@pikku/core 0.12.2 → 0.12.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (282) hide show
  1. package/CHANGELOG.md +24 -0
  2. package/dist/crypto-utils.d.ts +10 -0
  3. package/dist/crypto-utils.js +62 -0
  4. package/dist/function/function-runner.js +4 -4
  5. package/dist/function/functions.types.d.ts +26 -1
  6. package/dist/function/functions.types.js +16 -0
  7. package/dist/handle-error.d.ts +1 -1
  8. package/dist/handle-error.js +7 -3
  9. package/dist/index.d.ts +14 -2
  10. package/dist/index.js +1 -1
  11. package/dist/pikku-state.js +3 -1
  12. package/dist/schema.js +1 -1
  13. package/dist/services/in-memory-workflow-service.d.ts +22 -3
  14. package/dist/services/in-memory-workflow-service.js +77 -1
  15. package/dist/services/workflow-service.d.ts +8 -2
  16. package/dist/testing/index.d.ts +2 -0
  17. package/dist/testing/index.js +1 -0
  18. package/dist/testing/service-tests.d.ts +31 -0
  19. package/dist/testing/service-tests.js +598 -0
  20. package/dist/types/core.types.d.ts +9 -1
  21. package/dist/types/state.types.d.ts +4 -2
  22. package/dist/utils/hash.d.ts +2 -0
  23. package/dist/utils/hash.js +23 -0
  24. package/dist/wirings/ai-agent/agent-dynamic-workflow.d.ts +6 -0
  25. package/dist/wirings/ai-agent/agent-dynamic-workflow.js +348 -0
  26. package/dist/wirings/ai-agent/ai-agent-memory.d.ts +1 -1
  27. package/dist/wirings/ai-agent/ai-agent-memory.js +6 -5
  28. package/dist/wirings/ai-agent/ai-agent-prepare.d.ts +10 -7
  29. package/dist/wirings/ai-agent/ai-agent-prepare.js +127 -47
  30. package/dist/wirings/ai-agent/ai-agent-runner.d.ts +4 -0
  31. package/dist/wirings/ai-agent/ai-agent-runner.js +381 -27
  32. package/dist/wirings/ai-agent/ai-agent-stream.d.ts +7 -2
  33. package/dist/wirings/ai-agent/ai-agent-stream.js +109 -46
  34. package/dist/wirings/ai-agent/ai-agent.types.d.ts +22 -1
  35. package/dist/wirings/ai-agent/index.d.ts +1 -2
  36. package/dist/wirings/ai-agent/index.js +1 -2
  37. package/dist/wirings/channel/channel-handler.js +5 -1
  38. package/dist/wirings/channel/channel.types.d.ts +1 -7
  39. package/dist/wirings/channel/local/local-channel-handler.d.ts +1 -1
  40. package/dist/wirings/channel/local/local-channel-handler.js +5 -3
  41. package/dist/wirings/channel/local/local-channel-runner.js +14 -4
  42. package/dist/wirings/channel/serverless/serverless-channel-runner.js +4 -1
  43. package/dist/wirings/cli/cli-runner.js +10 -2
  44. package/dist/wirings/cli/cli.types.d.ts +1 -0
  45. package/dist/wirings/http/http-routes.js +0 -1
  46. package/dist/wirings/http/http-runner.d.ts +1 -1
  47. package/dist/wirings/http/http-runner.js +25 -3
  48. package/dist/wirings/http/http.types.d.ts +3 -11
  49. package/dist/wirings/http/index.d.ts +2 -1
  50. package/dist/wirings/http/index.js +1 -0
  51. package/dist/wirings/http/pikku-fetch-http-request.d.ts +1 -0
  52. package/dist/wirings/http/pikku-fetch-http-request.js +3 -0
  53. package/dist/wirings/http/pikku-fetch-http-response.d.ts +1 -0
  54. package/dist/wirings/http/pikku-fetch-http-response.js +4 -4
  55. package/dist/wirings/http/web-request.d.ts +12 -0
  56. package/dist/wirings/http/web-request.js +85 -0
  57. package/dist/wirings/mcp/mcp-endpoint-registry.js +1 -1
  58. package/dist/wirings/mcp/mcp-runner.js +13 -1
  59. package/dist/wirings/rpc/rpc-runner.d.ts +30 -6
  60. package/dist/wirings/rpc/rpc-runner.js +36 -14
  61. package/dist/wirings/rpc/rpc-types.d.ts +6 -1
  62. package/dist/wirings/rpc/wire-addon.d.ts +1 -0
  63. package/dist/wirings/rpc/wire-addon.js +1 -1
  64. package/dist/wirings/scheduler/scheduler-runner.js +1 -0
  65. package/dist/wirings/workflow/graph/graph-validation.d.ts +3 -0
  66. package/dist/wirings/workflow/graph/graph-validation.js +175 -0
  67. package/dist/wirings/workflow/graph/index.d.ts +1 -0
  68. package/dist/wirings/workflow/graph/index.js +1 -0
