@push.rocks/smartproxy 22.6.0 → 23.1.0

package/dist_ts/proxies/http-proxy/security-manager.d.ts

@@ -1,98 +0,0 @@
-import type { ILogger } from './models/types.js';
-import type { IRouteConfig } from '../smart-proxy/models/route-types.js';
-import type { IRouteContext } from '../../core/models/route-context.js';
-/**
- * Manages security features for the HttpProxy
- * Implements IP filtering, rate limiting, and authentication.
- * Uses shared utilities from security-utils.ts.
- */
-export declare class SecurityManager {
-    private logger;
-    private routes;
-    private maxConnectionsPerIP;
-    private connectionRateLimitPerMinute;
-    private ipFilterCache;
-    private rateLimits;
-    private connectionsByIP;
-    private connectionRateByIP;
-    constructor(logger: ILogger, routes?: IRouteConfig[], maxConnectionsPerIP?: number, connectionRateLimitPerMinute?: number);
-    /**
-     * Update the routes configuration
-     */
-    setRoutes(routes: IRouteConfig[]): void;
-    /**
-     * Check if a client is allowed to access a specific route
-     *
-     * @param route The route to check access for
-     * @param context The route context with client information
-     * @returns True if access is allowed, false otherwise
-     */
-    isAllowed(route: IRouteConfig, context: IRouteContext): boolean;
-    /**
-     * Check if an IP is allowed based on route security settings
-     */
-    private isIpAllowed;
-    /**
-     * Check if request is within rate limit
-     */
-    private isWithinRateLimit;
-    /**
-     * Clean up expired rate limits
-     * Should be called periodically to prevent memory leaks
-     */
-    cleanupExpiredRateLimits(): void;
-    /**
-     * Check basic auth credentials
-     *
-     * @param route The route to check auth for
-     * @param username The provided username
-     * @param password The provided password
-     * @returns True if credentials are valid, false otherwise
-     */
-    checkBasicAuth(route: IRouteConfig, username: string, password: string): boolean;
-    /**
-     * Verify a JWT token
-     *
-     * @param route The route to verify the token for
-     * @param token The JWT token to verify
-     * @returns True if the token is valid, false otherwise
-     */
-    verifyJwtToken(route: IRouteConfig, token: string): boolean;
-    /**
-     * Get connections count by IP (checks normalized variants)
-     */
-    getConnectionCountByIP(ip: string): number;
-    /**
-     * Check and update connection rate for an IP
-     * @returns true if within rate limit, false if exceeding limit
-     */
-    checkConnectionRate(ip: string): boolean;
-    /**
-     * Track connection by IP
-     */
-    trackConnectionByIP(ip: string, connectionId: string): void;
-    /**
-     * Remove connection tracking for an IP
-     */
-    removeConnectionByIP(ip: string, connectionId: string): void;
-    /**
-     * Check if IP should be allowed considering connection rate and max connections
-     * @returns Object with result and reason
-     */
-    validateIP(ip: string): {
-        allowed: boolean;
-        reason?: string;
-    };
-    /**
-     * Clears all IP tracking data (for shutdown)
-     */
-    clearIPTracking(): void;
-    /**
-     * Start periodic cleanup of IP tracking data
-     */
-    private startPeriodicIpCleanup;
-    /**
-     * Perform cleanup of expired IP data
-     */
-    private performIpCleanup;
-}

package/dist_ts/proxies/http-proxy/security-manager.js

@@ -1,341 +0,0 @@
-import { isIPAuthorized, normalizeIP, parseBasicAuthHeader, cleanupExpiredRateLimits } from '../../core/utils/security-utils.js';
-/**
- * Manages security features for the HttpProxy
- * Implements IP filtering, rate limiting, and authentication.
- * Uses shared utilities from security-utils.ts.
