@undefineds.co/xpod 0.1.0-local.202602081751
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +22 -0
- package/README.md +146 -0
- package/components/components.jsonld +72 -0
- package/components/context.jsonld +1635 -0
- package/config/bun.json +90 -0
- package/config/cli.json +260 -0
- package/config/cloud.json +469 -0
- package/config/extensions.local.initializer.json +23 -0
- package/config/local.json +261 -0
- package/config/logging/configurable.json +18 -0
- package/config/main.json +200 -0
- package/config/main.vanilla.json +6 -0
- package/config/resolver.json +347 -0
- package/config/search.json +66 -0
- package/config/seed.dev.json +29 -0
- package/config/seeds/admin.example.json +11 -0
- package/config/seeds/test.json +11 -0
- package/config/terminal.json +22 -0
- package/config/vector.json +35 -0
- package/config/xpod.base.json +155 -0
- package/config/xpod.cluster.json +419 -0
- package/config/xpod.json +233 -0
- package/dist/agents/AgentExecutorFactory.d.ts +67 -0
- package/dist/agents/AgentExecutorFactory.js +193 -0
- package/dist/agents/AgentExecutorFactory.js.map +1 -0
- package/dist/agents/AgentManager.d.ts +114 -0
- package/dist/agents/AgentManager.js +289 -0
- package/dist/agents/AgentManager.js.map +1 -0
- package/dist/agents/BaseAgentExecutor.d.ts +67 -0
- package/dist/agents/BaseAgentExecutor.js +101 -0
- package/dist/agents/BaseAgentExecutor.js.map +1 -0
- package/dist/agents/ClaudeExecutor.d.ts +63 -0
- package/dist/agents/ClaudeExecutor.js +335 -0
- package/dist/agents/ClaudeExecutor.js.map +1 -0
- package/dist/agents/CodeBuddyExecutor.d.ts +54 -0
- package/dist/agents/CodeBuddyExecutor.js +273 -0
- package/dist/agents/CodeBuddyExecutor.js.map +1 -0
- package/dist/agents/IndexAgent.d.ts +70 -0
- package/dist/agents/IndexAgent.js +417 -0
- package/dist/agents/IndexAgent.js.map +1 -0
- package/dist/agents/index.d.ts +22 -0
- package/dist/agents/index.js +48 -0
- package/dist/agents/index.js.map +1 -0
- package/dist/agents/schema/agent-config.d.ts +58 -0
- package/dist/agents/schema/agent-config.js +74 -0
- package/dist/agents/schema/agent-config.js.map +1 -0
- package/dist/agents/schema/tables.d.ts +46 -0
- package/dist/agents/schema/tables.js +64 -0
- package/dist/agents/schema/tables.js.map +1 -0
- package/dist/agents/types.d.ts +266 -0
- package/dist/agents/types.js +9 -0
- package/dist/agents/types.js.map +1 -0
- package/dist/ai/index.d.ts +5 -0
- package/dist/ai/index.js +22 -0
- package/dist/ai/index.js.map +1 -0
- package/dist/ai/schema/config.d.ts +27 -0
- package/dist/ai/schema/config.js +36 -0
- package/dist/ai/schema/config.js.map +1 -0
- package/dist/ai/schema/index.d.ts +8 -0
- package/dist/ai/schema/index.js +27 -0
- package/dist/ai/schema/index.js.map +1 -0
- package/dist/ai/schema/model.d.ts +40 -0
- package/dist/ai/schema/model.js +60 -0
- package/dist/ai/schema/model.js.map +1 -0
- package/dist/ai/schema/provider.d.ts +21 -0
- package/dist/ai/schema/provider.js +30 -0
- package/dist/ai/schema/provider.js.map +1 -0
- package/dist/ai/schema/types.d.ts +52 -0
- package/dist/ai/schema/types.js +62 -0
- package/dist/ai/schema/types.js.map +1 -0
- package/dist/ai/schema/vector-store.d.ts +53 -0
- package/dist/ai/schema/vector-store.js +65 -0
- package/dist/ai/schema/vector-store.js.map +1 -0
- package/dist/ai/service/CredentialReader.d.ts +7 -0
- package/dist/ai/service/CredentialReader.js +10 -0
- package/dist/ai/service/CredentialReader.js.map +1 -0
- package/dist/ai/service/CredentialReaderImpl.d.ts +6 -0
- package/dist/ai/service/CredentialReaderImpl.js +55 -0
- package/dist/ai/service/CredentialReaderImpl.js.map +1 -0
- package/dist/ai/service/EmbeddingService.d.ts +8 -0
- package/dist/ai/service/EmbeddingService.js +10 -0
- package/dist/ai/service/EmbeddingService.js.map +1 -0
- package/dist/ai/service/EmbeddingServiceImpl.d.ts +11 -0
- package/dist/ai/service/EmbeddingServiceImpl.js +73 -0
- package/dist/ai/service/EmbeddingServiceImpl.js.map +1 -0
- package/dist/ai/service/ProviderRegistry.d.ts +26 -0
- package/dist/ai/service/ProviderRegistry.js +10 -0
- package/dist/ai/service/ProviderRegistry.js.map +1 -0
- package/dist/ai/service/ProviderRegistryImpl.d.ts +14 -0
- package/dist/ai/service/ProviderRegistryImpl.js +112 -0
- package/dist/ai/service/ProviderRegistryImpl.js.map +1 -0
- package/dist/ai/service/index.d.ts +10 -0
- package/dist/ai/service/index.js +29 -0
- package/dist/ai/service/index.js.map +1 -0
- package/dist/ai/service/types.d.ts +12 -0
- package/dist/ai/service/types.js +6 -0
- package/dist/ai/service/types.js.map +1 -0
- package/dist/api/ApiServer.d.ts +77 -0
- package/dist/api/ApiServer.js +191 -0
- package/dist/api/ApiServer.js.map +1 -0
- package/dist/api/auth/AuthContext.d.ts +41 -0
- package/dist/api/auth/AuthContext.js +44 -0
- package/dist/api/auth/AuthContext.js.map +1 -0
- package/dist/api/auth/Authenticator.d.ts +23 -0
- package/dist/api/auth/Authenticator.js +3 -0
- package/dist/api/auth/Authenticator.js.map +1 -0
- package/dist/api/auth/ClientCredentialsAuthenticator.d.ts +56 -0
- package/dist/api/auth/ClientCredentialsAuthenticator.js +191 -0
- package/dist/api/auth/ClientCredentialsAuthenticator.js.map +1 -0
- package/dist/api/auth/MultiAuthenticator.d.ts +15 -0
- package/dist/api/auth/MultiAuthenticator.js +36 -0
- package/dist/api/auth/MultiAuthenticator.js.map +1 -0
- package/dist/api/auth/NodeTokenAuthenticator.d.ts +21 -0
- package/dist/api/auth/NodeTokenAuthenticator.js +124 -0
- package/dist/api/auth/NodeTokenAuthenticator.js.map +1 -0
- package/dist/api/auth/SolidTokenAuthenticator.d.ts +27 -0
- package/dist/api/auth/SolidTokenAuthenticator.js +144 -0
- package/dist/api/auth/SolidTokenAuthenticator.js.map +1 -0
- package/dist/api/auth/index.d.ts +5 -0
- package/dist/api/auth/index.js +23 -0
- package/dist/api/auth/index.js.map +1 -0
- package/dist/api/chatkit/ai-provider.d.ts +44 -0
- package/dist/api/chatkit/ai-provider.js +157 -0
- package/dist/api/chatkit/ai-provider.js.map +1 -0
- package/dist/api/chatkit/index.d.ts +11 -0
- package/dist/api/chatkit/index.js +44 -0
- package/dist/api/chatkit/index.js.map +1 -0
- package/dist/api/chatkit/pod-store.d.ts +154 -0
- package/dist/api/chatkit/pod-store.js +794 -0
- package/dist/api/chatkit/pod-store.js.map +1 -0
- package/dist/api/chatkit/schema.d.ts +139 -0
- package/dist/api/chatkit/schema.js +168 -0
- package/dist/api/chatkit/schema.js.map +1 -0
- package/dist/api/chatkit/service.d.ts +143 -0
- package/dist/api/chatkit/service.js +442 -0
- package/dist/api/chatkit/service.js.map +1 -0
- package/dist/api/chatkit/store.d.ts +63 -0
- package/dist/api/chatkit/store.js +178 -0
- package/dist/api/chatkit/store.js.map +1 -0
- package/dist/api/chatkit/types.d.ts +461 -0
- package/dist/api/chatkit/types.js +50 -0
- package/dist/api/chatkit/types.js.map +1 -0
- package/dist/api/container/cloud.d.ts +12 -0
- package/dist/api/container/cloud.js +97 -0
- package/dist/api/container/cloud.js.map +1 -0
- package/dist/api/container/common.d.ts +11 -0
- package/dist/api/container/common.js +82 -0
- package/dist/api/container/common.js.map +1 -0
- package/dist/api/container/index.d.ts +16 -0
- package/dist/api/container/index.js +90 -0
- package/dist/api/container/index.js.map +1 -0
- package/dist/api/container/local.d.ts +13 -0
- package/dist/api/container/local.js +197 -0
- package/dist/api/container/local.js.map +1 -0
- package/dist/api/container/routes.d.ts +11 -0
- package/dist/api/container/routes.js +129 -0
- package/dist/api/container/routes.js.map +1 -0
- package/dist/api/container/types.d.ts +92 -0
- package/dist/api/container/types.js +8 -0
- package/dist/api/container/types.js.map +1 -0
- package/dist/api/handlers/AdminHandler.d.ts +6 -0
- package/dist/api/handlers/AdminHandler.js +330 -0
- package/dist/api/handlers/AdminHandler.js.map +1 -0
- package/dist/api/handlers/ApiKeyHandler.d.ts +15 -0
- package/dist/api/handlers/ApiKeyHandler.js +159 -0
- package/dist/api/handlers/ApiKeyHandler.js.map +1 -0
- package/dist/api/handlers/ChatHandler.d.ts +60 -0
- package/dist/api/handlers/ChatHandler.js +230 -0
- package/dist/api/handlers/ChatHandler.js.map +1 -0
- package/dist/api/handlers/ChatKitHandler.d.ts +18 -0
- package/dist/api/handlers/ChatKitHandler.js +151 -0
- package/dist/api/handlers/ChatKitHandler.js.map +1 -0
- package/dist/api/handlers/DashboardHandler.d.ts +14 -0
- package/dist/api/handlers/DashboardHandler.js +117 -0
- package/dist/api/handlers/DashboardHandler.js.map +1 -0
- package/dist/api/handlers/DdnsHandler.d.ts +19 -0
- package/dist/api/handlers/DdnsHandler.js +306 -0
- package/dist/api/handlers/DdnsHandler.js.map +1 -0
- package/dist/api/handlers/DevHandler.d.ts +18 -0
- package/dist/api/handlers/DevHandler.js +276 -0
- package/dist/api/handlers/DevHandler.js.map +1 -0
- package/dist/api/handlers/NodeHandler.d.ts +16 -0
- package/dist/api/handlers/NodeHandler.js +190 -0
- package/dist/api/handlers/NodeHandler.js.map +1 -0
- package/dist/api/handlers/PodManagementHandler.d.ts +39 -0
- package/dist/api/handlers/PodManagementHandler.js +294 -0
- package/dist/api/handlers/PodManagementHandler.js.map +1 -0
- package/dist/api/handlers/QuotaHandler.d.ts +21 -0
- package/dist/api/handlers/QuotaHandler.js +209 -0
- package/dist/api/handlers/QuotaHandler.js.map +1 -0
- package/dist/api/handlers/SignalHandler.d.ts +13 -0
- package/dist/api/handlers/SignalHandler.js +122 -0
- package/dist/api/handlers/SignalHandler.js.map +1 -0
- package/dist/api/handlers/SubdomainClientHandler.d.ts +24 -0
- package/dist/api/handlers/SubdomainClientHandler.js +169 -0
- package/dist/api/handlers/SubdomainClientHandler.js.map +1 -0
- package/dist/api/handlers/SubdomainHandler.d.ts +17 -0
- package/dist/api/handlers/SubdomainHandler.js +312 -0
- package/dist/api/handlers/SubdomainHandler.js.map +1 -0
- package/dist/api/handlers/VectorHandler.d.ts +15 -0
- package/dist/api/handlers/VectorHandler.js +293 -0
- package/dist/api/handlers/VectorHandler.js.map +1 -0
- package/dist/api/handlers/VectorStoreHandler.d.ts +20 -0
- package/dist/api/handlers/VectorStoreHandler.js +348 -0
- package/dist/api/handlers/VectorStoreHandler.js.map +1 -0
- package/dist/api/handlers/VectorStoreWebhookHandler.d.ts +74 -0
- package/dist/api/handlers/VectorStoreWebhookHandler.js +121 -0
- package/dist/api/handlers/VectorStoreWebhookHandler.js.map +1 -0
- package/dist/api/handlers/WebIdProfileHandler.d.ts +14 -0
- package/dist/api/handlers/WebIdProfileHandler.js +204 -0
- package/dist/api/handlers/WebIdProfileHandler.js.map +1 -0
- package/dist/api/handlers/index.d.ts +11 -0
- package/dist/api/handlers/index.js +28 -0
- package/dist/api/handlers/index.js.map +1 -0
- package/dist/api/index.d.ts +12 -0
- package/dist/api/index.js +29 -0
- package/dist/api/index.js.map +1 -0
- package/dist/api/main.d.ts +14 -0
- package/dist/api/main.js +106 -0
- package/dist/api/main.js.map +1 -0
- package/dist/api/middleware/AuthMiddleware.d.ts +35 -0
- package/dist/api/middleware/AuthMiddleware.js +51 -0
- package/dist/api/middleware/AuthMiddleware.js.map +1 -0
- package/dist/api/middleware/index.d.ts +1 -0
- package/dist/api/middleware/index.js +18 -0
- package/dist/api/middleware/index.js.map +1 -0
- package/dist/api/models/model-provider.schema.d.ts +12 -0
- package/dist/api/models/model-provider.schema.js +21 -0
- package/dist/api/models/model-provider.schema.js.map +1 -0
- package/dist/api/models/namespaces.d.ts +9 -0
- package/dist/api/models/namespaces.js +34 -0
- package/dist/api/models/namespaces.js.map +1 -0
- package/dist/api/service/InternalPodService.d.ts +19 -0
- package/dist/api/service/InternalPodService.js +82 -0
- package/dist/api/service/InternalPodService.js.map +1 -0
- package/dist/api/service/VectorService.d.ts +156 -0
- package/dist/api/service/VectorService.js +202 -0
- package/dist/api/service/VectorService.js.map +1 -0
- package/dist/api/service/VectorStoreService.d.ts +262 -0
- package/dist/api/service/VectorStoreService.js +985 -0
- package/dist/api/service/VectorStoreService.js.map +1 -0
- package/dist/api/service/VercelChatService.d.ts +28 -0
- package/dist/api/service/VercelChatService.js +289 -0
- package/dist/api/service/VercelChatService.js.map +1 -0
- package/dist/api/store/DrizzleClientCredentialsStore.d.ts +56 -0
- package/dist/api/store/DrizzleClientCredentialsStore.js +145 -0
- package/dist/api/store/DrizzleClientCredentialsStore.js.map +1 -0
- package/dist/api/store/index.d.ts +1 -0
- package/dist/api/store/index.js +18 -0
- package/dist/api/store/index.js.map +1 -0
- package/dist/components/components.jsonld +88 -0
- package/dist/components/context.jsonld +1962 -0
- package/dist/credential/index.d.ts +1 -0
- package/dist/credential/index.js +18 -0
- package/dist/credential/index.js.map +1 -0
- package/dist/credential/schema/index.d.ts +2 -0
- package/dist/credential/schema/index.js +19 -0
- package/dist/credential/schema/index.js.map +1 -0
- package/dist/credential/schema/tables.d.ts +31 -0
- package/dist/credential/schema/tables.js +42 -0
- package/dist/credential/schema/tables.js.map +1 -0
- package/dist/credential/schema/types.d.ts +20 -0
- package/dist/credential/schema/types.js +26 -0
- package/dist/credential/schema/types.js.map +1 -0
- package/dist/dns/DnsProvider.d.ts +46 -0
- package/dist/dns/DnsProvider.js +3 -0
- package/dist/dns/DnsProvider.js.map +1 -0
- package/dist/dns/DnsProvider.jsonld +161 -0
- package/dist/dns/cloudflare/CloudflareDnsProvider.d.ts +51 -0
- package/dist/dns/cloudflare/CloudflareDnsProvider.js +227 -0
- package/dist/dns/cloudflare/CloudflareDnsProvider.js.map +1 -0
- package/dist/dns/cloudflare/index.d.ts +1 -0
- package/dist/dns/cloudflare/index.js +18 -0
- package/dist/dns/cloudflare/index.js.map +1 -0
- package/dist/dns/tencent/TencentDnsProvider.d.ts +42 -0
- package/dist/dns/tencent/TencentDnsProvider.js +221 -0
- package/dist/dns/tencent/TencentDnsProvider.js.map +1 -0
- package/dist/dns/tencent/TencentDnsProvider.jsonld +239 -0
- package/dist/document/Chunker.d.ts +64 -0
- package/dist/document/Chunker.js +8 -0
- package/dist/document/Chunker.js.map +1 -0
- package/dist/document/DocumentParser.d.ts +58 -0
- package/dist/document/DocumentParser.js +8 -0
- package/dist/document/DocumentParser.js.map +1 -0
- package/dist/document/HeadingChunker.d.ts +34 -0
- package/dist/document/HeadingChunker.js +182 -0
- package/dist/document/HeadingChunker.js.map +1 -0
- package/dist/document/JinaDocumentParser.d.ts +40 -0
- package/dist/document/JinaDocumentParser.js +129 -0
- package/dist/document/JinaDocumentParser.js.map +1 -0
- package/dist/document/index.d.ts +7 -0
- package/dist/document/index.js +26 -0
- package/dist/document/index.js.map +1 -0
- package/dist/edge/DdnsManager.d.ts +53 -0
- package/dist/edge/DdnsManager.js +153 -0
- package/dist/edge/DdnsManager.js.map +1 -0
- package/dist/edge/Dns01CertificateProvisioner.d.ts +27 -0
- package/dist/edge/Dns01CertificateProvisioner.js +160 -0
- package/dist/edge/Dns01CertificateProvisioner.js.map +1 -0
- package/dist/edge/Dns01CertificateProvisioner.jsonld +148 -0
- package/dist/edge/EdgeNodeAgent.d.ts +56 -0
- package/dist/edge/EdgeNodeAgent.js +230 -0
- package/dist/edge/EdgeNodeAgent.js.map +1 -0
- package/dist/edge/EdgeNodeAgent.jsonld +89 -0
- package/dist/edge/EdgeNodeAgentInitializer.d.ts +25 -0
- package/dist/edge/EdgeNodeAgentInitializer.js +64 -0
- package/dist/edge/EdgeNodeAgentInitializer.js.map +1 -0
- package/dist/edge/EdgeNodeCapabilityDetector.d.ts +98 -0
- package/dist/edge/EdgeNodeCapabilityDetector.js +425 -0
- package/dist/edge/EdgeNodeCapabilityDetector.js.map +1 -0
- package/dist/edge/EdgeNodeCertificateProvisioner.d.ts +3 -0
- package/dist/edge/EdgeNodeCertificateProvisioner.js +3 -0
- package/dist/edge/EdgeNodeCertificateProvisioner.js.map +1 -0
- package/dist/edge/EdgeNodeCertificateProvisioner.jsonld +21 -0
- package/dist/edge/EdgeNodeDnsCoordinator.d.ts +38 -0
- package/dist/edge/EdgeNodeDnsCoordinator.js +201 -0
- package/dist/edge/EdgeNodeDnsCoordinator.js.map +1 -0
- package/dist/edge/EdgeNodeDnsCoordinator.jsonld +212 -0
- package/dist/edge/EdgeNodeHealthProbeService.d.ts +25 -0
- package/dist/edge/EdgeNodeHealthProbeService.js +208 -0
- package/dist/edge/EdgeNodeHealthProbeService.js.map +1 -0
- package/dist/edge/EdgeNodeHealthProbeService.jsonld +176 -0
- package/dist/edge/EdgeNodeModeDetector.d.ts +50 -0
- package/dist/edge/EdgeNodeModeDetector.js +194 -0
- package/dist/edge/EdgeNodeModeDetector.js.map +1 -0
- package/dist/edge/EdgeNodeModeDetector.jsonld +114 -0
- package/dist/edge/EdgeNodeTunnelManager.d.ts +23 -0
- package/dist/edge/EdgeNodeTunnelManager.js +99 -0
- package/dist/edge/EdgeNodeTunnelManager.js.map +1 -0
- package/dist/edge/EdgeNodeTunnelManager.jsonld +128 -0
- package/dist/edge/FrpTunnelManager.d.ts +30 -0
- package/dist/edge/FrpTunnelManager.js +151 -0
- package/dist/edge/FrpTunnelManager.js.map +1 -0
- package/dist/edge/FrpTunnelManager.jsonld +192 -0
- package/dist/edge/LocalNetworkManager.d.ts +41 -0
- package/dist/edge/LocalNetworkManager.js +115 -0
- package/dist/edge/LocalNetworkManager.js.map +1 -0
- package/dist/edge/acme/AcmeCertificateManager.d.ts +65 -0
- package/dist/edge/acme/AcmeCertificateManager.js +233 -0
- package/dist/edge/acme/AcmeCertificateManager.js.map +1 -0
- package/dist/edge/acme/AcmeCertificateManager.jsonld +373 -0
- package/dist/edge/acme/ClusterCertificateManager.d.ts +40 -0
- package/dist/edge/acme/ClusterCertificateManager.js +184 -0
- package/dist/edge/acme/ClusterCertificateManager.js.map +1 -0
- package/dist/edge/acme/DnsChallengeClient.d.ts +15 -0
- package/dist/edge/acme/DnsChallengeClient.js +40 -0
- package/dist/edge/acme/DnsChallengeClient.js.map +1 -0
- package/dist/edge/acme/utils.d.ts +4 -0
- package/dist/edge/acme/utils.js +17 -0
- package/dist/edge/acme/utils.js.map +1 -0
- package/dist/edge/frp/FrpRelay.d.ts +11 -0
- package/dist/edge/frp/FrpRelay.js +29 -0
- package/dist/edge/frp/FrpRelay.js.map +1 -0
- package/dist/edge/frp/FrpcProcessManager.d.ts +51 -0
- package/dist/edge/frp/FrpcProcessManager.js +174 -0
- package/dist/edge/frp/FrpcProcessManager.js.map +1 -0
- package/dist/edge/interfaces/EdgeNodeTunnelManager.d.ts +6 -0
- package/dist/edge/interfaces/EdgeNodeTunnelManager.js +3 -0
- package/dist/edge/interfaces/EdgeNodeTunnelManager.js.map +1 -0
- package/dist/edge/interfaces/EdgeNodeTunnelManager.jsonld +21 -0
- package/dist/embedding/CredentialReader.d.ts +7 -0
- package/dist/embedding/CredentialReader.js +10 -0
- package/dist/embedding/CredentialReader.js.map +1 -0
- package/dist/embedding/CredentialReader.jsonld +22 -0
- package/dist/embedding/CredentialReaderImpl.d.ts +6 -0
- package/dist/embedding/CredentialReaderImpl.js +55 -0
- package/dist/embedding/CredentialReaderImpl.js.map +1 -0
- package/dist/embedding/CredentialReaderImpl.jsonld +31 -0
- package/dist/embedding/EmbeddingService.d.ts +8 -0
- package/dist/embedding/EmbeddingService.js +10 -0
- package/dist/embedding/EmbeddingService.js.map +1 -0
- package/dist/embedding/EmbeddingService.jsonld +26 -0
- package/dist/embedding/EmbeddingServiceImpl.d.ts +11 -0
- package/dist/embedding/EmbeddingServiceImpl.js +73 -0
- package/dist/embedding/EmbeddingServiceImpl.js.map +1 -0
- package/dist/embedding/EmbeddingServiceImpl.jsonld +53 -0
- package/dist/embedding/ProviderRegistry.d.ts +26 -0
- package/dist/embedding/ProviderRegistry.js +10 -0
- package/dist/embedding/ProviderRegistry.js.map +1 -0
- package/dist/embedding/ProviderRegistry.jsonld +30 -0
- package/dist/embedding/ProviderRegistryImpl.d.ts +14 -0
- package/dist/embedding/ProviderRegistryImpl.js +112 -0
- package/dist/embedding/ProviderRegistryImpl.js.map +1 -0
- package/dist/embedding/ProviderRegistryImpl.jsonld +40 -0
- package/dist/embedding/index.d.ts +5 -0
- package/dist/embedding/index.js +22 -0
- package/dist/embedding/index.js.map +1 -0
- package/dist/embedding/schema/index.d.ts +1 -0
- package/dist/embedding/schema/index.js +18 -0
- package/dist/embedding/schema/index.js.map +1 -0
- package/dist/embedding/schema/tables.d.ts +70 -0
- package/dist/embedding/schema/tables.js +102 -0
- package/dist/embedding/schema/tables.js.map +1 -0
- package/dist/embedding/types.d.ts +12 -0
- package/dist/embedding/types.js +6 -0
- package/dist/embedding/types.js.map +1 -0
- package/dist/gateway/port-finder.d.ts +4 -0
- package/dist/gateway/port-finder.js +15 -0
- package/dist/gateway/port-finder.js.map +1 -0
- package/dist/gateway/proxy.d.ts +22 -0
- package/dist/gateway/proxy.js +149 -0
- package/dist/gateway/proxy.js.map +1 -0
- package/dist/gateway/supervisor.d.ts +2 -0
- package/dist/gateway/supervisor.js +7 -0
- package/dist/gateway/supervisor.js.map +1 -0
- package/dist/gateway/types.d.ts +1 -0
- package/dist/gateway/types.js +3 -0
- package/dist/gateway/types.js.map +1 -0
- package/dist/http/AppStaticAssetHandler.d.ts +8 -0
- package/dist/http/AppStaticAssetHandler.js +27 -0
- package/dist/http/AppStaticAssetHandler.js.map +1 -0
- package/dist/http/AppStaticAssetHandler.jsonld +26 -0
- package/dist/http/ClusterIngressRouter.d.ts +93 -0
- package/dist/http/ClusterIngressRouter.js +355 -0
- package/dist/http/ClusterIngressRouter.js.map +1 -0
- package/dist/http/ClusterIngressRouter.jsonld +227 -0
- package/dist/http/ClusterWebSocketConfigurator.d.ts +59 -0
- package/dist/http/ClusterWebSocketConfigurator.js +226 -0
- package/dist/http/ClusterWebSocketConfigurator.js.map +1 -0
- package/dist/http/ClusterWebSocketConfigurator.jsonld +145 -0
- package/dist/http/EdgeNodeDirectDebugHttpHandler.d.ts +25 -0
- package/dist/http/EdgeNodeDirectDebugHttpHandler.js +126 -0
- package/dist/http/EdgeNodeDirectDebugHttpHandler.js.map +1 -0
- package/dist/http/EdgeNodeDirectDebugHttpHandler.jsonld +151 -0
- package/dist/http/EdgeNodeProxyHttpHandler.d.ts +28 -0
- package/dist/http/EdgeNodeProxyHttpHandler.js +190 -0
