alepha 0.8.1 → 0.9.0

package/server/links.d.ts

@@ -1,8 +1,13 @@
-import { Alepha, HookDescriptor, KIND, Logger, Module, OPTIONS, TAny, TArray, TObject, TOptional, TRecord, TString } from "alepha";
-import { ActionDescriptor, ActionDescriptorHelper, ApiLink, ApiLinksResponse, ClientRequestOptions, FetchResponse, HttpClient, RequestConfigSchema, RouteDescriptor, ServerActionDescriptorProvider, ServerHandler, ServerRemote, ServerRequestConfigEntry } from "alepha/server";
-import { RetryDescriptor } from "alepha/retry";
-import { ProxyDescriptorOptions, ProxyDescriptorProvider } from "alepha/server/proxy";
+import * as _alepha_core1 from "alepha";
+import * as _alepha_core0$1 from "alepha";
+import * as _alepha_core0 from "alepha";
+import { Alepha, Descriptor, KIND, Logger } from "alepha";
+import * as _alepha_server0 from "alepha/server";
+import { ActionDescriptor, ApiLink, ApiLinksResponse, ClientRequestEntry, ClientRequestOptions, ClientRequestResponse, FetchResponse, HttpClient, RequestConfigSchema, ServerHandler, ServerRequestConfigEntry } from "alepha/server";
+import * as _alepha_retry0 from "alepha/retry";
+import { ProxyDescriptorOptions, ServerProxyProvider } from "alepha/server/proxy";
 import { ServiceAccountDescriptor, UserAccountToken } from "alepha/security";
+import * as _sinclair_typebox0 from "@sinclair/typebox";
 
