@schafevormfenster/rest-commons 0.1.1

package/dist/api-schemas/result.schema.js

@@ -0,0 +1,5 @@
+import { z } from "zod";
+import { OkaySchema } from "./okay.schema";
+export const ResultSchema = OkaySchema.extend({
+    timestamp: z.string().transform((value) => new Date(value).toISOString()),
+});

package/dist/api-schemas/results.schema.d.ts

@@ -0,0 +1,21 @@
+import { z } from "zod";
+export declare const ResultsSchema: z.ZodObject<{
+    status: z.ZodNumber;
+    message: z.ZodOptional<z.ZodString>;
+} & {
+    timestamp: z.ZodEffects<z.ZodString, string, string>;
+} & {
+    results: z.ZodNumber;
+}, "strict", z.ZodTypeAny, {
+    status: number;
+    timestamp: string;
+    results: number;
+    message?: string | undefined;
+}, {
+    status: number;
+    timestamp: string;
+    results: number;
+    message?: string | undefined;
+}>;
+export type Results = z.infer<typeof ResultsSchema>;
+//# sourceMappingURL=results.schema.d.ts.map

package/dist/api-schemas/results.schema.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"results.schema.d.ts","sourceRoot":"","sources":["../../src/api-schemas/results.schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAIxB,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;EAExB,CAAC;AAEH,MAAM,MAAM,OAAO,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC"}

package/dist/api-schemas/results.schema.js

@@ -0,0 +1,5 @@
+import { z } from "zod";
+import { ResultSchema } from "./result.schema";
+export const ResultsSchema = ResultSchema.extend({
+    results: z.number(),
+});

package/dist/helpers/correlation/get-correlation-id.d.ts

@@ -0,0 +1,7 @@
+export declare function getCorrelationId(request: {
+    headers?: Headers | {
+        get?: (name: string) => string | null;
+        [key: string]: unknown;
+    };
+}): string;
+//# sourceMappingURL=get-correlation-id.d.ts.map

package/dist/helpers/correlation/get-correlation-id.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-correlation-id.d.ts","sourceRoot":"","sources":["../../../src/helpers/correlation/get-correlation-id.ts"],"names":[],"mappings":"AAEA,wBAAgB,gBAAgB,CAAC,OAAO,EAAE;IACxC,OAAO,CAAC,EACJ,OAAO,GACP;QAAE,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;QAAC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAC;CACvE,GAAG,MAAM,CAeT"}

package/dist/helpers/correlation/get-correlation-id.js

@@ -0,0 +1,16 @@
+import { getHeader } from "./get-header";
+export function getCorrelationId(request) {
+    const existingId = getHeader(request, "x-correlation-id");
+    if (existingId && typeof existingId === "string" && existingId.length > 0) {
+        return existingId;
+    }
+    // Use crypto for secure random ID generation
+    const bytes = new Uint8Array(8);
+    crypto.getRandomValues(bytes);
+    let randomPart = "";
+    for (const byte of bytes) {
+        randomPart += byte.toString(16).padStart(2, "0");
+    }
+    const timestamp = Date.now().toString(16);
+    return `${timestamp}-${randomPart}`;
+}

package/dist/helpers/correlation/get-header.d.ts

@@ -0,0 +1,7 @@
+export declare function getHeader(request: {
+    headers?: Headers | {
+        get?: (name: string) => string | null;
+        [key: string]: unknown;
+    };
+}, name: string): string | undefined;
+//# sourceMappingURL=get-header.d.ts.map

package/dist/helpers/correlation/get-header.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-header.d.ts","sourceRoot":"","sources":["../../../src/helpers/correlation/get-header.ts"],"names":[],"mappings":"AAAA,wBAAgB,SAAS,CACvB,OAAO,EAAE;IACP,OAAO,CAAC,EACJ,OAAO,GACP;QAAE,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;QAAC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAC;CACvE,EACD,IAAI,EAAE,MAAM,GACX,MAAM,GAAG,SAAS,CAapB"}

package/dist/helpers/correlation/get-header.js

@@ -0,0 +1,11 @@
+export function getHeader(request, name) {
+    const headers = request?.headers;
+    if (!headers)
+        return undefined;
+    if (typeof headers.get === "function") {
+        const v = headers.get(name);
+        return v === null ? undefined : v;
+    }
+    const key = Object.keys(headers).find((k) => k.toLowerCase() === name.toLowerCase());
+    return key ? String(headers[key]) : undefined;
+}

