npm - api-ape - Versions diffs - 3.0.1 → 4.1.0 - Mend

api-ape 3.0.1 → 4.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (186) hide show

package/README.md +58 -570
package/client/README.md +73 -14
package/client/auth/crypto/aead.js +214 -0
package/client/auth/crypto/constants.js +32 -0
package/client/auth/crypto/encoding.js +104 -0
package/client/auth/crypto/files.md +27 -0
package/client/auth/crypto/kdf.js +217 -0
package/client/auth/crypto-utils.js +118 -0
package/client/auth/files.md +52 -0
package/client/auth/key-recovery.js +288 -0
package/client/auth/recovery/constants.js +37 -0
package/client/auth/recovery/files.md +23 -0
package/client/auth/recovery/key-derivation.js +61 -0
package/client/auth/recovery/sss-browser.js +189 -0
package/client/auth/share-storage.js +205 -0
package/client/auth/storage/constants.js +18 -0
package/client/auth/storage/db.js +132 -0
package/client/auth/storage/files.md +27 -0
package/client/auth/storage/keys.js +173 -0
package/client/auth/storage/shares.js +200 -0
package/client/browser.js +190 -23
package/client/connectSocket.js +418 -988
package/client/connection/README.md +23 -0
package/client/connection/fileDownload.js +256 -0
package/client/connection/fileHandling.js +450 -0
package/client/connection/fileUtils.js +346 -0
package/client/connection/files.md +71 -0
package/client/connection/messageHandler.js +105 -0
package/client/connection/network.js +350 -0
package/client/connection/proxy.js +233 -0
package/client/connection/sender.js +333 -0
package/client/connection/state.js +321 -0
package/client/connection/subscriptions.js +151 -0
package/client/files.md +53 -0
package/client/index.js +298 -142
package/client/transports/README.md +50 -0
package/client/transports/files.md +41 -0
package/client/transports/streamParser.js +195 -0
package/client/transports/streaming.js +555 -202
package/dist/ape.js +6 -1
package/dist/ape.js.map +4 -4
package/index.d.ts +38 -16
package/package.json +32 -7
package/server/README.md +287 -53
package/server/adapters/README.md +28 -19
package/server/adapters/files.md +68 -0
package/server/adapters/firebase.js +543 -160
package/server/adapters/index.js +362 -112
package/server/adapters/mongo.js +530 -140
package/server/adapters/postgres.js +534 -155
package/server/adapters/redis.js +508 -143
package/server/adapters/supabase.js +555 -186
package/server/client/README.md +43 -0
package/server/client/connection.js +586 -0
package/server/client/files.md +40 -0
package/server/client/index.js +342 -0
package/server/files.md +54 -0
package/server/index.js +332 -27
package/server/lib/README.md +26 -0
package/server/lib/broadcast/clients.js +219 -0
package/server/lib/broadcast/files.md +58 -0
package/server/lib/broadcast/index.js +57 -0
package/server/lib/broadcast/publishProxy.js +110 -0
package/server/lib/broadcast/pubsub.js +137 -0
package/server/lib/broadcast/sendProxy.js +103 -0
package/server/lib/bun.js +315 -99
package/server/lib/fileTransfer/README.md +63 -0
package/server/lib/fileTransfer/files.md +30 -0
package/server/lib/fileTransfer/streaming.js +435 -0
package/server/lib/fileTransfer.js +710 -326
package/server/lib/files.md +111 -0
package/server/lib/httpUtils.js +283 -0
package/server/lib/loader.js +208 -7
package/server/lib/longPolling/README.md +63 -0
package/server/lib/longPolling/files.md +44 -0
package/server/lib/longPolling/getHandler.js +365 -0
package/server/lib/longPolling/postHandler.js +327 -0
package/server/lib/longPolling.js +174 -221
package/server/lib/main.js +369 -532
package/server/lib/runtimes/README.md +42 -0
package/server/lib/runtimes/bun.js +586 -0
package/server/lib/runtimes/files.md +56 -0
package/server/lib/runtimes/node.js +511 -0
package/server/lib/wiring.js +539 -98
package/server/lib/ws/README.md +35 -0
