@travetto/web 6.0.0-rc.4 → 6.0.0-rc.5

package/README.md

@@ -57,6 +57,7 @@ export interface WebRequestContext {
 
 /**
  * Web Request object
+ * @web_contextual
  */
 export class WebRequest<B = unknown> extends BaseWebMessage<B, Readonly<WebRequestContext>> {
 
@@ -73,6 +74,7 @@ export interface WebResponseContext {
 
 /**
  * Web Response as a simple object
+ * @web_invalid_parameter
  */
 export class WebResponse<B = unknown> extends BaseWebMessage<B, WebResponseContext> {
 
@@ -377,7 +379,7 @@ Out of the box, the web framework comes with a few interceptors, and more are co
    1. global - Intended to run outside of the request flow - [AsyncContextInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/context.ts#L13)
    1. terminal - Handles once request and response are finished building - [LoggingInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/logging.ts#L28), [RespondInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/respond.ts#L12)
    1. pre-request - Prepares the request for running - [TrustProxyInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/trust-proxy.ts#L23)
-   1. request - Handles inbound request, validation, and body preparation - [DecompressInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/decompress.ts#L53), [AcceptInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/accept.ts#L34), [BodyParseInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/body-parse.ts#L61), [CookiesInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/cookies.ts#L56) 
+   1. request - Handles inbound request, validation, and body preparation - [DecompressInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/decompress.ts#L53), [AcceptInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/accept.ts#L34), [BodyInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/body.ts#L57), [CookieInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/cookie.ts#L60) 
    1. response - Prepares outbound response - [CompressInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/compress.ts#L50), [CorsInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/cors.ts#L51), [EtagInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/etag.ts#L34), [ResponseCacheInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/response-cache.ts#L30) 
    1. application - Lives outside of the general request/response behavior, [Web Auth](https://github.com/travetto/travetto/tree/main/module/auth-web#readme "Web authentication integration support for the Travetto framework") uses this for login and logout flows.
 
@@ -460,8 +462,8 @@ export class DecompressConfig {
 }
 ```
 
-#### CookiesInterceptor
-[CookiesInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/cookies.ts#L56) is responsible for processing inbound cookie headers and populating the appropriate data on the request, as well as sending the appropriate response data
+#### CookieInterceptor
+[CookieInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/cookie.ts#L60) is responsible for processing inbound cookie headers and populating the appropriate data on the request, as well as sending the appropriate response data
 
 **Code: Cookies Config**
 ```typescript
@@ -473,7 +475,7 @@ export class CookieConfig implements CookieSetOptions {
   /**
    * Are they signed
    */
-  signed = true;
+  signed?: boolean;
   /**
    * Supported only via http (not in JS)
    */
@@ -490,20 +492,24 @@ export class CookieConfig implements CookieSetOptions {
   /**
    * Is the cookie only valid for https
    */
-  secure?: boolean = false;
+  secure?: boolean;
   /**
    * The domain of the cookie
    */
   domain?: string;
+  /**
+   * The default path of the cookie
+   */
+  path: string = '/';
 }
 ```
 
-#### BodyParseInterceptor
-[BodyParseInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/body-parse.ts#L61) handles the inbound request, and converting the body payload into an appropriate format.
+#### BodyInterceptor
+[BodyInterceptor](https://github.com/travetto/travetto/tree/main/module/web/src/interceptor/body.ts#L57) handles the inbound request, and converting the body payload into an appropriate format.
 
-**Code: Body Parse Config**
+**Code: Body Config**
 ```typescript
-export class BodyParseConfig {
+export class WebBodyConfig {
   /**
    * Parse request body
    */
@@ -523,10 +529,6 @@ export class BodyParseConfig {
 
