@naylence/runtime 0.3.21 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (88) hide show
  1. package/dist/browser/index.cjs +3368 -1393
  2. package/dist/browser/index.mjs +3324 -1387
  3. package/dist/cjs/naylence/fame/factory-manifest.js +8 -0
  4. package/dist/cjs/naylence/fame/node/node-event-listener.js +4 -0
  5. package/dist/cjs/naylence/fame/security/auth/authorization-profile-factory.js +165 -0
  6. package/dist/cjs/naylence/fame/security/auth/default-policy-authorizer-factory.js +147 -0
  7. package/dist/cjs/naylence/fame/security/auth/default-policy-authorizer.js +291 -0
  8. package/dist/cjs/naylence/fame/security/auth/oauth2-authorizer-factory.js +7 -0
  9. package/dist/cjs/naylence/fame/security/auth/oauth2-authorizer.js +19 -4
  10. package/dist/cjs/naylence/fame/security/auth/policy/authorization-policy-definition.js +60 -0
  11. package/dist/cjs/naylence/fame/security/auth/policy/authorization-policy-factory.js +35 -0
  12. package/dist/cjs/naylence/fame/security/auth/policy/authorization-policy-source-factory.js +35 -0
  13. package/dist/cjs/naylence/fame/security/auth/policy/authorization-policy-source.js +2 -0
  14. package/dist/cjs/naylence/fame/security/auth/policy/authorization-policy.js +2 -0
  15. package/dist/cjs/naylence/fame/security/auth/policy/basic-authorization-policy-factory.js +99 -0
  16. package/dist/cjs/naylence/fame/security/auth/policy/basic-authorization-policy.js +449 -0
  17. package/dist/cjs/naylence/fame/security/auth/policy/index.js +40 -0
  18. package/dist/cjs/naylence/fame/security/auth/policy/local-file-authorization-policy-source-factory.js +101 -0
  19. package/dist/cjs/naylence/fame/security/auth/policy/local-file-authorization-policy-source.js +164 -0
  20. package/dist/cjs/naylence/fame/security/auth/policy/pattern-matcher.js +195 -0
  21. package/dist/cjs/naylence/fame/security/auth/policy/scope-matcher.js +169 -0
  22. package/dist/cjs/naylence/fame/security/auth/policy-authorizer.js +2 -0
  23. package/dist/cjs/naylence/fame/security/default-security-manager.js +94 -0
  24. package/dist/cjs/naylence/fame/security/index.js +22 -1
  25. package/dist/cjs/naylence/fame/security/node-security-profile-factory.js +15 -73
  26. package/dist/cjs/naylence/fame/sentinel/router.js +67 -1
  27. package/dist/cjs/naylence/fame/sentinel/sentinel.js +46 -2
  28. package/dist/cjs/naylence/fame/util/register-runtime-factories.js +2 -0
  29. package/dist/cjs/version.js +2 -2
  30. package/dist/esm/naylence/fame/factory-manifest.js +8 -0
  31. package/dist/esm/naylence/fame/node/node-event-listener.js +4 -0
  32. package/dist/esm/naylence/fame/security/auth/authorization-profile-factory.js +161 -0
  33. package/dist/esm/naylence/fame/security/auth/default-policy-authorizer-factory.js +110 -0
  34. package/dist/esm/naylence/fame/security/auth/default-policy-authorizer.js +287 -0
  35. package/dist/esm/naylence/fame/security/auth/oauth2-authorizer-factory.js +7 -0
  36. package/dist/esm/naylence/fame/security/auth/oauth2-authorizer.js +19 -4
  37. package/dist/esm/naylence/fame/security/auth/policy/authorization-policy-definition.js +57 -0
  38. package/dist/esm/naylence/fame/security/auth/policy/authorization-policy-factory.js +31 -0
  39. package/dist/esm/naylence/fame/security/auth/policy/authorization-policy-source-factory.js +31 -0
  40. package/dist/esm/naylence/fame/security/auth/policy/authorization-policy-source.js +1 -0
  41. package/dist/esm/naylence/fame/security/auth/policy/authorization-policy.js +1 -0
  42. package/dist/esm/naylence/fame/security/auth/policy/basic-authorization-policy-factory.js +62 -0
  43. package/dist/esm/naylence/fame/security/auth/policy/basic-authorization-policy.js +445 -0
  44. package/dist/esm/naylence/fame/security/auth/policy/index.js +20 -0
  45. package/dist/esm/naylence/fame/security/auth/policy/local-file-authorization-policy-source-factory.js +64 -0
