@thirdweb-dev/service-utils 0.4.38 → 0.4.39

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/dist/cjs/cf-worker/index.js +155 -0
  2. package/dist/cjs/cf-worker/index.js.map +1 -0
  3. package/dist/cjs/cf-worker/usage.js +55 -0
  4. package/dist/cjs/cf-worker/usage.js.map +1 -0
  5. package/dist/cjs/core/api.js +65 -0
  6. package/dist/cjs/core/api.js.map +1 -0
  7. package/dist/cjs/core/authorize/client.js +115 -0
  8. package/dist/cjs/core/authorize/client.js.map +1 -0
  9. package/dist/cjs/core/authorize/index.js +215 -0
  10. package/dist/cjs/core/authorize/index.js.map +1 -0
  11. package/dist/cjs/core/authorize/service.js +58 -0
  12. package/dist/cjs/core/authorize/service.js.map +1 -0
  13. package/dist/cjs/core/authorize/types.js +3 -0
  14. package/dist/cjs/core/authorize/types.js.map +1 -0
  15. package/dist/cjs/core/rateLimit/index.js +64 -0
  16. package/dist/cjs/core/rateLimit/index.js.map +1 -0
  17. package/dist/cjs/core/rateLimit/types.js +3 -0
  18. package/dist/cjs/core/rateLimit/types.js.map +1 -0
  19. package/dist/cjs/core/services.js +71 -0
  20. package/dist/cjs/core/services.js.map +1 -0
  21. package/dist/cjs/core/types.js +3 -0
  22. package/dist/cjs/core/types.js.map +1 -0
  23. package/dist/cjs/core/usage.js +93 -0
  24. package/dist/cjs/core/usage.js.map +1 -0
  25. package/dist/cjs/core/usageLimit/index.js +45 -0
  26. package/dist/cjs/core/usageLimit/index.js.map +1 -0
  27. package/dist/cjs/core/usageLimit/types.js +3 -0
  28. package/dist/cjs/core/usageLimit/types.js.map +1 -0
  29. package/dist/cjs/index.js +10 -0
  30. package/dist/cjs/index.js.map +1 -0
  31. package/dist/cjs/mocks.js +53 -0
  32. package/dist/cjs/mocks.js.map +1 -0
  33. package/dist/cjs/node/index.js +173 -0
  34. package/dist/cjs/node/index.js.map +1 -0
  35. package/dist/cjs/package.json +1 -0
  36. package/dist/esm/cf-worker/index.js +147 -0
  37. package/dist/esm/cf-worker/index.js.map +1 -0
  38. package/dist/esm/cf-worker/usage.js +54 -0
  39. package/dist/esm/cf-worker/usage.js.map +1 -0
  40. package/dist/esm/core/api.js +60 -0
  41. package/dist/esm/core/api.js.map +1 -0
  42. package/dist/esm/core/authorize/client.js +110 -0
  43. package/dist/esm/core/authorize/client.js.map +1 -0
  44. package/dist/esm/core/authorize/index.js +212 -0
  45. package/dist/esm/core/authorize/index.js.map +1 -0
  46. package/dist/esm/core/authorize/service.js +55 -0
  47. package/dist/esm/core/authorize/service.js.map +1 -0
  48. package/dist/esm/core/authorize/types.js +2 -0
  49. package/dist/esm/core/authorize/types.js.map +1 -0
  50. package/dist/esm/core/rateLimit/index.js +61 -0
  51. package/dist/esm/core/rateLimit/index.js.map +1 -0
  52. package/dist/esm/core/rateLimit/types.js +2 -0
  53. package/dist/esm/core/rateLimit/types.js.map +1 -0
  54. package/dist/esm/core/services.js +67 -0
  55. package/dist/esm/core/services.js.map +1 -0
  56. package/dist/esm/core/types.js +2 -0
  57. package/dist/esm/core/types.js.map +1 -0
  58. package/dist/esm/core/usage.js +90 -0
  59. package/dist/esm/core/usage.js.map +1 -0
  60. package/dist/esm/core/usageLimit/index.js +42 -0
  61. package/dist/esm/core/usageLimit/index.js.map +1 -0
  62. package/dist/esm/core/usageLimit/types.js +2 -0
  63. package/dist/esm/core/usageLimit/types.js.map +1 -0
  64. package/dist/esm/index.js +4 -0
  65. package/dist/esm/index.js.map +1 -0
  66. package/dist/esm/mocks.js +50 -0
  67. package/dist/esm/mocks.js.map +1 -0
  68. package/dist/esm/node/index.js +165 -0
  69. package/dist/esm/node/index.js.map +1 -0
  70. package/dist/esm/package.json +1 -0
  71. package/dist/{declarations/src → types}/cf-worker/index.d.ts +8 -8
  72. package/dist/types/cf-worker/index.d.ts.map +1 -0
