@pikku/core 0.12.2 → 0.12.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (282) hide show
  1. package/CHANGELOG.md +24 -0
  2. package/dist/crypto-utils.d.ts +10 -0
  3. package/dist/crypto-utils.js +62 -0
  4. package/dist/function/function-runner.js +4 -4
  5. package/dist/function/functions.types.d.ts +26 -1
  6. package/dist/function/functions.types.js +16 -0
  7. package/dist/handle-error.d.ts +1 -1
  8. package/dist/handle-error.js +7 -3
  9. package/dist/index.d.ts +14 -2
  10. package/dist/index.js +1 -1
  11. package/dist/pikku-state.js +3 -1
  12. package/dist/schema.js +1 -1
  13. package/dist/services/in-memory-workflow-service.d.ts +22 -3
  14. package/dist/services/in-memory-workflow-service.js +77 -1
  15. package/dist/services/workflow-service.d.ts +8 -2
  16. package/dist/testing/index.d.ts +2 -0
  17. package/dist/testing/index.js +1 -0
  18. package/dist/testing/service-tests.d.ts +31 -0
  19. package/dist/testing/service-tests.js +598 -0
  20. package/dist/types/core.types.d.ts +9 -1
  21. package/dist/types/state.types.d.ts +4 -2
  22. package/dist/utils/hash.d.ts +2 -0
  23. package/dist/utils/hash.js +23 -0
  24. package/dist/wirings/ai-agent/agent-dynamic-workflow.d.ts +6 -0
  25. package/dist/wirings/ai-agent/agent-dynamic-workflow.js +348 -0
  26. package/dist/wirings/ai-agent/ai-agent-memory.d.ts +1 -1
  27. package/dist/wirings/ai-agent/ai-agent-memory.js +6 -5
  28. package/dist/wirings/ai-agent/ai-agent-prepare.d.ts +10 -7
  29. package/dist/wirings/ai-agent/ai-agent-prepare.js +127 -47
  30. package/dist/wirings/ai-agent/ai-agent-runner.d.ts +4 -0
  31. package/dist/wirings/ai-agent/ai-agent-runner.js +381 -27
  32. package/dist/wirings/ai-agent/ai-agent-stream.d.ts +7 -2
  33. package/dist/wirings/ai-agent/ai-agent-stream.js +109 -46
  34. package/dist/wirings/ai-agent/ai-agent.types.d.ts +22 -1
  35. package/dist/wirings/ai-agent/index.d.ts +1 -2
  36. package/dist/wirings/ai-agent/index.js +1 -2
  37. package/dist/wirings/channel/channel-handler.js +5 -1
  38. package/dist/wirings/channel/channel.types.d.ts +1 -7
  39. package/dist/wirings/channel/local/local-channel-handler.d.ts +1 -1
  40. package/dist/wirings/channel/local/local-channel-handler.js +5 -3
  41. package/dist/wirings/channel/local/local-channel-runner.js +14 -4
  42. package/dist/wirings/channel/serverless/serverless-channel-runner.js +4 -1
  43. package/dist/wirings/cli/cli-runner.js +10 -2
  44. package/dist/wirings/cli/cli.types.d.ts +1 -0
  45. package/dist/wirings/http/http-routes.js +0 -1
  46. package/dist/wirings/http/http-runner.d.ts +1 -1
  47. package/dist/wirings/http/http-runner.js +25 -3
  48. package/dist/wirings/http/http.types.d.ts +3 -11
  49. package/dist/wirings/http/index.d.ts +2 -1
  50. package/dist/wirings/http/index.js +1 -0
  51. package/dist/wirings/http/pikku-fetch-http-request.d.ts +1 -0
  52. package/dist/wirings/http/pikku-fetch-http-request.js +3 -0
  53. package/dist/wirings/http/pikku-fetch-http-response.d.ts +1 -0
  54. package/dist/wirings/http/pikku-fetch-http-response.js +4 -4
  55. package/dist/wirings/http/web-request.d.ts +12 -0
  56. package/dist/wirings/http/web-request.js +85 -0
  57. package/dist/wirings/mcp/mcp-endpoint-registry.js +1 -1
  58. package/dist/wirings/mcp/mcp-runner.js +13 -1
  59. package/dist/wirings/rpc/rpc-runner.d.ts +30 -6
  60. package/dist/wirings/rpc/rpc-runner.js +36 -14
  61. package/dist/wirings/rpc/rpc-types.d.ts +6 -1
  62. package/dist/wirings/rpc/wire-addon.d.ts +1 -0
  63. package/dist/wirings/rpc/wire-addon.js +1 -1
  64. package/dist/wirings/scheduler/scheduler-runner.js +1 -0
  65. package/dist/wirings/workflow/graph/graph-validation.d.ts +3 -0
  66. package/dist/wirings/workflow/graph/graph-validation.js +175 -0
  67. package/dist/wirings/workflow/graph/index.d.ts +1 -0
  68. package/dist/wirings/workflow/graph/index.js +1 -0
  69. package/dist/wirings/workflow/index.d.ts +1 -1
  70. package/dist/wirings/workflow/pikku-workflow-service.d.ts +8 -2
