@upstash/qstash 2.7.0-workflow-alpha.3 → 2.7.0-workflow-alpha.4

package/chunk-AHJV4BQ7.mjs

@@ -0,0 +1,81 @@
+import {
+  Receiver,
+  serve
+} from "./chunk-ORKD27UW.mjs";
+
+// platforms/h3.ts
+import { defineEventHandler, getHeader, readRawBody } from "h3";
+var verifySignatureH3 = (handler, config) => {
+  const currentSigningKey = config?.currentSigningKey ?? process.env.QSTASH_CURRENT_SIGNING_KEY;
+  if (!currentSigningKey) {
+    throw new Error(
+      "currentSigningKey is required, either in the config or as env variable QSTASH_CURRENT_SIGNING_KEY"
+    );
+  }
+  const nextSigningKey = config?.nextSigningKey ?? process.env.QSTASH_NEXT_SIGNING_KEY;
+  if (!nextSigningKey) {
+    throw new Error(
+      "nextSigningKey is required, either in the config or as env variable QSTASH_NEXT_SIGNING_KEY"
+    );
+  }
+  const receiver = new Receiver({
+    currentSigningKey,
+    nextSigningKey
+  });
+  return defineEventHandler(async (event) => {
+    const signature = getHeader(event, "upstash-signature");
+    if (!signature) {
+      return { status: 403, body: "`Upstash-Signature` header is missing" };
+    }
+    if (typeof signature !== "string") {
+      throw new TypeError("`Upstash-Signature` header is not a string");
+    }
+    const body = await readRawBody(event);
+    const isValid = await receiver.verify({
+      signature,
+      body: JSON.stringify(body),
+      clockTolerance: config?.clockTolerance
+    });
+    if (!isValid) {
+      return { status: 403, body: "invalid signature" };
+    }
+    event._requestBody = body;
+    return handler(event);
+  });
+};
+function transformHeaders(headers) {
+  const formattedHeaders = Object.entries(headers).map(([key, value]) => [
+    key,
+    Array.isArray(value) ? value.join(", ") : value ?? ""
+  ]);
+  return formattedHeaders;
+}
+var serve2 = (routeFunction, options) => {
+  const handler = defineEventHandler(async (event) => {
+    const method = event.node.req.method;
+    if (method?.toUpperCase() !== "POST") {
+      return {
+        status: 405,
+        body: "Only POST requests are allowed in worklfows"
+      };
+    }
+    const request_ = event.node.req;
+    const protocol = request_.headers["x-forwarded-proto"];
+    const host = request_.headers.host;
+    const url = `${protocol}://${host}${event.path}`;
+    const headers = transformHeaders(request_.headers);
+    const request = new Request(url, {
+      headers,
+      body: await readRawBody(event),
+      method: "POST"
+    });
+    const serveHandler = serve(routeFunction, options);
+    return await serveHandler(request);
+  });
+  return handler;
+};
+
+export {
+  verifySignatureH3,
+  serve2 as serve
+};

