@upstash/qstash 2.5.0 → 2.5.1

package/nextjs.js

@@ -0,0 +1,142 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } } function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }
+
+var _chunkUUR7N6E6js = require('./chunk-UUR7N6E6.js');
+
+// src/nextjs.ts
+var _server = require('next/server');
+var BAD_REQUEST = 400;
+function verifySignature(handler, config) {
+  const currentSigningKey = _nullishCoalesce(_optionalChain([config, 'optionalAccess', _ => _.currentSigningKey]), () => ( process.env.QSTASH_CURRENT_SIGNING_KEY));
+  if (!currentSigningKey) {
+    throw new Error(
+      "currentSigningKey is required, either in the config or as env variable QSTASH_CURRENT_SIGNING_KEY"
+    );
+  }
+  const nextSigningKey = _nullishCoalesce(_optionalChain([config, 'optionalAccess', _2 => _2.nextSigningKey]), () => ( process.env.QSTASH_NEXT_SIGNING_KEY));
+  if (!nextSigningKey) {
+    throw new Error(
+      "nextSigningKey is required, either in the config or as env variable QSTASH_NEXT_SIGNING_KEY"
+    );
+  }
+  const receiver = new (0, _chunkUUR7N6E6js.Receiver)({
+    currentSigningKey,
+    nextSigningKey
+  });
+  return async (request, response) => {
+    const signature = request.headers["upstash-signature"];
+    if (!signature) {
+      response.status(BAD_REQUEST);
+      response.send("`Upstash-Signature` header is missing");
+      response.end();
+      return;
+    }
+    if (typeof signature !== "string") {
+      throw new TypeError("`Upstash-Signature` header is not a string");
+    }
+    const chunks = [];
+    for await (const chunk of request) {
+      chunks.push(typeof chunk === "string" ? Buffer.from(chunk) : chunk);
+    }
+    const body = Buffer.concat(chunks).toString("utf8");
+    const isValid = await receiver.verify({
+      signature,
+      body,
+      clockTolerance: _optionalChain([config, 'optionalAccess', _3 => _3.clockTolerance])
+    });
+    if (!isValid) {
+      response.status(BAD_REQUEST);
+      response.send("Invalid signature");
+      response.end();
+      return;
+    }
+    try {
+      request.body = request.headers["content-type"] === "application/json" ? JSON.parse(body) : body;
+    } catch (e) {
+      request.body = body;
+    }
+    return handler(request, response);
+  };
+}
+function verifySignatureEdge(handler, config) {
+  const currentSigningKey = _nullishCoalesce(_optionalChain([config, 'optionalAccess', _4 => _4.currentSigningKey]), () => ( process.env.QSTASH_CURRENT_SIGNING_KEY));
+  if (!currentSigningKey) {
+    throw new Error(
+      "currentSigningKey is required, either in the config or as env variable QSTASH_CURRENT_SIGNING_KEY"
+    );
+  }
+  const nextSigningKey = _nullishCoalesce(_optionalChain([config, 'optionalAccess', _5 => _5.nextSigningKey]), () => ( process.env.QSTASH_NEXT_SIGNING_KEY));
+  if (!nextSigningKey) {
+    throw new Error(
+      "nextSigningKey is required, either in the config or as env variable QSTASH_NEXT_SIGNING_KEY"
+    );
+  }
+  const receiver = new (0, _chunkUUR7N6E6js.Receiver)({
+    currentSigningKey,
+    nextSigningKey
+  });
+  return async (request, nfe) => {
+    const signature = request.headers.get("upstash-signature");
+    if (!signature) {
+      return new (0, _server.NextResponse)(new TextEncoder().encode("`Upstash-Signature` header is missing"), {
+        status: 403
+      });
+    }
+    if (typeof signature !== "string") {
+      throw new TypeError("`Upstash-Signature` header is not a string");
+    }
+    const body = await request.text();
+    const isValid = await receiver.verify({