package/server/lib/ws/adapters/README.md +54 -0
package/server/lib/ws/adapters/bun.js +538 -170
package/server/lib/ws/adapters/deno.js +623 -149
package/server/lib/ws/adapters/files.md +42 -0
package/server/lib/ws/files.md +74 -0
package/server/lib/ws/frames.js +532 -154
package/server/lib/ws/index.js +207 -10
package/server/lib/ws/server.js +385 -92
package/server/lib/ws/socket.js +549 -181
package/server/lib/wsProvider.js +363 -89
package/server/plugins/binary.js +282 -0
package/server/security/README.md +92 -0
package/server/security/auth/README.md +319 -0
package/server/security/auth/adapters/files.md +95 -0
package/server/security/auth/adapters/ldap/constants.js +37 -0
package/server/security/auth/adapters/ldap/files.md +19 -0
package/server/security/auth/adapters/ldap/helpers.js +111 -0
package/server/security/auth/adapters/ldap.js +353 -0
package/server/security/auth/adapters/oauth2/constants.js +41 -0
package/server/security/auth/adapters/oauth2/files.md +19 -0
package/server/security/auth/adapters/oauth2/helpers.js +123 -0
package/server/security/auth/adapters/oauth2.js +273 -0
package/server/security/auth/adapters/opaque-handlers.js +314 -0
package/server/security/auth/adapters/opaque.js +205 -0
package/server/security/auth/adapters/saml/constants.js +52 -0
package/server/security/auth/adapters/saml/files.md +19 -0
package/server/security/auth/adapters/saml/helpers.js +74 -0
package/server/security/auth/adapters/saml.js +173 -0
package/server/security/auth/adapters/totp.js +703 -0
package/server/security/auth/adapters/webauthn.js +625 -0
package/server/security/auth/files.md +61 -0
package/server/security/auth/framework/constants.js +27 -0
package/server/security/auth/framework/files.md +23 -0
package/server/security/auth/framework/handlers.js +272 -0
package/server/security/auth/framework/socket-auth.js +177 -0
package/server/security/auth/handlers/auth-messages.js +143 -0
package/server/security/auth/handlers/files.md +28 -0
package/server/security/auth/index.js +290 -0
package/server/security/auth/mfa/crypto/aead.js +148 -0
package/server/security/auth/mfa/crypto/constants.js +35 -0
package/server/security/auth/mfa/crypto/files.md +27 -0
package/server/security/auth/mfa/crypto/kdf.js +120 -0
package/server/security/auth/mfa/crypto/utils.js +68 -0
package/server/security/auth/mfa/crypto-utils.js +80 -0
package/server/security/auth/mfa/files.md +77 -0
package/server/security/auth/mfa/ledger/constants.js +75 -0
package/server/security/auth/mfa/ledger/errors.js +73 -0
package/server/security/auth/mfa/ledger/files.md +23 -0
package/server/security/auth/mfa/ledger/share-record.js +32 -0
package/server/security/auth/mfa/ledger.js +255 -0
package/server/security/auth/mfa/recovery/constants.js +67 -0
package/server/security/auth/mfa/recovery/files.md +19 -0
package/server/security/auth/mfa/recovery/handlers.js +216 -0
package/server/security/auth/mfa/recovery.js +191 -0
package/server/security/auth/mfa/sss/constants.js +21 -0
package/server/security/auth/mfa/sss/files.md +23 -0
package/server/security/auth/mfa/sss/gf256.js +103 -0
package/server/security/auth/mfa/sss/serialization.js +82 -0
package/server/security/auth/mfa/sss.js +161 -0
package/server/security/auth/mfa/two-of-three/constants.js +58 -0
package/server/security/auth/mfa/two-of-three/files.md +23 -0
package/server/security/auth/mfa/two-of-three/handlers.js +241 -0
package/server/security/auth/mfa/two-of-three/helpers.js +71 -0
package/server/security/auth/mfa/two-of-three.js +136 -0
package/server/security/auth/nonce-manager.js +89 -0
package/server/security/auth/state-machine-mfa.js +269 -0
package/server/security/auth/state-machine.js +257 -0
package/server/security/extractRootDomain.js +144 -16
package/server/security/files.md +51 -0
