@zintrust/cloudflare-kv-proxy 0.9.3 → 1.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/build-manifest.json +15 -11
- package/dist/index.d.ts +2 -2
- package/dist/index.js +6 -34
- package/package.json +3 -3
package/dist/build-manifest.json
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@zintrust/cloudflare-kv-proxy",
|
|
3
|
-
"version": "
|
|
4
|
-
"buildDate": "2026-04-
|
|
3
|
+
"version": "1.1.0",
|
|
4
|
+
"buildDate": "2026-04-23T23:14:58.658Z",
|
|
5
5
|
"buildEnvironment": {
|
|
6
|
-
"node": "
|
|
7
|
-
"platform": "
|
|
8
|
-
"arch": "
|
|
6
|
+
"node": "v22.22.1",
|
|
7
|
+
"platform": "darwin",
|
|
8
|
+
"arch": "arm64"
|
|
9
9
|
},
|
|
10
10
|
"git": {
|
|
11
|
-
"commit": "
|
|
12
|
-
"branch": "
|
|
11
|
+
"commit": "ade51fe7",
|
|
12
|
+
"branch": "release"
|
|
13
13
|
},
|
|
14
14
|
"package": {
|
|
15
15
|
"engines": {
|
|
@@ -29,13 +29,17 @@
|
|
|
29
29
|
"size": 5398,
|
|
30
30
|
"sha256": "5be1bc4b1ad88b1980c28e5ca45c1e564f44466bd5d0cda8bc07403031ce87a1"
|
|
31
31
|
},
|
|
32
|
+
"build-manifest.json": {
|
|
33
|
+
"size": 1112,
|
|
34
|
+
"sha256": "dde4348c9d2259bd687e64f0494400c0d7cc553be309e9a07788559de5725745"
|
|
35
|
+
},
|
|
32
36
|
"index.d.ts": {
|
|
33
|
-
"size":
|
|
34
|
-
"sha256": "
|
|
37
|
+
"size": 1335,
|
|
38
|
+
"sha256": "b616e14ae1faa6abafb66b7a79511fd7822a3a58243bf8033cf3d67562bf2a3b"
|
|
35
39
|
},
|
|
36
40
|
"index.js": {
|
|
37
|
-
"size":
|
|
38
|
-
"sha256": "
|
|
41
|
+
"size": 11682,
|
|
42
|
+
"sha256": "5ee2ac34141f1ba9e595ef2baaff4ae2fc30e32b5135bc3862a0b7a6dfa4c604"
|
|
39
43
|
}
|
|
40
44
|
}
|
|
41
45
|
}
|
package/dist/index.d.ts
CHANGED
|
@@ -12,9 +12,9 @@ type KVListResult = {
|
|
|
12
12
|
type KVNamespace = {
|
|
13
13
|
get: {
|
|
14
14
|
(key: string): Promise<string | null>;
|
|
15
|
-
(key: string, type: 'json'): Promise<unknown
|
|
15
|
+
(key: string, type: 'json'): Promise<unknown>;
|
|
16
16
|
(key: string, type: 'arrayBuffer'): Promise<ArrayBuffer | null>;
|
|
17
|
-
(key: string, type: KvGetType): Promise<
|
|
17
|
+
(key: string, type: KvGetType): Promise<ArrayBuffer | string | null>;
|
|
18
18
|
};
|
|
19
19
|
put: (key: string, value: string, options?: KVNamespacePutOptions) => Promise<void>;
|
|
20
20
|
delete: (key: string) => Promise<void>;
|
package/dist/index.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { ErrorHandler, RequestValidator,
|
|
1
|
+
import { ErrorHandler, RequestValidator, WorkerSigning } from '@zintrust/core/proxy';
|
|
2
2
|
const DEFAULT_SIGNING_WINDOW_MS = 60_000;
|
|
3
3
|
const DEFAULT_MAX_BODY_BYTES = 128 * 1024;
|
|
4
4
|
const DEFAULT_LIST_LIMIT = 100;
|
|
@@ -62,40 +62,12 @@ const parseOptionalJson = (text) => {
|
|
|
62
