npm - @orpc/server - Versions diffs - 0.0.0-next.3cb80cf → 0.0.0-next.3ee2e95 - Mend

@orpc/server 0.0.0-next.3cb80cf → 0.0.0-next.3ee2e95

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (84) hide show

package/README.md +131 -0
package/dist/adapters/fetch/index.d.mts +58 -0
package/dist/adapters/fetch/index.d.ts +58 -0
package/dist/adapters/fetch/index.mjs +9 -0
package/dist/adapters/hono/index.d.mts +22 -0
package/dist/adapters/hono/index.d.ts +22 -0
package/dist/{hono.js → adapters/hono/index.mjs} +11 -13
package/dist/adapters/next/index.d.mts +29 -0
package/dist/adapters/next/index.d.ts +29 -0
package/dist/{next.js → adapters/next/index.mjs} +11 -13
package/dist/adapters/node/index.d.mts +57 -0
package/dist/adapters/node/index.d.ts +57 -0
package/dist/adapters/node/index.mjs +92 -0
package/dist/adapters/standard/index.d.mts +26 -0
package/dist/adapters/standard/index.d.ts +26 -0
package/dist/adapters/standard/index.mjs +6 -0
package/dist/index.d.mts +291 -0
package/dist/index.d.ts +291 -0
package/dist/{index.js → index.mjs} +107 -157
package/dist/plugins/index.d.mts +124 -0
package/dist/plugins/index.d.ts +124 -0
package/dist/plugins/index.mjs +276 -0
package/dist/shared/server.BVwwTHyO.mjs +9 -0
package/dist/{chunk-MHVECKBC.js → shared/server.C37gDhSZ.mjs} +167 -224
package/dist/shared/server.C56IpPNj.d.mts +10 -0
package/dist/{chunk-LXOL226G.js → shared/server.C78d5yfh.mjs} +64 -73
package/dist/shared/server.CSIDw0mq.mjs +106 -0
package/dist/shared/server.CyrwhzzU.d.ts +8 -0
package/dist/shared/server.DLt5njUb.d.mts +143 -0
package/dist/shared/server.DLt5njUb.d.ts +143 -0
package/dist/shared/server.DfyOFejj.d.ts +73 -0
package/dist/shared/server.DgrNIRDf.d.mts +8 -0
package/dist/shared/server.Dm5DEJl5.d.mts +73 -0
package/dist/shared/server.DnuwaDJo.d.ts +10 -0
package/package.json +30 -35
package/dist/chunk-KPT6FDBK.js +0 -32
package/dist/chunk-XI6WGCB3.js +0 -125
package/dist/fetch.js +0 -10
package/dist/node.js +0 -31
package/dist/plugins.js +0 -11
package/dist/src/adapters/fetch/index.d.ts +0 -3
package/dist/src/adapters/fetch/rpc-handler.d.ts +0 -11
package/dist/src/adapters/fetch/types.d.ts +0 -14
package/dist/src/adapters/hono/index.d.ts +0 -3
package/dist/src/adapters/hono/middleware.d.ts +0 -12
package/dist/src/adapters/next/index.d.ts +0 -3
package/dist/src/adapters/next/serve.d.ts +0 -19
package/dist/src/adapters/node/index.d.ts +0 -3
package/dist/src/adapters/node/rpc-handler.d.ts +0 -11
package/dist/src/adapters/node/types.d.ts +0 -22
package/dist/src/adapters/standard/handler.d.ts +0 -51
package/dist/src/adapters/standard/index.d.ts +0 -6
package/dist/src/adapters/standard/rpc-codec.d.ts +0 -16
package/dist/src/adapters/standard/rpc-handler.d.ts +0 -8
package/dist/src/adapters/standard/rpc-matcher.d.ts +0 -10
package/dist/src/adapters/standard/types.d.ts +0 -21
package/dist/src/builder-variants.d.ts +0 -75
package/dist/src/builder.d.ts +0 -58
package/dist/src/config.d.ts +0 -6
package/dist/src/context.d.ts +0 -8
package/dist/src/error.d.ts +0 -12
package/dist/src/hidden.d.ts +0 -8
package/dist/src/implementer-procedure.d.ts +0 -33
package/dist/src/implementer-variants.d.ts +0 -18
package/dist/src/implementer.d.ts +0 -29
package/dist/src/index.d.ts +0 -25
package/dist/src/lazy-utils.d.ts +0 -6
package/dist/src/lazy.d.ts +0 -22
package/dist/src/middleware-decorated.d.ts +0 -11
package/dist/src/middleware-utils.d.ts +0 -5
package/dist/src/middleware.d.ts +0 -38
package/dist/src/plugins/base.d.ts +0 -13
package/dist/src/plugins/cors.d.ts +0 -19
package/dist/src/plugins/index.d.ts +0 -4
package/dist/src/plugins/response-headers.d.ts +0 -10
package/dist/src/procedure-client.d.ts +0 -33
package/dist/src/procedure-decorated.d.ts +0 -24
package/dist/src/procedure-utils.d.ts +0 -19
package/dist/src/procedure.d.ts +0 -31
package/dist/src/router-accessible-lazy.d.ts +0 -8
package/dist/src/router-client.d.ts +0 -12
package/dist/src/router.d.ts +0 -30
package/dist/src/utils.d.ts +0 -24
package/dist/standard.js +0 -13

