@undefineds.co/xpod 0.2.13 → 0.2.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (22) hide show
  1. package/dist/api/container/local.js +8 -4
  2. package/dist/api/container/local.js.map +1 -1
  3. package/dist/api/container/routes.js +11 -4
  4. package/dist/api/container/routes.js.map +1 -1
  5. package/dist/api/handlers/DdnsHandler.js +35 -49
  6. package/dist/api/handlers/DdnsHandler.js.map +1 -1
  7. package/dist/api/handlers/LinxCapabilitiesHandler.d.ts +2 -0
  8. package/dist/api/handlers/LinxCapabilitiesHandler.js +38 -0
  9. package/dist/api/handlers/LinxCapabilitiesHandler.js.map +1 -0
  10. package/dist/api/handlers/ProvisionHandler.d.ts +4 -0
  11. package/dist/api/handlers/ProvisionHandler.js +104 -15
  12. package/dist/api/handlers/ProvisionHandler.js.map +1 -1
  13. package/dist/edge/DdnsManager.d.ts +2 -0
  14. package/dist/edge/DdnsManager.js +3 -0
  15. package/dist/edge/DdnsManager.js.map +1 -1
  16. package/dist/identity/drizzle/EdgeNodeRepository.d.ts +2 -0
  17. package/dist/identity/drizzle/EdgeNodeRepository.js +1 -1
  18. package/dist/identity/drizzle/EdgeNodeRepository.js.map +1 -1
  19. package/dist/subdomain/SubdomainClient.d.ts +9 -0
  20. package/dist/subdomain/SubdomainClient.js +2 -0
  21. package/dist/subdomain/SubdomainClient.js.map +1 -1
  22. package/package.json +1 -1
package/dist/api/handlers/ProvisionHandler.js CHANGED
@@ -61,30 +61,32 @@ function registerProvisionRoutes(server, options) {
61
61
  publicUrl: body.publicUrl,
62
62
  displayName: body.displayName,
63
63
  nodeId: body.nodeId,
64
+ nodeToken: body.nodeToken,
64
65
  serviceToken: body.serviceToken,
65
66
  });
66
- // 预分配子域名前缀(不创建 DNS 记录,延迟到心跳健康检查通过后)
67
- // DB 只存前缀,完整 FQDN 由 DnsCoordinator 的 rootDomain 拼接
68
- // 用 nodeId sanitize 后做前缀(去掉非 DNS 字符,截断到 63 字符)
69
67
  const subdomainPrefix = baseStorageDomain
70
68
  ? result.nodeId.replace(/[^a-z0-9-]/gi, '').toLowerCase().slice(0, 63) || result.nodeId.split('-')[0]
71
69
  : undefined;
72
70
  const spDomain = subdomainPrefix
73
71
  ? `${subdomainPrefix}.${baseStorageDomain}`
74
72
  : undefined;
75
- // 节点注册本身不应依赖后续 connectivity 元数据写入是否成功。
76
- // 这里的 mode/subdomain 只是辅助信息,失败时记录告警但不阻断注册。
73
+ const tunnelState = await ensureManagedTunnelState({
74
+ repository,
75
+ nodeId: result.nodeId,
76
+ subdomainPrefix,
77
+ publicUrl: body.publicUrl,
78
+ localPort: body.localPort,
79
+ ipv4: body.ipv4,
80
+ ddnsRepo: options.ddnsRepo,
81
+ tunnelProvider: options.tunnelProvider,
82
+ baseStorageDomain,
83
+ });
77
84
  if (body.ipv4 || subdomainPrefix) {
78
- try {
79
- await repository.updateNodeMode(result.nodeId, {
80
- accessMode: 'direct',
81
- ipv4: body.ipv4,
82
- subdomain: subdomainPrefix,
83
- });
84
- }
85
- catch (error) {
86
- logger.warn(`Registered SP node ${result.nodeId} but failed to persist connectivity metadata: ${error}`);
87
- }
85
+ await repository.updateNodeMode(result.nodeId, {
86
+ accessMode: tunnelState?.mode === 'tunnel' ? 'proxy' : 'direct',
87
+ ipv4: body.ipv4,
88
+ subdomain: subdomainPrefix,
89
+ });
88
90
  }
89
91
  // 生成自包含 provisionCode(编码了 SP 信息,CSS 解码后直接回调 SP)
90
92
  const provisionCode = codec.encode({
@@ -104,6 +106,15 @@ function registerProvisionRoutes(server, options) {
104
106
  if (spDomain) {
105
107
  responseBody.spDomain = spDomain;
106
108
  }
109
+ if (tunnelState?.tunnelConfig?.tunnelToken) {
110
+ responseBody.tunnelToken = tunnelState.tunnelConfig.tunnelToken;
111
+ }
112
+ if (tunnelState?.tunnelConfig?.provider) {
113
+ responseBody.tunnelProvider = tunnelState.tunnelConfig.provider;
114
+ }
115
+ if (tunnelState?.tunnelConfig?.endpoint) {
116
+ responseBody.tunnelEndpoint = tunnelState.tunnelConfig.endpoint;
117
+ }
107
118
  sendJson(response, 201, responseBody);
108
119
  }
109
120
  catch (error) {
@@ -113,6 +124,84 @@ function registerProvisionRoutes(server, options) {
113
124
  }, { public: true });
114
125
  logger.info('Provision routes registered');
115
126
  }
127
+ async function ensureManagedTunnelState(options) {
128
+ const { repository, ddnsRepo, tunnelProvider, nodeId, subdomainPrefix, baseStorageDomain, publicUrl, localPort, ipv4, } = options;
129
+ if (!subdomainPrefix || !baseStorageDomain) {
130
+ return undefined;
131
+ }
132
+ const mode = ipv4 ? 'direct' : 'tunnel';
133
+ if (ddnsRepo) {
134
+ const existing = await ddnsRepo.getRecord(subdomainPrefix);
135
+ if (!existing) {
136
+ await ddnsRepo.allocateSubdomain({
137
+ subdomain: subdomainPrefix,
138
+ domain: baseStorageDomain,
139
+ nodeId,
140
+ ipAddress: ipv4,
141
+ });
142
+ }
143
+ }
144
+ if (mode === 'direct' || !tunnelProvider || !localPort || localPort <= 0) {
145
+ return { mode };
146
+ }
147
+ const metadataRecord = await repository.getNodeMetadata(nodeId);
148
+ const metadata = metadataRecord?.metadata;
149
+ const existingTunnel = readManagedTunnelConfig(metadata);
150
+ if (existingTunnel && existingTunnel.subdomain === subdomainPrefix && existingTunnel.localPort === localPort) {
151
+ return {
152
+ mode,
153
+ tunnelConfig: existingTunnel.config,
154
+ };
155
+ }
156
+ const tunnelConfig = await tunnelProvider.setup({
157
+ subdomain: subdomainPrefix,
158
+ localPort,
159
+ });
160
+ await repository.mergeNodeMetadata(nodeId, {
161
+ managedTunnel: {
162
+ provider: tunnelConfig.provider,
163
+ tunnelId: tunnelConfig.tunnelId,
164
+ tunnelToken: tunnelConfig.tunnelToken,
165
+ endpoint: tunnelConfig.endpoint,
166
+ subdomain: subdomainPrefix,
167
+ localPort,
168
+ configuredAt: new Date().toISOString(),
169
+ },
170
+ publicAddress: tunnelConfig.endpoint || publicUrl,
171
+ });
172
+ return {
173
+ mode,
174
+ tunnelConfig,
175
+ };
176
+ }
177
+ function readManagedTunnelConfig(metadata) {
178
+ const raw = metadata?.managedTunnel;
179
+ if (!raw || typeof raw !== 'object') {
180
+ return undefined;
181
+ }
182
+ const value = raw;
183
+ const provider = value.provider;
184
+ const endpoint = value.endpoint;
185
+ const tunnelToken = value.tunnelToken;
186
+ const tunnelId = value.tunnelId;
187
+ const subdomain = typeof value.subdomain === 'string' ? value.subdomain : undefined;
188
+ const localPort = typeof value.localPort === 'number' ? value.localPort : undefined;
189
+ if ((provider !== 'cloudflare' && provider !== 'frp' && provider !== 'sakura-frp')
190
+ || typeof endpoint !== 'string') {
191
+ return undefined;
192
+ }
193
+ return {
194
+ subdomain,
195
+ localPort,
196
+ config: {
197
+ provider,
198
+ subdomain: subdomain ?? 'local',
199
+ endpoint,
200
+ tunnelId: typeof tunnelId === 'string' ? tunnelId : undefined,
201
+ tunnelToken: typeof tunnelToken === 'string' ? tunnelToken : undefined,
202
+ },
203
+ };
204
+ }
116
205
  function registerProvisionStatusRoute(server, options) {
117
206
  const logger = (0, global_logger_factory_1.getLoggerFor)('ProvisionStatusHandler');
118
207
  server.get('/provision/status', async (_request, response) => {
package/dist/api/handlers/ProvisionHandler.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ProvisionHandler.js","sourceRoot":"","sources":["../../../src/api/handlers/ProvisionHandler.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;AAqBH,0DAsGC;AAkBD,oEA+BC;AAzKD,iEAAqD;AAGrD,2EAAwE;AAYxE,eAAe;AACf,MAAM,WAAW,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAEjC,SAAgB,uBAAuB,CACrC,MAAiB,EACjB,OAAgC;IAEhC,MAAM,MAAM,GAAG,IAAA,oCAAY,EAAC,kBAAkB,CAAC,CAAC;IAChD,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,iBAAiB,EAAE,GAAG,OAAO,CAAC;IAC3D,MAAM,GAAG,GAAG,OAAO,CAAC,gBAAgB,IAAI,WAAW,CAAC;IACpD,MAAM,KAAK,GAAG,IAAI,uCAAkB,CAAC,OAAO,CAAC,CAAC;IAE9C;;;;;;;;;;OAUG;IACH,MAAM,CAAC,IAAI,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE;QAC1D,IAAI,IAAyG,CAAC;QAC9G,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,YAAY,CAAC,OAAO,CAAQ,IAAI,EAAE,CAAC;QAClD,CAAC;QAAC,MAAM,CAAC;YACP,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC;YACxD,OAAO;QACT,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,CAAC;YAC5D,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC,CAAC;YAC/D,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,cAAc,CAAC;gBAC7C,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,YAAY,EAAE,IAAI,CAAC,YAAY;aAChC,CAAC,CAAC;YAEH,oCAAoC;YACpC,mDAAmD;YACnD,+CAA+C;YAC/C,MAAM,eAAe,GAAG,iBAAiB;gBACvC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACrG,CAAC,CAAC,SAAS,CAAC;YACd,MAAM,QAAQ,GAAG,eAAe;gBAC9B,CAAC,CAAC,GAAG,eAAe,IAAI,iBAAiB,EAAE;gBAC3C,CAAC,CAAC,SAAS,CAAC;YAEd,uCAAuC;YACvC,2CAA2C;YAC3C,IAAI,IAAI,CAAC,IAAI,IAAI,eAAe,EAAE,CAAC;gBACjC,IAAI,CAAC;oBACH,MAAM,UAAU,CAAC,cAAc,CAAC,MAAM,CAAC,MAAM,EAAE;wBAC7C,UAAU,EAAE,QAAQ;wBACpB,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,SAAS,EAAE,eAAe;qBAC3B,CAAC,CAAC;gBACL,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,IAAI,CAAC,sBAAsB,MAAM,CAAC,MAAM,iDAAiD,KAAK,EAAE,CAAC,CAAC;gBAC3G,CAAC;YACH,CAAC;YAED,gDAAgD;YAChD,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC;gBACjC,KAAK,EAAE,IAAI,CAAC,SAAS;gBACrB,YAAY,EAAE,MAAM,CAAC,YAAY;gBACjC,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,QAAQ;gBACR,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG;aACzC,CAAC,CAAC;YAEH,MAAM,CAAC,IAAI,CAAC,sBAAsB,MAAM,CAAC,MAAM,OAAO,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC,CAAC,CAAC,eAAe,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAEpH,MAAM,YAAY,GAA4B;gBAC5C,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,SAAS,EAAE,MAAM,CAAC,SAAS;gBAC3B,YAAY,EAAE,MAAM,CAAC,YAAY;gBACjC,aAAa;aACd,CAAC;YACF,IAAI,QAAQ,EAAE,CAAC;gBACb,YAAY,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACnC,CAAC;YAED,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC;QACxC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,+BAA+B,KAAK,EAAE,CAAC,CAAC;YACrD,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,4BAA4B,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IAErB,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;AAC7C,CAAC;AAkBD,SAAgB,4BAA4B,CAC1C,MAAiB,EACjB,OAA+B;IAE/B,MAAM,MAAM,GAAG,IAAA,oCAAY,EAAC,wBAAwB,CAAC,CAAC;IAEtD,MAAM,CAAC,GAAG,CAAC,mBAAmB,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE;QAC3D,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC;QAE/D,MAAM,IAAI,GAA4B;YACpC,UAAU;SACX,CAAC;QAEF,IAAI,UAAU,EAAE,CAAC;YACf,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;YACjC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;YAC7B,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;gBACrB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;YACnC,CAAC;YACD,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;gBACzB,MAAM,YAAY,GAAG,OAAO,CAAC,aAAa;oBACxC,CAAC,CAAC,GAAG,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,4BAA4B,kBAAkB,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE;oBACnH,CAAC,CAAC,GAAG,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,YAAY,CAAC;gBAC3D,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;YACnC,CAAC;QACH,CAAC;QAED,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAChC,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IAErB,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,OAAwB;IAClD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAC5B,OAAO,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YACnC,IAAI,IAAI,KAAK,CAAC;QAChB,CAAC,CAAC,CAAC;QACH,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;YACrB,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,OAAO,CAAC,SAAS,CAAC,CAAC;gBACnB,OAAO;YACT,CAAC;YACD,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,KAAK,CAAC,CAAC;YAChB,CAAC;QACH,CAAC,CAAC,CAAC;QACH,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,QAAQ,CAAC,QAAwB,EAAE,MAAc,EAAE,IAAa;IACvE,QAAQ,CAAC,UAAU,GAAG,MAAM,CAAC;IAC7B,QAAQ,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;IACvD,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;AACrC,CAAC","sourcesContent":["/**\n * Provision Handler\n *\n * Cloud 端的 SP 注册 API\n *\n * POST /provision/nodes - SP 注册(公开,无需认证)\n * 返回 nodeId、nodeToken、serviceToken、provisionCode(自包含 JWT)\n *\n * provisionCode 是自包含 token,编码了 SP 的 publicUrl 和 serviceToken。\n * CSS 侧的 ProvisionPodCreator 解码后直接回调 SP,不需要查数据库。\n *\n * GET /provision/status - Local 端 SP 状态查询(公开)\n * 返回 SP 配置状态,供 Linx 查询\n */\n\nimport type { ServerResponse, IncomingMessage } from 'node:http';\nimport { getLoggerFor } from 'global-logger-factory';\nimport type { ApiServer } from '../ApiServer';\nimport type { EdgeNodeRepository } from '../../identity/drizzle/EdgeNodeRepository';\nimport { ProvisionCodeCodec } from '../../provision/ProvisionCodeCodec';\n\nexport interface ProvisionHandlerOptions {\n repository: EdgeNodeRepository;\n /** Cloud baseUrl,用于派生 provisionCode 签名密钥 */\n baseUrl: string;\n /** 节点域名根域名,如 \"undefineds.site\" */\n baseStorageDomain?: string;\n /** provisionCode 有效期(秒),默认 24 小时 */\n provisionCodeTtl?: number;\n}\n\n/** 默认 24 小时 */\nconst DEFAULT_TTL = 24 * 60 * 60;\n\nexport function registerProvisionRoutes(\n server: ApiServer,\n options: ProvisionHandlerOptions,\n): void {\n const logger = getLoggerFor('ProvisionHandler');\n const { repository, baseUrl, baseStorageDomain } = options;\n const ttl = options.provisionCodeTtl ?? DEFAULT_TTL;\n const codec = new ProvisionCodeCodec(baseUrl);\n\n /**\n * POST /provision/nodes\n *\n * SP 注册端点(公开,SP 启动时调用,此时用户可能还没有 Cloud 账号)\n *\n * Request:\n * { publicUrl: string, nodeId?: string, displayName?: string, ipv4?: string, serviceToken?: string }\n *\n * Response 201:\n * { nodeId, nodeToken, serviceToken, provisionCode, spDomain? }\n */\n server.post('/provision/nodes', async (request, response) => {\n let body: { publicUrl?: string; nodeId?: string; displayName?: string; ipv4?: string; serviceToken?: string };\n try {\n body = await readJsonBody(request) as any ?? {};\n } catch {\n sendJson(response, 400, { error: 'Invalid JSON body' });\n return;\n }\n\n if (!body.publicUrl) {\n sendJson(response, 400, { error: 'publicUrl is required' });\n return;\n }\n\n try {\n new URL(body.publicUrl);\n } catch {\n sendJson(response, 400, { error: 'Invalid publicUrl format' });\n return;\n }\n\n try {\n const result = await repository.registerSpNode({\n publicUrl: body.publicUrl,\n displayName: body.displayName,\n nodeId: body.nodeId,\n serviceToken: body.serviceToken,\n });\n\n // 预分配子域名前缀(不创建 DNS 记录,延迟到心跳健康检查通过后)\n // DB 只存前缀,完整 FQDN 由 DnsCoordinator 的 rootDomain 拼接\n // 用 nodeId sanitize 后做前缀(去掉非 DNS 字符,截断到 63 字符)\n const subdomainPrefix = baseStorageDomain\n ? result.nodeId.replace(/[^a-z0-9-]/gi, '').toLowerCase().slice(0, 63) || result.nodeId.split('-')[0]\n : undefined;\n const spDomain = subdomainPrefix\n ? `${subdomainPrefix}.${baseStorageDomain}`\n : undefined;\n\n // 节点注册本身不应依赖后续 connectivity 元数据写入是否成功。\n // 这里的 mode/subdomain 只是辅助信息,失败时记录告警但不阻断注册。\n if (body.ipv4 || subdomainPrefix) {\n try {\n await repository.updateNodeMode(result.nodeId, {\n accessMode: 'direct',\n ipv4: body.ipv4,\n subdomain: subdomainPrefix,\n });\n } catch (error) {\n logger.warn(`Registered SP node ${result.nodeId} but failed to persist connectivity metadata: ${error}`);\n }\n }\n\n // 生成自包含 provisionCode(编码了 SP 信息,CSS 解码后直接回调 SP)\n const provisionCode = codec.encode({\n spUrl: body.publicUrl,\n serviceToken: result.serviceToken,\n nodeId: result.nodeId,\n spDomain,\n exp: Math.floor(Date.now() / 1000) + ttl,\n });\n\n logger.info(`Registered SP node ${result.nodeId} at ${body.publicUrl}${spDomain ? `, spDomain: ${spDomain}` : ''}`);\n\n const responseBody: Record<string, unknown> = {\n nodeId: result.nodeId,\n nodeToken: result.nodeToken,\n serviceToken: result.serviceToken,\n provisionCode,\n };\n if (spDomain) {\n responseBody.spDomain = spDomain;\n }\n\n sendJson(response, 201, responseBody);\n } catch (error) {\n logger.error(`Failed to register SP node: ${error}`);\n sendJson(response, 500, { error: 'Failed to register SP node' });\n }\n }, { public: true });\n\n logger.info('Provision routes registered');\n}\n\n/**\n * Local 端 SP 状态查询路由\n */\nexport interface ProvisionStatusOptions {\n /** Cloud API 端点 */\n cloudUrl?: string;\n /** 节点 ID */\n nodeId?: string;\n /** SP 子域名 */\n spDomain?: string;\n /** Cloud baseUrl,用于拼 provisionUrl */\n cloudBaseUrl?: string;\n /** provisionCode(可选,由环境变量传入) */\n provisionCode?: string;\n}\n\nexport function registerProvisionStatusRoute(\n server: ApiServer,\n options: ProvisionStatusOptions,\n): void {\n const logger = getLoggerFor('ProvisionStatusHandler');\n\n server.get('/provision/status', async (_request, response) => {\n const registered = Boolean(options.nodeId && options.cloudUrl);\n\n const body: Record<string, unknown> = {\n registered,\n };\n\n if (registered) {\n body.cloudUrl = options.cloudUrl;\n body.nodeId = options.nodeId;\n if (options.spDomain) {\n body.spDomain = options.spDomain;\n }\n if (options.cloudBaseUrl) {\n const provisionUrl = options.provisionCode\n ? `${options.cloudBaseUrl.replace(/\\/$/, '')}/.account/?provisionCode=${encodeURIComponent(options.provisionCode)}`\n : `${options.cloudBaseUrl.replace(/\\/$/, '')}/.account/`;\n body.provisionUrl = provisionUrl;\n }\n }\n\n sendJson(response, 200, body);\n }, { public: true });\n\n logger.info('Provision status route registered');\n}\n\nasync function readJsonBody(request: IncomingMessage): Promise<unknown> {\n return new Promise((resolve, reject) => {\n let data = '';\n request.setEncoding('utf8');\n request.on('data', (chunk: string) => {\n data += chunk;\n });\n request.on('end', () => {\n if (!data) {\n resolve(undefined);\n return;\n }\n try {\n resolve(JSON.parse(data));\n } catch (error) {\n reject(error);\n }\n });\n request.on('error', reject);\n });\n}\n\nfunction sendJson(response: ServerResponse, status: number, data: unknown): void {\n response.statusCode = status;\n response.setHeader('Content-Type', 'application/json');\n response.end(JSON.stringify(data));\n}\n"]}
