@voyant-travel/hono 0.117.2 → 0.118.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/anonymous-paths.d.ts.map +1 -1
- package/dist/anonymous-paths.js +20 -0
- package/dist/app.d.ts.map +1 -1
- package/dist/app.js +4 -20
- package/dist/document-download.d.ts +22 -0
- package/dist/document-download.d.ts.map +1 -1
- package/dist/document-download.js +44 -0
- package/dist/index.d.ts +2 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -1
- package/dist/lazy-routes.d.ts +1 -1
- package/dist/module.d.ts +18 -10
- package/dist/module.d.ts.map +1 -1
- package/dist/observability/request-context.d.ts.map +1 -1
- package/dist/observability/request-context.js +1 -0
- package/dist/public-document-delivery.d.ts +4 -4
- package/package.json +12 -12
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"anonymous-paths.d.ts","sourceRoot":"","sources":["../src/anonymous-paths.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"anonymous-paths.d.ts","sourceRoot":"","sources":["../src/anonymous-paths.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAG5D;;;;;;;;;;;GAWG;AACH,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,SAAS,UAAU,EAAE,EAC9B,UAAU,EAAE,SAAS,aAAa,EAAE,EACpC,QAAQ,GAAE,SAAS,MAAM,EAAO,GAC/B,MAAM,EAAE,CA0CV"}
|
package/dist/anonymous-paths.js
CHANGED
|
@@ -25,11 +25,31 @@ export function assembleAnonymousPaths(modules, extensions, explicit = []) {
|
|
|
25
25
|
paths.add(trimmed ? `${mount}/${trimmed}` : mount);
|
|
26
26
|
}
|
|
27
27
|
};
|
|
28
|
+
// Inbound webhook routes are unauthenticated by construction (the handler
|
|
29
|
+
// verifies the provider signature), so their concrete absolute paths are
|
|
30
|
+
// auto-added to the allow-list — no per-deployment `publicPaths` entry. Mounted
|
|
31
|
+
// at `/v1/{name}`, matching the mount in `app.ts`. Parameterized/wildcard paths
|
|
32
|
+
// are skipped (the literal `matchesPublicPath` matcher can't match them) and
|
|
33
|
+
// must be declared via `anonymous` if ever needed.
|
|
34
|
+
// biome-ignore lint/suspicious/noExplicitAny: Hono sub-apps have varied env generics -- owner: hono; mirrors the HonoModule.webhookRoutes suppression.
|
|
35
|
+
const addWebhooks = (name, routes) => {
|
|
36
|
+
if (!routes)
|
|
37
|
+
return;
|
|
38
|
+
for (const route of routes.routes) {
|
|
39
|
+
const path = route.path;
|
|
40
|
+
if (path.includes(":") || path.includes("*"))
|
|
41
|
+
continue;
|
|
42
|
+
const trimmed = path.replace(/\/+$/g, "");
|
|
43
|
+
paths.add(`/v1/${name}${trimmed === "/" ? "" : trimmed}`);
|
|
44
|
+
}
|
|
45
|
+
};
|
|
28
46
|
for (const m of modules) {
|
|
29
47
|
add(resolveSurfaceMountPath("/v1/public", m.publicPath, m.module.name), m.anonymous);
|
|
48
|
+
addWebhooks(m.module.name, m.webhookRoutes);
|
|
30
49
|
}
|
|
31
50
|
for (const e of extensions) {
|
|
32
51
|
add(resolveSurfaceMountPath("/v1/public", e.publicPath, e.extension.module), e.anonymous);
|
|
52
|
+
addWebhooks(e.extension.module, e.webhookRoutes);
|
|
33
53
|
}
|
|
34
54
|
return [...paths].sort();
|
|
35
55
|
}
|
package/dist/app.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAQhC,OAAO,EAAE,KAAK,gBAAgB,EAA0C,MAAM,kBAAkB,CAAA;AA8BhG,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAY,eAAe,EAAE,MAAM,YAAY,CAAA;AAI5F,4EAA4E;AAC5E,KAAK,QAAQ,CAAC,SAAS,SAAS,cAAc,IAAI;IAChD,QAAQ,EAAE,SAAS,CAAA;IACnB,SAAS,EAAE,eAAe,CAAA;CAC3B,CAAA;AAuBD;;;;;GAKG;AACH,MAAM,WAAW,SAAS;IACxB,yEAAyE;IACzE,MAAM,EAAE,MAAM,CAAA;IACd,IAAI,EAAE,gBAAgB,CAAA;CACvB;AAED;;;;;;;;;;GAUG;AACH,MAAM,WAAW,mBAAmB,CAAC,SAAS,GAAG,OAAO;IACtD;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,QAAQ,CAAC,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC1C;;;;;;;;OAQG;IACH,QAAQ,EAAE,OAAO,qBAAqB,EAAE,QAAQ,CAAA;IAChD;;;;;OAKG;IACH,UAAU,EAAE,SAAS,EAAE,CAAA;CACxB;AAED;;;;;;GAMG;AACH,wBAAgB,QAAQ,CAAC,SAAS,SAAS,cAAc,EACvD,MAAM,EAAE,eAAe,CAAC,SAAS,CAAC,GACjC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,GAAG,mBAAmB,CAAC,SAAS,CAAC,