package/chunk-ARLPF2X3.js

@@ -0,0 +1,81 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } } function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }
+
+
+var _chunkHK2I6V52js = require('./chunk-HK2I6V52.js');
+
+// platforms/h3.ts
+var _h3 = require('h3');
+var verifySignatureH3 = (handler, config) => {
+  const currentSigningKey = _nullishCoalesce(_optionalChain([config, 'optionalAccess', _ => _.currentSigningKey]), () => ( process.env.QSTASH_CURRENT_SIGNING_KEY));
+  if (!currentSigningKey) {
+    throw new Error(
+      "currentSigningKey is required, either in the config or as env variable QSTASH_CURRENT_SIGNING_KEY"
+    );
+  }
+  const nextSigningKey = _nullishCoalesce(_optionalChain([config, 'optionalAccess', _2 => _2.nextSigningKey]), () => ( process.env.QSTASH_NEXT_SIGNING_KEY));
+  if (!nextSigningKey) {
+    throw new Error(
+      "nextSigningKey is required, either in the config or as env variable QSTASH_NEXT_SIGNING_KEY"
+    );
+  }
+  const receiver = new (0, _chunkHK2I6V52js.Receiver)({
+    currentSigningKey,
+    nextSigningKey
+  });
+  return _h3.defineEventHandler.call(void 0, async (event) => {
+    const signature = _h3.getHeader.call(void 0, event, "upstash-signature");
+    if (!signature) {
+      return { status: 403, body: "`Upstash-Signature` header is missing" };
+    }
+    if (typeof signature !== "string") {
+      throw new TypeError("`Upstash-Signature` header is not a string");
+    }
+    const body = await _h3.readRawBody.call(void 0, event);
+    const isValid = await receiver.verify({
+      signature,
+      body: JSON.stringify(body),
+      clockTolerance: _optionalChain([config, 'optionalAccess', _3 => _3.clockTolerance])
+    });
+    if (!isValid) {
+      return { status: 403, body: "invalid signature" };
+    }
+    event._requestBody = body;
+    return handler(event);
+  });
+};
+function transformHeaders(headers) {
+  const formattedHeaders = Object.entries(headers).map(([key, value]) => [
+    key,
+    Array.isArray(value) ? value.join(", ") : _nullishCoalesce(value, () => ( ""))
+  ]);
+  return formattedHeaders;
+}
+var serve2 = (routeFunction, options) => {
+  const handler = _h3.defineEventHandler.call(void 0, async (event) => {
+    const method = event.node.req.method;
+    if (_optionalChain([method, 'optionalAccess', _4 => _4.toUpperCase, 'call', _5 => _5()]) !== "POST") {
+      return {
+        status: 405,
+        body: "Only POST requests are allowed in worklfows"
+      };
+    }
+    const request_ = event.node.req;
+    const protocol = request_.headers["x-forwarded-proto"];
+    const host = request_.headers.host;
+    const url = `${protocol}://${host}${event.path}`;
+    const headers = transformHeaders(request_.headers);
+    const request = new Request(url, {
+      headers,
+      body: await _h3.readRawBody.call(void 0, event),
+      method: "POST"
+    });
+    const serveHandler = _chunkHK2I6V52js.serve.call(void 0, routeFunction, options);
+    return await serveHandler(request);
+  });
+  return handler;
+};
+
+
+
+
+exports.verifySignatureH3 = verifySignatureH3; exports.serve = serve2;

package/{chunk-NYJWM6N6.js → chunk-HK2I6V52.js}

@@ -657,6 +657,11 @@ function processHeaders(request) {
 function getRequestPath(request) {
   return _nullishCoalesce(_nullishCoalesce(_nullishCoalesce(request.url, () => ( request.urlGroup)), () => ( request.topic)), () => ( `api/${_optionalChain([request, 'access', _28 => _28.api, 'optionalAccess', _29 => _29.name])}`));
 }
+var NANOID_CHARS = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_";
+var NANOID_LENGTH = 21;
+function nanoid() {
+  return [...crypto.getRandomValues(new Uint8Array(NANOID_LENGTH))].map((x) => NANOID_CHARS[x % NANOID_CHARS.length]).join("");
+}
 
 // src/client/queue.ts
 var Queue = class {
@@ -1668,9 +1673,10 @@ var getHeaders = (initHeaderValue, workflowRunId, workflowUrl, userHeaders, step
   };
   if (userHeaders) {
     for (const header of userHeaders.keys()) {
-      baseHeaders[`Upstash-Forward-${header}`] = userHeaders.get(header);
       if (_optionalChain([step, 'optionalAccess', _45 => _45.callHeaders])) {
         baseHeaders[`Upstash-Callback-Forward-${header}`] = userHeaders.get(header);
+      } else {
+        baseHeaders[`Upstash-Forward-${header}`] = userHeaders.get(header);
       }
     }
   }
@@ -1801,9 +1807,9 @@ var AutoExecutor = (_class3 = class _AutoExecutor {
    * @param stepFunction step function to wrap
    * @returns wrapped step function
    */
-  async wrapStep(stepName, stepFunction) {
+  wrapStep(stepName, stepFunction) {
     this.executingStep = stepName;
-    const result = await stepFunction();
+    const result = stepFunction();
     this.executingStep = false;
     return result;
   }
@@ -1956,7 +1962,7 @@ var AutoExecutor = (_class3 = class _AutoExecutor {
           "false",
           this.context.workflowRunId,
           this.context.url,
-          singleStep.callUrl ? void 0 : this.context.headers,
+          this.context.headers,
           singleStep,
           this.context.failureUrl
         );
@@ -2096,7 +2102,10 @@ var LazyFunctionStep = (_class4 = class extends BaseLazyStep {
     }
   }
   async getResultStep(concurrent, stepId) {
-    const result = await this.stepFunction();
+    let result = this.stepFunction();
+    if (result instanceof Promise) {
+      result = await result;
+    }
     return {
       stepId,
       stepName: this.stepName,
@@ -2303,6 +2312,27 @@ var WorkflowContext = class {
    * initial payload as a raw string
    */
   
