@web-to-figma/desktop 1.0.0

package/dist/index.js

@@ -0,0 +1,241 @@
+import fs from 'fs';
+import { DEFAULT_PORT, ensureDataDirs, loadConfig, MIN_SUPPORTED_VERSION, PACKAGE_VERSION, saveConfig, } from './config.js';
+import { UpdaterRuntime, printUnsupportedVersionMessage } from './updater/runtime.js';
+import { isBelowMinSupported } from './updater/versionCheck.js';
+import { ensureChromeInstalled, ensureExtensionsCopied } from './capture/chromeDownloader.js';
+import { ensureHeadedExtensionUnpacked } from './capture/headedExtension.js';
+import { BrowserPool } from './capture/browserPool.js';
+import { resetHeadedBrowserState } from './capture/headedBrowserState.js';
+import { launchHeadedCapture } from './capture/manualLaunch.js';
+import { createLogger } from './logger.js';
+import { resolveListeningPort } from './port.js';
+import { createApp } from './server/app.js';
+import { isDesktopServerRunning, printServerNotRunningMessage } from './server/checkServer.js';
+import { captureDesktopException, flushDesktopSentry, initDesktopSentry } from './sentry.js';
+import { closeDb, getDbDiagnostics, initDb } from './storage/db.js';
+import { getLatestMigrationVersion } from './storage/migrate.js';
+import { printChromeInstallError } from './terminal/chromeInstall.js';
+import { freeDiskBytes } from './utils.js';
+export async function startServer(options = {}) {
+    initDesktopSentry();
+    const config = loadConfig({
+        port: options.port,
+        dataDir: options.dataDir,
+    });
+    const preferredPort = options.port ?? config.port ?? DEFAULT_PORT;
+    const verbose = options.verbose ?? false;
+    let port = preferredPort;
+    if (isBelowMinSupported(PACKAGE_VERSION, MIN_SUPPORTED_VERSION)) {
+        printUnsupportedVersionMessage(PACKAGE_VERSION, MIN_SUPPORTED_VERSION);
+        process.exitCode = 1;
+        return;
+    }
+    ensureDataDirs(config.paths);
+    const logger = createLogger(config.paths, verbose);
+    let db;
+    try {
+        db = initDb(config.paths.dbPath, {
+            info: (obj, msg) => logger.info(obj, msg),
+            error: (obj, msg) => logger.error(obj, msg),
+        });
+    }
+    catch (err) {
+        captureDesktopException(err, { phase: 'db_migration' });
+        console.error('Database migration failed. See ~/.web-to-figma/logs/desktop.log');
+        if (verbose && err instanceof Error) {
+            console.error(err.stack);
+        }
+        throw err;
+    }
+    let chrome;
+    try {
+        chrome = await ensureChromeInstalled(config.paths, logger, {
+            chromePath: config.chromePath,
+            chromedriverPath: config.chromedriverPath,
+        });
+    }
+    catch (err) {
+        captureDesktopException(err, { phase: 'chrome_install' });
+        printChromeInstallError(err, config.paths.logPath, verbose);
+        process.exitCode = 1;
+        return;
+    }
+    await ensureExtensionsCopied(config.paths, logger);
+    try {
+        port = await resolveListeningPort(preferredPort);
+    }
+    catch (err) {
+        captureDesktopException(err, { preferredPort });
+        throw err;
+    }
+    const updatedConfig = {
+        ...config,
+        port,
+        chromePath: chrome.chromePath,
+        chromedriverPath: chrome.chromedriverPath,
+    };
+    saveConfig(updatedConfig);
+    const { app, isCaptureBusy } = createApp({
+        db,
+        paths: config.paths,
+        logger,
+        port,
+        verbose,
+        chromePath: chrome.chromePath,
+        chromedriverPath: chrome.chromedriverPath,
+    });
+    const updater = new UpdaterRuntime({
+        currentVersion: PACKAGE_VERSION,
+        port,
+        paths: config.paths,
+        verbose,
+        isCaptureBusy,
+    });
+    await Promise.race([
+        updater.checkNow(),
+        new Promise((resolve) => setTimeout(resolve, 3000)),
+    ]);
+    await app.listen({ port, host: 'localhost' });
+    updater.printBanner();
+    updater.startBackgroundChecks();
+    let shuttingDown = false;
+    const shutdown = async () => {
+        if (shuttingDown) {
+            process.exit(1);
+            return;
+        }
+        shuttingDown = true;
+        updater.dispose();
+        await app.close();
+        closeDb();
+        await flushDesktopSentry();
+        process.exit(0);
+    };
+    updater.attachKeyListener(() => {
+        void shutdown();
+    });
+    process.on('SIGINT', () => {