package/dist/plugins/index.d.ts ADDED Viewed

@@ -0,0 +1,124 @@
+import { Value } from '@orpc/shared';
+import { StandardRequest, StandardHeaders } from '@orpc/standard-server';
+import { BatchResponseBodyItem } from '@orpc/standard-server/batch';
+import { g as StandardHandlerInterceptorOptions, i as StandardHandlerPlugin, a as StandardHandlerOptions } from '../shared/server.DfyOFejj.js';
+import { C as Context, P as ProcedureClientInterceptorOptions } from '../shared/server.DLt5njUb.js';
+import { ORPCError, Meta } from '@orpc/contract';
+import { ORPCError as ORPCError$1 } from '@orpc/client';
+interface BatchHandlerOptions<T extends Context> {
+    /**
+     * The max size of the batch allowed.
+     *
+     * @default 10
+     */
+    maxSize?: Value<number, [StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * Map the request before processing it.
+     *
+     * @default merged back batch request headers into the request
+     */
+    mapRequestItem?(request: StandardRequest, batchOptions: StandardHandlerInterceptorOptions<T>): StandardRequest;
+    /**
+     * Success batch response status code.
+     *
+     * @default 207
+     */
+    successStatus?: Value<number, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * success batch response headers.
+     *
+     * @default {}
+     */
+    headers?: Value<StandardHeaders, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+}
+declare class BatchHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly maxSize;
+    private readonly mapRequestItem;
+    private readonly successStatus;
+    private readonly headers;
+    order: number;
+    constructor(options?: BatchHandlerOptions<T>);
+    init(options: StandardHandlerOptions<T>): void;
+}
+interface CORSOptions<T extends Context> {
+    origin?: Value<string | readonly string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
+    timingOrigin?: Value<string | readonly string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
+    allowMethods?: readonly string[];
+    allowHeaders?: readonly string[];
+    maxAge?: number;
+    credentials?: boolean;
+    exposeHeaders?: readonly string[];
+}
+declare class CORSPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly options;
+    order: number;
+    constructor(options?: CORSOptions<T>);
+    init(options: StandardHandlerOptions<T>): void;
+}
+interface GetMethodGuardPluginOptions {
+    /**
+     * The error thrown when a GET request is made to a procedure that doesn't allow GET.
+     *
+     * @default new ORPCError('METHOD_NOT_SUPPORTED')
+     */
+    error?: InstanceType<typeof ORPCError>;
+}
+declare class GetMethodGuardPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly error;
+    order: number;
+    constructor(options?: GetMethodGuardPluginOptions);
+    init(options: StandardHandlerOptions<T>): void;
+}
+interface ResponseHeadersPluginContext {
+    resHeaders?: Headers;
+}
+declare class ResponseHeadersPlugin<T extends ResponseHeadersPluginContext> implements StandardHandlerPlugin<T> {
+    init(options: StandardHandlerOptions<T>): void;
+}
+interface SimpleCsrfProtectionHandlerPluginOptions<T extends Context> {
+    /**
+     * The name of the header to check.
+     *
+     * @default 'x-csrf-token'
+     */
+    headerName?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * The value of the header to check.
+     *
+     * @default 'orpc'
+     *
+     */
+    headerValue?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * Exclude a procedure from the plugin.
+     *
+     * @default false
+     *
+     */
+    exclude?: Value<boolean, [options: ProcedureClientInterceptorOptions<T, Record<never, never>, Meta>]>;
+    /**
+     * The error thrown when the CSRF token is invalid.
+     *
+     * @default new ORPCError('CSRF_TOKEN_MISMATCH', {
+     *   status: 403,
+     *   message: 'Invalid CSRF token',
+     * })
+     */
+    error?: InstanceType<typeof ORPCError$1>;
+}
+declare class SimpleCsrfProtectionHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly headerName;
+    private readonly headerValue;
+    private readonly exclude;
+    private readonly error;
+    constructor(options?: SimpleCsrfProtectionHandlerPluginOptions<T>);
+    order: number;
+    init(options: StandardHandlerOptions<T>): void;
+}
+export { type BatchHandlerOptions, BatchHandlerPlugin, type CORSOptions, CORSPlugin, GetMethodGuardPlugin, type GetMethodGuardPluginOptions, ResponseHeadersPlugin, type ResponseHeadersPluginContext, SimpleCsrfProtectionHandlerPlugin, type SimpleCsrfProtectionHandlerPluginOptions };