  69. package/dist/wirings/workflow/index.d.ts +1 -1
  70. package/dist/wirings/workflow/pikku-workflow-service.d.ts +8 -2
  71. package/dist/wirings/workflow/pikku-workflow-service.js +1 -2
  72. package/dist/wirings/workflow/workflow.types.d.ts +10 -1
  73. package/lcov.info +18891 -0
  74. package/package.json +4 -2
  75. package/dist/wirings/ai-agent/ai-agent-assistant-ui.d.ts +0 -5
  76. package/dist/wirings/ai-agent/ai-agent-assistant-ui.js +0 -168
  77. package/src/crypto-utils.test.ts +0 -116
  78. package/src/crypto-utils.ts +0 -99
  79. package/src/errors/error-handler.ts +0 -62
  80. package/src/errors/error.test.ts +0 -195
  81. package/src/errors/errors.ts +0 -374
  82. package/src/errors/index.ts +0 -2
  83. package/src/factory-functions.test.ts +0 -109
  84. package/src/function/function-runner.test.ts +0 -536
  85. package/src/function/function-runner.ts +0 -365
  86. package/src/function/functions.types.ts +0 -267
  87. package/src/function/index.ts +0 -5
  88. package/src/handle-error.test.ts +0 -361
  89. package/src/handle-error.ts +0 -65
  90. package/src/index.ts +0 -104
  91. package/src/internal.ts +0 -6
  92. package/src/middleware/auth-apikey.test.ts +0 -363
  93. package/src/middleware/auth-apikey.ts +0 -47
  94. package/src/middleware/auth-bearer.test.ts +0 -450
  95. package/src/middleware/auth-bearer.ts +0 -72
  96. package/src/middleware/auth-cookie.test.ts +0 -528
  97. package/src/middleware/auth-cookie.ts +0 -80
  98. package/src/middleware/cors.test.ts +0 -424
  99. package/src/middleware/cors.ts +0 -104
  100. package/src/middleware/index.ts +0 -5
  101. package/src/middleware/remote-auth.test.ts +0 -488
  102. package/src/middleware/remote-auth.ts +0 -68
  103. package/src/middleware/timeout.ts +0 -15
  104. package/src/middleware-runner.test.ts +0 -418
  105. package/src/middleware-runner.ts +0 -234
  106. package/src/permissions.test.ts +0 -434
  107. package/src/permissions.ts +0 -319
  108. package/src/pikku-request.ts +0 -23
  109. package/src/pikku-response.ts +0 -5
  110. package/src/pikku-state.test.ts +0 -224
  111. package/src/pikku-state.ts +0 -214
  112. package/src/run-tests-script.test.ts +0 -49
  113. package/src/schema.test.ts +0 -249
  114. package/src/schema.ts +0 -151
  115. package/src/services/ai-agent-runner-service.ts +0 -41
  116. package/src/services/ai-run-state-service.ts +0 -20
  117. package/src/services/ai-storage-service.ts +0 -39
  118. package/src/services/content-service.ts +0 -76
  119. package/src/services/deployment-service.ts +0 -22
  120. package/src/services/gateway-service.ts +0 -20
  121. package/src/services/gopass-secrets.ts +0 -98
  122. package/src/services/in-memory-ai-run-state-service.ts +0 -73
  123. package/src/services/in-memory-trigger-service.ts +0 -64
  124. package/src/services/in-memory-workflow-service.test.ts +0 -351
  125. package/src/services/in-memory-workflow-service.ts +0 -395
  126. package/src/services/index.ts +0 -56
  127. package/src/services/jwt-service.ts +0 -30
  128. package/src/services/local-content.ts +0 -120
  129. package/src/services/local-gateway-service.ts +0 -62
  130. package/src/services/local-secrets.test.ts +0 -80
  131. package/src/services/local-secrets.ts +0 -94
  132. package/src/services/local-variables.test.ts +0 -61
  133. package/src/services/local-variables.ts +0 -39
  134. package/src/services/logger-console.test.ts +0 -118
  135. package/src/services/logger-console.ts +0 -98
  136. package/src/services/logger.ts +0 -57
  137. package/src/services/scheduler-service.ts +0 -86
  138. package/src/services/schema-service.ts +0 -33
  139. package/src/services/scoped-secret-service.test.ts +0 -74
  140. package/src/services/scoped-secret-service.ts +0 -41
  141. package/src/services/secret-service.ts +0 -38
  142. package/src/services/trigger-service.ts +0 -17
