npm - @thirdweb-dev/service-utils - Versions diffs - 0.5.0-nightly-0f027069-20230828164852 → 0.5.0-nightly-6cf298a29-20240308012322 - Mend

@thirdweb-dev/service-utils 0.5.0-nightly-0f027069-20230828164852 → 0.5.0-nightly-6cf298a29-20240308012322

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (37) hide show

package/dist/{index-6e0ecc5f.cjs.prod.js → index-62b88cac.cjs.dev.js} RENAMED Viewed

@@ -4,9 +4,12 @@ async function fetchKeyMetadataFromApi(clientId, config) {
   const {
     apiUrl,
     serviceScope,
-    serviceApiKey
+    serviceApiKey,
+    checkPolicy,
+    policyMetadata
   } = config;
-  const url = `${apiUrl}/v1/keys/use?clientId=${clientId}&scope=${serviceScope}`;
+  const policyQuery = checkPolicy && policyMetadata ? `&checkPolicy=true&policyMetadata=${encodeURIComponent(JSON.stringify(policyMetadata))}` : "";
+  const url = `${apiUrl}/v1/keys/use?clientId=${clientId}&scope=${serviceScope}&includeUsage=true${policyQuery}`;
   const response = await fetch(url, {
     method: "GET",
     headers: {
@@ -14,20 +17,20 @@ async function fetchKeyMetadataFromApi(clientId, config) {
       "content-type": "application/json"
     }
   });
-  let json;
+  let text = "";
   try {
-    json = await response.json();
+    text = await response.text();
+    return JSON.parse(text);
   } catch (e) {
-    throw new Error(`Error fetching key metadata from API: ${response.status} - ${response.statusText} - ${await response.text()}`);
+    throw new Error(`Error fetching key metadata from API: ${response.status} - ${text}`);
   }
-  return json;
 }
 async function fetchAccountFromApi(jwt, config, useWalletAuth) {
   const {
     apiUrl,
     serviceApiKey
   } = config;
-  const url = useWalletAuth ? `${apiUrl}/v1/wallet/me` : `${apiUrl}/v1/account/me`;
+  const url = useWalletAuth ? `${apiUrl}/v1/wallet/me?includeUsage=true` : `${apiUrl}/v1/account/me?includeUsage=true`;
   const response = await fetch(url, {
     method: "GET",
     headers: {
@@ -36,13 +39,32 @@ async function fetchAccountFromApi(jwt, config, useWalletAuth) {
       authorization: `Bearer ${jwt}`
     }
   });
-  let json;
+  let text = "";
   try {
-    json = await response.json();
+    text = await response.text();
+    return JSON.parse(text);
   } catch (e) {
-    throw new Error(`Error fetching account from API: ${response.status} - ${response.statusText} - ${await response.text()}`);
+    throw new Error(`Error fetching account from API: ${response.status} - ${text}`);
   }
-  return json;
+}
+async function updateRateLimitedAt(apiKeyId, config) {
+  const {
+    apiUrl,
+    serviceScope: scope,
+    serviceApiKey
+  } = config;
+  const url = `${apiUrl}/usage/rateLimit`;
+  await fetch(url, {
+    method: "PUT",
+    headers: {
+      "x-service-api-key": serviceApiKey,
+      "content-type": "application/json"
+    },
+    body: JSON.stringify({
+      apiKeyId,
+      scope
+    })
+  });
 }
 function authorizeClient(authOptions, apiKeyMeta) {
@@ -63,7 +85,10 @@ function authorizeClient(authOptions, apiKeyMeta) {
       id: apiKeyMeta.accountId,
       // TODO update this later
       name: "",
