@reboot-dev/reboot 0.23.0 → 0.24.0

package/index.d.ts

@@ -50,6 +50,7 @@ export declare class Context {
     get auth(): Auth | null;
     get stateId(): any;
     get iteration(): any;
+    get cookie(): any;
     generateIdempotentStateId(stateType: string, serviceName: string, method: string, idempotency: IdempotencyOptions): Promise<any>;
 }
 export declare class ReaderContext extends Context {
@@ -117,8 +118,8 @@ export declare abstract class TokenVerifier {
      * Returns:
      *   `Auth` information if the token is valid, null otherwise.
      */
-    abstract verifyToken(context: ReaderContext, token: string): Promise<Auth | null>;
-    _verifyToken(context: ReaderContext, token: string): Promise<Uint8Array | null>;
+    abstract verifyToken(context: ReaderContext, token?: string): Promise<Auth | null>;
+    _verifyToken(context: ReaderContext, token?: string): Promise<Uint8Array | null>;
 }
 export type AuthorizerDecision = errors_pb.Unauthenticated | errors_pb.PermissionDenied | errors_pb.Ok;
 /**
@@ -171,20 +172,44 @@ export declare class Loop {
 export declare function retry_reactively_until(context: WorkflowContext, condition: () => Promise<boolean>): Promise<void>;
 export declare function retry_reactively_until<T>(context: WorkflowContext, condition: () => Promise<false | Exclude<T, boolean>>): Promise<Exclude<T, boolean>>;
 export declare function atMostOnce(idempotencyAlias: string, context: WorkflowContext, callable: () => Promise<void>, options?: {
-    parse: undefined;
+    stringify?: undefined;
+    parse?: undefined;
+    validate?: undefined;
 }): Promise<void>;
 export declare function atMostOnce<T>(idempotencyAlias: string, context: WorkflowContext, callable: () => Promise<T>, options: {
-    parse: (value: any) => T;
+    stringify?: (result: T) => string;
+    parse: (value: string) => T;
+    validate?: undefined;
+} | {
+    stringify?: (result: T) => string;
+    parse?: undefined;
+    validate: (result: T) => boolean;
 }): Promise<T>;
 export declare function atLeastOnce(idempotencyAlias: string, context: WorkflowContext, callable: () => Promise<void>, options?: {
-    parse: undefined;
+    stringify?: undefined;
+    parse?: undefined;
+    validate?: undefined;
 }): Promise<void>;
 export declare function atLeastOnce<T>(idempotencyAlias: string, context: WorkflowContext, callable: () => Promise<T>, options: {
-    parse: (value: any) => T;
+    stringify?: (result: T) => string;
+    parse: (value: string) => T;
+    validate?: undefined;
+} | {
+    stringify?: (result: T) => string;
+    parse?: undefined;
+    validate: (result: T) => boolean;
 }): Promise<T>;
 export declare function until(idempotencyAlias: string, context: WorkflowContext, callable: () => Promise<boolean>, options?: {
-    parse: undefined;
+    stringify?: undefined;
+    parse?: undefined;
+    validate?: undefined;
 }): Promise<void>;
 export declare function until<T>(idempotencyAlias: string, context: WorkflowContext, callable: () => Promise<false | Exclude<T, boolean>>, options: {
-    parse: (value: any) => T;
+    stringify?: (result: T) => string;
+    parse: (value: string) => T;
+    validate?: undefined;
+} | {
+    stringify?: (result: T) => string;
+    parse?: undefined;
+    validate: (result: T) => boolean;
 }): Promise<Exclude<T, boolean>>;

