npm - @lobehub/chat - Versions diffs - 1.21.11 → 1.21.12 - Mend

@lobehub/chat 1.21.11 → 1.21.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/CHANGELOG.md +25 -0
package/package.json +2 -2
package/src/app/(backend)/api/chat/[provider]/route.test.ts +6 -2
package/src/app/(backend)/middleware/auth/index.test.ts +5 -2
package/src/app/(backend)/middleware/auth/index.ts +2 -1
package/src/app/(backend)/middleware/auth/utils.test.ts +1 -38
package/src/app/(backend)/middleware/auth/utils.ts +1 -33
package/src/app/(backend)/webapi/plugin/gateway/route.ts +1 -1
package/src/libs/trpc/middleware/jwtPayload.test.ts +1 -1
package/src/libs/trpc/middleware/jwtPayload.ts +1 -1
package/src/libs/trpc/middleware/keyVaults.ts +1 -1
package/src/utils/server/jwt.test.ts +62 -0
package/src/utils/server/jwt.ts +32 -0

package/CHANGELOG.md CHANGED Viewed

@@ -2,6 +2,31 @@
 # Changelog
+### [Version 1.21.12](https://github.com/lobehub/lobe-chat/compare/v1.21.11...v1.21.12)
+<sup>Released on **2024-10-11**</sup>
+#### ♻ Code Refactoring
+- **misc**: Refactor the jwt code.
+<br/>
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+#### Code refactoring
+- **misc**: Refactor the jwt code, closes [#4322](https://github.com/lobehub/lobe-chat/issues/4322) ([b7258b9](https://github.com/lobehub/lobe-chat/commit/b7258b9))
+</details>
+<div align="right">
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+</div>
 ### [Version 1.21.11](https://github.com/lobehub/lobe-chat/compare/v1.21.10...v1.21.11)
 <sup>Released on **2024-10-11**</sup>

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lobehub/chat",
-  "version": "1.21.11",
+  "version": "1.21.12",
   "description": "Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.",
   "keywords": [
     "framework",
@@ -101,7 +101,7 @@
   "dependencies": {
     "@ant-design/icons": "^5.4.0",
     "@ant-design/pro-components": "^2.7.10",
-    "@anthropic-ai/sdk": "^0.27.0",
+    "@anthropic-ai/sdk": "^0.29.0",
     "@auth/core": "^0.34.2",
     "@aws-sdk/client-bedrock-runtime": "^3.637.0",
     "@aws-sdk/client-s3": "^3.637.0",

package/src/app/(backend)/api/chat/[provider]/route.test.ts CHANGED Viewed

@@ -2,10 +2,11 @@
 import { getAuth } from '@clerk/nextjs/server';
 import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
-import { checkAuthMethod, getJWTPayload } from '@/app/(backend)/middleware/auth/utils';
+import { checkAuthMethod } from '@/app/(backend)/middleware/auth/utils';
 import { LOBE_CHAT_AUTH_HEADER, OAUTH_AUTHORIZED } from '@/const/auth';
 import { AgentRuntime, LobeRuntimeAI } from '@/libs/agent-runtime';
 import { ChatErrorType } from '@/types/fetch';
+import { getJWTPayload } from '@/utils/server/jwt';
 import { POST } from './route';
@@ -14,10 +15,13 @@ vi.mock('@clerk/nextjs/server', () => ({
 }));
 vi.mock('@/app/(backend)/middleware/auth/utils', () => ({
-  getJWTPayload: vi.fn(),
   checkAuthMethod: vi.fn(),
 }));
+vi.mock('@/utils/server/jwt', () => ({
+  getJWTPayload: vi.fn(),
+}));
 // 定义一个变量来存储 enableAuth 的值
 let enableClerk = false;

package/src/app/(backend)/middleware/auth/index.test.ts CHANGED Viewed

@@ -1,12 +1,12 @@
-import { getAuth } from '@clerk/nextjs/server';
 import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
 import { AgentRuntimeError } from '@/libs/agent-runtime';
 import { ChatErrorType } from '@/types/fetch';
 import { createErrorResponse } from '@/utils/errorResponse';
+import { getJWTPayload } from '@/utils/server/jwt';
 import { RequestHandler, checkAuth } from './index';
-import { checkAuthMethod, getJWTPayload } from './utils';
+import { checkAuthMethod } from './utils';
 vi.mock('@clerk/nextjs/server', () => ({
   getAuth: vi.fn(),
@@ -18,6 +18,9 @@ vi.mock('@/utils/errorResponse', () => ({
 vi.mock('./utils', () => ({
   checkAuthMethod: vi.fn(),
+}));
+vi.mock('@/utils/server/jwt', () => ({
   getJWTPayload: vi.fn(),
 }));