-      creatorWalletAddress: apiKeyMeta.creatorWalletAddress
+      creatorWalletAddress: apiKeyMeta.creatorWalletAddress,
+      limits: apiKeyMeta.limits,
+      rateLimits: apiKeyMeta.rateLimits,
+      usage: apiKeyMeta.usage
     }
   };
@@ -193,12 +218,15 @@ function authorizeService(apiKeyMetadata, serviceConfig, authorizationPayload) {
   }
   return {
     authorized: true,
+    apiKeyMeta: apiKeyMetadata,
     accountMeta: {
       id: apiKeyMetadata.accountId,
       name: "",
-      creatorWalletAddress: apiKeyMetadata.creatorWalletAddress
-    },
-    apiKeyMeta: apiKeyMetadata
+      creatorWalletAddress: apiKeyMetadata.creatorWalletAddress,
+      limits: apiKeyMetadata.limits,
+      rateLimits: apiKeyMetadata.rateLimits,
+      usage: apiKeyMetadata.usage
+    }
   };
 }
@@ -236,9 +264,9 @@ async function authorize(authData, serviceConfig, cacheOptions) {
             // if the difference is greater than the cacheTtl we want to ignore the cached data
             const now = Date.now();
             const diff = now - parsed.updatedAt;
-            const cacheTtl = cacheOptions.cacheTtlSeconds * 1000;
+            const cacheTtlMs = cacheOptions.cacheTtlSeconds * 1000;
             // only if the diff is less than the cacheTtl do we want to use the cached key
-            if (diff < cacheTtl * 1000) {
+            if (diff < cacheTtlMs) {
               accountMeta = parsed.apiKeyMeta;
             }
           } else {
@@ -322,9 +350,9 @@ async function authorize(authData, serviceConfig, cacheOptions) {
           // if the difference is greater than the cacheTtl we want to ignore the cached data
           const now = Date.now();
           const diff = now - parsed.updatedAt;
-          const cacheTtl = cacheOptions.cacheTtlSeconds * 1000;
+          const cacheTtlMs = cacheOptions.cacheTtlSeconds * 1000;
           // only if the diff is less than the cacheTtl do we want to use the cached key
-          if (diff < cacheTtl * 1000) {
+          if (diff < cacheTtlMs) {
             apiKeyMeta = parsed.apiKeyMeta;
           }
         } else {
@@ -416,9 +444,133 @@ async function authorize(authData, serviceConfig, cacheOptions) {
       id: apiKeyMeta.accountId,
       // TODO update this later
       name: "",
+      limits: apiKeyMeta.limits,
+      rateLimits: apiKeyMeta.rateLimits,
+      usage: apiKeyMeta.usage,
       creatorWalletAddress: apiKeyMeta.creatorWalletAddress
     }
   };
 }
+const RATE_LIMIT_WINDOW_SECONDS = 10;
+// Redis interface compatible with ioredis (Node) and upstash (Cloudflare Workers).
+async function rateLimit(args) {
+  const {
+    authzResult,
+    serviceConfig,
+    redis,
+    sampleRate = 1.0
+  } = args;
+  const shouldSampleRequest = Math.random() < sampleRate;
+  if (!shouldSampleRequest || !authzResult.authorized) {
+    return {
+      rateLimited: false,
+      requestCount: 0,
+      rateLimit: 0
+    };
+  }
+  const {
+    apiKeyMeta,
+    accountMeta
+  } = authzResult;
+  const accountId = apiKeyMeta?.accountId || accountMeta?.id;
+  const {
+    serviceScope
+  } = serviceConfig;
+  const limitPerSecond = apiKeyMeta?.rateLimits?.[serviceScope] ?? accountMeta?.rateLimits?.[serviceScope];
