,EAC1D;AAAA,EAEA,IAAI,QAA6B;AAC/B,WAAO,KAAK,MAAM;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,QAAyB;AAC7B,WAAO,CAAE,KAAK,UAAU,wBAAwB;AAChD,SAAK,WAAW;AAGhB,SAAK,QAAQ,MAAM,iBAAiB;AAGpC,UAAM,KAAK,MAAM,MAAM;AAGvB,UAAM,IAAI,QAAc,CAACA,UAAS,WAAW;AAC3C,WAAK,QAAQ,GAAG,SAAS,MAAM;AAC/B,WAAK,QAAQ,OAAO,KAAK,OAAO,KAAK,UAAU,KAAK,UAAU,MAAM;AAClE,aAAK,QAAQ,IAAI,SAAS,MAAM;AAChC,QAAAA,SAAQ;AAAA,MACV,CAAC;AAAA,IACH,CAAC;AAGD,SAAK,QAAQ;AAAA,MAAG;AAAA;AAAA,MAAoC,CAAC,UAAU;AAC7D,aAAK,QAAQ,MAAM,iBAAiB,KAAK;AACzC,aAAK,KAAK,EACL,MAAM,KAAK,YAAY,uBAAuB,CAAC,EAC/C,QAAQ,MAAM,QAAQ,KAAK,CAAC,CAAC;AAAA,MACpC;AAAA,IAAC;AAGD,gBAAY,MAAM;AAChB,YAAM,MAAM,KAAK,IAAI;AACrB,iBAAW,CAAE,OAAO,MAAO,KAAK,OAAO,QAAQ,KAAK,OAAO,GAAG;AAE5D,YAAI,SAAS;AAAK,iBAAO,KAAK,QAAQ,KAAK;AAAA,MAC7C;AAAA,IACF,CAAC,EAAE,MAAM;AAGT,SAAK,QAAQ,KAAK,8BAA8B,KAAK,GAAG,EAAE;AAC1D,QAAI,KAAK,cAAc;AACrB,WAAK,QAAQ,KAAK,8CAA8C,KAAK,YAAY,GAAG;AAAA,IACtF;AACA,SAAK,QAAQ,KAAK,yBAAyB;AAC3C,eAAW,CAAE,KAAK,KAAM,KAAK,OAAO,QAAQ,KAAK,MAAM,aAAa,GAAG;AACrE,YAAM,OAAO,IAAI,WAAW,UAAU,CAAC,MAAM,IAAI,EAAE,YAAY,CAAC,EAAE;AAClE,WAAK,QAAQ,KAAK,KAAK,IAAI,KAAK,KAAK,EAAE;AAAA,IACzC;AAGA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,OAAsB;AAC1B,WAAO,KAAK,UAAU,sBAAsB;AAC5C,WAAO,CAAE,KAAK,UAAU,wBAAwB;AAChD,SAAK,WAAW;AAEhB,SAAK,QAAQ,KAAK,gCAAgC,KAAK,GAAG,GAAG;AAC7D,UAAM,IAAI;AAAA;AAAA,MAA0C,CAACA,UAAS,WAAW;AACvE,aAAK,QAAQ,MAAM,CAAC,UAAU,QAAQ,OAAO,KAAK,IAAIA,SAAQ,CAAC;AAAA,MACjE;AAAA,IAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAMQ,cACJ,QACA,YACA,SACA,UACI;AACN,QAAI,QAAc,CAACA,UAAS,WAAW;AAErC,UAAI;AACF,cAAM,OAAO,KAAK,UAAU,MAAM;AAClC,cAAM,SAAS,OAAO,KAAK,MAAM,OAAO;AAExC,iBAAS,aAAa;AACtB,iBAAS,UAAU,gBAAgB,kBAAkB;AACrD,iBAAS,UAAU,kBAAkB,OAAO,MAAM;AAClD,iBAAS,MAAM,QAAQ,CAAC,UAAU;AAChC,cAAI;AAAkC,mBAAO,KAAK;AAAA;AAC7C,YAAAA,SAAQ;AAAA,QACf,CAAC;AAAA,MACH,SAAS,OAAO;AACd,eAAO,KAAK;AAAA,MACd;AAAA,IACF,CAAC,EAAE;AAAA;AAAA,MAAkC,CAAC,UAAU;AAC9C,aAAK,QAAQ,MAAM,2BAA2B,QAAQ,GAAG,KAAK,KAAK;AACnE,iBAAS,aAAa;AAAA,MACxB;AAAA,IAAC,EAAE,QAAQ,MAAM,SAAS,IAAI,CAAC;AAAA,EACjC;AAAA,EAEQ,oBAAoB,SAAsB,UAA8B;AAE9E,QAAI,QAAQ,QAAQ,KAAK,cAAc;AACrC,eAAS,aAAa;AACtB,aAAO,KAAK,SAAS,IAAI;AAAA,IAC3B;AAEA,SAAK,QAAQ,QAAQ,EAAE,KAAK,YAAY;AAEtC,YAAM,QAAQ,EAAE,GAAG,KAAK,MAAM;AAG9B,YAAM,QAAQ,QAAQ,OAAO,OAAO;AACpC,YAAM,aAAa,MAAM,KAAK,MAAM,QAAQ;AAC5C,YAAM,aAAa,QAAQ,OAAO,OAAO;AACzC,UAAI;AACF,cAAM,WAAW,MAAM,cAAc;AAAA,MACvC,UAAE;AACA,aAAK,MAAM,QAAQ,UAAU;AAAA,MAC/B;AACA,YAAM,WAAW,QAAQ,OAAO,OAAO;AAGvC,YAAM,UAAU,KAAK,MAAM,OAAO,WAAW,KAAK,IAAI,GAAK,IAAI;AAC/D,YAAM,WAAW,KAAK,MAAM,OAAO,aAAa,KAAK,IAAI,GAAK,IAAI;AAClE,YAAM,YAAY,KAAK,MAAM,OAAO,WAAW,UAAU,IAAI,GAAK,IAAI;AAEtE,aAAO,EAAE,GAAG,OAAO,SAAS,UAAU,UAAU;AAAA,IAClD,CAAC,EAAE,KAAK,CAAC,SAAS;AAChB,YAAM,EAAE,UAAU,WAAW,GAAG,MAAM,IAAI;AAC1C,WAAK,cAAc,OAAO,KAAK,SAAS,QAAQ;AAChD,WAAK,QAAQ,KAAK,wCAAwC,KAAK,OAAO,mBAAmB,QAAQ,cAAc,SAAS,MAAM;AAAA,IAChI,CAAC;AAAA,EACH;AAAA,EAEQ,gBAAgB,SAAsB,UAA8B;AAE1E,QAAI,QAAQ,WAAW;AAAO,aAAO,KAAK,oBAAoB,SAAS,QAAQ;AAG/E,UAAM,aAAa,KAAK,cAAc,OAAO;AAC7C,QAAI,eAAe,KAAK;AACtB,eAAS,aAAa;AACtB,aAAO,KAAK,SAAS,IAAI;AAAA,IAC3B;AAGA,QAAI,QAAQ,WAAW,QAAQ;AAC7B,eAAS,aAAa;AACtB,aAAO,KAAK,SAAS,IAAI;AAAA,IAC3B;AAGA,QAAI,QAAQ,QAAQ,cAAc,MAAM,oBAAoB;AAC1D,eAAS,aAAa;AACtB,aAAO,KAAK,SAAS,IAAI;AAAA,IAC3B;AAGA,UAAM,MAAM,QAAQ,OAAO,OAAO;AAClC,SAAK,QAAQ,QAAQ,EAAE,KAAK,YAA+B;AAEzD,YAAM,SAAS,MAAM,KAAK,aAAa,OAAO;AAC9C,YAAM,UAAU,KAAK,iBAAiB,MAAM;AAG5C,UAAI,CAAE,QAAQ,OAAO;AACnB,eAAO,EAAE,IAAI,QAAQ,IAAI,YAAY,KAAK,OAAO,QAAQ,MAAM;AAAA,MACjE;AAGA,UAAI;AAEJ,UAAI;AACF,cAAMC,OAAM,QAAQ,OAAO,OAAO;AAClC,qBAAa,MAAM,KAAK,MAAM,QAAQ;AACtC,cAAM,KAAK,OAAO,QAAQ,OAAO,OAAO,IAAIA,IAAG,IAAI;AACnD,aAAK,QAAQ,MAAM,uBAAuB,WAAW,EAAE,OAAO,EAAE,KAAK;AAAA,MACvE,SAAS,OAAO;AACd,aAAK,QAAQ,MAAM,+BAA+B,KAAK;AACvD,eAAO,EAAE,IAAI,QAAQ,IAAI,YAAY,