core-services-sdk 1.3.2 → 1.3.4

package/src/mongodb/index.js

@@ -1,73 +1,3 @@
-// @ts-nocheck
-import { mongoConnect } from './connect.js'
-
-/**
- * Initializes MongoDB collections and provides a transaction wrapper and read-only client accessor.
- *
- * @param {Object} options
- * @param {{ uri: string, options: { dbName: string } }} options.config - MongoDB connection config
- * @param {Record<string, string>} options.collectionNames - Map of collection keys to MongoDB collection names
- *
- * @returns {Promise<
- *   Record<string, import('mongodb').Collection> & {
- *     withTransaction: (action: ({ session: import('mongodb').ClientSession }) => Promise<void>) => Promise<void>,
- *     readonly client: import('mongodb').MongoClient
- *   }
- * >}
- *
- * @example
- * const { users, logs, withTransaction, client } = await initializeMongoDb({
- *   config: {
- *     uri: 'mongodb://localhost:27017',
- *     options: { dbName: 'mydb' },
- *   },
- *   collectionNames: {
- *     users: 'users',
- *     logs: 'system_logs',
- *   },
- * });
- *
- * await withTransaction(async ({ session }) => {
- *   await users.insertOne({ name: 'Alice' }, { session });
- *   await logs.insertOne({ event: 'UserCreated', user: 'Alice' }, { session });
- * });
- *
- * await client.close(); // Close connection manually
- */
-export const initializeMongoDb = async ({ config, collectionNames = {} }) => {
-  const client = await mongoConnect(config)
-  const db = client.db(config.options.dbName)
-
-  const collectionRefs = Object.entries(collectionNames).reduce(
-    (collections, [key, collectionName]) => ({
-      ...collections,
-      [key]: db.collection(collectionName),
-    }),
-    {},
-  )
-
-  const withTransaction = async (action) => {
-    const session = client.startSession()
-    let actionResponse
-    try {
-      session.startTransaction()
-      actionResponse = await action({ session })
-      await session.commitTransaction()
-    } catch (error) {
-      await session.abortTransaction()
-      throw error
-    } finally {
-      await session.endSession()
-      return actionResponse
-    }
-  }
-
-  return {
-    ...collectionRefs,
-    withTransaction,
-    /** @type {import('mongodb').MongoClient} */
-    get client() {
-      return client
-    },
-  }
-}
+export * from './connect.js'
+export * from './initialize-mongodb.js'
+export * from './validate-mongo-uri.js'

package/src/mongodb/initialize-mongodb.js

@@ -0,0 +1,73 @@
+// @ts-nocheck
+import { mongoConnect } from './connect.js'
+
+/**
+ * Initializes MongoDB collections and provides a transaction wrapper and read-only client accessor.
+ *
+ * @param {Object} options
+ * @param {{ uri: string, options: { dbName: string } }} options.config - MongoDB connection config
+ * @param {Record<string, string>} options.collectionNames - Map of collection keys to MongoDB collection names
+ *
+ * @returns {Promise<
+ *   Record<string, import('mongodb').Collection> & {
+ *     withTransaction: (action: ({ session: import('mongodb').ClientSession }) => Promise<void>) => Promise<void>,
+ *     readonly client: import('mongodb').MongoClient
+ *   }
+ * >}
+ *
+ * @example
+ * const { users, logs, withTransaction, client } = await initializeMongoDb({
+ *   config: {
+ *     uri: 'mongodb://localhost:27017',
+ *     options: { dbName: 'mydb' },
+ *   },
+ *   collectionNames: {
+ *     users: 'users',
+ *     logs: 'system_logs',
+ *   },
+ * });
+ *
+ * await withTransaction(async ({ session }) => {
+ *   await users.insertOne({ name: 'Alice' }, { session });
+ *   await logs.insertOne({ event: 'UserCreated', user: 'Alice' }, { session });
+ * });
+ *
+ * await client.close(); // Close connection manually
+ */
+export const initializeMongoDb = async ({ config, collectionNames = {} }) => {
+  const client = await mongoConnect(config)
+  const db = client.db(config.options.dbName)
+
+  const collectionRefs = Object.entries(collectionNames).reduce(
+    (collections, [key, collectionName]) => ({
+      ...collections,
+      [key]: db.collection(collectionName),
+    }),
+    {},
+  )
+
+  const withTransaction = async (action) => {
+    const session = client.startSession()
+    let actionResponse
+    try {
+      session.startTransaction()
+      actionResponse = await action({ session })
+      await session.commitTransaction()
+    } catch (error) {
+      await session.abortTransaction()
+      throw error
+    } finally {
+      await session.endSession()
+      return actionResponse
+    }
+  }
+
+  return {
+    ...collectionRefs,
+    withTransaction,
+    /** @type {import('mongodb').MongoClient} */
+    get client() {
+      return client
+    },
+  }
+}

