@xapps-platform/backend-kit 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +196 -0
- package/dist/backend/modes/gateway-managed/payment.d.ts +23 -0
- package/dist/backend/modes/gateway-managed/payment.d.ts.map +1 -0
- package/dist/backend/modes/gateway-managed/payment.js +49 -0
- package/dist/backend/modes/gateway-managed/payment.js.map +7 -0
- package/dist/backend/modes/gateway-managed/paymentSession.d.ts +4 -0
- package/dist/backend/modes/gateway-managed/paymentSession.d.ts.map +1 -0
- package/dist/backend/modes/gateway-managed/paymentSession.js +16 -0
- package/dist/backend/modes/gateway-managed/paymentSession.js.map +7 -0
- package/dist/backend/modes/gateway-managed/policy.d.ts +68 -0
- package/dist/backend/modes/gateway-managed/policy.d.ts.map +1 -0
- package/dist/backend/modes/gateway-managed/policy.js +53 -0
- package/dist/backend/modes/gateway-managed/policy.js.map +7 -0
- package/dist/backend/modes/gateway-managed/policyContext.d.ts +5 -0
- package/dist/backend/modes/gateway-managed/policyContext.d.ts.map +1 -0
- package/dist/backend/modes/gateway-managed/policyContext.js +22 -0
- package/dist/backend/modes/gateway-managed/policyContext.js.map +7 -0
- package/dist/backend/modes/index.d.ts +72 -0
- package/dist/backend/modes/index.d.ts.map +1 -0
- package/dist/backend/modes/index.js +159 -0
- package/dist/backend/modes/index.js.map +7 -0
- package/dist/backend/modes/owner-managed/payment.d.ts +34 -0
- package/dist/backend/modes/owner-managed/payment.d.ts.map +1 -0
- package/dist/backend/modes/owner-managed/payment.js +75 -0
- package/dist/backend/modes/owner-managed/payment.js.map +7 -0
- package/dist/backend/modes/owner-managed/paymentAssets.d.ts +4 -0
- package/dist/backend/modes/owner-managed/paymentAssets.d.ts.map +1 -0
- package/dist/backend/modes/owner-managed/paymentAssets.js +11 -0
- package/dist/backend/modes/owner-managed/paymentAssets.js.map +7 -0
- package/dist/backend/modes/owner-managed/paymentPageApi.d.ts +4 -0
- package/dist/backend/modes/owner-managed/paymentPageApi.d.ts.map +1 -0
- package/dist/backend/modes/owner-managed/paymentPageApi.js +11 -0
- package/dist/backend/modes/owner-managed/paymentPageApi.js.map +7 -0
- package/dist/backend/modes/owner-managed/paymentSession.d.ts +4 -0
- package/dist/backend/modes/owner-managed/paymentSession.d.ts.map +1 -0
- package/dist/backend/modes/owner-managed/paymentSession.js +18 -0
- package/dist/backend/modes/owner-managed/paymentSession.js.map +7 -0
- package/dist/backend/modes/owner-managed/policy.d.ts +68 -0
- package/dist/backend/modes/owner-managed/policy.d.ts.map +1 -0
- package/dist/backend/modes/owner-managed/policy.js +53 -0
- package/dist/backend/modes/owner-managed/policy.js.map +7 -0
- package/dist/backend/modes/owner-managed/policyContext.d.ts +5 -0
- package/dist/backend/modes/owner-managed/policyContext.d.ts.map +1 -0
- package/dist/backend/modes/owner-managed/policyContext.js +26 -0
- package/dist/backend/modes/owner-managed/policyContext.js.map +7 -0
- package/dist/backend/modes/publisher-delegated/payment.d.ts +23 -0
- package/dist/backend/modes/publisher-delegated/payment.d.ts.map +1 -0
- package/dist/backend/modes/publisher-delegated/payment.js +50 -0
- package/dist/backend/modes/publisher-delegated/payment.js.map +7 -0
- package/dist/backend/modes/publisher-delegated/paymentSession.d.ts +4 -0
- package/dist/backend/modes/publisher-delegated/paymentSession.d.ts.map +1 -0
- package/dist/backend/modes/publisher-delegated/paymentSession.js +16 -0
- package/dist/backend/modes/publisher-delegated/paymentSession.js.map +7 -0
- package/dist/backend/modes/publisher-delegated/policy.d.ts +68 -0
- package/dist/backend/modes/publisher-delegated/policy.d.ts.map +1 -0
- package/dist/backend/modes/publisher-delegated/policy.js +53 -0
- package/dist/backend/modes/publisher-delegated/policy.js.map +7 -0
- package/dist/backend/modes/publisher-delegated/policyContext.d.ts +5 -0
- package/dist/backend/modes/publisher-delegated/policyContext.d.ts.map +1 -0
- package/dist/backend/modes/publisher-delegated/policyContext.js +22 -0
- package/dist/backend/modes/publisher-delegated/policyContext.js.map +7 -0
- package/dist/backend/modes/tenant-delegated/payment.d.ts +23 -0
- package/dist/backend/modes/tenant-delegated/payment.d.ts.map +1 -0
- package/dist/backend/modes/tenant-delegated/payment.js +50 -0
- package/dist/backend/modes/tenant-delegated/payment.js.map +7 -0
- package/dist/backend/modes/tenant-delegated/paymentSession.d.ts +4 -0
- package/dist/backend/modes/tenant-delegated/paymentSession.d.ts.map +1 -0
- package/dist/backend/modes/tenant-delegated/paymentSession.js +16 -0
- package/dist/backend/modes/tenant-delegated/paymentSession.js.map +7 -0
- package/dist/backend/modes/tenant-delegated/policy.d.ts +68 -0
- package/dist/backend/modes/tenant-delegated/policy.d.ts.map +1 -0
- package/dist/backend/modes/tenant-delegated/policy.js +53 -0
- package/dist/backend/modes/tenant-delegated/policy.js.map +7 -0
- package/dist/backend/modes/tenant-delegated/policyContext.d.ts +5 -0
- package/dist/backend/modes/tenant-delegated/policyContext.d.ts.map +1 -0
- package/dist/backend/modes/tenant-delegated/policyContext.js +22 -0
- package/dist/backend/modes/tenant-delegated/policyContext.js.map +7 -0
- package/dist/backend/modules.d.ts +33 -0
- package/dist/backend/modules.d.ts.map +1 -0
- package/dist/backend/modules.js +100 -0
