npm - @juspay/shooter - Versions diffs - 1.24.2 → 1.25.0 - Mend

@juspay/shooter 1.24.2 → 1.25.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (163) hide show

package/src/routes/api/notify/+server.ts CHANGED Viewed

@@ -1,12 +1,21 @@
-import type { NotificationData, OptionChoice, ResponseKind } from '$lib/types';
+import type {
+  APNsFanOutResult,
+  AppEnv,
+  DeviceRecord,
+  FCMFanOutResult,
+  NotificationData,
+  OptionChoice,
+  ResponseKind,
+} from '$lib/types';
 import { env } from '$env/dynamic/private';
-import { readPersistedDeviceToken, resolveDeviceToken } from '$lib/modules/server/apn/device-token';
 import { LibraryAPNsService } from '$lib/modules/server/apn/library-apns';
 import { addNotification, getNotifications } from '$lib/modules/server/apn/notification-history';
+import { selectPlatforms, summarizeNotifyDelivery } from '$lib/modules/server/apn/notify-fanout';
 import { createPendingRequest } from '$lib/modules/server/apn/pending-requests';
 import { validateAuth } from '$lib/modules/server/auth';
-import { isFCMConfigured, sendFCMNotification } from '$lib/modules/server/fcm/fcm-service.js';
+import { isFCMConfigured, sendFCMNotificationMulti } from '$lib/modules/server/fcm/fcm-service.js';
+import { deviceTokenStore } from '$lib/modules/server/push/device-token-store';
 import { toErrorMessage } from '$lib/modules/server/utils/error';
 import { broadcastEvent } from '$lib/modules/server/ws/server';
 import { json } from '@sveltejs/kit';
@@ -22,6 +31,73 @@ function getAPNsClient(): LibraryAPNsService {
   return apnsSingleton;
 }
+const EMPTY_APNS_RESULT: APNsFanOutResult = {
+  results: [],
+  staleTokens: [],
+  totalFailed: 0,
+  totalSent: 0,
+};
+const EMPTY_FCM_RESULT: FCMFanOutResult = {
+  failureCount: 0,
+  results: [],
+  staleTokens: [],
+  successCount: 0,
+};
+/** Android tokens to deliver to: active registry rows, else the ANDROID_DEVICE_TOKEN seed. */
+function resolveAndroidTokens(): string[] {
+  const rows = deviceTokenStore.listActive('android');
+  if (rows.length > 0) {
+    return rows.map((r) => r.token);
+  }
+  const seed = env.ANDROID_DEVICE_TOKEN?.trim();
+  return seed ? [seed] : [];
+}
+/**
+ * iOS devices to deliver to: an explicit request override, else all active
+ * registry rows for the server's gateway, else the legacy DEVICE_TOKEN env seed
+ * (so .env-only deployments keep working without ever writing to the DB).
+ */
+function resolveIosDevices(override?: string): DeviceRecord[] {
+  const appEnv = serverApnEnv();
+  if (override) {
+    return [syntheticSeedDevice(override, 'ios', appEnv)];
+  }
+  const rows = deviceTokenStore.listActiveForEnv('ios', appEnv);
+  if (rows.length > 0) {
+    return rows;
+  }
+  const seed = env.DEVICE_TOKEN?.trim();
+  return seed ? [syntheticSeedDevice(seed, 'ios', appEnv)] : [];
+}
+function serverApnEnv(): AppEnv {
+  return env.APNS_PRODUCTION === 'true' ? 'production' : 'sandbox';
+}
+/** A throwaway DeviceRecord wrapping a legacy env-seed or request-override token. */
+function syntheticSeedDevice(
+  token: string,
+  platform: 'android' | 'ios',
+  appEnv: AppEnv
+): DeviceRecord {
+  const nowIso = new Date().toISOString();
+  return {
+    appEnv,
+    bundleId: null,
+    deviceId: null,
+    failureCount: 0,
+    friendlyName: null,
+    id: `seed-${platform}`,
+    isActive: true,
+    lastSeenAt: nowIso,
+    platform,
+    registeredAt: nowIso,
+    token,
+  };
+}
 // NOTIFICATION DEDUPLICATION CACHE
 const notificationCache = new Map<string, number>();
 const DEDUP_WINDOW = 10000; // 10 seconds deduplication window
@@ -136,6 +212,13 @@ function intelligentNotificationFilter(
 ): { reason: string; send: boolean } {
   const source = data?.source || 'unknown';
+  // Never filter a bidirectional (waitForResponse) request: the caller blocks
+  // on polling, and a filtered 200 would read as success:true and hang it for
+  // the full permission timeout. These are also dedup-exempt below.