package/src/mongodb/validate-mongo-uri.js

@@ -0,0 +1,32 @@
+/**
+ * Validates whether a given string is a properly formatted MongoDB URI.
+ *
+ * Supports both standard (`mongodb://`) and SRV (`mongodb+srv://`) protocols.
+ *
+ * @param {string} uri - The URI string to validate.
+ * @returns {boolean} `true` if the URI is a valid MongoDB connection string, otherwise `false`.
+ *
+ * @example
+ * isValidMongoUri('mongodb://localhost:27017/mydb') // true
+ * isValidMongoUri('mongodb+srv://cluster.example.com/test') // true
+ * isValidMongoUri('http://localhost') // false
+ * isValidMongoUri('') // false
+ */
+export function isValidMongoUri(uri) {
+  if (typeof uri !== 'string' || !uri.trim()) {
+    return false
+  }
+
+  try {
+    const parsed = new URL(uri)
+
+    const isValidProtocol =
+      parsed.protocol === 'mongodb:' || parsed.protocol === 'mongodb+srv:'
+
+    const hasHostname = Boolean(parsed.hostname)
+
+    return isValidProtocol && hasHostname
+  } catch (e) {
+    return false
+  }
+}

package/tests/core/combine-unique-arrays.unit.test.js

@@ -0,0 +1,35 @@
+import { describe, it, expect } from 'vitest'
+
+import { combineUniqueArrays } from '../../src/core/combine-unique-arrays.js'
+
+describe('combineUniqueArrays', () => {
+  it('should combine arrays and remove duplicates (numbers)', () => {
+    const result = combineUniqueArrays([1, 2], [2, 3], [3, 4])
+    expect(result).toEqual([1, 2, 3, 4])
+  })
+
+  it('should combine arrays and remove duplicates (strings)', () => {
+    const result = combineUniqueArrays(['a', 'b'], ['b', 'c'])
+    expect(result).toEqual(['a', 'b', 'c'])
+  })
+
+  it('should return empty array when no input is provided', () => {
+    const result = combineUniqueArrays()
+    expect(result).toEqual([])
+  })
+
+  it('should handle single array', () => {
+    const result = combineUniqueArrays([1, 2, 2, 3])
+    expect(result).toEqual([1, 2, 3])
+  })
+
+  it('should preserve order of first appearance', () => {
+    const result = combineUniqueArrays(['b', 'a'], ['a', 'c'])
+    expect(result).toEqual(['b', 'a', 'c'])
+  })
+
+  it('should handle mixed types', () => {
+    const result = combineUniqueArrays(['1', 1, true, 'true'], [true, '1'])
+    expect(result).toEqual(['1', 1, true, 'true'])
+  })
+})