   @Ignore()
   _limit: number | undefined;
-
-  postConstruct(): void {
-    this._limit = WebCommonUtil.parseByteSize(this.limit);
-  }
 }
 ```
 

package/__index__.ts

@@ -24,7 +24,7 @@ export * from './src/registry/visitor.ts';
 export * from './src/registry/types.ts';
 
 export * from './src/interceptor/accept.ts';
-export * from './src/interceptor/body-parse.ts';
+export * from './src/interceptor/body.ts';
 export * from './src/interceptor/cors.ts';
 export * from './src/interceptor/cookie.ts';
 export * from './src/interceptor/compress.ts';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@travetto/web",
-  "version": "6.0.0-rc.4",
+  "version": "6.0.0-rc.5",
   "description": "Declarative api for Web Applications with support for the dependency injection.",
   "keywords": [
     "web",
@@ -37,13 +37,12 @@
     "@types/negotiator": "^0.6.3",
     "find-my-way": "^9.3.0",
     "fresh": "^0.5.2",
-    "iconv-lite": "^0.6.3",
     "keygrip": "^1.1.0",
     "negotiator": "^1.0.0"
   },
   "peerDependencies": {
     "@travetto/cli": "^6.0.0-rc.3",
-    "@travetto/test": "^6.0.0-rc.2",
+    "@travetto/test": "^6.0.0-rc.3",
     "@travetto/transformer": "^6.0.0-rc.3"
   },
   "peerDependenciesMeta": {

package/src/context.ts

@@ -1,6 +1,6 @@
 import { AsyncContextValue, AsyncContext } from '@travetto/context';
 import { Inject, Injectable } from '@travetto/di';
-import { AppError, castTo, Class, toConcrete } from '@travetto/runtime';
+import { AppError, castTo, Class } from '@travetto/runtime';
 
 import { WebRequest } from './types/request.ts';
 
@@ -21,7 +21,7 @@ export class WebAsyncContext {
   }
 
   postConstruct(): void {
-    this.registerSource(toConcrete<WebRequest>(), () => this.#request.get());
+    this.registerSource(WebRequest, () => this.#request.get());
   }
 
   withContext<T>(request: WebRequest, next: () => Promise<T>): Promise<T> {

package/src/interceptor/{body-parse.ts → body.ts}

@@ -24,10 +24,10 @@ export interface BodyContentParser {
 };
 
 /**
- * Web body parse configuration
+ * Web body  configuration
  */
-@Config('web.bodyParse')
-export class BodyParseConfig {
+@Config('web.body')
+export class WebBodyConfig {
   /**
    * Parse request body
    */
@@ -47,25 +47,21 @@ export class BodyParseConfig {
 
   @Ignore()
   _limit: number | undefined;
-
-  postConstruct(): void {
-    this._limit = WebCommonUtil.parseByteSize(this.limit);
-  }
 }
 
 
 /**
- * Parses the body input content
+ * Verifies content length, decodes character encodings, and parses body input string via the content type
  */
 @Injectable()
-export class BodyParseInterceptor implements WebInterceptor<BodyParseConfig> {
+export class BodyInterceptor implements WebInterceptor<WebBodyConfig> {
 
   dependsOn = [AcceptInterceptor, DecompressInterceptor];
   category: WebInterceptorCategory = 'request';
   parsers: Record<string, BodyContentParser> = {};
 
   @Inject()
-  config: BodyParseConfig;
+  config: WebBodyConfig;
 
   async postConstruct(): Promise<void> {
     // Load all the parser types
@@ -75,11 +71,11 @@ export class BodyParseInterceptor implements WebInterceptor<BodyParseConfig> {
     }
   }
 
-  applies({ endpoint, config }: WebInterceptorContext<BodyParseConfig>): boolean {
+  applies({ endpoint, config }: WebInterceptorContext<WebBodyConfig>): boolean {
     return config.applies && endpoint.allowsBody;
   }
 
-  async filter({ request, config, next }: WebChainedContext<BodyParseConfig>): Promise<WebResponse> {
+  async filter({ request, config, next }: WebChainedContext<WebBodyConfig>): Promise<WebResponse> {
     const input = request.body;
 
     if (!WebBodyUtil.isRaw(input)) {
@@ -88,8 +84,8 @@ export class BodyParseInterceptor implements WebInterceptor<BodyParseConfig> {
 
     const lengthRead = +(request.headers.get('Content-Length') || '');
     const length = Number.isNaN(lengthRead) ? undefined : lengthRead;
+    const limit = config._limit ??= WebCommonUtil.parseByteSize(config.limit);
 
-    const limit = config._limit ?? Number.MAX_SAFE_INTEGER;
     if (length && length > limit) {
       throw WebError.for('Request entity too large', 413, { length, limit });
     }

package/src/types/request.ts

