npm - guacamole-connection-fetch - Versions diffs - 1.0.0 - Mend

guacamole-connection-fetch 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,48 @@
+# guacamole-connection-fetch
+Isomorphic Guacamole token generation and connection helper for [encrypted JSON authentication](https://guacamole.apache.org/doc/gug/json-auth.html), written in vanilla JS. For use in Node.js, Cloudflare Workers, web browsers, or serverless environments
+Requires the Fetch API (e.g. `fetch(request)`) to be available
+## Usage
+```js
+import { GuacamoleUserConnection } from "guacamole-connection-fetch"
+/**
+  makes request to '/api/tokens' via fetch()
+*/
+async function interceptApiTokensRequest (request) {
+  // properly formed, minified JSON string as described in https://github.com/ridvanaltun/guacamole-rest-api-documentation/blob/master/docs/AUTHENTICATION.md#post-apitokens
+  const conns = {"Ubuntu origin 10.91.0.101":{"protocol":"ssh","parameters":{"dest-port":"22","hostname":"10.91.0.101","username":"UBUNTU_USERNAME","password":"UBUNTU_PASSWORD"}},"Win11 client 10.90.0.103":{"protocol":"rdp","parameters":{"ignore-cert":"true","enable-wallpaper":"true","security":"nla","username":"WINDOWS_USERNAME","password":"WINDOWS_PASSWORD","hostname":"10.90.0.103","dpi":"96","enable-font-smoothing":"true","enable-desktop-composition":"true","enable-menu-animations":"true","port":"3389"}}}
+  const res =  await new GuacamoleUserConnection({
+    req: new Request("/api/tokens", request),
+    secretKey: GUAC_JSON_SECRET_KEY,
+    conns,
+    username: USER_EMAIL,
+    expires: 1990964469612,
+    headers: new Headers({
+      "Content-Type": "application/json",
+      // if using Cloudflare Access, pass these:
+      "cf-access-client-id": CF_ACCESS_SERVICE_TOKEN_CLIENT_ID,
+      "cf-access-client-secret": CF_ACCESS_SERVICE_TOKEN_CLIENT_SECRET,
+      ...request.headers,
+    }),
+  }).retrieveToken();
+  return new Response(res.body, res);
+}
+interceptApiTokensRequest(request);
+```
+## Installation
+```bash
+npm install guacamole-connection --save-dev
+# or
+pnpm add guacamole-connection
+# or
+yarn add guacamole-connection
+```

package/dist/index.d.mts ADDED Viewed

@@ -0,0 +1,3 @@
+declare const GuacamoleUserConnection: any;
+export { GuacamoleUserConnection };

package/dist/index.mjs ADDED Viewed

@@ -0,0 +1,130 @@
+// src/index.ts
+var str2ab = (str) => Uint8Array.from(str, (x) => x.charCodeAt(0));
+var ab2str = (buf) => String.fromCharCode(...new Uint8Array(buf));
+var Auth = function(secretKey, jsonMsg) {
+  const auth = {
+    secretKey,
+    jsonMsg,
+    set key(val) {
+      this.secretKey = val;
+    },
+    /**
+     * Converts a UTF-8 "hex" string to an array buffer suitable for here
+     * in SubtleCrypto
+     */
+    get key() {
+      return new Uint8Array(
+        this.secretKey.match(/[\da-f]{2}/gi).map((h) => parseInt(h, 16))
+      );
+    },
+    /**
+     * @params jsonMsg - a standard Guacamole encrypted JSON object
+     * https://guacamole.apache.org/doc/gug/json-auth.html#json-format
+     */
+    async createHmac(jsonMsg2) {
+      const key = await crypto.subtle.importKey(