 //#region src/providers/LinkProvider.d.ts
 declare class LinkProvider {
@@ -15,24 +20,20 @@ declare class LinkProvider {
   getLinks(force?: boolean): Promise<HttpClientLink[]>;
   client<T extends object>(scope?: ClientScope): HttpVirtualClient<T>;
   /**
-  * Resolve a link by its name and call it.
-  * - If link is local, it will call the local handler.
-  * - If link is remote, it will make a fetch request to the remote server.
-  */
+   * Resolve a link by its name and call it.
+   * - If link is local, it will call the local handler.
+   * - If link is remote, it will make a fetch request to the remote server.
+   */
   follow(name: string, config?: Partial<ServerRequestConfigEntry>, options?: ClientRequestOptions & ClientScope): Promise<any>;
   protected followRemote(link: HttpClientLink, config?: Partial<ServerRequestConfigEntry>, options?: ClientRequestOptions): Promise<FetchResponse>;
   can(name: string): boolean;
   protected getLinkByName(name: string, options?: ClientScope): Promise<HttpClientLink>;
 }
-// ---------------------------------------------------------------------------------------------------------------------
 interface HttpClientLink extends ApiLink {
   secured?: boolean;
   prefix?: string;
-  // -- server only --
-  // only for remote actions
   host?: string;
   service?: string;
-  // used only for local actions, not for remote actions
   schema?: RequestConfigSchema;
   handler?: ServerHandler;
 }
@@ -40,80 +41,86 @@ interface ClientScope {
   group?: string;
   service?: string;
 }
-type HttpVirtualClient<T> = { [K in keyof T as T[K] extends ActionDescriptor ? K : never]: T[K] extends ActionDescriptor<infer Schema> ? T[K] & {
+type HttpVirtualClient<T> = { [K in keyof T as T[K] extends ActionDescriptor<RequestConfigSchema> ? K : never]: T[K] extends ActionDescriptor<infer Schema> ? T[K] & {
+  (config?: ClientRequestEntry<Schema>, opts?: ClientRequestOptions): Promise<ClientRequestResponse<Schema>>;
   can: () => boolean;
   schema: Schema;
 } : never };
+//# sourceMappingURL=LinkProvider.d.ts.map
 //#endregion
 //#region src/descriptors/$client.d.ts
 /**
-* Create a new client.
-*/
-declare const $client: <T extends object>(scope?: ClientScope) => HttpVirtualClient<T>;
+ * Create a new client.
+ */
+declare const $client: {
+  <T extends object>(scope?: ClientScope): HttpVirtualClient<T>;
+  [KIND]: string;
+};
+//# sourceMappingURL=$client.d.ts.map
+
 //#endregion
 //#region src/descriptors/$remote.d.ts
-declare const KEY = "REMOTE";
 /**
-* $remote is a descriptor that allows you to define remote service access.
-*
-* Use it only when you have 2 or more services that need to communicate with each other.
-*
-* All remote services can be exposed as actions, ... or not.
-*
-* You can add a service account if you want to use a security layer.
-*/
+ * $remote is a descriptor that allows you to define remote service access.
+ *
+ * Use it only when you have 2 or more services that need to communicate with each other.
+ *
+ * All remote services can be exposed as actions, ... or not.
+ *
+ * You can add a service account if you want to use a security layer.
+ */
 declare const $remote: {
   (options: RemoteDescriptorOptions): RemoteDescriptor;
-  [KIND]: string;
+  [KIND]: typeof RemoteDescriptor;
 };
 interface RemoteDescriptorOptions {
   /**
-  * The URL of the remote service.
-  * You can use a function to generate the URL dynamically.
-  * You probably should use $inject(env) to get the URL from the environment.
-  *
-  * @example
-  * ```ts
-  * import { $remote } from "alepha/server";
-  * import { $inject, t } from "alepha";
-  *
-  * class App {
-  *   env = $inject(t.object({
-  *     REMOTE_URL: t.string({default: "http://localhost:3000"}),
-  *   }));
-  *   remote = $remote({
-  *     url: this.env.REMOTE_URL,
-  *   });
-  * }
-  * ```
-  */
+   * The URL of the remote service.
+   * You can use a function to generate the URL dynamically.
+   * You probably should use $env(env) to get the URL from the environment.
+   *
+   * @example
+   * ```ts
+   * import { $remote } from "alepha/server";
+   * import { $inject, t } from "alepha";
+   *
+   * class App {
+   *   env = $env(t.object({
+   *     REMOTE_URL: t.string({default: "http://localhost:3000"}),
+   *   }));
+   *   remote = $remote({
+   *     url: this.env.REMOTE_URL,
+   *   });
+   * }
+   * ```
+   */
   url: string | (() => string);
   /**
-  * The name of the remote service.
-  *
-  * @default Member of the class containing the remote service.
-  */
+   * The name of the remote service.
+   *
+   * @default Member of the class containing the remote service.
+   */
   name?: string;
   /**
-  * If true, all methods of the remote service will be exposed as actions in this context.
-  * > Note: Proxy will never use the service account, it just... proxies the request.
-  */
+   * If true, all methods of the remote service will be exposed as actions in this context.
+   * > Note: Proxy will never use the service account, it just... proxies the request.
+   */
   proxy?: boolean | Partial<ProxyDescriptorOptions & {
     /**
-    * If true, the remote service won't be available internally, only through the proxy.
-    */
+     * If true, the remote service won't be available internally, only through the proxy.
+     */
