npm - @supaku/agentfactory-server - Versions diffs - 0.1.2 → 0.3.0 - Mend

@supaku/agentfactory-server 0.1.2 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

package/dist/src/env-validation.d.ts +65 -0
package/dist/src/env-validation.d.ts.map +1 -0
package/dist/src/env-validation.js +134 -0
package/dist/src/index.d.ts +8 -0
package/dist/src/index.d.ts.map +1 -1
package/dist/src/index.js +16 -0
package/dist/src/logger.d.ts +76 -0
package/dist/src/logger.d.ts.map +1 -0
package/dist/src/logger.js +218 -0
package/dist/src/orphan-cleanup.d.ts +64 -0
package/dist/src/orphan-cleanup.d.ts.map +1 -0
package/dist/src/orphan-cleanup.js +335 -0
package/dist/src/pending-prompts.d.ts +67 -0
package/dist/src/pending-prompts.d.ts.map +1 -0
package/dist/src/pending-prompts.js +176 -0
package/dist/src/rate-limit.d.ts +111 -0
package/dist/src/rate-limit.d.ts.map +1 -0
package/dist/src/rate-limit.js +171 -0
package/dist/src/session-hash.d.ts +48 -0
package/dist/src/session-hash.d.ts.map +1 -0
package/dist/src/session-hash.js +80 -0
package/dist/src/token-storage.d.ts +118 -0
package/dist/src/token-storage.d.ts.map +1 -0
package/dist/src/token-storage.js +263 -0
package/dist/src/worker-auth.d.ts +29 -0
package/dist/src/worker-auth.d.ts.map +1 -0
package/dist/src/worker-auth.js +49 -0
package/package.json +3 -3

package/dist/src/worker-auth.d.ts ADDED Viewed

@@ -0,0 +1,29 @@
+/**
+ * Worker Authentication Module
+ *
+ * Framework-agnostic API key verification for worker endpoints.
+ * Workers must include a valid API key in the Authorization header.
+ */
+/**
+ * Extract a Bearer token from an Authorization header value
+ *
+ * @param authHeader - The Authorization header value
+ * @returns The bearer token or null if not a valid Bearer header
+ */
+export declare function extractBearerToken(authHeader: string | null | undefined): string | null;
+/**
+ * Verify an API key against the expected key using timing-safe comparison
+ *
+ * @param providedKey - The API key from the request
+ * @param expectedKey - The expected API key (defaults to WORKER_API_KEY env var)
+ * @returns true if the key is valid
+ */
+export declare function verifyApiKey(providedKey: string, expectedKey?: string): boolean;
+/**
+ * Check if worker auth is configured
+ * (useful for development/testing where auth might be disabled)
+ *
+ * @param envVar - Environment variable name to check (default: WORKER_API_KEY)
+ */
+export declare function isWorkerAuthConfigured(envVar?: string): boolean;
+//# sourceMappingURL=worker-auth.d.ts.map

package/dist/src/worker-auth.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"worker-auth.d.ts","sourceRoot":"","sources":["../../src/worker-auth.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,GAAG,IAAI,CAKvF;AAED;;;;;;GAMG;AACH,wBAAgB,YAAY,CAC1B,WAAW,EAAE,MAAM,EACnB,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAiBT;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,SAAmB,GAAG,OAAO,CAEzE"}

package/dist/src/worker-auth.js ADDED Viewed

@@ -0,0 +1,49 @@
+/**
+ * Worker Authentication Module
+ *
+ * Framework-agnostic API key verification for worker endpoints.
+ * Workers must include a valid API key in the Authorization header.
+ */
+import crypto from 'crypto';
+/**
+ * Extract a Bearer token from an Authorization header value
+ *
+ * @param authHeader - The Authorization header value
+ * @returns The bearer token or null if not a valid Bearer header
+ */
+export function extractBearerToken(authHeader) {
+    if (!authHeader?.startsWith('Bearer ')) {
+        return null;
+    }
+    return authHeader.slice(7);
+}
+/**
+ * Verify an API key against the expected key using timing-safe comparison
+ *
+ * @param providedKey - The API key from the request
+ * @param expectedKey - The expected API key (defaults to WORKER_API_KEY env var)
+ * @returns true if the key is valid
+ */
+export function verifyApiKey(providedKey, expectedKey) {
+    const expected = expectedKey ?? process.env.WORKER_API_KEY;
+    if (!expected) {
+        return false;
+    }
+    // Use timing-safe comparison to prevent timing attacks
+    try {
+        return crypto.timingSafeEqual(Buffer.from(providedKey), Buffer.from(expected));
+    }
+    catch {
+        // Buffers have different lengths
+        return false;
+    }
+}
+/**
+ * Check if worker auth is configured
+ * (useful for development/testing where auth might be disabled)
+ *
+ * @param envVar - Environment variable name to check (default: WORKER_API_KEY)
+ */
+export function isWorkerAuthConfigured(envVar = 'WORKER_API_KEY') {
+    return !!process.env[envVar];
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@supaku/agentfactory-server",
-  "version": "0.1.2",
+  "version": "0.3.0",
   "type": "module",
   "description": "Webhook server and distributed worker pool for AgentFactory — Redis queues, issue locks, session management",
   "author": "Supaku (https://supaku.com)",
@@ -44,8 +44,8 @@
   ],
   "dependencies": {
     "ioredis": "^5.4.2",
-    "@supaku/agentfactory": "0.1.2",
-    "@supaku/agentfactory-linear": "0.1.2"
+    "@supaku/agentfactory": "0.3.0",
+    "@supaku/agentfactory-linear": "0.3.0"
   },
   "devDependencies": {
     "@types/node": "^22.5.4",