@mariozechner/pi-proxy 0.5.44

package/README.md

@@ -0,0 +1,67 @@
+# @mariozechner/pi-proxy
+
+CORS and authentication proxy for pi-ai. Enables browser clients to access OAuth-protected endpoints.
+
+## Usage
+
+### CORS Proxy
+
+Zero-config CORS proxy for development:
+
+```bash
+# Run directly with tsx
+npx tsx packages/proxy/src/cors-proxy.ts 3001
+
+# Or use npm script
+npm run dev -w @mariozechner/pi-proxy
+
+# Or install globally and use CLI
+npm install -g @mariozechner/pi-proxy
+pi-proxy 3001
+```
+
+The proxy will forward requests to any URL:
+
+```javascript
+// Instead of:
+fetch('https://api.anthropic.com/v1/messages', { ... })
+
+// Use:
+fetch('http://localhost:3001?url=https://api.anthropic.com/v1/messages', { ... })
+```
+
+### OAuth Integration
+
+For Anthropic OAuth tokens, configure your client to use the proxy:
+
+```typescript
+import Anthropic from '@anthropic-ai/sdk';
+
+const client = new Anthropic({
+  apiKey: 'oauth_token_here',
+  baseURL: 'http://localhost:3001?url=https://api.anthropic.com'
+});
+```
+
+## Future Proxy Types
+
+- **BunnyCDN Edge Function**: Deploy as edge function
+- **Managed Proxy**: Self-hosted with provider key management and credential auth
+- **Cloudflare Worker**: Deploy as CF worker
+
+## Architecture
+
+The proxy:
+1. Accepts requests with `?url=<target>` query parameter
+2. Forwards all headers (except `host`, `origin`)
+3. Forwards request body for non-GET/HEAD requests
+4. Returns response with CORS headers enabled
+5. Strips CORS headers from upstream response
+
+## Development
+
+```bash
+npm install
+npm run build
+npm run check
+```

package/dist/cli.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":""}

package/dist/cli.js

@@ -0,0 +1,14 @@
+#!/usr/bin/env node
+import { spawn } from "node:child_process";
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const port = process.argv[2] || "3001";
+// Run the CORS proxy
+const child = spawn("node", [path.join(__dirname, "cors-proxy.js"), port], {
+    stdio: "inherit",
+});
+child.on("exit", (code) => {
+    process.exit(code || 0);
+});
+//# sourceMappingURL=cli.js.map

package/dist/cli.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC3C,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAC/D,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;AAEvC,qBAAqB;AACrB,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,EAAE,IAAI,CAAC,EAAE;IAC1E,KAAK,EAAE,SAAS;CAChB,CAAC,CAAC;AAEH,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;IACzB,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC;AACzB,CAAC,CAAC,CAAC","sourcesContent":["#!/usr/bin/env node\nimport { spawn } from \"node:child_process\";\nimport path from \"node:path\";\nimport { fileURLToPath } from \"node:url\";\n\nconst __dirname = path.dirname(fileURLToPath(import.meta.url));\nconst port = process.argv[2] || \"3001\";\n\n// Run the CORS proxy\nconst child = spawn(\"node\", [path.join(__dirname, \"cors-proxy.js\"), port], {\n\tstdio: \"inherit\",\n});\n\nchild.on(\"exit\", (code) => {\n\tprocess.exit(code || 0);\n});\n"]}

package/dist/cors-proxy.d.ts

@@ -0,0 +1,4 @@
+#!/usr/bin/env node
+import { Hono } from "hono";
+export declare function createCorsProxy(): Hono<import("hono/types").BlankEnv, import("hono/types").BlankSchema, "/">;
+//# sourceMappingURL=cors-proxy.d.ts.map

package/dist/cors-proxy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cors-proxy.d.ts","sourceRoot":"","sources":["../src/cors-proxy.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,wBAAgB,eAAe,+EAqD9B"}