     noInternal: boolean;
   }>;
   /**
-  * For communication between the server and the remote service with a security layer.
-  * This will be used for internal communication and will not be exposed to the client.
-  */
+   * For communication between the server and the remote service with a security layer.
+   * This will be used for internal communication and will not be exposed to the client.
+   */
   serviceAccount?: ServiceAccountDescriptor;
 }
-interface RemoteDescriptor {
-  [KIND]: typeof KEY;
-  [OPTIONS]: RemoteDescriptorOptions;
+declare class RemoteDescriptor extends Descriptor<RemoteDescriptorOptions> {
+  get name(): string;
 }
+//# sourceMappingURL=$remote.d.ts.map
 //#endregion
 //#region src/providers/RemoteDescriptorProvider.d.ts
 declare class RemoteDescriptorProvider {
@@ -122,47 +129,61 @@ declare class RemoteDescriptorProvider {
   };
   protected readonly alepha: Alepha;
   protected readonly client: LinkProvider;
-  protected readonly proxyProvider: ProxyDescriptorProvider;
+  protected readonly proxyProvider: ServerProxyProvider;
   protected readonly remotes: Array<ServerRemote>;
   protected readonly log: Logger;
   getRemotes(): ServerRemote[];
-  readonly configure: HookDescriptor<"configure">;
-  readonly start: HookDescriptor<"start">;
-  registerRemote(value: RemoteDescriptor, key: string): Promise<void>;
-  protected readonly fetchLinks: RetryDescriptor<(opts: FetchLinksOptions) => Promise<ApiLinksResponse>>;
+  readonly configure: _alepha_core1.HookDescriptor<"configure">;
+  readonly start: _alepha_core1.HookDescriptor<"start">;
+  registerRemote(value: RemoteDescriptor): Promise<void>;
+  protected readonly fetchLinks: _alepha_retry0.RetryDescriptorFn<(opts: FetchLinksOptions) => Promise<ApiLinksResponse>>;
 }
 interface FetchLinksOptions {
   service: string;
   url: string;
   authorization?: string;
 }
+interface ServerRemote {
+  url: string;
+  name: string;
+  proxy: boolean;
+  internal: boolean;
+  links: (args: {
+    authorization?: string;
+  }) => Promise<ApiLinksResponse>;
+  schema: (args: {
+    name: string;
+    authorization?: string;
+  }) => Promise<any>;
+  serviceAccount?: ServiceAccountDescriptor;
+  prefix: string;
+}
+//# sourceMappingURL=RemoteDescriptorProvider.d.ts.map
 //#endregion
 //#region src/providers/ServerLinksProvider.d.ts
 declare class ServerLinksProvider {
   protected readonly alepha: Alepha;
   protected readonly client: LinkProvider;
-  protected readonly helper: ActionDescriptorHelper;
   protected readonly remoteProvider: RemoteDescriptorProvider;
-  protected readonly serverActionDescriptorProvider: ServerActionDescriptorProvider;
-  readonly onRoute: HookDescriptor<"server:onRoute">;
-  readonly links: RouteDescriptor<{
-    response: TObject<{
-      prefix: TOptional<TString>;
-      links: TArray<TObject<{
-        name: TString;
-        path: TString;
-        method: TOptional<TString>;
-        group: TOptional<TString>;
-        requestBodyType: TOptional<TString>;
-        service: TOptional<TString>;
+  readonly onRoute: _alepha_core0$1.HookDescriptor<"configure">;
+  readonly links: _alepha_server0.RouteDescriptor<{
+    response: _sinclair_typebox0.TObject<{
+      prefix: _sinclair_typebox0.TOptional<_sinclair_typebox0.TString>;
+      links: _sinclair_typebox0.TArray<_sinclair_typebox0.TObject<{
+        name: _sinclair_typebox0.TString;
+        path: _sinclair_typebox0.TString;
+        method: _sinclair_typebox0.TOptional<_sinclair_typebox0.TString>;
+        group: _sinclair_typebox0.TOptional<_sinclair_typebox0.TString>;
+        requestBodyType: _sinclair_typebox0.TOptional<_sinclair_typebox0.TString>;
+        service: _sinclair_typebox0.TOptional<_sinclair_typebox0.TString>;
       }>>;
     }>;
   }>;
-  readonly schema: RouteDescriptor<{
-    params: TObject<{
-      name: TString;
+  readonly schema: _alepha_server0.RouteDescriptor<{
+    params: _sinclair_typebox0.TObject<{
+      name: _sinclair_typebox0.TString;
     }>;
-    response: TRecord<TString, TAny>;
+    response: _sinclair_typebox0.TRecord<_sinclair_typebox0.TString, _sinclair_typebox0.TAny>;
   }>;
   getLinks(options: GetLinksOptions): Promise<ApiLinksResponse>;
 }
@@ -170,13 +191,12 @@ interface GetLinksOptions {
   user?: UserAccountToken;
   authorization?: string;
 }
+//# sourceMappingURL=ServerLinksProvider.d.ts.map
 //#endregion
 //#region src/index.d.ts
-// ---------------------------------------------------------------------------------------------------------------------
-declare class AlephaServerLinks implements Module {
-  readonly name = "alepha.server.links";
-  readonly $services: (alepha: Alepha) => void;
-}
+declare const AlephaServerLinks: _alepha_core0.ModuleDescriptor;
+//# sourceMappingURL=index.d.ts.map
+
 //#endregion
-export { $client, $remote, AlephaServerLinks, ClientScope, FetchLinksOptions, GetLinksOptions, HttpClientLink, HttpVirtualClient, LinkProvider, RemoteDescriptor, RemoteDescriptorOptions, RemoteDescriptorProvider, ServerLinksProvider };
+export { $client, $remote, AlephaServerLinks, ClientScope, FetchLinksOptions, GetLinksOptions, HttpClientLink, HttpVirtualClient, LinkProvider, RemoteDescriptor, RemoteDescriptorOptions, RemoteDescriptorProvider, ServerLinksProvider, ServerRemote };
 //# sourceMappingURL=index.d.ts.map