package/dist/helpers/detect-mime-type.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Detect MIME type from file magic bytes (file signature)
+ *
+ * This function performs magic byte detection to determine the actual
+ * file type regardless of file extension or Content-Type header.
+ *
+ * @param buffer - File content as Buffer
+ * @returns Detected MIME type or undefined if unknown
+ */
+export declare function detectMimeType(buffer: Buffer): string | undefined;
+//# sourceMappingURL=detect-mime-type.d.ts.map

package/dist/helpers/detect-mime-type.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"detect-mime-type.d.ts","sourceRoot":"","sources":["../../src/helpers/detect-mime-type.ts"],"names":[],"mappings":"AAKA;;;;;;;;GAQG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CA+BjE"}

package/dist/helpers/detect-mime-type.js

@@ -0,0 +1,40 @@
+import { detectImageMimeType } from "./mime-types/detect-image-mime-type";
+import { detectOleMimeType } from "./mime-types/detect-ole-mime-type";
+import { detectPdfMimeType } from "./mime-types/detect-pdf-mime-type";
+import { detectZipMimeType } from "./mime-types/detect-zip-mime-type";
+/**
+ * Detect MIME type from file magic bytes (file signature)
+ *
+ * This function performs magic byte detection to determine the actual
+ * file type regardless of file extension or Content-Type header.
+ *
+ * @param buffer - File content as Buffer
+ * @returns Detected MIME type or undefined if unknown
+ */
+export function detectMimeType(buffer) {
+    if (!buffer || buffer.length < 4) {
+        return undefined;
+    }
+    // Check for image formats
+    const imageType = detectImageMimeType(buffer);
+    if (imageType) {
+        return imageType;
+    }
+    // Check for document formats
+    // PDF
+    const pdfType = detectPdfMimeType(buffer);
+    if (pdfType) {
+        return pdfType;
+    }
+    // ZIP-based formats (DOCX, PPTX)
+    const zipType = detectZipMimeType(buffer);
+    if (zipType) {
+        return zipType;
+    }
+    // MS Office OLE2 formats (DOC, PPT)
+    const oleType = detectOleMimeType(buffer);
+    if (oleType) {
+        return oleType;
+    }
+    return undefined;
+}

package/dist/helpers/detect-suspicious-patterns.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Detect suspicious patterns from a request body without logging or exposing the content.
+ * Returns a list of pattern identifiers suitable for security logging.
+ *
+ * This helper is intentionally conservative and only flags common patterns.
+ */
+export declare function detectSuspiciousPatternsFromBody(body: unknown): string[];
+//# sourceMappingURL=detect-suspicious-patterns.d.ts.map

package/dist/helpers/detect-suspicious-patterns.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"detect-suspicious-patterns.d.ts","sourceRoot":"","sources":["../../src/helpers/detect-suspicious-patterns.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,wBAAgB,gCAAgC,CAAC,IAAI,EAAE,OAAO,GAAG,MAAM,EAAE,CAkDxE"}

package/dist/helpers/detect-suspicious-patterns.js

@@ -0,0 +1,55 @@
+/**
+ * Detect suspicious patterns from a request body without logging or exposing the content.
+ * Returns a list of pattern identifiers suitable for security logging.
+ *
+ * This helper is intentionally conservative and only flags common patterns.
+ */
+export function detectSuspiciousPatternsFromBody(body) {
+    const patterns = [];
+    const checkString = (s) => {
+        const lower = s.toLowerCase();
+        // XSS/HTML injection indicators
+        if (lower.includes("<script"))
+            patterns.push("html.script_tag");
+        // Basic SQLi strings
+        if (lower.includes("union select"))
+            patterns.push("sql.union_select");
+        if (lower.includes("drop table"))
+            patterns.push("sql.drop_table");
+        // Prompt injection style phrases
+        if (lower.includes("ignore previous") ||
+            lower.includes("disregard previous")) {
+            patterns.push("prompt.injection.language");
+        }
+        // Embedded external URLs (often used in attacks/phishing)
+        if (lower.includes("http://") || lower.includes("https://")) {
+            patterns.push("url.embedded");
+        }
+    };
+    if (typeof body === "string") {
+        checkString(body);
+    }
+    else if (body && typeof body === "object") {
+        const walk = (object, depth = 0) => {
+            if (depth > 2)
+                return; // limit traversal depth
+            for (const v of Object.values(object)) {
+                if (typeof v === "string") {
+                    checkString(v);
+                }
+                else if (Array.isArray(v)) {
+                    for (const x of v.slice(0, 10)) {
+                        if (typeof x === "string") {
+                            checkString(x);
+                        }
+                    }
+                }
+                else if (v && typeof v === "object") {
+                    walk(v, depth + 1);
+                }
+            }
+        };
+        walk(body);
+    }
+    return [...new Set(patterns)];
+}