package/src/app/(backend)/middleware/auth/index.ts CHANGED Viewed

@@ -6,8 +6,9 @@ import { JWTPayload, LOBE_CHAT_AUTH_HEADER, OAUTH_AUTHORIZED, enableClerk } from
 import { AgentRuntime, AgentRuntimeError, ChatCompletionErrorPayload } from '@/libs/agent-runtime';
 import { ChatErrorType } from '@/types/fetch';
 import { createErrorResponse } from '@/utils/errorResponse';
+import { getJWTPayload } from '@/utils/server/jwt';
-import { checkAuthMethod, getJWTPayload } from './utils';
+import { checkAuthMethod } from './utils';
 type CreateRuntime = (jwtPayload: JWTPayload) => AgentRuntime;
 type RequestOptions = { createRuntime?: CreateRuntime; params: { provider: string } };

package/src/app/(backend)/middleware/auth/utils.test.ts CHANGED Viewed

@@ -2,9 +2,8 @@ import { type AuthObject } from '@clerk/backend';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
 import { getAppConfig } from '@/config/app';
-import { NON_HTTP_PREFIX } from '@/const/auth';
-import { checkAuthMethod, getJWTPayload } from './utils';
+import { checkAuthMethod } from './utils';
 let enableClerkMock = false;
 let enableNextAuthMock = false;
@@ -27,42 +26,6 @@ vi.mock('@/config/app', () => ({
   getAppConfig: vi.fn(),
 }));
-describe('getJWTPayload', () => {
-  it('should parse JWT payload for non-HTTPS token', async () => {
-    const token = `${NON_HTTP_PREFIX}.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ`;
-    const payload = await getJWTPayload(token);
-    expect(payload).toEqual({
-      sub: '1234567890',
-      name: 'John Doe',
-      iat: 1516239022,
-    });
-  });
-  it('should verify and parse JWT payload for HTTPS token', async () => {
-    const token =
-      'eyJhbGciOiJIUzI1NiJ9.eyJhY2Nlc3NDb2RlIjoiIiwidXNlcklkIjoiMDAxMzYyYzMtNDhjNS00NjM1LWJkM2ItODM3YmZmZjU4ZmMwIiwiYXBpS2V5IjoiYWJjIiwiZW5kcG9pbnQiOiJhYmMiLCJpYXQiOjE3MTY4MDIyMjUsImV4cCI6MTAwMDAwMDAwMDE3MTY4MDIwMDB9.FF0FxsE8Cajs-_hv5GD0TNUDwvekAkI9l_LL_IOPdGQ';
-    const payload = await getJWTPayload(token);
-    expect(payload).toEqual({
-      accessCode: '',
-      apiKey: 'abc',
-      endpoint: 'abc',
-      exp: 10000000001716802000,
-      iat: 1716802225,
-      userId: '001362c3-48c5-4635-bd3b-837bfff58fc0',
-    });
-  });
-  it('should not verify success and parse JWT payload for dated token', async () => {
-    const token =
-      'eyJhbGciOiJIUzI1NiJ9.eyJhY2Nlc3NDb2RlIjoiIiwidXNlcklkIjoiYWY3M2JhODktZjFhMy00YjliLWEwM2QtZGViZmZlMzE4NmQxIiwiYXBpS2V5IjoiYWJjIiwiZW5kcG9pbnQiOiJhYmMiLCJpYXQiOjE3MTY3OTk5ODAsImV4cCI6MTcxNjgwMDA4MH0.8AGFsLcwyrQG82kVUYOGFXHIwihm2n16ctyArKW9100';
-    try {
-      await getJWTPayload(token);
-    } catch (e) {
-      expect(e).toEqual(new TypeError('"exp" claim timestamp check failed'));
-    }
-  });
-});
 describe('checkAuthMethod', () => {
   beforeEach(() => {
     vi.mocked(getAppConfig).mockReturnValue({

