@noony-serverless/core 0.1.0

package/build/core/performanceMonitor.d.ts

@@ -0,0 +1,73 @@
+/**
+ * Performance monitoring utilities for production use
+ * Provides lightweight performance tracking without impacting application performance
+ */
+interface AggregatedMetrics {
+    count: number;
+    totalDuration: number;
+    averageDuration: number;
+    minDuration: number;
+    maxDuration: number;
+    p95Duration: number;
+}
+declare class PerformanceMonitor {
+    private metrics;
+    private readonly maxMetricsPerOperation;
+    private isEnabled;
+    constructor();
+    /**
+     * Start timing an operation
+     */
+    startTiming(operationName: string): () => void;
+    /**
+     * Time an async operation
+     */
+    timeAsync<T>(operationName: string, operation: () => Promise<T>): Promise<T>;
+    /**
+     * Time a synchronous operation
+     */
+    timeSync<T>(operationName: string, operation: () => T): T;
+    /**
+     * Record a metric manually
+     */
+    recordMetric(operationName: string, duration: number, metadata?: Record<string, unknown>): void;
+    /**
+     * Get aggregated metrics for an operation
+     */
+    getMetrics(operationName: string): AggregatedMetrics | null;
+    /**
+     * Get all metrics summary
+     */
+    getAllMetrics(): Record<string, AggregatedMetrics>;
+    /**
+     * Reset all metrics
+     */
+    reset(): void;
+    /**
+     * Get performance summary for health checks
+     */
+    getHealthSummary(): {
+        isEnabled: boolean;
+        trackedOperations: number;
+        totalMetrics: number;
+        slowOperations: Array<{
+            name: string;
+            avgDuration: number;
+        }>;
+    };
+    /**
+     * Enable or disable monitoring
+     */
+    setEnabled(enabled: boolean): void;
+}
+export declare const performanceMonitor: PerformanceMonitor;
+/**
+ * Decorator for timing method calls
+ */
+export declare function timed(operationName?: string): MethodDecorator;
+/**
+ * Decorator for timing synchronous method calls
+ */
+export declare function timedSync(operationName?: string): MethodDecorator;
+export {};
+//# sourceMappingURL=performanceMonitor.d.ts.map