62
|
const successResult = parsed;
|
|
63
63
|
return { ok: true, payload: successResult.value };
|
|
64
64
|
};
|
|
65
|
-
const loadSigningSecret = (env) => {
|
|
66
|
-
const direct = typeof env.KV_REMOTE_SECRET === 'string' ? env.KV_REMOTE_SECRET.trim() : '';
|
|
67
|
-
if (direct !== '')
|
|
68
|
-
return direct;
|
|
69
|
-
const fallback = typeof env.APP_KEY === 'string' ? env.APP_KEY.trim() : '';
|
|
70
|
-
if (fallback !== '')
|
|
71
|
-
return fallback;
|
|
72
|
-
return null;
|
|
73
|
-
};
|
|
74
|
-
const verifyNonceKv = async (kv, keyId, nonce, ttlMs) => {
|
|
75
|
-
const ttlSeconds = Math.max(1, Math.ceil(ttlMs / 1000));
|
|
76
|
-
const storageKey = `nonce:${keyId}:${nonce}`;
|
|
77
|
-
const existing = await kv.get(storageKey);
|
|
78
|
-
if (existing !== null)
|
|
79
|
-
return false;
|
|
80
|
-
await kv.put(storageKey, '1', { expirationTtl: ttlSeconds });
|
|
81
|
-
return true;
|
|
82
|
-
};
|
|
83
65
|
const verifySignedRequest = async (request, env, bodyBytes) => {
|
|
84
|
-
const
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
const verifyResult = await SigningService.verifyWithKeyProvider({
|
|
90
|
-
method: request.method,
|
|
91
|
-
url: request.url,
|
|
92
|
-
body: bodyBytes,
|
|
93
|
-
headers: request.headers,
|
|
94
|
-
windowMs,
|
|
95
|
-
getSecretForKeyId: async (_keyId) => secret,
|
|
96
|
-
verifyNonce: env.ZT_NONCES === undefined
|
|
97
|
-
? undefined
|
|
98
|
-
: async (keyId, nonce, ttlMs) => verifyNonceKv(env.ZT_NONCES, keyId, nonce, ttlMs),
|
|
66
|
+
const verifyResult = await WorkerSigning.verifySignedRequest(request, env, bodyBytes, {
|
|
67
|
+
secretEnvVar: 'KV_REMOTE_SECRET',
|
|
68
|
+
missingSecretStatus: 500,
|
|
69
|
+
missingSecretMessage: 'Missing signing secret (KV_REMOTE_SECRET or APP_KEY)',
|
|
70
|
+
defaultSigningWindowMs: DEFAULT_SIGNING_WINDOW_MS,
|
|
99
71
|
});
|
|
100
72
|
if (verifyResult.ok === false) {
|
|
101
73
|
return toErrorResponse(verifyResult.status, verifyResult.code, verifyResult.message);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@zintrust/cloudflare-kv-proxy",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "1.5.0",
|
|
4
4
|
"description": "Cloudflare KV proxy package for ZinTrust.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"private": false,
|
|
@@ -20,7 +20,7 @@
|
|
|
20
20
|
"access": "public"
|
|
21
21
|
},
|
|
22
22
|
"peerDependencies": {
|
|
23
|
-
"@zintrust/core": "
|
|
23
|
+
"@zintrust/core": "*"
|
|
24
24
|
},
|
|
25
25
|
"keywords": [
|
|
26
26
|
"zintrust",
|
|
@@ -34,4 +34,4 @@
|
|
|
34
34
|
"prepublishOnly": "npm run build",
|
|
35
35
|
"type-check": "tsc -p tsconfig.json --noEmit"
|
|
36
36
|
}
|
|
37
|
-
}
|
|
37
|
+
}
|