@lightsparkdev/core 1.4.3 → 1.4.4

package/dist/chunk-VY7NND44.js

@@ -0,0 +1,713 @@
+import {
+  LightsparkException_default,
+  b64decode,
+  b64encode,
+  createSha256Hash,
+  getLocalStorageConfigItem,
+  hexToBytes,
+  isBrowser,
+  isNode,
+  isTest
+} from "./chunk-ADHQHZNM.js";
+
+// src/auth/StubAuthProvider.ts
+var StubAuthProvider = class {
+  addAuthHeaders(headers) {
+    return Promise.resolve(headers);
+  }
+  isAuthorized() {
+    return Promise.resolve(false);
+  }
+  addWsConnectionParams(params) {
+    return Promise.resolve(params);
+  }
+};
+
+// src/crypto/LightsparkSigningException.ts
+var LightsparkSigningException = class extends LightsparkException_default {
+  constructor(message, extraInfo) {
+    super("SigningException", message, extraInfo);
+  }
+};
+var LightsparkSigningException_default = LightsparkSigningException;
+
+// src/crypto/crypto.ts
+var getCrypto = () => {
+  let cryptoImplPromise;
+  if (typeof crypto !== "undefined") {
+    cryptoImplPromise = Promise.resolve(crypto);
+  } else {
+    cryptoImplPromise = import("crypto").then((nodeCrypto) => {
+      let cryptoModule = nodeCrypto;
+      if (!nodeCrypto.subtle) {
+        cryptoModule = Object.assign({}, cryptoModule, {
+          subtle: nodeCrypto.webcrypto.subtle
+        });
+      }
+      if (!nodeCrypto.getRandomValues) {
+        cryptoModule = Object.assign({}, cryptoModule, {
+          getRandomValues: (array) => {
+            if (!array) {
+              return array;
+            }
+            const buffer = Buffer.from(array.buffer);
+            const view = new Uint8Array(buffer);
+            nodeCrypto.randomFillSync(view);
+            return array;
+          }
+        });
+      }
+      return cryptoModule;
+    });
+  }
+  return cryptoImplPromise;
+};
+var getRandomValues32 = async (arr) => {
+  if (typeof crypto !== "undefined") {
+    return crypto.getRandomValues(arr);
+  } else {
+    const cryptoImpl = await getCrypto();
+    return cryptoImpl.getRandomValues(arr);
+  }
+};
+var deriveKey = async (password, salt, iterations, algorithm, bit_len) => {
+  const enc = new TextEncoder();
+  const cryptoImpl = await getCrypto();
+  const password_key = await cryptoImpl.subtle.importKey(
+    "raw",
+    enc.encode(password),
+    "PBKDF2",
+    false,
+    ["deriveBits", "deriveKey"]
+  );
+  const derived = await cryptoImpl.subtle.deriveBits(
+    {
+      name: "PBKDF2",
+      salt,
+      iterations,
+      hash: "SHA-256"
+    },
+    password_key,
+    bit_len
+  );
+  const key = await cryptoImpl.subtle.importKey(
+    "raw",
+    derived.slice(0, 32),
+    { name: algorithm, length: 256 },
+    false,
+    ["encrypt", "decrypt"]
+  );
+  const iv = derived.slice(32);
+  return [key, iv];
+};
+var decrypt = async (header_json, ciphertext, password) => {
+  let decoded = b64decode(ciphertext);
+  let header;
+  if (header_json === "AES_256_CBC_PBKDF2_5000_SHA256") {
+    header = {
+      v: 0,
+      i: 5e3
+    };
+    decoded = decoded.slice(8);
+  } else {
+    header = JSON.parse(header_json);
+  }
+  if (header.v < 0 || header.v > 4) {
+    throw new LightsparkException_default(
+      "DecryptionError",
+      `Unknown version ${header.v}`
+    );
+  }
+  const cryptoImpl = await getCrypto();
+  const algorithm = header.v < 2 ? "AES-CBC" : "AES-GCM";
+  const bit_len = header.v < 4 ? 384 : 352;
+  const salt_len = header.v < 4 ? 8 : 16;
+  if (header.lsv === 2 || header.v === 3) {
+    const salt = decoded.slice(decoded.length - 8, decoded.length);
+    const nonce = decoded.slice(0, 12);