package/tests/core/normalize-to-array.unit.test.js

@@ -0,0 +1,43 @@
+import { describe, it, expect } from 'vitest'
+
+import { normalizeToArray } from '../../src/core/normalize-to-array.js'
+
+describe('normalizeToArray', () => {
+  it('should return an empty array for undefined', () => {
+    expect(normalizeToArray(undefined)).toEqual([])
+  })
+
+  it('should return an empty array for null', () => {
+    expect(normalizeToArray(null)).toEqual([])
+  })
+
+  it('should split a comma-separated string and trim each value', () => {
+    expect(normalizeToArray('a,b, c , ,d')).toEqual(['a', 'b', 'c', 'd'])
+  })
+
+  it('should handle string with extra commas and spaces', () => {
+    expect(normalizeToArray(' , a , ,b,, ,c ,')).toEqual(['a', 'b', 'c'])
+  })
+
+  it('should trim and filter empty values from an array of strings', () => {
+    expect(normalizeToArray([' a ', 'b', '', '   ', 'c'])).toEqual([
+      'a',
+      'b',
+      'c',
+    ])
+  })
+
+  it('should convert non-string/non-array values to string and split by comma', () => {
+    expect(normalizeToArray(123)).toEqual(['123'])
+    expect(normalizeToArray(true)).toEqual(['true'])
+    expect(normalizeToArray({})).toEqual(['[object Object]'])
+  })
+
+  it('should handle an array of non-string values', () => {
+    expect(normalizeToArray([1, ' 2 ', null, undefined, true])).toEqual(['2'])
+  })
+
+  it('should preserve order of values after normalization', () => {
+    expect(normalizeToArray(['  b ', 'a', ' c '])).toEqual(['b', 'a', 'c'])
+  })
+})

package/tests/core/otp-generators.unit.test.js

@@ -0,0 +1,93 @@
+import { describe, it, expect } from 'vitest'
+
+import {
+  generateCode,
+  generateCodeAlpha,
+  generateCodeDigits,
+  generateCodeAlphaNumeric,
+  generateCodeAlphaNumericSymbols,
+  OTP_GENERATOR_TYPES,
+} from '../../src/core/otp-generators.js'
+
+const charsetForType = {
+  [OTP_GENERATOR_TYPES.numeric]: /^[0-9]+$/,
+  [OTP_GENERATOR_TYPES.alpha]: /^[a-zA-Z]+$/,
+  [OTP_GENERATOR_TYPES.symbols]: /^[!@#$%^&*()_+\-=\[\]{}|;:,.<>?]+$/,
+  [OTP_GENERATOR_TYPES.alphaLower]: /^[a-z]+$/,
+  [OTP_GENERATOR_TYPES.alphaUpper]: /^[A-Z]+$/,
+  [OTP_GENERATOR_TYPES.alphanumeric]: /^[a-zA-Z0-9]+$/,
+  [OTP_GENERATOR_TYPES.alphanumericSymbols]:
+    /^[a-zA-Z0-9!@#$%^&*()_+\-=\[\]{}|;:,.<>?]+$/,
+  [OTP_GENERATOR_TYPES.any]: /^[a-zA-Z0-9!@#$%^&*()_+\-=\[\]{}|;:,.<>?]+$/,
+}
+
+describe('generateCode', () => {
+  it('generates code with correct length', () => {
+    const code = generateCode({ length: 10, type: 'numeric' })
+    expect(code).toHaveLength(10)
+  })
+
+  it('uses fallback to default type when type is not provided', () => {
+    const code = generateCode()
+    expect(code).toMatch(/^[0-9]+$/)
+  })
+
+  it('throws error for invalid length', () => {
+    expect(() => generateCode({ length: 0 })).toThrow(/length must be a number/)
+    expect(() => generateCode({ length: 100 })).toThrow(
+      /length must be a number/,
+    )
+  })
+
+  it('throws error for invalid charset (non-string)', () => {
+    // @ts-ignore
+    expect(() => generateCode({ charset: 123 })).toThrow(
+      /charset must be a string/,
+    )
+  })
+
+  it('throws error for empty charset', () => {
+    expect(() => generateCode({ charset: '' })).toThrow(
+      /charset must not be empty/,
+    )
+  })
+
+  it('throws error for unknown type', () => {
+    expect(() => generateCode({ type: 'unknown_type' })).toThrow(
+      /type must be one of:/,
+    )
+  })
+
+  it('respects custom charset', () => {
+    const code = generateCode({ length: 5, charset: 'ABC' })
+    expect(code).toMatch(/^[ABC]+$/)
+    expect(code.length).toBe(5)
+  })
+
+  for (const [type, regex] of Object.entries(charsetForType)) {
+    it(`generates ${type} OTP correctly`, () => {
+      const code = generateCode({ length: 8, type })
+      expect(code).toMatch(regex)
+    })
+  }
+})
+
+describe('Shortcuts', () => {
+  it('generateCodeAlpha produces alphabetic code', () => {
+    expect(generateCodeAlpha(6)).toMatch(/^[a-zA-Z]{6}$/)
+  })
+
+  it('generateCodeDigits produces numeric code', () => {
+    expect(generateCodeDigits(6)).toMatch(/^[0-9]{6}$/)
+  })
+
+  it('generateCodeAlphaNumeric produces alphanumeric code', () => {
+    expect(generateCodeAlphaNumeric(6)).toMatch(/^[a-zA-Z0-9]{6}$/)
+  })
+
+  it('generateCodeAlphaNumericSymbols includes symbols', () => {
+    expect(generateCodeAlphaNumericSymbols(6)).toMatch(
+      /^[a-zA-Z0-9!@#$%^&*()_+\-=\[\]{}|;:,.<>?]{6}$/,
+    )
+  })
+})