  71. package/dist/wirings/workflow/pikku-workflow-service.js +1 -2
  72. package/dist/wirings/workflow/workflow.types.d.ts +10 -1
  73. package/lcov.info +18891 -0
  74. package/package.json +4 -2
  75. package/dist/wirings/ai-agent/ai-agent-assistant-ui.d.ts +0 -5
  76. package/dist/wirings/ai-agent/ai-agent-assistant-ui.js +0 -168
  77. package/src/crypto-utils.test.ts +0 -116
  78. package/src/crypto-utils.ts +0 -99
  79. package/src/errors/error-handler.ts +0 -62
  80. package/src/errors/error.test.ts +0 -195
  81. package/src/errors/errors.ts +0 -374
  82. package/src/errors/index.ts +0 -2
  83. package/src/factory-functions.test.ts +0 -109
  84. package/src/function/function-runner.test.ts +0 -536
  85. package/src/function/function-runner.ts +0 -365
  86. package/src/function/functions.types.ts +0 -267
  87. package/src/function/index.ts +0 -5
  88. package/src/handle-error.test.ts +0 -361
  89. package/src/handle-error.ts +0 -65
  90. package/src/index.ts +0 -104
  91. package/src/internal.ts +0 -6
  92. package/src/middleware/auth-apikey.test.ts +0 -363
  93. package/src/middleware/auth-apikey.ts +0 -47
  94. package/src/middleware/auth-bearer.test.ts +0 -450
  95. package/src/middleware/auth-bearer.ts +0 -72
  96. package/src/middleware/auth-cookie.test.ts +0 -528
  97. package/src/middleware/auth-cookie.ts +0 -80
  98. package/src/middleware/cors.test.ts +0 -424
  99. package/src/middleware/cors.ts +0 -104
  100. package/src/middleware/index.ts +0 -5
  101. package/src/middleware/remote-auth.test.ts +0 -488
  102. package/src/middleware/remote-auth.ts +0 -68
  103. package/src/middleware/timeout.ts +0 -15
  104. package/src/middleware-runner.test.ts +0 -418
  105. package/src/middleware-runner.ts +0 -234
  106. package/src/permissions.test.ts +0 -434
  107. package/src/permissions.ts +0 -319
  108. package/src/pikku-request.ts +0 -23
  109. package/src/pikku-response.ts +0 -5
  110. package/src/pikku-state.test.ts +0 -224
  111. package/src/pikku-state.ts +0 -214
  112. package/src/run-tests-script.test.ts +0 -49
  113. package/src/schema.test.ts +0 -249
  114. package/src/schema.ts +0 -151
  115. package/src/services/ai-agent-runner-service.ts +0 -41
  116. package/src/services/ai-run-state-service.ts +0 -20
  117. package/src/services/ai-storage-service.ts +0 -39
  118. package/src/services/content-service.ts +0 -76
  119. package/src/services/deployment-service.ts +0 -22
  120. package/src/services/gateway-service.ts +0 -20
  121. package/src/services/gopass-secrets.ts +0 -98
  122. package/src/services/in-memory-ai-run-state-service.ts +0 -73
  123. package/src/services/in-memory-trigger-service.ts +0 -64
  124. package/src/services/in-memory-workflow-service.test.ts +0 -351
  125. package/src/services/in-memory-workflow-service.ts +0 -395
  126. package/src/services/index.ts +0 -56
  127. package/src/services/jwt-service.ts +0 -30
  128. package/src/services/local-content.ts +0 -120
  129. package/src/services/local-gateway-service.ts +0 -62
  130. package/src/services/local-secrets.test.ts +0 -80
  131. package/src/services/local-secrets.ts +0 -94
  132. package/src/services/local-variables.test.ts +0 -61
  133. package/src/services/local-variables.ts +0 -39
  134. package/src/services/logger-console.test.ts +0 -118
  135. package/src/services/logger-console.ts +0 -98
  136. package/src/services/logger.ts +0 -57
  137. package/src/services/scheduler-service.ts +0 -86
  138. package/src/services/schema-service.ts +0 -33
  139. package/src/services/scoped-secret-service.test.ts +0 -74
  140. package/src/services/scoped-secret-service.ts +0 -41
  141. package/src/services/secret-service.ts +0 -38
  142. package/src/services/trigger-service.ts +0 -17
  143. package/src/services/typed-secret-service.test.ts +0 -93
  144. package/src/services/typed-secret-service.ts +0 -70
  145. package/src/services/typed-variables-service.test.ts +0 -73
  146. package/src/services/typed-variables-service.ts +0 -81
  147. package/src/services/user-session-service.test.ts +0 -113
