devframe 0.6.0-beta.2 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/build.d.mts +1 -1
- package/dist/adapters/build.mjs +2 -2
- package/dist/adapters/cli.d.mts +1 -1
- package/dist/adapters/cli.mjs +9 -6
- package/dist/adapters/dev.d.mts +9 -2
- package/dist/adapters/dev.mjs +1 -1
- package/dist/adapters/embedded.d.mts +1 -1
- package/dist/adapters/mcp.d.mts +1 -1
- package/dist/adapters/mcp.mjs +1 -337
- package/dist/build-server-0jWgMrz-.mjs +338 -0
- package/dist/client/index.d.mts +2 -2
- package/dist/client/index.mjs +56 -22
- package/dist/constants.d.mts +31 -1
- package/dist/constants.mjs +33 -1
- package/dist/{context-3x_bgBgZ.mjs → context-CKJheEtf.mjs} +2 -2
- package/dist/{context-BEVByy_Z.d.mts → context-UX9qUDK7.d.mts} +1 -1
- package/dist/{dev-BaX8fLH2.mjs → dev-zC5542OV.mjs} +49 -6
- package/dist/{devframe-D-gr9sBx.d.mts → devframe-BtVHhmwM.d.mts} +76 -4
- package/dist/{dump-DoXkj4ku.mjs → dump-D09PZb7T.mjs} +14 -4
- package/dist/{hash-DFc5WwhO.mjs → hash-PAfnyu2k.mjs} +1 -1
- package/dist/helpers/vite.d.mts +1 -1
- package/dist/helpers/vite.mjs +2 -2
- package/dist/{host-h3-C5SZlk03.mjs → host-h3-Dsf-Tgwx.mjs} +37 -11
- package/dist/http-COX960WK.mjs +114 -0
- package/dist/index-ByaMT1Xp.d.mts +107 -0
- package/dist/{index-CxaPKDXX.d.mts → index-Dy6GFDRf.d.mts} +1 -0
- package/dist/index.d.mts +2 -2
- package/dist/{launch-editor-DPfltGA4.mjs → launch-editor-DIzaS5EG.mjs} +58 -43
- package/dist/node/auth.d.mts +2 -64
- package/dist/node/auth.mjs +2 -100
- package/dist/node/hub-internals.d.mts +2 -2
- package/dist/node/hub-internals.mjs +1 -1
- package/dist/node/index.d.mts +3 -3
- package/dist/node/index.mjs +3 -3
- package/dist/recipes/interactive-auth.d.mts +53 -0
- package/dist/recipes/interactive-auth.mjs +132 -0
- package/dist/recipes/open-helpers.mjs +2 -2
- package/dist/{revoke-ENfxWkFK.mjs → revoke-BtQDKTp7.mjs} +1 -1
- package/dist/rpc/dump.mjs +1 -1
- package/dist/rpc/index.d.mts +2 -2
- package/dist/rpc/index.mjs +4 -1
- package/dist/rpc/transports/ws-client.mjs +21 -8
- package/dist/{server-Dl6TU5LE.mjs → server-CAsvfJNK.mjs} +51 -15
- package/dist/{server-rX781kz-.d.mts → server-Cfr1NrGQ.d.mts} +52 -10
- package/dist/{shared-state-D4PPieA0.mjs → shared-state-QtMas0NG.mjs} +34 -4
- package/dist/state-WX3HT5a3.mjs +101 -0
- package/dist/{storage-l2ezeend.mjs → storage-yrUZaiib.mjs} +55 -6
- package/dist/types/index.d.mts +2 -2
- package/dist/utils/crypto-token.mjs +1 -1
- package/dist/utils/events.d.mts +1 -1
- package/dist/utils/hash.mjs +1 -1
- package/dist/utils/launch-editor.mjs +1 -1
- package/dist/utils/open.mjs +1 -1
- package/dist/utils/serve-static.mjs +2 -1
- package/dist/utils/shared-state.d.mts +1 -1
- package/dist/utils/shared-state.mjs +1 -1
- package/dist/utils/streaming-channel.d.mts +1 -1
- package/dist/utils/when.d.mts +1 -1
- package/package.json +10 -9
- package/dist/{open-Dusa2Zzd.mjs → open-Deb5xmIT.mjs} +1 -1
package/dist/index.d.mts
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
import { $ as
|
|
1
|
+
import { $ as ScopedClientFunctions, C as RpcStreamingHost, Ct as EventsMap, G as Thenable, J as DevframeScopedStreamingHost, K as DevframeScopedNodeContext, Q as ScopedBroadcastOptions, S as RpcStreamingChannelOptions, St as EventUnsubscribe, U as EntriesToObject, W as PartialWithoutId, X as DevframeSettingsRegistry, Y as DevframeSettings, Z as DevframeSettingsStore, _ as RpcBroadcastOptions, _t as AgentTool, a as DevframeDuplicationStrategy, at as DevframeRpcServerFunctions, b as RpcSharedStateHost, bt as DevframeAgentHostEvents, c as DevframeSpaOptions, ct as DevframeDefineDiagnosticsOptions, d as defineDevframe, dt as DevframeDiagnosticsLogger, et as ScopedServerFunctions, f as ConnectionMeta, ft as AgentHandle, g as DevframeNodeRpcSession, gt as AgentResourceInput, h as DevframeNodeContext, ht as AgentResourceContent, i as DevframeDeploymentKind, it as DevframeRpcClientFunctions, l as DevframeWsOptions, lt as DevframeDiagnosticsDefinition, m as DevframeCapabilities, mt as AgentResource, n as DevframeCliOptions, nt as SettingsForNamespace, o as DevframeRuntime, ot as DevframeRpcSharedStates, p as ConnectionMetaWebsocket, pt as AgentManifest, q as DevframeScopedNodeRpc, r as DevframeDefinition, rt as DevframeViewHost, s as DevframeSetupInfo, st as DevframeHost, t as DevframeBrowserContext, tt as ScopedSharedStates, u as McpRouteOptions, ut as DevframeDiagnosticsHost, v as RpcFunctionsHost, vt as AgentToolInput, x as RpcStreamingChannel, xt as EventEmitter, y as RpcSharedStateGetOptions, yt as DevframeAgentHost } from "./devframe-BtVHhmwM.mjs";
|
|
2
2
|
import { C as RpcFunctionType, T as RpcReturnSchema, _ as RpcFunctionDefinition, g as RpcFunctionAgentOptions, i as RpcArgsSchema } from "./types-DZEx4ffs.mjs";
|
|
3
3
|
import { t as DevframeNodeRpcSessionMeta } from "./ws-server-Bc2wBHl-.mjs";
|
|
4
4
|
|
|
5
5
|
//#region src/define.d.ts
|
|
6
6
|
declare const defineRpcFunction: <NAME extends string, TYPE extends RpcFunctionType, ARGS extends any[], RETURN = void, const AS extends RpcArgsSchema | undefined = undefined, const RS extends RpcReturnSchema | undefined = undefined>(definition: RpcFunctionDefinition<NAME, TYPE, ARGS, RETURN, AS, RS, DevframeNodeContext>) => RpcFunctionDefinition<NAME, TYPE, ARGS, RETURN, AS, RS, DevframeNodeContext>;