- */
-export class SecurityManager {
-    constructor(logger, routes = [], maxConnectionsPerIP = 100, connectionRateLimitPerMinute = 300) {
-        this.logger = logger;
-        this.routes = routes;
-        this.maxConnectionsPerIP = maxConnectionsPerIP;
-        this.connectionRateLimitPerMinute = connectionRateLimitPerMinute;
-        // Cache IP filtering results to avoid constant regex matching
-        this.ipFilterCache = new Map();
-        // Store rate limits per route and key
-        this.rateLimits = new Map();
-        // Connection tracking by IP
-        this.connectionsByIP = new Map();
-        this.connectionRateByIP = new Map();
-        // Start periodic cleanup for connection tracking
-        this.startPeriodicIpCleanup();
-    }
-    /**
-     * Update the routes configuration
-     */
-    setRoutes(routes) {
-        this.routes = routes;
-        // Reset caches when routes change
-        this.ipFilterCache.clear();
-    }
-    /**
-     * Check if a client is allowed to access a specific route
-     *
-     * @param route The route to check access for
-     * @param context The route context with client information
-     * @returns True if access is allowed, false otherwise
-     */
-    isAllowed(route, context) {
-        if (!route.security) {
-            return true; // No security restrictions
-        }
-        // --- IP filtering ---
-        if (!this.isIpAllowed(route, context.clientIp)) {
-            this.logger.debug(`IP ${context.clientIp} is blocked for route ${route.name || 'unnamed'}`);
-            return false;
-        }
-        // --- Rate limiting ---
-        if (route.security.rateLimit?.enabled && !this.isWithinRateLimit(route, context)) {
-            this.logger.debug(`Rate limit exceeded for route ${route.name || 'unnamed'}`);
-            return false;
-        }
-        // --- Basic Auth (handled at HTTP level) ---
-        // Basic auth is not checked here as it requires HTTP headers
-        // and is handled in the RequestHandler
-        return true;
-    }
-    /**
-     * Check if an IP is allowed based on route security settings
-     */
-    isIpAllowed(route, clientIp) {
-        if (!route.security) {
-            return true; // No security restrictions
-        }
-        const routeId = route.name || 'unnamed';
-        // Check cache first
-        if (!this.ipFilterCache.has(routeId)) {
-            this.ipFilterCache.set(routeId, new Map());
-        }
-        const routeCache = this.ipFilterCache.get(routeId);
-        if (routeCache.has(clientIp)) {
-            return routeCache.get(clientIp);
-        }
-        // Use shared utility for IP authorization
-        const allowed = isIPAuthorized(clientIp, route.security.ipAllowList, route.security.ipBlockList);
-        // Cache the result
-        routeCache.set(clientIp, allowed);
-        return allowed;
-    }
-    /**
-     * Check if request is within rate limit
-     */
-    isWithinRateLimit(route, context) {
-        if (!route.security?.rateLimit?.enabled) {
-            return true;
-        }
-        const rateLimit = route.security.rateLimit;
-        const routeId = route.name || 'unnamed';
-        // Determine rate limit key (by IP, path, or header)
-        let key = context.clientIp; // Default to IP
-        if (rateLimit.keyBy === 'path' && context.path) {
-            key = `${context.clientIp}:${context.path}`;
-        }
-        else if (rateLimit.keyBy === 'header' && rateLimit.headerName && context.headers) {
-            const headerValue = context.headers[rateLimit.headerName.toLowerCase()];
-            if (headerValue) {
-                key = `${context.clientIp}:${headerValue}`;
-            }
-        }
-        // Get or create rate limit tracking for this route
-        if (!this.rateLimits.has(routeId)) {
-            this.rateLimits.set(routeId, new Map());
-        }
-        const routeLimits = this.rateLimits.get(routeId);