  143. package/src/services/typed-secret-service.test.ts +0 -93
  144. package/src/services/typed-secret-service.ts +0 -70
  145. package/src/services/typed-variables-service.test.ts +0 -73
  146. package/src/services/typed-variables-service.ts +0 -81
  147. package/src/services/user-session-service.test.ts +0 -113
  148. package/src/services/user-session-service.ts +0 -86
  149. package/src/services/variables-service.ts +0 -11
  150. package/src/services/workflow-service.ts +0 -84
  151. package/src/time-utils.test.ts +0 -56
  152. package/src/time-utils.ts +0 -107
  153. package/src/types/core.types.ts +0 -470
  154. package/src/types/state.types.ts +0 -186
  155. package/src/utils.test.ts +0 -350
  156. package/src/utils.ts +0 -129
  157. package/src/version.test.ts +0 -80
  158. package/src/version.ts +0 -25
  159. package/src/wirings/ai-agent/ai-agent-assistant-ui.test.ts +0 -363
  160. package/src/wirings/ai-agent/ai-agent-assistant-ui.ts +0 -238
  161. package/src/wirings/ai-agent/ai-agent-helpers.test.ts +0 -152
  162. package/src/wirings/ai-agent/ai-agent-helpers.ts +0 -76
  163. package/src/wirings/ai-agent/ai-agent-memory.ts +0 -309
  164. package/src/wirings/ai-agent/ai-agent-model-config.test.ts +0 -115
  165. package/src/wirings/ai-agent/ai-agent-model-config.ts +0 -43
  166. package/src/wirings/ai-agent/ai-agent-prepare.ts +0 -522
  167. package/src/wirings/ai-agent/ai-agent-registry.test.ts +0 -37
  168. package/src/wirings/ai-agent/ai-agent-registry.ts +0 -82
  169. package/src/wirings/ai-agent/ai-agent-runner.test.ts +0 -317
  170. package/src/wirings/ai-agent/ai-agent-runner.ts +0 -251
  171. package/src/wirings/ai-agent/ai-agent-stream.test.ts +0 -652
  172. package/src/wirings/ai-agent/ai-agent-stream.ts +0 -1060
  173. package/src/wirings/ai-agent/ai-agent.types.ts +0 -360
  174. package/src/wirings/ai-agent/index.ts +0 -41
  175. package/src/wirings/channel/channel-common.ts +0 -90
  176. package/src/wirings/channel/channel-handler.ts +0 -241
  177. package/src/wirings/channel/channel-middleware-runner.ts +0 -120
  178. package/src/wirings/channel/channel-runner.ts +0 -166
  179. package/src/wirings/channel/channel-store.ts +0 -29
  180. package/src/wirings/channel/channel.types.ts +0 -178
  181. package/src/wirings/channel/define-channel-routes.ts +0 -25
  182. package/src/wirings/channel/eventhub-service.ts +0 -34
  183. package/src/wirings/channel/eventhub-store.ts +0 -13
  184. package/src/wirings/channel/index.ts +0 -24
  185. package/src/wirings/channel/local/index.ts +0 -3
  186. package/src/wirings/channel/local/local-channel-handler.ts +0 -79
  187. package/src/wirings/channel/local/local-channel-runner.test.ts +0 -215
  188. package/src/wirings/channel/local/local-channel-runner.ts +0 -200
  189. package/src/wirings/channel/local/local-eventhub-service.test.ts +0 -95
  190. package/src/wirings/channel/local/local-eventhub-service.ts +0 -101
  191. package/src/wirings/channel/log-channels.ts +0 -20
  192. package/src/wirings/channel/pikku-abstract-channel-handler.test.ts +0 -54
  193. package/src/wirings/channel/pikku-abstract-channel-handler.ts +0 -45
  194. package/src/wirings/channel/serverless/index.ts +0 -5
  195. package/src/wirings/channel/serverless/serverless-channel-runner.ts +0 -286
  196. package/src/wirings/cli/channel/cli-channel-runner.ts +0 -136
  197. package/src/wirings/cli/channel/index.ts +0 -1
  198. package/src/wirings/cli/cli-runner.test.ts +0 -403
  199. package/src/wirings/cli/cli-runner.ts +0 -519
  200. package/src/wirings/cli/cli.types.ts +0 -357
  201. package/src/wirings/cli/command-parser.test.ts +0 -445
  202. package/src/wirings/cli/command-parser.ts +0 -504
  203. package/src/wirings/cli/define-cli-commands.ts +0 -24
  204. package/src/wirings/cli/index.ts +0 -19
  205. package/src/wirings/gateway/gateway-runner.test.ts +0 -474