package/server/metrics.d.ts

@@ -1,35 +1,39 @@
-import { RouteDescriptor } from "alepha/server";
-import { Alepha, HookDescriptor, Module } from "alepha";
-import { Registry } from "prom-client";
+import * as _alepha_core0$1 from "alepha";
+import * as _alepha_core0 from "alepha";
+import { Alepha } from "alepha";
+import * as _alepha_server0 from "alepha/server";
+import { Histogram, Registry } from "prom-client";
 
 //#region src/providers/ServerMetricsProvider.d.ts
+declare class ServerMetricsProvider {
+  protected readonly register: Registry;
+  protected readonly alepha: Alepha;
+  protected httpRequestDuration?: Histogram<string>;
+  readonly options: ServerMetricsProviderOptions;
+  readonly metrics: _alepha_server0.RouteDescriptor<_alepha_server0.RequestConfigSchema>;
+  protected readonly onStart: _alepha_core0$1.HookDescriptor<"start">;
+  protected readonly onRequest: _alepha_core0$1.HookDescriptor<"server:onRequest">;
+  protected readonly onResponse: _alepha_core0$1.HookDescriptor<"server:onResponse">;
+}
 interface ServerMetricsProviderOptions {
   prefix?: string;
   gcDurationBuckets?: number[];
   eventLoopMonitoringPrecision?: number;
   labels?: object;
 }
-declare class ServerMetricsProvider {
-  protected readonly register: Registry;
-  protected readonly alepha: Alepha;
-  readonly options: ServerMetricsProviderOptions;
-  readonly metrics: RouteDescriptor;
-  protected readonly onStart: HookDescriptor<"start">;
-}
+//# sourceMappingURL=ServerMetricsProvider.d.ts.map
 //#endregion
 //#region src/index.d.ts
-// ---------------------------------------------------------------------------------------------------------------------
 /**
-* This module provides prometheus metrics for the Alepha server.
-* Metrics are exposed at the `/metrics` endpoint.
-*
-* @see {@link ServerMetricsProvider}
-* @module alepha.server.metrics
-*/
-declare class AlephaServerMetrics implements Module {
-  readonly name = "alepha.server.metrics";
-  readonly $services: (alepha: Alepha) => void;
-}
+ * This module provides prometheus metrics for the Alepha server.
+ * Metrics are exposed at the `/metrics` endpoint.
+ *
+ * @see {@link ServerMetricsProvider}
+ * @module alepha.server.metrics
+ */
+declare const AlephaServerMetrics: _alepha_core0.ModuleDescriptor;
+//# sourceMappingURL=index.d.ts.map
+
 //#endregion
 export { AlephaServerMetrics, ServerMetricsProvider, ServerMetricsProviderOptions };
 //# sourceMappingURL=index.d.ts.map

package/server/multipart.d.ts

@@ -1,11 +1,11 @@
-import { ActionDescriptorHelper, ServerRoute } from "alepha/server";
-import { Alepha, FileLike, HookDescriptor, Module } from "alepha";
+import * as _alepha_core0 from "alepha";
+import { Alepha, FileLike, HookDescriptor } from "alepha";
+import { ServerRoute } from "alepha/server";
 import { BusboyConfig } from "@fastify/busboy";
 import { IncomingMessage } from "node:http";
 
