npm - @orpc/server - Versions diffs - 0.0.0-next.09ec5b4 → 0.0.0-next.0adc01c - Mend

@orpc/server 0.0.0-next.09ec5b4 → 0.0.0-next.0adc01c

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (45) hide show

package/README.md +14 -1
package/dist/adapters/fetch/index.d.mts +42 -11
package/dist/adapters/fetch/index.d.ts +42 -11
package/dist/adapters/fetch/index.mjs +7 -5
package/dist/adapters/hono/index.d.mts +6 -4
package/dist/adapters/hono/index.d.ts +6 -4
package/dist/adapters/hono/index.mjs +7 -5
package/dist/adapters/next/index.d.mts +6 -4
package/dist/adapters/next/index.d.ts +6 -4
package/dist/adapters/next/index.mjs +7 -5
package/dist/adapters/node/index.d.mts +44 -22
package/dist/adapters/node/index.d.ts +44 -22
package/dist/adapters/node/index.mjs +82 -20
package/dist/adapters/standard/index.d.mts +14 -17
package/dist/adapters/standard/index.d.ts +14 -17
package/dist/adapters/standard/index.mjs +6 -5
package/dist/index.d.mts +160 -124
package/dist/index.d.ts +160 -124
package/dist/index.mjs +78 -48
package/dist/plugins/index.d.mts +111 -18
package/dist/plugins/index.d.ts +111 -18
package/dist/plugins/index.mjs +148 -7
package/dist/shared/server.BVwwTHyO.mjs +9 -0
package/dist/shared/server.BW-nUGgA.mjs +36 -0
package/dist/shared/server.Bm0UqHzd.mjs +103 -0
package/dist/shared/{server.V6zT5iYQ.mjs → server.C37gDhSZ.mjs} +158 -173
package/dist/shared/server.C8NkqxHo.d.ts +17 -0
package/dist/shared/server.CGCwEAt_.d.mts +10 -0
package/dist/shared/server.DCQgF_JR.d.mts +17 -0
package/dist/shared/server.DFFT_EZo.d.ts +73 -0
package/dist/shared/server.DFuJLDuo.mjs +190 -0
package/dist/shared/server.DLt5njUb.d.mts +143 -0
package/dist/shared/server.DLt5njUb.d.ts +143 -0
package/dist/shared/server.DOYDVeMX.d.mts +73 -0
package/dist/shared/server._2UufoXA.d.ts +10 -0
package/package.json +8 -8
package/dist/shared/server.BBGuTxHE.mjs +0 -163
package/dist/shared/server.B_cAGti1.d.mts +0 -9
package/dist/shared/server.CUE4Aija.mjs +0 -24
package/dist/shared/server.Cn9ybJtE.d.mts +0 -152
package/dist/shared/server.Cn9ybJtE.d.ts +0 -152
package/dist/shared/server.CynXWJja.d.ts +0 -9
package/dist/shared/server.D86dtDX_.d.mts +0 -77
package/dist/shared/server.Q6ZmnTgO.mjs +0 -12
package/dist/shared/server.dPmfqnQI.d.ts +0 -77