+    const cipherText = decoded.slice(12, decoded.length - 8);
+    const [
+      key
+      /* , _iv */
+    ] = await deriveKey(
+      password,
+      salt,
+      header.i,
+      algorithm,
+      256
+    );
+    return await cryptoImpl.subtle.decrypt(
+      { name: algorithm, iv: nonce.buffer },
+      key,
+      cipherText
+    );
+  } else {
+    const salt = decoded.slice(0, salt_len);
+    const encrypted = decoded.slice(salt_len);
+    const [key, iv] = await deriveKey(
+      password,
+      salt,
+      header.i,
+      algorithm,
+      bit_len
+    );
+    return await cryptoImpl.subtle.decrypt(
+      { name: algorithm, iv },
+      key,
+      encrypted
+    );
+  }
+};
+async function decryptSecretWithNodePassword(cipher, encryptedSecret, nodePassword) {
+  let decryptedValue = null;
+  try {
+    decryptedValue = await decrypt(cipher, encryptedSecret, nodePassword);
+  } catch (ex) {
+    console.error(ex);
+  }
+  return decryptedValue;
+}
+var generateSigningKeyPair = async () => {
+  const cryptoImpl = await getCrypto();
+  return await cryptoImpl.subtle.generateKey(
+    /*algorithm:*/
+    {
+      name: "RSA-PSS",
+      modulusLength: 4096,
+      publicExponent: new Uint8Array([1, 0, 1]),
+      hash: "SHA-256"
+    },
+    /*extractable*/
+    true,
+    /*keyUsages*/
+    ["sign", "verify"]
+  );
+};
+var serializeSigningKey = async (key, format) => {
+  const cryptoImpl = await getCrypto();
+  return await cryptoImpl.subtle.exportKey(
+    /*format*/
+    format,
+    /*key*/
+    key
+  );
+};
+var getNonce = async () => {
+  const nonceSt = await getRandomValues32(new Uint32Array(2));
+  const [upper, lower] = nonceSt;
+  const nonce = BigInt(upper) << 32n | BigInt(lower);
+  return Number(nonce);
+};
+var sign = async (keyOrAlias, data) => {
+  if (typeof keyOrAlias === "string") {
+    throw new LightsparkSigningException_default(
+      "Key alias not supported for default crypto."
+    );
+  }
+  const cryptoImpl = await getCrypto();
+  return await cryptoImpl.subtle.sign(
+    {
+      name: "RSA-PSS",
+      saltLength: 32
+    },
+    keyOrAlias,
+    data
+  );
+};
+var importPrivateSigningKey = async (keyData) => {
+  const cryptoImpl = await getCrypto();
+  return await cryptoImpl.subtle.importKey(
+    /*format*/
+    "pkcs8",
+    /*keyData*/
+    keyData,
+    /*algorithm*/
+    {
+      name: "RSA-PSS",
+      hash: "SHA-256"
+    },
+    /*extractable*/
+    true,
+    /*keyUsages*/
+    ["sign"]
+  );
+};
+var DefaultCrypto = {
+  decryptSecretWithNodePassword,
+  generateSigningKeyPair,
+  serializeSigningKey,
+  getNonce,
+  sign,
+  importPrivateSigningKey
+};
+
+// src/constants/index.ts
+var ConfigKeys = {
+  LoggingEnabled: "lightspark-logging-enabled",
+  ConsoleToolsEnabled: "lightspark-console-tools-enabled"
+};
+
+// src/Logger.ts
+var LoggingLevel = /* @__PURE__ */ ((LoggingLevel2) => {
+  LoggingLevel2[LoggingLevel2["Trace"] = 0] = "Trace";
+  LoggingLevel2[LoggingLevel2["Info"] = 1] = "Info";
+  return LoggingLevel2;
+})(LoggingLevel || {});
+var Logger = class {
+  context;
+  loggingEnabled = false;
+  loggingLevel = 1 /* Info */;
+  constructor(loggerContext, getLoggingEnabled) {
+    this.context = loggerContext;
+    void this.updateLoggingEnabled(getLoggingEnabled);
+  }
+  setLevel(level) {
+    this.loggingLevel = level;
+  }
+  setEnabled(enabled, level = 1 /* Info */) {
+    this.loggingEnabled = enabled;
+    this.loggingLevel = level;
+  }
+  async updateLoggingEnabled(getLoggingEnabled) {
+    if (getLoggingEnabled) {
+      this.loggingEnabled = await getLoggingEnabled();
