@zintrust/core 0.1.41 → 0.1.42

package/src/orm/adapters/SqlProxyAdapterUtils.js

@@ -1,5 +1,6 @@
 import { RemoteSignedJson } from '../../common/RemoteSignedJson.js';
 import { ErrorFactory } from '../../exceptions/ZintrustError.js';
+import { isObject } from '../../helper/index.js';
 import { resolveSigningPrefix } from '../adapters/ProxySigningPath.js';
 import { normalizeSigningCredentials } from '../../proxy/SigningService.js';
 export const buildSignedSettings = (config) => {
@@ -32,4 +33,4 @@ export const requestSignedProxy = async (config, path, payload) => {
     const signedSettings = ensureSignedSettings(config);
     return RemoteSignedJson.request(signedSettings, path, payload);
 };
-export const isRecord = (value) => typeof value === 'object' && value !== null;
+export const isRecord = (value) => isObject(value);

package/src/orm/adapters/SqlProxyRegistryMode.d.ts

@@ -0,0 +1,12 @@
+export type SqlProxyMode = 'sql' | 'registry';
+export declare const resolveSqlProxyMode: (envKey: string) => SqlProxyMode;
+export declare const createStatementId: (sql: string) => Promise<string>;
+export declare const createStatementPayload: (sql: string, parameters: unknown[]) => Promise<{
+    statementId: string;
+    params: unknown[];
+}>;
+export declare const getExecMetaWithLastRowId: (value: unknown) => {
+    changes: number;
+    lastRowId?: number | string | bigint;
+};
+//# sourceMappingURL=SqlProxyRegistryMode.d.ts.map

package/src/orm/adapters/SqlProxyRegistryMode.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SqlProxyRegistryMode.d.ts","sourceRoot":"","sources":["../../../../src/orm/adapters/SqlProxyRegistryMode.ts"],"names":[],"mappings":"AAIA,MAAM,MAAM,YAAY,GAAG,KAAK,GAAG,UAAU,CAAC;AAE9C,eAAO,MAAM,mBAAmB,GAAI,QAAQ,MAAM,KAAG,YAGpD,CAAC;AAEF,eAAO,MAAM,iBAAiB,GAAU,KAAK,MAAM,KAAG,OAAO,CAAC,MAAM,CAEnE,CAAC;AAEF,eAAO,MAAM,sBAAsB,GACjC,KAAK,MAAM,EACX,YAAY,OAAO,EAAE,KACpB,OAAO,CAAC;IAAE,WAAW,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,OAAO,EAAE,CAAA;CAAE,CAGpD,CAAC;AAEF,eAAO,MAAM,wBAAwB,GACnC,OAAO,OAAO,KACb;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CAAA;CAOzD,CAAC"}

package/src/orm/adapters/SqlProxyRegistryMode.js

@@ -0,0 +1,24 @@
+import { Env } from '../../config/env.js';
+import { isRecord } from '../adapters/SqlProxyAdapterUtils.js';
+import { SignedRequest } from '../../security/SignedRequest.js';
+export const resolveSqlProxyMode = (envKey) => {
+    const raw = Env.get(envKey, 'sql').trim().toLowerCase();
+    return raw === 'registry' ? 'registry' : 'sql';
+};
+export const createStatementId = async (sql) => {
+    return SignedRequest.sha256Hex(sql);
+};
+export const createStatementPayload = async (sql, parameters) => {
+    const statementId = await createStatementId(sql);
+    return { statementId, params: parameters };
+};
+export const getExecMetaWithLastRowId = (value) => {
+    if (!isRecord(value) || typeof value['ok'] !== 'boolean')
+        return { changes: 0 };
+    const meta = value['meta'];
+    if (!isRecord(meta))
+        return { changes: 0 };
+    const changes = typeof meta['changes'] === 'number' ? meta['changes'] : 0;
+    const lastRowId = meta['lastRowId'];
+    return { changes, lastRowId: lastRowId };
+};

