@powersync/service-module-postgres 0.12.2 → 0.13.0

package/CHANGELOG.md

@@ -1,5 +1,40 @@
 # @powersync/service-module-postgres
 
+## 0.13.0
+
+### Minor Changes
+
+- 9dc4e01: Improve authentication error messages and logs
+
+### Patch Changes
+
+- 94f657d: Add additional log metadata to sync requests.
+- Updated dependencies [ca0a566]
+- Updated dependencies [9dc4e01]
+- Updated dependencies [94f657d]
+- Updated dependencies [05c24d2]
+- Updated dependencies [d154682]
+- Updated dependencies [c672380]
+- Updated dependencies [ca0a566]
+- Updated dependencies [ca0a566]
+- Updated dependencies [d869876]
+  - @powersync/service-core@1.12.0
+  - @powersync/lib-services-framework@0.6.0
+  - @powersync/service-sync-rules@0.26.1
+  - @powersync/lib-service-postgres@0.4.3
+  - @powersync/service-types@0.11.0
+
+## 0.12.3
+
+### Patch Changes
+
+- Updated dependencies [08f6ae8]
+- Updated dependencies [23ec406]
+- Updated dependencies [64e51d1]
+  - @powersync/service-core@1.11.3
+  - @powersync/lib-services-framework@0.5.4
+  - @powersync/lib-service-postgres@0.4.2
+
 ## 0.12.2
 
 ### Patch Changes

package/dist/auth/SupabaseKeyCollector.d.ts

@@ -1,5 +1,4 @@
-import { auth } from '@powersync/service-core';
-import * as jose from 'jose';
+import { auth, KeyResult } from '@powersync/service-core';
 import * as types from '../types/types.js';
 /**
  * Fetches key from the Supabase database.
@@ -7,18 +6,12 @@ import * as types from '../types/types.js';
  * Unfortunately, despite the JWTs containing a kid, we have no way to lookup that kid
  * before receiving a valid token.
  *
- * @deprecated Supabase is removing support for "app.settings.jwt_secret".
+ * @deprecated Supabase is removing support for "app.settings.jwt_secret". This is likely to not function anymore, except in some self-hosted setups.
  */
 export declare class SupabaseKeyCollector implements auth.KeyCollector {
     private pool;
     private keyOptions;
     constructor(connectionConfig: types.ResolvedConnectionConfig);
     shutdown(): Promise<void>;
-    getKeys(): Promise<{
-        keys: never[];
-        errors: jose.errors.JWKSNoMatchingKey[];
-    } | {
-        keys: auth.KeySpec[];
-        errors: never[];
-    }>;
+    getKeys(): Promise<KeyResult>;
 }

package/dist/auth/SupabaseKeyCollector.js

@@ -1,14 +1,14 @@
 import * as lib_postgres from '@powersync/lib-service-postgres';
 import { auth } from '@powersync/service-core';
 import * as pgwire from '@powersync/service-jpgwire';
-import * as jose from 'jose';
+import { AuthorizationError, ErrorCode } from '@powersync/lib-services-framework';
 /**
  * Fetches key from the Supabase database.
  *
  * Unfortunately, despite the JWTs containing a kid, we have no way to lookup that kid
  * before receiving a valid token.
  *
- * @deprecated Supabase is removing support for "app.settings.jwt_secret".
+ * @deprecated Supabase is removing support for "app.settings.jwt_secret". This is likely to not function anymore, except in some self-hosted setups.
  */
 export class SupabaseKeyCollector {
     pool;
@@ -36,7 +36,7 @@ export class SupabaseKeyCollector {
         }
         catch (e) {
             if (e.message?.includes('unrecognized configuration parameter')) {
-                throw new jose.errors.JOSEError(`Generate a new JWT secret on Supabase. Cause: ${e.message}`);
+                throw new AuthorizationError(ErrorCode.PSYNC_S2201, 'No JWT secret found in Supabase database. Manually configure the secret.');
             }
             else {
                 throw e;
@@ -46,7 +46,9 @@ export class SupabaseKeyCollector {
         if (secret == null) {
             return {
                 keys: [],
-                errors: [new jose.errors.JWKSNoMatchingKey()]
+                errors: [
+                    new AuthorizationError(ErrorCode.PSYNC_S2201, 'No JWT secret found in Supabase database. Manually configure the secret.')
+                ]
             };
         }
         else {