package/index.js

@@ -49,6 +49,12 @@ if (process != null) {
         // exits due to a SIGINT will exit with a code of 130.
         checkIfNoOtherListenersAndIfSoExit("SIGINT", 130);
     });
+    process.on("unhandledRejection", (reason, promise) => {
+        // We install a slightly quieter unhandled-rejection handler because the
+        // native portion of Reboot renders useful error messages before raising.
+        console.error("Exiting:", reason);
+        checkIfNoOtherListenersAndIfSoExit("unhandledRejection", 1);
+    });
 }
 export class Reboot {
     constructor() {
@@ -169,6 +175,9 @@ export class Context {
     get iteration() {
         return reboot_native.Context_iteration(__classPrivateFieldGet(this, _Context_external, "f"));
     }
+    get cookie() {
+        return reboot_native.Context_cookie(__classPrivateFieldGet(this, _Context_external, "f"));
+    }
     async generateIdempotentStateId(stateType, serviceName, method, idempotency) {
         return reboot_native.Context_generateIdempotentStateId(__classPrivateFieldGet(this, _Context_external, "f"), stateType, serviceName, method, idempotency);
     }
@@ -395,43 +404,55 @@ export async function retry_reactively_until(context, condition) {
     });
     return t;
 }
-async function atLeastOrMostOnce(idempotencyAlias, context, callable, options) {
-    let t = undefined;
+async function atLeastOrMostOnce(idempotencyAlias, context, callable, { stringify = JSON.stringify, parse = JSON.parse, validate, atMostOnce, }) {
+    assert(stringify !== undefined);
+    assert(parse !== undefined);
+    assert(atMostOnce !== undefined);
     const result = await reboot_native.atLeastOrMostOnce(context.__external, idempotencyAlias, async () => {
-        t = await callable();
+        const t = await callable();
         if (t !== undefined) {
-            if (options.parse === undefined) {
-                throw new Error("Required 'parse' property in 'options' is undefined");
-            }
-            // NOTE: we've decided not to stringify and parse `t` using
-            // `options.parse` now to avoid the extra overhead, but it
-            // might catch some bugs _before_ anything gets persisted and
-            // users may prefer that tradeoff.
-            return JSON.stringify(t);
+            // NOTE: to differentiate `callable` returning `void` (or
+            // explicitly `undefined`) from `stringify` returning an empty
+            // string we use `{ value: stringify(t) }`.
+            const result = { value: stringify(t) };
+            return JSON.stringify(result);
+        }
+        // Fail early if the developer thinks that they have some value
+        // that they want to validate but we got `undefined`.
+        if (validate !== undefined) {
+            throw new Error("Not expecting `validate` as you are returning `void` (or explicitly `undefined`); did you mean to return a value (or if you want to explicitly return the absence of a value use `null`)");
         }
         // NOTE: using the empty string to represent a `callable`
-        // returning void or explicitly `undefined`.
+        // returning `void` (or explicitly `undefined`).
         return "";
-    }, options.atMostOnce);
-    if (t !== undefined) {
-        return t;
-    }
+    }, atMostOnce);
+    // NOTE: we parse and validate `value` every time, even the first
+    // time, so as to catch bugs where the `value` returned from
+    // `callable` might not parse or be valid. We will have already
+    // persisted `result`, so in the event of a bug the developer will
+    // have to change the idempotency alias so that `callable` is
+    // re-executed. These semantics are the same as Python (although
+    // Python uses the `type` keyword argument instead of the
+    // `parse` and `validate` properties we use here).
     assert(result !== undefined);
     if (result !== "") {
-        if (options.parse === undefined) {
-            throw new Error("Required 'parse' property in 'options' is undefined");
+        const { value } = JSON.parse(result);
+        const t = parse(value);
+        if (parse !== JSON.parse) {
+            if (validate === undefined) {
+                // TODO: link to docs about why this is required, when those docs exist.
+                throw new Error("Missing `validate` property");
+            }
+            else if (!validate(t)) {
+                throw new Error("Failed to validate memoized result");
+            }
         }
-        return options.parse(JSON.parse(result));
-    }
-    assert(result === "");
-    // Let end user decide what they want to do with `undefined` if
-    // they specify `options.parse`.
-    if (options.parse !== undefined) {
-        return options.parse(undefined);
+        return t;
     }
-    // Otherwise `callable` must return void (undefined), fall through.
+    // Otherwise `callable` must have returned void (or explicitly
+    // `undefined`), fall through.
 }
-export async function atMostOnce(idempotencyAlias, context, callable, options = { parse: undefined }) {
+export async function atMostOnce(idempotencyAlias, context, callable, options = { validate: undefined }) {
     try {
         return await atLeastOrMostOnce(idempotencyAlias, context, callable, {
             ...options,
@@ -445,13 +466,13 @@ export async function atMostOnce(idempotencyAlias, context, callable, options =
         throw e;
     }
 }
-export async function atLeastOnce(idempotencyAlias, context, callable, options = { parse: undefined }) {
+export async function atLeastOnce(idempotencyAlias, context, callable, options = { validate: undefined }) {
     return atLeastOrMostOnce(idempotencyAlias, context, callable, {
         ...options,
         atMostOnce: false,
     });
 }
-export async function until(idempotencyAlias, context, callable, options = { parse: undefined }) {
+export async function until(idempotencyAlias, context, callable, options = { validate: undefined }) {
     // TODO(benh): figure out how to not use `as` type assertions here
     // to appease the TypeScript compiler which otherwise isn't happy
     // with passing on these types.