package/src/orm/adapters/SqlServerProxyAdapter.d.ts

@@ -1,3 +1,6 @@
+/**
+ * SQL Server Proxy Adapter (HTTP)
+ */
 import type { IDatabaseAdapter } from '../DatabaseAdapter';
 export declare function createSqlServerProxyAdapter(): IDatabaseAdapter;
 //# sourceMappingURL=SqlServerProxyAdapter.d.ts.map

package/src/orm/adapters/SqlServerProxyAdapter.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SqlServerProxyAdapter.d.ts","sourceRoot":"","sources":["../../../../src/orm/adapters/SqlServerProxyAdapter.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,gBAAgB,EAAe,MAAM,sBAAsB,CAAC;AAyF1E,wBAAgB,2BAA2B,IAAI,gBAAgB,CAsF9D"}
+{"version":3,"file":"SqlServerProxyAdapter.d.ts","sourceRoot":"","sources":["../../../../src/orm/adapters/SqlServerProxyAdapter.ts"],"names":[],"mappings":"AACA;;GAEG;AAKH,OAAO,KAAK,EAAE,gBAAgB,EAAe,MAAM,sBAAsB,CAAC;AAwO1E,wBAAgB,2BAA2B,IAAI,gBAAgB,CAI9D"}

package/src/orm/adapters/SqlServerProxyAdapter.js

@@ -1,146 +1,154 @@
+/* eslint-disable @typescript-eslint/require-await */
+/**
+ * SQL Server Proxy Adapter (HTTP)
+ */
 import { Env } from '../../config/env.js';
-import { Logger } from '../../config/logger.js';
 import { ErrorFactory } from '../../exceptions/ZintrustError.js';
-import { createSignedProxyRequest } from '../adapters/ProxySignedRequest.js';
-const cache = new Map();
-const CACHE_TTL_MS = 5000;
-const getCacheKey = (sql, params) => {
-    return `${sql}:${JSON.stringify(params)}`;
+import { AdaptersEnum } from '../../migrations/enum/index.js';
+import { QueryBuilder } from '../QueryBuilder.js';
+import { ensureSignedSettings, isRecord, requestSignedProxy, } from '../adapters/SqlProxyAdapterUtils.js';
+import { createStatementPayload, getExecMetaWithLastRowId, resolveSqlProxyMode, } from '../adapters/SqlProxyRegistryMode.js';
+const resolveProxyMode = () => {
+    return resolveSqlProxyMode('SQLSERVER_PROXY_MODE');
 };
-const getCachedResult = (key) => {
-    const entry = cache.get(key);
-    if (!entry)
-        return null;
-    if (Date.now() - entry.timestamp > CACHE_TTL_MS) {
-        cache.delete(key);
-        return null;
-    }
-    return entry.data;
-};
-const setCachedResult = (key, data) => {
-    cache.set(key, { data, timestamp: Date.now() });
-};
-const resolveProxyUrl = () => {
-    const url = Env.get('SQLSERVER_PROXY_URL', '');
-    if (typeof url === 'string' && url.trim() !== '')
-        return url;
+const resolveBaseUrl = () => {
+    const explicit = Env.get('SQLSERVER_PROXY_URL', '').trim();
+    if (explicit !== '')
+        return explicit;
     const host = Env.get('SQLSERVER_PROXY_HOST', '127.0.0.1');
     const port = Env.getInt('SQLSERVER_PROXY_PORT', 8793);
     return `http://${host}:${port}`;
 };
-const createSignedRequest = async (url, body) => {
-    return createSignedProxyRequest({
-        url,
-        body,
-        keyId: Env.get('SQLSERVER_PROXY_KEY_ID', ''),
-        secret: Env.get('SQLSERVER_PROXY_SECRET', ''),
-        missingCredentialsMessage: 'SQL Server proxy signing credentials are missing (SQLSERVER_PROXY_KEY_ID / SQLSERVER_PROXY_SECRET)',
-    });
+const buildProxySettings = () => {
+    const baseUrl = resolveBaseUrl();
+    const keyId = Env.get('SQLSERVER_PROXY_KEY_ID', '');
+    const secret = Env.get('SQLSERVER_PROXY_SECRET', '');
+    const timeoutMs = Env.getInt('SQLSERVER_PROXY_TIMEOUT_MS', Env.ZT_PROXY_TIMEOUT_MS ?? 30000);
+    return { baseUrl, keyId, secret, timeoutMs };
 };
-const sendQuery = async (sql, params) => {
-    const proxyUrl = resolveProxyUrl();
-    const payload = { sql, params };
-    const body = JSON.stringify(payload);
-    const { headers, body: signedBody } = await createSignedRequest(proxyUrl, body);
-    const timeout = Env.getInt('SQLSERVER_PROXY_TIMEOUT_MS', 30000);
-    const controller = new AbortController();
-    const timeoutId = globalThis.setTimeout(() => controller.abort(), timeout);
