npm - fetchguard - Versions diffs - 1.0.0 - Mend

fetchguard 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/worker.js ADDED Viewed

@@ -0,0 +1,587 @@
+// src/worker.ts
+import { ok as ok2, err as err2 } from "ts-micro-result";
+// src/messages.ts
+var MSG = Object.freeze({
+  ...Object.fromEntries(
+    Object.keys({}).map((k) => [k, k])
+  ),
+  ...Object.fromEntries(
+    Object.keys({}).map((k) => [k, k])
+  )
+});
+// src/constants.ts
+var DEFAULT_REFRESH_EARLY_MS = 6e4;
+// src/errors.ts
+import { defineError, defineErrorAdvanced } from "ts-micro-result";
+var GeneralErrors = {
+  Unexpected: defineError("UNEXPECTED", "Unexpected error", 500),
+  UnknownMessage: defineError("UNKNOWN_MESSAGE", "Unknown message type", 400),
+  ResultParse: defineError("RESULT_PARSE_ERROR", "Failed to parse result", 500)
+};
+var InitErrors = {
+  NotInitialized: defineError("INIT_ERROR", "Worker not initialized", 500),
+  ProviderInitFailed: defineError("PROVIDER_INIT_FAILED", "Failed to initialize provider", 500),
+  InitFailed: defineError("INIT_FAILED", "Initialization failed", 500)
+};
+var AuthErrors = {
+  TokenRefreshFailed: defineError("TOKEN_REFRESH_FAILED", "Token refresh failed", 401),
+  LoginFailed: defineError("LOGIN_FAILED", "Login failed", 401),
+  LogoutFailed: defineError("LOGOUT_FAILED", "Logout failed", 500),
+  NotAuthenticated: defineError("NOT_AUTHENTICATED", "User is not authenticated", 401)
+};
+var DomainErrors = {
+  NotAllowed: defineErrorAdvanced("DOMAIN_NOT_ALLOWED", "Domain not allowed: {url}", 403)
+};
+var NetworkErrors = {
+  NetworkError: defineError("NETWORK_ERROR", "Network error", 500),
+  HttpError: defineError("HTTP_ERROR", "HTTP error", 500),
+  FetchError: defineError("FETCH_ERROR", "Fetch error", 500)
+};
+var RequestErrors = {
+  Cancelled: defineError("REQUEST_CANCELLED", "Request was cancelled", 499),
+  Timeout: defineError("REQUEST_TIMEOUT", "Request timeout", 408)
+};
+// src/worker-post.ts
+function post(message) {
+  ;
+  self.postMessage(message);
+}
+function sendResult(id, result) {
+  post({
+    type: MSG.RESULT,
+    id,
+    payload: { result: result.toJSON() }
+  });
+}
+function sendFetchResult(id, status, body, headers) {
+  post({
+    type: MSG.FETCH_RESULT,
+    id,
+    payload: headers ? { status, body, headers } : { status, body }
+  });
+}
+function sendFetchError(id, error, status) {
+  post({
+    type: MSG.FETCH_ERROR,
+    id,
+    payload: { error, status }
+  });
+}
+function sendReady() {
+  post({
+    type: MSG.READY,
+    id: `evt_${Date.now()}`
+  });
+}
+function sendPong(id, timestamp) {
+  post({
+    type: MSG.PONG,
+    id,
+    payload: { timestamp }
+  });
+}
+function sendAuthStateChanged(authenticated, expiresAt, user) {
+  post({
+    type: MSG.AUTH_STATE_CHANGED,
+    id: `evt_${Date.now()}`,
+    payload: { authenticated, expiresAt, user }
+  });
+}
+// src/utils/registry.ts
+var registry = /* @__PURE__ */ new Map();
+function getProvider(name) {
+  const provider = registry.get(name);
+  if (!provider) {
+    throw new Error(`Provider '${name}' not found. Available providers: ${Array.from(registry.keys()).join(", ")}`);
+  }
+  return provider;
+}
+// src/provider/create-provider.ts
+import { ok, err } from "ts-micro-result";
+function createProvider(config) {
+  const baseProvider = {
+    async refreshToken(refreshToken) {
+      let currentRefreshToken = refreshToken;
+      if (currentRefreshToken === null && config.refreshStorage) {
+        currentRefreshToken = await config.refreshStorage.get();
+      }
+      try {
+        const response = await config.strategy.refresh(currentRefreshToken);
+        if (!response.ok) {
+          return err(AuthErrors.TokenRefreshFailed({ message: `HTTP ${response.status}` }));
+        }
+        const tokenInfo = await config.parser.parse(response);