+  /**
+   * Map of environment variables and their values.
+   *
+   * Can be set using the `env` option of serve:
+   *
+   * ```ts
+   * export const POST = serve<MyPayload>(
+   *   async (context) => {
+   *     const key = context.env["API_KEY"];
+   *   },
+   *   {
+   *     env: {
+   *       "API_KEY": "*****";
+   *     }
+   *   }
+   * )
+   * ```
+   *
+   * Default value is set to `process.env`.
+   */
+  
   constructor({
     qstashClient,
     workflowRunId,
@@ -2312,7 +2342,8 @@ var WorkflowContext = class {
     failureUrl,
     debug,
     initialPayload,
-    rawInitialPayload
+    rawInitialPayload,
+    env
   }) {
     this.qstashClient = qstashClient;
     this.workflowRunId = workflowRunId;
@@ -2322,14 +2353,15 @@ var WorkflowContext = class {
     this.headers = headers;
     this.requestPayload = initialPayload;
     this.rawInitialPayload = _nullishCoalesce(rawInitialPayload, () => ( JSON.stringify(this.requestPayload)));
+    this.env = _nullishCoalesce(env, () => ( {}));
     this.executor = new AutoExecutor(this, this.steps, debug);
   }
   /**
    * Executes a workflow step
    *
    * ```typescript
-   * const result = await context.run("step 1", async () => {
-   *   return await Promise.resolve("result")
+   * const result = await context.run("step 1", () => {
+   *   return "result"
    * })
    * ```
    *
@@ -2338,11 +2370,11 @@ var WorkflowContext = class {
    *
    * ```typescript
    * const [result1, result2] = await Promise.all([
-   *   context.run("step 1", async () => {
-   *     return await Promise.resolve("result1")
+   *   context.run("step 1", () => {
+   *     return "result1"
    *   })
    *   context.run("step 2", async () => {
-   *     return await Promise.resolve("result2")
+   *     return await fetchResults()
    *   })
    * ])
    * ```
@@ -2352,7 +2384,7 @@ var WorkflowContext = class {
    * @returns result of the step function
    */
   async run(stepName, stepFunction) {
-    const wrappedStepFunction = async () => this.executor.wrapStep(stepName, stepFunction);
+    const wrappedStepFunction = () => this.executor.wrapStep(stepName, stepFunction);
     return this.addStep(new LazyFunctionStep(stepName, wrappedStepFunction));
   }
   /**
@@ -2448,7 +2480,8 @@ var DisabledWorkflowContext = (_class8 = class _DisabledWorkflowContext extends
       url: context.url,
       failureUrl: context.failureUrl,
       initialPayload: context.requestPayload,
-      rawInitialPayload: context.rawInitialPayload
+      rawInitialPayload: context.rawInitialPayload,
+      env: context.env
     });
     try {
       await routeFunction(disabledContext);
@@ -2510,36 +2543,6 @@ var WorkflowLogger = (_class9 = class _WorkflowLogger {
   }
 }, _class9);
 
-// node_modules/nanoid/index.js
-var _crypto = require('crypto'); var _crypto2 = _interopRequireDefault(_crypto);
-
-// node_modules/nanoid/url-alphabet/index.js
-var urlAlphabet = "useandom-26T198340PX75pxJACKVERYMINDBUSHWOLF_GQZbfghjklqvwyzrict";
-
-// node_modules/nanoid/index.js
-var POOL_SIZE_MULTIPLIER = 128;
-var pool;
-var poolOffset;
-var fillPool = (bytes) => {
-  if (!pool || pool.length < bytes) {
-    pool = Buffer.allocUnsafe(bytes * POOL_SIZE_MULTIPLIER);
-    _crypto2.default.randomFillSync(pool);
-    poolOffset = 0;
-  } else if (poolOffset + bytes > pool.length) {
-    _crypto2.default.randomFillSync(pool);
-    poolOffset = 0;
-  }
-  poolOffset += bytes;
-};
-var nanoid = (size = 21) => {
-  fillPool(size -= 0);
-  let id = "";
-  for (let i = poolOffset - size; i < poolOffset; i++) {
-    id += urlAlphabet[pool[i] & 63];
-  }
-  return id;
-};
-
 // src/client/workflow/workflow-parser.ts
 var getPayload = async (request) => {
   try {
@@ -2548,12 +2551,9 @@ var getPayload = async (request) => {
     return;
   }
 };
-var decodeBase64 = (encodedString) => {
-  return Buffer.from(encodedString, "base64").toString();
-};
 var parsePayload = (rawPayload) => {
   const [encodedInitialPayload, ...encodedSteps] = JSON.parse(rawPayload);
-  const rawInitialPayload = decodeBase64(encodedInitialPayload.body);
+  const rawInitialPayload = atob(encodedInitialPayload.body);
   const initialStep = {
     stepId: 0,
     stepName: "init",
@@ -2563,7 +2563,7 @@ var parsePayload = (rawPayload) => {
   };
   const stepsToDecode = encodedSteps.filter((step) => step.callType === "step");
   const otherSteps = stepsToDecode.map((rawStep) => {
-    return JSON.parse(decodeBase64(rawStep.body));
+    return JSON.parse(atob(rawStep.body));
   });
   const steps = [initialStep, ...otherSteps];
   return {
@@ -2688,13 +2688,14 @@ var handleFailure = async (request, requestPayload, qstashClient, initialPayload
 