+      signature,
+      body,
+      clockTolerance: _optionalChain([config, 'optionalAccess', _6 => _6.clockTolerance])
+    });
+    if (!isValid) {
+      return new (0, _server.NextResponse)(new TextEncoder().encode("invalid signature"), { status: 403 });
+    }
+    return handler(request, nfe);
+  };
+}
+function verifySignatureAppRouter(handler, config) {
+  const currentSigningKey = _nullishCoalesce(_optionalChain([config, 'optionalAccess', _7 => _7.currentSigningKey]), () => ( process.env.QSTASH_CURRENT_SIGNING_KEY));
+  if (!currentSigningKey) {
+    throw new Error(
+      "currentSigningKey is required, either in the config or as env variable QSTASH_CURRENT_SIGNING_KEY"
+    );
+  }
+  const nextSigningKey = _nullishCoalesce(_optionalChain([config, 'optionalAccess', _8 => _8.nextSigningKey]), () => ( process.env.QSTASH_NEXT_SIGNING_KEY));
+  if (!nextSigningKey) {
+    throw new Error(
+      "nextSigningKey is required, either in the config or as env variable QSTASH_NEXT_SIGNING_KEY"
+    );
+  }
+  const receiver = new (0, _chunkUUR7N6E6js.Receiver)({
+    currentSigningKey,
+    nextSigningKey
+  });
+  return async (request) => {
+    const signature = request.headers.get("upstash-signature");
+    if (!signature) {
+      return new (0, _server.NextResponse)(new TextEncoder().encode("`Upstash-Signature` header is missing"), {
+        status: 403
+      });
+    }
+    if (typeof signature !== "string") {
+      throw new TypeError("`Upstash-Signature` header is not a string");
+    }
+    const body = await request.text();
+    const isValid = await receiver.verify({
+      signature,
+      body,
+      clockTolerance: _optionalChain([config, 'optionalAccess', _9 => _9.clockTolerance])
+    });
+    if (!isValid) {
+      return new (0, _server.NextResponse)(new TextEncoder().encode("invalid signature"), { status: 403 });
+    }
+    return handler(request);
+  };
+}
+
+
+
+
+exports.verifySignature = verifySignature; exports.verifySignatureAppRouter = verifySignatureAppRouter; exports.verifySignatureEdge = verifySignatureEdge;

package/nextjs.mjs

@@ -0,0 +1,142 @@
+import {
+  Receiver
+} from "./chunk-CP4IU45K.mjs";
+
+// src/nextjs.ts
+import { NextResponse } from "next/server";
+var BAD_REQUEST = 400;
+function verifySignature(handler, config) {
+  const currentSigningKey = config?.currentSigningKey ?? process.env.QSTASH_CURRENT_SIGNING_KEY;
+  if (!currentSigningKey) {
+    throw new Error(
+      "currentSigningKey is required, either in the config or as env variable QSTASH_CURRENT_SIGNING_KEY"
+    );
+  }
+  const nextSigningKey = config?.nextSigningKey ?? process.env.QSTASH_NEXT_SIGNING_KEY;
+  if (!nextSigningKey) {
+    throw new Error(
+      "nextSigningKey is required, either in the config or as env variable QSTASH_NEXT_SIGNING_KEY"
+    );
+  }
+  const receiver = new Receiver({
+    currentSigningKey,
+    nextSigningKey
+  });
+  return async (request, response) => {
+    const signature = request.headers["upstash-signature"];
+    if (!signature) {
+      response.status(BAD_REQUEST);
+      response.send("`Upstash-Signature` header is missing");
+      response.end();
+      return;
+    }
+    if (typeof signature !== "string") {
+      throw new TypeError("`Upstash-Signature` header is not a string");
+    }
+    const chunks = [];
+    for await (const chunk of request) {
+      chunks.push(typeof chunk === "string" ? Buffer.from(chunk) : chunk);
+    }
+    const body = Buffer.concat(chunks).toString("utf8");
+    const isValid = await receiver.verify({