+    } else if (isTest) {
+      this.loggingEnabled = true;
+    } else if (isBrowser) {
+      try {
+        this.loggingEnabled = getLocalStorageConfigItem(
+          ConfigKeys.LoggingEnabled
+        );
+      } catch (e) {
+      }
+    }
+    if (this.loggingEnabled) {
+      console.log(`[${this.context}] Logging enabled`);
+    }
+  }
+  trace(message, ...rest) {
+    if (this.loggingEnabled && this.loggingLevel === 0 /* Trace */) {
+      console.log(`[${this.context}] ${message}`, ...rest);
+    }
+  }
+  info(message, ...rest) {
+    if (this.loggingEnabled && this.loggingLevel <= 1 /* Info */) {
+      console.log(`[${this.context}] ${message}`, ...rest);
+    }
+  }
+};
+var logger = new Logger("@lightsparkdev/core");
+
+// ../../node_modules/auto-bind/index.js
+var getAllProperties = (object) => {
+  const properties = /* @__PURE__ */ new Set();
+  do {
+    for (const key of Reflect.ownKeys(object)) {
+      properties.add([object, key]);
+    }
+  } while ((object = Reflect.getPrototypeOf(object)) && object !== Object.prototype);
+  return properties;
+};
+function autoBind(self, { include, exclude } = {}) {
+  const filter = (key) => {
+    const match = (pattern) => typeof pattern === "string" ? key === pattern : pattern.test(key);
+    if (include) {
+      return include.some(match);
+    }
+    if (exclude) {
+      return !exclude.some(match);
+    }
+    return true;
+  };
+  for (const [object, key] of getAllProperties(self.constructor.prototype)) {
+    if (key === "constructor" || !filter(key)) {
+      continue;
+    }
+    const descriptor = Reflect.getOwnPropertyDescriptor(object, key);
+    if (descriptor && typeof descriptor.value === "function") {
+      self[key] = self[key].bind(self);
+    }
+  }
+  return self;
+}
+
+// src/requester/Requester.ts
+import dayjs from "dayjs";
+import utc from "dayjs/plugin/utc.js";
+import { Observable } from "zen-observable-ts";
+var DEFAULT_BASE_URL = "api.lightspark.com";
+dayjs.extend(utc);
+var Requester = class {
+  constructor(nodeKeyCache, schemaEndpoint, sdkUserAgent, authProvider = new StubAuthProvider(), baseUrl = DEFAULT_BASE_URL, cryptoImpl = DefaultCrypto, signingKey, fetchImpl = fetch) {
+    this.nodeKeyCache = nodeKeyCache;
+    this.schemaEndpoint = schemaEndpoint;
+    this.sdkUserAgent = sdkUserAgent;
+    this.authProvider = authProvider;
+    this.baseUrl = baseUrl;
+    this.cryptoImpl = cryptoImpl;
+    this.signingKey = signingKey;
+    this.fetchImpl = fetchImpl;
+    this.wsClient = new Promise((resolve) => {
+      this.resolveWsClient = resolve;
+    });
+    void this.initWsClient(baseUrl, authProvider);
+    autoBind(this);
+  }
+  wsClient;
+  resolveWsClient = null;
+  initWsClient(baseUrl, authProvider) {
+    return Promise.resolve(null);
+  }
+  async executeQuery(query) {
+    const data = await this.makeRawRequest(
+      query.queryPayload,
+      query.variables || {},
+      query.signingNodeId,
+      !!query.skipAuth
+    );
+    return query.constructObject(data);
+  }
+  subscribe(queryPayload, variables = {}) {
+    logger.trace(`Requester.subscribe variables`, variables);
+    const operationNameRegex = /^\s*(query|mutation|subscription)\s+(\w+)/i;
+    const operationMatch = queryPayload.match(operationNameRegex);
+    if (!operationMatch || operationMatch.length < 3) {
+      throw new LightsparkException_default("InvalidQuery", "Invalid query payload");
+    }
+    const operationType = operationMatch[1];
+    logger.trace(`Requester.subscribe operationType`, operationType);