|
|
7
7
|
//#endregion
|
|
8
|
-
export { AgentHandle, AgentManifest, AgentResource, AgentResourceContent, AgentResourceInput, AgentTool, AgentToolInput, ConnectionMeta, ConnectionMetaWebsocket, DevframeAgentHost, DevframeAgentHostEvents, DevframeBrowserContext, DevframeCapabilities, DevframeCliOptions, DevframeDefineDiagnosticsOptions, DevframeDefinition, DevframeDeploymentKind, DevframeDiagnosticsDefinition, DevframeDiagnosticsHost, DevframeDiagnosticsLogger, DevframeDuplicationStrategy, DevframeHost, DevframeNodeContext, DevframeNodeRpcSession, DevframeNodeRpcSessionMeta, DevframeRpcClientFunctions, DevframeRpcServerFunctions, DevframeRpcSharedStates, DevframeRuntime, DevframeScopedNodeContext, DevframeScopedNodeRpc, DevframeScopedStreamingHost, DevframeSettings, DevframeSettingsRegistry, DevframeSettingsStore, DevframeSetupInfo, DevframeSpaOptions, DevframeViewHost, DevframeWsOptions, EntriesToObject, EventEmitter, EventUnsubscribe, EventsMap, PartialWithoutId, RpcBroadcastOptions, RpcFunctionAgentOptions, RpcFunctionsHost, RpcSharedStateGetOptions, RpcSharedStateHost, RpcStreamingChannel, RpcStreamingChannelOptions, RpcStreamingHost, ScopedBroadcastOptions, ScopedClientFunctions, ScopedServerFunctions, ScopedSharedStates, SettingsForNamespace, Thenable, defineDevframe, defineRpcFunction };
|
|
8
|
+
export { type AgentHandle, type AgentManifest, type AgentResource, type AgentResourceContent, type AgentResourceInput, type AgentTool, type AgentToolInput, type ConnectionMeta, type ConnectionMetaWebsocket, type DevframeAgentHost, type DevframeAgentHostEvents, type DevframeBrowserContext, type DevframeCapabilities, type DevframeCliOptions, type DevframeDefineDiagnosticsOptions, type DevframeDefinition, type DevframeDeploymentKind, type DevframeDiagnosticsDefinition, type DevframeDiagnosticsHost, type DevframeDiagnosticsLogger, type DevframeDuplicationStrategy, type DevframeHost, type DevframeNodeContext, type DevframeNodeRpcSession, type DevframeNodeRpcSessionMeta, type DevframeRpcClientFunctions, type DevframeRpcServerFunctions, type DevframeRpcSharedStates, type DevframeRuntime, type DevframeScopedNodeContext, type DevframeScopedNodeRpc, type DevframeScopedStreamingHost, type DevframeSettings, type DevframeSettingsRegistry, type DevframeSettingsStore, type DevframeSetupInfo, type DevframeSpaOptions, type DevframeViewHost, type DevframeWsOptions, type EntriesToObject, type EventEmitter, type EventUnsubscribe, type EventsMap, type McpRouteOptions, type PartialWithoutId, type RpcBroadcastOptions, type RpcFunctionAgentOptions, type RpcFunctionsHost, type RpcSharedStateGetOptions, type RpcSharedStateHost, type RpcStreamingChannel, type RpcStreamingChannelOptions, type RpcStreamingHost, type ScopedBroadcastOptions, type ScopedClientFunctions, type ScopedServerFunctions, type ScopedSharedStates, type SettingsForNamespace, type Thenable, type defineDevframe, defineRpcFunction };
|
|
@@ -21,7 +21,7 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
|
|
|
21
21
|
value: mod,
|
|
22
22
|
enumerable: true
|
|
23
23
|
}) : target, mod));
|
|
24
|
-
var __require = /*
|
|
24
|
+
var __require = /* #__PURE__ */ (() => createRequire(import.meta.url))();
|
|
25
25
|
//#endregion
|
|
26
26
|
//#region ../../node_modules/.pnpm/picocolors@1.1.1/node_modules/picocolors/picocolors.js
|
|
27
27
|
var require_picocolors = /* @__PURE__ */ __commonJSMin(((exports, module) => {
|
|
@@ -324,7 +324,7 @@ var require_shell_quote = /* @__PURE__ */ __commonJSMin(((exports) => {
|
|
|
324
324
|
exports.parse = require_parse();
|
|
325
325
|
}));
|
|
326
326
|
//#endregion
|
|
327
|
-
//#region ../../node_modules/.pnpm/launch-editor@2.
|
|
327
|
+
//#region ../../node_modules/.pnpm/launch-editor@2.14.1/node_modules/launch-editor/editor-info/macos.js
|
|
328
328
|
var require_macos = /* @__PURE__ */ __commonJSMin(((exports, module) => {
|
|
329
329
|
module.exports = {
|
|
330
330
|
"/Applications/Atom.app/Contents/MacOS/Atom": "atom",
|
|
@@ -359,7 +359,7 @@ var require_macos = /* @__PURE__ */ __commonJSMin(((exports, module) => {
|
|
|
359
359
|
};
|
|
360
360
|
}));
|
|
361
361
|
//#endregion
|
|
362
|
-
//#region ../../node_modules/.pnpm/launch-editor@2.
|
|
362
|
+
//#region ../../node_modules/.pnpm/launch-editor@2.14.1/node_modules/launch-editor/editor-info/linux.js
|
|
363
363
|
var require_linux = /* @__PURE__ */ __commonJSMin(((exports, module) => {
|
|
364
364
|
module.exports = {
|
|
365
365
|
atom: "atom",
|
|
@@ -393,7 +393,7 @@ var require_linux = /* @__PURE__ */ __commonJSMin(((exports, module) => {
|
|
|
393
393
|
};
|
|
394
394
|
}));
|
|
395
395
|
//#endregion
|
|
396
|
-
//#region ../../node_modules/.pnpm/launch-editor@2.
|
|
396
|
+
//#region ../../node_modules/.pnpm/launch-editor@2.14.1/node_modules/launch-editor/editor-info/windows.js
|
|
397
397
|
var require_windows = /* @__PURE__ */ __commonJSMin(((exports, module) => {
|
|
398
398
|
module.exports = [
|
|
399
399
|
"Brackets.exe",
|
|
@@ -426,7 +426,7 @@ var require_windows = /* @__PURE__ */ __commonJSMin(((exports, module) => {
|
|
|
426
426
|
];
|
|
427
427
|
}));
|
|
428
428
|
//#endregion
|
|
429
|
-
//#region ../../node_modules/.pnpm/launch-editor@2.