+      signature,
+      body,
+      clockTolerance: config?.clockTolerance
+    });
+    if (!isValid) {
+      response.status(BAD_REQUEST);
+      response.send("Invalid signature");
+      response.end();
+      return;
+    }
+    try {
+      request.body = request.headers["content-type"] === "application/json" ? JSON.parse(body) : body;
+    } catch {
+      request.body = body;
+    }
+    return handler(request, response);
+  };
+}
+function verifySignatureEdge(handler, config) {
+  const currentSigningKey = config?.currentSigningKey ?? process.env.QSTASH_CURRENT_SIGNING_KEY;
+  if (!currentSigningKey) {
+    throw new Error(
+      "currentSigningKey is required, either in the config or as env variable QSTASH_CURRENT_SIGNING_KEY"
+    );
+  }
+  const nextSigningKey = config?.nextSigningKey ?? process.env.QSTASH_NEXT_SIGNING_KEY;
+  if (!nextSigningKey) {
+    throw new Error(
+      "nextSigningKey is required, either in the config or as env variable QSTASH_NEXT_SIGNING_KEY"
+    );
+  }
+  const receiver = new Receiver({
+    currentSigningKey,
+    nextSigningKey
+  });
+  return async (request, nfe) => {
+    const signature = request.headers.get("upstash-signature");
+    if (!signature) {
+      return new NextResponse(new TextEncoder().encode("`Upstash-Signature` header is missing"), {
+        status: 403
+      });
+    }
+    if (typeof signature !== "string") {
+      throw new TypeError("`Upstash-Signature` header is not a string");
+    }
+    const body = await request.text();
+    const isValid = await receiver.verify({
+      signature,
+      body,
+      clockTolerance: config?.clockTolerance
+    });
+    if (!isValid) {
+      return new NextResponse(new TextEncoder().encode("invalid signature"), { status: 403 });
+    }
+    return handler(request, nfe);
+  };
+}
+function verifySignatureAppRouter(handler, config) {
+  const currentSigningKey = config?.currentSigningKey ?? process.env.QSTASH_CURRENT_SIGNING_KEY;
+  if (!currentSigningKey) {
+    throw new Error(
+      "currentSigningKey is required, either in the config or as env variable QSTASH_CURRENT_SIGNING_KEY"
+    );
+  }
+  const nextSigningKey = config?.nextSigningKey ?? process.env.QSTASH_NEXT_SIGNING_KEY;
+  if (!nextSigningKey) {
+    throw new Error(
+      "nextSigningKey is required, either in the config or as env variable QSTASH_NEXT_SIGNING_KEY"
+    );
+  }
+  const receiver = new Receiver({
+    currentSigningKey,
+    nextSigningKey
+  });
+  return async (request) => {
+    const signature = request.headers.get("upstash-signature");
+    if (!signature) {
+      return new NextResponse(new TextEncoder().encode("`Upstash-Signature` header is missing"), {
+        status: 403
+      });
+    }
+    if (typeof signature !== "string") {
+      throw new TypeError("`Upstash-Signature` header is not a string");
+    }
+    const body = await request.text();
+    const isValid = await receiver.verify({
+      signature,
+      body,
+      clockTolerance: config?.clockTolerance
+    });
+    if (!isValid) {
+      return new NextResponse(new TextEncoder().encode("invalid signature"), { status: 403 });
+    }
+    return handler(request);
+  };
+}
+export {
+  verifySignature,
+  verifySignatureAppRouter,
+  verifySignatureEdge
+};

package/package.json

@@ -1,54 +1 @@
-{
-  "name": "@upstash/qstash",
-  "version": "v2.5.0",
-  "description": "Official Typescript client for QStash",
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/upstash/sdk-qstash-ts.git"
-  },
-  "module": "./dist/index.js",
