@push.rocks/smartproxy 20.0.0 → 21.0.0

package/changelog.md

@@ -0,0 +1,159 @@
+# Changelog
+
+## 2025-07-22 - 21.0.0 - BREAKING_CHANGE(forwarding)
+Remove legacy forwarding module
+
+- Removed the `forwarding` namespace export from main index
+- Removed TForwardingType and all forwarding handlers
+- Consolidated route helper functions into route-helpers.ts
+- All functionality is now available through the route-based system
+- MIGRATION: Replace `import { forwarding } from '@push.rocks/smartproxy'` with direct imports of route helpers
+
+## 2025-07-21 - 20.0.2 - fix(docs)
+Update documentation to improve clarity
+
+- Enhanced readme with clearer breaking change warning for v20.0.0
+- Fixed example email address from ssl@bleu.de to ssl@example.com
+- Added load balancing and failover features to feature list
+- Improved documentation structure and examples
+
+## 2025-07-20 - 20.0.1 - BREAKING_CHANGE(routing)
+Refactor route configuration to support multiple targets
+
+- Changed route action configuration from single `target` to `targets` array
+- Enables load balancing and failover capabilities with multiple upstream targets
+- Updated all test files to use new `targets` array syntax
+- Automatic certificate metadata refresh
+
+## 2025-06-01 - 19.5.19 - fix(smartproxy)
+Fix connection handling and improve route matching edge cases
+
+- Enhanced cleanup logic to prevent connection accumulation under rapid retry scenarios
+- Improved matching for wildcard domains and path parameters in the route configuration
+- Minor refactoring in async utilities and internal socket handling for better performance
+- Updated test suites and documentation for clearer configuration examples
+
+## 2025-05-29 - 19.5.3 - fix(smartproxy)
+Fix route security configuration location and improve ACME timing tests and socket mock implementations
+
+- Move route security from action.security to the top-level route.security to correctly enforce IP allow/block lists (addresses failing in test.route-security.ts)
+- Update readme.problems.md to document the routing security configuration issue with proper instructions
+- Adjust certificate metadata in certs/static-route/meta.json with updated timestamps
+- Update test.acme-timing.ts to export default tap.start() instead of tap.start() to ensure proper parsing
+- Improve socket simulation and event handling mocks in test.http-fix-verification.ts and test.http-forwarding-fix.ts to more reliably mimic net.Socket behavior
+- Minor adjustments in multiple test files to ensure proper port binding, race condition handling and route lookups (e.g. getRoutesForPort implementation)
+
+## 2025-05-29 - 19.5.2 - fix(test)
+Fix ACME challenge route creation and HTTP request parsing in tests
+
+- Replaced the legacy ACME email 'test@example.com' with 'test@acmetest.local' to avoid forbidden domain issues.
+- Mocked the CertificateManager in test/test.acme-route-creation to simulate immediate ACME challenge route addition.
+- Adjusted updateRoutes callback to capture and verify challenge route creation.
+- Enhanced the HTTP request parsing in socket handler by capturing and asserting parsed request details (method, path, headers).
+
+## 2025-05-29 - 19.5.1 - fix(socket-handler)
+Fix socket handler race condition by differentiating between async and sync handlers. Now, async socket handlers complete their setup before initial data is emitted, ensuring that no data is lost. Documentation and tests have been updated to reflect this change.
+
+- Added detailed explanation in readme.hints.md about the race condition issue, root cause, and solution implementation.