package/build/core/performanceMonitor.js

@@ -0,0 +1,189 @@
+"use strict";
+/**
+ * Performance monitoring utilities for production use
+ * Provides lightweight performance tracking without impacting application performance
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.performanceMonitor = void 0;
+exports.timed = timed;
+exports.timedSync = timedSync;
+const logger_1 = require("./logger");
+class PerformanceMonitor {
+    metrics = new Map();
+    maxMetricsPerOperation = 1000; // Limit memory usage
+    isEnabled;
+    constructor() {
+        // Enable performance monitoring based on environment
+        this.isEnabled =
+            process.env.NODE_ENV === 'development' ||
+                process.env.PERFORMANCE_MONITORING === 'true';
+    }
+    /**
+     * Start timing an operation
+     */
+    startTiming(operationName) {
+        if (!this.isEnabled) {
+            return () => { }; // No-op function for production
+        }
+        const startTime = process.hrtime.bigint();
+        return () => {
+            const endTime = process.hrtime.bigint();
+            const duration = Number(endTime - startTime) / 1000000; // Convert to milliseconds
+            this.recordMetric(operationName, duration);
+        };
+    }
+    /**
+     * Time an async operation
+     */
+    async timeAsync(operationName, operation) {
+        if (!this.isEnabled) {
+            return operation();
+        }
+        const stopTiming = this.startTiming(operationName);
+        try {
+            const result = await operation();
+            return result;
+        }
+        finally {
+            stopTiming();
+        }
+    }
+    /**
+     * Time a synchronous operation
+     */
+    timeSync(operationName, operation) {
+        if (!this.isEnabled) {
+            return operation();
+        }
+        const stopTiming = this.startTiming(operationName);
+        try {
+            const result = operation();
+            return result;
+        }
+        finally {
+            stopTiming();
+        }
+    }
+    /**
+     * Record a metric manually
+     */
+    recordMetric(operationName, duration, metadata) {
+        if (!this.isEnabled)
+            return;
+        // Get or create metrics array for this operation
+        let operationMetrics = this.metrics.get(operationName);
+        if (!operationMetrics) {
+            operationMetrics = [];
+            this.metrics.set(operationName, operationMetrics);
+        }
+        // Add the metric
+        operationMetrics.push(duration);
+        // Maintain size limit to prevent memory leaks
+        if (operationMetrics.length > this.maxMetricsPerOperation) {
+            operationMetrics.shift(); // Remove oldest metric
+        }
+        // Log slow operations
+        if (duration > 100) {
+            // Log operations over 100ms
+            logger_1.logger.logPerformance(operationName, duration, metadata);
+        }
+    }
+    /**
+     * Get aggregated metrics for an operation
+     */
+    getMetrics(operationName) {
+        const metrics = this.metrics.get(operationName);
+        if (!metrics || metrics.length === 0) {
+            return null;
+        }
+        const sortedMetrics = [...metrics].sort((a, b) => a - b);
+        const count = metrics.length;
+        const totalDuration = metrics.reduce((sum, duration) => sum + duration, 0);
+        const p95Index = Math.ceil(count * 0.95) - 1;
+        return {
+            count,
+            totalDuration,
+            averageDuration: totalDuration / count,
+            minDuration: sortedMetrics[0],
+            maxDuration: sortedMetrics[count - 1],
+            p95Duration: sortedMetrics[p95Index],
+        };
+    }
+    /**
+     * Get all metrics summary
+     */
+    getAllMetrics() {
+        const summary = {};
+        for (const [operationName] of this.metrics) {
+            const metrics = this.getMetrics(operationName);
+            if (metrics) {
+                summary[operationName] = metrics;
+            }
+        }
+        return summary;
+    }
+    /**
+     * Reset all metrics
+     */
+    reset() {
+        this.metrics.clear();
+    }
+    /**
+     * Get performance summary for health checks
+     */
+    getHealthSummary() {
+        const allMetrics = this.getAllMetrics();
+        const slowOperations = Object.entries(allMetrics)
+            .filter(([_, metrics]) => metrics.averageDuration > 50) // Operations over 50ms average
+            .map(([name, metrics]) => ({
+            name,
+            avgDuration: metrics.averageDuration,
+        }))
+            .sort((a, b) => b.avgDuration - a.avgDuration);
+        const totalMetrics = Array.from(this.metrics.values()).reduce((sum, metrics) => sum + metrics.length, 0);
+        return {
+            isEnabled: this.isEnabled,
+            trackedOperations: this.metrics.size,
+            totalMetrics,
+            slowOperations,
+        };
+    }
+    /**
+     * Enable or disable monitoring
+     */
+    setEnabled(enabled) {
+        this.isEnabled = enabled;
+        if (!enabled) {
+            this.reset();
+        }
+    }
+}
+// Global performance monitor instance
+exports.performanceMonitor = new PerformanceMonitor();
+/**
+ * Decorator for timing method calls
+ */
+function timed(operationName) {
+    return function (target, propertyKey, descriptor) {
+        const originalMethod = descriptor.value;
+        const name = operationName || `${target.constructor.name}.${String(propertyKey)}`;
+        descriptor.value = async function (...args) {
+            return exports.performanceMonitor.timeAsync(name, () => originalMethod.apply(this, args));
+        };
+        return descriptor;
+    };
+}
+/**
+ * Decorator for timing synchronous method calls
+ */
+function timedSync(operationName) {
+    return function (target, propertyKey, descriptor) {
+        const originalMethod = descriptor.value;
+        const name = operationName || `${target.constructor.name}.${String(propertyKey)}`;
+        descriptor.value = function (...args) {
+            return exports.performanceMonitor.timeSync(name, () => originalMethod.apply(this, args));
+        };
+        return descriptor;
+    };
+}
+//# sourceMappingURL=performanceMonitor.js.map

package/build/index.d.ts

@@ -0,0 +1,3 @@
+export * from './core';
+export * from './middlewares';
+//# sourceMappingURL=index.d.ts.map

package/build/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./core"), exports);
+__exportStar(require("./middlewares"), exports);
+//# sourceMappingURL=index.js.map

package/build/middlewares/authenticationMiddleware.d.ts

@@ -0,0 +1,52 @@
+import { BaseMiddleware } from '../core/handler';
+import { Context } from '../core/core';
+export interface CustomTokenVerificationPort<T> {
+    verifyToken(token: string): Promise<T>;
+}
+export interface JWTPayload {
+    exp?: number;
+    iat?: number;
+    nbf?: number;
+    jti?: string;
+    iss?: string;
+    aud?: string | string[];
+    sub?: string;
+    [key: string]: unknown;
+}
+export interface AuthenticationOptions {
+    /**
+     * Maximum token age in seconds (overrides exp claim validation)
+     */
+    maxTokenAge?: number;
+    /**
+     * Clock tolerance in seconds for time-based validations
+     * @default 60
+     */
+    clockTolerance?: number;
+    /**
+     * Token blacklist checker function
+     */
+    isTokenBlacklisted?: (tokenId?: string) => Promise<boolean> | boolean;
+    /**
+     * Rate limiting per user/IP
+     */
+    rateLimiting?: {
+        maxAttempts: number;
+        windowMs: number;
+    };
+    /**
+     * Required token claims
+     */
+    requiredClaims?: {
+        issuer?: string;
+        audience?: string | string[];
+    };
+}
+export declare class AuthenticationMiddleware<T> implements BaseMiddleware {
+    private tokenVerificationPort;
+    private options;
+    constructor(tokenVerificationPort: CustomTokenVerificationPort<T>, options?: AuthenticationOptions);
+    before(context: Context): Promise<void>;
+}
+export declare const verifyAuthTokenMiddleware: <T>(tokenVerificationPort: CustomTokenVerificationPort<T>, options?: AuthenticationOptions) => BaseMiddleware;
+//# sourceMappingURL=authenticationMiddleware.d.ts.map

