@obfious/js 0.1.6 → 0.1.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +16 -9
- package/dist/express.js +1 -1
- package/dist/fastify.js +1 -1
- package/dist/index.js +1 -1
- package/dist/lambda.js +1 -1
- package/dist/nextjs.js +1 -1
- package/package.json +4 -2
package/README.md
CHANGED
|
@@ -24,7 +24,6 @@ npm install @obfious/js
|
|
|
24
24
|
import { Obfious } from "@obfious/js";
|
|
25
25
|
|
|
26
26
|
const obfious = new Obfious({
|
|
27
|
-
stableString: "my-app:3000",
|
|
28
27
|
includePaths: ["/api/"],
|
|
29
28
|
});
|
|
30
29
|
|
|
@@ -37,7 +36,7 @@ if (result.response) return result.response;
|
|
|
37
36
|
|
|
38
37
|
// Script tag for HTML <head>:
|
|
39
38
|
const tag = await obfious.scriptTag({ nonce: "abc123" });
|
|
40
|
-
//
|
|
39
|
+
// -> <script src="/?a3f7c9d4e5=xR7kM2pQ" nonce="abc123"></script>
|
|
41
40
|
```
|
|
42
41
|
|
|
43
42
|
### Next.js
|
|
@@ -48,7 +47,6 @@ import { NextResponse } from "next/server";
|
|
|
48
47
|
|
|
49
48
|
const obfious = createObfiousMiddleware({
|
|
50
49
|
creds: { keyId: process.env.OBFIOUS_KEY_ID!, secret: process.env.OBFIOUS_SECRET! },
|
|
51
|
-
stableString: "my-nextjs-app",
|
|
52
50
|
includePaths: ["/api/"],
|
|
53
51
|
});
|
|
54
52
|
|
|
@@ -68,7 +66,6 @@ import { obfiousMiddleware } from "@obfious/js/express";
|
|
|
68
66
|
const app = express();
|
|
69
67
|
app.use(obfiousMiddleware({
|
|
70
68
|
creds: { keyId: process.env.OBFIOUS_KEY_ID!, secret: process.env.OBFIOUS_SECRET! },
|
|
71
|
-
stableString: `my-app:${PORT}`,
|
|
72
69
|
includePaths: ["/api/"],
|
|
73
70
|
}));
|
|
74
71
|
```
|
|
@@ -82,7 +79,6 @@ import { obfiousPlugin } from "@obfious/js/fastify";
|
|
|
82
79
|
const app = Fastify();
|
|
83
80
|
app.register(obfiousPlugin, {
|
|
84
81
|
creds: { keyId: process.env.OBFIOUS_KEY_ID!, secret: process.env.OBFIOUS_SECRET! },
|
|
85
|
-
stableString: `my-app:${PORT}`,
|
|
86
82
|
includePaths: ["/api/"],
|
|
87
83
|
});
|
|
88
84
|
```
|
|
@@ -94,7 +90,6 @@ import { obfiousHandler } from "@obfious/js/lambda";
|
|
|
94
90
|
|
|
95
91
|
export const handler = obfiousHandler({
|
|
96
92
|
creds: { keyId: process.env.OBFIOUS_KEY_ID!, secret: process.env.OBFIOUS_SECRET! },
|
|
97
|
-
stableString: "my-lambda-api",
|
|
98
93
|
includePaths: ["/api/"],
|
|
99
94
|
}, async (event, context) => {
|
|
100
95
|
return { statusCode: 200, body: JSON.stringify({ ok: true }), headers: {} };
|
|
@@ -106,14 +101,26 @@ export const handler = obfiousHandler({
|
|
|
106
101
|
| Option | Type | Default | Description |
|
|
107
102
|
|--------|------|---------|-------------|
|
|
108
103
|
| `apiUrl` | string | `https://api.obfious.com` | API base URL |
|
|
109
|
-
| `
|
|
110
|
-
| `scriptPath` | string | (derived) | Override the derived script path |
|
|
104
|
+
| `scriptPath` | string | (time-rotating) | Override the auto-derived script URL |
|
|
111
105
|
| `includePaths` | string[] | (all) | Only guard these path prefixes |
|
|
112
106
|
| `excludePaths` | string[] | (none) | Always pass through these prefixes |
|
|
113
|
-
| `privateKey` | string |
|
|
107
|
+
| `privateKey` | string | -- | HMAC key for user ID encryption |
|
|
114
108
|
| `getClientIp` | callback | (auto) | Custom client IP extraction |
|
|
115
109
|
| `getPlatformSignals` | callback | (CF default) | Custom platform signal headers |
|
|
116
110
|
|
|
111
|
+
## CSP requirements
|
|
112
|
+
|
|
113
|
+
Obfious needs to compile WebAssembly and spawn a Web Worker from same-origin URLs. If your app sets an explicit `script-src` directive, you must include `'wasm-unsafe-eval'`:
|
|
114
|
+
|
|
115
|
+
```
|
|
116
|
+
script-src 'self' 'wasm-unsafe-eval';
|
|
117
|
+
worker-src 'self';
|
|
118
|
+
```
|
|
119
|
+
|
|
120
|
+
If you only have `default-src 'self'` with **no** explicit `script-src`, WASM compilation is implicitly allowed and no additional directives are needed. The `'wasm-unsafe-eval'` requirement only kicks in when `script-src` is explicitly set.
|
|
121
|
+
|
|
122
|
+
`worker-src` similarly falls back to `script-src` then `default-src` — only set it explicitly if your policy requires it.
|
|
123
|
+
|
|
117
124
|
## License
|
|
118
125
|
|
|
119
126
|
See LICENSE file.