package/dist/helpers/eventify-constants.types.d.ts

@@ -0,0 +1,32 @@
+/**
+ * Constants for file handling in API endpoints
+ * Defines file size limits
+ */
+/**
+ * Maximum file size in bytes (10 MB)
+ */
+export declare const DEFAULT_MAX_FILE_SIZE: number;
+/**
+ * Allowed image MIME types for image eventification
+ */
+export declare const IMAGE_MIME_TYPES: readonly ["image/jpeg", "image/png", "image/gif", "image/webp"];
+/**
+ * PDF MIME type for PDF image extraction
+ */
+export declare const PDF_MIME_TYPES: readonly ["application/pdf"];
+/**
+ * Combined MIME types for image endpoint (images + PDF)
+ * PDF files are converted to images before processing
+ */
+export declare const IMAGE_ENDPOINT_MIME_TYPES: readonly ["image/jpeg", "image/png", "image/gif", "image/webp", "application/pdf"];
+/**
+ * Allowed document MIME types for document eventification
+ * Supports PDF, DOC, DOCX, PPT, PPTX
+ */
+export declare const DOCUMENT_MIME_TYPES: readonly ["application/pdf", "application/msword", "application/vnd.openxmlformats-officedocument.wordprocessingml.document", "application/vnd.ms-powerpoint", "application/vnd.openxmlformats-officedocument.presentationml.presentation"];
+export type ImageMimeType = (typeof IMAGE_MIME_TYPES)[number];
+export type PdfMimeType = (typeof PDF_MIME_TYPES)[number];
+export type ImageEndpointMimeType = (typeof IMAGE_ENDPOINT_MIME_TYPES)[number];
+export type DocumentMimeType = (typeof DOCUMENT_MIME_TYPES)[number];
+export type AllowedMimeType = ImageMimeType | DocumentMimeType | PdfMimeType;
+//# sourceMappingURL=eventify-constants.types.d.ts.map

package/dist/helpers/eventify-constants.types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"eventify-constants.types.d.ts","sourceRoot":"","sources":["../../src/helpers/eventify-constants.types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;GAEG;AACH,eAAO,MAAM,qBAAqB,QAAmB,CAAC;AAEtD;;GAEG;AACH,eAAO,MAAM,gBAAgB,iEAKnB,CAAC;AAEX;;GAEG;AACH,eAAO,MAAM,cAAc,8BAA+B,CAAC;AAE3D;;;GAGG;AACH,eAAO,MAAM,yBAAyB,oFAG5B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,mBAAmB,6OAMtB,CAAC;AAEX,MAAM,MAAM,aAAa,GAAG,CAAC,OAAO,gBAAgB,CAAC,CAAC,MAAM,CAAC,CAAC;AAC9D,MAAM,MAAM,WAAW,GAAG,CAAC,OAAO,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC;AAC1D,MAAM,MAAM,qBAAqB,GAAG,CAAC,OAAO,yBAAyB,CAAC,CAAC,MAAM,CAAC,CAAC;AAC/E,MAAM,MAAM,gBAAgB,GAAG,CAAC,OAAO,mBAAmB,CAAC,CAAC,MAAM,CAAC,CAAC;AACpE,MAAM,MAAM,eAAe,GAAG,aAAa,GAAG,gBAAgB,GAAG,WAAW,CAAC"}