package/dist/plugins/index.mjs CHANGED Viewed

@@ -1,9 +1,102 @@
-export { C as CompositePlugin } from '../shared/server.Q6ZmnTgO.mjs';
 import { value } from '@orpc/shared';
+import { parseBatchRequest, toBatchResponse } from '@orpc/standard-server/batch';
+import { ORPCError } from '@orpc/client';
+export { S as StrictGetMethodPlugin } from '../shared/server.BW-nUGgA.mjs';
+import '@orpc/contract';
+class BatchHandlerPlugin {
+  maxSize;
+  mapRequestItem;
+  successStatus;
+  headers;
+  order = 5e6;
+  constructor(options = {}) {
+    this.maxSize = options.maxSize ?? 10;
+    this.mapRequestItem = options.mapRequestItem ?? ((request, { request: batchRequest }) => ({
+      ...request,
+      headers: {
+        ...batchRequest.headers,
+        ...request.headers
+      }
+    }));
+    this.successStatus = options.successStatus ?? 207;
+    this.headers = options.headers ?? {};
+  }
+  init(options) {
+    options.rootInterceptors ??= [];
+    options.rootInterceptors.unshift(async (options2) => {
+      if (options2.request.headers["x-orpc-batch"] !== "1") {
+        return options2.next();
+      }
+      let isParsing = false;
+      try {
+        isParsing = true;
+        const parsed = parseBatchRequest({ ...options2.request, body: await options2.request.body() });
+        isParsing = false;
+        const maxSize = await value(this.maxSize, options2);
+        if (parsed.length > maxSize) {
+          return {
+            matched: true,
+            response: {
+              status: 413,
+              headers: {},
+              body: "Batch request size exceeds the maximum allowed size"
+            }
+          };
+        }
+        const responses = parsed.map(
+          (request, index) => {
+            const mapped = this.mapRequestItem(request, options2);
+            return options2.next({ ...options2, request: { ...mapped, body: () => Promise.resolve(mapped.body) } }).then(({ response: response2, matched }) => {
+              if (matched) {
+                return { ...response2, index };
+              }
+              return { index, status: 404, headers: {}, body: "No procedure matched" };
+            }).catch(() => {
+              return { index, status: 500, headers: {}, body: "Internal server error" };
+            });
+          }
+        );
+        await Promise.race(responses);
+        const status = await value(this.successStatus, responses, options2);
+        const headers = await value(this.headers, responses, options2);
+        const response = toBatchResponse({
+          status,
+          headers,
+          body: async function* () {
+            const promises = [...responses];
+            while (true) {
+              const handling = promises.filter((p) => p !== void 0);
+              if (handling.length === 0) {
+                return;
+              }
+              const result = await Promise.race(handling);
+              promises[result.index] = void 0;
+              yield result;
+            }
+          }()
+        });
+        return {
+          matched: true,
+          response
+        };
+      } catch (cause) {
+        if (isParsing) {
+          return {
+            matched: true,
+            response: { status: 400, headers: {}, body: "Invalid batch request, this could be caused by a malformed request body or a missing header" }
+          };
+        }
+        throw cause;
+      }
+    });
+  }
+}
 class CORSPlugin {
   options;
-  constructor(options) {
+  order = 9e6;
+  constructor(options = {}) {
     const defaults = {
       origin: (origin) => origin,
       allowMethods: ["GET", "HEAD", "PUT", "POST", "DELETE", "PATCH"]
@@ -79,14 +172,19 @@ class ResponseHeadersPlugin {
   init(options) {
     options.rootInterceptors ??= [];
     options.rootInterceptors.push(async (interceptorOptions) => {
-      const headers = new Headers();
-      interceptorOptions.context.resHeaders = headers;
-      const result = await interceptorOptions.next();
+      const resHeaders = interceptorOptions.context.resHeaders ?? new Headers();
+      const result = await interceptorOptions.next({
+        ...interceptorOptions,
+        context: {
+          ...interceptorOptions.context,
+          resHeaders
+        }
+      });
       if (!result.matched) {
         return result;
       }
       const responseHeaders = result.response.headers;
-      for (const [key, value] of headers) {
+      for (const [key, value] of resHeaders) {
         if (Array.isArray(responseHeaders[key])) {
           responseHeaders[key].push(value);
         } else if (responseHeaders[key] !== void 0) {
@@ -100,4 +198,47 @@ class ResponseHeadersPlugin {
   }
 }
-export { CORSPlugin, ResponseHeadersPlugin };
+const SIMPLE_CSRF_PROTECTION_CONTEXT_SYMBOL = Symbol("SIMPLE_CSRF_PROTECTION_CONTEXT");
+class SimpleCsrfProtectionHandlerPlugin {
+  headerName;
+  headerValue;
+  exclude;
+  error;
+  constructor(options = {}) {
+    this.headerName = options.headerName ?? "x-csrf-token";
+    this.headerValue = options.headerValue ?? "orpc";
+    this.exclude = options.exclude ?? false;
+    this.error = options.error ?? new ORPCError("CSRF_TOKEN_MISMATCH", {
+      status: 403,
+      message: "Invalid CSRF token"
+    });
+  }
+  order = 8e6;
+  init(options) {
+    options.rootInterceptors ??= [];
+    options.clientInterceptors ??= [];
+    options.rootInterceptors.unshift(async (options2) => {
+      const headerName = await value(this.headerName, options2);
+      const headerValue = await value(this.headerValue, options2);
+      return options2.next({
+        ...options2,
+        context: {
+          ...options2.context,
+          [SIMPLE_CSRF_PROTECTION_CONTEXT_SYMBOL]: options2.request.headers[headerName] === headerValue
+        }
+      });
+    });
+    options.clientInterceptors.unshift(async (options2) => {
+      if (typeof options2.context[SIMPLE_CSRF_PROTECTION_CONTEXT_SYMBOL] !== "boolean") {
+        throw new TypeError("[SimpleCsrfProtectionHandlerPlugin] CSRF protection context has been corrupted or modified by another plugin or interceptor");
+      }
+      const excluded = await value(this.exclude, options2);
+      if (!excluded && !options2.context[SIMPLE_CSRF_PROTECTION_CONTEXT_SYMBOL]) {
+        throw this.error;
+      }
+      return options2.next();
+    });
+  }
+}
+export { BatchHandlerPlugin, CORSPlugin, ResponseHeadersPlugin, SimpleCsrfProtectionHandlerPlugin };

