@vividcodeai/embeddedcowork 0.0.8 → 0.0.10

package/dist/server/network-addresses.js

@@ -1,114 +0,0 @@
-import os from "os";
-export function resolveNetworkAddresses(args) {
-    const { host, protocol, port } = args;
-    const interfaces = os.networkInterfaces();
-    const seen = new Set();
-    const results = [];
-    const addAddress = (ip, scope) => {
-        if (!ip || ip === "0.0.0.0")
-            return;
-        const key = `ipv4-${ip}`;
-        if (seen.has(key))
-            return;
-        seen.add(key);
-        results.push({ ip, family: "ipv4", scope, remoteUrl: `${protocol}://${ip}:${port}` });
-    };
-    const normalizeFamily = (value) => {
-        if (typeof value === "string") {
-            const lowered = value.toLowerCase();
-            if (lowered === "ipv4") {
-                return "ipv4";
-            }
-        }
-        if (value === 4)
-            return "ipv4";
-        return null;
-    };
-    if (host === "0.0.0.0") {
-        // Enumerate system interfaces (IPv4 only)
-        for (const entries of Object.values(interfaces)) {
-            if (!entries)
-                continue;
-            for (const entry of entries) {
-                const family = normalizeFamily(entry.family);
-                if (!family)
-                    continue;
-                if (!entry.address || entry.address === "0.0.0.0")
-                    continue;
-                const scope = entry.internal ? "loopback" : "external";
-                addAddress(entry.address, scope);
-            }
-        }
-    }
-    // Always include loopback address
-    addAddress("127.0.0.1", "loopback");
-    // Include explicitly configured host if it was IPv4
-    if (isIPv4Address(host) && host !== "0.0.0.0") {
-        const isLoopback = host.startsWith("127.");
-        addAddress(host, isLoopback ? "loopback" : "external");
-    }
-    const scopeWeight = { external: 0, internal: 1, loopback: 2 };
-    return results.sort((a, b) => {
-        const scopeDelta = scopeWeight[a.scope] - scopeWeight[b.scope];
-        if (scopeDelta !== 0)
-            return scopeDelta;
-        return 0;
-    });
-}
-export function resolveRemoteAddresses(args) {
-    const all = resolveNetworkAddresses(args);
-    const userVisible = sortUserVisibleAddresses(all.filter((address) => address.scope === "external"));
-    return {
-        all,
-        userVisible,
-        primaryRemoteUrl: userVisible[0]?.remoteUrl,
-    };
-}
-function sortUserVisibleAddresses(addresses) {
-    return [...addresses].sort((left, right) => getUserVisiblePriority(left.ip) - getUserVisiblePriority(right.ip));
-}
-function getUserVisiblePriority(ip) {
-    if (isPrivateIPv4(ip))
-        return 0;
-    if (isLinkLocalIPv4(ip))
-        return 2;
-    return 1;
-}
-function isLinkLocalIPv4(ip) {
-    const octets = parseIPv4(ip);
-    if (!octets)
-        return false;
-    const [first, second] = octets;
-    return first === 169 && second === 254;
-}
-function isPrivateIPv4(ip) {
-    const octets = parseIPv4(ip);
-    if (!octets)
-        return false;
-    const [first, second] = octets;
-    if (first === 10)
-        return true;
-    if (first === 192 && second === 168)
-        return true;
-    return first === 172 && second >= 16 && second <= 31;
-}
-function parseIPv4(value) {
-    if (!isIPv4Address(value))
-        return null;
-    return value.split(".").map((part) => Number(part));
-}
-function isIPv4Address(value) {
-    if (!value)
-        return false;
-    const parts = value.split(".");
-    if (parts.length !== 4)
-        return false;
-    return parts.every((part) => {
-        if (part.length === 0 || part.length > 3)
-            return false;
-        if (!/^[0-9]+$/.test(part))
-            return false;
-        const num = Number(part);
-        return Number.isInteger(num) && num >= 0 && num <= 255;
-    });
-}

package/dist/server/remote-proxy.js

@@ -1,466 +0,0 @@
-import Fastify from "fastify";
-import { randomBytes, randomUUID } from "crypto";
-import { Readable } from "stream";