- package/dist/http/EdgeNodeProxyHttpHandler.js.map +1 -0
- package/dist/http/EdgeNodeProxyHttpHandler.jsonld +162 -0
- package/dist/http/PodRoutingHttpHandler.d.ts +64 -0
- package/dist/http/PodRoutingHttpHandler.js +233 -0
- package/dist/http/PodRoutingHttpHandler.js.map +1 -0
- package/dist/http/PodRoutingHttpHandler.jsonld +171 -0
- package/dist/http/RequestIdHttpHandler.d.ts +15 -0
- package/dist/http/RequestIdHttpHandler.js +59 -0
- package/dist/http/RequestIdHttpHandler.js.map +1 -0
- package/dist/http/RouterHttpHandler.d.ts +21 -0
- package/dist/http/RouterHttpHandler.js +49 -0
- package/dist/http/RouterHttpHandler.js.map +1 -0
- package/dist/http/RouterHttpHandler.jsonld +80 -0
- package/dist/http/RouterHttpRoute.d.ts +6 -0
- package/dist/http/RouterHttpRoute.js +11 -0
- package/dist/http/RouterHttpRoute.js.map +1 -0
- package/dist/http/RouterHttpRoute.jsonld +48 -0
- package/dist/http/SignalInterceptHttpHandler.d.ts +24 -0
- package/dist/http/SignalInterceptHttpHandler.js +47 -0
- package/dist/http/SignalInterceptHttpHandler.js.map +1 -0
- package/dist/http/SignalInterceptHttpHandler.jsonld +103 -0
- package/dist/http/SubgraphSparqlHttpHandler.d.ts +70 -0
- package/dist/http/SubgraphSparqlHttpHandler.js +640 -0
- package/dist/http/SubgraphSparqlHttpHandler.js.map +1 -0
- package/dist/http/SubgraphSparqlHttpHandler.jsonld +363 -0
- package/dist/http/TracingHandler.d.ts +19 -0
- package/dist/http/TracingHandler.js +60 -0
- package/dist/http/TracingHandler.js.map +1 -0
- package/dist/http/TracingHandler.jsonld +37 -0
- package/dist/http/admin/EdgeNodeAdminHttpHandler.d.ts +45 -0
- package/dist/http/admin/EdgeNodeAdminHttpHandler.js +292 -0
- package/dist/http/admin/EdgeNodeAdminHttpHandler.js.map +1 -0
- package/dist/http/admin/EdgeNodeCertificateHttpHandler.d.ts +33 -0
- package/dist/http/admin/EdgeNodeCertificateHttpHandler.js +172 -0
- package/dist/http/admin/EdgeNodeCertificateHttpHandler.js.map +1 -0
- package/dist/http/admin/EdgeNodeCertificateHttpHandler.jsonld +182 -0
- package/dist/http/admin/EdgeNodeSignalHttpHandler.d.ts +71 -0
- package/dist/http/admin/EdgeNodeSignalHttpHandler.js +674 -0
- package/dist/http/admin/EdgeNodeSignalHttpHandler.js.map +1 -0
- package/dist/http/admin/EdgeNodeSignalHttpHandler.jsonld +406 -0
- package/dist/http/cluster/PodMigrationHttpHandler.d.ts +52 -0
- package/dist/http/cluster/PodMigrationHttpHandler.js +208 -0
- package/dist/http/cluster/PodMigrationHttpHandler.js.map +1 -0
- package/dist/http/cluster/PodMigrationHttpHandler.jsonld +169 -0
- package/dist/http/quota/QuotaAdminHttpHandler.d.ts +34 -0
- package/dist/http/quota/QuotaAdminHttpHandler.js +241 -0
- package/dist/http/quota/QuotaAdminHttpHandler.js.map +1 -0
- package/dist/http/quota/QuotaAdminHttpHandler.jsonld +171 -0
- package/dist/http/search/SearchHttpHandler.d.ts +59 -0
- package/dist/http/search/SearchHttpHandler.js +312 -0
- package/dist/http/search/SearchHttpHandler.js.map +1 -0
- package/dist/http/search/index.d.ts +1 -0
- package/dist/http/search/index.js +18 -0
- package/dist/http/search/index.js.map +1 -0
- package/dist/http/terminal/TerminalHttpHandler.d.ts +45 -0
- package/dist/http/terminal/TerminalHttpHandler.js +306 -0
- package/dist/http/terminal/TerminalHttpHandler.js.map +1 -0
- package/dist/http/terminal/TerminalHttpHandler.jsonld +232 -0
- package/dist/http/terminal/index.d.ts +1 -0
- package/dist/http/terminal/index.js +18 -0
- package/dist/http/terminal/index.js.map +1 -0
- package/dist/http/vector/VectorHttpHandler.d.ts +42 -0
- package/dist/http/vector/VectorHttpHandler.js +301 -0
- package/dist/http/vector/VectorHttpHandler.js.map +1 -0
- package/dist/http/vector/VectorHttpHandler.jsonld +157 -0
- package/dist/http/vector/index.d.ts +1 -0
- package/dist/http/vector/index.js +18 -0
- package/dist/http/vector/index.js.map +1 -0
- package/dist/ice/IceServerProvider.d.ts +85 -0
- package/dist/ice/IceServerProvider.js +122 -0
- package/dist/ice/IceServerProvider.js.map +1 -0
- package/dist/ice/index.d.ts +8 -0
- package/dist/ice/index.js +25 -0
- package/dist/ice/index.js.map +1 -0
- package/dist/identity/CenterNodeRegistrationService.d.ts +102 -0
- package/dist/identity/CenterNodeRegistrationService.js +266 -0
- package/dist/identity/CenterNodeRegistrationService.js.map +1 -0
- package/dist/identity/CenterNodeRegistrationService.jsonld +251 -0
- package/dist/identity/ReactAppViewHandler.d.ts +31 -0
- package/dist/identity/ReactAppViewHandler.js +79 -0
- package/dist/identity/ReactAppViewHandler.js.map +1 -0
- package/dist/identity/ReactAppViewHandler.jsonld +99 -0
- package/dist/identity/drizzle/AccountRepository.d.ts +31 -0
- package/dist/identity/drizzle/AccountRepository.js +130 -0
- package/dist/identity/drizzle/AccountRepository.js.map +1 -0
- package/dist/identity/drizzle/AccountRoleRepository.d.ts +23 -0
- package/dist/identity/drizzle/AccountRoleRepository.js +233 -0
- package/dist/identity/drizzle/AccountRoleRepository.js.map +1 -0
- package/dist/identity/drizzle/DdnsRepository.d.ts +87 -0
- package/dist/identity/drizzle/DdnsRepository.js +284 -0
- package/dist/identity/drizzle/DdnsRepository.js.map +1 -0
- package/dist/identity/drizzle/DrizzleIndexedStorage.d.ts +26 -0
- package/dist/identity/drizzle/DrizzleIndexedStorage.js +159 -0
- package/dist/identity/drizzle/DrizzleIndexedStorage.js.map +1 -0
- package/dist/identity/drizzle/DrizzleIndexedStorage.jsonld +130 -0
- package/dist/identity/drizzle/EdgeNodeRepository.d.ts +155 -0
- package/dist/identity/drizzle/EdgeNodeRepository.js +555 -0
- package/dist/identity/drizzle/EdgeNodeRepository.js.map +1 -0
- package/dist/identity/drizzle/PodLookupRepository.d.ts +59 -0
- package/dist/identity/drizzle/PodLookupRepository.js +153 -0
- package/dist/identity/drizzle/PodLookupRepository.js.map +1 -0
- package/dist/identity/drizzle/WebIdProfileRepository.d.ts +58 -0
- package/dist/identity/drizzle/WebIdProfileRepository.js +157 -0
- package/dist/identity/drizzle/WebIdProfileRepository.js.map +1 -0
- package/dist/identity/drizzle/db.d.ts +60 -0
- package/dist/identity/drizzle/db.js +269 -0
- package/dist/identity/drizzle/db.js.map +1 -0
- package/dist/identity/drizzle/schema.d.ts +1 -0
- package/dist/identity/drizzle/schema.js +20 -0
- package/dist/identity/drizzle/schema.js.map +1 -0
- package/dist/identity/drizzle/schema.pg.d.ts +20 -0
- package/dist/identity/drizzle/schema.pg.js +103 -0
- package/dist/identity/drizzle/schema.pg.js.map +1 -0
- package/dist/identity/drizzle/schema.sqlite.d.ts +872 -0
- package/dist/identity/drizzle/schema.sqlite.js +100 -0
- package/dist/identity/drizzle/schema.sqlite.js.map +1 -0
- package/dist/identity/oidc/AutoDetectIdentityProviderHandler.d.ts +43 -0
- package/dist/identity/oidc/AutoDetectIdentityProviderHandler.js +92 -0
- package/dist/identity/oidc/AutoDetectIdentityProviderHandler.js.map +1 -0
- package/dist/identity/oidc/AutoDetectIdentityProviderHandler.jsonld +122 -0
- package/dist/identity/oidc/AutoDetectOidcHandler.d.ts +55 -0
- package/dist/identity/oidc/AutoDetectOidcHandler.js +137 -0
- package/dist/identity/oidc/AutoDetectOidcHandler.js.map +1 -0
- package/dist/identity/oidc/AutoDetectOidcHandler.jsonld +138 -0
- package/dist/identity/oidc/DisabledIdentityProviderHandler.d.ts +51 -0
- package/dist/identity/oidc/DisabledIdentityProviderHandler.js +104 -0
- package/dist/identity/oidc/DisabledIdentityProviderHandler.js.map +1 -0
- package/dist/identity/oidc/DisabledIdentityProviderHandler.jsonld +111 -0
- package/dist/identity/oidc/DisabledOidcHandler.d.ts +55 -0
- package/dist/identity/oidc/DisabledOidcHandler.js +132 -0
- package/dist/identity/oidc/DisabledOidcHandler.js.map +1 -0
- package/dist/identity/oidc/DisabledOidcHandler.jsonld +157 -0
- package/dist/index.d.ts +80 -0
- package/dist/index.js +155 -0
- package/dist/index.js.map +1 -0
- package/dist/legacy/DrizzleClientCredentialsStore.d.ts +51 -0
- package/dist/legacy/DrizzleClientCredentialsStore.js +142 -0
- package/dist/legacy/DrizzleClientCredentialsStore.js.map +1 -0
- package/dist/legacy/DrizzleIndexedStorage.d.ts +26 -0
- package/dist/legacy/DrizzleIndexedStorage.js +159 -0
- package/dist/legacy/DrizzleIndexedStorage.js.map +1 -0
- package/dist/legacy/DrizzleQuotaService.d.ts +16 -0
- package/dist/legacy/DrizzleQuotaService.js +37 -0
- package/dist/legacy/DrizzleQuotaService.js.map +1 -0
- package/dist/libs/backends/index.d.ts +6 -0
- package/dist/libs/backends/index.js +31 -0
- package/dist/libs/backends/index.js.map +1 -0
- package/dist/libs/backends/sqlup.d.ts +44 -0
- package/dist/libs/backends/sqlup.js +437 -0
- package/dist/libs/backends/sqlup.js.map +1 -0
- package/dist/logging/ConfigurableLoggerFactory.d.ts +24 -0
- package/dist/logging/ConfigurableLoggerFactory.js +77 -0
- package/dist/logging/ConfigurableLoggerFactory.js.map +1 -0
- package/dist/logging/ConfigurableLoggerFactory.jsonld +169 -0
- package/dist/logging/LogContext.d.ts +5 -0
- package/dist/logging/LogContext.js +6 -0
- package/dist/logging/LogContext.js.map +1 -0
- package/dist/main.d.ts +2 -0
- package/dist/main.js +148 -0
- package/dist/main.js.map +1 -0
- package/dist/network/LocalNetworkDetector.d.ts +65 -0
- package/dist/network/LocalNetworkDetector.js +185 -0
- package/dist/network/LocalNetworkDetector.js.map +1 -0
- package/dist/network/index.d.ts +4 -0
- package/dist/network/index.js +21 -0
- package/dist/network/index.js.map +1 -0
- package/dist/pods/ReservedSuffixIdentifierGenerator.d.ts +13 -0
- package/dist/pods/ReservedSuffixIdentifierGenerator.js +26 -0
- package/dist/pods/ReservedSuffixIdentifierGenerator.js.map +1 -0
- package/dist/pods/ReservedSuffixIdentifierGenerator.jsonld +75 -0
- package/dist/quota/DefaultQuotaService.d.ts +16 -0
- package/dist/quota/DefaultQuotaService.js +37 -0
- package/dist/quota/DefaultQuotaService.js.map +1 -0
- package/dist/quota/DefaultQuotaService.jsonld +85 -0
- package/dist/quota/DrizzleQuotaService.d.ts +16 -0
- package/dist/quota/DrizzleQuotaService.js +37 -0
- package/dist/quota/DrizzleQuotaService.js.map +1 -0
- package/dist/quota/DrizzleQuotaService.jsonld +87 -0
- package/dist/quota/NoopQuotaService.d.ts +7 -0
- package/dist/quota/NoopQuotaService.js +15 -0
- package/dist/quota/NoopQuotaService.js.map +1 -0
- package/dist/quota/NoopQuotaService.jsonld +36 -0
- package/dist/quota/QuotaService.d.ts +6 -0
- package/dist/quota/QuotaService.js +3 -0
- package/dist/quota/QuotaService.js.map +1 -0
- package/dist/quota/QuotaService.jsonld +33 -0
- package/dist/sdk/SignalingClientAdapter.d.ts +38 -0
- package/dist/sdk/SignalingClientAdapter.js +99 -0
- package/dist/sdk/SignalingClientAdapter.js.map +1 -0
- package/dist/sdk/createFetch.d.ts +23 -0
- package/dist/sdk/createFetch.js +258 -0
- package/dist/sdk/createFetch.js.map +1 -0
- package/dist/sdk/index.d.ts +29 -0
- package/dist/sdk/index.js +34 -0
- package/dist/sdk/index.js.map +1 -0
- package/dist/sdk/xpodFetch.d.ts +112 -0