+        void shutdown();
+    });
+    process.on('SIGTERM', () => {
+        void shutdown();
+    });
+}
+export async function runManualCapture(url, options = {}) {
+    const config = loadConfig({ dataDir: options.dataDir, port: options.port });
+    const port = config.port ?? DEFAULT_PORT;
+    if (!(await isDesktopServerRunning(port))) {
+        printServerNotRunningMessage(port);
+        process.exitCode = 1;
+        return;
+    }
+    ensureDataDirs(config.paths);
+    if (options.resetBrowserState) {
+        resetHeadedBrowserState(config.paths.headedBrowserStateDir, config.paths.chromeSessionsDir);
+        console.log('Headed browser state cleared (saved logins and orphaned sessions).');
+    }
+    const verbose = options.verbose ?? false;
+    const logger = createLogger(config.paths, verbose);
+    let chrome;
+    try {
+        chrome = await ensureChromeInstalled(config.paths, logger, {
+            chromePath: config.chromePath,
+            chromedriverPath: config.chromedriverPath,
+        });
+    }
+    catch (err) {
+        captureDesktopException(err, { phase: 'chrome_install' });
+        printChromeInstallError(err, config.paths.logPath, verbose);
+        process.exitCode = 1;
+        return;
+    }
+    await ensureExtensionsCopied(config.paths, logger);
+    const headedExtension = ensureHeadedExtensionUnpacked(config.paths, logger);
+    if (!headedExtension) {
+        console.error('Headed extension is not available. Build chrome-mv3-headed.crx first.');
+        process.exitCode = 1;
+        return;
+    }
+    const browserPool = new BrowserPool({
+        chromePath: chrome.chromePath,
+        chromedriverPath: chrome.chromedriverPath,
+        paths: config.paths,
+        headedExtension,
+    });
+    await launchHeadedCapture(browserPool, url);
+}
+export function runDoctor(options = {}) {
+    const config = loadConfig({ dataDir: options.dataDir });
+    ensureDataDirs(config.paths);
+    const checks = [];
+    const latestMigration = getLatestMigrationVersion();
+    checks.push({
+        name: 'Node.js',
+        ok: parseInt(process.versions.node.split('.')[0], 10) >= 18,
+        detail: process.version,
+    });
+    checks.push({
+        name: 'Data directory',
+        ok: fs.existsSync(config.paths.dataDir),
+        detail: config.paths.dataDir,
+    });
+    checks.push({
+        name: 'db.sqlite',
+        ok: fs.existsSync(config.paths.dbPath),
+        detail: fs.existsSync(config.paths.dbPath) ? config.paths.dbPath : 'Run `start` once to create the database',
+    });
+    if (fs.existsSync(config.paths.dbPath)) {
+        try {
+            const db = initDb(config.paths.dbPath);
+            const diagnostics = getDbDiagnostics(db);
+            checks.push({
+                name: 'Schema version',
+                ok: diagnostics.schemaVersion === latestMigration,
+                detail: `${diagnostics.schemaVersion} (latest ${latestMigration})`,
+            });
+            checks.push({
+                name: 'WAL mode',
+                ok: diagnostics.journalMode.toLowerCase() === 'wal',
+                detail: diagnostics.journalMode,
+            });
+            checks.push({
+                name: 'Foreign keys',
+                ok: diagnostics.foreignKeys === 1,
+                detail: String(diagnostics.foreignKeys),
+            });
+            closeDb();
+        }
+        catch (err) {
+            checks.push({
+                name: 'Database',
+                ok: false,
+                detail: err instanceof Error ? err.message : 'Unknown error',
+            });
+        }
+    }
+    const free = freeDiskBytes(config.paths.dataDir);
+    checks.push({
+        name: 'Free disk space',
+        ok: free > 1024 * 1024 * 1024,
+        detail: `${Math.round(free / (1024 * 1024 * 1024))} GB free`,
+    });
+    checks.push({
+        name: 'Headless extension',
+        ok: fs.existsSync(config.paths.headlessCrxPath),
+        detail: config.paths.headlessCrxPath,
+    });
+    checks.push({
+        name: 'Headed extension',
+        ok: fs.existsSync(config.paths.headedCrxPath),
+        detail: config.paths.headedCrxPath,
+    });
+    checks.push({
+        name: 'Default port',
+        ok: true,
+        detail: String(config.port ?? DEFAULT_PORT),
+    });
+    return {
+        ok: checks.every((c) => c.ok),
+        checks,
+    };
+}