  73. package/dist/{declarations/src → types}/cf-worker/usage.d.ts +3 -2
  74. package/dist/types/cf-worker/usage.d.ts.map +1 -0
  75. package/dist/{declarations/src → types}/core/api.d.ts +1 -1
  76. package/dist/types/core/api.d.ts.map +1 -0
  77. package/dist/{declarations/src → types}/core/authorize/client.d.ts +2 -2
  78. package/dist/types/core/authorize/client.d.ts.map +1 -0
  79. package/dist/{declarations/src → types}/core/authorize/index.d.ts +2 -2
  80. package/dist/types/core/authorize/index.d.ts.map +1 -0
  81. package/dist/{declarations/src → types}/core/authorize/service.d.ts +2 -2
  82. package/dist/types/core/authorize/service.d.ts.map +1 -0
  83. package/dist/{declarations/src → types}/core/authorize/types.d.ts +1 -1
  84. package/dist/types/core/authorize/types.d.ts.map +1 -0
  85. package/dist/{declarations/src → types}/core/rateLimit/index.d.ts +3 -3
  86. package/dist/types/core/rateLimit/index.d.ts.map +1 -0
  87. package/dist/types/core/rateLimit/types.d.ts.map +1 -0
  88. package/dist/types/core/services.d.ts.map +1 -0
  89. package/dist/types/core/types.d.ts.map +1 -0
  90. package/dist/{declarations/src → types}/core/usage.d.ts +2 -2
  91. package/dist/types/core/usage.d.ts.map +1 -0
  92. package/dist/types/core/usageLimit/index.d.ts +5 -0
  93. package/dist/types/core/usageLimit/index.d.ts.map +1 -0
  94. package/dist/types/core/usageLimit/types.d.ts.map +1 -0
  95. package/dist/types/index.d.ts +3 -0
  96. package/dist/types/index.d.ts.map +1 -0
  97. package/dist/types/mocks.d.ts +5 -0
  98. package/dist/types/mocks.d.ts.map +1 -0
  99. package/dist/{declarations/src → types}/node/index.d.ts +8 -8
  100. package/dist/types/node/index.d.ts.map +1 -0
  101. package/package.json +36 -29
  102. package/cf-worker/dist/thirdweb-dev-service-utils-cf-worker.cjs.d.ts +0 -2
  103. package/cf-worker/dist/thirdweb-dev-service-utils-cf-worker.cjs.d.ts.map +0 -1
  104. package/cf-worker/dist/thirdweb-dev-service-utils-cf-worker.cjs.dev.js +0 -226
  105. package/cf-worker/dist/thirdweb-dev-service-utils-cf-worker.cjs.js +0 -7
  106. package/cf-worker/dist/thirdweb-dev-service-utils-cf-worker.cjs.prod.js +0 -226
  107. package/cf-worker/dist/thirdweb-dev-service-utils-cf-worker.esm.js +0 -212
  108. package/cf-worker/package.json +0 -4
  109. package/dist/client-8440b8fb.esm.js +0 -195
  110. package/dist/client-84e46164.cjs.prod.js +0 -203
  111. package/dist/client-a5cc5822.cjs.dev.js +0 -203
  112. package/dist/declarations/src/cf-worker/index.d.ts.map +0 -1
  113. package/dist/declarations/src/cf-worker/usage.d.ts.map +0 -1
  114. package/dist/declarations/src/core/api.d.ts.map +0 -1
  115. package/dist/declarations/src/core/authorize/client.d.ts.map +0 -1
  116. package/dist/declarations/src/core/authorize/index.d.ts.map +0 -1
  117. package/dist/declarations/src/core/authorize/service.d.ts.map +0 -1
  118. package/dist/declarations/src/core/authorize/types.d.ts.map +0 -1
  119. package/dist/declarations/src/core/rateLimit/index.d.ts.map +0 -1
  120. package/dist/declarations/src/core/rateLimit/types.d.ts.map +0 -1
  121. package/dist/declarations/src/core/services.d.ts.map +0 -1
  122. package/dist/declarations/src/core/types.d.ts.map +0 -1
  123. package/dist/declarations/src/core/usage.d.ts.map +0 -1
  124. package/dist/declarations/src/core/usageLimit/index.d.ts +0 -5
  125. package/dist/declarations/src/core/usageLimit/index.d.ts.map +0 -1
  126. package/dist/declarations/src/core/usageLimit/types.d.ts.map +0 -1
  127. package/dist/declarations/src/index.d.ts +0 -3
  128. package/dist/declarations/src/index.d.ts.map +0 -1
  129. package/dist/declarations/src/node/index.d.ts.map +0 -1
