@meru2802/aux-server 1.0.0

package/dist/lib/utils/index.js

@@ -0,0 +1,78 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CookieEncryptionError = void 0;
+exports.encodeCookie = encodeCookie;
+exports.getBinaryKey = getBinaryKey;
+const crypto = __importStar(require("crypto"));
+class CookieEncryptionError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "CookieEncryptionError";
+    }
+}
+exports.CookieEncryptionError = CookieEncryptionError;
+function encodeCookie(o, key) {
+    try {
+        if (key == null) {
+            return null;
+        }
+        if (key.length < 32) {
+            throw new CookieEncryptionError("Key must be at least 32 bytes long");
+        }
+        const objectToEncode = { ...o };
+        objectToEncode.time = Math.floor(Date.now() / 1000);
+        const iv = crypto.randomBytes(12);
+        const cipher = crypto.createCipheriv("aes-256-gcm", key.subarray(0, 32), iv);
+        const crypted = Buffer.concat([
+            cipher.update(JSON.stringify(objectToEncode), "utf8"),
+            cipher.final(),
+        ]);
+        const authTag = cipher.getAuthTag();
+        return Buffer.concat([iv, authTag, crypted])
+            .toString("base64")
+            .replace(/\+/g, "@")
+            .replace(/\//g, "$");
+    }
+    catch (e) {
+        if (e instanceof CookieEncryptionError) {
+            throw e;
+        }
+        return null;
+    }
+}
+function getBinaryKey(key) {
+    return Buffer.from(key, "hex");
+}

package/dist/lib/utils/index.test.d.ts

@@ -0,0 +1,3 @@
+declare function runTests(): boolean;
+export { runTests };
+//# sourceMappingURL=index.test.d.ts.map

package/dist/lib/utils/index.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.test.d.ts","sourceRoot":"","sources":["../../../src/lib/utils/index.test.ts"],"names":[],"mappings":"AAWA,iBAAS,QAAQ,YAsLhB;AAGD,OAAO,EAAE,QAAQ,EAAE,CAAC"}