+        "raw",
+        this.key,
+        { name: "HMAC", hash: "SHA-256" },
+        false,
+        ["sign"]
+      );
+      const mac = await crypto.subtle.sign(
+        "HMAC",
+        key,
+        new TextEncoder().encode(jsonMsg2)
+      );
+      return ab2str(mac);
+    },
+    /**
+     * @params sig - the result of the HMAC signature
+     * @params authString - the plaintext JSON value
+     *
+     * Returns encrypts the concatenated result of sig + authString with AES-128-CBC
+     */
+    async encryptMessage(sig, authString) {
+      const prependedSig = str2ab(sig + authString);
+      const key = await crypto.subtle.importKey("raw", this.key, "AES-CBC", true, [
+        "encrypt",
+        "decrypt"
+      ]);
+      const ivBin = new ArrayBuffer(16);
+      const cipher = await crypto.subtle.encrypt(
+        { name: "AES-CBC", iv: ivBin },
+        key,
+        prependedSig
+      );
+      const cipherStr = ab2str(cipher);
+      return btoa(cipherStr);
+    },
+    async createToken() {
+      const signature = await this.createHmac(this.jsonMsg);
+      const encryptedSignature = await this.encryptMessage(signature, this.jsonMsg);
+      const encryptedSignatureEncoded = encodeURIComponent(encryptedSignature);
+      return encryptedSignatureEncoded;
+    }
+  };
+  return auth;
+};
+Object.create(Auth.prototype);
+Auth.prototype.constructor = Auth.prototype;
+var GuacamoleUserConnection = function(args) {
+  const {
+    req,
+    secretKey,
+    conns,
+    username,
+    expires = 1990964469612,
+    headers
+  } = args;
+  this.request = req;
+  this.expires = expires;
+  this.headers;
+  this.env = typeof secretKey === "string" ? { GUAC_JSON_SECRET_KEY: secretKey } : secretKey;
+  this.username = username ? username : req.headers.has("cf-access-authenticated-user-email") ? req.headers.get("cf-access-authenticated-user-email") : this.env.LOCAL_USER ? this.env.LOCAL_USER : "user@example.com";
+  this.url = new URL(req.url);
+  this.conns = {};
+  const parsedConns = typeof conns === "string" ? JSON.parse(conns) : conns;
+  for (const name of Object.keys(parsedConns)) {
+    this.conns[name] = {
+      protocol: parsedConns[name]["protocol"],
+      parameters: parsedConns[name]["parameters"]
+    };
+  }
+  this.authString = {
+    expires: this.expires,
+    username: this.username,
+    connections: this.conns
+  };
+  this.authenticatedGuacConnection = {};
+  this.auth = new Auth(
+    this.env.GUAC_JSON_SECRET_KEY,
+    JSON.stringify(this.authString)
+  );
+  this.expiration = new Date(this.expires).toLocaleDateString();
+  this.params = new URLSearchParams();
+  this.headers = new Headers(headers);
+  new Headers(this.request.headers).forEach((value, key) => {
+    this.headers.append(key, value);
+  });
+};
+GuacamoleUserConnection.prototype = Object.create(GuacamoleUserConnection.prototype);
+GuacamoleUserConnection.prototype.constructor = GuacamoleUserConnection;
+GuacamoleUserConnection.prototype.retrieveToken = async function() {
+  this.authenticatedGuacConnection = await this.auth.createToken();
+  if (this.request.url.includes("/api/tokens")) {