package/dist/plugins/index.mjs ADDED Viewed

@@ -0,0 +1,276 @@
+import { value } from '@orpc/shared';
+import { parseBatchRequest, toBatchResponse } from '@orpc/standard-server/batch';
+import { ORPCError, fallbackContractConfig } from '@orpc/contract';
+import { ORPCError as ORPCError$1 } from '@orpc/client';
+class BatchHandlerPlugin {
+  maxSize;
+  mapRequestItem;
+  successStatus;
+  headers;
+  order = 5e6;
+  constructor(options = {}) {
+    this.maxSize = options.maxSize ?? 10;
+    this.mapRequestItem = options.mapRequestItem ?? ((request, { request: batchRequest }) => ({
+      ...request,
+      headers: {
+        ...batchRequest.headers,
+        ...request.headers
+      }
+    }));
+    this.successStatus = options.successStatus ?? 207;
+    this.headers = options.headers ?? {};
+  }
+  init(options) {
+    options.rootInterceptors ??= [];
+    options.rootInterceptors.unshift(async (options2) => {
+      if (options2.request.headers["x-orpc-batch"] !== "1") {
+        return options2.next();
+      }
+      let isParsing = false;
+      try {
+        isParsing = true;
+        const parsed = parseBatchRequest({ ...options2.request, body: await options2.request.body() });
+        isParsing = false;
+        const maxSize = await value(this.maxSize, options2);
+        if (parsed.length > maxSize) {
+          return {
+            matched: true,
+            response: {
+              status: 413,
+              headers: {},
+              body: "Batch request size exceeds the maximum allowed size"
+            }
+          };
+        }
+        const responses = parsed.map(
+          (request, index) => {
+            const mapped = this.mapRequestItem(request, options2);
+            return options2.next({ ...options2, request: { ...mapped, body: () => Promise.resolve(mapped.body) } }).then(({ response: response2, matched }) => {
+              if (matched) {
+                return { ...response2, index };
+              }
+              return { index, status: 404, headers: {}, body: "No procedure matched" };
+            }).catch(() => {
+              return { index, status: 500, headers: {}, body: "Internal server error" };
+            });
+          }
+        );
+        await Promise.race(responses);
+        const status = await value(this.successStatus, responses, options2);
+        const headers = await value(this.headers, responses, options2);
+        const response = toBatchResponse({
+          status,
+          headers,
+          body: async function* () {
+            const promises = [...responses];
+            while (true) {
+              const handling = promises.filter((p) => p !== void 0);
+              if (handling.length === 0) {
+                return;
+              }
+              const result = await Promise.race(handling);
+              promises[result.index] = void 0;
+              yield result;
+            }
+          }()
+        });
+        return {
+          matched: true,
+          response
+        };
+      } catch (cause) {
+        if (isParsing) {
+          return {
+            matched: true,
+            response: { status: 400, headers: {}, body: "Invalid batch request, this could be caused by a malformed request body or a missing header" }
+          };
+        }
+        throw cause;
+      }
+    });
+  }
+}
+class CORSPlugin {
+  options;
+  order = 9e6;
+  constructor(options = {}) {
+    const defaults = {
+      origin: (origin) => origin,
+      allowMethods: ["GET", "HEAD", "PUT", "POST", "DELETE", "PATCH"]
+    };
+    this.options = {
+      ...defaults,
+      ...options