|
package/dist/express.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
var
|
|
1
|
+
var R="x-obfious-key",x="x-obfious-sig",C="x-obfious-ts",P=/\.(json|js|gif|png|woff2|css)$/;var p=class{config;creds;randomValue=null;randomValueCreatedAt=0;constructor(e){this.config={...e,apiUrl:e.apiUrl??"https://api.obfious.com"},this.creds={keyId:e.keyId,secret:e.secret}}async getScriptUrl(){if(this.config.scriptPath)return this.config.scriptPath;let e=await y(this.creds.secret);return this.ensureRandomValue(),`/?${e}=${this.randomValue}`}async getWorkerUrl(){let e=await m(this.creds.secret);return this.ensureRandomValue(),`/?${e}=${this.randomValue}`}async scriptTag(e){let t=await this.getScriptUrl(),r=e?.nonce?` nonce="${e.nonce}"`:"";return`<script src="${t}"${r}></script>`}async protect(e,t){let r=new URL(e.url);if(e.method==="GET"){if(r.pathname==="/")for(let[l]of r.searchParams){if(await T(this.creds.secret,l)){let d=await this.fetchBundle();if(d)return{response:new Response(d,{headers:{"Content-Type":"application/javascript","Cache-Control":"private, max-age=300"}})};break}if(await A(this.creds.secret,l)){let d=await this.fetchWorker();if(d)return{response:new Response(d,{headers:{"Content-Type":"application/javascript","Cache-Control":"private, max-age=300"}})};break}}if(this.config.scriptPath&&r.pathname===this.config.scriptPath){let l=await this.fetchBundle();if(l)return{response:new Response(l,{headers:{"Content-Type":"application/javascript","Cache-Control":"no-store"}})}}}if(e.method==="POST"&&P.test(r.pathname)){if((e.headers.get("Content-Type")||"")==="application/octet-stream")return{response:await this.forwardStreamToApi(e,r.pathname)};let d=e.clone(),h=new Uint8Array(await d.arrayBuffer());if(h.length>0&&h[0]===91)return{response:await this.forwardToApi(e,r.pathname,h)}}if(this.config.excludePaths?.some(l=>r.pathname.startsWith(l)))return{response:null};if(this.config.includePaths&&!this.config.includePaths.some(l=>r.pathname.startsWith(l)))return{response:null};let s=e.headers.get("x-req-auth");if(!s)return{response:new Response(null,{status:401})};let o=s.indexOf(".");if(o<1)return{response:new Response(null,{status:401})};let i=s.slice(0,o),a=s.slice(o+1),c=S(i);if(!c)return{response:new Response(null,{status:401})};let g=t&&this.config.privateKey?await I(t,this.config.privateKey):void 0,u=await this.validateToken(c,i,a,g);return u.valid?{response:null,deviceId:u.deviceId}:{response:new Response(null,{status:401})}}ensureRandomValue(){(!this.randomValue||Date.now()-this.randomValueCreatedAt>9e5)&&(this.randomValue=O(8),this.randomValueCreatedAt=Date.now())}getIp(e){return this.config.getClientIp?this.config.getClientIp(e):e.headers.get("CF-Connecting-IP")||e.headers.get("X-Forwarded-For")?.split(",")[0]?.trim()||e.headers.get("X-Real-IP")||"unknown"}async fetchBundle(){try{let e=await this.getWorkerUrl(),t=await this.authedFetch("/b",{method:"GET",headers:{"x-obfious-worker-url":e}});return t.ok?await t.text():null}catch{return null}}async fetchWorker(){try{let e=await this.authedFetch("/w",{method:"GET"});return e.ok?await e.text():null}catch{return null}}async forwardToApi(e,t,r){let s={"Content-Type":"application/json","x-obfious-ip":this.getIp(e)};if(this.config.getPlatformSignals)for(let[o,i]of Object.entries(this.config.getPlatformSignals(e)))s[o.replace(/[\r\n]/g,"")]=String(i).replace(/[\r\n]/g,"");return this.authedFetch(t,{method:"POST",headers:s,body:r.buffer})}async forwardStreamToApi(e,t){let r={"Content-Type":"application/octet-stream","x-obfious-ip":this.getIp(e)};if(this.config.getPlatformSignals)for(let[s,o]of Object.entries(this.config.getPlatformSignals(e)))r[s.replace(/[\r\n]/g,"")]=String(o).replace(/[\r\n]/g,"");return this.authedFetch(t,{method:"POST",headers:r,body:e.body??void 0})}async validateToken(e,t,r,s){try{let o={tokenHex:e,signature:r,payload:t};s&&(o.encryptedUser=s);let i=await this.authedFetch("/validate",{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(o)});if(!i.ok)return{valid:!1};let a=await i.json();return{valid:a.valid===!0,deviceId:a.deviceId}}catch{return{valid:!1}}}async authedFetch(e,t){let r=`${this.config.apiUrl}${e}`,s=Date.now().toString(),o=(t.method||"GET").toUpperCase(),i=`${s}.${o}.${e}`,a=await k(this.creds.secret,i),c=new Headers(t.headers);return c.set(R,this.creds.keyId),c.set(x,a),c.set(C,s),fetch(r,{...t,headers:c})}};async function y(n,e=0){let t=Math.floor(Date.now()/3e5)+e,r=await crypto.subtle.importKey("raw",new TextEncoder().encode(n),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),s=await crypto.subtle.sign("HMAC",r,new TextEncoder().encode("obfious-bootstrap-v1:"+t));return f(new Uint8Array(s)).slice(0,10)}async function T(n,e){if(e.length!==10||!/^[0-9a-f]{10}$/.test(e))return!1;for(let t of[-1,0,1])if(await y(n,t)===e)return!0;return!1}async function m(n,e=0){let t=Math.floor(Date.now()/3e5)+e,r=t%7+1,s=await crypto.subtle.importKey("raw",new TextEncoder().encode(n),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),o=await crypto.subtle.sign("HMAC",s,new TextEncoder().encode("obfious-worker-v1:"+t)),i=f(new Uint8Array(o)).slice(0,9);return i.slice(0,r)+"w"+i.slice(r)}async function A(n,e){if(e.length!