  148. package/src/services/user-session-service.ts +0 -86
  149. package/src/services/variables-service.ts +0 -11
  150. package/src/services/workflow-service.ts +0 -84
  151. package/src/time-utils.test.ts +0 -56
  152. package/src/time-utils.ts +0 -107
  153. package/src/types/core.types.ts +0 -470
  154. package/src/types/state.types.ts +0 -186
  155. package/src/utils.test.ts +0 -350
  156. package/src/utils.ts +0 -129
  157. package/src/version.test.ts +0 -80
  158. package/src/version.ts +0 -25
  159. package/src/wirings/ai-agent/ai-agent-assistant-ui.test.ts +0 -363
  160. package/src/wirings/ai-agent/ai-agent-assistant-ui.ts +0 -238
  161. package/src/wirings/ai-agent/ai-agent-helpers.test.ts +0 -152
  162. package/src/wirings/ai-agent/ai-agent-helpers.ts +0 -76
  163. package/src/wirings/ai-agent/ai-agent-memory.ts +0 -309
  164. package/src/wirings/ai-agent/ai-agent-model-config.test.ts +0 -115
  165. package/src/wirings/ai-agent/ai-agent-model-config.ts +0 -43
  166. package/src/wirings/ai-agent/ai-agent-prepare.ts +0 -522
  167. package/src/wirings/ai-agent/ai-agent-registry.test.ts +0 -37
  168. package/src/wirings/ai-agent/ai-agent-registry.ts +0 -82
  169. package/src/wirings/ai-agent/ai-agent-runner.test.ts +0 -317
  170. package/src/wirings/ai-agent/ai-agent-runner.ts +0 -251
  171. package/src/wirings/ai-agent/ai-agent-stream.test.ts +0 -652
  172. package/src/wirings/ai-agent/ai-agent-stream.ts +0 -1060
  173. package/src/wirings/ai-agent/ai-agent.types.ts +0 -360
  174. package/src/wirings/ai-agent/index.ts +0 -41
  175. package/src/wirings/channel/channel-common.ts +0 -90
  176. package/src/wirings/channel/channel-handler.ts +0 -241
  177. package/src/wirings/channel/channel-middleware-runner.ts +0 -120
  178. package/src/wirings/channel/channel-runner.ts +0 -166
  179. package/src/wirings/channel/channel-store.ts +0 -29
  180. package/src/wirings/channel/channel.types.ts +0 -178
  181. package/src/wirings/channel/define-channel-routes.ts +0 -25
  182. package/src/wirings/channel/eventhub-service.ts +0 -34
  183. package/src/wirings/channel/eventhub-store.ts +0 -13
  184. package/src/wirings/channel/index.ts +0 -24
  185. package/src/wirings/channel/local/index.ts +0 -3
  186. package/src/wirings/channel/local/local-channel-handler.ts +0 -79
  187. package/src/wirings/channel/local/local-channel-runner.test.ts +0 -215
  188. package/src/wirings/channel/local/local-channel-runner.ts +0 -200
  189. package/src/wirings/channel/local/local-eventhub-service.test.ts +0 -95
  190. package/src/wirings/channel/local/local-eventhub-service.ts +0 -101
  191. package/src/wirings/channel/log-channels.ts +0 -20
  192. package/src/wirings/channel/pikku-abstract-channel-handler.test.ts +0 -54
  193. package/src/wirings/channel/pikku-abstract-channel-handler.ts +0 -45
  194. package/src/wirings/channel/serverless/index.ts +0 -5
  195. package/src/wirings/channel/serverless/serverless-channel-runner.ts +0 -286
  196. package/src/wirings/cli/channel/cli-channel-runner.ts +0 -136
  197. package/src/wirings/cli/channel/index.ts +0 -1
  198. package/src/wirings/cli/cli-runner.test.ts +0 -403
  199. package/src/wirings/cli/cli-runner.ts +0 -519
  200. package/src/wirings/cli/cli.types.ts +0 -357
  201. package/src/wirings/cli/command-parser.test.ts +0 -445
  202. package/src/wirings/cli/command-parser.ts +0 -504
  203. package/src/wirings/cli/define-cli-commands.ts +0 -24
  204. package/src/wirings/cli/index.ts +0 -19
  205. package/src/wirings/gateway/gateway-runner.test.ts +0 -474
  206. package/src/wirings/gateway/gateway-runner.ts +0 -411
  207. package/src/wirings/gateway/gateway.types.ts +0 -149
  208. package/src/wirings/gateway/index.ts +0 -13
  209. package/src/wirings/http/http-routes.test.ts +0 -322
  210. package/src/wirings/http/http-routes.ts +0 -198
  211. package/src/wirings/http/http-runner.test.ts +0 -144
  212. package/src/wirings/http/http-runner.ts +0 -563
  213. package/src/wirings/http/http.types.ts +0 -378
  214. package/src/wirings/http/index.ts +0 -25