+    };
+  }
+  init(options) {
+    options.rootInterceptors ??= [];
+    options.rootInterceptors.unshift(async (interceptorOptions) => {
+      if (interceptorOptions.request.method === "OPTIONS") {
+        const resHeaders = {};
+        if (this.options.maxAge !== void 0) {
+          resHeaders["access-control-max-age"] = this.options.maxAge.toString();
+        }
+        if (this.options.allowMethods?.length) {
+          resHeaders["access-control-allow-methods"] = this.options.allowMethods.join(",");
+        }
+        const allowHeaders = this.options.allowHeaders ?? interceptorOptions.request.headers["access-control-request-headers"];
+        if (Array.isArray(allowHeaders) && allowHeaders.length) {
+          resHeaders["access-control-allow-headers"] = allowHeaders.join(",");
+        } else if (typeof allowHeaders === "string") {
+          resHeaders["access-control-allow-headers"] = allowHeaders;
+        }
+        return {
+          matched: true,
+          response: {
+            status: 204,
+            headers: resHeaders,
+            body: void 0
+          }
+        };
+      }
+      return interceptorOptions.next();
+    });
+    options.rootInterceptors.unshift(async (interceptorOptions) => {
+      const result = await interceptorOptions.next();
+      if (!result.matched) {
+        return result;
+      }
+      const origin = Array.isArray(interceptorOptions.request.headers.origin) ? interceptorOptions.request.headers.origin.join(",") : interceptorOptions.request.headers.origin || "";
+      const allowedOrigin = await value(this.options.origin, origin, interceptorOptions);
+      const allowedOriginArr = Array.isArray(allowedOrigin) ? allowedOrigin : [allowedOrigin];
+      if (allowedOriginArr.includes("*")) {
+        result.response.headers["access-control-allow-origin"] = "*";
+      } else {
+        if (allowedOriginArr.includes(origin)) {
+          result.response.headers["access-control-allow-origin"] = origin;
+        }
+        result.response.headers.vary = interceptorOptions.request.headers.vary ?? "origin";
+      }
+      const allowedTimingOrigin = await value(this.options.timingOrigin, origin, interceptorOptions);
+      const allowedTimingOriginArr = Array.isArray(allowedTimingOrigin) ? allowedTimingOrigin : [allowedTimingOrigin];
+      if (allowedTimingOriginArr.includes("*")) {
+        result.response.headers["timing-allow-origin"] = "*";
+      } else if (allowedTimingOriginArr.includes(origin)) {
+        result.response.headers["timing-allow-origin"] = origin;
+      }
+      if (this.options.credentials) {
+        result.response.headers["access-control-allow-credentials"] = "true";
+      }
+      if (this.options.exposeHeaders?.length) {
+        result.response.headers["access-control-expose-headers"] = this.options.exposeHeaders.join(",");
+      }
+      return result;
+    });
+  }
+}
+const GET_METHOD_GUARD_PLUGIN_IS_GET_METHOD_CONTEXT_SYMBOL = Symbol("GET_METHOD_GUARD_PLUGIN_IS_GET_METHOD_CONTEXT");
+class GetMethodGuardPlugin {
+  error;
+  order = 7e6;
+  constructor(options = {}) {
+    this.error = options.error ?? new ORPCError("METHOD_NOT_SUPPORTED");
+  }
+  init(options) {
+    options.rootInterceptors ??= [];
+    options.clientInterceptors ??= [];
+    options.rootInterceptors.unshift((options2) => {
+      const isGetMethod = options2.request.method === "GET";
+      return options2.next({
+        ...options2,
+        context: {
+          ...options2.context,
+          [GET_METHOD_GUARD_PLUGIN_IS_GET_METHOD_CONTEXT_SYMBOL]: isGetMethod
+        }
+      });
