@toa.io/extensions.exposition 0.24.0-alpha.9 → 1.0.0-alpha.10

package/source/RTD/Directives.ts

@@ -1,9 +1,33 @@
+import type { Parameter } from './Match'
 import type * as syntax from './syntax'
+import type { Context, OutgoingMessage } from '../HTTP'
+import type { Output } from '../io'
 
-export interface Directives<T = any> {
-  merge: (directive: T) => void
+export interface Directives {
+  preflight: (context: Context, parameters: Parameter[]) => Promise<Output>
+  settle: (context: Context, response: OutgoingMessage) => Promise<void>
 }
 
-export interface DirectivesFactory<T = any> {
-  create: (directives: syntax.Directive[]) => T
+export interface DirectiveFactory {
+  create: (directives: syntax.Directive[]) => Directives
+}
+
+export interface DirectiveSet {
+  family: DirectiveFamily
+  directives: any[]
+}
+
+export interface DirectiveFamily<TDirective = any, TExtension = any> {
+  readonly name: string
+  readonly mandatory: boolean
+
+  create: (name: string, ...rest: any[]) => TDirective
+
+  preflight?: (directives: TDirective[],
+    request: Context & TExtension,
+    parameters: Parameter[]) => Output | Promise<Output>
+
+  settle?: (directives: TDirective[],
+    request: Context & TExtension,
+    response: OutgoingMessage) => void | Promise<void>
 }

package/source/RTD/Endpoint.ts

@@ -1,11 +1,13 @@
 import { type Context } from './Context'
+import type * as http from '../HTTP'
 import type * as syntax from './syntax'
+import type * as RTD from './index'
 
-export interface Endpoint<T extends Endpoint = any> {
-  call: T['call']
+export interface Endpoint {
+  call: (context: http.Context, parameters: RTD.Parameter[]) => Promise<http.OutgoingMessage>
   close: () => Promise<void>
 }
 
-export interface EndpointsFactory<T extends Endpoint<T> = any> {
-  create: (method: syntax.Method, context: Context) => T
+export interface EndpointsFactory {
+  create: (method: syntax.Method, context: Context) => Endpoint
 }

package/source/RTD/Match.ts

@@ -1,12 +1,7 @@
 import { type Node } from './Node'
-import { type Directives } from './Directives'
-import { type Endpoint } from './Endpoint'
 
-export interface Match<
-  TEndpoint extends Endpoint<TEndpoint> = any,
-  TDirectives extends Directives<TDirectives> = any
-> {
-  node: Node<TEndpoint, TDirectives>
+export interface Match {
+  node: Node
   parameters: Parameter[]
 }
 

package/source/RTD/Method.ts

@@ -1,14 +1,11 @@
-import { type Directives } from './Directives'
-import { type Endpoint } from './Endpoint'
+import type { Endpoint } from './Endpoint'
+import type { Directives } from './Directives'
 
-export class Method<
-  TEndpoint extends Endpoint<TEndpoint> = any,
-  TDirectives extends Directives<TDirectives> = any
-> {
-  public readonly endpoint: TEndpoint | null
-  public readonly directives: TDirectives
+export class Method {
+  public readonly endpoint: Endpoint | null
+  public readonly directives: Directives
 
-  public constructor (endpoint: TEndpoint | null, directives: TDirectives) {
+  public constructor (endpoint: Endpoint | null, directives: Directives) {
     this.endpoint = endpoint
     this.directives = directives
   }
@@ -18,7 +15,4 @@ export class Method<
   }
 }
 
-export type Methods<
-  TEndpoint extends Endpoint<TEndpoint> = any,
-  TDirectives extends Directives<TDirectives> = any
-> = Record<string, Method<TEndpoint, TDirectives>>
+export type Methods = Record<string, Method>

package/source/RTD/Node.ts

@@ -1,20 +1,15 @@
 import { type Route } from './Route'
 import { type Methods } from './Method'
 import { type Match, type Parameter } from './Match'
-import { type Directives } from './Directives'
-import { type Endpoint } from './Endpoint'
 
-export class Node<
-  TEndpoint extends Endpoint<TEndpoint> = any,
-  TDirectives extends Directives<TDirectives> = any
-> {
+export class Node {
   public intermediate: boolean
-  public methods: Methods<TEndpoint, TDirectives>
+  public methods: Methods
   private readonly protected: boolean
   private routes: Route[]
 
   public constructor
-  (routes: Route[], methods: Methods<TEndpoint, TDirectives>, properties: Properties) {
+  (routes: Route[], methods: Methods, properties: Properties) {
     this.routes = routes
     this.methods = methods
     this.protected = properties.protected
@@ -34,26 +29,30 @@ export class Node<
     return null
   }
 