+  if (waitForResponse) {
+    return { reason: 'Bidirectional request — never filtered', send: true };
+  }
   // Check for duplicate notifications first
   if (isDuplicateNotification(title, message, data, waitForResponse)) {
     return {
@@ -265,7 +348,7 @@ function releaseNotification(title: string, message: string, data?: Notification
 // helpers. This handler grew past the 300-line guideline organically; PR-2
 // adds 4 lines for dynamic-options fields. A dedicated cleanup PR is the
 // right place to split it, not a feature PR.
-// eslint-disable-next-line max-lines-per-function
 export const POST: RequestHandler = async ({ request }) => {
   try {
     // Use singleton APNs client to reuse HTTP/2 connection
@@ -420,175 +503,99 @@ export const POST: RequestHandler = async ({ request }) => {
       title,
     };
-    // Platform-based routing: Android (FCM) or iOS (APNs)
-    const platform = env.DEVICE_PLATFORM || 'ios';
-    if (platform === 'android') {
-      // --- FCM (Android) path ---
-      if (!isFCMConfigured()) {
-        return json(
-          {
-            details:
-              'Missing FCM_PROJECT_ID, FCM_CLIENT_EMAIL, or FCM_PRIVATE_KEY environment variables',
-            error: 'FCM not configured',
-          },
-          { status: 500 }
-        );
-      }
-      // Resolve the FCM target: explicit request token, then the token the
-      // Android app persisted on launch, then the Android-specific env var.
-      // env.DEVICE_TOKEN is intentionally NOT in this chain — it holds the iOS
-      // APNs token, which must never be shipped to FCM in mixed-platform setups.
-      const androidToken = resolveDeviceToken(
-        requestDeviceToken,
-        readPersistedDeviceToken('android'),
-        env.ANDROID_DEVICE_TOKEN
-      );
-      if (!androidToken) {
-        return json(
-          {
-            details:
-              'No Android device token available — set ANDROID_DEVICE_TOKEN, pass deviceToken in the request body, or open the Android app so it can auto-register its FCM token.',
-            error: 'No device token configured',
-          },
-          { status: 500 }
-        );
-      }
+    // Multi-device fan-out. DEVICE_PLATFORM is now a FILTER (unset → both
+    // platforms), not a binary switch. A request-scoped deviceToken override
+    // (config "send test") bypasses the registry and targets one token.
+    const override = requestDeviceToken?.trim() || undefined;
+    const { doAndroid, doIos } = selectPlatforms(env.DEVICE_PLATFORM);
+    // An override is a single token of unknown platform; honour the platform
+    // FILTER (unset → try both) rather than assuming iOS, so an Android override
+    // is not silently dropped when DEVICE_PLATFORM is unset. Firing a token at
+    // the wrong gateway is harmless here because override sends never prune (see
+    // the pruning guard below).
+    const iosDevices: DeviceRecord[] = doIos
+      ? override
+        ? resolveIosDevices(override)
+        : resolveIosDevices()
+      : [];
+    const androidTokens: string[] = doAndroid
+      ? override
+        ? [override]
+        : resolveAndroidTokens()
+      : [];
+    // Collapse permission pushes by requestId so a re-notify replaces (not
+    // stacks) the prompt on every device, and answering on one clears it.