 // src/client/workflow/serve.ts
 var processOptions = (options) => {
+  const environment = _nullishCoalesce(_optionalChain([options, 'optionalAccess', _69 => _69.env]), () => ( (typeof process === "undefined" ? {} : process.env)));
   const receiverEnvironmentVariablesSet = Boolean(
-    process.env.QSTASH_CURRENT_SIGNING_KEY && process.env.QSTASH_NEXT_SIGNING_KEY
+    environment.QSTASH_CURRENT_SIGNING_KEY && environment.QSTASH_NEXT_SIGNING_KEY
   );
   return {
     qstashClient: new Client({
-      baseUrl: process.env.QSTASH_URL,
-      token: process.env.QSTASH_TOKEN
+      baseUrl: environment.QSTASH_URL,
+      token: environment.QSTASH_TOKEN
     }),
     onStepFinish: (workflowRunId, finishCondition) => new Response(JSON.stringify({ workflowRunId, finishCondition }), {
       status: 200
@@ -2713,10 +2714,11 @@ var processOptions = (options) => {
       }
     },
     receiver: receiverEnvironmentVariablesSet ? new Receiver({
-      currentSigningKey: process.env.QSTASH_CURRENT_SIGNING_KEY,
-      nextSigningKey: process.env.QSTASH_NEXT_SIGNING_KEY
+      currentSigningKey: environment.QSTASH_CURRENT_SIGNING_KEY,
+      nextSigningKey: environment.QSTASH_NEXT_SIGNING_KEY
     }) : void 0,
-    baseUrl: process.env.UPSTASH_WORKFLOW_URL,
+    baseUrl: environment.UPSTASH_WORKFLOW_URL,
+    env: environment,
     ...options
   };
 };
@@ -2730,16 +2732,17 @@ var serve = (routeFunction, options) => {
     receiver,
     failureUrl,
     failureFunction,
-    baseUrl
+    baseUrl,
+    env
   } = processOptions(options);
   const debug = WorkflowLogger.getLogger(verbose);
-  return async (request) => {
+  const handler = async (request) => {
     const initialWorkflowUrl = _nullishCoalesce(url, () => ( request.url));
     const workflowUrl = baseUrl ? initialWorkflowUrl.replace(/^(https?:\/\/[^/]+)(\/.*)?$/, (_, matchedBaseUrl, path) => {
       return baseUrl + (path || "");
     }) : initialWorkflowUrl;
     if (workflowUrl !== initialWorkflowUrl) {
-      await _optionalChain([debug, 'optionalAccess', _69 => _69.log, 'call', _70 => _70("WARN", "ENDPOINT_START", {
+      await _optionalChain([debug, 'optionalAccess', _70 => _70.log, 'call', _71 => _71("WARN", "ENDPOINT_START", {
         warning: `QStash Workflow: replacing the base of the url with "${baseUrl}" and using it as workflow endpoint.`,
         originalURL: initialWorkflowUrl,
         updatedURL: workflowUrl
@@ -2748,7 +2751,7 @@ var serve = (routeFunction, options) => {
     const workflowFailureUrl = failureFunction ? workflowUrl : failureUrl;
     const requestPayload = await _asyncNullishCoalesce(await getPayload(request), async () => ( ""));
     await verifyRequest(requestPayload, request.headers.get("upstash-signature"), receiver);
-    await _optionalChain([debug, 'optionalAccess', _71 => _71.log, 'call', _72 => _72("INFO", "ENDPOINT_START")]);
+    await _optionalChain([debug, 'optionalAccess', _72 => _72.log, 'call', _73 => _73("INFO", "ENDPOINT_START")]);
     const failureCheck = await handleFailure(
       request,
       requestPayload,
@@ -2759,11 +2762,11 @@ var serve = (routeFunction, options) => {
     if (failureCheck.isErr()) {
       throw failureCheck.error;
     } else if (failureCheck.value === "is-failure-callback") {