-  public merge (node: Node<TEndpoint, TDirectives>): void {
+  public merge (node: Node): void {
     this.intermediate = node.intermediate
 
-    if (!this.protected) this.replace(node)
-    else this.append(node)
+    if (!this.protected)
+      this.replace(node)
+    else
+      this.append(node)
 
     this.sort()
   }
 
-  private replace (node: Node<TEndpoint, TDirectives>): void {
+  private replace (node: Node): void {
     const methods = Object.values(this.methods)
 
     this.routes = node.routes
     this.methods = node.methods
 
     for (const method of methods)
-      void method.close() // race condition is really unlikely
+      void method.close()
+
+    // race condition is really unlikely
   }
 
-  private append (node: Node<TEndpoint, TDirectives>): void {
+  private append (node: Node): void {
     for (const route of node.routes)
       this.mergeRoute(route)
 

package/source/RTD/Tree.ts

@@ -1,30 +1,33 @@
-import { type Node } from './Node'
 import { createNode } from './factory'
 import { fragment } from './segment'
-import { type Match } from './Match'
-import { type Context } from './Context'
-import { type Directives, type DirectivesFactory } from './Directives'
-import { type Endpoint, type EndpointsFactory } from './Endpoint'
+import type { Node } from './Node'
+import type { Match } from './Match'
+import type { Context } from './Context'
+import type { DirectiveFactory } from './Directives'
+import type { EndpointsFactory } from './Endpoint'
 import type * as syntax from './syntax'
 
-export class Tree<
-  TEndpoint extends Endpoint<TEndpoint> = any,
-  TDirectives extends Directives<TDirectives> = any
-> {
+export class Tree {
   private readonly root: syntax.Node
-  private readonly trunk: Node<TEndpoint, TDirectives>
-  private readonly endpoints: EndpointsFactory<TEndpoint>
-  private readonly directives: DirectivesFactory
+  private readonly trunk: Node
+  private readonly endpoints: EndpointsFactory
+  private readonly directives: DirectiveFactory
 
   public constructor
-  (node: syntax.Node, endpoints: EndpointsFactory, directives: DirectivesFactory) {
+  (node: syntax.Node, endpoints: EndpointsFactory, directives: DirectiveFactory) {
     this.endpoints = endpoints
     this.directives = directives
     this.trunk = this.createNode(node, PROTECTED)
     this.root = node
   }
 
-  public match (path: string): Match<TEndpoint, TDirectives> | null {
+  public match (path: string): Match | null {
+    if (path === '/')
+      return {
+        node: this.trunk,
+        parameters: []
+      }
+
     const fragments = fragment(path)
 
     return this.trunk.match(fragments)
@@ -36,7 +39,8 @@ export class Tree<
     this.trunk.merge(branch)
   }
 
-  private createNode (node: syntax.Node, protect: boolean, extension?: any): Node {
+  private createNode
+  (node: syntax.Node, protect: boolean, extension?: any): Node {
     const context: Context = {
       protected: protect,
       endpoints: this.endpoints,

package/source/RTD/factory.ts

@@ -1,14 +1,11 @@
 import { Node, type Properties } from './Node'
 import { Route } from './Route'
-import { type Context } from './Context'
 import { segment } from './segment'
 import { Method, type Methods } from './Method'
-import { type Endpoint } from './Endpoint'
-import { type Directives } from './Directives'
+import type { Context } from './Context'
 import type * as syntax from './syntax'
 
-export function createNode<TEndpoint extends Endpoint, TDirectives extends Directives>
-(node: syntax.Node, context: Context): Node<TEndpoint, TDirectives> {
+export function createNode (node: syntax.Node, context: Context): Node {
   if (node.isolated === true)
     context.directives.stack = node.directives
   else

package/source/RTD/syntax/parse.ts

@@ -28,7 +28,7 @@ function parseNode (input: object, shortcuts?: Shortcuts): Node {
     }
 
     if (key[0] === '/') {
-      const route = parseRoute(key, value, shortcuts)
+      const route = parseRoute(key, value as Node, shortcuts)
 
       node.routes.push(route)
 
@@ -36,7 +36,7 @@ function parseNode (input: object, shortcuts?: Shortcuts): Node {
     }
 
     if (verbs.has(key)) {
-      const method = parseMethod(key, value, shortcuts)
+      const method = parseMethod(key, value as Mapping, shortcuts)
 
       node.methods.push(method)
 