+    return fetch(this.request.url, {
+      headers: this.headers,
+      method: this.request.method,
+      body: new URLSearchParams(`data=${await this.authenticatedGuacConnection}`)
+    });
+  }
+  this.params.set("token", `${await this.authenticatedGuacConnection}`);
+  this.params.set("expiration", new Date(this.expires).toLocaleDateString());
+  this.url = new URL(this.request.url);
+  return fetch(this.url, this.request);
+};
+export {
+  GuacamoleUserConnection
+};
+//# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/index.ts"],"sourcesContent":["/* String to ArrayBuffer */\nconst str2ab = (str: string): ArrayBufferView<ArrayBuffer> =>\n Uint8Array.from(str, (x) => x.charCodeAt(0));\n\n/* ArrayBuffer to String */\nconst ab2str = (buf: ArrayBuffer): string =>\n String.fromCharCode(...new Uint8Array(buf));\n\ninterface Env {\n GUAC_JSON_SECRET_KEY: string;\n LOCAL_USER?: string;\n}\n\ninterface GuacConnection {\n protocol: string;\n parameters: Record<string, string>;\n}\n\ntype GuacConnections = Record<string, GuacConnection>;\n\nconst Auth = function (secretKey: string, jsonMsg: string) {\n // if (typeof jsonMsg !== 'string') jsonMsg = JSON.stringify(jsonMsg);\n const auth = {\n secretKey,\n jsonMsg,\n\n set key(val: string) {\n this.secretKey = val;\n },\n\n /**\n * Converts a UTF-8 \"hex\" string to an array buffer suitable for here\n * in SubtleCrypto\n */\n get key(): Uint8Array {\n return new Uint8Array(\n this.secretKey.match(/[\\da-f]{2}/gi)!.map((h) => parseInt(h, 16))\n );\n },\n\n /**\n * @params jsonMsg - a standard Guacamole encrypted JSON object\n * https://guacamole.apache.org/doc/gug/json-auth.html#json-format\n */\n async createHmac(jsonMsg: string): Promise<string> {\n const key = await crypto.subtle.importKey(\n \"raw\",\n this.key,\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"]\n );\n\n const mac = await crypto.subtle.sign(\n \"HMAC\",\n key,\n new TextEncoder().encode(jsonMsg)\n );\n return ab2str(mac);\n },\n\n /**\n * @params sig - the result of the HMAC signature\n * @params authString - the plaintext JSON value\n *\n * Returns encrypts the concatenated result of sig + authString with AES-128-CBC\n */\n async encryptMessage(sig: string, authString: string): Promise<string> {\n const prependedSig = str2ab(sig + authString);\n const key = await crypto.subtle.importKey(\"raw\", this.key, \"AES-CBC\", true, [\n \"encrypt\",\n \"decrypt\",\n ]);\n const ivBin = new ArrayBuffer(16);\n const cipher = await crypto.subtle.encrypt(\n { name: \"AES-CBC\", iv: ivBin },\n key,\n prependedSig\n );\n const cipherStr = ab2str(cipher);\n return btoa(cipherStr);\n },\n\n async createToken(): Promise<string> {\n const signature = await this.createHmac(this.jsonMsg);\n const encryptedSignature = await this.encryptMessage(signature, this.jsonMsg);\n const encryptedSignatureEncoded = encodeURIComponent(encryptedSignature);\n return encryptedSignatureEncoded\n },\n };\n return auth;\n};\n\nObject.create(Auth.prototype);\nAuth.prototype.constructor = Auth.prototype;\n\n/**\n * @params request - the request object passed by CF workers\n * @params env - the