+- Provided a code snippet that checks if the socket handler returns a Promise and waits for its resolution before emitting initial data.
+- Updated tests (test.socket-handler-race.ts, test.socket-handler.simple.ts, test.socket-handler.ts) to verify correct behavior of async handlers.
+
+## 2025-05-28 - 19.5.0 - feat(socket-handler)
+Add socket-handler support for custom socket handling in SmartProxy
+
+- Introduce new action type 'socket-handler' in IRouteAction to allow users to provide a custom socket handler function.
+- Update the RouteConnectionHandler to detect 'socket-handler' actions and invoke the handler with the raw socket, giving full control to the user.
+- Provide optional context (such as route configuration, client IP, and port) to the socket handler if needed.
+- Add helper functions in route-helpers for creating socket handler routes and common patterns like echo, proxy, and line-based protocols.
+- Include a detailed implementation plan and usage examples in readme.plan.md.
+
+## 2025-05-28 - 19.4.3 - fix(smartproxy)
+Improve port binding intelligence and ACME challenge route management; update route configuration tests and dependency versions.
+
+- Bumped dev dependency versions in package.json (tsbuild from ^2.5.1 to ^2.6.4, tstest from ^1.9.0 to ^2.3.1, @types/node updated, smartfile from ^11.2.0 to ^11.2.5, smartlog from ^3.1.7 to ^3.1.8)
+- Removed readme.plan.md containing legacy development plan information
+- Normalized route configuration properties across tests (using 'ports' and 'domains' instead of legacy 'port' or 'domain')
+- Enhanced PortManager with reference counting and smarter port conflict detection to avoid redundant bindings
+- Refined ACME challenge route integration to merge with existing port bindings and improve error handling
+- Adjusted test expectations (e.g. using toEqual instead of toBe, and improved timeout handling) to align with current API changes
+
+## 2025-05-20 - 19.4.2 - fix(dependencies)
+Update dependency versions: upgrade @types/node to ^22.15.20 and @push.rocks/smartlog to ^3.1.7 in package.json
+
+- Bump @types/node from ^22.15.19 to ^22.15.20
+- Bump @push.rocks/smartlog from ^3.1.3 to ^3.1.7
+
+## 2025-05-20 - 19.4.1 - fix(smartproxy)
+Bump @push.rocks/smartlog to ^3.1.3 and improve ACME port binding behavior in SmartProxy
+
+- Updated package.json to use @push.rocks/smartlog version ^3.1.3
+- Enhanced tests (test.http-port8080-simple.ts) to verify improved port binding intelligence for ACME challenge routes
+- Ensured that existing port listeners are reused and not re-bound when updating routes
+
+## 2025-05-20 - 19.4.0 - feat(certificate-manager, smart-proxy)
+Improve port binding intelligence for ACME challenges
+
+- Reordered SmartProxy initialization flow to bind ports before initializing the certificate manager
+- Enhanced port binding logic to better handle ACME challenge routes
+- Improved error detection and reporting for port binding conflicts
+- Added better diagnostics for ACME challenge port issues
+- Made route updates more intelligent with detailed port tracking
+- Fixed race condition where ACME routes were added before port 80 was bound
+- Added special handling for ACME port conflicts with improved error messages
+
+## 2025-05-20 - 19.3.14 - fix(certificate-manager, smart-proxy)
+Add error handling around logger calls in route update callback
+
+- Added try/catch blocks around logger calls in certificate-manager.ts
+- Added try/catch blocks around logger calls in smart-proxy.ts related to route updates
+- Provided fallback to console.log when logger fails