1
+ {"version":3,"file":"ProvisionHandler.js","sourceRoot":"","sources":["../../../src/api/handlers/ProvisionHandler.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;AAyBH,0DA0HC;AAwID,oEA+BC;AAvTD,iEAAqD;AAKrD,2EAAwE;AAcxE,eAAe;AACf,MAAM,WAAW,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAEjC,SAAgB,uBAAuB,CACrC,MAAiB,EACjB,OAAgC;IAEhC,MAAM,MAAM,GAAG,IAAA,oCAAY,EAAC,kBAAkB,CAAC,CAAC;IAChD,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,iBAAiB,EAAE,GAAG,OAAO,CAAC;IAC3D,MAAM,GAAG,GAAG,OAAO,CAAC,gBAAgB,IAAI,WAAW,CAAC;IACpD,MAAM,KAAK,GAAG,IAAI,uCAAkB,CAAC,OAAO,CAAC,CAAC;IAE9C;;;;;;;;;;OAUG;IACH,MAAM,CAAC,IAAI,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE;QAC1D,IAAI,IAQH,CAAC;QACF,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,YAAY,CAAC,OAAO,CAAQ,IAAI,EAAE,CAAC;QAClD,CAAC;QAAC,MAAM,CAAC;YACP,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC;YACxD,OAAO;QACT,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,CAAC;YAC5D,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC,CAAC;YAC/D,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,cAAc,CAAC;gBAC7C,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,YAAY,EAAE,IAAI,CAAC,YAAY;aAChC,CAAC,CAAC;YAEH,MAAM,eAAe,GAAG,iBAAiB;gBACvC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACrG,CAAC,CAAC,SAAS,CAAC;YACd,MAAM,QAAQ,GAAG,eAAe;gBAC9B,CAAC,CAAC,GAAG,eAAe,IAAI,iBAAiB,EAAE;gBAC3C,CAAC,CAAC,SAAS,CAAC;YACd,MAAM,WAAW,GAAG,MAAM,wBAAwB,CAAC;gBACjD,UAAU;gBACV,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,eAAe;gBACf,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,cAAc,EAAE,OAAO,CAAC,cAAc;gBACtC,iBAAiB;aAClB,CAAC,CAAC;YAEH,IAAI,IAAI,CAAC,IAAI,IAAI,eAAe,EAAE,CAAC;gBACjC,MAAM,UAAU,CAAC,cAAc,CAAC,MAAM,CAAC,MAAM,EAAE;oBAC7C,UAAU,EAAE,WAAW,EAAE,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ;oBAC/D,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,SAAS,EAAE,eAAe;iBAC3B,CAAC,CAAC;YACL,CAAC;YAED,gDAAgD;YAChD,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC;gBACjC,KAAK,EAAE,IAAI,CAAC,SAAS;gBACrB,YAAY,EAAE,MAAM,CAAC,YAAY;gBACjC,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,QAAQ;gBACR,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG;aACzC,CAAC,CAAC;YAEH,MAAM,CAAC,IAAI,CAAC,sBAAsB,MAAM,CAAC,MAAM,OAAO,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC,CAAC,CAAC,eAAe,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAEpH,MAAM,YAAY,GAA4B;gBAC5C,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,SAAS,EAAE,MAAM,CAAC,SAAS;gBAC3B,YAAY,EAAE,MAAM,CAAC,YAAY;gBACjC,aAAa;aACd,CAAC;YACF,IAAI,QAAQ,EAAE,CAAC;gBACb,YAAY,CAAC,QAAQ,GAAG,QAAQ,CAAC;YACnC,CAAC;YACD,IAAI,WAAW,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC;gBAC3C,YAAY,CAAC,WAAW,GAAG,WAAW,CAAC,YAAY,CAAC,WAAW,CAAC;YAClE,CAAC;YACD,IAAI,WAAW,EAAE,YAAY,EAAE,QAAQ,EAAE,CAAC;gBACxC,YAAY,CAAC,cAAc,GAAG,WAAW,CAAC,YAAY,CAAC,QAAQ,CAAC;YAClE,CAAC;YACD,IAAI,WAAW,EAAE,YAAY,EAAE,QAAQ,EAAE,CAAC;gBACxC,YAAY,CAAC,cAAc,GAAG,WAAW,CAAC,YAAY,CAAC,QAAQ,CAAC;YAClE,CAAC;YAED,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC;QACxC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,+BAA+B,KAAK,EAAE,CAAC,CAAC;YACrD,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,4BAA4B,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IAErB,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;AAC7C,CAAC;AAOD,KAAK,UAAU,wBAAwB,CAAC,OAUvC;IACC,MAAM,EACJ,UAAU,EACV,QAAQ,EACR,cAAc,EACd,MAAM,EACN,eAAe,EACf,iBAAiB,EACjB,SAAS,EACT,SAAS,EACT,IAAI,GACL,GAAG,OAAO,CAAC;IAEZ,IAAI,CAAC,eAAe,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC3C,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,IAAI,GAAwB,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC;IAE7D,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QAC3D,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,QAAQ,CAAC,iBAAiB,CAAC;gBAC/B,SAAS,EAAE,eAAe;gBAC1B,MAAM,EAAE,iBAAiB;gBACzB,MAAM;gBACN,SAAS,EAAE,IAAI;aAChB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,IAAI,IAAI,KAAK,QAAQ,IAAI,CAAC,cAAc,IAAI,CAAC,SAAS,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;QACzE,OAAO,EAAE,IAAI,EAAE,CAAC;IAClB,CAAC;IAED,MAAM,cAAc,GAAG,MAAM,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;IAChE,MAAM,QAAQ,GAAG,cAAc,EAAE,QAA0C,CAAC;IAC5E,MAAM,cAAc,GAAG,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IACzD,IAAI,cAAc,IAAI,cAAc,CAAC,SAAS,KAAK,eAAe,IAAI,cAAc,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QAC7G,OAAO;YACL,IAAI;YACJ,YAAY,EAAE,cAAc,CAAC,MAAM;SACpC,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,cAAc,CAAC,KAAK,CAAC;QAC9C,SAAS,EAAE,eAAe;QAC1B,SAAS;KACV,CAAC,CAAC;IAEH,MAAM,UAAU,CAAC,iBAAiB,CAAC,MAAM,EAAE;QACzC,aAAa,EAAE;YACb,QAAQ,EAAE,YAAY,CAAC,QAAQ;YAC/B,QAAQ,EAAE,YAAY,CAAC,QAAQ;YAC/B,WAAW,EAAE,YAAY,CAAC,WAAW;YACrC,QAAQ,EAAE,YAAY,CAAC,QAAQ;YAC/B,SAAS,EAAE,eAAe;YAC1B,SAAS;YACT,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACvC;QACD,aAAa,EAAE,YAAY,CAAC,QAAQ,IAAI,SAAS;KAClD,CAAC,CAAC;IAEH,OAAO;QACL,IAAI;QACJ,YAAY;KACb,CAAC;AACJ,CAAC;AAED,SAAS,uBAAuB,CAAC,QAAwC;IACvE,MAAM,GAAG,GAAG,QAAQ,EAAE,aAAa,CAAC;IACpC,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,KAAK,GAAG,GAA8B,CAAC;IAC7C,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;IAChC,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;IAChC,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,CAAC;IACtC,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;IAChC,MAAM,SAAS,GAAG,OAAO,KAAK,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;IACpF,MAAM,SAAS,GAAG,OAAO,KAAK,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;IAEpF,IACE,CAAC,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,KAAK,IAAI,QAAQ,KAAK,YAAY,CAAC;WAC3E,OAAO,QAAQ,KAAK,QAAQ,EAC/B,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,OAAO;QACL,SAAS;QACT,SAAS;QACT,MAAM,EAAE;YACN,QAAQ;YACR,SAAS,EAAE,SAAS,IAAI,OAAO;YAC/B,QAAQ;YACR,QAAQ,EAAE,OAAO,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;YAC7D,WAAW,EAAE,OAAO,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;SACvE;KACF,CAAC;AACJ,CAAC;AAkBD,SAAgB,4BAA4B,CAC1C,MAAiB,EACjB,OAA+B;IAE/B,MAAM,MAAM,GAAG,IAAA,oCAAY,EAAC,wBAAwB,CAAC,CAAC;IAEtD,MAAM,CAAC,GAAG,CAAC,mBAAmB,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE;QAC3D,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC;QAE/D,MAAM,IAAI,GAA4B;YACpC,UAAU;SACX,CAAC;QAEF,IAAI,UAAU,EAAE,CAAC;YACf,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;YACjC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;YAC7B,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;gBACrB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;YACnC,CAAC;YACD,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;gBACzB,MAAM,YAAY,GAAG,OAAO,CAAC,aAAa;oBACxC,CAAC,CAAC,GAAG,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,4BAA4B,kBAAkB,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE;oBACnH,CAAC,CAAC,GAAG,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,YAAY,CAAC;gBAC3D,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;YACnC,CAAC;QACH,CAAC;QAED,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAChC,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IAErB,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,OAAwB;IAClD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAC5B,OAAO,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YACnC,IAAI,IAAI,KAAK,CAAC;QAChB,CAAC,CAAC,CAAC;QACH,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;YACrB,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,OAAO,CAAC,SAAS,CAAC,CAAC;gBACnB,OAAO;YACT,CAAC;YACD,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,KAAK,CAAC,CAAC;YAChB,CAAC;QACH,CAAC,CAAC,CAAC;QACH,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,QAAQ,CAAC,QAAwB,EAAE,MAAc,EAAE,IAAa;IACvE,QAAQ,CAAC,UAAU,GAAG,MAAM,CAAC;IAC7B,QAAQ,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;IACvD,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;AACrC,CAAC","sourcesContent":["/**\n * Provision Handler\n *\n * Cloud 端的 SP 注册 API\n *\n * POST /provision/nodes - SP 注册(公开,无需认证)\n * 返回 nodeId、nodeToken、serviceToken、provisionCode(自包含 JWT)\n *\n * provisionCode 是自包含 token,编码了 SP 的 publicUrl 和 serviceToken。\n * CSS 侧的 ProvisionPodCreator 解码后直接回调 SP,不需要查数据库。\n *\n * GET /provision/status - Local 端 SP 状态查询(公开)\n * 返回 SP 配置状态,供 Linx 查询\n */\n\nimport type { ServerResponse, IncomingMessage } from 'node:http';\nimport { getLoggerFor } from 'global-logger-factory';\nimport type { ApiServer } from '../ApiServer';\nimport type { EdgeNodeRepository } from '../../identity/drizzle/EdgeNodeRepository';\nimport type { DdnsRepository } from '../../identity/drizzle/DdnsRepository';\nimport type { TunnelProvider, TunnelConfig } from '../../tunnel/TunnelProvider';\nimport { ProvisionCodeCodec } from '../../provision/ProvisionCodeCodec';\n\nexport interface ProvisionHandlerOptions {\n repository: EdgeNodeRepository;\n ddnsRepo?: DdnsRepository;\n tunnelProvider?: TunnelProvider;\n /** Cloud baseUrl,用于派生 provisionCode 签名密钥 */\n baseUrl: string;\n /** 节点域名根域名,如 \"undefineds.site\" */\n baseStorageDomain?: string;\n /** provisionCode 有效期(秒),默认 24 小时 */\n provisionCodeTtl?: number;\n}\n\n/** 默认 24 小时 */\nconst DEFAULT_TTL = 24 * 60 * 60;\n\nexport function registerProvisionRoutes(\n server: ApiServer,\n options: ProvisionHandlerOptions,\n): void {\n const logger = getLoggerFor('ProvisionHandler');\n const { repository, baseUrl, baseStorageDomain } = options;\n const ttl = options.provisionCodeTtl ?? DEFAULT_TTL;\n const codec = new ProvisionCodeCodec(baseUrl);\n\n /**\n * POST /provision/nodes\n *\n * SP 注册端点(公开,SP 启动时调用,此时用户可能还没有 Cloud 账号)\n *\n * Request:\n * { publicUrl: string, nodeId?: string, displayName?: string, ipv4?: string, serviceToken?: string }\n *\n * Response 201:\n * { nodeId, nodeToken, serviceToken, provisionCode, spDomain? }\n */\n server.post('/provision/nodes', async (request, response) => {\n let body: {\n publicUrl?: string;\n nodeId?: string;\n nodeToken?: string;\n displayName?: string;\n ipv4?: string;\n serviceToken?: string;\n localPort?: number;\n };\n try {\n body = await readJsonBody(request) as any ?? {};\n } catch {\n sendJson(response, 400, { error: 'Invalid JSON body' });\n return;\n }\n\n if (!body.publicUrl) {\n sendJson(response, 400, { error: 'publicUrl is required' });\n return;\n }\n\n try {\n new URL(body.publicUrl);\n } catch {\n sendJson(response, 400, { error: 'Invalid publicUrl format' });\n return;\n }\n\n try {\n const result = await repository.registerSpNode({\n publicUrl: body.publicUrl,\n displayName: body.displayName,\n nodeId: body.nodeId,\n nodeToken: body.nodeToken,\n serviceToken: body.serviceToken,\n });\n\n const subdomainPrefix = baseStorageDomain\n ? result.nodeId.replace(/[^a-z0-9-]/gi, '').toLowerCase().slice(0, 63) || result.nodeId.split('-')[0]\n : undefined;\n const spDomain = subdomainPrefix\n ? `${subdomainPrefix}.${baseStorageDomain}`\n : undefined;\n const tunnelState = await ensureManagedTunnelState({\n repository,\n nodeId: result.nodeId,\n subdomainPrefix,\n publicUrl: body.publicUrl,\n localPort: body.localPort,\n ipv4: body.ipv4,\n ddnsRepo: options.ddnsRepo,\n tunnelProvider: options.tunnelProvider,\n baseStorageDomain,\n });\n\n if (body.ipv4 || subdomainPrefix) {\n await repository.updateNodeMode(result.nodeId, {\n accessMode: tunnelState?.mode === 'tunnel' ? 'proxy' : 'direct',\n ipv4: body.ipv4,\n subdomain: subdomainPrefix,\n });\n }\n\n // 生成自包含 provisionCode(编码了 SP 信息,CSS 解码后直接回调 SP)\n const provisionCode = codec.encode({\n spUrl: body.publicUrl,\n serviceToken: result.serviceToken,\n nodeId: result.nodeId,\n spDomain,\n exp: Math.floor(Date.now() / 1000) + ttl,\n });\n\n logger.info(`Registered SP node ${result.nodeId} at ${body.publicUrl}${spDomain ? `, spDomain: ${spDomain}` : ''}`);\n\n const responseBody: Record<string, unknown> = {\n nodeId: result.nodeId,\n nodeToken: result.nodeToken,\n serviceToken: result.serviceToken,\n provisionCode,\n };\n if (spDomain) {\n responseBody.spDomain = spDomain;\n }\n if (tunnelState?.tunnelConfig?.tunnelToken) {\n responseBody.tunnelToken = tunnelState.tunnelConfig.tunnelToken;\n }\n if (tunnelState?.tunnelConfig?.provider) {\n responseBody.tunnelProvider = tunnelState.tunnelConfig.provider;\n }\n if (tunnelState?.tunnelConfig?.endpoint) {\n responseBody.tunnelEndpoint = tunnelState.tunnelConfig.endpoint;\n }\n\n sendJson(response, 201, responseBody);\n } catch (error) {\n logger.error(`Failed to register SP node: ${error}`);\n sendJson(response, 500, { error: 'Failed to register SP node' });\n }\n }, { public: true });\n\n logger.info('Provision routes registered');\n}\n\ninterface ManagedTunnelState {\n mode: 'direct' | 'tunnel';\n tunnelConfig?: TunnelConfig;\n}\n\nasync function ensureManagedTunnelState(options: {\n repository: EdgeNodeRepository;\n ddnsRepo?: DdnsRepository;\n tunnelProvider?: TunnelProvider;\n nodeId: string;\n subdomainPrefix?: string;\n baseStorageDomain?: string;\n publicUrl: string;\n localPort?: number;\n ipv4?: string;\n}): Promise<ManagedTunnelState | undefined> {\n const {\n repository,\n ddnsRepo,\n tunnelProvider,\n nodeId,\n subdomainPrefix,\n baseStorageDomain,\n publicUrl,\n localPort,\n ipv4,\n } = options;\n\n if (!subdomainPrefix || !baseStorageDomain) {\n return undefined;\n }\n\n const mode: 'direct' | 'tunnel' = ipv4 ? 'direct' : 'tunnel';\n\n if (ddnsRepo) {\n const existing = await ddnsRepo.getRecord(subdomainPrefix);\n if (!existing) {\n await ddnsRepo.allocateSubdomain({\n subdomain: subdomainPrefix,\n domain: baseStorageDomain,\n nodeId,\n ipAddress: ipv4,\n });\n }\n }\n\n if (mode === 'direct' || !tunnelProvider || !localPort || localPort <= 0) {\n return { mode };\n }\n\n const metadataRecord = await repository.getNodeMetadata(nodeId);\n const metadata = metadataRecord?.metadata as Record<string, unknown> | null;\n const existingTunnel = readManagedTunnelConfig(metadata);\n if (existingTunnel && existingTunnel.subdomain === subdomainPrefix && existingTunnel.localPort === localPort) {\n return {\n mode,\n tunnelConfig: existingTunnel.config,\n };\n }\n\n const tunnelConfig = await tunnelProvider.setup({\n subdomain: subdomainPrefix,\n localPort,\n });\n\n await repository.mergeNodeMetadata(nodeId, {\n managedTunnel: {\n provider: tunnelConfig.provider,\n tunnelId: tunnelConfig.tunnelId,\n tunnelToken: tunnelConfig.tunnelToken,\n endpoint: tunnelConfig.endpoint,\n subdomain: subdomainPrefix,\n localPort,\n configuredAt: new Date().toISOString(),\n },\n publicAddress: tunnelConfig.endpoint || publicUrl,\n });\n\n return {\n mode,\n tunnelConfig,\n };\n}\n\nfunction readManagedTunnelConfig(metadata: Record<string, unknown> | null): { subdomain?: string; localPort?: number; config: TunnelConfig } | undefined {\n const raw = metadata?.managedTunnel;\n if (!raw || typeof raw !