==10)return!1;let t=e.indexOf("w");if(t<1||t>7||e.lastIndexOf("w")!==t)return!1;let r=e.slice(0,t)+e.slice(t+1);if(!/^[0-9a-f]{9}$/.test(r))return!1;for(let s of[-1,0,1])if(await m(n,s)===e)return!0;return!1}function f(n){return Array.from(n,e=>e.toString(16).padStart(2,"0")).join("")}async function k(n,e){let t=await crypto.subtle.importKey("raw",new TextEncoder().encode(n),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),r=await crypto.subtle.sign("HMAC",t,new TextEncoder().encode(e));return f(new Uint8Array(r))}async function I(n,e){let t=await crypto.subtle.importKey("raw",new TextEncoder().encode(e),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),r=await crypto.subtle.sign("HMAC",t,new TextEncoder().encode(n));return f(new Uint8Array(r))}function S(n){try{let e=n.replace(/-/g,"+").replace(/_/g,"/");for(;e.length%4;)e+="=";let t=Uint8Array.from(atob(e),r=>r.charCodeAt(0));return t.length<9||t[0]!==33?null:f(t.slice(1,9))}catch{return null}}function O(n){let e="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789",t=crypto.getRandomValues(new Uint8Array(n));return Array.from(t,r=>e[r%e.length]).join("")}import{Readable as w}from"node:stream";function b(n){let e=n.headers["x-forwarded-proto"]||"http",t=n.headers.host||"localhost",r=`${e}://${t}${n.url}`,s=new Headers;for(let[i,a]of Object.entries(n.headers))a&&s.set(i,Array.isArray(a)?a.join(", "):a);let o=n.method!=="GET"&&n.method!=="HEAD";return new Request(r,{method:n.method,headers:s,body:o?w.toWeb(w.from(n)):null,duplex:"half"})}async function v(n,e){let t={};if(e.headers.forEach((r,s)=>{t[s]=r}),n.writeHead(e.status,t),e.body){let r=e.body.getReader();try{for(;;){let{done:s,value:o}=await r.read();if(s)break;n.write(o)}}finally{r.releaseLock()}}n.end()}function V(n){let{creds:e,getUser:t,...r}=n,s=new p({...r,getClientIp:r.getClientIp??(o=>o.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||o.headers.get("x-real-ip")||"unknown"),getPlatformSignals:r.getPlatformSignals??(()=>({}))});return async(o,i,a)=>{try{let c=b(o),g=t?.(o),u=await s.protect(c,e,g);if(u.response){await v(i,u.response);return}u.deviceId&&(o.obfiousDeviceId=u.deviceId),a()}catch(c){a(c)}}}export{p as Obfious,V as obfiousMiddleware};
|
package/dist/fastify.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
var
|
|
1
|
+
var v="x-obfious-key",x="x-obfious-sig",P="x-obfious-ts",C=/\.(json|js|gif|png|woff2|css)$/;var g=class{config;creds;randomValue=null;randomValueCreatedAt=0;constructor(e){this.config={...e,apiUrl:e.apiUrl??"https://api.obfious.com"},this.creds={keyId:e.keyId,secret:e.secret}}async getScriptUrl(){if(this.config.scriptPath)return this.config.scriptPath;let e=await y(this.creds.secret);return this.ensureRandomValue(),`/?${e}=${this.randomValue}`}async getWorkerUrl(){let e=await m(this.creds.secret);return this.ensureRandomValue(),`/?${e}=${this.randomValue}`}async scriptTag(e){let t=await this.getScriptUrl(),n=e?.nonce?` nonce="${e.nonce}"`:"";return`<script src="${t}"${n}></script>`}async protect(e,t){let n=new URL(e.url);if(e.method==="GET"){if(n.pathname==="/")for(let[c]of n.searchParams){if(await T(this.creds.secret,c)){let u=await this.fetchBundle();if(u)return{response:new Response(u,{headers:{"Content-Type":"application/javascript","Cache-Control":"private, max-age=300"}})};break}if(await A(this.creds.secret,c)){let u=await this.fetchWorker();if(u)return{response:new Response(u,{headers:{"Content-Type":"application/javascript","Cache-Control":"private, max-age=300"}})};break}}if(this.config.scriptPath&&n.pathname===this.config.scriptPath){let c=await this.fetchBundle();if(c)return{response:new Response(c,{headers:{"Content-Type":"application/javascript","Cache-Control":"no-store"}})}}}if(e.method==="POST"&&C.test(n.pathname)){if((e.headers.get("Content-Type")||"")==="application/octet-stream")return{response:await this.forwardStreamToApi(e,n.pathname)};let u=e.clone(),f=new Uint8Array(await u.arrayBuffer());if(f.length>0&&f[0]===91)return{response:await this.forwardToApi(e,n.pathname,f)}}if(this.config.excludePaths?.some(c=>n.pathname.startsWith(c)))return{response:null};if(this.config.includePaths&&!this.config.includePaths.some(c=>n.pathname.startsWith(c)))return{response:null};let s=e.headers.get("x-req-auth");if(!s)return{response:new Response(null,{status:401})};let i=s.indexOf(".");if(i<1)return{response:new Response(null,{status:401})};let o=s.slice(0,i),a=s.slice(i+1),l=S(o);if(!l)return{response:new Response(null,{status:401})};let h=t&&this.config.privateKey?await I(t,this.config.privateKey):void 0,d=await this.validateToken(l,o,a,h);return d.valid?