npm - @rstreamlabs/rstream - Versions diffs - 1.1.0 - Mend

@rstreamlabs/rstream 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/index.mjs ADDED Viewed

@@ -0,0 +1,490 @@
+// src/auth-ressource.ts
+import crypto from "crypto";
+import jwt from "jsonwebtoken";
+var RstreamAuthRessource = class {
+  client;
+  constructor(client) {
+    this.client = client;
+  }
+  async createShortTermToken(params, options) {
+    const credentials = options?.credentials || this.client.credentials;
+    if (!credentials || !("clientId" in credentials)) {
+      throw new Error(
+        "Application credentials (client id, client secret) are required to create a short term token."
+      );
+    }
+    const now = Math.floor(Date.now() / 1e3);
+    const exp = now + (params?.expires_in ?? 60);
+    const payload = {
+      iat: now,
+      // Issued at
+      exp,
+      // Expiration time
+      type: "app",
+      clientId: credentials.clientId,
+      metadata: {
+        engine: this.client.engine,
+        permissions: params?.permissions
+      }
+    };
+    const pk = crypto.createPrivateKey({
+      key: Buffer.from(credentials.clientSecret, "hex"),
+      format: "der",
+      type: "pkcs8"
+    });
+    const token = jwt.sign(payload, pk, {
+      algorithm: "ES512"
+    });
+    const result = {
+      token
+    };
+    return result;
+  }
+};
+// src/zod.ts
+import * as z from "zod";
+var StringFilter = z.union([
+  z.string(),
+  z.object({ exact: z.string() }),
+  z.object({ oneof: z.array(z.string()) }),
+  z.object({ regex: z.string() })
+]);
+function transform(field) {
+  if (field instanceof z.ZodOptional) {
+    return transform(field.unwrap()).optional();
+  }
+  if (field instanceof z.ZodString) {
+    return StringFilter.optional();
+  }
+  if (field instanceof z.ZodRecord) {
+    return z.record(field.keySchema, transform(field.valueSchema)).optional();
+  }
+  return field.optional();
+}
+function filters(base) {
+  const entries = Object.entries(base.shape).map(([key, field]) => [
+    key,
+    transform(field)
+  ]);
+  const shape = Object.fromEntries(entries);
+  const node = z.lazy(
+    () => z.union([
+      z.object(shape),
+      z.object({ AND: z.array(node) }),
+      z.object({ OR: z.array(node) })
+    ])
+  );
+  return node;
+}
+function select(base) {
+  const entries = Object.entries(base.shape).map(([key]) => {
+    return [key, z.boolean().optional()];
+  });
+  const shape = Object.fromEntries(entries);
+  return z.object(shape);
+}
+// src/tunnel.ts
+import * as z2 from "zod";
+var tunnelSchema = z2.object({
+  id: z2.string(),
+  client_id: z2.string(),
+  user_id: z2.string(),
+  status: z2.enum(["online", "offline"]),
+  name: z2.string().optional(),
+  protocol: z2.string(),
+  publish: z2.boolean(),
+  labels: z2.record(z2.string().optional()).optional(),
+  host: z2.string().optional(),
+  tls_mode: z2.string(),
+  tls_min_version: z2.string().optional(),
+  mtls: z2.boolean(),
+  token_auth: z2.boolean(),
+  path: z2.string().optional()
+});
+var listTunnelsParamsSchema = z2.object({
+  limit: z2.number().optional(),
+  filters: tunnelSchema.pick({
+    status: true,
+    client_id: true,
+    protocol: true,
+    publish: true,
+    labels: true
+  }).partial().optional()
+});
+var listTunnelsResponseSchema = z2.object({
+  tunnels: z2.array(tunnelSchema)
+});
+// src/auth.ts
+import * as z3 from "zod";
+var createShortTermTokenParamsSchema = z3.object({
+  expires_in: z3.number().default(60),
+  // 1 minute
+  permissions: z3.object({
+    // Permissions for creating a tunnel
+    create: z3.union([
+      z3.boolean(),
+      z3.object({