== 'object') {\n return undefined;\n }\n\n const value = raw as Record<string, unknown>;\n const provider = value.provider;\n const endpoint = value.endpoint;\n const tunnelToken = value.tunnelToken;\n const tunnelId = value.tunnelId;\n const subdomain = typeof value.subdomain === 'string' ? value.subdomain : undefined;\n const localPort = typeof value.localPort === 'number' ? value.localPort : undefined;\n\n if (\n (provider !== 'cloudflare' && provider !== 'frp' && provider !== 'sakura-frp')\n || typeof endpoint !== 'string'\n ) {\n return undefined;\n }\n\n return {\n subdomain,\n localPort,\n config: {\n provider,\n subdomain: subdomain ?? 'local',\n endpoint,\n tunnelId: typeof tunnelId === 'string' ? tunnelId : undefined,\n tunnelToken: typeof tunnelToken === 'string' ? tunnelToken : undefined,\n },\n };\n}\n\n/**\n * Local 端 SP 状态查询路由\n */\nexport interface ProvisionStatusOptions {\n /** Cloud API 端点 */\n cloudUrl?: string;\n /** 节点 ID */\n nodeId?: string;\n /** SP 子域名 */\n spDomain?: string;\n /** Cloud baseUrl,用于拼 provisionUrl */\n cloudBaseUrl?: string;\n /** provisionCode(可选,由环境变量传入) */\n provisionCode?: string;\n}\n\nexport function registerProvisionStatusRoute(\n server: ApiServer,\n options: ProvisionStatusOptions,\n): void {\n const logger = getLoggerFor('ProvisionStatusHandler');\n\n server.get('/provision/status', async (_request, response) => {\n const registered = Boolean(options.nodeId && options.cloudUrl);\n\n const body: Record<string, unknown> = {\n registered,\n };\n\n if (registered) {\n body.cloudUrl = options.cloudUrl;\n body.nodeId = options.nodeId;\n if (options.spDomain) {\n body.spDomain = options.spDomain;\n }\n if (options.cloudBaseUrl) {\n const provisionUrl = options.provisionCode\n ? `${options.cloudBaseUrl.replace(/\\/$/, '')}/.account/?provisionCode=${encodeURIComponent(options.provisionCode)}`\n : `${options.cloudBaseUrl.replace(/\\/$/, '')}/.account/`;\n body.provisionUrl = provisionUrl;\n }\n }\n\n sendJson(response, 200, body);\n }, { public: true });\n\n logger.info('Provision status route registered');\n}\n\nasync function readJsonBody(request: IncomingMessage): Promise<unknown> {\n return new Promise((resolve, reject) => {\n let data = '';\n request.setEncoding('utf8');\n request.on('data', (chunk: string) => {\n data += chunk;\n });\n request.on('end', () => {\n if (!data) {\n resolve(undefined);\n return;\n }\n try {\n resolve(JSON.parse(data));\n } catch (error) {\n reject(error);\n }\n });\n request.on('error', reject);\n });\n}\n\nfunction sendJson(response: ServerResponse, status: number, data: unknown): void {\n response.statusCode = status;\n response.setHeader('Content-Type', 'application/json');\n response.end(JSON.stringify(data));\n}\n"]}
package/dist/edge/DdnsManager.d.ts CHANGED
@@ -14,6 +14,7 @@ export interface DdnsManagerOptions {
14
14
  client: SubdomainClient;
15
15
  detector: EdgeNodeCapabilityDetector;
16
16
  subdomain: string;
17
+ localPort?: number;
17
18
  intervalMs?: number;
18
19
  autoAllocate?: boolean;
19
20
  tunnelProvider?: 'cloudflare' | 'sakura_frp' | 'none';
@@ -23,6 +24,7 @@ export declare class DdnsManager {
23
24
  private readonly client;
24
25
  private readonly detector;
25
26
  private readonly subdomain;
27
+ private readonly localPort?;
26
28
  private readonly intervalMs;
27
29
  private readonly autoAllocate;
28
30
  private readonly tunnelProvider;
package/dist/edge/DdnsManager.js CHANGED
@@ -20,6 +20,7 @@ class DdnsManager {
20
20
  this.client = options.client;
21
21
  this.detector = options.detector;
22
22
  this.subdomain = options.subdomain;
23
+ this.localPort = options.localPort;
23
24
  this.intervalMs = options.intervalMs ?? 60_000;
24
25
  this.autoAllocate = options.autoAllocate ?? true;
25
26
  this.tunnelProvider = options.tunnelProvider ?? 'none';
@@ -98,6 +99,7 @@ class DdnsManager {
98
99
  ipv6Address: this.lastMode === 'direct' ? ipv6 : undefined,
99
100
  mode: this.lastMode === 'tunnel' ? 'tunnel' : 'direct',
100
101
  tunnelProvider: this.tunnelProvider,
102
+ localPort: this.localPort,
101
103
  });
102
104
  if (result.success) {
103
105
  this.logger.info(`DDNS allocated: ${result.fqdn}`);
@@ -118,6 +120,7 @@ class DdnsManager {
118
120
  ipv6Address: this.lastMode === 'direct' ? ipv6 : undefined,
119
121
  mode: this.lastMode === 'tunnel' ? 'tunnel' : 'direct',
120
122
  tunnelProvider: this.tunnelProvider,
123
+ localPort: this.localPort,
121
124
  });
122
125
  if (result.success) {
123
126
  this.fqdn = result.fqdn;
package/dist/edge/DdnsManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"DdnsManager.js","sourceRoot":"","sources":["../../src/edge/DdnsManager.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;;AAEH,iEAAqD;AAerD,MAAa,WAAW;IAgBtB,YAAmB,OAA2B;QAf7B,WAAM,GAAG,IAAA,oCAAY,EAAC,IAAI,CAAC,CAAC;QASrC,cAAS,GAAG,KAAK,CAAC;QAIlB,aAAQ,GAAoC,SAAS,CAAC;QAG5D,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,MAAM,CAAC;QAC/C,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,IAAI,CAAC;QACjD,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,MAAM,CAAC;IACzD,CAAC;IAEM,KAAK,CAAC,KAAK;QAChB,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,OAAO;QACT,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wCAAwC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAE3E,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QACtB,IAAI,CAAC,QAAQ,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,KAAK,IAAI,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IAC3E,CAAC;IAEM,IAAI;QACT,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC7B,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC;QAC5B,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IAC3C,CAAC;IAEM,OAAO;QACZ,OAAO,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;IAChD,CAAC;IAEM,WAAW;QAChB,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAEM,SAAS;QAQd,OAAO;YACL,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE,IAAI,CAAC,QAAQ;YACnB,IAAI,EAAE,IAAI,CAAC,QAAQ;YACnB,IAAI,EAAE,IAAI,CAAC,QAAQ;YACnB,cAAc,EAAE,IAAI,CAAC,cAAc;SACpC,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,OAAO;QAClB,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;IACxB,CAAC;IAEO,KAAK,CAAC,QAAQ;QACpB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,sBAAsB,EAAE,CAAC;YAE7D,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;YACtC,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;YACtC,MAAM,WAAW,GAAG,OAAO,CAAC,UAAU,IAAI,UAAU,CAAC,CAAC;YAEtD,IAAI,CAAC,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC;YAElD,MAAM,IAAI,GAAG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;YACxC,MAAM,IAAI,GAAG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;YAExC,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBACzC,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC3C,CAAC;YAED,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;gBACnB,MAAM,SAAS,GAAG,IAAI,KAAK,IAAI,CAAC,QAAQ,IAAI,IAAI,KAAK,IAAI,CAAC,QAAQ,CAAC;gBACnE,IAAI,SAAS,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBAC5C,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;gBACpC,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAuB,KAAe,CAAC,OAAO,EAAE,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,iBAAiB,CAAC,IAAa,EAAE,IAAa;QAC1D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC3D,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qCAAqC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;YACvE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;YACtB,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;YAC1B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC;YACnC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC,WAAW,CAAC;YACrC,OAAO;QACT,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAEjE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YAC5C,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,SAAS,EAAE,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;YACxD,WAAW,EAAE,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;YAC1D,IAAI,EAAE,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ;YACtD,cAAc,EAAE,IAAI,CAAC,cAAc;SACpC,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YACnD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;YACtB,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACxB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;QAChE,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,UAAU,CAAC,IAAa,EAAE,IAAa;QACnD,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACjD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;YAC5D,OAAO;QACT,CAAC;QAGD,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,kBAAkB,IAAI,CAAC,SAAS,SAAS,IAAI,CAAC,QAAQ,SAAS,IAAI,IAAI,MAAM,SAAS,IAAI,IAAI,MAAM,WAAW,IAAI,CAAC,cAAc,EAAE,CACrI,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE;YAC1D,SAAS,EAAE,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;YACxD,WAAW,EAAE,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;YAC1D,IAAI,EAAE,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ;YACtD,cAAc,EAAE,IAAI,CAAC,cAAc;SACpC,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACxB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;CACF;AA7JD,kCA6JC","sourcesContent":["/**\n * DDNS Manager for Local Managed Mode\n *\n * Responsibilities (Local managed mode):\n * - Allocate a managed domain on Cloud (subdomain -> fqdn)\n * - Keep the record updated when network changes\n *\n * Note: if the machine has no public IP, we assume tunnel mode and let Cloud\n * point the managed domain to the configured tunnel provider.\n */\n\nimport { getLoggerFor } from 'global-logger-factory';\nimport type { SubdomainClient } from '../subdomain/SubdomainClient';\nimport type { EdgeNodeCapabilityDetector } from './EdgeNodeCapabilityDetector';\n\nexport interface DdnsManagerOptions {\n client: SubdomainClient;\n detector: EdgeNodeCapabilityDetector;\n subdomain: string;\n intervalMs?: number;\n autoAllocate?: boolean;\n\n // Local tunnel provider preference (best-effort hint for Cloud).\n tunnelProvider?: 'cloudflare' | 'sakura_frp' | 'none';\n}\n\nexport class DdnsManager {\n private readonly logger = getLoggerFor(this);\n private readonly client: SubdomainClient;\n private readonly detector: EdgeNodeCapabilityDetector;\n private readonly subdomain: string;\n private readonly intervalMs: number;\n private readonly autoAllocate: boolean;\n private readonly tunnelProvider: 'cloudflare' | 'sakura_frp' | 'none';\n\n private interval?: NodeJS.Timeout;\n private allocated = false;\n private fqdn?: string;\n private lastIpv4?: string;\n private lastIpv6?: string;\n private lastMode: 'direct' | 'tunnel' | 'unknown' = 'unknown';\n\n public constructor(options: DdnsManagerOptions) {\n this.client = options.client;\n this.detector = options.detector;\n this.subdomain = options.subdomain;\n this.intervalMs = options.intervalMs ?? 60_000;\n this.autoAllocate = options.autoAllocate ?? true;\n this.tunnelProvider = options.tunnelProvider ?? 'none';\n }\n\n public async start(): Promise<void> {\n if (this.interval) {\n return;\n }\n\n this.logger.info(`Starting DDNS manager for subdomain: ${this.subdomain}`);\n\n await this.runCycle();\n this.interval = setInterval(() => void this.runCycle(), this.intervalMs);\n }\n\n public stop(): void {\n if (this.interval) {\n clearInterval(this.interval);\n this.interval = undefined;\n }\n this.logger.info('DDNS manager stopped');\n }\n\n public getFqdn(): string | undefined {\n return this.allocated ? this.fqdn : undefined;\n }\n\n public isAllocated(): boolean {\n return this.allocated;\n }\n\n public getStatus(): {\n allocated: boolean;\n fqdn?: string;\n ipv4?: string;\n ipv6?: string;\n mode: 'direct' | 'tunnel' | 'unknown';\n tunnelProvider: string;\n } {\n return {\n allocated: this.allocated,\n fqdn: this.fqdn,\n ipv4: this.lastIpv4,\n ipv6: this.lastIpv6,\n mode: this.lastMode,\n tunnelProvider: this.tunnelProvider,\n };\n }\n\n public async runOnce(): Promise<void> {\n await this.runCycle();\n }\n\n private async runCycle(): Promise<void> {\n try {\n const netInfo = await this.detector.detectNetworkAddresses();\n\n const ipv4Public = netInfo.ipv4Public;\n const ipv6Public = netInfo.ipv6Public;\n const hasPublicIp = Boolean(ipv4Public || ipv6Public);\n\n this.lastMode = hasPublicIp ? 'direct' : 'tunnel';\n\n const ipv4 = ipv4Public ?? netInfo.ipv4;\n const ipv6 = ipv6Public ?? netInfo.ipv6;\n\n if (!this.allocated && this.autoAllocate) {\n await this.allocateSubdomain(ipv4, ipv6);\n }\n\n if (this.allocated) {\n const ipChanged = ipv4 !== this.lastIpv4 || ipv6 !== this.lastIpv6;\n if (ipChanged || this.lastMode === 'tunnel') {\n await this.updateDdns(ipv4, ipv6);\n }\n }\n } catch (error: unknown) {\n this.logger.error(`DDNS cycle failed: ${(error as Error).message}`);\n }\n }\n\n private async allocateSubdomain(ipv4?: string, ipv6?: string): Promise<void> {\n const existing = await this.client.getDdns(this.subdomain);\n if (existing) {\n this.logger.info(`DDNS subdomain already allocated: ${existing.fqdn}`);\n this.allocated = true;\n this.fqdn = existing.fqdn;\n this.lastIpv4 = existing.ipAddress;\n this.lastIpv6 = existing.ipv6Address;\n return;\n }\n\n this.logger.info(`Allocating DDNS subdomain: ${this.subdomain}`);\n\n const result = await this.client.allocateDdns({\n subdomain: this.subdomain,\n ipAddress: this.lastMode === 'direct' ? ipv4 : undefined,\n ipv6Address: this.lastMode === 'direct' ? ipv6 : undefined,\n mode: this.lastMode === 'tunnel' ? 'tunnel' : 'direct',\n tunnelProvider: this.tunnelProvider,\n });\n\n if (result.success) {\n this.logger.info(`DDNS allocated: ${result.fqdn}`);\n this.allocated = true;\n this.fqdn = result.fqdn;\n this.lastIpv4 = this.lastMode === 'direct' ? ipv4 : undefined;\n this.lastIpv6 = this.lastMode === 'direct' ? ipv6 : undefined;\n }\n }\n\n private async updateDdns(ipv4?: string, ipv6?: string): Promise<void> {\n if (this.lastMode === 'direct' && !ipv4 && !ipv6) {\n this.logger.debug('No IP address to update in direct mode');\n return;\n }\n\n\n this.logger.info(\n `Updating DDNS: ${this.subdomain} mode=${this.lastMode} ipv4=${ipv4 ?? 'none'} ipv6=${ipv6 ?? 'none'} tunnel=${this.tunnelProvider}`,\n );\n\n const result = await this.client.updateDdns(this.subdomain, {\n ipAddress: this.lastMode === 'direct' ? ipv4 : undefined,\n ipv6Address: this.lastMode === 'direct' ? ipv6 : undefined,\n mode: this.lastMode === 'tunnel' ? 'tunnel' : 'direct',\n tunnelProvider: this.tunnelProvider,\n });\n\n if (result.success) {\n this.fqdn = result.fqdn;\n this.lastIpv4 = this.lastMode === 'direct' ? ipv4 : undefined;\n this.lastIpv6 = this.lastMode === 'direct' ? ipv6 : undefined;\n this.logger.info(`DDNS updated: ${result.fqdn}`);\n }\n }\n}\n"]}
1
