@voyantjs/workflows-node-step-container 0.107.4 → 0.107.6

package/dist/server.js

@@ -19,6 +19,7 @@
 import { createHash } from "node:crypto";
 import { createServer } from "node:http";
 import { __resetRegistry, getWorkflow } from "@voyantjs/workflows";
+import { createBundleUrlPolicy, createHmacBodyVerifier, createHmacSigner, parseTokenList, STEP_AUTH_HEADER, STEP_RESPONSE_AUTH_HEADER, } from "@voyantjs/workflows/auth";
 import { executeWorkflowStep, } from "@voyantjs/workflows/handler";
 /**
  * Sentinel thrown by the container's stepRunner after the target
@@ -38,6 +39,9 @@ const STOP_AFTER_TARGET = Symbol("STOP_AFTER_TARGET");
  */
 const loadedBundles = new Map();
 let activeBundleHash;
+const bundleUrlAllowed = createBundleUrlPolicy({
+    allowedOrigins: parseTokenList(process.env.VOYANT_BUNDLE_ALLOWED_ORIGINS),
+});
 function normalizeHash(hash) {
     return hash.replace(/^sha256:/i, "").toLowerCase();
 }
@@ -45,6 +49,10 @@ async function sha256Hex(bytes) {
     return createHash("sha256").update(bytes).digest("hex");
 }
 async function fetchBundle(bundle) {
+    const decision = bundleUrlAllowed(bundle.url);
+    if (!decision.ok) {
+        throw new Error(decision.message);
+    }
     const response = await fetch(bundle.url);
     if (!response.ok) {
         throw new Error(`bundle fetch returned HTTP ${response.status}`);
@@ -57,6 +65,23 @@ async function fetchBundle(bundle) {
     }
     return buf;
 }
+let bodyVerifierPromise;
+let responseSignerPromise;
+async function verifyStepRequest(req, rawBody) {
+    const secret = process.env.VOYANT_WORKFLOW_STEP_AUTH_SECRET;
+    if (!secret) {
+        if (process.env.VOYANT_WORKFLOW_STEP_ALLOW_UNAUTHENTICATED === "1") {
+            console.warn("[node-step-container] AUTH DISABLED: VOYANT_WORKFLOW_STEP_ALLOW_UNAUTHENTICATED=1");
+            return true;
+        }
+        return false;
+    }
+    bodyVerifierPromise ??= createHmacBodyVerifier(secret);
+    const verifier = await bodyVerifierPromise;
+    const header = req.headers[STEP_AUTH_HEADER];
+    const signature = Array.isArray(header) ? header[0] : header;
+    return verifier(rawBody, signature);
+}
 async function loadBundle(bundle) {
     const key = normalizeHash(bundle.hash);
     const existing = loadedBundles.get(key);
@@ -201,9 +226,6 @@ async function handleStep(payload) {
         workflowId: payload.workflowId,
         workflowVersion: payload.workflowVersion,
         input: payload.input,
-        // The JournalSlice type in @voyantjs/workflows is a superset of our
-        // structural interface; cast is safe because executeWorkflowStep
-        // only reads standard fields.
         journal: journalSlice,
         invocationCount: 1,
         environment: {
@@ -269,6 +291,21 @@ function json(res, status, body) {
     });
     res.end(bytes);
 }
+async function signedStepJson(res, status, body) {
+    const text = JSON.stringify(body);
+    const bytes = Buffer.from(text, "utf-8");
+    const secret = process.env.VOYANT_WORKFLOW_STEP_AUTH_SECRET;
+    const headers = {
+        "content-type": "application/json; charset=utf-8",
+        "content-length": String(bytes.byteLength),
+    };
+    if (secret) {
+        responseSignerPromise ??= createHmacSigner(secret);
+        headers[STEP_RESPONSE_AUTH_HEADER] = await (await responseSignerPromise)(text);
+    }
+    res.writeHead(status, headers);
+    res.end(bytes);
+}
 async function main() {
     const port = Number(process.env.PORT ?? 8080);
     const server = createServer(async (req, res) => {
@@ -276,9 +313,14 @@ async function main() {
             json(res, 404, { error: "not_found" });
             return;
         }
+        const rawBody = await readBody(req);
+        if (!(await verifyStepRequest(req, rawBody))) {
+            json(res, 401, { error: "unauthorized" });
+            return;
+        }
         let payload;
         try {
-            payload = JSON.parse(await readBody(req));
+            payload = JSON.parse(rawBody);
         }
         catch (err) {
             json(res, 400, { error: "invalid_json", message: String(err) });
@@ -286,7 +328,7 @@ async function main() {
         }
         try {
             const entry = await handleStep(payload);
-            json(res, 200, entry);
+            await signedStepJson(res, 200, entry);
         }
         catch (err) {
             json(res, 500, {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@voyantjs/workflows-node-step-container",
-  "version": "0.107.4",
+  "version": "0.107.6",
   "description": "Reference Node container image for executing `runtime: \"node\"` steps. Deployed alongside the orchestrator as a Cloudflare Container.",
   "license": "Apache-2.0",
   "repository": {
@@ -30,7 +30,7 @@
     "voyant-workflows-node-step-container": "./dist/server.js"
   },
   "dependencies": {
-    "@voyantjs/workflows": "^0.107.4"
+    "@voyantjs/workflows": "^0.107.6"
   },
   "devDependencies": {
     "@types/node": "^20.12.0",

package/src/server.ts

@@ -20,6 +20,14 @@
 import { createHash } from "node:crypto"
 import { createServer, type IncomingMessage, type ServerResponse } from "node:http"
 import { __resetRegistry, getWorkflow } from "@voyantjs/workflows"
+import {
+  createBundleUrlPolicy,
+  createHmacBodyVerifier,
+  createHmacSigner,
+  parseTokenList,
+  STEP_AUTH_HEADER,
+  STEP_RESPONSE_AUTH_HEADER,
+} from "@voyantjs/workflows/auth"
 import {
   type ExecuteWorkflowStepRequest,
   executeWorkflowStep,
@@ -32,13 +40,7 @@ interface BundleLocation {
   hash: string
 }
 