+  if (!limitPerSecond) {
+    // No rate limit is provided. Assume the request is not rate limited.
+    return {
+      rateLimited: false,
+      requestCount: 0,
+      rateLimit: 0
+    };
+  }
+  // Gets the 10-second window for the current timestamp.
+  const timestampWindow = Math.floor(Date.now() / (1000 * RATE_LIMIT_WINDOW_SECONDS)) * RATE_LIMIT_WINDOW_SECONDS;
+  const key = `rate-limit:${serviceScope}:${accountId}:${timestampWindow}`;
+  // Increment and get the current request count in this window.
+  const requestCount = await redis.incr(key);
+  if (requestCount === 1) {
+    // For the first increment, set an expiration to clean up this key.
+    await redis.expire(key, RATE_LIMIT_WINDOW_SECONDS);
+  }
+  // Get the limit for this window accounting for the sample rate.
+  const limitPerWindow = limitPerSecond * sampleRate * RATE_LIMIT_WINDOW_SECONDS;
+  if (requestCount > limitPerWindow) {
+    // Report rate limit hits.
+    if (apiKeyMeta?.id) {
+      await updateRateLimitedAt(apiKeyMeta.id, serviceConfig);
+    }
+    // Reject requests when they've exceeded 2x the rate limit.
+    if (requestCount > 2 * limitPerWindow) {
+      return {
+        rateLimited: true,
+        requestCount,
+        rateLimit: limitPerWindow,
+        status: 429,
+        errorMessage: `You've exceeded your ${serviceScope} rate limit at ${limitPerSecond} reqs/sec. To get higher rate limits, contact us at https://thirdweb.com/contact-us.`,
+        errorCode: "RATE_LIMIT_EXCEEDED"
+      };
+    }
+  }
+  return {
+    rateLimited: false,
+    requestCount,
+    rateLimit: limitPerWindow
+  };
+}
+async function usageLimit(authzResult, serviceConfig) {
+  if (!authzResult.authorized) {
+    return {
+      usageLimited: false
+    };
+  }
+  const {
+    apiKeyMeta,
+    accountMeta
+  } = authzResult;
+  const {
+    limits,
+    usage
+  } = apiKeyMeta || accountMeta || {};
+  const {
+    serviceScope
+  } = serviceConfig;
+  if (!usage || !(serviceScope in usage) || !limits || !(serviceScope in limits)) {
+    // No usage limit is provided. Assume the request is not limited.
+    return {
+      usageLimited: false
+    };
+  }
+  if (serviceScope === "storage" && (usage.storage?.sumFileSizeBytes ?? 0) > (limits.storage ?? 0)) {
+    return {
+      usageLimited: true,
+      status: 403,
+      errorMessage: `You've used all of your total usage credits for Storage Pinning. Please add your payment method at https://thirdweb.com/dashboard/settings/billing.`,
+      errorCode: "PAYMENT_METHOD_REQUIRED"
+    };
+  }
+  if (serviceScope === "embeddedWallets" && (usage.embeddedWallets?.countWalletAddresses ?? 0) > (limits.embeddedWallets ?? 0)) {
+    return {
+      usageLimited: true,
+      status: 403,
+      errorMessage: `You've used all of your total usage credits for Embedded Wallets. Please add your payment method at https://thirdweb.com/dashboard/settings/billing.`,
+      errorCode: "PAYMENT_METHOD_REQUIRED"
+    };
+  }
+  return {
+    usageLimited: false
+  };
+}
 exports.authorize = authorize;
+exports.rateLimit = rateLimit;
+exports.usageLimit = usageLimit;