|
|
1
|
+
{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAQhC,OAAO,EAAE,KAAK,gBAAgB,EAA0C,MAAM,kBAAkB,CAAA;AA8BhG,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAY,eAAe,EAAE,MAAM,YAAY,CAAA;AAI5F,4EAA4E;AAC5E,KAAK,QAAQ,CAAC,SAAS,SAAS,cAAc,IAAI;IAChD,QAAQ,EAAE,SAAS,CAAA;IACnB,SAAS,EAAE,eAAe,CAAA;CAC3B,CAAA;AAuBD;;;;;GAKG;AACH,MAAM,WAAW,SAAS;IACxB,yEAAyE;IACzE,MAAM,EAAE,MAAM,CAAA;IACd,IAAI,EAAE,gBAAgB,CAAA;CACvB;AAED;;;;;;;;;;GAUG;AACH,MAAM,WAAW,mBAAmB,CAAC,SAAS,GAAG,OAAO;IACtD;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,QAAQ,CAAC,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC1C;;;;;;;;OAQG;IACH,QAAQ,EAAE,OAAO,qBAAqB,EAAE,QAAQ,CAAA;IAChD;;;;;OAKG;IACH,UAAU,EAAE,SAAS,EAAE,CAAA;CACxB;AAED;;;;;;GAMG;AACH,wBAAgB,QAAQ,CAAC,SAAS,SAAS,cAAc,EACvD,MAAM,EAAE,eAAe,CAAC,SAAS,CAAC,GACjC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,GAAG,mBAAmB,CAAC,SAAS,CAAC,CA2e5D"}
|
package/dist/app.js
CHANGED
|
@@ -389,22 +389,6 @@ export function mountApp(config) {
|
|
|
389
389
|
const actorOptions = { basePath: config.basePath };
|
|
390
390
|
app.use("/v1/admin/*", requireActor(actorOptions, "staff"));
|
|
391
391
|
app.use("/v1/public/*", requireActor(actorOptions, "customer", "partner", "supplier"));
|
|
392
|
-
const requireLegacyActor = requireActor(actorOptions, "staff");
|
|
393
|
-
app.use("/v1/*", (c, next) => {
|
|
394
|
-
const pathname = normalizePathname(new URL(c.req.url).pathname, { basePath: config.basePath });
|
|
395
|
-
if (pathname.startsWith("/v1/admin/") || pathname.startsWith("/v1/public/")) {
|
|
396
|
-
return next();
|
|
397
|
-
}
|
|
398
|
-
// Anonymous legacy/webhook routes (ADR-0008) — e.g. a bundle-declared
|
|
399
|
-
// payment-processor callback at `/v1/finance/...`. `requireAuth` already
|
|
400
|
-
// skipped credential resolution for these, but it only stamps an actor on
|
|
401
|
-
// `/v1/public/*`, so without this skip the fail-closed staff guard would 401
|
|
402
|
-
// a route that is meant to be reachable without a session.
|
|
403
|
-
if (matchesPublicPath(pathname, anonymousPaths)) {
|
|
404
|
-
return next();
|
|
405
|
-
}
|
|
406
|
-
return requireLegacyActor(c, next);
|
|
407
|
-
});
|
|
408
392
|
// Admin capability discovery — GET /v1/admin/_meta/capabilities. A built-in
|
|
409
393
|
// framework route (like /health), mounted only when the deployment supplies
|
|
410
394
|
// the operation catalogue via `config.adminMeta` (from
|
|
@@ -450,8 +434,8 @@ export function mountApp(config) {
|
|
|
450
434
|
mountLazyRoutePaths(app, mod.lazyRoutes.paths, mod.lazyRoutes.load);
|
|
451
435
|
lazyMounts.push({ prefix: "/", load: mod.lazyRoutes.load });
|
|
452
436
|
}
|
|
453
|
-
if (mod.
|
|
454
|
-
app.route(`/v1/${mod.module.name}`, mod.
|
|
437
|
+
if (mod.webhookRoutes) {
|
|
438
|
+
app.route(`/v1/${mod.module.name}`, mod.webhookRoutes);
|
|
455
439
|
}
|
|
456
440
|
}
|
|
457
441
|
// Mount extension routes
|
|
@@ -476,8 +460,8 @@ export function mountApp(config) {
|
|
|
476
460
|
mountLazyRoutePaths(app, ext.lazyRoutes.paths, ext.lazyRoutes.load);
|
|
477
461
|
lazyMounts.push({ prefix: "/", load: ext.lazyRoutes.load });
|
|
478
462
|
}
|
|
479
|
-
if (ext.
|
|
480
|
-
app.route(`/v1/${ext.extension.module}`, ext.