package/dist/helpers/eventify-constants.types.js

@@ -0,0 +1,40 @@
+/**
+ * Constants for file handling in API endpoints
+ * Defines file size limits
+ */
+/**
+ * Maximum file size in bytes (10 MB)
+ */
+export const DEFAULT_MAX_FILE_SIZE = 10 * 1024 * 1024; // 10 MB
+/**
+ * Allowed image MIME types for image eventification
+ */
+export const IMAGE_MIME_TYPES = [
+    'image/jpeg',
+    'image/png',
+    'image/gif',
+    'image/webp',
+];
+/**
+ * PDF MIME type for PDF image extraction
+ */
+export const PDF_MIME_TYPES = ['application/pdf'];
+/**
+ * Combined MIME types for image endpoint (images + PDF)
+ * PDF files are converted to images before processing
+ */
+export const IMAGE_ENDPOINT_MIME_TYPES = [
+    ...IMAGE_MIME_TYPES,
+    ...PDF_MIME_TYPES,
+];
+/**
+ * Allowed document MIME types for document eventification
+ * Supports PDF, DOC, DOCX, PPT, PPTX
+ */
+export const DOCUMENT_MIME_TYPES = [
+    'application/pdf',
+    'application/msword', // DOC
+    'application/vnd.openxmlformats-officedocument.wordprocessingml.document', // DOCX
+    'application/vnd.ms-powerpoint', // PPT
+    'application/vnd.openxmlformats-officedocument.presentationml.presentation', // PPTX
+];

package/dist/helpers/hash-binary.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Computes a deterministic SHA-256 hash from binary data
+ *
+ * Algorithm: SHA-256 (non-reversible cryptographic hash)
+ * Output: Hex-encoded string (64 characters)
+ *
+ * The same binary input will always produce the same hash output,
+ * making it suitable for content-based deduplication and caching.
+ *
+ * @param data Binary data as Buffer or Uint8Array
+ * @returns Hex-encoded SHA-256 hash string (64 characters)
+ *
+ * @example
+ * ```typescript
+ * const fileBytes = Buffer.from('example file content');
+ * const hash = hashBinary(fileBytes);
+ * // hash = "50d858e0985ecc7f60418aaf0cc5ab587f42c2570a884095a9e8ccacd0f6545c"
+ * ```
+ */
+export declare function hashBinary(data: Buffer | Uint8Array): string;
+//# sourceMappingURL=hash-binary.d.ts.map

package/dist/helpers/hash-binary.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash-binary.d.ts","sourceRoot":"","sources":["../../src/helpers/hash-binary.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,MAAM,CAQ5D"}

package/dist/helpers/hash-binary.js

@@ -0,0 +1,28 @@
+import { createHash } from 'node:crypto';
+/**
+ * Computes a deterministic SHA-256 hash from binary data
+ *
+ * Algorithm: SHA-256 (non-reversible cryptographic hash)
+ * Output: Hex-encoded string (64 characters)
+ *
+ * The same binary input will always produce the same hash output,
+ * making it suitable for content-based deduplication and caching.
+ *
+ * @param data Binary data as Buffer or Uint8Array
+ * @returns Hex-encoded SHA-256 hash string (64 characters)
+ *
+ * @example
+ * ```typescript
+ * const fileBytes = Buffer.from('example file content');
+ * const hash = hashBinary(fileBytes);
+ * // hash = "50d858e0985ecc7f60418aaf0cc5ab587f42c2570a884095a9e8ccacd0f6545c"
+ * ```
+ */
+export function hashBinary(data) {
+    // Convert Uint8Array to Buffer if needed
+    const buffer = Buffer.isBuffer(data) ? data : Buffer.from(data);
+    // Compute SHA-256 hash and encode as hex
+    const hash = createHash('sha256');
+    hash.update(buffer);
+    return hash.digest('hex');
+}

package/dist/helpers/mime-types/detect-image-mime-type.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Detect image MIME types from magic bytes
+ */
+export declare function detectImageMimeType(buffer: Buffer): string | undefined;
+//# sourceMappingURL=detect-image-mime-type.d.ts.map

package/dist/helpers/mime-types/detect-image-mime-type.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"detect-image-mime-type.d.ts","sourceRoot":"","sources":["../../../src/helpers/mime-types/detect-image-mime-type.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CA8CtE"}