  46. package/dist/esm/naylence/fame/security/auth/policy/local-file-authorization-policy-source.js +127 -0
  47. package/dist/esm/naylence/fame/security/auth/policy/pattern-matcher.js +185 -0
  48. package/dist/esm/naylence/fame/security/auth/policy/scope-matcher.js +162 -0
  49. package/dist/esm/naylence/fame/security/auth/policy-authorizer.js +1 -0
  50. package/dist/esm/naylence/fame/security/default-security-manager.js +94 -0
  51. package/dist/esm/naylence/fame/security/index.js +5 -1
  52. package/dist/esm/naylence/fame/security/node-security-profile-factory.js +14 -72
  53. package/dist/esm/naylence/fame/sentinel/router.js +64 -0
  54. package/dist/esm/naylence/fame/sentinel/sentinel.js +47 -3
  55. package/dist/esm/naylence/fame/util/register-runtime-factories.js +2 -0
  56. package/dist/esm/version.js +2 -2
  57. package/dist/node/index.cjs +3364 -1389
  58. package/dist/node/index.mjs +3324 -1387
  59. package/dist/node/node.cjs +3416 -1425
  60. package/dist/node/node.mjs +3376 -1423
  61. package/dist/types/naylence/fame/factory-manifest.d.ts +1 -1
  62. package/dist/types/naylence/fame/node/node-event-listener.d.ts +31 -0
  63. package/dist/types/naylence/fame/security/auth/authorization-profile-factory.d.ts +29 -0
  64. package/dist/types/naylence/fame/security/auth/authorizer.d.ts +37 -0
  65. package/dist/types/naylence/fame/security/auth/default-policy-authorizer-factory.d.ts +55 -0
  66. package/dist/types/naylence/fame/security/auth/default-policy-authorizer.d.ts +99 -0
  67. package/dist/types/naylence/fame/security/auth/oauth2-authorizer-factory.d.ts +2 -0
  68. package/dist/types/naylence/fame/security/auth/oauth2-authorizer.d.ts +2 -0
  69. package/dist/types/naylence/fame/security/auth/policy/authorization-policy-definition.d.ts +166 -0
  70. package/dist/types/naylence/fame/security/auth/policy/authorization-policy-factory.d.ts +38 -0
  71. package/dist/types/naylence/fame/security/auth/policy/authorization-policy-source-factory.d.ts +38 -0
  72. package/dist/types/naylence/fame/security/auth/policy/authorization-policy-source.d.ts +20 -0
  73. package/dist/types/naylence/fame/security/auth/policy/authorization-policy.d.ts +55 -0
  74. package/dist/types/naylence/fame/security/auth/policy/basic-authorization-policy-factory.d.ts +42 -0
  75. package/dist/types/naylence/fame/security/auth/policy/basic-authorization-policy.d.ts +78 -0
  76. package/dist/types/naylence/fame/security/auth/policy/index.d.ts +19 -0
  77. package/dist/types/naylence/fame/security/auth/policy/local-file-authorization-policy-source-factory.d.ts +51 -0
  78. package/dist/types/naylence/fame/security/auth/policy/local-file-authorization-policy-source.d.ts +67 -0
  79. package/dist/types/naylence/fame/security/auth/policy/pattern-matcher.d.ts +84 -0
  80. package/dist/types/naylence/fame/security/auth/policy/scope-matcher.d.ts +61 -0
  81. package/dist/types/naylence/fame/security/auth/policy-authorizer.d.ts +12 -0
  82. package/dist/types/naylence/fame/security/default-security-manager.d.ts +22 -0
  83. package/dist/types/naylence/fame/security/index.d.ts +5 -1
  84. package/dist/types/naylence/fame/security/node-security-profile-factory.d.ts +2 -0
  85. package/dist/types/naylence/fame/sentinel/router.d.ts +68 -0
  86. package/dist/types/naylence/fame/sentinel/sentinel.d.ts +16 -0
  87. package/dist/types/version.d.ts +1 -1
  88. package/package.json +1 -1
package/dist/esm/naylence/fame/sentinel/sentinel.js CHANGED
@@ -20,7 +20,7 @@ import { AsyncEvent } from '../util/async-event.js';
20
20
  import { AsyncLock } from '../util/lock.js';
21
21
  import { createResource } from '../connector/connector-factory.js';
22
22
  import { UpstreamSessionManager } from '../node/upstream-session-manager.js';
23
- import { emitDeliveryNack, RouterState } from './router.js';
23
+ import { Drop, emitDeliveryNack, RouterState, } from './router.js';
24
24
  const logger = getLogger('naylence.fame.sentinel.sentinel');
25
25
  const ALLOWED_BEFORE_ATTACH = new Set(['NodeAttach']);