|
|
463
|
+
if (ext.webhookRoutes) {
|
|
464
|
+
app.route(`/v1/${ext.extension.module}`, ext.webhookRoutes);
|
|
481
465
|
}
|
|
482
466
|
}
|
|
483
467
|
// Additional routes
|
|
@@ -17,12 +17,34 @@ export type DocumentDownloadResolverResult = string | {
|
|
|
17
17
|
filename?: string | null;
|
|
18
18
|
} | null | undefined;
|
|
19
19
|
export type DocumentDownloadResolver<TBindings = unknown> = (bindings: TBindings, storageKey: string) => Promise<DocumentDownloadResolverResult> | DocumentDownloadResolverResult;
|
|
20
|
+
export type AuthenticatedR2DocumentDownloadResolver<TBindings = unknown> = (bindings: TBindings, storageKey: string) => string | null;
|
|
21
|
+
export interface AuthenticatedR2DocumentDownloadResolverOptions<TBindings = unknown> {
|
|
22
|
+
/**
|
|
23
|
+
* Absolute application/API origin used for authenticated download URLs.
|
|
24
|
+
* Return `null`/empty when the current deployment cannot expose downloads.
|
|
25
|
+
*/
|
|
26
|
+
apiBaseUrl: string | ((bindings: TBindings) => string | null | undefined);
|
|
27
|
+
/**
|
|
28
|
+
* Authenticated route prefix mounted by the host app. The storage key is
|
|
29
|
+
* appended after this prefix with each path segment encoded independently.
|
|
30
|
+
*
|
|
31
|
+
* Defaults to Voyant's operator document byte route.
|
|
32
|
+
*/
|
|
33
|
+
routePrefix?: string;
|
|
34
|
+
/**
|
|
35
|
+
* Optional R2 bucket binding name to require before returning a URL. Defaults
|
|
36
|
+
* to the operator starter's private document bucket binding.
|
|
37
|
+
*/
|
|
38
|
+
bucketBindingName?: string | null;
|
|
39
|
+
}
|
|
20
40
|
export interface StoredDocumentReference {
|
|
21
41
|
storageKey?: string | null;
|
|
22
42
|
metadata?: unknown;
|
|
23
43
|
filename?: string | null;
|
|
24
44
|
name?: string | null;
|
|
25
45
|
}
|
|
46
|
+
export declare function encodeStorageKeyPath(storageKey: string): string;
|
|
47
|
+
export declare function createAuthenticatedR2DocumentDownloadResolver<TBindings = unknown>(options: AuthenticatedR2DocumentDownloadResolverOptions<TBindings>): AuthenticatedR2DocumentDownloadResolver<TBindings>;
|
|
26
48
|
export declare function resolveStoredDocumentDownload<TBindings = unknown>(reference: StoredDocumentReference, options: {
|
|
27
49
|
bindings: TBindings;
|
|
28
50
|
resolveDocumentDownloadUrl?: DocumentDownloadResolver<TBindings>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"document-download.d.ts","sourceRoot":"","sources":["../src/document-download.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,wBAAwB;IACvC,GAAG,EAAE,MAAM,CAAA;IACX,SAAS,EAAE,MAAM,GAAG,IAAI,CAAA;IACxB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;CACxB;AAED,MAAM,MAAM,0BAA0B,GAClC;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,QAAQ,EAAE,wBAAwB,CAAA;CAAE,GACvD;IAAE,MAAM,EAAE,yBAAyB,CAAA;CAAE,GACrC;IAAE,MAAM,EAAE,eAAe,CAAA;CAAE,CAAA;AAE/B,MAAM,MAAM,8BAA8B,GACtC,MAAM,GACN;IACE,GAAG,EAAE,MAAM,CAAA;IACX,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CACzB,GACD,IAAI,GACJ,SAAS,CAAA;AAEb,MAAM,MAAM,wBAAwB,CAAC,SAAS,GAAG,OAAO,IAAI,CAC1D,QAAQ,EAAE,SAAS,EACnB,UAAU,EAAE,MAAM,KACf,OAAO,CAAC,8BAA8B,CAAC,GAAG,8BAA8B,CAAA;AAE7E,MAAM,WAAW,uBAAuB;IACtC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACxB,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CACrB;
|
|
1
|
+