package/server/security/origin.js +197 -15
package/server/security/reply.js +274 -16
package/server/socket/README.md +119 -0
package/server/socket/authMiddleware.js +299 -0
package/server/socket/files.md +86 -0
package/server/socket/open.js +154 -8
package/server/socket/pluginHooks.js +334 -0
package/server/socket/receive.js +184 -225
package/server/socket/receiveContext.js +117 -0
package/server/socket/send.js +416 -78
package/server/socket/tagUtils.js +402 -0
package/server/utils/README.md +19 -0
package/server/utils/deepRequire.js +255 -30
package/server/utils/files.md +57 -0
package/server/utils/genId.js +182 -20
package/server/utils/parseUserAgent.js +313 -251
package/server/utils/userAgent/README.md +65 -0
package/server/utils/userAgent/files.md +46 -0
package/server/utils/userAgent/patterns.js +545 -0
package/utils/README.md +21 -0
package/utils/files.md +66 -0
package/utils/jss/README.md +21 -0
package/utils/jss/decode.js +471 -0
package/utils/jss/encode.js +312 -0
package/utils/jss/files.md +68 -0
package/utils/jss/plugins.js +210 -0
package/utils/jss.js +219 -273
package/utils/messageHash.js +238 -35
package/dist/api-ape.min.js +0 -2
package/dist/api-ape.min.js.map +0 -7
package/server/client.js +0 -308
package/server/lib/broadcast.js +0 -146

package/client/connection/README.md ADDED Viewed

@@ -0,0 +1,23 @@
+# Client Connection Module
+## Overview
+The connection module handles the core mechanics of maintaining a WebSocket connection to an api-ape server. It manages the full lifecycle of client-server communication including connection state, message sending, request/response correlation, and binary file transfers.
+This module powers the seamless API experience where `api.users.list()` transparently becomes a WebSocket message, waits for the response, and returns the result as a Promise—all while handling reconnection, queuing, and binary data automatically.
+**Key capabilities:**
+- **Connection state management** — Track and expose connection status (offline, connecting, connected, disconnected, walled)
+- **Proxy API generation** — Convert `api.path.method()` calls into WebSocket messages
+- **Request correlation** — Match responses to requests via `queryId`
+- **Network detection** — Detect offline state, captive portals, and connectivity changes
+- **File transfers** — Handle binary uploads and downloads transparently
+> **Contributing?** See [`files.md`](./files.md) for directory structure and file descriptions.
+## See Also
+- [`../README.md`](../README.md) — Client module overview
+- [`../transports/README.md`](../transports/README.md) — HTTP fallback transport
+- [`../connectSocket.js`](../connectSocket.js) — Main WebSocket client

package/client/connection/fileDownload.js ADDED Viewed

@@ -0,0 +1,256 @@
+/**
+ * @fileoverview Binary file download/fetch utilities for api-ape client
+ *
+ * This module handles fetching binary data that is referenced in server responses.
+ * When the server sends binary data (like images, files, etc.), it doesn't include
+ * the raw bytes in the WebSocket message. Instead, it sends a tagged reference
+ * that this module resolves by fetching the actual data via HTTP.
+ *
+ * ## Tag Types
+ *
+ * - `<!L>` - **Linked Resource**: Binary data from server responses (server → client)
+ * - `<!F>` - **Shared File**: Binary data from other clients (client → client via server)
+ *
+ * ## Data Flow
+ *
+ * ```
+ * Server Response:
+ *   { "image<!L>": "abc123", "name": "photo.jpg" }
+ *
+ * After fetchLinkedResources():
+ *   { "image": ArrayBuffer(...), "name": "photo.jpg" }
+ * ```
+ *
+ * ## Retry Logic
+ *
+ * Shared files (F-tagged) use exponential backoff retry because the file
+ * might not be immediately available when the message arrives (the sender
+ * might still be uploading).