-  "main": "./dist/index.js",
-  "types": "./dist/index.d.ts",
-  "keywords": [
-    "qstash",
-    "queue",
-    "events",
-    "serverless",
-    "upstash"
-  ],
-  "author": "Andreas Thomas <dev@chronark.com>",
-  "license": "MIT",
-  "bugs": {
-    "url": "https://github.com/upstash/sdk-qstash-ts/issues"
-  },
-  "homepage": "https://github.com/upstash/sdk-qstash-ts#readme",
-  "files": [
-    "dist"
-  ],
-  "devDependencies": {
-    "@biomejs/biome": "^1.3.3",
-    "@types/crypto-js": "^4.2.0",
-    "@types/node": "^20.5.7",
-    "next": "^14.0.2",
-    "tsup": "^7.2.0",
-    "typescript": "^5.2.2"
-  },
-  "dependencies": {
-    "crypto-js": ">=4.2.0",
-    "jose": "^ 5.2.3"
-  },
-  "typesVersions": {
-    "*": {
-      ".": [
-        "./dist/index.d.ts"
-      ],
-      "nextjs": [
-        "./dist/nextjs.d.ts"
-      ]
-    }
-  },
-  "scripts": {
-    "build": "tsup",
-    "fmt": "pnpm rome check . --apply-unsafe && pnpm rome format . --write"
-  }
-}
+{"version":"v2.5.1","name":"@upstash/qstash","description":"Official Typescript client for QStash","author":"Andreas Thomas <dev@chronark.com>","license":"MIT","homepage":"https://github.com/upstash/sdk-qstash-ts#readme","repository":{"type":"git","url":"git+https://github.com/upstash/sdk-qstash-ts.git"},"bugs":{"url":"https://github.com/upstash/sdk-qstash-ts/issues"},"main":"./index.js","module":"./index.mjs","types":"./index.d.ts","files":["./**"],"exports":{".":{"import":"./index.mjs","require":"./index.js"},"./nextjs":{"import":"./nextjs.mjs","require":"./nextjs.js"},"./dist/nextjs":{"import":"./nextjs.mjs","require":"./nextjs.js"}},"typesVersions":{"*":{"nextjs":["./nextjs.d.ts"]}},"keywords":["qstash","queue","events","serverless","upstash"],"scripts":{"build":"tsup && cp README.md ./dist/ && cp package.json ./dist/ && cp LICENSE ./dist/","test":"bun test","fmt":"prettier --write .","lint":"tsc && eslint \"src/**/*.{js,ts,tsx}\" --quiet --fix"},"devDependencies":{"@biomejs/biome":"^1.3.3","@commitlint/cli":"^19.2.2","@commitlint/config-conventional":"^19.2.2","@types/crypto-js":"^4.2.0","@types/node":"^20.5.7","@typescript-eslint/eslint-plugin":"^7.0.1","@typescript-eslint/parser":"^7.0.1","bun-types":"latest","eslint":"^8","eslint-plugin-unicorn":"^51.0.1","husky":"^9.0.10","next":"^14.0.2","prettier":"^3.2.5","tsup":"latest","typescript":"^5.4.5","vitest":"latest"},"dependencies":{"crypto-js":">=4.2.0","jose":"^ 5.2.3","undici":"^6.16.0"}}

package/dist/chunk-EROSIHWE.js

@@ -1,111 +0,0 @@
-"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { newObj[key] = obj[key]; } } } newObj.default = obj; return newObj; } }var __defProp = Object.defineProperty;
-var __defProps = Object.defineProperties;
-var __getOwnPropDescs = Object.getOwnPropertyDescriptors;
-var __getOwnPropSymbols = Object.getOwnPropertySymbols;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __propIsEnum = Object.prototype.propertyIsEnumerable;
-var __knownSymbol = (name, symbol) => {
-  if (symbol = Symbol[name])
-    return symbol;
-  throw Error("Symbol." + name + " is not defined");
-};
-var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
-var __spreadValues = (a, b) => {
-  for (var prop in b || (b = {}))
-    if (__hasOwnProp.call(b, prop))
-      __defNormalProp(a, prop, b[prop]);
-  if (__getOwnPropSymbols)
-    for (var prop of __getOwnPropSymbols(b)) {
-      if (__propIsEnum.call(b, prop))
-        __defNormalProp(a, prop, b[prop]);
-    }
-  return a;
-};
-var __spreadProps = (a, b) => __defProps(a, __getOwnPropDescs(b));
-var __async = (__this, __arguments, generator) => {