-    try {
-        const response = await fetch(proxyUrl, {
-            method: 'POST',
-            headers,
-            body: signedBody,
-            signal: controller.signal,
+const buildSignedProxyConfig = (settings) => ({
+    settings,
+    missingUrlMessage: 'SQL Server proxy URL is missing (SQLSERVER_PROXY_URL)',
+    missingCredentialsMessage: 'SQL Server proxy signing credentials are missing (SQLSERVER_PROXY_KEY_ID / SQLSERVER_PROXY_SECRET)',
+    messages: {
+        unauthorized: 'SQL Server proxy unauthorized',
+        forbidden: 'SQL Server proxy forbidden',
+        rateLimited: 'SQL Server proxy rate limited',
+        rejected: 'SQL Server proxy rejected request',
+        error: 'SQL Server proxy error',
+        timedOut: 'SQL Server proxy request timed out',
+    },
+});
+const isQueryResponse = (value) => isRecord(value) && Array.isArray(value['rows']) && typeof value['rowCount'] === 'number';
+const isQueryOneResponse = (value) => isRecord(value) && 'row' in value;
+const requestProxy = async (settings, path, payload) => requestSignedProxy(buildSignedProxyConfig(settings), path, payload);
+const requireConnected = (state) => {
+    if (!state.connected)
+        throw ErrorFactory.createConnectionError('Database not connected');
+};
+const toQueryResult = (out) => {
+    if (isQueryResponse(out)) {
+        return { rows: out.rows, rowCount: out.rowCount };
+    }
+    if (isQueryOneResponse(out)) {
+        const row = out.row ?? null;
+        return { rows: row ? [row] : [], rowCount: row ? 1 : 0 };
+    }
+    const meta = getExecMetaWithLastRowId(out);
+    return { rows: [], rowCount: meta.changes, lastInsertId: meta.lastRowId };
+};
+const createQuery = (state) => async (sql, parameters) => {
+    requireConnected(state);
+    const mode = resolveProxyMode();
+    const out = mode === 'registry'
+        ? await requestProxy(state.settings, '/zin/sqlserver/statement', await createStatementPayload(sql, parameters))
+        : await requestProxy(state.settings, '/zin/sqlserver/query', {
+            sql,
+            params: parameters,
         });
-        clearTimeout(timeoutId);
-        if (!response.ok) {
-            const errorText = await response.text();
-            throw ErrorFactory.createDatabaseError(`SQL Server proxy error: ${errorText}`);
-        }
-        const result = (await response.json());
+    return toQueryResult(out);
+};
+const createQueryOne = (state) => async (sql, parameters) => {
+    requireConnected(state);
+    const mode = resolveProxyMode();
+    if (mode !== 'registry') {
+        const out = await requestProxy(state.settings, '/zin/sqlserver/queryOne', {
+            sql,
+            params: parameters,
+        });
+        return out.row ?? null;
+    }
+    const out = await requestProxy(state.settings, '/zin/sqlserver/statement', await createStatementPayload(sql, parameters));
+    if (isQueryOneResponse(out))
+        return out.row ?? null;
+    if (isQueryResponse(out))
+        return out.rows[0] ?? null;
+    return null;
+};
+const createPing = (query) => async () => {
+    await query(QueryBuilder.create('').select('1').toSQL(), []);
+};
+const createTransaction = (state, getAdapter) => async (callback) => {
+    if (state.inTransaction) {
+        throw ErrorFactory.createGeneralError('Transaction already in progress');
+    }
+    requireConnected(state);
+    state.inTransaction = true;
+    try {
+        const adapter = getAdapter();
+        await adapter.query('BEGIN TRANSACTION', []);
+        const result = await callback(adapter);
+        await adapter.query('COMMIT', []);
         return result;
     }
     catch (error) {
-        clearTimeout(timeoutId);
-        if (error.name === 'AbortError') {
-            throw ErrorFactory.createGeneralError('SQL Server proxy request timed out');
+        try {
+            await getAdapter().query('ROLLBACK', []);