  215. package/src/wirings/http/log-http-routes.ts +0 -22
  216. package/src/wirings/http/pikku-fetch-http-request.test.ts +0 -237
  217. package/src/wirings/http/pikku-fetch-http-request.ts +0 -166
  218. package/src/wirings/http/pikku-fetch-http-response.test.ts +0 -82
  219. package/src/wirings/http/pikku-fetch-http-response.ts +0 -147
  220. package/src/wirings/http/routers/http-router.ts +0 -13
  221. package/src/wirings/http/routers/path-to-regex.test.ts +0 -319
  222. package/src/wirings/http/routers/path-to-regex.ts +0 -126
  223. package/src/wirings/mcp/index.ts +0 -27
  224. package/src/wirings/mcp/mcp-endpoint-registry.test.ts +0 -389
  225. package/src/wirings/mcp/mcp-endpoint-registry.ts +0 -159
  226. package/src/wirings/mcp/mcp-runner.ts +0 -305
  227. package/src/wirings/mcp/mcp.types.ts +0 -216
  228. package/src/wirings/node/index.ts +0 -2
  229. package/src/wirings/node/node.types.ts +0 -23
  230. package/src/wirings/oauth2/index.ts +0 -3
  231. package/src/wirings/oauth2/oauth2-client.test.ts +0 -929
  232. package/src/wirings/oauth2/oauth2-client.ts +0 -335
  233. package/src/wirings/oauth2/oauth2.types.ts +0 -69
  234. package/src/wirings/oauth2/wire-oauth2-credential.ts +0 -23
  235. package/src/wirings/queue/index.ts +0 -31
  236. package/src/wirings/queue/queue-runner.test.ts +0 -710
  237. package/src/wirings/queue/queue-runner.ts +0 -192
  238. package/src/wirings/queue/queue.types.ts +0 -189
  239. package/src/wirings/queue/register-queue-helper.ts +0 -60
  240. package/src/wirings/queue/validate-worker-config.test.ts +0 -108
  241. package/src/wirings/queue/validate-worker-config.ts +0 -116
  242. package/src/wirings/rpc/index.ts +0 -4
  243. package/src/wirings/rpc/rpc-runner.ts +0 -439
  244. package/src/wirings/rpc/rpc-types.ts +0 -51
  245. package/src/wirings/rpc/wire-addon.ts +0 -20
  246. package/src/wirings/scheduler/index.ts +0 -11
  247. package/src/wirings/scheduler/log-schedulers.ts +0 -20
  248. package/src/wirings/scheduler/scheduler-runner.test.ts +0 -660
  249. package/src/wirings/scheduler/scheduler-runner.ts +0 -132
  250. package/src/wirings/scheduler/scheduler.types.ts +0 -53
  251. package/src/wirings/secret/index.ts +0 -9
  252. package/src/wirings/secret/secret.types.ts +0 -32
  253. package/src/wirings/secret/validate-secret-definitions.test.ts +0 -140
  254. package/src/wirings/secret/validate-secret-definitions.ts +0 -82
  255. package/src/wirings/trigger/index.ts +0 -10
  256. package/src/wirings/trigger/pikku-trigger-service.ts +0 -112
  257. package/src/wirings/trigger/trigger-runner.test.ts +0 -79
  258. package/src/wirings/trigger/trigger-runner.ts +0 -135
  259. package/src/wirings/trigger/trigger.types.ts +0 -178
  260. package/src/wirings/variable/index.ts +0 -8
  261. package/src/wirings/variable/validate-variable-definitions.test.ts +0 -91
  262. package/src/wirings/variable/validate-variable-definitions.ts +0 -69
  263. package/src/wirings/variable/variable.types.ts +0 -22
  264. package/src/wirings/workflow/dsl/index.ts +0 -31
  265. package/src/wirings/workflow/dsl/workflow-dsl.types.ts +0 -320
  266. package/src/wirings/workflow/dsl/workflow-runner.ts +0 -28
  267. package/src/wirings/workflow/graph/graph-node.ts +0 -222
  268. package/src/wirings/workflow/graph/graph-runner.test.ts +0 -487
  269. package/src/wirings/workflow/graph/graph-runner.ts +0 -816
  270. package/src/wirings/workflow/graph/index.ts +0 -14
  271. package/src/wirings/workflow/graph/template.test.ts +0 -49
  272. package/src/wirings/workflow/graph/template.ts +0 -42
  273. package/src/wirings/workflow/graph/wire-workflow-graph.ts +0 -29
  274. package/src/wirings/workflow/graph/workflow-graph.types.ts +0 -104
  275. package/src/wirings/workflow/index.ts +0 -81
  276. package/src/wirings/workflow/pikku-workflow-service.test.ts +0 -200
  277. package/src/wirings/workflow/pikku-workflow-service.ts +0 -1165
  278. package/src/wirings/workflow/workflow-helpers.test.ts +0 -129