{response:null,deviceId:d.deviceId}:{response:new Response(null,{status:401})}}ensureRandomValue(){(!this.randomValue||Date.now()-this.randomValueCreatedAt>9e5)&&(this.randomValue=O(8),this.randomValueCreatedAt=Date.now())}getIp(e){return this.config.getClientIp?this.config.getClientIp(e):e.headers.get("CF-Connecting-IP")||e.headers.get("X-Forwarded-For")?.split(",")[0]?.trim()||e.headers.get("X-Real-IP")||"unknown"}async fetchBundle(){try{let e=await this.getWorkerUrl(),t=await this.authedFetch("/b",{method:"GET",headers:{"x-obfious-worker-url":e}});return t.ok?await t.text():null}catch{return null}}async fetchWorker(){try{let e=await this.authedFetch("/w",{method:"GET"});return e.ok?await e.text():null}catch{return null}}async forwardToApi(e,t,n){let s={"Content-Type":"application/json","x-obfious-ip":this.getIp(e)};if(this.config.getPlatformSignals)for(let[i,o]of Object.entries(this.config.getPlatformSignals(e)))s[i.replace(/[\r\n]/g,"")]=String(o).replace(/[\r\n]/g,"");return this.authedFetch(t,{method:"POST",headers:s,body:n.buffer})}async forwardStreamToApi(e,t){let n={"Content-Type":"application/octet-stream","x-obfious-ip":this.getIp(e)};if(this.config.getPlatformSignals)for(let[s,i]of Object.entries(this.config.getPlatformSignals(e)))n[s.replace(/[\r\n]/g,"")]=String(i).replace(/[\r\n]/g,"");return this.authedFetch(t,{method:"POST",headers:n,body:e.body??void 0})}async validateToken(e,t,n,s){try{let i={tokenHex:e,signature:n,payload:t};s&&(i.encryptedUser=s);let o=await this.authedFetch("/validate",{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(i)});if(!o.ok)return{valid:!1};let a=await o.json();return{valid:a.valid===!0,deviceId:a.deviceId}}catch{return{valid:!1}}}async authedFetch(e,t){let n=`${this.config.apiUrl}${e}`,s=Date.now().toString(),i=(t.method||"GET").toUpperCase(),o=`${s}.${i}.${e}`,a=await k(this.creds.secret,o),l=new Headers(t.headers);return l.set(v,this.creds.keyId),l.set(x,a),l.set(P,s),fetch(n,{...t,headers:l})}};async function y(r,e=0){let t=Math.floor(Date.now()/3e5)+e,n=await crypto.subtle.importKey("raw",new TextEncoder().encode(r),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),s=await crypto.subtle.sign("HMAC",n,new TextEncoder().encode("obfious-bootstrap-v1:"+t));return p(new Uint8Array(s)).slice(0,10)}async function T(r,e){if(e.length!==10||!/^[0-9a-f]{10}$/.test(e))return!1;for(let t of[-1,0,1])if(await y(r,t)===e)return!0;return!1}async function m(r,e=0){let t=Math.floor(Date.now()/3e5)+e,n=t%7+1,s=await crypto.subtle.importKey("raw",new TextEncoder().encode(r),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),i=await crypto.subtle.sign("HMAC",s,new TextEncoder().encode("obfious-worker-v1:"+t)),o=p(new Uint8Array(i)).slice(0,9);return o.slice(0,n)+"w"+o.slice(n)}async function A(r,e){if(e.length!==10)return!1;let t=e.indexOf("w");if(t<1||t>7||e.lastIndexOf("w")!==t)return!1;let n=e.slice(0,t)+e.slice(t+1);if(!/^[0-9a-f]{9}$/.test(n))return!1;for(let s of[-1,0,1])if(await m(r,s)===e)return!0;return!1}function p(r){return Array.from(r,e=>e.toString(16).padStart(2,"0")).join("")}async function k(r,e){let t=await crypto.subtle.importKey("raw",new TextEncoder().encode(r),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),n=await crypto.subtle.sign("HMAC",t,new TextEncoder().encode(e));return p(new Uint8Array(n))}async function I(r,e){let t=await crypto.subtle.importKey("raw",new TextEncoder().encode(e),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),n=await crypto.subtle.sign("HMAC",t,new TextEncoder().encode(r));return p(new Uint8Array(n))}function S(r){try{let e=r.replace(/-/g,"+").replace(/_/g,"/");for(;e.length%4;)e+="=";let t=Uint8Array.from(atob(e),n=>n.charCodeAt(0));return t.length<9||t[0]!==33?null:p(t.slice(1,9))}catch{return null}}function O(r){let e="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789",t=crypto.getRandomValues(new Uint8Array(r));return Array.from(t,n=>e[n%e.length]).join("")}import{Readable as w}from"node:stream";function b(r){let e=r.headers["x-forwarded-proto"]||"http",t=r.headers.host||"localhost",n=`${e}://${t}${r.url}`,s=new Headers;for(let[o,a]of Object.entries(r.headers))a&&s.set(o,Array.isArray(a)?a.join(", "):a);let i=r.method!=="GET"&&r.method!=="HEAD";return new Request(n,{method:r.method,headers:s,body:i?w.toWeb(w.from(r)):null,duplex:"half"})}async function V(r,e){let{creds:t,getUser:n,...s}=e,i=new g({...s,getClientIp:s.getClientIp??(o=>o.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||o.headers.get("x-real-ip")||"unknown"),getPlatformSignals:s.getPlatformSignals??(()=>({}))});r.addHook("onRequest",async(o,a)=>{let l=b(o.raw),h=n?.(o.raw),d=await i.protect(l,t,h);if(d.response){let c={};d.response.headers.forEach((f,R)=>{c[R]=f});let u=await d.response.text();a.code(d.response.status).headers(c).send(u);return}d.deviceId&&(o.obfiousDeviceId=d.deviceId)})}export{g as Obfious,V as obfiousPlugin};
|
package/dist/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
var
|
|
1
|
+