env object passed by CF workers\n * @params conns - a 'connection' object or array of 'connection' objects conforming to\n * Guacamole's JSON spec: https://guacamole.apache.org/doc/gug/json-auth.html#json-format\n * @params expires - the number of days until token expires\n *\n * Returns a minified JSON string suitable for signing and encryption\n */\n// Create a constructor function\ninterface UserConnectionArgs {\n req: Request;\n secretKey: Env | string;\n conns: string | GuacConnections;\n username?: string;\n expires?: number;\n headers?: Headers;\n}\nconst GuacamoleUserConnection = function (this: any, args: UserConnectionArgs) {\n const {\n req,\n secretKey,\n conns,\n username,\n expires = 1990964469612,\n headers,\n } = args;\n\n this.request = req;\n this.expires = expires;\n this.headers \n this.env =\n typeof secretKey === \"string\"\n ? { GUAC_JSON_SECRET_KEY: secretKey }\n : secretKey;\n this.username = username\n ? username\n : req.headers.has(\"cf-access-authenticated-user-email\")\n ? (req.headers.get(\"cf-access-authenticated-user-email\") as string)\n : this.env.LOCAL_USER\n ? this.env.LOCAL_USER\n : \"user@example.com\";\n\n this.url = new URL(req.url);\n\n this.conns = {};\n\n const parsedConns: GuacConnections =\n typeof conns === \"string\" ? (JSON.parse(conns) as GuacConnections) : conns;\n\n for (const name of Object.keys(parsedConns)) {\n this.conns[name] = {\n protocol: parsedConns[name][\"protocol\"],\n parameters: parsedConns[name][\"parameters\"],\n };\n }\n\n this.authString = {\n expires: this.expires,\n username: this.username,\n connections: this.conns,\n };\n\n this.authenticatedGuacConnection = {};\n\n this.auth = new (Auth as any)(\n this.env.GUAC_JSON_SECRET_KEY,\n JSON.stringify(this.authString)\n );\n this.expiration = new Date(this.expires).toLocaleDateString();\n this.params = new URLSearchParams();\n this.headers = new Headers(headers)\n new Headers(this.request.headers).forEach((value, key) => {\n this.headers.append(key, value);\n });\n} as any;\n\nGuacamoleUserConnection.prototype = Object.create(GuacamoleUserConnection.prototype);\nGuacamoleUserConnection.prototype.constructor = GuacamoleUserConnection;\n\nGuacamoleUserConnection.prototype.retrieveToken = async function () {\n\n this.authenticatedGuacConnection = await this.auth.createToken();\n if (this.request.url.includes(\"/api/tokens\")) {\n return fetch(this.request.url, {\n headers: this.headers,\n method: this.request.method,\n body: new URLSearchParams(`data=${await this.authenticatedGuacConnection}`),\n });\n }\n this.params.set(\"token\", `${await this.authenticatedGuacConnection}`);\n this.params.set(\"expiration\", new Date(this.expires).toLocaleDateString());\n this.url = new URL(this.request.url);\n return fetch(this.url, this.request);\n};\n\nexport { GuacamoleUserConnection };"],"mappings":";AACA,IAAM,SAAS,CAAC,QACd,WAAW,KAAK,KAAK,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;AAG7C,IAAM,SAAS,CAAC,QACd,OAAO,aAAa,GAAG,IAAI,WAAW,GAAG,CAAC;AAc5C,IAAM,OAAO,SAAU,WAAmB,SAAiB;AAEzD,QAAM,OAAO;AAAA,IACX;AAAA,IACA;AAAA,IAEA,IAAI,IAAI,KAAa;AACnB,WAAK,YAAY;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,IAAI,MAAkB;AACpB,aAAO,IAAI;AAAA,QACT,KAAK,UAAU,MAAM,cAAc,EAAG,IAAI,CAAC,MAAM,SAAS,GAAG,EAAE,CAAC;AAAA,MAClE;AAAA,IACF;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,WAAWA,UAAkC;AACjD,YAAM,MAAM,MAAM,OAAO,OAAO;AAAA,QAC9B;AAAA,QACA,KAAK;AAAA,QACL,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,QAChC;AAAA,QACA,CAAC,MAAM;AAAA,MACT;AAEA,YAAM,MAAM,MAAM,OAAO,OAAO;AAAA,QAC9B;AAAA,QACA;AAAA,QACA,IAAI,YAAY,EAAE,OAAOA,QAAO;AAAA,MAClC;AACA,aAAO,OAAO,GAAG;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAQA,MAAM,eAAe,KAAa,YAAqC;AACrE,YAAM,eAAe,OAAO,MAAM,UAAU;AAC5C,YAAM,MAAM,MAAM,OAAO,OAAO,UAAU,OAAO,KAAK,KAAK,WAAW,MAAM;AAAA,QAC1E;AAAA,QACA;AAAA,MACF,CAAC;AACD,YAAM,QAAQ,IAAI,YAAY,EAAE;AAChC,YAAM,SAAS,MAAM,OAAO,OAAO;AAAA,QACjC,EAAE,MAAM,WAAW,IAAI,MAAM;AAAA,QAC7B;AAAA,QACA;AAAA,MACF;AACA,YAAM,YAAY,OAAO,MAAM;AAC/B,aAAO,KAAK,SAAS;AAAA,IACvB;AAAA,IAEA,MAAM,cAA+B;AACnC,YAAM,YAAY,MAAM,KAAK,WAAW,KAAK,OAAO;AACpD,YAAM,qBAAqB,MAAM,KAAK,eAAe,WAAW,KAAK,OAAO;AAC5E,YAAM,4BAA4B,mBAAmB,kBAAkB;AACvE,aAAO;AAAA,IACT;AAAA,EACF;AACA,SAAO;AACT;AAEA,OAAO,OAAO,KAAK,SAAS;AAC5B,KAAK,UAAU,cAAc,KAAK;AAoBlC,IAAM,0BAA0B,SAAqB,MAA0B;AAC7E,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,UAAU;AAAA,IACV;AAAA,EACF,IAAI;AAEJ,OAAK,UAAU;AACf,OAAK,UAAU;AACf,OAAK;AACL,OAAK,MACH,OAAO,cAAc,WACjB,EAAE,sBAAsB,UAAU,IAClC;AACN,OAAK,WAAW,WACZ,WACA,IAAI,QAAQ,IAAI,oCAAoC,IACnD,IAAI,QAAQ,IAAI,oCAAoC,IACrD,KAAK,IAAI,aACT,KAAK,IAAI,aACT;AAEJ,OAAK,MAAM,IAAI,IAAI,IAAI,GAAG;AAE1B,OAAK,QAAQ,CAAC;AAEd,QAAM,cACJ,OAAO,UAAU,WAAY,KAAK,MAAM,KAAK,IAAwB;AAEvE,aAAW,QAAQ,OAAO,KAAK,WAAW,GAAG;AAC3C,SAAK,MAAM,IAAI,IAAI;AAAA,MACjB,UAAU,YAAY,IAAI,EAAE,UAAU;AAAA,MACtC,YAAY,YAAY,IAAI,EAAE,YAAY;AAAA,IAC5C;AAAA,EACF;AAEA,OAAK,aAAa;AAAA,IAChB,SAAS,KAAK;AAAA,IACd,UAAU,KAAK;AAAA,IACf,aAAa,KAAK;AAAA,EACpB;AAEA,OAAK,8BAA8B,CAAC;AAEpC,OAAK,OAAO,IAAK;AAAA,IACf,KAAK,IAAI;AAAA,IACT,KAAK,UAAU,KAAK,UAAU;AAAA,EAChC;AACA,OAAK,aAAa,IAAI,KAAK,KAAK,OAAO,EAAE,mBAAmB;AAC5D,OAAK,SAAS,IAAI,gBAAgB;AAClC,OAAK,UAAU,IAAI,QAAQ,OAAO;AAClC,MAAI,QAAQ,KAAK,QAAQ,OAAO,EAAE,QAAQ,CAAC,OAAO,QAAQ;AACxD,SAAK,QAAQ,OAAO,KAAK,KAAK;AAAA,EAChC,CAAC;AACH;AAEA,wBAAwB,YAAY,OAAO,OAAO,wBAAwB,SAAS;AACnF,wBAAwB,UAAU,cAAc;AAEhD,wBAAwB,UAAU,gBAAgB,iBAAkB;AAElE,OAAK,8BAA8B,MAAM,KAAK,KAAK,YAAY;AAC/D,MAAI,KAAK,QAAQ,IAAI,SAAS,aAAa,GAAG;AAC5C,WAAO,MAAM,KAAK,QAAQ,KAAK;AAAA,MAC7B,SAAS,KAAK;AAAA,MACd,QAAQ,KAAK,QAAQ;AAAA,MACrB,MAAM,IAAI,gBAAgB,QAAQ,MAAM,KAAK,2BAA2B,EAAE;AAAA,IAC5E,CAAC;AAAA,EACH;AACA,OAAK,OAAO,IAAI,SAAS,GAAG,MAAM,KAAK,2BAA2B,EAAE;AACpE,OAAK,OAAO,IAAI,cAAc,IAAI,KAAK,KAAK,OAAO,EAAE,mBAAmB,CAAC;AACzE,OAAK,MAAM,IAAI,IAAI,KAAK,QAAQ,GAAG;AACnC,SAAO,MAAM,KAAK,KAAK,KAAK,OAAO;AACrC;","names":["jsonMsg"]}

package/package.json ADDED Viewed

@@ -0,0 +1,18 @@
+{
+  "name": "guacamole-connection-fetch",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "build": "npx tsup src/index.ts --format esm --dts --sourcemap --clean",
+    "build:esbuild": "npx esbuild src/index.ts --bundle --platform=browser --format=esm --outfile=dist/index.js"
+  },
+  "keywords": [],
+  "author": "shagamemnon",
+  "license": "ISC",
+  "devDependencies": {
+    "esbuild": "^0.27.2",
+    "tsup": "^8.5.1",