  279. package/src/wirings/workflow/workflow-helpers.ts +0 -79
  280. package/src/wirings/workflow/workflow.types.ts +0 -266
  281. package/tsconfig.json +0 -14
  282. package/tsconfig.tsbuildinfo +0 -1
@@ -1,424 +0,0 @@
1
- import { describe, test, beforeEach } from 'node:test'
2
- import assert from 'node:assert'
3
- import { cors } from './cors.js'
4
- import { resetPikkuState } from '../pikku-state.js'
5
-
6
- beforeEach(() => {
7
- resetPikkuState()
8
- })
9
-
10
- const createMockRequest = (method = 'get', origin?: string) => ({
11
- method: () => method,
12
- header: (name: string) => {
13
- if (name === 'origin') return origin
14
- return undefined
15
- },
16
- })
17
-
18
- const createMockResponse = () => {
19
- const headers: Record<string, string> = {}
20
- let statusCode: number | undefined
21
- let jsonBody: any
22
- return {
23
- header: (name: string, value: string) => {
24
- headers[name] = value
25
- },
26
- status: (code: number) => {
27
- statusCode = code
28
- return {
29
- json: (body: any) => {
30
- jsonBody = body
31
- },
32
- }
33
- },
34
- json: (body: any) => {
35
- jsonBody = body
36
- },
37
- _headers: headers,
38
- _getStatus: () => statusCode,
39
- _getJson: () => jsonBody,
40
- }
41
- }
42
-
43
- describe('cors', () => {
44
- describe('configuration validation', () => {
45
- test('should throw when wildcard origin used with credentials', () => {
46
- assert.throws(() => cors({ origin: '*', credentials: true }), {
47
- message:
48
- 'CORS misconfiguration: wildcard origin (*) cannot be used with credentials: true',
49
- })
50
- })
51
-
52
- test('should not throw with wildcard origin and no credentials', () => {
53
- const middleware = cors({ origin: '*' })
54
- assert.ok(middleware)
55
- })
56
-
57
- test('should not throw with specific origin and credentials', () => {
58
- const middleware = cors({
59
- origin: 'https://example.com',
60
- credentials: true,
61
- })
62
- assert.ok(middleware)
63
- })
64
-
65
- test('should not throw with default options', () => {
66
- const middleware = cors()
67
- assert.ok(middleware)
68
- })
69
- })
70
-
71
- describe('wildcard origin', () => {
72
- test('should set Access-Control-Allow-Origin to * by default', async () => {
73
- const middleware = cors()
74
- const request = createMockRequest()
75
- const response = createMockResponse()
76
- let nextCalled = false
77
-
78
- await middleware(
79
- {} as any,
80
- { http: { request, response } } as any,
81
- async () => {
82
- nextCalled = true
83
- }
84
- )
85
-
86
- assert.strictEqual(response._headers['Access-Control-Allow-Origin'], '*')
87
- assert.strictEqual(nextCalled, true)
88
- })
89
- })
90
-
91
- describe('single origin', () => {
92
- test('should set Access-Control-Allow-Origin to specified origin', async () => {
93
- const middleware = cors({ origin: 'https://example.com' })
94
- const request = createMockRequest()
95
- const response = createMockResponse()
96
-
97
- await middleware(
98
- {} as any,
99
- { http: { request, response } } as any,
100
- async () => {}
101
- )
102
-
103
- assert.strictEqual(
104
- response._headers['Access-Control-Allow-Origin'],
105
- 'https://example.com'
106
- )
107
- })
108
- })
109
-
110
- describe('array of origins', () => {
111
- test('should use request origin when it matches array', async () => {
112
- const middleware = cors({ origin: ['https://a.com', 'https://b.com'] })
113
- const request = createMockRequest('get', 'https://b.com')
114
- const response = createMockResponse()
115
-
116
- await middleware(
117
- {} as any,
118
- { http: { request, response } } as any,
119
- async () => {}
120
- )
121
-
122
- assert.strictEqual(
123
- response._headers['Access-Control-Allow-Origin'],
124
- 'https://b.com'
125
- )
126
- })
127
-
128
- test('should use first origin when request origin not in array', async () => {
129
- const middleware = cors({ origin: ['https://a.com', 'https://b.com'] })
130
- const request = createMockRequest('get', 'https://unknown.com')
131
- const response = createMockResponse()
132
-