  130. package/dist/index-23f268d8.cjs.prod.js +0 -540
  131. package/dist/index-5dc16842.esm.js +0 -535
  132. package/dist/index-88f1ffb6.cjs.dev.js +0 -540
  133. package/dist/thirdweb-dev-service-utils.cjs.d.ts +0 -2
  134. package/dist/thirdweb-dev-service-utils.cjs.d.ts.map +0 -1
  135. package/dist/thirdweb-dev-service-utils.cjs.dev.js +0 -14
  136. package/dist/thirdweb-dev-service-utils.cjs.js +0 -7
  137. package/dist/thirdweb-dev-service-utils.cjs.prod.js +0 -14
  138. package/dist/thirdweb-dev-service-utils.esm.js +0 -1
  139. package/node/dist/thirdweb-dev-service-utils-node.cjs.d.ts +0 -2
  140. package/node/dist/thirdweb-dev-service-utils-node.cjs.d.ts.map +0 -1
  141. package/node/dist/thirdweb-dev-service-utils-node.cjs.dev.js +0 -190
  142. package/node/dist/thirdweb-dev-service-utils-node.cjs.js +0 -7
  143. package/node/dist/thirdweb-dev-service-utils-node.cjs.prod.js +0 -190
  144. package/node/dist/thirdweb-dev-service-utils-node.esm.js +0 -176
  145. package/node/package.json +0 -4
  146. /package/dist/{declarations/src → types}/core/rateLimit/types.d.ts +0 -0
  147. /package/dist/{declarations/src → types}/core/services.d.ts +0 -0
  148. /package/dist/{declarations/src → types}/core/types.d.ts +0 -0
  149. /package/dist/{declarations/src → types}/core/usageLimit/types.d.ts +0 -0
@@ -1,190 +0,0 @@
1
- 'use strict';
2
-
3
- Object.defineProperty(exports, '__esModule', { value: true });
4
-
5
- var node_crypto = require('node:crypto');
6
- var index = require('../../dist/index-88f1ffb6.cjs.dev.js');
7
- var client = require('../../dist/client-a5cc5822.cjs.dev.js');
8
- require('zod');
9
-
10
- /**
11
- *
12
- * @param {AuthInput['req']} authInput.req - The incoming request from which information will be pulled from. These information includes (checks are in order and terminates on first match):
13
- * - clientId: Checks header `x-client-id`, search param `clientId`
14
- * - bundleId: Checks header `x-bundle-id`, search param `bundleId`
15
- * - secretKey: Checks header `x-secret-key`
16
- * - origin (the requesting domain): Checks header `origin`, `referer`
17
- * @param {AuthInput['clientId']} authInput.clientId - Overrides any clientId found on the `req` object
18
- * @param {AuthInput['targetAddress']} authInput.targetAddress - Only used in smart wallets to determine if the request is authorized to interact with the target address.
19
- * @param {NodeServiceConfig['enforceAuth']} serviceConfig - Always `true` unless you need to turn auth off. Tells the service whether or not to enforce auth.
20
- * @param {NodeServiceConfig['apiUrl']} serviceConfig.apiUrl - The url of the api server to fetch information for verification. `https://api.thirdweb.com` for production and `https://api.staging.thirdweb.com` for staging
21
- * @param {NodeServiceConfig['serviceApiKey']} serviceConfig.serviceApiKey - secret key to be used authenticate the caller of the api-server. Check the api-server's env variable for the keys.
22
- * @param {NodeServiceConfig['serviceScope']} serviceConfig.serviceScope - The service that we are requesting authorization for. E.g. `relayer`, `rpc`, 'bundler', 'storage' etc.
23
- * @param {NodeServiceConfig['serviceAction']} serviceConfig.serviceAction - Needed when the `serviceScope` is `storage`. Can be either `read` or `write`.
24
- * @param {NodeServiceConfig['useWalletAuth']} serviceConfig.useWalletAuth - If true it pings the `wallet/me` or else, `account/me`. You most likely can leave this as false.
25
- * @returns {AuthorizationResult} authorizationResult - contains if the request is authorized, and information about the account if it is authorized. Otherwise, it contains the error message and status code.