|
|
429
|
+
//#region ../../node_modules/.pnpm/launch-editor@2.14.1/node_modules/launch-editor/guess.js
|
|
430
430
|
var require_guess = /* @__PURE__ */ __commonJSMin(((exports, module) => {
|
|
431
431
|
const path$2 = __require("path");
|
|
432
432
|
const shellQuote = require_shell_quote();
|
|
@@ -434,60 +434,74 @@ var require_guess = /* @__PURE__ */ __commonJSMin(((exports, module) => {
|
|
|
434
434
|
const COMMON_EDITORS_MACOS = require_macos();
|
|
435
435
|
const COMMON_EDITORS_LINUX = require_linux();
|
|
436
436
|
const COMMON_EDITORS_WIN = require_windows();
|
|
437
|
-
|
|
437
|
+
function getEditorFromMacProcesses(output) {
|
|
438
|
+
const processNames = Object.keys(COMMON_EDITORS_MACOS);
|
|
439
|
+
const processList = output.split("\n");
|
|
440
|
+
for (let i = 0; i < processNames.length; i++) {
|
|
441
|
+
const processName = processNames[i];
|
|
442
|
+
if (processList.includes(processName)) return COMMON_EDITORS_MACOS[processName];
|
|
443
|
+
const processNameWithoutApplications = processName.replace("/Applications", "");
|
|
444
|
+
if (output.indexOf(processNameWithoutApplications) !== -1) {
|
|
445
|
+
if (processName !== COMMON_EDITORS_MACOS[processName]) return COMMON_EDITORS_MACOS[processName];
|
|
446
|
+
const runningProcess = processList.find((procName) => procName.endsWith(processNameWithoutApplications));
|
|
447
|
+
if (runningProcess !== void 0) return runningProcess;
|
|
448
|
+
}
|
|
449
|
+
}
|
|
450
|
+
}
|
|
451
|
+
function getEditorFromWindowsProcesses(output) {
|
|
452
|
+
const runningProcesses = output.split("\r\n");
|
|
453
|
+
for (let i = 0; i < runningProcesses.length; i++) {
|
|
454
|
+
const fullProcessPath = runningProcesses[i].trim();
|
|
455
|
+
const shortProcessName = path$2.win32.basename(fullProcessPath);
|
|
456
|
+
if (COMMON_EDITORS_WIN.indexOf(shortProcessName) !== -1) return fullProcessPath;
|
|
457
|
+
}
|
|
458
|
+
}
|
|
459
|
+
function getEditorFromLinuxProcesses(output) {
|
|
460
|
+
const processNames = Object.keys(COMMON_EDITORS_LINUX);
|
|
461
|
+
for (let i = 0; i < processNames.length; i++) {
|
|
462
|
+
const processName = processNames[i];
|
|
463
|
+
if (output.indexOf(processName) !== -1) return COMMON_EDITORS_LINUX[processName];
|
|
464
|
+
}
|
|
465
|
+
}
|
|
466
|
+
function guessEditor(specifiedEditor) {
|
|
438
467
|
if (specifiedEditor) return shellQuote.parse(specifiedEditor);
|
|
439
468
|
if (process.env.LAUNCH_EDITOR) return [process.env.LAUNCH_EDITOR];
|
|
440
469
|
if (process.versions.webcontainer) return [process.env.EDITOR || "code"];
|
|
441
470
|
try {
|
|
442
471
|
if (process.platform === "darwin") {
|
|
443
|
-
const
|
|
472
|
+
const editor = getEditorFromMacProcesses(childProcess$1.execSync("ps x -o comm=", { stdio: [
|
|
444
473
|
"pipe",
|
|
445
474
|
"pipe",
|
|
446
475
|
"ignore"
|
|
447
|
-
] }).toString();
|
|
448
|
-
|
|
449
|
-
const processList = output.split("\n");
|
|
450
|
-
for (let i = 0; i < processNames.length; i++) {
|
|
451
|
-
const processName = processNames[i];
|
|
452
|
-
if (processList.includes(processName)) return [COMMON_EDITORS_MACOS[processName]];
|
|
453
|
-
const processNameWithoutApplications = processName.replace("/Applications", "");
|
|
454
|
-
if (output.indexOf(processNameWithoutApplications) !== -1) {
|
|
455
|
-
if (processName !== COMMON_EDITORS_MACOS[processName]) return [COMMON_EDITORS_MACOS[processName]];
|
|
456
|
-
const runningProcess = processList.find((procName) => procName.endsWith(processNameWithoutApplications));
|
|
457
|
-
if (runningProcess !== void 0) return [runningProcess];
|
|
458
|
-
}
|
|
459
|
-
}
|
|
476
|
+
] }).toString());
|
|
477
|
+
if (editor !== void 0) return [editor];
|
|
460
478
|
} else if (process.platform === "win32") {
|
|
461
|
-
const
|
|
479
|
+
const editor = getEditorFromWindowsProcesses(childProcess$1.execSync("powershell -NoProfile -Command \"[Console]::OutputEncoding=[Text.Encoding]::UTF8;Get-CimInstance -Query \\\"select executablepath from win32_process where executablepath is not null\\\" | % { $_.ExecutablePath }\"", { stdio: [
|
|
462
480
|
"pipe",
|
|
463
481
|
"pipe",
|
|
464
482
|
"ignore"
|
|
465
|
-
] }).toString()
|
|
466
|
-
|
|
467
|
-
const fullProcessPath = runningProcesses[i].trim();
|
|
468
|
-
const shortProcessName = path$2.basename(fullProcessPath);
|
|
469
|
-
if (COMMON_EDITORS_WIN.indexOf(shortProcessName) !== -1) return [fullProcessPath];
|
|
470
|
-
}
|
|
483
|
+
] }).toString());
|
|
484
|
+
if (editor !== void 0) return [editor];
|
|
471
485
|
} else if (process.platform === "linux") {
|
|
472
|
-
const
|
|
486
|
+
const editor = getEditorFromLinuxProcesses(childProcess$1.execSync("ps x --no-heading -o comm --sort=comm", { stdio: [
|
|
473
487
|
"pipe",
|
|
474
488
|
"pipe",
|
|
475
489
|
"ignore"
|
|
476
|
-
] }).toString();
|
|
477
|
-
|
|
478
|
-
for (let i = 0; i < processNames.length; i++) {
|
|
479
|
-
const processName = processNames[i];
|
|
480
|
-
if (output.indexOf(processName) !== -1) return [COMMON_EDITORS_LINUX[processName]];
|
|
481
|
-
}
|
|
490
|
+
] }).toString());
|
|
491
|
+
if (editor !== void 0) return [editor];
|
|
482
492
|
}
|
|
483
493
|
} catch (ignoreError) {}
|
|
484
494
|
if (process.env.VISUAL) return [process.env.VISUAL];
|
|
485
495
|
else if (process.env.EDITOR) return [process.env.EDITOR];
|
|
486
496
|
return [null];
|
|
487
|
-
}
|
|
497
|
+
}
|
|
498
|
+
module.exports = guessEditor;
|
|
499
|
+
module.exports.getEditorFromMacProcesses = getEditorFromMacProcesses;
|
|
500
|
+
module.exports.getEditorFromWindowsProcesses = getEditorFromWindowsProcesses;
|
|
501
|
+
module.exports.getEditorFromLinuxProcesses = getEditorFromLinuxProcesses;
|
|
488
502
|
}));
|
|
489
503
|
//#endregion
|
|
490
|
-
//#region ../../node_modules/.pnpm/launch-editor@2.
