@signe/room 1.4.2 → 2.0.1

package/src/jwt.ts

@@ -0,0 +1,217 @@
+/**
+ * JWT Authentication Class for Cloudflare Workers
+ * Uses Web Crypto API for JWT signing and verification
+ */
+
+interface JWTOptions {
+    expiresIn?: string | number;
+}
+
+interface JWTHeader {
+    alg: string;
+    typ: string;
+}
+
+interface JWTPayload {
+    [key: string]: unknown;
+    iat?: number;
+    exp?: number;
+}
+
+export class JWTAuth {
+    private secret: string;
+    private encoder: TextEncoder;
+    private decoder: TextDecoder;
+
+    /**
+     * Constructor for the JWTAuth class
+     * @param {string} secret - The secret key used for signing and verifying tokens
+     */
+    constructor(secret: string) {
+        if (!secret || typeof secret !== 'string') {
+            throw new Error('Secret is required and must be a string');
+        }
+        this.secret = secret;
+        this.encoder = new TextEncoder();
+        this.decoder = new TextDecoder();
+    }
+
+    /**
+     * Convert the secret to a CryptoKey for HMAC operations
+     * @returns {Promise<CryptoKey>} - The CryptoKey for HMAC operations
+     */
+    private async getSecretKey(): Promise<CryptoKey> {
+        const keyData: Uint8Array = this.encoder.encode(this.secret);
+        return await crypto.subtle.importKey(
+            'raw', // format
+            keyData, // key data
+            {
+                name: 'HMAC',
+                hash: { name: 'SHA-256' },
+            },
+            false, // extractable
+            ['sign', 'verify'] // key usages
+        );
+    }
+
+    /**
+     * Base64Url encode a buffer
+     * @param {ArrayBuffer} buffer - The buffer to encode
+     * @returns {string} - The base64url encoded string
+     */
+    private base64UrlEncode(buffer: ArrayBuffer): string {
+        const base64: string = btoa(String.fromCharCode(...new Uint8Array(buffer)));
+        return base64.replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_');
+    }
+
+    /**
+     * Base64Url decode a string
+     * @param {string} base64Url - The base64url encoded string
+     * @returns {ArrayBuffer} - The decoded buffer
+     */
+    private base64UrlDecode(base64Url: string) {
+        const padding: string = '='.repeat((4 - (base64Url.length % 4)) % 4);
+        const base64: string = base64Url.replace(/-/g, '+').replace(/_/g, '/') + padding;
+        const rawData: string = atob(base64);
+        const buffer: Uint8Array = new Uint8Array(rawData.length);
+
+        for (let i = 0; i < rawData.length; i++) {
+            buffer[i] = rawData.charCodeAt(i);
+        }
+
+        return buffer.buffer;
+    }
+
+    /**
+     * Sign a payload and create a JWT token
+     * @param {JWTPayload} payload - The payload to include in the token
+     * @param {JWTOptions} [options={}] - Options for the token
+     * @param {string | number} [options.expiresIn='1h'] - Token expiration time
+     * @returns {Promise<string>} - The JWT token
+     */
+    public async sign(payload: JWTPayload, options: JWTOptions = {}): Promise<string> {
+        if (!payload || typeof payload !== 'object') {
+            throw new Error('Payload must be an object');
+        }
+
+        // Set default expiration if not provided
+        const expiresIn: string | number = options.expiresIn || '1h';
+
+        // Calculate expiration time
+        let exp: number | undefined;
+        if (typeof expiresIn === 'number') {
+            exp = Math.floor(Date.now() / 1000) + expiresIn;
+        } else if (typeof expiresIn === 'string') {
+            const match: RegExpMatchArray | null = expiresIn.match(/^(\d+)([smhd])$/);
+            if (match) {
+                const value: number = parseInt(match[1]);
+                const unit: string = match[2];
+                const seconds: number = {
+                    's': value,
+                    'm': value * 60,
+                    'h': value * 60 * 60,
+                    'd': value * 60 * 60 * 24