+        filters: filters(tunnelSchema).optional()
+      })
+    ]).optional(),
+    // Permissions for connecting to a tunnel
+    connect: z3.union([
+      z3.boolean(),
+      z3.object({
+        filters: filters(tunnelSchema).optional()
+      })
+    ]).optional(),
+    // Permissions for listing tunnels
+    list: z3.union([
+      z3.boolean(),
+      z3.object({
+        filters: filters(tunnelSchema).optional(),
+        select: select(tunnelSchema).optional()
+      })
+    ]).optional()
+  }),
+  // Additional metadata
+  metadata: z3.unknown().optional()
+});
+var createShortTermTokenResponseSchema = z3.object({
+  token: z3.string()
+});
+var rstreamAuthPayloadSchema = z3.discriminatedUnion("type", [
+  z3.object({
+    type: z3.literal("pat")
+  }),
+  z3.object({
+    type: z3.literal("app"),
+    clientId: z3.string()
+  })
+]).and(
+  z3.object({
+    metadata: z3.object({
+      engine: z3.string().optional(),
+      permissions: createShortTermTokenParamsSchema.shape.permissions.optional()
+    }).optional()
+  })
+);
+// src/client.ts
+import * as z4 from "zod";
+var clientSchema = z4.object({
+  id: z4.string(),
+  user_id: z4.string(),
+  status: z4.enum(["online", "offline"]),
+  details: z4.object({
+    agent: z4.string().optional(),
+    os: z4.string().optional(),
+    version: z4.string().optional(),
+    protocol_version: z4.string().optional()
+  }).optional(),
+  labels: z4.record(z4.string().optional()).optional()
+});
+var listClientsParamsSchema = z4.object({
+  limit: z4.number().optional(),
+  filters: clientSchema.pick({
+    labels: true
+  }).partial().optional()
+});
+var listClientsResponseSchema = z4.object({
+  clients: z4.array(clientSchema)
+});
+// src/clients-ressource.ts
+var RstreamClientsRessource = class {
+  client;
+  constructor(client) {
+    this.client = client;
+  }
+  async list(params) {
+    const response = await this.client.request(
+      `/clients?params=${encodeURIComponent(JSON.stringify(params))}`,
+      {
+        method: "GET"
+      }
+    );
+    return listClientsResponseSchema.parse(response);
+  }
+  async get(id) {
+    const response = await this.client.request(`/clients/${id}`, {
+      method: "GET"
+    });
+    return clientSchema.parse(response);
+  }
+};
+// src/event.ts
+import * as z5 from "zod";
+var eventSchema = z5.union([
+  z5.object({
+    type: z5.literal("client.created"),
+    object: clientSchema
+  }),
+  z5.object({
+    type: z5.literal("client.updated"),
+    object: clientSchema
+  }),
+  z5.object({
+    type: z5.literal("client.deleted"),
+    object: clientSchema
+  }),
+  z5.object({
+    type: z5.literal("tunnel.created"),
+    object: tunnelSchema
+  }),
+  z5.object({
+    type: z5.literal("tunnel.updated"),
+    object: tunnelSchema
+  }),
+  z5.object({
+    type: z5.literal("tunnel.deleted"),
+    object: tunnelSchema
+  })
+]);
+// src/tunnels-ressource.ts
+var RstreamTunnelsRessource = class {
+  client;
+  constructor(client) {
+    this.client = client;
+  }
+  async list(params) {
+    const response = await this.client.request(
+      `/tunnels?params=${encodeURIComponent(JSON.stringify(params))}`,
+      {
+        method: "GET"
+      }
+    );
+    return listTunnelsResponseSchema.parse(response);
+  }
+  async get(id) {
+    const response = await this.client.request(`/tunnels/${id}`, {
+      method: "GET"
+    });
+    return tunnelSchema.parse(response);
+  }
+};
+// src/webhooks-ressource.ts
+import crypto2 from "crypto";
+var RstreamWebHooksRessource = class {
+  client;
+  constructor(client) {
+    this.client = client;
+  }
+  // Constructs and verifies the signature of an Event from the provided details.