KAAK,OAAO,6BAA6B;AAAA,MAChF;AAGA,UAAI;AACF,cAAM,SAAS,MAAM,WAAW,MAAM,QAAQ,OAAO,QAAQ,MAAM;AACnE,eAAO,EAAE,GAAG,QAAQ,YAAY,KAAK,IAAI,QAAQ,GAAG;AAAA,MACtD,SAAS,OAAY;AACnB,eAAO,EAAE,IAAI,QAAQ,IAAI,YAAY,KAAK,OAAO,MAAM,QAAQ;AAAA,MACjE,UAAE;AACA,aAAK,MAAM,QAAQ,UAAU;AAAA,MAC/B;AAAA,IACF,CAAC,EAAE,KAAK,CAAC,SAAS;AAChB,WAAK,cAAc,MAAM,KAAK,YAAY,SAAS,QAAQ;AAC3D,YAAM,KAAK,KAAK,MAAM,OAAO,QAAQ,OAAO,OAAO,IAAI,GAAG,IAAI,GAAK,IAAI;AACvE,WAAK,QAAQ,KAAK,YAAY,KAAK,OAAO,qBAAqB,EAAE,KAAK;AAAA,IACxE,CAAC;AAAA,EACH;AAAA,EAEQ,gBAAgB,SAAsB,QAAgB,MAAc,KAA4B;AAEtG,UAAM,aAAa,KAAK,cAAc,OAAO;AAC7C,QAAI,eAAe,KAAK;AAEtB,YAAM,gBAAgB,CAAC,UAAuB;AAC5C,aAAK,QAAQ,MAAM,gBAAgB,KAAK;AACxC,eAAO,QAAQ;AAAA,MACjB;AAEA,aAAO,GAAG,SAAS,aAAa;AAChC,aAAO,MAAM,YAAY,UAAU,IAAI,aAAa,UAAU,CAAC;AAAA;AAAA,CAAU;AACzE,aAAO,QAAQ;AACf,aAAO,IAAI,SAAS,aAAa;AACjC;AAAA,IACF;AAGA,QAAI,cAAc,SAAS,QAAQ,MAAM,CAAC,OAAO;AAE/C,YAAM,UAAU,KAAK,MAAM,QAAQ,EAC9B;AAAA;AAAA,QAAkC,CAAC,UAAU;AAC5C,eAAK,QAAQ,MAAM,6CAA6C,KAAK;AACrE,aAAG,MAAM;AAAA,QACX;AAAA,MAAC;AAGL,YAAM,UAAU,MAAY,KAAK,QAC5B,KAAK,CAAC,eAAe,cAAc,KAAK,MAAM,QAAQ,UAAU,CAAC,EACjE,MAAM,KAAK,YAAY,2CAA2C,CAAC;AAGxE,YAAM,OAAO,CAAC,SAAyB;AACrC,cAAM,UAAU,KAAK,UAAU,IAAI;AACnC,WAAG,KAAK,SAAS,CAAC,UAAU;AAE1B,cAAI,OAAO;AACT,iBAAK,QAAQ,MAAM,qCAAqC,KAAK;AAC7D,eAAG,MAAM;AAAA,UACX;AAAA,QACF,CAAC;AAAA,MACH;AAGA,SAAG;AAAA,QAAG;AAAA;AAAA,QAAoC,CAAC,UAAU;AACnD,eAAK,QAAQ,MAAM,mBAAmB,KAAK;AAC3C,kBAAQ;AAAA,QACV;AAAA,MAAC;AAGD,SAAG,GAAG,SAAS,CAAC,MAAM,WAAW;AAC/B,cAAM,QAAQ,OAAO,SAAS,OAAO;AACrC,gBACE,KAAK,QAAQ,KAAK,qBAAqB,IAAI,MAAM,KAAK,IACtD,KAAK,QAAQ,KAAK,qBAAqB,IAAI,IAAI;AACjD,gBAAQ;AAAA,MACV,CAAC;AAGD,SAAG,GAAG,WAAW,CAAC,SAAS;AACzB,cAAM,MAAM,QAAQ,OAAO,OAAO;AAClC,cAAM,UAAU,KAAK,iBAAiB,KAAK,SAAS,OAAO,CAAC;AAC5D,YAAI,CAAE,QAAQ,OAAO;AACnB,eAAK,EAAE,IAAI,QAAQ,IAAI,YAAY,KAAK,OAAO,QAAQ,MAAM,CAAC;AAAA,QAChE,OAAO;AACL,kBAAQ,KAAK,OAAO,eAAe;AAGjC,gBAAI,CAAE;AAAY;AAClB,gBAAI;AACF,oBAAM,SAAS,MAAM,WAAW,MAAM,QAAQ,OAAO,QAAQ,MAAM;AAEnE,oBAAM,KAAK,KAAK,MAAM,OAAO,QAAQ,OAAO,OAAO,IAAI,GAAG,IAAI,GAAK,IAAI;AACvE,mBAAK,QAAQ,KAAK,YAAY,OAAO,OAAO,0BAA0B,EAAE,KAAK;AAC7E,qBAAO,KAAK,EAAE,GAAG,QAAQ,YAAY,KAAK,IAAI,QAAQ,GAAG,CAAC;AAAA,YAC5D,SAAS,OAAY;AACnB,qBAAO,KAAK,EAAE,IAAI,QAAQ,IAAI,YAAY,KAAK,OAAO,MAAM,QAAQ,CAAC;AAAA,YACvE;AAAA,UACF,CAAC,EAAE,MAAM,KAAK,YAAY,6BAA6B,CAAC;AAAA,QAC1D;AAAA,MACF,CAAC;AAAA,IACH,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA,EAOQ,aAAa,QAAsC;AACzD,WAAO,IAAI,QAAgB,CAACD,UAAS,WAAW;AAC9C,YAAM,UAAoB,CAAC;AAE3B,aAAO;AAAA,QAAG;AAAA;AAAA,QAAoC,CAAC,UAAU,OAAO,KAAK;AAAA,MAAC;AACtE,aAAO,GAAG,QAAQ,CAAC,WAAW,QAAQ,KAAK,MAAM,CAAC;AAClD,aAAO,GAAG,OAAO,MAAMA,SAAQ,OAAO,OAAO,OAAO,CAAC,CAAC;AAGtD,UAAI,OAAO,SAAS;AAAG,eAAO,OAAO;AAAA,IACvC,CAAC,EAAE,KAAK,CAAC,WAAW,OAAO,SAAS,OAAO,CAAC;AAAA,EAC9C;AAAA;AAAA,EAGQ,iBAAiB,QAAyB;AAChD,QAAI;AACF,YAAM,UAAU,KAAK,MAAM,UAAU,IAAI;AACzC,YAAM,KAAK,SAAS,KAAK,GAAG,QAAQ,EAAE,KAAK,WAAW;AAEtD,UAAI,CAAE,SAAS,OAAO;AACpB,eAAO,EAAE,IAAI,OAAO,OAAO,OAAO,qCAAqC;AAAA,MACzE;AACA,UAAI,OAAO,QAAQ,UAAU,UAAU;AACrC,eAAO,EAAE,IAAI,OAAO,OAAO,OAAO,wBAAwB;AAAA,MAC5D;AACA,UAAI,QAAQ,UAAW,CAAE,MAAM,QAAQ,QAAQ,MAAM,GAAI;AACvD,eAAO,EAAE,IAAI,OAAO,OAAO,OAAO,8BAA8B;AAAA,MAClE;AAEA,aAAO,EAAE,IAAI,OAAO,MAAM,OAAO,QAAQ,OAAO,QAAQ,QAAQ,OAAO;AAAA,IACzE,SAAS,OAAO;AACd,aAAO,EAAE,IAAI,WAAW,GAAG,OAAO,OAAO,OAAO,qBAAqB;AAAA,IACvE;AAAA,EACF;AAAA;AAAA,EAGQ,cAAc,SAA6C;AAEjE,UAAM,OAAO,iBAAkB,QAAQ,IAAM,MAAM,GAAG,EAAE,CAAC,KAAK,EAAE,EAAE;AAGlE,QAAI,OAAO,SAAS;AAAU,aAAO;AAErC,QAAI;AAEF,YAAM,QAAQ,YAAY,MAAM,KAAK,OAAO;AAG5C,UAAI,SAAS,KAAK,SAAS;AACzB,aAAK,QAAQ,MAAM,sCAAsC;AACzD,eAAO;AAAA,MACT;AAEA,WAAK,QAAQ,KAAK,IAAI,KAAK,IAAI,IAAI;AACnC,aAAO;AAAA,IACT,SAAS,OAAO;AACd,WAAK,QAAQ,MAAM,KAAK;AACxB,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAMO,IAAM,SAET;",
+  "names": ["resolve", "now"]
+}

