@sinch/functions-runtime 0.3.1 → 0.3.2

package/dist/bin/sinch-runtime.js

@@ -1,10 +1,10 @@
 #!/usr/bin/env node
 
 // src/bin/sinch-runtime.ts
-import path4 from "path";
+import path5 from "path";
 import { createRequire as createRequire3 } from "module";
 import { pathToFileURL as pathToFileURL2 } from "url";
-import fs3 from "fs";
+import fs4 from "fs";
 
 // ../runtime-shared/dist/ai/connect-agent.js
 var AgentProvider;
@@ -243,11 +243,11 @@ function isVoiceCallback(functionName) {
 function isNotificationEvent(functionName) {
   return NOTIFICATION_EVENTS.includes(functionName);
 }
-function extractFunctionName(path5, body) {
+function extractFunctionName(path6, body) {
   if (body?.event && isVoiceCallback(body.event)) {
     return body.event;
   }
-  const segments = path5.split("/").filter((s) => s && s !== "*");
+  const segments = path6.split("/").filter((s) => s && s !== "*");
   if (segments.length === 1 && isVoiceCallback(segments[0])) {
     return segments[0];
   }
@@ -257,10 +257,10 @@ function generateRequestId() {
   return `req_${Date.now()}_${Math.random().toString(36).substring(7)}`;
 }
 function findFunctionPath() {
-  const fs4 = requireCjs2("fs");
+  const fs5 = requireCjs2("fs");
   const distPath = nodePath.join(process.cwd(), "dist", "function.js");
   const rootPath = nodePath.join(process.cwd(), "function.js");
-  if (fs4.existsSync(distPath)) {
+  if (fs5.existsSync(distPath)) {
     return distPath;
   }
   return rootPath;
@@ -393,7 +393,10 @@ async function handleVoiceCallback(functionName, userFunction, context, callback
   return formatSvamlResponse(result, functionName);
 }
 async function handleCustomEndpoint(functionName, userFunction, context, request, logger) {
-  const handler = userFunction[functionName];
+  let handler = userFunction[functionName];
+  if ((!handler || typeof handler !== "function") && functionName === "default") {
+    handler = userFunction["home"];
+  }
   if (!handler || typeof handler !== "function") {
     throw new Error(`Function '${functionName}' not found in function.js`);
   }
@@ -530,6 +533,67 @@ function setupRequestHandler(app, options = {}) {
 
 // ../runtime-shared/dist/sinch/index.js
 import { SinchClient, validateAuthenticationHeader } from "@sinch/sdk-core";
+function createSinchClients() {
+  const clients = {};
+  const hasCredentials = process.env.PROJECT_ID && process.env.PROJECT_ID_API_KEY && process.env.PROJECT_ID_API_SECRET;
+  if (!hasCredentials) {
+    return clients;
+  }
+  try {
+    const sinchClient = new SinchClient({
+      projectId: process.env.PROJECT_ID,
+      keyId: process.env.PROJECT_ID_API_KEY,
+      keySecret: process.env.PROJECT_ID_API_SECRET
+    });
+    if (process.env.CONVERSATION_APP_ID) {
+      clients.conversation = sinchClient.conversation;
+      console.log("[SINCH] Conversation API initialized");
+    }
+    if (process.env.VOICE_APPLICATION_KEY && process.env.VOICE_APPLICATION_SECRET) {
+      const voiceClient = new SinchClient({
+        projectId: process.env.PROJECT_ID,
+        keyId: process.env.PROJECT_ID_API_KEY,
+        keySecret: process.env.PROJECT_ID_API_SECRET,
+        applicationKey: process.env.VOICE_APPLICATION_KEY,
+        applicationSecret: process.env.VOICE_APPLICATION_SECRET
+      });
+      clients.voice = voiceClient.voice;
+      console.log("[SINCH] Voice API initialized with application credentials");
+    }
+    if (process.env.SMS_SERVICE_PLAN_ID) {
+      clients.sms = sinchClient.sms;
+      console.log("[SINCH] SMS API initialized");
+    }
+    if (process.env.ENABLE_NUMBERS_API === "true") {
+      clients.numbers = sinchClient.numbers;
+      console.log("[SINCH] Numbers API initialized");
+    }
+  } catch (error) {
+    console.error("[SINCH] Failed to initialize Sinch clients:", error.message);
+    return {};
+  }
+  if (process.env.VOICE_APPLICATION_KEY && process.env.VOICE_APPLICATION_SECRET) {
+    clients.validateWebhookSignature = (requestData) => {
+      console.log("[SINCH] Validating Voice webhook signature");
+      try {
+        const result = validateAuthenticationHeader(process.env.VOICE_APPLICATION_KEY, process.env.VOICE_APPLICATION_SECRET, requestData.headers, requestData.body, requestData.path, requestData.method);
+        console.log("[SINCH] Validation result:", result ? "VALID" : "INVALID");
+        return result;
+      } catch (error) {
+        console.error("[SINCH] Validation error:", error.message);
+        return false;
+      }
+    };
+  }
+  return clients;
+}
+var cachedClients = null;
+function getSinchClients() {
+  if (!cachedClients) {
+    cachedClients = createSinchClients();
+  }
+  return cachedClients;
+}
 