package/tests/core/regex-utils.unit.test.js

@@ -0,0 +1,41 @@
+// @ts-nocheck
+import { describe, it, expect } from 'vitest'
+
+import { isValidRegex } from '../../src/core/regex-utils.js'
+
+describe('isValidRegex', () => {
+  it('returns true for valid regex strings', () => {
+    expect(isValidRegex('^[a-z]+$')).toBe(true)
+    expect(isValidRegex('\\d{3}-\\d{2}-\\d{4}')).toBe(true)
+    expect(isValidRegex('^\\w+@[a-zA-Z_]+?\\.[a-zA-Z]{2,3}$')).toBe(true)
+    expect(isValidRegex('.*')).toBe(true)
+    expect(isValidRegex('^$')).toBe(true)
+  })
+
+  it('returns true for RegExp objects', () => {
+    expect(isValidRegex(/^[a-z]+$/)).toBe(true)
+    expect(isValidRegex(/\d{3}/)).toBe(true)
+    expect(isValidRegex(/abc/i)).toBe(true)
+  })
+
+  it('returns false for invalid regex strings', () => {
+    expect(isValidRegex('[')).toBe(false)
+    expect(isValidRegex('(')).toBe(false)
+    expect(isValidRegex('\\')).toBe(false)
+    expect(isValidRegex('[a-z')).toBe(false)
+    expect(isValidRegex('(abc')).toBe(false)
+  })
+
+  it('returns false for invalid types', () => {
+    expect(isValidRegex(undefined)).toBe(false)
+    expect(isValidRegex(null)).toBe(false)
+    expect(isValidRegex(123)).toBe(false)
+    expect(isValidRegex({})).toBe(false)
+    expect(isValidRegex([])).toBe(false)
+    expect(isValidRegex(true)).toBe(false)
+  })
+
+  it('returns true for an empty string (valid regex)', () => {
+    expect(isValidRegex('')).toBe(true) // equivalent to: new RegExp('')
+  })
+})