+ {"version":3,"file":"DdnsManager.js","sourceRoot":"","sources":["../../src/edge/DdnsManager.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;;AAEH,iEAAqD;AAgBrD,MAAa,WAAW;IAiBtB,YAAmB,OAA2B;QAhB7B,WAAM,GAAG,IAAA,oCAAY,EAAC,IAAI,CAAC,CAAC;QAUrC,cAAS,GAAG,KAAK,CAAC;QAIlB,aAAQ,GAAoC,SAAS,CAAC;QAG5D,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,MAAM,CAAC;QAC/C,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,IAAI,CAAC;QACjD,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,MAAM,CAAC;IACzD,CAAC;IAEM,KAAK,CAAC,KAAK;QAChB,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,OAAO;QACT,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wCAAwC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAE3E,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QACtB,IAAI,CAAC,QAAQ,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,KAAK,IAAI,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IAC3E,CAAC;IAEM,IAAI;QACT,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC7B,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC;QAC5B,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IAC3C,CAAC;IAEM,OAAO;QACZ,OAAO,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;IAChD,CAAC;IAEM,WAAW;QAChB,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAEM,SAAS;QAQd,OAAO;YACL,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE,IAAI,CAAC,QAAQ;YACnB,IAAI,EAAE,IAAI,CAAC,QAAQ;YACnB,IAAI,EAAE,IAAI,CAAC,QAAQ;YACnB,cAAc,EAAE,IAAI,CAAC,cAAc;SACpC,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,OAAO;QAClB,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;IACxB,CAAC;IAEO,KAAK,CAAC,QAAQ;QACpB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,sBAAsB,EAAE,CAAC;YAE7D,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;YACtC,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;YACtC,MAAM,WAAW,GAAG,OAAO,CAAC,UAAU,IAAI,UAAU,CAAC,CAAC;YAEtD,IAAI,CAAC,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC;YAElD,MAAM,IAAI,GAAG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;YACxC,MAAM,IAAI,GAAG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;YAExC,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBACzC,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC3C,CAAC;YAED,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;gBACnB,MAAM,SAAS,GAAG,IAAI,KAAK,IAAI,CAAC,QAAQ,IAAI,IAAI,KAAK,IAAI,CAAC,QAAQ,CAAC;gBACnE,IAAI,SAAS,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBAC5C,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;gBACpC,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAuB,KAAe,CAAC,OAAO,EAAE,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,iBAAiB,CAAC,IAAa,EAAE,IAAa;QAC1D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC3D,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qCAAqC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;YACvE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;YACtB,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;YAC1B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC;YACnC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC,WAAW,CAAC;YACrC,OAAO;QACT,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAEjE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;YAC5C,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,SAAS,EAAE,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;YACxD,WAAW,EAAE,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;YAC1D,IAAI,EAAE,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ;YACtD,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YACnD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;YACtB,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACxB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;QAChE,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,UAAU,CAAC,IAAa,EAAE,IAAa;QACnD,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACjD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;YAC5D,OAAO;QACT,CAAC;QAGD,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,kBAAkB,IAAI,CAAC,SAAS,SAAS,IAAI,CAAC,QAAQ,SAAS,IAAI,IAAI,MAAM,SAAS,IAAI,IAAI,MAAM,WAAW,IAAI,CAAC,cAAc,EAAE,CACrI,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE;YAC1D,SAAS,EAAE,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;YACxD,WAAW,EAAE,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;YAC1D,IAAI,EAAE,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ;YACtD,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACxB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;CACF;AAjKD,kCAiKC","sourcesContent":["/**\n * DDNS Manager for Local Managed Mode\n *\n * Responsibilities (Local managed mode):\n * - Allocate a managed domain on Cloud (subdomain -> fqdn)\n * - Keep the record updated when network changes\n *\n * Note: if the machine has no public IP, we assume tunnel mode and let Cloud\n * point the managed domain to the configured tunnel provider.\n */\n\nimport { getLoggerFor } from 'global-logger-factory';\nimport type { SubdomainClient } from '../subdomain/SubdomainClient';\nimport type { EdgeNodeCapabilityDetector } from './EdgeNodeCapabilityDetector';\n\nexport interface DdnsManagerOptions {\n client: SubdomainClient;\n detector: EdgeNodeCapabilityDetector;\n subdomain: string;\n localPort?: number;\n intervalMs?: number;\n autoAllocate?: boolean;\n\n // Local tunnel provider preference (best-effort hint for Cloud).\n tunnelProvider?: 'cloudflare' | 'sakura_frp' | 'none';\n}\n\nexport class DdnsManager {\n private readonly logger = getLoggerFor(this);\n private readonly client: SubdomainClient;\n private readonly detector: EdgeNodeCapabilityDetector;\n private readonly subdomain: string;\n private readonly localPort?: number;\n private readonly intervalMs: number;\n private readonly autoAllocate: boolean;\n private readonly tunnelProvider: 'cloudflare' | 'sakura_frp' | 'none';\n\n private interval?: NodeJS.Timeout;\n private allocated = false;\n private fqdn?: string;\n private lastIpv4?: string;\n private lastIpv6?: string;\n private lastMode: 'direct' | 'tunnel' | 'unknown' = 'unknown';\n\n public constructor(options: DdnsManagerOptions) {\n this.client = options.client;\n this.detector = options.detector;\n this.subdomain = options.subdomain;\n this.localPort = options.localPort;\n this.intervalMs = options.intervalMs ?? 60_000;\n this.autoAllocate = options.autoAllocate ?? true;\n this.tunnelProvider = options.tunnelProvider ?? 'none';\n }\n\n public async start(): Promise<void> {\n if (this.interval) {\n return;\n }\n\n this.logger.info(`Starting DDNS manager for subdomain: ${this.subdomain}`);\n\n await this.runCycle();\n this.interval = setInterval(() => void this.runCycle(), this.intervalMs);\n }\n\n public stop(): void {\n if (this.interval) {\n clearInterval(this.interval);\n this.interval = undefined;\n }\n this.logger.info('DDNS manager stopped');\n }\n\n public getFqdn(): string | undefined {\n return this.allocated ? this.fqdn : undefined;\n }\n\n public isAllocated(): boolean {\n return this.allocated;\n }\n\n public getStatus(): {\n allocated: boolean;\n fqdn?: string;\n ipv4?: string;\n ipv6?: string;\n mode: 'direct' | 'tunnel' | 'unknown';\n tunnelProvider: string;\n } {\n return {\n allocated: this.allocated,\n fqdn: this.fqdn,\n ipv4: this.lastIpv4,\n ipv6: this.lastIpv6,\n mode: this.lastMode,\n tunnelProvider: this.tunnelProvider,\n };\n }\n\n public async runOnce(): Promise<void> {\n await this.runCycle();\n }\n\n private async runCycle(): Promise<void> {\n try {\n const netInfo = await this.detector.detectNetworkAddresses();\n\n const ipv4Public = netInfo.ipv4Public;\n const ipv6Public = netInfo.ipv6Public;\n const hasPublicIp = Boolean(ipv4Public || ipv6Public);\n\n this.lastMode = hasPublicIp ? 'direct' : 'tunnel';\n\n const ipv4 = ipv4Public ?? netInfo.ipv4;\n const ipv6 = ipv6Public ?? netInfo.ipv6;\n\n if (!this.allocated && this.autoAllocate) {\n await this.allocateSubdomain(ipv4, ipv6);\n }\n\n if (this.allocated) {\n const ipChanged = ipv4 !== this.lastIpv4 || ipv6 !== this.lastIpv6;\n if (ipChanged || this.lastMode === 'tunnel') {\n await this.updateDdns(ipv4, ipv6);\n }\n }\n } catch (error: unknown) {\n this.logger.error(`DDNS cycle failed: ${(error as Error).message}`);\n }\n }\n\n private async allocateSubdomain(ipv4?: string, ipv6?: string): Promise<void> {\n const existing = await this.client.getDdns(this.subdomain);\n if (existing) {\n this.logger.info(`DDNS subdomain already allocated: ${existing.fqdn}`);\n this.allocated = true;\n this.fqdn = existing.fqdn;\n this.lastIpv4 = existing.ipAddress;\n this.lastIpv6 = existing.ipv6Address;\n return;\n }\n\n this.logger.info(`Allocating DDNS subdomain: ${this.subdomain}`);\n\n const result = await this.client.allocateDdns({\n subdomain: this.subdomain,\n ipAddress: this.lastMode === 'direct' ? ipv4 : undefined,\n ipv6Address: this.lastMode === 'direct' ? ipv6 : undefined,\n mode: this.lastMode === 'tunnel' ? 'tunnel' : 'direct',\n tunnelProvider: this.tunnelProvider,\n localPort: this.localPort,\n });\n\n if (result.success) {\n this.logger.info(`DDNS allocated: ${result.fqdn}`);\n this.allocated = true;\n this.fqdn = result.fqdn;\n this.lastIpv4 = this.lastMode === 'direct' ? ipv4 : undefined;\n this.lastIpv6 = this.lastMode === 'direct' ? ipv6 : undefined;\n }\n }\n\n private async updateDdns(ipv4?: string, ipv6?: string): Promise<void> {\n if (this.lastMode === 'direct' && !ipv4 && !ipv6) {\n this.logger.debug('No IP address to update in direct mode');\n return;\n }\n\n\n this.logger.info(\n `Updating DDNS: ${this.subdomain} mode=${this.lastMode} ipv4=${ipv4 ?? 'none'} ipv6=${ipv6 ?? 'none'} tunnel=${this.tunnelProvider}`,\n );\n\n const result = await this.client.updateDdns(this.subdomain, {\n ipAddress: this.lastMode === 'direct' ? ipv4 : undefined,\n ipv6Address: this.lastMode === 'direct' ? ipv6 : undefined,\n mode: this.lastMode === 'tunnel' ? 'tunnel' : 'direct',\n tunnelProvider: this.tunnelProvider,\n localPort: this.localPort,\n });\n\n if (result.success) {\n this.fqdn = result.fqdn;\n this.lastIpv4 = this.lastMode === 'direct' ? ipv4 : undefined;\n this.lastIpv6 = this.lastMode === 'direct' ? ipv6 : undefined;\n this.logger.info(`DDNS updated: ${result.fqdn}`);\n }\n }\n}\n"]}
package/dist/identity/drizzle/EdgeNodeRepository.d.ts CHANGED
@@ -177,6 +177,8 @@ export declare class EdgeNodeRepository {
177
177
  displayName?: string;
178
178
  /** SP 提供的设备 ID,作为 nodeId(不传则随机生成) */
179
179
  nodeId?: string;
180
+ /** SP 已保存的 nodeToken,重复注册时用于保留旧凭证 */
181
+ nodeToken?: string;
180
182
  /** SP 提供的 serviceToken,不传则随机生成 */
181
183
  serviceToken?: string;
182
184
  }): Promise<CreateSpNodeResult>;
package/dist/identity/drizzle/EdgeNodeRepository.js CHANGED
@@ -464,7 +464,7 @@ class EdgeNodeRepository {
464
464
  */
465
465
  async registerSpNode(options) {
466
466
  const nodeId = options.nodeId || (0, node_crypto_1.randomUUID)();
467
- const nodeToken = (0, node_crypto_1.randomBytes)(32).toString('base64url');
467
+ const nodeToken = options.nodeToken || (0, node_crypto_1.randomBytes)(32).toString('base64url');
468
468
  const nodeTokenHash = (0, node_crypto_1.createHash)('sha256').update(nodeToken).digest('hex');
469
469
  const serviceToken = options.serviceToken || (0, node_crypto_1.randomBytes)(32).toString('base64url');
470
470
  const now = new Date();
package/dist/identity/drizzle/EdgeNodeRepository.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"EdgeNodeRepository.js","sourceRoot":"","sources":["../../../src/identity/drizzle/EdgeNodeRepository.ts"],"names":[],"mappings":";;;AAAA,6CAAmF;AACnF,6CAAsC;AAEtC,6BAAsF;AACtF,qCAAqC;AAmDrC,MAAa,kBAAkB;IAC7B,YAAoC,EAAoB;QAApB,OAAE,GAAF,EAAE,CAAkB;IAAG,CAAC;IAErD,KAAK,CAAC,SAAS;QACpB,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;;;;;;;;;;;;;;KAgB7C,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAQ,EAAmB,EAAE;YACnD,MAAM,SAAS,GAAG,IAAA,oBAAe,EAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAClD,MAAM,SAAS,GAAG,IAAA,oBAAe,EAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAClD,MAAM,QAAQ,GAAG,IAAA,oBAAe,EAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YAChD,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;gBACtB,WAAW,EAAE,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC;gBAC5E,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAA6B;gBACjH,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC;gBACpC,SAAS,EAAE,SAAS,EAAE,WAAW,EAAE;gBACnC,SAAS,EAAE,SAAS,EAAE,WAAW,EAAE;gBACnC,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE;gBACjC,QAAQ,EAAE,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,IAAI,IAAI,CAAC;aAC/F,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,UAAU,CAAC,WAAoB,EAAE,UAAmB;QAC/D,MAAM,MAAM,GAAG,IAAA,wBAAU,GAAE,CAAC;QAC5B,MAAM,KAAK,GAAG,IAAA,yBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,SAAS,GAAG,IAAA,wBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,EAAE,GAAG,IAAA,kBAAa,EAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QAEvC,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;gBAEvB,MAAM,KAAK,WAAW,IAAI,IAAI,KAAK,SAAS,KAAK,EAAE,KAAK,EAAE;KACrE,CAAC,CAAC;QAEH,OAAO;YACL,MAAM;YACN,KAAK;YACL,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE;SAC7B,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,YAAY,CAAC,OAAe;QACvC,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,MAAc;QACvC,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;mBAG/B,MAAM;;KAEpB,CAAC,CAAC;QACH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,WAAW,EAAE,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC;YAC5E,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC;YACvC,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAA6B;YACjH,QAAQ,EAAE,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,IAAI,IAAI,CAAC;SAC/F,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,mBAAmB,CAAC,MAAc,EAAE,QAAwC,EAAE,SAAe;QACxG,MAAM,OAAO,GAAG,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACnE,MAAM,EAAE,GAAG,IAAA,kBAAa,EAAC,IAAI,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;QAE7C,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;uBAEhB,OAAO;wBACN,EAAE;yBACD,EAAE;mBACR,MAAM;KACpB,CAAC,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAc,EAAE,OAO3C;QACC,MAAM,mBAAmB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC/F,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,EAAE,GAAG,IAAA,kBAAa,EAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QAEvC,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;0BAEb,OAAO,CAAC,UAAU;mBACzB,OAAO,CAAC,IAAI,IAAI,IAAI;0BACb,OAAO,CAAC,UAAU,IAAI,IAAI;wBAC5B,OAAO,CAAC,SAAS,IAAI,IAAI;kCACf,OAAO,CAAC,kBAAkB,IAAI,SAAS;2BAC9C,mBAAmB;sCACR,EAAE;yBACf,EAAE;mBACR,MAAM;KACpB,CAAC,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,MAAc;QASjD,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;;mBAI/B,MAAM;;KAEpB,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,UAAU,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;YACjE,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;YAC7C,UAAU,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;YACjE,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS;YAC5D,kBAAkB,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,SAAS;YACzF,qBAAqB,EAAE,IAAA,oBAAe,EAAC,GAAG,CAAC,uBAAuB,CAAC;SACpE,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,iBAAiB,CAAC,MAAc,EAAE,KAA8B;QAC3E,wBAAwB;QACxB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,QAAQ,MAAM,YAAY,CAAC,CAAC;QAC9C,CAAC;QAED,6BAA6B;QAC7B,MAAM,MAAM,GAAG,EAAE,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,EAAE,GAAG,KAAK,EAAE,CAAC;QACzD,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACvC,MAAM,EAAE,GAAG,IAAA,kBAAa,EAAC,IAAI,CAAC,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;QAE9C,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;uBAEhB,OAAO;yBACL,EAAE;mBACR,MAAM;KACpB,CAAC,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,eAAe,CAAC,MAAc;QACzC,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;mBAG/B,MAAM;;KAEpB,CAAC,CAAC;QACH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,QAAQ,EAAE,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,IAAI,IAAI,CAAC;YAC9F,QAAQ,EAAE,IAAA,oBAAe,EAAC,GAAG,CAAC,SAAS,CAAC;SACzC,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,eAAe,CAAC,MAAc,EAAE,IAAc;QACzD,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,EAAoB,EAAE,EAAE;YACvD,MAAM,EAAE,CAAC,OAAO,CAAC,IAAA,iBAAG,EAAA,sDAAsD,MAAM,EAAE,CAAC,CAAC;YACpF,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpB,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,IAAA,iBAAG,EAAA,IAAI,MAAM,KAAK,OAAO,GAAG,CAAC,CAAC;gBACnE,MAAM,EAAE,CAAC,OAAO,CAAC,IAAA,iBAAG,EAAA;;mBAET,iBAAG,CAAC,IAAI,CAAC,MAAM,EAAE,IAAA,iBAAG,EAAA,IAAI,CAAC;;SAEnC,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,sBAAsB,CAAC,IAAY;QAC9C,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;;;;;cAOpC,IAAI;;;KAGb,CAAC,CAAC;QACH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;YAC7B,UAAU,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;YACjE,QAAQ,EAAE,GAAG,CAAC,QAAQ,IAAI,IAAI;SAC/B,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,mBAAmB,CAAC,QAAgB;QAC/C,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACjD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5B,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;0BAGxB,UAAU;;KAE/B,CAAC,CAAC;QACH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,UAAU,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;YACjE,QAAQ,EAAE,GAAG,CAAC,QAAQ,IAAI,IAAI;YAC9B,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS;SAC7D,CAAC;IACJ,CAAC;IAEM,YAAY,CAAC,SAAiB,EAAE,KAAa;QAClD,IAAI,CAAC,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;YAChD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;YAC/C,MAAM,MAAM,GAAG,IAAA,wBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC;YAC3D,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM,EAAE,CAAC;gBACtC,OAAO,KAAK,CAAC;YACf,CAAC;YACD,OAAO,IAAA,6BAAe,EAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,mBAAmB,CAAC,MAAc;QAQ7C,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,EAAE;aACtB,MAAM,CAAC;YACN,EAAE,EAAE,kBAAS,CAAC,EAAE;YAChB,YAAY,EAAE,kBAAS,CAAC,YAAY;YACpC,QAAQ,EAAE,kBAAS,CAAC,QAAQ;YAC5B,UAAU,EAAE,kBAAS,CAAC,UAAU;YAChC,QAAQ,EAAE,kBAAS,CAAC,QAAQ;YAC5B,kBAAkB,EAAE,kBAAS,CAAC,kBAAkB;SACjD,CAAC;aACD,IAAI,CAAC,kBAAS,CAAC;aACf,KAAK,CAAC,IAAA,gBAAE,EAAC,kBAAS,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;aAC/B,KAAK,CAAC,CAAC,CAAC,CAAC;QAEZ,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrB,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QACpB,MAAM,QAAQ,GAAG,IAAI,CAAC,QAA0C,CAAC;QAEjE,OAAO;YACL,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,YAAY,EAAE,IAAI,CAAC,YAA8C;YACjE,kBAAkB,EAAE,QAAQ,EAAE,YAAwB,IAAI,IAAI;YAC9D,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,kBAAkB,EAAE,IAAI,CAAC,kBAAkB;SAC5C,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB;QAQ/B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,EAAE;aACvB,MAAM,CAAC;YACN,EAAE,EAAE,kBAAS,CAAC,EAAE;YAChB,YAAY,EAAE,kBAAS,CAAC,YAAY;YACpC,QAAQ,EAAE,kBAAS,CAAC,QAAQ;YAC5B,UAAU,EAAE,kBAAS,CAAC,UAAU;YAChC,QAAQ,EAAE,kBAAS,CAAC,QAAQ;YAC5B,kBAAkB,EAAE,kBAAS,CAAC,kBAAkB;SACjD,CAAC;aACD,IAAI,CAAC,kBAAS,CAAC;aACf,OAAO,CAAC,kBAAS,CAAC,QAAQ,CAAC,CAAC;QAE/B,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAmB,EAAE,EAAE;YACtC,MAAM,QAAQ,GAAG,GAAG,CAAC,QAA0C,CAAC;YAEhE,OAAO;gBACL,MAAM,EAAE,GAAG,CAAC,EAAE;gBACd,YAAY,EAAE,GAAG,CAAC,YAA8C;gBAChE,kBAAkB,EAAE,QAAQ,EAAE,YAAwB,IAAI,IAAI;gBAC9D,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,kBAAkB,EAAE,GAAG,CAAC,kBAAkB;aAC3C,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAEhD;;;OAGG;IACI,KAAK,CAAC,kBAAkB,CAAC,OAK/B;QACC,MAAM,KAAK,GAAG,IAAA,yBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,SAAS,GAAG,IAAA,wBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,0CAA0C;QAErF,oDAAoD;QACpD,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;;;;UAM7B,OAAO,CAAC,MAAM,KAAK,OAAO,CAAC,WAAW,IAAI,IAAI,KAAK,SAAS;UAC5D,OAAO,CAAC,UAAU,KAAK,OAAO,CAAC,YAAY,gBAAgB,GAAG,KAAK,GAAG,KAAK,GAAG;;;;;;;;KAQnF,CAAC,CAAC;QAEH,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC;IAC3C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,yBAAyB,CACpC,MAAc,EACd,UAAkB,EAClB,YAAoB,EACpB,SAAe;QAEf,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,0CAA0C;QAC7F,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;0BAEb,UAAU;4BACR,YAAY;wBAChB,EAAE;yBACD,EAAE;;mBAER,MAAM;KACpB,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,eAAe;QAC1B,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;;;KAK7C,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAQ,EAAkB,EAAE,CAAC,CAAC;YACpD,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,WAAW,EAAE,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC;YAC5E,UAAU,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;YACzC,YAAY,EAAE,MAAM,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,CAAC;YAC5C,kBAAkB,EAAE,CAAC,GAAG,CAAC,mBAAmB,IAAI,SAAS,CAA4C;YACrG,QAAQ,EAAE,IAAA,oBAAe,EAAC,GAAG,CAAC,SAAS,CAAC;SACzC,CAAC,CAAC,CAAC;IACN,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,aAAa,CAAC,MAAc;QACvC,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;mBAG/B,MAAM;;KAEpB,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,WAAW,EAAE,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC;YAC5E,UAAU,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;YACzC,YAAY,EAAE,MAAM,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,CAAC;YAC5C,kBAAkB,EAAE,CAAC,GAAG,CAAC,mBAAmB,IAAI,SAAS,CAA4C;YACrG,QAAQ,EAAE,IAAA,oBAAe,EAAC,GAAG,CAAC,SAAS,CAAC;SACzC,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,wBAAwB,CAAC,UAAkB,EAAE,YAAoB;QAC5E,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;qDAGG,UAAU,wBAAwB,YAAY;;KAE9F,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,WAAW,EAAE,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC;YAC5E,UAAU,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;YACzC,YAAY,EAAE,MAAM,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,CAAC;YAC5C,kBAAkB,EAAE,CAAC,GAAG,CAAC,mBAAmB,IAAI,SAAS,CAA4C;YACrG,QAAQ,EAAE,IAAA,oBAAe,EAAC,GAAG,CAAC,SAAS,CAAC;SACzC,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,yBAAyB,CAAC,MAAc;QACnD,MAAM,EAAE,GAAG,IAAA,kBAAa,EAAC,IAAI,CAAC,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;QAC9C,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;yBAGd,EAAE;mBACR,MAAM;KACpB,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,gBAAgB,CAAC,MAAc;QAC1C,4FAA4F;QAC5F,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;mBAEpB,MAAM;KACpB,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAED,uDAAuD;IAEvD;;OAEG;IACI,KAAK,CAAC,kBAAkB,CAAC,SAAiB;QAS/C,KAAK,SAAS,CAAC;QACf,OAAO,EAAE,CAAC;IACZ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,UAAU,CAAC,MAAc;QACpC,+BAA+B;QAC/B,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;2DACoB,MAAM;KAC5D,CAAC,CAAC;QAEH,uBAAuB;QACvB,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;mBAE/B,MAAM;;KAEpB,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAChC,CAAC;IAED,+DAA+D;IAE/D;;;;;;OAMG;IACI,KAAK,CAAC,cAAc,CAAC,OAO3B;QACC,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,IAAA,wBAAU,GAAE,CAAC;QAC9C,MAAM,SAAS,GAAG,IAAA,yBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACxD,MAAM,aAAa,GAAG,IAAA,wBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC3E,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,IAAA,yBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACnF,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,EAAE,GAAG,IAAA,kBAAa,EAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QAEvC,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;;;;;UAO7B,MAAM,KAAK,OAAO,CAAC,WAAW,IAAI,IAAI,KAAK,aAAa,KAAK,YAAY;gBACnE,OAAO,CAAC,SAAS,gBAAgB,EAAE,KAAK,EAAE;;;;;;;;KAQrD,CAAC,CAAC;QAEH,OAAO;YACL,MAAM;YACN,SAAS;YACT,YAAY;YACZ,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE;SAC7B,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,SAAS,CAAC,MAAc;QACnC,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;mBAG/B,MAAM;;KAEpB,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,WAAW,EAAE,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC;YAC5E,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC;YACvC,gBAAgB,EAAE,MAAM,CAAC,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAAC;YACtD,QAAQ,EAAE,IAAA,oBAAe,EAAC,GAAG,CAAC,SAAS,CAAC;SACzC,CAAC;IACJ,CAAC;CACF;AAzmBD,gDAymBC","sourcesContent":["import { randomBytes, randomUUID, createHash, timingSafeEqual } from 'node:crypto';\nimport { sql, eq } from 'drizzle-orm';\nimport type { IdentityDatabase } from './db';\nimport { executeStatement, executeQuery, toDbTimestamp, fromDbTimestamp } from './db';\nimport { edgeNodes } from './schema';\n\nexport interface EdgeNodeSummary {\n nodeId: string;\n displayName?: string;\n nodeType: 'center' | 'edge' | 'sp';\n podCount: number;\n createdAt?: string;\n updatedAt?: string;\n lastSeen?: string;\n metadata?: Record<string, unknown> | null;\n}\n\nexport interface CreateEdgeNodeResult {\n nodeId: string;\n token: string;\n createdAt: string;\n}\n\nexport interface EdgeNodeSecret {\n nodeId: string;\n displayName?: string;\n tokenHash: string;\n nodeType: 'center' | 'edge' | 'sp';\n metadata?: Record<string, unknown> | null;\n}\n\nexport interface CenterNodeInfo {\n nodeId: string;\n displayName?: string;\n internalIp: string;\n internalPort: number;\n connectivityStatus: 'unknown' | 'reachable' | 'unreachable';\n lastSeen?: Date;\n}\n\nexport interface CreateSpNodeResult {\n nodeId: string;\n nodeToken: string;\n serviceToken: string;\n createdAt: string;\n}\n\nexport interface SpNodeInfo {\n nodeId: string;\n displayName?: string;\n publicUrl: string;\n serviceTokenHash: string;\n lastSeen?: Date;\n}\n\nexport class EdgeNodeRepository {\n public constructor(private readonly db: IdentityDatabase) {}\n\n public async listNodes(): Promise<EdgeNodeSummary[]> {\n const result = await executeQuery(this.db, sql`\n SELECT en.id,\n en.display_name,\n en.node_type,\n en.created_at,\n en.updated_at,\n en.last_seen,\n en.metadata,\n COALESCE(pods.count, 0) AS pod_count\n FROM identity_edge_node en\n LEFT JOIN (\n SELECT node_id, COUNT(*) AS count\n FROM identity_edge_node_pod\n GROUP BY node_id\n ) pods ON pods.node_id = en.id\n ORDER BY en.created_at ASC\n `);\n\n return result.rows.map((row: any): EdgeNodeSummary => {\n const createdAt = fromDbTimestamp(row.created_at);\n const updatedAt = fromDbTimestamp(row.updated_at);\n const lastSeen = fromDbTimestamp(row.last_seen);\n return {\n nodeId: String(row.id),\n displayName: row.display_name == null ? undefined : String(row.display_name),\n nodeType: (['center', 'edge', 'sp'].includes(row.node_type) ? row.node_type : 'edge') as 'center' | 'edge' | 'sp',\n podCount: Number(row.pod_count ?? 0),\n createdAt: createdAt?.toISOString(),\n updatedAt: updatedAt?.toISOString(),\n lastSeen: lastSeen?.toISOString(),\n metadata: typeof row.metadata === 'string' ? JSON.parse(row.metadata) : (row.metadata ?? null),\n };\n });\n }\n\n public async createNode(displayName?: string, _accountId?: string): Promise<CreateEdgeNodeResult> {\n const nodeId = randomUUID();\n const token = randomBytes(32).toString('base64url');\n const tokenHash = createHash('sha256').update(token).digest('hex');\n const now = new Date();\n const ts = toDbTimestamp(this.db, now);\n\n await executeStatement(this.db, sql`\n INSERT INTO identity_edge_node (id, display_name, token_hash, created_at, updated_at)\n VALUES (${nodeId}, ${displayName ?? null}, ${tokenHash}, ${ts}, ${ts})\n `);\n\n return {\n nodeId,\n token,\n createdAt: now.toISOString(),\n };\n }\n\n /**\n * Node/account 关系待产品化后单独建模;当前阶段不再在节点表上持久化账号归属。\n */\n public async getNodeOwner(_nodeId: string): Promise<string | undefined> {\n return undefined;\n }\n\n public async getNodeSecret(nodeId: string): Promise<EdgeNodeSecret | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT id, display_name, token_hash, node_type, metadata\n FROM identity_edge_node\n WHERE id = ${nodeId}\n LIMIT 1\n `);\n if (result.rows.length === 0) {\n return undefined;\n }\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n displayName: row.display_name == null ? undefined : String(row.display_name),\n tokenHash: String(row.token_hash ?? ''),\n nodeType: (['center', 'edge', 'sp'].includes(row.node_type) ? row.node_type : 'edge') as 'center' | 'edge' | 'sp',\n metadata: typeof row.metadata === 'string' ? JSON.parse(row.metadata) : (row.metadata ?? null),\n };\n }\n\n public async updateNodeHeartbeat(nodeId: string, metadata: Record<string, unknown> | null, timestamp: Date): Promise<void> {\n const payload = metadata == null ? null : JSON.stringify(metadata);\n const ts = toDbTimestamp(this.db, timestamp);\n\n await executeStatement(this.db, sql`\n UPDATE identity_edge_node\n SET metadata = ${payload},\n last_seen = ${ts},\n updated_at = ${ts}\n WHERE id = ${nodeId}\n `);\n }\n\n public async updateNodeMode(nodeId: string, options: {\n accessMode: 'direct' | 'proxy';\n ipv4?: string;\n publicPort?: number;\n subdomain?: string;\n connectivityStatus?: 'unknown' | 'reachable' | 'unreachable';\n capabilities?: Record<string, unknown>;\n }): Promise<void> {\n const capabilitiesPayload = options.capabilities ? JSON.stringify(options.capabilities) : null;\n const now = new Date();\n const ts = toDbTimestamp(this.db, now);\n\n await executeStatement(this.db, sql`\n UPDATE identity_edge_node\n SET access_mode = ${options.accessMode},\n ipv4 = ${options.ipv4 ?? null},\n public_port = ${options.publicPort ?? null},\n subdomain = ${options.subdomain ?? null},\n connectivity_status = ${options.connectivityStatus ?? 'unknown'},\n capabilities = ${capabilitiesPayload},\n last_connectivity_check = ${ts},\n updated_at = ${ts}\n WHERE id = ${nodeId}\n `);\n }\n\n public async getNodeConnectivityInfo(nodeId: string): Promise<{\n nodeId: string;\n accessMode?: string;\n ipv4?: string;\n publicPort?: number;\n subdomain?: string;\n connectivityStatus?: string;\n lastConnectivityCheck?: Date;\n } | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT id, access_mode, ipv4, public_port, subdomain,\n connectivity_status, last_connectivity_check\n FROM identity_edge_node\n WHERE id = ${nodeId}\n LIMIT 1\n `);\n\n if (result.rows.length === 0) {\n return undefined;\n }\n\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n accessMode: row.access_mode ? String(row.access_mode) : undefined,\n ipv4: row.ipv4 ? String(row.ipv4) : undefined,\n publicPort: row.public_port ? Number(row.public_port) : undefined,\n subdomain: row.subdomain ? String(row.subdomain) : undefined,\n connectivityStatus: row.connectivity_status ? String(row.connectivity_status) : undefined,\n lastConnectivityCheck: fromDbTimestamp(row.last_connectivity_check),\n };\n }\n\n public async mergeNodeMetadata(nodeId: string, patch: Record<string, unknown>): Promise<void> {\n // Read current metadata\n const current = await this.getNodeMetadata(nodeId);\n if (!current) {\n throw new Error(`Node ${nodeId} not found`);\n }\n\n // Merge in application layer\n const merged = { ...