package/dist/lib/utils/index.test.js

@@ -0,0 +1,197 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runTests = runTests;
+const crypto = __importStar(require("crypto"));
+const index_1 = require("./index");
+// Test suite for cookie utilities
+function runTests() {
+    console.log("🧪 Running Cookie Utility Tests...\n");
+    let passed = 0;
+    let failed = 0;
+    function test(name, testFn) {
+        try {
+            testFn();
+            console.log(`✅ ${name}`);
+            passed++;
+        }
+        catch (error) {
+            const errorMessage = error instanceof Error ? error.message : String(error);
+            console.log(`❌ ${name}: ${errorMessage}`);
+            failed++;
+        }
+    }
+    function assert(condition, message) {
+        if (!condition) {
+            throw new Error(message);
+        }
+    }
+    function assertEquals(actual, expected, message) {
+        if (JSON.stringify(actual) !== JSON.stringify(expected)) {
+            throw new Error(`${message}. Expected: ${JSON.stringify(expected)}, Got: ${JSON.stringify(actual)}`);
+        }
+    }
+    // Test 1: Generate cookie key
+    test("generateCookieKey() generates 32-byte key", () => {
+        const key = (0, index_1.generateCookieKey)();
+        assert(Buffer.isBuffer(key), "Should return a Buffer");
+        assert(key.length === 32, "Should be 32 bytes long");
+    });
+    // Test 2: Basic encode/decode functionality
+    test("encodeCookie() and decodeCookie() basic functionality", () => {
+        const key = (0, index_1.generateCookieKey)();
+        const testData = {
+            userId: "123",
+            role: "admin",
+            preferences: { theme: "dark" }
+        };
+        const encoded = (0, index_1.encodeCookie)(testData, key);
+        assert(encoded !== null, "Encoding should succeed");
+        assert(typeof encoded === "string", "Should return a string");
+        const decoded = (0, index_1.decodeCookie)(encoded, key);
+        assert(decoded !== null, "Decoding should succeed");
+        assert(decoded !== null && decoded.userId === testData.userId, "userId should match");
+        assert(decoded !== null && decoded.role === testData.role, "role should match");
+        assert(decoded !== null && typeof decoded.time === "number", "time should be added");
+    });
+    // Test 3: URL-safe base64 encoding
+    test("encoded string is URL-safe", () => {
+        const key = (0, index_1.generateCookieKey)();
+        const testData = { test: "data" };
+        const encoded = (0, index_1.encodeCookie)(testData, key);
+        assert(encoded !== null, "Encoding should succeed");
+        assert(!encoded.includes("+"), "Should not contain +");
+        assert(!encoded.includes("/"), "Should not contain /");
+        assert(encoded.includes("@") || encoded.includes("$") || true, "May contain URL-safe replacements");
+    });
+    // Test 4: Null key handling
+    test("handles null key gracefully", () => {
+        const testData = { test: "data" };
+        const encoded = (0, index_1.encodeCookie)(testData, null);
+        assert(encoded === null, "Should return null for null key");
+        const decoded = (0, index_1.decodeCookie)("somestring", null);
+        assert(decoded === null, "Should return null for null key");
+    });
+    // Test 5: Invalid key length
+    test("throws error for short key", () => {
+        const shortKey = Buffer.from("short");
+        const testData = { test: "data" };
+        try {
+            (0, index_1.encodeCookie)(testData, shortKey);
+            throw new Error("Should have thrown an error");
+        }
+        catch (error) {
+            assert(error instanceof index_1.CookieEncryptionError, "Should throw CookieEncryptionError");
+            assert(error instanceof Error && error.message.includes("32 bytes"), "Error message should mention 32 bytes");
+        }
+    });
+    // Test 6: Invalid encoded string
+    test("handles invalid encoded string", () => {
+        const key = (0, index_1.generateCookieKey)();
+        const decoded1 = (0, index_1.decodeCookie)("invalid", key);
+        assert(decoded1 === null, "Should return null for invalid string");
+        const decoded2 = (0, index_1.decodeCookie)("", key);
+        assert(decoded2 === null, "Should return null for empty string");
+    });
+    // Test 7: Object mutation prevention
+    test("does not mutate original object", () => {
+        const key = (0, index_1.generateCookieKey)();
+        const original = { userId: "123", role: "admin" };
+        const originalCopy = { ...original };
+        (0, index_1.encodeCookie)(original, key);
+        assertEquals(original, originalCopy, "Original object should not be mutated");
+    });
+    // Test 8: Time validation
+    test("isValidCookieAge() functionality", () => {
+        const currentTime = Math.floor(Date.now() / 1000);
+        // Valid cookie (within age limit)
+        const validCookie = { time: currentTime - 30, userId: "123" };
+        assert((0, index_1.isValidCookieAge)(validCookie, 60), "Should be valid (30 seconds old, max 60)");
+        // Expired cookie
+        const expiredCookie = { time: currentTime - 120, userId: "123" };
+        assert(!(0, index_1.isValidCookieAge)(expiredCookie, 60), "Should be invalid (120 seconds old, max 60)");
+        // Cookie without time
+        const noTimeCookie = { userId: "123" };
+        assert(!(0, index_1.isValidCookieAge)(noTimeCookie, 60), "Should be invalid (no time)");
+        // Cookie with invalid time
+        const invalidTimeCookie = { time: "invalid", userId: "123" };
+        assert(!(0, index_1.isValidCookieAge)(invalidTimeCookie, 60), "Should be invalid (invalid time type)");
+    });
+    // Test 9: Large data handling
+    test("handles large data objects", () => {
+        const key = (0, index_1.generateCookieKey)();
+        const largeData = {
+            userId: "123",
+            data: "x".repeat(1000), // 1KB of data
+            nested: {
+                deep: {
+                    structure: {
+                        with: "values"
+                    }
+                }
+            }
+        };
+        const encoded = (0, index_1.encodeCookie)(largeData, key);
+        assert(encoded !== null, "Should encode large data");
+        const decoded = (0, index_1.decodeCookie)(encoded, key);
+        assert(decoded !== null, "Should decode large data");
+        assert(decoded !== null && decoded.data === largeData.data, "Large data should match");
+    });
+    // Test 10: Key with different lengths
+    test("handles keys longer than 32 bytes", () => {
+        const longKey = crypto.randomBytes(64); // 64 bytes
+        const testData = { test: "data" };
+        const encoded = (0, index_1.encodeCookie)(testData, longKey);
+        assert(encoded !== null, "Should work with long key");
+        const decoded = (0, index_1.decodeCookie)(encoded, longKey);
+        assert(decoded !== null, "Should decode with long key");
+        assert(decoded !== null && decoded.test === testData.test, "Data should match");
+    });
+    // Summary
+    console.log(`\n📊 Test Results: ${passed} passed, ${failed} failed`);
+    if (failed === 0) {
+        console.log("🎉 All tests passed!");
+        return true;
+    }
+    else {
+        console.log("💥 Some tests failed!");
+        return false;
+    }
+}
+// Run tests if this file is executed directly
+if (require.main === module) {
+    const success = runTests();
+    process.exit(success ? 0 : 1);
+}