26
- */
27
- async function authorizeNode(authInput, serviceConfig) {
28
- let authData;
29
- try {
30
- authData = extractAuthorizationData(authInput);
31
- } catch (e) {
32
- if (e instanceof Error && e.message === "KEY_CONFLICT") {
33
- return {
34
- authorized: false,
35
- status: 400,
36
- errorMessage: "Please pass either a client id or a secret key.",
37
- errorCode: "KEY_CONFLICT"
38
- };
39
- }
40
- return {
41
- authorized: false,
42
- status: 500,
43
- errorMessage: "Internal Server Error",
44
- errorCode: "INTERNAL_SERVER_ERROR"
45
- };
46
- }
47
- return await index.authorize(authData, serviceConfig);
48
- }
49
- function getHeader(headers, headerName) {
50
- const header = headers[headerName];
51
- if (Array.isArray(header)) {
52
- return header?.[0] ?? null;
53
- }
54
- return header ?? null;
55
- }
56
- function extractAuthorizationData(authInput) {
57
- let requestUrl;
58
- try {
59
- requestUrl = new URL(authInput.req.url || "", `http://${authInput.req.headers.host}`);
60
- } catch (error) {
61
- console.log("** Node URL Error **", error);
62
- throw error;
63
- }
64
- const headers = authInput.req.headers;
65
- const secretKey = getHeader(headers, "x-secret-key");
66
- // prefer clientId that is explicitly passed in
67
- let clientId = authInput.clientId ?? null;
68
- if (!clientId) {
69
- // next preference is clientId from header
70
- clientId = getHeader(headers, "x-client-id");
71
- }
72
-
73
- // next preference is search param
74
- if (!clientId) {
75
- clientId = requestUrl.searchParams.get("clientId");
76
- }
77
- // bundle id from header is first preference
78
- let bundleId = getHeader(headers, "x-bundle-id");
79
-
80
- // next preference is search param
81
- if (!bundleId) {
82
- bundleId = requestUrl.searchParams.get("bundleId");
83
- }
84
- let origin = getHeader(headers, "origin");
85
- // if origin header is not available we'll fall back to referrer;
86
- if (!origin) {
87
- origin = getHeader(headers, "referer");
88
- }
89
- // if we have an origin at this point, normalize it
90
- if (origin) {
91
- try {
92
- origin = new URL(origin).host;
93
- } catch (e) {
94
- console.warn("failed to parse origin", origin, e);
95
- }
96
- }
97
-
98
- // handle if we a secret key is passed in the headers
99
- let secretKeyHash = null;
100
- if (secretKey) {
101
- // hash the secret key
102
- secretKeyHash = hashSecretKey(secretKey);
103
- // derive the client id from the secret key hash
104
- const derivedClientId = deriveClientIdFromSecretKeyHash(secretKeyHash);
105
- // if we already have a client id passed in we need to make sure they match
106
- if (clientId && clientId !== derivedClientId) {
107
- throw new Error("KEY_CONFLICT");
108
- }
109
- // otherwise set the client id to the derived client id (client id based off of secret key)
110
- clientId = derivedClientId;
111
- }
112
- let jwt = null;
113
- let useWalletAuth = null;
114
- // check for authorization header on the request
115
- const authorizationHeader = getHeader(headers, "authorization");
116
- if (authorizationHeader) {
117
- const [type, token] = authorizationHeader.split(" ");
118
- if (type?.toLowerCase() === "bearer" && !!token) {
119
- jwt = token;
120
- const walletAuthHeader = getHeader(headers, "x-authorize-wallet");
121
- // IK a stringified boolean is not ideal, but it's required to pass it in the headers.
122
- if (walletAuthHeader?.toLowerCase() === "true") {
123
- useWalletAuth = walletAuthHeader;
124
- }
125
- }
126
- }
127
- return {
128
- jwt,
129
- hashedJWT: jwt ? hashSecretKey(jwt) : null,
130
- secretKeyHash,
131
- secretKey,
132
- clientId,
133
- origin,
134
- bundleId,
135
- targetAddress: authInput.targetAddress,
136
- useWalletAuth
137
- };
138
- }
139
- function hashSecretKey(secretKey) {
140
- return node_crypto.createHash("sha256").update(secretKey).digest("hex");
141
- }
142
- function deriveClientIdFromSecretKeyHash(secretKeyHash) {
143
- return secretKeyHash.slice(0, 32);
144
- }
145
- function logHttpRequest(_ref) {
146
- let {
147
- clientId,
148
- req,
149
- res,
150
- isAuthed,
151
- statusMessage,