+    "typescript": "^5.9.3"
+  }
+}

package/src/index.ts ADDED Viewed

@@ -0,0 +1,193 @@
+/* String to ArrayBuffer */
+const str2ab = (str: string): ArrayBufferView<ArrayBuffer> =>
+  Uint8Array.from(str, (x) => x.charCodeAt(0));
+/* ArrayBuffer to String */
+const ab2str = (buf: ArrayBuffer): string =>
+  String.fromCharCode(...new Uint8Array(buf));
+interface Env {
+  GUAC_JSON_SECRET_KEY: string;
+  LOCAL_USER?: string;
+}
+interface GuacConnection {
+  protocol: string;
+  parameters: Record<string, string>;
+}
+type GuacConnections = Record<string, GuacConnection>;
+const Auth = function (secretKey: string, jsonMsg: string) {
+  // if (typeof jsonMsg !== 'string') jsonMsg = JSON.stringify(jsonMsg);
+  const auth = {
+    secretKey,
+    jsonMsg,
+    set key(val: string) {
+      this.secretKey = val;
+    },
+    /**
+     * Converts a UTF-8 "hex" string to an array buffer suitable for here
+     * in SubtleCrypto
+     */
+    get key(): Uint8Array {
+      return new Uint8Array(
+        this.secretKey.match(/[\da-f]{2}/gi)!.map((h) => parseInt(h, 16))
+      );
+    },
+    /**
+     * @params jsonMsg - a standard Guacamole encrypted JSON object
+     * https://guacamole.apache.org/doc/gug/json-auth.html#json-format
+     */
+    async createHmac(jsonMsg: string): Promise<string> {
+      const key = await crypto.subtle.importKey(
+        "raw",
+        this.key,
+        { name: "HMAC", hash: "SHA-256" },
+        false,
+        ["sign"]
+      );
+      const mac = await crypto.subtle.sign(
+        "HMAC",
+        key,
+        new TextEncoder().encode(jsonMsg)
+      );
+      return ab2str(mac);
+    },
+    /**
+     * @params sig - the result of the HMAC signature
+     * @params authString - the plaintext JSON value
+     *
+     * Returns encrypts the concatenated result of sig + authString with AES-128-CBC
+     */
+    async encryptMessage(sig: string, authString: string): Promise<string> {
+      const prependedSig = str2ab(sig + authString);
+      const key = await crypto.subtle.importKey("raw", this.key, "AES-CBC", true, [
+        "encrypt",
+        "decrypt",
+      ]);
+      const ivBin = new ArrayBuffer(16);
+      const cipher = await crypto.subtle.encrypt(
+        { name: "AES-CBC", iv: ivBin },
+        key,
+        prependedSig
+      );
+      const cipherStr = ab2str(cipher);
+      return btoa(cipherStr);
+    },
+    async createToken(): Promise<string> {
+      const signature = await this.createHmac(this.jsonMsg);
+      const encryptedSignature = await this.encryptMessage(signature, this.jsonMsg);
+      const encryptedSignatureEncoded = encodeURIComponent(encryptedSignature);
+      return encryptedSignatureEncoded
+    },
+  };
+  return auth;
+};
+Object.create(Auth.prototype);
+Auth.prototype.constructor = Auth.prototype;
+/**
+ * @params request - the request object passed by CF workers
+ * @params env - the env object passed by CF workers
+ * @params conns - a 'connection' object or array of 'connection' objects conforming to
+ * Guacamole's JSON spec: https://guacamole.apache.org/doc/gug/json-auth.html#json-format