@@ -65,7 +65,7 @@ export function createNode (): Node {
   }
 }
 
-function parseRoute (path: string, value: object, shortcuts?: Shortcuts): Route {
+function parseRoute (path: string, value: Node, shortcuts?: Shortcuts): Route {
   const node = parse(value, shortcuts)
 
   return createRoute(path, node)
@@ -106,10 +106,10 @@ function parseQuery (mapping: any): void {
     return
 
   if (typeof query.limit === 'number')
-    query.limit = expandRange(query.limit)
+    query.limit = expandRange(query.limit as number)
 
   if (typeof query.omit === 'number')
-    query.omit = expandRange(query.omit)
+    query.omit = expandRange(query.omit as number)
 }
 
 function parseDirectives (mapping: Record<string, any>, shortcuts?: Shortcuts): Directive[] {
@@ -132,7 +132,7 @@ function parseDirectives (mapping: Record<string, any>, shortcuts?: Shortcuts):
 
 function parseDirective (key: string, value: any, shortcuts?: Shortcuts): Directive | null {
   if (shortcuts?.has(key) === true)
-    key = shortcuts.get(key) as string
+    key = shortcuts.get(key)! // eslint-disable-line @typescript-eslint/no-non-null-assertion
 
   const match = key.match(DIRECTIVE_RX)
 

package/source/RTD/syntax/types.ts

@@ -45,4 +45,4 @@ export interface Range {
   range: [number, number]
 }
 
-export const verbs = new Set<string>(['GET', 'POST', 'PUT', 'PATCH', 'DELETE'])
+export const verbs = new Set<string>(['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'])

package/source/deployment.ts

@@ -27,8 +27,7 @@ export function deployment (_: unknown, annotation: Annotation | undefined): Dep
     }
 
   if (annotation?.['/'] !== undefined) {
-    const node = { '/': annotation['/'] }
-    const tree = parse(node, shortcuts)
+    const tree = parse(annotation['/'], shortcuts)
 
     service.variables.push({
       name: 'TOA_EXPOSITION',
@@ -42,6 +41,12 @@ export function deployment (_: unknown, annotation: Annotation | undefined): Dep
       value: '1'
     })
 
+  if (annotation?.trace === true)
+    service.variables.push({
+      name: 'TOA_EXPOSITION_TRACE',
+      value: '1'
+    })
+
   if (annotation !== undefined)
     schemas.annotaion.validate(annotation)
 

package/source/directives/auth/Anonymous.ts

@@ -8,7 +8,8 @@ export class Anonymous implements Directive {
   }
 
   public authorize (_: any, input: Input): boolean {
-    if ('authorization' in input.headers) return false
-    else return this.allow
+    return 'authorization' in input.request.headers
+      ? false
+      : this.allow
   }
 }

package/source/directives/auth/{Family.ts → Authorization.ts}

@@ -1,3 +1,4 @@
+import assert from 'node:assert'
 import { match } from 'matchacho'
 import * as http from '../../HTTP'
 import { Anonymous } from './Anonymous'
@@ -6,13 +7,14 @@ import { Role } from './Role'
 import { Rule } from './Rule'
 import { Incept } from './Incept'
 import { Echo } from './Echo'
-import { split } from './split'
 import { Scheme } from './Scheme'
+import { Delegate } from './Delegate'
+import { split } from './split'
 import { PRIMARY, PROVIDERS } from './schemes'
+import type { Output } from '../../io'
 import type { Component } from '@toa.io/core'
 import type { Remotes } from '../../Remotes'
-import type { Family, Output } from '../../Directive'
-import type { Parameter } from '../../RTD'
+import type { Parameter, DirectiveFamily } from '../../RTD'
 import type {
   AuthenticationResult,
   Ban,
@@ -25,7 +27,8 @@ import type {
   Schemes
 } from './types'
 
-class Authorization implements Family<Directive, Extension> {
+export class Authorization implements DirectiveFamily<Directive, Extension> {
+  public readonly depends: string[] = ['Vary']
   public readonly name: string = 'auth'
   public readonly mandatory: boolean = true
 
@@ -35,24 +38,25 @@ class Authorization implements Family<Directive, Extension> {
   private bans: Component | null = null
 
   public create (name: string, value: any, remotes: Remotes): Directive {
-    const Class = CLASSES[name]
+    assert.ok(name in constructors,
+      `Directive '${name}' is not provided by the '${this.name}' family.`)
 
