@pikku/core 0.12.3 → 0.12.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +6 -0
- package/dist/services/in-memory-workflow-service.d.ts +15 -2
- package/dist/services/in-memory-workflow-service.js +49 -0
- package/lcov.info +18891 -0
- package/package.json +1 -1
- package/src/crypto-utils.test.ts +0 -214
- package/src/crypto-utils.ts +0 -213
- package/src/errors/error-handler.ts +0 -62
- package/src/errors/error.test.ts +0 -195
- package/src/errors/errors.ts +0 -374
- package/src/errors/index.ts +0 -2
- package/src/factory-functions.test.ts +0 -109
- package/src/function/function-runner.test.ts +0 -536
- package/src/function/function-runner.ts +0 -365
- package/src/function/functions.types.ts +0 -304
- package/src/function/index.ts +0 -5
- package/src/handle-error.test.ts +0 -424
- package/src/handle-error.ts +0 -69
- package/src/index.ts +0 -118
- package/src/internal.ts +0 -6
- package/src/middleware/auth-apikey.test.ts +0 -363
- package/src/middleware/auth-apikey.ts +0 -47
- package/src/middleware/auth-bearer.test.ts +0 -450
- package/src/middleware/auth-bearer.ts +0 -72
- package/src/middleware/auth-cookie.test.ts +0 -528
- package/src/middleware/auth-cookie.ts +0 -80
- package/src/middleware/cors.test.ts +0 -424
- package/src/middleware/cors.ts +0 -104
- package/src/middleware/index.ts +0 -5
- package/src/middleware/remote-auth.test.ts +0 -488
- package/src/middleware/remote-auth.ts +0 -68
- package/src/middleware/timeout.ts +0 -15
- package/src/middleware-runner.test.ts +0 -418
- package/src/middleware-runner.ts +0 -234
- package/src/permissions.test.ts +0 -434
- package/src/permissions.ts +0 -319
- package/src/pikku-request.ts +0 -23
- package/src/pikku-response.ts +0 -5
- package/src/pikku-state.test.ts +0 -224
- package/src/pikku-state.ts +0 -216
- package/src/run-tests-script.test.ts +0 -49
- package/src/schema.test.ts +0 -249
- package/src/schema.ts +0 -151
- package/src/services/ai-agent-runner-service.ts +0 -41
- package/src/services/ai-run-state-service.ts +0 -20
- package/src/services/ai-storage-service.ts +0 -39
- package/src/services/content-service.ts +0 -76
- package/src/services/deployment-service.ts +0 -22
- package/src/services/gateway-service.ts +0 -20
- package/src/services/gopass-secrets.ts +0 -98
- package/src/services/in-memory-ai-run-state-service.ts +0 -73
- package/src/services/in-memory-trigger-service.ts +0 -64
- package/src/services/in-memory-workflow-service.test.ts +0 -351
- package/src/services/in-memory-workflow-service.ts +0 -438
- package/src/services/index.ts +0 -56
- package/src/services/jwt-service.ts +0 -30
- package/src/services/local-content.ts +0 -120
- package/src/services/local-gateway-service.ts +0 -62
- package/src/services/local-secrets.test.ts +0 -80
- package/src/services/local-secrets.ts +0 -94
- package/src/services/local-variables.test.ts +0 -61
- package/src/services/local-variables.ts +0 -39
- package/src/services/logger-console.test.ts +0 -118
- package/src/services/logger-console.ts +0 -98
- package/src/services/logger.ts +0 -57
- package/src/services/scheduler-service.ts +0 -86
- package/src/services/schema-service.ts +0 -33
- package/src/services/scoped-secret-service.test.ts +0 -74
- package/src/services/scoped-secret-service.ts +0 -41