 //#region src/providers/ServerMultipartProvider.d.ts
 declare class ServerMultipartProvider {
-  protected readonly helper: ActionDescriptorHelper;
   protected readonly alepha: Alepha;
   readonly onRequest: HookDescriptor<"server:onRequest">;
   readonly onSend: HookDescriptor<"server:onResponse">;
@@ -29,18 +29,16 @@ interface HybridFile extends FileLike {
 }
 //#endregion
 //#region src/index.d.ts
-// ---------------------------------------------------------------------------------------------------------------------
 /**
-* This module provides support for handling multipart/form-data requests.
-* It allows to parse body data containing t.file().
-*
-* @see {@link ServerMultipartProvider}
-* @module alepha.server.multipart
-*/
-declare class AlephaServerMultipart implements Module {
-  readonly name = "alepha.server.multipart";
-  readonly $services: (alepha: Alepha) => void;
-}
+ * This module provides support for handling multipart/form-data requests.
+ * It allows to parse body data containing t.file().
+ *
+ * @see {@link ServerMultipartProvider}
+ * @module alepha.server.multipart
+ */
+declare const AlephaServerMultipart: _alepha_core0.ModuleDescriptor;
+//# sourceMappingURL=index.d.ts.map
+
 //#endregion
 export { AlephaServerMultipart, ServerMultipartProvider };
 //# sourceMappingURL=index.d.ts.map

package/server/proxy.d.ts

@@ -1,10 +1,12 @@
-import { Alepha, Async, HookDescriptor, KIND, Logger, Module, OPTIONS } from "alepha";
+import * as _alepha_core0$1 from "alepha";
+import * as _alepha_core0 from "alepha";
+import { Alepha, Async, Descriptor, KIND } from "alepha";
 import { ServerHandler, ServerRequest, ServerRouterProvider } from "alepha/server";
 
 //#region src/descriptors/$proxy.d.ts
 declare const $proxy: {
   (options: ProxyDescriptorOptions): ProxyDescriptor;
-  [KIND]: string;
+  [KIND]: typeof ProxyDescriptor;
 };
 type ProxyDescriptorOptions = {
   path: string;
@@ -14,28 +16,31 @@ type ProxyDescriptorOptions = {
   afterResponse?: (request: ServerRequest, proxyResponse: Response) => Async<void>;
   rewrite?: (url: URL) => void;
 };
-interface ProxyDescriptor {
-  [KIND]: "PROXY";
-  [OPTIONS]: ProxyDescriptorOptions;
-}
+declare class ProxyDescriptor extends Descriptor<ProxyDescriptorOptions> {}
+//# sourceMappingURL=$proxy.d.ts.map
 //#endregion
-//#region src/providers/ProxyDescriptorProvider.d.ts
-declare class ProxyDescriptorProvider {
-  protected readonly log: Logger;
+//#region src/providers/ServerProxyProvider.d.ts
+declare class ServerProxyProvider {
+  protected readonly log: _alepha_core0$1.Logger;
   protected readonly routerProvider: ServerRouterProvider;
   protected readonly alepha: Alepha;
-  readonly configure: HookDescriptor<"configure">;
+  protected readonly configure: _alepha_core0$1.HookDescriptor<"configure">;
+  createProxy(options: ProxyDescriptorOptions): void;
   createProxyHandler(target: string, options: Omit<ProxyDescriptorOptions, "path">): ServerHandler;
-  proxy(options: ProxyDescriptorOptions): Promise<void>;
   private getRawRequestBody;
 }
+//# sourceMappingURL=ServerProxyProvider.d.ts.map
 //#endregion
 //#region src/index.d.ts
-// ---------------------------------------------------------------------------------------------------------------------
-declare class AlephaServerProxy implements Module {
-  readonly name = "alepha.server.proxy";
-  readonly $services: (alepha: Alepha) => void;
-}
+/**
+ * Plugin for Alepha that provides a proxy server functionality.
+ *
+ * @see {@link $proxy}
+ * @module alepha.server.proxy
+ */
+declare const AlephaServerProxy: _alepha_core0.ModuleDescriptor;
+//# sourceMappingURL=index.d.ts.map
+
 //#endregion
-export { $proxy, AlephaServerProxy, ProxyDescriptor, ProxyDescriptorOptions, ProxyDescriptorProvider };
+export { $proxy, AlephaServerProxy, ProxyDescriptor, ProxyDescriptorOptions, ServerProxyProvider };
 //# sourceMappingURL=index.d.ts.map