package/dist/{index-cd4f96ef.cjs.dev.js → index-aa324361.cjs.prod.js} RENAMED Viewed

@@ -4,9 +4,12 @@ async function fetchKeyMetadataFromApi(clientId, config) {
   const {
     apiUrl,
     serviceScope,
-    serviceApiKey
+    serviceApiKey,
+    checkPolicy,
+    policyMetadata
   } = config;
-  const url = `${apiUrl}/v1/keys/use?clientId=${clientId}&scope=${serviceScope}`;
+  const policyQuery = checkPolicy && policyMetadata ? `&checkPolicy=true&policyMetadata=${encodeURIComponent(JSON.stringify(policyMetadata))}` : "";
+  const url = `${apiUrl}/v1/keys/use?clientId=${clientId}&scope=${serviceScope}&includeUsage=true${policyQuery}`;
   const response = await fetch(url, {
     method: "GET",
     headers: {
@@ -14,20 +17,20 @@ async function fetchKeyMetadataFromApi(clientId, config) {
       "content-type": "application/json"
     }
   });
-  let json;
+  let text = "";
   try {
-    json = await response.json();
+    text = await response.text();
+    return JSON.parse(text);
   } catch (e) {
-    throw new Error(`Error fetching key metadata from API: ${response.status} - ${response.statusText} - ${await response.text()}`);
+    throw new Error(`Error fetching key metadata from API: ${response.status} - ${text}`);
   }
-  return json;
 }
 async function fetchAccountFromApi(jwt, config, useWalletAuth) {
   const {
     apiUrl,
     serviceApiKey
   } = config;
-  const url = useWalletAuth ? `${apiUrl}/v1/wallet/me` : `${apiUrl}/v1/account/me`;
+  const url = useWalletAuth ? `${apiUrl}/v1/wallet/me?includeUsage=true` : `${apiUrl}/v1/account/me?includeUsage=true`;
   const response = await fetch(url, {
     method: "GET",
     headers: {
@@ -36,13 +39,32 @@ async function fetchAccountFromApi(jwt, config, useWalletAuth) {
       authorization: `Bearer ${jwt}`
     }
   });
-  let json;
+  let text = "";
   try {
-    json = await response.json();
+    text = await response.text();
+    return JSON.parse(text);
   } catch (e) {
-    throw new Error(`Error fetching account from API: ${response.status} - ${response.statusText} - ${await response.text()}`);
+    throw new Error(`Error fetching account from API: ${response.status} - ${text}`);
   }
-  return json;
+}
+async function updateRateLimitedAt(apiKeyId, config) {
+  const {
+    apiUrl,
+    serviceScope: scope,
+    serviceApiKey
+  } = config;
+  const url = `${apiUrl}/usage/rateLimit`;
+  await fetch(url, {
+    method: "PUT",
+    headers: {
+      "x-service-api-key": serviceApiKey,
+      "content-type": "application/json"
+    },
+    body: JSON.stringify({
+      apiKeyId,
+      scope
+    })
+  });
 }
 function authorizeClient(authOptions, apiKeyMeta) {
@@ -63,7 +85,10 @@ function authorizeClient(authOptions, apiKeyMeta) {
       id: apiKeyMeta.accountId,
       // TODO update this later
       name: "",
-      creatorWalletAddress: apiKeyMeta.creatorWalletAddress
+      creatorWalletAddress: apiKeyMeta.creatorWalletAddress,
+      limits: apiKeyMeta.limits,
+      rateLimits: apiKeyMeta.rateLimits,
+      usage: apiKeyMeta.usage
     }
   };
@@ -193,12 +218,15 @@ function authorizeService(apiKeyMetadata, serviceConfig, authorizationPayload) {
   }
   return {
     authorized: true,
+    apiKeyMeta: apiKeyMetadata,
     accountMeta: {
       id: apiKeyMetadata.accountId,
       name: "",
-      creatorWalletAddress: apiKeyMetadata.creatorWalletAddress
-    },
-    apiKeyMeta: apiKeyMetadata
+      creatorWalletAddress: apiKeyMetadata.creatorWalletAddress,
+      limits: apiKeyMetadata.limits,
+      rateLimits: apiKeyMetadata.rateLimits,
+      usage: apiKeyMetadata.usage
+    }
   };
 }
@@ -236,9 +264,9 @@ async function authorize(authData, serviceConfig, cacheOptions) {
             // if the difference is greater than the cacheTtl we want to ignore the cached data
             const now = Date.now();
             const diff = now - parsed.updatedAt;
-            const cacheTtl = cacheOptions.cacheTtlSeconds * 1000;
+            const cacheTtlMs = cacheOptions.cacheTtlSeconds * 1000;
             // only if the diff is less than the cacheTtl do we want to use the cached key
-            if (diff < cacheTtl * 1000) {
+            if (diff < cacheTtlMs) {
               accountMeta = parsed.apiKeyMeta;
             }
           } else {
@@ -322,9 +350,9 @@ async function authorize(authData, serviceConfig, cacheOptions) {
           // if the difference is greater than the cacheTtl we want to ignore the cached data
           const now = Date.now();
           const diff = now - parsed.updatedAt;
-          const cacheTtl = cacheOptions.cacheTtlSeconds * 1000;