- package/src/services/secret-service.ts +0 -38
- package/src/services/trigger-service.ts +0 -17
- package/src/services/typed-secret-service.test.ts +0 -93
- package/src/services/typed-secret-service.ts +0 -70
- package/src/services/typed-variables-service.test.ts +0 -73
- package/src/services/typed-variables-service.ts +0 -81
- package/src/services/user-session-service.test.ts +0 -113
- package/src/services/user-session-service.ts +0 -86
- package/src/services/variables-service.ts +0 -11
- package/src/services/workflow-service.ts +0 -95
- package/src/testing/index.ts +0 -2
- package/src/testing/service-tests.ts +0 -873
- package/src/time-utils.test.ts +0 -56
- package/src/time-utils.ts +0 -107
- package/src/types/core.types.ts +0 -478
- package/src/types/state.types.ts +0 -188
- package/src/utils/hash.test.ts +0 -68
- package/src/utils/hash.ts +0 -26
- package/src/utils.test.ts +0 -350
- package/src/utils.ts +0 -129
- package/src/version.test.ts +0 -80
- package/src/version.ts +0 -25
- package/src/wirings/ai-agent/agent-dynamic-workflow.ts +0 -469
- package/src/wirings/ai-agent/ai-agent-helpers.test.ts +0 -152
- package/src/wirings/ai-agent/ai-agent-helpers.ts +0 -76
- package/src/wirings/ai-agent/ai-agent-memory.ts +0 -310
- package/src/wirings/ai-agent/ai-agent-model-config.test.ts +0 -115
- package/src/wirings/ai-agent/ai-agent-model-config.ts +0 -43
- package/src/wirings/ai-agent/ai-agent-prepare.ts +0 -636
- package/src/wirings/ai-agent/ai-agent-registry.test.ts +0 -37
- package/src/wirings/ai-agent/ai-agent-registry.ts +0 -82
- package/src/wirings/ai-agent/ai-agent-runner.test.ts +0 -319
- package/src/wirings/ai-agent/ai-agent-runner.ts +0 -773
- package/src/wirings/ai-agent/ai-agent-stream.test.ts +0 -859
- package/src/wirings/ai-agent/ai-agent-stream.ts +0 -1153
- package/src/wirings/ai-agent/ai-agent.types.ts +0 -382
- package/src/wirings/ai-agent/index.ts +0 -37
- package/src/wirings/channel/channel-common.ts +0 -90
- package/src/wirings/channel/channel-handler.ts +0 -250
- package/src/wirings/channel/channel-middleware-runner.ts +0 -120
- package/src/wirings/channel/channel-runner.ts +0 -166
- package/src/wirings/channel/channel-store.ts +0 -29
- package/src/wirings/channel/channel.types.ts +0 -172
- package/src/wirings/channel/define-channel-routes.ts +0 -25
- package/src/wirings/channel/eventhub-service.ts +0 -34
- package/src/wirings/channel/eventhub-store.ts +0 -13
- package/src/wirings/channel/index.ts +0 -24
- package/src/wirings/channel/local/index.ts +0 -3
- package/src/wirings/channel/local/local-channel-handler.ts +0 -81
- package/src/wirings/channel/local/local-channel-runner.test.ts +0 -215
- package/src/wirings/channel/local/local-channel-runner.ts +0 -210
- package/src/wirings/channel/local/local-eventhub-service.test.ts +0 -95
- package/src/wirings/channel/local/local-eventhub-service.ts +0 -101
- package/src/wirings/channel/log-channels.ts +0 -20
- package/src/wirings/channel/pikku-abstract-channel-handler.test.ts +0 -54
- package/src/wirings/channel/pikku-abstract-channel-handler.ts +0 -45
- package/src/wirings/channel/serverless/index.ts +0 -5
- package/src/wirings/channel/serverless/serverless-channel-runner.ts +0 -289
- package/src/wirings/cli/channel/cli-channel-runner.ts +0 -136
