@pikku/core 0.11.2 → 0.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +33 -2
- package/dist/crypto-utils.d.ts +2 -0
- package/dist/crypto-utils.js +78 -0
- package/dist/errors/errors.d.ts +8 -0
- package/dist/errors/errors.js +16 -0
- package/dist/errors/index.d.ts +0 -1
- package/dist/errors/index.js +0 -1
- package/dist/function/function-runner.d.ts +7 -1
- package/dist/function/function-runner.js +82 -23
- package/dist/function/functions.types.d.ts +31 -87
- package/dist/function/functions.types.js +16 -46
- package/dist/function/index.d.ts +2 -2
- package/dist/function/index.js +1 -2
- package/dist/handle-error.js +1 -10
- package/dist/index.d.ts +28 -26
- package/dist/index.js +18 -29
- package/dist/middleware/auth-apikey.d.ts +2 -2
- package/dist/middleware/auth-apikey.js +3 -3
- package/dist/middleware/auth-bearer.d.ts +2 -2
- package/dist/middleware/auth-bearer.js +3 -6
- package/dist/middleware/auth-cookie.d.ts +2 -2
- package/dist/middleware/auth-cookie.js +6 -8
- package/dist/middleware/cors.d.ts +46 -0
- package/dist/middleware/cors.js +73 -0
- package/dist/middleware/index.d.ts +5 -3
- package/dist/middleware/index.js +5 -3
- package/dist/middleware/remote-auth.d.ts +5 -0
- package/dist/middleware/remote-auth.js +55 -0
- package/dist/middleware/timeout.d.ts +2 -2
- package/dist/middleware-runner.js +8 -10
- package/dist/permissions.js +11 -15
- package/dist/pikku-state.d.ts +1 -0
- package/dist/pikku-state.js +18 -8
- package/dist/schema.js +12 -11
- package/dist/services/ai-agent-runner-service.d.ts +24 -0
- package/dist/services/ai-agent-runner-service.js +1 -0
- package/dist/services/ai-run-state-service.d.ts +13 -0
- package/dist/services/ai-run-state-service.js +1 -0
- package/dist/services/ai-storage-service.d.ts +18 -0
- package/dist/services/ai-storage-service.js +1 -0
- package/dist/services/deployment-service.d.ts +19 -0
- package/dist/services/deployment-service.js +1 -0
- package/dist/services/gopass-secrets.d.ts +47 -0
- package/dist/services/gopass-secrets.js +94 -0
- package/dist/services/in-memory-trigger-service.d.ts +23 -0
- package/dist/services/in-memory-trigger-service.js +50 -0
- package/dist/services/in-memory-workflow-service.d.ts +59 -0
- package/dist/services/in-memory-workflow-service.js +287 -0
- package/dist/services/index.d.ts +25 -11
- package/dist/services/index.js +10 -13
- package/dist/services/local-secrets.d.ts +23 -0
- package/dist/services/local-secrets.js +45 -0
- package/dist/services/local-variables.d.ts +5 -0
- package/dist/services/local-variables.js +18 -0
- package/dist/services/scheduler-service.d.ts +21 -1
- package/dist/services/scheduler-service.js +14 -0
- package/dist/services/schema-service.d.ts +6 -0
- package/dist/services/scoped-secret-service.d.ts +16 -0
- package/dist/services/scoped-secret-service.js +35 -0
- package/dist/services/secret-service.d.ts +25 -4
- package/dist/services/trigger-service.d.ts +23 -0
- package/dist/services/trigger-service.js +1 -0
- package/dist/services/typed-secret-service.d.ts +30 -0
- package/dist/services/typed-secret-service.js +40 -0
- package/dist/services/typed-variables-service.d.ts +27 -0
- package/dist/services/typed-variables-service.js +46 -0
- package/dist/services/user-session-service.d.ts +13 -0
- package/dist/services/user-session-service.js +17 -0
- package/dist/services/variables-service.d.ts +5 -0
- package/dist/services/workflow-service.d.ts +9 -4
- package/dist/types/core.types.d.ts +48 -12
- package/dist/types/core.types.js +8 -1
- package/dist/types/state.types.d.ts +43 -51
- package/dist/utils.d.ts +3 -2
- package/dist/utils.js +15 -3
- package/dist/version.d.ts +6 -0
- package/dist/version.js +19 -0
- package/dist/wirings/ai-agent/ai-agent-memory.d.ts +29 -0
- package/dist/wirings/ai-agent/ai-agent-memory.js +199 -0
- package/dist/wirings/ai-agent/ai-agent-model-config.d.ts +9 -0
- package/dist/wirings/ai-agent/ai-agent-model-config.js +36 -0
- package/dist/wirings/ai-agent/ai-agent-prepare.d.ts +60 -0
- package/dist/wirings/ai-agent/ai-agent-prepare.js +312 -0
- package/dist/wirings/ai-agent/ai-agent-registry.d.ts +15 -0
- package/dist/wirings/ai-agent/ai-agent-registry.js +47 -0
- package/dist/wirings/ai-agent/ai-agent-runner.d.ts +3 -0
- package/dist/wirings/ai-agent/ai-agent-runner.js +96 -0
- package/dist/wirings/ai-agent/ai-agent-stream.d.ts +11 -0
- package/dist/wirings/ai-agent/ai-agent-stream.js +503 -0
- package/dist/wirings/ai-agent/ai-agent.types.d.ts +254 -0
- package/dist/wirings/ai-agent/ai-agent.types.js +1 -0
- package/dist/wirings/ai-agent/index.d.ts +5 -0
- package/dist/wirings/ai-agent/index.js +4 -0
- package/dist/wirings/channel/channel-common.d.ts +7 -4
- package/dist/wirings/channel/channel-common.js +15 -8
- package/dist/wirings/channel/channel-handler.js +12 -3
- package/dist/wirings/channel/channel-middleware-runner.d.ts +9 -0
- package/dist/wirings/channel/channel-middleware-runner.js +73 -0
- package/dist/wirings/channel/channel-runner.js +7 -7
- package/dist/wirings/channel/channel.types.d.ts +5 -1
- package/dist/wirings/channel/define-channel-routes.d.ts +21 -0
- package/dist/wirings/channel/define-channel-routes.js +23 -0
- package/dist/wirings/channel/index.d.ts +10 -8
- package/dist/wirings/channel/index.js +7 -8
- package/dist/wirings/channel/local/index.d.ts +3 -3
- package/dist/wirings/channel/local/index.js +3 -3
- package/dist/wirings/channel/local/local-channel-runner.js +18 -6
- package/dist/wirings/channel/serverless/index.d.ts +1 -1
- package/dist/wirings/channel/serverless/index.js +1 -1
- package/dist/wirings/channel/serverless/serverless-channel-runner.js +15 -4
- package/dist/wirings/cli/channel/index.d.ts +1 -1
- package/dist/wirings/cli/channel/index.js +1 -1
- package/dist/wirings/cli/cli-runner.d.ts +1 -1
- package/dist/wirings/cli/cli-runner.js +12 -8
- package/dist/wirings/cli/cli.types.d.ts +6 -6
- package/dist/wirings/cli/define-cli-commands.d.ts +19 -0
- package/dist/wirings/cli/define-cli-commands.js +20 -0
- package/dist/wirings/cli/index.d.ts +2 -3
- package/dist/wirings/cli/index.js +1 -3