133
- await middleware(
134
- {} as any,
135
- { http: { request, response } } as any,
136
- async () => {}
137
- )
138
-
139
- assert.strictEqual(
140
- response._headers['Access-Control-Allow-Origin'],
141
- 'https://a.com'
142
- )
143
- })
144
-
145
- test('should use first origin when no request origin header', async () => {
146
- const middleware = cors({ origin: ['https://a.com', 'https://b.com'] })
147
- const request = createMockRequest('get')
148
- const response = createMockResponse()
149
-
150
- await middleware(
151
- {} as any,
152
- { http: { request, response } } as any,
153
- async () => {}
154
- )
155
-
156
- assert.strictEqual(
157
- response._headers['Access-Control-Allow-Origin'],
158
- 'https://a.com'
159
- )
160
- })
161
-
162
- test('should set Vary: Origin header when origin is array', async () => {
163
- const middleware = cors({ origin: ['https://a.com', 'https://b.com'] })
164
- const request = createMockRequest()
165
- const response = createMockResponse()
166
-
167
- await middleware(
168
- {} as any,
169
- { http: { request, response } } as any,
170
- async () => {}
171
- )
172
-
173
- assert.strictEqual(response._headers['Vary'], 'Origin')
174
- })
175
- })
176
-
177
- describe('headers', () => {
178
- test('should set default allowed methods', async () => {
179
- const middleware = cors()
180
- const request = createMockRequest()
181
- const response = createMockResponse()
182
-
183
- await middleware(
184
- {} as any,
185
- { http: { request, response } } as any,
186
- async () => {}
187
- )
188
-
189
- assert.strictEqual(
190
- response._headers['Access-Control-Allow-Methods'],
191
- 'GET, POST, PUT, PATCH, DELETE, OPTIONS'
192
- )
193
- })
194
-
195
- test('should set default allowed headers', async () => {
196
- const middleware = cors()
197
- const request = createMockRequest()
198
- const response = createMockResponse()
199
-
200
- await middleware(
201
- {} as any,
202
- { http: { request, response } } as any,
203
- async () => {}
204
- )
205
-
206
- assert.strictEqual(
207
- response._headers['Access-Control-Allow-Headers'],
208
- 'Content-Type, Authorization, x-api-key'
209
- )
210
- })
211
-
212
- test('should set custom methods', async () => {
213
- const middleware = cors({ methods: ['GET', 'POST'] })
214
- const request = createMockRequest()
215
- const response = createMockResponse()
216
-
217
- await middleware(
218
- {} as any,
219
- { http: { request, response } } as any,
220
- async () => {}
221
- )
222
-
223
- assert.strictEqual(
224
- response._headers['Access-Control-Allow-Methods'],
225
- 'GET, POST'
226
- )
227
- })
228
-
229
- test('should set custom headers', async () => {
230
- const middleware = cors({ headers: ['X-Custom'] })
231
- const request = createMockRequest()
232
- const response = createMockResponse()
233
-
234
- await middleware(
235
- {} as any,
236
- { http: { request, response } } as any,
237
- async () => {}
238
- )
239
-
240
- assert.strictEqual(
241
- response._headers['Access-Control-Allow-Headers'],
242
- 'X-Custom'
243
- )
244
- })
245
-
246
- test('should not set Vary when origin is string', async () => {
247
- const middleware = cors({ origin: 'https://example.com' })
248
- const request = createMockRequest()
249
- const response = createMockResponse()
250
-
251
- await middleware(
252
- {} as any,
253
- { http: { request, response } } as any,
254
- async () => {}
255
- )
256
-
257
- assert.strictEqual(response._headers['Vary'], undefined)
258
- })
259
- })
260
-
261
- describe('credentials', () => {
262
- test('should set Access-Control-Allow-Credentials when enabled', async () => {
263
- const middleware = cors({
264
- origin: 'https://example.com',
265
- credentials: true,
266
- })
267
- const request = createMockRequest()
268
- const response = createMockResponse()
269
-
270
- await middleware(
271
- {} as any,
272
- { http: { request, response } } as any,
273
- async () => {}
274
- )
275
-
276
- assert.strictEqual(
277
- response._headers['Access-Control-Allow-Credentials'],
