alepha 0.11.4 → 0.11.5

package/server/security.d.ts

@@ -1 +1,87 @@
-export * from '@alepha/server-security';
+import * as _alepha_core1 from "alepha";
+import { Alepha } from "alepha";
+import { JwtProvider, Permission, SecurityProvider, UserAccount, UserAccountToken } from "alepha/security";
+import { FetchOptions } from "alepha/server";
+import * as _alepha_logger0 from "alepha/logger";
+
+//#region src/providers/ServerSecurityProvider.d.ts
+declare class ServerSecurityProvider {
+  protected readonly log: _alepha_logger0.Logger;
+  protected readonly securityProvider: SecurityProvider;
+  protected readonly jwtProvider: JwtProvider;
+  protected readonly alepha: Alepha;
+  protected readonly onConfigure: _alepha_core1.HookDescriptor<"configure">;
+  protected readonly onActionRequest: _alepha_core1.HookDescriptor<"action:onRequest">;
+  protected readonly onRequest: _alepha_core1.HookDescriptor<"server:onRequest">;
+  protected check(user: UserAccountToken, secure: ServerRouteSecure): void;
+  /**
+   * Get the user account token for a local action call.
+   * There are three possible sources for the user:
+   * - `options.user`: the user passed in the options
+   * - `"system"`: the system user from the state (you MUST set state `server.security.system.user`)
+   * - `"context"`: the user from the request context (you MUST be in an HTTP request context)
+   *
+   * Priority order: `options.user` > `"system"` > `"context"`.
+   *
+   * In testing environment, if no user is provided, a test user is created based on the SecurityProvider's roles.
+   */
+  protected createUserFromLocalFunctionContext(options: {
+    user?: UserAccountToken | "system" | "context";
+  }, permission?: Permission): UserAccountToken;
+  protected createTestUser(): UserAccountToken;
+  protected readonly onClientRequest: _alepha_core1.HookDescriptor<"client:onRequest">;
+}
+type ServerRouteSecure = {
+  realm?: string;
+};
+//#endregion
+//#region src/index.d.ts
+declare module "alepha" {
+  interface State {
+    /**
+     * Real (or fake) user account, used for internal actions.
+     *
+     * If you define this, you assume that all actions are executed by this user by default.
+     * > To force a different user, you need to pass it explicitly in the options.
+     */
+    "server.security.system.user"?: UserAccountToken;
+    user?: UserAccount;
+  }
+}
+declare module "alepha/server" {
+  interface ServerRequest<TConfig> {
+    user?: UserAccountToken;
+  }
+  interface ServerActionRequest<TConfig> {
+    user: UserAccountToken;
+  }
+  interface ServerRoute {
+    /**
+     * If true, the route will be protected by the security provider.
+     * All actions are secure by default, but you can disable it for specific actions.
+     */
+    secure?: boolean | ServerRouteSecure;
+  }
+  interface ClientRequestOptions extends FetchOptions {
+    /**
+     * Forward user from the previous request.
+     * If "system", use system user. @see {ServerSecurityProvider.localSystemUser}
+     * If "context", use the user from the current context (e.g. request).
+     *
+     * @default "system" if provided, else "context" if available.
+     */
+    user?: UserAccountToken | "system" | "context";
+  }
+}
+/**
+ * Plugin for Alepha Server that provides security features. Based on the Alepha Security module.
+ *
+ * By default, all $action will be guarded by a permission check.
+ *
+ * @see {@link ServerSecurityProvider}
+ * @module alepha.server.security
+ */
+declare const AlephaServerSecurity: _alepha_core1.Service<_alepha_core1.Module<{}>>;
+//#endregion
+export { AlephaServerSecurity, ServerRouteSecure, ServerSecurityProvider };
+//# sourceMappingURL=index.d.ts.map