package/dist/shared/server.BVwwTHyO.mjs ADDED Viewed

@@ -0,0 +1,9 @@
+function resolveFriendlyStandardHandleOptions(options) {
+  return {
+    ...options,
+    context: options?.context ?? {}
+    // Context only optional if all fields are optional
+  };
+}
+export { resolveFriendlyStandardHandleOptions as r };

package/dist/shared/server.BW-nUGgA.mjs ADDED Viewed

@@ -0,0 +1,36 @@
+import { ORPCError, fallbackContractConfig } from '@orpc/contract';
+const STRICT_GET_METHOD_PLUGIN_IS_GET_METHOD_CONTEXT_SYMBOL = Symbol("STRICT_GET_METHOD_PLUGIN_IS_GET_METHOD_CONTEXT");
+class StrictGetMethodPlugin {
+  error;
+  order = 7e6;
+  constructor(options = {}) {
+    this.error = options.error ?? new ORPCError("METHOD_NOT_SUPPORTED");
+  }
+  init(options) {
+    options.rootInterceptors ??= [];
+    options.clientInterceptors ??= [];
+    options.rootInterceptors.unshift((options2) => {
+      const isGetMethod = options2.request.method === "GET";
+      return options2.next({
+        ...options2,
+        context: {
+          ...options2.context,
+          [STRICT_GET_METHOD_PLUGIN_IS_GET_METHOD_CONTEXT_SYMBOL]: isGetMethod
+        }
+      });
+    });
+    options.clientInterceptors.unshift((options2) => {
+      if (typeof options2.context[STRICT_GET_METHOD_PLUGIN_IS_GET_METHOD_CONTEXT_SYMBOL] !== "boolean") {
+        throw new TypeError("[StrictGetMethodPlugin] strict GET method context has been corrupted or modified by another plugin or interceptor");
+      }
+      const procedureMethod = fallbackContractConfig("defaultMethod", options2.procedure["~orpc"].route.method);
+      if (options2.context[STRICT_GET_METHOD_PLUGIN_IS_GET_METHOD_CONTEXT_SYMBOL] && procedureMethod !== "GET") {
+        throw this.error;
+      }
+      return options2.next();
+    });
+  }
+}
+export { StrictGetMethodPlugin as S };