- package/dist/sdk/xpodFetch.js +251 -0
- package/dist/sdk/xpodFetch.js.map +1 -0
- package/dist/service/EdgeNodeCertificateService.d.ts +45 -0
- package/dist/service/EdgeNodeCertificateService.js +164 -0
- package/dist/service/EdgeNodeCertificateService.js.map +1 -0
- package/dist/service/EdgeNodeCertificateService.jsonld +216 -0
- package/dist/service/EdgeNodeHeartbeatService.d.ts +68 -0
- package/dist/service/EdgeNodeHeartbeatService.js +262 -0
- package/dist/service/EdgeNodeHeartbeatService.js.map +1 -0
- package/dist/service/PodMigrationService.d.ts +43 -0
- package/dist/service/PodMigrationService.js +72 -0
- package/dist/service/PodMigrationService.js.map +1 -0
- package/dist/service/PodMigrationService.jsonld +76 -0
- package/dist/signaling/SignalingClient.d.ts +142 -0
- package/dist/signaling/SignalingClient.js +305 -0
- package/dist/signaling/SignalingClient.js.map +1 -0
- package/dist/signaling/SignalingService.d.ts +104 -0
- package/dist/signaling/SignalingService.js +440 -0
- package/dist/signaling/SignalingService.js.map +1 -0
- package/dist/signaling/index.d.ts +11 -0
- package/dist/signaling/index.js +28 -0
- package/dist/signaling/index.js.map +1 -0
- package/dist/signaling/types.d.ts +237 -0
- package/dist/signaling/types.js +18 -0
- package/dist/signaling/types.js.map +1 -0
- package/dist/storage/DrizzleCompat.d.ts +15 -0
- package/dist/storage/DrizzleCompat.js +60 -0
- package/dist/storage/DrizzleCompat.js.map +1 -0
- package/dist/storage/LockingResourceStore.d.ts +8 -0
- package/dist/storage/LockingResourceStore.js +68 -0
- package/dist/storage/LockingResourceStore.js.map +1 -0
- package/dist/storage/MigratableDataAccessor.d.ts +63 -0
- package/dist/storage/MigratableDataAccessor.js +11 -0
- package/dist/storage/MigratableDataAccessor.js.map +1 -0
- package/dist/storage/MigratableDataAccessor.jsonld +60 -0
- package/dist/storage/ObservableResourceStore.d.ts +89 -0
- package/dist/storage/ObservableResourceStore.js +125 -0
- package/dist/storage/ObservableResourceStore.js.map +1 -0
- package/dist/storage/RepresentationPartialConvertingStore.d.ts +22 -0
- package/dist/storage/RepresentationPartialConvertingStore.js +94 -0
- package/dist/storage/RepresentationPartialConvertingStore.js.map +1 -0
- package/dist/storage/RepresentationPartialConvertingStore.jsonld +332 -0
- package/dist/storage/SparqlUpdateResourceStore.d.ts +30 -0
- package/dist/storage/SparqlUpdateResourceStore.js +292 -0
- package/dist/storage/SparqlUpdateResourceStore.js.map +1 -0
- package/dist/storage/SparqlUpdateResourceStore.jsonld +112 -0
- package/dist/storage/SqliteCompat.d.ts +60 -0
- package/dist/storage/SqliteCompat.js +158 -0
- package/dist/storage/SqliteCompat.js.map +1 -0
- package/dist/storage/accessors/MinioDataAccessor.d.ts +127 -0
- package/dist/storage/accessors/MinioDataAccessor.js +249 -0
- package/dist/storage/accessors/MinioDataAccessor.js.map +1 -0
- package/dist/storage/accessors/MinioDataAccessor.jsonld +138 -0
- package/dist/storage/accessors/MixDataAccessor.d.ts +43 -0
- package/dist/storage/accessors/MixDataAccessor.js +130 -0
- package/dist/storage/accessors/MixDataAccessor.js.map +1 -0
- package/dist/storage/accessors/MixDataAccessor.jsonld +101 -0
- package/dist/storage/accessors/QuadstoreSparqlDataAccessor.d.ts +146 -0
- package/dist/storage/accessors/QuadstoreSparqlDataAccessor.js +415 -0
- package/dist/storage/accessors/QuadstoreSparqlDataAccessor.js.map +1 -0
- package/dist/storage/accessors/QuadstoreSparqlDataAccessor.jsonld +180 -0
- package/dist/storage/accessors/QuintStoreSparqlDataAccessor.d.ts +95 -0
- package/dist/storage/accessors/QuintStoreSparqlDataAccessor.js +376 -0
- package/dist/storage/accessors/QuintStoreSparqlDataAccessor.js.map +1 -0
- package/dist/storage/accessors/QuintStoreSparqlDataAccessor.jsonld +168 -0
- package/dist/storage/accessors/TieredMinioDataAccessor.d.ts +150 -0
- package/dist/storage/accessors/TieredMinioDataAccessor.js +582 -0
- package/dist/storage/accessors/TieredMinioDataAccessor.js.map +1 -0
- package/dist/storage/accessors/TieredMinioDataAccessor.jsonld +333 -0
- package/dist/storage/database/PostgresPoolManager.d.ts +56 -0
- package/dist/storage/database/PostgresPoolManager.js +117 -0
- package/dist/storage/database/PostgresPoolManager.js.map +1 -0
- package/dist/storage/keyvalue/PostgresKeyValueStorage.d.ts +34 -0
- package/dist/storage/keyvalue/PostgresKeyValueStorage.js +146 -0
- package/dist/storage/keyvalue/PostgresKeyValueStorage.js.map +1 -0
- package/dist/storage/keyvalue/PostgresKeyValueStorage.jsonld +192 -0
- package/dist/storage/keyvalue/RedisKeyValueStorage.d.ts +30 -0
- package/dist/storage/keyvalue/RedisKeyValueStorage.js +133 -0
- package/dist/storage/keyvalue/RedisKeyValueStorage.js.map +1 -0
- package/dist/storage/keyvalue/RedisKeyValueStorage.jsonld +237 -0
- package/dist/storage/keyvalue/SqliteKeyValueStorage.d.ts +30 -0
- package/dist/storage/keyvalue/SqliteKeyValueStorage.js +164 -0
- package/dist/storage/keyvalue/SqliteKeyValueStorage.js.map +1 -0
- package/dist/storage/keyvalue/SqliteKeyValueStorage.jsonld +167 -0
- package/dist/storage/quint/BaseQuintStore.d.ts +80 -0
- package/dist/storage/quint/BaseQuintStore.js +535 -0
- package/dist/storage/quint/BaseQuintStore.js.map +1 -0
- package/dist/storage/quint/BaseQuintStore.jsonld +175 -0
- package/dist/storage/quint/PgQuintStore.d.ts +61 -0
- package/dist/storage/quint/PgQuintStore.drizzle.d.ts +45 -0
- package/dist/storage/quint/PgQuintStore.drizzle.js +327 -0
- package/dist/storage/quint/PgQuintStore.drizzle.js.map +1 -0
- package/dist/storage/quint/PgQuintStore.js +275 -0
- package/dist/storage/quint/PgQuintStore.js.map +1 -0
- package/dist/storage/quint/PgQuintStore.jsonld +258 -0
- package/dist/storage/quint/SqliteQuintStore.d.ts +55 -0
- package/dist/storage/quint/SqliteQuintStore.js +630 -0
- package/dist/storage/quint/SqliteQuintStore.js.map +1 -0
- package/dist/storage/quint/SqliteQuintStore.jsonld +157 -0
- package/dist/storage/quint/index.d.ts +11 -0
- package/dist/storage/quint/index.js +30 -0
- package/dist/storage/quint/index.js.map +1 -0
- package/dist/storage/quint/schema.d.ts +82 -0
- package/dist/storage/quint/schema.js +33 -0
- package/dist/storage/quint/schema.js.map +1 -0
- package/dist/storage/quint/serialization.d.ts +56 -0
- package/dist/storage/quint/serialization.js +198 -0
- package/dist/storage/quint/serialization.js.map +1 -0
- package/dist/storage/quint/types.d.ts +152 -0
- package/dist/storage/quint/types.js +27 -0
- package/dist/storage/quint/types.js.map +1 -0
- package/dist/storage/quint/types.jsonld +78 -0
- package/dist/storage/quota/PerAccountQuotaStrategy.d.ts +19 -0
- package/dist/storage/quota/PerAccountQuotaStrategy.js +63 -0
- package/dist/storage/quota/PerAccountQuotaStrategy.js.map +1 -0
- package/dist/storage/quota/PerAccountQuotaStrategy.jsonld +113 -0
- package/dist/storage/quota/UsageRepository.d.ts +46 -0
- package/dist/storage/quota/UsageRepository.js +278 -0
- package/dist/storage/quota/UsageRepository.js.map +1 -0
- package/dist/storage/quota/UsageTrackingStore.d.ts +37 -0
- package/dist/storage/quota/UsageTrackingStore.js +355 -0
- package/dist/storage/quota/UsageTrackingStore.js.map +1 -0
- package/dist/storage/quota/UsageTrackingStore.jsonld +193 -0
- package/dist/storage/sparql/AlgebraUtils.d.ts +48 -0
- package/dist/storage/sparql/AlgebraUtils.js +118 -0
- package/dist/storage/sparql/AlgebraUtils.js.map +1 -0
- package/dist/storage/sparql/ComunicaOptimizedEngine.d.ts +59 -0
- package/dist/storage/sparql/ComunicaOptimizedEngine.js +254 -0
- package/dist/storage/sparql/ComunicaOptimizedEngine.js.map +1 -0
- package/dist/storage/sparql/ComunicaQuintEngine.d.ts +134 -0
- package/dist/storage/sparql/ComunicaQuintEngine.js +727 -0
- package/dist/storage/sparql/ComunicaQuintEngine.js.map +1 -0
- package/dist/storage/sparql/ExpressionEvaluator.d.ts +54 -0
- package/dist/storage/sparql/ExpressionEvaluator.js +340 -0
- package/dist/storage/sparql/ExpressionEvaluator.js.map +1 -0
- package/dist/storage/sparql/FilterPushdownExtractor.d.ts +74 -0
- package/dist/storage/sparql/FilterPushdownExtractor.js +409 -0
- package/dist/storage/sparql/FilterPushdownExtractor.js.map +1 -0
- package/dist/storage/sparql/OptimizedQuadstoreEngine.d.ts +65 -0
- package/dist/storage/sparql/OptimizedQuadstoreEngine.js +327 -0
- package/dist/storage/sparql/OptimizedQuadstoreEngine.js.map +1 -0
- package/dist/storage/sparql/OptimizedQuadstoreSource.d.ts +46 -0
- package/dist/storage/sparql/OptimizedQuadstoreSource.js +118 -0
- package/dist/storage/sparql/OptimizedQuadstoreSource.js.map +1 -0
- package/dist/storage/sparql/PatternBuilder.d.ts +41 -0
- package/dist/storage/sparql/PatternBuilder.js +118 -0
- package/dist/storage/sparql/PatternBuilder.js.map +1 -0
- package/dist/storage/sparql/QueryOptimizer.d.ts +125 -0
- package/dist/storage/sparql/QueryOptimizer.js +363 -0
- package/dist/storage/sparql/QueryOptimizer.js.map +1 -0
- package/dist/storage/sparql/QuintEngine.d.ts +92 -0
- package/dist/storage/sparql/QuintEngine.js +150 -0
- package/dist/storage/sparql/QuintEngine.js.map +1 -0
- package/dist/storage/sparql/QuintQuerySource.d.ts +227 -0
- package/dist/storage/sparql/QuintQuerySource.js +918 -0
- package/dist/storage/sparql/QuintQuerySource.js.map +1 -0
- package/dist/storage/sparql/SimpleSparqlExecutor.d.ts +40 -0
- package/dist/storage/sparql/SimpleSparqlExecutor.js +131 -0
- package/dist/storage/sparql/SimpleSparqlExecutor.js.map +1 -0
- package/dist/storage/sparql/SubgraphQueryEngine.d.ts +74 -0
- package/dist/storage/sparql/SubgraphQueryEngine.js +248 -0
- package/dist/storage/sparql/SubgraphQueryEngine.js.map +1 -0
- package/dist/storage/sparql/SubgraphQueryEngine.jsonld +250 -0
- package/dist/storage/vector/PostgresVectorStore.d.ts +46 -0
- package/dist/storage/vector/PostgresVectorStore.js +291 -0
- package/dist/storage/vector/PostgresVectorStore.js.map +1 -0
- package/dist/storage/vector/PostgresVectorStore.jsonld +142 -0
- package/dist/storage/vector/SqliteVectorStore.d.ts +44 -0
- package/dist/storage/vector/SqliteVectorStore.js +282 -0
- package/dist/storage/vector/SqliteVectorStore.js.map +1 -0
- package/dist/storage/vector/SqliteVectorStore.jsonld +137 -0
- package/dist/storage/vector/VectorIndexingListener.d.ts +114 -0
- package/dist/storage/vector/VectorIndexingListener.js +351 -0
- package/dist/storage/vector/VectorIndexingListener.js.map +1 -0
- package/dist/storage/vector/VectorStore.d.ts +42 -0
- package/dist/storage/vector/VectorStore.js +50 -0
- package/dist/storage/vector/VectorStore.js.map +1 -0
- package/dist/storage/vector/VectorStore.jsonld +87 -0
- package/dist/storage/vector/VectorStoreInit.d.ts +28 -0
- package/dist/storage/vector/VectorStoreInit.js +104 -0
- package/dist/storage/vector/VectorStoreInit.js.map +1 -0
- package/dist/storage/vector/index.d.ts +5 -0
- package/dist/storage/vector/index.js +22 -0