- package/src/wirings/cli/channel/index.ts +0 -1
- package/src/wirings/cli/cli-runner.test.ts +0 -403
- package/src/wirings/cli/cli-runner.ts +0 -529
- package/src/wirings/cli/cli.types.ts +0 -358
- package/src/wirings/cli/command-parser.test.ts +0 -445
- package/src/wirings/cli/command-parser.ts +0 -504
- package/src/wirings/cli/define-cli-commands.ts +0 -24
- package/src/wirings/cli/index.ts +0 -19
- package/src/wirings/gateway/gateway-runner.test.ts +0 -474
- package/src/wirings/gateway/gateway-runner.ts +0 -411
- package/src/wirings/gateway/gateway.types.ts +0 -149
- package/src/wirings/gateway/index.ts +0 -13
- package/src/wirings/http/http-routes.test.ts +0 -322
- package/src/wirings/http/http-routes.ts +0 -197
- package/src/wirings/http/http-runner.test.ts +0 -144
- package/src/wirings/http/http-runner.ts +0 -588
- package/src/wirings/http/http.types.ts +0 -369
- package/src/wirings/http/index.ts +0 -28
- package/src/wirings/http/log-http-routes.ts +0 -22
- package/src/wirings/http/pikku-fetch-http-request.test.ts +0 -237
- package/src/wirings/http/pikku-fetch-http-request.ts +0 -170
- package/src/wirings/http/pikku-fetch-http-response.test.ts +0 -82
- package/src/wirings/http/pikku-fetch-http-response.ts +0 -147
- package/src/wirings/http/routers/http-router.ts +0 -13
- package/src/wirings/http/routers/path-to-regex.test.ts +0 -319
- package/src/wirings/http/routers/path-to-regex.ts +0 -126
- package/src/wirings/http/web-request.test.ts +0 -236
- package/src/wirings/http/web-request.ts +0 -104
- package/src/wirings/mcp/index.ts +0 -27
- package/src/wirings/mcp/mcp-endpoint-registry.test.ts +0 -389
- package/src/wirings/mcp/mcp-endpoint-registry.ts +0 -159
- package/src/wirings/mcp/mcp-runner.ts +0 -323
- package/src/wirings/mcp/mcp.types.ts +0 -216
- package/src/wirings/node/index.ts +0 -2
- package/src/wirings/node/node.types.ts +0 -23
- package/src/wirings/oauth2/index.ts +0 -3
- package/src/wirings/oauth2/oauth2-client.test.ts +0 -929
- package/src/wirings/oauth2/oauth2-client.ts +0 -335
- package/src/wirings/oauth2/oauth2.types.ts +0 -69
- package/src/wirings/oauth2/wire-oauth2-credential.ts +0 -23
- package/src/wirings/queue/index.ts +0 -31
- package/src/wirings/queue/queue-runner.test.ts +0 -710
- package/src/wirings/queue/queue-runner.ts +0 -192
- package/src/wirings/queue/queue.types.ts +0 -189
- package/src/wirings/queue/register-queue-helper.ts +0 -60
- package/src/wirings/queue/validate-worker-config.test.ts +0 -108
- package/src/wirings/queue/validate-worker-config.ts +0 -116
- package/src/wirings/rpc/index.ts +0 -4
- package/src/wirings/rpc/rpc-runner.ts +0 -460
- package/src/wirings/rpc/rpc-types.ts +0 -56
- package/src/wirings/rpc/wire-addon.ts +0 -21
- package/src/wirings/scheduler/index.ts +0 -11
- package/src/wirings/scheduler/log-schedulers.ts +0 -20
- package/src/wirings/scheduler/scheduler-runner.test.ts +0 -660
- package/src/wirings/scheduler/scheduler-runner.ts +0 -133
- package/src/wirings/scheduler/scheduler.types.ts +0 -53
- package/src/wirings/secret/index.ts +0 -9
- package/src/wirings/secret/secret.types.ts +0 -32
- package/src/wirings/secret/validate-secret-definitions.test.ts +0 -140
- package/src/wirings/secret/validate-secret-definitions.ts +0 -82
- package/src/wirings/trigger/index.ts +0 -10