- package/dist/wirings/http/http-routes.d.ts +69 -0
- package/dist/wirings/http/http-routes.js +139 -0
- package/dist/wirings/http/http-runner.js +49 -23
- package/dist/wirings/http/http.types.d.ts +78 -38
- package/dist/wirings/http/index.d.ts +5 -4
- package/dist/wirings/http/index.js +4 -3
- package/dist/wirings/mcp/index.d.ts +4 -3
- package/dist/wirings/mcp/index.js +3 -3
- package/dist/wirings/mcp/mcp-runner.d.ts +1 -3
- package/dist/wirings/mcp/mcp-runner.js +25 -39
- package/dist/wirings/mcp/mcp.types.d.ts +3 -3
- package/dist/wirings/node/index.d.ts +2 -0
- package/dist/wirings/node/index.js +1 -0
- package/dist/wirings/node/node.types.d.ts +20 -0
- package/dist/wirings/node/node.types.js +1 -0
- package/dist/wirings/oauth2/index.d.ts +3 -0
- package/dist/wirings/oauth2/index.js +2 -0
- package/dist/wirings/oauth2/oauth2-client.d.ts +47 -0
- package/dist/wirings/oauth2/oauth2-client.js +267 -0
- package/dist/wirings/oauth2/oauth2.types.d.ts +65 -0
- package/dist/wirings/oauth2/oauth2.types.js +4 -0
- package/dist/wirings/oauth2/wire-oauth2-credential.d.ts +20 -0
- package/dist/wirings/oauth2/wire-oauth2-credential.js +21 -0
- package/dist/wirings/queue/index.d.ts +2 -2
- package/dist/wirings/queue/index.js +1 -1
- package/dist/wirings/queue/queue-runner.d.ts +7 -0
- package/dist/wirings/queue/queue-runner.js +17 -6
- package/dist/wirings/queue/queue.types.d.ts +8 -2
- package/dist/wirings/rpc/index.d.ts +1 -1
- package/dist/wirings/rpc/index.js +1 -1
- package/dist/wirings/rpc/rpc-runner.d.ts +33 -5
- package/dist/wirings/rpc/rpc-runner.js +134 -16
- package/dist/wirings/rpc/rpc-types.d.ts +8 -4
- package/dist/wirings/scheduler/index.d.ts +3 -3
- package/dist/wirings/scheduler/index.js +2 -3
- package/dist/wirings/scheduler/scheduler-runner.d.ts +5 -0
- package/dist/wirings/scheduler/scheduler-runner.js +23 -5
- package/dist/wirings/secret/index.d.ts +3 -0
- package/dist/wirings/secret/index.js +2 -0
- package/dist/wirings/secret/secret.types.d.ts +27 -0
- package/dist/wirings/secret/secret.types.js +1 -0
- package/dist/wirings/secret/validate-secret-definitions.d.ts +6 -0
- package/dist/wirings/secret/validate-secret-definitions.js +55 -0
- package/dist/wirings/trigger/index.d.ts +3 -2
- package/dist/wirings/trigger/index.js +2 -2
- package/dist/wirings/trigger/pikku-trigger-service.d.ts +26 -0
- package/dist/wirings/trigger/pikku-trigger-service.js +75 -0
- package/dist/wirings/trigger/trigger-runner.d.ts +21 -8
- package/dist/wirings/trigger/trigger-runner.js +46 -18
- package/dist/wirings/trigger/trigger.types.d.ts +99 -11
- package/dist/wirings/trigger/trigger.types.js +40 -1
- package/dist/wirings/variable/index.d.ts +3 -0
- package/dist/wirings/variable/index.js +2 -0
- package/dist/wirings/variable/validate-variable-definitions.d.ts +6 -0
- package/dist/wirings/variable/validate-variable-definitions.js +45 -0
- package/dist/wirings/variable/variable.types.d.ts +18 -0
- package/dist/wirings/variable/variable.types.js +1 -0
- package/dist/wirings/workflow/dsl/index.d.ts +1 -1
- package/dist/wirings/workflow/dsl/workflow-dsl.types.d.ts +7 -1
- package/dist/wirings/workflow/dsl/workflow-runner.js +3 -2
- package/dist/wirings/workflow/graph/graph-node.d.ts +1 -6
- package/dist/wirings/workflow/graph/graph-runner.d.ts +5 -31
- package/dist/wirings/workflow/graph/graph-runner.js +384 -296
- package/dist/wirings/workflow/graph/index.d.ts +4 -3
- package/dist/wirings/workflow/graph/index.js +3 -3
- package/dist/wirings/workflow/graph/template.d.ts +15 -0
- package/dist/wirings/workflow/graph/template.js +27 -0
- package/dist/wirings/workflow/graph/wire-workflow-graph.d.ts +15 -0
- package/dist/wirings/workflow/graph/wire-workflow-graph.js +8 -0
- package/dist/wirings/workflow/graph/workflow-graph.types.d.ts +0 -13
- package/dist/wirings/workflow/index.d.ts +6 -6
- package/dist/wirings/workflow/index.js +6 -4
- package/dist/wirings/workflow/pikku-workflow-service.d.ts +28 -14
- package/dist/wirings/workflow/pikku-workflow-service.js +200 -56
- package/dist/wirings/workflow/workflow-helpers.d.ts +36 -0
- package/dist/wirings/workflow/workflow-helpers.js +38 -0
- package/dist/wirings/workflow/workflow-utils.d.ts +1 -23
- package/dist/wirings/workflow/workflow-utils.js +1 -66
- package/dist/wirings/workflow/workflow.types.d.ts +40 -93
- package/package.json +13 -15
- package/run-tests.sh +4 -1
- package/src/crypto-utils.ts +99 -0
- package/src/errors/errors.ts +17 -0
- package/src/errors/index.ts +0 -1
- package/src/factory-functions.test.ts +42 -2
- package/src/function/function-runner.test.ts +4 -11
- package/src/function/function-runner.ts +114 -29
- package/src/function/functions.types.ts +62 -132
- package/src/function/index.ts +5 -2
- package/src/handle-error.ts +2 -10
- package/src/index.ts +99 -25
- package/src/middleware/auth-apikey.test.ts +15 -12
- package/src/middleware/auth-apikey.ts +3 -3
- package/src/middleware/auth-bearer.test.ts +17 -14
- package/src/middleware/auth-bearer.ts +25 -27
- package/src/middleware/auth-cookie.test.ts +16 -13
- package/src/middleware/auth-cookie.ts +6 -8
- package/src/middleware/cors.ts +96 -0
- package/src/middleware/index.ts +5 -3
- package/src/middleware/remote-auth.ts +68 -0
- package/src/middleware-runner.test.ts +122 -0
- package/src/middleware-runner.ts +12 -12
- package/src/permissions.test.ts +81 -7
- package/src/permissions.ts +15 -17
- package/src/pikku-state.ts +20 -8
- package/src/run-tests-script.test.ts +49 -0
- package/src/schema.ts +18 -15
- package/src/services/ai-agent-runner-service.ts +29 -0
- package/src/services/ai-run-state-service.ts +20 -0
- package/src/services/ai-storage-service.ts +39 -0
- package/src/services/deployment-service.ts +22 -0
- package/src/services/gopass-secrets.ts +95 -0
- package/src/services/in-memory-trigger-service.ts +68 -0
- package/src/services/in-memory-workflow-service.ts +395 -0
- package/src/services/index.ts +49 -14
- package/src/services/local-secrets.ts +51 -0
- package/src/services/local-variables.ts +22 -0
- package/src/services/scheduler-service.ts +29 -1
- package/src/services/schema-service.ts +7 -0