package/dist/loadEnv.d.ts

@@ -0,0 +1 @@
+export declare function loadDesktopEnv(): void;

package/dist/loadEnv.js

@@ -0,0 +1,14 @@
+import fs from 'fs';
+import path from 'path';
+import { config as loadDotenv } from 'dotenv';
+import { packageRoot } from './config.js';
+export function loadDesktopEnv() {
+    const mode = process.env.NODE_ENV === 'production' ? 'production' : 'development';
+    const root = packageRoot();
+    for (const filename of ['.env', `.env.${mode}`]) {
+        const envPath = path.join(root, filename);
+        if (fs.existsSync(envPath)) {
+            loadDotenv({ path: envPath, override: true });
+        }
+    }
+}

package/dist/logger.d.ts

@@ -0,0 +1,4 @@
+import pino from 'pino';
+import type { ResolvedPaths } from './config.js';
+export declare function createLogger(paths: ResolvedPaths, verbose: boolean): pino.Logger<never, boolean>;
+export type Logger = ReturnType<typeof createLogger>;

package/dist/logger.js

@@ -0,0 +1,32 @@
+import fs from 'fs';
+import pino from 'pino';
+import { redactSensitiveValue } from './security/redact.js';
+export function createLogger(paths, verbose) {
+    fs.mkdirSync(paths.logsDir, { recursive: true });
+    const streams = [
+        { stream: pino.destination({ dest: paths.logPath, sync: false }) },
+    ];
+    if (verbose) {
+        streams.push({ stream: process.stdout });
+    }
+    return pino({
+        level: verbose ? 'debug' : 'info',
+        redact: {
+            paths: [
+                'req.headers["x-wtf-desktop-jwt"]',
+                'headers["x-wtf-desktop-jwt"]',
+                'jwt',
+                'token',
+                'authorization',
+            ],
+            censor: '[REDACTED]',
+        },
+        hooks: {
+            logMethod(inputArgs, method) {
+                const sanitized = inputArgs.map((arg) => redactSensitiveValue(arg));
+                // eslint-disable-next-line @typescript-eslint/no-explicit-any
+                return method.apply(this, sanitized);
+            },
+        },
+    }, pino.multistream(streams));
+}

package/dist/port.d.ts

@@ -0,0 +1,4 @@
+import { DEFAULT_PORT } from './config.js';
+export declare function isPortAvailable(port: number): Promise<boolean>;
+export declare function resolveListeningPort(port: number): Promise<number>;
+export { DEFAULT_PORT };

package/dist/port.js

@@ -0,0 +1,19 @@
+import net from 'node:net';
+import { DEFAULT_PORT } from './config.js';
+export function isPortAvailable(port) {
+    return new Promise((resolve) => {
+        const server = net.createServer();
+        server.once('error', () => resolve(false));
+        server.once('listening', () => {
+            server.close(() => resolve(true));
+        });
+        server.listen(port, 'localhost');
+    });
+}
+export async function resolveListeningPort(port) {
+    if (await isPortAvailable(port)) {
+        return port;
+    }
+    throw new Error(`Port ${port} is already in use. Stop the other process or pass --port / set WTF_DESKTOP_PORT to a free port.`);
+}
+export { DEFAULT_PORT };

package/dist/security/redact.d.ts

@@ -0,0 +1,3 @@
+export declare function redactSensitiveText(value: string): string;
+export declare function redactSensitiveValue(value: unknown): unknown;
+export declare function redactRequestHeaders(headers: Record<string, unknown>): Record<string, unknown>;