{"version":3,"file":"document-download.d.ts","sourceRoot":"","sources":["../src/document-download.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,wBAAwB;IACvC,GAAG,EAAE,MAAM,CAAA;IACX,SAAS,EAAE,MAAM,GAAG,IAAI,CAAA;IACxB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;CACxB;AAED,MAAM,MAAM,0BAA0B,GAClC;IAAE,MAAM,EAAE,OAAO,CAAC;IAAC,QAAQ,EAAE,wBAAwB,CAAA;CAAE,GACvD;IAAE,MAAM,EAAE,yBAAyB,CAAA;CAAE,GACrC;IAAE,MAAM,EAAE,eAAe,CAAA;CAAE,CAAA;AAE/B,MAAM,MAAM,8BAA8B,GACtC,MAAM,GACN;IACE,GAAG,EAAE,MAAM,CAAA;IACX,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CACzB,GACD,IAAI,GACJ,SAAS,CAAA;AAEb,MAAM,MAAM,wBAAwB,CAAC,SAAS,GAAG,OAAO,IAAI,CAC1D,QAAQ,EAAE,SAAS,EACnB,UAAU,EAAE,MAAM,KACf,OAAO,CAAC,8BAA8B,CAAC,GAAG,8BAA8B,CAAA;AAE7E,MAAM,MAAM,uCAAuC,CAAC,SAAS,GAAG,OAAO,IAAI,CACzE,QAAQ,EAAE,SAAS,EACnB,UAAU,EAAE,MAAM,KACf,MAAM,GAAG,IAAI,CAAA;AAElB,MAAM,WAAW,8CAA8C,CAAC,SAAS,GAAG,OAAO;IACjF;;;OAGG;IACH,UAAU,EAAE,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,SAAS,KAAK,MAAM,GAAG,IAAI,GAAG,SAAS,CAAC,CAAA;IACzE;;;;;OAKG;IACH,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CAClC;AAED,MAAM,WAAW,uBAAuB;IACtC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IACxB,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CACrB;AAgDD,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAK/D;AAED,wBAAgB,6CAA6C,CAAC,SAAS,GAAG,OAAO,EAC/E,OAAO,EAAE,8CAA8C,CAAC,SAAS,CAAC,GACjE,uCAAuC,CAAC,SAAS,CAAC,CAkBpD;AAuFD,wBAAsB,6BAA6B,CAAC,SAAS,GAAG,OAAO,EACrE,SAAS,EAAE,uBAAuB,EAClC,OAAO,EAAE;IACP,QAAQ,EAAE,SAAS,CAAA;IACnB,0BAA0B,CAAC,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAA;CACjE,GACA,OAAO,CAAC,0BAA0B,CAAC,CA2BrC"}
|
|
@@ -11,6 +11,50 @@ function maybeUrl(value) {
|
|
|
11
11
|
const candidate = maybeString(value);
|
|
12
12
|
return candidate && /^https?:\/\//i.test(candidate) ? candidate : null;
|
|
13
13
|
}
|
|
14
|
+
function getRecord(value) {
|
|
15
|
+
if (!value || typeof value !== "object" || Array.isArray(value)) {
|
|
16
|
+
return null;
|
|
17
|
+
}
|
|
18
|
+
return value;
|
|
19
|
+
}
|
|
20
|
+
function resolveApiBaseUrl(value, bindings) {
|
|
21
|
+
const resolved = typeof value === "function" ? value(bindings) : value;
|
|
22
|
+
const trimmed = resolved?.trim();
|
|
23
|
+
return trimmed ? trimmed.replace(/\/+$/, "") : null;
|
|
24
|
+
}
|
|
25
|
+
function normalizeRoutePrefix(routePrefix) {
|
|
26
|
+
const trimmed = routePrefix.trim();
|
|
27
|
+
if (!trimmed)
|
|
28
|
+
return "";
|
|
29
|
+
return `/${trimmed.replace(/^\/+|\/+$/g, "")}`;
|
|
30
|
+
}
|
|
31
|
+
function hasBinding(bindings, bindingName) {
|
|
32
|
+
if (!bindingName)
|
|
33
|
+
return true;
|
|
34
|
+
const record = getRecord(bindings);
|
|
35
|
+
return Boolean(record?.[bindingName]);
|
|
36
|
+
}
|
|
37
|
+
export function encodeStorageKeyPath(storageKey) {
|
|
38
|
+
return storageKey
|
|
39
|
+
.split("/")
|
|
40
|
+
.map((segment) => encodeURIComponent(segment))
|
|
41
|
+
.join("/");
|
|
42
|
+
}
|
|
43
|
+
export function createAuthenticatedR2DocumentDownloadResolver(options) {
|
|
44
|
+
const routePrefix = normalizeRoutePrefix(options.routePrefix ?? "/v1/admin/documents/files");
|
|
45
|
+
const bucketBindingName = options.bucketBindingName === undefined ? "DOCUMENTS_BUCKET" : options.bucketBindingName;
|
|
46
|
+
return (bindings, storageKey) => {
|
|
47
|
+
if (!hasBinding(bindings, bucketBindingName)) {
|
|
48
|
+
return null;
|
|
49
|
+
}
|
|
50
|
+
const apiBaseUrl = resolveApiBaseUrl(options.apiBaseUrl, bindings);
|
|
51
|
+
if (!apiBaseUrl) {
|
|
52
|
+
return null;
|
|
53
|
+
}
|
|
54
|
+
const keyPath = encodeStorageKeyPath(storageKey);
|
|
55
|
+
return `${apiBaseUrl}${routePrefix}/${keyPath}`;
|
|
56
|
+
};
|
|
57
|
+
}
|
|
14
58
|
function maybeIsoString(value) {
|
|
15
59
|
return maybeString(value);
|
