@vltpkg/registry-client 1.0.0-rc.23 → 1.0.0-rc.24

package/dist/add-header.d.ts

@@ -0,0 +1 @@
+export declare const addHeader: <H extends [string, string[] | string][] | Iterable<[string, string[] | string | undefined]> | Record<string, string[] | string | undefined> | string[]>(headers: H | null | undefined, key: string, value?: string) => H;

package/dist/add-header.js

@@ -0,0 +1,26 @@
+import { deleteHeader } from "./delete-header.js";
+import { isIterable } from "./is-iterable.js";
+// this does some rude things with types, but not much way around it,
+// since the opts.headers type is so loosey goosey to begin with.
+export const addHeader = (headers, key, value) => {
+    if (!value)
+        return deleteHeader(headers, key);
+    if (!headers)
+        return { [key]: value };
+    if (Array.isArray(headers)) {
+        if (!headers.length)
+            return [[key, value]];
+        if (Array.isArray(headers[0]))
+            headers.push([key, value]);
+        else
+            headers.push(key, value);
+        return headers;
+    }
+    else if (isIterable(headers)) {
+        return [...headers, [key, value]];
+    }
+    else {
+        headers[key] = value;
+        return headers;
+    }
+};

package/dist/auth.d.ts

@@ -0,0 +1,15 @@
+import { Keychain } from '@vltpkg/keychain';
+export type Token = `Bearer ${string}` | `Basic ${string}`;
+export declare const keychains: Map<string, Keychain<Token>>;
+/**
+ * In-memory token store for OIDC-exchanged tokens.
+ * These take precedence over env vars and keychain.
+ */
+export declare const runtimeTokens: Map<string, Token>;
+export declare const setRuntimeToken: (registry: string, token: Token) => void;
+export declare const clearRuntimeTokens: () => void;
+export declare const getKC: (identity: string) => Keychain<Token>;
+export declare const isToken: (t: any) => t is Token;
+export declare const deleteToken: (registry: string, identity: string) => Promise<void>;
+export declare const setToken: (registry: string, token: Token, identity: string) => Promise<void>;
+export declare const getToken: (registry: string, identity: string) => Promise<Token | undefined>;

package/dist/auth.js

@@ -0,0 +1,53 @@
+import { Keychain } from '@vltpkg/keychain';
+// just exported for testing
+export const keychains = new Map();
+/**
+ * In-memory token store for OIDC-exchanged tokens.
+ * These take precedence over env vars and keychain.
+ */
+export const runtimeTokens = new Map();
+export const setRuntimeToken = (registry, token) => {
+    runtimeTokens.set(new URL(registry).origin, token);
+};
+export const clearRuntimeTokens = () => {
+    runtimeTokens.clear();
+};
+export const getKC = (identity) => {
+    const kc = keychains.get(identity);
+    if (kc)
+        return kc;
+    const i = identity ? `vlt/auth/${identity}` : 'vlt/auth';
+    const nkc = new Keychain(i);
+    keychains.set(identity, nkc);
+    return nkc;
+};
+export const isToken = (t) => typeof t === 'string' &&
+    (t.startsWith('Bearer ') || t.startsWith('Basic '));
+export const deleteToken = async (registry, identity) => {
+    const kc = getKC(identity);
+    await kc.load();
+    kc.delete(new URL(registry).origin);
+    await kc.save();
+};
+export const setToken = async (registry, token, identity) => {
+    const kc = getKC(identity);
+    return kc.set(new URL(registry).origin, token);
+};
+export const getToken = async (registry, identity) => {
+    const kc = getKC(identity);
+    registry = new URL(registry).origin;
+    // Runtime tokens (e.g. from OIDC exchange) take precedence
+    const rt = runtimeTokens.get(registry);
+    if (rt)
+        return rt;
+    const envReg = process.env.VLT_REGISTRY;
+    if (envReg && registry === new URL(envReg).origin) {
+        const envTok = process.env.VLT_TOKEN;
+        if (envTok)
+            return `Bearer ${envTok}`;
+    }
+    const tok = process.env[`VLT_TOKEN_${registry.replace(/[^a-zA-Z0-9]+/g, '_')}`];
+    if (tok)
+        return `Bearer ${tok}`;
+    return kc.get(registry);
+};