-      await _optionalChain([debug, 'optionalAccess', _73 => _73.log, 'call', _74 => _74("WARN", "RESPONSE_DEFAULT", "failureFunction executed")]);
+      await _optionalChain([debug, 'optionalAccess', _74 => _74.log, 'call', _75 => _75("WARN", "RESPONSE_DEFAULT", "failureFunction executed")]);
       return onStepFinish("no-workflow-id", "failure-callback");
     }
     const { isFirstInvocation, workflowRunId } = validateRequest(request);
-    _optionalChain([debug, 'optionalAccess', _75 => _75.setWorkflowRunId, 'call', _76 => _76(workflowRunId)]);
+    _optionalChain([debug, 'optionalAccess', _76 => _76.setWorkflowRunId, 'call', _77 => _77(workflowRunId)]);
     const { rawInitialPayload, steps, isLastDuplicate } = await parseRequest(
       requestPayload,
       isFirstInvocation,
@@ -2781,14 +2784,15 @@ var serve = (routeFunction, options) => {
       steps,
       url: workflowUrl,
       failureUrl: workflowFailureUrl,
-      debug
+      debug,
+      env
     });
     const authCheck = await DisabledWorkflowContext.tryAuthentication(
       routeFunction,
       workflowContext
     );
     if (authCheck.isErr()) {
-      await _optionalChain([debug, 'optionalAccess', _77 => _77.log, 'call', _78 => _78("ERROR", "ERROR", { error: authCheck.error.message })]);
+      await _optionalChain([debug, 'optionalAccess', _78 => _78.log, 'call', _79 => _79("ERROR", "ERROR", { error: authCheck.error.message })]);
       throw authCheck.error;
     } else if (authCheck.value === "run-ended") {
       return onStepFinish("no-workflow-id", "auth-fail");
@@ -2802,7 +2806,7 @@ var serve = (routeFunction, options) => {
       debug
     );
     if (callReturnCheck.isErr()) {
-      await _optionalChain([debug, 'optionalAccess', _79 => _79.log, 'call', _80 => _80("ERROR", "SUBMIT_THIRD_PARTY_RESULT", {
+      await _optionalChain([debug, 'optionalAccess', _80 => _80.log, 'call', _81 => _81("ERROR", "SUBMIT_THIRD_PARTY_RESULT", {
         error: callReturnCheck.error.message
       })]);
       throw callReturnCheck.error;
@@ -2814,15 +2818,23 @@ var serve = (routeFunction, options) => {
         }
       });
       if (result.isErr()) {
-        await _optionalChain([debug, 'optionalAccess', _81 => _81.log, 'call', _82 => _82("ERROR", "ERROR", { error: result.error.message })]);
+        await _optionalChain([debug, 'optionalAccess', _82 => _82.log, 'call', _83 => _83("ERROR", "ERROR", { error: result.error.message })]);
         throw result.error;
       }
-      await _optionalChain([debug, 'optionalAccess', _83 => _83.log, 'call', _84 => _84("INFO", "RESPONSE_WORKFLOW")]);
+      await _optionalChain([debug, 'optionalAccess', _84 => _84.log, 'call', _85 => _85("INFO", "RESPONSE_WORKFLOW")]);
       return onStepFinish(workflowContext.workflowRunId, "success");
     }
-    await _optionalChain([debug, 'optionalAccess', _85 => _85.log, 'call', _86 => _86("INFO", "RESPONSE_DEFAULT")]);
+    await _optionalChain([debug, 'optionalAccess', _86 => _86.log, 'call', _87 => _87("INFO", "RESPONSE_DEFAULT")]);
     return onStepFinish("no-workflow-id", "fromCallback");
   };
+  return async (request) => {
+    try {
+      return await handler(request);
+    } catch (error) {
+      console.error(error);
+      return new Response(JSON.stringify(formatWorkflowError(error)), { status: 500 });
+    }
+  };
 };
 
 // src/client/workflow/index.ts