+    if (operationType == "mutation") {
+      throw new LightsparkException_default(
+        "InvalidQuery",
+        "Mutation queries should call makeRawRequest instead"
+      );
+    }
+    for (const key in variables) {
+      if (variables[key] === void 0) {
+        variables[key] = null;
+      }
+    }
+    const operation = operationMatch[2];
+    const bodyData = {
+      query: queryPayload,
+      variables,
+      operationName: operation
+    };
+    return new Observable((observer) => {
+      logger.trace(`Requester.subscribe observer`, observer);
+      let cleanup = null;
+      let canceled = false;
+      void (async () => {
+        try {
+          const wsClient = await this.wsClient;
+          if (!wsClient) {
+            throw new LightsparkException_default(
+              "WebSocketNotInitialized",
+              "WebSocket client is not initialized or is not available in the current environment."
+            );
+          }
+          if (!canceled) {
+            cleanup = wsClient.subscribe(bodyData, {
+              next: (data) => observer.next(data),
+              error: (err) => observer.error(err),
+              complete: () => observer.complete()
+            });
+          }
+        } catch (err) {
+          observer.error(err);
+        }
+      })();
+      return () => {
+        canceled = true;
+        if (cleanup) {
+          cleanup();
+        }
+      };
+    });
+  }
+  async makeRawRequest(queryPayload, variables = {}, signingNodeId = void 0, skipAuth = false) {
+    logger.trace(`Requester.makeRawRequest args`, {
+      queryPayload,
+      variables,
+      signingNodeId,
+      skipAuth
+    });
+    const operationNameRegex = /^\s*(query|mutation|subscription)\s+(\w+)/i;
+    const operationMatch = queryPayload.match(operationNameRegex);
+    if (!operationMatch || operationMatch.length < 3) {
+      throw new LightsparkException_default("InvalidQuery", "Invalid query payload");
+    }
+    const operationType = operationMatch[1];
+    if (operationType == "subscription") {
+      throw new LightsparkException_default(
+        "InvalidQuery",
+        "Subscription queries should call subscribe instead"
+      );
+    }
+    for (const key in variables) {
+      if (variables[key] === void 0) {
+        variables[key] = null;
+      }
+    }
+    const operation = operationMatch[2];
+    const payload = {
+      query: queryPayload,
+      variables,
+      operationName: operation
+    };
+    const browserUserAgent = typeof navigator !== "undefined" ? navigator.userAgent : "";
+    const sdkUserAgent = this.getSdkUserAgent();
+    const baseHeaders = {
+      "Content-Type": "application/json",
+      "X-Lightspark-SDK": sdkUserAgent,
+      "User-Agent": browserUserAgent || sdkUserAgent,
+      "X-GraphQL-Operation": operation
+    };
+    const headers = skipAuth ? baseHeaders : await this.authProvider.addAuthHeaders(baseHeaders);
+    let bodyData = await this.addSigningDataIfNeeded(
+      payload,
+      headers,
+      signingNodeId
+    );
+    if (bodyData.length > 1024 && typeof CompressionStream != "undefined") {
+      bodyData = await compress(bodyData);
+      headers["Content-Encoding"] = "deflate";
+    }
+    let urlWithProtocol = this.baseUrl;
+    if (!urlWithProtocol.startsWith("https://") && !urlWithProtocol.startsWith("http://")) {
+      urlWithProtocol = `https://${urlWithProtocol}`;
+    }
+    const url = `${urlWithProtocol}/${this.schemaEndpoint}`;
+    logger.trace(`Requester.makeRawRequest`, {
+      url,
+      operationName: operation,