- package/src/wirings/trigger/pikku-trigger-service.ts +0 -112
- package/src/wirings/trigger/trigger-runner.test.ts +0 -79
- package/src/wirings/trigger/trigger-runner.ts +0 -135
- package/src/wirings/trigger/trigger.types.ts +0 -178
- package/src/wirings/variable/index.ts +0 -8
- package/src/wirings/variable/validate-variable-definitions.test.ts +0 -91
- package/src/wirings/variable/validate-variable-definitions.ts +0 -69
- package/src/wirings/variable/variable.types.ts +0 -22
- package/src/wirings/workflow/dsl/index.ts +0 -31
- package/src/wirings/workflow/dsl/workflow-dsl.types.ts +0 -320
- package/src/wirings/workflow/dsl/workflow-runner.ts +0 -28
- package/src/wirings/workflow/graph/graph-node.ts +0 -222
- package/src/wirings/workflow/graph/graph-runner.test.ts +0 -487
- package/src/wirings/workflow/graph/graph-runner.ts +0 -816
- package/src/wirings/workflow/graph/graph-validation.test.ts +0 -170
- package/src/wirings/workflow/graph/graph-validation.ts +0 -237
- package/src/wirings/workflow/graph/index.ts +0 -19
- package/src/wirings/workflow/graph/template.test.ts +0 -49
- package/src/wirings/workflow/graph/template.ts +0 -42
- package/src/wirings/workflow/graph/wire-workflow-graph.ts +0 -29
- package/src/wirings/workflow/graph/workflow-graph.types.ts +0 -104
- package/src/wirings/workflow/index.ts +0 -82
- package/src/wirings/workflow/pikku-workflow-service.test.ts +0 -200
- package/src/wirings/workflow/pikku-workflow-service.ts +0 -1176
- package/src/wirings/workflow/workflow-helpers.test.ts +0 -129
- package/src/wirings/workflow/workflow-helpers.ts +0 -79
- package/src/wirings/workflow/workflow.types.ts +0 -274
- package/tsconfig.json +0 -14
- package/tsconfig.tsbuildinfo +0 -1
|
@@ -1,363 +0,0 @@
|
|
|
1
|
-
import { describe, test, beforeEach } from 'node:test'
|
|
2
|
-
import assert from 'node:assert/strict'
|
|
3
|
-
import { authAPIKey } from './auth-apikey.js'
|
|
4
|
-
import { resetPikkuState } from '../pikku-state.js'
|
|
5
|
-
import type { CoreUserSession } from '../types/core.types.js'
|
|
6
|
-
import {
|
|
7
|
-
PikkuSessionService,
|
|
8
|
-
createMiddlewareSessionWireProps,
|
|
9
|
-
} from '../services/user-session-service.js'
|
|
10
|
-
|
|
11
|
-
beforeEach(() => {
|
|
12
|
-
resetPikkuState()
|
|
13
|
-
})
|
|
14
|
-
|
|
15
|
-
const createMockHTTPRequest = (
|
|
16
|
-
headers: Record<string, string> = {},
|
|
17
|
-
query: Record<string, string> = {}
|
|
18
|
-
) => ({
|
|
19
|
-
header: (name: string) => headers[name.toLowerCase()] || null,
|
|
20
|
-
query: () => query,
|
|
21
|
-
})
|
|
22
|
-
|
|
23
|
-
const createMockHTTPResponse = () => ({
|
|
24
|
-
cookie: () => {},
|
|
25
|
-
})
|
|
26
|
-
|
|
27
|
-
describe('authAPIKey middleware', () => {
|
|
28
|
-
test('should extract API key from x-api-key header when source is "header"', async () => {
|
|
29
|
-
const mockUserSession: CoreUserSession = { userId: 'user123' }
|
|
30
|
-
const SessionService = new PikkuSessionService<CoreUserSession>()
|
|
31
|
-
const jwtService = {
|
|
32
|
-
encode: async () => 'token',
|
|
33
|
-
decode: async (token: string) => {
|
|
34
|
-
assert.equal(token, 'my-api-key')
|
|
35
|
-
return mockUserSession
|
|
36
|
-
},
|
|
37
|
-
}
|
|
38
|
-
|
|
39
|
-
const middleware = authAPIKey({ source: 'header' })