var m="x-obfious-key",b="x-obfious-sig",v="x-obfious-ts",P=/\.(json|js|gif|png|woff2|css)$/;var h=class{config;creds;randomValue=null;randomValueCreatedAt=0;constructor(e){this.config={...e,apiUrl:e.apiUrl??"https://api.obfious.com"},this.creds={keyId:e.keyId,secret:e.secret}}async getScriptUrl(){if(this.config.scriptPath)return this.config.scriptPath;let e=await d(this.creds.secret);return this.ensureRandomValue(),`/?${e}=${this.randomValue}`}async getWorkerUrl(){let e=await y(this.creds.secret);return this.ensureRandomValue(),`/?${e}=${this.randomValue}`}async scriptTag(e){let t=await this.getScriptUrl(),n=e?.nonce?` nonce="${e.nonce}"`:"";return`<script src="${t}"${n}></script>`}async protect(e,t){let n=new URL(e.url);if(e.method==="GET"){if(n.pathname==="/")for(let[a]of n.searchParams){if(await T(this.creds.secret,a)){let l=await this.fetchBundle();if(l)return{response:new Response(l,{headers:{"Content-Type":"application/javascript","Cache-Control":"private, max-age=300"}})};break}if(await C(this.creds.secret,a)){let l=await this.fetchWorker();if(l)return{response:new Response(l,{headers:{"Content-Type":"application/javascript","Cache-Control":"private, max-age=300"}})};break}}if(this.config.scriptPath&&n.pathname===this.config.scriptPath){let a=await this.fetchBundle();if(a)return{response:new Response(a,{headers:{"Content-Type":"application/javascript","Cache-Control":"no-store"}})}}}if(e.method==="POST"&&P.test(n.pathname)){if((e.headers.get("Content-Type")||"")==="application/octet-stream")return{response:await this.forwardStreamToApi(e,n.pathname)};let l=e.clone(),p=new Uint8Array(await l.arrayBuffer());if(p.length>0&&p[0]===91)return{response:await this.forwardToApi(e,n.pathname,p)}}if(this.config.excludePaths?.some(a=>n.pathname.startsWith(a)))return{response:null};if(this.config.includePaths&&!this.config.includePaths.some(a=>n.pathname.startsWith(a)))return{response:null};let r=e.headers.get("x-req-auth");if(!r)return{response:new Response(null,{status:401})};let i=r.indexOf(".");if(i<1)return{response:new Response(null,{status:401})};let o=r.slice(0,i),u=r.slice(i+1),c=R(o);if(!c)return{response:new Response(null,{status:401})};let w=t&&this.config.privateKey?await A(t,this.config.privateKey):void 0,g=await this.validateToken(c,o,u,w);return g.valid?{response:null,deviceId:g.deviceId}:{response:new Response(null,{status:401})}}ensureRandomValue(){(!this.randomValue||Date.now()-this.randomValueCreatedAt>9e5)&&(this.randomValue=k(8),this.randomValueCreatedAt=Date.now())}getIp(e){return this.config.getClientIp?this.config.getClientIp(e):e.headers.get("CF-Connecting-IP")||e.headers.get("X-Forwarded-For")?.split(",")[0]?.trim()||e.headers.get("X-Real-IP")||"unknown"}async fetchBundle(){try{let e=await this.getWorkerUrl(),t=await this.authedFetch("/b",{method:"GET",headers:{"x-obfious-worker-url":e}});return t.ok?await t.text():null}catch{return null}}async fetchWorker(){try{let e=await this.authedFetch("/w",{method:"GET"});return e.ok?await e.text():null}catch{return null}}async forwardToApi(e,t,n){let r={"Content-Type":"application/json","x-obfious-ip":this.getIp(e)};if(this.config.getPlatformSignals)for(let[i,o]of Object.entries(this.config.getPlatformSignals(e)))r[i.replace(/[\r\n]/g,"")]=String(o).replace(/[\r\n]/g,"");return this.authedFetch(t,{method:"POST",headers:r,body:n.buffer})}async forwardStreamToApi(e,t){let n={"Content-Type":"application/octet-stream","x-obfious-ip":this.getIp(e)};if(this.config.getPlatformSignals)for(let[r,i]of Object.entries(this.config.getPlatformSignals(e)))n[r.replace(/[\r\n]/g,"")]=String(i).replace(/[\r\n]/g,"");return this.authedFetch(t,{method:"POST",headers:n,body:e.body??void 0})}async validateToken(e,t,n,r){try{let i={tokenHex:e,signature:n,payload:t};r&&(i.encryptedUser=r);let o=await this.authedFetch("/validate",{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(i)});if(!o.ok)return{valid:!1};let u=await o.json();return{valid:u.valid===!0,deviceId:u.deviceId}}catch{return{valid:!1}}}async authedFetch(e,t){let n=`${this.config.apiUrl}${e}`,r=Date.now().toString(),i=(t.method||"GET").toUpperCase(),o=`${r}.${i}.${e}`,u=await x(this.creds.secret,o),c=new Headers(t.headers);return c.set(m,this.creds.keyId),c.set(b,u),c.set(v,r),fetch(n,{...t,headers:c})}};async function d(s,e=0){let t=Math.floor(Date.now()/3e5)+e,n=await crypto.subtle.importKey("raw",new TextEncoder().encode(s),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),r=await crypto.subtle.sign("HMAC",n,new TextEncoder().encode("obfious-bootstrap-v1:"+t));return f(new Uint8Array(r)).slice(0,10)}async function T(s,e){if(e.length!==10||!/^[0-9a-f]{10}$/.test(e))return!1;for(let t of[-1,0,1])if(await d(s,t)===e)return!0;return!1}async function y(s,e=0){let t=Math.floor(Date.now()/3e5)+e,n=t%7+1,r=await crypto.subtle.importKey("raw",new TextEncoder().encode(s),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),i=await crypto.subtle.sign("HMAC",r,new TextEncoder().encode("obfious-worker-v1:"+t)),o=f(new Uint8Array(i)).slice(0,9);return o.slice(0,n)+"w"+o.slice(n)}async function C(s,e){if(e.length!==10)return!1;let t=e.indexOf("w");if(t<1||t>7||e.lastIndexOf("w")!==t)return!1;let n=e.slice(0,t)+e.slice(t+1);if(!/^[0-9a-f]{9}$/.test(n))return!1;for(let r of[-1,0,1])if(await y(s,r)===e)return!0;return!1}function f(s){return Array.from(s,e=>e.toString(16).padStart(2,"0")).join("")}async function x(s,e){let t=await crypto.subtle.importKey("raw",new TextEncoder().encode(s),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),n=await crypto.subtle.sign("HMAC",t,new TextEncoder().encode(e));return f(new Uint8Array(n))}async function A(s,e){let t=await crypto.subtle.importKey("raw",new TextEncoder().encode(e),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),n=await crypto.subtle.sign("HMAC",t,new TextEncoder().encode(s));return f(new Uint8Array(n))}function R(s){try{let e=s.replace(/-/g,"+").replace(/_/g,"/");for(;e.length%4;)e+="=";let t=Uint8Array.from(atob(e),n=>n.charCodeAt(0));return t.length<9||t[0]!==33?null:f(t.slice(1,9))}catch{return null}}function k(s){let e="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789",t=crypto.getRandomValues(new Uint8Array(s));return Array.from(t,n=>e[n%e.length]).join("")}export{h as Obfious};