+        }
+        catch {
+            void 0;
         }
         throw error;
     }
+    finally {
+        state.inTransaction = false;
+    }
 };
-export function createSqlServerProxyAdapter() {
-    let connected = false;
-    let inTransaction = false;
-    return {
-        // eslint-disable-next-line @typescript-eslint/require-await
+const createRawQuery = (query) => async (sql, parameters) => {
+    const result = await query(sql, parameters ?? []);
+    return result.rows;
+};
+const createAdapter = (state) => {
+    const query = createQuery(state);
+    const queryOne = createQueryOne(state);
+    const adapter = {
         async connect() {
-            const proxyUrl = resolveProxyUrl();
-            Logger.info(`Connecting to SQL Server via proxy: ${proxyUrl}`);
-            connected = true;
+            ensureSignedSettings(buildSignedProxyConfig(state.settings));
+            state.connected = true;
         },
-        // eslint-disable-next-line @typescript-eslint/require-await
         async disconnect() {
-            connected = false;
-            inTransaction = false;
-            cache.clear();
-            Logger.info('Disconnected from SQL Server proxy');
-        },
-        async query(sql, parameters) {
-            if (!connected) {
-                throw ErrorFactory.createConnectionError('Not connected to SQL Server proxy');
-            }
-            if (sql.trim().toUpperCase().startsWith('SELECT')) {
-                const cacheKey = getCacheKey(sql, parameters);
-                const cached = getCachedResult(cacheKey);
-                if (cached)
-                    return cached;
-                const result = await sendQuery(sql, parameters);
-                setCachedResult(cacheKey, result);
-                return result;
-            }
-            return sendQuery(sql, parameters);
-        },
-        async queryOne(sql, parameters) {
-            const result = await this.query(sql, parameters);
-            return result.rows[0] ?? null;
-        },
-        async ping() {
-            if (!connected) {
-                throw ErrorFactory.createConnectionError('Not connected to SQL Server proxy');
-            }
-            await this.query('SELECT 1 AS ping', []);
-        },
-        async transaction(callback) {
-            if (inTransaction) {
-                throw ErrorFactory.createGeneralError('Transaction already in progress');
-            }
-            inTransaction = true;
-            try {
-                await this.query('BEGIN TRANSACTION', []);
-                const result = await callback(this);
-                await this.query('COMMIT', []);
-                return result;
-            }
-            catch (error) {
-                await this.query('ROLLBACK', []);
-                throw error;
-            }
-            finally {
-                inTransaction = false;
-            }
-        },
-        async rawQuery(sql, parameters) {
-            const result = await this.query(sql, parameters ?? []);
-            return result.rows;
+            state.connected = false;
+            state.inTransaction = false;
         },
+        query,
+        queryOne,
+        ping: createPing(query),
+        transaction: createTransaction(state, () => adapter),
+        rawQuery: createRawQuery(query),
         getType() {
-            return 'sqlserver-proxy';
+            return AdaptersEnum.sqlserver;
         },
         isConnected() {
-            return connected;
+            return state.connected;
         },
         getPlaceholder(index) {
             return `@param${index}`;
         },
     };
+    return adapter;
+};
+export function createSqlServerProxyAdapter() {
+    const settings = buildProxySettings();
+    const state = { connected: false, inTransaction: false, settings };
+    return createAdapter(state);
 }

package/src/orm/migrations/MigrationStore.js

@@ -12,7 +12,7 @@ const toSafeService = (service) => {
 };
 const assertDbSupportsMigrations = (db) => {
     const t = db.getType();
-    if (t === 'd1' || t === 'd1-remote') {
+    if (t === 'd1') {
         throw ErrorFactory.createCliError('This project is configured for D1. Use `zin d1:migrate --local|--remote` for now.');
     }
 };

package/src/proxy/ProxyRequestParsing.d.ts

@@ -0,0 +1,9 @@
+import type { ProxyResponse } from './ProxyBackend';
+export declare const validateProxyRequest: (request: {
+    method: string;
+}) => ProxyResponse | null;
+export declare const parseJsonBody: (body: string) => {
+    ok: true;
+    value: Record<string, unknown>;
+} | ProxyResponse;
+//# sourceMappingURL=ProxyRequestParsing.d.ts.map

package/src/proxy/ProxyRequestParsing.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ProxyRequestParsing.d.ts","sourceRoot":"","sources":["../../../src/proxy/ProxyRequestParsing.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAGzD,eAAO,MAAM,oBAAoB,GAAI,SAAS;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,KAAG,aAAa,GAAG,IAMlF,CAAC;AAEF,eAAO,MAAM,aAAa,GACxB,MAAM,MAAM,KACX;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAAE,GAAG,aAMjD,CAAC"}

package/src/proxy/ProxyRequestParsing.js

@@ -0,0 +1,16 @@
+import { ErrorHandler } from './ErrorHandler.js';
+import { RequestValidator } from './RequestValidator.js';
+export const validateProxyRequest = (request) => {
+    const methodError = RequestValidator.requirePost(request.method);
+    if (methodError) {
+        return ErrorHandler.toProxyError(405, methodError.code, methodError.message);
+    }
+    return null;
+};
+export const parseJsonBody = (body) => {
+    const parsed = RequestValidator.parseJson(body);
+    if (!parsed.ok) {
+        return ErrorHandler.toProxyError(400, parsed.error.code, parsed.error.message);
+    }
+    return { ok: true, value: parsed.value };
+};

package/src/proxy/RequestValidator.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"RequestValidator.d.ts","sourceRoot":"","sources":["../../../src/proxy/RequestValidator.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,eAAe,GAAG,QAAQ,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CAAC;AA4B1E,eAAO,MAAM,gBAAgB;sBAtBrB,MAAM,KACX;QAAE,EAAE,EAAE,IAAI,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,GAAG;QAAE,EAAE,EAAE,KAAK,CAAC;QAAC,KAAK,EAAE,eAAe,CAAA;KAAE;0BAgB1D,MAAM,GAAG,SAAS,KAAG,eAAe,GAAG,IAAI;EAQtE,CAAC"}
+{"version":3,"file":"RequestValidator.d.ts","sourceRoot":"","sources":["../../../src/proxy/RequestValidator.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,eAAe,GAAG,QAAQ,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CAAC;AA2B1E,eAAO,MAAM,gBAAgB;sBAtBrB,MAAM,KACX;QAAE,EAAE,EAAE,IAAI,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,GAAG;QAAE,EAAE,EAAE,KAAK,CAAC;QAAC,KAAK,EAAE,eAAe,CAAA;KAAE;0BAgB1D,MAAM,GAAG,SAAS,KAAG,eAAe,GAAG,IAAI;EAQtE,CAAC"}

package/src/proxy/RequestValidator.js

@@ -1,4 +1,5 @@
-const isRecord = (value) => typeof value === 'object' && value !== null;
+import { isObject } from '../helper/index.js';
+const isRecord = (value) => isObject(value);
 const parseJson = (body) => {
     if (body.trim() === '') {
         return { ok: false, error: { code: 'VALIDATION_ERROR', message: 'Body is required' } };

package/src/proxy/SigningService.js

@@ -16,7 +16,7 @@ const normalizeKeyId = (keyId) => {
     const trimmed = keyId.trim();
     if (trimmed !== '')
         return trimmed.toLowerCase();
-    const appNameRaw = Env.APP_NAME ?? 'zintrust';
+    const appNameRaw = Env.get('APP_NAME', 'zintrust');
     const normalized = (appNameRaw.trim() === '' ? 'zintrust' : appNameRaw)
         .toLowerCase()
         .replaceAll(/\s+/g, '_');
@@ -26,7 +26,7 @@ const normalizeSecret = (secret) => {
     const trimmed = secret.trim();
     if (trimmed !== '')
         return trimmed;
-    return Env.APP_KEY ?? '';
+    return Env.get('APP_KEY', '');
 };
 const normalizeConfig = (signing) => ({
     ...signing,