- package/dist/backend/modules.js.map +7 -0
- package/dist/backend/options.d.ts +78 -0
- package/dist/backend/options.d.ts.map +1 -0
- package/dist/backend/options.js +153 -0
- package/dist/backend/options.js.map +7 -0
- package/dist/backend/paymentRuntime.d.ts +31 -0
- package/dist/backend/paymentRuntime.d.ts.map +1 -0
- package/dist/backend/paymentRuntime.js +231 -0
- package/dist/backend/paymentRuntime.js.map +7 -0
- package/dist/backend/policies/common.d.ts +102 -0
- package/dist/backend/policies/common.d.ts.map +1 -0
- package/dist/backend/policies/common.js +226 -0
- package/dist/backend/policies/common.js.map +7 -0
- package/dist/backend/routes/gateway/guard.d.ts +7 -0
- package/dist/backend/routes/gateway/guard.d.ts.map +1 -0
- package/dist/backend/routes/gateway/guard.js +89 -0
- package/dist/backend/routes/gateway/guard.js.map +7 -0
- package/dist/backend/routes/gateway/hostApi.d.ts +8 -0
- package/dist/backend/routes/gateway/hostApi.d.ts.map +1 -0
- package/dist/backend/routes/gateway/hostApi.js +45 -0
- package/dist/backend/routes/gateway/hostApi.js.map +7 -0
- package/dist/backend/routes/gateway/hostApiBridge.d.ts +5 -0
- package/dist/backend/routes/gateway/hostApiBridge.d.ts.map +1 -0
- package/dist/backend/routes/gateway/hostApiBridge.js +61 -0
- package/dist/backend/routes/gateway/hostApiBridge.js.map +7 -0
- package/dist/backend/routes/gateway/hostApiCore.d.ts +5 -0
- package/dist/backend/routes/gateway/hostApiCore.d.ts.map +1 -0
- package/dist/backend/routes/gateway/hostApiCore.js +95 -0
- package/dist/backend/routes/gateway/hostApiCore.js.map +7 -0
- package/dist/backend/routes/gateway/hostApiLifecycle.d.ts +5 -0
- package/dist/backend/routes/gateway/hostApiLifecycle.d.ts.map +1 -0
- package/dist/backend/routes/gateway/hostApiLifecycle.js +80 -0
- package/dist/backend/routes/gateway/hostApiLifecycle.js.map +7 -0
- package/dist/backend/routes/gateway/hostContractBoundary.d.ts +25 -0
- package/dist/backend/routes/gateway/hostContractBoundary.d.ts.map +1 -0
- package/dist/backend/routes/gateway/hostContractBoundary.js +43 -0
- package/dist/backend/routes/gateway/hostContractBoundary.js.map +7 -0
- package/dist/backend/routes/gateway/payment.d.ts +4 -0
- package/dist/backend/routes/gateway/payment.d.ts.map +1 -0
- package/dist/backend/routes/gateway/payment.js +10 -0
- package/dist/backend/routes/gateway/payment.js.map +7 -0
- package/dist/backend/routes/gateway/shared.d.ts +36 -0
- package/dist/backend/routes/gateway/shared.d.ts.map +1 -0
- package/dist/backend/routes/gateway/shared.js +208 -0
- package/dist/backend/routes/gateway/shared.js.map +7 -0
- package/dist/backend/routes/gateway/subjectProfiles.d.ts +2 -0
- package/dist/backend/routes/gateway/subjectProfiles.d.ts.map +1 -0
- package/dist/backend/routes/gateway/subjectProfiles.js +150 -0
- package/dist/backend/routes/gateway/subjectProfiles.js.map +7 -0
- package/dist/backend/routes/health.d.ts +2 -0
- package/dist/backend/routes/health.d.ts.map +1 -0
- package/dist/backend/routes/health.js +20 -0
- package/dist/backend/routes/health.js.map +7 -0
- package/dist/backend/routes/reference.d.ts +2 -0
- package/dist/backend/routes/reference.d.ts.map +1 -0
- package/dist/backend/routes/reference.js +414 -0
- package/dist/backend/routes/reference.js.map +7 -0
- package/dist/index.d.ts +10 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +81 -0
- package/dist/index.js.map +7 -0
- package/package.json +42 -0
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
import {
|
|
2
|
+
normalizeBridgeRefreshInput,
|
|
3
|
+
normalizeBridgeVendorAssertionInput
|
|
4
|
+
} from "./hostContractBoundary.js";
|
|
5
|
+
import {
|
|
6
|
+
applyHostApiCorsHeaders,
|
|
7
|
+
ensureHostApiOriginAllowed,
|
|
8
|
+
readBodyRecord,
|
|
9
|
+
readHostBootstrapContext,
|
|
10
|
+
requireHostProxyService,
|
|
11
|
+
sendServiceError
|
|
12
|
+
} from "./shared.js";
|
|
13
|
+
async function hostApiBridgeRoutes(fastify, { hostProxyService, allowedOrigins = [], bootstrap = {} } = {}) {
|
|
14
|
+
const service = requireHostProxyService(hostProxyService);
|
|
15
|
+
fastify.post("/api/bridge/token-refresh", async (request, reply) => {
|
|
16
|
+
if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;
|
|
17
|
+
try {
|
|
18
|
+
const body = readBodyRecord(request.body);
|
|
19
|
+
const bootstrapContext = readHostBootstrapContext(request, bootstrap);
|
|
20
|
+
applyHostApiCorsHeaders(reply, request, allowedOrigins);
|
|
21
|
+
const input = normalizeBridgeRefreshInput(body, request);
|
|
22
|
+
if (bootstrapContext?.subjectId) {
|
|
23
|
+
input.subjectId = bootstrapContext.subjectId;
|
|
24
|
+
}
|
|
25
|
+
return reply.send(await service.refreshWidgetToken(input));
|
|
26
|
+
} catch (err) {
|
|
27
|
+
return sendServiceError(request, reply, err, "bridge token-refresh failed");
|
|
28
|
+
}
|
|
29
|
+
});
|
|
30
|
+
fastify.post("/api/bridge/sign", async (request, reply) => {
|
|
31
|
+
if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;
|
|
32
|
+
try {
|
|
33
|
+
const body = readBodyRecord(request.body);
|
|
34
|
+
applyHostApiCorsHeaders(reply, request, allowedOrigins);
|
|
35
|
+
return reply.send(
|
|
36
|
+
await service.bridgeSign({
|
|
37
|
+
envelope: body.envelope && typeof body.envelope === "object" && !Array.isArray(body.envelope) ? body.envelope : null,
|
|
38
|
+
data: body
|
|
39
|
+
})
|
|
40
|
+
);
|
|
41
|
+
} catch (err) {
|
|
42
|
+