+    const collapseId = waitForResponse ? canonicalRequestId : undefined;
+    const [apnsResult, fcmResult] = await Promise.all([
+      iosDevices.length > 0 && apnsClient.isConfigured()
+        ? apnsClient.sendToMany(iosDevices, payload, collapseId)
+        : Promise.resolve(EMPTY_APNS_RESULT),
+      androidTokens.length > 0 && isFCMConfigured()
+        ? sendFCMNotificationMulti(androidTokens, payload)
+        : Promise.resolve(EMPTY_FCM_RESULT),
+    ]);
+    const summary = summarizeNotifyDelivery(apnsResult, fcmResult);
+    // Lazy prune dead tokens; bump last-seen for the ones that delivered.
+    // Never prune on an override send: the override token is a one-off explicit
+    // target (not necessarily a registry row), and firing it at the wrong
+    // gateway must not soft-delete a real device that happens to hold it.
+    const pruned =
+      !override && summary.staleTokens.length
+        ? deviceTokenStore.pruneByTokens(summary.staleTokens)
+        : 0;
+    if (summary.succeededTokens.length > 0) {
+      deviceTokenStore.touchLastSeen(summary.succeededTokens);
+    }
-      const fcmResult = await sendFCMNotification(androidToken, payload);
-      if (fcmResult.success) {
-        // Record in dedup cache only after successful delivery
-        recordNotification(title, message, data);
-        if (waitForResponse) {
-          createPendingRequest(canonicalRequestId, {
-            options,
-            question: question ?? null,
-            responseKind: responseKind ?? 'hook',
-            sessionId: (data?.sessionId as string) || '',
-            toolInput: (data?.toolInput as Record<string, unknown>) || {},
-            toolName: (data?.toolName as string) || '',
-          });
-        }
-        addNotification(buildNotificationRecord(canonicalRequestId, title, message, 'sent', data));
-        return json({
-          message: 'Notification sent successfully',
-          requestId: canonicalRequestId,
-          result: { messageId: fcmResult.messageId },
-          success: true,
-          timestamp: new Date().toISOString(),
-        });
-      } else {
-        console.error(`[notify] FCM delivery failed: ${fcmResult.error}`);
-        releaseNotification(title, message, data); // free the reserved dedup slot for a retry
-        addNotification(
-          buildNotificationRecord(
-            canonicalRequestId,
-            title,
-            message,
-            'failed',
-            data,
-            fcmResult.error
-          )
-        );
-        return json(
-          {
-            details: fcmResult.error,
-            error: 'Failed to send notification',
-            requestId: canonicalRequestId,
-            timestamp: new Date().toISOString(),
-          },
-          { status: 500 }
-        );
-      }
+    // Keep the dedup reservation only on a clean, fully-successful delivery;
+    // otherwise release it so a legitimate retry is not blocked (a transient
+    // failure for one device must not poison the cache for everyone).
+    if (summary.delivered && summary.failed === 0) {
+      recordNotification(title, message, data);
     } else {
-      // --- APNs (iOS) path ---
-      if (!apnsClient.isConfigured()) {
-        return json(
-          {
-            details: 'Missing APNS_KEY, APNS_KEY_ID, or APNS_TEAM_ID environment variables',
-            error: 'APNs client not configured',
-          },
-          { status: 500 }
-        );
-      }
+      releaseNotification(title, message, data);
+    }
-      // Resolve the APNs target: explicit request token (e.g. config-page test),
-      // then the token the iOS app persisted on launch, then the env fallback.
-      // Persisted beats env so a stale .env DEVICE_TOKEN can't shadow the live
-      // device token after a restart (the BadDeviceToken trap this fixes).
-      const deviceToken = resolveDeviceToken(
-        requestDeviceToken,
-        readPersistedDeviceToken('ios'),
-        env.DEVICE_TOKEN
-      );
+    // Register the pending request for bidirectional polling only if at least
+    // one device received the push — otherwise no one can answer.