- package/src/services/scoped-secret-service.ts +41 -0
- package/src/services/secret-service.ts +25 -4
- package/src/services/trigger-service.ts +38 -0
- package/src/services/typed-secret-service.ts +70 -0
- package/src/services/typed-variables-service.ts +81 -0
- package/src/services/user-session-service.ts +23 -0
- package/src/services/variables-service.ts +5 -0
- package/src/services/workflow-service.ts +22 -2
- package/src/types/core.types.ts +76 -11
- package/src/types/state.types.ts +37 -63
- package/src/utils.ts +20 -6
- package/src/version.test.ts +80 -0
- package/src/version.ts +25 -0
- package/src/wirings/ai-agent/ai-agent-memory.ts +300 -0
- package/src/wirings/ai-agent/ai-agent-model-config.ts +43 -0
- package/src/wirings/ai-agent/ai-agent-prepare.ts +470 -0
- package/src/wirings/ai-agent/ai-agent-registry.test.ts +37 -0
- package/src/wirings/ai-agent/ai-agent-registry.ts +82 -0
- package/src/wirings/ai-agent/ai-agent-runner.test.ts +75 -0
- package/src/wirings/ai-agent/ai-agent-runner.ts +137 -0
- package/src/wirings/ai-agent/ai-agent-stream.test.ts +246 -0
- package/src/wirings/ai-agent/ai-agent-stream.ts +774 -0
- package/src/wirings/ai-agent/ai-agent.types.ts +273 -0
- package/src/wirings/ai-agent/index.ts +28 -0
- package/src/wirings/channel/channel-common.ts +32 -19
- package/src/wirings/channel/channel-handler.ts +17 -4
- package/src/wirings/channel/channel-middleware-runner.ts +119 -0
- package/src/wirings/channel/channel-runner.ts +9 -10
- package/src/wirings/channel/channel.types.ts +17 -1
- package/src/wirings/channel/define-channel-routes.ts +25 -0
- package/src/wirings/channel/index.ts +23 -8
- package/src/wirings/channel/local/index.ts +3 -3
- package/src/wirings/channel/local/local-channel-runner.test.ts +44 -1
- package/src/wirings/channel/local/local-channel-runner.ts +22 -6
- package/src/wirings/channel/serverless/index.ts +5 -1
- package/src/wirings/channel/serverless/serverless-channel-runner.ts +20 -4
- package/src/wirings/cli/channel/index.ts +1 -1
- package/src/wirings/cli/cli-runner.test.ts +9 -9
- package/src/wirings/cli/cli-runner.ts +17 -10
- package/src/wirings/cli/cli.types.ts +11 -11
- package/src/wirings/cli/command-parser.test.ts +8 -8
- package/src/wirings/cli/define-cli-commands.ts +24 -0
- package/src/wirings/cli/index.ts +10 -4
- package/src/wirings/http/http-routes.test.ts +322 -0
- package/src/wirings/http/http-routes.ts +198 -0
- package/src/wirings/http/http-runner.test.ts +3 -3
- package/src/wirings/http/http-runner.ts +63 -29
- package/src/wirings/http/http.types.ts +121 -37
- package/src/wirings/http/index.ts +16 -4
- package/src/wirings/mcp/index.ts +27 -3
- package/src/wirings/mcp/mcp-endpoint-registry.test.ts +3 -3
- package/src/wirings/mcp/mcp-runner.ts +39 -50
- package/src/wirings/mcp/mcp.types.ts +3 -3
- package/src/wirings/node/index.ts +2 -0
- package/src/wirings/node/node.types.ts +23 -0
- package/src/wirings/oauth2/index.ts +3 -0
- package/src/wirings/oauth2/oauth2-client.test.ts +929 -0
- package/src/wirings/oauth2/oauth2-client.ts +335 -0
- package/src/wirings/oauth2/oauth2.types.ts +69 -0
- package/src/wirings/oauth2/wire-oauth2-credential.ts +23 -0
- package/src/wirings/queue/index.ts +14 -2
- package/src/wirings/queue/queue-runner.test.ts +97 -55
- package/src/wirings/queue/queue-runner.ts +33 -7
- package/src/wirings/queue/queue.types.ts +12 -2
- package/src/wirings/rpc/index.ts +1 -1
- package/src/wirings/rpc/rpc-runner.ts +187 -17
- package/src/wirings/rpc/rpc-types.ts +13 -4
- package/src/wirings/scheduler/index.ts +7 -4
- package/src/wirings/scheduler/scheduler-runner.test.ts +70 -26
- package/src/wirings/scheduler/scheduler-runner.ts +45 -5
- package/src/wirings/secret/index.ts +9 -0
- package/src/wirings/secret/secret.types.ts +32 -0
- package/src/wirings/secret/validate-secret-definitions.ts +82 -0
- package/src/wirings/trigger/index.ts +10 -2
- package/src/wirings/trigger/pikku-trigger-service.ts +134 -0
- package/src/wirings/trigger/trigger-runner.ts +80 -38
- package/src/wirings/trigger/trigger.types.ts +144 -22
- package/src/wirings/variable/index.ts +8 -0
- package/src/wirings/variable/validate-variable-definitions.ts +69 -0
- package/src/wirings/variable/variable.types.ts +22 -0
- package/src/wirings/workflow/dsl/index.ts +1 -0
- package/src/wirings/workflow/dsl/workflow-dsl.types.ts +9 -1
- package/src/wirings/workflow/dsl/workflow-runner.ts +4 -3
- package/src/wirings/workflow/graph/graph-node.ts +1 -6
- package/src/wirings/workflow/graph/graph-runner.test.ts +495 -0
- package/src/wirings/workflow/graph/graph-runner.ts +496 -374
- package/src/wirings/workflow/graph/index.ts +14 -3
- package/src/wirings/workflow/graph/template.ts +42 -0
- package/src/wirings/workflow/graph/wire-workflow-graph.ts +29 -0
- package/src/wirings/workflow/graph/workflow-graph.types.ts +0 -22
- package/src/wirings/workflow/index.ts +21 -10
- package/src/wirings/workflow/pikku-workflow-service.test.ts +212 -0
- package/src/wirings/workflow/pikku-workflow-service.ts +285 -66
- package/src/wirings/workflow/workflow-helpers.ts +79 -0
- package/src/wirings/workflow/workflow-utils.ts +0 -120
- package/src/wirings/workflow/workflow.types.ts +45 -90
- package/tsconfig.tsbuildinfo +1 -1
- package/dist/wirings/forge-node/forge-node.types.d.ts +0 -120
- package/dist/wirings/forge-node/forge-node.types.js +0 -38
- package/dist/wirings/forge-node/index.d.ts +0 -1
- package/dist/wirings/forge-node/index.js +0 -1
- package/dist/wirings/workflow/wire-workflow.d.ts +0 -42
- package/dist/wirings/workflow/wire-workflow.js +0 -53
- package/src/wirings/forge-node/forge-node.types.ts +0 -135
- package/src/wirings/forge-node/index.ts +0 -1
- package/src/wirings/workflow/wire-workflow.ts +0 -94
package/dist/function/index.d.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export
|
|
2
|
-
export
|
|
1
|
+
export { addFunction, getAllFunctionNames } from './function-runner.js';
|
|
2
|
+
export type { CorePikkuFunction, CorePikkuFunctionSessionless, } from './functions.types.js';
|
package/dist/function/index.js
CHANGED
|