|
|
504
|
+
//#region ../../node_modules/.pnpm/launch-editor@2.14.1/node_modules/launch-editor/get-args.js
|
|
491
505
|
var require_get_args = /* @__PURE__ */ __commonJSMin(((exports, module) => {
|
|
492
506
|
const path$1 = __require("path");
|
|
493
507
|
module.exports = function getArgumentsForPosition(editor, fileName, lineNumber, columnNumber = 1) {
|
|
@@ -615,11 +629,12 @@ var import_launch_editor = /* @__PURE__ */ __toESM((/* @__PURE__ */ __commonJSMi
|
|
|
615
629
|
columnNumber: match && match[3]
|
|
616
630
|
};
|
|
617
631
|
}
|
|
618
|
-
let
|
|
632
|
+
let currentChildProcess = null;
|
|
619
633
|
function launchEditor(file, specifiedEditor, onErrorCallback) {
|
|
620
634
|
const parsed = parseFile(file);
|
|
621
635
|
let { fileName } = parsed;
|
|
622
636
|
const { lineNumber, columnNumber } = parsed;
|
|
637
|
+
if (process.platform === "win32" && path.resolve(fileName).startsWith("\\\\")) return onErrorCallback(fileName, "UNC paths are not supported on Windows to avoid security issues. See https://github.com/vitejs/launch-editor/tree/main/packages/launch-editor#unc-paths-on-windows for details.");
|
|
623
638
|
if (!fs.existsSync(fileName)) return;
|
|
624
639
|
if (typeof specifiedEditor === "function") {
|
|
625
640
|
onErrorCallback = specifiedEditor;
|
|
@@ -636,7 +651,7 @@ var import_launch_editor = /* @__PURE__ */ __toESM((/* @__PURE__ */ __commonJSMi
|
|
|
636
651
|
const extraArgs = getArgumentsForPosition(editor, fileName, lineNumber, columnNumber);
|
|
637
652
|
args.push.apply(args, extraArgs);
|
|
638
653
|
} else args.push(fileName);
|
|
639
|
-
if (
|
|
654
|
+
if (currentChildProcess && isTerminalEditor(editor)) currentChildProcess.kill("SIGKILL");
|
|
640
655
|
if (process.platform === "win32") {
|
|
641
656
|
function escapeCmdArgs(cmdArgs) {
|
|
642
657
|
return cmdArgs.replace(/([&|<>,;=^])/g, "^$1");
|
|
@@ -647,16 +662,16 @@ var import_launch_editor = /* @__PURE__ */ __toESM((/* @__PURE__ */ __commonJSMi
|
|
|
647
662
|
return str;
|
|
648
663
|
}
|
|
649
664
|
const launchCommand = [editor, ...args.map(escapeCmdArgs)].map(doubleQuoteIfNeeded).join(" ");
|
|
650
|
-
|
|
665
|
+
currentChildProcess = childProcess.exec(launchCommand, {
|
|
651
666
|
stdio: "inherit",
|
|
652
667
|
shell: true
|
|
653
668
|
});
|
|
654
|
-
} else
|
|
655
|
-
|
|
656
|
-
|
|
669
|
+
} else currentChildProcess = childProcess.spawn(editor, args, { stdio: "inherit" });
|
|
670
|
+
currentChildProcess.on("exit", function(errorCode) {
|
|
671
|
+
currentChildProcess = null;
|
|
657
672
|
if (errorCode) onErrorCallback(fileName, "(code " + errorCode + ")");
|
|
658
673
|
});
|
|
659
|
-
|
|
674
|
+
currentChildProcess.on("error", function(error) {
|
|
660
675
|
let { code, message } = error;
|
|
661
676
|
if ("ENOENT" === code) message = `${message} ('${editor}' command does not exist in 'PATH')`;
|
|
662
677
|
onErrorCallback(fileName, message);
|
package/dist/node/auth.d.mts
CHANGED
|
@@ -1,64 +1,2 @@
|
|
|
1
|
-
import {
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
//#region src/node/auth/revoke.d.ts
|
|
5
|
-
/**
|
|
6
|
-
* Flip `isTrusted` to false on any live WS clients connected with `token`
|
|
7
|
-
* and broadcast the `auth:revoked` event so they can react.
|
|
8
|
-
*
|
|
9
|
-
* Shared between persisted-auth revocation and remote-dock token revocation.
|
|
10
|
-
*/
|
|
11
|
-
declare function revokeActiveConnectionsForToken(context: DevframeNodeContext, token: string): Promise<void>;
|
|
12
|
-
/**
|
|
13
|
-
* Revoke an auth token: remove from storage and notify all connected clients
|
|
14
|
-
* using this token that they are no longer trusted.
|
|
15
|
-
*/
|
|
16
|
-
declare function revokeAuthToken(context: DevframeNodeContext, storage: SharedState<InternalAnonymousAuthStorage>, token: string): Promise<void>;
|
|
17
|
-
//#endregion
|
|
18
|
-
//#region src/node/auth/state.d.ts
|
|
19
|
-
/**
|
|
20
|
-
* The current one-time authentication code. Display this to the user (e.g. in
|
|
21
|
-
* the dev-server terminal) so they can type it into the browser to authenticate.
|
|
22
|
-
*/
|
|
23
|
-
declare function getTempAuthCode(): string;
|
|
24
|
-
/**
|
|
25
|
-
* Rotate the authentication code, resetting its expiry window and failed-attempt
|
|
26
|
-
* counter. Call this when a new authentication flow begins (e.g. when an
|
|
27
|
-
* untrusted client starts authenticating) so the displayed code is freshly
|
|
28
|
-
* valid for its full TTL.
|
|
29
|
-
*/
|
|
30
|
-
declare function refreshTempAuthCode(): string;
|
|
31
|
-
/**
|
|
32
|
-
* Build a "magic link" authentication URL that embeds a one-time code (OTP) as
|
|
33
|
-
* a query parameter. Opening it authenticates the client without typing — print
|
|
34
|
-
* it on startup (devframe stays headless, so the host prints its own banner).