+    if (waitForResponse && summary.delivered) {
+      createPendingRequest(canonicalRequestId, {
+        options,
+        question: question ?? null,
+        responseKind: responseKind ?? 'hook',
+        sessionId: (data?.sessionId as string) || '',
+        toolInput: (data?.toolInput as Record<string, unknown>) || {},
+        toolName: (data?.toolName as string) || '',
+      });
+    }
-      if (!deviceToken) {
-        return json(
-          {
-            details:
-              'No iOS device token available — pass deviceToken in the request body, ensure ~/.shooter/device-tokens.json contains an ios token, or set DEVICE_TOKEN.',
-            error: 'No device token configured',
-          },
-          { status: 500 }
-        );
-      }
+    addNotification(
+      buildNotificationRecord(
+        canonicalRequestId,
+        title,
+        message,
+        summary.delivered ? 'sent' : 'failed',
+        data,
+        summary.delivered ? null : 'No registered device accepted the notification'
+      )
+    );
-      try {
-        const result = await apnsClient.sendNotification(deviceToken, payload);
-        // Record in dedup cache only after successful delivery
-        recordNotification(title, message, data);
-        // If this is a bidirectional permission request, store it for polling
-        // only after confirming APNs delivery succeeded
-        if (waitForResponse) {
-          createPendingRequest(canonicalRequestId, {
-            options,
-            question: question ?? null,
-            responseKind: responseKind ?? 'hook',
-            sessionId: (data?.sessionId as string) || '',
-            toolInput: (data?.toolInput as Record<string, unknown>) || {},
-            toolName: (data?.toolName as string) || '',
-          });
-        }
-        addNotification(buildNotificationRecord(canonicalRequestId, title, message, 'sent', data));
-        return json({
-          message: 'Notification sent successfully',
-          requestId: canonicalRequestId,
-          result,
-          success: true,
-          timestamp: new Date().toISOString(),
-        });
-      } catch (notificationError) {
-        const notifErrMsg = toErrorMessage(notificationError);
-        console.error(`[notify] APNs delivery failed: ${notifErrMsg}`);
-        releaseNotification(title, message, data); // free the reserved dedup slot for a retry
-        addNotification(
-          buildNotificationRecord(canonicalRequestId, title, message, 'failed', data, notifErrMsg)
-        );
-        return json(
-          {
-            details: notifErrMsg,
-            error: 'Failed to send notification',
-            requestId: canonicalRequestId,
-            timestamp: new Date().toISOString(),
-          },
-          { status: 500 }
-        );
-      }
-    }
+    // 200 even when nothing was delivered (success:false) so the notifier hook
+    // fast-fails instead of hanging for the full permission timeout.
+    return json({
+      failed: summary.failed,
+      pruned,
+      requestId: canonicalRequestId,
+      sent: summary.sent,
+      success: summary.delivered,
+      timestamp: new Date().toISOString(),
+    });
   } catch (error) {
     console.error('Notification error:', error);
     return json(

package/src/routes/api/qr-config/+server.ts CHANGED Viewed

@@ -19,9 +19,16 @@ export const GET: RequestHandler = async ({ request, url }) => {
   // Use a configured server URL from env when available (trusted), otherwise
   // fall back to url.origin (derived from the incoming request URL by SvelteKit).
-  const serverUrl = env.ORIGIN?.trim() || url.origin;
+  // Strip any trailing slash so registerUrl never becomes "https://x//api/...".
+  const serverUrl = (env.ORIGIN?.trim() || url.origin).replace(/\/+$/, '');
-  const configPayload = JSON.stringify({ apiKey, serverUrl });
+  // registerUrl lets a scanning app POST its push token straight to the
+  // device registry after pairing (multi-device auto-registration).
+  const configPayload = JSON.stringify({
+    apiKey,
+    registerUrl: `${serverUrl}/api/device-token`,
+    serverUrl,
+  });
   try {
     const dataUrl = await QRCode.toDataURL(configPayload, {