|
16
60
|
}
|
package/dist/index.d.ts
CHANGED
|
@@ -4,8 +4,8 @@ export { mountApp } from "./app.js";
|
|
|
4
4
|
export type { SessionAuthContext } from "./auth/index.js";
|
|
5
5
|
export { constantTimeEqual, extractBearerToken, generateNumericCode, randomBytesHex, requireUserId, sha256Base64Url, sha256Hex, unsignCookie, verifySession, } from "./auth/index.js";
|
|
6
6
|
export { type CreateAppConfig, createApp } from "./create-app.js";
|
|
7
|
-
export type { DocumentDownloadEnvelope, DocumentDownloadResolution, DocumentDownloadResolver, DocumentDownloadResolverResult, StoredDocumentReference, } from "./document-download.js";
|
|
8
|
-
export { resolveStoredDocumentDownload } from "./document-download.js";
|
|
7
|
+
export type { AuthenticatedR2DocumentDownloadResolver, AuthenticatedR2DocumentDownloadResolverOptions, DocumentDownloadEnvelope, DocumentDownloadResolution, DocumentDownloadResolver, DocumentDownloadResolverResult, StoredDocumentReference, } from "./document-download.js";
|
|
8
|
+
export { createAuthenticatedR2DocumentDownloadResolver, encodeStorageKeyPath, resolveStoredDocumentDownload, } from "./document-download.js";
|
|
9
9
|
export { createLazyRouteHandler, type LazyHonoRoutes, type LazyRoutesLoader, mountLazyRoutePaths, mountLazyRoutesAt, } from "./lazy-routes.js";
|
|
10
10
|
export { createPathDbSelector, type PathDbSelectorOptions } from "./lib/db-selector.js";
|
|
11
11
|
export { clientIpKey, consoleLoggerProvider, cors, DEFAULT_IDEMPOTENCY_TTL_MS, db, enforceRateLimit, errorBoundary, handleApiError, type IdempotencyKeyOptions, idempotencyKey, isStaffRbacEnforced, LIVE_LIMITS, logger, purgeExpiredIdempotencyKeys, rateLimit, requestId, requireActor, requireAuth, requirePermission, } from "./middleware/index.js";
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAC3D,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAA;AAC7D,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAA;AACnC,YAAY,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAA;AACzD,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,EACd,aAAa,EACb,eAAe,EACf,SAAS,EACT,YAAY,EACZ,aAAa,GACd,MAAM,iBAAiB,CAAA;AACxB,OAAO,EAAE,KAAK,eAAe,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AACjE,YAAY,EACV,wBAAwB,EACxB,0BAA0B,EAC1B,wBAAwB,EACxB,8BAA8B,EAC9B,uBAAuB,GACxB,MAAM,wBAAwB,CAAA;AAC/B,OAAO,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAC3D,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAA;AAC7D,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAA;AACnC,YAAY,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAA;AACzD,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,EACd,aAAa,EACb,eAAe,EACf,SAAS,EACT,YAAY,EACZ,aAAa,GACd,MAAM,iBAAiB,CAAA;AACxB,OAAO,EAAE,KAAK,eAAe,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AACjE,YAAY,EACV,uCAAuC,EACvC,8CAA8C,EAC9C,wBAAwB,EACxB,0BAA0B,EAC1B,wBAAwB,EACxB,8BAA8B,EAC9B,uBAAuB,GACxB,MAAM,wBAAwB,CAAA;AAC/B,OAAO,EACL,6CAA6C,EAC7C,oBAAoB,EACpB,6BAA6B,GAC9B,MAAM,wBAAwB,CAAA;AAC/B,OAAO,EACL,sBAAsB,EACtB,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACrB,mBAAmB,EACnB,iBAAiB,GAClB,MAAM,kBAAkB,CAAA;AACzB,OAAO,EAAE,oBAAoB,EAAE,KAAK,qBAAqB,EAAE,MAAM,sBAAsB,CAAA;AACvF,OAAO,EACL,WAAW,EACX,qBAAqB,EACrB,IAAI,EACJ,0BAA0B,EAC1B,EAAE,EACF,gBAAgB,EAChB,aAAa,EACb,cAAc,EACd,KAAK,qBAAqB,EAC1B,cAAc,EACd,mBAAmB,EACnB,WAAW,EACX,MAAM,EACN,2BAA2B,EAC3B,SAAS,EACT,SAAS,EACT,YAAY,EACZ,WAAW,EACX,iBAAiB,GAClB,MAAM,uBAAuB,CAAA;AAC9B,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAC5D,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAA;AACpE,OAAO,