@@ -1,2 +1 @@
|
|
|
1
|
-
export
|
|
2
|
-
export * from './functions.types.js';
|
|
1
|
+
export { addFunction, getAllFunctionNames } from './function-runner.js';
|
package/dist/handle-error.js
CHANGED
|
@@ -43,17 +43,8 @@ export const handleHTTPError = (e, http, trackerId, logger, logWarningsForStatus
|
|
|
43
43
|
http?.response?.json({ errorId: trackerId });
|
|
44
44
|
}
|
|
45
45
|
}
|
|
46
|
-
// Handle 404 errors specifically
|
|
47
|
-
if (e instanceof NotFoundError) {
|
|
48
|
-
// TODO
|
|
49
|
-
// http?.response?.end()
|
|
50
|
-
}
|
|
51
|
-
// Either bubble up or end the response
|
|
52
46
|
if (bubbleError) {
|
|
53
47
|
throw e;
|
|
54
48
|
}
|
|
55
|
-
|
|
56
|
-
// TODO
|
|
57
|
-
// http?.response?.end()
|
|
58
|
-
}
|
|
49
|
+
http?.response?.close?.();
|
|
59
50
|
};
|
package/dist/index.d.ts
CHANGED
|
@@ -1,32 +1,34 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* @module @pikku/core
|
|
3
3
|
*/
|
|
4
|
-
export
|
|
5
|
-
export
|
|
6
|
-
export
|
|
7
|
-
export
|
|
8
|
-
export
|
|
9
|
-
export
|
|
10
|
-
export
|
|
11
|
-
export
|
|
12
|
-
export
|
|
13
|
-
export
|
|
14
|
-
export
|
|
15
|
-
export
|
|
16
|
-
export
|
|
17
|
-
export
|
|
18
|
-
export
|
|
19
|
-
export
|
|
20
|
-
export
|
|
21
|
-
export
|
|
22
|
-
export
|
|
23
|
-
export
|
|
24
|
-
export
|
|
25
|
-
export
|
|
26
|
-
export
|
|
27
|
-
export
|
|
28
|
-
export
|
|
29
|
-
export { pikkuState, initializePikkuState, resetPikkuState, addPackageServiceFactories, } from './pikku-state.js';
|
|
4
|
+
export type { CommonWireMeta, CoreConfig, CorePikkuMiddleware, CorePikkuMiddlewareConfig, CorePikkuMiddlewareFactory, CorePikkuMiddlewareGroup, CoreServices, CoreSingletonServices, CoreUserSession, CreateConfig, CreateSingletonServices, CreateWireServices, FunctionMeta, FunctionRuntimeMeta, FunctionServicesMeta, FunctionWiresMeta, FunctionsMeta, FunctionsRuntimeMeta, JSONPrimitive, JSONValue, MakeRequired, MiddlewareMetadata, PermissionMetadata, PickOptional, PickRequired, PikkuAIMiddlewareHooks, PikkuWire, PikkuWiringTypes, RequireAtLeastOne, SerializedError, WireServices, } from './types/core.types.js';
|
|
5
|
+
export { pikkuAIMiddleware, pikkuChannelMiddleware, pikkuChannelMiddlewareFactory, pikkuMiddleware, pikkuMiddlewareFactory, } from './types/core.types.js';
|
|
6
|
+
export type { CorePikkuAuth, CorePikkuAuthConfig, CorePikkuFunction, CorePikkuFunctionConfig, CorePikkuPermission, CorePikkuPermissionConfig, CorePikkuPermissionFactory, CorePermissionGroup, ZodLike, } from './function/functions.types.js';
|
|
7
|
+
export { pikkuAuth, pikkuPermission, pikkuPermissionFactory, } from './function/functions.types.js';
|
|
8
|
+
export { addFunction, getAllFunctionNames } from './function/index.js';
|
|
9
|
+
export { PikkuRequest } from './pikku-request.js';
|
|
10
|
+
export { getRelativeTimeOffsetFromNow, parseDurationString, } from './time-utils.js';
|
|
11
|
+
export type { RelativeTimeInput } from './time-utils.js';
|
|
12
|
+
export { formatVersionedId, isVersionedId, parseVersionedId, } from './version.js';
|
|
13
|
+
export { pikkuState, initializePikkuState, resetPikkuState, addPackageServiceFactories, getPikkuMetaDir, } from './pikku-state.js';
|
|
14
|
+
export { runPikkuFunc } from './function/function-runner.js';
|
|
15
|
+
export { runCLICommand, pikkuCLIRender } from './wirings/cli/cli-runner.js';
|
|
16
|
+
export { fetch } from './wirings/http/http-runner.js';
|
|
17
|
+
export { runMCPTool, runMCPResource, runMCPPrompt, } from './wirings/mcp/mcp-runner.js';
|
|
18
|
+
export type { MCPToolResponse, MCPResourceResponse, MCPPromptResponse, } from './wirings/mcp/mcp.types.js';
|
|
19
|
+
export { runQueueJob } from './wirings/queue/queue-runner.js';
|
|
20
|
+
export { runScheduledTask } from './wirings/scheduler/scheduler-runner.js';
|
|
21
|
+
export { NotFoundError } from './errors/errors.js';
|
|
22
|
+
export type { EventHubService } from './wirings/channel/eventhub-service.js';
|
|
23
|
+
export type { QueueService } from './wirings/queue/queue.types.js';
|
|
24
|
+
export type { JWTService } from './services/jwt-service.js';
|
|
25
|
+
export type { HTTPMethod } from './wirings/http/http.types.js';
|
|
26
|
+
export type { GraphNodeConfig } from './wirings/workflow/graph/workflow-graph.types.js';
|
|
27
|
+
export { createGraph } from './wirings/workflow/graph/graph-node.js';
|
|
28
|
+
export { workflow as wireWorkflow } from './wirings/workflow/workflow-helpers.js';
|
|
30
29
|
export type { PikkuPackageState } from './types/state.types.js';
|
|
31
30
|
export { runMiddleware, addMiddleware } from './middleware-runner.js';
|
|
32
31
|
export { addPermission } from './permissions.js';
|
|
32
|
+
export { isSerializable, stopSingletonServices } from './utils.js';
|
|
33
|
+
export { type ScheduledTaskInfo, type ScheduledTaskSummary, type SchedulerRuntimeHandlers, } from './services/scheduler-service.js';
|
|
34
|
+
export { SchedulerService } from './services/scheduler-service.js';
|
package/dist/index.js
CHANGED
|
@@ -1,31 +1,20 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
export
|
|
5
|
-
export
|
|
6
|
-
export
|
|
7
|
-
export
|
|
8
|
-
export
|
|
9
|
-
export
|
|
10
|
-
export
|
|
11
|
-
export
|
|
12
|
-
export
|
|
13
|
-
export
|
|
14
|
-
export
|
|
15
|
-
export
|
|
16
|
-
export
|
|
17
|
-
export * from './wirings/rpc/index.js';
|
|
18
|
-
export * from './wirings/queue/index.js';
|
|
19
|
-
export * from './wirings/workflow/index.js';
|
|
20
|
-
export * from './wirings/workflow/graph/index.js';
|
|
21
|
-
export * from './wirings/mcp/index.js';
|
|
22
|
-
export * from './wirings/cli/index.js';
|
|
23
|
-
export * from './wirings/forge-node/index.js';
|
|
24
|
-
export * from './wirings/trigger/index.js';
|
|
25
|
-
export * from './errors/index.js';
|
|
26
|
-
export * from './middleware/index.js';
|
|
27
|
-
export * from './utils.js';
|
|
28
|
-
export * from './time-utils.js';
|
|
29
|
-
export { pikkuState, initializePikkuState, resetPikkuState, addPackageServiceFactories, } from './pikku-state.js';
|
|
1
|
+