+                }[unit]!;
+                exp = Math.floor(Date.now() / 1000) + seconds;
+            } else {
+                throw new Error('Invalid expiresIn format. Use a number (seconds) or a string like "1h", "30m", etc.');
+            }
+        }
+
+        // Create full payload with claims
+        const fullPayload: JWTPayload = {
+            ...payload,
+            iat: Math.floor(Date.now() / 1000),
+            exp
+        };
+
+        // Create header
+        const header: JWTHeader = {
+            alg: 'HS256',
+            typ: 'JWT'
+        };
+
+        // Encode header and payload
+        // @ts-expect-error - TS doesn't have a built-in TextEncoder
+        const encodedHeader: string = this.base64UrlEncode(this.encoder.encode(JSON.stringify(header)));
+        //   @ts-expect-error - TS doesn't have a built-in TextEncoder
+        const encodedPayload: string = this.base64UrlEncode(this.encoder.encode(JSON.stringify(fullPayload)));
+
+        // Create signature base
+        const signatureBase: string = `${encodedHeader}.${encodedPayload}`;
+
+        // Get key and sign
+        const key: CryptoKey = await this.getSecretKey();
+        const signature: ArrayBuffer = await crypto.subtle.sign(
+            { name: 'HMAC' },
+            key,
+            this.encoder.encode(signatureBase)
+        );
+
+        // Encode signature and create token
+        const encodedSignature: string = this.base64UrlEncode(signature);
+        return `${signatureBase}.${encodedSignature}`;
+    }
+
+    /**
+     * Verify a JWT token and return the decoded payload
+     * @param {string} token - The JWT token to verify
+     * @returns {Promise<JWTPayload>} - The decoded payload if verification succeeds
+     * @throws {Error} - If verification fails
+     */
+    public async verify(token: string): Promise<JWTPayload> {
+        if (!token || typeof token !== 'string') {
+            throw new Error('Token is required and must be a string');
+        }
+
+        // Split token into parts
+        const parts: string[] = token.split('.');
+        if (parts.length !== 3) {
+            throw new Error('Invalid token format');
+        }
+
+        const [encodedHeader, encodedPayload, encodedSignature] = parts;
+
+        // Decode header and payload
+        try {
+            // @ts-expect-error - TS doesn't have a built-in TextDecoder
+            const header: JWTHeader = JSON.parse(this.decoder.decode(this.base64UrlDecode(encodedHeader)));
+            // @ts-expect-error - TS doesn't have a built-in TextDecoder
+            const payload: JWTPayload = JSON.parse(this.decoder.decode(this.base64UrlDecode(encodedPayload)));
+
+            // Check algorithm
+            if (header.alg !== 'HS256') {
+                throw new Error(`Unsupported algorithm: ${header.alg}`);
+            }
+
+            // Check expiration
+            const now: number = Math.floor(Date.now() / 1000);
+            if (payload.exp && payload.exp < now) {
+                throw new Error('Token has expired');
+            }
+
+            // Verify signature
+            const key: CryptoKey = await this.getSecretKey();
+            const signatureBase: string = `${encodedHeader}.${encodedPayload}`;
+            const signature: ArrayBuffer = this.base64UrlDecode(encodedSignature) as ArrayBuffer;
+
+            const isValid: boolean = await crypto.subtle.verify(
+                { name: 'HMAC' },
+                key,
+                signature,
+                this.encoder.encode(signatureBase)
+            );
+
+            if (!isValid) {
+                throw new Error('Invalid signature');
+            }
+
+            return payload;
+        } catch (error) {
+            if (error instanceof Error) {
+                throw new Error(`Token verification failed: ${error.message}`);
+            }
+            throw new Error('Token verification failed: Unknown error');
+        }
+    }
+}