package/dist/token.cjs

@@ -0,0 +1,53 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// token.ts
+var token_exports = {};
+__export(token_exports, {
+  verifyToken: () => verifyToken
+});
+module.exports = __toCommonJS(token_exports);
+var import_node_assert = __toESM(require("node:assert"));
+var import_node_crypto = require("node:crypto");
+function verifyToken(token, secret) {
+  import_node_assert.default.strictEqual(token.length, 64, `Invalid encoded token length (${token.length} != 64)`);
+  const buffer = Buffer.from(token, "base64url");
+  import_node_assert.default.strictEqual(buffer.length, 48, `Invalid decoded token length (${buffer.length} != 48)`);
+  const timeDelta = buffer.readBigInt64LE(0) - BigInt(Date.now());
+  const absoluteDelta = timeDelta < 0n ? -timeDelta : timeDelta;
+  (0, import_node_assert.default)(absoluteDelta < 10000n, `Timestamp delta out of range (${timeDelta} ms)`);
+  const signature = (0, import_node_crypto.createHmac)("sha256", Buffer.from(secret, "utf8")).update(buffer.subarray(0, 16)).digest();
+  (0, import_node_assert.default)(signature.compare(buffer, 16) === 0, "Token signature mismatch");
+  return buffer.toString("hex", 0, 16).toLowerCase();
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  verifyToken
+});
+//# sourceMappingURL=token.cjs.map

package/dist/token.cjs.map

@@ -0,0 +1,6 @@
+{
+  "version": 3,
+  "sources": ["../src/token.ts"],
+  "mappings": ";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,yBAAmB;AACnB,yBAA2B;AA6BpB,SAAS,YACZ,OACA,QACM;AACR,qBAAAA,QAAO,YAAY,MAAM,QAAQ,IAAI,iCAAiC,MAAM,MAAM,SAAS;AAE3F,QAAM,SAAS,OAAO,KAAK,OAAO,WAAW;AAC7C,qBAAAA,QAAO,YAAY,OAAO,QAAQ,IAAI,iCAAiC,OAAO,MAAM,SAAS;AAG7F,QAAM,YAAY,OAAO,eAAe,CAAC,IAAI,OAAO,KAAK,IAAI,CAAC;AAC9D,QAAM,gBAAgB,YAAY,KAAK,CAAC,YAAY;AACpD,yBAAAA,SAAO,gBAAgB,QAAS,iCAAiC,SAAS,MAAM;AAGhF,QAAM,gBAAY,+BAAW,UAAU,OAAO,KAAK,QAAQ,MAAM,CAAC,EAC7D,OAAO,OAAO,SAAS,GAAG,EAAE,CAAC,EAC7B,OAAO;AAGZ,yBAAAA,SAAO,UAAU,QAAQ,QAAQ,EAAE,MAAM,GAAG,0BAA0B;AACtE,SAAO,OAAO,SAAS,OAAO,GAAG,EAAE,EAAE,YAAY;AACnD;",
+  "names": ["assert"]
+}

package/dist/token.d.ts

@@ -0,0 +1 @@
+export declare function verifyToken(token: string, secret: string): string;