package/dist/helpers/mime-types/detect-image-mime-type.js

@@ -0,0 +1,41 @@
+/**
+ * Detect image MIME types from magic bytes
+ */
+export function detectImageMimeType(buffer) {
+    if (buffer.length < 4) {
+        return undefined;
+    }
+    // JPEG: FF D8 FF E0
+    if (buffer[0] === 0xFF && buffer[1] === 0xD8 && buffer[2] === 0xFF && buffer[3] === 0xE0) {
+        return "image/jpeg";
+    }
+    // PNG: 89 50 4E 47 0D 0A 1A 0A
+    if (buffer.length >= 8 &&
+        buffer[0] === 0x89 &&
+        buffer[1] === 0x50 &&
+        buffer[2] === 0x4E &&
+        buffer[3] === 0x47 &&
+        buffer[4] === 0x0D &&
+        buffer[5] === 0x0A &&
+        buffer[6] === 0x1A &&
+        buffer[7] === 0x0A) {
+        return "image/png";
+    }
+    // GIF: 47 49 46 (GIF87a or GIF89a)
+    if (buffer[0] === 0x47 && buffer[1] === 0x49 && buffer[2] === 0x46) {
+        return "image/gif";
+    }
+    // WebP: RIFF....WEBP (52 49 46 46 ... 57 45 42 50)
+    if (buffer.length >= 12 &&
+        buffer[0] === 0x52 &&
+        buffer[1] === 0x49 &&
+        buffer[2] === 0x46 &&
+        buffer[3] === 0x46 &&
+        buffer[8] === 0x57 &&
+        buffer[9] === 0x45 &&
+        buffer[10] === 0x42 &&
+        buffer[11] === 0x50) {
+        return "image/webp";
+    }
+    return undefined;
+}

package/dist/helpers/mime-types/detect-ole-mime-type.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Detect OLE2 (legacy Office) formats from magic bytes
+ * Detects DOC, PPT, and XLS files which use OLE2 container format
+ */
+export declare function detectOleMimeType(buffer: Buffer): string | undefined;
+//# sourceMappingURL=detect-ole-mime-type.d.ts.map

package/dist/helpers/mime-types/detect-ole-mime-type.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"detect-ole-mime-type.d.ts","sourceRoot":"","sources":["../../../src/helpers/mime-types/detect-ole-mime-type.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAuCpE"}

package/dist/helpers/mime-types/detect-ole-mime-type.js

@@ -0,0 +1,34 @@
+/**
+ * Detect OLE2 (legacy Office) formats from magic bytes
+ * Detects DOC, PPT, and XLS files which use OLE2 container format
+ */
+export function detectOleMimeType(buffer) {
+    if (buffer.length < 8) {
+        return undefined;
+    }
+    // OLE2 signature: D0 CF 11 E0 A1 B1 1A E1
+    if (!(buffer[0] === 0xD0 &&
+        buffer[1] === 0xCF &&
+        buffer[2] === 0x11 &&
+        buffer[3] === 0xE0 &&
+        buffer[4] === 0xA1 &&
+        buffer[5] === 0xB1 &&
+        buffer[6] === 0x1A &&
+        buffer[7] === 0xE1)) {
+        return undefined;
+    }
+    // If it's OLE2, try to detect Office type by looking for content indicators
+    // Look for "PowerPoint Document" or "Word.Document" in buffer
+    const bufferString = buffer.toString("utf8", 0, Math.min(buffer.length, 1024));
+    if (bufferString.includes("PowerPoint Document")) {
+        return "application/vnd.ms-powerpoint";
+    }
+    if (bufferString.includes("Word.Document") || bufferString.includes("Microsoft Word")) {
+        return "application/msword";
+    }
+    if (bufferString.includes("Workbook") || bufferString.includes("Excel")) {
+        return "application/vnd.ms-excel";
+    }
+    // Default OLE2 MIME type is Word document
+    return "application/msword";
+}

package/dist/helpers/mime-types/detect-pdf-mime-type.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Detect PDF MIME type from magic bytes
+ */
+export declare function detectPdfMimeType(buffer: Buffer): string | undefined;
+//# sourceMappingURL=detect-pdf-mime-type.d.ts.map

package/dist/helpers/mime-types/detect-pdf-mime-type.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"detect-pdf-mime-type.d.ts","sourceRoot":"","sources":["../../../src/helpers/mime-types/detect-pdf-mime-type.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAWpE"}