export { pikkuAIMiddleware, pikkuChannelMiddleware, pikkuChannelMiddlewareFactory, pikkuMiddleware, pikkuMiddlewareFactory, } from './types/core.types.js';
|
|
2
|
+
export { pikkuAuth, pikkuPermission, pikkuPermissionFactory, } from './function/functions.types.js';
|
|
3
|
+
export { addFunction, getAllFunctionNames } from './function/index.js';
|
|
4
|
+
export { PikkuRequest } from './pikku-request.js';
|
|
5
|
+
export { getRelativeTimeOffsetFromNow, parseDurationString, } from './time-utils.js';
|
|
6
|
+
export { formatVersionedId, isVersionedId, parseVersionedId, } from './version.js';
|
|
7
|
+
export { pikkuState, initializePikkuState, resetPikkuState, addPackageServiceFactories, getPikkuMetaDir, } from './pikku-state.js';
|
|
8
|
+
export { runPikkuFunc } from './function/function-runner.js';
|
|
9
|
+
export { runCLICommand, pikkuCLIRender } from './wirings/cli/cli-runner.js';
|
|
10
|
+
export { fetch } from './wirings/http/http-runner.js';
|
|
11
|
+
export { runMCPTool, runMCPResource, runMCPPrompt, } from './wirings/mcp/mcp-runner.js';
|
|
12
|
+
export { runQueueJob } from './wirings/queue/queue-runner.js';
|
|
13
|
+
export { runScheduledTask } from './wirings/scheduler/scheduler-runner.js';
|
|
14
|
+
export { NotFoundError } from './errors/errors.js';
|
|
15
|
+
export { createGraph } from './wirings/workflow/graph/graph-node.js';
|
|
16
|
+
export { workflow as wireWorkflow } from './wirings/workflow/workflow-helpers.js';
|
|
30
17
|
export { runMiddleware, addMiddleware } from './middleware-runner.js';
|
|
31
18
|
export { addPermission } from './permissions.js';
|
|
19
|
+
export { isSerializable, stopSingletonServices } from './utils.js';
|
|
20
|
+
export { SchedulerService } from './services/scheduler-service.js';
|
|
@@ -18,7 +18,7 @@
|
|
|
18
18
|
export declare const authAPIKey: import("../types/core.types.js").CorePikkuMiddlewareFactory<{
|
|
19
19
|
source: "header" | "query" | "all";
|
|
20
20
|
}, import("../types/core.types.js").CoreSingletonServices<{
|
|
21
|
-
logLevel?: import("../
|
|
21
|
+
logLevel?: import("../services/logger.js").LogLevel;
|
|
22
22
|
secrets?: {};
|
|
23
|
-
workflow?: import("../
|
|
23
|
+
workflow?: import("../wirings/workflow/workflow.types.js").WorkflowServiceConfig;
|
|
24
24
|
}>, import("../types/core.types.js").CoreUserSession>;
|
|
@@ -16,8 +16,8 @@ import { pikkuMiddleware, pikkuMiddlewareFactory } from '../types/core.types.js'
|
|
|
16
16
|
* ])
|
|
17
17
|
* ```
|
|
18
18
|
*/
|
|
19
|
-
export const authAPIKey = pikkuMiddlewareFactory(({ source }) => pikkuMiddleware(async ({ jwt: jwtService }, { http, session
|
|
20
|
-
if (!http?.request || !
|
|
19
|
+
export const authAPIKey = pikkuMiddlewareFactory(({ source }) => pikkuMiddleware(async ({ jwt: jwtService }, { http, setSession, session }, next) => {
|
|
20
|
+
if (!http?.request || !setSession || session) {
|
|
21
21
|
return next();
|
|
22
22
|
}
|
|
23
23
|
let apiKey = null;
|
|
@@ -30,7 +30,7 @@ export const authAPIKey = pikkuMiddlewareFactory(({ source }) => pikkuMiddleware
|
|
|
30
30
|
if (apiKey && jwtService) {
|
|
31
31
|
const userSession = await jwtService.decode(apiKey);
|
|
32
32
|
if (userSession) {
|
|
33
|
-
|
|
33
|
+
setSession?.(userSession);
|
|
34
34
|
}
|
|
35
35
|
}
|
|
36
36
|
return next();
|
|
@@ -34,7 +34,7 @@ export declare const authBearer: import("../types/core.types.js").CorePikkuMiddl
|
|
|
34
34
|
userSession: CoreUserSession;
|
|
35
35
|
};
|
|
36
36
|
}, import("../types/core.types.js").CoreSingletonServices<{
|
|
37
|
-
logLevel?: import("../
|
|
37
|
+
logLevel?: import("../services/logger.js").LogLevel;
|
|
38
38
|
secrets?: {};
|
|
39
|
-
workflow?: import("../
|
|
39
|
+
workflow?: import("../wirings/workflow/workflow.types.js").WorkflowServiceConfig;
|
|
40
40
|
}>, CoreUserSession>;
|
|
@@ -29,9 +29,8 @@ import { pikkuMiddleware, pikkuMiddlewareFactory, } from '../types/core.types.js
|
|
|
29
29
|
* ])
|
|
30
30
|
* ```
|
|
31
31
|
*/
|
|
32
|
-
export const authBearer = pikkuMiddlewareFactory(({ token } = {}) => pikkuMiddleware(async ({ jwt: jwtService }, { http, session }, next) => {
|
|
33
|
-
|
|
34
|
-
if (!http?.request || !session || session.get()) {
|
|
32
|
+
export const authBearer = pikkuMiddlewareFactory(({ token } = {}) => pikkuMiddleware(async ({ jwt: jwtService }, { http, setSession, session }, next) => {
|
|
33
|
+
if (!http?.request || !setSession || session) {
|
|
35
34
|
return next();
|
|
36
35
|
}
|
|
37
36
|
const authHeader = http.request.header('authorization') ||
|
|
@@ -42,16 +41,14 @@ export const authBearer = pikkuMiddlewareFactory(({ token } = {}) => pikkuMiddle
|
|
|
42
41
|
throw new InvalidSessionError();
|
|
43
42
|
}
|
|
44
43
|
let userSession = null;
|
|
45
|
-
// If static token provided, validate against it
|
|
46
44
|
if (token && bearerToken === token.value) {
|
|
47
45
|
userSession = token.userSession;
|
|
48
46
|
}
|
|
49
|
-
// Otherwise, default to JWT decoding
|
|
50
47
|
else if (jwtService && !token) {
|
|
51
48
|
userSession = await jwtService.decode(bearerToken);
|
|
52
49
|
}
|
|
53
50
|
if (userSession) {
|
|
54
|
-
|
|
51
|
+
setSession?.(userSession);
|
|
55
52
|
}
|
|
56
53
|
}
|
|
57
54
|
return next();
|
|
@@ -33,7 +33,7 @@ export declare const authCookie: import("../types/core.types.js").CorePikkuMiddl
|
|
|
33
33
|
options: SerializeOptions;
|
|
34
34
|
expiresIn: RelativeTimeInput;
|
|
35
35
|
}, import("../types/core.types.js").CoreSingletonServices<{
|
|
36
|
-
logLevel?: import("../
|
|
36
|
+
logLevel?: import("../services/logger.js").LogLevel;
|
|
37
37
|
secrets?: {};
|
|
38
|
-
workflow?: import("../
|
|
38
|
+
workflow?: import("../wirings/workflow/workflow.types.js").WorkflowServiceConfig;
|
|
39
39
|
}>, import("../types/core.types.js").CoreUserSession>;
|
|
@@ -28,27 +28,25 @@ import { getRelativeTimeOffsetFromNow, } from '../time-utils.js';
|
|
|
28
28
|
* ])
|
|
29
29
|
* ```
|
|
30
30
|
*/
|
|
31
|
-
export const authCookie = pikkuMiddlewareFactory(({ name, options, expiresIn }) => pikkuMiddleware(async ({ jwt: jwtService, logger }, { http, session
|
|
32
|
-
if (!http?.request || !