+- Ensured core route update functionality continues to work even if logging fails
+
+## 2025-05-20 - 19.3.13 - fix(port-manager, certificate-manager)
+Improve port binding and ACME challenge route integration in SmartProxy
+
+- Added reference counting in PortManager so that routes sharing the same port reuse the existing binding.
+- Enhanced error handling to distinguish internal port conflicts from external ones, with more descriptive messages.
+- Adjusted ACME challenge route addition to merge with existing port bindings when port is already in use.
+- Refactored updateRoutes to release orphaned ports and bind only new required ports, minimizing rebinding operations.
+- Improved certificate-manager logic to provide clearer error notifications when ACME port conflicts occur.
+
+## 2025-05-19 - 19.3.12 - fix(tests)
+Update test mocks to include provisionAllCertificates methods in certificate manager stubs and related objects.
+
+- Added async provisionAllCertificates functions to several test mocks (e.g. in test.port80-management.node.ts, test.route-callback-simple.ts, test.route-update-callback.node.ts, and test.simple-acme-mock.ts) to simulate ACME certificate provisioning.
+- Enhanced logging and port-add history debugging for ACME challenge port addition.
+
+## 2025-05-19 - 19.3.11 - fix(logger)
+Replace raw console logging calls with structured logger usage across certificate management, connection handling, and route processing for improved observability.
+
+- Replaced console.log, console.warn, and console.error in SmartCertManager with logger.log for more consistent logging.
+- Updated ConnectionManager and RouteConnectionHandler to log detailed connection events using a structured logger.
+- Enhanced logging statements with contextual metadata such as connection IDs, remote IPs, target information, and component identifiers.
+- Standardized log output across proxy modules to aid in debugging and monitoring.
+
+## 2025-05-19 - 19.3.10 - fix(certificate-manager, smart-proxy)
+Fix race condition in ACME certificate provisioning and refactor certificate manager initialization to defer provisioning until after port listeners are active
+
+- Removed superfluous provisionCertificatesAfterPortsReady method
+- Made provisionAllCertificates public so that SmartProxy.start() calls it after ports are listening
+- Updated SmartProxy.start() to wait for port setup (via PortManager) before triggering certificate provisioning
+- Improved ACME HTTP-01 challenge timing so that port 80 (or configured ACME port) is guaranteed to be ready
+- Updated documentation (changelog and Acme timing docs) and tests to reflect the change
+
+## 2025-05-19 - 19.3.10 - refactor(certificate-manager, smart-proxy)
+Simplify certificate provisioning code by removing unnecessary wrapper method
+
+- Removed superfluous SmartCertManager.provisionCertificatesAfterPortsReady() method
+- Made SmartCertManager.provisionAllCertificates() public instead
+- Updated SmartProxy.start() to call provisionAllCertificates() directly
+- Updated documentation and tests to reflect the change
+- No functional changes, just code simplification
+
+## 2025-05-19 - 19.3.9 - fix(certificate-manager, smart-proxy)
+Fix ACME certificate provisioning timing to ensure ports are listening first
+
+- Fixed race condition where certificate provisioning would start before ports were listening
+- Modified SmartCertManager.initialize() to defer certificate provisioning
+- Added SmartCertManager.provisionCertificatesAfterPortsReady() for delayed provisioning
+- Updated SmartProxy.start() to call certificate provisioning after ports are ready