@@ -18,6 +18,7 @@ export interface WebRequestContext {
 
 /**
  * Web Request object
+ * @web_contextual
  */
 export class WebRequest<B = unknown> extends BaseWebMessage<B, Readonly<WebRequestContext>> {
 

package/src/types/response.ts

@@ -6,6 +6,7 @@ export interface WebResponseContext {
 
 /**
  * Web Response as a simple object
+ * @web_invalid_parameter
  */
 export class WebResponse<B = unknown> extends BaseWebMessage<B, WebResponseContext> {
 

package/src/util/body.ts

@@ -1,5 +1,4 @@
-import iconv from 'iconv-lite';
-
+import { TextDecoder } from 'node:util';
 import { Readable } from 'node:stream';
 import { buffer as toBuffer } from 'node:stream/consumers';
 
@@ -187,27 +186,33 @@ export class WebBodyUtil {
   static async readText(input: Readable | Buffer, limit: number, encoding?: string): Promise<{ text: string, read: number }> {
     encoding ??= (Buffer.isBuffer(input) ? undefined : input.readableEncoding) ?? 'utf-8';
 
-    if (!iconv.encodingExists(encoding)) {
+    let decoder: TextDecoder;
+    try {
+      decoder = new TextDecoder(encoding);
+    } catch {
       throw WebError.for('Specified Encoding Not Supported', 415, { encoding });
     }
 
     if (Buffer.isBuffer(input)) {
-      return { text: iconv.decode(input, encoding), read: input.byteLength };
+      if (input.byteLength > limit) {
+        throw WebError.for('Request Entity Too Large', 413, { received: input.byteLength, limit });
+      }
+      return { text: decoder.decode(input), read: input.byteLength };
     }
 
     let received = Buffer.isBuffer(input) ? input.byteOffset : 0;
-    const decoder = iconv.getDecoder(encoding);
     const all: string[] = [];
 
     try {
-      for await (const chunk of input.iterator({ destroyOnReturn: false })) {
-        received += Buffer.isBuffer(chunk) ? chunk.byteLength : (typeof chunk === 'string' ? chunk.length : chunk.length);
+      for await (const chunk of castTo<AsyncIterable<string | Buffer>>(input.iterator({ destroyOnReturn: false }))) {
+        const buffer = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk, 'utf8');
+        received += buffer.byteLength;
         if (received > limit) {
           throw WebError.for('Request Entity Too Large', 413, { received, limit });
         }
-        all.push(decoder.write(chunk));
+        all.push(decoder.decode(buffer, { stream: true }));
       }
-      all.push(decoder.end() ?? '');
+      all.push(decoder.decode(Buffer.alloc(0), { stream: false }));
       return { text: all.join(''), read: received };
     } catch (err) {
       if (err instanceof Error && err.name === 'AbortError') {

package/support/transformer.web.ts

@@ -44,21 +44,26 @@ export class WebTransformer {
       // If non-regex
       if (arg && ts.isStringLiteral(arg)) {
         const literal = LiteralUtil.toLiteral(arg);
-        if (typeof literal !== 'string') {
-          throw new Error(`Unexpected literal type: ${literal}`);
-        }
-        // If param name matches path param, default to @Path
+        // If param name matches path param, default to @PathParam
         detectedParamType = new RegExp(`:${name}\\b`).test(literal) ? 'PathParam' : 'QueryParam';
       } else {
         // Default to query for empty or regex endpoints
         detectedParamType = 'QueryParam';
       }
-    } else if (epDec.ident.getText() !== 'All') { // Treat all separate
+    } else {
       // Treat as schema, and see if endpoint supports a body for default behavior on untyped
       detectedParamType = epDec.targets?.includes('@travetto/web:HttpRequestBody') ? 'Body' : 'QueryParam';
       config.name = '';
     }
 
+    if (paramType.key === 'managed' && paramType.original) {
+      if (DocUtil.hasDocTag(paramType.original, 'web_contextual')) {
+        throw new Error(`${paramType.name} must be registered using @ContextParam`);
+      } else if (DocUtil.hasDocTag(paramType.original, 'web_invalid_parameter')) {
+        throw new Error(`${paramType.name} is an invalid endpoint parameter`);
+      }
+    }
+
     node = SchemaTransformUtil.computeField(state, node, config);
 
     const modifiers = (node.modifiers ?? []).filter(x => x !== pDec);