package/dist/helpers/mime-types/detect-pdf-mime-type.js

@@ -0,0 +1,13 @@
+/**
+ * Detect PDF MIME type from magic bytes
+ */
+export function detectPdfMimeType(buffer) {
+    if (buffer.length < 4) {
+        return undefined;
+    }
+    // PDF: 25 50 44 46 (%PDF)
+    if (buffer[0] === 0x25 && buffer[1] === 0x50 && buffer[2] === 0x44 && buffer[3] === 0x46) {
+        return "application/pdf";
+    }
+    return undefined;
+}

package/dist/helpers/mime-types/detect-zip-mime-type.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Detect ZIP-based Office formats from magic bytes
+ * Detects DOCX, PPTX by checking ZIP signature followed by Office content
+ */
+export declare function detectZipMimeType(buffer: Buffer): string | undefined;
+//# sourceMappingURL=detect-zip-mime-type.d.ts.map

package/dist/helpers/mime-types/detect-zip-mime-type.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"detect-zip-mime-type.d.ts","sourceRoot":"","sources":["../../../src/helpers/mime-types/detect-zip-mime-type.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAuBpE"}

package/dist/helpers/mime-types/detect-zip-mime-type.js

@@ -0,0 +1,23 @@
+/**
+ * Detect ZIP-based Office formats from magic bytes
+ * Detects DOCX, PPTX by checking ZIP signature followed by Office content
+ */
+export function detectZipMimeType(buffer) {
+    if (buffer.length < 4) {
+        return undefined;
+    }
+    // ZIP signature: 50 4B 03 04
+    if (!(buffer[0] === 0x50 && buffer[1] === 0x4B && buffer[2] === 0x03 && buffer[3] === 0x04)) {
+        return undefined;
+    }
+    // If it's a ZIP, check for Office format indicators
+    // Look for word/ or ppt/ in the buffer to distinguish Office formats
+    const bufferString = buffer.toString("utf8", 30, Math.min(buffer.length, 8192)).toLowerCase();
+    if (bufferString.includes("word/")) {
+        return "application/vnd.openxmlformats-officedocument.wordprocessingml.document";
+    }
+    if (bufferString.includes("ppt/")) {
+        return "application/vnd.openxmlformats-officedocument.presentationml.presentation";
+    }
+    return undefined;
+}

package/dist/helpers/parameter-validation.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Validates that a string parameter does not contain suspicious patterns
+ * that could indicate injection attacks or other security threats.
+ */
+export declare function validateNoSuspiciousPatterns(value: string, parameterName: string): string;
+//# sourceMappingURL=parameter-validation.d.ts.map

package/dist/helpers/parameter-validation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"parameter-validation.d.ts","sourceRoot":"","sources":["../../src/helpers/parameter-validation.ts"],"names":[],"mappings":"AAMA;;;GAGG;AACH,wBAAgB,4BAA4B,CAC1C,KAAK,EAAE,MAAM,EACb,aAAa,EAAE,MAAM,GACpB,MAAM,CAkBR"}

package/dist/helpers/parameter-validation.js

@@ -0,0 +1,19 @@
+import { getLogger } from "@schafevormfenster/logging";
+import { detectSuspiciousPatternsFromBody } from "./detect-suspicious-patterns";
+const log = getLogger("rest.helpers.parameter-validation");
+/**
+ * Validates that a string parameter does not contain suspicious patterns
+ * that could indicate injection attacks or other security threats.
+ */
+export function validateNoSuspiciousPatterns(value, parameterName) {
+    const suspiciousPatterns = detectSuspiciousPatternsFromBody(value);
+    if (suspiciousPatterns.length > 0) {
+        log.error({
+            parameterName,
+            suspiciousPatterns,
+            error: `Parameter '${parameterName}' contains suspicious patterns`,
+        }, `Parameter '${parameterName}' contains suspicious patterns: ${suspiciousPatterns.join(", ")}`);
+        throw new Error(`Parameter '${parameterName}' contains suspicious patterns: ${suspiciousPatterns.join(", ")}`);
+    }
+    return value;
+}