+        if (!tokenInfo.token) {
+          return err(AuthErrors.TokenRefreshFailed({ message: "No access token in response" }));
+        }
+        if (config.refreshStorage && tokenInfo.refreshToken) {
+          await config.refreshStorage.set(tokenInfo.refreshToken);
+        }
+        return ok(tokenInfo);
+      } catch (error) {
+        return err(NetworkErrors.NetworkError({ message: String(error) }));
+      }
+    },
+    async login(payload) {
+      try {
+        const response = await config.strategy.login(payload);
+        if (!response.ok) {
+          return err(AuthErrors.LoginFailed({ message: `HTTP ${response.status}` }));
+        }
+        const tokenInfo = await config.parser.parse(response);
+        if (!tokenInfo.token) {
+          return err(AuthErrors.LoginFailed({ message: "No access token in response" }));
+        }
+        if (config.refreshStorage && tokenInfo.refreshToken) {
+          await config.refreshStorage.set(tokenInfo.refreshToken);
+        }
+        return ok(tokenInfo);
+      } catch (error) {
+        return err(NetworkErrors.NetworkError({ message: String(error) }));
+      }
+    },
+    async logout(payload) {
+      try {
+        const response = await config.strategy.logout(payload);
+        if (!response.ok) {
+          return err(AuthErrors.LogoutFailed({ message: `HTTP ${response.status}` }));
+        }
+        if (config.refreshStorage) {
+          await config.refreshStorage.set(null);
+        }
+        return ok({
+          token: "",
+          refreshToken: void 0,
+          expiresAt: void 0,
+          user: void 0
+        });
+      } catch (error) {
+        return err(NetworkErrors.NetworkError({ message: String(error) }));
+      }
+    }
+  };
+  if (config.customMethods) {
+    return {
+      ...baseProvider,
+      ...config.customMethods
+    };
+  }
+  return baseProvider;
+}
+// src/provider/storage/indexeddb.ts
+function createIndexedDBStorage(dbName = "FetchGuardDB", refreshTokenKey = "refreshToken") {
+  const storeName = "tokens";
+  const openDB = () => {
+    return new Promise((resolve, reject) => {
+      const request = indexedDB.open(dbName, 1);
+      request.onerror = () => reject(request.error);
+      request.onsuccess = () => resolve(request.result);
+      request.onupgradeneeded = (event) => {
+        const db = event.target.result;
+        if (!db.objectStoreNames.contains(storeName)) {
+          const store = db.createObjectStore(storeName, { keyPath: "key" });
+          store.createIndex("timestamp", "timestamp", { unique: false });
+        }
+      };
+    });
+  };
+  const promisifyRequest = (request) => {
+    return new Promise((resolve, reject) => {
+      request.onsuccess = () => resolve(request.result);
+      request.onerror = () => reject(request.error);
+    });
+  };
+  return {
+    async get() {
+      try {
+        const db = await openDB();
+        const transaction = db.transaction([storeName], "readonly");
+        const store = transaction.objectStore(storeName);
+        const result = await promisifyRequest(store.get(refreshTokenKey));
+        return result?.value || null;
+      } catch (error) {
+        console.warn("Failed to get refresh token from IndexedDB:", error);
+        return null;
+      }
+    },
+    async set(token) {
+      try {
+        const db = await openDB();
+        const transaction = db.transaction([storeName], "readwrite");
+        const store = transaction.objectStore(storeName);
+        if (token) {
+          await promisifyRequest(store.put({ key: refreshTokenKey, value: token, timestamp: Date.now() }));
+        } else {
+          await promisifyRequest(store.delete(refreshTokenKey));
+        }
+      } catch (error) {
+        console.warn("Failed to save refresh token to IndexedDB:", error);
+      }
+    }