|
|
31
|
+
export const authCookie = pikkuMiddlewareFactory(({ name, options, expiresIn }) => pikkuMiddleware(async ({ jwt: jwtService, logger }, { http, setSession, getSession, session, hasSessionChanged }, next) => {
|
|
32
|
+
if (!http?.request || !setSession || session) {
|
|
33
33
|
return next();
|
|
34
34
|
}
|
|
35
|
-
// Try to decode session from cookie
|
|
36
35
|
const cookieValue = http.request.cookie(name);
|
|
37
36
|
if (cookieValue && jwtService) {
|
|
38
37
|
const userSession = await jwtService.decode(cookieValue);
|
|
39
38
|
if (userSession) {
|
|
40
|
-
|
|
39
|
+
setSession?.(userSession);
|
|
41
40
|
}
|
|
42
41
|
}
|
|
43
42
|
await next();
|
|
44
|
-
// Set the cookie in the response if the session has changed
|
|
45
43
|
if (!http?.response) {
|
|
46
44
|
return;
|
|
47
45
|
}
|
|
48
|
-
if (
|
|
49
|
-
const
|
|
46
|
+
if (hasSessionChanged?.()) {
|
|
47
|
+
const currentSession = await getSession?.();
|
|
50
48
|
if (jwtService) {
|
|
51
|
-
http.response.cookie(name, await jwtService.encode(expiresIn,
|
|
49
|
+
http.response.cookie(name, await jwtService.encode(expiresIn, currentSession), {
|
|
52
50
|
...options,
|
|
53
51
|
expires: getRelativeTimeOffsetFromNow(expiresIn),
|
|
54
52
|
});
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* CORS middleware that handles cross-origin requests including OPTIONS preflight.
|
|
3
|
+
*
|
|
4
|
+
* Sets appropriate CORS headers on all responses and short-circuits OPTIONS
|
|
5
|
+
* preflight requests with a 204 No Content response.
|
|
6
|
+
*
|
|
7
|
+
* @param options.origin - Allowed origin(s). Use `'*'` for any origin, a string for a single origin, or an array for multiple origins. Defaults to `'*'`.
|
|
8
|
+
* @param options.methods - Allowed HTTP methods. Defaults to common methods.
|
|
9
|
+
* @param options.headers - Allowed request headers. Defaults to common headers.
|
|
10
|
+
* @param options.credentials - Whether to allow credentials. Defaults to `false`.
|
|
11
|
+
* @param options.maxAge - Preflight cache duration in seconds. Defaults to `86400` (24 hours).
|
|
12
|
+
*
|
|
13
|
+
* @example
|
|
14
|
+
* ```typescript
|
|
15
|
+
* import { cors } from '@pikku/core/middleware'
|
|
16
|
+
*
|
|
17
|
+
* // Allow all origins
|
|
18
|
+
* addHTTPMiddleware('*', [cors()])
|
|
19
|
+
*
|
|
20
|
+
* // Specific origin with credentials
|
|
21
|
+
* addHTTPMiddleware('*', [
|
|
22
|
+
* cors({
|
|
23
|
+
* origin: 'https://app.example.com',
|
|
24
|
+
* credentials: true,
|
|
25
|
+
* })
|
|
26
|
+
* ])
|
|
27
|
+
*
|
|
28
|
+
* // Multiple origins
|
|
29
|
+
* addHTTPMiddleware('*', [
|
|
30
|
+
* cors({
|
|
31
|
+
* origin: ['https://app.example.com', 'https://admin.example.com'],
|
|
32
|
+
* })
|
|
33
|
+
* ])
|
|
34
|
+
* ```
|
|
35
|
+
*/
|
|
36
|
+
export declare const cors: import("../types/core.types.js").CorePikkuMiddlewareFactory<{
|
|
37
|
+
origin?: string | string[];
|
|
38
|
+
methods?: string[];
|
|
39
|
+
headers?: string[];
|
|
40
|
+
credentials?: boolean;
|
|
41
|
+
maxAge?: number;
|
|
42
|
+
}, import("../types/core.types.js").CoreSingletonServices<{
|
|
43
|
+
logLevel?: import("../services/logger.js").LogLevel;
|
|
44
|
+
secrets?: {};
|
|
45
|
+
workflow?: import("../wirings/workflow/workflow.types.js").WorkflowServiceConfig;
|
|
46
|
+
}>, import("../types/core.types.js").CoreUserSession>;
|
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
import { pikkuMiddleware, pikkuMiddlewareFactory } from '../types/core.types.js';
|
|
2
|
+
/**
|
|
3
|
+
* CORS middleware that handles cross-origin requests including OPTIONS preflight.
|
|
4
|
+
*
|
|
5
|
+
* Sets appropriate CORS headers on all responses and short-circuits OPTIONS
|
|
6
|
+
* preflight requests with a 204 No Content response.
|
|
7
|
+
*
|
|
8
|
+
* @param options.origin - Allowed origin(s). Use `'*'` for any origin, a string for a single origin, or an array for multiple origins. Defaults to `'*'`.
|
|
9
|
+
* @param options.methods - Allowed HTTP methods. Defaults to common methods.
|
|
10
|
+
* @param options.headers - Allowed request headers. Defaults to common headers.
|
|
11
|
+
* @param options.credentials - Whether to allow credentials. Defaults to `false`.
|
|
12
|
+
* @param options.maxAge - Preflight cache duration in seconds. Defaults to `86400` (24 hours).