 // ../runtime-shared/dist/ai/elevenlabs/state.js
 var ElevenLabsStateManager = class {
@@ -676,6 +740,177 @@ function createCacheClient(_projectId, _functionName) {
   return new LocalCache();
 }
 
+// src/secrets/index.ts
+import fs3 from "fs";
+import path4 from "path";
+import os from "os";
+var SecretsLoader = class {
+  // Same service name as CLI uses
+  SERVICE_NAME = "sinch-functions-cli";
+  username = os.userInfo().username;
+  /**
+   * Load secrets from OS keychain for variables declared in .env
+   * Only loads secrets that have empty values in .env (security best practice)
+   */
+  async loadFromKeychain() {
+    if (process.env.NODE_ENV === "production") {
+      return false;
+    }
+    try {
+      let keytar;
+      try {
+        keytar = await import("keytar");
+      } catch (error) {
+        if (error.code === "MODULE_NOT_FOUND" || error.code === "ERR_MODULE_NOT_FOUND") {
+          console.debug("[Secrets] Keytar not available - secrets not loaded");
+          return false;
+        } else {
+          console.error("[Secrets] Error loading keytar:", error.message);
+        }
+        return false;
+      }
+      const envPath = path4.join(process.cwd(), ".env");
+      if (!fs3.existsSync(envPath)) {
+        console.debug("[Secrets] No .env file found, skipping keychain load");
+        return false;
+      }
+      const envContent = fs3.readFileSync(envPath, "utf8");
+      const envLines = envContent.replace(/\r\n/g, "\n").split("\n");
+      const secretsToLoad = [];
+      envLines.forEach((line) => {
+        const trimmedLine = line.replace(/\r$/, "").trim();
+        if (trimmedLine && !trimmedLine.startsWith("#")) {
+          const equalIndex = trimmedLine.indexOf("=");
+          if (equalIndex !== -1) {
+            const envKey = trimmedLine.substring(0, equalIndex).trim();
+            const envValue = trimmedLine.substring(equalIndex + 1).trim();
+            if (envKey && envValue === "" && !process.env[envKey]) {
+              secretsToLoad.push(envKey);
+            }
+          }
+        }
+      });
+      if (secretsToLoad.length === 0) {
+        console.debug("[Secrets] No empty variables found in .env");
+        return false;
+      }
+      let secretsLoaded = 0;
+      if (secretsToLoad.includes("PROJECT_ID_API_SECRET")) {
+        const apiSecret = await keytar.getPassword(this.SERVICE_NAME, `${this.username}-keySecret`);
+        if (apiSecret) {
+          process.env.PROJECT_ID_API_SECRET = apiSecret;
+          console.log("\u2705 Loaded PROJECT_ID_API_SECRET from secure storage");
+          secretsLoaded++;
+        }
+      }
+      if (secretsToLoad.includes("VOICE_APPLICATION_SECRET")) {
+        const applicationKey = process.env.VOICE_APPLICATION_KEY || this.getApplicationKeyFromConfig();
+        if (applicationKey) {
+          const appSecret = await keytar.getPassword(this.SERVICE_NAME, applicationKey);
+          if (appSecret) {
+            process.env.VOICE_APPLICATION_SECRET = appSecret;
+            console.log("\u2705 Loaded VOICE_APPLICATION_SECRET from secure storage");
+            secretsLoaded++;
+          }
+        }
+      }
+      const functionName = this.getFunctionNameFromConfig();
+      for (const secretName of secretsToLoad) {
+        if (secretName === "PROJECT_ID_API_SECRET" || secretName === "VOICE_APPLICATION_SECRET") {
+          continue;
+        }
+        if (functionName) {
+          const value = await keytar.getPassword(
+            this.SERVICE_NAME,
+            `${functionName}-${secretName}`
+          );
+          if (value) {
+            process.env[secretName] = value;
+            console.log(`\u2705 Loaded ${secretName} from secure storage`);
+            secretsLoaded++;
+          }
+        }
+      }
+      if (secretsLoaded === 0) {
+        console.log("\u2139\uFE0F  No secrets found in secure storage for declared variables");
+        console.log("\u{1F4A1} To configure Sinch auth: sinch auth login");
+        console.log("\u{1F4A1} To add custom secrets: sinch functions secrets add <KEY> <VALUE>");
+      }
+      return secretsLoaded > 0;
+    } catch (error) {
+      console.error("[Secrets] Unexpected error:", error.message);
+      console.log("\u{1F4A1} To manage secrets manually, use: sinch functions secrets");
+      return false;
+    }
+  }
+  /**
+   * Helper to get application key from sinch.json
+   */
+  getApplicationKeyFromConfig() {
+    try {
+      const sinchJsonPath = path4.join(process.cwd(), "sinch.json");
+      if (fs3.existsSync(sinchJsonPath)) {
+        const sinchConfig = JSON.parse(fs3.readFileSync(sinchJsonPath, "utf8"));