package/build/middlewares/authenticationMiddleware.js

@@ -0,0 +1,204 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyAuthTokenMiddleware = exports.AuthenticationMiddleware = void 0;
+const errors_1 = require("../core/errors");
+const logger_1 = require("../core/logger");
+// Simple in-memory store for rate limiting (use Redis in production)
+const rateLimitStore = new Map();
+/**
+ * Enhanced JWT validation with comprehensive security checks
+ */
+const validateJWTSecurity = (payload, options = {}, clientIP) => {
+    const now = Math.floor(Date.now() / 1000);
+    const clockTolerance = options.clockTolerance || 60;
+    // Validate expiration time
+    if (payload.exp !== undefined) {
+        if (payload.exp <= now - clockTolerance) {
+            logger_1.logger.warn('Token expired', {
+                expiredAt: new Date(payload.exp * 1000).toISOString(),
+                currentTime: new Date(now * 1000).toISOString(),
+                clientIP,
+            });
+            throw new errors_1.AuthenticationError('Token expired');
+        }
+    }
+    // Validate not-before time
+    if (payload.nbf !== undefined) {
+        if (payload.nbf > now + clockTolerance) {
+            logger_1.logger.warn('Token used before valid time', {
+                notBefore: new Date(payload.nbf * 1000).toISOString(),
+                currentTime: new Date(now * 1000).toISOString(),
+                clientIP,
+            });
+            throw new errors_1.AuthenticationError('Token not yet valid');
+        }
+    }
+    // Validate issued-at time if maxTokenAge is specified
+    if (options.maxTokenAge && payload.iat !== undefined) {
+        const tokenAge = now - payload.iat;
+        if (tokenAge > options.maxTokenAge) {
+            logger_1.logger.warn('Token too old', {
+                tokenAge: `${tokenAge}s`,
+                maxAge: `${options.maxTokenAge}s`,
+                clientIP,
+            });
+            throw new errors_1.AuthenticationError('Token too old');
+        }
+    }
+    // Validate required claims
+    if (options.requiredClaims) {
+        if (options.requiredClaims.issuer &&
+            payload.iss !== options.requiredClaims.issuer) {
+            logger_1.logger.warn('Invalid token issuer', {
+                expected: options.requiredClaims.issuer,
+                received: payload.iss,
+                clientIP,
+            });
+            throw new errors_1.SecurityError('Invalid token issuer');
+        }
+        if (options.requiredClaims.audience) {
+            const requiredAud = options.requiredClaims.audience;
+            const tokenAud = payload.aud;
+            let isValidAudience = false;
+            if (Array.isArray(requiredAud)) {
+                isValidAudience = Array.isArray(tokenAud)
+                    ? tokenAud.some((aud) => requiredAud.includes(aud))
+                    : requiredAud.includes(tokenAud || '');
+            }
+            else {
+                isValidAudience = Array.isArray(tokenAud)
+                    ? tokenAud.includes(requiredAud)
+                    : tokenAud === requiredAud;
+            }
+            if (!isValidAudience) {
+                logger_1.logger.warn('Invalid token audience', {
+                    expected: requiredAud,
+                    received: tokenAud,
+                    clientIP,
+                });
+                throw new errors_1.SecurityError('Invalid token audience');
+            }
+        }
+    }
+};
+/**
+ * Check rate limiting for authentication attempts
+ */
+const checkRateLimit = (identifier, options) => {
+    if (!options.rateLimiting)
+        return;
+    const now = Date.now();
+    const key = `auth:${identifier}`;
+    const limit = rateLimitStore.get(key);
+    if (limit && now < limit.resetTime) {
+        if (limit.attempts >= options.rateLimiting.maxAttempts) {
+            logger_1.logger.warn('Rate limit exceeded for authentication', {
+                identifier,
+                attempts: limit.attempts,
+                resetTime: new Date(limit.resetTime).toISOString(),
+            });
+            throw new errors_1.SecurityError('Too many authentication attempts. Please try again later.');
+        }
+        limit.attempts++;
+    }
+    else {
+        rateLimitStore.set(key, {
+            attempts: 1,
+            resetTime: now + options.rateLimiting.windowMs,
+        });
+    }
+};
+async function verifyToken(tokenVerificationPort, context, options = {}) {
+    const authHeader = context.req.headers?.authorization;
+    const clientIP = context.req.ip ||
+        context.req.headers?.['x-forwarded-for'] ||
+        'unknown';
+    const userAgent = context.req.headers?.['user-agent'];
+    if (!authHeader) {
+        logger_1.logger.warn('Missing authorization header', { clientIP, userAgent });
+        throw new errors_1.HttpError(401, 'No authorization header');
+    }
+    const authHeaderString = Array.isArray(authHeader)
+        ? authHeader[0]
+        : authHeader;
+    const token = authHeaderString?.split('Bearer ')[1];
+    if (!token) {
+        logger_1.logger.warn('Invalid token format', { clientIP, userAgent });
+        throw new errors_1.AuthenticationError('Invalid token format');
+    }
+    // Check rate limiting
+    checkRateLimit(clientIP, options);
+    try {
+        // Verify token through port
+        const user = await tokenVerificationPort.verifyToken(token);
+        // If user has JWT payload, validate security aspects
+        if (user && typeof user === 'object' && 'exp' in user) {
+            validateJWTSecurity(user, options, clientIP);
+            // Check token blacklist if configured
+            if (options.isTokenBlacklisted && 'jti' in user) {
+                const isBlacklisted = await options.isTokenBlacklisted(user.jti);
+                if (isBlacklisted) {
+                    logger_1.logger.warn('Blacklisted token used', {
+                        tokenId: user.jti,
+                        clientIP,
+                        userAgent,
+                    });
+                    throw new errors_1.SecurityError('Token has been revoked');
+                }
+            }
+        }
+        context.user = user;
+        logger_1.logger.debug('Successful authentication', {
+            userId: typeof user === 'object' && user && 'sub' in user
+                ? String(user.sub)
+                : 'unknown',
+            clientIP,
+        });
+    }
+    catch (error) {
+        // Log failed authentication attempt
+        logger_1.logger.warn('Authentication failed', {
+            error: error instanceof Error ? error.message : 'Unknown error',
+            clientIP,
+            userAgent,
+            tokenPreview: token.substring(0, 10) + '...',
+        });
+        if (error instanceof errors_1.HttpError) {
+            throw error;
+        }
+        throw new errors_1.AuthenticationError('Invalid authentication');
+    }
+}
+class AuthenticationMiddleware {
+    tokenVerificationPort;
+    options;
+    constructor(tokenVerificationPort, options = {}) {
+        this.tokenVerificationPort = tokenVerificationPort;
+        this.options = options;
+    }
+    async before(context) {
+        await verifyToken(this.tokenVerificationPort, context, this.options);
+    }
+}
+exports.AuthenticationMiddleware = AuthenticationMiddleware;
+const verifyAuthTokenMiddleware = (tokenVerificationPort, options = {}) => ({
+    async before(context) {
+        await verifyToken(tokenVerificationPort, context, options);
+    },
+});
+exports.verifyAuthTokenMiddleware = verifyAuthTokenMiddleware;
+/*
+// Example protected endpoint
+const protectedHandler = new Handler()
+  .use(verifyAuthTokenMiddleware(customTokenVerificationPort))
+  .use(errorHandler())
+  .use(responseWrapperMiddleware<any>())
+  .handle(async (context: Context) => {
+    const user = context.user;
+    setResponseData(context, {
+      message: 'Protected endpoint',
+      user,
+    });
+  });
+*/
+//# sourceMappingURL=authenticationMiddleware.js.map