package/dist/middleware/BaseMiddleware.d.ts

@@ -0,0 +1,13 @@
+import { Pool } from "pg";
+import { IServiceContainer } from "../services/ServiceContainer";
+import { Config } from "../types";
+import { WebSocket } from "ws";
+export declare abstract class BaseMiddleware {
+    protected serviceContainer: IServiceContainer;
+    constructor(serviceContainer?: IServiceContainer);
+    protected get dbPool(): Pool;
+    protected get webSocket(): WebSocket | null;
+    protected get config(): Config;
+    protected get isWebSocketConnected(): boolean;
+}
+//# sourceMappingURL=BaseMiddleware.d.ts.map

package/dist/middleware/BaseMiddleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"BaseMiddleware.d.ts","sourceRoot":"","sources":["../../src/middleware/BaseMiddleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,IAAI,CAAC;AAC1B,OAAO,EACL,iBAAiB,EAElB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAClC,OAAO,EAAE,SAAS,EAAE,MAAM,IAAI,CAAC;AAE/B,8BAAsB,cAAc;IAClC,SAAS,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;gBAElC,gBAAgB,CAAC,EAAE,iBAAiB;IAIhD,SAAS,KAAK,MAAM,IAAI,IAAI,CAE3B;IAED,SAAS,KAAK,SAAS,IAAI,SAAS,GAAG,IAAI,CAE1C;IAED,SAAS,KAAK,MAAM,IAAI,MAAM,CAE7B;IAED,SAAS,KAAK,oBAAoB,IAAI,OAAO,CAE5C;CACF"}

package/dist/middleware/BaseMiddleware.js

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BaseMiddleware = void 0;
+const ServiceContainer_1 = require("../services/ServiceContainer");
+class BaseMiddleware {
+    constructor(serviceContainer) {
+        this.serviceContainer = serviceContainer || ServiceContainer_1.ServiceContainer.getInstance();
+    }
+    get dbPool() {
+        return this.serviceContainer.getDatabaseService().getPool();
+    }
+    get webSocket() {
+        return this.serviceContainer.getWebSocketService().getWebSocket();
+    }
+    get config() {
+        return this.serviceContainer.getConfig();
+    }
+    get isWebSocketConnected() {
+        return this.serviceContainer.getWebSocketService().isConnected();
+    }
+}
+exports.BaseMiddleware = BaseMiddleware;