package/dist/auth/SupabaseKeyCollector.js.map

@@ -1 +1 @@
-{"version":3,"file":"SupabaseKeyCollector.js","sourceRoot":"","sources":["../../src/auth/SupabaseKeyCollector.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,YAAY,MAAM,iCAAiC,CAAC;AAChE,OAAO,EAAE,IAAI,EAAE,MAAM,yBAAyB,CAAC;AAC/C,OAAO,KAAK,MAAM,MAAM,4BAA4B,CAAC;AACrD,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAI7B;;;;;;;GAOG;AACH,MAAM,OAAO,oBAAoB;IACvB,IAAI,CAAkB;IAEtB,UAAU,GAAoB;QACpC,gBAAgB,EAAE,CAAC,eAAe,CAAC;QACnC,kBAAkB,EAAE,KAAK,GAAG,CAAC,GAAG,IAAI,CAAC,6BAA6B;KACnE,CAAC;IAEF,YAAY,gBAAgD;QAC1D,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,iBAAiB,CAAC,gBAAgB,EAAE;YACrD,kEAAkE;YAClE,iEAAiE;YACjE,kBAAkB;YAClB,WAAW,EAAE,KAAK;YAClB,OAAO,EAAE,CAAC;SACX,CAAC,CAAC;IACL,CAAC;IAED,QAAQ;QACN,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,OAAO;QACX,IAAI,GAA2B,CAAC;QAChC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAC5B,MAAM,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,iEAAiE,CAAC,CAC9G,CAAC;YACF,GAAG,GAAG,IAAI,CAAC,CAAC,CAAQ,CAAC;QACvB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,sCAAsC,CAAC,EAAE,CAAC;gBAChE,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,iDAAiD,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;YAChG,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,CAAC;YACV,CAAC;QACH,CAAC;QACD,MAAM,MAAM,GAAG,GAAG,EAAE,UAAgC,CAAC;QACrD,IAAI,MAAM,IAAI,IAAI,EAAE,CAAC;YACnB,OAAO;gBACL,IAAI,EAAE,EAAE;gBACR,MAAM,EAAE,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;aAC9C,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,GAAa;gBACpB,GAAG,EAAE,KAAK;gBACV,GAAG,EAAE,OAAO;gBACZ,iFAAiF;gBACjF,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;aACrD,CAAC;YACF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;YACpE,OAAO;gBACL,IAAI,EAAE,CAAC,QAAQ,CAAC;gBAChB,MAAM,EAAE,EAAE;aACX,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}
+{"version":3,"file":"SupabaseKeyCollector.js","sourceRoot":"","sources":["../../src/auth/SupabaseKeyCollector.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,YAAY,MAAM,iCAAiC,CAAC;AAChE,OAAO,EAAE,IAAI,EAAa,MAAM,yBAAyB,CAAC;AAC1D,OAAO,KAAK,MAAM,MAAM,4BAA4B,CAAC;AAIrD,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,MAAM,mCAAmC,CAAC;AAElF;;;;;;;GAOG;AACH,MAAM,OAAO,oBAAoB;IACvB,IAAI,CAAkB;IAEtB,UAAU,GAAoB;QACpC,gBAAgB,EAAE,CAAC,eAAe,CAAC;QACnC,kBAAkB,EAAE,KAAK,GAAG,CAAC,GAAG,IAAI,CAAC,6BAA6B;KACnE,CAAC;IAEF,YAAY,gBAAgD;QAC1D,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,iBAAiB,CAAC,gBAAgB,EAAE;YACrD,kEAAkE;YAClE,iEAAiE;YACjE,kBAAkB;YAClB,WAAW,EAAE,KAAK;YAClB,OAAO,EAAE,CAAC;SACX,CAAC,CAAC;IACL,CAAC;IAED,QAAQ;QACN,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,OAAO;QACX,IAAI,GAA2B,CAAC;QAChC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAC5B,MAAM,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,iEAAiE,CAAC,CAC9G,CAAC;YACF,GAAG,GAAG,IAAI,CAAC,CAAC,CAAQ,CAAC;QACvB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,sCAAsC,CAAC,EAAE,CAAC;gBAChE,MAAM,IAAI,kBAAkB,CAC1B,SAAS,CAAC,WAAW,EACrB,0EAA0E,CAC3E,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,CAAC;YACV,CAAC;QACH,CAAC;QACD,MAAM,MAAM,GAAG,GAAG,EAAE,UAAgC,CAAC;QACrD,IAAI,MAAM,IAAI,IAAI,EAAE,CAAC;YACnB,OAAO;gBACL,IAAI,EAAE,EAAE;gBACR,MAAM,EAAE;oBACN,IAAI,kBAAkB,CACpB,SAAS,CAAC,WAAW,EACrB,0EAA0E,CAC3E;iBACF;aACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,GAAa;gBACpB,GAAG,EAAE,KAAK;gBACV,GAAG,EAAE,OAAO;gBACZ,iFAAiF;gBACjF,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;aACrD,CAAC;YACF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;YACpE,OAAO;gBACL,IAAI,EAAE,CAAC,QAAQ,CAAC;gBAChB,MAAM,EAAE,EAAE;aACX,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}