+          const cacheTtlMs = cacheOptions.cacheTtlSeconds * 1000;
           // only if the diff is less than the cacheTtl do we want to use the cached key
-          if (diff < cacheTtl * 1000) {
+          if (diff < cacheTtlMs) {
             apiKeyMeta = parsed.apiKeyMeta;
           }
         } else {
@@ -416,9 +444,133 @@ async function authorize(authData, serviceConfig, cacheOptions) {
       id: apiKeyMeta.accountId,
       // TODO update this later
       name: "",
+      limits: apiKeyMeta.limits,
+      rateLimits: apiKeyMeta.rateLimits,
+      usage: apiKeyMeta.usage,
       creatorWalletAddress: apiKeyMeta.creatorWalletAddress
     }
   };
 }
+const RATE_LIMIT_WINDOW_SECONDS = 10;
+// Redis interface compatible with ioredis (Node) and upstash (Cloudflare Workers).
+async function rateLimit(args) {
+  const {
+    authzResult,
+    serviceConfig,
+    redis,
+    sampleRate = 1.0
+  } = args;
+  const shouldSampleRequest = Math.random() < sampleRate;
+  if (!shouldSampleRequest || !authzResult.authorized) {
+    return {
+      rateLimited: false,
+      requestCount: 0,
+      rateLimit: 0
+    };
+  }
+  const {
+    apiKeyMeta,
+    accountMeta
+  } = authzResult;
+  const accountId = apiKeyMeta?.accountId || accountMeta?.id;
+  const {
+    serviceScope
+  } = serviceConfig;
+  const limitPerSecond = apiKeyMeta?.rateLimits?.[serviceScope] ?? accountMeta?.rateLimits?.[serviceScope];
+  if (!limitPerSecond) {
+    // No rate limit is provided. Assume the request is not rate limited.
+    return {
+      rateLimited: false,
+      requestCount: 0,
+      rateLimit: 0
+    };
+  }
+  // Gets the 10-second window for the current timestamp.
+  const timestampWindow = Math.floor(Date.now() / (1000 * RATE_LIMIT_WINDOW_SECONDS)) * RATE_LIMIT_WINDOW_SECONDS;
+  const key = `rate-limit:${serviceScope}:${accountId}:${timestampWindow}`;
+  // Increment and get the current request count in this window.
+  const requestCount = await redis.incr(key);
+  if (requestCount === 1) {
+    // For the first increment, set an expiration to clean up this key.
+    await redis.expire(key, RATE_LIMIT_WINDOW_SECONDS);
+  }
+  // Get the limit for this window accounting for the sample rate.
+  const limitPerWindow = limitPerSecond * sampleRate * RATE_LIMIT_WINDOW_SECONDS;
+  if (requestCount > limitPerWindow) {
+    // Report rate limit hits.
+    if (apiKeyMeta?.id) {
+      await updateRateLimitedAt(apiKeyMeta.id, serviceConfig);
+    }
+    // Reject requests when they've exceeded 2x the rate limit.
+    if (requestCount > 2 * limitPerWindow) {
+      return {
+        rateLimited: true,
+        requestCount,
+        rateLimit: limitPerWindow,
+        status: 429,
+        errorMessage: `You've exceeded your ${serviceScope} rate limit at ${limitPerSecond} reqs/sec. To get higher rate limits, contact us at https://thirdweb.com/contact-us.`,
+        errorCode: "RATE_LIMIT_EXCEEDED"
+      };
+    }
+  }
+  return {
+    rateLimited: false,
+    requestCount,
+    rateLimit: limitPerWindow
+  };
+}
+async function usageLimit(authzResult, serviceConfig) {
+  if (!authzResult.authorized) {
+    return {
+      usageLimited: false
+    };
+  }
+  const {
+    apiKeyMeta,
+    accountMeta
+  } = authzResult;
+  const {
+    limits,
+    usage
+  } = apiKeyMeta || accountMeta || {};
+  const {
+    serviceScope
+  } = serviceConfig;
+  if (!usage || !(serviceScope in usage) || !limits || !(serviceScope in limits)) {
+    // No usage limit is provided. Assume the request is not limited.
+    return {
+      usageLimited: false
+    };
+  }
+  if (serviceScope === "storage" && (usage.storage?.sumFileSizeBytes ?? 0) > (limits.storage ?? 0)) {
+    return {
+      usageLimited: true,
+      status: 403,
+      errorMessage: `You've used all of your total usage credits for Storage Pinning. Please add your payment method at https://thirdweb.com/dashboard/settings/billing.`,
+      errorCode: "PAYMENT_METHOD_REQUIRED"
+    };
+  }
+  if (serviceScope === "embeddedWallets" && (usage.embeddedWallets?.countWalletAddresses ?? 0) > (limits.embeddedWallets ?? 0)) {
+    return {
+      usageLimited: true,
+      status: 403,
+      errorMessage: `You've used all of your total usage credits for Embedded Wallets. Please add your payment method at https://thirdweb.com/dashboard/settings/billing.`,
+      errorCode: "PAYMENT_METHOD_REQUIRED"
+    };
+  }
+  return {
+    usageLimited: false
+  };
+}
 exports.authorize = authorize;
+exports.rateLimit = rateLimit;
+exports.usageLimit = usageLimit;