|
|
35
|
-
* Defaults to the current code; the link is subject to the same TTL.
|
|
36
|
-
*/
|
|
37
|
-
declare function buildOtpAuthUrl(baseUrl: string, code?: string): string;
|
|
38
|
-
/**
|
|
39
|
-
* Re-authenticate a connection that presents a previously-issued bearer token.
|
|
40
|
-
* Returns `true` and marks the session trusted when the token is known.
|
|
41
|
-
*
|
|
42
|
-
* Used by the `devframe:anonymous:auth` handler so a client that already
|
|
43
|
-
* authenticated (token persisted in the browser) is trusted on reconnect
|
|
44
|
-
* without entering the code again.
|
|
45
|
-
*/
|
|
46
|
-
declare function verifyAuthToken(token: string, session: DevframeNodeRpcSession, storage: SharedState<InternalAnonymousAuthStorage>): boolean;
|
|
47
|
-
/**
|
|
48
|
-
* Exchange a one-time authentication code for a fresh, node-issued bearer token.
|
|
49
|
-
*
|
|
50
|
-
* On success this mints a high-entropy token, records it in the trusted store,
|
|
51
|
-
* marks the calling session trusted, rotates the code, and returns the token
|
|
52
|
-
* for the client to persist. Returns `null` on any failure.
|
|
53
|
-
*
|
|
54
|
-
* Because the code is short and human-typed, verification is hardened against
|
|
55
|
-
* brute force: it enforces a time-to-live, compares in constant time, and
|
|
56
|
-
* rotates the code after {@link TEMP_AUTH_MAX_ATTEMPTS} failed attempts so an
|
|
57
|
-
* attacker cannot keep guessing against the same code.
|
|
58
|
-
*/
|
|
59
|
-
declare function exchangeTempAuthCode(code: string, session: DevframeNodeRpcSession, info: {
|
|
60
|
-
ua: string;
|
|
61
|
-
origin: string;
|
|
62
|
-
}, storage: SharedState<InternalAnonymousAuthStorage>): string | null;
|
|
63
|
-
//#endregion
|
|
64
|
-
export { buildOtpAuthUrl, exchangeTempAuthCode, getTempAuthCode, refreshTempAuthCode, revokeActiveConnectionsForToken, revokeAuthToken, verifyAuthToken };
|
|
1
|
+
import { a as verifyAuthToken, c as DevframeAuthHandler, i as refreshTempAuthCode, n as exchangeTempAuthCode, o as revokeActiveConnectionsForToken, r as getTempAuthCode, s as revokeAuthToken, t as buildOtpAuthUrl } from "../index-ByaMT1Xp.mjs";
|
|
2
|
+
export { DevframeAuthHandler, buildOtpAuthUrl, exchangeTempAuthCode, getTempAuthCode, refreshTempAuthCode, revokeActiveConnectionsForToken, revokeAuthToken, verifyAuthToken };
|
package/dist/node/auth.mjs
CHANGED
|
@@ -1,101 +1,3 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { a as
|
|
3
|
-
//#region src/node/auth/state.ts
|
|
4
|
-
/** Number of decimal digits in a human-typed one-time authentication code. */
|
|
5
|
-
const TEMP_AUTH_CODE_LENGTH = 6;
|
|
6
|
-
/**
|
|
7
|
-
* How long an authentication code stays valid after it is (re)generated. A
|
|
8
|
-
* 6-digit code only has ~20 bits of entropy, so a short lifetime plus the
|
|
9
|
-
* attempt cap below are what keep it brute-force resistant.
|
|
10
|
-
*/
|
|
11
|
-
const TEMP_AUTH_CODE_TTL = 5 * 6e4;
|
|
12
|
-
/** Failed attempts allowed against a single code before it is rotated. */
|
|
13
|
-
const TEMP_AUTH_MAX_ATTEMPTS = 5;
|
|
14
|
-
let tempAuthCode = generateTempCode();
|
|
15
|
-
let tempAuthCodeExpiresAt = Date.now() + TEMP_AUTH_CODE_TTL;
|
|
16
|
-
let tempAuthFailedAttempts = 0;
|
|
17
|
-
function generateTempCode() {
|
|
18
|
-
return randomDigits(TEMP_AUTH_CODE_LENGTH);
|
|
19
|
-
}
|
|
20
|
-
/**
|
|
21
|
-
* The current one-time authentication code. Display this to the user (e.g. in
|
|
22
|
-
* the dev-server terminal) so they can type it into the browser to authenticate.
|
|
23
|
-
*/
|
|
24
|
-
function getTempAuthCode() {
|
|
25
|
-
return tempAuthCode;
|
|
26
|
-
}
|
|
27
|
-
/**
|
|
28
|
-
* Rotate the authentication code, resetting its expiry window and failed-attempt
|
|
29
|
-
* counter. Call this when a new authentication flow begins (e.g. when an
|
|
30
|
-
* untrusted client starts authenticating) so the displayed code is freshly
|
|
31
|
-
* valid for its full TTL.
|
|
32
|
-
*/
|
|
33
|
-
function refreshTempAuthCode() {
|
|
34
|
-
tempAuthCode = generateTempCode();
|
|
35
|
-
tempAuthCodeExpiresAt = Date.now() + TEMP_AUTH_CODE_TTL;
|
|
36
|
-
tempAuthFailedAttempts = 0;
|
|
37
|
-
return tempAuthCode;
|
|
38
|
-
}
|
|
39
|
-
/**
|
|
40
|
-
* Build a "magic link" authentication URL that embeds a one-time code (OTP) as
|
|
41
|
-
* a query parameter. Opening it authenticates the client without typing — print
|
|
42
|
-
* it on startup (devframe stays headless, so the host prints its own banner).
|
|
43
|
-
* Defaults to the current code; the link is subject to the same TTL.
|
|
44
|
-
*/
|
|
45
|
-
function buildOtpAuthUrl(baseUrl, code = tempAuthCode) {
|
|
46
|
-
const url = new URL(baseUrl);
|
|
47
|
-
url.searchParams.set(DEVFRAME_OTP_URL_PARAM, code);
|
|
48
|
-
return url.href;
|
|
49
|
-
}
|
|
50
|
-
/**
|
|
51
|
-
* Re-authenticate a connection that presents a previously-issued bearer token.
|
|
52
|
-
* Returns `true` and marks the session trusted when the token is known.
|
|
53
|
-
*
|
|
54
|
-
* Used by the `devframe:anonymous:auth` handler so a client that already
|
|
55
|
-
* authenticated (token persisted in the browser) is trusted on reconnect
|
|
56
|
-
* without entering the code again.