package/server/security.cjs

@@ -0,0 +1,8 @@
+'use strict';
+var m = require('@alepha/server-security');
+Object.keys(m).forEach(function (k) {
+	if (k !== 'default' && !Object.prototype.hasOwnProperty.call(exports, k)) Object.defineProperty(exports, k, {
+		enumerable: true,
+		get: function () { return m[k]; }
+	});
+});

package/server/security.d.ts

@@ -0,0 +1,90 @@
+import * as _alepha_core0$1 from "alepha";
+import * as _alepha_core0 from "alepha";
+import { Alepha } from "alepha";
+import { JwtProvider, Permission, SecurityProvider, UserAccountToken } from "alepha/security";
+import { FetchOptions } from "alepha/server";
+
+//#region src/providers/ServerSecurityProvider.d.ts
+declare class ServerSecurityProvider {
+  protected readonly log: _alepha_core0$1.Logger;
+  protected readonly securityProvider: SecurityProvider;
+  protected readonly jwtProvider: JwtProvider;
+  protected readonly alepha: Alepha;
+  protected readonly onConfigure: _alepha_core0$1.HookDescriptor<"configure">;
+  protected readonly onActionRequest: _alepha_core0$1.HookDescriptor<"action:onRequest">;
+  protected readonly onRequest: _alepha_core0$1.HookDescriptor<"server:onRequest">;
+  /**
+   * Get the user account token for a local action call.
+   * There are three possible sources for the user:
+   * - `options.user`: the user passed in the options
+   * - `"system"`: the system user from the state (you MUST set state `server.security.system.user`)
+   * - `"context"`: the user from the request context (you MUST be in an HTTP request context)
+   *
+   * Priority order: `options.user` > `"system"` > `"context"`.
+   *
+   * In testing environment, if no user is provided, a test user is created based on the SecurityProvider's roles.
+   */
+  protected createUserFromLocalFunctionContext(options: {
+    user?: UserAccountToken | "system" | "context";
+  }, permission?: Permission): UserAccountToken;
+  protected createTestUser(): UserAccountToken;
+  protected readonly onClientRequest: _alepha_core0$1.HookDescriptor<"client:onRequest">;
+}
+type ServerRouteSecure = boolean | {
+  permissions?: string[];
+  roles?: string[];
+  realms?: string[];
+  organizations?: string[];
+};
+//# sourceMappingURL=ServerSecurityProvider.d.ts.map
+//#endregion
+//#region src/index.d.ts
+declare module "alepha" {
+  interface State {
+    /**
+     * Real (or fake) user account, used for internal actions.
+     *
+     * If you define this, you assume that all actions are executed by this user by default.
+     * > To force a different user, you need to pass it explicitly in the options.
+     */
+    "server.security.system.user"?: UserAccountToken;
+  }
+}
+declare module "alepha/server" {
+  interface ServerRequest<TConfig> {
+    user?: UserAccountToken;
+  }
+  interface ServerActionRequest<TConfig> {
+    user: UserAccountToken;
+  }
+  interface ServerRoute {
+    /**
+     * If true, the route will be protected by the security provider.
+     * All actions are secure by default, but you can disable it for specific actions.
+     */
+    secure?: boolean;
+  }
+  interface ClientRequestOptions extends FetchOptions {
+    /**
+     * Forward user from the previous request.
+     * If "system", use system user. @see {ServerSecurityProvider.localSystemUser}
+     * If "context", use the user from the current context (e.g. request).
+     *
+     * @default "system" is provided, else "context" is used.
+     */
+    user?: UserAccountToken | "system" | "context";
+  }
+}
+/**
+ * Plugin for Alepha Server that provides security features. Based on the Alepha Security module.
+ *
+ * By default, all $action will be guarded by a permission check.
+ *
+ * @see {@link ServerSecurityProvider}
+ * @module alepha.server.security
+ */
+declare const AlephaServerSecurity: _alepha_core0.ModuleDescriptor;
+//# sourceMappingURL=index.d.ts.map
+//#endregion
+export { AlephaServerSecurity, ServerRouteSecure, ServerSecurityProvider };
+//# sourceMappingURL=index.d.ts.map

package/server/security.js

@@ -0,0 +1 @@
+export * from '@alepha/server-security'