package/dist/cors-proxy.js

@@ -0,0 +1,63 @@
+#!/usr/bin/env node
+import { serve } from "@hono/node-server";
+import { Hono } from "hono";
+import { cors } from "hono/cors";
+export function createCorsProxy() {
+    const app = new Hono();
+    // Enable CORS for all origins
+    app.use("*", cors());
+    // Proxy all requests
+    app.all("*", async (c) => {
+        const url = new URL(c.req.url);
+        const targetUrl = url.searchParams.get("url");
+        if (!targetUrl) {
+            return c.json({ error: "Missing 'url' query parameter" }, 400);
+        }
+        try {
+            // Forward the request
+            const headers = new Headers();
+            c.req.raw.headers.forEach((value, key) => {
+                // Skip host and origin headers
+                if (key.toLowerCase() !== "host" && key.toLowerCase() !== "origin") {
+                    headers.set(key, value);
+                }
+            });
+            const response = await fetch(targetUrl, {
+                method: c.req.method,
+                headers,
+                body: c.req.method !== "GET" && c.req.method !== "HEAD" ? await c.req.raw.clone().arrayBuffer() : undefined,
+            });
+            // Forward response headers
+            const responseHeaders = new Headers();
+            response.headers.forEach((value, key) => {
+                // Skip CORS headers (we handle them)
+                if (!key.toLowerCase().startsWith("access-control-")) {
+                    responseHeaders.set(key, value);
+                }
+            });
+            // Return proxied response
+            return new Response(response.body, {
+                status: response.status,
+                statusText: response.statusText,
+                headers: responseHeaders,
+            });
+        }
+        catch (error) {
+            console.error("Proxy error:", error);
+            return c.json({ error: error instanceof Error ? error.message : "Proxy request failed" }, 502);
+        }
+    });
+    return app;
+}
+// CLI entry point
+if (import.meta.url === `file://${process.argv[1]}`) {
+    const app = createCorsProxy();
+    const port = Number.parseInt(process.argv[2] || "3001", 10);
+    console.log(`🔌 CORS proxy running on http://localhost:${port}`);
+    console.log(`Usage: http://localhost:${port}?url=<target-url>`);
+    serve({
+        fetch: app.fetch,
+        port,
+    });
+}
+//# sourceMappingURL=cors-proxy.js.map

