@passlock/node 0.9.30 → 2.0.0-beta.1

package/src/index.ts

@@ -1,159 +0,0 @@
-import { Effect as E, Layer as L, Runtime, Scope, pipe } from 'effect'
-
-import { ErrorCode } from '@passlock/shared/dist/error/error.js'
-import type {
-  Forbidden,
-  InternalServerError,
-  NotFound,
-  Unauthorized,
-} from '@passlock/shared/dist/error/error.js'
-
-import { Config } from './config/config.js'
-import {
-  type PrincipalRequest,
-  PrincipalService,
-  PrincipalServiceLive,
-  StreamResponseLive,
-} from './principal/principal.js'
-
-export type { PrincipalRequest } from './principal/principal.js'
-
-export { ErrorCode } from '@passlock/shared/dist/error/error.js'
-
-export class PasslockError extends Error {
-  readonly _tag = 'PasslockError'
-  readonly code: ErrorCode
-
-  constructor(message: string, code: ErrorCode) {
-    super(message)
-    this.code = code
-  }
-
-  static readonly isError = (error: unknown): error is PasslockError => {
-    return (
-      typeof error === 'object' &&
-      error !== null &&
-      '_tag' in error &&
-      error['_tag'] === 'PasslockError'
-    )
-  }
-}
-
-type PasslockErrors = NotFound | Unauthorized | Forbidden | InternalServerError
-
-const hasMessage = (defect: unknown): defect is { message: string } => {
-  return (
-    typeof defect === 'object' &&
-    defect !== null &&
-    'message' in defect &&
-    typeof defect['message'] === 'string'
-  )
-}
-
-const transformErrors = <A, R>(
-  effect: E.Effect<A, PasslockErrors, R>,
-): E.Effect<A | PasslockError, never, R> => {
-  const withErrorHandling = E.catchTags(effect, {
-    NotFound: e => E.succeed(new PasslockError(e.message, ErrorCode.NotFound)),
-    Unauthorized: e => E.succeed(new PasslockError(e.message, ErrorCode.Unauthorized)),
-    Forbidden: e => E.succeed(new PasslockError(e.message, ErrorCode.Forbidden)),
-    InternalServerError: e =>
-      E.succeed(new PasslockError(e.message, ErrorCode.InternalServerError)),
-  })
-
-  const sandboxed = E.sandbox(withErrorHandling)
-
-  const withSandboxing = E.catchTags(sandboxed, {
-    Die: ({ defect }) => {
-      return hasMessage(defect)
-        ? E.succeed(new PasslockError(defect.message, ErrorCode.InternalServerError))
-        : E.succeed(new PasslockError('Sorry, something went wrong', ErrorCode.InternalServerError))
-    },
-
-    Interrupt: () => {
-      console.error('Interrupt')
-
-      return E.succeed(new PasslockError('Operation aborted', ErrorCode.InternalBrowserError))
-    },
-
-    Sequential: errors => {
-      console.error(errors)
-
-      return E.succeed(
-        new PasslockError('Sorry, something went wrong', ErrorCode.InternalServerError),
-      )
-    },
-
-    Parallel: errors => {
-      console.error(errors)
-
-      return E.succeed(
-        new PasslockError('Sorry, something went wrong', ErrorCode.InternalServerError),
-      )
-    },
-  })
-
-  return E.unsandbox(withSandboxing)
-}
-
-type Requirements = PrincipalService
-
-export class PasslockUnsafe {
-  private readonly runtime: Runtime.Runtime<Requirements>
-
-  constructor(config: { tenancyId: string; apiKey: string; endpoint?: string }) {
-    const configLive = L.succeed(Config, Config.of(config))
-    const allLayers = pipe(
-      PrincipalServiceLive,
-      L.provide(configLive),
-      L.provide(StreamResponseLive),
-    )
-    const scope = E.runSync(Scope.make())
-    this.runtime = E.runSync(L.toRuntime(allLayers).pipe(Scope.extend(scope)))
-  }
-
-  private readonly runPromise = <A, R extends Requirements>(
-    effect: E.Effect<A, PasslockErrors, R>,
-  ) => {
-    return pipe(
-      transformErrors(effect),
-      E.flatMap(result => (PasslockError.isError(result) ? E.fail(result) : E.succeed(result))),
-      effect => Runtime.runPromise(this.runtime)(effect),
-    )
-  }
-
-  fetchPrincipal = (request: PrincipalRequest) =>
-    pipe(
-      PrincipalService,
-      E.flatMap(service => service.fetchPrincipal(request)),
-      effect => this.runPromise(effect),
-    )
-}
-
-export class Passlock {
-  private readonly runtime: Runtime.Runtime<Requirements>
-
-  constructor(config: { tenancyId: string; apiKey: string; endpoint?: string }) {
-    const configLive = L.succeed(Config, Config.of(config))
-    const allLayers = pipe(
-      PrincipalServiceLive,
-      L.provide(configLive),
-      L.provide(StreamResponseLive),
-    )
-    const scope = E.runSync(Scope.make())
-    this.runtime = E.runSync(L.toRuntime(allLayers).pipe(Scope.extend(scope)))
-  }
-
-  private readonly runPromise = <A, R extends Requirements>(
-    effect: E.Effect<A, PasslockErrors, R>,
-  ) => {
-    return pipe(transformErrors(effect), effect => Runtime.runPromise(this.runtime)(effect))
-  }
-
-  fetchPrincipal = (request: PrincipalRequest) =>
-    pipe(
-      PrincipalService,
-      E.flatMap(service => service.fetchPrincipal(request)),
-      effect => this.runPromise(effect),
-    )
-}