package/dist_ts/index.d.ts

@@ -14,6 +14,5 @@ export * from './proxies/smart-proxy/utils/index.js';
 export { SniHandler } from './tls/sni/sni-handler.js';
 export * from './core/models/common-types.js';
 export type { IAcmeOptions } from './proxies/smart-proxy/models/interfaces.js';
-export * as forwarding from './forwarding/index.js';
 export * as tls from './tls/index.js';
 export * as routing from './routing/index.js';

package/dist_ts/index.js

@@ -18,8 +18,7 @@ export { SniHandler } from './tls/sni/sni-handler.js';
 // Core types and utilities
 export * from './core/models/common-types.js';
 // Modular exports for new architecture
-export * as forwarding from './forwarding/index.js';
 // Certificate module has been removed - use SmartCertManager instead
 export * as tls from './tls/index.js';
 export * as routing from './routing/index.js';
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7R0FFRztBQUVILHlCQUF5QjtBQUN6QixjQUFjLG1DQUFtQyxDQUFDO0FBRWxELDRCQUE0QjtBQUM1QixPQUFPLEVBQUUsU0FBUyxFQUFFLGtCQUFrQixFQUFFLGNBQWMsRUFBRSxjQUFjLEVBQUUsZ0JBQWdCLEVBQUUsTUFBTSwrQkFBK0IsQ0FBQztBQUdoSSxPQUFPLEVBQUUsa0JBQWtCLElBQUkscUJBQXFCLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUU5Rix5RUFBeUU7QUFDekUsT0FBTyxFQUFFLFVBQVUsRUFBRSxpQkFBaUIsRUFBRSxlQUFlLEVBQUUsY0FBYyxFQUFFLFVBQVUsRUFBRSxlQUFlLEVBQUUsc0JBQXNCLEVBQUUsZ0JBQWdCLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUN2TCxPQUFPLEVBQUUsa0JBQWtCLElBQUksWUFBWSxFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFJckYsY0FBYyxzQ0FBc0MsQ0FBQztBQUVyRCxrRUFBa0U7QUFDbEUsb0NBQW9DO0FBQ3BDLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSwwQkFBMEIsQ0FBQztBQUN0RCxrRUFBa0U7QUFDbEUscUVBQXFFO0FBRXJFLDJCQUEyQjtBQUMzQixjQUFjLCtCQUErQixDQUFDO0FBSzlDLHVDQUF1QztBQUN2QyxPQUFPLEtBQUssVUFBVSxNQUFNLHVCQUF1QixDQUFDO0FBQ3BELHFFQUFxRTtBQUNyRSxPQUFPLEtBQUssR0FBRyxNQUFNLGdCQUFnQixDQUFDO0FBQ3RDLE9BQU8sS0FBSyxPQUFPLE1BQU0sb0JBQW9CLENBQUMifQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7R0FFRztBQUVILHlCQUF5QjtBQUN6QixjQUFjLG1DQUFtQyxDQUFDO0FBRWxELDRCQUE0QjtBQUM1QixPQUFPLEVBQUUsU0FBUyxFQUFFLGtCQUFrQixFQUFFLGNBQWMsRUFBRSxjQUFjLEVBQUUsZ0JBQWdCLEVBQUUsTUFBTSwrQkFBK0IsQ0FBQztBQUdoSSxPQUFPLEVBQUUsa0JBQWtCLElBQUkscUJBQXFCLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUU5Rix5RUFBeUU7QUFDekUsT0FBTyxFQUFFLFVBQVUsRUFBRSxpQkFBaUIsRUFBRSxlQUFlLEVBQUUsY0FBYyxFQUFFLFVBQVUsRUFBRSxlQUFlLEVBQUUsc0JBQXNCLEVBQUUsZ0JBQWdCLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUN2TCxPQUFPLEVBQUUsa0JBQWtCLElBQUksWUFBWSxFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFJckYsY0FBYyxzQ0FBc0MsQ0FBQztBQUVyRCxrRUFBa0U7QUFDbEUsb0NBQW9DO0FBQ3BDLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSwwQkFBMEIsQ0FBQztBQUN0RCxrRUFBa0U7QUFDbEUscUVBQXFFO0FBRXJFLDJCQUEyQjtBQUMzQixjQUFjLCtCQUErQixDQUFDO0FBSzlDLHVDQUF1QztBQUN2QyxxRUFBcUU7QUFDckUsT0FBTyxLQUFLLEdBQUcsTUFBTSxnQkFBZ0IsQ0FBQztBQUN0QyxPQUFPLEtBQUssT0FBTyxNQUFNLG9CQUFvQixDQUFDIn0=

package/dist_ts/proxies/smart-proxy/models/route-types.js

@@ -1,3 +1,3 @@
 import * as plugins from '../../../plugins.js';
 // Configuration moved to models/interfaces.ts as ISmartProxyOptions
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUtdHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi90cy9wcm94aWVzL3NtYXJ0LXByb3h5L21vZGVscy9yb3V0ZS10eXBlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLHFCQUFxQixDQUFDO0FBd1cvQyxvRUFBb0UifQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUtdHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi90cy9wcm94aWVzL3NtYXJ0LXByb3h5L21vZGVscy9yb3V0ZS10eXBlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLHFCQUFxQixDQUFDO0FBdVcvQyxvRUFBb0UifQ==

package/dist_ts/proxies/smart-proxy/utils/index.d.ts

@@ -7,5 +7,4 @@
 export * from './route-helpers.js';
 export * from './route-validators.js';
 export * from './route-utils.js';
-import { createWebSocketRoute as createWebSocketPatternRoute, createLoadBalancerRoute as createLoadBalancerPatternRoute, createApiGatewayRoute, addRateLimiting, addBasicAuth, addJwtAuth } from './route-patterns.js';
-export { createWebSocketPatternRoute, createLoadBalancerPatternRoute, createApiGatewayRoute, addRateLimiting, addBasicAuth, addJwtAuth };
+export { createApiGatewayRoute, addRateLimiting, addBasicAuth, addJwtAuth } from './route-helpers.js';