  206. package/src/wirings/gateway/gateway-runner.ts +0 -411
  207. package/src/wirings/gateway/gateway.types.ts +0 -149
  208. package/src/wirings/gateway/index.ts +0 -13
  209. package/src/wirings/http/http-routes.test.ts +0 -322
  210. package/src/wirings/http/http-routes.ts +0 -198
  211. package/src/wirings/http/http-runner.test.ts +0 -144
  212. package/src/wirings/http/http-runner.ts +0 -563
  213. package/src/wirings/http/http.types.ts +0 -378
  214. package/src/wirings/http/index.ts +0 -25
  215. package/src/wirings/http/log-http-routes.ts +0 -22
  216. package/src/wirings/http/pikku-fetch-http-request.test.ts +0 -237
  217. package/src/wirings/http/pikku-fetch-http-request.ts +0 -166
  218. package/src/wirings/http/pikku-fetch-http-response.test.ts +0 -82
  219. package/src/wirings/http/pikku-fetch-http-response.ts +0 -147
  220. package/src/wirings/http/routers/http-router.ts +0 -13
  221. package/src/wirings/http/routers/path-to-regex.test.ts +0 -319
  222. package/src/wirings/http/routers/path-to-regex.ts +0 -126
  223. package/src/wirings/mcp/index.ts +0 -27
  224. package/src/wirings/mcp/mcp-endpoint-registry.test.ts +0 -389
  225. package/src/wirings/mcp/mcp-endpoint-registry.ts +0 -159
  226. package/src/wirings/mcp/mcp-runner.ts +0 -305
  227. package/src/wirings/mcp/mcp.types.ts +0 -216
  228. package/src/wirings/node/index.ts +0 -2
  229. package/src/wirings/node/node.types.ts +0 -23
  230. package/src/wirings/oauth2/index.ts +0 -3
  231. package/src/wirings/oauth2/oauth2-client.test.ts +0 -929
  232. package/src/wirings/oauth2/oauth2-client.ts +0 -335
  233. package/src/wirings/oauth2/oauth2.types.ts +0 -69
  234. package/src/wirings/oauth2/wire-oauth2-credential.ts +0 -23
  235. package/src/wirings/queue/index.ts +0 -31
  236. package/src/wirings/queue/queue-runner.test.ts +0 -710
  237. package/src/wirings/queue/queue-runner.ts +0 -192
  238. package/src/wirings/queue/queue.types.ts +0 -189
  239. package/src/wirings/queue/register-queue-helper.ts +0 -60
  240. package/src/wirings/queue/validate-worker-config.test.ts +0 -108
  241. package/src/wirings/queue/validate-worker-config.ts +0 -116
  242. package/src/wirings/rpc/index.ts +0 -4
  243. package/src/wirings/rpc/rpc-runner.ts +0 -439
  244. package/src/wirings/rpc/rpc-types.ts +0 -51
  245. package/src/wirings/rpc/wire-addon.ts +0 -20
  246. package/src/wirings/scheduler/index.ts +0 -11
  247. package/src/wirings/scheduler/log-schedulers.ts +0 -20
  248. package/src/wirings/scheduler/scheduler-runner.test.ts +0 -660
  249. package/src/wirings/scheduler/scheduler-runner.ts +0 -132
  250. package/src/wirings/scheduler/scheduler.types.ts +0 -53
  251. package/src/wirings/secret/index.ts +0 -9
  252. package/src/wirings/secret/secret.types.ts +0 -32
  253. package/src/wirings/secret/validate-secret-definitions.test.ts +0 -140
  254. package/src/wirings/secret/validate-secret-definitions.ts +0 -82
  255. package/src/wirings/trigger/index.ts +0 -10
  256. package/src/wirings/trigger/pikku-trigger-service.ts +0 -112
  257. package/src/wirings/trigger/trigger-runner.test.ts +0 -79
  258. package/src/wirings/trigger/trigger-runner.ts +0 -135
  259. package/src/wirings/trigger/trigger.types.ts +0 -178
  260. package/src/wirings/variable/index.ts +0 -8
  261. package/src/wirings/variable/validate-variable-definitions.test.ts +0 -91
  262. package/src/wirings/variable/validate-variable-definitions.ts +0 -69
  263. package/src/wirings/variable/variable.types.ts +0 -22
  264. package/src/wirings/workflow/dsl/index.ts +0 -31
  265. package/src/wirings/workflow/dsl/workflow-dsl.types.ts +0 -320
  266. package/src/wirings/workflow/dsl/workflow-runner.ts +0 -28
  267. package/src/wirings/workflow/graph/graph-node.ts +0 -222
  268. package/src/wirings/workflow/graph/graph-runner.test.ts +0 -487
  269. package/src/wirings/workflow/graph/graph-runner.ts +0 -816