|
|
40
|
-
let nextCalled = false
|
|
41
|
-
|
|
42
|
-
await middleware(
|
|
43
|
-
{ jwt: jwtService } as any,
|
|
44
|
-
{
|
|
45
|
-
http: {
|
|
46
|
-
request: createMockHTTPRequest({ 'x-api-key': 'my-api-key' }),
|
|
47
|
-
response: createMockHTTPResponse(),
|
|
48
|
-
},
|
|
49
|
-
...createMiddlewareSessionWireProps(SessionService),
|
|
50
|
-
} as any,
|
|
51
|
-
async () => {
|
|
52
|
-
nextCalled = true
|
|
53
|
-
}
|
|
54
|
-
)
|
|
55
|
-
|
|
56
|
-
assert.equal(nextCalled, true)
|
|
57
|
-
assert.deepEqual(SessionService.get(), mockUserSession)
|
|
58
|
-
})
|
|
59
|
-
|
|
60
|
-
test('should extract API key from query parameter when source is "query"', async () => {
|
|
61
|
-
const mockUserSession: CoreUserSession = { userId: 'user456' }
|
|
62
|
-
const SessionService = new PikkuSessionService<CoreUserSession>()
|
|
63
|
-
const jwtService = {
|
|
64
|
-
encode: async () => 'token',
|
|
65
|
-
decode: async (token: string) => {
|
|
66
|
-
assert.equal(token, 'query-api-key')
|
|
67
|
-
return mockUserSession
|
|
68
|
-
},
|
|
69
|
-
}
|
|
70
|
-
|
|
71
|
-
const middleware = authAPIKey({ source: 'query' })
|
|
72
|
-
let nextCalled = false
|
|
73
|
-
|
|
74
|
-
await middleware(
|
|
75
|
-
{ jwt: jwtService } as any,
|
|
76
|
-
{
|
|
77
|
-
http: {
|
|
78
|
-
request: createMockHTTPRequest({}, { apiKey: 'query-api-key' }),
|
|
79
|
-
response: createMockHTTPResponse(),
|
|
80
|
-
},
|
|
81
|
-
...createMiddlewareSessionWireProps(SessionService),
|
|
82
|
-
} as any,
|
|
83
|
-
async () => {
|
|
84
|
-
nextCalled = true
|
|
85
|
-
}
|
|
86
|
-
)
|
|
87
|
-
|
|
88
|
-
assert.equal(nextCalled, true)
|
|
89
|
-
assert.deepEqual(SessionService.get(), mockUserSession)
|
|
90
|
-
})
|
|
91
|
-
|
|
92
|
-
test('should prefer header over query when source is "all" and both are present', async () => {
|
|
93
|
-
const mockUserSession: CoreUserSession = { userId: 'user789' }
|
|
94
|
-
const SessionService = new PikkuSessionService<CoreUserSession>()
|
|
95
|
-
const jwtService = {
|
|
96
|
-
encode: async () => 'token',
|
|
97
|
-
decode: async (token: string) => {
|
|
98
|
-
// Should use header value, not query value
|
|
99
|
-
assert.equal(token, 'header-key')
|
|
100
|
-
return mockUserSession
|
|
101
|
-
},
|
|
102
|
-
}
|
|
103
|
-
|
|
104
|
-
const middleware = authAPIKey({ source: 'all' })
|
|
105
|
-
let nextCalled = false
|
|
106
|
-
|
|
107
|
-
await middleware(
|
|
108
|
-
{ jwt: jwtService } as any,
|
|
109
|
-
{
|
|
110
|
-
http: {
|
|
111
|
-
request: createMockHTTPRequest(
|
|
112
|
-
{ 'x-api-key': 'header-key' },
|
|
113
|
-
{ apiKey: 'query-key' }
|
|
114
|
-
),
|
|
115
|
-
response: createMockHTTPResponse(),
|
|
116
|
-
},
|
|
117
|
-
...createMiddlewareSessionWireProps(SessionService),
|
|
118
|
-
} as any,
|
|
119
|
-
async () => {
|
|
120
|
-
nextCalled = true
|
|
121
|
-
}
|
|
122
|
-
)
|
|
123
|
-
|
|
124
|
-
assert.equal(nextCalled, true)
|
|
125
|
-
assert.deepEqual(SessionService.get(), mockUserSession)
|
|
126
|
-
})
|
|
127
|
-
|
|
128
|
-
test('should fallback to query when header is missing and source is "all"', async () => {
|
|
129
|
-
const mockUserSession: CoreUserSession = { userId: 'user999' }
|
|
130
|
-
const SessionService = new PikkuSessionService<CoreUserSession>()