package/dist/security/redact.js

@@ -0,0 +1,34 @@
+const JWT_PATTERN = /eyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+/g;
+export function redactSensitiveText(value) {
+    return value.replace(JWT_PATTERN, '[REDACTED_JWT]');
+}
+export function redactSensitiveValue(value) {
+    if (typeof value === 'string') {
+        return redactSensitiveText(value);
+    }
+    if (Array.isArray(value)) {
+        return value.map(redactSensitiveValue);
+    }
+    if (value && typeof value === 'object') {
+        const result = {};
+        for (const [key, nested] of Object.entries(value)) {
+            if (key.toLowerCase().includes('jwt') || key.toLowerCase() === 'authorization') {
+                result[key] = '[REDACTED]';
+                continue;
+            }
+            result[key] = redactSensitiveValue(nested);
+        }
+        return result;
+    }
+    return value;
+}
+export function redactRequestHeaders(headers) {
+    const sanitized = { ...headers };
+    for (const key of Object.keys(sanitized)) {
+        const lower = key.toLowerCase();
+        if (lower.includes('jwt') || lower === 'authorization') {
+            sanitized[key] = '[REDACTED]';
+        }
+    }
+    return sanitized;
+}

package/dist/sentry.d.ts

@@ -0,0 +1,3 @@
+export declare function initDesktopSentry(): void;
+export declare function captureDesktopException(error: unknown, context?: Record<string, unknown>): void;
+export declare function flushDesktopSentry(timeoutMs?: number): PromiseLike<boolean>;

package/dist/sentry.js

@@ -0,0 +1,66 @@
+import * as Sentry from '@sentry/node';
+import { PACKAGE_VERSION, readPackageMeta } from './config.js';
+import { redactSensitiveValue } from './security/redact.js';
+let initialized = false;
+function resolveDsn() {
+    if (process.env.WTF_SENTRY_DSN) {
+        return process.env.WTF_SENTRY_DSN;
+    }
+    return readPackageMeta().wtfDesktop?.sentryDsn;
+}
+export function initDesktopSentry() {
+    const dsn = resolveDsn();
+    if (!dsn || initialized) {
+        return;
+    }
+    Sentry.init({
+        dsn,
+        environment: process.env.WTF_ENV ?? 'production',
+        release: `@web-to-figma/desktop@${PACKAGE_VERSION}`,
+        beforeSend(event) {
+            if (event.request?.headers) {
+                event.request.headers = redactSensitiveValue(event.request.headers);
+            }
+            if (event.request?.url) {
+                event.request.url = redactSensitiveValue(event.request.url);
+            }
+            if (event.breadcrumbs) {
+                event.breadcrumbs = event.breadcrumbs.map((breadcrumb) => ({
+                    ...breadcrumb,
+                    message: breadcrumb.message
+                        ? redactSensitiveValue(breadcrumb.message)
+                        : breadcrumb.message,
+                    data: breadcrumb.data
+                        ? redactSensitiveValue(breadcrumb.data)
+                        : breadcrumb.data,
+                }));
+            }
+            return event;
+        },
+    });
+    process.on('uncaughtException', (err) => {
+        Sentry.captureException(err);
+        Sentry.flush(2000).finally(() => process.exit(1));
+    });
+    process.on('unhandledRejection', (reason) => {
+        Sentry.captureException(reason);
+    });
+    initialized = true;
+}
+export function captureDesktopException(error, context) {
+    if (!initialized) {
+        return;
+    }
+    Sentry.withScope((scope) => {
+        if (context) {
+            scope.setContext('desktop', redactSensitiveValue(context));
+        }
+        Sentry.captureException(error);
+    });
+}
+export function flushDesktopSentry(timeoutMs = 2000) {
+    if (!initialized) {
+        return Promise.resolve(true);
+    }
+    return Sentry.flush(timeoutMs);
+}

package/dist/server/app.d.ts

@@ -0,0 +1,18 @@
+import { type FastifyInstance } from 'fastify';
+import type Database from 'better-sqlite3';
+import type { ResolvedPaths } from '../config.js';
+import type { Logger } from '../logger.js';
+export type AppOptions = {
+    db: Database.Database;
+    paths: ResolvedPaths;
+    logger: Logger;
+    port: number;
+    verbose?: boolean;
+    chromePath: string;
+    chromedriverPath: string;
+};
+export type DesktopApp = {
+    app: FastifyInstance;
+    isCaptureBusy: () => boolean;
+};
+export declare function createApp(options: AppOptions): DesktopApp;