package/src/app/(backend)/middleware/auth/utils.ts CHANGED Viewed

@@ -1,42 +1,10 @@
 import { type AuthObject } from '@clerk/backend';
-import { importJWK, jwtVerify } from 'jose';
 import { getAppConfig } from '@/config/app';
-import {
-  JWTPayload,
-  JWT_SECRET_KEY,
-  NON_HTTP_PREFIX,
-  enableClerk,
-  enableNextAuth,
-} from '@/const/auth';
+import { enableClerk, enableNextAuth } from '@/const/auth';
 import { AgentRuntimeError } from '@/libs/agent-runtime';
 import { ChatErrorType } from '@/types/fetch';
-export const getJWTPayload = async (token: string): Promise<JWTPayload> => {
-  //如果是 HTTP 协议发起的请求，直接解析 token
-  // 这是一个非常 hack 的解决方案，未来要找更好的解决方案来处理这个问题
-  // refs: https://github.com/lobehub/lobe-chat/pull/1238
-  if (token.startsWith(NON_HTTP_PREFIX)) {
-    const jwtParts = token.split('.');
-    const payload = jwtParts[1];
-    return JSON.parse(atob(payload));
-  }
-  const encoder = new TextEncoder();
-  const secretKey = await crypto.subtle.digest('SHA-256', encoder.encode(JWT_SECRET_KEY));
-  const jwkSecretKey = await importJWK(
-    { k: Buffer.from(secretKey).toString('base64'), kty: 'oct' },
-    'HS256',
-  );
-  const { payload } = await jwtVerify(token, jwkSecretKey);
-  return payload as JWTPayload;
-};
 interface CheckAuthParams {
   accessCode?: string;
   apiKey?: string;

package/src/app/(backend)/webapi/plugin/gateway/route.ts CHANGED Viewed

@@ -1,7 +1,6 @@
 import { PluginRequestPayload } from '@lobehub/chat-plugin-sdk';
 import { createGatewayOnEdgeRuntime } from '@lobehub/chat-plugins-gateway';
-import { getJWTPayload } from '@/app/(backend)/middleware/auth/utils';
 import { getAppConfig } from '@/config/app';
 import { LOBE_CHAT_AUTH_HEADER, OAUTH_AUTHORIZED, enableNextAuth } from '@/const/auth';
 import { LOBE_CHAT_TRACE_ID, TraceNameMap } from '@/const/trace';
@@ -9,6 +8,7 @@ import { AgentRuntimeError } from '@/libs/agent-runtime';
 import { TraceClient } from '@/libs/traces';
 import { ChatErrorType, ErrorType } from '@/types/fetch';
 import { createErrorResponse } from '@/utils/errorResponse';
+import { getJWTPayload } from '@/utils/server/jwt';
 import { getTracePayload } from '@/utils/trace';
 import { parserPluginSettings } from './settings';

package/src/libs/trpc/middleware/jwtPayload.test.ts CHANGED Viewed

@@ -2,10 +2,10 @@
 import { TRPCError } from '@trpc/server';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
-import * as utils from '@/app/(backend)/middleware/auth/utils';
 import { createCallerFactory } from '@/libs/trpc';
 import { trpc } from '@/libs/trpc/init';
 import { AuthContext, createContextInner } from '@/server/context';
+import * as utils from '@/utils/server/jwt';
 import { jwtPayloadChecker } from './jwtPayload';

package/src/libs/trpc/middleware/jwtPayload.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import { TRPCError } from '@trpc/server';
-import { getJWTPayload } from '@/app/(backend)/middleware/auth/utils';
 import { trpc } from '@/libs/trpc/init';
+import { getJWTPayload } from '@/utils/server/jwt';
 export const jwtPayloadChecker = trpc.middleware(async (opts) => {
   const { ctx } = opts;

package/src/libs/trpc/middleware/keyVaults.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import { TRPCError } from '@trpc/server';
-import { getJWTPayload } from '@/app/(backend)/middleware/auth/utils';
 import { trpc } from '@/libs/trpc/init';
+import { getJWTPayload } from '@/utils/server/jwt';
 export const keyVaults = trpc.middleware(async (opts) => {
   const { ctx } = opts;