+ * @params expires - the number of days until token expires
+ *
+ * Returns a minified JSON string suitable for signing and encryption
+ */
+// Create a constructor function
+interface UserConnectionArgs {
+  req: Request;
+  secretKey: Env | string;
+  conns: string | GuacConnections;
+  username?: string;
+  expires?: number;
+  headers?: Headers;
+}
+const GuacamoleUserConnection = function (this: any, args: UserConnectionArgs) {
+  const {
+    req,
+    secretKey,
+    conns,
+    username,
+    expires = 1990964469612,
+    headers,
+  } = args;
+  this.request = req;
+  this.expires = expires;
+  this.headers
+  this.env =
+    typeof secretKey === "string"
+      ? { GUAC_JSON_SECRET_KEY: secretKey }
+      : secretKey;
+  this.username = username
+    ? username
+    : req.headers.has("cf-access-authenticated-user-email")
+    ? (req.headers.get("cf-access-authenticated-user-email") as string)
+    : this.env.LOCAL_USER
+    ? this.env.LOCAL_USER
+    : "user@example.com";
+  this.url = new URL(req.url);
+  this.conns = {};
+  const parsedConns: GuacConnections =
+    typeof conns === "string" ? (JSON.parse(conns) as GuacConnections) : conns;
+  for (const name of Object.keys(parsedConns)) {
+    this.conns[name] = {
+      protocol: parsedConns[name]["protocol"],
+      parameters: parsedConns[name]["parameters"],
+    };
+  }
+  this.authString = {
+    expires: this.expires,
+    username: this.username,
+    connections: this.conns,
+  };
+  this.authenticatedGuacConnection = {};
+  this.auth = new (Auth as any)(
+    this.env.GUAC_JSON_SECRET_KEY,
+    JSON.stringify(this.authString)
+  );
+  this.expiration = new Date(this.expires).toLocaleDateString();
+  this.params = new URLSearchParams();
+  this.headers = new Headers(headers)
+  new Headers(this.request.headers).forEach((value, key) => {
+    this.headers.append(key, value);
+  });
+} as any;
+GuacamoleUserConnection.prototype = Object.create(GuacamoleUserConnection.prototype);
+GuacamoleUserConnection.prototype.constructor = GuacamoleUserConnection;
+GuacamoleUserConnection.prototype.retrieveToken = async function () {
+  this.authenticatedGuacConnection = await this.auth.createToken();
+  if (this.request.url.includes("/api/tokens")) {
+    return fetch(this.request.url, {
+      headers: this.headers,
+      method: this.request.method,
+      body: new URLSearchParams(`data=${await this.authenticatedGuacConnection}`),
+    });
+  }
+  this.params.set("token", `${await this.authenticatedGuacConnection}`);
+  this.params.set("expiration", new Date(this.expires).toLocaleDateString());
+  this.url = new URL(this.request.url);
+  return fetch(this.url, this.request);
+};
+export { GuacamoleUserConnection };

package/tsconfig.json ADDED Viewed

@@ -0,0 +1,18 @@
+{
+  "compilerOptions": {
+    "target": "ES2020",
+    "module": "ESNext",
+    "moduleResolution": "bundler",
+    "strict": false,
+    "declaration": true,
+    "outDir": "dist",
+    "rootDir": "src",
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "resolveJsonModule": true,
+    "allowSyntheticDefaultImports": true
+  },
+  "include": [
+    "src"
+  ]
+}