  270. package/src/wirings/workflow/graph/index.ts +0 -14
  271. package/src/wirings/workflow/graph/template.test.ts +0 -49
  272. package/src/wirings/workflow/graph/template.ts +0 -42
  273. package/src/wirings/workflow/graph/wire-workflow-graph.ts +0 -29
  274. package/src/wirings/workflow/graph/workflow-graph.types.ts +0 -104
  275. package/src/wirings/workflow/index.ts +0 -81
  276. package/src/wirings/workflow/pikku-workflow-service.test.ts +0 -200
  277. package/src/wirings/workflow/pikku-workflow-service.ts +0 -1165
  278. package/src/wirings/workflow/workflow-helpers.test.ts +0 -129
  279. package/src/wirings/workflow/workflow-helpers.ts +0 -79
  280. package/src/wirings/workflow/workflow.types.ts +0 -266
  281. package/tsconfig.json +0 -14
  282. package/tsconfig.tsbuildinfo +0 -1
@@ -1,450 +0,0 @@
1
- import { describe, test, beforeEach } from 'node:test'
2
- import assert from 'node:assert/strict'
3
- import { authBearer } from './auth-bearer.js'
4
- import { resetPikkuState } from '../pikku-state.js'
5
- import type { CoreUserSession } from '../types/core.types.js'
6
- import {
7
- PikkuSessionService,
8
- createMiddlewareSessionWireProps,
9
- } from '../services/user-session-service.js'
10
- import { InvalidSessionError } from '../errors/errors.js'
11
-
12
- beforeEach(() => {
13
- resetPikkuState()
14
- })
15
-
16
- const createMockHTTPRequest = (headers: Record<string, string> = {}) => ({
17
- header: (name: string) => {
18
- // Check both lowercase and exact case
19
- return headers[name.toLowerCase()] || headers[name] || null
20
- },
21
- })
22
-
23
- const createMockHTTPResponse = () => ({
24
- cookie: () => {},
25
- })
26
-
27
- describe('authBearer middleware', () => {
28
- test('should extract and decode JWT bearer token from Authorization header', async () => {
29
- const mockUserSession: CoreUserSession = { userId: 'user123' }
30
- const SessionService = new PikkuSessionService<CoreUserSession>()
31
- const jwtService = {
32
- encode: async () => 'token',
33
- decode: async (token: string) => {
34
- assert.equal(token, 'jwt-token')
35
- return mockUserSession
36
- },
37
- }
38
-
39
- const middleware = authBearer()
40
- let nextCalled = false
41
-
42
- await middleware(
43
- { jwt: jwtService } as any,
44
- {
45
- ...createMiddlewareSessionWireProps(SessionService),
46
- http: {
47
- request: createMockHTTPRequest({
48
- authorization: 'Bearer jwt-token',
49
- }),
50
- response: createMockHTTPResponse(),
51
- },
52
- } as any,
53
- async () => {
54
- nextCalled = true
55
- }
56
- )
57
-
58
- assert.equal(nextCalled, true)
59
- assert.deepEqual(SessionService.get(), mockUserSession)
60
- })
61
-
62
- test('should handle case-insensitive Authorization header', async () => {
63
- const mockUserSession: CoreUserSession = { userId: 'user456' }
64
- const SessionService = new PikkuSessionService<CoreUserSession>()
65
- const jwtService = {
66
- encode: async () => 'token',
67
- decode: async (token: string) => {
68
- assert.equal(token, 'jwt-token-2')
69
- return mockUserSession
70
- },
71
- }
72
-
73
- const middleware = authBearer()
74
- let nextCalled = false
75
-
76
- await middleware(
77
- { jwt: jwtService } as any,
78
- {
79
- ...createMiddlewareSessionWireProps(SessionService),
80
- http: {
81
- request: createMockHTTPRequest({
82
- Authorization: 'Bearer jwt-token-2',
83
- }),
84
- response: createMockHTTPResponse(),
85
- },
86
- } as any,
87
- async () => {
88
- nextCalled = true
89
- }
90
- )
91
-
92
- assert.equal(nextCalled, true)
93
- assert.deepEqual(SessionService.get(), mockUserSession)
94
- })
95
-
96
- test('should validate static token when token option is provided', async () => {
97
- const mockUserSession: CoreUserSession = {
98
- userId: 'static-user',
99
- role: 'admin',
100
- }
101
- const SessionService = new PikkuSessionService<CoreUserSession>()