-        const now = Date.now();
-        // Get or create rate limit tracking for this key
-        let limit = routeLimits.get(key);
-        if (!limit || limit.expiry < now) {
-            // Create new rate limit or reset expired one
-            limit = {
-                count: 1,
-                expiry: now + (rateLimit.window * 1000)
-            };
-            routeLimits.set(key, limit);
-            return true;
-        }
-        // Increment the counter
-        limit.count++;
-        // Check if rate limit is exceeded
-        return limit.count <= rateLimit.maxRequests;
-    }
-    /**
-     * Clean up expired rate limits
-     * Should be called periodically to prevent memory leaks
-     */
-    cleanupExpiredRateLimits() {
-        cleanupExpiredRateLimits(this.rateLimits, {
-            info: this.logger.info.bind(this.logger),
-            warn: this.logger.warn.bind(this.logger),
-            error: this.logger.error.bind(this.logger),
-            debug: this.logger.debug?.bind(this.logger)
-        });
-    }
-    /**
-     * Check basic auth credentials
-     *
-     * @param route The route to check auth for
-     * @param username The provided username
-     * @param password The provided password
-     * @returns True if credentials are valid, false otherwise
-     */
-    checkBasicAuth(route, username, password) {
-        if (!route.security?.basicAuth?.enabled) {
-            return true;
-        }
-        const basicAuth = route.security.basicAuth;
-        // Check credentials against configured users
-        for (const user of basicAuth.users) {
-            if (user.username === username && user.password === password) {
-                return true;
-            }
-        }
-        return false;
-    }
-    /**
-     * Verify a JWT token
-     *
-     * @param route The route to verify the token for
-     * @param token The JWT token to verify
-     * @returns True if the token is valid, false otherwise
-     */
-    verifyJwtToken(route, token) {
-        if (!route.security?.jwtAuth?.enabled) {
-            return true;
-        }
-        try {
-            const jwtAuth = route.security.jwtAuth;
-            // Verify structure
-            const parts = token.split('.');
-            if (parts.length !== 3) {
-                return false;
-            }
-            // Decode payload
-            const payload = JSON.parse(Buffer.from(parts[1], 'base64').toString());
-            // Check expiration
-            if (payload.exp && payload.exp < Math.floor(Date.now() / 1000)) {
-                return false;
-            }
-            // Check issuer
-            if (jwtAuth.issuer && payload.iss !== jwtAuth.issuer) {
-                return false;
-            }
-            // Check audience
-            if (jwtAuth.audience && payload.aud !== jwtAuth.audience) {
-                return false;
-            }
-            // Note: In a real implementation, you'd also verify the signature
-            // using the secret and algorithm specified in jwtAuth
-            return true;
-        }
-        catch (err) {
-            this.logger.error(`Error verifying JWT: ${err}`);
-            return false;
-        }
-    }
-    /**
-     * Get connections count by IP (checks normalized variants)
-     */
-    getConnectionCountByIP(ip) {
-        // Check all normalized variants of the IP
-        const variants = normalizeIP(ip);
-        for (const variant of variants) {
-            const connections = this.connectionsByIP.get(variant);
-            if (connections) {
-                return connections.size;
-            }
-        }
-        return 0;
-    }
-    /**
-     * Check and update connection rate for an IP
-     * @returns true if within rate limit, false if exceeding limit
-     */
-    checkConnectionRate(ip) {
-        const now = Date.now();
-        const minute = 60 * 1000;