+  async event(payload, header, secret, tolerance = 300, receivedAt = Date.now()) {
+    const payloadBuffer = Buffer.isBuffer(payload) ? payload : Buffer.from(payload);
+    const signatureHeader = Array.isArray(header) ? header[0] : header.toString();
+    if (!signatureHeader) {
+      throw new Error("No signature header");
+    }
+    const elements = signatureHeader.split(",").map((element) => element.trim());
+    let timestamp;
+    const signatures = [];
+    for (const element of elements) {
+      if (element.startsWith("t=")) {
+        timestamp = element.substring(2);
+      } else if (element.startsWith("v1=")) {
+        signatures.push(element.substring(3));
+      }
+    }
+    if (!timestamp || signatures.length === 0) {
+      throw new Error("Invalid signature header format");
+    }
+    const timestampNum = parseInt(timestamp, 10);
+    const now = Math.floor(receivedAt / 1e3);
+    if (Math.abs(now - timestampNum) > tolerance) {
+      throw new Error(
+        `Webhook signature timestamp outside tolerance: ${now}, ${timestampNum}`
+      );
+    }
+    const signedPayload = `${timestamp}.${payloadBuffer.toString("utf8")}`;
+    const expectedSignature = crypto2.createHmac("sha256", secret).update(signedPayload).digest("hex");
+    let signatureMatched = false;
+    for (const signature of signatures) {
+      try {
+        if (crypto2.timingSafeEqual(
+          Buffer.from(signature),
+          Buffer.from(expectedSignature)
+        )) {
+          signatureMatched = true;
+          break;
+        }
+      } catch (error) {
+        console.log("Error comparing signatures:", error);
+        continue;
+      }
+    }
+    if (!signatureMatched) {
+      throw new Error("Signature verification failed");
+    }
+    try {
+      return eventSchema.parse(JSON.parse(payloadBuffer.toString("utf8")));
+    } catch (error) {
+      throw new Error(
+        `Failed to parse webhook payload: ${error instanceof Error ? error.message : String(error)}`
+      );
+    }
+  }
+};
+// src/rstream.ts
+var RstreamClient = class {
+  cfg;
+  constructor(config) {
+    this.cfg = config;
+  }
+  get engine() {
+    return this.cfg?.engine || process.env.RSTREAM_DEFAULT_ENGINE || "engine.rstream.io:443";
+  }
+  get credentials() {
+    if (this.cfg?.credentials && "token" in this.cfg.credentials) {
+      return this.cfg.credentials;
+    }
+    if (process.env.RSTREAM_DEFAULT_AUTHENTICATION_TOKEN) {
+      return {
+        token: process.env.RSTREAM_DEFAULT_AUTHENTICATION_TOKEN
+      };
+    }
+    if (this.cfg?.credentials && "clientId" in this.cfg.credentials) {
+      return this.cfg.credentials;
+    }
+    if (process.env.RSTREAM_DEFAULT_CLIENT_ID && process.env.RSTREAM_DEFAULT_CLIENT_SECRET) {
+      return {
+        clientId: process.env.RSTREAM_DEFAULT_CLIENT_ID,
+        clientSecret: process.env.RSTREAM_DEFAULT_CLIENT_SECRET
+      };
+    }
+    return void 0;
+  }
+  get api() {
+    return `https://${this.engine}/api`;
+  }
+  get auth() {
+    return new RstreamAuthRessource(this);
+  }
+  get clients() {
+    return new RstreamClientsRessource(this);
+  }
+  get tunnels() {
+    return new RstreamTunnelsRessource(this);
+  }
+  get webhooks() {
+    return new RstreamWebHooksRessource(this);
+  }
+  async getToken() {
+    const credentials = this.credentials;
+    if (credentials && "token" in credentials) {
+      return credentials.token;
+    }
+    if (credentials && "clientId" in credentials) {
+      return (await this.auth.createShortTermToken(void 0, {
+        credentials: {
+          clientId: credentials.clientId,
+          clientSecret: credentials.clientSecret
+        }
+      })).token;
+    }
+    return void 0;
+  }
+  async request(path, options) {