|
|
57
|
-
*/
|
|
58
|
-
function verifyAuthToken(token, session, storage) {
|
|
59
|
-
if (!token || !storage.value().trusted[token]) return false;
|
|
60
|
-
session.meta.clientAuthToken = token;
|
|
61
|
-
session.meta.isTrusted = true;
|
|
62
|
-
return true;
|
|
63
|
-
}
|
|
64
|
-
/**
|
|
65
|
-
* Exchange a one-time authentication code for a fresh, node-issued bearer token.
|
|
66
|
-
*
|
|
67
|
-
* On success this mints a high-entropy token, records it in the trusted store,
|
|
68
|
-
* marks the calling session trusted, rotates the code, and returns the token
|
|
69
|
-
* for the client to persist. Returns `null` on any failure.
|
|
70
|
-
*
|
|
71
|
-
* Because the code is short and human-typed, verification is hardened against
|
|
72
|
-
* brute force: it enforces a time-to-live, compares in constant time, and
|
|
73
|
-
* rotates the code after {@link TEMP_AUTH_MAX_ATTEMPTS} failed attempts so an
|
|
74
|
-
* attacker cannot keep guessing against the same code.
|
|
75
|
-
*/
|
|
76
|
-
function exchangeTempAuthCode(code, session, info, storage) {
|
|
77
|
-
if (Date.now() > tempAuthCodeExpiresAt) {
|
|
78
|
-
refreshTempAuthCode();
|
|
79
|
-
return null;
|
|
80
|
-
}
|
|
81
|
-
if (!timingSafeEqual(code, tempAuthCode)) {
|
|
82
|
-
tempAuthFailedAttempts += 1;
|
|
83
|
-
if (tempAuthFailedAttempts >= TEMP_AUTH_MAX_ATTEMPTS) refreshTempAuthCode();
|
|
84
|
-
return null;
|
|
85
|
-
}
|
|
86
|
-
const authToken = randomToken();
|
|
87
|
-
storage.mutate((state) => {
|
|
88
|
-
state.trusted[authToken] = {
|
|
89
|
-
authToken,
|
|
90
|
-
ua: info.ua,
|
|
91
|
-
origin: info.origin,
|
|
92
|
-
timestamp: Date.now()
|
|
93
|
-
};
|
|
94
|
-
});
|
|
95
|
-
session.meta.clientAuthToken = authToken;
|
|
96
|
-
session.meta.isTrusted = true;
|
|
97
|
-
refreshTempAuthCode();
|
|
98
|
-
return authToken;
|
|
99
|
-
}
|
|
100
|
-
//#endregion
|
|
1
|
+
import { n as revokeAuthToken, t as revokeActiveConnectionsForToken } from "../revoke-BtQDKTp7.mjs";
|
|
2
|
+
import { a as verifyAuthToken, i as refreshTempAuthCode, n as exchangeTempAuthCode, r as getTempAuthCode, t as buildOtpAuthUrl } from "../state-WX3HT5a3.mjs";
|
|
101
3
|
export { buildOtpAuthUrl, exchangeTempAuthCode, getTempAuthCode, refreshTempAuthCode, revokeActiveConnectionsForToken, revokeAuthToken, verifyAuthToken };
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { i as DevframeDeploymentKind, r as DevframeDefinition } from "../devframe-
|
|
2
|
-
import { a as internalContextMap, i as getInternalContext, n as InternalAnonymousAuthStorage, r as RemoteTokenRecord, t as DevframeInternalContext } from "../context-
|
|
1
|
+
import { i as DevframeDeploymentKind, r as DevframeDefinition } from "../devframe-BtVHhmwM.mjs";
|
|
2
|
+
import { a as internalContextMap, i as getInternalContext, n as InternalAnonymousAuthStorage, r as RemoteTokenRecord, t as DevframeInternalContext } from "../context-UX9qUDK7.mjs";
|
|
3
3
|
|
|
4
4
|
//#region src/adapters/_shared.d.ts
|
|
5
5
|
/**
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
import { n as internalContextMap, t as getInternalContext } from "../context-
|
|
1
|
+
import { n as internalContextMap, t as getInternalContext } from "../context-CKJheEtf.mjs";
|
|
2
2
|
import { n as resolveBasePath, t as normalizeBasePath } from "../_shared-bWRzeSa0.mjs";
|
|
3
3
|
export { getInternalContext, internalContextMap, normalizeBasePath, resolveBasePath };
|
package/dist/node/index.d.mts
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { C as RpcStreamingHost, K as DevframeScopedNodeContext, R as SharedState, Y as DevframeSettings, _ as RpcBroadcastOptions, _t as AgentTool, at as DevframeRpcServerFunctions, b as RpcSharedStateHost, bt as DevframeAgentHostEvents, dt as DevframeDiagnosticsLogger, ft as AgentHandle, g as DevframeNodeRpcSession, gt as AgentResourceInput, h as DevframeNodeContext, ht as AgentResourceContent, it as DevframeRpcClientFunctions, mt as AgentResource, pt as AgentManifest, rt as DevframeViewHost$1, st as DevframeHost, ut as DevframeDiagnosticsHost$1, v as RpcFunctionsHost$1, vt as AgentToolInput, xt as EventEmitter, yt as DevframeAgentHost$1 } from "../devframe-BtVHhmwM.mjs";
|
|
2
2
|
import { v as RpcFunctionDefinitionAny } from "../types-DZEx4ffs.mjs";
|
|
3
|
-
import { S as RpcFunctionsCollectorBase } from "../index-
|
|
3
|
+
import { S as RpcFunctionsCollectorBase } from "../index-Dy6GFDRf.mjs";
|
|
4
4
|
import { t as DevframeNodeRpcSessionMeta } from "../ws-server-Bc2wBHl-.mjs";
|
|
5
|
-
import { n as StartedServer, r as startHttpAndWs, t as StartHttpAndWsOptions } from "../server-
|
|
5
|
+
import { n as StartedServer, r as startHttpAndWs, t as StartHttpAndWsOptions } from "../server-Cfr1NrGQ.mjs";
|
|
6
6
|
import { BirpcGroup } from "birpc";
|
|
7
7
|
import { AsyncLocalStorage } from "node:async_hooks";
|
|
8
8
|
|
package/dist/node/index.mjs
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import { t as createStorage } from "../storage-
|
|
2
|
-
import { a as DevframeViewHost, c as createRpcSharedStateServerHost, i as createNodeSettings, l as DevframeDiagnosticsHost, n as createHostContext, o as RpcFunctionsHost, r as createScopedNodeContext, s as createRpcStreamingServerHost, t as createH3DevframeHost, u as DevframeAgentHost } from "../host-h3-
|
|
3
|
-
import { t as startHttpAndWs } from "../server-
|
|
1
|
+
import { t as createStorage } from "../storage-yrUZaiib.mjs";
|
|
2
|
+
import { a as DevframeViewHost, c as createRpcSharedStateServerHost, i as createNodeSettings, l as DevframeDiagnosticsHost, n as createHostContext, o as RpcFunctionsHost, r as createScopedNodeContext, s as createRpcStreamingServerHost, t as createH3DevframeHost, u as DevframeAgentHost } from "../host-h3-Dsf-Tgwx.mjs";
|
|
3
|
+
import { t as startHttpAndWs } from "../server-CAsvfJNK.mjs";
|
|
4
4
|
import { isIP } from "node:net";
|
|
5
5
|
//#region src/node/utils.ts
|
|
6
6
|
function isObject(value) {
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
import { h as DevframeNodeContext } from "../devframe-BtVHhmwM.mjs";
|
|
2
|
+
import { c as DevframeAuthHandler } from "../index-ByaMT1Xp.mjs";
|
|
3
|
+
|
|
4
|
+
//#region src/recipes/interactive-auth.d.ts
|
|
5
|
+
interface CreateInteractiveAuthOptions {
|
|
6
|
+
/**
|
|
7
|
+
* Static, pre-shared bearer tokens that are always trusted — for CI runs
|
|
8
|
+
* or shared machines where the interactive code prompt would only get in
|
|
9
|
+
* the way. Checked in both the handshake handler and the connect-time
|
|
10
|
+
* hook, alongside tokens minted by a real code exchange.