package/tests/core/sanitize-objects.unit.test.js

@@ -0,0 +1,78 @@
+import { describe, it, expect } from 'vitest'
+
+import {
+  sanitizeObject,
+  sanitizeUndefinedFields,
+  sanitizeObjectAllowProps,
+  sanitizeObjectDisallowProps,
+} from '../../src/core/sanitize-objects.js'
+
+describe('sanitizeObject', () => {
+  it('filters object based on provided filter function', () => {
+    const result = sanitizeObject({ a: 1, b: 2, c: 3 }, ([key]) => key !== 'b')
+    expect(result).toEqual({ a: 1, c: 3 })
+  })
+
+  it('returns empty object when no entries pass the filter', () => {
+    const result = sanitizeObject({ a: 1 }, () => false)
+    expect(result).toEqual({})
+  })
+
+  it('returns full object when all entries pass the filter', () => {
+    const input = { a: 1, b: 2 }
+    const result = sanitizeObject(input, () => true)
+    expect(result).toEqual(input)
+  })
+})
+
+describe('sanitizeUndefinedFields', () => {
+  it('removes properties with undefined values', () => {
+    const result = sanitizeUndefinedFields({ a: 1, b: undefined, c: null })
+    expect(result).toEqual({ a: 1, c: null })
+  })
+
+  it('returns empty object if all values are undefined', () => {
+    const result = sanitizeUndefinedFields({ a: undefined, b: undefined })
+    expect(result).toEqual({})
+  })
+
+  it('does not remove null or falsy (but defined) values', () => {
+    const result = sanitizeUndefinedFields({ a: null, b: 0, c: false, d: '' })
+    expect(result).toEqual({ a: null, b: 0, c: false, d: '' })
+  })
+})
+
+describe('sanitizeObjectAllowProps', () => {
+  it('keeps only allowed fields', () => {
+    const result = sanitizeObjectAllowProps({ a: 1, b: 2, c: 3 }, ['a', 'c'])
+    expect(result).toEqual({ a: 1, c: 3 })
+  })
+
+  it('returns empty object if allowedFields is empty', () => {
+    const result = sanitizeObjectAllowProps({ a: 1, b: 2 }, [])
+    expect(result).toEqual({})
+  })
+
+  it('ignores fields not present in the object', () => {
+    const result = sanitizeObjectAllowProps({ a: 1 }, ['a', 'b', 'c'])
+    expect(result).toEqual({ a: 1 })
+  })
+})
+
+describe('sanitizeObjectDisallowProps', () => {
+  it('removes disallowed fields from object', () => {
+    const result = sanitizeObjectDisallowProps({ a: 1, b: 2, c: 3 }, ['b'])
+    expect(result).toEqual({ a: 1, c: 3 })
+  })
+
+  it('returns full object if disallowedFields is empty', () => {
+    const input = { a: 1, b: 2 }
+    const result = sanitizeObjectDisallowProps(input, [])
+    expect(result).toEqual(input)
+  })
+
+  it('removes all properties if all are disallowed', () => {
+    const result = sanitizeObjectDisallowProps({ a: 1, b: 2 }, ['a', 'b'])
+    expect(result).toEqual({})
+  })
+})

package/tests/crypto/crypto.unit.test.js

@@ -0,0 +1,130 @@
+import { describe, it, expect } from 'vitest'
+
+import {
+  getSalt,
+  encrypt,
+  getSaltHex,
+  isPasswordMatch,
+  getEncryptedBuffer,
+} from '../../src/crypto/crypto.js'
+
+const examplePassword = 'S3cretP@ssword'
+const examplePrivateKey = 'my-private-key'
+
+describe('getSalt', () => {
+  it('returns a Buffer of the correct length', () => {
+    const salt = getSalt(16)
+    expect(Buffer.isBuffer(salt)).toBe(true)
+    expect(salt.length).toBe(16)
+  })
+})
+
+describe('getSaltHex', () => {
+  it('returns a hex string of expected length', () => {
+    const saltHex = getSaltHex(16)
+    expect(typeof saltHex).toBe('string')
+    expect(saltHex.length).toBe(32) // 16 bytes → 32 hex chars
+    expect(/^[0-9a-f]+$/i.test(saltHex)).toBe(true)
+  })
+})
+
+describe('getEncryptedBuffer', () => {
+  it('returns a Buffer of the correct derived key length', async () => {
+    const salt = 'abc123'
+    const buffer = await getEncryptedBuffer({
+      expression: examplePassword,
+      salt,
+      length: 64,
+    })
+    expect(Buffer.isBuffer(buffer)).toBe(true)
+    expect(buffer.length).toBe(64)
+  })
+})
+
+describe('encrypt', () => {
+  it('returns a hex string from encrypted input', async () => {
+    const salt = 'abc123'
+    const encrypted = await encrypt({
+      expression: examplePassword,
+      salt,
+      passwordPrivateKey: examplePrivateKey,
+    })
+    expect(typeof encrypted).toBe('string')
+    expect(encrypted.length).toBeGreaterThan(0)
+    expect(/^[0-9a-f]+$/i.test(encrypted)).toBe(true)
+  })
+
+  it('produces different output when private key changes', async () => {
+    const salt = 'abc123'
+
+    const encrypted1 = await encrypt({
+      expression: examplePassword,
+      salt,
+      passwordPrivateKey: 'A',
+    })
+
+    const encrypted2 = await encrypt({
+      expression: examplePassword,
+      salt,
+      passwordPrivateKey: 'B',
+    })
+
+    expect(encrypted1).not.toEqual(encrypted2)
+  })
+})
+
+describe('isPasswordMatch', () => {
+  it('returns true when password matches encrypted value', async () => {
+    const salt = getSaltHex(16)
+    const encrypted = await encrypt({
+      expression: examplePassword,
+      salt,
+      passwordPrivateKey: examplePrivateKey,
+    })
+
+    const result = await isPasswordMatch({
+      salt,
+      password: examplePassword,
+      encryptedPassword: encrypted,
+      passwordPrivateKey: examplePrivateKey,
+    })
+
+    expect(result).toBe(true)
+  })
+
+  it('returns false when password does not match', async () => {
+    const salt = getSaltHex(16)
+    const encrypted = await encrypt({
+      expression: examplePassword,
+      salt,
+      passwordPrivateKey: examplePrivateKey,
+    })
+
+    const result = await isPasswordMatch({
+      salt,
+      password: 'wrong-password',
+      encryptedPassword: encrypted,
+      passwordPrivateKey: examplePrivateKey,
+    })
+
+    expect(result).toBe(false)
+  })
+
+  it('returns false when private key is incorrect', async () => {
+    const salt = getSaltHex(16)
+    const encrypted = await encrypt({
+      expression: examplePassword,
+      salt,
+      passwordPrivateKey: 'correct-key',
+    })
+
+    const result = await isPasswordMatch({
+      salt,
+      password: examplePassword,
+      encryptedPassword: encrypted,
+      passwordPrivateKey: 'wrong-key',
+    })
+
+    expect(result).toBe(false)
+  })
+})