+    const url = `${this.api}${path}`;
+    const headers = new Headers(options?.headers || {});
+    const token = await this.getToken();
+    if (token) {
+      headers.set("Authorization", `Bearer ${token}`);
+    }
+    const response = await fetch(url, {
+      ...options,
+      headers
+    });
+    if (!response.ok) {
+      const errorText = await response.text();
+      throw new Error(`HTTP error ${response.status}: ${errorText}`);
+    }
+    return await response.json();
+  }
+};
+// src/watch.ts
+import jwt2 from "jsonwebtoken";
+var Watch = class {
+  connection = null;
+  connectionState = "preparing";
+  config;
+  events;
+  constructor(config, events) {
+    this.config = config;
+    this.events = events;
+  }
+  async connect() {
+    if (this.connectionState !== "preparing") {
+      throw new Error("Watch: Connection already started or closed.");
+    }
+    this.connectionState = "connecting";
+    const token = await this.config.auth.token();
+    const payload = rstreamAuthPayloadSchema.parse(
+      jwt2.decode(token, { complete: false })
+    );
+    const base = `https://${this.config.engine || payload.metadata?.engine || "engine.rstream.io:443"}`;
+    if (this.config.transport === "sse") {
+      const url = new URL(`/api/sse`, base);
+      url.searchParams.set("rstream.token", token);
+      this.connection = new EventSource(url.toString());
+    } else {
+      const url = new URL(`/api/websocket`, base);
+      url.searchParams.set("rstream.token", token);
+      url.protocol = url.protocol === "https:" ? "wss:" : "ws:";
+      this.connection = new WebSocket(url.toString());
+    }
+    this.connection.onopen = () => {
+      this.connectionState = "connected";
+      this.events.onConnect?.();
+    };
+    this.connection.onmessage = (msg) => {
+      const parsed = eventSchema.parse(JSON.parse(msg.data));
+      this.events.onEvent?.(parsed);
+    };
+    this.connection.onerror = () => {
+      if (this.connectionState !== "closed") {
+        this.disconnect();
+      }
+    };
+  }
+  disconnect() {
+    if (this.connection) {
+      this.connection.onerror = null;
+      this.connection.onmessage = null;
+      this.connection.onopen = null;
+      this.connection.close();
+      this.connection = null;
+    }
+    if (this.connectionState !== "closed") {
+      this.connectionState = "closed";
+      this.events.onClose?.();
+    }
+  }
+};
+export {
+  RstreamClient as Rstream,
+  RstreamAuthRessource,
+  RstreamClient,
+  RstreamClientsRessource,
+  RstreamTunnelsRessource,
+  RstreamWebHooksRessource,
+  Watch,
+  clientSchema,
+  createShortTermTokenParamsSchema,
+  createShortTermTokenResponseSchema,
+  eventSchema,
+  listClientsParamsSchema,
+  listClientsResponseSchema,
+  listTunnelsParamsSchema,
+  listTunnelsResponseSchema,
+  rstreamAuthPayloadSchema,
+  tunnelSchema
+};

package/package.json ADDED Viewed

@@ -0,0 +1,37 @@
+{
+  "name": "@rstreamlabs/rstream",
+  "version": "1.1.0",
+  "description": "JS SDK for rstream.",
+  "license": "Apache-2.0",
+  "main": "./dist/index.js",
+  "module": "./dist/index.mjs",
+  "types": "./dist/index.d.ts",
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "scripts": {
+    "build:watch": "tsup --watch",
+    "build": "tsup",
+    "clean": "rm -rf dist",
+    "lint": "eslint \"./**/*.ts*\"",
+    "type-check": "tsc --noEmit"
+  },
+  "devDependencies": {
+    "@turbo/gen": "^2.4.0",
+    "@types/jsonwebtoken": "^9.0.9",
+    "@types/node": "^22",
+    "eslint-config": "*",
+    "eslint": "9.19.0",
+    "tsup": "^8.3.6",
+    "typescript-config": "*",
+    "typescript": "5.7.3"
+  },
+  "dependencies": {
+    "jsonwebtoken": "^9.0.2",
+    "zod": "^3.22.4"
+  },
+  "publishConfig": {
+    "access": "public"
+  }
+}