return sendServiceError(request, reply, err, "bridge sign failed");
|
|
43
|
+
}
|
|
44
|
+
});
|
|
45
|
+
fastify.post("/api/bridge/vendor-assertion", async (request, reply) => {
|
|
46
|
+
if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;
|
|
47
|
+
try {
|
|
48
|
+
const body = readBodyRecord(request.body);
|
|
49
|
+
applyHostApiCorsHeaders(reply, request, allowedOrigins);
|
|
50
|
+
return reply.send(
|
|
51
|
+
await service.bridgeVendorAssertion(normalizeBridgeVendorAssertionInput(body))
|
|
52
|
+
);
|
|
53
|
+
} catch (err) {
|
|
54
|
+
return sendServiceError(request, reply, err, "bridge vendor-assertion failed");
|
|
55
|
+
}
|
|
56
|
+
});
|
|
57
|
+
}
|
|
58
|
+
export {
|
|
59
|
+
hostApiBridgeRoutes as default
|
|
60
|
+
};
|
|
61
|
+
//# sourceMappingURL=hostApiBridge.js.map
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
{
|
|
2
|
+
"version": 3,
|
|
3
|
+
"sources": ["../../../../src/backend/routes/gateway/hostApiBridge.ts"],
|
|
4
|
+
"sourcesContent": ["// @ts-nocheck\nimport {\n normalizeBridgeRefreshInput,\n normalizeBridgeVendorAssertionInput,\n} from \"./hostContractBoundary.js\";\nimport {\n applyHostApiCorsHeaders,\n ensureHostApiOriginAllowed,\n readBodyRecord,\n readHostBootstrapContext,\n requireHostProxyService,\n sendServiceError,\n} from \"./shared.js\";\n\nexport default async function hostApiBridgeRoutes(\n fastify,\n { hostProxyService, allowedOrigins = [], bootstrap = {} } = {},\n) {\n const service = requireHostProxyService(hostProxyService);\n fastify.post(\"/api/bridge/token-refresh\", async (request, reply) => {\n if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;\n try {\n const body = readBodyRecord(request.body);\n const bootstrapContext = readHostBootstrapContext(request, bootstrap);\n applyHostApiCorsHeaders(reply, request, allowedOrigins);\n const input = normalizeBridgeRefreshInput(body, request);\n if (bootstrapContext?.subjectId) {\n input.subjectId = bootstrapContext.subjectId;\n }\n return reply.send(await service.refreshWidgetToken(input));\n } catch (err) {\n return sendServiceError(request, reply, err, \"bridge token-refresh failed\");\n }\n });\n\n fastify.post(\"/api/bridge/sign\", async (request, reply) => {\n if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;\n try {\n const body = readBodyRecord(request.body);\n applyHostApiCorsHeaders(reply, request, allowedOrigins);\n return reply.send(\n await service.bridgeSign({\n envelope:\n body.envelope && typeof body.envelope === \"object\" && !Array.isArray(body.envelope)\n ? body.envelope\n : null,\n data: body,\n }),\n );\n } catch (err) {\n return sendServiceError(request, reply, err, \"bridge sign failed\");\n }\n });\n\n fastify.post(\"/api/bridge/vendor-assertion\", async (request, reply) => {\n if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;\n try {\n const body = readBodyRecord(request.body);\n applyHostApiCorsHeaders(reply, request, allowedOrigins);\n return reply.send(\n await service.bridgeVendorAssertion(normalizeBridgeVendorAssertionInput(body)),\n );\n } catch (err) {\n return sendServiceError(request, reply, err, \"bridge vendor-assertion failed\");\n }\n });\n}\n"],
|
|
5
|
+
"mappings": "AACA;AAAA,EACE;AAAA,EACA;AAAA,OACK;AACP;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAEP,eAAO,oBACL,SACA,EAAE,kBAAkB,iBAAiB,CAAC,GAAG,YAAY,CAAC,EAAE,IAAI,CAAC,GAC7D;AACA,QAAM,UAAU,wBAAwB,gBAAgB;AACxD,UAAQ,KAAK,6BAA6B,OAAO,SAAS,UAAU;AAClE,QAAI,CAAC,2BAA2B,SAAS,OAAO,cAAc,EAAG;AACjE,QAAI;AACF,YAAM,OAAO,eAAe,QAAQ,IAAI;AACxC,YAAM,mBAAmB,yBAAyB,SAAS,SAAS;AACpE,8BAAwB,OAAO,SAAS,cAAc;AACtD,YAAM,QAAQ,4BAA4B,MAAM,OAAO;AACvD,UAAI,kBAAkB,WAAW;AAC/B,cAAM,YAAY,iBAAiB;AAAA,MACrC;AACA,aAAO,MAAM,KAAK,MAAM,QAAQ,mBAAmB,KAAK,CAAC;AAAA,IAC3D,SAAS,KAAK;AACZ,aAAO,iBAAiB,SAAS,OAAO,KAAK,6BAA6B;AAAA,IAC5E;AAAA,EACF,CAAC;AAED,UAAQ,KAAK,oBAAoB,OAAO,SAAS,UAAU;AACzD,QAAI,CAAC,2BAA2B,SAAS,OAAO,cAAc,EAAG;AACjE,QAAI;AACF,YAAM,OAAO,eAAe,QAAQ,IAAI;AACxC,8BAAwB,OAAO,SAAS,cAAc;AACtD,aAAO,MAAM;AAAA,QACX,MAAM,QAAQ,WAAW;AAAA,UACvB,UACE,KAAK,YAAY,OAAO,KAAK,aAAa,YAAY,CAAC,MAAM,QAAQ,KAAK,QAAQ,IAC9E,KAAK,WACL;AAAA,UACN,MAAM;AAAA,QACR,CAAC;AAAA,MACH;AAAA,IACF,SAAS,KAAK;AACZ,aAAO,iBAAiB,SAAS,OAAO,KAAK,oBAAoB;AAAA,IACnE;AAAA,EACF,CAAC;AAED,UAAQ,KAAK,gCAAgC,OAAO,SAAS,UAAU;AACrE,QAAI,CAAC,2BAA2B,SAAS,OAAO,cAAc,EAAG;AACjE,QAAI;AACF,YAAM,OAAO,eAAe,QAAQ,IAAI;AACxC,8BAAwB,OAAO,SAAS,cAAc;AACtD,aAAO,MAAM;AAAA,QACX,MAAM,QAAQ,sBAAsB,oCAAoC,IAAI,CAAC;AAAA,MAC/E;AAAA,IACF,SAAS,KAAK;AACZ,aAAO,iBAAiB,SAAS,OAAO,KAAK,gCAAgC;AAAA,IAC/E;AAAA,EACF,CAAC;AACH;",
|
|
6
|
+
"names": []
|
|
7
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"hostApiCore.d.ts","sourceRoot":"","sources":["../../../../src/backend/routes/gateway/hostApiCore.ts"],"names":[],"mappings":"AAaA,wBAA8B,iBAAiB,CAC7C,OAAO,KAAA,EACP,EAAE,gBAAgB,EAAE,cAAmB,EAAE,SAAc,EAAE;;;CAAK,iBAoF/D"}
|
|
@@ -0,0 +1,95 @@
|
|
|
1
|
+
import { normalizeWidgetSessionInput } from "./hostContractBoundary.js";
|
|
2
|
+
import {
|
|
3
|
+
applyHostApiCorsHeaders,
|
|
4
|
+
buildHostBootstrapResult,
|
|
5
|
+
ensureHostApiOriginAllowed,
|
|
6
|
+
readBodyRecord,
|
|
7
|
+
readHostBootstrapContext,
|
|
8
|
+
requireHostBootstrapRequest,
|
|
9
|
+
requireHostProxyService,
|
|
10
|
+
sendServiceError
|
|
11
|
+
} from "./shared.js";
|
|
12
|
+
async function hostApiCoreRoutes(fastify, { hostProxyService, allowedOrigins = [], bootstrap = {} } = {}) {
|
|
13
|
+
const service = requireHostProxyService(hostProxyService);