package/dist/middleware/authMiddleware.d.ts

@@ -0,0 +1,9 @@
+import { Request, Response, NextFunction } from "express";
+import { IServiceContainer } from "../services/ServiceContainer";
+import { BaseMiddleware } from "./BaseMiddleware";
+export declare class AuthMiddleware extends BaseMiddleware {
+    constructor(serviceContainer?: IServiceContainer);
+    hmacAuth: (req: Request, res: Response, next: NextFunction) => void;
+    icebergAuth: (req: Request, res: Response, next: NextFunction) => Promise<void>;
+}
+//# sourceMappingURL=authMiddleware.d.ts.map

package/dist/middleware/authMiddleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"authMiddleware.d.ts","sourceRoot":"","sources":["../../src/middleware/authMiddleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC1D,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAKlD,qBAAa,cAAe,SAAQ,cAAc;gBACpC,gBAAgB,CAAC,EAAE,iBAAiB;IAIzC,QAAQ,GAAI,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,UAyKhE;IAEK,WAAW,GAChB,KAAK,OAAO,EACZ,KAAK,QAAQ,EACb,MAAM,YAAY,KACjB,OAAO,CAAC,IAAI,CAAC,CAgFd;CACH"}

package/dist/middleware/authMiddleware.js

@@ -0,0 +1,287 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthMiddleware = void 0;
+const crypto = __importStar(require("crypto"));
+const BaseMiddleware_1 = require("./BaseMiddleware");
+const qs_1 = __importDefault(require("qs"));
+const axios_1 = __importDefault(require("axios"));
+class AuthMiddleware extends BaseMiddleware_1.BaseMiddleware {
+    constructor(serviceContainer) {
+        super(serviceContainer);
+        this.hmacAuth = (req, res, next) => {
+            try {
+                const signature = req.headers["x-hmac-signature"];
+                const timestamp = req.headers["x-hmac-timestamp"];
+                const nonce = req.headers["x-hmac-nonce"];
+                if (!signature || !timestamp || !nonce) {
+                    const unauthorizedResponse = {
+                        error: "UnauthorizedException",
+                        code: 401,
+                        message: [
+                            "missing 'x-hmac-signature' or 'x-hmac-nonce' or 'x-hmac-timestamp' headers",
+                        ],
+                        path: req.path,
+                        timestamp: new Date().toISOString(),
+                    };
+                    res.status(401).json(unauthorizedResponse);
+                    return;
+                }
+                // Validate timestamp format and convert to number
+                let requestTime;
+                try {
+                    requestTime = parseInt(timestamp.toString());
+                    if (isNaN(requestTime)) {
+                        throw new Error("Invalid timestamp format");
+                    }
+                }
+                catch (timestampError) {
+                    const unauthorizedResponse = {
+                        error: "UnauthorizedException",
+                        code: 401,
+                        message: ["invalid 'x-hmac-timestamp' format"],
+                        path: req.path,
+                        timestamp: new Date().toISOString(),
+                    };
+                    res.status(401).json(unauthorizedResponse);
+                    return;
+                }
+                try {
+                    if (Math.abs(Date.now() - requestTime) > 5 * 60 * 1000) {
+                        const unauthorizedResponse = {
+                            error: "UnauthorizedException",
+                            code: 401,
+                            message: ["hmac-signature is expired"],
+                            path: req.path,
+                            timestamp: new Date().toISOString(),
+                        };
+                        res.status(401).json(unauthorizedResponse);
+                        return;
+                    }
+                }
+                catch (timeError) {
+                    console.error("Error checking timestamp validity:", timeError);
+                    const unauthorizedResponse = {
+                        error: "UnauthorizedException",
+                        code: 401,
+                        message: ["error validating request timestamp"],
+                        path: req.path,
+                        timestamp: new Date().toISOString(),
+                    };
+                    res.status(401).json(unauthorizedResponse);
+                    return;
+                }
+                let bodyHash;
+                try {
+                    bodyHash = req.body
+                        ? crypto
+                            .createHash("sha256")
+                            .update(Buffer.from(JSON.stringify(req.body)))
+                            .digest("hex")
+                        : "";
+                }
+                catch (hashError) {
+                    console.error("Error generating body hash:", hashError);
+                    const unauthorizedResponse = {
+                        error: "UnauthorizedException",
+                        code: 401,
+                        message: ["error processing request body"],
+                        path: req.path,
+                        timestamp: new Date().toISOString(),
+                    };
+                    res.status(401).json(unauthorizedResponse);
+                    return;
+                }
+                let message;
+                try {
+                    message = [
+                        req.method,
+                        req.originalUrl,
+                        timestamp,
+                        nonce,
+                        `content-type:application/json;host:${req.hostname}`,
+                        bodyHash,
+                    ].join("\n");
+                }
+                catch (messageError) {
+                    console.error("Error constructing HMAC message:", messageError);
+                    const unauthorizedResponse = {
+                        error: "UnauthorizedException",
+                        code: 401,
+                        message: ["error processing request data"],
+                        path: req.path,
+                        timestamp: new Date().toISOString(),