|
|
131
|
-
const jwtService = {
|
|
132
|
-
encode: async () => 'token',
|
|
133
|
-
decode: async (token: string) => {
|
|
134
|
-
assert.equal(token, 'query-fallback')
|
|
135
|
-
return mockUserSession
|
|
136
|
-
},
|
|
137
|
-
}
|
|
138
|
-
|
|
139
|
-
const middleware = authAPIKey({ source: 'all' })
|
|
140
|
-
let nextCalled = false
|
|
141
|
-
|
|
142
|
-
await middleware(
|
|
143
|
-
{ jwt: jwtService } as any,
|
|
144
|
-
{
|
|
145
|
-
http: {
|
|
146
|
-
request: createMockHTTPRequest({}, { apiKey: 'query-fallback' }),
|
|
147
|
-
response: createMockHTTPResponse(),
|
|
148
|
-
},
|
|
149
|
-
...createMiddlewareSessionWireProps(SessionService),
|
|
150
|
-
} as any,
|
|
151
|
-
async () => {
|
|
152
|
-
nextCalled = true
|
|
153
|
-
}
|
|
154
|
-
)
|
|
155
|
-
|
|
156
|
-
assert.equal(nextCalled, true)
|
|
157
|
-
assert.deepEqual(SessionService.get(), mockUserSession)
|
|
158
|
-
})
|
|
159
|
-
|
|
160
|
-
test('should not set session when API key is not found', async () => {
|
|
161
|
-
const SessionService = new PikkuSessionService<CoreUserSession>()
|
|
162
|
-
const jwtService = {
|
|
163
|
-
encode: async () => 'token',
|
|
164
|
-
decode: async () => null,
|
|
165
|
-
}
|
|
166
|
-
|
|
167
|
-
const middleware = authAPIKey({ source: 'header' })
|
|
168
|
-
let nextCalled = false
|
|
169
|
-
|
|
170
|
-
await middleware(
|
|
171
|
-
{ jwt: jwtService } as any,
|
|
172
|
-
{
|
|
173
|
-
http: {
|
|
174
|
-
request: createMockHTTPRequest({}),
|
|
175
|
-
response: createMockHTTPResponse(),
|
|
176
|
-
},
|
|
177
|
-
...createMiddlewareSessionWireProps(SessionService),
|
|
178
|
-
} as any,
|
|
179
|
-
async () => {
|
|
180
|
-
nextCalled = true
|
|
181
|
-
}
|
|
182
|
-
)
|
|
183
|
-
|
|
184
|
-
assert.equal(nextCalled, true)
|
|
185
|
-
assert.equal(SessionService.get(), undefined)
|
|
186
|
-
})
|
|
187
|
-
|
|
188
|
-
test('should not set session when JWT decode returns null', async () => {
|
|
189
|
-
const SessionService = new PikkuSessionService<CoreUserSession>()
|
|
190
|
-
const jwtService = {
|
|
191
|
-
encode: async () => 'token',
|
|
192
|
-
decode: async () => null,
|
|
193
|
-
}
|
|
194
|
-
|
|
195
|
-
const middleware = authAPIKey({ source: 'header' })
|
|
196
|
-
let nextCalled = false
|
|
197
|
-
|
|
198
|
-
await middleware(
|
|
199
|
-
{ jwt: jwtService } as any,
|
|
200
|
-
{
|
|
201
|
-
http: {
|
|
202
|
-
request: createMockHTTPRequest({ 'x-api-key': 'invalid-key' }),
|
|
203
|
-
response: createMockHTTPResponse(),
|
|
204
|
-
},
|
|
205
|
-
...createMiddlewareSessionWireProps(SessionService),
|
|
206
|
-
} as any,
|
|
207
|
-
async () => {
|
|
208
|
-
nextCalled = true
|
|
209
|
-
}
|
|
210
|
-
)
|
|
211
|
-
|
|
212
|
-
assert.equal(nextCalled, true)
|
|
213
|
-
assert.equal(SessionService.get(), undefined)
|
|
214
|
-
})
|
|
215
|
-
|
|
216
|
-
test('should skip middleware when session already exists', async () => {
|
|
217
|
-
const existingSession: CoreUserSession = { userId: 'existing' }
|
|
218
|
-
const SessionService = new PikkuSessionService<CoreUserSession>()
|
|
219
|
-
SessionService.setInitial(existingSession)
|
|
220
|
-
|
|
221
|
-
let decodeCalled = false
|
|
222
|
-
const jwtService = {
|
|
223
|
-
encode: async () => 'token',
|
|