package/package.json

@@ -3,7 +3,7 @@
     "@bufbuild/protobuf": "1.3.2",
     "@bufbuild/protoplugin": "1.3.2",
     "@bufbuild/protoc-gen-es": "1.3.2",
-    "@reboot-dev/reboot-api": "0.23.0",
+    "@reboot-dev/reboot-api": "0.24.0",
     "chalk": "^4.1.2",
     "node-addon-api": "^7.0.0",
     "node-gyp": ">=10.2.0",
@@ -14,7 +14,7 @@
   },
   "type": "module",
   "name": "@reboot-dev/reboot",
-  "version": "0.23.0",
+  "version": "0.24.0",
   "description": "npm package for Reboot",
   "scripts": {
     "postinstall": "rbt || exit 0",
@@ -54,6 +54,7 @@
     "reboot_native.cc",
     "reboot_native.cjs",
     "reboot_native.d.ts",
+    "secrets",
     "utils",
     "venv.d.ts",
     "venv.js",

package/reboot_native.cc

@@ -534,13 +534,13 @@ class NapiSafeReference {
  public:
   NapiSafeReference(T t)
     : _reference(
-        new Napi::Reference<T>(Napi::Persistent(std::move(t))),
-        NapiReferenceDeleter()) {}
+          new Napi::Reference<T>(Napi::Persistent(std::move(t))),
+          NapiReferenceDeleter()) {}
 
   NapiSafeReference(Napi::Reference<T>&& reference)
     : _reference(
-        new Napi::Reference<T>(std::move(reference)),
-        NapiReferenceDeleter()) {}
+          new Napi::Reference<T>(std::move(reference)),
+          NapiReferenceDeleter()) {}
 
   // Helper for getting the value of the reference. We require a
   // `Napi::Env` to ensure we only try and get the value from within a
@@ -1156,7 +1156,7 @@ py::object make_py_token_verifier(NapiSafeObjectReference js_token_verifier) {
       [](py::object self,
          py::object py_reader_context,
          py::object py_aborted,
-         const std::string& token) {
+         py::object token) {
         py::object py_future =
             py::module::import("asyncio").attr("Future")();
 
@@ -1168,7 +1168,7 @@ py::object make_py_token_verifier(NapiSafeObjectReference js_token_verifier) {
             [js_token_verifier_reference,
              py_reader_context = new py::object(py_reader_context),
              py_aborted = new py::object(py_aborted),
-             token,
+             token = new py::object(token),
              py_future = new py::object(py_future)](Napi::Env env) {
               std::vector<Napi::Value> js_args;
 
@@ -1179,7 +1179,12 @@ py::object make_py_token_verifier(NapiSafeObjectReference js_token_verifier) {
                       py_aborted,
                       "reader"));
 
-              js_args.push_back(Napi::String::New(env, token));
+              if (token->is_none()) {
+                js_args.push_back(env.Undefined());
+              } else {
+                js_args.push_back(
+                    Napi::String::New(env, std::string(py::str(*token))));
+              }
 