|
|
14
|
+
fastify.get("/api/host-config", async (request, reply) => {
|
|
15
|
+
if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;
|
|
16
|
+
return reply.send({
|
|
17
|
+
...service.getHostConfig()
|
|
18
|
+
});
|
|
19
|
+
});
|
|
20
|
+
fastify.post("/api/host-bootstrap", async (request, reply) => {
|
|
21
|
+
try {
|
|
22
|
+
const body = readBodyRecord(request.body);
|
|
23
|
+
const { signingSecret, ttlSeconds } = requireHostBootstrapRequest(request, bootstrap);
|
|
24
|
+
const resolved = await service.resolveSubject({
|
|
25
|
+
email: body.email,
|
|
26
|
+
name: body.name
|
|
27
|
+
});
|
|
28
|
+
return reply.send(
|
|
29
|
+
buildHostBootstrapResult({
|
|
30
|
+
subjectId: resolved.subjectId,
|
|
31
|
+
email: body.email,
|
|
32
|
+
name: body.name,
|
|
33
|
+
origin: body.origin,
|
|
34
|
+
signingSecret,
|
|
35
|
+
ttlSeconds
|
|
36
|
+
})
|
|
37
|
+
);
|
|
38
|
+
} catch (err) {
|
|
39
|
+
return sendServiceError(request, reply, err, "host bootstrap failed");
|
|
40
|
+
}
|
|
41
|
+
});
|
|
42
|
+
fastify.post("/api/resolve-subject", async (request, reply) => {
|
|
43
|
+
if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;
|
|
44
|
+
try {
|
|
45
|
+
const body = readBodyRecord(request.body);
|
|
46
|
+
applyHostApiCorsHeaders(reply, request, allowedOrigins);
|
|
47
|
+
return reply.send(
|
|
48
|
+
await service.resolveSubject({
|
|
49
|
+
email: body.email,
|
|
50
|
+
name: body.name
|
|
51
|
+
})
|
|
52
|
+
);
|
|
53
|
+
} catch (err) {
|
|
54
|
+
return sendServiceError(request, reply, err, "resolve-subject failed");
|
|
55
|
+
}
|
|
56
|
+
});
|
|
57
|
+
fastify.post("/api/create-catalog-session", async (request, reply) => {
|
|
58
|
+
if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;
|
|
59
|
+
try {
|
|
60
|
+
const body = readBodyRecord(request.body);
|
|
61
|
+
const bootstrapContext = readHostBootstrapContext(request, bootstrap);
|
|
62
|
+
applyHostApiCorsHeaders(reply, request, allowedOrigins);
|
|
63
|
+
return reply.code(201).send(
|
|
64
|
+
await service.createCatalogSession({
|
|
65
|
+
origin: body.origin,
|
|
66
|
+
subjectId: bootstrapContext?.subjectId || body.subjectId,
|
|
67
|
+
xappId: body.xappId,
|
|
68
|
+
publishers: body.publishers,
|
|
69
|
+
tags: body.tags
|
|
70
|
+
})
|
|
71
|
+
);
|
|
72
|
+
} catch (err) {
|
|
73
|
+
return sendServiceError(request, reply, err, "create-catalog-session failed");
|
|
74
|
+
}
|
|
75
|
+
});
|
|
76
|
+
fastify.post("/api/create-widget-session", async (request, reply) => {
|
|
77
|
+
if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;
|
|
78
|
+
try {
|
|
79
|
+
const body = readBodyRecord(request.body);
|
|
80
|
+
const bootstrapContext = readHostBootstrapContext(request, bootstrap);
|
|
81
|
+
applyHostApiCorsHeaders(reply, request, allowedOrigins);
|
|
82
|
+
const input = normalizeWidgetSessionInput(body, request);
|
|
83
|
+
if (bootstrapContext?.subjectId) {
|
|
84
|
+
input.subjectId = bootstrapContext.subjectId;
|
|
85
|
+
}
|
|
86
|
+
return reply.send(await service.createWidgetSession(input));
|
|
87
|
+
} catch (err) {
|
|
88
|
+
return sendServiceError(request, reply, err, "create-widget-session failed");
|
|
89
|
+
}
|
|
90
|
+
});
|
|
91
|
+
}
|
|
92
|
+
export {
|
|
93
|
+
hostApiCoreRoutes as default
|
|
94
|
+
};
|
|
95
|
+
//# sourceMappingURL=hostApiCore.js.map
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
{
|
|
2
|
+
"version": 3,
|
|
3
|
+
"sources": ["../../../../src/backend/routes/gateway/hostApiCore.ts"],
|
|
4
|
+
"sourcesContent": ["// @ts-nocheck\nimport { normalizeWidgetSessionInput } from \"./hostContractBoundary.js\";\nimport {\n applyHostApiCorsHeaders,\n buildHostBootstrapResult,\n ensureHostApiOriginAllowed,\n readBodyRecord,\n readHostBootstrapContext,\n requireHostBootstrapRequest,\n requireHostProxyService,\n sendServiceError,\n} from \"./shared.js\";\n\nexport default async function hostApiCoreRoutes(\n fastify,\n { hostProxyService, allowedOrigins = [], bootstrap = {} } = {},\n) {\n const service = requireHostProxyService(hostProxyService);\n fastify.get(\"/api/host-config\", async (request, reply) => {\n if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;\n return reply.send({\n ...service.getHostConfig(),\n });\n });\n\n fastify.post(\"/api/host-bootstrap\", async (request, reply) => {\n try {\n const body = readBodyRecord(request.body);\n const { signingSecret, ttlSeconds } = requireHostBootstrapRequest(request, bootstrap);\n const resolved = await service.resolveSubject({\n email: body.email,\n name: body.name,\n });\n return reply.send(\n buildHostBootstrapResult({\n subjectId: resolved.subjectId,\n email: body.email,\n name: body.name,\n origin: body.origin,\n signingSecret,\n ttlSeconds,\n }),\n );\n } catch (err) {\n return sendServiceError(request, reply, err, \"host bootstrap failed\");\n }\n });\n\n fastify.post(\"/api/resolve-subject\", async (request, reply) => {\n if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;\n try {\n const body = readBodyRecord(request.body);\n applyHostApiCorsHeaders(reply, request, allowedOrigins);\n return reply.send(\n await service.resolveSubject({\n email: body.email,\n name: body.name,\n }),\n );\n } catch (err) {\n return sendServiceError(request, reply, err, \"resolve-subject failed\");\n }\n });\n\n fastify.post(\"/api/create-catalog-session\", async (request, reply) => {\n