278
- 'true'
279
- )
280
- })
281
-
282
- test('should not set credentials header when disabled', async () => {
283
- const middleware = cors({ credentials: false })
284
- const request = createMockRequest()
285
- const response = createMockResponse()
286
-
287
- await middleware(
288
- {} as any,
289
- { http: { request, response } } as any,
290
- async () => {}
291
- )
292
-
293
- assert.strictEqual(
294
- response._headers['Access-Control-Allow-Credentials'],
295
- undefined
296
- )
297
- })
298
- })
299
-
300
- describe('OPTIONS preflight', () => {
301
- test('should return 204 for OPTIONS requests', async () => {
302
- const middleware = cors()
303
- const request = createMockRequest('options')
304
- const response = createMockResponse()
305
- let nextCalled = false
306
-
307
- await middleware(
308
- {} as any,
309
- { http: { request, response } } as any,
310
- async () => {
311
- nextCalled = true
312
- }
313
- )
314
-
315
- assert.strictEqual(response._getStatus(), 204)
316
- assert.strictEqual(nextCalled, false)
317
- })
318
-
319
- test('should set Access-Control-Max-Age for OPTIONS', async () => {
320
- const middleware = cors({ maxAge: 3600 })
321
- const request = createMockRequest('options')
322
- const response = createMockResponse()
323
-
324
- await middleware(
325
- {} as any,
326
- { http: { request, response } } as any,
327
- async () => {}
328
- )
329
-
330
- assert.strictEqual(response._headers['Access-Control-Max-Age'], '3600')
331
- })
332
-
333
- test('should use default maxAge of 86400', async () => {
334
- const middleware = cors()
335
- const request = createMockRequest('options')
336
- const response = createMockResponse()
337
-
338
- await middleware(
339
- {} as any,
340
- { http: { request, response } } as any,
341
- async () => {}
342
- )
343
-
344
- assert.strictEqual(response._headers['Access-Control-Max-Age'], '86400')
345
- })
346
-
347
- test('should call next for non-OPTIONS requests', async () => {
348
- const middleware = cors()
349
- const request = createMockRequest('get')
350
- const response = createMockResponse()
351
- let nextCalled = false
352
-
353
- await middleware(
354
- {} as any,
355
- { http: { request, response } } as any,
356
- async () => {
357
- nextCalled = true
358
- }
359
- )
360
-
361
- assert.strictEqual(nextCalled, true)
362
- })
363
-
364
- test('should call next for POST requests', async () => {
365
- const middleware = cors()
366
- const request = createMockRequest('post')
367
- const response = createMockResponse()
368
- let nextCalled = false
369
-
370
- await middleware(
371
- {} as any,
372
- { http: { request, response } } as any,
373
- async () => {
374
- nextCalled = true
375
- }
376
- )
377
-
378
- assert.strictEqual(nextCalled, true)
379
- })
380
- })
381
-
382
- describe('missing http', () => {
383
- test('should call next when no request', async () => {
384
- const middleware = cors()
385
- let nextCalled = false
386
-
387
- await middleware(
388
- {} as any,
389
- { http: { response: createMockResponse() } } as any,
390
- async () => {
391
- nextCalled = true
392
- }
393
- )
394
-
395
- assert.strictEqual(nextCalled, true)
396
- })
397
-
398
- test('should call next when no response', async () => {
399
- const middleware = cors()
400
- let nextCalled = false
401
-
402
- await middleware(
403
- {} as any,
404
- { http: { request: createMockRequest() } } as any,
405
- async () => {
406
- nextCalled = true
407
- }
408
- )
409
-
410
- assert.strictEqual(nextCalled, true)
411
- })
412
-
413
- test('should call next when no http', async () => {
414
- const middleware = cors()
415
- let nextCalled = false
416
-
417
- await middleware({} as any, {} as any, async () => {
418
- nextCalled = true
419
- })
420
-
421
- assert.strictEqual(nextCalled, true)
422
- })
423
- })
424
- })
@@ -1,104 +0,0 @@
1
- import { pikkuMiddleware, pikkuMiddlewareFactory } from '../types/core.types.js'
2
-
3
- /**
4
- * CORS middleware that handles cross-origin requests including OPTIONS preflight.