-        // Find existing rate tracking (check normalized variants)
-        const variants = normalizeIP(ip);
-        let existingKey = null;
-        for (const variant of variants) {
-            if (this.connectionRateByIP.has(variant)) {
-                existingKey = variant;
-                break;
-            }
-        }
-        const key = existingKey || ip;
-        if (!this.connectionRateByIP.has(key)) {
-            this.connectionRateByIP.set(key, [now]);
-            return true;
-        }
-        // Get timestamps and filter out entries older than 1 minute
-        const timestamps = this.connectionRateByIP.get(key).filter((time) => now - time < minute);
-        timestamps.push(now);
-        this.connectionRateByIP.set(key, timestamps);
-        // Check if rate exceeds limit
-        return timestamps.length <= this.connectionRateLimitPerMinute;
-    }
-    /**
-     * Track connection by IP
-     */
-    trackConnectionByIP(ip, connectionId) {
-        // Check if any variant already exists
-        const variants = normalizeIP(ip);
-        let existingKey = null;
-        for (const variant of variants) {
-            if (this.connectionsByIP.has(variant)) {
-                existingKey = variant;
-                break;
-            }
-        }
-        const key = existingKey || ip;
-        if (!this.connectionsByIP.has(key)) {
-            this.connectionsByIP.set(key, new Set());
-        }
-        this.connectionsByIP.get(key).add(connectionId);
-    }
-    /**
-     * Remove connection tracking for an IP
-     */
-    removeConnectionByIP(ip, connectionId) {
-        // Check all variants to find where the connection is tracked
-        const variants = normalizeIP(ip);
-        for (const variant of variants) {
-            if (this.connectionsByIP.has(variant)) {
-                const connections = this.connectionsByIP.get(variant);
-                connections.delete(connectionId);
-                if (connections.size === 0) {
-                    this.connectionsByIP.delete(variant);
-                }
-                break;
-            }
-        }
-    }
-    /**
-     * Check if IP should be allowed considering connection rate and max connections
-     * @returns Object with result and reason
-     */
-    validateIP(ip) {
-        // Check connection count limit
-        if (this.getConnectionCountByIP(ip) >= this.maxConnectionsPerIP) {
-            return {
-                allowed: false,
-                reason: `Maximum connections per IP (${this.maxConnectionsPerIP}) exceeded`
-            };
-        }
-        // Check connection rate limit
-        if (!this.checkConnectionRate(ip)) {
-            return {
-                allowed: false,
-                reason: `Connection rate limit (${this.connectionRateLimitPerMinute}/min) exceeded`
-            };
-        }
-        return { allowed: true };
-    }
-    /**
-     * Clears all IP tracking data (for shutdown)
-     */
-    clearIPTracking() {
-        this.connectionsByIP.clear();
-        this.connectionRateByIP.clear();
-    }
-    /**
-     * Start periodic cleanup of IP tracking data
-     */
-    startPeriodicIpCleanup() {
-        // Clean up IP tracking data every minute
-        setInterval(() => {
-            this.performIpCleanup();
-        }, 60000).unref();
-    }
-    /**
-     * Perform cleanup of expired IP data
-     */
-    performIpCleanup() {
-        const now = Date.now();
-        const minute = 60 * 1000;
-        let cleanedRateLimits = 0;
-        let cleanedIPs = 0;
-        // Clean up expired rate limit timestamps
-        for (const [ip, timestamps] of this.connectionRateByIP.entries()) {
-            const validTimestamps = timestamps.filter((time) => now - time < minute);
-            if (validTimestamps.length === 0) {
-                this.connectionRateByIP.delete(ip);
-                cleanedRateLimits++;
-            }