package/server/static.d.ts

@@ -1 +1,119 @@
-export * from '@alepha/server-static';
+import * as _alepha_core1 from "alepha";
+import { Alepha, Descriptor, KIND } from "alepha";
+import { ServerHandler, ServerRouterProvider } from "alepha/server";
+import { DateTimeProvider, DurationLike } from "alepha/datetime";
+import * as _alepha_logger0 from "alepha/logger";
+
+//#region src/descriptors/$serve.d.ts
+/**
+ * Create a new static file handler.
+ */
+declare const $serve: {
+  (options?: ServeDescriptorOptions): ServeDescriptor;
+  [KIND]: typeof ServeDescriptor;
+};
+interface ServeDescriptorOptions {
+  /**
+   * Prefix for the served path.
+   *
+   * @default "/"
+   */
+  path?: string;
+  /**
+   * Path to the directory to serve.
+   *
+   * @default process.cwd()
+   */
+  root?: string;
+  /**
+   * If true, descriptor will be ignored.
+   *
+   * @default false
+   */
+  disabled?: boolean;
+  /**
+   * Whether to keep dot files (e.g. `.gitignore`, `.env`) in the served directory.
+   *
+   * @default true
+   */
+  ignoreDotEnvFiles?: boolean;
+  /**
+   * Whether to use the index.html file when the path is a directory.
+   *
+   * @default true
+   */
+  indexFallback?: boolean;
+  /**
+   * Force all requests "not found" to be served with the index.html file.
+   * This is useful for single-page applications (SPAs) that use client-side only routing.
+   */
+  historyApiFallback?: boolean;
+  /**
+   * Optional name of the descriptor.
+   * This is used for logging and debugging purposes.
+   *
+   * @default Key name.
+   */
+  name?: string;
+  /**
+   * Whether to use cache control headers.
+   *
+   * @default {}
+   */
+  cacheControl?: Partial<CacheControlOptions> | false;
+}
+interface CacheControlOptions {
+  /**
+   * Whether to use cache control headers.
+   *
+   * @default [.js, .css]
+   */
+  fileTypes: string[];
+  /**
+   * The maximum age of the cache in seconds.
+   *
+   * @default 60 * 60 * 24 * 2 // 2 days
+   */
+  maxAge: DurationLike;
+  /**
+   * Whether to use immutable cache control headers.
+   *
+   * @default true
+   */
+  immutable: boolean;
+}
+declare class ServeDescriptor extends Descriptor<ServeDescriptorOptions> {}
+//#endregion
+//#region src/providers/ServerStaticProvider.d.ts
+declare class ServerStaticProvider {
+  protected readonly alepha: Alepha;
+  protected readonly routerProvider: ServerRouterProvider;
+  protected readonly dateTimeProvider: DateTimeProvider;
+  protected readonly log: _alepha_logger0.Logger;
+  protected readonly directories: ServeDirectory[];
+  protected readonly configure: _alepha_core1.HookDescriptor<"configure">;
+  createStaticServer(options: ServeDescriptorOptions): Promise<void>;
+  createFileHandler(filepath: string, options: ServeDescriptorOptions): Promise<ServerHandler>;
+  protected getCacheFileTypes(): string[];
+  protected getCacheControl(filename: string, options: ServeDescriptorOptions): {
+    maxAge: number;
+    immutable: boolean;
+  } | undefined;
+  getAllFiles(dir: string, ignoreDotEnvFiles?: boolean): Promise<string[]>;
+}
+interface ServeDirectory {
+  options: ServeDescriptorOptions;
+  files: string[];
+}
+//#endregion
+//#region src/index.d.ts
+/**
+ * Create static file server with `$static()`.
+ *
+ * @see {@link ServerStaticProvider}
+ * @module alepha.server.static
+ */
+declare const AlephaServerStatic: _alepha_core1.Service<_alepha_core1.Module<{}>>;
+//#endregion
+export { $serve, AlephaServerStatic, CacheControlOptions, ServeDescriptor, ServeDescriptorOptions, ServeDirectory, ServerStaticProvider };
+//# sourceMappingURL=index.d.ts.map