               Napi::Object js_token_verifier =
                   js_token_verifier_reference->Value(env);
@@ -1694,19 +1699,9 @@ Napi::Value Service_call(const Napi::CallbackInfo& info) {
 }
 
 
-Napi::Value Future_await(const Napi::CallbackInfo& info) {
+Napi::Value Task_await(const Napi::CallbackInfo& info) {
   Napi::Object js_args = info[0].As<Napi::Object>();
 
-  // NOTE: we immediately get a safe reference to the `Napi::External`
-  // so that Node will not garbage collect it and the `py::object*` we
-  // get out of it will remain valid.
-  auto js_external_service = NapiSafeReference(
-      js_args.Get("external").As<Napi::External<py::object>>());
-
-  // CHECK(js_external_service.CheckTypeTag(...));
-
-  py::object* py_service = js_external_service.Value(info.Env()).Data();
-
   // NOTE: we immediately get a safe reference to the `Napi::External`
   // so that Node will not garbage collect it and the `py::object*` we
   // get out of it will remain valid.
@@ -1718,6 +1713,10 @@ Napi::Value Future_await(const Napi::CallbackInfo& info) {
   py::object* py_context =
       js_external_context.Value(info.Env()).Data();
 
+  std::string rbt_module = js_args.Get("rbtModule").As<Napi::String>();
+
+  std::string state_name = js_args.Get("stateName").As<Napi::String>();
+
   std::string method = js_args.Get("method").As<Napi::String>();
 
   std::string json_task_id = js_args.Get("jsonTaskId").As<Napi::String>();
@@ -1727,9 +1726,9 @@ Napi::Value Future_await(const Napi::CallbackInfo& info) {
   auto promise = deferred->Promise();
 
   adaptor->ScheduleCallbackOnPythonEventLoop(
-      [js_external_service, // Ensures `py_service` remains valid.
-       py_service,
-       method,
+      [rbt_module = std::move(rbt_module),
+       state_name = std::move(state_name),
+       method = std::move(method),
        // Ensures `py_context` remains valid.
        js_external_context,
        py_context,
@@ -1738,12 +1737,16 @@ Napi::Value Future_await(const Napi::CallbackInfo& info) {
         py::object py_task =
             py::module::import("reboot.nodejs.python")
                 .attr("create_task_with_context")(
-                    py_service->attr("_future_await")(
-                        method,
-                        py_context,
-                        json_task_id),
+                    py::module::import("reboot.nodejs.python")
+                        .attr("task_await")(
+                            py_context,
+                            py::module::import(rbt_module.c_str())
+                                .attr(state_name.c_str()),
+                            method,
+                            json_task_id),
                     py_context,
-                    "name"_a = ("servicer._future_await(\""
+                    "name"_a = ("reboot.nodejs.python.task_await(\""
+                                + state_name + "\", \""
                                 + method + "\", ...) in nodejs")
                                    .c_str());
         py_task.attr("add_done_callback")(py::cpp_function(
@@ -2200,6 +2203,26 @@ Napi::Value Context_iteration(const Napi::CallbackInfo& info) {
 }
 
 
+Napi::Value Context_cookie(const Napi::CallbackInfo& info) {
+  Napi::External<py::object> js_external_context =
+      info[0].As<Napi::External<py::object>>();
+
+  // CHECK(...CheckTypeTag(...));
+
+  py::object* py_context = js_external_context.Data();
+
+  std::promise<std::string> promise;
+
+  adaptor->ScheduleCallbackOnPythonEventLoop(
+      [py_context, &promise]() {
+        py::str cookie = py_context->attr("cookie");
+        promise.set_value(std::string(cookie));
+      });
+
+  return Napi::String::New(info.Env(), promise.get_future().get());
+}
+
+
 Napi::Value Context_generateIdempotentStateId(const Napi::CallbackInfo& info) {
   // NOTE: we immediately get a safe reference to the `Napi::External`
   // so that Node will not garbage collect it and the `py::object*` we
@@ -2874,6 +2897,10 @@ Napi::Object Init(Napi::Env env, Napi::Object exports) {
       Napi::String::New(env, "Context_iteration"),
       Napi::Function::New<Context_iteration>(env));
 