-import { pipeline } from "stream/promises";
-import { Agent, fetch } from "undici";
-const LOOPBACK_HOST = "127.0.0.1";
-const BOOTSTRAP_PAGE_PATH = "/__embeddedcowork/auth/token";
-const BOOTSTRAP_EXCHANGE_PATH = "/__embeddedcowork/api/auth/token";
-const SESSION_IDLE_TTL_MS = 30 * 60000;
-export class RemoteProxySessionManager {
-    constructor(options) {
-        this.options = options;
-        this.sessions = new Map();
-        this.cleanupTimer = setInterval(() => {
-            void this.cleanupExpiredSessions();
-        }, 60000);
-        this.cleanupTimer.unref();
-    }
-    async createSession(baseUrl, skipTlsVerify) {
-        if (!this.options.httpsOptions) {
-            throw new Error("Local HTTPS is required for remote proxy sessions");
-        }
-        const targetBaseUrl = normalizeBaseUrl(baseUrl);
-        const sessionId = randomUUID();
-        const bootstrapToken = randomBytes(32).toString("base64url");
-        const dispatcher = skipTlsVerify ? new Agent({ connect: { rejectUnauthorized: false } }) : undefined;
-        const app = Fastify({ logger: false, https: this.options.httpsOptions });
-        let session = null;
-        app.removeAllContentTypeParsers();
-        // Preserve raw request bodies for proxying while still letting token JSON parse from Buffer.
-        app.addContentTypeParser("*", { parseAs: "buffer" }, (_req, body, done) => done(null, body));
-        app.get(BOOTSTRAP_PAGE_PATH, async (request, reply) => {
-            if (!this.options.authManager.isLoopbackRequest(request)) {
-                reply.code(404).send({ error: "Not found" });
-                return;
-            }
-            reply.header("Cache-Control", "no-store");
-            reply.header("Pragma", "no-cache");
-            reply.header("Expires", "0");
-            reply.type("text/html").send(buildBootstrapPageHtml());
-        });
-        app.post(BOOTSTRAP_EXCHANGE_PATH, async (request, reply) => {
-            if (!this.options.authManager.isLoopbackRequest(request)) {
-                reply.code(404).send({ error: "Not found" });
-                return;
-            }
-            if (!session) {
-                reply.code(503).send({ error: "Remote proxy session is unavailable" });
-                return;
-            }
-            const body = parseTokenBody(request.body);
-            if (body.token !== session.bootstrapToken) {
-                reply.code(401).send({ error: "Invalid token" });
-                return;
-            }
-            session.activated = true;
-            session.lastAccessAt = Date.now();
-            reply.send({ ok: true });
-        });
-        app.all("/*", async (request, reply) => {
-            if (!session) {
-                reply.code(503).send({ error: "Remote proxy session is unavailable" });
-                return;
-            }
-            if (!session.activated) {
-                reply.code(403).send({ error: "Remote proxy session is not activated" });
-                return;
-            }
-            session.lastAccessAt = Date.now();
-            await proxyRequest({ request, reply, session, logger: this.options.logger });
-        });
-        app.setNotFoundHandler(async (request, reply) => {
-            if (!session) {
-                reply.code(503).send({ error: "Remote proxy session is unavailable" });
-                return;
-            }
-            if (!session.activated) {
-                reply.code(403).send({ error: "Remote proxy session is not activated" });
-                return;
-            }
-            session.lastAccessAt = Date.now();
-            await proxyRequest({ request, reply, session, logger: this.options.logger });
-        });
-        const addressInfo = await app.listen({ host: LOOPBACK_HOST, port: 0 });
-        const address = new URL(addressInfo);
-        const localBaseUrl = new URL(`https://${LOOPBACK_HOST}:${address.port}`);
-        const entryUrl = new URL(targetBaseUrl.pathname || "/", localBaseUrl);