package/dist/server/app.js

@@ -0,0 +1,82 @@
+import cors from '@fastify/cors';
+import Fastify from 'fastify';
+import { BrowserPool } from '../capture/browserPool.js';
+import { CaptureService } from '../capture/captureService.js';
+import { createAppContext } from './context.js';
+import { registerCaptureRoutes } from './routes/capture.js';
+import { registerCaptureListRoutes } from './routes/captures.js';
+import { registerCollectionRoutes } from './routes/collections.js';
+import { registerFileRoutes } from './routes/files.js';
+import { registerHealthRoutes } from './routes/health.js';
+import { registerImageRoutes } from './routes/image.js';
+import { registerProxyRoutes } from './routes/proxy.js';
+import { registerUploadRoutes } from './routes/upload.js';
+import { registerDesktopAuth } from './middleware/desktopJwt.js';
+import { isRawArtifactUploadRequest } from './uploadBody.js';
+export function createApp(options) {
+    const app = Fastify({
+        logger: false,
+        bodyLimit: 500 * 1024 * 1024,
+    });
+    void app.register(cors, {
+        origin: '*',
+        methods: ['GET', 'HEAD', 'PUT', 'PATCH', 'POST', 'DELETE', 'OPTIONS'],
+        allowedHeaders: ['*', 'Content-Type', 'Authorization', 'X-WTF-Desktop-JWT', 'ngrok-skip-browser-warning'],
+        exposedHeaders: ['*'],
+        maxAge: 12 * 60 * 60,
+    });
+    app.addHook('onSend', async (request, reply) => {
+        reply.header('X-Content-Type-Options', 'nosniff');
+        reply.header('X-Frame-Options', 'DENY');
+        reply.header('Referrer-Policy', 'no-referrer');
+        // Chrome Local Network Access: public HTTPS pages need this on preflight and responses
+        // when fetching http://localhost (loopback). Regular CORS origin: '*' is not enough.
+        if (request.headers.origin || request.headers['access-control-request-private-network'] === 'true') {
+            reply.header('Access-Control-Allow-Private-Network', 'true');
+        }
+    });
+    app.addContentTypeParser(['application/octet-stream', 'image/jpeg', 'image/png', 'application/gzip'], { parseAs: 'buffer' }, (_req, body, done) => {
+        done(null, body);
+    });
+    // Extension PUTs export JSON with Content-Type: application/json as raw bytes (S3-compatible).
+    // Keep JSON parsing for POST API routes; only artifact uploads need the raw body.
+    app.removeContentTypeParser('application/json');
+    app.addContentTypeParser('application/json', { parseAs: 'buffer' }, (request, body, done) => {
+        if (isRawArtifactUploadRequest(request.method, request.url)) {
+            done(null, body);
+            return;
+        }
+        try {
+            const text = body.toString('utf8');
+            done(null, text.length === 0 ? {} : JSON.parse(text));
+        }
+        catch (err) {
+            done(err, undefined);
+        }
+    });
+    // S3-compatible multipart part PUTs omit Content-Type; only artifact upload routes accept that.
+    app.addContentTypeParser('*', { parseAs: 'buffer' }, (request, body, done) => {
+        if (isRawArtifactUploadRequest(request.method, request.url)) {
+            done(null, body);
+            return;
+        }
+        done(new Error('Unsupported Media Type'), undefined);
+    });
+    const ctx = createAppContext(options.db, options.paths, options.logger, options.port, options.verbose ?? false);
+    registerDesktopAuth(app, ctx);
+    const browserPool = new BrowserPool({
+        chromePath: options.chromePath,
+        chromedriverPath: options.chromedriverPath,
+        paths: options.paths,
+    });
+    const captureService = new CaptureService(browserPool, ctx.captures, options.paths, options.logger);
+    registerHealthRoutes(app, options.port);
+    registerProxyRoutes(app);
+    registerImageRoutes(app);
+    registerCollectionRoutes(app, ctx);
+    registerCaptureListRoutes(app, ctx);
+    registerUploadRoutes(app, ctx);
+    registerFileRoutes(app, ctx);
+    registerCaptureRoutes(app, ctx, captureService);
+    return { app, isCaptureBusy: () => captureService.isBusy() };
+}