+ *
+ * @module client/connection/fileDownload
+ * @see {@link module:client/connection/fileHandling} for upload utilities
+ * @see {@link module:client/connection/fileUtils} for shared utility functions
+ *
+ * @example
+ * // Hydrating a server response
+ * import { fetchLinkedResources, fetchSharedFiles } from './fileDownload'
+ *
+ * const serverData = { "avatar<!L>": "hash123", username: "alice" }
+ *
+ * // Fetch the binary data
+ * const hydrated = await fetchLinkedResources(serverData)
+ * // Result: { avatar: ArrayBuffer(...), username: "alice" }
+ *
+ * @example
+ * // Handling shared files from other clients
+ * const messageData = { "attachment<!F>": "filehash", text: "Check this out!" }
+ *
+ * // Fetch with retry logic
+ * const hydrated = await fetchSharedFiles(messageData)
+ * // Result: { attachment: ArrayBuffer(...), text: "Check this out!" }
+ */
+import { getBaseUrl } from "./network";
+import { setValueAtPath, findTaggedProps, cleanTaggedKeys } from "./fileUtils";
+/**
+ * Fetch binary resources linked from server responses
+ *
+ * This function processes data objects that contain L-tagged binary references.
+ * Each L-tagged property is replaced with the actual binary data fetched from
+ * the server's data endpoint.
+ *
+ * ## Processing Steps
+ *
+ * 1. Scan the data object for properties ending with `<!L>`
+ * 2. For each tagged property, extract the hash value
+ * 3. Fetch the binary data from `/api/ape/data/{hash}`
+ * 4. Replace the hash with the fetched ArrayBuffer
+ * 5. Rename the key to remove the `<!L>` suffix
+ *
+ * ## Error Handling
+ *
+ * If a fetch fails, the property is set to `null` rather than throwing.
+ * This prevents one failed resource from breaking the entire response.
+ *
+ * @param {Object} data - Data object potentially containing L-tagged binary references
+ * @param {string} [clientId] - Optional client ID for authentication header
+ * @returns {Promise<Object>} Hydrated data object with binary resources fetched
+ *
+ * @example
+ * // Server sends avatar as a linked resource
+ * const serverResponse = {
+ *   "profilePic<!L>": "abc123def456",
+ *   "username": "alice",
+ *   "bio": "Hello world!"
+ * }
+ *
+ * const hydrated = await fetchLinkedResources(serverResponse)
+ * // Result:
+ * // {
+ * //   profilePic: ArrayBuffer(12345),  // The actual image data
+ * //   username: "alice",
+ * //   bio: "Hello world!"
+ * // }
+ *
+ * @example
+ * // Multiple binary resources
+ * const response = {
+ *   "thumbnail<!L>": "hash1",
+ *   "fullImage<!L>": "hash2",
+ *   "metadata": { width: 1920, height: 1080 }
+ * }
+ *
+ * const hydrated = await fetchLinkedResources(response)
+ * // Both thumbnail and fullImage are fetched in parallel
+ *
+ * @example
+ * // Nested binary resources
+ * const response = {
+ *   user: {
+ *     name: "Bob",
+ *     "avatar<!L>": "avatarhash"
+ *   },
+ *   attachments: [
+ *     { "file<!L>": "file1hash", name: "doc.pdf" },
+ *     { "file<!L>": "file2hash", name: "image.png" }
+ *   ]
+ * }
+ *
+ * const hydrated = await fetchLinkedResources(response)
+ * // All nested binary resources are fetched
+ */
+export async function fetchLinkedResources(data, clientId) {
+  const resources = findTaggedProps(data, "L");
+  if (resources.length === 0) return data;
+  console.log(`🦍 Fetching ${resources.length} binary resource(s)`);
+  const cleanedData = cleanTaggedKeys(data, "L");
+  const baseUrl = getBaseUrl();
+  await Promise.all(
+    resources.map(async ({ path, hash }) => {
+      try {
+        const response = await fetch(`${baseUrl}/api/ape/data/${hash}`, {
+          credentials: "include",
+          headers: { "X-Ape-Client-Id": clientId || "" },
+        });
+        if (!response.ok) throw new Error(`Failed: ${response.status}`);
+        const arrayBuffer = await response.arrayBuffer();
+        setValueAtPath(cleanedData, path, arrayBuffer);
+      } catch (err) {
+        console.error(`🦍 Failed to fetch binary resource at ${path}:`, err);
+        setValueAtPath(cleanedData, path, null);
+      }
+    }),
+  );
+  return cleanedData;
+}
+/**
+ * Fetch shared files from client-to-client transfers
+ *
+ * This function handles F-tagged file references, which represent files
+ * shared between clients via the server. Unlike L-tagged resources, F-tagged
+ * files use retry logic because the file might not be immediately available
+ * (the sending client might still be uploading).