- package/dist/storage/vector/index.js.map +1 -0
- package/dist/storage/vector/types.d.ts +39 -0
- package/dist/storage/vector/types.js +8 -0
- package/dist/storage/vector/types.js.map +1 -0
- package/dist/subdomain/SubdomainClient.d.ts +156 -0
- package/dist/subdomain/SubdomainClient.js +220 -0
- package/dist/subdomain/SubdomainClient.js.map +1 -0
- package/dist/subdomain/SubdomainService.d.ts +114 -0
- package/dist/subdomain/SubdomainService.js +212 -0
- package/dist/subdomain/SubdomainService.js.map +1 -0
- package/dist/subdomain/SubdomainService.jsonld +261 -0
- package/dist/subdomain/index.d.ts +2 -0
- package/dist/subdomain/index.js +9 -0
- package/dist/subdomain/index.js.map +1 -0
- package/dist/supervisor/Supervisor.d.ts +20 -0
- package/dist/supervisor/Supervisor.js +174 -0
- package/dist/supervisor/Supervisor.js.map +1 -0
- package/dist/supervisor/index.d.ts +2 -0
- package/dist/supervisor/index.js +6 -0
- package/dist/supervisor/index.js.map +1 -0
- package/dist/supervisor/types.d.ts +19 -0
- package/dist/supervisor/types.js +3 -0
- package/dist/supervisor/types.js.map +1 -0
- package/dist/task/DrizzleTaskQueue.d.ts +60 -0
- package/dist/task/DrizzleTaskQueue.js +171 -0
- package/dist/task/DrizzleTaskQueue.js.map +1 -0
- package/dist/task/TaskExecutor.d.ts +82 -0
- package/dist/task/TaskExecutor.js +198 -0
- package/dist/task/TaskExecutor.js.map +1 -0
- package/dist/task/index.d.ts +10 -0
- package/dist/task/index.js +20 -0
- package/dist/task/index.js.map +1 -0
- package/dist/task/schema.d.ts +53 -0
- package/dist/task/schema.js +71 -0
- package/dist/task/schema.js.map +1 -0
- package/dist/task/types.d.ts +186 -0
- package/dist/task/types.js +12 -0
- package/dist/task/types.js.map +1 -0
- package/dist/terminal/AclPermissionService.d.ts +28 -0
- package/dist/terminal/AclPermissionService.js +141 -0
- package/dist/terminal/AclPermissionService.js.map +1 -0
- package/dist/terminal/BubblewrapSandbox.d.ts +51 -0
- package/dist/terminal/BubblewrapSandbox.js +147 -0
- package/dist/terminal/BubblewrapSandbox.js.map +1 -0
- package/dist/terminal/TerminalSession.d.ts +33 -0
- package/dist/terminal/TerminalSession.js +164 -0
- package/dist/terminal/TerminalSession.js.map +1 -0
- package/dist/terminal/TerminalSessionManager.d.ts +69 -0
- package/dist/terminal/TerminalSessionManager.js +196 -0
- package/dist/terminal/TerminalSessionManager.js.map +1 -0
- package/dist/terminal/index.d.ts +5 -0
- package/dist/terminal/index.js +22 -0
- package/dist/terminal/index.js.map +1 -0
- package/dist/terminal/sandbox/BubblewrapSandbox.d.ts +8 -0
- package/dist/terminal/sandbox/BubblewrapSandbox.js +105 -0
- package/dist/terminal/sandbox/BubblewrapSandbox.js.map +1 -0
- package/dist/terminal/sandbox/MacOSSandbox.d.ts +19 -0
- package/dist/terminal/sandbox/MacOSSandbox.js +120 -0
- package/dist/terminal/sandbox/MacOSSandbox.js.map +1 -0
- package/dist/terminal/sandbox/index.d.ts +29 -0
- package/dist/terminal/sandbox/index.js +113 -0
- package/dist/terminal/sandbox/index.js.map +1 -0
- package/dist/terminal/sandbox/types.d.ts +38 -0
- package/dist/terminal/sandbox/types.js +3 -0
- package/dist/terminal/sandbox/types.js.map +1 -0
- package/dist/terminal/types.d.ts +80 -0
- package/dist/terminal/types.js +16 -0
- package/dist/terminal/types.js.map +1 -0
- package/dist/tunnel/CloudflareTunnelProvider.d.ts +120 -0
- package/dist/tunnel/CloudflareTunnelProvider.js +376 -0
- package/dist/tunnel/CloudflareTunnelProvider.js.map +1 -0
- package/dist/tunnel/CloudflareTunnelProvider.jsonld +204 -0
- package/dist/tunnel/LocalTunnelProvider.d.ts +85 -0
- package/dist/tunnel/LocalTunnelProvider.js +295 -0
- package/dist/tunnel/LocalTunnelProvider.js.map +1 -0
- package/dist/tunnel/LocalTunnelProvider.jsonld +142 -0
- package/dist/tunnel/SakuraFrpTunnelProvider.d.ts +59 -0
- package/dist/tunnel/SakuraFrpTunnelProvider.js +207 -0
- package/dist/tunnel/SakuraFrpTunnelProvider.js.map +1 -0
- package/dist/tunnel/TunnelProvider.d.ts +91 -0
- package/dist/tunnel/TunnelProvider.js +10 -0
- package/dist/tunnel/TunnelProvider.js.map +1 -0
- package/dist/tunnel/TunnelProvider.jsonld +144 -0
- package/dist/tunnel/index.d.ts +3 -0
- package/dist/tunnel/index.js +8 -0
- package/dist/tunnel/index.js.map +1 -0
- package/dist/util/LockContext.d.ts +3 -0
- package/dist/util/LockContext.js +6 -0
- package/dist/util/LockContext.js.map +1 -0
- package/dist/util/ResourceStoreFetch.d.ts +11 -0
- package/dist/util/ResourceStoreFetch.js +147 -0
- package/dist/util/ResourceStoreFetch.js.map +1 -0
- package/dist/util/database/DatabaseMaintenance.d.ts +23 -0
- package/dist/util/database/DatabaseMaintenance.js +82 -0
- package/dist/util/database/DatabaseMaintenance.js.map +1 -0
- package/dist/util/identifiers/ClusterIdentifierStrategy.d.ts +23 -0
- package/dist/util/identifiers/ClusterIdentifierStrategy.js +73 -0
- package/dist/util/identifiers/ClusterIdentifierStrategy.js.map +1 -0
- package/dist/util/identifiers/ClusterIdentifierStrategy.jsonld +90 -0
- package/dist/util/identifiers/MultiDomainIdentifierStrategy.d.ts +40 -0
- package/dist/util/identifiers/MultiDomainIdentifierStrategy.js +73 -0
- package/dist/util/identifiers/MultiDomainIdentifierStrategy.js.map +1 -0
- package/dist/util/identifiers/MultiDomainIdentifierStrategy.jsonld +90 -0
- package/dist/util/identifiers/PathBasedPodIdentifierStrategy.d.ts +78 -0
- package/dist/util/identifiers/PathBasedPodIdentifierStrategy.js +182 -0
- package/dist/util/identifiers/PathBasedPodIdentifierStrategy.js.map +1 -0
- package/dist/util/identifiers/PathBasedPodIdentifierStrategy.jsonld +88 -0
- package/dist/util/identifiers/SubdomainPodIdentifierStrategy.d.ts +68 -0
- package/dist/util/identifiers/SubdomainPodIdentifierStrategy.js +149 -0
- package/dist/util/identifiers/SubdomainPodIdentifierStrategy.js.map +1 -0
- package/dist/util/identifiers/SubdomainPodIdentifierStrategy.jsonld +84 -0
- package/dist/util/locking/DebugRedisLocker.d.ts +8 -0
- package/dist/util/locking/DebugRedisLocker.js +33 -0
- package/dist/util/locking/DebugRedisLocker.js.map +1 -0
- package/dist/util/logger.d.ts +13 -0
- package/dist/util/logger.js +36 -0
- package/dist/util/logger.js.map +1 -0
- package/dist/util/stream/BandwidthThrottleTransform.d.ts +8 -0
- package/dist/util/stream/BandwidthThrottleTransform.js +55 -0
- package/dist/util/stream/BandwidthThrottleTransform.js.map +1 -0
- package/dist/vocab/external.d.ts +216 -0
- package/dist/vocab/external.js +276 -0
- package/dist/vocab/external.js.map +1 -0
- package/dist/vocab/index.d.ts +26 -0
- package/dist/vocab/index.js +46 -0
- package/dist/vocab/index.js.map +1 -0
- package/dist/vocab/udfs.d.ts +184 -0
- package/dist/vocab/udfs.js +217 -0
- package/dist/vocab/udfs.js.map +1 -0
- package/dist/webrtc/WebRTCClient.d.ts +109 -0
- package/dist/webrtc/WebRTCClient.js +344 -0
- package/dist/webrtc/WebRTCClient.js.map +1 -0
- package/dist/webrtc/WebRTCPeerManager.d.ts +112 -0
- package/dist/webrtc/WebRTCPeerManager.js +289 -0
- package/dist/webrtc/WebRTCPeerManager.js.map +1 -0
- package/dist/webrtc/WeriftPeerConnectionFactory.d.ts +13 -0
- package/dist/webrtc/WeriftPeerConnectionFactory.js +255 -0
- package/dist/webrtc/WeriftPeerConnectionFactory.js.map +1 -0
- package/dist/webrtc/index.d.ts +13 -0
- package/dist/webrtc/index.js +30 -0
- package/dist/webrtc/index.js.map +1 -0
- package/dist/webrtc/types.d.ts +169 -0
- package/dist/webrtc/types.js +6 -0
- package/dist/webrtc/types.js.map +1 -0
- package/dist/xpod.single.cjs +826 -0
- package/dist/xpod.single.cjs.map +7 -0
- package/package.json +173 -0
- package/static/app/assets/index.css +1 -0
- package/static/app/assets/main.js +11 -0
- package/static/app/auth.html +21 -0
- package/static/app/index.html +14 -0
- package/static/app/vite.svg +1 -0
- package/static/dashboard/assets/dashboard-G96F8267.js +52 -0
- package/static/dashboard/assets/dashboard-PJyGDppf.css +1 -0
- package/static/dashboard/auth.html +21 -0
- package/static/dashboard/index.html +13 -0
- package/static/dashboard/vite.svg +1 -0
- package/static/landing/index.html +165 -0
- package/templates/identity/index.html.ejs +12 -0
- package/templates/identity/login.html.ejs +49 -0
- package/templates/identity/oidc/consent.html.ejs +103 -0
- package/templates/identity/password/forgot.html.ejs +49 -0
- package/templates/identity/password/login.html.ejs +58 -0
- package/templates/identity/password/register.html.ejs +65 -0
- package/templates/main.html.ejs +1 -0
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
import type { IncomingMessage } from 'node:http';
|
|
2
|
+
import type { Authenticator, AuthResult } from './Authenticator';
|
|
3
|
+
/**
|
|
4
|
+
* Interface for token cache
|
|
5
|
+
*/
|
|
6
|
+
export interface TokenCache {
|
|
7
|
+
get(clientId: string): Promise<{
|
|
8
|
+
token: string;
|
|
9
|
+
webId: string;
|
|
10
|
+
expiresAt: Date;
|
|
11
|
+
} | undefined>;
|
|
12
|
+
set(clientId: string, token: string, webId: string, expiresAt: Date): Promise<void>;
|
|
13
|
+
}
|
|
14
|
+
export interface ClientCredentialsAuthenticatorOptions {
|
|
15
|
+
tokenCache?: TokenCache;
|
|
16
|
+
/**
|
|
17
|
+
* CSS token endpoint URL
|
|
18
|
+
*/
|
|
19
|
+
tokenEndpoint: string;
|
|
20
|
+
}
|
|
21
|
+
/**
|
|
22
|
+
* Authenticator for API Keys in sk-xxx format.
|
|
23
|
+
*
|
|
24
|
+
* Format: sk-base64(client_id:client_secret)
|
|
25
|
+
*
|
|
26
|
+
* This authenticator:
|
|
27
|
+
* 1. Decodes the API Key to get client_id and client_secret
|
|
28
|
+
* 2. Exchanges them for a Solid Token via CSS token endpoint
|
|
29
|
+
* 3. Extracts webId from the token response
|
|
30
|
+
* 4. Returns a SolidAuthContext
|
|
31
|
+
*/
|
|
32
|
+
export declare class ClientCredentialsAuthenticator implements Authenticator {
|
|
33
|
+
private readonly logger;
|
|
34
|
+
private readonly tokenCache?;
|
|
35
|
+
private readonly tokenEndpoint;
|
|
36
|
+
constructor(options: ClientCredentialsAuthenticatorOptions);
|
|
37
|
+
canAuthenticate(request: IncomingMessage): boolean;
|
|
38
|
+
authenticate(request: IncomingMessage): Promise<AuthResult>;
|
|
39
|
+
private exchangeForToken;
|
|
40
|
+
/**
|
|
41
|
+
* Extract webId from JWT access token
|
|
42
|
+
*/
|
|
43
|
+
private extractWebIdFromJwt;
|
|
44
|
+
private isJwt;
|
|
45
|
+
}
|
|
46
|
+
export interface ClientCredentialsRecord {
|
|
47
|
+
clientId: string;
|
|
48
|
+
clientSecret: string;
|
|
49
|
+
webId: string;
|
|
50
|
+
accountId: string;
|
|
51
|
+
displayName?: string;
|
|
52
|
+
createdAt: Date;
|
|
53
|
+
}
|
|
54
|
+
export interface ClientCredentialsStore {
|
|
55
|
+
findByClientId(clientId: string): Promise<ClientCredentialsRecord | undefined>;
|
|
56
|
+
}
|
|
@@ -0,0 +1,191 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.ClientCredentialsAuthenticator = void 0;
|
|
4
|
+
const global_logger_factory_1 = require("global-logger-factory");
|
|
5
|
+
/**
|
|
6
|
+
* Authenticator for API Keys in sk-xxx format.