102
- const jwtService = {
103
- encode: async () => 'token',
104
- decode: async () => {
105
- // Should not be called in static token mode
106
- assert.fail('JWT decode should not be called in static token mode')
107
- return null
108
- },
109
- }
110
-
111
- const middleware = authBearer({
112
- token: {
113
- value: 'my-static-token',
114
- userSession: mockUserSession,
115
- },
116
- })
117
- let nextCalled = false
118
-
119
- await middleware(
120
- { jwt: jwtService } as any,
121
- {
122
- ...createMiddlewareSessionWireProps(SessionService),
123
- http: {
124
- request: createMockHTTPRequest({
125
- authorization: 'Bearer my-static-token',
126
- }),
127
- response: createMockHTTPResponse(),
128
- },
129
- } as any,
130
- async () => {
131
- nextCalled = true
132
- }
133
- )
134
-
135
- assert.equal(nextCalled, true)
136
- assert.deepEqual(SessionService.get(), mockUserSession)
137
- })
138
-
139
- test('should throw InvalidSessionError when scheme is not Bearer', async () => {
140
- const SessionService = new PikkuSessionService<CoreUserSession>()
141
- const jwtService = {
142
- encode: async () => 'token',
143
- decode: async () => ({ userId: 'test' }),
144
- }
145
-
146
- const middleware = authBearer()
147
-
148
- await assert.rejects(
149
- async () => {
150
- await middleware(
151
- { jwt: jwtService } as any,
152
- {
153
- ...createMiddlewareSessionWireProps(SessionService),
154
- http: {
155
- request: createMockHTTPRequest({
156
- authorization: 'Basic some-token',
157
- }),
158
- response: createMockHTTPResponse(),
159
- },
160
- } as any,
161
- async () => {}
162
- )
163
- },
164
- (error: any) => {
165
- assert(error instanceof InvalidSessionError)
166
- return true
167
- }
168
- )
169
- })
170
-
171
- test('should throw InvalidSessionError when bearer token is missing', async () => {
172
- const SessionService = new PikkuSessionService<CoreUserSession>()
173
- const jwtService = {
174
- encode: async () => 'token',
175
- decode: async () => ({ userId: 'test' }),
176
- }
177
-
178
- const middleware = authBearer()
179
-
180
- await assert.rejects(
181
- async () => {
182
- await middleware(
183
- { jwt: jwtService } as any,
184
- {
185
- ...createMiddlewareSessionWireProps(SessionService),
186
- http: {
187
- request: createMockHTTPRequest({
188
- authorization: 'Bearer',
189
- }),
190
- response: createMockHTTPResponse(),
191
- },
192
- } as any,
193
- async () => {}
194
- )
195
- },
196
- (error: any) => {
197
- assert(error instanceof InvalidSessionError)
198
- return true
199
- }
200
- )
201
- })
202
-
203
- test('should throw InvalidSessionError when authorization header has no space', async () => {
204
- const SessionService = new PikkuSessionService<CoreUserSession>()
205
- const jwtService = {
206
- encode: async () => 'token',
207
- decode: async () => ({ userId: 'test' }),
208
- }
209
-
210
- const middleware = authBearer()
211
-
212
- await assert.rejects(
213
- async () => {
214
- await middleware(
215
- { jwt: jwtService } as any,
216
- {
217
- ...createMiddlewareSessionWireProps(SessionService),
218
- http: {
219
- request: createMockHTTPRequest({
220
- authorization: 'BearerToken',
221
- }),
222
- response: createMockHTTPResponse(),
223
- },
224
- } as any,
225
- async () => {}
226
- )
227
- },
228
- (error: any) => {
229
- assert(error instanceof InvalidSessionError)
230
- return true
231
- }
232
- )
233
- })
234
-
235
- test('should not set session when JWT decode returns null', async () => {
236
- const SessionService = new PikkuSessionService<CoreUserSession>()
237
- const jwtService = {
238
- encode: async () => 'token',
239
- decode: async () => null,
240
- }
241
-
242
- const middleware = authBearer()
243
- let nextCalled = false
244
-
245
- await middleware(
246
- { jwt: jwtService } as any,
247
- {
248
- ...createMiddlewareSessionWireProps(SessionService),