EACL,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,gBAAgB,EAChB,oBAAoB,GACrB,MAAM,0BAA0B,CAAA;AACjC,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAA;AAC/D,YAAY,EACV,mBAAmB,EACnB,mBAAmB,EACnB,UAAU,EACV,UAAU,GACX,MAAM,aAAa,CAAA;AACpB,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,aAAa,CAAA;AACpB,YAAY,EACV,6BAA6B,EAC7B,6BAA6B,EAC7B,uBAAuB,EACvB,6BAA6B,GAC9B,MAAM,wBAAwB,CAAA;AAC/B,OAAO,EACL,2BAA2B,EAC3B,4BAA4B,EAC5B,+BAA+B,EAC/B,2BAA2B,GAC5B,MAAM,wBAAwB,CAAA;AAC/B,OAAO,EACL,KAAK,iCAAiC,EACtC,6CAA6C,EAC7C,iCAAiC,EACjC,sCAAsC,EACtC,kCAAkC,EAClC,KAAK,mCAAmC,EACxC,KAAK,8BAA8B,EACnC,KAAK,2BAA2B,EAChC,KAAK,gCAAgC,EACrC,KAAK,gCAAgC,EACrC,KAAK,kCAAkC,EACvC,KAAK,4BAA4B,EACjC,KAAK,sCAAsC,EAC3C,kCAAkC,EAClC,iCAAiC,GAClC,MAAM,+BAA+B,CAAA;AACtC,YAAY,EACV,SAAS,EACT,iBAAiB,EACjB,QAAQ,EACR,kBAAkB,EAClB,QAAQ,EACR,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,wBAAwB,EACxB,qBAAqB,EACrB,cAAc,EACd,QAAQ,EACR,sBAAsB,EACtB,kBAAkB,EAClB,wBAAwB,EACxB,eAAe,GAChB,MAAM,YAAY,CAAA;AACnB,OAAO,EACL,YAAY,EACZ,iBAAiB,EACjB,wBAAwB,EACxB,aAAa,EACb,qBAAqB,EACrB,UAAU,EACV,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,iBAAiB,CAAA"}
|
package/dist/index.js
CHANGED
|
@@ -2,7 +2,7 @@ export { assembleAnonymousPaths } from "./anonymous-paths.js";
|
|
|
2
2
|
export { mountApp } from "./app.js";
|
|
3
3
|
export { constantTimeEqual, extractBearerToken, generateNumericCode, randomBytesHex, requireUserId, sha256Base64Url, sha256Hex, unsignCookie, verifySession, } from "./auth/index.js";
|
|
4
4
|
export { createApp } from "./create-app.js";
|
|
5
|
-
export { resolveStoredDocumentDownload } from "./document-download.js";
|
|
5
|
+
export { createAuthenticatedR2DocumentDownloadResolver, encodeStorageKeyPath, resolveStoredDocumentDownload, } from "./document-download.js";
|
|
6
6
|
export { createLazyRouteHandler, mountLazyRoutePaths, mountLazyRoutesAt, } from "./lazy-routes.js";
|
|
7
7
|
export { createPathDbSelector } from "./lib/db-selector.js";
|
|
8
8
|
export { clientIpKey, consoleLoggerProvider, cors, DEFAULT_IDEMPOTENCY_TTL_MS, db, enforceRateLimit, errorBoundary, handleApiError, idempotencyKey, isStaffRbacEnforced, LIVE_LIMITS, logger, purgeExpiredIdempotencyKeys, rateLimit, requestId, requireActor, requireAuth, requirePermission, } from "./middleware/index.js";
|
package/dist/lazy-routes.d.ts
CHANGED
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
* route families don't inflate the main bundle or the Worker cold start.
|
|
9
9
|
*
|
|
10
10
|
* For deployment-local families that span MULTIPLE absolute path prefixes (e.g.
|
|
11
|
-
* an operator bundle exposing `/v1/uploads
|
|
11
|
+
* an operator bundle exposing `/v1/admin/uploads` and `/v1/admin/media/*`),
|
|
12
12
|
* the single-surface loaders don't fit. Such families declare `lazyRoutes`:
|
|
13
13
|
* `{ paths, load }` where `load` returns a sub-app whose routes are ABSOLUTE and
|
|
14
14
|
* `paths` are the explicit matchers the framework installs up front. This is the
|
package/dist/module.d.ts
CHANGED
|
@@ -3,18 +3,23 @@ import type { Hono } from "hono";
|
|
|
3
3
|
import type { LazyHonoRoutes, LazyRoutesLoader } from "./lazy-routes.js";
|
|
4
4
|
export interface HonoModule {
|
|
5
5
|
module: Module;
|
|
6
|
-
/**
|
|
7
|
-
* Legacy routes — mounted at `/v1/{module.name}`. Gated by the caller's
|
|
8
|
-
* `requireAuth` configuration. Use `adminRoutes` / `publicRoutes` for new
|
|
9
|
-
* modules that participate in the admin/public API split.
|
|
10
|
-
*
|
|
11
|
-
* @deprecated Prefer `adminRoutes` or `publicRoutes`.