package/src/mock.ts

@@ -28,18 +28,54 @@ export class MockPartyClient {
     }
 }
 
+class MockLobby {
+  constructor(public server: Server) {}
+
+  socket() {
+    return new MockPartyClient(this.server)
+  }
+}
+
+class MockContext {
+  parties: {
+    main: Map<string, any>
+  } = {
+    main: new Map()
+  }
+
+  constructor(public room: MockPartyRoom, options: any = {}) {
+   const parties = options.parties || {}
+   for (let lobbyId in parties) {
+    this.parties.main.set(lobbyId, new MockLobby(parties[lobbyId](room)))
+   }
+  }
+}
+
+
 class MockPartyRoom {
   clients: Map<string, MockPartyClient> = new Map();
   storage = new Storage();
+  context: MockContext;
   env = {}
 
-  constructor(public id?: string) {
+  constructor(public id?: string, options: any = {}) {
     this.id = id || generateShortUUID()
+    this.context = new MockContext(this, {
+      parties: options.parties || {}
+    })
+    this.env = options.env || {}
   }
 
   async connection(server: Server) {
     const socket = new MockPartyClient(server);
-    await server.onConnect(socket.conn as any, { request: {} } as any);
+    const url = new URL('http://localhost')
+    const request = new Request(url.toString(), {
+      method: 'GET',
+      headers: {
+        'Content-Type': 'application/json'
+      }
+    })
+    await server.onConnect(socket.conn as any, { request } as any);
     this.clients.set(socket.id, socket);
     return socket
   }
@@ -55,7 +91,7 @@ class MockPartyRoom {
   }
 
   getConnections() {
-    return this.clients; 
+    return Array.from(this.clients.values()).map((client) => client.conn); 
   }
 
   clear() {

package/src/request/cors.ts

@@ -0,0 +1,54 @@
+export function cors(res: Response, options: CorsOptions = {}) {
+  const newHeaders = new Headers(res.headers);
+  
+  // Set default CORS headers
+  newHeaders.set('Access-Control-Allow-Origin', options.origin || '*');
+  
+  if (options.credentials) {
+    newHeaders.set('Access-Control-Allow-Credentials', 'true');
+  }
+  
+  if (options.exposedHeaders && options.exposedHeaders.length) {
+    newHeaders.set('Access-Control-Expose-Headers', options.exposedHeaders.join(', '));
+  }
+  
+  // Handle preflight requests
+  if (options.methods && options.methods.length) {
+    newHeaders.set('Access-Control-Allow-Methods', options.methods.join(', '));
+  } else {
+    newHeaders.set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, PATCH, OPTIONS');
+  }
+  
+  if (options.allowedHeaders && options.allowedHeaders.length) {
+    newHeaders.set('Access-Control-Allow-Headers', options.allowedHeaders.join(', '));
+  } else {
+    newHeaders.set('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-Requested-With');
+  }
+  
+  if (options.maxAge) {
+    newHeaders.set('Access-Control-Max-Age', options.maxAge.toString());
+  }
+  
+  return new Response(res.body, {
+    status: res.status,
+    headers: newHeaders
+  });
+}
+
+export interface CorsOptions {
+  origin?: string;
+  methods?: string[];
+  allowedHeaders?: string[];
+  exposedHeaders?: string[];
+  credentials?: boolean;
+  maxAge?: number;
+}
+
+/**
+ * Creates a CORS interceptor with the specified options
+ * @param options CORS configuration options
+ * @returns An interceptor function that can be used with ServerResponse
+ */
+export function createCorsInterceptor(options: CorsOptions = {}): (res: Response) => Response {
+  return (res: Response) => cors(res, options);
+}