|
|
7
|
+
*
|
|
8
|
+
* Format: sk-base64(client_id:client_secret)
|
|
9
|
+
*
|
|
10
|
+
* This authenticator:
|
|
11
|
+
* 1. Decodes the API Key to get client_id and client_secret
|
|
12
|
+
* 2. Exchanges them for a Solid Token via CSS token endpoint
|
|
13
|
+
* 3. Extracts webId from the token response
|
|
14
|
+
* 4. Returns a SolidAuthContext
|
|
15
|
+
*/
|
|
16
|
+
class ClientCredentialsAuthenticator {
|
|
17
|
+
constructor(options) {
|
|
18
|
+
this.logger = (0, global_logger_factory_1.getLoggerFor)(this);
|
|
19
|
+
this.tokenCache = options.tokenCache;
|
|
20
|
+
this.tokenEndpoint = options.tokenEndpoint;
|
|
21
|
+
}
|
|
22
|
+
canAuthenticate(request) {
|
|
23
|
+
const auth = request.headers.authorization;
|
|
24
|
+
if (!auth?.startsWith('Bearer ')) {
|
|
25
|
+
return false;
|
|
26
|
+
}
|
|
27
|
+
// If there's a DPoP header, it's a Solid Token, not an API Key
|
|
28
|
+
if (request.headers.dpop) {
|
|
29
|
+
return false;
|
|
30
|
+
}
|
|
31
|
+
const token = auth.slice(7).trim();
|
|
32
|
+
if (!token) {
|
|
33
|
+
return false;
|
|
34
|
+
}
|
|
35
|
+
// Only handle sk-xxx format or non-JWT tokens
|
|
36
|
+
return token.startsWith('sk-') || !this.isJwt(token);
|
|
37
|
+
}
|
|
38
|
+
async authenticate(request) {
|
|
39
|
+
const authorization = request.headers.authorization;
|
|
40
|
+
if (!authorization?.startsWith('Bearer ')) {
|
|
41
|
+
return { success: false, error: 'Missing Bearer token' };
|
|
42
|
+
}
|
|
43
|
+
const token = authorization.slice(7).trim();
|
|
44
|
+
if (!token) {
|
|
45
|
+
return { success: false, error: 'Empty API Key' };
|
|
46
|
+
}
|
|
47
|
+
try {
|
|
48
|
+
let clientId;
|
|
49
|
+
let clientSecret;
|
|
50
|
+
// Parse sk-xxx format (base64 encoded client_id:client_secret)
|
|
51
|
+
if (token.startsWith('sk-')) {
|
|
52
|
+
const base64 = token.slice(3);
|
|
53
|
+
try {
|
|
54
|
+
const decoded = Buffer.from(base64, 'base64').toString('utf-8');
|
|
55
|
+
const colonIndex = decoded.indexOf(':');
|
|
56
|
+
if (colonIndex === -1) {
|
|
57
|
+
return { success: false, error: 'Invalid API Key format: missing colon separator' };
|
|
58
|
+
}
|
|
59
|
+
clientId = decoded.slice(0, colonIndex);
|
|
60
|
+
clientSecret = decoded.slice(colonIndex + 1);
|
|
61
|
+
if (!clientId || !clientSecret) {
|
|
62
|
+
return { success: false, error: 'Invalid API Key format: empty client_id or client_secret' };
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
catch {
|
|
66
|
+
return { success: false, error: 'Invalid API Key encoding' };
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
else {
|
|
70
|
+
// Non sk- format not supported without database lookup
|
|
71
|
+
return { success: false, error: 'Invalid API Key format: must start with sk-' };
|
|
72
|
+
}
|
|
73
|
+
// Check cache first
|
|
74
|
+
if (this.tokenCache) {
|
|
75
|
+
const cached = await this.tokenCache.get(clientId);
|
|
76
|
+
if (cached && cached.expiresAt > new Date()) {
|
|
77
|
+
this.logger.debug(`Using cached token for ${clientId.slice(0, 8)}...`);
|
|
78
|
+
return {
|
|
79
|
+
success: true,
|
|
80
|
+
context: {
|
|
81
|
+
type: 'solid',
|
|
82
|
+
webId: cached.webId,
|
|
83
|
+
accountId: cached.webId,
|
|
84
|
+
clientId,
|
|
85
|
+
clientSecret,
|
|
86
|
+
viaApiKey: true,
|
|
87
|
+
},
|
|
88
|
+
};
|
|
89
|
+
}
|
|
90
|
+
}
|
|
91
|
+
// Exchange for token at CSS endpoint
|
|
92
|
+
console.log(`[ClientCredentialsAuthenticator] Exchanging credentials at ${this.tokenEndpoint}`);
|
|
93
|
+
const tokenResult = await this.exchangeForToken(clientId, clientSecret);
|
|
94
|
+
console.log(`[ClientCredentialsAuthenticator] Token exchange result: success=${tokenResult.success}, webId=${tokenResult.webId}, error=${tokenResult.error}`);
|
|
95
|
+
if (!tokenResult.success || !tokenResult.webId) {
|
|
96
|
+
return { success: false, error: tokenResult.error || 'Token exchange failed' };
|
|
97
|
+
}
|
|
98
|
+
// Cache the token
|
|
99
|
+
if (this.tokenCache && tokenResult.expiresAt) {
|
|
100
|
+
await this.tokenCache.set(clientId, tokenResult.token, tokenResult.webId, tokenResult.expiresAt);
|
|
101
|
+
}
|
|
102
|
+
const context = {
|
|
103
|
+
type: 'solid',
|
|
104
|
+
webId: tokenResult.webId,
|
|
105
|
+
accountId: tokenResult.webId,
|
|
106
|
+
clientId,
|
|
107
|
+
clientSecret,
|
|
108
|
+
viaApiKey: true,
|
|
109
|
+
};
|
|
110
|
+
this.logger.debug(`Authenticated API Key for webId: ${tokenResult.webId}`);
|
|
111
|
+
return { success: true, context };
|
|
112
|
+
}
|
|
113
|
+
catch (error) {
|
|
114
|
+
console.error(`[ClientCredentialsAuthenticator] API Key authentication error:`, error);
|
|
115
|
+
this.logger.error(`API Key authentication error: ${error}`);
|
|
116
|
+
return { success: false, error: 'Authentication failed' };
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
async exchangeForToken(clientId, clientSecret) {
|
|
120
|
+
// 开发模式:跳过 CSS token exchange
|
|
121
|
+
if (process.env.NODE_ENV === 'development') {
|
|
122
|
+
this.logger.warn(`[DEV] Skipping token exchange for ${clientId.slice(0, 8)}...`);
|
|
123
|
+
return {
|
|
124
|
+
success: true,
|
|
125
|
+
token: `dev-token-${clientId}`,
|
|
126
|
+
expiresAt: new Date(Date.now() + 3600000),
|
|
127
|
+
};
|
|
128
|
+
}
|
|
129
|
+
try {
|
|
130
|
+
const response = await fetch(this.tokenEndpoint, {
|
|
131
|
+
method: 'POST',
|
|
132
|
+
headers: {
|
|
133
|
+
'Content-Type': 'application/x-www-form-urlencoded',
|
|
134
|
+
},
|
|
135
|
+
body: new URLSearchParams({
|
|
136
|
+
grant_type: 'client_credentials',
|
|
137
|
+
client_id: clientId,
|
|
138
|
+
client_secret: clientSecret,
|
|
139
|
+
}),
|
|
140
|
+
});
|
|
141
|
+
if (!response.ok) {
|
|
142
|
+
const error = await response.text();
|
|
143
|
+
this.logger.warn(`Token exchange failed: ${response.status} ${error}`);
|
|
144
|
+
return { success: false, error: `Token exchange failed: ${response.status}` };
|
|
145
|
+
}
|
|
146
|
+
const data = await response.json();
|
|
147
|
+
// Extract webId from token response or decode from JWT
|
|
148
|
+
let webId = data.webid;
|
|
149
|
+
if (!webId && data.access_token) {
|
|
150
|
+
webId = this.extractWebIdFromJwt(data.access_token);
|
|
151
|
+
}
|
|
152
|
+
if (!webId) {
|
|
153
|
+
return { success: false, error: 'Could not determine webId from token response' };
|
|
154
|
+
}
|
|
155
|
+
const expiresAt = data.expires_in
|
|
156
|
+
? new Date(Date.now() + data.expires_in * 1000 - 60000) // 1 min buffer
|
|
157
|
+
: new Date(Date.now() + 3600000); // Default 1 hour
|
|
158
|
+
return {
|
|
159
|
+
success: true,
|
|
160
|
+
token: data.access_token,
|
|
161
|
+
webId,
|
|
162
|
+
expiresAt,
|
|
163
|
+
};
|
|
164
|
+
}
|
|
165
|
+
catch (error) {
|
|
166
|
+
this.logger.error(`Token exchange error: ${error}`);
|
|
167
|
+
return { success: false, error: 'Token exchange failed' };
|
|
168
|
+
}
|
|
169
|
+
}
|
|
170
|
+
/**
|
|
171
|
+
* Extract webId from JWT access token
|
|
172
|
+
*/
|
|
173
|
+
extractWebIdFromJwt(jwt) {
|
|
174
|
+
try {
|
|
175
|
+
const parts = jwt.split('.');
|
|
176
|
+
if (parts.length !== 3) {
|
|
177
|
+
return undefined;
|
|
178
|
+
}
|
|
179
|
+
const payload = JSON.parse(Buffer.from(parts[1], 'base64').toString('utf-8'));
|
|
180
|
+
return payload.webid || payload.webId || payload.sub;
|
|
181
|
+
}
|
|
182
|
+
catch {
|
|
183
|
+
return undefined;
|
|
184
|
+
}
|
|
185
|
+
}
|
|
186
|
+
isJwt(token) {
|
|
187
|
+
return /^[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+$/.test(token);
|
|
188
|
+
}
|
|
189
|
+
}
|
|
190
|
+
exports.ClientCredentialsAuthenticator = ClientCredentialsAuthenticator;
|
|
191
|
+
//# sourceMappingURL=ClientCredentialsAuthenticator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ClientCredentialsAuthenticator.js","sourceRoot":"","sources":["../../../src/api/auth/ClientCredentialsAuthenticator.ts"],"names":[],"mappings":";;;AACA,iEAAqD;AAoBrD;;;;;;;;;;GAUG;AACH,MAAa,8BAA8B;IAKzC,YAAmB,OAA8C;QAJhD,WAAM,GAAG,IAAA,oCAAY,EAAC,IAAI,CAAC,CAAC;QAK3C,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;QACrC,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;IAC7C,CAAC;IAEM,eAAe,CAAC,OAAwB;QAC7C,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QAC3C,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACjC,OAAO,KAAK,CAAC;QACf,CAAC;QACD,+DAA+D;QAC/D,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YACzB,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACnC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,KAAK,CAAC;QACf,CAAC;QACD,8CAA8C;QAC9C,OAAO,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IACvD,CAAC;IAEM,KAAK,CAAC,YAAY,CAAC,OAAwB;QAChD,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QACpD,IAAI,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC1C,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,sBAAsB,EAAE,CAAC;QAC3D,CAAC;QAED,MAAM,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC;QACpD,CAAC;QAED,IAAI,CAAC;YACH,IAAI,QAAgB,CAAC;YACrB,IAAI,YAAoB,CAAC;YAEzB,+DAA+D;YAC/D,IAAI,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC5B,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBAC9B,IAAI,CAAC;oBACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;oBAChE,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;oBACxC,IAAI,UAAU,KAAK,CAAC,CAAC,EAAE,CAAC;wBACtB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,iDAAiD,EAAE,CAAC;oBACtF,CAAC;oBACD,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;oBACxC,YAAY,GAAG,OAAO,CAAC,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC;oBAE7C,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC;wBAC/B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,0DAA0D,EAAE,CAAC;oBAC/F,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC;gBAC/D,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,uDAAuD;gBACvD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,6CAA6C,EAAE,CAAC;YAClF,CAAC;YAED,oBAAoB;YACpB,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACpB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;gBACnD,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;oBAC5C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0BAA0B,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;oBACvE,OAAO;wBACL,OAAO,EAAE,IAAI;wBACb,OAAO,EAAE;4BACP,IAAI,EAAE,OAAO;4BACb,KAAK,EAAE,MAAM,CAAC,KAAK;4BACnB,SAAS,EAAE,MAAM,CAAC,KAAK;4BACvB,QAAQ;4BACR,YAAY;4BACZ,SAAS,EAAE,IAAI;yBAChB;qBACF,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,qCAAqC;YACrC,OAAO,CAAC,GAAG,CAAC,8DAA8D,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;YAChG,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;YACxE,OAAO,CAAC,GAAG,CAAC,mEAAmE,WAAW,CAAC,OAAO,WAAW,WAAW,CAAC,KAAK,WAAW,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC;YAE9J,IAAI,CAAC,WAAW,CAAC,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;gBAC/C,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,WAAW,CAAC,KAAK,IAAI,uBAAuB,EAAE,CAAC;YACjF,CAAC;YAED,kBAAkB;YAClB,IAAI,IAAI,CAAC,UAAU,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;gBAC7C,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,KAAM,EAAE,WAAW,CAAC,KAAK,EAAE,WAAW,CAAC,SAAS,CAAC,CAAC;YACpG,CAAC;YAED,MAAM,OAAO,GAAqB;gBAChC,IAAI,EAAE,OAAO;gBACb,KAAK,EAAE,WAAW,CAAC,KAAK;gBACxB,SAAS,EAAE,WAAW,CAAC,KAAK;gBAC5B,QAAQ;gBACR,YAAY;gBACZ,SAAS,EAAE,IAAI;aAChB,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC;YAC3E,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;QACpC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,gEAAgE,EAAE,KAAK,CAAC,CAAC;YACvF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iCAAiC,KAAK,EAAE,CAAC,CAAC;YAC5D,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC;QAC5D,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,QAAgB,EAAE,YAAoB;QAOnE,6BAA6B;QAC7B,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,EAAE,CAAC;YAC3C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qCAAqC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;YACjF,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,KAAK,EAAE,aAAa,QAAQ,EAAE;gBAC9B,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC;aAC1C,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,aAAa,EAAE;gBAC/C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,mCAAmC;iBACpD;gBACD,IAAI,EAAE,IAAI,eAAe,CAAC;oBACxB,UAAU,EAAE,oBAAoB;oBAChC,SAAS,EAAE,QAAQ;oBACnB,aAAa,EAAE,YAAY;iBAC5B,CAAC;aACH,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACpC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,QAAQ,CAAC,MAAM,IAAI,KAAK,EAAE,CAAC,CAAC;gBACvE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,0BAA0B,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;YAChF,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAK/B,CAAC;YAEF,uDAAuD;YACvD,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;YACvB,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBAChC,KAAK,GAAG,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YACtD,CAAC;YAED,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,+CAA+C,EAAE,CAAC;YACpF,CAAC;YAED,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU;gBAC/B,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,GAAG,KAAK,CAAC,CAAC,eAAe;gBACvE,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,iBAAiB;YAErD,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,KAAK,EAAE,IAAI,CAAC,YAAY;gBACxB,KAAK;gBACL,SAAS;aACV,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,KAAK,EAAE,CAAC,CAAC;YACpD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC;QAC5D,CAAC;IACH,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,GAAW;QACrC,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC7B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,OAAO,SAAS,CAAC;YACnB,CAAC;YACD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YAC9E,OAAO,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,GAAG,CAAC;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,KAAa;QACzB,OAAO,kDAAkD,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACxE,CAAC;CACF;AA5MD,wEA4MC","sourcesContent":["import type { IncomingMessage } from 'node:http';\nimport { getLoggerFor } from 'global-logger-factory';\nimport type { Authenticator, AuthResult } from './Authenticator';\nimport type { SolidAuthContext } from './AuthContext';\n\n/**\n * Interface for token cache\n */\nexport interface TokenCache {\n get(clientId: string): Promise<{ token: string; webId: string; expiresAt: Date } | undefined>;\n set(clientId: string, token: string, webId: string, expiresAt: Date): Promise<void>;\n}\n\nexport interface ClientCredentialsAuthenticatorOptions {\n tokenCache?: TokenCache;\n /**\n * CSS token endpoint URL\n */\n tokenEndpoint: string;\n}\n\n/**\n * Authenticator for API Keys in sk-xxx format.