-interface JournalSlice {
-  stepResults: Record<string, unknown>
-  waitpointsResolved: Record<string, unknown>
-  compensationsRun: Record<string, unknown>
-  metadataState: Record<string, unknown>
-  streamsCompleted: Record<string, unknown>
-}
+type JournalSlice = ExecuteWorkflowStepRequest["journal"]
 
 interface StepDispatchPayload {
   runId: string
@@ -74,6 +76,9 @@ const STOP_AFTER_TARGET = Symbol("STOP_AFTER_TARGET")
  */
 const loadedBundles = new Map<string, Promise<void>>()
 let activeBundleHash: string | undefined
+const bundleUrlAllowed = createBundleUrlPolicy({
+  allowedOrigins: parseTokenList(process.env.VOYANT_BUNDLE_ALLOWED_ORIGINS),
+})
 
 function normalizeHash(hash: string): string {
   return hash.replace(/^sha256:/i, "").toLowerCase()
@@ -84,6 +89,10 @@ async function sha256Hex(bytes: Uint8Array): Promise<string> {
 }
 
 async function fetchBundle(bundle: BundleLocation): Promise<Uint8Array> {
+  const decision = bundleUrlAllowed(bundle.url)
+  if (!decision.ok) {
+    throw new Error(decision.message)
+  }
   const response = await fetch(bundle.url)
   if (!response.ok) {
     throw new Error(`bundle fetch returned HTTP ${response.status}`)
@@ -97,6 +106,29 @@ async function fetchBundle(bundle: BundleLocation): Promise<Uint8Array> {
   return buf
 }
 
+let bodyVerifierPromise:
+  | Promise<(body: string, signature: string | null | undefined) => Promise<boolean>>
+  | undefined
+let responseSignerPromise: Promise<(body: string) => Promise<string>> | undefined
+
+async function verifyStepRequest(req: IncomingMessage, rawBody: string): Promise<boolean> {
+  const secret = process.env.VOYANT_WORKFLOW_STEP_AUTH_SECRET
+  if (!secret) {
+    if (process.env.VOYANT_WORKFLOW_STEP_ALLOW_UNAUTHENTICATED === "1") {
+      console.warn(
+        "[node-step-container] AUTH DISABLED: VOYANT_WORKFLOW_STEP_ALLOW_UNAUTHENTICATED=1",
+      )
+      return true
+    }
+    return false
+  }
+  bodyVerifierPromise ??= createHmacBodyVerifier(secret)
+  const verifier = await bodyVerifierPromise
+  const header = req.headers[STEP_AUTH_HEADER]
+  const signature = Array.isArray(header) ? header[0] : header
+  return verifier(rawBody, signature)
+}
+
 async function loadBundle(bundle: BundleLocation): Promise<void> {
   const key = normalizeHash(bundle.hash)
   const existing = loadedBundles.get(key)
@@ -241,10 +273,7 @@ async function handleStep(payload: StepDispatchPayload): Promise<StepJournalEntr
     workflowId: payload.workflowId,
     workflowVersion: payload.workflowVersion,
     input: payload.input,
-    // The JournalSlice type in @voyantjs/workflows is a superset of our
-    // structural interface; cast is safe because executeWorkflowStep
-    // only reads standard fields.
-    journal: journalSlice as unknown as ExecuteWorkflowStepRequest["journal"],
+    journal: journalSlice,
     invocationCount: 1,
     environment: {
       run: {
@@ -312,6 +341,22 @@ function json(res: ServerResponse, status: number, body: unknown): void {
   res.end(bytes)
 }
 
+async function signedStepJson(res: ServerResponse, status: number, body: unknown): Promise<void> {
+  const text = JSON.stringify(body)
+  const bytes = Buffer.from(text, "utf-8")
+  const secret = process.env.VOYANT_WORKFLOW_STEP_AUTH_SECRET
+  const headers: Record<string, string> = {
+    "content-type": "application/json; charset=utf-8",
+    "content-length": String(bytes.byteLength),
+  }
+  if (secret) {
+    responseSignerPromise ??= createHmacSigner(secret)
+    headers[STEP_RESPONSE_AUTH_HEADER] = await (await responseSignerPromise)(text)
+  }
+  res.writeHead(status, headers)
+  res.end(bytes)
+}
+
 async function main(): Promise<void> {
   const port = Number(process.env.PORT ?? 8080)
   const server = createServer(async (req, res) => {
@@ -319,16 +364,22 @@ async function main(): Promise<void> {
       json(res, 404, { error: "not_found" })
       return
     }
+    const rawBody = await readBody(req)
+    if (!(await verifyStepRequest(req, rawBody))) {
+      json(res, 401, { error: "unauthorized" })
+      return
+    }
+
     let payload: StepDispatchPayload
     try {
-      payload = JSON.parse(await readBody(req)) as StepDispatchPayload
+      payload = JSON.parse(rawBody) as StepDispatchPayload
     } catch (err) {
       json(res, 400, { error: "invalid_json", message: String(err) })
       return
     }
     try {
       const entry = await handleStep(payload)
-      json(res, 200, entry)
+      await signedStepJson(res, 200, entry)
     } catch (err) {
       json(res, 500, {
         error: "container_failure",