package/server/swagger.d.ts

@@ -1 +1,148 @@
-export * from '@alepha/server-swagger';
+import "alepha/server/security";
+import * as _alepha_core1 from "alepha";
+import { Alepha, Descriptor, KIND, TObject } from "alepha";
+import { ActionDescriptor, RequestConfigSchema, ServerProvider, ServerRouterProvider } from "alepha/server";
+import { ServerStaticProvider } from "alepha/server/static";
+import * as _alepha_logger0 from "alepha/logger";
+import { OpenAPIV3 } from "openapi-types";
+
+//#region src/descriptors/$swagger.d.ts
+/**
+ * Create a new OpenAPI.
+ */
+declare const $swagger: {
+  (options?: SwaggerDescriptorOptions): SwaggerDescriptor;
+  [KIND]: typeof SwaggerDescriptor;
+};
+interface SwaggerDescriptorOptions {
+  info?: OpenAPIV3.InfoObject;
+  /**
+   * @default: "/docs"
+   */
+  prefix?: string;
+  /**
+   * If true, docs will be disabled.
+   */
+  disabled?: boolean;
+  /**
+   * Tags to exclude from the documentation.
+   */
+  excludeTags?: string[];
+  /**
+   * Enable Swagger UI.
+   *
+   * @default true
+   */
+  ui?: boolean | SwaggerUiOptions;
+  /**
+   * Function to rewrite the OpenAPI document before serving it.
+   */
+  rewrite?: (doc: OpenAPIV3.Document) => void;
+}
+interface SwaggerUiOptions {
+  root?: string;
+  initOAuth?: {
+    /**
+     * Default clientId.
+     */
+    clientId?: string;
+    /**
+     * realm query parameter (for oauth1) added to authorizationUrl and tokenUrl.
+     */
+    realm?: string;
+    /**
+     * application name, displayed in authorization popup.
+     */
+    appName?: string;
+    /**
+     * scope separator for passing scopes, encoded before calling, default
+     * value is a space (encoded value %20).
+     *
+     * @default ' '
+     */
+    scopeSeparator?: string;
+    /**
+     * string array or scope separator (i.e. space) separated string of
+     * initially selected oauth scopes
+     *
+     * @default []
+     */
+    scopes?: string | string[];
+    /**
+     * Additional query parameters added to authorizationUrl and tokenUrl.
+     * MUST be an object
+     */
+    additionalQueryStringParams?: {
+      [key: string]: any;
+    };
+    /**
+     * Only activated for the accessCode flow. During the authorization_code
+     * request to the tokenUrl, pass the Client Password using the HTTP Basic
+     * Authentication scheme (Authorization header with Basic
+     * base64encode(client_id + client_secret)).
+     *
+     * @default false
+     */
+    useBasicAuthenticationWithAccessCodeGrant?: boolean;
+    /**
+     * Only applies to Authorization Code flows. Proof Key for Code Exchange
+     * brings enhanced security for OAuth public clients.
+     *
+     * @default false
+     */
+    usePkceWithAuthorizationCodeGrant?: boolean;
+  };
+}
+declare class SwaggerDescriptor extends Descriptor<SwaggerDescriptorOptions> {}
+//#endregion
+//#region src/ServerSwaggerProvider.d.ts
+declare class ServerSwaggerProvider {
+  protected readonly serverStaticProvider: ServerStaticProvider;
+  protected readonly serverRouterProvider: ServerRouterProvider;
+  protected readonly serverProvider: ServerProvider;
+  protected readonly alepha: Alepha;
+  protected readonly log: _alepha_logger0.Logger;
+  json?: OpenAPIV3.Document;
+  options: {
+    excludeKeys: string[];
+  };
+  protected readonly configure: _alepha_core1.HookDescriptor<"configure">;
+  createSwagger(options: SwaggerDescriptorOptions): Promise<OpenAPIV3.Document | undefined>;
+  protected configureOpenApi(actions: ActionDescriptor<RequestConfigSchema>[], doc: SwaggerDescriptorOptions): OpenAPIV3.Document;
+  isBodyMultipart(schema: TObject): boolean;
+  replacePathParams(url: string): string;
+  getResponseSchema(route: ActionDescriptor<RequestConfigSchema>): {
+    type?: string;
+    schema?: any;
+    status: number;
+  } | undefined;
+  protected configureSwaggerApi(prefix: string, json: OpenAPIV3.Document): void;
+  protected configureSwaggerUi(prefix: string, options: SwaggerDescriptorOptions): Promise<void>;
+  removePrivateFields<T extends Record<string, any>>(obj: T, excludeList: string[]): T;
+}
+//#endregion
+//#region src/index.d.ts
+declare module "alepha/server" {
+  interface ActionDescriptorOptions<TConfig extends RequestConfigSchema> {
+    /**
+     * Short description of the route.
+     */
+    summary?: string;
+    /**
+     * Don't include this action in the Swagger documentation.
+     */
+    hide?: boolean;
+  }
+}
+/**
+ * Plugin for Alepha Server that provides Swagger documentation capabilities.
+ * It generates OpenAPI v3 documentation for the server's endpoints ($action).
+ * It also provides a Swagger UI for interactive API documentation.
+ *
+ * @see {@link ServerSwaggerProvider}
+ * @module alepha.server.swagger
+ */
+declare const AlephaServerSwagger: _alepha_core1.Service<_alepha_core1.Module<{}>>;
+//#endregion
+export { $swagger, AlephaServerSwagger, ServerSwaggerProvider, SwaggerDescriptor, SwaggerDescriptorOptions, SwaggerUiOptions };
+//# sourceMappingURL=index.d.ts.map