+  };
+}
+// src/provider/parser/body.ts
+var bodyParser = {
+  async parse(response) {
+    const json = await response.clone().json();
+    return {
+      token: json.data.accessToken,
+      refreshToken: json.data.refreshToken,
+      expiresAt: json.data.expiresAt,
+      user: json.data.user
+    };
+  }
+};
+// src/provider/parser/cookie.ts
+var cookieParser = {
+  async parse(response) {
+    const json = await response.clone().json();
+    return {
+      token: json.data.accessToken,
+      expiresAt: json.data.expiresAt,
+      user: json.data.user
+    };
+  }
+};
+// src/provider/strategy/cookie.ts
+function createCookieStrategy(config) {
+  return {
+    async refresh() {
+      return fetch(config.refreshUrl, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        credentials: "include"
+      });
+    },
+    async login(payload) {
+      return fetch(config.loginUrl, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify(payload),
+        credentials: "include"
+      });
+    },
+    async logout(payload) {
+      return fetch(config.logoutUrl, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: payload ? JSON.stringify(payload) : void 0,
+        credentials: "include"
+      });
+    }
+  };
+}
+var cookieStrategy = createCookieStrategy({
+  refreshUrl: "/auth/refresh",
+  loginUrl: "/auth/login",
+  logoutUrl: "/auth/logout"
+});
+// src/provider/strategy/body.ts
+function createBodyStrategy(config) {
+  return {
+    async refresh(refreshToken) {
+      if (!refreshToken) {
+        throw new Error("No refresh token available");
+      }
+      return fetch(config.refreshUrl, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ refreshToken }),
+        credentials: "include"
+      });
+    },
+    async login(payload) {
+      return fetch(config.loginUrl, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify(payload),
+        credentials: "include"
+      });
+    },
+    async logout(payload) {
+      return fetch(config.logoutUrl, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: payload ? JSON.stringify(payload) : void 0,
+        credentials: "include"
+      });
+    }
+  };
+}
+var bodyStrategy = createBodyStrategy({
+  refreshUrl: "/auth/refresh",
+  loginUrl: "/auth/login",
+  logoutUrl: "/auth/logout"
+});
+// src/provider/presets.ts
+function createCookieProvider(config) {
+  return createProvider({
+    refreshStorage: void 0,
+    parser: cookieParser,
+    strategy: createCookieStrategy(config)
+  });
+}
+function createBodyProvider(config) {
+  return createProvider({
+    refreshStorage: createIndexedDBStorage("FetchGuardDB", config.refreshTokenKey || "refreshToken"),
+    parser: bodyParser,
+    strategy: createBodyStrategy(config)
+  });
+}
+// src/provider/register-presets.ts
+function buildProviderFromPreset(config) {
+  switch (config.type) {
+    case "cookie-auth":
+      return createCookieProvider({
+        refreshUrl: config.refreshUrl,
+        loginUrl: config.loginUrl,
+        logoutUrl: config.logoutUrl
+      });
+    case "body-auth":
+      return createBodyProvider({
+        refreshUrl: config.refreshUrl,
+        loginUrl: config.loginUrl,
+        logoutUrl: config.logoutUrl,
+        refreshTokenKey: config.refreshTokenKey
+      });
+    default:
+      throw new Error(`Unknown provider type: ${config.type}`);
+  }
+}
+// src/worker.ts
+(function() {
+  let config = null;
+  let provider = null;
+  let accessToken = null;
+  let refreshToken = null;
+  let expiresAt = null;
+  let currentUser;
+  const pendingControllers = /* @__PURE__ */ new Map();
+  let refreshPromise = null;
+  async function ensureValidToken() {
+    if (accessToken && expiresAt) {
+      const refreshEarlyMs = config?.refreshEarlyMs ?? DEFAULT_REFRESH_EARLY_MS;
+      const timeLeft = expiresAt - Date.now();