|
|
11
|
+
*/
|
|
12
|
+
clientAuthTokens?: string[];
|
|
13
|
+
/**
|
|
14
|
+
* Print the current code + magic-link URL. Devframe stays headless, so
|
|
15
|
+
* there is no default banner printed automatically — call
|
|
16
|
+
* `auth.printBanner()` yourself once the server is listening. Override
|
|
17
|
+
* this to customize the format; defaults to a small boxed message on
|
|
18
|
+
* stdout.
|
|
19
|
+
*/
|
|
20
|
+
banner?: (info: {
|
|
21
|
+
code: string;
|
|
22
|
+
url: string;
|
|
23
|
+
}) => void;
|
|
24
|
+
/**
|
|
25
|
+
* The base URL the magic link should point at. Defaults to
|
|
26
|
+
* `context.host.resolveOrigin()`.
|
|
27
|
+
*/
|
|
28
|
+
serverUrl?: () => string;
|
|
29
|
+
}
|
|
30
|
+
/**
|
|
31
|
+
* Package the interactive OTP auth protocol devframe's primitives
|
|
32
|
+
* (`exchangeTempAuthCode`, `verifyAuthToken`, `revokeAuthToken`,
|
|
33
|
+
* `getTempAuthCode`, `buildOtpAuthUrl`) implement into a ready-made
|
|
34
|
+
* {@link DevframeAuthHandler} — the handshake RPC functions, the resolver
|
|
35
|
+
* gate, the connect-time trust hook, and the startup banner.
|
|
36
|
+
*
|
|
37
|
+
* The auth storage stays internal to this handler — callers never reach into
|
|
38
|
+
* `devframe/node/hub-internals` themselves.
|
|
39
|
+
*
|
|
40
|
+
* ```ts
|
|
41
|
+
* import { createInteractiveAuth } from 'devframe/recipes/interactive-auth'
|
|
42
|
+
*
|
|
43
|
+
* const auth = createInteractiveAuth(ctx)
|
|
44
|
+
* auth.rpcFunctions.forEach(fn => ctx.rpc.register(fn))
|
|
45
|
+
* auth.printBanner()
|
|
46
|
+
*
|
|
47
|
+
* // wire `auth.authorize` / `auth.onConnect` into your transport, or pass
|
|
48
|
+
* // the whole handler to `startHttpAndWs({ auth, ... })`.
|
|
49
|
+
* ```
|
|
50
|
+
*/
|
|
51
|
+
declare function createInteractiveAuth(context: DevframeNodeContext, options?: CreateInteractiveAuthOptions): DevframeAuthHandler;
|
|
52
|
+
//#endregion
|
|
53
|
+
export { CreateInteractiveAuthOptions, createInteractiveAuth };
|
|
@@ -0,0 +1,132 @@
|
|
|
1
|
+
import { n as colors } from "../diagnostics-reporter-CsIG85Q5.mjs";
|
|
2
|
+
import { isAnonymousRpcMethod } from "../constants.mjs";
|
|
3
|
+
import { n as defineRpcFunction } from "../define-BLWPsH6y.mjs";
|
|
4
|
+
import { t as getInternalContext } from "../context-CKJheEtf.mjs";
|
|
5
|
+
import { a as verifyAuthToken, n as exchangeTempAuthCode, r as getTempAuthCode, t as buildOtpAuthUrl } from "../state-WX3HT5a3.mjs";
|
|
6
|
+
import * as v from "valibot";
|
|
7
|
+
//#region src/recipes/interactive-auth.ts
|
|
8
|
+
function defaultBanner(info) {
|
|
9
|
+
console.log(`\n ${colors.dim("devframe auth code")} ${colors.bold(info.code)}\n ${colors.dim("or open")} ${colors.cyan(info.url)}\n`);
|
|
10
|
+
}
|
|
11
|
+
/**
|
|
12
|
+
* Package the interactive OTP auth protocol devframe's primitives
|
|
13
|
+
* (`exchangeTempAuthCode`, `verifyAuthToken`, `revokeAuthToken`,
|
|
14
|
+
* `getTempAuthCode`, `buildOtpAuthUrl`) implement into a ready-made
|
|
15
|
+
* {@link DevframeAuthHandler} — the handshake RPC functions, the resolver
|
|
16
|
+
* gate, the connect-time trust hook, and the startup banner.
|
|
17
|
+
*
|
|
18
|
+
* The auth storage stays internal to this handler — callers never reach into
|
|
19
|
+
* `devframe/node/hub-internals` themselves.
|
|
20
|
+
*
|
|
21
|
+
* ```ts
|
|
22
|
+
* import { createInteractiveAuth } from 'devframe/recipes/interactive-auth'
|
|
23
|
+
*
|
|
24
|
+
* const auth = createInteractiveAuth(ctx)
|
|
25
|
+
* auth.rpcFunctions.forEach(fn => ctx.rpc.register(fn))
|
|
26
|
+
* auth.printBanner()
|
|
27
|
+
*
|
|
28
|
+
* // wire `auth.authorize` / `auth.onConnect` into your transport, or pass
|
|
29
|
+
* // the whole handler to `startHttpAndWs({ auth, ... })`.