\n * \n * Format: sk-base64(client_id:client_secret)\n * \n * This authenticator:\n * 1. Decodes the API Key to get client_id and client_secret\n * 2. Exchanges them for a Solid Token via CSS token endpoint\n * 3. Extracts webId from the token response\n * 4. Returns a SolidAuthContext\n */\nexport class ClientCredentialsAuthenticator implements Authenticator {\n private readonly logger = getLoggerFor(this);\n private readonly tokenCache?: TokenCache;\n private readonly tokenEndpoint: string;\n\n public constructor(options: ClientCredentialsAuthenticatorOptions) {\n this.tokenCache = options.tokenCache;\n this.tokenEndpoint = options.tokenEndpoint;\n }\n\n public canAuthenticate(request: IncomingMessage): boolean {\n const auth = request.headers.authorization;\n if (!auth?.startsWith('Bearer ')) {\n return false;\n }\n // If there's a DPoP header, it's a Solid Token, not an API Key\n if (request.headers.dpop) {\n return false;\n }\n const token = auth.slice(7).trim();\n if (!token) {\n return false;\n }\n // Only handle sk-xxx format or non-JWT tokens\n return token.startsWith('sk-') || !this.isJwt(token);\n }\n\n public async authenticate(request: IncomingMessage): Promise<AuthResult> {\n const authorization = request.headers.authorization;\n if (!authorization?.startsWith('Bearer ')) {\n return { success: false, error: 'Missing Bearer token' };\n }\n\n const token = authorization.slice(7).trim();\n if (!token) {\n return { success: false, error: 'Empty API Key' };\n }\n\n try {\n let clientId: string;\n let clientSecret: string;\n\n // Parse sk-xxx format (base64 encoded client_id:client_secret)\n if (token.startsWith('sk-')) {\n const base64 = token.slice(3);\n try {\n const decoded = Buffer.from(base64, 'base64').toString('utf-8');\n const colonIndex = decoded.indexOf(':');\n if (colonIndex === -1) {\n return { success: false, error: 'Invalid API Key format: missing colon separator' };\n }\n clientId = decoded.slice(0, colonIndex);\n clientSecret = decoded.slice(colonIndex + 1);\n \n if (!clientId || !clientSecret) {\n return { success: false, error: 'Invalid API Key format: empty client_id or client_secret' };\n }\n } catch {\n return { success: false, error: 'Invalid API Key encoding' };\n }\n } else {\n // Non sk- format not supported without database lookup\n return { success: false, error: 'Invalid API Key format: must start with sk-' };\n }\n\n // Check cache first\n if (this.tokenCache) {\n const cached = await this.tokenCache.get(clientId);\n if (cached && cached.expiresAt > new Date()) {\n this.logger.debug(`Using cached token for ${clientId.slice(0, 8)}...`);\n return {\n success: true,\n context: {\n type: 'solid',\n webId: cached.webId,\n accountId: cached.webId,\n clientId,\n clientSecret,\n viaApiKey: true,\n },\n };\n }\n }\n\n // Exchange for token at CSS endpoint\n console.log(`[ClientCredentialsAuthenticator] Exchanging credentials at ${this.tokenEndpoint}`);\n const tokenResult = await this.exchangeForToken(clientId, clientSecret);\n console.log(`[ClientCredentialsAuthenticator] Token exchange result: success=${tokenResult.success}, webId=${tokenResult.webId}, error=${tokenResult.error}`);\n \n if (!tokenResult.success || !tokenResult.webId) {\n return { success: false, error: tokenResult.error || 'Token exchange failed' };\n }\n\n // Cache the token\n if (this.tokenCache && tokenResult.expiresAt) {\n await this.tokenCache.set(clientId, tokenResult.token!, tokenResult.webId, tokenResult.expiresAt);\n }\n\n const context: SolidAuthContext = {\n type: 'solid',\n webId: tokenResult.webId,\n accountId: tokenResult.webId,\n clientId,\n clientSecret,\n viaApiKey: true,\n };\n\n this.logger.debug(`Authenticated API Key for webId: ${tokenResult.webId}`);\n return { success: true, context };\n } catch (error) {\n console.error(`[ClientCredentialsAuthenticator] API Key authentication error:`, error);\n this.logger.error(`API Key authentication error: ${error}`);\n return { success: false, error: 'Authentication failed' };\n }\n }\n\n private async exchangeForToken(clientId: string, clientSecret: string): Promise<{\n success: boolean;\n token?: string;\n webId?: string;\n expiresAt?: Date;\n error?: string;\n }> {\n // 开发模式:跳过 CSS token exchange\n if (process.env.NODE_ENV === 'development') {\n this.logger.warn(`[DEV] Skipping token exchange for ${clientId.slice(0, 8)}...`);\n return {\n success: true,\n token: `dev-token-${clientId}`,\n expiresAt: new Date(Date.now() + 3600000),\n };\n }\n\n try {\n const response = await fetch(this.tokenEndpoint, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n },\n body: new URLSearchParams({\n grant_type: 'client_credentials',\n client_id: clientId,\n client_secret: clientSecret,\n }),\n });\n\n if (!response.ok) {\n const error = await response.text();\n this.logger.warn(`Token exchange failed: ${response.status} ${error}`);\n return { success: false, error: `Token exchange failed: ${response.status}` };\n }\n\n const data = await response.json() as {\n access_token: string;\n expires_in?: number;\n token_type: string;\n webid?: string; // CSS returns webid in response\n };\n\n // Extract webId from token response or decode from JWT\n let webId = data.webid;\n if (!webId && data.access_token) {\n webId = this.extractWebIdFromJwt(data.access_token);\n }\n\n if (!webId) {\n return { success: false, error: 'Could not determine webId from token response' };\n }\n\n const expiresAt = data.expires_in\n ? new Date(Date.now() + data.expires_in * 1000 - 60000) // 1 min buffer\n : new Date(Date.now() + 3600000); // Default 1 hour\n\n return {\n success: true,\n token: data.access_token,\n webId,\n expiresAt,\n };\n } catch (error) {\n this.logger.error(`Token exchange error: ${error}`);\n return { success: false, error: 'Token exchange failed' };\n }\n }\n\n /**\n * Extract webId from JWT access token\n */\n private extractWebIdFromJwt(jwt: string): string | undefined {\n try {\n const parts = jwt.split('.');\n if (parts.length !== 3) {\n return undefined;\n }\n const payload = JSON.parse(Buffer.from(parts[1], 'base64').toString('utf-8'));\n return payload.webid || payload.webId || payload.sub;\n } catch {\n return undefined;\n }\n }\n\n private isJwt(token: string): boolean {\n return /^[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]+$/.test(token);\n }\n}\n\n// Re-export for backwards compatibility (these are no longer needed but keep for other code)\nexport interface ClientCredentialsRecord {\n clientId: string;\n clientSecret: string;\n webId: string;\n accountId: string;\n displayName?: string;\n createdAt: Date;\n}\n\nexport interface ClientCredentialsStore {\n findByClientId(clientId: string): Promise<ClientCredentialsRecord | undefined>;\n}\n"]}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import type { IncomingMessage } from 'node:http';
|
|
2
|
+
import type { Authenticator, AuthResult } from './Authenticator';
|
|
3
|
+
export interface MultiAuthenticatorOptions {
|
|
4
|
+
authenticators: Authenticator[];
|
|
5
|
+
}
|
|
6
|
+
/**
|
|
7
|
+
* Combines multiple authenticators, trying each in order
|
|
8
|
+
*/
|
|
9
|
+
export declare class MultiAuthenticator implements Authenticator {
|
|
10
|
+
private readonly logger;
|
|
11
|
+
private readonly authenticators;
|
|
12
|
+
constructor(options: MultiAuthenticatorOptions);
|
|
13
|
+
canAuthenticate(request: IncomingMessage): boolean;
|
|
14
|
+
authenticate(request: IncomingMessage): Promise<AuthResult>;
|
|
15
|
+
}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.MultiAuthenticator = void 0;
|
|
4
|
+
const global_logger_factory_1 = require("global-logger-factory");
|
|
5
|
+
/**
|
|
6
|
+
* Combines multiple authenticators, trying each in order
|
|
7
|
+
*/
|
|
8
|
+
class MultiAuthenticator {
|
|
9
|
+
constructor(options) {
|
|
10
|
+
this.logger = (0, global_logger_factory_1.getLoggerFor)(this);
|
|
11
|
+
this.authenticators = options.authenticators;
|
|
12
|
+
}
|
|
13
|
+
canAuthenticate(request) {
|
|
14
|
+
return this.authenticators.some((auth) => auth.canAuthenticate(request));
|
|
15
|
+
}
|
|
16
|
+
async authenticate(request) {
|
|
17
|
+
console.log(`[MultiAuthenticator] Starting authentication with ${this.authenticators.length} authenticators`);
|
|
18
|
+
for (const authenticator of this.authenticators) {
|
|
19
|
+
const canAuth = authenticator.canAuthenticate(request);
|
|
20
|
+
console.log(`[MultiAuthenticator] ${authenticator.constructor.name}.canAuthenticate: ${canAuth}`);
|
|
21
|
+
if (canAuth) {
|
|
22
|
+
const result = await authenticator.authenticate(request);
|
|
23
|
+
if (result.success) {
|
|
24
|
+
return result;
|
|
25
|
+
}
|
|
26
|
+
// If this authenticator claimed it could handle but failed,
|
|
27
|
+
// don't try others - return the error
|
|
28
|
+
this.logger.debug(`Authenticator failed: ${result.error}`);
|
|
29
|
+
return result;
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
return { success: false, error: 'No valid authentication provided' };
|
|
33
|
+
}
|
|
34
|
+
}
|
|
35
|
+
exports.MultiAuthenticator = MultiAuthenticator;
|
|
36
|
+
//# sourceMappingURL=MultiAuthenticator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"MultiAuthenticator.js","sourceRoot":"","sources":["../../../src/api/auth/MultiAuthenticator.ts"],"names":[],"mappings":";;;AACA,iEAAqD;AAOrD;;GAEG;AACH,MAAa,kBAAkB;IAI7B,YAAmB,OAAkC;QAHpC,WAAM,GAAG,IAAA,oCAAY,EAAC,IAAI,CAAC,CAAC;QAI3C,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC;IAC/C,CAAC;IAEM,eAAe,CAAC,OAAwB;QAC7C,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC;IAC3E,CAAC;IAEM,KAAK,CAAC,YAAY,CAAC,OAAwB;QAChD,OAAO,CAAC,GAAG,CAAC,qDAAqD,IAAI,CAAC,cAAc,CAAC,MAAM,iBAAiB,CAAC,CAAC;QAC9G,KAAK,MAAM,aAAa,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YAChD,MAAM,OAAO,GAAG,aAAa,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,wBAAwB,aAAa,CAAC,WAAW,CAAC,IAAI,qBAAqB,OAAO,EAAE,CAAC,CAAC;YAClG,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;gBACzD,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;oBACnB,OAAO,MAAM,CAAC;gBAChB,CAAC;gBACD,4DAA4D;gBAC5D,sCAAsC;gBACtC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC;gBAC3D,OAAO,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,kCAAkC,EAAE,CAAC;IACvE,CAAC;CACF;AA/BD,gDA+BC","sourcesContent":["import type { IncomingMessage } from 'node:http';\nimport { getLoggerFor } from 'global-logger-factory';\nimport type { Authenticator, AuthResult } from './Authenticator';\n\nexport interface MultiAuthenticatorOptions {\n authenticators: Authenticator[];\n}\n\n/**\n * Combines multiple authenticators, trying each in order\n */\nexport class MultiAuthenticator implements Authenticator {\n private readonly logger = getLoggerFor(this);\n private readonly authenticators: Authenticator[];\n\n public constructor(options: MultiAuthenticatorOptions) {\n this.authenticators = options.authenticators;\n }\n\n public canAuthenticate(request: IncomingMessage): boolean {\n return this.authenticators.some((auth) => auth.canAuthenticate(request));\n }\n\n public async authenticate(request: IncomingMessage): Promise<AuthResult> {\n console.log(`[MultiAuthenticator] Starting authentication with ${this.authenticators.length} authenticators`);\n for (const authenticator of this.authenticators) {\n const canAuth = authenticator.canAuthenticate(request);\n console.log(`[MultiAuthenticator] ${authenticator.constructor.name}.canAuthenticate: ${canAuth}`);\n if (canAuth) {\n const result = await authenticator.authenticate(request);\n if (result.success) {\n return result;\n }\n // If this authenticator claimed it could handle but failed,\n // don't try others - return the error\n this.logger.debug(`Authenticator failed: ${result.error}`);\n return result;\n }\n }\n\n return { success: false, error: 'No valid authentication provided' };\n }\n}\n"]}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import type { IncomingMessage } from 'node:http';
|
|
2
|
+
import type { Authenticator, AuthResult } from './Authenticator';
|
|
3
|
+
import type { EdgeNodeRepository } from '../../identity/drizzle/EdgeNodeRepository';
|
|
4
|
+
export interface NodeTokenAuthenticatorOptions {
|
|
5
|
+
repository: EdgeNodeRepository;
|
|
6
|
+
}
|
|
7
|
+
export declare class NodeTokenAuthenticator implements Authenticator {
|
|
8
|
+
private readonly logger;