package/src/principal/principal.fixture.ts

@@ -1,107 +0,0 @@
-import * as S from '@effect/schema/Schema'
-import { Context, Effect as E, Layer as L, LogLevel, Logger, Ref, Stream, pipe } from 'effect'
-import type { RequestOptions } from 'https'
-
-import { Principal } from '@passlock/shared/dist/schema/principal.js'
-
-import { Config } from '../config/config.js'
-import {
-  type PrincipalService,
-  PrincipalServiceLive,
-  StreamResponse,
-  buildError,
-} from './principal.js'
-
-export const principal: Principal = {
-  jti: 'token',
-  token: 'token',
-  sub: 'user-1',
-  iss: 'idp.passlock.dev',
-  aud: 'tenancy_id',
-  // must be at least 1 second
-  // as it's truncated to seconds
-  iat: new Date(60 * 1000),
-  nbf: new Date(120 * 100),
-  exp: new Date(180 * 1000),
-  email: 'john.doe@gmail.com',
-  givenName: 'john',
-  familyName: 'doe',
-  emailVerified: false,
-  authType: 'passkey',
-  authId: 'auth-1',
-  userVerified: true,
-  // legacy
-  user: {
-    id: 'user-1',
-    givenName: 'john',
-    familyName: 'doe',
-    email: 'john.doe@gmail.com',
-    emailVerified: false,
-  },
-  authStatement: {
-    authType: 'passkey',
-    userVerified: false,
-    authTimestamp: new Date(0),
-  },
-  expireAt: new Date(0),
-}
-
-export const tenancyId = 'tenancyId'
-export const apiKey = 'apiKey'
-
-export const configTest = L.succeed(Config, Config.of({ tenancyId, apiKey }))
-
-export class State extends Context.Tag('State')<State, Ref.Ref<RequestOptions | undefined>>() {}
-
-export const buildEffect = <A, E>(
-  assertions: E.Effect<A, E, PrincipalService | State>,
-): E.Effect<void, E> => {
-  const streamResponseTest = L.effect(
-    StreamResponse,
-    E.gen(function* (_) {
-      const ref = yield* _(State)
-      const res = S.encodeSync(Principal)(principal)
-      const buff = Buffer.from(JSON.stringify(res))
-
-      return {
-        streamResponse: options =>
-          pipe(Stream.fromEffect(Ref.set(ref, options)), Stream.zipRight(Stream.make(buff))),
-      }
-    }),
-  )
-
-  const service = pipe(PrincipalServiceLive, L.provide(streamResponseTest), L.provide(configTest))
-
-  const args = L.effect(State, Ref.make<RequestOptions | undefined>(undefined))
-
-  const effect = pipe(
-    E.provide(assertions, service),
-    E.provide(args),
-    Logger.withMinimumLogLevel(LogLevel.None),
-  )
-
-  return effect
-}
-
-export const buildErrorEffect =
-  (statusCode: number) =>
-  <A>(assertions: E.Effect<void, A, PrincipalService>): E.Effect<void, A> => {
-    const streamResponseTest = L.succeed(
-      StreamResponse,
-      StreamResponse.of({
-        streamResponse: () => Stream.fail(buildError({ statusCode })),
-      }),
-    )
-
-    const service = pipe(PrincipalServiceLive, L.provide(streamResponseTest), L.provide(configTest))
-
-    const args = L.effect(State, Ref.make<RequestOptions | undefined>(undefined))
-
-    const effect = pipe(
-      E.provide(assertions, service),
-      E.provide(args),
-      Logger.withMinimumLogLevel(LogLevel.None),
-    )
-
-    return effect
-  }