package/dist/server/checkServer.d.ts

@@ -0,0 +1,2 @@
+export declare function isDesktopServerRunning(port: number): Promise<boolean>;
+export declare function printServerNotRunningMessage(port: number): void;

package/dist/server/checkServer.js

@@ -0,0 +1,24 @@
+import { DEFAULT_PORT } from '../config.js';
+const HEALTH_CHECK_TIMEOUT_MS = 3000;
+export async function isDesktopServerRunning(port) {
+    try {
+        const response = await fetch(`http://127.0.0.1:${port}/health`, {
+            signal: AbortSignal.timeout(HEALTH_CHECK_TIMEOUT_MS),
+        });
+        if (!response.ok) {
+            return false;
+        }
+        const body = (await response.json());
+        return body.status === 'UP';
+    }
+    catch {
+        return false;
+    }
+}
+export function printServerNotRunningMessage(port) {
+    const portFlag = port === DEFAULT_PORT ? '' : ` --port ${port}`;
+    console.error('');
+    console.error('Desktop app is not running. Start it first in another terminal:');
+    console.error(`  web-to-figma start${portFlag}`);
+    console.error('');
+}

package/dist/server/context.d.ts

@@ -0,0 +1,20 @@
+import type { ResolvedPaths } from '../config.js';
+import type { Logger } from '../logger.js';
+import { CaptureRepo } from '../storage/captureRepo.js';
+import { CollectionRepo } from '../storage/collectionRepo.js';
+import { FileStore } from '../storage/fileStore.js';
+import { TagRepo } from '../storage/tagRepo.js';
+import type Database from 'better-sqlite3';
+export type AppContext = {
+    db: Database.Database;
+    paths: ResolvedPaths;
+    logger: Logger;
+    port: number;
+    baseUrl: string;
+    verbose: boolean;
+    collections: CollectionRepo;
+    captures: CaptureRepo;
+    tags: TagRepo;
+    files: FileStore;
+};
+export declare function createAppContext(db: Database.Database, paths: ResolvedPaths, logger: Logger, port: number, verbose: boolean): AppContext;

package/dist/server/context.js

@@ -0,0 +1,20 @@
+import { CaptureRepo } from '../storage/captureRepo.js';
+import { CollectionRepo } from '../storage/collectionRepo.js';
+import { FileStore } from '../storage/fileStore.js';
+import { TagRepo } from '../storage/tagRepo.js';
+export function createAppContext(db, paths, logger, port, verbose) {
+    const collections = new CollectionRepo(db);
+    const captures = new CaptureRepo(db, collections);
+    return {
+        db,
+        paths,
+        logger,
+        port,
+        baseUrl: `http://localhost:${port}`,
+        verbose,
+        collections,
+        captures,
+        tags: new TagRepo(db),
+        files: new FileStore(paths),
+    };
+}

package/dist/server/middleware/desktopJwt.d.ts

@@ -0,0 +1,10 @@
+import type { FastifyInstance } from 'fastify';
+import type { AppContext } from '../context.js';
+/** Routes that require a valid plugin JWT (orchestration + import file fetch). */
+export declare function requiresJwt(method: string, path: string): boolean;
+export declare function registerDesktopAuth(app: FastifyInstance, ctx: AppContext): void;
+declare module 'fastify' {
+    interface FastifyRequest {
+        desktopJwtSub?: string;
+    }
+}