+                    };
+                    res.status(401).json(unauthorizedResponse);
+                    return;
+                }
+                let expected;
+                try {
+                    if (!this.config.icebergConfig.HMAC_SECRET) {
+                        throw new Error("HMAC_SECRET is not configured");
+                    }
+                    expected = crypto
+                        .createHmac("sha256", this.config.icebergConfig.HMAC_SECRET)
+                        .update(message)
+                        .digest("hex");
+                }
+                catch (hmacError) {
+                    console.error("Error generating HMAC signature:", hmacError);
+                    const unauthorizedResponse = {
+                        error: "UnauthorizedException",
+                        code: 401,
+                        message: ["error validating request signature"],
+                        path: req.path,
+                        timestamp: new Date().toISOString(),
+                    };
+                    res.status(401).json(unauthorizedResponse);
+                    return;
+                }
+                try {
+                    if (signature !== expected) {
+                        const unauthorizedResponse = {
+                            error: "InvalidSignature",
+                            code: 401,
+                            message: ["x-hmac-signature is invalid"],
+                            path: req.path,
+                            timestamp: new Date().toISOString(),
+                        };
+                        res.status(401).json(unauthorizedResponse);
+                        return;
+                    }
+                }
+                catch (comparisonError) {
+                    console.error("Error comparing signatures:", comparisonError);
+                    const unauthorizedResponse = {
+                        error: "UnauthorizedException",
+                        code: 401,
+                        message: ["error validating request signature"],
+                        path: req.path,
+                        timestamp: new Date().toISOString(),
+                    };
+                    res.status(401).json(unauthorizedResponse);
+                    return;
+                }
+                next();
+            }
+            catch (error) {
+                console.error("Unexpected error in HMAC authentication:", error);
+                const unauthorizedResponse = {
+                    error: "UnauthorizedException",
+                    code: 401,
+                    message: ["authentication failed due to internal error"],
+                    path: req.path,
+                    timestamp: new Date().toISOString(),
+                };
+                res.status(401).json(unauthorizedResponse);
+                return;
+            }
+        };
+        this.icebergAuth = async (req, res, next) => {
+            try {
+                const { access_token } = req.cookies;
+                if (!access_token) {
+                    const unauthorizedResponse = {
+                        error: "UnauthorizedException",
+                        code: 401,
+                        message: ["missing 'access_token' cookie"],
+                        path: req.path,
+                        timestamp: new Date().toISOString(),
+                    };
+                    res.status(401).json(unauthorizedResponse);
+                    return;
+                }
+                let token = qs_1.default.stringify({
+                    token: access_token,
+                });
+                try {
+                    const introspect_result = await axios_1.default.post(this.config.icebergConfig.introspectEndpoint, token, {
+                        headers: {
+                            "Content-Type": "application/x-www-form-urlencoded",
+                        },
+                    });
+                    if (introspect_result.status != 200) {
+                        const unauthorizedResponse = {
+                            error: introspect_result.statusText,
+                            code: introspect_result.status,
+                            message: [introspect_result.data],
+                            path: req.path,
+                            timestamp: new Date().toISOString(),
+                        };
+                        res.status(401).json(unauthorizedResponse);
+                        return;
+                    }
+                    const token_data = introspect_result.data;
+                    if (!token_data.active) {
+                        const unauthorizedResponse = {
+                            error: "UnauthorizedException",
+                            code: 401,
+                            message: ["access token is expired"],
+                            path: req.path,
+                            timestamp: new Date().toISOString(),
+                        };
+                        res.status(401).json(unauthorizedResponse);
+                        return;
+                    }
+                    req.body.userId = token_data.user_id;
+                    next();
+                }
+                catch (error) {
+                    console.error("Error validating access token:", error);
+                    const errorResponse = {
+                        error: error instanceof Error
+                            ? error.message
+                            : "Failed to validate access token",
+                        timestamp: new Date().toISOString(),
+                    };
+                    res.status(500).json(errorResponse);
+                    return;
+                }
+            }
+            catch (error) {
+                console.error("Error validating access token:", error);
+                const errorResponse = {
+                    error: "Internal server error",
+                    timestamp: new Date().toISOString(),
+                };
+                res.status(500).json(errorResponse);
+            }
+        };
+    }
+}
+exports.AuthMiddleware = AuthMiddleware;