+    });
+    options.clientInterceptors.unshift((options2) => {
+      if (typeof options2.context[GET_METHOD_GUARD_PLUGIN_IS_GET_METHOD_CONTEXT_SYMBOL] !== "boolean") {
+        throw new TypeError("[GetMethodGuardPlugin] GET method guard context has been corrupted or modified by another plugin or interceptor");
+      }
+      const procedureMethod = fallbackContractConfig("defaultMethod", options2.procedure["~orpc"].route.method);
+      if (options2.context[GET_METHOD_GUARD_PLUGIN_IS_GET_METHOD_CONTEXT_SYMBOL] && procedureMethod !== "GET") {
+        throw this.error;
+      }
+      return options2.next();
+    });
+  }
+}
+class ResponseHeadersPlugin {
+  init(options) {
+    options.rootInterceptors ??= [];
+    options.rootInterceptors.push(async (interceptorOptions) => {
+      const resHeaders = interceptorOptions.context.resHeaders ?? new Headers();
+      const result = await interceptorOptions.next({
+        ...interceptorOptions,
+        context: {
+          ...interceptorOptions.context,
+          resHeaders
+        }
+      });
+      if (!result.matched) {
+        return result;
+      }
+      const responseHeaders = result.response.headers;
+      for (const [key, value] of resHeaders) {
+        if (Array.isArray(responseHeaders[key])) {
+          responseHeaders[key].push(value);
+        } else if (responseHeaders[key] !== void 0) {
+          responseHeaders[key] = [responseHeaders[key], value];
+        } else {
+          responseHeaders[key] = value;
+        }
+      }
+      return result;
+    });
+  }
+}
+const SIMPLE_CSRF_PROTECTION_CONTEXT_SYMBOL = Symbol("SIMPLE_CSRF_PROTECTION_CONTEXT");
+class SimpleCsrfProtectionHandlerPlugin {
+  headerName;
+  headerValue;
+  exclude;
+  error;
+  constructor(options = {}) {
+    this.headerName = options.headerName ?? "x-csrf-token";
+    this.headerValue = options.headerValue ?? "orpc";
+    this.exclude = options.exclude ?? false;
+    this.error = options.error ?? new ORPCError$1("CSRF_TOKEN_MISMATCH", {
+      status: 403,
+      message: "Invalid CSRF token"
+    });
+  }
+  order = 8e6;
+  init(options) {
+    options.rootInterceptors ??= [];
+    options.clientInterceptors ??= [];
+    options.rootInterceptors.unshift(async (options2) => {
+      const headerName = await value(this.headerName, options2);
+      const headerValue = await value(this.headerValue, options2);
+      return options2.next({
+        ...options2,
+        context: {
+          ...options2.context,
+          [SIMPLE_CSRF_PROTECTION_CONTEXT_SYMBOL]: options2.request.headers[headerName] === headerValue
+        }
+      });
+    });
+    options.clientInterceptors.unshift(async (options2) => {
+      if (typeof options2.context[SIMPLE_CSRF_PROTECTION_CONTEXT_SYMBOL] !== "boolean") {
+        throw new TypeError("[SimpleCsrfProtectionHandlerPlugin] CSRF protection context has been corrupted or modified by another plugin or interceptor");
+      }
+      const excluded = await value(this.exclude, options2);
+      if (!excluded && !options2.context[SIMPLE_CSRF_PROTECTION_CONTEXT_SYMBOL]) {
+        throw this.error;
+      }
+      return options2.next();
+    });
+  }
+}
+export { BatchHandlerPlugin, CORSPlugin, GetMethodGuardPlugin, ResponseHeadersPlugin, SimpleCsrfProtectionHandlerPlugin };

package/dist/shared/server.BVwwTHyO.mjs ADDED Viewed

@@ -0,0 +1,9 @@
+function resolveFriendlyStandardHandleOptions(options) {
+  return {
+    ...options,
+    context: options?.context ?? {}
+    // Context only optional if all fields are optional
+  };
+}
+export { resolveFriendlyStandardHandleOptions as r };