|
|
30
|
+
* ```
|
|
31
|
+
*/
|
|
32
|
+
function createInteractiveAuth(context, options = {}) {
|
|
33
|
+
const internal = getInternalContext(context);
|
|
34
|
+
const storage = internal.storage.auth;
|
|
35
|
+
const staticTokens = new Set(options.clientAuthTokens ?? []);
|
|
36
|
+
function isStaticToken(token) {
|
|
37
|
+
return !!token && staticTokens.has(token);
|
|
38
|
+
}
|
|
39
|
+
function resolveServerUrl() {
|
|
40
|
+
return options.serverUrl?.() ?? context.host.resolveOrigin();
|
|
41
|
+
}
|
|
42
|
+
let bannerPrintedForCode;
|
|
43
|
+
function printBanner() {
|
|
44
|
+
const code = getTempAuthCode();
|
|
45
|
+
if (code === bannerPrintedForCode) return;
|
|
46
|
+
bannerPrintedForCode = code;
|
|
47
|
+
const url = buildOtpAuthUrl(resolveServerUrl(), code);
|
|
48
|
+
(options.banner ?? defaultBanner)({
|
|
49
|
+
code,
|
|
50
|
+
url
|
|
51
|
+
});
|
|
52
|
+
}
|
|
53
|
+
const anonymousAuth = defineRpcFunction({
|
|
54
|
+
name: "anonymous:devframe:auth",
|
|
55
|
+
type: "action",
|
|
56
|
+
jsonSerializable: true,
|
|
57
|
+
args: [v.object({
|
|
58
|
+
authToken: v.string(),
|
|
59
|
+
ua: v.string(),
|
|
60
|
+
origin: v.string()
|
|
61
|
+
})],
|
|
62
|
+
returns: v.object({ isTrusted: v.boolean() }),
|
|
63
|
+
handler(params) {
|
|
64
|
+
const session = context.rpc.getCurrentRpcSession();
|
|
65
|
+
if (!session) return { isTrusted: false };
|
|
66
|
+
if (isStaticToken(params.authToken)) {
|
|
67
|
+
session.meta.clientAuthToken = params.authToken;
|
|
68
|
+
session.meta.isTrusted = true;
|
|
69
|
+
return { isTrusted: true };
|
|
70
|
+
}
|
|
71
|
+
return { isTrusted: verifyAuthToken(params.authToken, session, storage) };
|
|
72
|
+
}
|
|
73
|
+
});
|
|
74
|
+
const anonymousAuthExchange = defineRpcFunction({
|
|
75
|
+
name: "anonymous:devframe:auth:exchange",
|
|
76
|
+
type: "action",
|
|
77
|
+
jsonSerializable: true,
|
|
78
|
+
args: [v.object({
|
|
79
|
+
code: v.string(),
|
|
80
|
+
ua: v.string(),
|
|
81
|
+
origin: v.string()
|
|
82
|
+
})],
|
|
83
|
+
returns: v.object({ authToken: v.nullable(v.string()) }),
|
|
84
|
+
handler(params) {
|
|
85
|
+
const session = context.rpc.getCurrentRpcSession();
|
|
86
|
+
if (!session) return { authToken: null };
|
|
87
|
+
const authToken = exchangeTempAuthCode(params.code, session, params, storage);
|
|
88
|
+
printBanner();
|
|
89
|
+
return { authToken };
|
|
90
|
+
}
|
|
91
|
+
});
|
|
92
|
+
const revoke = defineRpcFunction({
|
|
93
|
+
name: "devframe:auth:revoke",
|
|
94
|
+
type: "action",
|
|
95
|
+
jsonSerializable: true,
|
|
96
|
+
args: [],
|
|
97
|
+
returns: v.void(),
|
|
98
|
+
async handler() {
|
|
99
|
+
const token = context.rpc.getCurrentRpcSession()?.meta.clientAuthToken;
|
|
100
|
+
if (token) await internal.revokeAuthToken(token);
|
|
101
|
+
}
|
|
102
|
+
});
|
|
103
|
+
function authorize(methodName, session) {
|
|
104
|
+
if (isAnonymousRpcMethod(methodName)) return true;
|
|
105
|
+
return !!session.meta.isTrusted;
|
|
106
|
+
}
|
|
107
|
+
function onConnect(peer, session) {
|
|
108
|
+
let token;
|
|
109
|
+
try {
|
|
110
|
+
token = new URL(peer.request?.url ?? "", "http://localhost").searchParams.get("devframe_auth_token") ?? void 0;
|
|
111
|
+
} catch {}
|
|
112
|
+
if (!token) return;
|
|
113
|
+
if (isStaticToken(token)) {
|
|
114
|
+
session.meta.clientAuthToken = token;
|
|
115
|
+
session.meta.isTrusted = true;
|
|
116
|
+
return;
|
|
117
|
+
}
|
|
118
|
+
verifyAuthToken(token, session, storage);
|
|
119
|
+
}
|
|
120
|
+
return {
|
|
121
|
+
rpcFunctions: [
|
|
122
|
+
anonymousAuth,
|
|
123
|
+
anonymousAuthExchange,
|
|
124
|
+
revoke
|
|
125
|
+
],
|
|
126
|
+
authorize,
|
|
127
|
+
onConnect,
|
|
128
|
+
printBanner
|
|
129
|
+
};
|
|
130
|
+
}
|
|
131
|
+
//#endregion
|
|
132
|
+
export { createInteractiveAuth };
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import { t as launchEditor } from "../launch-editor-
|
|
1
|
+
import { t as launchEditor } from "../launch-editor-DIzaS5EG.mjs";
|
|
2
2
|
import { n as defineRpcFunction } from "../define-BLWPsH6y.mjs";
|
|
3
|
-
import { t as open } from "../open-
|
|
3
|
+
import { t as open } from "../open-Deb5xmIT.mjs";
|
|
4
4
|
import * as v from "valibot";
|
|
5
5
|
//#region src/recipes/open-helpers.ts
|
|
6
6
|
/**
|
|
@@ -19,7 +19,7 @@ function randomToken(byteLength = 16) {
|
|
|
19
19
|
*/
|
|
20
20
|
function randomDigits(length) {
|
|
21
21
|
const limit = 250;
|
|
22
|
-
const buf = new Uint8Array(1);
|
|
22
|
+
const buf = /* @__PURE__ */ new Uint8Array(1);
|
|
23
23
|
let out = "";
|
|
24
24
|
while (out.length < length) {
|
|
25
25
|
globalThis.crypto.getRandomValues(buf);
|
package/dist/rpc/dump.mjs
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import { a as dumpFunctions, c as serializeDumpError, i as createClientFromDump, o as getDefinitionsWithDumps, s as reviveDumpError, t as collectStaticRpcDump } from "../dump-
|
|
1
|
+
import { a as dumpFunctions, c as serializeDumpError, i as createClientFromDump, o as getDefinitionsWithDumps, s as reviveDumpError, t as collectStaticRpcDump } from "../dump-D09PZb7T.mjs";
|
|
2
2
|
export { collectStaticRpcDump, createClientFromDump, dumpFunctions, getDefinitionsWithDumps, reviveDumpError, serializeDumpError };
|