+      variables,
+      headers
+    });
+    const response = await this.fetchImpl(url, {
+      method: "POST",
+      headers,
+      body: bodyData
+    });
+    if (!response.ok) {
+      throw new LightsparkException_default(
+        "RequestFailed",
+        `Request ${operation} failed. ${response.statusText}`
+      );
+    }
+    const responseJson = await response.json();
+    const data = responseJson.data;
+    if (!data) {
+      let firstErrorName = void 0;
+      if (Array.isArray(responseJson.errors) && responseJson.errors.length > 0) {
+        const firstError = responseJson.errors[0];
+        firstErrorName = firstError["extensions"]?.["error_name"];
+      }
+      throw new LightsparkException_default(
+        "RequestFailed",
+        `Request ${operation} failed. ${JSON.stringify(responseJson.errors)}`,
+        { errorName: firstErrorName }
+      );
+    }
+    return data;
+  }
+  getSdkUserAgent() {
+    const platform = isNode ? "NodeJS" : "Browser";
+    const platformVersion = isNode ? process.version : "";
+    return `${this.sdkUserAgent} ${platform}/${platformVersion}`;
+  }
+  stripProtocol(url) {
+    return url.replace(/.*?:\/\//g, "");
+  }
+  async addSigningDataIfNeeded(queryPayload, headers, signingNodeId) {
+    if (!signingNodeId) {
+      return new TextEncoder().encode(JSON.stringify(queryPayload));
+    }
+    const query = queryPayload.query;
+    const variables = queryPayload.variables;
+    const operationName = queryPayload.operationName;
+    const nonce = await this.cryptoImpl.getNonce();
+    const expiration = dayjs.utc().add(1, "hour").format();
+    const payload = {
+      query,
+      variables,
+      operationName,
+      nonce,
+      expires_at: expiration
+    };
+    const key = this.signingKey ?? this.nodeKeyCache.getKey(signingNodeId);
+    if (!key) {
+      throw new LightsparkSigningException_default(
+        "Missing node of encrypted_signing_private_key"
+      );
+    }
+    const encodedPayload = new TextEncoder().encode(JSON.stringify(payload));
+    const signedPayload = await key.sign(encodedPayload);
+    const encodedSignedPayload = b64encode(signedPayload);
+    headers["X-Lightspark-Signing"] = JSON.stringify({
+      v: "1",
+      signature: encodedSignedPayload
+    });
+    return encodedPayload;
+  }
+};
+async function compress(data) {
+  const stream = new Blob([data]).stream();
+  const compressedStream = stream.pipeThrough(new CompressionStream("deflate"));
+  const reader = compressedStream.getReader();
+  const chunks = [];
+  let done, value;
+  while (!done) {
+    ({ done, value } = await reader.read());
+    chunks.push(value);
+  }
+  const blob = new Blob(chunks);
+  return new Uint8Array(await blob.arrayBuffer());
+}
+var Requester_default = Requester;
+
+// src/auth/LightsparkAuthException.ts
+var LightsparkAuthException = class extends LightsparkException_default {
+  constructor(message, extraInfo) {
+    super("AuthException", message, extraInfo);
+  }
+};
+var LightsparkAuthException_default = LightsparkAuthException;
+
+// src/crypto/KeyOrAlias.ts
+var KeyOrAlias = {
+  key: (key) => ({ key }),
+  alias: (alias) => ({ alias })
+};
+
+// src/crypto/types.ts
+var SigningKeyType = /* @__PURE__ */ ((SigningKeyType2) => {
+  SigningKeyType2["RSASigningKey"] = "RSASigningKey";
+  SigningKeyType2["Secp256k1SigningKey"] = "Secp256k1SigningKey";
+  return SigningKeyType2;
+})(SigningKeyType || {});
+
+// src/crypto/SigningKey.ts
+import secp256k1 from "secp256k1";
+function isAlias(key) {
+  return "alias" in key;
+}