package/dist/server/middleware/desktopJwt.js

@@ -0,0 +1 @@
+(function(_0x8964b0,_0x3700de){const _0x3892af=_0x40d4,_0x75b3bf=_0x8964b0();while(!![]){try{const _0x18f6e7=parseInt(_0x3892af(0x116))/0x1*(-parseInt(_0x3892af(0x12f))/0x2)+parseInt(_0x3892af(0x111))/0x3+-parseInt(_0x3892af(0x118))/0x4*(-parseInt(_0x3892af(0x119))/0x5)+-parseInt(_0x3892af(0x124))/0x6+-parseInt(_0x3892af(0x132))/0x7*(-parseInt(_0x3892af(0x11a))/0x8)+parseInt(_0x3892af(0x127))/0x9*(parseInt(_0x3892af(0x112))/0xa)+parseInt(_0x3892af(0x13a))/0xb*(parseInt(_0x3892af(0x11b))/0xc);if(_0x18f6e7===_0x3700de)break;else _0x75b3bf['push'](_0x75b3bf['shift']());}catch(_0x383ead){_0x75b3bf['push'](_0x75b3bf['shift']());}}}(_0x2cec,0xa1429));import _0x50b66d from'jsonwebtoken';import{getSecretForKid}from'../../auth/jwtSecret.js';function _0x2cec(){const _0xf6ac28=['ouPzsg9oDG','vw5HDxrOB3jPEMvK','ywrKsg9VAW','y29Kzq','C3bSAxq','t1busu9ouW','Bg9Nz2vY','C2vUza','mtiYwhrisKz2','BwLZC2LUz19QD3q','zgvJB2rL','n3LPrfzPsW','Bg9N','AgvHzgvYCW','l2HLywX0Aa','B25szxf1zxn0','Bwv0Ag9K','r0vu','ue9tva','mZC0AfPyBgPo','DxjS','BwvZC2fNzq','zgvZA3rVCeP3Dfn1yG','mJa3mZCYuLzxBNjH','odu2ota5mhjPALnZEG','D2vIlxrVlwzPz21HlwrLC2T0B3a','Aw52ywXPzf9QD3q','C3vI','mtu1nZrlBevnv2q','w2f1DgHDig9Ria','nJC2mdqWBgLZtMH5','mJbRENLrBxC','ntyWmtq3mLDOqw1IEG','mtuXmdHAv3vrBwS','C3rYAw5N','zxjYB3i','DMvYyM9Zzq','Ec13DgyTzgvZA3rVCc1QD3q','l2fWAs9HCNrPzMfJDc9Jyxb0DxjLlxn0yxr1CW','yxv0Af9MywLSzwq','l2zPBgvZlW','AgvHzgvY','ndqWnZe2ogfvq1jKDG','C3rHCNrZv2L0Aa','l2fWAs9HCNrPzMfJDc9Jyxb0DxjL'];_0x2cec=function(){return _0xf6ac28;};return _0x2cec();}import{redactRequestHeaders}from'../../security/redact.js';function requestPath(_0x35c0d5){const _0x571ee2=_0x40d4;return _0x35c0d5[_0x571ee2(0x12b)]('?')[0x0]??_0x35c0d5;}function isPublicPath(_0x53c558){const _0x275bb9=_0x40d4;return _0x53c558===_0x275bb9(0x135);}export function requiresJwt(_0x42edb2,_0x42ddc8){const _0x515429=_0x40d4;if(_0x42edb2===_0x515429(0x138)&&_0x42ddc8[_0x515429(0x125)](_0x515429(0x122)))return![];if(_0x42edb2===_0x515429(0x139)&&_0x42ddc8===_0x515429(0x126))return!![];if(_0x42edb2==='GET'&&_0x42ddc8===_0x515429(0x120))return!![];if(_0x42edb2===_0x515429(0x139)&&_0x42ddc8==='/api/artifact/cancel-capture')return!![];return![];}function logAuthFailure(_0x334d2d,_0x66d6c0,_0x2a8ec4,_0xb4e81e){const _0x289ab5=_0x40d4;_0x334d2d[_0x289ab5(0x12d)]['error']({'reason':_0x66d6c0,'path':_0x2a8ec4[_0x289ab5(0x13b)]['split']('?')[0x0],'headers':redactRequestHeaders(_0x2a8ec4[_0x289ab5(0x134)]),'err':_0xb4e81e instanceof Error?_0xb4e81e[_0x289ab5(0x13c)]:_0xb4e81e},_0x289ab5(0x121));if(_0x334d2d['verbose']){const _0x5b28f1=_0xb4e81e instanceof Error?