+      if (timeLeft > refreshEarlyMs) {
+        return ok2(accessToken);
+      }
+    }
+    if (refreshPromise) {
+      await refreshPromise;
+      return ok2(accessToken);
+    }
+    refreshPromise = (async () => {
+      try {
+        const valueRes = await provider.refreshToken(refreshToken);
+        if (valueRes.isError()) {
+          setTokenState({ token: null, expiresAt: null, user: void 0, refreshToken: void 0 });
+          return;
+        }
+        const tokenInfo = valueRes.data;
+        setTokenState(tokenInfo);
+      } finally {
+        refreshPromise = null;
+      }
+    })();
+    await refreshPromise;
+    return ok2(accessToken);
+  }
+  function validateDomain(url) {
+    if (!config?.allowedDomains?.length) {
+      return true;
+    }
+    try {
+      const urlObj = new URL(url);
+      const hostname = urlObj.hostname;
+      const port = urlObj.port;
+      for (const entry of config.allowedDomains) {
+        const idx = entry.lastIndexOf(":");
+        const hasPort = idx > -1 && entry.indexOf(":") === idx;
+        const pattern = hasPort ? entry.slice(0, idx) : entry;
+        const entryPort = hasPort ? entry.slice(idx + 1) : "";
+        const isWildcard = pattern.startsWith("*.");
+        const base = isWildcard ? pattern.slice(2) : pattern;
+        const hostnameMatch = isWildcard ? hostname === base || hostname.endsWith("." + base) : hostname === base;
+        if (!hostnameMatch) continue;
+        if (hasPort) {
+          if (port === entryPort) return true;
+          continue;
+        }
+        return true;
+      }
+      return false;
+    } catch {
+      return false;
+    }
+  }
+  async function makeApiRequest(url, options = {}) {
+    if (!config) {
+      return err2(InitErrors.NotInitialized());
+    }
+    if (!validateDomain(url)) {
+      return err2(DomainErrors.NotAllowed({ url }));
+    }
+    const requiresAuth = options.requiresAuth !== false;
+    const includeHeaders = options.includeHeaders === true;
+    const fetchOptions = { ...options };
+    delete fetchOptions.requiresAuth;
+    delete fetchOptions.includeHeaders;
+    const headers = {
+      ...fetchOptions.headers || {}
+    };
+    if (!headers["Content-Type"] && !headers["content-type"] && fetchOptions.body) {
+      if (typeof fetchOptions.body === "object" && !(fetchOptions.body instanceof FormData) && !(fetchOptions.body instanceof URLSearchParams)) {
+        headers["Content-Type"] = "application/json";
+      }
+    }
+    if (requiresAuth) {
+      const tokenRes = await ensureValidToken();
+      if (tokenRes.isError()) return tokenRes;
+      const token = tokenRes.data;
+      if (token) {
+        headers["Authorization"] = `Bearer ${token}`;
+      }
+    }
+    let response = null;
+    let networkErr = null;
+    response = await fetch(url, { ...fetchOptions, headers, credentials: "include" }).catch((e) => {
+      const aborted = e && e.name === "AbortError";
+      networkErr = aborted ? err2(RequestErrors.Cancelled()) : err2(NetworkErrors.NetworkError({ message: String(e) }));
+      return null;
+    });
+    if (!response) return networkErr ?? err2(NetworkErrors.NetworkError({ message: "Unknown network error" }));
+    const body = await response.text();
+    let responseHeaders;
+    if (includeHeaders) {
+      responseHeaders = {};
+      response.headers.forEach((value, key) => {
+        responseHeaders[key] = value;
+      });
+    }
+    return response.ok ? ok2({ body, status: response.status, headers: responseHeaders }) : err2(NetworkErrors.HttpError({ message: `HTTP ${response.status}: ${body}` }));
+  }
+  function setTokenState(tokenInfo) {
+    accessToken = tokenInfo.token;
+    expiresAt = tokenInfo.expiresAt ?? null;
+    currentUser = tokenInfo.user;
+    refreshToken = tokenInfo.refreshToken ?? null;
+    postAuthChanged();
+  }