package/tests/crypto/encryption.unit.test.js

@@ -0,0 +1,73 @@
+// @ts-nocheck
+import { describe, it, expect } from 'vitest'
+
+import { encryptPassword } from '../../src/crypto/encryption.js'
+
+describe('encryptPassword', () => {
+  const password = 'MyS3cretP@ss'
+  const privateKey = 'abc123'
+  const saltLength = 16
+
+  it('returns salt and password in expected format', async () => {
+    const result = await encryptPassword(
+      { password },
+      { saltLength, passwordPrivateKey: privateKey },
+    )
+
+    expect(typeof result).toBe('object')
+    expect(typeof result.salt).toBe('string')
+    expect(typeof result.password).toBe('string')
+
+    expect(result.salt.length).toBe(saltLength * 2) // because it's hex
+    expect(result.salt).toMatch(/^[0-9a-f]+$/i)
+    expect(result.password).toMatch(/^[0-9a-f]+$/i)
+  })
+
+  it('produces different output for the same password (due to different salts)', async () => {
+    const result1 = await encryptPassword(
+      { password },
+      { saltLength, passwordPrivateKey: privateKey },
+    )
+
+    const result2 = await encryptPassword(
+      { password },
+      { saltLength, passwordPrivateKey: privateKey },
+    )
+
+    expect(result1.password).not.toEqual(result2.password)
+    expect(result1.salt).not.toEqual(result2.salt)
+  })
+
+  it('produces different output when passwordPrivateKey is changed', async () => {
+    const result1 = await encryptPassword(
+      { password },
+      { saltLength, passwordPrivateKey: 'key1' },
+    )
+
+    const result2 = await encryptPassword(
+      { password },
+      { saltLength, passwordPrivateKey: 'key2' },
+    )
+
+    expect(result1.password).not.toEqual(result2.password)
+  })
+
+  it('works without passwordPrivateKey', async () => {
+    const result = await encryptPassword({ password }, { saltLength })
+
+    expect(result).toHaveProperty('salt')
+    expect(result).toHaveProperty('password')
+  })
+
+  it('throws if password is missing', async () => {
+    await expect(() =>
+      encryptPassword({}, { saltLength, passwordPrivateKey: privateKey }),
+    ).rejects.toThrow()
+  })
+
+  it('throws if saltLength is missing', async () => {
+    await expect(() =>
+      encryptPassword({ password }, { passwordPrivateKey: privateKey }),
+    ).rejects.toThrow()
+  })
+})