-    if (Class === undefined)
-      throw new Error(`Directive '${name}' is not provided by the '${this.name}' family.`)
+    const Class = constructors[name]
 
     for (const name of REMOTES)
       this.discovery[name] ??= remotes.discover('identity', name)
 
     return match(Class,
-      Role, () => new Role(value, this.discovery.roles),
-      Rule, () => new Rule(value, this.create.bind(this)),
-      Incept, () => new Incept(value, this.discovery),
+      Role, () => new Role(value as string | string[], this.discovery.roles),
+      Rule, () => new Rule(value as Record<string, string>, this.create.bind(this)),
+      Incept, () => new Incept(value as string, this.discovery),
       () => new Class(value))
   }
 
-  public async preflight
-  (directives: Directive[], input: Input, parameters: Parameter[]): Promise<Output> {
-    const identity = await this.resolve(input.headers.authorization)
+  public async preflight (directives: Directive[],
+    input: Input,
+    parameters: Parameter[]): Promise<Output> {
+    const identity = await this.resolve(input.request.headers.authorization)
 
     input.identity = identity
 
@@ -63,41 +67,38 @@ class Authorization implements Family<Directive, Extension> {
         return directive.reply?.(identity) ?? null
     }
 
-    if (identity === null) throw new http.Unauthorized()
-    else throw new http.Forbidden()
+    if (identity === null)
+      throw new http.Unauthorized()
+    else
+      throw new http.Forbidden()
   }
 
-  public async settle
-  (directives: Directive[], request: Input, response: http.OutgoingMessage): Promise<void> {
-    for (const directive of directives)
-      await directive.settle?.(request, response)
+  public async settle (directives: Directive[],
+    request: Input,
+    response: http.OutgoingMessage): Promise<void> {
+    for (const directive of directives) await directive.settle?.(request, response)
 
     const identity = request.identity
 
-    if (identity === null)
-      return
+    if (identity === null) return
 
-    if (identity.scheme === PRIMARY && !identity.refresh)
-      return
+    if (identity.scheme === PRIMARY && !identity.refresh) return
 
     // Role directive may have already set the value
-    if (identity.roles === undefined)
-      await Role.set(identity, this.discovery.roles)
+    if (identity.roles === undefined) await Role.set(identity, this.discovery.roles)
 
     this.tokens ??= await this.discovery.tokens
 
     const token = await this.tokens.invoke<string>('encrypt', { input: { identity } })
     const authorization = `Token ${token}`
 
-    if (response.headers === undefined)
-      response.headers = new Headers()
+    if (response.headers === undefined) response.headers = new Headers()
 
     response.headers.set('authorization', authorization)
   }
 
   private async resolve (authorization: string | undefined): Promise<Identity | null> {
-    if (authorization === undefined)
-      return null
+    if (authorization === undefined) return null
 
     const [scheme, credentials] = split(authorization)
     const provider = PROVIDERS[scheme]
@@ -107,16 +108,15 @@ class Authorization implements Family<Directive, Extension> {
 
     this.schemes[scheme] ??= await this.discovery[provider]
 
-    const result = await this.schemes[scheme]
-      .invoke<AuthenticationResult>('authenticate', { input: credentials })
+    const result = await this.schemes[scheme].invoke<AuthenticationResult>('authenticate', {
+      input: credentials
+    })
 
-    if (result instanceof Error)
-      return null
+    if (result instanceof Error) return null
 
     const identity = result.identity
 
-    if (scheme !== PRIMARY && await this.banned(identity))
-      throw new http.Unauthorized()
+    if (scheme !== PRIMARY && (await this.banned(identity))) throw new http.Unauthorized()
 
     identity.scheme = scheme
     identity.refresh = result.refresh
@@ -133,16 +133,15 @@ class Authorization implements Family<Directive, Extension> {
   }
 }
 
-const CLASSES: Record<string, new (value: any, argument?: any) => Directive> = {
+const constructors: Record<string, new (value: any, argument?: any) => Directive> = {
   anonymous: Anonymous,
   id: Id,
   role: Role,
   rule: Rule,
   incept: Incept,
   scheme: Scheme,
-  echo: Echo
+  echo: Echo,
+  delegate: Delegate
 }
 