|
|
13
|
+
*
|
|
14
|
+
* @example
|
|
15
|
+
* ```typescript
|
|
16
|
+
* import { cors } from '@pikku/core/middleware'
|
|
17
|
+
*
|
|
18
|
+
* // Allow all origins
|
|
19
|
+
* addHTTPMiddleware('*', [cors()])
|
|
20
|
+
*
|
|
21
|
+
* // Specific origin with credentials
|
|
22
|
+
* addHTTPMiddleware('*', [
|
|
23
|
+
* cors({
|
|
24
|
+
* origin: 'https://app.example.com',
|
|
25
|
+
* credentials: true,
|
|
26
|
+
* })
|
|
27
|
+
* ])
|
|
28
|
+
*
|
|
29
|
+
* // Multiple origins
|
|
30
|
+
* addHTTPMiddleware('*', [
|
|
31
|
+
* cors({
|
|
32
|
+
* origin: ['https://app.example.com', 'https://admin.example.com'],
|
|
33
|
+
* })
|
|
34
|
+
* ])
|
|
35
|
+
* ```
|
|
36
|
+
*/
|
|
37
|
+
export const cors = pikkuMiddlewareFactory(({ origin = '*', methods = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'], headers = ['Content-Type', 'Authorization', 'x-api-key'], credentials = false, maxAge = 86400, } = {}) => pikkuMiddleware({
|
|
38
|
+
name: 'CORS',
|
|
39
|
+
description: 'Handles cross-origin requests including OPTIONS preflight',
|
|
40
|
+
func: async (_services, wires, next) => {
|
|
41
|
+
const request = wires.http?.request;
|
|
42
|
+
const response = wires.http?.response;
|
|
43
|
+
if (!request || !response) {
|
|
44
|
+
return next();
|
|
45
|
+
}
|
|
46
|
+
const requestOrigin = request.header('origin');
|
|
47
|
+
let allowedOrigin;
|
|
48
|
+
if (Array.isArray(origin)) {
|
|
49
|
+
allowedOrigin =
|
|
50
|
+
requestOrigin && origin.includes(requestOrigin)
|
|
51
|
+
? requestOrigin
|
|
52
|
+
: origin[0];
|
|
53
|
+
}
|
|
54
|
+
else {
|
|
55
|
+
allowedOrigin = origin;
|
|
56
|
+
}
|
|
57
|
+
response.header('Access-Control-Allow-Origin', allowedOrigin);
|
|
58
|
+
response.header('Access-Control-Allow-Methods', methods.join(', '));
|
|
59
|
+
response.header('Access-Control-Allow-Headers', headers.join(', '));
|
|
60
|
+
if (credentials) {
|
|
61
|
+
response.header('Access-Control-Allow-Credentials', 'true');
|
|
62
|
+
}
|
|
63
|
+
if (Array.isArray(origin)) {
|
|
64
|
+
response.header('Vary', 'Origin');
|
|
65
|
+
}
|
|
66
|
+
if (request.method() === 'options') {
|
|
67
|
+
response.header('Access-Control-Max-Age', String(maxAge));
|
|
68
|
+
response.status(204).json(undefined);
|
|
69
|
+
return;
|
|
70
|
+
}
|
|
71
|
+
return next();
|
|
72
|
+
},
|
|
73
|
+
}));
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
-
export
|
|
2
|
-
export
|
|
3
|
-
export
|
|
1
|
+
export { authAPIKey } from './auth-apikey.js';
|
|
2
|
+
export { authCookie } from './auth-cookie.js';
|
|
3
|
+
export { authBearer } from './auth-bearer.js';
|
|
4
|
+
export { pikkuRemoteAuthMiddleware } from './remote-auth.js';
|
|
5
|
+
export { cors } from './cors.js';
|
package/dist/middleware/index.js
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
-
export
|
|
2
|
-
export
|
|
3
|
-
export
|
|
1
|
+
export { authAPIKey } from './auth-apikey.js';
|
|
2
|
+
export { authCookie } from './auth-cookie.js';
|
|
3
|
+
export { authBearer } from './auth-bearer.js';
|
|
4
|
+
export { pikkuRemoteAuthMiddleware } from './remote-auth.js';
|
|
5
|
+
export { cors } from './cors.js';
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
export declare const pikkuRemoteAuthMiddleware: import("../types/core.types.js").CorePikkuMiddleware<import("../types/core.types.js").CoreSingletonServices<{
|
|
2
|
+
logLevel?: import("../services/logger.js").LogLevel;
|
|
3
|
+
secrets?: {};
|
|
4
|
+
workflow?: import("../wirings/workflow/workflow.types.js").WorkflowServiceConfig;
|
|
5
|
+
}>, import("../types/core.types.js").CoreUserSession>;
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
import { UnauthorizedError } from '../errors/errors.js';
|
|
2
|
+
import { pikkuMiddleware } from '../types/core.types.js';
|
|
3
|
+
import { decryptJSON } from '../crypto-utils.js';
|
|
4
|
+
export const pikkuRemoteAuthMiddleware = pikkuMiddleware(async ({ secrets, jwt }, { http, setSession }, next) => {
|
|
5
|
+
if (!http?.request || !secrets) {
|
|
6
|
+
return next();
|
|
7
|
+
}
|
|
8
|
+
let secret;
|
|
9
|
+
try {
|
|
10
|
+
secret = await secrets.getSecret('PIKKU_REMOTE_SECRET');
|
|
11
|
+
}
|
|
12
|
+
catch {
|
|
13
|
+
return next();
|
|
14
|
+
}
|
|
15
|
+
if (!jwt) {
|
|
16
|
+
throw new Error('PIKKU_REMOTE_SECRET set but JWT service missing');
|
|
17
|
+
}
|
|
18
|
+
const authHeader = http.request.header('authorization') ||
|
|
19
|
+
http.request.header('Authorization');
|
|
20
|
+
if (!authHeader) {
|
|
21
|
+
throw new UnauthorizedError();
|
|
22
|
+
}
|
|
23
|
+
const [scheme, token] = authHeader.split(' ');
|
|
24
|
+
if (scheme !== 'Bearer' || !token) {
|
|
25
|
+
throw new UnauthorizedError();
|
|
26
|
+
}
|
|
27
|
+
let payload;
|
|
28
|
+
try {
|
|
29
|
+
payload = await jwt.decode(token);
|
|
30
|
+
}
|
|
31
|
+
catch {
|
|
32
|
+
throw new UnauthorizedError();
|
|
33
|
+
}
|
|
34
|
+
if (payload?.aud !== 'pikku-remote') {
|
|
35
|
+
throw new UnauthorizedError();
|
|
36
|
+
}
|
|
37
|
+
if (payload?.fn && http.request.path().startsWith('/rpc/')) {
|
|
38
|
+
const fn = decodeURIComponent(http.request.path().slice('/rpc/'.length));
|
|
39
|
+
if (fn && payload.fn !== fn) {
|
|
40
|
+
throw new UnauthorizedError();
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
if (payload?.session) {
|
|
44
|
+
try {
|
|
45
|
+
const decrypted = await decryptJSON(secret, payload.session);
|
|
46
|
+
if (decrypted?.session && setSession) {
|
|
47
|
+
await setSession(decrypted.session);
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
catch {
|
|
51
|
+
throw new UnauthorizedError();
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
return next();
|
|
55
|
+
});
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
export declare const timeout: () => import("../types/core.types.js").CorePikkuMiddlewareFactory<{
|
|
2
2
|
timeout: number;
|
|
3
3
|
}, import("../types/core.types.js").CoreSingletonServices<{
|
|
4
|
-
logLevel?: import("../
|
|
4
|
+
logLevel?: import("../services/logger.js").LogLevel;
|
|
5
5
|
secrets?: {};
|
|
6
|
-
workflow?: import("../
|
|
6
|
+
workflow?: import("../wirings/workflow/workflow.types.js").WorkflowServiceConfig;
|
|
7
7
|
}>, import("../types/core.types.js").CoreUserSession>;
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { pikkuState } from './pikku-state.js';
|
|
2
|
-
import { freezeDedupe } from './utils.js';
|
|
2
|
+
import { freezeDedupe, getTagGroups } from './utils.js';
|
|
3
3
|
/**
|
|
4
4
|
* Runs a chain of middleware functions in sequence before executing the main function.