+  exports.Set(
+      Napi::String::New(env, "Context_cookie"),
+      Napi::Function::New<Context_cookie>(env));
+
   exports.Set(
       Napi::String::New(env, "Context_generateIdempotentStateId"),
       Napi::Function::New<Context_generateIdempotentStateId>(env));
@@ -2891,8 +2918,8 @@ Napi::Object Init(Napi::Env env, Napi::Object exports) {
       Napi::Function::New<atLeastOrMostOnce>(env));
 
   exports.Set(
-      Napi::String::New(env, "Future_await"),
-      Napi::Function::New<Future_await>(env));
+      Napi::String::New(env, "Task_await"),
+      Napi::Function::New<Task_await>(env));
 
   exports.Set(
       Napi::String::New(env, "ExternalContext_constructor"),

package/reboot_native.cjs

@@ -52,7 +52,7 @@ process.dlopen(
 exports.python3Path = reboot_native.exports.python3Path;
 exports.Service_constructor = reboot_native.exports.Service_constructor;
 exports.Service_call = reboot_native.exports.Service_call;
-exports.Future_await = reboot_native.exports.Future_await;
+exports.Task_await = reboot_native.exports.Task_await;
 exports.ExternalContext_constructor =
   reboot_native.exports.ExternalContext_constructor;
 exports.Application_constructor = reboot_native.exports.Application_constructor;
@@ -67,6 +67,7 @@ exports.Reboot_down = reboot_native.exports.Reboot_down;
 exports.Reboot_url = reboot_native.exports.Reboot_url;
 exports.Context_auth = reboot_native.exports.Context_auth;
 exports.Context_stateId = reboot_native.exports.Context_stateId;
+exports.Context_cookie = reboot_native.exports.Context_cookie;
 exports.Context_iteration = reboot_native.exports.Context_iteration;
 exports.Context_generateIdempotentStateId =
   reboot_native.exports.Context_generateIdempotentStateId;

package/reboot_native.d.ts

@@ -31,9 +31,10 @@ interface Service_callProps {
   jsonRequest: string;
 }
 
-interface Future_awaitProps {
-  external: NapiExternal;
+interface Task_awaitProps {
   context: Context | ExternalContext;
+  rbtModule: string;
+  stateName: string;
   method: string;
   jsonTaskId: string;
 }
@@ -41,7 +42,7 @@ interface Future_awaitProps {
 export namespace rbt_native {
   function Service_constructor(props: Service_constructorProps): NapiExternal;
   function Service_call(props: Service_callProps): string;
-  function Future_await(props: Future_awaitProps): string;
+  function Task_await(props: Task_awaitProps): string;
   function ExternalContext_constructor(
     name: string,
     url: string,

package/secrets/index.d.ts

@@ -0,0 +1,37 @@
+export declare const ENVVAR_RBT_SECRETS_DIRECTORY = "RBT_SECRETS_DIRECTORY";
+declare abstract class SecretSource {
+    abstract get(secretName: string): Promise<Buffer>;
+}
+export declare class Secrets {
+    private static _staticSecretSource;
+    private _secretCache;
+    private _secretSource;
+    constructor();
+    static setSecretSource(secretSource: SecretSource | null): void;
+    get secretSource(): SecretSource;
+    get(secretName: string, { ttlSecs }?: {
+        ttlSecs?: number;
+    }): Promise<Buffer>;
+}
+export declare class SecretNotFoundException extends Error {
+    constructor(message: string);
+}
+export declare class DirectorySecretSource extends SecretSource {
+    directory: string;
+    constructor(directory: string);
+    get(secretName: string): Promise<Buffer>;
+}
+export declare class EnvironmentSecretSource extends SecretSource {
+    ENVIRONMENT_VARIABLE_PREFIX: string;
+    get(secretName: string): Promise<Buffer>;
+}
+export declare class MockSecretSource extends SecretSource {
+    secrets: {
+        [key: string]: Buffer;
+    };
+    constructor(secrets: {
+        [key: string]: Buffer;
+    });
+    get(secretName: string): Promise<Buffer>;
+}
+export {};