-        const returnTo = buildReturnToTarget(entryUrl);
-        session = {
-            id: sessionId,
-            bootstrapToken,
-            targetBaseUrl,
-            skipTlsVerify,
-            localBaseUrl,
-            entryUrl,
-            bootstrapUrl: `${localBaseUrl.origin}${BOOTSTRAP_PAGE_PATH}?returnTo=${encodeURIComponent(returnTo)}#${encodeURIComponent(bootstrapToken)}`,
-            activated: false,
-            cookiePrefix: `cnrp_${randomBytes(6).toString("hex")}_`,
-            app,
-            dispatcher,
-            createdAt: Date.now(),
-            lastAccessAt: Date.now(),
-        };
-        this.sessions.set(sessionId, session);
-        this.options.logger.info({ sessionId, targetBaseUrl: targetBaseUrl.toString(), localBaseUrl: localBaseUrl.toString() }, "Created remote proxy session");
-        return { sessionId, windowUrl: session.bootstrapUrl };
-    }
-    async deleteSession(sessionId) {
-        return this.disposeSession(sessionId);
-    }
-    async cleanupExpiredSessions() {
-        const now = Date.now();
-        for (const session of Array.from(this.sessions.values())) {
-            if (now - session.lastAccessAt <= SESSION_IDLE_TTL_MS) {
-                continue;
-            }
-            await this.disposeSession(session.id);
-        }
-    }
-    async disposeSession(sessionId) {
-        const session = this.sessions.get(sessionId);
-        if (!session) {
-            return false;
-        }
-        this.sessions.delete(sessionId);
-        session.dispatcher?.close().catch(() => { });
-        await session.app.close().catch(() => { });
-        this.options.logger.info({ sessionId }, "Disposed remote proxy session");
-        return true;
-    }
-}
-function normalizeBaseUrl(input) {
-    const parsed = new URL(input.trim());
-    if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
-        throw new Error("Server URL must use http:// or https://");
-    }
-    parsed.hash = "";
-    parsed.search = "";
-    parsed.pathname = parsed.pathname === "/" ? "/" : parsed.pathname.replace(/\/+$/, "") || "/";
-    return parsed;
-}
-function buildReturnToTarget(entryUrl) {
-    const query = entryUrl.search ? entryUrl.search : "";
-    return `${entryUrl.pathname || "/"}${query}`;
-}
-function buildBootstrapPageHtml() {
-    return `<!doctype html>
-<html lang="en">
-  <head>
-    <meta charset="utf-8" />
-    <meta name="viewport" content="width=device-width, initial-scale=1" />
-    <title>EmbeddedCowork</title>
-    <style>
-      body { font-family: ui-sans-serif, system-ui, -apple-system, Segoe UI, Roboto, Helvetica, Arial; background: #0b0b0f; color: #fff; display: flex; align-items: center; justify-content: center; height: 100vh; margin: 0; }
-      .card { width: 420px; max-width: calc(100vw - 32px); background: #14141c; border: 1px solid rgba(255,255,255,0.08); border-radius: 14px; padding: 24px; }
-      h1 { font-size: 18px; margin: 0 0 12px; }
-      p { margin: 0; color: rgba(255,255,255,0.7); font-size: 13px; line-height: 1.4; }
-      .error { margin-top: 12px; color: #ff6b6b; font-size: 13px; display: none; }
-    </style>
-  </head>
-  <body>
-    <div class="card">
-      <h1>Connecting...</h1>
-      <p>Finalizing local authentication.</p>
-      <div id="error" class="error"></div>
-    </div>
-    <script>
-      const token = decodeURIComponent((location.hash || "").replace(/^#/, "").trim())
-      const params = new URLSearchParams(location.search)
-      const returnTo = sanitizeReturnTo(params.get("returnTo"))
-      const errorEl = document.getElementById("error")
-
-      function sanitizeReturnTo(value) {
-        if (!value || typeof value !== "string") return "/"
-        if (!value.startsWith("/")) return "/"
-        if (value.startsWith("//")) return "/"
-        return value
-      }
-
-      function showError(message) {
-        errorEl.textContent = message
-        errorEl.style.display = "block"
-      }
-
-      async function run() {
-        if (!token) {
-          showError("Missing bootstrap token.")