-  return new Promise((resolve, reject) => {
-    var fulfilled = (value) => {
-      try {
-        step(generator.next(value));
-      } catch (e) {
-        reject(e);
-      }
-    };
-    var rejected = (value) => {
-      try {
-        step(generator.throw(value));
-      } catch (e) {
-        reject(e);
-      }
-    };
-    var step = (x) => x.done ? resolve(x.value) : Promise.resolve(x.value).then(fulfilled, rejected);
-    step((generator = generator.apply(__this, __arguments)).next());
-  });
-};
-var __forAwait = (obj, it, method) => (it = obj[__knownSymbol("asyncIterator")]) ? it.call(obj) : (obj = obj[__knownSymbol("iterator")](), it = {}, method = (key, fn) => (fn = obj[key]) && (it[key] = (arg) => new Promise((yes, no, done) => (arg = fn.call(obj, arg), done = arg.done, Promise.resolve(arg.value).then((value) => yes({ value, done }), no)))), method("next"), method("return"), it);
-
-// src/receiver.ts
-var _jose = require('jose'); var jose = _interopRequireWildcard(_jose);
-var _cryptojs = require('crypto-js'); var crypto = _interopRequireWildcard(_cryptojs);
-var SignatureError = class extends Error {
-  constructor(message) {
-    super(message);
-    this.name = "SignatureError";
-  }
-};
-var Receiver = class {
-  constructor(config) {
-    this.currentSigningKey = config.currentSigningKey;
-    this.nextSigningKey = config.nextSigningKey;
-  }
-  /**
-   * Verify the signature of a request.
-   *
-   * Tries to verify the signature with the current signing key.
-   * If that fails, maybe because you have rotated the keys recently, it will
-   * try to verify the signature with the next signing key.
-   *
-   * If that fails, the signature is invalid and a `SignatureError` is thrown.
-   */
-  verify(req) {
-    return __async(this, null, function* () {
-      const isValid = yield this.verifyWithKey(this.currentSigningKey, req);
-      if (isValid) {
-        return true;
-      }
-      return this.verifyWithKey(this.nextSigningKey, req);
-    });
-  }
-  /**
-   * Verify signature with a specific signing key
-   */
-  verifyWithKey(key, req) {
-    return __async(this, null, function* () {
-      const jwt = yield jose.jwtVerify(req.signature, new TextEncoder().encode(key), {
-        issuer: "Upstash",
-        clockTolerance: req.clockTolerance
-      }).catch((e) => {
-        throw new SignatureError(e.message);
-      });
-      const p = jwt.payload;
-      if (typeof req.url !== "undefined" && p.sub !== req.url) {
-        throw new SignatureError(`invalid subject: ${p.sub}, want: ${req.url}`);
-      }
-      const bodyHash = crypto.SHA256(req.body).toString(crypto.enc.Base64url);
-      const padding = new RegExp(/=+$/);
-      if (p.body.replace(padding, "") !== bodyHash.replace(padding, "")) {
-        throw new SignatureError(`body hash does not match, want: ${p.body}, got: ${bodyHash}`);
-      }
-      return true;
-    });
-  }
-};
-
-
-
-
-
-
-
-
-exports.__spreadValues = __spreadValues; exports.__spreadProps = __spreadProps; exports.__async = __async; exports.__forAwait = __forAwait; exports.SignatureError = SignatureError; exports.Receiver = Receiver;

package/dist/chunk-FK4ORXI6.mjs

@@ -1,111 +0,0 @@
-var __defProp = Object.defineProperty;
-var __defProps = Object.defineProperties;
-var __getOwnPropDescs = Object.getOwnPropertyDescriptors;
-var __getOwnPropSymbols = Object.getOwnPropertySymbols;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __propIsEnum = Object.prototype.propertyIsEnumerable;
-var __knownSymbol = (name, symbol) => {