152
- latencyMs
153
- } = _ref;
154
- try {
155
- const authorizationData = extractAuthorizationData({
156
- req,
157
- clientId
158
- });
159
- const headers = req.headers;
160
- console.log(JSON.stringify({
161
- method: req.method,
162
- pathname: req.url,
163
- hasSecretKey: !!authorizationData.secretKey,
164
- hasClientId: !!authorizationData.clientId,
165
- hasJwt: !!authorizationData.jwt,
166
- clientId: authorizationData.clientId,
167
- isAuthed,
168
- status: res.statusCode,
169
- statusMessage,
170
- sdkName: headers["x-sdk-name"] ?? undefined,
171
- sdkVersion: headers["x-sdk-version"] ?? undefined,
172
- platform: headers["x-sdk-platform"] ?? undefined,
173
- os: headers["x-sdk-os"] ?? undefined,
174
- latencyMs
175
- }));
176
- } catch (err) {}
177
- }
178
-
179
- exports.rateLimit = index.rateLimit;
180
- exports.usageEventSchema = index.usageEventSchema;
181
- exports.usageLimit = index.usageLimit;
182
- exports.SERVICES = client.SERVICES;
183
- exports.SERVICE_DEFINITIONS = client.SERVICE_DEFINITIONS;
184
- exports.SERVICE_NAMES = client.SERVICE_NAMES;
185
- exports.getServiceByName = client.getServiceByName;
186
- exports.authorizeNode = authorizeNode;
187
- exports.deriveClientIdFromSecretKeyHash = deriveClientIdFromSecretKeyHash;
188
- exports.extractAuthorizationData = extractAuthorizationData;
189
- exports.hashSecretKey = hashSecretKey;
190
- exports.logHttpRequest = logHttpRequest;
@@ -1,7 +0,0 @@
1
- 'use strict';
2
-
3
- if (process.env.NODE_ENV === "production") {
4
- module.exports = require("./thirdweb-dev-service-utils-node.cjs.prod.js");
5
- } else {
6
- module.exports = require("./thirdweb-dev-service-utils-node.cjs.dev.js");
7
- }
@@ -1,190 +0,0 @@
1
- 'use strict';
2
-
3
- Object.defineProperty(exports, '__esModule', { value: true });
4
-
5
- var node_crypto = require('node:crypto');
6
- var index = require('../../dist/index-23f268d8.cjs.prod.js');
7
- var client = require('../../dist/client-84e46164.cjs.prod.js');
8
- require('zod');
9
-
10
- /**
11
- *
12
- * @param {AuthInput['req']} authInput.req - The incoming request from which information will be pulled from. These information includes (checks are in order and terminates on first match):
13
- * - clientId: Checks header `x-client-id`, search param `clientId`
14
- * - bundleId: Checks header `x-bundle-id`, search param `bundleId`
15
- * - secretKey: Checks header `x-secret-key`
16
- * - origin (the requesting domain): Checks header `origin`, `referer`
17
- * @param {AuthInput['clientId']} authInput.clientId - Overrides any clientId found on the `req` object
18
- * @param {AuthInput['targetAddress']} authInput.targetAddress - Only used in smart wallets to determine if the request is authorized to interact with the target address.
19
- * @param {NodeServiceConfig['enforceAuth']} serviceConfig - Always `true` unless you need to turn auth off. Tells the service whether or not to enforce auth.
20
- * @param {NodeServiceConfig['apiUrl']} serviceConfig.apiUrl - The url of the api server to fetch information for verification. `https://api.thirdweb.com` for production and `https://api.staging.thirdweb.com` for staging
21
- * @param {NodeServiceConfig['serviceApiKey']} serviceConfig.serviceApiKey - secret key to be used authenticate the caller of the api-server. Check the api-server's env variable for the keys.
22
- * @param {NodeServiceConfig['serviceScope']} serviceConfig.serviceScope - The service that we are requesting authorization for. E.g. `relayer`, `rpc`, 'bundler', 'storage' etc.
23
- * @param {NodeServiceConfig['serviceAction']} serviceConfig.serviceAction - Needed when the `serviceScope` is `storage`. Can be either `read` or `write`.
24
- * @param {NodeServiceConfig['useWalletAuth']} serviceConfig.useWalletAuth - If true it pings the `wallet/me` or else, `account/me`. You most likely can leave this as false.
25
- * @returns {AuthorizationResult} authorizationResult - contains if the request is authorized, and information about the account if it is authorized. Otherwise, it contains the error message and status code.