if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;\n try {\n const body = readBodyRecord(request.body);\n const bootstrapContext = readHostBootstrapContext(request, bootstrap);\n applyHostApiCorsHeaders(reply, request, allowedOrigins);\n return reply.code(201).send(\n await service.createCatalogSession({\n origin: body.origin,\n subjectId: bootstrapContext?.subjectId || body.subjectId,\n xappId: body.xappId,\n publishers: body.publishers,\n tags: body.tags,\n }),\n );\n } catch (err) {\n return sendServiceError(request, reply, err, \"create-catalog-session failed\");\n }\n });\n\n fastify.post(\"/api/create-widget-session\", async (request, reply) => {\n if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;\n try {\n const body = readBodyRecord(request.body);\n const bootstrapContext = readHostBootstrapContext(request, bootstrap);\n applyHostApiCorsHeaders(reply, request, allowedOrigins);\n const input = normalizeWidgetSessionInput(body, request);\n if (bootstrapContext?.subjectId) {\n input.subjectId = bootstrapContext.subjectId;\n }\n return reply.send(await service.createWidgetSession(input));\n } catch (err) {\n return sendServiceError(request, reply, err, \"create-widget-session failed\");\n }\n });\n}\n"],
|
|
5
|
+
"mappings": "AACA,SAAS,mCAAmC;AAC5C;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAEP,eAAO,kBACL,SACA,EAAE,kBAAkB,iBAAiB,CAAC,GAAG,YAAY,CAAC,EAAE,IAAI,CAAC,GAC7D;AACA,QAAM,UAAU,wBAAwB,gBAAgB;AACxD,UAAQ,IAAI,oBAAoB,OAAO,SAAS,UAAU;AACxD,QAAI,CAAC,2BAA2B,SAAS,OAAO,cAAc,EAAG;AACjE,WAAO,MAAM,KAAK;AAAA,MAChB,GAAG,QAAQ,cAAc;AAAA,IAC3B,CAAC;AAAA,EACH,CAAC;AAED,UAAQ,KAAK,uBAAuB,OAAO,SAAS,UAAU;AAC5D,QAAI;AACF,YAAM,OAAO,eAAe,QAAQ,IAAI;AACxC,YAAM,EAAE,eAAe,WAAW,IAAI,4BAA4B,SAAS,SAAS;AACpF,YAAM,WAAW,MAAM,QAAQ,eAAe;AAAA,QAC5C,OAAO,KAAK;AAAA,QACZ,MAAM,KAAK;AAAA,MACb,CAAC;AACD,aAAO,MAAM;AAAA,QACX,yBAAyB;AAAA,UACvB,WAAW,SAAS;AAAA,UACpB,OAAO,KAAK;AAAA,UACZ,MAAM,KAAK;AAAA,UACX,QAAQ,KAAK;AAAA,UACb;AAAA,UACA;AAAA,QACF,CAAC;AAAA,MACH;AAAA,IACF,SAAS,KAAK;AACZ,aAAO,iBAAiB,SAAS,OAAO,KAAK,uBAAuB;AAAA,IACtE;AAAA,EACF,CAAC;AAED,UAAQ,KAAK,wBAAwB,OAAO,SAAS,UAAU;AAC7D,QAAI,CAAC,2BAA2B,SAAS,OAAO,cAAc,EAAG;AACjE,QAAI;AACF,YAAM,OAAO,eAAe,QAAQ,IAAI;AACxC,8BAAwB,OAAO,SAAS,cAAc;AACtD,aAAO,MAAM;AAAA,QACX,MAAM,QAAQ,eAAe;AAAA,UAC3B,OAAO,KAAK;AAAA,UACZ,MAAM,KAAK;AAAA,QACb,CAAC;AAAA,MACH;AAAA,IACF,SAAS,KAAK;AACZ,aAAO,iBAAiB,SAAS,OAAO,KAAK,wBAAwB;AAAA,IACvE;AAAA,EACF,CAAC;AAED,UAAQ,KAAK,+BAA+B,OAAO,SAAS,UAAU;AACpE,QAAI,CAAC,2BAA2B,SAAS,OAAO,cAAc,EAAG;AACjE,QAAI;AACF,YAAM,OAAO,eAAe,QAAQ,IAAI;AACxC,YAAM,mBAAmB,yBAAyB,SAAS,SAAS;AACpE,8BAAwB,OAAO,SAAS,cAAc;AACtD,aAAO,MAAM,KAAK,GAAG,EAAE;AAAA,QACrB,MAAM,QAAQ,qBAAqB;AAAA,UACjC,QAAQ,KAAK;AAAA,UACb,WAAW,kBAAkB,aAAa,KAAK;AAAA,UAC/C,QAAQ,KAAK;AAAA,UACb,YAAY,KAAK;AAAA,UACjB,MAAM,KAAK;AAAA,QACb,CAAC;AAAA,MACH;AAAA,IACF,SAAS,KAAK;AACZ,aAAO,iBAAiB,SAAS,OAAO,KAAK,+BAA+B;AAAA,IAC9E;AAAA,EACF,CAAC;AAED,UAAQ,KAAK,8BAA8B,OAAO,SAAS,UAAU;AACnE,QAAI,CAAC,2BAA2B,SAAS,OAAO,cAAc,EAAG;AACjE,QAAI;AACF,YAAM,OAAO,eAAe,QAAQ,IAAI;AACxC,YAAM,mBAAmB,yBAAyB,SAAS,SAAS;AACpE,8BAAwB,OAAO,SAAS,cAAc;AACtD,YAAM,QAAQ,4BAA4B,MAAM,OAAO;AACvD,UAAI,kBAAkB,WAAW;AAC/B,cAAM,YAAY,iBAAiB;AAAA,MACrC;AACA,aAAO,MAAM,KAAK,MAAM,QAAQ,oBAAoB,KAAK,CAAC;AAAA,IAC5D,SAAS,KAAK;AACZ,aAAO,iBAAiB,SAAS,OAAO,KAAK,8BAA8B;AAAA,IAC7E;AAAA,EACF,CAAC;AACH;",
|
|
6
|
+
"names": []
|
|
7
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"hostApiLifecycle.d.ts","sourceRoot":"","sources":["../../../../src/backend/routes/gateway/hostApiLifecycle.ts"],"names":[],"mappings":"AAUA,wBAA8B,sBAAsB,CAClD,OAAO,KAAA,EACP,EAAE,gBAAgB,EAAE,cAAmB,EAAE,SAAc,EAAE;;;CAAK,iBAuE/D"}
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
import {
|
|
2
|
+
applyHostApiCorsHeaders,
|
|
3
|
+
ensureHostApiOriginAllowed,
|
|
4
|
+
readBodyRecord,
|
|
5
|
+
readHostBootstrapContext,
|
|
6
|
+
requireHostProxyService,
|
|
7
|
+
sendServiceError
|
|
8
|
+
} from "./shared.js";
|
|
9
|
+
async function hostApiLifecycleRoutes(fastify, { hostProxyService, allowedOrigins = [], bootstrap = {} } = {}) {
|
|
10
|
+
const service = requireHostProxyService(hostProxyService);
|
|
11
|
+
fastify.get("/api/installations", async (request, reply) => {
|
|
12
|
+
if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;
|
|
13
|
+
try {
|
|
14
|
+
const query = readBodyRecord(request.query);
|
|
15
|
+
const bootstrapContext = readHostBootstrapContext(request, bootstrap);
|
|
16
|
+
applyHostApiCorsHeaders(reply, request, allowedOrigins);
|
|
17
|
+
return reply.send(
|
|
18
|
+
await service.listInstallations({
|
|
19
|
+
subjectId: bootstrapContext?.subjectId || query.subjectId
|
|
20
|
+
})
|
|
21
|
+
);
|
|
22
|
+
} catch (err) {
|
|
23
|
+
return sendServiceError(request, reply, err, "list installations failed");
|
|
24
|
+
}
|
|
25
|
+
});
|
|
26
|
+
fastify.post("/api/install", async (request, reply) => {
|
|
27
|
+
if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;
|
|
28
|
+
try {
|
|
29
|
+
const body = readBodyRecord(request.body);
|
|
30
|
+
const bootstrapContext = readHostBootstrapContext(request, bootstrap);
|
|
31
|
+
applyHostApiCorsHeaders(reply, request, allowedOrigins);
|
|
32
|
+
return reply.send(
|
|
33
|
+
await service.installXapp({
|
|
34
|
+
xappId: body.xappId,
|
|
35
|
+
subjectId: bootstrapContext?.subjectId || body.subjectId,
|
|
36
|
+
termsAccepted: body.termsAccepted
|
|
37
|
+
})
|
|
38
|
+
);
|
|
39
|
+
} catch (err) {
|
|
40
|
+
return sendServiceError(request, reply, err, "install failed");