|
|
5
5
|
*
|
|
@@ -75,7 +75,7 @@ export const addMiddleware = (tag, middleware, packageName = null) => {
|
|
|
75
75
|
* This function looks up middleware that was registered with registerMiddleware.
|
|
76
76
|
* It's used internally by the framework to resolve middleware references in metadata.
|
|
77
77
|
*
|
|
78
|
-
* @param {string} name - The unique name (
|
|
78
|
+
* @param {string} name - The unique name (pikkuFuncId) of the middleware function.
|
|
79
79
|
* @returns {CorePikkuMiddleware | undefined} The middleware function, or undefined if not found.
|
|
80
80
|
*
|
|
81
81
|
* @internal
|
|
@@ -91,7 +91,9 @@ const middlewareCache = {
|
|
|
91
91
|
channel: {},
|
|
92
92
|
queue: {},
|
|
93
93
|
scheduler: {},
|
|
94
|
+
trigger: {},
|
|
94
95
|
mcp: {},
|
|
96
|
+
agent: {},
|
|
95
97
|
cli: {},
|
|
96
98
|
workflow: {},
|
|
97
99
|
};
|
|
@@ -134,10 +136,8 @@ export const combineMiddleware = (wireType, uid, { wireInheritedMiddleware, wire
|
|
|
134
136
|
}
|
|
135
137
|
}
|
|
136
138
|
else if (meta.type === 'tag') {
|
|
137
|
-
|
|
138
|
-
const group
|
|
139
|
-
if (group) {
|
|
140
|
-
// At runtime, all factories should be resolved to middleware
|
|
139
|
+
const groups = getTagGroups(pikkuState(packageName, 'middleware', 'tagGroup'), meta.tag);
|
|
140
|
+
for (const group of groups) {
|
|
141
141
|
resolved.push(...group);
|
|
142
142
|
}
|
|
143
143
|
}
|
|
@@ -158,10 +158,8 @@ export const combineMiddleware = (wireType, uid, { wireInheritedMiddleware, wire
|
|
|
158
158
|
if (funcInheritedMiddleware) {
|
|
159
159
|
for (const meta of funcInheritedMiddleware) {
|
|
160
160
|
if (meta.type === 'tag') {
|
|
161
|
-
|
|
162
|
-
const group
|
|
163
|
-
if (group) {
|
|
164
|
-
// At runtime, all factories should be resolved to middleware
|
|
161
|
+
const groups = getTagGroups(pikkuState(packageName, 'middleware', 'tagGroup'), meta.tag);
|
|
162
|
+
for (const group of groups) {
|
|
165
163
|
resolved.push(...group);
|
|
166
164
|
}
|
|
167
165
|
}
|
package/dist/permissions.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { pikkuState } from './pikku-state.js';
|
|
2
2
|
import { ForbiddenError } from './errors/errors.js';
|
|
3
|
-
import { freezeDedupe } from './utils.js';
|
|
3
|
+
import { freezeDedupe, getTagGroups } from './utils.js';
|
|
4
4
|
/**
|
|
5
5
|
* This function validates permissions by iterating over permission groups and executing the corresponding permission functions. If all functions in at least one group return true, the permission is considered valid.
|
|
6
6
|
* @param services - The core services required for permission validation.
|
|
@@ -39,7 +39,7 @@ const verifyPermissions = async (permissions, services, data, wire) => {
|
|
|
39
39
|
* This function looks up permissions that was registered with registerPermission.
|
|
40
40
|
* It's used internally by the framework to resolve permission references in metadata.
|
|
41
41
|
*
|
|
42
|
-
* @param {string} name - The unique name (
|
|
42
|
+
* @param {string} name - The unique name (pikkuFuncId) of the permission function.
|
|
43
43
|
* @returns {CorePikkuPermission | undefined} The permission function, or undefined if not found.
|
|
44
44
|
*
|
|
45
45
|
* @internal
|
|
@@ -94,7 +94,9 @@ const combinedPermissionsCache = {
|
|
|
94
94
|
channel: {},
|
|
95
95
|
queue: {},
|
|
96
96
|
scheduler: {},
|
|
97
|
+
trigger: {},
|
|
97
98
|
mcp: {},
|
|
99
|
+
agent: {},
|
|
98
100
|
cli: {},
|
|
99
101
|
workflow: {},
|
|
100
102
|
};
|
|
@@ -143,9 +145,8 @@ const combinePermissions = (wireType, uid, { wireInheritedPermissions, wirePermi
|
|
|
143
145
|
}
|
|
144
146
|
}
|
|
145
147
|
else if (meta.type === 'tag') {
|
|
146
|
-
|
|
147
|
-
const group
|
|
148
|
-
if (group) {
|
|
148
|
+
const groups = getTagGroups(pikkuState(packageName, 'permissions', 'tagGroup'), meta.tag);
|
|
149
|
+
for (const group of groups) {
|
|
149
150
|
if (Array.isArray(group)) {
|
|
150
151
|
resolved.push(...group);
|
|
151
152
|
}
|
|
@@ -176,9 +177,8 @@ const combinePermissions = (wireType, uid, { wireInheritedPermissions, wirePermi
|
|
|
176
177
|
if (funcInheritedPermissions) {
|
|
177
178
|
for (const meta of funcInheritedPermissions) {
|
|
178
179
|
if (meta.type === 'tag') {
|
|
179
|
-
|
|
180
|
-
const group
|
|
181
|
-
if (group) {
|
|
180
|
+
const groups = getTagGroups(pikkuState(packageName, 'permissions', 'tagGroup'), meta.tag);
|
|
181
|
+
for (const group of groups) {
|
|
182
182
|
if (Array.isArray(group)) {
|
|
183
183
|
resolved.push(...group);
|
|
184
184
|
}
|
|
@@ -218,17 +218,13 @@ export const runPermissions = async (wireType, uid, { wireInheritedPermissions,
|
|
|
218
218
|
});
|
|
219
219
|
// Check all combined permissions - at least one must pass if any exist
|
|
220
220
|
if (allPermissions.length > 0) {
|
|
221
|
-
let permissioned = false;
|
|
222
221
|
for (const permission of allPermissions) {
|
|
223
222
|
const result = await verifyPermissions(typeof permission === 'function' ? { permission } : permission, services, data, wire);
|
|
224
223
|
if (result) {
|
|
225
|
-
|
|
226
|
-
// Continue executing all permissions (don't break early)
|
|
224
|
+
return;
|
|
227
225
|
}
|
|
228
226
|
}
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
throw new ForbiddenError('Permission denied');
|
|
232
|
-
}
|
|
227
|
+
services.logger.debug('Permission denied - combined permissions');
|
|
228
|
+
throw new ForbiddenError('Permission denied');
|
|
233
229
|
}
|
|
234
230
|
};
|
package/dist/pikku-state.d.ts
CHANGED
|
@@ -24,6 +24,7 @@ export declare const pikkuState: <Type extends keyof PikkuPackageState, Content
|
|
|
24
24
|
*/
|
|
25
25
|
export declare const initializePikkuState: (packageName: string) => void;
|
|
26
26
|
export declare const resetPikkuState: () => void;
|
|
27
|
+
export declare const getPikkuMetaDir: (packageName?: string | null) => string | null;
|
|
27
28
|
/**
|
|
28
29
|
* Register service factories for an external package.
|
|
29
30
|
* These factories are used to create services when the package's functions are invoked.
|