26
- */
27
- async function authorizeNode(authInput, serviceConfig) {
28
- let authData;
29
- try {
30
- authData = extractAuthorizationData(authInput);
31
- } catch (e) {
32
- if (e instanceof Error && e.message === "KEY_CONFLICT") {
33
- return {
34
- authorized: false,
35
- status: 400,
36
- errorMessage: "Please pass either a client id or a secret key.",
37
- errorCode: "KEY_CONFLICT"
38
- };
39
- }
40
- return {
41
- authorized: false,
42
- status: 500,
43
- errorMessage: "Internal Server Error",
44
- errorCode: "INTERNAL_SERVER_ERROR"
45
- };
46
- }
47
- return await index.authorize(authData, serviceConfig);
48
- }
49
- function getHeader(headers, headerName) {
50
- const header = headers[headerName];
51
- if (Array.isArray(header)) {
52
- return header?.[0] ?? null;
53
- }
54
- return header ?? null;
55
- }
56
- function extractAuthorizationData(authInput) {
57
- let requestUrl;
58
- try {
59
- requestUrl = new URL(authInput.req.url || "", `http://${authInput.req.headers.host}`);
60
- } catch (error) {
61
- console.log("** Node URL Error **", error);
62
- throw error;
63
- }
64
- const headers = authInput.req.headers;
65
- const secretKey = getHeader(headers, "x-secret-key");
66
- // prefer clientId that is explicitly passed in
67
- let clientId = authInput.clientId ?? null;
68
- if (!clientId) {
69
- // next preference is clientId from header
70
- clientId = getHeader(headers, "x-client-id");
71
- }
72
-
73
- // next preference is search param
74
- if (!clientId) {
75
- clientId = requestUrl.searchParams.get("clientId");
76
- }
77
- // bundle id from header is first preference
78
- let bundleId = getHeader(headers, "x-bundle-id");
79
-
80
- // next preference is search param
81
- if (!bundleId) {
82
- bundleId = requestUrl.searchParams.get("bundleId");
83
- }
84
- let origin = getHeader(headers, "origin");
85
- // if origin header is not available we'll fall back to referrer;
86
- if (!origin) {
87
- origin = getHeader(headers, "referer");
88
- }
89
- // if we have an origin at this point, normalize it
90
- if (origin) {
91
- try {
92
- origin = new URL(origin).host;
93
- } catch (e) {
94
- console.warn("failed to parse origin", origin, e);
95
- }
96
- }
97
-
98
- // handle if we a secret key is passed in the headers
99
- let secretKeyHash = null;
100
- if (secretKey) {
101
- // hash the secret key
102
- secretKeyHash = hashSecretKey(secretKey);
103
- // derive the client id from the secret key hash
104
- const derivedClientId = deriveClientIdFromSecretKeyHash(secretKeyHash);
105
- // if we already have a client id passed in we need to make sure they match
106
- if (clientId && clientId !== derivedClientId) {
107
- throw new Error("KEY_CONFLICT");
108
- }
109
- // otherwise set the client id to the derived client id (client id based off of secret key)
110
- clientId = derivedClientId;
111
- }
112
- let jwt = null;
113
- let useWalletAuth = null;
114
- // check for authorization header on the request
115
- const authorizationHeader = getHeader(headers, "authorization");
116
- if (authorizationHeader) {
117
- const [type, token] = authorizationHeader.split(" ");
118
- if (type?.toLowerCase() === "bearer" && !!token) {
119
- jwt = token;
120
- const walletAuthHeader = getHeader(headers, "x-authorize-wallet");
121
- // IK a stringified boolean is not ideal, but it's required to pass it in the headers.
122
- if (walletAuthHeader?.toLowerCase() === "true") {
123
- useWalletAuth = walletAuthHeader;
124
- }
125
- }
126
- }
127
- return {
128
- jwt,
129
- hashedJWT: jwt ? hashSecretKey(jwt) : null,
130
- secretKeyHash,
131
- secretKey,
132
- clientId,
133
- origin,
134
- bundleId,
135
- targetAddress: authInput.targetAddress,
136
- useWalletAuth
137
- };
138
- }
139
- function hashSecretKey(secretKey) {
140
- return node_crypto.createHash("sha256").update(secretKey).digest("hex");
141
- }
142
- function deriveClientIdFromSecretKeyHash(secretKeyHash) {
143
- return secretKeyHash.slice(0, 32);
144
- }
145
- function logHttpRequest(_ref) {