package/src/principal/principal.test.ts

@@ -1,113 +0,0 @@
-import { Effect as E, Effect, Ref } from 'effect'
-import { describe, expect, test } from 'vitest'
-
-import {
-  Forbidden,
-  InternalServerError,
-  NotFound,
-  Unauthorized,
-} from '@passlock/shared/dist/error/error.js'
-
-import * as Fixture from './principal.fixture.js'
-import { PrincipalService } from './principal.js'
-
-describe('fetchPrincipal should', () => {
-  test('return a valid principal', () => {
-    const assertions = E.gen(function* (_) {
-      const service = yield* _(PrincipalService)
-      const result = yield* _(service.fetchPrincipal({ token: 'token' }))
-
-      expect(result).toEqual(Fixture.principal)
-    })
-
-    const effect = Fixture.buildEffect(assertions)
-
-    return E.runPromise(effect)
-  })
-
-  test('call the correct url', () => {
-    const assertions = E.gen(function* (_) {
-      const service = yield* _(PrincipalService)
-      yield* _(service.fetchPrincipal({ token: 'myToken' }))
-
-      const state = yield* _(Fixture.State)
-      const args = yield* _(Ref.get(state))
-
-      expect(args?.hostname).toEqual('api.passlock.dev')
-      expect(args?.method).toEqual('GET')
-      expect(args?.path).toEqual(`/${Fixture.tenancyId}/token/myToken`)
-    })
-
-    const effect = Fixture.buildEffect(assertions)
-
-    return E.runPromise(effect)
-  })
-
-  test('pass the api key as a header', () => {
-    const assertions = E.gen(function* (_) {
-      const service = yield* _(PrincipalService)
-      yield* _(service.fetchPrincipal({ token: 'myToken' }))
-
-      const state = yield* _(Fixture.State)
-      const args = yield* _(Ref.get(state))
-
-      expect(args?.headers?.['Authorization']).toEqual(`Bearer ${Fixture.apiKey}`)
-    })
-
-    const effect = Fixture.buildEffect(assertions)
-
-    return E.runPromise(effect)
-  })
-
-  test('propagate a 401 error', () => {
-    const assertions = E.gen(function* (_) {
-      const service = yield* _(PrincipalService)
-      const result = service.fetchPrincipal({ token: 'myToken' })
-      const error = yield* _(Effect.flip(result))
-      expect(error).toBeInstanceOf(Unauthorized)
-    })
-
-    const effect = Fixture.buildErrorEffect(401)(assertions)
-
-    return E.runPromise(effect)
-  })
-
-  test('propagate a 403 error', () => {
-    const assertions = E.gen(function* (_) {
-      const service = yield* _(PrincipalService)
-      const result = service.fetchPrincipal({ token: 'myToken' })
-      const error = yield* _(Effect.flip(result))
-      expect(error).toBeInstanceOf(Forbidden)
-    })
-
-    const effect = Fixture.buildErrorEffect(403)(assertions)
-
-    return E.runPromise(effect)
-  })
-
-  test('propagate a 404 error', () => {
-    const assertions = E.gen(function* (_) {
-      const service = yield* _(PrincipalService)
-      const result = service.fetchPrincipal({ token: 'myToken' })
-      const error = yield* _(Effect.flip(result))
-      expect(error).toBeInstanceOf(NotFound)
-    })
-
-    const effect = Fixture.buildErrorEffect(404)(assertions)
-
-    return E.runPromise(effect)
-  })
-
-  test('propagate a 500 error', () => {
-    const assertions = E.gen(function* (_) {
-      const service = yield* _(PrincipalService)
-      const result = service.fetchPrincipal({ token: 'myToken' })
-      const error = yield* _(Effect.flip(result))
-      expect(error).toBeInstanceOf(InternalServerError)
-    })
-
-    const effect = Fixture.buildErrorEffect(500)(assertions)
-
-    return E.runPromise(effect)
-  })
-})