package/dist/cors-proxy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cors-proxy.js","sourceRoot":"","sources":["../src/cors-proxy.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAC1C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,MAAM,UAAU,eAAe;IAC9B,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IAEvB,8BAA8B;IAC9B,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;IAErB,qBAAqB;IACrB,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACxB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,SAAS,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAE9C,IAAI,CAAC,SAAS,EAAE,CAAC;YAChB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,+BAA+B,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,CAAC;YACJ,sBAAsB;YACtB,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;YAC9B,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;gBACxC,+BAA+B;gBAC/B,IAAI,GAAG,CAAC,WAAW,EAAE,KAAK,MAAM,IAAI,GAAG,CAAC,WAAW,EAAE,KAAK,QAAQ,EAAE,CAAC;oBACpE,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;gBACzB,CAAC;YACF,CAAC,CAAC,CAAC;YAEH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;gBACvC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM;gBACpB,OAAO;gBACP,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS;aAC3G,CAAC,CAAC;YAEH,2BAA2B;YAC3B,MAAM,eAAe,GAAG,IAAI,OAAO,EAAE,CAAC;YACtC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;gBACvC,qCAAqC;gBACrC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBACtD,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;gBACjC,CAAC;YACF,CAAC,CAAC,CAAC;YAEH,0BAA0B;YAC1B,OAAO,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE;gBAClC,MAAM,EAAE,QAAQ,CAAC,MAAM;gBACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;gBAC/B,OAAO,EAAE,eAAe;aACxB,CAAC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;YACrC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,sBAAsB,EAAE,EAAE,GAAG,CAAC,CAAC;QAChG,CAAC;IACF,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACZ,CAAC;AAED,kBAAkB;AAClB,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,UAAU,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IACrD,MAAM,GAAG,GAAG,eAAe,EAAE,CAAC;IAC9B,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,MAAM,EAAE,EAAE,CAAC,CAAC;IAE5D,OAAO,CAAC,GAAG,CAAC,6CAA6C,IAAI,EAAE,CAAC,CAAC;IACjE,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,mBAAmB,CAAC,CAAC;IAEhE,KAAK,CAAC;QACL,KAAK,EAAE,GAAG,CAAC,KAAK;QAChB,IAAI;KACJ,CAAC,CAAC;AACJ,CAAC","sourcesContent":["#!/usr/bin/env node\nimport { serve } from \"@hono/node-server\";\nimport { Hono } from \"hono\";\nimport { cors } from \"hono/cors\";\n\nexport function createCorsProxy() {\n\tconst app = new Hono();\n\n\t// Enable CORS for all origins\n\tapp.use(\"*\", cors());\n\n\t// Proxy all requests\n\tapp.all(\"*\", async (c) => {\n\t\tconst url = new URL(c.req.url);\n\t\tconst targetUrl = url.searchParams.get(\"url\");\n\n\t\tif (!targetUrl) {\n\t\t\treturn c.json({ error: \"Missing 'url' query parameter\" }, 400);\n\t\t}\n\n\t\ttry {\n\t\t\t// Forward the request\n\t\t\tconst headers = new Headers();\n\t\t\tc.req.raw.headers.forEach((value, key) => {\n\t\t\t\t// Skip host and origin headers\n\t\t\t\tif (key.toLowerCase() !== \"host\" && key.toLowerCase() !== \"origin\") {\n\t\t\t\t\theaders.set(key, value);\n\t\t\t\t}\n\t\t\t});\n\n\t\t\tconst response = await fetch(targetUrl, {\n\t\t\t\tmethod: c.req.method,\n\t\t\t\theaders,\n\t\t\t\tbody: c.req.method !== \"GET\" && c.req.method !== \"HEAD\" ? await c.req.raw.clone().arrayBuffer() : undefined,\n\t\t\t});\n\n\t\t\t// Forward response headers\n\t\t\tconst responseHeaders = new Headers();\n\t\t\tresponse.headers.forEach((value, key) => {\n\t\t\t\t// Skip CORS headers (we handle them)\n\t\t\t\tif (!key.toLowerCase().startsWith(\"access-control-\")) {\n\t\t\t\t\tresponseHeaders.set(key, value);\n\t\t\t\t}\n\t\t\t});\n\n\t\t\t// Return proxied response\n\t\t\treturn new Response(response.body, {\n\t\t\t\tstatus: response.status,\n\t\t\t\tstatusText: response.statusText,\n\t\t\t\theaders: responseHeaders,\n\t\t\t});\n\t\t} catch (error) {\n\t\t\tconsole.error(\"Proxy error:\", error);\n\t\t\treturn c.json({ error: error instanceof Error ? error.message : \"Proxy request failed\" }, 502);\n\t\t}\n\t});\n\n\treturn app;\n}\n\n// CLI entry point\nif (import.meta.url === `file://${process.argv[1]}`) {\n\tconst app = createCorsProxy();\n\tconst port = Number.parseInt(process.argv[2] || \"3001\", 10);\n\n\tconsole.log(`🔌 CORS proxy running on http://localhost:${port}`);\n\tconsole.log(`Usage: http://localhost:${port}?url=<target-url>`);\n\n\tserve({\n\t\tfetch: app.fetch,\n\t\tport,\n\t});\n}\n"]}

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+export { createCorsProxy } from "./cors-proxy.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/index.js