package/src/proxy/SqlProxyDbOverrides.d.ts

@@ -0,0 +1,17 @@
+export type SqlProxyDatabaseOverrides = Partial<{
+    dbHost: string;
+    dbPort: number;
+    dbName: string;
+    dbUser: string;
+    dbPass: string;
+    connectionLimit: number;
+}>;
+export type SqlProxyDatabaseConfig = Readonly<{
+    dbHost: string;
+    dbPort: number;
+    dbName: string;
+    dbUser: string;
+    dbPass: string;
+    connectionLimit: number;
+}>;
+//# sourceMappingURL=SqlProxyDbOverrides.d.ts.map

package/src/proxy/SqlProxyDbOverrides.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SqlProxyDbOverrides.d.ts","sourceRoot":"","sources":["../../../src/proxy/SqlProxyDbOverrides.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,yBAAyB,GAAG,OAAO,CAAC;IAC9C,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,MAAM,CAAC;CACzB,CAAC,CAAC;AAEH,MAAM,MAAM,sBAAsB,GAAG,QAAQ,CAAC;IAC5C,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,MAAM,CAAC;CACzB,CAAC,CAAC"}

package/src/proxy/SqlProxyDbOverrides.js

@@ -0,0 +1 @@
+export {};

package/src/proxy/SqlProxyServerDeps.d.ts

@@ -0,0 +1,12 @@
+export { Env } from '../config/env';
+export { Logger } from '../config/logger';
+export { ErrorHandler } from './ErrorHandler';
+export type { ProxyBackend, ProxyResponse } from './ProxyBackend';
+export type { ProxySigningConfig } from './ProxyConfig';
+export { parseJsonBody, validateProxyRequest } from './ProxyRequestParsing';
+export { createProxyServer } from './ProxyServer';
+export { resolveBaseConfig, resolveBaseSigningConfig, verifyRequestSignature, type BaseProxyOverrides, } from './ProxyServerUtils';
+export { validateSqlPayload } from './SqlPayloadValidator';
+export { loadStatementRegistry } from './StatementRegistryLoader';
+export { resolveStatementOrError } from './StatementRegistryResolver';
+//# sourceMappingURL=SqlProxyServerDeps.d.ts.map

package/src/proxy/SqlProxyServerDeps.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SqlProxyServerDeps.d.ts","sourceRoot":"","sources":["../../../src/proxy/SqlProxyServerDeps.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AACxC,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,YAAY,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACvE,YAAY,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAC;AACjF,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EACL,iBAAiB,EACjB,wBAAwB,EACxB,sBAAsB,EACtB,KAAK,kBAAkB,GACxB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AACvE,OAAO,EAAE,uBAAuB,EAAE,MAAM,kCAAkC,CAAC"}

package/src/proxy/SqlProxyServerDeps.js

@@ -0,0 +1,9 @@
+export { Env } from '../config/env.js';
+export { Logger } from '../config/logger.js';
+export { ErrorHandler } from './ErrorHandler.js';
+export { parseJsonBody, validateProxyRequest } from './ProxyRequestParsing.js';
+export { createProxyServer } from './ProxyServer.js';
+export { resolveBaseConfig, resolveBaseSigningConfig, verifyRequestSignature, } from './ProxyServerUtils.js';
+export { validateSqlPayload } from './SqlPayloadValidator.js';
+export { loadStatementRegistry } from './StatementRegistryLoader.js';
+export { resolveStatementOrError } from './StatementRegistryResolver.js';

package/src/proxy/StatementPayloadValidator.d.ts

@@ -0,0 +1,13 @@
+export type StatementPayloadValidation = {
+    valid: true;
+    statementId: string;
+    params: unknown[];
+} | {
+    valid: false;
+    error: {
+        code: string;
+        message: string;
+    };
+};
+export declare const validateStatementPayload: (payload: Record<string, unknown>) => StatementPayloadValidation;
+//# sourceMappingURL=StatementPayloadValidator.d.ts.map