|
package/dist/lambda.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
var
|
|
1
|
+
var m="x-obfious-key",b="x-obfious-sig",P="x-obfious-ts",x=/\.(json|js|gif|png|woff2|css)$/;var g=class{config;creds;randomValue=null;randomValueCreatedAt=0;constructor(e){this.config={...e,apiUrl:e.apiUrl??"https://api.obfious.com"},this.creds={keyId:e.keyId,secret:e.secret}}async getScriptUrl(){if(this.config.scriptPath)return this.config.scriptPath;let e=await y(this.creds.secret);return this.ensureRandomValue(),`/?${e}=${this.randomValue}`}async getWorkerUrl(){let e=await w(this.creds.secret);return this.ensureRandomValue(),`/?${e}=${this.randomValue}`}async scriptTag(e){let t=await this.getScriptUrl(),r=e?.nonce?` nonce="${e.nonce}"`:"";return`<script src="${t}"${r}></script>`}async protect(e,t){let r=new URL(e.url);if(e.method==="GET"){if(r.pathname==="/")for(let[c]of r.searchParams){if(await R(this.creds.secret,c)){let l=await this.fetchBundle();if(l)return{response:new Response(l,{headers:{"Content-Type":"application/javascript","Cache-Control":"private, max-age=300"}})};break}if(await C(this.creds.secret,c)){let l=await this.fetchWorker();if(l)return{response:new Response(l,{headers:{"Content-Type":"application/javascript","Cache-Control":"private, max-age=300"}})};break}}if(this.config.scriptPath&&r.pathname===this.config.scriptPath){let c=await this.fetchBundle();if(c)return{response:new Response(c,{headers:{"Content-Type":"application/javascript","Cache-Control":"no-store"}})}}}if(e.method==="POST"&&x.test(r.pathname)){if((e.headers.get("Content-Type")||"")==="application/octet-stream")return{response:await this.forwardStreamToApi(e,r.pathname)};let l=e.clone(),h=new Uint8Array(await l.arrayBuffer());if(h.length>0&&h[0]===91)return{response:await this.forwardToApi(e,r.pathname,h)}}if(this.config.excludePaths?.some(c=>r.pathname.startsWith(c)))return{response:null};if(this.config.includePaths&&!this.config.includePaths.some(c=>r.pathname.startsWith(c)))return{response:null};let n=e.headers.get("x-req-auth");if(!n)return{response:new Response(null,{status:401})};let i=n.indexOf(".");if(i<1)return{response:new Response(null,{status:401})};let o=n.slice(0,i),d=n.slice(i+1),a=k(o);if(!a)return{response:new Response(null,{status:401})};let f=t&&this.config.privateKey?await T(t,this.config.privateKey):void 0,u=await this.validateToken(a,o,d,f);return u.valid?{response:null,deviceId:u.deviceId}:{response:new Response(null,{status:401})}}ensureRandomValue(){(!this.randomValue||Date.now()-this.randomValueCreatedAt>9e5)&&(this.randomValue=I(8),this.randomValueCreatedAt=Date.now())}getIp(e){return this.config.getClientIp?this.config.getClientIp(e):e.headers.get("CF-Connecting-IP")||e.headers.get("X-Forwarded-For")?.split(",")[0]?.trim()||e.headers.get("X-Real-IP")||"unknown"}async fetchBundle(){try{let e=await this.getWorkerUrl(),t=await this.authedFetch("/b",{method:"GET",headers:{"x-obfious-worker-url":e}});return t.ok?await t.text():null}catch{return null}}async fetchWorker(){try{let e=await this.authedFetch("/w",{method:"GET"});return e.ok?await e.text():null}catch{return null}}async forwardToApi(e,t,r){let n={"Content-Type":"application/json","x-obfious-ip":this.getIp(e)};if(this.config.getPlatformSignals)for(let[i,o]of Object.entries(this.config.getPlatformSignals(e)))n[i.replace(/[\r\n]/g,"")]=String(o).replace(/[\r\n]/g,"");return this.authedFetch(t,{method:"POST",headers:n,body:r.buffer})}async forwardStreamToApi(e,t){let r={"Content-Type":"application/octet-stream","x-obfious-ip":this.getIp(e)};if(this.config.getPlatformSignals)for(let[n,i]of Object.entries(this.config.getPlatformSignals(e)))r[n.replace(/[\r\n]/g,"")]=String(i).replace(/[\r\n]/g,"");return this.authedFetch(t,{method:"POST",headers:r,body:e.body??void 0})}async validateToken(e,t,r,n){try{let i={tokenHex:e,signature:r,payload:t};n&&(i.encryptedUser=n);let o=await this.authedFetch("/validate",{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(i)});if(!o.ok)return{valid:!1};let d=await o.json();return{valid:d.valid===!0,deviceId:d.deviceId}}catch{return{valid:!1}}}async authedFetch(e,t){let r=`${this.config.apiUrl}${e}`,n=Date.now().toString(),i=(t.method||"GET").toUpperCase(),o=`${n}.${i}.${e}`,d=await A(this.creds.secret,o),a=new Headers(t.headers);return a.set(m,this.creds.keyId),a.set(b,d),a.set(P,n),fetch(r,{...t,headers:a})}};async function y(s,e=0){let t=Math.floor(Date.now()/3e5)+e,r=await crypto.subtle.importKey("raw",new TextEncoder().encode(s),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),n=await crypto.subtle.sign("HMAC",r,new TextEncoder().encode("obfious-bootstrap-v1:"+t));return p(new Uint8Array(n)).slice(0,10)}async function R(s,e){if(e.length!==10||!