package/package.json

@@ -5,7 +5,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "0.12.2",
+  "version": "0.13.0",
   "main": "dist/index.js",
   "license": "FSL-1.1-Apache-2.0",
   "type": "module",
@@ -27,21 +27,20 @@
     "semver": "^7.5.4",
     "ts-codec": "^1.3.0",
     "uri-js": "^4.4.1",
-    "uuid": "^9.0.1",
-    "@powersync/lib-service-postgres": "0.4.1",
-    "@powersync/lib-services-framework": "0.5.3",
-    "@powersync/service-core": "1.11.2",
+    "uuid": "^11.1.0",
+    "@powersync/lib-service-postgres": "0.4.3",
+    "@powersync/lib-services-framework": "0.6.0",
+    "@powersync/service-core": "1.12.0",
     "@powersync/service-jpgwire": "0.19.0",
     "@powersync/service-jsonbig": "0.17.10",
-    "@powersync/service-sync-rules": "0.26.0",
-    "@powersync/service-types": "0.10.0"
+    "@powersync/service-sync-rules": "0.26.1",
+    "@powersync/service-types": "0.11.0"
   },
   "devDependencies": {
     "@types/semver": "^7.5.4",
-    "@types/uuid": "^9.0.4",
-    "@powersync/service-core-tests": "0.9.2",
-    "@powersync/service-module-mongodb-storage": "0.9.2",
-    "@powersync/service-module-postgres-storage": "0.7.2"
+    "@powersync/service-core-tests": "0.9.4",
+    "@powersync/service-module-mongodb-storage": "0.9.4",
+    "@powersync/service-module-postgres-storage": "0.7.4"
   },
   "scripts": {
     "build": "tsc -b",

package/src/auth/SupabaseKeyCollector.ts

@@ -1,9 +1,10 @@
 import * as lib_postgres from '@powersync/lib-service-postgres';
-import { auth } from '@powersync/service-core';
+import { auth, KeyResult } from '@powersync/service-core';
 import * as pgwire from '@powersync/service-jpgwire';
 import * as jose from 'jose';
 
 import * as types from '../types/types.js';
+import { AuthorizationError, ErrorCode } from '@powersync/lib-services-framework';
 
 /**
  * Fetches key from the Supabase database.
@@ -11,7 +12,7 @@ import * as types from '../types/types.js';
  * Unfortunately, despite the JWTs containing a kid, we have no way to lookup that kid
  * before receiving a valid token.
  *
- * @deprecated Supabase is removing support for "app.settings.jwt_secret".
+ * @deprecated Supabase is removing support for "app.settings.jwt_secret". This is likely to not function anymore, except in some self-hosted setups.
  */
 export class SupabaseKeyCollector implements auth.KeyCollector {
   private pool: pgwire.PgClient;
@@ -35,7 +36,7 @@ export class SupabaseKeyCollector implements auth.KeyCollector {
     return this.pool.end();
   }
 
-  async getKeys() {
+  async getKeys(): Promise<KeyResult> {
     let row: { jwt_secret: string };
     try {
       const rows = pgwire.pgwireRows(
@@ -44,7 +45,10 @@ export class SupabaseKeyCollector implements auth.KeyCollector {
       row = rows[0] as any;
     } catch (e) {
       if (e.message?.includes('unrecognized configuration parameter')) {
-        throw new jose.errors.JOSEError(`Generate a new JWT secret on Supabase. Cause: ${e.message}`);
+        throw new AuthorizationError(
+          ErrorCode.PSYNC_S2201,
+          'No JWT secret found in Supabase database. Manually configure the secret.'
+        );
       } else {
         throw e;
       }
@@ -53,7 +57,12 @@ export class SupabaseKeyCollector implements auth.KeyCollector {
     if (secret == null) {
       return {
         keys: [],
-        errors: [new jose.errors.JWKSNoMatchingKey()]
+        errors: [
+          new AuthorizationError(
+            ErrorCode.PSYNC_S2201,
+            'No JWT secret found in Supabase database. Manually configure the secret.'
+          )
+        ]
       };
     } else {
       const key: jose.JWK = {

package/test/src/wal_stream_utils.ts

@@ -161,11 +161,11 @@ export class WalStreamTestContext implements AsyncDisposable {
       const batch = this.storage!.getBucketDataBatch(checkpoint, map);
 
       const batches = await test_utils.fromAsync(batch);
-      data = data.concat(batches[0]?.batch.data ?? []);
-      if (batches.length == 0 || !batches[0]!.batch.has_more) {
+      data = data.concat(batches[0]?.chunkData.data ?? []);
+      if (batches.length == 0 || !batches[0]!.chunkData.has_more) {
         break;
       }
-      map.set(bucket, BigInt(batches[0]!.batch.next_after));
+      map.set(bucket, BigInt(batches[0]!.chunkData.next_after));
     }
     return data;
   }
@@ -182,6 +182,6 @@ export class WalStreamTestContext implements AsyncDisposable {
     const map = new Map<string, InternalOpId>([[bucket, start]]);
     const batch = this.storage!.getBucketDataBatch(checkpoint, map);
     const batches = await test_utils.fromAsync(batch);
-    return batches[0]?.batch.data ?? [];
+    return batches[0]?.chunkData.data ?? [];
   }
 }