package/src/proxy/StatementPayloadValidator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"StatementPayloadValidator.d.ts","sourceRoot":"","sources":["../../../src/proxy/StatementPayloadValidator.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,0BAA0B,GAClC;IACE,KAAK,EAAE,IAAI,CAAC;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,OAAO,EAAE,CAAC;CACnB,GACD;IACE,KAAK,EAAE,KAAK,CAAC;IACb,KAAK,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;CAC1C,CAAC;AAEN,eAAO,MAAM,wBAAwB,GACnC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAC/B,0BAoBF,CAAC"}

package/src/proxy/StatementPayloadValidator.js

@@ -0,0 +1,18 @@
+export const validateStatementPayload = (payload) => {
+    const statementId = payload['statementId'];
+    const params = Array.isArray(payload['params']) ? payload['params'] : [];
+    if (typeof statementId !== 'string') {
+        return {
+            valid: false,
+            error: { code: 'VALIDATION_ERROR', message: 'statementId must be a string' },
+        };
+    }
+    const trimmed = statementId.trim();
+    if (trimmed === '') {
+        return {
+            valid: false,
+            error: { code: 'VALIDATION_ERROR', message: 'statementId is required' },
+        };
+    }
+    return { valid: true, statementId: trimmed, params };
+};

package/src/proxy/StatementRegistryLoader.d.ts

@@ -0,0 +1,2 @@
+export declare const loadStatementRegistry: (prefix: "MYSQL" | "POSTGRES" | "SQLSERVER") => Record<string, string> | undefined;
+//# sourceMappingURL=StatementRegistryLoader.d.ts.map

package/src/proxy/StatementRegistryLoader.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"StatementRegistryLoader.d.ts","sourceRoot":"","sources":["../../../src/proxy/StatementRegistryLoader.ts"],"names":[],"mappings":"AAgBA,eAAO,MAAM,qBAAqB,GAChC,QAAQ,OAAO,GAAG,UAAU,GAAG,WAAW,KACzC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,SAqB3B,CAAC"}

package/src/proxy/StatementRegistryLoader.js

@@ -0,0 +1,36 @@
+import { Env } from '../config/env.js';
+import { isObject } from '../helper/index.js';
+import fs from '../node-singletons/fs.js';
+const isRecord = (value) => isObject(value);
+const parseStatements = (input) => {
+    if (!isRecord(input))
+        return undefined;
+    const out = {};
+    for (const [key, value] of Object.entries(input)) {
+        if (typeof value === 'string')
+            out[key] = value;
+    }
+    return Object.keys(out).length > 0 ? out : undefined;
+};
+export const loadStatementRegistry = (prefix) => {
+    const file = Env.get(`ZT_${prefix}_STATEMENTS_FILE`, '').trim();
+    if (file !== '') {
+        try {
+            const text = fs.readFileSync(file, 'utf8');
+            return parseStatements(JSON.parse(text));
+        }
+        catch {
+            return undefined;
+        }
+    }
+    const json = Env.get(`ZT_${prefix}_STATEMENTS_JSON`, '').trim();
+    if (json !== '') {
+        try {
+            return parseStatements(JSON.parse(json));
+        }
+        catch {
+            return undefined;
+        }
+    }
+    return undefined;
+};

package/src/proxy/StatementRegistryResolver.d.ts

@@ -0,0 +1,15 @@
+import type { ProxyResponse } from './ProxyBackend';
+export type ResolvedStatement = Readonly<{
+    statementId: string;
+    sql: string;
+    params: unknown[];
+    mutating: boolean;
+}>;
+export declare const resolveStatementOrError: (statements: Record<string, string> | undefined, payload: Record<string, unknown>) => {
+    ok: true;
+    value: ResolvedStatement;
+} | {
+    ok: false;
+    response: ProxyResponse;
+};
+//# sourceMappingURL=StatementRegistryResolver.d.ts.map