|
|
12
|
-
*/
|
|
13
|
-
routes?: Hono<any>;
|
|
14
6
|
/** Staff-facing routes — mounted at `/v1/admin/{module.name}`. */
|
|
15
7
|
adminRoutes?: Hono<any>;
|
|
16
8
|
/** Customer/partner/supplier-facing routes — mounted at `/v1/public/{module.name}`. */
|
|
17
9
|
publicRoutes?: Hono<any>;
|
|
10
|
+
/**
|
|
11
|
+
* Inbound webhook routes — e.g. a payment-processor callback POSTed by an
|
|
12
|
+
* external system with no session. Mounted at `/v1/{module.name}` (so existing
|
|
13
|
+
* processor-registered callback URLs are preserved), and their concrete paths
|
|
14
|
+
* are AUTOMATICALLY added to the anonymous allow-list (ADR-0008) — no
|
|
15
|
+
* `anonymous` declaration or `publicPaths` entry needed. The handler is
|
|
16
|
+
* responsible for verifying the provider signature. Distinct from `routes`
|
|
17
|
+
* (deprecated catch-all) and from `publicRoutes` (session-bearing customer
|
|
18
|
+
* surface): a webhook is unauthenticated by construction and verified in-band.
|
|
19
|
+
* Only concrete paths are auto-allow-listed; parameterized/wildcard webhook
|
|
20
|
+
* paths must additionally be declared via `anonymous`.
|
|
21
|
+
*/
|
|
22
|
+
webhookRoutes?: Hono<any>;
|
|
18
23
|
/**
|
|
19
24
|
* Lazy variant of `adminRoutes` — the route bundle is dynamically imported on
|
|
20
25
|
* first request and cached per isolate. Mounted at `/v1/admin/{module.name}`
|
|
@@ -66,12 +71,15 @@ export interface HonoModule {
|
|
|
66
71
|
}
|
|
67
72
|
export interface HonoExtension {
|
|
68
73
|
extension: Extension;
|
|
69
|
-
/** @deprecated Prefer `adminRoutes` or `publicRoutes`. */
|
|
70
|
-
routes?: Hono<any>;
|
|
71
74
|
/** Staff-facing routes — mounted at `/v1/admin/{extension.module}`. */
|
|
72
75
|
adminRoutes?: Hono<any>;
|
|
73
76
|
/** Customer/partner/supplier-facing routes — mounted at `/v1/public/{extension.module}`. */
|
|
74
77
|
publicRoutes?: Hono<any>;
|
|
78
|
+
/**
|
|
79
|
+
* Inbound webhook routes — mounted at `/v1/{extension.module}`, concrete paths
|
|
80
|
+
* auto-added to the anonymous allow-list (ADR-0008). See `HonoModule.webhookRoutes`.
|
|
81
|
+
*/
|
|
82
|
+
webhookRoutes?: Hono<any>;
|
|
75
83
|
/** Lazy variant of `adminRoutes` — mounted at `/v1/admin/{extension.module}` (see HonoModule). */
|
|
76
84
|
lazyAdminRoutes?: LazyRoutesLoader;
|
|
77
85
|
/** Lazy variant of `publicRoutes` — mounted at `/v1/public/{publicPath ?? extension.module}`. */
|
package/dist/module.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"module.d.ts","sourceRoot":"","sources":["../src/module.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAC5D,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAEhC,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAA;AAExE,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAA;IACd
|
|
1
|
+
{"version":3,"file":"module.d.ts","sourceRoot":"","sources":["../src/module.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAC5D,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAEhC,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAA;AAExE,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAA;IACd,kEAAkE;IAElE,WAAW,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACvB,uFAAuF;IAEvF,YAAY,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACxB;;;;;;;;;;;OAWG;IAEH,aAAa,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACzB;;;;;OAKG;IACH,eAAe,CAAC,EAAE,gBAAgB,CAAA;IAClC,4FAA4F;IAC5F,gBAAgB,CAAC,EAAE,gBAAgB,CAAA;IACnC;;;;;OAKG;IACH,UAAU,CAAC,EAAE,cAAc,CAAA;IAC3B;;;;;OAKG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB;;;;;;;;;;;OAWG;IACH,SAAS,CAAC,EAAE,OAAO,GAAG,SAAS,MAAM,EAAE,CAAA;IACvC;;;;;;;;;;OAUG;IACH,kBAAkB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAA;CACvC;AAED,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,SAAS,CAAA;IACpB,uEAAuE;IAEvE,WAAW,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACvB,4FAA4F;IAE5F,YAAY,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACxB;;;OAGG;IAEH,aAAa,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACzB,kGAAkG;IAClG,eAAe,CAAC,EAAE,gBAAgB,CAAA;IAClC,iGAAiG;IACjG,gBAAgB,CAAC,EAAE,gBAAgB,CAAA;IACnC,gFAAgF;IAChF,UAAU,CAAC,EAAE,cAAc,CAAA;IAC3B;;;;;OAKG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB;;;;OAIG;IACH,SAAS,CAAC,EAAE,OAAO,GAAG,SAAS,MAAM,EAAE,CAAA;IACvC;;;OAGG;IACH,kBAAkB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAA;CACvC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request-context.d.ts","sourceRoot":"","sources":["../../src/observability/request-context.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"request-context.d.ts","sourceRoot":"","sources":["../../src/observability/request-context.ts"],"names":[],"mappings":"AAkBA;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,CAAC,GAAG,CAAC,CAE9D;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,IAAI,MAAM,GAAG,SAAS,CAMjD"}