-const REMOTES: Remote[] = ['basic', 'tokens', 'roles', 'bans']
-
-export = new Authorization()
+const REMOTES: Remote[] = ['basic', 'federation', 'tokens', 'roles', 'bans']

package/source/directives/auth/Delegate.ts

@@ -0,0 +1,32 @@
+import { BadRequest } from '../../HTTP'
+import { type Directive, type Identity } from './types'
+import type { Input } from '../../io'
+
+export class Delegate implements Directive {
+  private readonly property: string
+
+  public constructor (property: string) {
+    this.property = property
+  }
+
+  public authorize (identity: Identity | null, context: Input): boolean {
+    if (identity === null)
+      return false
+
+    context.pipelines.body.push((body) => this.embed(body, identity))
+
+    return true
+  }
+
+  private embed (body: unknown, identity: Identity): Record<string, unknown> {
+    check(body)
+    body[this.property] = identity
+
+    return body
+  }
+}
+
+function check (body: unknown): asserts body is Record<string, unknown> {
+  if (typeof body !== 'object' || body === null)
+    throw new BadRequest('Invalid request body.')
+}

package/source/directives/auth/Incept.ts

@@ -15,28 +15,33 @@ export class Incept implements Directive {
   }
 
   public authorize (identity: Identity | null, input: Input): boolean {
-    return identity === null && 'authorization' in input.headers
+    return identity === null && 'authorization' in input.request.headers
   }
 
-  public async settle (request: Input, response: http.OutgoingMessage): Promise<void> {
+  public async settle (input: Input, response: http.OutgoingMessage): Promise<void> {
     const id = response.body?.[this.property]
 
     if (id === undefined)
       throw new http.Conflict('Identity inception has failed as the response body ' +
         ` does not contain the '${this.property}' property.`)
 
-    const [scheme, credentials] = split(request.headers.authorization as string)
+    const [scheme, credentials] = split(input.request.headers.authorization!)
     const provider = PROVIDERS[scheme]
 
     this.schemes[scheme] ??= await this.discovery[provider]
 
     const identity = await this.schemes[scheme]
-      .invoke<Maybe<Identity>>('create', { input: { id, credentials } })
+      .invoke<Maybe<Identity>>('create', {
+      input: {
+        id,
+        credentials
+      }
+    })
 
     if (identity instanceof Error)
       throw new http.Conflict(identity)
 
-    request.identity = identity
-    request.identity.scheme = scheme
+    input.identity = identity
+    input.identity.scheme = scheme
   }
 }

package/source/directives/auth/Role.ts

@@ -14,10 +14,12 @@ export class Role implements Directive {
   public static async set (identity: Identity, discovery: Promise<Component>): Promise<void> {
     this.remote ??= await discovery
 
-    const query: Query = { criteria: `identity==${identity.id}`, limit: 1024 }
-    const roles: string[] = await this.remote.invoke('list', { query })
+    const query: Query = {
+      criteria: `identity==${identity.id}`,
+      limit: 1024
+    }
 
-    identity.roles = roles
+    identity.roles = await this.remote.invoke('list', { query })
   }
 
   public async authorize (identity: Identity | null): Promise<boolean> {

package/source/directives/auth/Rule.ts

@@ -1,5 +1,5 @@
 import { type Parameter } from '../../RTD'
-import { type Directive, type Identity } from './types'
+import type { Input, Directive, Identity } from './types'
 
 export class Rule implements Directive {
   private readonly directives: Directive[] = []
@@ -13,7 +13,7 @@ export class Rule implements Directive {
   }
 
   public async authorize
-  (identity: Identity | null, input: any, parameters: Parameter[]): Promise<boolean> {
+  (identity: Identity | null, input: Input, parameters: Parameter[]): Promise<boolean> {
     for (const directive of this.directives) {
       const authorized = await directive.authorize(identity, input, parameters)
 

package/source/directives/auth/Scheme.ts

@@ -12,10 +12,10 @@ export class Scheme implements Directive {
   }
 
   public authorize (_: Identity | null, input: Input): boolean {
-    if (input.headers.authorization === undefined)
+    if (input.request.headers.authorization === undefined)
       return false
 
-    const [scheme] = split(input.headers.authorization)
+    const [scheme] = split(input.request.headers.authorization)
 
     if (scheme !== this.scheme)
       throw new http.Forbidden(this.Scheme +

package/source/directives/auth/index.ts

@@ -1,3 +1,3 @@
-import Family from './Family'
+import { Authorization } from './Authorization'
 
-export = Family
+export const authorization = new Authorization()

package/source/directives/auth/schemes.ts

@@ -2,7 +2,8 @@ import { type Remote, type Scheme } from './types'
 
 export const PROVIDERS: Record<Scheme, Remote> = {
   basic: 'basic',
-  token: 'tokens'
+  token: 'tokens',
+  bearer: 'federation'
 }
 
 export const PRIMARY: Scheme = 'token'