|
|
41
|
+
}
|
|
42
|
+
});
|
|
43
|
+
fastify.post("/api/update", async (request, reply) => {
|
|
44
|
+
if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;
|
|
45
|
+
try {
|
|
46
|
+
const body = readBodyRecord(request.body);
|
|
47
|
+
const bootstrapContext = readHostBootstrapContext(request, bootstrap);
|
|
48
|
+
applyHostApiCorsHeaders(reply, request, allowedOrigins);
|
|
49
|
+
return reply.send(
|
|
50
|
+
await service.updateInstallation({
|
|
51
|
+
installationId: body.installationId,
|
|
52
|
+
subjectId: bootstrapContext?.subjectId || body.subjectId,
|
|
53
|
+
termsAccepted: body.termsAccepted
|
|
54
|
+
})
|
|
55
|
+
);
|
|
56
|
+
} catch (err) {
|
|
57
|
+
return sendServiceError(request, reply, err, "update failed");
|
|
58
|
+
}
|
|
59
|
+
});
|
|
60
|
+
fastify.post("/api/uninstall", async (request, reply) => {
|
|
61
|
+
if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;
|
|
62
|
+
try {
|
|
63
|
+
const body = readBodyRecord(request.body);
|
|
64
|
+
const bootstrapContext = readHostBootstrapContext(request, bootstrap);
|
|
65
|
+
applyHostApiCorsHeaders(reply, request, allowedOrigins);
|
|
66
|
+
return reply.send(
|
|
67
|
+
await service.uninstallInstallation({
|
|
68
|
+
installationId: body.installationId,
|
|
69
|
+
subjectId: bootstrapContext?.subjectId || body.subjectId
|
|
70
|
+
})
|
|
71
|
+
);
|
|
72
|
+
} catch (err) {
|
|
73
|
+
return sendServiceError(request, reply, err, "uninstall failed");
|
|
74
|
+
}
|
|
75
|
+
});
|
|
76
|
+
}
|
|
77
|
+
export {
|
|
78
|
+
hostApiLifecycleRoutes as default
|
|
79
|
+
};
|
|
80
|
+
//# sourceMappingURL=hostApiLifecycle.js.map
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
{
|
|
2
|
+
"version": 3,
|
|
3
|
+
"sources": ["../../../../src/backend/routes/gateway/hostApiLifecycle.ts"],
|
|
4
|
+
"sourcesContent": ["// @ts-nocheck\nimport {\n applyHostApiCorsHeaders,\n ensureHostApiOriginAllowed,\n readBodyRecord,\n readHostBootstrapContext,\n requireHostProxyService,\n sendServiceError,\n} from \"./shared.js\";\n\nexport default async function hostApiLifecycleRoutes(\n fastify,\n { hostProxyService, allowedOrigins = [], bootstrap = {} } = {},\n) {\n const service = requireHostProxyService(hostProxyService);\n fastify.get(\"/api/installations\", async (request, reply) => {\n if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;\n try {\n const query = readBodyRecord(request.query);\n const bootstrapContext = readHostBootstrapContext(request, bootstrap);\n applyHostApiCorsHeaders(reply, request, allowedOrigins);\n return reply.send(\n await service.listInstallations({\n subjectId: bootstrapContext?.subjectId || query.subjectId,\n }),\n );\n } catch (err) {\n return sendServiceError(request, reply, err, \"list installations failed\");\n }\n });\n\n fastify.post(\"/api/install\", async (request, reply) => {\n if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;\n try {\n const body = readBodyRecord(request.body);\n const bootstrapContext = readHostBootstrapContext(request, bootstrap);\n applyHostApiCorsHeaders(reply, request, allowedOrigins);\n return reply.send(\n await service.installXapp({\n xappId: body.xappId,\n subjectId: bootstrapContext?.subjectId || body.subjectId,\n termsAccepted: body.termsAccepted,\n }),\n );\n } catch (err) {\n return sendServiceError(request, reply, err, \"install failed\");\n }\n });\n\n fastify.post(\"/api/update\", async (request, reply) => {\n if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;\n try {\n const body = readBodyRecord(request.body);\n const bootstrapContext = readHostBootstrapContext(request, bootstrap);\n applyHostApiCorsHeaders(reply, request, allowedOrigins);\n return reply.send(\n await service.updateInstallation({\n installationId: body.installationId,\n subjectId: bootstrapContext?.subjectId || body.subjectId,\n termsAccepted: body.termsAccepted,\n }),\n );\n } catch (err) {\n return sendServiceError(request, reply, err, \"update failed\");\n }\n });\n\n fastify.post(\"/api/uninstall\", async (request, reply) => {\n if (!ensureHostApiOriginAllowed(request, reply, allowedOrigins)) return;\n try {\n const body = readBodyRecord(request.body);\n const bootstrapContext = readHostBootstrapContext(request, bootstrap);\n applyHostApiCorsHeaders(reply, request, allowedOrigins);\n return reply.send(\n await service.uninstallInstallation({\n installationId: body.installationId,\n subjectId: bootstrapContext?.subjectId || body.subjectId,\n }),\n );\n } catch (err) {\n return sendServiceError(request, reply, err, \"uninstall failed\");\n }\n });\n}\n"],
|
|
5
|
+