+ *
+ * ## Retry Behavior
+ *
+ * - Uses exponential backoff starting at 100ms
+ * - Doubles delay after each retry (100ms → 200ms → 400ms → ...)
+ * - Retries up to `maxRetries` times (default: 5)
+ * - Only retries on 404 errors (file not yet uploaded)
+ *
+ * ## Use Case
+ *
+ * Client-to-client file sharing workflow:
+ * 1. Client A sends message with file reference
+ * 2. Server broadcasts message to Client B
+ * 3. Client A uploads file to server (may take time)
+ * 4. Client B receives message, attempts to fetch file
+ * 5. If 404, retry until file is available
+ *
+ * @param {Object} data - Data object potentially containing F-tagged file references
+ * @param {number} [maxRetries=5] - Maximum number of retry attempts per file
+ * @returns {Promise<Object>} Hydrated data object with shared files fetched
+ *
+ * @example
+ * // Receiving a shared file from another client
+ * const message = {
+ *   "sharedDoc<!F>": "uniquefilehash",
+ *   "sender": "alice",
+ *   "text": "Here's the document you requested"
+ * }
+ *
+ * const hydrated = await fetchSharedFiles(message)
+ * // Result:
+ * // {
+ * //   sharedDoc: ArrayBuffer(...),  // The shared file
+ * //   sender: "alice",
+ * //   text: "Here's the document you requested"
+ * // }
+ *
+ * @example
+ * // With custom retry count
+ * const hydrated = await fetchSharedFiles(data, 10) // Up to 10 retries
+ *
+ * @example
+ * // Multiple shared files
+ * const data = {
+ *   "photo<!F>": "hash1",
+ *   "video<!F>": "hash2",
+ *   caption: "My vacation pics!"
+ * }
+ *
+ * // Both files fetched in parallel with independent retry logic
+ * const hydrated = await fetchSharedFiles(data)
+ */
+export async function fetchSharedFiles(data, maxRetries = 5) {
+  const files = findTaggedProps(data, "F");
+  if (files.length === 0) return data;
+  console.log(`🦍 Fetching ${files.length} shared file(s)`);
+  const cleanedData = cleanTaggedKeys(data, "F");
+  const baseUrl = getBaseUrl();
+  await Promise.all(
+    files.map(async ({ path, hash }) => {
+      let retries = 0;
+      let backoff = 100;
+      while (retries < maxRetries) {
+        try {
+          const response = await fetch(`${baseUrl}/api/ape/data/${hash}`, {
+            credentials: "include",
+          });
+          if (!response.ok) {
+            // Retry on 404 (file not yet uploaded)
+            if (response.status === 404 && retries < maxRetries - 1) {
+              retries++;
+              await new Promise((r) => setTimeout(r, backoff));
+              backoff *= 2;
+              continue;
+            }
+            throw new Error(`Failed to fetch shared file: ${response.status}`);
+          }
+          setValueAtPath(cleanedData, path, await response.arrayBuffer());
+          break;
+        } catch (err) {
+          if (retries >= maxRetries - 1) {
+            console.error(`🦍 Failed to fetch shared file at ${path}:`, err);
+            setValueAtPath(cleanedData, path, null);
+          }
+          retries++;
+          await new Promise((r) => setTimeout(r, backoff));
+          backoff *= 2;
+        }
+      }
+    }),
+  );
+  return cleanedData;
+}