@@ -0,0 +1,2 @@
+export { createCorsProxy } from "./cors-proxy.js";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC","sourcesContent":["export { createCorsProxy } from \"./cors-proxy.js\";\n"]}

package/package.json

@@ -0,0 +1,27 @@
+{
+	"name": "@mariozechner/pi-proxy",
+	"version": "0.5.44",
+	"type": "module",
+	"description": "CORS and authentication proxy for pi-ai",
+	"main": "dist/index.js",
+	"types": "dist/index.d.ts",
+	"bin": {
+		"pi-proxy": "dist/cli.js"
+	},
+	"scripts": {
+		"clean": "rm -rf dist",
+		"build": "tsc",
+		"check": "biome check --write .",
+		"typecheck": "tsc --noEmit",
+		"dev": "tsx src/cors-proxy.ts 3001"
+	},
+	"dependencies": {
+		"@hono/node-server": "^1.14.0",
+		"hono": "^4.6.16"
+	},
+	"devDependencies": {
+		"@types/node": "^22.10.5",
+		"tsx": "^4.19.2",
+		"typescript": "^5.7.3"
+	}
+}

package/src/cli.ts

@@ -0,0 +1,16 @@
+#!/usr/bin/env node
+import { spawn } from "node:child_process";
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const port = process.argv[2] || "3001";
+
+// Run the CORS proxy
+const child = spawn("node", [path.join(__dirname, "cors-proxy.js"), port], {
+	stdio: "inherit",
+});
+
+child.on("exit", (code) => {
+	process.exit(code || 0);
+});

package/src/cors-proxy.ts

@@ -0,0 +1,73 @@
+#!/usr/bin/env node
+import { serve } from "@hono/node-server";
+import { Hono } from "hono";
+import { cors } from "hono/cors";
+
+export function createCorsProxy() {
+	const app = new Hono();
+
+	// Enable CORS for all origins
+	app.use("*", cors());
+
+	// Proxy all requests
+	app.all("*", async (c) => {
+		const url = new URL(c.req.url);
+		const targetUrl = url.searchParams.get("url");
+
+		if (!targetUrl) {
+			return c.json({ error: "Missing 'url' query parameter" }, 400);
+		}
+
+		try {
+			// Forward the request
+			const headers = new Headers();
+			c.req.raw.headers.forEach((value, key) => {
+				// Skip host and origin headers
+				if (key.toLowerCase() !== "host" && key.toLowerCase() !== "origin") {
+					headers.set(key, value);
+				}
+			});
+
+			const response = await fetch(targetUrl, {
+				method: c.req.method,
+				headers,
+				body: c.req.method !== "GET" && c.req.method !== "HEAD" ? await c.req.raw.clone().arrayBuffer() : undefined,
+			});
+
+			// Forward response headers
+			const responseHeaders = new Headers();
+			response.headers.forEach((value, key) => {
+				// Skip CORS headers (we handle them)
+				if (!key.toLowerCase().startsWith("access-control-")) {
+					responseHeaders.set(key, value);
+				}
+			});
+
+			// Return proxied response
+			return new Response(response.body, {
+				status: response.status,
+				statusText: response.statusText,
+				headers: responseHeaders,
+			});
+		} catch (error) {
+			console.error("Proxy error:", error);
+			return c.json({ error: error instanceof Error ? error.message : "Proxy request failed" }, 502);
+		}
+	});
+
+	return app;
+}
+
+// CLI entry point
+if (import.meta.url === `file://${process.argv[1]}`) {
+	const app = createCorsProxy();
+	const port = Number.parseInt(process.argv[2] || "3001", 10);
+
+	console.log(`🔌 CORS proxy running on http://localhost:${port}`);
+	console.log(`Usage: http://localhost:${port}?url=<target-url>`);
+
+	serve({
+		fetch: app.fetch,
+		port,
+	});
+}

package/src/index.ts

@@ -0,0 +1 @@
+export { createCorsProxy } from "./cors-proxy.js";

package/tsconfig.json

@@ -0,0 +1,8 @@
+{
+	"extends": "../../tsconfig.base.json",
+	"compilerOptions": {
+		"outDir": "dist",
+		"rootDir": "src"
+	},
+	"include": ["src/**/*"]
+}