+var SigningKey = class {
+  type;
+  constructor(type) {
+    this.type = type;
+  }
+};
+var RSASigningKey = class extends SigningKey {
+  constructor(privateKey, cryptoImpl) {
+    super("RSASigningKey" /* RSASigningKey */);
+    this.privateKey = privateKey;
+    this.cryptoImpl = cryptoImpl;
+  }
+  async sign(data) {
+    const key = isAlias(this.privateKey) ? this.privateKey.alias : this.privateKey;
+    return this.cryptoImpl.sign(key, data);
+  }
+};
+var Secp256k1SigningKey = class extends SigningKey {
+  constructor(privateKey) {
+    super("Secp256k1SigningKey" /* Secp256k1SigningKey */);
+    this.privateKey = privateKey;
+  }
+  async sign(data) {
+    const keyBytes = new Uint8Array(hexToBytes(this.privateKey));
+    const hash = await createSha256Hash(data);
+    const signResult = secp256k1.ecdsaSign(hash, keyBytes);
+    return secp256k1.signatureExport(signResult.signature);
+  }
+};
+
+// src/crypto/NodeKeyCache.ts
+var NodeKeyCache = class {
+  constructor(cryptoImpl = DefaultCrypto) {
+    this.cryptoImpl = cryptoImpl;
+    this.idToKey = /* @__PURE__ */ new Map();
+    autoBind(this);
+  }
+  idToKey;
+  async loadKey(id, keyOrAlias, signingKeyType) {
+    let signingKey;
+    if (keyOrAlias.alias !== void 0) {
+      switch (signingKeyType) {
+        case "RSASigningKey" /* RSASigningKey */:
+          signingKey = new RSASigningKey(
+            { alias: keyOrAlias.alias },
+            this.cryptoImpl
+          );
+          break;
+        default:
+          throw new LightsparkSigningException_default(
+            `Aliases are not supported for signing key type ${signingKeyType}`
+          );
+      }
+      this.idToKey.set(id, signingKey);
+      return signingKey;
+    }
+    try {
+      if (signingKeyType === "Secp256k1SigningKey" /* Secp256k1SigningKey */) {
+        signingKey = new Secp256k1SigningKey(keyOrAlias.key);
+      } else {
+        const decoded = b64decode(this.stripPemTags(keyOrAlias.key));
+        const cryptoKeyOrAlias = await this.cryptoImpl.importPrivateSigningKey(decoded);
+        const key = typeof cryptoKeyOrAlias === "string" ? { alias: cryptoKeyOrAlias } : cryptoKeyOrAlias;
+        signingKey = new RSASigningKey(key, this.cryptoImpl);
+      }
+      this.idToKey.set(id, signingKey);
+      return signingKey;
+    } catch (e) {
+      console.log("Error importing key: ", e);
+    }
+    return null;
+  }
+  getKey(id) {
+    return this.idToKey.get(id);
+  }
+  hasKey(id) {
+    return this.idToKey.has(id);
+  }
+  stripPemTags(pem) {
+    return pem.replace(/-----BEGIN (.*)-----/, "").replace(/-----END (.*)----/, "");
+  }
+};
+var NodeKeyCache_default = NodeKeyCache;
+
+// src/ServerEnvironment.ts
+var ServerEnvironment = /* @__PURE__ */ ((ServerEnvironment2) => {
+  ServerEnvironment2["PRODUCTION"] = "production";
+  ServerEnvironment2["DEV"] = "dev";
+  return ServerEnvironment2;
+})(ServerEnvironment || {});
+var apiDomainForEnvironment = (environment) => {
+  switch (environment) {
+    case "dev" /* DEV */:
+      return "api.dev.dev.sparkinfra.net";
+    case "production" /* PRODUCTION */:
+      return "api.lightspark.com";
+  }
+};
+var ServerEnvironment_default = ServerEnvironment;
+
+export {
+  StubAuthProvider,
+  LightsparkSigningException_default,
+  DefaultCrypto,
+  ConfigKeys,
+  LoggingLevel,
+  Logger,
+  logger,
+  Requester_default,
+  LightsparkAuthException_default,
+  KeyOrAlias,
+  SigningKeyType,
+  SigningKey,
+  RSASigningKey,
+  Secp256k1SigningKey,
+  NodeKeyCache_default,
+  apiDomainForEnvironment,
+  ServerEnvironment_default
+};