package/dist_ts/proxies/smart-proxy/utils/index.js

@@ -10,8 +10,7 @@ export * from './route-helpers.js';
 export * from './route-validators.js';
 // Export route utilities for route operations
 export * from './route-utils.js';
-// Export route patterns with renamed exports to avoid conflicts
-import { createWebSocketRoute as createWebSocketPatternRoute, createLoadBalancerRoute as createLoadBalancerPatternRoute, createApiGatewayRoute, addRateLimiting, addBasicAuth, addJwtAuth } from './route-patterns.js';
-export { createWebSocketPatternRoute, createLoadBalancerPatternRoute, createApiGatewayRoute, addRateLimiting, addBasicAuth, addJwtAuth };
+// Export additional functions from route-helpers that weren't already exported
+export { createApiGatewayRoute, addRateLimiting, addBasicAuth, addJwtAuth } from './route-helpers.js';
 // Migration utilities have been removed as they are no longer needed
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi90cy9wcm94aWVzL3NtYXJ0LXByb3h5L3V0aWxzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7OztHQUtHO0FBRUgseURBQXlEO0FBQ3pELGNBQWMsb0JBQW9CLENBQUM7QUFFbkMsOERBQThEO0FBQzlELGNBQWMsdUJBQXVCLENBQUM7QUFFdEMsOENBQThDO0FBQzlDLGNBQWMsa0JBQWtCLENBQUM7QUFFakMsZ0VBQWdFO0FBQ2hFLE9BQU8sRUFDTCxvQkFBb0IsSUFBSSwyQkFBMkIsRUFDbkQsdUJBQXVCLElBQUksOEJBQThCLEVBQ3pELHFCQUFxQixFQUNyQixlQUFlLEVBQ2YsWUFBWSxFQUNaLFVBQVUsRUFDWCxNQUFNLHFCQUFxQixDQUFDO0FBRTdCLE9BQU8sRUFDTCwyQkFBMkIsRUFDM0IsOEJBQThCLEVBQzlCLHFCQUFxQixFQUNyQixlQUFlLEVBQ2YsWUFBWSxFQUNaLFVBQVUsRUFDWCxDQUFDO0FBRUYscUVBQXFFIn0=
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi90cy9wcm94aWVzL3NtYXJ0LXByb3h5L3V0aWxzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7OztHQUtHO0FBRUgseURBQXlEO0FBQ3pELGNBQWMsb0JBQW9CLENBQUM7QUFFbkMsOERBQThEO0FBQzlELGNBQWMsdUJBQXVCLENBQUM7QUFFdEMsOENBQThDO0FBQzlDLGNBQWMsa0JBQWtCLENBQUM7QUFFakMsK0VBQStFO0FBQy9FLE9BQU8sRUFDTCxxQkFBcUIsRUFDckIsZUFBZSxFQUNmLFlBQVksRUFDWixVQUFVLEVBQ1gsTUFBTSxvQkFBb0IsQ0FBQztBQUU1QixxRUFBcUUifQ==