249
- http: {
250
- request: createMockHTTPRequest({
251
- authorization: 'Bearer invalid-token',
252
- }),
253
- response: createMockHTTPResponse(),
254
- },
255
- } as any,
256
- async () => {
257
- nextCalled = true
258
- }
259
- )
260
-
261
- assert.equal(nextCalled, true)
262
- assert.equal(SessionService.get(), undefined)
263
- })
264
-
265
- test('should not set session when static token does not match', async () => {
266
- const mockUserSession: CoreUserSession = { userId: 'static-user' }
267
- const SessionService = new PikkuSessionService<CoreUserSession>()
268
- const jwtService = {
269
- encode: async () => 'token',
270
- decode: async () => {
271
- // Should not be called when static token is provided
272
- assert.fail('JWT decode should not be called in static token mode')
273
- return null
274
- },
275
- }
276
-
277
- const middleware = authBearer({
278
- token: {
279
- value: 'correct-token',
280
- userSession: mockUserSession,
281
- },
282
- })
283
- let nextCalled = false
284
-
285
- await middleware(
286
- { jwt: jwtService } as any,
287
- {
288
- ...createMiddlewareSessionWireProps(SessionService),
289
- http: {
290
- request: createMockHTTPRequest({
291
- authorization: 'Bearer wrong-token',
292
- }),
293
- response: createMockHTTPResponse(),
294
- },
295
- } as any,
296
- async () => {
297
- nextCalled = true
298
- }
299
- )
300
-
301
- assert.equal(nextCalled, true)
302
- assert.equal(SessionService.get(), undefined)
303
- })
304
-
305
- test('should skip middleware when session already exists', async () => {
306
- const existingSession: CoreUserSession = { userId: 'existing' }
307
- const SessionService = new PikkuSessionService<CoreUserSession>()
308
- SessionService.setInitial(existingSession)
309
-
310
- let decodeCalled = false
311
- const jwtService = {
312
- encode: async () => 'token',
313
- decode: async () => {
314
- decodeCalled = true
315
- return { userId: 'new' }
316
- },
317
- }
318
-
319
- const middleware = authBearer()
320
- let nextCalled = false
321
-
322
- await middleware(
323
- { jwt: jwtService } as any,
324
- {
325
- ...createMiddlewareSessionWireProps(SessionService),
326
- http: {
327
- request: createMockHTTPRequest({
328
- authorization: 'Bearer some-token',
329
- }),
330
- response: createMockHTTPResponse(),
331
- },
332
- } as any,
333
- async () => {
334
- nextCalled = true
335
- }
336
- )
337
-
338
- assert.equal(nextCalled, true)
339
- assert.equal(decodeCalled, false)
340
- assert.deepEqual(SessionService.get(), existingSession)
341
- })
342
-
343
- test('should skip middleware when http.request is not available', async () => {
344
- const SessionService = new PikkuSessionService<CoreUserSession>()
345
- const jwtService = {
346
- encode: async () => 'token',
347
- decode: async () => ({ userId: 'test' }),
348
- }
349
-
350
- const middleware = authBearer()
351
- let nextCalled = false
352
-
353
- await middleware(
354
- { jwt: jwtService } as any,
355
- { ...createMiddlewareSessionWireProps(SessionService) } as any,
356
- async () => {
357
- nextCalled = true
358
- }
359
- )
360
-
361
- assert.equal(nextCalled, true)
362
- assert.equal(SessionService.get(), undefined)
363
- })
364
-
365
- test('should continue without session when authorization header is missing', async () => {
366
- const SessionService = new PikkuSessionService<CoreUserSession>()
367
- const jwtService = {
368
- encode: async () => 'token',
369
- decode: async () => ({ userId: 'test' }),
370
- }
371
-
372
- const middleware = authBearer()
373
- let nextCalled = false
374
-
375
- await middleware(
376
- { jwt: jwtService } as any,
377
- {
378
- ...createMiddlewareSessionWireProps(SessionService),
379
- http: {
380
- request: createMockHTTPRequest({}),
381
- response: createMockHTTPResponse(),
382
- },
383
- } as any,
384
- async () => {
385