package/dist/{services-86283509.esm.js → services-2aecbda8.esm.js} RENAMED Viewed

@@ -33,6 +33,27 @@ const SERVICE_DEFINITIONS = {
     description: "Enable gasless transactions",
     // all actions allowed
     actions: []
+  },
+  embeddedWallets: {
+    name: "embeddedWallets",
+    title: "Embedded Wallets",
+    description: "E-mail and social login wallets for easy web3 onboarding",
+    // all actions allowed
+    actions: []
+  },
+  checkout: {
+    name: "checkout",
+    title: "Checkouts",
+    description: "NFT Checkouts for easy web3 onboarding",
+    // all actions allowed
+    actions: []
+  },
+  pay: {
+    name: "pay",
+    title: "Pay",
+    description: "Pay for a blockchain transaction with any currency",
+    // all actions allowed
+    actions: []
   }
 };
 const SERVICE_NAMES = Object.keys(SERVICE_DEFINITIONS);

package/dist/{services-9e185105.cjs.prod.js → services-508322f3.cjs.dev.js} RENAMED Viewed

@@ -35,6 +35,27 @@ const SERVICE_DEFINITIONS = {
     description: "Enable gasless transactions",
     // all actions allowed
     actions: []
+  },
+  embeddedWallets: {
+    name: "embeddedWallets",
+    title: "Embedded Wallets",
+    description: "E-mail and social login wallets for easy web3 onboarding",
+    // all actions allowed
+    actions: []
+  },
+  checkout: {
+    name: "checkout",
+    title: "Checkouts",
+    description: "NFT Checkouts for easy web3 onboarding",
+    // all actions allowed
+    actions: []
+  },
+  pay: {
+    name: "pay",
+    title: "Pay",
+    description: "Pay for a blockchain transaction with any currency",
+    // all actions allowed
+    actions: []
   }
 };
 const SERVICE_NAMES = Object.keys(SERVICE_DEFINITIONS);

package/dist/{services-a3f36057.cjs.dev.js → services-5c4d6977.cjs.prod.js} RENAMED Viewed

@@ -35,6 +35,27 @@ const SERVICE_DEFINITIONS = {
     description: "Enable gasless transactions",
     // all actions allowed
     actions: []
+  },
+  embeddedWallets: {
+    name: "embeddedWallets",
+    title: "Embedded Wallets",
+    description: "E-mail and social login wallets for easy web3 onboarding",
+    // all actions allowed
+    actions: []
+  },
+  checkout: {
+    name: "checkout",
+    title: "Checkouts",
+    description: "NFT Checkouts for easy web3 onboarding",
+    // all actions allowed
+    actions: []
+  },
+  pay: {
+    name: "pay",
+    title: "Pay",
+    description: "Pay for a blockchain transaction with any currency",
+    // all actions allowed
+    actions: []
   }
 };
 const SERVICE_NAMES = Object.keys(SERVICE_DEFINITIONS);

package/dist/thirdweb-dev-service-utils.cjs.dev.js CHANGED Viewed

@@ -2,7 +2,7 @@
 Object.defineProperty(exports, '__esModule', { value: true });
-var services = require('./services-a3f36057.cjs.dev.js');
+var services = require('./services-508322f3.cjs.dev.js');

package/dist/thirdweb-dev-service-utils.cjs.prod.js CHANGED Viewed

@@ -2,7 +2,7 @@
 Object.defineProperty(exports, '__esModule', { value: true });
-var services = require('./services-9e185105.cjs.prod.js');
+var services = require('./services-5c4d6977.cjs.prod.js');

package/dist/thirdweb-dev-service-utils.esm.js CHANGED Viewed

	@@ -1 +1 @@
1	- export { b as SERVICES, S as SERVICE_DEFINITIONS, a as SERVICE_NAMES, g as getServiceByName } from './services-~~86283509~~.esm.js';
1	+ export { b as SERVICES, S as SERVICE_DEFINITIONS, a as SERVICE_NAMES, g as getServiceByName } from './services-2aecbda8.esm.js';