146
- let {
147
- clientId,
148
- req,
149
- res,
150
- isAuthed,
151
- statusMessage,
152
- latencyMs
153
- } = _ref;
154
- try {
155
- const authorizationData = extractAuthorizationData({
156
- req,
157
- clientId
158
- });
159
- const headers = req.headers;
160
- console.log(JSON.stringify({
161
- method: req.method,
162
- pathname: req.url,
163
- hasSecretKey: !!authorizationData.secretKey,
164
- hasClientId: !!authorizationData.clientId,
165
- hasJwt: !!authorizationData.jwt,
166
- clientId: authorizationData.clientId,
167
- isAuthed,
168
- status: res.statusCode,
169
- statusMessage,
170
- sdkName: headers["x-sdk-name"] ?? undefined,
171
- sdkVersion: headers["x-sdk-version"] ?? undefined,
172
- platform: headers["x-sdk-platform"] ?? undefined,
173
- os: headers["x-sdk-os"] ?? undefined,
174
- latencyMs
175
- }));
176
- } catch (err) {}
177
- }
178
-
179
- exports.rateLimit = index.rateLimit;
180
- exports.usageEventSchema = index.usageEventSchema;
181
- exports.usageLimit = index.usageLimit;
182
- exports.SERVICES = client.SERVICES;
183
- exports.SERVICE_DEFINITIONS = client.SERVICE_DEFINITIONS;
184
- exports.SERVICE_NAMES = client.SERVICE_NAMES;
185
- exports.getServiceByName = client.getServiceByName;
186
- exports.authorizeNode = authorizeNode;
187
- exports.deriveClientIdFromSecretKeyHash = deriveClientIdFromSecretKeyHash;
188
- exports.extractAuthorizationData = extractAuthorizationData;
189
- exports.hashSecretKey = hashSecretKey;
190
- exports.logHttpRequest = logHttpRequest;
@@ -1,176 +0,0 @@
1
- import { createHash } from 'node:crypto';
2
- import { a as authorize } from '../../dist/index-5dc16842.esm.js';
3
- export { r as rateLimit, u as usageEventSchema, b as usageLimit } from '../../dist/index-5dc16842.esm.js';
4
- export { d as SERVICES, S as SERVICE_DEFINITIONS, c as SERVICE_NAMES, g as getServiceByName } from '../../dist/client-8440b8fb.esm.js';
5
- import 'zod';
6
-
7
- /**
8
- *
9
- * @param {AuthInput['req']} authInput.req - The incoming request from which information will be pulled from. These information includes (checks are in order and terminates on first match):
10
- * - clientId: Checks header `x-client-id`, search param `clientId`
11
- * - bundleId: Checks header `x-bundle-id`, search param `bundleId`
12
- * - secretKey: Checks header `x-secret-key`
13
- * - origin (the requesting domain): Checks header `origin`, `referer`
14
- * @param {AuthInput['clientId']} authInput.clientId - Overrides any clientId found on the `req` object
15
- * @param {AuthInput['targetAddress']} authInput.targetAddress - Only used in smart wallets to determine if the request is authorized to interact with the target address.
16
- * @param {NodeServiceConfig['enforceAuth']} serviceConfig - Always `true` unless you need to turn auth off. Tells the service whether or not to enforce auth.
17
- * @param {NodeServiceConfig['apiUrl']} serviceConfig.apiUrl - The url of the api server to fetch information for verification. `https://api.thirdweb.com` for production and `https://api.staging.thirdweb.com` for staging
18
- * @param {NodeServiceConfig['serviceApiKey']} serviceConfig.serviceApiKey - secret key to be used authenticate the caller of the api-server. Check the api-server's env variable for the keys.
19
- * @param {NodeServiceConfig['serviceScope']} serviceConfig.serviceScope - The service that we are requesting authorization for. E.g. `relayer`, `rpc`, 'bundler', 'storage' etc.
20
- * @param {NodeServiceConfig['serviceAction']} serviceConfig.serviceAction - Needed when the `serviceScope` is `storage`. Can be either `read` or `write`.
21
- * @param {NodeServiceConfig['useWalletAuth']} serviceConfig.useWalletAuth - If true it pings the `wallet/me` or else, `account/me`. You most likely can leave this as false.
22
- * @returns {AuthorizationResult} authorizationResult - contains if the request is authorized, and information about the account if it is authorized. Otherwise, it contains the error message and status code.