package/secrets/index.js

@@ -0,0 +1,96 @@
+import * as path from "path";
+import { promises as fs } from "fs";
+export const ENVVAR_RBT_SECRETS_DIRECTORY = "RBT_SECRETS_DIRECTORY";
+class SecretSource {
+}
+export class Secrets {
+    constructor() {
+        this._secretCache = {};
+        if (Secrets._staticSecretSource) {
+            this._secretSource = Secrets._staticSecretSource;
+            return;
+        }
+        const secretsDirectory = process.env[ENVVAR_RBT_SECRETS_DIRECTORY];
+        if (secretsDirectory) {
+            this._secretSource = new DirectorySecretSource(path.resolve(secretsDirectory));
+        }
+        else {
+            this._secretSource = new EnvironmentSecretSource();
+        }
+    }
+    static setSecretSource(secretSource) {
+        Secrets._staticSecretSource = secretSource;
+    }
+    get secretSource() {
+        return this._secretSource;
+    }
+    async get(secretName, { ttlSecs = 15.0 } = {}) {
+        const now = Date.now();
+        const cachedSecret = this._secretCache[secretName];
+        if (cachedSecret && cachedSecret.cachedAt + ttlSecs > now) {
+            return cachedSecret.value;
+        }
+        const value = await this._secretSource.get(secretName);
+        this._secretCache[secretName] = new _CachedSecret(value, now);
+        return value;
+    }
+}
+Secrets._staticSecretSource = null;
+export class SecretNotFoundException extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "SecretNotFoundException";
+    }
+}
+export class DirectorySecretSource extends SecretSource {
+    constructor(directory) {
+        super();
+        this.directory = directory;
+    }
+    async get(secretName) {
+        const secretPath = path.join(this.directory, secretName);
+        try {
+            return await fs.readFile(secretPath);
+        }
+        catch (error) {
+            if (error.code === "ENOENT") {
+                throw new SecretNotFoundException(`No secret is stored for secretName=${secretName} (at \`${secretPath}\`).`);
+            }
+            throw error;
+        }
+    }
+}
+export class EnvironmentSecretSource extends SecretSource {
+    constructor() {
+        super(...arguments);
+        this.ENVIRONMENT_VARIABLE_PREFIX = "RBT_SECRET_";
+    }
+    async get(secretName) {
+        const environmentVariableName = `${this.ENVIRONMENT_VARIABLE_PREFIX}${secretName.toUpperCase().replace(/-/g, "_")}`;
+        const value = process.env[environmentVariableName];
+        if (value === undefined) {
+            throw new SecretNotFoundException(`No environment variable was set for secretName=${secretName}; ` +
+                `expected \`${environmentVariableName}\` to be set`);
+        }
+        return Buffer.from(value);
+    }
+}
+export class MockSecretSource extends SecretSource {
+    constructor(secrets) {
+        super();
+        this.secrets = secrets;
+    }
+    async get(secretName) {
+        const value = this.secrets[secretName];
+        if (value === undefined) {
+            throw new SecretNotFoundException(`No mock secret was stored for secretName=${secretName}.`);
+        }
+        return value;
+    }
+}
+class _CachedSecret {
+    constructor(value, cachedAt) {
+        this.value = value;
+        this.cachedAt = cachedAt;
+    }
+}

package/version.d.ts

@@ -1 +1 @@
-export declare const REBOOT_VERSION = "0.23.0";
+export declare const REBOOT_VERSION = "0.24.0";

package/version.js

@@ -1 +1 @@
-export const REBOOT_VERSION = "0.23.0";
+export const REBOOT_VERSION = "0.24.0";