(current.metadata ?? {}), ...patch };\n const payload = JSON.stringify(merged);\n const ts = toDbTimestamp(this.db, new Date());\n\n await executeStatement(this.db, sql`\n UPDATE identity_edge_node\n SET metadata = ${payload},\n updated_at = ${ts}\n WHERE id = ${nodeId}\n `);\n }\n\n public async getNodeMetadata(nodeId: string): Promise<{ nodeId: string; metadata: Record<string, unknown> | null; lastSeen?: Date } | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT id, metadata, last_seen\n FROM identity_edge_node\n WHERE id = ${nodeId}\n LIMIT 1\n `);\n if (result.rows.length === 0) {\n return undefined;\n }\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n metadata: typeof row.metadata === 'string' ? JSON.parse(row.metadata) : (row.metadata ?? null),\n lastSeen: fromDbTimestamp(row.last_seen),\n };\n }\n\n public async replaceNodePods(nodeId: string, pods: string[]): Promise<void> {\n await this.db.transaction(async (tx: IdentityDatabase) => {\n await tx.execute(sql`DELETE FROM identity_edge_node_pod WHERE node_id = ${nodeId}`);\n if (pods.length > 0) {\n const values = pods.map((baseUrl) => sql`(${nodeId}, ${baseUrl})`);\n await tx.execute(sql`\n INSERT INTO identity_edge_node_pod (node_id, base_url)\n VALUES ${sql.join(values, sql`, `)}\n ON CONFLICT DO NOTHING\n `);\n }\n });\n }\n\n public async findNodeByResourcePath(path: string): Promise<{ nodeId: string; baseUrl: string; accessMode?: string; metadata?: Record<string, unknown> | null } | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT en.id,\n en.access_mode,\n en.metadata,\n pods.base_url\n FROM identity_edge_node_pod pods\n JOIN identity_edge_node en ON en.id = pods.node_id\n WHERE ${path} LIKE pods.base_url || '%'\n ORDER BY length(pods.base_url) DESC\n LIMIT 1\n `);\n if (result.rows.length === 0) {\n return undefined;\n }\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n baseUrl: String(row.base_url),\n accessMode: row.access_mode ? String(row.access_mode) : undefined,\n metadata: row.metadata ?? null,\n };\n }\n\n public async findNodeBySubdomain(hostname: string): Promise<{ nodeId: string; accessMode?: string; metadata?: Record<string, unknown> | null; subdomain?: string } | undefined> {\n const normalized = hostname.trim().toLowerCase();\n if (normalized.length === 0) {\n return undefined;\n }\n const result = await executeQuery(this.db, sql`\n SELECT id, access_mode, metadata, subdomain\n FROM identity_edge_node\n WHERE subdomain = ${normalized}\n LIMIT 1\n `);\n if (result.rows.length === 0) {\n return undefined;\n }\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n accessMode: row.access_mode ? String(row.access_mode) : undefined,\n metadata: row.metadata ?? null,\n subdomain: row.subdomain ? String(row.subdomain) : undefined,\n };\n }\n\n public matchesToken(tokenHash: string, token: string): boolean {\n if (!tokenHash || typeof tokenHash !== 'string') {\n return false;\n }\n try {\n const expected = Buffer.from(tokenHash, 'hex');\n const actual = createHash('sha256').update(token).digest();\n if (expected.length !== actual.length) {\n return false;\n }\n return timingSafeEqual(expected, actual);\n } catch {\n return false;\n }\n }\n\n /**\n * Get node capabilities and related information for admin queries\n */\n public async getNodeCapabilities(nodeId: string): Promise<{\n nodeId: string;\n capabilities: Record<string, unknown> | null;\n stringCapabilities: string[] | null;\n accessMode: string | null;\n lastSeen: Date | null;\n connectivityStatus: string | null;\n } | undefined> {\n const row = await this.db\n .select({\n id: edgeNodes.id,\n capabilities: edgeNodes.capabilities,\n metadata: edgeNodes.metadata,\n accessMode: edgeNodes.accessMode,\n lastSeen: edgeNodes.lastSeen,\n connectivityStatus: edgeNodes.connectivityStatus,\n })\n .from(edgeNodes)\n .where(eq(edgeNodes.id, nodeId))\n .limit(1);\n\n if (row.length === 0) {\n return undefined;\n }\n\n const node = row[0];\n const metadata = node.metadata as Record<string, unknown> | null;\n \n return {\n nodeId: node.id,\n capabilities: node.capabilities as Record<string, unknown> | null,\n stringCapabilities: metadata?.capabilities as string[] ?? null,\n accessMode: node.accessMode,\n lastSeen: node.lastSeen,\n connectivityStatus: node.connectivityStatus,\n };\n }\n\n /**\n * List all nodes with their capability information\n */\n public async listNodeCapabilities(): Promise<Array<{\n nodeId: string;\n capabilities: Record<string, unknown> | null;\n stringCapabilities: string[] | null;\n accessMode: string | null;\n lastSeen: Date | null;\n connectivityStatus: string | null;\n }>> {\n const rows = await this.db\n .select({\n id: edgeNodes.id,\n capabilities: edgeNodes.capabilities,\n metadata: edgeNodes.metadata,\n accessMode: edgeNodes.accessMode,\n lastSeen: edgeNodes.lastSeen,\n connectivityStatus: edgeNodes.connectivityStatus,\n })\n .from(edgeNodes)\n .orderBy(edgeNodes.lastSeen);\n\n return rows.map((row: typeof rows[0]) => {\n const metadata = row.metadata as Record<string, unknown> | null;\n \n return {\n nodeId: row.id,\n capabilities: row.capabilities as Record<string, unknown> | null,\n stringCapabilities: metadata?.capabilities as string[] ?? null,\n accessMode: row.accessMode,\n lastSeen: row.lastSeen,\n connectivityStatus: row.connectivityStatus,\n };\n });\n }\n\n // ============ Center Node Methods ============\n\n /**\n * Register or update a center node in the cluster.\n * Center nodes use the same table as edge nodes but with nodeType='center'.\n */\n public async registerCenterNode(options: {\n nodeId: string;\n displayName?: string;\n internalIp: string;\n internalPort: number;\n }): Promise<{ nodeId: string; token: string }> {\n const token = randomBytes(32).toString('base64url');\n const tokenHash = createHash('sha256').update(token).digest('hex');\n const now = Math.floor(Date.now() / 1000); // Unix timestamp for SQLite compatibility\n\n // Use upsert pattern: INSERT ... ON CONFLICT UPDATE\n await executeStatement(this.db, sql`\n INSERT INTO identity_edge_node (\n id, display_name, token_hash, node_type, internal_ip, internal_port,\n connectivity_status, created_at, updated_at, last_seen\n )\n VALUES (\n ${options.nodeId}, ${options.displayName ?? null}, ${tokenHash}, 'center',\n ${options.internalIp}, ${options.internalPort}, 'unknown', ${now}, ${now}, ${now}\n )\n ON CONFLICT (id) DO UPDATE SET\n display_name = EXCLUDED.display_name,\n internal_ip = EXCLUDED.internal_ip,\n internal_port = EXCLUDED.internal_port,\n updated_at = EXCLUDED.updated_at,\n last_seen = EXCLUDED.last_seen\n `);\n\n return { nodeId: options.nodeId, token };\n }\n\n /**\n * Update center node heartbeat with internal endpoint info.\n */\n public async updateCenterNodeHeartbeat(\n nodeId: string,\n internalIp: string,\n internalPort: number,\n timestamp: Date,\n ): Promise<void> {\n const ts = Math.floor(timestamp.getTime() / 1000); // Unix timestamp for SQLite compatibility\n await executeStatement(this.db, sql`\n UPDATE identity_edge_node\n SET internal_ip = ${internalIp},\n internal_port = ${internalPort},\n last_seen = ${ts},\n updated_at = ${ts},\n connectivity_status = 'reachable'\n WHERE id = ${nodeId} AND node_type = 'center'\n `);\n }\n\n /**\n * List all center nodes in the cluster.\n */\n public async listCenterNodes(): Promise<CenterNodeInfo[]> {\n const result = await executeQuery(this.db, sql`\n SELECT id, display_name, internal_ip, internal_port, connectivity_status, last_seen\n FROM identity_edge_node\n WHERE node_type = 'center'\n ORDER BY created_at ASC\n `);\n\n return result.rows.map((row: any): CenterNodeInfo => ({\n nodeId: String(row.id),\n displayName: row.display_name == null ? undefined : String(row.display_name),\n internalIp: String(row.internal_ip ?? ''),\n internalPort: Number(row.internal_port ?? 0),\n connectivityStatus: (row.connectivity_status ?? 'unknown') as 'unknown' | 'reachable' | 'unreachable',\n lastSeen: fromDbTimestamp(row.last_seen),\n }));\n }\n\n /**\n * Get a specific center node by ID.\n */\n public async getCenterNode(nodeId: string): Promise<CenterNodeInfo | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT id, display_name, internal_ip, internal_port, connectivity_status, last_seen\n FROM identity_edge_node\n WHERE id = ${nodeId} AND node_type = 'center'\n LIMIT 1\n `);\n\n if (result.rows.length === 0) {\n return undefined;\n }\n\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n displayName: row.display_name == null ? undefined : String(row.display_name),\n internalIp: String(row.internal_ip ?? ''),\n internalPort: Number(row.internal_port ?? 0),\n connectivityStatus: (row.connectivity_status ?? 'unknown') as 'unknown' | 'reachable' | 'unreachable',\n lastSeen: fromDbTimestamp(row.last_seen),\n };\n }\n\n /**\n * Find a center node by its internal endpoint (for routing).\n */\n public async findCenterNodeByEndpoint(internalIp: string, internalPort: number): Promise<CenterNodeInfo | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT id, display_name, internal_ip, internal_port, connectivity_status, last_seen\n FROM identity_edge_node\n WHERE node_type = 'center' AND internal_ip = ${internalIp} AND internal_port = ${internalPort}\n LIMIT 1\n `);\n\n if (result.rows.length === 0) {\n return undefined;\n }\n\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n displayName: row.display_name == null ? undefined : String(row.display_name),\n internalIp: String(row.internal_ip ?? ''),\n internalPort: Number(row.internal_port ?? 0),\n connectivityStatus: (row.connectivity_status ?? 'unknown') as 'unknown' | 'reachable' | 'unreachable',\n lastSeen: fromDbTimestamp(row.last_seen),\n };\n }\n\n /**\n * Mark a center node as unreachable (for health checks).\n */\n public async markCenterNodeUnreachable(nodeId: string): Promise<void> {\n const ts = toDbTimestamp(this.db, new Date());\n await executeStatement(this.db, sql`\n UPDATE identity_edge_node\n SET connectivity_status = 'unreachable',\n updated_at = ${ts}\n WHERE id = ${nodeId} AND node_type = 'center'\n `);\n }\n\n /**\n * Remove a center node from the cluster.\n */\n public async removeCenterNode(nodeId: string): Promise<boolean> {\n // Note: For SQLite, we can't easily get affected row count, so just execute and return true\n await executeStatement(this.db, sql`\n DELETE FROM identity_edge_node\n WHERE id = ${nodeId} AND node_type = 'center'\n `);\n return true;\n }\n\n // ============ Account-based Node Methods ============\n\n /**\n * List nodes owned by a specific account\n */\n public async listNodesByAccount(accountId: string): Promise<Array<{\n nodeId: string;\n displayName?: string;\n capabilities: Record<string, unknown> | null;\n stringCapabilities: string[] | null;\n accessMode: string | null;\n lastSeen: Date | null;\n connectivityStatus: string | null;\n }>> {\n void accountId;\n return [];\n }\n\n /**\n * Delete a node\n */\n public async deleteNode(nodeId: string): Promise<boolean> {\n // First delete associated pods\n await executeStatement(this.db, sql`\n DELETE FROM identity_edge_node_pod WHERE node_id = ${nodeId}\n `);\n\n // Then delete the node\n const result = await executeQuery(this.db, sql`\n DELETE FROM identity_edge_node\n WHERE id = ${nodeId}\n RETURNING id\n `);\n\n return result.rows.length > 0;\n }\n\n // ============ SP (Storage Provider) Node Methods ============\n\n /**\n * Register or update an SP node (UPSERT by nodeId).\n *\n * SP 本地生成 deviceId 作为 nodeId,注册时带上来。\n * 同一 nodeId 重复注册时更新 publicUrl、token 等,保留原记录。\n * 不传 nodeId 则 Cloud 随机分配。\n */\n public async registerSpNode(options: {\n publicUrl: string;\n displayName?: string;\n /** SP 提供的设备 ID,作为 nodeId(不传则随机生成) */\n nodeId?: string;\n /** SP 提供的 serviceToken,不传则随机生成 */\n serviceToken?: string;\n }): Promise<CreateSpNodeResult> {\n const nodeId = options.nodeId || randomUUID();\n const nodeToken = randomBytes(32).toString('base64url');\n const nodeTokenHash = createHash('sha256').update(nodeToken).digest('hex');\n const serviceToken = options.serviceToken || randomBytes(32).toString('base64url');\n const now = new Date();\n const ts = toDbTimestamp(this.db, now);\n\n await executeStatement(this.db, sql`\n INSERT INTO identity_edge_node (\n id, display_name, token_hash, service_token_hash,\n node_type, public_url,\n connectivity_status, created_at, updated_at\n )\n VALUES (\n ${nodeId}, ${options.displayName ?? null}, ${nodeTokenHash}, ${serviceToken},\n 'sp', ${options.publicUrl}, 'unknown', ${ts}, ${ts}\n )\n ON CONFLICT (id) DO UPDATE SET\n display_name = EXCLUDED.display_name,\n token_hash = EXCLUDED.token_hash,\n service_token_hash = EXCLUDED.service_token_hash,\n public_url = EXCLUDED.public_url,\n updated_at = EXCLUDED.updated_at\n `);\n\n return {\n nodeId,\n nodeToken,\n serviceToken,\n createdAt: now.toISOString(),\n };\n }\n\n /**\n * Get SP node info by nodeId.\n */\n public async getSpNode(nodeId: string): Promise<SpNodeInfo | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT id, display_name, public_url, service_token_hash, last_seen\n FROM identity_edge_node\n WHERE id = ${nodeId} AND node_type = 'sp'\n LIMIT 1\n `);\n\n if (result.rows.length === 0) {\n return undefined;\n }\n\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n displayName: row.display_name == null ? undefined : String(row.display_name),\n publicUrl: String(row.public_url ?? ''),\n serviceTokenHash: String(row.service_token_hash ?? ''),\n lastSeen: fromDbTimestamp(row.last_seen),\n };\n }\n}\n"]}
1
+ {"version":3,"file":"EdgeNodeRepository.js","sourceRoot":"","sources":["../../../src/identity/drizzle/EdgeNodeRepository.ts"],"names":[],"mappings":";;;AAAA,6CAAmF;AACnF,6CAAsC;AAEtC,6BAAsF;AACtF,qCAAqC;AAmDrC,MAAa,kBAAkB;IAC7B,YAAoC,EAAoB;QAApB,OAAE,GAAF,EAAE,CAAkB;IAAG,CAAC;IAErD,KAAK,CAAC,SAAS;QACpB,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;;;;;;;;;;;;;;KAgB7C,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAQ,EAAmB,EAAE;YACnD,MAAM,SAAS,GAAG,IAAA,oBAAe,EAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAClD,MAAM,SAAS,GAAG,IAAA,oBAAe,EAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAClD,MAAM,QAAQ,GAAG,IAAA,oBAAe,EAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YAChD,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;gBACtB,WAAW,EAAE,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC;gBAC5E,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAA6B;gBACjH,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC;gBACpC,SAAS,EAAE,SAAS,EAAE,WAAW,EAAE;gBACnC,SAAS,EAAE,SAAS,EAAE,WAAW,EAAE;gBACnC,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE;gBACjC,QAAQ,EAAE,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,IAAI,IAAI,CAAC;aAC/F,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,UAAU,CAAC,WAAoB,EAAE,UAAmB;QAC/D,MAAM,MAAM,GAAG,IAAA,wBAAU,GAAE,CAAC;QAC5B,MAAM,KAAK,GAAG,IAAA,yBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,SAAS,GAAG,IAAA,wBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,EAAE,GAAG,IAAA,kBAAa,EAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QAEvC,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;gBAEvB,MAAM,KAAK,WAAW,IAAI,IAAI,KAAK,SAAS,KAAK,EAAE,KAAK,EAAE;KACrE,CAAC,CAAC;QAEH,OAAO;YACL,MAAM;YACN,KAAK;YACL,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE;SAC7B,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,YAAY,CAAC,OAAe;QACvC,OAAO,SAAS,CAAC;IACnB,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,MAAc;QACvC,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;mBAG/B,MAAM;;KAEpB,CAAC,CAAC;QACH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,WAAW,EAAE,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC;YAC5E,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC;YACvC,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAA6B;YACjH,QAAQ,EAAE,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,IAAI,IAAI,CAAC;SAC/F,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,mBAAmB,CAAC,MAAc,EAAE,QAAwC,EAAE,SAAe;QACxG,MAAM,OAAO,GAAG,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACnE,MAAM,EAAE,GAAG,IAAA,kBAAa,EAAC,IAAI,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;QAE7C,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;uBAEhB,OAAO;wBACN,EAAE;yBACD,EAAE;mBACR,MAAM;KACpB,CAAC,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,MAAc,EAAE,OAO3C;QACC,MAAM,mBAAmB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC/F,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,EAAE,GAAG,IAAA,kBAAa,EAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QAEvC,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;0BAEb,OAAO,CAAC,UAAU;mBACzB,OAAO,CAAC,IAAI,IAAI,IAAI;0BACb,OAAO,CAAC,UAAU,IAAI,IAAI;wBAC5B,OAAO,CAAC,SAAS,IAAI,IAAI;kCACf,OAAO,CAAC,kBAAkB,IAAI,SAAS;2BAC9C,mBAAmB;sCACR,EAAE;yBACf,EAAE;mBACR,MAAM;KACpB,CAAC,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,uBAAuB,CAAC,MAAc;QASjD,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;;mBAI/B,MAAM;;KAEpB,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,UAAU,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;YACjE,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;YAC7C,UAAU,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