+  function postAuthChanged() {
+    const now = Date.now();
+    const authenticated = accessToken !== null && accessToken !== "" && (expiresAt === null || expiresAt > now);
+    sendAuthStateChanged(authenticated, expiresAt, currentUser);
+  }
+  self.onmessage = async (event) => {
+    const data = event.data;
+    switch (data.type) {
+      case MSG.SETUP: {
+        try {
+          const payload = data.payload;
+          config = payload.config;
+          const providerConfig = payload.providerConfig;
+          if (typeof providerConfig === "string") {
+            provider = getProvider(providerConfig);
+          } else if (providerConfig && typeof providerConfig === "object" && "type" in providerConfig) {
+            provider = buildProviderFromPreset(providerConfig);
+          } else {
+            throw new Error("Invalid provider config");
+          }
+          sendReady();
+        } catch (error) {
+          console.error("[FetchGuard Worker] Setup failed:", error);
+        }
+        break;
+      }
+      case MSG.FETCH: {
+        const { id } = data;
+        try {
+          const { url, options } = data.payload;
+          const controller = new AbortController();
+          pendingControllers.set(id, controller);
+          const merged = { ...options || {}, signal: controller.signal };
+          const result = await makeApiRequest(url, merged);
+          if (result.isOk()) {
+            const response = result.data;
+            sendFetchResult(id, response.status, response.body, response.headers);
+          } else {
+            const error = result.errors?.[0];
+            const message = error?.message || "Unknown error";
+            const status = result.status;
+            sendFetchError(id, message, status);
+          }
+          pendingControllers.delete(id);
+        } catch (error) {
+          pendingControllers.delete(id);
+          sendFetchError(id, error instanceof Error ? error.message : String(error), void 0);
+        }
+        break;
+      }
+      case MSG.AUTH_CALL: {
+        const { id, payload } = data;
+        try {
+          const { method, args } = payload;
+          if (typeof provider[method] !== "function") {
+            sendResult(id, err2(GeneralErrors.Unexpected({ message: `Method '${method}' not found on provider` })));
+            break;
+          }
+          const result = await provider[method](...args);
+          if (result.isError()) {
+            sendResult(id, result);
+            break;
+          }
+          const tokenInfo = result.data;
+          setTokenState(tokenInfo);
+          sendResult(id, ok2(void 0));
+        } catch (error) {
+          sendResult(id, err2(GeneralErrors.Unexpected({ message: error instanceof Error ? error.message : String(error) })));
+        }
+        break;
+      }
+      case MSG.CANCEL: {
+        try {
+          const { id } = data;
+          const controller = pendingControllers.get(id);
+          if (controller) {
+            controller.abort();
+            pendingControllers.delete(id);
+          }
+        } catch (error) {
+          if (config?.debug) {
+            console.error("CANCEL error:", error);
+          }
+        }
+        break;
+      }
+      case MSG.PING: {
+        const { id } = data;
+        try {
+          const ts = data.payload?.timestamp ?? Date.now();
+          sendPong(id, ts);
+        } catch (error) {
+          sendResult(id, err2(GeneralErrors.Unexpected({ message: error instanceof Error ? error.message : String(error) })));
+        }
+        break;
+      }
+      default: {
+        const anyData = data;
+        sendResult(anyData.id, err2(GeneralErrors.UnknownMessage({ message: `Unknown message type: ${String(anyData.type)}` })));
+      }
+    }
+  };
+})();
+//# sourceMappingURL=worker.js.map