package/dist_ts/proxies/smart-proxy/utils/route-helpers.d.ts

@@ -94,12 +94,37 @@ export declare function createCompleteHttpsServer(domains: string | string[], ta
 /**
  * Create a load balancer route (round-robin between multiple backend hosts)
  * @param domains Domain(s) to match
- * @param hosts Array of backend hosts to load balance between
- * @param port Backend port
- * @param options Additional route options
+ * @param backendsOrHosts Array of backend servers OR array of host strings (legacy)
+ * @param portOrOptions Port number (legacy) OR options object
+ * @param options Additional route options (legacy)
  * @returns Route configuration object
  */
-export declare function createLoadBalancerRoute(domains: string | string[], hosts: string[], port: number, options?: {
+export declare function createLoadBalancerRoute(domains: string | string[], backendsOrHosts: Array<{
+    host: string;
+    port: number;
+}> | string[], portOrOptions?: number | {
+    tls?: {
+        mode: 'passthrough' | 'terminate' | 'terminate-and-reencrypt';
+        certificate?: 'auto' | {
+            key: string;
+            cert: string;
+        };
+    };
+    useTls?: boolean;
+    certificate?: 'auto' | {
+        key: string;
+        cert: string;
+    };
+    algorithm?: 'round-robin' | 'least-connections' | 'ip-hash';
+    healthCheck?: {
+        path: string;
+        interval: number;
+        timeout: number;
+        unhealthyThreshold: number;
+        healthyThreshold: number;
+    };
+    [key: string]: any;
+}, options?: {
     tls?: {
         mode: 'passthrough' | 'terminate' | 'terminate-and-reencrypt';
         certificate?: 'auto' | {
@@ -135,14 +160,30 @@ export declare function createApiRoute(domains: string | string[], apiPath: stri
 /**
  * Create a WebSocket route configuration
  * @param domains Domain(s) to match
- * @param wsPath WebSocket path (e.g., "/ws")
- * @param target Target WebSocket server host and port
- * @param options Additional route options
+ * @param targetOrPath Target server OR WebSocket path (legacy)
+ * @param targetOrOptions Target server (legacy) OR options
+ * @param options Additional route options (legacy)
  * @returns Route configuration object
  */
-export declare function createWebSocketRoute(domains: string | string[], wsPath: string, target: {
+export declare function createWebSocketRoute(domains: string | string[], targetOrPath: {
     host: string | string[];
     port: number;
+} | string, targetOrOptions?: {
+    host: string | string[];
+    port: number;
+} | {
+    useTls?: boolean;
+    certificate?: 'auto' | {
+        key: string;
+        cert: string;
+    };
+    path?: string;
+    httpPort?: number | number[];
+    httpsPort?: number | number[];
+    pingInterval?: number;
+    pingTimeout?: number;
+    name?: string;
+    [key: string]: any;
 }, options?: {
     useTls?: boolean;
     certificate?: 'auto' | {
@@ -356,3 +397,64 @@ export declare const SocketHandlers: {
         end: () => void;
     }) => void) => (socket: plugins.net.Socket, context: IRouteContext) => void;
 };
+/**
+ * Create an API Gateway route pattern
+ * @param domains Domain(s) to match
+ * @param apiBasePath Base path for API endpoints (e.g., '/api')
+ * @param target Target host and port
+ * @param options Additional route options
+ * @returns API route configuration
+ */
+export declare function createApiGatewayRoute(domains: string | string[], apiBasePath: string, target: {
+    host: string | string[];
+    port: number;
+}, options?: {
+    useTls?: boolean;
+    certificate?: 'auto' | {
+        key: string;
+        cert: string;
+    };
+    addCorsHeaders?: boolean;
+    [key: string]: any;
+}): IRouteConfig;
+/**
+ * Create a rate limiting route pattern
+ * @param baseRoute Base route to add rate limiting to
+ * @param rateLimit Rate limiting configuration
+ * @returns Route with rate limiting
+ */
+export declare function addRateLimiting(baseRoute: IRouteConfig, rateLimit: {
+    maxRequests: number;
+    window: number;
+    keyBy?: 'ip' | 'path' | 'header';
+    headerName?: string;
+    errorMessage?: string;
+}): IRouteConfig;
+/**
+ * Create a basic authentication route pattern
+ * @param baseRoute Base route to add authentication to
+ * @param auth Authentication configuration
+ * @returns Route with basic authentication
+ */
+export declare function addBasicAuth(baseRoute: IRouteConfig, auth: {
+    users: Array<{
+        username: string;
+        password: string;
+    }>;
+    realm?: string;
+    excludePaths?: string[];
+}): IRouteConfig;
+/**
+ * Create a JWT authentication route pattern
+ * @param baseRoute Base route to add JWT authentication to
+ * @param jwt JWT authentication configuration
+ * @returns Route with JWT authentication
+ */
+export declare function addJwtAuth(baseRoute: IRouteConfig, jwt: {
+    secret: string;
+    algorithm?: string;
+    issuer?: string;
+    audience?: string;
+    expiresIn?: number;
+    excludePaths?: string[];
+}): IRouteConfig;