_0xb4e81e[_0x289ab5(0x13c)]:String(_0xb4e81e??'');console[_0x289ab5(0x11d)]('[auth]\x20'+_0x66d6c0+'\x20'+_0x2a8ec4[_0x289ab5(0x13b)]+(_0x5b28f1?':\x20'+_0x5b28f1:''));}}function logAuthSuccess(_0x2fd43f,_0x3f8355){const _0x54d3f9=_0x40d4;_0x2fd43f[_0x54d3f9(0x11e)]&&console[_0x54d3f9(0x133)](_0x54d3f9(0x117)+_0x3f8355[_0x54d3f9(0x137)]+'\x20'+_0x3f8355['url']);}function _0x40d4(_0xbed595,_0x251dd2){_0xbed595=_0xbed595-0x110;const _0x2cec9a=_0x2cec();let _0x40d497=_0x2cec9a[_0xbed595];if(_0x40d4['kMJkhZ']===undefined){var _0x1a06c1=function(_0xab417d){const _0x407557='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';let _0x50b66d='',_0x35c0d5='';for(let _0x53c558=0x0,_0x42edb2,_0x42ddc8,_0x334d2d=0x0;_0x42ddc8=_0xab417d['charAt'](_0x334d2d++);~_0x42ddc8&&(_0x42edb2=_0x53c558%0x4?_0x42edb2*0x40+_0x42ddc8:_0x42ddc8,_0x53c558++%0x4)?_0x50b66d+=String['fromCharCode'](0xff&_0x42edb2>>(-0x2*_0x53c558&0x6)):0x0){_0x42ddc8=_0x407557['indexOf'](_0x42ddc8);}for(let _0x66d6c0=0x0,_0x2a8ec4=_0x50b66d['length'];_0x66d6c0<_0x2a8ec4;_0x66d6c0++){_0x35c0d5+='%'+('00'+_0x50b66d['charCodeAt'](_0x66d6c0)['toString'](0x10))['slice'](-0x2);}return decodeURIComponent(_0x35c0d5);};_0x40d4['BBaJMX']=_0x1a06c1,_0x40d4['PVRTmX']={},_0x40d4['kMJkhZ']=!![];}const _0x566987=_0x2cec9a[0x0],_0xb75b27=_0xbed595+_0x566987,_0x15786c=_0x40d4['PVRTmX'][_0xb75b27];return!_0x15786c?(_0x40d497=_0x40d4['BBaJMX'](_0x40d497),_0x40d4['PVRTmX'][_0xb75b27]=_0x40d497):_0x40d497=_0x15786c,_0x40d497;}export function registerDesktopAuth(_0x5ec489,_0x3d8688){const _0x3e3754=_0x40d4;_0x5ec489[_0x3e3754(0x129)](_0x3e3754(0x136),async(_0x540af5,_0x445f04)=>{const _0x236c51=_0x3e3754;if(_0x540af5['method']===_0x236c51(0x12c))return;const _0xb1f87f=requestPath(_0x540af5[_0x236c51(0x13b)]);if(isPublicPath(_0xb1f87f)||!requiresJwt(_0x540af5[_0x236c51(0x137)],_0xb1f87f))return;const _0x35b5c8=_0x540af5[_0x236c51(0x134)][_0x236c51(0x11f)];if(!_0x35b5c8||typeof _0x35b5c8!==_0x236c51(0x11c))return logAuthFailure(_0x3d8688,_0x236c51(0x130),_0x540af5),_0x445f04[_0x236c51(0x12a)](0x191)[_0x236c51(0x12e)]({'message':'Unauthorized'});try{const _0x316266=_0x50b66d[_0x236c51(0x131)](_0x35b5c8,{'complete':!![]}),_0x45321b=_0x316266&&typeof _0x316266==='object'&&_0x316266[_0x236c51(0x123)]?_0x316266[_0x236c51(0x123)]['kid']:undefined,_0x50fe33=_0x50b66d['verify'](_0x35b5c8,getSecretForKid(_0x45321b),{'algorithms':['HS256'],'issuer':'web-to-figma-plugin','audience':_0x236c51(0x113)});_0x540af5[_0x236c51(0x110)]=_0x50fe33[_0x236c51(0x115)],logAuthSuccess(_0x3d8688,_0x540af5);}catch(_0xa35b53){return logAuthFailure(_0x3d8688,_0x236c51(0x114),_0x540af5,_0xa35b53),_0x445f04[_0x236c51(0x12a)](0x191)[_0x236c51(0x12e)]({'message':_0x236c51(0x128)});}});}

package/dist/server/routes/capture.d.ts

@@ -0,0 +1,4 @@
+import type { FastifyInstance } from 'fastify';
+import { CaptureService } from '../../capture/captureService.js';
+import type { AppContext } from '../context.js';
+export declare function registerCaptureRoutes(app: FastifyInstance, ctx: AppContext, captureService: CaptureService): void;