package/dist/shared/server.Bm0UqHzd.mjs ADDED Viewed

@@ -0,0 +1,103 @@
+import { ORPCError } from '@orpc/client';
+import { toArray, intercept, resolveMaybeOptionalOptions } from '@orpc/shared';
+import '@orpc/contract';
+import { C as CompositeStandardHandlerPlugin, b as StandardRPCHandler } from './server.DFuJLDuo.mjs';
+import '@orpc/client/standard';
+import { toStandardLazyRequest, toFetchResponse } from '@orpc/standard-server-fetch';
+import { r as resolveFriendlyStandardHandleOptions } from './server.BVwwTHyO.mjs';
+import '@orpc/standard-server/batch';
+class BodyLimitPlugin {
+  maxBodySize;
+  constructor(options) {
+    this.maxBodySize = options.maxBodySize;
+  }
+  initRuntimeAdapter(options) {
+    options.adapterInterceptors ??= [];
+    options.adapterInterceptors.push(async (options2) => {
+      if (!options2.request.body) {
+        return options2.next();
+      }
+      let currentBodySize = 0;
+      const rawReader = options2.request.body.getReader();
+      const reader = new ReadableStream({
+        start: async (controller) => {
+          try {
+            if (Number(options2.request.headers.get("content-length")) > this.maxBodySize) {
+              controller.error(new ORPCError("PAYLOAD_TOO_LARGE"));
+              return;
+            }
+            while (true) {
+              const { done, value } = await rawReader.read();
+              if (done) {
+                break;
+              }
+              currentBodySize += value.length;
+              if (currentBodySize > this.maxBodySize) {
+                controller.error(new ORPCError("PAYLOAD_TOO_LARGE"));
+                break;
+              }
+              controller.enqueue(value);
+            }
+          } finally {
+            controller.close();
+          }
+        }
+      });
+      const requestInit = { body: reader, duplex: "half" };
+      return options2.next({
+        ...options2,
+        request: new Request(options2.request, requestInit)
+      });
+    });
+  }
+}
+class CompositeFetchHandlerPlugin extends CompositeStandardHandlerPlugin {
+  initRuntimeAdapter(options) {
+    for (const plugin of this.plugins) {
+      plugin.initRuntimeAdapter?.(options);
+    }
+  }
+}
+class FetchHandler {
+  constructor(standardHandler, options = {}) {
+    this.standardHandler = standardHandler;
+    const plugin = new CompositeFetchHandlerPlugin(options.plugins);
+    plugin.initRuntimeAdapter(options);
+    this.adapterInterceptors = toArray(options.adapterInterceptors);
+    this.toFetchResponseOptions = options;
+  }
+  toFetchResponseOptions;
+  adapterInterceptors;
+  async handle(request, ...rest) {
+    return intercept(
+      this.adapterInterceptors,
+      {
+        ...resolveFriendlyStandardHandleOptions(resolveMaybeOptionalOptions(rest)),
+        request,
+        toFetchResponseOptions: this.toFetchResponseOptions
+      },
+      async ({ request: request2, toFetchResponseOptions, ...options }) => {
+        const standardRequest = toStandardLazyRequest(request2);
+        const result = await this.standardHandler.handle(standardRequest, options);
+        if (!result.matched) {
+          return result;
+        }
+        return {
+          matched: true,
+          response: toFetchResponse(result.response, toFetchResponseOptions)
+        };
+      }
+    );
+  }
+}
+class RPCHandler extends FetchHandler {
+  constructor(router, options = {}) {
+    super(new StandardRPCHandler(router, options), options);
+  }
+}
+export { BodyLimitPlugin as B, CompositeFetchHandlerPlugin as C, FetchHandler as F, RPCHandler as R };