package/dist/middleware/index.d.ts

@@ -0,0 +1,11 @@
+import { Request, Response, NextFunction } from "express";
+import { CorsOptions } from "cors";
+import express from "express";
+import z from "zod";
+export declare function validateData<T extends z.ZodObject>(schema: T): (req: Request, res: Response, next: NextFunction) => void;
+export declare const requestLogger: (req: Request, res: Response, next: NextFunction) => void;
+export declare const errorHandler: (error: Error, req: Request, res: Response, next: NextFunction) => void;
+export declare const notFoundHandler: (req: Request, res: Response) => void;
+export declare const setupMiddleware: (app: express.Application, corsOptions: CorsOptions) => void;
+export declare const asyncHandler: (fn: Function) => (req: Request, res: Response, next: NextFunction) => void;
+//# sourceMappingURL=index.d.ts.map

package/dist/middleware/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC1D,OAAa,EAAE,WAAW,EAAE,MAAM,MAAM,CAAC;AAEzC,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,CAAC,MAAM,KAAK,CAAC;AAEpB,wBAAgB,YAAY,CAAC,CAAC,SAAS,CAAC,CAAC,SAAS,EAAE,MAAM,EAAE,CAAC,IACnD,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,UAsDxD;AAED,eAAO,MAAM,aAAa,GACxB,KAAK,OAAO,EACZ,KAAK,QAAQ,EACb,MAAM,YAAY,KACjB,IAGF,CAAC;AAEF,eAAO,MAAM,YAAY,GACvB,OAAO,KAAK,EACZ,KAAK,OAAO,EACZ,KAAK,QAAQ,EACb,MAAM,YAAY,KACjB,IAwBF,CAAC;AAEF,eAAO,MAAM,eAAe,GAAI,KAAK,OAAO,EAAE,KAAK,QAAQ,KAAG,IAO7D,CAAC;AAEF,eAAO,MAAM,eAAe,GAC1B,KAAK,OAAO,CAAC,WAAW,EACxB,aAAa,WAAW,KACvB,IAUF,CAAC;AAEF,eAAO,MAAM,YAAY,GAAI,IAAI,QAAQ,MAC/B,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,SAcxD,CAAC"}