@kraki/head 0.1.0

package/dist/server.d.ts

@@ -0,0 +1,78 @@
+import { WebSocket } from 'ws';
+import type { Server } from 'http';
+import { ChannelManager } from './channel-manager.js';
+import { Router } from './router.js';
+import type { AuthProvider } from './auth.js';
+export interface HeadServerOptions {
+    /** Auth providers keyed by mode name. Falls back to authProvider if set. */
+    authProviders?: Map<string, AuthProvider>;
+    /** Supported auth mode names (for auth_info response) */
+    authModes?: string[];
+    /** Legacy single auth provider (used if authProviders not set) */
+    authProvider?: AuthProvider;
+    /** Enable E2E encryption mode */
+    e2e: boolean;
+    /** Max WebSocket message size in bytes. Default: 10MB */
+    maxPayload?: number;
+    /** Ping interval in ms. Default: 30000 (30s). Set 0 to disable. */
+    pingInterval?: number;
+    /** Pong timeout in ms. Default: 10000 (10s) */
+    pongTimeout?: number;
+    /** Allow QR pairing for adding devices. Default: true */
+    pairingEnabled?: boolean;
+    /** Pairing token TTL in seconds. Default: 300 (5 min) */
+    pairingTtl?: number;
+}
+export declare class HeadServer {
+    private wss;
+    private cm;
+    private router;
+    private options;
+    private clients;
+    private pingTimer;
+    /** Dedup: track recently seen client message IDs to prevent duplicates */
+    private recentClientMsgIds;
+    private dedupCleanupTimer;
+    constructor(cm: ChannelManager, router: Router, options: HeadServerOptions);
+    /** Resolve the auth provider (multi-provider or legacy single). */
+    private getAuthProvider;
+    /** Get supported auth mode names. */
+    private getAuthModes;
+    /** Resolve auth provider by mode name (for multi-provider). */
+    private getAuthProviderForMode;
+    /** Get the GitHub OAuth client ID if configured (for auth_info_response). */
+    private getGitHubClientId;
+    /** Find the GitHubAuthProvider in the provider chain (unwrapping throttle). */
+    private findGitHubProvider;
+    /** Resolve the channel owner's user info for auth_ok. */
+    private getChannelOwnerUser;
+    /**
+     * Attach to an HTTP server for upgrade handling.
+     */
+    attach(server: Server): void;
+    /**
+     * Accept a raw WebSocket connection (for testing without HTTP server).
+     */
+    acceptConnection(ws: WebSocket): void;
+    private onConnection;
+    private onMessage;
+    private handleCreatePairingToken;
+    private handleDeleteSession;
+    /**
+     * One-shot pairing token request. Validates auth token inline,
+     * creates a pairing token, responds, and requires no device registration.
+     */
+    private handleRequestPairingToken;
+    private handleAuth;
+    private handlePairingAuth;
+    private handleChallengeResponse;
+    private sendError;
+    private startPingInterval;
+    private startDedupCleanup;
+    /** Guard against unbounded dedup set growth */
+    private trackClientMsgId;
+    /**
+     * Close the server and all connections.
+     */
+    close(): void;
+}