package/dist/cache-entry.d.ts

@@ -0,0 +1,140 @@
+import type { ErrorCauseOptions } from '@vltpkg/error-cause';
+import type { Integrity, JSONField } from '@vltpkg/types';
+import ccp from 'cache-control-parser';
+import type { InspectOptions } from 'node:util';
+export type JSONObj = Record<string, JSONField>;
+declare const kCustomInspect: unique symbol;
+export type CacheEntryOptions = {
+    /**
+     * An optional body to use.
+     *
+     * This is used when decoding a cache entry from a buffer, and the body
+     * is already in a ArrayBuffer we can use. When this option is
+     * provided the `addBody` method should not be used.
+     */
+    body?: Uint8Array;
+    /**
+     * An optional content length of the body to use, if undefined the
+     * content-length header will be used.
+     */
+    contentLength?: number;
+    /**
+     * The expected integrity value for this response body
+     */
+    integrity?: Integrity;
+    /**
+     * Whether to trust the integrity, or calculate the actual value.
+     *
+     * This indicates that we just accept whatever the integrity is as the actual
+     * integrity for saving back to the cache, because it's coming directly from
+     * the registry that we fetched a packument from, and is an initial gzipped
+     * artifact request.
+     */
+    trustIntegrity?: boolean;
+    /**
+     * If the server does not serve a `stale-while-revalidate` value in the
+     * `cache-control` header, then this multiplier is applied to the `max-age`
+     * or `s-maxage` values.
+     *
+     * By default, this is `60`, so for example a response that is cacheable for
+     * 5 minutes will allow a stale response while revalidating for up to 5
+     * hours.
+     *
+     * If the server *does* provide a `stale-while-revalidate` value, then that
+     * is always used.
+     *
+     * Set to 0 to prevent any `stale-while-revalidate` behavior unless
+     * explicitly allowed by the server's `cache-control` header.
+     */
+    'stale-while-revalidate-factor'?: number;
+};
+export declare class CacheEntry {
+    #private;
+    constructor(statusCode: number, headers: Uint8Array[], { body, integrity, trustIntegrity, 'stale-while-revalidate-factor': staleWhileRevalidateFactor, contentLength, }?: CacheEntryOptions);
+    toJSON(): {
+        [k: string]: string | number | boolean | [string, string][] | Date | ccp.CacheControl | undefined;
+    };
+    [kCustomInspect](depth: number, options: InspectOptions): string;
+    get date(): Date | undefined;
+    get maxAge(): number;
+    get cacheControl(): ccp.CacheControl;
+    get staleWhileRevalidate(): boolean;
+    get contentType(): string;
+    get valid(): boolean;
+    /**
+     * Add contents to the entry body.
+     */
+    addBody(b: Uint8Array): void;
+    get statusCode(): number;
+    get headers(): Uint8Array[];
+    /**
+     * Returns the body as a single Uint8Array, concatenating parts if needed.
+     */
+    get _body(): Uint8Array;
+    /**
+     * Check that the sri integrity string that was provided to the ctor
+     * matches the body that we actually received. This should only be called
+     * AFTER the entire body has been completely downloaded.
+     *
+     * This method **will throw** if the integrity values do not match.
+     *
+     * Note that this will *usually* not be true if the value is coming out of
+     * the cache, because the cache entries are un-gzipped in place. It should
+     * _only_ be called for artifacts that come from an actual http response.
+     *
+     * Returns true if anything was actually verified.
+     */
+    checkIntegrity(context?: ErrorCauseOptions): this is CacheEntry & {
+        integrity: Integrity;
+    };
+    get integrityActual(): Integrity;
+    set integrityActual(i: Integrity);
+    set integrity(i: Integrity | undefined);
+    get integrity(): Integrity | undefined;
+    /**
+     * Give it a key, and it'll return the buffer of that header value
+     */
+    getHeader(h: string): Uint8Array | undefined;
+    /**
+     * Give it a key, and it'll return the decoded string of that header value
+     */
+    getHeaderString(h: string): string | undefined;
+    /**
+     * Set a header to a specific value
+     */
+    setHeader(h: string, value: Uint8Array | string): void;
+    /**
+     * Return the body of the entry as a Buffer
+     */
+    buffer(): Buffer;
+    get body(): Uint8Array | Record<string, any>;
+    get isJSON(): boolean;
+    get isGzip(): boolean;
+    /**
+     * Un-gzip encode the body.
+     * Returns true if it was previously gzip (so something was done), otherwise
+     * returns false.
+     */
+    unzip(): boolean;
+    /**
+     * Return the body of the entry as utf8 text
+     * Automatically unzips if the content is gzip encoded
+     */
+    text(): string;
+    /**
+     * Parse the entry body as JSON and return the result
+     */
+    json(): JSONObj;
+    /**
+     * Pass the contents of a @vltpkg/cache.Cache object as a buffer,
+     * and this static method will decode it into a CacheEntry representing
+     * the cached response.
+     */
+    static decode(buffer: Uint8Array): CacheEntry;
+    static isGzipEntry(buffer: Uint8Array): boolean;
+    /**
+     * Encode the entry as a single Buffer for writing to the cache
+     */
+    encode(): Buffer;
+}
+export {};