"mappings": "AACA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAEP,eAAO,uBACL,SACA,EAAE,kBAAkB,iBAAiB,CAAC,GAAG,YAAY,CAAC,EAAE,IAAI,CAAC,GAC7D;AACA,QAAM,UAAU,wBAAwB,gBAAgB;AACxD,UAAQ,IAAI,sBAAsB,OAAO,SAAS,UAAU;AAC1D,QAAI,CAAC,2BAA2B,SAAS,OAAO,cAAc,EAAG;AACjE,QAAI;AACF,YAAM,QAAQ,eAAe,QAAQ,KAAK;AAC1C,YAAM,mBAAmB,yBAAyB,SAAS,SAAS;AACpE,8BAAwB,OAAO,SAAS,cAAc;AACtD,aAAO,MAAM;AAAA,QACX,MAAM,QAAQ,kBAAkB;AAAA,UAC9B,WAAW,kBAAkB,aAAa,MAAM;AAAA,QAClD,CAAC;AAAA,MACH;AAAA,IACF,SAAS,KAAK;AACZ,aAAO,iBAAiB,SAAS,OAAO,KAAK,2BAA2B;AAAA,IAC1E;AAAA,EACF,CAAC;AAED,UAAQ,KAAK,gBAAgB,OAAO,SAAS,UAAU;AACrD,QAAI,CAAC,2BAA2B,SAAS,OAAO,cAAc,EAAG;AACjE,QAAI;AACF,YAAM,OAAO,eAAe,QAAQ,IAAI;AACxC,YAAM,mBAAmB,yBAAyB,SAAS,SAAS;AACpE,8BAAwB,OAAO,SAAS,cAAc;AACtD,aAAO,MAAM;AAAA,QACX,MAAM,QAAQ,YAAY;AAAA,UACxB,QAAQ,KAAK;AAAA,UACb,WAAW,kBAAkB,aAAa,KAAK;AAAA,UAC/C,eAAe,KAAK;AAAA,QACtB,CAAC;AAAA,MACH;AAAA,IACF,SAAS,KAAK;AACZ,aAAO,iBAAiB,SAAS,OAAO,KAAK,gBAAgB;AAAA,IAC/D;AAAA,EACF,CAAC;AAED,UAAQ,KAAK,eAAe,OAAO,SAAS,UAAU;AACpD,QAAI,CAAC,2BAA2B,SAAS,OAAO,cAAc,EAAG;AACjE,QAAI;AACF,YAAM,OAAO,eAAe,QAAQ,IAAI;AACxC,YAAM,mBAAmB,yBAAyB,SAAS,SAAS;AACpE,8BAAwB,OAAO,SAAS,cAAc;AACtD,aAAO,MAAM;AAAA,QACX,MAAM,QAAQ,mBAAmB;AAAA,UAC/B,gBAAgB,KAAK;AAAA,UACrB,WAAW,kBAAkB,aAAa,KAAK;AAAA,UAC/C,eAAe,KAAK;AAAA,QACtB,CAAC;AAAA,MACH;AAAA,IACF,SAAS,KAAK;AACZ,aAAO,iBAAiB,SAAS,OAAO,KAAK,eAAe;AAAA,IAC9D;AAAA,EACF,CAAC;AAED,UAAQ,KAAK,kBAAkB,OAAO,SAAS,UAAU;AACvD,QAAI,CAAC,2BAA2B,SAAS,OAAO,cAAc,EAAG;AACjE,QAAI;AACF,YAAM,OAAO,eAAe,QAAQ,IAAI;AACxC,YAAM,mBAAmB,yBAAyB,SAAS,SAAS;AACpE,8BAAwB,OAAO,SAAS,cAAc;AACtD,aAAO,MAAM;AAAA,QACX,MAAM,QAAQ,sBAAsB;AAAA,UAClC,gBAAgB,KAAK;AAAA,UACrB,WAAW,kBAAkB,aAAa,KAAK;AAAA,QACjD,CAAC;AAAA,MACH;AAAA,IACF,SAAS,KAAK;AACZ,aAAO,iBAAiB,SAAS,OAAO,KAAK,kBAAkB;AAAA,IACjE;AAAA,EACF,CAAC;AACH;",
|
|
6
|
+
"names": []
|
|
7
|
+
}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
export declare function normalizeWidgetSessionInput(body: any, request: any): {
|
|
2
|
+
installationId: any;
|
|
3
|
+
widgetId: any;
|
|
4
|
+
origin: any;
|
|
5
|
+
subjectId: any;
|
|
6
|
+
xappId: any;
|
|
7
|
+
requestId: any;
|
|
8
|
+
hostReturnUrl: string;
|
|
9
|
+
resultPresentation: any;
|
|
10
|
+
guardUi: any;
|
|
11
|
+
};
|
|
12
|
+
export declare function normalizeBridgeRefreshInput(body: any, request: any): {
|
|
13
|
+
installationId: any;
|
|
14
|
+
widgetId: any;
|
|
15
|
+
origin: any;
|
|
16
|
+
subjectId: any;
|
|
17
|
+
hostReturnUrl: string;
|
|
18
|
+
};
|
|
19
|
+
export declare function normalizeBridgeVendorAssertionInput(body: any): {
|
|
20
|
+
vendorId: any;
|
|
21
|
+
subjectId: any;
|
|
22
|
+
installationId: any;
|
|
23
|
+
data: any;
|
|
24
|
+
};
|
|
25
|
+
//# sourceMappingURL=hostContractBoundary.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"hostContractBoundary.d.ts","sourceRoot":"","sources":["../../../../src/backend/routes/gateway/hostContractBoundary.ts"],"names":[],"mappings":"AAWA,wBAAgB,2BAA2B,CAAC,IAAI,KAAA,EAAE,OAAO,KAAA;;;;;;;;;;EAaxD;AAED,wBAAgB,2BAA2B,CAAC,IAAI,KAAA,EAAE,OAAO,KAAA;;;;;;EASxD;AAED,wBAAgB,mCAAmC,CAAC,IAAI,KAAA;;;;;EAOvD"}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
function readString(...values) {
|
|
2
|
+
for (const value of values) {
|
|
3
|
+
const normalized = String(value ?? "").trim();
|
|
4
|
+
if (normalized) return normalized;
|
|
5
|
+
}
|
|
6
|
+
return "";
|
|
7
|
+
}
|
|
8
|
+
function normalizeWidgetSessionInput(body, request) {
|
|
9
|
+
return {
|
|
10
|
+
installationId: body.installationId,
|
|
11
|
+
widgetId: body.widgetId,
|
|
12
|
+
origin: body.origin,
|
|
13
|
+
subjectId: body.subjectId,
|
|
14
|
+
xappId: body.xappId,
|
|
15
|
+
requestId: body.requestId,
|
|
16
|
+
hostReturnUrl: readString(body.hostReturnUrl, body.host_return_url, request.headers.referer) || void 0,
|
|
17
|
+
resultPresentation: body.resultPresentation || body.result_presentation,
|
|
18
|
+
guardUi: body.guardUi || body.guard_ui
|
|
19
|
+
};
|
|
20
|
+
}
|
|
21
|
+
function normalizeBridgeRefreshInput(body, request) {
|
|
22
|
+
return {
|
|
23
|
+
installationId: body.installationId,
|
|
24
|
+
widgetId: body.widgetId,
|
|
25
|
+
origin: body.origin,
|
|
26
|
+
subjectId: body.subjectId,
|
|
27
|
+
hostReturnUrl: readString(body.hostReturnUrl, body.host_return_url, request.headers.referer) || void 0
|
|
28
|
+
};
|
|
29
|
+
}
|
|
30
|
+
function normalizeBridgeVendorAssertionInput(body) {
|
|
31
|
+
return {
|
|
32
|
+
vendorId: body.vendorId || body.vendor_id,
|
|
33
|
+
subjectId: body.subjectId || body.subject_id,
|
|
34
|
+
installationId: body.installationId || body.installation_id,
|
|
35
|
+
data: body
|
|
36
|
+
};
|
|
37
|
+
}
|
|
38
|
+
export {
|
|
39
|
+
normalizeBridgeRefreshInput,
|
|
40
|
+
normalizeBridgeVendorAssertionInput,
|
|
41
|
+
normalizeWidgetSessionInput
|
|
42
|
+
};
|
|
43
|
+
//# sourceMappingURL=hostContractBoundary.js.map
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
{
|
|
2
|
+
"version": 3,
|
|
3
|
+
"sources": ["../../../../src/backend/routes/gateway/hostContractBoundary.ts"],
|
|
4
|
+
"sourcesContent": ["// @ts-nocheck\nfunction readString(...values) {\n for (const value of values) {\n const normalized = String(value ?? \"\").trim();\n if (normalized) return normalized;\n }\n return \"\";\n}\n\n// Keep backward-compat aliases at the HTTP boundary only.\n// Tenant implementations should treat the camelCase shape below as canonical.\nexport function normalizeWidgetSessionInput(body, request) {\n return {\n installationId: body.installationId,\n widgetId: body.widgetId,\n origin: body.origin,\n subjectId: body.subjectId,\n xappId: body.xappId,\n requestId: body.requestId,\n hostReturnUrl:\n readString(body.hostReturnUrl, body.host_return_url, request.headers.referer) || undefined,\n resultPresentation: body.resultPresentation || body.result_presentation,\n guardUi: body.guardUi || body.guard_ui,\n };\n}\n\nexport function normalizeBridgeRefreshInput(body, request) {\n return {\n installationId: body.installationId,\n widgetId: body.widgetId,\n origin: body.origin,\n subjectId: body.subjectId,\n hostReturnUrl:\n readString(body.hostReturnUrl, body.host_return_url, request.headers.referer) || undefined,\n };\n}\n\nexport function normalizeBridgeVendorAssertionInput(body) {\n return {\n vendorId: body.vendorId || body.vendor_id,\n subjectId: body.subjectId || body.subject_id,\n installationId: body.installationId || body.installation_id,\n data: body,\n };\n}\n"],