package/dist/helpers/parameter-validation.types.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Zod schema for validating location parameter in findbyaddress endpoint.
+ * Checks for minimum length and suspicious patterns.
+ */
+export declare const LocationParameterSchema: any;
+/**
+ * Zod schema for validating slug parameter in community slug endpoint.
+ * Checks for length between 2-150 characters and suspicious patterns.
+ */
+export declare const SlugParameterSchema: any;
+/**
+ * Zod schema for validating ID parameter in community ID endpoint.
+ * Checks that ID contains only numbers and is between 3-20 characters long.
+ */
+export declare const NumericIdParameterSchema: any;
+//# sourceMappingURL=parameter-validation.types.d.ts.map

package/dist/helpers/parameter-validation.types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"parameter-validation.types.d.ts","sourceRoot":"","sources":["../../src/helpers/parameter-validation.types.ts"],"names":[],"mappings":"AAIA;;;GAGG;AACH,eAAO,MAAM,uBAAuB,KAWjC,CAAC;AAEJ;;;GAGG;AACH,eAAO,MAAM,mBAAmB,KAY7B,CAAC;AAEJ;;;GAGG;AACH,eAAO,MAAM,wBAAwB,KAIuB,CAAC"}

package/dist/helpers/parameter-validation.types.js

@@ -0,0 +1,38 @@
+import { z } from "zod";
+import { validateNoSuspiciousPatterns } from "./parameter-validation";
+/**
+ * Zod schema for validating location parameter in findbyaddress endpoint.
+ * Checks for minimum length and suspicious patterns.
+ */
+export const LocationParameterSchema = z
+    .string()
+    .min(2, "Location must be at least 2 characters long")
+    .refine((value) => {
+    validateNoSuspiciousPatterns(value, "location");
+    return true;
+}, {
+    message: "Location parameter contains suspicious patterns that are not allowed",
+});
+/**
+ * Zod schema for validating slug parameter in community slug endpoint.
+ * Checks for length between 2-150 characters and suspicious patterns.
+ */
+export const SlugParameterSchema = z
+    .string()
+    .min(2, "Slug must be at least 2 characters long")
+    .max(150, "Slug must not exceed 150 characters")
+    .refine((value) => {
+    validateNoSuspiciousPatterns(value, "slug");
+    return true;
+}, {
+    message: "Slug parameter contains suspicious patterns that are not allowed",
+});
+/**
+ * Zod schema for validating ID parameter in community ID endpoint.
+ * Checks that ID contains only numbers and is between 3-20 characters long.
+ */
+export const NumericIdParameterSchema = z
+    .string()
+    .min(3, "ID must be at least 3 characters long")
+    .max(20, "ID must not exceed 20 characters")
+    .regex(/^\d+$/, "ID must contain only numeric characters");

package/dist/helpers/response-headers/build-api-unauthorized-headers.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Build a consistent set of headers for unauthorized API responses, including
+ * security headers and correlation id propagation.
+ */
+export declare function buildApiUnauthorizedHeaders(correlationId: string): Record<string, string>;
+//# sourceMappingURL=build-api-unauthorized-headers.d.ts.map

package/dist/helpers/response-headers/build-api-unauthorized-headers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"build-api-unauthorized-headers.d.ts","sourceRoot":"","sources":["../../../src/helpers/response-headers/build-api-unauthorized-headers.ts"],"names":[],"mappings":"AAIA;;;GAGG;AACH,wBAAgB,2BAA2B,CACzC,aAAa,EAAE,MAAM,GACpB,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAmBxB"}

package/dist/helpers/response-headers/build-api-unauthorized-headers.js

@@ -0,0 +1,23 @@
+import { getApiSecurityHeaders } from "@schafevormfenster/security";
+import { resolveEnvironment } from "./resolve-environment";
+/**
+ * Build a consistent set of headers for unauthorized API responses, including
+ * security headers and correlation id propagation.
+ */
+export function buildApiUnauthorizedHeaders(correlationId) {
+    const environment = resolveEnvironment();
+    const securityHeaders = getApiSecurityHeaders({
+        environment,
+        enforceHTTPS: environment !== "development",
+        allowEmbedding: false,
+    });
+    const result = {
+        "content-type": "application/json",
+        "Cache-Control": "no-store",
+        "x-correlation-id": correlationId,
+    };
+    for (const h of securityHeaders) {
+        result[h.key] = h.value;
+    }
+    return result;
+}