|
|
9
|
+
private readonly repo;
|
|
10
|
+
constructor(options: NodeTokenAuthenticatorOptions);
|
|
11
|
+
canAuthenticate(request: IncomingMessage): boolean;
|
|
12
|
+
authenticate(request: IncomingMessage): Promise<AuthResult>;
|
|
13
|
+
/**
|
|
14
|
+
* 解析 Node Token (username:secret 或 base64)
|
|
15
|
+
*/
|
|
16
|
+
private parseNodeToken;
|
|
17
|
+
/**
|
|
18
|
+
* 检查是否是 base64 编码的 Node Token
|
|
19
|
+
*/
|
|
20
|
+
private isBase64NodeToken;
|
|
21
|
+
}
|
|
@@ -0,0 +1,124 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.NodeTokenAuthenticator = void 0;
|
|
4
|
+
const global_logger_factory_1 = require("global-logger-factory");
|
|
5
|
+
class NodeTokenAuthenticator {
|
|
6
|
+
constructor(options) {
|
|
7
|
+
this.logger = (0, global_logger_factory_1.getLoggerFor)(this);
|
|
8
|
+
this.repo = options.repository;
|
|
9
|
+
}
|
|
10
|
+
canAuthenticate(request) {
|
|
11
|
+
const auth = request.headers.authorization;
|
|
12
|
+
// 支持两种格式:
|
|
13
|
+
// 1. XpodNode nodeId:token
|
|
14
|
+
// 2. Bearer username:secret (带 X-Node-Id 头)
|
|
15
|
+
if (auth?.startsWith('XpodNode ')) {
|
|
16
|
+
return true;
|
|
17
|
+
}
|
|
18
|
+
if (auth?.startsWith('Bearer ') && request.headers['x-node-id']) {
|
|
19
|
+
const token = auth.slice(7).trim();
|
|
20
|
+
// Node Token 包含 ':',不是 JWT
|
|
21
|
+
return token.includes(':') || this.isBase64NodeToken(token);
|
|
22
|
+
}
|
|
23
|
+
return false;
|
|
24
|
+
}
|
|
25
|
+
async authenticate(request) {
|
|
26
|
+
const auth = request.headers.authorization;
|
|
27
|
+
let nodeId;
|
|
28
|
+
let token;
|
|
29
|
+
if (auth.startsWith('XpodNode ')) {
|
|
30
|
+
// 格式: XpodNode nodeId:token
|
|
31
|
+
const credentials = auth.slice(9).trim();
|
|
32
|
+
const colonIndex = credentials.indexOf(':');
|
|
33
|
+
if (colonIndex <= 0) {
|
|
34
|
+
return { success: false, error: 'Invalid XpodNode credentials format. Expected nodeId:token' };
|
|
35
|
+
}
|
|
36
|
+
nodeId = credentials.slice(0, colonIndex);
|
|
37
|
+
token = credentials.slice(colonIndex + 1);
|
|
38
|
+
}
|
|
39
|
+
else {
|
|
40
|
+
// 格式: Bearer username:secret (带 X-Node-Id 头)
|
|
41
|
+
nodeId = request.headers['x-node-id'];
|
|
42
|
+
token = auth.slice(7).trim();
|
|
43
|
+
// 尝试从 token 解析 username
|
|
44
|
+
const parsed = this.parseNodeToken(token);
|
|
45
|
+
if (!parsed) {
|
|
46
|
+
return { success: false, error: 'Invalid node token format' };
|
|
47
|
+
}
|
|
48
|
+
// 使用解析出的完整 token
|
|
49
|
+
token = parsed.token;
|
|
50
|
+
}
|
|
51
|
+
try {
|
|
52
|
+
const secret = await this.repo.getNodeSecret(nodeId);
|
|
53
|
+
if (!secret) {
|
|
54
|
+
// 节点不存在,可能是新节点注册
|
|
55
|
+
// 对于 DDNS 分配等操作,允许通过(由业务逻辑处理)
|
|
56
|
+
this.logger.debug(`Node not found: ${nodeId}, allowing for registration`);
|
|
57
|
+
return {
|
|
58
|
+
success: true,
|
|
59
|
+
context: {
|
|
60
|
+
type: 'node',
|
|
61
|
+
nodeId,
|
|
62
|
+
},
|
|
63
|
+
};
|
|
64
|
+
}
|
|
65
|
+
if (!secret.tokenHash || !this.repo.matchesToken(secret.tokenHash, token)) {
|
|
66
|
+
return { success: false, error: 'Invalid node token' };
|
|
67
|
+
}
|
|
68
|
+
this.logger.debug(`Authenticated edge node: ${nodeId}`);
|
|
69
|
+
return {
|
|
70
|
+
success: true,
|
|
71
|
+
context: {
|
|
72
|
+
type: 'node',
|
|
73
|
+
nodeId,
|
|
74
|
+
accountId: secret.accountId,
|
|
75
|
+
},
|
|
76
|
+
};
|
|
77
|
+
}
|
|
78
|
+
catch (error) {
|
|
79
|
+
this.logger.error(`Node authentication failed: ${error}`);
|
|
80
|
+
return { success: false, error: 'Internal authentication error' };
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
/**
|
|
84
|
+
* 解析 Node Token (username:secret 或 base64)
|
|
85
|
+
*/
|
|
86
|
+
parseNodeToken(token) {
|
|
87
|
+
if (token.includes(':')) {
|
|
88
|
+
const [username, ...secretParts] = token.split(':');
|
|
89
|
+
const secret = secretParts.join(':');
|
|
90
|
+
if (username && secret) {
|
|
91
|
+
return { username, token: secret };
|
|
92
|
+
}
|
|
93
|
+
}
|
|
94
|
+
// 尝试 base64 解码
|
|
95
|
+
try {
|
|
96
|
+
const decoded = Buffer.from(token, 'base64').toString('utf8');
|
|
97
|
+
if (decoded.includes(':')) {
|
|
98
|
+
const [username, ...secretParts] = decoded.split(':');
|
|
99
|
+
const secret = secretParts.join(':');
|
|
100
|
+
if (username && secret) {
|
|
101
|
+
return { username, token: secret };
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
|
+
}
|
|
105
|
+
catch {
|
|
106
|
+
// ignore
|
|
107
|
+
}
|
|
108
|
+
return undefined;
|
|
109
|
+
}
|
|
110
|
+
/**
|
|
111
|
+
* 检查是否是 base64 编码的 Node Token
|
|
112
|
+
*/
|
|
113
|
+
isBase64NodeToken(token) {
|
|
114
|
+
try {
|
|
115
|
+
const decoded = Buffer.from(token, 'base64').toString('utf8');
|
|
116
|
+
return decoded.includes(':');
|
|
117
|
+
}
|
|
118
|
+
catch {
|
|
119
|
+
return false;
|
|
120
|
+
}
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
exports.NodeTokenAuthenticator = NodeTokenAuthenticator;
|
|
124
|
+
//# sourceMappingURL=NodeTokenAuthenticator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"NodeTokenAuthenticator.js","sourceRoot":"","sources":["../../../src/api/auth/NodeTokenAuthenticator.ts"],"names":[],"mappings":";;;AACA,iEAAqD;AAQrD,MAAa,sBAAsB;IAIjC,YAAmB,OAAsC;QAHxC,WAAM,GAAG,IAAA,oCAAY,EAAC,IAAI,CAAC,CAAC;QAI3C,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC;IACjC,CAAC;IAEM,eAAe,CAAC,OAAwB;QAC7C,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QAC3C,UAAU;QACV,2BAA2B;QAC3B,4CAA4C;QAC5C,IAAI,IAAI,EAAE,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YAClC,OAAO,IAAI,CAAC;QACd,CAAC;QACD,IAAI,IAAI,EAAE,UAAU,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;YAChE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YACnC,2BAA2B;YAC3B,OAAO,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;QAC9D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,KAAK,CAAC,YAAY,CAAC,OAAwB;QAChD,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,aAAc,CAAC;QAE5C,IAAI,MAAc,CAAC;QACnB,IAAI,KAAa,CAAC;QAElB,IAAI,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YACjC,4BAA4B;YAC5B,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YACzC,MAAM,UAAU,GAAG,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC5C,IAAI,UAAU,IAAI,CAAC,EAAE,CAAC;gBACpB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,4DAA4D,EAAE,CAAC;YACjG,CAAC;YACD,MAAM,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;YAC1C,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC;QAC5C,CAAC;aAAM,CAAC;YACN,6CAA6C;YAC7C,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,WAAW,CAAW,CAAC;YAChD,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAE7B,wBAAwB;YACxB,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;YAC1C,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,2BAA2B,EAAE,CAAC;YAChE,CAAC;YACD,iBAAiB;YACjB,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QACvB,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;YACrD,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,iBAAiB;gBACjB,8BAA8B;gBAC9B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,MAAM,6BAA6B,CAAC,CAAC;gBAC1E,OAAO;oBACL,OAAO,EAAE,IAAI;oBACb,OAAO,EAAE;wBACP,IAAI,EAAE,MAAM;wBACZ,MAAM;qBACP;iBACF,CAAC;YACJ,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;gBAC1E,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC;YACzD,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,MAAM,EAAE,CAAC,CAAC;YAExD,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE;oBACP,IAAI,EAAE,MAAM;oBACZ,MAAM;oBACN,SAAS,EAAG,MAAc,CAAC,SAAS;iBACrC;aACF,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,KAAK,EAAE,CAAC,CAAC;YAC1D,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,+BAA+B,EAAE,CAAC;QACpE,CAAC;IACH,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,KAAa;QAClC,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,CAAC,QAAQ,EAAE,GAAG,WAAW,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACpD,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACrC,IAAI,QAAQ,IAAI,MAAM,EAAE,CAAC;gBACvB,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC;YACrC,CAAC;QACH,CAAC;QAED,eAAe;QACf,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC9D,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1B,MAAM,CAAC,QAAQ,EAAE,GAAG,WAAW,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACtD,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrC,IAAI,QAAQ,IAAI,MAAM,EAAE,CAAC;oBACvB,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC;gBACrC,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,KAAa;QACrC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC9D,OAAO,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF;AAhID,wDAgIC","sourcesContent":["import type { IncomingMessage } from 'node:http';\nimport { getLoggerFor } from 'global-logger-factory';\nimport type { Authenticator, AuthResult } from './Authenticator';\nimport type { EdgeNodeRepository } from '../../identity/drizzle/EdgeNodeRepository';\n\nexport interface NodeTokenAuthenticatorOptions {\n repository: EdgeNodeRepository;\n}\n\nexport class NodeTokenAuthenticator implements Authenticator {\n private readonly logger = getLoggerFor(this);\n private readonly repo: EdgeNodeRepository;\n\n public constructor(options: NodeTokenAuthenticatorOptions) {\n this.repo = options.repository;\n }\n\n public canAuthenticate(request: IncomingMessage): boolean {\n const auth = request.headers.authorization;\n // 支持两种格式:\n // 1. XpodNode nodeId:token\n // 2. Bearer username:secret (带 X-Node-Id 头)\n if (auth?.startsWith('XpodNode ')) {\n return true;\n }\n if (auth?.startsWith('Bearer ') && request.headers['x-node-id']) {\n const token = auth.slice(7).trim();\n // Node Token 包含 ':',不是 JWT\n return token.includes(':') || this.isBase64NodeToken(token);\n }\n return false;\n }\n\n public async authenticate(request: IncomingMessage): Promise<AuthResult> {\n const auth = request.headers.authorization!;\n\n let nodeId: string;\n let token: string;\n\n if (auth.startsWith('XpodNode ')) {\n // 格式: XpodNode nodeId:token\n const credentials = auth.slice(9).trim();\n const colonIndex = credentials.indexOf(':');\n if (colonIndex <= 0) {\n return { success: false, error: 'Invalid XpodNode credentials format. Expected nodeId:token' };\n }\n nodeId = credentials.slice(0, colonIndex);\n token = credentials.slice(colonIndex + 1);\n } else {\n // 格式: Bearer username:secret (带 X-Node-Id 头)\n nodeId = request.headers['x-node-id'] as string;\n token = auth.slice(7).trim();\n\n // 尝试从 token 解析 username\n const parsed = this.parseNodeToken(token);\n if (!parsed) {\n return { success: false, error: 'Invalid node token format' };\n }\n // 使用解析出的完整 token\n token = parsed.token;\n }\n\n try {\n const secret = await this.repo.getNodeSecret(nodeId);\n if (!secret) {\n // 节点不存在,可能是新节点注册\n // 对于 DDNS 分配等操作,允许通过(由业务逻辑处理)\n this.logger.debug(`Node not found: ${nodeId}, allowing for registration`);\n return {\n success: true,\n context: {\n type: 'node',\n nodeId,\n },\n };\n }\n\n if (!secret.tokenHash || !this.repo.matchesToken(secret.tokenHash, token)) {\n return { success: false, error: 'Invalid node token' };\n }\n\n this.logger.debug(`Authenticated edge node: ${nodeId}`);\n\n return {\n success: true,\n context: {\n type: 'node',\n nodeId,\n accountId: (secret as any).accountId,\n },\n };\n } catch (error) {\n this.logger.error(`Node authentication failed: ${error}`);\n return { success: false, error: 'Internal authentication error' };\n }\n }\n\n /**\n * 解析 Node Token (username:secret 或 base64)\n */\n private parseNodeToken(token: string): { username: string; token: string } | undefined {\n if (token.includes(':')) {\n const [username, ...secretParts] = token.split(':');\n const secret = secretParts.join(':');\n if (username && secret) {\n return { username, token: secret };\n }\n }\n\n // 尝试 base64 解码\n try {\n const decoded = Buffer.from(token, 'base64').toString('utf8');\n if (decoded.includes(':')) {\n const [username, ...secretParts] = decoded.split(':');\n const secret = secretParts.join(':');\n if (username && secret) {\n return { username, token: secret };\n }\n }\n } catch {\n // ignore\n }\n\n return undefined;\n }\n\n /**\n * 检查是否是 base64 编码的 Node Token\n */\n private isBase64NodeToken(token: string): boolean {\n try {\n const decoded = Buffer.from(token, 'base64').toString('utf8');\n return decoded.includes(':');\n } catch {\n return false;\n }\n }\n}\n"]}
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
import type { IncomingMessage } from 'node:http';
|
|
2
|
+
import type { Authenticator, AuthResult } from './Authenticator';
|
|
3
|
+
export interface SolidTokenAuthenticatorOptions {
|
|
4
|
+
/**
|
|
5
|
+
* Function to resolve accountId from webId (optional)
|
|
6
|
+
*/
|
|
7
|
+
resolveAccountId?: (webId: string) => Promise<string | undefined>;
|
|
8
|
+
}
|
|
9
|
+
/**
|
|
10
|
+
* Authenticator for Solid access tokens (Bearer or DPoP).
|
|
11
|
+
*/
|
|
12
|
+
export declare class SolidTokenAuthenticator implements Authenticator {
|
|
13
|
+
private readonly logger;
|
|
14
|
+
private readonly verify;
|
|
15
|
+
private readonly resolveAccountId?;
|
|
16
|
+
constructor(options?: SolidTokenAuthenticatorOptions);
|
|
17
|
+
canAuthenticate(request: IncomingMessage): boolean;
|
|
18
|
+
authenticate(request: IncomingMessage): Promise<AuthResult>;
|
|
19
|
+
private buildRequestUrl;
|
|
20
|
+
private getProtocol;
|
|
21
|
+
private getHost;
|
|
22
|
+
private getForwardedPrefix;
|
|
23
|
+
private joinPaths;
|
|
24
|
+
private isJwt;
|
|
25
|
+
private extractWebId;
|
|
26
|
+
private extractString;
|
|
27
|
+
}
|