- nextCalled = true
386
- }
387
- )
388
-
389
- assert.equal(nextCalled, true)
390
- assert.equal(SessionService.get(), undefined)
391
- })
392
-
393
- test('should not decode when jwtService is not available in JWT mode', async () => {
394
- const SessionService = new PikkuSessionService<CoreUserSession>()
395
-
396
- const middleware = authBearer()
397
- let nextCalled = false
398
-
399
- await middleware(
400
- { jwt: undefined } as any,
401
- {
402
- ...createMiddlewareSessionWireProps(SessionService),
403
- http: {
404
- request: createMockHTTPRequest({
405
- authorization: 'Bearer some-token',
406
- }),
407
- response: createMockHTTPResponse(),
408
- },
409
- } as any,
410
- async () => {
411
- nextCalled = true
412
- }
413
- )
414
-
415
- assert.equal(nextCalled, true)
416
- assert.equal(SessionService.get(), undefined)
417
- })
418
-
419
- test('should work in static token mode even when jwtService is not available', async () => {
420
- const mockUserSession: CoreUserSession = { userId: 'static-user' }
421
- const SessionService = new PikkuSessionService<CoreUserSession>()
422
-
423
- const middleware = authBearer({
424
- token: {
425
- value: 'static-token',
426
- userSession: mockUserSession,
427
- },
428
- })
429
- let nextCalled = false
430
-
431
- await middleware(
432
- { jwt: undefined } as any,
433
- {
434
- ...createMiddlewareSessionWireProps(SessionService),
435
- http: {
436
- request: createMockHTTPRequest({
437
- authorization: 'Bearer static-token',
438
- }),
439
- response: createMockHTTPResponse(),
440
- },
441
- } as any,
442
- async () => {
443
- nextCalled = true
444
- }
445
- )
446
-
447
- assert.equal(nextCalled, true)
448
- assert.deepEqual(SessionService.get(), mockUserSession)
449
- })
450
- })
@@ -1,72 +0,0 @@
1
- import { InvalidSessionError } from '../errors/errors.js'
2
- import type { CoreUserSession } from '../types/core.types.js'
3
- import { pikkuMiddleware, pikkuMiddlewareFactory } from '../types/core.types.js'
4
-
5
- /**
6
- * Bearer token middleware that extracts and validates tokens from the Authorization header.
7
- *
8
- * Supports two modes:
9
- * - JWT decoding (default): Decodes bearer tokens using the JWT service
10
- * - Static token: Provide a `token` object with a value and userSession for simple token validation
11
- *
12
- * @param options.token - Optional static token configuration { value: string, userSession: CoreUserSession }
13
- *
14
- * @example
15
- * ```typescript
16
- * import { authBearer } from '@pikku/core/middleware'
17
- *
18
- * // JWT mode (default)
19
- * addHTTPMiddleware('*', [
20
- * authBearer()
21
- * ])
22
- *
23
- * // Static token mode
24
- * addHTTPMiddleware('*', [
25
- * authBearer({
26
- * token: {
27
- * value: process.env.API_TOKEN,
28
- * userSession: { userId: 'system', role: 'admin' }
29
- * }
30
- * })
31
- * ])
32
- * ```
33
- */
34
- export const authBearer = pikkuMiddlewareFactory<{
35
- token?: {
36
- value: string
37
- userSession: CoreUserSession
38
- }
39
- }>(({ token } = {}) =>
40
- pikkuMiddleware(
41
- async ({ jwt: jwtService }, { http, setSession, session }, next) => {
42
- if (!http?.request || !setSession || session) {
43
- return next()
44
- }
45
-
46
- const authHeader =
47
- http.request.header('authorization') ||
48
- http.request.header('Authorization')
49
-
50
- if (authHeader) {
51
- const [scheme, bearerToken] = authHeader.split(' ')
52
- if (scheme !== 'Bearer' || !bearerToken) {
53
- throw new InvalidSessionError()
54
- }
55
-
56
- let userSession: CoreUserSession | null = null
57
-
58
- if (token && bearerToken === token.value) {
59
- userSession = token.userSession
60
- } else if (jwtService && !token) {
61
- userSession = await jwtService.decode(bearerToken)
62
- }
63
-
64
- if (userSession) {
65
- setSession?.(userSession)
66
- }
67
- }
68
-
69
- return next()
70
- }
71
- )
72
- )