package/src/request/response.ts

@@ -0,0 +1,228 @@
+export class ServerResponse {
+    private interceptors: ((res: Response) => Promise<Response> | Response)[];
+    private statusCode: number = 200;
+    private responseBody: any = {};
+    private responseHeaders: Record<string, string> = {
+        'Content-Type': 'application/json'
+    };
+
+    /**
+     * Creates a new ServerResponse instance
+     * @param interceptors Array of interceptor functions that can modify the response
+     */
+    constructor(interceptors: ((res: Response) => Promise<Response> | Response)[] = []) {
+        this.interceptors = interceptors;
+    }
+
+    /**
+     * Sets the status code for the response
+     * @param code HTTP status code
+     * @returns this instance for chaining
+     */
+    status(code: number): ServerResponse {
+        this.statusCode = code;
+        return this;
+    }
+
+    /**
+     * Sets the response body and returns this instance (chainable method)
+     * 
+     * @param body Response body
+     * @returns this instance for chaining
+     */
+    body(body: any): ServerResponse {
+        this.responseBody = body;
+        return this;
+    }
+
+    /**
+     * Adds a header to the response
+     * @param name Header name
+     * @param value Header value
+     * @returns this instance for chaining
+     */
+    header(name: string, value: string): ServerResponse {
+        this.responseHeaders[name] = value;
+        return this;
+    }
+
+    /**
+     * Adds multiple headers to the response
+     * @param headers Object containing headers
+     * @returns this instance for chaining
+     */
+    setHeaders(headers: Record<string, string>): ServerResponse {
+        this.responseHeaders = { ...this.responseHeaders, ...headers };
+        return this;
+    }
+
+    /**
+     * Add an interceptor to the chain
+     * @param interceptor Function that takes a Response and returns a modified Response
+     * @returns this instance for chaining
+     */
+    use(interceptor: (res: Response) => Promise<Response> | Response): ServerResponse {
+        this.interceptors.push(interceptor);
+        return this;
+    }
+
+    /**
+     * Builds and returns the Response object after applying all interceptors
+     * @returns Promise<Response> The final Response object
+     * @private Internal method used by terminal methods
+     */
+    private async buildResponse(): Promise<Response> {
+        // Create initial response
+        let response = new Response(JSON.stringify(this.responseBody), {
+            status: this.statusCode,
+            headers: this.responseHeaders
+        });
+
+        // Apply all interceptors sequentially
+        for (const interceptor of this.interceptors) {
+            try {
+                const interceptedResponse = interceptor(response);
+                if (interceptedResponse instanceof Promise) {
+                    response = await interceptedResponse;
+                } else {
+                    response = interceptedResponse;
+                }
+            } catch (error) {
+                console.error('Error in interceptor:', error);
+                // Continue with the current response if an interceptor fails
+            }
+        }
+
+        return response;
+    }
+
+    /**
+     * Sets the response body to the JSON-stringified version of the provided value
+     * and sends the response (terminal method)
+     * 
+     * @param body Response body to be JSON stringified
+     * @returns Promise<Response> The final Response object
+     */
+    async json(body: any): Promise<Response> {
+        this.responseBody = body;
+        this.responseHeaders['Content-Type'] = 'application/json';
+        return this.buildResponse();
+    }
+
+    /**
+     * Sends the response with the current configuration (terminal method)
+     * 
+     * @param body Optional body to set before sending
+     * @returns Promise<Response> The final Response object
+     */
+    async send(body?: any): Promise<Response> {
+        if (body !== undefined) {
+            this.responseBody = body;
+        }
+        return this.buildResponse();
+    }
+
+    /**
+     * Sends a plain text response (terminal method)
+     * 
+     * @param text Text to send
+     * @returns Promise<Response> The final Response object
+     */
+    async text(text: string): Promise<Response> {
+        this.responseBody = text;
+        this.responseHeaders['Content-Type'] = 'text/plain';
+        
+        // Create a text response without JSON stringifying the body
+        let response = new Response(text, {
+            status: this.statusCode,
+            headers: this.responseHeaders
+        });
+        
+        // Apply interceptors
+        for (const interceptor of this.interceptors) {
+            try {
+                const interceptedResponse = interceptor(response);
+                if (interceptedResponse instanceof Promise) {
+                    response = await interceptedResponse;
+                } else {
+                    response = interceptedResponse;
+                }
+            } catch (error) {
+                console.error('Error in interceptor:', error);
+            }
+        }
+        
+        return response;
+    }
+
+    /**
+     * Redirects to the specified URL (terminal method)
+     * 
+     * @param url URL to redirect to
+     * @param statusCode HTTP status code (default: 302)
+     * @returns Promise<Response> The final Response object
+     */
+    async redirect(url: string, statusCode: number = 302): Promise<Response> {
+        this.statusCode = statusCode;
+        this.responseHeaders['Location'] = url;
+        return this.buildResponse();
+    }
+
+    /**
+     * Creates a success response with status 200
+     * @param body Response body
+     * @returns Promise<Response> The final Response object
+     */
+    async success(body: any = {}): Promise<Response> {
+        return this.status(200).json(body);
+    }
+
+    /**
+     * Creates an error response with status 400
+     * @param message Error message
+     * @param details Additional error details
+     * @returns Promise<Response> The final Response object
+     */
+    async badRequest(message: string, details: any = {}): Promise<Response> {
+        return this.status(400).json({
+            error: message,
+            ...details
+        });
+    }
+
+    /**
+     * Creates an error response with status 403
+     * @param message Error message
+     * @returns Promise<Response> The final Response object
+     */
+    async notPermitted(message: string = "Not permitted"): Promise<Response> {
+        return this.status(403).json({ error: message });
+    }
+
+    /**
+     * Creates an error response with status 401
+     * @param message Error message
+     * @returns Promise<Response> The final Response object
+     */
+    async unauthorized(message: string = "Unauthorized"): Promise<Response> {
+        return this.status(401).json({ error: message });
+    }
+
+    /**
+     * Creates an error response with status 404
+     * @param message Error message
+     * @returns Promise<Response> The final Response object
+     */
+    async notFound(message: string = "Not found"): Promise<Response> {
+        return this.status(404).json({ error: message });
+    }
+
+    /**
+     * Creates an error response with status 500
+     * @param message Error message
+     * @returns Promise<Response> The final Response object
+     */
+    async serverError(message: string = "Internal Server Error"): Promise<Response> {
+        return this.status(500).json({ error: message });
+    }
+}