-          return
-        }
-
-        try {
-          const res = await fetch("${BOOTSTRAP_EXCHANGE_PATH}", {
-            method: "POST",
-            headers: { "Content-Type": "application/json" },
-            body: JSON.stringify({ token }),
-            credentials: "include",
-          })
-
-          if (!res.ok) {
-            let message = ""
-            try {
-              const json = await res.json()
-              message = json && json.error ? String(json.error) : ""
-            } catch {
-              message = ""
-            }
-            showError(message || "Token exchange failed (" + res.status + ")")
-            return
-          }
-
-          window.location.replace(returnTo)
-        } catch (error) {
-          showError(error && error.message ? error.message : String(error))
-        }
-      }
-
-      run()
-    </script>
-  </body>
-</html>`;
-}
-function parseTokenBody(body) {
-    const value = normalizeJsonBody(body);
-    const token = typeof value?.token === "string" ? value.token.trim() : "";
-    if (!token) {
-        throw new Error("Missing bootstrap token");
-    }
-    return { token };
-}
-function normalizeJsonBody(body) {
-    if (Buffer.isBuffer(body)) {
-        return JSON.parse(body.toString("utf-8"));
-    }
-    if (typeof body === "string") {
-        return JSON.parse(body);
-    }
-    return body;
-}
-function toRequestBody(body) {
-    if (body == null) {
-        return undefined;
-    }
-    if (Buffer.isBuffer(body) || typeof body === "string" || body instanceof Uint8Array) {
-        return body;
-    }
-    return JSON.stringify(body);
-}
-async function proxyRequest(args) {
-    const { request, reply, session, logger } = args;
-    const upstreamUrl = buildUpstreamUrl(session.targetBaseUrl, request.raw.url ?? request.url);
-    const headers = filterRequestHeaders(request.headers, session);
-    const init = {
-        method: request.method,
-        headers,
-        dispatcher: session.dispatcher,
-        redirect: "manual",
-    };
-    if (request.method !== "GET" && request.method !== "HEAD") {
-        const body = toRequestBody(request.body);
-        if (body !== undefined) {
-            init.body = body;
-            init.duplex = "half";
-        }
-    }
-    try {
-        const response = await fetch(upstreamUrl, init);
-        reply.code(response.status);
-        applyResponseHeaders(reply, response, session);
-        if (!response.body || request.method === "HEAD") {
-            reply.send();
-            return;
-        }
-        reply.hijack();
-        reply.raw.writeHead(reply.statusCode, toOutgoingHeaders(reply.getHeaders()));
-        await pipeline(Readable.fromWeb(response.body), reply.raw);
-    }
-    catch (error) {
-        logger.error({ err: error, upstreamUrl }, "Failed to proxy remote session request");
-        if (!reply.sent) {
-            reply.code(502).send({ error: "Remote proxy request failed" });
-        }
-    }
-}
-function buildUpstreamUrl(baseUrl, rawUrl) {
-    const parsed = new URL(rawUrl, "https://localhost");
-    const url = new URL(baseUrl.toString());
-    url.pathname = rewriteRequestPath(baseUrl, parsed.pathname);
-    url.search = stripInternalQuery(parsed.search);
-    url.hash = "";
-    return url.toString();
-}
-function rewriteRequestPath(baseUrl, requestPath) {
-    const basePath = normalizedBasePath(baseUrl);
-    if (basePath === "/") {
-        return requestPath;
-    }
-    if (requestPath === "/") {
-        return basePath;
-    }
-    if (pathHasBasePrefix(basePath, requestPath)) {
-        return requestPath;
-    }
-    return `${basePath}${requestPath}`;
-}
-function normalizedBasePath(baseUrl) {
-    return baseUrl.pathname || "/";
-}
-function pathHasBasePrefix(basePath, requestPath) {
-    return requestPath === basePath || requestPath.startsWith(`${basePath}/`);
-}
-function stripInternalQuery(search) {
-    if (!search || search === "?") {
-        return "";
-    }
-    return search;
-}
-function filterRequestHeaders(headers, session) {
-    const next = {};
-    for (const [key, value] of Object.entries(headers ?? {})) {
-        if (!value)
-            continue;
-        const lower = key.toLowerCase();
-        if (isHopByHopHeader(lower) ||
-            lower === "host" ||
-            lower === "content-length" ||
-            lower === "accept-encoding") {
-            continue;
-        }
-        if (lower === "origin") {
-            next[key] = session.targetBaseUrl.origin;