package/src/principal/principal.ts

@@ -1,160 +0,0 @@
-import * as https from 'https'
-import type { StreamEmit } from 'effect'
-import { Chunk, Console, Context, Effect as E, Layer, Option, Stream, flow, pipe } from 'effect'
-
-import {
-  Forbidden,
-  InternalServerError,
-  NotFound,
-  Unauthorized,
-} from '@passlock/shared/dist/error/error.js'
-import { Principal } from '@passlock/shared/dist/schema/principal.js'
-import { createParser } from '@passlock/shared/dist/schema/utils.js'
-
-import { Config } from '../config/config.js'
-import { PASSLOCK_CLIENT_VERSION } from '../version.js'
-
-/* Dependencies */
-
-export class StreamResponse extends Context.Tag('@services/StreamResponse')<
-  StreamResponse,
-  {
-    streamResponse: (options: https.RequestOptions) => Stream.Stream<Buffer, PrincipalErrors>
-  }
->() {}
-
-/* Service */
-
-const parsePrincipal = createParser(Principal)
-
-export type PrincipalErrors = NotFound | Unauthorized | Forbidden | InternalServerError
-export type PrincipalRequest = { token: string }
-
-export class PrincipalService extends Context.Tag('@services/PrincipalService')<
-  PrincipalService,
-  {
-    fetchPrincipal: (request: PrincipalRequest) => E.Effect<Principal, PrincipalErrors>
-  }
->() {}
-
-/* Effects */
-
-const buildHostname = (endpoint: string | undefined) => {
-  return new URL(endpoint || 'https://api.passlock.dev').hostname
-}
-
-const buildOptions = (token: string) =>
-  pipe(
-    Config,
-    E.map(({ endpoint, tenancyId, apiKey }) => ({
-      hostname: buildHostname(endpoint),
-      port: 443,
-      path: `/${tenancyId}/token/${token}`,
-      method: 'GET',
-      headers: {
-        'Accept': 'application/json',
-        'Authorization': `Bearer ${apiKey}`,
-        'X-PASSLOCK-CLIENT-VERSION': PASSLOCK_CLIENT_VERSION,
-      },
-    })),
-  )
-
-export const buildError = (res: {
-  statusCode?: number | undefined
-  statusMessage?: string | undefined
-}) => {
-  if (res.statusCode === 404) return new NotFound({ message: 'Invalid token' })
-  if (res.statusCode === 401) return new Unauthorized({ message: 'Unauthorized' })
-  if (res.statusCode === 403) return new Forbidden({ message: 'Forbidden' })
-
-  if (res.statusCode && res.statusMessage)
-    return new InternalServerError({ message: `${String(res.statusCode)} - ${res.statusMessage}` })
-
-  if (res.statusCode) return new InternalServerError({ message: String(res.statusCode) })
-
-  if (res.statusMessage) return new InternalServerError({ message: res.statusMessage })
-
-  return new InternalServerError({ message: 'Received non 200 response' })
-}
-
-const fail = (error: PrincipalErrors) => E.fail(Option.some(error))
-const succeed = (data: Buffer) => E.succeed(Chunk.of(data))
-const close = E.fail(Option.none())
-
-const buildStream = (token: string) =>
-  pipe(
-    Stream.fromEffect(buildOptions(token)),
-    Stream.zip(StreamResponse),
-    Stream.flatMap(([options, { streamResponse }]) => streamResponse(options)),
-  )
-
-export const fetchPrincipal = (
-  request: PrincipalRequest,
-): E.Effect<Principal, PrincipalErrors, StreamResponse | Config> => {
-  const stream = buildStream(request.token)
-
-  const json = pipe(
-    Stream.runCollect(stream),
-    E.map(Chunk.toReadonlyArray),
-    E.map(buffers => Buffer.concat(buffers)),
-    E.flatMap(buffer =>
-      E.try({
-        try: () => buffer.toString(),
-        catch: e =>
-          new InternalServerError({
-            message: 'Unable to convert response to string',
-            detail: String(e),
-          }),
-      }),
-    ),
-    E.flatMap(buffer =>
-      E.try({
-        try: () => JSON.parse(buffer) as unknown,
-        catch: e =>
-          new InternalServerError({
-            message: 'Unable to parse response to json',
-            detail: String(e),
-          }),
-      }),
-    ),
-    E.flatMap(json =>
-      pipe(
-        parsePrincipal(json),
-        E.tapError(error => Console.error(error.detail)),
-        E.mapError(
-          () => new InternalServerError({ message: 'Unable to parse response as Principal' }),
-        ),
-      ),
-    ),
-  )
-
-  return json
-}
-
-/* Live */
-
-/* v8 ignore start */
-export const StreamResponseLive = Layer.succeed(StreamResponse, {
-  streamResponse: options =>
-    Stream.async((emit: StreamEmit.Emit<never, PrincipalErrors, Buffer, void>) => {
-      https
-        .request(options, res => {
-          if (200 !== res.statusCode) void emit(fail(buildError(res)))
-          res.on('data', (data: Buffer) => void emit(succeed(data)))
-          res.on('close', () => void emit(close))
-          res.on('error', e => void emit(fail(new InternalServerError({ message: e.message }))))
-        })
-        .end()
-    }),
-})
-
-export const PrincipalServiceLive = Layer.effect(
-  PrincipalService,
-  E.gen(function* (_) {
-    const context = yield* _(E.context<Config | StreamResponse>())
-    return PrincipalService.of({
-      fetchPrincipal: flow(fetchPrincipal, E.provide(context)),
-    })
-  }),
-)
-/* v8 ignore stop */

package/src/version.ts

@@ -1 +0,0 @@
-export const PASSLOCK_CLIENT_VERSION = '#{LATEST}#'