26
26
  const SYSTEM_INBOX = '__sys__';
@@ -280,8 +280,11 @@ export class Sentinel extends FameNode {
280
280
  }
281
281
  }
282
282
  const state = this.buildRouterState();
283
- const action = await this.routingPolicy.decide(processedEnvelope, state, context);
284
- await action.execute(processedEnvelope, this, state, context);
283
+ let action = await this.routingPolicy.decide(processedEnvelope, state, context);
284
+ // Dispatch onRoutingActionSelected hook to allow authorization/replacement
285
+ // The hook must return the action to execute; null/undefined/throw => Drop
286
+ const actionToExecute = await this.dispatchRoutingActionSelected(processedEnvelope, action, state, context);
287
+ await actionToExecute.execute(processedEnvelope, this, state, context);
285
288
  }
286
289
  async forwardToRoute(nextSegment, envelope, context) {
287
290
  if (this.originMatches(context, nextSegment, DeliveryOriginType.DOWNSTREAM)) {
@@ -827,6 +830,47 @@ export class Sentinel extends FameNode {
827
830
  });
828
831
  }
829
832
  }
833
+ /**
834
+ * Dispatches the onRoutingActionSelected event to all event listeners.
835
+ *
836
+ * This allows listeners (like DefaultSecurityManager) to authorize
837
+ * routing actions and optionally replace them with Deny actions.
838
+ *
839
+ * The hook must return the RoutingAction to execute. If a listener returns
840
+ * null, undefined, or throws, the router will execute a Drop action.
841
+ *
842
+ * @param envelope - The envelope being routed
843
+ * @param selected - The RoutingAction selected by the routing policy
844
+ * @param state - The current router state
845
+ * @param context - Optional delivery context
846
+ * @returns The RoutingAction to execute (never null/undefined)
847
+ */
848
+ async dispatchRoutingActionSelected(envelope, selected, state, context) {
849
+ let currentAction = selected;
850
+ for (const listener of this.eventListeners) {
851
+ if (typeof listener.onRoutingActionSelected !== 'function') {
852
+ continue;
853
+ }
854
+ try {
855
+ const result = await listener.onRoutingActionSelected(this, envelope, currentAction, state, context);
856
+ // null/undefined => treat as denial, execute Drop
857
+ if (result == null) {
858
+ return new Drop();
859
+ }
860
+ // Update current action for next listener in chain
861
+ currentAction = result;
862
+ }
863
+ catch (error) {
864
+ // Hook threw => treat as denial, execute Drop
865
+ logger.warning('routing_action_hook_error', {
866
+ envp_id: envelope.id,
867
+ error: error instanceof Error ? error.message : String(error),
868
+ });
869
+ return new Drop();
870
+ }
871
+ }
872
+ return currentAction;
873
+ }
830
874
  static async aserve(options = {}) {
831
875
  const { logLevel, rootConfig, config, node = null, fabric: providedFabric = null, signals = ['SIGINT', 'SIGTERM'], signal, ...fabricOptions } = options;
832
876
  const resolvedLevel = normalizeServeLogLevel(logLevel) ?? LogLevel.INFO;
package/dist/esm/naylence/fame/util/register-runtime-factories.js CHANGED
@@ -7,6 +7,8 @@ const NODE_ONLY_FACTORY_MODULES = new Set([
7
7
  './connector/websocket-listener-factory.js',
8
8
  './telemetry/open-telemetry-trace-emitter-factory.js',
9
9
  './security/credential/prompt-credential-provider-factory.js',
10
+ './security/auth/default-policy-authorizer-factory.js',
11
+ './security/auth/policy/local-file-authorization-policy-source-factory.js',
10
12
  ]);
11
13
  const BROWSER_ONLY_FACTORY_MODULES = new Set([
12
14
  './security/auth/oauth2-pkce-token-provider-factory.js',
package/dist/esm/version.js CHANGED
@@ -1,7 +1,7 @@
1
1
  // This file is auto-generated during build - do not edit manually
2
- // Generated from package.json version: 0.3.21
2
+ // Generated from package.json version: 0.4.1
3
3
  /**
4
4
  * The package version, injected at build time.
5
5
  * @internal
6
6
  */
7
- export const VERSION = '0.3.21';
7
+ export const VERSION = '0.4.1';