package/src/utils/server/jwt.test.ts ADDED Viewed

@@ -0,0 +1,62 @@
+import { describe, expect, it, vi } from 'vitest';
+import { NON_HTTP_PREFIX } from '@/const/auth';
+import { getJWTPayload } from './jwt';
+let enableClerkMock = false;
+let enableNextAuthMock = false;
+vi.mock('@/const/auth', async (importOriginal) => {
+  const data = await importOriginal();
+  return {
+    ...(data as any),
+    get enableClerk() {
+      return enableClerkMock;
+    },
+    get enableNextAuth() {
+      return enableNextAuthMock;
+    },
+  };
+});
+vi.mock('@/config/app', () => ({
+  getAppConfig: vi.fn(),
+}));
+describe('getJWTPayload', () => {
+  it('should parse JWT payload for non-HTTPS token', async () => {
+    const token = `${NON_HTTP_PREFIX}.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ`;
+    const payload = await getJWTPayload(token);
+    expect(payload).toEqual({
+      sub: '1234567890',
+      name: 'John Doe',
+      iat: 1516239022,
+    });
+  });
+  it('should verify and parse JWT payload for HTTPS token', async () => {
+    const token =
+      'eyJhbGciOiJIUzI1NiJ9.eyJhY2Nlc3NDb2RlIjoiIiwidXNlcklkIjoiMDAxMzYyYzMtNDhjNS00NjM1LWJkM2ItODM3YmZmZjU4ZmMwIiwiYXBpS2V5IjoiYWJjIiwiZW5kcG9pbnQiOiJhYmMiLCJpYXQiOjE3MTY4MDIyMjUsImV4cCI6MTAwMDAwMDAwMDE3MTY4MDIwMDB9.FF0FxsE8Cajs-_hv5GD0TNUDwvekAkI9l_LL_IOPdGQ';
+    const payload = await getJWTPayload(token);
+    expect(payload).toEqual({
+      accessCode: '',
+      apiKey: 'abc',
+      endpoint: 'abc',
+      exp: 10000000001716802000,
+      iat: 1716802225,
+      userId: '001362c3-48c5-4635-bd3b-837bfff58fc0',
+    });
+  });
+  it('should not verify success and parse JWT payload for dated token', async () => {
+    const token =
+      'eyJhbGciOiJIUzI1NiJ9.eyJhY2Nlc3NDb2RlIjoiIiwidXNlcklkIjoiYWY3M2JhODktZjFhMy00YjliLWEwM2QtZGViZmZlMzE4NmQxIiwiYXBpS2V5IjoiYWJjIiwiZW5kcG9pbnQiOiJhYmMiLCJpYXQiOjE3MTY3OTk5ODAsImV4cCI6MTcxNjgwMDA4MH0.8AGFsLcwyrQG82kVUYOGFXHIwihm2n16ctyArKW9100';
+    try {
+      await getJWTPayload(token);
+    } catch (e) {
+      expect(e).toEqual(new TypeError('"exp" claim timestamp check failed'));
+    }
+  });
+});

package/src/utils/server/jwt.ts ADDED Viewed

@@ -0,0 +1,32 @@
+import { importJWK, jwtVerify } from 'jose';
+import {
+  JWTPayload,
+  JWT_SECRET_KEY,
+  NON_HTTP_PREFIX,
+} from '@/const/auth';
+export const getJWTPayload = async (token: string): Promise<JWTPayload> => {
+  //如果是 HTTP 协议发起的请求，直接解析 token
+  // 这是一个非常 hack 的解决方案，未来要找更好的解决方案来处理这个问题
+  // refs: https://github.com/lobehub/lobe-chat/pull/1238
+  if (token.startsWith(NON_HTTP_PREFIX)) {
+    const jwtParts = token.split('.');
+    const payload = jwtParts[1];
+    return JSON.parse(atob(payload));
+  }
+  const encoder = new TextEncoder();
+  const secretKey = await crypto.subtle.digest('SHA-256', encoder.encode(JWT_SECRET_KEY));
+  const jwkSecretKey = await importJWK(
+    { k: Buffer.from(secretKey).toString('base64'), kty: 'oct' },
+    'HS256',
+  );
+  const { payload } = await jwtVerify(token, jwkSecretKey);
+  return payload as JWTPayload;
+};