;YACjE,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS;YAC5D,kBAAkB,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,SAAS;YACzF,qBAAqB,EAAE,IAAA,oBAAe,EAAC,GAAG,CAAC,uBAAuB,CAAC;SACpE,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,iBAAiB,CAAC,MAAc,EAAE,KAA8B;QAC3E,wBAAwB;QACxB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,QAAQ,MAAM,YAAY,CAAC,CAAC;QAC9C,CAAC;QAED,6BAA6B;QAC7B,MAAM,MAAM,GAAG,EAAE,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,EAAE,GAAG,KAAK,EAAE,CAAC;QACzD,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACvC,MAAM,EAAE,GAAG,IAAA,kBAAa,EAAC,IAAI,CAAC,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;QAE9C,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;uBAEhB,OAAO;yBACL,EAAE;mBACR,MAAM;KACpB,CAAC,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,eAAe,CAAC,MAAc;QACzC,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;mBAG/B,MAAM;;KAEpB,CAAC,CAAC;QACH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,QAAQ,EAAE,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,IAAI,IAAI,CAAC;YAC9F,QAAQ,EAAE,IAAA,oBAAe,EAAC,GAAG,CAAC,SAAS,CAAC;SACzC,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,eAAe,CAAC,MAAc,EAAE,IAAc;QACzD,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,EAAoB,EAAE,EAAE;YACvD,MAAM,EAAE,CAAC,OAAO,CAAC,IAAA,iBAAG,EAAA,sDAAsD,MAAM,EAAE,CAAC,CAAC;YACpF,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpB,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,IAAA,iBAAG,EAAA,IAAI,MAAM,KAAK,OAAO,GAAG,CAAC,CAAC;gBACnE,MAAM,EAAE,CAAC,OAAO,CAAC,IAAA,iBAAG,EAAA;;mBAET,iBAAG,CAAC,IAAI,CAAC,MAAM,EAAE,IAAA,iBAAG,EAAA,IAAI,CAAC;;SAEnC,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,sBAAsB,CAAC,IAAY;QAC9C,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;;;;;cAOpC,IAAI;;;KAGb,CAAC,CAAC;QACH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;YAC7B,UAAU,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;YACjE,QAAQ,EAAE,GAAG,CAAC,QAAQ,IAAI,IAAI;SAC/B,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,mBAAmB,CAAC,QAAgB;QAC/C,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACjD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5B,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;0BAGxB,UAAU;;KAE/B,CAAC,CAAC;QACH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,UAAU,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;YACjE,QAAQ,EAAE,GAAG,CAAC,QAAQ,IAAI,IAAI;YAC9B,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS;SAC7D,CAAC;IACJ,CAAC;IAEM,YAAY,CAAC,SAAiB,EAAE,KAAa;QAClD,IAAI,CAAC,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;YAChD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;YAC/C,MAAM,MAAM,GAAG,IAAA,wBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC;YAC3D,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM,EAAE,CAAC;gBACtC,OAAO,KAAK,CAAC;YACf,CAAC;YACD,OAAO,IAAA,6BAAe,EAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,mBAAmB,CAAC,MAAc;QAQ7C,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,EAAE;aACtB,MAAM,CAAC;YACN,EAAE,EAAE,kBAAS,CAAC,EAAE;YAChB,YAAY,EAAE,kBAAS,CAAC,YAAY;YACpC,QAAQ,EAAE,kBAAS,CAAC,QAAQ;YAC5B,UAAU,EAAE,kBAAS,CAAC,UAAU;YAChC,QAAQ,EAAE,kBAAS,CAAC,QAAQ;YAC5B,kBAAkB,EAAE,kBAAS,CAAC,kBAAkB;SACjD,CAAC;aACD,IAAI,CAAC,kBAAS,CAAC;aACf,KAAK,CAAC,IAAA,gBAAE,EAAC,kBAAS,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;aAC/B,KAAK,CAAC,CAAC,CAAC,CAAC;QAEZ,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrB,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QACpB,MAAM,QAAQ,GAAG,IAAI,CAAC,QAA0C,CAAC;QAEjE,OAAO;YACL,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,YAAY,EAAE,IAAI,CAAC,YAA8C;YACjE,kBAAkB,EAAE,QAAQ,EAAE,YAAwB,IAAI,IAAI;YAC9D,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,kBAAkB,EAAE,IAAI,CAAC,kBAAkB;SAC5C,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB;QAQ/B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,EAAE;aACvB,MAAM,CAAC;YACN,EAAE,EAAE,kBAAS,CAAC,EAAE;YAChB,YAAY,EAAE,kBAAS,CAAC,YAAY;YACpC,QAAQ,EAAE,kBAAS,CAAC,QAAQ;YAC5B,UAAU,EAAE,kBAAS,CAAC,UAAU;YAChC,QAAQ,EAAE,kBAAS,CAAC,QAAQ;YAC5B,kBAAkB,EAAE,kBAAS,CAAC,kBAAkB;SACjD,CAAC;aACD,IAAI,CAAC,kBAAS,CAAC;aACf,OAAO,CAAC,kBAAS,CAAC,QAAQ,CAAC,CAAC;QAE/B,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAmB,EAAE,EAAE;YACtC,MAAM,QAAQ,GAAG,GAAG,CAAC,QAA0C,CAAC;YAEhE,OAAO;gBACL,MAAM,EAAE,GAAG,CAAC,EAAE;gBACd,YAAY,EAAE,GAAG,CAAC,YAA8C;gBAChE,kBAAkB,EAAE,QAAQ,EAAE,YAAwB,IAAI,IAAI;gBAC9D,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,kBAAkB,EAAE,GAAG,CAAC,kBAAkB;aAC3C,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAEhD;;;OAGG;IACI,KAAK,CAAC,kBAAkB,CAAC,OAK/B;QACC,MAAM,KAAK,GAAG,IAAA,yBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,SAAS,GAAG,IAAA,wBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,0CAA0C;QAErF,oDAAoD;QACpD,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;;;;UAM7B,OAAO,CAAC,MAAM,KAAK,OAAO,CAAC,WAAW,IAAI,IAAI,KAAK,SAAS;UAC5D,OAAO,CAAC,UAAU,KAAK,OAAO,CAAC,YAAY,gBAAgB,GAAG,KAAK,GAAG,KAAK,GAAG;;;;;;;;KAQnF,CAAC,CAAC;QAEH,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC;IAC3C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,yBAAyB,CACpC,MAAc,EACd,UAAkB,EAClB,YAAoB,EACpB,SAAe;QAEf,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,0CAA0C;QAC7F,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;0BAEb,UAAU;4BACR,YAAY;wBAChB,EAAE;yBACD,EAAE;;mBAER,MAAM;KACpB,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,eAAe;QAC1B,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;;;KAK7C,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAQ,EAAkB,EAAE,CAAC,CAAC;YACpD,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,WAAW,EAAE,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC;YAC5E,UAAU,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;YACzC,YAAY,EAAE,MAAM,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,CAAC;YAC5C,kBAAkB,EAAE,CAAC,GAAG,CAAC,mBAAmB,IAAI,SAAS,CAA4C;YACrG,QAAQ,EAAE,IAAA,oBAAe,EAAC,GAAG,CAAC,SAAS,CAAC;SACzC,CAAC,CAAC,CAAC;IACN,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,aAAa,CAAC,MAAc;QACvC,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;mBAG/B,MAAM;;KAEpB,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,WAAW,EAAE,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC;YAC5E,UAAU,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;YACzC,YAAY,EAAE,MAAM,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,CAAC;YAC5C,kBAAkB,EAAE,CAAC,GAAG,CAAC,mBAAmB,IAAI,SAAS,CAA4C;YACrG,QAAQ,EAAE,IAAA,oBAAe,EAAC,GAAG,CAAC,SAAS,CAAC;SACzC,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,wBAAwB,CAAC,UAAkB,EAAE,YAAoB;QAC5E,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;qDAGG,UAAU,wBAAwB,YAAY;;KAE9F,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,WAAW,EAAE,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC;YAC5E,UAAU,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;YACzC,YAAY,EAAE,MAAM,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,CAAC;YAC5C,kBAAkB,EAAE,CAAC,GAAG,CAAC,mBAAmB,IAAI,SAAS,CAA4C;YACrG,QAAQ,EAAE,IAAA,oBAAe,EAAC,GAAG,CAAC,SAAS,CAAC;SACzC,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,yBAAyB,CAAC,MAAc;QACnD,MAAM,EAAE,GAAG,IAAA,kBAAa,EAAC,IAAI,CAAC,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;QAC9C,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;yBAGd,EAAE;mBACR,MAAM;KACpB,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,gBAAgB,CAAC,MAAc;QAC1C,4FAA4F;QAC5F,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;mBAEpB,MAAM;KACpB,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAED,uDAAuD;IAEvD;;OAEG;IACI,KAAK,CAAC,kBAAkB,CAAC,SAAiB;QAS/C,KAAK,SAAS,CAAC;QACf,OAAO,EAAE,CAAC;IACZ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,UAAU,CAAC,MAAc;QACpC,+BAA+B;QAC/B,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;2DACoB,MAAM;KAC5D,CAAC,CAAC;QAEH,uBAAuB;QACvB,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;mBAE/B,MAAM;;KAEpB,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAChC,CAAC;IAED,+DAA+D;IAE/D;;;;;;OAMG;IACI,KAAK,CAAC,cAAc,CAAC,OAS3B;QACC,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,IAAA,wBAAU,GAAE,CAAC;QAC9C,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,IAAA,yBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QAC7E,MAAM,aAAa,GAAG,IAAA,wBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC3E,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,IAAA,yBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACnF,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,EAAE,GAAG,IAAA,kBAAa,EAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QAEvC,MAAM,IAAA,qBAAgB,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;;;;;UAO7B,MAAM,KAAK,OAAO,CAAC,WAAW,IAAI,IAAI,KAAK,aAAa,KAAK,YAAY;gBACnE,OAAO,CAAC,SAAS,gBAAgB,EAAE,KAAK,EAAE;;;;;;;;KAQrD,CAAC,CAAC;QAEH,OAAO;YACL,MAAM;YACN,SAAS;YACT,YAAY;YACZ,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE;SAC7B,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,SAAS,CAAC,MAAc;QACnC,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAY,EAAC,IAAI,CAAC,EAAE,EAAE,IAAA,iBAAG,EAAA;;;mBAG/B,MAAM;;KAEpB,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAQ,CAAC;QAClC,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,WAAW,EAAE,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC;YAC5E,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC;YACvC,gBAAgB,EAAE,MAAM,CAAC,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAAC;YACtD,QAAQ,EAAE,IAAA,oBAAe,EAAC,GAAG,CAAC,SAAS,CAAC;SACzC,CAAC;IACJ,CAAC;CACF;AA3mBD,gDA2mBC","sourcesContent":["import { randomBytes, randomUUID, createHash, timingSafeEqual } from 'node:crypto';\nimport { sql, eq } from 'drizzle-orm';\nimport type { IdentityDatabase } from './db';\nimport { executeStatement, executeQuery, toDbTimestamp, fromDbTimestamp } from './db';\nimport { edgeNodes } from './schema';\n\nexport interface EdgeNodeSummary {\n nodeId: string;\n displayName?: string;\n nodeType: 'center' | 'edge' | 'sp';\n podCount: number;\n createdAt?: string;\n updatedAt?: string;\n lastSeen?: string;\n metadata?: Record<string, unknown> | null;\n}\n\nexport interface CreateEdgeNodeResult {\n nodeId: string;\n token: string;\n createdAt: string;\n}\n\nexport interface EdgeNodeSecret {\n nodeId: string;\n displayName?: string;\n tokenHash: string;\n nodeType: 'center' | 'edge' | 'sp';\n metadata?: Record<string, unknown> | null;\n}\n\nexport interface CenterNodeInfo {\n nodeId: string;\n displayName?: string;\n internalIp: string;\n internalPort: number;\n connectivityStatus: 'unknown' | 'reachable' | 'unreachable';\n lastSeen?: Date;\n}\n\nexport interface CreateSpNodeResult {\n nodeId: string;\n nodeToken: string;\n serviceToken: string;\n createdAt: string;\n}\n\nexport interface SpNodeInfo {\n nodeId: string;\n displayName?: string;\n publicUrl: string;\n serviceTokenHash: string;\n lastSeen?: Date;\n}\n\nexport class EdgeNodeRepository {\n public constructor(private readonly db: IdentityDatabase) {}\n\n public async listNodes(): Promise<EdgeNodeSummary[]> {\n const result = await executeQuery(this.db, sql`\n SELECT en.id,\n en.display_name,\n en.node_type,\n en.created_at,\n en.updated_at,\n en.last_seen,\n en.metadata,\n COALESCE(pods.count, 0) AS pod_count\n FROM identity_edge_node en\n LEFT JOIN (\n SELECT node_id, COUNT(*) AS count\n FROM identity_edge_node_pod\n GROUP BY node_id\n ) pods ON pods.node_id = en.id\n ORDER BY en.created_at ASC\n `);\n\n return result.rows.map((row: any): EdgeNodeSummary => {\n const createdAt = fromDbTimestamp(row.created_at);\n const updatedAt = fromDbTimestamp(row.updated_at);\n const lastSeen = fromDbTimestamp(row.last_seen);\n return {\n nodeId: String(row.id),\n displayName: row.display_name == null ? undefined : String(row.display_name),\n nodeType: (['center', 'edge', 'sp'].includes(row.node_type) ? row.node_type : 'edge') as 'center' | 'edge' | 'sp',\n podCount: Number(row.pod_count ?? 0),\n createdAt: createdAt?.toISOString(),\n updatedAt: updatedAt?.toISOString(),\n lastSeen: lastSeen?.toISOString(),\n metadata: typeof row.metadata === 'string' ? JSON.parse(row.metadata) : (row.metadata ?? null),\n };\n });\n }\n\n public async createNode(displayName?: string, _accountId?: string): Promise<CreateEdgeNodeResult> {\n const nodeId = randomUUID();\n const token = randomBytes(32).toString('base64url');\n const tokenHash = createHash('sha256').update(token).digest('hex');\n const now = new Date();\n const ts = toDbTimestamp(this.db, now);\n\n await executeStatement(this.db, sql`\n INSERT INTO identity_edge_node (id, display_name, token_hash, created_at, updated_at)\n VALUES (${nodeId}, ${displayName ?? null}, ${tokenHash}, ${ts}, ${ts})\n `);\n\n return {\n nodeId,\n token,\n createdAt: now.toISOString(),\n };\n }\n\n /**\n * Node/account 关系待产品化后单独建模;当前阶段不再在节点表上持久化账号归属。\n */\n public async getNodeOwner(_nodeId: string): Promise<string | undefined> {\n return undefined;\n }\n\n public async getNodeSecret(nodeId: string): Promise<EdgeNodeSecret | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT id, display_name, token_hash, node_type, metadata\n FROM identity_edge_node\n WHERE id = ${nodeId}\n LIMIT 1\n `);\n if (result.rows.length === 0) {\n return undefined;\n }\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n displayName: row.display_name == null ? undefined : String(row.display_name),\n tokenHash: String(row.token_hash ?? ''),\n nodeType: (['center', 'edge', 'sp'].includes(row.node_type) ? row.node_type : 'edge') as 'center' | 'edge' | 'sp',\n metadata: typeof row.metadata === 'string' ? JSON.parse(row.metadata) : (row.metadata ?? null),\n };\n }\n\n public async updateNodeHeartbeat(nodeId: string, metadata: Record<string, unknown> | null, timestamp: Date): Promise<void> {\n const payload = metadata == null ? null : JSON.stringify(metadata);\n const ts = toDbTimestamp(this.db, timestamp);\n\n await executeStatement(this.db, sql`\n UPDATE identity_edge_node\n SET metadata = ${payload},\n last_seen = ${ts},\n updated_at = ${ts}\n WHERE id = ${nodeId}\n `);\n }\n\n public async updateNodeMode(nodeId: string, options: {\n accessMode: 'direct' | 'proxy';\n ipv4?: string;\n publicPort?: number;\n subdomain?: string;\n connectivityStatus?: 'unknown' | 'reachable' | 'unreachable';\n capabilities?: Record<string, unknown>;\n }): Promise<void> {\n const capabilitiesPayload = options.capabilities ? JSON.stringify(options.capabilities) : null;\n const now = new Date();\n const ts = toDbTimestamp(this.db, now);\n\n await executeStatement(this.db, sql`\n UPDATE identity_edge_node\n SET access_mode = ${options.accessMode},\n ipv4 = ${options.ipv4 ?? null},\n public_port = ${options.publicPort ?? null},\n subdomain = ${options.subdomain ?? null},\n connectivity_status = ${options.connectivityStatus ?? 'unknown'},\n capabilities = ${capabilitiesPayload},\n last_connectivity_check = ${ts},\n updated_at = ${ts}\n WHERE id = ${nodeId}\n `);\n }\n\n public async getNodeConnectivityInfo(nodeId: string): Promise<{\n nodeId: string;\n accessMode?: string;\n ipv4?: string;\n publicPort?: number;\n subdomain?: string;\n connectivityStatus?: string;\n lastConnectivityCheck?: Date;\n } | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT id, access_mode, ipv4, public_port, subdomain,\n connectivity_status, last_connectivity_check\n FROM identity_edge_node\n WHERE id = ${nodeId}\n LIMIT 1\n `);\n\n if (result.rows.length === 0) {\n return undefined;\n }\n\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n accessMode: row.access_mode ? String(row.access_mode) : undefined,\n ipv4: row.ipv4 ? String(row.ipv4) : undefined,\n publicPort: row.public_port ? Number(row.public_port) : undefined,\n subdomain: row.subdomain ? String(row.subdomain) : undefined,\n connectivityStatus: row.connectivity_status ? String(row.connectivity_status) : undefined,\n lastConnectivityCheck: fromDbTimestamp(row.last_connectivity_check),\n };\n }\n\n public async mergeNodeMetadata(nodeId: string, patch: Record<string, unknown>): Promise<void> {\n // Read current metadata\n const current = await this.getNodeMetadata(nodeId);\n if (!current) {\n throw new Error(`Node ${nodeId} not found`);\n }\n\n // Merge in application layer\n const merged = { ...