+        return sinchConfig.voiceAppId || sinchConfig.applicationKey || null;
+      }
+    } catch (error) {
+      console.debug("[Secrets] Could not read sinch.json:", error.message);
+    }
+    return null;
+  }
+  /**
+   * Helper to get function name from sinch.json
+   */
+  getFunctionNameFromConfig() {
+    try {
+      const sinchJsonPath = path4.join(process.cwd(), "sinch.json");
+      if (fs3.existsSync(sinchJsonPath)) {
+        const sinchConfig = JSON.parse(fs3.readFileSync(sinchJsonPath, "utf8"));
+        return sinchConfig.name || null;
+      }
+    } catch (error) {
+      console.debug("[Secrets] Could not read sinch.json:", error.message);
+    }
+    return null;
+  }
+  /**
+   * Load custom secrets added via 'sinch functions secrets' command
+   */
+  async loadCustomSecrets(secretNames = []) {
+    const secrets = {};
+    try {
+      const keytar = await import("keytar");
+      const functionName = this.getFunctionNameFromConfig();
+      if (!functionName) {
+        console.debug("[Secrets] Could not determine function name for custom secrets");
+        return secrets;
+      }
+      for (const secretName of secretNames) {
+        const value = await keytar.getPassword(this.SERVICE_NAME, `${functionName}-${secretName}`);
+        if (value) {
+          secrets[secretName] = value;
+          process.env[secretName] = value;
+        }
+      }
+    } catch (error) {
+      console.debug("[Secrets] Could not load custom secrets:", error.message);
+    }
+    return secrets;
+  }
+  /**
+   * Check if keytar is available
+   */
+  async isAvailable() {
+    try {
+      await import("keytar");
+      return true;
+    } catch {
+      return false;
+    }
+  }
+};
+var secretsLoader = new SecretsLoader();
+
 // src/tunnel/index.ts
 import WebSocket from "ws";
 import axios from "axios";
@@ -1059,9 +1294,9 @@ var TunnelClient = class {
 // src/bin/sinch-runtime.ts
 var requireCjs3 = createRequire3(import.meta.url);
 function findFunctionPath3() {
-  const distPath = path4.join(process.cwd(), "dist", "function.js");
-  const rootPath = path4.join(process.cwd(), "function.js");
-  if (fs3.existsSync(distPath)) {
+  const distPath = path5.join(process.cwd(), "dist", "function.js");
+  const rootPath = path5.join(process.cwd(), "function.js");
+  if (fs4.existsSync(distPath)) {
     return distPath;
   }
   return rootPath;
@@ -1076,9 +1311,11 @@ function loadRuntimeConfig() {
 function buildLocalContext(req, runtimeConfig) {
   const baseContext = buildBaseContext(req);
   const cache = createCacheClient();
+  const sinchClients = getSinchClients();
   return {
     ...baseContext,
     cache,
+    ...sinchClients,
     env: process.env,
     config: {
       projectId: runtimeConfig.projectId,
@@ -1086,7 +1323,6 @@ function buildLocalContext(req, runtimeConfig) {
       environment: "development",
       variables: process.env
     }
-    // Sinch clients would be added here if SDK is available
   };
 }
 function displayStartupInfo(config, verbose, _port) {
@@ -1105,12 +1341,12 @@ function displayStartupInfo(config, verbose, _port) {
 function displayEnvironmentVariables() {
   console.log("\nEnvironment Variables:");
   try {
-    const envPath = path4.join(process.cwd(), ".env");
-    if (!fs3.existsSync(envPath)) {
+    const envPath = path5.join(process.cwd(), ".env");
+    if (!fs4.existsSync(envPath)) {
       console.log("   (no .env file found)");
       return;
     }
-    const envContent = fs3.readFileSync(envPath, "utf8");
+    const envContent = fs4.readFileSync(envPath, "utf8");
     const envLines = envContent.split("\n");
     const variables = [];
     const secrets = [];
@@ -1170,7 +1406,7 @@ function displayApplicationCredentials() {
 async function displayDetectedFunctions() {
   try {
     const functionPath = findFunctionPath3();
-    if (!fs3.existsSync(functionPath)) return;
+    if (!fs4.existsSync(functionPath)) return;
     const functionUrl = pathToFileURL2(functionPath).href;
     const module = await import(functionUrl);
     const userFunction = module.default || module;
@@ -1196,10 +1432,13 @@ async function main() {
     dotenv.config();
   } catch {
   }
+  await secretsLoader.loadFromKeychain();
   const config = loadRuntimeConfig();
   const staticDir = process.env.STATIC_DIR;
-  const app = createApp({ staticDir });
+  const landingPageEnabled = process.env.LANDING_PAGE_ENABLED !== "false";
+  const app = createApp({ staticDir, landingPageEnabled });
   setupRequestHandler(app, {
+    landingPageEnabled,
     loadUserFunction: async () => {
       const functionPath = findFunctionPath3();
       const functionUrl = pathToFileURL2(functionPath).href;