/^[0-9a-f]{10}$/.test(e))return!1;for(let t of[-1,0,1])if(await y(s,t)===e)return!0;return!1}async function w(s,e=0){let t=Math.floor(Date.now()/3e5)+e,r=t%7+1,n=await crypto.subtle.importKey("raw",new TextEncoder().encode(s),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),i=await crypto.subtle.sign("HMAC",n,new TextEncoder().encode("obfious-worker-v1:"+t)),o=p(new Uint8Array(i)).slice(0,9);return o.slice(0,r)+"w"+o.slice(r)}async function C(s,e){if(e.length!==10)return!1;let t=e.indexOf("w");if(t<1||t>7||e.lastIndexOf("w")!==t)return!1;let r=e.slice(0,t)+e.slice(t+1);if(!/^[0-9a-f]{9}$/.test(r))return!1;for(let n of[-1,0,1])if(await w(s,n)===e)return!0;return!1}function p(s){return Array.from(s,e=>e.toString(16).padStart(2,"0")).join("")}async function A(s,e){let t=await crypto.subtle.importKey("raw",new TextEncoder().encode(s),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),r=await crypto.subtle.sign("HMAC",t,new TextEncoder().encode(e));return p(new Uint8Array(r))}async function T(s,e){let t=await crypto.subtle.importKey("raw",new TextEncoder().encode(e),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),r=await crypto.subtle.sign("HMAC",t,new TextEncoder().encode(s));return p(new Uint8Array(r))}function k(s){try{let e=s.replace(/-/g,"+").replace(/_/g,"/");for(;e.length%4;)e+="=";let t=Uint8Array.from(atob(e),r=>r.charCodeAt(0));return t.length<9||t[0]!==33?null:p(t.slice(1,9))}catch{return null}}function I(s){let e="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789",t=crypto.getRandomValues(new Uint8Array(s));return Array.from(t,r=>e[r%e.length]).join("")}function v(s){let e=s.headers["x-forwarded-proto"]||s.headers["X-Forwarded-Proto"]||"https",t=s.headers.host||s.headers.Host||"localhost",r=`${e}://${t}${s.path}`;if(s.queryStringParameters){let d=new URLSearchParams;for(let[f,u]of Object.entries(s.queryStringParameters))u!=null&&d.set(f,u);let a=d.toString();a&&(r+=`?${a}`)}let n=new Headers;for(let[d,a]of Object.entries(s.headers))a&&n.set(d,a);let o=s.httpMethod!=="GET"&&s.httpMethod!=="HEAD"&&s.body!=null?s.isBase64Encoded?atob(s.body):s.body:null;return new Request(r,{method:s.httpMethod,headers:n,body:o})}async function S(s){let e={};return s.headers.forEach((t,r)=>{e[r]=t}),{statusCode:s.status,headers:e,body:await s.text()}}function H(s,e){let{creds:t,getUser:r,...n}=s,i=new g({...n,getClientIp:n.getClientIp??(o=>o.headers.get("x-lambda-source-ip")||o.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||"unknown"),getPlatformSignals:n.getPlatformSignals??(()=>({}))});return async(o,d)=>{let a=v(o),f=o.requestContext?.identity?.sourceIp||o.headers["x-forwarded-for"]?.split(",")[0]?.trim()||"unknown";a.headers.set("x-lambda-source-ip",f);let u=r?.(o),c=await i.protect(a,t,u);return c.response?S(c.response):(c.deviceId&&(o.headers["x-obfious-device-id"]=String(c.deviceId)),e(o,d))}}export{g as Obfious,H as obfiousHandler};
|
package/dist/nextjs.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
var
|
|
1
|
+
var m="x-obfious-key",b="x-obfious-sig",P="x-obfious-ts",T=/\.(json|js|gif|png|woff2|css)$/;var p=class{config;creds;randomValue=null;randomValueCreatedAt=0;constructor(e){this.config={...e,apiUrl:e.apiUrl??"https://api.obfious.com"},this.creds={keyId:e.keyId,secret:e.secret}}async getScriptUrl(){if(this.config.scriptPath)return this.config.scriptPath;let e=await h(this.creds.secret);return this.ensureRandomValue(),`/?${e}=${this.randomValue}`}async getWorkerUrl(){let e=await y(this.creds.secret);return this.ensureRandomValue(),`/?${e}=${this.randomValue}`}async scriptTag(e){let t=await this.getScriptUrl(),n=e?.nonce?` nonce="${e.nonce}"`:"";return`<script src="${t}"${n}></script>`}async protect(e,t){let n=new URL(e.url);if(e.method==="GET"){if(n.pathname==="/")for(let[a]of n.searchParams){if(await v(this.creds.secret,a)){let l=await this.fetchBundle();if(l)return{response:new Response(l,{headers:{"Content-Type":"application/javascript","Cache-Control":"private, max-age=300"}})};break}if(await x(this.creds.secret,a)){let l=await this.fetchWorker();if(l)return{response:new Response(l,{headers:{"Content-Type":"application/javascript","Cache-Control":"private, max-age=300"}})};break}}if(this.config.scriptPath&&n.pathname===this.config.scriptPath){let a=await this.fetchBundle();if(a)return{response:new Response(a,{headers:{"Content-Type":"application/javascript","Cache-Control":"no-store"}})}}}if(e.method==="POST"&&T.test(n.pathname)){if((e.headers.get("Content-Type")||"")==="application/octet-stream")return{response:await this.forwardStreamToApi(e,n.pathname)};let l=e.clone(),g=new Uint8Array(await l.arrayBuffer());if(g.length>0&&g[0]===91)return{response:await this.forwardToApi(e,n.pathname,g)}}if(this.config.excludePaths?.some(a=>n.pathname.startsWith(a)))return{response:null};if(this.config.includePaths&&!this.config.includePaths.some(a=>n.pathname.startsWith(a)))return{response:null};let s=e.headers.get("x-req-auth");if(!s)return{response:new Response(null,{status:401})};let i=s.indexOf(".");if(i<1)return{response:new Response(null,{status:401})};let o=s.slice(0,i),u=s.slice(i+1),c=A(o);if(!c)return{response:new Response(null,{status:401})};let w=t&&this.config.privateKey?await R(t,this.config.privateKey):void 0,d=await this.validateToken(c,o,u,w);return d.valid?