package/src/proxy/StatementRegistryResolver.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"StatementRegistryResolver.d.ts","sourceRoot":"","sources":["../../../src/proxy/StatementRegistryResolver.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAIzD,MAAM,MAAM,iBAAiB,GAAG,QAAQ,CAAC;IACvC,WAAW,EAAE,MAAM,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,OAAO,EAAE,CAAC;IAClB,QAAQ,EAAE,OAAO,CAAC;CACnB,CAAC,CAAC;AAEH,eAAO,MAAM,uBAAuB,GAClC,YAAY,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,SAAS,EAC9C,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAC/B;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,KAAK,EAAE,iBAAiB,CAAA;CAAE,GAAG;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,QAAQ,EAAE,aAAa,CAAA;CAqC/E,CAAC"}

package/src/proxy/StatementRegistryResolver.js

@@ -0,0 +1,34 @@
+import { ErrorHandler } from './ErrorHandler.js';
+import { validateStatementPayload } from './StatementPayloadValidator.js';
+import { isMutatingSql } from './isMutatingSql.js';
+export const resolveStatementOrError = (statements, payload) => {
+    if (!statements) {
+        return {
+            ok: false,
+            response: ErrorHandler.toProxyError(400, 'CONFIG_ERROR', 'Missing statement registry'),
+        };
+    }
+    const stmtValidation = validateStatementPayload(payload);
+    if (!stmtValidation.valid) {
+        return {
+            ok: false,
+            response: ErrorHandler.toProxyError(400, stmtValidation.error.code, stmtValidation.error.message),
+        };
+    }
+    const sql = statements[stmtValidation.statementId];
+    if (typeof sql !== 'string' || sql.trim() === '') {
+        return {
+            ok: false,
+            response: ErrorHandler.toProxyError(404, 'NOT_FOUND', 'Unknown statementId'),
+        };
+    }
+    return {
+        ok: true,
+        value: {
+            statementId: stmtValidation.statementId,
+            sql,
+            params: stmtValidation.params,
+            mutating: isMutatingSql(sql),
+        },
+    };
+};

package/src/proxy/d1/ZintrustD1Proxy.d.ts

@@ -1,2 +1,3 @@
-export { _ZINTRUST_CLOUDFLARE_D1_PROXY_BUILD_DATE, _ZINTRUST_CLOUDFLARE_D1_PROXY_VERSION, ZintrustD1Proxy, } from '../../../packages/cloudflare-d1-proxy/src/index.js';
+export { ZintrustD1Proxy } from '../../../packages/cloudflare-d1-proxy/src/index.js';
+export { default } from '../../../packages/cloudflare-d1-proxy/src/index.js';
 //# sourceMappingURL=ZintrustD1Proxy.d.ts.map

package/src/proxy/d1/ZintrustD1Proxy.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ZintrustD1Proxy.d.ts","sourceRoot":"","sources":["../../../../src/proxy/d1/ZintrustD1Proxy.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,wCAAwC,EACxC,qCAAqC,EACrC,eAAe,GAChB,MAAM,+BAA+B,CAAC"}
+{"version":3,"file":"ZintrustD1Proxy.d.ts","sourceRoot":"","sources":["../../../../src/proxy/d1/ZintrustD1Proxy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAEhE,OAAO,EAAE,OAAO,EAAE,MAAM,+BAA+B,CAAC"}

package/src/proxy/d1/ZintrustD1Proxy.js

@@ -1 +1,2 @@
-export { _ZINTRUST_CLOUDFLARE_D1_PROXY_BUILD_DATE, _ZINTRUST_CLOUDFLARE_D1_PROXY_VERSION, ZintrustD1Proxy, } from '../../../packages/cloudflare-d1-proxy/src/index.js';
+export { ZintrustD1Proxy } from '../../../packages/cloudflare-d1-proxy/src/index.js';
+export { default } from '../../../packages/cloudflare-d1-proxy/src/index.js';

package/src/proxy/isMutatingSql.d.ts

@@ -0,0 +1,2 @@
+export declare const isMutatingSql: (sql: string) => boolean;
+//# sourceMappingURL=isMutatingSql.d.ts.map

package/src/proxy/isMutatingSql.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"isMutatingSql.d.ts","sourceRoot":"","sources":["../../../src/proxy/isMutatingSql.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,aAAa,GAAI,KAAK,MAAM,KAAG,OAa3C,CAAC"}