-            else if (validTimestamps.length < timestamps.length) {
-                this.connectionRateByIP.set(ip, validTimestamps);
-            }
-        }
-        // Clean up IPs with no active connections
-        for (const [ip, connections] of this.connectionsByIP.entries()) {
-            if (connections.size === 0) {
-                this.connectionsByIP.delete(ip);
-                cleanedIPs++;
-            }
-        }
-        if (cleanedRateLimits > 0 || cleanedIPs > 0) {
-            this.logger.debug(`IP cleanup: removed ${cleanedIPs} IPs and ${cleanedRateLimits} rate limits`);
-        }
-    }
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjdXJpdHktbWFuYWdlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3RzL3Byb3hpZXMvaHR0cC1wcm94eS9zZWN1cml0eS1tYW5hZ2VyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUdBLE9BQU8sRUFDTCxjQUFjLEVBQ2QsV0FBVyxFQUNYLG9CQUFvQixFQUNwQix3QkFBd0IsRUFFekIsTUFBTSxvQ0FBb0MsQ0FBQztBQUU1Qzs7OztHQUlHO0FBQ0gsTUFBTSxPQUFPLGVBQWU7SUFXMUIsWUFDVSxNQUFlLEVBQ2YsU0FBeUIsRUFBRSxFQUMzQixzQkFBOEIsR0FBRyxFQUNqQywrQkFBdUMsR0FBRztRQUgxQyxXQUFNLEdBQU4sTUFBTSxDQUFTO1FBQ2YsV0FBTSxHQUFOLE1BQU0sQ0FBcUI7UUFDM0Isd0JBQW1CLEdBQW5CLG1CQUFtQixDQUFjO1FBQ2pDLGlDQUE0QixHQUE1Qiw0QkFBNEIsQ0FBYztRQWRwRCw4REFBOEQ7UUFDdEQsa0JBQWEsR0FBc0MsSUFBSSxHQUFHLEVBQUUsQ0FBQztRQUVyRSxzQ0FBc0M7UUFDOUIsZUFBVSxHQUE2QyxJQUFJLEdBQUcsRUFBRSxDQUFDO1FBRXpFLDRCQUE0QjtRQUNwQixvQkFBZSxHQUE2QixJQUFJLEdBQUcsRUFBRSxDQUFDO1FBQ3RELHVCQUFrQixHQUEwQixJQUFJLEdBQUcsRUFBRSxDQUFDO1FBUTVELGlEQUFpRDtRQUNqRCxJQUFJLENBQUMsc0JBQXNCLEVBQUUsQ0FBQztJQUNoQyxDQUFDO0lBRUQ7O09BRUc7SUFDSSxTQUFTLENBQUMsTUFBc0I7UUFDckMsSUFBSSxDQUFDLE1BQU0sR0FBRyxNQUFNLENBQUM7UUFDckIsa0NBQWtDO1FBQ2xDLElBQUksQ0FBQyxhQUFhLENBQUMsS0FBSyxFQUFFLENBQUM7SUFDN0IsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLFNBQVMsQ0FBQyxLQUFtQixFQUFFLE9BQXNCO1FBQzFELElBQUksQ0FBQyxLQUFLLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDcEIsT0FBTyxJQUFJLENBQUMsQ0FBQywyQkFBMkI7UUFDMUMsQ0FBQztRQUVELHVCQUF1QjtRQUN2QixJQUFJLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxLQUFLLEVBQUUsT0FBTyxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUM7WUFDL0MsSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsTUFBTSxPQUFPLENBQUMsUUFBUSx5QkFBeUIsS0FBSyxDQUFDLElBQUksSUFBSSxTQUFTLEVBQUUsQ0FBQyxDQUFDO1lBQzVGLE9BQU8sS0FBSyxDQUFDO1FBQ2YsQ0FBQztRQUVELHdCQUF3QjtRQUN4QixJQUFJLEtBQUssQ0FBQyxRQUFRLENBQUMsU0FBUyxFQUFFLE9BQU8sSUFBSSxDQUFDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLLEVBQUUsT0FBTyxDQUFDLEVBQUUsQ0FBQztZQUNqRixJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxpQ0FBaUMsS0FBSyxDQUFDLElBQUksSUFBSSxTQUFTLEVBQUUsQ0FBQyxDQUFDO1lBQzlFLE9BQU8sS0FBSyxDQUFDO1FBQ2YsQ0FBQztRQUVELDZDQUE2QztRQUM3Qyw2REFBNkQ7UUFDN0QsdUNBQXVDO1FBRXZDLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVEOztPQUVHO0lBQ0ssV0FBVyxDQUFDLEtBQW1CLEVBQUUsUUFBZ0I7UUFDdkQsSUFBSSxDQUFDLEtBQUssQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUNwQixPQUFPLElBQUksQ0FBQyxDQUFDLDJCQUEyQjtRQUMxQyxDQUFDO1FBRUQsTUFBTSxPQUFPLEdBQUcsS0FBSyxDQUFDLElBQUksSUFBSSxTQUFTLENBQUM7UUFFeEMsb0JBQW9CO1FBQ3BCLElBQUksQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLEdBQUcsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1lBQ3JDLElBQUksQ0FBQyxhQUFhLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxJQUFJLEdBQUcsRUFBRSxDQUFDLENBQUM7UUFDN0MsQ0FBQztRQUVELE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxhQUFhLENBQUMsR0FBRyxDQUFDLE9BQU8sQ0FBRSxDQUFDO1FBQ3BELElBQUksVUFBVSxDQUFDLEdBQUcsQ0FBQyxRQUFRLENBQUMsRUFBRSxDQUFDO1lBQzdCLE9BQU8sVUFBVSxDQUFDLEdBQUcsQ0FBQyxRQUFRLENBQUUsQ0FBQztRQUNuQyxDQUFDO1FBRUQsMENBQTBDO1FBQzFDLE1BQU0sT0FBTyxHQUFHLGNBQWMsQ0FDNUIsUUFBUSxFQUNSLEtBQUssQ0FBQyxRQUFRLENBQUMsV0FBVyxFQUMxQixLQUFLLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FDM0IsQ0FBQztRQUVGLG1CQUFtQjtRQUNuQixVQUFVLENBQUMsR0FBRyxDQUFDLFFBQVEsRUFBRSxPQUFPLENBQUMsQ0FBQztRQUVsQyxPQUFPLE9BQU8sQ0FBQztJQUNqQixDQUFDO0lBRUQ7O09BRUc7SUFDSyxpQkFBaUIsQ0FBQyxLQUFtQixFQUFFLE9BQXNCO1FBQ25FLElBQUksQ0FBQyxLQUFLLENBQUMsUUFBUSxFQUFFLFNBQVMsRUFBRSxPQUFPLEVBQUUsQ0FBQztZQUN4QyxPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFFRCxNQUFNLFNBQVMsR0FBRyxLQUFLLENBQUMsUUFBUSxDQUFDLFNBQVMsQ0FBQztRQUMzQyxNQUFNLE9BQU8sR0FBRyxLQUFLLENBQUMsSUFBSSxJQUFJLFNBQVMsQ0FBQztRQUV4QyxvREFBb0Q7UUFDcEQsSUFBSSxHQUFHLEdBQUcsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFDLGdCQUFnQjtRQUU1QyxJQUFJLFNBQVMsQ0FBQyxLQUFLLEtBQUssTUFBTSxJQUFJLE9BQU8sQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUMvQyxHQUFHLEdBQUcsR0FBRyxPQUFPLENBQUMsUUFBUSxJQUFJLE9BQU8sQ0FBQyxJQUFJLEVBQUUsQ0FBQztRQUM5QyxDQUFDO2FBQU0sSUFBSSxTQUFTLENBQUMsS0FBSyxLQUFLLFFBQVEsSUFBSSxTQUFTLENBQUMsVUFBVSxJQUFJLE9BQU8sQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUNuRixNQUFNLFdBQVcsR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxVQUFVLENBQUMsV0FBVyxFQUFFLENBQUMsQ0FBQztZQUN4RSxJQUFJLFdBQVcsRUFBRSxDQUFDO2dCQUNoQixHQUFHLEdBQUcsR0FBRyxPQUFPLENBQUMsUUFBUSxJQUFJLFdBQVcsRUFBRSxDQUFDO1lBQzdDLENBQUM7UUFDSCxDQUFDO1FBRUQsbURBQW1EO1FBQ25ELElBQUksQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1lBQ2xDLElBQUksQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxJQUFJLEdBQUcsRUFBRSxDQUFDLENBQUM7UUFDMUMsQ0FBQztRQUVELE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLE9BQU8sQ0FBRSxDQUFDO1FBQ2xELE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUV2QixpREFBaUQ7UUFDakQsSUFBSSxLQUFLLEdBQUcsV0FBVyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUNqQyxJQUFJLENBQUMsS0FBSyxJQUFJLEtBQUssQ0FBQyxNQUFNLEdBQUcsR0FBRyxFQUFFLENBQUM7WUFDakMsNkNBQTZDO1lBQzdDLEtBQUssR0FBRztnQkFDTixLQUFLLEVBQUUsQ0FBQztnQkFDUixNQUFNLEVBQUUsR0FBRyxHQUFHLENBQUMsU0FBUyxDQUFDLE1BQU0sR0FBRyxJQUFJLENBQUM7YUFDeEMsQ0FBQztZQUNGLFdBQVcsQ0FBQyxHQUFHLENBQUMsR0FBRyxFQUFFLEtBQUssQ0FBQyxDQUFDO1lBQzVCLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztRQUVELHdCQUF3QjtRQUN4QixLQUFLLENBQUMsS0FBSyxFQUFFLENBQUM7UUFFZCxrQ0FBa0M7UUFDbEMsT0FBTyxLQUFLLENBQUMsS0FBSyxJQUFJLFNBQVMsQ0FBQyxXQUFXLENBQUM7SUFDOUMsQ0FBQztJQUVEOzs7T0FHRztJQUNJLHdCQUF3QjtRQUM3Qix3QkFBd0IsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFO1lBQ3hDLElBQUksRUFBRSxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQztZQUN4QyxJQUFJLEVBQUUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUM7WUFDeEMsS0FBSyxFQUFFLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDO1lBQzFDLEtBQUssRUFBRSxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQztTQUM1QyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQ7Ozs7Ozs7T0FPRztJQUNJLGNBQWMsQ0FBQyxLQUFtQixFQUFFLFFBQWdCLEVBQUUsUUFBZ0I7UUFDM0UsSUFBSSxDQUFDLEtBQUssQ0FBQyxRQUFRLEVBQUUsU0FBUyxFQUFFLE9BQU8sRUFBRSxDQUFDO1lBQ3hDLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztRQUVELE1BQU0sU0FBUyxHQUFHLEtBQUssQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDO1FBRTNDLDZDQUE2QztRQUM3QyxLQUFLLE1BQU0sSUFBSSxJQUFJLFNBQVMsQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUNuQyxJQUFJLElBQUksQ0FBQyxRQUFRLEtBQUssUUFBUSxJQUFJLElBQUksQ0FBQyxRQUFRLEtBQUssUUFBUSxFQUFFLENBQUM7Z0JBQzdELE9BQU8sSUFBSSxDQUFDO1lBQ2QsQ0FBQztRQUNILENBQUM7UUFFRCxPQUFPLEtBQUssQ0FBQztJQUNmLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxjQUFjLENBQUMsS0FBbUIsRUFBRSxLQUFhO1FBQ3RELElBQUksQ0FBQyxLQUFLLENBQUMsUUFBUSxFQUFFLE9BQU8sRUFBRSxPQUFPLEVBQUUsQ0FBQztZQUN0QyxPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFFRCxJQUFJLENBQUM7WUFDSCxNQUFNLE9BQU8sR0FBRyxLQUFLLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQztZQUV2QyxtQkFBbUI7WUFDbkIsTUFBTSxLQUFLLEdBQUcsS0FBSyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQztZQUMvQixJQUFJLEtBQUssQ0FBQyxNQUFNLEtBQUssQ0FBQyxFQUFFLENBQUM7Z0JBQ3ZCLE9BQU8sS0FBSyxDQUFDO1lBQ2YsQ0FBQztZQUVELGlCQUFpQjtZQUNqQixNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxFQUFFLFFBQVEsQ0FBQyxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUM7WUFFdkUsbUJBQW1CO1lBQ25CLElBQUksT0FBTyxDQUFDLEdBQUcsSUFBSSxPQUFPLENBQUMsR0FBRyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLEdBQUcsRUFBRSxHQUFHLElBQUksQ0FBQyxFQUFFLENBQUM7Z0JBQy9ELE9BQU8sS0FBSyxDQUFDO1lBQ2YsQ0FBQztZQUVELGVBQWU7WUFDZixJQUFJLE9BQU8sQ0FBQyxNQUFNLElBQUksT0FBTyxDQUFDLEdBQUcsS0FBSyxPQUFPLENBQUMsTUFBTSxFQUFFLENBQUM7Z0JBQ3JELE9BQU8sS0FBSyxDQUFDO1lBQ2YsQ0FBQztZQUVELGlCQUFpQjtZQUNqQixJQUFJLE9BQU8sQ0FBQyxRQUFRLElBQUksT0FBTyxDQUFDLEdBQUcsS0FBSyxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7Z0JBQ3pELE9BQU8sS0FBSyxDQUFDO1lBQ2YsQ0FBQztZQUVELGtFQUFrRTtZQUNsRSxzREFBc0Q7WUFFdEQsT0FBTyxJQUFJLENBQUM7UUFDZCxDQUFDO1FBQUMsT0FBTyxHQUFHLEVBQUUsQ0FBQztZQUNiLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLHdCQUF3QixHQUFHLEVBQUUsQ0FBQyxDQUFDO1lBQ2pELE9BQU8sS0FBSyxDQUFDO1FBQ2YsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNJLHNCQUFzQixDQUFDLEVBQVU7UUFDdEMsMENBQTBDO1FBQzFDLE1BQU0sUUFBUSxHQUFHLFdBQVcsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUNqQyxLQUFLLE1BQU0sT0FBTyxJQUFJLFFBQVEsRUFBRSxDQUFDO1lBQy9CLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1lBQ3RELElBQUksV0FBVyxFQUFFLENBQUM7Z0JBQ2hCLE9BQU8sV0FBVyxDQUFDLElBQUksQ0FBQztZQUMxQixDQUFDO1FBQ0gsQ0FBQztRQUNELE9BQU8sQ0FBQyxDQUFDO0lBQ1gsQ0FBQztJQUVEOzs7T0FHRztJQUNJLG1CQUFtQixDQUFDLEVBQVU7UUFDbkMsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO1FBQ3ZCLE1BQU0sTUFBTSxHQUFHLEVBQUUsR0FBRyxJQUFJLENBQUM7UUFFekIsMERBQTBEO1FBQzFELE1BQU0sUUFBUSxHQUFHLFdBQVcsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUNqQyxJQUFJLFdBQVcsR0FBa0IsSUFBSSxDQUFDO1FBQ3RDLEtBQUssTUFBTSxPQUFPLElBQUksUUFBUSxFQUFFLENBQUM7WUFDL0IsSUFBSSxJQUFJLENBQUMsa0JBQWtCLENBQUMsR0FBRyxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7Z0JBQ3pDLFdBQVcsR0FBRyxPQUFPLENBQUM7Z0JBQ3RCLE1BQU07WUFDUixDQUFDO1FBQ0gsQ0FBQztRQUVELE1BQU0sR0FBRyxHQUFHLFdBQVcsSUFBSSxFQUFFLENBQUM7UUFFOUIsSUFBSSxDQUFDLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUN0QyxJQUFJLENBQUMsa0JBQWtCLENBQUMsR0FBRyxDQUFDLEdBQUcsRUFBRSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7WUFDeEMsT0FBTyxJQUFJLENBQUM7UUFDZCxDQUFDO1FBRUQsNERBQTREO1FBQzVELE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFFLENBQUMsTUFBTSxDQUFDLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxHQUFHLEdBQUcsSUFBSSxHQUFHLE1BQU0sQ0FBQyxDQUFDO1FBQzNGLFVBQVUsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDckIsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEdBQUcsQ0FBQyxHQUFHLEVBQUUsVUFBVSxDQUFDLENBQUM7UUFFN0MsOEJBQThCO1FBQzlCLE9BQU8sVUFBVSxDQUFDLE1BQU0sSUFBSSxJQUFJLENBQUMsNEJBQTRCLENBQUM7SUFDaEUsQ0FBQztJQUVEOztPQUVHO0lBQ0ksbUJBQW1CLENBQUMsRUFBVSxFQUFFLFlBQW9CO1FBQ3pELHNDQUFzQztRQUN0QyxNQUFNLFFBQVEsR0FBRyxXQUFXLENBQUMsRUFBRSxDQUFDLENBQUM7UUFDakMsSUFBSSxXQUFXLEdBQWtCLElBQUksQ0FBQztRQUV0QyxLQUFLLE1BQU0sT0FBTyxJQUFJLFFBQVEsRUFBRSxDQUFDO1lBQy9CLElBQUksSUFBSSxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztnQkFDdEMsV0FBVyxHQUFHLE9BQU8sQ0FBQztnQkFDdEIsTUFBTTtZQUNSLENBQUM7UUFDSCxDQUFDO1FBRUQsTUFBTSxHQUFHLEdBQUcsV0FBVyxJQUFJLEVBQUUsQ0FBQztRQUM5QixJQUFJLENBQUMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUNuQyxJQUFJLENBQUMsZUFBZSxDQUFDLEdBQUcsQ0FBQyxHQUFHLEVBQUUsSUFBSSxHQUFHLEVBQUUsQ0FBQyxDQUFDO1FBQzNDLENBQUM7UUFDRCxJQUFJLENBQUMsZUFBZSxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUUsQ0FBQyxHQUFHLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDbkQsQ0FBQztJQUVEOztPQUVHO0lBQ0ksb0JBQW9CLENBQUMsRUFBVSxFQUFFLFlBQW9CO1FBQzFELDZEQUE2RDtRQUM3RCxNQUFNLFFBQVEsR0FBRyxXQUFXLENBQUMsRUFBRSxDQUFDLENBQUM7UUFFakMsS0FBSyxNQUFNLE9BQU8sSUFBSSxRQUFRLEVBQUUsQ0FBQztZQUMvQixJQUFJLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7Z0JBQ3RDLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLE9BQU8sQ0FBRSxDQUFDO2dCQUN2RCxXQUFXLENBQUMsTUFBTSxDQUFDLFlBQVksQ0FBQyxDQUFDO2dCQUNqQyxJQUFJLFdBQVcsQ0FBQyxJQUFJLEtBQUssQ0FBQyxFQUFFLENBQUM7b0JBQzNCLElBQUksQ0FBQyxlQUFlLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxDQUFDO2dCQUN2QyxDQUFDO2dCQUNELE1BQU07WUFDUixDQUFDO1FBQ0gsQ0FBQztJQUNILENBQUM7SUFFRDs7O09BR0c7SUFDSSxVQUFVLENBQUMsRUFBVTtRQUMxQiwrQkFBK0I7UUFDL0IsSUFBSSxJQUFJLENBQUMsc0JBQXNCLENBQUMsRUFBRSxDQUFDLElBQUksSUFBSSxDQUFDLG1CQUFtQixFQUFFLENBQUM7WUFDaEUsT0FBTztnQkFDTCxPQUFPLEVBQUUsS0FBSztnQkFDZCxNQUFNLEVBQUUsK0JBQStCLElBQUksQ0FBQyxtQkFBbUIsWUFBWTthQUM1RSxDQUFDO1FBQ0osQ0FBQztRQUVELDhCQUE4QjtRQUM5QixJQUFJLENBQUMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUM7WUFDbEMsT0FBTztnQkFDTCxPQUFPLEVBQUUsS0FBSztnQkFDZCxNQUFNLEVBQUUsMEJBQTBCLElBQUksQ0FBQyw0QkFBNEIsZ0JBQWdCO2FBQ3BGLENBQUM7UUFDSixDQUFDO1FBRUQsT0FBTyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsQ0FBQztJQUMzQixDQUFDO0lBRUQ7O09BRUc7SUFDSSxlQUFlO1FBQ3BCLElBQUksQ0FBQyxlQUFlLENBQUMsS0FBSyxFQUFFLENBQUM7UUFDN0IsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEtBQUssRUFBRSxDQUFDO0lBQ2xDLENBQUM7SUFFRDs7T0FFRztJQUNLLHNCQUFzQjtRQUM1Qix5Q0FBeUM7UUFDekMsV0FBVyxDQUFDLEdBQUcsRUFBRTtZQUNmLElBQUksQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1FBQzFCLENBQUMsRUFBRSxLQUFLLENBQUMsQ0FBQyxLQUFLLEVBQUUsQ0FBQztJQUNwQixDQUFDO0lBRUQ7O09BRUc7SUFDSyxnQkFBZ0I7UUFDdEIsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO1FBQ3ZCLE1BQU0sTUFBTSxHQUFHLEVBQUUsR0FBRyxJQUFJLENBQUM7UUFDekIsSUFBSSxpQkFBaUIsR0FBRyxDQUFDLENBQUM7UUFDMUIsSUFBSSxVQUFVLEdBQUcsQ0FBQyxDQUFDO1FBRW5CLHlDQUF5QztRQUN6QyxLQUFLLE1BQU0sQ0FBQyxFQUFFLEVBQUUsVUFBVSxDQUFDLElBQUksSUFBSSxDQUFDLGtCQUFrQixDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUM7WUFDakUsTUFBTSxlQUFlLEdBQUcsVUFBVSxDQUFDLE1BQU0sQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsR0FBRyxHQUFHLElBQUksR0FBRyxNQUFNLENBQUMsQ0FBQztZQUV6RSxJQUFJLGVBQWUsQ0FBQyxNQUFNLEtBQUssQ0FBQyxFQUFFLENBQUM7Z0JBQ2pDLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLENBQUM7Z0JBQ25DLGlCQUFpQixFQUFFLENBQUM7WUFDdEIsQ0FBQztpQkFBTSxJQUFJLGVBQWUsQ0FBQyxNQUFNLEdBQUcsVUFBVSxDQUFDLE1BQU0sRUFBRSxDQUFDO2dCQUN0RCxJQUFJLENBQUMsa0JBQWtCLENBQUMsR0FBRyxDQUFDLEVBQUUsRUFBRSxlQUFlLENBQUMsQ0FBQztZQUNuRCxDQUFDO1FBQ0gsQ0FBQztRQUVELDBDQUEwQztRQUMxQyxLQUFLLE1BQU0sQ0FBQyxFQUFFLEVBQUUsV0FBVyxDQUFDLElBQUksSUFBSSxDQUFDLGVBQWUsQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDO1lBQy9ELElBQUksV0FBVyxDQUFDLElBQUksS0FBSyxDQUFDLEVBQUUsQ0FBQztnQkFDM0IsSUFBSSxDQUFDLGVBQWUsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLENBQUM7Z0JBQ2hDLFVBQVUsRUFBRSxDQUFDO1lBQ2YsQ0FBQztRQUNILENBQUM7UUFFRCxJQUFJLGlCQUFpQixHQUFHLENBQUMsSUFBSSxVQUFVLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDNUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsdUJBQXVCLFVBQVUsWUFBWSxpQkFBaUIsY0FBYyxDQUFDLENBQUM7UUFDbEcsQ0FBQztJQUNILENBQUM7Q0FDRiJ9

package/dist_ts/proxies/http-proxy/websocket-handler.d.ts

@@ -1,50 +0,0 @@
-import * as plugins from '../../plugins.js';
-import '../../core/models/socket-augmentation.js';
-import { type IHttpProxyOptions } from './models/types.js';
-import { ConnectionPool } from './connection-pool.js';
-import type { IRouteConfig } from '../smart-proxy/models/route-types.js';
-/**
- * Handles WebSocket connections and proxying
- */
-export declare class WebSocketHandler {
-    private options;
-    private connectionPool;
-    private routes;
-    private heartbeatInterval;
-    private wsServer;
-    private logger;
-    private contextCreator;
-    private router;
-    private securityManager;
-    constructor(options: IHttpProxyOptions, connectionPool: ConnectionPool, routes?: IRouteConfig[]);
-    /**
-     * Set the route configurations
-     */
-    setRoutes(routes: IRouteConfig[]): void;
-    /**
-     * Select the appropriate target from the targets array based on sub-matching criteria
-     */
-    private selectTarget;
-    /**
-     * Initialize WebSocket server on an existing HTTPS server
-     */
-    initialize(server: plugins.https.Server): void;
-    /**
-     * Start the heartbeat interval to check for inactive WebSocket connections
-     */
-    private startHeartbeat;
-    /**
-     * Handle a new WebSocket connection
-     */
-    private handleWebSocketConnection;
-    /**
-     * Get information about active WebSocket connections
-     */
-    getConnectionInfo(): {
-        activeConnections: number;
-    };
-    /**
-     * Shutdown the WebSocket handler
-     */
-    shutdown(): void;
-}