(current.metadata ?? {}), ...patch };\n const payload = JSON.stringify(merged);\n const ts = toDbTimestamp(this.db, new Date());\n\n await executeStatement(this.db, sql`\n UPDATE identity_edge_node\n SET metadata = ${payload},\n updated_at = ${ts}\n WHERE id = ${nodeId}\n `);\n }\n\n public async getNodeMetadata(nodeId: string): Promise<{ nodeId: string; metadata: Record<string, unknown> | null; lastSeen?: Date } | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT id, metadata, last_seen\n FROM identity_edge_node\n WHERE id = ${nodeId}\n LIMIT 1\n `);\n if (result.rows.length === 0) {\n return undefined;\n }\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n metadata: typeof row.metadata === 'string' ? JSON.parse(row.metadata) : (row.metadata ?? null),\n lastSeen: fromDbTimestamp(row.last_seen),\n };\n }\n\n public async replaceNodePods(nodeId: string, pods: string[]): Promise<void> {\n await this.db.transaction(async (tx: IdentityDatabase) => {\n await tx.execute(sql`DELETE FROM identity_edge_node_pod WHERE node_id = ${nodeId}`);\n if (pods.length > 0) {\n const values = pods.map((baseUrl) => sql`(${nodeId}, ${baseUrl})`);\n await tx.execute(sql`\n INSERT INTO identity_edge_node_pod (node_id, base_url)\n VALUES ${sql.join(values, sql`, `)}\n ON CONFLICT DO NOTHING\n `);\n }\n });\n }\n\n public async findNodeByResourcePath(path: string): Promise<{ nodeId: string; baseUrl: string; accessMode?: string; metadata?: Record<string, unknown> | null } | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT en.id,\n en.access_mode,\n en.metadata,\n pods.base_url\n FROM identity_edge_node_pod pods\n JOIN identity_edge_node en ON en.id = pods.node_id\n WHERE ${path} LIKE pods.base_url || '%'\n ORDER BY length(pods.base_url) DESC\n LIMIT 1\n `);\n if (result.rows.length === 0) {\n return undefined;\n }\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n baseUrl: String(row.base_url),\n accessMode: row.access_mode ? String(row.access_mode) : undefined,\n metadata: row.metadata ?? null,\n };\n }\n\n public async findNodeBySubdomain(hostname: string): Promise<{ nodeId: string; accessMode?: string; metadata?: Record<string, unknown> | null; subdomain?: string } | undefined> {\n const normalized = hostname.trim().toLowerCase();\n if (normalized.length === 0) {\n return undefined;\n }\n const result = await executeQuery(this.db, sql`\n SELECT id, access_mode, metadata, subdomain\n FROM identity_edge_node\n WHERE subdomain = ${normalized}\n LIMIT 1\n `);\n if (result.rows.length === 0) {\n return undefined;\n }\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n accessMode: row.access_mode ? String(row.access_mode) : undefined,\n metadata: row.metadata ?? null,\n subdomain: row.subdomain ? String(row.subdomain) : undefined,\n };\n }\n\n public matchesToken(tokenHash: string, token: string): boolean {\n if (!tokenHash || typeof tokenHash !== 'string') {\n return false;\n }\n try {\n const expected = Buffer.from(tokenHash, 'hex');\n const actual = createHash('sha256').update(token).digest();\n if (expected.length !== actual.length) {\n return false;\n }\n return timingSafeEqual(expected, actual);\n } catch {\n return false;\n }\n }\n\n /**\n * Get node capabilities and related information for admin queries\n */\n public async getNodeCapabilities(nodeId: string): Promise<{\n nodeId: string;\n capabilities: Record<string, unknown> | null;\n stringCapabilities: string[] | null;\n accessMode: string | null;\n lastSeen: Date | null;\n connectivityStatus: string | null;\n } | undefined> {\n const row = await this.db\n .select({\n id: edgeNodes.id,\n capabilities: edgeNodes.capabilities,\n metadata: edgeNodes.metadata,\n accessMode: edgeNodes.accessMode,\n lastSeen: edgeNodes.lastSeen,\n connectivityStatus: edgeNodes.connectivityStatus,\n })\n .from(edgeNodes)\n .where(eq(edgeNodes.id, nodeId))\n .limit(1);\n\n if (row.length === 0) {\n return undefined;\n }\n\n const node = row[0];\n const metadata = node.metadata as Record<string, unknown> | null;\n \n return {\n nodeId: node.id,\n capabilities: node.capabilities as Record<string, unknown> | null,\n stringCapabilities: metadata?.capabilities as string[] ?? null,\n accessMode: node.accessMode,\n lastSeen: node.lastSeen,\n connectivityStatus: node.connectivityStatus,\n };\n }\n\n /**\n * List all nodes with their capability information\n */\n public async listNodeCapabilities(): Promise<Array<{\n nodeId: string;\n capabilities: Record<string, unknown> | null;\n stringCapabilities: string[] | null;\n accessMode: string | null;\n lastSeen: Date | null;\n connectivityStatus: string | null;\n }>> {\n const rows = await this.db\n .select({\n id: edgeNodes.id,\n capabilities: edgeNodes.capabilities,\n metadata: edgeNodes.metadata,\n accessMode: edgeNodes.accessMode,\n lastSeen: edgeNodes.lastSeen,\n connectivityStatus: edgeNodes.connectivityStatus,\n })\n .from(edgeNodes)\n .orderBy(edgeNodes.lastSeen);\n\n return rows.map((row: typeof rows[0]) => {\n const metadata = row.metadata as Record<string, unknown> | null;\n \n return {\n nodeId: row.id,\n capabilities: row.capabilities as Record<string, unknown> | null,\n stringCapabilities: metadata?.capabilities as string[] ?? null,\n accessMode: row.accessMode,\n lastSeen: row.lastSeen,\n connectivityStatus: row.connectivityStatus,\n };\n });\n }\n\n // ============ Center Node Methods ============\n\n /**\n * Register or update a center node in the cluster.\n * Center nodes use the same table as edge nodes but with nodeType='center'.\n */\n public async registerCenterNode(options: {\n nodeId: string;\n displayName?: string;\n internalIp: string;\n internalPort: number;\n }): Promise<{ nodeId: string; token: string }> {\n const token = randomBytes(32).toString('base64url');\n const tokenHash = createHash('sha256').update(token).digest('hex');\n const now = Math.floor(Date.now() / 1000); // Unix timestamp for SQLite compatibility\n\n // Use upsert pattern: INSERT ... ON CONFLICT UPDATE\n await executeStatement(this.db, sql`\n INSERT INTO identity_edge_node (\n id, display_name, token_hash, node_type, internal_ip, internal_port,\n connectivity_status, created_at, updated_at, last_seen\n )\n VALUES (\n ${options.nodeId}, ${options.displayName ?? null}, ${tokenHash}, 'center',\n ${options.internalIp}, ${options.internalPort}, 'unknown', ${now}, ${now}, ${now}\n )\n ON CONFLICT (id) DO UPDATE SET\n display_name = EXCLUDED.display_name,\n internal_ip = EXCLUDED.internal_ip,\n internal_port = EXCLUDED.internal_port,\n updated_at = EXCLUDED.updated_at,\n last_seen = EXCLUDED.last_seen\n `);\n\n return { nodeId: options.nodeId, token };\n }\n\n /**\n * Update center node heartbeat with internal endpoint info.\n */\n public async updateCenterNodeHeartbeat(\n nodeId: string,\n internalIp: string,\n internalPort: number,\n timestamp: Date,\n ): Promise<void> {\n const ts = Math.floor(timestamp.getTime() / 1000); // Unix timestamp for SQLite compatibility\n await executeStatement(this.db, sql`\n UPDATE identity_edge_node\n SET internal_ip = ${internalIp},\n internal_port = ${internalPort},\n last_seen = ${ts},\n updated_at = ${ts},\n connectivity_status = 'reachable'\n WHERE id = ${nodeId} AND node_type = 'center'\n `);\n }\n\n /**\n * List all center nodes in the cluster.\n */\n public async listCenterNodes(): Promise<CenterNodeInfo[]> {\n const result = await executeQuery(this.db, sql`\n SELECT id, display_name, internal_ip, internal_port, connectivity_status, last_seen\n FROM identity_edge_node\n WHERE node_type = 'center'\n ORDER BY created_at ASC\n `);\n\n return result.rows.map((row: any): CenterNodeInfo => ({\n nodeId: String(row.id),\n displayName: row.display_name == null ? undefined : String(row.display_name),\n internalIp: String(row.internal_ip ?? ''),\n internalPort: Number(row.internal_port ?? 0),\n connectivityStatus: (row.connectivity_status ?? 'unknown') as 'unknown' | 'reachable' | 'unreachable',\n lastSeen: fromDbTimestamp(row.last_seen),\n }));\n }\n\n /**\n * Get a specific center node by ID.\n */\n public async getCenterNode(nodeId: string): Promise<CenterNodeInfo | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT id, display_name, internal_ip, internal_port, connectivity_status, last_seen\n FROM identity_edge_node\n WHERE id = ${nodeId} AND node_type = 'center'\n LIMIT 1\n `);\n\n if (result.rows.length === 0) {\n return undefined;\n }\n\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n displayName: row.display_name == null ? undefined : String(row.display_name),\n internalIp: String(row.internal_ip ?? ''),\n internalPort: Number(row.internal_port ?? 0),\n connectivityStatus: (row.connectivity_status ?? 'unknown') as 'unknown' | 'reachable' | 'unreachable',\n lastSeen: fromDbTimestamp(row.last_seen),\n };\n }\n\n /**\n * Find a center node by its internal endpoint (for routing).\n */\n public async findCenterNodeByEndpoint(internalIp: string, internalPort: number): Promise<CenterNodeInfo | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT id, display_name, internal_ip, internal_port, connectivity_status, last_seen\n FROM identity_edge_node\n WHERE node_type = 'center' AND internal_ip = ${internalIp} AND internal_port = ${internalPort}\n LIMIT 1\n `);\n\n if (result.rows.length === 0) {\n return undefined;\n }\n\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n displayName: row.display_name == null ? undefined : String(row.display_name),\n internalIp: String(row.internal_ip ?? ''),\n internalPort: Number(row.internal_port ?? 0),\n connectivityStatus: (row.connectivity_status ?? 'unknown') as 'unknown' | 'reachable' | 'unreachable',\n lastSeen: fromDbTimestamp(row.last_seen),\n };\n }\n\n /**\n * Mark a center node as unreachable (for health checks).\n */\n public async markCenterNodeUnreachable(nodeId: string): Promise<void> {\n const ts = toDbTimestamp(this.db, new Date());\n await executeStatement(this.db, sql`\n UPDATE identity_edge_node\n SET connectivity_status = 'unreachable',\n updated_at = ${ts}\n WHERE id = ${nodeId} AND node_type = 'center'\n `);\n }\n\n /**\n * Remove a center node from the cluster.\n */\n public async removeCenterNode(nodeId: string): Promise<boolean> {\n // Note: For SQLite, we can't easily get affected row count, so just execute and return true\n await executeStatement(this.db, sql`\n DELETE FROM identity_edge_node\n WHERE id = ${nodeId} AND node_type = 'center'\n `);\n return true;\n }\n\n // ============ Account-based Node Methods ============\n\n /**\n * List nodes owned by a specific account\n */\n public async listNodesByAccount(accountId: string): Promise<Array<{\n nodeId: string;\n displayName?: string;\n capabilities: Record<string, unknown> | null;\n stringCapabilities: string[] | null;\n accessMode: string | null;\n lastSeen: Date | null;\n connectivityStatus: string | null;\n }>> {\n void accountId;\n return [];\n }\n\n /**\n * Delete a node\n */\n public async deleteNode(nodeId: string): Promise<boolean> {\n // First delete associated pods\n await executeStatement(this.db, sql`\n DELETE FROM identity_edge_node_pod WHERE node_id = ${nodeId}\n `);\n\n // Then delete the node\n const result = await executeQuery(this.db, sql`\n DELETE FROM identity_edge_node\n WHERE id = ${nodeId}\n RETURNING id\n `);\n\n return result.rows.length > 0;\n }\n\n // ============ SP (Storage Provider) Node Methods ============\n\n /**\n * Register or update an SP node (UPSERT by nodeId).\n *\n * SP 本地生成 deviceId 作为 nodeId,注册时带上来。\n * 同一 nodeId 重复注册时更新 publicUrl、token 等,保留原记录。\n * 不传 nodeId 则 Cloud 随机分配。\n */\n public async registerSpNode(options: {\n publicUrl: string;\n displayName?: string;\n /** SP 提供的设备 ID,作为 nodeId(不传则随机生成) */\n nodeId?: string;\n /** SP 已保存的 nodeToken,重复注册时用于保留旧凭证 */\n nodeToken?: string;\n /** SP 提供的 serviceToken,不传则随机生成 */\n serviceToken?: string;\n }): Promise<CreateSpNodeResult> {\n const nodeId = options.nodeId || randomUUID();\n const nodeToken = options.nodeToken || randomBytes(32).toString('base64url');\n const nodeTokenHash = createHash('sha256').update(nodeToken).digest('hex');\n const serviceToken = options.serviceToken || randomBytes(32).toString('base64url');\n const now = new Date();\n const ts = toDbTimestamp(this.db, now);\n\n await executeStatement(this.db, sql`\n INSERT INTO identity_edge_node (\n id, display_name, token_hash, service_token_hash,\n node_type, public_url,\n connectivity_status, created_at, updated_at\n )\n VALUES (\n ${nodeId}, ${options.displayName ?? null}, ${nodeTokenHash}, ${serviceToken},\n 'sp', ${options.publicUrl}, 'unknown', ${ts}, ${ts}\n )\n ON CONFLICT (id) DO UPDATE SET\n display_name = EXCLUDED.display_name,\n token_hash = EXCLUDED.token_hash,\n service_token_hash = EXCLUDED.service_token_hash,\n public_url = EXCLUDED.public_url,\n updated_at = EXCLUDED.updated_at\n `);\n\n return {\n nodeId,\n nodeToken,\n serviceToken,\n createdAt: now.toISOString(),\n };\n }\n\n /**\n * Get SP node info by nodeId.\n */\n public async getSpNode(nodeId: string): Promise<SpNodeInfo | undefined> {\n const result = await executeQuery(this.db, sql`\n SELECT id, display_name, public_url, service_token_hash, last_seen\n FROM identity_edge_node\n WHERE id = ${nodeId} AND node_type = 'sp'\n LIMIT 1\n `);\n\n if (result.rows.length === 0) {\n return undefined;\n }\n\n const row = result.rows[0] as any;\n return {\n nodeId: String(row.id),\n displayName: row.display_name == null ? undefined : String(row.display_name),\n publicUrl: String(row.public_url ?? ''),\n serviceTokenHash: String(row.service_token_hash ?? ''),\n lastSeen: fromDbTimestamp(row.last_seen),\n };\n }\n}\n"]}
package/dist/subdomain/SubdomainClient.d.ts CHANGED
@@ -47,6 +47,9 @@ export interface DdnsAllocationResult {
47
47
  fqdn: string;
48
48
  ipAddress?: string;
49
49
  ipv6Address?: string;
50
+ tunnelProvider?: string;
51
+ tunnelToken?: string;
52
+ tunnelEndpoint?: string;
50
53
  createdAt: string;
51
54
  }
52
55
  export interface DdnsUpdateResult {
@@ -56,6 +59,9 @@ export interface DdnsUpdateResult {
56
59
  fqdn: string;
57
60
  ipAddress?: string;
58
61
  ipv6Address?: string;
62
+ tunnelProvider?: string;
63
+ tunnelToken?: string;
64
+ tunnelEndpoint?: string;
59
65
  updatedAt: string;
60
66
  }
61
67
  export interface DdnsRecordInfo {
@@ -67,6 +73,7 @@ export interface DdnsRecordInfo {
67
73
  recordType: string;
68
74
  status: string;
69
75
  ttl: number;
76
+ tunnelProvider?: string;
70
77
  createdAt: string;
71
78
  updatedAt: string;
72
79
  }
@@ -135,6 +142,7 @@ export declare class SubdomainClient {
135
142
  ipv6Address?: string;
136
143
  mode?: 'direct' | 'tunnel';
137
144
  tunnelProvider?: string;
145
+ localPort?: number;
138
146
  }): Promise<DdnsAllocationResult>;
139
147
  /**
140
148
  * 更新 DDNS 记录
@@ -144,6 +152,7 @@ export declare class SubdomainClient {
144
152
  ipv6Address?: string;
145
153
  mode?: 'direct' | 'tunnel';
146
154
  tunnelProvider?: string;
155
+ localPort?: number;
147
156
  }): Promise<DdnsUpdateResult>;
148
157
  /**
149
158
  * 获取 DDNS 记录
package/dist/subdomain/SubdomainClient.js CHANGED
@@ -131,6 +131,7 @@ class SubdomainClient {
131
131
  ipv6Address: options.ipv6Address,
132
132
  mode: options.mode,
133
133
  tunnelProvider: options.tunnelProvider,
134
+ localPort: options.localPort,
134
135
  }),
135
136
  });
136
137
  return response;
@@ -147,6 +148,7 @@ class SubdomainClient {
147
148
  ipv6Address: options.ipv6Address,
148
149
  mode: options.mode,
149
150
  tunnelProvider: options.tunnelProvider,
151
+ localPort: options.localPort,
150
152
  }),
151
153
  });
152
154
  return response;