|
|
5
|
+
"mappings": "AACA,SAAS,cAAc,QAAQ;AAC7B,aAAW,SAAS,QAAQ;AAC1B,UAAM,aAAa,OAAO,SAAS,EAAE,EAAE,KAAK;AAC5C,QAAI,WAAY,QAAO;AAAA,EACzB;AACA,SAAO;AACT;AAIO,SAAS,4BAA4B,MAAM,SAAS;AACzD,SAAO;AAAA,IACL,gBAAgB,KAAK;AAAA,IACrB,UAAU,KAAK;AAAA,IACf,QAAQ,KAAK;AAAA,IACb,WAAW,KAAK;AAAA,IAChB,QAAQ,KAAK;AAAA,IACb,WAAW,KAAK;AAAA,IAChB,eACE,WAAW,KAAK,eAAe,KAAK,iBAAiB,QAAQ,QAAQ,OAAO,KAAK;AAAA,IACnF,oBAAoB,KAAK,sBAAsB,KAAK;AAAA,IACpD,SAAS,KAAK,WAAW,KAAK;AAAA,EAChC;AACF;AAEO,SAAS,4BAA4B,MAAM,SAAS;AACzD,SAAO;AAAA,IACL,gBAAgB,KAAK;AAAA,IACrB,UAAU,KAAK;AAAA,IACf,QAAQ,KAAK;AAAA,IACb,WAAW,KAAK;AAAA,IAChB,eACE,WAAW,KAAK,eAAe,KAAK,iBAAiB,QAAQ,QAAQ,OAAO,KAAK;AAAA,EACrF;AACF;AAEO,SAAS,oCAAoC,MAAM;AACxD,SAAO;AAAA,IACL,UAAU,KAAK,YAAY,KAAK;AAAA,IAChC,WAAW,KAAK,aAAa,KAAK;AAAA,IAClC,gBAAgB,KAAK,kBAAkB,KAAK;AAAA,IAC5C,MAAM;AAAA,EACR;AACF;",
|
|
6
|
+
"names": []
|
|
7
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"payment.d.ts","sourceRoot":"","sources":["../../../../src/backend/routes/gateway/payment.ts"],"names":[],"mappings":"AAGA,wBAA8B,aAAa,CAAC,OAAO,KAAA,EAAE,EAAE,YAAY,EAAE,cAAmB,EAAE;;CAAK,iBAI9F"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { getBackendModeHandlers } from "../../modes/index.js";
|
|
2
|
+
async function paymentRoutes(fastify, { enabledModes, paymentRuntime = {} } = {}) {
|
|
3
|
+
for (const backendModeHandler of Object.values(getBackendModeHandlers(enabledModes))) {
|
|
4
|
+
await backendModeHandler.registerRoutes(fastify, { paymentRuntime });
|
|
5
|
+
}
|
|
6
|
+
}
|
|
7
|
+
export {
|
|
8
|
+
paymentRoutes as default
|
|
9
|
+
};
|
|
10
|
+
//# sourceMappingURL=payment.js.map
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
{
|
|
2
|
+
"version": 3,
|
|
3
|
+
"sources": ["../../../../src/backend/routes/gateway/payment.ts"],
|
|
4
|
+
"sourcesContent": ["// @ts-nocheck\nimport { getBackendModeHandlers } from \"../../modes/index.js\";\n\nexport default async function paymentRoutes(fastify, { enabledModes, paymentRuntime = {} } = {}) {\n for (const backendModeHandler of Object.values(getBackendModeHandlers(enabledModes))) {\n await backendModeHandler.registerRoutes(fastify, { paymentRuntime });\n }\n}\n"],
|
|
5
|
+
"mappings": "AACA,SAAS,8BAA8B;AAEvC,eAAO,cAAqC,SAAS,EAAE,cAAc,iBAAiB,CAAC,EAAE,IAAI,CAAC,GAAG;AAC/F,aAAW,sBAAsB,OAAO,OAAO,uBAAuB,YAAY,CAAC,GAAG;AACpF,UAAM,mBAAmB,eAAe,SAAS,EAAE,eAAe,CAAC;AAAA,EACrE;AACF;",
|
|
6
|
+
"names": []
|
|
7
|
+
}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
export declare function readBodyRecord(value: any): any;
|
|
2
|
+
export declare function requireHostProxyService(hostProxyService: any): any;
|
|
3
|
+
export declare function readRequestOrigin(request: any): string;
|
|
4
|
+
export declare function readHostBootstrapContext(request: any, bootstrap?: {}): {
|
|
5
|
+
subjectId: string;
|
|
6
|
+
email: string;
|
|
7
|
+
name: string;
|
|
8
|
+
origin: string;
|
|
9
|
+
token: string;
|
|
10
|
+
};
|
|
11
|
+
export declare function requireHostBootstrapRequest(request: any, bootstrap?: {}): {
|
|
12
|
+
apiKey: string;
|
|
13
|
+
signingSecret: string;
|
|
14
|
+
ttlSeconds: number;
|
|
15
|
+
};
|
|
16
|
+
export declare function buildHostBootstrapResult({ subjectId, email, name, origin, signingSecret, ttlSeconds, }: {
|
|
17
|
+
subjectId: any;
|
|
18
|
+
email: any;
|
|
19
|
+
name: any;
|
|
20
|
+
origin: any;
|
|
21
|
+
signingSecret: any;
|
|
22
|
+
ttlSeconds: any;
|
|
23
|
+
}): {
|
|
24
|
+
subjectId: string;
|
|
25
|
+
email: string;
|
|
26
|
+
name: string;
|
|
27
|
+
bootstrapToken: string;
|
|
28
|
+
expiresIn: number;
|
|
29
|
+
};
|
|
30
|
+
export declare function isOriginAllowed(origin: any, allowedOrigins?: any[]): boolean;
|
|
31
|
+
export declare function applyHostApiCorsHeaders(reply: any, request: any, allowedOrigins?: any[]): void;
|
|
32
|
+
export declare function ensureHostApiOriginAllowed(request: any, reply: any, allowedOrigins?: any[]): boolean;
|
|
33
|
+
export declare function sendHostApiPreflight(request: any, reply: any, allowedOrigins?: any[]): any;
|
|
34
|
+
export declare function applyNoStoreHeaders(reply: any, hostProxyService: any): any;
|
|
35
|
+
export declare function sendServiceError(request: any, reply: any, err: any, fallbackMessage: any): any;
|
|
36
|
+
//# sourceMappingURL=shared.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"shared.d.ts","sourceRoot":"","sources":["../../../../src/backend/routes/gateway/shared.ts"],"names":[],"mappings":"AA8BA,wBAAgB,cAAc,CAAC,KAAK,KAAA,OAEnC;AAED,wBAAgB,uBAAuB,CAAC,gBAAgB,KAAA,OAKvD;AAED,wBAAgB,iBAAiB,CAAC,OAAO,KAAA,UAExC;AA2CD,wBAAgB,wBAAwB,CAAC,OAAO,KAAA,EAAE,SAAS,KAAK;;;;;;EAiB/D;AAED,wBAAgB,2BAA2B,CAAC,OAAO,KAAA,EAAE,SAAS,KAAK;;;;EAoBlE;AAED,wBAAgB,wBAAwB,CAAC,EACvC,SAAS,EACT,KAAK,EACL,IAAI,EACJ,MAAM,EACN,aAAa,EACb,UAAU,GACX;;;;;;;CAAA;;;;;;EAuBA;AAED,wBAAgB,eAAe,CAAC,MAAM,KAAA,EAAE,cAAc,QAAK,WAQ1D;AAED,wBAAgB,uBAAuB,CAAC,KAAK,KAAA,EAAE,OAAO,KAAA,EAAE,cAAc,QAAK,QAQ1E;AAED,wBAAgB,0BAA0B,CAAC,OAAO,KAAA,EAAE,KAAK,KAAA,EAAE,cAAc,QAAK,WAS7E;AAED,wBAAgB,oBAAoB,CAAC,OAAO,KAAA,EAAE,KAAK,KAAA,EAAE,cAAc,QAAK,OAgBvE;AAED,wBAAgB,mBAAmB,CAAC,KAAK,KAAA,EAAE,gBAAgB,KAAA,OAO1D;AAED,wBAAgB,gBAAgB,CAAC,OAAO,KAAA,EAAE,KAAK,KAAA,EAAE,GAAG,KAAA,EAAE,eAAe,KAAA,OAapE"}
|