|
|
@@ -71,25 +71,25 @@ export declare function createDrizzlePublicDocumentDeliveryGrantStore(db: Postgr
|
|
|
71
71
|
export declare function createPublicDocumentDeliveryGrant(store: PublicDocumentDeliveryGrantStore, input: CreatePublicDocumentDeliveryInput): Promise<PublicDocumentDeliveryEnvelope>;
|
|
72
72
|
export declare function resolvePublicDocumentDeliveryGrant(store: PublicDocumentDeliveryGrantStore, token: string, now?: Date): Promise<PublicDocumentDeliveryResolution>;
|
|
73
73
|
export declare function revokePublicDocumentDeliveryGrant(store: PublicDocumentDeliveryGrantStore, input: RevokePublicDocumentDeliveryGrantInput): Promise<{
|
|
74
|
-
metadata: unknown;
|
|
75
74
|
id: string;
|
|
76
75
|
createdAt: Date;
|
|
77
76
|
expiresAt: Date;
|
|
78
|
-
|
|
79
|
-
tokenHash: string;
|
|
80
|
-
createdBy: string | null;
|
|
77
|
+
metadata: unknown;
|
|
81
78
|
filename: string | null;
|
|
79
|
+
tokenHash: string;
|
|
82
80
|
storageKey: string;
|
|
83
81
|
storageProvider: string | null;
|
|
84
82
|
contentType: string;
|
|
85
83
|
sourceModule: string | null;
|
|
86
84
|
sourceEntity: string | null;
|
|
87
85
|
sourceId: string | null;
|
|
86
|
+
createdBy: string | null;
|
|
88
87
|
createdByType: string | null;
|
|
89
88
|
accessCount: number;
|
|
90
89
|
lastAccessedAt: Date | null;
|
|
91
90
|
lastAccessedIp: string | null;
|
|
92
91
|
lastAccessedUserAgent: string | null;
|
|
92
|
+
revokedAt: Date | null;
|
|
93
93
|
revokedBy: string | null;
|
|
94
94
|
} | null>;
|
|
95
95
|
export declare function createPublicDocumentDeliveryRoutes<TBindings extends object = Record<string, unknown>>(options?: PublicDocumentDeliveryRouteOptions<TBindings>): import("hono/hono-base").HonoBase<Env<TBindings>, {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@voyant-travel/hono",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.118.1",
|
|
4
4
|
"license": "Apache-2.0",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"exports": {
|
|
@@ -133,21 +133,21 @@
|
|
|
133
133
|
"dependencies": {
|
|
134
134
|
"@hono/zod-openapi": "^1.4.0",
|
|
135
135
|
"drizzle-orm": "^0.45.2",
|
|
136
|
-
"hono": "^4.12.
|
|
137
|
-
"zod": "^4.3
|
|
136
|
+
"hono": "^4.12.25",
|
|
137
|
+
"zod": "^4.4.3",
|
|
138
138
|
"@voyant-travel/core": "^0.111.0",
|
|
139
139
|
"@voyant-travel/db": "^0.109.4",
|
|
140
|
-
"@voyant-travel/storage": "^0.
|
|
140
|
+
"@voyant-travel/storage": "^0.106.0",
|
|
141
141
|
"@voyant-travel/types": "^0.106.0",
|
|
142
|
-
"@voyant-travel/
|
|
143
|
-
"@voyant-travel/
|
|
142
|
+
"@voyant-travel/utils": "^0.105.4",
|
|
143
|
+
"@voyant-travel/workflows": "^0.111.10"
|
|
144
144
|
},
|
|
145
145
|
"devDependencies": {
|
|
146
|
-
"@cloudflare/workers-types": "^4.
|
|
147
|
-
"typescript": "^6.0.
|
|
148
|
-
"vitest": "^4.1.
|
|
146
|
+
"@cloudflare/workers-types": "^4.20260628.1",
|
|
147
|
+
"typescript": "^6.0.3",
|
|
148
|
+
"vitest": "^4.1.9",
|
|
149
149
|
"@voyant-travel/voyant-typescript-config": "^0.1.0",
|
|
150
|
-
"@voyant-travel/workflows-orchestrator": "^0.111.
|
|
150
|
+
"@voyant-travel/workflows-orchestrator": "^0.111.10"
|
|
151
151
|
},
|
|
152
152
|
"files": [
|
|
153
153
|
"dist"
|
|
@@ -161,10 +161,10 @@
|
|
|
161
161
|
"directory": "packages/hono"
|
|
162
162
|
},
|
|
163
163
|
"scripts": {
|
|
164
|
-
"typecheck": "tsc
|
|
164
|
+
"typecheck": "tsc -p tsconfig.typecheck.json",
|
|
165
165
|
"lint": "biome check src/",
|
|
166
166
|
"test": "vitest run",
|
|
167
|
-
"build": "tsc -p tsconfig.json",
|
|
167
|
+
"build": "tsc -p tsconfig.build.json",
|
|
168
168
|
"clean": "rm -rf dist tsconfig.tsbuildinfo"
|
|
169
169
|
},
|
|
170
170
|
"main": "./dist/index.js",
|