-  if (symbol = Symbol[name])
-    return symbol;
-  throw Error("Symbol." + name + " is not defined");
-};
-var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
-var __spreadValues = (a, b) => {
-  for (var prop in b || (b = {}))
-    if (__hasOwnProp.call(b, prop))
-      __defNormalProp(a, prop, b[prop]);
-  if (__getOwnPropSymbols)
-    for (var prop of __getOwnPropSymbols(b)) {
-      if (__propIsEnum.call(b, prop))
-        __defNormalProp(a, prop, b[prop]);
-    }
-  return a;
-};
-var __spreadProps = (a, b) => __defProps(a, __getOwnPropDescs(b));
-var __async = (__this, __arguments, generator) => {
-  return new Promise((resolve, reject) => {
-    var fulfilled = (value) => {
-      try {
-        step(generator.next(value));
-      } catch (e) {
-        reject(e);
-      }
-    };
-    var rejected = (value) => {
-      try {
-        step(generator.throw(value));
-      } catch (e) {
-        reject(e);
-      }
-    };
-    var step = (x) => x.done ? resolve(x.value) : Promise.resolve(x.value).then(fulfilled, rejected);
-    step((generator = generator.apply(__this, __arguments)).next());
-  });
-};
-var __forAwait = (obj, it, method) => (it = obj[__knownSymbol("asyncIterator")]) ? it.call(obj) : (obj = obj[__knownSymbol("iterator")](), it = {}, method = (key, fn) => (fn = obj[key]) && (it[key] = (arg) => new Promise((yes, no, done) => (arg = fn.call(obj, arg), done = arg.done, Promise.resolve(arg.value).then((value) => yes({ value, done }), no)))), method("next"), method("return"), it);
-
-// src/receiver.ts
-import * as jose from "jose";
-import * as crypto from "crypto-js";
-var SignatureError = class extends Error {
-  constructor(message) {
-    super(message);
-    this.name = "SignatureError";
-  }
-};
-var Receiver = class {
-  constructor(config) {
-    this.currentSigningKey = config.currentSigningKey;
-    this.nextSigningKey = config.nextSigningKey;
-  }
-  /**
-   * Verify the signature of a request.
-   *
-   * Tries to verify the signature with the current signing key.
-   * If that fails, maybe because you have rotated the keys recently, it will
-   * try to verify the signature with the next signing key.
-   *
-   * If that fails, the signature is invalid and a `SignatureError` is thrown.
-   */
-  verify(req) {
-    return __async(this, null, function* () {
-      const isValid = yield this.verifyWithKey(this.currentSigningKey, req);
-      if (isValid) {
-        return true;
-      }
-      return this.verifyWithKey(this.nextSigningKey, req);
-    });
-  }
-  /**
-   * Verify signature with a specific signing key
-   */
-  verifyWithKey(key, req) {
-    return __async(this, null, function* () {
-      const jwt = yield jose.jwtVerify(req.signature, new TextEncoder().encode(key), {
-        issuer: "Upstash",
-        clockTolerance: req.clockTolerance
-      }).catch((e) => {
-        throw new SignatureError(e.message);
-      });
-      const p = jwt.payload;
-      if (typeof req.url !== "undefined" && p.sub !== req.url) {
-        throw new SignatureError(`invalid subject: ${p.sub}, want: ${req.url}`);
-      }
-      const bodyHash = crypto.SHA256(req.body).toString(crypto.enc.Base64url);
-      const padding = new RegExp(/=+$/);
-      if (p.body.replace(padding, "") !== bodyHash.replace(padding, "")) {
-        throw new SignatureError(`body hash does not match, want: ${p.body}, got: ${bodyHash}`);
-      }
-      return true;
-    });
-  }
-};
-
-export {
-  __spreadValues,
-  __spreadProps,
-  __async,
-  __forAwait,
-  SignatureError,
-  Receiver
-};