package/dist/token.mjs

@@ -0,0 +1,18 @@
+// token.ts
+import assert from "node:assert";
+import { createHmac } from "node:crypto";
+function verifyToken(token, secret) {
+  assert.strictEqual(token.length, 64, `Invalid encoded token length (${token.length} != 64)`);
+  const buffer = Buffer.from(token, "base64url");
+  assert.strictEqual(buffer.length, 48, `Invalid decoded token length (${buffer.length} != 48)`);
+  const timeDelta = buffer.readBigInt64LE(0) - BigInt(Date.now());
+  const absoluteDelta = timeDelta < 0n ? -timeDelta : timeDelta;
+  assert(absoluteDelta < 10000n, `Timestamp delta out of range (${timeDelta} ms)`);
+  const signature = createHmac("sha256", Buffer.from(secret, "utf8")).update(buffer.subarray(0, 16)).digest();
+  assert(signature.compare(buffer, 16) === 0, "Token signature mismatch");
+  return buffer.toString("hex", 0, 16).toLowerCase();
+}
+export {
+  verifyToken
+};
+//# sourceMappingURL=token.mjs.map

package/dist/token.mjs.map

@@ -0,0 +1,6 @@
+{
+  "version": 3,
+  "sources": ["../src/token.ts"],
+  "mappings": ";AAAA,OAAO,YAAY;AACnB,SAAS,kBAAkB;AA6BpB,SAAS,YACZ,OACA,QACM;AACR,SAAO,YAAY,MAAM,QAAQ,IAAI,iCAAiC,MAAM,MAAM,SAAS;AAE3F,QAAM,SAAS,OAAO,KAAK,OAAO,WAAW;AAC7C,SAAO,YAAY,OAAO,QAAQ,IAAI,iCAAiC,OAAO,MAAM,SAAS;AAG7F,QAAM,YAAY,OAAO,eAAe,CAAC,IAAI,OAAO,KAAK,IAAI,CAAC;AAC9D,QAAM,gBAAgB,YAAY,KAAK,CAAC,YAAY;AACpD,SAAO,gBAAgB,QAAS,iCAAiC,SAAS,MAAM;AAGhF,QAAM,YAAY,WAAW,UAAU,OAAO,KAAK,QAAQ,MAAM,CAAC,EAC7D,OAAO,OAAO,SAAS,GAAG,EAAE,CAAC,EAC7B,OAAO;AAGZ,SAAO,UAAU,QAAQ,QAAQ,EAAE,MAAM,GAAG,0BAA0B;AACtE,SAAO,OAAO,SAAS,OAAO,GAAG,EAAE,EAAE,YAAY;AACnD;",
+  "names": []
+}

package/package.json

@@ -0,0 +1,48 @@
+{
+  "name": "@juit/pgproxy-server",
+  "version": "1.0.0",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.mjs",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "require": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.cjs"
+      },
+      "import": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.mjs"
+      }
+    }
+  },
+  "author": "Juit Developers <developers@juit.com>",
+  "license": "Apache-2.0",
+  "repository": {
+    "type": "git",
+    "url": "git+ssh://git@github.com/juitnow/juit-pgproxy.git"
+  },
+  "keywords": [
+    "database",
+    "pg",
+    "pool",
+    "postgres",
+    "proxy"
+  ],
+  "bugs": {
+    "url": "https://github.com/juitnow/juit-pgproxy/issues"
+  },
+  "homepage": "https://github.com/juitnow/juit-pgproxy#readme",
+  "dependencies": {
+    "@juit/pgproxy-pool": "^1.0.0",
+    "ws": "^8.15.1"
+  },
+  "directories": {
+    "test": "test"
+  },
+  "files": [
+    "*.md",
+    "dist/",
+    "src/"
+  ]
+}

package/src/index.ts

@@ -0,0 +1,25 @@
+import type { ConnectionQueryResult } from '@juit/pgproxy-pool'
+
+export * from './server'
+
+export interface Request {
+  id: string,
+  query: string,
+  params?: (string | null)[],
+}
+
+export interface PositiveResponse extends ConnectionQueryResult {
+  statusCode: 200,
+  error?: never,
+}
+
+export type NegativeResponse = {
+  [ key in keyof ConnectionQueryResult ]?: never
+} & {
+  statusCode: 400 | 500,
+  error: string,
+}
+
+export type Response = {
+  id: string,
+} & ( PositiveResponse | NegativeResponse )