23
- */
24
- async function authorizeNode(authInput, serviceConfig) {
25
- let authData;
26
- try {
27
- authData = extractAuthorizationData(authInput);
28
- } catch (e) {
29
- if (e instanceof Error && e.message === "KEY_CONFLICT") {
30
- return {
31
- authorized: false,
32
- status: 400,
33
- errorMessage: "Please pass either a client id or a secret key.",
34
- errorCode: "KEY_CONFLICT"
35
- };
36
- }
37
- return {
38
- authorized: false,
39
- status: 500,
40
- errorMessage: "Internal Server Error",
41
- errorCode: "INTERNAL_SERVER_ERROR"
42
- };
43
- }
44
- return await authorize(authData, serviceConfig);
45
- }
46
- function getHeader(headers, headerName) {
47
- const header = headers[headerName];
48
- if (Array.isArray(header)) {
49
- return header?.[0] ?? null;
50
- }
51
- return header ?? null;
52
- }
53
- function extractAuthorizationData(authInput) {
54
- let requestUrl;
55
- try {
56
- requestUrl = new URL(authInput.req.url || "", `http://${authInput.req.headers.host}`);
57
- } catch (error) {
58
- console.log("** Node URL Error **", error);
59
- throw error;
60
- }
61
- const headers = authInput.req.headers;
62
- const secretKey = getHeader(headers, "x-secret-key");
63
- // prefer clientId that is explicitly passed in
64
- let clientId = authInput.clientId ?? null;
65
- if (!clientId) {
66
- // next preference is clientId from header
67
- clientId = getHeader(headers, "x-client-id");
68
- }
69
-
70
- // next preference is search param
71
- if (!clientId) {
72
- clientId = requestUrl.searchParams.get("clientId");
73
- }
74
- // bundle id from header is first preference
75
- let bundleId = getHeader(headers, "x-bundle-id");
76
-
77
- // next preference is search param
78
- if (!bundleId) {
79
- bundleId = requestUrl.searchParams.get("bundleId");
80
- }
81
- let origin = getHeader(headers, "origin");
82
- // if origin header is not available we'll fall back to referrer;
83
- if (!origin) {
84
- origin = getHeader(headers, "referer");
85
- }
86
- // if we have an origin at this point, normalize it
87
- if (origin) {
88
- try {
89
- origin = new URL(origin).host;
90
- } catch (e) {
91
- console.warn("failed to parse origin", origin, e);
92
- }
93
- }
94
-
95
- // handle if we a secret key is passed in the headers
96
- let secretKeyHash = null;
97
- if (secretKey) {
98
- // hash the secret key
99
- secretKeyHash = hashSecretKey(secretKey);
100
- // derive the client id from the secret key hash
101
- const derivedClientId = deriveClientIdFromSecretKeyHash(secretKeyHash);
102
- // if we already have a client id passed in we need to make sure they match
103
- if (clientId && clientId !== derivedClientId) {
104
- throw new Error("KEY_CONFLICT");
105
- }
106
- // otherwise set the client id to the derived client id (client id based off of secret key)
107
- clientId = derivedClientId;
108
- }
109
- let jwt = null;
110
- let useWalletAuth = null;
111
- // check for authorization header on the request
112
- const authorizationHeader = getHeader(headers, "authorization");
113
- if (authorizationHeader) {
114
- const [type, token] = authorizationHeader.split(" ");
115
- if (type?.toLowerCase() === "bearer" && !!token) {
116
- jwt = token;
117
- const walletAuthHeader = getHeader(headers, "x-authorize-wallet");
118
- // IK a stringified boolean is not ideal, but it's required to pass it in the headers.
119
- if (walletAuthHeader?.toLowerCase() === "true") {
120
- useWalletAuth = walletAuthHeader;
121
- }
122
- }
123
- }
124
- return {
125
- jwt,
126
- hashedJWT: jwt ? hashSecretKey(jwt) : null,
127
- secretKeyHash,
128
- secretKey,
129
- clientId,
130
- origin,
131
- bundleId,
132
- targetAddress: authInput.targetAddress,
133
- useWalletAuth
134
- };
135
- }
136
- function hashSecretKey(secretKey) {
137
- return createHash("sha256").update(secretKey).digest("hex");
138
- }
139
- function deriveClientIdFromSecretKeyHash(secretKeyHash) {
140
- return secretKeyHash.slice(0, 32);
141
- }
142
- function logHttpRequest(_ref) {
143
- let {
144
- clientId,
145
- req,
146
- res,
147
- isAuthed,
148
- statusMessage,
149
- latencyMs
150
- } = _ref;
151
- try {
152
- const authorizationData = extractAuthorizationData({
153
- req,
154
- clientId
155
- });
156
- const headers = req.headers;
157
- console.log(JSON.stringify({
158
- method: req.method,
159
- pathname: req.url,
160
- hasSecretKey: !!authorizationData.secretKey,
161
- hasClientId: !!authorizationData.clientId,
162
- hasJwt: !!authorizationData.jwt,
163
- clientId: authorizationData.clientId,
164
- isAuthed,
165
- status: res.statusCode,
166
- statusMessage,
167
- sdkName: headers["x-sdk-name"] ?? undefined,
168
- sdkVersion: headers["x-sdk-version"] ?? undefined,
169
- platform: headers["x-sdk-platform"] ?? undefined,
170
- os: headers["x-sdk-os"] ?? undefined,
171
- latencyMs
172
- }));
173
- } catch (err) {}
174
- }
175
-
176
- export { authorizeNode, deriveClientIdFromSecretKeyHash, extractAuthorizationData, hashSecretKey, logHttpRequest };
package/node/package.json DELETED
@@ -1,4 +0,0 @@
1
- {
2
- "main": "dist/thirdweb-dev-service-utils-node.cjs.js",
3
- "module": "dist/thirdweb-dev-service-utils-node.esm.js"
4
- }