5
- *
6
- * Sets appropriate CORS headers on all responses and short-circuits OPTIONS
7
- * preflight requests with a 204 No Content response.
8
- *
9
- * @param options.origin - Allowed origin(s). Use `'*'` for any origin, `true` to reflect the request origin, a string for a single origin, or an array for multiple origins. Defaults to `'*'`.
10
- * @param options.methods - Allowed HTTP methods. Defaults to common methods.
11
- * @param options.headers - Allowed request headers. Defaults to common headers.
12
- * @param options.credentials - Whether to allow credentials. Defaults to `false`.
13
- * @param options.maxAge - Preflight cache duration in seconds. Defaults to `86400` (24 hours).
14
- *
15
- * @example
16
- * ```typescript
17
- * import { cors } from '@pikku/core/middleware'
18
- *
19
- * // Allow all origins
20
- * addHTTPMiddleware('*', [cors()])
21
- *
22
- * // Specific origin with credentials
23
- * addHTTPMiddleware('*', [
24
- * cors({
25
- * origin: 'https://app.example.com',
26
- * credentials: true,
27
- * })
28
- * ])
29
- *
30
- * // Multiple origins
31
- * addHTTPMiddleware('*', [
32
- * cors({
33
- * origin: ['https://app.example.com', 'https://admin.example.com'],
34
- * })
35
- * ])
36
- * ```
37
- */
38
- export const cors = pikkuMiddlewareFactory<{
39
- origin?: string | string[] | true
40
- methods?: string[]
41
- headers?: string[]
42
- credentials?: boolean
43
- maxAge?: number
44
- }>(
45
- ({
46
- origin = '*',
47
- methods = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
48
- headers = ['Content-Type', 'Authorization', 'x-api-key'],
49
- credentials = false,
50
- maxAge = 86400,
51
- } = {}) => {
52
- if (origin === '*' && credentials) {
53
- throw new Error(
54
- 'CORS misconfiguration: wildcard origin (*) cannot be used with credentials: true'
55
- )
56
- }
57
- return pikkuMiddleware({
58
- name: 'CORS',
59
- description: 'Handles cross-origin requests including OPTIONS preflight',
60
- func: async (_services, wires, next) => {
61
- const request = wires.http?.request
62
- const response = wires.http?.response
63
-
64
- if (!request || !response) {
65
- return next()
66
- }
67
-
68
- const requestOrigin = request.header('origin')
69
-
70
- let allowedOrigin: string
71
- if (origin === true) {
72
- allowedOrigin = requestOrigin || '*'
73
- } else if (Array.isArray(origin)) {
74
- allowedOrigin =
75
- requestOrigin && origin.includes(requestOrigin)
76
- ? requestOrigin
77
- : origin[0]
78
- } else {
79
- allowedOrigin = origin
80
- }
81
-
82
- response.header('Access-Control-Allow-Origin', allowedOrigin)
83
- response.header('Access-Control-Allow-Methods', methods.join(', '))
84
- response.header('Access-Control-Allow-Headers', headers.join(', '))
85
-
86
- if (credentials) {
87
- response.header('Access-Control-Allow-Credentials', 'true')
88
- }
89
-
90
- if (origin === true || Array.isArray(origin)) {
91
- response.header('Vary', 'Origin')
92
- }
93
-
94
- if (request.method() === 'options') {
95
- response.header('Access-Control-Max-Age', String(maxAge))
96
- response.status(204).json(undefined as any)
97
- return
98
- }
99
-
100
- return next()
101
- },
102
- })
103
- }
104
- )
@@ -1,5 +0,0 @@
1
- export { authAPIKey } from './auth-apikey.js'
2
- export { authCookie } from './auth-cookie.js'
3
- export { authBearer } from './auth-bearer.js'
4
- export { pikkuRemoteAuthMiddleware } from './remote-auth.js'
5
- export { cors } from './cors.js'