224
|
-
decode: async () => {
|
|
225
|
-
decodeCalled = true
|
|
226
|
-
return { userId: 'new' }
|
|
227
|
-
},
|
|
228
|
-
}
|
|
229
|
-
|
|
230
|
-
const middleware = authAPIKey({ source: 'header' })
|
|
231
|
-
let nextCalled = false
|
|
232
|
-
|
|
233
|
-
await middleware(
|
|
234
|
-
{ jwt: jwtService } as any,
|
|
235
|
-
{
|
|
236
|
-
http: {
|
|
237
|
-
request: createMockHTTPRequest({ 'x-api-key': 'some-key' }),
|
|
238
|
-
response: createMockHTTPResponse(),
|
|
239
|
-
},
|
|
240
|
-
...createMiddlewareSessionWireProps(SessionService),
|
|
241
|
-
} as any,
|
|
242
|
-
async () => {
|
|
243
|
-
nextCalled = true
|
|
244
|
-
}
|
|
245
|
-
)
|
|
246
|
-
|
|
247
|
-
assert.equal(nextCalled, true)
|
|
248
|
-
assert.equal(decodeCalled, false)
|
|
249
|
-
assert.deepEqual(SessionService.get(), existingSession)
|
|
250
|
-
})
|
|
251
|
-
|
|
252
|
-
test('should skip middleware when http.request is not available', async () => {
|
|
253
|
-
const SessionService = new PikkuSessionService<CoreUserSession>()
|
|
254
|
-
const jwtService = {
|
|
255
|
-
encode: async () => 'token',
|
|
256
|
-
decode: async () => ({ userId: 'test' }),
|
|
257
|
-
}
|
|
258
|
-
|
|
259
|
-
const middleware = authAPIKey({ source: 'header' })
|
|
260
|
-
let nextCalled = false
|
|
261
|
-
|
|
262
|
-
await middleware(
|
|
263
|
-
{ jwt: jwtService } as any,
|
|
264
|
-
{ ...createMiddlewareSessionWireProps(SessionService) } as any,
|
|
265
|
-
async () => {
|
|
266
|
-
nextCalled = true
|
|
267
|
-
}
|
|
268
|
-
)
|
|
269
|
-
|
|
270
|
-
assert.equal(nextCalled, true)
|
|
271
|
-
assert.equal(SessionService.get(), undefined)
|
|
272
|
-
})
|
|
273
|
-
|
|
274
|
-
test('should not decode when jwtService is not available', async () => {
|
|
275
|
-
const SessionService = new PikkuSessionService<CoreUserSession>()
|
|
276
|
-
|
|
277
|
-
const middleware = authAPIKey({ source: 'header' })
|
|
278
|
-
let nextCalled = false
|
|
279
|
-
|
|
280
|
-
await middleware(
|
|
281
|
-
{ jwt: undefined } as any,
|
|
282
|
-
{
|
|
283
|
-
http: {
|
|
284
|
-
request: createMockHTTPRequest({ 'x-api-key': 'some-key' }),
|
|
285
|
-
response: createMockHTTPResponse(),
|
|
286
|
-
},
|
|
287
|
-
...createMiddlewareSessionWireProps(SessionService),
|
|
288
|
-
} as any,
|
|
289
|
-
async () => {
|
|
290
|
-
nextCalled = true
|
|
291
|
-
}
|
|
292
|
-
)
|
|
293
|
-
|
|
294
|
-
assert.equal(nextCalled, true)
|
|
295
|
-
assert.equal(SessionService.get(), undefined)
|
|
296
|
-
})
|
|
297
|
-
|
|
298
|
-
test('should not look in query when source is "header" even if header is missing', async () => {
|
|
299
|
-
const SessionService = new PikkuSessionService<CoreUserSession>()
|
|
300
|
-
let decodeCalled = false
|
|
301
|
-
const jwtService = {
|
|
302
|
-
encode: async () => 'token',
|
|
303
|
-
decode: async () => {
|
|
304
|
-
decodeCalled = true
|
|
305
|
-
return { userId: 'test' }
|
|
306
|
-
},
|
|
307
|
-
}
|
|
308
|
-
|
|
309
|
-
const middleware = authAPIKey({ source: 'header' })
|
|
310
|
-
let nextCalled = false
|
|
311
|
-
|
|
312
|
-
await middleware(
|
|
313
|
-
{ jwt: jwtService } as any,
|
|
314
|
-
{
|
|
315
|
-
http: {
|
|
316
|
-
request: createMockHTTPRequest({}, { apiKey: 'query-key' }),
|
|
317
|
-
response: createMockHTTPResponse(),