package/build/middlewares/bodyParserMiddleware.d.ts

@@ -0,0 +1,31 @@
+import { BaseMiddleware, Context } from '../core';
+/**
+ * Enhanced BodyParserMiddleware with async parsing and performance optimizations.
+ *
+ * Features:
+ * - Async JSON parsing for large payloads
+ * - Size limits to prevent DoS attacks
+ * - Base64 decoding for Pub/Sub messages
+ * - Non-blocking parsing using setImmediate
+ *
+ * @template T - The expected type of the parsed body. Defaults to unknown if not specified.
+ * @implements {BaseMiddleware}
+ */
+export declare class BodyParserMiddleware<T = unknown> implements BaseMiddleware {
+    private maxSize;
+    constructor(maxSize?: number);
+    before(context: Context): Promise<void>;
+}
+/**
+ * Enhanced middleware function for parsing the request body in specific HTTP methods.
+ *
+ * Performance optimizations:
+ * - Early method validation
+ * - Async parsing for large payloads
+ * - Size validation
+ *
+ * @template T - The expected type of the parsed request body.
+ * @returns {BaseMiddleware} A middleware object containing a `before` hook.
+ */
+export declare const bodyParser: <T = unknown>(maxSize?: number) => BaseMiddleware;
+//# sourceMappingURL=bodyParserMiddleware.d.ts.map