{response:null,deviceId:d.deviceId}:{response:new Response(null,{status:401})}}ensureRandomValue(){(!this.randomValue||Date.now()-this.randomValueCreatedAt>9e5)&&(this.randomValue=k(8),this.randomValueCreatedAt=Date.now())}getIp(e){return this.config.getClientIp?this.config.getClientIp(e):e.headers.get("CF-Connecting-IP")||e.headers.get("X-Forwarded-For")?.split(",")[0]?.trim()||e.headers.get("X-Real-IP")||"unknown"}async fetchBundle(){try{let e=await this.getWorkerUrl(),t=await this.authedFetch("/b",{method:"GET",headers:{"x-obfious-worker-url":e}});return t.ok?await t.text():null}catch{return null}}async fetchWorker(){try{let e=await this.authedFetch("/w",{method:"GET"});return e.ok?await e.text():null}catch{return null}}async forwardToApi(e,t,n){let s={"Content-Type":"application/json","x-obfious-ip":this.getIp(e)};if(this.config.getPlatformSignals)for(let[i,o]of Object.entries(this.config.getPlatformSignals(e)))s[i.replace(/[\r\n]/g,"")]=String(o).replace(/[\r\n]/g,"");return this.authedFetch(t,{method:"POST",headers:s,body:n.buffer})}async forwardStreamToApi(e,t){let n={"Content-Type":"application/octet-stream","x-obfious-ip":this.getIp(e)};if(this.config.getPlatformSignals)for(let[s,i]of Object.entries(this.config.getPlatformSignals(e)))n[s.replace(/[\r\n]/g,"")]=String(i).replace(/[\r\n]/g,"");return this.authedFetch(t,{method:"POST",headers:n,body:e.body??void 0})}async validateToken(e,t,n,s){try{let i={tokenHex:e,signature:n,payload:t};s&&(i.encryptedUser=s);let o=await this.authedFetch("/validate",{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(i)});if(!o.ok)return{valid:!1};let u=await o.json();return{valid:u.valid===!0,deviceId:u.deviceId}}catch{return{valid:!1}}}async authedFetch(e,t){let n=`${this.config.apiUrl}${e}`,s=Date.now().toString(),i=(t.method||"GET").toUpperCase(),o=`${s}.${i}.${e}`,u=await C(this.creds.secret,o),c=new Headers(t.headers);return c.set(m,this.creds.keyId),c.set(b,u),c.set(P,s),fetch(n,{...t,headers:c})}};async function h(r,e=0){let t=Math.floor(Date.now()/3e5)+e,n=await crypto.subtle.importKey("raw",new TextEncoder().encode(r),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),s=await crypto.subtle.sign("HMAC",n,new TextEncoder().encode("obfious-bootstrap-v1:"+t));return f(new Uint8Array(s)).slice(0,10)}async function v(r,e){if(e.length!==10||!/^[0-9a-f]{10}$/.test(e))return!1;for(let t of[-1,0,1])if(await h(r,t)===e)return!0;return!1}async function y(r,e=0){let t=Math.floor(Date.now()/3e5)+e,n=t%7+1,s=await crypto.subtle.importKey("raw",new TextEncoder().encode(r),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),i=await crypto.subtle.sign("HMAC",s,new TextEncoder().encode("obfious-worker-v1:"+t)),o=f(new Uint8Array(i)).slice(0,9);return o.slice(0,n)+"w"+o.slice(n)}async function x(r,e){if(e.length!==10)return!1;let t=e.indexOf("w");if(t<1||t>7||e.lastIndexOf("w")!==t)return!1;let n=e.slice(0,t)+e.slice(t+1);if(!/^[0-9a-f]{9}$/.test(n))return!1;for(let s of[-1,0,1])if(await y(r,s)===e)return!0;return!1}function f(r){return Array.from(r,e=>e.toString(16).padStart(2,"0")).join("")}async function C(r,e){let t=await crypto.subtle.importKey("raw",new TextEncoder().encode(r),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),n=await crypto.subtle.sign("HMAC",t,new TextEncoder().encode(e));return f(new Uint8Array(n))}async function R(r,e){let t=await crypto.subtle.importKey("raw",new TextEncoder().encode(e),{name:"HMAC",hash:"SHA-256"},!1,["sign"]),n=await crypto.subtle.sign("HMAC",t,new TextEncoder().encode(r));return f(new Uint8Array(n))}function A(r){try{let e=r.replace(/-/g,"+").replace(/_/g,"/");for(;e.length%4;)e+="=";let t=Uint8Array.from(atob(e),n=>n.charCodeAt(0));return t.length<9||t[0]!==33?null:f(t.slice(1,9))}catch{return null}}function k(r){let e="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789",t=crypto.getRandomValues(new Uint8Array(r));return Array.from(t,n=>e[n%e.length]).join("")}function U(r){let e=new p({...r,getClientIp:r.getClientIp??(t=>t.headers.get("x-forwarded-for")?.split(",")[0]?.trim()||t.headers.get("x-real-ip")||"unknown")});return async t=>(await e.protect(t)).response}async function O(r,e){return r.scriptTag({nonce:e})}export{p as Obfious,U as createObfiousMiddleware,O as obfiousScriptTag};
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@obfious/js",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.8",
|
|
4
4
|
"description": "Obfious anti-bot protection for JavaScript — CF Workers, Next.js, Express, Fastify, Lambda",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"exports": {
|
|
@@ -33,12 +33,14 @@
|
|
|
33
33
|
},
|
|
34
34
|
"scripts": {
|
|
35
35
|
"build": "node build.mjs",
|
|
36
|
+
"test": "vitest run",
|
|
36
37
|
"prepublishOnly": "npm run build",
|
|
37
38
|
"ship": "npm version patch && npm publish --access public"
|
|
38
39
|
},
|
|
39
40
|
"devDependencies": {
|
|
40
41
|
"esbuild": "^0.27.4",
|
|
41
|
-
"typescript": "^5.7.0"
|
|
42
|
+
"typescript": "^5.7.0",
|
|
43
|
+
"vitest": "^4.1.2"
|
|
42
44
|
},
|
|
43
45
|
"license": "SEE LICENSE IN LICENSE"
|
|
44
46
|
}
|