-            continue;
-        }
-        if (lower === "referer") {
-            const rewritten = rewriteRefererHeader(Array.isArray(value) ? value[0] : value, session.targetBaseUrl);
-            if (rewritten) {
-                next[key] = rewritten;
-            }
-            continue;
-        }
-        if (lower === "cookie") {
-            const rewritten = rewriteRequestCookieHeader(Array.isArray(value) ? value.join("; ") : value, session.cookiePrefix);
-            if (rewritten) {
-                next[key] = rewritten;
-            }
-            continue;
-        }
-        next[key] = Array.isArray(value) ? value.join(",") : value;
-    }
-    next.host = session.targetBaseUrl.port ? `${session.targetBaseUrl.hostname}:${session.targetBaseUrl.port}` : session.targetBaseUrl.hostname;
-    if (!next.origin) {
-        next.origin = session.targetBaseUrl.origin;
-    }
-    return next;
-}
-function rewriteRefererHeader(referer, targetBaseUrl) {
-    if (!referer) {
-        return null;
-    }
-    try {
-        const parsed = new URL(referer);
-        const rewritten = new URL(targetBaseUrl.toString());
-        rewritten.pathname = rewriteRequestPath(targetBaseUrl, parsed.pathname);
-        rewritten.search = parsed.search;
-        rewritten.hash = parsed.hash;
-        return rewritten.toString();
-    }
-    catch {
-        return null;
-    }
-}
-function applyResponseHeaders(reply, response, session) {
-    const setCookie = response.headers.getSetCookie?.();
-    if (Array.isArray(setCookie)) {
-        for (const cookie of setCookie) {
-            reply.header("set-cookie", rewriteSetCookie(cookie, session.cookiePrefix));
-        }
-    }
-    response.headers.forEach((value, key) => {
-        const lower = key.toLowerCase();
-        if (isHopByHopHeader(lower) ||
-            lower === "set-cookie" ||
-            lower === "content-length" ||
-            lower === "content-encoding") {
-            return;
-        }
-        if (lower === "location") {
-            reply.header(key, rewriteLocation(value, session.targetBaseUrl, session.localBaseUrl));
-            return;
-        }
-        reply.header(key, value);
-    });
-}
-function toOutgoingHeaders(headers) {
-    const next = {};
-    for (const [key, value] of Object.entries(headers)) {
-        if (value === undefined) {
-            continue;
-        }
-        next[key] = Array.isArray(value) ? value.map(String) : String(value);
-    }
-    return next;
-}
-function rewriteSetCookie(cookie, cookiePrefix) {
-    const parts = cookie.split(";").map((part) => part.trim());
-    const first = parts.shift() ?? "";
-    const separator = first.indexOf("=");
-    if (separator <= 0) {
-        return cookie;
-    }
-    const name = first.slice(0, separator).trim();
-    const value = first.slice(separator + 1);
-    const rewritten = [`${cookiePrefix}${name}=${value}`];
-    for (const part of parts) {
-        if (part.slice(0, 7).toLowerCase().startsWith("domain=")) {
-            continue;
-        }
-        rewritten.push(part);
-    }
-    return rewritten.join("; ");
-}
-function rewriteRequestCookieHeader(cookieHeader, cookiePrefix) {
-    const next = [];
-    for (const rawPart of cookieHeader.split(";")) {
-        const part = rawPart.trim();
-        if (!part)
-            continue;
-        const separator = part.indexOf("=");
-        if (separator <= 0)
-            continue;
-        const name = part.slice(0, separator).trim();
-        const value = part.slice(separator + 1);
-        if (!name.startsWith(cookiePrefix)) {
-            continue;
-        }
-        next.push(`${name.slice(cookiePrefix.length)}=${value}`);
-    }
-    return next.join("; ");
-}
-function rewriteLocation(location, targetBaseUrl, localBaseUrl) {
-    try {
-        const parsed = new URL(location, targetBaseUrl);
-        if (parsed.origin !== targetBaseUrl.origin) {
-            return location;
-        }
-        const rewritten = new URL(localBaseUrl.toString());
-        rewritten.pathname = parsed.pathname;
-        rewritten.search = parsed.search;
-        rewritten.hash = parsed.hash;
-        return rewritten.toString();
-    }
-    catch {
-        return location;
-    }
-}
-function isHopByHopHeader(name) {
-    return new Set([
-        "connection",
-        "keep-alive",
-        "proxy-authenticate",
-        "proxy-authorization",
-        "te",
-        "trailer",
-        "transfer-encoding",
-        "upgrade",
-    ]).has(name);
-}