|
|
318
|
-
},
|
|
319
|
-
...createMiddlewareSessionWireProps(SessionService),
|
|
320
|
-
} as any,
|
|
321
|
-
async () => {
|
|
322
|
-
nextCalled = true
|
|
323
|
-
}
|
|
324
|
-
)
|
|
325
|
-
|
|
326
|
-
assert.equal(nextCalled, true)
|
|
327
|
-
assert.equal(decodeCalled, false)
|
|
328
|
-
assert.equal(SessionService.get(), undefined)
|
|
329
|
-
})
|
|
330
|
-
|
|
331
|
-
test('should not look in header when source is "query" even if query is missing', async () => {
|
|
332
|
-
const SessionService = new PikkuSessionService<CoreUserSession>()
|
|
333
|
-
let decodeCalled = false
|
|
334
|
-
const jwtService = {
|
|
335
|
-
encode: async () => 'token',
|
|
336
|
-
decode: async () => {
|
|
337
|
-
decodeCalled = true
|
|
338
|
-
return { userId: 'test' }
|
|
339
|
-
},
|
|
340
|
-
}
|
|
341
|
-
|
|
342
|
-
const middleware = authAPIKey({ source: 'query' })
|
|
343
|
-
let nextCalled = false
|
|
344
|
-
|
|
345
|
-
await middleware(
|
|
346
|
-
{ jwt: jwtService } as any,
|
|
347
|
-
{
|
|
348
|
-
http: {
|
|
349
|
-
request: createMockHTTPRequest({ 'x-api-key': 'header-key' }),
|
|
350
|
-
response: createMockHTTPResponse(),
|
|
351
|
-
},
|
|
352
|
-
...createMiddlewareSessionWireProps(SessionService),
|
|
353
|
-
} as any,
|
|
354
|
-
async () => {
|
|
355
|
-
nextCalled = true
|
|
356
|
-
}
|
|
357
|
-
)
|
|
358
|
-
|
|
359
|
-
assert.equal(nextCalled, true)
|
|
360
|
-
assert.equal(decodeCalled, false)
|
|
361
|
-
assert.equal(SessionService.get(), undefined)
|
|
362
|
-
})
|
|
363
|
-
})
|
|
@@ -1,47 +0,0 @@
|
|
|
1
|
-
import { pikkuMiddleware, pikkuMiddlewareFactory } from '../types/core.types.js'
|
|
2
|
-
|
|
3
|
-
/**
|
|
4
|
-
* API key middleware that retrieves a session from the 'x-api-key' header using JWT decoding.
|
|
5
|
-
*
|
|
6
|
-
* Extracts API key from either the 'x-api-key' header or 'apiKey' query parameter
|
|
7
|
-
* and decodes it using the JWT service.
|
|
8
|
-
*
|
|
9
|
-
* @param options.source - Where to look for the API key: 'header', 'query', or 'all'
|
|
10
|
-
*
|
|
11
|
-
* @example
|
|
12
|
-
* ```typescript
|
|
13
|
-
* import { authAPIKey } from '@pikku/core/middleware'
|
|
14
|
-
*
|
|
15
|
-
* addHTTPMiddleware([
|
|
16
|
-
* authAPIKey({ source: 'header' })
|
|
17
|
-
* ])
|
|
18
|
-
* ```
|
|
19
|
-
*/
|
|
20
|
-
export const authAPIKey = pikkuMiddlewareFactory<{
|
|
21
|
-
source: 'header' | 'query' | 'all'
|
|
22
|
-
}>(({ source }) =>
|
|
23
|
-
pikkuMiddleware(
|
|
24
|
-
async ({ jwt: jwtService }, { http, setSession, session }, next) => {
|
|
25
|
-
if (!http?.request || !setSession || session) {
|
|
26
|
-
return next()
|
|
27
|
-
}
|
|
28
|
-
|
|
29
|
-
let apiKey: string | null = null
|
|
30
|
-
if (source === 'header' || source === 'all') {
|
|
31
|
-
apiKey = http.request.header('x-api-key') as string | null
|
|
32
|
-
}
|
|
33
|
-
if (!apiKey && (source === 'query' || source === 'all')) {
|
|
34
|
-
apiKey = http.request.query().apiKey as string | null
|
|
35
|
-
}
|
|
36
|
-
|
|
37
|
-
if (apiKey && jwtService) {
|
|
38
|
-
const userSession = await jwtService.decode(apiKey)
|
|
39
|
-
if (userSession) {
|
|
40
|
-
setSession?.(userSession)
|
|
41
|
-
}
|
|
42
|
-
}
|
|
43
|
-
|
|
44
|
-
return next()
|
|
45
|
-
}
|
|
46
|
-
)
|
|
47
|
-
)
|